From 5793807a970b1643bc93301e3fb5bb69f3a3c596 Mon Sep 17 00:00:00 2001 From: stockerts Date: Tue, 16 Jan 2024 10:10:01 -0800 Subject: [PATCH 01/17] Corrected format within intro. --- docs/class2/intro.rst | 2 +- docs/class2/lab2.rst | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/class2/intro.rst b/docs/class2/intro.rst index 47531ab9..ab38fb5a 100644 --- a/docs/class2/intro.rst +++ b/docs/class2/intro.rst @@ -114,7 +114,7 @@ proceed to the first step below to access the F5 Distributed Cloud Lab Tenant. **Beginning of Lab:** You are now ready to begin the lab, Enjoy! Ask question as needed. - |labbgn| +|labbgn| .. |intro001| image:: _static/intro-001.png :width: 800px diff --git a/docs/class2/lab2.rst b/docs/class2/lab2.rst index 7627d827..cb095c41 100644 --- a/docs/class2/lab2.rst +++ b/docs/class2/lab2.rst @@ -49,7 +49,7 @@ Cloud Console. |lab005| #. Open a terminal window or DOS prompt on your respective client and issue the - following **curl** command: ``curl -v http://.lab-sec.f5demos.com``. + following **curl** command: curl -v http://.lab-sec.f5demos.com``. #. Observe the **User Agent** and response content. From 2c3dead249d7ec69165b2d95e883c5d6faac5f60 Mon Sep 17 00:00:00 2001 From: stockerts Date: Tue, 16 Jan 2024 10:14:20 -0800 Subject: [PATCH 02/17] Removed moduals, updated intro for class 4 --- docs/class4/class4.rst | 22 +- docs/class4/module1/lab1.rst | 451 ------------------------- docs/class4/module1/lab2.rst | 560 -------------------------------- docs/class4/module1/module1.rst | 22 -- docs/class4/module2/lab3.rst | 471 --------------------------- docs/class4/module2/lab4.rst | 537 ------------------------------ docs/class4/module2/lab5.rst | 363 --------------------- docs/class4/module2/module2.rst | 30 -- 8 files changed, 11 insertions(+), 2445 deletions(-) delete mode 100755 docs/class4/module1/lab1.rst delete mode 100755 docs/class4/module1/lab2.rst delete mode 100755 docs/class4/module1/module1.rst delete mode 100755 docs/class4/module2/lab3.rst delete mode 100755 docs/class4/module2/lab4.rst delete mode 100755 docs/class4/module2/lab5.rst delete mode 100755 docs/class4/module2/module2.rst diff --git a/docs/class4/class4.rst b/docs/class4/class4.rst index a6859351..6c8a3af9 100644 --- a/docs/class4/class4.rst +++ b/docs/class4/class4.rst @@ -1,14 +1,14 @@ -F5 Distributed Cloud: API Discovery & Protection +F5 Distributed Cloud: API Discovery & Protection ================================================ Welcome ------- In this lab, participants will explore the depths of F5 Web Application -and API Protection (WAAP) within F5 Distributed Cloud. Dive headfirst into -the cutting-edge world of API Discovery, uncovering what’s within, Sensitive Data -and Authentication State detection. Get hands-on experience as you unleash -the power of API Protection and API Rate Limiting. +and API Protection (WAAP) within F5 Distributed Cloud. Dive headfirst into +the cutting-edge world of API Discovery, uncovering what’s within, Sensitive Data +and Authentication State detection. Get hands-on experience as you unleash +the power of API Protection and API Rate Limiting. Objective: ---------- @@ -18,26 +18,26 @@ Objective: - Explore building API Discovery and Protection within F5 Distributed Cloud - **API Discovery**: Provided via machine-based learning processes, enables visualization of the API Framework, - assesses use of end-points, discovers new end-points based on flows, identifies use of sensitive information, + assesses use of end-points, discovers new end-points based on flows, identifies use of sensitive information, and enables swagger file export. - - **API Protection**: Encompasses a set of definitions and controls to protect and secure the functions, use and - endpoints of the delivered API's framework. + - **API Protection**: Encompasses a set of definitions and controls to protect and secure the functions, use and + endpoints of the delivered API's framework. Lab & Tasks: ------------ - All Lab requirements will be noted in the tasks that follow -- Estimated completion time: 3 Labs approximately 15-20 minutes each +- Estimated completion time: 2 Labs approximately 15-20 minutes each .. toctree:: :maxdepth: 2 :caption: Labs: :glob: - + intro* lab* close* - + diff --git a/docs/class4/module1/lab1.rst b/docs/class4/module1/lab1.rst deleted file mode 100755 index 93a13534..00000000 --- a/docs/class4/module1/lab1.rst +++ /dev/null @@ -1,451 +0,0 @@ -Lab 1: Building an XC Node (CE) -================================== - -**Objective:** - -* Get familiar with the UDF Lab Environment. - -* Deploy an XC Node to define the Customer Edge at the UDF Data Center. - -* Explore and become familiar with the Distributed Cloud Console. - -**Narrative:** - -After consulting with your trusty F5 Solutions Engineer, you decide to setup F5 Distributed Cloud, Network Connect. This will allow for privately routed network connectivity between two disparate networks. -You also found out that you can use the F5 Distributed Cloud, Enhanced Firewall to provide network security between Sites. -We already did a push-button deployment of the AWS XC Node to define the Customer Edge in the ACME VPC, which only took a few moments. - -Now, Lab 1 starts right after you have loaded the downloadable XC Node OVA on to your Data Center's local hypervisor (VMWARE or KVM). - -.. NOTE:: Your Data Center environment in these labs is the F5 UDF platform, which uses KVM as it's underlying virtualization technology. The OVA has already been imported for you. We also have hardware and container deployment options for Production XC Nodes. - -| - -.. image:: ../images/lab1intro.png - -| - -**Prerequisite** ------------------- - -.. NOTE:: You should have received an email from F5 Distributed Cloud User Management with the content as follows: - -| - -.. image:: ../images/updatepasswd.png - -| - -If you have not already, please click on **Update Password**, and change your credentials. Ensure you adhere to the password strength restrictions and make a mental note of these credentials as you will need them several times throughout the labs today. - -Once you've set your new password (make sure to include 1 upper, 1 lower and 1 special character), you will be asked to "Log In" and then presented with the following screen: - -| - -.. image:: ../images/tenantlogin.png - -| - -In the domain field, enter: **f5-xc-lab-mcn**, click **Next** and sign in with your email address and password you've just set, and proceed to accepting the Terms and Conditions. - - -.. warning:: If you have not received the email to change your credentials or ran into problems changing your credentials, please stop and get help from one of the Lab Assistants. - - -**Logging into the XC Console** ---------------------------------- - - -After accepting the Terms of Service and Privacy Policy, you will need to select your "Persona". - -Enter your persona as **"NetOps"** and click **next**. - -Enter your level as **"Intermediate"** and then click **Get Started**. - -Your persona will highlight workflows within F5 Distributed Cloud. -You will be able to access all services, but making use of personas can focus your view on particular tasks that are relevant to your role. - -You can change these settings at any time. - -Click on **"Account Settings"** by expanding the **"Account"** icon in the top right of the screen and clicking on **"Account Settings".** -In the resulting window you can observe the **Work domains and skill level** section and other administrative functions. - -.. note:: **For the purposes of this lab, permissions have been restricted to lab operations. Some menus/functions will be locked and/or not visible.** - -| - -.. image:: ../images/intro1.png - -| - -**For informational purposes only:** - -| - -.. image:: ../images/intro2.png - -| - -**Find your Namespace** ---------------------------------- - - -Namespaces, which provide an environment for isolating configured applications or enforcing role-based access controls, are leveraged -within the F5 Distributed Cloud Console. For the purposes of this lab, each lab attendee has been pre-assigned a unique **namespace**. - -From the **Select service** menu, click on **Web App & API Protection**. - -| - -.. image:: ../images/findnamespace.png - -| - -In the **Web App & API Protection Security Dashboard** configuration screen **observe** the browser URL. In the URI path, locate the **** namespace that you have -been assigned. It will be located in the portion of the URI path between */namespaces/* and */overview/* as shown in this example: **…/namespaces//overview/**. - -**Note your namespace as it will be used throughout the labs today.** - -.. warning:: If you have problems locating your namespace, please see a lab assistance. - -| - -.. image:: ../images/namespace1.png - -| - -.. note:: Administratively, there are other ways to find namespaces. Due to permission restrictions for this particular lab, those menus are not available. - - - -**Site Token** ----------------- - -Soon, you will be configuring an XC Node in the F5 UDF Lab Environment (Data Center) that will need a way to authenticate to the Distributed Cloud Infrastructure and associate it with your tenant. For this, you will need a Site Token. - -If you are not already logged into the console, please do so now by opening the following URL in your browser: - -https://f5-xc-lab-mcn.console.ves.volterra.io/ - - -From the **Select service** menu, click on **Multi-Cloud Network Connect**. - -| - -.. image:: ../images/sitetoke.png - -| - -On the side menu go down to **Manage**, then select **Site Management >> Site Tokens** - -In the lab we have generated a Site Token for you to use named **student-ce-site**. -In your production environment you will need to create your own Site Token to register your Customer Edge Node, which is literally two clicks and a name. Very simple! - -| - -.. image:: ../images/tokens.png - -| - -Copy the UID of the the **student-ce-site** token and paste it somewhere you can reference later (word, notepad etc). - -| - -.. image:: ../images/copytoke.png - -| - -**Setting up the Customer Edge** ----------------------------------- - -There are two approaches for setting up your Customer Edge deployment both will be reviewed in the sections that follow. Select the method designated by your lab team instructions - -**Option 1: CLI Site Setup** ----------------------- - -In your browser, you should have a tab open to the UDF course. Under Systems -> Client, click on **Access >> Web Shell** - -| - -.. image:: ../images/cli-01a.png - -| - -This will redirect you to a new browser tab with a shell prompt on the Ubuntu system. From the shell prompt type in the following to SSH to the Customer Edge (CE) Node: - -```ssh 10.1.1.5 -l admin``` - -This will get you connected to the CLI on the CE and prompt for authentication. Type in the default username/password: - -Change the password as directed (lowercase, uppercase, number, min 8 characters is the requirement). Remember the new password should you need to log in again. - -============================== ===== -Variable Value -============================== ===== -Default Username: **admin** -Default Password: **Volterra123** -============================== ===== - -| - -.. image:: ../images/cli-02a.png - -| - -At the **>>>** type the word **configure** and then enter. - -| - -.. image:: ../images/cli-04.png - -| - -Use the following response values to complete the prompts: - -================================ ==================================================== -Question Response Value -================================ ==================================================== -What is your token? Insert the Site Token UID you collected earlier -What is your site name? Insert your unique namespace -What is your hostname? Insert your unique namespace -What is your latitude? 33.812 -What is your longitude? -117.91 -What is your default fleet name? Enter (This selects the default of **optional**) -Select your certified hardware? Enter (This selects the default of **kvm-voltmesh**) -Select your primary outside NIC? Enter (This selects the default of **eth0**) -================================ ==================================================== - -The response values will then be summarized. Confirm they are correct and type **y** for **yes**. If not, answer **n** and correct any values. - -| - -.. image:: ../images/cli-05.png - -| - -We will now go accept the Customer Edge registration in Distributed Cloud console. Proceed to **Registering the Customer Edge**. - -**Option 2: Site UI Site Setup** ----------------------- - -In your browser, you should have a tab open to the UDF course. Under the F5 Distributed Cloud CE, click on **Access >> Site UI** - -| - -.. image:: ../images/udf-ce.png - -| - -This should prompt you for authentication and then open the Customer Edge Node Admin portal. - -Type in the default username/password: - -============================== ===== -Variable Value -============================== ===== -Default Username: **admin** -Default Password: **Volterra123** -============================== ===== - -| - -.. image:: ../images/signin.png - -| - -You will be prompted to change the password at the initial log in. **Make a mental note of these credentials as you will need them several times throughout the labs today.** - -| - -.. image:: ../images/changepwd.png - -| - -After you set the password, the services will need to restart and then the Customer Edge node will present the Dashboard - -.. Note:: You may have to Refresh your browser and log in again. - -| - -.. image:: ../images/restart.png - -| - -Once all services are up and running you should see the Dashboard which will have various colors and state as shown: - -| - -.. image:: ../images/dash.png - -| - -If you mouse-over each of the icons, the specific services will report their status in addition to the status reflected by the icon. - -Mouse over each of the components under VP Manager Status and note the components and their condition. You can also click on **“Show full status”** and see a JSON report that is used to present the VP Manager Status in detail. - -You can also scroll down and see hardware details that describe the platform that the Customer Edge is installed on. - - -Click the blue **Configure Now** button. - -| - -.. image:: ../images/ceconf.png - -| - -This will take you to the **Customer Edge Device Configuration** page. - -Set the following parameters and leave everything else as default: - -============================== ===== -Variable Value -============================== ===== -Token Insert the Site Token UID you collected earlier -Cluster Name Insert your unique namespace -Hostname Insert your unique namespace -Latitude 33.812 -Longitude -117.91 -============================== ===== - -The end result should look like the image below, and then click **Save Configuration.** - -| - -.. image:: ../images/devconf.png - -| - -After you save the configuration, you will be taken back to the Dashboard, notice the status change to **“Approval”** after a few moments. (May need to refresh page) - -| - -.. image:: ../images/approval.png - -| - -**If you encounter it, you can safely ignore this benign timing error due to the UDF lab environment.** - -| - -.. image:: ../images/error.png - -| - -We will now go accept the Customer Edge registration in Distributed Cloud console. Proceed to **Registering the Customer Edge**. - - -**Registering the Customer Edge** ----------------------------------- - -Go back to the Distributed Cloud console. If the session timed out, you will need to log back into the console using the following URL or refreshing your browser: - -https://f5-xc-lab-mcn.console.ves.volterra.io/ - -From the **Select service** menu, click on **Multi-Cloud Network Connect**. - -On the side menu go down to **Manage >> Site Management >> Registrations.** - -| - -.. image:: ../images/sitemgt.png - -| - -The Customer Edge node you configured from the previous step should appear on this list, if not give it a couple moments and refresh the screen by clicking the **Refresh button** at the top right-hand corner. - -| - -.. image:: ../images/sitereg.png - -| - -.. Tip:: This process can take a few minutes for the node to register with Distributed Cloud. - -Once the Node appears in the Registration list, accept the registration by clicking on the blue check mark. - -**Click the blue check mark** to accept the registration. - -.. Note:: If you DO NOT see a blue check mark, it's likely your browser width is NOT wide enough. Simply increase the width of the browser and you should see the blue checkmark to approve the registration. - - -Once you have clicked the checkmark, the console will bring up the Registration Acceptance menu which shows all the settings of the Customer Edge node. Note the parameters you’ve entered from the previous exercise are populated into the appropriate fields. - -.. Important:: Look at the Cluster Size parameter and notice this is set to 1. In this lab, we will only deploy a single-node-cluster and thus leave this setting as 1. In a production environment, the best practice is to deploy a 3-node-cluster minimum. In that case, the Cluster Size parameter would be set to 3 so an appropriately sized cluster can be formed. - -**Leave the cluster size set to 1** - -| - -.. image:: ../images/clustersize.png - -| - -Scroll down to Site to Site Tunnel Type and click on the drop down arrow - -| - -.. image:: ../images/s2sarrow.png - -| - -This setting determines the VPN connectivity protocols used between the Customer Edge and the Regional Edges. The XC Node will automatically bring up redundant tunnels to two different RE's. -These tunnels are self-healing and can fallback when using the configuration setting of IPSEC or SSL. -Select **IPSEC or SSL** from the list. - -| - -.. image:: ../images/iporssl.png - -| - -Click **Save and Exit**. - - -Once the registration completes, you can see the cluster in the “Other Registrations” tab and the current state will be ADMITTED. - -| - -.. image:: ../images/otherregs.png - -| - -The Customer Edge Node Admin portal will also reflect some changes in its status, although the node still requires some additional configuration. -From the menu on the left click on **Sites** and observe your Nodes (animal-name). Hint: You may have to hit **Refresh** in the upper right corner. - -| - -.. image:: ../images/provisioning.png - -| -| - -You should see the CE you just deployed on this list go through several phases of provisioning and you can observe the **Site Admin State, Health Score, and Software Version and OS version.** -You may also observe the Health score going up and down as services are spun up and restarted. - -.. Note:: This step takes about 10 -15 minutes to complete and will finish up while we start our presentation and lecture. - - -The end result should look something like the following screen where the node is green at 100 percent health and has the latest software version. - -.. Important:: Do not move on to Lab 2 until the CE is fully provisioned and **Online**. - -| - -.. image:: ../images/prov2.png - -| - -Sanity Check -------------- -**This is what you just deployed.** - -| - -.. image:: ../images/lab1fini.png - -| - -**We hope you enjoyed this lab!** - -**End of Lab 1** diff --git a/docs/class4/module1/lab2.rst b/docs/class4/module1/lab2.rst deleted file mode 100755 index 3d2b1f5a..00000000 --- a/docs/class4/module1/lab2.rst +++ /dev/null @@ -1,560 +0,0 @@ -Lab 2: Configuring Network Connect (L3/L4 Routing Firewall ) -============================================================= - -**Objective:** - -* Verify the XC Node's health. - -* Configure Network Connect to connect the Data Center network to the AWS Network. - -* Test connectivity and configure Enhanced Firewall for network security - -**Narrative:** -Now that your XC Node is provisioned, it's time to verify, explore the XC Console and set up Network Connect to establish secure connectivity between the Data Center and AWS networks. -After the setup is complete, you will test connectivity and configure network security. - -| - -.. image:: ../images/lab2biz.png - -| - -Verify the XC Node's Health ---------------------------- - -If you are not already logged into the console, please do so now by opening the following URL in your browser: - -https://f5-xc-lab-mcn.console.ves.volterra.io/ - -From the **Select service** menu, click on **Multi-Cloud Network Connect** and then click on **Sites,** - -Your XC Node should have registered successfully and will appear green with a Health Score of 100. You may need to click **Refresh** in the top right corner -if you do not see your animal name. In this example I was assigned and filtered for **busy-goblin**. - -| - -.. image:: ../images/registeredce.png - -| - -.. Important:: If you do not see your Site as registered or in a healthy state please see a Lab Assistant. - - -From this Dashboard you can note the current **Site Admin State, Provider, SW version, and OS version.** - - -**Please DO NOT click "Upgrade" on any of the Sites!** - - -Instead, **Click** on the three dots under the **Actions** column at the far right of the screen of **"your animal"** Site and click on **Manage Configuration**. In this screenshot I was **busy-goblin**. -.. NOTE:: You may need to scroll horizontally inside the table to see the three dots at the righthand side. Alternately, you can zoom out (Ctrl -) on the page to see them. - -| - -.. image:: ../images/action.png - -| - -Review the **Metadata, Site Type** and **Coordinates** fields as well as the **Connected REs** (Regional Edge) section. - -These are the closest Regional Edge sites based on the latitude and longitude information provided during the deployment process. **Each CE has an auto-provisioned self-healing secure tunnel to redundant RE's.** - -| - -.. image:: ../images/remeta.png - -| - -Look at the top left-hand corner where you see Form, Documentation and JSON. **You will see these fields throughout the Distributed Cloud Console configuration menus.** - - -.. Important:: Distributed Cloud is built with an API-first strategy. All the configurations can be done via GUI or API calls. - -| - -You can view the JSON file of the configuration by clicking **JSON**. - - -.. image:: ../images/json.png - - -This is the JSON code of the configuration which could be saved to create a backup of the Customer Edge configuration, but that is beyond the scope of this lab. - -| - -.. image:: ../images/json1.png - -| - -Click on **Documentation**. - -| - -.. image:: ../images/docu.png - -| - -This will load the API specification for a Customer Edge Node. Review briefly and click **Cancel and Exit** - -| - -.. image:: ../images/sitev.png - -| - - -In the **Site** screen, click on your Customer Edge Node **animal name**. (It should have a green status symbol) - -The default landing is a Dashboard giving you a detailed summary of the Customer Edge Node. **Briefly** explore the extensive menus and analytics at the top of the screen. - -| - -.. image:: ../images/dash1.png - -| - -Narrative Check ------------------ - -Now that you are familiar with your new "Software Defined" Node, we can start getting our hands dirty with the real configuration necessary to meet ACME Corp's first requirement to -get the network in the Data Center connected to the network in AWS. The backend security device will need to "scan" the frontend in AWS on port 80 and all other ports must be blocked. - - -Configuring Network Connect ---------------------------------------- - -In our lab today, an Ubuntu Server in the UDF environment will simulate the backend. -The AWS frontend workload is already deployed along with an XC Node to extend the Customer Edge in the AWS cloud. - -.. NOTE:: The Data Center backend has a pre-existing route to 10.0.3.0/24 and it points to the single outside interface of the Data Center XC Node. The AWS workload has a route to 10.1.1.0/24 that points to the inside interface of the AWS XC Node. - - -.. image:: ../images/netconnlab.png - - -What you have done so far in Lab 1 and the beginning of Lab 2, is setup the ACME Data Center XC Node to extend the Data Center Customer Edge. -Your next goal is to simply establish routing between these environments by using a hub and spoke model with our Regional Edges as shown in the diagram above. - -**All traffic between these networks will now be routed through auto-provisioned, self-healing and encrypted tunnels between the defined Customer Edges and the XC Regional Edges.** - - -.. Note:: In this lab some objects are already created due to permission requirements in the XC Lab environment. You will still observe and walkthrough the configuration for referrence. - - -Global Virtual Network ------------------------- - -To connect two or more Distributed Cloud node environments together across the Distributed Cloud network we will need to connect the sites through a Global Virtual Network. - -Confirm you are still in the **Multi-Cloud Network Connect** Console under **Sites**. If not, click on the **Select Service** in the left-hand navigation and click on **Multi-Cloud Network Connect**. - -On the left side menu, navigate to **Manage >> Networking >> Virtual Networks**. - -**Observe** the pre-configured **student-global** Virtual Network. Click the the dots under the **Action** menu for **student-global** and then **Manage Config**. Note the very simple config. - -| - -.. image:: ../images/studglob.png - -| - -Click **Cancel and Exit**. - -.. Note:: Due to tenant permissions you will not be able to create your own Global Virtual Network. - -If you wanted to configure this outside of the lab, you would simply click **Add Virtual Network** button, enter a name for the Virtual Network and make sure it is type **Global**. Simple indeed! - -The configuration **would** look like the screen below. - - -.. image:: ../images/meta.png - - -Fleets ------------------- -A Fleet is used to configure infrastructure components (like nodes) in one or more F5® Distributed Cloud Services Customer Edge (CE) sites homogeneously. - -Fleet configuration includes the following information - -* Software image release to be deployed on the Fleet - -* Virtual networks - -* List of interface and devices to be configured on every node - -* Connections between the virtual networks - -* Security policies applied in the Site - - -.. Note:: In this lab we have already created a fleet called "student-fleet" for you due to permission restrictions. - -Review Fleet Config ------------------------- - -In Multi-Cloud Network Connect context, go down to **Manage >> Site Management >> Fleets.** - -Click on the 3 dots at the far right hand side of student-fleet and select **Manage Configuration** - -| - -.. image:: ../images/studfleet.png - -| - -In the next screen click on **Edit Configuration** in the top right of the screen and **Observe** the Fleet Configuration and Network Connectors. - -A Network Connector is used to create a connection between two virtual networks on a given site. - -For more information on Network Connectors and their functions you can review this link: https://docs.cloud.f5.com/docs/how-to/networking/network-connectors - -The **Network Connectors** are configured as: - -**student-global-connector** - -* Network Connector Type: Direct, Site Local Inside to a Global Network - -* Global Virtual Network: system/student-global - -| - -**student-snat-connector** - -*Network Connector Type: SNAT, Site Local Inside to Site Local Outside - -* Routing Mode: Default Gateway - -* SNAT Source IP Selection: Interface IP - -| - -**student-ce-global-connector** - -* Network Connector Type: Direct, Site Local Outside to a Global Network - -* Global Virtual Network: system/student-global - -| - -Also, notice Network Firewall is **NOT** currently defined. We will come back to that in a few moments. - -Click **Cancel and Exit.** - - -Fleet Label -------------- -Labels are a map of string keys and values that can be used to organize and categorize objects within Distributed Cloud. - -Fleet has a field called fleet_label. When a Fleet object is created, the system automatically creates a **"known_label"** named: **"ves.io/fleet"**. -The known_label is created in the Shared namespace for the tenant. A site is made a "member of Fleet" when this known_label is added to the site. -A site can have at most one known_label of type ves.io/fleet and hence belongs to exactly one Fleet at any given time. - -**Note** the **Fleet Label Value** of the **student-fleet**. The label is also named **student-fleet**. - -.. image:: ../images/flv.png - - - -Bringing up the Connection ----------------------------- -From your UDF environment browser tab, click on **Access >> Web Shell** on the Ubuntu Client. This will open a new tab to a Web Shell. - -| - -.. image:: ../images/ubuntu.png - -| - -**The workload in AWS has an IP address of 10.0.3.253** - -Type **ping -O 10.0.3.253** and hit **Enter**. You **WILL NOT** get a response. Continue the ping in the steps below. - -.. NOTE:: -O is the uppercase letter "O" - -.. image:: ../images/pingO.png - -Back in the XC Console, navigate to **Multi-Cloud Network Connect >> Sites** and find your **"animal-name"** -Click the **3 buttons** under the **Action Menu** under **"your animal name"** and select **Manage Configuration**. - -In the top right click **Edit Configuration**. - -You should be here. We will be adding a **Fleet Label** to tag our CE Node into the fleet. - -| - -.. image:: ../images/fleetlabel.png - -| - -Click **Add Label** under the **Labels** section and select the label **ves.io/fleet.** -For the value click on **student-fleet**, scroll down, **Save and Exit**. - -| - -.. image:: ../images/fleetlabel1.png - -| - -It should look like this: - -| - -.. image:: ../images/fleetlabel2.png - -| - - -Check back on your web shell tab with the ping going. Success!! - -| - -.. image:: ../images/ping.png - -| - -.. important:: If you want to tear down this connectivity it is as easy as removing the label. - - -In XC Console, navigate to **Multi-Cloud Network Connect** >> **Sites** and click directly on your **"animal-name"** and finally click on the **Tools** menu on the top, far right. - -.. note:: If you do not see the Tools menu there should be a right chevron ">" that will allow you to access additional menu items. - - -Click on **Show Routes** - -| - -.. image:: ../images/shroutes.png - -| - -Set Virtual Network Type to: **VIRTUAL_NETWORK_SITE_LOCAL_INSIDE** and click the blue **Show routes** button - -| - -.. image:: ../images/shroutes2.png - -| - -Scroll down to see the AWS subnet route **"10.0.3.0/24** being advertised through the tunnel. - -| - -.. image:: ../images/shroutes3.png - -| - -Routing is good, now let's test some other ports. -Go back to the web shell where you ran a ping. We will now test 2 ports that we know the server is listening on. - -**Port 80** - Simple Web page - -**Port 8080** - Diagnostic tool - -Our first test will be to port 80. In the web shell type: **curl \-\-head http://10.0.3.253** - -| - -.. image:: ../images/curl.png - -| - -Next, push the keyboard "up arrow " and run the same command but targeted at port 8080 like this: **curl \-\-head http://10.0.3.253:8080** - -| - -.. image:: ../images/8080.png - -| - -.. Important:: If you are not getting a **"200 OK"** repsponse, please see a lab assistant before moving on. - - - -.. Note:: We now have to close port 8080 per the ACME Corp security department requirement. - -Enhanced Firewall Policy ---------------------------------- - -You will now configure the F5 Distributed Cloud Enhanced Firewall to provide network security between these sites. Custom Enhanced Firewall policies make it possible to define intent-based rules, such as allowing only traffic to/from sites wit a specific label, like "ves.io/fleet in 'student-fleet'"" in your deployed site above. Additional criteria for rules can include tags belonging to resources that live in public clouds, such as the AWS VPC name or any other discoverable attribute. - -.. Note:: Due to lab architecture, we will only be able to configure the policies but not apply. We will show you the final step to apply your policy for reference, but you will not actually be able to apply or test. - - -Navigate to **Manage >> Firewall >> Enhanced Firewall Policies** and click **Add Enhanced Firewall Policy**. - -| - -========================================= ===== -Variable Value -========================================= ===== -Name [animal-name]-fwp -Select Enhanced Firewall Policy Rule Type Custom Enhanced Firewall Policy Rule Selection -========================================= ===== - - -Click the blue **Configure** hyperlink. - -| - -.. image:: ../images/efwp.png - -| - -Click on **Add Item** to bring up the Rules creation screen. Here you will notice several powerful **"Enhanced"** Source and Destination Traffic filters. - - -================================= ===== -Variable Value -================================= ===== -Name [animal-name]-allow-80 -Source Traffic Filter IPv4 Prefix List >> Click Configure and add 10.1.1.0/24 then click **Apply**. -Destination Traffic Filter IPv4 Prefix List >> Click Configure and add 10.0.3.0/24 then click **Apply**. -Select Type of Traffic to Match Match Protocol and Port Ranges -Match Protocol and Port Ranges TCP >> click **Add Item** and add **80**. -Action Allow -================================= ===== - - -| - -.. image:: ../images/allow80.png - -| - -Click **Apply** and your screen should look like this: - -| - -.. image:: ../images/fwver.png - -| - -Now we will create the **default deny** to prevent any other traffic between these two networks. - -Click **Add Item** again to add another rule to the **Enhanced Firewall Policy**. - -================================= ===== -Variable Value -================================= ===== -Name [animal-name]-deny-all -Source Traffic Filter IPv4 Prefix List >> Click Configure and add 10.1.1.0/24 then click **Apply**. -Destination Traffic Filter IPv4 Prefix List >> Click Configure and add 10.0.3.0/24 then click **Apply**. -Select Type of Traffic to Match Match All Traffic -Action Deny -================================= ===== - -| - -.. image:: ../images/denyall.png - -| - - -Click **Apply** and your screen should look like this: - - -| - - -.. image:: ../images/fwver2.png - -| - -Click **Apply** and **Save and Exit**. - -| - - -.. image:: ../images/save.png - -Create the Firewall Network and associate the Enhanced Firewall Policy: - -.. image:: ../images/FNwithEnhancedFWPolicies.png - - -| - -Summary ---------------------------------- -You have now created the firewall policy necessary to secure these two networks. Outside of the lab environment you would now add this policy to the fleet by managing your fleet and adding an Enhanced Firewall policy. - -| - - -.. image:: ../images/fleetpol.png - -| - -Logging ---------- -Customers often ask about the logging options with F5 Distributed Cloud. There are two main options for logging. - -1. Global Logging - Logging related to activities that occur within Distributed Cloud and on the Regional Edges such as load balancers or WAAP/Bot policy. - -2. Site Local Logging - Logging related to activities that occur within the Customer Edge Boundary such as load balancers or WAAP/Bot policies runnning locally on an XC Node. - -.. Note:: This is the last "Read Only" lab section. Our apologies for the inconvenience. - -**Global Logging**: - -To observe **(NOT configure)** the Global Logging configuration options, in the side-menu, browse to **Manage >> Log Management >> Global Log Receiver** and click **Add Global Log Receiver**. - -Take particular notice of the different **Log Types** and **Receiver Configurations** which include AWS, Azure and Splunk options to namedrop a few. - -| - - -.. image:: ../images/globlog.png - -| - -Click **Cancel and Exit** and Discard any changes. - - -**Site Local Logging**: - -To observe **(NOT configure)** the Site Local Logging configuration options, in the side-menu, browse to **Manage >> Log Management >> Log Receiver** and click **Add Log Receiver**. - -Click on the **Show Advanced Fields** button on the right and take note of the **Where** - -Click **Cancel and Exit** and Discard any changes. - - -| - - -.. image:: ../images/locallog.png - -| - -**Applying Site Local Logging**: - -To observe **(NOT configure)** the application of the Site Local Logging profile, browse to **Manage >> Site Management >> Fleets**, click the **3 button** Action menu and click **Manage Configuration**. - -Scroll down to observe the **Logs Streaming** field under **Advanced Configuration**. Outside of the lab environment, you would enable this and select your **Log Receiver** profile. - -| - - -.. image:: ../images/logs.png - -| - -Click **Cancel and Exit**. - -You can now feel free to explore the **Multi-Cloud Network Connect** Site menus while everyone is getting caught up. - -Click on **Site Map**, **Site Security**, which is where we would review our firewall logs in "real world", and finally, head down to the **Service Info** Section and click on **About**. - - -Sanity Check -------------- -**This is what you just deployed.** - -.. image:: ../images/lab2rev.png - - -**We hope you enjoyed this lab!** - -**End of Lab 2** diff --git a/docs/class4/module1/module1.rst b/docs/class4/module1/module1.rst deleted file mode 100755 index d268e2e2..00000000 --- a/docs/class4/module1/module1.rst +++ /dev/null @@ -1,22 +0,0 @@ -Module 1: Network Connect -======================================================= - -.. image:: ../images/netconnect.png - -**Narrative**: - -As described in the intro, you work at ACME corp as a Network Engineer and have been tasked with privately and securely connecting the backend server with the frontend server in AWS. -Your solution must be future-proof to allow for additional backends or frontends in the future. - -**In Lab 1** we will be deploying an XC Node to establish the Customer Edge (CE) which will provide connectivity to remote environments or sites. - -**In Lab 2** we will configure the XC Nodes to act as Software-Defined Routers to stitch together the Data Center and AWS networks using Network Connect. - - -.. image:: ../images/labs.png - -.. toctree:: - :maxdepth: 1 - :glob: - - lab* diff --git a/docs/class4/module2/lab3.rst b/docs/class4/module2/lab3.rst deleted file mode 100755 index 3a8f29bc..00000000 --- a/docs/class4/module2/lab3.rst +++ /dev/null @@ -1,471 +0,0 @@ -Lab 3: Globally Available Front End -======================================= - -**Objective:** - -* Use XC Regional Edges to provide future-proof, globally available frontend. - -* XC frontend (RE) must be able to load balance the 2 cloud frontends. - -* Expose Azure private frontend without adding a public IP for the workload. - -* Always prefer the AWS frontend for ingress traffic. - -**What they want:** - -.. image:: ../images/mod2bizreq.png - -**Narrative:** - -Unfortunately, after doing your due diligence, you find that the Azure VNET overlaps with the AWS subnets. To make matters worse, -the Azure server is not associated with any public IP and there is a security directive in place to not have any workload servers in Azure associated with a public IP without a security device. - -Lately, the site has been getting pounded with attack traffic and frontend security has become a hot topic at ACME. -You think to yourself, this is going to be tricky, and reach out to your trusted F5 Solutions Engineer to see how this will work with Distributed Cloud. - -Your F5 Solutions Engineer explains that IP overlap between sites is a common problem and one that can be easily solved with Distributed Cloud App Connect. -App Connect alleviates this problem by leveraging the XC Nodes as Software-Defined Proxies rather than Software-Defined Routers as they were configured with Network Connect. Additionally App Connect enforces a default deny architecture, where only the port and domain name defined on the load balancer will accept traffic. - -Also, you are informed that by using F5 Distributed Cloud Regional Edges for the frontend workloads, you will be able to have full proxy security, visibility and analytics for the client traffic, so the Security team will be pleased. - -After reviewing the architecture with you, your Solutions Engineer advises you to break up these requirements in to 2 specific deliverables. - -**Deliverable 1:** - -Create a globally scaled and future-proof frontend with the XC Regional Edges **(Lab 3)** - -| - -.. image:: ../images/lab3.png - -| - -**Deliverable 2:** - -Leverage App Connect for secure site to site connectivity regardless of IP overlap. **(Lab 4)** - -| - -.. image:: ../images/lab4goal.png - -| - -Multi-Cloud App Connect ----------------------------- - -With **Network Connect** you connected routed networks with your CE Node which acted as a Software-Defined Router. - -Now with **App Connect** you will be configuring our Regional Edges and your CE Nodes as Sofware-Defined-Proxies to provide connectivity between workloads. The CE's can do both functions simultaneously!! - -In the **Side menu** select service **Multi-Cloud App Connect**, then navigate to **Manage** click on **Load Balancers** >> **Origin Pools** and click the **Add Origin Pool** button. - - -AWS Origin Pool ----------------- - -| - -.. image:: ../images/orig.png - -| - -Enter the following Values: - -============================== ===== -Variable Value -============================== ===== -Name animal-name-aws-pool -Origin Server Port 80 -Origin Servers See Below -Health Checks See Below -============================== ===== - -**Origin Servers:** Click **Add Item** - -In the dropdown keep: **Public DNS Name of Origin Server** and type: **public.lab.f5demos.com** and click **Apply**. - -**Health Checks:** Under "Health Check object" click the **Select Item*** dropdown and click **Add Item**. - -For the Name use: **[animal-name]-http** and take the rest as defaults. - -Click **Continue** - -| - -.. image:: ../images/health.png - -| - -Your Origin Pool should now look like this: - -| - -.. image:: ../images/origaws.png - -| - - -Leave everything else as **default** and click **Save and Exit**. - - -Azure Origin Pool ---------------------- - -Click the **Add Origin Pool** button at the top the screen. - - -============================== ===== -Variable Value -============================== ===== -Name animal-name-azure-pool -Origin Server Port 80 -Origin Servers See Below -Health Checks [animal-name]-http -============================== ===== - -**Origin Servers:** -Hit the dropdown for **Select Type of Origin Server** and choose **IP Address of Origin Server on given Sites**. - -============================== ===== -Variable Value -============================== ===== -IP 10.0.3.253 (Note: this is not a typo. The CSP workloads have IP overlap) -Site or Virtual Site Site -Site: **system/student-azurenet** -Select Network on the site Inside Network -============================== ===== - -Click **Apply**. - -Health Checks: Under “Health Check object” click the **Select Item** dropdown and choose the object that you created previously for the AWS origin pool. The name of the health check should be [animal-name]/[animal-name]-http. - -Your config should look like this: - -| - -.. image:: ../images/origazure.png - -| - -Leave everything else as **default** and click **Save and Exit**. - -Now that we have defined both of our Origin Server pools which are a public DNS Name in AWS and a private IP in Azure, we will set up the App Connect Proxy to provide a Global Frontend to load balance them. - -Global Frontend ----------------------------- - -In the **Side menu** under **Manage** click on **Load Balancers** >> **HTTP Load Balancers** and click the **Add HTTP Load Balancer** button. - -================================== ===== -Variable Value -================================== ===== -Name animal-name-acme-frontend -Domains and LB Type animal-name-acme-frontend.lab-mcn.f5demos.com -Load Balancer Type HTTP -Automatically Manage DNS Records **check** -HTTP Port 80 -Origin Pools See Below -================================== ===== - -**Origin Pools** - -Click **Add Item** and under "Origin Pool" select the **AWS pool** with your animal name. Leave everything else as **default** and click **Apply**. - -| - -.. image:: ../images/awspri.png - -| - -Click **Add Item** again and under "Origin Pool" select the **Azure pool** with your animal name. This time, change the priority to **0** and click **Apply**. - -.. Note:: A zero value priority makes that pool the lowest priority. A value of **1** is the highest priority. AWS was set to **1** by default. - -| - -.. image:: ../images/azurepri.png - -| - -Click **Apply** and you should now be back to the **HTTP Load Balancer** configuration screen which should look like this. - -| - -.. image:: ../images/httplb.png - -| - -Leave everything else as **default** and scroll down to the bottom to click **Save and Exit**. - -You should now see your Globally Available frontend in the **HTTP Load Balancers** screen. - -| - -.. image:: ../images/newlb.png - -| - -Testing ---------------------- - - -Go ahead and open up a **Command Prompt** or **Terminal** on your personal machine and type the following command: - -**nslookup [animal-name]-acme-frontend.lab-mcn.f5demos.com** and note the IP address that is returned. - -In my example, I am using a terminal on MAC and my animal-name was **rested-tiger**. - -.. Note:: This may take a few moments to become resolvable depending on your local DNS configuration. - -| - -.. image:: ../images/nslookup.png - -| - -Now open up a new tab in your browser and try http://[animal-name]-acme-frontend.lab-mcn.f5demos.com - -If you reached this page, you set it up right! Nice work. - -| - -.. image:: ../images/awspub.png - -| - -Hit **[Shift + Refresh]** a few times in your browser and make sure you are staying on the same site. You should NOT be seeing a **blue page** at any point. - - -In **XC Console**, navigate to **Manage >> Load Balancers >> Origin Pools**, click on the **3 Button** Actions Menu and choose **Manage Configuration** for your **[animal-name]-aws-pool**. - -Click **Edit Configuration** in the upper right and then scroll to the bottom of the **AWS origin Servers** configuration screen. - -Under **TLS**, hit the dropdown and choose **Enable** and click **Save and Exit**. - -| - -.. image:: ../images/tlsenable.png - -| - - -.. Important:: What you are doing here, is enabling TLS on the backend connection to the Origin Server of the AWS pool. This WILL FAIL, as the Server is not expecting TLS which will effectively cause the monitors to fail. This will take down the AWS pool and allow us to test the Azure failover as if the AWS workload itself was failing. - -**Check it out....