From 6afb12bad7075b84b43a1e5370d557a7a3ba7313 Mon Sep 17 00:00:00 2001
From: erjosito <9462396+erjosito@users.noreply.github.com>
Date: Mon, 12 Aug 2024 16:29:04 +0000
Subject: [PATCH] [create-pull-request] automated change

---
 checklists-ext/fullwaf_checklist.en.json      |  1780 +-
 checklists/azure_storage_checklist.en.json    |  1128 +-
 checklists/azure_storage_checklist.es.json    |   566 +
 checklists/azure_storage_checklist.ja.json    |   566 +
 checklists/azure_storage_checklist.ko.json    |   566 +
 checklists/azure_storage_checklist.pt.json    |   566 +
 .../azure_storage_checklist.zh-Hant.json      |   566 +
 checklists/checklist.en.master.json           | 19592 +++++++++-------
 checklists/waf_checklist.en.json              |  1780 +-
 checklists/waf_checklist.es.json              |   434 +-
 checklists/waf_checklist.ja.json              |   434 +-
 checklists/waf_checklist.ko.json              |   434 +-
 checklists/waf_checklist.pt.json              |   434 +-
 checklists/waf_checklist.zh-Hant.json         |   434 +-
 .../macrofree/azure_storage_checklist.en.xlsx |   Bin 0 -> 26066 bytes
 .../macrofree/azure_storage_checklist.es.xlsx |   Bin 0 -> 26859 bytes
 .../macrofree/azure_storage_checklist.ja.xlsx |   Bin 0 -> 28159 bytes
 .../macrofree/azure_storage_checklist.ko.xlsx |   Bin 0 -> 27646 bytes
 .../macrofree/azure_storage_checklist.pt.xlsx |   Bin 0 -> 26768 bytes
 .../azure_storage_checklist.zh-Hant.xlsx      |   Bin 0 -> 27123 bytes
 .../macrofree/checklist.en.master.xlsx        |   Bin 439831 -> 476940 bytes
 spreadsheet/macrofree/waf_checklist.en.xlsx   |   Bin 176673 -> 201186 bytes
 spreadsheet/macrofree/waf_checklist.es.xlsx   |   Bin 187767 -> 193873 bytes
 spreadsheet/macrofree/waf_checklist.ja.xlsx   |   Bin 204812 -> 213921 bytes
 spreadsheet/macrofree/waf_checklist.ko.xlsx   |   Bin 198519 -> 206406 bytes
 spreadsheet/macrofree/waf_checklist.pt.xlsx   |   Bin 187869 -> 195071 bytes
 .../macrofree/waf_checklist.zh-Hant.xlsx      |   Bin 193318 -> 200124 bytes
 .../alz_checklist.en_network_counters.json    |   462 +-
 ...hecklist.en_network_counters_template.json |     2 +-
 .../alz_checklist.en_network_tabcounters.json |  1050 +-
 ...klist.en_network_tabcounters_template.json |     2 +-
 .../alz_checklist.en_network_workbook.json    |   480 +-
 ...hecklist.en_network_workbook_template.json |     2 +-
 ...hecklist.en_network_counters_workbook.json |   212 +-
 ...en_network_counters_workbook_template.json |     2 +-
 ...elivery_checklist.en_network_workbook.json |   140 +-
 ...hecklist.en_network_workbook_template.json |     2 +-
 ...torage_checklist.en_counters_workbook.json |   536 +
 ...ecklist.en_counters_workbook_template.json |    57 +
 .../azure_storage_checklist.en_workbook.json  |   295 +
 ...torage_checklist.en_workbook_template.json |    57 +
 41 files changed, 22801 insertions(+), 9778 deletions(-)
 create mode 100644 checklists/azure_storage_checklist.es.json
 create mode 100644 checklists/azure_storage_checklist.ja.json
 create mode 100644 checklists/azure_storage_checklist.ko.json
 create mode 100644 checklists/azure_storage_checklist.pt.json
 create mode 100644 checklists/azure_storage_checklist.zh-Hant.json
 create mode 100644 spreadsheet/macrofree/azure_storage_checklist.en.xlsx
 create mode 100644 spreadsheet/macrofree/azure_storage_checklist.es.xlsx
 create mode 100644 spreadsheet/macrofree/azure_storage_checklist.ja.xlsx
 create mode 100644 spreadsheet/macrofree/azure_storage_checklist.ko.xlsx
 create mode 100644 spreadsheet/macrofree/azure_storage_checklist.pt.xlsx
 create mode 100644 spreadsheet/macrofree/azure_storage_checklist.zh-Hant.xlsx
 create mode 100644 workbooks/azure_storage_checklist.en_counters_workbook.json
 create mode 100644 workbooks/azure_storage_checklist.en_counters_workbook_template.json
 create mode 100644 workbooks/azure_storage_checklist.en_workbook.json
 create mode 100644 workbooks/azure_storage_checklist.en_workbook_template.json

diff --git a/checklists-ext/fullwaf_checklist.en.json b/checklists-ext/fullwaf_checklist.en.json
index c9bd293fb..ea9c41ce6 100644
--- a/checklists-ext/fullwaf_checklist.en.json
+++ b/checklists-ext/fullwaf_checklist.en.json
@@ -1,5 +1,1759 @@
 {
     "items": [
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "70c15989-c726-42c7-b0d3-24b7375b9201",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/multi-tenant/considerations-recommendations",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "Use one Entra tenant for managing your Azure resources, unless you have a clear regulatory or business requirement for multi-tenants.",
+            "training": "https://learn.microsoft.com/training/modules/deploy-resources-scopes-bicep/2-understand-deployment-scopes",
+            "waf": "Operations"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6309957b-821a-43d1-b9d9-7fcf1802b747",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/multi-tenant/automation",
+            "service": "Entra",
+            "severity": "Low",
+            "text": "Use Multi-Tenant Automation approach to managing your Microsoft Entra ID Tenants.",
+            "training": "https://learn.microsoft.com/entra/architecture/multi-tenant-user-management-introduction/",
+            "waf": "Operations"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "78e11934-499a-45ed-8ef7-aae5578f0ecf",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/multi-tenant/lighthouse",
+            "service": "Entra",
+            "severity": "High",
+            "text": "Use Azure Lighthouse for Multi-Tenant Management with the same IDs.",
+            "training": "https://learn.microsoft.com/azure/lighthouse/concepts/cross-tenant-management-experience",
+            "waf": "Operations"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5d82e6df-6f61-42f2-82e2-3132d293be3d",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
+            "service": "Entra",
+            "severity": "High",
+            "text": "If you give a partner access to administer your tenant, use Azure Lighthouse.",
+            "training": "https://learn.microsoft.com/azure/lighthouse/how-to/onboard-customer",
+            "waf": "Cost"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "348ef254-c27d-442e-abba-c7571559ab91",
+            "link": "https://learn.microsoft.com/azure/role-based-access-control/overview",
+            "service": "Entra",
+            "severity": "High",
+            "text": "Enforce a RBAC model that aligns to your cloud operating model. Scope and Assign across Management Groups and Subscriptions.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
+            "waf": "Reliability"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "12e7f983-f630-4472-8dd6-9c5b5c2622f5",
+            "link": "https://learn.microsoft.com/azure/active-directory/roles/security-planning#identify-microsoft-accounts-in-administrative-roles-that-need-to-be-switched-to-work-or-school-accounts",
+            "service": "Entra",
+            "severity": "High",
+            "text": "Only use the authentication type Work or school account for all account types. Avoid using the Microsoft account",
+            "training": "https://learn.microsoft.com/learn/modules/explore-basic-services-identity-types/",
+            "waf": "Reliability"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "4b69bad3-3aad-45e8-a68e-1d76667313b4",
+            "link": "https://learn.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "Only use groups to assign permissions. Add on-premises groups to the Entra ID only group if a group management system is already in place.",
+            "training": "https://learn.microsoft.com/learn/paths/manage-identity-and-access/",
+            "waf": "Reliability"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "53e8908a-e28c-484c-93b6-b7808b9fe5c4",
+            "link": "https://learn.microsoft.com/azure/active-directory/conditional-access/overview",
+            "service": "Entra",
+            "severity": "High",
+            "text": "Enforce Microsoft Entra ID Conditional Access policies for any user with rights to Azure environments.",
+            "training": "https://learn.microsoft.com/learn/modules/plan-implement-administer-conditional-access/",
+            "waf": "Reliability"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1049d403-a923-4c34-94d0-0018ac6a9e01",
+            "link": "https://learn.microsoft.com/azure/active-directory/authentication/concept-mfa-howitworks",
+            "service": "Entra",
+            "severity": "High",
+            "text": "Enforce multi-factor authentication for any user with rights to the Azure environments.",
+            "training": "https://learn.microsoft.com/learn/modules/secure-aad-users-with-mfa/",
+            "waf": "Reliability"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "14658d35-58fd-4772-99b8-21112df27ee4",
+            "link": "https://learn.microsoft.com/azure/active-directory/privileged-identity-management/pim-configure",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "Enforce Microsoft Entra ID Privileged Identity Management (PIM) to establish zero standing access and least privilege.",
+            "training": "https://learn.microsoft.com/learn/modules/azure-ad-privileged-identity-management/",
+            "waf": "Reliability"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "8b9fe5c4-1049-4d40-9a92-3c3474d00018",
+            "link": "https://learn.microsoft.com/entra/identity/domain-services/overview",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "If planning to switch from Active Directory Domain Services to Entra domain services, evaluate the compatibility of all workloads.",
+            "training": "https://learn.microsoft.com/learn/modules/implement-hybrid-identity-windows-server/",
+            "waf": "Reliability"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1cf0b8da-70bd-44d0-94af-8d99cfc89ae1",
+            "link": "https://learn.microsoft.com/azure/active-directory/reports-monitoring/concept-activity-logs-azure-monitor",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "Integrate Microsoft Entra ID logs with the platform-central Azure Monitor. Azure Monitor allows for a single source of truth around log and monitoring data in Azure, giving organizations a cloud native options to meet requirements around log collection and retention.",
+            "training": "https://learn.microsoft.com/entra/identity/monitoring-health/howto-integrate-activity-logs-with-azure-monitor-logs",
+            "waf": "Reliability"
+        },
+        {
+            "ammp": true,
+            "checklist": "Azure Landing Zone Review",
+            "guid": "984a859c-773e-47d2-9162-3a765a917e1f",
+            "link": "https://learn.microsoft.com/azure/active-directory/roles/security-emergency-access",
+            "service": "Entra",
+            "severity": "High",
+            "text": "Implement an emergency access or break-glass accounts to prevent tenant-wide account lockout.",
+            "training": "https://learn.microsoft.com/learn/modules/azure-ad-privileged-identity-management/",
+            "waf": "Reliability"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "35037e68-9349-4c15-b371-228514f4cdff",
+            "link": "https://learn.microsoft.com/azure/active-directory/roles/best-practices",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "Do not use on-premises synced accounts for Microsoft Entra ID role assignments, unless you have a scenario that specifically requires it.",
+            "training": "https://learn.microsoft.com/learn/modules/design-identity-security-strategy/",
+            "waf": "Reliability"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d5d1e4e6-1465-48d3-958f-d77249b82111",
+            "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "When using Microsoft Entra ID Application Proxy to give remote users access to applications, manage it as a Platform resource as you can only have one instance per tenant.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-applications-external-access-azure-ad/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e8bbac75-7155-49ab-a153-e8908ae28c84",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/enterprise-scale/network-topology-and-connectivity",
+            "service": "VNet",
+            "severity": "Medium",
+            "text": "Use a hub-and-spoke network topology for network scenarios that require maximum flexibility.",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "7dd61623-a364-4a90-9eca-e48ebd54cd7d",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/traditional-azure-networking-topology",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Deploy shared networking services, including ExpressRoute gateways, VPN gateways, and Azure Firewall or partner NVAs in the central-hub virtual network. If necessary, also deploy DNS services.",
+            "training": "https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/",
+            "waf": "Cost"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "143b16c3-1d7a-4a9b-9470-4489a8042d88",
+            "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Use a DDoS Network or IP protection plan for all public IP addresses in application landing zones.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e2e8abac-3571-4559-ab91-53e89f89dc7b",
+            "link": "https://learn.microsoft.com/azure/architecture/reference-architectures/dmz/nva-ha",
+            "service": "NVA",
+            "severity": "Medium",
+            "text": "When deploying partner networking technologies or NVAs, follow the partner vendor's guidance.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "ce463dbb-bc8a-4c2a-aebc-92a43da1dae2",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-coexist-resource-manager#to-enable-transit-routing-between-expressroute-and-azure-vpn",
+            "service": "ExpressRoute",
+            "severity": "Low",
+            "text": "If you need transit between ExpressRoute and VPN gateways in hub and spoke scenarios, use Azure Route Server.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-route-server/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualHubs",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant",
+            "guid": "91b9d7d5-91e1-4dcb-8f1f-fa7e465646cc",
+            "link": "https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1",
+            "service": "ARS",
+            "severity": "Low",
+            "text": "If using Route Server, use a /27 prefix for the Route Server subnet.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-route-server/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "cc881471-607c-41cc-a0e6-14658dd558f9",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-networks-faq#can-i-create-a-peering-connection-to-a-vnet-in-a-different-region",
+            "service": "VNet",
+            "severity": "Medium",
+            "text": "For network architectures with multiple hub-and-spoke topologies across Azure regions, use global virtual network peerings between the hub VNets to connect the regions to each other.",
+            "training": "https://learn.microsoft.com/learn/paths/azure-administrator-manage-virtual-networks/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "4722d929-c1b1-4cd6-81f5-4b29bade39ad",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/insights/network-insights-overview",
+            "service": "VNet",
+            "severity": "Medium",
+            "text": "Use Azure Monitor for Networks to monitor the end-to-end state of the networks on Azure.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-network-monitoring/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant",
+            "guid": "0e7c28ec-9366-4572-83b0-f4664b1d944a",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits",
+            "service": "VNet",
+            "severity": "Medium",
+            "text": "If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000).",
+            "training": "https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant",
+            "guid": "3d457936-e9b7-41eb-bdff-314b26450b12",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits",
+            "service": "VNet",
+            "severity": "Medium",
+            "text": "Limit the number of routes per route table to 400.",
+            "training": "https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)",
+            "guid": "c76cb5a2-abe2-11ed-afa1-0242ac120002",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings.",
+            "training": "https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "de0d5973-cd4c-4d21-a088-137f5e6c4cfd",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-macsec",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "When you're using ExpressRoute Direct, configure MACsec in order to encrypt traffic at the layer-two level between the organization's routers and MSEE. The diagram shows this encryption in flow.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "ed301d6e-872e-452e-9611-cc58b5a4b151",
+            "link": "https://learn.microsoft.com/azure/vpn-gateway/site-to-site-vpn-private-peering",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "For scenarios where MACsec isn't an option (for example, not using ExpressRoute Direct), use a VPN gateway to establish IPsec tunnels over ExpressRoute private peering.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "558fd772-49b8-4211-82df-27ee412e7f98",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "Ensure no overlapping IP address spaces across Azure regions and on-premises locations are used.",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr",
+            "guid": "3f630472-2dd6-49c5-a5c2-622f54b69bad",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
+            "service": "VNet",
+            "severity": "Medium",
+            "text": "Use IP addresses from the address allocation ranges for private internets (RFC 1918).",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant",
+            "guid": "33aad5e8-c68e-41d7-9667-313b4f5664b5",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16).",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "f348ef25-4c27-4d42-b8bb-ac7571559ab9",
+            "link": "https://learn.microsoft.com/azure/site-recovery/concepts-on-premises-to-azure-networking#retain-ip-addresses",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Do not use overlapping IP address ranges for production and disaster recovery sites.",
+            "training": "https://learn.microsoft.com/learn/paths/az-104-manage-virtual-networks/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/dnsZones",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "153e8908-ae28-4c84-a33b-6b7808b9fe5c",
+            "link": "https://learn.microsoft.com/azure/dns/private-dns-getstarted-portal",
+            "service": "DNS",
+            "severity": "Medium",
+            "text": "For environments where name resolution in Azure is all that's required, use Azure Private DNS for resolution with a delegated zone for name resolution (such as 'azure.contoso.com').",
+            "training": "https://learn.microsoft.com/learn/paths/az-104-manage-virtual-networks/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Network/dnsZones",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "41049d40-3a92-43c3-974d-00018ac6a9e0",
+            "link": "https://learn.microsoft.com/azure/dns/dns-private-resolver-overview",
+            "service": "DNS",
+            "severity": "Medium",
+            "text": "For environments where name resolution across Azure and on-premises is required and there is no existing enterprise DNS service like Active Directory, use Azure DNS Private Resolver to route DNS requests to Azure or to on-premises DNS servers.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-dns-private-resolver/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/dnsZones",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1e6a83de-5de3-42c1-a924-81607d5d1e4e",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances",
+            "service": "DNS",
+            "severity": "Low",
+            "text": "Special workloads that require and deploy their own DNS (such as Red Hat OpenShift) should use their preferred DNS solution.",
+            "training": "https://learn.microsoft.com/training/courses/az-700t00",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Network/dnsZones",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "614658d3-558f-4d77-849b-821112df27ee",
+            "link": "https://learn.microsoft.com/azure/dns/private-dns-autoregistration",
+            "service": "DNS",
+            "severity": "High",
+            "text": "Enable auto-registration for Azure DNS to automatically manage the lifecycle of the DNS records for the virtual machines deployed within a virtual network.",
+            "training": "https://learn.microsoft.com/learn/paths/az-104-manage-virtual-networks/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/bastionHosts",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "ee1ac551-c4d5-46cf-b035-d0a3c50d87ad",
+            "link": "https://learn.microsoft.com/azure/bastion/bastion-overview",
+            "service": "Bastion",
+            "severity": "Medium",
+            "text": "Use Azure Bastion to securely connect to your network.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-bastion/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/bastionHosts",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant",
+            "guid": "6eab9eb6-762b-485e-8ea8-15aa5dba0bd0",
+            "link": "https://learn.microsoft.com/azure/bastion/bastion-faq#subnet",
+            "service": "Bastion",
+            "severity": "Medium",
+            "text": "Use Azure Bastion in a subnet /26 or larger.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-bastion/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/frontdoorwebApplicationFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1d7aa9b6-4704-4489-a804-2d88e79d17b7",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/afds-overview",
+            "service": "WAF",
+            "severity": "Medium",
+            "text": "Use Azure Front Door and WAF policies to provide global protection across Azure regions for inbound HTTP/S connections to a landing zone.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/frontdoorwebApplicationFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "3b22a5a6-7e7a-48ed-9b30-e38c3f29812b",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
+            "service": "WAF",
+            "severity": "Low",
+            "text": "When using Azure Front Door and Azure Application Gateway to help protect HTTP/S apps, use WAF policies in Azure Front Door. Lock down Azure Application Gateway to receive traffic only from Azure Front Door.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/frontdoorwebApplicationFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "2363cefe-179b-4599-be0d-5973cd4cd21b",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
+            "service": "WAF",
+            "severity": "High",
+            "text": "When WAFs and other reverse proxies are required for inbound HTTP/S connections, deploy them within a landing-zone virtual network and together with the apps that they're protecting and exposing to the internet.",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "088137f5-e6c4-4cfd-9e50-4547c2447ec6",
+            "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-reference-architectures",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Use Azure DDoS Network or IP Protection plans to help protect Public IP Addresses endpoints within the virtual networks.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b034c01e-110b-463a-b36e-e3346e57f225",
+            "link": "https://learn.microsoft.com/azure/virtual-network/ip-services/default-outbound-access",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Plan for how to manage your network outbound traffic configuration and strategy before the upcoming breaking change. On September 30, 2025, default outbound access for new deployments will be retired and only explicit access configurations will be allowed.",
+            "training": "https://learn.microsoft.com/training/modules/configure-virtual-networks/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b1c82a3f-2320-4dfa-8972-7ae4823c8930",
+            "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-reference-architectures",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Add diagnostic settings to save DDoS related logs for all the protected public IP addresses (DDoS IP or Network Protection).",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "3c5a808d-c695-4c14-a63c-c7ab7a510e41",
+            "link": "https://github.com/Azure/Enterprise-Scale/wiki/ALZ-Policies#corp",
+            "service": "Policy",
+            "severity": "High",
+            "text": "Ensure there is a policy assignment to deny Public IP addresses directly tied to Virtual Machines.  Use exclusions if public IPs are needed on specific VMs.",
+            "training": "https://learn.microsoft.com/training/modules/configure-azure-policy/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "359c373e-7dd6-4162-9a36-4a907ecae48e",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/connectivity-to-azure",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Use ExpressRoute as the primary connection to Azure.  Use VPNs as a source of backup connectivity.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "description": "You can use AS-path prepending and connection weights to influence traffic from Azure to on-premises, and the full range of BGP attributes in your own routers to influence traffic from on-premises to Azure.",
+            "guid": "f29812b2-363c-4efe-879b-599de0d5973c",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-routing",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "When you use multiple ExpressRoute circuits or multiple on-prem locations, use BGP attributes to optimize routing.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant",
+            "guid": "d4cd21b0-8813-47f5-b6c4-cfd3e504547c",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant",
+            "guid": "7025b442-f6e9-4af6-b11f-c9574916016f",
+            "link": "https://learn.microsoft.com/azure/expressroute/plan-manage-cost",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/",
+            "waf": "Cost"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id",
+            "guid": "f4e7926a-ec35-476e-a412-5dd17136bd62",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/",
+            "waf": "Cost"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant",
+            "guid": "2447ec66-138a-4720-8f1c-e16ed301d6e8",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "72e52e36-11cc-458b-9a4b-1511e43a58a9",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/connectivity-to-azure",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "For scenarios that require bandwidth higher than 10 Gbps or dedicated 10/100-Gbps ports, use ExpressRoute Direct.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "c2299c4d-7b57-4d0c-9555-62f2b3e4563a",
+            "link": "https://learn.microsoft.com/azure/expressroute/about-fastpath",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "When low latency is required, or throughput from on-premises to Azure must be greater than 10 Gbps, enable FastPath to bypass the ExpressRoute gateway from the data path.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "microsoft.network/virtualNetworkGateways",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant",
+            "guid": "4d873974-8b66-42d6-b15f-512a65498f6d",
+            "link": "https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway",
+            "service": "VPN",
+            "severity": "Medium",
+            "text": "Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available).",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/virtualNetworkGateways",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "45866df8-cf85-4ca9-bbe2-65ec1478919e",
+            "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-highlyavailable",
+            "service": "VPN",
+            "severity": "Medium",
+            "text": "Use redundant VPN appliances on-premises (active/active or active/passive).",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "718cb437-b060-2589-8856-2e93a5c6633b",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-erdirect-about",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "If using ExpressRoute Direct, consider using ExpressRoute Local circuits to the local Azure regions to save costs.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Cost"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "8042d88e-79d1-47b7-9b22-a5a67e7a8ed4",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/services/networking/expressroute/reliability",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "When traffic isolation or dedicated bandwidth is required, such as for separating production and nonproduction environments, use different ExpressRoute circuits. It will help you ensure isolated routing domains and alleviate noisy-neighbor risks.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b30e38c3-f298-412b-8363-cefe179b599d",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-monitoring-metrics-alerts",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Monitor ExpressRoute availability and utilization using built-in Express Route Insights.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5bf68dc9-325e-4873-bf88-f8214ef2e5d2",
+            "link": "https://learn.microsoft.com/azure/expressroute/how-to-configure-connection-monitor",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Use Connection Monitor for connectivity monitoring across the network, especially between on-premises and Azure.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2)",
+            "guid": "e0d5973c-d4cd-421b-8881-37f5e6c4cfd3",
+            "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Use ExpressRoute circuits from different peering locations for redundancy.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "cf3fe65c-fec0-495a-8edc-9675200f2add",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-coexist-resource-manager",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Use site-to-site VPN as failover of ExpressRoute, if only using a single ExpressRoute circuit.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation))",
+            "guid": "72105cc8-aaea-4ee1-8c7a-ad25977afcaf",
+            "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d581a947-69a2-4783-942e-9df3664324c8",
+            "link": "https://learn.microsoft.com/azure/expressroute/designing-for-high-availability-with-expressroute#active-active-connections",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "If using ExpressRoute, your on-premises routing should be dynamic: in the event of a connection failure it should converge to the remaining connection of the circuit. Load should be shared across both connections ideally as active/active, although active/passive is supported too.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b258f058-b9f6-46cd-b28d-990106f0c3f8",
+            "link": "https://learn.microsoft.com/azure/expressroute/designing-for-high-availability-with-expressroute",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Ensure the two physical links of your ExpressRoute circuit are connected to two distinct edge devices in your network.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "fe2a1b53-6fbd-4c67-b58a-85d7c7a0afcb",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-bfd",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Ensure Bidirectional Forwarding Detection (BFD) is enabled and configured on customer or provider edge routing devices.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "669b215a-ce43-4371-8f6f-11047f6490f1",
+            "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "Connect the ExpressRoute Gateway to two or more circuits from different peering locations for higher resiliency.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "3f79ed00-203b-4c95-9efd-691505f5a1f9",
+            "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-howto-setup-alerts-virtual-network-gateway-log",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Configure diagnostic logs and alerts for ExpressRoute virtual network gateway.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5234c93f-b651-41dd-80c1-234177b91ced",
+            "link": "https://learn.microsoft.com/azure/expressroute/virtual-network-connectivity-guidance",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Do not use ExpressRoute circuits for VNet-to-VNet communication.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Performance"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "8ac6a9e0-1e6a-483d-b5de-32c199248160",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-about",
+            "service": "N/A",
+            "severity": "Low",
+            "text": "Do not send Azure traffic to hybrid locations for inspection.  Instead, follow the principle 'traffic in Azure stays in Azure' so that communication across resources in Azure occurs via the Microsoft backbone network.",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e6c4cfd3-e504-4547-a244-7ec66138a720",
+            "link": "https://learn.microsoft.com/azure/firewall/overview",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "Use Azure Firewall to govern Azure outbound traffic to the internet, non-HTTP/S inbound connections, and East/West traffic filtering (if the organization requires it).",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5a4b1511-e43a-458a-ac22-99c4d7b57d0c",
+            "link": "https://learn.microsoft.com/azure/firewall-manager/policy-overview",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Create a global Azure Firewall policy to govern security posture across the global network environment and assign it to all Azure Firewall instances. Allow for granular policies to meet requirements of specific regions by delegating incremental firewall policies to local security teams via Azure role-based access control.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "655562f2-b3e4-4563-a4d8-739748b662d6",
+            "link": "https://learn.microsoft.com/azure/firewall-manager/deploy-trusted-security-partner",
+            "service": "Firewall",
+            "severity": "Low",
+            "text": "Configure supported partner SaaS security providers within Firewall Manager if the organization wants to use such solutions to help protect outbound connections.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant",
+            "guid": "14d99880-2f88-47e8-a134-62a7d85c94af",
+            "link": "https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant",
+            "guid": "c10d51ef-f999-455d-bba0-5c90ece07447",
+            "link": "https://learn.microsoft.com/azure/firewall/premium-features",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "Use Azure Firewall Premium to enable additional security features.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-firewall/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant",
+            "guid": "e9c8f584-6d5e-473b-8dc5-acc9fbaab4e3",
+            "link": "https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant",
+            "guid": "b9d0dff5-bdd4-4cd8-88ed-5811610b2b2c",
+            "link": "https://learn.microsoft.com/azure/firewall/premium-features#idps",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "Configure Azure Firewall IDPS mode to Deny for additional protection.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-firewall/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant",
+            "guid": "a3784907-9836-4271-aafc-93535f8ec08b",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "715d833d-4708-4527-90ac-1b142c7045ba",
+            "link": "https://learn.microsoft.com/azure/firewall/firewall-structured-logs",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Add diagnostic settings to save logs, using the Resource Specific destination table, for all Azure Firewall deployments.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e960fc6b-4ab2-4db6-9609-3745135f9ffa",
+            "link": "https://learn.microsoft.com/azure/firewall-manager/migrate-to-policy",
+            "service": "Firewall",
+            "severity": "Important",
+            "text": "Migrate from Azure Firewall Classic rules (if exist) to Firewall Policy.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant",
+            "guid": "22d6419e-b627-4d95-9e7d-019fa759387f",
+            "link": "https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "Use a /26 prefix for your Azure Firewall subnets.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-firewall/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "828cec2e-af6c-40c2-8fa2-1b681ee63eb7",
+            "link": "https://learn.microsoft.com/azure/firewall-manager/rule-hierarchy",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Arrange rules within the firewall policy into Rule Collection Groups and Rule Collections and based on their frequency of use.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-firewall-manager/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "0da83bb1-2f39-49af-b5c9-835fc455e3d1",
+            "link": "https://learn.microsoft.com/azure/firewall/ip-groups",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Use IP Groups or IP prefixes to reduce number of IP table rules.",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "c44c6f0e-1642-4a61-a17b-0922f835c93a",
+            "link": "https://learn.microsoft.com/azure/firewall/tutorial-firewall-dnat",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Do not use wildcards as a source IP for DNATS, such as * or any, you should specify source IPs for incoming DNATs.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-to-azure-virtual-networks/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "7371dc21-251a-47a3-af14-6e01b9da4757",
+            "link": "https://learn.microsoft.com/azure/firewall/integrate-with-nat-gateway",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Prevent SNAT Port exhaustion by monitoring SNAT port usage, evaluating NAT Gateway settings, and ensuring seamless failover. If the port count approaches the limit, it’s a sign that SNAT exhaustion might be imminent.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-to-azure-virtual-networks/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "346840b8-1064-496e-8396-4b1340172d52",
+            "link": "https://learn.microsoft.com/azure/firewall/premium-features#tls-inspection",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "If you are using Azure Firewall Premium, enable TLS Inspection.",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "39990a13-915c-45f9-a2d3-562d7d6c4b7c",
+            "link": "https://learn.microsoft.com/azure/firewall/premium-features#web-categories",
+            "service": "Firewall",
+            "severity": "Low",
+            "text": "Use web categories to allow or deny outbound access to specific topics.",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6eff7e6c-6c4a-43d7-be3f-6641c2cb3d4a",
+            "link": "https://learn.microsoft.com/azure/architecture/example-scenario/gateway/application-gateway-before-azure-firewall",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "As part of your TLS inspection, plan for receiving traffic from Azure App Gateways for inspection.",
+            "training": "https://learn.microsoft.com/training/modules/configure-azure-application-gateway/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "94f3eede-9aa3-4088-92a3-bb9a56509fad",
+            "link": "https://learn.microsoft.com/azure/firewall/dns-details",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Enable Azure Firewall DNS proxy configuration.",
+            "training": "https://learn.microsoft.com/training/courses/az-700t00/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1dc04554-dece-4ffb-a49e-5c683e09f8da",
+            "link": "https://learn.microsoft.com/azure/firewall/firewall-diagnostics",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "Integrate Azure Firewall with Azure Monitor and enable diagnostic logging to store and analyze firewall logs.",
+            "training": "https://learn.microsoft.com/training/courses/az-700t00/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "64e7000e-3c06-485e-b455-ced7f454cba3",
+            "link": "https://learn.microsoft.com/azure/well-architected/service-guides/azure-firewall",
+            "service": "Firewall",
+            "severity": "Low",
+            "text": "Implement backups for your firewall rules",
+            "training": "https://learn.microsoft.com/training/courses/az-104t00/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/applicationGateways",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d301d6e8-72e5-42e3-911c-c58b5a4b1511",
+            "link": "https://learn.microsoft.com/azure/virtual-network/vnet-integration-for-azure-services",
+            "service": "AppGW",
+            "severity": "High",
+            "text": "Do not disrupt control-plane communication for Azure PaaS services injected into a virtual networks, such as with a 0.0.0.0/0 route or an NSG rule that blocks control plane traffic.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b3e4563a-4d87-4397-98b6-62d6d15f512a",
+            "link": "https://learn.microsoft.com/azure/private-link/private-endpoint-overview",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Access Azure PaaS services from on-premises via private endpoints and ExpressRoute private peering. This method avoids transiting over the public internet.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc",
+            "guid": "4704489a-8042-4d88-b79d-17b73b22a5a6",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Don't enable virtual network service endpoints by default on all subnets.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "7e7a8ed4-b30e-438c-9f29-812b2363cefe",
+            "link": "azure/private-link/inspect-traffic-with-azure-firewall",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Filter egress traffic to Azure PaaS services using FQDNs instead of IP addresses in Azure Firewall or an NVA to prevent data exfiltration. If using Private Link you can block all FQDNs, otherwise allow only the required PaaS services.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant",
+            "guid": "f2aad7e3-bb03-4adc-8606-4123d342a917",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "Use at least a /27 prefix for your Gateway subnets.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/networkSecurityGroups",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)",
+            "guid": "11deb39d-8299-4e47-bbe0-0fb5a36318a8",
+            "link": "https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags",
+            "service": "NSG",
+            "severity": "High",
+            "text": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/networkSecurityGroups",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "872e52e3-611c-4c58-a5a4-b1511e43a58a",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-landing-zone-network-segmentation",
+            "service": "NSG",
+            "severity": "Medium",
+            "text": "Use NSGs to help protect traffic across subnets, as well as east/west traffic across the platform (traffic between landing zones).",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/networkSecurityGroups",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "a4d87397-48b6-462d-9d15-f512a65498f6",
+            "link": "https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works",
+            "service": "NSG",
+            "severity": "Medium",
+            "text": "Use NSGs and application security groups to micro-segment traffic within the landing zone and avoid using a central NVA to filter traffic flows.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/networkSecurityGroups",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "dfe237de-143b-416c-91d7-aa9b64704489",
+            "link": "https://learn.microsoft.com/azure/network-watcher/vnet-flow-logs-overview",
+            "service": "NSG",
+            "severity": "Medium",
+            "text": "Enable VNet Flow Logs and feed them into Traffic Analytics to gain insights into internal and external traffic flows.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-network-monitoring/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/networkSecurityGroups",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900)",
+            "guid": "0390417d-53dc-44d9-b3f4-c8832f359b41",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits",
+            "service": "NSG",
+            "severity": "Medium",
+            "text": "Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules.",
+            "training": "https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "412e7f98-3f63-4047-82dd-69c5b5c2622f",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/scenario-any-to-any",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "Use Virtual WAN if your scenario is explicitly described in the list of Virtual WAN routing designs.",
+            "training": "https://learn.microsoft.com/learn/modules/introduction-azure-virtual-wan/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "54b69bad-33aa-4d5e-ac68-e1d76667313b",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/virtual-wan-network-topology#virtual-wan-network-design-recommendationst",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "Use a Virtual WAN hub per Azure region to connect multiple landing zones together across Azure regions via a common global Azure Virtual WAN.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant",
+            "guid": "7d5d1e4e-6146-458d-9558-fd77249b8211",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/howto-firewall",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6667313b-4f56-464b-9e98-4a859c773e7d",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/migrate-from-hub-spoke-topology",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "Ensure that your virtual WAN network architecture aligns to an identified architecture scenario.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "261623a7-65a9-417e-8f34-8ef254c27d42",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/azure-monitor-insights",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "Use Azure Monitor Insights for Virtual WAN to monitor the end-to-end topology of the Virtual WAN, status, and key metrics.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "727c77e1-b9aa-4a37-a024-129d042422c1",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-faq#is-branch-to-branch-connectivity-allowed-in-virtual-wan",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "Do not disable branch-to-branch traffic in Virtual WAN, unless these flows should be explicitly blocked.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d49ac006-6670-4bc9-9948-d3e0a3a94f4d",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/about-virtual-hub-routing-preference",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "Use AS-Path as hub routing preference, since it is more flexible than ExpressRoute or VPN.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "2586b854-237e-47f1-84a1-d45d4cd2310d",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/about-virtual-hub-routing#labels",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "Configure label-based propagation in Virtual WAN, otherwise connectivity between virtual hubs will be impaired.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "9c75dfef-573c-461c-a698-68598595581a",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-faq#what-is-the-recommended-hub-address-space-during-hub-creation",
+            "service": "VWAN",
+            "severity": "High",
+            "text": "Assign at least a /23 prefix to virtual hubs to ensure enough IP space is available.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5c986cb2-9131-456a-8247-6e49f541acdc",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "severity": "High",
+            "text": "Leverage Azure Policy strategically, define controls for your environment, using Policy Initiatives to group related policies.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d8a2adb1-17d6-4326-af62-5ca44e5695f2",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "Map regulatory and compliance requirements to Azure Policy definitions and Azure role assignments.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "223ace8c-b123-408c-a501-7f154e3ab369",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "Establish Azure Policy definitions at the intermediate root management group so that they can be assigned at inherited scopes.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "3829e7e3-1618-4368-9a04-77a209945bda",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "severity": "High",
+            "text": "Manage policy assignments at the highest appropriate level with exclusions at bottom levels, if required.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "43334f24-9116-4341-a2ba-527526944008",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/mcsb-asset-management#am-2-use-only-approved-services",
+            "service": "Policy",
+            "severity": "Low",
+            "text": "Use Azure Policy to control which services users can provision at the subscription/management group level.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "be7d7e48-4327-46d8-adc0-55bcf619e8a1",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "severity": "High",
+            "text": "Use built-in policies where possible to minimize operational overhead.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "description": "Assigning the Resource Policy Contributor role to specific scopes allows you to delegate policy management to relevant teams. For instance, a central IT team may oversee management group-level policies, while application teams handle policies for their subscriptions, enabling distributed governance with adherence to organizational standards.",
+            "guid": "3f988795-25d6-4268-a6d7-0ba6c97be995",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview#azure-rbac-permissions-in-azure-policy",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "Assign the built-in Resource Policy Contributor role at a particular scope to enable application-level governance.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "19048384-5c98-46cb-8913-156a12476e49",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "Limit the number of Azure Policy assignments made at the root management group scope to avoid managing through exclusions at inherited scopes.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5a917e1f-348e-4f25-9c27-d42e8bbac757",
+            "link": "https://learn.microsoft.com/industry/release-plan/2023wave2/cloud-sovereignty/enable-data-sovereignty-policy-baseline",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "If any data sovereignty requirements exist, Azure Policies should be deployed to enforce them.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-your-cloud-data/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "78b22132-b41c-460b-a4d3-df8f73a67dc2",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/sovereign-landing-zone",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "For Sovereign Landing Zone, deploy sovereignty policy baseline and assign at correct management group level.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "caeea0e9-1024-41df-a52e-d99c3f22a6f4",
+            "link": "https://learn.microsoft.com/industry/sovereignty/policy-portfolio-baseline",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "For Sovereign Landing Zone, document Sovereign Control objectives to policy mapping.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "9b461617-db7b-4399-8ac6-d4eb7153893a",
+            "link": "https://learn.microsoft.com/industry/sovereignty/policy-portfolio-baseline#sovereignty-baseline-policy-initiatives",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "For Sovereign Landing Zone, ensure process is in place for management of 'Sovereign Control objectives to policy mapping'.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Insights/components",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "67e7a8ed-4b30-4e38-a3f2-9812b2363cef",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
+            "service": "Monitor",
+            "severity": "Medium",
+            "text": "Use a single monitor logs workspace to manage platforms centrally except where Azure role-based access control (Azure RBAC), data sovereignty requirements, or data retention policies mandate separate workspaces.",
+            "training": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Insights/components",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5e6c4cfd-3e50-4454-9c24-47ec66138a72",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/data-retention-archive?tabs=portal-1%2Cportal-2#how-retention-and-archiving-work",
+            "service": "Monitor",
+            "severity": "High",
+            "text": "Export logs to Azure Storage if your log retention requirements exceed twelve years. Use immutable storage with a write-once, read-many policy to make data non-erasable and non-modifiable for a user-specified interval.",
+            "training": "https://learn.microsoft.com/learn/paths/architect-infrastructure-operations/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e7d7e484-3276-4d8b-bc05-5bcf619e8a13",
+            "link": "https://learn.microsoft.com/azure/governance/machine-configuration/overview",
+            "service": "VM",
+            "severity": "Medium",
+            "text": "Monitor OS level virtual machine (VM) configuration drift using Azure Policy. Enabling Azure Automanage Machine Configuration audit capabilities through policy helps application team workloads to immediately consume feature capabilities with little effort.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "f9887952-5d62-4688-9d70-ba6c97be9951",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#update-management-considerations",
+            "service": "VM",
+            "severity": "Medium",
+            "text": "Use Azure Update Manager as a patching mechanism for Windows and Linux VMs in Azure.",
+            "training": "https://learn.microsoft.com/azure/update-manager/overview?tabs=azure-vms",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "c806c048-26b7-4ddf-b4c2-b4f0c476925d",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#update-management-considerations ",
+            "service": "VM",
+            "severity": "Medium",
+            "text": "Use Azure Update Manager as a patching mechanism for Windows and Linux VMs outside of Azure using Azure Arc.",
+            "training": "https://learn.microsoft.com/azure/update-manager/overview?tabs=azure-vms",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/networkWatchers",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "90483845-c986-4cb2-a131-56a12476e49f",
+            "link": "https://learn.microsoft.com/azure/network-watcher/network-watcher-monitoring-overview",
+            "service": "Network Watcher",
+            "severity": "Medium",
+            "text": "Use Network Watcher to proactively monitor traffic flows.",
+            "training": "https://learn.microsoft.com/learn/modules/configure-network-watcher/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Insights/components",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6944008b-e7d7-4e48-9327-6d8bdc055bcf",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-setup-guide/monitoring-reporting?tabs=AzureMonitor",
+            "service": "Monitor",
+            "severity": "Medium",
+            "text": "Use Azure Monitor Logs for insights and reporting.",
+            "training": "https://learn.microsoft.com/training/modules/configure-azure-monitor/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Insights/components",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "97be9951-9048-4384-9c98-6cb2913156a1",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/alerts/alerts-overview",
+            "service": "Monitor",
+            "severity": "Medium",
+            "text": "Use Azure Monitor alerts for the generation of operational alerts.",
+            "training": "https://learn.microsoft.com/training/modules/incident-response-with-alerting-on-azure/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Insights/components",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "fed3c55f-a67e-4875-aadd-3aba3f9fde31",
+            "link": "https://learn.microsoft.com/azure/automation/how-to/region-mappings",
+            "service": "Monitor",
+            "severity": "Medium",
+            "text": "When using Change and Inventory Tracking via Azure Automation Accounts, ensure that you have selected supported regions for linking your Log Analytics workspace and automation accounts together.",
+            "training": "https://learn.microsoft.com/training/modules/explore-azure-automation-devops/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.RecoveryServices/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "eba8cf22-45c6-4dc1-9b57-2cceb3b97ce5",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
+            "service": "Backup",
+            "severity": "Low",
+            "text": "When using Azure Backup, use the correct backup types (GRS, ZRS & LRS) for your backup, as the default setting is GRS.",
+            "training": "https://learn.microsoft.com/training/modules/design-solution-for-backup-disaster-recovery/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "f541acdc-e979-4377-acdb-3751ab2ab13a",
+            "link": "https://learn.microsoft.com/azure/governance/policy/concepts/guest-configuration",
+            "service": "VM",
+            "severity": "Medium",
+            "text": "Use Azure guest policies to automatically deploy software configurations through VM extensions and enforce a compliant baseline VM configuration.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "description": "Use Azure Policy's guest configuration features  to audit and remediate machine settings (e.g., OS, application, environment) to ensure resources align with expected configurations, and Update Management can enforce patch management for VMs.",
+            "guid": "da6e55d7-d8a2-4adb-817d-6326af625ca4",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#monitoring-for-configuration-drift",
+            "service": "VM",
+            "severity": "Medium",
+            "text": "Monitor VM security configuration drift via Azure Policy.",
+            "training": "https://learn.microsoft.com/training/paths/implement-resource-mgmt-security/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "2476e49f-541a-4cdc-b979-377bcdb3751a",
+            "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
+            "service": "VM",
+            "severity": "Medium",
+            "text": "Use Azure Site Recovery for Azure-to-Azure Virtual Machines disaster recovery scenarios. This enables you to replicate workloads across regions.",
+            "training": "https://learn.microsoft.com/training/modules/protect-infrastructure-with-site-recovery/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.RecoveryServices/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "f625ca44-e569-45f2-823a-ce8cb12308ca",
+            "link": "https://learn.microsoft.com/azure/backup/backup-center-overview",
+            "service": "Backup",
+            "severity": "Medium",
+            "text": "Use Azure-native backup capabilities, or an Azure-compatible, 3rd-party backup solution.",
+            "training": "https://learn.microsoft.com/training/modules/design-solution-for-backup-disaster-recovery/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/frontdoorwebApplicationFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "89cc5e11-aa4d-4c3b-893d-feb99215266a",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#add-diagnostic-settings-to-save-your-wafs-logs",
+            "service": "WAF",
+            "severity": "High",
+            "text": "Add diagnostic settings to save WAF logs from application delivery services like Azure Front Door and Azure Application Gateway. Regularly review the logs to check for attacks and for false positive detections.",
+            "training": "https://learn.microsoft.com/training/modules/capture-application-logs-app-service/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/frontdoorwebApplicationFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "7f408960-c626-44cb-a018-347c8d790cdf",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#send-logs-to-microsoft-sentinel",
+            "service": "WAF",
+            "severity": "Medium",
+            "text": "Send WAF logs from your application delivery services like Azure Front Door and Azure Application Gateway to Microsoft Sentinel. Detect attacks and integrate WAF telemetry into your overall Azure environment.",
+            "training": "https://learn.microsoft.com/training/paths/sc-200-connect-logs-to-azure-sentinel/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5017f154-e3ab-4369-9829-e7e316183687",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/overview",
+            "service": "Key Vault",
+            "severity": "High",
+            "text": "Use Azure Key Vault to store your secrets and credentials.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-key-vault/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "ResourceContainers | where type=='microsoft.resources/subscriptions'| parse id with '/subscriptions/' SubscriptionID| project subscriptionId, SubscriptionName = name| join kind=leftouter (Resources| where type == 'microsoft.keyvault/vaults'| project id, name, subscriptionId) on subscriptionId| join kind= leftouter (Resources| where type == 'microsoft.keyvault/vaults'| summarize ResourceCount = count() by subscriptionId) on subscriptionId| extend RCount = iff(isnull(ResourceCount), 0, ResourceCount)| project-away ResourceCount| extend compliant = (RCount <> 1)",
+            "guid": "a0477a20-9945-4bda-9333-4f2491163418",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/overview-throttling",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Use different Azure Key Vaults for different applications and regions to avoid transaction scale limits and restrict access to secrets.",
+            "training": "https://learn.microsoft.com/training/modules/configure-and-manage-azure-key-vault/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "2ba52752-6944-4008-ae7d-7e4843276d8b",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Provision Azure Key Vault with the soft delete and purge policies enabled to allow retention protection for deleted objects.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-key-vault/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "dc055bcf-619e-48a1-9f98-879525d62688",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Follow a least privilege model by limiting authorization to permanently delete keys, secrets, and certificates to specialized custom Microsoft Entra ID roles.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-key-vault/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6d70ba6c-97be-4995-8904-83845c986cb2",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Automate the certificate management and renewal process with public certificate authorities to ease administration.",
+            "training": "https://learn.microsoft.com/en-us/training/modules/configure-and-manage-azure-key-vault/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "913156a1-2476-4e49-b541-acdce979377b",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Establish an automated process for key and certificate rotation.",
+            "training": "https://learn.microsoft.com/training/modules/configure-and-manage-azure-key-vault/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "cdb3751a-b2ab-413a-ba6e-55d7d8a2adb1",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Enable firewall and virtual network service endpoint or private endpoint on the vault to control access to the key vault.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-private-access-to-azure-services/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "17d6326a-f625-4ca4-9e56-95f2223ace8c",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/monitor-key-vault",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Use the platform-central Azure Monitor Log Analytics workspace to audit key, certificate, and secret usage within each instance of Key Vault.",
+            "training": "https://learn.microsoft.com/training/modules/analyze-infrastructure-with-azure-monitor-logs/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b12308ca-5017-4f15-9e3a-b3693829e7e3",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Delegate Key Vault instantiation and privileged access and use Azure Policy to enforce a consistent compliant configuration.",
+            "training": "https://learn.microsoft.com/training/modules/configure-azure-key-vault-networking-settings/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "91163418-2ba5-4275-8694-4008be7d7e48",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Use an Azure Key Vault per application per environment per region.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-key-vault/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "25d62688-6d70-4ba6-a97b-e99519048384",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "If you want to bring your own keys, this might not be supported across all considered services. Implement relevant mitigation so that inconsistencies don't hinder desired outcomes. Choose appropriate region pairs and disaster recovery regions that minimize latency.",
+            "training": "https://learn.microsoft.com/training/modules/configure-and-manage-azure-key-vault/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "4ac6b67c-b3a4-4ff9-8e87-b07a7ce7bbdb",
+            "link": "https://learn.microsoft.com/industry/sovereignty/key-management",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "For Sovereign Landing Zone, use Azure Key Vault managed HSM to store your secrets and credentials.",
+            "training": "https://learn.microsoft.com/training/modules/configure-and-manage-azure-key-vault/",
+            "waf": "Reliability"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "4e5695f2-223a-4ce8-ab12-308ca5017f15",
+            "link": "https://learn.microsoft.com/azure/active-directory/reports-monitoring/overview-reports",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "Use Microsoft Entra ID reporting capabilities to generate access control audit reports.",
+            "training": "https://learn.microsoft.com/training/modules/monitor-report-aad-security-events/",
+            "waf": "Reliability"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "09945bda-4333-44f2-9911-634182ba5275",
+            "link": "https://learn.microsoft.com/azure/defender-for-cloud/concept-cloud-security-posture-management",
+            "service": "Defender",
+            "severity": "High",
+            "text": "Enable Defender Cloud Security Posture Management for all subscriptions.",
+            "training": "https://learn.microsoft.com/training/modules/microsoft-defender-cloud-security-posture/",
+            "waf": "Reliability"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "36a72a48-fffe-4c40-9747-0ab5064355ba",
+            "link": "https://learn.microsoft.com/azure/defender-for-cloud/plan-defender-for-servers-select-plan",
+            "service": "Defender",
+            "severity": "High",
+            "text": "Enable a Defender Cloud Workload Protection Plan for Servers on all subscriptions.",
+            "training": "https://learn.microsoft.com/training/modules/understand-azure-defender-cloud-workload-protection/",
+            "waf": "Reliability"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "77425f48-ecba-43a0-aeac-a3ac733ccc6a",
+            "link": "https://learn.microsoft.com/azure/defender-for-cloud/connect-azure-subscription",
+            "service": "Defender",
+            "severity": "High",
+            "text": "Enable Defender Cloud Workload Protection Plans for Azure Resources on all subscriptions.",
+            "training": "https://learn.microsoft.com/training/modules/understand-azure-defender-cloud-workload-protection/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "24d96b30-61ee-4436-a1cc-d6ef08bc574b",
+            "link": "https://learn.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-protection",
+            "service": "VM",
+            "severity": "High",
+            "text": "Enable Endpoint Protection on IaaS Servers.",
+            "training": "https://learn.microsoft.com/training/modules/design-solutions-securing-server-client-endpoints/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "15833ee7-ad6c-46d3-9331-65c7acbe44ab",
+            "link": "https://learn.microsoft.com/azure/security-center/",
+            "service": "VM",
+            "severity": "Medium",
+            "text": "Monitor base operating system patching drift via Azure Monitor Logs and Defender for Cloud.",
+            "training": "https://learn.microsoft.com/training/modules/create-log-analytics-workspace-microsoft-defender-cloud/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Insights/components",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e5f8d79f-2e87-4768-924c-516775c6ea95",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
+            "service": "Monitor",
+            "severity": "Medium",
+            "text": "Connect default resource configurations to a centralized Azure Monitor Log Analytics workspace.",
+            "training": "https://learn.microsoft.com/training/modules/analyze-infrastructure-with-azure-monitor-logs/",
+            "waf": "Reliability"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1761e147-f65e-4d09-bbc2-f464f23e2eba",
+            "link": "https://learn.microsoft.com/industry/sovereignty/transparency-logs",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "For Sovereign Landing Zone, enable transparancy logs on the Entra ID tenant.",
+            "waf": "Reliability"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d21a922d-5ca7-427a-82a6-35f7b21f1bfc",
+            "link": "https://learn.microsoft.com/azure/security/fundamentals/customer-lockbox-overview",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "For Sovereign Landing Zone, enable customer Lockbox on the Entra ID tenant.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b03ed428-4617-4067-a787-85468b9ccf3f",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer",
+            "service": "Storage",
+            "severity": "High",
+            "text": "Enable secure transfer to storage accounts.",
+            "training": "https://learn.microsoft.com/training/modules/secure-azure-storage-account/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "159aac9f-863f-4f48-82cf-00c28fa97a0e",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/data-protection-overview#recommendations-for-basic-data-protection",
+            "service": "Storage",
+            "severity": "High",
+            "text": "Enable container soft delete for the storage account to recover a deleted container and its contents.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "108d5099-a11d-4445-bd8b-e12a5e95412e",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/development-strategy-development-lifecycle#automated-builds",
+            "service": "Key Vault",
+            "severity": "High",
+            "text": "Use Key Vault secrets to avoid hard-coding sensitive information such as credentials (virtual machines user passwords), certificates or keys.",
+            "training": "https://learn.microsoft.com/en-us/training/modules/implement-azure-key-vault/",
+            "waf": "Operations"
+        },
         {
             "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "Azure API Management Review",
@@ -2476,12 +4230,24 @@
         {
             "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "Azure Storage Review Checklist",
-            "description": "AAD tokens should be favored over shared access signatures, wherever possible",
+            "description": ". Enforcing the latest TLS version will reject request from clients using the older version. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant",
+            "guid": "e12be569-a18f-4562-8d5d-ce151b9e7d55",
+            "link": "https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version",
+            "service": "Storage",
+            "severity": "High",
+            "text": "Enforce the latest TLS version for a storage account",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Microsoft Entra ID tokens should be favored over shared access signatures, wherever possible",
             "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
             "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access",
             "service": "Storage",
             "severity": "High",
-            "text": "Use Azure Active Directory (Azure AD) tokens for blob access",
+            "text": "Use Microsoft Entra ID tokens for blob access",
             "waf": "Reliability"
         },
         {
@@ -2508,12 +4274,13 @@
         {
             "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "Azure Storage Review Checklist",
-            "description": "Storage account keys ('shared keys') have very little audit capabilities. While it can be monitored on who/when fetched a copy of the keys, once the keys are in the hands of multiple people, it is impossible to attribute usage to a specific user. Solely relying on AAD authentication makes it easier to tie storage access to a user. ",
+            "description": "Storage account keys ('shared keys') have very little audit capabilities. While it can be monitored on who/when fetched a copy of the keys, once the keys are in the hands of multiple people, it is impossible to attribute usage to a specific user. Solely relying on Entra ID authentication makes it easier to tie storage access to a user. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant",
             "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
             "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
             "service": "Storage",
             "severity": "High",
-            "text": "Consider disabling storage account keys, so that only AAD access (and user delegation SAS) is supported.",
+            "text": "Consider disabling storage account keys, so that only Microsoft Entra ID access (and user delegation SAS) is supported.",
             "waf": "Reliability"
         },
         {
@@ -2691,11 +4458,12 @@
             "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "Azure Storage Review Checklist",
             "description": "Leverage Resource Graph Explorer (resources | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true) to find storage accounts which allow anonymous blob access.",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant",
             "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
             "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account",
             "service": "Storage",
             "severity": "High",
-            "text": "Consider whether public blob access is needed, or whether it can be disabled for certain storage accounts. ",
+            "text": "Consider whether public blob anonymous access is needed, or whether it can be disabled for certain storage accounts. ",
             "waf": "Reliability"
         },
         {
@@ -24305,7 +26073,7 @@
     ],
     "metadata": {
         "name": "WAF checklist",
-        "timestamp": "August 08, 2024"
+        "timestamp": "August 12, 2024"
     },
     "severities": [
         {
diff --git a/checklists/azure_storage_checklist.en.json b/checklists/azure_storage_checklist.en.json
index 114601702..3d751716f 100644
--- a/checklists/azure_storage_checklist.en.json
+++ b/checklists/azure_storage_checklist.en.json
@@ -1,566 +1,566 @@
 {
-  "items": [
-    {
-      "category": "Security",
-      "subcategory": " Overview",
-      "text": "Consider the 'Azure security baseline for storage'",
-      "description": "Apply guidance from the Microsoft cloud security benchmark related to Storage",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "d237de14-3b16-4c21-b7aa-9b64604489a8",
-      "id": "A01.01",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/storage-security-baseline"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Networking",
-      "text": "Consider using private endpoints for Azure Storage",
-      "description": "Azure Storage by default has a public IP address and is Internet-reachable. Private endpoints allow to securely expose Azure Storage only to those Azure Compute resources that need access, thus eliminating exposure to the public Internet",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "f42d78e7-9d17-4a73-a22a-5a67e7a8ed4b",
-      "id": "A02.01",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/azure/storage/common/storage-private-endpoints"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Governance",
-      "text": "Ensure older storage accounts are not using 'classic deployment model'",
-      "description": "Newly created storage accounts are created using the ARM deployment model, so that RBAC, auditing etc. are all enabled. Ensure that there are no old storage accounts with classic deployment model in a subscription",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "30e37c3e-2971-41b2-963c-eee079b598de",
-      "id": "A03.01",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Governance",
-      "text": "Enable Microsoft Defender for all of your storage accounts",
-      "description": "Leverage Microsoft Defender to learn about suspicious activity and misconfigurations.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "fc5972cd-4cd2-41b0-a803-7f5e6b4bfd3d",
-      "id": "A03.02",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/azure/storage/common/azure-defender-storage-configure"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Data Availability",
-      "text": "Enable 'soft delete' for blobs",
-      "description": "The soft-delete mechanism allows to recover accidentally deleted blobs.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "503547c1-447e-4c66-828a-7100f1ce16dd",
-      "id": "A04.01",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-overview"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Confidentiality",
-      "text": "Disable 'soft delete' for blobs",
-      "description": "Consider selectively disabling 'soft delete' for certain blob containers, for example if the application must ensure that deleted information is immediately deleted, e.g. for confidentiality, privacy or compliance reasons. ",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "3f1d5e87-2e52-4e36-81cc-58b4a4b1510e",
-      "id": "A05.01",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Data Availability",
-      "text": "Enable 'soft delete' for containers",
-      "description": "Soft delete for containers enables you to recover a container after it has been deleted, for example recover from an accidental delete operation.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "43a58a9c-2289-4c3d-9b57-d0c655462f2a",
-      "id": "A06.01",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-overview"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Confidentiality",
-      "text": "Disable 'soft delete' for containers",
-      "description": "Consider selectively disabling 'soft delete' for certain blob containers, for example if the application must ensure that deleted information is immediately deleted, e.g. for confidentiality, privacy or compliance reasons. ",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "3e3453a3-c863-4964-ab65-2d6c15f51296",
-      "id": "A07.01",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Data Availability",
-      "text": "Enable resource locks on storage accounts",
-      "description": "Prevents accidental deletion of a storage account, by forcing the user to first remove the deletion lock, prior to deletion",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "5398e6de-d227-4dd1-92b0-6c21d7999a64",
-      "id": "A08.01",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Data Availability, Compliance",
-      "text": "Consider immutable blobs",
-      "description": "Consider 'legal hold' or 'time-based retention' policies for blobs, so that is is impossible to delete the blob, the container, or the storage account. Please note that 'impossible' actually means 'impossible'; once a storage account contains an immutable blob, the only way to 'get rid' of that storage account is by cancelling the Azure subscription.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "6f4389a8-f42c-478e-98c0-6a73a22a4956",
-      "id": "A09.01",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/azure/storage/blobs/immutable-storage-overview"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Networking",
-      "text": "Require HTTPS, i.e. disable port 80 on the storage account",
-      "description": "Consider disabling unprotected HTTP/80 access to the storage account, so that all data transfers are encrypted, integrity protected, and the server is authenticated. ",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "e7a8dc4a-20e2-47c3-b297-11b1352beee0",
-      "id": "A10.01",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Networking",
-      "text": "When enforcing HTTPS (disabling HTTP), check that you do not use custom domains (CNAME) for the storage account.",
-      "description": "When configuring a custom domain (hostname) on a storage account, check whether you need TLS/HTTPS; if so, you might have to put Azure CDN in front of your storage account.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "79b588de-fc49-472c-b3cd-21bf77036e5e",
-      "id": "A10.02",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/azure/storage/blobs/storage-custom-domain-name"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Networking",
-      "text": "Limit shared access signature (SAS) tokens to HTTPS connections only",
-      "description": "Requiring HTTPS when a client uses a SAS token to access blob data helps to minimize the risk of credential loss.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "6b4bed3d-5035-447c-8347-dc56028a71ff",
-      "id": "A10.03",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Networking",
-      "text": "Enforce the latest TLS version for a storage account",
-      "description": ". Enforcing the latest TLS version will reject request from clients using the older version. ",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "e12be569-a18f-4562-8d5d-ce151b9e7d55",
-      "id": "A10.4",
-      "severity": "High",
-      "graph":"resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant",
-      "link": "https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Identity and Access Management",
-      "text": "Use Microsoft Entra ID tokens for blob access",
-      "description": "Microsoft Entra ID tokens should be favored over shared access signatures, wherever possible",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
-      "id": "A11.01",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Identity and Access Management",
-      "text": "Least privilege in IaM permissions",
-      "description": "When assigning a role to a user, group, or application, grant that security principal only those permissions that are necessary for them to perform their tasks. Limiting access to resources helps prevent both unintentional and malicious misuse of your data.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
-      "id": "A11.02",
-      "severity": "Medium"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Identity and Access Management",
-      "text": "When using SAS, prefer 'user delegation SAS' over storage-account-key based SAS.",
-      "description": "A user delegation SAS is secured with Azure Active Directory (Azure AD) credentials and also by the permissions specified for the SAS. A user delegation SAS is analogous to a service SAS in terms of its scope and function, but offers security benefits over the service SAS. ",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "55461e1a-3e34-453a-9c86-39648b652d6c",
-      "id": "A11.03",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#best-practices-when-using-sas"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Identity and Access Management",
-      "text": "Consider disabling storage account keys, so that only Microsoft Entra ID access (and user delegation SAS) is supported.",
-      "description": "Storage account keys ('shared keys') have very little audit capabilities. While it can be monitored on who/when fetched a copy of the keys, once the keys are in the hands of multiple people, it is impossible to attribute usage to a specific user. Solely relying on Entra ID authentication makes it easier to tie storage access to a user. ",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
-      "id": "A11.04",
-      "severity": "High",
-      "graph":"resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant",
-      "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Monitoring",
-      "text": "Consider using Azure Monitor to audit control plane operations on the storage account",
-      "description": "Use Activity Log data to identify 'when', 'who', 'what' and 'how' the security of your storage account is being viewed or changed (i.e. storage account keys, access policies, etc.).",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "d7999a64-6f43-489a-af42-c78e78c06a73",
-      "id": "A12.01",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Identity and Access Management",
-      "text": "When using storage account keys, consider enabling a 'key expiration policy'",
-      "description": "A key expiration policy enables you to set a reminder for the rotation of the account access keys. The reminder is displayed if the specified interval has elapsed and the keys have not yet been rotated.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "a22a4956-e7a8-4dc4-a20e-27c3e29711b1",
-      "id": "A13.01",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#create-a-key-expiration-policy"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Identity and Access Management",
-      "text": "Consider configuring an SAS expiration policy",
-      "description": "A SAS expiration policy specifies a recommended interval over which the SAS is valid. SAS expiration policies apply to a service SAS or an account SAS. When a user generates service SAS or an account SAS with a validity interval that is larger than the recommended interval, they'll see a warning.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "352beee0-79b5-488d-bfc4-972cd3cd21bf",
-      "id": "A13.02",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/storage/common/sas-expiration-policy"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Identity and Access Management",
-      "text": "Consider linking SAS to a stored access policy",
-      "description": "Stored access policies give you the option to revoke permissions for a service SAS without having to regenerate the storage account keys. ",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
-      "id": "A13.03",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/rest/api/storageservices/define-stored-access-policy"
-    },
-    {
-      "category": "Security",
-      "subcategory": "CI/CD",
-      "text": "Consider configuring your application's source code repository to detect checked-in connection strings and storage account keys.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
-      "id": "A14.01",
-      "severity": "Medium",
-      "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Identity and Access Management",
-      "text": "Consider storing connection strings in Azure KeyVault (in scenarios where managed identities are not possible)",
-      "description": "Ideally, your application should be using a managed identity to authenticate to Azure Storage. If that is not possible, consider having the storage credential (connection string, storage account key, SAS, service principal credential) in Azure KeyVault or an equivalent service.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
-      "id": "A15.01",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-storage-keys"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Identity and Access Management",
-      "text": "Strive for short validity periods for ad-hoc SAS",
-      "description": "Use near-term expiration times on an ad hoc SAS service SAS or account SAS. In this way, even if a SAS is compromised, it's valid only for a short time. This practice is especially important if you cannot reference a stored access policy. Near-term expiration times also limit the amount of data that can be written to a blob by limiting the time available to upload to it.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "27138b82-1102-4cac-9eae-01e6e842e52f",
-      "id": "A15.02",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Identity and Access Management",
-      "text": "Apply a narrow scope to a SAS",
-      "description": "When creating a SAS, be as specific and restrictive as possible. Prefer a SAS for a single resource and operation over a SAS which gives much broader access.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "4721d928-c1b1-4cd5-81e5-4a29a9de399c",
-      "id": "A15.03",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Identity and Access Management",
-      "text": "Consider scoping SAS to a specific client IP address, wherever possible",
-      "description": "A SAS can include parameters on which client IP addresses or address ranges are authorized to request a resource using the SAS. ",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "fd7b28dc-9355-4562-82bf-e4564b0d834a",
-      "id": "A15.04",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/rest/api/storageservices/create-account-sas"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Identity and Access Management",
-      "text": "Consider checking uploaded data, after clients used a SAS to upload a file. ",
-      "description": "A SAS cannot constrain how much data a client uploads; given the pricing model of amount of storage over time, it might make sense to validate whether clients uploaded maliciously large contents.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "348b263e-6dd6-4051-8a36-498f6dbad38e",
-      "id": "A15.05",
-      "severity": "Low"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Identity and Access Management",
-      "text": "SFTP: Limit the amount of 'local users' for SFTP access, and audit whether access is needed over time.",
-      "description": "When accessing blob storage via SFTP using a 'local user account', the 'usual' RBAC controls do not apply. Blob access via NFS or REST might be more restrictive than SFTP access. Unfortunately, as of early 2023, local users are the only form of identity management that is currently supported for the SFTP endpoint",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "ad53cc7c-e1d7-4aaa-a357-1449ab8053d8",
-      "id": "A15.06",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Identity and Access Management",
-      "text": "SFTP: The SFTP endpoint does not support POSIX-like ACLs.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "9f89dc7b-33be-42a1-a27f-7b9e91be1f38",
-      "id": "A15.07",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-known-issues#authentication-and-authorization"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Networking",
-      "text": "Avoid overly broad CORS policies",
-      "description": "Storage supports CORS (Cross-Origin Resource Sharing), i.e. an HTTP feature that enables web apps from a different domain to loosen the same-origin policy. When enabling CORS, keep the CorsRules to the least privilege.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "cef39812-bd46-43cb-aac8-ac199ebb91a3",
-      "id": "A16.01",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Confidentiality and Encryption",
-      "text": "Determine how data at rest should be encrypted. Understand the thread model for data.",
-      "description": "Data at rest is always encrypted server-side, and in addition might be encrypted client-side as well. Server-side encryption might happen using a platform-managed key (default) or customer-managed key. Client-side encryption might happen by either having the client supply an encryption/decryption key on a per-blob basis to Azure storage, or by completely handling encryption on the client-side. thus not relying on Azure Storage at all for confidentiality guarantees.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "3d90cae2-cc88-4137-86f7-c0cbafe61464",
-      "id": "A17.01",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Confidentiality and Encryption",
-      "text": "Determine which/if platform encryption should be used.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "8dd457e9-2713-48b8-8110-2cac6eae01e6",
-      "id": "A17.02",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/storage/common/customer-managed-keys-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&bc=%2Fazure%2Fstorage%2Fblobs%2Fbreadcrumb%2Ftoc.json"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Confidentiality and Encryption",
-      "text": "Determine which/if client-side encryption should be used.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "e842e52f-4721-4d92-ac1b-1cd521e54a29",
-      "id": "A17.03",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/storage/blobs/encryption-customer-provided-keys"
-    },
-    {
-      "category": "Security",
-      "subcategory": "Identity and Access Management",
-      "text": "Consider whether public blob anonymous access is needed, or whether it can be disabled for certain storage accounts. ",
-      "description": "Leverage Resource Graph Explorer (resources | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true) to find storage accounts which allow anonymous blob access.",
-      "waf": "Security",
-      "service": "Azure Storage",
-      "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
-      "id": "A18.01",
-      "severity": "High",
-      "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant",
-      "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account"
-    },
-    {
-      "category": "Operations Management",
-      "subcategory": "Platform Version",
-      "text": "Leverage a storagev2 account type for better performance and reliability",
-      "waf": "Reliability",
-      "service": "Azure Storage",
-      "guid": "cb8eb8c0-aa62-4a25-a495-6eaa8dc4a243",
-      "id": "B01.01",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/azure/storage/common/storage-account-upgrade?tabs=azure-portal"
-    },
-    {
-      "category": "BC and DR",
-      "subcategory": "Availablity",
-      "text": "Leverage GRS, ZRS or GZRS storage for the highest availability",
-      "waf": "Reliability",
-      "service": "Azure Storage",
-      "guid": "e05bbe20-9d49-4fda-9777-8424d116785c",
-      "id": "C01.01",
-      "severity": "High",
-      "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy"
-    },
-    {
-      "category": "BC and DR",
-      "subcategory": "Failover",
-      "text": "For write operation after failover, use customer-Managed Failover ",
-      "waf": "Reliability",
-      "service": "Azure Storage",
-      "guid": "2fa56c56-ad48-4408-be72-734c486ba280",
-      "id": "C01.02",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance"
-    },
-    {
-      "category": "Operations Management",
-      "subcategory": "Failover",
-      "text": "Understand Microsoft-Managed Failover details",
-      "waf": "Reliability",
-      "service": "Azure Storage",
-      "guid": "dc0590cf-65de-48e1-909c-cbd579266bcc",
-      "id": "C01.03",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance#microsoft-managed-failover"
-    },
-    {
-      "category": "Operations Management",
-      "subcategory": "Data Protection",
-      "text": "Enable Soft Delete",
-      "waf": "Reliability",
-      "service": "Azure Storage",
-      "guid": "a274faa1-abfe-49d5-9d04-c3c4919cb1b3",
-      "id": "C01.04",
-      "severity": "Medium",
-      "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable?tabs=azure-portal"
+    "items": [
+        {
+            "category": "Security",
+            "subcategory": " Overview",
+            "text": "Consider the 'Azure security baseline for storage'",
+            "description": "Apply guidance from the Microsoft cloud security benchmark related to Storage",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "d237de14-3b16-4c21-b7aa-9b64604489a8",
+            "id": "A01.01",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/storage-security-baseline"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Networking",
+            "text": "Consider using private endpoints for Azure Storage",
+            "description": "Azure Storage by default has a public IP address and is Internet-reachable. Private endpoints allow to securely expose Azure Storage only to those Azure Compute resources that need access, thus eliminating exposure to the public Internet",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "f42d78e7-9d17-4a73-a22a-5a67e7a8ed4b",
+            "id": "A02.01",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-private-endpoints"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Governance",
+            "text": "Ensure older storage accounts are not using 'classic deployment model'",
+            "description": "Newly created storage accounts are created using the ARM deployment model, so that RBAC, auditing etc. are all enabled. Ensure that there are no old storage accounts with classic deployment model in a subscription",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "30e37c3e-2971-41b2-963c-eee079b598de",
+            "id": "A03.01",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Governance",
+            "text": "Enable Microsoft Defender for all of your storage accounts",
+            "description": "Leverage Microsoft Defender to learn about suspicious activity and misconfigurations.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "fc5972cd-4cd2-41b0-a803-7f5e6b4bfd3d",
+            "id": "A03.02",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/azure/storage/common/azure-defender-storage-configure"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Data Availability",
+            "text": "Enable 'soft delete' for blobs",
+            "description": "The soft-delete mechanism allows to recover accidentally deleted blobs.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "503547c1-447e-4c66-828a-7100f1ce16dd",
+            "id": "A04.01",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-overview"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Confidentiality",
+            "text": "Disable 'soft delete' for blobs",
+            "description": "Consider selectively disabling 'soft delete' for certain blob containers, for example if the application must ensure that deleted information is immediately deleted, e.g. for confidentiality, privacy or compliance reasons. ",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "3f1d5e87-2e52-4e36-81cc-58b4a4b1510e",
+            "id": "A05.01",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Data Availability",
+            "text": "Enable 'soft delete' for containers",
+            "description": "Soft delete for containers enables you to recover a container after it has been deleted, for example recover from an accidental delete operation.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "43a58a9c-2289-4c3d-9b57-d0c655462f2a",
+            "id": "A06.01",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-overview"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Confidentiality",
+            "text": "Disable 'soft delete' for containers",
+            "description": "Consider selectively disabling 'soft delete' for certain blob containers, for example if the application must ensure that deleted information is immediately deleted, e.g. for confidentiality, privacy or compliance reasons. ",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "3e3453a3-c863-4964-ab65-2d6c15f51296",
+            "id": "A07.01",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Data Availability",
+            "text": "Enable resource locks on storage accounts",
+            "description": "Prevents accidental deletion of a storage account, by forcing the user to first remove the deletion lock, prior to deletion",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "5398e6de-d227-4dd1-92b0-6c21d7999a64",
+            "id": "A08.01",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Data Availability, Compliance",
+            "text": "Consider immutable blobs",
+            "description": "Consider 'legal hold' or 'time-based retention' policies for blobs, so that is is impossible to delete the blob, the container, or the storage account. Please note that 'impossible' actually means 'impossible'; once a storage account contains an immutable blob, the only way to 'get rid' of that storage account is by cancelling the Azure subscription.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "6f4389a8-f42c-478e-98c0-6a73a22a4956",
+            "id": "A09.01",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/immutable-storage-overview"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Networking",
+            "text": "Require HTTPS, i.e. disable port 80 on the storage account",
+            "description": "Consider disabling unprotected HTTP/80 access to the storage account, so that all data transfers are encrypted, integrity protected, and the server is authenticated. ",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "e7a8dc4a-20e2-47c3-b297-11b1352beee0",
+            "id": "A10.01",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Networking",
+            "text": "When enforcing HTTPS (disabling HTTP), check that you do not use custom domains (CNAME) for the storage account.",
+            "description": "When configuring a custom domain (hostname) on a storage account, check whether you need TLS/HTTPS; if so, you might have to put Azure CDN in front of your storage account.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "79b588de-fc49-472c-b3cd-21bf77036e5e",
+            "id": "A10.02",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/storage-custom-domain-name"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Networking",
+            "text": "Limit shared access signature (SAS) tokens to HTTPS connections only",
+            "description": "Requiring HTTPS when a client uses a SAS token to access blob data helps to minimize the risk of credential loss.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "6b4bed3d-5035-447c-8347-dc56028a71ff",
+            "id": "A10.03",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Networking",
+            "text": "Enforce the latest TLS version for a storage account",
+            "description": ". Enforcing the latest TLS version will reject request from clients using the older version. ",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "e12be569-a18f-4562-8d5d-ce151b9e7d55",
+            "id": "A10.4",
+            "severity": "High",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant",
+            "link": "https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Identity and Access Management",
+            "text": "Use Microsoft Entra ID tokens for blob access",
+            "description": "Microsoft Entra ID tokens should be favored over shared access signatures, wherever possible",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
+            "id": "A11.01",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Identity and Access Management",
+            "text": "Least privilege in IaM permissions",
+            "description": "When assigning a role to a user, group, or application, grant that security principal only those permissions that are necessary for them to perform their tasks. Limiting access to resources helps prevent both unintentional and malicious misuse of your data.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
+            "id": "A11.02",
+            "severity": "Medium"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Identity and Access Management",
+            "text": "When using SAS, prefer 'user delegation SAS' over storage-account-key based SAS.",
+            "description": "A user delegation SAS is secured with Azure Active Directory (Azure AD) credentials and also by the permissions specified for the SAS. A user delegation SAS is analogous to a service SAS in terms of its scope and function, but offers security benefits over the service SAS. ",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "55461e1a-3e34-453a-9c86-39648b652d6c",
+            "id": "A11.03",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#best-practices-when-using-sas"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Identity and Access Management",
+            "text": "Consider disabling storage account keys, so that only Microsoft Entra ID access (and user delegation SAS) is supported.",
+            "description": "Storage account keys ('shared keys') have very little audit capabilities. While it can be monitored on who/when fetched a copy of the keys, once the keys are in the hands of multiple people, it is impossible to attribute usage to a specific user. Solely relying on Entra ID authentication makes it easier to tie storage access to a user. ",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
+            "id": "A11.04",
+            "severity": "High",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Monitoring",
+            "text": "Consider using Azure Monitor to audit control plane operations on the storage account",
+            "description": "Use Activity Log data to identify 'when', 'who', 'what' and 'how' the security of your storage account is being viewed or changed (i.e. storage account keys, access policies, etc.).",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "d7999a64-6f43-489a-af42-c78e78c06a73",
+            "id": "A12.01",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Identity and Access Management",
+            "text": "When using storage account keys, consider enabling a 'key expiration policy'",
+            "description": "A key expiration policy enables you to set a reminder for the rotation of the account access keys. The reminder is displayed if the specified interval has elapsed and the keys have not yet been rotated.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "a22a4956-e7a8-4dc4-a20e-27c3e29711b1",
+            "id": "A13.01",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#create-a-key-expiration-policy"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Identity and Access Management",
+            "text": "Consider configuring an SAS expiration policy",
+            "description": "A SAS expiration policy specifies a recommended interval over which the SAS is valid. SAS expiration policies apply to a service SAS or an account SAS. When a user generates service SAS or an account SAS with a validity interval that is larger than the recommended interval, they'll see a warning.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "352beee0-79b5-488d-bfc4-972cd3cd21bf",
+            "id": "A13.02",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/storage/common/sas-expiration-policy"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Identity and Access Management",
+            "text": "Consider linking SAS to a stored access policy",
+            "description": "Stored access policies give you the option to revoke permissions for a service SAS without having to regenerate the storage account keys. ",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
+            "id": "A13.03",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/define-stored-access-policy"
+        },
+        {
+            "category": "Security",
+            "subcategory": "CI/CD",
+            "text": "Consider configuring your application's source code repository to detect checked-in connection strings and storage account keys.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
+            "id": "A14.01",
+            "severity": "Medium",
+            "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Identity and Access Management",
+            "text": "Consider storing connection strings in Azure KeyVault (in scenarios where managed identities are not possible)",
+            "description": "Ideally, your application should be using a managed identity to authenticate to Azure Storage. If that is not possible, consider having the storage credential (connection string, storage account key, SAS, service principal credential) in Azure KeyVault or an equivalent service.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
+            "id": "A15.01",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-storage-keys"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Identity and Access Management",
+            "text": "Strive for short validity periods for ad-hoc SAS",
+            "description": "Use near-term expiration times on an ad hoc SAS service SAS or account SAS. In this way, even if a SAS is compromised, it's valid only for a short time. This practice is especially important if you cannot reference a stored access policy. Near-term expiration times also limit the amount of data that can be written to a blob by limiting the time available to upload to it.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "27138b82-1102-4cac-9eae-01e6e842e52f",
+            "id": "A15.02",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Identity and Access Management",
+            "text": "Apply a narrow scope to a SAS",
+            "description": "When creating a SAS, be as specific and restrictive as possible. Prefer a SAS for a single resource and operation over a SAS which gives much broader access.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "4721d928-c1b1-4cd5-81e5-4a29a9de399c",
+            "id": "A15.03",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Identity and Access Management",
+            "text": "Consider scoping SAS to a specific client IP address, wherever possible",
+            "description": "A SAS can include parameters on which client IP addresses or address ranges are authorized to request a resource using the SAS. ",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "fd7b28dc-9355-4562-82bf-e4564b0d834a",
+            "id": "A15.04",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/create-account-sas"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Identity and Access Management",
+            "text": "Consider checking uploaded data, after clients used a SAS to upload a file. ",
+            "description": "A SAS cannot constrain how much data a client uploads; given the pricing model of amount of storage over time, it might make sense to validate whether clients uploaded maliciously large contents.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "348b263e-6dd6-4051-8a36-498f6dbad38e",
+            "id": "A15.05",
+            "severity": "Low"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Identity and Access Management",
+            "text": "SFTP: Limit the amount of 'local users' for SFTP access, and audit whether access is needed over time.",
+            "description": "When accessing blob storage via SFTP using a 'local user account', the 'usual' RBAC controls do not apply. Blob access via NFS or REST might be more restrictive than SFTP access. Unfortunately, as of early 2023, local users are the only form of identity management that is currently supported for the SFTP endpoint",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "ad53cc7c-e1d7-4aaa-a357-1449ab8053d8",
+            "id": "A15.06",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Identity and Access Management",
+            "text": "SFTP: The SFTP endpoint does not support POSIX-like ACLs.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "9f89dc7b-33be-42a1-a27f-7b9e91be1f38",
+            "id": "A15.07",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-known-issues#authentication-and-authorization"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Networking",
+            "text": "Avoid overly broad CORS policies",
+            "description": "Storage supports CORS (Cross-Origin Resource Sharing), i.e. an HTTP feature that enables web apps from a different domain to loosen the same-origin policy. When enabling CORS, keep the CorsRules to the least privilege.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "cef39812-bd46-43cb-aac8-ac199ebb91a3",
+            "id": "A16.01",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Confidentiality and Encryption",
+            "text": "Determine how data at rest should be encrypted. Understand the thread model for data.",
+            "description": "Data at rest is always encrypted server-side, and in addition might be encrypted client-side as well. Server-side encryption might happen using a platform-managed key (default) or customer-managed key. Client-side encryption might happen by either having the client supply an encryption/decryption key on a per-blob basis to Azure storage, or by completely handling encryption on the client-side. thus not relying on Azure Storage at all for confidentiality guarantees.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "3d90cae2-cc88-4137-86f7-c0cbafe61464",
+            "id": "A17.01",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Confidentiality and Encryption",
+            "text": "Determine which/if platform encryption should be used.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "8dd457e9-2713-48b8-8110-2cac6eae01e6",
+            "id": "A17.02",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/storage/common/customer-managed-keys-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&bc=%2Fazure%2Fstorage%2Fblobs%2Fbreadcrumb%2Ftoc.json"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Confidentiality and Encryption",
+            "text": "Determine which/if client-side encryption should be used.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "e842e52f-4721-4d92-ac1b-1cd521e54a29",
+            "id": "A17.03",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/encryption-customer-provided-keys"
+        },
+        {
+            "category": "Security",
+            "subcategory": "Identity and Access Management",
+            "text": "Consider whether public blob anonymous access is needed, or whether it can be disabled for certain storage accounts. ",
+            "description": "Leverage Resource Graph Explorer (resources | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true) to find storage accounts which allow anonymous blob access.",
+            "waf": "Security",
+            "service": "Azure Storage",
+            "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
+            "id": "A18.01",
+            "severity": "High",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account"
+        },
+        {
+            "category": "Operations Management",
+            "subcategory": "Platform Version",
+            "text": "Leverage a storagev2 account type for better performance and reliability",
+            "waf": "Reliability",
+            "service": "Azure Storage",
+            "guid": "cb8eb8c0-aa62-4a25-a495-6eaa8dc4a243",
+            "id": "B01.01",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-upgrade?tabs=azure-portal"
+        },
+        {
+            "category": "BC and DR",
+            "subcategory": "Availablity",
+            "text": "Leverage GRS, ZRS or GZRS storage for the highest availability",
+            "waf": "Reliability",
+            "service": "Azure Storage",
+            "guid": "e05bbe20-9d49-4fda-9777-8424d116785c",
+            "id": "C01.01",
+            "severity": "High",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy"
+        },
+        {
+            "category": "BC and DR",
+            "subcategory": "Failover",
+            "text": "For write operation after failover, use customer-Managed Failover ",
+            "waf": "Reliability",
+            "service": "Azure Storage",
+            "guid": "2fa56c56-ad48-4408-be72-734c486ba280",
+            "id": "C01.02",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance"
+        },
+        {
+            "category": "Operations Management",
+            "subcategory": "Failover",
+            "text": "Understand Microsoft-Managed Failover details",
+            "waf": "Reliability",
+            "service": "Azure Storage",
+            "guid": "dc0590cf-65de-48e1-909c-cbd579266bcc",
+            "id": "C01.03",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance#microsoft-managed-failover"
+        },
+        {
+            "category": "Operations Management",
+            "subcategory": "Data Protection",
+            "text": "Enable Soft Delete",
+            "waf": "Reliability",
+            "service": "Azure Storage",
+            "guid": "a274faa1-abfe-49d5-9d04-c3c4919cb1b3",
+            "id": "C01.04",
+            "severity": "Medium",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable?tabs=azure-portal"
+        }
+    ],
+    "categories": [
+        {
+            "name": "Identity and Access Management"
+        },
+        {
+            "name": "Network Topology and Connectivity"
+        },
+        {
+            "name": "BC and DR"
+        },
+        {
+            "name": "Governance and Security"
+        },
+        {
+            "name": "Cost Governance"
+        },
+        {
+            "name": "Operations Management"
+        },
+        {
+            "name": "Application Deployment"
+        },
+        {
+            "name": "Security"
+        }
+    ],
+    "waf": [
+        {
+            "name": "Reliability"
+        },
+        {
+            "name": "Security"
+        },
+        {
+            "name": "Cost"
+        },
+        {
+            "name": "Operations"
+        },
+        {
+            "name": "Performance"
+        }
+    ],
+    "yesno": [
+        {
+            "name": "Yes"
+        },
+        {
+            "name": "No"
+        }
+    ],
+    "status": [
+        {
+            "name": "Not verified",
+            "description": "This check has not been looked at yet"
+        },
+        {
+            "name": "Open",
+            "description": "There is an action item associated to this check"
+        },
+        {
+            "name": "Fulfilled",
+            "description": "This check has been verified, and there are no further action items associated to it"
+        },
+        {
+            "name": "Not required",
+            "description": "Recommendation understood, but not needed by current requirements"
+        },
+        {
+            "name": "N/A",
+            "description": "Not applicable for current design"
+        }
+    ],
+    "severities": [
+        {
+            "name": "High"
+        },
+        {
+            "name": "Medium"
+        },
+        {
+            "name": "Low"
+        }
+    ],
+    "metadata": {
+        "name": "Azure Storage Review Checklist",
+        "state": "Preview",
+        "waf": "all",
+        "timestamp": "August 12, 2024"
     }
-  ],
-  "categories": [
-    {
-      "name": "Identity and Access Management"
-    },
-    {
-      "name": "Network Topology and Connectivity"
-    },
-    {
-      "name": "BC and DR"
-    },
-    {
-      "name": "Governance and Security"
-    },
-    {
-      "name": "Cost Governance"
-    },
-    {
-      "name": "Operations Management"
-    },
-    {
-      "name": "Application Deployment"
-    },
-    {
-      "name": "Security"
-    }
-  ],
-  "waf": [
-    {
-      "name": "Reliability"
-    },
-    {
-      "name": "Security"
-    },
-    {
-      "name": "Cost"
-    },
-    {
-      "name": "Operations"
-    },
-    {
-      "name": "Performance"
-    }
-  ],
-  "yesno": [
-    {
-      "name": "Yes"
-    },
-    {
-      "name": "No"
-    }
-  ],
-  "status": [
-    {
-      "name": "Not verified",
-      "description": "This check has not been looked at yet"
-    },
-    {
-      "name": "Open",
-      "description": "There is an action item associated to this check"
-    },
-    {
-      "name": "Fulfilled",
-      "description": "This check has been verified, and there are no further action items associated to it"
-    },
-    {
-      "name": "Not required",
-      "description": "Recommendation understood, but not needed by current requirements"
-    },
-    {
-      "name": "N/A",
-      "description": "Not applicable for current design"
-    }
-  ],
-  "severities": [
-    {
-      "name": "High"
-    },
-    {
-      "name": "Medium"
-    },
-    {
-      "name": "Low"
-    }
-  ],
-  "metadata": {
-    "name": "Azure Storage Review Checklist",
-    "state": "Preview",
-    "waf": "all",
-    "timestamp": "April 19, 2024"
-  }
-}
+}
\ No newline at end of file
diff --git a/checklists/azure_storage_checklist.es.json b/checklists/azure_storage_checklist.es.json
new file mode 100644
index 000000000..b0c270576
--- /dev/null
+++ b/checklists/azure_storage_checklist.es.json
@@ -0,0 +1,566 @@
+{
+    "categories": [
+        {
+            "name": "Gestión de identidades y accesos"
+        },
+        {
+            "name": "Topología de red y conectividad"
+        },
+        {
+            "name": "BC y RD"
+        },
+        {
+            "name": "Gobernanza y seguridad"
+        },
+        {
+            "name": "Gobernanza de costos"
+        },
+        {
+            "name": "Gestión de Operaciones"
+        },
+        {
+            "name": "Implementación de aplicaciones"
+        },
+        {
+            "name": "Seguridad"
+        }
+    ],
+    "items": [
+        {
+            "category": "Seguridad",
+            "description": "Aplicación de las instrucciones del banco de pruebas de seguridad en la nube de Microsoft relacionadas con el almacenamiento",
+            "guid": "d237de14-3b16-4c21-b7aa-9b64604489a8",
+            "id": "A01.01",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/storage-security-baseline",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": " Visión general",
+            "text": "Tenga en cuenta la \"Línea base de seguridad de Azure para el almacenamiento\"",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "De forma predeterminada, Azure Storage tiene una dirección IP pública y es accesible desde Internet. Los puntos de conexión privados permiten exponer de forma segura Azure Storage solo a los recursos de Azure Compute que necesitan acceso, lo que elimina la exposición a la Internet pública",
+            "guid": "f42d78e7-9d17-4a73-a22a-5a67e7a8ed4b",
+            "id": "A02.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-private-endpoints",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gestión de redes",
+            "text": "Considere la posibilidad de usar puntos de conexión privados para Azure Storage",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Las cuentas de almacenamiento recién creadas se crean mediante el modelo de implementación de ARM, de modo que RBAC, etcétera de auditoría, estén habilitados. Asegúrese de que no haya cuentas de almacenamiento antiguas con el modelo de implementación clásico en una suscripción",
+            "guid": "30e37c3e-2971-41b2-963c-eee079b598de",
+            "id": "A03.01",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Gobernanza",
+            "text": "Asegúrese de que las cuentas de almacenamiento más antiguas no usen el \"modelo de implementación clásica\"",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Aproveche Microsoft Defender para obtener información sobre actividades sospechosas y configuraciones incorrectas.",
+            "guid": "fc5972cd-4cd2-41b0-a803-7f5e6b4bfd3d",
+            "id": "A03.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/azure-defender-storage-configure",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gobernanza",
+            "text": "Habilitación de Microsoft Defender para todas las cuentas de almacenamiento",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "El mecanismo de eliminación temporal permite recuperar blobs eliminados accidentalmente.",
+            "guid": "503547c1-447e-4c66-828a-7100f1ce16dd",
+            "id": "A04.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-overview",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Disponibilidad de datos",
+            "text": "Habilitación de la \"eliminación temporal\" para blobs",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Considere la posibilidad de deshabilitar selectivamente la \"eliminación temporal\" para determinados contenedores de blobs, por ejemplo, si la aplicación debe asegurarse de que la información eliminada se elimine inmediatamente, por ejemplo, por motivos de confidencialidad, privacidad o cumplimiento. ",
+            "guid": "3f1d5e87-2e52-4e36-81cc-58b4a4b1510e",
+            "id": "A05.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Confidencialidad",
+            "text": "Deshabilitación de la \"eliminación temporal\" para blobs",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "La eliminación temporal de contenedores permite recuperar un contenedor después de que se haya eliminado, por ejemplo, recuperarse de una operación de eliminación accidental.",
+            "guid": "43a58a9c-2289-4c3d-9b57-d0c655462f2a",
+            "id": "A06.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-overview",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Disponibilidad de datos",
+            "text": "Habilitación de la \"eliminación temporal\" para contenedores",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Considere la posibilidad de deshabilitar selectivamente la \"eliminación temporal\" para determinados contenedores de blobs, por ejemplo, si la aplicación debe asegurarse de que la información eliminada se elimine inmediatamente, por ejemplo, por motivos de confidencialidad, privacidad o cumplimiento. ",
+            "guid": "3e3453a3-c863-4964-ab65-2d6c15f51296",
+            "id": "A07.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Confidencialidad",
+            "text": "Deshabilitar la \"eliminación temporal\" para contenedores",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Evita la eliminación accidental de una cuenta de almacenamiento, obligando al usuario a quitar primero el bloqueo de eliminación, antes de la eliminación",
+            "guid": "5398e6de-d227-4dd1-92b0-6c21d7999a64",
+            "id": "A08.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Disponibilidad de datos",
+            "text": "Habilitación de bloqueos de recursos en cuentas de almacenamiento",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Considere la posibilidad de aplicar directivas de \"retención legal\" o \"retención basada en tiempo\" para los blobs, de modo que sea imposible eliminar el blob, el contenedor o la cuenta de almacenamiento. Tenga en cuenta que 'imposible' en realidad significa 'imposible'; una vez que una cuenta de almacenamiento contiene un blob inmutable, la única manera de \"deshacerse\" de esa cuenta de almacenamiento es cancelando la suscripción de Azure.",
+            "guid": "6f4389a8-f42c-478e-98c0-6a73a22a4956",
+            "id": "A09.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/immutable-storage-overview",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Disponibilidad de datos, cumplimiento",
+            "text": "Considere la posibilidad de blobs inmutables",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Considere la posibilidad de deshabilitar el acceso HTTP/80 no protegido a la cuenta de almacenamiento, de modo que todas las transferencias de datos estén cifradas, protegidas contra la integridad y el servidor esté autenticado. ",
+            "guid": "e7a8dc4a-20e2-47c3-b297-11b1352beee0",
+            "id": "A10.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gestión de redes",
+            "text": "Requerir HTTPS, es decir, deshabilitar el puerto 80 en la cuenta de almacenamiento",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Al configurar un dominio personalizado (nombre de host) en una cuenta de almacenamiento, compruebe si necesita TLS/HTTPS; si es así, es posible que tenga que colocar Azure CDN delante de la cuenta de almacenamiento.",
+            "guid": "79b588de-fc49-472c-b3cd-21bf77036e5e",
+            "id": "A10.02",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/storage-custom-domain-name",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gestión de redes",
+            "text": "Al aplicar HTTPS (deshabilitar HTTP), compruebe que no usa dominios personalizados (CNAME) para la cuenta de almacenamiento.",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Requerir HTTPS cuando un cliente usa un token de SAS para acceder a los datos de blob ayuda a minimizar el riesgo de pérdida de credenciales.",
+            "guid": "6b4bed3d-5035-447c-8347-dc56028a71ff",
+            "id": "A10.03",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Gestión de redes",
+            "text": "Limitar los tokens de firma de acceso compartido (SAS) solo a las conexiones HTTPS",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": ". Al aplicar la versión más reciente de TLS, se rechazarán las solicitudes de los clientes que utilicen la versión anterior. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant",
+            "guid": "e12be569-a18f-4562-8d5d-ce151b9e7d55",
+            "id": "A10.4",
+            "link": "https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gestión de redes",
+            "text": "Aplicación de la versión más reciente de TLS para una cuenta de almacenamiento",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Los tokens de identificador de Microsoft Entra deben favorecerse sobre las firmas de acceso compartido, siempre que sea posible",
+            "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
+            "id": "A11.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gestión de identidades y accesos",
+            "text": "Uso de tokens de identificador de Microsoft Entra para el acceso a blobs",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Al asignar un rol a un usuario, grupo o aplicación, conceda a esa entidad de seguridad solo los permisos necesarios para que pueda realizar sus tareas. Limitar el acceso a los recursos ayuda a evitar el uso indebido no intencionado y malintencionado de los datos.",
+            "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
+            "id": "A11.02",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Gestión de identidades y accesos",
+            "text": "Privilegio mínimo en los permisos de IaM",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Una SAS de delegación de usuarios está protegida con credenciales de Azure Active Directory (Azure AD) y también con los permisos especificados para la SAS. Una SAS de delegación de usuarios es análoga a una SAS de servicio en cuanto a su ámbito y función, pero ofrece ventajas de seguridad con respecto a la SAS de servicio. ",
+            "guid": "55461e1a-3e34-453a-9c86-39648b652d6c",
+            "id": "A11.03",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#best-practices-when-using-sas",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gestión de identidades y accesos",
+            "text": "Al usar SAS, prefiera \"SAS de delegación de usuarios\" en lugar de SAS basada en clave de cuenta de almacenamiento.",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Las claves de la cuenta de almacenamiento ('claves compartidas') tienen muy pocas capacidades de auditoría. Si bien se puede monitorear quién o cuándo obtuvo una copia de las claves, una vez que las claves están en manos de varias personas, es imposible atribuir el uso a un usuario específico. Confiar únicamente en la autenticación de ID de Entra facilita la vinculación del acceso al almacenamiento de un usuario. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant",
+            "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
+            "id": "A11.04",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gestión de identidades y accesos",
+            "text": "Considere la posibilidad de deshabilitar las claves de la cuenta de almacenamiento, de modo que solo se admita el acceso a Microsoft Entra ID (y SAS de delegación de usuarios).",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Utilice los datos del registro de actividad para identificar \"cuándo\", \"quién\", \"qué\" y \"cómo\" se está viendo o cambiando la seguridad de la cuenta de almacenamiento (es decir, claves de cuenta de almacenamiento, directivas de acceso, etcétera).",
+            "guid": "d7999a64-6f43-489a-af42-c78e78c06a73",
+            "id": "A12.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Monitorización",
+            "text": "Considere la posibilidad de usar Azure Monitor para auditar las operaciones del plano de control en la cuenta de almacenamiento",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Una política de caducidad de claves le permite establecer un recordatorio para la rotación de las claves de acceso de la cuenta. El recordatorio se muestra si ha transcurrido el intervalo especificado y las teclas aún no se han girado.",
+            "guid": "a22a4956-e7a8-4dc4-a20e-27c3e29711b1",
+            "id": "A13.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#create-a-key-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Gestión de identidades y accesos",
+            "text": "Al usar claves de cuenta de almacenamiento, considere la posibilidad de habilitar una \"directiva de expiración de claves\"",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Una directiva de expiración de SAS especifica un intervalo recomendado durante el cual la SAS es válida. Las directivas de caducidad de SAS se aplican a una SAS de servicio o a una SAS de cuenta. Cuando un usuario genera una SAS de servicio o una SAS de cuenta con un intervalo de validez mayor que el intervalo recomendado, verá una advertencia.",
+            "guid": "352beee0-79b5-488d-bfc4-972cd3cd21bf",
+            "id": "A13.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/sas-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Gestión de identidades y accesos",
+            "text": "Considere la posibilidad de configurar una directiva de expiración de SAS",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Las directivas de acceso almacenadas ofrecen la opción de revocar los permisos de una SAS de servicio sin tener que volver a generar las claves de la cuenta de almacenamiento. ",
+            "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
+            "id": "A13.03",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/define-stored-access-policy",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Gestión de identidades y accesos",
+            "text": "Considere la posibilidad de vincular SAS a una directiva de acceso almacenada",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
+            "id": "A14.01",
+            "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "CI/CD",
+            "text": "Considere la posibilidad de configurar el repositorio de código fuente de la aplicación para detectar cadenas de conexión protegidas y claves de cuenta de almacenamiento.",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Lo ideal es que la aplicación use una identidad administrada para autenticarse en Azure Storage. Si eso no es posible, considere la posibilidad de tener la credencial de almacenamiento (cadena de conexión, clave de cuenta de almacenamiento, SAS, credencial de entidad de servicio) en Azure KeyVault o un servicio equivalente.",
+            "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
+            "id": "A15.01",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-storage-keys",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gestión de identidades y accesos",
+            "text": "Considere la posibilidad de almacenar cadenas de conexión en Azure KeyVault (en escenarios en los que las identidades administradas no son posibles)",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Utilice los tiempos de caducidad a corto plazo en una SAS de servicio SAS ad hoc o en una SAS de cuenta. De esta manera, incluso si una SAS se ve comprometida, solo es válida durante un corto período de tiempo. Esta práctica es especialmente importante si no puede hacer referencia a una política de acceso almacenada. Los tiempos de expiración a corto plazo también limitan la cantidad de datos que se pueden escribir en un blob al limitar el tiempo disponible para cargarlos en él.",
+            "guid": "27138b82-1102-4cac-9eae-01e6e842e52f",
+            "id": "A15.02",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gestión de identidades y accesos",
