From 88c76a3a29743465723efb7d2eb0d78bc697c286 Mon Sep 17 00:00:00 2001 From: Akashdeep Dhar Date: Fri, 26 Jul 2024 10:44:47 +0530 Subject: [PATCH] Add information on the Secure WebSockets servers Signed-off-by: Akashdeep Dhar --- README.md | 29 +++++- data/cert-atla-26072024.png | Bin 0 -> 34096 bytes data/cert-mumb-26072024.png | Bin 0 -> 34096 bytes data/test-atla-26072024.txt | 181 +++++++++++++++++++++++++++++++++++ data/test-mumb-26072024.txt | 182 ++++++++++++++++++++++++++++++++++++ 5 files changed, 390 insertions(+), 2 deletions(-) create mode 100644 data/cert-atla-26072024.png create mode 100644 data/cert-mumb-26072024.png create mode 100644 data/test-atla-26072024.txt create mode 100644 data/test-mumb-26072024.txt diff --git a/README.md b/README.md index 959ce78..125a153 100644 --- a/README.md +++ b/README.md @@ -30,8 +30,33 @@ available servers setup by me instead. Picking the server that is closer to your group of users can help with improving performance and reliability of the transfer. Please open up a pull request if you wish to list your server here. -- Atlanta, GA - `ws://expedite-atla.apexaltruism.net:6969` -- Mumbai, MH - `ws://expedite-mumb.apexaltruism.net:6969` +### Unsecured WebSockets connection + +It is recommended for using the unsecured WebSockets connection only for +testing and debugging purposes. + +- **Mumbai, MH** + `ws://expedite-mumb.apexaltruism.net:6969` + +- **Atlanta, GA** + `ws://expedite-atla.apexaltruism.net:6969` + +### Secured WebSockets connection + +It is recommended for using the secured WebSockets connection for all kinds +of general file sharing purposes. + +- **Mumbai, MH** + `wss://expedite-mumb.apexaltruism.net` or `wss://expedite-mumb.apexaltruism.net:443` + [**Grade A - Qualys**](https://www.ssllabs.com/ssltest/analyze.html?d=expedite-mumb.apexaltruism.net) + [**Test Result**](https://github.com/gridhead/expedite/blob/main/data/test-mumb-26072024.txt) + ![](https://raw.githubusercontent.com/gridhead/expedite/main/data/cert-mumb-26072024.png) + +- **Atlanta, GA** + `wss://expedite-atla.apexaltruism.net` or `wss://expedite-atla.apexaltruism.net:443` + [**Grade A - Qualys**](https://www.ssllabs.com/ssltest/analyze.html?d=expedite-atla.apexaltruism.net) + [**Test Result**](https://github.com/gridhead/expedite/blob/main/data/test-atla-26072024.txt) + ![](https://raw.githubusercontent.com/gridhead/expedite/main/data/cert-atla-26072024.png) ## Illustration diff --git a/data/cert-atla-26072024.png b/data/cert-atla-26072024.png new file mode 100644 index 0000000000000000000000000000000000000000..da7cf01749fd7ae44822f05c3635a8114d767697 GIT binary patch literal 34096 zcmeFZXH=70*EKAWDpCX$=_nuq0@6f4ii#o~LFr8qkQREc5fv2#q=jCTA|kyc^w>bU z(jpKbN+%FH5klbG(Q}`3^u3=kzGr;@zVZIyhbH^lS$prb=bUS<>xsUuI>RB3LkA8V zV9>a(W^mxZLCk>z6gjli;9pE6++q$K;5(q9cIl?S)#4akqt5hR+vbDQ<*cS3B~0U{Fxk2&EFmio9Dt=e z|1q@#ursvG$d}OxuH6p_~%byM%GdPJJ95@9^XFzQ#|x4gXPahf*}9-i~q-^ z{9gt64hNF3G%6%&^d@d;6w&!Mf@b=|6V`Z9V{wh^*W*|OHLnl8zLjs)6c{h(W_6AF z&v~iSe>m$dVcl#Iy1S~bp`p=!L_5L{0UgUzg+XE-<*)zoqsNaw*1(QeImAZuC@F}! zz{SjsoCaRqzFgDe={8n>D|DYksDA#+urQ|Db#!Qy|H|ec-;W`GKT9R7xhq|+S2aoG zmS$-KUg1eplok!4Q=;Wlyr5Q|`?q)Y0RauZOIV8=m`i-e{f8=1Xap&q}o1moRjWij@Qx2Iv z$pS(`QCl~x6+NdOAC<7eG#WJpZdTWx3Q<;Co$oKS8>{!JbQ%F-^0k+TxzK0yS<71J#@7p0&2;+BKvj6 ztkRe$>s^H-(pcNZ3nC z!Lr=S!55a^Q#TQse3wR~Jie=~2L=Z>Vghj`FJyOWU#iD;(C`MwZOwAJHQso7O!WAQ zNjd-TheQ<%k)*@yUAhtRrbi7I{U+>0S7~Q1H9kqyxPwV$*G9KE*WkVV`$r7j%L)nj zQ5pT^uN7B%RQ7{e4cNpj?%8Mg^t0m`xfN3OdFR(1dF^{L9D7Qbp7k@Ge0o&)R1}-U z`4;c~)Gg(ZoxIJ#7A8Th-S1)V`T-39ioQ(j>?J zf>f0SkNUoFhTpd=p8|QVZ86*lNBFO$uGwRhyi&een z3(c2?FmBpp3@zkZ>iW)d}S6})_W8k z2@T*dp($72?C7_IhByva+9^~HS2?6JF?e?(DfdU+T9Ra)hf>hH@Co(VzVB~-+uq>_ zsyi&mB$H+7y&YWH^yl0wrcZG!PMOb|=3Yc;(-K^t(_+}+#<-CFiQsh|Gfo7?GwP_w z%}=|gS604O*!EjB%w`33d3x`oxSy=sJQ|U#ty9EZ{d@499v8ZHBh)q1V<A$64e*7TFAw9tyi`v%ezdQ& z-aNgwbM%M2*GvkDr1JUkc>c%K-)|B(dJ_&LY2Jt02<}O|OgLt2aXYJii5J-`Kg;C^ zazg!)ep7QLBe{KIJjo$~|41BvK(k??ZaY}n{>wF?gQ??gOQVktv!4o_Xn+n=;iF}@ zU(Qw32V01BCJNhTeJIsan`jKEqT3)533Apdt&e`c0+^LxuV|o_FG{NFcGO%+`}H5{ zY~J2CHIi`}I5UiJ%MQ@tr7mEiTHn{Kczvr_vrsp)FJ{oxh9S8*vO-?a9cK)iCqxo! z8_c_?%dAz{BfTyWEo+qOH@?3#QqzgC&4`b`v(>P(P~6?$K!RK061si1{hEWf zyOj4Po|T08YGQ{3mlP%!N2w2=h%@TP)Op#xy-(#>=Cd>+yVQX6O0(X(aKgGFf?Lxv5Ne#=12A>>Gi-5zfYcwvp09^DvU6uI>}g;*&27?)5Z=Q@&D zn_;o+fFEl>q;3udHEy1?Y1ZLAU{q$M^d+bSE^aAuHR`xd`mvUcKCS*{E75o@l(e#p z7)EemCtPNq_yIRmBD$l+uwmtFN#Xuu<+h>c%WKc3-qA}OC6%8{L6vm2`wZ9D=C>^@ z*6x*dwr~2K{~gP~<_>)jaL2u=8ILNF?sFKCQT4-PhA*mhA#_ruuAYZtQs(uW3eDe_ zQ@f3&$vU3~hfHRFq6cP9T-?w6y7zFN^#iBOJwEHuZMzX`Ty%5KeHvEerp^BJkDXbw z8mH7jDwp3f$pOe0HgHjHCFNFu%dG6Ur9sI=TgdkhbgU_?EG%j*PQ~C`24F*IcXs>u z8o|wQ30*#|MlCE_?`y@AhElyI76ZV2bTzwU=>e)lcHZ!P7;#C?FhM!j!Wlj65~4|b zV_MbatYByflJGppJ)dEt`^BgMwcgy;|1uLtY)q(pHCCeBwvBOp%5Q9=XsSK~LvTNz z_vg751-PoTEZ+egSup>;A0++t0-bcT5nhhpac84|D%N-S9M*SzTTA z?AMV?%_sgjgNh@3?rp8|_9XyxnE5V`XO=28A3AHlEA!yD^OQ%&jI{KX)XunYqtxWjlhN}T@>9BxyBYCTBP=felx z=rR@F3+sP5|8Zz5Zs_-nPRZ<^gPN_HWkGUZfO`L)?Nm`S5K3q|6Z6=W-(kOd!2#H4 z>g2VuKgMzqSH;$DANZp5dorMKIK+(1l!tC`{FY4r@9;mv^#AYRC|04sC1eM1AsP0| zdwhQ|)thZCa`P1*1BXo9sjE*jwkdCn@XO1aK4Rh(r=z3uByFO#T2&lejEH-yZM+T( z&v>j0wAmfMmgfQ@axrf_t7s`sx8u^k(@oqkK@fcvcF1pJsN z4I@|Fk01W?pK~J;&)j$y&vAtTQ|CDyui&$gqFk7l_o+FA*cC}fb?9gum}q)^PqpjU z@=NwzDJSJ7f~)4Xy@{J>YciTMC^jmQ=I+7$`@zfN4{oDmz+|+*-E(%{<`vBR%BqgsSYl~!!f72TUIB}M=_LEDJ?+u3 zeWJA~fY9}*kOEtO?th<@Q{+qHjgUiBE^2FObQ)LIlKkRoREI3uBB69TK}fHoFgsKP zj2{n}P=}rhNkGweF|N3@Ub7=f)M3lAIk@huNx3SSe$=hJqo2mUjhN{r)3bo4;O#Zf zc0qWG;6n5CxIz>ly*{SZ_ny=1VL3Cj}_fM1<&lW`px;9_k@DFLb^-M@s}A1X1g za`k)nfUZELS%+u{n5TE=C<*r^pWrpylVsZ#qw(?SvFXZAacSvq_48fz%>|;=n#pG! zd!)T)wB?D5Rr!E^N^-fTUH&JppaMXynSI8tw3m$?Z8gpsk#fonv`b#wqVv#|?Pln);0`Jg%Dg50PY|oqoJAN0e%( zpV#^R{k!({!JOth9}gAXc=@RM-j`ETs7w!yI)IStYPx$e70KMUyDQXpX@Q1*B5c2D zczLZ;0{-EHnxVBXApu8oT*0{+I;OA<0zdU4N<1FGd%cY-^sef?FLNz=a|s|u1>FuUi^Y;rv*}1}PTMnm--)M$={@ zUQrrX!mBV>>pgE^igZ5-8?8{0_2&9}$MGctdCJ78-$;$hyKddsIz;dxJ=<}>t3KmK zcj1XdNWS>PAybRY)gelNUf)Ec`2542jtatrQRgaYP zWHXbDH~V%z+{$Td^`WOdl0Q(`OX{DC1rF{MONDZ)Gg=3i03Pe^s&r$oE`u_>1IJWT zPOT`CrJI;*}(?R&5&~GOR5jCeo%y z>s>6~mnvIm^Kum2t^|i*zB$VLV7)Sz_VVCXcK%>w@iR`jp2ne9H~6I!NI<)}P9_E+ z{R+6HFsAC`ub8y@O+7P7L!U{+<(BmP1%>qz=?`|D$qe&BNNMGK45Hc`UW4=WZHiSW z^z}J!fxGBE7Z<>nF+N$^iRsA$CvFj#x-e>Z5P1&p6Z1y>>k+YSeY{%;opD+wg@1l1vgN1^TT@3-A2euoi-iy`fOAx*xKpN0@XKq?QLI6(!LBf< zhY&61IMaddzaXBfKg25NpjOj2O9@|yi#ll)vUY|{cQW}MSYA^zpgle)mzXs|P+`{3}8agnmAabA0m-;U&9uL#)0( zX?^6!qr&N!mvk8X3H8^%RB2SzuMzRh1OH!wrSEW++k7KJm%JtpEdCAz#XfLfNH4YG z#98><8}6MGrur3Fi9;DpyDk#RI^DEMtQ>0w4BVwX%xt)obuGUyZg)#KR$i&kx10ii??}4e=Shs8GTz1hQFuA z#25@{-ak|0JO<+((n;=aGfuTO*L(APD$($UV`RcLbv|PYo}v?BwKsc=dv~2Ii?zHt zeoAYoeahDouVcv72`nv)i7E6t*7w8ptECB)_)n&u1?Q*=-t1jJep)AKNoeR{z-dNA zg6j4UGtb+(#d%(t&AtoALoOYlV57T9%6}d8Iu}gRy$V&{^5_V1>>|o^;2L)8Yxrml zh5%PO*&-0)h{k^@qouXD`Re823(MQI8BYw!YcWst`s^zR-LENp(|AvZi8)d9$tNDg zEw9yc^aU!YlSf*5)CJG>ITb(J8}xo*ugDN_bL%GqS>Xdjnuk|0(DxGV0N8BZ7!!{T||9O zJA*9TKQ2W*=I5uyd=ac28>Yk5a!w0TWM%(CjuN=WZlvXpujb& z;MJ?^ZdLov6mlyq+@w*ut*_BU<1}+&jG;UEKryqzo~x^~AZ<^%W?!SlY_ZepZA}$f z*B3T8DEgING?7ZaBoIFhh55_N`x_9swKG+E8+H;S$OK22|np zF~12hx5m{+)ov5Yoy~`VbagF;OISUYC+WDD*(ZPo?N+~kw5Q(fQCyZOJ0@m!lPm_r zgw5qf=G}h($g%2cS@X_oAb+$r7UY^=soP&9yt?tSOB?xU4@eaqS`tkHG)z2+>O28z zMx_?Q0c%r|yoWBXcS+Cu=uVd_tnnIkMQ9k2IE?TiIPECx5FqHG}rOX6$|X zJnNQFgM7_ntY57IrjN~os=!&Z>N8?D<(!AQy4FFVJw2)SY6)Vd67XZqtx5L4Z96NwKVJg7!{ zClCAaZaJ4Vk!vK0U@DqGj_$7W)(B_~LgEIC9qzB%#^x&ryjNrdCAFe2=Y?z*=hGS zjTW{EN7cFzY?_;M{b0bWQccU_$)mbHUEoE_}MX3arv^JPjD8V)P z!C+1rQhW5rw@BW*sBnt!^gZl~^Yqmm@jk;yx6Tu<03YjwOUS{j96m%H6^{4abI1-c zYK`F*U7zWe*7_v-0cWrdfQAD*QhG~5f3Z&`nbF&LiwpqH9y^h6@e#^(p7ukt2gGl& z+i^7vLYlSUYZu1{v&|1CV`EmL=lZ5GFpOY{>>?=Jeadi$F zTZ<{Y44w!fXl$=d+krhH6}s#H<#VxCbBJ_*iCK+QXUlTkEKgMV-ZscPR6z-F+gIb&e2;+ukHt)Oof8Kz?^^s(psXm1IfyQkX$Ryo4zg z@6F2}9M5B0*YN?dh0F~G}Tgt`+9!gEeg*HRI+7Q zUNO|9e_FgWxsUmA6ROm*p=+^XTr_0r(~%YBsj8Z*I^;A!Sr*q~WJvb1wrZ$)Hbd>nG&5Qs(vV=7A)QS~p zDH%<{b_vUv@|63CDyY7{m>_vs2gXHKDv}eSAxtCS^bw@32sFeN#HtNd1!5KCJV%Ea z=Wu&{6|j}71*G+yT9aBWbAZrQ%OMGqLafM$t6o3$D4~%|ISCEflJ3S+JWwH~S$1M` zQV_ED-Umi7a++#x8T~_FK6NrWmOTFB)IJ-?L+R#YTp%kQS#c+(Li`pCJBBf$*!@J$ zlK9AiI=?qXhhZl4M>EXM4e9jpkmnbVg40>EAg{!G;V%IO8J_4Wv0FbD%)qo zeXkvW@lmogYt!Cw^Sw&Wd#ovD?jo>Jg-|WC)9&W)bYF_7Vz-8T$bb9|#UK?&KkZ-L zGdZvR^VfWWShMYPPUz{Nb(MOWlQ?wWg!wOKCq!f;G(`@F8wE;?m zDo7b_hr+I4YafkQ8qr~rzx1Djjhdr@US~e3Q$zc~fG^ZD_-y)1G4i>-3v;|$a0Gc} z$ZG~h33Z4`7Y)pmch8=FT7Tx0GpwXRETZmqMAp!rrW_;Waz;|{^D!M#BowG ziu=}WVrB-)wMBAOJ64Jse<+_81LfIurG&~cNz|OQDN@aP5^&ZvyA_}!m?~AX=oU9j zQU5G_Q61~suBuRR7=mC`7u!%~MP5NnUZ-UKWNOnI&7Ktquq}S?iA^xOwI98InF0hs zXvLgA#)@>6J}Nm+3sXGZC38Pqh>G?Mp2xQpzUq?