** - -Go back to your browser tab that you had open to http://[animal-name]-frontend.lab-mcn.f5demos.com and hit **[Shift + Refresh]**. - -| - -.. image:: ../images/azurepub.png - -| - -Go back to XC Console and edit the AWS pool again to disable TLS and bring the AWS site back online. - -| - -.. image:: ../images/disabletls.png - -| - -Click **Save and Exit**. - -Go back to your browser tab that you had open to http://[animal-name]-frontend.lab-mcn.f5demos.com and hit **[Shift + Refresh]**. - -.. note:: If you receive a 503 error, please wait a moment and [Shift + Refresh] your browser. - -You should be back to the AWS page now. - -| - -.. image:: ../images/awspub.png - -| - -.. - **Testing Load Balancing** - - Although this isn't an ACME requirement at the moment, you decide to test an Active/Active pool configuration. - Currrently, you have a Global frontend [http://animal-name-acme-frontend.lab-mcn.f5demos.com] that points to a pool with a public EC2 workload in AWS and a pool with a private IP workload in Azure sitting behind the CE. - You are configured for Active/Standby load-balancing of the pools due to the priority setting in the pool. - - - In **XC Console**, navigate to **Manage >> HTTP Load Balancers**, click on the **3 Button** Actions Menu and choose **Manage Configuration** for your **[animal-name]-acme-frontend**. - - Click **Edit Configuration** in the upper right and then click the **pencil/edit** icon next to the Azure Origin Pool. - - | - - .. image:: ../images/editazure.png - - | - - Change the priority to **1**, click **Apply** and **Save and Exit**. - - Go back to your browser tab that you had open to http://[animal-name]-frontend.lab-mcn.f5demos.com and hit **[Shift + Refresh]**. - - - | - - .. image:: ../images/weird-results.png - - | - - -Dashboard and Analytics -------------------------- - -Now that we've sent several requests to our shiny new **Globally Available Frontend**, we can take a look at the traffic dashboards. - -In **XC Console** >> **Multi-Cloud App Connect** >> **Overview** click on **Performance**. - -Scroll all the way to the bottom and under **Load Balancers**, click directly on your **[animal-name-acme-frontend]**. - -| - -.. image:: ../images/lbs.png - -| - -This will take you to the **Performance Monitoring** Dashboard. If you took a break or don't see any live traffic, try tuning your time-frame. - -| - -.. image:: ../images/time.png - -| - -You should see a number of metrics including a **Application Health** score which may NOT be at **100** due to the AWS site being offline earlier when we tested failover. - -| - -.. image:: ../images/metrics.png - -| - -Notice the invaluable **End to end Latency** analytic. Click on the **Metrics** tab. - -| - -.. image:: ../images/met1.png - -| - -Click on the **Health** Percent metric over on the right side. Use the time-sliders at the bottom to try and zoom in to the approximate time when the applications health was poor. - - -| - -.. image:: ../images/timeslide.png - -| - -In my example, I am zooming in to approx 12:33AM and can click the color block to get a filtered view of the requests as they were being served at that time. - -| - -.. image:: ../images/timeslide2.png - -| - -We can confirm that the Standby Azure workload was sure enough serving up requests during that time. - -| - -.. image:: ../images/requests.png - -| - -Click the **Traffic Tab** in the top menu and change your time-frame back to **1 hour**. - -This graph shows you a visual representation on where your traffic is ingressing our Regional Edges. In my example below, I am local to the DC area, so you can see I consistently hit the DC12 RE in Ashburn Virginia. - -You may see different Source Sites depending where you are geographically located. In production you would see several source sites here if your customer traffic is geographically diverse. - - -You can also see the load balancer name and the Origin Servers to the right. If you hover over them you will get a Request Rate metric. - -| - -.. image:: ../images/traffic.png - -| - -Click the **Origin Servers Tab** in the top menu and change your time-frame to **1 hour**. At the bottom left, change your setting to **50** items per page. - -Why do you think there are so many Origin Servers showing for the AWS EC2 workload DNS name? - -| - -.. image:: ../images/originserve.png - -| - -Click the **Requests Tab** in the top menu and change your time-frame to **1 hour**. At the bottom left, change your setting to **50** items per page. - -The request log has a wealth of information. Literally everything about the request is logged and analyzed. - -Choose any request in the log and click the **expand** arrow next to the time-stamp. - -Every request has built in End-to-End analytics. You can also click on **JSON** to see the request log in JSON format. - -| - -.. image:: ../images/rl.png - -| - -Feel free to explore additional requests and/or fields while other students are getting caught up. - -Sanity Check -------------- -**This is what you just deployed.** - -| - -.. image:: ../images/lab3review.png - -| - -**We hope you enjoyed this lab!** - -**End of Lab 3** - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/docs/class4/module2/lab4.rst b/docs/class4/module2/lab4.rst deleted file mode 100755 index 673aada7..00000000 --- a/docs/class4/module2/lab4.rst +++ /dev/null @@ -1,537 +0,0 @@ -Lab 4: App Connect - Solving IP Overlap -=========================================== - -**Objective:** - -* Implement App Connect to overcome IP Address overlap in AWS/Azure. - -* Provide private and secure connectivity between all sites. - -* Configure policy to only permit port 80 between these sites. - -* Review network security events in the XC console. - -| - -.. image:: ../images/lab4bizreq1.png - -| - -**Narrative:** - -Now that the globally available frontend has been deployed, it's time to start working on **Deliverable #2** and configure backend connectivity. Since Network Connect does **NOT** support IP overlap, we will configure the XC Nodes with App Connect proxies. -Recall that Network Connect joins networks by using the XC Nodes as Software-Defined Routers and App Connect uses the XC Nodes as Software-Defined Proxies to connect applications. Think...NetworkAAS or ProxyAAS. - -| - -.. image:: ../images/lab4goal.png - -| - -Multi-Cloud App Connect ----------------------------- - -In the **Side menu** under **Manage** click on **Load Balancers** >> **HTTP Load Balancers** and click the **Add HTTP Load Balancer** button. - - -Enter the following values: - -================================== ============== -Variable Value -================================== ============== -Name [animal-name]-backend-vip-to-azure -Domains and LB Type [animal-name]-backend-vip-to-azure.lab-mcn.f5demos.com -Load Balancer Type HTTP -Automatically Manage DNS Records **uncheck** -HTTP Port 80 -Origin Pools See Below -================================== ============== - -**Origin Pools** - -Click **Add Item** and under "Origin Pool" select the **Azure pool** with your animal name and click **Apply**. - -Your config should look like this so far: - -| - -.. image:: ../images/backendvip.png - -| - -**Scroll** all the way down until you reach the **Other Settings** section. Here you will find the **VIP Advertisement** field. - -.. Important:: In the previous lab, we took the default of **Internet** here. This means that the load balancer will be distributed across all Regional Edges in our anycast network. This time we will choose our Data Center CE to host the load balancer. - -Hit the dropdown and select **Custom**. - -| - -.. image:: ../images/custom.png - -| - -Now click the **Configure** link right below that field: - -| - -.. image:: ../images/configure.png - -| - -On the **"List of Sites to Advertise"** screen click **Add Item**. - -Enter the following values: - -============================== ========================================================= -Variable Value -============================== ========================================================= -Select Where to Advertise Site -Site Network Outside Network (Since we only have 1 interface on our CE Node, it is "Outside" by default) -Site Reference system/[animal-name] -TCP Listen Port Choice TCP Listen Port -TCP Listen Port 80 -============================== ========================================================= - -| - -.. image:: ../images/azint.png - -| - -Click on **Apply**, **Apply**, and then **Save and Exit** on the main **HTTP Load Balancer** config screen. - - -Testing Internal LB ----------------------- -If that seemed easy, it's because it was. Now, you will test the load balancer that you just configured on the Data Center XC Node. - -| - -.. image:: ../images/node.png - -| - -From the Ubuntu Client (backend) **Web Shell** browser tab, type the following command and hit Enter. - -curl http://10.1.1.5 - -| - -.. image:: ../images/curlerror.png - -| - -Uh oh....! **404 Not Found**? But why? - -Recall the mandatory **Domains** field that was required when you configured the HTTP load balancer. **XC App Connect HTTP Load Balancers natively perform Domain Name enforcement and DO NOT respond to requests without the expected Domain Name.** - -| - -.. image:: ../images/domains.png - -| - -We will now use a tool to help test this with a built-in "resolve" function. - -From the Ubuntu Client **Web Shell** browser tab, type or paste the following command **(with your animal-name)** and hit **Enter**.:: - - curl --head http://[animal-name]-backend-vip-to-azure.lab-mcn.f5demos.com --resolve [animal-name]-backend-vip-to-azure.lab-mcn.f5demos.com:80:10.1.1.5 - -.. note:: On a MAC you should be able to [CMD + v] and on a PC [Shift + Insert] to paste into the web shell. - -| - -.. image:: ../images/curlhead.png - -| - -In my example, my animal-name was **wanted-swan**. If you want to see the full HTML of the site you can **up arrow** and run the command again without the **\-\-head** flag.:: - - curl http://[animal-name]-backend-vip-to-azure.lab-mcn.f5demos.com --resolve [animal-name]-backend-vip-to-azure.lab-mcn.f5demos.com:80:10.1.1.5 - -| - -.. image:: ../images/curltest.png - -| - -Success! Your stomach growls and it's time for lunch! You have now met every requirement thrown at you thus far with F5 Distrib.... **Ring Ring** - -.. Important:: Your phone rings! Just as you were finishing up your testing and about to head to lunch, the CIO calls your desk directly with an urgent request and it sounds like that new Pho restaurant is going to have to wait. There is an immediate requirement for the frontend in AWS to connect to an API on the frontend in Azure, privately over port 80. Additionally, this API should be "Read Only" for any API clients originating in AWS. This traffic CAN NOT be sent unencrypted over the Internet. Can we use F5 Distributed Cloud to quickly bridge these CSP's? - -Narrative Update ----------------------- -You have met all the requirements thus far, but that phone call had a real sense of urgency to it so, you're going to have to act fast. - -Unfortunately, you don't have access to any of the workloads in the CSP environments but one of your friends over on the Application team recently let you know about a diagnostic tool they use on their AWS frontend. It's called the "In-Container-Diagnostic tool" and it runs on their AWS instance on port 8080. -They said you could use it if you need to test connectivity from the AWS frontend to the Azure frontend but they can't give you direct access to the container or workload itself. - -"No problem" you reply, and quickly set out to configure a new frontend in XC for the Diag tool. After you expose the Diag tool, you will configure an internal load balancer for port 80 traffic between the AWS frontend and Azure frontend. You will use the Diag tool to then verify this connectivity. - -| - -.. image:: ../images/cioreq.png - -| - -Expose AWS Diag Tool ----------------------- - -In the **Side menu** under **Manage** click on **Load Balancers** >> **Origin Pools** and click the **Add Origin Pool** button. - -================================== ============== -Variable Value -================================== ============== -Name [animal-name]-awstool-pool -Origin Servers **Add Item** > See Below -Origin Server Port 8080 -================================== ============== - -**Origin Servers** - -================================== ============== -Variable Value -================================== ============== -Select Type of Origin Server IP address of Origin Server on given Sites -IP 10.0.3.253 -Site or Virtual Site Site -Site system/student-awsnet -Select Network on the site Inside Network -================================== ============== - -Click **Apply** and the **Save and Exit**. - -| - -.. image:: ../images/toolpool.png - -| - - -In the **Side menu** under **Manage** click on **Load Balancers** >> **HTTP Load Balancers** and click the **Add HTTP Load Balancer** button. - - -Enter the following values: - -================================== ============== -Variable Value -================================== ============== -Name [animal-name]-awstool -Domains and LB Type [animal-name]-awstool.lab-mcn.f5demos.com -Load Balancer Type HTTP -Automatically Manage DNS Records **check** (Important!) -HTTP Port 80 -Origin Pools **Add Item** and select [animal-name-awstool-pool] and click **Apply**. -================================== ============== - -| - -.. image:: ../images/toollb.png - -| - - -Click **Save and Exit**. - -You should now be able to access the new globally availalable tool by accessing the following URL with your animal-name: - -http://[animal-name]-awstool.lab-mcn.f5demos.com - -| - -.. image:: ../images/contool.png - -| - -.. Note:: Please see a lab assistant if you can not access the tool site. - -Create AWS to Azure LB ------------------------- - -Now that we have a way to test connectivity between AWS and Azure all we need to do is setup the HTTP Load Balancer (App Connect Proxy) to provide the secure connectivity. - -Back in XC Console, from the **Side menu** under **Manage** click on **Load Balancers** >> **HTTP Load Balancers** and click the **Add HTTP Load Balancer** button. - - -Enter the following values: - -================================== ============== -Variable Value -================================== ============== -Name [animal-name]-aws-to-azure-lb -Domains and LB Type [animal-name]-aws-to-azure-lb.lab-mcn.f5demos.com -Load Balancer Type HTTP -Automatically Manage DNS Records **uncheck** -HTTP Port 80 -Origin Pools **Add Item** and select [animal-name-azure-pool] and click **Apply**. -VIP Advertisement (at bottom) **Custom** Click **Configure** See Below. -================================== ============== - -Under **List of Sites to Advertise**, click **Add Item**. - -**VIP Advertisement** - -================================== ============== -Variable Value -================================== ============== -Select Where to Advertise Site -Site Network Inside (The AWS node has 2 interface. Inside/Outside) -Site Reference system/student-awsnet -TCP Listen Port Choice TCP Listen Port -TCP Listen Port 80 -================================== ============== - -Click **Apply** and it should look ike this: - -| - -.. image:: ../images/advervip.png - -| - -Click **Apply** and then **Save and Exit** from the HTTP Load Balancer creation screen. - -If you search your HTTP Load Balancers for your **animal-name**, you should now see 4 as per the example below: - -| - -.. image:: ../images/4lbs.png - -| - -Testing AWS to Azure LB ------------------------- - -You now have a load balancer running in AWS on the inside interface of your AWS XC Node. The inside interface IP of the AWS XC Node is **10.0.5.101**. - -We will now use the In-Container Diag tool to test connectivity. - -If you don't already have a tab open to the Diag tool, in your browser go to: http://[animal-name]-awstool.lab-mcn.f5demos.com - -Click on **Run Command** and paste in the following:: - - curl http://[animal-name]-aws-to-azure-lb.lab-mcn.f5demos.com --resolve [animal-name]-aws-to-azure-lb.lab-mcn.f5demos.com:80:10.0.5.101 - -| - -.. image:: ../images/success.png - -| - -In just a few moments, you now have full proxy connectivity between IP Overlapped AWS and Azure resources over a private encrypted tunnel! Pretty sweet huh? - - -Let's try that command again but with the shorthand version by using **\-\-head**:: - - curl --head http://[animal-name]-aws-to-azure-lb.lab-mcn.f5demos.com --resolve [animal-name]-aws-to-azure-lb.lab-mcn.f5demos.com:80:10.0.5.101 - -| - -.. image:: ../images/head.png - -| - -Adding Security ------------------------- - -You just configured an App Connect Proxy listening on port 80 of the Inside interface of the AWS XC Node. Since the App Connect Proxy is **default-deny** and only accepts traffic on the configured load balancer port with the appropriate Layer 7 Domain information, we can rest assured that no other ports will be permitted. - -The second request to ensure that the **pretend API running on port 80 in Azure is Read Only or R/O**, can easily be solved with a Service Policy. For ease of demonstration we will make use of two HTTP methods and **pretend that HEAD is R/W** and of course **GET is natively R/O.** - -Head is one of many HTTP methods used to interact with API's amongst other things. Some other common ones are GET, POST and PUT. - -Technically speaking, The HEAD method is identical to GET except that the server MUST NOT return a message-body in the response. - -.. Note:: In our Lab we are just pretending that HEAD is R/W. - -What if we we didn't want to allow **HEAD** or only allow certain HTTP methods between these two workloads? - -In general, for any of our HTTP Load Balancers, what if we wanted to block a geolocation? -What if we wanted to allow some IP's and disallow others? How about file type enforcements? - -**Service Policies to the Rescue!** - -Service Policies ------------------- - -While Service Policies can do many things, we will go through a quick exercise to simply block the HTTP Method of **HEAD** for our AWS to Azure HTTP Load Balancer. This example could easily be expanded upon. - -When you create a **Service Policy** it intrinsically contains a **default deny**. Therefore, our Service Policy will actually be a definition of what is allowed. - -Back in XC Console, from the **Side menu** under **Security**, click on **Service Policies** >> **Service Policies** and click the **Add Service Policy** button. - -================================== ============== -Variable Value -================================== ============== -Name [animal-name]-allow-get-sp -Server Selection Server Name -Server Name [animal-name]-aws-to-azure-lb.lab-mcn.f5demos.com -Select Policy Rules Custom Rule List -Rules **Configure**, Click **Add Item** > See Below: -================================== ============== - -**Rules** - -================================== ============== -Variable Value -================================== ============== -Name allow-get -Action Allow -Clients Any Client -Servers Domain Matcher >> **Exact Value** >> [animal-name]-aws-to-azure-lb.lab-mcn.f5demos.com -HTTP Method/Method List Get -HTTP Path **Configure** >> **Add Item** add **/** under **Prefix Values**. -================================== ============== - -Click **Apply**. - -| - -.. image:: ../images/prefix.png - -| - - -| - -.. image:: ../images/spget.png - -| - -Scroll down and click **Apply**. - -| - -.. image:: ../images/sp1.png - -| - -Click **Apply**. - -| - -.. image:: ../images/sp2.png - -| - -Click **Save and Exit**. - -Apply Service Policy ---------------------- - -In the **Side menu** under **Manage** click on **Load Balancers** >> **HTTP Load Balancers** and then click the **3 Button** Action Menu >> **Manage Configuration** under your **[animal-name]-aws-to-azure-lb**. - -Click **Edit Configuration** and scroll down to **Common Security Controls**. - -Under **Service Policies**, hit the dropdown and choose, **Apply Specified Service Policies** and then click the blue **Configure**. - -Choose your **[animal-name]-allow-get-sp** and click **Apply** and then **Save and Exit**. - -| - -.. image:: ../images/lbsp.png - - -| - - -Test Service Policy -------------------- - -If you don't already have a tab open to the Diag tool, in your browser go to: http://[animal-name]-awstool.lab-mcn.f5demos.com - -Try your curl command again **without** the **--head** flag.:: - - curl http://[animal-name]-aws-to-azure-lb.lab-mcn.f5demos.com --resolve [animal-name]-aws-to-azure-lb.lab-mcn.f5demos.com:80:10.0.5.101 - - -| - -.. image:: ../images/success.png - - -| - -Now run the command again but insert the **\-\-head** command.:: - - curl --head http://[animal-name]-aws-to-azure-lb.lab-mcn.f5demos.com --resolve [animal-name]-aws-to-azure-lb.lab-mcn.f5demos.com:80:10.0.5.101 - -| - -.. image:: ../images/forbid.png - -| - - -You have now successfully configured an application layer **Service Policy** that enforces HTTP methods. - -.. Note:: This is a primitive example of a much more powerful construct that can be used to enforce, secure and manipulate HTTP traffic much like iRules did on F5's classic BIG-IP platform. - -Review Service Policy Logs ---------------------------- - -Back in XC Console, from the **Side menu** under **Overview**, click on **Applications** and scroll down and click on your **[animal-name]-aws-to-azure-lb** under **Load Balancers**. - - -| - -.. image:: ../images/awstoazure.png - -| - -Take a moment to observe some of the analytics and then click on the **Requests** tab at the top of the page. - -| - -.. image:: ../images/requesttab.png - -| - -Here you will find the full request log. You will see the request path and if you click the little settings gear on the far right, you can add the Response Code given back to the client and several other metrics. -You may have to click refresh in the upper right or change your time frame if you took a break or don't see any data. - -| - -.. image:: ../images/perfmon.png - -| - -**Expand** one of the log entries that had a **403** response code. These were the forbidden **Head** requests. -Look through the request data and determine the policy that was applied to the request as well as the **result**. - -.. note:: If you do not see a response code column in the data, click on the wheel on the right, next to the search edit box and check response code. Click Apply. - -| - -.. image:: ../images/403.png - -| - -**Expand** one of the log entries that had a **200** response code. These were the allowed **Get** requests. -Look through the request data and determine the policy that was applied to the request as well as the **result**. - -| - -.. image:: ../images/200.png - -| - -**Great job! You have now quickly completed every requirement thrown at you with F5 Distributed Cloud App Connect and Network Connect concepts.** - -There is a final bonus lab that will showcase some App Layer Routing and Security Concepts as well. - -Sanity Check -------------- -**This is what you just deployed.** - -| - -.. image:: ../images/lab4review.png - -| - - -**We hope you enjoyed this lab!** - -**End of Lab 4** diff --git a/docs/class4/module2/lab5.rst b/docs/class4/module2/lab5.rst deleted file mode 100755 index a9ef653a..00000000 --- a/docs/class4/module2/lab5.rst +++ /dev/null @@ -1,363 +0,0 @@ -Lab 5: Bonus Lab - L7 App Routing & Security -============================================== - -**Objective:** - -* Configure the Global Frontend to perform Layer 7 routing. - -* Configure security policy to protect the frontends from OWASP Top 10 web attacks. - -* Test connectivity and review application security events in the XC console. - -.. image:: ../images/lab5bizreq.png - -**Narrative:** - -Much like "The Real World", the requirements never stop coming. Now, ACME has 2 new deliverables for you to figure out. - -**First**, a new API has been added to the cloud frontends and will require Layer 7 routing at the global frontend in XC. -The requirement is for any requests that have **/aws** in the URI to be routed to AWS. -Any requests with **/azure** should be routed to Azure. - -**Second**, ever since exposing the frontends globally, they have noticed a lot of attack type traffic coming into their application. -They have asked if there is a way to apply a security policy to identify and remediate these attacks which seem to target the application with common OWASP Top 10 type attacks. - -| - -.. image:: ../images/lab5.png - -| - -L7 App Routing ---------------- - -**Adding Layer 7 App Routing with F5 Distributed Cloud is a simple task,** but one thing we haven't done yet is configure an **internal pool** for the **AWS workload**. So far, we have been pointing at a public DNS name in the AWS Origin pool, so that could in theory, change or resolve to different IP's/AZ's, at different times. -What we essentially want is a static proxy into the AWS environment that this one particular frontend is located in, which is also where our CE Node is deployed. - -In the **Side menu** under **Manage** click on **Load Balancers** >> **Origin Pools** and click **Manage Configuration** under the **3 Button** Action Menu on your **[animal-name]-azure-pool**. - -Cick **Clone Object**. - -| - -.. image:: ../images/clone.png - -| - -For the name call it: **[animal-name]-aws-internal** and click the pencil **edit** icon next to the **Origin Server**. - -| - -.. image:: ../images/edit.png - -| - -Simply change the **Site** from **system/student-azurenet** to **system/student-awsnet**. - -| - -.. image:: ../images/orgaws.png - -| - -Click **Apply** - -Your Origin Pool config should now look like this: - -| - -.. image:: ../images/awsconf.png - -| - -Click **Save and Exit**. - -Now we will configure the **Global Frontend** Load Balancer to point at both the AWS and Azure "IP-overlapped workloads" and we will add Layer 7 URI routing so traffic arrives at the appropriate Origin Server. - -In the **Side menu** under **Manage** click on **Load Balancers** >> **HTTP Load Balancers** and click on the **3 Buttons** under the **Actions** menu for your **animal-name-acme-frontend**. - -Click **Manage Configuration** and then **Edit Configuration** in the top right. - -| - -.. image:: ../images/lab5mg.png - -| - -Scroll down to where you see **Routes** and click the blue hyperlink "**Configure**" - -| - -.. image:: ../images/routes.png - -| - -Click **Add Item**. - -Enter the following values: - -================================== ============== -Variable Value -================================== ============== -Route Type Simple Route -HTTP Method GET -Path Match Prefix -Prefix /aws -Headers Leave Default -Origin Pools **Add Item** >> Origin Pool = **[animal-name]-aws-internal**, Click **Apply**. -Host Rewrite Method Disable Host Rewrite -================================== ============== - -Click **Apply**. - -Click **Add Item** again. - -================================== ============== -Variable Value -================================== ============== -Route Type Simple Route -HTTP Method GET -Path Match Prefix -Prefix /azure -Headers Leave Default -Origin Pools **Add Item** >> Origin Pool = **[animal-name]-azure-pool**, Click **Apply**. -Host Rewrite Method Disable Host Rewrite -================================== ============== - -Click **Apply**, **Apply**, **Save and Exit**. - - -| - -.. image:: ../images/routes1.png - -| - -Testing L7 Routing --------------------- - -In your browser open a new tab to: **http://[animal-name]-acme-frontend.lab-mcn.f5demos.com** - -Once you have loaded the site sucessfully, try adding the URI **/aws** and reload the page. - -You should see this: - -| - -.. image:: ../images/awsuri.png - -| - - -Now try adding the URI **/azure** and reload the page. - -You should see this: - -| - -.. image:: ../images/azureuri.png - -| - -So, how do we know for certain which workload was actually answering and this wasn't all smoke and mirrors? - -Back in XC Console, from the **Side menu** under **Overview**, click on **Perfomance**. - -Scroll all the way to the bottom and under **Load Balancers**, click directly on your **[animal-name-acme-frontend]** and then click the **Requests** tab (top middle). - -.. Note:: Remember to click refresh and adjust time-frame as necessary. - - -| - -.. image:: ../images/perfmo.png - -| - - -Notice the requests clearly show the URI and the Origin Server. - -| - -.. image:: ../images/perfmo2.png - -| - -Mission accomplished yet again!!! And with only a few short steps and simple concepts. The more you use F5 Distributed Cloud, the more powerful you become but as you know, with that power comes great responsibility...especially with security! - -L7 Security ---------------- - -If you haven't noticed, all along today, there has always been an underlying theme of security in all of the configurations we setup. It's very rare in this day and age to expose a resource or public frontend without some basic protection. - -A common theme was also reviewed in the narrative above. Your new public frontend has started getting a lot of unwanted attention and there is an immediate need to apply some security controls to expose and mitigate the unwanted traffic. We hear from customers with this request every day. - -With **F5 Distributed Cloud App Connect**, adding a WAF policy is just as easy as everything else we've setup so far. - -**First**, we will test out our attacks on the site without any WAF policy and observe the response. - -Testing Vulnerabilities ------------------------- - -For a SQL Injection (SQLi) attack, run the following command from your "Online Diag Tool". If you closed or lost that tab, the link is: **http://[animal-name]-awstool.lab-mcn.f5demos.com** - -SQLi:: - - curl -A "Mozilla/5.0', (select*from(select(sleep(20)))a)) #" http://[animal-name]-acme-frontend.lab-mcn.f5demos.com/ --resolve [animal-name]-acme-frontend.lab-mcn.f5demos.com:80:159.60.128.61 - - -| - -.. image:: ../images/sqli.png - -| - - -For some various other attacks you can modify the command and URI as shown below and try these: - -Other Attack Samples:: - - curl -X GET "http://[animal-name]-acme-frontend.lab-mcn.f5demos.com/?cmd=cat%20/etc/passwd" --resolve [animal-name]-acme-frontend.lab-mcn.f5demos.com:80:159.60.128.61 - -Or:: - - curl -X GET "http://[animal-name]-acme-frontend.lab-mcn.f5demos.com/?id=4%20OR%201=1" --resolve [animal-name]-acme-frontend.lab-mcn.f5demos.com:80:159.60.128.61 - - -Here are the URI paths from above for easy reference: - -**/?cmd=cat%20/etc/passwd** - -**/?id=4%20OR%201=1** - -| - -.. image:: ../images/varattack.png - -| - -Now that you've confirmed that the application is indeed vulnerable to these types of attacks, it's time to put a WAF policy in place and start blocking these immediately. - -Applying WAF ---------------- - -Back in XC Console, from the **Side menu** under **Manage**, click on **Load Balancers**, **HTTP Load Balancers** >> **Actions** >> **Manage Configuration** for the **[animal-name]-acme-frontend**. - -Click **Edit Configuration** and scroll down to the **Web Application Firewall** section. In the dropdown choose **Enable** - -Under **Enable**, click **Add Item**. - -For a name, call it your **[animal-name]-waf** and set the **Enforcement Mode** to blocking. Leave all others **default** and click **Continue**. - -| - -.. image:: ../images/waf.png - -| - -Your HTTP Load Balancer Configuration should now look like this. - -| - -.. image:: ../images/lbwaf.png - -| - -Click **Save and Exit**. - -Testing Vulnerabilities with WAF ----------------------------------- - -For the SQL Injection (SQLi) attack, run the following command from your "Online Diag Tool". If you closed or lost that tab, the link is: **http://[animal-name]-awstool.lab-mcn.f5demos.com** - -SQLi:: - - curl -A "Mozilla/5.0', (select*from(select(sleep(20)))a)) #" http://[animal-name]-acme-frontend.lab-mcn.f5demos.com/ --resolve [animal-name]-acme-frontend.lab-mcn.f5demos.com:80:159.60.128.61 - - -| - -.. image:: ../images/sqliblock.png - -| - -For some various other attacks you can modify the command and URI as shown below and try these: **All should be Blocked or "Rejected"**. - -Other Attack Samples:: - - curl -X GET "http://[animal-name]-acme-frontend.lab-mcn.f5demos.com/?cmd=cat%20/etc/passwd" --resolve [animal-name]-acme-frontend.lab-mcn.f5demos.com:80:159.60.128.61 - -Or:: - - curl -X GET "http://[animal-name]-acme-frontend.lab-mcn.f5demos.com/?id=4%20OR%201=1" --resolve [animal-name]-acme-frontend.lab-mcn.f5demos.com:80:159.60.128.61 - -| - -.. image:: ../images/varblock.png - -| - -Reviewing WAF Logs ------------------------ - -In this final section, we will review the WAF logs for the attacks we just tested. - -Back in XC Console, from the **Side menu** under **Overview**, click on **Applications**. - -Scroll all the way to the bottom and under **Load Balancers**, click directly on your **[animal-name-acme-frontend]** and then click the **Security Analytics** tab (top middle). - -| - -.. image:: ../images/secmon.png - -| - -.. Note:: Remember to click refresh and adjust time-frame as necessary. - -| - -.. image:: ../images/secevents.png - -| - - -Click on the **Requests** tab (top middle) and then click the **Add Filter** icon: - -| - -.. image:: ../images/filter.png - -| - -Type **waf** in the search field, and select **waf_action** >> **In** >> **Block** >> **Apply**. - -| - -.. image:: ../images/wafaction.png - -| - -You can now see a filtered **Request Log** view of all blocked events. Feel free to play around with other filters and explore the security events. - - -Sanity Check -------------- -**This is what you just deployed.** - - -| - -.. image:: ../images/lab5sanity.png - -| - -Outro --------- - -What a long day it has been at ACME corp.... but you look at your watch and realize that you could have never setup what you just did, in the time it took you, even 3 years ago. The magic of F5 Distributed Cloud Network Connect and App Connect solutions greatly simplify modern problems while saving time and enhancing security. - -**We hope you enjoyed this lab!** - -**End of Lab 5** - - diff --git a/docs/class4/module2/module2.rst b/docs/class4/module2/module2.rst deleted file mode 100755 index f98ca88d..00000000 --- a/docs/class4/module2/module2.rst +++ /dev/null @@ -1,30 +0,0 @@ -Module 2: App Connect -======================================== - -.. image:: ../images/appconnect.png - -**Narrative:** -Everything has been running terrific at ACME with your current Network Connect model. Your boss is pleased with your work and has a new assignment for you. -ACME has aquired a new company that utilizes Azure IAAS but none of their servers are public facing due to security governance. - -ACME wants to implement a globally available frontend that can serve content from either AWS or Azure without directly giving any of the Azure workloads a public IP. -Inbound Internet traffic should always be sent to the public AWS frontend DNS name with the Azure private-ip frontend acting as a backup for now. - -The on-prem backend server must be able to scan the private frontend in Azure on port 80. -The frontend server in Azure WILL NOT have a public IP. ACME has truly gone multi-cloud! - -.. image:: ../images/mod2bizreq.png - - -**In Lab 3** we will be satisfying the latest ACME business requirements by using App Connect to provide a globally available frontend for the cloud application - -**In Lab 4** we will solve the IP overlap problem introduced by the Azure acquisition by leveraging App Connect. - -**In Lab 5** we are offering a bonus App Connect, "Application Routing" lab, where requests from Internet Clients will be routed to AWS or Azure frontend based on URI. You will also -be configuring application security policy on the globally available frontend load balancer in XC to portect against OWASP Top 10 attacks. - -.. toctree:: - :maxdepth: 1 - :glob: - - lab* From 0318354b56cac1d3afaff3b558094a5c6ca2b2e1 Mon Sep 17 00:00:00 2001 From: Jason Lang Date: Tue, 16 Jan 2024 14:46:36 -0500 Subject: [PATCH 03/17] "Small formatting, spelling and grammatical tweaks." --- docs/class8/lab1.rst | 50 ++++++++++++++++++++-------------------- docs/class8/lab2.rst | 22 +++++++++--------- docs/class8/lab3.rst | 54 ++++++++++++++++++++++---------------------- 3 files changed, 63 insertions(+), 63 deletions(-) diff --git a/docs/class8/lab1.rst b/docs/class8/lab1.rst index cf8893dd..0c52540d 100644 --- a/docs/class8/lab1.rst +++ b/docs/class8/lab1.rst @@ -1,10 +1,10 @@ Lab 1: API-First Console ======================== -This lab will focus on demonstrating the API-First capabilities of the F5 Distribured Cloud -Console. Students will begin by creating an API token for authenticating to the API. Next, -students will explore the Distributed Cloud Developer Portal and utilize it to query live -configuration. The lab concludes with using Postman to deploy an application. +This lab will focus on demonstrating the API-first capabilities of the F5 Distributed Cloud +Console. Students will begin by creating an API token for authenticating to the API, followed +by exploring the Distributed Cloud Developer Portal and utilizing it to query a live +configuration. Finally, the lab concludes with using Postman to deploy an application. For the tasks that follow, you should have already noted your individual **namespace**. If you failed to note it, return to the **Introduction** section of this lab, follow the instructions @@ -15,7 +15,7 @@ all lab attendees. * **Delegated Domain:** *.lab-app.f5demos.com* * **F5 Distributed Cloud Tenant:** https://f5-xc-lab-app.console.ves.volterra.io -Following the tasks in the prior **Introduction** Section, you should now be able to access the +By following the tasks in the prior **Introduction** Section, you should now be able to access the F5 Distributed Cloud Console, having set your Work Domain Roles and Skill levels. If you have not done so already, please login to your tenant for this lab and proceed to Task 1. @@ -28,21 +28,21 @@ utilizing the Developer Portal. +---------------------------------------------------------------------------------------------------------------+ | **Create API Token from the Distributed Cloud Console** | +===============================================================================================================+ -| 1. Following the **Introduction** section instructions, you should now be in the **Multi-Cloud App Connect** | +| 1. Following the **Introduction** section instructions, you should now be in the **Multi-Cloud App Connect** | | | -| configuration window. If for some reason you are not in the **Multi-Cloud App Connect** window, use the | +| configuration window. If, for some reason, you are not in the **Multi-Cloud App Connect** window, use the | | | | **Select Service** in the left-hand navigation, and click **Multi-Cloud App Connect** as shown in the | | | | *Introduction section, Task 2, Step 9*. | +---------------------------------------------------------------------------------------------------------------+ -| 2. In the top right corner of the Distributed Cloud Console click the **User Icon** dropdown and select | +| 2. In the top right corner of the Distributed Cloud Console, click the **User Icon** dropdown and select | | | | **Account Settings**. | | | | |lab1-Account_Settings| | +---------------------------------------------------------------------------------------------------------------+ -| 3. In the resulting screen click **Credentials** under the Peronal Management Heading on the left. | +| 3. In the resulting screen, click **Credentials** under the Peronal Management Heading on the left. | | | | |lab1-Credentials| | +---------------------------------------------------------------------------------------------------------------+ @@ -60,32 +60,32 @@ utilizing the Developer Portal. | | | |lab1-Generate_API_Token| | +---------------------------------------------------------------------------------------------------------------+ -| 7. On the form that appears copy your API token and save it for use later. Then click **Done**. | +| 7. On the form that appears, copy your API token and save it for use later. Then click **Done**. | | | | |lab1-API_Token| | | | | .. note:: | | *If you don't save your API token or you lose it, you will need to generate a new API token. After an API* | | | -| *token is generated, it can not be retrieved again later.* | +| *token is generated, it **cannot be retrieved again later**.* | +---------------------------------------------------------------------------------------------------------------+ +---------------------------------------------------------------------------------------------------------------+ | **Access the Distributed Cloud Developer Portal** | +===============================================================================================================+ -| 8. In the top right corner of the Distributed Cloud Console click the **Support** dropdown and select **API** | +| 8. In the top right corner of the Distributed Cloud Console, click the **Support** dropdown and select **API**| | | | **Documentation**. | | | | |lab1-API_Documentation| | | | | .. note:: | -| *This takes you to the online documentation for the F5 Distributed Cloud Services API. Here you can* | +| *This takes you to the online documentation for the F5 Distributed Cloud Services API. Here, you can* | | | | *review or download the API specification.* | +---------------------------------------------------------------------------------------------------------------+ -| 9. In the resulting screen click the **API Developer Portal** link in the top menu. | +| 9. In the resulting screen, click the **API Developer Portal** link in the top menu. | | | | |lab1-API_Developer_Portal| | +---------------------------------------------------------------------------------------------------------------+ @@ -95,7 +95,7 @@ utilizing the Developer Portal. | | | |lab1-Portal_Domain| | +---------------------------------------------------------------------------------------------------------------+ -| 11. In the resulting screen click the **Authorize** link in the top right corner. | +| 11. In the resulting screen, click the **Authorize** link in the top right corner. | | | | |lab1-Portal_Authorize| | +---------------------------------------------------------------------------------------------------------------+ @@ -137,10 +137,10 @@ utilizing the Developer Portal. Task 2: Create A Proxy Configuration Using Postman ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -The following steps will create Health Check, an Origin Pool and Http Load Balancer utilizing Postman to post -JSON definitions to the Distributed Cloud API. For this task you will be using a Windows 10 client that is part +The following steps will create a Health Check, an Origin Pool and an HTTP Load Balancer utilizing Postman to post +JSON definitions to the Distributed Cloud API. For this task, you will be using a Windows 10 client that is part of the UDF deployment. The Windows 10 client has Postman pre-installed to save time in the lab. To install and -utilize postman outside of the lab visit https://www.postman.com/downloads/. +utilize postman outside of the lab, visit https://www.postman.com/downloads/. An RDP client is recommended to access the Windows 10 client. Current versions of Microsoft Windows should include an RDP client pre-installed. If you are using an operating system other than Windows, below are @@ -158,7 +158,7 @@ documentation and download links for installing an RDP client. | Linux | `Remote Desktop Linux`_ | +-------------------+-------------------------------------------------------------------------------------------+ -If you are unable to install an RDP client or cannot connect via RDP to the Windows 10 host, you can use the +If you are unable to install an RDP client, or cannot connect via RDP to the Windows 10 host, you can use the WebRDP jump host within the UDF environment to access the Windows 10 client via a web browser. Here are instructions for connecting to the Windows 10 client via RDPClient_. Here are instructions for connecting to the Windows 10 client via WebRDP_. @@ -195,7 +195,7 @@ The username and password for the Windows 10 host are: +---------------------------------------------------------------------------------------------------------------+ | 5. Review the results in the **Body** section of Postman. You should see a 200 OK response code and the name | | | -| of you namespace should appear in the **metadata**. These results should match the results from Task 1 | +| of your namespace should appear in the **metadata**. These results should match the results from Task 1 | | | | step 16. | | | @@ -273,7 +273,7 @@ configuration will then be tested utilizing a web browser to access the web appl | | | |lab1-XC_Signin| | +---------------------------------------------------------------------------------------------------------------+ -| 4. Within the Distributed Cloud dashboard select the **Multi-Cloud App Connect** tile. | +| 4. Within the Distributed Cloud dashboard, select the **Multi-Cloud App Connect** tile. | | | | |lab1-XC_App_Connect| | +---------------------------------------------------------------------------------------------------------------+ @@ -302,7 +302,7 @@ configuration will then be tested utilizing a web browser to access the web appl | .. note:: | | *There may be slight variations in the JSON because you don't need to post default values when calling the*| | | -| *API. If you want to automate a task in Distributed Cloud but are unsure of the required JSON, you can* | +| *API. If you want to automate a task in Distributed Cloud, but are unsure of the required JSON, you can* | | | | *configure a test object via the GUI and then use this JSON tab to get the corresponding JSON config.