+            "text": "Esfuércese por períodos de validez cortos para SAS ad-hoc",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Al crear una SAS, sea lo más específico y restrictivo posible. Prefiera una SAS para un solo recurso y operación en lugar de una SAS que proporciona un acceso mucho más amplio.",
+            "guid": "4721d928-c1b1-4cd5-81e5-4a29a9de399c",
+            "id": "A15.03",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Gestión de identidades y accesos",
+            "text": "Aplicación de un ámbito limitado a una SAS",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Una SAS puede incluir parámetros sobre las direcciones IP de cliente o los intervalos de direcciones que están autorizados a solicitar un recurso mediante la SAS. ",
+            "guid": "fd7b28dc-9355-4562-82bf-e4564b0d834a",
+            "id": "A15.04",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/create-account-sas",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Gestión de identidades y accesos",
+            "text": "Considere la posibilidad de definir el ámbito de SAS a una dirección IP de cliente específica, siempre que sea posible",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Una SAS no puede restringir la cantidad de datos que carga un cliente; Dado el modelo de precios de la cantidad de almacenamiento a lo largo del tiempo, podría tener sentido validar si los clientes cargaron contenidos malintencionados de gran tamaño.",
+            "guid": "348b263e-6dd6-4051-8a36-498f6dbad38e",
+            "id": "A15.05",
+            "service": "Azure Storage",
+            "severity": "Bajo",
+            "subcategory": "Gestión de identidades y accesos",
+            "text": "Considere la posibilidad de comprobar los datos cargados, después de que los clientes hayan utilizado una SAS para cargar un archivo. ",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Al acceder al almacenamiento de blobs a través de SFTP mediante una \"cuenta de usuario local\", no se aplican los controles RBAC \"habituales\". El acceso a blobs a través de NFS o REST puede ser más restrictivo que el acceso SFTP. Desafortunadamente, a partir de principios de 2023, los usuarios locales son la única forma de administración de identidades que actualmente es compatible con el punto de conexión SFTP",
+            "guid": "ad53cc7c-e1d7-4aaa-a357-1449ab8053d8",
+            "id": "A15.06",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gestión de identidades y accesos",
+            "text": "SFTP: Limite la cantidad de \"usuarios locales\" para el acceso SFTP y audite si el acceso es necesario a lo largo del tiempo.",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "guid": "9f89dc7b-33be-42a1-a27f-7b9e91be1f38",
+            "id": "A15.07",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-known-issues#authentication-and-authorization",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Gestión de identidades y accesos",
+            "text": "SFTP: El punto de conexión SFTP no admite ACL similares a POSIX.",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "El almacenamiento es compatible con CORS (Cross-Origin Resource Sharing), es decir, una función HTTP que permite a las aplicaciones web de un dominio diferente aflojar la política del mismo origen. Al habilitar CORS, mantenga CorsRules con el mínimo privilegio.",
+            "guid": "cef39812-bd46-43cb-aac8-ac199ebb91a3",
+            "id": "A16.01",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gestión de redes",
+            "text": "Evite las políticas de CORS demasiado amplias",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Los datos en reposo siempre se cifran en el lado del servidor y, además, también pueden estar cifrados en el lado del cliente. El cifrado del lado del servidor puede producirse mediante una clave administrada por la plataforma (valor predeterminado) o una clave administrada por el cliente. El cifrado del lado cliente puede producirse haciendo que el cliente proporcione una clave de cifrado y descifrado por blob al almacenamiento de Azure o controlando completamente el cifrado en el lado cliente. por lo tanto, no depende en absoluto de Azure Storage para obtener garantías de confidencialidad.",
+            "guid": "3d90cae2-cc88-4137-86f7-c0cbafe61464",
+            "id": "A17.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Confidencialidad y encriptación",
+            "text": "Determine cómo se deben cifrar los datos en reposo. Comprender el modelo de subprocesos para los datos.",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "guid": "8dd457e9-2713-48b8-8110-2cac6eae01e6",
+            "id": "A17.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/customer-managed-keys-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&bc=%2Fazure%2Fstorage%2Fblobs%2Fbreadcrumb%2Ftoc.json",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Confidencialidad y encriptación",
+            "text": "Determine cuál o si se debe utilizar el cifrado de la plataforma.",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "guid": "e842e52f-4721-4d92-ac1b-1cd521e54a29",
+            "id": "A17.03",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/encryption-customer-provided-keys",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Confidencialidad y encriptación",
+            "text": "Determine qué cifrado del lado del cliente se debe usar, si se debe usar.",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Seguridad",
+            "description": "Aproveche el Explorador de Resource Graph (resources | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true) para buscar cuentas de almacenamiento que permitan el acceso anónimo a blobs.",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant",
+            "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
+            "id": "A18.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gestión de identidades y accesos",
+            "text": "Considere si es necesario el acceso anónimo de blob público o si se puede deshabilitar para determinadas cuentas de almacenamiento. ",
+            "waf": "Seguridad"
+        },
+        {
+            "category": "Gestión de Operaciones",
+            "guid": "cb8eb8c0-aa62-4a25-a495-6eaa8dc4a243",
+            "id": "B01.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-upgrade?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Versión de la plataforma",
+            "text": "Aproveche un tipo de cuenta storagev2 para mejorar el rendimiento y la confiabilidad",
+            "waf": "Fiabilidad"
+        },
+        {
+            "category": "BC y RD",
+            "guid": "e05bbe20-9d49-4fda-9777-8424d116785c",
+            "id": "C01.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Disponibilidad",
+            "text": "Aproveche el almacenamiento GRS, ZRS o GZRS para obtener la máxima disponibilidad",
+            "waf": "Fiabilidad"
+        },
+        {
+            "category": "BC y RD",
+            "guid": "2fa56c56-ad48-4408-be72-734c486ba280",
+            "id": "C01.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Conmutación por error",
+            "text": "Para la operación de escritura después de la conmutación por error, use la conmutación por error administrada por el cliente ",
+            "waf": "Fiabilidad"
+        },
+        {
+            "category": "Gestión de Operaciones",
+            "guid": "dc0590cf-65de-48e1-909c-cbd579266bcc",
+            "id": "C01.03",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance#microsoft-managed-failover",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Conmutación por error",
+            "text": "Descripción de los detalles de la conmutación por error administrada por Microsoft",
+            "waf": "Fiabilidad"
+        },
+        {
+            "category": "Gestión de Operaciones",
+            "guid": "a274faa1-abfe-49d5-9d04-c3c4919cb1b3",
+            "id": "C01.04",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "subcategory": "Protección de datos",
+            "text": "Habilitar eliminación temporal",
+            "waf": "Fiabilidad"
+        }
+    ],
+    "metadata": {
+        "name": "Azure Storage Review Checklist",
+        "state": "Preview",
+        "timestamp": "August 12, 2024",
+        "waf": "all"
+    },
+    "severities": [
+        {
+            "name": "Alto"
+        },
+        {
+            "name": "Medio"
+        },
+        {
+            "name": "Bajo"
+        }
+    ],
+    "status": [
+        {
+            "description": "Este control aún no se ha examinado",
+            "name": "No verificado"
+        },
+        {
+            "description": "Hay un elemento de acción asociado a esta comprobación",
+            "name": "Abrir"
+        },
+        {
+            "description": "Esta comprobación se ha verificado y no hay más elementos de acción asociados a ella",
+            "name": "Cumplido"
+        },
+        {
+            "description": "Recomendación entendida, pero no necesaria por los requisitos actuales",
+            "name": "No es necesario"
+        },
+        {
+            "description": "No aplicable para el diseño actual",
+            "name": "N/A"
+        }
+    ],
+    "waf": [
+        {
+            "name": "Fiabilidad"
+        },
+        {
+            "name": "Seguridad"
+        },
+        {
+            "name": "Costar"
+        },
+        {
+            "name": "Operaciones"
+        },
+        {
+            "name": "Rendimiento"
+        }
+    ],
+    "yesno": [
+        {
+            "name": "Sí"
+        },
+        {
+            "name": "No"
+        }
+    ]
+}
\ No newline at end of file
diff --git a/checklists/azure_storage_checklist.ja.json b/checklists/azure_storage_checklist.ja.json
new file mode 100644
index 000000000..ec33393dd
--- /dev/null
+++ b/checklists/azure_storage_checklist.ja.json
@@ -0,0 +1,566 @@
+{
+    "categories": [
+        {
+            "name": "ID およびアクセス管理"
+        },
+        {
+            "name": "ネットワーク トポロジと接続性"
+        },
+        {
+            "name": "BC と DR"
+        },
+        {
+            "name": "ガバナンスとセキュリティ"
+        },
+        {
+            "name": "コストガバナンス"
+        },
+        {
+            "name": "オペレーションマネジメント"
+        },
+        {
+            "name": "アプリケーションのデプロイメント"
+        },
+        {
+            "name": "安全"
+        }
+    ],
+    "items": [
+        {
+            "category": "安全",
+            "description": "ストレージに関連する Microsoft クラウド セキュリティ ベンチマークのガイダンスを適用する",
+            "guid": "d237de14-3b16-4c21-b7aa-9b64604489a8",
+            "id": "A01.01",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/storage-security-baseline",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "概要",
+            "text": "「ストレージの Azure セキュリティ ベースライン」を検討する",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "Azure Storage は、既定ではパブリック IP アドレスを持ち、インターネットからアクセスできます。プライベート エンドポイントを使用すると、アクセスが必要な Azure コンピューティング リソースのみに Azure Storage を安全に公開できるため、パブリック インターネットへの露出がなくなります",
+            "guid": "f42d78e7-9d17-4a73-a22a-5a67e7a8ed4b",
+            "id": "A02.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-private-endpoints",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "ネットワーキング",
+            "text": "Azure Storage のプライベート エンドポイントの使用を検討する",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "新しく作成されたストレージ アカウントは ARM デプロイ モデルを使用して作成されるため、RBAC、監査などがすべて有効になります。サブスクリプションにクラシック デプロイ モデルの古いストレージ アカウントがないことを確認します",
+            "guid": "30e37c3e-2971-41b2-963c-eee079b598de",
+            "id": "A03.01",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "統治",
+            "text": "古いストレージ アカウントが \"クラシック デプロイ モデル\" を使用していないことを確認する",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "Microsoft Defender を活用して、不審なアクティビティや構成ミスについて学習します。",
+            "guid": "fc5972cd-4cd2-41b0-a803-7f5e6b4bfd3d",
+            "id": "A03.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/azure-defender-storage-configure",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "統治",
+            "text": "すべてのストレージ アカウントで Microsoft Defender を有効にする",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "論理的な削除メカニズムにより、誤って削除されたブロブを回復できます。",
+            "guid": "503547c1-447e-4c66-828a-7100f1ce16dd",
+            "id": "A04.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-overview",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "データの可用性",
+            "text": "BLOB の '論理的な削除' を有効にする",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "たとえば、機密性、プライバシー、コンプライアンス上の理由など、削除された情報をすぐに削除するようにアプリケーションで確認する必要がある場合など、特定の BLOB コンテナに対して「論理的な削除」を選択的に無効にすることを検討してください。",
+            "guid": "3f1d5e87-2e52-4e36-81cc-58b4a4b1510e",
+            "id": "A05.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "機密性",
+            "text": "BLOB の '論理的な削除' を無効にする",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "コンテナの論理的な削除を使用すると、コンテナが削除された後に、たとえば、誤って削除した操作から回復するなどして、コンテナを回復できます。",
+            "guid": "43a58a9c-2289-4c3d-9b57-d0c655462f2a",
+            "id": "A06.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-overview",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "データの可用性",
+            "text": "コンテナの「論理的な削除」を有効にする",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "たとえば、機密性、プライバシー、コンプライアンス上の理由など、削除された情報をすぐに削除するようにアプリケーションで確認する必要がある場合など、特定の BLOB コンテナに対して「論理的な削除」を選択的に無効にすることを検討してください。",
+            "guid": "3e3453a3-c863-4964-ab65-2d6c15f51296",
+            "id": "A07.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "機密性",
+            "text": "コンテナの「論理的な削除」を無効にする",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "削除する前に、ユーザーに削除ロックを最初に解除するように強制することで、ストレージ アカウントが誤って削除されるのを防ぎます",
+            "guid": "5398e6de-d227-4dd1-92b0-6c21d7999a64",
+            "id": "A08.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "データの可用性",
+            "text": "ストレージ アカウントでのリソース ロックの有効化",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "BLOB の \"訴訟ホールド\" または \"時間ベースの保持\" ポリシーを検討して、BLOB、コンテナー、またはストレージ アカウントを削除できないようにします。「不可能」は実際には「不可能」を意味することに注意してください。ストレージ アカウントに不変 BLOB が含まれている場合、そのストレージ アカウントを \"削除\" する唯一の方法は、Azure サブスクリプションをキャンセルすることです。",
+            "guid": "6f4389a8-f42c-478e-98c0-6a73a22a4956",
+            "id": "A09.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/immutable-storage-overview",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "データの可用性、コンプライアンス",
+            "text": "不変ブロブについて考える",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "ストレージ アカウントへの保護されていない HTTP/80 アクセスを無効にして、すべてのデータ転送が暗号化され、整合性が保護され、サーバーが認証されるようにすることを検討してください。",
+            "guid": "e7a8dc4a-20e2-47c3-b297-11b1352beee0",
+            "id": "A10.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "ネットワーキング",
+            "text": "HTTPS を要求する (つまり、ストレージ アカウントのポート 80 を無効にする)",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "ストレージ アカウントでカスタム ドメイン (ホスト名) を構成する場合は、TLS/HTTPS が必要かどうかを確認します。その場合は、ストレージ アカウントの前に Azure CDN を配置する必要がある場合があります。",
+            "guid": "79b588de-fc49-472c-b3cd-21bf77036e5e",
+            "id": "A10.02",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/storage-custom-domain-name",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "ネットワーキング",
+            "text": "HTTPS を適用する (HTTP を無効にする) 場合は、ストレージ アカウントにカスタム ドメイン (CNAME) を使用していないことを確認します。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "クライアントが SAS トークンを使用して BLOB データにアクセスするときに HTTPS を要求すると、資格情報の損失リスクを最小限に抑えるのに役立ちます。",
+            "guid": "6b4bed3d-5035-447c-8347-dc56028a71ff",
+            "id": "A10.03",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "ネットワーキング",
+            "text": "Shared Access Signature (SAS) トークンを HTTPS 接続のみに制限する",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": ".最新の TLS バージョンを適用すると、古いバージョンを使用しているクライアントからの要求が拒否されます。",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant",
+            "guid": "e12be569-a18f-4562-8d5d-ce151b9e7d55",
+            "id": "A10.4",
+            "link": "https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "ネットワーキング",
+            "text": "ストレージ アカウントに最新の TLS バージョンを適用する",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "Microsoft Entra ID トークンは、可能な限り、共有アクセス署名よりも優先する必要があります",
+            "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
+            "id": "A11.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "ID およびアクセス管理",
+            "text": "BLOB アクセスに Microsoft Entra ID トークンを使用する",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "ユーザー、グループ、またはアプリケーションにロールを割り当てる場合は、タスクの実行に必要なアクセス許可のみをそのセキュリティ プリンシパルに付与します。リソースへのアクセスを制限することで、意図しないデータの誤用と悪意のある誤用の両方を防ぐことができます。",
+            "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
+            "id": "A11.02",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "ID およびアクセス管理",
+            "text": "IaM アクセス許可の最小特権",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "ユーザー委任 SAS は、Azure Active Directory (Azure AD) 資格情報と、SAS に指定されたアクセス許可によって保護されます。ユーザー委任 SAS は、そのスコープと機能の点でサービス SAS に似ていますが、サービス SAS よりもセキュリティ上の利点があります。",
+            "guid": "55461e1a-3e34-453a-9c86-39648b652d6c",
+            "id": "A11.03",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#best-practices-when-using-sas",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "ID およびアクセス管理",
+            "text": "SAS を使用する場合は、ストレージ アカウント キー ベースの SAS よりも \"ユーザー委任 SAS\" を優先します。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "ストレージ アカウント キー (\"共有キー\") には、監査機能がほとんどありません。誰が/いつキーのコピーをフェッチしたかを監視することはできますが、キーが複数の人の手に渡ると、特定のユーザーに使用状況を帰属させることはできなくなります。Entra ID認証のみに依存すると、ストレージアクセスをユーザーに結び付けることが容易になります。",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant",
+            "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
+            "id": "A11.04",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "ID およびアクセス管理",
+            "text": "Microsoft Entra ID アクセス (およびユーザー委任 SAS) のみがサポートされるように、ストレージ アカウント キーを無効にすることを検討してください。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "アクティビティ ログ データを使用して、ストレージ アカウントのセキュリティが (ストレージ アカウント キー、アクセス ポリシーなど) 表示または変更されているのは「いつ」、「誰が」、「何を」、「どのように」特定します。",
+            "guid": "d7999a64-6f43-489a-af42-c78e78c06a73",
+            "id": "A12.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "モニタリング",
+            "text": "Azure Monitor を使用して、ストレージ アカウントでのコントロール プレーン操作を監査することを検討してください",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "キーの有効期限ポリシーを使用すると、アカウント アクセス キーのローテーションのリマインダーを設定できます。リマインダーは、指定した間隔が経過し、キーがまだローテーションされていない場合に表示されます。",
+            "guid": "a22a4956-e7a8-4dc4-a20e-27c3e29711b1",
+            "id": "A13.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#create-a-key-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "ID およびアクセス管理",
+            "text": "ストレージ アカウント キーを使用する場合は、\"キーの有効期限ポリシー\" を有効にすることを検討してください",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "SAS 有効期限ポリシーは、SAS が有効である推奨間隔を指定します。SAS 有効期限ポリシーは、サービス SAS またはアカウント SAS に適用されます。ユーザーが、推奨間隔よりも長い有効期間でサービス SAS またはアカウント SAS を生成すると、警告が表示されます。",
+            "guid": "352beee0-79b5-488d-bfc4-972cd3cd21bf",
+            "id": "A13.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/sas-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "ID およびアクセス管理",
+            "text": "SAS 有効期限ポリシーの構成を検討する",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "保存されているアクセス ポリシーでは、ストレージ アカウント キーを再生成しなくても、サービス SAS のアクセス許可を取り消すことができます。",
+            "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
+            "id": "A13.03",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/define-stored-access-policy",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "ID およびアクセス管理",
+            "text": "SASを保存されたアクセスポリシーにリンクすることを検討する",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
+            "id": "A14.01",
+            "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "CI/CD",
+            "text": "チェックインされた接続文字列とストレージ アカウント キーを検出するように、アプリケーションのソース コード リポジトリを構成することを検討してください。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "理想的には、アプリケーションでマネージド ID を使用して Azure Storage に対する認証を行う必要があります。それが不可能な場合は、ストレージ資格情報 (接続文字列、ストレージ アカウント キー、SAS、サービス プリンシパル資格情報) を Azure KeyVault または同等のサービスに持つことを検討してください。",
+            "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
+            "id": "A15.01",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-storage-keys",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "ID およびアクセス管理",
+            "text": "Azure KeyVault に接続文字列を格納することを検討してください (マネージド ID が不可能なシナリオの場合)",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "アドホック SAS サービス SAS またはアカウント SAS で短期的な有効期限を使用します。このように、SASが侵害された場合でも、SASは短時間しか有効ではありません。この方法は、保存されたアクセス ポリシーを参照できない場合に特に重要です。有効期限が近いと、BLOB にアップロードできる時間を制限することで、BLOB に書き込むことができるデータの量も制限されます。",
+            "guid": "27138b82-1102-4cac-9eae-01e6e842e52f",
+            "id": "A15.02",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "ID およびアクセス管理",
+            "text": "アドホックSASの有効期間を短くするよう努める",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "SASを作成するときは、できるだけ具体的で制限的にしてください。1 つのリソースと操作には、より広範なアクセスを提供する SAS よりも SAS を優先します。",
+            "guid": "4721d928-c1b1-4cd5-81e5-4a29a9de399c",
+            "id": "A15.03",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "ID およびアクセス管理",
+            "text": "SAS に狭いスコープを適用する",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "SAS には、SAS を使用してリソースを要求する権限を与えられたクライアントの IP アドレスまたはアドレス範囲のパラメーターを含めることができます。",
+            "guid": "fd7b28dc-9355-4562-82bf-e4564b0d834a",
+            "id": "A15.04",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/create-account-sas",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "ID およびアクセス管理",
+            "text": "可能な限り、SAS のスコープを特定のクライアント IP アドレスに設定することを検討してください",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "SAS は、クライアントがアップロードするデータの量を制限することはできません。時間の経過に伴うストレージ量の価格設定モデルを考えると、クライアントが悪意を持って大きなコンテンツをアップロードしたかどうかを検証することは理にかなっているかもしれません。",
+            "guid": "348b263e-6dd6-4051-8a36-498f6dbad38e",
+            "id": "A15.05",
+            "service": "Azure Storage",
+            "severity": "低い",
+            "subcategory": "ID およびアクセス管理",
+            "text": "クライアントが SAS を使用してファイルをアップロードした後、アップロードされたデータを確認することを検討してください。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "「ローカル ユーザー アカウント」を使用して SFTP 経由で BLOB ストレージにアクセスする場合、「通常の」RBAC コントロールは適用されません。NFS または REST 経由の BLOB アクセスは、SFTP アクセスよりも制限が厳しい場合があります。残念ながら、2023 年初頭の時点で、SFTP エンドポイントで現在サポートされている ID 管理の形式は、ローカル ユーザーのみです",
+            "guid": "ad53cc7c-e1d7-4aaa-a357-1449ab8053d8",
+            "id": "A15.06",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "ID およびアクセス管理",
+            "text": "SFTP: SFTP アクセスの「ローカル ユーザー」の数を制限し、アクセスが必要かどうかを経時的に監査します。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "guid": "9f89dc7b-33be-42a1-a27f-7b9e91be1f38",
+            "id": "A15.07",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-known-issues#authentication-and-authorization",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "ID およびアクセス管理",
+            "text": "SFTP: SFTP エンドポイントは POSIX のような ACL をサポートしていません。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "ストレージは、CORS(Cross-Origin Resource Sharing)、つまり、異なるドメインのWebアプリが同一生成元ポリシーを緩和できるようにするHTTP機能をサポートしています。CORS を有効にするときは、CorsRules を最小限の特権に保ちます。",
+            "guid": "cef39812-bd46-43cb-aac8-ac199ebb91a3",
+            "id": "A16.01",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "ネットワーキング",
+            "text": "過度に広範なCORSポリシーを避ける",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "保存データは常にサーバー側で暗号化され、さらにクライアント側でも暗号化される場合があります。サーバー側の暗号化は、プラットフォーム管理キー (デフォルト) またはカスタマー管理キーを使用して行われる場合があります。クライアント側の暗号化は、クライアントが BLOB ごとに暗号化/暗号化解除キーを Azure ストレージに提供するか、クライアント側で暗号化を完全に処理することによって行われます。したがって、機密性の保証については Azure Storage にまったく依存しません。",
+            "guid": "3d90cae2-cc88-4137-86f7-c0cbafe61464",
+            "id": "A17.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "機密性と暗号化",
+            "text": "保存データの暗号化方法を決定します。データのスレッドモデルを理解する。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "guid": "8dd457e9-2713-48b8-8110-2cac6eae01e6",
+            "id": "A17.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/customer-managed-keys-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&bc=%2Fazure%2Fstorage%2Fblobs%2Fbreadcrumb%2Ftoc.json",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "機密性と暗号化",
+            "text": "プラットフォームの暗号化を使用するかどうかを決定します。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "guid": "e842e52f-4721-4d92-ac1b-1cd521e54a29",
+            "id": "A17.03",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/encryption-customer-provided-keys",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "機密性と暗号化",
+            "text": "クライアント側の暗号化を使用するかどうかを決定します。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "Resource Graph エクスプローラー (resources | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true) を利用して、匿名 BLOB アクセスを許可するストレージ アカウントを見つけます。",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant",
+            "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
+            "id": "A18.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "ID およびアクセス管理",
+            "text": "パブリック BLOB の匿名アクセスが必要かどうか、または特定のストレージ アカウントに対して無効にできるかどうかを検討します。",
+            "waf": "安全"
+        },
+        {
+            "category": "オペレーションマネジメント",
+            "guid": "cb8eb8c0-aa62-4a25-a495-6eaa8dc4a243",
+            "id": "B01.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-upgrade?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "プラットフォームバージョン",
+            "text": "storagev2 アカウントタイプを活用して、パフォーマンスと信頼性を向上させます",
+            "waf": "確実"
+        },
+        {
+            "category": "BC と DR",
+            "guid": "e05bbe20-9d49-4fda-9777-8424d116785c",
+            "id": "C01.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "subcategory": "可用性",
+            "text": "GRS、ZRS、またはGZRSストレージを活用して、最高の可用性を実現",
+            "waf": "確実"
+        },
+        {
+            "category": "BC と DR",
+            "guid": "2fa56c56-ad48-4408-be72-734c486ba280",
+            "id": "C01.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "フェイルオーバー",
+            "text": "フェールオーバー後の書き込み操作には、顧客管理のフェールオーバーを使用します",
+            "waf": "確実"
+        },
+        {
+            "category": "オペレーションマネジメント",
+            "guid": "dc0590cf-65de-48e1-909c-cbd579266bcc",
+            "id": "C01.03",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance#microsoft-managed-failover",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "フェイルオーバー",
+            "text": "Microsoft マネージド フェールオーバーの詳細を理解する",
+            "waf": "確実"
+        },
+        {
+            "category": "オペレーションマネジメント",
+            "guid": "a274faa1-abfe-49d5-9d04-c3c4919cb1b3",
+            "id": "C01.04",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "subcategory": "データ保護",
+            "text": "ソフト削除を有効にする",
+            "waf": "確実"
+        }
+    ],
+    "metadata": {
+        "name": "Azure Storage Review Checklist",
+        "state": "Preview",
+        "timestamp": "August 12, 2024",
+        "waf": "all"
+    },
+    "severities": [
+        {
+            "name": "高い"
+        },
+        {
+            "name": "中程度"
+        },
+        {
+            "name": "低い"
+        }
+    ],
+    "status": [
+        {
+            "description": "このチェックはまだ見ていません",
+            "name": "未確認"
+        },
+        {
+            "description": "このチェックにはアクションアイテムが関連付けられています",
+            "name": "開ける"
+        },
+        {
+            "description": "このチェックは検証済みであり、これ以上のアクション アイテムは関連付けられていません",
+            "name": "達成"
+        },
+        {
+            "description": "推奨事項は理解されているが、現在の要件では必要ではない",
+            "name": "必須ではありません"
+        },
+        {
+            "description": "現在のデザインには適用されません",
+            "name": "該当なし"
+        }
+    ],
+    "waf": [
+        {
+            "name": "確実"
+        },
+        {
+            "name": "安全"
+        },
+        {
+            "name": "費用"
+        },
+        {
+            "name": "オペレーションズ"
+        },
+        {
+            "name": "パフォーマンス"
+        }
+    ],
+    "yesno": [
+        {
+            "name": "はい"
+        },
+        {
+            "name": "いいえ"
+        }
+    ]
+}
\ No newline at end of file
diff --git a/checklists/azure_storage_checklist.ko.json b/checklists/azure_storage_checklist.ko.json
new file mode 100644
index 000000000..dabfa75af
--- /dev/null
+++ b/checklists/azure_storage_checklist.ko.json
@@ -0,0 +1,566 @@
+{
+    "categories": [
+        {
+            "name": "ID 및 액세스 관리"
+        },
+        {
+            "name": "네트워크 토폴로지 및 연결성"
+        },
+        {
+            "name": "BC 및 DR"
+        },
+        {
+            "name": "거버넌스 및 보안"
+        },
+        {
+            "name": "비용 관리"
+        },
+        {
+            "name": "운영 관리"
+        },
+        {
+            "name": "응용 프로그램 배포"
+        },
+        {
+            "name": "안전"
+        }
+    ],
+    "items": [
+        {
+            "category": "안전",
+            "description": "스토리지와 관련된 Microsoft 클라우드 보안 벤치마크의 지침 적용",
+            "guid": "d237de14-3b16-4c21-b7aa-9b64604489a8",
+            "id": "A01.01",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/storage-security-baseline",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": " 개요",
+            "text": "'스토리지에 대한 Azure 보안 기준'을 고려합니다.",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "Azure Storage는 기본적으로 공용 IP 주소를 가지며 인터넷에 연결할 수 있습니다. 프라이빗 엔드포인트를 사용하면 액세스가 필요한 Azure Compute 리소스에만 Azure Storage를 안전하게 노출할 수 있으므로 공용 인터넷에 노출되지 않습니다",
+            "guid": "f42d78e7-9d17-4a73-a22a-5a67e7a8ed4b",
+            "id": "A02.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-private-endpoints",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "네트워킹",
+            "text": "Azure Storage에 프라이빗 엔드포인트를 사용하는 것이 좋습니다.",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "새로 만든 스토리지 계정은 ARM 배포 모델을 사용하여 생성되므로 RBAC, 감사 등이 모두 활성화됩니다. 구독에 클래식 배포 모델을 사용하는 이전 저장소 계정이 없는지 확인합니다.",
+            "guid": "30e37c3e-2971-41b2-963c-eee079b598de",
+            "id": "A03.01",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "지배구조",
+            "text": "이전 스토리지 계정이 '클래식 배포 모델'을 사용하지 않는지 확인",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "Microsoft Defender를 활용하여 의심스러운 활동 및 잘못된 구성에 대해 알아보세요.",
+            "guid": "fc5972cd-4cd2-41b0-a803-7f5e6b4bfd3d",
+            "id": "A03.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/azure-defender-storage-configure",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "지배구조",
+            "text": "모든 스토리지 계정에 대해 Microsoft Defender 사용",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "일시 삭제 메커니즘을 사용하면 실수로 삭제된 Blob을 복구할 수 있습니다.",
+            "guid": "503547c1-447e-4c66-828a-7100f1ce16dd",
+            "id": "A04.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-overview",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "데이터 가용성",
+            "text": "Blob에 대해 '일시 삭제' 사용Enable 'soft delete' for blobs",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "예를 들어 애플리케이션이 기밀성, 개인 정보 보호 또는 규정 준수를 위해 삭제된 정보가 즉시 삭제되도록 해야 하는 경우와 같이 특정 Blob 컨테이너에 대해 '일시 삭제'를 선택적으로 사용하지 않도록 설정하는 것이 좋습니다. ",
+            "guid": "3f1d5e87-2e52-4e36-81cc-58b4a4b1510e",
+            "id": "A05.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "기밀성",
+            "text": "Blob에 대해 '일시 삭제' 사용 안 함",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "컨테이너에 대한 일시 삭제를 사용하면 컨테이너가 삭제된 후 복구할 수 있습니다(예: 실수로 삭제한 작업에서 복구).",
+            "guid": "43a58a9c-2289-4c3d-9b57-d0c655462f2a",
+            "id": "A06.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-overview",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "데이터 가용성",
+            "text": "컨테이너에 대해 '일시 삭제' 사용Enable 'soft delete' for containers",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "예를 들어 애플리케이션이 기밀성, 개인 정보 보호 또는 규정 준수를 위해 삭제된 정보가 즉시 삭제되도록 해야 하는 경우와 같이 특정 Blob 컨테이너에 대해 '일시 삭제'를 선택적으로 사용하지 않도록 설정하는 것이 좋습니다. ",
+            "guid": "3e3453a3-c863-4964-ab65-2d6c15f51296",
+            "id": "A07.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "기밀성",
+            "text": "컨테이너에 대해 '일시 삭제' 사용 안 함",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "사용자가 삭제하기 전에 먼저 삭제 잠금을 제거하도록 강제하여 스토리지 계정의 우발적인 삭제를 방지합니다.",
+            "guid": "5398e6de-d227-4dd1-92b0-6c21d7999a64",
+            "id": "A08.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "데이터 가용성",
+            "text": "스토리지 계정에 대한 리소스 잠금 사용Enable resource locks on storage accounts",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "Blob에 대한 '법적 보존' 또는 '시간 기반 보존' 정책을 고려하면 Blob, 컨테이너 또는 스토리지 계정을 삭제할 수 없습니다. '불가능한'은 실제로 '불가능한'을 의미합니다. 스토리지 계정에 변경할 수 없는 Blob이 포함되면 해당 스토리지 계정을 '제거'하는 유일한 방법은 Azure 구독을 취소하는 것입니다.",
+            "guid": "6f4389a8-f42c-478e-98c0-6a73a22a4956",
+            "id": "A09.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/immutable-storage-overview",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "데이터 가용성, 규정 준수",
+            "text": "변경할 수 없는 Blob 고려",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "스토리지 계정에 대한 보호되지 않는 HTTP/80 액세스를 사용하지 않도록 설정하여 모든 데이터 전송이 암호화되고 무결성이 보호되며 서버가 인증되도록 하는 것이 좋습니다. ",
+            "guid": "e7a8dc4a-20e2-47c3-b297-11b1352beee0",
+            "id": "A10.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "네트워킹",
+            "text": "HTTPS 필요, 즉 스토리지 계정에서 포트 80 사용 안 함Require HTTPS, i.e. disable port 80 on the storage account",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "스토리지 계정에서 사용자 지정 도메인(호스트 이름)을 구성할 때 TLS/HTTPS가 필요한지 확인합니다. 이 경우 스토리지 계정 앞에 Azure CDN을 배치해야 할 수 있습니다.",
+            "guid": "79b588de-fc49-472c-b3cd-21bf77036e5e",
+            "id": "A10.02",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/storage-custom-domain-name",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "네트워킹",
+            "text": "HTTPS를 적용(HTTP 사용 안 함)할 때 스토리지 계정에 사용자 지정 도메인(CNAME)을 사용하지 않는지 확인합니다.",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "클라이언트가 SAS 토큰을 사용하여 Blob 데이터에 액세스할 때 HTTPS를 요구하면 자격 증명 손실 위험을 최소화하는 데 도움이 됩니다.",
+            "guid": "6b4bed3d-5035-447c-8347-dc56028a71ff",
+            "id": "A10.03",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "네트워킹",
+            "text": "SAS(공유 액세스 서명) 토큰을 HTTPS 연결로만 제한",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": ". 최신 TLS 버전을 적용하면 이전 버전을 사용하는 클라이언트의 요청이 거부됩니다. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant",
+            "guid": "e12be569-a18f-4562-8d5d-ce151b9e7d55",
+            "id": "A10.4",
+            "link": "https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "네트워킹",
+            "text": "스토리지 계정에 대한 최신 TLS 버전 적용Enforce the latest TLS version for a storage account",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "가능한 경우 Microsoft Entra ID 토큰을 공유 액세스 서명보다 선호해야 합니다",
+            "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
+            "id": "A11.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "ID 및 액세스 관리",
+            "text": "Blob 액세스에 Microsoft Entra ID 토큰 사용Use Microsoft Entra ID tokens for blob access",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "사용자, 그룹 또는 응용 프로그램에 역할을 할당할 때 해당 보안 주체가 작업을 수행하는 데 필요한 권한만 부여합니다. 리소스에 대한 액세스를 제한하면 의도하지 않은 데이터 오용과 악의적인 데이터 오용을 모두 방지할 수 있습니다.",
+            "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
+            "id": "A11.02",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "ID 및 액세스 관리",
+            "text": "IaM 권한의 최소 권한",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "사용자 위임 SAS는 Azure AD(Azure Active Directory) 자격 증명과 SAS에 대해 지정된 권한으로 보호됩니다. 사용자 위임 SAS는 범위와 기능 측면에서 서비스 SAS와 유사하지만 서비스 SAS에 비해 보안상의 이점을 제공합니다. ",
+            "guid": "55461e1a-3e34-453a-9c86-39648b652d6c",
+            "id": "A11.03",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#best-practices-when-using-sas",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "ID 및 액세스 관리",
+            "text": "SAS를 사용하는 경우 스토리지 계정 키 기반 SAS보다 '사용자 위임 SAS'를 선호합니다.",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "스토리지 계정 키('공유 키')에는 감사 기능이 거의 없습니다. 누가/언제 키 복사본을 가져왔는지 모니터링할 수 있지만 키가 여러 사람의 손에 들어가면 특정 사용자의 사용을 귀속시킬 수 없습니다. Entra ID 인증에만 의존하면 스토리지 액세스를 사용자에게 더 쉽게 연결할 수 있습니다. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant",
+            "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
+            "id": "A11.04",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "ID 및 액세스 관리",
+            "text": "Microsoft Entra ID 액세스(및 사용자 위임 SAS)만 지원되도록 스토리지 계정 키를 사용하지 않도록 설정하는 것이 좋습니다.",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "활동 로그 데이터를 사용하여 스토리지 계정의 보안을 '언제', '누가', '무엇을' 및 '어떻게' 확인하거나 변경합니다(예: 스토리지 계정 키, 액세스 정책 등).",
+            "guid": "d7999a64-6f43-489a-af42-c78e78c06a73",
+            "id": "A12.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "모니터링",
+            "text": "Azure Monitor를 사용하여 스토리지 계정에 대한 컨트롤 플레인 작업을 감사하는 것이 좋습니다",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "키 만료 정책을 사용하면 계정 액세스 키의 교체에 대한 미리 알림을 설정할 수 있습니다. 지정된 간격이 경과하고 키가 아직 회전되지 않은 경우 알림이 표시됩니다.",
+            "guid": "a22a4956-e7a8-4dc4-a20e-27c3e29711b1",
+            "id": "A13.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#create-a-key-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "ID 및 액세스 관리",
+            "text": "스토리지 계정 키를 사용하는 경우 '키 만료 정책'을 사용하도록 설정하는 것이 좋습니다.",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "SAS 만료 정책은 SAS가 유효한 권장 간격을 지정합니다. SAS 만료 정책은 서비스 SAS 또는 계정 SAS에 적용됩니다. 사용자가 권장 간격보다 큰 유효성 간격으로 서비스 SAS 또는 계정 SAS를 생성하면 경고가 표시됩니다.",
+            "guid": "352beee0-79b5-488d-bfc4-972cd3cd21bf",
+            "id": "A13.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/sas-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "ID 및 액세스 관리",
+            "text": "SAS 만료 정책을 구성하는 것이 좋습니다.",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "저장된 액세스 정책은 스토리지 계정 키를 다시 생성할 필요 없이 서비스 SAS에 대한 사용 권한을 취소할 수 있는 옵션을 제공합니다. ",
+            "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
+            "id": "A13.03",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/define-stored-access-policy",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "ID 및 액세스 관리",
+            "text": "SAS를 저장된 액세스 정책에 연결하는 것이 좋습니다.",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
+            "id": "A14.01",
+            "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "CI/CD (영문)",
+            "text": "체크 인된 연결 문자열 및 저장소 계정 키를 검색하도록 응용 프로그램의 소스 코드 리포지토리를 구성하는 것이 좋습니다.",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "이상적으로 애플리케이션은 관리 ID를 사용하여 Azure Storage에 인증해야 합니다. 가능하지 않은 경우 Azure KeyVault 또는 동등한 서비스에 스토리지 자격 증명(연결 문자열, 스토리지 계정 키, SAS, 서비스 주체 자격 증명)을 사용하는 것이 좋습니다.",
+            "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
+            "id": "A15.01",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-storage-keys",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "ID 및 액세스 관리",
+            "text": "Azure KeyVault에 연결 문자열을 저장하는 것이 좋습니다(관리 ID를 사용할 수 없는 시나리오에서).",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "임시 SAS 서비스 SAS 또는 계정 SAS에서 가까운 만료 시간을 사용합니다. 이러한 방식으로 SAS가 손상되더라도 짧은 시간 동안만 유효합니다. 이 방법은 저장된 액세스 정책을 참조할 수 없는 경우에 특히 중요합니다. 또한 단기 만료 시간은 Blob에 업로드할 수 있는 시간을 제한하여 Blob에 쓸 수 있는 데이터의 양을 제한합니다.",
+            "guid": "27138b82-1102-4cac-9eae-01e6e842e52f",
+            "id": "A15.02",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "ID 및 액세스 관리",
+            "text": "임시 SAS의 유효 기간을 단축하기 위해 노력",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "SAS를 만들 때는 가능한 한 구체적이고 제한적이어야 합니다. 훨씬 더 광범위한 액세스를 제공하는 SAS보다 단일 리소스 및 작업에 대해 SAS를 선호합니다.",
+            "guid": "4721d928-c1b1-4cd5-81e5-4a29a9de399c",
+            "id": "A15.03",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "ID 및 액세스 관리",
+            "text": "SAS에 좁은 범위 적용",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "SAS에는 SAS를 사용하여 리소스를 요청할 수 있는 권한이 있는 클라이언트 IP 주소 또는 주소 범위에 대한 매개 변수가 포함될 수 있습니다. ",
+            "guid": "fd7b28dc-9355-4562-82bf-e4564b0d834a",
+            "id": "A15.04",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/create-account-sas",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "ID 및 액세스 관리",
+            "text": "가능한 경우 SAS 범위를 특정 클라이언트 IP 주소로 지정하는 것이 좋습니다",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "SAS는 클라이언트가 업로드하는 데이터의 양을 제한할 수 없습니다. 시간 경과에 따른 스토리지 양의 가격 책정 모델을 감안할 때 클라이언트가 악의적으로 큰 콘텐츠를 업로드했는지 여부를 확인하는 것이 합리적일 수 있습니다.",
+            "guid": "348b263e-6dd6-4051-8a36-498f6dbad38e",
+            "id": "A15.05",
+            "service": "Azure Storage",
+            "severity": "낮다",
+            "subcategory": "ID 및 액세스 관리",
+            "text": "클라이언트가 SAS를 사용하여 파일을 업로드한 후 업로드된 데이터를 확인하는 것이 좋습니다. ",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "'로컬 사용자 계정'을 사용하여 SFTP를 통해 Blob Storage에 액세스하는 경우 '일반적인' RBAC 컨트롤이 적용되지 않습니다. NFS 또는 REST를 통한 Blob 액세스는 SFTP 액세스보다 더 제한적일 수 있습니다. 안타깝게도 2023년 초부터 로컬 사용자는 현재 SFTP 엔드포인트에 대해 지원되는 유일한 ID 관리 형태입니다",
+            "guid": "ad53cc7c-e1d7-4aaa-a357-1449ab8053d8",
+            "id": "A15.06",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "ID 및 액세스 관리",
+            "text": "SFTP: SFTP 액세스를 위한 '로컬 사용자'의 수를 제한하고 시간이 지남에 따라 액세스가 필요한지 여부를 감사합니다.",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "guid": "9f89dc7b-33be-42a1-a27f-7b9e91be1f38",
+            "id": "A15.07",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-known-issues#authentication-and-authorization",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "ID 및 액세스 관리",
+            "text": "SFTP: SFTP 엔드포인트는 POSIX와 유사한 ACL을 지원하지 않습니다.",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "스토리지는 CORS(Cross-Origin Resource Sharing), 즉 다른 도메인의 웹 앱이 동일 출처 정책을 완화할 수 있도록 하는 HTTP 기능을 지원합니다. CORS를 사용하도록 설정하는 경우 CorsRules를 최소 권한으로 유지합니다.",
+            "guid": "cef39812-bd46-43cb-aac8-ac199ebb91a3",
+            "id": "A16.01",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "네트워킹",
+            "text": "지나치게 광범위한 CORS 정책 방지",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "미사용 데이터는 항상 서버 쪽에서 암호화되며 클라이언트 쪽에서도 암호화될 수 있습니다. 서버 쪽 암호화는 플랫폼 관리형 키(기본값) 또는 고객 관리형 키를 사용하여 발생할 수 있습니다. 클라이언트 쪽 암호화는 클라이언트가 Azure Storage에 Blob별로 암호화/암호 해독 키를 제공하도록 하거나 클라이언트 쪽에서 암호화를 완전히 처리하여 발생할 수 있습니다. 따라서 기밀 보장을 위해 Azure Storage에 전혀 의존하지 않습니다.",
+            "guid": "3d90cae2-cc88-4137-86f7-c0cbafe61464",
+            "id": "A17.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "기밀성 및 암호화",
+            "text": "미사용 데이터를 암호화하는 방법을 결정합니다. 데이터에 대한 스레드 모델을 이해합니다.",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "guid": "8dd457e9-2713-48b8-8110-2cac6eae01e6",
+            "id": "A17.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/customer-managed-keys-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&bc=%2Fazure%2Fstorage%2Fblobs%2Fbreadcrumb%2Ftoc.json",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "기밀성 및 암호화",
+            "text": "어떤 플랫폼 암호화를 사용해야 하는지 확인합니다.",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "guid": "e842e52f-4721-4d92-ac1b-1cd521e54a29",
+            "id": "A17.03",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/encryption-customer-provided-keys",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "기밀성 및 암호화",
+            "text": "클라이언트 쪽 암호화를 사용해야 하는지 여부를 결정합니다.",
+            "waf": "안전"
+        },
+        {
+            "category": "안전",
+            "description": "리소스 그래프 탐색기(리소스 | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true)를 활용하여 익명 Blob 액세스를 허용하는 스토리지 계정을 찾습니다.",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant",
+            "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
+            "id": "A18.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "ID 및 액세스 관리",
+            "text": "공용 Blob 익명 액세스가 필요한지 또는 특정 스토리지 계정에 대해 사용하지 않도록 설정할 수 있는지 여부를 고려합니다. ",
+            "waf": "안전"
+        },
+        {
+            "category": "운영 관리",
+            "guid": "cb8eb8c0-aa62-4a25-a495-6eaa8dc4a243",
+            "id": "B01.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-upgrade?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "플랫폼 버전",
+            "text": "성능 및 안정성 향상을 위해 storagev2 계정 유형 활용",
+            "waf": "신뢰도"
+        },
+        {
+            "category": "BC 및 DR",
+            "guid": "e05bbe20-9d49-4fda-9777-8424d116785c",
+            "id": "C01.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "subcategory": "가용성",
+            "text": "최고의 가용성을 위해 GRS, ZRS 또는 GZRS 스토리지 활용",
+            "waf": "신뢰도"
+        },
+        {
+            "category": "BC 및 DR",
+            "guid": "2fa56c56-ad48-4408-be72-734c486ba280",
+            "id": "C01.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "페일오버",
+            "text": "장애 조치(failover) 후 쓰기 작업의 경우 고객 관리 장애 조치(failover)를 사용합니다. ",
+            "waf": "신뢰도"
+        },
+        {
+            "category": "운영 관리",
+            "guid": "dc0590cf-65de-48e1-909c-cbd579266bcc",
+            "id": "C01.03",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance#microsoft-managed-failover",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "페일오버",
+            "text": "Microsoft 관리 장애 조치(failover) 세부 정보 이해",
+            "waf": "신뢰도"
+        },
+        {
+            "category": "운영 관리",
+            "guid": "a274faa1-abfe-49d5-9d04-c3c4919cb1b3",
+            "id": "C01.04",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "subcategory": "데이터 보호",
+            "text": "일시 삭제 사용",
+            "waf": "신뢰도"
+        }
+    ],
+    "metadata": {
+        "name": "Azure Storage Review Checklist",
+        "state": "Preview",
+        "timestamp": "August 12, 2024",
+        "waf": "all"
+    },
+    "severities": [
+        {
+            "name": "높다"
+        },
+        {
+            "name": "보통"
+        },
+        {
+            "name": "낮다"
+        }
+    ],
+    "status": [
+        {
+            "description": "이 검사는 아직 검토되지 않았습니다",
+            "name": "확인되지 않음"
+        },
+        {
+            "description": "이 검사와 연관된 작업 항목이 있습니다",
+            "name": "열다"
+        },
+        {
+            "description": "이 검사는 확인되었으며 이와 관련된 추가 작업 항목이 없습니다",
+            "name": "성취"
+        },
+        {
+            "description": "권장 사항을 이해하지만 현재 요구 사항에 필요하지 않음",
+            "name": "필요 없음"
+        },
+        {
+            "description": "현재 설계에는 적용되지 않습니다.",
+            "name": "해당 없음"
+        }
+    ],
+    "waf": [
+        {
+            "name": "신뢰도"
+        },
+        {
+            "name": "안전"
+        },
+        {
+            "name": "비용"
+        },
+        {
+            "name": "작업"
+        },
+        {
+            "name": "공연"
+        }
+    ],
+    "yesno": [
+        {
+            "name": "예"
+        },
+        {
+            "name": "아니요"
+        }
+    ]
+}
\ No newline at end of file
diff --git a/checklists/azure_storage_checklist.pt.json b/checklists/azure_storage_checklist.pt.json
new file mode 100644
index 000000000..0f2972ca6
--- /dev/null
+++ b/checklists/azure_storage_checklist.pt.json
@@ -0,0 +1,566 @@
+{
+    "categories": [
+        {
+            "name": "Gerenciamento de identidade e acesso"
+        },
+        {
+            "name": "Topologia e conectividade de rede"
+        },
+        {
+            "name": "BC e DR"
+        },
+        {
+            "name": "Governança e segurança"
+        },
+        {
+            "name": "Governança de custos"
+        },
+        {
+            "name": "Gestão de Operações"
+        },
+        {
+            "name": "Implantação de aplicativos"
+        },
+        {
+            "name": "Segurança"
+        }
+    ],
+    "items": [
+        {
+            "category": "Segurança",
+            "description": "Aplicar as diretrizes do parâmetro de comparação de segurança de nuvem da Microsoft relacionado ao armazenamento",
+            "guid": "d237de14-3b16-4c21-b7aa-9b64604489a8",
+            "id": "A01.01",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/storage-security-baseline",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": " Visão geral",
+            "text": "Considere a 'linha de base de segurança do Azure para armazenamento'",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Por padrão, o Armazenamento do Azure tem um endereço IP público e pode ser acessado pela Internet. Os pontos de extremidade privados permitem expor com segurança o Armazenamento do Azure apenas aos recursos de Computação do Azure que precisam de acesso, eliminando assim a exposição à Internet pública",
+            "guid": "f42d78e7-9d17-4a73-a22a-5a67e7a8ed4b",
+            "id": "A02.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-private-endpoints",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Rede",
+            "text": "Considere usar pontos de extremidade privados para o Armazenamento do Azure",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "As contas de armazenamento recém-criadas são criadas usando o modelo de implantação do ARM, para que o RBAC, a auditoria etc. estejam habilitados. Verifique se não há contas de armazenamento antigas com o modelo de implantação clássico em uma assinatura",
+            "guid": "30e37c3e-2971-41b2-963c-eee079b598de",
+            "id": "A03.01",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Governança",
+            "text": "Verifique se as contas de armazenamento mais antigas não estão usando o \"modelo de implantação clássico\"",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Aproveite o Microsoft Defender para saber mais sobre atividades suspeitas e configurações incorretas.",
+            "guid": "fc5972cd-4cd2-41b0-a803-7f5e6b4bfd3d",
+            "id": "A03.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/azure-defender-storage-configure",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Governança",
+            "text": "Habilitar o Microsoft Defender para todas as suas contas de armazenamento",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "O mecanismo de exclusão reversível permite recuperar blobs excluídos acidentalmente.",
+            "guid": "503547c1-447e-4c66-828a-7100f1ce16dd",
+            "id": "A04.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-overview",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Disponibilidade de dados",
+            "text": "Habilitar 'exclusão reversível' para blobs",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Considere desabilitar seletivamente a \"exclusão reversível\" para determinados contêineres de blob, por exemplo, se o aplicativo precisar garantir que as informações excluídas sejam excluídas imediatamente, por exemplo, por motivos de confidencialidade, privacidade ou conformidade. ",
+            "guid": "3f1d5e87-2e52-4e36-81cc-58b4a4b1510e",
+            "id": "A05.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Confidencialidade",
+            "text": "Desabilitar a 'exclusão reversível' para blobs",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "A exclusão reversível para contêineres permite que você recupere um contêiner depois que ele foi excluído, por exemplo, recuperar de uma operação de exclusão acidental.",
+            "guid": "43a58a9c-2289-4c3d-9b57-d0c655462f2a",
+            "id": "A06.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-overview",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Disponibilidade de dados",
+            "text": "Habilitar 'exclusão reversível' para contêineres",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Considere desabilitar seletivamente a \"exclusão reversível\" para determinados contêineres de blob, por exemplo, se o aplicativo precisar garantir que as informações excluídas sejam excluídas imediatamente, por exemplo, por motivos de confidencialidade, privacidade ou conformidade. ",
+            "guid": "3e3453a3-c863-4964-ab65-2d6c15f51296",
+            "id": "A07.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Confidencialidade",
+            "text": "Desabilitar a 'exclusão reversível' para contêineres",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Impede a exclusão acidental de uma conta de armazenamento, forçando o usuário a remover primeiro o bloqueio de exclusão, antes da exclusão",
+            "guid": "5398e6de-d227-4dd1-92b0-6c21d7999a64",
+            "id": "A08.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Disponibilidade de dados",
+            "text": "Habilitar bloqueios de recursos em contas de armazenamento",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Considere as políticas de 'retenção legal' ou 'retenção baseada em tempo' para blobs, de modo que seja impossível excluir o blob, o contêiner ou a conta de armazenamento. Observe que 'impossível' na verdade significa 'impossível'; depois que uma conta de armazenamento contém um blob imutável, a única maneira de \"se livrar\" dessa conta de armazenamento é cancelando a assinatura do Azure.",
+            "guid": "6f4389a8-f42c-478e-98c0-6a73a22a4956",
+            "id": "A09.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/immutable-storage-overview",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Disponibilidade de dados, conformidade",
+            "text": "Considere blobs imutáveis",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Considere desabilitar o acesso HTTP/80 desprotegido à conta de armazenamento, para que todas as transferências de dados sejam criptografadas, protegidas por integridade e o servidor seja autenticado. ",
+            "guid": "e7a8dc4a-20e2-47c3-b297-11b1352beee0",
+            "id": "A10.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Rede",
+            "text": "Exigir HTTPS, ou seja, desabilitar a porta 80 na conta de armazenamento",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Ao configurar um domínio personalizado (nome do host) em uma conta de armazenamento, verifique se você precisa de TLS/HTTPS; nesse caso, talvez seja necessário colocar a CDN do Azure na frente de sua conta de armazenamento.",
+            "guid": "79b588de-fc49-472c-b3cd-21bf77036e5e",
+            "id": "A10.02",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/storage-custom-domain-name",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Rede",
+            "text": "Ao impor HTTPS (desabilitando o HTTP), verifique se você não usa domínios personalizados (CNAME) para a conta de armazenamento.",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Exigir HTTPS quando um cliente usa um token SAS para acessar dados de blob ajuda a minimizar o risco de perda de credenciais.",
+            "guid": "6b4bed3d-5035-447c-8347-dc56028a71ff",
+            "id": "A10.03",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Rede",
+            "text": "Limitar tokens de assinatura de acesso compartilhado (SAS) apenas a conexões HTTPS",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": ". A imposição da versão mais recente do TLS rejeitará a solicitação de clientes que usam a versão mais antiga. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant",
+            "guid": "e12be569-a18f-4562-8d5d-ce151b9e7d55",
+            "id": "A10.4",
+            "link": "https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Rede",
+            "text": "Impor a versão mais recente do TLS para uma conta de armazenamento",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Os tokens de ID do Microsoft Entra devem ser favorecidos em relação às assinaturas de acesso compartilhado, sempre que possível",
+            "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
+            "id": "A11.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gerenciamento de identidade e acesso",
+            "text": "Usar tokens de ID do Microsoft Entra para acesso a blobs",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Ao atribuir uma função a um usuário, grupo ou aplicativo, conceda a essa entidade de segurança apenas as permissões necessárias para que ela execute suas tarefas. Limitar o acesso aos recursos ajuda a evitar o uso indevido não intencional e mal-intencionado de seus dados.",
+            "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
+            "id": "A11.02",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Gerenciamento de identidade e acesso",
+            "text": "Privilégios mínimos em permissões de IaM",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Uma SAS de delegação de usuário é protegida com credenciais do Azure Active Directory (Azure AD) e também pelas permissões especificadas para a SAS. Uma SAS de delegação de usuário é análoga a uma SAS de serviço em termos de escopo e função, mas oferece benefícios de segurança em relação à SAS de serviço. ",
+            "guid": "55461e1a-3e34-453a-9c86-39648b652d6c",
+            "id": "A11.03",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#best-practices-when-using-sas",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gerenciamento de identidade e acesso",
+            "text": "Ao usar SAS, prefira 'SAS de delegação de usuário' em vez de SAS baseada em chave de conta de armazenamento.",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "As chaves da conta de armazenamento (\"chaves compartilhadas\") têm muito poucos recursos de auditoria. Embora possa ser monitorado em quem/quando buscou uma cópia das chaves, uma vez que as chaves estão nas mãos de várias pessoas, é impossível atribuir o uso a um usuário específico. Confiar apenas na autenticação do Entra ID facilita o acesso ao armazenamento a um usuário. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant",
+            "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
+            "id": "A11.04",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gerenciamento de identidade e acesso",
+            "text": "Considere desabilitar as chaves da conta de armazenamento, para que haja suporte apenas para o acesso à ID do Microsoft Entra (e à SAS de delegação de usuário).",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Use os dados do Log de Atividades para identificar \"quando\", \"quem\", \"o quê\" e \"como\" a segurança da sua conta de armazenamento está sendo exibida ou alterada (ou seja, chaves da conta de armazenamento, políticas de acesso etc.).",
+            "guid": "d7999a64-6f43-489a-af42-c78e78c06a73",
+            "id": "A12.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Monitorização",
+            "text": "Considere usar o Azure Monitor para auditar as operações do painel de controle na conta de armazenamento",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Uma política de expiração de chave permite que você defina um lembrete para a rotação das chaves de acesso da conta. O lembrete é exibido se o intervalo especificado tiver decorrido e as teclas ainda não tiverem sido giradas.",
+            "guid": "a22a4956-e7a8-4dc4-a20e-27c3e29711b1",
+            "id": "A13.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#create-a-key-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Gerenciamento de identidade e acesso",
+            "text": "Ao usar chaves de conta de armazenamento, considere habilitar uma 'política de expiração de chave'",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Uma política de expiração de SAS especifica um intervalo recomendado durante o qual a SAS é válida. As políticas de expiração de SAS se aplicam a uma SAS de serviço ou a uma SAS de conta. Quando um usuário gera SAS de serviço ou uma SAS de conta com um intervalo de validade maior que o intervalo recomendado, ele verá um aviso.",
+            "guid": "352beee0-79b5-488d-bfc4-972cd3cd21bf",
+            "id": "A13.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/sas-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Gerenciamento de identidade e acesso",
+            "text": "Considere configurar uma política de expiração de SAS",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "As políticas de acesso armazenadas oferecem a opção de revogar permissões para uma SAS de serviço sem precisar regenerar as chaves da conta de armazenamento. ",
+            "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
+            "id": "A13.03",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/define-stored-access-policy",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Gerenciamento de identidade e acesso",
+            "text": "Considere vincular SAS a uma política de acesso armazenada",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
+            "id": "A14.01",
+            "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "CI/CD",
+            "text": "Considere configurar o repositório de código-fonte do aplicativo para detectar cadeias de conexão e chaves de conta de armazenamento com check-in.",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Idealmente, seu aplicativo deve usar uma identidade gerenciada para autenticar no Armazenamento do Azure. Se isso não for possível, considere ter a credencial de armazenamento (cadeia de conexão, chave da conta de armazenamento, SAS, credencial da entidade de serviço) no Azure KeyVault ou em um serviço equivalente.",
+            "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
+            "id": "A15.01",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-storage-keys",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gerenciamento de identidade e acesso",
+            "text": "Considere armazenar cadeias de conexão no Azure KeyVault (em cenários em que as identidades gerenciadas não são possíveis)",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Use tempos de expiração de curto prazo em uma SAS de serviço SAS ad hoc ou SAS de conta. Dessa forma, mesmo que uma SAS seja comprometida, ela é válida apenas por um curto período de tempo. Essa prática é especialmente importante se você não puder fazer referência a uma política de acesso armazenada. Os tempos de expiração de curto prazo também limitam a quantidade de dados que podem ser gravados em um blob, limitando o tempo disponível para carregar nele.",
+            "guid": "27138b82-1102-4cac-9eae-01e6e842e52f",
+            "id": "A15.02",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gerenciamento de identidade e acesso",
+            "text": "Esforce-se por períodos de validade curtos para SAS ad-hoc",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Ao criar uma SAS, seja o mais específico e restritivo possível. Prefira uma SAS para um único recurso e operação em vez de uma SAS que oferece acesso muito mais amplo.",
+            "guid": "4721d928-c1b1-4cd5-81e5-4a29a9de399c",
+            "id": "A15.03",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Gerenciamento de identidade e acesso",
+            "text": "Aplicar um escopo restrito a uma SAS",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Uma SAS pode incluir parâmetros nos quais os endereços IP do cliente ou intervalos de endereços estão autorizados a solicitar um recurso usando a SAS. ",
+            "guid": "fd7b28dc-9355-4562-82bf-e4564b0d834a",
+            "id": "A15.04",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/create-account-sas",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Gerenciamento de identidade e acesso",
+            "text": "Considere definir o escopo da SAS para um endereço IP de cliente específico, sempre que possível",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Uma SAS não pode restringir a quantidade de dados que um cliente carrega; Dado o modelo de preços da quantidade de armazenamento ao longo do tempo, pode fazer sentido validar se os clientes carregaram conteúdos maliciosamente grandes.",
+            "guid": "348b263e-6dd6-4051-8a36-498f6dbad38e",
+            "id": "A15.05",
+            "service": "Azure Storage",
+            "severity": "Baixo",
+            "subcategory": "Gerenciamento de identidade e acesso",
+            "text": "Considere verificar os dados carregados depois que os clientes usaram uma SAS para carregar um arquivo. ",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Ao acessar o armazenamento de blobs por meio do SFTP usando uma \"conta de usuário local\", os controles RBAC \"usuais\" não se aplicam. O acesso a blobs via NFS ou REST pode ser mais restritivo do que o acesso SFTP. Infelizmente, a partir do início de 2023, os usuários locais são a única forma de gerenciamento de identidade com suporte atual para o endpoint SFTP",
+            "guid": "ad53cc7c-e1d7-4aaa-a357-1449ab8053d8",
+            "id": "A15.06",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gerenciamento de identidade e acesso",
+            "text": "SFTP: limite a quantidade de \"usuários locais\" para acesso SFTP e audite se o acesso é necessário ao longo do tempo.",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "guid": "9f89dc7b-33be-42a1-a27f-7b9e91be1f38",
+            "id": "A15.07",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-known-issues#authentication-and-authorization",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Gerenciamento de identidade e acesso",
+            "text": "SFTP: o endpoint SFTP não oferece suporte a ACLs semelhantes a POSIX.",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "O armazenamento oferece suporte ao CORS (Cross-Origin Resource Sharing), ou seja, um recurso HTTP que permite que aplicativos Web de um domínio diferente afrouxem a política de mesma origem. Ao habilitar o CORS, mantenha as CorsRules com o menor privilégio.",
+            "guid": "cef39812-bd46-43cb-aac8-ac199ebb91a3",
+            "id": "A16.01",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Rede",
+            "text": "Evite políticas de CORS excessivamente amplas",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Os dados em repouso são sempre criptografados no lado do servidor e, além disso, também podem ser criptografados no lado do cliente. A criptografia do lado do servidor pode ocorrer usando uma chave gerenciada pela plataforma (padrão) ou uma chave gerenciada pelo cliente. A criptografia do lado do cliente pode acontecer fazendo com que o cliente forneça uma chave de criptografia/descriptografia por blob para o armazenamento do Azure ou manipulando completamente a criptografia no lado do cliente. portanto, não dependendo do Armazenamento do Azure para garantias de confidencialidade.",
+            "guid": "3d90cae2-cc88-4137-86f7-c0cbafe61464",
+            "id": "A17.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Confidencialidade e Criptografia",
+            "text": "Determine como os dados em repouso devem ser criptografados. Entenda o modelo de thread para dados.",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "guid": "8dd457e9-2713-48b8-8110-2cac6eae01e6",
+            "id": "A17.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/customer-managed-keys-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&bc=%2Fazure%2Fstorage%2Fblobs%2Fbreadcrumb%2Ftoc.json",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Confidencialidade e Criptografia",
+            "text": "Determine qual/se a criptografia de plataforma deve ser usada.",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "guid": "e842e52f-4721-4d92-ac1b-1cd521e54a29",
+            "id": "A17.03",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/encryption-customer-provided-keys",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Confidencialidade e Criptografia",
+            "text": "Determine qual/se a criptografia do lado do cliente deve ser usada.",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Segurança",
+            "description": "Aproveite o Resource Graph Explorer (resources | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true) para localizar contas de armazenamento que permitem acesso anônimo a blobs.",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant",
+            "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
+            "id": "A18.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Gerenciamento de identidade e acesso",
+            "text": "Considere se o acesso anônimo de blob público é necessário ou se ele pode ser desabilitado para determinadas contas de armazenamento. ",
+            "waf": "Segurança"
+        },
+        {
+            "category": "Gestão de Operações",
+            "guid": "cb8eb8c0-aa62-4a25-a495-6eaa8dc4a243",
+            "id": "B01.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-upgrade?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Versão da plataforma",
+            "text": "Aproveite um tipo de conta storagev2 para melhor desempenho e confiabilidade",
+            "waf": "Fiabilidade"
+        },
+        {
+            "category": "BC e DR",
+            "guid": "e05bbe20-9d49-4fda-9777-8424d116785c",
+            "id": "C01.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "subcategory": "Disponibilidade",
+            "text": "Aproveite o armazenamento GRS, ZRS ou GZRS para obter a mais alta disponibilidade",
+            "waf": "Fiabilidade"
+        },
+        {
+            "category": "BC e DR",
+            "guid": "2fa56c56-ad48-4408-be72-734c486ba280",
+            "id": "C01.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Failover",
+            "text": "Para operação de gravação após o failover, use o failover gerenciado pelo cliente ",
+            "waf": "Fiabilidade"
+        },
+        {
+            "category": "Gestão de Operações",
+            "guid": "dc0590cf-65de-48e1-909c-cbd579266bcc",
+            "id": "C01.03",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance#microsoft-managed-failover",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Failover",
+            "text": "Entender os detalhes do failover gerenciado pela Microsoft",
+            "waf": "Fiabilidade"
+        },
+        {
+            "category": "Gestão de Operações",
+            "guid": "a274faa1-abfe-49d5-9d04-c3c4919cb1b3",
+            "id": "C01.04",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "subcategory": "Proteção de dados",
+            "text": "Habilitar exclusão reversível",
+            "waf": "Fiabilidade"
+        }
+    ],
+    "metadata": {
+        "name": "Azure Storage Review Checklist",
+        "state": "Preview",
+        "timestamp": "August 12, 2024",
+        "waf": "all"
+    },
+    "severities": [
+        {
+            "name": "Alto"
+        },
+        {
+            "name": "Média"
+        },
+        {
+            "name": "Baixo"
+        }
+    ],
+    "status": [
+        {
+            "description": "Esta verificação ainda não foi analisada",
+            "name": "Não verificado"
+        },
+        {
+            "description": "Há um item de ação associado a essa verificação",
+            "name": "Abrir"
+        },
+        {
+            "description": "Essa verificação foi verificada e não há mais itens de ação associados a ela",
+            "name": "Cumprido"
+        },
+        {
+            "description": "Recomendação compreendida, mas não necessária pelos requisitos atuais",
+            "name": "Não é necessário"
+        },
+        {
+            "description": "Não aplicável para o projeto atual",
+            "name": "N/A"
+        }
+    ],
+    "waf": [
+        {
+            "name": "Fiabilidade"
+        },
+        {
+            "name": "Segurança"
+        },
+        {
+            "name": "Custar"
+        },
+        {
+            "name": "Operações"
+        },
+        {
+            "name": "Desempenho"
+        }
+    ],
+    "yesno": [
+        {
+            "name": "Sim"
+        },
+        {
+            "name": "Não"
+        }
+    ]
+}
\ No newline at end of file
diff --git a/checklists/azure_storage_checklist.zh-Hant.json b/checklists/azure_storage_checklist.zh-Hant.json
new file mode 100644
index 000000000..dbf496cf5
--- /dev/null
+++ b/checklists/azure_storage_checklist.zh-Hant.json
@@ -0,0 +1,566 @@
+{
+    "categories": [
+        {
+            "name": "身份和訪問管理"
+        },
+        {
+            "name": "網路拓撲和連接"
+        },
+        {
+            "name": "BC 和DR"
+        },
+        {
+            "name": "治理與安全"
+        },
+        {
+            "name": "成本治理"
+        },
+        {
+            "name": "運營管理"
+        },
+        {
+            "name": "應用程式部署"
+        },
+        {
+            "name": "安全"
+        }
+    ],
+    "items": [
+        {
+            "category": "安全",
+            "description": "應用與存儲相關的 Microsoft 雲安全基準中的指導",
+            "guid": "d237de14-3b16-4c21-b7aa-9b64604489a8",
+            "id": "A01.01",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/storage-security-baseline",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "概述",
+            "text": "請考慮「存儲的 Azure 安全基線”",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "默認情況下，Azure 儲存具有公共IP位址，並且可通過Internet訪問。專用終結點允許僅向需要訪問的 Azure 計算資源安全地公開 Azure 存儲，從而消除對公共 Internet 的暴露",
+            "guid": "f42d78e7-9d17-4a73-a22a-5a67e7a8ed4b",
+            "id": "A02.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-private-endpoints",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "聯網",
+            "text": "考慮將專用終結點用於 Azure 存儲",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "新創建的存儲帳戶是使用ARM部署模型創建的，因此 RBAC、審核等都已啟用。確保訂閱中沒有具有經典部署模型的舊存儲帳戶",
+            "guid": "30e37c3e-2971-41b2-963c-eee079b598de",
+            "id": "A03.01",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "統轄",
+            "text": "確保較舊的存儲帳戶未使用“經典部署模型”",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "利用 Microsoft Defender 瞭解可疑活動和錯誤配置。",
+            "guid": "fc5972cd-4cd2-41b0-a803-7f5e6b4bfd3d",
+            "id": "A03.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/azure-defender-storage-configure",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "統轄",
+            "text": "為所有存儲帳戶啟用 Microsoft Defender",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "軟刪除機制允許恢復意外刪除的 blob。",
+            "guid": "503547c1-447e-4c66-828a-7100f1ce16dd",
+            "id": "A04.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-overview",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "數據可用性",
+            "text": "為 blob 啟用“軟刪除”",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "考慮有選擇地禁用某些 blob 容器的「軟刪除」 例如，如果應用程式必須確保立即刪除已刪除的資訊，例如出於機密性、隱私或合規性原因。",
+            "guid": "3f1d5e87-2e52-4e36-81cc-58b4a4b1510e",
+            "id": "A05.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "保密性",
+            "text": "禁用 blob 的“軟刪除”",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "容器的軟刪除使您能夠在刪除容器后恢復容器，例如從意外刪除操作中恢復。",
+            "guid": "43a58a9c-2289-4c3d-9b57-d0c655462f2a",
+            "id": "A06.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-overview",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "數據可用性",
+            "text": "為容器啟用“軟刪除”",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "考慮有選擇地禁用某些 blob 容器的「軟刪除」 例如，如果應用程式必須確保立即刪除已刪除的資訊，例如出於機密性、隱私或合規性原因。",
+            "guid": "3e3453a3-c863-4964-ab65-2d6c15f51296",
+            "id": "A07.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "保密性",
+            "text": "禁用容器的“軟刪除”",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "通過強制使用者先刪除刪除鎖，然後再刪除存儲帳戶，防止意外刪除存儲帳戶",
+            "guid": "5398e6de-d227-4dd1-92b0-6c21d7999a64",
+            "id": "A08.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "數據可用性",
+            "text": "在存儲帳戶上啟用資源鎖定",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "請考慮對 blob 使用“合法保留”或“基于時間的保留”策略，以便無法刪除 blob、容器或存儲帳戶。請注意，「不可能」實際上意味著「不可能」;一旦存儲帳戶包含不可變的 blob，「擺脫」該存儲帳戶的唯一方法是取消 Azure 訂閱。",
+            "guid": "6f4389a8-f42c-478e-98c0-6a73a22a4956",
+            "id": "A09.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/immutable-storage-overview",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "數據可用性、合規性",
+            "text": "考慮不可變的 blob",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "請考慮禁用對存儲帳戶的未受保護的 HTTP/80 訪問，以便對所有數據傳輸進行加密、完整性保護，並且對伺服器進行身份驗證。",
+            "guid": "e7a8dc4a-20e2-47c3-b297-11b1352beee0",
+            "id": "A10.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "聯網",
+            "text": "需要 HTTPS，即在儲存帳戶上禁用埠 80",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "在儲存帳戶上配置自定義域（主機名）時，請檢查是否需要 TLS/HTTPS;如果是這樣，可能需要將 Azure CDN 放在存儲帳戶的前面。",
+            "guid": "79b588de-fc49-472c-b3cd-21bf77036e5e",
+            "id": "A10.02",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/storage-custom-domain-name",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "聯網",
+            "text": "強制執行 HTTPS（禁用 HTTP）時，請檢查是否不要對儲存帳戶使用自定義域 （CNAME）。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "當用戶端使用SAS令牌訪問 blob 資料時，要求使用 HTTPS 有助於最大程度地降低憑據丟失的風險。",
+            "guid": "6b4bed3d-5035-447c-8347-dc56028a71ff",
+            "id": "A10.03",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "聯網",
+            "text": "將共享訪問簽名 （SAS） 令牌限製為僅 HTTPS 連接",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": ".強制執行最新的 TLS 版本將拒絕來自使用舊版本的用戶端的請求。",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant",
+            "guid": "e12be569-a18f-4562-8d5d-ce151b9e7d55",
+            "id": "A10.4",
+            "link": "https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "聯網",
+            "text": "強制實施存儲帳戶的最新 TLS 版本",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "在可能的情況下，應優先使用 Microsoft Entra ID 令牌，而不是共用訪問簽名",
+            "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
+            "id": "A11.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "身份和訪問管理",
+            "text": "使用 Microsoft Entra ID 令牌進行 blob 訪問",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "為使用者、組或應用程式分配角色時，請僅授予該安全主體執行任務所需的許可權。限制對資源的訪問有助於防止無意和惡意濫用數據。",
+            "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
+            "id": "A11.02",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "身份和訪問管理",
+            "text": "IaM 許可權中的最小特權",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "使用者委派 SAS 使用 Azure Active Directory （Azure AD） 憑據以及為 SAS 指定的許可權進行保護。使用者委派 SAS 在範圍和功能方面類似於服務 SAS，但與服務 SAS 相比，它提供了安全優勢。",
+            "guid": "55461e1a-3e34-453a-9c86-39648b652d6c",
+            "id": "A11.03",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#best-practices-when-using-sas",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "身份和訪問管理",
+            "text": "使用 SAS 時，首選「使用者委派 SAS」，而不是基於存儲帳戶密鑰的 SAS。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "存儲帳戶金鑰（“共用金鑰”）幾乎沒有審核功能。雖然可以監控誰/何時獲取了密鑰的副本，但一旦密鑰掌握在多人手中，就不可能將使用方式歸因於特定使用者。僅依賴 Entra ID 身份驗證可以更輕鬆地將存儲訪問許可權與用戶綁定。",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant",
+            "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
+            "id": "A11.04",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "身份和訪問管理",
+            "text": "請考慮禁用存儲帳戶密鑰，以便僅支援 Microsoft Entra ID 訪問（和使用者委派 SAS）。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "使用活動日誌數據來確定查看或更改存儲帳戶安全性的“時間”、“人員”、“內容”和“方式”（即存儲帳戶密鑰、訪問策略等）。",
+            "guid": "d7999a64-6f43-489a-af42-c78e78c06a73",
+            "id": "A12.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "監測",
+            "text": "請考慮使用 Azure Monitor 審核存儲帳戶上的控制平面操作",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "通過金鑰過期策略，您可以設置帳戶訪問金鑰輪換的提醒。如果已過指定的時間間隔且尚未旋轉鍵，則會顯示提醒。",
+            "guid": "a22a4956-e7a8-4dc4-a20e-27c3e29711b1",
+            "id": "A13.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#create-a-key-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "身份和訪問管理",
+            "text": "使用存儲帳戶密鑰時，請考慮啟用“金鑰過期策略”",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "SAS 過期策略指定了 SAS 的有效時間間隔。SAS 過期策略適用於服務 SAS 或帳戶 SAS。當使用者生成的服務 SAS 或帳戶 SAS 的有效期間隔大於建議的時間間隔時，他們將看到警告。",
+            "guid": "352beee0-79b5-488d-bfc4-972cd3cd21bf",
+            "id": "A13.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/sas-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "身份和訪問管理",
+            "text": "考慮配置 SAS 過期策略",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "通過存儲訪問策略，可以選擇撤銷服務 SAS 的許可權，而無需重新生成存儲帳戶密鑰。",
+            "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
+            "id": "A13.03",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/define-stored-access-policy",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "身份和訪問管理",
+            "text": "考慮將 SAS 連結到儲存存取策略",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
+            "id": "A14.01",
+            "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "CI/CD",
+            "text": "請考慮配置應用程式的原始程式碼儲存庫，以檢測簽入的連接字串和存儲帳戶密鑰。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "理想情況下，應用程式應使用託管標識向 Azure 儲存進行身份驗證。如果無法做到這一點，請考慮在 Azure KeyVault 或等效服務中擁有存儲憑據（連接字串、存儲帳戶密鑰、SAS、服務主體憑據）。",
+            "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
+            "id": "A15.01",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-storage-keys",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "身份和訪問管理",
+            "text": "請考慮在 Azure KeyVault 中儲存連接字串（在無法使用託管標識的情況下）",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "在臨時 SAS 服務 SAS 或帳戶 SAS 上使用近期過期時間。這樣，即使 SAS 遭到入侵，它也只會在短時間內有效。如果無法引用存儲訪問策略，則這種做法尤為重要。近期過期時間還通過限制可用於上傳到 blob 的時間來限制可以寫入 blob 的數據量。",
+            "guid": "27138b82-1102-4cac-9eae-01e6e842e52f",
+            "id": "A15.02",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "身份和訪問管理",
+            "text": "爭取縮短臨時 SAS 的有效期",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "創建 SAS 時，請盡可能具體且具有限制性。首選單一資源和操作的 SAS，而不是提供更廣泛訪問許可權的 SAS。",
+            "guid": "4721d928-c1b1-4cd5-81e5-4a29a9de399c",
+            "id": "A15.03",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "身份和訪問管理",
+            "text": "對SAS應用窄範圍",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "SAS 可以包含用戶端 IP 位址或位址範圍有權使用 SAS 請求資源的參數。",
+            "guid": "fd7b28dc-9355-4562-82bf-e4564b0d834a",
+            "id": "A15.04",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/create-account-sas",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "身份和訪問管理",
+            "text": "盡可能考慮將SAS的範圍限定為特定的用戶端IP位址",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "SAS無法限制用戶端上傳的數據量;考慮到存儲量隨時間變化的定價模型，驗證用戶端是否惡意上傳了大量內容可能很有意義。",
+            "guid": "348b263e-6dd6-4051-8a36-498f6dbad38e",
+            "id": "A15.05",
+            "service": "Azure Storage",
+            "severity": "低",
+            "subcategory": "身份和訪問管理",
+            "text": "在用戶端使用SAS上傳檔后，請考慮檢查上傳的數據。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "使用「本地使用者帳戶」通過 SFTP 訪問 blob 儲存時，“通常”的 RBAC 控制不適用。通過 NFS 或 REST 進行的 Blob 訪問可能比 SFTP 訪問更具限制性。遺憾的是，截至 2023 年初，本地使用者是 SFTP 端點目前支援的唯一身份管理形式",
+            "guid": "ad53cc7c-e1d7-4aaa-a357-1449ab8053d8",
+            "id": "A15.06",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "身份和訪問管理",
+            "text": "SFTP：限制 SFTP 訪問的「本地使用者」數量，並審核隨著時間的推移是否需要訪問。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "guid": "9f89dc7b-33be-42a1-a27f-7b9e91be1f38",
+            "id": "A15.07",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-known-issues#authentication-and-authorization",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "身份和訪問管理",
+            "text": "SFTP：SFTP 端點不支持類似 POSIX 的 ACL。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "存儲支援 CORS（跨源資源分享），即一種 HTTP 功能，使來自不同域的 Web 應用程式能夠放鬆同源策略。啟用 CORS 時，請將 CorsRules 保留為最低許可權。",
+            "guid": "cef39812-bd46-43cb-aac8-ac199ebb91a3",
+            "id": "A16.01",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "聯網",
+            "text": "避免過於寬泛的 CORS 策略",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "靜態數據始終在伺服器端加密，此外也可能在用戶端加密。伺服器端加密可能使用平臺管理的金鑰（預設）或客戶管理的金鑰進行。用戶端加密可以通過讓用戶端按 blob 向 Azure 儲存提供加密/解密金鑰，或者完全在用戶端處理加密來實現。因此，完全不依賴 Azure 存儲來保證機密性。",
+            "guid": "3d90cae2-cc88-4137-86f7-c0cbafe61464",
+            "id": "A17.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "保密性和加密",
+            "text": "確定應如何加密靜態數據。了解數據的線程模型。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "guid": "8dd457e9-2713-48b8-8110-2cac6eae01e6",
+            "id": "A17.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/customer-managed-keys-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&bc=%2Fazure%2Fstorage%2Fblobs%2Fbreadcrumb%2Ftoc.json",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "保密性和加密",
+            "text": "確定應使用哪種/是否應使用平臺加密。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "guid": "e842e52f-4721-4d92-ac1b-1cd521e54a29",
+            "id": "A17.03",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/encryption-customer-provided-keys",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "保密性和加密",
+            "text": "確定應使用哪種/是否應使用用戶端加密。",
+            "waf": "安全"
+        },
+        {
+            "category": "安全",
+            "description": "利用 Resource Graph 資源管理器 （resources | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true） 查找允許匿名 blob 訪問的存儲帳戶。",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant",
+            "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
+            "id": "A18.01",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "身份和訪問管理",
+            "text": "考慮是否需要公共 blob 匿名訪問，或者是否可以對某些存儲帳戶禁用公共 blob 匿名訪問。",
+            "waf": "安全"
+        },
+        {
+            "category": "運營管理",
+            "guid": "cb8eb8c0-aa62-4a25-a495-6eaa8dc4a243",
+            "id": "B01.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-upgrade?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "平臺版本",
+            "text": "利用 storagev2 帳戶類型獲得更好的性能和可靠性",
+            "waf": "可靠性"
+        },
+        {
+            "category": "BC 和DR",
+            "guid": "e05bbe20-9d49-4fda-9777-8424d116785c",
+            "id": "C01.01",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
+            "service": "Azure Storage",
+            "severity": "高",
+            "subcategory": "可用性",
+            "text": "利用 GRS、ZRS 或 GZRS 儲存實現最高可用性",
+            "waf": "可靠性"
+        },
+        {
+            "category": "BC 和DR",
+            "guid": "2fa56c56-ad48-4408-be72-734c486ba280",
+            "id": "C01.02",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "故障轉移",
+            "text": "對於故障轉移后的寫入操作，請使用客戶管理的故障轉移",
+            "waf": "可靠性"
+        },
+        {
+            "category": "運營管理",
+            "guid": "dc0590cf-65de-48e1-909c-cbd579266bcc",
+            "id": "C01.03",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance#microsoft-managed-failover",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "故障轉移",
+            "text": "瞭解 Microsoft 託管的故障轉移詳細資訊",
+            "waf": "可靠性"
+        },
+        {
+            "category": "運營管理",
+            "guid": "a274faa1-abfe-49d5-9d04-c3c4919cb1b3",
+            "id": "C01.04",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "subcategory": "數據保護",
+            "text": "啟用軟刪除",
+            "waf": "可靠性"
+        }
+    ],
+    "metadata": {
+        "name": "Azure Storage Review Checklist",
+        "state": "Preview",
+        "timestamp": "August 12, 2024",
+        "waf": "all"
+    },
+    "severities": [
+        {
+            "name": "高"
+        },
+        {
+            "name": "中等"
+        },
+        {
+            "name": "低"
+        }
+    ],
+    "status": [
+        {
+            "description": "此檢查尚未查看",
+            "name": "未驗證"
+        },
+        {
+            "description": "有一個與此檢查關聯的操作項",
+            "name": "打開"
+        },
+        {
+            "description": "此檢查已經過驗證，並且沒有與之關聯的其他操作項",
+            "name": "實現"
+        },
+        {
+            "description": "建議已理解，但當前要求不需要",
+            "name": "不需要"
+        },
+        {
+            "description": "不適用於當前設計",
+            "name": "N/A"
+        }
+    ],
+    "waf": [
+        {
+            "name": "可靠性"
+        },
+        {
+            "name": "安全"
+        },
+        {
+            "name": "成本"
+        },
+        {
+            "name": "操作"
+        },
+        {
+            "name": "性能"
+        }
+    ],
+    "yesno": [
+        {
+            "name": "是的"
+        },
+        {
+            "name": "不"
+        }
+    ]
+}
\ No newline at end of file
diff --git a/checklists/checklist.en.master.json b/checklists/checklist.en.master.json
index 9c9631f09..0afc6f098 100644
--- a/checklists/checklist.en.master.json
+++ b/checklists/checklist.en.master.json
@@ -1,5 +1,3539 @@
 {
     "items": [
+        {
+            "category": "Azure Billing and Microsoft Entra ID Tenants",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "70c15989-c726-42c7-b0d3-24b7375b9201",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/multi-tenant/considerations-recommendations",
+            "service": "Entra",
+            "services": [
+                "Entra"
+            ],
+            "severity": "Medium",
+            "subcategory": "Microsoft Entra ID Tenants",
+            "text": "Use one Entra tenant for managing your Azure resources, unless you have a clear regulatory or business requirement for multi-tenants.",
+            "training": "https://learn.microsoft.com/training/modules/deploy-resources-scopes-bicep/2-understand-deployment-scopes",
+            "waf": "Operations"
+        },
+        {
+            "category": "Azure Billing and Microsoft Entra ID Tenants",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6309957b-821a-43d1-b9d9-7fcf1802b747",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/multi-tenant/automation",
+            "service": "Entra",
+            "services": [
+                "Entra"
+            ],
+            "severity": "Low",
+            "subcategory": "Microsoft Entra ID Tenants",
+            "text": "Use Multi-Tenant Automation approach to managing your Microsoft Entra ID Tenants.",
+            "training": "https://learn.microsoft.com/entra/architecture/multi-tenant-user-management-introduction/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Azure Billing and Microsoft Entra ID Tenants",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "78e11934-499a-45ed-8ef7-aae5578f0ecf",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/multi-tenant/lighthouse",
+            "service": "Entra",
+            "services": [
+                "Entra"
+            ],
+            "severity": "High",
+            "subcategory": "Microsoft Entra ID Tenants",
+            "text": "Use Azure Lighthouse for Multi-Tenant Management with the same IDs.",
+            "training": "https://learn.microsoft.com/azure/lighthouse/concepts/cross-tenant-management-experience",
+            "waf": "Operations"
+        },
+        {
+            "category": "Azure Billing and Microsoft Entra ID Tenants",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5d82e6df-6f61-42f2-82e2-3132d293be3d",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
+            "service": "Entra",
+            "services": [
+                "Entra"
+            ],
+            "severity": "High",
+            "subcategory": "Cloud Solution Provider",
+            "text": "If you give a partner access to administer your tenant, use Azure Lighthouse.",
+            "training": "https://learn.microsoft.com/azure/lighthouse/how-to/onboard-customer",
+            "waf": "Cost"
+        },
+        {
+            "category": "Azure Billing and Microsoft Entra ID Tenants",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "a24d0de3-d4b9-4dfb-8ddd-bbfaf123fa01",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-cloud-solution-provider#design-recommendations",
+            "services": [
+                "Entra"
+            ],
+            "severity": "Low",
+            "subcategory": "Cloud Solution Provider",
+            "text": "If you have a CSP partner, define and document your support request and escalation process.",
+            "waf": "Cost"
+        },
+        {
+            "category": "Azure Billing and Microsoft Entra ID Tenants",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "32952499-58c8-4e6f-ada5-972e67893d55",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
+            "services": [
+                "Entra",
+                "Cost"
+            ],
+            "severity": "Medium",
+            "subcategory": "Cloud Solution Provider",
+            "text": "Setup Cost Reporting and Views with Azure Cost Management.",
+            "training": "https://learn.microsoft.com/training/modules/analyze-costs-create-budgets-azure-cost-management/",
+            "waf": "Cost"
+        },
+        {
+            "category": "Azure Billing and Microsoft Entra ID Tenants",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "685cb4f2-ac9c-4b19-9167-993ed0b32415",
+            "link": "https://learn.microsoft.com/azure/cost-management-billing/manage/direct-ea-administration#manage-notification-contacts",
+            "services": [
+                "Entra",
+                "LoadBalancer"
+            ],
+            "severity": "Medium",
+            "subcategory": "Enterprise Agreement",
+            "text": "Configure Notification Contacts to a group mailbox.",
+            "waf": "Cost"
+        },
+        {
+            "category": "Azure Billing and Microsoft Entra ID Tenants",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "12cd499f-96e2-4e41-a243-231fb3245a1c",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
+            "services": [
+                "Entra",
+                "TrafficManager"
+            ],
+            "severity": "Low",
+            "subcategory": "Enterprise Agreement",
+            "text": "Use departments and accounts to map your organization's structure to your enrollment hierarchy which can help with separating billing.",
+            "training": "https://learn.microsoft.com/azure/cost-management-billing/manage/understand-ea-roles",
+            "waf": "Cost"
+        },
+        {
+            "category": "Azure Billing and Microsoft Entra ID Tenants",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "ca0fe401-12ad-46fc-8a7e-86293866a9f6",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-recommendations",
+            "services": [
+                "Entra",
+                "Cost"
+            ],
+            "severity": "Medium",
+            "subcategory": "Enterprise Agreement",
+            "text": "Enable both DA View Charges and AO View Charges on your EA Enrollments to allow users with the correct perms review Cost and Billing Data.",
+            "training": "https://learn.microsoft.com/azure/cost-management-billing/costs/assign-access-acm-data#enable-access-to-costs-in-the-azure-portal",
+            "waf": "Security"
+        },
+        {
+            "category": "Azure Billing and Microsoft Entra ID Tenants",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5cf9f485-2784-49b3-9824-75d9b8bdb57b",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
+            "services": [
+                "Entra",
+                "Cost",
+                "Subscriptions"
+            ],
+            "severity": "Low",
+            "subcategory": "Enterprise Agreement",
+            "text": "Use of Enterprise Dev/Test Subscriptions to reduce costs for non-production workloads.",
+            "training": "https://learn.microsoft.com/azure/devtest/offer/how-to-manage-monitor-devtest",
+            "waf": "Cost"
+        },
+        {
+            "category": "Azure Billing and Microsoft Entra ID Tenants",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6ad5c3dd-e5ea-4ff1-81a4-7886ff87845c",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
+            "services": [
+                "Entra"
+            ],
+            "severity": "Low",
+            "subcategory": "Microsoft Customer Agreement",
+            "text": "Configure Agreement billing account notification contact email.",
+            "training": "https://learn.microsoft.com/azure/cost-management-billing/manage/mca-setup-account",
+            "waf": "Cost"
+        },
+        {
+            "category": "Azure Billing and Microsoft Entra ID Tenants",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "90e87802-602f-4dfb-acea-67c60689f1d7",
+            "link": "https://learn.microsoft.com/azure/cost-management-billing/manage/mca-section-invoice",
+            "services": [
+                "Entra",
+                "Storage",
+                "Cost"
+            ],
+            "severity": "Low",
+            "subcategory": "Microsoft Customer Agreement",
+            "text": "Use Billing Profiles and Invoice sections to structure your agreements billing for effective cost management.",
+            "training": "https://learn.microsoft.com/azure/cost-management-billing/understand/mca-overview#billing-profiles",
+            "waf": "Cost"
+        },
+        {
+            "category": "Azure Billing and Microsoft Entra ID Tenants",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e81a73f0-84c4-4641-b406-14db3b4d1f50",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
+            "services": [
+                "Entra",
+                "Cost"
+            ],
+            "severity": "Low",
+            "subcategory": "Microsoft Customer Agreement",
+            "text": "Make use of Microsoft Azure plan for dev/test offer to reduce costs for non-production workloads.",
+            "training": "https://learn.microsoft.com/azure/devtest/offer/overview-what-is-devtest-offer-visual-studio",
+            "waf": "Cost"
+        },
+        {
+            "category": "Azure Billing and Microsoft Entra ID Tenants",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "ae757485-92a4-482a-8bc9-eefe6f5b5ec3",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
+            "services": [
+                "Entra",
+                "RBAC"
+            ],
+            "severity": "Medium",
+            "subcategory": "Microsoft Customer Agreement",
+            "text": "Define and document a process to periodically audit the agreement billing RBAC role assignments to review who has access to your MCA billing account.",
+            "training": "https://learn.microsoft.com/azure/cost-management-billing/manage/understand-mca-roles",
+            "waf": "Cost"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "348ef254-c27d-442e-abba-c7571559ab91",
+            "link": "https://learn.microsoft.com/azure/role-based-access-control/overview",
+            "service": "Entra",
+            "services": [
+                "Entra",
+                "RBAC",
+                "ACR",
+                "Subscriptions"
+            ],
+            "severity": "High",
+            "subcategory": "Identity",
+            "text": "Enforce a RBAC model that aligns to your cloud operating model. Scope and Assign across Management Groups and Subscriptions.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
+            "waf": "Security"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "4348bf81-7573-4512-8f46-9061cc198fea",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/identity-access-landing-zones#identity-and-access-management-in-the-azure-landing-zone-accelerator",
+            "services": [
+                "Entra"
+            ],
+            "severity": "High",
+            "subcategory": "Microsoft Entra ID and Hybrid Identity",
+            "text": "Use managed identities instead of service principals for authentication to Azure services. You can check for existing service principals via Entra ID > Sign in Logs > Service principal logins.",
+            "training": "https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/overview",
+            "waf": "Security"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "12e7f983-f630-4472-8dd6-9c5b5c2622f5",
+            "link": "https://learn.microsoft.com/azure/active-directory/roles/security-planning#identify-microsoft-accounts-in-administrative-roles-that-need-to-be-switched-to-work-or-school-accounts",
+            "service": "Entra",
+            "services": [
+                "Entra"
+            ],
+            "severity": "High",
+            "subcategory": "Identity",
+            "text": "Only use the authentication type Work or school account for all account types. Avoid using the Microsoft account",
+            "training": "https://learn.microsoft.com/learn/modules/explore-basic-services-identity-types/",
+            "waf": "Security"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "4b69bad3-3aad-45e8-a68e-1d76667313b4",
+            "link": "https://learn.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal",
+            "service": "Entra",
+            "services": [
+                "Entra"
+            ],
+            "severity": "Medium",
+            "subcategory": "Identity",
+            "text": "Only use groups to assign permissions. Add on-premises groups to the Entra ID only group if a group management system is already in place.",
+            "training": "https://learn.microsoft.com/learn/paths/manage-identity-and-access/",
+            "waf": "Security"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "53e8908a-e28c-484c-93b6-b7808b9fe5c4",
+            "link": "https://learn.microsoft.com/azure/active-directory/conditional-access/overview",
+            "service": "Entra",
+            "services": [
+                "Entra",
+                "AzurePolicy"
+            ],
+            "severity": "High",
+            "subcategory": "Identity",
+            "text": "Enforce Microsoft Entra ID Conditional Access policies for any user with rights to Azure environments.",
+            "training": "https://learn.microsoft.com/learn/modules/plan-implement-administer-conditional-access/",
+            "waf": "Security"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1049d403-a923-4c34-94d0-0018ac6a9e01",
+            "link": "https://learn.microsoft.com/azure/active-directory/authentication/concept-mfa-howitworks",
+            "service": "Entra",
+            "services": [
+                "Entra"
+            ],
+            "severity": "High",
+            "subcategory": "Identity",
+            "text": "Enforce multi-factor authentication for any user with rights to the Azure environments.",
+            "training": "https://learn.microsoft.com/learn/modules/secure-aad-users-with-mfa/",
+            "waf": "Security"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e6a83de5-de32-4c19-a248-1607d5d1e4e6",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/manage/centralize-operations",
+            "services": [
+                "Entra",
+                "RBAC"
+            ],
+            "severity": "High",
+            "subcategory": "Identity",
+            "text": "Enforce centralized and delegated responsibilities to manage resources deployed inside the landing zone, based on role and security requirements.",
+            "training": "https://learn.microsoft.com/learn/paths/azure-administrator-manage-identities-governance/",
+            "waf": "Security"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "14658d35-58fd-4772-99b8-21112df27ee4",
+            "link": "https://learn.microsoft.com/azure/active-directory/privileged-identity-management/pim-configure",
+            "service": "Entra",
+            "services": [
+                "Entra"
+            ],
+            "severity": "Medium",
+            "subcategory": "Identity",
+            "text": "Enforce Microsoft Entra ID Privileged Identity Management (PIM) to establish zero standing access and least privilege.",
+            "training": "https://learn.microsoft.com/learn/modules/azure-ad-privileged-identity-management/",
+            "waf": "Security"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1559ab91-53e8-4908-ae28-c84c33b6b780",
+            "link": "https://learn.microsoft.com/azure/architecture/reference-architectures/identity/adds-extend-domain#vm-recommendations",
+            "services": [
+                "VM",
+                "ACR",
+                "Entra"
+            ],
+            "severity": "High",
+            "subcategory": "Identity",
+            "text": "When deploying Active Directory Domain Controllers, use a location with Availability Zones and deploy at least two VMs across these zones. If not available, deploy in an Availability Set.",
+            "training": "https://learn.microsoft.com/learn/modules/azure-active-directory/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "f5664b5e-984a-4859-a773-e7d261623a76",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/identity-access#prerequisites-for-a-landing-zone---design-recommendations",
+            "services": [
+                "Entra",
+                "RBAC",
+                "ACR",
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Identity",
+            "text": "Use Azure custom RBAC roles for the following key roles to provide fine-grain access across your ALZ: Azure platform owner, network management, security operations, subscription owner, application owner. Align these roles to teams and responsibilities within your business.",
+            "training": "https://learn.microsoft.com/learn/modules/create-custom-azure-roles-with-rbac/",
+            "waf": "Security"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "8b9fe5c4-1049-4d40-9a92-3c3474d00018",
+            "link": "https://learn.microsoft.com/entra/identity/domain-services/overview",
+            "service": "Entra",
+            "services": [
+                "Entra"
+            ],
+            "severity": "Medium",
+            "subcategory": "Identity",
+            "text": "If planning to switch from Active Directory Domain Services to Entra domain services, evaluate the compatibility of all workloads.",
+            "training": "https://learn.microsoft.com/learn/modules/implement-hybrid-identity-windows-server/",
+            "waf": "Security"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1cf0b8da-70bd-44d0-94af-8d99cfc89ae1",
+            "link": "https://learn.microsoft.com/azure/active-directory/reports-monitoring/concept-activity-logs-azure-monitor",
+            "service": "Entra",
+            "services": [
+                "Entra",
+                "Monitor"
+            ],
+            "severity": "Medium",
+            "subcategory": "Identity",
+            "text": "Integrate Microsoft Entra ID logs with the platform-central Azure Monitor. Azure Monitor allows for a single source of truth around log and monitoring data in Azure, giving organizations a cloud native options to meet requirements around log collection and retention.",
+            "training": "https://learn.microsoft.com/entra/identity/monitoring-health/howto-integrate-activity-logs-with-azure-monitor-logs",
+            "waf": "Security"
+        },
+        {
+            "ammp": true,
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "984a859c-773e-47d2-9162-3a765a917e1f",
+            "link": "https://learn.microsoft.com/azure/active-directory/roles/security-emergency-access",
+            "service": "Entra",
+            "services": [
+                "Entra"
+            ],
+            "severity": "High",
+            "subcategory": "Identity",
+            "text": "Implement an emergency access or break-glass accounts to prevent tenant-wide account lockout.",
+            "training": "https://learn.microsoft.com/learn/modules/azure-ad-privileged-identity-management/",
+            "waf": "Security"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "cd163e39-84a5-4b39-97b7-6973abd70d94",
+            "link": "https://learn.microsoft.com/azure/active-directory/hybrid/how-to-connect-sync-staging-server",
+            "services": [
+                "Entra",
+                "ASR"
+            ],
+            "severity": "Medium",
+            "subcategory": "Microsoft Entra ID",
+            "text": "When deploying Microsoft Entra Connect, use a staging sever for high availability/disaster recovery.",
+            "training": "https://learn.microsoft.com/entra/identity/hybrid/connect/plan-connect-topologies",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "35037e68-9349-4c15-b371-228514f4cdff",
+            "link": "https://learn.microsoft.com/azure/active-directory/roles/best-practices",
+            "service": "Entra",
+            "services": [
+                "Entra",
+                "RBAC"
+            ],
+            "severity": "Medium",
+            "subcategory": "Identity",
+            "text": "Do not use on-premises synced accounts for Microsoft Entra ID role assignments, unless you have a scenario that specifically requires it.",
+            "training": "https://learn.microsoft.com/learn/modules/design-identity-security-strategy/",
+            "waf": "Security"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d5d1e4e6-1465-48d3-958f-d77249b82111",
+            "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy",
+            "service": "Entra",
+            "services": [
+                "Entra"
+            ],
+            "severity": "Medium",
+            "subcategory": "Identity",
+            "text": "When using Microsoft Entra ID Application Proxy to give remote users access to applications, manage it as a Platform resource as you can only have one instance per tenant.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-applications-external-access-azure-ad/",
+            "waf": "Security"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "9cf5418b-1520-4b7b-add7-88eb28f833e8",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/identity-access-landing-zones#identity-and-access-management-in-the-azure-landing-zone-accelerator",
+            "services": [
+                "Entra",
+                "VNet"
+            ],
+            "severity": "High",
+            "subcategory": "Landing zones",
+            "text": "Configure Identity network segmentation through the use of a virtual Network and peer back to the hub. Providing authentication inside application landing zone (legacy).",
+            "training": "https://learn.microsoft.com/azure/architecture/example-scenario/identity/adds-extend-domain",
+            "waf": "Security"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d4d1ad54-1abc-4919-b267-3f342d3b49e4",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/identity-access-landing-zones#rbac-recommendations",
+            "services": [
+                "Storage",
+                "Entra",
+                "AKV",
+                "RBAC",
+                "ACR"
+            ],
+            "severity": "Medium",
+            "subcategory": "Landing zones",
+            "text": "Use Azure RBAC to manage data plane access to resources, if possible. E.g. Data Operations across Key Vault, Storage Account and Database Services.",
+            "training": "https://learn.microsoft.com/azure/role-based-access-control/overview",
+            "waf": "Security"
+        },
+        {
+            "category": "Identity and Access Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d505ebcb-79b1-4274-9c0d-a27c8bea489c",
+            "link": "https://learn.microsoft.com/azure/active-directory/privileged-identity-management/pim-create-roles-and-resource-roles-review",
+            "services": [
+                "Entra"
+            ],
+            "severity": "Medium",
+            "subcategory": "Landing zones",
+            "text": "Use Microsoft Entra ID PIM access reviews to periodically validate resource entitlements.",
+            "training": "https://learn.microsoft.com/entra/id-governance/privileged-identity-management/pim-perform-roles-and-resource-roles-review",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "description": "Consider using the Azure naming tool available at https://aka.ms/azurenamingtool",
+            "guid": "cacf55bc-e4e4-46be-96bc-57a5f23a269a",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/resource-naming",
+            "services": [],
+            "severity": "High",
+            "subcategory": "Naming and tagging",
+            "text": "Use a well defined naming scheme for resources, such as Microsoft Best Practice Naming Standards.",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resourcecontainers| where type == 'microsoft.resources/subscriptions'| extend ManagementGroup = tostring(tags),mgmtChain = properties.managementGroupAncestorsChain| extend compliant =( array_length(mgmtChain) <= 4 and array_length(mgmtChain) > 1)",
+            "guid": "2df27ee4-12e7-4f98-9f63-04722dd69c5b",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups",
+            "services": [
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Subscriptions",
+            "text": "Enforce reasonably flat management group hierarchy with no more than four levels.",
+            "training": "https://learn.microsoft.com/learn/modules/azure-architecture-fundamentals/",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "667313b4-f566-44b5-b984-a859c773e7d2",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups#management-group-recommendations",
+            "services": [
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Subscriptions",
+            "text": "Enforce a sandbox management group to allow users to immediately experiment with Azure.",
+            "training": "https://learn.microsoft.com/learn/paths/enterprise-scale-architecture/",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "61623a76-5a91-47e1-b348-ef254c27d42e",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups#management-group-recommendations",
+            "services": [
+                "RBAC",
+                "AzurePolicy",
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Subscriptions",
+            "text": "Enforce a platform management group under the root management group to support common platform policy and Azure role assignment.",
+            "training": "https://learn.microsoft.com/learn/paths/enterprise-scale-architecture/",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "8bbac757-1559-4ab9-853e-8908ae28c84c",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups#management-group-recommendations",
+            "services": [
+                "DNS",
+                "ExpressRoute",
+                "Subscriptions",
+                "VWAN"
+            ],
+            "severity": "Medium",
+            "subcategory": "Subscriptions",
+            "text": "Enforce a dedicated connectivity subscription in the Connectivity management group to host an Azure Virtual WAN hub, private non-AD Domain Name System (DNS), ExpressRoute circuit, and other networking resources.",
+            "training": "https://learn.microsoft.com/learn/paths/enterprise-scale-architecture/",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resourcecontainers| where type == 'microsoft.resources/subscriptions'| extend ManagementGroup = tostring(tags),mgmtChain = properties.managementGroupAncestorsChain| extend compliant = (array_length(mgmtChain) > 1)",
+            "guid": "33b6b780-8b9f-4e5c-9104-9d403a923c34",
+            "link": "https://learn.microsoft.com/azure/governance/management-groups/how-to/protect-resource-hierarchy#setting---default-management-group",
+            "services": [
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Subscriptions",
+            "text": "Enforce no subscriptions are placed under the root management group.",
+            "training": "https://learn.microsoft.com/azure/governance/management-groups/overview",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "74d00018-ac6a-49e0-8e6a-83de5de32c19",
+            "link": "https://learn.microsoft.com/azure/governance/management-groups/how-to/protect-resource-hierarchy#setting---require-authorization",
+            "services": [
+                "RBAC",
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Subscriptions",
+            "text": "Enforce that only privileged users can operate management groups in the tenant by enabling Azure RBAC authorization in the management group hierarchy settings.",
+            "training": "https://learn.microsoft.com/training/modules/configure-role-based-access-control/",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "92481607-d5d1-4e4e-9146-58d3558fd772",
+            "link": "https://learn.microsoft.com/azure/governance/management-groups/overview",
+            "services": [
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Subscriptions",
+            "text": "Enforce management groups under the root-level management group to represent the types of workloads, based on their security, compliance, connectivity, and feature needs.",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "49b82111-2df2-47ee-912e-7f983f630472",
+            "link": "https://learn.microsoft.com/entra/id-governance/access-reviews-overview",
+            "services": [
+                "RBAC",
+                "Cost",
+                "AzurePolicy",
+                "Subscriptions"
+            ],
+            "severity": "High",
+            "subcategory": "Subscriptions",
+            "text": "Enforce a process to make resource owners aware of their roles and responsibilities, access review, budget review, policy compliance and remediate when necessary.",
+            "training": "https://learn.microsoft.com/training/modules/plan-implement-manage-access-review/",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "2dd69c5b-5c26-422f-94b6-9bad33aad5e8",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits",
+            "services": [
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Subscriptions",
+            "text": "Ensure that all subscription owners and IT core team are aware of subscription quotas and the impact they have on provision resources for a given subscription.",
+            "training": "https://learn.microsoft.com/training/modules/configure-subscriptions/",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "c68e1d76-6673-413b-9f56-64b5e984a859",
+            "link": "https://learn.microsoft.com/azure/cost-management-billing/reservations/save-compute-costs-reservations",
+            "services": [
+                "Cost",
+                "Subscriptions"
+            ],
+            "severity": "High",
+            "subcategory": "Subscriptions",
+            "text": "Use Reserved Instances where appropriate to optimize cost and ensure available capacity in target regions.",
+            "training": "https://learn.microsoft.com/learn/paths/improve-reliability-modern-operations/",
+            "waf": "Security"
+        },
+        {
+            "ammp": true,
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "c773e7d2-6162-43a7-95a9-17e1f348ef25",
+            "link": "https://learn.microsoft.com/azure/azure-portal/azure-portal-dashboards",
+            "services": [
+                "Monitor",
+                "Storage",
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Subscriptions",
+            "text": "Establish dashboards and/or visualizations to monitor compute and storage capacity metrics. (i.e. CPU, memory, disk space)",
+            "training": "https://learn.microsoft.com/training/modules/visualize-data-workbooks/",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "ae28c84c-33b6-4b78-88b9-fe5c41049d40",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/get-started/manage-costs",
+            "services": [
+                "Cost",
+                "Subscriptions"
+            ],
+            "severity": "High",
+            "subcategory": "Subscriptions",
+            "text": "As part of your cloud adoption, implement a detailed cost management plan using the 'Managed cloud costs' process.",
+            "training": "https://learn.microsoft.com/learn/paths/control-spending-manage-bills/",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "3a923c34-74d0-4001-aac6-a9e01e6a83de",
+            "link": "https://learn.microsoft.com/azure/governance/management-groups/overview",
+            "services": [
+                "Entra",
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Subscriptions",
+            "text": "If servers will be used for Identity services, like domain controllers, establish a dedicated identity subscription in the identity management group, to host these services. Make sure that resources are set to use the domain controllers available in their region.",
+            "training": "https://learn.microsoft.com/learn/paths/enterprise-scale-architecture/",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | extend compliant = isnotnull(['tags']) | project name, id, subscriptionId, resourceGroup, tags, compliant",
+            "guid": "5de32c19-9248-4160-9d5d-1e4e614658d3",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/track-costs",
+            "services": [
+                "Cost",
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Subscriptions",
+            "text": "Ensure tags are used for billing and cost management.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6cc0ea22-42bb-441e-a345-804ab0a09666",
+            "link": "https://github.com/Azure/sovereign-landing-zone/blob/main/docs/02-Architecture.md",
+            "services": [
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Subscriptions",
+            "text": "For Sovereign Landing Zone, have a 'confidential corp' and 'confidential online' management group directly under the 'landing zones' MG.",
+            "training": "https://learn.microsoft.com/industry/sovereignty/slz-overview",
+            "waf": "Security"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "250d81ce-8bbe-4f85-9051-6a18a8221e50",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-setup-guide/regions",
+            "services": [
+                "Cost"
+            ],
+            "severity": "High",
+            "subcategory": "Regions",
+            "text": "Select the right Azure region/s for your deployment. Azure is a global-scale cloud platform that provide global coverage through many regions and geographies. Different Azure regions have different characteristics, access and availability models, costs, capacity, and services offered, then it is important to consider all criteria and requirements.",
+            "training": "https://learn.microsoft.com/learn/modules/azure-architecture-fundamentals/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "19ca3f89-397d-44b1-b5b6-5e18661372ac",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-setup-guide/regions#operate-in-multiple-geographic-regions",
+            "services": [
+                "ASR"
+            ],
+            "severity": "Medium",
+            "subcategory": "Regions",
+            "text": "Deploy your Azure landing zone in a multi-region deployment. Depending on customer size, locations, and users presence, operating in multiple regions can be a common choice to deliver services and run applications closer to them. Using a multi-region deployment is also important to provide geo disaster recovery capabilities, to eliminate the dependency from a single region capacity and diminish the risk of a temporary and localized resource capacity constraint.",
+            "training": "https://learn.microsoft.com/learn/modules/azure-architecture-fundamentals/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Resource Organization",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "4c27d42e-8bba-4c75-9155-9ab9153e8908",
+            "link": "https://azure.microsoft.com/explore/global-infrastructure/products-by-region/",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "Regions",
+            "text": "Ensure required services and features are available within the chosen deployment regions.",
+            "training": "https://learn.microsoft.com/learn/modules/azure-architecture-fundamentals/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "373f482f-3e39-4d39-8aa4-7e566f6082b6",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-app-delivery",
+            "services": [
+                "AppGW",
+                "FrontDoor"
+            ],
+            "severity": "Medium",
+            "subcategory": "App delivery",
+            "text": "Document a standard for securing the delivery application content from your Workload spokes using Application Gateway and Azure Front Door.  You can use the Application Delivery checklist to for recommendations.",
+            "waf": "Operations"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e8bbac75-7155-49ab-a153-e8908ae28c84",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/enterprise-scale/network-topology-and-connectivity",
+            "service": "VNet",
+            "services": [
+                "VNet"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hub and spoke",
+            "text": "Use a hub-and-spoke network topology for network scenarios that require maximum flexibility.",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "7dd61623-a364-4a90-9eca-e48ebd54cd7d",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/traditional-azure-networking-topology",
+            "service": "VNet",
+            "services": [
+                "Entra",
+                "Firewall",
+                "NVA",
+                "VNet",
+                "ExpressRoute",
+                "DNS",
+                "VPN"
+            ],
+            "severity": "High",
+            "subcategory": "Hub and spoke",
+            "text": "Deploy shared networking services, including ExpressRoute gateways, VPN gateways, and Azure Firewall or partner NVAs in the central-hub virtual network. If necessary, also deploy DNS services.",
+            "training": "https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/",
+            "waf": "Cost"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "143b16c3-1d7a-4a9b-9470-4489a8042d88",
+            "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
+            "service": "VNet",
+            "services": [
+                "DDoS"
+            ],
+            "severity": "High",
+            "subcategory": "App delivery",
+            "text": "Use a DDoS Network or IP protection plan for all public IP addresses in application landing zones.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e2e8abac-3571-4559-ab91-53e89f89dc7b",
+            "link": "https://learn.microsoft.com/azure/architecture/reference-architectures/dmz/nva-ha",
+            "service": "NVA",
+            "services": [
+                "NVA"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hub and spoke",
+            "text": "When deploying partner networking technologies or NVAs, follow the partner vendor's guidance.",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "ce463dbb-bc8a-4c2a-aebc-92a43da1dae2",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-coexist-resource-manager#to-enable-transit-routing-between-expressroute-and-azure-vpn",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute",
+                "ARS",
+                "VPN"
+            ],
+            "severity": "Low",
+            "subcategory": "Hub and spoke",
+            "text": "If you need transit between ExpressRoute and VPN gateways in hub and spoke scenarios, use Azure Route Server.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-route-server/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant",
+            "guid": "91b9d7d5-91e1-4dcb-8f1f-fa7e465646cc",
+            "link": "https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1",
+            "service": "ARS",
+            "services": [
+                "VNet",
+                "ARS"
+            ],
+            "severity": "Low",
+            "subcategory": "Hub and spoke",
+            "text": "If using Route Server, use a /27 prefix for the Route Server subnet.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-route-server/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "cc881471-607c-41cc-a0e6-14658dd558f9",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-networks-faq#can-i-create-a-peering-connection-to-a-vnet-in-a-different-region",
+            "service": "VNet",
+            "services": [
+                "ACR",
+                "VNet"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hub and spoke",
+            "text": "For network architectures with multiple hub-and-spoke topologies across Azure regions, use global virtual network peerings between the hub VNets to connect the regions to each other.",
+            "training": "https://learn.microsoft.com/learn/paths/azure-administrator-manage-virtual-networks/",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "4722d929-c1b1-4cd6-81f5-4b29bade39ad",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/insights/network-insights-overview",
+            "service": "VNet",
+            "services": [
+                "Monitor"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hub and spoke",
+            "text": "Use Azure Monitor for Networks to monitor the end-to-end state of the networks on Azure.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-network-monitoring/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant",
+            "guid": "0e7c28ec-9366-4572-83b0-f4664b1d944a",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits",
+            "service": "VNet",
+            "services": [
+                "VNet",
+                "ExpressRoute"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hub and spoke",
+            "text": "If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000).",
+            "training": "https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant",
+            "guid": "3d457936-e9b7-41eb-bdff-314b26450b12",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits",
+            "service": "VNet",
+            "services": [
+                "Storage"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hub and spoke",
+            "text": "Limit the number of routes per route table to 400.",
+            "training": "https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)",
+            "guid": "c76cb5a2-abe2-11ed-afa1-0242ac120002",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering",
+            "service": "VNet",
+            "services": [
+                "VNet"
+            ],
+            "severity": "High",
+            "subcategory": "Hub and spoke",
+            "text": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings.",
+            "training": "https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "de0d5973-cd4c-4d21-a088-137f5e6c4cfd",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-macsec",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute"
+            ],
+            "severity": "Medium",
+            "subcategory": "Encryption",
+            "text": "When you're using ExpressRoute Direct, configure MACsec in order to encrypt traffic at the layer-two level between the organization's routers and MSEE. The diagram shows this encryption in flow.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "ed301d6e-872e-452e-9611-cc58b5a4b151",
+            "link": "https://learn.microsoft.com/azure/vpn-gateway/site-to-site-vpn-private-peering",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute",
+                "VPN"
+            ],
+            "severity": "Medium",
+            "subcategory": "Encryption",
+            "text": "For scenarios where MACsec isn't an option (for example, not using ExpressRoute Direct), use a VPN gateway to establish IPsec tunnels over ExpressRoute private peering.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "558fd772-49b8-4211-82df-27ee412e7f98",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
+            "service": "ExpressRoute",
+            "services": [
+                "VNet",
+                "ACR"
+            ],
+            "severity": "High",
+            "subcategory": "IP plan",
+            "text": "Ensure no overlapping IP address spaces across Azure regions and on-premises locations are used.",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr",
+            "guid": "3f630472-2dd6-49c5-a5c2-622f54b69bad",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
+            "service": "VNet",
+            "services": [
+                "VNet"
+            ],
+            "severity": "Medium",
+            "subcategory": "IP plan",
+            "text": "Use IP addresses from the address allocation ranges for private internets (RFC 1918).",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant",
+            "guid": "33aad5e8-c68e-41d7-9667-313b4f5664b5",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
+            "service": "VNet",
+            "services": [
+                "VNet"
+            ],
+            "severity": "High",
+            "subcategory": "IP plan",
+            "text": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16).",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "f348ef25-4c27-4d42-b8bb-ac7571559ab9",
+            "link": "https://learn.microsoft.com/azure/site-recovery/concepts-on-premises-to-azure-networking#retain-ip-addresses",
+            "service": "VNet",
+            "services": [
+                "ASR",
+                "VNet"
+            ],
+            "severity": "High",
+            "subcategory": "IP plan",
+            "text": "Do not use overlapping IP address ranges for production and disaster recovery sites.",
+            "training": "https://learn.microsoft.com/learn/paths/az-104-manage-virtual-networks/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "153e8908-ae28-4c84-a33b-6b7808b9fe5c",
+            "link": "https://learn.microsoft.com/azure/dns/private-dns-getstarted-portal",
+            "service": "DNS",
+            "services": [
+                "DNS",
+                "VNet"
+            ],
+            "severity": "Medium",
+            "subcategory": "IP plan",
+            "text": "For environments where name resolution in Azure is all that's required, use Azure Private DNS for resolution with a delegated zone for name resolution (such as 'azure.contoso.com').",
+            "training": "https://learn.microsoft.com/learn/paths/az-104-manage-virtual-networks/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "41049d40-3a92-43c3-974d-00018ac6a9e0",
+            "link": "https://learn.microsoft.com/azure/dns/dns-private-resolver-overview",
+            "service": "DNS",
+            "services": [
+                "VNet",
+                "DNS",
+                "ACR"
+            ],
+            "severity": "Medium",
+            "subcategory": "IP plan",
+            "text": "For environments where name resolution across Azure and on-premises is required and there is no existing enterprise DNS service like Active Directory, use Azure DNS Private Resolver to route DNS requests to Azure or to on-premises DNS servers.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-dns-private-resolver/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1e6a83de-5de3-42c1-a924-81607d5d1e4e",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances",
+            "service": "DNS",
+            "services": [
+                "DNS",
+                "VNet"
+            ],
+            "severity": "Low",
+            "subcategory": "IP plan",
+            "text": "Special workloads that require and deploy their own DNS (such as Red Hat OpenShift) should use their preferred DNS solution.",
+            "training": "https://learn.microsoft.com/training/courses/az-700t00",
+            "waf": "Operations"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "614658d3-558f-4d77-849b-821112df27ee",
+            "link": "https://learn.microsoft.com/azure/dns/private-dns-autoregistration",
+            "service": "DNS",
+            "services": [
+                "VM",
+                "DNS",
+                "VNet"
+            ],
+            "severity": "High",
+            "subcategory": "IP plan",
+            "text": "Enable auto-registration for Azure DNS to automatically manage the lifecycle of the DNS records for the virtual machines deployed within a virtual network.",
+            "training": "https://learn.microsoft.com/learn/paths/az-104-manage-virtual-networks/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "ee1ac551-c4d5-46cf-b035-d0a3c50d87ad",
+            "link": "https://learn.microsoft.com/azure/bastion/bastion-overview",
+            "service": "Bastion",
+            "services": [
+                "Bastion"
+            ],
+            "severity": "Medium",
+            "subcategory": "Internet",
+            "text": "Use Azure Bastion to securely connect to your network.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-bastion/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant",
+            "guid": "6eab9eb6-762b-485e-8ea8-15aa5dba0bd0",
+            "link": "https://learn.microsoft.com/azure/bastion/bastion-faq#subnet",
+            "service": "Bastion",
+            "services": [
+                "Bastion",
+                "VNet"
+            ],
+            "severity": "Medium",
+            "subcategory": "Internet",
+            "text": "Use Azure Bastion in a subnet /26 or larger.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-bastion/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1d7aa9b6-4704-4489-a804-2d88e79d17b7",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/afds-overview",
+            "service": "WAF",
+            "services": [
+                "ACR",
+                "FrontDoor",
+                "WAF",
+                "AzurePolicy"
+            ],
+            "severity": "Medium",
+            "subcategory": "Internet",
+            "text": "Use Azure Front Door and WAF policies to provide global protection across Azure regions for inbound HTTP/S connections to a landing zone.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "3b22a5a6-7e7a-48ed-9b30-e38c3f29812b",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
+            "service": "WAF",
+            "services": [
+                "AppGW",
+                "AzurePolicy",
+                "FrontDoor",
+                "WAF"
+            ],
+            "severity": "Low",
+            "subcategory": "Internet",
+            "text": "When using Azure Front Door and Azure Application Gateway to help protect HTTP/S apps, use WAF policies in Azure Front Door. Lock down Azure Application Gateway to receive traffic only from Azure Front Door.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "2363cefe-179b-4599-be0d-5973cd4cd21b",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
+            "service": "WAF",
+            "services": [
+                "VNet",
+                "WAF"
+            ],
+            "severity": "High",
+            "subcategory": "Internet",
+            "text": "When WAFs and other reverse proxies are required for inbound HTTP/S connections, deploy them within a landing-zone virtual network and together with the apps that they're protecting and exposing to the internet.",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "088137f5-e6c4-4cfd-9e50-4547c2447ec6",
