From e93b6e99472e9eed3bcf1c12edb48452e097c84f Mon Sep 17 00:00:00 2001 From: qinweiwei Date: Thu, 26 Mar 2026 07:04:29 +0000 Subject: [PATCH] WAF user guide 20251023 version Reviewed-by: Rogal, Marcel Co-authored-by: qinweiwei Co-committed-by: qinweiwei --- docs/wafd/umn/en-us_image_0000002395335841.png | Bin 29804 -> 0 bytes docs/wafd/umn/en-us_image_0000002483843449.png | Bin 0 -> 39823 bytes docs/wafd/umn/waf_01_0024.html | 8 ++++---- docs/wafd/umn/waf_01_0045.html | 4 ++-- docs/wafd/umn/waf_01_0128.html | 2 +- docs/wafd/umn/waf_01_0169.html | 4 ++-- docs/wafd/umn/waf_01_0172.html | 4 ++-- docs/wafd/umn/waf_01_0199.html | 4 ++-- docs/wafd/umn/waf_01_0282.html | 2 +- docs/wafd/umn/waf_01_0287.html | 2 +- docs/wafd/umn/waf_01_0311.html | 2 +- docs/wafd/umn/waf_01_1172.html | 2 +- 12 files changed, 17 insertions(+), 17 deletions(-) delete mode 100644 docs/wafd/umn/en-us_image_0000002395335841.png create mode 100644 docs/wafd/umn/en-us_image_0000002483843449.png diff --git a/docs/wafd/umn/en-us_image_0000002395335841.png b/docs/wafd/umn/en-us_image_0000002395335841.png deleted file mode 100644 index b418f261171f1de77cca191c2d418d09b208b429..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 29804 zcmeFZ2~?A3yDkh4wWvs|Ra8{0R;e;M6v7zVT8oN+ihzhAwGa?O5)l)o473i^BBY3r zB17r`7^WzY1V~6wS|UWCjFE&eG(a>E5{4usA<6&7Z|`q?XAftcz5l(}S!b=i7HA-O zU*2cDulu^M>$!6#z}Ir^_O)haW|k*Ud~?psY-KX=z2(CXfZsg+<+CW@Kl8+MzF(Ww zbnSQt{IDwKEB~*|%$^h1Eni*@{A_XcL|CGk*@jlrw>cN}6u9EL`N?m-I-eXN(?hHF z@o~0G+dteWjz09$nuRq1Q(fOp#ZFz`72QJGozk>z{n*VfcdtxoUuSX2{P*=W-|pCb z?ZFXP&b`w?^{|)UPh5EPjo%)}a|DNiBL@oiM7Cq1JPr?ivhUtQhoC3l+=(}QZ2V#$ zrmm16RVAqnE}_FWaRU{>m2shb3W^WbEx#rk-jO%_{OI$)eRWKc z!dh0EnSEDh0kqhx_#*}Iug9lj=D_oRZF=MF&Ga>9W`A0kTbY^twrRyKGqW%4R(YA3 zr3ZZY?_BVE&B_rp9|F2`^~LJeNfH#i!#nkQMB2HjAo65v5_mXuy1GsV#m@cFy3Uz( zs50DjO7zsQB@g)FYVu-_ucSJ(Zuao(`Rw5Ap@KGoyjeY)YHMzmUU#fTcw^Vfh}DdP z?%6@6M|eY6#qxf8cq~gD+vE1PUv#CkRE`bg&jmfA%QJSRUfHszLe{`J(Q-xjgj2kV zHK&z%@Eklp2*NbU2V&B^Djn8_Fh!&*{OW`!pS{j>PCiv7L*HMg|b@i zuC#d7Mc(uU8aJUQ0cbeldcewvv`DZMdSMr$;n#x*vY7Zuwx7+_vNqNgeejR1wULMD zeK;yu80qdLK0FJ9K5F|l67%-YhwbWTr&qIB(QLXfU$xcIW6Qh5p@dT@T+flY{3ez6 z2f)4QlJumqbK|=~W6Ce~gXVi~lU&W}aiL4Ge5#EWqgU}`Ur{xao zlEpU53Bs-FaKx58idnBm-{C9VdJ>K-2#{WkNrSe@kIMpua<_h3DFUP%xle%&A?ai- zhC^yLnwdSzQteQ*feeSy$3{l(@-0(@HL{qqqvAp%473#V)#YJ%)7L%8MUm5Q)O1{U zt<`f9E^NzdLGLc{>GB%wP9k+gy*-qvr>M(LJHmA}_{ZKgVzsTA8NJ7SUGnA+w}=`T zdIxD5c42g6EGDc{dxZg-P1|T+)YPCLkP%__;2=Us!B=)uu9f}yY-Ve{s#boWU>7y0 zG#fP&4Hf*-uNsIWCeV8ZX)mhVz`>^Z?xyPsYspmI_Sy$p;QjcrL4N$jcf+VbavbyN zC@|G80qRm&(%BPnE90`@aWjJhvE-sd_u!aEid|qSwE<@_o`y-MOgcFX{`gIcZ*rN-mm3`BWB`N&iG?n z{oAX5Yz|$o9!~65Xs4;&B-R0RSiWm)AsVZydecAPb#3x|g77KdK(B;hfUxf6IooF-Kul9DQKM_(LDCJ7-2O_(CVcw!0lE zsY}K}(`2+EuJfpxt+pIB8q^Y6t73Vf+iFxh$hd90JhrCJbswVFb-G?@W;SD+wk{d* zc^KF7UBt@P{U2oeZ%FnYdYP_%`vj+3WlaI}@22c35HBGbN1jEul*ChPcCxVOhz z6T7`Z;k$rF)H<1&>AJNmA||50__Q)g)8E%j2kW13s>0C)0fnPl&3BeoBZ@f^JpT$2(4(eqK>Zc_xxbi1p-PspUWuDX^Zmj@22Q9t? zLcrI*v*SjGOmUsj12xi9Ob1+<{0cG5lkNIB-%Yy2KnO9Jbk2-hJSWskBl=>}uzQ3j^l}3)cbdjUGp5UHRMfT|lt9R-L5g~>lvNXnDHAi- zXo{PrYnZeBzD}D2BMT+!^-04C+?mJ%3rr{kJx~QXDXi)nG&g%jC~CG#Zv52WtR3#i z>x2(>X2C^w%W>6xBP@Pr0oi26(XpYLrMfI>3oZ`LLo`;Rm<+8RE*wbK(=a zX zwl}>4R=ggDGIs{mBVtk5#7M!&&8ev`7KkIb)Du@=`lc61)X#A6bPSk^t`lyj`V6p< z6@5;TS5{uE&UFnNne9F(P#zU!12aiRa0Zn7sq{jWP^PV>Qz;3> zvCBE=g`Remav%M> zt1=pYgK620Zk#nit~Z>)O^Q9BM>7A^sp;Ek1$0PSkQe)Mjb@R|#|U9@`UKtD4`TTv z$=u|^eLVZ9`d+q3g3%{HX=IvyE;){U9w!U*S zcC2m{st0qCr}|X3!2HP~j3x`_+Q#Oh`?&q|y+T_K$%P};%8~_#>$x$*HKMNMVHcl> z7|Sy7qp%X3YG^2zxg2}*0Qivwut2Jv$0nzaf*#8J5xVovpvo}(s3g#8Wh`{M9@G#7 zdg(&O9OyyD^k`|a)8*_E{1b<@rx4Jv5^Y>)FWb^Qwhviewih?>>roM%x2b?dZ`0Fs z?z@sAgzCL|euF@{C-Nz-k`32yhenjQkuXC@VW^g(JPJ|Dv@Sbib0@{@-Ws}3NaR*^ zUHr03{yhyvd@0U`=7p;lhr#q1EYS06`#yJLFBnl5fUrZ$borQfk5yE9aZ?;)jo3Nt zfX20x6p{L_U;Y;j+rHMU#Xx7LTNj{wJn}WepOn{wo}lZBj<90`ArW;*W>qoOMl5~Y z_WX+exJ+mxzrv^Bc2N7`be;H7%?pqYuKW2e1vw#9&OazWCN@<14{jq~_L_bA<(Wu| zdUtJv@@!H*|M5dKbO&EZl(g6qc|HCgLW_Chc>-D zIy9}-T>xK8(JT2@p_dZ=m`R$QSIgVZkzld8bTRSz3ShK9Onx>QkusS#B=3h{hG2D^ zGgJm#;Pc7yB&GQNU}I9#XeQpmLqP>l zog299rV_9=n|;Yy<<&F?paV;_C}~u&*cWJ(VP(530@%|`h+@MoFE{uxa)hDzMyr)^ zmYG4uE{$6G8kamiZ3+& zu`6XFCoEh$-xnx4y1WD(b|Z(+3_+Ls74!aUBtUMe|5))RIprYZRD-=mO1F=38H+@# zN7Ce1$8TA0AcD1TSm9cW_;j<~>syziQS>D`QHVUyOE} zqildT@k_?0cyLm0j&RrZ5-rzu8-6KKUH~Ar8s*Zcfe*yC*PL9E`k?vK8vo5db%ngL zcP9Z6zDYCORlR*U1hK{}K3lnl1+Q@r%YWs6e1!Ol+%cWp!1zJ`#esjiX8W&hn9XUS9-z6`{ zjJSl=RQo(~osc=$jWyg7ps7<=q|n!~hPf5K~J!(hAC%4b;- zE4f5J%M<=Kgmk99V~C=|29Z6w+{xI&#K-xiH3GW$)phAPX>%1Kx>(S?{a8o8TX#Ql z2os`7s+-Zr5)*VKD_ZtnAha+wQ&Wlf}x-|))T>`5I{1I9E{Qs)ifA*@~OYKS^Uq< zYgnNX+io*wx8L@%Z1)}6s5p0|xXHn<@LQXPvX>!_R9H$=60mD_V{I!)AK)2C-zc#7bp1IVZB*22b`mN}C z2#4k%tSMaHN)4^`lJ&A7<=QOF>&QyF4XXU>OHr2we1%T>deEc``&h;X$KkF5;I=G7 zzu!XR<)!h_wC<<|zxLXD=-SzXQn$}Oe*$dCJ-et+aoyl(D4Z;a4AVil59^h&p~7vp z<#U>Qnz=NW5@((ui<_rOh1OwrJdN8SR$fGVwFzUpN&T=eL463qS}b$e9-ig7kU2tz z3C+{}pQ+PH)MCzj$K_<9@b9S;W*7A&%{$WJp0V9Y>Dp(q%+KJnPlU?{VS z%x~J3HJ249__pm3`tkPIzU=CfZvgNwZmFQ<6cIA-}t>? z#$#-!$HxkTAuHe4((nK~{Nr1L*$zpqjo-&~UXwf8~efzz=AS>LA}Ykd1H z`qF4us81=K)@L&SOvQRX9i|xLDQ1Uf3aXomUuoaj2{2&{?+uw%0;hT3*9#zdM~7|C zatC31Nu%PnX1G3{AQh*`mTJi~>e&Suo|r`pjhz-E&g*OKievdsHr*r`fbu#3l;*5 zb8V@Ey1^O3$aD^CRCV9B_PII*+C60q@v2Rk7?sMr}y#V zn6fzpH%R}aMrOyW#g~8wTrXw{vUI#RLW~Q9S0O5BBhi6uOB*ZXHppwMLN!h)c&o#}Vh?POgn*EcgU9{Lzh8GY!ICTI;a#d-Pz#pzxr5D|Ujg7mgxmMI6L zj};sNW^7o9t)>ICJX!W!Fd1E&KhP-&K%QR^s36m{f0)GsHOOCr0F1Q>J>2WN`u7t) z1M2>{h_`Rxtzw_F@4$(@rwIGUQTpCPEVh8$enstBs&YJ1tgcm2vLXF*l}Z6jmhe=M zAVy~U4*J_7a8ZQ=F`oIDw3N<jHGGq%eKoO^8F<87i73dF zCgzgu&@t5jKHVo3SUUklzV-k&cva-YXXwpJP*AO{^tznOw;0Jd0b%|cW@nkJ) z2H4+8P77K9UeC75ZcMh)A{p^ClKI(0^}HwgC4`Jm?Rzmk#K2txGcLRo<#gi{!Hgt; zEPFQkVe<98FB~Ob;WC&-8 z$JM`Ct=MJb2-+6}asY}19n#}1E8k|MbHClB_~iImRm3WG2Xh6Ul&;tNSfCnbdh_toTcHCkmg~ASp=; zUElpaefd%DQ-~rItF}nnki}<`Y^fj{>(HNta=_s z(N`TNPQz!QnvT$DC206+YkXK6S>u8H`O#vSsrP5R$C~Fm4gocaLtdJwU7L&7Cj)pL zl3!{m0dfp)(6W|l)GFW{6}%N{R6@H;CbD+=;Fo_7zs^_iILo{`8>9ca6i*!884YL_D5=1=1t_8H>{ zl+A4h2e)-ZS(Cf3&lI_1P5DHf-6;}~2gFW}y|}TkB_^~4c`4=lOWU{=wOys82#;Zm z5V7zew}xZTGWum}e2Ke?y;DxM`2Cr=ie-vKs#WqoA0BI+rgFfQ#C`~nxwP`xDq2cs z^c&z)EhqmxdFEup$p*h)PU3!qO6@21nTb*)#dY`Sn@6M;7p8=&%_ZkXkw+0-uogJq zmRPzo&6A9K=1LKCP^2id&i^61*yf ztAO4=u=!;z)yhlJ63@mRBz=_o?0vFr;ThcP>p7|l{`9#hVoI3Kh>N`;2skC=x{bk% z0%B=dl(EisTa0e5x8EZ9=UQ*m0_3Ky905oqyNxf~@4ef(ign^lhx|_P+gJ0cO`*yI z1%{W_>_h7=h2<+Zh8z)n@JtY(%yI1jzu>tZDZc0W?kJBNR~*mO-fbhGY3_q^9Y$Mx*5R+C>d#vQ3)&indeNnoj%EK}98EFqqbVukC51YU>RSn)fH zlJxS=h2f@727-#x$;o{vs{hq`h5+PZcl1f zKy5}gCU3lZ@T1c1wWkJr^BmHa=eS7_K}*Pj*fsOi>iWA6!T5rvyEIj^-rEz{66p+} zE~>u}*uu+g3dH_3!9DUGSA2rXODDk)4ei*$c6oNzjq}x;HaE1@vVI&&_LSw;RxusM zfW)EyO^7JsR>KuW58Z}XDw+zIm@)v_{pieX>?!cQB>+Pcma0d!)