@jxKeOduI8nh8cM!X%bmZB}Iep zxSgHA`qkKG6yH6s(58gh;uZ~j6y8tSxJ8{DnCbhF8g1PwcR`|XX{lz_XXJ<4%N9!f zy;q(+;lRB>Az5cH1VK1IioeWUo*9lFM;VkYiNAg9`*`))nZhOAnVQv_u>&TbPeKq> zb28fqa(Im)f5#Z*>}FFWmuzgjIC>}8){Uq0c+>gjis~9?b4qAKOf=0-lB7Fa;$yt0 z923zuIk6$YzlecCi|Xgh#F{WK#xG2A`rOgtTp9Uc_S7|@l@4>BomRq^-wRthb(Okz zpfQAy>|Nu@gm8G2b@|BS`kxbY8;}sz;RKZ?Io51?hQV7 zt4gC#OC_rXW|Vh?es{VSi30j4U>_P8ZijMQoZ#c$=)LvMMiNt7}Ax^eTU(&bQ$;^|Yfl{-M{ za??Rm;lI@es@>zIAkYq&-e^<$s1M*L(hQq9wtOAP0T!10AM-&u!t1KZY3vXxB;;XX zp4GR4BOYTRcZwUEbFI~S>^3!MF-EZmmiVz&uqt@=()jmRhbbs61Xu7`esq{pjxW+| zSFp-eM}pKeP|skBVWpSX)Vg~G{4B;F7d2I_@(laBSbpen7<>YTY3~<@;Mra^HP#ZN z@-71q{SXxtG|unda7W;v#C;Su@>tL{6Fx(%`24Qm^s}edf|ecQ+&7BkiKjb_!PPw*axz5-3Dq(babarCGn<$;ciyX@szi^UI zGAHaLF_IanHqA7w8ZOH=WOhf7l_Us$04`TPo-XBi#lWWR?E5(1^ixN45^m1u1-!Ua1g z;k-K<%A;GCe~toht)Pw~t-oH*&WnX{(X^*WR8h|%yga*csHIQO>6`i~@t>D2NNK~m zU=6`34%J&Lkp>P3*7a+Jj}nC2rnh~Rru^5AI7c0RxtSSMTd0^OIDOm3^9+PGkM-4# z)-5$McU7l7Omsd08$H5*tWK8&$?wpfdjF`qA$EvZ>sGdw9ZqE+a5YAdH~GOpVH!>S zvx&XeXBB=}<}{2#RUn9^M-LcJVmV+U^skWx#}5HkOL_Odr&xAFaMNLYIgjkHzD6w$S4|hB zLp2o}fmz5CSYbM)doS|edi_=ChnNLYpX}^mSMYvi;X7hFau0M%Fj#G(e2NYvKW4x$UGLdioi{OE>fc4wJqe{zpGJ~`6#0K!AUGV zhA`%rEd#}v?Cq}WvCG_x8+d(7>sl-i_du$m&w>Eii{XvO$iJF|49hp5fR)CKtg&w_ zjT#4TEeh|<3T63UhBhpnU+-KHJDQ;BC2Bh6Izp~$LRd}&cniQ3`Gg6JYFOW16NS=v zu+ABiPM;akq8M%Hs|#mdHMf96CH-FM)fQztCtL+<+cGSBGjxO)fFh1Mwy6*nucNua zsqdfr47Z^Sh7rk-7?k4sxB_Q0{W=;0)~8Ak4;70@9-)j1Jp*_|`p>D{YLN*i%>4XmfNKY3b@ISjnIVPCt0f*tIub~Fr_&xhw- ze|~D1C&3b%CGS;0w;ijz^J;r6jEHYo)}AQTPCey=8%hFh6kRfM1$Y(?lyl8&<&deZ zQ8)M#R-q1Ho|y&^I2k%tKm8*uOQoTHrYkj}r}*BN7xqJA69RD+MdwC`Cp?c_e@2Fe zc;;X1i2Dk=`!Py??bKCdK`zN~YzT4z@i}zmElu}f1hpf>mrWcR-hi*~JUjU}9eQITIS*ndy6OPh{gn{10s_i|L}NEQuJOR14^(^wyWze62O0?q}Pxu(7dy)=x^G?qYH|C=!zi(9A7JcGizX)Y9uCN?wwb zcxlcG^+ZYxGm_QwShA2IJYhDble4_<-NF95yD|IHM7c8~*8&s61hBR~ZF2i3_(lyK z+A?d8AT!V3*^pC&MHAfH+S)p=vRMj9G_KrtnP?uP>_uAz=_vRvo>^{OkJ+77*+0Ti ztPn&5#2{4_sKLN0VP;nAB24DMrUqI4%?hl$t(t7t*68J`S5{wF#N9vRLIZ zK-&tW={7{pDptAVG*pu1Pn#mtoFNd+l4DdCIfdNY#xsuZ3z2U_@%ctMZJnoniN&4c zoC7JL)zfsQ2{IF02`a{y*i-7?SS%l8@+JmM_-`-t5)O`yohL4hR7qP}gUcj6H<$m? zp}RGC7{8~{oydt$qAP1+2#g4n=tLSGe^tP-gn*o{%_i60vwz2Ktzq=P3%4z{wO_7Ug2KJCnpCOBb zenw@ajefmhj=PJtuV4)uvH1~PSAQC6-yHeH+!&hdN?4F$FAHzWQQ{R}HwruChYFhH zq=z2+TIJl(?kJz+d%dMYLaX~e!$GBoyFO0Y7x&G32dL)TLAr`0C)N{GJIr)28wjD& zuCvS2$ubmABoQXU;K0o@j)@uro=5g`HsKhLHttGr@>~dm(-Ry|edYs!2eK>Pon(0h z>N{&)<8&(-MoiFCmXz+{*af3#;gQb4TmvcM3M-k>V|$wQwrP2xnO_H|@$?H9-=9|!!7)l4UN}+g zH(mp0hZeVmZ}IapYh#Cw`_%quB8(?kHu!2}D)>yb3uVh(GKL%Cu6**|`jHicmm~x` zAj+~FK0H1m75u|pLsK(eOT6wwFoWrxJ9lc^?h-y%lYNdY`y{ti<&gTtu?BQk3a)7` zR%H*FC~Vkzk#;HFt@*iEk9^z4`edxidDw_w^B#$q4s0rYMN6F zyX{DIUEcV&&JBg)lq#8Y%UdG*&qb(u7*1^7?U1aJA*roZgvV9{szVTi{HjFS2SPTp zD9eq87vGMxeIYZ-Xv)*mscP7m=QWmTC*4Qw1TKD!1-^@$FT5arNe==&)d%GwIBK?u zg&hyL%j^QW1V1Wj!959-KFyM&R`DNc3Tb?zlN6WjAB}2;j$A_x{v@n?^2ThM9zdt{ zhqbRJ0FjjUBlZxVJI(CJ@gqk+aUnC;6NgKu@oXWN1I~@or1KurW4j*P0nQ zrr2m|^h?7nvM8j+V>|-x+LX}6#}Tua-zg>FtP8g~y>O-NtL@)OJ%Lx9jy0}m7itDs zW*hA7*7JDI4UB^*d4ebjFR6oK-E1^#{8LYR!{|ZXNRU;FDzyAz(D==H`66Sa zqrQ^=Y;1$wEW>EaplTOZ+Is~t|M48(h+sd919_g@*_wKIB!*qPfaizov z#_dP#;zb@ifm^2L7s*~4`O;l~4uWW-#^_EfNV?;s)-DxwwtLYWdCHW55$xR`;^*7p z6lF;EIwVJb&w4_4AF*dY9IzXk6H{@=0fIQTQ2iuaj&e<>efHVqBH(D}l33CC=0^Mb z+PdGtHec9u{BGGf#+LXlHmL2>fJ!8#cUQnwv+K)GBOoJagyFeariBkj##2$;xAk=+ z4?r9ts|k}|$mJ8Rljll4$v_bN*F-!s1>Dtp;-#sC&~9KjP&p zZdvU$`RTW9yk5zZIWuzlmF**!K)y}Uw&OHD+Hd@TY-pCT#k>+j)&d$0&nBG;4}bYf z3K;#ue;2HPKV zVod#Q(xQj=4D{PR1kN^fxwoZ}2aiU9LcqmMK5@%WQXiJFg=yz`T)Sfs=!OMyRH%rCw zLM6&Zeo(g~n2<;OFYHv_UFcCr&%MkXCz#iCkBA$M&(2a?C>(tr!!jV*oY?>mx}J7) z`NTj)Hk9)$NN&6Xk` zX8G&r&!$wai>222S%6h^nhhatu9z)EHuo-c$FR{iQ)g z$2LwW=ZOb7G3`jN=?4m)ZZ#(_W!mB@eAae$LN9T%7H5K0j4$A(Z2VQ2#NnMYek+5H z-dqG`PrXB7^;>t_x!HdBH5Od2yjWFRyz3)EiiVz9iA8hqKUsaN#7>%?aEr5SlY7`_ zaWnR$yLu8lfgkHg0eRXGnf+fXy5cS{a6kAz`F=ZFx=-ky*>|UTBRniempJCw|T3RX;UkocWi=LhvCkCD<%h zK9tbqXLYV3zL$ZOc+5d?fT3e?eMzEomt;-lqwT8*?>4^0Q@ZM*KRXh(rpMk`8blt| z0ql!J$Ac7Zhk)LqgeR}tX^Jw-UMNR{zVk`XJXO2XBQPpF1%Ib zTzF1KoI%6VuvDY~aTteKRr>KEG{N+fV!M>A@5*uK-{r}e*#U7U6ZdZGJN z?Evf(-J7D8)1E@~-?b_6eB~CEqOeiHgYzGxKx()nxOfbi{YKV^Wu2OUl4^*4Uoj;R z;G`oYpXB*Y+%okptM3k#= z3xX2?gfyd^W{l;gr8?8+Phtn{=5yI=i(n|%^xPbNTBL5yP^DRE@ss;NAgPDodd%6z zs4L|aVWTX*TAYIJ<{isRt~<_We*I~6Tys*EUxtGbcUJkN>~_EerTKto96QuJ z`e3Fi>KSB^?UtXd=>YHs-#BVA;U03dH;YsRxJSA9$QjtEL8zNtmb^P#1r-^IcgjDM zsJUwWZs|k8%a#rt=gz~Rw8vaw?i0D*v$r(@)J)`o@|Jf96p%%L!XB=w4+*o_P}e7_ zJAo~jCy?pI13`GTcK9fDA4Nu)^CIb|#N+ETc17E{;cc?xy=AzQ4SFsWjad;yFaahA zw<;-*y-|~!x7xd8%+Q5sP>y%=4Y?Pf zLkaDS3}^hRX0x?8Otwn5157JyY!#57aWTLE+CuU*t@kbp29*wj2H!brk7-4}R)f)M zNB-p|f|Wjmo=rRvSK6Tah>=?aZs}{P-_{y93#!X)^%^6f{1i#=0<9d5KLiRPzeUP? zKdzEk%#={YvOq0+PB{KlLu}g&@6z{GJ3%*#=A0b_Vak`ivDRF_P0e;Tg1E2gX9jl3 zl~gZR^(x7|VF{ik)A)Rk$yUc%5u-OLH%mA$mCiy` zc%Z91oNj#!aHJAUjLp1iCl>floS%`+CkUO7><9gxe;=a88>}WxwVT;SYz_P0wOa`3 zBSk2SCmyU%ZqO6gT0F9m>*j*gInQOvv*GdlB9bxNW zY*zla&2E9FriADG>K&kIBp>t;NcpeW)RC)U|M5YQ@XbW1DexTbf@T}Q=pFXNCl~8f z`az{uluWUMx2NF-NcY=c%ELAXjXQxRAP8Cuq@;(*M$P{el*y()X$%456&uZ~V#Ua- ze3nd1yg?xr6hTkLUR-)_RgH(%*r0>XuZ6QFuY^Y%uvv%T3WInPVaHC$FDRk!^}1#-(S0 zW+FwLcd2#jglcRTmo+TQX~Zsh=fPAbyqBvVwEG2MVKjZ*FL@7d zEKf{OZUT)at=SocW@4x;HYG6K6_qQt;A^O00x^j@UH)>IQA_5x9S%jHfGDRX{9Fzx z=USf;{5h@1b7cUZ!Z6ccBc!$3Xm{Uf`P2NBwW%~lPlf5b`fXP|!O<6xm4_!#1?M6` z{e32MDLZth{Q+)g6PI2&9*7h33iG>s`LbCmN2t$`>HD%rZezv{@h#gkoJBV#vzK#v zKr~DpGVLyJ0ijN3WvKijFrpR#duJo)x?1~7jp^<}xUGu`6ULnJqk0Z`AVmE8JLs0X zpsT|mN0nlotaG?1(|$%}4odO{ufQD1HG6|be-GAH&?|Ts;^!;dvNhsN!QeBTYIkrX z7N}1LD6&yKGm2tw`9PTt>i81ujqRo}{~46!C#g6ms-A?PVg|Z;5`%j36LECR^icky zQeWlWvYd3T+U*;rp>u6Hu~7pQky}FfipL1<>YB;x7j#fz!-$?UxJo>b%0SPPVII)` z9KRVJEZZ9n3)&iXAUmb|@-$ehf-M|gkq{ZliMUX$q4j^8)DAr^n*+l{(Be|Qef-FGqQyEEh1Wg=t!$(DmXny-YI z@{}=RUtPCzv+sVLQNOQr_70I1$$zc=372@B}1K<9JuMk3YGl|j53?{@_|M$#mOuE-s}OO0WKdnX8Lk29TYaL%uD^2rQq}0 z8NSF*vsbtIK#U*U*gR#DA;PO}tYFGsr&E3P<9=ZNu zI%yUc3`$k^gYKC>73ef{R%p*Ptk|a^&W|MAx7rI8@sZz7a4u!Bw1R%zVw1)gmG>7g zP*tWq+yi}+T}lJ>+UCoVL#ekzoB|9C;scPwAZrVO{+xm|am)G?Y{~2wY{o5YkBRS{ zJ1;CeJ{~)5gS&$Et_uV%jC|cpg%?bQ{lv1(lMW-}f^dsFJmFhyykU1avt;uoe9)Ga zz_+u0PHxO^XJdYb!i8fi#9DAh<$Vd0aX(NfbBv3PbikEx#%rcaQft_!vuH+|!4~K- z4kHiIm1h>1+?l zTqI+3%Syk`Awx8U-Q#kSAg_6#tcgs8iVRvE{J9(gG?4HA@dDfrCHN!FSLZ*zSE6bIHKI1kE$ilq_@}>L+;CI~&a|uppbCb- zbFFS+x9stpY~U8UkmGroJK)vM;~c$B^#$XIj|-w*Qob=L?hSVjU@@bVNmWMIbCkf2}XNz#QCHmG@#$%G79t$#p zM}!f?^#IjVZQ|^0HwvD2P;h^Ez^)jZctw#(CmYXS%u|{gfB7T*heo$Z~hh=5vCf_OXIqpCAF0|1IK)&FLJpfUL zUA8t~Kg>+_Y-WhY4JeZkg&$tCK>Xh1E%h_PMwM;9)n$D>>8^5<#Q&u*l%`?6>2uYV z4((R?W4yIwm}@{@>#LmJI^u`p0lt=qoLG9o0f-;+K6&V2x}zCR-O{Qjj(`A_qP`XP zshFQON@51pIoE6u8{j(Y-4ph0{;0N45GKoq1}%O?-pZ z2wgAwp?L|t5{7e2ex`0j9b$2TMt~bwkGWK0t{wpXTws3)Cnp_RP3*n4mzS1!ivTx! z9`D@~K#S>N7e#LlETG16yAC)S@66;_q6JB(+(;e{pWCiZhR4_~#{n8~XlFoWnOnjZ z(ZaIf@r_IMFS8||5Ny|aiiY;r*d~Rx|7C0$FKo=x;g9_edUW%-wm@LKH*D-|*GMZe zRVElaba+qHhcR3EOzi%M_~sY4LR();LGJ7O8d9KE5S{gi*}X}%S$NyRnxE=axawW1 z7(Zp6VODDY^ANvq;N}EC>&07dGhqO<-rlL8$H*Q!A4hy0!Yq?YJM`qnyMJEn^sS-U9UMoiO-3Ad=RiBRoF$=bxNdA1KC0o zMxU_|*uioLf)HFxKCg+bO`I5g=D>)l2$<7}c;Pyg+#x~rEc&ceWnM$T+Q9Bqq<*_L!2#p%ayLJyS4``#8ZNhp z=eheoxksSQLxL_hIkT~!U>nvgZ{s~VnT}gt0n7E%c+J?L8nGxo$tjTX-j^`)L&3%W zMV}?a@1}{oBOmCUP))>CF~LTaY&8UFzv}!ngP@_tHg}2de_R{thdKaL^ho!_(>-Qn ziGHCDKiT;6@E`ZjPsaajdhi&r_Qb^3^tQ^Yz}kJ*b!p@{Y_ybr5*B&{sdVmBs36PV z2CJXG5!(QtkIiDOa$7SME?=A{Ikn6iYOi8zai9EitSO;Phoyi!B|^J~)&#iE$u9FR z50AgJXP-E6$$TIh*tt*Ho6BlpYX{x^i={!pE?4-wQTV?Zc}b(2SDX@A5U>czv7mf$ z=9h2eV^lkJp?$FHIocbG_tC9#PZMM0WnrU|SEid|Sde3K1@gDl{&q9{?|;w2n^&yA z3}Y62IBoY4;oSUORA%@8DSYFN!C+RT9ZcZN@ee*v6K)<@Ktz>m7v zJn$$y2~v|hSXmh`0+KP!p*M_gjVIDf198XaI@|H<7SgRj(%+CRSoE_IP(wE{Ry!mV6*?%)lCU?d#3WY z)rf4MsBnp?1u8Zb1jkv5$ooHzUqBa@kDco&JVN-na+6vM{}w*sJq3RL+h?8_~E${ z-mbezu)rGnFq)F{a?d~&EQqq!qVZ$=o!_{V@(SG9ZuE()BQ5A?(kjJxj9>F`+-xs2 zoKowXuU-)OkS*40B{P&iXpju20$ljC-$V$aakZ7R4>T!iAKm+AaM15xo`R>3HY0gM zP3nDcr<+N5;8JB*32o$34mRNl+x3_qsVSB(?711sC2tVJqa-3`R((!-ko;Az^A%aQy z3~+u+X}twp-z{_#KV}ZRh5R*6gYkd~Vjj#PTf1|i7 zI&}%W$3+tmvHTk^uN91em&Bx&mz?~OWNh^u!1+9}AVQ{kug7|~oWrOUn9>xChUYpO zAokrGJA`EkvO3|YPAsn412&M}+NL*73>#)5fK~sewomCRGkW_8^4=@-p5v>Q%^~w{Nzf!GLmCpCZdTsuSqEPC>91BsA-mWJ zChah`vnDq9BWR|>z>jnnLLj$-x=0kSPgO6Dx1cJerOmyrlHU*@Pq*mO+|R=I4;IL7 z&ECmxa8aocXE-J9b6?So;xfX#^f1GyP^^H~Q|obYUTZCCYngE|K?53q@I!xmqXDIR z)!JOSVpIu5J$UtsBg`BQ$3<7~zaI>~WaaQmw#(_lpcm*^kSQVA;2#bNPH=oC^M2lt zjT^}nUkNsH)>vi3Ak$6B6x5P)@BT$#@ur_UBucWK58tvC0`@nQPm!ln#`U$p4*>V=q@Jt{GLLd*yKGCiVCdH9*bRXsf` zEkZU2E5W;0>Xw^{d7!Jd67*I|JCon4lNP>6-`6ZStq@Tnjfz#;N--5L)#?E6T}p7p z4z16#xQeV7o#t?20@k%+SNyw-l; zTBIeJ1cy;>Rgc)x(fqUX^d?1C#w*+I-tN13?joN%=mVPCTDRIz%}<=Og8_3vJLvAX z%X8BgxXsr;p9^758}Dzt+a9kCGvBvzsG0o!z3WQ%F5JgK4p*GJK~^itFD2sL0_@k} zoeOxm3~%Yya@f8(cpnrrE8Z&a`VmJAvLb-lyvQKG>;344KLeiZOD|Zb?8^$%?@17f z-BwlQ#TbEh)gqIM7u#tvA?4|zXPz4dlIu-CK^`$}W9^46-$!$alWQl7K1g2&X1 zP~Bi7#^MeWKsU%V@V?m3*NYc{GZlFE$i81K*}X0ibdv*{2Y`hFEW(w^%z*XZAvdMl zEr(XRC^TO_&%1xCmdlzd{vegebg^jC`e1_Q>gLqiNLZNLIdU%|vl#4D|5G*GKn5GA zvWvLSJ-w2A^V&ZmM*juyA#mDgABgJD;Vys6x<3h=l(rC!rG&FZDgVHRLJzRn0e@ts zHO|2f-2eM?k!1=l8Xy0;L{*;sr^OHnp|d{yAm~sGaO}m>aV_}|{6^h5{(3zL%$;g2 z?77OXrX_!EEMQ>CH?{xk1j#0KcfGf(AS#lu$;?=D1Id3!