+            "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-reference-architectures",
+            "service": "VNet",
+            "services": [
+                "VNet",
+                "DDoS"
+            ],
+            "severity": "High",
+            "subcategory": "Internet",
+            "text": "Use Azure DDoS Network or IP Protection plans to help protect Public IP Addresses endpoints within the virtual networks.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b034c01e-110b-463a-b36e-e3346e57f225",
+            "link": "https://learn.microsoft.com/azure/virtual-network/ip-services/default-outbound-access",
+            "service": "VNet",
+            "services": [],
+            "severity": "High",
+            "subcategory": "Internet",
+            "text": "Plan for how to manage your network outbound traffic configuration and strategy before the upcoming breaking change. On September 30, 2025, default outbound access for new deployments will be retired and only explicit access configurations will be allowed.",
+            "training": "https://learn.microsoft.com/training/modules/configure-virtual-networks/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b1c82a3f-2320-4dfa-8972-7ae4823c8930",
+            "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-reference-architectures",
+            "service": "VNet",
+            "services": [
+                "DDoS"
+            ],
+            "severity": "High",
+            "subcategory": "Internet",
+            "text": "Add diagnostic settings to save DDoS related logs for all the protected public IP addresses (DDoS IP or Network Protection).",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "3c5a808d-c695-4c14-a63c-c7ab7a510e41",
+            "link": "https://github.com/Azure/Enterprise-Scale/wiki/ALZ-Policies#corp",
+            "service": "Policy",
+            "services": [
+                "VM",
+                "AzurePolicy"
+            ],
+            "severity": "High",
+            "subcategory": "Internet",
+            "text": "Ensure there is a policy assignment to deny Public IP addresses directly tied to Virtual Machines.  Use exclusions if public IPs are needed on specific VMs.",
+            "training": "https://learn.microsoft.com/training/modules/configure-azure-policy/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "359c373e-7dd6-4162-9a36-4a907ecae48e",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/connectivity-to-azure",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute",
+                "VPN",
+                "Backup"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "Use ExpressRoute as the primary connection to Azure.  Use VPNs as a source of backup connectivity.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "description": "You can use AS-path prepending and connection weights to influence traffic from Azure to on-premises, and the full range of BGP attributes in your own routers to influence traffic from on-premises to Azure.",
+            "guid": "f29812b2-363c-4efe-879b-599de0d5973c",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-routing",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "When you use multiple ExpressRoute circuits or multiple on-prem locations, use BGP attributes to optimize routing.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant",
+            "guid": "d4cd21b0-8813-47f5-b6c4-cfd3e504547c",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute",
+                "VPN"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant",
+            "guid": "7025b442-f6e9-4af6-b11f-c9574916016f",
+            "link": "https://learn.microsoft.com/azure/expressroute/plan-manage-cost",
+            "service": "ExpressRoute",
+            "services": [
+                "Cost",
+                "ExpressRoute"
+            ],
+            "severity": "High",
+            "subcategory": "Hybrid",
+            "text": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/",
+            "waf": "Cost"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id",
+            "guid": "f4e7926a-ec35-476e-a412-5dd17136bd62",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local",
+            "service": "ExpressRoute",
+            "services": [
+                "Cost",
+                "ExpressRoute"
+            ],
+            "severity": "High",
+            "subcategory": "Hybrid",
+            "text": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/",
+            "waf": "Cost"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant",
+            "guid": "2447ec66-138a-4720-8f1c-e16ed301d6e8",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "72e52e36-11cc-458b-9a4b-1511e43a58a9",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/connectivity-to-azure",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "For scenarios that require bandwidth higher than 10 Gbps or dedicated 10/100-Gbps ports, use ExpressRoute Direct.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "c2299c4d-7b57-4d0c-9555-62f2b3e4563a",
+            "link": "https://learn.microsoft.com/azure/expressroute/about-fastpath",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "When low latency is required, or throughput from on-premises to Azure must be greater than 10 Gbps, enable FastPath to bypass the ExpressRoute gateway from the data path.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant",
+            "guid": "4d873974-8b66-42d6-b15f-512a65498f6d",
+            "link": "https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway",
+            "service": "VPN",
+            "services": [
+                "VPN"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available).",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "45866df8-cf85-4ca9-bbe2-65ec1478919e",
+            "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-highlyavailable",
+            "service": "VPN",
+            "services": [
+                "VPN"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "Use redundant VPN appliances on-premises (active/active or active/passive).",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "718cb437-b060-2589-8856-2e93a5c6633b",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-erdirect-about",
+            "service": "ExpressRoute",
+            "services": [
+                "Cost",
+                "ExpressRoute"
+            ],
+            "severity": "High",
+            "subcategory": "Hybrid",
+            "text": "If using ExpressRoute Direct, consider using ExpressRoute Local circuits to the local Azure regions to save costs.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Cost"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "8042d88e-79d1-47b7-9b22-a5a67e7a8ed4",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/services/networking/expressroute/reliability",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "When traffic isolation or dedicated bandwidth is required, such as for separating production and nonproduction environments, use different ExpressRoute circuits. It will help you ensure isolated routing domains and alleviate noisy-neighbor risks.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b30e38c3-f298-412b-8363-cefe179b599d",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-monitoring-metrics-alerts",
+            "service": "ExpressRoute",
+            "services": [
+                "Monitor",
+                "ExpressRoute"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "Monitor ExpressRoute availability and utilization using built-in Express Route Insights.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5bf68dc9-325e-4873-bf88-f8214ef2e5d2",
+            "link": "https://learn.microsoft.com/azure/expressroute/how-to-configure-connection-monitor",
+            "service": "ExpressRoute",
+            "services": [
+                "Monitor",
+                "ACR",
+                "NetworkWatcher"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "Use Connection Monitor for connectivity monitoring across the network, especially between on-premises and Azure.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2)",
+            "guid": "e0d5973c-d4cd-421b-8881-37f5e6c4cfd3",
+            "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "Use ExpressRoute circuits from different peering locations for redundancy.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "cf3fe65c-fec0-495a-8edc-9675200f2add",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-coexist-resource-manager",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute",
+                "VPN"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "Use site-to-site VPN as failover of ExpressRoute, if only using a single ExpressRoute circuit.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation))",
+            "guid": "72105cc8-aaea-4ee1-8c7a-ad25977afcaf",
+            "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub",
+            "service": "ExpressRoute",
+            "services": [
+                "Storage",
+                "VNet"
+            ],
+            "severity": "High",
+            "subcategory": "Hybrid",
+            "text": "If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated.",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d581a947-69a2-4783-942e-9df3664324c8",
+            "link": "https://learn.microsoft.com/azure/expressroute/designing-for-high-availability-with-expressroute#active-active-connections",
+            "service": "ExpressRoute",
+            "services": [
+                "ACR",
+                "ExpressRoute"
+            ],
+            "severity": "High",
+            "subcategory": "Hybrid",
+            "text": "If using ExpressRoute, your on-premises routing should be dynamic: in the event of a connection failure it should converge to the remaining connection of the circuit. Load should be shared across both connections ideally as active/active, although active/passive is supported too.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b258f058-b9f6-46cd-b28d-990106f0c3f8",
+            "link": "https://learn.microsoft.com/azure/expressroute/designing-for-high-availability-with-expressroute",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "Ensure the two physical links of your ExpressRoute circuit are connected to two distinct edge devices in your network.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "fe2a1b53-6fbd-4c67-b58a-85d7c7a0afcb",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-bfd",
+            "service": "ExpressRoute",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "Ensure Bidirectional Forwarding Detection (BFD) is enabled and configured on customer or provider edge routing devices.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "669b215a-ce43-4371-8f6f-11047f6490f1",
+            "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute"
+            ],
+            "severity": "High",
+            "subcategory": "Hybrid",
+            "text": "Connect the ExpressRoute Gateway to two or more circuits from different peering locations for higher resiliency.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "3f79ed00-203b-4c95-9efd-691505f5a1f9",
+            "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-howto-setup-alerts-virtual-network-gateway-log",
+            "service": "ExpressRoute",
+            "services": [
+                "Monitor",
+                "VNet",
+                "ExpressRoute"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "Configure diagnostic logs and alerts for ExpressRoute virtual network gateway.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5234c93f-b651-41dd-80c1-234177b91ced",
+            "link": "https://learn.microsoft.com/azure/expressroute/virtual-network-connectivity-guidance",
+            "service": "ExpressRoute",
+            "services": [
+                "VNet",
+                "ExpressRoute"
+            ],
+            "severity": "Medium",
+            "subcategory": "Hybrid",
+            "text": "Do not use ExpressRoute circuits for VNet-to-VNet communication.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "8ac6a9e0-1e6a-483d-b5de-32c199248160",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-about",
+            "service": "N/A",
+            "services": [
+                "ACR"
+            ],
+            "severity": "Low",
+            "subcategory": "Hybrid",
+            "text": "Do not send Azure traffic to hybrid locations for inspection.  Instead, follow the principle 'traffic in Azure stays in Azure' so that communication across resources in Azure occurs via the Microsoft backbone network.",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e6c4cfd3-e504-4547-a244-7ec66138a720",
+            "link": "https://learn.microsoft.com/azure/firewall/overview",
+            "service": "Firewall",
+            "services": [
+                "Firewall"
+            ],
+            "severity": "High",
+            "subcategory": "Firewall",
+            "text": "Use Azure Firewall to govern Azure outbound traffic to the internet, non-HTTP/S inbound connections, and East/West traffic filtering (if the organization requires it).",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5a4b1511-e43a-458a-ac22-99c4d7b57d0c",
+            "link": "https://learn.microsoft.com/azure/firewall-manager/policy-overview",
+            "service": "Firewall",
+            "services": [
+                "RBAC",
+                "ACR",
+                "Firewall",
+                "AzurePolicy"
+            ],
+            "severity": "Medium",
+            "subcategory": "Firewall",
+            "text": "Create a global Azure Firewall policy to govern security posture across the global network environment and assign it to all Azure Firewall instances. Allow for granular policies to meet requirements of specific regions by delegating incremental firewall policies to local security teams via Azure role-based access control.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "655562f2-b3e4-4563-a4d8-739748b662d6",
+            "link": "https://learn.microsoft.com/azure/firewall-manager/deploy-trusted-security-partner",
+            "service": "Firewall",
+            "services": [
+                "Firewall"
+            ],
+            "severity": "Low",
+            "subcategory": "Firewall",
+            "text": "Configure supported partner SaaS security providers within Firewall Manager if the organization wants to use such solutions to help protect outbound connections.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant",
+            "guid": "14d99880-2f88-47e8-a134-62a7d85c94af",
+            "link": "https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules",
+            "service": "Firewall",
+            "services": [
+                "DNS",
+                "Firewall"
+            ],
+            "severity": "High",
+            "subcategory": "Firewall",
+            "text": "Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant",
+            "guid": "c10d51ef-f999-455d-bba0-5c90ece07447",
+            "link": "https://learn.microsoft.com/azure/firewall/premium-features",
+            "service": "Firewall",
+            "services": [
+                "Firewall"
+            ],
+            "severity": "High",
+            "subcategory": "Firewall",
+            "text": "Use Azure Firewall Premium to enable additional security features.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-firewall/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant",
+            "guid": "e9c8f584-6d5e-473b-8dc5-acc9fbaab4e3",
+            "link": "https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules",
+            "service": "Firewall",
+            "services": [
+                "Firewall"
+            ],
+            "severity": "High",
+            "subcategory": "Firewall",
+            "text": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection.",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant",
+            "guid": "b9d0dff5-bdd4-4cd8-88ed-5811610b2b2c",
+            "link": "https://learn.microsoft.com/azure/firewall/premium-features#idps",
+            "service": "Firewall",
+            "services": [
+                "Firewall"
+            ],
+            "severity": "High",
+            "subcategory": "Firewall",
+            "text": "Configure Azure Firewall IDPS mode to Deny for additional protection.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-firewall/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant",
+            "guid": "a3784907-9836-4271-aafc-93535f8ec08b",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview",
+            "service": "Firewall",
+            "services": [
+                "Storage",
+                "Firewall",
+                "NVA",
+                "VNet",
+                "VWAN"
+            ],
+            "severity": "High",
+            "subcategory": "Firewall",
+            "text": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance.",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "715d833d-4708-4527-90ac-1b142c7045ba",
+            "link": "https://learn.microsoft.com/azure/firewall/firewall-structured-logs",
+            "service": "Firewall",
+            "services": [
+                "Storage",
+                "Firewall"
+            ],
+            "severity": "Medium",
+            "subcategory": "Firewall",
+            "text": "Add diagnostic settings to save logs, using the Resource Specific destination table, for all Azure Firewall deployments.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e960fc6b-4ab2-4db6-9609-3745135f9ffa",
+            "link": "https://learn.microsoft.com/azure/firewall-manager/migrate-to-policy",
+            "service": "Firewall",
+            "services": [
+                "AzurePolicy",
+                "Firewall"
+            ],
+            "severity": "Important",
+            "subcategory": "Firewall",
+            "text": "Migrate from Azure Firewall Classic rules (if exist) to Firewall Policy.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant",
+            "guid": "22d6419e-b627-4d95-9e7d-019fa759387f",
+            "link": "https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size",
+            "service": "Firewall",
+            "services": [
+                "VNet",
+                "Firewall"
+            ],
+            "severity": "High",
+            "subcategory": "Segmentation",
+            "text": "Use a /26 prefix for your Azure Firewall subnets.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-firewall/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "828cec2e-af6c-40c2-8fa2-1b681ee63eb7",
+            "link": "https://learn.microsoft.com/azure/firewall-manager/rule-hierarchy",
+            "service": "Firewall",
+            "services": [
+                "AzurePolicy"
+            ],
+            "severity": "Medium",
+            "subcategory": "Firewall",
+            "text": "Arrange rules within the firewall policy into Rule Collection Groups and Rule Collections and based on their frequency of use.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-firewall-manager/",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "0da83bb1-2f39-49af-b5c9-835fc455e3d1",
+            "link": "https://learn.microsoft.com/azure/firewall/ip-groups",
+            "service": "Firewall",
+            "services": [
+                "Storage"
+            ],
+            "severity": "Medium",
+            "subcategory": "Firewall",
+            "text": "Use IP Groups or IP prefixes to reduce number of IP table rules.",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "c44c6f0e-1642-4a61-a17b-0922f835c93a",
+            "link": "https://learn.microsoft.com/azure/firewall/tutorial-firewall-dnat",
+            "service": "Firewall",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "Firewall",
+            "text": "Do not use wildcards as a source IP for DNATS, such as * or any, you should specify source IPs for incoming DNATs.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-to-azure-virtual-networks/",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "7371dc21-251a-47a3-af14-6e01b9da4757",
+            "link": "https://learn.microsoft.com/azure/firewall/integrate-with-nat-gateway",
+            "service": "Firewall",
+            "services": [
+                "Monitor"
+            ],
+            "severity": "Medium",
+            "subcategory": "Firewall",
+            "text": "Prevent SNAT Port exhaustion by monitoring SNAT port usage, evaluating NAT Gateway settings, and ensuring seamless failover. If the port count approaches the limit, it’s a sign that SNAT exhaustion might be imminent.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-to-azure-virtual-networks/",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "346840b8-1064-496e-8396-4b1340172d52",
+            "link": "https://learn.microsoft.com/azure/firewall/premium-features#tls-inspection",
+            "service": "Firewall",
+            "services": [
+                "Firewall"
+            ],
+            "severity": "High",
+            "subcategory": "Firewall",
+            "text": "If you are using Azure Firewall Premium, enable TLS Inspection.",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "39990a13-915c-45f9-a2d3-562d7d6c4b7c",
+            "link": "https://learn.microsoft.com/azure/firewall/premium-features#web-categories",
+            "service": "Firewall",
+            "services": [
+                "ServiceBus"
+            ],
+            "severity": "Low",
+            "subcategory": "Firewall",
+            "text": "Use web categories to allow or deny outbound access to specific topics.",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6eff7e6c-6c4a-43d7-be3f-6641c2cb3d4a",
+            "link": "https://learn.microsoft.com/azure/architecture/example-scenario/gateway/application-gateway-before-azure-firewall",
+            "service": "Firewall",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "Firewall",
+            "text": "As part of your TLS inspection, plan for receiving traffic from Azure App Gateways for inspection.",
+            "training": "https://learn.microsoft.com/training/modules/configure-azure-application-gateway/",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "94f3eede-9aa3-4088-92a3-bb9a56509fad",
+            "link": "https://learn.microsoft.com/azure/firewall/dns-details",
+            "service": "Firewall",
+            "services": [
+                "DNS",
+                "Firewall"
+            ],
+            "severity": "Medium",
+            "subcategory": "Firewall",
+            "text": "Enable Azure Firewall DNS proxy configuration.",
+            "training": "https://learn.microsoft.com/training/courses/az-700t00/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1dc04554-dece-4ffb-a49e-5c683e09f8da",
+            "link": "https://learn.microsoft.com/azure/firewall/firewall-diagnostics",
+            "service": "Firewall",
+            "services": [
+                "Monitor",
+                "Firewall"
+            ],
+            "severity": "High",
+            "subcategory": "Firewall",
+            "text": "Integrate Azure Firewall with Azure Monitor and enable diagnostic logging to store and analyze firewall logs.",
+            "training": "https://learn.microsoft.com/training/courses/az-700t00/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "64e7000e-3c06-485e-b455-ced7f454cba3",
+            "link": "https://learn.microsoft.com/azure/well-architected/service-guides/azure-firewall",
+            "service": "Firewall",
+            "services": [
+                "Backup"
+            ],
+            "severity": "Low",
+            "subcategory": "Firewall",
+            "text": "Implement backups for your firewall rules",
+            "training": "https://learn.microsoft.com/training/courses/az-104t00/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d301d6e8-72e5-42e3-911c-c58b5a4b1511",
+            "link": "https://learn.microsoft.com/azure/virtual-network/vnet-integration-for-azure-services",
+            "service": "App Gateway",
+            "services": [
+                "VNet"
+            ],
+            "severity": "High",
+            "subcategory": "PaaS",
+            "text": "Do not disrupt control-plane communication for Azure PaaS services injected into a virtual networks, such as with a 0.0.0.0/0 route or an NSG rule that blocks control plane traffic.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e43a58a9-c229-49c4-b7b5-7d0c655562f2",
+            "link": "https://learn.microsoft.com/azure/private-link/private-link-overview",
+            "services": [
+                "PrivateLink"
+            ],
+            "severity": "Medium",
+            "subcategory": "PaaS",
+            "text": "Use Private Link, where available, for shared Azure PaaS services.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b3e4563a-4d87-4397-98b6-62d6d15f512a",
+            "link": "https://learn.microsoft.com/azure/private-link/private-endpoint-overview",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute",
+                "PrivateLink"
+            ],
+            "severity": "Medium",
+            "subcategory": "PaaS",
+            "text": "Access Azure PaaS services from on-premises via private endpoints and ExpressRoute private peering. This method avoids transiting over the public internet.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc",
+            "guid": "4704489a-8042-4d88-b79d-17b73b22a5a6",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview",
+            "service": "VNet",
+            "services": [
+                "VNet"
+            ],
+            "severity": "High",
+            "subcategory": "PaaS",
+            "text": "Don't enable virtual network service endpoints by default on all subnets.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "7e7a8ed4-b30e-438c-9f29-812b2363cefe",
+            "link": "azure/private-link/inspect-traffic-with-azure-firewall",
+            "service": "Firewall",
+            "services": [
+                "DNS",
+                "NVA",
+                "Firewall",
+                "PrivateLink"
+            ],
+            "severity": "Medium",
+            "subcategory": "PaaS",
+            "text": "Filter egress traffic to Azure PaaS services using FQDNs instead of IP addresses in Azure Firewall or an NVA to prevent data exfiltration. If using Private Link you can block all FQDNs, otherwise allow only the required PaaS services.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant",
+            "guid": "f2aad7e3-bb03-4adc-8606-4123d342a917",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway",
+            "service": "ExpressRoute",
+            "services": [
+                "ExpressRoute",
+                "VNet",
+                "VPN"
+            ],
+            "severity": "High",
+            "subcategory": "Segmentation",
+            "text": "Use at least a /27 prefix for your Gateway subnets.",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)",
+            "guid": "11deb39d-8299-4e47-bbe0-0fb5a36318a8",
+            "link": "https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags",
+            "service": "NSG",
+            "services": [
+                "VNet"
+            ],
+            "severity": "High",
+            "subcategory": "Segmentation",
+            "text": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity.",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "c2447ec6-6138-4a72-80f1-ce16ed301d6e",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-landing-zone-network-segmentation",
+            "services": [
+                "VNet"
+            ],
+            "severity": "Medium",
+            "subcategory": "Segmentation",
+            "text": "Delegate subnet creation to the landing zone owner.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "872e52e3-611c-4c58-a5a4-b1511e43a58a",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-landing-zone-network-segmentation",
+            "service": "NSG",
+            "services": [
+                "ACR",
+                "VNet"
+            ],
+            "severity": "Medium",
+            "subcategory": "Segmentation",
+            "text": "Use NSGs to help protect traffic across subnets, as well as east/west traffic across the platform (traffic between landing zones).",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "a4d87397-48b6-462d-9d15-f512a65498f6",
+            "link": "https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works",
+            "service": "NSG",
+            "services": [
+                "Entra",
+                "NVA",
+                "VNet"
+            ],
+            "severity": "Medium",
+            "subcategory": "Segmentation",
+            "text": "Use NSGs and application security groups to micro-segment traffic within the landing zone and avoid using a central NVA to filter traffic flows.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "dfe237de-143b-416c-91d7-aa9b64704489",
+            "link": "https://learn.microsoft.com/azure/network-watcher/vnet-flow-logs-overview",
+            "service": "NSG",
+            "services": [
+                "VNet",
+                "NetworkWatcher"
+            ],
+            "severity": "Medium",
+            "subcategory": "Segmentation",
+            "text": "Enable VNet Flow Logs and feed them into Traffic Analytics to gain insights into internal and external traffic flows.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-network-monitoring/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900)",
+            "guid": "0390417d-53dc-44d9-b3f4-c8832f359b41",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits",
+            "service": "NSG",
+            "services": [
+                "VNet"
+            ],
+            "severity": "Medium",
+            "subcategory": "Segmentation",
+            "text": "Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules.",
+            "training": "https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "412e7f98-3f63-4047-82dd-69c5b5c2622f",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/scenario-any-to-any",
+            "service": "VWAN",
+            "services": [
+                "VWAN"
+            ],
+            "severity": "Medium",
+            "subcategory": "Virtual WAN",
+            "text": "Use Virtual WAN if your scenario is explicitly described in the list of Virtual WAN routing designs.",
+            "training": "https://learn.microsoft.com/learn/modules/introduction-azure-virtual-wan/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "54b69bad-33aa-4d5e-ac68-e1d76667313b",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/virtual-wan-network-topology#virtual-wan-network-design-recommendationst",
+            "service": "VWAN",
+            "services": [
+                "ACR",
+                "VWAN"
+            ],
+            "severity": "Medium",
+            "subcategory": "Virtual WAN",
+            "text": "Use a Virtual WAN hub per Azure region to connect multiple landing zones together across Azure regions via a common global Azure Virtual WAN.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Performance"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant",
+            "guid": "7d5d1e4e-6146-458d-9558-fd77249b8211",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/howto-firewall",
+            "service": "VWAN",
+            "services": [
+                "VWAN",
+                "Firewall"
+            ],
+            "severity": "Medium",
+            "subcategory": "Virtual WAN",
+            "text": "For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6667313b-4f56-464b-9e98-4a859c773e7d",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/migrate-from-hub-spoke-topology",
+            "service": "VWAN",
+            "services": [
+                "VWAN"
+            ],
+            "severity": "Medium",
+            "subcategory": "Virtual WAN",
+            "text": "Ensure that your virtual WAN network architecture aligns to an identified architecture scenario.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "261623a7-65a9-417e-8f34-8ef254c27d42",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/azure-monitor-insights",
+            "service": "VWAN",
+            "services": [
+                "Monitor",
+                "VWAN"
+            ],
+            "severity": "Medium",
+            "subcategory": "Virtual WAN",
+            "text": "Use Azure Monitor Insights for Virtual WAN to monitor the end-to-end topology of the Virtual WAN, status, and key metrics.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "727c77e1-b9aa-4a37-a024-129d042422c1",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-faq#is-branch-to-branch-connectivity-allowed-in-virtual-wan",
+            "service": "VWAN",
+            "services": [
+                "VWAN"
+            ],
+            "severity": "Medium",
+            "subcategory": "Virtual WAN",
+            "text": "Do not disable branch-to-branch traffic in Virtual WAN, unless these flows should be explicitly blocked.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d49ac006-6670-4bc9-9948-d3e0a3a94f4d",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/about-virtual-hub-routing-preference",
+            "service": "VWAN",
+            "services": [
+                "VWAN",
+                "ExpressRoute",
+                "VPN"
+            ],
+            "severity": "Medium",
+            "subcategory": "Virtual WAN",
+            "text": "Use AS-Path as hub routing preference, since it is more flexible than ExpressRoute or VPN.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "2586b854-237e-47f1-84a1-d45d4cd2310d",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/about-virtual-hub-routing#labels",
+            "service": "VWAN",
+            "services": [
+                "VWAN"
+            ],
+            "severity": "Medium",
+            "subcategory": "Virtual WAN",
+            "text": "Configure label-based propagation in Virtual WAN, otherwise connectivity between virtual hubs will be impaired.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Network Topology and Connectivity",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "9c75dfef-573c-461c-a698-68598595581a",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-faq#what-is-the-recommended-hub-address-space-during-hub-creation",
+            "service": "VWAN",
+            "services": [
+                "VWAN"
+            ],
+            "severity": "High",
+            "subcategory": "Virtual WAN",
+            "text": "Assign at least a /23 prefix to virtual hubs to ensure enough IP space is available.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Governance",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5c986cb2-9131-456a-8247-6e49f541acdc",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "services": [
+                "AzurePolicy"
+            ],
+            "severity": "High",
+            "subcategory": "Governance",
+            "text": "Leverage Azure Policy strategically, define controls for your environment, using Policy Initiatives to group related policies.",
+            "waf": "Security"
+        },
+        {
+            "category": "Governance",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d8a2adb1-17d6-4326-af62-5ca44e5695f2",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "services": [
+                "RBAC",
+                "AzurePolicy"
+            ],
+            "severity": "Medium",
+            "subcategory": "Governance",
+            "text": "Map regulatory and compliance requirements to Azure Policy definitions and Azure role assignments.",
+            "waf": "Security"
+        },
+        {
+            "category": "Governance",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "223ace8c-b123-408c-a501-7f154e3ab369",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "services": [
+                "AzurePolicy",
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Governance",
+            "text": "Establish Azure Policy definitions at the intermediate root management group so that they can be assigned at inherited scopes.",
+            "waf": "Security"
+        },
+        {
+            "category": "Governance",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "3829e7e3-1618-4368-9a04-77a209945bda",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "services": [
+                "AzurePolicy"
+            ],
+            "severity": "High",
+            "subcategory": "Governance",
+            "text": "Manage policy assignments at the highest appropriate level with exclusions at bottom levels, if required.",
+            "waf": "Security"
+        },
+        {
+            "category": "Governance",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "43334f24-9116-4341-a2ba-527526944008",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/mcsb-asset-management#am-2-use-only-approved-services",
+            "service": "Policy",
+            "services": [
+                "AzurePolicy",
+                "Subscriptions"
+            ],
+            "severity": "Low",
+            "subcategory": "Governance",
+            "text": "Use Azure Policy to control which services users can provision at the subscription/management group level.",
+            "waf": "Security"
+        },
+        {
+            "category": "Governance",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "be7d7e48-4327-46d8-adc0-55bcf619e8a1",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "services": [
+                "AzurePolicy"
+            ],
+            "severity": "High",
+            "subcategory": "Governance",
+            "text": "Use built-in policies where possible to minimize operational overhead.",
+            "waf": "Security"
+        },
+        {
+            "category": "Governance",
+            "checklist": "Azure Landing Zone Review",
+            "description": "Assigning the Resource Policy Contributor role to specific scopes allows you to delegate policy management to relevant teams. For instance, a central IT team may oversee management group-level policies, while application teams handle policies for their subscriptions, enabling distributed governance with adherence to organizational standards.",
+            "guid": "3f988795-25d6-4268-a6d7-0ba6c97be995",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview#azure-rbac-permissions-in-azure-policy",
+            "service": "Policy",
+            "services": [
+                "Entra",
+                "RBAC",
+                "AzurePolicy",
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Governance",
+            "text": "Assign the built-in Resource Policy Contributor role at a particular scope to enable application-level governance.",
+            "waf": "Security"
+        },
+        {
+            "category": "Governance",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "19048384-5c98-46cb-8913-156a12476e49",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "services": [
+                "AzurePolicy",
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Governance",
+            "text": "Limit the number of Azure Policy assignments made at the root management group scope to avoid managing through exclusions at inherited scopes.",
+            "waf": "Security"
+        },
+        {
+            "category": "Governance",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5a917e1f-348e-4f25-9c27-d42e8bbac757",
+            "link": "https://learn.microsoft.com/industry/release-plan/2023wave2/cloud-sovereignty/enable-data-sovereignty-policy-baseline",
+            "service": "Policy",
+            "services": [
+                "AzurePolicy"
+            ],
+            "severity": "Medium",
+            "subcategory": "Governance",
+            "text": "If any data sovereignty requirements exist, Azure Policies should be deployed to enforce them.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-your-cloud-data/",
+            "waf": "Security"
+        },
+        {
+            "category": "Governance",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "78b22132-b41c-460b-a4d3-df8f73a67dc2",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/sovereign-landing-zone",
+            "service": "Policy",
+            "services": [
+                "AzurePolicy",
+                "Subscriptions"
+            ],
+            "severity": "Medium",
+            "subcategory": "Governance",
+            "text": "For Sovereign Landing Zone, deploy sovereignty policy baseline and assign at correct management group level.",
+            "waf": "Security"
+        },
+        {
+            "category": "Governance",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "caeea0e9-1024-41df-a52e-d99c3f22a6f4",
+            "link": "https://learn.microsoft.com/industry/sovereignty/policy-portfolio-baseline",
+            "service": "Policy",
+            "services": [
+                "AzurePolicy"
+            ],
+            "severity": "Medium",
+            "subcategory": "Governance",
+            "text": "For Sovereign Landing Zone, document Sovereign Control objectives to policy mapping.",
+            "waf": "Security"
+        },
+        {
+            "category": "Governance",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "9b461617-db7b-4399-8ac6-d4eb7153893a",
+            "link": "https://learn.microsoft.com/industry/sovereignty/policy-portfolio-baseline#sovereignty-baseline-policy-initiatives",
+            "service": "Policy",
+            "services": [
+                "AzurePolicy"
+            ],
+            "severity": "Medium",
+            "subcategory": "Governance",
+            "text": "For Sovereign Landing Zone, ensure process is in place for management of 'Sovereign Control objectives to policy mapping'.",
+            "waf": "Security"
+        },
+        {
+            "category": "Governance",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "29fd366b-a180-452b-9bd7-954b7700c667",
+            "link": "https://learn.microsoft.com/azure/cost-management-billing/costs/tutorial-acm-create-budgets?bc=%2Fazure%2Fcloud-adoption-framework%2F_bread%2Ftoc.json&toc=%2Fazure%2Fcloud-adoption-framework%2Ftoc.json",
+            "services": [
+                "Monitor",
+                "Cost",
+                "TrafficManager"
+            ],
+            "severity": "Medium",
+            "subcategory": "Optimize your cloud investment",
+            "text": "Configure 'Actual' and 'Forecasted' Budget Alerts.",
+            "waf": "Cost"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "67e7a8ed-4b30-4e38-a3f2-9812b2363cef",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
+            "service": "Monitor",
+            "services": [
+                "Entra",
+                "RBAC",
+                "Monitor",
+                "AzurePolicy"
+            ],
+            "severity": "Medium",
+            "subcategory": "Monitoring",
+            "text": "Use a single monitor logs workspace to manage platforms centrally except where Azure role-based access control (Azure RBAC), data sovereignty requirements, or data retention policies mandate separate workspaces.",
+            "training": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5e6c4cfd-3e50-4454-9c24-47ec66138a72",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/data-retention-archive?tabs=portal-1%2Cportal-2#how-retention-and-archiving-work",
+            "service": "Monitor",
+            "services": [
+                "Monitor",
+                "Storage",
+                "ARS",
+                "AzurePolicy"
+            ],
+            "severity": "High",
+            "subcategory": "Monitoring",
+            "text": "Export logs to Azure Storage if your log retention requirements exceed twelve years. Use immutable storage with a write-once, read-many policy to make data non-erasable and non-modifiable for a user-specified interval.",
+            "training": "https://learn.microsoft.com/learn/paths/architect-infrastructure-operations/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e7d7e484-3276-4d8b-bc05-5bcf619e8a13",
+            "link": "https://learn.microsoft.com/azure/governance/machine-configuration/overview",
+            "service": "VM",
+            "services": [
+                "VM",
+                "Monitor",
+                "AzurePolicy"
+            ],
+            "severity": "Medium",
+            "subcategory": "Monitoring",
+            "text": "Monitor OS level virtual machine (VM) configuration drift using Azure Policy. Enabling Azure Automanage Machine Configuration audit capabilities through policy helps application team workloads to immediately consume feature capabilities with little effort.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "f9887952-5d62-4688-9d70-ba6c97be9951",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#update-management-considerations",
+            "service": "VM",
+            "services": [
+                "VM"
+            ],
+            "severity": "Medium",
+            "subcategory": "Operational compliance",
+            "text": "Use Azure Update Manager as a patching mechanism for Windows and Linux VMs in Azure.",
+            "training": "https://learn.microsoft.com/azure/update-manager/overview?tabs=azure-vms",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "c806c048-26b7-4ddf-b4c2-b4f0c476925d",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#update-management-considerations ",
+            "service": "VM",
+            "services": [
+                "VM"
+            ],
+            "severity": "Medium",
+            "subcategory": "Operational compliance",
+            "text": "Use Azure Update Manager as a patching mechanism for Windows and Linux VMs outside of Azure using Azure Arc.",
+            "training": "https://learn.microsoft.com/azure/update-manager/overview?tabs=azure-vms",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "90483845-c986-4cb2-a131-56a12476e49f",
+            "link": "https://learn.microsoft.com/azure/network-watcher/network-watcher-monitoring-overview",
+            "service": "Network Watcher",
+            "services": [
+                "Monitor",
+                "NetworkWatcher"
+            ],
+            "severity": "Medium",
+            "subcategory": "Monitoring",
+            "text": "Use Network Watcher to proactively monitor traffic flows.",
+            "training": "https://learn.microsoft.com/learn/modules/configure-network-watcher/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "541acdce-9793-477b-adb3-751ab2ab13ad",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/lock-resources?tabs=json",
+            "services": [
+                "Monitor"
+            ],
+            "severity": "Medium",
+            "subcategory": "Monitoring",
+            "text": "Use resource locks to prevent accidental deletion of critical shared services.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "a6e55d7d-8a2a-4db1-87d6-326af625ca44",
+            "link": "https://learn.microsoft.com/azure/governance/policy/concepts/effect-deny",
+            "services": [
+                "Monitor",
+                "RBAC",
+                "AzurePolicy"
+            ],
+            "severity": "Low",
+            "subcategory": "Monitoring",
+            "text": "Use deny policies to supplement Azure role assignments. The combination of deny policies and Azure role assignments ensures the appropriate guardrails are in place to enforce who can deploy and configure resources and what resources they can deploy and configure.",
+            "training": "https://learn.microsoft.com/azure/role-based-access-control/deny-assignments?tabs=azure-portal",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e5695f22-23ac-4e8c-a123-08ca5017f154",
+            "link": "https://learn.microsoft.com/azure/service-health/alerts-activity-log-service-notifications-portal",
+            "services": [
+                "Monitor"
+            ],
+            "severity": "Medium",
+            "subcategory": "Monitoring",
+            "text": "Include service and resource health events as part of the overall platform monitoring solution. Tracking service and resource health from the platform perspective is an important component of resource management in Azure.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-service-health/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d5f345bf-97ab-41a7-819c-6104baa7d48c",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/alerts/action-groups",
+            "services": [
+                "Monitor"
+            ],
+            "severity": "Medium",
+            "subcategory": "Monitoring",
+            "text": "Include alerts and action groups as part of the Azure Service Health platform to ensure that alerts or issues can be actioned.",
+            "training": "https://learn.microsoft.com/en-gb/training/modules/incident-response-with-alerting-on-azure/7-actions-and-alert-processing-rules",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e3ab3693-829e-47e3-8618-3687a0477a20",
+            "link": "https://learn.microsoft.com/azure/sentinel/quickstart-onboard",
+            "services": [
+                "Monitor"
+            ],
+            "severity": "Medium",
+            "subcategory": "Monitoring",
+            "text": "Don't send raw log entries back to on-premises monitoring systems. Instead, adopt a principle that data born in Azure stays in Azure. If on-premises SIEM integration is required, then send critical alerts instead of logs.",
+            "training": "https://learn.microsoft.com/azure/cloud-adoption-framework/decision-guides/logging-and-reporting/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6944008b-e7d7-4e48-9327-6d8bdc055bcf",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-setup-guide/monitoring-reporting?tabs=AzureMonitor",
+            "service": "Monitor",
+            "services": [
+                "Monitor"
+            ],
+            "severity": "Medium",
+            "subcategory": "Monitoring",
+            "text": "Use Azure Monitor Logs for insights and reporting.",
+            "training": "https://learn.microsoft.com/training/modules/configure-azure-monitor/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "619e8a13-f988-4795-85d6-26886d70ba6c",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/agents/diagnostics-extension-overview",
+            "services": [
+                "Monitor",
+                "Storage"
+            ],
+            "severity": "Medium",
+            "subcategory": "Monitoring",
+            "text": "When necessary, use shared storage accounts within the landing zone for Azure diagnostic extension log storage.",
+            "training": "https://learn.microsoft.com/training/modules/configure-virtual-machine-extensions/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "97be9951-9048-4384-9c98-6cb2913156a1",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/alerts/alerts-overview",
+            "service": "Monitor",
+            "services": [
+                "Monitor"
+            ],
+            "severity": "Medium",
+            "subcategory": "Monitoring",
+            "text": "Use Azure Monitor alerts for the generation of operational alerts.",
+            "training": "https://learn.microsoft.com/training/modules/incident-response-with-alerting-on-azure/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "859c3900-4514-41eb-b010-475d695abd74",
+            "link": "https://learn.microsoft.com/azure/architecture/best-practices/monitoring",
+            "services": [
+                "Monitor"
+            ],
+            "severity": "Medium",
+            "subcategory": "Monitoring",
+            "text": "Ensure that monitoring requirements have been assessed and that appropriate data collection and alerting configurations are applied.",
+            "training": "https://learn.microsoft.com/training/paths/az-104-monitor-backup-resources/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "fed3c55f-a67e-4875-aadd-3aba3f9fde31",
+            "link": "https://learn.microsoft.com/azure/automation/how-to/region-mappings",
+            "service": "Monitor",
+            "services": [
+                "Monitor"
+            ],
+            "severity": "Medium",
+            "subcategory": "Monitoring",
+            "text": "When using Change and Inventory Tracking via Azure Automation Accounts, ensure that you have selected supported regions for linking your Log Analytics workspace and automation accounts together.",
+            "training": "https://learn.microsoft.com/training/modules/explore-azure-automation-devops/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "aa45be6a-8f2d-4896-b0e3-775e6e94e610",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-monitor",
+            "services": [
+                "Monitor",
+                "AzurePolicy"
+            ],
+            "severity": "Medium",
+            "subcategory": "Monitoring",
+            "text": "Deploy AMBA to establish monitoring for platform components of your landing zone - AMBA is a framework solution that is available and provides an easy way to scale alerting by using Azure Policy.",
+            "training": "https://azure.github.io/azure-monitor-baseline-alerts/patterns/alz/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "7ea02e1c-7166-45a3-bdf5-098891367fcb",
+            "link": "https://learn.microsoft.com/azure/reliability/cross-region-replication-azure",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "Data Protection",
+            "text": "Enable cross-region replication in Azure for BCDR with paired regions.",
+            "training": "https://learn.microsoft.com/training/modules/provide-disaster-recovery-replicate-storage-data/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "eba8cf22-45c6-4dc1-9b57-2cceb3b97ce5",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
+            "service": "Backup",
+            "services": [
+                "Backup"
+            ],
+            "severity": "Low",
+            "subcategory": "Data Protection",
+            "text": "When using Azure Backup, use the correct backup types (GRS, ZRS & LRS) for your backup, as the default setting is GRS.",
+            "training": "https://learn.microsoft.com/training/modules/design-solution-for-backup-disaster-recovery/",
+            "waf": "Reliability"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "f541acdc-e979-4377-acdb-3751ab2ab13a",
+            "link": "https://learn.microsoft.com/azure/governance/policy/concepts/guest-configuration",
+            "service": "VM",
+            "services": [
+                "VM",
+                "AzurePolicy"
+            ],
+            "severity": "Medium",
+            "subcategory": "Operational compliance",
+            "text": "Use Azure guest policies to automatically deploy software configurations through VM extensions and enforce a compliant baseline VM configuration.",
+            "waf": "Security"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "description": "Use Azure Policy's guest configuration features  to audit and remediate machine settings (e.g., OS, application, environment) to ensure resources align with expected configurations, and Update Management can enforce patch management for VMs.",
+            "guid": "da6e55d7-d8a2-4adb-817d-6326af625ca4",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#monitoring-for-configuration-drift",
+            "service": "VM",
+            "services": [
+                "VM",
+                "Monitor",
+                "AzurePolicy"
+            ],
+            "severity": "Medium",
+            "subcategory": "Operational compliance",
+            "text": "Monitor VM security configuration drift via Azure Policy.",
+            "training": "https://learn.microsoft.com/training/paths/implement-resource-mgmt-security/",
+            "waf": "Security"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "2476e49f-541a-4cdc-b979-377bcdb3751a",
+            "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
+            "service": "VM",
+            "services": [
+                "VM",
+                "ASR",
+                "ACR"
+            ],
+            "severity": "Medium",
+            "subcategory": "Protect and Recover",
+            "text": "Use Azure Site Recovery for Azure-to-Azure Virtual Machines disaster recovery scenarios. This enables you to replicate workloads across regions.",
+            "training": "https://learn.microsoft.com/training/modules/protect-infrastructure-with-site-recovery/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b2ab13ad-a6e5-45d7-b8a2-adb117d6326a",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/resiliency/backup-and-recovery",
+            "services": [
+                "ASR"
+            ],
+            "severity": "Medium",
+            "subcategory": "Protect and Recover",
+            "text": "Use native PaaS service disaster recovery capabilities.  Perform failover testing with these capabilities.",
+            "training": "https://learn.microsoft.com/en-us/training/modules/explore-iaas-paas-platform-tools-for-high-availability-disaster-recovery/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "f625ca44-e569-45f2-823a-ce8cb12308ca",
+            "link": "https://learn.microsoft.com/azure/backup/backup-center-overview",
+            "service": "Backup",
+            "services": [
+                "Backup"
+            ],
+            "severity": "Medium",
+            "subcategory": "Protect and Recover",
+            "text": "Use Azure-native backup capabilities, or an Azure-compatible, 3rd-party backup solution.",
+            "training": "https://learn.microsoft.com/training/modules/design-solution-for-backup-disaster-recovery/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "89cc5e11-aa4d-4c3b-893d-feb99215266a",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#add-diagnostic-settings-to-save-your-wafs-logs",
+            "service": "WAF",
+            "services": [
+                "AppGW",
+                "WAF",
+                "FrontDoor"
+            ],
+            "severity": "High",
+            "subcategory": "App delivery",
+            "text": "Add diagnostic settings to save WAF logs from application delivery services like Azure Front Door and Azure Application Gateway. Regularly review the logs to check for attacks and for false positive detections.",
+            "training": "https://learn.microsoft.com/training/modules/capture-application-logs-app-service/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Management",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "7f408960-c626-44cb-a018-347c8d790cdf",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#send-logs-to-microsoft-sentinel",
+            "service": "WAF",
+            "services": [
+                "Sentinel",
+                "AppGW",
+                "WAF",
+                "FrontDoor"
+            ],
+            "severity": "Medium",
+            "subcategory": "App delivery",
+            "text": "Send WAF logs from your application delivery services like Azure Front Door and Azure Application Gateway to Microsoft Sentinel. Detect attacks and integrate WAF telemetry into your overall Azure environment.",
+            "training": "https://learn.microsoft.com/training/paths/sc-200-connect-logs-to-azure-sentinel/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b86ad884-08e3-4727-94b8-75ba18f20459",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/security-control-incident-response",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "Access control",
+            "text": "Determine the incident response plan for Azure services before allowing it into production.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-incident-readiness/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "01365d38-e43f-49cc-ad86-8266abca264f",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/security-zero-trust",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "Access control",
+            "text": "Apply a zero-trust approach for access to the Azure platform.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-zero-trust-best-practice-frameworks/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5017f154-e3ab-4369-9829-e7e316183687",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/overview",
+            "service": "Key Vault",
+            "services": [
+                "AKV"
+            ],
+            "severity": "High",
+            "subcategory": "Encryption and keys",
+            "text": "Use Azure Key Vault to store your secrets and credentials.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "ResourceContainers | where type=='microsoft.resources/subscriptions'| parse id with '/subscriptions/' SubscriptionID| project subscriptionId, SubscriptionName = name| join kind=leftouter (Resources| where type == 'microsoft.keyvault/vaults'| project id, name, subscriptionId) on subscriptionId| join kind= leftouter (Resources| where type == 'microsoft.keyvault/vaults'| summarize ResourceCount = count() by subscriptionId) on subscriptionId| extend RCount = iff(isnull(ResourceCount), 0, ResourceCount)| project-away ResourceCount| extend compliant = (RCount <> 1)",
+            "guid": "a0477a20-9945-4bda-9333-4f2491163418",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/overview-throttling",
+            "service": "Key Vault",
+            "services": [
+                "AKV"
+            ],
+            "severity": "Medium",
+            "subcategory": "Encryption and keys",
+            "text": "Use different Azure Key Vaults for different applications and regions to avoid transaction scale limits and restrict access to secrets.",
+            "training": "https://learn.microsoft.com/training/modules/configure-and-manage-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "2ba52752-6944-4008-ae7d-7e4843276d8b",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "services": [
+                "AzurePolicy",
+                "AKV"
+            ],
+            "severity": "Medium",
+            "subcategory": "Encryption and keys",
+            "text": "Provision Azure Key Vault with the soft delete and purge policies enabled to allow retention protection for deleted objects.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "dc055bcf-619e-48a1-9f98-879525d62688",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "services": [
+                "Entra",
+                "RBAC",
+                "AKV"
+            ],
+            "severity": "Medium",
+            "subcategory": "Encryption and keys",
+            "text": "Follow a least privilege model by limiting authorization to permanently delete keys, secrets, and certificates to specialized custom Microsoft Entra ID roles.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6d70ba6c-97be-4995-8904-83845c986cb2",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "services": [
+                "AKV"
+            ],
+            "severity": "Medium",
+            "subcategory": "Encryption and keys",
+            "text": "Automate the certificate management and renewal process with public certificate authorities to ease administration.",
+            "training": "https://learn.microsoft.com/en-us/training/modules/configure-and-manage-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "913156a1-2476-4e49-b541-acdce979377b",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "services": [
+                "AKV"
+            ],
+            "severity": "Medium",
+            "subcategory": "Encryption and keys",
+            "text": "Establish an automated process for key and certificate rotation.",
+            "training": "https://learn.microsoft.com/training/modules/configure-and-manage-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "cdb3751a-b2ab-413a-ba6e-55d7d8a2adb1",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "services": [
+                "VNet",
+                "AKV",
+                "PrivateLink"
+            ],
+            "severity": "Medium",
+            "subcategory": "Encryption and keys",
+            "text": "Enable firewall and virtual network service endpoint or private endpoint on the vault to control access to the key vault.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-private-access-to-azure-services/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "17d6326a-f625-4ca4-9e56-95f2223ace8c",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/monitor-key-vault",
+            "service": "Key Vault",
+            "services": [
+                "Entra",
+                "Monitor",
+                "AKV"
+            ],
+            "severity": "Medium",
+            "subcategory": "Encryption and keys",
+            "text": "Use the platform-central Azure Monitor Log Analytics workspace to audit key, certificate, and secret usage within each instance of Key Vault.",
+            "training": "https://learn.microsoft.com/training/modules/analyze-infrastructure-with-azure-monitor-logs/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b12308ca-5017-4f15-9e3a-b3693829e7e3",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "services": [
+                "AzurePolicy",
+                "AKV"
+            ],
+            "severity": "Medium",
+            "subcategory": "Encryption and keys",
+            "text": "Delegate Key Vault instantiation and privileged access and use Azure Policy to enforce a consistent compliant configuration.",
+            "training": "https://learn.microsoft.com/training/modules/configure-azure-key-vault-networking-settings/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "16183687-a047-47a2-8994-5bda43334f24",
+            "link": "https://learn.microsoft.com/azure/security/fundamentals/encryption-atrest",
+            "services": [
+                "AKV"
+            ],
+            "severity": "Medium",
+            "subcategory": "Encryption and keys",
+            "text": "Default to Microsoft-managed keys for principal encryption functionality and use customer-managed keys when required.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "91163418-2ba5-4275-8694-4008be7d7e48",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "services": [
+                "AKV"
+            ],
+            "severity": "Medium",
+            "subcategory": "Encryption and keys",
+            "text": "Use an Azure Key Vault per application per environment per region.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "25d62688-6d70-4ba6-a97b-e99519048384",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "services": [
+                "ASR",
+                "ACR",
+                "AKV"
+            ],
+            "severity": "Medium",
+            "subcategory": "Encryption and keys",
+            "text": "If you want to bring your own keys, this might not be supported across all considered services. Implement relevant mitigation so that inconsistencies don't hinder desired outcomes. Choose appropriate region pairs and disaster recovery regions that minimize latency.",
+            "training": "https://learn.microsoft.com/training/modules/configure-and-manage-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "4ac6b67c-b3a4-4ff9-8e87-b07a7ce7bbdb",
+            "link": "https://learn.microsoft.com/industry/sovereignty/key-management",
+            "service": "Key Vault",
+            "services": [
+                "AKV"
+            ],
+            "severity": "Medium",
+            "subcategory": "Encryption and keys",
+            "text": "For Sovereign Landing Zone, use Azure Key Vault managed HSM to store your secrets and credentials.",
+            "training": "https://learn.microsoft.com/training/modules/configure-and-manage-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "4e5695f2-223a-4ce8-ab12-308ca5017f15",
+            "link": "https://learn.microsoft.com/azure/active-directory/reports-monitoring/overview-reports",
+            "service": "Entra",
+            "services": [
+                "Entra"
+            ],
+            "severity": "Medium",
+            "subcategory": "Operations",
+            "text": "Use Microsoft Entra ID reporting capabilities to generate access control audit reports.",
+            "training": "https://learn.microsoft.com/training/modules/monitor-report-aad-security-events/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "4e3ab369-3829-4e7e-9161-83687a0477a2",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/logs-data-export?tabs=portal",
+            "services": [
+                "Monitor",
+                "Storage",
+                "ARS"
+            ],
+            "severity": "Medium",
+            "subcategory": "Operations",
+            "text": "Export Azure activity logs to Azure Monitor Logs for long-term data retention. Export to Azure Storage for long-term storage beyond two years, if necessary.",
+            "training": "https://learn.microsoft.com/training/modules/analyze-infrastructure-with-azure-monitor-logs/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "09945bda-4333-44f2-9911-634182ba5275",
+            "link": "https://learn.microsoft.com/azure/defender-for-cloud/concept-cloud-security-posture-management",
+            "service": "Defender",
+            "services": [
+                "Defender",
+                "Subscriptions"
+            ],
+            "severity": "High",
+            "subcategory": "Operations",
+            "text": "Enable Defender Cloud Security Posture Management for all subscriptions.",
+            "training": "https://learn.microsoft.com/training/modules/microsoft-defender-cloud-security-posture/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "36a72a48-fffe-4c40-9747-0ab5064355ba",
+            "link": "https://learn.microsoft.com/azure/defender-for-cloud/plan-defender-for-servers-select-plan",
+            "service": "Defender",
+            "services": [
+                "Defender",
+                "Subscriptions"
+            ],
+            "severity": "High",
+            "subcategory": "Operations",
+            "text": "Enable a Defender Cloud Workload Protection Plan for Servers on all subscriptions.",
+            "training": "https://learn.microsoft.com/training/modules/understand-azure-defender-cloud-workload-protection/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "77425f48-ecba-43a0-aeac-a3ac733ccc6a",
+            "link": "https://learn.microsoft.com/azure/defender-for-cloud/connect-azure-subscription",
+            "service": "Defender",
+            "services": [
+                "Defender",
+                "Subscriptions"
+            ],
+            "severity": "High",
+            "subcategory": "Operations",
+            "text": "Enable Defender Cloud Workload Protection Plans for Azure Resources on all subscriptions.",
+            "training": "https://learn.microsoft.com/training/modules/understand-azure-defender-cloud-workload-protection/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "24d96b30-61ee-4436-a1cc-d6ef08bc574b",
+            "link": "https://learn.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-protection",
+            "service": "VM",
+            "services": [],
+            "severity": "High",
+            "subcategory": "Operations",
+            "text": "Enable Endpoint Protection on IaaS Servers.",
+            "training": "https://learn.microsoft.com/training/modules/design-solutions-securing-server-client-endpoints/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "15833ee7-ad6c-46d3-9331-65c7acbe44ab",
+            "link": "https://learn.microsoft.com/azure/security-center/",
+            "service": "VM",
+            "services": [
+                "Defender",
+                "Monitor"
+            ],
+            "severity": "Medium",
+            "subcategory": "Operations",
+            "text": "Monitor base operating system patching drift via Azure Monitor Logs and Defender for Cloud.",
+            "training": "https://learn.microsoft.com/training/modules/create-log-analytics-workspace-microsoft-defender-cloud/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e5f8d79f-2e87-4768-924c-516775c6ea95",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
+            "service": "Monitor",
+            "services": [
+                "Entra",
+                "Monitor"
+            ],
+            "severity": "Medium",
+            "subcategory": "Operations",
+            "text": "Connect default resource configurations to a centralized Azure Monitor Log Analytics workspace.",
+            "training": "https://learn.microsoft.com/training/modules/analyze-infrastructure-with-azure-monitor-logs/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1761e147-f65e-4d09-bbc2-f464f23e2eba",
+            "link": "https://learn.microsoft.com/industry/sovereignty/transparency-logs",
+            "service": "Entra",
+            "services": [
+                "Entra"
+            ],
+            "severity": "Medium",
+            "subcategory": "Operations",
+            "text": "For Sovereign Landing Zone, enable transparancy logs on the Entra ID tenant.",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d21a922d-5ca7-427a-82a6-35f7b21f1bfc",
+            "link": "https://learn.microsoft.com/azure/security/fundamentals/customer-lockbox-overview",
+            "service": "Entra",
+            "services": [
+                "Entra"
+            ],
+            "severity": "Medium",
+            "subcategory": "Operations",
+            "text": "For Sovereign Landing Zone, enable customer Lockbox on the Entra ID tenant.",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "874a748b-662d-46d1-9051-2a66498f6dfe",
+            "link": "https://learn.microsoft.com/azure/event-grid/set-alerts",
+            "services": [
+                "Monitor"
+            ],
+            "severity": "Low",
+            "subcategory": "Operations",
+            "text": "Use an Azure Event Grid-based solution for log-oriented, real-time alerts.",
+            "training": "https://learn.microsoft.com/training/modules/azure-event-grid/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b03ed428-4617-4067-a787-85468b9ccf3f",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer",
+            "service": "Storage",
+            "services": [
+                "Storage"
+            ],
+            "severity": "High",
+            "subcategory": "Overview",
+            "text": "Enable secure transfer to storage accounts.",
+            "training": "https://learn.microsoft.com/training/modules/secure-azure-storage-account/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "159aac9f-863f-4f48-82cf-00c28fa97a0e",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/data-protection-overview#recommendations-for-basic-data-protection",
+            "service": "Storage",
+            "services": [
+                "Storage"
+            ],
+            "severity": "High",
+            "subcategory": "Overview",
+            "text": "Enable container soft delete for the storage account to recover a deleted container and its contents.",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6f704104-85c1-441f-96d3-c9819911645e",
+            "link": "https://learn.microsoft.com/azure/active-directory/roles/security-planning",
+            "services": [
+                "Entra"
+            ],
+            "severity": "High",
+            "subcategory": "Secure privileged access",
+            "text": "Separate privileged admin accounts for Azure administrative tasks.",
+            "training": "https://learn.microsoft.com/training/modules/design-solutions-secure-privileged-access/",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "9a19bf39-c95d-444c-9c89-19ca1f6d5215",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/service-enablement-framework",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "Service enablement framework",
+            "text": "Plan how new azure services will be implemented.",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "ae514b93-3d45-485e-8112-9bd7ba012f7b",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/service-enablement-framework",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "Service enablement framework",
+            "text": "Plan how service request will be fulfilled for Azure services.",
+            "waf": "Security"
+        },
+        {
+            "category": "Platform Automation and DevOps",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e85f4226-bf06-4e35-8a8b-7aee4d2d633a",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/platform-automation-devops",
+            "services": [],
+            "severity": "High",
+            "subcategory": "DevOps Team Topologies",
+            "text": "Ensure you have a cross functional DevOps Platform Team to build, manage and maintain your Azure Landing Zone architecture.",
+            "training": "https://learn.microsoft.com/training/modules/choose-an-agile-approach/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Platform Automation and DevOps",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "634146bf-7085-4419-a7b5-f96d2726f6da",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/devops-teams-topologies#design-recommendations",
+            "services": [],
+            "severity": "Low",
+            "subcategory": "DevOps Team Topologies",
+            "text": "Aim to define functions for Azure Landing Zone Platform team.",
+            "training": "https://learn.microsoft.com/training/paths/az-400-work-git-for-enterprise-devops/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Platform Automation and DevOps",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "a9e65070-c59e-4112-8bf6-c11364d4a2a5",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/devops-teams-topologies#design-recommendations",
+            "services": [
+                "RBAC"
+            ],
+            "severity": "Low",
+            "subcategory": "DevOps Team Topologies",
+            "text": "Aim to define functions for application workload teams to be self-sufficient and not require DevOps Platform Team support. Achieve this through the use of custom RBAC role.",
+            "training": "https://learn.microsoft.com/training/paths/az-400-work-git-for-enterprise-devops/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Platform Automation and DevOps",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "165eb5e9-b434-448a-9e24-178632186212",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/infrastructure-as-code",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "DevOps Team Topologies",
+            "text": "Use a CI/CD pipeline to deploy IaC artifacts and ensure the quality of your deployment and Azure environments.",
+            "training": "https://learn.microsoft.com/training/modules/manage-multiple-environments-using-bicep-azure-pipelines/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Platform Automation and DevOps",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "0cadb8c7-8fa5-4fbf-8f39-d1fadb3b0460",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/development-strategy-development-lifecycle#automated-builds",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "DevOps Team Topologies",
+            "text": "Include unit tests for IaC and application code as part of your build process.",
+            "training": "https://learn.microsoft.com/training/modules/run-quality-tests-build-pipeline/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Platform Automation and DevOps",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "108d5099-a11d-4445-bd8b-e12a5e95412e",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/development-strategy-development-lifecycle#automated-builds",
+            "service": "Key Vault",
+            "services": [
+                "VM",
+                "AKV"
+            ],
+            "severity": "High",
+            "subcategory": "DevOps Team Topologies",
+            "text": "Use Key Vault secrets to avoid hard-coding sensitive information such as credentials (virtual machines user passwords), certificates or keys.",
+            "training": "https://learn.microsoft.com/en-us/training/modules/implement-azure-key-vault/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Platform Automation and DevOps",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "a52e0c98-76b9-4a09-a1c9-6b2babf22ac4",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/subscription-vending",
+            "services": [
+                "Subscriptions"
+            ],
+            "severity": "Low",
+            "subcategory": "DevOps Team Topologies",
+            "text": "Implement automation for new landing zone for applications and workloads through subscription vending.",
+            "waf": "Operations"
+        },
+        {
+            "category": "Platform Automation and DevOps",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "cfe363b5-f579-4284-bc56-a42153e4c10b",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/infrastructure-as-code",
+            "services": [],
+            "severity": "High",
+            "subcategory": "Development Lifecycle",
+            "text": "Ensure a version control system is used for source code of applications and IaC developed. Microsoft recommends Git.",
+            "training": "https://learn.microsoft.com/training/paths/intro-to-vc-git/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Platform Automation and DevOps",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "c7245dd4-af8a-403a-8bb7-890c1a7cfa9d",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/development-strategy-development-lifecycle",
+            "services": [],
+            "severity": "Low",
+            "subcategory": "Development Lifecycle",
+            "text": "Follow a branching strategy to allow teams to collaborate better and efficiently manage version control of IaC and application Code. Review options such as Github Flow.",
+            "training": "https://learn.microsoft.com/training/modules/manage-git-branches-workflows/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Platform Automation and DevOps",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "12aeea20-9165-4b3e-bdf2-6795fcd3cdbe",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/development-strategy-development-lifecycle",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "Development Lifecycle",
+            "text": "Adopt a pull request strategy to help keep control of code changes merged into branches.",
+            "training": "https://learn.microsoft.com/training/modules/review-azure-infrastructure-changes-using-bicep-pull-requests/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Platform Automation and DevOps",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "2676ae46-65ca-444e-8695-fdddeace4cb1",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-platform",
+            "services": [],
+            "severity": "Medium",
+            "subcategory": "Development Lifecycle",
+            "text": "Establish a process for using code to implement quick fixes. Always register quick fixes in your team's backlog so each fix can be reworked at a later point, and you can limit technical debt.",
+            "training": "https://learn.microsoft.com/training/modules/branch-merge-git/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Platform Automation and DevOps",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "2cdc9d99-dbcc-4ad4-97f5-e7d358bdfa73",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/infrastructure-as-code",
+            "services": [],
+            "severity": "High",
+            "subcategory": "Development Strategy",
+            "text": "Leverage Declarative Infrastructure as Code Tools such as Azure Bicep, ARM Templates or Terraform to build and maintain your Azure Landing Zone architecture. Both from a Platform and Application workload perspective.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-to-infrastructure-as-code-using-bicep/",
+            "waf": "Operations"
+        },
+        {
+            "category": "Platform Automation and DevOps",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "cc87a3bc-c572-4ad2-92ed-8cabab66160f",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/landing-zone-security#secure",
+            "services": [],
+            "severity": "High",
+            "subcategory": "Security",
+            "text": "Integrate security into the already combined process of development and operations in DevOps to mitigate risks in the innovation process.",
+            "training": "https://learn.microsoft.com/training/paths/az-400-implement-security-validate-code-bases-compliance/",
+            "waf": "Operations"
+        },
         {
             "category": "Governance",
             "checklist": "Azure API Management Review",
@@ -37,9 +3571,9 @@
             "link": "https://learn.microsoft.com/azure/api-management/policy-fragments",
             "service": "APIM",
             "services": [
+                "ACR",
                 "APIM",
-                "AzurePolicy",
-                "ACR"
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Development best practices",
@@ -67,8 +3601,8 @@
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-use-azure-monitor#resource-logs",
             "service": "APIM",
             "services": [
-                "APIM",
-                "Monitor"
+                "Monitor",
+                "APIM"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -82,8 +3616,8 @@
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-app-insights",
             "service": "APIM",
             "services": [
-                "APIM",
-                "Monitor"
+                "Monitor",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -97,8 +3631,8 @@
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-use-azure-monitor",
             "service": "APIM",
             "services": [
-                "APIM",
-                "Monitor"
+                "Monitor",
+                "APIM"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -113,8 +3647,8 @@
             "service": "APIM",
             "services": [
                 "Entra",
-                "AKV",
-                "APIM"
+                "APIM",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Data protection",
@@ -202,9 +3736,9 @@
             "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-deploy-multi-region",
             "service": "APIM",
             "services": [
+                "ACR",
                 "ASR",
-                "APIM",
-                "ACR"
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Business continuity and disaster recovery",
@@ -233,9 +3767,9 @@
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#service-native-backup-capability",
             "service": "APIM",
             "services": [
-                "Backup",
+                "ASR",
                 "APIM",
-                "ASR"
+                "Backup"
             ],
             "severity": "High",
             "subcategory": "Business continuity and disaster recovery",
@@ -428,9 +3962,9 @@
             "service": "APIM",
             "services": [
                 "Entra",
-                "APIM",
                 "VNet",
-                "Monitor"
+                "Monitor",
+                "APIM"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -445,9 +3979,9 @@
             "service": "APIM",
             "services": [
                 "Entra",
+                "VNet",
                 "APIM",
-                "PrivateLink",
-                "VNet"
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -603,8 +4137,8 @@
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#im-8-restrict-the-exposure-of-credential-and-secrets",
             "service": "APIM",
             "services": [
-                "AKV",
-                "APIM"
+                "APIM",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Data protection",
@@ -634,8 +4168,8 @@
             "service": "APIM",
             "services": [
                 "Entra",
-                "APIM",
                 "AppGW",
+                "APIM",
                 "WAF"
             ],
             "severity": "High",
@@ -662,8 +4196,8 @@
             "link": "https://learn.microsoft.com/azure/architecture/web-apps/spring-apps/architectures/spring-apps-multi-region",
             "service": "Spring Apps",
             "services": [
-                "TrafficManager",
                 "ASR",
+                "TrafficManager",
                 "FrontDoor"
             ],
             "severity": "Medium",
@@ -754,8 +4288,8 @@
             "service": "AVS",
             "services": [
                 "Entra",
-                "AVS",
-                "Subscriptions"
+                "Subscriptions",
+                "AVS"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -912,11 +4446,11 @@
             "guid": "eb710a37-cbc1-4055-8dd5-a936a8bb7cf5",
             "service": "AVS",
             "services": [
+                "Monitor",
                 "NetworkWatcher",
+                "ExpressRoute",
                 "AVS",
-                "VPN",
-                "Monitor",
-                "ExpressRoute"
+                "VPN"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -929,11 +4463,11 @@
             "guid": "976e24f2-a7f8-426c-9253-2a92a2a7ed99",
             "service": "AVS",
             "services": [
-                "NetworkWatcher",
-                "AVS",
-                "VM",
                 "Monitor",
-                "ExpressRoute"
+                "VM",
+                "NetworkWatcher",
+                "ExpressRoute",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -946,10 +4480,10 @@
             "guid": "f41ce6a0-64f3-4805-bc65-3ab50df01265",
             "service": "AVS",
             "services": [
-                "Monitor",
-                "AVS",
                 "VM",
-                "NetworkWatcher"
+                "Monitor",
+                "NetworkWatcher",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -1063,9 +4597,9 @@
             "guid": "586cb291-ec16-4a1d-876e-f9f141acdce5",
             "service": "AVS",
             "services": [
-                "Entra",
+                "VM",
                 "AVS",
-                "VM"
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Security (identity)",
@@ -1091,8 +4625,8 @@
             "guid": "a2adb1c3-d232-46af-825c-a44e1695fddd",
             "service": "AVS",
             "services": [
-                "AVS",
                 "AppGW",
+                "AVS",
                 "Firewall"
             ],
             "severity": "High",
@@ -1119,8 +4653,8 @@
             "guid": "29e3eec2-1836-487a-8077-a2b5945bda43",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Security (network)",
@@ -1133,11 +4667,11 @@
             "guid": "334fdf91-c234-4182-a652-75269440b4be",
             "service": "AVS",
             "services": [
+                "VNet",
                 "DDoS",
-                "AVS",
-                "VPN",
                 "ExpressRoute",
-                "VNet"
+                "AVS",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Security (network)",
@@ -1163,8 +4697,8 @@
             "guid": "9ccbd869-266a-4cca-874f-aa19bf39d95d",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Defender"
+                "Defender",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Security (guest/VM)",
@@ -1177,8 +4711,8 @@
             "guid": "44c7c891-9ca1-4f6d-9315-ae524ba34d45",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Arc"
+                "Arc",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Security (guest/VM)",
@@ -1191,8 +4725,8 @@
             "guid": "85e12139-bd7b-4b01-8f7b-95ef6e043e2a",
             "service": "AVS",
             "services": [
-                "AVS",
-                "SQL"
+                "SQL",
+                "AVS"
             ],
             "severity": "Low",
             "subcategory": "Security (guest/VM)",
@@ -1205,8 +4739,8 @@
             "guid": "a3592718-e6e2-4051-9267-6ae46691e883",
             "service": "AVS",
             "services": [
-                "AKV",
-                "AVS"
+                "AVS",
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Security (guest/VM)",
@@ -1245,9 +4779,9 @@
             "guid": "d88408f3-7273-44c8-96ba-280214590146",
             "service": "AVS",
             "services": [
-                "AVS",
+                "Storage",
                 "AzurePolicy",
-                "Storage"
+                "AVS"
             ],
             "severity": "High",
             "subcategory": "Governance (platform)",
@@ -1260,8 +4794,8 @@
             "guid": "d89f2e87-7784-424d-9167-85c6fa95b96a",
             "service": "AVS",
             "services": [
-                "AVS",
-                "ASR"
+                "ASR",
+                "AVS"
             ],
             "severity": "High",
             "subcategory": "Governance (platform)",
@@ -1287,8 +4821,8 @@
             "guid": "bf39d95d-44c7-4c89-89ca-1f6d5315ae52",
             "service": "AVS",
             "services": [
-                "AVS",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Governance (platform)",
@@ -1301,8 +4835,8 @@
             "guid": "4ba34d45-85e1-4213-abd7-bb012f7b95ef",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Cost"
+                "Cost",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Governance (platform)",
@@ -1315,8 +4849,8 @@
             "guid": "6e043e2a-a359-4271-ae6e-205172676ae4",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Cost"
+                "Cost",
+                "AVS"
             ],
             "severity": "Low",
             "subcategory": "Governance (platform)",
@@ -1355,9 +4889,9 @@
             "guid": "48b262d6-cc5f-4512-a253-98e6db9d37da",
             "service": "AVS",
             "services": [
-                "AVS",
                 "VM",
-                "Defender"
+                "Defender",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Governance (guest/VM)",
@@ -1370,9 +4904,9 @@
             "guid": "41741583-3ef7-4ad7-a6d3-733165c7acbe",
             "service": "AVS",
             "services": [
-                "AVS",
                 "VM",
-                "Arc"
+                "Arc",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Governance (guest/VM)",
@@ -1398,9 +4932,9 @@
             "guid": "4ed90dae-2cc8-44c4-9b6b-781cbafe6c46",
             "service": "AVS",
             "services": [
-                "AVS",
                 "VM",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Governance (guest/VM)",
@@ -1414,9 +4948,9 @@
             "service": "AVS",
             "services": [
                 "VM",
+                "AzurePolicy",
                 "AVS",
-                "Backup",
-                "AzurePolicy"
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Governance (guest/VM)",
@@ -1429,9 +4963,9 @@
             "guid": "ee29711b-d352-4caa-ab79-b198dab81932",
             "service": "AVS",
             "services": [
-                "AVS",
                 "Defender",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Compliance",
@@ -1444,8 +4978,8 @@
             "guid": "c9fc9d1b-b780-436f-9e6b-fbb9ed503547",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Defender"
+                "Defender",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Compliance",
@@ -1497,8 +5031,8 @@
             "guid": "e43a18a9-cd28-49ce-b6b1-7db8255461e2",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -1511,8 +5045,8 @@
             "guid": "6b84ee5d-f47d-42d9-8881-b1cd5d1e54a2",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -1525,8 +5059,8 @@
             "guid": "9659e396-80e7-4828-ac93-5657d02bff45",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -1539,8 +5073,8 @@
             "guid": "64b0d934-a348-4726-be79-d6b5c3a36495",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -1554,8 +5088,8 @@
             "service": "AVS",
             "services": [
                 "Monitor",
-                "AVS",
-                "Storage"
+                "Storage",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -1568,8 +5102,8 @@
             "guid": "9674c5ed-85b8-459c-9733-be2b1a27b775",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Low",
             "subcategory": "Monitoring",
@@ -1582,10 +5116,10 @@
             "guid": "a91be1f3-88f0-43a4-b2cd-463cbbbc8682",
             "service": "AVS",
             "services": [
-                "AVS",
                 "VM",
+                "Storage",
                 "AzurePolicy",
-                "Storage"
+                "AVS"
             ],
             "severity": "High",
             "subcategory": "Operations",
@@ -1611,9 +5145,9 @@
             "guid": "0e43a18a-9cd2-489b-bd6b-17db8255461e",
             "service": "AVS",
             "services": [
+                "Storage",
                 "AVS",
-                "Backup",
-                "Storage"
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -1626,8 +5160,8 @@
             "guid": "2aee3453-aec8-4339-848b-262d6cc5f512",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Arc"
+                "Arc",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -1640,8 +5174,8 @@
             "guid": "925398e6-da9d-437d-ac43-bc6cd1d79a9b",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -1667,9 +5201,9 @@
             "guid": "17e7a8d9-0ae0-4e27-aee2-9711bd352caa",
             "service": "AVS",
             "services": [
-                "AVS",
+                "Monitor",
                 "AzurePolicy",
-                "Monitor"
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -1682,8 +5216,8 @@
             "guid": "aee3553a-fc83-4392-98b2-62d6cc5f5129",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Defender"
+                "Defender",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -1710,8 +5244,8 @@
             "guid": "5e6bfbb9-ed50-4354-9cc4-47e826028a71",
             "service": "AVS",
             "services": [
-                "AVS",
-                "ASR"
+                "ASR",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Disaster Recovery",
@@ -1724,8 +5258,8 @@
             "guid": "f0f1cac6-d9ef-41d5-b832-d42e3611c818",
             "service": "AVS",
             "services": [
-                "AVS",
-                "ASR"
+                "ASR",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Disaster Recovery",
@@ -1738,8 +5272,8 @@
             "guid": "b0afbc51-0e43-4a18-a9cd-289bed6b17db",
             "service": "AVS",
             "services": [
-                "AVS",
-                "ASR"
+                "ASR",
+                "AVS"
             ],
             "severity": "High",
             "subcategory": "Disaster Recovery",
@@ -1752,8 +5286,8 @@
             "guid": "8255461e-2aee-4345-9aec-8339248b262d",
             "service": "AVS",
             "services": [
-                "AVS",
-                "ASR"
+                "ASR",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Disaster Recovery",
@@ -1766,8 +5300,8 @@
             "guid": "6cc5f512-9253-498e-9da9-d37dac43bc6c",
             "service": "AVS",
             "services": [
-                "AVS",
-                "ASR"
+                "ASR",
+                "AVS"
             ],
             "severity": "High",
             "subcategory": "Disaster Recovery",
@@ -1780,9 +5314,9 @@
             "guid": "d1d79a9b-2460-4448-aa8f-42d78e78cb6a",
             "service": "AVS",
             "services": [
-                "AVS",
                 "ASR",
                 "NVA",
+                "AVS",
                 "ExpressRoute"
             ],
             "severity": "Medium",
@@ -1903,8 +5437,8 @@
             "guid": "0f1cac6d-9ef1-4d5e-a32e-42e3611c818b",
             "service": "AVS",
             "services": [
-                "AVS",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AVS"
             ],
             "severity": "Low",
             "subcategory": "Automated Deployment",
@@ -1917,8 +5451,8 @@
             "guid": "e2cc95d4-8c6b-4791-bca0-f6c56589e558",
             "service": "AVS",
             "services": [
-                "AKV",
-                "AVS"
+                "AVS",
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Automated Connectivity",
@@ -1931,9 +5465,9 @@
             "guid": "255461e2-aee3-4553-afc8-339248b262d6",
             "service": "AVS",
             "services": [
-                "AKV",
                 "AVS",
-                "ExpressRoute"
+                "ExpressRoute",
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Automated Connectivity",
@@ -1972,8 +5506,8 @@
             "guid": "3bd2a0a1-7e7a-48d9-8ae0-e37cee29711b",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Subscriptions"
+                "Subscriptions",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Automated Scale",
@@ -1986,9 +5520,9 @@
             "guid": "d352caaa-b79b-4198-bab8-1932c9fc9d1b",
             "service": "AVS",
             "services": [
-                "AVS",
+                "Storage",
                 "AzurePolicy",
-                "Storage"
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Automated Scale",
@@ -2040,8 +5574,8 @@
             "guid": "1dc15a1c-075e-4e9f-841a-cccd579376bc",
             "service": "AVS",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Automated Scale",
@@ -2055,8 +5589,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy#how-application-proxy-works",
             "service": "AVS",
             "services": [
-                "AVS",
-                "VM"
+                "VM",
+                "AVS"
             ],
             "severity": "High",
             "subcategory": "Architecture",
@@ -2085,8 +5619,8 @@
             "guid": "bc91a43d-90da-4e2c-a881-4706f7c1cbaf",
             "service": "AVS",
             "services": [
-                "VPN",
-                "AVS"
+                "AVS",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -2126,9 +5660,9 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings",
             "service": "AVS",
             "services": [
-                "AVS",
                 "VM",
-                "Storage"
+                "Storage",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Architecture",
@@ -2142,9 +5676,9 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#avoid-combining-traffic-manager-and-front-door",
             "service": "AVS",
             "services": [
+                "Storage",
                 "AVS",
-                "ExpressRoute",
-                "Storage"
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "subcategory": "Architecture",
@@ -2158,9 +5692,9 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-the-same-domain-name-on-front-door-and-your-origin",
             "service": "AVS",
             "services": [
+                "Storage",
                 "AVS",
-                "ExpressRoute",
-                "Storage"
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "subcategory": "Architecture",
@@ -2174,8 +5708,8 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group",
             "service": "AVS",
             "services": [
-                "AVS",
-                "ASR"
+                "ASR",
+                "AVS"
             ],
             "severity": "High",
             "subcategory": "Architecture",
@@ -2263,8 +5797,8 @@
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-azure-policy",
             "service": "ACR",
             "services": [
-                "AzurePolicy",
-                "ACR"
+                "ACR",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Data Protection",
@@ -2279,8 +5813,8 @@
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-tutorial-sign-build-push",
             "service": "ACR",
             "services": [
-                "AKV",
-                "ACR"
+                "ACR",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Data Protection",
@@ -2295,8 +5829,8 @@
             "link": "https://learn.microsoft.com/azure/container-registry/tutorial-customer-managed-keys",
             "service": "ACR",
             "services": [
-                "AKV",
-                "ACR"
+                "ACR",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Data Protection",
@@ -2395,8 +5929,8 @@
             "services": [
                 "Entra",
                 "EventHubs",
-                "PrivateLink",
-                "ACR"
+                "ACR",
+                "PrivateLink"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Control",
@@ -2412,8 +5946,8 @@
             "service": "ACR",
             "services": [
                 "Entra",
-                "AzurePolicy",
-                "ACR"
+                "ACR",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Control",
@@ -2428,9 +5962,9 @@
             "link": "https://learn.microsoft.com/azure/container-registry/monitor-service",
             "service": "ACR",
             "services": [
-                "Entra",
                 "Monitor",
-                "ACR"
+                "ACR",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Logging and Monitoring",
@@ -2445,10 +5979,10 @@
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-private-link",
             "service": "ACR",
             "services": [
-                "PrivateLink",
                 "VNet",
+                "ACR",
                 "Firewall",
-                "ACR"
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -2463,8 +5997,8 @@
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-access-selected-networks#disable-public-network-access",
             "service": "ACR",
             "services": [
-                "PrivateLink",
-                "ACR"
+                "ACR",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -2479,8 +6013,8 @@
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-skus",
             "service": "ACR",
             "services": [
-                "PrivateLink",
-                "ACR"
+                "ACR",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -2538,9 +6072,9 @@
             "guid": "976f32a7-30d1-6caa-c2a0-207fdc26571b",
             "link": "https://learn.microsoft.com/azure/azure-vmware/set-up-backup-server-for-azure-vmware-solution",
             "services": [
+                "Storage",
                 "AVS",
-                "Backup",
-                "Storage"
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -2569,9 +6103,9 @@
             "guid": "be28860f-3d29-a79a-1a0e-36f1b23b36ae",
             "link": "Best practice to deploy backup in the same region as your AVS deployment",
             "services": [
+                "ASR",
                 "AVS",
-                "Backup",
-                "ASR"
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Business Continuity",
@@ -2613,8 +6147,8 @@
             "guid": "f379436d-3051-daa0-01fb-dc4e0e04d677",
             "link": "https://docs.microsoft.com/azure/azure-vmware/disaster-recovery-using-vmware-site-recovery-manager",
             "services": [
-                "AVS",
-                "ASR"
+                "ASR",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Disaster Recovery",
@@ -2628,8 +6162,8 @@
             "guid": "367f71d8-3cf6-51a0-91a5-3db3d570cc19",
             "link": "https://docs.microsoft.com/azure/site-recovery/avs-tutorial-prepare-azure",
             "services": [
-                "AVS",
-                "ASR"
+                "ASR",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Disaster Recovery",
@@ -2643,8 +6177,8 @@
             "guid": "ee02ada0-1887-bb3a-b84c-423f45a09ef9",
             "link": "https://docs.microsoft.com/azure/site-recovery/avs-tutorial-prepare-azure",
             "services": [
-                "AVS",
-                "ASR"
+                "ASR",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Disaster Recovery",
@@ -2658,8 +6192,8 @@
             "guid": "0c2b74e5-9c28-780d-1df3-12d3de4aaa76",
             "link": "https://docs.microsoft.com/azure/azure-vmware/connect-multiple-private-clouds-same-region",
             "services": [
-                "AVS",
-                "ASR"
+                "ASR",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Disaster Recovery",
@@ -2673,8 +6207,8 @@
             "guid": "c2a34ec4-2933-4e6c-dc36-e20e67abbe3f",
             "link": "https://docs.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
             "services": [
-                "AVS",
-                "ASR"
+                "ASR",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Disaster Recovery",
@@ -2688,9 +6222,9 @@
             "guid": "b44fb6ec-bfc1-3a8e-dba2-ca97f0991d2c",
             "link": "This depends if you have multiple AVS Private Clouds. If so and they are in the same region then use AVS Interconnect. If they are in separate regions then use ExpressRoute Global Reach.",
             "services": [
-                "AVS",
                 "ASR",
                 "NVA",
+                "AVS",
                 "ExpressRoute"
             ],
             "severity": "Medium",
@@ -2780,8 +6314,8 @@
             "guid": "91f7a87b-21ac-d712-959c-8df2ba034253",
             "link": "https://learn.microsoft.com/azure/virtual-network/quick-create-portal",
             "services": [
-                "AVS",
-                "VNet"
+                "VNet",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Hub & Spoke",
@@ -2795,10 +6329,10 @@
             "guid": "58a027e2-f37f-b540-45d5-e44843aba26b",
             "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings",
             "services": [
-                "VPN",
-                "AVS",
+                "ExpressRoute",
                 "VNet",
-                "ExpressRoute"
+                "AVS",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Hub & Spoke",
@@ -2812,10 +6346,10 @@
             "guid": "d4806549-0913-3e79-b580-ac2d3706e65a",
             "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings",
             "services": [
-                "VPN",
-                "AVS",
+                "ExpressRoute",
                 "VNet",
-                "ExpressRoute"
+                "AVS",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Hub & Spoke",
@@ -2829,10 +6363,10 @@
             "guid": "864d7a8b-7016-c769-a717-61af6bfb73d2",
             "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings",
             "services": [
-                "VPN",
-                "AVS",
+                "ExpressRoute",
                 "VNet",
-                "ExpressRoute"
+                "AVS",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Hub & Spoke",
@@ -2846,8 +6380,8 @@
             "guid": "cc2e11b9-7911-7da1-458c-d7fcef794aad",
             "link": "https://learn.microsoft.com/azure/azure-vmware/enable-public-internet-access",
             "services": [
-                "AVS",
-                "NVA"
+                "NVA",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -2877,8 +6411,8 @@
             "link": "https://learn.microsoft.com/azure/bastion/tutorial-create-host-portal",
             "services": [
                 "Bastion",
-                "AVS",
-                "VNet"
+                "VNet",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Jumpbox & Bastion",
@@ -2893,8 +6427,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/network-security-groups-overview",
             "services": [
                 "Bastion",
-                "AVS",
-                "VM"
+                "VM",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Jumpbox & Bastion",
@@ -2908,8 +6442,8 @@
             "guid": "9988598f-2a9f-6b12-9b46-488415ceb325",
             "link": "https://learn.microsoft.com/azure/azure-vmware/configure-site-to-site-vpn-gateway",
             "services": [
-                "VPN",
-                "AVS"
+                "AVS",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "VPN",
@@ -2923,8 +6457,8 @@
             "guid": "956ce5e9-a862-fe2b-a50d-a22923569357",
             "link": "https://www.omnicalculator.com/other/data-transfer#:~:text=To%20calculate%20the%20data%20transfer%20speed%3A%201%20Download,measured%20time%20to%20find%20the%20data%20transfer%20speed.",
             "services": [
-                "VPN",
-                "AVS"
+                "AVS",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "VPN",
@@ -2938,8 +6472,8 @@
             "guid": "e095116f-0bdc-4b51-4d71-b9e469d56f59",
             "link": "https://learn.microsoft.com/azure/architecture/solution-ideas/articles/azure-vmware-solution-foundation-networking",
             "services": [
-                "VPN",
-                "AVS"
+                "AVS",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "VPN",
@@ -2968,9 +6502,9 @@
             "guid": "51d6affd-8e02-6aea-d3d4-0baf618b3076",
             "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-point-to-site-portal",
             "services": [
-                "VPN",
+                "VWAN",
                 "AVS",
-                "VWAN"
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "vWAN hub",
@@ -2984,8 +6518,8 @@
             "guid": "e32a4c67-3dc0-c134-1c12-52d46dcbab5b",
             "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-expressroute-portal",
             "services": [
-                "AVS",
                 "Firewall",
+                "AVS",
                 "VWAN"
             ],
             "severity": "Medium",
@@ -3156,8 +6690,8 @@
             "link": "Best practice",
             "services": [
                 "Entra",
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Security ",
@@ -3186,9 +6720,9 @@
             "guid": "8f426fd0-d73b-d398-1f6f-df0cbe262a82",
             "link": "https://learn.microsoft.com/azure/azure-arc/vmware-vsphere/overview",
             "services": [
-                "AVS",
                 "VM",
-                "Arc"
+                "Arc",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -3202,9 +6736,9 @@
             "guid": "11dbe773-e380-9191-1418-e886fa7a6fd0",
             "link": "https://docs.microsoft.com/azure/governance/policy/overview",
             "services": [
-                "AVS",
+                "Monitor",
                 "AzurePolicy",
-                "Monitor"
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -3246,8 +6780,8 @@
             "guid": "86b314f9-1f1e-317a-4dfb-cf510ad4a030",
             "link": "https://docs.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations",
             "services": [
-                "AKV",
-                "AVS"
+                "AVS",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Operations",
@@ -3261,8 +6795,8 @@
             "guid": "e22a2d99-eb71-7d7c-07af-6d4cdb1d4443",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-alerts-for-azure-vmware-solution",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Alerts",
@@ -3276,8 +6810,8 @@
             "guid": "6d02f159-627d-79bf-a931-fab6d947eda2",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-alerts-for-azure-vmware-solution",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Alerts",
@@ -3291,8 +6825,8 @@
             "guid": "1cc97b39-2c7e-246f-6d73-789cfebfe951",
             "link": "https://www.virtualworkloads.com/2021/04/azure-vmware-solution-azure-service-health/",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Alerts",
@@ -3306,11 +6840,11 @@
             "guid": "0962606c-e3b4-62a9-5661-e4ffd62a4509",
             "link": "https://docs.microsoft.com/azure/azure-vmware/set-up-backup-server-for-azure-vmware-solution",
             "services": [
-                "Backup",
-                "AVS",
-                "VM",
+                "Monitor",
                 "AzurePolicy",
-                "Monitor"
+                "VM",
+                "Backup",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -3324,9 +6858,9 @@
             "guid": "4ec7ccfb-795e-897e-4a84-fd31c04eadc6",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-alerts-for-azure-vmware-solution",
             "services": [
-                "AVS",
+                "Monitor",
                 "AzurePolicy",
-                "Monitor"
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Capacity",
@@ -3340,10 +6874,10 @@
             "guid": "7f8f175d-13f4-5298-9e61-0bc7e9fcc279",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/govern",
             "services": [
-                "AVS",
+                "Monitor",
                 "Cost",
-                "Subscriptions",
-                "Monitor"
+                "AVS",
+                "Subscriptions"
             ],
             "severity": "Medium",
             "subcategory": "Costs",
@@ -3358,8 +6892,8 @@
             "link": "https://docs.microsoft.com/azure/azure-portal/azure-portal-dashboards",
             "services": [
                 "Monitor",
-                "AVS",
-                "NetworkWatcher"
+                "NetworkWatcher",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Dashboard",
@@ -3373,9 +6907,9 @@
             "guid": "f9afdcc9-649d-d840-9fb5-a3c0edcc697d",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-vmware-syslogs",
             "services": [
-                "AVS",
+                "Monitor",
                 "Storage",
-                "Monitor"
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Logs & Metrics",
@@ -3389,8 +6923,8 @@
             "guid": "7cbac8c3-4eda-d5d9-9bda-c6b5abba9fb6",
             "link": "Is vROPS or vRealize Network Insight going to be used? ",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Logs & Metrics",
@@ -3404,9 +6938,9 @@
             "guid": "b243521a-644d-f865-7fb6-21f9019c0dd2",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-vmware-syslogs",
             "services": [
-                "AVS",
                 "VM",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Logs & Metrics",
@@ -3420,11 +6954,11 @@
             "guid": "2ca97d91-dd36-7229-b668-01036ccc3cd3",
             "link": "https://learn.microsoft.com/azure/network-watcher/connection-monitor-create-using-portal",
             "services": [
+                "Monitor",
                 "NetworkWatcher",
+                "ExpressRoute",
                 "AVS",
-                "VPN",
-                "Monitor",
-                "ExpressRoute"
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Network",
@@ -3438,9 +6972,9 @@
             "guid": "99209143-60fe-19f0-5633-8b5671277ba5",
             "link": "https://learn.microsoft.com/azure/network-watcher/connection-monitor-create-using-portal",
             "services": [
+                "Monitor",
                 "AVS",
-                "ExpressRoute",
-                "Monitor"
+                "ExpressRoute"
             ],
             "severity": "Medium",
             "subcategory": "Network",
@@ -3454,8 +6988,8 @@
             "guid": "b9e5867c-57d3-036f-fb1b-3f0a71664efe",
             "link": "https://learn.microsoft.com/azure/network-watcher/connection-monitor-create-using-portal",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Network",
@@ -3469,8 +7003,8 @@
             "guid": "4af7c5f7-e5e9-bedf-a8cf-314b81735962",
             "link": "Firewall logging and alerting rules are configured (Azure Firewall or 3rd party)",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -3484,8 +7018,8 @@
             "guid": "74be60a3-cfac-f057-eda6-3ee087e805d5",
             "link": "https://docs.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/eslz-network-topology-connectivity",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -3499,8 +7033,8 @@
             "guid": "a434b3b5-f258-0845-cd76-d7df6ef5890e",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-vmware-syslogs",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "VMWare",
@@ -3514,9 +7048,9 @@
             "guid": "fb00b69a-83ec-ce72-446e-6c23a0cab09a",
             "link": "https://docs.microsoft.com/azure/azure-monitor/agents/agent-windows?tabs=setup-wizard",
             "services": [
-                "AVS",
                 "VM",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "VMware",
@@ -3558,9 +7092,9 @@
             "guid": "ebd3cc3c-ac3d-4293-950d-cecd8445a523",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/eslz-network-topology-connectivity",
             "services": [
+                "NVA",
                 "ARS",
-                "AVS",
-                "NVA"
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Hub & Spoke",
@@ -3603,10 +7137,10 @@
             "guid": "e942c03d-beaa-3d9f-0526-9b26cd5e9937",
             "link": "Research and choose optimal solution for each application",
             "services": [
-                "AVS",
+                "FrontDoor",
                 "AppGW",
-                "NVA",
-                "FrontDoor"
+                "AVS",
+                "NVA"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -3636,14 +7170,14 @@
             "link": "https://docs.microsoft.com/azure/ddos-protection/manage-ddos-protection",
             "services": [
                 "AppGW",
+                "VNet",
                 "DDoS",
-                "AVS",
                 "VM",
-                "VPN",
-                "LoadBalancer",
                 "FrontDoor",
                 "ExpressRoute",
-                "VNet"
+                "VPN",
+                "AVS",
+                "LoadBalancer"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -3685,9 +7219,9 @@
             "guid": "3f621543-dfac-c471-54a6-7b2849b6909a",
             "link": "https://learn.microsoft.com/azure/architecture/networking/hub-spoke-vwan-architecture",
             "services": [
+                "VWAN",
                 "AVS",
-                "Firewall",
-                "VWAN"
+                "Firewall"
             ],
             "severity": "Medium",
             "subcategory": "Virtual WAN",
@@ -3716,8 +7250,8 @@
             "guid": "7d049005-eb35-4a93-50a5-3b31a9f61161",
             "link": "https://docs.microsoft.com/azure/azure-vmware/configure-nsx-network-components-azure-portal",
             "services": [
-                "AVS",
-                "Subscriptions"
+                "Subscriptions",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Automated Scale",
@@ -3731,9 +7265,9 @@
             "guid": "7242c1de-da37-27f3-1ddd-565ccccb8ece",
             "link": "https://docs.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/eslz-platform-automation-and-devops#automated-scale",
             "services": [
-                "AVS",
+                "Storage",
                 "AzurePolicy",
-                "Storage"
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Automated Scale",
@@ -3789,8 +7323,8 @@
             "guid": "7bd65a5e-7b5d-652d-dbea-fc6f73a42857",
             "link": "https://docs.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/eslz-management-and-monitoring",
             "services": [
-                "AVS",
-                "Monitor"
+                "Monitor",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Automated Scale",
@@ -3804,8 +7338,8 @@
             "guid": "95e374af-8a2a-2672-7ab7-b4a1be43ada7",
             "link": "https://learn.microsoft.com/azure/private-link/private-link-overview",
             "services": [
-                "PrivateLink",
-                "AVS"
+                "AVS",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -3847,8 +7381,8 @@
             "guid": "e52d1615-9cc6-565c-deb6-743ed7e90f4b",
             "link": "Internal policy or regulatory compliance",
             "services": [
-                "AVS",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Pre-deployment",
@@ -3890,8 +7424,8 @@
             "guid": "96c76997-30a6-bb92-024d-f4f93f5f57fa",
             "link": "Done through the subscription/resource providers/ AVS  register in the portal",
             "services": [
-                "AVS",
-                "Subscriptions"
+                "Subscriptions",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Pre-deployment",
@@ -3905,8 +7439,8 @@
             "guid": "5898e3ff-5e6b-bee1-6f85-22fee261ce63",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/azure-vmware/enterprise-scale-landing-zone",
             "services": [
-                "AVS",
-                "Subscriptions"
+                "Subscriptions",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Pre-deployment",
@@ -3962,8 +7496,8 @@
             "guid": "0c87f999-e517-21ef-f355-f210ad4134d2",
             "link": "https://docs.vmware.com/en/VMware-NSX-T-Data-Center/3.2/installation/GUID-4B3860B8-1883-48CA-B2F3-7C2205D91D6D.html",
             "services": [
-                "AVS",
-                "VNet"
+                "VNet",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Pre-deployment",
@@ -4005,8 +7539,8 @@
             "guid": "f2b73c4f-3d46-32c9-5df1-5b8dfcd3947f",
             "link": "https://azure.microsoft.com/en-ca/pricing/details/azure-vmware/#:~:text=Azure%20VMware%20Solution%20%20%20%20Instance%20size,TB%20%28all%20NVMe%29%20%20%20N%2FA%20%2Fhour%20",
             "services": [
-                "AVS",
-                "Cost"
+                "Cost",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Pre-deployment",
@@ -4020,8 +7554,8 @@
             "guid": "94ac48ab-ade5-3fa7-f800-263feeb97070",
             "link": "https://docs.microsoft.com/azure/azure-vmware/concepts-storage#storage-policies-and-fault-tolerance",
             "services": [
-                "AVS",
-                "ASR"
+                "ASR",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Pre-deployment",
@@ -4063,8 +7597,8 @@
             "guid": "70cfbddc-d3d4-9188-77c8-1cabaefef646",
             "link": "General recommendation for storing encryption keys.",
             "services": [
-                "AKV",
-                "AVS"
+                "AVS",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Encryption",
@@ -4078,8 +7612,8 @@
             "guid": "c1a81638-18df-0ce9-a73a-4b9a8a8dd392",
             "link": "https://docs.microsoft.com/azure/azure-vmware/concepts-storage#data-at-rest-encryption",
             "services": [
-                "AVS",
-                "SQL"
+                "SQL",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Encryption",
@@ -4093,9 +7627,9 @@
             "guid": "8d0a8f51-8d35-19cd-c2fe-4e3512fb467e",
             "link": "https://docs.microsoft.com/azure/key-vault/general/authentication",
             "services": [
-                "AKV",
                 "AVS",
-                "ExpressRoute"
+                "ExpressRoute",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Encryption",
@@ -4138,8 +7672,8 @@
             "guid": "f42b0b09-c591-238a-1580-2de3c485ebd2",
             "link": "https://learn.microsoft.com/azure/azure-vmware/azure-security-integration#prerequisites",
             "services": [
-                "AVS",
-                "Defender"
+                "Defender",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -4153,8 +7687,8 @@
             "guid": "bcdd2348-3d0e-c6bb-1092-aa4cd1a66d6b",
             "link": "https://docs.microsoft.com/azure/azure-vmware/azure-security-integration",
             "services": [
-                "AVS",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -4308,8 +7842,8 @@
             "guid": "16ab821a-27c6-b6d3-6042-10dc4d6dfcb7",
             "link": "https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.storage.doc/GUID-01D3CF47-A84A-4988-8103-A0487D6441AA.html",
             "services": [
-                "AVS",
-                "Storage"
+                "Storage",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -4323,9 +7857,9 @@
             "guid": "eb2f9313-afb2-ab35-aa24-6d97a3cb0611",
             "link": "3rd-Party tools",
             "services": [
-                "AVS",
                 "VM",
-                "Storage"
+                "Storage",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -4339,9 +7873,9 @@
             "guid": "3f2a5cff-c8a6-634a-1f1b-53ef9d321381",
             "link": "Contact VMware",
             "services": [
-                "AVS",
                 "VM",
-                "Storage"
+                "Storage",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -4355,8 +7889,8 @@
             "guid": "efc8a311-74f8-0252-c6a0-4bac7610e266",
             "link": "Contact VMware",
             "services": [
-                "AVS",
-                "Storage"
+                "Storage",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -4370,8 +7904,8 @@
             "guid": "ab6c89cd-a26f-b894-fe59-61863975458e",
             "link": "Contact VMware",
             "services": [
-                "AVS",
-                "Storage"
+                "Storage",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -4385,10 +7919,10 @@
             "guid": "7628d446-6b10-9678-9cec-f407d990de43",
             "link": "https://learn.microsoft.com/azure/azure-vmware/concepts-storage#storage-policies-and-fault-tolerance",
             "services": [
-                "AVS",
                 "VM",
+                "Storage",
                 "AzurePolicy",
-                "Storage"
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -4402,10 +7936,10 @@
             "guid": "37fef358-7ab9-43a9-542c-22673955200e",
             "link": "https://learn.microsoft.com/azure/azure-vmware/configure-storage-policy",
             "services": [
-                "AVS",
                 "VM",
+                "Storage",
                 "AzurePolicy",
-                "Storage"
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -4419,9 +7953,9 @@
             "guid": "ebebd109-9f9d-d85e-1b2f-d302012843b7",
             "link": "https://learn.microsoft.com/azure/azure-vmware/concepts-storage#storage-policies-and-fault-tolerance",
             "services": [
-                "AVS",
+                "Storage",
                 "AzurePolicy",
-                "Storage"
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -4435,8 +7969,8 @@
             "guid": "1be821bd-4f37-216a-3e3d-2a5ac6996863",
             "link": "https://learn.microsoft.com/azure/azure-vmware/netapp-files-with-azure-vmware-solution",
             "services": [
-                "AVS",
-                "Storage"
+                "Storage",
+                "AVS"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -4515,8 +8049,8 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-outages-disasters#geo-disaster-recovery",
             "services": [
                 "ServiceBus",
-                "ASR",
-                "Storage"
+                "Storage",
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "Geo-Disaster Recovery",
@@ -4586,9 +8120,9 @@
             "guid": "4a69b9d3-39ac-44e7-a68d-1d75657202b4",
             "link": "https://learn.microsoft.com/azure/well-architected/service-guides/service-bus/reliability#checklist",
             "services": [
-                "PrivateLink",
                 "ServiceBus",
-                "Storage"
+                "Storage",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Best Practices",
@@ -4628,8 +8162,8 @@
             "link": "https://learn.microsoft.com/azure/well-architected/service-guides/service-bus/reliability#checklist",
             "services": [
                 "ServiceBus",
-                "ASR",
-                "Storage"
+                "Storage",
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "Best Practices",
@@ -4741,11 +8275,11 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-sas#shared-access-authorization-policies",
             "service": "Service Bus",
             "services": [
-                "Entra",
                 "AzurePolicy",
-                "TrafficManager",
+                "Entra",
+                "ServiceBus",
                 "RBAC",
-                "ServiceBus"
+                "TrafficManager"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -4761,12 +8295,12 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-managed-service-identity",
             "service": "Service Bus",
             "services": [
+                "Storage",
                 "Entra",
                 "AKV",
-                "Storage",
+                "ServiceBus",
                 "VM",
-                "AppSvc",
-                "ServiceBus"
+                "AppSvc"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -4782,11 +8316,11 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/authenticate-application#azure-built-in-roles-for-azure-service-bus",
             "service": "Service Bus",
             "services": [
-                "Entra",
                 "Storage",
-                "RBAC",
+                "Entra",
                 "Subscriptions",
-                "ServiceBus"
+                "ServiceBus",
+                "RBAC"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Management",
@@ -4820,9 +8354,9 @@
             "link": "https://learn.microsoft.com/azure/service-bus-messaging/private-link-service",
             "service": "Service Bus",
             "services": [
-                "PrivateLink",
                 "ServiceBus",
-                "VNet"
+                "VNet",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -5693,8 +9227,8 @@
             "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/business-continuity-disaster-recovery",
             "service": "Cognitive Services",
             "services": [
-                "Backup",
-                "ASR"
+                "ASR",
+                "Backup"
             ],
             "severity": "High",
             "subcategory": "Backup",
@@ -5789,8 +9323,8 @@
             "link": "https://learn.microsoft.com/en-us/azure/app-service/monitor-instances-health-check",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "Monitor"
+                "Monitor",
+                "AppSvc"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -5875,8 +9409,8 @@
             "link": "https://learn.microsoft.com/en-us/azure/app-service/monitor-instances-health-check",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "Monitor"
+                "Monitor",
+                "AppSvc"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -5890,8 +9424,8 @@
             "link": "https://learn.microsoft.com/en-us/azure/azure-monitor/app/availability-overview",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "Monitor"
+                "Monitor",
+                "AppSvc"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -5905,8 +9439,8 @@
             "link": "https://learn.microsoft.com/en-us/azure/azure-monitor/app/availability-standard-tests",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "Monitor"
+                "Monitor",
+                "AppSvc"
             ],
             "severity": "Low",
             "subcategory": "Monitoring",
@@ -5970,8 +9504,8 @@
             "link": "https://learn.microsoft.com/azure/app-service/overview-hosting-plans",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "Subscriptions"
+                "Subscriptions",
+                "AppSvc"
             ],
             "severity": "Medium",
             "subcategory": "Data Protection",
@@ -5986,8 +9520,8 @@
             "link": "https://learn.microsoft.com/azure/app-service/operating-system-functionality#file-access",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "TrafficManager"
+                "TrafficManager",
+                "AppSvc"
             ],
             "severity": "Medium",
             "subcategory": "Data Protection",
@@ -6068,8 +9602,8 @@
             "service": "App Services",
             "services": [
                 "Entra",
-                "AppSvc",
-                "ACR"
+                "ACR",
+                "AppSvc"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Control",
@@ -6084,9 +9618,9 @@
             "link": "https://learn.microsoft.com/azure/app-service/troubleshoot-diagnostic-logs",
             "service": "App Services",
             "services": [
-                "Entra",
+                "Monitor",
                 "AppSvc",
-                "Monitor"
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Logging and Monitoring",
@@ -6101,9 +9635,9 @@
             "link": "https://learn.microsoft.com/azure/azure-monitor/essentials/activity-log",
             "service": "App Services",
             "services": [
-                "Entra",
+                "Monitor",
                 "AppSvc",
-                "Monitor"
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Logging and Monitoring",
@@ -6118,10 +9652,10 @@
             "link": "https://learn.microsoft.com/azure/app-service/overview-vnet-integration",
             "service": "App Services",
             "services": [
-                "NVA",
                 "Monitor",
-                "AppSvc",
+                "NVA",
                 "VNet",
+                "AppSvc",
                 "Firewall"
             ],
             "severity": "Medium",
@@ -6137,11 +9671,11 @@
             "link": "https://learn.microsoft.com/azure/app-service/networking/nat-gateway-integration",
             "service": "App Services",
             "services": [
-                "PrivateLink",
                 "Storage",
                 "NVA",
-                "AppSvc",
                 "VNet",
+                "PrivateLink",
+                "AppSvc",
                 "Firewall"
             ],
             "severity": "Low",
@@ -6157,8 +9691,8 @@