#Je8c)%~Yzk2~? zlyQnzzcf8QA5805c6;;Wv!#j0cY{g49o>MUgnyFWHhyIXYcLqU)N1SGIMhAIfDIam z)2qFX56$iwGhdAKHb-Ru9Q}$2o2!D4HgCop92;m7f7Jg$O?`V`<3U+a-9I7WMj+`&3RMu%7?ixKr-RX}1`#lb5g`jcyC1L)Sg6%n5KqEkRM z^-4bW-Km#QoaPkV2K*=me9ERN#4@Hb->xM2`w+pqgF%r%h$}ewev9!3)_HqhMFm_k zeJAYev;GX3KvDnsSSb<`s5m8``8whr{mtFtI2bQ>uW%*=Zcu^L`&JX@D+-2-|1YD1uj;`j{8Tu#0+e{wA}d z{{j$2%YZWCpTvcY3OAj==X#0r;O7?W#p$H0q}>9Yt%na3cJL=hdy5#cCfEEB&qYINaADEv=foDF@+z!kJo9YxcTWA z+G+H@racgUO?9>x8?~qsqHNikPE;2=eR8T0Rf4;_;4M$-R@f2d?QE<89y$mB5&v{4 z;s>wBw3+AJXlTh`%!eONmEeNII;a8Fs+UO zu)va%d`rVZq1f)VrQ_+4vku~+fItH0~BNRF?Madr+k;`R!Tr&8s$&e72_Oi{)76SpsjLb1UAD1{8 zUn_i;rPjBJBl_a;Y2uCtd83BRj0~e;CE3<6tse0jo-4LB(QIFmS9!UP$csL_?z2Dz zyQiH?TBh+OG?WMC(X6pi>C+`xHZa&e)YWF`1^^V*+j<%M#!<%J^4s$31f&PkPbw(0}DK-84V@(7P3%iVlz>^$W=Q;E^c zZ0yoT#hWWewe51oI6*sRoxvYXj*Lh=C*Ab+qAwJOSkl=0crLf`ZGYvn1_FuA9?QH@ zU0;|+LH7BAin9l5x9R#5z%b~O8jeA z=$#OA*kk<(YDIha2rK!M2QwQWYp-A)&W9~B5ME>%3_Sl@<4rrh-bIr&6>cQ z&GxfPQwolLiWIZ2kB^lJTXV$JPQmgl6qlruJ;G(p>gyFEx3N+$^}KzZD@de!HKSIP^>dF-C&@RC zY#e-4G7>xnm-Ml50#L~sv-HH{rq(%g=GL^P$s15W>yF#@ux9Ml8;sL;#z3X|UtxKv z8$$!%0h`+?-R}WFZDkA#u%K7u;E&%JxRvZfEUoq(wDwxNwc-1ai`3Vgs7YK>i6N_S zU*NR#4x}9mPJL$qJZj;WrrDgb^lGO2vx&%GtK~k%+#&LrE0gO&46`s$7r4XS75{bU z#@US%8{Z1v)mM(bsC*_#0;Du6}#r;6qXbG_B zdjV-=VgxL1fCq|wVGd>w0!K3^5ml8X#nkxE04c~`W zO~+Gfi{qVf*#Kp7_dsOid*y~uI=qUt>C@e>tzAd*Jfpr7u3(oKMJ5y1frd+HX^#7;= zhWPxHtwnaQ5B^6}QRQ8K>JWZ_f#c7wjdQ7?z^a4EW3THRIh``ye7ZjCuDcZtau1li2o@APJ=Faj=8u=-)|wgA)L`$AO(6`ffQK zQ!?lly3g$3HtLKmwftY9KS*qBYH0AGUX|0)vhW2gd79>!9bP$p=$B%m@r!&vSj1oELnYhLJvR^f>2dK5u-h&2r{(K`UX?tA4^q&g|OzxJEWkB*QP*8x>l817c} zVh+1k(lCl)%TNc$vTlS51~9#WHYd1|_CsBO+RLv+*cgnw8Tx$Yb_}Zu`7%ggtd1CT z;>|bJ%=KoZN&$h=Vf>zZ3l)|Z&}>*raf~~s0x|&80L31hKm$SsDN_)Vqh)uiwXuxu zsqN6pHUXU90Dly$!>3L~o>(y@W)~h|o-xF7#8q>QMS2%qL_$8W4~P?;1c`g5CyQP+ek?=RKtTGbfyS@5K?BR~5|DI$kq1Z0+6g5J&|F>|7=h`v zivRf%nG00s=XDsy@R9YTOGk=MeD}ARwP|C#G->$Jis02n@5#coXEod~b83EYvY#&X z>%k8wl=M)gizwR}1~GRwr?rJEY27PEx`2(1nUk3YQE=nJMwrXrz3L1Ik87qA=dA9i z_FJ?`%N}=8RNsEKug{$-u*sQo7nVf2%dZ)Ng_tmZq95ITz*idiPpt`(C!_`3<-@6o zGR*^cY2vNHrPL!ZES@G27u00P8ZQXrsHg*;vNf*9Yq}%lR|$x z)qeff(`9k|%Akl%uWP%qKqGGOLf6gDYVkjw&zI1uscd*5Eo-qcH$8Nkp|78gYRV5b z%c`)R4*{Xi$=jCJ_*Fvaam?jko)$j3g1YxzPSfG`#_MH36B^%?L?V1L^Zi9v9H;;J z+5c%IXdsTP^C}am-KlQH6nZe)+QuuIr|$A?O@ly!RQ|&djCmD!P?Gjqt0^`mS4cFF zr`UEqg1LP4mDL?gSoInhwxl0>i>fNBNJL=+N)e)Z2M?oQ0fW8KH}dCcT6jIqH8d?E zizaDZx$$6oxAQ3BVqQ?R2?;4V5 zLa&tERFJ^-gGezA6jBVu44H#$f#ZDJWKrF8P>U3o0rUYXcq4y1dPavq1hSXA0L9h=NcuS%=p$Mb$IY9 z_@0vD+OEGOGw-gQZUgX-p#NlZkmljS%XQALCEua0IZYP*sDGu*MqgB>N?4J_%SGPB z>Ap#WA1elX*3=gT&4hOO4yq_~$i| zbsckWh&o%QdwHtM-#blSPrURI*LpCah57bTW&m?*nc=TYXE4ptoQlFLozxRIfc1M!(nNElG3 zr-GFhx8__Nc+;EK4F%XJ1n{UQH4x6Af8l*Ww6aIVGt_pZ)%K|!L=-zv z7Y$^0NaO;%yl$$^A~OdEj0u>s}&bnCE? z$abxabAzG{$$F^m!0s#*%@AaXSjQ}1#0ceLUbGG`AlbH(@1r1S)SVM(=zD}_K)XfeDwFDr!M0-YbH3h(6vrt5 z|MN6X68Jj(g#OsEv1M|_1?#p;i_(m>g%KJVGPdzV&stVHCDO- zWK9xU7DvUQkNs*8ybB2*jo7;vjkb(ueC$G|%LsQJ1sj-2H8n||xbAsFd4F1j1Ogw@ z90Hf08sIk#M0?rFQrtGU!Mxb7?XdfH3^Z)1=2U?t`u?T8$^%T1aXb7x6D>0~*8j`i z-3s0PxH+Z$I#6oV^Nl~}UHT&N?CU>r^b$KCO}hdhtBn1f0cAmqir_9vJw-uY*vlWs zu)U$*K`@EUm4$3fQ*&dLO>e>|qENMc8^8&_mY{pGVA^Veb+CXwBLX^G_D$ChnBvoX z-RK}gasmP>e|d_MSm_Ol{HKSebi0<9d{;_b%me!g`U%T)-j)IGBSbwnnxTVk*-3mO zGm!0N7Z{>{T#DB&^KMb|z|y}SWQvydK8PKSVD)jAzV9;JQ_Dqiyt-;;am}x$_2=mg z656~39`n@EBcBzy|I|*b&U1Wop+zI(&uv>GRR6t(NPAPr%}>;pd@|?X@s&w4Dwbhll70PO^z2>HqS8 zy=*GMJQwS=m5hjo0YVG`Qa5l}5=-K@J@E{RS%_9lRjrfPY$b1sVU z3|sKPesm);x@oW){+(1{-0jE26e2hSYo?Q2sY#wG-M#dY1(;y$V_B-K`;AJ1%8waZ zTHZ;{MQ@OxS;eqkg7&nn%=%%JesR+fzT=S=Ccq8z45YcaH`4~PpK|0d?w>bec^R=P zmuPpMk{MTT-4^2X2)!xy9Y%k@=~=C2dF(Pr@UC%aOCYy?Md;Pf@95+g zRsY_8P0`~=ERt7@>@WO(AePMTc>zSlH`JoSD&axN{e^5G@HEH%eWNCf{jerLC;si3 zwL57SR`Ei!W5&5AsjANum3K~006`gm1a;ZzNi%Pr58c{>JJ1o~hm5)w@B%-PT3%IG zmD-#*a$wp4-&Nwojry-ky@5aa|0i?*pUeN#q{shs-T!pm|17=#!&Q)*dl4utnZD?> zyZ;IG$8~W5dB@HT!+5!ZW9-`5O3>JYx;u<>uPOR9xTlO=x3xwJ~9EO3hK~QyhU(hcA$|=*KkV4Fnwt>~cvnfa-z= zcwiTo6utIbNunJjb^SoGP3aqNejoOB=o=s} zp>%tsWV!Z7HNBMAveO23W#*q*W9G02$juB)H38Y64P<+h)B1!y>a4JBes6WYd=Z$O zR_R6aYtUtKOG;?)V;5hJ`skJ*b;Q&unq_jBbD+L<#<;9!T7SSwIMEK*oj=&8tgjIC zdu+aYt&YHRWH?~|;;VXUa(_Fcq;)z3LJv@&s?QFKDN3#^u5f^#JQJ4B4}KY+FE^)fYK~RR1S8#9fgYT^q1GPoyWmEL8I7(SeY<#NOd?L79=Yhq(=5S!PSSk zw6AtpzCz*K2=852pAcAxzIwIM#Rz1&Inzs+k=>?*GRt&f**fBUdcbv=AJa^+nQIy+Hc<$wp_rKI&<{`OP0p1e zIH2#_xFP80uGJOv3@{QHi=$~R_9xiM;L^+!6QY(9a z;@kK^XgpVGbAgAG3@m&*_ZXeod0K<{V+$d)%)Q_+l| z$@1AclE%d?G=dzpKTW})jY&(;z*U?BGOj~qe{MtSDbQws>9oUC0uJS@<@3M2x^DBK zbU({-Rdv5z)oD>xxzi7|r*4%s^>n*FqPvGgUeR6Q4rVh~aFe~n`mL3dVp$AZ6zw^3 zWQ4f=SUuMRjbLKJm;qU(qEP|9Qb5z$1}O^wH(FKpF&)0F#`5z&I^Gt`pkCvx7hUq@Qn`T(L z4d%t^L!_0EHj<$NqTNdLls$$x%jWMtZ95xhj4KZDWD91K^;d+)+d}lP)95NVHWmuV zE3feHU}k7C%HaT-pOIo~OTsW|wqYf6rT&hUvZ&JozMgDYpG*ECRGyf&eh;tLi9-$( z)@T>a&ElPaRwcC(mS-K}^&PgO>U_JD9J?g>QZKYifHfGnQ?zowGlgqm%IBS~uS&_R zDYf$8M|4~HGM^zj8qV%Zw{C2#A+8+sPkVwx4h9h<#YrWYpplC7Gr03Voqz_D2=dK` zq~H2X2Qw))%Xg1{wRc*gEJ>SnM>KB-oQGH!6~-&2lW}SA*HcUsf`ZA+J_%>phLsDl ziD*FxA#?D6jDEEF)uY1!1N_4jJ+DEaPF#*CM+oZ0Jh*abkiqpVr5{GGj~f+=&t5)K zfdbAF00f)kb)(qpON~6Aqq>GEPt#6M_WXDPjO*UpYESvQOOsrPO5&cAN;06?Hu8p->BCzqzw#uL`{Tmjd6v?3-X^4@vX6enQ zdakKzHVhP%TKfWhymx@H$;rxrP@wouG1WDzEG2_HPSRDt4uDfDdNYjrtBcw4^;92a zZ`BUHSiasFqLyd;qlxGlP}PULSEOM9l~G~0qw3XO;%mV*&X*7j8qKhDwpl$g4v@P$Or_A2&O@g29!ykb49{eh zs2c~|wl>IS)0D>{ceMFvHBUR?yKO!l~&&HP+5yrwbQ?b^hvcrdkqT)~vlh0zN+N~h+< zUd9Yh$%p!wY)0jI6pZ^865v`37ewoeI~p)`5wZMkw}o9WtS$^MakAwNQ&=cZO)+cu zjmec&*E{knDz3#-IPaOHxez`53Sng#s23C0`z$xAU!N)q;-@alcWk{ajxiLoW_;7C z5=%^0C!0-Pt}Z}Bt}{DOrm%>kIam3HBX zx9!&l___48z828~Y-ySHbMcux{@U2hBS%VZHr68~iGAdR!A}4FrkHa&@U9>PNazN5 zm#UrsZX2h-m37X+BqiJ!#|)C4($=Vea}&sDA?_4J2$udzhCa5|mWPQ8cPUoUkW)guP(=w8_97Dt zc4Q{Bz^4WJcoI!m9od_W8b%47&@LjjwM<(;O($vB{uIP*mL>H(_YR+r`Dot10GO?S z@95f%2Zb5|b+~@8GcK(au!l5M_e;KY<2nPS^d^DL=xM%XVm%KYhDaQ)f#f5yX*lP& zQB`q5#Py!z5@}JZ*Jpn{g=|p?5BmBlmPY7@0 z*Yi1#`a{i55fFb;&YWAQmL8p+Xup(2m2Sif@D=_~*e}mUHI>8#7YL%WP{Z^#AMgh$ z)nma6G?wL+p^#g(SNMK~QqDjPrwTU}B)u?LTaOs!C0=Hj%a`WFtqiuZS~GlYi0n0a zrS%&Tiw6;dL2~i30EV=IxNS0Y*D@7sxfix;i<`&sw@E=0A zcwXN#rq>Uw7)f^6mUQZLa}3~gs+B&@jukwqACJn3w?`~|+~M^{_i`lB+jZJ*8c>Po z@26f2;Wk7ywT)ctui1%mNVBc0T5*wPL$rTC%?!2Tembw#gZ})A(JWmlOlz@kY-dYK zE;qb=1gLV?Az6ugpMCy&7Ag4EPiw!k*kZBSW#<5WMZ_%%AY}cL2An-nMqPVo^Tf54 z{12K~Q?bFq7@MaDR~4VkLLFTGqyO*~MlRnY0`VolP{$wGhQeo*S;DF@dcmyQAzxZ$ zI)B&nc3$H(C-9>Jo4&cuSdkYIl`Je29ASTqlvI+BxIl#^f~hyPFvMu4wnF2;(=`aw zNj~3~a1uj93_neU8u}EkZ-HJ*w(yqPA}Mn)7R~DU%&$-UvyTg-S)-XxWR5`jKHLYf zX)%tSPvl+za+g1n*$#1_k@DjUL!7(SmdP&O^eY@8I)7*RYX)$r0FEkN51iUEZJErE z@LUg^6HyzLdMll8nk!LF$lV)1+xYoL2f@3G`D1`g9<$K{2}Jhsb!##kX<)WGm4BE1^}?