* | +---------------------------------------------------------------------------------------------------------------+ @@ -333,7 +333,7 @@ configuration will then be tested utilizing a web browser to access the web appl | .. note:: | | *There may be slight variations in the JSON because you don't need to post default values when calling the*| | | -| *API. If you want to automate a task in Distributed Cloud but are unsure of the required JSON, you can* | +| *API. If you want to automate a task in Distributed Cloud, but are unsure of the required JSON, you can* | | | | *configure a test object via the GUI and then use this JSON tab to get the corresponding JSON config.* | +---------------------------------------------------------------------------------------------------------------+ @@ -364,7 +364,7 @@ configuration will then be tested utilizing a web browser to access the web appl | .. note:: | | *There may be slight variations in the JSON because you don't need to post default values when calling the*| | | -| *API. If you want to automate a task in Distributed Cloud but are unsure of the required JSON, you can* | +| *API. If you want to automate a task in Distributed Cloud, but are unsure of the required JSON, you can* | | | | *configure a test object via the GUI and then use this JSON tab to get the corresponding JSON config.* | +---------------------------------------------------------------------------------------------------------------+ @@ -389,7 +389,7 @@ configuration will then be tested utilizing a web browser to access the web appl +---------------------------------------------------------------------------------------------------------------+ | **End of Lab 1** | +===============================================================================================================+ -| This concludes Lab 1. In this lab you learned about the Distributed Cloud Developer Portal and how it can | +| This concludes Lab 1. In this lab, you learned about the Distributed Cloud Developer Portal and how it can | | | | help you test API calls. You then expanded upon that knowledge and utilized Postman to deploy a Health Check, | | | diff --git a/docs/class8/lab2.rst b/docs/class8/lab2.rst index f7b510f0..30741403 100644 --- a/docs/class8/lab2.rst +++ b/docs/class8/lab2.rst @@ -10,7 +10,7 @@ the objects created in Lab 1 and Lab 2 in prepration for Lab 3. Task 1: Create & Attach WAAP Policy ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -In this task you will use Postman to create an Application Firewall policy with the default settings. Postman +In this task, you will use Postman to create an Application Firewall policy with the default settings. Postman will then be used to attach the Application Firewall to the HTTP Load Balancer created in Lab 1. This lab will begin back in the Windows 10 client deployed as part of the UDF. @@ -18,9 +18,9 @@ This lab will begin back in the Windows 10 client deployed as part of the UDF. +---------------------------------------------------------------------------------------------------------------+ | **Create an Application Firewall and Apply It to Your Application Load Balancer Via Postman** | +===============================================================================================================+ -| 1. Return to **Postman**, in the workspace pane expand **Appworld - XC Automation** if it isn't already, | +| 1. Return to **Postman**. In the workspace pane, expand **Appworld - XC Automation** if it isn't already, | | | -| click on **Create App Firewall**, click on **Body**, and review the raw JSON content. | +| then click on **Create App Firewall**, and click on **Body** to review the raw JSON content. | | | | |lab2-Postman_AppFW_Body| | +---------------------------------------------------------------------------------------------------------------+ @@ -67,7 +67,7 @@ This lab will begin back in the Windows 10 client deployed as part of the UDF. | | | |lab1-XC_Signin| | +---------------------------------------------------------------------------------------------------------------+ -| 10. Within the Distributed Cloud dashboard select the **Multi-Cloud App Connect** tile. | +| 10. Within the Distributed Cloud dashboard, select the **Multi-Cloud App Connect** tile. | | | | |lab1-XC_App_Connect| | +---------------------------------------------------------------------------------------------------------------+ @@ -96,7 +96,7 @@ This lab will begin back in the Windows 10 client deployed as part of the UDF. | .. note:: | | *There may be slight variations in the JSON because you don't need to post default values when calling the*| | | -| *API. If you want to automate a task in Distributed Cloud but are unsure of the required JSON, you can* | +| *API. If you want to automate a task in Distributed Cloud, but are unsure of the required JSON, you can* | | | | *configure a test object via the GUI and then use this JSON tab to get the corresponding JSON config.* | +---------------------------------------------------------------------------------------------------------------+ @@ -106,7 +106,7 @@ This lab will begin back in the Windows 10 client deployed as part of the UDF. Task 2: Create & Attach a Service Policy ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -In this task you will use Postman to create a Service Policy that only allows specific contries to access your +In this task, you will use Postman to create a Service Policy that only allows specific contries to access your application. Postman will then be used to attach the Service Policy to the HTTP Load Balancer created in Lab 1. +---------------------------------------------------------------------------------------------------------------+ @@ -192,7 +192,7 @@ application. Postman will then be used to attach the Service Policy to the HTTP | .. note:: | | *There may be slight variations in the JSON because you don't need to post default values when calling the*| | | -| *API. If you want to automate a task in Distributed Cloud but are unsure of the required JSON, you can* | +| *API. If you want to automate a task in Distributed Cloud, but are unsure of the required JSON, you can* | | | | *configure a test object via the GUI and then use this JSON tab to get the corresponding JSON config.* | +---------------------------------------------------------------------------------------------------------------+ @@ -201,7 +201,7 @@ application. Postman will then be used to attach the Service Policy to the HTTP Task 3: Delete the Objects Created with Postman ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -In this task you will use Postman to delete the HTTP Load Balancer, Service Policy, App Firewall, Origin Pool, +In this task you, will use Postman to delete the HTTP Load Balancer, Service Policy, App Firewall, Origin Pool, and Health Check. This demonstrates how to use Postman to delete objects when they are no longer needed, and cleans up the environment in prepation for Lab3. @@ -254,13 +254,13 @@ cleans up the environment in prepation for Lab3. +---------------------------------------------------------------------------------------------------------------+ | **End of Lab 2** | +===============================================================================================================+ -| This concludes Lab 2. In this lab you learned how to use Postman to create an Web Application Firewall | +| This concludes Lab 2. In this lab, you learned how to use Postman to create a Web Application Firewall | | | | policy and Service Policy. You then used Postman to modify the HTTP Load Balancer you created in Lab 1 and | | | -| apply the Web Application Firewall and Service policy. Lastly you used Postman to delete all of the | +| apply the Web Application Firewall and Service policy. Lastly, you used Postman to delete all of the | | | -| configuration from Lab 1 and Lab 2 in preperation for Lab 3. A brief presentation will be shared prior to the | +| configuration from Lab 1 and Lab 2 in preparation for Lab 3. A brief presentation will be shared prior to the | | | | beginning of Lab 3. | | | diff --git a/docs/class8/lab3.rst b/docs/class8/lab3.rst index 89e3c194..abb22638 100644 --- a/docs/class8/lab3.rst +++ b/docs/class8/lab3.rst @@ -3,18 +3,18 @@ Lab 3: Leveraging Terraform The following lab tasks will guide you through using Terraform to deploy and secure a Web based application. Students will start by creating an authentication certificate within Distributed Cloud that Terraform utilizes -for authenticating the API calls. Next a Tfvars file is created to customize the deployment to match the -students environment. Terraform will then be used to deploy a HTTP Health Check, Origin Pool, and HTTP Load +for authenticating the API calls. Next, a Tfvars file is created to customize the deployment to match the +student's environment. Terraform will then be used to deploy an HTTP Health Check, Origin Pool, and HTTP Load Balancer. Students will then modify and apply the Terraform configuration to add a Web Application Firewall -to their existing HTTP Load Balancer. Finally Terraform will be used to tear down everything it created in +to their existing HTTP Load Balancer. Finally, Terraform will be used to tear down everything it created in this lab. **Expected Lab Time: 20 minutes** Task 1: Deploy a Web Application with Terraform ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -In this task you will create an API Certificate for Terraform to authneticate to the Distributed Cloud API. Next -you will create a Tfvars file to specify variable values unique to your environment. After the Tfvars file is +In this task, you will create an API Certificate for Terraform to authneticate to the Distributed Cloud API. Next, +you will create a Tfvars file to specify environment variables unique to your environment. After the Tfvars file is created, you will intialize Terraform and then deploy an HTTP Health Check, Origin Pool, and HTTP Load Balancer. This lab will begin back in the Windows 10 client deployed as part of the UDF. @@ -50,7 +50,7 @@ This lab will begin back in the Windows 10 client deployed as part of the UDF. | | | |lab1-Add_Credentials| | +---------------------------------------------------------------------------------------------------------------+ -| 7. Fill in the resulting form with the following values | +| 7. Fill in the resulting form with the following values: | | | | * **Credential Name ID:** *-api-cert* | | * **Credential Type: Select:** *API Certificate* | @@ -83,7 +83,7 @@ This lab will begin back in the Windows 10 client deployed as part of the UDF. | | | |lab3-Terraform_Cert_Copy| | +---------------------------------------------------------------------------------------------------------------+ -| 11. Set an environment variable for the API certificate password with the followind command: | +| 11. Set an environment variable for the API certificate password with the following command: | | | | .. code-block:: bash | | setx VES_P12_PASSWORD "" | @@ -117,7 +117,7 @@ This lab will begin back in the Windows 10 client deployed as part of the UDF. +---------------------------------------------------------------------------------------------------------------+ | **Create a tfvars File for Specifying Environment Specific Variables** | +===============================================================================================================+ -| 16. From the **EXPLORER** frame, lick the new file icon next to the TERRAFORM folder, and then enter the name | +| 16. From the **EXPLORER** frame, click the new file icon next to the TERRAFORM folder, and then enter the name| | | | **terraform.tfvars** for the new file that is created and press **Enter**. | | | @@ -146,7 +146,7 @@ This lab will begin back in the Windows 10 client deployed as part of the UDF. | | | |lab3-Terraform_VSC_Terminal| | +---------------------------------------------------------------------------------------------------------------+ -| 20. In the Terminal at the bottom of Visual Studio Code, enter the following command and press enter: | +| 20. In the Terminal at the bottom of Visual Studio Code, enter the following command and press Enter: | | | | .. code-block:: bash | | terraform init | @@ -155,11 +155,11 @@ This lab will begin back in the Windows 10 client deployed as part of the UDF. +---------------------------------------------------------------------------------------------------------------+ | 21. Review the Init Results. You should see a **Terraform has been successfully initialized!** message. | | | -| **DO NOT PROCEED AND ASK A LAB ASSISTNAT FOR HELP IF YOU DON'T SEE THE SUCCESSFULLY INITIALIZED MESSAGE.**| +| **DO NOT PROCEED AND ASK A LAB ASSISTANT FOR HELP IF YOU DON'T SEE THE SUCCESSFULLY INITIALIZED MESSAGE.**| | | | |lab3-Terraform_VSC_Init_Success| | +---------------------------------------------------------------------------------------------------------------+ -| 22. In the Terminal enter the following command and press enter: | +| 22. In the Terminal, enter the following command and press Enter: | | | | .. code-block:: bash | | terraform plan | @@ -170,14 +170,14 @@ This lab will begin back in the Windows 10 client deployed as part of the UDF. | | | |lab3-Terraform_VSC_Plan_Results| | +---------------------------------------------------------------------------------------------------------------+ -| 24. In the Terminal enter the following command and press enter: | +| 24. In the Terminal, enter the following command and press Enter: | | | | .. code-block:: bash | | terraform apply | | | | |lab3-Terraform_VSC_Apply| | +---------------------------------------------------------------------------------------------------------------+ -| 25. When prompted **Do you want to perform these actions?** type **yes** and press enter. | +| 25. When prompted **Do you want to perform these actions?**, type **yes** and press Enter. | | | | |lab3-Terraform_VSC_Apply_Yes| | +---------------------------------------------------------------------------------------------------------------+ @@ -203,7 +203,7 @@ This lab will begin back in the Windows 10 client deployed as part of the UDF. Task 2: Create & Attach WAF Policy ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -In this task you will modify your Terraform configuration to create and apply an Application Firewall policy with +In this task, you will modify your Terraform configuration to create and apply an Application Firewall policy with the default settings. Since Terraform tracks state, the apply command is used to modify the required existing objects within Distributed Cloud. @@ -262,7 +262,7 @@ objects within Distributed Cloud. +---------------------------------------------------------------------------------------------------------------+ | **Plan and Apply Your New Terraform Code to Create an Application Firewall and Associate It to Your LB** | +===============================================================================================================+ -| 5. In the Terminal enter the following command and press enter: | +| 5. In the Terminal, enter the following command and press Enter: | | | | .. code-block:: bash | | terraform plan | @@ -273,14 +273,14 @@ objects within Distributed Cloud. | | | |lab3-Terraform_VSC_Appfw_Plan_Results| | +---------------------------------------------------------------------------------------------------------------+ -| 7. In the Terminal enter the following command and press enter: | +| 7. In the Terminal, enter the following command and press Enter: | | | | .. code-block:: bash | | terraform apply | | | | |lab3-Terraform_VSC_Appfw_Apply| | +---------------------------------------------------------------------------------------------------------------+ -| 8. When prompted **Do you want to perform these actions?** type **yes** and press enter. | +| 8. When prompted **Do you want to perform these actions?**, type **yes** and press Enter. | | | | |lab3-Terraform_VSC_Appfw_Apply_Yes| | +---------------------------------------------------------------------------------------------------------------+ @@ -294,7 +294,7 @@ objects within Distributed Cloud. +===============================================================================================================+ | 10. Switch back to the Chrome Browser that is connected to the Distributed Cloud Console. | +---------------------------------------------------------------------------------------------------------------+ -| 11. Within the Distributed Cloud dashboard select the **Multi-Cloud App Connect** tile. | +| 11. Within the Distributed Cloud dashboard, select the **Multi-Cloud App Connect** tile. | | | | |lab1-XC_App_Connect| | +---------------------------------------------------------------------------------------------------------------+ @@ -329,26 +329,26 @@ objects within Distributed Cloud. Task 3: Destroy the Terraform Objects ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -In this task you will use Terraform to destroy the HTTP Health Check, Origin Pool, HTTP Load Balancer, and Web -Application Firewall Policy that was created in Task 1 & 2. +In this task, you will use Terraform to destroy the HTTP Health Check, Origin Pool, HTTP Load Balancer, and Web +Application Firewall Policy that was created in Tasks 1 & 2. +---------------------------------------------------------------------------------------------------------------+ | **Delete Distributed Cloud Objects Utilizing Terraform Destroy** | +===============================================================================================================+ | 1. Switch back to the Visual Studio Code application. | +---------------------------------------------------------------------------------------------------------------+ -| 2. In the Visual Studio Code Terminal enter the following command and press enter: | +| 2. In the Visual Studio Code Terminal, enter the following command and press Enter: | | | | .. code-block:: bash | | terraform destroy | | | | |lab3-Terraform_VSC_Destroy| | +---------------------------------------------------------------------------------------------------------------+ -| 3. When prompted **Do you really want to destroy all resources?** type **yes** and press enter. | +| 3. When prompted **Do you really want to destroy all resources?** type **yes** and press Enter. | | | | |lab3-Terraform_VSC_Destroy_Yes| | +---------------------------------------------------------------------------------------------------------------+ -| 4. Review the Destroy results. This shows what Terraform created. | +| 4. Review the Destroy results. This shows what Terraform deleted. | | | | |lab3-Terraform_VSC_Destroy_Results| | +---------------------------------------------------------------------------------------------------------------+ @@ -356,15 +356,15 @@ Application Firewall Policy that was created in Task 1 & 2. +---------------------------------------------------------------------------------------------------------------+ | **End of Lab 3** | +===============================================================================================================+ -| This concludes Lab 3. In this lab you learned how to setup Terraform to authenticate to to Distributed Cloud | +| This concludes Lab 3. In this lab, you learned how to setup Terraform to authenticate to to Distributed Cloud | | | -| utilizing an API Certificate. You then created a Tfvars file to customize the deployment to match the your | +| utilizing an API Certificate. You then created a Tfvars file to customize the deployment to match your | | | -| environment. After that, you used Terraform to deploy a HTTP Health Check, Origin Pool, and HTTP Load | +| environment. After that, you used Terraform to deploy an HTTP Health Check, Origin Pool, and HTTP Load | | | | Balancer. The Terraform configuration was then modified to create a Web Application Firewall policy and apply | | | -| it to the HTTP Load Balancer. Finally Terraform was used to destroy all of the objects created in this lab. A | +| it to the HTTP Load Balancer. Finally, Terraform was used to destroy all of the objects created in this lab. A| | | | brief presentation and demo will be shared prior to the conclusion of this class. | +---------------------------------------------------------------------------------------------------------------+ From f572a04c5f4f1c65576ed29760e9cae2e79d2e5d Mon Sep 17 00:00:00 2001 From: Daniel Cayer Date: Tue, 16 Jan 2024 15:36:46 -0500 Subject: [PATCH 04/17] draft edits --- docs/class9/_static/AzureADLogin.png | Bin 60643 -> 0 bytes .../class9/_static/PSAzureLoginAddAccount.png | Bin 0 -> 39993 bytes docs/class9/_static/UDFJoinClass.png | Bin 0 -> 54296 bytes docs/class9/_static/tenantlogin2.png | Bin 0 -> 27587 bytes docs/class9/class9.rst | 9 ++- docs/class9/intro.rst | 64 +++++++++++------- docs/class9/lab1.rst | 22 +++++- docs/test.txt | 0 8 files changed, 67 insertions(+), 28 deletions(-) delete mode 100644 docs/class9/_static/AzureADLogin.png create mode 100644 docs/class9/_static/PSAzureLoginAddAccount.png create mode 100644 docs/class9/_static/UDFJoinClass.png create mode 100644 docs/class9/_static/tenantlogin2.png delete mode 100644 docs/test.txt diff --git a/docs/class9/_static/AzureADLogin.png b/docs/class9/_static/AzureADLogin.png deleted file mode 100644 index bcb25c18cd26cacaa53c9b659aa2d9f2fb946222..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 60643 zcmZ_01y~$g6D^7bcMb0D?(Q1gT{F151b25&kip&E-GVzLXkZ}00|dyO5D-uf08L$YU1cQ!3nvE_GfO9P zD;94D=U-JIguDg7mkw6$W@O$D_Kt1>-og~WO9+6kf8A!KAp2d!-AlnH}9I|7qk;J5p9|7OnticYu>4*{^oZ%$+>kg()b0b@cc1&p55T z0sr;n==QHzU;$ZwJz-^MVPpOOs^$)`{{N}=>&ZXWe#`YwcS64!6OeSWcXHKmHnXr2 zVHf({{{Pe(=t^fPc|6Ntf&B|5M$pKu`UF1J4 z{#*HfAO7DJe>bfAU!NS@JpYeA|L4*FRQ)Bgz#CTpxI437bN)-Z|JS{L%L}poQpo=( z=pXI>z6(~r2%-?{UsDo6{3_Iy2mv7mAulDa=?!_7kMPM+^7-eSk!tferrK8QSsIg7 z)n>?BwGE_-v;~@UiRU7%slEX5@C6F_W<2>=#AId)3cD(v56<6$jNN8`2o-YfHVMyt z|Izck%l~NSSa8!ug!4LZ)@|oHJKN2AmOIm=k;*{E@gU|n40aV472j=K?7cHP!3z^R zfadk>u($DS2F=!&YSZG6_Z<2l(!$e~1wfD6(ZM@ry_BQoN_@+RJ-2DEMwpNBmFht$ z#tiklnV9r%I{ix%H%aNZl!@9_f`QA23DeMlvtr>P%uSnIYp)>>JS6AbStuz%r(uOn zcSKTosCRIm|M1b;Z}+pYT1OE4G_Y6xP|PS$4gW!tN~@x%L~#Xs?ve$Q%HkTNs6`Fi zAdcd;7=au{BO=xExMbTFA8q!sHe7_QP^1w^9!iU;Ev>*PW!})}UrYT{5M5O**C0a6 zlg!v!SxU^KDku6QKZd{=n&sPoQ>A{UQ+5~kWF8sO`%?{_4$f!pV7BqZeGHMGU-7>Mxni0?Ifj;$)dDVd((u1cAVe%88qOr|#BNcd>j` zq{)IK1Zj6<_Og)$zS8uJa!qASwbtSEH=S1pjB}GfpBRH7slx+Bno)}qIfNaKIt(1~S7r~=mtU4kDzb2@!b+=B_*{}_A8BhV zjdR}4$<@A*y}7M~3LrH~-*DAl0V>+$idOr7u#8hf4giiE~In3C?BTrGHOeOmB zX1)6!Be9R6j!ZZhJY|#&$YV7bm8{Z~2C78vO8ELKxdMvqH zPV7k-I8mdtly?)9wLe9eTcr3+QqrhBELdHqW&E(sQ+CK`RbSrtSnRqGUB~7lo%cQu zM{R@SYT0+Qdj%NQTBU^0jaa@Jv#;3TpSz07atKOOa4{-axG0qh)Sm^maa-FPGffm~ zhVN+>azPqUZ!nhN)vAQgP}&ctYh7wtQ8(C>P#wi|JKU4SRg0(@%Dl$dlpB1M8psfJ zfXFge4zO1!D|bjy(}JziI?k!?bw@HsIs zzu}UBeD|&hUIP_x>Ucn53pc$QgOH*8O8Zz95tzxgO{9}qD(3w`2{AHwFrzGQZ|KWw zb)FiEc(e)@4B1VHDBJ0nO6><4RvHxd;XHP8Dk=_{5lv*7sW;E?%86~z9^xl}q2(Fi zlV-11w<0-86Nd+i{B^~ar<~bhIYk9i#XG5JJOEYnw0si8h2kA14nmFan zzP5HJRk3$!UBwp`^N6%!CFzFfa+ekyoNVpU2)n7*+uRT59o(-{N;wE>eN`Nd8Q)LNdr!7 zvCHKWiLxzk^Uq_pHBCaBLnvDm!z-2%1+cuWTC#82f6YEYnwM2rVT%88G(cDfDkK zT&iIG8C7&iuQXMdQ{NcpV$ruvXfo7l+3RcPIyGl%z|c4liECWT>7Pz!0<28m3((Au zUCeuF#-s-u24YU=(P>bc2`i;ElN}w#N7q=jGhtNpugdyd#TLzL5cCc%Bu~=smQ?8~ zXCyO(^n{J#f)vyUlX6QKI&;{{+hDtl9UAlNTPo_G2%fdOF;%SQlYv@@N}uH%ex_%& z3c7Qcq)l;BY44Ok3_zI;VQLffE-d(Fn03F!G=9PkcFn6js)_~}o=E#(8O00~VWoeQ z0NBE!pcQ7>3#x@_T$W@NDF+@}n-s_D+c!Eup4>?iYiD?$w37^#O)0P(;>a=9qeO97 zU|yvFI*u|bfL5TY9_E_*waQhi1`4;3@eWM`E?E}?hu#Xhy0&s*YdkXrTccq23Nj-z z{|cqWc!EaT{K-AWJor{i6e_|=R2Uhw^+(!@3X<^RkPF$%D=2N6UXEgC3^Ze=YN3(K%${N`&$DC|tJK2p!cKN)*`1lR zBYoWRG+yXujJ$O0_Tww2?1{n%lM=ll6{n5Y@~{jVEzxpu`uM4=Af6eOee4ea+XDZI z!^QbS+lC4=bSdpZaogP_TZRK!ou#(H`NI^THZ}qu=H`JtIkf+o=RK$RLG?-rGr7n( zVbgJ&O5ToUEJ`PvDz|DCR|$4TUCMB%N;eQ>Qq=R*yxoI{!rGixiNDFFWq6O#Mpk;z z@QOfP^L@Xl0)2cG3UB!rC7JKo&K@(W-w!seQ?xTltR!TzbztexZ5v#wR9{VzLWcM+ zao{NJTck1FhOKcd8tRv?phD5iG^>utQB?2XV^kIK>`tl}@-?uI>3`bXAQY0AfCn5)|l;>-ats>7nd!w+XL$(#xfib~WUv<^POeh?BlVh!O+ z`QUD3vjj;mC7wo$o;OLS{20T>8LUS2R6%*7=}^1$)B;80Qxu{dFn_swAFeW?vN$XgWYUfcbfE)K%vOF$rD|F&T+{l>Xe&|IM7hXD2F{F0aPl*T}ZdF z)5w{bvop~SdQjfb9$9~+5O0Hw)tg2PvL|q$%}+e9v0QLJ$c(Ad%xjIq)r5gnOJNiy zcQl-?i;iTF8lRu!rZ5uM*QsP4f32R;R6`rzt}Mx+5Ghq!#*vPkR)YEpn?N&HF0F;? zM3KF6_O?d-$|HaPI!TS-N`}%#OZU{asuUYB>)6#w5J4{UDN9dEVIVl+_2lwFv@!>S z`4vLWTjWhXX@;33)Q3q;e@uU^4w81G*alt zES1V`Ek&zytZG2&PnHZ%sth@6@a8Ny;89{{#M@gV%SLmw5NI^M5=K!3zOkd~!hZh9 z#3v4o{SY$TsxLe=w%#pdb-|lXe1I&GmRT!)O16|PnxyGaLRY=enm*aove8UN=%h)m zJYqquz{^b|B`|)1S|Qz7?_jsEkfOX8y(x5}s!zabCXb{pHh7?w*G%7_r7M92D%0X= z<*wjy=wvPvTEN!6q!1zC->e$draO$Tdn|t2{+>aaAshG}r>G%?lfsH^hO#y>EF^(W zy95+jXAh!mWXd~D?_=6ftyts=GkxSvqQN*!$IF?KqKD$c8Mm<5S13FR+?Z(=GCZS9WUttEK{`E)pOBH5`rgoZEp{L*y3%-gK;JWh?#!GqR zRkHkH5_J%JFs#iKZxq!;YX*=_IxX@IGoL=@pkhd!{Vi2Y*f51r7(s0OeOX;XBR$G3 zc1=Quc82pplWU*TStJKFp3eulVMZLq)aI)9dkv=(&x^&C8{7c~Dl@>+lFjbsTWMny zenmx%6NJBUIeBXPR}7^bSMsv8^d_!Y2a&c4dF3tTBCYR%2-2Q*hn;o%Qx&rJuIj8N zC->v)S3GrsTV?4BA=Ucm{;w=NF$R!CbEwh3^BI~*khCIl^Yd_Gvs|)@;oYT32Jt@= zW8OYz`oD)wdsUK*Og)+D{I#mq_Vi$wiQK^6!B>xSrqrdqRtDFV`yelq^eu%kv{ZHp zfmZG5;@g&36j(XdR$WTtQ-(p?ZY^f~Lp2o@96HB3ghx-(G-Oc&gSw8 z&EW)VpM9`wL~qj|s}(h;f&b#=f<9^%)BLtP-)nwqtpF7sOzFrxsQqqT4YL4*g_3sv zTopcLofnvg@=V2CqOWM|6O(d0_Z96E456JPx_X2xuk3Crj>j4854(oshq}_14#!3# z;+%(Kcmw10eQyKpk(hnrX7aPJbBNfHW)kir<&=KnON@Q<%Q^GZG zzbMOp&J?iUlZsgWqMFP$veqA+Ca=Rc#~!pScEYX)U`yguXGpeY+>w=Ogf@wf#JPr! z9t_9T9C7!kRpAEkSe?9ispSNlx_AqPRr68LfZFNYh++>Q+a^kb+Z_AMM!8MEe#bvP^zAy*16}=s5Wr_ zA{VguZOwMo!*Wqz5SQaNiUM)p06$lj&x1?HYO&kc1-rb?;nlGI2=V*wfyl|JA8!pF z=#yykq_hvcDVmuhE}=;_RIPfa_}wHW zG>w|+!%hT;4FiK165ty<%GC{?#byH(kw2t+V(-ERk|4tnD_IM3%IbILm(RCmD{EC$ zTsdTC)DIV%NL>JnnjDOd&Z~Yn<`7WpfhZZ@=k_kr1S|?~-|3iCUcmc|%u&ARcCgA~ zEQBIUUxEyCGI#594w7r#0L%-vht!e}z?G$w0$;#swEyN{X8{5VBd%bNp60M4XtI!A1pW#CA zK3}&wq;p-TIwU?aSX5RW*43;d9QRsk; z?1lMxb{Mx(zpD@hpCm#Ick?+DkJ7n)@}M%zTv>9n;OC9LQHsohhAT_QDx3cvrWP*v zPiaV5QyL10u?Cy>3D74_IXmIv;0E1G0y6r8xCO) zkW+!9HES)ku$DF5gIAJzuP$+FH4Xv4wF_>(UrDSV^UV8^lgy^UhLGHAnTq%oprGSL8Jg-)jzkxPDCc~c5yiw@Oe?4)-OHHkd91TCD z%@a8KeZaG4q-gDxPYkQ>&WRD80Grgm&7ERonWWg8?Z_0d3}ROZ#&TpN$5EROO8W|l ziG(?L24D#-|0$f64c{LeLEz`*T072_k%Y@$>0hC^UlLmqPZ}z&%}TE3@}2k}b0rGS zj)UL=h!)>@I080`X3*_5%iEh7SxlJ8Ob$cepwo&bKA8NqJ8KGvU2c~Gy3~TziRJWM z6HHfPV|fH&Ltz`oZ7cy zxuy7`{$wZK#?%byI%%=#SF$a%4>CP)f5)U3FQ$+jqcf4MDc3U2TiRf#@GKJ(;MK7v8t~m*VxRr5<=M z{hgW~_$bm3ZwBe(k20EE({dl_11D*XxU(+IuRR-@%g6qXVLeU^>rh__wyPys8v&!% zUqM%*l|YX5V6RvsDuN5X(=fC3ip2Aea;({*l-+H~@vHe2^~0*$(|OEzVn^c5>`@ul zI$GsE;!*o=wu;Y%{;@$ZVW`*bp|TZHliIkg)IAvBK~e4E=fBJ19VI%(>$8;zA?9pEvQm2E<5=%d zd+atVbCMt`&9eT*|BPBplRs;vHLUWYK9Asl5!*1D@5`U@zN1v7P#sIYaFUx#jFS?R zxT0rHp)nLd7-!|6GN4O9y#3^+w*viNX><&9Cq&eFTRGBd{#eaJMen#mTSh*jQgS;4 zw724uYSkL+ug?qqbxxn)rxjq3tx$n2NUk-yA4}q0s5auR?qkO%O7HVjk)+ON|0vlR z1{U63&0@T;@WS5g5|+3nJpJ{|UQrP`%UZ!!mZYgm@_E4@m-h)C867=5Mtwp}|MRik zEDwg60a+zssw({9iK2P%g}@twk2Ob8c|TqLsG0#jO8v8O00Wc&hk7&v`aX~OdahC~ z9fH3f9t9K%`C;somsHN+LxY7m7M{|q*38$OCh z1KZwL{L_e{9GQ`Ps>XiWvJ70 zFLQd;-QH`6>6@hXpt-gG-{i8fg^c81+0pS9uHZJTz%T9LW6R7-^~O~WZVVRubwJY+ zFl6#SAffiS^RnOAH3brxkf_6}zjv3fKyTq(!%mk{qE&BnuNeNTwf-~d_X%O?G`sJy zn2wVaWZbR95C+~XRP%Mndonm;`+WQ>SP#5z?{E?`^CmjYn@jXOQW0nyBvkdWusxY` zGDf4TF?f~huprTZ=Ro21x#y-I1>RvN7+!h?E`kjt+ygpyhJS1~W$LvVOs$5pj6fUB64t{(9{O2SMOI9dQHE zr+|`81?J_pF376y=kvEF@Da2Q%yrD!J{I|oUnax)^_M5=r=n0zsyUQz=Nz5j#P>{X z(bqI`)3%Kz1u-(zAfxF|dTR&4eC-6)o`oQ>&>=AywzC;n#B)!26STiPf|_!jdiiN~ zf9!mpCAq7Q9J%m0&d=O-9zt0!l8$ZE(lO#@=Be4+{rU2}iE~bfvpbEYFX#Ji&`txg(8IYyxOr9LGHejQig zKTK1fI?8n_IB(kxv=Tz`zpXNvaqKwE$U=^moYl>yE%bL)>N+m)YqSylu?}beVD%m4 z*fny_@=>;WZF{WF;4s!D#L0|%?wyT!P zI(H(Cl`3AV=P<)yqZ)wM`=uz>JXc50D*a5W&R1(KF6$=*Sd8|wt0~qw&vh$2+GD`? z8sAXj;Or!5rjOmfbWH&l`&o)Ykv{ia$gHORO%ih38u`76NrbI10rs`(vXt0NFj)%EanJ)TxI;piB$Z~B62iiuVp_DO%<+utth%zf?s@%0QX=w34I!;@`QO@>4J z=ZJN1q0DWN@plH0sl)3k;wn;pCZCP=5nO{b4kg*DUeTA!#QDd7FOsA=%)d+!to24P zl4WfOymB7q?orNb-Cv`U5dfVFo;PbKU5oy9Crnr{dxqTp6MZ4?6<_kO+M7)0lC0^q z9klSTawhQU`5PLPH41*DM)Z4bI%MVty*#WJ{(L${P6=y2kc(s@y^NBT;?U~!AIFEX z2+%&5emsw+EzrfxwRGw{0iG?_1$s~^@|cKs_C3rvHCEMjGQ_CDg*{Zf31IlKx%&b% zpZ~c&7l;cIz37K7_E6lbC@aW$-oxuFAAbhxj%gwr#eR&)O=(n2{A*j^v%_66=`$TF zZdUKhV&O~LJTCwE`e?dJ;eGwd%!FQf`>z~Nku*3&|FUQTSsu+$Wtv|c6kR6%Rjl>n zg2XI?mh895+>=1>YaLQvo6;ZB4SvjRuB4Yc9N)WkpBra*HktItb>}E-m^6}iDM=s3 z&l;y#KuZ%e4Ol9CQTD_@L3*?uy9J*7C43O3-ZZX(Hgjl zS==T}cbiUq!auGu`|^73TI%AV5n3F+Z+j&s3X3;ysLj3$frJ{43-3K|-IS?%UhRAF zIHO%$Hu>ei*plf7<<(N@w_{)nL*%1+-pzM)pmjv@X3PtyZZP)u9}G%hGIWr z(sFt)lGscMAUTmy9<8}2O~|~>V=#NF`awKgv#!ymagLEc(xqGY1NXiASeO-)(@YKnUyc;?W0J9M8kf~rN!$IPAvFgrETQXS5NZG2yLclwB4@GI zyA8WB_X4BQ!JnhNy%;rj!gp(wt+4>R@drpWZ?V$+<2*MNs$)3O`+@YE^68(yp+P+p zdVQQhn8U)m4iF)&-jky%i~F#I`4`_FP8N^lx|b%MLT%$f70;Q10pAyZH{N%npI@|S z{0u#O+bhsP^-7#S!G3&(>@Aa(0}N&L_LTBrdO~_^D3$c|q@qWCAQE6oypwOC;h=_c z_TA@M!EbSkd)4uruV#ID7e5Jp>vntka!IS4F1bcwePZ!QDdZObtNU>3*FbJmO3z;=)@0aTn1T3ns z+c?4RTW*{yj_Yr^op!qIa~)bwDyU<%X$EySjS^4{GoHYEQ{tyQ`CNOx26#^2Lc&b0 zQZg--CYnxSPmYTd1Q=TJeQG%Cy06x#A#UmyiDdP>ey`eT9vG>m^8-UU`F4bo+9#lE z!44Yaiq(4h4C@;{)##76GjHYsI zoA2K>kY|s;;~-wmM?#3Xepi#p3lJ~SZ6JO61h?NbgM`Ntms{igO#7|M(bfJ*-zMLq z=JrJ%>U33pEZ8o6aW@5FW`Y5qF3@QF(QLY6eZ-5)zn z*#TLA>*7-~9dKlmXmL*ndPYFVH(SrttK**lkwFYaZ@|EkqTSsSF2|d~Db2i#^|dS` z$4rMTRXJ&cCn+Pe`II})Ek*P{nZk@i~}^MI6j?XCDxEY@Kx2n6v;PN=J;u8_Iy!r_SN|UO3>>;$aPHi zyBfQd<&l5G?kq@a(DA%am{BOlU7PPYdd4(htM;}$Bz5O*gmBRNMn0j<&Fqk4#9`I4 z4rz{Fa-;g&sV2jCD!sMb_E%qP$qeJIfkzg>0s2ttNli}BhLSvJo_0BYj+~(TGIp$T zO}KYO-%c8dWN%f59a!hnjAW#HqPwX3a3aI?DBlG@0?p|zdARod*#5R>VIibYD%-V0 zbK0+7_9o57Vdo!mVhSqQZB~#`sDeXOq=v)krMtev!?>H()d~4$q^t9n*RBy9>cY2N z>L!_~*Z1QcBwBAg{z=%gCgBebx(%tmIJ!C(#zx4F*~1f}vA?nU)a~#mRqj6^e}}(m zJsD$kxY`C|J{nIB&KGME{y5U#ekTb`{B(O9*e!O-35~hdQa>srzn^+oXXX2o?VDo5 zNR4|aRd!bz>&=wRwo$RVXwn-p3v`()8nfLoYuCWv_*2_dq0YJgJFW=$dVF7(%LZfx zKC5Mc!CFuL!WET+l1hdRoTm7blw1G5EgzAY*6fJaF?DQQh)H~C_J7H98>~8KC}Fq- zDd>&xN_?G4pQF z6?Uvo%6$|mEYeo)F=hDBp02I0u%M9XH08baH~&X~k5c~JnFr@4qW$O`kSC~0nW7@k zl`eP9j9-PJ9l^!OX$Wn!@wd1NJe$Lejmkv8keg|9n{;XDUdftf_^UZFS29^+2HFRp z`(f8#hDON*W{|L1dHQT%Q5 zzi{^=J|qTfz{euzug602y?KLI=`6dtvkC+&PU^zdB$|v>OiBaqBhUoG>PiSmH zPp;!XUGqWJ*HT-rPld)%5J!sgGavV+UPF+g@&DmCQ{TOtHlJs8DMhJ_r5A_Uo$z@# z6&Cgzv5k=i`Fnyvl1h|Fno{%Zuec`&&MVA+%!2c%vn-1Q`c2#G$zcRk_vK4)n#KL& zW28vhw(Ar#mf`h5x#FhZ1a+pR$>Tz%Eu*59T{uv8FX-owU2kPD66+)NntHtHL+Nwj zHI1RmLJ7#DP<`{kIw}j0g0ec_oa%Or_d6f*13PV_$>#%F(TTvPebUTJu8T6!XL>)7 z!EVm;SFb+BCYgjc&9jLCXBO+Ly>~5Z1;vRX0)AtHJIOAK!|UByY_p;s-X6=4y+6PG zeC|8@0fvEmb|wNNi+3*#2p){u}sMBp2QuD(D9b~0P?tg zx3|lv>{oCIwDepx^0G?wnYKvds(GeN6yn$fN2{h~Z374OM|MQxH-T5FO+MF0R$X9p zTha_DN=IGXF|(xY%-0Y%+4uwKxp;5Q zPvytXjqHr7)H=nc!_KSZb4m*jR4m8E?Tj*k$8kB_zC?dg{HnzvBl!N&jzdH8BMN%v zbGuo33g*i(k-LWVy1?72v!Ym*NzW~pu`@9C@Q=MA1A%o3Xjb9fcw20LobNTebCuC% zsf45d{W38~XcIjDO}DEiqJEEyg#`f*QzotJ>1-K4g5gNAgiqw(Ogi>H9K}@(c!6Wz zdNIjuIWh=ZSoCo|k-;j5qVRF4tg%ewwnBN` z-b-1m^K`$x&fU2I+D|dJO_P94!X}c$_w5O)NR9$mg&9 zH%KP;64IRBZwY!5MXWi&@USiJ+r=wZZ}Cwt+wHdA+ZsMTD7e~Elb5SZo-WK@um$aT zl?o$Ux(0B9T;_zoOX&gK2GZ>|?h1Xm1qZ(mcz8bFu4X>I5x!k|>k#tLRB&7U8v$o$ z!pc0T`~<@(sj2{QFEc#5{@30{MqqlN^fb}`fN~w2O-;wy<=LHd%mp}3gF1T^UXk}t zFM%1C-mIInG9hZ?F`mAfM2A%(fiKs;Fvo9T`mo7&RzIY$5SAT=_den7>ze6b)$m0_egQJ=SsIBWR^R#9MlfpN^g9;Z%@*Fr zpBq;Zc{q?m&S4QfEidK}*`gA;2u8E~QdTPvV(m5?Yx1;rhSzs5on~ZL)4~z;3`Vf- zOApy|{xp7{ph;glLGf<8r#dJ&+=Dq2zr%>P;UeEV=0;B1GrJF{@p*B18b0DVc7F4j z^J~oa+@OCXef}cr(7>@3vC7+f884URj|6*UJ_P z)2`Pjf(q!nO0SFaIU$7=9&cKiQ3i3>`6zEuLUh>8ph1~#`=x7XNAu2tGqu2VM&rwv zD1IyaFRG*^36$O6dVg4tUq06(_bY3KWwr7;q{f#u4h4EOAA655VLG&Xm}ye*{J7ee z0KhZ$HuD729ySK{4bq2QR?huoaNmb%Mc7|}&E13jk)RkzZ0LE$+IET*8|>N#&NHt` zcY$5Xb8F|JPf2zO12M3W$Y0jjd=}(s)6c)S1*{*PcN`ZqIF-0CUm2v>fh<z~_h=XRX8pFAW!%41J$l(j^*o8PTjBzj+3beOl? zxq!W{A(dhv7r1wGrbaMVX6@uXMA*3da@RKR8mdd42qq@Z*@NnO?k35UnTU8wCd9S3 z>**SPJ zM1b=&urOQR>Z=iWydF0*`GUOqw7NE6&tqIku`|7H2**D;X|B4|oSK`(~b$5EEg z!l&0&nRaP!8As9+HvTHlV#iZoJL z--v#7NsL_8BW0pnk+{@=d-#;a(ef4S z%-%G^r|}@G)dwa@&nUgpctFBsidvIf^?p+86|6-9H491T=Zctxa@+Pv){pEBy7ZLp zDib7z93>VQnjS&BTH`{wj$+#6q}fGfe=s9j?R!qxs6{(zxl*vZ%9a+h(U0&wcbY{d zo2N$Zs;vY1I`|rp{xEhs@mh?)dM;7{VXs1Dbo1n6tp{x;tmEJU@TRNZLP^}_DsTwv zC%#*e0J&9F#93ym99q984FO8xe{k%+9A(ev+CKQ$zd>p@r|aCd<7=lm$;Dgj#{(4W zC+Km59`3Zj!X{mrXcw2T%mLQ4RtiTf&nSwm(Tx(U|BCx>#gk@_m`+!eL15C<=59>% zrQues+U!EXU~~pzDxt#uA~@^i+s_wPmA=N=9FZKT9X{Z_C4!`}QoO~h_`P0m;2qP0 zhh=<3C8y{zv&Zg9!@ujYNE-01CE_)#_PK3QCY>T_E{xal#1FZ0O}cqFE;Q*dZt&kE z%3#W1hL)*zY2~7eFM6pp^OK?DCSi-DCb)|VA*VUOvE2Q5&#oZ zU1q>5F6YsHacnWD%EmJ+K74EGGxaO+R8iV6eD8fYH($28HO;j}MtCvc(>p!1khD%B zUMb`H{v#?N>Mv?zR9PFHllK*qif5RsJhcNd(w=*FuWAKrOhnbDYS;|SB zHM>;je?V5sy0S^?Pa{~YMTg*oMmAKB92tEd!SgG(V}Jry!)G*$`Q#$R;k!z* zQLQWrdBoz2<}!ZG96v-=OpBRZ+P6VRbh||`U9h-gk7%(18JqD8WjY!mM5N8-N8sMm zs9o8E-ntFQ0`ryG>*240vs@B`p7uHAVE2xEE8Pt3svkI~B>P4=ld2YX(_{)CjDICL zW6ua@E5`&D=rjGb6Y;JA>{a0w0olTk0b7=aZbsjWM9v9He+JylD&foF>P)-SS9%v@ z|BUxRZ^At0<4202DFmOx#YQh_bx<%_n%#IvQT&% z2iGc|^NxjR9U&~@GYJWJ^&FGhHEA^_&bUT8M+8O%23$ju>Q&bcXTBszBWQ!V7!-h4zpAqlpa|P0q3y(J2EhC=4t^rW8 zFL4D(I-tE)^naZ0H;~k_XCS`TWk=rv?}kjGs50RZxeQ|@-**^SB=(>gC4gf(S1ktr zV2Suvg@)f{$Lu<}vS1dqS^=}hccV@J$)$8fD{PxWNN6-zALN}Zvq4wudJ4r(6_Y}c zqQ|(6UKA*t+xuLlZqeb#+Hp=5$SvQvrTBMHr+e0UZdyGy#*AwF^o5--%P)Q=_quC} z)sDgZ&^Pjd{dCBEW!r2BOT)>Zq+@@!=T^x>oP@srv_-VMmdD~V8#BGS%Hcr#81D_A ze9kV;*lGJOvYutPboZz!H}A!6d-G^HTy}tQSu)?g=%i~tUf{u5G8-PQRacu4Ox8-3 zSABVX*R`*|C$I;$7o*4a6j3&WF9;6$ zB{-bv5yj^-FFumgyFsL?ygZxJ(!FQbe|RWeeRwcb6`zhM?AkcAn>B*>>HSNYFhHSS zy;eunZj7^LvJOxpR+)uGMg#9O{(4V}4{Bfh{lRB_b<`Y6`c%E7Mh3>!0=E@US6sHQ ze_uY@7bkOe^cPSNa4ndzxTC6^d~6J>5#5okm?RI;IyL)4UYO!iK;XwF)sQYC+3^oT z#S;2cWHOM`u3YwnNp&g_TZH%sTcijN{AG&R;hSBFEdel-rtoP(`mjZ32XE{)AFZd` zJ`w-jrbmW)wVK{-V4aMiZUH;DA4weAh^=Q8}q(J~_{Bs;h z{dC7bxRj8DV2r=1JFE0$xUym;a0hlQ_cP6@gT>HIBCpmZW&+Pxtg$*> zI{Ab=Y(;l2^k?*Y9!Ur2!+_ABPmN zf`9GkktEufI2W#FdYb?lN6yE!^rH`cCQpP z)|trdB;zv9jNX4eWEPc!XXE_tl@n4^f{xnNqijNVa{}*J^6chm(r0B;<%Fh)iDTq* zk*{xp9yRP`7rmBc#~RZf&TK>p;Yz0(Q8aqKimcic{+QPMb}ZHMCb#bL!&aW>b)OG0 zIWqeg6?^lO+^n|uz4b_2Ff$2V^;@yq`z4(vA4_)_KBr8bkgJ3*G-HBQK1g`H48|7i z)x>ob!5BHxUC3p~f<1A#|M)a9`wdA=M=u)*CZlEwjPDoNkpgNu*O_`i-()f$UDM%~`eUfgDNkoE>>b z&|4(8-dpfyE5atrkB+8b(ZQrxY72sr&l$!Xs+{w8Aw{0lUCE2wYMm^@Eo#ajF=662puq7Igb z^i2Z)nH&=Ve9xj&y6wCHKu&kO3`0BQfDtLyz zDK1#YsA48?HBQNiD%9`dEV;ej3EsKW6>>npXHo?kx-2M@wr6hLL z2Q`AXOB(whNRrrg`QcQ@F>Fvw60Fb?sJ5+h9rhkR6WK}_t+>p%oX^ZY)KqFEJmd@&|1#M1V zZyxvw9j0m6yWWBMKG7Yt`#@*qRT!Uuz~k`=7jq)GSa>+tIz!2CzN=kSn5!QFc)P-@ zOuN)BfqwqHcLa-0A5KUXjvwv2=9+JN>@VEW#F{V6F7`-R2V)|o7K&pbzpP8e)+-}q zxb;lQ>-vNf0FWjusBvs-Cz$ml``LW}~tr4e$dF=fwDAQdiPW-%`m1fj!kMrVGP!x|j#04?O zeVAsJ$Vfv&{I{%K%09`*$lYe4{s|3#9ip~}&ea~47m|D9Ff@T5hP&evm-#LMn;NJ0 z=Z&8ezD0iPKF<+*Q@Go4I%JbHxC5yYH{?Ph#J4%{aowhn__|%B!x*2bsSGB?nr+kr zSejVtCszn+IuTi1{=PPje?xoWGVn1xab3xr?L$L0g1Pv<0+PUJWzdmMv4sW4n1xF9 z@;JuqaQ}-0k)7w(R>S@43R1Ue_T+Ld^YDWeL$?`Z z5Uzy7lq@NwX`s-SGZ(R<4=nW4{iA>*Y@Bb4%GCHz@QVwM-D)nLT$VF4A#U;fN9-Qe zMy_AE1nOT-$~=%?he7&w(3{em3h&kH)=##J6T6O+vpaO1x5nOLeK0bGW_RHnVP}M# zcd>BD-LWF;cgbo_96+NzHI;9|PzVh!XL}gh;17kaUp`Sz5+)qws{b%v9}tRupTMV{ ztdT|rlQ4gvN!jb>7>53CR{W@4Y~>1{NiBkq%7Y_{EY9M+xZwIhX>->6Wh9|!SgD5% zlbSU{KR}HvK-nd=?-v<_Vx~>aNufXbF72(LU>!Ljs6Bd778XF^&BPm(v>Q@OKTZrH zh%80&ksQo{Y!K+G4ak?Btxg}uRU{bP?{))jCxYKB@HTSYb~VRGHN@v)M^`51B(m?f z=nH`r`!p<@(0kX>OPx3;0++C2*+2LVzwv-~{7kaYZt(PU+K`s?&;J6zTESmOR_~7# z$Le#lj(=_G62Y~?2W>#q=a(Ri1AH1C2oXo%+uQg`K0WMiROsd-810-b2>2i+D}Omy5T2__Su;83b~ONN6&YF`Rneb3zIUVrcZ z;?z0&eD_+PwRYxw!M%x3*bgD}7Z1BeDDx^GHz#}warQNc_$gr&=QSV5FiZCDmpCG` z+@mJ=p??}lctpphI04-Z*`)N(E%vm|x{t%4&aL!y90v+AJl3n%K;r=m_vZ>i{gTIJ z5u9Yaqo^|k8HaPQy_<3WK;b?RC_|z8vu?)E`?r&!@QvMG4MKIT@Y!P9sP&$gJ%<}M z*T=NYd;^lw(vVnci$PFLzAxGB=>Bbn5y9m*yRLeU;2S>@SMGdQfN$$Q&OWAOBOS`t zqZq+%*;R3f=zUz{gynkJE_Hk0A*W97uPPZSCtQUDdkotRi>SmY9JSpK)woCsnTyyv!*UA4SQ3r ztXRq|{Ngp#r};F#@2T;8ELAP}#d;;N`2{y}@|)$S`io+BJZAw%LG-s^+4Pvob5&r0Vc6 z(UcPBK7oraPQmHC4uEChw7bTxr?^L6F%goK13;jf@kg@w&UBV4Yir_k<3?Za&uy>$E|muK?u+XERBGfIs=#&pg{ zE-F!{!hNg|mQTmoLTQgp>w~~t)PZRsC zkJvmDep_9+DF#;;qxs5yVJ4Put;|Zc<7LJ84r51^ypbPPpX$#vwpERbr2B5Al230( zYOS$w()om({~efUt;Sj@CVtx`_inL4wQrt9+CO;&LIUM%J{?EdZxwg zCS>?o?GVt@F_coQ3YL{9fQ479_CX4TW{MneI{+4S-J?SsgN?NBIk)$mXK&{B+2Cg^ zH3|{Cs`HcEx*m{rDPfuq5UX z0!{NEpfYenY)0Jh12dY$>7502fdy1-rknY@%S(nT3}qz}EHPq%QwnRv%>96RF5}G) z8)99Q*dqti7lj;UN4Lsb6L-qFZAC&*yOz#?dLkM+-Ol-rY$^i=G4ki6Fu5HIi{B|h zc3KhL`PH7-+F!*9T|Q^dX={O)h2_`Kc*361L#4tZ@oa9QK%-%=JngFwf_kmJajJVG z%;=uk2lw0eE7q(Pra##uA=(yvyZ|J!L01KSEzPY)ie_h*Z-4@zcluS;j!xyG39tR4HZ!ZFu} zjm{?Bu*-SVfMnvuj%<`x$7*P%zys7b4w@Vpzpj?sR)vyT=VI?T)nWgR-CN~FweSnJ zh-b#SYKtN?u1}1e-41&*^coyZ=t&RnEe?}n>wXt@-MS~HsLZGs+zb-PMr`b7sAnXv z32h2nzLtG=&7nIv%_uzp75Y&qvYWi(c35hwzudb^1>7>zvq?P;L3J8Nd8TMAC5Zv3 zC?c0=Tn$0pBtK7aZvwyOXh08gD#kS45%n zQP6Sp3eJN?I~)5J9UGHKl8%S3qPE|XFSPWSRhZ5<{@u0F7q-R*EG*lV5^?ZO$;w;k zdSIu;(|`bc)a~JCCp@`%vO<2|+(fb(m?8ns*IY8N3gXeP?dT0SHPjolD7>9(Djy-l)7Fv*BKuD5yk zR(wC9h-LsrF5G`_cj0jn?F04BWS46LQL0-HI+SFp2)P4vHi{cBaoqQ#Uv0QH+p{|4p{OK6-+;W6buQV6w#znc+dtQq0sPxUqQ z;a}w}nUQz0$ojo*wyG1dP$bN_aQYj|Hq5--e`VF^623`^M5Rb?P+XJ%>kn&#sqnuR z-2D$GBt@Mq9t*vIK!=t_BvEPKh4@7(+0YOxbvC9kOul7gvSdlF)@)qYwvXb-q?Y-g z1jKcQXG}m!1;h zd*G=*+eX7aQln@~X+kDfp6C(i?_R3c`u}4rs7N_3_0nt!b=J?V6;qoujdlyiE~`{O zznTC4q6(7Y(wSG@z(-TjAr^a4G)VRM0(y7731dMpZS>OVm*_os;oWh)NAO zbjIh1XqmAW0Is!TrCxY?{1=o9m3s9LNO^TXr3lBr?{iUclWH3ELoxTu2GMf9*ER||+nZ+Z-UFQ(NYhjlYYZuF+? zn;-wp8bOGWU8+0wg{SLI5=z-EcQe<-Ea_ZA*!o1BCot)UPuy@hrH5|@aIXvi=pw9J zBj+?J%H^G)A5Nq}3`kq>$UfT*KA< z*w&0x1MoziX2<7W2t%8MsdBHR6cX1&;PRL-_8n3#72=KNo@)6s%M%eg_E!TWd_?d<&23jwW}Ms1!i%<({~L~^WT8rMeowgKj_r& zn;lD$)O*0%$hREma?<^# zFWX}|{jjnN+o{OoePOC3<-a+`GzfZ>eMd}PR*~KeQ*+}%CFJVDVC5FBI}NZ7=eB1f z{G4TrI6kW=bNlc9+%}+O?gAl=m6I5cZa%B0l_??sA$?#*b*Jl&2%Zdae)p*#6TABd zQ=U5qK06bzYh9>rbm>a8qZm_64Ho$~JH{1=>)($CKg%lR_|E?AbLj4u!I`9hx90({ zBkb-jO|E|)7%Jhr@j-RN&-o@7-LUtGJ{j88P489HF^c&0JQwhO(|60e*|O+7RH#S! zFZPzUj-KVRjI;6Z;l>dsm;a+tL+)546T_Kl$@!M%m$eopx1c6^5k;-k<;S0RW9_Rv zrn$CGb&R~W;9&0Hk)nZ>L~ap_)-4{^(kMDbK#s*uHkJ1$(mmmC!@zs7tza(m2@IKeA&rJ{A!XjGf+O`HQ&1 zy^=ypOiOl_#+1lEktc)=5as`w5V9Vtq0G65^M~3El1~ zVTmA$S4BkCK} z+9vk*+F3dYn!Am5Qo1G6|9?=92btFR21RCeqA?T1g!58sNUsk<;k6lmg8p(nXiG#? zuG7hp{N5v;s%A$(0DE%HkJ+9eHF{lYHvY@n_Ain{k)4zbw-k_{ch1>UHh6CE;+N5y z|MHRnEV1nr9!v9gB9=lL`h(ohzmmAegnNy?0d4`2re*QJKOhTroWY=`^jAm5pPTHj z|BsGLd4XJ=f%(baPii*pNyLOjR4m>v)c^jf9gmnapuO}p?DNc%Aw6jr=|scC(qAZ( zJYXD;D~i43S!N-@ke*-(V>B59K8vsU{;39q1rp9*$g>6)X(%~_u1og4-j7~qFfv{V zFNcM7lOw~c0nCGUYO|~x|K|yz;K~22oR{Lcz@s4&+g$kfKz*IX%<-v;W_nAb|XsKY})und{tZH1HG3 z`imB@n)P*of#f%@|C~}*di>X&pK$>E!znO6r~9A`ooi6*e6`L{`Vakhfx2J ziLK8pv_+@aSm3i6tuN@rwS8v_Ro2UY&RdXf`+t_#Bn6VXMXq1clw#iMNawz_Af4UQ ztKwQ(jrzQVJ-omFA)J<4xIV<_LtKrbLS%q?mR&+G>IV2EquLDB64H5pbGD(t0Kj^0 z!N6*Eoi6NQ-;35aVCZuM@JQE<`{m6%VnC|qY8bWqd~dI`Vzj(*JHz(dk~^qa<5ffL z`~xDFVBoctT=VkVqVrzh`b*$45BQCql!X5MiH?|RvfRyrnSS#W4|Cz`&pPA!-;=Dz zH4GeY872GK%4*+S`lE?Z8@Nqt)gVC9xd^uMv@#$NN8&{b@s>~HJ<{;YpG~^HLgm z0DR`L9DqWEAd*?ET7K7ER5822Ybr53*g1SKxQx(g`H}!u-qiVit91!bYLGNq4M}(F zy1UIpwNXIJg|Uq94A^$d5E&*Jdaea0>ILt+qe6+1ap|bKA{lhH^(Z!N3lrN&vXir* z=Mg`Kql_sK+DCME1kPHFGdjNovyI#557kS+f|4nXT;brcZiLb-@$hFgOi>eUbakR%)sq|FWkUu-|-m+51uu!L-a#cr3j_V8;-MqvybE6D& zpPslPC6@`ZYx*NOAK7I|82=5Lf5J2=F$ky{=Kv>|^KkY3Pj=ECBJ^p2hX*qCJ`8t5?|vuP)sD-~mA-q} zJCMNfe$5id=Q%34WB$(|g2)W1d3F+11Exyd@bR7!%Pg)jYntC%AU1k3?};EqDID98 z=30;3DsE9+NuS&>u{CrUP-3`bL9 z9s4_+qgUj-6o9(*pUnFp?oJLIG$74Wqq~(n6I&)P>dFZ{Xd6 zK2JLU$nm&Ps81C!XY2Wdr^^mBLMEi{3Lx!yReceG)L6HV2)KFwAT9s~2G>bg#oc#u zX~isfZba80AYpFXKh$R_-&z>(!JFf?81^j}UsazFVo{|DSo&&!S(pnfhIT5 zC$h~w2Qc9G2mb)zUp;0`LgnGO_dqgvRw^?RNKT+4Ihks>^b}vSLPwPJ@=|EIP`0oRjb;rdpJkao}q*AqLP0#4{_c*gvq`3!R#UK5B-SKnROYj*}S{c zuT^b);s=20DW*DxZdwPiDHQ$f-e_iTbzaf9J6i2aX-;j#J}d(w@?sU@IiIG5u8VBX za70ZE+wq&6*DjW+VObg+uH=GGa}k2}GjyL;d|29No&3ncu8ZAIt&}dNiYhv;u^7jd z0+Jr4Gt{*dkk8oFg@3MsQ#+AsYb%yi`wb-4#Ky5a%kArPgyq&Zp1|prus8q?UQK3* zFyR^z(BP&})77X|u}j9j#r*AD|7Wj;tCB}~KXK(7Cu`;{(OXA}x2b)|tpG|(kxFb; zGe2VQz0g+cqx0(STtes&!n3DhNP%4()khJa7wFGtiuNt8;Lc@!Krgeu_h49-Cf6vL z-c5CbS(`!IWkH4WkW$0V2393oYd=dqwb^gxi#=xoy|TjGR9;{ltU8L)>b?C5Ua-}; zOy%OYgYiLS__8AyP_6ev)P#9k6^&Bw0KOWxXjCuJo-8fu8)Y5J5aG}n0BIXt=3KQf znU$qc>;jgoeHJuCS=Z*<5wLO_9b3j!eWkH6p%!JwGj8P}CUJO&$d1Upf$aL%E$)cy z2s+(n?0S>KS#3IXe>m%2AR;PXriY=;^?sMTD1pd}Zau$II{{prVEKoAHCO<9372yf z9moW)sttXndEeMH?yNefnQ4&ETUMZNeA`zkPc30XbFus4)Rwf<_hJ8C1#a4))ceh~ zIEs2~`|A8!m5U;=$vG^^-@s6y1NCS;F_THOr}}LAEIIQO4WQVq>}p635P<}Gbo)~~ zRgE=e?))<#AT8gx%l?u-#~a4MZUN3lgu|Z~z*VH=!iOv|& z6G;KqF)?5N)f>agn9=qpBI)&1@RxvnbO&Tys64*!SGAhBHMG!i72;LGN<$J-3JjLZ z-nl@<<5tBK@KO-#?P`aA4Ut;d}dORI{Q4f(F(;;qD_RxNAT10B3XKwpX2ZV!Jw; zb9HjOhgkeWiq=0)FZXl52oN#?0^_|D>pqq~$5EhJ8#`?9N6{bP#WTOJ}_@Vig5PTJkUyCA4eLQ^dv(WmUT&V$-4Aw z>uZ!}D1FbzPo9Javl!}*9J~%`Xw-vt+qt<0kN0fwthU0)HHxtCZxc?x9%hAk&;IJ3 zs(`ml);m(1&Enm#d@iU~aRRhU6}Q*+BEFv=*!c=jNERq>2lzT{<+JzqEOn^*Ed!~Q z9&g+%r_cAAQoR838eSQ6m9@AH8|4NyTPQm1Lh_al2O7U?ln7@b>7>O?kC|_W*6oB>W=u2Af3-F(d}&9OKs@%W$>9Uj z7s{}_XkHqOCl(ttn1l7x5+C~}iJnN>bw~N#&Pfk%dR)|$;%wGzaxWie&r!KHx}ZXy zBd?GAU@=@`WZ9XC`z&(dYb>}xZh)_Fngr>ZF!hlgzhyUiqdWR%NKHQ@CI!S#?#_-Q zH44-51EM0#@4AgwNm$XxopB#?4*lG(%&9W1U8r{uO#QbviI@V3-4X_YS+ehVbvQ$Y z_)tchB#M}IrZV8Ftlj%l5V-s4b0M43ucf@W#v9|l~KK=pE z|L6-_1F!QJ{J@I5?#)C>3pRREBT31Y1nng1GRaPvTVhW1`O~eMaaO7q(JXu~@zW+K zgR>TdEN5~AUwQG6+fg3hu9(*jx&4C|a%td&Y3gt}ZgzZ%Q(#RXYo2i=r=F3(<(4Z|F=R%m0HPfPSJYZ@|}(0`t6gy*&S ze5>#0w}LSiFZAme(IEQ9YgA~sA+zl zi{(Qnx-Z7a&VIrtoJGF$xQq~-`1r1XV|V6v4f-?_Hbf7|)t3w;!4`NJYIOu_`FCqzFvf`Mg9|&1a)^)jcy-fL)AEatxh*p}L{|-&Lg-<@ z<4vzx)6_8I6#u)ARNC-K8mD%di7p>C{By)+XeXac0&9_)YsoV19kqbs!ko_~5GLZ! zd0Qa$(leO}PF|7IZIXVXFAr7odc|8rZh~|MerW{lfIaG?civbn#MfPl6Fpperi}3OG@NbbAQj%B1Vuu$dscn2Y#>L%^V8qs%U_BtLg2>?*hx_Vkm zYNm&qnW5=LmiJz6Y=cNrW@O3i zo`0A7wb8m;0W9cd3kWH>p_xi4`&-PKz?+0Q0{OUa5hoNUvY=!X(B5W~!0+n~v-E$G zk@2r$f~5HaIa2IARkJkus2x*i)410c?TvJis{)y3@W&KDO8Ke39J9-S)aA)M5`PTS z5&%$>R%FkHk=%yr)ENQW)+&#d^jMur=VzZtzDwBsw*8Re8zKp+Yi6jfErTi5+*qUq zaw1oCmKE;WVD?45)t9*8exZlIx$~v&Biq({2B^`xd6Y6@Gb;OObvn$)vz6AG;850D zxS)5T;LYhqJEl=j_y);)=xpVeD`1~+kf6j74yWLUOJNJrx1AZXwcqN|zu{Le@&3HN4PP<8z4i{~1Z)#ljBe2|Wzm?-k2eK~i{(yMTbKA|}Kc$ZR@_x;p8}7WAhmf5cN^`;4 zUfbz~@Aq~t3XG$0NSxczVkC%X$X9Tr2ljbr^q#yDKsP+z+U}P(Dh+q5aE`lN3#Fp` zE;qPAZ7grVgB3;W>VysM9^vc8!n)wm?eIl3E>wJynW6k}fQM#`#SB0M=b-_Vfha~F zm0I0qRN1+t{`?Y#`1dvwdK$9LFriI2QgGLFQim|$Jc)Qa)-oP*Jh;Ro-R}HTAS3>j zVlc8&HJ^Fu?Ph8aIer7-U|)Ifcv`Wx>+?@G`(1#ZgFnz;j#0fF#`iehQ7Vg>UvYtk zJtyA2X3A;>_(`>LvVwd1=Wh_jGqbM!z*l@6za26ZN(RpVU_TYdp8s)~Z=~rOP+kaz zB#czNb)|YqH++`_z`g?sVHg8c@}Dwa93l3n-C106GNy$Hfqq<$3Lffa3$;nuXkHKb z>Ml+={FMEvMw4L-2|8E0Jer`{1!yb0>phVk56Yts?yxUvxQl*wheT*>^PA`=+)|x+ z0UpkQpiQ*&4dP+rs#A)5rK5HfoTwrjJfOcA;GNxl2r@>kp&V^ygP@;@TG$Gp$N;mr zK3Fe60<4DyV57O>_KDsMsBxgF4UckpKI%K45AOt><9sKB)>lQ4!2Cr~IG-pR4>>%2 zvwbz{HXs_rKjAd7zV-a4$w8)t@9IN-m4S zuCVz6J)+);Pic)bJPcuG`mq~?0~@{H*(tOMHO5lD( zp+sGKwO}r(gM}U0!1Q9c3H>{be3$G*8LF{gU^++Gbs+2fRZkyZ18KQP>U!n zQ#XPT>bnN8$X!xJ;u<}d`>(;ddXq*TJ47&&RrnT{A#GJxF)p8dhUN(2%`9&AV5m2B z*r;UPi}`lE>62I{C#UUOjXg#YaR6epRx0~WGUXJ{;Bntjn9$SrEy0ZrzWW9wA8^yW zOah@0U*g42!M{2(2z#-d(=pa~`LHXTzCFkD$GHhZ!SrK)wnCGc;DD|{lcZRMk?=fR zP!oEqNq_4W&gac)0hI_MOR!fZ7=H^RA=hZRHNo?nE;X9=R9^pjF`sGuj>4wA5wdvQ zW35@;%RH0>($0r#l!?KKNv6MVGH_N6a1V2bM;!>xg_8+QE~}I);Fyoz%>|UF4UZAN_I4{;e&iC0&ctGeUq{X=flcMklYF^Fbd@nT zMh!;kGLJx6DOBi~L{Cf)Ug`qsU2PVLuFCmCern~Y%L>iH3e9FnFePK1y;!BtY^=ofI9s)B6goAI>xl2B2FnVky3fk+suDYDNb=po}gwNdS zw%S&jJqq=ChnA!3?(=H3$E`g{L}SU2qt(4>v&c-W23>g#B-LHlZ~J5j$yNyFg7qb? zkGp>Y+9#x^mPwCFs~4klUIr8tQd3R`crKuns{|h7^kKfLHaJ`{eKa^eAMUW|NsWYz0{aKBI zvXi_WpfIvUO1{_i(_LKjpFiiSY1d@dsMXbnsql|j{SbqHr!fZGIc-=PYN%?=ohIkp z4yLM!W#;@CyM5U_W!;A`bah?t4!^}d!zKuY;V0+o>zUQiT#d|w+(c>S{L2Uvv8KJa(*KQI@LD)R#!Ppli zztFDXe58hq+$1_k)f6Go(NU}^i?PWbPmGOMI3TweqUAHNzOGpk*LT5{QHt;TWnp)4JU4k-O} zJGe|Hc?xrZ=2Zi!+XU5VYKmD1@?r+I2+~JKT>HfqgzVcVrPUtpdPniYzKzJW-o*S4 zZQxVrUZt0z$uF3VluqOM{BA<7>W%T(??({A>%+>xWg%!|dZUSP_eN}FC%_cGYEO9P zhjn{%7<1}7>n*ZK6(D?!UG!#zQ?*ckG;4?4?_HNK4wsECD*@)tcneK@8m6RnTfe?o z0yry`9Y0z9THAw#{~7Y)IpZMr?E|1hiG`$%k3CBe5%mV)xy5`tj9Q!