             "link": "https://learn.microsoft.com/azure/app-service/networking-features#access-restrictions",
             "service": "App Services",
             "services": [
-                "PrivateLink",
-                "AppSvc"
+                "AppSvc",
+                "PrivateLink"
             ],
             "severity": "High",
             "subcategory": "Network Security",
@@ -6173,11 +9707,11 @@
             "link": "https://learn.microsoft.com/azure/app-service/networking/app-gateway-with-service-endpoints",
             "service": "App Services",
             "services": [
+                "Monitor",
                 "AppGW",
+                "WAF",
                 "FrontDoor",
-                "Monitor",
-                "AppSvc",
-                "WAF"
+                "AppSvc"
             ],
             "severity": "High",
             "subcategory": "Network Security",
@@ -6192,9 +9726,9 @@
             "link": "https://learn.microsoft.com/azure/app-service/networking-features#access-restrictions",
             "service": "App Services",
             "services": [
-                "PrivateLink",
+                "WAF",
                 "AppSvc",
-                "WAF"
+                "PrivateLink"
             ],
             "severity": "High",
             "subcategory": "Network Security",
@@ -6210,8 +9744,8 @@
             "link": "https://learn.microsoft.com/azure/app-service/configure-ssl-bindings#enforce-tls-versions",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AppSvc"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -6227,8 +9761,8 @@
             "link": "https://learn.microsoft.com/azure/app-service/configure-ssl-bindings#enforce-https",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
             "severity": "High",
             "subcategory": "Network Security",
@@ -6243,8 +9777,8 @@
             "link": "https://learn.microsoft.com/azure/app-service/app-service-web-tutorial-rest-api",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "Storage"
+                "Storage",
+                "AppSvc"
             ],
             "severity": "High",
             "subcategory": "Network Security",
@@ -6275,8 +9809,8 @@
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-app-service-introduction",
             "service": "App Services",
             "services": [
-                "AppSvc",
-                "Defender"
+                "Defender",
+                "AppSvc"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -6291,13 +9825,13 @@
             "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
             "service": "App Services",
             "services": [
-                "AppGW",
-                "DDoS",
                 "EventHubs",
-                "NVA",
-                "AppSvc",
+                "AppGW",
                 "VNet",
-                "WAF"
+                "WAF",
+                "NVA",
+                "DDoS",
+                "AppSvc"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -6312,10 +9846,10 @@
             "link": "https://learn.microsoft.com/azure/app-service/configure-custom-container#use-an-image-from-a-network-protected-registry",
             "service": "App Services",
             "services": [
-                "PrivateLink",
-                "AppSvc",
+                "ACR",
                 "VNet",
-                "ACR"
+                "AppSvc",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Network Security",
@@ -6390,8 +9924,8 @@
             "link": "https://learn.microsoft.com/azure/storage/common/storage-private-endpoints",
             "service": "Azure Storage",
             "services": [
-                "PrivateLink",
-                "Storage"
+                "Storage",
+                "PrivateLink"
             ],
             "severity": "High",
             "subcategory": "Networking",
@@ -6423,8 +9957,8 @@
             "link": "https://learn.microsoft.com/azure/storage/common/azure-defender-storage-configure",
             "service": "Azure Storage",
             "services": [
-                "Storage",
-                "Defender"
+                "Defender",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Governance",
@@ -6515,8 +10049,8 @@
             "service": "Azure Storage",
             "services": [
                 "Storage",
-                "Subscriptions",
-                "AzurePolicy"
+                "AzurePolicy",
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Data Availability, Compliance",
@@ -6571,7 +10105,23 @@
         {
             "category": "Security",
             "checklist": "Azure Storage Review Checklist",
-            "description": "AAD tokens should be favored over shared access signatures, wherever possible",
+            "description": ". Enforcing the latest TLS version will reject request from clients using the older version. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant",
+            "guid": "e12be569-a18f-4562-8d5d-ce151b9e7d55",
+            "link": "https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version",
+            "service": "Azure Storage",
+            "services": [
+                "Storage"
+            ],
+            "severity": "High",
+            "subcategory": "Networking",
+            "text": "Enforce the latest TLS version for a storage account",
+            "waf": "Security"
+        },
+        {
+            "category": "Security",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Microsoft Entra ID tokens should be favored over shared access signatures, wherever possible",
             "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
             "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access",
             "service": "Azure Storage",
@@ -6581,7 +10131,7 @@
             ],
             "severity": "High",
             "subcategory": "Identity and Access Management",
-            "text": "Use Azure Active Directory (Azure AD) tokens for blob access",
+            "text": "Use Microsoft Entra ID tokens for blob access",
             "waf": "Security"
         },
         {
@@ -6619,19 +10169,20 @@
         {
             "category": "Security",
             "checklist": "Azure Storage Review Checklist",
-            "description": "Storage account keys ('shared keys') have very little audit capabilities. While it can be monitored on who/when fetched a copy of the keys, once the keys are in the hands of multiple people, it is impossible to attribute usage to a specific user. Solely relying on AAD authentication makes it easier to tie storage access to a user. ",
+            "description": "Storage account keys ('shared keys') have very little audit capabilities. While it can be monitored on who/when fetched a copy of the keys, once the keys are in the hands of multiple people, it is impossible to attribute usage to a specific user. Solely relying on Entra ID authentication makes it easier to tie storage access to a user. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant",
             "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
             "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
             "service": "Azure Storage",
             "services": [
                 "Entra",
-                "AKV",
                 "Storage",
-                "Monitor"
+                "Monitor",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Identity and Access Management",
-            "text": "Consider disabling storage account keys, so that only AAD access (and user delegation SAS) is supported.",
+            "text": "Consider disabling storage account keys, so that only Microsoft Entra ID access (and user delegation SAS) is supported.",
             "waf": "Security"
         },
         {
@@ -6642,10 +10193,10 @@
             "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
             "service": "Azure Storage",
             "services": [
-                "AKV",
+                "Monitor",
                 "Storage",
                 "AzurePolicy",
-                "Monitor"
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -6661,9 +10212,9 @@
             "service": "Azure Storage",
             "services": [
                 "Entra",
-                "AKV",
                 "Storage",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -6696,9 +10247,9 @@
             "service": "Azure Storage",
             "services": [
                 "Entra",
-                "AKV",
                 "Storage",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -6712,8 +10263,8 @@
             "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/",
             "service": "Azure Storage",
             "services": [
-                "AKV",
-                "Storage"
+                "Storage",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "CI/CD",
@@ -6895,6 +10446,7 @@
             "category": "Security",
             "checklist": "Azure Storage Review Checklist",
             "description": "Leverage Resource Graph Explorer (resources | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true) to find storage accounts which allow anonymous blob access.",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant",
             "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
             "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account",
             "service": "Azure Storage",
@@ -6904,7 +10456,7 @@
             ],
             "severity": "High",
             "subcategory": "Identity and Access Management",
-            "text": "Consider whether public blob access is needed, or whether it can be disabled for certain storage accounts. ",
+            "text": "Consider whether public blob anonymous access is needed, or whether it can be disabled for certain storage accounts. ",
             "waf": "Security"
         },
         {
@@ -7017,11 +10569,11 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/authorize-access-shared-access-signature#shared-access-authorization-policies",
             "service": "Event Hubs",
             "services": [
-                "Entra",
+                "EventHubs",
                 "AzurePolicy",
+                "Entra",
                 "RBAC",
-                "TrafficManager",
-                "EventHubs"
+                "TrafficManager"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -7037,11 +10589,11 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/authenticate-managed-identity?tabs=latest",
             "service": "Event Hubs",
             "services": [
+                "EventHubs",
+                "Storage",
                 "Entra",
                 "AKV",
-                "Storage",
-                "VM",
-                "EventHubs"
+                "VM"
             ],
             "severity": "Medium",
             "subcategory": "Identity and Access Management",
@@ -7075,9 +10627,9 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/monitor-event-hubs-reference",
             "service": "Event Hubs",
             "services": [
+                "Monitor",
                 "EventHubs",
-                "VNet",
-                "Monitor"
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -7093,9 +10645,9 @@
             "link": "https://learn.microsoft.com/azure/event-hubs/private-link-service",
             "service": "Event Hubs",
             "services": [
-                "PrivateLink",
                 "EventHubs",
-                "VNet"
+                "VNet",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -7216,8 +10768,8 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-latest-version-for-customer-managed-certificates",
             "service": "Front Door",
             "services": [
-                "AKV",
-                "FrontDoor"
+                "FrontDoor",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -7289,8 +10841,8 @@
             "link": "https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet",
             "service": "App Gateway",
             "services": [
-                "VNet",
-                "AppGW"
+                "AppGW",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "App Gateway",
@@ -7308,10 +10860,10 @@
             "services": [
                 "Entra",
                 "AppGW",
-                "Subscriptions",
-                "NVA",
                 "VNet",
-                "WAF"
+                "WAF",
+                "NVA",
+                "Subscriptions"
             ],
             "severity": "Medium",
             "subcategory": "App Gateway",
@@ -7372,9 +10924,9 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "service": "Front Door",
             "services": [
-                "WAF",
                 "AzurePolicy",
-                "FrontDoor"
+                "FrontDoor",
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -7390,9 +10942,9 @@
             "service": "Front Door",
             "services": [
                 "AppGW",
-                "WAF",
                 "AzurePolicy",
-                "FrontDoor"
+                "FrontDoor",
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "App delivery",
@@ -7423,8 +10975,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy#how-application-proxy-works",
             "service": "Entra",
             "services": [
-                "Entra",
-                "AVD"
+                "AVD",
+                "Entra"
             ],
             "severity": "Low",
             "subcategory": "App delivery",
@@ -7456,9 +11008,9 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings",
             "service": "Front Door",
             "services": [
-                "WAF",
                 "AzurePolicy",
-                "FrontDoor"
+                "FrontDoor",
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "Front Door",
@@ -7565,9 +11117,9 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates",
             "service": "Front Door",
             "services": [
-                "AKV",
                 "Cost",
-                "FrontDoor"
+                "FrontDoor",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Front Door",
@@ -7581,8 +11133,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#define-your-waf-configuration-as-code",
             "service": "Front Door",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -7626,8 +11178,8 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#enable-the-waf",
             "service": "Front Door",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "High",
             "subcategory": "Front Door",
@@ -7642,8 +11194,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#tune-your-waf",
             "service": "Front Door",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "High",
             "subcategory": "Front Door",
@@ -7658,9 +11210,9 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/application-gateway-waf-request-size-limits#request-body-inspection",
             "service": "Front Door",
             "services": [
-                "WAF",
                 "AzurePolicy",
-                "FrontDoor"
+                "FrontDoor",
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "Front Door",
@@ -7675,8 +11227,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#enable-default-rule-sets",
             "service": "Front Door",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "High",
             "subcategory": "Front Door",
@@ -7691,8 +11243,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#enable-bot-management-rules",
             "service": "Front Door",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "High",
             "subcategory": "Front Door",
@@ -7706,8 +11258,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#use-the-latest-ruleset-versions",
             "service": "Front Door",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -7721,8 +11273,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#add-rate-limiting",
             "service": "Front Door",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -7736,8 +11288,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#use-a-high-threshold-for-rate-limits",
             "service": "Front Door",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -7765,8 +11317,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#specify-the-unknown-zz-location",
             "service": "Front Door",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -7935,8 +11487,8 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#add-diagnostic-settings-to-save-your-wafs-logs",
             "service": "Front Door",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -7967,8 +11519,8 @@
             "service": "Front Door",
             "services": [
                 "Sentinel",
-                "FrontDoor",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
             "subcategory": "Front Door",
@@ -8012,10 +11564,10 @@
             "link": "https://learn.microsoft.com/azure/virtual-wan/scenario-secured-hub-app-gateway",
             "service": "App Gateway",
             "services": [
-                "VPN",
-                "VNet",
                 "AppGW",
-                "ExpressRoute"
+                "VNet",
+                "ExpressRoute",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "App Gateway",
@@ -8280,8 +11832,8 @@
             "guid": "b94ee5ef-47d2-4d92-a81b-1cd6d1f54b29",
             "link": "https://techcommunity.microsoft.com/t5/fasttrack-for-azure/sharing-metadata-across-different-databricks-workspaces-using/ba-p/3679757",
             "services": [
-                "Backup",
-                "ACR"
+                "ACR",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -8294,8 +11846,8 @@
             "guid": "769e3969-0e78-428a-a936-657d03b0f466",
             "link": "https://techcommunity.microsoft.com/t5/fasttrack-for-azure/disaster-recovery-strategy-in-azure-databricks-using-the-hive/ba-p/3684581",
             "services": [
-                "Backup",
-                "ASR"
+                "ASR",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -8484,11 +12036,11 @@
             "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
             "services": [
                 "Entra",
-                "DDoS",
-                "Subscriptions",
                 "VNet",
-                "Firewall",
-                "WAF"
+                "Subscriptions",
+                "WAF",
+                "DDoS",
+                "Firewall"
             ],
             "severity": "Low",
             "subcategory": "DDoS",
@@ -8512,8 +12064,8 @@
             "guid": "44008ae7-d7e4-4743-876c-8bdbf55bce61",
             "link": "https://learn.microsoft.com/azure/frontdoor/front-door-overview",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -8526,8 +12078,8 @@
             "guid": "9e8a03f9-7879-4424-b626-786d60b96c97",
             "link": "https://learn.microsoft.com/azure/openshift/howto-secure-openshift-with-front-door",
             "services": [
-                "PrivateLink",
-                "FrontDoor"
+                "FrontDoor",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -8540,8 +12092,8 @@
             "guid": "be985190-4838-435c-a86b-b2912155a114",
             "link": "https://learn.microsoft.com/azure/openshift/howto-restrict-egress",
             "services": [
-                "AzurePolicy",
                 "NVA",
+                "AzurePolicy",
                 "Firewall"
             ],
             "severity": "Medium",
@@ -8568,8 +12120,8 @@
             "guid": "ab039da6-d54d-47c8-a29d-b107d5325ae6",
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-private-link",
             "services": [
-                "PrivateLink",
-                "ACR"
+                "ACR",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Private access",
@@ -8856,8 +12408,8 @@
             "guid": "76af4a69-1e88-439a-ba46-667e13c10567",
             "link": "https://learn.microsoft.com/azure/openshift/howto-segregate-machinesets",
             "services": [
-                "VNet",
-                "AKS"
+                "AKS",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Cluster Design",
@@ -8941,8 +12493,8 @@
             "guid": "08fe8273-4c48-46ba-880d-c0591cf75ee8",
             "link": "https://learn.microsoft.com/azure/azure-arc/kubernetes/quickstart-connect-cluster",
             "services": [
-                "Arc",
-                "AKS"
+                "AKS",
+                "Arc"
             ],
             "severity": "High",
             "subcategory": "Control plane",
@@ -8966,9 +12518,9 @@
             "guid": "d55d14c3-c492-49cb-8b3d-1325ae124ba3",
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-containers-introduction",
             "services": [
-                "Arc",
                 "Defender",
-                "AKS"
+                "AKS",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Posture",
@@ -8981,9 +12533,9 @@
             "guid": "4d0685ed-dce9-4be3-ab0d-db3b55fb2ec1",
             "link": "https://learn.microsoft.com/azure/azure-arc/kubernetes/tutorial-akv-secrets-provider",
             "services": [
-                "AKV",
+                "AKS",
                 "Arc",
-                "AKS"
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -9007,8 +12559,8 @@
             "guid": "b4935ada-4232-44ec-b81c-123181a64174",
             "link": "https://learn.microsoft.com/azure/governance/policy/concepts/policy-for-kubernetes#install-azure-policy-extension-for-azure-arc-enabled-kubernetes",
             "services": [
-                "AzurePolicy",
-                "Monitor"
+                "Monitor",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Workload",
@@ -9034,8 +12586,8 @@
             "guid": "e209d4a0-da57-4778-924d-216785d2fa56",
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-private-link",
             "services": [
-                "Subscriptions",
-                "ACR"
+                "ACR",
+                "Subscriptions"
             ],
             "severity": "Low",
             "subcategory": "Workload",
@@ -9280,8 +12832,8 @@
             "guid": "c851fd44-7cf1-459c-95a4-f6455d75a981",
             "link": "https://learn.microsoft.com/azure/architecture/guide/multitenant/approaches/cost-management-allocation",
             "services": [
-                "Cost",
-                "Monitor"
+                "Monitor",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Cost Optimization",
@@ -9446,8 +12998,8 @@
             "guid": "f785b143-2c1e-4466-9baa-dde8ba4c7aaa",
             "link": "https://learn.microsoft.com/azure-stack/hci/concepts/fault-tolerance#parity",
             "services": [
-                "Backup",
-                "Storage"
+                "Storage",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "S2D",
@@ -9812,9 +13364,9 @@
             "guid": "074541e3-fe08-458a-8062-32d13dcc10c6",
             "link": "https://learn.microsoft.com/azure/backup/back-up-azure-stack-hyperconverged-infrastructure-virtual-machines",
             "services": [
-                "Backup",
                 "VM",
-                "ASR"
+                "ASR",
+                "Backup"
             ],
             "severity": "High",
             "subcategory": "VM",
@@ -10002,8 +13554,8 @@
             "guid": "8ea49f70-1038-4283-b0c4-230165d3eabc",
             "link": "https://learn.microsoft.com/azure-stack/hci/manage/azure-site-recovery",
             "services": [
-                "Backup",
-                "ASR"
+                "ASR",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Disaster Recovery",
@@ -10104,9 +13656,9 @@
             "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/monitoring#set-up-alerts",
             "service": "Azure OpenAI",
             "services": [
-                "AKV",
+                "Monitor",
                 "Subscriptions",
-                "Monitor"
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Alerts",
@@ -10248,8 +13800,8 @@
             "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/latency#batching",
             "service": "Azure OpenAI",
             "services": [
-                "Storage",
-                "ServiceBus"
+                "ServiceBus",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Elasticity segregation",
@@ -10378,8 +13930,8 @@
             "link": "https://learn.microsoft.com/azure/backup/backup-overview",
             "service": "Azure OpenAI",
             "services": [
-                "Backup",
-                "ASR"
+                "ASR",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Data Backup and Disaster Recovery",
@@ -10469,8 +14021,8 @@
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-cloud-introduction",
             "service": "Azure OpenAI",
             "services": [
-                "Sentinel",
                 "Defender",
+                "Sentinel",
                 "Monitor"
             ],
             "severity": "High",
@@ -10858,8 +14410,8 @@
             "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/manage-costs",
             "service": "Azure OpenAI",
             "services": [
-                "Cost",
-                "Monitor"
+                "Monitor",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Cost monitoring",
@@ -11039,9 +14591,9 @@
             "service": "Azure OpenAI",
             "services": [
                 "Entra",
+                "ACR",
                 "APIM",
-                "LoadBalancer",
-                "ACR"
+                "LoadBalancer"
             ],
             "severity": "Medium",
             "subcategory": "Load Balancing",
@@ -11335,10 +14887,10 @@
             "guid": "170265f4-bb46-4a39-9af7-f317284797b1",
             "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-multi-region",
             "services": [
-                "LoadBalancer",
                 "TrafficManager",
+                "AKS",
                 "FrontDoor",
-                "AKS"
+                "LoadBalancer"
             ],
             "severity": "Medium",
             "subcategory": "High Availability",
@@ -11396,8 +14948,8 @@
             "link": "https://learn.microsoft.com/azure/container-registry/container-registry-geo-replication",
             "service": "ACR",
             "services": [
-                "ACR",
-                "AKS"
+                "AKS",
+                "ACR"
             ],
             "severity": "High",
             "subcategory": "High Availability",
@@ -11411,8 +14963,8 @@
             "link": "https://learn.microsoft.com/azure/aks/availability-zones#azure-disk-availability-zone-support",
             "services": [
                 "Storage",
-                "ASR",
-                "AKS"
+                "AKS",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "Disaster Recovery",
@@ -11500,8 +15052,8 @@
             "link": "https://learn.microsoft.com/azure/governance/policy/concepts/policy-for-kubernetes",
             "service": "AKS",
             "services": [
-                "AzurePolicy",
-                "AKS"
+                "AKS",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Compliance",
@@ -11544,8 +15096,8 @@
             "link": "https://learn.microsoft.com/azure/container-registry/",
             "service": "AKS",
             "services": [
-                "ACR",
-                "AKS"
+                "AKS",
+                "ACR"
             ],
             "severity": "Medium",
             "subcategory": "Compliance",
@@ -11614,8 +15166,8 @@
             "link": "https://github.com/Azure/secrets-store-csi-driver-provider-azure",
             "service": "AKS",
             "services": [
-                "AKV",
-                "AKS"
+                "AKS",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -11629,8 +15181,8 @@
             "link": "https://learn.microsoft.com/azure/aks/update-credentials",
             "service": "AKS",
             "services": [
-                "AKV",
-                "AKS"
+                "AKS",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Secrets",
@@ -11644,8 +15196,8 @@
             "link": "https://learn.microsoft.com/azure/aks/use-kms-etcd-encryption",
             "service": "AKS",
             "services": [
-                "AKV",
-                "AKS"
+                "AKS",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -11659,8 +15211,8 @@
             "link": "https://learn.microsoft.com/azure/confidential-computing/confidential-nodes-aks-overview",
             "service": "AKS",
             "services": [
-                "AKV",
-                "AKS"
+                "AKS",
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Secrets",
@@ -11674,9 +15226,9 @@
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-containers-enable",
             "service": "AKS",
             "services": [
-                "AKV",
                 "Defender",
-                "AKS"
+                "AKS",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -11875,9 +15427,9 @@
             "link": "https://azure.github.io/application-gateway-kubernetes-ingress/setup/install-existing/",
             "service": "AKS",
             "services": [
+                "AKS",
                 "ACR",
-                "AppGW",
-                "AKS"
+                "AppGW"
             ],
             "severity": "Medium",
             "subcategory": "Best practices",
@@ -11921,8 +15473,8 @@
             "link": "https://learn.microsoft.com/azure/aks/load-balancer-standard",
             "service": "AKS",
             "services": [
-                "LoadBalancer",
-                "AKS"
+                "AKS",
+                "LoadBalancer"
             ],
             "severity": "High",
             "subcategory": "Best practices",
@@ -11936,8 +15488,8 @@
             "link": "https://learn.microsoft.com/azure/aks/use-multiple-node-pools#add-a-node-pool-with-a-unique-subnet",
             "service": "AKS",
             "services": [
-                "VNet",
-                "AKS"
+                "AKS",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Best practices",
@@ -11951,10 +15503,10 @@
             "link": "https://learn.microsoft.com/azure/private-link/private-link-overview",
             "service": "AKS",
             "services": [
-                "PrivateLink",
-                "VNet",
                 "Cost",
-                "AKS"
+                "AKS",
+                "VNet",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Cost",
@@ -11967,8 +15519,8 @@
             "guid": "e8a03f97-8794-468d-96a7-86d60f96c97b",
             "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering",
             "services": [
-                "VPN",
-                "AKS"
+                "AKS",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "HA",
@@ -11997,8 +15549,8 @@
             "link": "https://learn.microsoft.com/azure/aks/configure-azure-cni",
             "service": "AKS",
             "services": [
-                "VNet",
-                "AKS"
+                "AKS",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "IPAM",
@@ -12027,8 +15579,8 @@
             "link": "https://learn.microsoft.com/azure/aks/internal-lb",
             "service": "AKS",
             "services": [
-                "VNet",
-                "AKS"
+                "AKS",
+                "VNet"
             ],
             "severity": "Low",
             "subcategory": "IPAM",
@@ -12127,8 +15679,8 @@
             "link": "https://learn.microsoft.com/azure/aks/limit-egress-traffic",
             "service": "AKS",
             "services": [
-                "NVA",
-                "AKS"
+                "AKS",
+                "NVA"
             ],
             "severity": "High",
             "subcategory": "Security",
@@ -12173,8 +15725,8 @@
             "link": "https://learn.microsoft.com/azure/aks/use-network-policies",
             "service": "AKS",
             "services": [
-                "AzurePolicy",
-                "AKS"
+                "AKS",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -12189,8 +15741,8 @@
             "link": "https://learn.microsoft.com/azure/aks/use-network-policies",
             "service": "AKS",
             "services": [
-                "AzurePolicy",
-                "AKS"
+                "AKS",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Security",
@@ -12204,8 +15756,8 @@
             "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-network",
             "service": "AKS",
             "services": [
-                "AzurePolicy",
-                "AKS"
+                "AKS",
+                "AzurePolicy"
             ],
             "severity": "High",
             "subcategory": "Security",
@@ -12219,8 +15771,8 @@
             "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-network",
             "service": "AKS",
             "services": [
-                "WAF",
-                "AKS"
+                "AKS",
+                "WAF"
             ],
             "severity": "High",
             "subcategory": "Security",
@@ -12235,9 +15787,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/ddos-protection-overview",
             "service": "AKS",
             "services": [
+                "AKS",
                 "VNet",
-                "DDoS",
-                "AKS"
+                "DDoS"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -12602,9 +16154,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/premium-storage-performance",
             "service": "AKS",
             "services": [
-                "Storage",
                 "Monitor",
                 "EventHubs",
+                "Storage",
                 "ServiceBus",
                 "AKS"
             ],
@@ -12620,10 +16172,10 @@
             "link": "https://learn.microsoft.com/azure/aks/load-balancer-standard",
             "service": "AKS",
             "services": [
-                "LoadBalancer",
                 "Monitor",
-                "NVA",
-                "AKS"
+                "AKS",
+                "LoadBalancer",
+                "NVA"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -12680,8 +16232,8 @@
             "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits",
             "service": "AKS",
             "services": [
-                "Subscriptions",
-                "AKS"
+                "AKS",
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Resources",
@@ -12871,8 +16423,8 @@
             "service": "AKS",
             "services": [
                 "Storage",
-                "SQL",
-                "AKS"
+                "AKS",
+                "SQL"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -12916,8 +16468,8 @@
             "link": "https://learn.microsoft.com/azure/architecture/guide/multitenant/considerations/tenancy-models",
             "service": "Azure Monitor",
             "services": [
-                "Cost",
-                "Monitor"
+                "Monitor",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Azure Monitor - enforce data collection rules",
@@ -12932,8 +16484,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/multi-tenant/automation",
             "service": "Azure Backup",
             "services": [
-                "Backup",
-                "Cost"
+                "Cost",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -12973,9 +16525,9 @@
             "guid": "3b0d834a-3487-426d-b69c-6b5c2a26494b",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
             "services": [
-                "Backup",
                 "Storage",
-                "Cost"
+                "Cost",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Delete/archive",
@@ -12989,9 +16541,9 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
             "service": "Azure Backup",
             "services": [
-                "Backup",
                 "Storage",
                 "Cost",
+                "Backup",
                 "ASR"
             ],
             "severity": "Medium",
@@ -13006,8 +16558,8 @@
             "link": "https://learn.microsoft.com/azure/cost-management-billing/manage/direct-ea-administration#manage-notification-contacts",
             "service": "Azure Monitor",
             "services": [
-                "Cost",
-                "Monitor"
+                "Monitor",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Log Analytics retention for workspaces",
@@ -13068,9 +16620,9 @@
             "service": "VM",
             "services": [
                 "VM",
-                "Backup",
                 "Storage",
-                "Cost"
+                "Cost",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "stopped/deallocated VMs: check disks",
@@ -13210,8 +16762,8 @@
             "guid": "b835556d-f2bf-4e45-93b0-d834a348726d",
             "link": "https://learn.microsoft.com/azure/governance/policy/overview",
             "services": [
-                "Cost",
-                "Monitor"
+                "Monitor",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Automation",
@@ -13399,8 +16951,8 @@
             "service": "VM",
             "services": [
                 "VM",
-                "SQL",
                 "Cost",
+                "SQL",
                 "AzurePolicy"
             ],
             "severity": "Medium",
@@ -13415,8 +16967,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/privileged-identity-management/pim-configure",
             "service": "VM",
             "services": [
-                "LoadBalancer",
-                "Cost"
+                "Cost",
+                "LoadBalancer"
             ],
             "severity": "Medium",
             "subcategory": "Check Red Hat Licences if applicable",
@@ -13429,8 +16981,8 @@
             "guid": "a76af4a6-91e8-4839-ada4-6667e13c1056",
             "link": "https://learn.microsoft.com/azure/active-directory/roles/security-planning#identify-microsoft-accounts-in-administrative-roles-that-need-to-be-switched-to-work-or-school-accounts",
             "services": [
-                "AppSvc",
-                "Cost"
+                "Cost",
+                "AppSvc"
             ],
             "severity": "Medium",
             "subcategory": "Functions",
@@ -13461,8 +17013,8 @@
             "service": "VM",
             "services": [
                 "VM",
-                "ARS",
-                "Cost"
+                "Cost",
+                "ARS"
             ],
             "severity": "Medium",
             "subcategory": "Reservations/savings plans",
@@ -13532,8 +17084,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy",
             "service": "Azure SQL",
             "services": [
-                "SQL",
                 "Cost",
+                "SQL",
                 "AzurePolicy"
             ],
             "severity": "Medium",
@@ -13549,8 +17101,8 @@
             "service": "VM",
             "services": [
                 "VM",
-                "SQL",
-                "Cost"
+                "Cost",
+                "SQL"
             ],
             "severity": "Medium",
             "subcategory": "SQL Database Reservations",
@@ -13688,8 +17240,8 @@
             "link": "https://learn.microsoft.com/azure/azure-monitor/logs/data-retention-archive?tabs=portal-1%2Cportal-2#how-retention-and-archiving-work",
             "service": "Azure Backup",
             "services": [
-                "Backup",
-                "Cost"
+                "Cost",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -13704,9 +17256,9 @@
             "link": "https://learn.microsoft.com/azure/databricks/clusters/cluster-config-best-practices#automatic-termination",
             "service": "Databricks",
             "services": [
-                "LoadBalancer",
+                "VM",
                 "Cost",
-                "VM"
+                "LoadBalancer"
             ],
             "severity": "Medium",
             "subcategory": "Databricks",
@@ -13852,9 +17404,9 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-setup-guide/monitoring-reporting?tabs=AzureMonitor",
             "service": "Front Door",
             "services": [
-                "AppSvc",
                 "Cost",
-                "FrontDoor"
+                "FrontDoor",
+                "AppSvc"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -13954,9 +17506,9 @@
             "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
             "service": "Site Recovery",
             "services": [
-                "ASR",
+                "Storage",
                 "Cost",
-                "Storage"
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -14000,9 +17552,9 @@
             "link": "https://learn.microsoft.com/azure/reliability/availability-zones-overview",
             "service": "Synapse",
             "services": [
+                "Monitor",
                 "EventHubs",
-                "Cost",
-                "Monitor"
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Synapse",
@@ -14031,8 +17583,8 @@
             "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-overview",
             "service": "Synapse",
             "services": [
-                "SQL",
-                "Cost"
+                "Cost",
+                "SQL"
             ],
             "severity": "Medium",
             "subcategory": "Synapse",
@@ -14248,8 +17800,8 @@
             "service": "Cognitive Search",
             "services": [
                 "Storage",
-                "Backup",
-                "ASR"
+                "ASR",
+                "Backup"
             ],
             "severity": "High",
             "subcategory": "Disaster Recovery",
@@ -14340,8 +17892,8 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/performance-guidelines-best-practices-checklist?view=azuresql#storage",
             "services": [
                 "Storage",
-                "SQL",
-                "Cost"
+                "Cost",
+                "SQL"
             ],
             "severity": "High",
             "subcategory": "Storage",
@@ -14466,8 +18018,8 @@
             "services": [
                 "VM",
                 "SQL",
-                "LoadBalancer",
-                "VNet"
+                "VNet",
+                "LoadBalancer"
             ],
             "severity": "Medium",
             "subcategory": "HADR",
@@ -14510,10 +18062,10 @@
             "guid": "667313c4-0567-44b5-b985-b859c773e7e2",
             "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/availability-group-vnn-azure-load-balancer-configure?view=azuresql-vm&tabs=ilb",
             "services": [
-                "LoadBalancer",
+                "VM",
                 "SQL",
                 "VNet",
-                "VM"
+                "LoadBalancer"
             ],
             "severity": "High",
             "subcategory": "HADR",
@@ -14679,8 +18231,8 @@
             "services": [
                 "VM",
                 "Storage",
-                "SQL",
-                "Cost"
+                "Cost",
+                "SQL"
             ],
             "severity": "Low",
             "subcategory": "Cost Optimization",
@@ -14695,8 +18247,8 @@
             "guid": "7ed67178-b824-4546-ae1a-ee3453aec823",
             "link": "https://azure.microsoft.com/en-ca/pricing/hybrid-benefit/",
             "services": [
-                "SQL",
-                "Cost"
+                "Cost",
+                "SQL"
             ],
             "severity": "Low",
             "subcategory": "Cost Optimization",
@@ -14865,8 +18417,8 @@
             "guid": "c9a7f821-b8eb-48c0-aa77-e25e4d5aeaa8",
             "link": "https://learn.microsoft.com/azure/azure-sql/managed-instance/vnet-existing-add-subnet?view=azuresql-mi",
             "services": [
-                "VNet",
-                "SQL"
+                "SQL",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Pre Migration",
@@ -14881,8 +18433,8 @@
             "guid": "dc4e2436-bb33-46d7-85f1-7960eee0b9b5",
             "link": "https://learn.microsoft.com/azure/azure-sql/managed-instance/vnet-subnet-determine-size?view=azuresql-mi",
             "services": [
-                "VNet",
-                "SQL"
+                "SQL",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Deployment",
@@ -15016,8 +18568,8 @@
             "guid": "3334fdf9-1c23-4418-8b65-275269440b4b",
             "link": "https://learn.microsoft.com/azure/azure-sql/migration-guides/managed-instance/sql-server-to-managed-instance-guide?view=azuresql-mi#backup-and-restore",
             "services": [
-                "Backup",
-                "SQL"
+                "SQL",
+                "Backup"
             ],
             "severity": "Low",
             "subcategory": "Migration",
@@ -15073,9 +18625,9 @@
             "guid": "141acdce-5793-477b-adb3-751ab2ac1fad",
             "link": "https://learn.microsoft.com/azure/azure-sql/managed-instance/auto-failover-group-configure-sql-mi?view=azuresql&tabs=azure-portal#test-failover",
             "services": [
-                "LoadBalancer",
                 "EventHubs",
-                "SQL"
+                "SQL",
+                "LoadBalancer"
             ],
             "severity": "High",
             "subcategory": "Post Migration",
@@ -15105,10 +18657,10 @@
             "guid": "35ad9422-23e1-4381-8523-081a94174158",
             "link": "https://learn.microsoft.com/azure/architecture/example-scenario/data/sql-managed-instance-cmk",
             "services": [
-                "AKV",
-                "Backup",
                 "SQL",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AKV",
+                "Backup"
             ],
             "severity": "Low",
             "subcategory": "Post Migration",
@@ -15138,10 +18690,10 @@
             "guid": "9d89f2e8-7778-4424-b516-785c6fa96b96",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/long-term-retention-overview?view=azuresql-mi",
             "services": [
-                "ARS",
-                "Backup",
+                "Storage",
                 "SQL",
-                "Storage"
+                "ARS",
+                "Backup"
             ],
             "severity": "Low",
             "subcategory": "Post Migration",
@@ -15156,8 +18708,8 @@
             "guid": "ad88408f-3727-434c-a76b-a28021459014",
             "link": "https://azure.microsoft.com/en-gb/pricing/hybrid-benefit/#overview",
             "services": [
-                "SQL",
-                "Cost"
+                "Cost",
+                "SQL"
             ],
             "severity": "Low",
             "subcategory": "Post Migration",
@@ -15172,8 +18724,8 @@
             "guid": "65d38e53-f9cc-4bd8-9926-6acca274faa1",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/threat-detection-overview?view=azuresql",
             "services": [
-                "SQL",
-                "Defender"
+                "Defender",
+                "SQL"
             ],
             "severity": "Medium",
             "subcategory": "Post Migration",
@@ -15215,8 +18767,8 @@
             "link": "https://learn.microsoft.com/azure/reliability/reliability-traffic-manager?toc=%2Fazure%2Fdns%2Ftoc.json",
             "services": [
                 "DNS",
-                "TrafficManager",
-                "ASR"
+                "ASR",
+                "TrafficManager"
             ],
             "severity": "Medium",
             "subcategory": "Azure DNS",
@@ -15256,8 +18808,8 @@
             "guid": "2676ae46-691e-4883-9ad9-42223e138105",
             "link": "https://learn.microsoft.com/azure/reliability/reliability-virtual-machines?toc=%2Fazure%2Fvirtual-machines%2Ftoc.json&bc=%2Fazure%2Fvirtual-machines%2Fbreadcrumb%2Ftoc.json&tabs=graph",
             "services": [
-                "DNS",
-                "VM"
+                "VM",
+                "DNS"
             ],
             "severity": "Medium",
             "subcategory": "VM Based DNS Service",
@@ -15270,9 +18822,9 @@
             "guid": "23081a94-1741-4583-9ff7-ad7c6d373316",
             "link": "https://www.windows-active-directory.com/azure-ad-dns-for-custom-domain-names-with-advanced-dns-settings.html",
             "services": [
+                "Entra",
                 "DNS",
-                "VM",
-                "Entra"
+                "VM"
             ],
             "severity": "Medium",
             "subcategory": "VM Based DNS Service",
@@ -15397,8 +18949,8 @@
             "services": [
                 "Storage",
                 "Cost",
-                "ASR",
-                "AzurePolicy"
+                "AzurePolicy",
+                "ASR"
             ],
             "subcategory": "DR Configuration",
             "text": "For applications, where cost is a concern and can withstand some downtime during failure, create on-demand data recovery cluster configuration",
@@ -15450,9 +19002,9 @@
             "guid": "56c57ba5-9119-4bf8-b8f5-c586c7d9cdc1",
             "link": "https://azure.microsoft.com/support/legal/sla/virtual-desktop/v1_0/",
             "services": [
-                "VM",
-                "ASR",
                 "AVD",
+                "ASR",
+                "VM",
                 "Subscriptions"
             ],
             "severity": "High",
@@ -15467,10 +19019,10 @@
             "guid": "6acc076e-f9b1-441a-a989-579e76b897e7",
             "link": "https://learn.microsoft.com/azure/architecture/example-scenario/wvd/azure-virtual-desktop-multi-region-bcdr",
             "services": [
-                "VM",
+                "AVD",
                 "Storage",
                 "ASR",
-                "AVD"
+                "VM"
             ],
             "severity": "Medium",
             "subcategory": "Compute",
@@ -15484,8 +19036,8 @@
             "guid": "10a7da7b-e996-46e1-9d3c-4ada97cc3d13",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/disaster-recovery",
             "services": [
-                "ASR",
-                "AVD"
+                "AVD",
+                "ASR"
             ],
             "severity": "Low",
             "subcategory": "Compute",
@@ -15499,8 +19051,8 @@
             "guid": "25ab225c-6f4e-4168-9fdd-dea8a4b7cdeb",
             "link": "https://techcommunity.microsoft.com/t5/azure-virtual-desktop-blog/announcing-general-availability-of-support-for-azure/ba-p/3636262",
             "services": [
-                "ASR",
                 "AVD",
+                "ASR",
                 "ACR"
             ],
             "severity": "High",
@@ -15515,10 +19067,10 @@
             "guid": "4c61fc3f-c14e-4ea6-b69e-8d9a3eec218e",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/disaster-recovery",
             "services": [
-                "Backup",
-                "VM",
                 "AVD",
-                "ASR"
+                "ASR",
+                "VM",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Compute",
@@ -15532,10 +19084,10 @@
             "guid": "5da58639-ca3a-4961-890b-29663c5e10d",
             "link": "https://learn.microsoft.com/azure/site-recovery/azure-to-azure-how-to-enable-zone-to-zone-disaster-recovery",
             "services": [
-                "Backup",
+                "AVD",
                 "VM",
                 "ASR",
-                "AVD",
+                "Backup",
                 "Cost"
             ],
             "severity": "Medium",
@@ -15551,9 +19103,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/azure-compute-gallery",
             "services": [
                 "Storage",
+                "AVD",
                 "VM",
                 "ASR",
-                "AVD",
                 "ACR"
             ],
             "severity": "Low",
@@ -15568,8 +19120,8 @@
             "guid": "fd339489-8c12-488b-9c6a-57cfb644451e",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/disaster-recovery",
             "services": [
-                "ASR",
-                "AVD"
+                "AVD",
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "Dependencies",
@@ -15583,9 +19135,9 @@
             "guid": "687ab077-adb5-49e5-a960-3334fdf8cc23",
             "link": "https://docs.microsoft.com/fslogix/manage-profile-content-cncpt",
             "services": [
+                "AVD",
                 "Storage",
-                "ASR",
-                "AVD"
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -15600,10 +19152,10 @@
             "link": "https://docs.microsoft.com/azure/virtual-desktop/disaster-recovery",
             "services": [
                 "Storage",
-                "Backup",
-                "ASR",
+                "AzurePolicy",
                 "AVD",
-                "AzurePolicy"
+                "ASR",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -15617,9 +19169,9 @@
             "guid": "9f7547c1-746d-4c56-868a-714435bd09dd",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/disaster-recovery",
             "services": [
+                "AVD",
                 "Storage",
-                "ASR",
-                "AVD"
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -15633,10 +19185,10 @@
             "guid": "3d4f3537-c134-46dc-9602-7a71efe1bd05",
             "link": "https://docs.microsoft.com/azure/backup/backup-afs",
             "services": [
-                "Backup",
+                "AVD",
                 "Storage",
-                "ASR",
-                "AVD"
+                "Backup",
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -15650,9 +19202,9 @@
             "guid": "10d4e875-d502-4142-a795-f2b6eff34f88",
             "link": "https://learn.microsoft.com/azure/storage/files/files-redundancy#zone-redundant-storage",
             "services": [
+                "AVD",
                 "Storage",
-                "ASR",
-                "AVD"
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "Storage",
@@ -15666,11 +19218,11 @@
             "guid": "23429db7-2281-4376-85cc-57b4a4b18142",
             "link": "https://learn.microsoft.com/azure/azure-netapp-files/cross-region-replication-create-peering",
             "services": [
-                "Backup",
                 "Storage",
-                "ASR",
                 "AVD",
-                "ACR"
+                "ASR",
+                "ACR",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Storage",
@@ -15726,9 +19278,9 @@
             "guid": "5a2adb2c-3e23-426b-b225-ca44e1696fdd",
             "link": "https://learn.microsoft.com/azure/virtual-machines/shared-image-galleries",
             "services": [
+                "AVD",
                 "Storage",
-                "VM",
-                "AVD"
+                "VM"
             ],
             "severity": "Low",
             "subcategory": "Golden Images",
@@ -15784,8 +19336,8 @@
             "guid": "829e3fec-2183-4687-a017-7a2b5945bda4",
             "link": "https://github.com/The-Virtual-Desktop-Team/Virtual-Desktop-Optimization-Tool",
             "services": [
-                "RBAC",
-                "AVD"
+                "AVD",
+                "RBAC"
             ],
             "severity": "Low",
             "subcategory": "Golden Images",
@@ -15799,8 +19351,8 @@
             "guid": "e3d3e084-4276-4d4b-bc01-5bcf219e4a1e",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/install-office-on-wvd-master-image#install-onedrive-in-per-machine-mode",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Low",
             "subcategory": "Golden Images",
@@ -15842,9 +19394,9 @@
             "guid": "90083845-c587-4cb3-a1ec-16a1d076ef9f",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/app-attach-file-share",
             "services": [
+                "AVD",
                 "Storage",
-                "Cost",
-                "AVD"
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "MSIX & AppAttach",
@@ -15872,10 +19424,10 @@
             "guid": "66e15d4d-5a2a-4db2-a3e2-326bf225ca41",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/app-attach-file-share",
             "services": [
+                "AVD",
                 "RBAC",
                 "Storage",
-                "VM",
-                "AVD"
+                "VM"
             ],
             "severity": "Medium",
             "subcategory": "MSIX & AppAttach",
@@ -15931,8 +19483,8 @@
             "guid": "e4633254-3185-40a1-b120-bd563a1c8e9d",
             "link": "https://docs.microsoft.com/azure/virtual-machines/generation-2",
             "services": [
-                "VM",
-                "AVD"
+                "AVD",
+                "VM"
             ],
             "severity": "Medium",
             "subcategory": "Session Host",
@@ -15960,8 +19512,8 @@
             "guid": "8468c55a-775c-46ee-a5b8-6ad8844ce3b2",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/terminology#host-pools",
             "services": [
-                "VM",
-                "AVD"
+                "AVD",
+                "VM"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -15975,8 +19527,8 @@
             "guid": "4e98495f-d3c0-4af2-aa59-a793395a32a7",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/terminology?WT.mc_id=Portal-fx#host-pools",
             "services": [
-                "VM",
-                "AVD"
+                "AVD",
+                "VM"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -16018,8 +19570,8 @@
             "guid": "b3724959-4943-4577-a3a9-e10ff6345f24",
             "link": "https://learn.microsoft.com/windows-server/remote/remote-desktop-services/virtual-machine-recs",
             "services": [
-                "VM",
-                "AVD"
+                "AVD",
+                "VM"
             ],
             "severity": "Medium",
             "subcategory": "Capacity Planning",
@@ -16033,8 +19585,8 @@
             "guid": "b384b7ed-1cdd-457e-a2cd-c8d4d55bc144",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/terminology?WT.mc_id=Portal-fx#application-groups",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -16048,9 +19600,9 @@
             "guid": "971cc4a4-b1f7-4c12-90e0-1ad96808f00c",
             "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits#azure-virtual-desktop-service-limits",
             "services": [
-                "Entra",
                 "AVD",
-                "ACR"
+                "ACR",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Capacity Planning",
@@ -16078,9 +19630,9 @@
             "guid": "38b19ab6-0693-4992-9394-5590883916ec",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/configure-host-pool-personal-desktop-assignment-type?tabs=azure#reassign-a-personal-desktop",
             "services": [
+                "AVD",
                 "Storage",
-                "VM",
-                "AVD"
+                "VM"
             ],
             "severity": "Low",
             "subcategory": "Capacity Planning",
@@ -16094,8 +19646,8 @@
             "guid": "e1112dbd-7ba0-412e-9b94-ef6e047d2ea2",
             "link": "https://docs.microsoft.com/windows-server/remote/remote-desktop-services/virtual-machine-recs",
             "services": [
-                "VM",
-                "AVD"
+                "AVD",
+                "VM"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -16109,8 +19661,8 @@
             "guid": "992b1cd6-d2f5-44b2-a769-e3a691e8838a",
             "link": "https://learn.microsoft.com/azure/architecture/example-scenario/wvd/windows-virtual-desktop#considerations",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -16138,8 +19690,8 @@
             "guid": "b47a393a-0803-4272-a479-8b1578b219a4",
             "link": "https://learn.microsoft.com/azure/virtual-network/accelerated-networking-overview",
             "services": [
-                "VM",
-                "AVD"
+                "AVD",
+                "VM"
             ],
             "severity": "Low",
             "subcategory": "Capacity Planning",
@@ -16167,10 +19719,10 @@
             "guid": "6abca2a4-fda1-4dbf-9dc9-5d48c7c791dc",
             "link": "https://learn.microsoft.com/azure/architecture/example-scenario/wvd/windows-virtual-desktop?toc=%2Fazure%2Fvirtual-desktop%2Ftoc.json&bc=%2Fazure%2Fvirtual-desktop%2Fbreadcrumb%2Ftoc.json",
             "services": [
-                "VPN",
-                "Storage",
                 "AVD",
-                "ExpressRoute"
+                "Storage",
+                "ExpressRoute",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Clients & Users",
@@ -16254,9 +19806,9 @@
             "guid": "8053d89e-89dc-47b3-9be2-a1a27f7a9e91",
             "link": "https://docs.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits",
             "services": [
+                "AVD",
                 "Storage",
-                "VM",
-                "AVD"
+                "VM"
             ],
             "severity": "Low",
             "subcategory": "General",
@@ -16270,10 +19822,10 @@
             "guid": "c14aea7e-65e8-4d9a-9aec-218e6436b073",
             "link": "https://docs.microsoft.com/azure/architecture/reference-architectures/identity/adds-extend-domain",
             "services": [
-                "Entra",
+                "AVD",
                 "Storage",
                 "VNet",
-                "AVD"
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Active Directory",
@@ -16287,8 +19839,8 @@
             "guid": "6db55f57-9603-4334-adf9-cc23418db612",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/create-host-pools-azure-marketplace",
             "services": [
-                "Entra",
-                "AVD"
+                "AVD",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Active Directory",
@@ -16302,8 +19854,8 @@
             "guid": "7126504b-b47a-4393-a080-327294798b15",
             "link": "https://docs.microsoft.com/previous-versions/windows/desktop/Policy/group-policy-hierarchy",
             "services": [
-                "Entra",
-                "AVD"
+                "AVD",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Active Directory",
@@ -16317,8 +19869,8 @@
             "guid": "2226a8e3-50a4-4ac3-8bd6-ee150553051f",
             "link": "https://learn.microsoft.com/fslogix/how-to-use-group-policy-templates",
             "services": [
-                "Entra",
-                "AVD"
+                "AVD",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Active Directory",
@@ -16332,9 +19884,9 @@
             "guid": "347dc560-28a7-41ff-b1cd-15dd2f0d5e77",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/prerequisites?tabs=portal#session-hosts",
             "services": [
-                "Entra",
+                "AVD",
                 "VM",
-                "AVD"
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Active Directory",
@@ -16348,8 +19900,8 @@
             "guid": "2d41e361-1cc5-47b4-a4b1-410d43958a8c",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/manage-app-groups",
             "services": [
-                "Entra",
-                "AVD"
+                "AVD",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Active Directory",
@@ -16363,10 +19915,10 @@
             "guid": "2289b3d6-b57c-4fc6-9546-1e1a3e3453a3",
             "link": "https://docs.microsoft.com/azure/storage/files/storage-files-identity-ad-ds-enable",
             "services": [
-                "Entra",
-                "Storage",
                 "AVD",
-                "AzurePolicy"
+                "Storage",
+                "AzurePolicy",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Active Directory",
@@ -16380,8 +19932,8 @@
             "guid": "5119bf8e-8f58-4542-a7d9-cec166cd072a",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/prerequisites?tabs=portal#identity",
             "services": [
-                "Entra",
-                "AVD"
+                "AVD",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Active Directory",
@@ -16395,9 +19947,9 @@
             "guid": "e777fd5e-c5f1-4d6e-8fa9-fc210b88e338",
             "link": "https://learn.microsoft.com/azure/storage/files/storage-files-identity-auth-hybrid-identities-enable",
             "services": [
-                "Entra",
+                "AVD",
                 "Storage",
-                "AVD"
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Microsoft Entra ID",
@@ -16411,10 +19963,10 @@
             "guid": "6ceb5443-5125-4922-9442-93bb628537a5",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/prerequisites?tabs=portal#identity",
             "services": [
-                "Entra",
-                "VNet",
                 "AVD",
-                "Subscriptions"
+                "VNet",
+                "Subscriptions",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Requirements",
@@ -16428,8 +19980,8 @@
             "guid": "b4ce4781-7557-4a1f-8043-332ae199d44c",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/authentication",
             "services": [
-                "Entra",
-                "AVD"
+                "AVD",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Requirements",
@@ -16443,8 +19995,8 @@
             "guid": "f9b141a8-98a5-435e-9378-97e71ca7da7b",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/prerequisites?tabs=portal#supported-identity-scenarios",
             "services": [
-                "Entra",
-                "AVD"
+                "AVD",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Requirements",
@@ -16458,8 +20010,8 @@
             "guid": "5f9f680a-ba07-4429-bbf7-93d7071561f4",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/authentication#single-sign-on-sso",
             "services": [
-                "Entra",
-                "AVD"
+                "AVD",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Requirements",
@@ -16473,9 +20025,9 @@
             "guid": "ea962a15-9394-46da-a7cc-3923266b2258",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/prerequisites?tabs=portal#supported-identity-scenarios",
             "services": [
-                "Entra",
+                "AVD",
                 "VM",
-                "AVD"
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Requirements",
@@ -16489,8 +20041,8 @@
             "guid": "6f4a1651-bddd-4ea8-a487-cdeb4861bc3b",
             "link": "https://docs.microsoft.com/azure/active-directory-domain-services/compare-identity-solutions",
             "services": [
-                "Entra",
-                "AVD"
+                "AVD",
+                "Entra"
             ],
             "severity": "Low",
             "subcategory": "Requirements",
@@ -16504,9 +20056,9 @@
             "guid": "5549524b-36c0-4f1a-892b-ab3ca78f5db2",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/administrative-template",
             "services": [
-                "Entra",
                 "AVD",
-                "Monitor"
+                "Monitor",
+                "Entra"
             ],
             "severity": "Low",
             "subcategory": "Management",
@@ -16520,8 +20072,8 @@
             "guid": "3334fdf9-1c23-4418-8b65-285269440b4b",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/management",
             "services": [
-                "VM",
                 "AVD",
+                "VM",
                 "Monitor"
             ],
             "severity": "Low",
@@ -16551,9 +20103,9 @@
             "guid": "7138b820-102c-4e16-be30-1e6e872e52e3",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/autoscale-scenarios",
             "services": [
-                "VM",
                 "AVD",
                 "Cost",
+                "VM",
                 "Monitor"
             ],
             "severity": "Medium",
@@ -16568,9 +20120,9 @@
             "guid": "55f612fe-f215-4f0d-a956-10e7dd96bcbc",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/start-virtual-machine-connect",
             "services": [
-                "VM",
                 "AVD",
                 "Cost",
+                "VM",
                 "Monitor"
             ],
             "severity": "Low",
@@ -16585,10 +20137,10 @@
             "guid": "79a686ea-d971-4ea0-a9a8-1aea074c94cb",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/start-virtual-machine-connect-faq#are-vms-automatically-deallocated-when-a-user-stops-using-them",
             "services": [
-                "VM",
-                "AVD",
-                "AzurePolicy",
                 "Monitor",
+                "AzurePolicy",
+                "AVD",
+                "VM",
                 "Cost"
             ],
             "severity": "Low",
@@ -16603,13 +20155,13 @@
             "guid": "51bcafca-476a-48fa-9b91-9645a7679f20",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/tag-virtual-desktop-resources",
             "services": [
+                "Monitor",
                 "Storage",
-                "DNS",
                 "AVD",
-                "VPN",
-                "Monitor",
-                "Cost",
                 "ExpressRoute",
+                "DNS",
+                "Cost",
+                "VPN",
                 "VWAN"
             ],
             "severity": "Low",
@@ -16624,10 +20176,10 @@
             "guid": "611dd68c-5a4b-4252-8e44-a59a9c2399c4",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/azure-advisor-recommendations",
             "services": [
-                "Entra",
-                "Cost",
                 "AVD",
-                "Monitor"
+                "Cost",
+                "Monitor",
+                "Entra"
             ],
             "severity": "Low",
             "subcategory": "Management",
@@ -16671,8 +20223,8 @@
             "guid": "d1e8c38e-c936-4667-913c-005674b1e944",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/create-validation-host-pool",
             "services": [
-                "VM",
                 "AVD",
+                "VM",
                 "Monitor"
             ],
             "severity": "Medium",
@@ -16687,8 +20239,8 @@
             "guid": "a459c373-e7ed-4616-83b3-65a917ecbe48",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/wvd/eslz-platform-automation-and-devops",
             "services": [
-                "VM",
                 "AVD",
+                "VM",
                 "Monitor"
             ],
             "severity": "Medium",
@@ -16703,8 +20255,8 @@
             "guid": "ebe54cd7-df2e-48bb-ac35-81559bb9153e",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/faq",
             "services": [
-                "VM",
                 "AVD",
+                "VM",
                 "Monitor"
             ],
             "severity": "Medium",
@@ -16734,8 +20286,8 @@
             "guid": "81770afb-c4c0-4e43-a186-58d2857ed671",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/diagnostics-log-analytics",
             "services": [
-                "VM",
                 "AVD",
+                "VM",
                 "Monitor"
             ],
             "severity": "Medium",
@@ -16750,8 +20302,8 @@
             "guid": "2463cffe-179c-4599-be0d-5973dd4ce32c",
             "link": "https://docs.microsoft.com/azure/storage/files/storage-files-monitoring?tabs=azure-portal",
             "services": [
-                "Storage",
                 "AVD",
+                "Storage",
                 "Monitor"
             ],
             "severity": "Medium",
@@ -16781,10 +20333,10 @@
             "guid": "dd399cfd-7b28-4dc8-9555-6202bfe4563b",
             "link": "https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/",
             "services": [
-                "VPN",
                 "AVD",
-                "NVA",
-                "ExpressRoute"
+                "ExpressRoute",
+                "VPN",
+                "NVA"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -16798,8 +20350,8 @@
             "guid": "c8639648-a652-4d6c-85e5-02965388e5de",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/wvd/eslz-network-topology-and-connectivity",
             "services": [
-                "VNet",
                 "AVD",
+                "VNet",
                 "VWAN"
             ],
             "severity": "Medium",
@@ -16814,8 +20366,8 @@
             "guid": "d227dd14-2b06-4c21-a799-9a646f4389a7",
             "link": "https://docs.microsoft.com/azure/architecture/reference-architectures/hybrid-networking/",
             "services": [
-                "VPN",
-                "AVD"
+                "AVD",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -16829,9 +20381,9 @@
             "guid": "fc4972cd-3cd2-41bf-9703-6e5e6b4bed3d",
             "link": "https://docs.microsoft.com/azure/firewall/protect-windows-virtual-desktop",
             "services": [
-                "VNet",
                 "AVD",
                 "NVA",
+                "VNet",
                 "Firewall"
             ],
             "severity": "Medium",
@@ -16875,9 +20427,9 @@
             "guid": "523181a9-4174-4158-93ff-7ae7c6d37431",
             "link": "https://docs.microsoft.com/azure/firewall/protect-windows-virtual-desktop",
             "services": [
-                "VNet",
                 "AVD",
                 "NVA",
+                "VNet",
                 "Firewall"
             ],
             "severity": "Low",
@@ -16892,8 +20444,8 @@
             "guid": "cc6edca0-aeca-4566-9e92-cf246f1465af",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/proxy-server-support",
             "services": [
-                "VM",
-                "AVD"
+                "AVD",
+                "VM"
             ],
             "severity": "High",
             "subcategory": "Networking",
@@ -16907,8 +20459,8 @@
             "guid": "516785c6-fa96-4c96-ad88-408f372734c8",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/rdp-bandwidth",
             "services": [
-                "VM",
-                "AVD"
+                "AVD",
+                "VM"
             ],
             "severity": "Low",
             "subcategory": "Networking",
@@ -16922,10 +20474,10 @@
             "guid": "ec27d589-9178-426d-8df2-ff60020f30a6",
             "link": "https://learn.microsoft.com/azure/storage/files/storage-files-networking-endpoints",
             "services": [
-                "PrivateLink",
                 "Storage",
-                "AVD",
                 "VNet",
+                "PrivateLink",
+                "AVD",
                 "Cost"
             ],
             "severity": "Medium",
@@ -16940,8 +20492,8 @@
             "guid": "b2074747-d01a-4f61-b1aa-92ad793d9ff4",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/shortpath",
             "services": [
-                "VPN",
-                "AVD"
+                "AVD",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -16984,10 +20536,10 @@
             "guid": "0fd32907-98bc-4178-adc5-a06ca7144351",
             "link": "https://learn.microsoft.com/azure/virtual-machines/disk-encryption-overview",
             "services": [
-                "AKV",
+                "AVD",
                 "Storage",
                 "VM",
-                "AVD"
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Host Configuration",
@@ -17001,8 +20553,8 @@
             "guid": "36a5a67f-bb9e-4d5b-9547-8c4479816b28",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/security-guide#azure-virtual-desktop-support-for-trusted-launch",
             "services": [
-                "VM",
                 "AVD",
+                "VM",
                 "Monitor"
             ],
             "severity": "Medium",
@@ -17017,8 +20569,8 @@
             "guid": "135d3899-4b31-44d3-bc8f-028871a359d8",
             "link": "https://learn.microsoft.com/windows/whats-new/windows-11-requirements",
             "services": [
-                "VM",
-                "AVD"
+                "AVD",
+                "VM"
             ],
             "severity": "High",
             "subcategory": "Host Configuration",
@@ -17103,12 +20655,12 @@
             "guid": "1814387e-5ca9-4c26-a9b3-2ab5bdfc6998",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/security-guide#enable-microsoft-defender-for-cloud",
             "services": [
-                "AKV",
                 "Storage",
-                "Defender",
-                "VM",
+                "AKV",
+                "Subscriptions",
                 "AVD",
-                "Subscriptions"
+                "VM",
+                "Defender"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -17122,9 +20674,9 @@
             "guid": "a0916a76-4980-4ad0-b278-ee293c1bc352",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/security-guide#collect-audit-logs",
             "services": [
-                "Entra",
                 "AVD",
-                "Monitor"
+                "Monitor",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -17138,9 +20690,9 @@
             "guid": "baaab757-1849-4ab8-893d-c9fc9d1bb73b",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/rbac",
             "services": [
-                "Entra",
+                "AVD",
                 "RBAC",
-                "AVD"
+                "Entra"
             ],
             "severity": "Low",
             "subcategory": "Management",
@@ -17169,8 +20721,8 @@
             "guid": "916d697d-8ead-4ed2-9bdd-186f1ac252b9",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/set-up-mfa",
             "services": [
-                "Entra",
-                "AVD"
+                "AVD",
+                "Entra"
             ],
             "severity": "Medium",
             "subcategory": "Microsoft Entra ID",
@@ -17198,8 +20750,8 @@
             "guid": "9164e990-9ae2-48c8-9c33-b6b7808bafe6",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/fslogix-containers-azure-files#best-practices-for-azure-virtual-desktop",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Azure Files",
@@ -17213,10 +20765,10 @@
             "guid": "5784b6ca-5e9e-4bcf-8b54-c95459ea7369",
             "link": "https://learn.microsoft.com/azure/storage/files/storage-files-smb-multichannel-performance",
             "services": [
-                "Storage",
-                "Cost",
                 "AVD",
-                "ACR"
+                "Storage",
+                "ACR",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "Azure Files",
@@ -17230,8 +20782,8 @@
             "guid": "4a359836-ee79-4d6c-9d3a-364a5b7abae3",
             "link": "https://azure.microsoft.com/global-infrastructure/services/",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Azure NetApp Files",
@@ -17245,8 +20797,8 @@
             "guid": "a2661898-866a-4c8d-9d1f-8cfc86e88024",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/create-fslogix-profile-container",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Azure NetApp Files",
@@ -17260,9 +20812,9 @@
             "guid": "6647e977-db49-48a8-bc35-743f17499d42",
             "link": "https://docs.microsoft.com/azure/azure-netapp-files/create-active-directory-connections",
             "services": [
+                "AVD",
                 "Storage",
-                "VNet",
-                "AVD"
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Azure NetApp Files",
@@ -17276,8 +20828,8 @@
             "guid": "3611c818-b0a0-4bc5-80e4-3a18a9cd289c",
             "link": "https://docs.microsoft.com/azure/virtual-machines/disks-types",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "Capacity Planning",
@@ -17291,9 +20843,9 @@
             "guid": "ed6b17db-8255-4462-b2ae-e4553afc8339",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/store-fslogix-profile",
             "services": [
+                "AVD",
                 "Storage",
-                "VM",
-                "AVD"
+                "VM"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -17307,8 +20859,8 @@
             "guid": "2fad62bd-5004-453c-ace4-64d862e7f5a4",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/store-fslogix-profile",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -17322,8 +20874,8 @@
             "guid": "680e7828-9c93-4665-9d02-bff4564b0d93",
             "link": "https://learn.microsoft.com/azure/virtual-desktop/faq#what-s-the-largest-profile-size-fslogix-can-handle-",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -17337,9 +20889,9 @@
             "guid": "8aad53cc-79e2-4e86-9673-57c549675c5e",
             "link": "https://docs.microsoft.com/azure/virtual-desktop/fslogix-containers-azure-files",
             "services": [
+                "AVD",
                 "Storage",
-                "Cost",
-                "AVD"
+                "Cost"
             ],
             "severity": "High",
             "subcategory": "Capacity Planning",
@@ -17353,9 +20905,9 @@
             "guid": "df47d2d9-2881-4b1c-b5d1-e54a29759e39",
             "link": "https://learn.microsoft.com/fslogix/concepts-container-types#when-to-use-profile-and-odfc-containers",
             "services": [
+                "AVD",
                 "Storage",
-                "ASR",
-                "AVD"
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "FSLogix",
@@ -17369,8 +20921,8 @@
             "guid": "83f63047-22ee-479d-9b5c-3632054b69ba",
             "link": "https://learn.microsoft.com/fslogix/overview-prerequisites#configure-antivirus-file-and-folder-exclusions",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "FSLogix",
@@ -17384,8 +20936,8 @@
             "guid": "01e6a84d-e5df-443d-8992-481718d5d1e5",
             "link": "https://docs.microsoft.com/fslogix/profile-container-configuration-reference",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "FSLogix",
@@ -17399,10 +20951,10 @@
             "guid": "d34aad5e-8c78-4e1d-9666-7313c405674c",
             "link": "https://learn.microsoft.com/fslogix/concepts-configuration-examples",
             "services": [
-                "AKV",
-                "Storage",
                 "AVD",
-                "ACR"
+                "Storage",
+                "ACR",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "FSLogix",
@@ -17416,8 +20968,8 @@
             "guid": "5e985b85-9c77-43e7-b261-623b775a917e",
             "link": "https://learn.microsoft.com/fslogix/concepts-multi-concurrent-connections",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "High",
             "subcategory": "FSLogix",
@@ -17431,9 +20983,9 @@
             "guid": "b2d1215a-e114-4ba3-9df5-85ecdcd9bd3b",
             "link": "https://docs.microsoft.com/fslogix/cloud-cache-configuration-reference",
             "services": [
+                "AVD",
                 "Storage",
-                "VM",
-                "AVD"
+                "VM"
             ],
             "severity": "Low",
             "subcategory": "FSLogix",
@@ -17447,8 +20999,8 @@
             "guid": "0b50ca97-b1d2-473c-b4d9-6e98b0f912de",
             "link": "https://docs.microsoft.com/fslogix/manage-profile-content-cncpt#redirectionsxml",
             "services": [
-                "Storage",
-                "AVD"
+                "AVD",
+                "Storage"
             ],
             "severity": "Medium",
             "subcategory": "FSLogix",
@@ -17632,8 +21184,8 @@
             "link": "https://learn.microsoft.com/azure/cosmos-db/high-availability#multiple-write-regions",
             "service": "CosmosDB",
             "services": [
-                "CosmosDB",
-                "ACR"
+                "ACR",
+                "CosmosDB"
             ],
             "severity": "Medium",
             "subcategory": "High Availability",
@@ -17648,8 +21200,8 @@
             "link": "https://learn.microsoft.com/azure/cosmos-db/high-availability#slas",
             "service": "CosmosDB",
             "services": [
-                "CosmosDB",
-                "ACR"
+                "ACR",
+                "CosmosDB"
             ],
             "severity": "Medium",
             "subcategory": "High Availability",
@@ -17694,9 +21246,9 @@
             "link": "https://learn.microsoft.com/azure/cosmos-db/online-backup-and-restore",
             "service": "CosmosDB",
             "services": [
-                "Backup",
+                "Storage",
                 "CosmosDB",
-                "Storage"
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Backup Strategy",
@@ -17712,8 +21264,8 @@
             "link": "https://learn.microsoft.com/azure/cosmos-db/periodic-backup-restore-introduction",
             "service": "CosmosDB",
             "services": [
-                "Backup",
-                "CosmosDB"
+                "CosmosDB",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Backup Strategy",
@@ -17729,8 +21281,8 @@
             "link": "https://learn.microsoft.com/azure/cosmos-db/continuous-backup-restore-introduction",
             "service": "CosmosDB",
             "services": [
-                "Backup",
-                "CosmosDB"
+                "CosmosDB",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Backup Strategy",
@@ -17775,9 +21327,9 @@
             "link": "https://learn.microsoft.com/azure/well-architected/sap/design-areas/data-platform",
             "service": "SAP",
             "services": [
+                "SAP",
                 "Backup",
-                "ASR",
-                "SAP"
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "Backup and restore",
@@ -17790,9 +21342,9 @@
             "guid": "c4b8e117-930b-4dbd-ae50-7bc5faf6f91a",
             "service": "SAP",
             "services": [
-                "Backup",
+                "SAP",
                 "ASR",
-                "SAP"
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Disaster recovery",
@@ -17806,11 +21358,11 @@
             "link": "https://learn.microsoft.com/azure/reliability/cross-region-replication-azure",
             "service": "SAP",
             "services": [
-                "Backup",
-                "SQL",
                 "Storage",
                 "ASR",
-                "SAP"
+                "Backup",
+                "SAP",
+                "SQL"
             ],
             "severity": "High",
             "subcategory": "Disaster recovery",
@@ -17825,8 +21377,8 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-zones",
             "service": "SAP",
             "services": [
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "Disaster recovery",
@@ -17841,10 +21393,10 @@
             "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering",
             "service": "SAP",
             "services": [
-                "VPN",
-                "ASR",
+                "SAP",
                 "ExpressRoute",
-                "SAP"
+                "VPN",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "Disaster recovery",
@@ -17859,10 +21411,10 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/disaster-recovery-guidance",
             "service": "SAP",
             "services": [
-                "AKV",
+                "SAP",
                 "ACR",
-                "ASR",
-                "SAP"
+                "AKV",
+                "ASR"
             ],
             "severity": "Low",
             "subcategory": "Disaster recovery",
@@ -17876,9 +21428,9 @@
             "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-s4hana",
             "service": "SAP",
             "services": [
+                "SAP",
                 "VNet",
-                "ASR",
-                "SAP"
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "Disaster recovery",
@@ -17893,8 +21445,8 @@
             "service": "SAP",
             "services": [
                 "Storage",
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "Low",
             "subcategory": "Disaster recovery",
@@ -17909,8 +21461,8 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/disaster-recovery-sap-guide?tabs=windows",
             "service": "SAP",
             "services": [
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "Disaster recovery",
@@ -17925,9 +21477,9 @@
             "link": "https://learn.microsoft.com/ja-jp/azure/virtual-network/virtual-networks-faq",
             "service": "SAP",
             "services": [
-                "ASR",
+                "SAP",
                 "VNet",
-                "SAP"
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "Disaster recovery",
@@ -17941,10 +21493,10 @@
             "guid": "0258ed30-fe42-434f-87b9-58f91f908e0a",
             "service": "SAP",
             "services": [
-                "Entra",
-                "ASR",
                 "VM",
-                "SAP"
+                "SAP",
+                "Entra",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "Disaster recovery",
@@ -17959,8 +21511,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-business-continuity-and-disaster-recovery",
             "service": "SAP",
             "services": [
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -17975,8 +21527,8 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/planning-supported-configurations",
             "service": "SAP",
             "services": [
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -17991,10 +21543,10 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/disaster-recovery-sap-guide?tabs=windows",
             "service": "SAP",
             "services": [
-                "Storage",
                 "VM",
-                "ASR",
-                "SAP"
+                "Storage",
+                "SAP",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -18010,8 +21562,8 @@
             "service": "SAP",
             "services": [
                 "Storage",
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -18026,8 +21578,8 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/sap-high-availability-guide-wsfc-shared-disk",
             "service": "SAP",
             "services": [
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -18042,9 +21594,9 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-standard-load-balancer-outbound-connections",
             "service": "SAP",
             "services": [
+                "SAP",
                 "LoadBalancer",
-                "ASR",
-                "SAP"
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -18059,9 +21611,9 @@
             "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-ha-ports-overview?source=recommendations",
             "service": "SAP",
             "services": [
+                "SAP",
                 "LoadBalancer",
-                "ASR",
-                "SAP"
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -18076,8 +21628,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/availability",
             "service": "SAP",
             "services": [
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -18092,10 +21644,10 @@
             "link": "https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1",
             "service": "SAP",
             "services": [
-                "Entra",
-                "ASR",
                 "VM",
-                "SAP"
+                "SAP",
+                "Entra",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -18110,9 +21662,9 @@
             "service": "SAP",
             "services": [
                 "Entra",
-                "ASR",
                 "VM",
                 "RBAC",
+                "ASR",
                 "SAP"
             ],
             "severity": "High",
@@ -18128,8 +21680,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/co-location",
             "service": "SAP",
             "services": [
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "High availability",
@@ -18144,9 +21696,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/availability-set-overview",
             "service": "SAP",
             "services": [
-                "ASR",
                 "VM",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -18162,8 +21714,8 @@
             "service": "SAP",
             "services": [
                 "Entra",
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -18177,9 +21729,9 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/proximity-placement-scenarios",
             "service": "SAP",
             "services": [
+                "SAP",
                 "ACR",
-                "ASR",
-                "SAP"
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -18194,8 +21746,8 @@
             "service": "SAP",
             "services": [
                 "Entra",
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "High availability",
@@ -18210,10 +21762,10 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-suse-multi-sid",
             "service": "SAP",
             "services": [
-                "Entra",
-                "ASR",
                 "VM",
-                "SAP"
+                "SAP",
+                "Entra",
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "High availability",
@@ -18228,10 +21780,10 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-business-continuity-and-disaster-recovery",
             "service": "SAP",
             "services": [
-                "Storage",
                 "VM",
-                "ASR",
-                "SAP"
+                "Storage",
+                "SAP",
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "High availability",
@@ -18245,8 +21797,8 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-rhel-with-hana-ascs-ers-dialog-instance",
             "service": "SAP",
             "services": [
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "High availability",
@@ -18262,8 +21814,8 @@
             "service": "SAP",
             "services": [
                 "Storage",
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "Storage",
@@ -18279,8 +21831,8 @@
             "service": "SAP",
             "services": [
                 "Storage",
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "Storage",
@@ -18296,8 +21848,8 @@
             "service": "SAP",
             "services": [
                 "Storage",
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "Storage",
@@ -18313,8 +21865,8 @@
             "service": "SAP",
             "services": [
                 "Storage",
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "Storage",
@@ -18328,8 +21880,8 @@
             "link": "https://techcommunity.microsoft.com/t5/running-sap-applications-on-the/optimize-your-azure-costs-by-automating-sap-system-start-stop/ba-p/2120675",
             "service": "SAP",
             "services": [
-                "Cost",
-                "SAP"
+                "SAP",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -18343,10 +21895,10 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/hana-vm-premium-ssd-v1",
             "service": "SAP",
             "services": [
-                "Storage",
                 "VM",
-                "Cost",
-                "SAP"
+                "Storage",
+                "SAP",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "&nbsp",
@@ -18360,10 +21912,10 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/hana-vm-premium-ssd-v1",
             "service": "SAP",
             "services": [
-                "Storage",
                 "VM",
-                "Cost",
-                "SAP"
+                "Storage",
+                "SAP",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "&nbsp",
@@ -18379,8 +21931,8 @@
             "services": [
                 "Entra",
                 "RBAC",
-                "Subscriptions",
-                "SAP"
+                "SAP",
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Identity",
@@ -18473,8 +22025,8 @@
             "service": "SAP",
             "services": [
                 "Entra",
-                "AKV",
-                "SAP"
+                "SAP",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -18490,8 +22042,8 @@
             "service": "SAP",
             "services": [
                 "Entra",
-                "AKV",
-                "SAP"
+                "SAP",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Identity",
@@ -18610,9 +22162,9 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups",
             "service": "SAP",
             "services": [
-                "Subscriptions",
+                "SAP",
                 "AzurePolicy",
-                "SAP"
+                "Subscriptions"
             ],
             "severity": "Medium",
             "subcategory": "Subscriptions",
@@ -18627,8 +22179,8 @@
             "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-whole-landscape",
             "service": "SAP",
             "services": [
-                "Subscriptions",
-                "SAP"
+                "SAP",
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Subscriptions",
@@ -18643,8 +22195,8 @@
             "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-whole-landscape",
             "service": "SAP",
             "services": [
-                "Subscriptions",
-                "SAP"
+                "SAP",
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Subscriptions",
@@ -18660,8 +22212,8 @@
             "service": "SAP",
             "services": [
                 "VM",
-                "Subscriptions",
-                "SAP"
+                "SAP",
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Subscriptions",
@@ -18676,8 +22228,8 @@
             "link": "https://learn.microsoft.com/rest/api/reserved-vm-instances/quotaapi?branch=capacity",
             "service": "SAP",
             "services": [
-                "Subscriptions",
-                "SAP"
+                "SAP",
+                "Subscriptions"
             ],
             "severity": "Low",
             "subcategory": "Subscriptions",
@@ -18692,8 +22244,8 @@
             "service": "SAP",
             "services": [
                 "VM",
-                "Subscriptions",
-                "SAP"
+                "SAP",
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Subscriptions",
@@ -18707,8 +22259,8 @@
             "link": "https://azure.microsoft.com/explore/global-infrastructure/products-by-region/",
             "service": "SAP",
             "services": [
-                "Subscriptions",
-                "SAP"
+                "SAP",
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Subscriptions",
@@ -18723,10 +22275,10 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-resource-organization",
             "service": "SAP",
             "services": [
+                "SAP",
                 "TrafficManager",
-                "Cost",
                 "Subscriptions",
-                "SAP"
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Subscriptions",
@@ -18742,8 +22294,8 @@
             "service": "SAP",
             "services": [
                 "Monitor",
-                "Backup",
-                "SAP"
+                "SAP",
+                "Backup"
             ],
             "severity": "High",
             "subcategory": "BCDR",
@@ -18758,10 +22310,10 @@
             "link": "https://learn.microsoft.com/azure/azure-netapp-files/azacsnap-introduction",
             "service": "SAP",
             "services": [
-                "Entra",
+                "Monitor",
                 "Storage",
+                "Entra",
                 "VM",
-                "Monitor",
                 "SAP"
             ],
             "severity": "Medium",
@@ -18792,8 +22344,8 @@
             "service": "SAP",
             "services": [
                 "Entra",
-                "Monitor",
-                "SAP"
+                "SAP",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -18809,8 +22361,8 @@
             "service": "SAP",
             "services": [
                 "Monitor",
-                "Cost",
-                "SAP"
+                "SAP",
+                "Cost"
             ],
             "severity": "Low",
             "subcategory": "Management",
@@ -18825,8 +22377,8 @@
             "service": "SAP",
             "services": [
                 "Entra",
-                "Monitor",
-                "SAP"
+                "SAP",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -18840,9 +22392,9 @@
             "link": "https://learn.microsoft.com/azure/update-manager/scheduled-patching?tabs=schedule-updates-single-machine%2Cschedule-updates-scale-overview",
             "service": "SAP",
             "services": [
-                "Monitor",
                 "VM",
-                "SAP"
+                "SAP",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -18874,8 +22426,8 @@
             "service": "SAP",
             "services": [
                 "Monitor",
-                "SQL",
-                "SAP"
+                "SAP",
+                "SQL"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -18890,10 +22442,10 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/vm-extension-for-sap",
             "service": "SAP",
             "services": [
-                "Entra",
-                "Monitor",
                 "VM",
-                "SAP"
+                "SAP",
+                "Monitor",
+                "Entra"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -18909,8 +22461,8 @@
             "service": "SAP",
             "services": [
                 "Monitor",
-                "AzurePolicy",
-                "SAP"
+                "SAP",
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -18925,9 +22477,9 @@
             "link": "https://learn.microsoft.com/azure/network-watcher/connection-monitor-overview",
             "service": "SAP",
             "services": [
-                "NetworkWatcher",
                 "Monitor",
-                "SAP"
+                "SAP",
+                "NetworkWatcher"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -18942,9 +22494,9 @@
             "link": "https://github.com/Azure/SAP-on-Azure-Scripts-and-Utilities/tree/main/QualityCheck",
             "service": "SAP",
             "services": [
-                "Monitor",
                 "VM",
-                "SAP"
+                "SAP",
+                "Monitor"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -18959,8 +22511,8 @@
             "service": "SAP",
             "services": [
                 "Monitor",
-                "Subscriptions",
-                "SAP"
+                "SAP",
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -18977,8 +22529,8 @@
             "services": [
                 "Monitor",
                 "Storage",
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -18993,8 +22545,8 @@
             "link": "https://learn.microsoft.com/azure/sentinel/sap/deployment-overview",
             "service": "SAP",
             "services": [
-                "Sentinel",
                 "Monitor",
+                "Sentinel",
                 "SAP"
             ],
             "severity": "Medium",
@@ -19011,8 +22563,8 @@
             "service": "SAP",
             "services": [
                 "Monitor",
-                "Cost",
-                "SAP"
+                "SAP",
+                "Cost"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -19027,9 +22579,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-test-latency?tabs=windows",
             "service": "SAP",
             "services": [
-                "Monitor",
                 "VM",
-                "SAP"
+                "SAP",
+                "Monitor"
             ],
             "severity": "Low",
             "subcategory": "Performance",
@@ -19044,8 +22596,8 @@
             "service": "SAP",
             "services": [
                 "Monitor",
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "Performance",
@@ -19109,8 +22661,8 @@
             "service": "SAP",
             "services": [
                 "Monitor",
-                "SQL",
-                "SAP"
+                "SAP",
+                "SQL"
             ],
             "severity": "Medium",
             "subcategory": "Performance",
@@ -19126,8 +22678,8 @@
             "service": "SAP",
             "services": [
                 "Monitor",
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "Reliability",
@@ -19142,10 +22694,10 @@
             "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
             "service": "SAP",
             "services": [
+                "SAP",
                 "AppGW",
-                "WAF",
                 "AzurePolicy",
-                "SAP"
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "App delivery",
@@ -19160,8 +22712,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-network-topology-and-connectivity",
             "service": "SAP",
             "services": [
-                "DNS",
                 "VM",
+                "DNS",
                 "SAP"
             ],
             "severity": "Medium",
@@ -19178,8 +22730,8 @@
             "service": "SAP",
             "services": [
                 "DNS",
-                "VNet",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "DNS",
@@ -19195,8 +22747,8 @@
             "service": "SAP",
             "services": [
                 "ACR",
-                "VNet",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Hybrid",
@@ -19211,8 +22763,8 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/planning-guide",
             "service": "SAP",
             "services": [
-                "NVA",
-                "SAP"
+                "SAP",
+                "NVA"
             ],
             "severity": "High",
             "subcategory": "Hybrid",
@@ -19227,9 +22779,9 @@
             "link": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/?source=recommendations",
             "service": "SAP",
             "services": [
-                "VWAN",
+                "SAP",
                 "ACR",
-                "SAP"
+                "VWAN"
             ],
             "severity": "Medium",
             "subcategory": "Hybrid",
@@ -19244,9 +22796,9 @@
             "link": "https://learn.microsoft.com/azure/well-architected/services/networking/network-virtual-appliances/reliability",
             "service": "SAP",
             "services": [
-                "VNet",
+                "SAP",
                 "NVA",
-                "SAP"
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Hybrid",
@@ -19261,10 +22813,10 @@
             "link": "https://learn.microsoft.com/azure/architecture/networking/hub-spoke-vwan-architecture",
             "service": "SAP",
             "services": [
-                "VWAN",
-                "VNet",
+                "SAP",
                 "NVA",
-                "SAP"
+                "VNet",
+                "VWAN"
             ],
             "severity": "Medium",
             "subcategory": "Hybrid",
@@ -19279,9 +22831,9 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
             "service": "SAP",
             "services": [
-                "VNet",
                 "VM",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "IP plan",
@@ -19296,9 +22848,9 @@
             "link": "https://learn.microsoft.com/training/modules/protect-on-premises-infrastructure-with-azure-site-recovery/?source=recommendations",
             "service": "SAP",
             "services": [
+                "SAP",
                 "VNet",
-                "ASR",
-                "SAP"
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "IP plan",
@@ -19313,8 +22865,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
             "service": "SAP",
             "services": [
-                "VNet",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "IP plan",
@@ -19330,8 +22882,8 @@
             "service": "SAP",
             "services": [
                 "Storage",
-                "VNet",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "IP plan",
@@ -19346,8 +22898,8 @@
             "link": "https://learn.microsoft.com/azure/well-architected/services/networking/azure-firewall?toc=%2Fazure%2Ffirewall%2Ftoc.json&bc=%2Fazure%2Ffirewall%2Fbreadcrumb%2Ftoc.json",
             "service": "SAP",
             "services": [
-                "Firewall",
-                "SAP"
+                "SAP",
+                "Firewall"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -19362,9 +22914,9 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/expose-sap-process-orchestration-on-azure",
             "service": "SAP",
             "services": [
+                "SAP",
                 "AppGW",
-                "WAF",
-                "SAP"
+                "WAF"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -19380,10 +22932,10 @@
             "service": "SAP",
             "services": [
                 "AzurePolicy",
-                "FrontDoor",
+                "WAF",
                 "ACR",
-                "SAP",
-                "WAF"
+                "FrontDoor",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -19398,11 +22950,11 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/afds-overview",
             "service": "SAP",
             "services": [
-                "AppGW",
                 "AzurePolicy",
+                "AppGW",
+                "WAF",
                 "FrontDoor",
-                "SAP",
-                "WAF"
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -19417,10 +22969,10 @@
             "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
             "service": "SAP",
             "services": [
-                "LoadBalancer",
+                "SAP",
                 "AppGW",
                 "WAF",
-                "SAP"
+                "LoadBalancer"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -19435,9 +22987,9 @@
             "link": "https://learn.microsoft.com/azure/frontdoor/front-door-overview",
             "service": "SAP",
             "services": [
-                "VWAN",
+                "SAP",
                 "ACR",
-                "SAP"
+                "VWAN"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -19452,12 +23004,12 @@
             "link": "https://learn.microsoft.com/azure/virtual-network/vnet-integration-for-azure-services",
             "service": "SAP",
             "services": [
-                "PrivateLink",
-                "Backup",
                 "Storage",
+                "VNet",
+                "PrivateLink",
                 "ACR",
-                "SAP",
-                "VNet"
+                "Backup",
+                "SAP"
             ],
             "severity": "Medium",
             "subcategory": "Internet",
@@ -19488,8 +23040,8 @@
             "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-multivip-overview",
             "service": "SAP",
             "services": [
-                "LoadBalancer",
-                "SAP"
+                "SAP",
+                "LoadBalancer"
             ],
             "severity": "Medium",
             "subcategory": "Segmentation",
@@ -19505,8 +23057,8 @@
             "service": "SAP",
             "services": [
                 "VM",
-                "VNet",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Segmentation",
@@ -19521,8 +23073,8 @@
             "link": "https://me.sap.com/notes/2015553",
             "service": "SAP",
             "services": [
-                "VNet",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Segmentation",
@@ -19567,9 +23119,9 @@
             "link": "https://me.sap.com/notes/2015553",
             "service": "SAP",
             "services": [
+                "SAP",
                 "VNet",
-                "Cost",
-                "SAP"
+                "Cost"
             ],
             "severity": "High",
             "subcategory": "Segmentation",
@@ -19584,8 +23136,8 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-rhel",
             "service": "SAP",
             "services": [
-                "LoadBalancer",
-                "SAP"
+                "SAP",
+                "LoadBalancer"
             ],
             "severity": "High",
             "subcategory": "Segmentation",
@@ -19600,8 +23152,8 @@
             "link": "https://learn.microsoft.com/azure/sap/workloads/rise-integration",
             "service": "SAP",
             "services": [
-                "VNet",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "Medium",
             "subcategory": "Segmentation",
@@ -19615,9 +23167,9 @@
             "link": "https://learn.microsoft.com/azure/backup/sap-hana-database-about",
             "service": "SAP",
             "services": [
-                "Backup",
                 "VM",
-                "SAP"
+                "SAP",
+                "Backup"
             ],
             "severity": "High",
             "subcategory": "&nbsp",
@@ -19632,8 +23184,8 @@
             "service": "SAP",
             "services": [
                 "Monitor",
-                "ASR",
-                "SAP"
+                "SAP",
+                "ASR"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -19662,9 +23214,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/workloads/oracle/oracle-database-backup-strategies",
             "service": "SAP",
             "services": [
-                "Backup",
                 "VM",
-                "SAP"
+                "SAP",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -19679,8 +23231,8 @@
             "service": "SAP",
             "services": [
                 "Storage",
-                "SQL",
-                "SAP"
+                "SAP",
+                "SQL"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -19694,9 +23246,9 @@
             "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/automated-backup?view=azuresql",
             "service": "SAP",
             "services": [
-                "Backup",
                 "VM",
-                "SAP"
+                "SAP",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -19767,8 +23319,8 @@
             "service": "SAP",
             "services": [
                 "Monitor",
-                "SQL",
-                "SAP"
+                "SAP",
+                "SQL"
             ],
             "severity": "Medium",
             "subcategory": "&nbsp",
@@ -19858,8 +23410,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/sap-lza-database-security",
             "service": "SAP",
             "services": [
-                "SQL",
-                "SAP"
+                "SAP",
+                "SQL"
             ],
             "severity": "Low",
             "subcategory": "Governance",
@@ -19873,8 +23425,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/sap-lza-database-security",
             "service": "SAP",
             "services": [
-                "SQL",
-                "SAP"
+                "SAP",
+                "SQL"
             ],
             "severity": "High",
             "subcategory": "Governance",
@@ -19889,11 +23441,11 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-security-governance-and-compliance",
             "service": "SAP",
             "services": [
+                "Storage",
                 "AKV",
                 "Backup",
-                "SQL",
-                "Storage",
-                "SAP"
+                "SAP",
+                "SQL"
             ],
             "severity": "High",
             "subcategory": "Secrets",
@@ -19908,9 +23460,9 @@
             "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
             "service": "SAP",
             "services": [
-                "AKV",
                 "Storage",
-                "SAP"
+                "SAP",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -19925,8 +23477,8 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/overview",
             "service": "SAP",
             "services": [
-                "AKV",
-                "SAP"
+                "SAP",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Secrets",
@@ -19941,10 +23493,10 @@
             "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/lock-resources?tabs=json",
             "service": "SAP",
             "services": [
-                "AKV",
                 "AzurePolicy",
-                "RBAC",
                 "Subscriptions",
+                "AKV",
+                "RBAC",
                 "SAP"
             ],
             "severity": "Medium",
@@ -19960,9 +23512,9 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/soft-delete-overview",
             "service": "SAP",
             "services": [
-                "AKV",
+                "SAP",
                 "AzurePolicy",
-                "SAP"
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -19978,9 +23530,9 @@
             "service": "SAP",
             "services": [
                 "RBAC",
-                "AKV",
+                "SAP",
                 "AzurePolicy",
-                "SAP"
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Secrets",
@@ -19995,10 +23547,10 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-security-governance-and-compliance",
             "service": "SAP",
             "services": [
-                "AKV",
-                "Storage",
                 "Defender",
-                "SAP"
+                "Storage",
+                "SAP",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Secrets",
@@ -20013,10 +23565,10 @@
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/just-in-time-access-overview?tabs=defender-for-container-arch-aks",
             "service": "SAP",
             "services": [
-                "RBAC",
-                "AKV",
                 "Defender",
-                "SAP"
+                "RBAC",
+                "SAP",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Secrets",
@@ -20031,8 +23583,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-security-governance-and-compliance",
             "service": "SAP",
             "services": [
-                "AKV",
-                "SAP"
+                "SAP",
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Secrets",
@@ -20047,8 +23599,8 @@
             "link": "https://learn.microsoft.com/azure/storage/common/storage-encryption-key-model-get?tabs=portal",
             "service": "SAP",
             "services": [
-                "AKV",
-                "SAP"
+                "SAP",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -20063,8 +23615,8 @@
             "link": "https://learn.microsoft.com/ja-jp/azure/key-vault/general/best-practices",
             "service": "SAP",
             "services": [
-                "AKV",
-                "SAP"
+                "SAP",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Secrets",
@@ -20079,8 +23631,8 @@
             "link": "https://learn.microsoft.com/azure/key-vault/certificates/certificate-scenarios",
             "service": "SAP",
             "services": [
-                "AKV",
-                "SAP"
+                "SAP",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Secrets",
@@ -20096,8 +23648,8 @@
             "service": "SAP",
             "services": [
                 "RBAC",
-                "Subscriptions",
-                "SAP"
+                "SAP",
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Security",
@@ -20112,9 +23664,9 @@
             "link": "https://blogs.sap.com/2019/07/21/sap-security-operations-on-azure/",
             "service": "SAP",
             "services": [
-                "PrivateLink",
+                "SAP",
                 "NVA",
-                "SAP"
+                "PrivateLink"
             ],
             "severity": "High",
             "subcategory": "Security",
@@ -20129,8 +23681,8 @@
             "link": "https://learn.microsoft.com/en-us/training/modules/secure-vms-with-azure-security-center/?source=recommendations",
             "service": "SAP",
             "services": [
-                "Storage",
                 "VM",
+                "Storage",
                 "SAP"
             ],
             "severity": "Low",
@@ -20162,8 +23714,8 @@
             "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-whole-landscape",
             "service": "SAP",
             "services": [
-                "VNet",
-                "SAP"
+                "SAP",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Security",
@@ -20178,8 +23730,8 @@
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-security-governance-and-compliance",
             "service": "SAP",
             "services": [
-                "WAF",
-                "SAP"
+                "SAP",
+                "WAF"
             ],
             "severity": "Low",
             "subcategory": "Security",
@@ -20194,9 +23746,9 @@
             "link": "https://learn.microsoft.com/azure/sap/monitor/enable-tls-azure-monitor-sap-solutions",
             "service": "SAP",
             "services": [
-                "AKV",
                 "Monitor",
-                "SAP"
+                "SAP",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -20395,8 +23947,8 @@
             "link": "https://learn.microsoft.com/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-nonaad",
             "services": [
                 "Entra",
-                "AKV",
-                "Arc"
+                "Arc",
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Access",
@@ -20490,8 +24042,8 @@
             "guid": "6ee79d6b-5c2a-4364-a4b6-9bad38aad53c",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/plan-at-scale-deployment",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -20505,8 +24057,8 @@
             "guid": "c78e1d76-6673-457c-9496-74c5ed85b859",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/manage-agent#upgrade-the-agent",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "High",
             "subcategory": "Management",
@@ -20520,9 +24072,9 @@
             "guid": "c7733be2-a1a2-47b7-95a9-1be1f388ff39",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/manage-vm-extensions",
             "services": [
+                "Monitor",
                 "Arc",
-                "AzurePolicy",
-                "Monitor"
+                "AzurePolicy"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -20536,8 +24088,8 @@
             "guid": "4c2bd463-cbbb-4c86-a195-abb91a4ed90d",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/manage-automatic-vm-extension-upgrade?tabs=azure-portal",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "High",
             "subcategory": "Management",
@@ -20551,8 +24103,8 @@
             "guid": "7a927c39-74d1-4102-aac6-aae01e6a84de",
             "link": "https://learn.microsoft.com/azure/automanage/automanage-arc",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Management",
@@ -20565,8 +24117,8 @@
             "guid": "37b6b780-cbaf-4e6c-9658-9d457a927c39",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/plan-at-scale-deployment#phase-3-manage-and-operate",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "High",
             "subcategory": "Monitoring",
@@ -20579,8 +24131,8 @@
             "guid": "74d1102c-ac6a-4ae0-8e6a-84de5df47d2d",
             "link": "https://learn.microsoft.com/azure/azure-monitor/agents/log-analytics-agent#data-collected",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -20593,8 +24145,8 @@
             "guid": "92881b1c-d5d1-4e54-a296-59e3958fd782",
             "link": "https://learn.microsoft.com/azure/service-health/resource-health-alert-monitor-guide",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -20607,8 +24159,8 @@
             "guid": "89c93555-6d02-4bfe-9564-b0d834a34872",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/learn/tutorial-enable-vm-insights",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -20621,8 +24173,8 @@
             "guid": "5df47d2d-9288-41b1-ad5d-1e54a29659e3",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/plan-at-scale-deployment#phase-3-manage-and-operate",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -20636,8 +24188,8 @@
             "guid": "ae2cc84c-37b6-4b78-8cba-fe6c46589d45",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/manage/hybrid/server/best-practices/arc-update-management",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Low",
             "subcategory": "Security",
@@ -20679,10 +24231,10 @@
             "guid": "94174158-33ee-47ad-9c6d-3733165c7acb",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/private-link-security",
             "services": [
-                "VPN",
                 "Arc",
-                "PrivateLink",
-                "ExpressRoute"
+                "ExpressRoute",
+                "VPN",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Networking",
@@ -20738,9 +24290,9 @@
             "guid": "a264f9a1-9bf3-49d9-9d44-c7c8919ca1f6",
             "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/hybrid/arc-enabled-servers/eslz-arc-servers-connectivity#define-extensions-connectivity-method",
             "services": [
-                "PrivateLink",
+                "Monitor",
                 "Arc",
-                "Monitor"
+                "PrivateLink"
             ],
             "severity": "Low",
             "subcategory": "Networking",
@@ -20794,8 +24346,8 @@
             "guid": "49674c5e-d85b-4859-a773-3be2a1a27b77",
             "link": "https://learn.microsoft.com/azure/automation/change-tracking/overview",
             "services": [
-                "Arc",
-                "Monitor"
+                "Monitor",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Monitoring",
@@ -20821,8 +24373,8 @@
             "guid": "195abb91-a4ed-490d-ae2c-c84c37b6b780",
             "link": "https://learn.microsoft.com/azure/key-vault/general/basic-concepts",
             "services": [
-                "AKV",
-                "Arc"
+                "Arc",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -20837,9 +24389,9 @@
             "link": "https://learn.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal#option-2-create-a-new-application-secret",
             "services": [
                 "Entra",
-                "AKV",
+                "Storage",
                 "Arc",
-                "Storage"
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Secrets",
@@ -20853,8 +24405,8 @@
             "guid": "a1a27b77-5a91-4be1-b388-ff394c2bd463",
             "link": "https://learn.microsoft.com/azure/azure-arc/servers/security-overview#using-disk-encryption",
             "services": [
-                "AKV",
-                "Arc"
+                "Arc",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Secrets",
@@ -20910,8 +24462,8 @@
             "guid": "5a91be1f-388f-4f39-9c2b-d463cbbbc868",
             "link": "https://learn.microsoft.com/azure/security-center/security-center-get-started",
             "services": [
-                "Arc",
-                "Defender"
+                "Defender",
+                "Arc"
             ],
             "severity": "Medium",
             "subcategory": "Security",
@@ -20950,9 +24502,9 @@
             "guid": "676f6951-0368-49e9-808d-c33a692c9a64",
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/sql-database-security-baseline#br-2-encrypt-backup-data",
             "services": [
+                "SQL",
                 "AKV",
-                "Backup",
-                "SQL"
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Azure Key Vault",
@@ -20966,9 +24518,9 @@
             "guid": "e2518261-b3bc-4bd1-b331-637fb2df833f",
             "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/sql-database-security-baseline#br-1-ensure-regular-automated-backups",
             "services": [
-                "Backup",
+                "Storage",
                 "SQL",
-                "Storage"
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Backup",
@@ -20982,9 +24534,9 @@
             "guid": "f8c7cda2-3ed7-43fb-a100-85dcd12a0ee4",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/automated-backups-overview?tabs=single-database&view=azuresql#backup-storage-redundancy",
             "services": [
-                "Backup",
                 "Storage",
-                "SQL"
+                "SQL",
+                "Backup"
             ],
             "severity": "Low",
             "subcategory": "Backup",
@@ -21040,9 +24592,9 @@
             "guid": "4e52d73f-5d37-428f-b3a2-e6997e835979",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/threat-detection-configure",
             "services": [
+                "Defender",
                 "EventHubs",
-                "SQL",
-                "Defender"
+                "SQL"
             ],
             "severity": "High",
             "subcategory": "Advanced Threat Protection",
@@ -21056,9 +24608,9 @@
             "guid": "dff87489-9edb-4cef-bdda-86e8212b2aa1",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/azure-defender-for-sql?view=azuresql#enable-microsoft-defender-for-sql ",
             "services": [
-                "Subscriptions",
+                "Defender",
                 "SQL",
-                "Defender"
+                "Subscriptions"
             ],
             "severity": "High",
             "subcategory": "Defender for Azure SQL",
@@ -21072,8 +24624,8 @@
             "guid": "ca342fdf-d25a-4427-b105-fcd50ff8a0ea",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/threat-detection-configure",
             "services": [
-                "SQL",
                 "Defender",
+                "SQL",
                 "Monitor"
             ],
             "severity": "High",
@@ -21088,8 +24640,8 @@
             "guid": "a6101ae7-534c-45ab-86fd-b34c55ea21ca",
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/sql-azure-vulnerability-assessment-overview",
             "services": [
-                "SQL",
                 "Defender",
+                "SQL",
                 "Monitor"
             ],
             "severity": "High",
@@ -21104,8 +24656,8 @@
             "guid": "c8c5f112-1e50-4f77-9264-8195b4cd61ac",
             "link": "https://learn.microsoft.com/azure/defender-for-cloud/sql-azure-vulnerability-assessment-find?view=azuresql",
             "services": [
-                "SQL",
-                "Defender"
+                "Defender",
+                "SQL"
             ],
             "severity": "High",
             "subcategory": "Vulnerability Assessment",
@@ -21133,9 +24685,9 @@
             "guid": "c03ce136-e3d5-4e17-bf25-ed955ee480d3",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/security-best-practice?view=azuresql#control-access-of-application-users-to-sensitive-data-through-encryption",
             "services": [
-                "AKV",
                 "Storage",
-                "SQL"
+                "SQL",
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Column Encryption",
@@ -21149,9 +24701,9 @@
             "guid": "c614ac47-bebf-4061-b0a1-43e0c6b5e00d",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/transparent-data-encryption-byok-create-server",
             "services": [
-                "Backup",
                 "Storage",
-                "SQL"
+                "SQL",
+                "Backup"
             ],
             "severity": "High",
             "subcategory": "Transparent Data Encryption",
@@ -21165,8 +24717,8 @@
             "guid": "2edb4165-4f54-47cc-a891-5c82c2f21e25",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/transparent-data-encryption-byok-overview",
             "services": [
-                "AKV",
-                "SQL"
+                "SQL",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Transparent Data Encryption",
@@ -21242,9 +24794,9 @@
             "services": [
                 "Entra",
                 "AKV",
-                "SQL",
                 "RBAC",
-                "ACR"
+                "ACR",
+                "SQL"
             ],
             "severity": "Low",
             "subcategory": "Managed Identities",
@@ -21363,12 +24915,12 @@
             "guid": "9b64bc50-b60f-4035-bf7a-28c4806dfb46",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/auditing-overview",
             "services": [
+                "Monitor",
+                "EventHubs",
+                "Storage",
                 "Entra",
                 "Backup",
-                "Storage",
-                "SQL",
-                "Monitor",
-                "EventHubs"
+                "SQL"
             ],
             "severity": "Low",
             "subcategory": "Auditing",
@@ -21382,11 +24934,11 @@
             "guid": "fcd34708-87ac-4efc-aaf6-57a47f76644a",
             "link": "https://learn.microsoft.com/azure/azure-monitor/essentials/activity-log",
             "services": [
+                "Monitor",
+                "EventHubs",
                 "Storage",
-                "SQL",
                 "Subscriptions",
-                "Monitor",
-                "EventHubs"
+                "SQL"
             ],
             "severity": "Medium",
             "subcategory": "Auditing",
@@ -21400,8 +24952,8 @@
             "guid": "f96e127e-9572-453a-b325-ff89ae9f6b44",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/auditing-overview",
             "services": [
-                "SQL",
-                "Monitor"
+                "Monitor",
+                "SQL"
             ],
             "severity": "Medium",
             "subcategory": "SIEM/SOAR",
@@ -21415,8 +24967,8 @@
             "guid": "41503bf8-73da-4a10-af9f-5f7fceb5456f",
             "link": "https://learn.microsoft.com/azure/azure-monitor/essentials/activity-log",
             "services": [
-                "SQL",
-                "Monitor"
+                "Monitor",
+                "SQL"
             ],
             "severity": "Medium",
             "subcategory": "SIEM/SOAR",
@@ -21445,8 +24997,8 @@
             "guid": "2c6d356a-1784-475b-a42c-ec187dc8c925",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/network-access-controls-overview",
             "services": [
-                "PrivateLink",
-                "SQL"
+                "SQL",
+                "PrivateLink"
             ],
             "severity": "High",
             "subcategory": "Connectivity",
@@ -21460,9 +25012,9 @@
             "guid": "557b3ce5-bada-4296-8d52-a2d447bc1718",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/connectivity-architecture",
             "services": [
-                "PrivateLink",
                 "SQL",
-                "AzurePolicy"
+                "AzurePolicy",
+                "PrivateLink"
             ],
             "severity": "Low",
             "subcategory": "Connectivity",
@@ -21522,10 +25074,10 @@
             "guid": "246cd832-f550-4af0-9c74-ca9baeeb8860",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/private-endpoint-overview?view=azuresql#disable-public-access-to-your-logical-server",
             "services": [
-                "PrivateLink",
-                "SQL",
                 "Monitor",
                 "VNet",
+                "PrivateLink",
+                "SQL",
                 "Firewall"
             ],
             "severity": "Medium",
@@ -21540,9 +25092,9 @@
             "guid": "3a0808ee-ea7a-47ab-bdce-920a6a2b3881",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/private-endpoint-overview?view=azuresql#disable-public-access-to-your-logical-server",
             "services": [
-                "PrivateLink",
                 "SQL",
-                "VNet"
+                "VNet",
+                "PrivateLink"
             ],
             "severity": "High",
             "subcategory": "Private Access",
@@ -21556,9 +25108,9 @@
             "guid": "8600527e-e8c4-4424-90ef-1f0dca0224f2",
             "link": "https://learn.microsoft.com/azure/private-link/private-endpoint-overview#network-security-of-private-endpoints",
             "services": [
-                "PrivateLink",
                 "SQL",
-                "VNet"
+                "VNet",
+                "PrivateLink"
             ],
             "severity": "Medium",
             "subcategory": "Private Access",
@@ -21572,8 +25124,8 @@
             "guid": "18123ef4-a0a6-45e3-87fe-7f454f65d975",
             "link": "https://learn.microsoft.com/azure/azure-sql/managed-instance/connectivity-architecture-overview",
             "services": [
-                "VNet",
                 "SQL",
+                "VNet",
                 "ExpressRoute"
             ],
             "severity": "Medium",
@@ -21588,8 +25140,8 @@
             "guid": "55187443-6852-4fbd-99c6-ce303597ca7f",
             "link": "https://learn.microsoft.com/azure/azure-sql/database/network-access-controls-overview?view=azuresql#ip-vs-virtual-network-firewall-rules",
             "services": [
-                "VNet",
                 "SQL",
+                "VNet",
                 "AzurePolicy"
             ],
             "severity": "High",
@@ -21634,8 +25186,8 @@
             "guid": "b8435656-143e-41a8-9922-61d34edb751a",
             "link": "https://learn.microsoft.com/azure/azure-sql/managed-instance/public-endpoint-overview",
             "services": [
-                "VNet",
                 "SQL",
+                "VNet",
                 "AzurePolicy"
             ],
             "severity": "High",
@@ -21650,8 +25202,8 @@
             "guid": "057dd298-8726-4aa6-b590-1f81d2e30421",
             "link": "https://learn.microsoft.com/azure/azure-sql/managed-instance/public-endpoint-overview",
             "services": [
-                "VNet",
-                "SQL"
+                "SQL",
+                "VNet"
             ],
             "severity": "High",
             "subcategory": "Public Access",
@@ -21972,8 +25524,8 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/disaster-recovery-guidance",
             "service": "Key Vault",
             "services": [
-                "AKV",
-                "ACR"
+                "ACR",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "High Availability",
@@ -22001,8 +25553,8 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/disaster-recovery-guidance#failover-across-regions",
             "service": "Key Vault",
             "services": [
-                "AKV",
-                "AzurePolicy"
+                "AzurePolicy",
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "High Availability",
@@ -22016,11 +25568,11 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/backup?tabs=azure-cli#design-considerations",
             "service": "Key Vault",