<=5}vV=h(Qo%-?j=U6Ru zP5!6PjcWw_tu5$Uh4lT86V&cv#S35Hp`g5Y+Wj?7SWDzzkj?Qweb4WX{RFBEgr^mR z)#$ROHX+P-fNSvkP0#nM00l;$lKmNIKJ4xPls^}LD}NeF{#uIC|EIk-kA}Ma|Htq4 zMaW%|y(nv_gzTx5C4{m~Mv{FQ`()oLmF!!#C|hC(nZaPhoi${e!7PZe4Ku>bV2t^` zRQLOL-<|hgzjMClb3W&M{oyz>!aE6qWGga9S>KV#;L0M4+MH|wz_sL#pxX}Nb?-$4dWWspIqH}zqu?@>u%lP@efaBATOcQpHv#yp39jXJ zZNU<7K*GQhfU>}u-+!07U^?SE{QfM!0)*WI!m-W~s>K)lrXJm#%hfW^e%ieB!nWYx z&&g;I&)Y==V1#@G2=TYrgc8m(Dns38vk20nP%!tU(PIZN14p0X4u$zxFV2b)xsR;? zAUTV@oR1dgtHoPXgyy}iUI)0A?nU~;u~firrhwV)&1B|^gyTX0%?}6ekyt9At98zL zqPL{YAWN~1Haj}c;<)*iwU?|T;mz^OHJ;Ul_pS>mdtaBWn@;)&SMY?+ef{+1AkrNK zKYoR-H7EYq}qLXbzz{$fPW{1T^JJMJ5@jQ2)F^wwC-(8$HvwGQX{VlrwuYM zU7%ket=NqpLGY7?&kn0hVS!S6N#nPV*U1;Pe}nQQymC+bzS%{^-? z2`_;O;-j|mRBVB`=fn7OJT-vYnH$eFeyK5C5sN5ucnS35EO0IH9zKF-;sxq00g=iL zqS&kXnYJ-=nAKSz!*-r?V4z3S6IlrsG>7T$K|uI5f@{|nhV{_^AaQORoX5}rQtvbX zW-n3O0IDniBfjJYt<9aT4-}nx!Cs8v?>K^}Xe)E5%>iq&IyZ0bXk6?ZKs)O_?)X=w zlE7Tbjx5|}*xH=&2Ec_aG|JVOk?imoS?m0)BKl5&TlU^%*cl~sd37V8LE>l?yE*NV z(}Mx+U)v5w#Ma1)VuDtJXp7D+Xx?prWZi)qYyb%Gm|>(hQE#*{2=Ninx5OVf63B_% zZp5|$)e61yj%Jiee-P7Sovvh}a1@A{bq4&}5l$8D=FMH)N&UQvemQR*RcAZ6x%S#T z!~{Y4TtuZnI^%pzB2T}-@ z557w5=2;EBp0Cw7es|9c7Jc1C6;R8QSE#R}y#%n-Vq2hJ8i>*Zkb`TFpR@R?cKZvx zS#!r>+o|>F1Aom+9S_;Q3S3Bf;^X-jhP{S3U-%B5UD^B?g0J^qatV#|dEd`Yy*V|m zrIelAy!6z#VE=C$DHhmB-IdPx?gUEz-dusdfUEyM&$hoO^5BSJc(Xh5^qXscZ_vMH z*aOhLK-wNJ+4Wm9{y;NW_Cta@b-n*+-!lp*jAGB%VgIce_%T2m%tL4H=&zOZ%WUEN zz$xHyQrqPpJ=|&VLk`f4|Fx^p|7d#WBRD{m*1uK4WY2HSECI~`wcaZKRyzZtJU~Q{ z|3)I;Z_T)g1FBW{gs-Rn*>#|OB|v)ufBwbLf2{JeoA*_LW`5L%{QHesK&bcsnf`yb z=}*0n2m+!6aOqbZ|DR&Y&uKsU?g~&!wi~Z77;4OkbC;Fo@}9kX^k41{_)O{ECYEz9 z5ZE06=&b+tGt7=)jq1naziC?DF9e)hFJvd8_|JdvgaI$tT+{y>GW_jpWjp`Bpj zzZS{=WaAuqd5)Bbs)zF`mX{#4fIe%pK+xidm-E+m71?26g8=gU_5kfYgSZ_O*kKLz z?W5sH7zn!)Do=%{t=APEGZb(!{m4SLh*9zO%GgY4m}mO&fU4wG66^ll@qk(8bAXI; zPCtzIG*D3k=vwVxt$xs6A2pA%-rqUy)iT@Hohm4-HidHTUqo6T@mYwb)C7_1Z;%^F zV@}?WgUO4VC)vk!a(zB`Q3nbc`Q9Lw?8xbD#_AKd zVIJTv}+JG^H@HBHXuVqVyw2p+1+H*+b?@E{LRmgb7~_>=iZ!_^Iw zi!;fNfI@U+V$`>h-3O*J6`f~?c+>pTmC{O8G|z0Zii0<**KUO{(V;nmIdmrLg&M>D-oiPj>?2MY zB7L`>>t{`F6FCzZn%!r+;m=YeGe!1TJyRQzJ*)87^Q~GjDl1G#+|~ct9o?77v-L$C z!|bMC#u341(}N$GR;{_peiQzN1SeQw^DYNy_>Ie@y(k-z@-}x(oT)J>7=LyzNj1I0 z5mDGtSQ3U_LZ*ta`1r+1+b@$>r3*VcLM2T~%Q{wMyk^wophk%lv*%x|bH^M66D#*5 z6>jIP-HqAh~z%s}^!{WH^Df7aP zklfFm#{^AY`uNLk@4?n#MXS7rpMFGHAy?#&y{f8ziY~`yPx-xtxKLFBmzzk_3|`bT z@^~>lbzrVVWo0gzQrw$8o20Z&(WsN4_7#!c%7+)nHUiKl0pC-NSK8YIO%R4B0;q+^ ziy>DgSk(hXRP7>7l~x7UUT@2Whp>CNX@LL|m0>y_%z3z!Jd^%f_zvt^bl7Rp8zG_$ zy09Lz4t(R()xWs_Fv*Gr&*(e1m|x56vB&|Y8jJB+bmDVAU6qOYUV=u|a2(_ z?cwDEYu|jLw&@*ut+yBEJc(!L+Xh$y7#oZkAvh>|L&@B+)~6m`&7fR`M`dqb^*3wE z?O!a<%HEuF?W4=1k>;xXtFTQfr*oigNWfAmvhe<=$8KTe)N754<(2Fun0%H?1w%OS zTBr`wGw|E2oKEZzi+jK8gl209zQ%nz6Ktdxv3tXQu{g?YrsMArh=7n+8tP)oF+-1TLB_M$KS#^4{ozSx~F2u_1dnu1o9?rnKZp!E2 z!?2=$?m6>;UF(F?31OvvN4)C^RjU}11Tw7MyK1?y@6Z~`XmmJX&~H$Kic;bo&m}(O z>gda&H1?y)brL^k4WQ!t>0FM1tbA!M%^Y!W*9Asdm^JSRBQks2eNuq}K$}K+boslr zr%ipCN(i4&z6T4=giQ{4Rpxw0@!-Ds?o6fg`V*HPB0K`#s4;QpN2_P^ZV9nW>X|Bj zPHCHBOpkegKemABH-w~D7MFT-$G?zVhfD7!I3A$tv#Yc9WYveEe2Y`$%r9bD5)8u0 zGzsJDo3uJ9YR_Pu*zt9^roZdlm$NX^iw19lsw0^K>3ok_95^V#@Ipn7wW2nm@w9eP z!FJ=*?}^N$LTmNJg^~(|(hLzfU;PX1%#VtO=%$2ou22Wz+92>6G!JHSQNazI#YaYc z{VM1fxmm;W9CzuQA>Unt#9SeRM0bX^OA)+ZhFW88LSNeUknKz+Q82-*H}7Amura+| zP&G@Op)Zo@9y)1o771%$U>c7U)Akp5nXFjRrb~%2EeKmZ?!0wR);XOoupOUxj^CeY z9Ss?8)D4p>!8C^il`fJXcZd{bl}p%_?l4)1ji&wyZeIB-*Pt(s094B0iLaAtzzS~i zsw?wfh~B4eGF@_Kyrg?uhzE9Bm4_vKj_Fx!>M|#rx+%8Sh!E1VcHqrjQt&0zDSXNL zwpe~_Jgfci3BAr^@i+-cgF5=Lhc&)``$Y`VCceo|;|$+wXSLWP2Pn*8*f4_yp)~C& zD1sk|%eA~e-v~V_*>Y@`ty|djEocF~xpim2w$#qe7H(1Qu-mwYeou&xC3Iv*7WJUnDWiHpB5@cQKfXp>XV+|Y$N=z>;lZ!Y+9Th zA2w&e!lBfegs3s)jWzvz=m;|CND%Fo0JJh#9+LPnYq@N7W#*%4+`+P&>Ksc6j)L-~ zFHUrK#v;_jOvPBB#X`%_BRER-qpO@7-%5o6@?pA41s|FuwsJz6uo$p{Nr`gF&dnu6rKy zKHitXx{iNQtPzlV=sTelPwJ{@%2EDco`)J9%wvog>6^_2*gT(o4QOFiL|`6{DEN9J znBMq47odQsjgFb+Kbe znJdkW*vA6*jSk-mniS*>={X+YK67~~!yp+PBAcA$OQty&3uH(q!1u2o5|2+4!mD0p z{~()#)hW~)Z6!1SXyJgMs5@QLvS&UX3K`QTPVM7To~A7}m)j06f@gW6ZxSEJ8INX2 znh+xwPa#>`n`U=W^cSHN3+8Jm8)?#i4|#GdS;I1F9Sa^NV0puYXK$<1ud+v)$Hl9t zH?+RiONQROQ8=q%ES@LycJ`jKhJNUHrr`{RZ|)0T&)1==R?VU@B?WSOcHdiYfG$tF9iR&o z4f45kto9Mk*!s<78apa~x^r9Ii&V1jg%TLrgwrIREk3=Sz;TySqJCAez-PX%bQ&eB znX(*!o98uB_lF%js;0E$Ubk6)ASY3z=F-V{_v@fmJbSH?pyy*;aO-{dGZpDkfk%?H z90g!<@ZLmxCsZVWYUSwQ(DhwBHp#s{trc4>)|n=Q^|tOKxHg)>-bY}nLEKsatH}1z z?xz(|BcaX{~4;+0h|`q&4|C=W1}Z}SR3>0 z6Qew(HPGL8<`|ZGe;1UU{hs?mq75Eg$j-`}y{gt%X(5dW-s-B-UcF%$uu<4AH{oC5 zqZ+NAJce*RO}lz|j`yLK+gC@A5OTTJhInqM=| zuR8M?zmUL+^bd+xUTIl0GmS8?yv^xGv#CaNBqr4+q}thE%kMLIWgou1HrP4aI6YI*GR=&pIMRTgLP&mm(jL z{`_~(q(S=&06<4HGj_=lwS%Ni93n52~scWv@`nR%{Mte zU+8NAwP6w@0gIxu+#6rWsX?oKoyG?$KmL)QL_2B0`CMrN{L!gSz;Ch8Fsd))sAYcF zwji=@7iIB+v2vc}9c~wjZ%qGaL=OAQCUDS4P5zw1T@PqV{LZ&Qg=PD3g4LQns9ALn zw`O%4o(HZ>%vCp!<|U5NCOZDvz4cqyXTVu!1+$(BsOmSq@CuglZRhc`5H5*M7 z3M8we8vpQAqDKVUq0ZG6L1;E48*Z*3dG}q=+x6chc{I~|gNWOuO3Oz|uPGkK@+E3f z&-gzA5}+vZ+8?75u_3JCTfO{&S+XLvUoEen?_aHDw9hy`rJV`5X}3=GM8^DC{|SaY zNXQ8mPckR<2rIi(1%D@U0!nGlOMs+;AIU78K3=bMX##FLqV>01C)Ph5EGB&0dy^pZ zdgWPrKj{HoHE8nNYe-enO+fY-$7s6wk@z23EgJQddn6EJl&&OTqp z?ap7v;_pofU?Yjw*>T}mZtGNvd1 z%f)?Wc6ht;i8~DD0I~>@gj*l=4V$Eth+b*VQL(pn^LB}GS{zB7R9l8|xvTSrat1R% zH*P%Tc*D>oXI*UN4c*uf=Okv5a&$NmIfH?8jfezIS|5C zooaj$n31JP|0sKu5Lr;QCOYVPrZ40~YUmirrLjj|?n_eBk`K@9qPB=N#30#A+_96` zST$=ate~O#%;?O7{~&F%(0DeRoCY>|7}3iguQVZ~U_DKR(ci`g8|7>*R-F zfsKAnFFDvaKzB70PhEoFRH#_3RUeDjxI9+UM|OzyA$?kLZLU|xec$`yd69TxL!2P% zC5J+YB?iID}SSU2g9%w+29QFn)Itof1!BzlX@=p zBs?gNz46v`=$(Y8l^z?N(XNxUnSglPPdUm@hTT!Kk*Yk(G%a3-6WkBs&iEnSXd6D} zZVzZmYN0zS&arb_&`K}YuAaD%v4*zH;`p{yvsT*YICuL2+ZIHak)n3dKE)y)fjs-* zC{l0ZfXX5RcN+1W9SfftQ=2%?2I^FkfSHQL`@SwkSGzZ+*nA1SUM>)lyZYdMTeq+Z zapX$z@EJZ&BBQvud#KGKJ00GuTlncBWJkmfv0bwHi zRK7JY?fu9@h$RKGvDKCilY~3S z^f-oWl~}6yLSEBuXG??xLfP00%5EYHX->lBUU5B>Lh_;p4n4{Dd}`gDl6xj!D~hXn z);#GvcmLxC-rCRUV~=`0QGxvrYLJaJPwIOWt0qFB3LWV|+gd=5_kY%Gis`7?lm`|2 z_X@syO7+B^_fow{fg9I-Uw`*9v%Iy(@B2rHN5`L8Qv%1A2|j^oDZKZt1}$m}^*_Oq zS*N}gOxiM8xIV%^SV{1v-QKkGS$BCpT_PV#fPi*ubuhRbNo?v{>o$7SN>Vx3dQuH z8A=-Z>Z2g^^^$va!R4gUl}W`J9MC0{=?O0 zOT`l!TXU`f_H8*PH7?q-)z|y%uTdMR?IiCqg83pbQs#~$$-tsXX1Ow);hW?5x`XLt z#BbGv>siVe&k3&OhS$Ct#U?z&e4E}@-$SBhLBd|o`kaPmx0XHNSy)47t@@rsq^8^O zMa_6(RrdPKgi_WPtv=Yg#_SyyU5zP@%K_9_4B9`NfO(XwwbvaQFQ|UKzwx4GV0JxB zmF@eeCm6cQusn|;zE5;~mLqy@qG>D1bobyGDCmQ`%VU`Z`#}&e?@Jg)B1F+z(^HLwVB{{HrC6UIcVCQBLeiS4K-PcUyna)`caBsA0p zyJ1!zAiNHjTBj{t>i{ zl_J)-nkQ@3>wSbBch6#i$;|q9F*15SIlZ=mYFiw|#st*(n}F?J`nr;~M~IApUi!dy6#5C}kYxlgS_mCQ4IB9Q|T7C*V^J@7Zds3nOR`*ghzPqa5%1e-NhS zRSC_!8QZfp?a1X=vl?_@;ploNmt}!;x-gJ69#xnV-YVE%U4LryjvyZy4;?5$mYa~% zSq;6Ev<&3<=lTzwi`rZp;Ao6+zT8nEb#Z;3CozwUTwAiZWO%qp{laML>?eab<2_ok zmBSeR^P`SheiCq@HX(6fzt^0t%pIzh4RZi|I|qu^Im3)Fzck!0>_!GUth zUX5%Hbc|cV-));y2o7)BTb&x)h*_=4?<3f!dZS3n=PW$;kVj7awc@mD=UxcS(jTui z7IX{@XCy!Qo)*-gj^lPx+gva0brR%%e*QKF_F<nPtw3wHx{&`GzsiO`EHRS~^?+MC1fq|t6t-BD1ltr-ugJMP14%!f<$n9+E)P=B+x z!iv+6HrA?Hoo_#P=RDDXpzPnRV$rsJd5=gVYrGWI#x~lw^)n%-xgIVvgIT9O$xSHg zgET)4xVC<3eYzjC5lysf!J85Z46rZw%xE=MunixWTeQ-p4}H3Sl~8{I!hfnv=&?H1 zU14);NQR=WkhnP=D)&05W{KZyyk)DEZ1aj(J;pK z9Ug|OIy9y^XZ0eaca<{4b!x&er%J5&V8P=ni+dCZw@8b7b6jPs40xc@uwC@y*5_rN zdV?F``})ig8?bq@JDHtjw1Ui6caT z_|re+b`Bnw0Zx~D}4}_l;^$PCUnJG84Df{`3?deS`L|T&mBWXRdKTY*lWhO*d{4wQur>ToG=Jp{XRYan zTOAkwopQZ$fol$s3v2SZxHLFg*Tf${%Qt#UKpmO$zu&~!%kzuO^q&lu&Rt-R?#KkJ z#QtrUpJqz91H4|a;_dm{Xz!c=d}cUFeEhdOvhL37QgR3W{j98`|6|QZ6zsJCC1K_I}vJnY$JqU9 zfbZUm`wVyLJo%gDwEz#{DbSex&7uBxe!e5UxqDVNp{Mj>Fe+$yZvV=6Sa;zPuR`Hc zNsaf?Dx+#?r7PicQ!Y{Zbg*Q}Zd)Rby0W=4YAs#RqpMKB9Ib)swl4%^*%M4j4_gP8 zk}|kbU-%8$=Y|g3Q}W-Ft0=uo87uR(C#n{!4FVqi3!(8{mKBTP3`AOV79^34-M9S2K@n%sj6#LFw;v_I9!t z7e29&lB6UDTHwFqNbX1)=Z2(vE9mQO@Xc$>j%zD_qF6JkO%-#ZF)^zAw#0iydb$D7 zwZ5iZ^xUw;6kbP}gf4cy?odZ`lFs#MhU+Lyr_%Px{2SixG(fEs!0=krRhEF1!M4{%1Z9pFiM zBL}zYJ+m4@zZ=y>$|87>eyjyU&qj}Jvyy6?0Oj@f`>X7&ZAvPA`Y+(E;tdhfJ zt)cB}3pz`RMCkWJSO_saYr6C%xgwo9E zwH4QTK7ZJBfmiNSsq&|y!a9%W!vh9E@k{nMzB(3mr6y3>;GOB5g%l% zh6|{NhV7>YG@+gJ7L3yLOPzOws+R)lZ!-RJg=DM&H+EFrDOc3E2*mo0ob{!6_X9IR z#G|0vnabc^hmt{fgK2tXV67dBKG}nsqbqhg%Y#(yJAbC-&(2*$1v}Nv#S=;3modya6aox z2zw?+MgT#?c?kB__i}L@hrNwh;-4Zn33cX%_d)gEhnx$qWsu;~a;2zI5r7tCrMyXQ zEZ8L2=bY{uZ~Oq>R7c}Bz#{GM`>XC5ses1o|q`!afY%P(>pO$9WO6q#ir_|Zti0+I?A5P|z>7EJh>w(Veoqae{7xS>9 zwN!`U*Eie}X+c%p=D7 zwhOvSaPiYpuMFriHQLg0A)6XThhn@2D0Is~G7#=fHtRZV$G6b^RIis_l(Q8z_K-)9nRk3cDC(t(6%r?m+1G$sJu~dV@#E1Vw*~eBfxv5$Ne6&ccuIR80F$8o zmy|}T|7f_2a#7wzZz>)dBH(H+vWVjkXW;;lIFYC*ZkEpM?P&bN{1P8K4nmN3&3TO< zfngpOnY_PeMXP)8Q~{Kb1Fn3$f0CNRvrEu7u^e5mV;&kue64gYwsIG}%?93GdaZhp zNb^LfTStR))6~~CKM#ia1~#}KY)THz?c}`|840k8a6ML-+!HvNc_UJ?LQW1sSK@_N7a}0>c-)>Xdp$Pu>2;nJvKIba)F#? zcJbSnc^ZfdzuQ&SoZ;iznQn@{+}bHUWY{+^Xf$o{y})bmy=KnF7mxdp)xXA(GwJts zA+W1%0ondZz(8fCb85s#eoXPT(&>ds_~*H@XzUT1CW|UV_z~v# zr`;6QQ}it;RtXr5dO0JqfUX`?X%djw81=)gPi+7PZl}`Bksp{t_s@}>aBQg9Ld*d( zRiAWev{Cwod}!