%NLsGVoDcC) z4C;4Q2jhWmihnbT_UnJ5S>FE2Z->J#Kq=ZWXiJyPAt+xNlV*(*7+R<>JT*{$#c0Zy z>$U~WMA@1+_U9?6GYN`vJ8vw;X44_Ee=n5{Qz^CiHj+DP;)gce=J=LfNtXScuAE=C z*+;a@y^x!-soj%WJUsui?vHdOud8mx?_ZvWOXnZqVqATjh%fs3EEO45@`=}YdgUOC zP17}Q7JKALEr}=pkme-4!_Zcn)cMcl# zl_X5k_G(gSSlVeT(9Q6I^u06PR;r6HGL z^qOW)6OwiH8{tmWQxZChzfQDq%n zrS@uewj)+1R%j|&osu(!IMyr`Z1)dg142Q9pQVqi?P5^cnNg34eIm1OplLhAW=r=# zT1|WEpdXt%g3H;NM@L7j8mVdqeAVScSG<5DnC6Er-VR(Uqz0m;ZH{Z5*D!(2 zRv_Uez}Dycp7wG;`Bf0aDDrGa^ow5B!jP+zszguY1$#9^5%q3+FUuUEPxNa?YkS`Q zGnn-?QK#9Vr3n0N;wM-eWcN=4G6)9=^2;+QVnqNo%IqnbQo0Aa_^JrWn#Me6qd6Cc zbBLoCxp%K_N-?89gJUNsTP=iOOo4>utx>}4I(546jf^X)_kqtgiBapGV~KkJSoNI4 z&OOm=x@gQ;O$%#pzUOSdMJSm+dYlLdxw%R|!iRi}@a0w4nDvIvg?lym)Cjt08(`{S z&+@|rH>4X;Fg>X8A4|puR12U!EP`cWiRBFnCxe54`p%KV%FqhCI)iZDRs!Fh{Af$# zaQTo+*MMxpvy!;^p6SOKnJ@*lG17@i$+_TXa=nBFGFA(POf~x|E#E zU};muFpf3T;-5@y0tK4|%7iysByWmR%?8uHz2dH0x=6qz$kw)7XV^PlETd zUd9jwzjYm#Ik^ZS&uWiC;{3g{v@DVU?INvAt73KSf2{Ed7sP3UTkpo-JohR83eo4A zLWtZ|W!$#?wpPWxayc@4p+m4L;{E64tbQpPsbMcaqek|ftU;HX!s&+rSZJmY|9QC^ zg}W9)5+c63<=kIX^WD=hXzsT8O%1WZs3-i{-*SICR0Hrk92*UC%R3A8jaa1@fDr}} zAqltS^g;vAzD}7zlT1(!Jv%aI*D*32{E#E4M&fb1Th#ZB%1QqPnu2%(F1z^DG%R@*j?S#YMd}p@O8b8(@WSBEUV0gjT1uTM3&psf+)6L+^|}PACT|SpgB3GDnQc8}Vsa?4#JncflewOzve;Y2>5P89y>JA7s|p_`Ie8*ynh1PP^GG$ro3wW{iR=ClYK;;q z{zFVPdVOg=h-N4llSp> zx>0NYfLhjUcQecygr~jP9y0e%zP`G4BlE8c#c2|>&14k3|u~|K^JZ{hNNL~o zibjTg#=_}G06dK*HrzE1ov;u-HD~_GLU+egFJk#vNldyMt#7WTg)@ups8&6=qq~>P zfgIy(LWwgPwMRWk`OY~_BoG<9pfcuiHLfbgPpToyq;zTK(k;n0N~7teT$)fic2TYX z+QcwtjhW!yF4v-(z zx5LFcn;AqD1qxcKO`%S$hn+*MenC;gdp76&y9Tw@Wim%{{{Ew*HJQdp(+0 z*Yx$7_(@Ta8nj&a&HtH9MxH5>dJt!rq8t(nvV;VZgg6q*)2FOqpB|$Y(D8|jGX&rk zcocX{Ec1V_`EZ%D)cj%L1E<#()(_G*R4Y_PV9KPk9Gxke5C3H=GO9{uUSS%8=A^8mPR$Sr9nV!6SC$>;5Cbb-L zZGCHoDif7kK!_oHfu4{V2*3kl8Rpi|p<;u9bnuBbgYceAx-;}^Ba&2T`v|h#RxNcT zfwk*Tl!uFdAUkmz^r;2{Ukj}Qshd?r%lv&StwCmfnwoGP3L=fHpFBp}eNhP+L8k%4 z)Cy25y^VvBrHN}O_TJtz)9q%HTjB)38&R0&7qOSuK)e8-Pr9UY~5#M4Kp+xO7SQo=3|SP2vM<3Ek)gU68iEbH_E4|EDO!7pXTkeF#Ot| z7Ni+pRqUCz6bF(FF!$B%&}3oV7*)SemJ%HZy7+_IrzbgyS-y-xp@G;!%vk^nx(4)! z;dg#=<#nXR4(gU=gL=-r?K!gQx1IW`e%gR9{238+9qMK3j~-D&&0dC_5hC$S@fq39 zR`$4pY`zambIn6VEdrt;Frxe+S+@E7j&haK;ogIKNNWbgWNo-Q$W4RDW_HmL_#}Mq zT?H%+W-8qHh4_i1ehQMHuR~B{%hCSfmF8vgB1l4&W18z|-f1!8R}I!lzGQM3;_*6% zPxH|YQ|F8)AHj1-p#%1Z^YfXvWMSOsKslWa=;gr@WT z zZ2SrdUT4+Ur(?9pwkf6*={sL8whO*)c>VL8-_jvR%Z;APr-Q8z${Q#@>T zl24_}3Ni)c7Y)$#%cmJF>LMz||6##D@capE7E7?K%_1LRr6*ax z|5{R#kzl1>z6H#f<~=^+IW7PDX#oV$IFB|@r0Bj#I`f>LW%^=^)P}KibaVVQ)hV+U z$!o=WeMq!zu#D(5=U}AQG~mtsOX(7$qce|LE9bu7)i06lP^cjAE30DX&HjL)z_z+- zl)j`L{PJ{Dgw>g^m3}ApFU#33mnU13f)>vRD<*%6Kj5jSQJ3&JEaS13gY>Y47`s<# zERSgFU%C?o4{0cquS8pRs@T>vnW0$GS)1>%5*u}Wfs$a;+mb*SaRj)>dF*eO!~+S^ zmdcRFVDvfL9A%ll!f=Gkm$4$~B!5tHfJt_uwny1dLO0SmLO0RB#gXThsH-BLiQ^Tg zmYsq6Z}tsysB9Vs<3Z38=n=a~smOTsR>osmAxn*N@f2_hsErSi| z5^3y0etOF?akIzcP5H{4$wU{CUKbnx_wRq;eqHbMc{TotLMyWlVlhNBy*ZrORwAjT zpkA)EUZktNwXpTyHzfX1_EDS0@6sJH28+Yb(_i)YC00S=An2 z#JDfe%vg@bB=UoA?bV;7+pC8ww)OR{XVV;*kN6vEmQn+i6LUY~+CRt2uV zN18LQ0X*!(+7&KG^V!jU^HJ-cl=6>i4f!_f1x|)IDsA6vCg`r*MekQm3=^qZIgPq6 z-=s&I-Bx`is5lVWxppCb;Kzv`T@AjgsmaQJC0gV;n6w$St|Av}Zxmqj7f*e_3TQrR zlo)m17TH-#-VtOQ>r8pED^REs$G4*$P7)~Fr2oR3@;~4fNiHwUp8+yxJnE`%5GJUA zV<%lNlbYc$!&s(0BKr5lmM1L8LQ%maFNNRFM`dNw6fkO6P<(mC&ufA$l!85^B5-puYD>L2k645ak zoB!|H#Y37^|}Lkp|WTcw=YhV zFKM<vqq0Mv>-{UBjyP|Z6g(H!*!C4V#jZ77 z4{d+R9Hgft?KLD>?!@=lV(f1n3<^d7 zt#z+R3-dZV-WhsGkn2bzy12->;90&bI#ySP`FImY?oA1sQ^4O_tsRd!&e+}qY{(zP zI?!3HsZB$oxA8i=q-s0UcwYt&UO4s_6#E;zKu_Llj@gX(kLckpi? z@n&Ry4AvK;C}%w8vxf5f4;87ZU_YdR?eteO#C)5`(K|m=2Yr?b9pnQZo!8apYtAR@ zt{ga`k?jCTm&;|+8T1R_8VfBcn)&~I9EulfdJ3++TU$%wx7j4uOZ!6~=B(VK>+WtT z<)~Qqns@)zU_{-r_aPEXKoB4xK5zkcK;t>22v!rvO9Te$Gy}dm2J!*{j{!b_z#G&2 zvJ4!_5ZvxcunIi)Nr3UA)e(RdLx5mN0Sxm&)*XmF2O+dMl$8B-O*T(*^Ac_rA!N{z5=P912rnGcFvvj(-znUftd6H>8 z33;BlO^OlEmzsJDI1u(g)vX{hy&y<-a!N+v{D%}n8$eKY0gbGr zzX47r6sRQPfdLpW?Nw}BWII5nQUd)UmA}Sg{dj$V!y@*YpIxK~BBPKZF|^Mr6b>ps zZv-C-qZng6E?1^1jF2gYOfz%F=La!eFmfc~lnsPU6@@7(!`^>XmFfoU40lf;+|vm( zVbW>Lh)z@aY!IwWjZ;iG6skl`k500kR3M24>Fp1=;T6A^C`BGUTEsa^F| zW7xoOVr0-@+`31u$|%zTva+yM|1x@FWPZFKK7@G4G1A5*IJ^~zNj^<42=aOP5&Bk- zZilcRbVDO=^F!=KHR~vz3nRHFhU_2bs3(H~_Nxg{zL-)C zbbnC=Sf8oq%Lc3PFY#vioDT40SA<0UK$M<^Xld&)*jDurt^ovI+pzTO-+)6FG@dUP z3cQvYk6~mi;$Vrl0M`7TqfJ%xLUTO-9>G#I0OuvtoI=6@JdDE!=nH-d*lG2(CPmrq zPjSSqjYp%z>}p29CJ1Qx_dB1H9=l}zJ-Qe%0I3W`bWaK*wuP3&!tSvC=L-Nn%RljP zUP3t6a~*@_6;NNE4vmKSeK=!IhlfT!R zhsHAb+mw5;gpDGrraC0H>(itpSmUq{1DXZ&td68Brr?6y-dqhog=K53h@1`6Y5fLd z$7cw(vkQ@(;@;o-bM^5Llg%_U&`HZ?ve@9X2Drr-i1*Y5SjQBUK-z)}GE7V(8ny*= zGQRP*k|#K7y;`p9qx{gH&<=!_n1Wn(3sWORZBAipuWmLI*S_Y*;D36xon~g<^rxRL zb{PG4%h@Or8bk?PXYOElz?jP&VtL;tOP;x&So$Rs1;PJbJ+K_dmY_ zz%>KWnGBr(?8$r`2PGdC1-?3QDsk$q_VWIT*U%qOm~bER-L2}=FU)!_<#aQ9G4y2J z_+}^NFChC9=n2{V>8UV=^nw+pG}G;j7n2cjG^o$4Sxhbo^P1&j$Ry}|*W2&oW@G7`o3jiE=Ctx8n+yLn=jsu|RXAOAwaksAku5v(VAHaJ#wxSMz z6ImD=)$@F#kyq&QM+;N*S#8b`WzuaAhYq0wiA+OS9fCVqbaZzcv9FBYa+?-LbGBW7 zS)KSw9tiQBa_4`~WZ`qXIK|$$negSQ6X5MlJ8x71NdR=cGeiH-3PFCU$sypJ9>n0P zUXJUOqC}ct|6HlRaiso4it+M2Q`?5PXlcIe4@1zGIQE%G7;!ur!!9DB|`Ir$biVZ~P$ z*hlsRv77-%r3ld31Su;K%trMxr#-r{(ghCKVYmTSXvL^ezL~cK4J^h%1JAI?&Koiw zgC!A#M%BB~@jpu|+DL(xM_KMJO69aV|6jbuUFbROX8O^C zxoE%-CW=SQ-anPlng8_c?sHHuOp0Zuh)~6YHvSyOgI-9}g%Q$@qGzCfs%2NuU8-e| zxc#t-_FBP7`$`6b^mJ+*;;~Th>PQ)nV3uLD=>)j9n7j;+jevuqcsdLGt@i*%T*>u1 zPX!F@r_>qUeWcbAh0vWCOj*Lt#UOKn#1K+k%FfV|>yFmNCZ4iAsz zl4sqtcA}8hclF^B!u_>wsz?wjt|;9U&`PQ}?D`66EI&0EvNc;fFW06+W)=F35M@)# zt{R*J%uE4d{{9KPD(Y?Ktt1I>5exOCKYY@&%wbjDVQ1Up#bP*0>@K^C6W5Uzk#K-2&pYxiEpZ*#cROA3OBbNmQTtg zHG0%3lOZ&Vfi3tE$eE>vX>;Sy=4vNh>D%>7{d+=Nc zk+=a>&>B2t<#g`g4?tsv1Es}AFY+n8eV#Km_e9w#-x=J`w@)XQ{%FCcf+v<%|1Gr-#U?ix7kiN&T3*G}sic#yC*MLsa;8QJEV??3mdalWsekdwWKCBAd)c)XVL;Rpk9h|bazZaWRF;V7hl zRwU(bh}kqiFX$0331=_Nng>rhW%xC0(d5j-r^lJ8G`5o$m}8c^f5E z_twm&bQe(@4$hUZLNIvdE~LVry%v=Yscj~3c{NUrReXVfN^^rXV(k?O_;u1(?%D|) zu+~_Ks8hE4Q7>iBkw1gaCb%Xkx=Q8HSjB@4WReu3BXzIG0zeRNmVC& zXyMK#a|$?OvuR=)a(qNvEDt8ezOYEP-*OrIfjH29?*&LcKPUgu#v3T%9P{)ZGps~d z1m6W%?J*TZ&xS!?>H#Tg$l#k8K&5PhUu)f1(T8%)nTUXv>1Bl*Sj>ukNn*ZCQjy_* zPi1j0iqPmy)`E%3-?CW3=`t7j;!GzspX6t>#IUfq7I8{8l+mJ(CLLPBGl$s5%gO}g{S_l{%_w+fTZ zR3`GkU&&;+vLl9VGC>C474N3XGzTs9YiD4VP!fue?>KTxqFeclceLVMZy(SYl5V|X z(LJQ{Z^~e^Z>P?6?iRlm#jfNKLIMs89nS$Z5cG~hK9j%^DkCwMtCczfQu;z^y3g#^ zL@o)lTg;FXL_dj)9+vy@IjG>dp{Zx|lxUwUO`s z#+O<~zR>p!^p0b$CQ&-B`87aaj3(*MODuH~2={dUynDe&H}_l59qmDQ6!-UGcy?a6 z+W1Q|!erNtZtH(fhrHrh{a+hV-}vFeUr2J!m&wxBb-xEy&j=3&Ursoj zrSz`A;5KN9JV|kR_!TJFeteUHZOHt32Q#6Wym2Ui)oH8;W>HSebz#Xo-R9rEeUzfg zF!<2w{$#14v4XRTTqTsi*F~Da*;-EdZia1RJ*tEKmY?FvGQhtShTQF3gCf$a53@|K z>G^C@U;guYFRW+k4&}W5m7F4k@nO}8=r@()-vaxwdKv4o(1m{7BD}=9!0PHj_Zk;k z+pWp{>u>DPeJS<@zO!;@oInOaf=*%iLcP@o40A`<0bJrk>XVVUc5}tZH|E%ZLUI15 zn|*_W;$X1$4&-DdTtSLblK~u?g$G=& z{mGeHe|{DoA6b7J_y9-(XvY7iSlg(k#9|>rsa78-hx3( zdQ!RwjjiuAP$zw+);B;WXFQ4^i_%2eHoxgm60^lrVdpp0@8S2%Wk|l~?dJXU^FgT& zx>VrgzSj2G$>KSyJ|laeBQ&%&-1z|5Z|US8zm4){pUBAs%r!nhOOiLKm(Wq|WEZ5> zuWGAhvrHH7qdDR(|L>Jb#7~$!A{POeTiCKw;edL=`Bv#hS}ZjNl_vMc4LR76?3y{l z&;hLuoU(MUtNHn$iTw{L<8OHP&hnY9TF`mT`F6?9p<-`$Gdm2X!wef1ZTQ>-QyVf) zWjJ>U#H^yIazI_cS>TOvKavxuKW+COI4AVu4@t5)kK%&)W0(7pPXYpPn#||S3(}3h zFBbZyJ?kOGOhfhpjL%@i7cJyMfTOoRPN1IOXJk;H8$1ECGNqc=r!l^O)Sd${<-|rJ z>#u%qk3>R*$ummvY1Cq?v$?dBT8GS&Wy*Mi@EJT^*UDFugfYS-=e-164%JDSba@TC zW8VwX*rIOg!{&dgO2+g>r3ajdOj=y|@pWHZr7YL#a>MFL8KKM(WrQH{922fVIIAjL zh$`MV;SP{q-F?*&&3XVj_0s%vO%jKGA0l#&dPKgl_;5JN!9I|TnNz&I!72diP0Kck zwE5m(D>x{!iwi82&z=vq<*q9Y7IB7qzbkAbEzPY|%#Bx}-GaZPV_^#^CX4k%E^(Am zAa)uPacD;4i%Ui_RYpKXQz!Q4RuA3&AnsK4!)7ctWZ|@1_CIS^(Ni)vC8R(Al9K>5>vULVn`C|#Apvlom6kDXsh@4%D5$Swzm_gnLrgLanW z$FLT_g~<}-K>ui(qEKlh_GSMlpb|8>jJ@%yLRiHO%=xg!QToplK&C&CSi7}IKC(qg zv1XRsj+>!r56^j5>3ko4kHosRDfa1t0g0eUqFX4DI+L?fQBg|ncF_Q7F`CS;CGUMK4m($v3|Brhb<|n)B2|Tu30>h zn63Pg00+_ePBP{yb)1#Yjr28aY@Moizq3UujkRQm!W@9ZP@B)Koz?ZIy8yA2<|pFn4$9H{p`%V(QTuV`tnXNptkIP8W5 zr{4yMa5=*HbWB7zaNQgJ0(t?=HoI3Nmi$8x|AtS$t==LIyti;yarWiC4c49-T@BRz z(Kr$4h_g~F6(2@7GNht-OfnJ|$`s9s-NtJS#5o-wuOR>tb~`&o^$8?Ey_;mQt1u%D z5x`#=W>0rpb9^nXK_d+MCC1C2Ei#pUj3Cob&hWqSLk4N_K4?t8oB66?yQ7c;NM`S? zfcC;~&3!4whoNW3wS;P{A5c*;!YSyOh8eTurH1x|!3jw!SfUltjy_bTBxJSHBc;i# zXD03m&YN;C>Tf!+1sCCt>YE5x%m0Ns$Ok;5z{gG5jDeFe$9ChQ3C=8%OQ?8%fyXne zHZ4Rc^F=hK3`V#08;Er!VLH9R(;yVtlfxsi)*9cMp?q_};g52E0R<%r4hT1q(>hNG zvuA9#;GIN=NmXJr%n2^sg*s7LfmV@tzeafgcK++~NVp%% zW$r(+wy-P8Cn@JFZ7J~2QcBCz@`|~`nPc3~rezvTUL#E%$20YI_Ex0$wRaBsu3Qz( zhXb9KjBca#?YuQqUZeDSty}&%Bs|~kHH!ORz^szIA*udiXF+ zo<|2DEDHgcnS9e~dn{St!YtgP`yhKR(%pyaRlO@x=B_qCcx7|-0W{Ao6gW^d0SODR zxw8Y}?O+Wy60?{L*O#|ygFi*AaNCjFPs(x)yi@OQ)VKw@eTk17H<3u+2N5a;$|R5M zFe7BV2&9O1l=r99DI)P^?phHbs{bY}U5MNT32I`TTyJ&FgT-5h&-eTokHu)Z3Y zXKBO3!|;*c?FG5S9|3{=9a47|!|zo?pG=-y|L#@h40m0LC1^06C}Z~fJ4evyB0_tb zO|xO_T&eqfNJLT{gTN^RbG5Pi&3E+oaWt!d5JqQbsI0N(X$I;GgM~{AANrvT4XW@1 z_MJkWr=farN=@9R(Xme2}=l~skgdn zvz~57OAtjz^X|%sdEX?lo5z&W<#aEc1AD_a4%4nqKC1!csBgFZQYTN~o6GLnDrE<2hf8{ZzPXLc z2C74eJI-havX-~=pDEUf6x3sD7^Bi*P59X*gY*D{W8P4ELTqY&vCe$jz)-)MYo=If zD_Oi!@nMN75KZ*7Q@Pe+s+l32e8gwwe9qN*(PRVG`ta3XJaIYo3MRzC^!4vejj(uU zOqHyq-uY6>XptP6gas41>Fel&cQS6tJDI*jbdg`oyqC zNlZiP>4j~0tMdrDeC_!%Y^ZU?4HIJ5o$JT@i|0o#4)n|7{s?$j1vlmwodWm z^v?2Xw#x{@E>VXN4-sxUl0^~<|59oiaK&U7hVr>Ah$M_4n@sJZcm0ML#dNg^? zJJ0!NqX%PQD*?Xb;`o%fxG)eZnOC8KLsqRW~)Ci2vVwtV&HM#rp9)^a^ z8O~gkv9zw^iX#NXf}k}DmbVPqlW{~2m#-tzLuXFeqkWDAqt0*p0P?EF*P1Ed2!Hi z2(?>9!)dCJ3A3D(cbk0#81(4zo7CY8WY@s5&%MkLe*vaQc%$C1XpViyQ317n&DjbK zpZu~V{mS-sfI|ppFSfPk4msg}3l*-OFWD!6;bwc{%MVLQocS4Q3+qw%d~$|QMy5pe z;zWvx^^ro&$p$-#tUM z1^nbfI{TzGhOe(w?Lvo(At1%6x&gj20nwo;YuDh0Nvzr5;mBFLsFfID*M4y-#n7eX zJK0P11t!3>)7q@YwV&ZxCF9KR0v!|Ed;zfZyMK!;zW$#a48j@K#e4f@K2RBLYet4H zfHP=ET`Vm{hHL5bG%X^KSlhr>|ENn4JRAZRw8cFvLu_np(Zn$o-KZNqI7y{H`EyE3 zN;Dox5s$KLc659cN#GOeuG<^@O$G5**r0k$ZvHl z1o5o*fvlB3Cp;{VE7b33=gJ=xtDDkQn&ej1)c2&-UDp2fV4$E#-Y~iO(UO`BMwDI4 zH^`e!E~w-WFKLmz3HP4pr;Ys2Yy^B5xF;HTmkQgk>_FOEPBINGP`riFq!f7BGDhpK zYvuvfw->)-;Roudh}p@EY8S(q;29YY_IZy~8S+eo4V!FHWx0Hl^xp`7>AWAIBVwHSE~~`CX=jkkN)Rad-2?4_!yPQZx|3|w@URD z(sgMqDHBXxdPW;5TRmj0^EhY!f@SZJp~9jrd&o6P{JCSbX?QG~VrZ*$lhM(NKllYT zPSqzcOJz9y{V)_zl;7vFGI_%pXr7*Utdm)pOdb#<)oH<>cXIx~48>C?S&4tCvE!8sxLA;ad0+YSV{* z2dMrt(x_;ocbSSCHpyuw>S1DHV>}HC8PnM4X$9Y?I0x_&E#$;Ucsc-}z#vh_1x~3z z&U&`i`T^pBS_ixa)OD7-9$96ZeUZqJY|L)JW}~!^yiR#7NbK#kTjQYfan{jbY17uP zX!6%7v7^cRwk%vIE*W=9&%=W2xZ>rl;2(6?7QYw)s)&x_)o>7F$sMRT#*BQur+t_*C0m<4=xA?0QXTHQPE2y|jfzk+2fy8ve#VWT_wSSG;h$f2BF zVy-(AVAk~B2&U=+7<^b*I!@zuQwkFP5Vaz2OQwg)(`LJJv@anZ^_+M^^3L)!@G7xE z2p#Ehsy|_2T8HxZw%VtET!Up*=SjeNb@AxH`YA+$?~=Z$^U%;`qAqea`g~wkfYc-h zD?@36$+q(2ngv(wWQL1V9bx3-$+F!Uwkn*SrjYq!>WM5odWHv|Oeovi)0HVPHt1&p zo6@O_EV*}@eJ(QwyPxYa;RjC+gQE_vUtR_ZU9i9edQ#oZ}qkrrH z4+WDI(9W<9z%dil3koVa9`An6k9u>K0#*}x~Z#&zI$ZO*yj z14tI#kl5!+;HeA*$P%o8*Q#USFd0+dsR`)E@pqop;qtt0S&eVc?u>f^Y;IJ|3r`SF zo99IiF(P1ulj8==RliMp+hJD7e22`ZBJ)70h4{C<3{Z^r210t6tU)6vR)S6hq??}G<(#j6&emGR(dZ^W)MFSbi`wTY$l z_RC^7lZ~4u_-3uoE;Ta}`JBkkOZ_4$wJQmp%I`XVB(Vo8UlRyZyaV;oH7u(l5~+%d^mv{%iK@$JtkR!a~l) z55a0H@O){`dg^Og_+5qMPc%1QrY%q8Fg;h3Sp^7g6D77hvco+dY_e~3wv!g2*j^B6 zzRmiKnxn2a@-p%@Lq2PAuH0~(^ZAy{vSxNwJr&1PX*k<7y@6CTMq{ujhtp+Ux$QVfUzZe1z!E^h7e zE3y~0ol>?)$E!0HFCDvec89F1wUpt)T})RlRuD(Af{3o)qWO?M3O}vm6C>gG{P_8>!M^^qaY1cxBKexB z^;V?uUh5zrRvf*jOnZeo>h1*6OzNZkx!?+7cZFS4NKqd>Qcg5ot^a;Xder z+MF6TL=j7-w|1u)map>dg`5`z)|YQ`hLLX^D|R15mTcQHm&V3c;Ez9Y9{yZ^+bwjZ zr8QAn#|%VkTlDh?T68$a81- zeenI6Z8`ogLGnX41yRN9v9-u_0$MdTpOSpt3 zV=L#oo1Yh!CxNRyC$~vQYOr&kLhCVEXS{1{+NAHxXSH0~e_ngd#xj6S_@bUQ0i z+}5?ng)!`S7z@uuF8HqSOXy8I85dhAmC#dfT+q|P`reT$>~4>H`*}g&c1!aG{(;|o z03zb*<6iZ8T17dkVDp*idKN<>dS*xX>g+6+j$+G}y%IDyi217sXkhHCq9F)eq|HE6 zA*)(guUd-1v@#_QFDrvu&zYa(X%Rrj#~^Vkj0}MWzsTW*Qd%dMh(JJLT?YbZkQ22X z-hINr1}wpyQw-4c-_fKcd6dcvGQFE~Ly5y;fEwaa7|yJwWtkn&{0Vdh1NuT8j~v@<_$v`x@Oz2I24{{ z8rmsqkYv07)q05sTg6L-5_E9G1H4r?pp_PEG~Zm{XCj2{&vkb1IVQi{h1Hv9zAeX5 zI7Wp#k1b)KcX?&aqX?q77e-T8Yh63A1mkVO3=UHXJGp;6rymNgXBVo*tEEfOB9T|2l&d! za`e0_T~|oVsT^QGHpnJ~ZQXm`jGL*wUiz?fd2_Jd7yT0!Wy&Cvh>{C>E16W^si+3J zAJ0F1MoY%~0{@3yZ1s}pz{N2+QyV&C=yx`kUzqq;>#-$o<}%OPc z#uDk%1XO%ZhtuoZD#^l%zK%Q|5JEg9PP^qJC*0EgJ=e$-KfB9$rA5edF580D8)a^R zm0T-+i$`Yu5rneVIckj9EO=du5D=p|zA>^44J`JI%GVWV6iU@zH zrQ*b>8jG(flVKM1^r!JpQx1lgA)uj25-3A0imvC6--6`2fn5hxY9!9lLT4@AWLs1S z8rybBX?2LoU>>dsYr6G|Tfk(jrC@Rgi9wfPvjq&R5NjQh-c1*_@%OSTpeI4h6uyb2 zXL#=spr!w|d+XOqXN6^vn+_x)FJ?k4%lv>nd}9}|M~_%5Z|?Y|`nz<+NY5N^a10NL zMW>bA6<;m`b!=808;KQ@BVhaBL=Yblnxh7)RO^dgpNP)FecpyD;dlQr6Tcu3F3b-W zh4}e|@j0@=w&eU0D$%rv`t=T`>3lVnkw^}uxQiEOM0NdX>p64`6kb4uH=Ht-*!V*2eoR}@wq&wd zdPJy2RS9pDukUAAl7hP9fZGc$EKkditGcFV=mzw}swB#GQDZA7 zF~?YFWFcF1DUyi?c5rkJ+P;sTyTX5%9(MKX+Ls<8eA8QJ&^6yuPLu>=7Hsr*(@-zn z8tk`3Q$Pf|!kY>5nPmcf_P$InVqMI3i1dJc-W?A1Aq&CP0GPGKQ)s~m5BC+>mn5p5 zg_XJAFich^Ym58TefZ;YrTGzFqfX98VNUk+bY3t+4;u+LzetOARKekKFt%yKYlBQs zq+hl4N_s9;X7WhYWI6@@uPTqY4(1B753&1?IWnTi`E{4kD;7{A1_hr#s+px zv;%|6a?tf#cs!z~nI%*Fed@CD6x4e8i8a}GZw&(36OU6dhx00XZN;w{1-c$gEh6sh z3k(EL$2W_X7z+;>__uhDKna;8}v%{CZvIT4f>$$OVG2{Dp2Ng__l*7Qj&(~QUR3#HWiNvYr1=Q{k!UW-D z#@VJvQn_iy!sa=WcjOlg!IN+3V6T(ZtzNJDagl;T;0w%g$Xcu&3Q&h{A3dv={3)bohj5*baT|WTcgm*aP8y>O`?DEUIMHh z6^IuMhi93>TE5VqtW75(5dQ<)vPUmjm+tbyfDn|VA~MJhiZuHg33$sO>=2k4LpQlZ z4mq6;lRnlQMcC9L(-~9J)#^%sclO#qG_F*KjVzE_Bal+QqHOUFhu5jF6y2y#lZkvD zg1WCh_W*zp=-EO*G4_S?&z!;VXZTaFMtu?SIunr6sBx~4!t)%sEW^Z<)T`k95C#kbJw-eU&+^S-Q@8x9oIl z9I{XdUX8soaN9^}lIU5wU;Igwr-d9nE4mi0g%}agf^<26EviXDH=PnetEr@l zX$sr2^{Rnx#qF${FUK-~Kcg#>_#h#N3qO1#3#nD#Pgc%^?~7ZSS^MqA$b8(-l;{3} z?YwYd-bE!=Q($S{536a8Gv1ALNcq0W0hxf)P-RMWs4$tvS!dT|mt%4eCGWVGk$1~B zxPugQlkQjC&f2_lQmxcc&rmAcj?NV}?`)u@8{c~zex3i?T;)eCxfvDrWZd1Rp6TG8 z`(;%FT=G1kQL%I?NrIac=kwD->>RKBZ;NpJqApehM{RZ!ea3E|u6}5Gj=!h#lE>%# zaeDm?QJjT+UqYcFX*b{#KJ|>bnQ9i((vl3|vykWUhCj*#psHFTqYjyLLk z{)WvIWp1sPTwCRP7^2VIGU-@xy94?ZVMnd(3n8Z?G`9LVmXyPyu@7FcydT8_i_B-J z=MiFM^nrK6CUdoy;Y`FW9ykuZOf$6jj-7!XfF|9>kc;9A57CuECX+|}x~lP2 z<(A7@_Zs<`-fy%@U<|x?8PNi%Xgsd20^yMj+Htj$Eu2*J2`LNQEprXLcdD1l2{<KAFSyS5lnVR10iniQ8}^sAYOTbZ9Di%xnXLvn2%RuzP{+>vu!% zOpDo-K1S*$9jf65N6q1Y6{^fp6C`??1cx?D){XDLGDNB37w`(`0)J*X(stQAYN(Sj zO8ztYX6d*TmfyX1`x`1wBdpVOZ^f7)IF?4tbXk>?gH|J1c50`fQl5_eyAcL+c$qFM z?rZAMPcn?j=dp2j1%FBs%$2B>1X8@Zv=cbb^yN||R1x5K@FRxlE0x{SvFU=$r@LDi zXlHi*!8`!6x;_c{vsZXTwc;|(D$O$e^W11drFHIuw93BOskCO>wEri+i^HlPhb_O+ z%2j)tlU2MyPn0swol;!3VwDz;t--yc!sK`W_ovRM|C59SnH85&nHLk<5OfaC0@Y#U zE~K#asA>rmCA&{~y1bWH9>U;X|68Nrh1P#7oqQHhsXRlAB5%w`T}y3QM>!xZ z88Wk9MLp`Kl9x7SJf)7if^oS?!6ZGnqQ4OM>(q(=_~gD>m z3;g5x4}#dfXcx1?R?Qo5#UptjGXF)_;(7+v3PNU3!LD67bHO@9K3^Zb?x5H`VuZ+q zV6Pc?%e>t-tPX}ho&Oj7P+&iv(J@1F5jknr?e8nu_8W5VaB}Jq4zwmEDAQtI;5tY? z)J4+^wSz?sMnm5OnCbZlwGzMoF~5It>Kna((pyRx5iBwCa8_@&^~o1x;&d4`_~w<| z0gprKc6X0QIm4@QpZ!{ot-WtFr(49ZDd-05_e^Nqfz#+2KAT_cM#|m?0%zQ$IYIP; zr$;^F=xXu?9l`vyzSX6QrgWLnVbqkam3 zx}FM5d18bQDS;_yEi6incVCqU!7KPSl{m7odm%L7MT53nJ6S~J;z0xY3yHfjv)dI%$vX5}tHu_)!7xgk#rGB4l%XvgmM zcNM^XY@7}3er0BbNhEMgt|6hO;c0`bAar-ul6*M+F-ZV=u`sNAA3L1M!HkWF2|9JpBS?4?IMVB*tLxA5hG$lLwwSHMmcjgxnsG5N|yIpE>S(u?|jZ@;f= z8eJD_kp){8HguTFW6rMW7Aj|>$rK-Jr13`)^LkT5ch5CHu}#uNvFakbF8^KANfB3f zW8W&Ql2MBW`s(A*udbuW_LZp_%zvwq&A!6X$4*mWgN7P!IoN#D>L?jj7?s(bR6|@f zU8{cn_{jZWHrg&!%6U~^xu#8?%Okcqh6&YX`gGaNM=XO3(bp@NaW_pi=jM*otkeU( zu(@go5V?2Q-E6o$y~e-4k()nshHR2tJdr~u*9&~ir|l-U)Vei=8U+Y08=e9X$;>6} zHC@pTb}K*MAEYwk?%=SnTRCj#tn0n+z|{@H?=Sb+!<@G+=Op^qfN((qHKvU_O@mmk zFdY^6MwZrbIv}*wLM=_|Xg>wDqVWx%5hzK}OEZbp#3G5;Sqi6Zey`O*Xt0eCE{S>c zuvJB*C3mE{ z=~AvQ1(r6BIs1Lzm2qY72<{S+oAv z{ji4*dx6G-&9`f;BmVtA3k`7RWJY+~WDlWrE-4!!2KC?9R0(^*3V6~jtxB%``bO4Z z<4DH_x3pFBAOHr4Z5sF^3l&OkBz)|Y_0K=(W08!-r8!T3#HtWAi?(jAxFrDJL>umAi$+)&f7%s;o$9O}Po zu@{jU67yh3pZyEU0oZOlPzh?A0nDkxe090jbymE#>pXuhrxW!9_Vd9KJ6mnXdW^J2 zI;knxru@aSxywJd;<*G#q;RxSypM^d7Ci1-M{~iGF310_V@wHF*`C2+zAQa+;TYUI zVX;TPlW|A86!~X&Auj-rc+%BmzcnPO@oIvjU-|2s0lx0+6|jZJ--5m!bO`KT=PWqX zGX@CK_Beq`C%ag#Gu1QA=cn@vW=SQKfr~G;w}S=TRp-Ih&5}#?LzDk~+$dr~IwEjOLN1N8-fFUZC8Z&Pl`bLXW_Gt> z(^lQpgeZiF_Rp^21->sWo-z_cLIJrMCOVZG-FJkz4_wpM#hf3w~W1F8;zWvq2JuC_s^Jmp;d$M64O}f+(OSiwVl{j;->>FTJcN?O-;(R6A zamDa5M`POA#umhyM}eb1o2mf}3LThLzp=c&Mey}&@m zb5LD!IxM-x!4}u?Z?zz+_tW{BzyD{#f_zR?U&-8nw0NnnYJ(4)>DO6UlG9RfnkH`W z|7Siz_qC|E`r09tT?iuM*wWrm6;Jqlj)}og%#ov`z;gorJJ5tX-exUgyz-?D2AKt< zeS^N%w1~Z&)|AzDN{aQ!Ng5Ah71zU%nNP z%1QnVc&T1)N;3+n2E18M3`z^VNl8UH@LO^Izof0&PoGdefa_UUCl{oe5(>-27%Ija z6FA9Cybh(D|3H_LnqXT2s^B_+XG9zodb%Gfo3pe;_r)8{uQ;(Xt^mv1!PzGUP2qn} zTX|L3{|AWmr4v#RCjwf0nJEYd!f;r~=sWJuerJ{4KpJ1z`QEn!rhJH|^cv!R_07cW0}$DXCWV|UatuQDiWs~I}Ep*yc!~d}?;y}X+j{v|L z-8rBip=KolpNmm=1_;}GPsroi(;)nVnvac|LUWuZ>0><;DN1lnxVbf@3FQG!Nny5< z1`FJuhl7C>Ql*D~4uJm`lOKWTWZV%z75fRaEBf8;q%v6nddWJF@(2fj0}J*bHXDfh z#O>4EDnOio^v4H4;`$8yF;)9LKN#*$6|DobAGlHebD5ig_ugng9~uk8*+*3}{l@BV zwJufuE;oy5NuCKnat+@(Oax;CbH* zJvec%eR|OqfNw)RxxB^Hxb~SDKq}b*VIBbhRE6shz@k9dlQDG`piM{_b`J3SbOFTH zM1rmG0Bi&!_>g?M001VyF$Bb}Wy1s?;7$Yil8I4A5GxJP z1x-$~3Y40RDIS2&;O~#Et8NTHTiV0&A>^CW1^~lq5l=LV0A2iX^2{WKQN~g$d`{6h zw~D>JbIP2PN`-Y~emE?{gYfs{cEJQqqT7E1w8_T@oX<@HD9SFt1i=(3NC=D>NYM=T zu<`M-!iNwbGBkBMT?0IaG-nL2{06Q${Vy`T<%h%%dlE4K*r|_F5Q1F_*h^1hD>Stx zBYzLeW~%teKFTvGXfj<}roqWky{(ymg=&r?+WWe;^WX9BO8_M!3$PBF=P#opJt=+{ zya5odLnF}6VFJDb7%s3t5~muZu!0SYgz`!N1mh0@UisJHvYEnu<65N7$2?b`28d7v z8j)r%fhbHh@Ygz-i6kf1T=a;3ES^G#2D@-2>797al?gx%S#T6W+!*bZ=Of#Ew@3g zfqkA;vDq8Pozu!(Mi?JIAianWpV#V(_7-{>A>Zu@U()XM{qMO50ctW|79Qx`=-^)r zyQ!Pig$L|16*5}3Kuf78SVlpt-s;Sd>Kf=`s?X@N!I3h8&V3Pm)aO0yG%xKE6&wbE|-hD16Y49$5B4&5DW7Fs_9b*m24 ztF+}`Hh=!T2){snPUJ!MQys(C{5YCiA^><4HG;5kZBdPs0iYArAORV>}h!KHQPpwGCv+Ohs|;(uZabYwF^0bBmcc= z%W6O!OCN62d2f5S8%+aRh_Y81>#LsoFq7F0$mpvTDMF9!_*v&nql4@EDqCqHB>FDXn*U`~4Mb^V+?SFKFF-9mW7)z{= zy&8IO3o^5V9!Sq&8zcO*oHI{9$T(4or>>&pZ)xr_o6HW0C|5RfT3b7wY4=+E=QiBC zhOMprRvz+NMUJ3?pGQsfi;L9QekYodgbe5sWH{BO0Lw7F zQ9K?3;!0Q<#N@(qK2M97o^x7ziJO+wR$KgY{g7XRL4ZQh1GW0sx+vyX4TziI_Pnv0 z|F~t9PTNu}6O@eHHesy!YJ*g)h2>Qw@t>&`;HL>cD<1NfEao?3bb#f2(;pl56*OW| z$dZ?hArxhw2MR_f*LO`$_ly8w4~f=EbLB!m3erC5JZ#nITBhVDABMGZ^h zxwTdX+j|f5fX_rYLOJF_ocHl`KKH&G5&E-(^nD&F?E5AbcPm8q0O^Nh;%PWZaLk1D zkODuuR_KVQx+h!N23C1YuPc_uu>{G!mDLc2a9cCF zFS=$#%IswfGxr9?Wy!={k)?|8{6FVTFJ#}xtKOpaz^sNs6X-a!@aO1rL;Aq7W%kBX z3&4JO<=4yR*X5Wg!F6BUWwBmrSFEG`ck{?QVKqK0W*?PKkhc0}z{DLx-@dlc23dKOxcmi_a)oYwn!$jAfuM3Uwwkx?R`}m-~q1B9$S1ao_a1s__aLS6tgtXLcj#O!jXhy^;w{T9$4epaoqQ#afIsQjJ zj6$Wh%QC(#tg^i`lyz&QUDtCn!pWM7Gv3l3%nvFeFUytt#;ri;tXZ6TciI2<2Ghe* z|Da`})r*NtL<)-?o~={Ut3lEke5-Rf#TlrREN`MnLrmMRF~cewVi}U*@Xzth4*HG@ z3XUVcq9Nj*>b6!|Do_=KnmhDXlGCpT8eCi$fM@nn{e!&8Fjwf}wC&F5;NJ@r3=!_l ztn#Yvr5{Sok2X1alh>r_UdSsft{Jis*gwFIxc{|qF2;Vm|NPJQ2-$ju-70e$2bEHo zDQlCPG?!?ne7{>$1`U0dq&GrWzgjt}*U!e))>O~}md3vuX=&)i!`!o2$sF%DF{JYr1|3+4RDrFY5kf6tq~-oDQe)FqsyA{V|G>Tdg2IjK>c zF4fjY#7$?YPbNpop$Tl{#)d5aJt^#YL5F;&$8SN&zfUX>NgdR(V8rJs`Na4^bMvZs zI$6cTxv~DwNo-64HE0PQeShRYla6$o)o|qe4Sv7zu!c&F`C(yVDqe+~O_btp5!Wzh zr1uWe1cA_z76J)PK}r$=L)CzYf+7%t^b(5H zkV3#f5~Mpy4Mj*GKtfTP6v0u7qkvw%=id3|{yxw7v7h~(wfDQuTI=-yqf4qP1#qDB z!OzFi`@CFc7arMd>&yJh2A>c*F0)#lWQ${aFZa~jyo6Q4x^Cf?gJa zjA?v;zxZz}c*y^FB?^CHQq-5_@?Eu0N{V^AgAkLhgNKoNSRz8DNGM5l^1r1SsKWKq zD-xR|Hl`SHH=YBR`dIlfnA2Vv`z*COa`6AVPktzJjUpoHB)&*3Z^@6B^RPmV;zod* zrNJ}qe}0MiFWu3^b^N||UyTfU^kdlvhNwe+b%ZJFR~o#rKid6g|@-VwOJ`(M~AH@RB=peRgfzcG5K zBv*T7(4v;Ma(TOv+p9zGCC#XQ{d;fjGGtP@DW>S3-5o99ldp0pJdXr}t2)mXRD{E1 zcBZ?NKu=tYLxHLP#vvzhAOFChG!1MIIiyg3E36)T?kTs;BF2kq<#<_uM(GOlp{5oW;LgX9JlYg8Gmu60n#{_$p zg$U;453~$b@W;TbXKc3Vu;_o6c#qFIxG1YB8Dc9lypS;fCb}fD(t!2fAztHkdH3o6 z;MeNs)AEBdMmYW00OpZ2Eaoo&{6~b`sI3mN6h;pvL)`!Cd-@^CRr?Md4_Ai&S1N^I;V5_ z8J@J)Y&B3MyE*MUdCfmd;FnG!NV-0n7zZS$p?S68E$Onx^Ymy!;!<`X44mee}XAG-E?20`wkUwYoJ6z?uAeM0BQ_qQA6q zI(;OAwyr)&D;miV{w`@AS3}s^oBx-<3zbsWj+n`m^y2yW;iX~Knop3us8!Xo9?O3> z>*O^q^Jmx-WBo{DKK4T%8)DwNcv5C$$VU3qUxuG0gt3kS$ zI@{)T7tea)ThDBa$5?+7i+>6G0w;WCWI_Te=gocn;sKksuuWJGWACipFehroikB}~ z2b8aXiBKXks0J$4q~afe(%A=k)?L7+r)OG;W+(6?y}d!CL#%^rQ9MsCTH|xYUGihv z@d>wawhzO$zN zNnN7SFwrhA$8j*_0;h1HNc?XR)=G^-j%@CLys7W0(z8a-&R>y8J|`x0r12@szyR!a zx}Be0F}^jT&CVueM&+JEqpzIg>r2i^5ndC?DhaZ9d~kXMm&|^j9ewB zBhK8?X&{s2p|H=iK32gYY5B=f!&D~y;&5N{TtT(7<^U!qw06l(@jf)enXIxd)1<7} zEqVd(Q}IT2dI)~8LkQ(>K4ctS>de%&wW2sct$Oa*2lZ-X)oc)g6*Cn@gP|?x?R9o% zdsN^`u;&f=tGbrvaaogFp!&|QuzO#uJjeZwl=-!)mX8`aK%#`KR`GO_jp$cm>5t89aCUm1t7H;bbe>@}M z^~}Tm$)Ha;CTfRLuI|_^zbwKKal2RvMIboP||VaI6+vCUm~BjBrJ?O zX^{~&Ke<_SiVDaoU>1dcYZeBV&$n?{!<`95{o>V^Ta)(ny0=A%?ywxuw%)pQjVJP% zhVja?5!2J)z8Bq5ww?*UHH{rh?hp|`;H&m@R);P23S16oI}P3Rs`D~_3M|d&Vpd*y zK5yxQJ1AZ#Eie=$28T~1PZUgNdtuJ5i!R<0v@YP@@Y&S1>?(>cdM6Y>6NOhs9JWyc zjLYiX@?U`t&IksaAPJ~JJt->u)HkV|xpQRMhvkhYfsBiuX&HvZei}m*4RYjE)m)p;2>`FtnH#fWE}{YxhsQ3_(a<-z;vQP z+AhfR6mT*0wZ_1bk{!{#g{4}84LD0@5G}`BCF`bs?rnFNjo3!<_l2Q;|6NSiXy_8Z z6+Np?($C!uOHWUxT^g%D|n|rh`eSq!A_CDSI(vGIebus z2`n>8C=M`q2<5yCz>+AJ1NDqhr3&ib@wVjjJHRz^Q_>U#k%;HCn~P_5&ycAM+Iujw za2lgH14K1-ZBwwJ`o#L){3)6zk|c+OdaEK}rI&A#hgOJ6BVN?<>@`^)?z*d?dYo#% z&15vnOdK1R!X(2&`rt0-A<-DTw+m`7hdB43h{sa0x_+5V0VITRDN-uK67kvx>&P%u&@t96tM z?R?c?^i1SPcIDg;ikoag>P#p!DYgQ%>B;&f8@+_#4+~_TRN6wm=bbmdIJqeZH>aHN zAf{8U*%CkbPOoS%*cNl0`>ReJy&he!{bce;@UHR} z_@=X1C+bjjQ16dPYwxi?XRsIViBqTqaqio6HqbYrqiN||7uM#6%@$=%WCE= zIuFL~_RVW|bX3P^Z+fvIoQDTl?&vz@9;^LlK75)?WLlNfM23&kQTDjkjkp7IPMA1+ z*CyfbxVoBAV!Uqvi{+XVwV=BO7dPehzaA;3_Z};xWqj@3OE~(LJW?&AL;c_bV zLQ|ze;BFyN3r&`rMLVsUA7#&xhFD&18y61s6z+|rg5Dt9gjD+drH%~4#f-!|Vv6~H zQ~ngy!qA+U*^oFku3B)S8(E1@sr7!xc72lA&YsZIE^d5pIOgXj$AaOs?X>d3IxXmd z@uRGu4Vy9$(VIWQ$FGML?8fgiva~O1-_ZdNBZW-NCnlbJ}HFPK&v=m zf~uM?T_QJVLscptPnmwTER;=6rwqBC?_aXBgEvAqAj|l4OK_Ghe-UL1#6`&T+A0#O{uJW4k626G(i*4n9?Zk^S4Mhv7#^EIt-u1t)Rl?K9F4&jtK zVQ*{jvpcWVp>(Paiz3G`S%aVN=gq7~=VoNYMK9H%8}D{oL(Jbe>s-nPg6~aKiiJba z$3*q2*7S0Xt1dTp+g+{Xd1|6bcEzSH(;TN1=CMBOo!WUs30)g8*nR0n@Gf3_GG>`` z$1YNoO_rC&7kDJ)ECi#wli$dv8-CBB29Z-@8!)Ok;YQj+Phf6N zvk!HKt!+;{uIHhRF7MK_sb8yQ%>y+Q?@mxFXYd&$ix0F${x0?@zhX-_hwZ?14;_K_ zb`VkjVcgS)bfrP|ZTLhKxx=P3kfrzQ?Hnv;eV0<{!GCm_{Or@W0aqv(&%)qjs`3a8 zxEWV5#?IhqD>4r^CuKVFrKmnRL8Zw1fNN=m>&94v=B{^$!_(_jf}%=n5g5sS`z@@9 z(z)eDbj_i64XmmvxtgQ7AFQX{#6IzReAi7<0Rw(vL;CUgHH%QSy7caCJ|&M83QZ3O zM}v~uE(>?POB zmd}6WTO1Y_KrmC71<-~nZT^*Y4(;A<<%DvY9{LPXr*bP zOM3XqeVUL1+}>N)`$OfXtd6F&)d)~WDREO3x*5Tc;3yKOBkWL?3+j0DU!_X~;Gv(Z z_7x?eN{}(7)c^?S^KG@F<- zvdwHOt0ecYqUiG7UOcA~PycdvFvNgKep9_(huh8H$qWP!?`{r090+m7)cA)j zzH2|jt&4x(V~QrZZr1Vn$q#96p9Xe$LyER z;G^r`?%RVhK^1%Bf`V;Jh67KaDwlS9M*Z3dt**In;R%FW%X*ClOobq%9A`j0H~FeN zfov^yWf@Yf!J_#V8QDqyB;6ue=F;t82F5w-IH9!@SDudS*ylv}1iv8l&?f1TmYabT zrS*31J{260Vy2=~@1%4QzVBD$LFAQc4g{qWRwnGDvo_Fe^jN8kC9k?xJ%YkEbVG%6 z2^8k95>dkg(Qz)S%u`tRxN=2C&0vR!zRelxgcpFfi zYNct;0y_Ql-;WC62?sLNU4k`-{VJP1f4BY$8hxfTgAM_Y@gS9?NUeg=PF~tXr&1n2 zL|re|R!MVBS>$3hqCiF9KI3a(p){57an8JUsW_H1_@;rb-jMMj%a>GE{NY!eO$0M!v#P;$F{-}*No#GN;m?kn~%qyW*n zSM2tiWJ3VK1t6g9pz-~FKvm$~Tw+EyrsCxVmwkJf8!Dj4W&5|#I$|ZDshs+{q#*9!;@C|SL zovbulv+lxc&6d?I!1;VhmQF<>OHEr&>+8^|M%_f+<2j8`KF_&ij)W7pz=^`!)uuhy zPmA=V2r<@z^OF1(13o#99BWu*|T^@P9Ck^(i%oZ8)a0*?v96 zH=03fHxZ!cFz%DPnBBsT}*BzY&be*Cxd$ zuiYUJ_ax@1T;IwsrGNNU_s#%p>Kk@$`U-d1bK{H?o;;xQbLFTgsd4}6j4x?lkUo%* zw3afV1VC)ZdAA!c)2|bEX;1GQi#g7*-|htdg$sA8v&4VsJLNJbChl?iN*#a%-Zzea z84`2+b8O!Mpp9X0s{Y%Ze&(DqAMRO9(u&$q?4VGTeCYmzZm`v?(bY!VohdcS;OsNX zIihoi{9BvD#l64LQMe7r>4$!Zv1sOx%07vF5BzD4py)UCUK8*lQxcKo88%8$9eJhK z?XmPouJdIGC;XSP`V-*0-!|wXaVBpM0JX`&DNb_YEX4w+>n}TuKdZg^{^-s~r`SXn z^0stv6L8Dm4{NbobKAS0Mjr6o`;v-tLq3~Z1!beIrUsj;BcY+@dNdQ**8YY{nC5l8|t%Y9&lLHa&D7P`k%4C!@%ohZ{11RCso(y z8!_MvCFr>?1AXMtyAjR{%`N=B(^R(m1{mmJeQwRLN~MWg^FVE;39E3CWni4j6&Sr- z(tVhsX6l{$k+&)MI86_kc0GZt^zrE~KIJ8~d0DXM0OjG``pfQduu%TyAByWOn@^Bm z!t=j3pUzxBy#oAo_P}}rn)~?%@9I@n^!jw2@RU+o5$5|;ivd8%PZuDdWUqk#P4-Pf@*2-~q7!$RWE7FpVptf(wwh0n)d1l|c6VM*b%9F52o z*F<6!JM&D})T_Lk1HIp9n>8}2ZQx9seya4Z8Q2yU$bESO(1vxT zKKCjFY&kyNC&=`@*qbxLKhUX>X=|l%_w{#r&yE|ZERFyEG_(R`@+Jv~+)006lNl*- z`s9|_EheOBgVgn86+HS!mmF;4XrRFUapOFKQNP(noO*W0+}#d|p}9Y&4b7$+Zx_@- zC;1PViNB5>_!&>RC%z`zFSy57)YIGroRWA2_CHvtbDui3rkUGfMMk!&_q7F5c^sdQ zb?;qB0E{cyy^uvB(L19zGN+7%tjB z+fw1?b4~%r<8r+)dkm4&T0it6Iq*?reL`Kl>H{s;uC599M*>ysX6(M^?+QQfPa+Vn zrflLc$|-NWTVNeYE+Lo_%NgGF_YAIvE%frmZNK8kaLf6M!p;o98hY#bEt$c!DFOG} z*4=4U{>C*sQMl{kH%tM~<=(&JDoDWurY7EE6q(7n9=er;kC!B0PAch*5A$6XZ(4p% zeyh*E#IReG`jmL7Ve&-$*YT52g_}wyIX;hUqlVv;tV4d_Gd=|sHTRluRa{icrqy=J z`JnylVcd2iVjML;h*#=+jWPwy5C6ZsI@0S?H(X?``BE&u(B*n*$n}MgBG2c{(T!Ux z$*3l~Hre|Pu{yQmPR};uTzpr18iboVrU2!wDA7S#2_m78tS|4vaQ>h*w z%nEc5)u-&qJoSj5)$$p@LdAB4_whb#+d?s zpjtdteTsxs5rcUJLj!)NF;UP|MMCmoLP81%LPEL#E(L5OA-VD(A$>DKLJ~S+^{o)Dw?aRBC!FVK}aab1W5OQPsqSOq);m))Zd?xkbs(iFVy%DBy`{>0r0J# zh5WxKvrzs$i9DBe@4wF_cZHs6Nh>M>KebGp%*^bZE$v;hx+xWqkWg%`o`l#%;e9QaL)&eFxjL4=#z-QAtbosY}j$%6Zl zu&^*U4=*<_FDLK>r?aP>3(SMl&YAvCCI9M?F>^L?vT|^-vbUqTs~2W$@9H8(M|bz4 z|GxgT)6B!_e{ZsL{@X2}gWPv_xF2!xaR0v*bFni2|0s5M=TEWU{rdAd(Ywk-r0s3& zowOWaCT8M~M1R-+e_r}u;3CFK7|(4Xx8z6zvY97B}*zo8_Ku_xLTgM=iBq$uI6&w*Q*u>^d4b68+r~TS>R)=`)=!T=F39!_!==^V~&42!vOf-b_!& z%(G;yAA`eYXG`wjO(VuNAF+O;?sqrjH^v{PHXR@EC9m+F^Lpu5ZZv~*R}j$RnGSeH z6th^0Icy+u_ef_wKAN0J_Do2tJUw5*C$+8cYgNkIhHehg-JQQTeAXE=PJH?QV8_H;8I`&w)8zpwVW29xl|u8h`AkW)aY+#Zur z2m7{-9}>GpDvI^r5E@2R<(jf~6?8vy;?1b%P-JITu3PmeW^iHU*tWPfvoI?yIK`gS z<(3$==t?zPHGYRyBACB*Bx49y6XN8I;(HkxnL*ht3OCM69jI!GHBZfT(Q^{xO4NL( zZ5EvsHL6};7k^%EU;c&nb@si-v*fm`rgOP^7F8~NT9XxP<5XJ^7kyL7@~8N%ijc$x zxZn=BSXJ&tkd-=l1`B*OzE3C4{NZD9L;CV zvRx?{UKLKPRGC)leP{BvI}iody6$(M%SjJ&cXYhIheS-17W1eh!3wKe7|Gtoi>k36zy~5K9Xd|tBB42{9Q}SFG6K{p6RJIoM~o9CSEfG6xbI)> z7|gswwC7r*ebLp0DysS?vvLG^us562HW0IAu<8hRny0AEHn$sQljp|qr`U<{&3L6? zk$kLqZY{G7?o0fsRPwZx{rS*3?m~21dA2{=#Duq6IDX=FCyrMDHD79! z5VT-{Iyz}0SR*{dj^FpVBScqxk%w9YCN#O5xPrkir~`doaedR8y{+@ck#H@6L%hi1 zpj(v4YzmyfArJl79n7@@=buzP3iaxKH9qN+J{6Z2d&O6#ZSab|WM#TMHQ2N!#Dg8x zzcR~|^!-J!MY!*)Ew$qD)MOPtN=*#eM2RL-@beO(MbpNSP|auM8nk0dtnW0-^$!*b za&-jztP5i4TmLH&plIgm?G*0zb#)_r#j(MmK^gRN__-qG*p@iQs(Sa0@X*Manp zm=7nh;<*t`V@@9-ropLcAHMfGaz30PH{s>{En20Gp+pN7qWNj?e$y{HHnY%U^}P4O|wDcdkj<|jZqRBMkGy|M2+&Y|i7 zmzag=mr?xcyHb?l5O*n|TvOs>-6Y@6b!C}ka~U$`KwmAtuUxiJgAy6+85SQ5mCa96 zDPy)Vn@V7=vunYA?7NsNQ8NB+WvNovt#VaeLDmTmX5g&#>LAbTIu9!D+#h4d0?EH_ z)iF!F7S=S<Th)5( zBps>zL;JpQ#Ofs31)=T!Cm!5i5*N?(A(s*TR*ZQ)!JDyyHgC^6nKZ(>z3UVvAs*0- z?vwc%jFK#=?q^|e*|q+vFExcyqE=(Q?lgyA1V043gwqU1s&jZoRwUww$Q8zdEzp=J zUVC-Wy*ev-JSpWLZL`_`xclY+s`MPHZ%|pZ4W(2%+r?+EU-mhfTy-t^AWD|d2ux7u z{ihOi1R?ZoG2A_?43%iC%X)E?GGA)clevQiSeX03FRUE1DYj~OJ6(=0-PMS~z7U!} zW*m>>NiQN{Bd#>_4{gj|ae`8E5$n#5voGa~xg-4V`l@#tqajf4<0yv?Xw(N z$tqWh8-fP?1W_ndrzH56))uR&gn7cj*=Aky>m!jh`I74SC8qqCi9!dH?hOyuz{Uw$AO=H6#(vSXxFim2$kueF^SwU-RmsJj$|iFR*t@0T~^DY4&z zI7?W$T0q_@5EhYNWu4>2o0tpMx=7mI<*LL435XA zgq6u7DmGZf>v#Lb9bKg*Kfp!BK+3s^%2`WvaW zUaj1XlMkTy>&&)mw{EGy!qd3{4Atkxi7)EAU$drahrl&STLTH_@&A6Lu?s zha&7!(-H(7AK8ht=%lViU7yLwxiz}Ui`O`0#W1Jw? zWExKH{}5JhCFl>yBg!}lPR3Nrl{xk7>+-l!g97mIP^667>GzMFV~E10 zf4W46l_^xOjyjUxQk?6eJKL_Z@;G&s#GylaUk95qN=br1$h0)5^Z0=eR#f-(zv|$= zjTT9f`v_Z!X2)y{UR~E`*i9kRB8xad)pO|V*d#&uQ)HA2q!K1)!z|;RLz;;8fgfXN z4;CIIX6@CT$}oWUNVb={<2hADv&^6BgCw8O?Z51Dba=0tq)VLui!5`&e5aRYnv-t8 zZ>*zU?>Cs-txh+mq(Myorwcy+kHuyuBybIw!`Z#C1jvmGFYn-R>qEKs_?!N|JCE9d-(XV4dT@~iqIqcY5V zXj-rQIQVy@Btb5yD8V~3lcf+wokO$D=z6glNm-1$kN_{R^h71C9AYo}_{>x$D}^B~ zwE&t865u`@Cq%i6LLgi=i|Rv-S_s@qCO3tF;+u{^!@qzANumTYzzDX&dK7pS;a#t$ zId%yCREmf4Ff@R9%((1;LI>F)k|L8fD7X0Pk?&G19 z#30GMPzwtd$4>&=i`7>5sWQ$H1j2n_%etFsrTYIm#2JH>i~cZ#TExsWLV_q~`0laz z(nKS>{`?wVrN+Yte=D?W-=9hZ{@p%g z+R+c7pyw|>bk4tL-71!b!7}Fn%KA&9UqmCbPDY5;I)4xGg&4QwlIYwtWH)$JO)!G4v+YgTp)OEpktyR1Ib$SxX%<7aflNPnET-oL`(4USoOcN9S@nJ zIT|z)66HC6F)gNVv#E;=hX0q-B|K1nwS`od&oflaY^JWqH1XpB z!i({57~ARb9u;!Bu}KG=S%S!3V}}bcET%G8Z;+d_70V$1*SCm(IBL7?GO4$4R0e)U zIPW?ZjBx}0d%?V09V}33Brl;74=7f_32%&&pQo9!I>+`AlQR5i=%^Kl^p;WQajp2k zSuM)@k8m3eIaZTbrmQ;R|K4C5h~z`!yLLVsdrPy#lRmckkwMS=lP-)l&4TEo<-eym zV*+$4_A}2r)i%F$+Qeh?>7l_^4>A9?)6yMvu>En}@J)UK2dZ-5uLlq6hB0!v{`NF$ z6OZR6XVt;zjp*$Axr6fd^2$LhrT>Ns6No6hrdR#5z;c02yeeEVm@q!Bg!tx)`DoL6 ze{!P1ip#U(q4$i+-tGbQ=4a5q31FtyELh#zSPsAJ#!atVbmye$DtKT=0@MGSZHTQd{8Qupa!hKj7-oj z-TUgGcij$`LSS%6V8O;wXvcFsT5$2n&*t@t73)6wNvCpN+evcB{c8c17Za6+j-Vg;Dn3w|y;jzy4k-f`zqu z5fNd>P1fSBYCE)O=zm?)w3TYT*2CR;wr1D+&^@YCab)U+;g4nC)0foPWYU#T-xn`k z6Jsv-ntm=q^lTFcr+HVC4E^So+!kzGTcks<9Hm2XT(wmB6LI~I$K>}G?Au(O2Or4~ z9Lr-9qex{9;cw?T>X35bl)UJSeBJ4BC0CzMUuTCZ7en3rE2o*eT5a|9+hUXU9%+k^iQcaw%jzwR9=(r93dM`69G~X&nRUr&fb;7~IebRP;-TOGM^*j7dT-N=q5slutp8Sug&QVU zeHMkdPkoxtVgI^_5G4gWIXk5ohxL4Y7lCq@2-cCV@6VRgj5;|Is1b56na-Y_*Xuy@Y8m;s^y}A5(dh)a3YsT_C!yzyXopHsEHBy!fGX2OC zI52C5g}+jwuck$j@%1dZ&b-VxCIjF6^uOJ;jC{aA5yF`vegJb!Qkd3=1J+Z?Hu}*Z zS@r6M>c-?)onpE2t`xl9aCIxIe7@18ZH59-UdxYGE%O@*Dw*o19D95FJK4rsC)wLf|pTW0T%7i)7oV(YxVLo zT0s{Yd&KJ3O#fxoWQ~heMUzc#>M%0TwQy$9imCvs(l3m;8SeDMW8d$ z0`q-!k*h`uZXsmmEY@G|;fj7yblYqA$`yGUyrX=#u>!E>9k)-V8fgUqPIz5n$!sAz z-^=Twlk$&Gu5;fk4y4IVfA<~J>0K8u`bfcC`cnKmc`vi*pcb#sUiOM;(vq`d@$e^aj0YGs#fgf^}HWm&N3IngGle%+TY&gCZPy z(1l++kt7uTfOp9(=_RG~5{I2J^fcMz?SZY_$`-63v(?G+y%UryI`+kHfWG}0^|PXY z;z!z5H*#LzS;H+(9ofN%rQNc&W!!#V=2si=f>#LT+_(~Mft7wr7U}+M9?`)oPUGos zS4Sg1afCPUdeb?kxjQG547`fmOE?U`@lwJ9i#BGAu7A*EH6IFEe9c!x99wC3jq^`t z%@rETg&SU{4TTkqD!U_r2W!$$Bhy?)jK(Uz2@!ReyH>vJ`}|sE?xLy_ z=ZS}_OLARJB^0J2M6_j%k2rRy7nxMN82YT%!~PqZS<0e*CJ_%7@e~;ZS=` zgI`-rYPD4okPt^BgZP}FCer^i+N_2*G6H%&;MuOzfl}c4_5F3`ur6quN)nOdEwlXgRE&*n0-WHUv-j1Y}%f@hQPII#>>YWnPR8 z=eX26rvY}K6T4}Wqf&|6^N}TB?b#(U68kl4@;2rHLqj)M4?6l&&+O+b76iC9hgPTI zs;=#NsP3NBmI;au-=My-$BvObr+4675@vR!sdaX~3$Xj&CqR)yRQDIUj7H|jYd<74 zA08GTEQ^l8DWn#3OE@f;g-Y?FqJ}VwqBpGe%?R_{gd{M8NaR4-`qGbJh1&9{oei)cIYi{y|+Vkn6tyN zew5AV_CQ9=G*^}K1T;&gQmzSJyiNY;m&*1*BviCt4);0LN4hyA1Xeuu;|*XNzvEos zr!=_z;|jIa`>aK_4gaw@JQOp~Mz)Ge<67W)<@az&g%M9BHPaUw|FC!yJ>EF| zO~!UHyK@|27kRvOQ%=s!KTf4UgGXRNSHzK=t4#g26+_SC^Ya{}B8Za*Yd|;Si5|mZ zmF;GcjCNYaQDN6dGnQw6830D0?sJ94G0XFC_50E#1S;yK|Hz?$T)STG)7x*^@`w2V z^0s_#1N)EFiVz`JX(TM+7V#=}OeqQ!z30$@{R4cqZv&pe#y{5B=`{vR*Hs5IM7hF}(-?@g{DW?ivlz_&2S6^!wL+ORT_l0?vnWaT5`?2)Rvy-@yh}+NU5Q;TqF^ z$j*}_R2o;(CT%6H`2Y0~=`|;Txk{zmf*PbwYy{jdpe%pzk6nmRA%g@4;`xjDF>`fy zbk2$XsVZ3|_@IK932>XD^*0eo)k((jt=r`8w}!k1|Ha^8WWZ37RIPbGL^nU57@O7F zqu%5eGU@myMumjP^fLs};9;&(2Cc`Kx`_Z_X8R8?|A>-|*N=p7ynI{Q$R||;?c>i{ zb-OR;`$ua4x&%T|{FaLqiTRnmluO_>e~DyHN2Fb$VRjbiUkcs_N{(}>YM9DYT0yMA z;RKl+6?_iQx&Hz0E>O@UnWi}@HLE;Bnu=p7ym|cD6P?ROS{=?7Owe@1SZS07QNhc$>^gDUF|zmc)F3G zZZ6;-ugK)s8H($U$yptn1`8o$JKk$KH8=$z*~OV6^ZQBLmXm2>5l{No%e^Oeu%zeP z9qiLHOVnN~|Jxj%c0eMSKrqQYPkCCo0aC_LtifCPDB}(6-A(InpKxKuSDq0=pr77* ztc7Q|aIPLtsJjD*D;8IcZ|HFg-P|3lG`zi-fmAQJOsL9MJ|aKNrQHX1ohErIPX;wz z|Lc<_o2nsj=q5e@)MM}iaHPFdAQmnecho$&>D4nTr@j-oGz?ETj5nh)e=08q}UN+FkF*SKRW=J}VOy}>J# zD@Vo>Rut$PGhe2@-j?6%qmPO5<_BcaQvf(F`~b)n&bVxH??e7q@ARDd8JCdJDe-o< z4m7AXL?3kzXHq?8*)99vwVV8eO4P%_H7~s=x;F0_<>eDYHB#QG)NogG#yciSLygie zZ%(R4Ay8Z2{=*|)l@6QsW#$r9&nklK1kA9zFeekHpm6EPMYv=Y64T#aK6I zp4MOzBQ_lkV3@Jfor26|PM}T8A2a=L&iQuLm>!RV+26Dp`kil5{k+5Gfv2O{(o0^u zC12g<%t(^><3|-*D@=MXR(`C8QoH5I$GB1Zon>c6esy2)IT~65(7N?d#1dZBoJHo+ z^+Ak()WrVP^-q8Ix+OO~O83vK1@%P*8S^Gk?&){Zp4FW1)?*}=0qUmmR@OO`(n%qi z;ZB=tkwvP+>h4RZk9ClKKT5sxE~66m`pT|{%z{IDbwXX@WEGv-r`%>$s}MCCV0;ER zQlQNt!4(%D4-F}Uf();Z#b$SNC}nRuC+2M=%n{SMvj(+t)_FwiT3Jf-G(lbbz}8|F z%#Dw*$pFYv%l!4}%1;BY9mb!bNL)?dD}_`TJOMcDCVyMjv?o$`wifBV^vW>07R~xC znuSro%Er-%ggd?b+vCim;U^;rI60V1(OV|Duj4Rx+Y(RLBDqDxf%($57~_9sa_e0_ zJH*h%@uPdaqL+&O@}Z3>!(bALwVdYJP`oiW>`MF&tXw<@*RXU6XH zRt1Up9AG0ByuDuw_CLkXzPu4?jPn5oK^`>>^Z>qsy(raibFs_LF~!sJ%-;Y}G50tIWJ_tT1sYXf3@K}z*$${u$9VQ8nbeLw|XufefPcl@?4A*!wl-a zR8OBwm`>F~!C{ajGaXW$*K6$1sCymQ&DyIwXRF2`duPuHLkMhT9pMH-?;@v=cjh&| zi|iuSPbYZgBY3KN1HrW)=RTWKC1xw?Q9d^9!&ARf6q`_YcAtfz_wsOd=r1)N4O0|9 z5~RSGc8Bv&D_{2kvuLjrpp6o3Dx^{-rTpm=jN+`()o8}G*`A*l{BN(90LkJ+7;~iKOzvONGy_1429N+e+8L&JrKhuk8s9zQ&AM&t`&dOGaoPw#+)#PYj71G8(#b3w z6gyocOFfZw4x(pQibfo6mUFeTuwyjF7(7*VqC{`|AaqBE5{xqgDQ=7N zv2Qtn=)^&96tl58MEK&dcNM=05ZHmIqbE!5c1cru9u~R*s=jd$pA+GgP6}CYkc()) zUBf2a?9!C*Yy%^NU9G>pqbRpLID{6GklSr~K=~FQXP3&c3*T;tf5ydA;q77Ff?ZRk ztTMEtxU}(OoeHf#L}Di1{Cl`Nq;=`T&w$h z0`g;?tWRIOJyiCYBJIuFCwu#sE}YTmKFilJCOuKC^iZ(F7#QsQwDf!24{ob!&VB)= zimnf)_^GRXemc2vK7$7#s2R0*-+|>b@)TDKmqb3<;c3tVJ;#nD`n4Z)4<>dnlad6( zfz{YIAOPQd!^??Nx3Y-8J4!!=Exx2HcaIcNv${6ro3` zM>G}X(|k6&_V{xzxx}}^90c3XkQ0UyT}UCtP6clYNpvgt*O?Nqr*G?_e$fbtInTwA ziBdZt{N{4y;0ThlzoMKU{zX7RV6M%fXJ78N2Oy%eFu89=BWzvijDyI=Eg|Tis!G0k zuUr~Tb$+SXlY#~F!O8Vv%g1ki)wKop6JwTrCh#V+tmcd*jeKuczj}WKrFPt5o?tuJruVBk#7?Zns z6!*shEq;Ylf@r^1sSxt_*O*-U*672);ANWnU<`Bv30WQCAvyrwvg~Ab-P{7er$3@T7FVZmif!lvzxmM>qShASz z3yC=K127*y!_;Wzl!S|tdK5>AK%_;SN)?07v|ZDWElwVejD47jFV-y}l76~jk@n8Y zN$@e!T?mudN;diYc@^4OopZv0yXhqKbiVti=)N$K$!s|+e~-%l>R{I1HiF)3XGc|! zG{mev(bE*-&uq4t_~O@Br3H7rGS4qRX;r=6oZKN6GK=(QZoQ7W4--#d16hXM{EC>V9wCUn~q# zN}uwEc3V*|5BJK0$>C&~i7)hW^mVdHk#W3?)ET{DWH)AJ_V!ezj-Q0ZY%)K^Z^{NV zT1nT?eoOBb$emuO9mPe=^)sanwlOe-s#K9rDTw=V53`#uCj~#lqL}H3eujBCs(xtH z&D<|i9NiLL5FO>PU)iH%wI6qH)tX=%>4=x8BXCxHt1RFxcHcr5cmqdTm0X4ZS zSo{yu(Mk8eP18XAM%h!6X=>KtwrvP+UL7qCpiQ4!lsT)r!+> z`$y3x!vhp*)!P5FfM~c;PU38g#i#cspB(nlukZTrr?IpK1Uca0T)020f1@P?3Wa!3 zk=KzWo%H;e@~u3=Nh=d{WiR{3myyHUt?i@T5@g)_=Y1<*j`>#V`@i@hK3DyA(xP8e zsv}jE{kh}6Bm_ye)a{2Eoe2J;l{A7Vb8rNRUocGbPiK*7V?!hb`k78U$#eeFIw?6v0J&JyF)@sXQG(RI4203CjBw>W)Rg-0UDdzC=_1mB zSta?4d77=jX(#o~sNgj~lUxBqr0mXiTjCoLU4JXI7PjodI{c)YNUL5;U2JNGSpL_z z^P*#K!<`h&Sv@MX2QbNoG@Hu)#l#l|J8#7=ECuZrh3cjtdMB0l&3>PJIOarQWxxz4 zPXR9tuWQG6DMSq2kg+tig}DLdiA&RuTD`^K5sBNy9{^w5%TKd&0;*FCW>jo?bt0x} zk(UUG*xfGqT2i;{B)I7C=FUWVa(i`jz1jcn93XQmKPm^f_5e@EQO~ZyO!mpdd}1A^ z=i%Y_ILEGpeN!$F3CUeL4Pgi=!AI)ls4xN7O~+lgM#undvMz&Gag^xJwYGXC=Y$Gh z^pk@w!WOeI*+`zpmosfQQ?|8p=5~NY;3{!BH?jy|6AFumeCAQ=Z<5`YJuT|yUlpIP znh(URQF(t~9Vl0!_P?sQ1S0vxZ~qPT87_p+(KDz)7xZJl6F24o+^5?2&Y!@dXuJ4U z+*$~DRBe0ZojA@wAY1jUOKN;BBDq_)CvZgfB~Nz^Z|5(6Sa0;jwQ{SA9t6c03;C}2 zp1Q7FE}t#}M&B-1<2Id^>-10S(uN*ez@D*7)P^`_`dwJ1bH&_Eg)DLu#`s`;u}{V= zbh1t*$?`J&F3rYzz9;AnOvq`Zu6H}XT}3w-Afcz}_QS+4^jCpP`gMRM*|Y*Q&2D=% zdvDex#+6GRL#*+F_C1dS&jGNxcS!n{O}LoYW<*tC?qf zf6et03Ln+R9s_CI*{fg2xl-brH%yN50Q-(q>(ZS&H}y{FYIGn?hM9ASn3gtd9m+&Zk$sE(1?12h zB@{v9YzhcNN7G#JjXS?{y|VR=sH=ad@gwAU@+IKjBESy!%-_303@IU8;C=S8<~4zN zOZq#CdoFCb|%4I5m4m6_(cHip(eHv=9Rkk4HR#)fIbx^ldLZmN6lPRQ3gU+_LI)pyPr@4bfJC6D#!&}BUVl;B?NG zy}kit#>G3iA^$c1XE<$$ts^iLy?d3B;b#EGx(;gxs59BuK#dBUb51*eVW~I2qsBN_ z5m@nY7Cf2MN;;{@Xv1fh|E;KJ)vF7jbdVBPZfd!3G~!M8t(=I9>g*o@8cC-_IV~-C zAoqcl=;WNZbcR>1L>T=n~k<#s5ohQcned^saN zZgwgeFIaybKsqYBQ&sJ`*`sN@<${Ihg}0JB^^OqtGpzDcu3nkVe}bnw%nFy_fN36~ ze{O|B#H(D<2NI_S5yxiTyqo^O7!rR{oRJdg3!LY;LI%T95>$A@nZ3QOXv+G5HT>H` zpD{Pi*LJ#)*_|gxQ+Jb7gb>hC2P1HwVYp&+cISpvWV?m5EpaYJ*7-FZM6{t1n{Q!?jZ z51lxVpC4A>)Ft{%Y(Q?0lV))x1;Iqv-@z_hC19KM8lliSL3Px z)XN*9UlqLQpLdjo2=pY;4g}b2s8JRGQIMHx8hd~)x|XlYy0aA~q8A4csGpUvO`eAm zmxekp1gD6iDd3pC4{hHCu-?)b%dF{GL9ur^#UgP@TR4hOhICW}*xJ=UyvP&3V-|IwWX2~}ru{fL9CM{a z%C#RDdxqomNc#Oquu1qhX1;ZHpTvI$4&Hpde2Hv&4zrTL-r=}@A?)w77S+zt(mc1WqPL+ z??&o9|I6Nax!QD%w%v=!u6Au=p@x;PjO1G1IWF%>gee6X+wf79 z(GXYtm)AGYHqndd?PKi)3M*wXPodkSmJ0pG;qHUQ!OlEn%Ftv+1n5oz_4du96g+gO z!eiE>m4E2^?lxM;Z%ka@j)qk}AfaM*T@){fm0a!WwIx2H@J71C}(f=Y=tl? z1idW=tl4oLm59I`Bt#BIXor9}c;Ri);5;3~7s0p*`VQcbo8FNHK+UDJP;|Z# z?AX4~Fi`Yzk&|Ob0u`FgT|^id=Agx?lUB!HH*B0I9)S17#t`(D&r7&FJQUm!iwoYm zQ}YED9i;6W%IhQ6iNXb8+p(Uc!@NBaG|>ZNI$dUhvv+>NveKrK@SfMEkJ0C^)y#Hv zpI-ZJ#K~X9Qg4K6Hvy-}&et(Zs37`UxVDNoO@!tO8RA!mNo_9FKKp?qJ!6SBBcHx) z&dPEje|g6?{~1607~L8!PHXcO*2alz@vG}_745-l4|QKK`>oKc`0HUN9n$#WUtDU* zYg7h%HF)6a7|B7z0tLsq$la6n0vzD50H}y#W104{z#+Rq( zS5#PY^igUWOhS$qkoqv5Vu`C-g!7kNuKhLp&u@|QR?-dM6Lr4ltJ+Ce!i+M2i2XVp zSb6YcOVoakd20pRAJ^u((mOukgp~vJGoC_)xt5~9Bs;rgAO@<(7w1`VTru&pXjHa$ zm%^{nDcnn(-qDf70cW?y{p#VNQ*F1`_O~>`H)rcDuBX6$vqVVyV$@NT7MFbkfO)^% zYj|Z`fE-^a4>uIPN9XSZI4FC*&RMtYZmuH-t+UsnU=u)4MC{I1VZAAxMl$noJ-Z#7 zLa@{uEE-`K&%U&Mq^`A1TFj?BgM)ZH9Sz;-W-7jmVO{0>z^=4wKS~?rkef49k1DJupLkvybjiJ_C3qy9*#> z`{sk5Wokc1ZXQ&{6;jS@@tct1DHH#;vbLMX-T;4YJoX96^k>6n_-}?BJlF`!J_>s{q~jTEfL)5ENRDjXTc8VFHS2l`Iq;RJBBh6H56Z4Bo0! z0$eJFg4Z;xEj<9K>yx%ORMO~;_AnmlbR<3&No`tQ_W(iH`(RpJ`>JFX>cgPwSPlef zV^3oa)m!@w#y$r2<#9(V!FphSg)L)zt)=&)N9bGx20S9+pozWbF;}8+)p~{P@bn%- z3$P|VDZTDITmj5d-;DiYUFxwn2(lK*`t6K3(B;Dv<;^wk5RV-S%z2MbohV=5I6RZB zx!L!2YzSJ~cx*GvlNqzZ|HFm%269GGa~W~&jr#Rf{hVt|tjH6zv+MJvA3rfFH-ob# zg8k7!ZQ%@o0de{Gma&uxh@E7L?Od<1U6<7mQV<+{_KvEpwzH9nc~!TGg~*B%YSoh> z@xC#_A3m-@r|Zn|znI9p(qR00a=5=v+lRugkPynw(2sd<`ku_71aFAUm^_WO_cs34 zq7k8sXZ-gYI3dGiZ-dh7sc?5OtS5)XLuQL%VVj+{(oB;h1z<>X)F?CPK~zOO+|bYSHa;F~ zzqvl10obv8R9jo8uLHsa6^%RWt&Qd7D?d?HG%}U6t+6 zc!)U0IoL7P_gSHZFhmpO)JLouPjGK2-Kw#(zpQF8A!CyzN7}oMAt$av~C#i`e?7>_o=plj+p}bZBDkp`~bV+cO7BvB@_cgjTNhF)9M?3Ef zD100zg!8<&UxTXC9_v9B9fefqypiP?!!aMFieB=QAiRnzIMn!oR*6GrYe=|g0PQQP z3#Mk&{e2^rgS!)JkcY0p&K*-c4AH_ygj8KY)-beuEMk)->DX8q^XN)BK_{Xw+0 zay+RzF^QZnKpv>C@Ql&=F>0?s&%Fb*l?M!^e?BH7*jOE+WP;~$Dg|QE=qlV_3xe7l zVDt0(fSwrv_S+*c;WQXmo=RV|k90gZcLH_S2%zxGl}6j?yWf(jO}0~or9&Q7MBw+K zjr#(JVz1U1LLRA>t9WWiA5YG0FOps}aN8mga(K?GWzy)b(V&Ekj6Es>JRS-&o{j!D z=`f`&(_$D}f7NWbtcmCu*-gH`&O!CPN@JE(5;Qs0vmcf@*ZEPXJgAE#@l(CPAyfal z6?{>Txb>d_ZG2mW=iVJk`oLKXAIj^}Itl3FyIvphHsTJAHqM(5*ilT6=srbqVIC(R zmDOcb-?%zawo%-MocBdw-w>25Swr(*@+%0ja4wN^X>FGWyc8Yo3_5>uHyF~AWA`C3 z!9D3L>BP<+Sj6+9M#&@+VDjSF zl&{8N@Ttzh;K~ye!YG~op{7x0+GSnV5?ZNOwo>e?}ecTkGJ{E z#stAr0q9-wx9#ELbnjkbOV9T-Kg5jLW``h#D$HTsqhgp9G^&u&!&77FeXE1&v@vv^ zH$u<=IRk^|mh3`z9$7|t$x!P-H}@fh+?K8gY&?PBoA$0rp*)#UI}gvjp0PLo{x5(D zhUWA!gD_%P96=6gbxIA=_Mww@v4ptuKAK;eZEebJ)7EBO5`B4v_7TFeHc|+xI^x6T zI;E$sk=HDXnyg#CgBD0YgA{()PqP@p1tNV?>yY_97S{PD^?s}1xklfD@p4FdTVsWAubhD2~hec;INM!1&-|OQJ(?t1enkWsH7!N8*#lYC)flgJ7gX2fmR3pbj zYsRwN3~z&@h@+>_teDVzsZyL&XS~ZUI58~pXe0Jp^i}3*hmCWUE{TE z`J{G9Om66FJMvE-v`U7i#ybuV7L3KOtY%GD-};H2WO3u86oDkm<+8TapM4jgQ&T*8 zmPn*Iib&)xZgvX`4V!(@-%J(xo|LysNqUy89ddts6qdpD!`3Tnt-Ui+EFACI^qb1% z+9M5<3e6fc|r7<0>=ykp<~)v=9zyh016Bx_CtJ z-qzubR~tMp|Nh;ThKFW5DXoiJv{~6}Td<<|-`+@zRD0j3 z!e|GiFql&;A_k~eUv)!llOj-;pOds!n}WxWM>)^^@R(mTgG??4eKk-LT2<7Ds2pQa5c|&Csh?B zv>uBBa_>$P#(w-9lXY1mS=p3IOw4Xr`S$^^}#rh7-XM~FDD z4Hk&)mpzyrtn`myN|zJM7~>dklNJ7%tIdQV40@|*QUfZhXe~3Ge7%W$`-h%jKp<_T zyuyF=!Tn04p<7d|RNM77hNeHPX(1D5#1fA`tT5g*prnj+NJ&xUC}&M&GO%tdEhZ}zt?{w4!C$o&rv260eH?OF(+N&ZdR zqhgRWL1Z&7f8Uw-*=}J%Q?NM;Aya66UM`ACTdjJ-PtAjC__2VVWic=3&wr#$ccFq3 zp-MFonKd|JM(g-l9VjWS)+cH;9*tBLNpn(`M$Zx(4clN9ke+Cio*FVA$+9TBg%6B& z6_%67EPZrqTjo{MIzgqT#YjnH2BtDsD;RFS={25_F0oIkk1ZLujYR%7H=}KJX2OL_ zm90_Ebnh&t&r~oi5m7yCR$DFVc2E{Hg3*V3H$H|A zKO$qEGqQE4K6KdQ153Vv0IoUzk>_k76T%OeDOzlh58$vE!y4I&#P zr5~lyT?(08RK22pI&%KJ#nP6gtw!0Wo>$A~9+uhi?z4S?ZCdRSTyr^Vn(GmsA5h`Y zhQ@hn)qqMx~85w zTyzqcS!ala9HX?w{n}`?MEF3n52&o8Pg~3aw1C6}k}X2`jdf+iMohA=+K%Z~qLP#4 z^o-odY?4wA--L4B$3OAmxb#K1`F2??AVDY@nSUe9@nVioUkhtMD?S~Jav{)UMDrA^Eot>>1r z8#~G)nRd7PL=NuXL%~o!hWD6SBHsT4pJE;PZhrZoW#sqL@^3wo4EF0^`A^%#_?RL? zzz9zW`@%Qi+(HWizA8(lkxT9qPWjsHlJ$ulvk}PC32myDL1L~!ZeRYPln~vKh}seJ z+Rf93OH<*!-M^U|CP>lk@)I)SeUMF#%)HbI$K%l*A0QX=#`gk8v==2GFB zOttQ;Vzsa+?}e;%)3>WWwL&weU23&dBY~qETxsJmLQXw%V?TqX>ly_~*SRhk(bobV zZ?F@{`u2Rr3Haurg~H$W;&tpTRmyhHKj=O9_?$xoe~2Z@k-5&h?iQN!6y%W+-YDz8CxQ*Ua$+%FZ?TW4&6KtW(DWC~Y00 z$<%2~g2Afq{KX53%H_ypmj1i-EDGFOv+l3a)s=TQshW5U45L=u0XTtW!mr2ZvQl&Y zuSdMyO9(|;&yZCvFR}4xk;>%~qvs@^oN-88|97jW$nZzo(qi5nzAD4>#SP}Kj&Kf|&cf0JS9 zL_t1+{9!D>?aQCQV_s0bV$5v&=HeX=l6=ViGcUqi@}jfZ{u?n9&qut!FM7p_w%UHv zGSt z$UDh;-O=Tk?6!TBjH}^FeqjLh{#F14yf_rx!RZE`f6sBv+;G)r8+-HeRh0fGqL_W^ z;YZTYW+RSUDLYH_d6vINi*uU6B&;(Ok*X^!|FpK+CnpuN%p}gE+dCu?;ye3)QeOuI z<;!)yAc|Ha?~_y+em%+r)yU}3N~CD;frjnouw}s^(oB%wK>DWi_!Z4exC9(sZu2K) zsjhc<=?o9sBgmAKBD{xK`@G$`6D!z^vF?jy4$^z9`>#+1@Dl-opNu1g^F&vrlEy+t zbu^^OmV49xb7l}uEyH|?hD+e}RQHADSLbqaN9We|!A`k`f4v86MVqTjTJCLbobkQ4 z!=jN<&|jBH*J_vkkJ6cihg+*db?u+)dN0Y*iyy0UYA?*b8(sbT%h^_;gyVnHNfp_H z8u~dv_lrI~mZ4nrh3Xp*(!wlY;`cwkLMYWxZd1N6TS4_RVI++!g`#DG0OhBke5Kld z%^?74!vycct@4Ozl#N`vHZ649mdSjl_P>r&g?z6(OvP6%hW>Q%=Nx6{Q-@)H|2#iD zK(LBt)LngLqBLkWYJGM^X|LL1jW7j>0&XyHsioqWT0}4M?ZdgbYV-5^(1>}bZS3rB zhA2nK#++wAgM2$YCm;vv*e8`KK79gNJI4p5>V#6h%SbzcS^WyeMzTS&gJm@Rzchzn zDo>?GknW46rz8bXCf(^;WVPd`zBA!XNU^%qVVJfsysv%H}+>Ih#gvlV> zs8gIRW$U$*8&3i1Ie7r;;$iu5fF_uSRj-vk+bCA;SI%AIdUBQECIbkyS9Hqms`Mms z4;IbDsDAq?75Su1;QlD=0OV0EV3kL+1yt7lWptoCT{_ob`=s*F+jpLVUu9x;>hTF` z#Hy(ne-hCs7r;J9G|F_7Voz3m%&!E+p!?4hq(&Gg>AeNE60K@e?oV?XuK@9%NmJ-{ zx2t(@)J0;KlW6%qW8rll=f-!1T1keQ_9?}f;h<(149w7UYY8LH>j31k04Q$V15k@g zxS9Cnx}j+c`2HM???nX<^SeB4WTclu z{3ncbfWCB770euYvab>RQCs2W*@xA2(rFHjf&suDjJw=lZAsHiLn*ss-sJZAMz@_d zp33slmH`DB#?i2c#h%00|ItaG7>?M^L!DXh-cyYYS&ZFof4u z@a+LQfaM;Sc)b`4XMnB?T!0=_wN$+DKqNlAB(a;fU~Y-@s00;>mQd|ATutYZ*dqW? zRR6tc`fCNcJyQ(?(({0$IDqLcQhY1w0MFytw|vQAvQ&WyGFpS&%??nzNq-C{2+bgLJVHL)E?9cN%)ob3&^@Kon9X0HPybMTEcr+-1 z^82nj(d~APgxIRr6{N}t-v%E5CS+ep)5YdbGMIT9OVB8`qz~Mk2QTEi zZ_wlYWPcUJl365_N|ALiROZfjEPG}xf!>Drfr+3}byMiL`G&FnP*^rn`77XOfU(Gk zsLLIJaj{3;Zc*L5KPH7b7b>jeRHu2nimQQ`Z+f#|Wrx9ksTGeN0NnwKk9{O`7V%;h z007Zm07%Axc3NEDIfR&RRxQT$nq0)s(DfG#nE)uZx@jo)=HU_%4{pqjHGDSKgjv5SX!ukF{GIsk2+R3u< z?vdz1U*CSP<{QB(zP#T`Rwpv_#aizj-fw@_?P*JTCt9wY1jSMdDOLxYhQ1v@mmDOa zqg^jHumdrvE%fyo0oaumc#+`a49KhYlWhGK;YL*UPf@^gp(g~NHTy@P?3x*F5Dpeh zdsLPAr~X7HMQlz*dY})SCFYmkou~N`A1l%8h82fEv|r94d~R1_TQjIud(aH$;=(n_ za+IqhiWYpEBs|(@KplHgv$0LvmIDC$N;mrypofSLiotW$y*vg5r(Y?IsD&*Bj=_d1 z%3~xVkp*lV08V8<2~pB;&=aVt=_U`V<~gX&NdKw7A0cM~7milLI)snR2<=arjHHTD zZiVT9?yKH4TD#LX5#X(`I1fl-wbj(qF_D{(Npp56GFkU0(py#iz1=-r>o)MT z;RouT%ZYxRPldm-DIT>-yO9d3#2wVD=&+lOB);Meb9R#Uou4>nVQ8lbD6*au1qSN;cg09am-XFD^>IXcDp zIDiL;b_t4-?|wn@~-&O6j!yE*kojZVrL;^MHN#1z|d=X#2& z(oG5jnSLNkq#pAa3~~6q1{OUDOts(HAvD}i^`+-UL@C~W!^NT%K=jH|{6eE)Qa3@! zcz~c(saW1oxP_9CiEz2HNI1SJANk*1%7ZfZ2dioan+F@E!avtpZ`@6bF3JufVHYdl-V4^x<8L%_a z@CbRAdp++FYt>F39)hRb6r92BbKQVR?al0Tl;f@xl%QqoNQqD-K9NkAZ-_uMIbBfA zr|x@L{(huhD(-gAK;Xp0+n&4nanR+E+kIJ;Z;S9h%5yaMEbNr@54Xh@Y+W1lv%fuz zonNSxjejgRcT(6E?Cx_;Li;*7mkfxJ3?<`f^jR^2D3Po*8Dase7-+u9mlEuhV(3hz zjwQ%F)HR&X_H_vz&=Km$jN%YeeeUy1h~WSzPAzbS=qIx5CTmm&euM9f!3xd7I59e4w5h)j|7x{eeQ~RH-wkV2H)gsn)J)LDsxyB|3{4gZgF?` zu21tGs|k-;*Hi&c$+srvAL%YB2E12iuxn*=mNPEWcf>$UTGPvxT6~ZRcK!1@f0Eyd zLzd!N%@2{^iOA{8PrZSG5Bd#OB`SA*TE&B{4#RW{`W;`+g!dBPPtdLCd0@29<<BT7mSZJ{FzH*2nxsD4iZE(VKA~b94TQ@czvtr;>4`7QT#rTpTV* zCEZLty+dT{dm~I^tmi%;R53(=%NUQON{|m!DWNPg_d#@{RV&p$8W$-wKGAwvTIG%C zV4;e2;^pwf2*=a&E#(j;Ut z*Kpdeu-SUo7Et>tpE#1;sItnc?CbuvHy4h2$;CfD261?hampE6a^**rk1==P<|Jlt zmb@LxHuXh_PRsx|i56i)VN&^K;~xhv!9URAw55U%5>-B}?~+CnjajIWr&wzeB3+tA zOO}6*Jnv9RLfX>j)+lB~h|Jo5I4n1}3%YMn=ae6PJ!iGnIn7yoQwACD{TZWCP1?-% zxM~3sQ*`!3p4p&RL)qJ5t`WM~ag)BUVv@y=ZpehfFDZKjR<89^csiU7UJL$9swW6} zD%F`sKk*n$#VsoYAUJ$yK3W5o8m7m&jrx-lhI1;1ZJzAy=iQdwUP(NJm6#tkl!(xs zmnrFR)GP!a-zeT#tvtW60wyyb-3AEfzD=XlwIb7Aw!JbwW89*f6MZs?xLH`U8oH#@ z^}A?BZo08;Q41DdgDzJR4%HStlthM5(oeIE(o@XXQY({w{hs^nPDpzIRyU~_cZ^;% zoFh|4_gS`0g8Aiq2Esbmrk7jK=F*^(#TlV*dNs+q26$nfD+1j^MZ zqDN@&TbMH4NOO0mSb4$VIfn(9VF*TuRUANW|K44~!*vI{c~SEtlx9W-BoR#sI7~KWhaTU7ZU4fFc_u6%rCMK-b#5^2 zQXK^s+2Fo3RU2@=NEv-}!UZ-5;T!7u5-~y3@l8JJabcBDFqLBy)%xElstY#1lK!OO zkVR7mOSQ&g{IsG)kIlB?XBNk|T>c9_RlAeQU(np#Xmx`&kl#ghLd~nIgKKMiy7)QF z(C+J@Oq7E}mE|oEmOVns&xaw1)74Me}xdswH*k->?t;pku>@53FV6<5F zQ;0JQ7tfC(B*PZO>|;0zsa>?U?-M&{?tbIX*xDhtjBe{=J>O^m0>ArK^8*d`mBTv_ z5=;(#nWb8dnIx!+H`&s1IdJcIqn}Ga7F^*skw7(X>Q%gC2jr2bxXE8ObhINeMpx;y zigLd&9)iHTp`%xh)y)8kr^I4aWXpmb!@4h2o#uD*jZ6#uk%w}LL`^HYhdXymfP<>H zWwqp__th6V8;KYSoS`?nbON!#Ho;i~1AJ+REY0cc$7GqTIYILPK)Y8Wr~8Hw{FExscODd&Q>r81;BnBn|Tkuuyp;s5Ej|oQ+A~#<1 z(((79T#2M6>e_%ey}bFVLTUlv(W|Qul_WDs6-v}1onnI8pOyXTj6EgDR3*#uk8)9r zqRF(pW8=(4tLOvY03zCjo5R@|piquRF}Gp|>jt53>hr=A{4Yt>^Pt%lnG`0DcV|;B zZ$!qaQPun~h&SCzN~wfXKSP(7O6d32H@I(|%wqXBxBZy4jy0<~6vSBQlcNR{g!Imx zYn}!wUAmiyCD=nLP_eBx8A)#av#tcO8-GmL`g^Wu+#r6D{(^@WsiSB5GO?q-_?20S zawaOKhzx+nArtd33bat5K$-51X>AL#Px){ahME^1x(v2I?3{b9#H>UcL&bT>d;L2j zd78WCD}befkdnRX$W(9Qp39Krb|Ii7xzdO~&V6h&?X7JkdqnvH>!;5E8YUB;B#Ojjy71ZgF=tRNYV^0s_Z4h?nqhMZm0ui$iNWc-PE*i3 z%S4F-C4f|_K)%3Y^E272MfDO1?mxIJZJxUJ_$cVDI*n}4aNZr+1~n29^n|~T;kWv( z+yhQ-el*hs+(t@l0ze^f(1syk4bIGgG|D^Lkhlmq9P*7B-;-7p#>*Nd-)IN!R8-&c z60VZUnn`pOpohQXE1%EkJ7i&ma?tdxGAZc@fS`~+#PMs2N}u);u-n)VeY8uf+|`nU zU8r0pW1;;XN`_5m%6dMkJ0`pOZ16-Y4;?AwH--_O;Y(?uQ1^O3z}chtCVv6 zK(rx_57a1bP~XopX1%X<3dAI$`UZ32^)%u=r>srQO%fjpfS4#H7bl#iJ5Z9g2151FoSQapvva_c_#isWwIoGWVra60WDD)q#pd$~JrHFTz@ z3wWP^kxzxzV*s92MS?r9JYe&{4Dlv?s#w;>5} z5pSH@84fXVX8*+mZDli+gDvx%oPDa_@&^tKl}!fjTe9y3mcmJN0&dG3xbazI63*3^ zJ;&Hx^Av3j^S@po)B3-YE&E-pgKxQ!MezzqB7V}Ggny5E<6V+k!V6R;&a#fm-M9Mn zgvMaLeN|yui__dRr4^sZ<**i-fN+^Xidk~D0VZ} z*uRdTXE#L2i3}iXi4@}s(V~||NO&s;+H()VqtJ0ZCJTOMKPeng{w%1HK=>uixbVon zM0tILmR>gI7q~{}rEp|Krs6oiG+AFxZeuunpjr9yoZ;*5+XK6%6Eoqf_cBxI1LZEM z$c&HnFo@q+8;;TOON6-;eeDuJ|42B_KsG!GnHFNX<@xi>1FbFWjOSe~PMBIJv%J1p z4~~Cj`O`e9o=-x+{0aIzCX(pKuwhu-l-Jw%HQh8huHZgx^a6LiImnyemhGBm-W(XZ zksE(}_$5Kw*iaT>n!qgM9Y}e7>q^v2>~!Y+L%K+Z6jCiD4=1WGJ>d332uBtL5^A>_8*uRNn* zO*R#-)g$H1OQTk-|Eje9cd1mgUX?m(zOG7Q+iH@S4_{RMfVr<(jI!$N>)8U{uSfl1 z*#lnL+pmGj85AUNA%dkV5!o*CU4pb@5F9bKm70`iYu%QcbcSg}QFQWD>C(ZpxTkZg z2?C%WA{0BHx|?hioB!xLj|PQtwgy#;avM^N=TqOBMjtYCg~9G4-`G8~+_L?auuUV9 zB(X~}KS~Jo#nqD6h*FRil`B>}F622EW*VN&I)BIjzrly&DtW=^>#e5W1FzcigMPGF zy!3+B5^)rxm5}C!x5@F!fpZ)CqVAoBeWy*+Rq3wl4Lj%WprQHHUybHoonb)<&aqdM zuM>@oS{xVjqZP~=MseXye3~goY6E|!^9_u>ja5Mn$Ts$+U!T|M6Xj$tAR;pSTy30Q zc%45eWsT4u$gWdip6sg_P8W~-)<~q2pITO>Fbx~?=gn4@>5kjy&1_daDWh_gLLeJV z^#)nxL6>9gl@opItmV6^m{DJGwQbkxLMwsA!5VJA@2eZw@X~^*#FiC1-%xS=#2D9& zW>klXPRgxrOgH9hPq^)N%#yHMDwo4@sZl&$Ko0->a9i3%WxRFTT55O;0j89cCDd(7 z)=&6^Q$}cfbW!puU1)0J@;3a>+x~Lf{SF;8sV%qS)Evkv^$mbI6U{z{yH7g#ljL@B zd$Yw&iU}_*Od4YNC5r9*ZM3NM58+a(5css1R(|oQ7c-0<^QU%O9KoAL_ZIR^A9LP= zIf~~F+K{sKXy|bO)DR2)>svK>>$fSdDAm$%-U?Pvd{TVUi#^nro<)%^Ierm_?tQrz z6)=T90qn+_o54u{T$hZ}lHTbt!d0O|O8zKdl6;hl=-XQ?hHdtD94-|WY4vbdM1`of zb!Myc&kZoTH-E~5=`8gY!JgsJd6}CGG*~b-*bp1L?9f0uG7HT|ukQ(MC8{R1Wu6hT`BgGigLJhyy&L)F$13ET&~kwb7O%%sW#vL}Hn4`C{T zV6qQ`3+EPbkWU3x}SeMK(sj$iunAyhZHaecY(_qU^ncX+d?26~SG3jmgKa z`yqm@foDl*#&XG5o!GEbdC_aDbnwZUM&xeCYKVk-9Dbj%2_)&I0BoM z+nPZj;j<%G6e1gjha8R$K+PMRblgh4th&^v;fX$C-=KI%MeggIS9IsTYFC|X?Dj6S zlBuM-X~!_vRpmnU3c z&v<2L5nr8U;zRIeen`fPy6r~p&HduG+pV}-x!T_zG=b93#KJaSe6Z-il6COeLK=D= z0PPNX)YcLH6OAB2@;<%E<{d|E5yOS{-~N_f&kciEh{vF?JNV;I=vF@;!Tvng=Mlm; z?{5sc1gfPSEH9{4lvJcY1{`<|P!*8tM??X)bC1Ed?rwj15sxJnx85h0W{#;qyxR#* z>rEr+=`_*b$Kfs7E%m#R(9Kzwv$^TqzRy#DprRsNUJO~0hMAMl58(ztB}7QQB*s1t zi1aQ)^{>CglrKx65FuX_kqx_5`>lzA60hXGeW;2(LOABf09Sc`+ai7Rb#k>S_%x4_ zKc`Ex>O}p0x@I)8LTc0ZNzAcN z$=#o=ynJ3P^-rzYWXVV zgeIfNGyh{83dnl#{+aN`#tfw`-zuLP} zrSO_}#RbC!rDcTrsNsOt<)Z z_1pAb3fh7>!A~0CVGkAleRn~L7-lq_fCG zmC4$pOy6ibv&bTPpI{k5MB~K03CJlPKnAU4a;a*vw(Ry%9~cGO27Ragja) z6_*^gA(z)>LD(6C_j@Tj57vq0FW|+T^!%hVOH9X^tyv@0agj>CKS@_cNg$xD%rVf3 zTxc(-<8zZfd;bu|q9BlOp1vhG(xgW&h&iC2`G(9kg4cjMKy;{r2;YO|&4GGJ@*eHM z_TiKjzSEnBjm~OTh@C3d}=F6r0X<{E^C> zk>B~v%bCyH)k(f-7d>~FxNi&p*CpbV*uxM-HsTEh4doPZ=pF3`GY{FvfgJ=0PD`lK z;Xdvfkkasfj4M+AKn-y^uDEA}Iw;}pyb1A z$X2DIedB6H%Eh9UKFYM0Z2GIksgp-l>3Y+FCZ{2bSk zs?+LqOc67q$ybZ?ER=`67xpSHA%eO+j^F5&3nHefzbpI4$O?7b1Y*8@58}+X%P=k= z3^>9z8z-v5_T2;ux%FNh#=78-NPh1&!#)ua(9s)rR2~-_Wtc1hhrM}_E7xn%hDWliCG`{m8C$- zr;_7CFkoYIwuwsYO91bH!~nLt3bq+)rP$|gchn9+#Yn=YE0 zp#_?^&vHJ-WX8paFM|rY1&nW4=woc!(~sA~sRC|EHJ@!~I&AE4WtN;_F5y|R8av6r zw~Z5&Icv|RG?