             "services": [
-                "AKV",
                 "Storage",
-                "Backup",
+                "Subscriptions",
+                "AKV",
                 "ASR",
-                "Subscriptions"
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "Business continuity and disaster recovery",
@@ -22034,8 +25586,8 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/soft-delete-overview",
             "service": "Key Vault",
             "services": [
-                "AKV",
-                "ASR"
+                "ASR",
+                "AKV"
             ],
             "severity": "High",
             "subcategory": "Business continuity and disaster recovery",
@@ -22049,8 +25601,8 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/soft-delete-overview",
             "service": "Key Vault",
             "services": [
-                "AKV",
-                "ASR"
+                "ASR",
+                "AKV"
             ],
             "severity": "Low",
             "subcategory": "Business continuity and disaster recovery",
@@ -22064,9 +25616,9 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/backup?tabs=azure-cli#limitations",
             "service": "Key Vault",
             "services": [
+                "ASR",
                 "AKV",
-                "Backup",
-                "ASR"
+                "Backup"
             ],
             "severity": "Low",
             "subcategory": "Business continuity and disaster recovery",
@@ -22080,9 +25632,9 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/backup?tabs=azure-cli#limitations",
             "service": "Key Vault",
             "services": [
+                "ASR",
                 "AKV",
-                "Backup",
-                "ASR"
+                "Backup"
             ],
             "severity": "Low",
             "subcategory": "Business continuity and disaster recovery",
@@ -22096,9 +25648,9 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/soft-delete-overview#purge-protection",
             "service": "Key Vault",
             "services": [
-                "AKV",
+                "EventHubs",
                 "ASR",
-                "EventHubs"
+                "AKV"
             ],
             "severity": "Medium",
             "subcategory": "Business continuity and disaster recovery",
@@ -22202,8 +25754,8 @@
             "link": "https://learn.microsoft.com/azure/backup/backup-azure-vms-introduction",
             "service": "VM",
             "services": [
-                "Backup",
-                "VM"
+                "VM",
+                "Backup"
             ],
             "severity": "High",
             "subcategory": "Virtual Machines",
@@ -22248,9 +25800,9 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/managed-disks-overview#temporary-disk",
             "service": "VM",
             "services": [
-                "SQL",
+                "VM",
                 "Storage",
-                "VM"
+                "SQL"
             ],
             "severity": "Medium",
             "subcategory": "Virtual Machines",
@@ -22265,8 +25817,8 @@
             "link": "https://learn.microsoft.com/azure/reliability/availability-zones-overview",
             "service": "VM",
             "services": [
-                "Storage",
                 "VM",
+                "Storage",
                 "ACR"
             ],
             "severity": "Medium",
@@ -22297,8 +25849,8 @@
             "link": "https://learn.microsoft.com/azure/virtual-machines/availability",
             "service": "VM",
             "services": [
-                "ASR",
-                "VM"
+                "VM",
+                "ASR"
             ],
             "severity": "High",
             "subcategory": "Virtual Machines",
@@ -22313,9 +25865,9 @@
             "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
             "service": "VM",
             "services": [
-                "AVS",
                 "VM",
-                "ASR"
+                "ASR",
+                "AVS"
             ],
             "severity": "High",
             "subcategory": "Virtual Machines",
@@ -22579,10 +26131,10 @@
             "guid": "8df03a82-2cd4-463c-abbc-8ac299ebc92a",
             "link": "https://learn.microsoft.com/azure/networking/disaster-recovery-dns-traffic-manager",
             "services": [
+                "Monitor",
                 "DNS",
-                "TrafficManager",
                 "ASR",
-                "Monitor"
+                "TrafficManager"
             ],
             "severity": "Low",
             "subcategory": "DNS",
@@ -22642,8 +26194,8 @@
             "guid": "a359c373-e7dd-4616-83a3-64a907ebae48",
             "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering",
             "services": [
-                "Backup",
-                "ExpressRoute"
+                "ExpressRoute",
+                "Backup"
             ],
             "severity": "Medium",
             "subcategory": "ExpressRoute",
@@ -22657,10 +26209,10 @@
             "guid": "ead53cc7-de2e-48aa-ab35-71549ab9153d",
             "link": "https://learn.microsoft.com/azure/expressroute/use-s2s-vpn-as-backup-for-expressroute-privatepeering",
             "services": [
-                "VPN",
-                "Backup",
                 "Cost",
-                "ExpressRoute"
+                "ExpressRoute",
+                "VPN",
+                "Backup"
             ],
             "severity": "Low",
             "subcategory": "ExpressRoute",
@@ -22688,8 +26240,8 @@
             "guid": "b2b38c88-6ba2-4c02-8499-114a5d3ce574",
             "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-standard-availability-zones",
             "services": [
-                "LoadBalancer",
-                "VM"
+                "VM",
+                "LoadBalancer"
             ],
             "severity": "Low",
             "subcategory": "Load Balancers",
@@ -22703,8 +26255,8 @@
             "guid": "dccbd979-2a6b-4cca-8b5f-ea1ebf3dd95d",
             "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-custom-probe-overview#design-guidance",
             "services": [
-                "LoadBalancer",
-                "Monitor"
+                "Monitor",
+                "LoadBalancer"
             ],
             "severity": "Low",
             "subcategory": "Load Balancers",
@@ -22733,8 +26285,8 @@
             "guid": "927139b8-2110-42db-b6ea-f11e6f843e53",
             "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-highlyavailable",
             "services": [
-                "VPN",
-                "ACR"
+                "ACR",
+                "VPN"
             ],
             "severity": "Medium",
             "subcategory": "VPN Gateways",
@@ -22756,6344 +26308,6212 @@
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Devices/provisioningServices",
-            "checklist": "WAF checklist",
-            "guid": "cb26b2ba-a9db-45d1-8260-d9c6ec1447d9",
-            "link": "https://learn.microsoft.com/en-us/azure/logic-apps/single-tenant-overview-compare",
-            "service": "IoT Hub DPS",
-            "services": [
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "Select the right Logic App hosting plan based on your business & SLO requirements",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "Microsoft.Devices/provisioningServices",
-            "checklist": "WAF checklist",
-            "guid": "f6dd7977-1123-4f39-b488-f91415a8430a",
-            "link": "https://learn.microsoft.com/en-us/azure/logic-apps/set-up-zone-redundancy-availability-zones?tabs=standard#next-steps",
-            "service": "IoT Hub DPS",
-            "services": [
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "Protect logic apps from region failures with zone redundancy and availability zones",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "Microsoft.Devices/provisioningServices",
-            "checklist": "WAF checklist",
-            "guid": "8aed4fbf-0830-4883-899d-222a154af478",
-            "link": "https://learn.microsoft.com/en-us/azure/logic-apps/business-continuity-disaster-recovery-guidance?toc=%2Fazure%2Freliability%2Ftoc.json&bc=%2Fazure%2Freliability%2Fbreadcrumb%2Ftoc.json",
-            "service": "IoT Hub DPS",
-            "services": [
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "Consider a Cross-Region DR strategy for critical workloads",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "Microsoft.Devices/provisioningServices",
-            "checklist": "WAF checklist",
-            "guid": "da0f033e-d180-4f36-9aa4-c468dba14203",
-            "link": "https://learn.microsoft.com/en-us/azure/app-service/environment/intro",
-            "service": "IoT Hub DPS",
-            "services": [
-                "AppSvc",
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "If deploying to an Isolated environment, use or migrate to App Service Environment (ASE) v3",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "Microsoft.Devices/provisioningServices",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "62711604-c9d1-4b0a-bdb7-5fda54a4f6c1",
-            "link": "https://learn.microsoft.com/en-us/training/modules/deploy-azure-functions/",
-            "service": "IoT Hub DPS",
+            "guid": "d7941d4a-7b6f-458f-8714-2f8f8c059ad4",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-error-handling-policies",
+            "service": "APIM",
             "services": [
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "Leverage Azure DevOps or GitHub to streamline CI/CD and safeguard your Logic App code",
+            "text": "Implement an error handling policy at the global level",
             "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Devices/deviceUpdateServices",
-            "checklist": "WAF checklist",
-            "guid": "0e03f5ee-4648-423c-bb86-7239480f9171",
-            "link": "https://learn.microsoft.com/en-us/azure/iot-dps/iot-dps-ha-dr#high-availability",
-            "service": "Device Update for IoT Hub",
-            "services": [
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "Leverage Availability Zones if regionally applicable (this is automatically enabled).",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "Microsoft.Devices/deviceUpdateServices",
-            "checklist": "WAF checklist",
-            "guid": "c0c273bd-00ad-419a-9f2f-fc72fb181e55",
-            "link": "https://learn.microsoft.com/en-us/azure/iot-dps/iot-dps-ha-dr#high-availability",
-            "service": "Device Update for IoT Hub",
-            "services": [
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "Be aware of Microsoft-initiated failovers. These are exercised by Microsoft in rare situations to fail over all the DPS instances from an affected region to the corresponding geo-paired region.",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "Microsoft.Devices/deviceUpdateServices",
-            "checklist": "WAF checklist",
-            "guid": "3af8abe6-07eb-4287-b393-6c4abe3702eb",
-            "link": "https://learn.microsoft.com/en-us/azure/logic-apps/business-continuity-disaster-recovery-guidance?toc=%2Fazure%2Freliability%2Ftoc.json&bc=%2Fazure%2Freliability%2Fbreadcrumb%2Ftoc.json",
-            "service": "Device Update for IoT Hub",
-            "services": [
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "Consider a Cross-Region DR strategy for critical workloads",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "Microsoft.Devices/deviceUpdateServices",
-            "checklist": "WAF checklist",
-            "guid": "bd91245c-fe32-4e98-a085-794a40f4bfe1",
-            "link": "https://learn.microsoft.com/en-us/azure/app-service/environment/intro",
-            "service": "Device Update for IoT Hub",
-            "services": [
-                "AppSvc",
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "If deploying to an Isolated environment, use or migrate to App Service Environment (ASE) v3",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "Microsoft.Web/sites",
-            "checklist": "WAF checklist",
-            "guid": "3b7a56de-5020-4642-b3cb-c976e80b6d6d",
-            "link": "https://learn.microsoft.com/azure/logic-apps/single-tenant-overview-compare",
-            "service": "Logic Apps",
-            "services": [
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "Select the right Logic App hosting plan based on your business & SLO requirements",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "Microsoft.Web/sites",
-            "checklist": "WAF checklist",
-            "guid": "3d7008bd-6bc1-4b03-8aa8-ec2a3b55786a",
-            "link": "https://learn.microsoft.com/azure/logic-apps/set-up-zone-redundancy-availability-zones?tabs=standard#next-steps",
-            "service": "Logic Apps",
-            "services": [
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "Protect logic apps from region failures with zone redundancy and availability zones",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "Microsoft.Web/sites",
-            "checklist": "WAF checklist",
-            "guid": "1cda768f-a206-445d-8234-56f6a6e7286e",
-            "link": "https://learn.microsoft.com/azure/logic-apps/business-continuity-disaster-recovery-guidance?toc=%2Fazure%2Freliability%2Ftoc.json&bc=%2Fazure%2Freliability%2Fbreadcrumb%2Ftoc.json",
-            "service": "Logic Apps",
-            "services": [
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "Consider a Cross-Region DR strategy for critical workloads",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "Microsoft.Web/sites",
-            "checklist": "WAF checklist",
-            "guid": "82118ec5-ed6f-4c68-9471-eb0da98a1b34",
-            "link": "https://learn.microsoft.com/azure/app-service/environment/intro",
-            "service": "Logic Apps",
-            "services": [
-                "AppSvc",
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "If deploying to an Isolated environment, use or migrate to App Service Environment (ASE) v3",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "Microsoft.Web/sites",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "74275fa5-9e08-4c7e-b096-13b538fe1501",
-            "link": "https://learn.microsoft.com/training/modules/deploy-azure-functions/",
-            "service": "Logic Apps",
+            "guid": "0b0c0765-ff37-4369-90bd-3eb23ce71b08",
+            "link": "https://learn.microsoft.com/azure/api-management/set-edit-policies?tabs=form#use-base-element-to-set-policy-evaluation-order",
+            "service": "APIM",
             "services": [
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "Leverage Azure DevOps or GitHub to streamline CI/CD and safeguard your Logic App code",
+            "text": "Ensure all APIs policies include a <base/> element.",
             "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.BotService/botServices",
-            "checklist": "WAF checklist",
-            "guid": "6ad48408-ee72-4734-a476-ba28fdcf590c",
-            "link": "https://learn.microsoft.com/en-us/azure/reliability/reliability-bot",
-            "service": "Bot service",
-            "services": [
-                "WAF"
-            ],
-            "severity": "Medium",
-            "text": "Follow reliability support recommendations in Azure Bot Service",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "Microsoft.BotService/botServices",
-            "checklist": "WAF checklist",
-            "guid": "e65de8e1-3f9c-4cbd-9682-66abca264f9a",
-            "link": "https://learn.microsoft.com/en-us/azure/bot-service/bot-builder-concept-regionalization",
-            "service": "Bot service",
-            "services": [
-                "WAF"
-            ],
-            "severity": "Medium",
-            "text": "Deploying bots with local data residency and regional compliance",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "Microsoft.BotService/botServices",
-            "checklist": "WAF checklist",
-            "guid": "19bfe9d5-5d04-4c3c-9919-ca1b2d1215ae",
-            "link": "https://learn.microsoft.com/en-us/azure/reliability/reliability-bot#cross-region-disaster-recovery-in-multi-region-geography",
-            "service": "Bot service",
-            "services": [
-                "WAF"
-            ],
-            "severity": "Medium",
-            "text": "Azure Bot Service runs in active-active mode for both global and regional services. When an outage occurs, you don't need to detect errors or manage the service. Azure Bot Service automatically performs auto failover and auto recovery in a multi-region geographical architecture. For the EU bot regional service, Azure Bot Service provides two full regions inside Europe with active/active replication to ensure redundancy. For the global bot service, all available regions/geographies can be served as the global footprint.",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "microsoft.documentdb/databaseAccounts",
-            "checklist": "WAF checklist",
-            "guid": "43e52f47-22d9-428c-8b1c-d521e54a29a9",
-            "link": "https://github.com/Azure/fta-resiliencyplaybooks/blob/main/pass-foundations-playbooks-CosmosDB_v1.docx",
-            "service": "CosmosDB",
-            "services": [
-                "WAF"
-            ],
-            "severity": "Medium",
-            "text": "FTA Resiliency Playbook",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "microsoft.documentdb/databaseAccounts",
-            "checklist": "WAF checklist",
-            "guid": "de39ac0e-7c28-4dc9-9565-7202bff4564b",
-            "link": "https://learn.microsoft.com/azure/cosmos-db/high-availability#slas",
-            "service": "CosmosDB",
-            "services": [
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "Leverage Availablity Zones where regionally applicable and ofcourse if the service offers it",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "microsoft.documentdb/databaseAccounts",
-            "checklist": "WAF checklist",
-            "guid": "0d934a34-8b26-43e7-bd60-513a3649906e",
-            "link": "https://learn.microsoft.com/azure/cosmos-db/high-availability#replica-outages",
-            "service": "CosmosDB",
-            "services": [
-                "WAF"
-            ],
-            "severity": "Medium",
-            "text": "Run multiple replicas of the database (>1 ) in Prod",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "microsoft.documentdb/databaseAccounts",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "description": "Multi-region writes capability allows you to take advantage of the provisioned throughput for your databases and containers across the globe",
-            "guid": "bad38ead-53cc-47de-8d8a-aab3571449ab",
-            "link": "https://learn.microsoft.com/azure/cosmos-db/high-availability#multiple-write-regions",
-            "service": "CosmosDB",
+            "guid": "a5c45b03-93b6-42fe-b16b-8fccb6a79902",
+            "link": "https://learn.microsoft.com/azure/api-management/policy-fragments",
+            "service": "APIM",
             "services": [
                 "ACR",
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "Leverage Multi-Region Writes",
-            "waf": "Reliability"
+            "text": "Use Policy Fragments to avoid repeating same policies definitions across multiple APIs",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.documentdb/databaseAccounts",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "description": "Span Cosmos account across two or more regions with multi-region writes",
-            "guid": "8153d89f-89dc-47b3-9be2-b1a27f7b9e91",
-            "link": "https://learn.microsoft.com/azure/cosmos-db/high-availability#slas",
-            "service": "CosmosDB",
+            "guid": "c3818a95-6ff3-4474-88dc-e809b46dad6a",
+            "link": "https://learn.microsoft.com/azure/api-management/monetization-support",
+            "service": "APIM",
             "services": [
-                "ACR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Distribute your data globally",
-            "waf": "Reliability"
+            "text": "If you are planning to monetize your APIs, review the 'monetization support' article for best practices",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.documentdb/databaseAccounts",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "description": "Choose from various consistency levels such as Eventual, Consistent Prefix, Session, Bounded Staleness and strong",
-            "guid": "9f8ea848-25ec-4140-bc32-2758e6ee9ac0",
-            "link": "https://learn.microsoft.com/azure/cosmos-db/consistency-levels",
-            "service": "CosmosDB",
+            "guid": "a7d0840a-c8c4-4e83-adec-5ca578eb4049",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-use-azure-monitor#resource-logs",
+            "service": "APIM",
             "services": [
+                "Monitor",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Choose from several well-defined consistency models",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "microsoft.documentdb/databaseAccounts",
-            "checklist": "WAF checklist",
-            "description": "Maintain business continuity during regional outages. Azure Cosmos DB supports service-managed failover during a regional outage. During a regional outage, Azure Cosmos DB continues to maintain its latency, availability, consistency, and throughput SLAs. To help make sure that your entire application is highly available, Azure Cosmos DB offers a manual failover API to simulate a regional outage. By using this API, you can carry out regular business continuity drills.",
-            "guid": "a47e4d1e-bb79-43f9-bf87-69e1032b72fe",
-            "link": "https://learn.microsoft.com/azure/cosmos-db/how-to-manage-database-account#automatic-failover",
-            "service": "CosmosDB",
-            "services": [
-                "CosmosDB",
-                "WAF"
-            ],
-            "severity": "Medium",
-            "text": "Enable Service managed failover",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "microsoft.documentdb/databaseAccounts",
-            "checklist": "WAF checklist",
-            "description": "Azure Cosmos DB automatically takes backups of your data at regular intervals. The automatic backups are taken without affecting the performance or availability of the database operations. All the backups are stored separately in a storage service.",
-            "guid": "3499c9c1-133d-42f7-a4b1-a5bd06ff1a90",
-            "link": "https://learn.microsoft.com/azure/cosmos-db/online-backup-and-restore",
-            "service": "CosmosDB",
-            "services": [
-                "Backup",
-                "Storage",
-                "CosmosDB",
-                "WAF"
-            ],
-            "severity": "Medium",
-            "text": "Enable Automatic Backups",
-            "training": "https://learn.microsoft.com/learn/modules/explore-basic-services-identity-types/",
-            "waf": "Reliability"
-        },
-        {
-            "arm-service": "microsoft.documentdb/databaseAccounts",
-            "checklist": "WAF checklist",
-            "description": "This mode is the default backup mode for all existing accounts. In this mode, backup is taken at a periodic interval and the data is restored by creating a request with the support team. In this mode, you configure a backup interval and retention for your account. The maximum retention period extends to a month. The minimum backup interval can be one hour.",
-            "guid": "a6eb33f6-005c-4d92-9286-7655672d6121",
-            "link": "https://learn.microsoft.com/azure/cosmos-db/periodic-backup-restore-introduction",
-            "service": "CosmosDB",
-            "services": [
-                "Backup",
-                "WAF"
-            ],
-            "severity": "Medium",
-            "text": "Perform Periodic Backups",
-            "training": "https://learn.microsoft.com/learn/paths/manage-identity-and-access/",
-            "waf": "Reliability"
+            "text": "Enable Diagnostics Settings to export logs to Azure Monitor",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.documentdb/databaseAccounts",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "description": "Continous 7 day retention and 30 day retention backups. Azure Cosmos DB performs data backup in the background without consuming any extra provisioned throughput (RUs) or affecting the performance and availability of your database. Continuous backups are taken in every region where the account exists.",
-            "guid": "d43918a8-cd28-49be-b6b1-7cb8245461e1",
-            "link": "https://learn.microsoft.com/azure/cosmos-db/continuous-backup-restore-introduction",
-            "service": "CosmosDB",
+            "guid": "8691fa38-45ed-4299-a247-fecd98d35deb",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-app-insights",
+            "service": "APIM",
             "services": [
-                "Backup",
-                "CosmosDB",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Continous Backup with point-in-time restore in Azure Cosmos DB",
-            "training": "https://learn.microsoft.com/learn/modules/create-custom-azure-roles-with-rbac/",
-            "waf": "Reliability"
+            "text": "Enable Application Insights for more detailed telemetry",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Search/searchServices",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "41faa1ed-b7f0-447d-8cba-4a4905e5bb83",
-            "link": "https://learn.microsoft.com/azure/search/search-reliability#high-availability",
-            "service": "Cognitive Search",
+            "guid": "55fd27bb-76ac-4a91-bc37-049e885be6b7",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-use-azure-monitor",
+            "service": "APIM",
             "services": [
+                "Monitor",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Enable 2 replicas to have 99.9% availability for read operations",
-            "waf": "Reliability"
+            "text": "Configure alerts on the most critical metrics",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Search/searchServices",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "7d956fd9-788a-4845-9b9f-c0340972d810",
-            "link": "https://learn.microsoft.com/azure/search/search-reliability#high-availability",
-            "service": "Cognitive Search",
+            "guid": "39460bdb-156f-4dc2-a87f-1e8c11ab0998",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#certificate-management-in-azure-key-vault",
+            "service": "APIM",
             "services": [
-                "WAF"
+                "WAF",
+                "AKV"
             ],
-            "severity": "Medium",
-            "text": "Enable 3 replicas to have 99.9% availability for read/write operations",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Ensure that custom SSL certificates are stored an Azure Key Vault so they can be securely accessed and updated",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Search/searchServices",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "44dc5f2b-a032-4d03-aae8-90c3f2c0a4c3",
-            "link": "https://learn.microsoft.com/azure/search/search-reliability#availability-zone-support",
-            "service": "Cognitive Search",
+            "guid": "e9217997-5f6c-479d-8576-8f2adf706ec8",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#azure-ad-authentication-required-for-data-plane-access",
+            "service": "APIM",
             "services": [
+                "Entra",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Leverage Availability Zones by enabling read and/or write replicas",
-            "waf": "Reliability"
+            "text": "Protect incoming requests to APIs (data plane) with Azure AD",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Search/searchServices",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "cd0730f0-0ff1-4b77-9a2b-2a1f7dd5e291",
-            "link": "https://learn.microsoft.com/azure/search/search-reliability#multiple-services-in-separate-geographic-regions",
-            "service": "Cognitive Search",
+            "guid": "5e5f64ba-c90e-480e-8888-398d96cf0bfb",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-aad",
+            "service": "APIM",
             "services": [
-                "ACR",
+                "Entra",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "For regional redudancy, Manually create services in 2 or more regions for Search as it doesn't provide an automated method of replicating search indexes across geographic regions",
-            "waf": "Reliability"
+            "text": "Use Microsoft Entra ID to authenticate users in the Developer Portal",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Search/searchServices",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "3c964882-aec9-4d44-9f68-4b5f2efbbdb6",
-            "link": "https://learn.microsoft.com/azure/search/search-reliability#synchronize-data-across-multiple-services",
-            "service": "Cognitive Search",
+            "guid": "f8e574ce-280f-49c8-b2ef-68279b081cf3",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-create-groups",
+            "service": "APIM",
             "services": [
-                "ACR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "To synchronize data across multiple services either Use indexers for updating content on multiple services or Use REST APIs for pushing content updates on multiple services",
-            "waf": "Reliability"
+            "text": "Create appropriate groups to control the visibility of the products",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Search/searchServices",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "85ee93c9-f53c-4803-be51-e6e4aa37ff4e",
-            "link": "https://learn.microsoft.com/azure/search/search-reliability#use-azure-traffic-manager-to-coordinate-requests",
-            "service": "Cognitive Search",
+            "guid": "06862505-2d9a-4874-9491-2837b00a3475",
+            "link": "https://learn.microsoft.com/azure/api-management/backends",
+            "service": "APIM",
             "services": [
-                "TrafficManager",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use Azure Traffic Manager to coordinate requests",
-            "waf": "Reliability"
+            "text": "Use Backends feature to eliminate redundant API backend configurations",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Search/searchServices",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "7be10278-57c1-4a61-8ee3-895aebfec5aa",
-            "link": "https://learn.microsoft.com/azure/search/search-reliability#back-up-and-restore-alternatives",
-            "service": "Cognitive Search",
+            "guid": "03b125d5-b69b-4739-b7fd-84b86da4933e",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-properties?tabs=azure-portal",
+            "service": "APIM",
             "services": [
-                "Storage",
-                "Backup",
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "High",
-            "text": "Backup and Restore an Azure Cognitive Search Index. Use this sample code to back up index definition and snapshot to a series of Json files",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Use Named Values to store common values that can be used in policies",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "21c30d25-ffb7-4f6a-b9ea-b3fec328f787",
-            "link": "https://github.com/Azure/fta-resiliencyplaybooks/blob/main/paas-foundations-playbooks-cog_svcs_v1.docx",
-            "service": "Cognitive Services",
+            "guid": "beae759e-4ddb-4326-bf26-47f87d3454b6",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-deploy-multi-region",
+            "service": "APIM",
             "services": [
+                "ACR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Leverage FTA HandBook for Cognitive Services",
+            "text": "For DR, leverage the premium tier with deployments scaled across two or more regions for 99.99% SLA",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "78c34698-16b2-4763-aefe-1b9b599de0d5",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/concepts/advanced-prompt-engineering?pivots=programming-language-chat-completions",
-            "service": "Cognitive Services",
+            "guid": "9c8d1664-dd9a-49d4-bd83-950af0af4044",
+            "link": "https://learn.microsoft.com/azure/api-management/high-availability",
+            "service": "APIM",
             "services": [
-                "Backup",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Backup Your Prompts",
+            "text": "Deploy at least one unit in two or more availability zones for an increased SLA of 99.99%",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "750ab2ab-039d-4a6d-95d7-c892adb107d5",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/business-continuity-disaster-recovery",
-            "service": "Cognitive Services",
+            "guid": "8d2db6e8-85c6-4118-a52c-ae76a4f27934",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#service-native-backup-capability",
+            "service": "APIM",
             "services": [
-                "ASR",
-                "WAF"
+                "WAF",
+                "Backup"
             ],
             "severity": "High",
-            "text": "Business Continuity and Disaster Recovery (BCDR) considerations with Azure OpenAI Service",
+            "text": "Ensure there is an automated backup routine",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "325af625-ca44-4e46-a5e2-223ace8bb123",
-            "link": "https://github.com/abacaj/chatgpt-backup#backup-your-chatgpt-conversations",
-            "service": "Cognitive Services",
+            "guid": "43e60b94-7bca-43a2-aadf-efb04d63a485",
+            "link": "https://learn.microsoft.com/azure/api-management/retry-policy",
+            "service": "APIM",
             "services": [
-                "Backup",
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "Backup Your ChatGPT conversations",
+            "text": "Use Policies to add a fail-over backend URL and caching to reduce failing calls.",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "07ca5f17-f154-4e3a-a369-2829e7e31618",
-            "link": "https://learn.microsoft.com/azure/ai-services/speech-service/how-to-custom-speech-continuous-integration-continuous-deployment",
-            "service": "Cognitive Services",
+            "guid": "8210699f-8d43-45c2-8f19-57e54134bd8f",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-log-event-hubs",
+            "service": "APIM",
             "services": [
-                "WAF"
+                "EventHubs",
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Medium",
-            "text": "CI/CD for custom speech",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "If you need to log at high performance levels, consider Event Hubs policy",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "3687a046-7a1f-4893-9bda-43324f248116",
-            "link": "https://learn.microsoft.com/azure/ai-services/qnamaker/tutorials/export-knowledge-base",
-            "service": "Cognitive Services",
+            "guid": "121bfc39-fa7b-4096-b93b-ab56c1bc0bed",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-sample-flexible-throttling",
+            "service": "APIM",
             "services": [
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Low",
-            "text": "Move a knowledge base using export-import",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Apply throttling policies to control the number of requests per second",
+            "training": "https://learn.microsoft.com/training/modules/protect-apis-on-api-management/",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.App/containerApps",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "af416482-663c-4ed6-b195-b44c7068e09c",
-            "link": "https://learn.microsoft.com/azure/reliability/reliability-azure-container-apps?tabs=azure-cli#availability-zone-support",
-            "service": "Container Apps",
+            "guid": "bb5f356b-3daf-47a2-a9ee-867a8100bbd5",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-autoscale",
+            "service": "APIM",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Leverage Availability Zones if regionally applicable",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Configure autoscaling to scale out the number of instances when the load increases",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.App/containerApps",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "95bc80ec-6499-4d14-a7d2-7d296b1d8abc",
-            "link": "https://learn.microsoft.com/azure/reliability/reliability-azure-container-apps?tabs=azure-cli#set-up-zone-redundancy-in-your-container-apps-environment",
-            "service": "Container Apps",
+            "guid": "84b94abb-59b6-4b9d-8587-3413669468e8",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-provision-self-hosted-gateway",
+            "service": "APIM",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use more than one replica and enable Zone Redundancy.",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Deploy self-hosted gateways where Azure doesn't have a region close to the backend APIs.",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.App/containerApps",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "ccaa4fc2-fdbc-4432-8bb7-f7e6469e4dc3",
-            "link": "https://learn.microsoft.com/azure/reliability/reliability-azure-container-apps?tabs=azure-cli#cross-region-disaster-recovery-and-business-continuity",
-            "service": "Container Apps",
+            "guid": "1fe8db45-a017-4888-8c4d-4422583cfae0",
+            "link": "https://learn.microsoft.com/azure/api-management/upgrade-and-scale#upgrade-and-scale",
+            "service": "APIM",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "For cross-region DR, deploy container apps in multiple regions and follow active/active or active/passive application guidance.",
+            "severity": "Medium",
+            "text": "Use the premium tier for production workloads.",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.App/containerApps",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "2ffada86-c031-4933-bf7d-0c45bc4e5919",
-            "link": "https://learn.microsoft.com/azure/reliability/reliability-azure-container-apps?tabs=azure-cli#cross-region-disaster-recovery-and-business-continuity",
-            "service": "Container Apps",
+            "guid": "1b8d68a4-66cd-44d5-ba94-3ee94440e8d6",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-deploy-multi-region#-route-api-calls-to-regional-backend-services",
+            "service": "APIM",
             "services": [
-                "TrafficManager",
-                "FrontDoor",
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "High",
-            "text": "Use Front Door or Traffic Manager to route traffic to the closest region",
+            "severity": "Medium",
+            "text": "In multi-region model, use Policies to route the requests to regional backends based on availability or latency.",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Web/sites",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "4238f409-2ea0-43be-a06b-2a993c98aa7b",
-            "link": "https://learn.microsoft.com/en-us/azure/azure-functions/functions-scale#overview-of-plans",
-            "service": "Azure Functions",
+            "guid": "46f07d33-ef9a-44e8-8f98-67c097c5d8cd",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits#api-management-limits",
+            "service": "APIM",
             "services": [
-                "WAF"
+                "Entra",
+                "WAF",
+                "APIM"
             ],
             "severity": "High",
-            "text": "Select the right Function hosting plan based on your business & SLO requirements",
+            "text": "Be aware of APIM's limits",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Web/sites",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "a9808100-d640-4f77-ac56-1ec0600f6752",
-            "link": "https://learn.microsoft.com/en-us/azure/azure-functions/functions-scale#overview-of-plans",
-            "service": "Azure Functions",
+            "guid": "10f58602-f0f9-4d77-972a-956f6e0f2600",
+            "link": "https://learn.microsoft.com/en-us/azure/api-management/self-hosted-gateway-overview",
+            "service": "APIM",
             "services": [
                 "WAF"
             ],
             "severity": "High",
-            "text": "Leverage Availability Zones where regionally applicable (not available for Consumption tier)",
+            "text": "Ensure that the self-hosted gateway deployments are resilient.",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Web/sites",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "5969d03e-eacf-4042-b127-73c55e3575fa",
-            "link": "https://learn.microsoft.com/en-us/azure/reliability/reliability-functions?tabs=azure-portal#cross-region-disaster-recovery-and-business-continuity",
-            "service": "Azure Functions",
+            "guid": "7519e385-a88b-4d34-966b-6269d686e890",
+            "link": "https://learn.microsoft.com/azure/api-management/front-door-api-management",
+            "service": "APIM",
             "services": [
-                "WAF"
+                "Entra",
+                "FrontDoor",
+                "WAF",
+                "APIM"
             ],
             "severity": "Medium",
-            "text": "Consider a Cross-Region DR strategy for critical workloads",
-            "waf": "Reliability"
+            "text": "Use Azure Front Door in front of APIM for multi-region deployment",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.Web/sites",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "47a0aae0-d8a0-43b1-9791-e934dee3754c",
-            "link": "https://learn.microsoft.com/en-us/azure/app-service/environment/intro",
-            "service": "Azure Functions",
+            "guid": "cd45c90e-7690-4753-930b-bf290c69c074",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#virtual-network-integration",
+            "service": "APIM",
             "services": [
-                "AppSvc",
+                "VNet",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "If deploying to an Isolated environment, use or migrate to App Service Environment (ASE) v3",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Deploy the service within a Virtual Network (VNet)",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Web/sites",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "17232891-f89f-4eaa-90f1-3b34bf798ed5",
-            "link": "https://learn.microsoft.com/en-us/azure/azure-functions/dedicated-plan#always-on",
-            "service": "Azure Functions",
+            "guid": "02661582-b3d1-48d1-9d7b-c6a918a0ca33",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#network-security-group-support",
+            "service": "APIM",
             "services": [
-                "AppSvc",
-                "WAF"
+                "Monitor",
+                "Entra",
+                "VNet",
+                "WAF",
+                "APIM"
             ],
-            "severity": "High",
-            "text": "Ensure 'Always On' is enabled for all Function Apps running on App Service Plan",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Deploy network security groups (NSG) to your subnets to restrict or monitor traffic to/from APIM.",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Web/sites",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "40a325c2-7c0e-49e6-86d8-c273b4dc21ba",
-            "link": "https://learn.microsoft.com/en-us/azure/azure-functions/storage-considerations?tabs=azure-cli#shared-storage-accounts",
-            "service": "Azure Functions",
+            "guid": "67437a28-2721-4a2c-becd-caa54c8237a5",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#azure-private-link",
+            "service": "APIM",
             "services": [
-                "Storage",
-                "WAF"
+                "Entra",
+                "VNet",
+                "WAF",
+                "APIM",
+                "PrivateLink"
             ],
             "severity": "Medium",
-            "text": "Pair a Function App to its own storage account. Try not to re-use storage accounts for Function Apps unless they are tightly coupled",
-            "waf": "Reliability"
+            "text": "Deploy Private Endpoints to filter incoming traffic when APIM is not deployed to a VNet.",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Web/sites",
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "bb42650c-257d-4cb0-822a-131138b8e6f0",
-            "link": "https://learn.microsoft.com/en-us/training/modules/deploy-azure-functions/",
-            "service": "Azure Functions",
+            "guid": "d698adbd-3288-44cb-b10a-9b572da395ae",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#disable-public-network-access",
+            "service": "APIM",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Leverage Azure DevOps or GitHub to streamline CI/CD and safeguard your Function App code",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Disable Public Network Access",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "4620dc87-e948-4ce8-8426-f3e6e5d7bd85",
-            "link": "https://learn.microsoft.com/azure/sap/center-sap-solutions/overview",
-            "service": "SAP",
+            "guid": "0674d750-0c6f-4ac0-8717-ceec04d0bdbd",
+            "link": "https://learn.microsoft.com/azure/api-management/automation-manage-api-management",
+            "service": "APIM",
             "services": [
-                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Azure Center for SAP solutions (ACSS) is an Azure offering that makes SAP a top-level workload on Azure. ACSS is an end-to-end solution that enables you to create and run SAP systems as a unified workload on Azure and provides a more seamless foundation for innovation. You can take advantage of the management capabilities for both new and existing Azure-based SAP systems.",
-            "training": "https://learn.microsoft.com/training/modules/explore-azure-center-sap-solutions/?source=recommendations",
+            "text": "Simplify management with PowerShell automation scripts",
             "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "5d75e99d-624d-4afe-91d9-e17adc580790",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-platform-automation-and-devops",
-            "service": "SAP",
+            "guid": "c385bfcd-49fd-4786-81ba-cedbb4c57345",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/app-platform/api-management/platform-automation-and-devops#design-recommendations",
+            "service": "APIM",
             "services": [
-                "SAP",
-                "WAF"
+                "Entra",
+                "WAF",
+                "APIM"
             ],
             "severity": "Medium",
-            "text": "Azure supports automating SAP deployments in Linux and Windows. SAP Deployment Automation Framework is an open-source orchestration tool that can deploy, install, and maintain SAP environments.",
-            "training": "https://github.com/Azure/sap-automation",
+            "text": "Configure APIM via Infrastructure-as-code. Review DevOps best practices from the Cloud Adaption Framework APIM Landing Zone Accelerator",
             "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "d17f6f39-a377-48a2-931f-5ead3ebe33a8",
-            "link": "https://learn.microsoft.com/azure/well-architected/sap/design-areas/data-platform",
-            "service": "SAP",
+            "guid": "6c3a27c0-197f-426c-9ffa-86fed51d9ab6",
+            "link": "https://learn.microsoft.com/azure/api-management/visual-studio-code-tutorial",
+            "service": "APIM",
             "services": [
-                "SAP",
-                "WAF"
+                "Entra",
+                "WAF",
+                "APIM"
             ],
             "severity": "Medium",
-            "text": "Perform a point-in-time recovery for your production databases at any point and in a time frame that meets your RTO; point-in-time recovery typically includes operator errors deleting data either on the DBMS layer or through SAP, incidentally",
-            "waf": "Reliability"
+            "text": "Promote usage of Visual Studio Code APIM extension for faster API development",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "c4b8e117-930b-4dbd-ae50-7bc5faf6f91a",
-            "service": "SAP",
+            "guid": "354f1c03-8112-4965-85ad-c0074bddf231",
+            "link": "https://learn.microsoft.com/azure/api-management/devops-api-development-templates",
+            "service": "APIM",
             "services": [
-                "Backup",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Test the backup and recovery times to verify that they meet your RTO requirements for restoring all systems simultaneously after a disaster.",
-            "waf": "Reliability"
-        },
-        {
-            "checklist": "WAF checklist",
-            "guid": "b651423c-8552-42db-a545-5cb50c05527a",
-            "link": "https://learn.microsoft.com/azure/reliability/cross-region-replication-azure",
-            "service": "SAP",
-            "services": [
-                "Backup",
-                "SQL",
-                "Storage",
-                "ASR",
-                "SAP",
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "You can replicate standard storage between paired regions, but you can't use standard storage to store your databases or virtual hard disks. You can replicate backups only between paired regions that you use. For all your other data, run your replication by using native DBMS features like SQL Server Always On or SAP HANA System Replication. Use a combination of Site Recovery, rsync or robocopy, and other third-party software for the SAP application layer.",
-            "training": "https://learn.microsoft.com/training/paths/ensure-business-continuity-implement-disaster-recovery/",
-            "waf": "Reliability"
+            "text": "Implement DevOps and CI/CD in your workflow",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "aa208dca-784f-46c6-9014-cc919c542dc9",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-zones",
-            "service": "SAP",
+            "guid": "b6439493-426a-45f3-9697-cf65baee208d",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-mutual-certificates-for-clients",
+            "service": "APIM",
             "services": [
-                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "When using Azure Availability Zones to achieve high availability, you must consider latency between SAP application servers and database servers. For zones with high latencies, operational procedures need to be in place to ensure that SAP application servers and database servers are running in the same zone at all times.",
-            "training": "https://learn.microsoft.com/training/modules/implement-high-availability-for-sap-workloads-azure/?source=recommendations",
-            "waf": "Reliability"
-        },
-        {
-            "checklist": "WAF checklist",
-            "guid": "ba07c007-1f90-43e9-aa4f-601346b80352",
-            "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering",
-            "service": "SAP",
-            "services": [
-                "VPN",
-                "ASR",
-                "ExpressRoute",
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "Set up ExpressRoute connections from on-premises to the primary and secondary Azure disaster recovery regions. Also, as an alternative to using ExpressRoute, consider setting up VPN connections from on-premises to the primary and secondary Azure disaster recovery regions.",
-            "training": "https://learn.microsoft.com/azure/expressroute/use-s2s-vpn-as-backup-for-expressroute-privatepeering",
-            "waf": "Reliability"
+            "text": "Secure APIs using client certificate authentication",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "d2b30195-b11d-4a8f-a672-28b2b4169a7c",
-            "link": "https://learn.microsoft.com/azure/key-vault/general/disaster-recovery-guidance",
-            "service": "SAP",
+            "guid": "2a67d143-1033-4c0a-8732-680896478f08",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-mutual-certificates",
+            "service": "APIM",
             "services": [
-                "AKV",
-                "ACR",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Replicate key vault contents like certificates, secrets, or keys across regions so you can decrypt data in the DR region.",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Secure backend services using client certificate authentication",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "05f1101d-250f-40e7-b2a1-b674ab50edbd",
-            "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-s4hana",
-            "service": "SAP",
+            "guid": "074435f5-4a46-41ac-b521-d6114cb5d845",
+            "link": "https://learn.microsoft.com/azure/api-management/mitigate-owasp-api-threats",
+            "service": "APIM",
             "services": [
-                "VNet",
-                "SAP",
-                "ASR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Peer the primary and disaster recovery virtual networks. For example, for HANA System Replication, an SAP HANA DB virtual network needs to be peered to the disaster recovery site's SAP HANA DB virtual network.",
-            "waf": "Reliability"
+            "text": "Review 'Recommendations to mitigate OWASP API Security Top 10 threats' article and check what is applicable to your APIs",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "d3351bf7-628a-46de-917d-dfc11d3b6b40",
-            "link": "https://learn.microsoft.com/azure/azure-netapp-files/azure-netapp-files-service-levels",
-            "service": "SAP",
+            "guid": "5507c4b8-a7f8-41d6-9661-418c987100c9",
+            "link": "https://learn.microsoft.com/azure/api-management/authorizations-overview",
+            "service": "APIM",
             "services": [
-                "SAP",
-                "Storage",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "If you use Azure NetApp Files storage for your SAP deployments, at a minimum, create two Azure NetApp Files accounts in the Premium tier, in two regions.",
-            "training": "https://learn.microsoft.com/training/modules/choose-service-level-azure-netapp-files-hpc-applications/2-identify-decision-criteria",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Use Authorizations feature to simplify management of OAuth 2.0 token for your backend APIs",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "726a1d3e-5508-4a06-9d54-93f4b50040c1",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/disaster-recovery-sap-guide?tabs=windows",
-            "service": "SAP",
+            "guid": "2deee033-b906-4bc2-9f26-c8d3699fe091",
+            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-manage-protocols-ciphers",
+            "service": "APIM",
             "services": [
                 "WAF"
             ],
             "severity": "High",
-            "text": "Native database replication technology should be used to synchronize the database in a HA pair.",
-            "training": "https://learn.microsoft.com/training/modules/implement-disaster-recovery-for-sap-workloads-azure/?source=recommendations",
-            "waf": "Reliability"
+            "text": "Use the latest TLS version when encrypting information in transit. Disable outdated and unnecessary protocols and ciphers when possible.",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "6561f847-3db5-4ff8-9200-5ad3c3b436ad",
-            "link": "https://learn.microsoft.com/ja-jp/azure/virtual-network/virtual-networks-faq",
-            "service": "SAP",
+            "guid": "f8af3d94-1d2b-4070-846f-849197524258",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#im-8-restrict-the-exposure-of-credential-and-secrets",
+            "service": "APIM",
             "services": [
-                "VNet",
-                "WAF"
+                "WAF",
+                "AKV"
             ],
             "severity": "High",
-            "text": "The CIDR for the primary virtual network (VNet) shouldn't conflict or overlap with the CIDR of the DR site's VNet",
-            "training": "https://learn.microsoft.com/training/paths/azure-fundamentals-describe-azure-architecture-services/?source=recommendations",
-            "waf": "Reliability"
+            "text": "Ensure that secrets (Named values) are stored an Azure Key Vault so they can be securely accessed and updated",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "0258ed30-fe42-434f-87b9-58f91f908e0a",
-            "service": "SAP",
+            "guid": "791abd8b-7706-4e31-9569-afefde724be3",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#managed-identities",
+            "service": "APIM",
             "services": [
                 "Entra",
-                "ASR",
-                "VM",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use Site Recovery to replicate an application server to a DR site. Site Recovery can also help with replicating central-services cluster VMs to the DR site. When you invoke DR, you'll need to reconfigure the Linux Pacemaker cluster on the DR site (for example, replace the VIP or SBD, run corosync.conf, and more).",
-            "training": "https://learn.microsoft.com/training/paths/ensure-business-continuity-implement-disaster-recovery/",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Use managed identities to authenticate to other Azure resources whenever possible",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "WAF checklist",
-            "guid": "8300cb30-766b-4084-b126-0dd8fb1269a1",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-business-continuity-and-disaster-recovery",
-            "service": "SAP",
+            "guid": "220c4ca6-6688-476b-b2b5-425a78e6fb87",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#ns-6-deploy-web-application-firewall",
+            "service": "APIM",
             "services": [
-                "SAP",
-                "WAF"
+                "Entra",
+                "AppGW",
+                "WAF",
+                "APIM"
             ],
             "severity": "High",
-            "text": "Consider the availability of SAP software against single points of failure. This includes single points of failure within applications such as DBMSs utilized in SAP NetWeaver and SAP S/4HANA architectures, SAP ABAP and ASCS + SCS. Also, other tools such as SAP Web Dispatcher.",
-            "training": "https://learn.microsoft.com/training/modules/implement-high-availability-for-sap-workloads-azure/2-explore-high-availability-disaster-recovery-support-azure-for-sap-workloads?source=recommendations",
-            "waf": "Reliability"
+            "text": "Use web application firewall (WAF) by deploying Application Gateway in front of APIM",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AppPlatform/Spring",
             "checklist": "WAF checklist",
-            "guid": "56402f11-ccbe-42c3-a2f6-c6f6f38ab579",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/planning-supported-configurations",
-            "service": "SAP",
+            "guid": "6d8e32a8-3892-479d-a40b-10f6b4f6f298",
+            "link": "https://learn.microsoft.com/azure/spring-apps/concepts-blue-green-deployment-strategies",
+            "service": "Spring Apps",
             "services": [
-                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "For SAP and SAP databases, consider implementing automatic failover clusters. In Windows, Windows Server Failover Clustering supports failover. In Linux, Linux Pacemaker or third-party tools like SIOS Protection Suite and Veritas InfoScale support failover.",
-            "training": "https://learn.microsoft.com/training/modules/implement-ha-sap-netweaver-anydb/?source=recommendations",
+            "severity": "Medium",
+            "text": "Azure Spring Apps permits two deployments for every app, only one of which receives production traffic. You can achieve zero downtime with blue green deployment strategies. Blue green deployment is only available in Standard and Enterprise tiers. You could automate deployment using CI/CD with ADO/GitHub actions",
             "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AppPlatform/Spring",
             "checklist": "WAF checklist",
-            "guid": "afae6bec-2671-49ae-bc69-140b8ec8d320",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/disaster-recovery-sap-guide?tabs=windows",
-            "service": "SAP",
+            "guid": "fbcb40ac-9480-4a6d-bcf4-8081252a6716",
+            "link": "https://learn.microsoft.com/azure/architecture/web-apps/spring-apps/architectures/spring-apps-multi-region",
+            "service": "Spring Apps",
             "services": [
-                "Storage",
-                "VM",
-                "WAF"
+                "TrafficManager",
+                "WAF",
+                "FrontDoor"
             ],
-            "severity": "High",
-            "text": "Azure doesn't support architectures in which the primary and secondary VMs share storage for DBMS data. For the DBMS layer, the common architecture pattern is to replicate databases at the same time and with different storage stacks than the ones that the primary and secondary VMs use.",
-            "training": "https://learn.microsoft.com/training/paths/ensure-business-continuity-implement-disaster-recovery/?source=recommendationshttps%3A%2F%2Flearn.microsoft.com%2Fja-jp%2Ftraining%2Fpaths%2Fensure-business-continuity-implement-disaster-recovery%2F%3Fsource%3Drecommendations",
+            "severity": "Medium",
+            "text": "Azure Spring Apps instances could be created in multiple regions for your applications and traffic could be routed by Traffic Manager/Front Door.",
             "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AppPlatform/Spring",
             "checklist": "WAF checklist",
-            "guid": "ac614e95-6767-4bc3-b8a4-9953533da6ba",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/dbms-guide-general",
-            "service": "SAP",
+            "guid": "ff1ae6a7-9301-4feb-9d11-56cd72f1d4ef",
+            "link": "https://learn.microsoft.com/azure/reliability/reliability-spring-apps",
+            "service": "Spring Apps",
             "services": [
-                "SAP",
-                "Storage",
+                "ACR",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "The DBMS data and transaction/redo log files are stored in Azure supported block storage or Azure NetApp Files. Azure Files or Azure Premium Files isn't supported as storage for DBMS data and/or redo log files with SAP workload.",
-            "training": "https://learn.microsoft.com/training/modules/explore-azure-databases/2-explore-database-support-azure-for-sap-workloads",
+            "severity": "Medium",
+            "text": "In supported region, Azure Spring Apps can be deployed as zone redundant, which means that instances are automatically distributed across availability zones. This feature is only available in Standard and Enterprise tiers.",
             "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AppPlatform/Spring",
             "checklist": "WAF checklist",
-            "guid": "1f737179-8e7f-4e1a-a30c-e5a649a3092b",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/sap-high-availability-guide-wsfc-shared-disk",
-            "service": "SAP",
+            "guid": "ffc735ad-fbb1-4802-b43f-ad6387c4c066",
+            "link": "https://learn.microsoft.com/azure/spring-apps/concept-understand-app-and-deployment",
+            "service": "Spring Apps",
             "services": [
-                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "You can use Azure shared disks in Windows for ASCS + SCS components and specific high-availability scenarios. Set up your failover clusters separately for SAP application layer components and the DBMS layer. Azure doesn't currently support high-availability architectures that combine SAP application layer components and the DBMS layer into one failover cluster.",
-            "training": "https://learn.microsoft.com/training/modules/implement-ha-sap-netweaver-anydb/?source=recommendations",
+            "severity": "Medium",
+            "text": "Use more than 1 app instance for your apps",
             "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AppPlatform/Spring",
             "checklist": "WAF checklist",
-            "guid": "a78b3d31-3170-44f2-b5d7-651a29f4ccf5",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-standard-load-balancer-outbound-connections",
-            "service": "SAP",
+            "guid": "7504c230-6035-4183-95a5-85762acc6075",
+            "link": "https://learn.microsoft.com/azure/spring-apps/diagnostic-services",
+            "service": "Spring Apps",
             "services": [
-                "LoadBalancer",
-                "SAP",
+                "Monitor",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Most failover clusters for SAP application layer components (ASCS) and the DBMS layer require a virtual IP address for a failover cluster.  Azure Load Balancer should handle the virtual IP address for all other cases. One design principle is to use one load balancer per cluster configuration. We recommend that you use the standard version of the load balancer (Standard Load Balancer SKU).",
-            "training": "https://learn.microsoft.com/training/modules/implement-high-availability-for-sap-workloads-azure/?source=recommendations",
+            "severity": "Medium",
+            "text": "Monitor Azure Spring Apps with logs, metrics and tracing. Integrate ASA with application insights and track failures and create workbooks.",
             "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AppPlatform/Spring",
             "checklist": "WAF checklist",
-            "guid": "1a541741-5833-4fb4-ae3c-2df743165c3a",
-            "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-ha-ports-overview?source=recommendations",
-            "service": "SAP",
+            "guid": "1eb48d58-3eec-4ef5-80b0-d2b0dde3f0c6",
+            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-configure-enterprise-spring-cloud-gateway",
+            "service": "Spring Apps",
             "services": [
-                "LoadBalancer",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Make sure the Floating IP is enabled on the Load balancer",
-            "training": "https://learn.microsoft.com/training/modules/load-balancing-non-https-traffic-azure/?source=recommendations",
+            "severity": "Medium",
+            "text": "Set up autoscaling in Spring Cloud Gateway",
             "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AppPlatform/Spring",
             "checklist": "WAF checklist",
-            "guid": "c47cc4f3-f105-452c-845e-9b307b3856c1",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/availability",
-            "service": "SAP",
+            "guid": "97411607-b6fd-4335-99d1-9885faf4e392",
+            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-setup-autoscale",
+            "service": "Spring Apps",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Before you deploy your high-availability infrastructure, and depending on the region you choose, determine whether to deploy with an Azure availability set or an availability zone.",
-            "training": "https://learn.microsoft.com/training/modules/configure-virtual-machine-availability/?source=recommendations",
+            "severity": "Low",
+            "text": "Enable autoscale for the apps with Standard consumption & dedicated plan.",
             "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AppPlatform/Spring",
             "checklist": "WAF checklist",
-            "guid": "844f69c3-07e5-4ec1-bff7-4be27bcf5fea",
-            "link": "https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1",
-            "service": "SAP",
+            "guid": "dfcaffd1-d27c-4ef2-998d-64c1df3a7ac3",
+            "link": "https://learn.microsoft.com/azure/spring-apps/overview",
+            "service": "Spring Apps",
             "services": [
-                "Entra",
-                "SAP",
-                "VM",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "If you want to meet the infrastructure SLAs for your applications for SAP components (central services, application servers, and databases), you must choose the same high availability options (VMs, availability sets, availability zones) for all components.",
+            "severity": "Medium",
+            "text": "Use Enterprise plan for commercial support of spring boot for mission critical apps. With other tiers you get OSS support.",
             "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "cbe05bbe-209d-4490-ba47-778424d11678",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/availability-set-overview",
-            "service": "SAP",
+            "guid": "32e42e36-11c8-418b-8a0b-c510e43a18a9",
+            "service": "AVS",
             "services": [
                 "Entra",
-                "RBAC",
-                "VM",
-                "WAF"
+                "WAF",
+                "Subscriptions"
             ],
             "severity": "High",
-            "text": "Do not mix servers of different roles in the same availability set. Keep central services VMs, database VMs, application VMs in their own availability sets",
-            "training": "https://learn.microsoft.com/training/modules/configure-virtual-machine-availability/?source=recommendations",
-            "waf": "Reliability"
+            "text": "Ensure ADDS domain controller(s) are deployed in the identity subscription in native Azure",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "f2201000-d045-40a6-a79a-d7cdc01b4d86",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/co-location",
-            "service": "SAP",
+            "guid": "75089c20-990d-4927-b105-885576f76fc2",
+            "service": "AVS",
             "services": [
-                "WAF"
+                "WAF",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "You can't deploy Azure availability sets within an Azure availability zone unless you use proximity placement groups.",
-            "training": "https://learn.microsoft.com/azure/sap/workloads/proximity-placement-scenarios",
-            "waf": "Reliability"
+            "text": "Ensure ADDS sites and services is configured to keep authentication requests from Azure-based resources (including Azure VMware Solution) local to Azure",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "9674e7c7-7796-4181-8920-09f4429543ba",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/availability-set-overview",
-            "service": "SAP",
+            "guid": "de3aad1e-7c28-4ec9-9666-b7570449aa80",
+            "service": "AVS",
             "services": [
-                "VM",
                 "WAF"
             ],
             "severity": "High",
-            "text": "When you create availability sets, use the maximum number of fault domains and update domains available. For example, if you deploy more than two VMs in one availability set, use the maximum number of fault domains (three) and enough update domains to limit the effect of potential physical hardware failures, network outages, or power interruptions, in addition to Azure planned maintenance. The default number of fault domains is two, and you can't change it online later.",
-            "training": "https://learn.microsoft.com/training/modules/configure-virtual-machine-availability/?source=recommendations",
-            "waf": "Reliability"
+            "text": "Ensure that vCenter is connected to ADDS to enable authentication based on 'named user accounts'",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "ae4ecb95-b70f-428f-8b9a-4c5b7e3478a2",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/proximity-placement-scenarios",
-            "service": "SAP",
+            "guid": "cd289ced-6b17-4db8-8554-61e2aee3553a",
+            "service": "AVS",
             "services": [
-                "Entra",
-                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "When you use Azure proximity placement groups in an availability set deployment, all three SAP components (central services, application server, and database) should be in the same proximity placement group.",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Ensure that the connection from vCenter to ADDS is using a secure protocol (LDAPS)",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "5d2fa56c-56ad-4484-88fe-72734c486ba2",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/proximity-placement-scenarios",
-            "service": "SAP",
+            "guid": "b9d37dac-43bc-46cd-8d79-a9b24604489a",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "ACR",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use one proximity placement group per SAP SID. Groups don't span across Availability Zones or Azure regions",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "CloudAdmin account in vCenter IdP is used only as an emergency account (break-glass)",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "bca3b10e-0ff5-4aec-ac16-4c4bd1a1c13f",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-business-continuity-and-disaster-recovery",
-            "service": "SAP",
+            "guid": "53d88e89-d17b-473b-82a5-a67e7a9ed5b3",
+            "service": "AVS",
             "services": [
                 "Entra",
-                "SAP",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Use one of the following services to run SAP central services clusters, depending on the operating system.",
-            "training": "https://learn.microsoft.com/training/modules/implement-ha-sap-netweaver-anydb/?source=recommendations",
-            "waf": "Reliability"
+            "text": "Ensure that NSX-Manager is integrated with an external Identity provider (LDAPS)",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "ed46b937-913e-4018-9c62-8393ab037e53",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-suse-multi-sid",
-            "service": "SAP",
+            "guid": "ae0e37ce-e297-411b-b352-caaab79b198d",
+            "service": "AVS",
             "services": [
-                "Entra",
-                "VM",
-                "WAF"
+                "RBAC",
+                "WAF",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "Azure doesn't currently support combining ASCS and DB HA in the same Linux Pacemaker cluster; separate them into individual clusters. However, you can combine up to five multiple central-services clusters into a pair of VMs.",
-            "training": "https://learn.microsoft.com/training/modules/implement-ha-sap-netweaver-anydb/?source=recommendations",
-            "waf": "Reliability"
+            "text": "Has an RBAC model been created for use within VMware vSphere",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "f656e745-0cfb-453e-8008-0528fa21c933",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-business-continuity-and-disaster-recovery",
-            "service": "SAP",
+            "guid": "ab81932c-9fc9-4d1b-a780-36f5e6bfbb9e",
+            "service": "AVS",
             "services": [
-                "Storage",
-                "VM",
+                "RBAC",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Deploy both VMs in the high-availability pair in an availability set or in availability zones. These VMs should be the same size and have the same storage configuration.",
-            "waf": "Reliability"
+            "text": "RBAC permissions should be granted on ADDS groups and not on specific users",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "7f684ebc-95da-425e-b329-e782dbed050f",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-rhel-with-hana-ascs-ers-dialog-instance",
-            "service": "SAP",
+            "guid": "d503547c-c447-4e82-9128-a71f0f1cac6d",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "WAF"
+                "RBAC",
+                "WAF",
+                "AVS"
             ],
-            "severity": "Medium",
-            "text": "Azure supports installing and configuring SAP HANA and ASCS/SCS and ERS instances on the same high availability cluster running on Red Hat Enterprise Linux (RHEL).",
-            "training": "https://learn.microsoft.com/training/modules/implement-ha-sap-netweaver-anydb/?source=recommendations",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "RBAC permissions on the Azure VMware Solution resource in Azure are 'locked down' to a limited set of owners only",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "07991f7d-6598-4d90-9431-45c62605d3a5",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/planning-guide-storage",
-            "service": "SAP",
+            "guid": "fd9f0df4-68dc-4976-b9a9-e6a79f7682c5",
+            "service": "AVS",
             "services": [
-                "Storage",
+                "RBAC",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Run all production systems on Premium managed SSDs and use Azure NetApp Files or Ultra Disk Storage. At least the OS disk should be on the Premium tier so you can achieve better performance and the best SLA.",
-            "training": "https://learn.microsoft.com/training/modules/explore-azure-storage/?source=recommendations",
-            "waf": "Reliability"
+            "text": "Ensure all custom roles are scoped with CloudAdmin permitted authorizations",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "73cdaecc-7d74-48d8-a040-88416eebc98c",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/hana-vm-operations-storage",
-            "service": "SAP",
+            "guid": "9ef1d5e8-32e4-42e3-911c-818b0a0bc510",
+            "link": "https://github.com/Azure/AzureCAT-AVS/tree/main/networking",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "Storage",
-                "WAF"
+                "WAF",
+                "AVS"
             ],
             "severity": "High",
-            "text": "You should run SAP HANA on Azure only on the types of storage that are certified by SAP. Note that certain volumes must be run on certain disk configurations, where applicable. These configurations include enabling Write Accelerator and using Premium storage. You also need to ensure that the file system that runs on storage is compatible with the DBMS that runs on the machine.",
-            "training": "https://learn.microsoft.com/azure/sap/workloads/hana-vm-premium-ssd-v1?source=recommendations",
-            "waf": "Reliability"
+            "text": "Is the correct Azure VMware Solution connectivity model selected for the customer use case at hand",
+            "waf": "Performance"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "51904867-a70e-4fa0-b4ff-3e6292846d7c",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/disaster-recovery-overview-guide#storage",
-            "service": "SAP",
+            "guid": "eb710a37-cbc1-4055-8dd5-a936a8bb7cf5",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "Storage",
-                "ASR",
-                "WAF"
+                "Monitor",
+                "WAF",
+                "NetworkWatcher",
+                "ExpressRoute",
+                "VPN"
             ],
             "severity": "High",
-            "text": "Consider configuring high availability depending on the type of storage you use for your SAP workloads. Some storage services available in Azure are not supported by Azure Site Recovery, so your high availability configuration may differ.",
-            "training": "https://learn.microsoft.com/training/modules/implement-disaster-recovery-for-sap-workloads-azure/2-explore-disaster-recovery-sap-workloads",
-            "waf": "Reliability"
+            "text": "Ensure ExpressRoute or VPN connections from on-premises to Azure are monitored using 'connection monitor'",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "1ac2d928-c9b7-42c6-ba18-23b1aea78693",
-            "link": "https://azure.microsoft.com/ja-jp/explore/global-infrastructure/products-by-region/",
-            "service": "SAP",
+            "guid": "976e24f2-a7f8-426c-9253-2a92a2a7ed99",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "Storage",
-                "WAF"
+                "Monitor",
+                "WAF",
+                "VM",
+                "NetworkWatcher",
+                "ExpressRoute",
+                "AVS"
             ],
-            "severity": "High",
-            "text": "Different native Azure storage services (like Azure Files, Azure NetApp Files, Azure Shared Disk) may not be available in all regions. So to have similar SAP setup on the DR region after failover, ensure the respective storage service is offered in DR site.",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Ensure a connection monitor is created from an Azure native resource to an Azure VMware Solution virtual machine to monitor the Azure VMware Solution back-end ExpressRoute connection",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "925d1f8c-01f3-4a67-948e-aabf0a1fad60",
-            "link": "https://techcommunity.microsoft.com/t5/running-sap-applications-on-the/optimize-your-azure-costs-by-automating-sap-system-start-stop/ba-p/2120675",
-            "service": "SAP",
+            "guid": "f41ce6a0-64f3-4805-bc65-3ab50df01265",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "Cost",
-                "WAF"
+                "Monitor",
+                "WAF",
+                "VM",
+                "NetworkWatcher",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "Automate SAP System Start-Stop to manage costs.",
-            "waf": "Cost"
+            "text": "Ensure a connection monitor is created from an on-premises resource to an Azure VMware Solution virtual machine to monitor end-2-end connectivity",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "71dc00cd-4392-4262-8949-20c05e6c0333",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/hana-vm-premium-ssd-v1",
-            "service": "SAP",
+            "guid": "563b4dc7-4a74-48b6-933a-d1a0916a6649",
+            "service": "AVS",
             "services": [
-                "Storage",
-                "VM",
-                "SAP",
-                "Cost",
-                "WAF"
+                "WAF",
+                "ARS"
             ],
-            "severity": "Low",
-            "text": "In the case of using Azure Premium Storage with SAP HANA, Azure Standard SSD storage can be used to select a cost-conscious storage solution. However, please note that choosing Standard SSD or Standard HDD Azure storage will affect the SLA of the individual VMs. Also, for systems with lower I/O throughput and low latency, such as non-production environments, lower series VMs can be used.",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "When route server is used, ensure no more then 1000 routes are propagated from route server to ExR gateway to on-premises (ARS limit).",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "9877f353-2591-4e8b-8381-e9043fed1010",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/hana-vm-premium-ssd-v1",
-            "service": "SAP",
+            "guid": "6128a71f-0f1c-4ac6-b9ef-1d5e832e42e3",
+            "service": "AVS",
             "services": [
-                "Storage",
-                "VM",
-                "SAP",
-                "Cost",
-                "WAF"
+                "Entra",
+                "RBAC",
+                "WAF",
+                "AVS"
             ],
-            "severity": "Low",
-            "text": "As a lower-cost alternative configuration (multipurpose), you can choose a low-performance SKU for your non-production HANA database server VMs. However, it is important to note that some VM types, such as E-series, are not HANA certified (SAP HANA Hardware Directory) or cannot achieve storage latency of less than 1ms.",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "Is Privileged Identity Management implemented for roles managing the Azure VMware Solution resource in the Azure Portal (no standing permissions allowed)",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "fda1dbf3-dc95-4d48-a7c7-91dca0f6c565",
-            "link": "https://learn.microsoft.com/azure/well-architected/sap/design-areas/security",
-            "service": "SAP",
+            "guid": "c4e2436b-b336-4d71-9f17-960eee0b9b5c",
+            "service": "AVS",
             "services": [
+                "Entra",
                 "RBAC",
-                "Subscriptions",
-                "WAF"
+                "WAF",
+                "AVS"
             ],
             "severity": "High",
-            "text": "Enforce a RBAC model for management groups, subscriptions, resource groups and resources",
-            "training": "https://learn.microsoft.com/training/paths/implement-resource-mgmt-security/",
+            "text": "Privileged Identity Management audit reporting should be implemented for the Azure VMware Solution PIM roles",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "45911475-e39e-4530-accc-d979366bcda2",
-            "link": "https://learn.microsoft.com/azure/active-directory/fundamentals/scenario-azure-first-sap-identity-integration",
-            "service": "SAP",
+            "guid": "78c447a8-26b2-4863-af0f-1cac599ef1d5",
+            "service": "AVS",
             "services": [
                 "Entra",
-                "SAP",
-                "WAF"
+                "WAF",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "Enforce Principal propagation for forwarding the identity from SAP cloud application to SAP on-premises (Including IaaS) through cloud connector",
-            "training": "https://learn.microsoft.com/training/modules/explore-identity-services/2-explore-azure-virtual-machine-auth-access-control",
+            "text": "If using Privileged Identity Management is being used, ensure that a valid Entra ID enabled account is created with a valid SMTP record for Azure VMware Solution Automatic Host replacement notifications. (standing permissions required)",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "750ab1ab-039d-495d-94c7-c8929cb107d5",
-            "link": "https://learn.microsoft.com/azure/active-directory/fundamentals/scenario-azure-first-sap-identity-integration",
-            "service": "SAP",
+            "guid": "8defc4d7-21d3-41d2-90fb-707ae9eab40e",
+            "service": "AVS",
             "services": [
-                "Entra",
-                "SAP",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Implement SSO to SAP SaaS applications like SAP Analytics Cloud, SAP Cloud Platform, Business by design, SAP Qualtrics and SAP C4C with Azure AD using SAML.",
+            "severity": "High",
+            "text": "Limit use of CloudAdmin account to emergency access only",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "325ae525-ba34-4d46-a5e2-213ace7bb122",
-            "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-netweaver-tutorial",
-            "service": "SAP",
+            "guid": "d329f798-bc17-48bd-a5a0-6ca7144351d1",
+            "service": "AVS",
             "services": [
-                "SAP",
+                "RBAC",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Implement SSO to SAP NetWeaver-based web applications like SAP Fiori and SAP Web GUI by using SAML.",
-            "training": "https://learn.microsoft.com/training/modules/explore-identity-services/8-exercise-integrate-azure-active-directory-sap-netweaver",
+            "text": "Create custom RBAC roles in vCenter to implement a least-privilege model inside vCenter",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "9eb54dad-7861-4e1c-973a-f3bb003fc9c1",
-            "service": "SAP",
+            "guid": "9dd24429-eb72-4281-97a1-51c5bb4e4f18",
+            "service": "AVS",
             "services": [
-                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Implement SSO to SAP NetWeaver-based web applications like SAP Fiori and SAP Web GUI by using SAML.",
-            "training": "https://learn.microsoft.com/training/modules/explore-identity-services/6-exercise-integrate-azure-active-directory-sap-fiori",
+            "text": "Is a process defined to regularly rotate cloudadmin (vCenter) and admin (NSX) credentials",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "f29676ef-0c9c-4c4d-ab21-a55504c0c829",
-            "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-netweaver-tutorial",
-            "service": "SAP",
+            "guid": "586cb291-ec16-4a1d-876e-f9f141acdce5",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "WAF"
+                "VM",
+                "WAF",
+                "AVS",
+                "Entra"
             ],
-            "severity": "Medium",
-            "text": "You can implement SSO to SAP GUI by using SAP NetWeaver SSO or a partner solution.",
-            "training": "https://learn.microsoft.com/training/modules/explore-identity-services/8-exercise-integrate-azure-active-directory-sap-netweaver",
+            "severity": "High",
+            "text": "Use a centralized identity provider to be used for workloads (VM's) running on Azure VMware Solution",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "23181aa4-1742-4694-9ff8-ae7d7d474317",
-            "service": "SAP",
-            "services": [
-                "SAP",
-                "AKV",
+            "guid": "79377bcd-b375-41ab-8ab0-ead66e15d3d4",
+            "service": "AVS",
+            "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "For SSO for SAP GUI and web browser access, implement SNC / Kerberos/SPNEGO (simple and protected GSSAPI negotiation mechanism) due to its ease of configuration and maintenance. For SSO with X.509 client certificates, consider the SAP Secure Login Server, which is a component of the SAP SSO solution.",
-            "training": "https://learn.microsoft.com/training/modules/explore-identity-services/9-exercise-integrate-active-directory-sap-single-sign-on",
+            "text": "Is East-West traffic filtering implemented within NSX-T",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "6c8bcbf4-5bbe-4609-b8a0-3e97778424d6",
-            "link": "https://blogs.sap.com/2017/07/12/sap-single-sign-on-protect-your-sap-landscape-with-x.509-certificates/",
-            "service": "SAP",
+            "guid": "a2adb1c3-d232-46af-825c-a44e1695fddd",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "AKV",
-                "WAF"
+                "AppGW",
+                "WAF",
+                "AVS",
+                "Firewall"
             ],
-            "severity": "Medium",
-            "text": "For SSO for SAP GUI and web browser access, implement SNC / Kerberos/SPNEGO (simple and protected GSSAPI negotiation mechanism) due to its ease of configuration and maintenance. For SSO with X.509 client certificates, consider the SAP Secure Login Server, which is a component of the SAP SSO solution.",
+            "severity": "High",
+            "text": "Workloads on Azure VMware Solution are not directly exposed to the internet. Traffic is filtered and inspected by Azure Application Gateway, Azure Firewall or 3rd party solutions",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "16785d6f-a96c-496a-b885-18f482734c88",
-            "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-netweaver-tutorial#configure-sap-netweaver-for-oauth",
-            "service": "SAP",
+            "guid": "eace4cb1-deb4-4c65-8c3f-c14eeab36938",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "WAF"
+                "WAF",
+                "AVS"
             ],
-            "severity": "Medium",
-            "text": "Implement SSO by using OAuth for SAP NetWeaver to allow third-party or custom applications to access SAP NetWeaver OData services.",
+            "severity": "High",
+            "text": "Auditing and logging is implemented for inbound internet requests to Azure VMware Solution and Azure VMware Solution based workloads",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "a747c350-8d4c-449c-93af-393dbca77c48",
-            "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/saphana-tutorial",
-            "service": "SAP",
+            "guid": "29e3eec2-1836-487a-8077-a2b5945bda43",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "WAF"
+                "Monitor",
+                "WAF",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "Implement SSO to SAP HANA",
+            "text": "Session monitoring is implemented for outbound internet connections from Azure VMware Solution or Azure VMware Solution based workloads to identify suspicious/malicious activity",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "c7bae5bf-daf9-4761-9c56-f92891890aa4",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/rise-integration#connectivity-with-sap-rise",
-            "service": "SAP",
+            "guid": "334fdf91-c234-4182-a652-75269440b4be",
+            "service": "AVS",
             "services": [
-                "Entra",
-                "SAP",
-                "WAF"
+                "VNet",
+                "WAF",
+                "DDoS",
+                "ExpressRoute",
+                "VPN"
             ],
             "severity": "Medium",
-            "text": "Consider Azure AD an identity provider for SAP systems hosted on RISE. For more information, see Integrating the Service with Azure AD.",
+            "text": "Is DDoS standard protection enabled on ExR/VPN Gateway subnet in Azure",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "e4e48226-ce54-44b6-bb6b-bfa15bd8f753",
-            "link": "https://github.com/azuredevcollege/SAP/blob/master/sap-oauth-saml-flow/README.md",
-            "service": "SAP",
+            "guid": "3d3e0843-276d-44bd-a015-bcf219e4a1eb",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "WAF"
+                "WAF",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "For applications that access SAP, you might want to use principal propagation to establish SSO.",
+            "text": "Use a dedicated privileged access workstation (PAW) to manage Azure VMware Solution, vCenter, NSX manager and HCX manager",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "59921095-4980-4fc1-a5b6-524a5a560c79",
-            "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-hana-cloud-platform-identity-authentication-tutorial",
-            "service": "SAP",
+            "guid": "9ccbd869-266a-4cca-874f-aa19bf39d95d",
+            "service": "AVS",
             "services": [
-                "Entra",
-                "SAP",
-                "WAF"
+                "Defender",
+                "WAF",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "If you're using SAP BTP services or SaaS solutions that require SAP Identity Authentication Service (IAS), consider implementing SSO between SAP Cloud Identity Authentication Services and Azure AD to access those SAP services. This integration lets SAP IAS act as a proxy identity provider and forwards authentication requests to Azure AD as the central user store and identity provider.",
+            "text": "Enable Advanced Threat Detection (Microsoft Defender for Cloud aka ASC) for workloads running on Azure VMware Solution",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "a709c664-317e-41e4-9e34-67d9016a86f4",
-            "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-hana-cloud-platform-tutorial",
-            "service": "SAP",
+            "guid": "44c7c891-9ca1-4f6d-9315-ae524ba34d45",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "WAF"
+                "Arc",
+                "WAF",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "Implement SSO to SAP BTP",
+            "text": "Use Azure ARC for Servers to properly govern workloads running on Azure VMware Solution using Azure native technologies (Azure ARC for Azure VMware Solution is not yet available)",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "01f11b7f-38df-4251-9c76-4dec19abd3e8",
-            "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-successfactors-inbound-provisioning-cloud-only-tutorial",
-            "service": "SAP",
+            "guid": "85e12139-bd7b-4b01-8f7b-95ef6e043e2a",
+            "service": "AVS",
             "services": [
-                "Entra",
-                "SAP",
-                "WAF"
+                "SQL",
+                "WAF",
+                "AVS"
             ],
-            "severity": "Medium",
-            "text": "If you're using SAP SuccessFactors, consider using the Azure AD automated user provisioning. With this integration, as you add new employees to SAP SuccessFactors, you can automatically create their user accounts in Azure AD. Optionally, you can create user accounts in Microsoft 365 or other SaaS applications that are supported by Azure AD. Use write-back of the email address to SAP SuccessFactors.",
+            "severity": "Low",
+            "text": "Ensure workloads on Azure VMware Solution use sufficient data encryption during run-time (like in-guest disk encryption and SQL TDE). (vSAN encryption at rest is default)",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "6ba28021-4591-4147-9e39-e5309cccd979",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups",
-            "service": "SAP",
+            "guid": "a3592718-e6e2-4051-9267-6ae46691e883",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "Subscriptions",
-                "AzurePolicy",
-                "WAF"
+                "WAF",
+                "AKV"
             ],
-            "severity": "Medium",
-            "text": "enforce existing Management Group policies to SAP Subscriptions",
-            "training": "https://learn.microsoft.com/training/modules/enterprise-scale-organization/4-management-group-subscription-organization",
-            "waf": "Operations"
+            "severity": "Low",
+            "text": "When in-guest encryption is used, store encryption keys in Azure Key vault when possible",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "366bcda2-750a-4b1a-a039-d95d54c7c892",
-            "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-whole-landscape",
-            "service": "SAP",
+            "guid": "5ac94222-3e13-4810-9230-81a941741583",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "Subscriptions",
-                "WAF"
+                "WAF",
+                "AVS"
             ],
-            "severity": "High",
-            "text": "Integrate tightly coupled applications into the same SAP subscription to avoid additional routing and management complexity",
-            "training": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-subscriptions",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Consider using extended security update support for workloads running on Azure VMware Solution (Azure VMware Solution is eligible for ESU)",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "9cb107d5-325a-4e52-9ba3-4d4685e2213a",
-            "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-whole-landscape",
-            "service": "SAP",
+            "guid": "3ef7ad7c-6d37-4331-95c7-acbe44bbe609",
+            "service": "AVS",
             "services": [
-                "Subscriptions",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Leverage Subscription as scale unit and scaling our resources, consider deploying subscription per environment eg. Sandbox, non-prod, prod ",
-            "training": "https://learn.microsoft.com/training/modules/configure-subscriptions/?source=recommendations",
-            "waf": "Operations"
+            "text": "Ensure that the appropriate vSAN Data redundancy method is used (RAID specification)",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "ce7bb122-f7c9-45f0-9e15-4e3aa3592829",
-            "link": "https://learn.microsoft.com/azure/quotas/quotas-overview",
-            "service": "SAP",
+            "guid": "d88408f3-7273-44c8-96ba-280214590146",
+            "service": "AVS",
             "services": [
-                "VM",
-                "Subscriptions",
-                "WAF"
+                "Storage",
+                "WAF",
+                "AzurePolicy"
             ],
             "severity": "High",
-            "text": "Ensure quota increase as a part of subscription provisioning (e.g. total available VM cores within a subscription)",
-            "training": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits",
-            "waf": "Operations"
+            "text": "Ensure that the Failure-to-tolerate policy is in place to meet your vSAN storage needs",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "ce4fab2f-433a-4d59-a5a9-3d1032e03ebc",
-            "link": "https://learn.microsoft.com/rest/api/reserved-vm-instances/quotaapi?branch=capacity",
-            "service": "SAP",
+            "guid": "d89f2e87-7784-424d-9167-85c6fa95b96a",
+            "service": "AVS",
             "services": [
+                "ASR",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "The Quota API is a REST API that you can use to view and manage quotas for Azure services. Consider using it if necessary.",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Ensure that you have requested enough quota, ensuring you have considered growth and Disaster Recovery requirement",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "cbfad17b-f240-42bf-a1d8-f4f4cee661c8",
-            "link": "https://learn.microsoft.com/azure/quotas/quickstart-increase-quota-portal",
-            "service": "SAP",
+            "guid": "5d38e53f-9ccb-4d86-a266-acca274faa19",
+            "service": "AVS",
             "services": [
-                "VM",
-                "Subscriptions",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "If deploying to an availability zone, ensure that the VM's zone deployment is available once the quota has been approved. Submit a support request with the subscription, VM series, number of CPUs and availability zone required.",
+            "severity": "Medium",
+            "text": "Ensure that access constraints to ESXi are understood, there are access limits which might affect 3rd party solutions.",
             "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "e6e20617-3686-4af4-9791-f8935ada4332",
-            "link": "https://azure.microsoft.com/explore/global-infrastructure/products-by-region/",
-            "service": "SAP",
+            "guid": "bf39d95d-44c7-4c89-89ca-1f6d5315ae52",
+            "service": "AVS",
             "services": [
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "High",
-            "text": "Ensure required services and features are available within the chosen deployment regions eg. ANF , Zone etc.",
-            "training": "https://learn.microsoft.com/azure/cloud-adoption-framework/migrate/azure-best-practices/multiple-regions?source=recommendations",
+            "severity": "Medium",
+            "text": "Ensure that you have a policy around ESXi host density and efficiency, keeping in mind the lead time for requesting new nodes",
             "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "4e138115-2318-41aa-9174-26943ff8ae7d",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-resource-organization",
-            "service": "SAP",
+            "guid": "4ba34d45-85e1-4213-abd7-bb012f7b95ef",
+            "service": "AVS",
             "services": [
-                "TrafficManager",
                 "Cost",
-                "WAF"
+                "WAF",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "Leverage Azure resource tag for cost categorization and resource grouping (: BillTo, Department (or Business Unit), Environment (Production, Stage, Development), Tier (Web Tier, Application Tier), Application Owner, ProjectName)",
-            "training": "https://learn.microsoft.com/training/paths/implement-resource-mgmt-security/",
-            "waf": "Operations"
+            "text": "Ensure a good cost management process is in place for Azure VMware Solution - Azure Cost Management can be used",
+            "waf": "Cost"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "2f7c95f0-6e15-44e3-aa35-92829e6e2061",
-            "link": "https://learn.microsoft.com/azure/backup/sap-hana-database-about",
-            "service": "SAP",
+            "guid": "6e043e2a-a359-4271-ae6e-205172676ae4",
+            "service": "AVS",
             "services": [
-                "Backup",
-                "WAF"
+                "Cost",
+                "WAF",
+                "AVS"
             ],
-            "severity": "High",
-            "text": "Help protect your HANA database by using the Azure Backup service.",
-            "training": "https://learn.microsoft.com/training/modules/implement-azure-backup-sap-workloads-azure-virtual-machines/?source=recommendations",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "Are Azure reserved instances used to optimize cost for using Azure VMware Solution",
+            "waf": "Cost"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "302a2fbf-3745-4a5f-a365-c9d1a16ca22c",
-            "link": "https://learn.microsoft.com/azure/azure-netapp-files/azacsnap-introduction",
-            "service": "SAP",
+            "guid": "6691e883-5ac9-4422-83e1-3810523081a9",
+            "service": "AVS",
             "services": [
-                "Entra",
-                "Storage",
-                "VM",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "If you deploy Azure NetApp Files for your HANA, Oracle, or DB2 database, use the Azure Application Consistent Snapshot tool (AzAcSnap) to take application-consistent snapshots. AzAcSnap also supports Oracle databases. Consider using AzAcSnap on a central VM rather than on individual VMs.",
-            "waf": "Reliability"
+            "text": "Consider the use of Azure Private-Link when using other Azure Native Services",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "42d37218-a3a7-45df-bff6-1173e7f249ea",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-management-and-monitoring",
-            "service": "SAP",
+            "guid": "db611712-6904-40b4-aa3d-3e0803276d4b",
+            "service": "AVS",
             "services": [
-                "SAP",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Ensure time-zone matches between the operating system and the SAP system.",
-            "waf": "Operations"
+            "text": "Ensure all required resource reside within the same Azure availability zone(s)",
+            "waf": "Performance"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "c3c7abc0-716c-4486-893c-40e181d65539",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-rhel-multi-sid",
-            "service": "SAP",
+            "guid": "48b262d6-cc5f-4512-a253-98e6db9d37da",
+            "service": "AVS",
             "services": [
-                "Entra",
-                "WAF"
+                "VM",
+                "Defender",
+                "WAF",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "Don't group different application services in the same cluster. For example, don't combine DRBD and central services clusters on the same cluster. However, you can use the same Pacemaker cluster to manage approximately five different central services (multi-SID cluster).",
-            "training": "https://learn.microsoft.com/training/modules/implement-ha-sap-netweaver-anydb/?source=recommendations",
-            "waf": "Reliability"
+            "text": "Enable Microsoft Defender for Cloud for Azure VMware Solution guest VM workloads",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "a491dfc4-9353-4213-9217-eef0949f9467",
-            "link": "https://azure.microsoft.com/pricing/offers/dev-test/",
-            "service": "SAP",
+            "guid": "41741583-3ef7-4ad7-a6d3-733165c7acbe",
+            "service": "AVS",
             "services": [
-                "Cost",
-                "WAF"
+                "VM",
+                "Arc",
+                "WAF",
+                "AVS"
             ],
-            "severity": "Low",
-            "text": "Consider running dev/test systems in a snooze model to save and optimize Azure run costs.",
-            "waf": "Cost"
+            "severity": "Medium",
+            "text": "Use Azure Arc enabled servers to manage your Azure VMware Solution guest VM workloads",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "b7056168-6199-4732-a514-cdbb2d5c9c54",
-            "link": "https://learn.microsoft.com/azure/lighthouse/overview",
-            "service": "SAP",
+            "guid": "88f03a4d-2cd4-463c-abbc-868295abc91a",
+            "service": "AVS",
             "services": [
-                "Entra",
-                "SAP",
-                "WAF"
+                "WAF",
+                "AVS"
             ],
-            "severity": "Medium",
-            "text": "If you partner with customers by managing their SAP estates, consider Azure Lighthouse. Azure Lighthouse allows managed service providers to use Azure native identity services to authenticate to the customers' environment. It puts the control in the hands of customers, because they can revoke access at any time and audit service providers' actions.",
+            "severity": "High",
+            "text": "Enable Diagnostic and metric logging on Azure VMware Solution",
             "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "4d116785-d2fa-456c-96ad-48408fe72734",
-            "link": "https://learn.microsoft.com/azure/update-manager/scheduled-patching?tabs=schedule-updates-single-machine%2Cschedule-updates-scale-overview",
-            "service": "SAP",
+            "guid": "4ed90dae-2cc8-44c4-9b6b-781cbafe6c46",
+            "service": "AVS",
             "services": [
                 "VM",
-                "WAF"
+                "Monitor",
+                "WAF",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "Use Azure Update Manager to check the status of available updates for a single VM or multiple VMs and consider scheduling regular patching.",
-            "training": "https://learn.microsoft.com/training/modules/keep-your-virtual-machines-updated/?source=recommendations",
+            "text": "Deploy the Log Analytics Agents to Azure VMware Solution guest VM workloads",
             "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "76c8bcbf-45bb-4e60-ad8a-03e97778424d",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/lama-installation",
-            "service": "SAP",
+            "guid": "589d457a-927c-4397-9d11-02cad6aae11e",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "WAF"
+                "AzurePolicy",
+                "WAF",
+                "VM",
+                "Backup",
+                "AVS"
             ],
-            "severity": "Low",
-            "text": "Optimize and manage SAP Basis operations by using SAP Landscape Management (LaMa). Use the SAP LaMa connector for Azure to relocate, copy, clone, and refresh SAP systems.",
-            "training": "https://learn.microsoft.com/training/modules/explore-azure-remote-management/?source=recommendations",
+            "severity": "Medium",
+            "text": "Ensure you have a documented and implemented backup policy and solution for Azure VMware Solution VM workloads",
             "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "14591147-5e39-4e53-89cc-cd979366bcda",
-            "link": "https://learn.microsoft.com/azure/sap/monitor/about-azure-monitor-sap-solutions",
-            "service": "SAP",
+            "guid": "ee29711b-d352-4caa-ab79-b198dab81932",
+            "service": "AVS",
             "services": [
-                "SAP",
+                "Defender",
                 "Monitor",
-                "SQL",
+                "WAF",
+                "AVS"
+            ],
+            "severity": "Medium",
+            "text": "Use Microsoft Defender for Cloud for compliance monitoring of workloads running on Azure VMware Solution",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.AVS/privateClouds",
+            "checklist": "WAF checklist",
+            "guid": "c9fc9d1b-b780-436f-9e6b-fbb9ed503547",
+            "service": "AVS",
+            "services": [
+                "Defender",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use Azure Monitor for SAP solutions to monitor your SAP workloads(SAP HANA, high-availability SUSE clusters, and SQL systems) on Azure. Consider supplementing Azure Monitor for SAP solutions with SAP Solution Manager.",
-            "training": "https://learn.microsoft.com/training/modules/implement-azure-monitoring-sap-workloads-azure-virtual-machines/?source=recommendations",
-            "waf": "Operations"
+            "text": "Are the applicable compliance baselines added to Microsoft Defender for Cloud",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "2750ab1a-b039-4d95-b54c-7c8929cb107d",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/vm-extension-for-sap",
-            "service": "SAP",
+            "guid": "cc447e82-6128-4a71-b0f1-cac6d9ef1d5e",
+            "service": "AVS",
+            "services": [
+                "WAF",
+                "AVS"
+            ],
+            "severity": "High",
+            "text": "Was data residency evaluated when selecting Azure regions to use for Azure VMware Solution deployment",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.AVS/privateClouds",
+            "checklist": "WAF checklist",
+            "guid": "832e42e3-611c-4818-a0a0-bc510e43a18a",
+            "service": "AVS",
             "services": [
-                "Entra",
-                "VM",
-                "Monitor",
-                "SAP",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Run a VM Extension for SAP check. VM Extension for SAP uses the assigned managed identity of a virtual machine (VM) to access VM monitoring and configuration data. The check ensures that all performance metrics in your SAP application come from the underlying Azure Extension for SAP.",
-            "training": "https://learn.microsoft.com/training/modules/configure-azure-enhanced-monitoring-extension-for-sap/?source=recommendations",
-            "waf": "Operations"
+            "text": "Are data processing implications (service provider / service consumer model) clear and documented",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "5325ae52-5ba3-44d4-985e-2213ace7bb12",
-            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
-            "service": "SAP",
+            "guid": "547c1747-dc56-4068-a714-435cd19dd244",
+            "service": "AVS",
             "services": [
-                "AzurePolicy",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use Azure Policy for access control and compliance reporting. Azure Policy provides the ability to enforce organization-wide settings to ensure consistent policy adherence and fast violation detection. ",
-            "training": "https://learn.microsoft.com/learn/paths/architect-infrastructure-operations/",
-            "waf": "Operations"
+            "text": "Consider using CMK (Customer Managed Key) for vSAN only if needed for compliance reason(s).",
+            "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "523181aa-4174-4269-93ff-8ae7d7d47431",
-            "link": "https://learn.microsoft.com/azure/network-watcher/connection-monitor-overview",
-            "service": "SAP",
+            "guid": "e43a18a9-cd28-49ce-b6b1-7db8255461e2",
+            "service": "AVS",
             "services": [
-                "NetworkWatcher",
-                "SAP",
                 "Monitor",
-                "WAF"
+                "WAF",
+                "AVS"
             ],
-            "severity": "Medium",
-            "text": "Use Connection Monitor in Azure Network Watcher to monitor latency metrics for SAP databases and application servers. Or collect and display network latency measurements by using Azure Monitor.",
-            "training": "https://techcommunity.microsoft.com/t5/running-sap-applications-on-the/collecting-and-displaying-niping-network-latency-measurements/ba-p/1833979",
+            "severity": "High",
+            "text": "Create dashboards to enable core Azure VMware Solution monitoring insights",
             "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "73686af4-6791-4f89-95ad-a43324e13811",
-            "link": "https://github.com/Azure/SAP-on-Azure-Scripts-and-Utilities/tree/main/QualityCheck",
-            "service": "SAP",
+            "guid": "6b84ee5d-f47d-42d9-8881-b1cd5d1e54a2",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "VM",
-                "WAF"
+                "Monitor",
+                "WAF",
+                "AVS"
             ],
-            "severity": "Medium",
-            "text": "Perform a quality check for SAP HANA on the provisioned Azure infrastructure to verify that provisioned VMs comply with SAP HANA on Azure best practices.",
+            "severity": "High",
+            "text": "Create warning alerts for critical thresholds for automatic alerting on Azure VMware Solution performance (CPU >80%, Avg Memory >80%, vSAN >70%)",
             "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "616785d6-fa96-4c96-ad88-518f482734c8",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-zones",
-            "service": "SAP",
+            "guid": "9659e396-80e7-4828-ac93-5657d02bff45",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "Subscriptions",
-                "WAF"
+                "Monitor",
+                "WAF",
+                "AVS"
             ],
             "severity": "High",
-            "text": "For each Azure subscription, run a latency test on Azure availability zones before zonal deployment to choose low-latency zones for deployment of SAP on Azure.",
-            "training": "https://github.com/Azure/SAP-on-Azure-Scripts-and-Utilities/tree/main/AvZone-Latency-Test",
-            "waf": "Performance"
+            "text": "Ensure critical alert is created to monitor if vSAN consumption is below 75% as this is a support threshold from VMware",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "410adcba-db46-424f-a6c4-05ecde75c52e",
-            "link": "https://learn.microsoft.com/azure/advisor/advisor-how-to-improve-reliability",
-            "service": "SAP",
+            "guid": "64b0d934-a348-4726-be79-d6b5c3a36495",
+            "service": "AVS",
             "services": [
-                "Storage",
-                "ASR",
+                "Monitor",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Run the Resiliency Report to ensure that the configuration of the entire provisioned Azure infrastructure (Compute, Database, Networking, Storage, Site Recovery) complies with the configuration defined by Cloud Adaption Framework for Azure.",
-            "training": "https://learn.microsoft.com/training/paths/azure-well-architected-framework/",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Ensure alerts are configured for Azure Service Health alerts and notifications",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "86ba2802-1459-4114-95e3-9e5309cccd97",
-            "link": "https://learn.microsoft.com/azure/sentinel/sap/deployment-overview",
-            "service": "SAP",
+            "guid": "b6abad38-aad5-43cc-99e1-d86667357c54",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "Sentinel",
-                "Monitor",
-                "WAF"
+                "Storage",
+                "WAF",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "Implement threat protection by using the Microsoft Sentinel solution for SAP. Use this solution to monitor your SAP systems and detect sophisticated threats throughout the business logic and application layers.",
-            "training": "https://learn.microsoft.com/training/modules/plan-microsoft-sentinel-deployment-sap/?source=recommendations",
-            "waf": "Security"
+            "text": "Configure Azure VMware Solution logging to be send to an Azure Storage account or Azure EventHub for processing",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "579266bc-ca27-45fa-a1ab-fe9d55d04c3c",
-            "link": "https://learn.microsoft.com/azure/cost-management-billing/costs/enable-tag-inheritance",
-            "service": "SAP",
+            "guid": "9674c5ed-85b8-459c-9733-be2b1a27b775",
+            "service": "AVS",
             "services": [
-                "Cost",
-                "WAF"
+                "WAF",
+                "AVS"
             ],
-            "severity": "Medium",
-            "text": "Azure tagging can be leveraged to logically group and track resources, automate their deployments, and most importantly, provide visibility on the incurred costs.",
-            "training": "https://learn.microsoft.com/training/modules/analyze-costs-create-budgets-azure-cost-management/?source=recommendations",
+            "severity": "Low",
+            "text": "If deep insight in VMware vSphere is required: Is vRealize Operations and/or vRealize Network Insights used in the solution?",
             "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "04b8e5e5-13cb-4b22-af62-5a8ecfcf0337",
-            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-test-latency?tabs=windows",
-            "service": "SAP",
+            "guid": "a91be1f3-88f0-43a4-b2cd-463cbbbc8682",
+            "service": "AVS",
             "services": [
-                "Monitor",
                 "VM",
-                "WAF"
+                "Storage",
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Low",
-            "text": "Use inter-VM latency monitoring for latency-sensitive applications.",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "Ensure the vSAN storage policy for VM's is NOT the default storage policy as this policy applies thick provisioning",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "07e5ed53-3d96-43d8-87ea-631b77da5aba",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/planning-guide-storage",
-            "service": "SAP",
+            "guid": "d9ef1d5e-832d-442e-9611-c818b0afbc51",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "Monitor",
-                "ASR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use Azure Site Recovery monitoring to maintain the health of the disaster recovery service for SAP application servers.",
-            "training": "https://learn.microsoft.com/training/modules/explore-azure-storage/?source=recommendations",
-            "waf": "Reliability"
+            "text": "Ensure vSphere content libraries are not placed on vSAN as vSAN is a finite resource",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "abb6af9c-982c-4cf1-83fb-329fafd1ee56",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-management-and-monitoring",
-            "service": "SAP",
+            "guid": "0e43a18a-9cd2-489b-bd6b-17db8255461e",
+            "service": "AVS",
             "services": [
-                "SAP",
                 "Storage",
-                "WAF"
+                "WAF",
+                "Backup"
             ],
             "severity": "Medium",
-            "text": "Exclude all the database file systems and executable programs from antivirus scans. Including them could lead to performance problems. Check with the database vendors for prescriptive details on the exclusion list. For example, Oracle recommends excluding /oracle/<sid>/sapdata from antivirus scans.",
-            "waf": "Performance"
+            "text": "Ensure data repositories for the backup solution are stored outside of vSAN storage. Either in Azure native or on a disk pool-backed datastore",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "c027f893-f404-41a9-b33d-39d625a14964",
-            "link": "https://sapit-forme-prod.authentication.eu11.hana.ondemand.com/login",
-            "service": "SAP",
+            "guid": "2aee3453-aec8-4339-848b-262d6cc5f512",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "WAF"
+                "Arc",
+                "WAF",
+                "AVS"
             ],
-            "severity": "Low",
-            "text": "Consider collecting full database statistics for non-HANA databases after migration. For example, implement SAP note 1020260 - Delivery of Oracle statistics.",
-            "waf": "Performance"
+            "severity": "Medium",
+            "text": "Ensure workloads running on Azure VMware Solution are hybrid managed using Azure Arc for Servers (Arc for Azure VMware Solution is in preview)",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "fdafb1f5-3eee-4354-a8c9-deb8127ebc2e",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/workloads/oracle/configure-oracle-asm",
-            "service": "SAP",
+            "guid": "925398e6-da9d-437d-ac43-bc6cd1d79a9b",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "Storage",
-                "WAF"
+                "Monitor",
+                "WAF",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "Consider using Oracle Automatic Storage Management (ASM) for all Oracle deployments that use SAP on Azure.",
-            "training": "https://learn.microsoft.com/training/paths/administer-infrastructure-resources-in-azure/?source=recommendations",
-            "waf": "Performance"
+            "text": "Ensure workloads running on Azure VMware Solution are monitored using Azure Log Analytics and Azure Monitor",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "33c5d5bf-daf3-4f0d-bd50-6010fdcec22e",
-            "link": "https://techcommunity.microsoft.com/t5/running-sap-applications-on-the/announcement-sap-on-azure-oracle-performance-efficiency-scripts/ba-p/3725178",
-            "service": "SAP",
+            "guid": "24604489-a8f4-42d7-ae78-cb6a33bd2a09",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "SQL",
-                "WAF"
+                "WAF",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "For SAP on Azure running Oracle, a collection of SQL scripts can help you diagnose performance problems.  Automatic Workload Repository (AWR) reports contain valuable information for diagnosing problems in the Oracle system. We recommend that you run an AWR report during several sessions and choose peak times for it, to ensure broad coverage for the analysis.",
-            "training": "https://learn.microsoft.com/ja-jp/azure/well-architected/oracle-iaas/performance-efficiency",
-            "waf": "Performance"
+            "text": "Include workloads running on Azure VMware Solution in existing update management tooling or in Azure Update Management",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "d89fd98d-23e4-4b40-a92e-32db9365522c",
-            "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-monitor-and-troubleshoot",
-            "service": "SAP",
+            "guid": "17e7a8d9-0ae0-4e27-aee2-9711bd352caa",
+            "service": "AVS",
             "services": [
-                "SAP",
                 "Monitor",
-                "ASR",
-                "WAF"
+                "WAF",
+                "AVS",
+                "AzurePolicy"
             ],
-            "severity": "High",
-            "text": "Use Azure Site Recovery monitoring to maintain the health of the disaster recovery service for SAP application servers.",
-            "training": "https://learn.microsoft.com/training/modules/protect-on-premises-infrastructure-with-azure-site-recovery/?source=recommendations",
+            "severity": "Medium",
+            "text": "Use Azure Policy to onboard Azure VMware Solution workloads in the Azure Management, Monitoring and Security solutions",
             "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "5ba34d46-85e2-4213-ace7-bb122f7c95f0",
-            "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
-            "service": "SAP",
+            "guid": "aee3553a-fc83-4392-98b2-62d6cc5f5129",
+            "service": "AVS",
             "services": [
-                "AppGW",
-                "AzurePolicy",
-                "WAF"
+                "Defender",
+                "WAF",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "For secure delivery of HTTP/S apps, use Application Gateway v2 and ensure that WAF protection and policies are enabled.",
-            "training": "https://learn.microsoft.com/training/modules/introduction-azure-web-application-firewall/",
+            "text": "Ensure workloads running on Azure VMware Solution are onboarded to Microsoft Defender for Cloud",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "fa9d30bc-1b82-4e4b-bfdf-6b017938b9e6",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-network-topology-and-connectivity",
-            "service": "SAP",
+            "guid": "25398e6d-b9d3-47da-a43b-c6cd1d79a9b2",
+            "service": "AVS",
             "services": [
-                "DNS",
-                "SAP",
-                "VM",
-                "WAF"
+                "WAF",
+                "Backup"
             ],
             "severity": "Medium",
-            "text": "If the virtual machine's DNS or virtual name is not changed during migration to Azure, Background DNS and virtual names connect many system interfaces in the SAP landscape, and customers are only sometimes aware of the interfaces that developers define over time. Connection challenges arise between various systems when virtual or DNS names change after migrations, and it's recommended to retain DNS aliases to prevent these types of difficulties.",
-            "training": "https://learn.microsoft.com/training/modules/explore-azure-networking/4-explore-name-resolution",
-            "waf": "Operations"
+            "text": "Ensure backups are not stored on vSAN as vSAN is a finite resource",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "a2858f78-105b-4f52-b7a9-5b0f4439743b",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-network-topology-and-connectivity",
-            "service": "SAP",
+            "guid": "5e6bfbb9-ed50-4354-9cc4-47e826028a71",
+            "service": "AVS",
             "services": [
-                "DNS",
-                "SAP",
-                "VNet",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use different DNS zones to distinguish each environment (sandbox, development, preproduction, and production) from each other. The exception is for SAP deployments with their own VNet; here, private DNS zones might not be necessary.",
-            "training": "https://learn.microsoft.com/training/modules/explore-azure-networking/4-explore-name-resolution",
-            "waf": "Operations"
+            "text": "Have all DR solutions been considered and a solution that is best for your business been decided upon? [SRM/JetStream/Zerto/Veeam/...]",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "a3592829-e6e2-4061-9368-6af46791f893",
-            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-peering-overview",
-            "service": "SAP",
+            "guid": "f0f1cac6-d9ef-41d5-b832-d42e3611c818",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "ACR",
-                "VNet",
+                "ASR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Local and global VNet peering provide connectivity and are the preferred approaches to ensure connectivity between landing zones for SAP deployments across multiple Azure regions",
-            "training": "https://learn.microsoft.com/training/modules/configure-vnet-peering/?source=recommendations",
+            "text": "Use Azure Site Recovery when the Disaster Recovery technology is native Azure IaaS",
             "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "41742694-3ff8-4ae7-b7d4-743176c8bcbf",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/planning-guide",
-            "service": "SAP",
+            "guid": "b0afbc51-0e43-4a18-a9cd-289bed6b17db",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "NVA",
                 "WAF"
             ],
             "severity": "High",
-            "text": "It is not supported to deploy any NVA between SAP application and SAP Database server",
-            "training": "https://me.sap.com/notes/2731110",
-            "waf": "Performance"
+            "text": "Use Automated recovery plans with either of the Disaster solutions, avoid manual tasks as much as possible",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "7d4bc7d2-c34a-452e-8f1d-6ae3c8eafcc3",
-            "link": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/?source=recommendations",
-            "service": "SAP",
+            "guid": "8255461e-2aee-4345-9aec-8339248b262d",
+            "service": "AVS",
             "services": [
-                "VWAN",
-                "ACR",
-                "SAP",
+                "ASR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use Virtual WAN for Azure deployments in new, large, or global networks where you need global transit connectivity across Azure regions and on-premises locations. With this approach, you won't need to manually set up transitive routing for Azure networking, and you can follow a standard for SAP on Azure deployments.",
-            "training": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-about",
-            "waf": "Operations"
+            "text": "Use the geopolitical region pair as the secondary disaster recovery environment",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "0cedb1f6-ae6c-492b-8b17-8061f50b16d3",
-            "link": "https://learn.microsoft.com/azure/well-architected/services/networking/network-virtual-appliances/reliability",
-            "service": "SAP",
+            "guid": "6cc5f512-9253-498e-9da9-d37dac43bc6c",
+            "service": "AVS",
             "services": [
-                "VNet",
-                "NVA",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Consider deploying network virtual appliances (NVAs) between regions only if partner NVAs are used. NVAs between regions or VNets aren't required if native NVAs are present. When you're deploying partner networking technologies and NVAs, follow the vendor's guidance to verify conflicting configurations with Azure networking.",
-            "training": "https://learn.microsoft.com/training/modules/control-network-traffic-flow-with-routes/?source=recommendations",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Use 2 different address spaces between the regions, for example: 10.0.0.0/16 and 192.168.0.0/16 for the different regions",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "facc08c6-ea95-4641-91cd-fa09e573adbd",
-            "link": "https://learn.microsoft.com/azure/architecture/networking/hub-spoke-vwan-architecture",
-            "service": "SAP",
+            "guid": "d1d79a9b-2460-4448-aa8f-42d78e78cb6a",
+            "service": "AVS",
             "services": [
                 "NVA",
-                "SAP",
-                "VNet",
                 "WAF",
-                "VWAN"
+                "AVS",
+                "ExpressRoute"
             ],
             "severity": "Medium",
-            "text": "Virtual WAN manages connectivity between spoke VNets for virtual-WAN-based topologies (no need to set up user-defined routing [UDR] or NVAs), and maximum network throughput for VNet-to-VNet traffic in the same virtual hub is 50 gigabits per second. If necessary, SAP landing zones can use VNet peering to connect to other landing zones and overcome this bandwidth limitation.",
-            "training": "https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/?source=recommendations",
-            "waf": "Operations"
+            "text": "Will ExpressRoute Global Reach be used for connectivity between the primary and secondary Azure VMware Solution Private Clouds or is routing done through network virtual appliances?",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "82734c88-6ba2-4802-8459-11475e39e530",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
-            "service": "SAP",
+            "guid": "33bd2a09-17e7-4a8d-a0ae-0e27cee29711",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "VM",
-                "WAF"
+                "WAF",
+                "Backup"
             ],
-            "severity": "High",
-            "text": "Public IP assignment to VM running SAP Workload is not recommended.",
-            "training": "https://learn.microsoft.com/training/modules/design-ip-addressing-for-azure/?source=recommendations",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Have all Backup solutions been considered and a solution that is best for your business been decided upon? [ MABS/CommVault/Metallic.io/Veeam/�. ]",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "9cccd979-366b-4cda-8750-ab1ab039d95d",
-            "link": "https://learn.microsoft.com/training/modules/protect-on-premises-infrastructure-with-azure-site-recovery/?source=recommendations",
-            "service": "SAP",
+            "guid": "bd352caa-ab79-4b18-adab-81932c9fc9d1",
+            "service": "AVS",
             "services": [
-                "ASR",
-                "WAF"
+                "WAF",
+                "AVS",
+                "Backup"
             ],
-            "severity": "High",
-            "text": "Consider reserving IP address on DR side when configuring ASR",
-            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Deploy your backup solution in the same region as your Azure VMware Solution private cloud",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "54c7c892-9cb1-407d-9325-ae525ba34d46",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
-            "service": "SAP",
+            "guid": "bb77036f-5e6b-4fbb-aed5-03547cc447e8",
+            "service": "AVS",
             "services": [