*v3Z|I2Iz|ffb>*zE+Yy|c9jHj2Qs2a(j}V%w@C&6CrK(PkFfyGf zvmE2$L9IZ*{oRO>N%;+3Nl;@!b@(fH#WnSQySg%4=PzTtsqxjx69+>O$* z?ZBADAS(mwQD%iQ?yg?P>3sf$WfE+qC)qV80IjGwnlZk#YFRD1{kjz&aNT;tk|&Bm z-k=&%;OsSVA^rCws6Nc5^h{V+=dSc2AMWZHAlGbT(Y$2+hCoA1e&fYfPj^R~=_g;4 zQe8#ltE30@XYtz)v)t1}+ZB6i&J*HfREcyO|7Sft+my$t164)}&Tp^HNTc=BVI=v7 z=qH+;sQp6;I+-xvCNR%j>3m8K^%Z3#Nm5*`|EeNvEV0@KsfFCWZkbe{GIairKlZlk zUe~(wUNia!w2{~i*jGC*K}Tc<(1fF!$$N3`hGmoIf@|DpVzbaxX|zmXYq6{DR8&$a(slGN0>76<8^Xyy$4%PRNWHgE4+517$9Ln(LF=bXMH z*m=uiQ)RCuXX+7 z!#gd%_yAl*xMbCm;{FX!Z$APO8f=i!gnvAQZRd+3M1XEtKW2+B`0WX#$H4%aZviP5 z07B~j{EobXJ8_N47SZ{i!}4-OnC+#2^2PD%gBm$GBxIta z=H{6NW_P&9ff>d`FxS8P^GC%0mixv3?%UD-<=#iA?I9Pu&WZZX3r{78?EW$TnIZva zvwruJ#S1{M)Nk}W|EGfji@-!TJX|$ZFRS6VryVa|h+rKM5EeT2wAA0?58y{v+wgk% I)%%hE2Y5R`uK)l5 literal 0 HcmV?d00001 diff --git a/data/cert-mumb-26072024.png b/data/cert-mumb-26072024.png new file mode 100644 index 0000000000000000000000000000000000000000..da7cf01749fd7ae44822f05c3635a8114d767697 GIT binary patch literal 34096 zcmeFZXH=70*EKAWDpCX$=_nuq0@6f4ii#o~LFr8qkQREc5fv2#q=jCTA|kyc^w>bU z(jpKbN+%FH5klbG(Q}`3^u3=kzGr;@zVZIyhbH^lS$prb=bUS<>xsUuI>RB3LkA8V zV9>a(W^mxZLCk>z6gjli;9pE6++q$K;5(q9cIl?S)#4akqt5hR+vbDQ<*cS3B~0U{Fxk2&EFmio9Dt=e z|1q@#ursvG$d}OxuH6p_~%byM%GdPJJ95@9^XFzQ#|x4gXPahf*}9-i~q-^ z{9gt64hNF3G%6%&^d@d;6w&!Mf@b=|6V`Z9V{wh^*W*|OHLnl8zLjs)6c{h(W_6AF z&v~iSe>m$dVcl#Iy1S~bp`p=!L_5L{0UgUzg+XE-<*)zoqsNaw*1(QeImAZuC@F}! zz{SjsoCaRqzFgDe={8n>D|DYksDA#+urQ|Db#!Qy|H|ec-;W`GKT9R7xhq|+S2aoG zmS$-KUg1eplok!4Q=;Wlyr5Q|`?q)Y0RauZOIV8=m`i-e{f8=1Xap&q}o1moRjWij@Qx2Iv z$pS(`QCl~x6+NdOAC<7eG#WJpZdTWx3Q<;Co$oKS8>{!JbQ%F-^0k+TxzK0yS<71J#@7p0&2;+BKvj6 ztkRe$>s^H-(pcNZ3nC z!Lr=S!55a^Q#TQse3wR~Jie=~2L=Z>Vghj`FJyOWU#iD;(C`MwZOwAJHQso7O!WAQ zNjd-TheQ<%k)*@yUAhtRrbi7I{U+>0S7~Q1H9kqyxPwV$*G9KE*WkVV`$r7j%L)nj zQ5pT^uN7B%RQ7{e4cNpj?%8Mg^t0m`xfN3OdFR(1dF^{L9D7Qbp7k@Ge0o&)R1}-U z`4;c~)Gg(ZoxIJ#7A8Th-S1)V`T-39ioQ(j>?J zf>f0SkNUoFhTpd=p8|QVZ86*lNBFO$uGwRhyi&een z3(c2?FmBpp3@zkZ>iW)d}S6})_W8k z2@T*dp($72?C7_IhByva+9^~HS2?6JF?e?(DfdU+T9Ra)hf>hH@Co(VzVB~-+uq>_ zsyi&mB$H+7y&YWH^yl0wrcZG!PMOb|=3Yc;(-K^t(_+}+#<-CFiQsh|Gfo7?GwP_w z%}=|gS604O*!EjB%w`33d3x`oxSy=sJQ|U#ty9EZ{d@499v8ZHBh)q1V<A$64e*7TFAw9tyi`v%ezdQ& z-aNgwbM%M2*GvkDr1JUkc>c%K-)|B(dJ_&LY2Jt02<}O|OgLt2aXYJii5J-`Kg;C^ zazg!)ep7QLBe{KIJjo$~|41BvK(k??ZaY}n{>wF?gQ??gOQVktv!4o_Xn+n=;iF}@ zU(Qw32V01BCJNhTeJIsan`jKEqT3)533Apdt&e`c0+^LxuV|o_FG{NFcGO%+`}H5{ zY~J2CHIi`}I5UiJ%MQ@tr7mEiTHn{Kczvr_vrsp)FJ{oxh9S8*vO-?a9cK)iCqxo! z8_c_?%dAz{BfTyWEo+qOH@?3#QqzgC&4`b`v(>P(P~6?$K!RK061si1{hEWf zyOj4Po|T08YGQ{3mlP%!N2w2=h%@TP)Op#xy-(#>=Cd>+yVQX6O0(X(aKgGFf?Lxv5Ne#=12A>>Gi-5zfYcwvp09^DvU6uI>}g;*&27?)5Z=Q@&D zn_;o+fFEl>q;3udHEy1?Y1ZLAU{q$M^d+bSE^aAuHR`xd`mvUcKCS*{E75o@l(e#p z7)EemCtPNq_yIRmBD$l+uwmtFN#Xuu<+h>c%WKc3-qA}OC6%8{L6vm2`wZ9D=C>^@ z*6x*dwr~2K{~gP~<_>)jaL2u=8ILNF?sFKCQT4-PhA*mhA#_ruuAYZtQs(uW3eDe_ zQ@f3&$vU3~hfHRFq6cP9T-?w6y7zFN^#iBOJwEHuZMzX`Ty%5KeHvEerp^BJkDXbw z8mH7jDwp3f$pOe0HgHjHCFNFu%dG6Ur9sI=TgdkhbgU_?EG%j*PQ~C`24F*IcXs>u z8o|wQ30*#|MlCE_?`y@AhElyI76ZV2bTzwU=>e)lcHZ!P7;#C?FhM!j!Wlj65~4|b zV_MbatYByflJGppJ)dEt`^BgMwcgy;|1uLtY)q(pHCCeBwvBOp%5Q9=XsSK~LvTNz z_vg751-PoTEZ+egSup>;A0++t0-bcT5nhhpac84|D%N-S9M*SzTTA z?AMV?%_sgjgNh@3?rp8|_9XyxnE5V`XO=28A3AHlEA!yD^OQ%&jI{KX)XunYqtxWjlhN}T@>9BxyBYCTBP=felx z=rR@F3+sP5|8Zz5Zs_-nPRZ<^gPN_HWkGUZfO`L)?Nm`S5K3q|6Z6=W-(kOd!2#H4 z>g2VuKgMzqSH;$DANZp5dorMKIK+(1l!tC`{FY4r@9;mv^#AYRC|04sC1eM1AsP0| zdwhQ|)thZCa`P1*1BXo9sjE*jwkdCn@XO1aK4Rh(r=z3uByFO#T2&lejEH-yZM+T( z&v>j0wAmfMmgfQ@axrf_t7s`sx8u^k(@oqkK@fcvcF1pJsN z4I@|Fk01W?pK~J;&)j$y&vAtTQ|CDyui&$gqFk7l_o+FA*cC}fb?9gum}q)^PqpjU z@=NwzDJSJ7f~)4Xy@{J>YciTMC^jmQ=I+7$`@zfN4{oDmz+|+*-E(%{<`vBR%BqgsSYl~!!f72TUIB}M=_LEDJ?+u3 zeWJA~fY9}*kOEtO?th<@Q{+qHjgUiBE^2FObQ)LIlKkRoREI3uBB69TK}fHoFgsKP zj2{n}P=}rhNkGweF|N3@Ub7=f)M3lAIk@huNx3SSe$=hJqo2mUjhN{r)3bo4;O#Zf zc0qWG;6n5CxIz>ly*{SZ_ny=1VL3Cj}_fM1<&lW`px;9_k@DFLb^-M@s}A1X1g za`k)nfUZELS%+u{n5TE=C<*r^pWrpylVsZ#qw(?SvFXZAacSvq_48fz%>|;=n#pG! zd!)T)wB?D5Rr!E^N^-fTUH&JppaMXynSI8tw3m$?Z8gpsk#fonv`b#wqVv#|?Pln);0`Jg%Dg50PY|oqoJAN0e%( zpV#^R{k!({!JOth9}gAXc=@RM-j`ETs7w!yI)IStYPx$e70KMUyDQXpX@Q1*B5c2D zczLZ;0{-EHnxVBXApu8oT*0{+I;OA<0zdU4N<1FGd%cY-^sef?FLNz=a|s|u1>FuUi^Y;rv*}1}PTMnm--)M$={@ zUQrrX!mBV>>pgE^igZ5-8?8{0_2&9}$MGctdCJ78-$;$hyKddsIz;dxJ=<}>t3KmK zcj1XdNWS>PAybRY)gelNUf)Ec`2542jtatrQRgaYP zWHXbDH~V%z+{$Td^`WOdl0Q(`OX{DC1rF{MONDZ)Gg=3i03Pe^s&r$oE`u_>1IJWT zPOT`CrJI;*}(?R&5&~GOR5jCeo%y z>s>6~mnvIm^Kum2t^|i*zB$VLV7)Sz_VVCXcK%>w@iR`jp2ne9H~6I!NI<)}P9_E+ z{R+6HFsAC`ub8y@O+7P7L!U{+<(BmP1%>qz=?`|D$qe&BNNMGK45Hc`UW4=WZHiSW z^z}J!fxGBE7Z<>nF+N$^iRsA$CvFj#x-e>Z5P1&p6Z1y>>k+YSeY{%;opD+wg@1l1vgN1^TT@3-A2euoi-iy`fOAx*xKpN0@XKq?QLI6(!LBf< zhY&61IMaddzaXBfKg25NpjOj2O9@|yi#ll)vUY|{cQW}MSYA^zpgle)mzXs|P+`{3}8agnmAabA0m-;U&9uL#)0( zX?^6!qr&N!mvk8X3H8^%RB2SzuMzRh1OH!wrSEW++k7KJm%JtpEdCAz#XfLfNH4YG z#98><8}6MGrur3Fi9;DpyDk#RI^DEMtQ>0w4BVwX%xt)obuGUyZg)#KR$i&kx10ii??}4e=Shs8GTz1hQFuA z#25@{-ak|0JO<+((n;=aGfuTO*L(APD$($UV`RcLbv|PYo}v?BwKsc=dv~2Ii?zHt zeoAYoeahDouVcv72`nv)i7E6t*7w8ptECB)_)n&u1?Q*=-t1jJep)AKNoeR{z-dNA zg6j4UGtb+(#d%(t&AtoALoOYlV57T9%6}d8Iu}gRy$V&{^5_V1>>|o^;2L)8Yxrml zh5%PO*&-0)h{k^@qouXD`Re823(MQI8BYw!YcWst`s^zR-LENp(|AvZi8)d9$tNDg zEw9yc^aU!YlSf*5)CJG>ITb(J8}xo*ugDN_bL%GqS>Xdjnuk|0(DxGV0N8BZ7!!{T||9O zJA*9TKQ2W*=I5uyd=ac28>Yk5a!w0TWM%(CjuN=WZlvXpujb& z;MJ?^ZdLov6mlyq+@w*ut*_BU<1}+&jG;UEKryqzo~x^~AZ<^%W?!SlY_ZepZA}$f z*B3T8DEgING?7ZaBoIFhh55_N`x_9swKG+E8+H;S$OK22|np zF~12hx5m{+)ov5Yoy~`VbagF;OISUYC+WDD*(ZPo?N+~kw5Q(fQCyZOJ0@m!lPm_r zgw5qf=G}h($g%2cS@X_oAb+$r7UY^=soP&9yt?tSOB?xU4@eaqS`tkHG)z2+>O28z zMx_?Q0c%r|yoWBXcS+Cu=uVd_tnnIkMQ9k2IE?TiIPECx5FqHG}rOX6$|X zJnNQFgM7_ntY57IrjN~os=!&Z>N8?D<(!AQy4FFVJw2)SY6)Vd67XZqtx5L4Z96NwKVJg7!{ zClCAaZaJ4Vk!vK0U@DqGj_$7W)(B_~LgEIC9qzB%#^x&ryjNrdCAFe2=Y?z*=hGS zjTW{EN7cFzY?_;M{b0bWQccU_$)mbHUEoE_}MX3arv^JPjD8V)P z!C+1rQhW5rw@BW*sBnt!^gZl~^Yqmm@jk;yx6Tu<03YjwOUS{j96m%H6^{4abI1-c zYK`F*U7zWe*7_v-0cWrdfQAD*QhG~5f3Z&`nbF&LiwpqH9y^h6@e#^(p7ukt2gGl& z+i^7vLYlSUYZu1{v&|1CV`EmL=lZ5GFpOY{>>?=Jeadi$F zTZ<{Y44w!fXl$=d+krhH6}s#H<#VxCbBJ_*iCK+QXUlTkEKgMV-ZscPR6z-F+gIb&e2;+ukHt)Oof8Kz?^^s(psXm1IfyQkX$Ryo4zg z@6F2}9M5B0*YN?dh0F~G}Tgt`+9!gEeg*HRI+7Q zUNO|9e_FgWxsUmA6ROm*p=+^XTr_0r(~%YBsj8Z*I^;A!Sr*q~WJvb1wrZ$)Hbd>nG&5Qs(vV=7A)QS~p zDH%<{b_vUv@|63CDyY7{m>_vs2gXHKDv}eSAxtCS^bw@32sFeN#HtNd1!5KCJV%Ea z=Wu&{6|j}71*G+yT9aBWbAZrQ%OMGqLafM$t6o3$D4~%|ISCEflJ3S+JWwH~S$1M` zQV_ED-Umi7a++#x8T~_FK6NrWmOTFB)IJ-?L+R#YTp%kQS#c+(Li`pCJBBf$*!@J$ zlK9AiI=?qXhhZl4M>EXM4e9jpkmnbVg40>EAg{!G;V%IO8J_4Wv0FbD%)qo zeXkvW@lmogYt!Cw^Sw&Wd#ovD?jo>Jg-|WC)9&W)bYF_7Vz-8T$bb9|#UK?&KkZ-L zGdZvR^VfWWShMYPPUz{Nb(MOWlQ?wWg!wOKCq!f;G(`@F8wE;?m zDo7b_hr+I4YafkQ8qr~rzx1Djjhdr@US~e3Q$zc~fG^ZD_-y)1G4i>-3v;|$a0Gc} z$ZG~h33Z4`7Y)pmch8=FT7Tx0GpwXRETZmqMAp!rrW_;Waz;|{^D!M#BowG ziu=}WVrB-)wMBAOJ64Jse<+_81LfIurG&~cNz|OQDN@aP5^&ZvyA_}!m?~AX=oU9j zQU5G_Q61~suBuRR7=mC`7u!%~MP5NnUZ-UKWNOnI&7Ktquq}S?iA^xOwI98InF0hs zXvLgA#)@>6J}Nm+3sXGZC38Pqh>G?Mp2xQpzUq?@jxKeOduI8nh8cM!X%bmZB}Iep zxSgHA`qkKG6yH6s(58gh;uZ~j6y8tSxJ8{DnCbhF8g1PwcR`|XX{lz_XXJ<4%N9!f zy;q(+;lRB>Az5cH1VK1IioeWUo*9lFM;VkYiNAg9`*`))nZhOAnVQv_u>&TbPeKq> zb28fqa(Im)f5#Z*>}FFWmuzgjIC>}8){Uq0c+>gjis~9?b4qAKOf=0-lB7Fa;$yt0 z923zuIk6$YzlecCi|Xgh#F{WK#xG2A`rOgtTp9Uc_S7|@l@4>BomRq^-wRthb(Okz zpfQAy>|Nu@gm8G2b@|BS`kxbY8;}sz;RKZ?Io51?hQV7 zt4gC#OC_rXW|Vh?es{VSi30j4U>_P8ZijMQoZ#c$=)LvMMiNt7}Ax^eTU(&bQ$;^|Yfl{-M{ za??Rm;lI@es@>zIAkYq&-e^<$s1M*L(hQq9wtOAP0T!10AM-&u!t1KZY3vXxB;;XX zp4GR4BOYTRcZwUEbFI~S>^3!MF-EZmmiVz&uqt@=()jmRhbbs61Xu7`esq{pjxW+| zSFp-eM}pKeP|skBVWpSX)Vg~G{4B;F7d2I_@(laBSbpen7<>YTY3~<@;Mra^HP#ZN z@-71q{SXxtG|unda7W;v#C;Su@>tL{6Fx(%`24Qm^s}edf|ecQ+&7BkiKjb_!PPw*axz5-3Dq(babarCGn<$;ciyX@szi^UI zGAHaLF_IanHqA7w8ZOH=WOhf7l_Us$04`TPo-XBi#lWWR?E5(1^ixN45^m1u1-!Ua1g z;k-K<%A;GCe~toht)Pw~t-oH*&WnX{(X^*WR8h|%yga*csHIQO>6`i~@t>D2NNK~m zU=6`34%J&Lkp>P3*7a+Jj}nC2rnh~Rru^5AI7c0RxtSSMTd0^OIDOm3^9+PGkM-4# z)-5$McU7l7Omsd08$H5*tWK8&$?wpfdjF`qA$EvZ>sGdw9ZqE+a5YAdH~GOpVH!>S zvx&XeXBB=}<}{2#RUn9^M-LcJVmV+U^skWx#}5HkOL_Odr&xAFaMNLYIgjkHzD6w$S4|hB zLp2o}fmz5CSYbM)doS|edi_=ChnNLYpX}^mSMYvi;X7hFau0M%Fj#G(e2NYvKW4x$UGLdioi{OE>fc4wJqe{zpGJ~`6#0K!AUGV zhA`%rEd#}v?Cq}WvCG_x8+d(7>sl-i_du$m&w>Eii{XvO$iJF|49hp5fR)CKtg&w_ zjT#4TEeh|<3T63UhBhpnU+-KHJDQ;BC2Bh6Izp~$LRd}&cniQ3`Gg6JYFOW16NS=v zu+ABiPM;akq8M%Hs|#mdHMf96CH-FM)fQztCtL+<+cGSBGjxO)fFh1Mwy6*nucNua zsqdfr47Z^Sh7rk-7?k4sxB_Q0{W=;0)~8Ak4;70@9-)j1Jp*_|`p>D{YLN*i%>4XmfNKY3b@ISjnIVPCt0f*tIub~Fr_&xhw- ze|~D1C&3b%CGS;0w;ijz^J;r6jEHYo)}AQTPCey=8%hFh6kRfM1$Y(?lyl8&<&deZ zQ8)M#R-q1Ho|y&^I2k%tKm8*uOQoTHrYkj}r}*BN7xqJA69RD+MdwC`Cp?c_e@2Fe zc;;X1i2Dk=`!Py??bKCdK`zN~YzT4z@i}zmElu}f1hpf>mrWcR-hi*~JUjU}9eQITIS*ndy6OPh{gn{10s_i|L}NEQuJOR14^(^wyWze62O0?q}Pxu(7dy)=x^G?qYH|C=!zi(9A7JcGizX)Y9uCN?wwb zcxlcG^+ZYxGm_QwShA2IJYhDble4_<-NF95yD|IHM7c8~*8&s61hBR~ZF2i3_(lyK z+A?d8AT!V3*^pC&MHAfH+S)p=vRMj9G_KrtnP?uP>_uAz=_vRvo>^{OkJ+77*+0Ti ztPn&5#2{4_sKLN0VP;nAB24DMrUqI4%?hl$t(t7t*68J`S5{wF#N9vRLIZ zK-&tW={7{pDptAVG*pu1Pn#mtoFNd+l4DdCIfdNY#xsuZ3z2U_@%ctMZJnoniN&4c zoC7JL)zfsQ2{IF02`a{y*i-7?SS%l8@+JmM_-`-t5)O`yohL4hR7qP}gUcj6H<$m? zp}RGC7{8~{oydt$qAP1+2#g4n=tLSGe^tP-gn*o{%_i60vwz2Ktzq=P3%4z{wO_7Ug2KJCnpCOBb zenw@ajefmhj=PJtuV4)uvH1~PSAQC6-yHeH+!