`)3M3SbC`vF_9hSY zDQN9I+^MaVHj;DZdwJ8hldwVI=g8%s4fv+@mGIZ@$$7Vy;GUiGS6@vi0StC`Y1;T)dI|_fsZp5ggsT_R4_M zzH_0HH_1C_qm5+&t66bm)9&Q&E9iGMPp^Y}n>%w*Nj%3^Ky%f4hxx8Wbwrp)Q0K1mZlq=ny8JDZ+>-;t1iZ`NW-y`SJ~0b~0ho{i@Tw zHOOb-L)_u504frdBa^ux+CF9DR{65j z9hcP+5nC_T6LPbgUA+u-Yo?CcRWHVDGz>ahwob6g+n)*Ouo1II({ZVhyjV|7!Pw#YdX0mrH&dsJ-tx zJn=32$CI6Wu2m&|hsPsn1!4tn&rq~3r|0QhFgc~VrLV(dGrlXNB~uWfD&6U;Jpr-l zt$;)TVX<&-?h4-)l~kbzj66Aj{@5piU4i`~5kz>4Wwe2q!oMa9nq%_p_?ts1su&A zXS1<@JKWuLUeZi|idC|>94@x=e^#-IvApJ=om?HK0TJ28df@WNtr6glhj$r0*W4!I z7rLWOKCcd}ti83hM`-N3)8tc(bLh+U1U92LNr8&*oB^A-X8yhxg-1T~iu^U;e6GE_ zFp(FU(JE)cfmyy__sM+uNArk+j8OvLB=cl_Y-W}QoJ{baKi2HOSM>NFIBBgXj}Il_ zlK;A6cN-{HGF$cPQ6KvP{CvAz24IJZ9Emd~i(k!+D>g%SmS}Dft$ef^b!W#>y4mqkE2D1w?at9{5d>*zn7ft>ylR>qwIUj4ei#SlOd%thDqT*VDu{`e{5~h< z#!LdHvtg11P(dP1IUyG?k|>(xI24%iW-rm}2t19g|F<&@CN1{;RRANw@irhO^#C!Dw&zXaD1CG0i*BqRmFr_9XIH6qz$w$}uud|brVtxBE zl7@4f2QrrRa?{BMN3s(qEC|c1_Mg6bpM+UvOH%4efkl zuWY@FRgSjvF8qJ(op)4|*}nG^>%geYK~XVi#)3!@6owAL#&84yB^2q55D`KsB25y& ziiIN5q()E)JrW>D4ay7%QBbNRNWf5}gq{Ei3GaRw=bSn3`<`{zJ@>48|G8`N4-4`< zJNwzs-uw64-|y#FT*n``m1YIUF3QbUm$yU{THEHOW?Fw+{)_fDE4u*v&W(k&o5+E} z`H*xQZ6NdUcNM~?Q?X`AvR4mM?!(Djb%2RqyCkh=Qfp;WJ)uag^XTJ&s@ITEoLU6ly3E>cKkud=IJ^RuCsB2u&GXL?S3psF1VUi7YGvl)Ot~3>Rzwe&i?ACx z<6RfB+q=pGrFK;FJ6t^-ufN~qO8y$+qO;@qIU54w&^4=>sxJ=|&C1DDc_>P>iAwD? zYvTD*&-#aDG$^Db$Y}YxSbGYotbFXEzioB9GJQ#6ug*0FzjDyCp}%wXUX+^VJkGh? z%NQ{;{;6D$3D%`%%7UY-XA?0{JyV8Mx}O#CMCIM5JbXzbYvn!b-DnaPbhe!)&>6p1 z1-4UsmT|~9(n(W#%7OyI^=FZh?xJ3~5r6ljlFndN>a1yCwL!qMjQOLQ^C8hn1q7VW z$oxK=M|pLspZixT7(C83Hy~@>DAiA?X?(n_al$ ze0v-l9<6d(jZ*(kKk)tma=Aa)aAQN95|9GlxmA|uYeAP(Rk-aI@-4b((~>l1h?@4x z<~t&;GO7ZVI21#6@p+A@3S2UV?V2EBaGN^NP0zZEgr3Z!k3kgTR;^A%wFfzM7$N!@ zT#KHm`4noU{c@@Rj~+3@WE56E;Ekx0(V7joG|caj$8co$w0``cvMk*gK%feCv-CzA ztGr*i));Uo-PwpG>v11|zD&wQ>zDXg13Ql3Ca_f zYwfzd4|?jc0aeIMm!=$Ad82Ln2dmEa*r5P?yq#uA*X0z)%{8ax*7dWTj}8nIa$^Nn z9_!nK!&RMCKNlwpTdqIksc<@iPW5LC+xWPdx6xtUbo`wxjqeinxQ{cAzc@$O;@8rP zGNAbMt{S=)5S}n-7pbf<*9tgU|FX2R$ke(TBcwKRtfkG9qGOGWlMKPZ&hNdE*mvf$ zf7>yKYaf9baigYnrPyD8c)RtqF(Rgsu26plafu;!<^oR9!7`$`>fxK->}HE7rqt-8(2a1Fi9-V~+B$oxLL7Pfq85ud z{*Jr`qo4ev{LyKMezj)g@itbaqGI@&dBs(a;E^|o5q~s9bH(NSavSE}5rGzjyJiFvYaf}CeTZpsT6fc^84dXv~tT1Sdsjb;WFkT_kfi)nLhc?-mpTQ)um}dMv4lZlUn}4B|-R;DLED zD>R(Up{Y-W>p82^;v+QGX? zATib)C^rLp*JwjRd3zYXgBZw(FP`OD(7p!EP%<>`DVHYCA9VgeITu~Yqm?z4#F&@w zrK!+)y0T42CZd?8T-|_l6KJeIO{yBNP=~(hfev|a$~6pnY-QU%So&Td99||=+j~pj zHBpu}>-$Vx+o0M+kKWz?`gz!^iW>(`W@lb{QFc=PM%JlwNv6WqUdsp%0nv{9#+*@h z{pr%Fa za^GX#No`jiKF0;`K@sq>p8YI`@|$x_0hy(=;0MWwyBp%G#G3KzPP{plDG9dl;>Y3; z<>Fh_osp{r{5%*spo_Y7Pw&q+O>nv#1|l_g77#RKV$}frugs8Z1)>u`jy=b5t`?cq z8TymqKAyGb+y(M%+|T^n*(iZMX=VS!ir=`^@UtLY;py&)1we}0+9vu!0&56w(qQ%T z;BXt6cL$l4y>-LKO^*VYW%KJ{E-FCI-hCu1YwMXw3G{xA=`O9#43*0J&ci`DJo^q8Q)NlKYb$n%lt}4HNN_C-BC5? z+{dg+dXs8s=+z)pbX#mXLa@97@R`ws#SId?12q3cmF~CkPw<9esK(SWE86+tbX^g{ zcS#u3D!LaUx_wHt<5bepC=hntg&eTKv%l?<0<;Fl1c%ex=U{7pq_3jPKfi>S z&IQSTeBj@OYxooBp(#Wx7|P50_F|H^{%+h)#THA0ou#Ue`cZnv6lCL19nKd9+ZTAp z3UR>r1c_B=#>~U7FMVo4X($o}eWQ2XGea&@IK4_h2OV@5(iL2lvE`+-;V)}+lf#7* z4au~X;fliW9M%4|b0qJ4PIh~Yt7k}JlnPtMT=4-#dd>0y>#ddIj?drnHkA$=v1M1d*wn(-7e|PH8l_mkJR0a<+oy~ z0qkha%mwlN1IC| zr`wSl<6Z4s-(9;?t5cjp9xgXC4s}2qggNgp)DBwfn*R0uisUT~jzL=+z#&ru&}94p zh%j{p_9o&$k>pIH&@H68^^?{>Il<6L@$Ins>*F{Q70t1*;b<)eO3o?H^V6e)g1H;j*n1gg|4VsCp-MuC=9{LwN1!TV?4tlWA_^ZIYY4S@eXS_kz9}rsS zo?AulR|Y$xmzvw|r`rS3hm>)SaguECp@>dALeDd#H7l>qy7y;$$=l=d)(9TM1^Do0 zml%Ov?)L31Ug8KGsbjwT7mth4gZ~1V^evC&5q%|osd;M zR3dn|%O-L#GxY8tkjy86LHI`Nkm*LUlD+Ie^yx1Yk_VdEyZ{~J3<45hI@f;i7&Cuh z7dt|;-irNhi~qw$<5K;@4bOQV zeOd#u4#0sPy zu{>tCwfU;7_SN->)CQX0H>|`_>Ww*saaqP`p-jeZ?-~>Jf`-+wQxf z;VQsS{HC1UOwA|H1}aP%@>{f+0op;}C6QE>{J`){923W}pT-@tpv7C?kcH=LRrE+6 zrjKLottj{v*&`e+3+LAg+%BV$j>E#3p1iOe#tXOWAE!UOAWkxGNuYu~s{vd!?szA) zal+k}e}$9`K?*#3_5~SUXvM9eV=^O>&RGsaB( zvtg|P!;OVy_Pp75Zz*{Z$;-3TQyBXYiVdLx`MU7<^RSvIe=G^E^5Tsl;n$K=CP}is zQMY~uiMQ&)BIM$6D+6UQ9We(qj_G10w0eu}fi6_YoEm+FW18ctKYN#Ztnc4NTlx(> zVfhqX%~)%9C5D+VP$jNf-?t{I@N0|0ZMvmr7^Fz~%zpWn<)aW6LGQKeGk^!lJ`$<|{R)&q zserTbfU*cZJII{>um2IU^*3xc*E=5aH^)DJ;Fd%yIUnYw1H=r_DrWl@tVoLB_PQ!8 z5wF7iUv&2W`_gp?&ZiRB1~5>x`hGVTw#<6C_$S>Si{If#nzFFaQ9JPu65z8VIU8K2!Kw==3nd@>5@3@VSoz<( zJWVp9766sj=t=(QbuWVeaY?A90#^z5AEnTh5z3WAk2_k_dmPjtUQEBIT@ndOx{a#4 zQ?G>Tf@sTn@AR`+ln!*@U0OozP#XQ?R(?+FoelyJ9Qi zj(1VY3T7R_L3L>rZG}$LQ|}k|gAhxAKa^3m$CI5=>{rg=2 zPKF|`b{s&0pq0feh2d0Y{$7;;yurO#L?&h@i<1;;2d~`pZ;yue+xD8< zk2RKl)%v6aN$jdF_HdjcGlPTWXH#dEwDK^gQY9S43jkYmY-#*d@h2XN1Mrs!XpDW*gsZ4JXDLg% zjX!(5Jkp%!f`%XAFaqq$Yx!R>iFuqJipG({_pAsTDY+$`ltP1j&bq`B+1p(@91YJX zdFV8PVa5;-hE3ju#&Rn#KwC@AD7-2O@-~L?TFZAlMXu}DJ~U87{QnMd$oBU4f82+7 z|Hm+aW}bi7d-T6I`A>}7=G*hDgaVPB zQ!z*bR9euVCO9>*AZWgigru8m#{dD)X#93->mZ;HK@U!e1k*_9tiiVSPxEBgp?9)< zdx4^9=Tz7V8`+i&O}pQ2r&WrNYk^2+5=}9C5m1GKjyH~fOv`J_5mZTrxZZ^XiEw($ zcSN8d+v1APwK_57RY4($izaIh^>tNvtb4f(mA3fj#cTfi!o7c}r_=fsctLm9iMV75 zP)x!oQnC2eC2L4T{oX7S@E!bs0BnsVvU82<4@DD@`lWpi3YxUSR+jKU^bN61o+Q)< z0-Sv7x;~ZFITZStKQ`ZIYknjWRkx$BNq4ELcFj)Qaj{~ziBe(5M-AIM_S!-JWvg0H~?BhP4 zhH!g!pb-wb)9`6X@uf^#nd_YnJ$e;X@Y%M;sGy^GY4~$~AD6b{*GLpMzgK>esK#+W zOVn15L-m7Tu$5Pvfl8wYH&APe$000H(R?|XfO7(;W9eAHW0HM&XyLir^*GZl!BSJI zJc{v?XhZn4!!j2P4%>^N<9VbJb-D0SWt#iq5<6A`DvsgavBtU{JEk}H_F!p1*l19g zyHjas?-ayILL-IH2_)k<*l3V+0lw{Ij`7A+3%I;_9YqPQg4}!V#Gc5ULL{KpU~DxB zht6R#$_g+Xs$_b5&^YslUhi-jc`@VO-t=XldvmkJh4 zd(s;x21ZAgjtzgt)8=*^=D2?JyHY!+XpJ##w`@dFOM}CotbtOAScf=%e@NL|| z(yB#pP&S{M5xOR{51W11070|AzXmFiB;UQYS)vuF(AI!);L(f$s-mg(Oi20?~Kl zXuvdV+X^Kw@y*9%0D{t*NQdmDdO0 z2TvZ9G?P4$y;YUHT$cA^&!(gj@w1>}N=j^@O_py>M!WaHMke5Od2NZ~bZ;-!m@MC~ z1k!SoAH75MVgjSs!uNAmM%#Ysp0lTM?Mq+sKna#BPV+eiBDTRk(brhf*D~K-5MA=} zMCYrZ1LooY%BLr!HyN0q)}@k?#;OUaPoU~7D;}W0S8zuND3LOgXEEp^wPZl8J%sKDN-OB5h1w z%vTJ%d~qm$?u^O=9zY&5dJ2^V-2TP7pe3kKMKAu8ePdFr>*dK1;fF}nH3nk!>i!q*5Vgq3zJ2d(pAO3V^CA9ZDEd6%H@L=5@n>jPd4Y zD;r03tPNBf22`eb$pLpY$=z+BT~HtQwB5`IlrG@e8kj$AKa4ww!=gCtVG1*Dws#6W zZRq*2_!Ro9Ix4Fe4Mg!r#%RJ*iB|;DDs2}Fh-GxV+p^g@C(|BE8NH+h%REfqDct4+ zydlm{?oi9l4%i=p&jv=m$d{2=dtflF|cC$6My31L@kUF4aTRJjExxiDeQ*P#@Scs`x=Tyeb z!^KW8Ss4$-P35_V{1n{E2vLGqkY2X!8r==#j24Zo>`Fj}Q>M2YHCh8lF{!M{M`>`J zfhA{btSIyc#X&MOc(?2Dx7Ey-+ecU{Y2l>>tVlZY=eFIn*=V14ShM7pLIiCV(LffB zlUsA_fjW)P9*4nv+d*C|T~{oHEqA}b_(!me8fbs-OE(t14FQ>2O~A_|iWW$vkCtCc zgv}fsR9>sylo8RBrPo|Qx+WiTy<*q$t09P7*$YlEcBKs=lpx9QVB6|S+oDXdzM%Dry=^F4TIGrMl{tuigg%SC}%O5&fX*-LZ3<#KUJG#C8ki#e)U=;Hvm5|nsf6!8Dn*`WlGEY`g>gP08e{W{-)>&WI##{B0lQ%0R@CXL!_k8#N?hSF-m;L`mnHqndGHgR{? zKIu#YtBN{Ge(4^|I$_ozSeUh}`e!5CT6d+NmTu4$`CeR1+NcMW#sWQL`GcKNh-kvd zY(caz(}51C*k0vK0UNDw%@lFW95D{_uZS%x_33zK9@Ei>)3j?_23fJ zq;KClR7DJHboW`Za)HnK{^pq=jRwb-{8qE`wm*zy3L6IZ?!sSL;^p-Q{batRuqD%B z@ifviQ$)z^zUL!>)G2RGBV!0T?w8Q4>Q^vNr2 z7&*Al&Pg+~AmLx$TV)Qsztxu)`%BJGAa-rc*g4a9viRM&5utnnlu$|h)`^VJvo6f$ z>4A(R$tcwtRAnoFtp}tH?kI|3<<>JM?