-                "WAF"
+                "WAF",
+                "Backup"
             ],
-            "severity": "High",
-            "text": "Avoid using overlapping IP address ranges for production and DR sites.",
-            "training": "https://learn.microsoft.com/training/modules/design-ip-addressing-for-azure/?source=recommendations",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Deploy your backup solution outside of vSan, on Azure native components",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "6e154e3a-a359-4282-ae6e-206173686af4",
-            "link": "https://learn.microsoft.com/azure/azure-netapp-files/azure-netapp-files-delegate-subnet",
-            "service": "SAP",
+            "guid": "26028a71-f0f1-4cac-9d9e-f1d5e832d42e",
+            "service": "AVS",
+            "services": [
+                "WAF",
+                "AVS"
+            ],
+            "severity": "Low",
+            "text": "Is a process in place to request a restore of the VMware components managed by the Azure Platform?",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.AVS/privateClouds",
+            "checklist": "WAF checklist",
+            "guid": "4604489a-8f42-4d78-b78c-b7a33bd2a0a1",
+            "service": "AVS",
             "services": [
-                "Storage",
-                "VNet",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "While Azure does help you to create multiple delegated subnets in a VNet, only one delegated subnet can exist in a VNet for Azure NetApp Files. Attempts to create a new volume will fail if you use more than one delegated subnet for Azure NetApp Files.",
-            "training": "https://learn.microsoft.com/azure/azure-netapp-files/azure-netapp-files-network-topologies?source=recommendations",
+            "severity": "Low",
+            "text": "For manual deployments, all configuration and deployments must be documented",
             "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "d8a03e97-7784-424d-9167-85d6fa96c96a",
-            "link": "https://learn.microsoft.com/azure/well-architected/services/networking/azure-firewall?toc=%2Fazure%2Ffirewall%2Ftoc.json&bc=%2Fazure%2Ffirewall%2Fbreadcrumb%2Ftoc.json",
-            "service": "SAP",
+            "guid": "7e7a8d90-ae0e-437c-be29-711bd352caaa",
+            "service": "AVS",
             "services": [
-                "Firewall",
-                "WAF"
+                "WAF",
+                "AVS"
             ],
-            "severity": "Medium",
-            "text": "Use Azure Firewall to govern Azure outbound traffic to the internet, non-HTTP/S inbound connections, and East/West traffic filtering (if the organization requires it)",
-            "training": "https://learn.microsoft.com/training/paths/secure-networking-infrastructure/",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "For manual deployments, consider implementing resource locks to prevent accidental actions on your Azure VMware Solution Private Cloud",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "91a65e40-be90-45b3-9f73-f3edbf8dc324",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/expose-sap-process-orchestration-on-azure",
-            "service": "SAP",
+            "guid": "b79b198d-ab81-4932-a9fc-9d1bb78036f5",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "AppGW",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Application Gateway and Web Application Firewall have limitations when Application Gateway serves as a reverse proxy for SAP web apps, as shown in the comparison between Application Gateway, SAP Web Dispatcher, and other third-party services.",
-            "training": "https://help.sap.com/docs/SUPPORT_CONTENT/si/3362959506.html",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "For automated deployments, deploy a minimal private cloud and scale as needed",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "5e39e530-9ccc-4d97-a366-bcda2750ab1a",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
-            "service": "SAP",
+            "guid": "e6bfbb9e-d503-4547-ac44-7e826128a71f",
+            "service": "AVS",
             "services": [
-                "FrontDoor",
-                "ACR",
-                "AzurePolicy",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Use Azure Front Door and WAF policies to provide global protection across Azure regions for inbound HTTP/S connections to a landing zone.",
-            "training": "https://learn.microsoft.com/training/paths/secure-application-delivery/",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "For automated deployments,  request or reserve quota prior to starting the deployment",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "b039d95d-54c7-4c89-89cb-107d5325ae52",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/afds-overview",
-            "service": "SAP",
+            "guid": "0f1cac6d-9ef1-4d5e-a32e-42e3611c818b",
+            "service": "AVS",
             "services": [
-                "FrontDoor",
-                "AppGW",
-                "AzurePolicy",
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Medium",
-            "text": "Take advantage of Web Application Firewall policies in Azure Front Door when you're using Azure Front Door and Application Gateway to protect HTTP/S applications. Lock down Application Gateway to receive traffic only from Azure Front Door.",
-            "training": "https://learn.microsoft.com/training/modules/introduction-azure-web-application-firewall/?source=recommendations",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "For automated deployment, ensure that relevant resource locks are created through the automation or through Azure Policy for proper governance",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "5ada4332-4e13-4811-9231-81aa41742694",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
-            "service": "SAP",
+            "guid": "e2cc95d4-8c6b-4791-bca0-f6c56589e558",
+            "service": "AVS",
             "services": [
-                "LoadBalancer",
-                "AppGW",
-                "WAF"
+                "WAF",
+                "AKV"
             ],
-            "severity": "Medium",
-            "text": "Use a web application firewall to scan your traffic when it's exposed to the internet. Another option is to use it with your load balancer or with resources that have built-in firewall capabilities like Application Gateway or third-party solutions.",
-            "training": "https://learn.microsoft.com/training/modules/introduction-azure-web-application-firewall/?source=recommendations",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "Implement human understandable names for ExR authorization keys to allow for easy identification of the keys purpose/use",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "e73de7d5-6f36-4217-a526-e1a621ecddde",
-            "link": "https://learn.microsoft.com/azure/frontdoor/front-door-overview",
-            "service": "SAP",
+            "guid": "255461e2-aee3-4553-afc8-339248b262d6",
+            "service": "AVS",
             "services": [
-                "VWAN",
-                "ACR",
-                "SAP",
-                "WAF"
+                "WAF",
+                "AVS",
+                "ExpressRoute",
+                "AKV"
             ],
-            "severity": "Medium",
-            "text": "Use Virtual WAN for Azure deployments in new, large, or global networks where you need global transit connectivity across Azure regions and on-premises locations. With this approach, you won't need to manually set up transitive routing for Azure networking, and you can follow a standard for SAP on Azure deployments.",
-            "training": "https://learn.microsoft.com/training/modules/explore-azure-networking/10-explore-azure-front-door",
-            "waf": "Performance"
+            "severity": "Low",
+            "text": "Use Key vault to store secrets and authorization keys when separate Service Principles are used for deploying Azure VMware Solution and ExpressRoute",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "3c536a3e-1b6b-4e87-95ca-15edb47251c0",
-            "link": "https://learn.microsoft.com/azure/virtual-network/vnet-integration-for-azure-services",
-            "service": "SAP",
+            "guid": "cc5f5129-2539-48e6-bb9d-37dac43bc6cd",
+            "service": "AVS",
             "services": [
-                "PrivateLink",
-                "Backup",
-                "Storage",
-                "ACR",
-                "VNet",
-                "WAF"
+                "WAF",
+                "AVS"
             ],
-            "severity": "Medium",
-            "text": "To prevent data leakage, use Azure Private Link to securely access platform as a service resources like Azure Blob Storage, Azure Files, Azure Data Lake Storage Gen2, Azure Data Factory, and more. Azure Private Endpoint can also help to secure traffic between VNets and services like Azure Storage, Azure Backup, and more. Traffic between your VNet and the Private Endpoint enabled service travels across the Microsoft global network, which prevents its exposure to the public internet.",
-            "training": "https://learn.microsoft.com/training/modules/design-implement-private-access-to-azure-services/?source=recommendations",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "Define resource dependencies for serializing actions in IaC when many resources need to be deployed in/on Azure VMware Solution as Azure VMware Solution only supports a limited number of parallel operations.",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "85e2213a-ce7b-4b12-8f7c-95f06e154e3a",
-            "link": "https://learn.microsoft.com/azure/virtual-network/accelerated-networking-overview?tabs=redhat",
-            "service": "SAP",
+            "guid": "1d79a9b2-4604-4489-a8f4-2d78e78cb7a3",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "VM",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Make sure that Azure accelerated networking is enabled on the VMs used in the SAP application and DBMS layers.",
-            "training": "https://learn.microsoft.com/training/paths/azure-fundamentals-describe-azure-architecture-services/?source=recommendations",
-            "waf": "Performance"
+            "severity": "Low",
+            "text": "When performing automated configuration of NSX-T segments with a single Tier-1 gateway, use Azure Portal APIs instead of NSX-Manager APIs",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "3ff8ae7d-7d47-4431-96c8-bcbf45bbe609",
-            "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-multivip-overview",
-            "service": "SAP",
+            "guid": "3bd2a0a1-7e7a-48d9-8ae0-e37cee29711b",
+            "service": "AVS",
             "services": [
-                "LoadBalancer",
-                "WAF"
+                "WAF",
+                "Subscriptions",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "Make sure that internal deployments for Azure Load Balancer are set up to use Direct Server Return (DSR). This setting (Enabling Floating IP) will reduce latency when internal load balancer configurations are used for high-availability configurations on the DBMS layer.",
-            "training": "https://learn.microsoft.com/ja-jp/training/modules/load-balancing-non-https-traffic-azure/?source=recommendations",
-            "waf": "Security"
+            "text": "When intending to use automated scale-out, be sure to apply for sufficient Azure VMware Solution quota for the subscriptions running Azure VMware Solution",
+            "waf": "Performance"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "6791f893-5ada-4433-84e1-3811523181aa",
-            "link": "https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works",
-            "service": "SAP",
+            "guid": "d352caaa-b79b-4198-bab8-1932c9fc9d1b",
+            "service": "AVS",
             "services": [
-                "VM",
-                "SAP",
-                "VNet",
-                "WAF"
+                "Storage",
+                "WAF",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "You can use application security group (ASG) and NSG rules to define network security access-control lists between the SAP application and DBMS layers. ASGs group virtual machines to help manage their security.",
-            "training": "https://learn.microsoft.com/training/modules/configure-network-security-groups/?source=recommendations",
-            "waf": "Security"
+            "text": "When intending to use automated scale-in, be sure to take storage policy requirements into account before performing such action",
+            "waf": "Performance"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "45bbe609-d8a0-43e9-9778-424d616785d6",
-            "link": "https://me.sap.com/notes/2015553",
-            "service": "SAP",
+            "guid": "b78036f5-e6bf-4bb9-bd50-3547cc447e82",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "VNet",
                 "WAF"
-            ],
-            "severity": "High",
-            "text": "Placing of the SAP application layer and SAP DBMS in different Azure VNets that aren't peered isn't supported.",
-            "training": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-network-topology-and-connectivity",
+            ],
+            "severity": "Medium",
+            "text": "Scaling operations always need to be serialized within a single SDDC as only one scale operation can be performed at a time (even when multiple clusters are used)",
             "waf": "Performance"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "fa96c96a-d885-418f-9827-34c886ba2802",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/proximity-placement-scenarios",
-            "service": "SAP",
+            "guid": "bf15bce2-19e4-4a0e-a588-79424d226786",
+            "service": "AVS",
             "services": [
-                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "For optimal network latency with SAP applications, consider using Azure proximity placement groups.",
-            "training": "https://learn.microsoft.com/azure/virtual-machines/co-location#planned-maintenance-and-proximity-placement-groups",
+            "text": "Consider and validate scaling operations on 3rd party solutions used in the architecture (supported or not)",
             "waf": "Performance"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "18c8b61c-855a-4405-b6ed-266455e4f4ce",
-            "link": "https://me.sap.com/notes/2015553",
-            "service": "SAP",
+            "guid": "d20b56c5-7be5-4851-a0f8-3835c586cb29",
+            "service": "AVS",
             "services": [
-                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "It is NOT supported at all to run an SAP Application Server layer and DBMS layer split between on-premise and Azure. Both layers need to completely reside either on-premise or in Azure.",
-            "training": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-network-topology-and-connectivity",
+            "severity": "Medium",
+            "text": "Define and enforce scale in/out maximum limits for your environment in the automations",
             "waf": "Performance"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "b65c878b-4b14-4f4e-92d8-d873936493f2",
-            "link": "https://me.sap.com/notes/2015553",
-            "service": "SAP",
+            "guid": "1dc15a1c-075e-4e9f-841a-cccd579376bc",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "VNet",
-                "Cost",
+                "Monitor",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "It isn't recommended to host the database management system (DBMS) and application layers of SAP systems in different VNets and connect them with VNet peering because of the substantial costs that excessive network traffic between the layers can produce. Recommend using subnets within the Azure virtual network to separate the SAP application layer and DBMS layer.",
-            "training": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-network-topology-and-connectivity",
-            "waf": "Cost"
+            "severity": "Medium",
+            "text": "Implement monitoring rules to monitor automated scaling operations and monitor success and failure to enable appropriate (automated) responses",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "402a9846-d515-4061-aff8-cd30088693fa",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-rhel",
-            "service": "SAP",
+            "guid": "c5972cd4-cd21-4b07-9036-f5e6b4bfd3d5",
+            "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy#how-application-proxy-works",
+            "service": "AVS",
             "services": [
-                "LoadBalancer",
+                "VM",
                 "WAF"
             ],
             "severity": "High",
-            "text": "If using Load Balancer with Linux guest operating systems, check that the Linux network parameter net.ipv4.tcp_timestamps is set to 0.",
-            "training": "https://learn.microsoft.com/training/modules/implement-ha-sap-netweaver-anydb/?source=recommendations",
-            "waf": "Performance"
+            "text": "When using MON, be aware of the limits of simulataneously configured VMs (MON Limit for HCX [400 - standard, 1000 - Larger appliance])",
+            "training": "https://learn.microsoft.com/learn/modules/configure-azure-ad-application-proxy/",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "87585797-5551-4d53-bb7d-a94ee415734d",
-            "link": "https://learn.microsoft.com/azure/sap/workloads/rise-integration",
-            "service": "SAP",
+            "guid": "be1f38cf-03a8-422b-b463-cbbbc8ac299e",
+            "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy#how-application-proxy-works",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "VNet",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "For SAP RISE/ECS deployments, virtual peering is the preferred way to establish connectivity with customer's existing Azure environment. Both the SAP vnet and customer vnet(s) are protected with network security groups (NSG), enabling communication on SAP and database ports through the vnet peering",
-            "waf": "Security"
+            "severity": "High",
+            "text": "When using MON, you cannot enable MON on more than 100 Network extensions",
+            "training": "https://learn.microsoft.com/learn/paths/implement-applications-external-access-azure-ad/",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "ff5136bd-dcf1-4d2b-ae52-39333efdf45a",
-            "link": "https://learn.microsoft.com/azure/backup/sap-hana-database-about",
-            "service": "SAP",
+            "guid": "bc91a43d-90da-4e2c-a881-4706f7c1cbaf",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "Backup",
-                "VM",
-                "WAF"
+                "WAF",
+                "VPN"
             ],
-            "severity": "High",
-            "text": "Review SAP HANA database backups for Azure VMs.",
-            "waf": "Cost"
+            "severity": "Medium",
+            "text": "If using a VPN connection for migrations, adjust your MTU size accordingly.",
+            "waf": "Performance"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "cafde29d-a0af-4bcd-87c0-0f299d63f0e8",
-            "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-monitor-and-troubleshoot",
-            "service": "SAP",
+            "guid": "e614658d-d457-4e92-9139-b821102cad6e",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "Monitor",
-                "ASR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Review Site Recovery built-in monitoring, where used for SAP.",
-            "waf": "Cost"
+            "text": "For low connectivity regions connecting into Azure (500Mbps or less), considering deploying the HCX WAN optimization appliance",
+            "waf": "Performance"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "82d7b8de-d3f1-44a0-830b-38e200e82acf",
-            "link": "https://help.sap.com/docs/SAP_HANA_PLATFORM/c4d7c773af4a4e5dbebb6548d6e2d4f4/e3111d2ebb5710149510cc120646bf3f.html?locale=en-US",
-            "service": "SAP",
+            "guid": "ae01e6e8-43e5-42f4-922d-928c1b1cd521",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "Monitor",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Review the Monitoring the SAP HANA System Landscape guidance.",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Ensure that migrations are started from the on-premises appliance and NOT from the Cloud appliance (do NOT perform a reverse migration)",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "c823873a-2bec-4c2a-b684-a1ce8ae80efd",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/workloads/oracle/oracle-database-backup-strategies",
-            "service": "SAP",
+            "guid": "e54a29a9-de39-4ac0-b7c2-8dc935657202",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings",
+            "service": "AVS",
             "services": [
-                "Backup",
                 "VM",
-                "WAF"
+                "Storage",
+                "WAF",
+                "AVS"
             ],
             "severity": "Medium",
-            "text": "Review Oracle Database in Azure Linux VM backup strategies.",
-            "waf": "Operations"
+            "text": "When Azure Netapp Files is used to extend storage for Azure VMware Solution,consider using this as a VMware datastore instead of attaching directly to a VM.",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "2943b6d8-1d31-4e19-ade7-78e6b26d1962",
-            "link": "https://learn.microsoft.com/sql/relational-databases/tutorial-use-azure-blob-storage-service-with-sql-server-2016?view=sql-server-ver16",
-            "service": "SAP",
+            "guid": "bff4564b-0d93-44a3-98b2-63e7dd60513a",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#avoid-combining-traffic-manager-and-front-door",
+            "service": "AVS",
             "services": [
                 "Storage",
-                "SQL",
-                "WAF"
+                "WAF",
+                "ExpressRoute"
             ],
             "severity": "Medium",
-            "text": "Review the use of Azure Blob Storage with SQL Server 2016.",
-            "waf": "Operations"
+            "text": "Ensure that a dedicated ExpressRoute Gateway is being used for external data storage solutions",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "b82e650f-676d-417d-994d-fc33ca54ec14",
-            "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/automated-backup?view=azuresql",
-            "service": "SAP",
+            "guid": "3649906e-bad3-48ea-b53c-c7de1d8aaab3",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-the-same-domain-name-on-front-door-and-your-origin",
+            "service": "AVS",
             "services": [
-                "Backup",
-                "VM",
-                "WAF"
+                "Storage",
+                "WAF",
+                "ExpressRoute"
             ],
             "severity": "Medium",
-            "text": "Review the use of Automated Backup v2 for Azure VMs.",
-            "waf": "Operations"
+            "text": "Ensure that FastPath is enabled on the ExpressRoute Gateway that is being used for external data storage solutions",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "347c2dcc-e6eb-4b04-80c5-628b171aa62d",
-            "service": "SAP",
+            "guid": "571549ab-8153-4d89-b89d-c7b33be2b1a2",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group",
+            "service": "AVS",
             "services": [
+                "ASR",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Enabling Write accelerator for M series when using premium disks(V1)",
-            "waf": "Operations"
+            "text": "If using stretched cluster, ensure that your selected Disaster Recovery solution is supported by the vendor",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "b96512cf-996f-4b17-b9b8-6b16db1a2a94",
-            "link": "https://github.com/Azure/SAP-on-Azure-Scripts-and-Utilities/tree/main/AvZone-Latency-Test",
-            "service": "SAP",
+            "guid": "4c486b6d-8bdc-4059-acf7-5ee8a1309888",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#select-good-health-probe-endpoints",
+            "service": "AVS",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Test availability zone latency.",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "If using stretched cluster, ensure that the SLA provided will meet your requirements",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "9fd7ffd4-da11-49f6-a374-8d03e94c511d",
-            "link": "https://support.sap.com/en/offerings-programs/support-services/earlywatch-alert.html",
-            "service": "SAP",
+            "guid": "9579d66b-896d-471f-a6ca-7be9955d04c3",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "WAF"
+                "WAF",
+                "ExpressRoute"
             ],
-            "severity": "Medium",
-            "text": "Activate SAP EarlyWatch Alert for all SAP components.",
-            "training": "https://help.sap.com/docs/SUPPORT_CONTENT/techops/3362700736.html",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "If using stretched cluster, ensure that both ExpressRoute circuits are connected to your connectivity hub.",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "b9b140cf-413a-483d-aad2-8802c4e3c017",
-            "link": "https://techcommunity.microsoft.com/t5/running-sap-applications-on-the/sap-on-azure-general-update-march-2019/ba-p/377456",
-            "service": "SAP",
+            "guid": "c49d987c-b3d1-4325-aa12-4b6e4d0685ed",
+            "link": "https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity",
+            "service": "AVS",
             "services": [
-                "SAP",
-                "WAF"
+                "WAF",
+                "ExpressRoute"
             ],
-            "severity": "Medium",
-            "text": "Review SAP application server to database server latency using SAP ABAPMeter report /SSA/CAT.",
-            "training": "https://me.sap.com/notes/0002879613",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "If using stretched cluster, ensure that both ExpressRoute circuits have GlobalReach enabled.",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.AVS/privateClouds",
             "checklist": "WAF checklist",
-            "guid": "62fbf0f8-51db-49e1-a961-bb5df7a35f80",
-            "service": "SAP",
+            "guid": "dce9793b-7bcd-4b3b-91eb-2ec14eea6e59",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates",
+            "service": "AVS",
             "services": [
-                "Monitor",
-                "SQL",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Review SQL Server performance monitoring using CCMS.",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "Have site disaster tolerance settings been properly considered and changed for your business if needed.",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "35709da7-fc7d-4efe-bb20-2e91547b7390",
-            "link": "https://me.sap.com/notes/500235",
-            "service": "SAP",
+            "description": "Disable image export to prevent data exfiltration. Note that this will prevent image import of images into another ACR instance.",
+            "guid": "ab91932c-9fc9-4d1b-a880-37f5e6bfcb9e",
+            "link": "https://learn.microsoft.com/azure/container-registry/data-loss-prevention",
+            "service": "ACR",
             "services": [
-                "SAP",
-                "VM",
+                "ACR",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Test network latency between SAP application layer VMs and DBMS VMs (NIPING).",
-            "training": "https://me.sap.com/notes/1100926/E",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "Disable Azure Container Registry image export",
+            "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "9e9bb4c8-e934-4e4b-a13c-6f7c7c38eb43",
-            "link": "https://learn.microsoft.com/en-us/azure/sap/large-instances/hana-monitor-troubleshoot",
-            "service": "SAP",
+            "description": "Enable audit compliance visibility by enabling Azure Policy for Azure Container Registry",
+            "guid": "d503547c-d447-4e82-9128-a7100f1cac6d",
+            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-azure-policy",
+            "service": "ACR",
             "services": [
-                "SAP",
-                "Monitor",
-                "WAF"
+                "ACR",
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Medium",
-            "text": "Review SAP HANA studio alerts.",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "Enable Azure Policies for Azure Container Registry",
+            "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "f1a92ab5-9509-4b57-86ff-b0ade361b694",
-            "link": "https://me.sap.com/notes/1969700",
-            "service": "SAP",
+            "description": "The Azure Key Vault (AKV) is used to store a signing key that can be utilized by?notation?with the notation AKV plugin (azure-kv) to sign and verify container images and other artifacts. The Azure Container Registry (ACR) allows you to attach these signatures using the?az?or?oras?CLI commands.",
+            "guid": "d345293c-7639-4637-a551-c5c04e401955",
+            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-tutorial-sign-build-push",
+            "service": "ACR",
             "services": [
-                "SAP",
-                "WAF"
+                "ACR",
+                "WAF",
+                "AKV"
             ],
-            "severity": "Medium",
-            "text": "Perform SAP HANA health checks using HANA_Configuration_Minichecks.",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "Sign and Verify containers with notation (Notary v2)",
+            "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "18dffcf3-248c-4039-a67c-dec8e3a5f804",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/sap-lza-security-operations",
-            "service": "SAP",
+            "description": "Azure Container Registry automatically encrypts images and other artifacts that you store. By default, Azure automatically encrypts the registry content at rest by using service-managed keys. By using a customer-managed key, you can supplement default encryption with an additional encryption layer.",
+            "guid": "0bd05dc2-efd5-4d76-8d41-d2500cc47b49",
+            "link": "https://learn.microsoft.com/azure/container-registry/tutorial-customer-managed-keys",
+            "service": "ACR",
             "services": [
-                "VM",
-                "WAF"
+                "ACR",
+                "WAF",
+                "AKV"
             ],
             "severity": "Medium",
-            "text": "If you run Windows and Linux VMs in Azure, on-premises, or in other cloud environments, you can use the Update management center in Azure Automation to manage operating system updates, including security patches.",
-            "training": "https://learn.microsoft.com/azure/automation/update-management/overview",
+            "text": "Encrypt registry with a customer managed key",
             "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "08951710-79a2-492a-adbc-06d7a401545b",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/sap-lza-security-operations",
-            "service": "SAP",
+            "description": "Use managed identities to secure ACRPull/Push RBAC access from client applications",
+            "guid": "8f42d78e-79dc-47b3-9bd2-a1a27e7a8e90",
+            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-authentication-managed-identity",
+            "service": "ACR",
             "services": [
-                "SAP",
+                "Entra",
+                "RBAC",
+                "ACR",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Routinely review the SAP security OSS notes because SAP releases highly critical security patches, or hot fixes, that require immediate action to protect your SAP systems.",
-            "training": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html",
+            "severity": "High",
+            "text": "Use Managed Identities to connect instead of Service Principals",
             "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "1b8b394e-ae64-4a74-8933-357b523ea0a0",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/sap-lza-database-security",
-            "service": "SAP",
+            "description": "The local Administrator account is disabled by default and should not be enabled. Use either Token or RBAC-based access methods instead",
+            "guid": "be0e38ce-e297-411b-b363-caaab79b198d",
+            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-authentication-managed-identity",
+            "service": "ACR",
             "services": [
-                "SAP",
-                "SQL",
+                "RBAC",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "For SAP on SQL Server, you can disable the SQL Server system administrator account because the SAP systems on SQL Server don't use the account. Ensure that another user with system administrator rights can access the server before disabling the original system administrator account.",
+            "severity": "High",
+            "text": "Disable local authentication for management plane access",
             "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "5a76a033-ced9-4eef-9a43-5e4f96634c8e",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/sap-lza-database-security",
-            "service": "SAP",
+            "description": "Disable Administrator account and assign RBAC roles to principals for ACR Pull/Push operations",
+            "guid": "387e5ced-126c-4d13-8af5-b20c6998a646",
+            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-roles?tabs=azure-cli",
+            "service": "ACR",
             "services": [
-                "SQL",
+                "Entra",
+                "RBAC",
+                "ACR",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Disable xp_cmdshell. The SQL Server feature xp_cmdshell enables a SQL Server internal operating system command shell. It's a potential risk in security audits.",
-            "training": "https://me.sap.com/notes/3019299/E",
+            "text": "Assign AcrPull & AcrPush RBAC roles rather than granting Administrative access to identity principals",
             "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "cf65de8e-1309-4ccc-b579-266bcca275fa",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-security-governance-and-compliance",
-            "service": "SAP",
+            "description": "Disable anonymous pull/push access",
+            "guid": "e338997e-41c7-47d7-acf6-a62a1194956d",
+            "link": "https://learn.microsoft.com/azure/container-registry/anonymous-pull-access#configure-anonymous-pull-access",
+            "service": "ACR",
             "services": [
-                "Backup",
-                "SQL",
-                "Storage",
-                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Encrypting SAP HANA database servers on Azure uses SAP HANA native encryption technology. Additionally, if you are using SQL Server on Azure, use Transparent Data Encryption (TDE) to protect your data and log files and ensure that your backups are also encrypted.",
-            "training": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/sap-lza-database-security",
+            "severity": "Medium",
+            "text": "Disable Anonymous pull access",
             "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "a1abfe9d-55d0-44c3-a491-9cb1b3d1325a",
-            "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
-            "service": "SAP",
+            "description": "Token authentication doesn't support assignment to an AAD principal. Any tokens provided are able to be used by anyone who can access the token",
+            "guid": "698dc3a2-fd27-4b2e-8870-1a1252beedf6",
+            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-authentication?tabs=azure-cli",
+            "service": "ACR",
             "services": [
-                "Storage",
+                "Entra",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Azure Storage encryption is enabled for all Azure Resource Manager and classic storage accounts, and can't be disabled. Because your data is encrypted by default, you don't need to modify your code or applications to use Azure Storage encryption.",
-            "training": "https://learn.microsoft.com/training/modules/encrypt-sector-data/?source=recommendations",
+            "severity": "High",
+            "text": "Disable repository-scoped access tokens",
             "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "ce9bd3bb-0cdb-43b5-9eb2-ec14eeaa3592",
-            "link": "https://learn.microsoft.com/azure/key-vault/general/overview",
-            "service": "SAP",
+            "description": "Deploy container images to an ACR behind a Private endpoint within a trusted network",
+            "guid": "b3bec3d4-f343-47c1-936d-b55f27a71eee",
+            "service": "ACR",
             "services": [
-                "AKV",
-                "WAF"
+                "EventHubs",
+                "ACR",
+                "WAF",
+                "PrivateLink"
             ],
             "severity": "High",
-            "text": "Use Azure Key Vault to store your secrets and credentials",
-            "training": "https://learn.microsoft.com/training/modules/manage-secrets-with-azure-key-vault/?source=recommendations",
+            "text": "Deploy images from a trusted environment",
             "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "829e2edb-2173-4676-aff6-691b4935ada4",
-            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/lock-resources?tabs=json",
-            "service": "SAP",
+            "description": "Only tokens with an ACR audience can be used for authentication. Used when enabling Conditional access policies for ACR",
+            "guid": "3a041fd3-2947-498b-8288-b3c6a56ceb54",
+            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-enable-conditional-access-policy",
+            "service": "ACR",
             "services": [
-                "RBAC",
-                "Subscriptions",
-                "AzurePolicy",
-                "WAF"
+                "Entra",
+                "ACR",
+                "WAF",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "It is recommended to LOCK the Azure Resources post successful deployment to safeguard against unauthorized changes. You can also enforce LOCK constraints and rules on your per-subscription basis using customized Azure policies(Custome role).",
-            "training": "https://learn.microsoft.com/training/modules/use-azure-resource-manager/?source=recommendations",
+            "text": "Disable Azure ARM audience tokens for authentication",
             "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "2223ece8-1b12-4318-8a54-17415833fb4a",
-            "link": "https://learn.microsoft.com/azure/key-vault/general/soft-delete-overview",
-            "service": "SAP",
+            "description": "Set up a diagnostic setting to send 'repositoryEvents' & 'LoginEvents' to Log Analytics as the central destination for logging and monitoring. This allows you to monitor control plane activity on the ACR resource itself.",
+            "guid": "8a488cde-c486-42bc-9bd2-1be77f26e5e6",
+            "link": "https://learn.microsoft.com/azure/container-registry/monitor-service",
+            "service": "ACR",
             "services": [
-                "AKV",
-                "AzurePolicy",
+                "Entra",
+                "ACR",
+                "Monitor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Provision Azure Key Vault with the soft delete and purge policies enabled to allow retention protection for deleted objects.",
-            "training": "https://learn.microsoft.com/training/modules/manage-secrets-with-azure-key-vault/?source=recommendations",
+            "text": "Enable diagnostics logging",
             "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "e3c2df74-3165-4c3a-abe0-5bbe209d490d",
-            "link": "https://learn.microsoft.com/azure/role-based-access-control/security-controls-policy",
-            "service": "SAP",
+            "description": "Service supports disabling public network access either through using service-level IP ACL filtering rule (not NSG or Azure Firewall) or using a 'Disable Public Network Access' toggle switch",
+            "guid": "21d41d25-00b7-407a-b9ea-b40fd3290798",
+            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-private-link",
+            "service": "ACR",
             "services": [
-                "RBAC",
-                "AzurePolicy",
-                "WAF"
+                "VNet",
+                "WAF",
+                "Firewall",
+                "PrivateLink"
             ],
-            "severity": "High",
-            "text": "Based on existing requirements, regulatory and compliance controls (internal/external) - Determine what Azure Policies and Azure RBAC role are needed",
-            "training": "https://learn.microsoft.com/training/paths/describe-azure-management-governance/?source=recommendations",
+            "severity": "Medium",
+            "text": "Control inbound network access with Private Link",
             "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "a4777842-4d11-4678-9d2f-a56c56ad4840",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-security-governance-and-compliance",
-            "service": "SAP",
+            "description": "Disable public network access if inbound network access is secured using Private Link",
+            "guid": "cd289ced-6b17-4db8-8554-62f2aee4553a",
+            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-access-selected-networks#disable-public-network-access",
+            "service": "ACR",
             "services": [
-                "SAP",
-                "Storage",
-                "Defender",
-                "WAF"
+                "WAF",
+                "PrivateLink"
             ],
-            "severity": "High",
-            "text": "When enabling Microsoft Defender for Endpoint on SAP environment, recommend excluding data and log files on DBMS servers instead of targeting all servers. Follow your DBMS vendor's recommendations when excluding target files.",
-            "training": "https://techcommunity.microsoft.com/t5/running-sap-applications-on-the/microsoft-defender-endpoint-mde-for-sap-applications-on-windows/ba-p/3912268",
+            "severity": "Medium",
+            "text": "Disable Public Network access",
             "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "8fe72734-c486-4ba2-a0dc-0591cf65de8e",
-            "link": "https://learn.microsoft.com/azure/defender-for-cloud/just-in-time-access-overview?tabs=defender-for-container-arch-aks",
-            "service": "SAP",
+            "description": "Only the ACR Premium SKU supports Private Link access",
+            "guid": "fc833934-8b26-42d6-ac5f-512925498f6d",
+            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-skus",
+            "service": "ACR",
             "services": [
-                "SAP",
-                "RBAC",
-                "Defender",
-                "WAF"
+                "ACR",
+                "WAF",
+                "PrivateLink"
             ],
-            "severity": "High",
-            "text": "Delegate an SAP admin custom role with just-in-time access of Microsoft Defender for Cloud.",
-            "training": "https://learn.microsoft.com/training/modules/secure-vms-with-azure-security-center/?source=recommendations",
+            "severity": "Medium",
+            "text": "Use an Azure Container Registry SKU that supports Private Link (Premium SKU)",
             "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "1309cccd-5792-466b-aca2-75faa1abfe9d",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-security-governance-and-compliance",
-            "service": "SAP",
+            "description": "Azure Defender for containers or equivalent service should be used to scan container images for vulnerabilities",
+            "guid": "bad37dac-43bc-46ce-8d7a-a9b24604489a",
+            "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-containers-introduction",
+            "service": "ACR",
             "services": [
-                "SAP",
+                "Defender",
+                "ACR",
                 "WAF"
             ],
             "severity": "Low",
-            "text": "encrypt data in transit by integrating the third-party security product with secure network communications (SNC) for DIAG (SAP GUI), RFC, and SPNEGO for HTTPS",
-            "training": "https://learn.microsoft.com/azure/security/fundamentals/encryption-overview#encryption-of-data-in-transit",
+            "text": "Enable Defender for Containers to scan Azure Container Registry for vulnerabilities",
             "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "eeaa3592-829e-42ed-a217-3676aff6691b",
-            "link": "https://learn.microsoft.com/azure/storage/common/storage-encryption-key-model-get?tabs=portal",
-            "service": "SAP",
+            "description": "Deploy trusted code that was validated and scanned for vulnerabilities according to DevSecOps practices.",
+            "guid": "4451e1a2-d345-4293-a763-9637a551c5c0",
+            "service": "ACR",
             "services": [
-                "AKV",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Default to Microsoft-managed keys for principal encryption functionality and use customer-managed keys when required.",
-            "training": "https://learn.microsoft.com/training/modules/manage-secrets-with-azure-key-vault/?source=recommendations",
+            "text": "Deploy validated container images",
             "waf": "Security"
         },
         {
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "4935ada4-2223-4ece-a1b1-23181a541741",
-            "link": "https://learn.microsoft.com/ja-jp/azure/key-vault/general/best-practices",
-            "service": "SAP",
+            "description": "Use the latest versions of supported platforms, programming languages, protocols, and frameworks.",
+            "guid": "4e401955-387e-45ce-b126-cd132af5b20c",
+            "service": "ACR",
             "services": [
-                "AKV",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Use an Azure Key Vault per application per environment per region.",
-            "training": "https://learn.microsoft.com/training/modules/manage-secrets-with-azure-key-vault/?source=recommendations",
+            "text": "Use up-to-date platforms, languages, protocols and frameworks",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.BotService/botServices",
             "checklist": "WAF checklist",
-            "guid": "abc9634d-c44d-41e9-a530-e8444e16aa3c",
-            "link": "https://learn.microsoft.com/azure/key-vault/certificates/certificate-scenarios",
-            "service": "SAP",
+            "guid": "6ad48408-ee72-4734-a476-ba28fdcf590c",
+            "link": "https://learn.microsoft.com/en-us/azure/reliability/reliability-bot",
+            "service": "Bot service",
             "services": [
-                "SAP",
-                "AKV",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "To control and manage disk encryption keys and secrets for non-HANA Windows and non-Windows operating systems, use Azure Key Vault. SAP HANA isn't supported with Azure Key Vault, so you must use alternate methods like SAP ABAP or SSH keys.",
-            "training": "https://learn.microsoft.com/training/modules/configure-and-manage-azure-key-vault/?source=recommendations",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Follow reliability support recommendations in Azure Bot Service",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.BotService/botServices",
             "checklist": "WAF checklist",
-            "guid": "209d490d-a477-4784-84d1-16785d2fa56c",
-            "link": "https://learn.microsoft.com/azure/role-based-access-control/built-in-roles",
-            "service": "SAP",
+            "guid": "e65de8e1-3f9c-4cbd-9682-66abca264f9a",
+            "link": "https://learn.microsoft.com/en-us/azure/bot-service/bot-builder-concept-regionalization",
+            "service": "Bot service",
             "services": [
-                "SAP",
-                "RBAC",
-                "Subscriptions",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Customize role-based access control (RBAC) roles for SAP on Azure spoke subscriptions to avoid accidental network-related changes",
-            "training": "https://learn.microsoft.com/training/modules/secure-azure-resources-with-rbac/?source=recommendations",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Deploying bots with local data residency and regional compliance",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.BotService/botServices",
             "checklist": "WAF checklist",
-            "guid": "56ad4840-8fe7-4273-9c48-6ba280dc0591",
-            "link": "https://blogs.sap.com/2019/07/21/sap-security-operations-on-azure/",
-            "service": "SAP",
+            "guid": "19bfe9d5-5d04-4c3c-9919-ca1b2d1215ae",
+            "link": "https://learn.microsoft.com/en-us/azure/reliability/reliability-bot#cross-region-disaster-recovery-in-multi-region-geography",
+            "service": "Bot service",
             "services": [
-                "PrivateLink",
-                "SAP",
-                "NVA",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Isolate DMZs and NVAs from the rest of the SAP estate, configure Azure Private Link, and securely manage and control the SAP on Azure resources",
-            "training": "https://learn.microsoft.com/azure/architecture/reference-architectures/dmz/secure-vnet-dmz?tabs=portal",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Azure Bot Service runs in active-active mode for both global and regional services. When an outage occurs, you don't need to detect errors or manage the service. Azure Bot Service automatically performs auto failover and auto recovery in a multi-region geographical architecture. For the EU bot regional service, Azure Bot Service provides two full regions inside Europe with active/active replication to ensure redundancy. For the global bot service, all available regions/geographies can be served as the global footprint.",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.ServiceBus/namespaces",
             "checklist": "WAF checklist",
-            "guid": "e124ba34-df68-45ed-bce9-bd3bb0cdb3b5",
-            "link": "https://learn.microsoft.com/en-us/training/modules/secure-vms-with-azure-security-center/?source=recommendations",
-            "service": "SAP",
+            "description": "Azure Service Bus Premium provides encryption of data at rest. If you use your own key, the data is still encrypted using the Microsoft-managed key, but in addition the Microsoft-managed key will be encrypted using the customer-managed key. ",
+            "guid": "87af4a79-1f89-439b-ba47-768e14c11567",
+            "link": "https://learn.microsoft.com/azure/service-bus-messaging/configure-customer-managed-key",
+            "service": "Service Bus",
             "services": [
-                "Storage",
-                "VM",
+                "ServiceBus",
                 "WAF"
             ],
             "severity": "Low",
-            "text": "Consider using Microsoft anti-malware software on Azure to protect your virtual machines from malicious files, adware, and other threats.",
-            "training": "https://azure.microsoft.com/blog/deploying-antimalware-solutions-on-azure-virtual-machines/",
+            "text": "Use customer-managed key option in data at rest encryption when required",
+            "training": "https://learn.microsoft.com/learn/modules/plan-implement-administer-conditional-access/",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.ServiceBus/namespaces",
             "checklist": "WAF checklist",
-            "guid": "5eb2ec14-eeaa-4359-8829-e2edb2173676",
-            "link": "https://learn.microsoft.com/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide",
-            "service": "SAP",
+            "description": "Communication between a client application and an Azure Service Bus namespace is encrypted using Transport Layer Security (TLS). Azure Service Bus namespaces permit clients to send and receive data with TLS 1.0 and above. To enforce stricter security measures, you can configure your Service Bus namespace to require that clients send and receive data with a newer version of TLS.",
+            "guid": "5c1ea55b-46a9-448f-b8ae-7d7e4b475b6c",
+            "link": "https://learn.microsoft.com/azure/service-bus-messaging/transport-layer-security-enforce-minimum-version",
+            "service": "Service Bus",
             "services": [
-                "Defender",
+                "ServiceBus",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "For even more powerful protection, consider using Microsoft Defender for Endpoint.",
-            "training": "https://learn.microsoft.com/training/modules/implement-endpoint-protection-use-microsoft-defender/?source=recommendations",
+            "severity": "Medium",
+            "text": "Enforce a minimum required version of Transport Layer Security (TLS) for requests ",
+            "training": "https://learn.microsoft.com/learn/modules/secure-aad-users-with-mfa/",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.ServiceBus/namespaces",
             "checklist": "WAF checklist",
-            "guid": "87a924c4-25c2-419f-a2f0-96c7c4fe4525",
-            "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-whole-landscape",
-            "service": "SAP",
+            "description": "When you create a Service Bus namespace, a SAS rule named RootManageSharedAccessKey is automatically created for the namespace. This policy has Manage permissions for the entire namespace. It's recommended that you treat this rule like an administrative root account and don't use it in your application.  Using AAD as an authentication provider with RBAC is recommended. ",
+            "guid": "8bcbf59b-ce65-4de8-a03f-97879468d66a",
+            "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-sas#shared-access-authorization-policies",
+            "service": "Service Bus",
             "services": [
-                "SAP",
-                "VNet",
-                "WAF"
+                "AzurePolicy",
+                "Entra",
+                "WAF",
+                "ServiceBus",
+                "RBAC",
+                "TrafficManager"
             ],
-            "severity": "High",
-            "text": "Isolate the SAP application and database servers from the internet or from the on-premises network by passing all traffic through the hub virtual network, which is connected to the spoke network by virtual network peering. The peered virtual networks guarantee that the SAP on Azure solution is isolated from the public internet.",
-            "training": "https://learn.microsoft.com/training/modules/explore-azure-networking/?source=recommendations",
+            "severity": "Medium",
+            "text": "Avoid using root account when it is not necessary",
+            "training": "https://learn.microsoft.com/learn/paths/azure-administrator-manage-identities-governance/",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.ServiceBus/namespaces",
             "checklist": "WAF checklist",
-            "guid": "491ca1c4-3d40-42c0-9d85-b8933999590b",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-security-governance-and-compliance",
-            "service": "SAP",
+            "description": "A Service Bus client app running inside an Azure App Service application or in a virtual machine with enabled managed entities for Azure resources support does not need to handle SAS rules and keys, or any other access tokens. The client app only needs the endpoint address of the Service Bus Messaging namespace. ",
+            "guid": "786d60f9-6c96-4ad8-a55d-04c2b39c986b",
+            "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-managed-service-identity",
+            "service": "Service Bus",
             "services": [
-                "SAP",
-                "WAF"
+                "Storage",
+                "Entra",
+                "WAF",
+                "AKV",
+                "ServiceBus",
+                "VM",
+                "AppSvc"
             ],
-            "severity": "Low",
-            "text": "For internet-facing applications like SAP Fiori, make sure to distribute load per application requirements while maintaining security levels. For Layer 7 security, you can use a third-party Web Application Firewall (WAF) available in the Azure Marketplace.",
-            "training": "https://learn.microsoft.com/training/modules/simplify-cloud-procurement-governance-azure-marketplace/?source=recommendations",
+            "severity": "Medium",
+            "text": "When possible, your application should be using a managed identity to authenticate to Azure Service Bus. If not, consider having the storage credential (SAS, service principal credential) in Azure Key Vault or an equivalent service",
+            "training": "https://learn.microsoft.com/learn/modules/azure-ad-privileged-identity-management/",
             "waf": "Security"
         },
         {
+            "arm-service": "Microsoft.ServiceBus/namespaces",
             "checklist": "WAF checklist",
-            "guid": "9fc945b9-0527-47af-8200-9d652fe02fcc",
-            "link": "https://learn.microsoft.com/azure/sap/monitor/enable-tls-azure-monitor-sap-solutions",
-            "service": "SAP",
+            "description": "When creating permissions, provide fine-grained control over a client's access to Azure Service Bus. Permissions in Azure Service Bus can and should be scoped to the individual resource level e.g. queue, topic or subscription. ",
+            "guid": "f615658d-e558-4f93-9249-b831112dbd7e",
+            "link": "https://learn.microsoft.com/azure/service-bus-messaging/authenticate-application#azure-built-in-roles-for-azure-service-bus",
+            "service": "Service Bus",
+            "services": [
+                "Storage",
+                "WAF",
+                "Subscriptions",
+                "ServiceBus",
+                "RBAC"
+            ],
+            "severity": "High",
+            "text": "Use least privilege data plane RBAC",
+            "training": "https://learn.microsoft.com/learn/modules/explore-basic-services-identity-types/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.ServiceBus/namespaces",
+            "checklist": "WAF checklist",
+            "description": "Azure Service Bus resource logs include operational logs,  virtual network and IP filtering logs. Runtime audit logs capture aggregated diagnostic information for various data plane access operations (such as send or receive messages) in Service Bus.",
+            "guid": "af12e7f9-43f6-4304-922d-929c2b1cd622",
+            "link": "https://learn.microsoft.com/azure/service-bus-messaging/monitor-service-bus-reference",
+            "service": "Service Bus",
             "services": [
-                "SAP",
-                "AKV",
                 "Monitor",
-                "WAF"
+                "ServiceBus",
+                "WAF",
+                "VNet"
             ],
             "severity": "Medium",
-            "text": "To enable secure communication in Azure Monitor for SAP solutions, you can choose to use either a root certificate or a server certificate. We highly recommend that you use root certificates.",
-            "training": "https://learn.microsoft.com/training/modules/implement-azure-monitoring-sap-workloads-azure-virtual-machines/?source=recommendations",
+            "text": "Enable logging for security investigation. Use Azure Monitor to trace resource logs and runtime audit logs (currently available only in the premium tier)",
+            "training": "https://learn.microsoft.com/learn/paths/manage-identity-and-access/",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AppPlatform/Spring",
+            "arm-service": "Microsoft.ServiceBus/namespaces",
             "checklist": "WAF checklist",
-            "guid": "6d8e32a8-3892-479d-a40b-10f6b4f6f298",
-            "link": "https://learn.microsoft.com/azure/spring-apps/concepts-blue-green-deployment-strategies",
-            "service": "Spring Apps",
+            "description": "Azure Service Bus by default has a public IP address and is Internet-reachable. Private endpoints allow traffic between your virtual network and Azure Service Bus traverses over the Microsoft backbone network. In addition to that, you should disable public endpoints if those are not used. ",
+            "guid": "9ae669ca-48e4-4a85-b222-3ece8bb12307",
+            "link": "https://learn.microsoft.com/azure/service-bus-messaging/private-link-service",
+            "service": "Service Bus",
             "services": [
-                "WAF"
+                "ServiceBus",
+                "VNet",
+                "WAF",
+                "PrivateLink"
             ],
             "severity": "Medium",
-            "text": "Azure Spring Apps permits two deployments for every app, only one of which receives production traffic. You can achieve zero downtime with blue green deployment strategies. Blue green deployment is only available in Standard and Enterprise tiers. You could automate deployment using CI/CD with ADO/GitHub actions",
-            "waf": "Reliability"
+            "text": "Consider using private endpoints to access Azure Service Bus and disable public network access when applicable.",
+            "training": "https://learn.microsoft.com/learn/modules/azure-ad-privileged-identity-management/",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AppPlatform/Spring",
+            "arm-service": "Microsoft.ServiceBus/namespaces",
             "checklist": "WAF checklist",
-            "guid": "fbcb40ac-9480-4a6d-bcf4-8081252a6716",
-            "link": "https://learn.microsoft.com/azure/architecture/web-apps/spring-apps/architectures/spring-apps-multi-region",
-            "service": "Spring Apps",
+            "description": "With IP firewall, you can restrict the public endpoint further to only a set of IPv4 addresses or IPv4 address ranges in CIDR (Classless Inter-Domain Routing) notation. ",
+            "guid": "ca5f06f1-58e3-4ea3-a92c-2de7e2165c3a",
+            "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-ip-filtering",
+            "service": "Service Bus",
             "services": [
-                "TrafficManager",
-                "FrontDoor",
+                "ServiceBus",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Azure Spring Apps instances could be created in multiple regions for your applications and traffic could be routed by Traffic Manager/Front Door.",
-            "waf": "Reliability"
+            "text": "Consider only allowing access to Azure Service Bus namespace from specific IP addresses or ranges",
+            "training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AppPlatform/Spring",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "ff1ae6a7-9301-4feb-9d11-56cd72f1d4ef",
-            "link": "https://learn.microsoft.com/azure/reliability/reliability-spring-apps",
-            "service": "Spring Apps",
+            "guid": "4238f409-2ea0-43be-a06b-2a993c98aa7b",
+            "link": "https://learn.microsoft.com/en-us/azure/azure-functions/functions-scale#overview-of-plans",
+            "service": "Azure Functions",
             "services": [
-                "ACR",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "In supported region, Azure Spring Apps can be deployed as zone redundant, which means that instances are automatically distributed across availability zones. This feature is only available in Standard and Enterprise tiers.",
+            "severity": "High",
+            "text": "Select the right Function hosting plan based on your business & SLO requirements",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.AppPlatform/Spring",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "ffc735ad-fbb1-4802-b43f-ad6387c4c066",
-            "link": "https://learn.microsoft.com/azure/spring-apps/concept-understand-app-and-deployment",
-            "service": "Spring Apps",
+            "guid": "a9808100-d640-4f77-ac56-1ec0600f6752",
+            "link": "https://learn.microsoft.com/en-us/azure/azure-functions/functions-scale#overview-of-plans",
+            "service": "Azure Functions",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Use more than 1 app instance for your apps",
+            "severity": "High",
+            "text": "Leverage Availability Zones where regionally applicable (not available for Consumption tier)",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.AppPlatform/Spring",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "7504c230-6035-4183-95a5-85762acc6075",
-            "link": "https://learn.microsoft.com/azure/spring-apps/diagnostic-services",
-            "service": "Spring Apps",
+            "guid": "5969d03e-eacf-4042-b127-73c55e3575fa",
+            "link": "https://learn.microsoft.com/en-us/azure/reliability/reliability-functions?tabs=azure-portal#cross-region-disaster-recovery-and-business-continuity",
+            "service": "Azure Functions",
             "services": [
-                "Monitor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Monitor Azure Spring Apps with logs, metrics and tracing. Integrate ASA with application insights and track failures and create workbooks.",
+            "text": "Consider a Cross-Region DR strategy for critical workloads",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.AppPlatform/Spring",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "1eb48d58-3eec-4ef5-80b0-d2b0dde3f0c6",
-            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-configure-enterprise-spring-cloud-gateway",
-            "service": "Spring Apps",
+            "guid": "47a0aae0-d8a0-43b1-9791-e934dee3754c",
+            "link": "https://learn.microsoft.com/en-us/azure/app-service/environment/intro",
+            "service": "Azure Functions",
             "services": [
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
-            "severity": "Medium",
-            "text": "Set up autoscaling in Spring Cloud Gateway",
+            "severity": "High",
+            "text": "If deploying to an Isolated environment, use or migrate to App Service Environment (ASE) v3",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.AppPlatform/Spring",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "97411607-b6fd-4335-99d1-9885faf4e392",
-            "link": "https://learn.microsoft.com/azure/spring-apps/how-to-setup-autoscale",
-            "service": "Spring Apps",
+            "guid": "17232891-f89f-4eaa-90f1-3b34bf798ed5",
+            "link": "https://learn.microsoft.com/en-us/azure/azure-functions/dedicated-plan#always-on",
+            "service": "Azure Functions",
             "services": [
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
-            "severity": "Low",
-            "text": "Enable autoscale for the apps with Standard consumption & dedicated plan.",
+            "severity": "High",
+            "text": "Ensure 'Always On' is enabled for all Function Apps running on App Service Plan",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.AppPlatform/Spring",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "dfcaffd1-d27c-4ef2-998d-64c1df3a7ac3",
-            "link": "https://learn.microsoft.com/azure/spring-apps/overview",
-            "service": "Spring Apps",
+            "guid": "40a325c2-7c0e-49e6-86d8-c273b4dc21ba",
+            "link": "https://learn.microsoft.com/en-us/azure/azure-functions/storage-considerations?tabs=azure-cli#shared-storage-accounts",
+            "service": "Azure Functions",
             "services": [
+                "Storage",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use Enterprise plan for commercial support of spring boot for mission critical apps. With other tiers you get OSS support.",
+            "text": "Pair a Function App to its own storage account. Try not to re-use storage accounts for Function Apps unless they are tightly coupled",
             "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "bb235c70-5e17-496f-bedf-a8a4c8cdec4c",
-            "link": "https://learn.microsoft.com/entra/identity-platform/msal-acquire-cache-tokens",
-            "service": "Entra",
+            "guid": "bb42650c-257d-4cb0-822a-131138b8e6f0",
+            "link": "https://learn.microsoft.com/en-us/training/modules/deploy-azure-functions/",
+            "service": "Azure Functions",
             "services": [
-                "Entra",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use long-live revocable token, cache your token and acquire your silently using Microsoft Identity Library",
-            "waf": "Reliability"
+            "text": "Leverage Azure DevOps or GitHub to streamline CI/CD and safeguard your Function App code",
+            "waf": "Operations"
         },
         {
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "503547c1-447e-4c66-828a-71f0f1ce16dd",
-            "link": "https://learn.microsoft.com/azure/active-directory-b2c/deploy-custom-policies-devops",
-            "service": "AAD B2C",
+            "guid": "21c30d25-ffb7-4f6a-b9ea-b3fec328f787",
+            "link": "https://github.com/Azure/fta-resiliencyplaybooks/blob/main/paas-foundations-playbooks-cog_svcs_v1.docx",
+            "service": "Cognitive Services",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Make sure that your sign-in user flows are backed up and resilient. Make sure that the code that you use to sign-in your users are backed up and recoverable. Resilient interfaces with external processes",
+            "text": "Leverage FTA HandBook for Cognitive Services",
             "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "3e3553a4-c873-4964-ab66-2d6c15f51296",
-            "link": "https://learn.microsoft.com/entra/architecture/resilient-end-user-experience#use-a-content-delivery-network",
-            "service": "AAD B2C",
+            "guid": "78c34698-16b2-4763-aefe-1b9b599de0d5",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/concepts/advanced-prompt-engineering?pivots=programming-language-chat-completions",
+            "service": "Cognitive Services",
             "services": [
-                "WAF"
+                "WAF",
+                "Backup"
             ],
             "severity": "Medium",
-            "text": "Custom brand assets should be hosted on a CDN",
-            "waf": "Performance"
+            "text": "Backup Your Prompts",
+            "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "5398e6df-d237-4de1-93b1-6c21d79a9b64",
-            "link": "https://learn.microsoft.com/entra/identity/monitoring-health/reference-sla-performance",
-            "service": "AAD B2C",
+            "guid": "750ab2ab-039d-4a6d-95d7-c892adb107d5",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/business-continuity-disaster-recovery",
+            "service": "Cognitive Services",
             "services": [
+                "ASR",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Have multiple identiy providers (i.e., login with your microsoft, google, facebook accounts)",
+            "severity": "High",
+            "text": "Business Continuity and Disaster Recovery (BCDR) considerations with Azure OpenAI Service",
             "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "604489a8-f42d-478e-98c0-7a73b22a4a57",
-            "link": "https://azure.microsoft.com/blog/setting-up-active-directory-for-a-disaster-recovery-environment-2/",
-            "service": "Windows AD",
+            "guid": "325af625-ca44-4e46-a5e2-223ace8bb123",
+            "link": "https://github.com/abacaj/chatgpt-backup#backup-your-chatgpt-conversations",
+            "service": "Cognitive Services",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "Backup"
             ],
             "severity": "Medium",
-            "text": "Follow VM rules for high availability on the VM level (premium disks, two or more in a region, in different availability zones)",
+            "text": "Backup Your ChatGPT conversations",
             "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "e7a8dd4a-30e3-47c3-b297-11b2362ceee0",
-            "link": "https://azure.microsoft.com/blog/setting-up-active-directory-for-a-disaster-recovery-environment-2/",
-            "service": "Windows AD",
+            "guid": "07ca5f17-f154-4e3a-a369-2829e7e31618",
+            "link": "https://learn.microsoft.com/azure/ai-services/speech-service/how-to-custom-speech-continuous-integration-continuous-deployment",
+            "service": "Cognitive Services",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Don't replicate! Replication can create issues with directory synchronization",
+            "text": "CI/CD for custom speech",
             "waf": "Reliability"
         },
         {
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "79b598de-fc59-472c-b4cd-21b078036f5e",
-            "link": "https://azure.microsoft.com/blog/setting-up-active-directory-for-a-disaster-recovery-environment-2/",
-            "service": "Windows AD",
+            "guid": "3687a046-7a1f-4893-9bda-43324f248116",
+            "link": "https://learn.microsoft.com/azure/ai-services/qnamaker/tutorials/export-knowledge-base",
+            "service": "Cognitive Services",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Have active-active for multi-regions",
+            "severity": "Low",
+            "text": "Move a knowledge base using export-import",
             "waf": "Reliability"
         },
         {
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "6b4bfd3d-5035-447c-8447-ec66128a71f0",
-            "link": "https://learn.microsoft.com/entra/identity/domain-services/tutorial-perform-disaster-recovery-drill",
-            "service": "Entra",
+            "guid": "b32e1aa1-4813-4602-88fe-27ca2891f421",
+            "link": "https://learn.microsoft.com/en-us/azure/architecture/reference-architectures/app-service-web-app/zone-redundant?source=recommendations",
+            "service": "App Services",
             "services": [
-                "Entra",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Add Azure AD Domain service stamps to additional regions and locations",
+            "severity": "Low",
+            "text": "Refer to baseline highly available zone-redundant web application architecture for best practices",
             "waf": "Reliability"
         },
         {
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "f1ce16dd-3f1d-45e8-92e4-2e3611cc58b4",
-            "link": "https://learn.microsoft.com/entra/identity/domain-services/tutorial-perform-disaster-recovery-drill",
-            "service": "Entra",
+            "guid": "e4b31c6a-2e3f-4df1-8e8b-9c3aa5a27820",
+            "link": "https://learn.microsoft.com/en-us/azure/app-service/overview-hosting-plans",
+            "service": "App Services",
             "services": [
-                "WAF"
+                "WAF",
+                "Backup"
             ],
             "severity": "Medium",
-            "text": "Use Replica Sets for DR",
+            "text": "Use Premium and Standard tiers. These tiers support staging slots and automated backups.",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.ServiceBus/namespaces",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "description": "Azure Service Bus Premium provides encryption of data at rest. If you use your own key, the data is still encrypted using the Microsoft-managed key, but in addition the Microsoft-managed key will be encrypted using the customer-managed key. ",
-            "guid": "87af4a79-1f89-439b-ba47-768e14c11567",
-            "link": "https://learn.microsoft.com/azure/service-bus-messaging/configure-customer-managed-key",
-            "service": "Service Bus",
+            "guid": "a7e2e6c2-491f-4fa4-a82b-521d0bc3b202",
+            "link": "https://learn.microsoft.com/en-us/azure/reliability/migrate-app-service",
+            "service": "App Services",
             "services": [
-                "ServiceBus",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Use customer-managed key option in data at rest encryption when required",
-            "training": "https://learn.microsoft.com/learn/modules/plan-implement-administer-conditional-access/",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Leverage Availability Zones where regionally applicable (requires Premium v2 or v3 tier)",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.ServiceBus/namespaces",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "description": "Communication between a client application and an Azure Service Bus namespace is encrypted using Transport Layer Security (TLS). Azure Service Bus namespaces permit clients to send and receive data with TLS 1.0 and above. To enforce stricter security measures, you can configure your Service Bus namespace to require that clients send and receive data with a newer version of TLS.",
-            "guid": "5c1ea55b-46a9-448f-b8ae-7d7e4b475b6c",
-            "link": "https://learn.microsoft.com/azure/service-bus-messaging/transport-layer-security-enforce-minimum-version",
-            "service": "Service Bus",
+            "guid": "1275e4a9-7b6a-43c3-a9cd-5ee18d8995ad",
+            "link": "https://learn.microsoft.com/en-us/azure/app-service/monitor-instances-health-check",
+            "service": "App Services",
             "services": [
-                "ServiceBus",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Enforce a minimum required version of Transport Layer Security (TLS) for requests ",
-            "training": "https://learn.microsoft.com/learn/modules/secure-aad-users-with-mfa/",
-            "waf": "Security"
+            "text": "Implement health checks",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.ServiceBus/namespaces",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "description": "When you create a Service Bus namespace, a SAS rule named RootManageSharedAccessKey is automatically created for the namespace. This policy has Manage permissions for the entire namespace. It's recommended that you treat this rule like an administrative root account and don't use it in your application.  Using AAD as an authentication provider with RBAC is recommended. ",
-            "guid": "8bcbf59b-ce65-4de8-a03f-97879468d66a",
-            "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-sas#shared-access-authorization-policies",
-            "service": "Service Bus",
+            "guid": "35a91c5d-4ad6-4d9b-8e0f-c47db9e6d1e7",
+            "link": "https://learn.microsoft.com/en-us/azure/app-service/manage-backup",
+            "service": "App Services",
             "services": [
-                "Entra",
-                "AzurePolicy",
-                "TrafficManager",
-                "RBAC",
-                "ServiceBus",
-                "WAF"
+                "WAF",
+                "AppSvc",
+                "Backup"
             ],
-            "severity": "Medium",
-            "text": "Avoid using root account when it is not necessary",
-            "training": "https://learn.microsoft.com/learn/paths/azure-administrator-manage-identities-governance/",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Refer to backup and restore best practices for Azure App Service",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.ServiceBus/namespaces",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "description": "A Service Bus client app running inside an Azure App Service application or in a virtual machine with enabled managed entities for Azure resources support does not need to handle SAS rules and keys, or any other access tokens. The client app only needs the endpoint address of the Service Bus Messaging namespace. ",
-            "guid": "786d60f9-6c96-4ad8-a55d-04c2b39c986b",
-            "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-managed-service-identity",
-            "service": "Service Bus",
+            "guid": "e68cd0ec-afc6-4bd8-a27f-7860ad9a0db2",
+            "link": "https://learn.microsoft.com/en-us/azure/architecture/framework/services/compute/azure-app-service/reliability",
+            "service": "App Services",
             "services": [
-                "Entra",
-                "AKV",
-                "Storage",
-                "VM",
-                "AppSvc",
-                "ServiceBus",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
-            "severity": "Medium",
-            "text": "When possible, your application should be using a managed identity to authenticate to Azure Service Bus. If not, consider having the storage credential (SAS, service principal credential) in Azure Key Vault or an equivalent service",
-            "training": "https://learn.microsoft.com/learn/modules/azure-ad-privileged-identity-management/",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Implement Azure App Service reliability best practices",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.ServiceBus/namespaces",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "description": "When creating permissions, provide fine-grained control over a client's access to Azure Service Bus. Permissions in Azure Service Bus can and should be scoped to the individual resource level e.g. queue, topic or subscription. ",
-            "guid": "f615658d-e558-4f93-9249-b831112dbd7e",
-            "link": "https://learn.microsoft.com/azure/service-bus-messaging/authenticate-application#azure-built-in-roles-for-azure-service-bus",
-            "service": "Service Bus",
+            "guid": "bd2a865c-0835-4418-bb58-4df91a5a9b3f",
+            "link": "https://learn.microsoft.com/en-us/azure/app-service/manage-disaster-recovery#recover-app-content-only",
+            "service": "App Services",
+            "services": [
+                "WAF",
+                "AppSvc"
+            ],
+            "severity": "Low",
+            "text": "Familiarize with how to move an App Service app to another region During a disaster",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.web/sites",
+            "checklist": "WAF checklist",
+            "guid": "f3d2f1e4-e6d4-4b7a-a5a5-e2a9b2c6f293",
+            "link": "https://learn.microsoft.com/en-us/azure/reliability/reliability-app-service",
+            "service": "App Services",
             "services": [
-                "Storage",
-                "RBAC",
-                "Subscriptions",
-                "ServiceBus",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
             "severity": "High",
-            "text": "Use least privilege data plane RBAC",
-            "training": "https://learn.microsoft.com/learn/modules/explore-basic-services-identity-types/",
-            "waf": "Security"
+            "text": "Familiarize with reliability support in Azure App Service",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.ServiceBus/namespaces",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "description": "Azure Service Bus resource logs include operational logs,  virtual network and IP filtering logs. Runtime audit logs capture aggregated diagnostic information for various data plane access operations (such as send or receive messages) in Service Bus.",
-            "guid": "af12e7f9-43f6-4304-922d-929c2b1cd622",
-            "link": "https://learn.microsoft.com/azure/service-bus-messaging/monitor-service-bus-reference",
-            "service": "Service Bus",
+            "guid": "c7b5f3d1-0569-4fd2-9f32-c0b64e9c0c5e",
+            "link": "https://learn.microsoft.com/en-us/azure/azure-functions/dedicated-plan#always-on",
+            "service": "App Services",
             "services": [
-                "Monitor",
-                "VNet",
-                "ServiceBus",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
             "severity": "Medium",
-            "text": "Enable logging for security investigation. Use Azure Monitor to trace resource logs and runtime audit logs (currently available only in the premium tier)",
-            "training": "https://learn.microsoft.com/learn/paths/manage-identity-and-access/",
-            "waf": "Security"
+            "text": "Ensure \"Always On\" is enabled for Function Apps running on a app service plan",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.ServiceBus/namespaces",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "description": "Azure Service Bus by default has a public IP address and is Internet-reachable. Private endpoints allow traffic between your virtual network and Azure Service Bus traverses over the Microsoft backbone network. In addition to that, you should disable public endpoints if those are not used. ",
-            "guid": "9ae669ca-48e4-4a85-b222-3ece8bb12307",
-            "link": "https://learn.microsoft.com/azure/service-bus-messaging/private-link-service",
-            "service": "Service Bus",
+            "guid": "a3b4d5f6-758c-4f9d-9e1a-d7c6b7e8f9ab",
+            "link": "https://learn.microsoft.com/en-us/azure/app-service/monitor-instances-health-check",
+            "service": "App Services",
             "services": [
-                "PrivateLink",
-                "ServiceBus",
-                "VNet",
-                "WAF"
+                "Monitor",
+                "WAF",
+                "AppSvc"
             ],
             "severity": "Medium",
-            "text": "Consider using private endpoints to access Azure Service Bus and disable public network access when applicable.",
-            "training": "https://learn.microsoft.com/learn/modules/azure-ad-privileged-identity-management/",
-            "waf": "Security"
+            "text": "Monitor App Service instances using Health checks",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.ServiceBus/namespaces",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "description": "With IP firewall, you can restrict the public endpoint further to only a set of IPv4 addresses or IPv4 address ranges in CIDR (Classless Inter-Domain Routing) notation. ",
-            "guid": "ca5f06f1-58e3-4ea3-a92c-2de7e2165c3a",
-            "link": "https://learn.microsoft.com/azure/service-bus-messaging/service-bus-ip-filtering",
-            "service": "Service Bus",
+            "guid": "c7d3e5f9-a19c-4833-8ca6-1dcb0128e129",
+            "link": "https://learn.microsoft.com/en-us/azure/azure-monitor/app/availability-overview",
+            "service": "App Services",
             "services": [
-                "ServiceBus",
+                "Monitor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Consider only allowing access to Azure Service Bus namespace from specific IP addresses or ranges",
-            "training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
-            "waf": "Security"
+            "text": "Monitor availability and responsiveness of web app or website using Application Insights availability tests",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "d7941d4a-7b6f-458f-8714-2f8f8c059ad4",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-error-handling-policies",
-            "service": "APIM",
+            "guid": "b4e3f2d5-a5c6-4d7e-8b2f-c5d9e7a8f0ea",
+            "link": "https://learn.microsoft.com/en-us/azure/azure-monitor/app/availability-standard-tests",
+            "service": "App Services",
             "services": [
-                "AzurePolicy",
+                "Monitor",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Implement an error handling policy at the global level",
-            "waf": "Operations"
+            "severity": "Low",
+            "text": "Use Application Insights Standard test to monitor availability and responsiveness of web app or website",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "0b0c0765-ff37-4369-90bd-3eb23ce71b08",
-            "link": "https://learn.microsoft.com/azure/api-management/set-edit-policies?tabs=form#use-base-element-to-set-policy-evaluation-order",
-            "service": "APIM",
+            "description": "Use Azure Key Vault to store any secrets the application needs.  Key Vault provides a safe and audited environment for storing secrets and is well-integrated with App Service through the Key Vault SDK or App Service Key Vault References.",
+            "guid": "834ac932-223e-4ce8-8b12-3071a5416415",
+            "link": "https://learn.microsoft.com/azure/app-service/app-service-key-vault-references",
+            "service": "App Services",
             "services": [
-                "AzurePolicy",
-                "WAF"
+                "WAF",
+                "AKV",
+                "AppSvc"
             ],
-            "severity": "Medium",
-            "text": "Ensure all APIs policies include a <base/> element.",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Use Key Vault to store secrets",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "a5c45b03-93b6-42fe-b16b-8fccb6a79902",
-            "link": "https://learn.microsoft.com/azure/api-management/policy-fragments",
-            "service": "APIM",
+            "description": "Use a Managed Identity to connect to Key Vault either using the Key Vault SDK or through App Service Key Vault References.",
+            "guid": "833ea3ad-2c2d-4e73-8165-c3acbef4abe1",
+            "link": "https://learn.microsoft.com/azure/app-service/app-service-key-vault-references",
+            "service": "App Services",
             "services": [
-                "ACR",
-                "AzurePolicy",
-                "WAF"
+                "Entra",
+                "WAF",
+                "AKV",
+                "AppSvc"
             ],
-            "severity": "Medium",
-            "text": "Use Policy Fragments to avoid repeating same policies definitions across multiple APIs",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Use Managed Identity to connect to Key Vault",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "c3818a95-6ff3-4474-88dc-e809b46dad6a",
-            "link": "https://learn.microsoft.com/azure/api-management/monetization-support",
-            "service": "APIM",
+            "description": "Store the App Service TLS certificate in Key Vault.",
+            "guid": "f8d39fda-4776-4831-9c11-5775c2ea55b4",
+            "link": "https://learn.microsoft.com/azure/app-service/configure-ssl-certificate",
+            "service": "App Services",
             "services": [
-                "WAF"
+                "WAF",
+                "AKV",
+                "AppSvc"
             ],
-            "severity": "Medium",
-            "text": "If you are planning to monetize your APIs, review the 'monetization support' article for best practices",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Use Key Vault to store TLS certificate.",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "a7d0840a-c8c4-4e83-adec-5ca578eb4049",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-use-azure-monitor#resource-logs",
-            "service": "APIM",
+            "description": "Systems that process sensitive information should be isolated.  To do so, use separate App Service Plans or App Service Environments and consider the use of different subscriptions or management groups.",
+            "guid": "6ad48408-ee72-4734-a475-ba18fdbf590c",
+            "link": "https://learn.microsoft.com/azure/app-service/overview-hosting-plans",
+            "service": "App Services",
             "services": [
-                "Monitor",
-                "WAF"
+                "WAF",
+                "Subscriptions",
+                "AppSvc"
             ],
-            "severity": "High",
-            "text": "Enable Diagnostics Settings to export logs to Azure Monitor",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Isolate systems that process sensitive information",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "8691fa38-45ed-4299-a247-fecd98d35deb",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-app-insights",
-            "service": "APIM",
+            "description": "Local disks on App Service are not encrypted and sensitive data should not be stored on those.  (For example: D:\\\\Local and %TMP%).",
+            "guid": "e65de8e0-3f9b-4cbd-9682-66abca264f9a",
+            "link": "https://learn.microsoft.com/azure/app-service/operating-system-functionality#file-access",
+            "service": "App Services",
             "services": [
-                "WAF"
+                "TrafficManager",
+                "WAF",
+                "AppSvc"
             ],
             "severity": "Medium",
-            "text": "Enable Application Insights for more detailed telemetry",
-            "waf": "Operations"
+            "text": "Do not store sensitive data on local disk",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "55fd27bb-76ac-4a91-bc37-049e885be6b7",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-use-azure-monitor",
-            "service": "APIM",
+            "description": "For authenticated web application, use a well established Identity Provider like Azure AD or Azure AD B2C.  Leverage the application framework of your choice to integrate with this provider or use the App Service Authentication / Authorization feature.",
+            "guid": "919ca0b2-c121-459e-814b-933df574eccc",
+            "link": "https://learn.microsoft.com/azure/app-service/overview-authentication-authorization",
+            "service": "App Services",
             "services": [
-                "Monitor",
-                "WAF"
+                "Entra",
+                "WAF",
+                "AppSvc"
             ],
-            "severity": "High",
-            "text": "Configure alerts on the most critical metrics",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Use an established Identity Provider for authentication",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "39460bdb-156f-4dc2-a87f-1e8c11ab0998",
-            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#certificate-management-in-azure-key-vault",
-            "service": "APIM",
+            "description": "Deploy code to App Service from a controlled and trusted environment, like a well-managed and secured DevOps deployment pipeline. This avoids code that was not version controlled and verified to be deployed from a malicious host.",
+            "guid": "3f9bcbd4-6826-46ab-aa26-4f9a19aed9c5",
+            "link": "https://learn.microsoft.com/azure/app-service/deploy-best-practices",
+            "service": "App Services",
             "services": [
-                "AKV",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
             "severity": "High",
-            "text": "Ensure that custom SSL certificates are stored an Azure Key Vault so they can be securely accessed and updated",
+            "text": "Deploy from a trusted environment",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "e9217997-5f6c-479d-8576-8f2adf706ec8",
-            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#azure-ad-authentication-required-for-data-plane-access",
-            "service": "APIM",
+            "description": "Disable basic authentication for both FTP/FTPS and for WebDeploy/SCM.  This disables access to these services and enforces the use of Azure AD secured endpoints for deployment.  Note that the SCM site can also be opened using Azure AD credentials.",
+            "guid": "5d04c2c3-919c-4a0b-8c12-159e114b933d",
+            "link": "https://learn.microsoft.com/azure/app-service/deploy-configure-credentials#disable-basic-authentication",
+            "service": "App Services",
             "services": [
                 "Entra",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Protect incoming requests to APIs (data plane) with Azure AD",
+            "text": "Disable basic authentication",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "5e5f64ba-c90e-480e-8888-398d96cf0bfb",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-aad",
-            "service": "APIM",
+            "description": "Where possible use Managed Identity to connect to Azure AD secured resources.  If this is not possible, store secrets in Key Vault and connect to Key Vault using a Managed Identity instead.",
+            "guid": "f574eccc-d9bd-43ba-bcda-3b54eb2eb03d",
+            "link": "https://learn.microsoft.com/azure/app-service/overview-managed-identity?tabs=portal%2Chttp",
+            "service": "App Services",
             "services": [
                 "Entra",
-                "WAF"
+                "WAF",
+                "AKV"
             ],
-            "severity": "Medium",
-            "text": "Use Microsoft Entra ID to authenticate users in the Developer Portal",
+            "severity": "High",
+            "text": "Use Managed Identity to connect to resources",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "f8e574ce-280f-49c8-b2ef-68279b081cf3",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-create-groups",
-            "service": "APIM",
+            "description": "Where using images stored in Azure Container Registry, pull these using a Managed Identity.",
+            "guid": "d9a25827-18d2-4ddb-8072-5769ee6691a4",
+            "link": "https://learn.microsoft.com/azure/app-service/configure-custom-container#use-managed-identity-to-pull-image-from-azure-container-registry",
+            "service": "App Services",
             "services": [
+                "Entra",
+                "ACR",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Create appropriate groups to control the visibility of the products",
+            "severity": "High",
+            "text": "Pull containers using a Managed Identity",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "06862505-2d9a-4874-9491-2837b00a3475",
-            "link": "https://learn.microsoft.com/azure/api-management/backends",
-            "service": "APIM",
+            "description": "By configuring the diagnostic settings of App Service, you can send all telemetry to Log Analytics as the central destination for logging and monitoring. This allows you to monitor runtime activity of App Service such as HTTP logs, application logs, platform logs, ...",
+            "guid": "47768314-c115-4775-a2ea-55b46ad48408",
+            "link": "https://learn.microsoft.com/azure/app-service/troubleshoot-diagnostic-logs",
+            "service": "App Services",
             "services": [
-                "WAF"
+                "Monitor",
+                "WAF",
+                "AppSvc",
+                "Entra"
             ],
             "severity": "Medium",
-            "text": "Use Backends feature to eliminate redundant API backend configurations",
-            "waf": "Operations"
+            "text": "Send App Service runtime logs to Log Analytics",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "03b125d5-b69b-4739-b7fd-84b86da4933e",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-properties?tabs=azure-portal",
-            "service": "APIM",
+            "description": "Set up a diagnostic setting to send the activity log to Log Analytics as the central destination for logging and monitoring. This allows you to monitor control plane activity on the App Service resource itself.",
+            "guid": "ee72734b-475b-4a18-bdbf-590ce65de8e0",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/essentials/activity-log",
+            "service": "App Services",
             "services": [
-                "AzurePolicy",
-                "WAF"
+                "Monitor",
+                "WAF",
+                "AppSvc",
+                "Entra"
             ],
             "severity": "Medium",
-            "text": "Use Named Values to store common values that can be used in policies",
-            "waf": "Operations"
+            "text": "Send App Service activity logs to Log Analytics",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "beae759e-4ddb-4326-bf26-47f87d3454b6",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-deploy-multi-region",
-            "service": "APIM",
+            "description": "Control outbound network access using a combination of regional VNet integration, network security groups and UDR's.  Traffic should be routed to an NVA such as Azure Firewall.  Ensure to monitor the Firewall's logs.",
+            "guid": "c12159e1-14b9-433d-b574-ecccd9bd3baf",
+            "link": "https://learn.microsoft.com/azure/app-service/overview-vnet-integration",
+            "service": "App Services",
             "services": [
-                "ACR",
-                "WAF"
+                "Monitor",
+                "NVA",
+                "VNet",
+                "WAF",
+                "Firewall"
             ],
             "severity": "Medium",
-            "text": "For DR, leverage the premium tier with deployments scaled across two or more regions for 99.99% SLA",
-            "waf": "Reliability"
+            "text": "Outbound network access should be controlled",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "9c8d1664-dd9a-49d4-bd83-950af0af4044",
-            "link": "https://learn.microsoft.com/azure/api-management/high-availability",
-            "service": "APIM",
+            "description": "You can provide a stable outbound IP by using VNet integration and using a VNet NAT Gateway or an NVA like Azure Firewall.  This allows the receiving party to allow-list based on IP, should that be needed.  Note that for communications towards Azure Services often there's no need to depend on the IP address and mechanics like Service Endpoints should be used instead.  (Also the use of private endpoints on the receiving end avoids for SNAT to happen and provides a stable outbound IP range.)",
+            "guid": "cda3b54e-b2eb-403d-b9a2-582718d2ddb1",
+            "link": "https://learn.microsoft.com/azure/app-service/networking/nat-gateway-integration",
+            "service": "App Services",
             "services": [
-                "WAF"
+                "Storage",
+                "NVA",
+                "VNet",
+                "WAF",
+                "PrivateLink",
+                "Firewall"
             ],
-            "severity": "Medium",
-            "text": "Deploy at least one unit in two or more availability zones for an increased SLA of 99.99%",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "Ensure a stable IP for outbound communications towards internet addresses",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "8d2db6e8-85c6-4118-a52c-ae76a4f27934",
-            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#service-native-backup-capability",
-            "service": "APIM",
+            "description": "Control inbound network access using a combination of App Service Access Restrictions, Service Endpoints or Private Endpoints. Different access restrictions can be required and configured for the web app itself and the SCM site.",
+            "guid": "0725769e-e669-41a4-a34a-c932223ece80",
+            "link": "https://learn.microsoft.com/azure/app-service/networking-features#access-restrictions",
+            "service": "App Services",
             "services": [
-                "Backup",
-                "WAF"
+                "WAF",
+                "AppSvc",
+                "PrivateLink"
             ],
             "severity": "High",
-            "text": "Ensure there is an automated backup routine",
-            "waf": "Reliability"
+            "text": "Inbound network access should be controlled",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "43e60b94-7bca-43a2-aadf-efb04d63a485",
-            "link": "https://learn.microsoft.com/azure/api-management/retry-policy",
-            "service": "APIM",
+            "description": "Protect against malicious inbound traffic using a Web Application Firewall like Application Gateway or Azure Front Door.  Make sure to monitor the WAF's logs.",
+            "guid": "b123071a-5416-4415-a33e-a3ad2c2de732",
+            "link": "https://learn.microsoft.com/azure/app-service/networking/app-gateway-with-service-endpoints",
+            "service": "App Services",
             "services": [
-                "AzurePolicy",
-                "WAF"
+                "Monitor",
+                "AppGW",
+                "WAF",
+                "FrontDoor",
+                "AppSvc"
             ],
-            "severity": "Medium",
-            "text": "Use Policies to add a fail-over backend URL and caching to reduce failing calls.",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Use a WAF in front of App Service",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "8210699f-8d43-45c2-8f19-57e54134bd8f",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-log-event-hubs",
-            "service": "APIM",
+            "description": "Make sure the WAF cannot be bypassed by locking down access to only the WAF.  Use a combination of Access Restrictions, Service Endpoints and Private Endpoints.",
+            "guid": "165c3acb-ef4a-4be1-b8d3-9fda47768314",
+            "link": "https://learn.microsoft.com/azure/app-service/networking-features#access-restrictions",
+            "service": "App Services",
             "services": [
-                "EventHubs",
-                "AzurePolicy",
-                "WAF"
+                "WAF",
+                "PrivateLink"
             ],
-            "severity": "Low",
-            "text": "If you need to log at high performance levels, consider Event Hubs policy",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Avoid for WAF to be bypassed",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "121bfc39-fa7b-4096-b93b-ab56c1bc0bed",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-sample-flexible-throttling",
-            "service": "APIM",
+            "description": "Set minimum TLS policy to 1.2 in App Service configuration.",
+            "graph": "appserviceresources | where type =~ 'microsoft.web/sites/config' | extend compliant = (properties.MinTlsVersion>=1.2) | distinct id,compliant",
+            "guid": "c115775c-2ea5-45b4-9ad4-8408ee72734b",
+            "link": "https://learn.microsoft.com/azure/app-service/configure-ssl-bindings#enforce-tls-versions",
+            "service": "App Services",
             "services": [
-                "AzurePolicy",
-                "WAF"
+                "WAF",
+                "AppSvc",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "Apply throttling policies to control the number of requests per second",
-            "training": "https://learn.microsoft.com/training/modules/protect-apis-on-api-management/",
-            "waf": "Performance"
+            "text": "Set minimum TLS policy to 1.2",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "bb5f356b-3daf-47a2-a9ee-867a8100bbd5",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-autoscale",
-            "service": "APIM",
+            "description": "Configure App Service to use HTTPS only.  This causes App Service to redirect from HTTP to HTTPS.  Strongly consider the use of HTTP Strict Transport Security (HSTS) in your code or from your WAF, which informs browsers that the site should only be accessed using HTTPS.",
+            "graph": "where (type=='microsoft.web/sites' and (kind == 'app' or kind == 'app,linux' )) | extend compliant = (properties.httpsOnly==true) | distinct id,compliant",
+            "guid": "475ba18f-dbf5-490c-b65d-e8e03f9bcbd4",
+            "link": "https://learn.microsoft.com/azure/app-service/configure-ssl-bindings#enforce-https",
+            "service": "App Services",
             "services": [
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
-            "severity": "Medium",
-            "text": "Configure autoscaling to scale out the number of instances when the load increases",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "Use HTTPS only",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "84b94abb-59b6-4b9d-8587-3413669468e8",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-provision-self-hosted-gateway",
-            "service": "APIM",
+            "description": "Do not use wildcards in your CORS configuration, as this allows all origins to access the service (thereby defeating the purpose of CORS). Specifically only allow the origins that you expect to be able to access the service.",
+            "guid": "68266abc-a264-4f9a-89ae-d9c55d04c2c3",
+            "link": "https://learn.microsoft.com/azure/app-service/app-service-web-tutorial-rest-api",
+            "service": "App Services",
             "services": [
+                "Storage",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Deploy self-hosted gateways where Azure doesn't have a region close to the backend APIs.",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "Wildcards must not be used for CORS",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "1fe8db45-a017-4888-8c4d-4422583cfae0",
-            "link": "https://learn.microsoft.com/azure/api-management/upgrade-and-scale#upgrade-and-scale",
-            "service": "APIM",
+            "description": "Remote debugging must not be turned on in production as this opens additional ports on the service which increases the attack surface. Note that the service does turn of remote debugging automatically after 48 hours.",
+            "graph": "appserviceresources | where type =~ 'microsoft.web/sites/config' | extend compliant = (properties.RemoteDebuggingEnabled == false) | distinct id,compliant",
+            "guid": "d9bd3baf-cda3-4b54-bb2e-b03dd9a25827",
+            "link": "https://learn.microsoft.com/azure/app-service/configure-common#configure-general-settings",
+            "service": "App Services",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Use the premium tier for production workloads.",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Turn off remote debugging",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "1b8d68a4-66cd-44d5-ba94-3ee94440e8d6",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-deploy-multi-region#-route-api-calls-to-regional-backend-services",
-            "service": "APIM",
+            "description": "Enable Defender for App Service.  This (amongst other threats) detects communications to known malicious IP addresses.  Review the recommendations from Defender for App Service as part of your operations.",
+            "guid": "18d2ddb1-0725-4769-be66-91a4834ac932",
+            "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-app-service-introduction",
+            "service": "App Services",
             "services": [
-                "AzurePolicy",
-                "WAF"
+                "Defender",
+                "WAF",
+                "AppSvc"
             ],
             "severity": "Medium",
-            "text": "In multi-region model, use Policies to route the requests to regional backends based on availability or latency.",
-            "waf": "Reliability"
+            "text": "Enable Defender for Cloud - Defender for App Service",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "46f07d33-ef9a-44e8-8f98-67c097c5d8cd",
-            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits#api-management-limits",
-            "service": "APIM",
+            "description": "Azure provides DDoS Basic protection on its network, which can be improved with intelligent DDoS Standard capabilities which learns about normal traffic patterns and can detect unusual behavior. DDoS Standard applies to a Virtual Network so it must be configured for the network resource in front of the app, such as Application Gateway or an NVA.",
+            "guid": "223ece80-b123-4071-a541-6415833ea3ad",
+            "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
+            "service": "App Services",
             "services": [
-                "Entra",
-                "APIM",
-                "WAF"
+                "EventHubs",
+                "AppGW",
+                "VNet",
+                "WAF",
+                "NVA",
+                "DDoS"
             ],
-            "severity": "High",
-            "text": "Be aware of APIM's limits",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Enable DDOS Protection Standard on the WAF VNet",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "10f58602-f0f9-4d77-972a-956f6e0f2600",
-            "link": "https://learn.microsoft.com/en-us/azure/api-management/self-hosted-gateway-overview",
-            "service": "APIM",
+            "description": "Where using images stored in Azure Container Registry, pull these over a virtual network from Azure Container Registry using its private endpoint and the app setting 'WEBSITE_PULL_IMAGE_OVER_VNET'.",
+            "guid": "2c2de732-165c-43ac-aef4-abe1f8d39fda",
+            "link": "https://learn.microsoft.com/azure/app-service/configure-custom-container#use-an-image-from-a-network-protected-registry",
+            "service": "App Services",
             "services": [
-                "WAF"
+                "VNet",
+                "ACR",
+                "WAF",
+                "PrivateLink"
             ],
-            "severity": "High",
-            "text": "Ensure that the self-hosted gateway deployments are resilient.",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Pull containers over a Virtual Network",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "7519e385-a88b-4d34-966b-6269d686e890",
-            "link": "https://learn.microsoft.com/azure/api-management/front-door-api-management",
-            "service": "APIM",
+            "description": "Conduct a penetration test on the web application following the penetration testing rules of engagement.",
+            "guid": "eb2eb03d-d9a2-4582-918d-2ddb10725769",
+            "link": "https://learn.microsoft.com/azure/security/fundamentals/pen-testing",
+            "service": "App Services",
             "services": [
-                "Entra",
-                "APIM",
-                "FrontDoor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use Azure Front Door in front of APIM for multi-region deployment",
-            "waf": "Performance"
+            "text": "Conduct a penetration test",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "cd45c90e-7690-4753-930b-bf290c69c074",
-            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#virtual-network-integration",
-            "service": "APIM",
+            "description": "Deploy trusted code that was validated and scanned for vulnerabilities according to DevSecOps practices.",
+            "guid": "19aed9c5-5d04-4c2c-9919-ca0b2c12159e",
+            "link": "https://learn.microsoft.com/azure/architecture/solution-ideas/articles/devsecops-in-azure",
+            "service": "App Services",
             "services": [
-                "VNet",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Deploy the service within a Virtual Network (VNet)",
+            "text": "Deploy validated code",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "microsoft.web/sites",
             "checklist": "WAF checklist",
-            "guid": "02661582-b3d1-48d1-9d7b-c6a918a0ca33",
-            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#network-security-group-support",
-            "service": "APIM",
+            "description": "Use the latest versions of supported platforms, programming languages, protocols, and frameworks.",
+            "guid": "114b933d-f574-4ecc-ad9b-d3bafcda3b54",
+            "link": "https://learn.microsoft.com/azure/app-service/overview-patch-os-runtime",
+            "service": "App Services",
             "services": [
-                "Entra",
-                "APIM",
-                "Monitor",
-                "VNet",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Deploy network security groups (NSG) to your subnets to restrict or monitor traffic to/from APIM.",
+            "severity": "High",
+            "text": "Use up-to-date platforms, languages, protocols and frameworks",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "67437a28-2721-4a2c-becd-caa54c8237a5",
-            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#azure-private-link",
-            "service": "APIM",
+            "description": "Apply guidance from the Microsoft cloud security benchmark related to Storage",
+            "guid": "d237de14-3b16-4c21-b7aa-9b64604489a8",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/storage-security-baseline",
+            "service": "Azure Storage",
             "services": [
-                "Entra",
-                "PrivateLink",
-                "APIM",
-                "VNet",
+                "Storage",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Deploy Private Endpoints to filter incoming traffic when APIM is not deployed to a VNet.",
+            "text": "Consider the 'Azure security baseline for storage'",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "d698adbd-3288-44cb-b10a-9b572da395ae",
-            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#disable-public-network-access",
-            "service": "APIM",
+            "description": "Azure Storage by default has a public IP address and is Internet-reachable. Private endpoints allow to securely expose Azure Storage only to those Azure Compute resources that need access, thus eliminating exposure to the public Internet",
+            "guid": "f42d78e7-9d17-4a73-a22a-5a67e7a8ed4b",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-private-endpoints",
+            "service": "Azure Storage",
             "services": [
-                "WAF"
+                "Storage",
+                "WAF",
+                "PrivateLink"
             ],
             "severity": "High",
-            "text": "Disable Public Network Access",
+            "text": "Consider using private endpoints for Azure Storage",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "0674d750-0c6f-4ac0-8717-ceec04d0bdbd",
-            "link": "https://learn.microsoft.com/azure/api-management/automation-manage-api-management",
-            "service": "APIM",
+            "description": "Newly created storage accounts are created using the ARM deployment model, so that RBAC, auditing etc. are all enabled. Ensure that there are no old storage accounts with classic deployment model in a subscription",
+            "guid": "30e37c3e-2971-41b2-963c-eee079b598de",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts",
+            "service": "Azure Storage",
             "services": [
-                "WAF"
+                "RBAC",
+                "Storage",
+                "WAF",
+                "Subscriptions"
             ],
             "severity": "Medium",
-            "text": "Simplify management with PowerShell automation scripts",
-            "waf": "Operations"
+            "text": "Ensure older storage accounts are not using 'classic deployment model'",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "c385bfcd-49fd-4786-81ba-cedbb4c57345",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/app-platform/api-management/platform-automation-and-devops#design-recommendations",
-            "service": "APIM",
+            "description": "Leverage Microsoft Defender to learn about suspicious activity and misconfigurations.",
+            "guid": "fc5972cd-4cd2-41b0-a803-7f5e6b4bfd3d",
+            "link": "https://learn.microsoft.com/azure/storage/common/azure-defender-storage-configure",
+            "service": "Azure Storage",
             "services": [
-                "Entra",
-                "APIM",
+                "Defender",
+                "Storage",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Configure APIM via Infrastructure-as-code. Review DevOps best practices from the Cloud Adaption Framework APIM Landing Zone Accelerator",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Enable Microsoft Defender for all of your storage accounts",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "6c3a27c0-197f-426c-9ffa-86fed51d9ab6",
-            "link": "https://learn.microsoft.com/azure/api-management/visual-studio-code-tutorial",
-            "service": "APIM",
+            "description": "The soft-delete mechanism allows to recover accidentally deleted blobs.",
+            "guid": "503547c1-447e-4c66-828a-7100f1ce16dd",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-overview",
+            "service": "Azure Storage",
             "services": [
-                "Entra",
-                "APIM",
+                "Storage",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Promote usage of Visual Studio Code APIM extension for faster API development",
-            "waf": "Operations"
+            "text": "Enable 'soft delete' for blobs",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "354f1c03-8112-4965-85ad-c0074bddf231",
-            "link": "https://learn.microsoft.com/azure/api-management/devops-api-development-templates",
-            "service": "APIM",
+            "description": "Consider selectively disabling 'soft delete' for certain blob containers, for example if the application must ensure that deleted information is immediately deleted, e.g. for confidentiality, privacy or compliance reasons. ",
+            "guid": "3f1d5e87-2e52-4e36-81cc-58b4a4b1510e",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable",
+            "service": "Azure Storage",
             "services": [
+                "Storage",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Implement DevOps and CI/CD in your workflow",
-            "waf": "Operations"
+            "text": "Disable 'soft delete' for blobs",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "b6439493-426a-45f3-9697-cf65baee208d",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-mutual-certificates-for-clients",
-            "service": "APIM",
+            "description": "Soft delete for containers enables you to recover a container after it has been deleted, for example recover from an accidental delete operation.",
+            "guid": "43a58a9c-2289-4c3d-9b57-d0c655462f2a",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-overview",
+            "service": "Azure Storage",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Secure APIs using client certificate authentication",
+            "severity": "High",
+            "text": "Enable 'soft delete' for containers",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "2a67d143-1033-4c0a-8732-680896478f08",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-mutual-certificates",
-            "service": "APIM",
+            "description": "Consider selectively disabling 'soft delete' for certain blob containers, for example if the application must ensure that deleted information is immediately deleted, e.g. for confidentiality, privacy or compliance reasons. ",
+            "guid": "3e3453a3-c863-4964-ab65-2d6c15f51296",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable",
+            "service": "Azure Storage",
             "services": [
+                "Storage",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Secure backend services using client certificate authentication",
+            "text": "Disable 'soft delete' for containers",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "074435f5-4a46-41ac-b521-d6114cb5d845",
-            "link": "https://learn.microsoft.com/azure/api-management/mitigate-owasp-api-threats",
-            "service": "APIM",
+            "description": "Prevents accidental deletion of a storage account, by forcing the user to first remove the deletion lock, prior to deletion",
+            "guid": "5398e6de-d227-4dd1-92b0-6c21d7999a64",
+            "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource",
+            "service": "Azure Storage",
             "services": [
+                "Storage",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Review 'Recommendations to mitigate OWASP API Security Top 10 threats' article and check what is applicable to your APIs",
+            "severity": "High",
+            "text": "Enable resource locks on storage accounts",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "5507c4b8-a7f8-41d6-9661-418c987100c9",
-            "link": "https://learn.microsoft.com/azure/api-management/authorizations-overview",
-            "service": "APIM",
+            "description": "Consider 'legal hold' or 'time-based retention' policies for blobs, so that is is impossible to delete the blob, the container, or the storage account. Please note that 'impossible' actually means 'impossible'; once a storage account contains an immutable blob, the only way to 'get rid' of that storage account is by cancelling the Azure subscription.",
+            "guid": "6f4389a8-f42c-478e-98c0-6a73a22a4956",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/immutable-storage-overview",
+            "service": "Azure Storage",
             "services": [
-                "WAF"
+                "Storage",
+                "WAF",
+                "Subscriptions",
+                "AzurePolicy"
             ],
-            "severity": "Medium",
-            "text": "Use Authorizations feature to simplify management of OAuth 2.0 token for your backend APIs",
+            "severity": "High",
+            "text": "Consider immutable blobs",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "2deee033-b906-4bc2-9f26-c8d3699fe091",
-            "link": "https://learn.microsoft.com/azure/api-management/api-management-howto-manage-protocols-ciphers",
-            "service": "APIM",
+            "description": "Consider disabling unprotected HTTP/80 access to the storage account, so that all data transfers are encrypted, integrity protected, and the server is authenticated. ",
+            "guid": "e7a8dc4a-20e2-47c3-b297-11b1352beee0",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer",
+            "service": "Azure Storage",
             "services": [
+                "Storage",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Use the latest TLS version when encrypting information in transit. Disable outdated and unnecessary protocols and ciphers when possible.",
+            "text": "Require HTTPS, i.e. disable port 80 on the storage account",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "f8af3d94-1d2b-4070-846f-849197524258",
-            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#im-8-restrict-the-exposure-of-credential-and-secrets",
-            "service": "APIM",
+            "description": "When configuring a custom domain (hostname) on a storage account, check whether you need TLS/HTTPS; if so, you might have to put Azure CDN in front of your storage account.",
+            "guid": "79b588de-fc49-472c-b3cd-21bf77036e5e",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/storage-custom-domain-name",
+            "service": "Azure Storage",
             "services": [
-                "AKV",
+                "Storage",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Ensure that secrets (Named values) are stored an Azure Key Vault so they can be securely accessed and updated",
+            "text": "When enforcing HTTPS (disabling HTTP), check that you do not use custom domains (CNAME) for the storage account.",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "791abd8b-7706-4e31-9569-afefde724be3",
-            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#managed-identities",
-            "service": "APIM",
+            "description": "Requiring HTTPS when a client uses a SAS token to access blob data helps to minimize the risk of credential loss.",
+            "guid": "6b4bed3d-5035-447c-8347-dc56028a71ff",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview",
+            "service": "Azure Storage",
             "services": [
-                "Entra",
+                "Storage",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use managed identities to authenticate to other Azure resources whenever possible",
+            "text": "Limit shared access signature (SAS) tokens to HTTPS connections only",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.ApiManagement/service",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "220c4ca6-6688-476b-b2b5-425a78e6fb87",
-            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/api-management-security-baseline?toc=%2Fazure%2Fapi-management%2F&bc=%2Fazure%2Fapi-management%2Fbreadcrumb%2Ftoc.json#ns-6-deploy-web-application-firewall",
-            "service": "APIM",
+            "description": "AAD tokens should be favored over shared access signatures, wherever possible",
+            "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
+            "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access",
+            "service": "Azure Storage",
             "services": [
                 "Entra",
-                "APIM",
-                "AppGW",
+                "Storage",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Use web application firewall (WAF) by deploying Application Gateway in front of APIM",
+            "text": "Use Azure Active Directory (Azure AD) tokens for blob access",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "b32e1aa1-4813-4602-88fe-27ca2891f421",
-            "link": "https://learn.microsoft.com/en-us/azure/architecture/reference-architectures/app-service-web-app/zone-redundant?source=recommendations",
-            "service": "App Services",
+            "description": "When assigning a role to a user, group, or application, grant that security principal only those permissions that are necessary for them to perform their tasks. Limiting access to resources helps prevent both unintentional and malicious misuse of your data.",
+            "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
+            "service": "Azure Storage",
             "services": [
+                "RBAC",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Refer to baseline highly available zone-redundant web application architecture for best practices",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Least privilege in IaM permissions",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "e4b31c6a-2e3f-4df1-8e8b-9c3aa5a27820",
-            "link": "https://learn.microsoft.com/en-us/azure/app-service/overview-hosting-plans",
-            "service": "App Services",
+            "description": "A user delegation SAS is secured with Azure Active Directory (Azure AD) credentials and also by the permissions specified for the SAS. A user delegation SAS is analogous to a service SAS in terms of its scope and function, but offers security benefits over the service SAS. ",
+            "guid": "55461e1a-3e34-453a-9c86-39648b652d6c",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#best-practices-when-using-sas",
+            "service": "Azure Storage",
             "services": [
-                "Backup",
+                "Entra",
+                "Storage",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Use Premium and Standard tiers. These tiers support staging slots and automated backups.",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "When using SAS, prefer 'user delegation SAS' over storage-account-key based SAS.",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "a7e2e6c2-491f-4fa4-a82b-521d0bc3b202",
-            "link": "https://learn.microsoft.com/en-us/azure/reliability/migrate-app-service",
-            "service": "App Services",
+            "description": "Storage account keys ('shared keys') have very little audit capabilities. While it can be monitored on who/when fetched a copy of the keys, once the keys are in the hands of multiple people, it is impossible to attribute usage to a specific user. Solely relying on AAD authentication makes it easier to tie storage access to a user. ",
+            "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
+            "service": "Azure Storage",
             "services": [
-                "WAF"
+                "Monitor",
+                "Storage",
+                "Entra",
+                "WAF",
+                "AKV"
             ],
             "severity": "High",
-            "text": "Leverage Availability Zones where regionally applicable (requires Premium v2 or v3 tier)",
-            "waf": "Reliability"
+            "text": "Consider disabling storage account keys, so that only AAD access (and user delegation SAS) is supported.",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "1275e4a9-7b6a-43c3-a9cd-5ee18d8995ad",
-            "link": "https://learn.microsoft.com/en-us/azure/app-service/monitor-instances-health-check",
-            "service": "App Services",
+            "description": "Use Activity Log data to identify 'when', 'who', 'what' and 'how' the security of your storage account is being viewed or changed (i.e. storage account keys, access policies, etc.).",
+            "guid": "d7999a64-6f43-489a-af42-c78e78c06a73",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
+            "service": "Azure Storage",
             "services": [
-                "WAF"
+                "Monitor",
+                "Storage",
+                "AzurePolicy",
+                "WAF",
+                "AKV"
+            ],
+            "severity": "High",
+            "text": "Consider using Azure Monitor to audit control plane operations on the storage account",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "WAF checklist",
+            "description": "A key expiration policy enables you to set a reminder for the rotation of the account access keys. The reminder is displayed if the specified interval has elapsed and the keys have not yet been rotated.",
+            "guid": "a22a4956-e7a8-4dc4-a20e-27c3e29711b1",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#create-a-key-expiration-policy",
+            "service": "Azure Storage",
+            "services": [
+                "Storage",
+                "WAF",
+                "AKV",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "Implement health checks",
-            "waf": "Reliability"
+            "text": "When using storage account keys, consider enabling a 'key expiration policy'",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "35a91c5d-4ad6-4d9b-8e0f-c47db9e6d1e7",
-            "link": "https://learn.microsoft.com/en-us/azure/app-service/manage-backup",
-            "service": "App Services",
+            "description": "A SAS expiration policy specifies a recommended interval over which the SAS is valid. SAS expiration policies apply to a service SAS or an account SAS. When a user generates service SAS or an account SAS with a validity interval that is larger than the recommended interval, they'll see a warning.",
+            "guid": "352beee0-79b5-488d-bfc4-972cd3cd21bf",
+            "link": "https://learn.microsoft.com/azure/storage/common/sas-expiration-policy",
+            "service": "Azure Storage",
             "services": [
-                "AppSvc",
-                "Backup",
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "High",
-            "text": "Refer to backup and restore best practices for Azure App Service",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Consider configuring an SAS expiration policy",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "e68cd0ec-afc6-4bd8-a27f-7860ad9a0db2",
-            "link": "https://learn.microsoft.com/en-us/azure/architecture/framework/services/compute/azure-app-service/reliability",
-            "service": "App Services",
+            "description": "Stored access policies give you the option to revoke permissions for a service SAS without having to regenerate the storage account keys. ",
+            "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/define-stored-access-policy",
+            "service": "Azure Storage",
             "services": [
-                "AppSvc",
-                "WAF"
+                "Storage",
+                "WAF",
+                "AKV",
+                "AzurePolicy"
             ],
-            "severity": "High",
-            "text": "Implement Azure App Service reliability best practices",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Consider linking SAS to a stored access policy",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "bd2a865c-0835-4418-bb58-4df91a5a9b3f",
-            "link": "https://learn.microsoft.com/en-us/azure/app-service/manage-disaster-recovery#recover-app-content-only",
-            "service": "App Services",
+            "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
+            "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/",
+            "service": "Azure Storage",
             "services": [
-                "AppSvc",
-                "WAF"
+                "Storage",
+                "WAF",
+                "AKV"
             ],
-            "severity": "Low",
-            "text": "Familiarize with how to move an App Service app to another region During a disaster",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Consider configuring your application's source code repository to detect checked-in connection strings and storage account keys.",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "f3d2f1e4-e6d4-4b7a-a5a5-e2a9b2c6f293",
-            "link": "https://learn.microsoft.com/en-us/azure/reliability/reliability-app-service",
-            "service": "App Services",
+            "description": "Ideally, your application should be using a managed identity to authenticate to Azure Storage. If that is not possible, consider having the storage credential (connection string, storage account key, SAS, service principal credential) in Azure KeyVault or an equivalent service.",