&hdN?4F$FAHzWQQ{R}HwruChYFhH zq=z2+TIJl(?kJz+d%dMYLaX~e!$GBoyFO0Y7x&G32dL)TLAr`0C)N{GJIr)28wjD& zuCvS2$ubmABoQXU;K0o@j)@uro=5g`HsKhLHttGr@>~dm(-Ry|edYs!2eK>Pon(0h z>N{&)<8&(-MoiFCmXz+{*af3#;gQb4TmvcM3M-k>V|$wQwrP2xnO_H|@$?H9-=9|!!7)l4UN}+g zH(mp0hZeVmZ}IapYh#Cw`_%quB8(?kHu!2}D)>yb3uVh(GKL%Cu6**|`jHicmm~x` zAj+~FK0H1m75u|pLsK(eOT6wwFoWrxJ9lc^?h-y%lYNdY`y{ti<&gTtu?BQk3a)7` zR%H*FC~Vkzk#;HFt@*iEk9^z4`edxidDw_w^B#$q4s0rYMN6F zyX{DIUEcV&&JBg)lq#8Y%UdG*&qb(u7*1^7?U1aJA*roZgvV9{szVTi{HjFS2SPTp zD9eq87vGMxeIYZ-Xv)*mscP7m=QWmTC*4Qw1TKD!1-^@$FT5arNe==&)d%GwIBK?u zg&hyL%j^QW1V1Wj!959-KFyM&R`DNc3Tb?zlN6WjAB}2;j$A_x{v@n?^2ThM9zdt{ zhqbRJ0FjjUBlZxVJI(CJ@gqk+aUnC;6NgKu@oXWN1I~@or1KurW4j*P0nQ zrr2m|^h?7nvM8j+V>|-x+LX}6#}Tua-zg>FtP8g~y>O-NtL@)OJ%Lx9jy0}m7itDs zW*hA7*7JDI4UB^*d4ebjFR6oK-E1^#{8LYR!{|ZXNRU;FDzyAz(D==H`66Sa zqrQ^=Y;1$wEW>EaplTOZ+Is~t|M48(h+sd919_g@*_wKIB!*qPfaizov z#_dP#;zb@ifm^2L7s*~4`O;l~4uWW-#^_EfNV?;s)-DxwwtLYWdCHW55$xR`;^*7p z6lF;EIwVJb&w4_4AF*dY9IzXk6H{@=0fIQTQ2iuaj&e<>efHVqBH(D}l33CC=0^Mb z+PdGtHec9u{BGGf#+LXlHmL2>fJ!8#cUQnwv+K)GBOoJagyFeariBkj##2$;xAk=+ z4?r9ts|k}|$mJ8Rljll4$v_bN*F-!s1>Dtp;-#sC&~9KjP&p zZdvU$`RTW9yk5zZIWuzlmF**!K)y}Uw&OHD+Hd@TY-pCT#k>+j)&d$0&nBG;4}bYf z3K;#ue;2HPKV zVod#Q(xQj=4D{PR1kN^fxwoZ}2aiU9LcqmMK5@%WQXiJFg=yz`T)Sfs=!OMyRH%rCw zLM6&Zeo(g~n2<;OFYHv_UFcCr&%MkXCz#iCkBA$M&(2a?C>(tr!!jV*oY?>mx}J7) z`NTj)Hk9)$NN&6Xk` zX8G&r&!$wai>222S%6h^nhhatu9z)EHuo-c$FR{iQ)g z$2LwW=ZOb7G3`jN=?4m)ZZ#(_W!mB@eAae$LN9T%7H5K0j4$A(Z2VQ2#NnMYek+5H z-dqG`PrXB7^;>t_x!HdBH5Od2yjWFRyz3)EiiVz9iA8hqKUsaN#7>%?aEr5SlY7`_ zaWnR$yLu8lfgkHg0eRXGnf+fXy5cS{a6kAz`F=ZFx=-ky*>|UTBRniempJCw|T3RX;UkocWi=LhvCkCD<%h zK9tbqXLYV3zL$ZOc+5d?fT3e?eMzEomt;-lqwT8*?>4^0Q@ZM*KRXh(rpMk`8blt| z0ql!J$Ac7Zhk)LqgeR}tX^Jw-UMNR{zVk`XJXO2XBQPpF1%Ib zTzF1KoI%6VuvDY~aTteKRr>KEG{N+fV!M>A@5*uK-{r}e*#U7U6ZdZGJN z?Evf(-J7D8)1E@~-?b_6eB~CEqOeiHgYzGxKx()nxOfbi{YKV^Wu2OUl4^*4Uoj;R z;G`oYpXB*Y+%okptM3k#= z3xX2?gfyd^W{l;gr8?8+Phtn{=5yI=i(n|%^xPbNTBL5yP^DRE@ss;NAgPDodd%6z zs4L|aVWTX*TAYIJ<{isRt~<_We*I~6Tys*EUxtGbcUJkN>~_EerTKto96QuJ z`e3Fi>KSB^?UtXd=>YHs-#BVA;U03dH;YsRxJSA9$QjtEL8zNtmb^P#1r-^IcgjDM zsJUwWZs|k8%a#rt=gz~Rw8vaw?i0D*v$r(@)J)`o@|Jf96p%%L!XB=w4+*o_P}e7_ zJAo~jCy?pI13`GTcK9fDA4Nu)^CIb|#N+ETc17E{;cc?xy=AzQ4SFsWjad;yFaahA zw<;-*y-|~!x7xd8%+Q5sP>y%=4Y?Pf zLkaDS3}^hRX0x?8Otwn5157JyY!#57aWTLE+CuU*t@kbp29*wj2H!brk7-4}R)f)M zNB-p|f|Wjmo=rRvSK6Tah>=?aZs}{P-_{y93#!X)^%^6f{1i#=0<9d5KLiRPzeUP? zKdzEk%#={YvOq0+PB{KlLu}g&@6z{GJ3%*#=A0b_Vak`ivDRF_P0e;Tg1E2gX9jl3 zl~gZR^(x7|VF{ik)A)Rk$yUc%5u-OLH%mA$mCiy` zc%Z91oNj#!aHJAUjLp1iCl>floS%`+CkUO7><9gxe;=a88>}WxwVT;SYz_P0wOa`3 zBSk2SCmyU%ZqO6gT0F9m>*j*gInQOvv*GdlB9bxNW zY*zla&2E9FriADG>K&kIBp>t;NcpeW)RC)U|M5YQ@XbW1DexTbf@T}Q=pFXNCl~8f z`az{uluWUMx2NF-NcY=c%ELAXjXQxRAP8Cuq@;(*M$P{el*y()X$%456&uZ~V#Ua- ze3nd1yg?xr6hTkLUR-)_RgH(%*r0>XuZ6QFuY^Y%uvv%T3WInPVaHC$FDRk!^}1#-(S0 zW+FwLcd2#jglcRTmo+TQX~Zsh=fPAbyqBvVwEG2MVKjZ*FL@7d zEKf{OZUT)at=SocW@4x;HYG6K6_qQt;A^O00x^j@UH)>IQA_5x9S%jHfGDRX{9Fzx z=USf;{5h@1b7cUZ!Z6ccBc!$3Xm{Uf`P2NBwW%~lPlf5b`fXP|!O<6xm4_!#1?M6` z{e32MDLZth{Q+)g6PI2&9*7h33iG>s`LbCmN2t$`>HD%rZezv{@h#gkoJBV#vzK#v zKr~DpGVLyJ0ijN3WvKijFrpR#duJo)x?1~7jp^<}xUGu`6ULnJqk0Z`AVmE8JLs0X zpsT|mN0nlotaG?1(|$%}4odO{ufQD1HG6|be-GAH&?|Ts;^!;dvNhsN!QeBTYIkrX z7N}1LD6&yKGm2tw`9PTt>i81ujqRo}{~46!C#g6ms-A?PVg|Z;5`%j36LECR^icky zQeWlWvYd3T+U*;rp>u6Hu~7pQky}FfipL1<>YB;x7j#fz!-$?UxJo>b%0SPPVII)` z9KRVJEZZ9n3)&iXAUmb|@-$ehf-M|gkq{ZliMUX$q4j^8)DAr^n*+l{(Be|Qef-FGqQyEEh1Wg=t!$(DmXny-YI z@{}=RUtPCzv+sVLQNOQr_70I1$$zc=372@B}1K<9JuMk3YGl|j53?{@_|M$#mOuE-s}OO0WKdnX8Lk29TYaL%uD^2rQq}0 z8NSF*vsbtIK#U*U*gR#DA;PO}tYFGsr&E3P<9=ZNu zI%yUc3`$k^gYKC>73ef{R%p*Ptk|a^&W|MAx7rI8@sZz7a4u!Bw1R%zVw1)gmG>7g zP*tWq+yi}+T}lJ>+UCoVL#ekzoB|9C;scPwAZrVO{+xm|am)G?Y{~2wY{o5YkBRS{ zJ1;CeJ{~)5gS&$Et_uV%jC|cpg%?bQ{lv1(lMW-}f^dsFJmFhyykU1avt;uoe9)Ga zz_+u0PHxO^XJdYb!i8fi#9DAh<$Vd0aX(NfbBv3PbikEx#%rcaQft_!vuH+|!4~K- z4kHiIm1h>1+?l zTqI+3%Syk`Awx8U-Q#kSAg_6#tcgs8iVRvE{J9(gG?4HA@dDfrCHN!FSLZ*zSE6bIHKI1kE$ilq_@}>L+;CI~&a|uppbCb- zbFFS+x9stpY~U8UkmGroJK)vM;~c$B^#$XIj|-w*Qob=L?hSVjU@@bVNmWMIbCkf2}XNz#QCHmG@#$%G79t$#p zM}!f?^#IjVZQ|^0HwvD2P;h^Ez^)jZctw#(CmYXS%u|{gfB7T*heo$Z~hh=5vCf_OXIqpCAF0|1IK)&FLJpfUL zUA8t~Kg>+_Y-WhY4JeZkg&$tCK>Xh1E%h_PMwM;9)n$D>>8^5<#Q&u*l%`?6>2uYV z4((R?W4yIwm}@{@>#LmJI^u`p0lt=qoLG9o0f-;+K6&V2x}zCR-O{Qjj(`A_qP`XP zshFQON@51pIoE6u8{j(Y-4ph0{;0N45GKoq1}%O?-pZ z2wgAwp?L|t5{7e2ex`0j9b$2TMt~bwkGWK0t{wpXTws3)Cnp_RP3*n4mzS1!ivTx! z9`D@~K#S>N7e#LlETG16yAC)S@66;_q6JB(+(;e{pWCiZhR4_~#{n8~XlFoWnOnjZ z(ZaIf@r_IMFS8||5Ny|aiiY;r*d~Rx|7C0$FKo=x;g9_edUW%-wm@LKH*D-|*GMZe zRVElaba+qHhcR3EOzi%M_~sY4LR();LGJ7O8d9KE5S{gi*}X}%S$NyRnxE=axawW1 z7(Zp6VODDY^ANvq;N}EC>&07dGhqO<-rlL8$H*Q!A4hy0!Yq?YJM`qnyMJEn^sS-U9UMoiO-3Ad=RiBRoF$=bxNdA1KC0o zMxU_|*uioLf)HFxKCg+bO`I5g=D>)l2$<7}c;Pyg+#x~rEc&ceWnM$T+Q9Bqq<*_L!2#p%ayLJyS4``#8ZNhp z=eheoxksSQLxL_hIkT~!U>nvgZ{s~VnT}gt0n7E%c+J?L8nGxo$tjTX-j^`)L&3%W zMV}?a@1}{oBOmCUP))>CF~LTaY&8UFzv}!ngP@_tHg}2de_R{thdKaL^ho!_(>-Qn ziGHCDKiT;6@E`ZjPsaajdhi&r_Qb^3^tQ^Yz}kJ*b!p@{Y_ybr5*B&{sdVmBs36PV z2CJXG5!(QtkIiDOa$7SME?=A{Ikn6iYOi8zai9EitSO;Phoyi!B|^J~)&#iE$u9FR z50AgJXP-E6$$TIh*tt*Ho6BlpYX{x^i={!pE?4-wQTV?Zc}b(2SDX@A5U>czv7mf$ z=9h2eV^lkJp?$FHIocbG_tC9#PZMM0WnrU|SEid|Sde3K1@gDl{&q9{?|;w2n^&yA z3}Y62IBoY4;oSUORA%@8DSYFN!C+RT9ZcZN@ee*v6K)<@Ktz>m7v zJn$$y2~v|hSXmh`0+KP!p*M_gjVIDf198XaI@|H<7SgRj(%+CRSoE_IP(wE{Ry!mV6*?%)lCU?d#3WY z)rf4MsBnp?1u8Zb1jkv5$ooHzUqBa@kDco&JVN-na+6vM{}w*sJq3RL+h?8_~E${ z-mbezu)rGnFq)F{a?d~&EQqq!qVZ$=o!_{V@(SG9ZuE()BQ5A?(kjJxj9>F`+-xs2 zoKowXuU-)OkS*40B{P&iXpju20$ljC-$V$aakZ7R4>T!iAKm+AaM15xo`R>3HY0gM zP3nDcr<+N5;8JB*32o$34mRNl+x3_qsVSB(?711sC2tVJqa-3`R((!-ko;Az^A%aQy z3~+u+X}twp-z{_#KV}ZRh5R*6gYkd~Vjj#PTf1|i7 zI&}%W$3+tmvHTk^uN91em&Bx&mz?~OWNh^u!1+9}AVQ{kug7|~oWrOUn9>xChUYpO zAokrGJA`EkvO3|YPAsn412&M}+NL*73>#)5fK~sewomCRGkW_8^4=@-p5v>Q%^~w{Nzf!GLmCpCZdTsuSqEPC>91BsA-mWJ zChah`vnDq9BWR|>z>jnnLLj$-x=0kSPgO6Dx1cJerOmyrlHU*@Pq*mO+|R=I4;IL7 z&ECmxa8aocXE-J9b6?So;xfX#^f1GyP^^H~Q|obYUTZCCYngE|K?53q@I!xmqXDIR z)!JOSVpIu5J$UtsBg`BQ$3<7~zaI>~WaaQmw#(_lpcm*^kSQVA;2#bNPH=oC^M2lt zjT^}nUkNsH)>vi3Ak$6B6x5P)@BT$#@ur_UBucWK58tvC0`@nQPm!ln#`U$p4*>V=q@Jt{GLLd*yKGCiVCdH9*bRXsf` zEkZU2E5W;0>Xw^{d7!Jd67*I|JCon4lNP>6-`6ZStq@Tnjfz#;N--5L)#?E6T}p7p z4z16#xQeV7o#t?20@k%+SNyw-l; zTBIeJ1cy;>Rgc)x(fqUX^d?1C#w*+I-tN13?joN%=mVPCTDRIz%}<=Og8_3vJLvAX z%X8BgxXsr;p9^758}Dzt+a9kCGvBvzsG0o!z3WQ%F5JgK4p*GJK~^itFD2sL0_@k} zoeOxm3~%Yya@f8(cpnrrE8Z&a`VmJAvLb-lyvQKG>;344KLeiZOD|Zb?8^$%?@17f z-BwlQ#TbEh)gqIM7u#tvA?4|zXPz4dlIu-CK^`$}W9^46-$!$alWQl7K1g2&X1 zP~Bi7#^MeWKsU%V@V?m3*NYc{GZlFE$i81K*}X0ibdv*{2Y`hFEW(w^%z*XZAvdMl zEr(XRC^TO_&%1xCmdlzd{vegebg^jC`e1_Q>gLqiNLZNLIdU%|vl#4D|5G*GKn5GA zvWvLSJ-w2A^V&ZmM*juyA#mDgABgJD;Vys6x<3h=l(rC!rG&FZDgVHRLJzRn0e@ts zHO|2f-2eM?k!1=l8Xy0;L{*;sr^OHnp|d{yAm~sGaO}m>aV_}|{6^h5{(3zL%$;g2 z?77OXrX_!EEMQ>CH?{xk1j#0KcfGf(AS#lu$;?=D1Id3!<=5}vV=h(Qo%-?j=U6Ru zP5!6PjcWw_tu5$Uh4lT86V&cv#S35Hp`g5Y+Wj?7SWDzzkj?Qweb4WX{RFBEgr^mR z)#$ROHX+P-fNSvkP0#nM00l;$lKmNIKJ4xPls^}LD}NeF{#uIC|EIk-kA}Ma|Htq4 zMaW%|y(nv_gzTx5C4{m~Mv{FQ`()oLmF!!#C|hC(nZaPhoi${e!7PZe4Ku>bV2t^` zRQLOL-<|hgzjMClb3W&M{oyz>!aE6qWGga9S>KV#;L0M4+MH|wz_sL#pxX}Nb?-$4dWWspIqH}zqu?@>u%lP@efaBATOcQpHv#yp39jXJ zZNU<7K*GQhfU>}u-+!07U^?SE{QfM!0)*WI!m-W~s>K)lrXJm#%hfW^e%ieB!nWYx z&&g;I&)Y==V1#@G2=TYrgc8m(Dns38vk20nP%!tU(PIZN14p0X4u$zxFV2b)xsR;? zAUTV@oR1dgtHoPXgyy}iUI)0A?nU~;u~firrhwV)&1B|^gyTX0%?}6ekyt9At98zL zqPL{YAWN~1Haj}c;<)*iwU?|T;mz^OHJ;Ul_pS>mdtaBWn@;)&SMY?+ef{+1AkrNK zKYoR-H7EYq}qLXbzz{$fPW{1T^JJMJ5@jQ2)F^wwC-(8$HvwGQX{VlrwuYM zU7%ket=NqpLGY7?&kn0hVS!S6N#nPV*U1;Pe}nQQymC+bzS%{^-? z2`_;O;-j|mRBVB`=fn7OJT-vYnH$eFeyK5C5sN5ucnS35EO0IH9zKF-;sxq00g=iL zqS&kXnYJ-=nAKSz!*-r?V4z3S6IlrsG>7T$K|uI5f@{|nhV{_^AaQORoX5}rQtvbX zW-n3O0IDniBfjJYt<9aT4-}nx!Cs8v?>K^}Xe)E5%>iq&IyZ0bXk6?ZKs)O_?)X=w zlE7Tbjx5|}*xH=&2Ec_aG|JVOk?imoS?m0)BKl5&TlU^%*cl~sd37V8LE>l?yE*NV z(}Mx+U)v5w#Ma1)VuDtJXp7D+Xx?prWZi)qYyb%Gm|>(hQE#*{2=Ninx5OVf63B_% zZp5|$)e61yj%Jiee-P7Sovvh}a1@A{bq4&}5l$8D=FMH)N&UQvemQR*RcAZ6x%S#T z!~{Y4TtuZnI^%pzB2T}-@ z557w5=2;EBp0Cw7es|9c7Jc1C6;R8QSE#R}y#%n-Vq2hJ8i>*Zkb`TFpR@R?cKZvx zS#!r>+o|>F1Aom+9S_;Q3S3Bf;^X-jhP{S3U-%B5UD^B?g0J^qatV#|dEd`Yy*V|m zrIelAy!6z#VE=C$DHhmB-IdPx?gUEz-dusdfUEyM&$hoO^5BSJc(Xh5^qXscZ_vMH z*aOhLK-wNJ+4Wm9{y;NW_Cta@b-n*+-!lp*jAGB%VgIce_%T2m%tL4H=&zOZ%WUEN zz$xHyQrqPpJ=|&VLk`f4|Fx^p|7d#WBRD{m*1uK4WY2HSECI~`wcaZKRyzZtJU~Q{ z|3)I;Z_T)g1FBW{gs-Rn*>#|OB|v)ufBwbLf2{JeoA*_LW`5L%{QHesK&bcsnf`yb z=}*0n2m+!6aOqbZ|DR&Y&uKsU?g~&!wi~Z77;4OkbC;Fo@}9kX^k41{_)O{ECYEz9 z5ZE06=&b+tGt7=)jq1naziC?DF9e)hFJvd8_|JdvgaI$tT+{y>GW_jpWjp`Bpj zzZS{=WaAuqd5)Bbs)zF`mX{#4fIe%pK+xidm-E+m71?26g8=gU_5kfYgSZ_O*kKLz z?W5sH7zn!)Do=%{t=APEGZb(!{m4SLh*9zO%GgY4m}mO&fU4wG66^ll@qk(8bAXI; zPCtzIG*D3k=vwVxt$xs6A2pA%-rqUy)iT@Hohm4-HidHTUqo6T@mYwb)C7_1Z;%^F zV@}?WgUO4VC)vk!a(zB`Q3nbc`Q9Lw?8xbD#_AKd zVIJTv}+JG^H@HBHXuVqVyw2p+1+H*+b?