>latI)k0u8^b-Vw{ zu=_WS-v8?|Q}@GXM9s%K?L)rM2&?$mw#gft_w9BH{)M-z$M!-@5A+HW*Yh9-qE65X znJAsPB$!UyVpyAi6s`#FvRNV5>zdrx5>*$Qx65P7AD;(r<=Tt-AC|ZLr&Ck9IFxVu i{ih`-*7VNb#Z2|6K0YXi8S&nbV8(s49I_dSr9&O8veMPLgm(3 z7OLy-?!C}IzQAUG!g}_q3>lK)`iZlr=}GyENg}@WrqJ&&3|ER+PHr`M`X}hE!sUwzszre(+iCmX*e<`!^yVp^J)Gqva)ZhLSWnySlr( z+uI{sr;=P`D=rksmK8Ub6qS@rIhUD3bmco6p^J%)Q)>(i4B#2EJJI!K3Q1%dBIZPa z1HH+pATQ9i3=r143e(C6_2gVCh{W~E2Z!?syhRRfTV!d&QGR4k|0&o{;KFDxvm*R36sh;5w7!gSE=QVquRSWd`3EppqrHlo3& zG&SMucOoG4`~JA7@2^A`J)IxsY|;6CYrhn#9*91P&a8GBoo-KkizMYWD7~&aFwoy` z=I)Bwd)zDeC4#8MmzOf{BQXIttsnaLm}SM)Cl@(3qbZ-;Uu_OawwmT;q6!u7!9D)& zYSfXyuA!i9-)ZjFB$5&5=<14|9?+7=?}+9=oQUVbpQtzE+k4^MMXf6S_JmFVd^O__7W&x-eWU%T(#)aerTVU>e*riLBbpyQh696YI~{7z3gIw#1J;W?Qn z=VM{_f0l4Q1*L=7`^2AFnEJ(f&iWw+$t))@Jw2OVvDxleRa>W^+R-6=-R9{46RIJa zLr}BtJ4w=Jt%9=iUgH8s))&oRuA>*#HxO>ilu$j4fSnY(k-&BD^ENSEZFvg{!t-x> z<%o{ja1rPa9jJ67@iZ+x8NxEkO+3G&j!s`X^^@kU4D{upe6N;pW4#`e^3-N{mzS!& zY|p8pvwa*TrnBk6y0%}e)%Dv883m+@TvSXE*hC%cB^vC7L$7|qdc5(M0=?^Q`vaF? zE)pB3_MFdDkRpD@EHcr&6PPFLb0OvvL!U_=L)IS{oeeKGJo~ESW_|~M#y^jHcor!D z^=90#!L_r{@vi&lskv@a&&hdfy%V{ijV|3Icl=g!X>C&A_q!eJk*=GP_2XG7I$7THM{z^i z^x%mL5gRc~MTP?BtQ#-}nOW@`GJJ9C<0>!#jG2WLnIWbfhRXPW;)E-_ny<7F+nFEc zr=svprV;eRQD@W{{8@Fao9usZ^Ny$}r_`Up>axykTvpL(WwfX-%u;-4l9d>xsJN&u zL0;sIa}h6qS#e4uHOc<@9mz>f+UroL!!P)M1h)VD#DD687?=K6{3D;{3O)Tmg~w7| z7<~_qJ-x8QAo!!VR|iQdJ9QW#tUiJ*F>p&@=t^K;Umt#F)5Fcpez0`qYv74K!~*yU z2F=gT;&w6f^LD1*4|5K^vQ{@h=jv2n>e2*xQ&Usr*58o1o;;>2S3abqlw59VZKXVS z4ryGo_mkE*F)l7YgBa@q%}*)(YRJE_IhI#8)xWskkISsMQ*9TvNj|?DqbTLFkC?Bj z8G>iaHIlwxfoi|#;alD;>G?S8q!mt4mg4&(Y5S*%wcuF~YrI02OSnTQ?=b(KPu6bx zaFvh8(r^{MkX@x)K<7>#FF0Et( zCrl9OIb_vEvGlBlxsKo=iS9BKv~Ea;-XXQuE{f2 z$GOx^URQ@_6j~8mJ!rIPYY{iLw(RE!Y&Gns@xdPo-KUD8P!T*loi@qcxJ{`tovpHB z-k9bVFj_67CZ^735|{uU`#p_ROI{akNYU9rveF(tql;3Q;}s?2PTx>eO><^=57kFY z@%s8b`;g~n8)*gPe4hVF_Gw=%87p*eJ|Tov>$>muW{Fe)NAyi<6tqBR$6$aqnw3B2 zgeK{XYU#-4(nyLD+XRURPpl7aCWDemQd~+(>du{f>&|rGQ;LH8{QUK1>c&Ai3F=2` zDhF!fD0@&-w7&)8O1~pgx~3lzD3dafp0a(@)7m}q+>IG!?J|Kh1@&w6<@;Z?8|Qbs zX|HP9zSF!h)K;hmm%=~Vicarr9n4d{nT|ES70jP~+Qp(RxYIX-k_*Cca(aJ%V=$Vks;xdtRZ}8TqN2DTOnb{aBl~;P z)0xTMOI4fR-rniy>Fa02j`k!ft}h12_qU%izkhI(UU(s@!^PehdB*0_mu=NemtR$s z@%RY|bAhIrXlR1${F-a)n~nF_W}{or8hBn5Pr$W)Hi=sePTm7TC^Pi4V?qcR~7t3vw!jsr~Eci-YU5>f1vCsDed1H6qMio z!Tl$?fo=I64i#bU`HQ%16TfR& zBmEovKjRt4-}qiMptLc2k7QGQDfq5_3VEWziYlMnIZDV*i|iw6cRFYBw~MivG0M0j zxK@n2Y@_`rtME(|hB;&XX?bFSMC8=ZRgq_`9rFlzm7VReJZ|^8hvifKH1tEbX_JbM zM2so*2Tb0mtlXazT14AcPFB7Z3@uyM#;=4@){9krJ~w{4a-tmzP51)0ZMC;I*#jGr z@ZLTz;~T|VwCY!T*8ZxCVp!61@{uz$GqgsY-`0W@{lBW6l{$ZjL#bHQM4_h*yG*87 zrushii5@GDr+5B65kskK4}UuoA=8s0KNA5jGYDsTZN%!BeeVG3TXB<^n7`R}=+h}% z)8B;MR6mpP(?f9D#OA|l*ewtsJ9~O)cTvo{cN6^oSNb_uJ*;w_eCoX^c7m>8I%=#`QlV_(x>Q> z&WAGovc-j!yc&VkwxGz@LZPrRMAn95#ej!xADi2upQ{N1pY6IeX4GC=TRS>B+Lfc7 zk)A#oQ=FBRm7|?!QP>w899$Z~gTvQs=wUlj{5R`jMri!+h)an|NQoM5ZMUt*jQHaa zMJ4VO4{P?csMqYxO0DXK)3e&Z78=-;;%{)7jjrTvb6{4+??T))~N^IBf zLWQ9Zqsy)GXe<^DaQo%!7$sa&??{c)OrxqXZne`Cw*OrT7n+P)kJzst;@FmK1oE}F z-!OK)IOIx(4r*}ci&Nr@I|s9OaylnTUwv8O=7B3dQ2W@V(>E~Z?GtidhR<9yDW-77 zHQr435~mI6fgfzlcHOQj_uiO=L$seOPCAz*Cnxh;woDg5osdmte4r!+%0&_q5_F=` z^=Vw?^0%Yt+?R&AZ7s4i705i*-y7T{d8FMRRd1%M8ex#RF-P?_89q3cXFpJE-_fPS z*4f_P-rb%4RIz6bt>|6LGiX!cZfP_0hhEH#E`-h0n>mB0B%deG3Vj@V*=>}M?2hl|kOxBNX5A7KQN0+H2&Rm#sPYnz>dW;dJhbqqYX`RD3;1Fc!R_Wt9G0t~YH`U&M6uZAf_ z$q5-hicQS|Iat)VFsO^U72Ak1tbj84DKs=$(2h{0=X{_Oa48#%7qk@>6We$slmPTG zRA3$=aTkQ=fdNQkin>;Nx=888z(UJb6=mgDSx=pvR{{R}#;T#1;KCE9)UauYuUj%k zz1NJaH%kkxl{9pNctcIBIN?!>^WiQ$v5gYgUelC)2UA2)8W!swcAW368Q+XZPM5ch zt)pXXXo3lDw_>B$q~>jW8G<@%_)!nbzJBR*AUPPA%0i{17eV z)vFZBFsWT<4p<}yT@vC)vcJOV4iBzr0g)+|(wt8!iHz+{*)A;nJSaugT}*Oe2b0!D zB7E=n{G;&JskL(EW>C6ZC|J=QZToPTn2l^Ryiz__`%s>QuA%`KcU52aQ2qQ{(XC#h_1Z1lM`S65dL4-d!1 z#n}lB^!0IsB>4gDsCX3g%>&hLLG+7qN?lgR>&wc@ZeMO`ZcY;S;`^9}Z^?e9P_r^8 z`~>xlu^n&5$MNSYHN*HvHhPg9Rz!=hWR3TRjVki}ZrV^=caguL^%~0!{e(2FFoV?y zR_n%e>X~7HSL+l84BGJ^oHa!#H)biq_RvyLBivfX#QbjW`fnNfx6qrU=Aq@Kw;WBo zSkjV8w$*jHkeGBiSDX21O`}Q0IgYow>&R|L>dK!Ov2QV$KZ@9{c)w@O)4%?yEcE*@OMfOd zEi)lgA$GmGE3ohdh&$+b={GtYEG{k%Prd^8{+ky_QZk5xwpZQ~>^pf794jhZ$`Zv- zro_cXPPYvWap$XF%-+p)9JDKv&z|wj*`hK?4RzHy9_F8eg%y^_xsKFb&r-9!1?sP6 z?XI8Wq-_h~nHl?bPWJIlpfp-2l)f=QWlGtPUvaF|+>$MQJ&NBK8m?|O%Gq&G(mAiE z>erg$nH^=c7ziJ;$<(Tk{A`;a)3d0kg?+PVi|;5$lG^IiP1=pj*T{(PkAErZQxG@J z=f9|yV6W+;j!~v?Gw^;%aQjoI8iL^o!WGI1G%)+&`3QKQU2$HX>M1wB_FUx#U7s{7 z-1|YVmA|s`iF)i}MO3BE6AHg0=0n56PWhVsI?Xqe;XBYROoyxKn`2$&*8Q%VwFzyY zwn<=Qxn#o{wcW2>tasHwzg=ghEG;#4?C;NzRbPYqq3PwHJB7ROSXaJ5Id`FbZ)el` zi22@kEXf_Y)i4ZJW1r-sV>sFp!HEwDS4sS9tM3d)cFcVHyo6d$De7tPQ73=(ycqGc zg-smwAlLAZjk&aa@#6vNnuIicul146&L8w{Z->XPJvbKFec=o(gqCJ-aVWR2Gc25E zZ+70mcYAby#!@PEEV0u=rhjb4wY;Rn1C;84vyMEp9?|EBsNCR&moqc1tW??-y0K-Y zGaKsYoH;w^HTNk)8ylCN81>tEcWWgeML$b55tLHocMzszwz62!AAw41xTLYr&L%&&m;PI2zLGHzE^0Xo`V zn|eVn>al3>o9Q*90i`AWIKVvq*lEb#81}d2{&Jzd&kIRjbMgVduomp~okQ@9xqsaN ziIi=m>;{_M9=&SRCG*6@nJ4wboBIy*bt*>OeJe^JqWEnl@!7p%H(wh-1_ z!?WvapRrEj|)D7#cKWPwihyVNtp$+l>O}%89W;l#g`{CAS&H;O)L%+uHTY?LQ zziKS3$Vg7=$p+~3aq=75Bxa~2#U~~v0=Q`=0~Q+9J6^0thKh*L0kr4``K?Vz9jaQ1 zO(s3jOy(o}WO_yhe_W`k49G;YxuucFVynT~Ml-%>yEE6@Opezo{0cgDTo9zB-Nyu> zS{EVgeN7h_F)nd(ej-m+c2I;XV5H&Lpl*&(M z=4Tf?&Ug0o+=})Y_=#Bf{)#-scQtsvajDE_;1xNoB-S3JGd-qLu|j?#^+3?Te*)j) zhhnki!^3p0sUkTBIy$9Jf4+w^h;`=~gY2gt?{ECuG4M7 z)a<8Ep9W7aau_PlNb$#M*WkK9{-1h#-rRITY^l;^dGuR-eSKtPq_(l2o0F3hh#TN% zPp)BJ6}EqQd3k(%9DEGG-Q*R7eQUCWV-5S0OU*1v8(k>< zl7>eIMs)vYM1ZLZ3m2y!drZ95*Kw+F=ibxP(ed?K&rC={-HVO?)Bw^>rrlA}{oU66 z-F7)9fJJ+6fUq|On$;sa!No+Mh@*b%Hul|_z&mvSep(;wHiw>K=nHN`n4QZ%y?|JX8{EQtM zaxl4H@%}JZY>sKR*qCqda4s|O@bHjKq0Hq3$%t+tTat=xes#6vj(S9oLx$QdyP@(8 zQmL(PwNb6#zkl!T?FANnC?_{HHH8?WW>*2ZE)3rTLm3L+@2&*1y?WIPztQvh^=nd6 z(h*S3eL+eY9vV77QUmk!)QOq^YKTPGJ6Vf?`5@1O|7_xb<-vy(PA3`k+gyMM2KNV{ z`Jm4BX{%@VEO(rIr z9Xiv08Yc+z(nFG52na`8T~jCl?xrNdN67Rl97n1JZM$9F-P1c~KsM9Tq7wGPeW5Tf zuT>-?=Ku!!SkKMR8x&e7^TZZ%sUu5Dv~!(XtdU$=Q(#G_W!nis$aB3>FEt153_#oQ zVjhc?>m7<>?(^?R2ji3`eSnir-E(>R^ailHe#v6h=5RE5o?%6?btjvjF1lFs+Bs?n zuwleCk(+bx@pyazZwQQ(lF=6w<5@Bp#68st$Cj6!_B+_fW8}iGMY7LCZx%1-uSO%3 z`4N@->gQu{Lv;=6IS28sn1+TJz@$rc%D#-cFS#crIk>v6Xj@MGZ6qDxo7P34@2P3? zuqrpaHC*Zt;^$`$=1)>-)U9BKBSC^J8GVED8^Tv8p{t)Oq*eiMXo`R?W@)5+0NI}W zqvi?cj?WB_jg3jUzscd(bWgy@z7xfr*4t9@>?1L2rj2a#hp@_W3#1u<8G2d4x_jv#;U$9Qc z!$QGC|NQx*+Sn&qR^kVmO(6QpFC%cn3SJ$CpfU~Yt??}db?cwKo${R>TB>$e{}wv- zojy%tEV*@UFz7aic@M2%bp6}W>1iuR$Gpmk$061y(Lb7|)`o_Ll6A5|;tQIr8*S~& zq1icby{2xCv+CVY^GNkp1?`Ea<?3)EAi zR#ztH5f>AtTt+%z`|RHk1I3E{tzff?*Za3w{Q>pkAW*J1jbjrx{Qh2tW2q7ytjzpT zQlN)@NRKO_+2#?&8+d^@NHKq4bUC5%l-DnNjT&hptdQ40Be?Y0n5zFOb*m~eR1uko zY=+*Xj(Mgd>9e?BC4@&nPsYprdy`-&Jf6*-3Y`N7I9WNf++D{3>DnT%U%*9YV40