+            "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-storage-keys",
+            "service": "Azure Storage",
             "services": [
-                "AppSvc",
+                "Entra",
+                "Storage",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Familiarize with reliability support in Azure App Service",
-            "waf": "Reliability"
+            "text": "Consider storing connection strings in Azure KeyVault (in scenarios where managed identities are not possible)",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "c7b5f3d1-0569-4fd2-9f32-c0b64e9c0c5e",
-            "link": "https://learn.microsoft.com/en-us/azure/azure-functions/dedicated-plan#always-on",
-            "service": "App Services",
+            "description": "Use near-term expiration times on an ad hoc SAS service SAS or account SAS. In this way, even if a SAS is compromised, it's valid only for a short time. This practice is especially important if you cannot reference a stored access policy. Near-term expiration times also limit the amount of data that can be written to a blob by limiting the time available to upload to it.",
+            "guid": "27138b82-1102-4cac-9eae-01e6e842e52f",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
             "services": [
-                "AppSvc",
-                "WAF"
+                "Storage",
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Medium",
-            "text": "Ensure \"Always On\" is enabled for Function Apps running on a app service plan",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Strive for short validity periods for ad-hoc SAS",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "a3b4d5f6-758c-4f9d-9e1a-d7c6b7e8f9ab",
-            "link": "https://learn.microsoft.com/en-us/azure/app-service/monitor-instances-health-check",
-            "service": "App Services",
+            "description": "When creating a SAS, be as specific and restrictive as possible. Prefer a SAS for a single resource and operation over a SAS which gives much broader access.",
+            "guid": "4721d928-c1b1-4cd5-81e5-4a29a9de399c",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
             "services": [
-                "AppSvc",
-                "Monitor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Monitor App Service instances using Health checks",
-            "waf": "Reliability"
+            "text": "Apply a narrow scope to a SAS",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "c7d3e5f9-a19c-4833-8ca6-1dcb0128e129",
-            "link": "https://learn.microsoft.com/en-us/azure/azure-monitor/app/availability-overview",
-            "service": "App Services",
+            "description": "A SAS can include parameters on which client IP addresses or address ranges are authorized to request a resource using the SAS. ",
+            "guid": "fd7b28dc-9355-4562-82bf-e4564b0d834a",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/create-account-sas",
+            "service": "Azure Storage",
             "services": [
-                "Monitor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Monitor availability and responsiveness of web app or website using Application Insights availability tests",
-            "waf": "Reliability"
+            "text": "Consider scoping SAS to a specific client IP address, wherever possible",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "b4e3f2d5-a5c6-4d7e-8b2f-c5d9e7a8f0ea",
-            "link": "https://learn.microsoft.com/en-us/azure/azure-monitor/app/availability-standard-tests",
-            "service": "App Services",
+            "description": "A SAS cannot constrain how much data a client uploads; given the pricing model of amount of storage over time, it might make sense to validate whether clients uploaded maliciously large contents.",
+            "guid": "348b263e-6dd6-4051-8a36-498f6dbad38e",
+            "service": "Azure Storage",
             "services": [
-                "Monitor",
+                "Storage",
                 "WAF"
             ],
             "severity": "Low",
-            "text": "Use Application Insights Standard test to monitor availability and responsiveness of web app or website",
-            "waf": "Reliability"
+            "text": "Consider checking uploaded data, after clients used a SAS to upload a file. ",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "WAF checklist",
+            "description": "When accessing blob storage via SFTP using a 'local user account', the 'usual' RBAC controls do not apply. Blob access via NFS or REST might be more restrictive than SFTP access. Unfortunately, as of early 2023, local users are the only form of identity management that is currently supported for the SFTP endpoint",
+            "guid": "ad53cc7c-e1d7-4aaa-a357-1449ab8053d8",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model",
+            "service": "Azure Storage",
+            "services": [
+                "Entra",
+                "RBAC",
+                "Storage",
+                "WAF"
+            ],
+            "severity": "High",
+            "text": "SFTP: Limit the amount of 'local users' for SFTP access, and audit whether access is needed over time.",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Use Azure Key Vault to store any secrets the application needs.  Key Vault provides a safe and audited environment for storing secrets and is well-integrated with App Service through the Key Vault SDK or App Service Key Vault References.",
-            "guid": "834ac932-223e-4ce8-8b12-3071a5416415",
-            "link": "https://learn.microsoft.com/azure/app-service/app-service-key-vault-references",
-            "service": "App Services",
+            "guid": "9f89dc7b-33be-42a1-a27f-7b9e91be1f38",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-known-issues#authentication-and-authorization",
+            "service": "Azure Storage",
             "services": [
-                "AKV",
-                "AppSvc",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use Key Vault to store secrets",
+            "severity": "Medium",
+            "text": "SFTP: The SFTP endpoint does not support POSIX-like ACLs.",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Use a Managed Identity to connect to Key Vault either using the Key Vault SDK or through App Service Key Vault References.",
-            "guid": "833ea3ad-2c2d-4e73-8165-c3acbef4abe1",
-            "link": "https://learn.microsoft.com/azure/app-service/app-service-key-vault-references",
-            "service": "App Services",
+            "description": "Storage supports CORS (Cross-Origin Resource Sharing), i.e. an HTTP feature that enables web apps from a different domain to loosen the same-origin policy. When enabling CORS, keep the CorsRules to the least privilege.",
+            "guid": "cef39812-bd46-43cb-aac8-ac199ebb91a3",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services",
+            "service": "Azure Storage",
             "services": [
-                "Entra",
-                "AKV",
-                "AppSvc",
-                "WAF"
+                "Storage",
+                "WAF",
+                "AzurePolicy"
             ],
             "severity": "High",
-            "text": "Use Managed Identity to connect to Key Vault",
+            "text": "Avoid overly broad CORS policies",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Store the App Service TLS certificate in Key Vault.",
-            "guid": "f8d39fda-4776-4831-9c11-5775c2ea55b4",
-            "link": "https://learn.microsoft.com/azure/app-service/configure-ssl-certificate",
-            "service": "App Services",
+            "description": "Data at rest is always encrypted server-side, and in addition might be encrypted client-side as well. Server-side encryption might happen using a platform-managed key (default) or customer-managed key. Client-side encryption might happen by either having the client supply an encryption/decryption key on a per-blob basis to Azure storage, or by completely handling encryption on the client-side. thus not relying on Azure Storage at all for confidentiality guarantees.",
+            "guid": "3d90cae2-cc88-4137-86f7-c0cbafe61464",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
+            "service": "Azure Storage",
             "services": [
-                "AKV",
-                "AppSvc",
+                "Storage",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Use Key Vault to store TLS certificate.",
+            "text": "Determine how data at rest should be encrypted. Understand the thread model for data.",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Systems that process sensitive information should be isolated.  To do so, use separate App Service Plans or App Service Environments and consider the use of different subscriptions or management groups.",
-            "guid": "6ad48408-ee72-4734-a475-ba18fdbf590c",
-            "link": "https://learn.microsoft.com/azure/app-service/overview-hosting-plans",
-            "service": "App Services",
+            "guid": "8dd457e9-2713-48b8-8110-2cac6eae01e6",
+            "link": "https://learn.microsoft.com/azure/storage/common/customer-managed-keys-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&bc=%2Fazure%2Fstorage%2Fblobs%2Fbreadcrumb%2Ftoc.json",
+            "service": "Azure Storage",
             "services": [
-                "AppSvc",
-                "Subscriptions",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Isolate systems that process sensitive information",
+            "text": "Determine which/if platform encryption should be used.",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Local disks on App Service are not encrypted and sensitive data should not be stored on those.  (For example: D:\\\\Local and %TMP%).",
-            "guid": "e65de8e0-3f9b-4cbd-9682-66abca264f9a",
-            "link": "https://learn.microsoft.com/azure/app-service/operating-system-functionality#file-access",
-            "service": "App Services",
+            "guid": "e842e52f-4721-4d92-ac1b-1cd521e54a29",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/encryption-customer-provided-keys",
+            "service": "Azure Storage",
             "services": [
-                "AppSvc",
-                "TrafficManager",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Do not store sensitive data on local disk",
+            "text": "Determine which/if client-side encryption should be used.",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "For authenticated web application, use a well established Identity Provider like Azure AD or Azure AD B2C.  Leverage the application framework of your choice to integrate with this provider or use the App Service Authentication / Authorization feature.",
-            "guid": "919ca0b2-c121-459e-814b-933df574eccc",
-            "link": "https://learn.microsoft.com/azure/app-service/overview-authentication-authorization",
-            "service": "App Services",
+            "description": "Leverage Resource Graph Explorer (resources | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true) to find storage accounts which allow anonymous blob access.",
+            "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account",
+            "service": "Azure Storage",
             "services": [
-                "Entra",
-                "AppSvc",
+                "Storage",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Use an established Identity Provider for authentication",
+            "severity": "High",
+            "text": "Consider whether public blob access is needed, or whether it can be disabled for certain storage accounts. ",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Deploy code to App Service from a controlled and trusted environment, like a well-managed and secured DevOps deployment pipeline. This avoids code that was not version controlled and verified to be deployed from a malicious host.",
-            "guid": "3f9bcbd4-6826-46ab-aa26-4f9a19aed9c5",
-            "link": "https://learn.microsoft.com/azure/app-service/deploy-best-practices",
-            "service": "App Services",
+            "guid": "cb8eb8c0-aa62-4a25-a495-6eaa8dc4a243",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-upgrade?tabs=azure-portal",
+            "service": "Azure Storage",
             "services": [
-                "AppSvc",
+                "Storage",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Deploy from a trusted environment",
-            "waf": "Security"
+            "text": "Leverage a storagev2 account type for better performance and reliability",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Disable basic authentication for both FTP/FTPS and for WebDeploy/SCM.  This disables access to these services and enforces the use of Azure AD secured endpoints for deployment.  Note that the SCM site can also be opened using Azure AD credentials.",
-            "guid": "5d04c2c3-919c-4a0b-8c12-159e114b933d",
-            "link": "https://learn.microsoft.com/azure/app-service/deploy-configure-credentials#disable-basic-authentication",
-            "service": "App Services",
+            "guid": "e05bbe20-9d49-4fda-9777-8424d116785c",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
+            "service": "Azure Storage",
             "services": [
-                "Entra",
+                "Storage",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Disable basic authentication",
-            "waf": "Security"
+            "text": "Leverage GRS, ZRS or GZRS storage for the highest availability",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Where possible use Managed Identity to connect to Azure AD secured resources.  If this is not possible, store secrets in Key Vault and connect to Key Vault using a Managed Identity instead.",
-            "guid": "f574eccc-d9bd-43ba-bcda-3b54eb2eb03d",
-            "link": "https://learn.microsoft.com/azure/app-service/overview-managed-identity?tabs=portal%2Chttp",
-            "service": "App Services",
+            "guid": "2fa56c56-ad48-4408-be72-734c486ba280",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance",
+            "service": "Azure Storage",
             "services": [
-                "Entra",
-                "AKV",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use Managed Identity to connect to resources",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "For write operation after failover, use customer-Managed Failover ",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Where using images stored in Azure Container Registry, pull these using a Managed Identity.",
-            "guid": "d9a25827-18d2-4ddb-8072-5769ee6691a4",
-            "link": "https://learn.microsoft.com/azure/app-service/configure-custom-container#use-managed-identity-to-pull-image-from-azure-container-registry",
-            "service": "App Services",
+            "guid": "dc0590cf-65de-48e1-909c-cbd579266bcc",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance#microsoft-managed-failover",
+            "service": "Azure Storage",
             "services": [
-                "Entra",
-                "ACR",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Pull containers using a Managed Identity",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Understand Microsoft-Managed Failover details",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "By configuring the diagnostic settings of App Service, you can send all telemetry to Log Analytics as the central destination for logging and monitoring. This allows you to monitor runtime activity of App Service such as HTTP logs, application logs, platform logs, ...",
-            "guid": "47768314-c115-4775-a2ea-55b46ad48408",
-            "link": "https://learn.microsoft.com/azure/app-service/troubleshoot-diagnostic-logs",
-            "service": "App Services",
+            "guid": "a274faa1-abfe-49d5-9d04-c3c4919cb1b3",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable?tabs=azure-portal",
+            "service": "Azure Storage",
             "services": [
-                "Entra",
-                "AppSvc",
-                "Monitor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Send App Service runtime logs to Log Analytics",
+            "text": "Enable Soft Delete",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.eventhub/namespaces",
+            "checklist": "WAF checklist",
+            "description": "Azure Event Hub provides encryption of data at rest. If you use your own key, the data is still encrypted using the Microsoft-managed key, but in addition the Microsoft-managed key will be encrypted using the customer-managed key. ",
+            "guid": "7aaf12e7-b94e-4f6e-847d-2d92981b1cd6",
+            "link": "https://learn.microsoft.com/azure/event-hubs/configure-customer-managed-key",
+            "service": "Event Hubs",
+            "services": [
+                "EventHubs",
+                "WAF"
+            ],
+            "severity": "Low",
+            "text": "Use customer-managed key option in data at rest encryption when required",
+            "training": "https://learn.microsoft.com/learn/modules/plan-implement-administer-conditional-access/",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "microsoft.eventhub/namespaces",
             "checklist": "WAF checklist",
-            "description": "Set up a diagnostic setting to send the activity log to Log Analytics as the central destination for logging and monitoring. This allows you to monitor control plane activity on the App Service resource itself.",
-            "guid": "ee72734b-475b-4a18-bdbf-590ce65de8e0",
-            "link": "https://learn.microsoft.com/azure/azure-monitor/essentials/activity-log",
-            "service": "App Services",
+            "description": "Azure Event Hubs namespaces permit clients to send and receive data with TLS 1.0 and above. To enforce stricter security measures, you can configure your Event Hubs namespace to require that clients send and receive data with a newer version of TLS. If an Event Hubs namespace requires a minimum version of TLS, then any requests made with an older version will fail. ",
+            "guid": "d2f54b29-769e-43a6-a0e7-828ac936657e",
+            "link": "https://learn.microsoft.com/azure/event-hubs/transport-layer-security-configure-minimum-version",
+            "service": "Event Hubs",
             "services": [
-                "Entra",
-                "AppSvc",
-                "Monitor",
+                "EventHubs",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Send App Service activity logs to Log Analytics",
+            "text": "Enforce a minimum required version of Transport Layer Security (TLS) for requests ",
+            "training": "https://learn.microsoft.com/learn/modules/secure-aad-users-with-mfa/",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "microsoft.eventhub/namespaces",
             "checklist": "WAF checklist",
-            "description": "Control outbound network access using a combination of regional VNet integration, network security groups and UDR's.  Traffic should be routed to an NVA such as Azure Firewall.  Ensure to monitor the Firewall's logs.",
-            "guid": "c12159e1-14b9-433d-b574-ecccd9bd3baf",
-            "link": "https://learn.microsoft.com/azure/app-service/overview-vnet-integration",
-            "service": "App Services",
+            "description": "When you create an Event Hubs namespace, a policy rule named RootManageSharedAccessKey is automatically created for the namespace. This policy has manage permissions for the entire namespace. It�s recommended that you treat this rule like an administrative root account and don�t use it in your application. Using AAD as an authentication provider with RBAC is recommended. ",
+            "guid": "13b0f566-4b1e-4944-a459-837ee79d6c6d",
+            "link": "https://learn.microsoft.com/azure/event-hubs/authorize-access-shared-access-signature#shared-access-authorization-policies",
+            "service": "Event Hubs",
             "services": [
-                "NVA",
-                "Monitor",
-                "VNet",
-                "Firewall",
-                "WAF"
+                "EventHubs",
+                "AzurePolicy",
+                "Entra",
+                "WAF",
+                "RBAC",
+                "TrafficManager"
             ],
             "severity": "Medium",
-            "text": "Outbound network access should be controlled",
+            "text": "Avoid using root account when it is not necessary",
+            "training": "https://learn.microsoft.com/learn/paths/azure-administrator-manage-identities-governance/",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "microsoft.eventhub/namespaces",
             "checklist": "WAF checklist",
-            "description": "You can provide a stable outbound IP by using VNet integration and using a VNet NAT Gateway or an NVA like Azure Firewall.  This allows the receiving party to allow-list based on IP, should that be needed.  Note that for communications towards Azure Services often there's no need to depend on the IP address and mechanics like Service Endpoints should be used instead.  (Also the use of private endpoints on the receiving end avoids for SNAT to happen and provides a stable outbound IP range.)",
-            "guid": "cda3b54e-b2eb-403d-b9a2-582718d2ddb1",
-            "link": "https://learn.microsoft.com/azure/app-service/networking/nat-gateway-integration",
-            "service": "App Services",
+            "description": "Managed identities for Azure resources can authorize access to Event Hubs resources using Azure AD credentials from applications running in Azure Virtual Machines (VMs), Function apps, Virtual Machine Scale Sets, and other services. By using managed identities for Azure resources together with Azure AD authentication, you can avoid storing credentials with your applications that run in the cloud. ",
+            "guid": "3a365a5c-7acb-4e48-abd5-4cd79f2e8776",
+            "link": "https://learn.microsoft.com/azure/event-hubs/authenticate-managed-identity?tabs=latest",
+            "service": "Event Hubs",
             "services": [
-                "PrivateLink",
+                "EventHubs",
                 "Storage",
-                "NVA",
-                "VNet",
-                "Firewall",
-                "WAF"
+                "Entra",
+                "WAF",
+                "AKV",
+                "VM"
             ],
-            "severity": "Low",
-            "text": "Ensure a stable IP for outbound communications towards internet addresses",
+            "severity": "Medium",
+            "text": "When possible, your application should be using a managed identity to authenticate to Azure Event Hub. If not, consider having the storage credential (SAS, service principal credential) in Azure Key Vault or an equivalent service",
+            "training": "https://learn.microsoft.com/learn/modules/azure-ad-privileged-identity-management/",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "microsoft.eventhub/namespaces",
             "checklist": "WAF checklist",
-            "description": "Control inbound network access using a combination of App Service Access Restrictions, Service Endpoints or Private Endpoints. Different access restrictions can be required and configured for the web app itself and the SCM site.",
-            "guid": "0725769e-e669-41a4-a34a-c932223ece80",
-            "link": "https://learn.microsoft.com/azure/app-service/networking-features#access-restrictions",
-            "service": "App Services",
+            "description": "When creating permissions, provide fine-grained control over a client's access to Azure Event Hub. Permissions in Azure Event Hub can and should be scoped to the individual resource level e.g. consumer group, event hub entity, event hub namespaces, etc.",
+            "guid": "8357c559-675c-45ee-a5b8-6ad8844ce3b2",
+            "link": "https://learn.microsoft.com/azure/event-hubs/authorize-access-azure-active-directory#azure-built-in-roles-for-azure-event-hubs",
+            "service": "Event Hubs",
             "services": [
-                "PrivateLink",
-                "AppSvc",
+                "EventHubs",
+                "RBAC",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Inbound network access should be controlled",
+            "text": "Use least privilege data plane RBAC",
+            "training": "https://learn.microsoft.com/learn/modules/explore-basic-services-identity-types/",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "microsoft.eventhub/namespaces",
             "checklist": "WAF checklist",
-            "description": "Protect against malicious inbound traffic using a Web Application Firewall like Application Gateway or Azure Front Door.  Make sure to monitor the WAF's logs.",
-            "guid": "b123071a-5416-4415-a33e-a3ad2c2de732",
-            "link": "https://learn.microsoft.com/azure/app-service/networking/app-gateway-with-service-endpoints",
-            "service": "App Services",
+            "description": "Azure Event Hub resource logs include operational logs, virtual network and Kafka logs. Runtime audit logs capture aggregated diagnostic information for all data plane access operations (such as send or receive events) in Event Hubs.",
+            "guid": "b38b875b-a1cf-4104-a900-3a4d3ce474db",
+            "link": "https://learn.microsoft.com/azure/event-hubs/monitor-event-hubs-reference",
+            "service": "Event Hubs",
             "services": [
-                "AppGW",
-                "FrontDoor",
                 "Monitor",
-                "AppSvc",
-                "WAF"
+                "EventHubs",
+                "WAF",
+                "VNet"
             ],
-            "severity": "High",
-            "text": "Use a WAF in front of App Service",
+            "severity": "Medium",
+            "text": "Enable logging for security investigation. Use Azure Monitor to captured metrics and logs such as resource logs, runtime audit logs and Kafka logs",
+            "training": "https://learn.microsoft.com/learn/paths/manage-identity-and-access/",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "microsoft.eventhub/namespaces",
             "checklist": "WAF checklist",
-            "description": "Make sure the WAF cannot be bypassed by locking down access to only the WAF.  Use a combination of Access Restrictions, Service Endpoints and Private Endpoints.",
-            "guid": "165c3acb-ef4a-4be1-b8d3-9fda47768314",
-            "link": "https://learn.microsoft.com/azure/app-service/networking-features#access-restrictions",
-            "service": "App Services",
+            "description": "Azure Event Hub by default has a public IP address and is Internet-reachable. Private endpoints allow traffic between your virtual network and Azure Event Hub traverses over the Microsoft backbone network. In addition to that, you should disable public endpoints if those are not used. ",
+            "guid": "5abca2a4-eda1-4dae-8cc9-5d48c6b791dc",
+            "link": "https://learn.microsoft.com/azure/event-hubs/private-link-service",
+            "service": "Event Hubs",
             "services": [
-                "PrivateLink",
-                "WAF"
+                "VNet",
+                "EventHubs",
+                "WAF",
+                "PrivateLink"
             ],
-            "severity": "High",
-            "text": "Avoid for WAF to be bypassed",
+            "severity": "Medium",
+            "text": "Consider using private endpoints to access Azure Event Hub and disable public network access when applicable.",
+            "training": "https://learn.microsoft.com/learn/modules/azure-ad-privileged-identity-management/",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "microsoft.eventhub/namespaces",
             "checklist": "WAF checklist",
-            "description": "Set minimum TLS policy to 1.2 in App Service configuration.",
-            "graph": "appserviceresources | where type =~ 'microsoft.web/sites/config' | extend compliant = (properties.MinTlsVersion>=1.2) | distinct id,compliant",
-            "guid": "c115775c-2ea5-45b4-9ad4-8408ee72734b",
-            "link": "https://learn.microsoft.com/azure/app-service/configure-ssl-bindings#enforce-tls-versions",
-            "service": "App Services",
+            "description": "With IP firewall, you can restrict public endpoint further to only a set of IPv4 addresses or IPv4 address ranges in CIDR (Classless Inter-Domain Routing) notation. ",
+            "guid": "a0e6c465-89e5-458b-a37d-3974d1112dbd",
+            "link": "https://learn.microsoft.com/azure/event-hubs/event-hubs-ip-filtering",
+            "service": "Event Hubs",
             "services": [
-                "AppSvc",
-                "AzurePolicy",
+                "EventHubs",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Set minimum TLS policy to 1.2",
+            "text": "Consider only allowing access to Azure Event Hub namespace from specific IP addresses or ranges",
+            "training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "microsoft.eventhub/namespaces",
             "checklist": "WAF checklist",
-            "description": "Configure App Service to use HTTPS only.  This causes App Service to redirect from HTTP to HTTPS.  Strongly consider the use of HTTP Strict Transport Security (HSTS) in your code or from your WAF, which informs browsers that the site should only be accessed using HTTPS.",
-            "graph": "where (type=='microsoft.web/sites' and (kind == 'app' or kind == 'app,linux' )) | extend compliant = (properties.httpsOnly==true) | distinct id,compliant",
-            "guid": "475ba18f-dbf5-490c-b65d-e8e03f9bcbd4",
-            "link": "https://learn.microsoft.com/azure/app-service/configure-ssl-bindings#enforce-https",
-            "service": "App Services",
+            "guid": "31d41e36-11c8-417b-8afb-c410d4391898",
+            "link": "https://github.com/Azure/fta-resiliencyplaybooks/blob/main/paas-foundations-playbooks-AEH_v1.docx",
+            "service": "Event Hubs",
             "services": [
-                "AppSvc",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use HTTPS only",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Leverage FTA Resillency HandBook",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "microsoft.eventhub/namespaces",
             "checklist": "WAF checklist",
-            "description": "Do not use wildcards in your CORS configuration, as this allows all origins to access the service (thereby defeating the purpose of CORS). Specifically only allow the origins that you expect to be able to access the service.",
-            "guid": "68266abc-a264-4f9a-89ae-d9c55d04c2c3",
-            "link": "https://learn.microsoft.com/azure/app-service/app-service-web-tutorial-rest-api",
-            "service": "App Services",
+            "description": " This will be turned on automatically for a new EH namespace created from the portal with Premium, Dedicated, or Standard SKUs in a zone-enabled region. Both the EH metadata and the event data itself are replicated across zones",
+            "guid": "f15bce21-9e4a-40eb-9787-9424d226786d",
+            "link": "https://learn.microsoft.com/azure/event-hubs/event-hubs-premium-overview#high-availability-with-availability-zones",
+            "service": "Event Hubs",
             "services": [
-                "Storage",
+                "EventHubs",
+                "ACR",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Wildcards must not be used for CORS",
-            "waf": "Security"
+            "text": "Leverage Availability Zones if regionally applicable",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "microsoft.eventhub/namespaces",
             "checklist": "WAF checklist",
-            "description": "Remote debugging must not be turned on in production as this opens additional ports on the service which increases the attack surface. Note that the service does turn of remote debugging automatically after 48 hours.",
-            "graph": "appserviceresources | where type =~ 'microsoft.web/sites/config' | extend compliant = (properties.RemoteDebuggingEnabled == false) | distinct id,compliant",
-            "guid": "d9bd3baf-cda3-4b54-bb2e-b03dd9a25827",
-            "link": "https://learn.microsoft.com/azure/app-service/configure-common#configure-general-settings",
-            "service": "App Services",
+            "guid": "20b56c56-ad58-4519-8f82-735c586bb281",
+            "link": "https://learn.microsoft.com/azure/event-hubs/compare-tiers",
+            "service": "Event Hubs",
+            "services": [
+                "WAF"
+            ],
+            "severity": "Medium",
+            "text": "Use the Premium or Dedicated SKUs   for predicable performance",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.eventhub/namespaces",
+            "checklist": "WAF checklist",
+            "description": "The built-in geo-disaster recovery feature, when enabled, ensures that the entire configuration of anamespace (Event Hubs, Consumer Groups and settings) is continuously replicated from a primary namespace to a secondary namespace, and it allows a once-only failover move from the primary to the secondary at any time. Active/Passive feature is designed to make it easier to recover from and abandon a failed Azure region without having to change application configurations",
+            "guid": "dc15a1c0-75ee-49f1-90ac-ccd579376bcd",
+            "link": "https://learn.microsoft.com/azure/event-hubs/event-hubs-geo-dr?tabs=portal",
+            "service": "Event Hubs",
             "services": [
+                "EventHubs",
+                "ASR",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Turn off remote debugging",
-            "waf": "Security"
+            "text": "Plan for Geo Disaster Recovery using Active Passive configuration",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "microsoft.eventhub/namespaces",
             "checklist": "WAF checklist",
-            "description": "Enable Defender for App Service.  This (amongst other threats) detects communications to known malicious IP addresses.  Review the recommendations from Defender for App Service as part of your operations.",
-            "guid": "18d2ddb1-0725-4769-be66-91a4834ac932",
-            "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-app-service-introduction",
-            "service": "App Services",
+            "description": "Should be used for DR configurations where an outage or loss of event data in the downed region cannot be tolerated. For these cases, follow the replication guidance and do not use the built-in geo-disaster recovery capability (active/passive). With Active/Active, Maintain multiple Event Hubs in different regions and namespaces, and events will be replicated between the hubs",
+            "guid": "6e31b67d-67ba-4591-89c0-9e805d597c7e",
+            "link": "https://learn.microsoft.com/azure/event-hubs/event-hubs-federation-overview",
+            "service": "Event Hubs",
             "services": [
-                "AppSvc",
-                "Defender",
+                "EventHubs",
+                "ASR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Enable Defender for Cloud - Defender for App Service",
-            "waf": "Security"
+            "text": "For Business Critical Applications, use Active Active configuration",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "microsoft.eventhub/namespaces",
             "checklist": "WAF checklist",
-            "description": "Azure provides DDoS Basic protection on its network, which can be improved with intelligent DDoS Standard capabilities which learns about normal traffic patterns and can detect unusual behavior. DDoS Standard applies to a Virtual Network so it must be configured for the network resource in front of the app, such as Application Gateway or an NVA.",
-            "guid": "223ece80-b123-4071-a541-6415833ea3ad",
-            "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
-            "service": "App Services",
+            "guid": "9ced16ad-d186-4f0a-a241-a999a68af77c",
+            "link": "https://learn.microsoft.com/azure/architecture/serverless/event-hubs-functions/resilient-design",
+            "service": "Event Hubs",
             "services": [
-                "AppGW",
-                "DDoS",
-                "NVA",
                 "EventHubs",
-                "VNet",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Enable DDOS Protection Standard on the WAF VNet",
-            "waf": "Security"
+            "text": "Design Resilient Event Hubs",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": "Where using images stored in Azure Container Registry, pull these over a virtual network from Azure Container Registry using its private endpoint and the app setting 'WEBSITE_PULL_IMAGE_OVER_VNET'.",
-            "guid": "2c2de732-165c-43ac-aef4-abe1f8d39fda",
-            "link": "https://learn.microsoft.com/azure/app-service/configure-custom-container#use-an-image-from-a-network-protected-registry",
-            "service": "App Services",
+            "guid": "f00a69de-7076-4734-a734-6e4552cad9e1",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-latest-version-for-customer-managed-certificates",
+            "service": "Front Door",
             "services": [
-                "PrivateLink",
-                "ACR",
-                "VNet",
+                "WAF",
+                "FrontDoor",
+                "AKV"
+            ],
+            "severity": "Medium",
+            "text": "If you use customer-managed TLS certificates with Azure Front Door, use the 'Latest' certificate version. Reduce the risk of outages caused by manual certificate renewal",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/applicationGateways",
+            "checklist": "WAF checklist",
+            "graph": "resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant",
+            "guid": "553585a6-abe0-11ed-afa1-0242ac120002",
+            "link": "https://learn.microsoft.com/azure/application-gateway/overview-v2",
+            "service": "App Gateway",
+            "services": [
+                "AppGW",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Pull containers over a Virtual Network",
+            "text": "Ensure you are using Application Gateway v2 SKU",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Network/loadBalancers",
             "checklist": "WAF checklist",
-            "description": "Conduct a penetration test on the web application following the penetration testing rules of engagement.",
-            "guid": "eb2eb03d-d9a2-4582-918d-2ddb10725769",
-            "link": "https://learn.microsoft.com/azure/security/fundamentals/pen-testing",
-            "service": "App Services",
+            "graph": "resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard')",
+            "guid": "4e35fbf5-0ae2-48b2-97ce-753353edbd1a",
+            "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-overview",
+            "service": "Load Balancer",
             "services": [
-                "WAF"
+                "WAF",
+                "LoadBalancer"
             ],
             "severity": "Medium",
-            "text": "Conduct a penetration test",
+            "text": "Ensure you are using the Standard SKU for your Azure Load Balancers",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "Microsoft.Network/loadBalancers",
             "checklist": "WAF checklist",
-            "description": "Deploy trusted code that was validated and scanned for vulnerabilities according to DevSecOps practices.",
-            "guid": "19aed9c5-5d04-4c2c-9919-ca0b2c12159e",
-            "link": "https://learn.microsoft.com/azure/architecture/solution-ideas/articles/devsecops-in-azure",
-            "service": "App Services",
+            "guid": "9432621a-8397-4654-a882-5bc856b7ef83",
+            "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-standard-availability-zones",
+            "service": "Load Balancer",
             "services": [
-                "WAF"
+                "WAF",
+                "LoadBalancer"
             ],
             "severity": "Medium",
-            "text": "Deploy validated code",
+            "text": "Ensure your Load Balancers frontend IP addresses are zone-redundant (unless you require zonal frontends).",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.web/sites",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "description": "Use the latest versions of supported platforms, programming languages, protocols, and frameworks.",
-            "guid": "114b933d-f574-4ecc-ad9b-d3bafcda3b54",
-            "link": "https://learn.microsoft.com/azure/app-service/overview-patch-os-runtime",
-            "service": "App Services",
+            "graph": "resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant",
+            "guid": "dfc50f87-3800-424c-937b-ed5f186e7c15",
+            "link": "https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet",
+            "service": "App Gateway",
             "services": [
+                "VNet",
+                "AppGW",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use up-to-date platforms, languages, protocols and frameworks",
+            "severity": "Medium",
+            "text": "Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.DBforMySQL/servers",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "388c3e25-e800-4ad2-9df3-f3d6ae1050b7",
-            "link": "https://learn.microsoft.com/azure/mysql/flexible-server/overview",
-            "service": "Azure MySQL",
+            "description": "Administration of reverse proxies in general and WAF in particular is closer to the application than to networking, so they belong in the same subscription as the app. Centralizing the Application Gateway and WAF in the connectivity subscription might be OK if it is managed by one single team.",
+            "guid": "48b662d6-d15f-4512-a654-98f6dfe237de",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
+            "service": "App Gateway",
             "services": [
-                "WAF"
+                "Entra",
+                "AppGW",
+                "VNet",
+                "WAF",
+                "NVA",
+                "Subscriptions"
             ],
             "severity": "Medium",
-            "text": "Leverage Flexible Server",
-            "waf": "Reliability"
+            "text": "Deploy Azure Application Gateway v2 or partner NVAs used for proxying inbound HTTP(S) connections within the landing-zone virtual network and with the apps that they're securing.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.DBforMySQL/servers",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "de3aad1e-8c38-4ec9-9666-7313c005674b",
-            "link": "https://learn.microsoft.com/azure/mysql/flexible-server/overview#high-availability-within-and-across-availability-zones",
-            "service": "Azure MySQL",
+            "guid": "f109e1f3-c79b-4f14-82de-6b5c22314d08",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
+            "service": "App Gateway",
             "services": [
-                "WAF"
+                "WAF",
+                "DDoS"
             ],
-            "severity": "High",
-            "text": "Leverage Availability Zones where regionally applicable",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Use a DDoS Network or IP protection plans for all Public IP addresses in application landing zones.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.DBforMySQL/servers",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "1e944a45-9c37-43e7-bd61-623b365a917e",
-            "link": "https://learn.microsoft.com/azure/mysql/flexible-server/overview#setup-hybrid-or-multi-cloud-data-synchronization-with-data-in-replication",
-            "service": "Azure MySQL",
+            "graph": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant",
+            "guid": "135bf4ac-f9db-461f-b76b-2ee9e30b12c0",
+            "link": "https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant",
+            "service": "App Gateway",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Leverage Data-in replication for cross-region DR scenarios",
+            "text": "Configure autoscaling with a minimum amount of instances of two.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Kusto/clusters",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "description": "Using the correct approach to feed a datalake with cold data and having the Kusto query engine at your disposal at the same time, as in the short-term storage",
-            "guid": "ba7da7be-9951-4914-a384-5d997cb39132",
-            "link": "https://learn.microsoft.com/azure/data-explorer/kusto/management/data-export/continuous-data-export",
-            "service": "Azure Data Explorer",
+            "graph": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant",
+            "guid": "060c6964-52b5-48db-af8b-83e4b2d85349",
+            "link": "https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2",
+            "service": "App Gateway",
             "services": [
-                "Storage",
-                "Cost",
+                "ACR",
+                "AppGW",
                 "WAF"
             ],
-            "text": "Leverage External Tables and Continuous data export overview to reduce costs",
+            "severity": "Medium",
+            "text": "Deploy Application Gateway across Availability Zones",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Kusto/clusters",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": "Azure Data Explorer provides an optional follower capability for a leader cluster to be followed by other follower clusters for read-only access to the leader's data and metadata. Changes in the leader, such as create, append, and drop are automatically synchronized to the follower. While the leaders could span Azure regions, the follower clusters should be hosted in the same region(s) as the leader. If the leader cluster is down or databases or tables are accidentally dropped, the follower clusters will lose access until access is recovered in the leader.",
-            "guid": "56a22586-f490-4641-addd-ea8a377cdeb3",
-            "link": "https://learn.microsoft.com/azure/data-explorer/follower?tabs=csharp",
-            "service": "Azure Data Explorer",
+            "guid": "e79d17b7-3b22-4a5a-97e7-a8ed4b30e38c",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
+            "service": "Front Door",
             "services": [
-                "Storage",
-                "WAF"
+                "WAF",
+                "FrontDoor",
+                "AzurePolicy"
             ],
-            "text": "To share data, explore Leader-follower cluster configuration",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Use Azure Front Door with WAF policies to deliver and help protect global HTTP/S apps that span multiple Azure regions.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Kusto/clusters",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": "Azure Data Explorer doesn't support automatic protection against the outage of an entire Azure region. This disruption can happen during a natural disaster, like an earthquake. If you require a solution for a disaster recovery situation, do the following steps to ensure business continuity. In these steps, you'll replicate your clusters, management, and data ingestion in two Azure paired regions.",
-            "guid": "861bb2bc-14ae-4a6e-95d8-d9a3adc218e6",
-            "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-create-solution#create-multiple-independent-clusters",
-            "service": "Azure Data Explorer",
+            "guid": "3f29812b-2363-4cef-b179-b599de0d5973",
+            "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
+            "service": "Front Door",
             "services": [
-                "ASR",
-                "WAF"
+                "AppGW",
+                "WAF",
+                "FrontDoor",
+                "AzurePolicy"
             ],
-            "text": "To protect against regional failure, create Multiple independent clusters, preferably in two Azure Paired regions",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "When using Front Door and Application Gateway to help protect HTTP/S apps, use WAF policies in Front Door. Lock down Application Gateway to receive traffic only from Front Door.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Kusto/clusters",
+            "ammp": true,
+            "arm-service": "microsoft.network/trafficManagerProfiles",
             "checklist": "WAF checklist",
-            "guid": "436b0635-cb45-4e57-a603-324ace8cc123",
-            "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-create-solution#replicate-management-activities",
-            "service": "Azure Data Explorer",
+            "guid": "cd4cd21b-0881-437f-9e6c-4cfd3e504547",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
+            "service": "Traffic Manager",
             "services": [
-                "RBAC",
-                "Storage",
+                "TrafficManager",
                 "WAF"
             ],
-            "text": "Replicate all management activities such as creating new tables or managing user roles on each cluster.",
+            "severity": "High",
+            "text": "Use Traffic Manager to deliver global apps that span protocols other than HTTP/S.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Kusto/clusters",
             "checklist": "WAF checklist",
-            "guid": "18ca6017-0265-4f4b-a46a-393af7f31728",
-            "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-create-solution",
-            "service": "Azure Data Explorer",
+            "guid": "3b4b3e88-a459-4ed5-a22f-644dfbc58204",
+            "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy#how-application-proxy-works",
+            "service": "Entra",
             "services": [
-                "WAF"
+                "AVD",
+                "WAF",
+                "Entra"
             ],
-            "text": "Ingest data into each cluster in parallel",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "If users only need access to internal applications, has Microsoft Entra ID Application Proxy been considered as an alternative to Azure Virtual Desktop (AVD)?",
+            "training": "https://learn.microsoft.com/learn/modules/configure-azure-ad-application-proxy/",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Kusto/clusters",
             "checklist": "WAF checklist",
-            "description": "This configuration is also called 'always-on'. For critical application deployments with no tolerance for outages, you should use multiple Azure Data Explorer clusters across Azure paired regions.",
-            "guid": "58a9c279-9c42-4bb6-9d0c-65556246b338",
-            "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-overview#active-active-active-configuration",
-            "service": "Azure Data Explorer",
+            "guid": "01ca7cf1-5754-442d-babb-8ba6772e5c30",
+            "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy#how-application-proxy-works",
+            "service": "Entra",
             "services": [
-                "ACR",
+                "Entra",
                 "WAF"
             ],
-            "text": "For critical application with no tolerance for outages, create Active-Active-Active (always-on) configuration",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "To reduce the number of firewall ports open for incoming connections in your network, consider using Microsoft Entra ID Application Proxy to give remote users secure and authenticated access to internal applications.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-applications-external-access-azure-ad/",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Kusto/clusters",
+            "ammp": true,
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": "This configuration is identical to the active-active-active configuration, but only involves two Azure paired regions. Configure dual ingestion, processing, and curation. Users are routed to the nearest region. The cluster SKU must be the same across regions.",
-            "guid": "563a4dc7-4a74-48b6-922a-d190916a6649",
-            "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-overview#active-active-configuration",
-            "service": "Azure Data Explorer",
+            "graph": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode",
+            "guid": "ae248989-b306-4591-9186-de482e3f0f0e",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings",
+            "service": "Front Door",
             "services": [
-                "ACR",
-                "WAF"
+                "WAF",
+                "FrontDoor",
+                "AzurePolicy"
             ],
-            "text": "For critical applications, create Active-Active configuration in two paired regions",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Deploy your WAF policy for Front Door in 'Prevention' mode' so that Web Application Firewall takes appropriate action to allow or deny traffic.",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Kusto/clusters",
+            "ammp": true,
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": "The Active-Hot configuration is similar to the Active-Active configuration in dual ingest, processing, and curation. While the standby cluster is online for ingestion, process, and curation, it isn't available to query. The standby cluster doesn't need to be in the same SKU as the primary cluster. It can be of a smaller SKU and scale, which may result in it being less performant. In a disaster scenario, users are redirected to the standby cluster, which can optionally be scaled up to increase performance.",
-            "guid": "8fadfe27-7de2-483b-8ac3-52baa9b75708",
-            "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-overview#active-hot-standby-configuration",
-            "service": "Azure Data Explorer",
+            "guid": "062d5839-4d36-402f-bfa4-02811eb936e9",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#avoid-combining-traffic-manager-and-front-door",
+            "service": "Front Door",
             "services": [
-                "WAF"
+                "TrafficManager",
+                "WAF",
+                "FrontDoor"
             ],
-            "text": "For applications, which required only read during failure, create Active-Hot standby configuration",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Avoid combining Azure Traffic Manager and Azure Front Door.",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Kusto/clusters",
+            "ammp": true,
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": "This solution offers the least resiliency (highest RPO and RTO), is the lowest in cost and highest in effort. In this configuration, there's no data recovery cluster. Configure continuous export of curated data (unless raw and intermediate data is also required) to a storage account that is configured GRS (Geo Redundant Storage). A data recovery cluster is spun up if there is a disaster recovery scenario. At that time, DDLs, configuration, policies, and processes are applied. Data is ingested from storage with the ingestion property kustoCreationTime to over-ride the ingestion time that defaults to system time.",
-            "guid": "49aa8092-dc8e-4b9d-8bb7-3b26a5a67eba",
-            "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-overview#on-demand-data-recovery-configuration",
-            "service": "Azure Data Explorer",
+            "guid": "5efeb96a-003f-4b18-8fcd-b4d84459c2b2",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-the-same-domain-name-on-front-door-and-your-origin",
+            "service": "Front Door",
             "services": [
-                "Storage",
-                "ASR",
-                "AzurePolicy",
-                "Cost",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
-            "text": "For applications, where cost is a concern and can withstand some downtime during failure, create on-demand data recovery cluster configuration",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Use the same domain name on Azure Front Door and your origin. Mismatched host names can cause subtle bugs.",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Kusto/clusters",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": "All database objects, policies, and configurations should be persisted in source control so they can be released to the cluster from your release automation tool.",
-            "guid": "5a907e1e-348e-4f25-9c27-d32e8bbac757",
-            "link": "https://learn.microsoft.com/azure/data-explorer/devops",
-            "service": "Azure Data Explorer",
+            "graph": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant",
+            "guid": "0b5a380c-4bfb-47bc-b1d7-dcfef363a61b",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group",
+            "service": "Front Door",
             "services": [
-                "AzurePolicy",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
-            "text": "Wrap DevOps and source control around all your code",
-            "training": "https://learn.microsoft.com/learn/paths/secure-your-cloud-data/",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "Disable health probes when there is only one origin in an Azure Front Door origin group.",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.Kusto/clusters",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "1559ab91-53e8-4908-ae28-b84c33b6b780",
-            "link": "https://learn.microsoft.com/azure/data-explorer/devops",
-            "service": "Azure Data Explorer",
+            "guid": "5567048e-e5d7-4206-9c55-b5ed45d2cc0c",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#select-good-health-probe-endpoints",
+            "service": "Front Door",
             "services": [
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
-            "text": "Design, develop, and implement validation routines to ensure all clusters are in-sync from a data perspective.",
-            "training": "https://learn.microsoft.com/learn/modules/azure-active-directory/",
+            "severity": "Medium",
+            "text": "Select good health probe endpoints for Azure Front Door. Consider building health endpoints that check all of your application's dependencies.",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Kusto/clusters",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "8b9fe5c4-1049-4d40-9a82-2c3474d00f18",
-            "link": "https://learn.microsoft.com/azure/data-explorer/devops",
-            "service": "Azure Data Explorer",
+            "graph": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId",
+            "guid": "a13f72f3-8f5c-4864-95e5-75bf37fbbeb1",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes",
+            "service": "Front Door",
             "services": [
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
-            "text": "Be fully cognizant of what it takes to build a cluster from scratch. Leverage Infrastructure as a Code for your deployments",
-            "training": "https://learn.microsoft.com/learn/modules/implement-hybrid-identity-windows-server/",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application.",
+            "waf": "Performance"
         },
         {
-            "arm-service": "microsoft.cache/redis",
+            "ammp": true,
+            "arm-service": "Microsoft.Network/loadBalancers",
             "checklist": "WAF checklist",
-            "guid": "65285269-440b-44be-9d3e-0844276d4bdc",
-            "link": "https://learn.microsoft.com/azure/azure-cache-for-redis/cache-how-to-zone-redundancy",
-            "service": "Redis",
+            "graph": "resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant",
+            "guid": "97a2fd46-64b0-1dfa-b72d-9c8869496d75",
+            "link": "https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity",
+            "service": "Load Balancer",
             "services": [
-                "ACR",
-                "WAF"
+                "WAF",
+                "LoadBalancer"
             ],
             "severity": "High",
-            "text": "Enable zone redundancy for Azure Cache for Redis. Azure Cache for Redis supports zone redundant configurations in the Premium and Enterprise tiers. A zone redundant cache can place its nodes across different Azure Availability Zones in the same region. It eliminates data center or AZ outage as a single point of failure and increases the overall availability of your cache.",
+            "text": "Use Azure NAT Gateway instead of Load Balancer outbound rules for better SNAT scalability",
             "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.cache/redis",
+            "ammp": true,
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "bc178bdc-5a06-4ca7-8443-51e19dd34429",
-            "link": "https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-high-availability#persistence",
-            "service": "Redis",
+            "graph": "cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId",
+            "guid": "af95c92d-d723-4f4a-98d7-8722324efd4d",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates",
+            "service": "Front Door",
             "services": [
-                "Storage",
-                "WAF"
+                "Cost",
+                "WAF",
+                "FrontDoor",
+                "AKV"
             ],
-            "severity": "Medium",
-            "text": "Configure data persistence for an Azure Cache for Redis instance. Because your cache data is stored in memory, a rare and unplanned failure of multiple nodes can cause all the data to be dropped. To avoid losing data completely, Redis persistence allows you to take periodic snapshots of in-memory data, and store it to your storage account.",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals.",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.cache/redis",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "eb722823-7a15-41c5-ab4e-4f1814387e5c",
-            "link": "https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-high-availability#storage-account-for-persistence",
-            "service": "Redis",
+            "guid": "189ea962-3969-4863-8f5a-5ad808c2cf4b",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#define-your-waf-configuration-as-code",
+            "service": "Front Door",
             "services": [
-                "Storage",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
-            "text": "Use Geo-redundant storage account to persist Azure Cache for Redis data, or zonally redundant where geo-redundancy is not available",
-            "waf": "Reliability"
+            "text": "Define your Azure Front Door WAF configuration as code. By using code, you can more easily adopt new rule set version and gain additional protection.",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.cache/redis",
+            "ammp": true,
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "a8c26c9b-32ab-45bd-bc69-98a135e33789",
-            "link": "https://learn.microsoft.com/azure/azure-cache-for-redis/cache-how-to-geo-replication",
-            "service": "Redis",
+            "guid": "2e30abab-5478-417c-81bf-bf1ad4ed1ed4",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-end-to-end-tls",
+            "service": "Front Door",
             "services": [
-                "ASR",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
-            "severity": "Medium",
-            "text": "Configure passive geo-replication for Premium Azure Cache for Redis instances. Geo-replication is a mechanism for linking two or more Azure Cache for Redis instances, typically spanning two Azure regions. Geo-replication is designed mainly for cross-region disaster recovery. Two Premium tier cache instances are connected through geo-replication in a way that provides reads and writes to your primary cache, and that data is replicated to the secondary cache.",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Use end-to-end TLS with Azure Front Door. Use TLS for connections from your clients to Front Door, and from Front Door to your origin.",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.eventhub/namespaces",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": "Azure Event Hub provides encryption of data at rest. If you use your own key, the data is still encrypted using the Microsoft-managed key, but in addition the Microsoft-managed key will be encrypted using the customer-managed key. ",
-            "guid": "7aaf12e7-b94e-4f6e-847d-2d92981b1cd6",
-            "link": "https://learn.microsoft.com/azure/event-hubs/configure-customer-managed-key",
-            "service": "Event Hubs",
+            "guid": "10aa45af-166f-44c4-9f36-b6d592dac2ca",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-http-to-https-redirection",
+            "service": "Front Door",
             "services": [
-                "EventHubs",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
-            "severity": "Low",
-            "text": "Use customer-managed key option in data at rest encryption when required",
-            "training": "https://learn.microsoft.com/learn/modules/plan-implement-administer-conditional-access/",
+            "severity": "Medium",
+            "text": "Use HTTP to HTTPS redirection with Azure Front Door. Support older clients by redirecting them to an HTTPS request automatically.",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.eventhub/namespaces",
+            "ammp": true,
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": "Azure Event Hubs namespaces permit clients to send and receive data with TLS 1.0 and above. To enforce stricter security measures, you can configure your Event Hubs namespace to require that clients send and receive data with a newer version of TLS. If an Event Hubs namespace requires a minimum version of TLS, then any requests made with an older version will fail. ",
-            "guid": "d2f54b29-769e-43a6-a0e7-828ac936657e",
-            "link": "https://learn.microsoft.com/azure/event-hubs/transport-layer-security-configure-minimum-version",
-            "service": "Event Hubs",
+            "guid": "28b9ee82-b2c7-45aa-bc98-6de6f59a095d",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#enable-the-waf",
+            "service": "Front Door",
             "services": [
-                "EventHubs",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
-            "severity": "Medium",
-            "text": "Enforce a minimum required version of Transport Layer Security (TLS) for requests ",
-            "training": "https://learn.microsoft.com/learn/modules/secure-aad-users-with-mfa/",
+            "severity": "High",
+            "text": "Enable the Azure Front Door WAF. Protect your application from a range of attacks.",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.eventhub/namespaces",
+            "ammp": true,
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": "When you create an Event Hubs namespace, a policy rule named RootManageSharedAccessKey is automatically created for the namespace. This policy has manage permissions for the entire namespace. It�s recommended that you treat this rule like an administrative root account and don�t use it in your application. Using AAD as an authentication provider with RBAC is recommended. ",
-            "guid": "13b0f566-4b1e-4944-a459-837ee79d6c6d",
-            "link": "https://learn.microsoft.com/azure/event-hubs/authorize-access-shared-access-signature#shared-access-authorization-policies",
-            "service": "Event Hubs",
+            "guid": "2902d8cc-1b0c-4495-afad-624ab70f7bd6",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#tune-your-waf",
+            "service": "Front Door",
             "services": [
-                "Entra",
-                "AzurePolicy",
-                "RBAC",
-                "TrafficManager",
-                "EventHubs",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
-            "severity": "Medium",
-            "text": "Avoid using root account when it is not necessary",
-            "training": "https://learn.microsoft.com/learn/paths/azure-administrator-manage-identities-governance/",
+            "severity": "High",
+            "text": "Tune the Azure Front Door WAF for your workload by configuring the WAF in Detection mode to reduce and fix false positive detections.",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.eventhub/namespaces",
+            "ammp": true,
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": "Managed identities for Azure resources can authorize access to Event Hubs resources using Azure AD credentials from applications running in Azure Virtual Machines (VMs), Function apps, Virtual Machine Scale Sets, and other services. By using managed identities for Azure resources together with Azure AD authentication, you can avoid storing credentials with your applications that run in the cloud. ",
-            "guid": "3a365a5c-7acb-4e48-abd5-4cd79f2e8776",
-            "link": "https://learn.microsoft.com/azure/event-hubs/authenticate-managed-identity?tabs=latest",
-            "service": "Event Hubs",
+            "guid": "17ba124b-127d-42b6-9322-388d5b2bbcfc",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/application-gateway-waf-request-size-limits#request-body-inspection",
+            "service": "Front Door",
             "services": [
-                "Entra",
-                "AKV",
-                "Storage",
-                "VM",
-                "EventHubs",
-                "WAF"
+                "WAF",
+                "FrontDoor",
+                "AzurePolicy"
             ],
-            "severity": "Medium",
-            "text": "When possible, your application should be using a managed identity to authenticate to Azure Event Hub. If not, consider having the storage credential (SAS, service principal credential) in Azure Key Vault or an equivalent service",
-            "training": "https://learn.microsoft.com/learn/modules/azure-ad-privileged-identity-management/",
+            "severity": "High",
+            "text": "Enable request body inspection feature enabled in Azure Front Door WAF policy.",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.eventhub/namespaces",
+            "ammp": true,
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": "When creating permissions, provide fine-grained control over a client's access to Azure Event Hub. Permissions in Azure Event Hub can and should be scoped to the individual resource level e.g. consumer group, event hub entity, event hub namespaces, etc.",
-            "guid": "8357c559-675c-45ee-a5b8-6ad8844ce3b2",
-            "link": "https://learn.microsoft.com/azure/event-hubs/authorize-access-azure-active-directory#azure-built-in-roles-for-azure-event-hubs",
-            "service": "Event Hubs",
+            "guid": "49a98f2b-ec22-4a87-9415-6a10b00d6555",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#enable-default-rule-sets",
+            "service": "Front Door",
             "services": [
-                "RBAC",
-                "EventHubs",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "High",
-            "text": "Use least privilege data plane RBAC",
-            "training": "https://learn.microsoft.com/learn/modules/explore-basic-services-identity-types/",
+            "text": "Enable the Azure Front Door WAF default rule sets. The default rule sets detect and block common attacks.",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.eventhub/namespaces",
+            "ammp": true,
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": "Azure Event Hub resource logs include operational logs, virtual network and Kafka logs. Runtime audit logs capture aggregated diagnostic information for all data plane access operations (such as send or receive events) in Event Hubs.",
-            "guid": "b38b875b-a1cf-4104-a900-3a4d3ce474db",
-            "link": "https://learn.microsoft.com/azure/event-hubs/monitor-event-hubs-reference",
-            "service": "Event Hubs",
+            "guid": "147a13d4-2a2f-4824-a524-f5855b52b946",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#enable-bot-management-rules",
+            "service": "Front Door",
             "services": [
-                "EventHubs",
-                "Monitor",
-                "VNet",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
-            "severity": "Medium",
-            "text": "Enable logging for security investigation. Use Azure Monitor to captured metrics and logs such as resource logs, runtime audit logs and Kafka logs",
-            "training": "https://learn.microsoft.com/learn/paths/manage-identity-and-access/",
+            "severity": "High",
+            "text": "Enable the Azure Front Door WAF bot protection rule set. The bot rules detect good and bad bots.",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.eventhub/namespaces",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": "Azure Event Hub by default has a public IP address and is Internet-reachable. Private endpoints allow traffic between your virtual network and Azure Event Hub traverses over the Microsoft backbone network. In addition to that, you should disable public endpoints if those are not used. ",
-            "guid": "5abca2a4-eda1-4dae-8cc9-5d48c6b791dc",
-            "link": "https://learn.microsoft.com/azure/event-hubs/private-link-service",
-            "service": "Event Hubs",
+            "guid": "d7dcdcb9-0d99-44b9-baab-ac7570ede79a",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#use-the-latest-ruleset-versions",
+            "service": "Front Door",
             "services": [
-                "PrivateLink",
-                "EventHubs",
-                "VNet",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
-            "text": "Consider using private endpoints to access Azure Event Hub and disable public network access when applicable.",
-            "training": "https://learn.microsoft.com/learn/modules/azure-ad-privileged-identity-management/",
+            "text": "Use the latest Azure Front Door WAF rule set version. Rule set updates are regularly updated to take account of the current threat landscape.",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.eventhub/namespaces",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": "With IP firewall, you can restrict public endpoint further to only a set of IPv4 addresses or IPv4 address ranges in CIDR (Classless Inter-Domain Routing) notation. ",
-            "guid": "a0e6c465-89e5-458b-a37d-3974d1112dbd",
-            "link": "https://learn.microsoft.com/azure/event-hubs/event-hubs-ip-filtering",
-            "service": "Event Hubs",
+            "guid": "b9620385-1cde-418f-914b-a84a06982ffc",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#add-rate-limiting",
+            "service": "Front Door",
             "services": [
-                "EventHubs",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
-            "text": "Consider only allowing access to Azure Event Hub namespace from specific IP addresses or ranges",
-            "training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
+            "text": "Add rate limiting to the Azure Front Door WAF. Rate limiting blocks clients accidentally or intentionally sending large amounts of traffic in a short period of time.",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.eventhub/namespaces",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "31d41e36-11c8-417b-8afb-c410d4391898",
-            "link": "https://github.com/Azure/fta-resiliencyplaybooks/blob/main/paas-foundations-playbooks-AEH_v1.docx",
-            "service": "Event Hubs",
+            "guid": "6dc36c52-0124-4ffe-9eaf-23ec1282dedb",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#use-a-high-threshold-for-rate-limits",
+            "service": "Front Door",
             "services": [
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
-            "text": "Leverage FTA Resillency HandBook",
-            "waf": "Reliability"
+            "text": "Use a high threshold for Azure Front Door WAF rate limits. High rate limit thresholds avoid blocking legitimate traffic, while still providing protection against extremely high numbers of requests that might overwhelm your infrastructure. ",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.eventhub/namespaces",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "description": " This will be turned on automatically for a new EH namespace created from the portal with Premium, Dedicated, or Standard SKUs in a zone-enabled region. Both the EH metadata and the event data itself are replicated across zones",
-            "guid": "f15bce21-9e4a-40eb-9787-9424d226786d",
-            "link": "https://learn.microsoft.com/azure/event-hubs/event-hubs-premium-overview#high-availability-with-availability-zones",
-            "service": "Event Hubs",
+            "guid": "388a3d0e-0a43-4367-90b2-3dd2aeece5ee",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#geo-filter-traffic",
+            "service": "Front Door",
             "services": [
-                "EventHubs",
-                "ACR",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Leverage Availability Zones if regionally applicable",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "If you are not expecting traffic from all geographical regions, use geo-filters to block traffic from non-expected countries.",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.eventhub/namespaces",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "20b56c56-ad58-4519-8f82-735c586bb281",
-            "link": "https://learn.microsoft.com/azure/event-hubs/compare-tiers",
-            "service": "Event Hubs",
+            "guid": "00acd8a9-6975-414f-8491-2be6309893b8",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#specify-the-unknown-zz-location",
+            "service": "Front Door",
             "services": [
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
-            "text": "Use the Premium or Dedicated SKUs   for predicable performance",
-            "waf": "Reliability"
+            "text": "Specify the unknown (ZZ) location when geo-filtering traffic with the Azure Front Door WAF. Avoid accidentally blocking legitimate requests when IP addresses can't be geo-matched.",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.eventhub/namespaces",
+            "ammp": true,
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "description": "The built-in geo-disaster recovery feature, when enabled, ensures that the entire configuration of anamespace (Event Hubs, Consumer Groups and settings) is continuously replicated from a primary namespace to a secondary namespace, and it allows a once-only failover move from the primary to the secondary at any time. Active/Passive feature is designed to make it easier to recover from and abandon a failed Azure region without having to change application configurations",
-            "guid": "dc15a1c0-75ee-49f1-90ac-ccd579376bcd",
-            "link": "https://learn.microsoft.com/azure/event-hubs/event-hubs-geo-dr?tabs=portal",
-            "service": "Event Hubs",
+            "graph": "resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id",
+            "guid": "2f8e81eb-8e68-4026-8b1f-70f9b05f7cf9",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection",
+            "service": "App Gateway",
             "services": [
-                "EventHubs",
-                "ASR",
+                "AppGW",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Plan for Geo Disaster Recovery using Active Passive configuration",
-            "waf": "Reliability"
+            "text": "Enable the Azure Application Gateway WAF bot protection rule set. The bot rules detect good and bad bots.",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.eventhub/namespaces",
+            "ammp": true,
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "description": "Should be used for DR configurations where an outage or loss of event data in the downed region cannot be tolerated. For these cases, follow the replication guidance and do not use the built-in geo-disaster recovery capability (active/passive). With Active/Active, Maintain multiple Event Hubs in different regions and namespaces, and events will be replicated between the hubs",
-            "guid": "6e31b67d-67ba-4591-89c0-9e805d597c7e",
-            "link": "https://learn.microsoft.com/azure/event-hubs/event-hubs-federation-overview",
-            "service": "Event Hubs",
+            "guid": "8ea8e0d4-84e8-4b33-aeab-493f6391b4d6",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/application-gateway-waf-request-size-limits#request-body-inspection",
+            "service": "App Gateway",
             "services": [
-                "EventHubs",
-                "ASR",
-                "WAF"
+                "AppGW",
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Medium",
-            "text": "For Business Critical Applications, use Active Active configuration",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Enable request body inspection feature enabled in Azure Application Gateway WAF policy.",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.eventhub/namespaces",
+            "ammp": true,
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "9ced16ad-d186-4f0a-a241-a999a68af77c",
-            "link": "https://learn.microsoft.com/azure/architecture/serverless/event-hubs-functions/resilient-design",
-            "service": "Event Hubs",
+            "guid": "a4dd86d3-5ffa-408c-b660-cce073d085b8",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/best-practices#tune-your-waf",
+            "service": "App Gateway",
             "services": [
-                "EventHubs",
+                "AppGW",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Design Resilient Event Hubs",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Tune the Azure Application Gateway WAF in detection mode for your workload. Reduce false positive detections.",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "ammp": true,
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "32e42e36-11c8-418b-8a0b-c510e43a18a9",
-            "service": "AVS",
+            "graph": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode",
+            "guid": "baf8e317-2397-4d49-b3d1-0dcc16d8778d",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings",
+            "service": "App Gateway",
             "services": [
-                "Entra",
-                "Subscriptions",
-                "WAF"
+                "AppGW",
+                "WAF",
+                "AzurePolicy"
             ],
             "severity": "High",
-            "text": "Ensure ADDS domain controller(s) are deployed in the identity subscription in native Azure",
+            "text": "Deploy your WAF policy for Application Gateway in 'Prevention' mode.",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "75089c20-990d-4927-b105-885576f76fc2",
-            "service": "AVS",
+            "guid": "43fae595-8a32-4299-a69e-0f32c454dcc9",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/rate-limiting-overview",
+            "service": "App Gateway",
             "services": [
-                "AVS",
+                "AppGW",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Ensure ADDS sites and services is configured to keep authentication requests from Azure-based resources (including Azure VMware Solution) local to Azure",
+            "text": "Add rate limiting to the Azure Application Gateway WAF. Rate limiting blocks clients accidentally or intentionally sending large amounts of traffic in a short period of time.",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "de3aad1e-7c28-4ec9-9666-b7570449aa80",
-            "service": "AVS",
+            "guid": "041e0ad8-7b12-4694-a0b7-a0e25ee2470f",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/rate-limiting-overview#rate-limiting-details",
+            "service": "App Gateway",
             "services": [
+                "AppGW",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Ensure that vCenter is connected to ADDS to enable authentication based on 'named user accounts'",
+            "severity": "Medium",
+            "text": "Use a high threshold for Azure Application Gateway WAF rate limits. High rate limit thresholds avoid blocking legitimate traffic, while still providing protection against extremely high numbers of requests that might overwhelm your infrastructure. ",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "cd289ced-6b17-4db8-8554-61e2aee3553a",
-            "service": "AVS",
+            "guid": "99937189-ff78-492a-b9ca-18d828d82b37",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/best-practices#geo-filtering-best-practices",
+            "service": "App Gateway",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Ensure that the connection from vCenter to ADDS is using a secure protocol (LDAPS)",
+            "severity": "Low",
+            "text": "If you are not expecting traffic from all geographical regions, use geo-filters to block traffic from non-expected countries.",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "b9d37dac-43bc-46cd-8d79-a9b24604489a",
-            "service": "AVS",
+            "guid": "349a15c1-52f4-4319-9078-3895d95ecafd",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/geomatch-custom-rules",
+            "service": "App Gateway",
             "services": [
+                "AppGW",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "CloudAdmin account in vCenter IdP is used only as an emergency account (break-glass)",
+            "text": "Specify the unknown (ZZ) location when geo-filtering traffic with the Azure Application Gateway WAF. Avoid accidentally blocking legitimate requests when IP addresses can't be geo-matched.",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "53d88e89-d17b-473b-82a5-a67e7a9ed5b3",
-            "service": "AVS",
+            "guid": "6c19dfd5-a61c-436c-9001-491b9b3d0228",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/best-practices#use-the-latest-ruleset-versions",
+            "service": "App Gateway",
             "services": [
-                "Entra",
+                "AppGW",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Ensure that NSX-Manager is integrated with an external Identity provider (LDAPS)",
+            "severity": "Medium",
+            "text": "Use the latest Azure Application Gateway WAF rule set version. Rule set updates are regularly updated to take account of the current threat landscape.",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "ae0e37ce-e297-411b-b352-caaab79b198d",
-            "service": "AVS",
+            "guid": "f84106a2-2e9e-42ac-add6-d3416ecfed53",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/best-practices#add-diagnostic-settings-to-save-your-wafs-logs",
+            "service": "App Gateway",
             "services": [
-                "RBAC",
-                "AVS",
+                "AppGW",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Has an RBAC model been created for use within VMware vSphere",
-            "waf": "Security"
+            "text": "Add diagnostic settings to save your Azure Application Gateway WAF logs.",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "ab81932c-9fc9-4d1b-a780-36f5e6bfbb9e",
-            "service": "AVS",
+            "guid": "4cea4050-7946-4a7c-89e6-b021b73c352d",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#add-diagnostic-settings-to-save-your-wafs-logs",
+            "service": "Front Door",
             "services": [
-                "RBAC",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
-            "text": "RBAC permissions should be granted on ADDS groups and not on specific users",
-            "waf": "Security"
+            "text": "Add diagnostic settings to save your Azure Front Door WAF logs.",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "d503547c-c447-4e82-9128-a71f0f1cac6d",
-            "service": "AVS",
+            "guid": "92664c60-47e3-4591-8b1b-8d557656e686",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/best-practices#send-logs-to-microsoft-sentinel",
+            "service": "App Gateway",
             "services": [
-                "RBAC",
-                "AVS",
+                "Sentinel",
+                "AppGW",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "RBAC permissions on the Azure VMware Solution resource in Azure are 'locked down' to a limited set of owners only",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Send Azure Application Gateway WAF logs to Microsoft Sentinel.",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "fd9f0df4-68dc-4976-b9a9-e6a79f7682c5",
-            "service": "AVS",
+            "guid": "845f5f91-9c21-4674-a725-5ce890850e20",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#send-logs-to-microsoft-sentinel",
+            "service": "Front Door",
             "services": [
-                "RBAC",
-                "WAF"
+                "Sentinel",
+                "WAF",
+                "FrontDoor"
             ],
-            "severity": "High",
-            "text": "Ensure all custom roles are scoped with CloudAdmin permitted authorizations",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Send Azure Front Door WAF logs to Microsoft Sentinel.",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "9ef1d5e8-32e4-42e3-911c-818b0a0bc510",
-            "link": "https://github.com/Azure/AzureCAT-AVS/tree/main/networking",
-            "service": "AVS",
+            "guid": "ba0e9b26-6e0d-4ec8-8541-023c00afd5b7",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/best-practices#define-your-waf-configuration-as-code",
+            "service": "App Gateway",
             "services": [
-                "AVS",
+                "AppGW",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Is the correct Azure VMware Solution connectivity model selected for the customer use case at hand",
-            "waf": "Performance"
+            "severity": "Medium",
+            "text": "Define your Azure Application Gateway WAF configuration as code. By using code, you can more easily adopt new rule set version and gain additional protection.",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "eb710a37-cbc1-4055-8dd5-a936a8bb7cf5",
-            "service": "AVS",
+            "guid": "f17ec301-8470-4afd-aabc-c1fdfe47dcc0",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/policy-overview",
+            "service": "App Gateway",
             "services": [
-                "NetworkWatcher",
-                "VPN",
-                "Monitor",
-                "ExpressRoute",
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "High",
-            "text": "Ensure ExpressRoute or VPN connections from on-premises to Azure are monitored using 'connection monitor'",
+            "severity": "Medium",
+            "text": "Use WAF Policies instead of the legacy WAF configuration.",
             "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "976e24f2-a7f8-426c-9253-2a92a2a7ed99",
-            "service": "AVS",
+            "guid": "d4eb8667-f8cb-4cdd-94e6-2f967ba98f88",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/scenario-secured-hub-app-gateway",
+            "service": "App Gateway",
             "services": [
-                "NetworkWatcher",
-                "AVS",
-                "VM",
-                "Monitor",
+                "AppGW",
+                "VNet",
+                "WAF",
                 "ExpressRoute",
-                "WAF"
+                "VPN"
             ],
             "severity": "Medium",
-            "text": "Ensure a connection monitor is created from an Azure native resource to an Azure VMware Solution virtual machine to monitor the Azure VMware Solution back-end ExpressRoute connection",
-            "waf": "Operations"
+            "text": "Filter inbound traffic in the backends so that they only accept connections from the Application Gateway subnet, for example with NSGs.",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "f41ce6a0-64f3-4805-bc65-3ab50df01265",
-            "service": "AVS",
+            "guid": "7d3df025-59a3-447d-ac25-3f5750d35de1",
+            "link": "https://learn.microsoft.com/azure/frontdoor/origin-security?tabs=app-service-functions",
+            "service": "Front Door",
             "services": [
-                "NetworkWatcher",
-                "AVS",
-                "VM",
-                "Monitor",
-                "WAF"
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
-            "text": "Ensure a connection monitor is created from an on-premises resource to an Azure VMware Solution virtual machine to monitor end-2-end connectivity",
-            "waf": "Operations"
+            "text": "Make sure your origins only take traffic from your Azure Front Door instance.",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "563b4dc7-4a74-48b6-933a-d1a0916a6649",
-            "service": "AVS",
+            "guid": "a66f0fd8-2ca4-422e-8df3-235148127ca2",
+            "link": "https://learn.microsoft.com/azure/application-gateway/ssl-overview",
+            "service": "App Gateway",
             "services": [
-                "ARS",
                 "WAF"
             ],
             "severity": "High",
-            "text": "When route server is used, ensure no more then 1000 routes are propagated from route server to ExR gateway to on-premises (ARS limit).",
-            "waf": "Operations"
+            "text": "You should encrypt traffic to the backend servers.",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "6128a71f-0f1c-4ac6-b9ef-1d5e832e42e3",
-            "service": "AVS",
+            "guid": "3dba65cb-834d-44d8-a3ca-a6aa2f1587be",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/overview",
+            "service": "App Gateway",
             "services": [
-                "Entra",
-                "RBAC",
-                "AVS",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Is Privileged Identity Management implemented for roles managing the Azure VMware Solution resource in the Azure Portal (no standing permissions allowed)",
+            "text": "You should use a Web Application Firewall.",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "c4e2436b-b336-4d71-9f17-960eee0b9b5c",
-            "service": "AVS",
+            "guid": "0158fcb6-0bc1-4687-832f-cc7c359c22d2",
+            "link": "https://learn.microsoft.com/azure/application-gateway/redirect-overview",
+            "service": "App Gateway",
             "services": [
-                "Entra",
-                "RBAC",
-                "AVS",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Privileged Identity Management audit reporting should be implemented for the Azure VMware Solution PIM roles",
+            "severity": "Medium",
+            "text": "Redirect HTTP to HTTPS",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "78c447a8-26b2-4863-af0f-1cac599ef1d5",
-            "service": "AVS",
+            "guid": "bb697864-1b4c-43af-8667-90cc69aaed5f",
+            "link": "https://learn.microsoft.com/azure/application-gateway/how-application-gateway-works#modifications-to-the-request",
+            "service": "App Gateway",
             "services": [
-                "Entra",
-                "AVS",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "If using Privileged Identity Management is being used, ensure that a valid Entra ID enabled account is created with a valid SMTP record for Azure VMware Solution Automatic Host replacement notifications. (standing permissions required)",
-            "waf": "Security"
+            "text": "Use gateway-managed cookies to direct traffic from a user session to the same server for processing",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "8defc4d7-21d3-41d2-90fb-707ae9eab40e",
-            "service": "AVS",
+            "guid": "ff353ad8-15fb-4ae8-9fc5-a85a36d36a35",
+            "link": "https://learn.microsoft.com/azure/application-gateway/configuration-http-settings",
+            "service": "App Gateway",
             "services": [
                 "WAF"
             ],
             "severity": "High",
-            "text": "Limit use of CloudAdmin account to emergency access only",
+            "text": "Enable connection draining during planned service updates to prevent connection loss to existing members of the backend pool",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "d329f798-bc17-48bd-a5a0-6ca7144351d1",
-            "service": "AVS",
+            "guid": "c8741f03-45a4-4183-a6b8-139e0773b8b5",
+            "link": "https://learn.microsoft.com/azure/application-gateway/custom-error",
+            "service": "App Gateway",
+            "services": [
+                "WAF"
+            ],
+            "severity": "Low",
+            "text": "Create custom error pages to display a personalized user experience",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/applicationGateways",
+            "checklist": "WAF checklist",
+            "guid": "f850d46f-f5d7-4b17-b48c-a780741402e1",
+            "link": "https://learn.microsoft.com/azure/application-gateway/rewrite-http-headers-url",
+            "service": "App Gateway",
             "services": [
-                "RBAC",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Create custom RBAC roles in vCenter to implement a least-privilege model inside vCenter",
+            "text": "Edit HTTP requests and response headers for easier routing and information exchange between the client and server",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "9dd24429-eb72-4281-97a1-51c5bb4e4f18",
-            "service": "AVS",
+            "guid": "eadc3164-4a0f-461c-85f1-1a372c04dfd1",
+            "link": "https://learn.microsoft.com/azure/frontdoor/front-door-overview",
+            "service": "App Gateway",
+            "services": [
+                "WAF",
+                "FrontDoor"
+            ],
+            "severity": "Medium",
+            "text": "Configure Front Door to optimize global web traffic routing and top-tier end-user performance, and reliability through quick global failover",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "microsoft.network/applicationGateways",
+            "checklist": "WAF checklist",
+            "guid": "29dcc19f-a8fa-4c35-8281-290577538793",
+            "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-overview",
+            "service": "App Gateway",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Is a process defined to regularly rotate cloudadmin (vCenter) and admin (NSX) credentials",
-            "waf": "Security"
+            "text": "Use transport layer load balancing",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "586cb291-ec16-4a1d-876e-f9f141acdce5",
-            "service": "AVS",
+            "guid": "276898c1-af5e-4819-9e8e-049c7801ab9d",
+            "link": "https://learn.microsoft.com/azure/application-gateway/multiple-site-overview",
+            "service": "App Gateway",
             "services": [
-                "Entra",
-                "AVS",
-                "VM",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use a centralized identity provider to be used for workloads (VM's) running on Azure VMware Solution",
+            "severity": "Medium",
+            "text": "Configure routing based on host or domain name for multiple web applications on a single gateway",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "79377bcd-b375-41ab-8ab0-ead66e15d3d4",
-            "service": "AVS",
+            "guid": "5fe365b6-58e8-47ed-a8cf-5163850380a2",
+            "link": "https://learn.microsoft.com/azure/application-gateway/create-ssl-portal",
+            "service": "App Gateway",
             "services": [
+                "Entra",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Is East-West traffic filtering implemented within NSX-T",
+            "text": "Centralize SSL certificate management to reduce encryption and decryption overhead from a backend server farm",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "a2adb1c3-d232-46af-825c-a44e1695fddd",
-            "service": "AVS",
+            "guid": "fa64b4dd-35c2-4047-ac5c-45dfbf8b0db9",
+            "link": "https://learn.microsoft.com/azure/application-gateway/application-gateway-websocket",
+            "service": "App Gateway",
             "services": [
-                "AVS",
                 "AppGW",
-                "Firewall",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Workloads on Azure VMware Solution are not directly exposed to the internet. Traffic is filtered and inspected by Azure Application Gateway, Azure Firewall or 3rd party solutions",
+            "severity": "Low",
+            "text": "Use Application Gateway for native support for WebSocket and HTTP/2 protocols",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "eace4cb1-deb4-4c65-8c3f-c14eeab36938",
-            "service": "AVS",
+            "guid": "3b7a56de-5020-4642-b3cb-c976e80b6d6d",
+            "link": "https://learn.microsoft.com/azure/logic-apps/single-tenant-overview-compare",
+            "service": "Logic Apps",
             "services": [
-                "AVS",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Auditing and logging is implemented for inbound internet requests to Azure VMware Solution and Azure VMware Solution based workloads",
-            "waf": "Security"
+            "text": "Select the right Logic App hosting plan based on your business & SLO requirements",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "29e3eec2-1836-487a-8077-a2b5945bda43",
-            "service": "AVS",
+            "guid": "3d7008bd-6bc1-4b03-8aa8-ec2a3b55786a",
+            "link": "https://learn.microsoft.com/azure/logic-apps/set-up-zone-redundancy-availability-zones?tabs=standard#next-steps",
+            "service": "Logic Apps",
             "services": [
-                "Monitor",
-                "AVS",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Session monitoring is implemented for outbound internet connections from Azure VMware Solution or Azure VMware Solution based workloads to identify suspicious/malicious activity",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Protect logic apps from region failures with zone redundancy and availability zones",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "334fdf91-c234-4182-a652-75269440b4be",
-            "service": "AVS",
+            "guid": "1cda768f-a206-445d-8234-56f6a6e7286e",
+            "link": "https://learn.microsoft.com/azure/logic-apps/business-continuity-disaster-recovery-guidance?toc=%2Fazure%2Freliability%2Ftoc.json&bc=%2Fazure%2Freliability%2Fbreadcrumb%2Ftoc.json",
+            "service": "Logic Apps",
             "services": [
-                "DDoS",
-                "VPN",
-                "ExpressRoute",
-                "VNet",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Is DDoS standard protection enabled on ExR/VPN Gateway subnet in Azure",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Consider a Cross-Region DR strategy for critical workloads",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "3d3e0843-276d-44bd-a015-bcf219e4a1eb",
-            "service": "AVS",
+            "guid": "82118ec5-ed6f-4c68-9471-eb0da98a1b34",
+            "link": "https://learn.microsoft.com/azure/app-service/environment/intro",
+            "service": "Logic Apps",
             "services": [
-                "AVS",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
-            "severity": "Medium",
-            "text": "Use a dedicated privileged access workstation (PAW) to manage Azure VMware Solution, vCenter, NSX manager and HCX manager",
-            "waf": "Security"
+            "severity": "High",
+            "text": "If deploying to an Isolated environment, use or migrate to App Service Environment (ASE) v3",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "9ccbd869-266a-4cca-874f-aa19bf39d95d",
-            "service": "AVS",
+            "guid": "74275fa5-9e08-4c7e-b096-13b538fe1501",
+            "link": "https://learn.microsoft.com/training/modules/deploy-azure-functions/",
+            "service": "Logic Apps",
             "services": [
-                "AVS",
-                "Defender",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Enable Advanced Threat Detection (Microsoft Defender for Cloud aka ASC) for workloads running on Azure VMware Solution",
-            "waf": "Security"
+            "text": "Leverage Azure DevOps or GitHub to streamline CI/CD and safeguard your Logic App code",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "44c7c891-9ca1-4f6d-9315-ae524ba34d45",
-            "service": "AVS",
+            "guid": "a85b86ad-884f-48e3-9273-4b875ba18f10",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/concepts/system-message#define-additional-safety-and-behavioral-guardrails",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
-                "Arc",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Use Azure ARC for Servers to properly govern workloads running on Azure VMware Solution using Azure native technologies (Azure ARC for Azure VMware Solution is not yet available)",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Follow Metaprompting guardrails for resonsible AI",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "85e12139-bd7b-4b01-8f7b-95ef6e043e2a",
-            "service": "AVS",
+            "guid": "d4391898-cd28-48be-b6b1-7cb8245451e1",
+            "link": "https://github.com/Azure-Samples/AI-Gateway",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
-                "SQL",
-                "WAF"
+                "Entra",
+                "WAF",
+                "APIM"
             ],
-            "severity": "Low",
-            "text": "Ensure workloads on Azure VMware Solution use sufficient data encryption during run-time (like in-guest disk encryption and SQL TDE). (vSAN encryption at rest is default)",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Consider Gateway patterns with APIM  or solutions like AI central for better rate limiting, load balancing, authentication and logging",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "a3592718-e6e2-4051-9267-6ae46691e883",
-            "service": "AVS",
+            "guid": "aed3453a-ec72-4392-97a1-52d6cc5e4029",
+            "link": "https://techcommunity.microsoft.com/t5/fasttrack-for-azure/azure-openai-insights-monitoring-ai-with-confidence/ba-p/4026850",
+            "service": "Azure OpenAI",
             "services": [
-                "AKV",
+                "Monitor",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "When in-guest encryption is used, store encryption keys in Azure Key vault when possible",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Enable monitoring for your AOAI instances",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "5ac94222-3e13-4810-9230-81a941741583",
-            "service": "AVS",
+            "guid": "697cb391-ed16-4b2d-886f-0a0241addde6",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/monitoring#set-up-alerts",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
-                "WAF"
+                "Monitor",
+                "WAF",
+                "Subscriptions",
+                "AKV"
             ],
-            "severity": "Medium",
-            "text": "Consider using extended security update support for workloads running on Azure VMware Solution (Azure VMware Solution is eligible for ESU)",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Create alerts to notify teams of events such as an entry in the activity log created by an action performed on the resource, such as regenerating its subscription keys or a metric threshold such as the number of errors exceeding 10 in an hour",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "3ef7ad7c-6d37-4331-95c7-acbe44bbe609",
-            "service": "AVS",
+            "guid": "8a477cde-b486-41bc-9bc1-0ae66e25d4d5",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/monitoring",
+            "service": "Azure OpenAI",
             "services": [
+                "Monitor",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Ensure that the appropriate vSAN Data redundancy method is used (RAID specification)",
-            "waf": "Reliability"
+            "text": "Monitor token usage to prevent service disruptions due to capacity",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "d88408f3-7273-44c8-96ba-280214590146",
-            "service": "AVS",
+            "guid": "a3aec2c4-e243-46b0-936c-b45e17960eee",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/monitoring",
+            "service": "Azure OpenAI",
             "services": [
-                "Storage",
-                "AzurePolicy",
+                "Monitor",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Ensure that the Failure-to-tolerate policy is in place to meet your vSAN storage needs",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "observe metrics like processed inference tokens, generated completion tokens monitor for rate limit",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "d89f2e87-7784-424d-9167-85c6fa95b96a",
-            "service": "AVS",
+            "guid": "fbdf4cc2-eec4-4d76-8c31-d25ffbb46a39",
+            "link": "https://techcommunity.microsoft.com/t5/apps-on-azure-blog/build-an-enterprise-ready-azure-openai-solution-with-azure-api/ba-p/3907562",
+            "service": "Azure OpenAI",
             "services": [
-                "ASR",
-                "WAF"
+                "WAF",
+                "APIM"
             ],
-            "severity": "High",
-            "text": "Ensure that you have requested enough quota, ensuring you have considered growth and Disaster Recovery requirement",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "If the diagnostics are not sufficient for you, consider using a gateway such as Azure API Managements in front of Azure OpenAI to log both incoming prompts and outgoing responses, where permitted",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "5d38e53f-9ccb-4d86-a266-acca274faa19",
-            "service": "AVS",
+            "guid": "3af30ed3-2947-498b-8178-a2c5a46ceb54",
+            "link": "https://github.com/Azure-Samples/openai-enterprise-iac",
+            "service": "Azure OpenAI",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Ensure that access constraints to ESXi are understood, there are access limits which might affect 3rd party solutions.",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Use Infrastructure as code to deploy the Azure OpenAI Service, model deployments, and all related resources",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "bf39d95d-44c7-4c89-89ca-1f6d5315ae52",
-            "service": "AVS",
+            "guid": "4350d092-d234-4292-a752-8537a551c5bf",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/managed-identity",
+            "service": "Azure OpenAI",
             "services": [
-                "AzurePolicy",
+                "Entra",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Ensure that you have a policy around ESXi host density and efficiency, keeping in mind the lead time for requesting new nodes",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Use Microsoft Entra Authentication with Managed Identity instead of API Key",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "4ba34d45-85e1-4213-abd7-bb012f7b95ef",
-            "service": "AVS",
+            "guid": "4e4f1854-287d-45cd-a126-cc031af5b1fc",
+            "link": "https://learn.microsoft.com/azure/machine-learning/prompt-flow/how-to-bulk-test-evaluate-flow?view=azureml-api-2",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
-                "Cost",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Ensure a good cost management process is in place for Azure VMware Solution - Azure Cost Management can be used",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "Evaluate the performance/accuracy of the system with a known golden dataset which has the inputs and the correct answers. Leverage capabilities in PromptFlow for Evaluation.",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "6e043e2a-a359-4271-ae6e-205172676ae4",
-            "service": "AVS",
+            "guid": "68889535-e327-4897-b31b-67d67be5962a",
+            "link": "https://learn.microsoft.com/azure/architecture/ai-ml/architecture/baseline-openai-e2e-chat#azure-openai---performance-efficiency",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
-                "Cost",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Are Azure reserved instances used to optimize cost for using Azure VMware Solution",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "Evaluate usage of Provisioned throughput model ",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "6691e883-5ac9-4422-83e1-3810523081a9",
-            "service": "AVS",
+            "guid": "cd288bed-6b17-4cb8-8454-51e1aed3453a",
+            "link": "https://learn.microsoft.com/azure/ai-services/content-safety/overview",
+            "service": "Azure OpenAI",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Consider the use of Azure Private-Link when using other Azure Native Services",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Review and implement Azure AI content safety",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "db611712-6904-40b4-aa3d-3e0803276d4b",
-            "service": "AVS",
+            "guid": "1193846d-697c-4b39-8ed1-6b2d186f0a02",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/latency#system-level-throughput",
+            "service": "Azure OpenAI",
             "services": [
                 "WAF"
             ],
             "severity": "High",
-            "text": "Ensure all required resource reside within the same Azure availability zone(s)",
+            "text": "Define and evaluate the throughput of the system based on tokens & response per minute and align with requirements",
             "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "48b262d6-cc5f-4512-a253-98e6db9d37da",
-            "service": "AVS",
+            "guid": "41addde6-8a47-47cd-bb48-61bc3bc10ae6",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/latency#improve-performance",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
-                "VM",
-                "Defender",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Enable Microsoft Defender for Cloud for Azure VMware Solution guest VM workloads",
-            "waf": "Security"
+            "text": "Improve latency of the system by limiting token sizes, streaming options",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "41741583-3ef7-4ad7-a6d3-733165c7acbe",
-            "service": "AVS",
+            "guid": "6e25d4d5-a3ae-4c2c-9e24-36b0336cb45e",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/latency#batching",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
-                "VM",
-                "Arc",
+                "ServiceBus",
+                "Storage",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use Azure Arc enabled servers to manage your Azure VMware Solution guest VM workloads",
-            "waf": "Security"
+            "text": "Estimate elasticity demands to determine synchronous and batch request segregation based on priority. For high priority, use synchronous approach and for low priority, asynchronous batch processing with queue is preferred",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "88f03a4d-2cd4-463c-abbc-868295abc91a",
-            "service": "AVS",
+            "guid": "5bda4332-4f24-4811-9331-82ba51752694",
+            "link": "https://github.com/Azure/azure-openai-benchmark/",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Enable Diagnostic and metric logging on Azure VMware Solution",
-            "waf": "Operations"
+            "text": "Benchmark token consumption requirements based on estimated demands from consumers. Consider using the Azure OpenAI benchmarking tool to help you validate the throughput if you are using Provisioned Throughput Unit deployments",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "4ed90dae-2cc8-44c4-9b6b-781cbafe6c46",
-            "service": "AVS",
+            "guid": "4008ae7d-7e47-4432-96d8-bdcf55bce619",
+            "link": "https://techcommunity.microsoft.com/t5/fasttrack-for-azure/optimizing-azure-openai-a-guide-to-limits-quotas-and-best/ba-p/4076268",
+            "service": "Azure OpenAI",
             "services": [
-                "Monitor",
-                "AVS",
-                "VM",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Deploy the Log Analytics Agents to Azure VMware Solution guest VM workloads",
-            "waf": "Operations"
+            "text": "If you are using Provisioned Throughput Units (PTUs), consider deploying a token-per-minute (TPM) deployment for overflow requests. Use a gateway to route requests to the TPM deployment when the PTU limits are reached.",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "589d457a-927c-4397-9d11-02cad6aae11e",
-            "service": "AVS",
+            "guid": "e8a13f98-8794-424d-9267-86d60b96c97b",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/concepts/models",
+            "service": "Azure OpenAI",
             "services": [
-                "Backup",
-                "AVS",
-                "VM",
-                "AzurePolicy",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Ensure you have a documented and implemented backup policy and solution for Azure VMware Solution VM workloads",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Choose the right model for the right task. Pick models with right tradeoff between speed, quality of response and output complexity",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "ee29711b-d352-4caa-ab79-b198dab81932",
-            "service": "AVS",
+            "guid": "e9951904-8384-45c9-a6cb-2912156a1147",
+            "link": "https://github.com/Azure/azure-openai-benchmark/",
+            "service": "Azure OpenAI",
             "services": [
-                "Monitor",
-                "AVS",
-                "Defender",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use Microsoft Defender for Cloud for compliance monitoring of workloads running on Azure VMware Solution",
-            "waf": "Security"
+            "text": "Have a baseline for performance without fine-tuning for knowing whether or not fine-tuning has improved model performance",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "c9fc9d1b-b780-436f-9e6b-fbb9ed503547",
-            "service": "AVS",
+            "guid": "5e39f541-accc-4d97-a376-bcdb3750ab2a",
+            "link": "https://learn.microsoft.com/azure/architecture/ai-ml/architecture/baseline-openai-e2e-chat#azure-openai---reliability",
+            "service": "Azure OpenAI",
             "services": [
-                "Defender",
+                "ACR",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Are the applicable compliance baselines added to Microsoft Defender for Cloud",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "Deploy multiple OAI instances across regions",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "cc447e82-6128-4a71-b0f1-cac6d9ef1d5e",
-            "service": "AVS",
+            "guid": "b039da6d-55d7-4c89-8adb-107d5325af62",
+            "link": "https://learn.microsoft.com/azure/architecture/ai-ml/architecture/baseline-openai-e2e-chat#azure-openai---reliability",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
-                "WAF"
+                "Entra",
+                "WAF",
+                "APIM"
             ],
             "severity": "High",
-            "text": "Was data residency evaluated when selecting Azure regions to use for Azure VMware Solution deployment",
-            "waf": "Security"
+            "text": "Implement retry & healthchecks with Gateway pattern like APIM",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "832e42e3-611c-4818-a0a0-bc510e43a18a",
-            "service": "AVS",
+            "guid": "5ca44e46-85e2-4223-ace8-bb12308ca5f1",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/quota?tabs=rest#introduction-to-quota",
+            "service": "Azure OpenAI",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Are data processing implications (service provider / service consumer model) clear and documented",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Ensure having adequate quotas of TPM & RPM for the workload",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "547c1747-dc56-4068-a714-435cd19dd244",
-            "service": "AVS",
+            "guid": "ec723923-7a15-42d6-ac5e-402925387e5c",
+            "link": "https://www.microsoft.com/research/project/guidelines-for-human-ai-interaction/",
+            "service": "Azure OpenAI",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Consider using CMK (Customer Managed Key) for vSAN only if needed for compliance reason(s).",
-            "waf": "Security"
+            "text": "Review the considerations in HAI toolkit guidance and apply those interaction practices for the slution",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "e43a18a9-cd28-49ce-b6b1-7db8255461e2",
-            "service": "AVS",
+            "guid": "7f154e3a-a369-4282-ae7e-316183687a04",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/business-continuity-disaster-recovery",
+            "service": "Azure OpenAI",
             "services": [
-                "Monitor",
-                "AVS",
+                "ACR",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Create dashboards to enable core Azure VMware Solution monitoring insights",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Deploy separate fine tuned models across regions if finetuning is employed",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "6b84ee5d-f47d-42d9-8881-b1cd5d1e54a2",
-            "service": "AVS",
+            "guid": "77a1f893-5bda-4433-84f2-4811633182ba",
+            "link": "https://learn.microsoft.com/azure/backup/backup-overview",
+            "service": "Azure OpenAI",
             "services": [
-                "Monitor",
-                "AVS",
-                "WAF"
+                "ASR",
+                "WAF",
+                "Backup"
             ],
-            "severity": "High",
-            "text": "Create warning alerts for critical thresholds for automatic alerting on Azure VMware Solution performance (CPU >80%, Avg Memory >80%, vSAN >70%)",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Regularly backup and replicate critical data to ensure data availability and recoverability in case of data loss or system failures. Leverage Azure's backup and disaster recovery services to protect your data.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "9659e396-80e7-4828-ac93-5657d02bff45",
-            "service": "AVS",
+            "guid": "95b96ad8-844c-4e3b-8b38-b876ba2cf204",
+            "link": "https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1",
+            "service": "Azure OpenAI",
             "services": [
-                "Monitor",
-                "AVS",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Ensure critical alert is created to monitor if vSAN consumption is below 75% as this is a support threshold from VMware",
-            "waf": "Operations"
+            "text": "Azure AI search service tiers should be choosen to have a SLA ",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "64b0d934-a348-4726-be79-d6b5c3a36495",
-            "service": "AVS",
+            "guid": "99013a5d-3ce4-474d-acbd-8682a6abca2a",
+            "link": "https://learn.microsoft.com/purview/purview",
+            "service": "Azure OpenAI",
             "services": [
-                "Monitor",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Ensure alerts are configured for Azure Service Health alerts and notifications",
-            "waf": "Operations"
+            "severity": "Low",
+            "text": "Classify data and sensitivity, labeling with Microsoft Purview before generating the embeddings and make sure to treat the embeddings generated with same sensitivity and classification",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "b6abad38-aad5-43cc-99e1-d86667357c54",
-            "service": "AVS",
+            "guid": "4fda1dbf-3dd9-45d4-ac7c-891dca1f6d56",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/use-your-data-securely",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
-                "Storage",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Configure Azure VMware Solution logging to be send to an Azure Storage account or Azure EventHub for processing",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Encrypt data used for RAG with SSE/Disk encryption with optional BYOK",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "9674c5ed-85b8-459c-9733-be2b1a27b775",
-            "service": "AVS",
+            "guid": "59ae558b-937d-4498-9e11-12dbd7ba012f",
+            "link": "https://learn.microsoft.com/azure/search/search-security-overview",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
+                "ACR",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "If deep insight in VMware vSphere is required: Is vRealize Operations and/or vRealize Network Insights used in the solution?",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Ensure TLS is enforced for data in transit across data sources, AI search used for Retrieval-Augmented Generation (RAG) and LLM communication",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "a91be1f3-88f0-43a4-b2cd-463cbbbc8682",
-            "service": "AVS",
+            "guid": "7b94ef6e-047d-42ea-8992-b1cd6e2054b2",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/role-based-access-control",
+            "service": "Azure OpenAI",
             "services": [
-                "Storage",
-                "VM",
-                "AzurePolicy",
+                "RBAC",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Ensure the vSAN storage policy for VM's is NOT the default storage policy as this policy applies thick provisioning",
-            "waf": "Operations"
+            "text": "Use RBAC to manage access to Azure OpenAI services. Assign appropriate permissions to users and restrict access based on their roles and responsibilities",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "d9ef1d5e-832d-442e-9611-c818b0afbc51",
-            "service": "AVS",
+            "guid": "9769e4a6-91e8-4838-ac93-6667e13c0056",
+            "link": "https://learn.microsoft.com/azure/security/fundamentals/data-encryption-best-practices",
+            "service": "Azure OpenAI",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Ensure vSphere content libraries are not placed on vSAN as vSAN is a finite resource",
-            "waf": "Operations"
+            "text": "Implement data encryption,  masking or redaction techniques to hide sensitive data or replace it with obfuscated values in non-production environments or when sharing data for testing or troubleshooting purposes",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "0e43a18a-9cd2-489b-bd6b-17db8255461e",
-            "service": "AVS",
+            "guid": "74b1e945-b459-4837-be7a-d6c6d3b375a5",
+            "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-cloud-introduction",
+            "service": "Azure OpenAI",
             "services": [
-                "Storage",
-                "Backup",
+                "Defender",
+                "Sentinel",
+                "Monitor",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Ensure data repositories for the backup solution are stored outside of vSAN storage. Either in Azure native or on a disk pool-backed datastore",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Utilize Azure Defender to detect and respond to security threats and set up monitoring and alerting mechanisms to identify suspicious activities or breaches. Leverage Azure Sentinel for advanced threat detection and response",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "2aee3453-aec8-4339-848b-262d6cc5f512",
-            "service": "AVS",
+            "guid": "c7acbe48-abe5-44cd-99f2-e87768468c55",
+            "link": "https://techcommunity.microsoft.com/t5/azure-storage-blog/managing-long-term-log-retention-or-any-business-data/ba-p/2494791",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
-                "Arc",
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "Ensure workloads running on Azure VMware Solution are hybrid managed using Azure Arc for Servers (Arc for Azure VMware Solution is in preview)",
-            "waf": "Operations"
+            "text": "Establish data retention and disposal policies to adhere to compliance regulations. Implement secure deletion methods for data that is no longer required and maintain an audit trail of data retention and disposal activities",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "925398e6-da9d-437d-ac43-bc6cd1d79a9b",
-            "service": "AVS",
+            "guid": "a9c27d9c-42bb-46bd-8c69-99a246f3389a",
+            "link": "https://learn.microsoft.com/azure/ai-services/content-safety/concepts/jailbreak-detection",
+            "service": "Azure OpenAI",
             "services": [
-                "Monitor",
-                "AVS",
-                "WAF"
-            ],
-            "severity": "Medium",
-            "text": "Ensure workloads running on Azure VMware Solution are monitored using Azure Log Analytics and Azure Monitor",
-            "waf": "Operations"
+                "WAF"
+            ],
+            "severity": "High",
+            "text": "Implement Prompt shields and groundedness detection using Content Safety ",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "24604489-a8f4-42d7-ae78-cb6a33bd2a09",
-            "service": "AVS",
+            "guid": "a775c6ee-95b9-46ad-a844-ce3b2b38b876",
+            "link": "https://learn.microsoft.com/azure/compliance/",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Include workloads running on Azure VMware Solution in existing update management tooling or in Azure Update Management",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Ensure compliance with relevant data protection regulations, such as GDPR or HIPAA, by implementing privacy controls and obtaining necessary consents or permissions for data processing activities.",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "17e7a8d9-0ae0-4e27-aee2-9711bd352caa",
-            "service": "AVS",
+            "guid": "ba2cf204-9901-43a5-b3ce-474dccbd8682",
+            "service": "Azure OpenAI",
             "services": [
-                "Monitor",
-                "AVS",
-                "AzurePolicy",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use Azure Policy to onboard Azure VMware Solution workloads in the Azure Management, Monitoring and Security solutions",
-            "waf": "Operations"
+            "text": "Educate your employees about data security best practices, the importance of handling data securely, and potential risks associated with data breaches. Encourage them to follow data security protocols diligently.",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "aee3553a-fc83-4392-98b2-62d6cc5f5129",
-            "service": "AVS",
+            "guid": "eae01e6e-842e-452f-9721-d928c1b1cd52",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
-                "Defender",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Ensure workloads running on Azure VMware Solution are onboarded to Microsoft Defender for Cloud",
+            "severity": "High",
+            "text": "Keep production data separate from development and testing data. Only use real sensitive data in production and utilize anonymized or synthetic data in development and test environments.",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "25398e6d-b9d3-47da-a43b-c6cd1d79a9b2",
-            "service": "AVS",
+            "guid": "1e54a29a-9de3-499c-bd7b-28dc93555620",
+            "service": "Azure OpenAI",
             "services": [
-                "Backup",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Ensure backups are not stored on vSAN as vSAN is a finite resource",
-            "waf": "Reliability"
+            "text": "If you have varying levels of data sensitivity, consider creating separate indexes for each level. For instance, you could have one index for general data and another for sensitive data, each governed by different access protocols",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "5e6bfbb9-ed50-4354-9cc4-47e826028a71",
-            "service": "AVS",
+            "guid": "2bfe4564-b0d8-434a-948b-263e6dd60512",
+            "service": "Azure OpenAI",
             "services": [
-                "WAF"
+                "RBAC",
+                "WAF",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "Have all DR solutions been considered and a solution that is best for your business been decided upon? [SRM/JetStream/Zerto/Veeam/...]",
-            "waf": "Reliability"
+            "text": "Take segregation a step further by placing sensitive datasets in different instances of the service. Each instance can be controlled with its own specific set of RBAC policies",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "f0f1cac6-d9ef-41d5-b832-d42e3611c818",
-            "service": "AVS",
+            "guid": "a36498f6-dbad-438e-ad53-cc7ce1d7aaab",
+            "service": "Azure OpenAI",
             "services": [
-                "ASR",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Use Azure Site Recovery when the Disaster Recovery technology is native Azure IaaS",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Recognize that embeddings and vectors generated from sensitive information are themselves sensitive. This data should be afforded the same protective measures as the source material",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "b0afbc51-0e43-4a18-a9cd-289bed6b17db",
-            "service": "AVS",
+            "guid": "3571449a-b805-43d8-af89-dc7b33be2a1a",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/role-based-access-control",
+            "service": "Azure OpenAI",
             "services": [
+                "RBAC",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Use Automated recovery plans with either of the Disaster solutions, avoid manual tasks as much as possible",
-            "waf": "Reliability"
+            "text": "Apply RBAC to th data stores having embeddings and vectors and scope access based on role's access requirements",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "8255461e-2aee-4345-9aec-8339248b262d",
-            "service": "AVS",
+            "guid": "27f7b9e9-1be1-4f38-aef3-9812bd463cbb",
+            "link": "https://techcommunity.microsoft.com/t5/azure-architecture-blog/azure-openai-private-endpoints-connecting-across-vnet-s/ba-p/3913325",
+            "service": "Azure OpenAI",
             "services": [
-                "ASR",
-                "WAF"
+                "WAF",
+                "PrivateLink"
             ],
-            "severity": "Medium",
-            "text": "Use the geopolitical region pair as the secondary disaster recovery environment",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Configure private endpoint for AI services to restrict service access within your network",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "6cc5f512-9253-498e-9da9-d37dac43bc6c",
-            "service": "AVS",
+            "guid": "ac8ac199-ebb9-41a3-9d90-cae2cc881370",
+            "service": "Azure OpenAI",
             "services": [
-                "WAF"
+                "VNet",
+                "WAF",
+                "Firewall"
             ],
             "severity": "High",
-            "text": "Use 2 different address spaces between the regions, for example: 10.0.0.0/16 and 192.168.0.0/16 for the different regions",
-            "waf": "Reliability"
+            "text": "Enforce strict inbound and outbound traffic control with Azure Firewall and UDRs and limit the external integration points",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "d1d79a9b-2460-4448-aa8f-42d78e78cb6a",
-            "service": "AVS",
+            "guid": "6f7c0cba-fe51-4464-add4-57e927138b82",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
-                "ExpressRoute",
-                "NVA",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Will ExpressRoute Global Reach be used for connectivity between the primary and secondary Azure VMware Solution Private Clouds or is routing done through network virtual appliances?",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Implement network segmentation and access controls to restrict access to the LLM application only to authorized users and systems and prevent lateral movement",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "33bd2a09-17e7-4a8d-a0ae-0e27cee29711",
-            "service": "AVS",
+            "guid": "7f42c78e-78cb-46a2-8ad1-90916e6a8d8f",
+            "link": "https://www.microsoft.com/research/blog/llmlingua-innovating-llm-efficiency-with-prompt-compression/",
+            "service": "Azure OpenAI",
             "services": [
-                "Backup",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Have all Backup solutions been considered and a solution that is best for your business been decided upon? [ MABS/CommVault/Metallic.io/Veeam/�. ]",