(^)9Yg$`KHf#5)u08;eKrB+VE8(}U={t%Z&FT}2L|((&T5eU`NygP zcm^D;z`#}v6X48OYY~rn2eNlb2fzr!0_Mj(ryC{xkOdois1ySwoulO}@TPolaDd6u zQ#zr)VMXl|TN|4i;Qe@WuxGDMz76w|-~ox?1rZFs^)}kV^2j+bEDsb&Te%Ui z0y|M=qHF*~YMvd4-tFblpl|lqu5dDuc`!5ZtKdE}0pq~FdEhO$4bpILs(^XPwPW+6 z5?eV$oDE`nqN>Kb|lBxM$`-2Go^992WI6jzu*B1oLg5dn~w zzkdo4DHxhG)#Rr>_YD9mhG8vs%O$|F-hmgGCRx~x%ZocSfN*r`v%^O80dTlC2m0!q zu(4P$ozKW0$;Qx)nwoXQv{HGBh6Eitl7Fe9d0~n=0P48L@^@mP?+R#!VE)xw;SR9K zRs>f^58V#vXAVHd`lS7^Eak2rR%0guoU>^URjjoiv12aHAgFcdjrech)i>mlnu4F-SWXYvPU z6cqE73RTZ!?e0ELOz^SZT>{@O6Wyco9KOO@U@~ap?iWtV-F;>taHHZgsJ3)HxueJE zq;fXD#b0&3j3}V|890@S`TuTMBl^RH<#ZIJsot;-AfCp{4o0OZ4JVV@O`Z>Y!2bD{ z##!DcMd)Mi_p0sQtSQ&yIe9@0wcXvA@HfML{2zr@8Qre>XuFX|Zvo(JX!0eD%HSHd zmKA{qhpG)g7d`<(!{`i@su!%us#xm(xcn(Q*SsE$RSI+2`;rfeuO|~~i^nlLBVn%P z5iib4900d5+wnwKA_+DnCqUs}D-*dSYHRWGG4bIe3JK?1;38^#1y)vlEs(?J!TdZJ zWJqOn|2S{)6cR~X!%WS(Dqv!K-$L)xjn97^V?RH$h-mA0rmX3F)G_ge_#|%U`7e9X zvuw_Wo?~^$wy?+<1v&z}$14bzu=K?7v#eaR3!N%ssv42n4?$N2;nRtDSX6=Cq=?Ueswb_4 zHBN=ngoV{R7c%6uc#>E5r?IXUOyGeb80^&TiN8^nd`4$B3Hc2Qxn(K@xaj45#*xja zH~E@(d6>IV$>7Hbgocf=)>b_$kz`$uqw=d7_Dy0AZrs}$frNX1izmZ)aa{n;;qqoDOGnYco? zbqW$@x580>3?;ZCkQy6v9<)mS!a6hLyvaHN3S9CloGSp2xbwmUh%u=!?*77zfHs~faJMas zJrlVPHY~lbE`kg&<$f?U{vC6jr+V*UI}LvcCbJ|p6YEVUXQTWAV0bF)XJ2L_^c6zy zfLV+}5~!~==0^E`RK`(sXNu>>CRK*-tDdcpRzv80TS~4)`}>N^^|tzK8xUEB9i^7Oi@0BqQ%|H*&AVp(Z8HK7<9&oSON2=EzDsN`lfkHgp!+y^3)%DOk}t1Kbz*E)#C-e#^<_;k zPR1we{PL!@F?i;c(1jPh!q!ZEhGkD*bwQ3($?pI;*+j09Qy&#VR*i0PA%p^Fe5;|@ zEGq^G@sYo{bvN`ght!pA-!+}pSf?D%X~eZ2x68>LBd30}!)%hD`1X{>##OS$$&aaz z1#$(u9a|dOn6~KH@UD@LuNiTzu#Be2*5j8>zAHSx_!6S(q)}oYXRbEZm<&9HDvkT@ z1fTLeIXGdC(m8>`wd$=6plBSz-%t#=2p=qz)OSacvyyNK2cX7F--Asgm-xKcug4f$ zWUzl3Po2HFEchC@50{O^$GV^9cCj!@{z5h$*RI_9Lr`kWN98ZEjZ07sfnql@Cy-zd zgY_w3DmiUt-$qb?+*da*uA~)npT+3XBk@^sbKR_F1E&tRe=l-|ZRs&VGGyBR@6D3g zMbu9WS2}zzM2{I3hejHByc1_yT=Z{iV1J8=mcASA=o)tvxt{l2=Bft3%3d=2okOoe zGD{}$v7nX+^iV-AIZ7HqQf~gd)HO>-q_{WMYOYc&Qwam^K#_%2?+X|wdC5iBVSS<~H>3i-vGX}UwmP;F~V zjeF5m4unF{pifyPlfCrBSxriJqi_7l@r+AWAfqcA*v7gqut`mBzhDo;c4Z3T>y86m z+vQLsbwehnjaCn$UMS7^E#0vXqjQ=`>S`m6{VIjM#ZdhHN*55|ez_2hKl$|*#+j#h7F0qp?1_c2g7gb%i*aH=Qi~n#O*TUR+7&jD7i8NcI{B-3Bx_Yif zpGOc?Of$DWFTcx~Fb>2R2mUK{A8I9~a*y#R3sr_qzsL3`*thCKW+9GKXsBmK3%8w` zg=|u1NnP)!nVkU1H3N=!T^BCA^f#p|z9H`r{DbhJeeD2(%!qgt)*v{Dz_DH|i8uPi z3+izb(#=-Ju6@_S_f6l>m@r-XfVR{Esg&|}oPzqN-S0vSbg`q281k&2MeQN(NW^Or+8K=`MbK zp2(}lnflHr(ZZUV>lAM?TfVP(boouU6yP@+?@_vfjc}$woykkDiwzff{>SpFdo;AQ z-f5TTE9VXZJffdFUTM+*@ztz}rlbJTToIWOQ>=IWJsw?6Si4qpv-Ry|z~k+{nWhm2 zr$MXb^C1_5?CA@eY;#;sJu~o=CZ#C2Ci-v@$NoLT&7F4r)Wk9FH{DU^;J1YsD75)@ zxrb=^&GGb+eu6^V#ZcZ8@KP7cW-^rbTIkoX>a!;?x@VTkAh3YLxu06sUlNt zhuLYp{>8P%OGNPlvx_G?_kgvE50cm9V_d7-s!yK6_|^0hEkFa9Rojkq2H(MWP0y^P zps_U(x*;nb_Zd!}a)(fRm8~4-g@I`@0!$KggvOJFIpZP7jaX$>Sayle9p+WK^*Pt` z8c%6zWv=hz9OO@sqH%HU)~Y#aohRviA=Uzx-F6az@tyU}T3j5%o2HKuPkB8%8ad3R zO@bVG3iB&*u6!5MgHZiVh->Iy`_=nF)Lj_@uMW1ZigOzow-%Xo-#4kO`WeHN@3Xy6 ztC&dVVG)I`eEXo8{^4@B%Yj2ehciJ0Is!T|T*+Di&FhkdjvrKHx`JNDNL1VJ^NtfW zf61QNB-Lw(r%WL&9om>-UN$50YYp9%ZlfQMpY+h-vr*fc6 zq>}zuM{mTg8^u|M0B_vw3U=~}Pmp%^vQHAeNq2(o__?-OWgekZGRIPtwvxMD5PLWF zmcPH@%al1%2TWhjU<_r12x{d(tj$USEDIm{zwM4R5N zn%%1iJ7!-M)KY;IUj>T$hmr_rG#uFcD$}>dhzU-PK9}t3j)!Bt*(gaNRe=T+%Ru}| zp0Cv%402Ga*>*?e|5Dx&<%fc=Bpg}upq9pI%P;Dq+IJf1D{aFKlNa?{eCI)e^G#@x zXa1s&4N$0BpwO;UsY{Ze;?DOf#q07Zh00#m4#jg5zNY;{$0n#2N1qtAD^&ol*(Fii zb;;wuj-tuY8+LwI?>ZLveakgnf^FeFaNsrzT#V!OSnGlmF+ZG5IIF%%fQsnn+inmd z)FFvat{gljh_lzDVcc;C;fb&E8LdpcNl@&M!vp=~w2c`R*Q-|&=jJ4wyHhv)!BhhJ z_x%cELXl_D?^{0$kZwBFzkf@B!1K2*aP&-2u&?v>1Gd?&r=f$o-v!=D41EKAFz&}g zc;v+!!i40>wK_CLAHkbAbS%vL%MVASJ-w(UH0q2?nWwLzCeS@9el>Ytl!w-y*nJGdbP_FrL(5hFNRoSMw98hvp!@ zD;Fy6yOL?!X(4ZR(!2@~Js2ppmReQ}x|M^cEU?2l8Qk>Z{fmy1W$3a1?JoN`^2(aF zb%1ZAASQ7@m%Z?FRVYK-k{8#AmsaeNwC{kTko(MTkj5#w8ug}$48o#9zswp9?+Vg6 zmaT;C#JN}jvg=A$9$C0S$v*ti-nUnV)zN$NCJ}q0=M? zqzVUB*K41{jt?V|2g~$QjBdup3^$5NNwMe+ilzUCQHK0b7GH=mc}-l3;MH0x<0`OB z$fBH4=Lhv5BY!?aEG&`UXB6~kT$KTDYtT^fvisE?ywj0_ozdJD)tiGJ^D6IM6Z#S0 zLIoxlEaF5!AeCQmnGmC47g0escKBw+9QB-mLPs|83)0jS{>aS|^I@3(s>d5o;BnuC-7eG&rrJyrid_4QN>jyOi1 znew#K)H9Q*^Zs1_+=LW5O^3i6k!NtYG%P!{Z9$wr<(&9pJa)kUp%JhLiG)2uP{T4~ z-If~aNM4RJ;JMb_g3g5*p5>B$UH>{txC=Yrtv#S zXWE?C-!A=oH)^uwt^ALt4o>B)4ei}1TZ>W8t(+*L>XA17_f`X#P~1_pQS!MS^|479m_*u)f z@SUig@}LJ@82iaT*TMS{!O5nOD>L@(cKt+1y9@ASwG=A#yMqMYBmQ%1RPyCl3cNq` zY(jHYxMX^Cl3LRX}Co3rLxUmCAf@3GSC8jO#hNEI8klXHFtGYHnpg+j;$sv zd(<*b0rO<4pRBrAXG)rc*JcBC{~apQVkOA*TXqN3kewmOL~=->k1O?DvDs_MXgjtj zG*9Ve(SN&=>lwt~kSD1^PkX?mK`e>-eMgjjX}A&87;&@v-#0XV3C}KjUGw$eRbN|Y zmb0=Bj>iu-@hD?Ibvkac)Pq!9dyRS0-h<$BrUD-!9Nk`JK%qQQENn zW0&xDYuh0BWaWUTYuiT&yqqyV{Fg4TlC{1~3LHK$bCAr z*pLF@`(VG|lU28St3(aMC-5H4n-om8yq7+Hru;Y~ZC@edWuujmUp}nOoRUR!<7|9S zj_)brZCSl!yhBa_+4;YX$~0_Xe3s2g!DV9N9EzJ}Od!nqnU$)qZQ1`-@b z1(#a^G{IJfC@C*;a8+Te@d^@5gwYwwm=LCXDhClvCK8s$$IR2&4%FJcwU4BK-Mi?~ z-sE^+t^fBbO7YB1;6)C>!*w+fCUhp^U?kb=3TD+bD?F(C#Vv`8??=88N7K`<)(UZC zGYa+Od5oz3Hy>je>Xsudq;GE<^Bn(ZhK->Wf;l>^j(~@VhtcT`dInD|t*jAZ-}8WKX*I*1cKD|DT zp>i5O%5yyb6I^wl^Xq4xtgCswtKm~H!j2TpSAz}$98AfHcYR+fME)>=vfJz~_O>xO zUl#6BN;k*EtY@@=e%Z9zv&0C|JW1NW8MK`Vjeqa+uGet8f^B(q((oY#jPU(h+)Lbl zx_n=)^(ZH#RW(BV*M1B%ztd_W;>nQ=XFPkBqg%H4Cf*R2`HE2Byx{lzN#2f+8`mNs z&Aei4R@9#h9oBLCabZ@dG6}-;di&LY1HX?JzBryNIRZQ}++QnO^W>vN_+teNB2LQP z{UXI{*`i;0KYt0W5f506q0ry&?AV9e7B=pgb3pL`wxGqG!u_jj(JT5@Cq`!k#KT?u zk>^HIyZ0upT{n|r5_aI~U|1z<0+F-Kv^lR*o8)nG*Zs?ni8S{2p*$6@&z6i~D z2zZQmoS=JLAcg_c)WuISaAq2JA_u|?ko9$fWteys+-5xYzkI#oG?@|jGZnk=VHyK$ zAU5Le7M@3*7T`I;=P$YciAHb27Nl`^D+x`XIgi+sl8hyU4>c)g2EVPG&-YQAYf9>Klo^%`IP zsNW$4xb_?!E*VdYS4-WWY89whqv$PUl?dxl(2WgBS5;A?7(((192K0Y2uNZ!#1xZuS-w^4Tdi8>LZD_^c^9;|;1ukkjbJ|`u*CzGnHw)6Pq5C%aTZ}T|xWbmWuziBDvn$*1gE6sozsD*hG>o|8}Wvvg^bK$hKD`OJcb3`~~7pkVc=Z0UHT zU2=`YB2mhz*XFCAZT0SN4*n`lG~Fw>8ufFISz?)m*K8H#UH9-QcBtur8+kPEkTuUu z%LruT4cbe%ip&L^z7}1av~8g}^4iV6Fe&^czRES^MB%8Ql>ZKg_F2!5aVSmvWHyzU zbl$6)%9R4EzBE6FAlq&DiFGe*PyC z*!6O^FG_84AW99)ON-^?pTV+_FU)v{QuLw+DFi2mg5ZDOISlypCd_)jz)xi)CVx&p zW@W47PsuANyh#d-KmzT5xE%)+&LX+HGAHQS+4HUVf?w`RUzqextpqe^M*n@DM>CmN zD&@xkQAvqoJ{3k22nSNd3X*H(LYGX5am#a2mWO!&nz)Mm)DCqWBRECzOj#XtM zT`KJ0_Xx4(rdk{`zUM#92P?t1-g5u=!XJZ%}IZUae#zPwi_=$c>Z_-G9%YmP1&6D_)(0 zrGoxJAI$?2V_c_BM-e#i&CgetNw`p{!QICZ5Red+~TZF=?)6`v{5%(n^0 zR~1@Ep;^?}0sm`h6egDr>vRnB+!L*{T1w@0j;M`SL=@A$dhf>Z^EU>1)!YBqN!b*S z{^DcK(liXzm^R($8XB|LzZWf6=gLB|xVj7-3;4f?rv}pO9si1zhC^XEyYGq34?=vm z{mvY*q_+%%vVSPok^^`g|9|5{04GnXn_uoo=Xqw?Gu%U&K#Aoj`sEWcTSs)H${$@R zELcMKp$nR`NwrRM-WlwCj3v2ohr+}CHp;$w*Lk{NH)dr1BN>nn)yv;VKB zD~*Rjd&Awh>IxCc60+~qFm`iG2xIK~+La+YV}@&2vM(8HjkShhY{O*9GPV#is2RpC ziIHun5rx#>hyQgxzaO6Gob%y1=l8zPbH1_IT}DY;`l|mAfUFVbnbz24W}_xq{oX8@ z#|9AN0>tZ%s|Gy(T_*o?=MR7RVH{`7uNzMfB)O?g(gNz4(eJVEPx~V@JhfNPP@u%h z1I(Ta4#uYGx|>W*lLKU5s+!-jH*{8yz2^5F$cI1MT`Cvnn^f_y;iad~__11;j;U2RNDfMJM zxiHs#plrSyz#BchDtCTdJ$_z_h>0FE`oE4n{WW+R|JlgFJYq0CQsc+Pr!qWu#pVlM zA+rKJke4il|D#(ce7=-6kZMiX&h`gmTvggdL7^(z0d;;r*cnk@v77phZlIyPB+uiN z2|*IimgIxcWV18qr`jfvhe_^$pp{daOvAB_iR+9lF6bq*e5)cl>n7P;4LK|2x~S10 zUmemIB{pYW1<(yrM};a_Jc+zlnd?)hFLp*Uidnw^?kNqgIvRt8TtJ%k3L(8Z=yhSz zV_^_OrL!^vX8nZHjT>esnfvWve4;IWDxO~|7xvTqD|rog^+6FU;p_->IW=IOwV$S{ z$BedSC@seiMp|8!FdmRu#AN%m`7c4f{(kZ&4Yy%8^vfpf7r(8#$K)|RiLC8fSm%A27!c%OQ5W(2S((8RI{ z<->!IfAB7=ey&<57n5*9a^_(+9A-g+b}M~IHc~vs;O*&`Ok!pyRUK6MsyhLcX$|N) zd%mM9zn-y=Jl{Uq-Y+l|A)gLkQwJ@+J3I(;+dRg>cbrAOCws#PGz00B&C4U3dUB5JB$zOC9z z*7jwGK0+;M{*cLnb_D|TtNO?A&-%iA`6iO6&8U%;Z$F7 z7pMM+sb-Y>-MQ|JW(ZWhe8Ea>x-Y_&!7&O1;DUF*2&{0_XOjJN0*{tfs?;kyl;5NX z*evh~8)Z;yYYWF(>c?pn&)v(1F4yblUXrce^6 z^3|xQ0)Mv!-^&={sX0BfW^QQb(KgD8Nh{|S6U7qC&<=E9@lDA1vt&=?joZDAQWjuV zx!CVKqME2vU?P4=hFjhx{M))+&R!uY%2b&Lno~*DGU?dXg>ztmqvfpLqW-w0D#5ZI+liLxSmsu}1SR z?2*}uXyK%u`=N_{%|BYDke-d0U6w#%9W5%Di9Q{aIh?oOD9_o<;0tbx9d-+Nn}y3o#BJdZJ}Niru?wZ^8Ui+xei_ zNo3F!f**6Nr*B(BXq)J-*^C-={~ViRgpVvqL(=bV{;_~dR>p2?)NRaei|EPfhA^^D z#W7rBUsou#%J*fZ3!ODl93p1h1V6fYSMJNRi==J{=N8s-Ie-`v@Y{-=^ZF+%CZ_98>^fLe6x1J`7WEm?49o%-B>7K1P(uJ%XoQy#t0 zVQAf-fl3B?ECu^CSfWa^XDOahJZ)JK-)({-({+J!QXPqII|AQ4c*(}Kq161FTd9Q35@uWDM;*^rX(BUJoH!)&Uwf*@UKEUvgdop8}UVk zMNQhaY}v}3Qn=_Qc_6DL4?SR_`!5K>d#S%RkP7$hv~u*QE9knWY9BSxtUz#?nnxOj z|I;tHM+DTuXoT@A6TYqfdNVhs?XK+3SrAzCdAhhr)8}mq?hICPgNd~fqwj(`4%#MU zHEDh(IHf&yBUb=c4#$vf3euu(spOB?7ADeZVzS1^n~)InqeK%v`JVviobN*V2;c;m z30Im&o=LhR_;jo}<5Dl&1@ni=0~=@QcCi=yr3bfCJ#Rsr4P|6Yf{K=Hb`-g}mVzce zqdDLPv>bYb|Mt{(+om!*<~4wc?ZdeWj!o+(GqBH zLY8S|rx-MMyNi#(Crzqf*T>U2npJa{uL8Xdl3W;T$Ju=tUPr4x4)dfs%^zX9u0dbj zZD1QA9T6gcP6B;MMxz`el3mP3+31+1s~CUSH?42oLc4lsb%D?xSko99D-8~VX(ssU zAMv@tEUY&R87E^_X;N{_gEf`WO0GY!zG>I&_$-3=UGWxIpI`YL-)369+Oldec<3lM zat^gBxur5=@3ubsBj59i-}P6*Mi2F;)JBu4y30eFaQ;SXTc%Qu3m_|z^|eO!XR})i z$Y@vekgTP;QEi-@d+fHZh2Muu`B9Gb(nuT5T)Pit9}&D*89%9<(m@2ZPCQjLhRtJ- zNZ9#MdGbi~CADvMi50Xtuc(?PhCfKY^Gl<5;D=t|_}j zt`yO$&Wv;8vZjy7k!N@GX}Cr^Ut`rCxWG61 zqPVYSXF%#zq&p4tJmVOkS%EKot z(h5+{nnry_o49Z-M9x|vlwuoO*rdKYapF};)*|QdLhHMFVioiG2Wv1tyNDDznLJoF z`cbg&DZ|K#+b1ELW*QJK0?_d^Ftf~J61Z$dv2TIvVw&Y)-2j%k`{03quy@vLYr%Ul zbaH3N9aLIXi%LVLWBp_ruwv?=t8lqugkspN;h4RpfNs!Gm23^EvQ*#oBu^3YEGxzW zoFx+ozAR-64}PEONbnl8ztFKMWjoZ}T3g()A%g$r{Uck-nFJdGIqPV1QhA-wEsRY= zZGk+t;tuof)3It09dT9fmQ6?wa!s(jogx;o^k+U=8=H@R`Odi`uu@e{_Ybs_!T9Zt|ITg(BA;m66$9<8NplMGz@l= z!#dce9D8;z)JnLn@Ga#jo=8G$$1b_c+ X3L5Vh`mnut?sOR&nCUm@-GBT)Gk=aX literal 0 HcmV?d00001 diff --git a/docs/class9/_static/UDFJoinClass.png b/docs/class9/_static/UDFJoinClass.png new file mode 100644 index 0000000000000000000000000000000000000000..a59d71b0e21a5ad14db0c08423fbc3f6786ddc42 GIT binary patch literal 54296 zcmeEubyytDyCu#5Avgqg3-0a^JXi=29KryB!8N!CPjGjLAi){jAq-9u+@0X=usz@R zvwL^<|9$qkq%+e}RozwZTh&$PJ!c{{Un*i_l3^ksAYdyi$!jAZATuH$AVENAz!{e9 zrRTsGinWZo3<5$`Jl35#DsW6=sidurfbgCP0U{gZ3E>Fnz&Aed z-zX39-zoEu{+SY)F%S8l`$!OYCK(+$Wo6)7$I`{h%E8sf(an;QdkS6!+gJK-`s!+; zmW~ik^S6!`R-9fCCwLYFaW7F|7h>gRPU8i!cW@Q;lA!x5g($EOKg~r)^H&l#I|({{ zbxj&MM;9v^K~8Q?ZaPU!8X6jLm$zV1ZTT1f$POGy(Al`TIf-&{d3t(sdh&5Px>$4Z zh=_=Aar1KV@^SzvI9$CQ+|0c=99-%DF65u($XmHuy4X6o**ZGVz{@qaaCCQ*preD| z=wE+-Kc|(K?Z5Bj;QEhh0TtweU*Y26P* zjxIV*=9X5HJmPog#b1HDk90lEzJFoT>t&jf6uDxYULv5 z2mx}sN&ef4|H%BG7yo<4zY5m>_dR(91pmuD|KrksWQA8*RKvvYzpek*S-|{~nBrXjawSR31M%i~1O#aWWqFxbUWj|y=q*MH=lvS*W%0Fx zq-jt-;J!!d)U;%oKtYtTowzG?Lm|Qn4h+syN~LQh*+I&evq?Ze$`8*NGX!DmxIdm! zrk%Il9vmz#G#o;1hqq1_4;IBd4~9Hp64oQ>jr+WuX~Ccmf$%LUz2o+<-O=y%qV8a! zSxEJ|^m|)%!{Ylv@KBn$-_2Ro@7IRIO>R30v6nEm@6%^HKg*4qJthkkaRS<0w?-bs zr`qmL1|NL-<0v6vM6WBYQjI4cnT8RO(XQ-dEvWsk@->gT=V|%+Cf^+9hnAJ}mAWrW2aCa@} zf9JKk(Cm4U*7kQ*Ur{5nGXBF z$%L^T@mHHl>*8(e>o#hEf!fOF4WX2%rE6~zCL3i*^Eha^ZVnw+=xXV4Oc=iVTAZP; zd&Hh2;Zx7?ruK&uvf=xk;>>wsEYMa}Ps_!uUHwWpIe4@%bl!U_+r*ZZ>cIFqcveYL zbVEc>jhuCqGC2zLLAo68qqer4K*?QHAc#;wx=T|F`bOfU#rrg)jB>zTE-4|BfSD|} zjJC6vjjS@p$-grg)#UmEXM9go@a`1Ql-54`b$VyjJ%{h;BlX=h;WnC03QS56>@ClX z1YAVgl0e^OfD!WN*Vkbhb|YxzK-IGe7+{e3q)BY~+u9HD7$L*Qu5ZRJ+Fr7kXTfQV;fkEE?a*8HIR z9)9$%?TawtOg) zqHHU*rvnE3j=fXZ@$DrZ%| z-5Rw(#_i3hNB<31fy#6WN?$y+V-0w?TC4DdL4VxusTRqrWn`bVSRwoJy29R;n2JfrhgGrxpaTv zsle089&R`x%i%`_Xd&A@{FPQb%yZhaRf8~*?@MNYtj_Z;wSvoQ*ZPl~R1JP(Y3 z9y{f0dVBU$!;dul38}@M`_2TT0%jCakoW2445VQJe1Ch{P+mX#%^@$#bwuQ1Gt==+ zv&TMWiY+iMUW|wxUOC&ItPf1q+377kP8xd}FQL0Kc3hng@r_;`CwNRHa68Nk8@6~= zL0XRcIFw8F{u<=rLtk>%K}n{=yKFH}&g&Z&ldJ2k+&N0mdGn>mhs#sRHJG-ml;U9ChK#no6!n>RKqgkUf5Wp2KH7a)y%|hDE}(=zepymy+)-dxZa&b zoJOYL@RaA5XeW+fJV^E$h~aa##~Wc?f!uhBi?sXm?*RfypS-rGzUMkBs>QJoGIhxJ zG;ZbW(whX_pI?+a`js9j=u%mBg<|-Z&3G>Pl{+rAiMS4~!6Let>GkES@y*!yDDe)Hg0Cv zi4ST!{y237{FUSUq@cob0xyhritp(0;qY+}Fm-LssN~#Bsr$2niP!6s@FC@#RA`72 zw*wChYM6IX)qT#m`@OyGc+8CWYLKhFR?_cgy__0$+JTI7C49LQ5b(S>l#~(dn7%S1 zz`faOo1F8O>G%VE+!1lYu;APf)&Pi$`~CTEy;k=Pz|AhAsFD4Ryj~oey`W-r>J7_)>1habUbK8;Qa16_dw{9QmXh{5KV;HxDTm$bTPoW1{ zX>-sd&CMiFKZWJxqR)400&DUL)-7gY$s~NLqu<2a(MNe))P853JV>r7sT_{7}kVubEIzK5H9WJCB>YFzDS|mbYH5M(+b{eUwP2 zR$#tw45|Bl$ADlt+**rl4bgCySbP-;M%1J>iHqs(csw=evOvD3 z1TYN0(lGwz_AG^9p|lL_=D9>)hK)6RKS zX=ydS4?NNYFXE~8rFJ){iSfZimowJXx4m5c<3;*Vv14hlM|RT|ZQIY6Vgiw;+lBG( z!$L1Qk%hmxIZ0q*;(P}TIuA5S`?JX?FB@B`)t#`V^-G|$oe#LI8E1wdx~{5?=_pJL%h& z6`W{t%%g_(`~7#Y_rEu-ri?uW$`I8ijtq7Yt%9q_!x#o!I^|(O=v3RxpKYX=vz&rG zXJS&x6;cIz_Cz5Ez;GhK{;ko-B|WCwF9qYP1yZ7jTHh->>5rou2Qj({9Z(bdM#I9E z7@TW%%lXrOsfVgd{|+lH6=l0$vOBi#@_lyp+^j-7rmHOPExIT@raN(9Sr&m6eYi=e zq3g0Mzzq0Q>!s)p!{fjcNIvca_9ZJ}JMqXVuA)tUEQqAFD3E4wPXLj6*9*E=J=hXW z0(Cc35^VvnCE+*1;=!pvase& zTXHC_bhyVVfAS5&KxR_$qFS%6SZjhkJHKpylrYsE9-);tbsJZx2cC*7#WySkFVH$a zaH6Y;vV~@~qBN}H_w^(r(2w1(1=aoxogJCocH;OiqmqKta4ig^4Iqg5Br?$oVQJg0 zsA_+3r0yz(cGgs52Jv=jy^hu~pEwPb(2o61lM`?5j04{%igmMCeD(svi7ng6OQ_Ey019 z+lx6zM-8d_S{~(8LGFQ$>8Rw!Stf*ul>CgqtH5bTXPJ-n@^?aM?;z=yw-RHjE89VMQD3Ackgj ztrsX|Mtn}kF4Z3?H$G?>>8Ba9fn~Umc^qu+szeZL3dJ?`O#RLoo;*AQdmDY8fSw$g z#d1BvCNAN3P-Kan$9aTI0HY1GJ84B22~ zyU%Egq)S(I>Ms6tF+^uR|HekOmVTB$NDwyS4*FmVUTLIu4;*~MxgoSS79Rbw>cAjI zXV0Vle9~}>T{Q72duVSt^WvgyKlE96+sSc1^=%bq!wV)3Cv)?yX5U@jv@aM#%l%~> zEi9@NabdPMQqdnszv~lx>I*}gV!Dyc3dxJ58GVaS-0fvHBt4eHZ<|m>inhk%JtFYb z#gBELN8JD`*8LZTiWtFLeVHjrg@NpqzG$JvyAqoxFhC5six_$=aNe{Jvq@D`H*P zAsk&2I8Ic*_M&=LYi(=>>M|YM8ue7t7zc`zXabKqo*KSA8Ixv}8Hb&7k2K_j_8#uR zdP6`#Sg!X;tUA7=T1onqnLW?nyhL*&COqlDL424O0+FnEO)%S5;U?ZDpc6A$jMGWL zA~h2Tog!pDu@R;nTVjuRww-1(X?Z_89#a!*9)5#~;s_S#&In4`%vTPd$C=0as=8>Y z2{Cl)J0di3S8L1(1zku#8oS}tG&BVa}0RUD6(j5;)K zq_kxpk0~C@T}fZTNVYE(DczIwew|`q$k3YEcLt}|f@!Aw^uNnfvlJ!WU5^G_+|yPh zReEJ`SX5Pv$ES&#`&zgJ)@$U&)?^Z>sEE_3t*(BkM&lz?O=9>%w35(9skb$yJ5d^Wi4#dap*DKtk3|D(CIrayFrAl2+oU z#ca-t&``zA`mEJ@wvB8uT>d-9lxNOH3<-CB7HzJY^igIus&oGn0?m~++c~PWD^wDr zq2FQ1+JP`ArKS)a} zF&~QOb;s~`q2ZW@3ZNuhA;6YLSG_}vppHktWYxC);r#o3H}29~LRvyR*azNl?k?(J zVN88(vrV#2%i2t$wIEmwM@=vb;_)4`vBsjNFC2xqFEsDy7(zxiN6-te{35k;!{6T} zS^(u%ltk|5-wB0^e+bb|*c4q|hsmA2Ppj!BL1N-7sl)xk3_i#G;*}Pz8COp

nDm zVE!V_T@F+X+OAcYrMVCHA1XmV<6tj2vu5`hTHn&KpYcVS!kRo^w;S#J7APCY9YPo4 zUS5twOh&9+7*nasYb84^qojCbkr3z{1F0#jnL5gQ9IuZgu?q5`C*ZXg8$9nMBjnI& zdlpa%seGc9!?=Z0ZO_bHc@Jj!l6#i=(BT>>$NG4W7+-T{1F71%h{ zX|jOn9F5}{WYsJ?8l8|A)>9D_6H<<+FR#8(h_FT%T982KRnNm3&X}N_=DPySfKT_c zJYI;&kbb_`!r7w=$M0!^R+hUel}@*jRj_R_dy8K!hulwxoks~ouK1aH$#FmBGs(+R zm^vf+d0}&SCbEtvta%wDF^;<*y&^nS^}zD(6VBF|0WDI+`123a11LrjBf^N{YiPY- zTWCb0)K=&|c&iKX^VpSe(F)a<6{kcEA;TPJJ}*+C(o|w4exyzc7J& z-!P$77I&`q?S4bI`6DT8hnUiOK5%Z`Xaa|M?`>Az(d6 zF;~1jr?{)@w{Do~eFk~F2SMr1I1%=*4%Bn9I+7(`Z>!qq`4SVjY|v(e^Br1eF>fnX_+6spnv}x#7>INmb|b9dI8R z7QV5w+4=>^UnXRwUfQ2d5&D+t^aC0h8$>&OZT}Ke{Qa>c~toc_%HFdFQ8FGUOt@?Wy_JuWuOlgJ`>P~rXGjOrCZEVk%&&o z27H%#IF6rjJMnWijJUlT(N5>e7^$NTnrC~>R>ZJVU#EaTg311LPaGeI+yR=Oy8*s< zDz)y5cK~5ND>33prI2Ed zcpt%Q1A{-Qo|9vWn5f{O^v1Vn3mBA<-5|K61XmRvyc^2;xjC&OHsw(aH5q?Q=p%+{e|hXCWy62{ zb$OG-x+4a7t?`89vOSL5rIj+eND*&Jr&c~t(xL?@0^v_Va>#^hm8;i z*dGR0Xm4t5qDtyEZL$Cu1|*ShNZAPoDG1D5>PK z3A+Yo?++rna90&akF(MBzjC5On?m{TQh6WNR{A~a*mJNCJjd6&<9O31f1*t=6yd#( z)MLTvp{*ohIq-zGiY2y~@ zlyxPZq+ef-`=I&iAn?%7YsO4_mL(1vR_VY{Yl)%*6S~Qa{8+Rr9Ded5Q)SkeL;W#= zdJSJiQ(IcAtM03&55^Q)gW)XYnpeJN#YI|4S>s8tb{B(&HmIL;%~0&fgjT<1lD-!C zK>2>Pt-pzTF+e-6<3=7SlO$AA#nfs@g=|nbrR1TzwVOE#HSsx=ZOg|azjpZ|X3hiz zn8nGMCwHZ{GK@(*T3N^0@P)LU%A3CL`QM+m-HxLkIMWOn(edLp=m*hfyiWTX{j_QP z^tx@UiC7^j2xkKmk&eAhj&>zKdC;ZXnfSN{#8p;kouMm}Rd+3!p8rBbiH|LnE4#>5+%26}!K=?xn96HflbE>tGd8V**EDfc zg(ej=2ep!&-Rgx%tdw8Ak4sK{NG}a5w@+ksieTPyjR`FZ3JalwM~PgJ3ck(Y@A@tY zEWdDN#6>+FH8TR#=|ZFN7X`8s!C06QexH9`MA8MWc2nEw9W`5^wYJ z?%u4tB%V(u$*w!frLLdfDt1fYu4L%=+<(Q$ra>!OR#@*qW3t>Vy)P4C5OfDBLzL0% zucp{X=V%P@+BD;MnxE7L6OIz#U>z&LR7dFhjAe?wJls&VWk zX1NZ`y)`a17r>BD_#ht$(+!sMH98=X28%{P5j(mj{`H_5xRPU3q{x^*B_RPQ!0i&9^( zKELn>Ne{WuKjGoawsTT!RLZy?c5ly1D#FwLxsG@$j^$w+4IMz83cR{E(AO~Yu~e9U;tS{vt#>dCQhsB_lN1&qRdWi}&rcH$xN(Bb z&tjQ!ja$wnGWwb$ig123?{sENO4v>d(e8SS2}u_kCc&(2(7u%1MO2XAnEO+vJTtHV%HI+>=VdzWDciu$k2I^@!K)AOS- z5ox*fF(xwFCho4-$VHH<-Edvtb^3*%VgkJ$$v&bi~cZ za91*n%;zDa8F_Goe?ap1Hlh|6_e>w>6CtjX3K31>1lxtaVMDoDD_ie}4pL+y-SifAmcy^hf3A5GPhPv=AYF}Ap=#xJ#0 zwj&(!1GEgx_CT*$n4Bu>^Yp9N2>6!wU_|v_9Ck0#Ug7rbS4z0viQgyJ2WiXt^(?rq z9UI<|>!~u4RZ5RtXwlf5?p3Bawx~66!LSY03;8SODD4Do*OG#&xkU)Di_dh+T%ECu z`G+mq(MdEWMe}=z$)jw2dP~&rXvo*!guGJ8XezM+X8*M@rrjp7V#GDM_86pSIY!)R z3gFitA`HIb1k-5pJ|iJNF^&%Il#6QJ_5NsnZZ7ydb@w$?C7SIFA%2lq*>reL@`+`B`b&dh={F_EQY( z-gQLN`)JOlFL@Sybjy4r!rjf!!XUaK)bAUollig%$37!M;#=)S3snHik&0=a9PwGx zatF&)Kq{kK75V+Q<&NDMwMbHJ?p*v8@d~KX2bt%OrmXE{#@-F%65`yD*X+z^y1#-x zDPG8;(R*<6+`y5^^bcMQ`JFb*0fH=0C7ukNeh^IFHIQqzOnBlcJAd~^?CvN+>I{-| zoY0ZcZLt*Xw%|VHy{He?a(Jdu805@G^=3kE%{KX_Im?^n*M-UeJ%N>)Xc$M7sAf!Sll>*1%k0SZH8XZ z@;kAcb}S`J`w|ime!r?PTzP+@cEcihjZ`x_B)>|grSxMo_2q;J3O`E0mr)1p7XJQ9 z_9}EKoJ#=J75MzB_ndo z{B6$^@Y=CQ%(@MuG^cS3@s5qyz+LJn>uCv=DfeOu>ui#mUacuHaK#R~d3bG-8M+RX7TvMDHO)TWS-5GCr;y=%xjpPM8c%!b%;-ZK3<2EpA|N%Xcy;h z-m1!PI?h`Or5GeS?8U%3E!-Ns&vuSie+H_Ju<+DepXn4OWE#^%Si@AVxT~-IzNylX zwzgtGoYUEBl*#5$QJ>1@-?nBi-MRTJKX)^_)DV1w&iP)#a(?L((Npv~_=+5KLHH z5O)&TVGp^WmN5)r(y3J=YiP3w;3(VvzNrHI^A}e1fk98KsZSMRP}GBhlqE-`k5EKz zrIMXQo*%bP*7wmwW~P@v=rhU2E@eTODw3t<`PoQ2g=&@Sm}fjEqzee43M2Y2HA@mF zsW((gf2~1td0*r&pIW?1LMdxjPMOy}45EoBAXvbzD4(;`UhK}CcV%U)HD`DIh0L|7 z-mFTc!fEJAQX|N@9xoWsg~9A~St@JC)+Ml#=$w8r@+?Qy>m^J__4XY!KvmNAwASy& zP~USV;jF7p8N!vd#;4r(A!kdBz!Z9Jp`iDL3W!>M`^@={j`>L(bot0>t20&bXxU;# z*a5q2<^wwMG$TeS2%!Zvy^iW2%qp@1hodpYmzyB2H$v#u+H7aHn0g0xq=6m^4PnwU zCw_a%j3^=W;7bQS77tL>Uo|q!DkI>|xPuq7)$#JLpR3 zGZBN_n_twjPx#89i9N_TuP>_m1wJUilLDZ zX@Y7ZYbyY7euUMzV>cc)6qBmY1q74aA03j5>_|y8ZB`vO;+E)#9SM03B9@7s9W_q} z5~UqWvK~ni-t1MHcUOOA8>gxfdfdcH5hAQE;$iBsim@(;X)5BV@{+POVv^hsRp#mA zV#-sg6XZkN%79{CtK6(Nc0nT(l9Lp3C~NzR#wOY_lE78{(-0gI{jxue>^dyyG0fwq zz4a0&y?)PhR@byA82SM4z18B)NS%FewbtDx%83|MDE>P=_RB!jxF-|($_0EMZ7aE5 zf8@m#Gd{$DsAl(eN7Tq`GOxUv8q{vneL`PReHl;h-@bq2!m*?Il${%-#r~$BgH^pF zEIMp5R2GL^?LxexiZ`#v2?snR+$SC5C=rFn6|#o->Yzh9)@5t)?cP1in}$!Wr|bPm zcN{0ko&}k`BnI6h27}A}?Xif8a(-Yjy(rrcc98>gap?te-_~1d$%#(X&*Iqx_{5?m&y^Ek+gv)v#6YTy={k~ z{^7jcG3TTH7kpAaL;A8y=KX^6B{qsI4D(X64?ob6`28q@&}j)gc|-NfFw~+xJ_7NX z;U)T7L1L_F>j>KpMjbgVlAyFS0FG44s8piXxG zsx`YGrdRSH@B%qjA*s%QbyZLm8RyWM&Zs@(5DMO|ZWpI^4C(mT!0YOrXh6y>3tf}Vu_(D87$sk zDSgzX`A3xM&8*(qPVz}++dvQP-Zt_t>`C@X!*S~s)qtLAf_n8$$>LfG{rqP?b4hcj zp9G$1UCbcHV$|Ut#h6v|b4G`r-jqE7Xb;INCN-YDIH?gXZbwRnX)E0kK&U&NlAUHe z-6@m;jm0SKnN5{GH^C?}(n?4WyB+}G(yC8}(6CqXsn3QDi$k9orFX*Wau|x@mqU_6 z1&CO{zKV@LeM2vwORWvHMpv0XZ7Doo?#hZ?smr3&tAf+Qk#1#$MuF_hG-tJV+X zva{|opg`w*+?8b1To%_MH+pG&FPct#1*QRoc;O8gvMmwj@d-(kY20b?VhshPbo#Dl z5#2ogebG{AoowxAY{BV{!#?6{nfT8d#)V1iF5}Vt@ekkzp~*X=m04Z~S`fK8TKYrC z#~?Eb-#>*@C)uQip_)d@RbOz;ehjK=rPvk%0Rs1zsx&(QHEGAhyC0RK#W0i}aUq+qmH=&eqgDNONoaoegALMN z98@d&e!MnKGgx9xFp4XvC4bp+V?|`3MufGt_B&H?x*I#|5-k->Z1;yIp{7gWC~iIC z=1hnS`MwZf<%9lP(`l5j^LH#6wYp{ITG60HWHmZ&R;{@ASR22r2Qg}0`FKs+MH@G4 zSyAy=G7xHru4Z`=!pfhgxAtd$=zP9Ii|a6vU?)eGeDl^LDd>|sZ`kDb+80#b9nJw@ zchXumA}?wX=JVG{Mh_FoFvIf2hVnULNF=F$C<9pG6oZ+&w-^+?{gGA&W|XQHS@bN5r4{zs9)(hf`JF zJ<^^UwLhT93VZYHQFk6oA>f9xI4^8(R=T*Fye$i`#c!FInA;HLoyxv9?rgeblIqNN}Jg1s}OPH3zJn#7%GR z1rRyh^i=;rVIn{p%2->9mGY)d?H3&Q=%C$z;zWtP`%Kk1%cQ}H3~FYd(j|{p5rO$z zQ932zPbtBM5}b7PCjsH%h#gbv?x~+|4*s6^;->eMgW_9OYb1i5H|te1`!8!Y%>sQvf ze&EBlTVSQriKZSGL4DYInX};BPbp|ULNWKQwA{Y+d=l$(b#54pkWTX9Y7OlcAeKx6 z)Pr}b9CfdRt&%cNT7VdCeIJ?KG-vak#r_=gs6@8k#Z0};INk2AuZgh~A`<}V^HZ#< z2(|Y*9z4eVQC;jN%$2PIT2S6{0s~<2ll$sH&KiI!D4^;Cge>Z*AFui^;N-C)59jkhYS2S0d_bpd@ zA_W0zAk$WV45{VP&1A!!>6!f3eRk71eW+9ZJpks`r<(fDm|Yf9-~YI|*e7p=BpzN* zsQk>4v$&omb)RVU@ieq6uaiC7vt~-Hg7Yt)sU~y@Oc_}^#iHHpj^)eU=aZQFjvusM znmqcQZI55+90TN;b3fa{7Gde$QIUF6AJC+CNR?xQC#opQ~{_VJHMgGVOXbnyWg14?OfECqBR# zCc6ocV@D|5#$=9lW|ji(cTM>KqK)Z=XB%K-fK>OG<_vq)$BL)UnJw-Oluwnul^f7D za11a4BwT@p6%--%7q;r%y1c(!8db}cl#rXnkvP*7-k18B6!`&8>*2M|@dkr8htf$8 zlozuRGSzp#6vn~CZ?+558(p`+2Y{`IFqpGGN{~FB0L&`>HNu`4f^EK+9fM8~P?GEY z`P8Vej3@=n-=$q$XyMlqvri>ayKor8T*bvwz~kPf<^cu)(_4Vf)B+ZPp1|1nUd{|t zan)xpc&){@VbA-X4$trxn1Y8hlAV!U`!M>(yCauO0S3#^&gb04bqe=&!jK`rJEzu# zrBrOK!)E&c>Q%!KK$S}|s5Fy717F{0wAD`3ZrKE#)bai4VQnM*%&ow6yp%1wa{H!+ zV2L7cU$Os5+i0fHXm0TWmG}CmHV5ICw|SJ#x!mA!4KsXyom{xlk{QR^f^R-LZ~z?3 zZj>hX-A(I)^w>?Y6uh?6R67qzJ?HdT@TB0~`Sv(H&-2MpIHl3!&)3gyQaO$B*SMoK zKq+ZGO5RUJdppyxTdB4_qm7fL{dgWaig;D{mOW zo>Gc>u_2^{wq7pIP0{i#)A~N%E(tLYh2_qS0;tE2dVqJhcW7kF)Fv>H^X$>I`MTnE zzpYB+=8!tzrje^3IbOob^6@lALh!(#d26MAzcjtZh0(J0{W+|j4MsHkY`=W^BVZ$d z%GriZ;eWLv;wVGz7VJl$syp%ngW1MVAJ0}%IVI0x)*!!LMr?b!s&F50ln2*r_sL@j zXwX=kP^DDUC+@S}muv`hC47^xohemhqbm!^>g6@WMf`z2hGeA%V4+K55P!4TVLXLU)TWKz2HxUk<-e z$RiiD*C*(G(!g!qTkSq&EJV&Vm6|X2x>{Ya!ch(lr+US%{Ggqyc}QFEppgVJtgBZw zPVQ({C`hsLFxk+b^PWkMmq;Y;$bUHqUC^9z804S{P*Ah5DTK$GI}}EX?_bWzHqHT_ z-fF0O*YtP8W;&--?r~@~Wf%9c6;QMQ^pX9tnvs(&tYY0S64s6hYpN~TD~LIk9qE^VE9TvK*`4WPLT@B2H>kROLg6mDKKMqPsyhp@T5T{A& zyOv*RO zMM$7;8oUv6PFUt?=0^zOqME3$k%iD_9FSUPnFGUrE+xPuoaxqQsEonGEY`L6;runC znU=+tGF}fFS%78vq!YdQ9HLFs_e4^QP|gejO2mYd1X`_lSq@fO;If8qiPE+|aeo^S zZ>Rtabr^^N^Brp<|lVjrs zal4JUzXYd7QM`22IlbP8H-fShWx}AMFeDYlbXg6 zzbkH#g}Uo4{!yYJZaY15=gfFM-MA-=z0*RRlyd1zNKCU`MV{h4|z(v6SE|PG!4_#*(FM zR?{0TMvTr6*;Tm2*K(B#GM!eeR4j8<{Zw{aS*|ZvGXim`Wuy*N!V3r+-i2N@N;(sD z`8_9__QtdWnFG?3AJ27YpL%b3X?I}CKLng+E?pVd2TS>jbMj3N@dHfqUXKn$^d1e8 zdoh@pkvIWkxqPla%FXthw2w?(+*>e88|(3fpH4L@_z#7b3h7Vmh_7C@j`_=qbyGei z`BwC?B%A0Rd6{8;d1zpAALQ-F?O8pRa*H|FSuj8r8L49hL3OIWAFFkzH?)nu8= zg6R%0K`jCZw+s?&y?~;CC7~n5(81OrB7094iddzY0&yOsoX$x(Com7s(x?x!8vJd9 zI8_E0(BwW%A+9F{tIJ$j8qNc}R52b5lnMGc;V!NgjhN-9)#|Ksso@>LZYQslK4Kqt zi{cP_Sc;enilEH@oW4jsS~&Ed($AwbDt8*RFq|ryxpeZI9W}lGqjzzd`zZeTHzP!} zXSYpW$g_W1;-udk1Qy%^)LN@Vh0YQ8awR2qWIEy(aY=Ad7{P`Eb}djR!mRl7jP}G-sE4 z-Xnt-3Ztl}N+8y?ScJ-w&OwFc;|^7#`FB+%p&oL6)o4hY#|V#b-hW$pb;vY06S7%I z!~OGN6>)>47=MFnBo`VsYtU97wAx1&U5Q1J!bm)gZbx}|W}YgThIdk&Tq1ERuYDIi z#cbDDKyf|jhiB*NUKPDqy?o(08NHiin$ z_Xam>R=BbGiHpB?NzPBY<5|;aayBV0(%mNeli(4Gki|B(sf8I`ermK+EMoEnk~dcP z>xEoJeL7dU(Uknp@-xpH#B-ey!Ph&yI}dc4qwqJ3>;5sMV?Azr~us82$GK zB*p%pr2o?b@D`8`!Ak=?FeDjT-Ai-`JDFMloaJ2z;5f5im^ZZl;W2;v&7TzDbW`~o zqQBLf|8%E!A=3S`KT2F!k?6*Lpa2S6`$Q)7YCu!>W~#ziCqGTh)8P;FD}IbT=CuK! z>4HQurhLe<&H9c-!dVLdPm{p<8_(ysm!uq!*wv4}AfMSDFNBQc$;2WT#Hy;y`2h2W zJ%F2D1=lf8n)pEG-X^NsUmdMXe%1LbI1=l?3|B~Q(2sGh$zCVur~n6bD$4-2(I9pJ z?FMvZl$nB%4EKZinVZW)M*suMf$P#9JbA2ckK+UEmD|n$rRq0qa>25+B6|SyFqxKE zi{Z2X^+gNyI{@~XeqG&9=64~T=Xrc$HOu1tF9;+&SU>Iw7`MeSI7K5gT+H>C71o0Zcx*SrC zJ<^SV8QDeV(p?`Q^i~xE^e=k=UNG3Fak>%B)mBL>7d{OjZVT(*Il$upH0J$1=4^jX zNd0wO(j0<4?O-X9IuKkwk`c$XT;v!e@vYYy0j4hWXheb@^q5v`aiHa-ecxlB;!ha+~U{K>J1%SkO z3=2$617e@uUgWlZ6pF!BKwt#f#a6yxmFy;M*@c?JQV`=x!n)b)VI9$Yb|+_eXY zE*lPgx5Vmui4DCnk0G9ZhBuNYGSVW`pObN<|M^=0E`uDI zclj)4dD%jaIqif&Nu*|yYlt#?fT%B;`l7v&ik5k&36K7T7aQ6oGYt)TA$QGW5(n!% zprtek1h7xPmf#nSjTeASQzPmieq&IIn5yjgxb&Tf>!v);wGRp{RVOZDWME+A@8>9O z{Xem`W=~GxD6$-m#IIQZ(AcYo!>xLt-1mRJg11~KuYk41R`T+&(9(QB4gjA_)>v!E zv9tgL^6J!VVD7(|LGrXGAY$$O${WV|*{c}RykD=%z6eKn^_e4{QobX%uMC1iyUR+{ zD&(Rbdp2;Qe?v>pEsp@i*Klc^S|>f#8YtzflV44bJ6tqw1Mmi- zUX)z^5MFXW=nKh8ODobY zQ`EG>^`n{d7vD-NPWb-l^QZmp>6au+6Jffi8Cwf>zdP>t!GZ&2yVi15PkWL1dRR

C#%eTm~po-$jXU=*Q2Tv<0SY z+)AiCkxAQH*E6JD0i`v#sPuKdQwx4B3kdMyLRy+FES9LFg4laNk9O{N1AO|msb*vs z26TMnF9?!+5zwBiFtaH(oGaAgm)4G3xH8hSWYYf*JO0o{bCS3jyrKLPrL_ ztUe%tg?w+lz?5pW2;A6%a~iy(+0~BkICMnuRLH1S|?XX=Rw`2 zu?z%&Z)tCkO}>w}@N*)(FUm-uOLQtPvv22gaOAet?3J1fUQhZ8b`bglTx}gd_ll;c z5)F|yJVG3X+jR}ZF_stPHF0qXojQegiW2YKSuk1nSU7+Iz7USiO_u6?cfxukEu$L` zS?i0fA$Td=Im%G8iMSGbC!btp1@}~vJ|~Rs z*nPm{gNt;m@hj_qdiH>bwxZA;B*WEySDl+~g?0_dc;nA^r?})DPc_PnK_B5V@zqwm z^)zP<0^C296`G^tfxQP?Qjd-Kf%(uePF#CDTtLvO<#-+Su=#8sWg{GQ2^2E~{uy4$ znYT?_3q)5IC9~mzQbR(gpY$IkW%(vijS4ECRC*w*A`_$Bs8qHnoX!w0IfpTDg$a6_ zQ9e7+qh0oovnYc+hQ1E7aqq=-#kvj7u^+N?l!Mh@#Qgz|Y{ z47D`wPCzP4Z+-plP zQCO&#ZD=n%K7b_#dUjQ}CQFpfI=Z-=$;CnrY7Dp@G<9kE#;`%%iBSR40%?N6Kn@_M zy|g4IP01vYG#VQB-N|7rS$p{oc0oJN4?151k%Cs!2=(n`7dilD5S=0=Q)6%y6NXHt zM`y5uN180n3&hCBO_Q>a;9-E~;;2hyd}&&jgJtAQF$s%_DFF$F4E(x9_A+6>4PTd7 z05oA^5dA*Wi(64dz1plGZ5dOUV$v_)%Ob4v-Rp|LIpQ*{Bu(K;DxF6)75QYDBt{Q0 zIp;Y5Pj40A)R!4dCMl*zid6yVXN8k3FbUKAteG-K?5tHLcz zs1j=GlY?wF&MwmEW4wp-{I||-zgp?^ZpPO-DcJ@_v%L1`diQvv5UrF5WFH1dXq&L` zD_(*YR*dq`aC-_lwQnDA zWAH<;@FzJYKs)PAo_3Uq$GvaD=d`PWT+DSlZZy>%%uj*Wm(NCqPeIbMXqsJ_*|7vM zD!ZsYj!h}(N*0f;t71N^+|ZRK)C2dCx+CJO_|85+&=)5IPGQ*!I)MDc=kG%j<7E6_ru zpY^n7XUA(MRm!7uvO~x=Vj^${Zs?#91{SagcSO`D4NbLh$nr=PlZ)wk;FvizKx$CmnLQ9LWLEAv&p|-&cWvU$NW6aMniHjF3i>Ldgie+6J3=KbL zq{Zc0oDzu;z#gQ>Bom7d8;Eu?Zqt~3PFu!><-8Jg9_Ewa$o>wRWNzEN+HK+4C(WJ+ zO~bF8_$X!cpg)SHGykjdjPPf!9Mu_o0uNs@mWZFJqL4)))TEp9c-AiK%RBX(<#YT0 zFZSL#Dy!{n8x;fu6=@NXE(t-92I=nZmQHDDNeSuh?rv#N>F#b2B&8d^x!C)Ce|x`U zoWIT)<2&b!Z;a=UhsAo}6cGGhXhMcZ4}vX`DWZE# z{+7D`<;ywi6;JzDui;EIp5~Lx&{(p5t4o&=Sd`_*)nz8|ea4%(f1Mt+G|^6M32X8B zQs)%6Ey_YWbC2VIv*wqTMtm7*6=|5`giD&aE|?%PpJjSBy;Y2-Iyj0dMe6aX9}(@u zw3EXTrG;T<3ixbiq^by&>x5%pVr_ek_$|$ds%CgP8_}e5M{v(oueeUAnZ5DAZ-*oE zJCRnA5~04#mM&Fdr@tU~T`Mb!MNCveLY5a{2oDl(_94F+9^mEBf5hBiTS||Ns_7eQ-@}-x& zXhe_N;#9A*IDL;%13yx5v|Vh!lMmAI@sj`j`LKu2ZZ4;ci!cofSLT6rtlkr)+cKTB z*O{1vQI)F-agv=qK8KzsUiMFh7u&ExrDqT?+VH+G!62?x8EJg`lu!Qsof7qwJY5-z zQuz|P4{?ZG@L?B)6W^zP#f|nD4oTOZp85nExSG10yOD_zxGnhXr)DN zJ|D7qx~)voX!A&l(7!p1EFh||=80<{JmScPuPy(?6R&p&+e>xP=IkRE_&tchcO0wt znbJEN{h#Sp!y(4p-%NDVbt~a#U`m39kzkr_Q80CjD4?U;H-t<0AE7VEVy#GKI23=3 z<`TYo!OdAJ;+*9ic^&lNv>_4UP#}_%|Muy8x>3jmj;B`*KVVcMUg;g})1c#wn45gu zhF41vICbt>E_#ZyF%t1!X$O02q^{Q>sWr)3z3q}a_pMRV$OI|nhESxn*?U(`DFF`- zB8F8hyZEMsI%|WZKU*Fg@I$$)6P)@R|9&wOX^A4{Md#A@9e> zwjIUVy&a+M){jG_6R)7HKT0YMFSdp!cQ_j~FB8CqCaVa1r?GEj?K^(=uA7Fa@=jNX z8(+G`?8^iD0Qhu`HYA?~s;G{Bs>S!^0!s}3_B8dhM2k!Zw%;Pk-*Rb$Mh8sql*Lfs zbN^3bnlZ%twU@=3FyP+eC>Pf7oHO~$zlo7wev$W3?4z;W>_(*9$X@~q=XfEYr zBJto?I&&dU1LD*tD(QBr`@HibmgP#i!`~A;*Ta*)f2{k^=GOeVI>`6V{I2(Tuc(Ce zZ@mUH8Z#B$DJ?Z15Yj>g=}lcxC&;uheNds19uDGI+;^R3JPx@JX(dc_~)S5dF?dOdQmp9-@lc zyOiC7f;4G6aB9S)vG3m@hv~3=ibU8~)^%B|(wclt(rA^f5wwn*R-hmN)}qJI89MKI zeKk}J1uq^ppEa?y2Bm$>AMp|KqwC@Ym$LX|){AdcivQz!6bNNz!DSnR!S&BiF@($C{-{{+ z&x_zYC8)kAlGyNnM>qfaqV@%BWE0B;3jZVaDF><*fgY6s5sv-iQ}qn=OYslI{C^?Q zz=jK31DI1fjX&uDU|ykVOSASP)ISEK=OYTop^{H)T!#3ayHe!uZKnO zbVeOuO5R7=2;X>yF0$aBl}%IMF(n??Pd8Y__s3Z>oB2(9U6{zra-!wE@{~&MuRmkl zp6)eoCo-fiHmvz|X^3m7TeI^xx;J)@1_UZ<;bsgp@@7Z!b)beCQi9`3GI!`?GIZ23 zJ0190Q(w480&5|yvz~6qv1d_p#AVo9Jau|Di3i$gD*}q|6)9ms2jBgO5=lA^ZQX`v zi+VMmtP|&zSkOHKF^u;)TWc4_cb2&0kTq*prezU8dz&VLAI_9;uWNxH%E2|C_w7_I z#?3nzWZR@&1@fGrP8o1lX5JZ2SpDAWjU2U+P$;<9?4(ee_apYDm^gepO7&Q|HO#ex{w<_4THHTizg-lw ziN=wh3bj_41n52nY&@t}J@3$Xh^9TLE0I?393>V(Ee|nN9J8jeP{ioFrA3XvE1HSY zVkrtJp>f2+1^dlhmnfVsA~a$kfX5d080Yetn+RB8c;Fs`c_H^8ObRf(F|xu;gmoDd zw&8jPYBRw6^Oh?m7#?;2G#YA!n=;tWdoT8|m3XnghJN}C!yT!gi4|A^ zX){PPad#(sHv3H$r-zk>((LOi2UlXX&Ph(*4(kP{?8>(SY2QKnDtv>ra{)D>B5QRK zsnIMxxA2hVJmnZM-{i`#G97IcJwdnUrnyf~3DZD}<|#xp zM4YYPgUQ14R}JydH=PcbCk(zO&c7k&6aQRxvu8^f%gK&*1?5j}h7VWo** z-;`H0IO~p*c<{wGs9q=>wA9NlJV8+r9c@_=V16-TdIn(hIlPQ%?!se_!`tvFevcyM z5v&);Q;hNL7PgX`z_P|z_A+Abz-xNQeza3r0@T5eD9v{dS$>=<4>YzZEOt^7dqH|w z((j2B5hBq+3HojC2No$c(gY&7fxp#FMin^0Z|VsFo>x;L^Dz+^aLlj-Qp~eGZ^X14 zSv4allIVO%@hIC1lwnmQq*zHcf6p}34LzD)x$yKJZC9qbe_bH+?Efx45#t z$%BV(Rp}{0J%o-(6PLP|A(cGZE>DAI%=q`)jjt87(2RAUw|_fSwENfgl7|2;7o|8l4V?^%Oq2!D!v@uZH&hBB?=6=mLCLa0( zS5Qq*T`p)1-|~<1TY{RDoLLHAZ-3i{^iG=_ou(VI_1kXIj5re=`on=(9Pb>Y{+S5ia;|T z9BAEHDiSq*7PKPsitc?bZ0OfE@@LFBXL4{yO-9Rsc-TWLkWyhc5Qj zXU*4YZ29?p)X-)NK2Bh=bq5Jk{MEEGfvq8C$Yno-i_NKz_YCpo)gqAyq-wcCocgtH z^!*0EH{%xRe6g&lNOry3cIfp9HIKEAsa~zYF*V}8tg)!ul5-ChbJ@T>UD{5arnB;x z&KXo4Qc^8#bz_*Y-QhOx2trY>wLqz5E3}mLC~%BkM#P{E%wH24Yzl0FE$0;xwS8B ztCD|Uwm)^|vTm+#q|(`fc&;gu0MG%E9?E-|-tMrKeq6hYS4 zxQCy3>VxEih(5u4TLG}-`agKwmCsS~d*5Nqf^NFUqkd6|^_HvQraiRSEcf(ua^J&^ zR@q@8mAP|*V;61PqwmGlG_p1|@uH(rY(28E&XZp=U9ySlfH@fe@}+A^2qfQ@#*bU1 zE4~FQl{3WDxL~HT4%v~OR1{?$pHn6p)G7GuST}|pT`jR`)XZbQx=ea38h>1DB>T3S z9l8s@u_gFzxemo*c;#ztj-By-%|*fFP-d!R3gdLFWz+JH;=9JdKCVy0<~@_0=C|fY z9w%z<(U3>5huGy-xL2S6j}E&o?JA>1*iucBQArWt9KT>50u+3vTo zTkPhmXB#(3Y*y+0n%}1CIkv^;3rKhJ=dv5#?A2s79dzK<^iUN}@MIu#~_wddDq=bCp_ zmEmblY9hQ!iO6o~4EX*7Nx#k#)XT6+~I&&8!ZHI4sii5KGk zG;eFHbGT(Qnt=d!fUCKZ9)n!PCHK0x>2ziybCIDY&lV-Ia&|FEYea!a!b$kvSoc(- zNE^-{N83h##v385=Yz;=VXKQbcaiYBN6Cp3)TyrP+{)THxfTtV3`7OH%;sr#w}+kD zPO(Kh0SLDvC;h_3y^7qm4zaIvY#UCiDN@}hMpYc=b(yUeIJald%#>M*D9lPOPSldH zQ=NL0v~p^vDXf^^vSDe09+-i6jdz){uJ3t`@laW>9&JzM5#5+~m*82fyMIHEPi8x{ zxC^LWqdB`_ky5Q&H6q#d3`kXV+^Ar37V+@7J$E6$9Q3=Z{S;p9vSO2XyN-RI0OD}9 zKkc^f)_>@WeOo)K@(UN6)!~;jIO(*2PKW`^c6@)z>51MaMt-o#g6)z4wjxSF)%P_A z)Cw}8a7qM2Km3q)44Ud44r$dp=S~VV|NP7{m%VUHa-l$a+#^z3cEeG4T+70pYSN%} zS~Y*uLoxlyRd-wad#r8qh25mUkJ!beQ2fH6{h;S6`|C;-qLJj&d9s;1%Z~`k@>4xb zp@T5J1Bh>&-_Ny4@?)yIc)Y#7=D^*=4yjg__kB5tV0Y)f1`6dpZkx0aOv6X2x@zBL zQZMRjYRKwwX|S*o$C3_DK;Ntsph(=G_|liqlJ`4cs?;)hj@X_hp1XmkamwK2&UTrz z5__*=IcTx^(SGxMgQ;XPJJWW>2{?zD4&m5i<@go%VTaD+A}ARD{Y*y)-gcd<%h>bN zKAYM2H@i_$N;OeqeB3=rO}00+*wHd@reDG8$)u#)Qvx}LV^lCjgua;QJ z(R1mM)3wayvA<5MNZg&OLeVC|{(QJTKe(Mb8oV2f4tiL`{r-H1`V=H`Fa`XuR2N+iq%N(Po}cd}<*3|_ zuZkcQVh28?j1z1(iOTv>_AAK8xc~e_(s}c{Damcd!-C_`v2*4LU1L}<{alkk_*?U- zvYm2pb~_-&b;Oy-reB3KNd^6gCmM40v#~PG|8{zLh+&==l~#E+jp&A@`@^-b{lt(y z9#)lRaJ#f?0Bmr(wVn7@`)8`X=F{m?l*4|B0i5=LN<57U(b%UT&{T%}@6DHx%+qS_ zoB5`3t&V<aef{^8Y~H1|1`g;+d@<~#;fQFaGV`U zoI7eAqXes(DFhCDY0B&LH(=0H4{0gHSFd6k#$mtn-Tb)ie5%XxnrUL3Q?>zHCG7y; zh!c`y()^tPr8Vk3S``X(Qx(53xZgTKDITM5u4z;&EzX&zyM*f-9!w55oZ4M}QD>O3 z8k*b|sZWa%A)@S(Lj$)`L1#3A2iw1hWjx?6X@}XaI(9Fqlf_736@@-y6IE!DUcOxW zWAk&zMKmi+z$}-XrBMnciHncVNy)F*yT{$Xn*qLS3K)a zh}Ya$j8O7!IZ*64^(1EB;*kaW)G1Cm->AfPEO?C~s&TA!I+aa^#Ql)SM*3F?O*{r^%Y4=g*UgcE0kiGB}n}V{752uS1&hl{7u5@Jl~{I(wN@peO@c-V4t8 zlfxMGonkTSAOqP0-hk+TQ2dAX=#(}VNkYaz(n(vEXS{u?|w|cKC90;a` zLqWQ%86{P4EAYb21a6O(cUI5h-6%cIKl7&&FCh(4Y~q@HPuR{4$Yupg46*>|p@)h! zfxvf@`P}NKj_LoW|F`dxzLNKJni}osz`5l~O|!~E0;Nf)0#1%V8ZFd4^?5>AP^`fm zu10-+Cpo}3@htt$@eVGOf>C6FFgZ$fJG+*2cs$$ z_&GZddN+?wXVWMaI^YZ^8EFTON}eO^u`lCeq*o)S<<3SqhhP>mLa{HTXE#u$CZ@aTleQTuB!S}$YnbK6K!hxXKwWbE!UO&e{(9az#|(>kor?2A-3 zp)hTaayttx3Z~T{{lQ1CxoJ8qIu4rQ52#kxButkE<$DFZg0%;kKcGEg345P`L_=(I zs@uHMqK|oc=4&j&Gqv`oZAJ1Ma&n_g#6vZ3&-?Dw4nFN$RK}(6|L;^z#p~Mw34G76#e5ib=4c)MyH3uWD6s#(JqR=FRm@)Nb zH-n&sevRm}o)_-p+XLwJbx1?Po75FyYld0xz@Pn)b%%qF2Q7S_uy7r7#tw}bjm-&4 zgc(vnJP*-y9P2RVb5Lgt3O%Vb1+hF2(ZaH`Txp^sz$%c5%ClL2cCw;XHuc(EVW5Mw zH3;oDhMdUD%3DQKwAT;8DDHV6D+)@$_!bJ%(6UbN+^Y9Ir?b>SrE>m(X1xE4>96SD zrsOWN@HV$@#@R*He3Xu%>&Ke`PaH9k0OR2%L~m&)q7mQ9N$QcSHxWeQWgw@8h00Ry|5!rKcFmuT(t) zlnyTO$ZGB8+2ef^FLi5{pBwg;$n4gEU>68LhJn@mWf7x+>VJ8P_uI-=z~|@nlkye? zG@x+*`N()f;SQZ_%HIE6gUlmo=<@$d?q;vadMlqJVbZ-`uk^1vf!az~*(sAi-T#kI z-fNgTD@Du}OWJ=_6smN#fW?2i&wqVM%K-IM_&>M)f2IZ4m5%q|ExFt}XcFnoYTjsk z>tcwP@SK98#WHko^>%yu^Rb(TP0kLbvBdeW{(DS2Au1HhdGQ^tALC54NYhay*;PC2 z&a6}VNr4?`>xw}n8zJHBgR2Z}gbSv)v z^S9cuw)vX=d<)WECvuesP5adP*8^DeK{oxo!(QFS420KBbv+CKK;b@i!1o_*-~^OO zc7Rk)?YlwFQ7yLR9o5;@i|@Wqg0Wo= zm0$l{HI<+gkk~K_c;NO*RSzWiQL)V)aLL*5Az{<1l%<)jC;IGc$@lm zxg0MwFD$Mxt-SgzL@eXqx-(sA0pQa$l>_X(P(CS?*AHd*LK)A`>#O<)TY&H2aC@;a zo5W_jb2P|Z3uTikX;`;2@BS#3-2^DRfg|Zi2hNg?D8@0&TqVSzPP)cF-=7<>EC{Pb zsjRJl+<(=Lf#h9)Zu5UNKB-0oBJjmy3IP|c03d1(0L8T+IlA{5$Ie?^Cex^0kW1&V z5g(Rph7PBfLLV}6nL`~~< zEG~SdV1pRdjzK>zAT@LkJf<#f)boCXa;o%<_8Mf}?|_g)IYr8+?+|nx=w}`LZodoX zMkoZylGD^A01cbiat48hLDF#9` z*$OCctyo!uELE57N6#|>BzZ8!d5aPfigKIw{{yghxJ9Vv9_zplp;)1*A75|rK{c4X!jz1J7u6Bl=eHZ}kuLIDVY2oClpa&X!-J{L=h(eFq zI!IP%fCh09*3IT+<9C?;ZEJ&U=zR^s(~?6?t>4K zl9_FPNzgqRDlKh16uZ;V0H~YFn8)PgFFeZjR!%;vSjzpULf(rwK2unkpI z)*P2^)B;ir&5Lx^V{*4njiAPctHjCzogHD0YsrM2Yq)m>z8;zzKadm@aTc8RGYk5Z ziw%1EiwuQAUQN@?LZHqLr19Ht+j%$?5=N&BF8h7Y)y>1L`FJ{zCT^2lh76O4BbpXe zRTwP&NZ*-^WPRO!fkRQI4<<%w9{||LS$lozprnfjIAN+)xZJN8fed>@DHi~S{!WUp z%N(%B<4{ED&pimUe$2z%|EIk!`hroE17Bnk=|w#FIqRxV@Xl{26Me(;A;9&2k)Boc zWf+)Qxtn{iwi@z+e&ueK1LZAcU@swtKY9ru*Rl1`UdtG8g}}2TvCi2oa+mz8^`C>a|hVQ>2q1zlfJJW zeXJay->7>r*ol0o2XRDP@0Vycbj&^MvBHkpcz-sB0fp+^UIMyq=Z0zByDJca@rQD; z-4nTgqb;$O`7Hw3qvy7k>f5b$B_Z@if&pyQc`Y9Hsem3pm7e9bKbtStFN7)j+`gZ4 zq7upaxr^c`%L}wF?z?*oE^e{9Kms&ewMXf6lrAfP2rZ;I3uhWaf_B4kO4tX*nuB z>r8&-Zc}0K&HMdh53RFBNNS-Id%$L=6Stm#iP<``yqvE2oOr#Ge(XJa2<7HQEYYTI z^UIk0H~Meo7~W^X1ma`n3p@-3OA&F(TAKH>!$4mL%$%ri(?8Fhlr^jc&A~o(@{kDG zFG-OYL}2EoAjovIXPAt4GD#>W!}V8>Z5U!-viQx^dQ2E2oP&q(ETg|8MdLs25xJ|| z+rMjdpKbR!_w=evIA3&L(gbNb?&=P)I*VK(f0adZ4IJ}n9}D%bX1 zP#q4|qEd7zuf``-aiS;Qbg4uh6NwK7J()H&IEDK9X`goutG>Q*TQ=NrO8|*F9d-i% zPc4_#=6cLEv80ZHf^KB(&sONUNW10s3a{)OWAb)*&9~CwQae9|jr|me-*iZiAMs(3 z%`&Alz7wFEG?rRXl;YAS%n$rQp!5$>l7B4aIi~Y_K0@ z08|$VIpE07-}i1l;I9rlYe;b%V1Jd$Iqvoe>@*#W%Ng`vq9WdwCu~i>*wTvHNVR(4 zA(s4ro{Y`n(YyT&(osX+3Y|7sTn>k#Gi4N$wFX+2q6~kRu%D61Ha(OJ^L&;PmZ#qv zgt{@eif|W_yH(94QURgwWP{&NX^jRV?6(&K+mWwrqDQRjBD!O>$kosO9FXfq7dmvE zNLbQR@ms%s92Z(cqNcn~#6o+~(PLi3`kY0jOWC}DbN!TDzN!+{Nxob@ZU-bB9lIaf zT!pzH!+JDsr9$zhS!56sqD?Q1eb3zeWq$(~vUz$atO6Ev~RrOh3OH^l1kuOX08 zg8t}dsV{a>IT1VQ3+Kp55w=-=n&Hx`O7wj&YO&2gu7ou3LwMpBfs$7?O=9-aU%ocj z{YGcL@gfANGa+{&mYb?}fB`14GVgpNcdogLM~F&v{Pd%iY%j|13qKxmRK&rsvOMn& zJT;k4C+#>5iW6>G%MqJ!S`j{ccs!J=lg3foZpoMDnreu`ma}b4j9H_OvMIsCHcy;y z1&{O_juDHT^kTJc*EBldjz5RpeY<{*wU4^C9;$02M_aROoC{3^ z**~TV8PvmhMX04j*}6dD>yP`N%iQ9&Hju8hB^^zd=emR;=>59gw~KC}PN*Fv6qjWH zMd3U5HpKFW$y)FzA_}Fw&o1t#gvBt3;A>PR&|C|@gHSwgMC zD8#kFev#5a(ET_1d}o2S>BslK3#?<0 zoqn{G?LjdCJ&=QncqVqNnh_`UMlBPGuU(ZL+oa_(w>eVucuwK0;kML_>3g0rAK}k1 zp))fY`Jqbste_b6p(DDi^#(g6Qje7w%lNfs7^JQ(A~WBk(&M(&%SWZHA8#fkQW0<- z)3)54&aPJaC!me*_z66G2%l&6AZuwnZ=I+d=W$94FarDPsHOl7)g~4SGG`J;oXJut zuC{obDOs^TwWA1;>{5v>+mU!cL5W&$Z=Lf+ynH{LcojoT5orQ1a*xlkCfo3UDKc*#N)2o+ zFexiuvU_uxCP&mGI$Z9x@UG3w%@tl%O{BkY!uduqJ;|zSGLK`WuQyq&TCH{F(<@WAnJ3# zNM?0W^G1@W84EuT_`^xLiH~FOJsSj_XhCtr3|brg?6LN7ynxI z{$bZwN7_D@)_LViW%<4C&H58NM-(`+BVrFrcvmW8uC-MJircvBs$}%F?Iju<`r6CB znaV>C%FmK8Sp}K6Y3GfY9>jNJd0m4V20lCvc##B6Uh-H38Mevlu_&&i^zf}hvqf%H zy~QP~-uovU{$8r{fdaQi1)Nx~cMQL*n5!I5Tb|vEUxlezFvegQCXm8>WE}CiP*1IRKtkhOPtmqZ zm{=p$qAPQzf{8L9wsoX{Q;#yAHs5Jm7ZCi33v4E8pZQ_->O)VgW71Uoktt0%?Cz*S zNc<0n-tk9lrAWC-ZBApr&SH&{kUJxYRi%CT)Z?)rd3esuVbD$>E`jTo^Utkg=>6VY znX4pvDp9?%{XPfEqq{p*n9cf7EV=?~5&sjBMq%_)Hv_Gqo01Rg+E1J}opKMp0}i3| zc_2HRv$#*LezWhD5*%Q!yrMA3or>cj7R>{{zDJw(HS)kivYI)us_UDxfvqoNLqVt^ zVMKsNqyFufxt4-mKo>*$bV!E3A=)}sOkAj;bh6Fz8y4U7OonxJ+Ln*1GJzzfUko)O z>-@1OQjKRuy51#l&vqmId8HB?6qDre*va!ObFZb$$MM*_j-@MDoL0_Pw7{jA^~_p# z9rL(v*oplY!n^IcyLJ=dg2Ty;6s6gDeW6CF1l958JTvpx@8~V22%6=q-)Al3!q)Mm zrCnu}xd>R$?YK|I2`vx?5I+g*AZ#m^=zQYLOrDasbrBmEvq&cXAUjLnDFPRcP{s>R zMobKqT$T3$Eb8Y6a13!^%fy*uQ$W7|lkfoyBF_WZbA^=`DO7z*Pi(UQqM` z1-pMo*eo2w>3Tq2aPq|8wfMV0o)7laJ>eGrS&+{>@u)nMlo&ghkN;5>7(_TwzW;OU z|K=7@&5i1df7kh(R^!E1s{EpOENwNAdDXW|ROkepi0!`yQ&WdevTXj*pVRzle0`!h z%8olz<)@HTnm-zegjhh9V9@gkKoQumnGsZ^RIC=i-~+pz%XZuE`U^X2`izIOVR0iAp2+06GeHj8cnTS z1OMc?N-CFI5zr>RkH`Rr1BY8{0#`1Bv^VAr^>%>_7noark4>Hs)GlN302-3qRQLK? z{3?st2}W@!fS}SIh;@^81Ik?%DaGD>I%hjrwEav~Kv8WWvAO+}}Mfa<(#+fvVfN<1%7br2+fOw3NKyn`3Ki=r)3n;K* z0n+r{wM(^{8U^|GDMLP&*z^;EoFhjsdncqm!+1_1uMm4Uq7-cg77;Di^TcB#6WiC0_xf zAz{WEI9tcJwM9tAX97&hyM!W?mw(Kd3PG%~uxxaa zjn*s(GaUpWCPCgi0|7r#Em=TRSgObEH1$&`#`U_#vom~`on;$t`_TjfPdnqw*mK!YDJdH z8vx$%Qzl>g4%qhHP1HS4Z0JX5Ji-9=#DtYtxD0AD7tt@h&7pLnY4*i-lMN6|Tvl$3 zz!EOOl_S*;4)2nb3>*o>qL#3?8cOr@ZEMl^rjQCm>N|R+%~PLY#&}$>bqVS2#`ubq z*g%r<);vJ8`_G=n3Kf}PV2YlZms~{f0WaDsb3Pq!v?-^JH9m02dp)Z=^{(H%+AiPFtPEi$Ibdw|s*E)@LoA}-=%2IKmW#v*56l@P3i(Iv~oZ8Rrso*pr70brs7e1J{E-q zBb`OB9v-=OMrVOyp&>-Yn0oEMXY^Nn2?5FMJ1p#pzf4r;iO9eI+fo&Z${IWc*gWc^2@px-}1iu)$8K;GG>HOSy|$ zNr&Od=o;UGJnM$+RuQ7`E@EO?&LB(-(JAaLLTUj$JpJ(3J&(1BO7$IB3X3k1 z%Qx`CPGU1vCac(WLr1O`hwEGjLQky!Yo-do;uJ>ZWyESZ=a-f$nX!XdUgK=27v;&I zJn!`5xmyq{YD`p+kzkCQ;8Fg49KjucP;a9@Jl$=0&NNj%^J5?o8J4h`U{L27>8kAT4{E-t zNEiJA;_Iy-_m$#qID-`Nubq-GoTsDSDnH{eUa8R&ws(Ci%Q42-J}1rYbuhvowH{?^ zW|M5H8;qxS8s6gqy-H$hIfUA##rWB0-XhaTCaypRD+|t;i3Yg@s}da(SCwGR!L9?x z=$y>nAbA+QQM2CefL7B67wiG^*G~vDr?->TE$i9`WvKjb01e;)0VPpeL?*W2R`7{U z{$pZnM9L4QxdPN`@V*i;egKHsOZVs+%I-zE&5jb`4L^+N)5ADKUd%s4G09jIw5Y`l zNqYgm&fojkOosIAjp!6Xf2su{58-=Q=V22S75=lt7|h8dVT^~)Y~YA#Ve84z$h>n6 z7E>|#TXew-Q{JblHB8+ZNZ9j}cpMHA^-IDl7uSCG?!lorVdfjMt>?%kOtut`6v$;v zvlQ(D2gH|O9KreA<-+I{-|?Vg+qxWM)~naQ_{0r+sEF8ht43Y>yl$<<@@4+yBHX;Z zHq%x>_vr1(@F*|iTYD1t_%Iryv=0Nf{h&7Q^BiDTJwP2(K_A? zC!tz<4f`k&rwGjId6%NildAod|)MrAWK7fA-N`UoD{Hd)h4La zxu&F;RK-paZ+!ULpJvAScd^o`{3}(J$DFS={+{`$i2BF982n^EY7wq%Vn@>6UxqTh zLRkb~KePPQ^|@JAulyuuncZRRTu~oz9o7f|w2QWwUh6#D$UCu>1wgKc6m`7y8YauHuUdAJQ zB_N7XVH}Z@XF}k-Nfgw~Df`@5vPxv_8TnZmU;5s3kBS|i%f>>Sn<{@gdr9ei@CtSC5HR~73Kza#V(gXnPeLJgIZJ|*)x0FKll za6eC%zD!o1dYDZb{;~yB1q{2EL3Gah-I6dDv1^@yMudpEH0DVxLq=@bmS8DwmA^3b zu#80;D`c2m=l$^K^I^CajI<@diX4`ox*vEjh@W6p4JgwG@1K))4!720e>!b+6@3mg zA}B^Fr~>&%zY|BSWCj09-v!RW1-xJtY1x7-SjXv}%Z*hHGXRQVuJbgY zF>meu+h#X%Hf}4kod#%BnA|NygvD4vJ~gm{2*VUT_tHmPp~ru2y+j-GB2x3ycw+6d z{_{ysKC4OOdb%TNw}Aw$1{n@rY!S`ry?e{!fWbrAy?2{=`VX%JwaXdyo0WkZ_Q-?3 z9u7@G7({&*n5c-IJ#JH!zdefknOQ^u9QPAVk%#}VO9;c}K_sA};V$p}f9!wYX{P|s zf5MRn`9BU2DER+X30{+_F8VV5?Uw)L#7s**$R=&L3Y`I!T#st)YcJf5s@<5H=cdv4 z(mIF{d-Y-enRfj^xx^H`<8RZ3+ro>9-FTcDAc3~?_3YQw{yXK4LS~(w$J%$aq0+VZ zg9B9_XKFe@%0I6U&NLG3EHg9?yE(5+`zn6UJM6|D?Pi91*vim4y0#1rxOXF5*Bu~YT~V0v}CpH-s3s`BbAAC8~46ZG!1X+KXuxR7}k%^UB_gbtpDh4#{3db^k4CAwDH#*wsUVJ{CpKPX< znV@<=_c58d{2?@$XwmbMkb|AU(rSKteKCeW41MZH3b76tO8rz$R5`z=Z;9%#biWVqFXgCZOzLMHiGwOnNjrAO7t#1mh7zfX^U-joq z%@!sL*-Ymi?X1d*@9tvYP7jpy5eC?&tiL$5-es+FvoDmhmb~$}u=O3!S8A&<*O=zQ zT~}d;&vQx+bm)pN5rE7s%I=eMqxC=a~z*_UQuJGqU z?dD(?JiW4Wg%k|*ej=)u>j`pd+I^U=Ft|MjatIj>76VCa%zy+wk;O{OwdJ%s163cW z3ILyz=FS!vQaO!LS{wQJRPr&8#)+uJa&G{ZEMPChilVR<^KCR57IFsvjRJOb1EApg z6!DXt(t_8C5%{b6nuy-lKiNw(>P9+33HE2RVY6BVX0vMms3Y~DV%)D);fjCpbsIP? zlRQyODX4T8=hOCag@P0DJ=9$hWa29qKnh_2f>QYK-zLboV~|U{)g%E#c1_$lN7d5y zGELsEJt#>ak|vK_ri`^orm~SqF&1)ydizI(A*&5h%M&Qm=G{$L;HiZN?7CCVe7}VJr&@2iM zE_(?)?rtX-Jh6Ab%j&qmjL^3)*~AQgqIqf6QBvNuR@WJ!(I>>}j_t-dXt`C_s;aFt zlRSXDO_zP*x78>jBfiH`YZ8rm*1^NRO2F_VPOt%Z1nHt~`O@nC3??-)!mi74rr~vTP z-JAk!UeEV{E@GlYlS8``;1H%_aq4r@oT(RqfW-*c&9Qu{-PTzCJr)OeHpcrccg>Ef zX0tWLgGcSy+Ep=c)YbHo$C^Pr$TXP~AAl%EjXLohs~{jz#CW-St)&AXNxZbpZUtzd zCtRh#YJeh7y8vEsBGwLQlnJz302kV9er}2>kUNQdqf*ui)=3nMhto+tz6Nr?@7=go8npqDTWVmTYVTR@0lQ2DB6#*`Xj4Akv>W&5=WL~SOjOynDY ztF{AlF-~HhsmiETn;Hb;veeLj=s4fz2@F7ZEk<2SOZi&PI4e$}SZ#b#c9)+p>R$2w|$bSO4e zl#fP^7EewY)a)CY72(~&oo$?~;!YP!q18`O;`eIK*L>`kVk9NP?t9ZbwrbpTR9%%@LlqtY&xc#VtUD$gY z0xYR>XO%%w8Xz9S4pB4~yPWMYe_Z0>K37CYu%2wajFOi+s64Eg+X2urh>)-l1co#L zYKKdRH_#KIxktU6R*qQ9{lb9TIL7M$uvNB4M<|@cpp(O!T-a>jFB=~1gBa6d3~)Yw z?%x4ySQ7()GsLO_NgX#gjBV0wi3-k|DZM9F<*a};|4Gqm+arRVy8MuyRj_g$d0*?C zoC8+19f<7AH0corE!)h;*bb18fUqDaynyFYPT5#TD~c#dYG%?E47cTUp9cT{p|zS_a8b~>12 zDvL3yG`pYGpI$DJEo9K!%_Mw2)KMP#%>6Z2eY|uh+DBpIX>#+(ZJpUJYq{HuVx`g5 z`t-+IZSUJ7?gU)!oTcNol171S0a}?-{Mn&crjJ`k)U7(PHZS z&xX?Mf}?yX(aSIL3z!>+&6Qku!_9t<0S#l-H$p~~!^E&QFdX^vlBKMIy&wK^U;?EH zsiV-5InBoMbd8d%{c0UVF2Y9A;%_178_Ha@bcSbv;SU2|q>O3j{;ywNcqK5IImZ&i z4~m;0T5?u6i=YijG;8FsJMQgNhRud*#MA)UkL~foSb|U5fU!_1{d+<@y{h4w8aWHG z>QjAs+2({|l;^LI`|RDr6iy~C*p+Ez6V_wDr^B>F(Wqie0Uf5);8P$}6s|=X#(-KZ zU%?50KwJcK#m>EMq8gFovYf}^a>NFFJ#jAzkb!tk*xeg=Vt>p~C{$oO%(brC;_l|r zJoh_G1VOoc2wP5sv`6^&xRJ$76}>9g8hNfw)|iP0;KXl4Ct`U^=~(f}cZ#^~gJ?iR z1Tnmr8`Zibv9D}T_#t40Hjs5I+&9)f{|S&Q&oNlrRE5@3s{85~cgJh$netC+jY?pD zgu2?tXqKzvam*s0V}Ij4)h#Wu7F3Mn?-QuH$REgG*Hio@01hVJXnb(WTh)_47H~aZ zLQrzDIEch9I#dcXUI?U+mATsNO;m5%!fHC(Mdo~sPAB^t-l%^&lp%7{IsrZVzDD!RaEAd@WeEh_;@oNxu`+?V4HX&fy_*@ zfW0@nD1P;P!Jmv4-$?RRV3D{BdvlAn+K)>qt=}}1;ycHV8&k2lET`p6>732?-Wl+v zZf^$_uWiL|o+2|a{fQA2umLomS8XL4){H|6oB;?;yiPJNRT;Bnd~B=e=z~v#Uo!Qe zG#aplz5d1f?hx3`-UMsC>r_u&A3c4s^yuK_n(2cQMqZ-fx`d|KhFF9yqCH+(2|3uT zBp_&Xx3rgKi@uFn>ORfG)mNEarQL|8RNK|8WJXERQa^C&-I(s$R;iZrLI_ZLil1As2;7lADwL$_Q<@|_e5cQNC7=crU3 zhs9q1It+(5Of)ou-K}Pbogtp2t&;@UlE>1WIUb$e=NLg3!aWJFn=bV#;S`#HVPrfW|SQm7ps-0?9vZEQWBxJzco%P;4SkiHV6(w z&zwS`d|4s%+K-=j+kZg*m9UHrBhRy0vCMC%@X=;Vg>4lp9HbRHBKcv)e%iFsva%QX zTg5P!5T+SYgHf)J((>GudrS&}X)IM{q>3U>MbVFjxR87JZ{){iW1h8pXt-ajr&PN4 zz7d~@)=`yn*P{iyK5tt@#?4BeGYE${EHI?Ip;z;7bdgCt4$xCu6C)4LUIWnABRA4m z)_^Io>Bto#>X=LYy}3GfYuE!>&VV9e(;&>(+2MMm3k9L>;&svJg{`0JHu7(5<Lp zRXAI*I|vZ zPQ7a?6V|JgPqv+1I5Ee-&RbZW#>vq+r=@ilpmrO#OU>1!=}P2}RqJ)hxorJI-7sDg zA~ozEs8r^>9_Pn}V3;VJqh868JGDGuW1AMV{O#k0nk7@=mIHriy~C{I6IZUDZCUK3 zyD)k3nR>!cMw=3*SV*+S!xdG@-?aZ%dtV+8<@^0zqM}6hXd%Q{vlg-wMp*{KSj$p& z8KSHq3E8)Vtb-W)I@Ty<-}k-jd&s^$*R4;VU;X}kp68F>>v_KZ8u#3D%{A9K_jR4~ zKJRl*wsAfUELFBqGebCjQMZ6XC1)i#DiYSq+e|kiTIcZG{MD7|;j*$KeZIMG1Fq8y)4BzQAiiSJj3PE{U1FI&oxRg) z%X2aBm{Urm#6xXIYPU)SXrY0)7iRA710n7+&y4V7n;jKi^%#tnhq{_fY=j?r=@ty}fEcUvl&Gz zEh%7$Zq5k#%QO=VeT^lkE$Jd~{~GIk-7HQ@()W33P1(#i1$jJ^#+4BfNkdKj=O*=R z)8DNOTV1&hMJy{ob2pyHJ+FnfIO9vyXpMlE^TQ`%6j$V(ayW!D*xAjj?hXQhPpkb> zH7TRk?__|=Z{rfLrfaCgvtAv?OJ>(gI(Eza2qLtCR5sQ4(z+A-JR3fCj{ZX4jMG@= zD*eG34yE@Wb~|y-JB9OS@bPd;4~i_t3%#G`nXng8`nMPqvlZX5X(=8HnN*gXsQ?W~ zu`~T9hb|c0VizuNs46a=+vk!$vJQ!96{A{nZC11aJ!RM0tolbIHdB6Qs6-k9Y<+uiH0mV^*R*0tz-})~8 zt@pu7d@FuD!9C1u@2sfbeg4_O|4`?7eSiY;Mf$8uOMR1{N-za-<@35acM)SA_Ore0 zfnK<9YNMj$WIhP?a@w-OE7eo6>iO2#pxI&1#*4}*bP|tjev(3xYpnH^-n7x!Qy#kX zKd{a`$)ma1l%*6pNfJM|l&vTAa?pvciNr^?krb6jvMUD9e2O2 zZeRZuG%bU;Dp5AAGhCV89ONAzk78~3i2)ttH;l!q3RoP>eqqhOFZ{xNzLV9@_LTSy z(R3dBbpPHzAP1nSz1=soe_jT-V?y|(x??BJUpU$|2uEAsGe7?)juv|z;Am?xn4llcFjqphUrq;{cvS&0mPuFeaI-isey*%!**5d9^#5=d-F z_fFcs#C8RU4ZFb0_Lta(A+hNkC|LX}2q2T-r;ymPo6>LomwbTO{DIi4H(0X%5?e1M zwlc2d+CL{&&k4ka>xnP?OKd1e$NoQ>tcp;{JL%(v4JX0N(`x<+La4`&3{CB!s$V~`NXPp58Y}_G`06`ItMMl!$lKhN_Fi@!7L+(Enfj-v*D3~REI|Yaq{wAJ*U&aJM z>9OaWkL}~%z_$mn%n6L~DUZ~@_7DkrA@FsRy8Y+=8o`nt=ndUj{<=R#1uq*26T+Eh zYW4s8GKmMLfaVQIB*6aCF;aOYu(m?fn^M0gaQp>yuO+64)i3-SSK<{Zjj(+>0BGpV ztTNO;80uK&dG~-^rn%Mp{^+Qv$AG^PQ)kGN2{;E<;I)Zr09s@E=UkUn^IM)eYrFO7 zmMpz;hdQw!a%i#CpOEa(&>Sxty~tUte&t{!m!5f%d5`uA(X}TZPi}&Eb;_M;lcvaG zDBTIz-JlysF{-f;j z)W~ohi%>QW0QJAoF%n=@lkeg>Zfc(dwQGLcw}Plg3u(X1qcJ|mk2t5 zh9fT3J79c?gmj=jesDi~Xm;q}7rM{M&cvHfLyQD~XH|kE(e{#EfNT^37_g0(2qXVWk*71-BThsx&J;nhaA8JhNm` z{hdjQ74!XCXkF8toyjmkt3iH)Nd=a;$q7fmU$}Inv()wA05lWiD{@`^URMk_K7(K! z8;JV_o1Os?E6)ufYpgR-P=lcPl4ML~}HIkC(cc6?txBXSQ72X>bIsn7Y0$zm! z;G9EAi+wO<*EN6=I9ZonHSfjF;2ukHg^k)gPZo z_G)m&=B2dQtHK+@YOjf!x%3Te{J3P9XIgOn{4h#c-Ot9vX1P95Kr zPCHz+<()tQltKyKb&S_66om+XBY?Nkk!012MfC#0oKBH>L)*ArVn8q5_>rB#XoYKF7b}bg@k}#<-R)mt+-XdR{GEo>s znlT!5!+}&TYEh-rH9uTNQ)~~6+m{!f9+(#ApzV=a4x5157mM9zm0_>>K;pbHPw7xs zJ$1D=&q!_$BvS2H0q%51>z(y`)uN{D^df+#W(AzA)t?>2Jnp-5X^OI|evzMm_NwsW zKT}p{c)~;tJ-9*&5(RUThr0_oxpQZnp-kJ7^XeJu4gB)GFRH=p#aaLfu7XUh{e>#u z973MIz#ZiFOvi}!&1?HMN>z;4zdAjI;P8~X-gGZli{GsCb6U7mVok|BBVpt z=_(DhOx`lrr)1#w)lUP6fs(B5n`y5;->#%}+1!mVsp}XC4r2{6I$va!6F@Gc5l2}k z*LQjM!Hg=Uu5ZCm*9x_@gJEi^&rDRS9fz!L0`8--!a`WQl3WpjqF2NehK{>uK;FzDOf#kfINXi5!k%aOW_0DczdUF*yuV7V|E$JXGDIfoAs68*MDAymQ_o?~v>&o} z8&I8V0NmPd)l+CHx9#L?_wwI9kh7y8=R^D|~3 zN>i75w(fv>Ny1shhv7-o#Mva#4d%&POY)QRTM&Ls`5CmMe&(&J__ztqbc+`?Mhc$G z0>THdhQ-4~hvV%({Kcbkua_t@+ygTe?v9V*tW3Lll}=B^&-R(?g@Sk{?9lCewb4>M z$ed%2mr5G(TRm%yqz!&mWB#*Z*5L_3ml*5{0HADeZVf#gT5S9`dtRU-17_F0bnqH$ zbUZ*M+2@xr!NJJ}C6ouPM3NYJ{V`tt1 z<`fF`+WN-VU+Q90CYk(B*AYGIbrxbmuXpYV z1&V^8D`>g2FGet@n5gPH)k=AVzKJND6-^%cosyD3jlD`TR4a&-I@yT9#wv$II*wXq zL;f~Ht2J0)AILW1u-AzYQ46udqnv`<{d#5n9eA#LI{YX@FCm2s+yyk-ly%m79>2 zTH@EbclqWkqi;Idg1&Iy?_8k@DlYaMw4XxX3TEWWOu)#x=CoAc_JJIi{64f>mbtMX zO0wT-sAMS>gOLz?X9+X*gY(B>2~-KGl4r%Nd}yexs3Q_PPk#V=O#d5qYIWqDn$!KH zpCAHv^-3yhootqz@2beReNX+L=}}Jbon0X8gOcKnz$>nWc<(4^vz$^($p9&&-UZAz zdQ7gH6q;`|sY>iiWIYjCq-H=Fi`mVblWuGw{%T3`stPxVlrDr?j$a9sJ#)m6D}34C zO)f~*;HM+lbcUd8$uPF7l1*pMSbY6LXR{a)Wh%y8St)jYN+GfMYQbUYjxfl<-7OPm9vXhvF_vtk<+?)$&Y~-c`_Z?0oW3J$n+WQ38>flG5kaFud zICbX2o1^oQ(c6Lbujc8gufmkj7dziL+rP+6K|JwHN*p74MUs?1<&fG>S$EBpIb(c{ zi8|kOU;1_$Q+1!u!&G)=#B#0qBWeQ|+p2!LJVmP9t3_y6fcP!orzqyN8{+$3$2b7C zzFSGSKBqJ`$oTW?i*5too^UpVdLq7e{5XSm>HZ6etvAb8+0FoK>cJ=S_Hj+g?uX1A zJrajI3<;tx7Dq?Jen{;RHa6{5IQLYSkhUKC`ORdrpGg(D?=<^!wkfkFDVb;)FK&9< zWGyo-ypow>&lOfJq}6;D|N2pr7e;Pwl8pi{p~&!U7U;l>F4*-U)w%O_FvZ2l_y0_)k>WjOk23irR}E(r^u>cHqp8Ud#g>r`8wMlScy#g zg`QaSD!wIH^-Gd~F?84dR0IS)s0iXy&|lWSm*x@oC_b4>IU_D_rZjkqvOSW?Qik5;A+u*^_DC+(wD8v;poDu&NAtU0yer#PE3 z^O^JKO~*6uU~)|zbh&NLqd`m`t44w$wj!DPS!|2qf$P9MAKK2Rzu5b@S$%YnV?cQ? zlCkn!N{UQm7AdVWs}K=Qb%p!7F7!Oy5G^WN5@;FUu7@`G?WC;acxczo zGrDoDj(rlDUVs+;vpo?_5f9I+j zyS`+msOWk#pIg+U!DODB3?rb|O>noyJ#Lrq1!eol%A2yRlhMnL3OpR zf;Cjn&MqyWb2|NbH^j(LZ9hZScxwo-aubRv6*42$exc%KV6ux0U?5Rf+57(tbaqyh z>LD|m35zCQU1|6$b~QrvTWJ6lufsR%;l!CL2t5ZDRG*n$&{fg>a=BiikB~d^7y`KN zX?6k=2-@5wR;2!ihQol<&0DAZ?e~RW!@vpq z{vGQ09hFoF!=VuO{uA0e0ghbVQ-6I@BAN^&@u}@o{EB4#eh*BL_&*c;zp{c7u^&Nl z(o&t~ST47-8{Jr1K)n0X#8z9h2=|zq8w7H=&5iUKNFSWJ(CXM|VNrk%?RXgebZ)pIUTn2ZVY6|;MrTAAbdn$sp{8W!u*!E-_~JPH8Bl; ze+DwkynM00PT0Zp+J)6PX?%y#M1KuHnz{StvK0W0iU9vXtNP?A*K>{|CUOutjM83@ z+3?v$iz603)#xzXA-64k&1FBj!O!uFxKbezCENCX^}#n5x`VGYLn%{VdOzvef$T)3 z=2wtscp3tl6Iv74pq1nGeL?Yh@0wGy^{no2xn@++}1zgiidMvdGfpgjLUc&*sX|O7TO+yV?u)wFe!=4-K!m zA4Z5inaS#{*Lw^SCxWB#U&9)j-4c<|Z)*&f@Y&Sa8JGfJ^NzwNodZ?Y+$uCdQNGfu zvp6SrEw^&3e}sxd%QX4x8-Esy&eD*|jmC9{MqdkEv^K8hn{&=l+vbq7a+96)?d0L} z#ky#H=LONBbXhy+O<$kI4|2;TgGJ^8Lo4nyZ9W0R*V`+Hva2Lr_ek!u;}U!SBI7jPLT zx}y>Fgh2H=a(ZAArgrdA-K&c+aL-3PTm0Ntjx{3x;U~ev*GY9tcS$ZApE~WhNo4+H z1pZWy(x>*V?Sv~DXFo@7yjV*3FbojM=}&=u+4w=43iI)~Ad!GwHXu^*rXW*So%9-5p2jp6j!buRnSI= zcB_U(6Q^K-H&?Y}>(pJo;gYd~1ku&za|>ZtW{e3v#%l$fn)^!^A~W=37cykmABl<0 z9r|1anYYf3k4n9%JuSOzEpqxd?N-^sQt##Ij~$ra8bSLU45k^#*WLmG^8g15Z?0N8 z8Duo@G6sJ(nSW^%SZLLo{TlPhd1c_!VDUgV0qKz?chzQU(V+3fv#0D@C%H5U%h{1y z>nk&<7CD7k#r?zj=$$)jpZSm_)>q26D+(rd@PJaSZWQ=V}phX zfAUol&3V+NMr|r?l%aq{_YcL~RGlb{wFXxuqim)F!&HofY7YCzIcA zPyK!MG`RXd^j?p~xyOZHr-eZ}73%}m$ z^*I4=_&>fmm+6UbA`>GtC=PT{>NF9wYjuecaZk*XFtYw>W~-x`C`DkQk`pLkrqyQN zo320Hb?#nUkp}%czzZqN&O)EM=|k5T`cY^Y#}BGA)QjR_Dw%RALQr-yI{r5Tunt+Y zxHG|2l+hnOW&JDBgY7UDgi0r+o=(9GS8l*N0X9`xmJui0!&fZ1rmKh;F^g;gtO0Ld z?<<>=%#o*o{{#18dk%$=>JfNdk6I-e8ak`k=gj-E^qSuBr#~*c0hbC_F1SIgA`i!V z6giVf7<3~5zC757zO3%fc`}@gi{N;@UXyDTyAV)?-X<2D@BLu%>tk`+0*cq!*XmE= zA)FNF2OCdb=C1)~+c)0-vLzuQG=_sPUG(>~C%;$zmz{}uY4L}Uz)OIIu`-+Z#n=87 zb^~+B{#RzlpG>$%_+#z!e=|I%B0hrD?#1#I_gqP@(gaMD?8@c8^=5#mhCxrpc-Ar*Sb-HX}F=$x}$J>USo-*n2|CyiHsyaPTEb6o< z6I1=fw#s~=taBp*o}U+QnD>?woSf!8*pLh}jN4++s{5cpSlW>Ohy%w)exvhA0Ek9| zocy6;K(hwPEwPVB%AXd1B4D6dysISug{luGy1Nzw`V0yno|aeQE+E@377wlbm#PHNl$a`298Tby+sSz%-XlYL&@qC9vzF4#G@y#XR|Nd ztk~8+6`Aa`dT)2)=$#??$m6lA<;KLhmRP&qkM|KBmkK~LbV~N&m}J8nr%&Hi$gCKFC>};DF0?;fNcq|| z;EM>oAlmvXENszNh7qvVa=$`m#By(quX>$|gTF=JCSR2=(;z3X<-N#Q>b)4VCe7@^ zZ^>U!L%np)m`C$(P=ZFimsbj~g#s4pThH09!9?w5xb44YOvk_ssthp!myV(YtcE|P zD#cG7;xr48bOI&jTyZi}O7Db6ra84Hvu<(fRYeSo?? z0yc&%G5l+NcEWv;^N9;8TcI+MZ&%%w@>&Kh4I|h!@%0J29i938}+ABIDy=AIz zS}@&Opf7Hc+D(4q1nCy-7xFJy3Adc{L< z3??4>knw9-{@q=VOp4t2-Sa;iW%-q@(lV;??mHiJ_rc8VMm}=4oetXmR3bZL7Oy*V zL+PENVpP_T#c&5-HTCJ+80D!C`X6XmUTPkl-)Kp`HDE-39NceE9uyL>r#-MEj1Al_s{eg&>Y*^EXZYWlc2(z zQVX7a`^Z9|Jo9Ae@I$Jy=wYGt>7hgC#relxpLkj-n(}Wp5;v~tqPiZpuAVBIYZdNv zTNl(2TzE?>#7ERi>Tvh_SCegwC!J7h6XD$auXnx*S3IP$sVV9(&p zOKhkcOQ!o2sH^d{^$IpRGgDXSH1V~ih>Ja{*E2&J`|@(!XN~ex7Te8$!Rk7=E+-zA zb<$e$yuDj$)9tk2d2*TF%&ZdA1$XOo3wD&y{DfyI)z)Cf_i+4;58+;%Lq(fgf!QPW zIh=Z*5P^@&Eb>2;yRj(8JT&*`u!S-bP6;hA_MU+2=;LEjDt_`WL3BD5I6i+u z?~B{=oHKZoGS-S@#4q`S!^#m!^;t66H>KTWika72;QGT?!|UFp}d{8nJt#%xvHa~$>Z}^V)yPnOcHEZ zN*x=Q%|2w0!`x_VLvuSUg(wE<1~I|=N*{`@;2~AsH_RIpnNw<3KNlP(=BT@$&9C}l z!jJ^GR{VQcJX11p>r4pw$>JN{uuER^J&g_xss;^GhxHrsr#9$&G7hukt&W%TL+PW& zB4&&lQI;;&TzE?kwdydK?Ink+9Wii~3tH#WLyR+*>HD#f>)v@Q<5$Y0C2&A;NCAIP zt`xTzqhD#czfI^cveD-pmGyw3!