y=vYUIbz#sY$N;8 z3vBvFo8*L!bqd`;3Qrnk5$lE1zZA}TsdrWT?Rfk66!zJj%7M3t1P86MwYZ8JW`nn> zpU9VdLpkFJ`})qnd3$wYDg`!N{fEy;>WNi>kp71)&xwZ1+!ilP+wtu_`v2GIWz#@x z+e%8ISyJcye0>e-MuXwxRecu7Lrc>9$W`k2rVk+&qY@APB2U;n(y0H*#*7DNJ4aZ(*Cw z?EgM2@$zqKtNI(Z%^zK_q^hb~08mxq8SoqR|4{%Pt%Dd{UoRg;08}@w8_#E`rnm!8 z6(C&%cE~Q8Fnzxg#}P?CoNExkFM1D0FC{pGbL~T7?B5c?6^MwOCxDT z;l9rJNha77e6d7z`b!3xN4n+GbfaJv<=(uH*cxkc5ECQgc8FVricxagYB|4<#F}sw zsdz}z>(_F7>6>4B*F$McNskzl@iG9gUt81JzO}c48o~EWVOx2*tS;|wbuV?NNw&ql zDyyJ$t6BNsp)zw}sLab}F(I#Nr@3c%Xf=V~Tg~GQ{9n@#1b)s9HQ zmK{^1O81t7hhg|1O-U6kWhwZ*dF|xB2}g@Y$Clrs6D1?!xs(+(_{kOUCU5ZGKYt>% zR2`(m#cwvo=tb%Lx8Afj(%L0(bcw^jM_XT<>1EXUtl`ex^zrA{qV5-1$5GaJ2HKBLkEnzM9 zygRGQws)BNW(GZwE+cnP4(>C|V)WsI`9b; zmKfM@>*Fg+I*u0{@<656KqyLZRB2>vFQ#nC^>*IjuepM@jcFT=_QYtcD(x;Wzj^s+n`KMb*hhQVGE22-pF?7KSy67obS&A%EBHvhmCIm7c`Ro4 ztqH4)S0{Sn^Mn`l@!d<<#LDH_uiN`;lPmkBf5K`EYIde%Vzc`$y4^Tz%1K89CT)VN zNh4Et7yYZHG}3Bp=a2opnVx-T{9@iFgRY0CQ?}E7%>YM@Lhca-IFRPzb!c&$8NVhm z`h0W;(Wk#po&Qi<6l` zwNz~WSM(qU7xb+Pu5uC|t0o2d{K1vbq5-kShzx$PyoG1F}11K)mHe7b8 zt32)_TyYVX zDsbpKARe<4#*|GK@3!|=eA>+^JAU*uJ-x4|&zhJkj*zv8_z0uRPmLY%cmw%P*}c0C zjS22?{kbsI=K8`^`p7V9`Xux$z%oVQ{tH-#H~x+@H;(N7K;i4@V9s9+pseWSsF=}t znNlpF+1<@;Vr?5-8W<2GumadG&qg{!K(_{T{sE3Kx}v5pnzT4KSNJNyd1RPESw#Bu zt0Q|BQGdDj`KSk|xB(DhE=Vb38%3rpEGz)nfvCjLL5jG;;NEG2fGWfH@uG?OvGa$W z%me+lz7}W*g;%(jC5eUH#JQO9#Lg`)f}UxMh~dxo2sw_yo*s5cLiw!^jT7BS-A=$5 z?CG)8hEQI+d!4m&2A#{R!0K$!eI4<0c-Y8C%|{=wvF!WNET#)zu*!4R1q?e8q02Ig zfIx3CH$DA(Y7KD0+~0OxYN^0i+4o<`&)Q@OG*oG5o8^5%@V;EBniSsgmu@$Xl1l_6o0ABc*v_4|-{NeE~Hu zUx=024+!aACgYhD(eKkrR`9&)L9(MP{s5VnaI<(3_^I;$Y1;FVt0zE?~Z((Q}s-TYo%*9ZKVOX1J$kD(fCy2i-Uld;2=b_LbJL zSOuYGi^7Ynx+qQ2eU(!qpWhm(3+QYmj6IS#6;+>>_F9wkG8Gv(6)>e){o_^rD_P4F z9o^J29#LIEn-H5hj_by9pvy|9%oYuLjFLw|4_e5O^likYU2f#(U!+s|BwPw)<|%MVP^GVdtt$>_0l7l{TkVpPWl})6?1#_T+3Yn9sX2Xma4_+8(?ikLELTw!`RgcJ zR%pZQ$2x@_{{~RZ0%#h)8}?GAN?|oeh!cPI4IFT4oQn$!H5jYKrryAlz0kZN{vjPN z=xBE@u%xsOba9y=w8Fku7Z*o*LJGpJZG`ZAVeg^H;>S=Ens{ zjz9l&YzElqzpK1!QUtx+7kfH!3W#}wIng*&93FS(cdULp$CnIoYHk-jbii)HH~%{} zZRe`9CC3nOE3#=}@+kw6eCIWb66?;tdCdtRhl@Su*0k+gT~gBHA3p$)O)y;O(rh)4 zXpjL4v!PPehW*9%SY(kmT@IkCsgae+67@ax&L#bFW|&O9cMv0{W^~-I8rNzCgIu$I z6X08zZ~Iut#nS}gyOXcM5v$098MUejtoOIDj_xb5w8v9i^)D34HVzP#7DKt8UeM6Q z+jM>3_LYo$^lk^9pD%{B{nbgGBsP`kuUjwP5Q}1TZLxmpqlVpJxkW&dXf&V1KV*q<&Y~DJ}5$YL#5dbL+I_JZMlTJc<`_A60BMjUMTuyVd5aJV*QS ze6tLy^Qq#jcFypL)YQ~U#d{R=)znmw1@T#fIdSjm7`M-e`#XquCAQeA>_6vSKjt5w z_|;G*vbowA(pqg!e?`Z4#^*d}&r81IPMPd}HcOf_@eR%LNEIZtGr#gZ=6nC>&M0Mc zCM6|3l{}l9BEgHJGN|b3>x(n&Py2vXV|w0r0bGx^@|ZW)@iw5G4NvZ91C7lE(tGP- zaoqL(4^EELD}5EdEY>ax_lDywW!fG6WqI3|U>ELL#XI!YN8Rf~K4FJ6*|0ihh5iov z6Zc>MqWpHROCe5jrzri^!aY=Tu?hLKmR?j+_oZ7>(BgCr+tB`Dia&Dm`!wb+QtM9b z(7rP=F(q9>opUrwiE?+hqruEX*TXG8^7$oOniZd}qMk2d#Y4wMAmk~$aJ&NOh;s@P2-px09+*QT9(K|x~#=WG_FJ-+nl9b;1 zXDNJnmm=Q4{>}86BUoNd@q4Z}Byu|qIj`Hu;4p>oy^veZm*|1d$3U>FF4y} z7kS9oi7Lxokp5_KTxf9sM$wJD$NBJBpy%OUzG;wKxrueq@v_H&z5E&NI|K*5?KDib z*6;p|)bS#kFEB-b#ZU|zxP>9Ajp`1mBlz&<0|7p~QC1nMFkK2N7gl+3w0l!I5_a#E zo^tTVdrf~R#~xsysf!IgbD z6*^lbNP&lp(rf9GBcS#1@o}L?R1kVW^2gRa0H@4Qh-#1XkO*{u<61-xKnKcSvA5zz+Ruf764eyRq^BXDj+!(K&YwBD z1&;eR*DZ%^gz%8Un)wQwMGIGOjlT}?P32@Rt_tY-cmKh#)+rg9be*)5tJ}LXof*ts ztfCsEB-Ivk0S2jT&uc8=`sng|KJ|~rp=3z2dtV;lFwXCF1)M&@FRw|TihYTUGjXGO zf}0JvR>byUJ+t|dF8=I?>HrOM!Fzv#&ImNG_XUE9JM+qBJ_bYPq5nS_LZYlRG{B~4 zxBYbi*8$Cb)Xupis59OQ7^gSo8b!t(+ebM%O#s0edq+aR8KxEnd z^nF)Kzzq4_%WbveRn1H_<8NMmQLjj@P6deg$6tn zHl>yM=%GrlweEwuuxT`+wgD8gd!NiSjBqAYuMT8wUv|G<+Ys*}S4nbUJev=SQHlvr zfDoa1M!<1g$_xM$NazC?=n~-95zb9cYt4hkchh>;XTw>$kJ2CHRoSAmG&#-K$zR>S z8L3mO$3auw{|;56mw#+3Km*DVT|Yg7ZV`c<2S+FOZn@)eZt|u#V4FRoj#dQ<2{jh` zR51(1?!D1m3-PS^9m9_h*ag2wNG=41^A}j<&P`8w02+vp!0PbCMi(D~OU*~fb2ByH zO`fJZzEXDb!kqlBB%04>Q<#3}ncigwWUl@wx{P_1b}DyNVzcoJ)IK2j%N9N{CzTLv zR8%F6S*VDKZ4@*BJTR{)1QOct9N~A~ftHKg^S7TE#|_?Ki#uXeCguWDnf_H^ssD!l zFu2GEZ5Z(=_;ByPdU<(WgBf36XD74j<@pmY0rx55Dqmb^E_C+AnQd5LQROA0Ds(+< zsljK#2Vu7w4uur`3|NJLT(SSbqlG)6KG(292pqYv<65I_`^YAi9K@;kPBw29W8nI< zYeZuI!hos?Vwitov3KX4j&80|A-n_#mH(=Yr3`KT3RlG*+nBGH#RVA=0i0sJ5%iT{J1COV?YB6%Mi1QRe(ZXIC}apU4*36^v9}4G z-O1HKottqC8LINx1c!~#-&VoTN^s_fd#sO=-!EAap#8wx(SU6S=H7^XNb`iyJl!|b&lz&d!U69deM)E&PHDk ziD{>E{Z*Vf^p0U6!%{A!PX+L^Ow3OiM_?scpwMHznz10%j(`1b5M|JhzKq%NqL2o{iNNwn{?kSNkkes-BHKT%I85WQSY@Bt`&?ma2Dh#q-cEmkjtV znITlSXZkIhpO>d@w+7wk$jew))HgMkOi^XIh-;P2QntCx)MeXwyg#tJFKe-9zQ6$+ z21i0|N?D*hK2tAwpX>+SfChQkwnSka&WL=!9Xrj;pQS;a76vbf`s7%56B@L>N!vK# zJYv}YU0mlJzuz9)-HWzBQMuOY9s**s;Wwu*&_gy9b!@-nzyWRcybH{Ry17aNmDgu( z303!(Oesm0rQJ4bSNRdMXmuV^l*;NRm)$W^B+{zV4*z|dRAOV9YEZ>NhOiLreqVZU z6xly0&JSdai@mG96S4^na^=bC-BHy4p!i+M_=EQ?YUTq8bk%?a3ZiJ^?=mtnxZwss zlEhO*>_Xc2_zSA4hSor%hh6Cd&(BAt&vT&@w(hzQTO(+q{0|Ig=^?;?^VqHL(5UNX z-sz8-{~bX>7R~UY(KDMuB?k1g3nfbYij&^cOx(Dea*}s0rg-y4egRiG8<*Wu(7PYx zUcr)&?QLzN9UrxnC3>CVX`ZRr(a3u5_Ye?6Z}`aOzdL>-gV)UdQphW?9(n|_#Dt&? z)&AiF$x(TOSS%Lw)#qYSz85P~Q%ymO_#(uf0=0Xx@;N=*6WnnXd6_Ikb7!UnAB>C( zm&MThR4B2&Iys5~_Nt!-oVX=lt-i4T?Ji?J5Q#6GU#D4epyGyE)n$W=1r~3+?gh-` zoN&g(Kj}ynVm9AkKX~9NfluUt$xZCM`1ad(ZM_?OW--OPV$pDiy==SGFMY0fzgsC^^vrEPH|cOaY9()sMH+JNB#0?l0c>m`_ClHRJQ&Pn zi(f`OQt7`&-t3D1&fZtjUA0|tT$}abr?>5s2060hdRq9VZ*Nug&j}l9o3Ykrke*_ zZG1^X|B7}x#pR*Mh@YCvKJEQ>bAKwhwXI)uc6JKK6elPqi0`pM%O`{mW)j*liYJ^^o#LH+mNkd0)!HAoeh9w&LQbIB|s&IsCoAw&NIq5gYA zMBQfJPt_bJ_qy?uj^|zL6o8RK%MNXUqU6hh`j*R_LbSVrjZM(V@)oUAt#(Obh2JL+ zz;rGZKQtGyVM0VFkfM%FoM;c3rg9YzV(!p>m^(<&hdF?XVAvx00`a_j6Cp>b zvs=v`HuMqJta9cgW+Ia`2U7P9x>W5>&kud^wN^Mt8whH6cpx<*(7GNBL9-ltaa7w5 zY#@|4p^LrOwEHVQi9D>mMNEYp2m;L2F}4SRJfxkcgPWLGWfSI^*`i*BGhYhwE|Mo6 zB5Y$Jj7cz4hcE_J(R1d$BqvTskno=3NeL&wcXcR*y_Yz8n)LOTgvU`mQ8ugvrB4a9 z)31+Y?xH=Ij;`N`XP4Ddkmp9?FwqNs5S}LFD@r#AAgVwq1T>=$=lKkjOM&4^`f}W1 z3qxuP<>Q8#CF2>Bp1{qiO#^S&LkY&!CsFUJWtAOUu7 z6~UcLCrqe_J|#uCv*8k9p$H1V7L+rWk9_I@l<*p}j4Ty~LJygw__V7>Gqs{2jA`b} zfrtMXrhs>Ub31xk+h>B_^w-(io(@#pqbwlya?ZTGK$y-$WLzUCTF3pW2OKwo>j0wL z!4k1Ob}fe!AmW_xPF><_Dhc|mYn3zg0nwoj`?CAU2-n>SV@!qpv=+aBWo01PMQp7U z9xf|vpOJ$v$hC91jt-Lp7bPXQo1}E-bKd!(w&y=Ae-pKH@lZRFc0sm4JLkrpo+D~U zj&R5AWrP{nm)@9>&RimDN1LD>*QqQ?37{Q6y|l|jvFQk7l=)GY&jUZW4E<(K)K2!H zb~boQg&ll^2gT}Aj_w3V-y#h9^gF)vT@`)2=ZAB|wt~$KLK;o;{aJSBFvYW3VZWoc zOW>Kq)cfm80W>+*!OBX`>e`Wq{AE8F!{@)IJ;XRr@u^%;gZN!E0#yW^rl%~Lp9ZdI z{??i9XbhF7+QEz_UI?K!8-^)R!rl*wnLOm;f$hp}Hn5fU0>{36Er{rF8!_r4@$DJaME1y+;JAk}LbRe*#g&isbyi-qT@0B}Ux_ zJ_eo!zr(L`Wbe!Wb+=cgLN|m1qV!X2N{#xKJfQfomrjwNoFBdGm@eMn_4P zLd<$8h)zhRi|8Yv1RqIw7Swn(x{AJ`EWCi|BLRg6F>zM-Wfi^N(DM~y6pbScXsop@ z{|f{w|90m(Q7{zYCH;DGHSRvb4{Az?N8C={B(#wD)HON-TEJ=~Y3^h>a_d@Mf&vmP z3+Vhn4kkF8dYDndjiGezl;LmlQH*-4Nz+Q#8&q?&> z?n8eTT{H4c15z11PbC^m`Yb_Ztnc(DL6p+7Xghc5$j`D5Jwr5o1@&{7Vuj(91hG>W zL|D|swB$jizUwLCqP|X8)aUu3jgr7OV;0nekBlbpiJ(lj#L!7Pt5Rn%0R2wLoai z4X_u?(u5K_vJHn3jm@a@G7zkjBAkR6(d-Ex(A_PHD*_-8SA}?eG)*cFf?$#H@uywu zhAAkllG%v<)Iw0en0R#8bOqR_9y7TSMJ6XiC%aFE9#Fb%6P=Jud`Olr%0RMGDyov0cd@91e8^V$E zlpVyn9~PO!fFJ*uu+;fmoJ34P4M?QtG0l;uQH@GDjx*i{l-d{Hc#b^j{lS)!1E1&< zG`0pnWn}uwg`+zdO~P}OvrN^>s_0GH49kgu;W0tptB5%32gX3lZ?M*cW8+{Ins5<( zxsF;Fo(n<-=VkS?M^8hC6K3BXxA~VD1csH1*Zvtyfv_~V0x^8A!7k1B!s6qR0n``> z2I#sI=Ex0p>7`rKN2kZn2s|LjCX;^sepr9Sjr&8NAw;8*62?6HkgtbrAEqd>dtFWp zT4xV2*`JfKf-FA5@7->^I=XX=Fa+f<1!86w_Z2CkY7PtCN|osl;Q#6L*G>=vP5)t_ zLAkBl0%uzHQKTd~hC0D9m<0tXrb9uXX%kl_`hVhKpz&hMY4-quCRK8lSZb#ssI%`r zwXtg^2sC;D#5O>H^q~hL-s??(?NQIXDU_(_Y!<>6q>!190$k1Ltd1QVQ0^;DK(SZI?0f8o{SxxY0rUI!1<5(pAajpY_#yL0j-HfJexSK>S_d86 zXzPgC${)by`I8u5g&B^fJ)lC>_`*g)e!U(Mk;1iXx2IgA$FByrr?*WF=soGNQmCmsrfJ>LW<%Mk-@)C;~@R-_noP7b9X0Wv%A=tY|htjSG1Q-J* zu&_0XImMu6``3sUVrPL`bUy2Q(oCNi&RKc(1t7b%_y%YEIbac*4CO}0vZE^(LzP>1 zm6u3bO{M^uu4YE!wva^X&!C_naMHtlrUMbc?46x2R#;dFQh7jx|FBSp!C(Mc9(-c{ z+ow;TP@6&$Zu7l&L;wrik^Gkl%*x8@S2zPW(gOJJH%CW;e@agiAe8hW&nZl<`GA?Y zH|Mf5MN5OO_@AXI-mg=b8q7ESgg#gD>3y2k`BC?jjVugJ}lxOJBV1%-8JOq4SVTmgJm%LWuA2f9)EZswY?QXAjFDGI|1ck8PRrAD9q z-i#rb07DDBuaY%+Qja7Ob?hiGP7Axw-qBqa_Mg_Z73PBZacWIQ5W!=M>wyLPA zE`iqR>O@=HyI&*j34RALBCr?m_e_P&wHB9ab{1QD3Yo;Fa)%NPVOuZ5;B%BIA4-e1 zo_JeM?xy%TW@J3|I?l6{y(=!}ztcR{BBGo9{!P|_hfF)C4{d7RQZ&DK&(0NR`Ah|zd{%sYbr{T z-w|}BnYAO6MV#J10B4oA{;ZHO@)mQ1@kV4xm=)c%jf>XzdE2?>&Q=t24?s|IDf0up zHcWTs3hl~ju?qYt&wDqMXYX-O&a44Xv`=-0?&L9aGLsYw&Ep2T&i@VRPp9HC=Kt-{ukh1T7TbU&B1O{s#;vL&6V>K!KcWJBEVmLTR$ zDNded7*KM-{Vd*+-N{fub#=B*O&i)g_v0Z|Gpl-CZsyF++W4np=-&trp=qmgMI> z*d_`=ZB*w=*RLOLBSe~N=Nd$VAGVvMEeYF2bs1Lrk44W3Z%o8vNMZd&V{3Bb-nAl@ z+N={>F(ZkQC7QG0;H*P|#j+2?-YJqyv1(s6<}Zi>llxy^OVY+z<}vxLNBVzw*f?-& zEW(2h!b+>4A3x5+?dLE1{d3HEO^Ld5GP{ONh0r`_R&o)Cnnn_O&Pxh>1;Wm7!{=wv zifrZB0{HLT{EqXrYmp2Cstdu@LmDYtb5sIQe{7#6P8Tw)pCx?kU<%SM;NWC}DWkT) zTYIL&0|vIG{~fCyF4~lsmLb2tUw6R1QN1~SO7#S`tT-{s@-K+|EDr#8qh`CmVpUSn z&*ZY#^x=$Z#Yvi#Nrv z7_KJ0pK#fp2>s~Re86aZ{D+azqc?&j>wYZiG|Lo4p-yXvS_IS-Fk9V%jA25hFzgnHz1swOT!-dnTmu~!XYx_wjc!5$} zDZ;&n@KwOhY(FZRE9^D936H!al(v_Sk$eO$s0d?^AK7j8T_rGxw?^`J0SOuZYq)TP z19ko%P`8g{3DP3k2jZ!AkN5%qhjz+Yaw}iot%czR$d;8T$xo2*B0~B+WdEGi?p&ni z`O+Jsw@qB>FrxFgR|QfeHI?(tn#-r$*6mx!B`Vn?=ZKjd zx#+D$LW{nyzOcBsl%Rx^;GLD~Ip>9Vu>VY%gUDY z1erAufk_g%o9*-*B$w1M>UI`D1KuAfk*3+^3=>-Nc_6PF156 zQ5x|5VOGS8I9Y(O6J^u^6AbBBNFgsQEDQ@f$q9m-N$x*`3JV2~qyo}T4jVoC&&$<};7x>G>bThsk+BLSm z(s@FP%jabsuv-|ld^nXl)^b5~qb1K-dF={_C2zrpA>+hfLGisi`j( zc?*y%m~Y==2>HAz7rQ`v$F3_^7Rh724RYwNA~`r6&a3(O=FoJI>-&=`%e9qT>Obak%FeA5QaChxODC}S%JrWQTz`z-7$UF4QG2@P zZ&RLF@_68A)l&AV&TMf!