@E{LRmgb7~_>=iZ!_^Iw zi!;fNfI@U+V$`>h-3O*J6`f~?c+>pTmC{O8G|z0Zii0<**KUO{(V;nmIdmrLg&M>D-oiPj>?2MY zB7L`>>t{`F6FCzZn%!r+;m=YeGe!1TJyRQzJ*)87^Q~GjDl1G#+|~ct9o?77v-L$C z!|bMC#u341(}N$GR;{_peiQzN1SeQw^DYNy_>Ie@y(k-z@-}x(oT)J>7=LyzNj1I0 z5mDGtSQ3U_LZ*ta`1r+1+b@$>r3*VcLM2T~%Q{wMyk^wophk%lv*%x|bH^M66D#*5 z6>jIP-HqAh~z%s}^!{WH^Df7aP zklfFm#{^AY`uNLk@4?n#MXS7rpMFGHAy?#&y{f8ziY~`yPx-xtxKLFBmzzk_3|`bT z@^~>lbzrVVWo0gzQrw$8o20Z&(WsN4_7#!c%7+)nHUiKl0pC-NSK8YIO%R4B0;q+^ ziy>DgSk(hXRP7>7l~x7UUT@2Whp>CNX@LL|m0>y_%z3z!Jd^%f_zvt^bl7Rp8zG_$ zy09Lz4t(R()xWs_Fv*Gr&*(e1m|x56vB&|Y8jJB+bmDVAU6qOYUV=u|a2(_ z?cwDEYu|jLw&@*ut+yBEJc(!L+Xh$y7#oZkAvh>|L&@B+)~6m`&7fR`M`dqb^*3wE z?O!a<%HEuF?W4=1k>;xXtFTQfr*oigNWfAmvhe<=$8KTe)N754<(2Fun0%H?1w%OS zTBr`wGw|E2oKEZzi+jK8gl209zQ%nz6Ktdxv3tXQu{g?YrsMArh=7n+8tP)oF+-1TLB_M$KS#^4{ozSx~F2u_1dnu1o9?rnKZp!E2 z!?2=$?m6>;UF(F?31OvvN4)C^RjU}11Tw7MyK1?y@6Z~`XmmJX&~H$Kic;bo&m}(O z>gda&H1?y)brL^k4WQ!t>0FM1tbA!M%^Y!W*9Asdm^JSRBQks2eNuq}K$}K+boslr zr%ipCN(i4&z6T4=giQ{4Rpxw0@!-Ds?o6fg`V*HPB0K`#s4;QpN2_P^ZV9nW>X|Bj zPHCHBOpkegKemABH-w~D7MFT-$G?zVhfD7!I3A$tv#Yc9WYveEe2Y`$%r9bD5)8u0 zGzsJDo3uJ9YR_Pu*zt9^roZdlm$NX^iw19lsw0^K>3ok_95^V#@Ipn7wW2nm@w9eP z!FJ=*?}^N$LTmNJg^~(|(hLzfU;PX1%#VtO=%$2ou22Wz+92>6G!JHSQNazI#YaYc z{VM1fxmm;W9CzuQA>Unt#9SeRM0bX^OA)+ZhFW88LSNeUknKz+Q82-*H}7Amura+| zP&G@Op)Zo@9y)1o771%$U>c7U)Akp5nXFjRrb~%2EeKmZ?!0wR);XOoupOUxj^CeY z9Ss?8)D4p>!8C^il`fJXcZd{bl}p%_?l4)1ji&wyZeIB-*Pt(s094B0iLaAtzzS~i zsw?wfh~B4eGF@_Kyrg?uhzE9Bm4_vKj_Fx!>M|#rx+%8Sh!E1VcHqrjQt&0zDSXNL zwpe~_Jgfci3BAr^@i+-cgF5=Lhc&)``$Y`VCceo|;|$+wXSLWP2Pn*8*f4_yp)~C& zD1sk|%eA~e-v~V_*>Y@`ty|djEocF~xpim2w$#qe7H(1Qu-mwYeou&xC3Iv*7WJUnDWiHpB5@cQKfXp>XV+|Y$N=z>;lZ!Y+9Th zA2w&e!lBfegs3s)jWzvz=m;|CND%Fo0JJh#9+LPnYq@N7W#*%4+`+P&>Ksc6j)L-~ zFHUrK#v;_jOvPBB#X`%_BRER-qpO@7-%5o6@?pA41s|FuwsJz6uo$p{Nr`gF&dnu6rKy zKHitXx{iNQtPzlV=sTelPwJ{@%2EDco`)J9%wvog>6^_2*gT(o4QOFiL|`6{DEN9J znBMq47odQsjgFb+Kbe znJdkW*vA6*jSk-mniS*>={X+YK67~~!yp+PBAcA$OQty&3uH(q!1u2o5|2+4!mD0p z{~()#)hW~)Z6!1SXyJgMs5@QLvS&UX3K`QTPVM7To~A7}m)j06f@gW6ZxSEJ8INX2 znh+xwPa#>`n`U=W^cSHN3+8Jm8)?#i4|#GdS;I1F9Sa^NV0puYXK$<1ud+v)$Hl9t zH?+RiONQROQ8=q%ES@LycJ`jKhJNUHrr`{RZ|)0T&)1==R?VU@B?WSOcHdiYfG$tF9iR&o z4f45kto9Mk*!s<78apa~x^r9Ii&V1jg%TLrgwrIREk3=Sz;TySqJCAez-PX%bQ&eB znX(*!o98uB_lF%js;0E$Ubk6)ASY3z=F-V{_v@fmJbSH?pyy*;aO-{dGZpDkfk%?H z90g!<@ZLmxCsZVWYUSwQ(DhwBHp#s{trc4>)|n=Q^|tOKxHg)>-bY}nLEKsatH}1z z?xz(|BcaX{~4;+0h|`q&4|C=W1}Z}SR3>0 z6Qew(HPGL8<`|ZGe;1UU{hs?mq75Eg$j-`}y{gt%X(5dW-s-B-UcF%$uu<4AH{oC5 zqZ+NAJce*RO}lz|j`yLK+gC@A5OTTJhInqM=| zuR8M?zmUL+^bd+xUTIl0GmS8?yv^xGv#CaNBqr4+q}thE%kMLIWgou1HrP4aI6YI*GR=&pIMRTgLP&mm(jL z{`_~(q(S=&06<4HGj_=lwS%Ni93n52~scWv@`nR%{Mte zU+8NAwP6w@0gIxu+#6rWsX?oKoyG?$KmL)QL_2B0`CMrN{L!gSz;Ch8Fsd))sAYcF zwji=@7iIB+v2vc}9c~wjZ%qGaL=OAQCUDS4P5zw1T@PqV{LZ&Qg=PD3g4LQns9ALn zw`O%4o(HZ>%vCp!<|U5NCOZDvz4cqyXTVu!1+$(BsOmSq@CuglZRhc`5H5*M7 z3M8we8vpQAqDKVUq0ZG6L1;E48*Z*3dG}q=+x6chc{I~|gNWOuO3Oz|uPGkK@+E3f z&-gzA5}+vZ+8?75u_3JCTfO{&S+XLvUoEen?_aHDw9hy`rJV`5X}3=GM8^DC{|SaY zNXQ8mPckR<2rIi(1%D@U0!nGlOMs+;AIU78K3=bMX##FLqV>01C)Ph5EGB&0dy^pZ zdgWPrKj{HoHE8nNYe-enO+fY-$7s6wk@z23EgJQddn6EJl&&OTqp z?ap7v;_pofU?Yjw*>T}mZtGNvd1 z%f)?Wc6ht;i8~DD0I~>@gj*l=4V$Eth+b*VQL(pn^LB}GS{zB7R9l8|xvTSrat1R% zH*P%Tc*D>oXI*UN4c*uf=Okv5a&$NmIfH?8jfezIS|5C zooaj$n31JP|0sKu5Lr;QCOYVPrZ40~YUmirrLjj|?n_eBk`K@9qPB=N#30#A+_96` zST$=ate~O#%;?O7{~&F%(0DeRoCY>|7}3iguQVZ~U_DKR(ci`g8|7>*R-F zfsKAnFFDvaKzB70PhEoFRH#_3RUeDjxI9+UM|OzyA$?kLZLU|xec$`yd69TxL!2P% zC5J+YB?iID}SSU2g9%w+29QFn)Itof1!BzlX@=p zBs?gNz46v`=$(Y8l^z?N(XNxUnSglPPdUm@hTT!Kk*Yk(G%a3-6WkBs&iEnSXd6D} zZVzZmYN0zS&arb_&`K}YuAaD%v4*zH;`p{yvsT*YICuL2+ZIHak)n3dKE)y)fjs-* zC{l0ZfXX5RcN+1W9SfftQ=2%?2I^FkfSHQL`@SwkSGzZ+*nA1SUM>)lyZYdMTeq+Z zapX$z@EJZ&BBQvud#KGKJ00GuTlncBWJkmfv0bwHi zRK7JY?fu9@h$RKGvDKCilY~3S z^f-oWl~}6yLSEBuXG??xLfP00%5EYHX->lBUU5B>Lh_;p4n4{Dd}`gDl6xj!D~hXn z);#GvcmLxC-rCRUV~=`0QGxvrYLJaJPwIOWt0qFB3LWV|+gd=5_kY%Gis`7?lm`|2 z_X@syO7+B^_fow{fg9I-Uw`*9v%Iy(@B2rHN5`L8Qv%1A2|j^oDZKZt1}$m}^*_Oq zS*N}gOxiM8xIV%^SV{1v-QKkGS$BCpT_PV#fPi*ubuhRbNo?v{>o$7SN>Vx3dQuH z8A=-Z>Z2g^^^$va!R4gUl}W`J9MC0{=?O0 zOT`l!TXU`f_H8*PH7?q-)z|y%uTdMR?IiCqg83pbQs#~$$-tsXX1Ow);hW?5x`XLt z#BbGv>siVe&k3&OhS$Ct#U?z&e4E}@-$SBhLBd|o`kaPmx0XHNSy)47t@@rsq^8^O zMa_6(RrdPKgi_WPtv=Yg#_SyyU5zP@%K_9_4B9`NfO(XwwbvaQFQ|UKzwx4GV0JxB zmF@eeCm6cQusn|;zE5;~mLqy@qG>D1bobyGDCmQ`%VU`Z`#}&e?@Jg)B1F+z(^HLwVB{{HrC6UIcVCQBLeiS4K-PcUyna)`caBsA0p zyJ1!zAiNHjTBj{t>i{ zl_J)-nkQ@3>wSbBch6#i$;|q9F*15SIlZ=mYFiw|#st*(n}F?J`nr;~M~IApUi!dy6#5C}kYxlgS_mCQ4IB9Q|T7C*V^J@7Zds3nOR`*ghzPqa5%1e-NhS zRSC_!8QZfp?a1X=vl?_@;ploNmt}!;x-gJ69#xnV-YVE%U4LryjvyZy4;?5$mYa~% zSq;6Ev<&3<=lTzwi`rZp;Ao6+zT8nEb#Z;3CozwUTwAiZWO%qp{laML>?eab<2_ok zmBSeR^P`SheiCq@HX(6fzt^0t%pIzh4RZi|I|qu^Im3)Fzck!0>_!GUth zUX5%Hbc|cV-));y2o7)BTb&x)h*_=4?<3f!dZS3n=PW$;kVj7awc@mD=UxcS(jTui z7IX{@XCy!Qo)*-gj^lPx+gva0brR%%e*QKF_F<nPtw3wHx{&`GzsiO`EHRS~^?+MC1fq|t6t-BD1ltr-ugJMP14%!f<$n9+E)P=B+x z!iv+6HrA?Hoo_#P=RDDXpzPnRV$rsJd5=gVYrGWI#x~lw^)n%-xgIVvgIT9O$xSHg zgET)4xVC<3eYzjC5lysf!J85Z46rZw%xE=MunixWTeQ-p4}H3Sl~8{I!hfnv=&?H1 zU14);NQR=WkhnP=D)&05W{KZyyk)DEZ1aj(J;pK z9Ug|OIy9y^XZ0eaca<{4b!x&er%J5&V8P=ni+dCZw@8b7b6jPs40xc@uwC@y*5_rN zdV?F``})ig8?bq@JDHtjw1Ui6caT z_|re+b`Bnw0Zx~D}4}_l;^$PCUnJG84Df{`3?deS`L|T&mBWXRdKTY*lWhO*d{4wQur>ToG=Jp{XRYan zTOAkwopQZ$fol$s3v2SZxHLFg*Tf${%Qt#UKpmO$zu&~!%kzuO^q&lu&Rt-R?#KkJ z#QtrUpJqz91H4|a;_dm{Xz!c=d}cUFeEhdOvhL37QgR3W{j98`|6|QZ6zsJCC1K_I}vJnY$JqU9 zfbZUm`wVyLJo%gDwEz#{DbSex&7uBxe!e5UxqDVNp{Mj>Fe+$yZvV=6Sa;zPuR`Hc zNsaf?Dx+#?r7PicQ!Y{Zbg*Q}Zd)Rby0W=4YAs#RqpMKB9Ib)swl4%^*%M4j4_gP8 zk}|kbU-%8$=Y|g3Q}W-Ft0=uo87uR(C#n{!4FVqi3!(8{mKBTP3`AOV79^34-M9S2K@n%sj6#LFw;v_I9!t z7e29&lB6UDTHwFqNbX1)=Z2(vE9mQO@Xc$>j%zD_qF6JkO%-#ZF)^zAw#0iydb$D7 zwZ5iZ^xUw;6kbP}gf4cy?odZ`lFs#MhU+Lyr_%Px{2SixG(fEs!0=krRhEF1!M4{%1Z9pFiM zBL}zYJ+m4@zZ=y>$|87>eyjyU&qj}Jvyy6?0Oj@f`>X7&ZAvPA`Y+(E;tdhfJ zt)cB}3pz`RMCkWJSO_saYr6C%xgwo9E zwH4QTK7ZJBfmiNSsq&|y!a9%W!vh9E@k{nMzB(3mr6y3>;GOB5g%l% zh6|{NhV7>YG@+gJ7L3yLOPzOws+R)lZ!-RJg=DM&H+EFrDOc3E2*mo0ob{!6_X9IR z#G|0vnabc^hmt{fgK2tXV67dBKG}nsqbqhg%Y#(yJAbC-&(2*$1v}Nv#S=;3modya6aox z2zw?+MgT#?c?kB__i}L@hrNwh;-4Zn33cX%_d)gEhnx$qWsu;~a;2zI5r7tCrMyXQ zEZ8L2=bY{uZ~Oq>R7c}Bz#{GM`>XC5ses1o|q`!afY%P(>pO$9WO6q#ir_|Zti0+I?A5P|z>7EJh>w(Veoqae{7xS>9 zwN!`U*Eie}X+c%p=D7 zwhOvSaPiYpuMFriHQLg0A)6XThhn@2D0Is~G7#=fHtRZV$G6b^RIis_l(Q8z_K-)9nRk3cDC(t(6%r?m+1G$sJu~dV@#E1Vw*~eBfxv5$Ne6&ccuIR80F$8o zmy|}T|7f_2a#7wzZz>)dBH(H+vWVjkXW;;lIFYC*ZkEpM?P&bN{1P8K4nmN3&3TO< zfngpOnY_PeMXP)8Q~{Kb1Fn3$f0CNRvrEu7u^e5mV;&kue64gYwsIG}%?93GdaZhp zNb^LfTStR))6~~CKM#ia1~#}KY)THz?c}`|840k8a6ML-+!HvNc_UJ?LQW1sSK@_N7a}0>c-)>Xdp$Pu>2;nJvKIba)F#? zcJbSnc^ZfdzuQ&SoZ;iznQn@{+}bHUWY{+^Xf$o{y})bmy=KnF7mxdp)xXA(GwJts zA+W1%0ondZz(8fCb85s#eoXPT(&>ds_~*H@XzUT1CW|UV_z~v# zr`;6QQ}it;RtXr5dO0JqfUX`?X%djw81=)gPi+7PZl}`Bksp{t_s@}>aBQg9Ld*d( zRiAWev{Cwod}!*v3Z|I2Iz|ffb>*zE+Yy|c9jHj2Qs2a(j}V%w@C&6CrK(PkFfyGf zvmE2$L9IZ*{oRO>N%;+3Nl;@!b@(fH#WnSQySg%4=PzTtsqxjx69+>O$* z?ZBADAS(mwQD%iQ?yg?P>3sf$WfE+qC)qV80IjGwnlZk#YFRD1{kjz&aNT;tk|&Bm z-k=&%;OsSVA^rCws6Nc5^h{V+=dSc2AMWZHAlGbT(Y$2+hCoA1e&fYfPj^R~=_g;4 zQe8#ltE30@XYtz)v)t1}+ZB6i&J*HfREcyO|7Sft+my$t164)}&Tp^HNTc=BVI=v7 z=qH+;sQp6;I+-xvCNR%j>3m8K^%Z3#Nm5*`|EeNvEV0@KsfFCWZkbe{GIairKlZlk zUe~(wUNia!w2{~i*jGC*K}Tc<(1fF!$$N3`hGmoIf@|DpVzbaxX|zmXYq6{DR8&$a(slGN0>76<8^Xyy$4%PRNWHgE4+517$9Ln(LF=bXMH z*m=uiQ)RCuXX+7 z!#gd%_yAl*xMbCm;{FX!Z$APO8f=i!gnvAQZRd+3M1XEtKW2+B`0WX#$H4%aZviP5 z07B~j{EobXJ8_N47SZ{i!}4-OnC+#2^2PD%gBm$GBxIta z=H{6NW_P&9ff>d`FxS8P^GC%0mixv3?%UD-<=#iA?I9Pu&WZZX3r{78?EW$TnIZva zvwruJ#S1{M)Nk}W|EGfji@-!TJX|$ZFRS6VryVa|h+rKM5EeT2wAA0?58y{v+wgk% I)%%hE2Y5R`uK)l5 literal 0 HcmV?d00001 diff --git a/data/test-atla-26072024.txt b/data/test-atla-26072024.txt new file mode 100644 index 0000000..79229f7 --- /dev/null +++ b/data/test-atla-26072024.txt @@ -0,0 +1,181 @@ +##################################################################### + testssl.sh version 3.0.9 from https://testssl.sh/ + + This program is free software. Distribution and modification under + GPLv2 permitted. USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK! + + Please file bugs @ https://testssl.sh/bugs/ + +##################################################################### + + Using bash 5.2.26. OpenSSL 1.0.2-bad (1.0.2k-dev) [~179 ciphers] + on archdesk:./bin/openssl.Linux.x86_64 + (built: Sep 1 14:03:44 2022, platform: linux-x86_64) + + Start 2024-07-26 09:50:59 -->> ***.***.***.***:443 (expedite-atla.apexaltruism.net) <<-- + + rDNS (***.***.***.