%m?y$KCxXt8hvdfGvv3UB|2xjEscWw+ELLIFdXM zuDr$8Jm>wOZPG&TRDMC{%R#4r1d%O6L#x6t^;%#g>FJqwEl)FQ2GtB(eag!;DJXod zJ5s@9Y4-!|R%sZACGL9(!Bo6`htrIE2C_dj-)^jCG$V0Wz+$*Q>#E=g?X8TJtQ+W~PMa1kmN3&efwNtqU*6&RB$Trs zq6xx40gUp2_7L}N8Y)~#gKTQ)_cJf8$2G@L?&`hwsP_Mf#u$kh_iPJpglQ&JlyTa z!Af*|4%jQUpH(-%zU6TM2Iatw7)yk_HOB7Q9@o&&d*{tu5SXsxJQ(V6Sjj5~Wtc8t z)cOZ?^TNZ~^mzdjjy|{?-;N|}}{@hT0orMexWl$lJ=5}TA>upWLxFMU~FT1#pJKR-I6&-||;P$9VrB)|IwYAks zJ|?1}usPH78#%Ma0j8g|eLE)JtpFf}<#)`%$+RZ_boAYXMJe?c`aH4dpE|A|Hs!ps z1f<8T(w2I0Hc!I=s*UBnlb95d^ z!Nb>vZL=)iw#p*NgZ+Eg+e9ruEvjtCuKD~=fo{^oa;>DxcsInewbKFTO zv-*$U+_h#d#6;cgRapONea&Lxdbq^03PPIyESo||4@2|av>2Ph)?I405-I|AIoZgo zbuTTK@ZLt_e$2%P)JI=! zT69>hh&z}FSA*}@y_B``!CNr-a7ozGv{OykVRjZd>C`vhy(1EM)2w!*ALpjo;Y9KI z7chImLk7?HR2=DK^jofxF<-c}@Q&;Pw#F#G;+FMj_pWfA%t~A^=%q^B&!x1pATqAV z!H5zi@0#pfF%|!yr>nE$tceUydX2Rw@THjYg9TFCU)}2?Z5M!Pa=G%#@_*ad=(89d ztV&!^{}EA~Xd(6dm)q@enStKmP;+Wg-khe;-g=eLNYCHTW7{BMz% zf1JwTFz_Add>u22KY@^Z;PfkO{-hLuoCB44{0z-Z^K&C~gBQ=fh8*nseKHEK*HDF} zKW^nm$)F}fcJP13!ai8Auj?oh`%8hi2y3`J#1&15B{f|hMT;5r-nm61%L8N4(|^D> z!>wysFx`AhkDQsI@$v2=uGo~&PeI{F^YopR*w$D*bRSZ%AYs{^d^}*;z2Lz)$YT9M z&boA~?A*stOp|3Q-J909>h|hYp@~G58ZwrIC@H~o&9CqHv5$cp!kxE|D~6vp>3yWG z-G}VOOZ;vN{AF7TC_oKS80e&64K75-90ov93;=K)t~a^xS9ZuhksZ`s5Z7%Iel!0k zrKdNKOGbT1f@k4@Vxb)*SygX$GtK_CXx)x96hYo{i~p=9~3c7 zPmzbXE%aVz>xDhNnY@HwX8hXTw87)iS^Kr&PnCZmQHFokUO9?>=I@}W8F)Sv&Rt{q z`|2DBj4J%+UcCPq>yRF+bh_YC3w*}@ABgGSee(gOq0;!@CzeD4_Uw3-267TceXLEt ex56Lzhu0#)-bXkzbUi--{uE@DWU{3mc>XU4N=oej literal 0 HcmV?d00001 diff --git a/docs/class9/_static/tenantlogin2.png b/docs/class9/_static/tenantlogin2.png new file mode 100644 index 0000000000000000000000000000000000000000..3086baf6b173ac5ec274c3028c9ecb8c34a50523 GIT binary patch literal 27587 zcmd?RWmuiDvo8u1ibIj2#i6vtp}4!WxVtX2xI47CySuv;*W&J4w79$bc`5Y2_uc2* z5BJ-BotR(`~&kf0)zZ}4F(2K0)8MPe88ZAzo@{kS{nF& zl}v;9R}y?7?bUy-XPzqY%JPef0)J(7tw10%YeRFJDymrE0fecMoRW=__*XVvb5m+< zJ#!rpwS%d}Qxz}{2R7i+6l9}K=wSNI%$m)CllX55HsJc{F%2={-y$|9oWx4vQiS~G zRvHoh}dwTO+?eDmro8x#Q#>Q{{&D=`XLR%Na zMaS`%{(pb;U!8j{EoI~Y`lc*kWD3Xt7zh^~Eeq{St^fJze^!;Z23hf&n*ud$xc*Cu zFO~oM%l}#NFJYzsYLlLk>HpE@e|z=csy+>wP14E;Xiocy=TD>i-=4jc=b(8K$bS>i zv-JNy1;oz<$3gQSRpNp>;AjX11LFY`72uU~0N+c7N_r=V)46moRNu+jv4FLasL;Ix-kBoln=hi$Rjs3v{Yhrj#XN`FFf#t&%av_kt85v;n$55>E#W z>*ej?XF6)KDt$JToA-$l?n^xEwvkB7kxiDS9d#!&rGPRFtXC|UAaf&!G7c;xxs*mo z#wC|s!{@6= zBG_w$tzwZZD$RfNedmj!QuZ8U4GiOcfKO{|bI0b@sW5B8*^W)YBYm4G>H$eC3UpMo zo-z><-E&2`BravYXl?SAk}YxAw)RB>D`Agig-Fq_R?nfw{uCM$fC1ZF@s_A zO=zDkH`2xKd#kNdPhw-PDL>tg&V?~KMGdpOjsSxdNCB9366EN`@}4jhY#;lSCT&0# zGIH{r$wA9w$k{5=s|gbBS$Vk(n+H@@DteT{=&@9IQ?J^N<{&o)M$O~m;y$4jPO2DHZ=SiK> z+#x^NA9OXF9A2QSk!7(yHe%I1*2~4`V@S)lcg+noz1A5FKr3WkozM+qy4;4z;-Hyq&9|r<# z2drn~9D%HPq!lt0d7iL6&f}$q>9P|{$%^#d?pIk0s89r=%_e#z)sTiab3=8nJ6i_F zCN4O+F}yV;Mjk4OUJ(($D;U>FibgSJ${`0wg?R<8Qm^gNLoD(uk>_}mJMAnt|3Hh; zYksSjJ>2qS^nf<7^xL*re@br6+9h|n`aPMxK|1~Ly_$K~M`6eJ2-=bwbjo+TlqH5p zp4gEQJS;FHV~Eg#F}x5M5GQSc--R_Qy}*=rsHCxT@pe)47sBQHT9f20I*lc`5012y z@48~C)O@}RYX;2pv)Kug;?;O39vfp`yo&jmWC1{HqcUKZi}{0;H+Vy@h#*pYss8xcYA=s~f^`IKLG z`jCl^LY7;HG!#3!RHJmf*E#h%MZcv7ix)zh{MYh&841Yq_-oqLkJ19yM#5~(&@_>P zlOM=5xZb3sc<3M;{VV?(W2} zyy`wp4%?V(K7`$$bte(Q8%xdEzJdLd<)9fQ^XVetPNd65t12;Nh^(P?V+|#)5FVg^ zZY8BMIe`jh{`bQ_mweuQWRQ~N-lTmRIY5xB1 zcg8uO&dNB^(=TmxrUGFuXf!8B$#w<~oUWPkw#Lbsf+R&r$@! zvaRtMl?3|e2K4cW0pxEfmgdrlvvATOgvj?^s$T2kC;NTD=$l`heSPQE1+|dgsgHS> zT-Z=5zA?eH>~j<8uSWJVV=E^cZV$*OSNWVdDzI%YVb+j<88-ua^aEO3xDR4A`d3JE zH;<3!dicBe)M7cBULG9?m9GvoA0mo#AMmnwR$)Aoid4)PH*u{|Gt(Z78BJU!*Lm!nTSsL+tsn?^CE69 zLYlRw(7=xckaP#iDcCU|VY#5JTrC%=R&^c66~xD6Ccmv-62X(r<%z@snR;8kJ`asI zUzE7p=Low=M9Y%BD&RyOsgcI zo{b6ipJ_fcr1EaKj)%PS8TctFaD&pGR2os4bGaJJY(O^SAfKJOhwvUSe4b$4QG6bq zS)_0LJTl#fjYs9l$R^udptdflZUbP5zG@UnpRJ2p<68L^b@!0lG!J@vByaB= zA0GgCMRb5~QigO?u#kjd85*No`vq{x!v{{jigS`khiS6cv%xcV58UC8Q{9tD>v&Si zN`6uN1=9=cc$a_|yhsHTw132|fCQqWcMI$!`L4LgI6AHh(NRub*R#Kupro7o1O&;} zqC>9_T@M&$5#$J@EzY*S9gG2S(;L>ONm&l+Jr?3A=8<4u^)fCl8IUdgfv~c+%iEfi zsctf{)->dN;0U*l%XCYrvDmtYMgIn-!fDn(|H)N)eFc0lJ-t35_#@=l5Em>g_BKB3 znq{gMH4!7DRzzjH?~XkSv(rwA$F_@LpH4|zXv^ta?>2LHzFB4Rn;>06Ky9vIrEJ=V zqsY4GJO$2sByONGIbq}u7I(`Jt;wl64ay*Mg0a58FXepg*hsEkEHT8guhe36F9>*B zWh${|9l0Dcn5?0{3d;{DEPIk;6bo^f<@L45xA~E8mg^x4IZLVJbX0?y=r|9X@0EO0 zaTl%eA`)u*FB3;miD<@;>~0?}smF#`JK5uI0lh~dQvaD`i-!sI&<{S*{kJVmCVjG^el zkYf_;NFPtW!>t#<1$?jO$ah3*F*?zBOjA+o>J=tg^&%1ZTbRz=DZ_)wWV{M=w?T3Th6#y2qPDY*Lzm8OJ$YL)r&ch9G>vfXtGFNy(|< z-0`PWDH7oOL+S+Zj5TwRGMnlZij%ny2#?xxXSys1_4HHqO`Fpfuk96frL~$WD$)qM zN~PNzTSW~e1x8?>O0l`ab{I>r-@NJRMu=#z8FBnnz5i>mTT`fY6KzCmPgVqfBG*Y7 z0SLnXYt~An>D+vay5~R)34z{f(W?@dArOYS_*SHp4FnlNt6v5Ng;pOIbGePd&eLBt zlzi)jTWdN;f#bdfuTWuq3DXw#o;=Ux6%1{{-@cC&UiAuR$@0aY=-QC3<%x zeLK&su464J-ZR*(?b~no!K1I%VW} z80C4vC-++exL@1;RN+tth;{d3zQsZ0bhW|uDIe=R^L2f0JLq={Y*Ss!4hR7I34x-# zU~~zPZ4x|Ot+`x$Qb$Y7QrSK~NS4ojwoPk%KcmadKioMX@)n`hk0+Hv1IC#krHlU* zVmXpq{|)&s$n!o`0I>~Wx44KTf4$S!5BC+;*G}DpMOfkxw!FYZz?^XWidy#O%`w%r zKB`!Al1Bw=;KbZ#K9>MV&cZ~FG)$REcm`l?AzEHlmK_VZg9{APbr)rdyacu=AM(*2!XP+tiWU4iV7OyW?td1XZ?2F#YstV|{Gzso+) zExzcps z3MyGzempq|v{ARRrVo!mot3nnKH!j(lOz845hWN$e>#w<92F4DB&^p(e@RLz5vf!m zB=zm4_0`R7{080lm`r6$SstXTkGihU?a4Ql8zxjVG#9~1$C=yIhXB<>*Duqn#h9ht zmcob#`4Zi!jxQ@1TNvhNV1HU~dwB!OK#8R+V){nur&*z6+?UC)6K-nu*7>Do-PCROi}3!@ zQhR9YrK1T&is?Lp8ldOpl7N@Fb$y3M)p*)!f7G7!TVGWJ@AehfgU%7*?%SR8!tB_(McByAmDqgvm{f-Rfm&ff&vV}}>JBA-fXhL{(W821E z$^zTuT-okSa33_>oZu5}45=gaI8=K$bxKI`#%C^8(eIc*vh|Q5R_h^yv7QK{F zyOfFwx6!$F$wu*FyA-nx#EtDjpPXT~{Wr;bgO~65I#xWpxkrd8`7H0blUAy1e!o_8 zyoXn@z-8|1TBu11j7_b>!HbTjqVPX-UE}o2R*}7I@8A}1Z8|Z}q%}DicR20b4GRlP z6Wm`wb}vyl%Nb-ZH_!yfuiGSsA<<3$ojL3RfwC)=tTb(^%G|1ZsrkLRX?Az7LTh&j zdTDZf$$8FEEH1e)+q?VD+r%aT_rPTVeLfTEuvGA33_fJkQs+Db?=kXemqC||oP0UG zf%?~0q))swP18g1cCIgEMlu-Hg5hB+OTPPNNO4qERp&R;hH7y-B}5Wji6WWuvObDW zBbAoa)H3b)rx-7!%%EA1|&CJd|Wmu@KqY0G~S<2LIBlaXeHoOpRX^v zENgBp@RK7bKhS@T@V5+BEx_jYm-_ zRMhh86hsYn-F9Lqt`W`w6R<$EANf_HVgu5|hs`AMR3ZdM=dGcK`x)FZ z-Alam;6(cpT<;73S(? zq}G`$d)1oc7ni9ON%yR)WCW-*@GX06*!gAk0@J~fj6rUwes(~ZV0g$orHNL17=Aq4 z_cq+|!Ji_0&qCuDh&LRjq_)J^K{=_YkZ%;$#VDN9&^orX@483?s8nwJ0>+6d1OnwS@X60-fGEVyMz`>$Vf+(!btfM z`osAGkgm1aJdPwcYzG@SbymPRen{j+c5bdAZxod5B_};ng|U5s(_RN#kc%HEj}a@T zJLO&gzE~-kpwSWDDZksMW8r+H;e&iAls_(8ZNp-p`*7nKS>^KE?IfYiJ7!{bwch&8i?!c-2Q!B@6CC^!(Ih8 zwos_j+^ZYAF|xj}E3{$P*N)=Z2$9@31KkP11G3}cJRGQL*|?!i_&-d!9tYZwubIau zUDh!gFD^oFhG)MzPFZjLF`FW6aVrl2O;*%eOLBjOKe(?+4IQU(QED+hzE*7MYMHdI zIC*!#P0fiv&M)|b>df6$Dq`ts8Xa~j^G>A2+pdEeM9%5{p3PE zXh1M<1dsj3EObj&5-Z>bvego)gMg6MW=p8LXXJ2`CXI*FN}Xi%k()7oHm_NX+r>0O znlI#vA7If~cJ`Fa3W_4`4>FxCeN+%B+ejofVAhXQZ_U^Vkmu>Tbh((`1kN40tJ1*q z^?hxpnocf>?E9W2EsQwk=4hv=z!MnR?Pc~by{!@#%&Z}*Zq|75nd9LX8JoB`uwgq! z&q1}1((gJK!s&2z0RJi=*RPR7L9a234^l#7g2;TkK%D&0BL)Q`{)bsuVm>kz#?c#F zlH+q|dq>KSfA7t*B|Po=WL5u{+@O4RH6Wpx@u^7^K+yw{RIfD z{;#V{m?Kb=RtA$;b3pqD2On5yJFw__9mdUu3L~U7wbwZltC$w)ecPB{P%yS>Bq*4@ zWDJBMTHPg_ZmXG`ZAd>1&2{t6m#Ulz;NSxI2KCupMUAkl&6YsyuHvXF?#zt61iOwp zVm6xtnmz^(ms}dyw{;HLsoaCg4IJe^Bz1H(|PUj>FZ;I6M*9B! zpES>=k!24BeKu@`JJT+XZwuA%%F5eVOtmz#mB#vAhl@XvWeohoF&6J98gUhVUhU?fr-}pjinaj>9+tF;~XR zWVbi}^(HaG-ZWy1 zc&cypr=_wVH%=4A6*$;HB#P`Ns#9 z=GVn4Ozm2>{5tyttTYc&F@kQqL@HH=aN3dKDLKfO-W4{;*s}zK37~ z7DrkxHo?~Ac4%<*RP()Z>Read$=q4poBq2Ve&h*|bMELg$|Oy{VzIEk5S!Ea*4C(< zyDNFi5AQDu8I6q){K$KzQ*(1@XP5h%HJj=orT3G&OxtX0h1&bnJ2;GK=8CpIx4AB> z3r}UPa5q7PG2)YlMpPlJI)0@qTK5ZBu3Nha>kQWKAiM5NUB07^WpxP1eXu-V=ejno zz(}++Rmrmvb=Xg)A#8VAStE71SidYcy)`@A{tf%Fx7T5NP_oSWQUj01+KfI)T}8o% zi<3?Jd{*4yGV@R>TNk`8t%>o$Br7{7Be;H~cjOQ{^?oa$xEVIaZJ~?G$n*42m0oFd`e1y#QxkCAG^Kb4<<2=&R&koFXk>8W;k{ks+)FV=rt?bv0dq9J*-Q~ zv6_C$))=d+G~_1X=*!1;NWQNka~zO*19=ql1Cv;mNxNst9C7RIj0440t5-XjxqPCi zB&w|NH9NG+U*c-e?N||v0&x8IUxtF=cXC0`V@#q(q7z~PYkwxvXR1kbcByx z?mx^Gk)EZJ(mCB>Pu&gFOT|yNeGJBX3`Qv)qY-W{MAT11mMl9J_z--%22F+(c!s!O zX8Y=5qqdYoEFzI!`@OYO@@&mi+xhMpE51<{*P;7O=Eh{Ei8CH%Q16wb`!9&jW`k*@ z8z1o;jWw*5jl#sp2nJ!h;iE!;?0_tpGL zA9<+2Y){kcm|tzB9)7wiYdaWqI+XhJ!3;wE=iPef`B7Z8&H9j&PsNIWLy`TwP;Njp ziG2dII>T!#W~vhZimm2U7R06o`!URrQF1&_jlR^hmDk7~^|a<4ee$>?4pJo;WuML? z(c!6yhjLvxEoKb|I!!dTF6!!)ooo^8j&-^%D;c9s zUVNx9?cFKPxH7S4m2%15L+-@1omB2+?3rse9v2+IC>^8W#(-bKU7=R5&D0BZ(U9v!k30H^&G4l;p%| zlE<+;VRyc(v#(sb&(V?<2XwSXa_kU#J`(Ywx*H%g+!L z(-b(&m+DkCiCIzeC1l8i}5*+b%Vu6%g60*Rn0^ z@6L;SSCd|WFGd;T%mBK_h>a?6`#5?}-Ck_8qi^C_AyQqqyoG2LuAs8~V?H&;XNTb%uM`6Dx#&s>_%dg#05clA-Ub-lX<0#arOz&Q_H`)_SxW+H-*{eouI z^@WY}u39YEO(?r!Ayb9U&{P9c+JYp>-+oj{kNJ7eEL!2)NsUv{pHU1Uy-FV0<;E6c zf>g{9NNY|!YiMSD6DVUQr-v?_NNZ9kJ4f|Iie1Jdfd4M&cb?H{rm%EejlQP@D=&x(Z) zp7i&ovOj%DilTt;E4uEWf742r6ooQ?H`CI9UynBW_82c~LkN+aUyc3_WVr0Gc%sy*kQk*<9ntO1t)_I&##@jc zA9cZ^gd2(H?1ybUQ6%J>ddYQaAy#$-8@|#b)Prd7tOMfJ$5fN~i_JJ)u6XWi1Q#p=qd6V4B%>ueSb1p{E2sw|pfFE&HLJbcVVV)#Ds9c{^$7VYY&CxbM;CW74+TY`O#ah_BZr2Sin5z=72 zSz5gaVV6}n_&xet%w70Wq9J->lmK{gg4Now7J5c4%0{}BUdEMuGf)=kh$ArxBK?wq zZN*Xd4r#F3pJIeyR&x`!!X+d$Y%$D2@dv$n!70)K8S8%GJSbkPn9pW$y3`ht>3xS2 z69H97UB}<6MnyKwO?*8|8!09~L{5y?QbpOmvSOgJ&c}_`9O`Z`Z$!t&mKcpRLMuGI zyp0m{^PKUcJ=>bnpy`WT_50N)W>=o`nA9N0Ko2SF6X7mxJ*+@(o!&`C<`mTn>~&=y z_D!g~srwjP?-yx=%Nk?bni0NOU-i)Z=jUx)me??DEpvcK2 zSr6r{`XH=a%guCSQC`2%Kvf@Y>O5WF!p{NA##{`3f3)(Md>{XHYIO;l@}sGObh-9k z+TGRRrb5hWkw&Fg8TRy#B=+U>9XFYuR3Sw>)K0js)^NF~eo2kv+LoDhCPXxtDE}cU zBcbZkpze)x3j>#I?9ChPwv(WQ9gtXbPICcuzg! zI3}p9?RO1{()0V=emqdy^p zPeCYjZdBqmL`omJ+?_1-r%Wig2$Wdb7j8mGDqYqDfY{HR@Dj(#d; zCacr;fmZ@~cbxU)>*q53BNZP+$NE`6Fncze^{iv9xB#NMyGUYneWYnIitmr^G_Rmn z-=S{NJ+`+EwnHEoQw)A68eyI%ZeE?_7k)?G`n^=7$Ps*X;fyEh`1bbrhA5>B(n^EeQv5v7Jdm+Uzr)dxcMN38*4Lysr%J6 zWYf(#fjc`t4NQMO#RMirT~8mPCx?)3ll3`u_tHa}8z-&0I#_VGSCEa>aoB3#yBM_@ zki*UliO&v{x=;dI2&cf32S*M@K#vZ-BW161^O(r4c|(g!V}G<=&nH>sZ{*D4-AWrJ zjpMIpk?m4?t}TvP$#>w(l_GCAq~Q(MzU#6$CW%w)n->`L_4oCkA3aKwAhoGgt+0i` zcL@ktHcP>WW|`}Sha&{z#M~bj3@_epIX7WRdewNV%#*`Ey3}czo<(=#==*vyHZ8|i zp;plD6cV^ix{?O^uc@JtheC$nup*Q;-p9LD@IXqKA%I3>YPDL1dA^ahSjtjcNBBf` z7w9e4IxE`84gBacoblaZBW_E~D_T3)c^4}v<2nC37cbNNh`?=wimLjgp>pWhY4iO2 zw)%ALl)Af~hJR1TuxI5Xid%e0gUvwi2IE(ZR&|Su;~nM-sg_qf_#j+Xow9B=EEC7{ zo9W`E419yTFXyYR8-rSTAOY1IuZ$I$I{zSNa_i40hT-#`PV6YCcv0HLRB>aL9}BMj7(ueuju=w2I%~=ml0yhyWD-3l)8a0Q^D% z4=BMC`}z;btqmMWAifg7;C<R5dT16miZVO^D1J1OcI{ORB)56F<_fLRX-T5FkrWr~#S^a?+3_@nP z3{hb%&a$1yf5tq)2<~1F@+&85>uQ$atf>)-M*dK5R?hfIpEChPA#;@;?S&Z=vJlN@ zgV+l4>l3XB0j0x}{lwK0t&B+D{EEvpC0WZ=p7&-+-`GL;T+~&K6i24x4YZG)SAJXY z_Epe3pAfPw>~`>;k=Tk3ZFnwwEdDF3h!FkT`%~F~8j;?kpFaf}VoE>OoApoSMc6O9 z?P$SX^emU_it0K2cuy<)1pWFeT5#B_D0Keec~;H{FSVLWkme3!mqKvg+VMVGCep=vE{Qz?s+ zOtl=vT1mu%r`RE8d34evo<N%jbDrl$@1D@hN?HW8lQ9KirejokbEkhPCR zG3a6*=P6=;;=3B0BE)2_Ff^=*qD#NAeI@9$(o*DO=s3e7lY=j-9u-*|wXi32{U?_9 z5R((-eW6+fUew!TxQblEdqNOo&0MR+wlS3vdG$v(=)h9B(Be2%*u9>D&uFL55ZdJ{A4^(-UdnBC|3MCYbk2X&SRveOy0O3c z+Zbtomq(YcjOPo?FVD3jmGD(AJU}SIKZq9E@B8w3ja5U|#&-1J(FSSPEZZrqrl<%N zv@V}lG(k5dvkgGOpR9ss97$MQoQIz8%@+xQ3{=BnH~f`CzNoa<7#h*M>*&jq8M_#Y zHF5RrX#&-#f@IME&Vtu0Jyaj>GNh65;&TcmXYynTan4i{;(`Amr7}|Q`9MB z_xcJ`Ls~A^jBS3Uz%?P2{i|J}l-dsZ{J@zW-tgl;D}xWi5`nthW8sD?;>AoN-XVMc zG5ri(*}%gfE;>wB7mX})Xg}a|-j>>}ATN(krGORHl*-%fMM{2-5c&C{Z>Vg#-D-BgSW9FBz;wenSLkJP)~+m=L4%LBVs3Kldx!BQj;h zqF;f4jXE~j&{;jyG&}qgUh}DQge9;aif#I`zkC+oNB=Y=5=sb9IX-4feuSZBA4Epb z^p63)kZK8eOcJT*?yr2YjUeMxsp{DRZ@Du`qeWoLesVCp`j6yFA(IleP=#a(qPwq$ zUj<^D!rH3T$6y72MGyxB4H@4r_y^Qz#giUz+5B zcnvN~B5rD1kgqD6{ITg$JrtoXfKE5Md!6}55Q*jUp%V{;rP!|tf&F8mD1C?}4>kDw zuY*(h94AWqhD#vYsF(S+^20+AtypFIO!X1-o$*qFh<99J>;lSxK#I&e0*>EeFN}r} z_%$I!l}9aqj;d(lW)g*}zFXof>FXq<+@F^Ek5r_`m=HgHa51hI*%+STO=b4(ke>J+ zf^B!ahr+X5>G#A*Z`uK0`5lYsDfkE8n5 z*hxIpUFm>TU39fiD@c*u-ZW~Z#ii>dD~JaHg%(|gbR2zfXa6)pLU;Nkse~*P#pD~6 z^cjGAeJaJHhDKXCI-{b+^20@-b}TNYB!8v^h9vW`C?<2{KaAq}mCEE~l1C0#6XDeS zjz8N<*inBO|3xBU9^{_J2}ZDG4&s)KRO&UePNb)l$P_L2pS^zx3h3Ly=ox^`ejYm{v6f+OIbsykuOq9pZ$bY_$AXCl zoVuLOR{$vgcY-pK{voT^=qjH*hs$5qjthQ~RYt1EREKff*4sZ-yWgr9M!wjn^SJ2y zxhZ`Ee`&xg*aNZnOkzdVMn1R^&8Ikm((hm0Bpz|bv5)nPgLvyBO0NGj1Q#4vWyffH zw&zWCUpe8w2?_;4WSE<~l@N@a4#|N0pQ#`T$u}VuJs-N&h4#5R`h~EuFVCA%MCneG z+#wFQmu^fDc_x_Xz8NiUXF4AFH|2C83;fLn&)K_rCbX?Tefm^xIX=Wz1djZyJX*dy zc?sKPvW6VlDCG_7%{4~{{mfV2F31$Q138^fIaea^kX){&sPMIKe_9`stRBr%XzFfA zN~V{UVO?^v;pZkh&{A`3_S}DraeTG~J8?i@H3p8UasB!A`JorLe(5iMNf*DYEP;8a zd+ZqWUlZGb<<|E2Hy6g{KDng6n5(}tkp=bjab^id5L(1lgL+%2c~VmjR^y>_eE$xX zumHwOkt(BLdy>L=8%lUJU{~{3jA_I1sX6@79h#zoWENiq{W#rq;iFvO?Oo#bmGuGK zo$0{n)mfoYUS3hh(hxV?oc&&>Z|b8@NwSJjAR`r(;O4zar_k3V4$NI9vu@s34J&7n zzS~D{3z;(0(y-X=_6qF~UO#J(01Xh!Wgk8P;PfbX2Zt%UZp7J-jyGj3yMqmsWmuY` z#lB9P&Y1ZaWaVavuD-kb4B}dJdnEs=@V&`+5QFivT1L^twNk!-jkyMqm{?z#&bj^* zfJ>>-1`mmSnd!616c{3|-tszgOZVP2#qmfoX54xZSMSHR4bK--;Aadmi6J9sYjW}P zEuN(i zr?{AqxkMLT1Ue9ihsW0BIj{id#n4f1=1IP9zHkek?^7plC>ivF6mh#o)ESsBhsCn z*$#h>F9(xgVPR`eyM7M3vg2cCNPH3J1ptm(ZELJIb@KqikXs(w4P1Q&9VJwtz@<%}#-1B?`hxxV`Q!4a9UAEHLOIC8SzM6jJ<51J2 za|vxzxRM*Fheujb)o~*h0M$RaO)i+D@bs%KgX)OC_i6aRDrD-1gx1?1K z@x{+L<2-0!m2sYirUdoO$g3xyQ>dFh#mmeC2Y?iuTaXH#|A=}UO;{|AQAm_7gWRwzTI6Z2R$|! z`&&jf!dOG<-FntmJ)0_|y`)Ato8>#hc|yG2UJlQdE&E?NfCriI;89kFf(z&ii!Ieq zjf)mru4)a-*!@n5Vdhh>+TZuJ+%s78d0ZVVMrjWx@M6+gCFzxRKT^?>#%<{$h}MJ7 z*8X$=={8TLe*N%JV_(M+!%PC~NvFt$#kvXaOCXhw5@td^-8!QyG+Nc|pZ`n~Nc94Q zdx=W~|8EKB3~=j$h3@T(b=+eH4>)im(F1?6j9LJ~cN(8OhxjGDyMNC!x?t`_`5e)B zK<)v^lG)V`xtHQ)O8~js;4r9Xs}SbF3BXjHlj4AUmnTVrfj6ss0DJcZU2q!W$4m5t zgPOK83n4sOF7`SAz?(khcYN(^7(`1jwTl zo2dHv&I&ObUc#g1J+)B&N7266?-?ufd-JkhpF%!Eb2}49wM{{%ej|gprQ>t$&=KW< z=?SY)s{I|GZ=u28ONIq7)H^KcGlwN5&(?E%0z(0gMC1FG9R6S6@dym~;WzEGO#+s2 zPZCr}qWrh4y92m)W6+NE!c3rgfSHnI1?|iI5r7@vO-0oG$G#$fns#Sz+spkgZlDM5 zOhNyG$TC2=eE$E__`8S96$bs)oaEYn!3Ly7@8qz~@S+P|Y{VYVk_O(BOB>1Ohfm$k zBs=m}Y-#P#+*s*_rV;GE7+r`l)E;sI6tjZ>7-se`P2-6X!p;(``+$b0Z_3phQBnWe z^BV@rj~@Bsn7W$>90+@Ju(&mQ9mw2+t%R0d&g-k4+juN?Gt?OBCBFl8 z6%wk+UbFEH^{c%^BZtRvP3g3bV%z>M5pmI}_2HBn)I-;^KsPapIEaC-XCc#bWa z`bB_z;_+FaCLtXiZ!{gIdx0+E&Js3(JKbB|?nke&F?x}N>%gf$5vQSir}~H-vjcd~ zI`$zm3mpkm@E#_}3o_L7`>g$IT-BycxN+QbO$ftn9Lfm=uaE2uc-QfrK;jxS*MrNa zgW6-tFL08jJO|^2O-S?gw#a>x3%vkl(hEevoSq7Y>FHv-haAVSt{jzLOCnkK3UJ+6 zBQ+$84h9fH_>0J^8cirIU)B9&hn(Lm)K~HfIlYlCD8zjIu!FK|fOXThC ze3pj+XFAt5w3&Rb-dG9>nr?fvhYp`X_M;Z&=5bLZys0mP=NNxZ0z(8ZOH3=tST_R5 zkIyfEMuF-e932H!IEJ}*EjaE|`)OB0Tgr_3siQsx-jI+TtQ^!`zk6ptK}eNGmB2W0 z+F=@9#ipKJoR`-T#2vd$WRAT;Ej_h84^>EOW5KMxId|Z$s@mXwcZZIOhDvvqhilpW z>Tu=z&(H}_zx#SYkatUqM+_BChI;B3+vfPl6af_#dL+&R1qQsAMMOB!ugQLll6xon zU*M(*D}~4Q>AYq+OP$j6SuO{l(AAuV#g6KI=kvzHkKM?;?XQ(*iZPTIj{h{MObA$X zu5V)MUX7#xX`s%HxjsMUF6tpeId4B&O@@^zC2Xd+eb6(!ZEWH8r2awOJrV!q?5KQ= z(@KE*DSHELV#G?r4do%n$GtNmCC$fQuq>3Nl18C)p}@Ba8D~aNxu^~RtKmZ9&B!Zv z2!7fZ`Y6<}8iM1eK!v+~a_&GK1RD2YFwcbT#JL+42Dv7X_4*+J@dvBYn~R1bk}Z zvG}A*#lW=LOyfAqJEpq3!GyI0Z6roas*-Y42hkR{RXYZ=dmp@0Vs_Db-3<)%$Jgkk8Q606N7fyAI?m)uNcPr+jjYLkDhS16mWEjOt!&Yd7*3Dlg z;nwC3a0442Pg7EM@tm}nO?h$88LH#sjev9m5+K7VXVcTX`Br=&rDe=-+wmVb8Dkntxi2Np_T0d_-0uQa&Kuv6kHUp6i9%jEETXaBMntIP8a@*p|Q^s$N|iB`bH? zeu=oyW*Vt9)m5*1q_o6r-{6W^WV1CxDz-&Vp4RmuJ?c;yeP>;*ThiJNa)2x0{SIWK z|IMUEq7hD^3w_?UL5e}?U8w?s z^xm7)AWcC)q)P`WhAxCE@NGbz=llDc`QDj#CX<<+J=yHpJ?G?i-S@S30F;cxG~s=M zZn*JK+bY28PP58X;Y6nsGEU^8E$i_=(~Fh2y3Hm@+b&per%q zpp;osf`O%IgEZYk)&?0ClA7J4hPB?(GqC{|6l5 zBf{}x&vx7c-5Yt71ai{io^AVewO0yYq5IxR1p4IJD;&=QJg{CC5$DT-I7w-pU;D@F z00-6TlzoJ?1AO*c5Q_JYR&emq^ukv~e7&s+z)sp7oqrT9X8^EeM_^pg_4a=rxxc!7 zpV75j$Roj5C;AFA5MZNQcAccxY)lTYafO97BYK;722;O$Dr*+3M>-P~8u(KOmYw;| zKoR}LIM{GbS(l3B77Hx@b3eMetqGl_jsh3@?~@D&FW#wFoh+9JD8)qUbL%dN5~C(V zzvN7nHtC`Vn&dxg?Stt|i4cLTj(jddYWu&3K0zFfYn|sLWVUjD~PyqLuVVc(`o}dwI*L%WWy1&R{XR7y%8M$KV+A0}M z?-g<1sDU{~2*q56$!ZlW`cJr%4|TJ8D(1c$~V%A~!IJWd|gIFFKs5d4mE zc5sWwd3HG9%&%qG6mf2}p4O4TxO{G^UDzGe*VnguN+0pPz_PCHjTNzai#(;Adu(13sOy!^@5R59~;a=nH$Q;l)Hs+Jmq_h0EJ zy2ZCccVBD6teRg>N#h>7oSrrCY1;sl#eLxmdC)Rp@j+=BG@$f@e=4@(Jpea=QA zL-zjZtv7>&a5H3@(IU zydDft@>az1@o?0T{)R@%jYm6c85uJY=vwZSJH7v}a)rZ--O*Pvjr$G7j3a?QvL^wZ(WvPJ~J3FZA#cv06HnVHe z0H!55;Z1ru7->LfbsXNc**@R`mq9|G(JF&a0+Hao=05_FW=N_TGt((XZf@4+WR_n? zfhl;KMK3tyYVk9}_!DijWZK(ZOpCq$o8b7J-SY%w(IKzM0CSgeLsum1auLe(2ZYMlpuc75)y#*+0=n;(WWuAX)&&{BF;Ug#23+Xg zF~BL&H4WM|ZQfnAMzRCT%-IIT*grXb3#}5D^tKb-*5)+6P%nstq=>%DsBK?2Q^$C|;WfNuA8DV>Xx-&w@e^Y{ za0wocXE6<|;$(8e!3ggjP-&`?JQuPxx(2r1N@Q>o7*y2627qjvq7e&-Ki!^h6~6ye zw#wv~PfLHR>4xK3v;>Yp6IH_@S!PkM*U1Updk9X+^nA&(qfl^=Kj_%Cx~Bp zfL|d!_sq$UyCvAbGWG@Yz0i%u`}jYmHV1C{XJ9+c-3&!>1uTZEgDT~)J#Vu0V<^!t z)QpgqV%l+)8)~Wys%UlnlyBdp zUX>_4tem^?au05zXWodwG%=+SyJLkOvkXQ!p@?Y|NriG40>pjePLE5zgrm99Enf*L z$_wW2mBI`it!;zYW`8N44r}1fKbx=gN(m9B6!No|xSEzdi}RsrQOS~V z1|;wk(OUj9oIGC4SsfHv_{WK>Bm8>QpN3wX;mctP ziw=7;Gunimx=HLD)N5KMp1Jtz^ynOSwfv>xJ0`O8zq1lD_neUIbdhQCZ{Q+RNB8Gt zXV#KnNvF(HC5tSQziev091XY95ynQ1@MAuJiZki%5`)P423;>?=#$%M)}|D1i_@HTdQ$U*oe)@mImYH-U zv5cBjiNYqDw{}uU78zTji1W!fv+4|SgTYX>$L{!L1oh!x!u0GLW@%@#xZIP^dmTnQ zzbpiBWu5gvh2NxRm8i2KnKZkJ{}e?b?wL!(@CMp}yQ#-0j&#D7mM`20UuXDI#ug&E zJ!ExmGhXbevc4^9RVD%vBA2D=oVuVCyG}zB;_-i1pRlfkhY&EUn^lHO7E6TAQ>?XtHr_o^h+@Z4@BKeQYcv zDEqQ7^)P@Wctd;dk0(M5DXt^zNH@IEo#*()Trd)vMKm$MvmpY~Fx-KAwJJ=y{pn*1o5o z00i7I1(ojozF+P>EuMe>;&3=kevo<8)h)3~zn+uJlsriKwAH=9@Qoh1w)6DXH#-93 zfZYfkSXb4vl9I>vO^l7{MmJM+PjVg8ysaC&^WLi`KKB*Bvo)yaz35qBbs;kTyZ(GG z&wIbDyRI%<cZ%2zgGt4)zQB8`Ctbc!JVmo_Xb#RRGxTW!S?H$e_~&Q= zLBOiC7?|Mka{+OC@P?Jrr`1T0ZiWlg?+ue_)FF0yM6R{Ul2h(*c^ma4QkKCI>Q>~Jo$INy~x)JA4PX|x9aWB zDN}yxqrp_pe))kQ1A%xKoVuKZJD`+{t$d{8x0shn?Po|#5};-Xpc(nAMrF!Nr}^ug zR;aBC%x=k}5g~K-PHdl1T%+f4wQCffIyIGMLYLZNr;$kuZo`(zYU^M60e?6qoaLw(PE%<2SZLO@2 zwXK`DaM;G>_=n&zHN01CGN!ly4EwYCcT`$6Z08)OjApQGUd<=~6)RSs{Dm%^7Nh2$ zYYd(Y6mlH@vdB`o^6L(RcQBAoYR3Kk1I70FGR0f~g14rRhMS|5l`-Pj=B?soeuP*b zqtO;Elh7o!JGt%j&tyi6j#7YNbXO@T1{r{yma69_9j-V_0?09y-dvMnxm3S$z5t|k z+qG4XULDLs4$!pN-@R3?8XuvdY|!7X_=;zcuYejV*HA5ov5PKmnQ=Ctf0c_EL8q%| z=ekbQOMwDpX!gAc(4oYu0r{&WL?@c>d=DgzuhQ09=uDW$jr5Rz1$Z6< zjgL0G>fT?WBq5F%ay}V#5bK_pxR7eDzB8335T5`Uo${%IvJgkgJ$zU}>Tz#d<+*-E z5$Db}*tMkib{&cM@GbE)?0DjE)Hld*BwemTk7gA!i1`-VQu1pZH;eLLYXvac@wZv) z$QyU2d*(P1iRlR*)2vcbxEr!?txlVZ7;+!n+yu8AjgL!V?`d*v^peH0Nx4LI=Q*vl zUO4a5gd~~9c7D#C|0!m5rM#PQN@fk<^!W)df}W34pjCA^0mr`($Ven2ezH0EC!_L^ zhxQ^(S^990J$fJ`L_ucqe(t-3xobXm7i6xpB%#37duU+@{RgyF2f~PtM6} zPJU33UPBB}L6jfvbG|axGO*bef2~LWfj|0XD%q_DI zL@3rg`UlNE_dM^n7nqTZa3DEU=os5Sa#ErsZlak{vd= zeiYl{%Z#k`RD5~W%x=tIckPnW(%{APvmtF`@yyy$>``Gs!ppcdG!!rnaQBhF5E<&dHS=mbpD6tVDk+-|^qGWNA4F_b zB2Tmbct|ewfl2%~DoFRY6C<6QIQh?;nEo!65HufIG9Iiz78)!I@9WLI;L)dlF1~>v zb(+?P)BE$b>!)U9HE;dZ@RcZ}?7(Kpb~nbh1>f)B4M@z&so{~Wgaio>mwiSm(tq5J z8_aa;!QYU#?e$U4oUeX`O68c=R)u z&B5B5+#%tBIE2c!b#FU`Qdo*?FDWV8Fk3;&$5bR*|8rX2N>J4PYLr?JhjI>dw^tyv zqRrJfnl5V$H}J1l=RD~&%#H26sM-(Fn-uBs(Od&6L~psOhK`%aE&GaGfJ{g5rg}zq z>!v%?OSwc%3>11+)4?!`iH$M!%gPb%+Y}E=`rKlK5GX5wTCDZ*gx904u*a;QMP=WG z3fDi!(U15>^I|^^JFd-xge5H+6Pf~y^~9G+&c%Wlb7%U2_*)aN zDP-@zk*BI5GJBU>G6|M$TQ@B%+oW-LpeOzZZ~7)okV5}L6V&MZ{ah;^W0#+$24(aEM$5M)TRlHs|KEAHV&vdlJUSFCK}0n zcOd3xMDdBF3!g4z!s3{fv)q=tlSN%VP*bTWWXSk^&(wBg$rVz_xaftTw~50f%bjX+2))RMS`}`VCxL%Q zqQreZ=qa4Ok=J21>1*WjUq$XFqqONYXvb;83Z41<^4vjsZT@F~FEUUmiu!kN7;35* z!n>Jq)>Hm;hDn~g?!BoO*=n3BV6uMtJNVM0%?0;r<@iCqu4iYPX>|`J!fBISI;jg^ zryuOlL{$;EKnjB2+T0mUzWc-NBZ*06IQ`4w8@zJ~OX)($!(z_9isvh)6V)#z^B!kJ zYxiWl*%q}!diJNUo3)rMQy0f4^!Fw4Du)o##-^r5NGndEpj=cR@|fXISz=?8%yR}@ zR!!p2P7toaTXldFBxdv34{WL|gwAYIxwYmw9W@vzbQw1?i*t*OfMXk_k|8NAg2o@cllYS*_COkGVz|n*!atnqO7stwyQBTERez_C z;Mu0EWUZY*J1f>0=1&P?q8meM6U*#3D-tggk1?e33ct{##WUVWrK{XpVTt3LgfcU{ zs0c6qmrLi0%~FN!z*6jjb@BJ!tO38%14da{`XsXhBJkW0c4?z|=&zdYqEA4m!78J# zK$hZ3VfCzM z2>yt!-%Lt*q94tJ*#X7&W!$@G0J#m#g#g}3 z1!0hPu2t3h@=`T7*?PO?6@J#jAV*6)EYTv#lmtojaqeH(G7K-gB!62>LY;E{ zT)@%+#Pwj`+6&jdzo+jZ^zY@nOl!O#iH(8Lh$m;Qt9BjItpZLL!i|K;;#f47S@doQ zpi+bnvk2$bpzI?(y6;Q7gCrPSPQ^s<2opP#>A~d%b7x;xJDk%UG;|;1URptz8stx0 zYrboW?h42L=MfUQ>AUlXu%&ZSh8tI`{FDhHKJygGJ$B{jWGDjqo85S7;C;OtKsF0|DQhW^9Zr7xJx?YGh$f#6MXw*o=l$sCw_@@_olMsr!bW#o1w&-pQtGO&r z-*1$|OF3*!qpPqeg;`@ey7Oy0^R7C=_+FG>s={=Zqpgs%NQ8yJ<=6reoRBLU_JzwT z^8Hi;eB$eq)Qb!A)I3dYF8mFOuae@P-H*wi3H6wQ6LWR~8B2c^4z}}5NS@N^nfkeK zFkt1pB8|n!MGOdHTi~n@e9~-OH+M~M&Z>>ZxZX*WkC1lpo#LMI&yb+0QRnOVn4^WK z0z&Ub$aBTcCND7r%VP)4kEkYj@BFB&rdsMlc_iz91djVe4o?N%qdmX8EPPI#N+|yK zUIufFX@$lNj9EQaz!thR>^=1%qdX?NthMmE`2+ZB2E@nmjF40MhZvbYpAgRimiP-% zasXtgl4IW6uep z?V2~|s`MW0(ySJ0y5D@%mcpv*qu5OoUwzkj;9A|a&u8}5xw4I*%>>LGlSq?C!y|QD zMw#bct_nN!iICdm)p+pf6I4HLy2UzB*-u`b{w=n{o%>)C zve%{dH4JOT@7KxnTQl_SL7(Zl7O4JX?qqu*sp_Q5@)&iuk?G`9t6(|>eFmST+$7SZ zuC40s4IS|2$c|X9Pmud35H`iTg)fhO&iZPr$S%tyZ+MLaH*aYE=N=N>ukcEKN{2^x zi|=+K%`cE42lJuIfC;ymV{m!Xihm1%(6k$l{lRf|(Yus&?y{6hp7QtEYk8kU&7X0Z zQmhlPZA|SR))dCcz9m)vcPYi5SO~;PxA)z&rvPI639gwmd4bp~f^Pt!2ve^+Au4>e zikrBleuKuCR4FBxU@1s)s^{fK{{(LFF*Nv?G_^ajHy!)#)UciP;2!O=hVa!bLQp^u zw6+(lcE;1=_=b_$IuT5UmA$Hk;AbD0d6RR}kh4{t>*IZEDBj?5%R~qQ+FVdY-sVu3 zJOn?6Vzv1wkyd@I7ko@OyG_2A35mTL!@jgwpG9Q;1|9gp34#c@|2!_QmfXxDrR_pV zeP1hu4wA*C@D#je6!@FIYt;7~*(Fqb{QUM}XoaS%b9a;n>8ZV3-1TI*iDm1Of`gqa zZ5%}qm+s1Z;|yt zyue`i`=IK7r-uyItS50X;TuNqUE|8%E44pg>m9#5u)X-&y;!5(_~At*dkJxX+oNpO zv0xhGU0S~OAXK}~nW3b$jdu3+2}$B<3gWEAp)K^Pm_GD|{L>QPO@p^I<;=Ng&7T^9+@iQ^JSt7~#tHZgs)yroMNBm>F ZhLa4FM+Y~g(f?wls;H?@_Ru2m{{RhYP|^SZ literal 0 HcmV?d00001 diff --git a/docs/class9/class9.rst b/docs/class9/class9.rst index 6966096c..c52d61f8 100644 --- a/docs/class9/class9.rst +++ b/docs/class9/class9.rst @@ -13,12 +13,19 @@ Objectives: .. image:: _static/00-marketecture.png :scale: 25% +Prerequisites: +-------------- + +- A workstation (laptop) with Internet connectivity and a modern web browser (Google Chrome recommended). +- Email from courses@notify.udf.f5.com confirming that you are registered to this UDF Course. +- Valid Microsoft Azure AD credentials (required for logging in to the **F5 Policy Supervisor** console). + Lab & Tasks: ------------ The next page (Introduction) will cover the lab environment, access, and lab variables. Launching the virtual lab environment requires an F5 Unified Demo Framework (UDF) account. -Login to the F5 **Policy Supervisor** console also requires an active F5 Distributed Cloud account. +Login to the F5 **Policy Supervisor** console requires a valid Microsoft account. Upon launching this virtual lab, students are provided an ephemeral F5 Distributed Cloud account that allows them to login to both F5 Distributed Cloud and F5 **Policy Supervisor** consoles. diff --git a/docs/class9/intro.rst b/docs/class9/intro.rst index 25850517..676a0c81 100644 --- a/docs/class9/intro.rst +++ b/docs/class9/intro.rst @@ -54,24 +54,31 @@ This is a multi-step process that will involve: | .. image:: _static/account-activated.png | | :width: 400px | +----------------------------------------------------------------------------------------------+ -| Click **Log in to continue** (https://udf.f5.com). | +| Browse to https://udf.f5.com | +----------------------------------------------------------------------------------------------+ | .. image:: _static/udf-login.png | | :width: 400px | +----------------------------------------------------------------------------------------------+ | Click on **Invited Users**. | | | -| You will now be prompted to set up MFA access to the lab environment (mandatory). | +| You will now be prompted to set up 2-step authentication to the lab environment (mandatory). | +----------------------------------------------------------------------------------------------+ | .. image:: _static/mfa-setup.png | | :width: 400px | +----------------------------------------------------------------------------------------------+ -| Click **Finish** to complete the account setup and click **-> LAUNCH** now. | -| (it takes several minutes for the lab virtual machines to deploy and start). | +| Follow the instructions and prompts to complete the account setup. | ++----------------------------------------------------------------------------------------------+ +| .. image:: _static/UDFJoinClass.png | +| :width: 800px | ++----------------------------------------------------------------------------------------------+ +| On the UDF LOBBY page, click **Join**. | +| Click **Continue Anyway** if prompted. | +----------------------------------------------------------------------------------------------+ | .. image:: _static/launch-course.png | | :width: 800px | +----------------------------------------------------------------------------------------------+ +| Click **-> LAUNCH** (it takes several minutes for the virtual machines to deploy and start.) | ++----------------------------------------------------------------------------------------------+ Task 3: Setup new credentials for the F5 Distributed Cloud Console ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -95,42 +102,43 @@ F5 Distributed Cloud Console. +----------------------------------------------------------------------------------------------+ | Locate the **Update Your Account** email sent to you from | -| *F5 Distributed Cloud * and click the **Update Password** button/link | -| in that email to set your credentials. | +| *F5 Distributed Cloud *. | +----------------------------------------------------------------------------------------------+ | .. image:: _static/updatepasswdemail.png | | :width: 800px | +----------------------------------------------------------------------------------------------+ +| Click the **Update Password** button/link in that email to set your credentials. | ++----------------------------------------------------------------------------------------------+ +| |PSUpdatePassword| | ++----------------------------------------------------------------------------------------------+ | Ensure you adhere to the password strength restrictions and make a mental note of these | | credentials as you will need them several times throughout this lab today. | | *For this exercise, feel free to use the same password that was configured for you on* | | *the two BIG-IP appliances of your UDF virtual lab environment* (**Canada123!**). | -+----------------------------------------------------------------------------------------------+ -| |PSUpdatePassword| | -+----------------------------------------------------------------------------------------------+ +| Click **Submit**. | | Once you've set your new password (*including 1 upper, 1 lower and 1 special character*), | -| you will be prompted to **Log In** (click the button to login): | +| you will be prompted to **Log In**. | +----------------------------------------------------------------------------------------------+ | .. image:: _static/PSPasswordUpdated.png | | :width: 800px | +----------------------------------------------------------------------------------------------+ -| In the domain field, enter: **f5-xc-lab-mcn**, click **Next** and sign in with your email | -| address and password you've just set (i.e, **Canada123!**), and proceed to accepting the | -| Terms and Conditions. | +| Click the **Log In** button. | +----------------------------------------------------------------------------------------------+ | .. image:: _static/tenantlogin.png | | :width: 800px | +----------------------------------------------------------------------------------------------+ -| Put a checmark in the box and click to **Accept and Agree**. | +| In the domain field, enter: **f5-xc-lab-mcn** and click **Next**. | +----------------------------------------------------------------------------------------------+ -| .. image:: _static/PSTsandCs.png | +| .. image:: _static/tenantlogin2.png | | :width: 800px | +----------------------------------------------------------------------------------------------+ - -Optional: Logging into the F5 Distributed Cloud Console -------------------------------------------------------- - +| Sign in with your email address and password you've just set (i.e, **Canada123!**), | +| and proceed to accepting the Terms and Conditions page. | +----------------------------------------------------------------------------------------------+ +| .. image:: _static/PSTsandCs.png | +| :width: 800px | ++----------------------------------------------------------------------------------------------+ +| Put a checmark in the box and click to **Accept and Agree**. | | Upon the first successful login, you are prompted to select your *Persona*. | +----------------------------------------------------------------------------------------------+ | .. image:: _static/PSPersona.png | @@ -147,15 +155,18 @@ Optional: Logging into the F5 Distributed Cloud Console | You will be able to access all services, but making use of personas can focus your view on | | particular tasks that are relevant to your role. | | | -| *For informational purposes only:* You can change these settings at any time. | + +Optional: Logging into the F5 Distributed Cloud Console +------------------------------------------------------- + ++----------------------------------------------------------------------------------------------+ +| *For informational purposes only:* You can change your persona settings at any time. | +----------------------------------------------------------------------------------------------+ | .. image:: _static/intro1.png | | :width: 800px | +----------------------------------------------------------------------------------------------+ | Click on your *Account* icon in the top right of the screen and then click on | | **Account Settings**. | -| In the resulting window you can observe the **Work domains and skill level** section and | -| other administrative functions. | +----------------------------------------------------------------------------------------------+ | .. image:: _static/intro2.png | | :width: 800px | @@ -168,7 +179,7 @@ Optional: Logging into the F5 Distributed Cloud Console Task 4: Accessing the F5 **Policy Supervisor** Console ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The same credentials for the **f5-xc-lab-mcn** tenant in the F5 Distributed Cloud Console can -be used to access the F5 **Policy Supervisor** console if you don't already have access. +be used to access the F5 **Policy Supervisor** console. +----------------------------------------------------------------------------------------------+ | Browse to https://policysupervisor.io. | @@ -179,8 +190,9 @@ be used to access the F5 **Policy Supervisor** console if you don't already have +----------------------------------------------------------------------------------------------+ | |intro011| | +----------------------------------------------------------------------------------------------+ -| If prompted, click on **Work or shcool account** and proceed to login with the same | -| credentials configured in Task 3 above. | +| Follow the prompts to login with a valid Microsoft account. | +| click **User another account** if your existing account is not listed or if you wish to | +| create a new Microsoft account (follow the **Create one!** link) . | +----------------------------------------------------------------------------------------------+ | .. image:: _static/image9.png | | :width: 800px | @@ -214,7 +226,7 @@ be used to access the F5 **Policy Supervisor** console if you don't already have :width: 800px .. |intro010| image:: _static/PSLoginWindow.png :width: 800px -.. |intro011| image:: _static/AzureADLogin.png +.. |intro011| image:: _static/PSAzureLoginAddAccount.png :width: 800px .. |labbgn| image:: _static/labbgn.png :width: 800px diff --git a/docs/class9/lab1.rst b/docs/class9/lab1.rst index a8d8d917..33f6e218 100644 --- a/docs/class9/lab1.rst +++ b/docs/class9/lab1.rst @@ -86,19 +86,39 @@ The *SuperJumpHost* is pre-configured in your lab environment with permission to +---------------------------------------------------------------------------------------------------------------+ | |lab008| | +---------------------------------------------------------------------------------------------------------------+ -| 4. Set your working directory to */tmp* with this linux command: ``cd /tmp`` | +| 4. Set your working directory to */tmp* with the ``cd /tmp`` linux command. | +| | +| .. code-block:: bash | +| | +| cd /tmp | | | | 5. Use the URL copied at step 7 above to download the installer via the command line: | | ``wget <...insert URL from aboe Task 1 here...>`` | | | +| .. code-block:: bash | +| | +| wget <...insert URL from aboe Task 1 here...> | +| | | 6. After the download completes, rename the file with this linux command: | | ``mv download agent-installer`` | | | +| .. code-block:: bash | +| | +| mv download agent-installer | +| | | 7. Next, give the installer package execution rights to enable it to run: | | ``chmod +x ./agent-installer`` | | | +| .. code-block:: bash | +| | +| chmod +x ./agent-installer | +| | | 8. Run the agent installer by using the following command: | | ``./agent-installer`` | +| | +| .. code-block:: bash | +| | +| ./agent-installer | +---------------------------------------------------------------------------------------------------------------+ | |lab009| | +---------------------------------------------------------------------------------------------------------------+ diff --git a/docs/test.txt b/docs/test.txt deleted file mode 100644 index e69de29b..00000000 From 595d622a9670598cc0f8cb19dac7e8740f39867d Mon Sep 17 00:00:00 2001 From: Daniel Cayer Date: Tue, 16 Jan 2024 15:49:17 -0500 Subject: [PATCH 05/17] ignore 2hour docs --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 5367d1d8..fe2d7f94 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ terraform.tfstate* *.swp .virtualenv docs/_build +docs/2hour \ No newline at end of file From 824cf5403fe615a14b450e2108aae7a4c915fbe9 Mon Sep 17 00:00:00 2001 From: Daniel Cayer Date: Tue, 16 Jan 2024 16:24:42 -0500 Subject: [PATCH 06/17] draft edits --- .gitignore | 1 - docs/class9/_static/PSAddProvider.png | Bin 55215 -> 54163 bytes docs/class9/lab1.rst | 62 ++++++++++++++------------ 3 files changed, 33 insertions(+), 30 deletions(-) diff --git a/.gitignore b/.gitignore index fe2d7f94..5367d1d8 100644 --- a/.gitignore +++ b/.gitignore @@ -9,4 +9,3 @@ terraform.tfstate* *.swp .virtualenv docs/_build -docs/2hour \ No newline at end of file diff --git a/docs/class9/_static/PSAddProvider.png b/docs/class9/_static/PSAddProvider.png index 4e259b12b8915196df38ff82e7c912ef6527bfee..cb0bf92c5a0da993bd1f612eee5b326705798674 100644 GIT binary patch literal 54163 zcmb@tV{|4<)CL;cnb@{%PHfw@jR_{1*!IM>olK00ZBA_KzH`o*`M#^Q?vMMXvl`XA zcGd3c>Syo$RG5OCI6MqC3=j|yyrhJv5)cpw8xRnvIur!p%7k8(FAxw+wWWxNf~1HD zp@NgWnWc>>5RgPzQVOI>!ZOO2!;e`J;V)nXs9vZAsDe_zfIk%kl?0OtQW8M~hU;qT z^fnR_2bv10fBvKcOK3e1h&B-7D})a2s!O|6(?P%q=Dz89k;TE~e4aA0me%^P#$^s7 zXns{VL#qN#s2xuc0e5XWL_u07>H7r;i!v2NKbB@+Of(pn-1ua3f8BN*Cjp1OzxMs@ z;e)zNSg{HSD6EI`b1Kd7;3HBI1GthVK9C)x8Ao;k1>V68X1$3<0Hy%uL4zVb=0PIz z;I6pOcak^81u(+dM;}dWpb4=0`WtXd4cv5rK{u2+eP!$ zDe<{VC5^y6@~Q5s<9ZzPE1&KUz%uKs#A-XGE(sIDmZ!kJN)8;dGJ{{^b|7`_6QiyQS&cT4xXr;BS7@;m8lm zBTpOp1yf>ndE%O^VYeD*2N2Bjr@+LwKV=31$B)=yDl=DC)?Y#M;*MAh@rEa2NPY(?esQl_*mFrIPoegMls z7YDHXSl;5~6wu+MM@|V(*hb$DcieBm*5RuHUkqsvIO*%`@%@2%CButjAN0@zxodn0 z@@n%+{7UUZ=Eu>6><{4&x*0{#<4-mP-3DeI$P*y`jiLbg04W@5KR7G6Ke#?vJ6Nxe zhd8c8h?SxZB`6H~2i%U&4)qSY5$F|ZZP1bkE@_;E7O8bS1y$w`iv757i3|yENeYQY z$<6{q6S6wsIa2B2vEltazP;VOlfB|SqHvgj#2rBMp{Q;sttojZ=@QEm^+u6Y zldR-7(4XO^pqJ@X2h3CNNo5o2cjUp$>B?+k(m33ORST!9}&-0aGsJzTcSeaP? zTM0J`H=bD)&wHhE7BS7nP#MshpBrSG-q(Gjbw-a#>ZLY3Gj6Phn46!=nlqk1EK@Hf zP`;Syu}rnRWUXUeu)v*asl2ib+yFZVn+{GwJ*Lpfxztk@pA}aw(5zU_^_0FzK-Z=b zq*1ocQcGA6vF&I|x@SG(TG4L&Y1KVtc;xX5$|c+t;n&*iXV*#>64%2MyT#55o|58f zi~@@J)dF{|i?3ZFT`_(kerfNHZ+@Uf0Vx4Xx#L^Gy(~@K8Do=1>NP)WAmLo$gW&f= z=0naxM8ponn8d~+u_N)Zm7}-@O9xE{D+fWzA;^_w&{OBq)>sNton&TZIntZbx;R)k zB3QHy7fcq+t1Ks37#OQr{0)SfFPl#~bjk8bmIad-UbEU@*S5*j65G=v}1HFA*f zIl*1#{EGE@&s)vg&9k;MzSHmi_?rFpz%sX!`5Fqehj)QEwwgT-armRvTzd{6m4 zd~iz$EgToB6l@esC7ds=85%jPby}btbXuL?Xi#a9GMRElA5kVo7yqkau;-7{Z<|HP z#h+!$)9*=V_??7Iv_G*}sm*1VxKDRYTYtY8()clKtYwTM@lwGelCNXiO=ZUf4f0?Sn$1Im1W#~Jj>Cr=zhE+ZODwt?8+QZhMaVW z>_YN=9Px1R5>nZNDnl6p%r7u1@KBh*Fs(*^kBS^(Vb2)hB|3ACp|1>aJBL=lh;&H)@mKT1Xm~V?M7w zy{`-4A+X8xzx0N6H9Da*6YEM`Yp-_t20En!lTY=ebkkdJN15AA3&%F-W3)GvO4M5l zY7Rql368@PBTPPL(eSF-ydZz%KMvg|MbmIpzG~6Zc4-)?E9qT(CK=2RnzylO6$;QdV6O*w5=DG6@nM?ofKEt(;BCsrF5<{TK9i-D!#VGDaF~xX{YX^ zPUlFo(P}?(Huc)Cq~0tGnP|&UxAW`%+_L|ymQ#7RdfSv_^Kx7Nc*rv^G#|xg#=lbTIaId#|*j?Sa zQPkBYl%HoJaGG-Ae{X$V-HaHFZ^1XrrQtt(J9W@M-ail}vD+~iP;^^Vbr5_IO+qBD zrOm5_@L~3{T9qFnULIXapzWOL)p7aQj0#QxAulE0#hK(*R_v;F@-}-_Y@eOxR`h1` zYx(97YTQ1|J^m&jS1=IqK)GgJm(iVb0zadyzQ*6c1?Hv^|5Xa7yl8^zM!2@YQ!;u zBmT0d_3MWa`jjf;_4oA@0&%{sO_E=p@8ahKIo_~2Q#pwOY#v&xhg0qi0yQ5i^+!Lw za-?$*J1L))?|x1&(COhnj~!NzfnI@jR-06Jb?V)TolI0U%h_u~l0Xo2j`?xic0C3y zgsu~C5v=kL_2seD;%2l@pKG;R$v zca+a^_l+?B15^y^9W`chon!~3rW2LWi(haF?Tc*El0?LSIVrFxBV#*cZgeyZUWUK8 z*`1-{GOWUx!NtxeH+6BakHl%N_x84r);237xk zqmZ(Qq$FUkZ0uxeYUgZW?;_HyatuJue3mL2E*i2j+{X5{^oAz(MyB*0whq5VfOtK) z0f)AxE{232wl;Ro+#Y` z^q{kICi%CLKlO;3IvYD#I=EQc+Y$b**U-q`)rF6k__w0Jzkl0l>S6gmn(Una>lUDc z48KblnCKZ9{-4BLEY1F3#D16jEA~&n{#D2OyE1MCOAk{UO;Jl*fK>ratpk2!x+vF>qAH?-!cx$dqDY^RMPuzGp@m{&71|2g+uM2E-XGjk z9z0maPbcdlSn6NT{mc$KwJ$aP^(!7^a_1VKpuZ2WRPKZjO-9wY!k$Nsy0 zAs5UG!2tPlD%e6Om`ARYDdrXkCh_IpO&Go!7=`fPEx+T;I&0SM!p@A}N@N9Ir5$IS-5p{pAGxa4>UTJ^a76}Hy; zpkN+>LlGhxcG?zke$eT+Tg8hARm0;l{_7ou&r7A9Q~os9R^OLT@%1f#c*{?gG<^q6 zrKM;If^sm9Bb~B$=?sdM2|fFzoEf^e94`6@Bof;_E@=5 zBcB^3fh3Tu+fnQe0%GH|HHG!I+_sxan>sDBGxTz?s?jJ6oYw78zc80bpEf(I;oJ(og5go%DVgv?8AMe+jjgu+M@~$@0f3N%Z;)(^rhO zbUJOHFQe+nB1{s>&|sxn-JMQuk$2I@B3rF*?_)Y~B*VTh-?6_pK3gT8Zn!HEi+&@7 zEqX|7#Cb>?!pXf(_KCx|i%zc*eSh|D&*b<1ym+ zHlEy+xKxL~yTMXV_hpl?o5xrC`6ogeyLS>Ux04((Rd-e$nX_b?QY*NbsEC3qFZ;uP z#v!By7)OC+(a7t$MGuS1=d^=X6>(oy8)2kyj00Q?nk19k`LmVpYgW${8ZhEHxorsd zT^_WgUcR4um!Vx?J>9r*$j^zWj0cmCUY52;hJ1|COmLjr`%a9>u_;kDJ3f_c0skWp zpUX>4ECJWAkxIe}Z!3ibUuJ;resQR#XgAoDQ_Zb)e@OV{bPHwk`jUUWHk~2oI=MPu z^E6;@SN}L-_BkbX_CHu_bh@4+3pf~K;`MpdIA+5p{IC-+BG>J35n;FIsc1AA`*>92 z(b10Cudwfq)THd}%CTDrfQRD9PjrCEbGdYvJ)3C}`R_$GltvMVO zRml@$6#$_Ldob}R1r5d8X#FYSy%U?7P6j{Va;D*ok#4F$GD)L|1{FOsZCX9@*=p9Z z!DiD{Cj8SdZK)FJ+#Q|vQ=LHh;>A1&Jj(F`_0{NAB$P!ITmZRZAm{bXgRJT46uXly z7u06!i_#_2wg0qf1-b>J5?tU=ld8a2ZkKFBk?Gkwa%@muiJ8(*L}_mjXO7@oRe*JxzF|rz=Xf5+x+GTe~{u{BYCSO&XYtP)H$& z(NWk^Jvyg@6l;b|6)+x70X zlNUQPj_JGf+y{31?oAeDqIo6!(qQD8yKs=T!$s=Y$7$BK3*loIsUWq_Cfv1lq@Ol) z@QwKjYbApzAz5lcm~P_d4q8BZz3~vkO4^u0j`8NyJK{-KJ|eg>VQ{gFXZk3`gn#^m zHX`h69Oi$Yye(OjOBh*rR@Sk^qCu#frq|`AhL`N(1~xpcMP_hpQn4_jO>lABFGQ~` z35(|j^lsra#d^VBUL|PQza#I9#;W)2n3VhcCCj_JrEfAaY{l%c_yPpD$$FA)J4?gz8KSx482l;*B)bSI}twL4n}Zmz8()8*v0bSXSpYX(0~EC zBaEa)@$kFp>R#=2DK!1-yLqlc0-ZGVEN!Frg>)s@Xg}l+Y~lDtt;uD#cu_~wkyHCj zvQ{+6!;K{C2aANC0V3w$>8Qc^6!htDp$Rp}$6e|=T{x`T>^A(A{V~*UikJAeIv335XE0`V>5ipqF*3~vKf?#?ce+RX z`dPX9U^*5}a=km%T4#I6bjJJkkgi)aLRa9*BJdx$0Tb_`8JE9FtT75kyLlPCLuEPT z{|sw3J(7BQ9y_D6)oTY=IS7Sk0a2ybO~-OrIm=Hdru&E>sb}5FQL8&{T)8xj145phk2MZeu&YIxfh*WvN$+OWvT(f6HEL-Pje93N8E{^X-euRmP(|6i5 z63gD^Q9O#)(-|B_eb%fR9nM$0r=ov<^Moqxx;Zu`9iF+a{WS#D<^Fpmsp};9%Ifi%*rmY%T2>Sc#Y$8&#o{$es*dO1d-`=uvZDQ4Aa8Tk2xq}5=@Y(FZTRwhw=eA zu=rg$%>;R}>|%PmJfxmc%=SAt*a=Nm8yH}4%0KlQ8t?U=#JM0zeC{Pbd#cm98h~-G z^jTu|PMKf@M#l{;bC_XOX^>aT1=d_mw(AxeEZ;lnaN+eEE;2t(`Xh( zn9!{$)uGuHiW}*+I}YLY?rBW6Ari5e)&;K!Ku!)|U9+Wh6n0IelkfFg(2EP;T6^04 z2UP_vpgnX-dZCC@`H`%;a5#fkYn9o`KP@Co5aH+NA~6!JrxMwcn%}c}5x}xG*(j-| z`)g@lXn%Yqt!`Y)SUO+L54e3S%U-s#U@#y)nQLmo7d!KiF_vK6VKR0=qsXto9TOzX zH0rpRc2h=@ z8oTF8i?i@@$35r3o%?{nvj!wMFLH37Sc5Hy7|}(FscO%QSgRrP4XoZa^;~r_+~lWzq0i{n=gFX zmvM+`^F8ch(>h=Gr_^9wz&_vfFSz+0X>1OQ|7nBWIb%u zxw_lzf=Cl*sX)yg9_K8*-;b7orkVM+hV&0sl0Ih*hdNwc%lg8*y_>~vG{3JtUI=M_ha)&C(e;*JLMicDv|BTu zFw*YytBw|Ls|K&0niCZMK|L?-9vO$)J~*-=+fSzSFgB+sy4^6N;wUWSH_Ze zQeO)^;%wTarHqmQut%cO>hlDB)uxZ&Z;!!e@dmZhE0fW*74CHPhs=lfotJC2(1dSEbY}W;6PAu0x9J*&nJ5 z=zCx5gc=<~+OYK6-L##|?=&`ZODVI>XkB;I2tp6 z1=p`P8WU4jm5&%yC36nhGiqRJD>HxJnLuGF>gEnbBQkwd}cgYEPU3IOeBo{{nZ*t;pwC|&a}^rfu21Os*zuI1y^2YN8c}7q-g)G8ss0!iNL&w*QTk89q zIR+YlSHm1nTEgG9V}!1T0}+}myOETa|2}t+c3pTQ!FQ+4_Iz}mzUn1`PQO}Kb;qOB zCMs8|T^?*lQWa%N<1W>W4?ivN+ZF#P={94Ef_!U|~eaw2NMuIYl%K zWt!I72J?`(WmB^EHI4LpPL9o{r%X5+!mF=HiRJgIVo52?P)kC!aSM=}c(0SBripT# z&{%*QQ)a#0G@i2|Qs#SEnYK8N)EBi?1)SNv`LRZ*?S>n7YZ)(vGmpL|fE?*;+-Yw% zl1Ti+Cd$}GnU}dpzKFn05@mqR8wFQgy_=^#kdR#`>GNjhdiMhXH=Vwpp7J7;o3s9! z{CDvfYFBIY6qMvmaONz4Q#mNFTXm6TD!m^sFW__6WzWh`vI%p&mCfsR&CKO|U-pSE z_46BqlvE#BZPZS+&#uPfnQ(5U3i~F_(YF@In<_YbF8#sRH7)Ao5$l6qwvBFek)wJ4 zwuaYJ-M4loR5~0wfpY4~E^M-lWJH%Ikj+Y8-M3fF?|$6?hk;IjhUhrV3*!El!cV1y z3mdPfqCsRVRyJVv46qU$NIR5S^Xjny%~{Q0Ns10=uqg-xnojFw}3{`oRSjc#pSVRey##t@V;`cD;CD z@m(=cr3&PC)h;~ULTbM5cvP({0ial&AYQT6K%f?9>1<7RkNS}2<4v`HVUv_R5<~J_ ziIzq;o!{Ck1q%(n%!CR~PAR_%eUARnuK0&zy$}jZTX!OLvWS3zwi~8pvg4XZ7I)Jb zH?=@iDuaLZa-sb-Y_d%`afa#y;>!pc z87{Hll;yNtu*q1alE5tl+>_gl)*Rf zLNJK$kw@`I8R`J{8cete`O@G$_bMjPy4K-+oLLTf8i_j+Nyi`XQW4H=lZOLkk0cCo zAP}9*i?~0Z&P(NvQghg?Cq3{Vn?I+6EsC4#jEC#neCfCEu1*TcK};46+xfLgyg}Xl z?w6i6zs%OG(y8OK2O_-6PjqA}M9YqVoPLPyabZELmoxY(d^lC0 z(!|)!7a%Gf!upLN0SoiX)q%#S6lxv!JZK?Z&_(;T`EHg+aTWR${Ym`}`oc07WYea_ zP!~6O7%J^Yi>>C!6x13%uh+mtzvc|Tr5(avNBCoR4BV95(eL&*bPx7(t{TwXNc>S# zLhIH3SoI3mhZDK@zozf*%ylHseFZL-?bH1%*+;dzgI+3oLZ#D) z_IrcGpG_sx78(nM((Eecmuz>RAKy>pZ(U=Yk7#W+eRUG=B+JS$$cHW+JDHt)4mndm z;IBEXH8lBHl%>S)c%9K+=ie-UAx@aov<>ZMgMaPG^~-?<6Uu?xFkq-(0hz`xe6M4( zeTiriFebQ{U#d?cjnu`PTg{}iJ^yKQEMzIVJQvfGOs&N&Z}%**?FsHugGGI@*Qf9>>2!3y=G zn4Ie=%EXx9JQ+Nh1Kx}bZ|q_(*964IeEFv^!0raimMQ5{H!hZp1JCl!f^M6xE@qPj zR=a*NFDx~xer#!Hc*Ul@^j@*CXt7UWB#H>)NUNTG|4DZ52)~_4Eri_uyd?E&YW30m z{#7*tMPuA|=zgvJVX8?&7qNvsQsKLl`Rd;0`*i!@6Tjc}_c$BtX}@6EG?@wCOq|C8 zOd(5L+lekrGi46`_4C{+ibUv<#(XeV?S1Y|%+Q%l1EsoAY4UI5iVcmnGq>HYUJkyZ zhlcic*hty&MBjcLFcd z3ooHqgH`WmIEP)b#nWzUj(mY%=Znb;x)W*>QdZ{rbqEl2fa2$g(a4DFyYfbOz=UvA#XPg2yoS34}zZ8)6jU9p~`5VLyWciFKZ)Y^eGz< z-_sTjL93dH@hpN{ zqQ@6J<8t|l5@_ku^Ue~WpUk&okG#ImGKRqA{3-&s0di_|KD9G2U_2m-$s~wZbF^biLwe9WK3eML@M)%X~*8HsB7Vj-8zt@SpCkce$kLGui$ey>C;8nQmZpH`vzGE zt_-h)fn_XWaQ>wQ4Tg-G=K?Nja@3XUmW5?%94NX1?*mb&A~VIZR_7QriJyxmwF)2d z7DCJlwDyI~ywX*|e#axdHnZMC_Ewk>cWQtkAW%usRBc&PTV};Wk2B8!fg^Z}Z;`P= zZ*GofLdxcswR+A5K^)o^tdX&TX)$@0!GrKCoxej`8@L!2uAJBJ`7-^!ZN4@p%`bzF z+zoy|Bm3_(B;OVyo39t2vJz>M#J%pb$Yb#NrtLo%ONq8#UV5Exo1Cgt9wG&!sECu_ z>P5bbg;mJ(aJg{5-X|K@vP<`vm<8`i?pj7A*AmdEu^QhbUF22;%#U_cG|n&!dfR{r zn6mfVZ$eF;OA;BjtFD`CbCjE@6jzg_@*%BlW6x}6c@j1vr`K6<$bC_$4=x0U{F4u?XJ<}NgOXy6=w52=`p!txpMg-zSMsGRQ{MW<58u!=xf<- z^2o`jvY5-(aLPGam1Ujsx^>%XmMB@&5E0aET{h7?wbTZKkr;;iAR76t&w0pe(?N9* zXSZ|kRi#sk=xFwiq%hi=vYi8NmR&Ftjzl!JCp4+n|7;NNO@ZnDDk_79p1**|r@$_< zhJ&OB#c^Ctq%ZCuxIagM ztkz2uPj4_y*N^Nas_^plhAz}oOK!g5pa=5!x>WpJ=6|isd~@4EGypqc3q1iP=i&vc zAktgIJcymcPJ$h4gbuxGp*K}P9{aZ60$cDG%> zSuD&h0r7bS^+)xdw54OxHO(|*qFeHb*Dy-iq&@Y;R3)2Xdjy33fkb;WF!0@3g{S;h z7{E6jgMM?Wi*UgkMTRPb3dNPXo#JaSonAVw|CpHe`adH`k)umQd13jcSBs-5>%$M! zA1B%q@JZfk?lPW0dNbk`Ni&`wChv`C;{gs_oFYhvts;=2Fo3_@=5g7puv`&exvj<9 zUpPvub3Rj`^C7&d>e%b=9(;V$z8TMKmV5D~&sr5nD4~KOm;D$@KUH3x zylBDyCEVMQcB>uR9y(dxQD?}|2%&?NdO-w;cyeR=QB1{C-o#XFx(JHFSy@il*&Pn2 zOG);}G*$;(nL$&?Em@RzThO>Z#`>pwe|Bx?n{Zvp=i^mt{I9*FKkyamVaDg!x^!xQ9r z8aAtL0eJvO^fB!U*CEfbePK`XAR@$aZM#`Tgw~Gq3%H1#mqfcs`Jslpwtc*CF=^4! z@2+6FO_E=-yVC9SRU?IqPpjPDbZmd#5PAU!5wet#Ldfrqy?S0)P2ZN4mczkZRv@)s` zH-jCcws$T$42jY$5I5N#TrW+*R$8<8k~ZWB3ZfQGTnR202gRtbt9GZoNnB~VRnQ^7 zF6d}1jMMdY#bJF-v+BW9QYog~c+R>q_uey2Bhq!y3nMCKYN!~hm~!=|m^EWnvMsz^ zA=bPli$=oY2gtPgyuM4%TZNlkxppueEuCDlMITOb;L>l?hHi%&zyfm?wK3uJ*79*; zgrtG__E3h~TA4(&1M4uYe6MUHhj*nH!=My^c?-eR@fYzr>nU)Qu}s`zjj*20+L9x{ zYvnA*5XstRMSzDR&p+8PuOn4CAXV=ddP_2cv`O?2U+@r|4a+Ni^wpfun5yU-!OFKj zo})ZJo#I9ynN+|hiE*gf>UbXdo&xggL~nPhPv+gWuxlFUKpz(gp+3Rvm2Q8IZx{-Y zWSi@wksA;mW6VQiS; zxVgh}jK~)bigVxUKGu1ZY8kIe=C?Vg_%Jr=D z9PM%gKCV(cSAt7k74~M6MdpTQ*d`IsY;+vD(NZg6lFoA3Tw5Tnw102~?Dwo+8s~^< z-I%#z587KF|GJ;CpQ7cfzyTq9F88r5`1xh?R)z9>A;#LHz^gX&U>3XWKAScz5o;3j z>P0h1%1a6)lJRz6t6mu1=Cb=^MHP`rt{Q&_e6(pXKLWRriJ%OUb|V+pHYu9I`gTig z6bw!CI?;mW=!R`JFv2wz&t}${!hJR$D-krkV0=NM6E8ddLT@Pr@1&pqG!Jy{>x!&o z@2I6}De3A_97oO^%?WM$t+L33Ba2*Cd6*sOK^qi39L|#PY7}fqo3fcbZ6$ZK%1Xf? zJvgWN-Pg}}3tmLq{K!ZU)RU7x=T(7Z`i|FKG=70sSXHrSS zS0{{ix>!S@$r=q22>5%JMpPtQleB?{vOrE#CpR}?$ zpULJH<+22Qj{T)uEhd_PQphv4t(!FtkUv3sbmO!R6`5Zln8s^*q}!e7O!K0WC_OjC zRQ$Ht#6&0PpaTHzhL3z=X~O;6v|y^}3>BCM9R?%aTB#b3i|Cg3!egOrmp-X{r4fF4 zKkkxRw+^3IjyK+Y%|l_>>035oCc%Ar!%I%E9vT?hqZ8r;8fO+gYLdE#kyyl7d!3;k zAgy~CZ>jQmejR}__QCu_hH~5uZDcDhtT{lm!V&4s;DDJ6AaBecJ|cMq`x!iVeQywANkkbeZ=B zv^qZ~$XG8k+WFWP$G&ZfuocH4L6szj)H2@V9Nm*lUt?}tgX-DVb-`I?2q*E54)dtG zf3a3i{l$alN5&_7%*jAw@5_Z?Pg_R$i4zD5IlFS}Pl1v3|As0QIG!Ot7~LmgD0hF) zBDuIAud@8sHxb!La9WJ7et{^0Akv+$i0oD-VO$uqV~Mf$+a1D52!tl8*iy_IT910Uw%QzL1;vQhAWBNd%xcENIQstWJ(%r#W>0 z=rHmiaz(rJ5#(l-&V%oLQ)7iJto2bg!+9Od7J$86-(JY$1GY;<#1M|cc{4#rAq?OU z?4h3P2sqX>|mWNVhHsG!bd;M+WPs z@yWhWVKVLmfkFq90b5!1#gm^9|IG?v0_V7Xy2oU~PyNFJ>!AUpe6B`k`^4h@aHWD1 z0aUM86l1?XX(8ZhKzeDAMjjUD^Pe0Pk`f@lBrFyA^fyz~5&vZo{)oT8EbWI;WNOK| zETl|9Fx6>Ptc)xhL3~($q|^2j4r;m~Ucz{q5@#0YR2-4nwM!-tk|!fDIy!U%#GJ26 zrBn3LI*X|UIaNZp&e!$ypUdnE*nQl*sZ;b0SyeY?>@u>^uGwqwocs$*waLBAFsYQ& zD;P2rUr$&}!@=B8A&i`A>JO_Vn`leNMT}6mY3sintuf8FvgMv>l=U(hKp3khfN&q| z^Z%2~>L~~7kSgf~tt!z9#DnFI#(aD#uY}*llwpfP%h)YND?qj@1D~lGrBjm`_;i*B ztw95Y=t!%Bi4J_S8=2jp!tiKbVT*=-2cZtRFi)*mSbw_CsiRcrq58|gL4vu6(B%8BbY`TD!S)P(^cMJU@%@5=_! zhvpn6Y#L_cZRLOSj{%D$1|Kj_UarBKRJ@Nh8`FUUAIG1m`zv+`sYlc3qOy11enm4m z*?o{&F4WZdr3{;| z8vC5{R)P`ZvY=K`6fr+~vPe%hin-MaWeb?W>UhJ0;;DrThz8@H&-FV64OaGJL zQMLMo+45O{S+(*TzRHsKR^m*FPBP~7n`x_Q7HY*wz2%8vWiQic^>U58weCX2rn%_R z1sl%8awTZ6M8!?8_40hWK-S6vdo_=a_oG5?ZU5*$oDwJ|;A&*6nvkIi&yzy+!{_4( zzHC~pu8ArZmV=6E8ZzU6%A#XrE1in_td1oaVG$O})Kt38RrCQ4UtYa|>MoTP+sd0&(zWWzJtxh98}338RVqWik5YFdfz$^eB~QD_^Ud8q-7YG`2c(x_vtT6#OEsL7=A z=J`N3I@8*==%@~}&ujnk5GR0JsSI#RX4nO#2XP(tp#NZGaZ?_asYPNG5(ESSBzpDZkc(Nr z(gcP@SjV(X>-oX$spg3A%sEb8_KweLM}I~Q8cB>%MqPsqi{=#&1Gm@@%4OEtrvpUp z3*^!yj(whk^q}V{7ljHxn9cI`)RjYr!titnjN`PZ&=CD9ZX*=*=2IA&Z%PMhQ}vgz z*Y}67Zj|b!48!p0!c|^!WA4ucHE&HXho4qdlsY8T@M2WmYc=pez{bqZLafgqW_t6s z4+TydVqb%%z$V0>S?~E-#qcy3N~*LpmzjD_U5+k4t&0yeEG{=^i<|Eg#lG_U2X$>Y zOwg&*ENrxRs+)fmkS*O=HmyXFLnb`6RW1+bu-Ewhm zVxLP?+1IUZ4_P;^5iwERW zq{4`o$2FkPSSVbW)r)OsJtN^>n`-A&&qM{iBUFBsu)=xYUEi=J3M!UqAoM!j-dQEh zdFHxmma-ycsKd=5RDF{vZ9v^b$Sk}e!n422_`o-*vVyOlyh^|*Y^y2`UU;2TM$}g? zN9q?hzI4wSX-|SVZtCN(%%7pGR6U4mC>=X;>p3*pxnyv84t1559`u>m-?R+{w-tN& zSoacTVaIJ0r`n7K@RUyKs@}6WT_ph|!`uWSLZOytV=ec9{wm`ynuu}@0G1F-0zRJ~ zwfi|g>6(}7$*HFD*xFZ|Mrf3;xxT+?ur5z^(Kc&N5GAER5|*Vdk7L#`~IdC z(Qr|CuchQs7R50UH!;>P35cUBji8?Q+6^X`kl0hjak}{D|B^d`BfqFav3bD0JCC3P zh_DHEd>eK*`*IA{rOj-KIa&>nY_MBrco0)-<`v)p|M?ae!k-TJ%cbcZA^pllT$-5JXjKQlTeV zIrmR)Eo}pXOu{d?N(3Q?0QZAM#_!){Eqv$B~ zHD0w%0-Nm^T6mU=%?nys`$kMv2R%Tn(CyCXxlM>1ijd{7%A0B~ag>DbMGlqIQsi4e zG92*cCSrDeGZCX2b&9_I?k02LSr|51-4SV&^OF0POh7F7StfFPd7PUX#kEH5cPzrk=5Mr0Zx4{ zs3}}RAhP+}AdXW`6~Pf@Dq5Y1R4GB*0xv^)L4K8PH_3G31w6ja0uqBAoKSi>5IjUM zhlO4RFh913g&u$ub<0p&6l(GU$bN(y>PsRqG%-(`#zkVqOHZC!o|b*l9Ke1}JQ#$! z%n3tdX{#;o#!Fiz>skU9;e5m1u7^k}01#4`eJ8EX^o@V)@|Z#Zr8vEeT=-mmLd-O7Na3h7 z$_D^e45jU&-_g`FUsknCSmsR2JQCk0yvZK|w{``)SJgKh-Bv`*mIw0VoR6+T+MrP} z$bdmYUKun+jP>*=`wtY{;s>rqvbr36?fsBCYIe>)LIT+$2%M&Btt+0NenD8`Y24{e zm4PNsEe8X(|CI^~mW~g`TY!MiUwkZE{*d+7zgm9A*(e7!S>Nm z=j*ngZv@tn)bHtPut_eK=*IkY0VExjH#js>%b>^*G(Gco2qxO5bizYA$t<%Ln21HV4VTKW2{f_QX-A07B|Q0 zA~uyinDGR}c}Opb0($047e!|=!2R$pp`R7Gg!ARbAFct>31;JS?Dbo~J7F!5a5w6R zwx0$5xPp1WWC6L=Tq_&(!;vFV(e{TAlZe<`X^i7}AKMX!g<8!(4!?I%BPyfwHf}GX z`L@3HsfPy5(dw>oy+31;5T*uzl{8oKQF&cXZ3F|oz--tVby8;8FXh!Iu$$iRF3t7~ zPcpT|8U@syK4LYAtrO#D1Q|Ui?DI6!YC03y4SqNQbvZPW%Aa;GU$?N_X355t|JqQI ze;3Idy@^S6XS(R{I!ivdg*s04RHZJm z4)d5jo;~+Drb0L?4c4#fa_{mYJ}nAd{X^&OP*~O8uTpZBa*FBboWKK!%mZ$UcD7^tJ_)h zy|i#gUREtk#W#j(R!&SlQ@m05sQh|v!|eWFYz2@Q^t!E7^@(cc7k=KACJy_la{s*9 zgeXFtaa|2@9!zlve1j*RA_iRnVxaZMT5nogH(wx0$(e$78D$hbQaeU~Y{&TS%xqmN zTzTr&6A~{C;kg)`lfuqmOy@FrFr6=aNHX{ z_sNVobotE!AF@z}*grpRs0jo=egw8R-({Q;0cPreDFA0WCq34UxCN3h7_Ynsb>?|} z0`W}J!Pb$yrH6u~1V|rI9eBva<=%DtgmY(@X+7(03QF{R&VB+FSHyaw*)RiSV$~se zS^T$4E!1NkoF05-T&^ftRcZSE9!J)w)f^V^#~a={Bi&*-C~m&Fty%obZ#+kFsC;&4 zhBzSk<3|$$GXR!T4Z_NSWc<$pC9mHe@y}Sc|DkRI1NfDC4k$}te;nz6DO3Ol(<`Ln zufiT!z_O;Rz=R(1zhc4J0QY-}#RUFu1M~#H2uERLg0cSi7a+d@^uC z+x*Ykv0uMgp?o3>fBU)x4p8sWD`|lGS4>zQuzu_pR^1;i>;JDN61@&&A0C-a0Z=4{ z+Nh98o+aBFBuT9jhwVEo0Tk+Z7}IOXnIDc>_%#0qdv6&OR~K!I20{Wv&;Y?5f+uKj z4GxV2x8O7$TpNcFoJNAXyF<`GaF^hg;O=gB6CmfFbL-x^KVH3huj>4vzVx?y%i3$r zHRhOej3#QLfJaV>1Skg4MN!m*Wkm2|LM`&*W{nAbK!$Xrs7`C(GUJsL`M5NGBm$VJ zK4)Ep;h~%NGc2kpb=_VXoV7c(Z9`Z+JV?UkCVQWYh!1E!C2I}PixeZB6q|nk&XelO zsS}016w{na@SF|mR3Xk$0JkL?Rv&i90En(KgG5QA3#O^e8gL2%Qi|BjXCvYEbp5rw z`7$Q5e-uO{M^dK$YJgm4frLmz!m^Ge#1~^WK4@+>LVRe&?m3o3;&~PUsmNzf(t!^5 z*yc!+stlmJPqitAt>OZg^x$yffQaR-g+O+R-SXy{NqC+EE_<gXiglaB&y%>W1MD=i{SHTxLEURMvw7M3S4R|x;E(~5`s4jM9cX4OHD7?- zHZyJ;w!&~G zbyo<0{Y!4}&g6v>&`#tTv+}#8ol$%J8F<<$o8I~0n4770yxMZl_Y%m(n2q+Jhv$&* ze26*8uV!5bEv^2sIbKe_ML z;2hC>q`=F84_{x)!ba%R&bN9w%r;96<ZT>=sf-g**;NhGW52e}6B zm%KL<-XYzp=F;l=k1dr#M!<9(#+ys^8YeXXg_9;YONHlmAyWc9 z?siKv6aJ_zS{JW-uLWZ~HNBlr2)mF4Axe|+a2y7JAe|9tGG<(jc9hGPQS=~`+j@GX zzt9LDL{jSVOZu#Og2*3xMoS!{n;1Q_AT$bJICjlR5Nw=yGo&VjO+-p2ncH~O@YV2P z@oSOJV+1z`41hujkz|e)cnXs`!<7Fy5GRlc*_PlkNR^8mlQRrA)$U zN61#%fy~=K2-{ptsJ2=S;(0@3i+db>tE3q_wzZw!;yls6EM^c`@{(`t<7AWuJ91R! zWNfI{xx|ryaI^pomTBeEex%y>0stM^dEGoquXnNPI@-dZJM>?w3WJymPO?{2qdJjg8?L`C7-8UZS)k0T}HlRo3lI>0O z4U7_clJu)qK^KZS%MK6F|?y zHg$I4`BGK6tP*31Xkc~cnFnk{NfGH;$oy9j9@o8BGz+-pktPSji34wfkuG_GxWCIw1CH1NwH{-#_OD= zB(J5!?DbQm_LW+D!meK?9#_1M=NW4+eN5i`p!5&;y@84g(N^NMzYjW1V+amGGV*UN zD26}&K@vL6<8nC^0=jg_)`qFwLb0^RW}!ou!(C3unRzF(bg4d%jdXzi4ShZ5CC=zv zi_`H|yS)pfx{)TL6d-SrOSNPL&*aC(?8Kmvk@yVau^MC;KaPzt?}~@JNowxejNs5G zF)7{Tw45|2?Cb1|@P8JY`mKur-pqJxpIa=9YXBKOX6~cf7Eben>}(eWh8G#1ZN%>= z1V?3kl$IWV+US9zPU&!X@B5p%K5qLEA|malpdkSZnC>;=$1LH`(d~3VU$6Sd*w=xK z&0q4Yu?oc+`O7x<-SQ=syhQrONQ35;0~exXf}6knWXKnM^2@LGgrLhk#d?X9l7i`5 zrf{HIzKHXWS7Y@%A3Z>*o{dAFeidp;s@mh21@|?J=DawI?IvFeXnEL#e}~<^a!vT{ z0hrz+Av>RL`w{C&z0Pj}Kn?1{Te4{cpszVPTl`V3%-gb`Az0mCAWOKxmBVdz5x1qC z>n`H=R_UUQ=PQas$!8#gS>rAjYn32N<4L=3vCKP(T(Z|Rg!Njgv-a;ClT>zDSd+mX zq5B&aG!>PdC0~(^qlZXq&Z&RU2zVpFip*PlcQG=+Wi9q0KvYb&;rwyK9@N5U-5Y9F_ud#Ony5#7zyY{V`BWi@wH5L5 zL`|-D_B%no9pvP_Zzr38?42) z|0Q8~^LI&Y@`2DgKv@_t-EPsuB1Xgcx|vP7pL%{ zlL_35V!Y8|e+y(IQm!;_w#A>}>J66C?L&utD*Kh-VxzT%6o~j^U)=KtKoFHd?{sSM zjN(H5hq%a4RAG5I&#B7s4ITeszTFS*6#D!)4_*KQQl}hAn=cMF7l@hR`X zr3Y~M|67MN(L{+kWMZb*+>D;oYfc|+NOu=Tuz5V;S~NS;<0Q(4%1o7KUzdo1s7hv9sdtF zIR>Xg6Ywl?Y8Ho!egqC~+{kKwG|y}6p|DJGHzUgi3zYnTzk$S;F>*&3V{t;p| z(L6>sS+$W`=pZFXD+(T&V1w(M_j|K-vcHZ1j2&L!1ayioW>_~ey?E)83jRCD1Ai7^k++`Mg4m@)NuUPgULDtjOYR;6NfSbxNV~M{ zsvDH{)?OkeMfHV8GE<=A42-zPsA!*_4>Svx2&m}qXCH?XL6SdtaNU=Z)?4_$U~@R7 zxUd;TCAN<98o#PJnGdrux=OS$R^uF}=v67^H|W!#$-{CjI?!n}Y|KFe(e1fg0$@!H zN*(s%Dy1fZHddp3kMLo}BErHWC4>R{n;4L^lS^bqnB)K19kkx>kL8xj)RXQ^WT{Zo zccFrU;*yBI;LW@f4&K3|oKn1^g+Nf#C3dtl_6fOkJYL|jf(#^A$tdkZ#`N8AZz5md zmWd*Ax_zg``Y6z63bx@kYOlG1rmM7c?ejwkx0v7aM;hWh+yfGfGBJtpA+%9x2NQwj z$CE{V&4|zCpWu{6m4;kZvr7b|qbdAd&b1vUN-nBdCZ`+zvjl;rjXF(Vd^sFYfOj$I zVs=5Z`g<;m$~;)|c`W1CpZy^MZ~6we+W{Ubo-1avYAPCBiYkOj3*eg!uMJxIm~+Z(6Pv) z88P^`47@q*2|Lo-K|vb+glw5n4r=AN+HKlt<^^b~wYpeqI)(t4wL0Happqqv3&0D! zqdJK^ib+2qus*+;OzoA(p4csMjDy2DoXYZv#S<3=dstCFDrKT%Ryd&}_KZx8) z`{xyqeo!lX^&T~yez-E5a8t}DFRvf8`rqQ4%Y54&Z43)YCC0C%L$>6EwbC^U!o#aZ zqW4=@SZ;MP23)M4qBwxQIxfim$J=Jn;mnY&?8bM8oNjA&;f#*3^>dYuwpUwyyf1!l z15K9+7+5dTb>GuI1g<7Gu_o&AeB}xWLXJ|aJa^>YDWZYo76!9-H{@q*Hu+@!3u`sT zeOlGmU8szPlEftul?Izd-I`(-CardzvFuAGz3(3X&T(1eI)_U2ItqF$W7GxS!R6Bs zgx8)yZX+E|>)};m$uK%eqa)L`H!^^>K7%2Ww7su8aBj?)E|AGk`*cVWe@4@oZL{do zC{Yw>S|N+YDS$hWPl9Re1d_k&G>KrpTWaH$-Cz@W+Kp&NODbL=>};2QL1#n0EG_rMUQh_+xiiOn1SK_*H_GM}?j$@#@a zRenJlUSnynuUS?-gE8@6%o{`SrV-KB^6EeS7xcXGfxxKU9?tTwU%(+0U<{C(S5p4< z0yGB$6h^UbXY4G~6y-Ra}e`Mu7QM^Bk9U|;coM$#Q#{0sH7f<#|c5jX%{)w!2KBXC+DnS}z&`xD*1 zl{w=1&j-+*WF3ir&r=rzJfQ^-rz!4zJP3840`~3dps(2feGKr9|Gzgrd}J2J)2$M0 zivxoP;XGz&z+U$GORR4xLT7jzvTRLpm&JlhMf|5kwe)J#=3b; z?7I8vDQ#xXtTLhjyHaYLJGuraI-4C7r2mG(opDhpB?s?@be55WJh)y8NL(4Ky?KCgZ{_bA)T3u`J@6q2DfBdb6uSbt6r1^@H_Ks4rKMcNWNI&trTo4@Dr9a~^%`hD1IVf5$(T2qeP!nkC-RooD>%cIVsuHe zIg(SrfLlv^t)-N7LJjTbNHHp4FR{}P!jJ2vC}_kXy>em>-Kq^1OBMP|E;2eITzc)B z%%s0ejm>HoW-9MEu#Gg+E>Y4vLFQDR&Cw5-X6ON>2z@|8SZcB()(IGo{QRnAL zO?jKhQPg;}T!+pqw`q5U{k7=P_p$)yai-&Cy}kYc9taDs2&En)#eokA@>m1C#yf zI#87;=U@%F)L}xAX{t1mbIGfXR~#S!Dxe}1CtIrB|84kKf4Ri}d8i3JC2P*bro=5mGnqYAU8ftpI7LOfYPqua1t2_Qqpg+k3*Gl}>dkFELN zWgLaBC!Z^eoTLY)HrTeRZWU{GE8CBmZbnpS%z*5f`9wAe?OBg&Mpy~Uh0eDvK#j*C z4Q4Wp+;Gv&terHP_?*5KK(A}N?=K&1x;N}Z0ZJD%DnL+8K z*O7a8QfI`O^fGnR`Y7k7&Vl;$!l>zZ)&U`}<6zHl>J@?-lvS|TRcT8qsVZm7kGL`J zESRA2Q=Vc`h#BAx0HCW-c*g?bPyLv2Th|&>!%5DQi57F8p1=RxfoXYG$MU@DVaGQ? zaA;l4dS9a3;XWIb?wY4ss&~eE1}IXODD@4nfrNZSp43`8sh&isXfCRy>qL+{LdqY7 zH0YRSOL(-0s`tHV)6d5TuX@CV`Ob8^Qm_ngzd4ytf2a9Hjl~#V0X76QM9U4FxNm8$ zYV-nnV#mb{{mv+~whx^mWPuh1+v&dg_DElfxS8y1>ZJn-r3~A5&Fe=OWVX3Ns%3gV z&!`AV4|@^bwq}6hM#dw7-k**UmAoETdp1CdOhNdIj?VccDN21}_^Ar5Kp`Iw#4$kJ z+gprGVEqOEvLVSsPzk^7lX&W$ZY*j8eTs1ikGvVoO(B|q(^}E^d_SJcwX-9)(d11E zTuU~73&4_Bv=k1Rj+3*TReRp1mA9q&>#ogLEaI!*8)ah3J~`!{$?|UXdwFpyEGL+8 zhWHZ$K<-2|wSG759gY{EcDp6NEJ7>l!4aWQR$DYCwMEfmGoOL9X-ChODvTKsfT_=u zIAkCos_fFp_o^^2+@qYPJcMyxD((SheUk7(R|<)$;~kSMg*3!llPn&}UCvHGcOmrk zmF!>T1sUj*o@`n`(uM=mpVp^%kmt+YZysN;zJtC6J&*tT8zJzVfEPjyI2NE8(W8VS zy#&pwuSFE2vlpwsm3w??cxy7idGiY4qrQm^){7Ef3b@!fh?fCao3eEMadXs`-{TFp zJwhHj@`z!}4Fd)rcqP{|n$_xs^!k?@(ZdZQUEUe4hQSHdZvf48h6E;ksLBZ;cmOj9 zXS%CI_`bRt>fVpCTb*XPsXQ3zwW%TtA)lm$vqE9zIEp2^C6|=nrGX2?&6b#_Rf9x5 z2izZt%-xbyfW60I!;#iRc+H|`Y#?%45CPTiCzDX=dJ6G+;m0>6?;49tRe5AANRhxDUUd(sa6S(XAQc`>Z)(+cFlA76%9j?9^^Nn1D{iIw zS%dJ0e=I(`iT#PVAnGx+MW%n;Hk7*{n&A(oeXGL$G!QA4vnH-bt4?KT2~15@#u7er zA>CG9#}sRtUpuUIag z6q!X1LwWxTgL7N9YGa0Sd8lytZFg-ps-o*+g7J*a6eM9UWL6k&D75`G!Or%(m*QBgA zwlD%HrUbixiS*^zZO`pl5$BB-9