$4T|EmX_PEsL)50^FW#c+0~yx9AS(S>FAzh>>v!cdaOi- z4>1XqS|FP#uVq){a?7)Qz==CMErlb|BfLlM5zbYbQ2$4wQTpxwOx(%3(hk?!8?Bl) zd@AqLyF_bwN}D)Rogu0WIqw<0%!jNueE4o|%&iBRR^4d&rP}Dw@p*DRM(O`oE-mPF>dPw`AhoJ-E&iqzgB**B; z$VUT7At5&qiSmztoT~N^5QOlq?0A+uX{L9BJ@UIOB927h;ysF}_)E3J$(mdNHyXhR z?UdraX_T5a++!;-n8DXFwj>^|t^cb9rF0s-wPEFlD_b0e+~HOHI9%>*?DV;#SkQnk z^mo@(#lXUFM*J-T5>Hm z+FAZ5ItvMeEo6nA&HHACQ3H?~o0yaN`3-(S#8qp;!u zryr86Srt4;vO*`+lX$ky-Z_kN9ggDRsjm`dcz8(0%fR$ah%Do{bsY>2Et+W5K+Vn4 z1$uhS1@6n%djeCp)@KL4kD_FmI;cWXbc6h6_oDK#vTs8;7!WrW2%p%u#m*F5@4}yw zw`pllaN6?ql+%;Lol9U`%}Cb4R-qFW?1@(wmpT@U}1G; z3m}ORbn`+|(GpHvZgg}Moy}#EKzS`)(fySZ=jFmbgmC~!c!%J85Q|p{XxhL;aHkJ|y zY)Hh#%V%dbRU9ExCDL5=NVsKVe0UV6OTCk|;?rCTof$8#0+ADbbPw5tCujuNCl1(K zxqXclfE9-hU2vV7SD;5B(}k`@woZo5V)(CD!jS^u`f&~%Tj$tpMj#Q4MI)S?HDMP!{Qygs!ISMPXSIv zpKlpo!sQjFPJc{dqoEC@t5lQL!;MwP)Tz$AZl`VC=|@pVR{Ie?EI2z^Pf6Gr#x-oB`9$+X zZ9X9qsQ>6QDI9qm45`%i%k~{z<8t!UelD&&72b2(i!G#9zvF!zFyQ(a$b9F3%@1}e zWaJ*luZzFSgpF1meffetm=U^i15>eiTdi&_DWwxti_ld>y?Wo;g265Y8`!7pT|GOiERk=G$8pjKU53*tZ$0;qlZtVu<}yv z++EjmQ@5RdQnI;pDJK>oo(^+|^eM?c+qNL@S?UAQr`oYuhzNL zRVuzt^rr0f{VX@o!s($2i*yvLU9F7_E~nNwke7pJtu0c`c#_8GVT4QiKAbvD2y_(DKtbjv4t(uf;!k#(!?q93!!0NkG{AEbTt3 ztgKABF_)}oR__JZEIVc3MAVY5WuZA@tzZCZ@G)`{gX{LGM)6<69S4IO z_wPNP!vYP5bqeo6bm_Z!`|yr=|K8)SFu1*^=sEs1+_s<+V^93I>G(bj23O2PESV!S zD+@^OK3l7!+7k^Rh9M~-Q4S~r-FGJ=^D^UB+lJJ(_X3_J@&!Z8Hady-r1#xurYUp! z2&6V;4Vx8v{$INXA*_1Rll5EtR>sE0wzjtR_Vy1R%=`N28W_aK#bsz-0-)^GlIpNc zSZD)*2)8jerCB4RgmQwYm)khHV|K*PZPI~nAd$8wPLMT|iWa@Px>{XbjapOBL@v7< zL|9z+`ZJ>K|l#q%An3JBQmW`qxwLm}AWzCJO2NBDRJfKPe5`o%NO4qp%y zqz4WhaJ_x?a05F3+`vqbo-IZlAG>dn6=NC$9ShiM(IR0&!`OhDBP(#KpxWCWeWqSFW?{ zJa%FtqZi_``sbfNmS<0HA_d#GEH~Ph6Q6HjH=By5HXHB*mnFAlel31(U?u}Fv?C70 zDC(@Rr7dHr_VmdUGb*hJ^Adx0MJ>BT#>-euv9mFAk;2d&ZGC;4pe1$BKDxW=%GB(v zlo!z!hEH1?eaL__B_ksPK){xtsU8y=GM-l+gx74WHu)8fB8N=PQ-)O=ENK0?MloORZf|(@rem_J6ZxWS>iih$aMwu-j~i}8j{-+`0KZamk!J9VZ%RO zpQ#w>IQ+sF+TSB_D)g4Mhy(#ptL6*j6uFFUs4I(?lSs%1m|n03VErVMWN%N8K30>J zT2A%I!{qGj?4qKgTNn8gGFv}}UIiD1=B0x&FR{FiWzo#M1qCY02+O4?10EsJbaHyr zWlNlB%MkraJ09FB$ilhC%Zi;DJ-SG^``g~$vwaM+~7iRLA zpTjzO8V6nP8`KZyI_sJ{-{dD+rNtKZ&Qwr#;d2dmddR|?;jLd*Dig6EhZV$fYg;ib zSv54}O)@7V%Oqyw+Z@I~9UuIOAm!>Tuqvf)ls$0~?W?k_keW<_gimR*DJ!JZwz zs`s$)X7lUB3$Jex+Yg)}m9l3RT-lB5<_Mp*D4+b8*cI7UkU$6LTipKCoo846J<^u27#NRkv8)78)siJ1Ze)-v#l_^fqf0LYC6Z)XVll zLRed~YfdxLy9CsqmCwf3IWMT4j3!N1#NZzbnhbyGtDCK@MwHiI)|M5h>9T9l!BVS% z82j4#`mo7^6zC>E@RsiG!nt=qcu|P$qqTj@HVV+MCL)TSa2^cDBNnH%x@qXdfj1pn=jZ*T~1(j9C%38@JI6JJ>#)_ z3NDQ7@@!lK`s-;m+;)j~7ylOrtJqc?RS=3;ZK7x;I+;rTLBS$oyeO3xf7PN(=v|j$ zt843A+NxG#ZqMbfEyubdRLq~Z+NYh#I5_d#C&WHVX|CoKm8p3qlAez4=tJo&e16T@;jVqyhtw~Tx%78}}m9#*bb{_d+%ITjweaPK)| zvPv_`1b-3VoG2FZiCW@Lnux%)F2YnOrJ{gOx1wH00Ttn8X1kaGPx!O!K5B{+f!)XL zGW$R4T&9|Smv&GNkt1*cQztuDBgVdTh2ZTap|0I>DgR|n#TXCr&rVB}OHR=7n0n@Z@zuJgroM)@LIG#%oo{eDj{UnUtdXQKH`+p7Bc1or2~EtGnlQcXD(chW z?D(LTAj+owp5?sG^MauKK!R>eVxs+gc!C|%3H;kQ2Cky=7xy0wYP5%>iT{z)j>Kpota{WSa4I+r8`L2XvaIP4pCBE5Tp&p#DqSW`$SZ((LWveHRDT33g z`a^sI0&V#eVl4IhyC)Scwzk9-8qE6SFUujG-BSo~^d{ideUD-BJc_G)N4r^1)O#L& zNDTZ#G!BrUy2p*o%8bdgRB_0TiP7C|=^<=6{vH^&Oj9h+u^G_s64uAMotxNv7OpG7 z&Ec5RZ$snffKj(ziA;(6YEeKMbFB5i)M}$TmUX!2cXl(YM89Ep&$$9#;@Js>%6wzT z5Q)Bv5^dakUYA;m(qCVD+pISpe8)n6(#FPyyFUR-Emw4DK=rO?n^qRD!*2qrf!uym zMJ_mWJ>Yfanp$4zun{{pMlm?I>Z!pslv4hxx1oBlK?nrJBN{Q|s0SqznF-C0Qvw^P zLL-P~DO1gFqExfLPwMLFnPFIl-UK0!q3?0sR%YUE9vMH5fdqHLuj@{3Zp%<9g6*Na ziTTYN)|&iYC!3!{R85sfl$aY_aIyORtB>sft5&Ceeje@*&u$7YZG&If^7-9uGucsL zUgGVsIXp5s=!$Ed>;T=@W-l&!Q_Po|x+Q}kx9}A<-r;>G)F{h9jAU9@!V1lB)K30{ zU+!(CZl*h7}+mmX1TTm_xr+MkX5(bnOv!5u@ zoTWOE>>4wj#e4a3Z<)unEgaNDv0Zl>n`iqpyGi`gIqfG!>-S~aZ#~t<>3o1=4GbnrQ&_}MVmsU15Pv@St76n+5)v|z8L$Z$>FUCU3UruZ$F6a4%-5x9eZS(R zj+n}G>tCC_k}@0n?b&63`!h_VXNQSueT@l<8yH0I^J84U`MvwIj9dv@eN3n3A=NS z_#!y$6m(vP4&}C86Fp)h{Phpxc1{WSKOOEZ`nyQ)J%G68QUHre|| zB>)iLP@(cYcH%ksRfZ4h|02Yp;kL5pQ;T-dkUu~l42#b5y>D#5ZLJCPFYeJU@9!vq zk}Bc%zF`EnRaq0an=P`BWC!+y-R0c-#{cG>(b;;2P*x^>_3CX47+VKYc6Rn?G+N^~ z6DJ*LSd9Z^F4Yp(oA2!H?QLzHUJtu}KbbOU5GyOwP{Cj(w*YKY4NlE01F2ebXrYM| zj$p<+(?k?R>!$MWb=R{Xk-8LfAgXMoLm~YhWRjcrTc8Qm}p@;NQ#xwpgc_4-DkoYzt>x>l3r({OQca16K)g`Qp-1}Dz%-@mmE zH!Mx=DCV*h7*zUhE{?ZA@-bvKgOG8ircDtMD!ILikMAX3&cuv|!$o+j&00%4ma#^T zv>6K0@LvXKBfST0uCXGm)uV3dTtdY%_9Aetryntc$5V!4j0!1w@f!jc6~$hXu9q1W z7FMbd9l=>!Q#U5*a+0@k3b&KG;xd!2x><)BGnwlTL9ra>m9cvLHr+P%@gkGDjvWQZc zILO7*JCw~omD-RQxhXFv*YC4@CngqE3ev?G>$(Ey#0yvW_)LVbdYS3crtJM=Y}<0o zr@#`cVE&yX)q93oo{3RHe_71e)rSf-xNTj1eLs)!h!QuoxHE9BvNc!6`$u{{u2ec9XydPXFGw<^|%>ZpI!iE8LUKGOXNZgVkOxe zLPJ9M?eRx55F;%lE@;EV_AZ1Nr{E!B?C__c)1vd7vRwsAx4SLs2y|SS6XAMO!Gr2i zPsTsb6Ah;ia*?qjc4xcvF}$PkhvUaz)iMdGNm?a(T5mQ*s%2H4qq%bIST}2sGcog} z=mVP5TwJK!u4zcJ+Zzs(1*%^d?$3@@j5>L@}zsUS@n%89v3VfjOU~Lp1xF_ zXat(AEjI1B5@aMXtx=CM+R_=OoK4MS(+&w334-U}u#cWop5r9EV6 zJ~CdSlE&{;nL4&pF@HSYBqg7j4A_|d>2Q=i>`emZg@IqsPI3L@_<)w`!wb>Urz zXOD~?n1=q zw$k48>OhtUf2!BZ6y)b$B=$H=+P;&}=bSXAIeGl}TvQVhYUIdGM z>r3n7_lf=1K32VadPZj1q_=`>=(hNO2_$A%jvsXEd!vz}7dDeyG*&91kDbi?gdk`U zOOdrlN$PgU#IOS1Xa1&#Gk{sx6x(lj?ONVeT9Mo4aCdAUqgSDN(yMThj|hy(z&Zd& zeq^^Lcw|)GxYmX1aK=E{Z*8VeoM(1%zqMEX@!cPBT zJ9yGiI@sD^|3mh6G%y=Mx%cnd`#(O5r9{5vSE+Zg_Gn)Rxm8zOls?C>;#{isdwK}( zaIc9MpV{#S1ddhPD`q(|7zl~(Q}zjmzF7ZR;Ir8shN2w205$X4tjmA(6=STq*Sw4F z1UItOmxObCh%?-ee#{YyC;zs<5+FdywNodYJf}x-4XlXoPP*Ddd7g(E??Ju!Fq5}5 zF8@$;+b7t>PaGp56NZX-NYQuhLb4NT)Qabccli_I@H_0K|JtjL|I58~czAezex46{#hv9osP)6^{LP~0#0&n?N8vcaNy8eu z$FE`qc38~D)i;5=N0|Q)e&i=vpxwTG^z4c^WiMkrF}ZyQJf% zV#W&xbV?}Mw9H*{(v`v4{d`)?gFvZku96vOHLtiM_+XA?zZAT)ezkFtGN2sX_A>?U z%@adCY*sAb0`EMqUvkCEU->MVJ4A*S?|&0=iE%)yoGX)lPY&<+hFmMZc{dwk2438W z`D-h#irvq?F_IFc{mHi&nKcfQFdlWjjC^AJ3P@I&Z0H8?(x#>s=y9VPv@W4iyZIWXs9DjT?{7RqcgiJ~s);2zD+o+S{+E?Wu4m3uCwE9)cVr|2;J+(x1V^rMdO(iPWn zGL}H*mpsrt<8-`w!P0u92Gxil13rD)(_GVoJ4-wB(WG+i!ZB783R0-cMn>}0_0N_= zD#JXkk=}lfi=*+&mtT$|b$*VZsu*s-MX!X3$p4U~ko}~=0NZ|%%h4MyE5t?zbhs`| zzd3_r9(=Kn$=k0cHt|9ZnuH+?)t-qe7xkk4b4+NwY#q_ERSWJEKT&$oYuDc5)e+wY z-yN){Qj9OvKAnD5E)Odxr#)q;kjIvSu=0GMw4Z8P1Q2wl&UYS} zdgJmR;o_lxOO!mlu3KwdhQC)Z`x1R&A&U0guKSiQR`yDUc_|%ZU*GzsV0pM!9h;)4NikhsLlYBX8&83X`us%aE*H39EHD{ch z-ikg&r<^*k&xEbZ}q9k6$$9{#nMF*&#~&tz3QT4<(QA1a{&b@7`rbH*~4JRcgx=Kcb4ue;VRK zN}&+A56^eD>L$x6g@hfLG2xkYqP?NFv^oQNyNu3WG}xbP?!#yTq!97I(@l1?FHMvj z`}r7MSETgu@UxNggV$kBAJeJ_BCiQ%c6NWo9dEzG-~4zFt_*sKOgYo-ABELm^wW`S ze+Tqqa*D4v-Uq_0piYm1Y{XB9fq?_wgq5w6$=il7rpu0<tg;}UYzd_4>TC3wU7w|167nm)%~D1fz{jp9wR*3${^tu zMwt|rwY4qA!Jg`6w|$$->hNgjD%G@8_jv$OtH#eAg|%d5-*<6R1LzdD*N7N0(CA*= zlz3khJUhE@Z59KM#``oum1WQXaDKe-kF#^r5p(%QOy+6(tj-D^gov2L-`6g zvaeq0=<5$Xnr+Ex(IzE=f_I5qdmS#w0c{p`Ec1Hu5DBE#K#^H4F0L;~*WPH7Q@gF~ z7#YkorkxLfpcE9co7vcanuIT|rlHBE9zmF$>Dy^29L0CLO2!oC=@p2(#VkPB$H~d* z6N38lj%C--z+&J4G@>1|@cVXfWMl+dDl9IBx)LaeQtOpA9NtbQ7u&pX*AMP}eJC+r zZ`DasVGlQVIi?rYU_cA$7+v5Wt(!Ht$A$%CnSB}+%X<8V{dQq<2MG*j!BV7 z9?{Hbo1cG>Q7AH^a+~)ay1r|IkEO?j$ z@_D;1xBxRadPfQ{<{#Rnj{M(`{9y?EzuYe}2dJO?7#kbg$$cxXh!=kFv!im$r9e;R z)@iGMYEh6e=fL*mcGccFFP&I&hr#2EvER=19%4C1>Lq6!r+cq^+e}~Bq z>6Q&M1 zb21aQ=(kLp_w4Pn@X6qXhB8fX1>)-bGv)wn{wC$WqyTP;B>5)@6S7BoK!kp$V2L#_ z7WmL5#l^*KS8e~vo!(DM)CRXU@Di4nmwCCl1zd3kJj;uVkBvKv8~UPwfYF)AOa>%S z!i3V0A>nGZ$v2Xr4fnsc>k?1P^rS=hY_OM}QbwXU50myJEayJhkT? zCMqRY;rYlOZmm(0%9x@lDY@7*q8rSujFnFc*6>3l%XiwML5a6Ks?N;9(h~C$f&xRe zFLtVz1@l%2`);fNCCqI7Yn;%vm@iz}WzF_?z@HDLuFwr*!1;u#MjNZY_3jWb55#w$ zKL;iK)YSZeX*jJURx9lgPGkQ%p95shj6up>~{;d9^L%Cr0q4|k>~{cu`M{Je-xBh-G2&{!OXyG}tF zmV0WYayJYwyk5I-R`E#l6l6qnvGv(b1%}mv5@8&0$sfd%ORg{jn{;`(AyRa_yI#L;$CqRdA#OtdklgbC7jA#9(6%sKVWtqONc~do<#O1BQNVGRLsBqjCV@Qhrrptq7skMoNxNiNDY~i~X zcgD&6R;p%a;`05Z#&*)lnCPJLW^Z?Q?76bCG8pNKbrGfY-d9U{ne3H*9#F!ktxaqF zGcY|G(7a5N-Yad|MwxBaM4nx-qkRDk$DH|)hh*+Aj@>TFfLW*1+CpJ5kofLA@D7xI z<%%(T+|G^tbz3FL)ynZX)mcuXU^~6QU$S0~nuYv{m?JtF?Pm$rgs;sHtSZ49DLJvG z=C{_O%zjNo1gjr%wQ^&a7wWM|e2uDk#ap?-2a2XqnLhW2)}Zzpa4G$MeGccXSh-H@ zhaeGzZH#A|Tygx~j5Q6eN+f!j{XUTiQjP5i{5>oji z#*QX`@)3z3$nPRnp4 z%rUzB4ik9?4jY8jo_e4Dbo?f^-vdjC?bo*o@mQZO0;>o6gHmyQ!oF}GXaX7>@Y%{yAYXFHuv!u zP$Ehv-@cF(^<2DInVZG@HwX;G&#;4{R9tSo4>QU-hAyZ!#LR7ap zm>P=y<#kQD5n$a#Zy7cp_$QvK@ElHNoGd@yG5pZ)ytncH-i0 zz_JX)D?G&(_Y|@y#!`TR8yOq5$H{f)0$}DkHV*!*zq|4`MS%Dm0-VQoPkD1lI807| zYuS~Ol1`4?2?JWIQ|*3bFcY9x&+D{Z zSVi4k>+~-IlB zEobl){X;U`u_0%uG2Er7QoqNd{Xeur0v_?^cxH&Mk~a;k^=s5^Ut1z?%J!wLA+K9l zSXfzcUrpv68X9V7XqZ1UCCeNG;!I^uWUYYHbW?uM@qR%Rx|<9X|opCdUYVD z2tt!DUNHHGeLF}FJ|M}jIPS&?{=>;dVl)!n0-yF89EiEgj zEFC5Qk6`Kf=ynwF@-I;wv8(f=9k}ZEFG`)GV75qSkkmDWhf~$K zefdw#v*xpHn|s%89MRue?SLp zjJMUH*ClnYS`52vzFt~FvzK{Tx=EF1ofUxcC!M84$Bvo>rpn^J{5O5}W$j)EZo1I=ohj67I>8 z?V$w$+nj<#PJ#Kpt!h7U&r?P&US2_{X^#hsA0Ya~7>`fk*m?S!(nH;<+Hg|^7)deq z3CP--)Xf7}xx;|t8uLYEtD$A#AqJ!y{j=)0Qr$BljqEeNe*bC{UdZ_O)d=Qf%yOw*_Oa+0(cOtEiG zT@(g9=LN}0lVObkZ+551N&Lc(g}Ge!OD4lLkAKSb&~KNALvXMB)JdUKCLyAP=;ZBm zez|4)b6aCMf*sFLb`Kx8tHb0_q&?Cduw&2$?>%q^Xk1w5NOhK1 zsmkh<+`sc+)_HR#byhWPAjEaD$2iqlQh#;MgFZpQfIP@iet50B>g&>YZKeg+WYgql zm&H&GMwPpgm%?;Pwr73xa-_f7;&6sXzfSK9?JEk9K|od9Yi>W!=~NKbzf@m$Gfq{{L+C-|W+S zmWPJKM$|eN($eNx8v9$p;h-U8#!mxV(LJrZ1EwZ~6VLwh4Z3RdRX}Cw|F~>uY|pOx zs6EdVx;t^Wsn*SQ$2(HBVtVp@|CQt51UV@!Klbo%NG5@Y#owQogv&2JX>BXK{ZXGJ zqsVG!IBL>q{y^Se0*&NY15{96Sa1|S=yggV6?!6O=z7NPUKJ3vbL)b4`Js&E-)sMm eKJtEh|CWaVHbjyZB4+#cDaxwe%({N};eP{B3fwvX literal 0 HcmV?d00001 diff --git a/docs/wafd/umn/waf_01_0024.html b/docs/wafd/umn/waf_01_0024.html index 8f218c1a1..70b02378e 100644 --- a/docs/wafd/umn/waf_01_0024.html +++ b/docs/wafd/umn/waf_01_0024.html @@ -4,7 +4,7 @@