***): ***-***-***-***-host.colocrossing.com. + Service detected: HTTP + + + Testing protocols via sockets except NPN+ALPN + + SSLv2 not offered (OK) + SSLv3 not offered (OK) + TLS 1 not offered + TLS 1.1 not offered + TLS 1.2 offered (OK) + TLS 1.3 offered (OK): final + NPN/SPDY not offered + ALPN/HTTP2 h2, http/1.1 (offered) + + Testing cipher categories + + NULL ciphers (no encryption) not offered (OK) + Anonymous NULL Ciphers (no authentication) not offered (OK) + Export ciphers (w/o ADH+NULL) not offered (OK) + LOW: 64 Bit + DES, RC[2,4] (w/o export) not offered (OK) + Triple DES Ciphers / IDEA not offered + Obsolete CBC ciphers (AES, ARIA etc.) offered + Strong encryption (AEAD ciphers) offered (OK) + + + Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 + + PFS is offered (OK) TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-CHACHA20-POLY1305 TLS_AES_128_GCM_SHA256 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA256 + ECDHE-ECDSA-AES128-SHA + Elliptic curves offered: prime256v1 secp384r1 secp521r1 X25519 X448 + Finite field group: ffdhe2048 ffdhe3072 ffdhe4096 ffdhe6144 ffdhe8192 + + Testing server preferences + + Has server cipher order? yes (OK) -- TLS 1.3 and below + Negotiated protocol TLSv1.3 + Negotiated cipher TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Cipher order + TLSv1.2: ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA + TLSv1.3: TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 + + + Testing server defaults (Server Hello) + + TLS extensions (standard) "renegotiation info/#65281" "server name/#0" "EC point formats/#11" "session ticket/#35" "supported versions/#43" "key share/#51" "supported_groups/#10" "max fragment length/#1" "application layer protocol negotiation/#16" + "encrypt-then-mac/#22" "extended master secret/#23" + Session Ticket RFC 5077 hint 7200 seconds, session tickets keys seems to be rotated < daily + SSL Session ID support yes + Session Resumption Tickets: yes, ID: yes + TLS clock skew Random values, no fingerprinting possible + Signature Algorithm ECDSA with SHA384 + Server key size EC 256 bits + Server key usage Digital Signature + Server extended key usage TLS Web Server Authentication, TLS Web Client Authentication + Serial 03E4F5F4193B80C23260316A3DAD48FEB7C2 (OK: length 18) + Fingerprints SHA1 C586B26696875DF4194D3888AC43F7098FD3A247 + SHA256 27466B5CC0E6909FF9EB05601432F275A5F6F5594B834DC30AFFBACBF798855E + Common Name (CN) *.apexaltruism.net + subjectAltName (SAN) *.apexaltruism.net apexaltruism.net + Issuer E6 (Let's Encrypt from US) + Trust (hostname) Ok via SAN wildcard (same w/o SNI) + Chain of trust Ok + EV cert (experimental) no + ETS/"eTLS", visibility info not present + Certificate Validity (UTC) 89 >= 30 days (2024-07-25 14:57 --> 2024-10-23 14:57) + # of certificates provided 2 + Certificate Revocation List -- + OCSP URI http://e6.o.lencr.org + OCSP stapling not offered + OCSP must staple extension -- + DNS CAA RR (experimental) not offered + Certificate Transparency yes (certificate extension) + + + Testing HTTP header response @ "/" + + HTTP Status Code 426 Upgrade Required. Oh, didn't expect "426 Upgrade Required" + HTTP clock skew -12 sec from localtime + Strict Transport Security not offered + Public Key Pinning -- + Server banner Python/3.12 websockets/12.0 + Application banner -- + Cookie(s) (none issued at "/") -- maybe better try target URL of 30x + Security headers Upgrade: websocket + Reverse Proxy banner -- + + + Testing vulnerabilities + + Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension + CCS (CVE-2014-0224) not vulnerable (OK) + Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK) + ROBOT Server does not support any cipher suites that use RSA key transport + Secure Renegotiation (RFC 5746) supported (OK) + Secure Client-Initiated Renegotiation not vulnerable (OK) + CRIME, TLS (CVE-2012-4929) not vulnerable (OK) + BREACH (CVE-2013-3587) no HTTP compression (OK) - only supplied "/" tested + POODLE, SSL (CVE-2014-3566) not vulnerable (OK), no SSLv3 support + TLS_FALLBACK_SCSV (RFC 7507) No fallback possible (OK), no protocol below TLS 1.2 offered + SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK) + FREAK (CVE-2015-0204) not vulnerable (OK) + DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK) + no RSA certificate, thus certificate can't be used with SSLv2 elsewhere + LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2 + BEAST (CVE-2011-3389) not vulnerable (OK), no SSL3 or TLS1 + LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches + RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK) + + + Testing 370 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength + +Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (IANA/RFC) +----------------------------------------------------------------------------------------------------------------------------- + x1302 TLS_AES_256_GCM_SHA384 ECDH 253 AESGCM 256 TLS_AES_256_GCM_SHA384 + x1303 TLS_CHACHA20_POLY1305_SHA256 ECDH 253 ChaCha20 256 TLS_CHACHA20_POLY1305_SHA256 + xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + xc024 ECDHE-ECDSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + xc00a ECDHE-ECDSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + xcca9 ECDHE-ECDSA-CHACHA20-POLY1305 ECDH 253 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 + x1301 TLS_AES_128_GCM_SHA256 ECDH 253 AESGCM 128 TLS_AES_128_GCM_SHA256 + xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + xc023 ECDHE-ECDSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + xc009 ECDHE-ECDSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + + + Running client simulations (HTTP) via sockets + + Android 6.0 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256) + Android 7.0 (native) TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + Android 8.1 (native) TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 253 bit ECDH (X25519) + Android 9.0 (native) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Android 10.0 (native) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Android 11 (native) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Android 12 (native) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Chrome 79 (Win 10) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Chrome 101 (Win 10) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Firefox 66 (Win 8.1/10) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Firefox 100 (Win 10) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + IE 6 XP No connection + IE 8 Win 7 No connection + IE 8 XP No connection + IE 11 Win 7 TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + IE 11 Win 8.1 TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + IE 11 Win Phone 8.1 TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + IE 11 Win 10 TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + Edge 15 Win 10 TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 253 bit ECDH (X25519) + Edge 101 Win 10 21H2 TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Safari 12.1 (iOS 12.2) TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 253 bit ECDH (X25519) + Safari 13.0 (macOS 10.14.6) TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 253 bit ECDH (X25519) + Safari 15.4 (macOS 12.3.1) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Java 7u25 No connection + Java 8u161 TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + Java 11.0.2 (OpenJDK) TLSv1.3 TLS_AES_256_GCM_SHA384, 256 bit ECDH (P-256) + Java 17.0.3 (OpenJDK) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + go 1.17.8 TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + LibreSSL 2.8.3 (Apple) TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305, 253 bit ECDH (X25519) + OpenSSL 1.0.2e TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + OpenSSL 1.1.0l (Debian) TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 253 bit ECDH (X25519) + OpenSSL 1.1.1d (Debian) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + OpenSSL 3.0.3 (git) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Apple Mail (16.0) TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + Thunderbird (91.9) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + + Done 2024-07-26 09:55:57 [ 332s] -->> ***.***.***.***:443 (expedite-atla.apexaltruism.net) <<-- diff --git a/data/test-mumb-26072024.txt b/data/test-mumb-26072024.txt new file mode 100644 index 0000000..33687cd --- /dev/null +++ b/data/test-mumb-26072024.txt @@ -0,0 +1,182 @@ +##################################################################### + testssl.sh version 3.0.9 from https://testssl.sh/ + + This program is free software. Distribution and modification under + GPLv2 permitted. USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK! + + Please file bugs @ https://testssl.sh/bugs/ + +##################################################################### + + Using bash 5.2.26. OpenSSL 1.0.2-bad (1.0.2k-dev) [~179 ciphers] + on archdesk:./bin/openssl.Linux.x86_64 + (built: Sep 1 14:03:44 2022, platform: linux-x86_64) + + Start 2024-07-26 09:45:14 -->>***.