NIko*Lgbm=6WuRvoVL+$Gx~y`5q3eMbvq$@V znZl#$)_L+~o|!>`3FqdmULhWrmEs@jAk-+T(-IJAMwo1X5aWLoPZ4jk6VI^7f1fzS zx+}eZ=8OXy0(xj(p1%OV`{^~i9`gOlb%%Qee68-qzkmKe;AW|5L4W;rn`2b8+3M*j zm#oCIxA(WyG{r|G9?{`cgO`u~no90xRZ6!-c?dz0%g);H3Q!?psc_eqtl*Ki@kb$U z#@%{LbI%OISP<_nb}~8c?v_l~IBSKIixGv9$`>Q{*6dZwSg-9%?VW_ADlH*Ni6}p? zST2!GbQQ(>X(FI$&HM?ai?htBtfC$$>eKlCr3B0~{%2b@IzqsINeIEmKrcmN@@ zbN$F!s}YugY7OIH!~yX+tJeb+Lg#USRn$GySk>J|=Lg5b1@t>c0To^G@62L)z@~0> zbFE7SQ0t(RB!M7M5)bP`dg@70Y&Amwo-?ZhDkZJ-3%6E=5TH~+2D$u(*4clu(vc#g zYyY+8!AJ17U(-D5!O|2VFw5Fvm@-4ZiZjWd)T5!j3r~_vst{MCf)0o2Vl9rubcX{j zb4fd=YUCq);z6i0T4)qs3P95bD=>_Zb*qW`o%BGwk)ah31?L?bkHQM~cGx1~4Y9LO zgLF(WxZprF>bgwu94Ve^FzrKRg~Yi;+hJ#KAOIMlos9(%A|YDzQZ^TTu1qsZYyx&| zE)~%XlQSjlaE@6*(r2k3Ug9$uof0zYFN=ef8{6XH$}Bj9&u`6~rajwNn7U!7_RM`&YbG(orDkSq`M;!USb=#xx&m2|Q+*9DTFzRy~eVT+}yi7Murc~7MF^=0|SJ|LXjj|Y> zq$jaaGqwtsUTow^6s3sjS?-DuJ7hf^v2rs&+vLfoMPWLB1$#hJZ(-T$Z+*M}H23uO%2#I$^5%1^Y~1B1f|(l!xJ#RV7*C zj9o#PowE$j%^ceJMGbDVewfRAO(>?A*A+_`@)1?fn2k;bu@nPGa?rHdgnkd8o<7}* z0{A=8y6Sg=A4hQ+{UlPBf97->R}8ny0W=)+^W=#Cla`4Gx4F!sB+C%uM**62pOl!mBgV%gh_V~z^7QxuJrhB*6j{O52!D2imJ7oe= z@#BNPHoquIb@#_Wo)OtVhYtw^1@C}sn8Jzjyar_r0^uIk5|yyV}k+Yn^p z>eWh;%XfG*>8bpv-lMu*%`n&4--Lzv%so5;2`q|ftc#pjEOYj%Ed^zJ@Fm9|34g$j z*XGhGRZY6_WScia*jO{}(Gt;gxi)$Gx{JY_p-=3N6C{;5I&VTyH9KV*u(ugTI$!-! zP<~De@~;f%(PH8@(a9)fa5ddzwD!A?M$<&|SuWDMd&elenzYzJ$;nhMKzWa^~)P1>oG4GSGj9q-0amDX9F@6*Wbb*&hRkka#;9uGicnach-s2^y z&kwQfcb*tq3}uLsq`8^XeR!rfy4G;XppLY5yoBCd`QW;zjP@pi0cxuHP9`{^?#%^K ze3UCZXk*>lK!TJV5P08uz6{D~J4%9neUJ*u>Nu#re-odGcQct;q6ED!qyQxm(utuj z{sWnahJXreqQuRuJ^%KGS@FNDU)wF~SCxoc8Sr_Ml8}JyW-#rn zdy5mfE&+Y&!Q{>&unF*zdeSfGJAk@dEdwQjm{#Ddx&n209v0RV&S={E_ETLr04C=q zx}6;E8sG0vX-NYv`Q6@o`=?xv`^+}nI^eruN83e(l}#0j0$}SJGG^!PRtGR90%K32 z?#b#~@(&d-+jBtshXX_b$6cWJ>G{|Ehxrchm;iWixO`O%^Y1aWZ@sgXW%Tg>eL?`V zUbQV`xxc&zF@V4IU;k@Ql8t|#?7jzvi-7lu>4WYnlu!BA!y5CI3j9BsvHez^bxQT= z@xNPYzJ)`@$sHX3KH-uEidXF*7~F@_Fc}IaaF5?8!Gh{Rf`BZ>wP1{9(5LK5>W#sL+rkSk^ncX5jDt#^cy7RBWuz5!o-1P6qKn6gvP`GfD;%SkKxBO~%ZFq3L_Jxymn4}%*7+jlxw!C48J zJ}VuRpvQ~H30c2u0yghhSa)Q!U6m9H=KLh?s?NYCSbBrJ(M!iOhWv`Q`#q0qoEH3t zx!yQ0{^ZUA|7N$^*jC%0`J(%uzW!y=%M8gDn&Q|Q!TOy{`nAHfikpJ5l9a*d*+($( z^{k~75)GZ?Z?4b14!XKy*Hfk17gGL&l%?t71ie5x-TAsyBAiXcv|yv9Q98LUK zvZTjlU_bxj&Zt<<0sea@rDME0(j$}1feX%GB|C5U zb8QCU47kS;WFjx?uVXj4ZA5h11Icz2#B(ovnT-^#9S4&Ha(O%Ah%{f7(e+JwSQSpX zonH!K^PEM**YC;*OR|#(&4S3^rG5}XeJGdizVWD%lP|M5!pJ$4Cb?4izMMOQc&Z5| z8a1mSW-t30zO+%;73^BobI1}`)a^dlPA>J;XkQ%>o8PDemTedN&Qjxd_NV_WLAq6O%@{V`69KT<_ve`sd2Hb18vjPs6I- zc_+qn&R*?%RVUf?HR{r2P`i~d7+;R2pu0vQL~rhQ?f%s6B^s3u9F-DRip!9Bmde=T zT)#N70un58vzK50(!jg1-uk2URqxtL1Rv|DDIYE<6m=kxcJ1*KJcMU? zY#PJ1S)%I<`Vl!`C}VVMFop_ax_=5YZ&6~YS{E6M2-xA1c=J1go22>+_mEU0!uQu? zWH15(JN0a92%d)&*`EYaH&b6d`M?kN3gbho?@Lq}p$~@@4Q@ZNKFIL#@j2~$2%S}X zlXK&Uxl{c-ny8vr7-ZbO5j%>$u?{FZ{AxAY<^>Wz4IYZK4)TCMjIbYjX z2Eqcoo_-Iu^yrgT zXWeJZ0dKiwuc7hWf@)aCepwnWB<_!35r|M|VU8oVZ&-AT2juR*gh~Lz^bNsBZ>3z3TG4g0(L(I^EbPTbTBVA) zMk+T0?`5f4)QuV_J;o*v`t2y{z@$ee0*MN2$>?}K>&_pvc8Z!{JzQ+AIp{7-`F?{; zQwpPJHwp=TEnTZ#USb6eyc0;7F^U9AxJE0yk;JAM^0n}js30z#_ItDgL42de>W`##;_eT;T2XUm2 z6iA4zO}fP(LQ2Iw>QEIOV;Q)(KF&h6sj&~1SWTqEXRk);v>_I#z?ib>miicDq>&Hx zh#23@YfY?7vH>=8C&@#tl2+~NEv-ap@oi3< zijPHjbS%^><%y1IEy5L2ArTheN9<4rPN_=+Z|`=#oNwTGe}=J3SX3>5`rhpBg`proU_4{z8-3$p zZU+GP(rXw`oQ9`&|4kH11&3hF*s8xscJ}~$?#aG8f6om3(R&7bRq``7JL3Jhh_Zik z{++PEpBMr6WD0q8VQJXg>jD=?Fg`{4djTSMzDyM0u3kllLH{m8;16)g$NzoF|Lwq9 zD#(;M_Y=pwbIvfmFx1*rkAYH>fp50w!3=aC{=Qfu=(B2)Y<8DLZ<{)cZ|XCpMK7Gz ztaGL=#lW@)pC)QHlG8S`K~cSx63z}N-;d$&QSGjJE|M9G0WbA4qjm!%R-XZVu3dZoz;@fl<&snlqVf=a9M z%b`PY!Yk^~DeAPjc~JVsjM-u>;Y!Cb{)PTDyleheqAn)w1d+Z3M%3)gl*EtA8a?1Q zKNu}L3>ASNehZAil**MzN@P>nI0qRmY><(GApUM8(Pa4Cv?||^Ba5ftolnXhrg5~= zytulZ{-KP1Ac{mYXq$Du8MWHKIN*~!XWT{BLH z)oRl1$Pkh%M+rSi5qd%D7bs$zp;ud(H6YSH)Ek(YMm5OXC zjYj2F?d{Na;5quRZwuizr^#e}=O3ECBZsC-nUJRobAvE>Q19l)Jma%!ol`2MKD_<& zQ25185sR>-Ec$S<#!K=Rk;|k&hcZ8#?-?bwY$MlRBKlWt35v*p?UbPHH!5aMD$Lm` zM!xY*wzY$05&{AOdgBKtj$^hdibti84W^a+@Nn{H9jl)k9jg3dYq(XHedI)cq#Bm# zP0*%P;CvAhMjcQ`2)eopKYGdTG@dy9XBhO~)V|LSPo7`=iNhY+nE<8h`kCn8c<3rd z6-*sFl&U7-PmV$bmS0QZ9Il4S8dH%?^l3OFiy0YxiQ%>0j@p!?=%CUll_`y zr92lA_`6OY!5BWlLpBb^=cRhAb*cW8+tF{%Ql6U$F5RARO{;>MoSc?6fNQU#S1#X( zr%2hw#j`?#Z6se&II3Wp#Oyi&K5c5$Vv>qItyChc+0ph0@K%*&0e@`#s)Zb45tH~h zo)BnV_XgbuWKprEJ^yC*G*bQE?{14!*7o7E{^?>nTW6ZZ4jkt<_s5*g}S+oN1KGnW1My-Qbvyq$GVHiTA&jogR#GY$3qVlLz4zF!<0 z>>vA~f7o#u(k;IhHb~v|wlGxo6N;-`dRrCMA5%3M>kO4+Hx;>m?v*F%?_`x9W7I>z zqe*%BHE&fUizH2$h#eNyxIcIiNEzxZES6mBE=JE`#yt`uGZ}r0ecXIC8jp*-(7xan zc_Ms826U_!Cpt4#-y{rOU005pC%obMAxSbS*3tl;_MYo`d<>q( zc!*R;n+r^JdE!X=8_zRFa#W-tXXamaQfNu<*0*~AoI2`=1DDRipATA*GId6f#+81D z;|)X48gl1GM9*hfT?@4n7AiZQ)E|kWF^JB#MD;&}bjDGNlQj1eh6OOSsDCcmL&J7F zX6MLx)k1$i?3SWU3j9HWPd^6SNAwuJrag9+n5IzqhYb%40cE6mo@4;-;Y~F@;+Hyq zNd*6!#K0#5g$RoO|L6u#mOWWTffazq`?>2pASlRM5Nh=J4y9nzqoAVF56Vsy zG!_@rVryy{6cLeil2L*f>FN3Hwt0wZtUrhq#)qMyq5aXb&c^*asvg}GD7d%`l%Rw# z-FDq{(G(Xn0_jgs0+)8LSZ-%z31B5qWOs%o9?UD>y%kTz`HsQY?5-S&z(hbVUzzvy z<>bj)Ud$O*L=M7z`*1VT2#d_580XHS;z{lc{8BnPXoAvfwZ3>kw{IV15jMqO-RGJh ze28-1K?d5eY|VU+w1_Mf0XSs=d;ib>3a98bK3zB4GFta_NiZ~#i+umX&O%?3jC~)c zR6PIzT35szX7}{%+T0x}Qj=9>DM3zCY-2_egSB z-*}vTxY&*I0U(j2)wTn<99Ct}C=Ffg#Uj}j+=m585YV4mJ*UROLHYD@zCBHPT1T0p$iy1)M z+3r}{JJ+O)W^HmcS@Hqy7f_3M!|w}+zq`gX<;l6u!nZK4Ll#0plMoVyrEh_H z3Hujl*yqb*XffP*J?DwvjS@OOH|D|&Vg7S)tqwg$H?ZHn zv7a3kBB-miZBpz_tOa_Aelx8N6gD_k&-o-Na_vJqN10#|jA5-xQGuyYtphijKV?qQ zTNn;(tD+gtS{c^s0Gnpw#+#Dn91)Au(Y+Xi1=u;YGp7X*OPIT(VtJ6{~zO*A@ zZ@s-o^$SCP8jY}FiZdv;|kPuA=jlxn-885iBhh>aas-a&-FP6R%b65h_c`DZ8{ zNeo$fojRT#G2I1a^)jE*V1kx^VactRn2TN|UI|IZjL{#uZL*3{Dd&80GCyQs%1A~s zK2(TbXiPLuU09MUQGZvnFxs|!u=zyQut6^=Fp1g%X=}Y+bJ&0$sQl1JFlDOkdDNRJo3061X#`B}A0d~KF*6Hs*qc&2xRL64C#&*jN{eQ-0{6lm3cPt2$OGGAiq72=w#vsV%OZ zvLhzl)SG~4v(l)e@f#OjiS3QE%2#hfC5#mqXe@$Hi?~kK;Vc|!|DsSmO^;Nc167Zp z;|3#!z^4qI^84<>A)f_@h%>%H4b!E2t-$7erIBjs3$86>#KiA<+rR&IPu|Y)?;#-8 za=ncBCFS52tvEE?Q-*zfY|nU}pb4qufT_MYNa}iBcICTKSb3~5msvPsG11SEwA1yQ zlu~bGS0r6yixv4vvP-&x9-;!atNIHJ2S>MqRC($-s>pC?-? zxb ztEM4?9$xK3F7E_-m;+G`J~eDE2j_f}Tp{r!GIj0C7Hw1%5fSP7-O_$lxz^>6o<%-A z9gDS${%GxZgkE(t|M%#oW$%jE;NZlPjQc+K#hK9Uw%p+Y+u+e#j@{j}AP}Vj^|VC_ zQuB>>`PCgorB`9GSK8YU$6$Qce`fOGhLR`l?B$ELS0ntrUs>EPVi>e46msLv7(0g* z6vV|{)IC=rAP!V(@x#jc2sz0f@Sx#u2RU^Y&wQXy=F?ds*BzCiCk+Gol*W5J(F3Pm z^^`fch@0-*0qrVjcLcH$u9ZXQwi9MS*%x+fFhZ&DVXkr&W6lg{jl2~(B0`qhAyiv_?++g~%d&H2(j(Q(hZGl@;r zSdj)==Writ9>Kgc{XXlQV8dcfGczu@;Ec$FJJIgMXV$pVrZJMPb(P@U#5G1SD2W0& zZP;)Lc$T}AocM+-86<*z+-JZ4Y3C$gZOqB8e)c;#=K#j*^PU;Gw{G-J0zE&7`m_2kqd$L>!N67MaTe8@X-|li8o1I0;YygkSW2Gl_7=Z}jV&VjblwGE2q=51ep-k$Y^HePhIz@nvFd zjMfdACil+VAkiAmNS!qOGnCxD*}`wLfaSK=WP;q|Bd0VRmsTXR&q+{fK7FTwB zJ6LRKo=&YLjLk}-j>Ow5!m!pco@!!W?!$oxf2$n87Ae={%88xLvGq&*7I5tAPM}k( zR`0sHTEY1F^lp>G!^~Ey_3Vi|&RkuPQY@ID$Qv~;Q~g*VPL-or5fQ;4|MRI5@sihr zbAoc`a6lfgztjt!eTqXW65KYR3vDpz9Q^x6_$e%xCF9SoIJIXq3mW~>4-wx(PN1y3 zvvo>hJJDl}$_K@qXm>lbk|&?HBa*7kN4pKs9Go-&L1;W<4-;TT?ji0YSdw65-p{D_ zxbP7SC&0vP%A~(|cr+>@34$?RBOLQR%7@zosGSnQFvf?|eFjd~&H(fB;rRc){Qr6ImEc&^sSKG3HA~w{i@wqf;+=Wly9!R~ zNPxMQzNR-6em1@b-9LPu)R|wCC&#rplEXBVJu_TtxbyqffqEAb_naNRRw$svi?=`R z)zFM$KNyX#x+=B!5>SyV`I=V%O^E?jO#GF9NaJR2vcTPJp;v6e;16Q0ywR=d1R{@K zcWH?JQXMiGtpw)Uz%CAqwlBG^1iwB7ujwt`%{Iq51oOLzdC9@eeqx>=7d-D#@PCd21& zGFWv`X)w;?8nTE8#OM8`X1DKiQCl8lpNc9L%ox1Xsz2^K+1~}Wg7&1FaBsNb?my6F233ognVSyI(KCv< zB9)f&Mq;_*FJ#g;VrY%$GR;meA_m&V&LWyg?t%eeDWWfvCNwDz{T4yye{)TA^T0FB z=2w|1w9CcsPwA}f@2a5@M13$Gqoqu1yCMmRA%sXRiDQK!w@YJgq3)$8WzmJJP>fS) zGB;L;bpyZ4x)~o!CLbMj)5^xQIB7y1cP_ZpkhtT3RKbHxz+vv&?%VNSh$}oEE7sGA zs+(+=vn|5?!-FL8rDv__s=wqQ?H7d+R0^V+uG^Y<^{VE{=?CVjHV$oYnw(3Sc1Prl z&fe1wD*-?{;i_m?0D4?QTy!G>Y~Z>T3zg2Ak?@4BW3kaT3QOUN$xOEAHBDk(*|oLx z0&K;i%`U2A-|UJEN}k>^3Rh(h&dkx1*pd&PEiHPz+0t@6UujFL=y|Fb|Kgw zBv@Xx1f(|^np@A%uw#DJt`ttiiSL+i)o;`%5s+Fm941dgtVvC#@Rtu_N3ZnSHY0&O z%@*ur#&Y&Mt7iXjp-Sb#_N-4WP86Vhs$TSa5*&;*zbyT9ZrKUt?3(0ShbHL*uqBap zf0A=f#iQv9o0Ia?c72)8G-U2A_QBe#Tdr)hGOb-lZ}UrghEPeF2lQnA(ep{QgM;$c z{h!GpO9Ag(`@2zN=<@2Wx&*CSY?UNLMZZkXS~4wmLIAl&d0TautP(+oAB%S!_%!!Muy*mT~STo;di5=Kv8qD$|KM zTq{>8seQI{$`8@3$c;WKG_mlxPPPY<2z#}Lx1jLg*R#=ILkv*+?JYt=!SEvc^?UG z$Grn>1TIzKmN~;^baVnQ7flG3(NaRc^oF z6+&@grdhG9jvTmcG@2dDoU8T0$(Hj(kkBGg8{J^}FrBi3jlZ=&vpvTz<|kf~<#x<_ zEeM-@VeUt{h6|VEDu)Dko17fg$Z$oqB!@)*duXGkcP zt&qM}3e*D>GgR!=x5jPxG$9+fjhFUuzf-DsP^ora+C(o8kWD zhoWiagZJexi`S(8%2Eo{n-PEDTm<|89VjU3yx?3+KqvJhwU%VVg{eDB(NB5Jg{KPS zd5G?+S{kzZ%VLhHc~4Q$dDbaipF(I`dc5a%i{D~j^`%*XPJSn*E(#B)m5xn+KHSwM zT^#t0j%JeR;xdNcyNHCFXp0_6S{n$tkOj}3kz2T`R?ZfDEVN@AbWi{BD>8qU#KKoX z`SqRw@^G{8`8zkN&3f`|@Nur;J@4qEg&P$); zc%d)b=G{Jn) zn;`4+d}(j0@17g_K^;ov8T+XJzOdvD zSay@&BS8;IVt|pPq9>*FxMxY>SX|&AzA1nE&9B`ZV)x&C#Q$>c9+9GSyaKq*m_LkG zX!jT9lWDPkz@Lmh0Fjzm9T*RHw~B%D?Bf5&B}4Ztbn6f@9S#J#7M6V?&a*5UD2VUL zU}rcIl4f!a>e?eL%&1oGmlC6B?OI0ISkXj4du8bKa>00wm9V&|sAwrg>0Q0}5v=sH zpKWd3o$`i@<9k5Y^_wJbzgni^&s^CPWhcdY-I&^*v3Sy&4C}&o_vi5(0goMr6sW|B z1Gx)*=y1$TaDNWF<9hio!G)eRd7As1R?p{?W=c(MoHCaRhG+5j7kj~8b2P_R>2)QdgSp60Q++8+5q?UcO2oOfx)rV zU{HM^rm2A8Nq^L0a1ZVg=x>X`-!;oI@5fpW1z|GTV573$>a@fEm9&K3Et~gy3Y%&h z)Sx@-Y0G$0RME+%WvMY$Y%p{De3|r~pGDBi=K~BELk_QGD5MjUQu{V*@|M=Hc%Z;u zC)cx3tGh@EUGge{y0U3lp2gk7(N)A9hhegDJO8NDdw5xa7?!Qi>6re!vS_Rco4#k( zEC6PWO{y0tuLbs~RVxCSxaREHZaXu+#KSWbYY}C8#gZM!wCrhtqUUau=`p%7pq%Dr zraS?v;%)CP)V^Rqk3m5Qs8q`3Jm)AtR_nj5G!-a@koIt|f66Ir!}Ywaj+UtiIc zV5tuwzpMz?oV@DTjKhCT4FlWfnvDrMO$erg?biPO=m5O_b?VXVzRE+2vjXR7cPiG| z26?AI0n#9&iyI9EN<*D5?O%kM-E5XIpKS3O`(|D5cNq^1E%=AYW%HTmI4Xc0jd$N; z8wP7tY5PSQ4weQ1Qag&BlAAL~)b!Ya8I=rC^hmCz;w;{tmgDv>#Myo3H$zyTAC_7Z zJ}m!?Jdke+G@PGOb%v9F+};@ycZzjnZJE867H%Bw2C;S8tR1>t%VX9%v z{2;t1nZKdg5k;r3AHp!XKIU{d%Po+b>4_FgEXY2{Ue-k9 z!XK`^X_-BfCfK}6)MK+JS!2>YjN0S_uQJ)+)~NG2Gttn|GN!J~$jM~d+^Uv(@#)M| zN5hTBj-$xXnH37u|0{_EEO)B(5<9l_vyJi!<}`PCIZSiFI25CZju zMq}V&S#W=0AX_wjlUC1Z8+(NMGVuHKY!AZ)?E&*2Kc_|p+~~k}{pJ4X_+PtBx+w3$ zp=HMN@x9svSzlmUE$|N#e0!czn8`+YTcEwgy+8VaYF}5d27JZ`C{7MREDMSHVaQ$2 z$s^cpOoVlI7I2EI{{Lw2yMv-?-Yx|R5)B9l3K$3?Nr{3)B}WCxQG&!_km!)XfQU#2 z0U0tlo34wM!J9rwjwUO*s3D$*L8sM*wGs*!1%h%gzRp`z#=FM|sEk z#pis3$FyxlOxs|SLpg|I_E*msJ;0^iKUGvW+Xn#|Lm5u}Rr-wiuq(&E)=t*5U%Aph zd(Oo0QM{GIz86~`lSX4nuhOxYGa81q@oQsKNb;l2!Llvgr)PmS$HIrle7X(2NhIhw z9ln4r(G8n%5o1-Xg5`!jT{O&s4bl;v2g=cVS6;yfsOTcb_DM)ur{N!&to;EIV+t{* z#HKCTLhqRd6-(PkgxH)0tT8~7NXWz9#8(A`@7)|44s5o#01_R}^Fi#m{$vqpR*Blrhuo)B?n-Vt{j{P+*@5r0nd{u_hbiJ=^!a=Lyawdve21lY|o85x=70h3<7 z9n-S0*u=uj&nPk$aB0sku)Ku9}A(yU8OPKX+Fv1yqVmiO3?r{xq^$k?i({^Hdv15QV_f zQlN7~5Uqf?hJVz8(Up7Xqiyktku&C=e_@)eR;{Mgw6RqEy~Bch-?NVA5x*}_ojPKu zY(KbHi>`aI*ar=FTseXt?gW?v$LFc>V5H>@ARCyTwUici(TG(W(bE35jif zye=T25kxqw@5twm@r-&8ZIriYB|mo$$$b`Nes$3g97Sb%#$wgA z0jkFg{|Vd##ihs6S#$W|RD*Kg8e^EI`4}w%EhhCe^JR(Mf^E#wEbh(94%L{{7K;K) zP{AtkUIz1U{LK zPMk3Vxn|=NQOlpN@k>Kyt?Aosy=56iqYg3-z@udr(?SYyk9)s$7GIC1_x?BXLdF=lza&qmWRI6u49ggNSA4qNbwtA{3!>(!%dSuF z*}4Ql=ofzfLc0?n-0$_JI9G4+?#9$$a{-{qto2X!V8eH#&3xmgr8>!(ETa#0;^Wkk zt8eQZQ%|(zeXOZ3c;Dh7GOkFRn3v zEzOh*fA`Ns@Sef7JTR+LZ0}=ODV0$UcP(av6US@$HsaKFRJ=0&M7L>Whb-(-ymE+-%D64$i7UJGpRaF6`vo7nDNRO*xM_65 zQ}7k|Tgr%Po7XhyH%gY1s5U6W^KhW@$f(&XniYNjU}F8oF6u%5vmY1^%z&H+S=>Lyc|GaXDN3FKLFkiH!FPKZ*}_`4bvUI zrPS0*8)pvTNvl&HbY-M3j1X-FaeeVLRX+8aYMIe0X43sYb5l9-@6g@0hl*u}HNxc% zZ=q4ET_rV}9@~HQzB94$D>(5m0ItHzYxL;rweCHh?iV4Ry2;6f2ifRhx2C1Jp{lJ> zj_y>&V6_UyT8J!ilHvX@rD4g!-YeIj4+k?COpZiFp;IFTWkno@_*zi79}3 zZ7eQrE;w{f@&qe1@#CBrst|Ur0$w6Ty)cG)3^y*1A*^Ne9Dzbfr<;b}*^ zP|OOq1^x=N(nWumOD`i>htpM(H?=}NW};43M`D{t7?gQ2I{aFffA+ZEjP|eJzfxPo z2x$zR)6II4T5?pV0yHnCFfaZ4NAU+Q=@*a>`jYl{7VisfZUf!^aKo}QqN95Ka53dI zR_6)zwsy7R#6PMYs8m3wODh~{9A)`!tDln(3mjAM-ZBaGW`HO9H8qRqjpv8phlS65 zM!BbwJ(1>jan!??3AWv@Yv3@fU4vt?WL%6k|Rq8IN&xoVq2s1JYlJZ^v8jt z{fUVJDw(l_Zc$E&j?KOWHrofDBU)#+LzQ~+C`x$c3j1f<}WR+7C@MrIAx_j5{;YvJ7 zM;)rYA~^>add&cwXm0e)kDh^_CdpHhV8Ph_!5Mn_Z}9g;x0}ge8@0%#f0>61xc_I& z!zt$4n2o-!+`89(>II;viJKY-79TktuTgPc6owBAlTJs>4a*Zv>pj~5e?blvGJ2L%rXmsQxiZjkYP@OLq7P}@ z4+_bo-46Am2j%mjxMI}e?<)CAMOgxeMK~N#xm#>9nyQ(N0+@{AkrbVG1{+4XE^~i? z09PI9VFrxJHQHKdc)zX>SK?-`o~+YUs1mnrJ=Ak(vzqdm!GZkObY$|BOC3|ruRp(A z<4OAELEx!o+O>V+xLd|sl~emy?Cnci8@FPCAkI@az&`1|*0@)7<>A(Woi^XjMT#m& z$fNk9B`{c?@Cw;sXLkueq-xkp%fL&;ie24#tVe8X(R{FNgmMA0xAaZ3jB4p?L74mG zjR_mF{yzz^80 zi?)~N-I7_fTMa#S{0<*l<{S!nAcPNhFVSow-&zkg?qonF@(l@UxqoKNH{^@80(T3r zZw;D{h#gcdSL7M369E5g@TtqYa?B;R=EmPt^VP^s84=b!3~CeA{ei1Cjx~bqdK6$W zic97@qtpn*oYDn53s<(Tj#IflsbwU-_`lbAjSkNYEqu?60Hj1!$>D7wn(-IWH~ve9HllI zYM-e(tg9au0%LZ6iN058Z6X;`^e99>IylnYyhp|Ea}VDm2gH2vZpJmgh8!LI@0x`>uX{UBh|pnN+$3cHaP0NlOHv)|EEgu zC}9+49p?Qr6rGQKeN;FnatyYXeNrVe`(R~&XtXW1H`LFpDylKd>(f=sbk$xo^$c!T zNKNVC2&_(Zsz?nXy|ocNG%%P;ZHBJ7cdBV&jN1#L!~^t^K7i>c^z>|}-S6IGhmv_T z?fcX&?pvF}X>^eEU)Z&u&W2qLQZU`l8W(bW1w^wA#R+BVQB>5_Lh%OMwh|lc?w;S+% zg?=D3(|xHImWJn;gxLcYp1**Pz8GJjF0>0=>|4jSrAlLuN zt{l<&d~r12zsS}=mzM9x5=Y6`Xt(LuB6IUVqARreYD1NRUHs?{Qxc(aEf(H`v?~dQ8^)b_!FJ3q|`)O=>T?YrJmPXBxH+ zA4}h1?&6Psc1YD4#c_8;(FhgmxRIB}ol3lCTLRIZ?x+SSX6ph?`uZb`onvSYb6oJj+aU4{Oet3r zn!+&hD#MXV$+yG=aXCM@4liP=l&y=umQ<82qK)xYoL6!ud_4ux6QzZtBw3*QOXQ&E zKpXM&(NF~>*YMHs3?&dsxw_U{>&|I7PKu@?38n6OnCYp#?cK^|qJ2zKJET((REh{< zG+GyV-i#|GcDmB+t($i1#umFwM<*IK(Fq6?Y%lYeEEO+UZ)q(E({iZ!`4-($qMh6o zz1-;XG%w=kA%#V(x#33V!IRP}%Q;LuL^^)io6f6I6Nl0tNvm38`CxJ5bSIn(?K$Y0XwPihXJ=ev2C2sc+@U<&J<@9+- zUjl~~3dYxyWt}M2)hRZn?YhOlQ96$Kyt6+F)1`V|Q1kuDgo)ONS! zc0YNSW7*d^JOMz}#?+cjHANtcGMwuqwxFve6Q{e|ghh(wftzXq1n%J@>NIHe_aMlB zJVL!j*`>U+aRhnfRIpyD|pBr@VIMjexm>$P>nV1M{aZlc|@wZ?3L$F_z>pic2R z{2o)z(t~U$Jv(2{gL`Q5Wt0mk+ZmWC(*{zG5T57D6*H?XW(N`nfNgoQ_&uD&OR}zB zL-oughzPtvX+ILGO6n|ZzD9fM7PT4^OdWAFw%bT)kT__^SQ1kU@BF1{PafH#c_b7+ z-^1k<7VV&+(;2^hivf)M#0Sx!SfVPSS{B$wHqV}Dr)!m<%!I?X&5nE8%a5XYDlAIN z*(>LR8cJfiiFV%DM;6fcx`^qw`Ag3|7Q5d?A1mJQ05QgwDz?#lkv4l`r_peJ@)X@0 z7UDuMt-&qw3Et9$2mR5=DFi+*B4VoifHl>A=7_O%KbBvywgxU>{ z=imR~4SD#nl;0_DNH3q+soYabB0|{StWkOQ$D3>36<7w(;nHK#!*IbHf+Xi8o1G5u zUoEnUpVzD0HVOdNG>$LV&lnjXNP#+l#~%1U{;?hdhS=sR@MC=lIk&ip*I5ETR(kG* zt#b;|n*+e)l8367&SCUp4p4WnNtxhz-dvs(XpTyn_zcHiz)1&oukSUuz2K1bf2Lvy zp!f#sW$&C*gp);}H$9r(`{(_yqXNz8-eAQ$X9T}f0XNw`@pG~B<_7PIKQ|${_u-ro z_3i<^Q8vU`!WNC_g4bsAD&@-mCl7z>y#wVzEda}K4m}MLbD#ai#E?svGm-}^zQSQS z+>f!;=y!_K3Om_}%VxkW$)zn36#p1@e0r^cSL12Pm_tR&q!IS1l}}w%4(TfG=c62~ zjaTnGB?+ol<^pofn}A=7@y??cIZ$=Y)z#k7+(kLLyTCcl3Eb>@4uRA)3O`0CQX@8bF*YBo zkK(>~rbitLdIc)RS3f*29`pIh=|r_Y{sf0DZAeCJ3svSnSdh( zxYiE;NQ6a`#^5_XQ%OsA?87q7Nrx9PTM-9{e z>4f44qvWMX&&-z@5i%dY%3eBp^jT8+b=WPzf|l%+o1c|YTS^!A9m8Lt-B~Vgdv=n( zkdp1p8BhQUZ#MfLW-gpTl!5Wo_>~*e+~A)Ul?ME3+)FDm9sz5dmucQcIr7bgXZGnE zD;cS!suJz(9yL}S{73WMA$tEUkqYykdWU6&Z>SRe2~4^PT7G%NZ{Yrkr%6LrCg7$5 zgJ$&jcgf}m9+`wO&yk`XSvODnm_5PsEPBPRRJ;q1Z}oMG6ZSJG5}#ZpP1lveMtg5@ zS`dJdm!zGsu^}A<+$Xst*;oyTml!DeSHJwl-a#1zU>5^woe$>$+w%JDA9D9@3}FLw z9EiB9Rh&h{=hG8;AGk849~NN0{U@NkQJB63<$1(Tc>y$|KqFIZgmwY#m0>En9-Mbb zHW`RKv_G59GAhslL3?lJof6ftu}d0=M7+KsblA^<6(pRF<)@k0lpY8=WQlk0$$5Ka zY9Il{4SdkRidg>+!2j(G@OfCuXWa=Gxkf=jk*B@4F&8#k?m#%&D1H9Q$_nuHsC%;v zYYm+L4&D*8pM8vOd6})VmGmy={d+v^VylSo`!AkupxWIGv=_(h7P{{2&BuGC=oDLl z@Ef^F)wqs*x5_vJ_#<#(&UmqP)UV&a+j&Bp%O@}g#m}|j|Zk(m*PQ-8ug8>dhrJYcSE5T(7IrB|+6VBX1@pP%3VTy15zID6_gnGQLU9ieDT5}V3oQEi9iBE+Pq!nI1{xJ8*Ox2Pr8ai!$-2} zYW70&&JtX@xEa;Nr}*9Q*xcIV;iaSdhBZ}A-y;ti8N9Tr`JI;gi%TG*WiL>j@mw*D zJw3@HPugPzN?m=cDEHYds$=;fp)d?eE?GLTO5_o(h2`beK!I@!d=A&9AhBbMt-pE> z?R*+U0aP3XAAi}FO%bqt>#j&sjGk7jX!=NYQ_`=~@sjdI`gTmiWwEB=V(V0icLbg= z?Q@vvQ;3^$tF!AB4V~-yQP23*i4=*i=1nrC)SP-+yg>vPSeaIsx)T~)?#sVph@+UH zQAU~++tBgLTO;Y?b#2Rk6I+1Tik?Qosp!aiQY0cuUbOZbNrjP%EOv!Lk>hvx2Fo4N zDMu~f%5g$+NBdhIh51-bS`;_uFT(%p*GPWI@GdW=J^gdGY(LIE6yHsi)Rutqy+3-@xvZd6~FZ@R883l!n*CnMtM5%Z1L4(|Me3xVKh( zy5-u0gi}lH=R4yKH*MMD9RIpSMRbrL2??z_znbR+j}vsP_59YO+4yH^pohTCA+>T8 zmD_mYyNSE_ZdKTYL%$8bhv=tJqtwL!H#G3g7FU8v+dro4+8Ea1(=CqB$kw4gN-N(!Ng-Na(gNBAxL5qvkA+6G-mGpZqVKaUm zZgfpL^P1(8(ygYDd)y8v#by6rw04%zknwKEmEwVYk-fokD%Eoj;Lp>1+vU{bU%Q`y zUyYGxd33%RlK5>8ka-s|GZt8A;V+&RuQqedJO*pfq+tix;Ah=+?BXv<#ybJE@mLM3 z!I(P53-_>(PT;-#Vknfz1y;K?^jbir9Q%2LsDH&LE!R^W~p70a(16K79E5 z9DLNxU9~&p7z5Q&Rl?@-*t-}7i02wq+pspSK7E^%H(QN;ICI3X9f2YI0)8XG_0Zi5Zl}YjnN;X?G z!gi#j-8@k09EMzy_EAlh7aac^%ouhHivOQNVmu^k-I|&Zj^HgUlK|>TX1*?qvtgNp zQ)*)oZ`KZrXZ%j7lAMd#*a8E`Q>ug_xB*Lr(1Gh$%gBqcJJulqR0>lTC;t!C0l4n6 z8KExX^Bc+n?nUYUZ3kYhS`hrxKO{>YbmGq5%FZ75N-3=1P0#iwC6%d+=6yre;Ue4n z*}8nezWA8evdd8%hAe8HM{1}JedafB)@fAzsAz#DBJZz5?9mR(gzd^!>owz+a8igv z9f2Xv&4z}C6uB88WRjFedBv)F&f^&{ta{zoXiqVoUQ*ra*umTsJy%OHnRQFHKxue} zdaJ&%+)vox5?`#@bWo4kYSkRKa~p|jiY$(S1LjVg>=?b5`iY0FHcv4cz)vYE{ymx%a(Hy zjN;E7nDikXXJ&36#Zw^c&&8R3YTzBbBd!ui_c{EH;3=B*<90gDClc&-t2iza?$>ya zK3|#iuh;x#hGM)bK52|^Y%(JWebo_iuQHrNO|QPb;O%9wS6p7P-fb^>G&tw+j)(}K zRcfSU|;Vzly&EiL;~Y%|0b_C>Si;VXA~%nzA5 zW7Aa_#OUt<`Y627)hWcBz$wh<-FSpiIYeY{&uYzMr}~}bMagR-=cQ&CV(;Jm!9DXc z1|^<bKW^@~qs!c5IYg%#3FCIOFdC>d+3Cl0w%j!Utm;i20BZR>PXn{(!4& z>JK2*hD(idJhM$9Gvg2V?w3#PGxxU&4P=iz;5pG^Z2TH`#e>(YbJay_Z(rCm=+M@{ zA|tZ7r+UXRSUr>fbB%O;nBxyr_EdapnTkPZhI)(6fb5R?qgL9tb1jriY#KJf+J)4* zI613qFRJojZ!9iGb8o3w4wU52KDzv**E$!*`MNfu`B1Igp2l)8A#GORnFE`qZ7`w- zC1-4$WM1mxHC|Pog^sV0efcgYyklp|&o=Bt3C{GyWwp5Fd1o4P7n@*?|jJb8qH*gYAyoX4+Ne#3l~! zMzjaLk(4YGezNO}L~N*Zd>51qRET)+Ab>hIc@cdwt9&p%2 zi1a|ea*scUeu?tylX6MsFAS&^eS}tG5vkh|#j=bt%K)cVnY;llQekNz^L2!NsWK%x zXp1FYIb5hXv!yP*Qs-cJV({gDbb^eVbA{+z>zLut_2@9}tj`^BIZ+X5)Mm4OhPqCN zuU&QF45QC_XO^L9S`uHB7ilo-I~vg6!Wd?I50c7#+wsGow(rGF!*JwxTCx~o$~JTS zAZj5ZG9yv$t+xi_2$6^P#&0t6DWPLKYP+vT+*1|hhdG}d{MonUVuYTL! z_z)uQuo@E8N0LgZ$WtwTbRcru#i_W>u`{!2z za8z4tqxo@uS4FG2llL8F^v`Ch>FMcgFx*I0g%8AYJT8_}Er+!lZwoDRqY3o(3Erwa zcesl><$AtYD~gX+s9!`sLaYo-%DbsL8aw10f2e9)xD_9omcI05F%B@2;kCy?JF2SH z&z9qMYSvKIUA`qwNi;PWrQwD?gqkiot#^2#{dx)s9^Zey#01QJew*DVMm}KE(FmS& zlT_IdT+f5cv4RY)QQ^>*P^JLWPIzC;n^i~BCc9~C{Lxf_?9emt*9A%#s{WxFz5 zdy>~TvKB<-EiAWuU#GX0zEhM%OzBI=E7tgEflyOsE9$NFvC^I3ze8?y8ESs7=ohyN zq8pI1I{dlNu|=M}`JvaIZ7S4#X`sU56G8M`+n5SGQEcL(Q%=td9x;|E8v5Qkjd!;v z9H&9Wq~$hD_32@GIah_!$f}!*mem1YLifwE=bp_~jGHtgQAn)K%_bRWO!h4)3 zo^-@L)GxW(EZScdL-25&n<6mZt*``Ut=wBHz)?AZXVw41!uPA8>2iNuKSw>>*U26= zIWHOvj`GtLOM|cMBQO><`<Bj7kJz8X? z9Wt$+{VK5Iby;1Q<8(fOw5BSuxolrAK~AiF6YdrY0+yEL$!9XN9)EhswA?fCaOM0z0+2pc#7lRO+P-O*efB7M) z%}y@~X{|jLR{5k@VkABhw`BdAvA~gN?N(b)NnzZ!i1~r&$U(VXqeBN8R@1qhEVn*f8}MUbAdZWRTJkEu^jWAnIXNjNr2meITODQ#9Jkz* z!mrh?=j+;AqKZh%H7_ki3hLb?`8ac6@+$fHTlP)vc~B*Pk@&}3hbfP(S95B)e=KWR zkg~0dUwJIYXpfw07moKuSJYo-&}ya96xzkTt~@PQ5FgJx0`;b zen2{2KJ)u!N=~PGEJmyK*-`}VqXq4L4)zO0D;cJyzdSjb{Yy?$WnM>ncAg~|#M z<#P4VLe89^PvcP;yt{|-4k zWPMwP3zURQGH*zu+` zAM0;={DfnqtjrW7GYc}M5@@hsoGZ%dyw_@#%(If zcYj1)&~T;Jt~&mBTPXndP8z97MZu;Ui^4WJU;Vw88|ev%_vCfIYf<#BId9AXC~f#y+_v-EH+`R z^H21M0;gFcZ!Z;2js8H;C_}!UD)_Ui-Z)2k&La;AR_5TB<=P)Q3;CVu02{26Ca;R! zhXVtD&>(1T9<^zoI^W8v*X)0`h%mA|e}f}!^+34|2P}+s{*-w{_03$VQ_ z3;Js`i&xdF@a6jjnT~)9a!LlSpC4ZpPx#@TRzp6o7?kAmWsQ(KSgO2qu_u>(hjVD+ zK1JCB(I>49(yB9w)Sti>vx>NdPz0IV4juoB2`_J?4|_{>`*)a9xl8l0bhP+XgO1Eb zuU7hN#w|gB5W}SsQuln;nhKl}XM%Xv-w?WdT%J+gHL>g|4BNCxNp4jBxDByx^;`l@2GbiNhe;_7g!FQ3nJtAf|E zXJ2UzV(?(hT(3FW`ZMgfDz@jM?()*>^4rXaH{E1-SOr7_$I2?pw+PD!P~$T4aaQ=; z#;UFl#8piwQ$)@Mhq5cT|CfIbrOmv(f~6ZiT#yS4u)TfhoK46h4(`>$x5R2IoOrTU zdX5(*&ZQA=b?=lv4`kiWFSY|OZzk#HB`j5u1v;W3F^n~Bkl=*UQjdvWIoDl`C~qV3 ziIMc@M2X&|;NG$Y0^f5U1Sb=8L_K)>{Nl-{pd~4RE7<)rwD4vBedPbDx4d?_PHL;4 Uv-Nky1@I#$r7W5A)X4XL0BM7s3;+NC literal 55215 zcmc$_WmFtn^Dm4;aCdiicY?dS2Mg|Q!4ovNTW}lPGe~d`HUxKf3l4YAbI!^0f8YD% zez0<|cI~QN-Mx3oufC|M$f6(;B0@kwpvcQfX+S_g@jyU8>mtB`uS}Q#0wEv} zYi%VZ)#N25$<^GPt!*8wARy$vq^84bB`;!r+JBpseE$ii7|Rc<7)xB?01~@6tUR1r zoSp(MG}>6-sJEG%GSo^!R~p+0iQIl56lWkZPy!d$)0p{J-FGs681Hr8^ISdw_p|ho zmCW|L6#*M4ahuDM8D=e5a>FFL800IfAv)>?`M^&Q1oRnDreB$MWu(F(X)TV|cUK+9 ziIRzU`|4j`?%o(H->U;4AinhQOJ^_*58k7fvcYQTlR`MbTl3{5(~<05<2PFBh2V?f z?=`8D;_szk3~tK?e4~0{2f>if-UsLtLQKFkHeSQp>Jev&4SHb~>V?iIXQFcHjrb8-_|c{7`H?`2w43Y(&7D+Q3?Mg}FrzBkB&r*3RX( zA-xnLbe_S6964!#RwkKu>_fxl_p5RI2od9c&3-nygm|Lu0N0Z_j>(BwM3TEp&0khm za?&r9@?Xz=*2D)E8{NBwYBS1yWv7#pRPzf3e-BCw7b4~2Gf~f0+aY5=!z#K+-+N$m zlW(NNe*IQW9wEXfrclp^=Kpoup9cY#E^=w(C=arqnx zlkpBpF3RC+FR>nkVj+Tp8H>XwgZr0)R6KrGwAOqWpT;J5;2RhE2JtD4R&;Q5Zn;k zKY5UQCps0A`Njpjccn+MD)cKS5PY{=V8o3bCu37!d*ILn!6Kzwg!2)l1J6-PwJ`ms z;YYkjVv>GHm3L(!T>Xn1{QP1@{Hz%1(aD>*o6)YjZG=W50N91d&XD6Dz@ETB0Gc4aE{tHfVCeNYvYud?pYJ+g>_de@WIxjtW9*?vBkYFf zhWCXxh8u>P{1Bo{ESKP>>%a{A@~$6wD`1Op3-<%`C3St+FG*tRL^%U$`y@JsoPN69 z#Avx}Ie&RNxdnM(F`6Y!1LR@|v78FE;_%q;?vBXL_RjH6*$zcC;y}t4SbPMAYkGTn zA$pdSsuYt^bnR3-mD^$&O|Ejq3YW@ojMe7MEYIq9!)Io9+=SF#M)OmP=0>== z`MKOVi~0RZ-3l_z^O+vo4BHFt25!(t;-76bm$sp6FlR8+;i*_hbVm6XCYrLdvYN&E z)r$qbir2}whD_p2n)bOm$skF`?=7jnxlaX_44bFyx__D<`Wzs5M0=thtjtP#)_72P z?jJiX0IP+{%WCn8>E@SL1#grtD znpNh@YRT;4A%-5kb8e1=0KDi~06!*&? z(>5zV+U+}}TebF`bpf*iKfiE3;XW;(>YzeJF-B#_dkl#W4a85x*XC5`N~sv;p7C?# zmhsoRIC;KqZ5>g%S9l+K^SCN|t)486n7dN)SMl$!A~p#MqF&QizfLOv|;G3e)r*?X6d z7abcad8Dd6Rl6wRZIR5#0$2)2afmg@fyCB0v`F@up(^h(8-hl|DoQnJG_!wDZW5^)YGdtl$q8ufnhx8h~4ahvg6SM$=}d)6@5#(F>r8hT7;!|DZs^cmJO}hXgJ2_((pV2nhK==r2>K}v<(~DITR#SXilJ#ICJM$`?Kh*GomM4d zYpe-|YZ~RcZN+u_Q3Yg2(J3*O(z#5+Iu1`5Z$nDqVqbMHDJU1vdRM~s)oN+Y+nw$MS?y4&!k9Ry@ z{F8s1Ebn*Mwy%|Tbx0HyT8f>dp9lZ8zp8CT3n%?3GAy7MJbd$WuW!6>AWm-k`(Q}v zO(|e6d@r7gLe{`g*Z}p-`e_+Z6e(L3UqNQ*p5yoZ;=UCNmJUu;LA8rN)vL11Q|I_) z_Oi@5FVm~^#o=J_dLL>k*J-;Ym;c=N^#Jw`NtV@(mDkvg`;cAmZW?dsI`HeDU-=JN<1 zf&LM;6~%})Ms_G#`LKF*7s;9quvmRvO(&BT=~|~c@O_m%Bg^+k%Kw?4BF5umu)P1% zyGg9>ZK?5a$}e9r9}P(VsChdz!Ny`j`Z%^?H(mE(pr}<_?RvZan&*8amqi|&5^k*zTjo}0G$<_T=U z>R9Q?TPrI=FoKT}ARwb`Az;8qkl>vVyn_whq(}&O@INMamnwkz_bwDq0rbDe(7Jy$ zl+cuvmk0lATDVzRIk|sy_TYgb>H&8JvenY_&{I|tv~YH0HMeyBV8!a==<*i{gs_hw z_|VbH!<^j5(ZR`G&_{&wKP?2o$A4XBqa^=N6Ayb4N|l+1R|jy;;4vSe@N$*f<0P1lZU)**G~_z%5wZeVsha zeOR2_ss8Td-+rX5+%4Q}T|8`^oyh;{*ZhOCr-uk7>XxKzBoAr%zN@Sq24h2 zP*|ihR*JUHzSDJ6GOlq}e{X-NR{sFcskL~IJCANIAx%x~Rg%F{DSB#gsDHMNO_=Y( z-(Ram-+hJnXZr}HW#>cj=QJDB|IV9%a8v+hY`CNGP?6Axq z619p=o~ zDi8P-J|XYOvi^fiD#B)<^S3Hn=XGEDS|IQgm4ros`U@t_x7C)fdJ?N$FYDM}uo*&; ziGCSTGMNO8und3UW%5Km$apk;^wb_#cQ&nNT6WU3%}F;tT^D~Og`ypMG+pA+%br}V z;QjlwnpfFZy?RNq4!ef{jgt34VpZw|N_g$=cZEA6nL518PrXx3EAsy^&y(soP05N- zY+b%wZaV$kLx{nr;?a3Z0o*!uOtzqVoy}i;njD@H0Me+OpqUOSSY3}Mr3y8dluFe* zP{c(H(f$3{LeQx;bU1j}Oo6z1q~zv(k6NdxOD!I$Q!VI4H+wy5)m{KH#^r@q=0;kN z#DMnMLy@S27pA^JW|YJu8U=hq2CYELwG<~z7P}qv3TQNif22DT@2O$tA$k*~_C6Px zFwN>mP4b7$e=-)KDN=lkxd2{&TAGcg}#uGHhR z^HbT~pY=#docaM3YP1PW&f3~T>*PQtN5ks{(M+D;q8xrt`5zT+xf%lviX&SBFiujE z>Yl>93-W(|YUKO~ZK)cK!&`oKTCK%7!tVN@@~EqLW4fKC+fJyeaEiBAZ%I4uM+x+M z#NMz@-zN+ei;qxAAo}%G=eBHg2c)|U40reaGb#bUXR+LuR@X7B-Wf-~hw1DME4^=7 z%|sNnrrjvQqCr>Rl(O1Q1{rC}gC@3;boD>^q2*Lu*XVUFYuS;C1<@jGvVQe zW=`weJld^$=A4MQ$RO@bkdGt}&hFN%UbKj0w~&GmQM~2=>NmOD1Vm;$oY-0St`?)U zVl7|aQ7w%*;*dXYY#I&>$-Q~ry)!73Q01T}_2+$Ml!WJANK1o`ni{#NAB!#CYqeNb zdvn#)J$|Xsp#J(|C^H<}XScCcgFthSa!X8Y-RY_CRoc0r_b)! z5+haE)bw_0w37_Sql?!I)Q(3|mB#QM`Yzi6I?Z+ZfbAcEz_JPDur7Pb=5>19Lk+sL znR);0r#cAH$gMdgeNALO(+=)0R_P5ZeL^?FTAW=BK}z?LX$r&>)BNU^BSyGD#&(Rj;WQ2bzAXpk=qi< z%chJm+LXvY+lOpf$W6b`jFWyL`P$?~5UBs)^pp7TZkCuNIFuiIn9o!@9anj@JGt+3 zB8S&W3q4VJE5$>q)!@gzGd|V=!F*gUudzoyP}yyEKs9eZ_6XyW2ASFIdkObbtXlao0>yM0zk-*`vK7oxdWDKbQWIK66x zd&}1;!xu^+?|kfjD)oPssf|EP7bHa#W^Vh`lEJTROV4)9OMz@UpsdMLyA1GKCG**A z9Y)svQ{i)466nmVs~THf0{At9#`n#j^LVl*FM_rwHUpGdGBGATkND)|Na;ud{ zg&VwOX_U8$q$q2(^F*)JDdQaD9s7OgPG+olD3S<2gBU}eKSS0lh|d^Y3mB^4 zi=|a(z2!C*_HO5%#%C3k2yAyt$^ zT1}%8_=SgaMj&W^I7tCiX(ESyL0{oVE@5`aS*_?7_Lxp(Z@1d{ZuL;8r2>G1Wnn7b zU04@j&|dJm()p(6bt*(7mY_%N|2u!WcQ)8b)U0C#%7Aw^`EQHlQ!vcRkC!Gr2Byer zQ%-TG{A`Omh7`7w<9o^hoQF^7a#VqG?Em zMk+wKar7JZ_dqZMCsM%2kk&JyhFOGaJ6^mtVcE`I&tOp)gH=KVXaouAXe zyRjNMU1y?eD^AQ((fB5AR(I+E>xp&hgGbcf@;)okQ>w%3rZljA2uA{6WY9g*-aFDr zx9rUvWveeGMNH?^)XRKcFZ{=%>3O0=-%>y!&BM=!OJbH6UezW5;2-aE&4&%6OF|Mp zuj1|9GkkXM?YpZ|DQX@Yl(P>2&x48kfdPFVW+dXCpd|QinIo1C?^CP?;^L%e>9VYz@Q} z`X}R5{W9jn`AC(C)HE+r@3iV`_S?*D+{QR6DU;b%m?S@JW2>p%P#&;lYOjbjQ^=QY zK^)H`mj3U8Ru1#ts6qmbvQ3nHp6SVB)5}5YHX8QE%>7rqi5fbx9AA)+|4155iOCR5 zoMV=5l8&j?&tp*VKaT?b#)%o&U1JX-0wJ{xcX*XobgB!H&K_XKo#Jz}eM>gciT5o) zS0Q+bJ5zC@=Qt3FVBMLdg_lluL*CIX^l%c1!Wo3|dpJsMiDc2Zc6ykf9p&fU^2Aj- zXH_OjOZ+_g2yKOP#!5^EtZk`&9GM!Cj&r+L{%2VVp+T34W81nEg+%VblY~7JL^AP& z!TQ=1?;GY%;!1}fejYe!AF;75RO#Pr3M{EU{jm#SMO{yLfX)>RFXJ+9&v$lIUDx$z zc929zz)_fpf*7#)W45;Og`j(jweyjJ;{Uaqdo;nO_+<*$fM3$T=Jmb&Cxy6tpSI-x zM{U|7G~8c*c>ZNmya>1+C7J0Q-Ld?&=ICGZJ^E%K;W;13lfEeR=TgW(?4K{i`BQiW zc#E-HhYZniM+fhdYJSbp#A<_+VKwQZ$#@%Q%$S6^D}O>GHRKyB8d8N#9yHj!+_n*9 zx#Ew$HL+Q_zIfT##2PB5XgMQWMz7LiC&k}C=s#5K)%(yB{lnAc`gdSirdn-OLS9$n z`QhyT)zq41gZq?x*#gpNKesr#l6Dw)IcvNbN#1um=?@kp0bD2BupV0t1^+rrywe?j z!Jg45v^F(N8aMqlv+HD~nA;e^BGEC}LKp|PbhhSyvsT$+Hlky=rKId|clHz%Ymoo; zk%+@-(Z8y1$mrrn$+E)}S}qDV)UC_(zVjMcFnkBH{a^uT$UsMqnM}}cZEyISX6=_2 z=O-mp4bPRt7^eLo(D%3&jd?%V%2Vj5@y0;VJ$&bPA+P*8aH436*KF9R^R$Q#(3Dy} zGwZaxff3`e^KD0N7Pg9rGB&1l#s3DhcG4w$!{jTf#Va)@gINp8Uw0!HwA|^ zw}`Se0Ba*j6wdb9w|*Bojihga))g!!S&=Q4`dLSQbfdree_uPtoPe#q;xHp%kgjRi zYFBpULd{#toBIl`m?IVNuxHb~rLA&>WjR4F`4_LFNOh}4ci9(1J-Y&m4{1lUPlIFa z&{(?{@#>hY4tln0LE%ML_zuSz0*^m788EqI=FFIqVcS*AmU6o1h=v#zxcH0vPuBT^ zJ?*jGe_^%F7l7zoWKp_|I`48585&=ayP(!ncH)gfpH_t4Grh>8F4jL4fA@J9T`3_A z#pJC{cUbf5Ux|#ESWZBgF|=CSVoBmK*2o0got};D4lBnl-CUxnqq{tJQ9D1Ltcj8w z-CHg4MS_*VX6&JJb7Y(eqofRLnm}^r=tEfY4bSycv9s0AJ5Abb;1|3|t^NOhC)vH7ze{?!~bDx#aulGvlTm&Xr$Bkwz$H8XY;Ib~W615U1)op$+ zmIrER&3$~DY`k;*SVAKU(%LHo7y*lp+uwc)jHHUh z&Am2##^>_#KIc<@U31k6MkN+x>VEz8o>Dgcz+E(O(;nAB|DbRbY@{by%4JK%3d*SO zGV8Z%ev^(Vo;24VNfRi^lmrTlHE4JCFYmE{edDC8dBo$uu6cMzd@;wkE}gBRI0n-o z6BW08xuR?QeWHDftLj@f$#yQLv6>;H zcY|!icvsq=)FR{bDZ#D@-LAqO=j;X{*<9dI3vk zLbRjVG=O9|#ItF4FPl?c_W9m5nO=iExl3Q$nO)6^eit1|y3BKEI!Qp1^W`Uza6q9_ zUc1S;yAD~CL_6Eg+~Sx9@B`!*Oo328x!Z+ZN~}pfYzE=`*%Fm%XA_c+I6V5r$c0 zq<`xz9z<8Jc}b~%bNQ8^9@&3RQJ(2`53yw#Tk|vL#F)LaGs9QDFq0uMJ)4W=f#$e$ zMk8+tjBY^4vN!3`I>8ndW6C5|dhJ@;7EWi3+w!rbU?&}H3d;xX3&X*&cfayP{iPMO z&ML@S_&*05y*#cy3=PzN|G11f_CjQps}+r!qADp^^>pjJovxT?WIGQn65X{HyAM4h z?EBlO=dVX(PVz0od|cuZ4fEVr@dJp7ht(aLY`1eWf&TVo_uF zex{T(Wso-e5#yJJwX;(g+SOjo(-K{IXzoqWeKbau`^B&?FrIUBDv~_#s(QjyLdWwv*pFD!63@@H-usTy0%g^4;A!L8ACJA5wfwpi@N>NJd_&*VBEm)K z{tN|-)2U?98GW=~L0b}X`{8EM`YJ>8y5iBZ66r-JxBja%6mP;26w#9s@+;Pj=hX(c zaj!P;F`$42{dTZ&k)A2TqjK&`+1j}&QQ~l7%;d)h8y7v`tD_PE!0`SAg?AFr z4t9o?&=;&f`}r)@IrgPV`Xy_0Ieb>;D1J>BTYh}u9@3ld4%}X8Jr|se7XrxE)eX+U z+<0@EKN4p9WgKsB-lf*K2mx2>_oWOIUT1GPxA2a5Uq-6200Jw)vApF`;WZj0`JAy* zZ3~+@8?V*@b7NWcPr1(B0LXsD!c!dy;*A1xq#N4p6}|K9Ul`~u{4(1*-5F6m=a8p- zzn+G0x_!HYysdjxaGytGS~h>_5b&5s5FkZ7Qi#qz2K3zW22`t#f9aKBu(ie*#j&hf zGyBx;WPEYn8tNYJo?wp_>O3c*Z&5RlF$S_RS+x#3#W%FD8&ol|@;;Y_^hql;9^Bs@ z)9o;_&y-O@ITO$Ytbsha&ZI#ZgpKd*AQv$6_>N!)Iu^InRtH~-o%EJsD_P+L%9KWI zHRzHC!13{D%5fiXIF4(<9C0AK*xYU)o^kj3i{HlsKH&`cF-G^*4^}}Zh2!>h<;B{| z)vTCBb?$E_>2ybq)d7dCv^`o3m~wEtczl*qAzVkNJBdNZJS`IbVns&mk>{)R@p5;z zyP@BLa+YYc09vfGf#xaZFM}NBph%{7&Qd-?8oDVhy!iEEF1z?pF=$6FS2tF zNc+tpk&$VCY0J$|n{6o&kwm+95US|&no)34*F2tXErpd#Zdd^Kdf=Q}>OSIQ>b57C z+lCLIfPiq#V(QNEip>JVwr?7M%~ug3f|1iM*PO{yQJ&UKKjzvX`$0orvmm;XnEez{ zXzP(i8@8KeF(W(lfH!`J5EGr=)T6vj3yy)v=HS!h&lo?L@LY6&WUl^l@$EoOn?U9#(X~)y$NR>2>-!>E9;L?q?;^ z)ib8P4O@%l`ava##Dty+q3JytYGwr3niV!lo8(|5wITrth z+_J>SlnEf!8GNh}Lc5V1&>P}&0<_)Nq0OkR;%_=flH-<2)TrJxY>Q>sZ+5u_4C_1d zx>)oe*Q|+7OohR#HszD>iGH>qsXuM)t+5=wn~>7~+;rG&@B&$?2=i1Envqi-v0MSz z%Wh&@^PA;GjR(l|eE(8e0dM;QraqSWJOI8Fxt4GAhfst*FMgU%Mzw2S zokDfS^v-X`eOjGj_lVkNVVf}*B0X3>AIZ_QaRx)3*Wy)@KrI)OGu5s{aNrNWbNxXF z1UI5z9d`2=RI1TXYZvj$#h>s?UsPi-UC(7TvKc52zgILaaUu0L+|ClmsONJ~)EB{o zHggFh+ae3!Nf3tf?n!Hy4}@g(0xRkBXFRn~mSGQl6JmVK3^@?)4Md1zY z=tVodV(O0iLI$V9@Hr}EUxc;;4mRxetkgi!18tBov@T$Mx}F^5k7>jZ$%JY3*Fqi+ z_IZhe$7GC+Hwk~P=c@B|g(WR4UiTXCrsci`1qKnt+y3XJ>2khydHEnL+isyfMcW(G z!2~s6->+H&vw#+fRfqWDUL~jFW5@4$=ilM1Zs$LY7Q3y&b%c|Ez9UV0?nZ-(G$vOV zrWVhyHMV=KuZBZ`0R1`B_zDWd(#hAcj^(1X+;vyUf_D#YB@50H08+v9=+VgTImR|} z_BF|P=87BZ{@fmgZ!2OAo@{nrb80~KcS_3t5m2^UsayZwnDkSAA}0X>@M%Ix>ulhjl=lL;*MA| z?CEe_LEUWht6T_MSeKfA)J0eYKwQy`Y4d&cgIG#O&Z6cr9S=7|Gf!Q>Dbh_KikPL| zk4RJp0M<+K2RpcD;RV+F$vHW#=tU%6c~C5aW$z8Cb>Zi27ww+gc0@N>h^kB8&&RO1 zSw_)e|Cxe{j;%Hi6-11kio|w5jHAUShTuaYKyfGJf2R)YESWiue=8u~I>p)^#_#4U z4jCw!$HVb(yT3Ls=}~;goaXa%tK3kvE(Bl`hCvYsxCyN<4;_HM6JmIgSCM$e|DaPa zE^a12Q3X|l5sXgf#jQF0UI`|&*Czg)+1IU@CqcyOw;xH*3OL2L*Yb(^-V>!jMS7iH zP9_uZ{2TfQF3=QR$Pz_k;GTv98(z1q$)Cqs15uK&`49<{h`B= zTsvWTfh(m8BE0$F))Z80(yePKwOx*{q`QOXdCp|ibu8p6xiNG6L@=XDfKwnlScycN?Ye|ZR6-{ zRNh&BR`K3ZgSuRDdQ7Ohc~9-GTb7wDc!^QjITUO@+PTfA{NUEJAR7W_cph!%N-yJ~ zOb{82U&+MksA3HKJ6%0ku1L^Xxk?^uXnHwL zVhE~lfj^IF9idICj<|y@1cD#0?=ynJfts5jG>{>tUIFjuM5zgT$7d&4gobR+zu{r$xe8PghL zK?rcrJR5``9Llqm%49_A)5|V;z#6m0evbm9_1p^H!)|VV#XAeL)hlAgYiqdWezdqL(cPBwmO{ z%m|^JWaU)3hWeIDwsxORGS(;fTo^VVv7~9+%lJ_{lUnE~k1v0LWtX`fS<86Bl}jZN z*baam?6^>sLA9-U8T8d&9BJTAZZRIDx7Xk@#o@Qvg_R`$xfN~(F91UVDz>uc3ZiG4 zPF+@UTK!5wtvNkJr1`vY5GtHuLcjr}y&q6(@6864v#V0ed$a}IPC}8%=4QqZ_3|SX zAQkhN^EA*66|Nj6EaR`diJXtEX@hZP=oc(z`dw-AI~HjsX0+IYMu>U3V53(#?bBlXx3eY{h1*+Q@x@+mBZ3t)yWwPqF);l zg;1w7o`AHYj&%m4QqR_y5b<$hBg49$`&-^np(e|O~1a0F4>_auPD@U9;Y1V zs&5hR$LNtztDSTfu>3^kT{*2WkBnt9Ujm652LVZ_Os~e!pBIi+OY$^QWGkN(-AA;a z?Ij$d8vXdOYql|r&12R%*H#QG(?czfNFzxj?j4ExpzeqMddE7}i_#gGi6{GOzx$X= z^X->Zy-ttzU(I(G?-DVQjsCbcf1NvfjKEybjSMh7w6D@F6P!fdJ?91cp!|5BVVTMS zHY>AThaBpI&oerv+poB-~}k$)sbCA*$g%< z`RRx-f^u8w*}k@F0d-X737u@O@(IHiY@kr#?Szr9?Tr2IK7{NwgY7#XVuS6cTUdTG zEAmUru;2i$VqMVW=w{3mGC$CsZxh~~>h-p-cH2YXTDSFuZj&Au0$pRn87GH*?)7IM zhUOQ~RpLI?3})%G9lzeM8O#ZdO(d@zho=H<;NVwqCBaV#fbveT_lEcyN zD~J3($`+SBM<`OT74ay(f{+-N3jc|hzQDo&@OS$6yJAmG3Zd`@Vg7E&3R9rr zve{Z_VJU}&y8}-c_YNS79HnvP!=M)OG%0qkk%Z4@i>)6U=;H}oPDg|yoB15A+Ab-_ zrUV(fRUZeO+ZP}HcOL4@qqWZq8f#p`P z+6s5wsmyY13piZy({b08Id`1(jn!h#))fTjvG*YS%a0KvxT~`mo-Su?{Ipha^V4T% zxia8ytqQ$n^KY~W>F#2=WG!N6Fp4;+xM)R7{!TN(#D98WvfLO&Xfg7+ zFz+fVVS1ZR)`Bza4Z==gaaR!Oe>x1@-kq7Qm}!uQtti|3T5sU;JbZQxuyudcz`BGD zz!X|X4EUCUG@kRQrVqQKT#YWzL!1kduoa5iWc&sNwC;Un+mFni-12-*_B3UDk)8hYKDg58(A3$J{ETDCaJQi=e^n>y57Kl;;^^} zgB@?NVZGiUqNXCY8xo#IKG;Zi4)`u?gLa7&{zUM~2~nkTQ&x=5tb znqmF^j>2ZqXf3kc_G(v!E`Nc|s;r!!X~WwyPD`Du$pZ9&nFt*3_H(>l?0k!@moJ#( z)t22;+-~Q%`u7`eQ2UO$WYkbBhBTQ) zL>2=MTG03n5<}7GSZ?3L&#jE{TCHXix1$rQ3X}RzQeTKAD(8-CErh<}ITG+%fALDi zX2_6t9;)ulU`B%)Xs{YmU+M^X+4#9rWqRB7={al$W=u9K!hJ|xcpDuN} zucr$4szENtIU>Q@l}B#Tc4Ml>w->jLxF7mIB0p^^Rv3xq1DHM}w=l)b;O>&jr+#Y! zz<*FFjeRsYcUJ2RFCJS}cwKbYP_vnP%U>j`nz*e04cGB}~JRL@$q7qk~7yztgVh&GxESSoKV+TF_#{-{sBZZU{40a{xHl zDn-DF82n6zcixID7(z?I*L$ykGv(ya^0el@5!(PIoV0k&m$`g-AyyPxbVn~R&eD1vM0htN1GVt4;Kp0L7UR)av5n7 zRfUL4C|TG$h*&Ay_V|oRAIP(=XF@9KN67>_0rl2Z;oe}?)hjf8OzaE@VfRDbZ6ukaI*u|(HxCd7BvAc@<(_{CoI{N;UG6>Fa^4r9y z_?)^0mc4>Da+ve8lY~;FB7T+@c-?;kj-ceh+Rxe@9e`TUyp4n&IG%vUJIfb2l5p0x zBX)lNye{4mg%-F)L@9&p+{Hm8{B_8M0e`uA-AD3ly{K>vruF^c&B%@9Le`#g>P@L( zE18@nj(-?@y7q^mXvSar**&3~n#sWS4`H3FF)eQzM?k z%q7pDSAc8`p}yHEzt7J1#Q~x;)&O#v${TK+(NA!bzcu$URvU_BzR(LamZS}jZf$4x zaKcm(!$_>6_wD)|o#2cV{E}c$DKN@>I}s_VHkK`M?^N~dz?5#3Z*1xF)b)VDdYh}Q zSc?w^13yYrhouNa`C2IeNFYMJ0AvOu^2Vm?zG%zhZNC55kDrcVR^C_i61fAXqK{kM zi;mQw(8)sA7#16gXR;HB8`10r!Z_+Rq}X-d!8jk_L&KzzB9LkfshVi)md+eczHXi_ z`apZPth*AWz~~WdxYc(wnW5O-O2afIUL7PETE( zpR{^PtfuX!+`bezSUl#B2D@HkHf6*g9PnXS@lY(i9~)@gD_I`^ajK1419H7Tnmi}W z)NOjIZC3ZfJf~=2I3yKrWNPfWTu;-!cXxN;6YuP z+d_(@iYv1zi^o>4WWmb}JaVdkBPJ0{pqx!-!&;5f6(wT_N^7D@B#$dYN!bVC&&nD` z$DL0TLqn!yRE;WDd0e1x3E5`@`i3AmhV{K~OOa#VF^d7UzAFpwzJB_FZiFeXABMiO z1Wx_Dl%g^r`B53Gqj6OoGudwOcX+2^FlkikdF5K~gyV$bW6~QLKdEq7sG~20WEA9U zlXH*u`>>fd5wN=BI)bzlNJXOKxfUy-bQ9Mz$w7lI3B7`!+Tuhi>Ef$2H0Ck32aw4+ zmB_YdQVls>4updny8~_&4CyxZeh9oLo&>v;Cq8;e1V1|y7e(7f3y{G`Ytzd4HAw5&FVy(SPjsdu8(eR6=9} zxOBA84Kc~ztPx}0IQ>xp;4nfai%RuD<((Gmh)yxEcw$~* zpe-k{U9+PiHS}7QLGOqzHqR_-uI(EWCn>87LI@JMMsp$%z zm@6A_1Iti_mBBzT>ai8AcC*)1vPa(OX7Q7e=ZaO&DaMpcign$N?A*|UBq;><><*oiP|DyrlKZc zY=EL-^=NwgO?_C@tKX63J2+P2b_{|hNe@4b^c<|L``}Mt)hlt%V6W?>N1U7b?vB{6 z*1S8|?R3yMv#eS$Dq+cx=4EW?}clZHnDEzGLCf58?<|AM$R!D(nwNI6DJ5fujC$ zHA5A8SU%W6Eg`&-ep2(QMpP9a^X3t$rhAZ`bJJi3>)qu@#H7V&o?4)3+u9Py1`|kO}H`TLWJT{b(M}SYoglz89-q^Ztvw z`~)Ma0!6wV^vJJ@X813*lX`;@a$T7Wkk;ez#~Y^JfCD?fZN2hlIR5~;!GfxQ>y~~J zG{F2ROX34pIt`+zKvn&>c*+A@d=)zRmFB;&PDrq)?c{=~2m3EsNC6hOfXXA1IpkkY zy9Wh~^K=bM?qU2x29paef-2y$eD_BrCvmWYPLu!;Ya5O(MEegJf*@E%37cWeKVx0_1d&R}$N#SS51IJS zci^%xLCLf~WBtFVq7WA+HF$yG%?@GTDP~#oA)@qg;a`hgJ5N-E4OsiegpiW?$E|UK3`S!GA{&d$AE}!}u zh%@E(4*+=sh=pLGd9{|XH3j*X7mZ5RO|DKUowBgDc6EQr#Q;XoD3PrGFZTX2D6TL1 z7DYn>0YV5Kg1cLS1_>Ih(ctco;Om~)K&V9*w_DYx6Y^TjSQPmlnQKR0Wn=tGYwS+4jHqs+?w z>4zvjQ@$M2$Mv>5U#^F4rfqo$rrg$cMS=)u>Rkd3-Xw++jj7OSa6i$oSQu{cAj9PM zYb?~2{?$KAe`xY{z2y#ZR*qP9h+y30}wDJ2)*j%kyaK)WbhC#$plEhofuSmG)5w<;sX?b|`; zZ@!8Ccz^lYapB>nCyhs{HI|m~b9s|xeRgqpcA9ax4V9W5VfLi%hHXGCX{!=PrxZP_ zdo!NGK+_~$5pP&5&)xEV(JtFdpg)kJB~+I=RP&bH(>s|-zV$h`?M2ivkZ8lCRF+@` zPSbWC!?^Bw`Am6nT0Rv#ey4=1GK0W5e9cS~~8+R|XyX|yd{W{cb!DIB@ZOC9nvcxPrFN4|jbSO~_brzu7R&rUtR_PsZugr+ zosJget+URTS=*FSi%THk1TO2j;mf}PB2cz9%aP&|8~W;;F4dMq*D{;SK9M}FnlwV* zgES@D6me$VCZ;w9r?`eQ4{#a**IxHFG$~7SJ}*kL?XOXH)DUwE1H*?5v7t9&N4N6D z>0F2F2Z~VBb7AA&pn{rhZW|4;5KU?kZ%xL4qmP(>$VP!Q8rGNFNxsFo8z;sT2&$xw z%yju%$m%-gW(v?rb-FCHQoURA7eTa$M)58|$2B^t({%Sw|AHy}47vOS27V#aZ=mz+ zs%}^cOpDPwi)!vo4&*@`z5I0Kz?R4{zaG4iIHTyd!nnrX#Qt~7$$UM96>|q71Z9m zX$Q!OGM%D@SiLs!HwN>n=bUbT8YZwGZjrVvjFg-NNh_(OGVhqLv#J(PQ%GXAMf$n2 z#XHt{Eu|Kl19;($IPy|Q6!CRVcdW9&20QRjL?i#6mP)|nKj7xb$BqIDOt>d301c!iBZmzGtZMfxZjZjJf<2l7 zg3s!B%;m&rZ!Bk6e0w>MTIYOQ26XiS-AO*0YE*h%KJ4-!^ci;a%xm*up{gQ(9p|eW zpyk!_`x|WhZ7xP(u_+nN@Xi=>XQSkDBs>xp78dUOO*4tc+Bbfg1L?^?4{P_Nz3R%J zJgNE#QK=dfY@!0}p12Rs1D;M7sC1UNo4xZsPyq69GA`@+I6%gebfQ)3kfbtJ=qSoh z%YM;N82;F}a4YocKN;!2ZvpEd%r%nLkM#&!@fxfT4K>%BU{aFk2Y z6pDo5HfE-2UVfbaUJ>=qoW3i9GiZ4D^S{JnV&@z2Y_s`E%$9Ry%o-pOGpPsXqd4Vb zBln)XHYm!f;}%4bSD}yTWmKm!-GSH?64d)r>_h+l&apd+mAmZM zb=h(gSv3P4NUlqros`NnS2LtB{4e*OSYB5gL(>MmEdu!>AU$#?Tf1qZHdV-TiQuwZ z*mpGrvVf+iNPzf~mj+X}~ z?8Yci{z4dj#cA^03@$by6_VnAp7t2B114AZ*s_9^hGu#EqOlloaTrAhm9$=Lj+FK0 zM6n0S5x&4|DXE`Q_J5ckx-fjB@OrHfzeVQPzgbQvL0s&p0EJHUB4a zffN;N_u3t(jmV{Ij0T^(%|x}8cPkqQ39(Qd*Va3%#6BnF>1Xz&SgFSc2&7$8|5gLS zn%rmD?WA5mnT(YQfHax@vp8ea7g;S68=275T7|PyKZfFQp9H^natTV~pZP%MTe-#4 zx1AD@s$gng6J<{SGVnnQ`8^V*hkN|Q`Okui8)*Zq-R_MgYqk_UP=UgAK<3I+`_72@ zflko)$T;F{Sq4GUJX9=wrx00tIf)p{IN})+phiv(xvVN;w*vZ9tAp+4wN&3FYdE~h zd)n(x$)a=x0sw1f7|Z9g1iU9@kEBq*VAB@sfidb1^374kVs|@K`C!%f*ZT0jt@Do7 zdej8mnN_>Uu{H0-f9?lkP<)9ddy>fQxRsDl`+y0ErCXVv&ZE!^{E6aIP(d}1u$G6s zkFea1H+zmNFas)e`4dDWL+3_b1y_&39rF|CLAq`UKR1sBeG>JnQTk`rK>F0dQghYu`PlRM)o+JPo`The zHm&b2`#Z5Ys(bRG^U#FR7AM2!1oZ4)X(?lvJqJAm#NT z_LVu86NOOY+cyp@ZwyoB{{v5Er0UM`15q^pqhyD{RYP|HgsQ(ia`)OGO7wb|VqSYK zy67$qob7nr_230S>Kh&lAi40l5qX$$2h+tG@BZU)h4Btn-24v6dSj1`n0af9Jwr{G3 z%NzEt`}<{-vaeKs1)`ZxZt;I3D<08m@KPlg4NeCq=I)9FaNLUs;V@kSTbnM!S0*cP zf!f}-^J(4hFX-WUu7}47)dRIpo{#;9XIq^gzX6LQ^jkW|psSiSHd#7w*KLjdbi1!@ z`2_gHJ;V5EKdns#CY?ff&UG&X{Quz?*cvvE z^!E3zv1rB7$fa(vzw&>p9PAHkop0ci_^h9@)E25=bDf8ea{vgw4JsxnrP`MQ4REHl;Erfa z*UC%e;7(Z4X!|Cp{Nqx|;tGyf{aMl~!>xWs93&$0n{nTAvE9uAWy;x^=a`c+}KA8^T<(%SJ3cy518^qLa z$*7jhV!V$LDFdalr*hyu2s;;=Fl@3X7W8bS@R)N3EWW>Kb*of}X45pw)2*l-e3_@2 z5x-1-6Y6oT%pn=c*jz`1Vk4FE*6~AXiwhkFh5z`aiQM{+mcbKVxu7sW;HuR$2aw~} zI}ibfzc40NHW=mU)SJh#52$vZ3|S2)>4X4nT_jLdALr|L=qqe|_VXf^Rgoxfxeib~ zX*F@d>S4_E9wC`XeI};1x;eG9=4D^==++r1`+3)6j`ru^99Am3O*s>eRaBfr=Y6{; z{}!%WN1}buAc2h$eD>AMAxc!cJOEiyKEgpU|m%r;&%p zbBOj6F-k4v{h!~3+B3T5Ic^!hTYi`cHsUSubl1`qEXRG2T8`QL?$7ttH&3O^N5ri7 zUIFU!5%YWkjJL!X@ZnvcMLS5sBaPcx6yVbif1-s>B#xIf&L?R6{jBPbNO@oDMAOGyum;)k@S^;Ep+@#KEs*+t3jJgYMLg0C_Ra^uzW(EV z808rW-$61PB=P=BwTgoletz!oTdQsWeP!UV9W{zXBj%5FKO-47SSnUU-V*({lKUU9 zTyCzi+++o!0Kw<8)ahM%GX8VoRy`wKpI>VM_}JkO$cb`+AD%onC_O{`TcJSw$+UJG zP=|32_+KN&3z*v0^#%PH_`l$m0x%r5YZbri|7)hGl?FJM?%eo@|MwVpiPrz~*2mvI z2cq5NBrcoW%xJ1W1qRyT;d9M8Q6!UTWql42R2Q*wm?eQWX-cQUPd}B7N@I^Ms%jY3 z%9R1Niu@@Fe@=H_%Dd2iTE7umYQWc~cz()CC+78sjBoF4`>PQcXkXs53T5yf-cg>d z)UeX383!IE6yzM6IxiR3NX09eAa~ih!ce1K+y;wx6YEsWIcF??{~F#xJhI?x$pPz% zNa2-c7>i;@1$CEPQuTy+3XKxHh~U(2hYUvJX7$i;pCEQmeDRbx3TyQE&efFqMxil$ z7pu(mTcg{FEUVQ6Rp(5)@DkMP{CQPE4M;dEoEu@a*qe9kl0QU4DYb97sQ$d#nR6D) z?ztGwTI$!X6osV=QmQu;fHjLVotzELVNvtk9H;4+Rc*4u%Tnc|mgpUG@7P7r@=dhZ zGSth6r=~@Rn{la!Zbsf&osHPjD=3GDNf(Pv_MbVBANKoJOCP%?}r~Ftw0)q#8x()hiE&<3C zKs|44t3;qRO)c>vH#?{IuErxcd4_Hf`4JX|fLjHu4NR^v_^tZ?6wnt&8_#Qe14eHgaTv*j*QtdE7!097}3$p%>G1RNTVbZ05|NMZ^sI#loSQHK)? z#Mprn@{iQt_>Q*ImwI_XPb6T5M6mXUUwIQTPjz2J)_uE;rLivLvAI?%o|X$sIhXri z)N&{@b`dacD;Xgv%e}=kirLWsCI@v`=hS)0Jez%XsXUKo&n3}iFqsJ??>tQ4CMTwR ziFvD&6P_D=k|EL}WgV6Tvbn7|iTDt1O6lz6Lo*|RG9m#znP0~D0mp{qF=PmR(QfaC zLbGNsdkWLo!hk__$-DX|#mmW?28ZEdoejI1^6R<{pSm4D!&VKyK`}>5~9q$4i2Ni9Sv#m}i7usyli%>)hz_X)#w(fFZCc99kI-YJb!Sa1m zjB)2oc)&kb0Co%CxoV(SDdh&nsw9r3h)pNfkmwg*s?4+3X-s(GHxEcVUu@%O#?)V1 z28N|_)#$^SMvT$V1v*Vygp*9^+)QE zr)TE$DN|z+%3G(M<)gQqERbGSI|=i=0=HGIS{D(kxn>p`+9Z53H+&-Hu~2Ee zsD$a#N4RJ+iZ%>*eperr1X*S{ZBAzD&gAozI<2?Iicks_g+|BhDuL6sv!Ua=3o&~)l3%?6-_TH%%*;BbLto{l<~{;Dkfwjx~p%N=1L}z zU1CeR5u{>UoiKf$9JLl9O$gA5q?zg#fIkYZ z3QsjuDT+GCobp4{H{GqB)h}EqNawwAyeZG|24-dgY&Fo8LIm}|XID@u80Xw-2lvxU z&Be}Gt_Ym6&kwyC#77rU+^bl0I-rx!1u1V)ts9_9Au)2ndcYyFE~8I7i<@XXA>KzM zZnRER}L|2zpWd>{Vfu@OsfFvFk~S;Xh^!KytaIu+V)FpfY|*(^W(uT#D_Cip4R zW6$ALE2?p;nPI@4B`erCj=}6T|1qaqHW*h;uKqNI+%f6JSeG6hOjqu(&aYFf-BQ3v z%n4)pE7$jvUcHQ@3^M4(Gv4^A#@)F`+gW3}rN1#ypRZDxZt?dCRd(Ss=9_Do*4IyK zP)PWbb6tp1h=T_r=5Iz4wHyVJ=SEXy8D%JkSVo|I`=a-M5e?!#n{3bI+)>;Q9=^rC&euU%`+)pQvA6U z6`+2I@yOzl0!l37@_ z;n5Vrv6r;Q-aXq?2aA6OJ|8iupM-}fSe89AaCdXg%K?9jjN&u@*B4I2_Bql^8)tqK zWou+)kcdj;A~Qcw*&CV(lGCmM+B1j#!3RT!aOabF=?Bty_dV%z;n>+MVWh=22gI(Z zKSz!eUbR6={WOx`*VR&^Ugzt1_)2}6=pozEdI5Fbw`IH3I~D>4Cgh?a3nRTNj7=4m z{kn}FTSE%Sr$l@VE9R#$M~F10SsjUpu{i+eC<$*oiyU&UGM_FTjUMmz8tpzA_4xGI zDr>}Jz1{ok5*cmXrvNLS-E4)rMzhx~1gwC^$t;TbO5+~?dmNYN_Z$8>EkM{nALY1) z;t!tZ{Qb6kp7#w?NHb5iIh?Q!FzN@SmhH%?B)NwG6XAiyv-!rKmRWs zNtFZ8`&ybv^?%-#f*636W%qyo{%^3dB(*U-K(rrzBaWHP*18susNnN3C6Xt;03zDj zuzM}1S8Jm$@P)c%ob${1f;)?Db8NS&bsjQfMjkZbhXlZ|&Y6E!e|x`lwJ5&0EIM7$ zIsGd?e|JQ^)z?BMNez~f?~?&iqw(VT7>P*ob@jT>L+Gni_xY6^m5rQC;nnseN*s;( z>4;PFo?D=cbT2SOWx%Q@7kK3Xb2MOn{mzHuLag8?2Fui}tqHVcg?Iyd?wBZ;x2V!O zLTVs59RtZWi~7^(N2`bY4-Rvm46ylB{hxa9|HJ0^ke*56j#1#0eDgJgUz z{hwy{C2hf6DjVpgrTWpD&SdkJKk1hopy?5)>oQBGuzr6|TqXfn4Kf4N(%Jf{V&1{} za0ldJ((~|~SDq3)C&`q6&tj=mt=#M(rU*`nv92f9PI!tys1`BCIE||DOka9k-IaVv_O{O_K}3^?p*$|k6&$Y3H$rJ zBYzUT<~am&cEo#aR15={)rI(!8$*oBXOIVr$v&6~ju33&IpUgD<&3e%hlw$wVBK9lB@2!M^xWWtZi!%$_1T7Dg zH)x&z8aa?w;4yPAZL2^CM$k=dfa6mMc<; zC=jz;i>1904zuH2K|*Gurr^3;phBnsxQZ0*FTBd>*NMc8aR;2hZz18C*inE{%A4+A zziRUe+BDmq3XNILu!L&7i1|csl?#-ar!2>^k6tyQ-JTM@W%}%;O)CEho$*V;;C)2h z!<2}k4O6ku^Zbdz3dR+;Rr(asK?Kj7)v=inPxEo=k?I=YC8bc%MJm*j2MEzL%&z<_ zD<&&3*;eB?6{>{2QYsB58x=~WaoGrdv|vywi|&*FY~kFTh`L)aP9OP_mu1elK#8gb z9qDzI@$XLHzEPKq<0+%`vOf@Z6>7N!EaF~ANo18nGo>!^-QIalWe#PYymke6SbtT4 zFrZ5sbjp}#w7G75?DgjeXh2W|QUqF26ypyssph*&v@>$A_Btl*Ky<>T^6y;E-;Y_p zCEbd9K44t6#VSkv+`8ndmHUK;kw+b+CK~8wm7q3$`s5k$(>Urc> z!J%y5LL2DWKcVWxlF>zVjL*YCorPWLU_66>u0h9PBksI>-bnK0S$*QpaUGZ?WtuMz za05km_;@4*q@N|&K61U3Iy(B99(h`jfU4=4rzl9W7l1?Ha^vRX8oSw4XKa7KST|t< zWvxGVMweyf%TRJObr3^COm`k2mS4SjZT2V=FgcCi@`^z_dxag_)?F+TE|$9rWyouR#gzw=zK<+JVpmfx5)s$#Hg+E(xR1f8n6KWj+i=%? z3uw=ES@h?BN#XMJF}?nXJz9TOXMP75xRCW}SAL=Ai9n@cecj5uetnQaQ*~aw*?#Xk zfEL@V8aU8;Y*96yM{c4%?VRTgqxUv`Pj}f)Z_tY^ix7|ZxDClb(HotXxHR@HmMX+r zehZ5z{PPt`jNNeQDNTKDQjG`m93XVht4%Lh%}FeOPbIxS)=^Nbd{@2_e1!BW7**@T z78m_i?SZz8JwvFVe!__@dL^r`xXWip#S#eIU~lfL1!0R9F>z&M%~H6x_^kKJ@T1^#U?*-d3j*pZRD+3ud$PqOJ@pdenVD{>QVyQ zKM^r9y>hnfuBPzY-6(c?)4_&ykgJ>5$B;^IE%S_c%nxWEhp6F{HULH|+z!XOKjYcH zv|6atY4LB2m`7YxGC(|Gnz!*O_fD%ZdJ zPrUlmA~>LE_N&r|j^owx9?Tv%Fwy-MrJy1*|<3i z9^K}^krb^PFVs*QC_sT=7y%7XQJl^Uy@J*Y0(W0Y5X;A4`0D6zsL__YM)^}nyNsf3 z(*83C=sb3upBKqHFM65LTF!NsA)sY6<5l?OshSjO{p)e_n+g>q)&jWC&0BMV4A0u} zUU3x`v0DoW+r8W&-N*Q4sn|R+{fdAh<)i^{{WZ&7Cs5Fh`POM0zu@Lj$OKdGc41P5 zFnKnN#^Hy0$!k|qNRH%U#Q1$sb4IC&T^eVtyoC9;bpx(Wu%cICTwJj`;AiZ}sR}76 znPRo<(>39;T5_QXtc-o3-5~|w|CnEt`Ik;_@mSLnD9dZpLMpHB*leV?a1@!O3)})0 zFI=zy`!;5#7GkcvR7g%KRnwTl1{N*{k zJG|j{IJ#$sf7Al4UP$O@_Etp>+KUx zjtS!SL?ISBwVeCmzJG4Lls6N6N`_;}8y+(Z`T8gb<6ZCzZxxJC zzG{O__;*LU?9nKZ9AW+SUpx{pB;FG%=4*>$K57yTj5Ny{{egF zNk^JLrN7{M(-}Fb4ElQ>q?Z<7gSEknD8YVTY3YN5Q3=TPghUJ1FU37Rz$3sTWS;53 zZ=_&@Hoa5Zcz1sxAgNC@Epd5;O;4w!BwWk#r@1F5%!)jM(}YJdv(V2(hesED1P709 zqv4a@zCoPsb^m{)F z0>!N3gw4m76dP$Ootk%yE^p&-1&w#vyJaW#_W@lFliAT2MfsVaLMxx!ZoLdLTzJ4? zA5;phONxTi|B%Yg5{cC3(PJT6bPRvXKBs8MBEHb2Pxu+H8*Xn1>#2vk86J$_`kG zqA#2C;DNAhm0U-~G7ptmzM)fR)ObM%V)Y#(uFFw0Wth)DIViVqOrG)bq}w_&P;^d4 z&eULMUS<;K8j>b!xha#2EeVQlbR}Q@QV^^;p55V~v{K_;lJmWexK}e*5M0CLJN13d zcaFvq$a(*q*eKC5U{$t@nEpX+)_*bEK5n)6zvLVB}xg4Fxl$DY--!