If you are sure that a protection event is a false alarm (no malicious link or character was detected), you can handle it as a false alarm, add the client IP address to an address group that is allowed by the policy, add the client IP address to a blacklist/whitelist rule, or disable or delete the hit protection rule. Events that have been handled as false alarms will not be displayed in the event list.

Scenarios

If legitimate service requests are blocked by WAF, the website may be inaccessible to some visitors. For example, after you connect a web service deployed on ECSs to WAF over its public domain name and enable basic web protection for it, if its normal traffic hits a protection rule, the access requests will be blocked. The web service becomes inaccessible over the domain name or returns errors to visitors, but it is still accessible over server IP addresses. It is more likely that the requests were blocked mistakenly, and the event is a false alarm. In this case, you need to handle the event as a false alarm.

You can handle false alarms in the following ways based on how they were generated:

-
  • For a protection event triggered by a WAF built-in rule, you can ignore the corresponding WAF protection in the global protection whitelist rule. For details, see Handling False Alarms Triggered by Protection Rules.

    WAF built-in rules include basic web protection rules, and feature-based anti-crawler rules.

    +
    • For a protection event triggered by a WAF built-in rule, you can ignore the corresponding WAF protection in the global protection whitelist rule. For details, see Handling False Alarms Triggered by Protection Rules.