***.***.***:443 (expedite-mumb.apexaltruism.net) <<-- + + rDNS (***.***.***.***): -- + Service detected: HTTP + + + Testing protocols via sockets except NPN+ALPN + + SSLv2 not offered (OK) + SSLv3 not offered (OK) + TLS 1 not offered + TLS 1.1 not offered + TLS 1.2 offered (OK) + TLS 1.3 offered (OK): final + NPN/SPDY not offered + ALPN/HTTP2 not offered + + Testing cipher categories + + NULL ciphers (no encryption) not offered (OK) + Anonymous NULL Ciphers (no authentication) not offered (OK) + Export ciphers (w/o ADH+NULL) not offered (OK) + LOW: 64 Bit + DES, RC[2,4] (w/o export) not offered (OK) + Triple DES Ciphers / IDEA not offered + Obsolete CBC ciphers (AES, ARIA etc.) offered + Strong encryption (AEAD ciphers) offered (OK) + + + Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4 + + PFS is offered (OK) TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES256-CCM TLS_AES_128_GCM_SHA256 TLS_AES_128_CCM_SHA256 ECDHE-ECDSA-AES128-GCM-SHA256 + ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES128-CCM + Elliptic curves offered: prime256v1 secp384r1 secp521r1 X25519 X448 + Finite field group: ffdhe2048 ffdhe3072 ffdhe4096 ffdhe6144 ffdhe8192 + + Testing server preferences + + Has server cipher order? yes (OK) -- TLS 1.3 and below + Negotiated protocol TLSv1.3 + Negotiated cipher TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Cipher order + TLSv1.2: ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-ECDSA-AES256-CCM ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-CCM ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA + TLSv1.3: TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 TLS_AES_128_CCM_SHA256 + + + Testing server defaults (Server Hello) + + TLS extensions (standard) "renegotiation info/#65281" "server name/#0" "EC point formats/#11" "session ticket/#35" "supported versions/#43" "key share/#51" "supported_groups/#10" "max fragment length/#1" "encrypt-then-mac/#22" "extended master secret/#23" + Session Ticket RFC 5077 hint 7200 seconds, session tickets keys seems to be rotated < daily + SSL Session ID support yes + Session Resumption Tickets: yes, ID: yes + TLS clock skew Random values, no fingerprinting possible + Signature Algorithm ECDSA with SHA384 + Server key size EC 256 bits + Server key usage Digital Signature + Server extended key usage TLS Web Server Authentication, TLS Web Client Authentication + Serial 03E4F5F4193B80C23260316A3DAD48FEB7C2 (OK: length 18) + Fingerprints SHA1 C586B26696875DF4194D3888AC43F7098FD3A247 + SHA256 27466B5CC0E6909FF9EB05601432F275A5F6F5594B834DC30AFFBACBF798855E + Common Name (CN) *.apexaltruism.net + subjectAltName (SAN) *.apexaltruism.net apexaltruism.net + Issuer E6 (Let's Encrypt from US) + Trust (hostname) Ok via SAN wildcard (same w/o SNI) + Chain of trust Ok + EV cert (experimental) no + ETS/"eTLS", visibility info not present + Certificate Validity (UTC) 89 >= 30 days (2024-07-25 14:57 --> 2024-10-23 14:57) + # of certificates provided 2 + Certificate Revocation List -- + OCSP URI http://e6.o.lencr.org + OCSP stapling not offered + OCSP must staple extension -- + DNS CAA RR (experimental) not offered + Certificate Transparency yes (certificate extension) + + + Testing HTTP header response @ "/" + + HTTP Status Code 426 Upgrade Required. Oh, didn't expect "426 Upgrade Required" + HTTP clock skew 0 sec from localtime + Strict Transport Security not offered + Public Key Pinning -- + Server banner Python/3.12 websockets/12.0 + Application banner -- + Cookie(s) (none issued at "/") -- maybe better try target URL of 30x + Security headers Upgrade: websocket + Reverse Proxy banner -- + + + Testing vulnerabilities + + Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension + CCS (CVE-2014-0224) not vulnerable (OK) + Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK) + ROBOT Server does not support any cipher suites that use RSA key transport + Secure Renegotiation (RFC 5746) supported (OK) + Secure Client-Initiated Renegotiation not vulnerable (OK) + CRIME, TLS (CVE-2012-4929) not vulnerable (OK) + BREACH (CVE-2013-3587) no HTTP compression (OK) - only supplied "/" tested + POODLE, SSL (CVE-2014-3566) not vulnerable (OK), no SSLv3 support + TLS_FALLBACK_SCSV (RFC 7507) No fallback possible (OK), no protocol below TLS 1.2 offered + SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK) + FREAK (CVE-2015-0204) not vulnerable (OK) + DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK) + no RSA certificate, thus certificate can't be used with SSLv2 elsewhere + LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no DH key detected with <= TLS 1.2 + BEAST (CVE-2011-3389) not vulnerable (OK), no SSL3 or TLS1 + LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS. Check patches + RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK) + + + Testing 370 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength + +Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (IANA/RFC) +----------------------------------------------------------------------------------------------------------------------------- + x1302 TLS_AES_256_GCM_SHA384 ECDH 253 AESGCM 256 TLS_AES_256_GCM_SHA384 + x1303 TLS_CHACHA20_POLY1305_SHA256 ECDH 253 ChaCha20 256 TLS_CHACHA20_POLY1305_SHA256 + xc02c ECDHE-ECDSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + xc00a ECDHE-ECDSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + xcca9 ECDHE-ECDSA-CHACHA20-POLY1305 ECDH 253 ChaCha20 256 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 + xc0ad ECDHE-ECDSA-AES256-CCM ECDH 253 AESCCM 256 TLS_ECDHE_ECDSA_WITH_AES_256_CCM + x1301 TLS_AES_128_GCM_SHA256 ECDH 253 AESGCM 128 TLS_AES_128_GCM_SHA256 + x1304 TLS_AES_128_CCM_SHA256 ECDH 253 AESCCM 128 TLS_AES_128_CCM_SHA256 + xc02b ECDHE-ECDSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + xc023 ECDHE-ECDSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + xc009 ECDHE-ECDSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + xc0ac ECDHE-ECDSA-AES128-CCM ECDH 253 AESCCM 128 TLS_ECDHE_ECDSA_WITH_AES_128_CCM + + + Running client simulations (HTTP) via sockets + + Android 6.0 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256) + Android 7.0 (native) TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + Android 8.1 (native) TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 253 bit ECDH (X25519) + Android 9.0 (native) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Android 10.0 (native) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Android 11 (native) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Android 12 (native) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Chrome 79 (Win 10) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Chrome 101 (Win 10) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Firefox 66 (Win 8.1/10) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Firefox 100 (Win 10) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + IE 6 XP No connection + IE 8 Win 7 No connection + IE 8 XP No connection + IE 11 Win 7 TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + IE 11 Win 8.1 TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + IE 11 Win Phone 8.1 TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + IE 11 Win 10 TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + Edge 15 Win 10 TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 253 bit ECDH (X25519) + Edge 101 Win 10 21H2 TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Safari 12.1 (iOS 12.2) TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 253 bit ECDH (X25519) + Safari 13.0 (macOS 10.14.6) TLSv1.3 TLS_CHACHA20_POLY1305_SHA256, 253 bit ECDH (X25519) + Safari 15.4 (macOS 12.3.1) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Java 7u25 No connection + Java 8u161 TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + Java 11.0.2 (OpenJDK) TLSv1.3 TLS_AES_256_GCM_SHA384, 256 bit ECDH (P-256) + Java 17.0.3 (OpenJDK) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + go 1.17.8 TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + LibreSSL 2.8.3 (Apple) TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305, 253 bit ECDH (X25519) + OpenSSL 1.0.2e TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + OpenSSL 1.1.0l (Debian) TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 253 bit ECDH (X25519) + OpenSSL 1.1.1d (Debian) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + OpenSSL 3.0.3 (git) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + Apple Mail (16.0) TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384, 256 bit ECDH (P-256) + Thunderbird (91.9) TLSv1.3 TLS_AES_256_GCM_SHA384, 253 bit ECDH (X25519) + + Done 2024-07-26 09:46:48 [ 143s] -->> ***.***.***.***:443 (expedite-mumb.apexaltruism.net) <<--