{FtLjuiAKS| zfIM?ALK!fFwJl&I+IV%i%R{ICIN{2bB5O^t+h}}lY3!8icAD%GE%g;%;#<2$n|x?^1W8uNi#7bNaBY$%Z9M7;HrbeQTG!na`E`e<{zaq z*Xst>>S>;5;e3{T!#?7}kr{dACL*iDa^scs^yAgcW-Hp3q4k8Zn4;exfx4D4Ya|8K zG2Ls`VMM&CW(ZX8b{T0xw{Rj_VhJ(dsfq_oaWas9izSK5j>7@BWzWj-D^2oroRJVQ z1-d;3xl%3ZZZlYnimTDMfmOZIbBp1OFcLa#(GR9$ zx#@&&lNnVxduApzkqPdur534gI+EFT<+%VGQ>Je(IDtm&(;}AQO2xr#C!1$J;Dv*g z<(4(0BADU$B`{EOG}yIp({V~HN5@Qw|3KY&^K`>65mPjy$o?cvf$9fU-$=pAdSz4? zl513Tjz$|6T-eiRY^&Q95N2gQ4UNRSY;Kc!Mr(^qCHlDOkgMb=#9hzr}V3`I$e z4qGfr)7F#zK0}o{{B%>+I0|KkNGT_ldB3%&kRcs;Co&XWKcD=n= z#QTnSBV5E-b>5-tEET}|X3QZx)g>=M7}^H^_A_ywSy43itF;!J3H!M4r*G?e*%dqt zf;nU|*N7nzs%I&5rrb~i3L}XYv#|?YIWHp9K?m2_tHUwzq)d&h&qK9daCO^59zTYq z%IYXsiSS$<_Mg=)eNh;@h<$8Q)SnWb{3?`AgBB9<9?D{ODs7pPN0jPx5C)s3k6WlscIJ&01M@dgT+xVDp3gx7NC5 zJ_jd%uxcW={0y`^?3g9R4ZRYZJMbL`BY_{Unxm7tEuv{>tREHaaqEVzn9zfA!0c}m z*e#t~)7zh4eJ!pt9ZFCCB$$Dc?1)j4O>g2Rl@sJJSTdKFWgg_<&>k&2{z5KQaBoTs zHEc*`mhx^lo*_rarr>bW-}tehVv-W_k*8g;m>GYJ!O%xHzsVNv_al9kG<9* zJ;SXq!!aHbCQWgRQzGe?DPfR!2T-17T=`JdEhg60GMF48qwtVj*T|^05h^W%cir~V zTqbJndZb)Z-x}kiSs<6;mrxC5L#p;d@%r7H7HJ=~{%7^9Mt><_>-^|3t`;fdY$l3M z0V+=F*6}d#3{Vj8$Y9fMbV^7&)K;xh4;)m?<~Xx%80Zi|JFSK^Yp{AQ(*2+m*TFnC zw3F7l;lAC=bFx`0&nosOqWh|d#KW^d%vduK_p$4<;DWU!SLOC|%YlaEzK;;b^g*7Z zKNClyscewu$rf5Rdd1f*-mdkub$byp3Jq?BS{m<4PI?GZIP*V>WqJ(PRe$zrSBvdU?9yiVjnj4RzX0E|JM&6|TqXZ1)#LSjH!vdc+O9br&8N$Z_`5N@^uA zYAxz`&|E?9pDcc znV>ut=4_`ZY~^4d06zHS|NY?IO8swJ9G?Qe#FT~?oyY3k#=vi__~m>Iqm;OqOZhph zqY-?!J$!vuOPu6EwcEPCvq8zHI)(sbNRd@=heyN@wI! zPBjIGGUYp&ArTKLV<3ppU>^d5O#?M)<}hu@X#`*>O#jsTO&qf_MGYlTmxmf@aD4T%_7+ zn!#{x%W&r`naz5TCr_=o_ITGT1)C{Zj?-$6O76wY2xNF^5MwA`-Ew32$Zf0Q2Fq(j z8B-;_G?Q;$Y6y)4OsIVc`or|Ov19VTX*1ZclGm1=T#SyDiHP7`clDQBcJS}rL{UA1 z$c%Fwc%`y>md#A=pmt$lG4&>nfWtdvVgfIk_ue&IdnW^?0D9_;7SWZawt0o~wIUi? zZ1OJ%LuwAM&N{eR0x+@NZ? zwa!&4(a^X^%FEYwf6=v;ajDU9Ql5%`Sf}MYYCKeVK&9}#@AFW}S?Ey1wBsD>NwQ%_ zwDGz5yT(ha!K!yB`JK_>vjzz7akiYItALgcaSuMc;j?XY$&k3?&zDq|tNoaRo<5n@ zYE1fZoX19giS7|LbGi>hcG}@eFH^~jW;x=^{?Nl=FaqnrT8q)d{%!Q%lCua+>&Bsa z0<*oF-{nr%PUi6KONyl4#OkJE>g>4**4fE!jtyh>62E@^GFq=Va}n4Qo1MbB=I=i@ z3;;7Jz84FHPBsY46z&YN_Je-~$MQu|b%-ICOsi2+qrvqi47|Myw5_h#Hlp%NbEj<5m~g^IW8KC4(J%SX_?vNO0<@#FJm$Ub{dSCQqtbeiPR)Gtl@EILk#)bU&udr) zwHG^L&NH(_g98G3|Ne#R@ppnur7mHeGB8-lyk$36vA~Z}y;*YVy5WV`SOBr*?VKI&?F&B^S>%~MvA-rSkUBg7z=hE0Rct9*cC;1QbY8y zETxRw+K1bZ0+9^88u4ma;P>L}l#<+E;bdH!Her2KrDNIb1n=U~v0uxtGgvKq{T48+kFinR*oovov4NN2 zv1#7gpB|$}CUa95t=pezm|O9Mkc3@}&f!5b2>Fur-kq7q-%e*gK4s{A9ZhpH^=iR1;RRV)=G4hrUT6l0#0wx^=Wl928RT3b)fe)ZxGRQmXcJT87_M#!43@epF+;5x=f z{C&vc9wH|*I%%%05X}Jm{SlqbkA!4SQR(3BS4)djP=3izHXZqXrV*Y%klrRxczhp) zYXyOv7a>Iu>weQFy#&JaBvC~5Bzz^g7e_jCezkZw&AW;4v8p0|aNy#p&Pnec>qc1d~ zycZP(S)^)>F_4pYxR$VtFd#{Bb#;A{mX(d!;XRYQ@o=TooqL6hf?{9JJrepaNVXzi z0mDU7h=)sQ0iH&*DiY)r$QI?F_gv&F%+G{^!opaEWOlc;5ZB26O%lEGao`IYNSUFe zLZg~*dec)b_L&0?4)HMJ3b9W!K0*Zdh)$TaBq48LPekDqo)FD!XlN+G4x&S1#|gVq zf)ObGNm;lTo)VB$pC#Z5C-zU?Us0b{WZ)9qJS;dVC9t5vKM3lO?(T>_ZN1$q4%Vgc zl{Fn7sXm7`dowKqA-217BB}cV-?DpI7ZSi!UJUPJ{fp%pd-okW-8NZ`~tujwq6 zhZ*2^^XoHb?qs8J%}HzXW9Sk5w*Ra~g4Vqi}Ssz(NY(J>XKXT>?^n{t%-KJPRsWuzijye2ep9bo95!&uT5rago zJQV{#su9sCz~Z-xQk0tYs#JV(3V;P>r2>VE!eaNG3(Ldlz3!ewu!f!FN%=>|K4?$o zPssJH>vUlXa-6QW%OFeopj!qxh0)lus_|K>$ef9mLQ#k_uNoJ?7ja|Nz9^Zsu`~?g z>n1@W;4R-v2wr{*y9HWBN#$$hb-E&d!#`n*)lhZMZWVii-&-Ick+)V)cH(|v$Zh83 z^!@fXmz2p*5DuGNMu|K~h-hS8&Nl4YEiou84m1kN$~=-$O+3RQs%*cC^yG62ZsgA_ zsAC*E$kwlpDpq&=)&Q+Y1O2;3^;VOKNB@PdZ zFjz$^mhC+}JWqea+Me8EGRw)(??(mL#YUlyRi|E#IUI+W`u(Bjcd@`4x?5&4@q>V+kNTEj_`WJAY_Z^Kl=V9H{%`lJ{vF+vi8lhecc z^ryWDF4XDwMJR9K9Ia-yM6A2$t+?(-fyKpe2@|eGqq+eU7h(DEk#&*J4s*lNJk{2; z-{P!KJ&v2LCmM$@B+s0Rwp`C*7!;NAReL?);>FgAdcn~&%K7p$kQPcoXe!@b?DmiK zp(#BeDzmj0%($QmPI>iasz!jhI|aieR^LAX@o0tBSsKBR2M+^Yf9q&9=)m03!Xku_ z@6}$7oB$;yVYGz3xsJcwqs&XWaZ_%4F^z)X9BDLd?W<8w;2>v&YyV&u=`p;=lcc=i zxcH6$#R@D^EM_Driib?W$x8S34idE{4}|=<=XpeqM;!$8SlQKdkYj$KJ}}T=q$N zPU@}nGu)6Eo+^4H#?=0Q=g0N+dCIB1*9@vptctNB{C=?GCntVfMl3(Qm+n{rnFXK3rgl3$uRbawZy!yLCX`ioUHYm5*#eaYlz0avXx ztR_PcZ_#wq4i%$(yZ0GR4++DL#(0c|>T&FGrNhzdEY`!5cp6y(q?GKpcL>4X$A|xd z;+4YB$7N#_GWG9RwRX4prTN`zYL>fF81#nENWR8RH#AdstK2Y^@O!6$nbqIwHS0~_ zne0Aim2vx{m3Xnf?R~QIIPbtV@fTbH~%C2litWm z>`Sl7kBK=L0t1)Y>MfrtU9)A%p({g%KfHm6^Y7{Ji}N9x55${3jdazSjyA~_@*bBI z*DGe_>QQ2AfyjVWI_BYC7g zGg+xv{#U&wz~%@#)(@>sClU9u(srDk)Va?PZ)njh$|@Y_ds0vFFPT>cU|PTnd}; zP{$6uOVjs}{gp&&o|*VIMVs+*%r&qk4Yt-mj?E^T!`nxj&V;+NrZ#Q`rCrL?{+BWW9^;f~~dy1nFq-dHR6rhyc{*M62*`3kIePSV+q+x!?{w zx?hP>5dd|*5QRL9*8zY^!oA1%51`Ho0DTkRCGhT6lyspMShyu^!6y%=djXt|7n||7Q-1uQOOTcWxoZ(O(PR9#Cq;2`k=MUFK3z*FTb2{Ap z>GT4D(-8%OeecH$10e0&IRy3xUhDt#FTW6+ZgLbmTW)uvvQ-7dOYT&#MMqUiSqP9= z#R1v4aUu&7)2x}I9mp)(wQt2oXK(I0@JVXD$u(z?+*|zpcr4!Gvt4ZNsD<~VBSHTb zK`<6}NASTAQvPs--BJom7e@_0i?O*=Owz8K)AA_=RL5=JXU&8#^|Ch_hxj);E0yWSII3yJCN zX9mG9`)K-K)M}gb>d*o3Fg|#bYu(VC{?k5#?gav`{aQ(x-)9&gVd=PKmh7St!!qer zr~9mfzouCT{0iw&8AiF|w2t|0^k)G;h~eyVwBFg%ktP>&>E2|R;=aG1H_XiIL>%EP zeoO0o@`}2@`6^(0(%BAQGAAq*pH(Hcc!Ck_gn*7DG-Z*Acd5Ned#bYr>n4J3822OJ z@|pUUJ3yq_X^xL)I^PbKyG&B=*~)nqjNed%zdMQKV_kTnUgq|V!}A29Ip6g;{COOS z*M*dVVlVACxx@y&B4ejL5o`7Fq=Q zWq}z^^(hA^lY+x^V`2y%_f4-u-QwXU z;O$(Ov!)}kT>XkXRH}m$6x6lx z&aQ*0H_N$Zt1-=8;Ejfk_g}BNl`q+2&3&uaht=0c7lkV@=FrqjlnHv%F?slhf=jc* z@v=H8Q4&DeHP8FMq#li5IW~e!-aL2#uv$;Ori%~=uX11R5a{}mMet62Ii{vv)31O=MMG<#ieoDP+%!1Y)e^d*4+Ok8Rd z1vO7jBXsDAU9WPSq?%g%jH|g+f~8ot1Cczmyr}4^es{enju;HElOWtB#VR4WJoSuZ zKCbj{j#}bTUgxI8TC>HzCv~bV9}a&`H)Y9u;~85cC;{A3l8&RAo2DWCf|B~zka@{=nUxnNdaE^@yqvwTxpuDP$e{hJkfDJ`r^9|rXVSdHaCzDxS-eiW^=*dB(D$lNG~9G^ zqB-)|^Wu+2vS>FaXeV(c%PcFZd9rD`-iw-3F66Aj>QDRX;bo)Y8Js!z@X?Xk;N*?#Q!Cc%C8!Z=DTb#7gu70w>Gb24`$?sCvj zvb-xqM~P8)#vKy1l9UA_)B1TF9e;DgX;KLCVA{Lqn9OMcXY}&mytq< zKMhvKvRf*NxHOVM)M! zNVBo{3D3AvftY$hQ8>TDXE42KcJz&mlh)@P#<@G-WCL2*zU7+FdugIz?a(Jtw{pQy zctYzIIPeB*p^?q(2Ml#;+&1XEm)jZ2t5a{}6*&$|lO-zY%w&&@RUL~>F`--q3L8bd z#Q^N2VQD@H)xF{EJswEflZ$ZuHWtLpIOdj=81U-?y=6OlJherx+H#(z`P-LoI9=9E z&&KlDJkb}s;Mv^n=t|^ ztcpt7?l~ZL!3X{RoCC#=f`Z&=MDsSXp&soBn`%4}BW89rECZ2*m>KZ}wM3Nb;Q>*K zro=~rRL5uiPN^YKF3#DPS0(=cUo=9BJ)TEMc9+9Kq6W zniF%phV$%YC&h=zH38<4!6f#h_wz6@;ad4s-{{BTZ4PHK92S*UYk>!HNX0h-$;=NY z&FP+O_VIiy)R5iI{}?2Ehq!#@0knx6ptFpBkN*Ub%+4w9!JKad?9CvnW%BzsebT?Q zJfK!2fEr7TSQle{eE$mYL4yAcAAEb;((dw7nr;=5ZmAbdVN=Q*n&^Lz7I!he1_y&D z`05H(0Sf+%ol!)J@K&gMd07dl$D}QDwFIZIScmur1Q>rJC%L=Gmt?xT)owdF{UjAS)?Ag!E ze)bdBeO=dm?~T83J)nZ|;64z_VD5}!klQuJ8HjfuYSFQl-nqy%8#o^u zse+H~jh~5|uIq7M4MHRqz@6o#hft!(v-867YpG^GUv1irN-mvN-I>_8;Ur#QMfo6GS6W5YoDge|VKIqL+qD?R`C(}=@ zGFmMAQG5Yg%y>U%B2^<{7hmR$-X#A+?KA)y@k7=9Jr|LFv*}fS_1@N+?@#ddYGIKITZ(U}VeNr`zhoV35*g6Vx-ND4JmYUs zDMSJwo!Xbe;yA^9^qiM)lm9FGwO)`;oB4mDzg#hYcNr1Nh13$1&YsTY%`Wb>>2LL| zDLc)V+Fo@mK6a2-UV&Y2gQmoy(YbPOk!z4l9*eveQm2HbSJahoEa6pf`61vE(nP29^hiFr>~wl(DW8>J z!LG`H(d4sEZfPEUVc5f?ytnPSg}yC{#=p3REq=aHbC&;HYS763`fr+zCLq8CHDJ!4 zdS;!AxP8pa&+i3*n%SiHB~xa9*$hQ|RGn*UYp}@g-;I07_Nnn%wIi|p+861=DSdHZ zD8=h6mnuN$wZzyTMP$qU4Emy0sQIo>*+?8c<(@Jxh`0WF{d^#Q1JhTidkFHQ7uh@? ztGA*|?`s}07e~cR;JKj;c>1#4IyFGnX|9cs=C?RK$2%=SCnov&@CG$_*j$`_P=Uhd zZq?ag5ECH+ikBh8>k`uixt8#Mv?)n5G#vd zhu0lL?a9!W(lQfO+bk4BfAx~yLZQdGR`oqJ7hN~nz4yhrNS)&?dY;zSm3Y#ge1S zckb$TQc0!v{JVFrwzRIwfJLZ^jy)F>`f4$Ny$#nIE2jb<{gxmVKp{ImjUYqMIAFgE zO2c5@yxL6{h=C2WMJ%@iJpt|j5+EZ6UL$({q&Wtf3o0M95PGD38;h!;{Lx#&^7CyvHUS2`I9I$GkBJREJ4>AmZ5o9%A%4t_7&nq`%Y3t+c()j)ITiPMD zxuXn6-Fs6za;a+XuB`|rXL>bL!T4ijs2k>XTnStsPwa5uTQspJJ|=-+fj0=e|#@bgT+UvzfU)wHt&UAi*@+SMVpNp3|mKZ8}2whme+rxq}Ga*{if?dBBvBP`g2gh z%Q)kOh~Q>vFAdt3XHVwXv9B(j^XVO;yXu;KvQCv&&zD7}f={Oer;}-6C?}F;#iF1E zpqcLNhi5B9%gA&kFZz=Y^7fSqvYHJkEQ(B(9?{7}DGYW>ca7V5mkk1rAPpe>?PtFW zz;~S-BZ{5<%RNe62p=l{eu%K$ob;5KqeAA+jG3f}ob8c+!c1W*(`i-uoAXJ{+06Z- zE)rtvIT4$xV3U;GC7)Kqp5gs@>Qz~Y%zQivqTVSrA(+m;he8)D2Is!-bwFBsi2-$NtRx{0l$?MNo(B_B z)-6Z$z-V;;d&f~@+6%!yOVLw~m>P#4_@jEr5kHr9Y%A^Zu=e(){c*2Nl2Gb_5O^9gJF57t9~KuOCnI)|)~dXsbe|DtZ}rRV=<{PHlnf*QXLX27 zHdnIl`PVGUWW#j}$jv6_)&AN~iOy2%_vin~uoeJ8u(iKJgVGzk!AuwkZQHAcjv$Bz;3hZ%I!=2*~4f?vCmsYshS#kH#B4U**7xW@LijG zREh7|o=!(>ByetvI&|;#k09p`$1O4&8h)nrmffYH3axKe=W%F>xL>2>x#Rn!+uCeTndbnmnsq%8`=knmM1-jFb;-bCP2fex#|QJEO(fQ;2a{6wshp4-Jc`7$

  • Ve~ypPXA2a$GI*oW~vgK zb%L*rz?hzHpvi|74sF&Pc8|iSqH}9!{?}Svwqpfqt#o&KxZ2ZZ@_4>6{2?Tg%~@=qd2!Uwvp1|Txi+NVc%3}NmrlUL_E$f2<-O#b-7K?VZ4q1Q0eD_a><`$v z(}M+m^U2XY@WA30QJ-bV&ZGIw1R&kYh~+;~4?=tinRy<(R8iuTjs&XiJE*tq3=)?g-U`Jlpl#2_WHd$f zDc;#Of3kvT-U4XpSrJb?3Hl@cw@>eyE9ZjI7q+TVIrzn>8J_k|{2jYROK521wXbxW zH9vafTvupB0s3`J2x4R^>;YD3`qq7f(tS&ed3acrv8a2?)L-=~^v{r782b4_(49>#jGWc+ea658cORvG z;PleFlolM>psQ}R#o0@vAVto(+c=99$tfsU^mLc`Q&poODs`Y^)r%Lckl8fggJ$ra z{|!CsP|&la)sp=RqCW!6U^j0yqMN1pe?NYwTCzXQZF&iCE2ruuAsYQNL{tFkVYZw$ z@DSPT7LD>Wb7uR=Dk;SS9AEdvwcWx8y>-tKKrQ-LL`2c%B1^~&9nra4=5$l%dL2O> z_f4mITFXv-qrdzyg9S|E0Nh4>0|I5xH7RK6)k3n*D<6N~sT0H51=vJR*(bb*B~~k3 zBNyUj%Z;2|yD1`KmJy>ib29InE@}*gnULIup9Oqmfo&Ota?TQpoP+ZUZ}@QpT=&?r z_mWO?fAj1jr4d&C0O{D^<-=31-7ICzx6N>L3-E(6c0eIkBdh;doov@rgm2-k9Ox zwm92FZEIh;jKJZhFq`jnKjxhlnEu77T}o*RGVA6XfA^Y-|88#~wO?AL1kA%r8D(YN z`|%^g`P}v3*nGTp)_IV1Z+{WeLU? zpa^!)i?Q;hg^$?yx-yohV#wIO%vNbHG5&86uS+YXsk}slz6pVMb|TU&?feBVJWwW$ z6Em2x=kM5`+`r#_8Ly6ZD7Txf)wyl=OaNEfa_s(Iqg)LHwx4K&83O()iv44|6(N=C2>};V zjkk*F$8q}`?qzR7vQMAq6qa;CGN}Etn9LN&W4-Mi?6#tSmHv5lP2A>H*X&$ciBc+MDF-*t z?<(JzMIlQ-04!k}6o*={$7}X0M~$rc&HJ7{e=T4zJsCf{qs0pd8Zgz^{1F1vYrRv9gXw#_^<4`7RU09g_e#aeG&`c0aSf8qUXIJWaL)EKAiwawyuW1eQD zvtQ@tamDv@wbP!O%PxUSfnGe*TKjnmC7X3wwX^Yq&7vT*W8vuziml--HSEB5)oJbl zf{W*_pNk|eMCOndRZjI3V}O#BcG+-9u#Cf#=_bN56)~rQG66gLCeu0ts>VpInWz=) zn8@MFK|hRmK95egL@{7!e{W-MHt^7s(0p>JqoW~bO5k1Ug5tH32>fVYgsFuv?aw0H z$-3t&7pLz@*zVYnzADtjq4+(+1UPO3|LjqL_>b?5LRIdXf9?`kPrj_ro1E11E9?N) z^x3&mbzNXVu3S5UEI;Nk-d*V)I?9|pxTcijD^_@HrwPE6 z+LX3Ff%RWTN`RdcF>5zn3of*p{tOn#84hx20DoDtTL3DpRF*x&LvuAgc*in0t5u9l zJp)VpYY~lFrLbQU4JbbBX4P#O@^$MGociefHD+<&vy5~8pHdVTUoTDLQ}OT;TsMke zRVg5E|2ykpzSj4vOP1r*O`&%y!oaQ!n&`+Nhg*; z?`2aJr7Xg?WBXJ!|b*8L1` z*kndCwK`;G`L^sJ`qcwl&$m4Q3&*deLc0Ve&+XYt44Xh;PG_rzRuoIn664ydB|LK8F!2!^qQ!d-{WjZt~Wi2=OG{!R*}( zYT&z1rp_()V;Shr$8(*Gr|zb#x`fqB&)Xbs9yM8Lz89-dAyM z*|N*ad88{pc^cDEv1DM>BzBsn;H$w|&@{#xS86WEqup$(m++ofc z-fVF*cRyXnN`of;tUqI^a-NF*i=ztA#d#(MSZkZah6QFKMkiy1+$~+@xdIO}<3g#> zELegD}& z4_Yu;KQu-c{9)Z3e`1gH5kS$*AaOh^%&RtBH}G$bCF9PAa0OoRUp~KnR@w79i4?Jz zZi|J5t5j!Y^?r!FfBC|a7MBZHv{lrGRoIp!C;yx-y`;tz0`Q`M8-pT&} z{}Mcz%fy703@yBFr^T1K1NkTP7;aZApe628F(e6PgdPqWTs>t6Oj)jkFRwV}NdRn_ z;M2XkVo{;Mbt)fW99$9i?7-{VCu+F=oR0gy-gRJHYhamV2Rs45^W?Jpf4}@Dm|e~U z)`2KRJrK+)<9_;=!`Hc84)Nra6yi&!d1Hhf?A9mt_g!PZ7^=k2 z`x!od#hMs5AfRtGr{IOi%ggKW0EF)S)Lwd-7j-i(x~x_+6%9vkenbLprQY`J6*-Vs zTD6_3mi_i5y$KoGFcT0EjtykB7p$7lnU1Dp=c^(=J9`FOb1xk@ECmnx?V6mgAy~Mr zda$f!&()@Y94I}Lg7{j%Vv)Z3rBJN0r>@k`j77KMgKNVPDJtUKahfN{?AZXMuVU4j z>S`c}ZaO{m*xOxI_pPeV$;rcY*`ao6Jm%u@IgME(M+g}2YF!i@D?<2 zmg-KX7UK|fe%lLJu4GlJ2F%ye7tKa>o0kUbOH5&;2o$qTq4UUy#?bbKP&@>?gO2?%DVDy%}*Mm06^#DlN%9*OK1 zSW;<0Y+grRnD#9e|GV}T5&$pER#S)O^#+&s9_YXC0tiY5Em!5LANd0;UY;oSB|I`R zHu%P3nJ-Gn$(4!j{n0PnT#k}b#v(AN@Sk8oYt5)q1=mSKBf4mV4bJs8_;%>jE!cKh zv;UUII5011@jPn!t^32qbeA9$3TFN1v1%0(r8N$tOz|pK>nJ1lmTrS_)hJkJ4yJ_y zfu#m!p1!hL4i5>EzJ32*I(%r7}5+u`gNc)+d8 z1%Kzh($3+%Q*mKw`{tdofaa0rLGKZVp?fGRq-e}e_SPBwV5^N2R#uxbdM-HXweivM zIo!GwA5L~S^&NRx3?$2moV9PE%#L!3iq%U4nd7eQ586H7CO9FsUwnME^TG4ucj>BazZ`-sA)PlyXkpDn)Bna zEe<)xielBW2%qEa?{kZ`SBvf$;I7aJ_xu)q79W+iIp-paGSDgAHybzB7gz66RA1MB z8K?$OK0Imhj3;|5w_PV4vZEfZcc~auiG}g%D>f2~ZD1!`FB;%)RNzqjj z-JPyafW}Yuwd+r|A_mqrAci?vv<^K+cgH`+|LLFqJU%`+>Q=dL!5BhALow4|6}_bG z&KCD?GueEBHi?Amwz*06!)k2Irfcouggv&^y;kBBI0WH2jC_2rG)uK<&3Y1IgK+S( z)HK~a9z1oFxHws*E`C*#1duayjU7&6=xxeW9cU=hK&8d!WT^oT?j6que!45odP^79 zd~ojSMA%STt~FeiCwC`jEh(58`*2v$ad+G&H~?VSb(2;IgVb z1#!r(X*TJ+EvKxUM9F9UCR|BYwn93%I>NXkOs-fhzo}CMYA6*(604NXFE{*2D&Mp_ zZf>#RW3F7I$4>2GnNHOY%A0!$v2k&abRqVM!8Zs&XEl+rv9W%uogE$BN$k2W5Y|&( zdegc!)~_7IsH{e6Ek$8JfM@;4zIm#U(CqPxhAMShYChOe641kQnq(oLN`GbwIe53F0HT~FigHtOi zp0G|1?eQ>XdW|^qS&6Eus*WEH=gKTk82Z=1asxj^EuEjNW{(%eTd>DmX92a2m(j_B z087$a(uFrcX~)NJPJqK@&Tdr0n^RQ`qN4gRh=W6l;<8eWjNMmC>k zWBXXMbZypcbCSzyBrnt>!EC%#M>8kaM(?vm@gpH;#KDB2ZZ0+OHERc;&i8hbEeG(4-kEwADa0FTFIUq-v)-g}*%-*PY=Sb6@9zn?Ee0M~!K#Zr=%uf*QyJAC z!feWNq*P9RhESKrX7+Nn&OA2y8iX^RFv&NeXM)26npoSz%9 z7OOK-{3!FsuxfM!OVxB2&x-J@1-o~59K)wv@y=*!pe+Jr*UxhCg}3z!T^cmXKzze2 z%$W@%@DbrUSNe6u)l9Hr6k1o>zyja09w2W3#}Cu|{9FPST8_%k5Ogtb1Z8qV`GnX( z)fLiFu5Zoenmorpgp+OSc<1ImEmVL>XM#sqxT(sf>YQ>FQ@K0RHa@@n_-$Qz`QD$K zPF@zkT9`ec<*=4Uk?A*LMKgQY1eby>-9({fK@{CJtJuHBea$5mv4%eK%HO9_a(z*J&kA8&hpEx1aKQp3`K zfY-HIDNDq&6hl%*os2`zQi*Uq?SZ}mkN<^_O+&9s$jDT}PIn0*-Y6fJP)8orTyo4)I&cXA>af8@rEjjkw*vY5H+13>MS z{ac=YsUIAgsHLJIi++(x5+-??BRr_DU;#C1pwXVFvwZDzH0z-YafjGVk2g%q?YtS` zdqT-PR;GJYnys-}taXiuK=I;uk&s2Vwv=x<50YS$>W@4~u6eEF03V;OKCow`q8e$F zLab%#HW)}FHl7)?%VgUu$^qjaLWXN|pRa9rp;Rqje!TuFHxDokwMwL%7%LsklY+8c zM`a2#xWTEzzLZbiknLu{U)cnFqT>?6Ta*LUwusnRik$h*`%dQ%<_#Z+Q3<*J?l-pc z4*IBmyW%Ph<{bN(pHd`Pq5IxYQNVTDDFVyt2khSka&{9kbtH13hT-I#hhj4-GO_zs z-%@9vZ40yKo1tYP37QItuIN$h7TeXsheEEh=6xwfqOsc7IH=f1gww!vzwla_sD&q< zS^rscX`Z4Ib~Xg`k4waBay$&yADN>`5nNN0`^4KX<8J_d7x#pZkHe|pDw)SI3pjUx z=Sc@Tu55dE7f@8542%Y${Uob80XZuo*VIMO%aGnZK#{>;RAfg->i?4lI{ov#+dteT zUy(0H+gPz}@2-uNB(pD1>f@@A)aoYeq5UsycQJwVEu+G#tgQ-NAUnujwFjsl_ZK#j z0W^w#4&V8wTmBgi|4f5_rolg};y=3q_Wx(o;L(HPvBD8{-P&UxV`4M~5~P{~lnRRy z5N4aD@6?sNN+re!w8eXZOi+?gzM}0sPz7glsV%Q)a#M8x(4+@s{LPdAc33AF@gck` zrlbI13ivSvuPRW@0LjOTQGPk3SHgl40AFmeoQ2SErVf?+OofzSMdJ;cbbwc%!d`Mk zx95n;J{CR=)I?K468xx&J2$)5(d{julAk^Hua#ZpvDo4P6?ceZplE@jjSB1Tw&nG| z4p%Z&SPWvG96;*14<-aF{l1THl9HKPXcg;e!fNau*-i5%eUie@N*?FbX^>{T+$-$M zYJL$HuRfqa1+vuE)^4j***+A{a%y!O%A$_a!halL?5 zt%EcqKOL|}521?AEIhz*-=1M5JbYsSwp5d`Z}?cF=PZ}+!p8DcMYrBMSMk^=tuL!e zLyQuck-)6lK8~-`^roiiY%aOdWnZsPT&x9SNQOgw7rz($@}=a9KGQQdq*>nIdBRw9tS{ToME`lZX)qGG@p zKaeb8{7V%eISzeDsd<+_2ZAOuZ$FHvYLxB4=L+;ayIuDy3@BYROu&muE^;i#P~e=M z7TC5*o!_wSOaru+d!nQ$i2Ic`W{OJg>#!Hdlk4W4Q9Z@x{u*>)pl`sPr=6+SqXdQq zkaP}|yJS}T@eUYY^>=zkQQ7C%U)s8F%;4-w4ef_N3t+-CB$@4#dKAz$1-Nz?!sota z2zzi8Yk#bM@nY$BR)fd9q)nsjPpmm#^6%2_($=H$?AP*L<&xQT-LDI|&K)ifW^45% zveGuXZ^zF9Pqu=1ahQI!gXwXEla-Nes}a){)yMdIj=sad0+T-V6Onu0#0&F!>|kpP zJRp53#V!3f;Nr-e8uM~$GL-1yLk?f+=INRVCoxKMKg)%T@aE+tcW2LBg))T8N(6~- zwcoREq0gvmZ_Jf%&Q(ngJ@bdE%Q-5*0tbBteseduH@~k_eQX5~I^Lyo|oad=?&C*^5MB4_uMP?D9wJzY}lePq!&F)K!7iPlw-bB|L5V<~G%lE~4Y;WX~PB7H(BYek56yZvk%8%sq92fBw5))I!Bk5u#Jlc4qLa@oG za@$8YXu0+vVxr{hQKknW2?0=y4qd}CB^yKAQc2L4e?FiN5Yckx7xv1%I8G|R=H#b1Qf)6!)Vn|0 zF%6+rIzyAMKpsEs0Dm1x^CqfsS-*VIr{LMUJzen#?J|%j{3zcq<*EK{s<0!?V##hk zErBY(QkVX;e(uF193t{$np4Y*tXW~*lT#7r(EoawNq~m675! zf%m?QCSrb)9L1``8+4+Y-)(Ic5;+YY>eSk1_GQ!z;W-{?r;c>=6Nd07b*o<_+}ArA9m$b*;2 z!FA~D^N>i$>I!>}%b=A#AHrtR?b^j_As=&(vhQtv-V$~P4H^g(U`P7hxK7aYEj-0zMs7!c z<_j@0Q-DdX)3>ZZe+ZnY|MRwkUaMcQojX($d3v}Xq&P^DTy6oXwX_vz6atp%<#$Q# z!w&uk7qgSmN;8xDB5M-`lVHdk$SjjXWCH9Iq{O1`eQ=hzS;Wr8m~{a6|E}3|nl$F} z@Q3hw{jI&DbNl3WX+s?rapRke7N^AtRGo`=0@`9_UN5KbObJ>DaK8GURQ?9K!g-#I z^xXTM;E`_>>;U_Hm+(|l`D=|r(#7=q+v^r(1IJnZ9=&9dYQYD=genlS{`=Ey_r1@W zILK?hz%$okEeemy8a5z;yZugNdaN+_e|U4f7uj228X&LL1_$kK!JZ!# zS%w>0Crt+JBs+yX9$5o5QnQG7 zy?zq_k1ebg=Xu4b+tQvW!h&ZjwwwSf<__B}hKsyv%#QIz zi+%f9t+EHyV_ohc_@Ss@N<(7*kJ0CXUV%m3!%^RDaV2s#ahaojZ9%k1PrfN-+kMd& zZmoz{5i@E%AJpp$(Ui+CY-$n_UP*Z@_VC5E38iaZXDsnkE@W@Yp9eck)X+lom){LB zW&5l&6WC;8$j5CIsasrn#Wj6D+2WP1&tKG^>C)nO*{Do8PeAPe>C1T2 ziIv|IrER#b6K}L~W};s&VLJ$1dha#^K}?v(P-~|0J$>JP$88dZqB$Ms`?tQma$WL*Uby)1!i7R>Tk2jEv2BFmgR(2)((lh8Y z>xp=1c1`5{qmE1Ztwe$KwcKcTtcIlUsVQP_hMmkNPP}6!Y^~Zu>oED=iTHK)`S%X> z0Y)CJkLa=9u|DI3O5;kj=NXDjC!=Ae~c{ULtylt{Pvt->ur=JFi1 zvZ2&Xk?TZklzGxK$O^-s8a39W(+zeZZjHwv-Q!5qF?^k*D=!*rwS7HDtuK8h+xRG}=bah3`E279So>{i0a@7_m4z4qD1vvR-r zJC_!0DJa;jT(fME8}D1Ux_Qc>i>ht6hrUP@IGx|h5;8Z^N!Gj{Hjhz}lhfAOp*OZl zhNd`CZhU^Ct=zonnTJ~0h@r0LM|ok5>wYYPZ? zYpcPAQz`VzFIY*N>lFJ=Zcn()(Kglj&Vgi_{wL%0bd97U2|>}fg#{UHdmx~bAh`SW zd&VVRie}!XJy3Ue%o&o=+oIOqICs`?kJ1vq&?LId3MiE^_kNzQo3W8whU!&!nX&bX z*5H~BPK@B!_)MeexRQ>s0M4pg&@1-LWAt}iCy)xThY1egh*0wB8OMOqx=p9 z1DBHbd$V|erO!2se--M-Ew@m{P%0<~@^La5AQhcN@HPxH4QlRw2yfwVNhF zd@AZbqXFM}(Tg%;-tKZ8lU6$Nk@=GRuCVDY4Kd`@FK}<#yAAkEzJv8kcJM`v z4|_3r?>@_?CEv97s*3Ujxfr8{d#-sZx(sH}*5&4**X3dZyypyGRCVz?3i4W+_CZ^* zbtCVir5L7i78#a)vOZ4CYxeR#^%IwBE-c;dR_9qP{$h5}5bUSYebM=FAI^e{3Eb8r zT+1O=rNR7Tj=ja5~~vLDj!d12nC!3d$NCM{LiEDDbfLPbzb^peu8dk%^&snG!J2X$@D-i>CdO>v*dd|@ILMPoe@+LN@o_-=1RWT zVPE1NKS$h{P|Fn4ICBKeD!I0p&OJL1{k5l8&zL^wfbjKyZ37=y%9V&H3jK8d2^P?+ z7}&tIzQk%DeM^)l0{jj1C`` | +| **"wget <...insert URL from aboe Task 1 here...>"** | | | | .. code-block:: bash | | | | wget <...insert URL from aboe Task 1 here...> | | | | 6. After the download completes, rename the file with this linux command: | -| ``mv download agent-installer`` | +| **"mv download agent-installer"** | | | | .. code-block:: bash | | | | mv download agent-installer | | | | 7. Next, give the installer package execution rights to enable it to run: | -| ``chmod +x ./agent-installer`` | +| **"chmod +x ./agent-installer"** | | | | .. code-block:: bash | | | | chmod +x ./agent-installer | | | | 8. Run the agent installer by using the following command: | -| ``./agent-installer`` | +| **"./agent-installer"** | | | | .. code-block:: bash | | | @@ -125,16 +125,16 @@ The *SuperJumpHost* is pre-configured in your lab environment with permission to | 9. Wait for the prompt and paste the token copied from *Task 1* above. | | *(command-V on a MAC, Ctrl-Shift-V on Windows)* | | | -| 10. Enter the name ``udf`` when prompted for the agent name. | +| 10. Enter the name **"udf"** when prompted for the agent name. | | Wait for registration to complete successfully (takes a few minutes). | +---------------------------------------------------------------------------------------------------------------+ | |lab010| | +---------------------------------------------------------------------------------------------------------------+ -| 11. Type ``bigip`` when prompted for the secret name. | +| 11. Type **"bigip"** when prompted for the secret name. | | | -| 12. Type ``admin`` when prompted for the username. | +| 12. Type **"admin"** when prompted for the username. | | | -| 13. Type ``Canada123!`` when prompted for a password. | +| 13. Type **"Canada123!"** when prompted for a password. | | | | 14. Press "**Enter**" when prompted for the *ssh key path* (we're not using one in this demo). | | | @@ -149,9 +149,13 @@ Task 3: Finish adding a first *provider* in **Policy Supervisor** The configuration of the new *Provider* can be completed now that the *Agent* is ready. +---------------------------------------------------------------------------------------------------------------+ -| Go to https://policysupervisor.io again and click "Done" (return to the *Add Provider Pane* with *BIG-IP* | +| Go to https://policysupervisor.io again and click **Done** (return to the *Add Provider Pane* with *BIG-IP* | | selected for the *Provider Type*). | | | ++---------------------------------------------------------------------------------------------------------------+ +| .. image:: _static/PSAddProvider.png | +| :width: 800px | ++---------------------------------------------------------------------------------------------------------------+ | Select the new **udf** option that should now be visible on the dropdown list for the *Agent* field | | (the provider that was created in the previous task). | | | @@ -160,12 +164,9 @@ The configuration of the new *Provider* can be completed now that the *Agent* is | | | The **Provider Name** and **Provider URL** fields will now appear. | | | -| Type **bigip1** for the **Provider Name** and type **https://10.1.1.6** for the **Provider URL**. | +| Type **"bigip1"** for the *Provider Name** and type **"https://10.1.1.6"** for the **Provider URL** as shown | +| above. | | | -+---------------------------------------------------------------------------------------------------------------+ -| .. image:: _static/PSAddProvider.png | -| :width: 800px | -+---------------------------------------------------------------------------------------------------------------+ | Click the **Test Connection** button and wait for the tests to complete successfully. | +---------------------------------------------------------------------------------------------------------------+ | .. image:: _static/PSProviderTestConnection.png | @@ -180,7 +181,10 @@ your 2nd BIG-IP because they areconnected to the same management network in your +---------------------------------------------------------------------------------------------------------------+ | Click the **Add another Provider** button to add the second BIG-IP appliance in your virtual lab environment. | -| | ++---------------------------------------------------------------------------------------------------------------+ +| .. image:: _static/PSAddProvider2.png | +| :width: 800px | ++---------------------------------------------------------------------------------------------------------------+ | Select the **BIG-IP** option for the provider type. | | | | Select the **udf** option for **Agent**. | @@ -189,12 +193,10 @@ your 2nd BIG-IP because they areconnected to the same management network in your | | | Click **Continue**. | | | -| Type **bigip2** for the **Provider Name** and type **https://10.1.1.7** for the **Provider URL**. | +| The **Provider Name** and **Provider URL** fields will now appear. | +| | +| Type **"bigip2"** for the **Provider Name** and type **"https://10.1.1.7"** for the **Provider URL**. | | | -+---------------------------------------------------------------------------------------------------------------+ -| .. image:: _static/PSAddProvider2.png | -| :width: 800px | -+---------------------------------------------------------------------------------------------------------------+ | Click the **Test Connection** button and wait for the tests to complete successfully. | +---------------------------------------------------------------------------------------------------------------+ | .. image:: _static/PSProviderTestConnection.png | @@ -233,7 +235,7 @@ Let's ingest this WAF policy into **Policy Supervisor**. | .. image:: _static/PSIngest2b.png | | :width: 800px | +---------------------------------------------------------------------------------------------------------------+ -| Type ``Ingest from bigip1`` for the required **commit message**, | +| Type **"Ingest from bigip1"** for the required **commit message**, | | click **Save & Ingest Policy**, then wait for the ingestion to complete successfully. | +---------------------------------------------------------------------------------------------------------------+ | .. image:: _static/PSIngest3.png | @@ -255,7 +257,7 @@ Let's ingest this WAF policy into **Policy Supervisor**. | .. image:: _static/PSDeploy3.png | | :width: 800px | +---------------------------------------------------------------------------------------------------------------+ -| Select the **bigip2** option from the **Provider** dropdown, type ``Deploy to bigip2`` in the mandatory commit| +| Select **bigip2** option from the **Provider** optinos and type **"Deploy to bigip2"** in the mandatory commit| | message text box and click the **Conversion Summary** button. | +---------------------------------------------------------------------------------------------------------------+ | .. image:: _static/PSDeploy4.png | @@ -310,30 +312,32 @@ Task 6: Confirm successful deployment of the WAF policy on BIG-IP2 | .. image:: _static/UDFTMUI.png | | :width: 800px | +---------------------------------------------------------------------------------------------------------------+ -| 3. Select **TMUI** to access the **bigip2** machine's GUI management interface in a new browser tab. | +| 3. Select the **TMUI** option to opoen **bigip2**'s GUI management interface in a new browser tab. | +---------------------------------------------------------------------------------------------------------------+ | .. image:: _static/TMUILogin.png | | :width: 800px | +---------------------------------------------------------------------------------------------------------------+ -| 4. Login with username **admin** and password **Canada123!**, then click to the virtual servers list page. | +| 4. Login with username **"admin"** and password **"Canada123!"**. | +---------------------------------------------------------------------------------------------------------------+ | .. image:: _static/TMUIVS.png | | :width: 800px | -| | ++---------------------------------------------------------------------------------------------------------------+ +| 5. Browse to the virtual servers list page. | ++---------------------------------------------------------------------------------------------------------------+ | .. image:: _static/TMUIVS2.png | | :width: 800px | +---------------------------------------------------------------------------------------------------------------+ -| 5. Click on the **web_app** name to view the virtual sever's properties page. | +| 6. Click on the **web_app** name to view the virtual sever's properties page. | +---------------------------------------------------------------------------------------------------------------+ | .. image:: _static/TMUIVS3.png | | :width: 800px | +---------------------------------------------------------------------------------------------------------------+ -| 6. Browse to the virtual sever's **Security -> Policies** page. | +| 7. Browse to the virtual sever's **Security -> Policies** page. | +---------------------------------------------------------------------------------------------------------------+ | .. image:: _static/TMUIVS4.png | | :width: 800px | +---------------------------------------------------------------------------------------------------------------+ -| 7. Observe that the Application Security Policy (e.g., the WAF policy) is **Enabled**. | +| 8. Observe that the Application Security Policy (e.g., the WAF policy) is **Enabled**. | +---------------------------------------------------------------------------------------------------------------+ +----------------------------------------------------------------------------------------------------------------------+ From 07bc991dbfe8c04daafd34d7cabd904ad9cdde92 Mon Sep 17 00:00:00 2001 From: drpotters Date: Wed, 17 Jan 2024 00:16:34 -0800 Subject: [PATCH 07/17] Update lab2.rst Added clarity to navigating in the console, with feedback by Russ Malloy --- docs/class6/module1/lab2.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/class6/module1/lab2.rst b/docs/class6/module1/lab2.rst index 999033ce..18a2ba9c 100644 --- a/docs/class6/module1/lab2.rst +++ b/docs/class6/module1/lab2.rst @@ -540,7 +540,7 @@ Click **Cancel and Exit**. You can now feel free to explore the **Multi-Cloud Network Connect** Site menus while everyone is getting caught up. -Click on **Site Map**, **Site Security**, which is where we would review our firewall logs in "real world", and finally, head down to the **Service Info** Section and click on **About**. +Navigate to **Overview > Sites** and then to the tab view of **Site Map** to see an overview with the health of all deployed sites. For site security, navigate to **Overview > Security > Firewall Events** to review the firewall logs, and finally, go to to the **Service Info** section at the bottom of the left-hand frame, and click on **About**. Sanity Check @@ -552,4 +552,4 @@ Sanity Check **We hope you enjoyed this lab!** -**End of Lab 2** \ No newline at end of file +**End of Lab 2** From 4587583c1a9a238b7965b0fe0e915e913224e4cd Mon Sep 17 00:00:00 2001 From: drpotters Date: Wed, 17 Jan 2024 00:17:52 -0800 Subject: [PATCH 08/17] Update lab2.rst --- docs/class6/module1/lab2.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/class6/module1/lab2.rst b/docs/class6/module1/lab2.rst index 18a2ba9c..17fba82c 100644 --- a/docs/class6/module1/lab2.rst +++ b/docs/class6/module1/lab2.rst @@ -540,7 +540,7 @@ Click **Cancel and Exit**. You can now feel free to explore the **Multi-Cloud Network Connect** Site menus while everyone is getting caught up. -Navigate to **Overview > Sites** and then to the tab view of **Site Map** to see an overview with the health of all deployed sites. For site security, navigate to **Overview > Security > Firewall Events** to review the firewall logs, and finally, go to to the **Service Info** section at the bottom of the left-hand frame, and click on **About**. +Navigate to **Overview > Sites** and then to the tab view of **Site Map** to see an overview with the health of all deployed sites. For site security, navigate to **Overview > Security > Firewall Events** to review the firewall logs, and finally, go to the **Service Info** section at the bottom of the left-hand frame, and click on **About** to learn more about Network Connect. Sanity Check From 3a284be8181df82a4b02a0b1ae06341b9630ba43 Mon Sep 17 00:00:00 2001 From: Tylerbrown7213 <81637207+Tylerbrown7213@users.noreply.github.com> Date: Wed, 17 Jan 2024 10:19:41 -0700 Subject: [PATCH 09/17] Adding . to intro.rst --- docs/class4/intro.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/class4/intro.rst b/docs/class4/intro.rst index fbcd7702..f155654a 100644 --- a/docs/class4/intro.rst +++ b/docs/class4/intro.rst @@ -34,7 +34,7 @@ The following will guide you through the initial Lab environment access within t Cloud Console. You should have received an email with an invitation to access a F5 Distributed Cloud Tenant. The email will come from **no-reply@volterramails.io**. -The name of the F5 Distributed Cloud tenant that we will be using for this lab is **f5-xc-lab-sec** +The name of the F5 Distributed Cloud tenant that we will be using for this lab is **f5-xc-lab-sec**. Additionally, the following are key configuration elements for this lab and will be used throughout the lab tasks that follow. From 31d80fe1b7099101928622341570f367dc5c9a46 Mon Sep 17 00:00:00 2001 From: stockerts Date: Wed, 17 Jan 2024 11:12:48 -0800 Subject: [PATCH 10/17] Class 2 | Corrected format of intro and images. --- docs/class2/close.rst | 4 ++-- docs/class2/intro.rst | 15 +++++++++++---- docs/class2/lab1.rst | 20 +++++++------------- docs/class2/lab2.rst | 9 +++++++++ docs/class2/lab3.rst | 3 ++- 5 files changed, 31 insertions(+), 20 deletions(-) diff --git a/docs/class2/close.rst b/docs/class2/close.rst index ffc6f886..9b7f17c9 100644 --- a/docs/class2/close.rst +++ b/docs/class2/close.rst @@ -2,7 +2,7 @@ Conclusion ========== Thank you for your participation in the F5 Distributed Cloud Lab. -This Lab Guide has highlighted how attendees can leverage F5 Distributed +This Lab Guide has highlighted how attendees can leverage F5 Distributed Cloud security to protect hosted applications and resources. Appendix @@ -30,7 +30,7 @@ Appendix * **Terraform:** https://registry.terraform.io/providers/volterraedge/volterra/latest +----------------------------------------------------------------------------------------------+ -| F5 Networks, Inc. \| f5.com | +| F5 Networks, Inc. /| f5.com | +----------------------------------------------------------------------------------------------+ +----------------------------------------------------------------------------------------------+ diff --git a/docs/class2/intro.rst b/docs/class2/intro.rst index ab38fb5a..bc0fe9c7 100644 --- a/docs/class2/intro.rst +++ b/docs/class2/intro.rst @@ -23,14 +23,15 @@ Cloud Services will be configured as a SaaS Edge delivery and security service tier to a publicly hosted web application. The key elements lab attendees will interact with are as follows: -- F5 Distributed Cloud Console -- F5 Distributed Cloud Global Network / Application Delivery Network (ADN) -- Publicly hosted application (Public Cloud) +* F5 Distributed Cloud Console +* F5 Distributed Cloud Global Network / Application Delivery Network (ADN) +* Publicly hosted application (Public Cloud) |intro001| + Task 2: F5 Distributed Cloud Console Login -========================================== +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The following will guide you through the initial Lab environment access within the F5 Distributed Cloud Console. You should have received an email with an @@ -67,8 +68,11 @@ proceed to the first step below to access the F5 Distributed Cloud Lab Tenant. appear. |intro002| + |intro003| + |intro004| + |intro005| @@ -84,6 +88,7 @@ proceed to the first step below to access the F5 Distributed Cloud Lab Tenant. operations. As **some menus will be locked and not visible.* |intro006| + |intro007| #. Namespaces, which provide an environment for isolating configured @@ -109,6 +114,7 @@ proceed to the first step below to access the F5 Distributed Cloud Lab Tenant. available.* |intro008| + |intro009| **Beginning of Lab:** You are now ready to begin the lab, Enjoy! Ask question @@ -116,6 +122,7 @@ as needed. |labbgn| + .. |intro001| image:: _static/intro-001.png :width: 800px .. |intro002| image:: _static/intro-002.png diff --git a/docs/class2/lab1.rst b/docs/class2/lab1.rst index 5280e04f..d5837777 100644 --- a/docs/class2/lab1.rst +++ b/docs/class2/lab1.rst @@ -30,6 +30,7 @@ tenant for this lab and proceed to Task 1. **Expected Lab Time: 25 minutes** + Task 1: Configure Load Balancer and Origin Pool ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -50,6 +51,7 @@ assign a target as an origin. as shown. |lab001| + |lab002| .. note:: @@ -70,7 +72,6 @@ assign a target as an origin. |lab003| - #. In the current window's left-hand navigation, click **Origins**. In the adjacent **Origins** section, under **Origin Pools**, click **Add Item**. @@ -106,7 +107,9 @@ assign a target as an origin. **Apply**. |lab008| + |lab009| + |lab010| Task 2: Configure WAF Policy on the Load Balancer @@ -143,6 +146,7 @@ configuration. become available |lab013| + |lab014| @@ -205,8 +209,6 @@ configuration. |lab020| - - #. Click **Documentation** in the horizontal navigation at the top of the screen. @@ -228,7 +230,6 @@ You will now perform basic testing of the Web Application Firewall (WAF) Policy. You will also review the generated event data to make additional configuration changes. - #. Open another tab in your browser (Chrome shown), navigate to the newly configured Load @@ -247,7 +248,9 @@ configuration changes. (copy and paste to a notepad or note resource). |lab022| + |lab023| + |lab024| #. Returning to the F5 Distributed Cloud Console, use the left-hand menu to @@ -261,7 +264,6 @@ configuration changes. *As you have not run many requests, summary analytics may not be available in the dashboard view yet.* - #. Scroll to the bottom and select your load balancer. |lab026| @@ -278,14 +280,11 @@ configuration changes. *Security Event data may take 15-20 seconds to populate in the Console. Please force a* *refresh using the Refresh icon next to the Time Period selection in step 6.* - #. Expand one of the requests and note the **Information** tab link. This summarizes request details and provides request duration timing. |lab028| - - #. Click on the **JSON** link to get more data about the request. #. Click **Add Filter** as shown to see how you can filter by key identifiers. @@ -319,7 +318,6 @@ configuration changes. *Individual forensic categories can be changed using the noted pencil icon to surface additional top data details.* - #. Using the left-hand navigation, click **Dashboards** and then select **Security Dashboard**. @@ -365,8 +363,6 @@ configuration changes. |lab039| - - #. Type **req** in the open dialogue window and select **req_id** from the dropdown. @@ -382,8 +378,6 @@ configuration changes. |lab042| - - #. You should now be filtered to a single "Security Event", as shown with your selected filter. You can expand and review the request as desired using the **arrow** icon. diff --git a/docs/class2/lab2.rst b/docs/class2/lab2.rst index cb095c41..31ce517d 100644 --- a/docs/class2/lab2.rst +++ b/docs/class2/lab2.rst @@ -94,6 +94,7 @@ Cloud Console. This HTTP request will not show up in the Security Analytics however you will find it in Request logging. + Task 2: Enabling F5 Distributed Cloud Bot Defense ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -116,6 +117,7 @@ and understand its implementation. - **Token:** **password** |lab010| + |lab011| #. In the Developer window, find the **POST** to **auth.php**. **You can also @@ -125,6 +127,7 @@ and understand its implementation. that you only see limited form POST data (identity, token, & submit). |lab012| + |lab013| .. warning:: *Make sure to logoff using the menu on the right of the web @@ -165,6 +168,7 @@ and understand its implementation. #. Click **Edit Configuration** in the top right-hand corner. |lab014| + |lab015| #. Click **Bot Protection** in the left-hand navigation. @@ -182,7 +186,9 @@ and understand its implementation. #. In the new **App Endpoint Type** window, click **Add Item**. |lab017| + |lab018| + |lab019| #. In the **Application Endpoint** input the following values in the fields @@ -198,6 +204,7 @@ and understand its implementation. #. Scroll to the bottom and click **Apply**. |lab020| + |lab021| #. Click **Apply** on the **App Endpoint Type** window. @@ -206,6 +213,7 @@ and understand its implementation. section of the **Protected App Endpoints** window, then click **Apply**. |lab022| + |lab023| #. Observe that the **Bot Defense Policy** is now configured. @@ -214,6 +222,7 @@ and understand its implementation. bottom on the **HTTP Load Balancer** screen, and click **Save and Exit**. |lab024| + |lab025| #. Repeat Task 2 Steps 1-6. Note you many need to close your browser and clear diff --git a/docs/class2/lab3.rst b/docs/class2/lab3.rst index 8298de42..1c1766f5 100644 --- a/docs/class2/lab3.rst +++ b/docs/class2/lab3.rst @@ -33,7 +33,7 @@ malicious user mitigation and actions. |lab003| #. Click the dropdown for **User Identification Policy** and select - **Add Item**. + **Add Item**. |lab004| @@ -166,6 +166,7 @@ select **Enable**. bottom of the window and click the **Save and Exit** button. |lab023| + |lab024| **End of Lab 3:** This concludes Lab 3, feel free to review and test the From 72efa0c54f32d7e108136dc10f0d5dc5f2de28ad Mon Sep 17 00:00:00 2001 From: stockerts Date: Wed, 17 Jan 2024 12:52:18 -0800 Subject: [PATCH 11/17] Added code type --- docs/class2/lab2.rst | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/docs/class2/lab2.rst b/docs/class2/lab2.rst index 31ce517d..813361f7 100644 --- a/docs/class2/lab2.rst +++ b/docs/class2/lab2.rst @@ -89,7 +89,9 @@ Cloud Console. user-agent, you will skip signature-based bot detection. For example, if you run the following command: - ``curl http://.lab-sec.f5demos.com --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15'`` + .. code:: BASH + curl http://.lab-sec.f5demos.com + --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15' This HTTP request will not show up in the Security Analytics however you will find it in Request logging. @@ -138,10 +140,12 @@ and understand its implementation. Let’s explore how an attacker could perform credential stuffing attacks by using the curl command: - ``curl -v 'http://.lab-sec.f5demos.com/auth.php' - -H 'Content-Type: application/x-www-form-urlencoded' - --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15' - --data-raw 'identity=user%40f5.com&token=password&submit=Submit'`` + .. code:: BASH + + curl -v 'http://.lab-sec.f5demos.com/auth.php' + -H 'Content-Type: application/x-www-form-urlencoded' + --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15' + --data-raw 'identity=user%40f5.com&token=password&submit=Submit' For this application, a successful logon will have a 302 response to the location ./data.php?page=data @@ -240,10 +244,12 @@ and understand its implementation. requests and its ability to perform credential stuffing attacks. Let’s find out. Re-run our previously successful logon attempt: - ``curl -v 'http://.lab-sec.f5demos.com/auth.php' - -H 'Content-Type: application/x-www-form-urlencoded' - --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15' - --data-raw 'identity=user%40f5.com&token=password&submit=Submit'`` + .. code:: BASH + + curl -v 'http://.lab-sec.f5demos.com/auth.php' + -H 'Content-Type: application/x-www-form-urlencoded' + --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15' + --data-raw 'identity=user%40f5.com&token=password&submit=Submit' As you can see, instead of signaling to a potential attacker that they have a good or bad password, we have prevented the would-be attacker from From af08c4f83bec8bc78acfeddb5744051ff85f514c Mon Sep 17 00:00:00 2001 From: stockerts Date: Wed, 17 Jan 2024 12:55:41 -0800 Subject: [PATCH 12/17] Update to curl command --- docs/class2/lab2.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/class2/lab2.rst b/docs/class2/lab2.rst index 813361f7..9ed0178b 100644 --- a/docs/class2/lab2.rst +++ b/docs/class2/lab2.rst @@ -90,7 +90,7 @@ Cloud Console. run the following command: .. code:: BASH - curl http://.lab-sec.f5demos.com + curl 'http://.lab-sec.f5demos.com' --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15' This HTTP request will not show up in the Security Analytics however you From d1a1944eb3920a196d39174472c804cefc3fad73 Mon Sep 17 00:00:00 2001 From: stockerts Date: Wed, 17 Jan 2024 12:58:34 -0800 Subject: [PATCH 13/17] Another change to curl --- docs/class2/lab2.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/class2/lab2.rst b/docs/class2/lab2.rst index 9ed0178b..78a0933a 100644 --- a/docs/class2/lab2.rst +++ b/docs/class2/lab2.rst @@ -90,7 +90,7 @@ Cloud Console. run the following command: .. code:: BASH - curl 'http://.lab-sec.f5demos.com' + curl -v 'http://.lab-sec.f5demos.com' --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15' This HTTP request will not show up in the Security Analytics however you From 8d08e69c57728e9f2d69d14c216f5e0f8ff798f2 Mon Sep 17 00:00:00 2001 From: stockerts Date: Wed, 17 Jan 2024 13:00:12 -0800 Subject: [PATCH 14/17] curl update 3 --- docs/class2/lab2.rst | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/docs/class2/lab2.rst b/docs/class2/lab2.rst index 78a0933a..c86fb014 100644 --- a/docs/class2/lab2.rst +++ b/docs/class2/lab2.rst @@ -90,8 +90,7 @@ Cloud Console. run the following command: .. code:: BASH - curl -v 'http://.lab-sec.f5demos.com' - --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15' + curl -v 'http://.lab-sec.f5demos.com' --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15' This HTTP request will not show up in the Security Analytics however you will find it in Request logging. From 7c015ba71c4c2df93f9f9dda13a078e433376a5a Mon Sep 17 00:00:00 2001 From: stockerts Date: Wed, 17 Jan 2024 13:02:17 -0800 Subject: [PATCH 15/17] Task 1 update, format --- docs/class2/lab2.rst | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/class2/lab2.rst b/docs/class2/lab2.rst index c86fb014..f546109e 100644 --- a/docs/class2/lab2.rst +++ b/docs/class2/lab2.rst @@ -79,7 +79,7 @@ Cloud Console. |lab009| -#. **Optional Advanced Topic** + **Task 1: Optional Advanced Topic** Signature based Bot detection can be easily bypassed. By simply presenting a less suspicious user-agent string, a threat actor can easily bypass the @@ -90,7 +90,8 @@ Cloud Console. run the following command: .. code:: BASH - curl -v 'http://.lab-sec.f5demos.com' --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15' + curl 'http://.lab-sec.f5demos.com' + --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15' This HTTP request will not show up in the Security Analytics however you will find it in Request logging. From 7e25ebd85d1d72187b51e84f6c079b906753b3ad Mon Sep 17 00:00:00 2001 From: stockerts Date: Wed, 17 Jan 2024 13:05:28 -0800 Subject: [PATCH 16/17] Lab2 format update --- docs/class2/lab2.rst | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/docs/class2/lab2.rst b/docs/class2/lab2.rst index f546109e..c738f96b 100644 --- a/docs/class2/lab2.rst +++ b/docs/class2/lab2.rst @@ -10,7 +10,8 @@ protect the previously configured application from advanced Bot threats. **Expected Lab Time: 25 minutes** Task 1: Reviewing Signature-based Bot protection ------------------------------------------------- +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + In this task you will review the Bot signature configuration and view logged security events. This lab will begin back in the F5 Distributed Cloud Console. @@ -90,9 +91,17 @@ Cloud Console. run the following command: .. code:: BASH + curl 'http://.lab-sec.f5demos.com' --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15' + .. code:: BASH + + curl -v 'http://.lab-sec.f5demos.com/auth.php' + -H 'Content-Type: application/x-www-form-urlencoded' + --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15' + --data-raw 'identity=user%40f5.com&token=password&submit=Submit' + This HTTP request will not show up in the Security Analytics however you will find it in Request logging. From 56077b3bce009193348c083d10b02508a89cd8a7 Mon Sep 17 00:00:00 2001 From: stockerts Date: Wed, 17 Jan 2024 13:06:56 -0800 Subject: [PATCH 17/17] Final curl correction, last works! --- docs/class2/lab2.rst | 7 ------- 1 file changed, 7 deletions(-) diff --git a/docs/class2/lab2.rst b/docs/class2/lab2.rst index c738f96b..94184460 100644 --- a/docs/class2/lab2.rst +++ b/docs/class2/lab2.rst @@ -95,13 +95,6 @@ Cloud Console. curl 'http://.lab-sec.f5demos.com' --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15' - .. code:: BASH - - curl -v 'http://.lab-sec.f5demos.com/auth.php' - -H 'Content-Type: application/x-www-form-urlencoded' - --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15' - --data-raw 'identity=user%40f5.com&token=password&submit=Submit' - This HTTP request will not show up in the Security Analytics however you will find it in Request logging.