      WAF built-in rules include basic web protection rules and feature-based anti-crawler rules.

    • For a protection event triggered by a custom rule, you can disable or delete the corresponding protection rule. For details, see Handling False Alarms Triggered by Protection Rules.

      WAF custom rules include CC attack protection rules, precise protection rules, blacklist and whitelist rules, and geolocation access control rules you create.

    • For a client IP address mistakenly blocked, you can add it to an address group or add it to a blacklist/whitelist rule to allow it. For details, see Handling False Positives Based on Client IP Addresses.
@@ -13,9 +13,9 @@

Constraints

  • A protection event can only be handled as a false alarm once.
  • Dedicated WAF instances earlier than June 2022 do not support All protection for Ignore WAF Protection. Only Basic web protection can be selected.

Handling False Alarms Triggered by Protection Rules

If you are sure that an event is a false alarm generated based on a WAF built-in rule or custom protection rule, you can handle the event as a false alarm.

-
  • WAF built-in rules include basic web protection rules, and feature-based anti-crawler rules.
  • WAF custom rules include CC attack protection rules, precise protection rules, blacklist and whitelist rules, and geolocation access control rules you create.
+
  • WAF built-in rules include basic web protection rules and feature-based anti-crawler rules.
  • WAF custom rules include CC attack protection rules, precise protection rules, blacklist and whitelist rules, and geolocation access control rules you create.
  1. Log in to the management console.
  2. Click in the upper left corner and select a region or project.
  3. Click in the upper left corner and choose Web Application Firewall (Dedicated) under Security.
  4. In the navigation pane on the left, click Events.
  5. View protection details of a specified domain name, instance, and time range.
  6. Locate the target protection event and choose More > Handle as False Alarm in the Operation column.
  7. In the Handle False Alarm dialog box, handle the event.

    • Ignore the corresponding WAF protection based on the request features hit the rule.

      If a protection event is triggered by a rule in Basic Web Protection or Feature-based Anti-Crawler, the associated request features will be displayed in the Handle False Alarm dialog box by default. You need to ignore the corresponding WAF protection type and click OK. For details about the parameters of the global whitelist rule, see Table 1.

      -
      Figure 1 Handle False Alarm
      +
      Figure 1 Handle False Alarm
      @@ -149,7 +149,7 @@ -
      Table 1 Parameters

      Parameter

      Known Attack Source

      If you select Block for Protective Action, you can configure a known attack source rule. Then, WAF blocks the requests matching the configured IP, Cookie, or Params for a period configured by the known attack source rule. For details about know attack source rules, see Configuring a Known Attack Source Rule to Block Specific Visitors for a Specified Duration.

      +

      If you select Block for Protective Action, you can configure a known attack source rule. Then, WAF blocks the requests matching the configured IP, Cookie, or Params for a period configured by the known attack source rule. For details about known attack source rules, see Configuring a Known Attack Source Rule to Block Specific Visitors for a Specified Duration.

      Rule Description

      diff --git a/docs/wafd/umn/waf_01_0045.html b/docs/wafd/umn/waf_01_0045.html index b9fe700a9..25d9c0356 100644 --- a/docs/wafd/umn/waf_01_0045.html +++ b/docs/wafd/umn/waf_01_0045.html @@ -2,13 +2,13 @@

      What Is WAF?

      Web Application Firewall (WAF) keeps web services stable and secure. It examines all HTTP and HTTPS requests to detect and block the following attacks: Structured Query Language (SQL) injection, cross-site scripting (XSS), web shells, command and code injections, file inclusion, sensitive file access, third-party vulnerability exploits, Challenge Collapsar (CC) attacks, malicious crawlers, and cross-site request forgery (CSRF).

      -

      After you enable a WAF instance,you still need to add your website domain to the WAF instance on the WAF console. All public network traffic for your website then goes to WAF first. WAF identifies and filters out the illegitimate traffic, and routes only the legitimate traffic to your origin server to ensure site security.

      +

      After you enable a WAF instance, you still need to add your website domain to the WAF instance on the WAF console. All public network traffic for your website then goes to WAF first. WAF identifies and filters out the illegitimate traffic, and routes only the legitimate traffic to your origin server to ensure site security.

      How WAF Works (Dedicated Mode)

      After applying for WAF, add the website to WAF on the WAF console. After a website is connected to WAF, all website access requests are forwarded to WAF first. WAF detects and filters out malicious attack traffic, and returns normal traffic to the origin server to ensure that the origin server is secure, stable, and available.

      Figure 1 How WAF Works

      The process of forwarding traffic from WAF to origin servers is called back-to-source. WAF uses back-to-source IP addresses to send client requests to the origin server. When a website is connected to WAF, the destination IP addresses to the client are the IP addresses of WAF, so that the origin server IP address is invisible to the client.

      Figure 2 Back-to-source IP address
      -

      How WAF Works (ELB Access Mode)

      If you connect a website to WAFELB access mode, WAF works as follows:

      +

      How WAF Works (ELB Access Mode)

      If you connect a website to WAF ELB access mode, WAF works as follows:

      • In this mode, WAF is integrated into the gateway of an ELB load balancer through an SDK module. WAF extracts traffic through the SDK module embedded in the gateway for inspection.
      • WAF synchronizes the inspection result to the load balancer, and the load balancer determines whether to forward client requests to the origin server based on the inspection result.
      • In this method, WAF does not forward traffic. This reduces compatibility and stability problems.
      Figure 3 How WAF in ELB load balancer access mode works
      diff --git a/docs/wafd/umn/waf_01_0128.html b/docs/wafd/umn/waf_01_0128.html index d719f2784..00518a34c 100644 --- a/docs/wafd/umn/waf_01_0128.html +++ b/docs/wafd/umn/waf_01_0128.html @@ -3,7 +3,7 @@

      Can I Access a Website Using an IP Address After a Domain Name Is Connected to WAF?

      After a domain name is connected to WAF, you can enter the origin server IP address in the address bar of the browser to access the website. However, your origin server IP address is easily exposed. As a result, attackers can bypass WAF and attack your origin server.

      Web Application Firewall (WAF) keeps web services stable and secure. It examines all HTTP and HTTPS requests to detect and block the following attacks: Structured Query Language (SQL) injection, cross-site scripting (XSS), web shells, command and code injections, file inclusion, sensitive file access, third-party vulnerability exploits, Challenge Collapsar (CC) attacks, malicious crawlers, and cross-site request forgery (CSRF).

      -

      After you enable a WAF instance,you still need to add your website domain to the WAF instance on the WAF console. All public network traffic for your website then goes to WAF first. WAF identifies and filters out the illegitimate traffic, and routes only the legitimate traffic to your origin server to ensure site security.

      +

      After you enable a WAF instance, you still need to add your website domain to the WAF instance on the WAF console. All public network traffic for your website then goes to WAF first. WAF identifies and filters out the illegitimate traffic, and routes only the legitimate traffic to your origin server to ensure site security.

      diff --git a/docs/wafd/umn/waf_01_0169.html b/docs/wafd/umn/waf_01_0169.html index 829eb8f73..084a150d6 100644 --- a/docs/wafd/umn/waf_01_0169.html +++ b/docs/wafd/umn/waf_01_0169.html @@ -435,7 +435,7 @@
-

Impact on the System

  • If you enable the PCI DSS certification check:
    • The minimum TLS version and cypher suite are automatically set to TLS v1.2 and EECDH+AESGCM:EDH+AESGCM, respectively, and cannot be changed.
    • To change the minimum TLS version and cipher suite, disable the check.
    +

    Impact on the System

    • If you enable the PCI DSS certification check:
      • The minimum TLS version and cipher suite are automatically set to TLS v1.2 and EECDH+AESGCM:EDH+AESGCM, respectively, and cannot be changed.
      • To change the minimum TLS version and cipher suite, disable the check.
    • If you enable the PCI 3DS certification check:
      • The minimum TLS version is automatically set to TLS v1.2 and cannot be changed.
      • The check cannot be disabled.
    @@ -443,7 +443,7 @@
    • Select PCI DSS. In the displayed Warning dialog box, click OK to enable the PCI DSS certification check.

      -

      If PCI DSS certification check is enabled, the minimum TLS version and cypher suite cannot be changed.

      +

      If PCI DSS certification check is enabled, the minimum TLS version and cipher suite cannot be changed.

    • Select PCI 3DS. In the displayed Warning dialog box, click OK to enable the PCI 3DS certification check.

      diff --git a/docs/wafd/umn/waf_01_0172.html b/docs/wafd/umn/waf_01_0172.html index 9f4a49075..4e67f6b82 100644 --- a/docs/wafd/umn/waf_01_0172.html +++ b/docs/wafd/umn/waf_01_0172.html @@ -614,7 +614,7 @@

      Protective action

      WAF defense action.

      -
      • block: WAF blocks attacks.
      • log: WAF only logs detected attacks.
      • captcha: Verification code
      +
      • block: WAF blocks attacks.
      • log: WAF only logs detected attacks.
      • captcha: A verification code is required.

      attack_log.sub_type

      @@ -624,7 +624,7 @@

      Crawler types

      When attack is set to robot, this parameter cannot be left blank.

      -
      • script_tool: Script tools
      • search_engine: Search engines
      • scanner: Scanning tools
      • uncategorized: Other crawlers
      +
      • script_tool: script tools
      • search_engine: search engines
      • scanner: scanning tools
      • uncategorized: other crawlers

      attack_log.rule

      diff --git a/docs/wafd/umn/waf_01_0199.html b/docs/wafd/umn/waf_01_0199.html index 36d1da5f9..a88ddfd68 100644 --- a/docs/wafd/umn/waf_01_0199.html +++ b/docs/wafd/umn/waf_01_0199.html @@ -3,7 +3,7 @@

      Why Am I Seeing Error Code 523?

      If a request goes through WAF over four times, WAF will block the request and return error code 523 to avoid endless loops. If error code 523 is returned for your website requests, check how many WAF instances you are using.

      -

      Cause 1: A website is connected to more than four WAF instances.

      Error code 523 will return if a website has been connected to different types of WAF instances more than four times.

      +

      Cause 1: The Website Is connected to More Than Four WAF Instances

      Error code 523 will return if a website has been connected to different types of WAF instances more than four times.

      Solution

      Route website traffic to bypass redundant WAF instances.

      1. Log in to the WAF management console.
      2. In the navigation pane on the left, choose Website Settings.
      3. Locate the website for which error code 523 is returned, retain one configuration, and delete the website from redundant WAF instances. For details, see Deleting a Protected Website from WAF.

        To prevent service interruptions due to such deletions, perform the following operations before removing a website from WAF:

        @@ -27,7 +27,7 @@ }

      -

      Cause 3: Origin Server IP address Was Mistakenly Set to an IP Address of WAF or A Proxy in Front of WAF

      If the origin server address is mistakenly set to the back-to-source IP address of WAF or an IP address of the proxy in front of WAF, the website requests go to an endless loop and error code 523 is returned.

      +

      Cause 3: Origin Server IP Address Was Mistakenly Set to an IP Address of WAF or A Proxy in Front of WAF

      If the origin server address is mistakenly set to the back-to-source IP address of WAF or an IP address of the proxy in front of WAF, the website requests go to an endless loop and error code 523 is returned.

      Solution

      Check the origin server configurations and enter a correct origin server address.

      diff --git a/docs/wafd/umn/waf_01_0282.html b/docs/wafd/umn/waf_01_0282.html index 72859219e..2d7b066fe 100644 --- a/docs/wafd/umn/waf_01_0282.html +++ b/docs/wafd/umn/waf_01_0282.html @@ -2,7 +2,7 @@

      Viewing Certificate Information

      This topic describes how to view certificate details, including the certificate name, domain name a certificate is used for, and expiration time.

      -

      Prerequisites

      You have uploaded certificates to WAF.

      +

      Prerequisites

      You have uploaded certificates to WAF. For details, see Uploading a Certificate to WAF.

      Checking Certificate Details

      1. Log in to the management console.
      2. Click in the upper left corner and select a region or project.
      3. Click in the upper left corner and choose Web Application Firewall (Dedicated) under Security.
      4. In the navigation pane on the left, choose Objects > Certificates.
      5. View the certificate information. For details about related parameters, see Table 1.

        Figure 1 Certificate list
        diff --git a/docs/wafd/umn/waf_01_0287.html b/docs/wafd/umn/waf_01_0287.html index ff7ad0247..41b614e4e 100644 --- a/docs/wafd/umn/waf_01_0287.html +++ b/docs/wafd/umn/waf_01_0287.html @@ -77,7 +77,7 @@

      6. Click OK.

        You can view the added websites in the protected website list.

      -

      Follow-up Operations

      • The initial Access Status of a website is Unaccessed. When a request reachesthe WAF instance configured for the website, the access status automaticallychanges to Accessed.
      • Complete Recommended Configurations
      • Adjust the protection policy configured for the protected domain name basedon protection requirements. For details, see Protection ConfigurationOverview.
      +

      Follow-up Operations

      • The initial Access Status of a website is Unaccessed. When a request reaches the WAF instance configured for the website, the access status automatically changes to Accessed.
      • Complete Recommended Configurations
      • Adjust the protection policy configured for the protected domain name based on protection requirements. For details, see Protection ConfigurationOverview.
      diff --git a/docs/wafd/umn/waf_01_0311.html b/docs/wafd/umn/waf_01_0311.html index 364cea237..874d992f8 100644 --- a/docs/wafd/umn/waf_01_0311.html +++ b/docs/wafd/umn/waf_01_0311.html @@ -10,7 +10,7 @@

      Handling Suggestions

      Disable the JavaScript anti-crawler protection by performing the following steps:

      1. Log in to the management console.
      2. Click in the upper left corner and select a region or project.
      3. Click in the upper left corner and choose Web Application Firewall (Dedicated) under Security.
      4. In the navigation pane on the left, click Policies.
      5. Click the name of the target policy to go to the protection configuration page.
      6. Click the Anti-Crawler configuration area and toggle it on or off if needed.

        • : enabled.
        • : disabled.
        -

      7. Click the JavaScript tab and disable the JavaScript anti-crawler protection..
      +

    • Click the JavaScript tab and disable the JavaScript anti-crawler protection.
diff --git a/docs/wafd/umn/waf_01_1172.html b/docs/wafd/umn/waf_01_1172.html index 0e5022b8f..1d50ca8cd 100644 --- a/docs/wafd/umn/waf_01_1172.html +++ b/docs/wafd/umn/waf_01_1172.html @@ -41,7 +41,7 @@

Multiplier for Consecutive Breakdowns

-

The maximum multiplier you can use for consecutive breakdowns. The number of breakdowns are counted from 0 every time the accumulated breakdown protection duration reaches 3,600s.

+

The maximum multiplier you can use for consecutive breakdowns. The number of breakdowns is counted from 0 every time the accumulated breakdown protection duration reaches 3,600s.

For example, assume that Initial Downtime (s) is set to 180s and Multiplier for Consecutive Breakdowns is set to 3.
  • If the breakdown is triggered for the second time, that is, less than 3, the protection duration is 360s (180s x 2).
  • If the breakdown is triggered for the third or fourth time, that is, greater than or equal to 3, the protection duration is 540s (180s x 3).
  • The breakdowns are counted from 0 when the total downtime duration exceeds one hour (3,600s).