-            "waf": "Reliability"
+            "text": "Use prompt compression tools like LLMLingua or gprtrim",
+            "waf": "Cost Optimization"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "bd352caa-ab79-4b18-adab-81932c9fc9d1",
-            "service": "AVS",
+            "guid": "1102cac6-eae0-41e6-b842-e52f4721d928",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/managed-identity",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
-                "Backup",
-                "WAF"
+                "Entra",
+                "WAF",
+                "AKV"
             ],
-            "severity": "Medium",
-            "text": "Deploy your backup solution in the same region as your Azure VMware Solution private cloud",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Ensure that APIs and endpoints used by the LLM application are properly secured with authentication and authorization mechanisms, such as Managed identities,  API keys or OAuth, to prevent unauthorized access.",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "bb77036f-5e6b-4fbb-aed5-03547cc447e8",
-            "service": "AVS",
+            "guid": "c1b1cd52-1e54-4a29-a9de-399cfd7b28dc",
+            "link": "https://techcommunity.microsoft.com/t5/azure-architecture-blog/security-best-practices-for-genai-applications-openai-in-azure/ba-p/4027885",
+            "service": "Azure OpenAI",
             "services": [
-                "Backup",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Deploy your backup solution outside of vSan, on Azure native components",
-            "waf": "Reliability"
+            "text": "Enforce strong end user authentication mechanisms, such as multi-factor authentication, to prevent unauthorized access to the LLM application and associated network resources",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "26028a71-f0f1-4cac-9d9e-f1d5e832d42e",
-            "service": "AVS",
+            "guid": "93555620-2bfe-4456-9b0d-834a348b263e",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
+                "Monitor",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Is a process in place to request a restore of the VMware components managed by the Azure Platform?",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Implement network monitoring tools to detect and analyze network traffic for any suspicious or malicious activities. Enable logging to capture network events and facilitate forensic analysis in case of security incidents",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "4604489a-8f42-4d78-b78c-b7a33bd2a0a1",
-            "service": "AVS",
+            "guid": "6dd60512-a364-498f-9dba-d38ead53cc7c",
+            "service": "Azure OpenAI",
             "services": [
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "For manual deployments, all configuration and deployments must be documented",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Conduct security audits and penetration testing to identify and address any network security weaknesses or vulnerabilities in the LLM application's network infrastructure",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "7e7a8d90-ae0e-437c-be29-711bd352caaa",
-            "service": "AVS",
+            "guid": "e1d7aaab-3571-4449-ab80-53d89f89dc7b",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/tag-resources?tabs=json",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
                 "WAF"
             ],
             "severity": "Low",
-            "text": "For manual deployments, consider implementing resource locks to prevent accidental actions on your Azure VMware Solution Private Cloud",
-            "waf": "Operations"
+            "text": "Azure AI Services are properly tagged for better management",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "b79b198d-ab81-4932-a9fc-9d1bb78036f5",
-            "service": "AVS",
+            "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations",
+            "service": "Azure OpenAI",
             "services": [
                 "WAF"
             ],
             "severity": "Low",
-            "text": "For automated deployments, deploy a minimal private cloud and scale as needed",
-            "waf": "Operations"
+            "text": "Azure AI Service accounts follows organizational naming conventions",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "e6bfbb9e-d503-4547-ac44-7e826128a71f",
-            "service": "AVS",
+            "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
+            "link": "https://learn.microsoft.com/azure/ai-services/diagnostic-logging",
+            "service": "Azure OpenAI",
             "services": [
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "For automated deployments,  request or reserve quota prior to starting the deployment",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Diagnostic logs in Azure AI services resources should be enabled",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "0f1cac6d-9ef1-4d5e-a32e-42e3611c818b",
-            "service": "AVS",
+            "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
+            "link": "https://learn.microsoft.com/azure/ai-services/authentication",
+            "service": "Azure OpenAI",
             "services": [
-                "AzurePolicy",
+                "Entra",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "For automated deployment, ensure that relevant resource locks are created through the automation or through Azure Policy for proper governance",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Key access (local authentication) is recommended to be disabled for security.  After disabling key based access, Microsoft Entra ID becomes the only access method, which allows maintaining minimum privilege principle and granular control. ",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "e2cc95d4-8c6b-4791-bca0-f6c56589e558",
-            "service": "AVS",
+            "guid": "6b57cfc6-5546-41e1-a3e3-453a3c863964",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Azure OpenAI",
             "services": [
-                "AKV",
-                "WAF"
+                "Entra",
+                "WAF",
+                "AKV"
             ],
-            "severity": "Low",
-            "text": "Implement human understandable names for ExR authorization keys to allow for easy identification of the keys purpose/use",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Store and manage keys securely using Azure Key Vault. Avoid hard-coding or embedding sensitive keys within your LLM application's code and retrieve them securely from Azure Key Vault using managed identities",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "255461e2-aee3-4553-afc8-339248b262d6",
-            "service": "AVS",
+            "guid": "8b652d6c-15f5-4129-9539-8e6ded227dd1",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Azure OpenAI",
             "services": [
-                "AKV",
-                "AVS",
-                "ExpressRoute",
-                "WAF"
+                "WAF",
+                "AKV"
             ],
-            "severity": "Low",
-            "text": "Use Key vault to store secrets and authorization keys when separate Service Principles are used for deploying Azure VMware Solution and ExpressRoute",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Regularly rotate and expire keys stored in Azure Key Vault to minimize the risk of unauthorized access.",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "cc5f5129-2539-48e6-bb9d-37dac43bc6cd",
-            "service": "AVS",
+            "guid": "adfe27be-e297-401a-a352-baaab79b088d",
+            "link": "https://github.com/openai/tiktoken",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Define resource dependencies for serializing actions in IaC when many resources need to be deployed in/on Azure VMware Solution as Azure VMware Solution only supports a limited number of parallel operations.",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Use tiktoken to understand token sizes for token optimizations in conversational mode",
+            "waf": "Cost Optimization"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "1d79a9b2-4604-4489-a8f4-2d78e78cb7a3",
-            "service": "AVS",
+            "guid": "42b06c21-d799-49a6-96f4-389a7f42c78e",
+            "link": "https://learn.microsoft.com/azure/security/develop/secure-dev-overview",
+            "service": "Azure OpenAI",
             "services": [
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "When performing automated configuration of NSX-T segments with a single Tier-1 gateway, use Azure Portal APIs instead of NSX-Manager APIs",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Follow secure coding practices to prevent common vulnerabilities such as injection attacks, cross-site scripting (XSS), or security misconfigurations",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "3bd2a0a1-7e7a-48d9-8ae0-e37cee29711b",
-            "service": "AVS",
+            "guid": "78c06a73-a22a-4495-9e6a-8dc4a20e27c3",
+            "link": "https://learn.microsoft.com/azure/devops/repos/security/github-advanced-security-dependency-scanning?view=azure-devops",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
-                "Subscriptions",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "When intending to use automated scale-out, be sure to apply for sufficient Azure VMware Solution quota for the subscriptions running Azure VMware Solution",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "Setup a process to regularly update and patch the LLM libraries and other system components",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "d352caaa-b79b-4198-bab8-1932c9fc9d1b",
-            "service": "AVS",
+            "guid": "e29711b1-352b-4eee-879b-588defc4972c",
+            "link": "https://learn.microsoft.com/legal/cognitive-services/openai/code-of-conduct",
+            "service": "Azure OpenAI",
             "services": [
-                "Storage",
-                "AzurePolicy",
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Medium",
-            "text": "When intending to use automated scale-in, be sure to take storage policy requirements into account before performing such action",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "Adhere to Azure OpenAI or other LLMs terms of use, policies and guidance and allowed use cases",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "b78036f5-e6bf-4bb9-bd50-3547cc447e82",
-            "service": "AVS",
+            "guid": "d3cd21bf-7703-46e5-b6b4-bed3d503547c",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/manage-costs#base-series-and-codex-series-fine-tuned-models",
+            "service": "Azure OpenAI",
             "services": [
+                "Cost",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Scaling operations always need to be serialized within a single SDDC as only one scale operation can be performed at a time (even when multiple clusters are used)",
-            "waf": "Performance"
+            "text": "Understand difference in cost of base models and fine tuned models and token step sizes",
+            "waf": "Cost Optimization"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "bf15bce2-19e4-4a0e-a588-79424d226786",
-            "service": "AVS",
+            "guid": "1347dc56-028a-471f-be1c-e15dd3f0d5e7",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/latency#batching",
+            "service": "Azure OpenAI",
             "services": [
+                "Cost",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Consider and validate scaling operations on 3rd party solutions used in the architecture (supported or not)",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "Batch requests, where possible, to minimize the per-call overhead which can reduce overall costs. Ensure you optimize batch size",
+            "waf": "Cost Optimization"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "d20b56c5-7be5-4851-a0f8-3835c586cb29",
-            "service": "AVS",
+            "guid": "72d41e36-11cc-457b-9a4b-1410d43958a8",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/manage-costs",
+            "service": "Azure OpenAI",
             "services": [
+                "Monitor",
+                "Cost",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Define and enforce scale in/out maximum limits for your environment in the automations",
-            "waf": "Performance"
+            "text": "Set up a cost tracking system that monitors model usage and use that information to help inform model choices and prompt sizes",
+            "waf": "Cost Optimization"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "1dc15a1c-075e-4e9f-841a-cccd579376bc",
-            "service": "AVS",
+            "guid": "166cd072-af9b-4141-a898-a535e737897e",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/quota?tabs=rest#understanding-rate-limits",
+            "service": "Azure OpenAI",
             "services": [
-                "Monitor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Implement monitoring rules to monitor automated scaling operations and monitor success and failure to enable appropriate (automated) responses",
-            "waf": "Operations"
+            "text": "Set a maximum limit on the number of tokens per model response. Optimize the size to ensure it is large enough for a valid response",
+            "waf": "Cost Optimization"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "c5972cd4-cd21-4b07-9036-f5e6b4bfd3d5",
-            "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy#how-application-proxy-works",
-            "service": "AVS",
+            "guid": "71ca7da8-cfa9-462a-8594-946da97dc3a2",
+            "link": "https://learn.microsoft.com/azure/search/search-reliability",
+            "service": "Azure OpenAI",
             "services": [
-                "VM",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "When using MON, be aware of the limits of simulataneously configured VMs (MON Limit for HCX [400 - standard, 1000 - Larger appliance])",
-            "training": "https://learn.microsoft.com/learn/modules/configure-azure-ad-application-proxy/",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Review the guidance provided on setting up AI search for Reliability",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "be1f38cf-03a8-422b-b463-cbbbc8ac299e",
-            "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy#how-application-proxy-works",
-            "service": "AVS",
+            "guid": "3266b225-86f4-4a16-92bd-ddea8a487cde",
+            "link": "https://learn.microsoft.com/azure/search/vector-search-index-size?tabs=portal-vector-quota",
+            "service": "Azure OpenAI",
             "services": [
+                "Storage",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "When using MON, you cannot enable MON on more than 100 Network extensions",
-            "training": "https://learn.microsoft.com/learn/paths/implement-applications-external-access-azure-ad/",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Plan and manage AI Search Vector storage",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "bc91a43d-90da-4e2c-a881-4706f7c1cbaf",
-            "service": "AVS",
+            "guid": "b4861bc3-bc14-4aeb-9e66-e8d9a3aec218",
+            "link": "https://learn.microsoft.com/azure/machine-learning/prompt-flow/how-to-end-to-end-llmops-with-prompt-flow?view=azureml-api-2",
+            "service": "Azure OpenAI",
             "services": [
-                "VPN",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "If using a VPN connection for migrations, adjust your MTU size accordingly.",
-            "waf": "Performance"
+            "text": "Apply LLMOps practices to automate the lifecycle management of your GenAI applications",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "e614658d-d457-4e92-9139-b821102cad6e",
-            "service": "AVS",
+            "guid": "aa80932c-8ec9-4d1b-a770-26e5e6beba9e",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/provisioned-throughput-onboarding#understanding-the-provisioned-throughput-purchase-model",
+            "service": "Azure OpenAI",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "For low connectivity regions connecting into Azure (500Mbps or less), considering deploying the HCX WAN optimization appliance",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "Evaluate usage of billing models - PAYG vs PTU",
+            "waf": "Cost Optimization"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "ae01e6e8-43e5-42f4-922d-928c1b1cd521",
-            "service": "AVS",
+            "guid": "e6436b07-36db-455f-9796-03334bdf9cc2",
+            "link": "https://techcommunity.microsoft.com/t5/ai-azure-ai-services-blog/how-to-control-azure-openai-models/ba-p/4146793",
+            "service": "Azure OpenAI",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Ensure that migrations are started from the on-premises appliance and NOT from the Cloud appliance (do NOT perform a reverse migration)",
-            "waf": "Reliability"
+            "text": "Evaluate the quality of  prompts and applications when switching between model versions",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "e54a29a9-de39-4ac0-b7c2-8dc935657202",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings",
-            "service": "AVS",
+            "guid": "3418db61-2712-4650-9bb4-7a393a080327",
+            "link": "https://learn.microsoft.com/azure/machine-learning/prompt-flow/concept-model-monitoring-generative-ai-evaluation-metrics?view=azureml-api-2",
+            "service": "Azure OpenAI",
             "services": [
-                "AVS",
-                "VM",
-                "Storage",
+                "Monitor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "When Azure Netapp Files is used to extend storage for Azure VMware Solution,consider using this as a VMware datastore instead of attaching directly to a VM.",
-            "waf": "Reliability"
+            "text": "Evaluate, monitor and refine your GenAI apps for features like groundedness, relevance, accuracy, coherence, fluency, �",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "bff4564b-0d93-44a3-98b2-63e7dd60513a",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#avoid-combining-traffic-manager-and-front-door",
-            "service": "AVS",
+            "guid": "294798b1-578b-4219-a46c-eb5443513592",
+            "service": "Azure OpenAI",
             "services": [
-                "Storage",
-                "ExpressRoute",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Ensure that a dedicated ExpressRoute Gateway is being used for external data storage solutions",
-            "waf": "Reliability"
+            "text": "Evaluate your Azure AI Search results based on different search parameters",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "3649906e-bad3-48ea-b53c-c7de1d8aaab3",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-the-same-domain-name-on-front-door-and-your-origin",
-            "service": "AVS",
+            "guid": "2744293b-b628-4537-a551-19b08e8f5854",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/concepts/fine-tuning-considerations",
+            "service": "Azure OpenAI",
             "services": [
-                "Storage",
-                "ExpressRoute",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Ensure that FastPath is enabled on the ExpressRoute Gateway that is being used for external data storage solutions",
-            "waf": "Reliability"
+            "text": "Look at fine tuning models as way of increasing accuracy only when you have tried other basic approaches like prompt engineering and RAG with your data",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "571549ab-8153-4d89-b89d-c7b33be2b1a2",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group",
-            "service": "AVS",
+            "guid": "287d9cec-166c-4d07-8af9-b141a898a535",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/concepts/advanced-prompt-engineering?pivots=programming-language-chat-completions",
+            "service": "Azure OpenAI",
             "services": [
-                "ASR",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "If using stretched cluster, ensure that your selected Disaster Recovery solution is supported by the vendor",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Use prompt engineering techniques to improve the accuracy of LLM responses",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "4c486b6d-8bdc-4059-acf7-5ee8a1309888",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#select-good-health-probe-endpoints",
-            "service": "AVS",
+            "guid": "e737897e-71ca-47da-acfa-962a1594946d",
+            "link": "https://learn.microsoft.com/azure/ai-services/openai/concepts/red-teaming",
+            "service": "Azure OpenAI",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "If using stretched cluster, ensure that the SLA provided will meet your requirements",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Red team your GenAI applications",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "9579d66b-896d-471f-a6ca-7be9955d04c3",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes",
-            "service": "AVS",
+            "guid": "edb117e6-76aa-4f66-aca4-8e5a95f2223e",
+            "link": "https://www.microsoft.com/haxtoolkit/guideline/encourage-granular-feedback/",
+            "service": "Azure OpenAI",
             "services": [
-                "ExpressRoute",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "If using stretched cluster, ensure that both ExpressRoute circuits are connected to your connectivity hub.",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Provide end users with scoring options for LLM responses and track these scores. ",
+            "waf": "Operational Excellence"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "c49d987c-b3d1-4325-aa12-4b6e4d0685ed",
-            "link": "https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity",
-            "service": "AVS",
+            "guid": "d5f3547c-c346-4d81-9028-a71ffe1b9b5d",
+            "link": "https://techcommunity.microsoft.com/t5/fasttrack-for-azure/optimizing-azure-openai-a-guide-to-limits-quotas-and-best/ba-p/4076268",
+            "service": "Azure OpenAI",
             "services": [
-                "ExpressRoute",
                 "WAF"
             ],
             "severity": "High",
-            "text": "If using stretched cluster, ensure that both ExpressRoute circuits have GlobalReach enabled.",
-            "waf": "Reliability"
+            "text": "Consider Quota management practices",
+            "waf": "Cost Optimization"
         },
         {
-            "arm-service": "Microsoft.AVS/privateClouds",
+            "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "WAF checklist",
-            "guid": "dce9793b-7bcd-4b3b-91eb-2ec14eea6e59",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates",
-            "service": "AVS",
+            "guid": "9de0d5d7-31d4-41e3-911c-817bfafbc410",
+            "link": "https://github.com/Azure/aoai-apim/blob/main/README.md",
+            "service": "Azure OpenAI",
             "services": [
-                "WAF"
+                "Entra",
+                "WAF",
+                "APIM",
+                "ACR",
+                "LoadBalancer"
             ],
-            "severity": "High",
-            "text": "Have site disaster tolerance settings been properly considered and changed for your business if needed.",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Use Load balancer solutions like APIM based gateway for balancing load and capacity across services and regions",
+            "waf": "Operational Excellence"
         },
         {
             "arm-service": "Microsoft.Devices/IotHubs",
@@ -29161,4881 +32581,4980 @@
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
-            "checklist": "WAF checklist",
-            "guid": "a85b86ad-884f-48e3-9273-4b875ba18f10",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/concepts/system-message#define-additional-safety-and-behavioral-guardrails",
-            "service": "Azure OpenAI",
-            "services": [
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "Follow Metaprompting guardrails for resonsible AI",
-            "waf": "Operational Excellence"
-        },
-        {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "Microsoft.App/containerApps",
             "checklist": "WAF checklist",
-            "guid": "d4391898-cd28-48be-b6b1-7cb8245451e1",
-            "link": "https://github.com/Azure-Samples/AI-Gateway",
-            "service": "Azure OpenAI",
+            "guid": "af416482-663c-4ed6-b195-b44c7068e09c",
+            "link": "https://learn.microsoft.com/azure/reliability/reliability-azure-container-apps?tabs=azure-cli#availability-zone-support",
+            "service": "Container Apps",
             "services": [
-                "Entra",
-                "APIM",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Consider Gateway patterns with APIM  or solutions like AI central for better rate limiting, load balancing, authentication and logging",
-            "waf": "Operational Excellence"
+            "text": "Leverage Availability Zones if regionally applicable",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "Microsoft.App/containerApps",
             "checklist": "WAF checklist",
-            "guid": "aed3453a-ec72-4392-97a1-52d6cc5e4029",
-            "link": "https://techcommunity.microsoft.com/t5/fasttrack-for-azure/azure-openai-insights-monitoring-ai-with-confidence/ba-p/4026850",
-            "service": "Azure OpenAI",
+            "guid": "95bc80ec-6499-4d14-a7d2-7d296b1d8abc",
+            "link": "https://learn.microsoft.com/azure/reliability/reliability-azure-container-apps?tabs=azure-cli#set-up-zone-redundancy-in-your-container-apps-environment",
+            "service": "Container Apps",
             "services": [
-                "Monitor",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Enable monitoring for your AOAI instances",
-            "waf": "Operational Excellence"
+            "text": "Use more than one replica and enable Zone Redundancy.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "Microsoft.App/containerApps",
             "checklist": "WAF checklist",
-            "guid": "697cb391-ed16-4b2d-886f-0a0241addde6",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/monitoring#set-up-alerts",
-            "service": "Azure OpenAI",
+            "guid": "ccaa4fc2-fdbc-4432-8bb7-f7e6469e4dc3",
+            "link": "https://learn.microsoft.com/azure/reliability/reliability-azure-container-apps?tabs=azure-cli#cross-region-disaster-recovery-and-business-continuity",
+            "service": "Container Apps",
             "services": [
-                "AKV",
-                "Monitor",
-                "Subscriptions",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Create alerts to notify teams of events such as an entry in the activity log created by an action performed on the resource, such as regenerating its subscription keys or a metric threshold such as the number of errors exceeding 10 in an hour",
-            "waf": "Operational Excellence"
+            "text": "For cross-region DR, deploy container apps in multiple regions and follow active/active or active/passive application guidance.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "Microsoft.App/containerApps",
             "checklist": "WAF checklist",
-            "guid": "8a477cde-b486-41bc-9bc1-0ae66e25d4d5",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/monitoring",
-            "service": "Azure OpenAI",
+            "guid": "2ffada86-c031-4933-bf7d-0c45bc4e5919",
+            "link": "https://learn.microsoft.com/azure/reliability/reliability-azure-container-apps?tabs=azure-cli#cross-region-disaster-recovery-and-business-continuity",
+            "service": "Container Apps",
             "services": [
-                "Monitor",
-                "WAF"
+                "TrafficManager",
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "High",
-            "text": "Monitor token usage to prevent service disruptions due to capacity",
-            "waf": "Operational Excellence"
+            "text": "Use Front Door or Traffic Manager to route traffic to the closest region",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "Microsoft.DBforPostgreSQL/servers",
             "checklist": "WAF checklist",
-            "guid": "a3aec2c4-e243-46b0-936c-b45e17960eee",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/monitoring",
-            "service": "Azure OpenAI",
+            "guid": "65285269-441c-44bf-9d3e-0844276d4bdc",
+            "link": "https://learn.microsoft.com/azure/postgresql/flexible-server/overview",
+            "service": "PostgreSQL",
             "services": [
-                "Monitor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "observe metrics like processed inference tokens, generated completion tokens monitor for rate limit",
-            "waf": "Operational Excellence"
+            "text": "Leverage Flexible Server",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "Microsoft.DBforPostgreSQL/servers",
             "checklist": "WAF checklist",
-            "guid": "fbdf4cc2-eec4-4d76-8c31-d25ffbb46a39",
-            "link": "https://techcommunity.microsoft.com/t5/apps-on-azure-blog/build-an-enterprise-ready-azure-openai-solution-with-azure-api/ba-p/3907562",
-            "service": "Azure OpenAI",
+            "guid": "016ccf31-ae5a-41eb-9888-9535e227896d",
+            "link": "https://learn.microsoft.com/azure/postgresql/flexible-server/overview#architecture-and-high-availability",
+            "service": "PostgreSQL",
             "services": [
-                "APIM",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "If the diagnostics are not sufficient for you, consider using a gateway such as Azure API Managements in front of Azure OpenAI to log both incoming prompts and outgoing responses, where permitted",
-            "waf": "Operational Excellence"
+            "severity": "High",
+            "text": "Leverage Availability Zones where regionally applicable",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "Microsoft.DBforPostgreSQL/servers",
             "checklist": "WAF checklist",
-            "guid": "3af30ed3-2947-498b-8178-a2c5a46ceb54",
-            "link": "https://github.com/Azure-Samples/openai-enterprise-iac",
-            "service": "Azure OpenAI",
+            "guid": "31b67c67-be59-4519-8083-845d587cb391",
+            "link": "https://learn.microsoft.com/azure/postgresql/single-server/concepts-business-continuity#cross-region-read-replicas",
+            "service": "PostgreSQL",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use Infrastructure as code to deploy the Azure OpenAI Service, model deployments, and all related resources",
-            "waf": "Operational Excellence"
+            "severity": "Medium",
+            "text": "Leverage cross-region read replicas for BCDR",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "4350d092-d234-4292-a752-8537a551c5bf",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/managed-identity",
-            "service": "Azure OpenAI",
+            "guid": "ab5351f6-383a-45ed-9c5e-b143b16db40a",
+            "link": "https://learn.microsoft.com/azure/aks/use-windows-hpc",
+            "service": "AKS",
             "services": [
-                "Entra",
+                "AKS",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use Microsoft Entra Authentication with Managed Identity instead of API Key",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "If required for AKS Windows workloads HostProcess containers can be used",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "4e4f1854-287d-45cd-a126-cc031af5b1fc",
-            "link": "https://learn.microsoft.com/azure/machine-learning/prompt-flow/how-to-bulk-test-evaluate-flow?view=azureml-api-2",
-            "service": "Azure OpenAI",
+            "guid": "a280dcf5-90ce-465d-b8e1-3f9ccbd46926",
+            "link": "https://learn.microsoft.com/azure/azure-functions/functions-kubernetes-keda",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Evaluate the performance/accuracy of the system with a known golden dataset which has the inputs and the correct answers. Leverage capabilities in PromptFlow for Evaluation.",
-            "waf": "Operational Excellence"
+            "severity": "Low",
+            "text": "Use KEDA if running event-driven workloads",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "68889535-e327-4897-b31b-67d67be5962a",
-            "link": "https://learn.microsoft.com/azure/architecture/ai-ml/architecture/baseline-openai-e2e-chat#azure-openai---performance-efficiency",
-            "service": "Azure OpenAI",
+            "guid": "26886d20-b66c-457b-a591-19bf8e8f5c58",
+            "link": "https://dapr.io/",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Evaluate usage of Provisioned throughput model ",
-            "waf": "Performance"
+            "severity": "Low",
+            "text": "Use Dapr to ease microservice development",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "cd288bed-6b17-4cb8-8454-51e1aed3453a",
-            "link": "https://learn.microsoft.com/azure/ai-services/content-safety/overview",
-            "service": "Azure OpenAI",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (sku.tier=='Paid') | distinct id,compliant",
+            "guid": "71d41e36-10cc-457b-9a4b-1410d4395898",
+            "link": "https://learn.microsoft.com/azure/aks/uptime-sla",
+            "service": "AKS",
             "services": [
+                "AKS",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Review and implement Azure AI content safety",
-            "waf": "Operational Excellence"
+            "text": "Use the SLA-backed AKS offering",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "1193846d-697c-4b39-8ed1-6b2d186f0a02",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/latency#system-level-throughput",
-            "service": "Azure OpenAI",
+            "guid": "c1288b3c-6a57-4cfc-9444-51e1a3d3453a",
+            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-scheduler",
+            "service": "AKS",
             "services": [
+                "Cost",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Define and evaluate the throughput of the system based on tokens & response per minute and align with requirements",
-            "waf": "Performance"
+            "severity": "Low",
+            "text": "Use Disruption Budgets in your pod and deployment definitions",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "41addde6-8a47-47cd-bb48-61bc3bc10ae6",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/latency#improve-performance",
-            "service": "Azure OpenAI",
+            "guid": "3c763963-7a55-42d5-a15e-401955387e5c",
+            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-geo-replication",
+            "service": "ACR",
             "services": [
+                "ACR",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Improve latency of the system by limiting token sizes, streaming options",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "If using a private registry, configure region replication to store images in multiple regions",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "6e25d4d5-a3ae-4c2c-9e24-36b0336cb45e",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/latency#batching",
-            "service": "Azure OpenAI",
+            "guid": "f82cb8eb-8c0a-4a63-a25a-4956eaa8dc4a",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/aks/eslz-cost-governance-with-kubecost",
+            "service": "AKS",
             "services": [
-                "Storage",
-                "ServiceBus",
+                "Cost",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Estimate elasticity demands to determine synchronous and batch request segregation based on priority. For high priority, use synchronous approach and for low priority, asynchronous batch processing with queue is preferred",
-            "waf": "Performance"
+            "severity": "Low",
+            "text": "Use an external application such as kubecost to allocate costs to different users",
+            "waf": "Cost"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "5bda4332-4f24-4811-9331-82ba51752694",
-            "link": "https://github.com/Azure/azure-openai-benchmark/",
-            "service": "Azure OpenAI",
+            "guid": "4d3dfbab-9924-4831-a68d-fdf0d72f462c",
+            "link": "https://learn.microsoft.com/azure/aks/scale-down-mode",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Benchmark token consumption requirements based on estimated demands from consumers. Consider using the Azure OpenAI benchmarking tool to help you validate the throughput if you are using Provisioned Throughput Unit deployments",
-            "waf": "Performance"
+            "severity": "Low",
+            "text": "Use scale down mode to delete/deallocate nodes",
+            "waf": "Cost"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "4008ae7d-7e47-4432-96d8-bdcf55bce619",
-            "link": "https://techcommunity.microsoft.com/t5/fasttrack-for-azure/optimizing-azure-openai-a-guide-to-limits-quotas-and-best/ba-p/4076268",
-            "service": "Azure OpenAI",
+            "guid": "87e651ea-bc4a-4a87-a6df-c06a4b570ebc",
+            "link": "https://learn.microsoft.com/azure/aks/gpu-multi-instance",
+            "service": "AKS",
             "services": [
+                "AKS",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "If you are using Provisioned Throughput Units (PTUs), consider deploying a token-per-minute (TPM) deployment for overflow requests. Use a gateway to route requests to the TPM deployment when the PTU limits are reached.",
-            "waf": "Performance"
+            "text": "When required use multi-instance partitioning GPU on AKS Clusters",
+            "waf": "Cost"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "e8a13f98-8794-424d-9267-86d60b96c97b",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/concepts/models",
-            "service": "Azure OpenAI",
+            "guid": "2b72a08b-0410-4cd6-9093-e068a5cf27e8",
+            "link": "https://learn.microsoft.com/azure/aks/start-stop-nodepools",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Choose the right model for the right task. Pick models with right tradeoff between speed, quality of response and output complexity",
-            "waf": "Performance"
+            "severity": "Low",
+            "text": "If running a Dev/Test cluster use NodePool Start/Stop",
+            "waf": "Cost"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "e9951904-8384-45c9-a6cb-2912156a1147",
-            "link": "https://github.com/Azure/azure-openai-benchmark/",
-            "service": "Azure OpenAI",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (isnotnull(properties.addonProfiles.azurepolicy) and properties.addonProfiles.azurepolicy.enabled==true) | distinct id,compliant",
+            "guid": "9ca48e4a-85e2-4223-bce8-bb12307ca5f1",
+            "link": "https://learn.microsoft.com/azure/governance/policy/concepts/policy-for-kubernetes",
+            "service": "AKS",
             "services": [
-                "WAF"
+                "AKS",
+                "WAF",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "Have a baseline for performance without fine-tuning for knowing whether or not fine-tuning has improved model performance",
-            "waf": "Performance"
+            "text": "Use Azure Policy for Kubernetes to ensure cluster compliance",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "5e39f541-accc-4d97-a376-bcdb3750ab2a",
-            "link": "https://learn.microsoft.com/azure/architecture/ai-ml/architecture/baseline-openai-e2e-chat#azure-openai---reliability",
-            "service": "Azure OpenAI",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | project id,resourceGroup,name,pools=properties.agentPoolProfiles | project id,name,resourceGroup,poolcount=array_length(pools) | extend compliant = (poolcount > 1)",
+            "guid": "6f158e3e-a3a9-42c2-be7e-2165c3a87af4",
+            "link": "https://learn.microsoft.com/azure/aks/use-system-pools",
+            "service": "AKS",
             "services": [
-                "ACR",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Deploy multiple OAI instances across regions",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Separate applications from the control plane with user/system node pools",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "b039da6d-55d7-4c89-8adb-107d5325af62",
-            "link": "https://learn.microsoft.com/azure/architecture/ai-ml/architecture/baseline-openai-e2e-chat#azure-openai---reliability",
-            "service": "Azure OpenAI",
+            "guid": "a7a1f893-9bda-4477-98f2-4c116775c2ea",
+            "link": "https://learn.microsoft.com/azure/aks/use-system-pools",
+            "service": "AKS",
             "services": [
-                "Entra",
-                "APIM",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Implement retry & healthchecks with Gateway pattern like APIM",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "Add taint to your system nodepool to make it dedicated",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "5ca44e46-85e2-4223-ace8-bb12308ca5f1",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/quota?tabs=rest#introduction-to-quota",
-            "service": "Azure OpenAI",
+            "guid": "55b46a94-8008-4ae7-b7e4-b475b6c8bdbf",
+            "link": "https://learn.microsoft.com/azure/container-registry/",
+            "service": "AKS",
             "services": [
+                "ACR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Ensure having adequate quotas of TPM & RPM for the workload",
-            "waf": "Reliability"
+            "text": "Use a private registry for your images, such as ACR",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerregistry/registries",
             "checklist": "WAF checklist",
-            "guid": "ec723923-7a15-42d6-ac5e-402925387e5c",
-            "link": "https://www.microsoft.com/research/project/guidelines-for-human-ai-interaction/",
-            "service": "Azure OpenAI",
+            "guid": "59bce65d-e8a0-43f9-9879-468d66a786d6",
+            "link": "https://learn.microsoft.com/azure/security-center/container-security",
+            "service": "ACR",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Review the considerations in HAI toolkit guidance and apply those interaction practices for the slution",
-            "waf": "Operational Excellence"
+            "text": "Scan your images for vulnerabilities",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "7f154e3a-a369-4282-ae7e-316183687a04",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/business-continuity-disaster-recovery",
-            "service": "Azure OpenAI",
+            "guid": "d167dd18-2b0a-4c24-8b99-9a646f8389a7",
+            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-cluster-isolation",
+            "service": "AKS",
             "services": [
-                "ACR",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Deploy separate fine tuned models across regions if finetuning is employed",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Define app separation requirements (namespace/nodepool/cluster)",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "77a1f893-5bda-4433-84f2-4811633182ba",
-            "link": "https://learn.microsoft.com/azure/backup/backup-overview",
-            "service": "Azure OpenAI",
+            "guid": "5e3df584-eccc-4d97-a3b6-bcda3b50eb2e",
+            "link": "https://github.com/Azure/secrets-store-csi-driver-provider-azure",
+            "service": "AKS",
             "services": [
-                "Backup",
-                "ASR",
-                "WAF"
+                "WAF",
+                "AKV"
             ],
             "severity": "Medium",
-            "text": "Regularly backup and replicate critical data to ensure data availability and recoverability in case of data loss or system failures. Leverage Azure's backup and disaster recovery services to protect your data.",
-            "waf": "Reliability"
+            "text": "Store your secrets in Azure Key Vault with the CSI Secrets Store driver",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "95b96ad8-844c-4e3b-8b38-b876ba2cf204",
-            "link": "https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1",
-            "service": "Azure OpenAI",
+            "guid": "b03dda6d-58d7-4c89-8ddb-107d5769ae66",
+            "link": "https://learn.microsoft.com/azure/aks/update-credentials",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
             "severity": "High",
-            "text": "Azure AI search service tiers should be choosen to have a SLA ",
-            "waf": "Reliability"
+            "text": "If using Service Principals for the cluster, refresh credentials periodically (like quarterly)",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "99013a5d-3ce4-474d-acbd-8682a6abca2a",
-            "link": "https://learn.microsoft.com/purview/purview",
-            "service": "Azure OpenAI",
+            "guid": "e7ba73a3-0508-4f80-806f-527db30cee96",
+            "link": "https://learn.microsoft.com/azure/aks/use-kms-etcd-encryption",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Classify data and sensitivity, labeling with Microsoft Purview before generating the embeddings and make sure to treat the embeddings generated with same sensitivity and classification",
+            "severity": "Medium",
+            "text": "If required add Key Management Service etcd encryption",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "4fda1dbf-3dd9-45d4-ac7c-891dca1f6d56",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/use-your-data-securely",
-            "service": "Azure OpenAI",
+            "guid": "ec8e4e42-0344-41b0-b865-9123e8956d31",
+            "link": "https://learn.microsoft.com/azure/confidential-computing/confidential-nodes-aks-overview",
+            "service": "AKS",
             "services": [
+                "AKS",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Encrypt data used for RAG with SSE/Disk encryption with optional BYOK",
+            "severity": "Low",
+            "text": "If required consider using Confidential Compute for AKS",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "59ae558b-937d-4498-9e11-12dbd7ba012f",
-            "link": "https://learn.microsoft.com/azure/search/search-security-overview",
-            "service": "Azure OpenAI",
+            "guid": "c9e95ffe-6dd1-4a17-8c5f-110389ca9b21",
+            "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-containers-enable",
+            "service": "AKS",
             "services": [
-                "ACR",
+                "Defender",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Ensure TLS is enforced for data in transit across data sources, AI search used for Retrieval-Augmented Generation (RAG) and LLM communication",
+            "severity": "Medium",
+            "text": "Consider using Defender for Containers",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "7b94ef6e-047d-42ea-8992-b1cd6e2054b2",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/role-based-access-control",
-            "service": "Azure OpenAI",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (properties.servicePrincipalProfile.clientId=='msi') | distinct id,compliant",
+            "guid": "ed127dd1-42b0-46b2-8c69-99a646f3389a",
+            "link": "https://learn.microsoft.com/azure/aks/use-managed-identity",
+            "service": "AKS",
             "services": [
-                "RBAC",
+                "Entra",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Use RBAC to manage access to Azure OpenAI services. Assign appropriate permissions to users and restrict access based on their roles and responsibilities",
+            "text": "Use managed identities instead of Service Principals",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "9769e4a6-91e8-4838-ac93-6667e13c0056",
-            "link": "https://learn.microsoft.com/azure/security/fundamentals/data-encryption-best-practices",
-            "service": "Azure OpenAI",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = isnotnull(properties.aadProfile) | distinct id,compliant",
+            "guid": "7e42c78e-78c0-46a6-8a21-94956e698dc4",
+            "link": "https://learn.microsoft.com/azure/aks/managed-aad",
+            "service": "AKS",
             "services": [
+                "Entra",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Implement data encryption,  masking or redaction techniques to hide sensitive data or replace it with obfuscated values in non-production environments or when sharing data for testing or troubleshooting purposes",
+            "text": "Integrate authentication with AAD (using the managed integration)",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "74b1e945-b459-4837-be7a-d6c6d3b375a5",
-            "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-cloud-introduction",
-            "service": "Azure OpenAI",
+            "guid": "a2fe27b2-e287-401a-8352-beedf79b488d",
+            "link": "https://learn.microsoft.com/azure/aks/control-kubeconfig-access",
+            "service": "AKS",
             "services": [
-                "Sentinel",
-                "Monitor",
-                "Defender",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Utilize Azure Defender to detect and respond to security threats and set up monitoring and alerting mechanisms to identify suspicious activities or breaches. Leverage Azure Sentinel for advanced threat detection and response",
+            "severity": "Medium",
+            "text": "Limit access to admin kubeconfig (get-credentials --admin)",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "c7acbe48-abe5-44cd-99f2-e87768468c55",
-            "link": "https://techcommunity.microsoft.com/t5/azure-storage-blog/managing-long-term-log-retention-or-any-business-data/ba-p/2494791",
-            "service": "Azure OpenAI",
+            "guid": "eec4962c-c3bd-421b-b77f-26e5e6b3bec3",
+            "link": "https://learn.microsoft.com/azure/aks/manage-azure-rbac",
+            "service": "AKS",
             "services": [
-                "AzurePolicy",
+                "Entra",
+                "RBAC",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Establish data retention and disposal policies to adhere to compliance regulations. Implement secure deletion methods for data that is no longer required and maintain an audit trail of data retention and disposal activities",
+            "text": "Integrate authorization with AAD RBAC",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
-            "checklist": "WAF checklist",
-            "guid": "a9c27d9c-42bb-46bd-8c69-99a246f3389a",
-            "link": "https://learn.microsoft.com/azure/ai-services/content-safety/concepts/jailbreak-detection",
-            "service": "Azure OpenAI",
-            "services": [
-                "WAF"
-            ],
-            "severity": "High",
-            "text": "Implement Prompt shields and groundedness detection using Content Safety ",
-            "waf": "Operational Excellence"
-        },
-        {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "a775c6ee-95b9-46ad-a844-ce3b2b38b876",
-            "link": "https://learn.microsoft.com/azure/compliance/",
-            "service": "Azure OpenAI",
+            "guid": "d4f3537c-1346-4dc5-9027-a71ffe1bd05d",
+            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-identity",
+            "service": "AKS",
             "services": [
+                "RBAC",
+                "AKS",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Ensure compliance with relevant data protection regulations, such as GDPR or HIPAA, by implementing privacy controls and obtaining necessary consents or permissions for data processing activities.",
+            "text": "Use namespaces for restricting RBAC privilege in Kubernetes",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "ba2cf204-9901-43a5-b3ce-474dccbd8682",
-            "service": "Azure OpenAI",
+            "guid": "d2e0d5d7-71d4-41e3-910c-c57b4a4b1410",
+            "link": "https://learn.microsoft.com/azure/aks/workload-identity-migration-sidecar",
+            "service": "AKS",
             "services": [
+                "Entra",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Educate your employees about data security best practices, the importance of handling data securely, and potential risks associated with data breaches. Encourage them to follow data security protocols diligently.",
+            "text": "For Pod Identity Access Management use Azure AD Workload Identity (preview)",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "eae01e6e-842e-452f-9721-d928c1b1cd52",
-            "service": "Azure OpenAI",
+            "guid": "f4dcf690-1b30-407d-abab-6f8aa780d3a3",
+            "link": "https://learn.microsoft.com/azure/aks/managed-aad#non-interactive-sign-in-with-kubelogin",
+            "service": "AKS",
             "services": [
+                "AKS",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Keep production data separate from development and testing data. Only use real sensitive data in production and utilize anonymized or synthetic data in development and test environments.",
+            "severity": "Medium",
+            "text": "For AKS non-interactive logins use kubelogin (preview)",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "1e54a29a-9de3-499c-bd7b-28dc93555620",
-            "service": "Azure OpenAI",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (properties.disableLocalAccounts==true) | distinct id,compliant",
+            "guid": "b085b1f2-3119-4771-8c9a-bbf4411810ec",
+            "link": "https://learn.microsoft.com/azure/aks/managed-aad#disable-local-accounts",
+            "service": "AKS",
             "services": [
+                "AKS",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "If you have varying levels of data sensitivity, consider creating separate indexes for each level. For instance, you could have one index for general data and another for sensitive data, each governed by different access protocols",
+            "text": "Disable AKS local accounts",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "2bfe4564-b0d8-434a-948b-263e6dd60512",
-            "service": "Azure OpenAI",
+            "guid": "36abb0db-c118-4f4c-9880-3f30f9a2deb6",
+            "link": "https://learn.microsoft.com/azure/aks/managed-aad#configure-just-in-time-cluster-access-with-azure-ad-and-aks",
+            "service": "AKS",
             "services": [
-                "RBAC",
-                "AzurePolicy",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Take segregation a step further by placing sensitive datasets in different instances of the service. Each instance can be controlled with its own specific set of RBAC policies",
+            "severity": "Low",
+            "text": "Configure if required Just-in-time cluster access",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "a36498f6-dbad-438e-ad53-cc7ce1d7aaab",
-            "service": "Azure OpenAI",
+            "guid": "c4d7f4c6-79bf-45d0-aa05-ce8fc717e150",
+            "link": "https://learn.microsoft.com/azure/aks/managed-aad#use-conditional-access-with-azure-ad-and-aks",
+            "service": "AKS",
             "services": [
+                "Entra",
+                "AKS",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Recognize that embeddings and vectors generated from sensitive information are themselves sensitive. This data should be afforded the same protective measures as the source material",
+            "severity": "Low",
+            "text": "Configure if required AAD conditional access for AKS",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "3571449a-b805-43d8-af89-dc7b33be2a1a",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/role-based-access-control",
-            "service": "Azure OpenAI",
+            "guid": "e1123a7c-a333-4eb4-a120-4ee3f293c9f3",
+            "link": "https://learn.microsoft.com/azure/aks/use-group-managed-service-accounts",
+            "service": "AKS",
             "services": [
-                "RBAC",
+                "AKS",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Apply RBAC to th data stores having embeddings and vectors and scope access based on role's access requirements",
+            "severity": "Low",
+            "text": "If required for Windows AKS workloads configure gMSA ",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "27f7b9e9-1be1-4f38-aef3-9812bd463cbb",
-            "link": "https://techcommunity.microsoft.com/t5/azure-architecture-blog/azure-openai-private-endpoints-connecting-across-vnet-s/ba-p/3913325",
-            "service": "Azure OpenAI",
+            "guid": "1f711a74-3672-470b-b8b8-a2148d640d79",
+            "link": "https://learn.microsoft.com/azure/aks/use-managed-identity#use-a-pre-created-kubelet-managed-identity",
+            "service": "AKS",
             "services": [
-                "PrivateLink",
+                "Entra",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Configure private endpoint for AI services to restrict service access within your network",
+            "severity": "Medium",
+            "text": "For finer control consider using a managed Kubelet Identity",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "ac8ac199-ebb9-41a3-9d90-cae2cc881370",
-            "service": "Azure OpenAI",
+            "guid": "cbd8ac2a-aebc-4a2a-94da-1dbf3dc99248",
+            "link": "https://azure.github.io/application-gateway-kubernetes-ingress/setup/install-existing/",
+            "service": "AKS",
             "services": [
-                "VNet",
-                "Firewall",
+                "ACR",
+                "AppGW",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Enforce strict inbound and outbound traffic control with Azure Firewall and UDRs and limit the external integration points",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "If using AGIC, do not share an AppGW across clusters",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "6f7c0cba-fe51-4464-add4-57e927138b82",
-            "service": "Azure OpenAI",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (isnull(properties.addonProfiles.httpApplicationRouting) or properties.addonProfiles.httpApplicationRouting.enabled==false) | distinct id,compliant",
+            "guid": "8008ae7d-7e4b-4475-a6c8-bdbf59bce65d",
+            "link": "https://learn.microsoft.com/azure/aks/http-application-routing",
+            "service": "AKS",
             "services": [
+                "AKS",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Implement network segmentation and access controls to restrict access to the LLM application only to authorized users and systems and prevent lateral movement",
-            "waf": "Security"
+            "text": "Do not use AKS HTTP Routing Add-On, use instead the managed NGINX ingress with the application routing add-on.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "7f42c78e-78cb-46a2-8ad1-90916e6a8d8f",
-            "link": "https://www.microsoft.com/research/blog/llmlingua-innovating-llm-efficiency-with-prompt-compression/",
-            "service": "Azure OpenAI",
+            "guid": "7bacd7b9-c025-4a9d-a5d2-25d6bc5439d9",
+            "link": "https://learn.microsoft.com/azure/virtual-network/accelerated-networking-overview",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use prompt compression tools like LLMLingua or gprtrim",
-            "waf": "Cost Optimization"
+            "text": "For Windows workloads use Accelerated Networking",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "1102cac6-eae0-41e6-b842-e52f4721d928",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/managed-identity",
-            "service": "Azure OpenAI",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (tolower(properties.networkProfile.loadBalancerSku)=='standard') | distinct id,compliant",
+            "guid": "ba7da7be-9952-4914-a384-5d997cb39132",
+            "link": "https://learn.microsoft.com/azure/aks/load-balancer-standard",
+            "service": "AKS",
             "services": [
-                "Entra",
-                "AKV",
-                "WAF"
+                "WAF",
+                "LoadBalancer"
             ],
             "severity": "High",
-            "text": "Ensure that APIs and endpoints used by the LLM application are properly secured with authentication and authorization mechanisms, such as Managed identities,  API keys or OAuth, to prevent unauthorized access.",
-            "waf": "Security"
+            "text": "Use the standard ALB (as opposed to the basic one)",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "c1b1cd52-1e54-4a29-a9de-399cfd7b28dc",
-            "link": "https://techcommunity.microsoft.com/t5/azure-architecture-blog/security-best-practices-for-genai-applications-openai-in-azure/ba-p/4027885",
-            "service": "Azure OpenAI",
+            "guid": "22fbe8d6-9b40-47ef-9011-25bb1a555a6b",
+            "link": "https://learn.microsoft.com/azure/aks/use-multiple-node-pools#add-a-node-pool-with-a-unique-subnet",
+            "service": "AKS",
             "services": [
+                "VNet",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Enforce strong end user authentication mechanisms, such as multi-factor authentication, to prevent unauthorized access to the LLM application and associated network resources",
+            "text": "If using Azure CNI, consider using different Subnets for NodePools",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "93555620-2bfe-4456-9b0d-834a348b263e",
-            "service": "Azure OpenAI",
+            "guid": "c3c39c98-6bb2-4c12-859a-114b5e3df584",
+            "link": "https://learn.microsoft.com/azure/private-link/private-link-overview",
+            "service": "AKS",
             "services": [
-                "Monitor",
-                "WAF"
+                "VNet",
+                "WAF",
+                "PrivateLink"
             ],
             "severity": "Medium",
-            "text": "Implement network monitoring tools to detect and analyze network traffic for any suspicious or malicious activities. Enable logging to capture network events and facilitate forensic analysis in case of security incidents",
+            "text": "Use Private Endpoints (preferred) or Virtual Network Service Endpoints to access PaaS services from the cluster",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "6dd60512-a364-498f-9dba-d38ead53cc7c",
-            "service": "Azure OpenAI",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (properties.networkProfile.networkPlugin=='azure') | distinct id,compliant",
+            "guid": "a0f61565-9de5-458f-a372-49c831112dbd",
+            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-network",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Conduct security audits and penetration testing to identify and address any network security weaknesses or vulnerabilities in the LLM application's network infrastructure",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Choose the best CNI network plugin for your requirements (Azure CNI recommended)",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "e1d7aaab-3571-4449-ab80-53d89f89dc7b",
-            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/tag-resources?tabs=json",
-            "service": "Azure OpenAI",
+            "guid": "7faf12e7-0943-4f63-8472-2da29c2b1cd6",
+            "link": "https://learn.microsoft.com/azure/aks/configure-azure-cni",
+            "service": "AKS",
             "services": [
+                "VNet",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Azure AI Services are properly tagged for better management",
-            "waf": "Operational Excellence"
+            "severity": "High",
+            "text": "If using Azure CNI, size your subnet accordingly considering the maximum number of pods per node",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/resource-abbreviations",
-            "service": "Azure OpenAI",
+            "guid": "22f54b29-bade-43aa-b1e8-c38ec9366673",
+            "link": "https://learn.microsoft.com/azure/aks/configure-azure-cni",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Azure AI Service accounts follows organizational naming conventions",
-            "waf": "Operational Excellence"
+            "severity": "High",
+            "text": "If using Azure CNI, check the maximum pods/node (default 30)",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
-            "link": "https://learn.microsoft.com/azure/ai-services/diagnostic-logging",
-            "service": "Azure OpenAI",
+            "description": "For internal apps organizations often open the whole AKS subnet in their firewalls. This opens network access to the nodes too, and potentially to the pods as well (if using Azure CNI). If LoadBalancer IPs are in a different subnet, only this one needs to be available to the app clients. Another reason is that if the IP addresses in the AKS subnet are a scarce resource, consuming its IP addresses for services will reduce the maximum scalability of the cluster .",
+            "guid": "13c00567-4b1e-4945-a459-c373e7ed6162",
+            "link": "https://learn.microsoft.com/azure/aks/internal-lb",
+            "service": "AKS",
             "services": [
+                "VNet",
+                "AKS",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Diagnostic logs in Azure AI services resources should be enabled",
-            "waf": "Operational Excellence"
+            "severity": "Low",
+            "text": "If using private-IP LoadBalancer services, use a dedicated subnet (not the AKS subnet)",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
-            "link": "https://learn.microsoft.com/azure/ai-services/authentication",
-            "service": "Azure OpenAI",
+            "guid": "43f63047-22d9-429c-8b1c-d622f54b29ba",
+            "link": "https://learn.microsoft.com/azure/aks/configure-azure-cni",
+            "service": "AKS",
             "services": [
-                "Entra",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Key access (local authentication) is recommended to be disabled for security.  After disabling key based access, Microsoft Entra ID becomes the only access method, which allows maintaining minimum privilege principle and granular control. ",
-            "waf": "Security"
+            "text": "Size the service IP address range accordingly (it is going to limit the cluster scalability)",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "6b57cfc6-5546-41e1-a3e3-453a3c863964",
-            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
-            "service": "Azure OpenAI",
+            "guid": "57bf217f-6dc8-481c-81e2-785773e9c00f",
+            "link": "https://learn.microsoft.com/azure/aks/use-byo-cni",
+            "service": "AKS",
             "services": [
-                "Entra",
-                "AKV",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Store and manage keys securely using Azure Key Vault. Avoid hard-coding or embedding sensitive keys within your LLM application's code and retrieve them securely from Azure Key Vault using managed identities",
+            "severity": "Low",
+            "text": "If required add your own CNI plugin",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "8b652d6c-15f5-4129-9539-8e6ded227dd1",
-            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
-            "service": "Azure OpenAI",
+            "guid": "4b3bb365-9458-44d9-9ed1-5c8f52890364",
+            "link": "https://learn.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools",
+            "service": "AKS",
             "services": [
-                "AKV",
+                "AKS",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Regularly rotate and expire keys stored in Azure Key Vault to minimize the risk of unauthorized access.",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "If required configure Public IP per node in AKS",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "adfe27be-e297-401a-a352-baaab79b088d",
-            "link": "https://github.com/openai/tiktoken",
-            "service": "Azure OpenAI",
+            "guid": "b3808b9f-a1cf-4204-ad01-3a923ce474db",
+            "link": "https://learn.microsoft.com/azure/aks/concepts-network",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use tiktoken to understand token sizes for token optimizations in conversational mode",
-            "waf": "Cost Optimization"
+            "severity": "Medium",
+            "text": "Use an ingress controller to expose web-based apps instead of exposing them with LoadBalancer-type services",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "42b06c21-d799-49a6-96f4-389a7f42c78e",
-            "link": "https://learn.microsoft.com/azure/security/develop/secure-dev-overview",
-            "service": "Azure OpenAI",
+            "guid": "ccb534e7-416e-4a1d-8e93-533b53199085",
+            "link": "https://learn.microsoft.com/azure/aks/nat-gateway",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Follow secure coding practices to prevent common vulnerabilities such as injection attacks, cross-site scripting (XSS), or security misconfigurations",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "Use Azure NAT Gateway as outboundType for scaling egress traffic",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "78c06a73-a22a-4495-9e6a-8dc4a20e27c3",
-            "link": "https://learn.microsoft.com/azure/devops/repos/security/github-advanced-security-dependency-scanning?view=azure-devops",
-            "service": "Azure OpenAI",
+            "guid": "8ee9a69a-1b58-4b1e-9c61-476e110a160b",
+            "link": "https://learn.microsoft.com/azure/aks/configure-azure-cni#dynamic-allocation-of-ips-and-enhanced-subnet-support",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Setup a process to regularly update and patch the LLM libraries and other system components",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Use Dynamic allocations of IPs in order to avoid Azure CNI IP exhaustion",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "e29711b1-352b-4eee-879b-588defc4972c",
-            "link": "https://learn.microsoft.com/legal/cognitive-services/openai/code-of-conduct",
-            "service": "Azure OpenAI",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (properties.networkProfile.outboundType=='userDefinedRouting') | distinct id,compliant",
+            "guid": "3b365a91-7ecb-4e48-bbe5-4cd7df2e8bba",
+            "link": "https://learn.microsoft.com/azure/aks/limit-egress-traffic",
+            "service": "AKS",
             "services": [
-                "AzurePolicy",
+                "NVA",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Adhere to Azure OpenAI or other LLMs terms of use, policies and guidance and allowed use cases",
-            "waf": "Operational Excellence"
+            "text": "Filter egress traffic with AzFW/NVA if your security requirements mandate it",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "d3cd21bf-7703-46e5-b6b4-bed3d503547c",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/manage-costs#base-series-and-codex-series-fine-tuned-models",
-            "service": "Azure OpenAI",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = ((isnull(properties.apiServerAccessProfile.enablePrivateCluster) or properties.apiServerAccessProfile.enablePrivateCluster==false) and isnotnull(properties.apiServerAccessProfile.authorizedIPRanges)) | distinct id,compliant",
+            "guid": "c4581559-bb91-463e-a908-aed8c44ce3b2",
+            "link": "https://learn.microsoft.com/azure/aks/api-server-authorized-ip-ranges",
+            "service": "AKS",
             "services": [
-                "Cost",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Understand difference in cost of base models and fine tuned models and token step sizes",
-            "waf": "Cost Optimization"
+            "text": "If using a public API endpoint, restrict the IP addresses that can access it",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "1347dc56-028a-471f-be1c-e15dd3f0d5e7",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/latency#batching",
-            "service": "Azure OpenAI",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | where isnotnull(properties.apiServerAccessProfile.enablePrivateCluster) | extend compliant = (properties.apiServerAccessProfile.enablePrivateCluster==true) | distinct id, compliant",
+            "guid": "ecccd979-3b6b-4cda-9b50-eb2eb03dda6d",
+            "link": "https://learn.microsoft.com/azure/aks/private-clusters",
+            "service": "AKS",
             "services": [
-                "Cost",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Batch requests, where possible, to minimize the per-call overhead which can reduce overall costs. Ensure you optimize batch size",
-            "waf": "Cost Optimization"
+            "text": "Use private clusters if your requirements mandate it",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "72d41e36-11cc-457b-9a4b-1410d43958a8",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/manage-costs",
-            "service": "Azure OpenAI",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | where isnotnull(properties.apiServerAccessProfile.enablePrivateCluster) | extend compliant = (properties.apiServerAccessProfile.enablePrivateCluster==true) | distinct id, compliant",
+            "guid": "ce7f2a7c-297c-47c6-adea-a6ff838db665",
+            "link": "https://learn.microsoft.com/azure/aks/use-network-policies",
+            "service": "AKS",
             "services": [
-                "Monitor",
-                "Cost",
-                "WAF"
+                "AKS",
+                "WAF",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "Set up a cost tracking system that monitors model usage and use that information to help inform model choices and prompt sizes",
-            "waf": "Cost Optimization"
+            "text": "For Windows 2019 and 2022 AKS nodes Calico Network Policies can be used ",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "166cd072-af9b-4141-a898-a535e737897e",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/quota?tabs=rest#understanding-rate-limits",
-            "service": "Azure OpenAI",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = isnotnull(properties.networkProfile.networkPolicy) | distinct id,compliant",
+            "guid": "58d7c892-ddb1-407d-9769-ae669ca48e4a",
+            "link": "https://learn.microsoft.com/azure/aks/use-network-policies",
+            "service": "AKS",
             "services": [
-                "WAF"
+                "AKS",
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Medium",
-            "text": "Set a maximum limit on the number of tokens per model response. Optimize the size to ensure it is large enough for a valid response",
-            "waf": "Cost Optimization"
+            "severity": "High",
+            "text": "Enable a Kubernetes Network Policy option (Calico/Azure)",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "71ca7da8-cfa9-462a-8594-946da97dc3a2",
-            "link": "https://learn.microsoft.com/azure/search/search-reliability",
-            "service": "Azure OpenAI",
+            "guid": "85e2223e-ce8b-4b12-907c-a5f16f158e3e",
+            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-network",
+            "service": "AKS",
             "services": [
-                "WAF"
+                "AKS",
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Medium",
-            "text": "Review the guidance provided on setting up AI search for Reliability",
-            "waf": "Operational Excellence"
+            "severity": "High",
+            "text": "Use Kubernetes network policies to increase intra-cluster security",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "3266b225-86f4-4a16-92bd-ddea8a487cde",
-            "link": "https://learn.microsoft.com/azure/search/vector-search-index-size?tabs=portal-vector-quota",
-            "service": "Azure OpenAI",
+            "guid": "a3a92c2d-e7e2-4165-a3a8-7af4a7a1f893",
+            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-network",
+            "service": "AKS",
             "services": [
-                "Storage",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Plan and manage AI Search Vector storage",
-            "waf": "Operational Excellence"
+            "severity": "High",
+            "text": "Use a WAF for web workloads (UIs or APIs)",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "b4861bc3-bc14-4aeb-9e66-e8d9a3aec218",
-            "link": "https://learn.microsoft.com/azure/machine-learning/prompt-flow/how-to-end-to-end-llmops-with-prompt-flow?view=azureml-api-2",
-            "service": "Azure OpenAI",
+            "graph": "Resources | where type=~'microsoft.containerservice/managedclusters' | project resourceGroup,name,pools=properties.agentPoolProfiles | mv-expand pools | project subnetId=tostring(pools.vnetSubnetID) | where isnotempty(subnetId) | join (Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,enableDdosProtection=tostring(properties.enableDdosProtection),subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,enableDdosProtection,subnetId=tostring(subnets.id)) on subnetId | distinct id,resourceGroup,name,enableDdosProtection | extend compliant = (enableDdosProtection == 'true')",
+            "guid": "9bda4776-8f24-4c11-9775-c2ea55b46a94",
+            "link": "https://learn.microsoft.com/azure/virtual-network/ddos-protection-overview",
+            "service": "AKS",
             "services": [
-                "WAF"
+                "VNet",
+                "AKS",
+                "WAF",
+                "DDoS"
             ],
             "severity": "Medium",
-            "text": "Apply LLMOps practices to automate the lifecycle management of your GenAI applications",
-            "waf": "Operational Excellence"
+            "text": "Use DDoS Standard in the AKS Virtual Network",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "aa80932c-8ec9-4d1b-a770-26e5e6beba9e",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/how-to/provisioned-throughput-onboarding#understanding-the-provisioned-throughput-purchase-model",
-            "service": "Azure OpenAI",
+            "graph": "Resources | where type=~'microsoft.containerservice/managedclusters' | project resourceGroup,name,pools=properties.agentPoolProfiles | mv-expand pools | project subnetId=tostring(pools.vnetSubnetID) | where isnotempty(subnetId) | join (Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,enableDdosProtection=tostring(properties.enableDdosProtection),subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,enableDdosProtection,subnetId=tostring(subnets.id)) on subnetId | distinct id,resourceGroup,name,enableDdosProtection | extend compliant = (enableDdosProtection == 'true')",
+            "guid": "6c46b91a-1107-4485-ad66-3183e2a8c266",
+            "link": "https://learn.microsoft.com/azure/aks/http-proxy",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Evaluate usage of billing models - PAYG vs PTU",
-            "waf": "Cost Optimization"
+            "severity": "Low",
+            "text": "If required add company HTTP Proxy",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "e6436b07-36db-455f-9796-03334bdf9cc2",
-            "link": "https://techcommunity.microsoft.com/t5/ai-azure-ai-services-blog/how-to-control-azure-openai-models/ba-p/4146793",
-            "service": "Azure OpenAI",
+            "guid": "e9855d04-c3c3-49c9-a6bb-2c12159a114b",
+            "link": "https://learn.microsoft.com/azure/aks/servicemesh-about",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Evaluate the quality of  prompts and applications when switching between model versions",
-            "waf": "Operational Excellence"
+            "text": "Consider using a service mesh for advanced microservice communication management",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "3418db61-2712-4650-9bb4-7a393a080327",
-            "link": "https://learn.microsoft.com/azure/machine-learning/prompt-flow/concept-model-monitoring-generative-ai-evaluation-metrics?view=azureml-api-2",
-            "service": "Azure OpenAI",
+            "guid": "67f7a9ed-5b31-4f38-a3f3-9812b2463cff",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/insights/container-insights-metric-alerts",
+            "service": "AKS",
             "services": [
                 "Monitor",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Evaluate, monitor and refine your GenAI apps for features like groundedness, relevance, accuracy, coherence, fluency, �",
-            "waf": "Operational Excellence"
+            "severity": "High",
+            "text": "Configure alerts on the most critical metrics (see Container Insights for recommendations)",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "294798b1-578b-4219-a46c-eb5443513592",
-            "service": "Azure OpenAI",
+            "guid": "337453a3-cc63-4963-9a65-22ac19e80696",
+            "link": "https://learn.microsoft.com/azure/advisor/advisor-get-started",
+            "service": "AKS",
             "services": [
+                "Entra",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Evaluate your Azure AI Search results based on different search parameters",
-            "waf": "Operational Excellence"
+            "severity": "Low",
+            "text": "Check regularly Azure Advisor for recommendations on your cluster",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "2744293b-b628-4537-a551-19b08e8f5854",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/concepts/fine-tuning-considerations",
-            "service": "Azure OpenAI",
+            "guid": "3aa70560-e7e7-4968-be3d-628af35b2ced",
+            "link": "https://learn.microsoft.com/azure/aks/certificate-rotation",
+            "service": "AKS",
             "services": [
+                "AKS",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Look at fine tuning models as way of increasing accuracy only when you have tried other basic approaches like prompt engineering and RAG with your data",
-            "waf": "Operational Excellence"
+            "severity": "Low",
+            "text": "Enable AKS auto-certificate rotation",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "287d9cec-166c-4d07-8af9-b141a898a535",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/concepts/advanced-prompt-engineering?pivots=programming-language-chat-completions",
-            "service": "Azure OpenAI",
+            "guid": "e189c599-df0d-45a7-9dd4-ce32c1881370",
+            "link": "https://learn.microsoft.com/azure/aks/supported-kubernetes-versions",
+            "service": "AKS",
             "services": [
+                "AKS",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Use prompt engineering techniques to improve the accuracy of LLM responses",
-            "waf": "Operational Excellence"
+            "severity": "High",
+            "text": "Have a regular process to upgrade your kubernetes version periodically (quarterly, for example), or use the AKS autoupgrade feature",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "e737897e-71ca-47da-acfa-962a1594946d",
-            "link": "https://learn.microsoft.com/azure/ai-services/openai/concepts/red-teaming",
-            "service": "Azure OpenAI",
+            "guid": "6f7c4c0d-4e51-4464-ad24-57ed67138b82",
+            "link": "https://learn.microsoft.com/azure/aks/node-updates-kured",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Red team your GenAI applications",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Use kured for Linux node upgrades in case you are not using node-image upgrade",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "edb117e6-76aa-4f66-aca4-8e5a95f2223e",
-            "link": "https://www.microsoft.com/haxtoolkit/guideline/encourage-granular-feedback/",
-            "service": "Azure OpenAI",
+            "guid": "139c9580-ade3-426a-ba09-cf157d9f6477",
+            "link": "https://learn.microsoft.com/azure/aks/node-image-upgrade",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Provide end users with scoring options for LLM responses and track these scores. ",
-            "waf": "Operational Excellence"
+            "severity": "High",
+            "text": "Have a regular process to upgrade the cluster node images periodically (weekly, for example)",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "d5f3547c-c346-4d81-9028-a71ffe1b9b5d",
-            "link": "https://techcommunity.microsoft.com/t5/fasttrack-for-azure/optimizing-azure-openai-a-guide-to-limits-quotas-and-best/ba-p/4076268",
-            "service": "Azure OpenAI",
+            "guid": "0102ce16-ee30-41e6-b882-e52e4621dd68",
+            "link": "https://learn.microsoft.com/azure/architecture/example-scenario/bedrock/bedrock-automated-deployments",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Consider Quota management practices",
-            "waf": "Cost Optimization"
+            "severity": "Low",
+            "text": "Consider gitops to deploy applications or cluster configuration to multiple clusters",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.CognitiveServices/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "9de0d5d7-31d4-41e3-911c-817bfafbc410",
-            "link": "https://github.com/Azure/aoai-apim/blob/main/README.md",
-            "service": "Azure OpenAI",
+            "guid": "d7672c26-7602-4482-85a4-14527fbe855c",
+            "link": "https://learn.microsoft.com/azure/aks/command-invoke",
+            "service": "AKS",
             "services": [
-                "Entra",
-                "APIM",
-                "LoadBalancer",
-                "ACR",
+                "AKS",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Use Load balancer solutions like APIM based gateway for balancing load and capacity across services and regions",
-            "waf": "Operational Excellence"
+            "severity": "Low",
+            "text": "Consider using AKS command invoke on private clusters",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "1fc2fc14-eea6-4e69-b8d9-a3edc218e687",
-            "link": "https://polite-sea-0995b240f.2.azurestaticapps.net/technical-delivery-playbook/azure-services/analytics/purview/",
-            "service": "Purview",
+            "guid": "31d7aaab-7571-4449-ab80-53d89e89d17b",
+            "link": "https://learn.microsoft.com/azure/aks/node-auto-repair#node-autodrain",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Leverage FTA Resillency Handbook",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "For planned events consider using Node Auto Drain",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "ab067acb-49e5-4b96-8332-4ecf8cc13318",
-            "link": "https://learn.microsoft.com/purview/disaster-recovery",
-            "service": "Purview",
+            "guid": "ed0fda7f-211b-47c7-8b6e-c18873fb473c",
+            "link": "https://learn.microsoft.com/azure/aks/faq",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
             "severity": "High",
-            "text": "Plan for Data Center level outage",
-            "waf": "Reliability"
+            "text": "Develop own governance practices to make sure no changes are performed by operators in the node RG (aka 'infra RG')",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "description": "1. Create the new account 2. Migrate configuration items 3. Run scans 4. Migrate custom typedefs and custom assets 5. Migrate relationships 6. Migrate glossary terms 7. Assign classifications to assets 8. Assign contacts to assets",
-            "guid": "da611702-69f4-4fb4-aa3d-3ef7f3176c4b",
-            "link": "https://learn.microsoft.com/purview/disaster-recovery",
-            "service": "Purview",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (properties.nodeResourceGroup !startswith 'MC_') | distinct id,compliant",
+            "guid": "73b32a5a-67f7-4a9e-b5b3-1f38c3f39812",
+            "link": "https://learn.microsoft.com/azure/aks/cluster-configuration",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Practice Failover for BCDR",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "Use custom Node RG (aka 'Infra RG') name",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "97b15b8a-219a-44ab-bb57-879024d22678",
-            "link": "https://learn.microsoft.com/purview/disaster-recovery",
-            "service": "Purview",
+            "guid": "b2463cff-e189-4c59-adf0-d5a73dd4ce32",
+            "link": "https://kubernetes.io/docs/setup/release/notes/",
+            "service": "AKS",
             "services": [
-                "Backup",
+                "AKS",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Plan a backup strategy and take regular backups",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Do not use deprecated Kubernetes APIs in your YAML manifests",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "6d20b56c-56a9-4581-89bf-8d8e5c586b7d",
-            "link": "https://learn.microsoft.com/purview/manage-kafka-dotnet",
-            "service": "Purview",
+            "guid": "c1881370-6f7c-44c0-b4e5-14648d2457ed",
+            "link": "https://learn.microsoft.com/azure-stack/aks-hci/adapt-apps-mixed-os-clusters",
+            "service": "AKS",
             "services": [
-                "EventHubs",
                 "WAF"
             ],
             "severity": "Low",
-            "text": "Use Microsoft Purview's Event Hubs to subscribe and create entities to another account",
-            "waf": "Reliability"
+            "text": "Taint Windows nodes",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "8cdc15ac-c075-4ee9-a130-a8889579e76b",
-            "link": "https://learn.microsoft.com/purview/deployment-best-practices",
-            "service": "Purview",
+            "guid": "67138b82-0102-4ce1-9ee3-01e6e882e52e",
+            "link": "https://learn.microsoft.com/virtualization/windowscontainers/deploy-containers/version-compatibility?tabs=windows-server-20H2%2Cwindows-10-20H2",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Follow Purview accounts architectures and deployment best practices",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "Keep windows containers patch level in sync with host patch level",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "896e710a-7da7-4be9-a56d-14d3c49d997c",
-            "link": "https://learn.microsoft.com/purview/concept-best-practices-collections",
-            "service": "Purview",
+            "description": "Via Diagnostic Settings at the cluster level",
+            "guid": "5b56ad48-408f-4e72-934c-476ba280dcf5",
+            "link": "https://learn.microsoft.com/azure/aks/monitor-aks",
+            "service": "AKS",
             "services": [
+                "Monitor",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Follow Collection Architectures and best practices",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "Send master logs (aka API logs) to Azure Monitor or your preferred log management solution",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "b3d1325a-a225-4c6f-9e06-85edddea8a4b",
-            "link": "https://learn.microsoft.com/purview/concept-best-practices-asset-lifecycle",
-            "service": "Purview",
+            "guid": "64d1a846-e28a-4b6b-9a33-22a635c15a21",
+            "link": "https://learn.microsoft.com/azure/aks/node-pool-snapshot",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Follow Assest lifecycle best practices",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "If required use nodePool snapshots",
+            "waf": "Cost"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "7cdeb3c6-1fc2-4fc1-9eea-6e69d8d9a3ed",
-            "link": "https://learn.microsoft.com/purview/concept-best-practices-automation",
-            "service": "Purview",
+            "guid": "c5a5b252-1e44-4a59-a9d2-399c4d7b68d0",
+            "link": "https://learn.microsoft.com/azure/aks/spot-node-pool",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Follow automation best practices",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "Consider spot node pools for non time-sensitive workloads",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "c218e687-ab06-47ac-a49e-5b9603324ecf",
-            "link": "https://learn.microsoft.com/purview/disaster-recovery",
-            "service": "Purview",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (isnotnull(properties.addonProfiles.aciConnectorLinux) and properties.addonProfiles.aciConnectorLinux.enabled==true) | distinct id,compliant",
+            "guid": "c755562f-2b4e-4456-9b4d-874a748b662e",
+            "link": "https://learn.microsoft.com/azure/aks/concepts-scale",
+            "service": "AKS",
             "services": [
-                "Backup",
+                "AKS",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Follow Backup and Migration Best practices",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "Consider AKS virtual node for quick bursting",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "8cc13318-da61-4170-869f-4fb4aa3d3ef7",
-            "link": "https://learn.microsoft.com/purview/concept-best-practices-glossary",
-            "service": "Purview",
+            "guid": "6f8389a7-f82c-4b8e-a8c0-aa63a25a4956",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/insights/container-insights-overview",
+            "service": "AKS",
             "services": [
+                "Monitor",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Follow Purview Glossary Best Practices",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Monitor your cluster metrics with Container Insights (or other tools like Prometheus)",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "f3176c4b-97b1-45b8-a219-a4abeb578790",
-            "link": "https://learn.microsoft.com/purview/concept-workflow",
-            "service": "Purview",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (isnotnull(properties.addonProfiles.omsagent) and properties.addonProfiles.omsagent.enabled==true) | distinct id,compliant",
+            "guid": "eaa8dc4a-2436-47b3-9697-15b1752beee0",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/insights/container-insights-overview",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Leverage Workflows ",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Store and analyze your cluster logs with Container Insights (or other tools like Telegraf/ElasticSearch)",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "24d22678-6d20-4b56-a56a-958119bf8d8e",
-            "link": "https://learn.microsoft.com/purview/concept-best-practices-security",
-            "service": "Purview",
+            "guid": "4621dd68-c5a5-4be2-bdb1-1726769ef669",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/containers/container-insights-analyze",
+            "service": "AKS",
             "services": [
+                "Monitor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Follow Purview Security Best Practices",
-            "waf": "Reliability"
+            "text": "Monitor CPU and memory utilization of the nodes",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "5c586b7d-8cdc-415a-ac07-5ee9b130a888",
-            "link": "https://learn.microsoft.com/purview/concept-best-practices-lineage-azure-data-factory",
-            "service": "Purview",
+            "guid": "1a4835ac-9422-423e-ae80-b123081a5417",
+            "link": "https://learn.microsoft.com/azure/aks/configure-azure-cni",
+            "service": "AKS",
             "services": [
+                "Monitor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Follow Purview Data Lineage Best Practices",
-            "waf": "Reliability"
+            "text": "If using Azure CNI, monitor % of pod IPs consumed per node",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "9579e76b-896e-4710-a7da-7be9956d14d3",
-            "link": "https://learn.microsoft.com/purview/concept-best-practices-scanning",
-            "service": "Purview",
+            "description": "I/O in the OS disk is a critical resource. If the OS in the nodes gets throttled on I/O, this could lead to unpredictable behavior, typically ending up in node being declared NotReady",
+            "guid": "415833ea-3ad3-4c2d-b733-165c3acbe04b",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/premium-storage-performance",
+            "service": "AKS",
             "services": [
-                "WAF"
+                "Monitor",
+                "EventHubs",
+                "Storage",
+                "WAF",
+                "ServiceBus"
             ],
             "severity": "Medium",
-            "text": "Follow Best Practices for Scanning Registered Sources",
-            "waf": "Reliability"
+            "text": "Monitor OS disk queue depth in nodes",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "c49d997c-b3d1-4325-aa22-5c6f4e0685ed",
-            "link": "https://learn.microsoft.com/purview/concept-best-practices-classification",
-            "service": "Purview",
+            "guid": "be209d39-fda4-4777-a424-d116785c2fa5",
+            "link": "https://learn.microsoft.com/azure/aks/load-balancer-standard",
+            "service": "AKS",
             "services": [
-                "WAF"
+                "Monitor",
+                "NVA",
+                "WAF",
+                "LoadBalancer"
             ],
             "severity": "Medium",
-            "text": "Follow Classification Best Practices in Governance Portal",
-            "waf": "Reliability"
+            "text": "If not using egress filtering with AzFW/NVA, monitor standard ALB allocated SNAT ports",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "ddea8a4b-7cde-4b3c-91fc-2fc14eea6e69",
-            "link": "https://learn.microsoft.com/purview/sensitivity-labels-frequently-asked-questions",
-            "service": "Purview",
+            "guid": "74c2ee76-569b-4a79-a57e-dedf91b022c9",
+            "link": "https://learn.microsoft.com/azure/aks/aks-resource-health",
+            "service": "AKS",
             "services": [
+                "AKS",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Perform Sensitivity Labelling in the Purview Data Map",
-            "waf": "Reliability"
+            "text": "Subscribe to resource health notifications for your AKS cluster",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "d8d9a3ed-c218-4e68-9ab0-67acb49e5b96",
-            "link": "https://learn.microsoft.com/purview/concept-data-share",
-            "service": "Purview",
+            "guid": "b54eb2eb-03dd-4aa3-9927-18e2edb11726",
+            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-scheduler",
+            "service": "AKS",
             "services": [
-                "Storage",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Leverage Azure Storage in-place data sharing with Microsoft Purview",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Configure requests and limits in your pod specs",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "03324ecf-8cc1-4331-ada6-1170269f4fb4",
-            "link": "https://learn.microsoft.com/purview/concept-insights",
-            "service": "Purview",
+            "guid": "769ef669-1a48-435a-a942-223ece80b123",
+            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-scheduler",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Leverage Data Estate Insights",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Enforce resource quotas for namespaces",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "aa3d3ef7-f317-46c4-a97b-15b8a219a4ab",
-            "link": "https://learn.microsoft.com/purview/catalog-adoption-insights",
-            "service": "Purview",
+            "guid": "081a5417-4158-433e-a3ad-3c2de733165c",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits",
+            "service": "AKS",
             "services": [
-                "WAF"
+                "WAF",
+                "Subscriptions"
             ],
-            "severity": "Low",
-            "text": "Use Data stewardship and Catalog adoption",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Ensure your subscription has enough quota to scale out your nodepools",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "eb578790-24d2-4267-a6d2-0b56c56a9581",
-            "link": "https://learn.microsoft.com/purview/concept-insights",
-            "service": "Purview",
+            "guid": "f4fd0602-7ab5-46f1-b66a-e9dea9654a65",
+            "link": "https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Use Inventory and Ownership",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Configure Liveness and Readiness probes for all deployments",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "19bf8d8e-5c58-46b7-b8cd-c15acc075ee9",
-            "link": "https://learn.microsoft.com/purview/glossary-insights",
-            "service": "Purview",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (isnotnull(properties.autoScalerProfile)) | distinct id,compliant",
+            "guid": "90ce65de-8e13-4f9c-abd4-69266abca264",
+            "link": "https://learn.microsoft.com/azure/aks/concepts-scale",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Leverage Insights for Glossary, Classifications, Sensitivity Labels",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Use the Cluster Autoscaler",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "b130a888-9579-4e76-a896-e710a7da7be9",
-            "link": "https://learn.microsoft.com/purview/compliance-manager",
-            "service": "Purview",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (isnotnull(properties.austoscalerProfile)) | distinct id,compliant",
+            "guid": "831c2872-c693-4b39-a887-a561bada49bc",
+            "link": "https://learn.microsoft.com/azure/aks/custom-node-configuration",
+            "service": "AKS",
             "services": [
+                "AKS",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Generate assessment scores",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "Customize node configuration for AKS node pools",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "956d14d3-c49d-4997-ab3d-1325aa225c6f",
-            "link": "https://learn.microsoft.com/purview/compliance-manager-scoring",
-            "service": "Purview",
+            "guid": "faa19bfe-9d55-4d04-a3c4-919ca1b2d121",
+            "link": "https://learn.microsoft.com/azure/aks/concepts-scale",
+            "service": "AKS",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Profiling- get summaries of data content",
-            "waf": "Reliability"
+            "text": "Use the Horizontal Pod Autoscaler when required",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "4e0685ed-ddea-48a4-a7cd-eb3c61fc2fc1",
-            "link": "https://learn.microsoft.com/purview/concept-policies-data-owner#microsoft-purview-policy-concepts",
-            "service": "Purview",
+            "description": "Larger nodes will bring higher performance and features such as ephemeral disks and accelerated networking, but they will increase the blast radius and decrease the scaling granularity",
+            "guid": "5ae124ba-34df-4585-bcdc-e9bd3bb0cdb3",
+            "link": "https://blog.cloudtrooper.net/2020/10/23/which-vm-size-should-i-choose-as-aks-node/",
+            "service": "AKS",
             "services": [
-                "AzurePolicy",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Follow Microsoft Purview Data Owner access policies",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Consider an appropriate node size, not too large or too small",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "4eea6e69-d8d9-4a3e-bc21-8e687ab067ac",
-            "link": "https://learn.microsoft.com/purview/concept-self-service-data-access-policy",
-            "service": "Purview",
+            "guid": "38800e6a-ae01-40a2-9fbc-ae5a06e5462d",
+            "link": "https://learn.microsoft.com/azure/aks/quotas-skus-regions#service-quotas-and-limits",
+            "service": "AKS",
             "services": [
-                "AzurePolicy",
+                "AKS",
                 "WAF"
             ],
             "severity": "Low",
-            "text": "Follow Self-service access policies",
-            "waf": "Reliability"
+            "text": "If more than 5000 nodes are required for scalability then consider using an additional AKS cluster",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.Purview/accounts",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "b49e5b96-0332-44ec-b8cc-13318da61170",
-            "link": "https://learn.microsoft.com/purview/concept-policies-devops",
-            "service": "Purview",
+            "guid": "9583c0f6-6083-43f6-aa6b-df7102c901bb",
+            "link": "https://learn.microsoft.com/azure/event-grid/event-schema-aks",
+            "service": "AKS",
             "services": [
-                "AzurePolicy",
+                "AKS",
                 "WAF"
             ],
             "severity": "Low",
-            "text": "Follow DevOps policies",
-            "waf": "Reliability"
+            "text": "Consider subscribing to EventGrid Events for AKS automation",
+            "waf": "Performance"
         },
         {
             "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "ab5351f6-383a-45ed-9c5e-b143b16db40a",
-            "link": "https://learn.microsoft.com/azure/aks/use-windows-hpc",
+            "guid": "c5016d8c-c6c9-4165-89ae-673ef0fff19d",
+            "link": "https://learn.microsoft.com/azure/aks/manage-abort-operations",
             "service": "AKS",
             "services": [
                 "AKS",
                 "WAF"
             ],
             "severity": "Low",
-            "text": "If required for AKS Windows workloads HostProcess containers can be used",
-            "waf": "Reliability"
+            "text": "For long running operation on an AKS cluster consider event termination",
+            "waf": "Performance"
         },
         {
             "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "a280dcf5-90ce-465d-b8e1-3f9ccbd46926",
-            "link": "https://learn.microsoft.com/azure/azure-functions/functions-kubernetes-keda",
+            "guid": "c4e37133-f186-4ce1-aed9-9f1b32f6e021",
+            "link": "https://learn.microsoft.com/azure/aks/use-azure-dedicated-hosts",
             "service": "AKS",
             "services": [
+                "AKS",
                 "WAF"
             ],
             "severity": "Low",
-            "text": "Use KEDA if running event-driven workloads",
+            "text": "If required consider using Azure Dedicated Hosts for AKS nodes",
             "waf": "Performance"
         },
         {
             "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "26886d20-b66c-457b-a591-19bf8e8f5c58",
-            "link": "https://dapr.io/",
+            "graph": "where type=='microsoft.containerservice/managedclusters' | project id,resourceGroup,name,pools=properties.agentPoolProfiles | mvexpand pools | extend compliant = (pools.osDiskType=='Ephemeral') | project id,name=strcat(name,'-',pools.name), resourceGroup, compliant",
+            "guid": "24367b33-6971-45b1-952b-eee0b9b588de",
+            "link": "https://learn.microsoft.com/azure/aks/cluster-configuration",
             "service": "AKS",
             "services": [
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Use Dapr to ease microservice development",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Use ephemeral OS disks",
+            "waf": "Performance"
         },
         {
             "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (sku.tier=='Paid') | distinct id,compliant",
-            "guid": "71d41e36-10cc-457b-9a4b-1410d4395898",
-            "link": "https://learn.microsoft.com/azure/aks/uptime-sla",
+            "guid": "f0ce315f-1120-4166-8206-94f2cf3a4d07",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/disks-types",
             "service": "AKS",
             "services": [
                 "AKS",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Use the SLA-backed AKS offering",
-            "waf": "Reliability"
+            "text": "For non-ephemeral disks, use high IOPS and larger OS disks for the nodes when running many pods/node since it requires high performance for running multiple pods and will generate huge logs with default AKS log rotation thresholds",
+            "waf": "Performance"
         },
         {
             "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "c1288b3c-6a57-4cfc-9444-51e1a3d3453a",
-            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-scheduler",
+            "guid": "39c486ce-d5af-4062-89d5-18bb5fd795db",
+            "link": "https://learn.microsoft.com/azure/aks/use-ultra-disks",
             "service": "AKS",
             "services": [
-                "Cost",
+                "Storage",
+                "AKS",
                 "WAF"
             ],
             "severity": "Low",
-            "text": "Use Disruption Budgets in your pod and deployment definitions",
-            "waf": "Reliability"
+            "text": "For hyper performance storage option use Ultra Disks on AKS",
+            "waf": "Performance"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "3c763963-7a55-42d5-a15e-401955387e5c",
-            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-geo-replication",
-            "service": "ACR",
+            "guid": "9f7547c1-747d-4c56-868a-714435bd19dd",
+            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-multi-region",
+            "service": "AKS",
             "services": [
-                "ACR",
+                "Storage",
+                "SQL",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "If using a private registry, configure region replication to store images in multiple regions",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Avoid keeping state in the cluster, and store data outside (AzStorage, AzSQL, Cosmos, etc)",
+            "waf": "Performance"
         },
         {
             "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "f82cb8eb-8c0a-4a63-a25a-4956eaa8dc4a",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/aks/eslz-cost-governance-with-kubecost",
+            "guid": "24429eb7-2281-4376-85cc-57b4a4b18142",
+            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-storage",
             "service": "AKS",
             "services": [
-                "Cost",
+                "Storage",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Use an external application such as kubecost to allocate costs to different users",
-            "waf": "Cost"
+            "severity": "Medium",
+            "text": "If using AzFiles Standard, consider AzFiles Premium and/or ANF for performance reasons",
+            "waf": "Performance"
         },
         {
             "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "4d3dfbab-9924-4831-a68d-fdf0d72f462c",
-            "link": "https://learn.microsoft.com/azure/aks/scale-down-mode",
+            "guid": "83958a8c-2689-4b32-ab57-cfc64546135a",
+            "link": "https://learn.microsoft.com/azure/aks/availability-zones#azure-disk-availability-zone-support",
             "service": "AKS",
             "services": [
+                "Storage",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Use scale down mode to delete/deallocate nodes",
-            "waf": "Cost"
+            "severity": "Medium",
+            "text": "If using Azure Disks and AZs, consider having nodepools within a zone for LRS disk with VolumeBindingMode:WaitForFirstConsumer for provisioning storage in right zone or use ZRS disk for nodepools spanning multiple zones",
+            "waf": "Performance"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Insights/components",
             "checklist": "WAF checklist",
-            "guid": "87e651ea-bc4a-4a87-a6df-c06a4b570ebc",
-            "link": "https://learn.microsoft.com/azure/aks/gpu-multi-instance",
-            "service": "AKS",
+            "guid": "a95b86ad-8840-48e3-9273-4b875ba18f20",
+            "link": "https://learn.microsoft.com/azure/architecture/guide/multitenant/considerations/tenancy-models",
+            "service": "Azure Monitor",
             "services": [
-                "AKS",
+                "Monitor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "When required use multi-instance partitioning GPU on AKS Clusters",
+            "text": "Data collection rules in Azure Monitor -https://learn.microsoft.com/azure/azure-monitor/essentials/data-collection-rule-overview",
+            "training": "https://azure.microsoft.com/pricing/reservations/",
             "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.RecoveryServices/vaults",
             "checklist": "WAF checklist",
-            "guid": "2b72a08b-0410-4cd6-9093-e068a5cf27e8",
-            "link": "https://learn.microsoft.com/azure/aks/start-stop-nodepools",
-            "service": "AKS",
+            "guid": "45901365-d38e-443f-abcb-d868266abca2",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/multi-tenant/automation",
+            "service": "Azure Backup",
             "services": [
-                "WAF"
+                "WAF",
+                "Backup"
             ],
-            "severity": "Low",
-            "text": "If running a Dev/Test cluster use NodePool Start/Stop",
+            "severity": "Medium",
+            "text": "check backup instances with the underlying datasource not found",
             "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (isnotnull(properties.addonProfiles.azurepolicy) and properties.addonProfiles.azurepolicy.enabled==true) | distinct id,compliant",
-            "guid": "9ca48e4a-85e2-4223-bce8-bb12307ca5f1",
-            "link": "https://learn.microsoft.com/azure/governance/policy/concepts/policy-for-kubernetes",
-            "service": "AKS",
+            "guid": "64f9a19a-f29c-495d-94c6-c7919ca0f6c5",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/multi-tenant/lighthouse",
+            "service": "VM",
             "services": [
-                "AKS",
-                "AzurePolicy",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use Azure Policy for Kubernetes to ensure cluster compliance",
-            "waf": "Security"
+            "text": "Delete or archive unassociated services (disks, nics, ip addresses etc)",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.RecoveryServices/vaults",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | project id,resourceGroup,name,pools=properties.agentPoolProfiles | project id,name,resourceGroup,poolcount=array_length(pools) | extend compliant = (poolcount > 1)",
-            "guid": "6f158e3e-a3a9-42c2-be7e-2165c3a87af4",
-            "link": "https://learn.microsoft.com/azure/aks/use-system-pools",
-            "service": "AKS",
+            "guid": "69bad37a-ad53-4cc7-ae1d-76667357c449",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
+            "service": "Azure Backup",
             "services": [
-                "WAF"
+                "Storage",
+                "WAF",
+                "Backup",
+                "ASR"
             ],
             "severity": "Medium",
-            "text": "Separate applications from the control plane with user/system node pools",
-            "waf": "Security"
+            "text": "Consider a good balance between site recovery storage and backup for non mission critical applications",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Insights/components",
             "checklist": "WAF checklist",
-            "guid": "a7a1f893-9bda-4477-98f2-4c116775c2ea",
-            "link": "https://learn.microsoft.com/azure/aks/use-system-pools",
-            "service": "AKS",
+            "guid": "674b5ed8-5a85-49c7-933b-e2a1a27b765a",
+            "link": "https://learn.microsoft.com/azure/cost-management-billing/manage/direct-ea-administration#manage-notification-contacts",
+            "service": "Azure Monitor",
             "services": [
+                "Monitor",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Add taint to your system nodepool to make it dedicated",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Check spending and savings opportunities among the 40 different log analytics workspaces- use different retention and data collection for nonprod workspaces-create daily cap for awareness and tier sizing -  If you do set a daily cap, in addition to creating an alert when the cap is reached,ensure that you also create an alert rule to be notified when some percentage has been reached (90% for example). - consider workspace transformation if possible - https://learn.microsoft.com/azure/azure-monitor/essentials/data-collection-transformations#workspace-transformation-dcr ",
+            "training": "https://learn.microsoft.com/azure/cost-management-billing/costs/understand-work-scopes",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Insights/components",
             "checklist": "WAF checklist",
-            "guid": "55b46a94-8008-4ae7-b7e4-b475b6c8bdbf",
-            "link": "https://learn.microsoft.com/azure/container-registry/",
-            "service": "AKS",
+            "guid": "91be1f38-8ef3-494c-8bd4-63cbbac75819",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
+            "service": "Azure Monitor",
             "services": [
-                "ACR",
-                "WAF"
+                "Storage",
+                "WAF",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "Use a private registry for your images, such as ACR",
-            "waf": "Security"
+            "text": "Enforce a purging log policy and automation (if needed, logs can be moved to cold storage)",
+            "training": "https://www.youtube.com/watch?v=nHQYcYGKuyw",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "guid": "59bce65d-e8a0-43f9-9879-468d66a786d6",
-            "link": "https://learn.microsoft.com/azure/security-center/container-security",
-            "service": "ACR",
+            "guid": "6aae01e6-a84d-4e5d-b36d-1d92881a1bd5",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
+            "service": "VM",
             "services": [
-                "WAF"
+                "Storage",
+                "WAF",
+                "Backup"
             ],
             "severity": "Medium",
-            "text": "Scan your images for vulnerabilities",
-            "waf": "Security"
+            "text": "Check that the disks are really needed, if not: delete. If they are needed, find lower storage tiers or use backup -",
+            "training": "https://learn.microsoft.com/azure/cost-management-billing/costs/manage-automation",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "d167dd18-2b0a-4c24-8b99-9a646f8389a7",
-            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-cluster-isolation",
-            "service": "AKS",
+            "guid": "d1e44a19-659d-4395-afd7-7289b835556d",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
+            "service": "Storage",
             "services": [
-                "WAF"
+                "Storage",
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "High",
-            "text": "Define app separation requirements (namespace/nodepool/cluster)",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Consider moving unused storage to lower tier, with customized rule - https://learn.microsoft.com/azure/storage/blobs/lifecycle-management-policy-configure  ",
+            "training": "https://learn.microsoft.com/azure/cost-management-billing/costs/enable-tag-inheritance",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "guid": "5e3df584-eccc-4d97-a3b6-bcda3b50eb2e",
-            "link": "https://github.com/Azure/secrets-store-csi-driver-provider-azure",
-            "service": "AKS",
+            "guid": "d0102cac-6aae-401e-9a84-de5de36d1d92",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "VM",
             "services": [
-                "AKV",
+                "VM",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Store your secrets in Azure Key Vault with the CSI Secrets Store driver",
-            "waf": "Security"
+            "text": "Make sure advisor is configured for VM right sizing ",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "guid": "b03dda6d-58d7-4c89-8ddb-107d5769ae66",
-            "link": "https://learn.microsoft.com/azure/aks/update-credentials",
-            "service": "AKS",
+            "description": "check by searching the Meter Category Licenses in the Cost analysys",
+            "guid": "59ae568b-a38d-4498-9e22-13dbd7bb012f",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/manage/centralize-operations",
+            "service": "VM",
             "services": [
-                "WAF"
+                "VM",
+                "Cost",
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "High",
-            "text": "If using Service Principals for the cluster, refresh credentials periodically (like quarterly)",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "run the script on all windows VMs https://learn.microsoft.com/azure/virtual-machines/windows/hybrid-use-benefit-licensing?ref=andrewmatveychuk.com#convert-an-existing-vm-using-azure-hybrid-benefit-for-windows-server- consider implementing a policy if windows VMs are created frequently",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "guid": "e7ba73a3-0508-4f80-806f-527db30cee96",
-            "link": "https://learn.microsoft.com/azure/aks/use-kms-etcd-encryption",
-            "service": "AKS",
+            "guid": "7b95e06e-158e-42ea-9992-c2de6e2065b3",
+            "link": "https://learn.microsoft.com/azure/active-directory/privileged-identity-management/pim-configure",
+            "service": "VM",
             "services": [
-                "WAF"
+                "WAF",
+                "LoadBalancer"
             ],
             "severity": "Medium",
-            "text": "If required add Key Management Service etcd encryption",
-            "waf": "Security"
+            "text": " this can be also put under AHUB if you already have licenses https://learn.microsoft.com/azure/virtual-machines/linux/azure-hybrid-benefit-linux?tabs=rhelpayg%2Crhelbyos%2CrhelEnablebyos%2Crhelcompliance",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "guid": "ec8e4e42-0344-41b0-b865-9123e8956d31",
-            "link": "https://learn.microsoft.com/azure/confidential-computing/confidential-nodes-aks-overview",
-            "service": "AKS",
+            "guid": "75c1e945-b459-4837-bf7a-e7c6d3b475a5",
+            "link": "https://learn.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal",
+            "service": "VM",
             "services": [
-                "AKS",
+                "VM",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "If required consider using Confidential Compute for AKS",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Consolidate reserved VM families with flexibility option (no more than 4-5 families)",
+            "training": "https://learn.microsoft.com/azure/automation/automation-solution-vm-management",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "guid": "c9e95ffe-6dd1-4a17-8c5f-110389ca9b21",
-            "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-containers-enable",
-            "service": "AKS",
+            "guid": "c7acbe49-bbe6-44dd-a9f2-e87778468d55",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/identity-access#prerequisites-for-a-landing-zone---design-recommendations",
+            "service": "VM",
             "services": [
-                "Defender",
-                "WAF"
+                "VM",
+                "Cost",
+                "WAF",
+                "ARS"
             ],
             "severity": "Medium",
-            "text": "Consider using Defender for Containers",
-            "waf": "Security"
+            "text": "Utilize Azure Reserved Instances: This feature allows you to reserve VMs for a period of 1 or 3 years, providing significant cost savings compared to PAYG prices.",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (properties.servicePrincipalProfile.clientId=='msi') | distinct id,compliant",
-            "guid": "ed127dd1-42b0-46b2-8c69-99a646f3389a",
-            "link": "https://learn.microsoft.com/azure/aks/use-managed-identity",
-            "service": "AKS",
+            "guid": "a6bcca2b-4fea-41db-b3dd-95d48c7c891d",
+            "link": "https://learn.microsoft.com/azure/active-directory-domain-services/overview",
+            "service": "VM",
             "services": [
-                "Entra",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use managed identities instead of Service Principals",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Only larger disks can be reserved => 1 TiB -",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = isnotnull(properties.aadProfile) | distinct id,compliant",
-            "guid": "7e42c78e-78c0-46a6-8a21-94956e698dc4",
-            "link": "https://learn.microsoft.com/azure/aks/managed-aad",
-            "service": "AKS",
+            "guid": "cb1f7d57-59ae-4568-aa38-d4985e2213db",
+            "link": "https://learn.microsoft.com/azure/architecture/reference-architectures/identity/adds-extend-domain",
+            "service": "VM",
             "services": [
-                "Entra",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Integrate authentication with AAD (using the managed integration)",
-            "waf": "Security"
+            "text": "After the right-sizing optimization",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Sql/servers",
             "checklist": "WAF checklist",
-            "guid": "a2fe27b2-e287-401a-8352-beedf79b488d",
-            "link": "https://learn.microsoft.com/azure/aks/control-kubeconfig-access",
-            "service": "AKS",
+            "guid": "d7bb012f-7b95-4e06-b158-e2ea3992c2de",
+            "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy",
+            "service": "Azure SQL",
+            "services": [
+                "Cost",
+                "SQL",
+                "WAF",
+                "AzurePolicy"
+            ],
+            "severity": "Medium",
+            "text": "Check if applicable and enforce policy/change https://learn.microsoft.com/azure/azure-sql/azure-hybrid-benefit?view=azuresql&tabs=azure-portalhttps://learn.microsoft.com/azure/cost-management-billing/scope-level/create-sql-license-assignments?source=recommendations",
+            "waf": "Cost"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "WAF checklist",
+            "guid": "6e2065b3-a76a-4f4a-991e-8839ada46667",
+            "link": "https://learn.microsoft.com/azure/active-directory/roles/best-practices",
+            "service": "VM",
             "services": [
+                "VM",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Limit access to admin kubeconfig (get-credentials --admin)",
-            "waf": "Security"
+            "text": "The VM + license part discount (ahub + 3YRI) is around 70% discount",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "guid": "eec4962c-c3bd-421b-b77f-26e5e6b3bec3",
-            "link": "https://learn.microsoft.com/azure/aks/manage-azure-rbac",
-            "service": "AKS",
+            "guid": "ccbd9792-a6bc-4ca2-a4fe-a1dbf3dd95d4",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#send-logs-to-microsoft-sentinel",
+            "service": "VM",
             "services": [
-                "Entra",
-                "RBAC",
+                "VM",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Integrate authorization with AAD RBAC",
-            "waf": "Security"
+            "text": "Consider using a VMSS to match demand rather than flat sizing",
+            "waf": "Cost"
         },
         {
             "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "d4f3537c-1346-4dc5-9027-a71ffe1bd05d",
-            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-identity",
+            "guid": "c1b1cd52-1e54-4a29-a9de-39ac0e7c28dc",
+            "link": "https://learn.microsoft.com/azure/reliability/cross-region-replication-azure",
             "service": "AKS",
             "services": [
-                "RBAC",
                 "AKS",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use namespaces for restricting RBAC privilege in Kubernetes",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Use AKS autoscaler to match your clusters usage (make sure the pods requirements match the scaler)",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.RecoveryServices/vaults",
             "checklist": "WAF checklist",
-            "guid": "d2e0d5d7-71d4-41e3-910c-c57b4a4b1410",
-            "link": "https://learn.microsoft.com/azure/aks/workload-identity-migration-sidecar",
-            "service": "AKS",
+            "guid": "44be3b1a-27f8-4b9e-a1be-1f38df03a822",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/data-retention-archive?tabs=portal-1%2Cportal-2#how-retention-and-archiving-work",
+            "service": "Azure Backup",
             "services": [
-                "Entra",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "For Pod Identity Access Management use Azure AD Workload Identity (preview)",
-            "waf": "Security"
+            "text": "Move recovery points to vault-archive where applicable (Validate)",
+            "training": "https://azure.microsoft.com/pricing/reservations/",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Databricks/workspaces",
             "checklist": "WAF checklist",
-            "guid": "f4dcf690-1b30-407d-abab-6f8aa780d3a3",
-            "link": "https://learn.microsoft.com/azure/aks/managed-aad#non-interactive-sign-in-with-kubelogin",
-            "service": "AKS",
+            "guid": "cd463cbb-bc8a-4c29-aebc-91a43da1dae2",
+            "link": "https://learn.microsoft.com/azure/databricks/clusters/cluster-config-best-practices#automatic-termination",
+            "service": "Databricks",
+            "services": [
+                "VM",
+                "WAF",
+                "LoadBalancer"
+            ],
+            "severity": "Medium",
+            "text": "Consider using Spot VMs with fallback where possible. Consider autotermination of clusters.",
+            "waf": "Cost"
+        },
+        {
+            "arm-service": "Microsoft.Web/sites",
+            "checklist": "WAF checklist",
+            "guid": "cc881470-607c-41cc-a0e6-14658dd458e9",
+            "link": "https://learn.microsoft.com/azure/governance/policy/how-to/guest-configuration-create",
+            "service": "Azure Functions",
             "services": [
-                "AKS",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "For AKS non-interactive logins use kubelogin (preview)",
-            "waf": "Security"
+            "text": "Functions - Reuse connections",
+            "training": "https://learn.microsoft.com/azure/cost-management-billing/reservations/reservation-apis?toc=%2Fazure%2Fcost-management-billing%2Ftoc.json",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (properties.disableLocalAccounts==true) | distinct id,compliant",
-            "guid": "b085b1f2-3119-4771-8c9a-bbf4411810ec",
-            "link": "https://learn.microsoft.com/azure/aks/managed-aad#disable-local-accounts",
-            "service": "AKS",
+            "guid": "27139b82-1102-4dbd-9eaf-11e6f843e52f",
+            "link": "https://learn.microsoft.com/azure/automation/update-management/overview",
+            "service": "Azure Functions",
             "services": [
-                "AKS",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Disable AKS local accounts",
-            "waf": "Security"
+            "text": "Functions - Cache data locally",
+            "training": "https://learn.microsoft.com/learn/paths/azure-administrator-manage-compute-resources/",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "36abb0db-c118-4f4c-9880-3f30f9a2deb6",
-            "link": "https://learn.microsoft.com/azure/aks/managed-aad#configure-just-in-time-cluster-access-with-azure-ad-and-aks",
-            "service": "AKS",
+            "guid": "4722d928-c1b1-4cd5-81e5-4a29b9de39ac",
+            "link": "https://learn.microsoft.com/azure/network-watcher/network-watcher-monitoring-overview",
+            "service": "Azure Functions",
             "services": [
+                "Storage",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Configure if required Just-in-time cluster access",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Functions - Cold starts-Use the 'Run from package' functionality. This way, the code is downloaded as a single zip file. This can, for example, result in significant improvements with Javascript functions, which have a lot of node modules.Use language specific tools to reduce the package size, for example, tree shaking Javascript applications.",
+            "training": "https://learn.microsoft.com/learn/modules/configure-network-watcher/",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "c4d7f4c6-79bf-45d0-aa05-ce8fc717e150",
-            "link": "https://learn.microsoft.com/azure/aks/managed-aad#use-conditional-access-with-azure-ad-and-aks",
-            "service": "AKS",
+            "guid": "0e7c28dc-9366-4572-82bf-f4564b0d934a",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/lock-resources?tabs=json",
+            "service": "Azure Functions",
+            "services": [
+                "WAF"
+            ],
+            "severity": "Medium",
+            "text": "Functions - Keep your functions warm",
+            "training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
+            "waf": "Cost"
+        },
+        {
+            "arm-service": "Microsoft.Web/sites",
+            "checklist": "WAF checklist",
+            "guid": "359c363e-7dd6-4162-9a36-4a907ebae38e",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Azure Functions",
             "services": [
-                "Entra",
-                "AKS",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Configure if required AAD conditional access for AKS",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "When using autoscale with different functions, there might be one driving all the autoscale for all the resources - consider moving it to a separate consumption plan (and consider higher plan for CPU)",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "e1123a7c-a333-4eb4-a120-4ee3f293c9f3",
-            "link": "https://learn.microsoft.com/azure/aks/use-group-managed-service-accounts",
-            "service": "AKS",
+            "guid": "ad53cc7d-e2e8-4aaa-a357-1549ab9153d8",
+            "link": "https://learn.microsoft.com/azure/service-health/alerts-activity-log-service-notifications-portal",
+            "service": "Azure Functions",
             "services": [
-                "AKS",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "If required for Windows AKS workloads configure gMSA ",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Function apps in a given plan are all scaled together, so any issues with scaling can affect all apps in the plan.",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Web/sites",
             "checklist": "WAF checklist",
-            "guid": "1f711a74-3672-470b-b8b8-a2148d640d79",
-            "link": "https://learn.microsoft.com/azure/aks/use-managed-identity#use-a-pre-created-kubelet-managed-identity",
-            "service": "AKS",
+            "guid": "9f89dc7b-44be-43b1-a27f-8b9e91be1f38",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/alerts/action-groups",
+            "service": "Azure Functions",
             "services": [
-                "Entra",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "For finer control consider using a managed Kubelet Identity",
-            "waf": "Security"
+            "text": "Am I billed for 'await time'? This question is typically asked in the context of a C# function that does an async operation and waits for the result, e.g. await Task.Delay(1000) or await client.GetAsync('http://google.com'). The answer is yes - the GB second calculation is based on the start and end time of the function and the memory usage over that period. What actually happens over that time in terms of CPU activity is not factored into the calculation.One exception to this rule is if you are using durable functions. You are not billed for time spent at awaits in orchestrator functions.apply demand shaping techinques where possible (dev environments?) https://github.com/Azure-Samples/functions-csharp-premium-scaler",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "cbd8ac2a-aebc-4a2a-94da-1dbf3dc99248",
-            "link": "https://azure.github.io/application-gateway-kubernetes-ingress/setup/install-existing/",
-            "service": "AKS",
+            "guid": "3da1dae2-cc88-4147-8607-c1cca0e61465",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
+            "service": "Front Door",
             "services": [
-                "ACR",
-                "AppGW",
-                "WAF"
+                "EventHubs",
+                "WAF",
+                "FrontDoor"
             ],
             "severity": "Medium",
-            "text": "If using AGIC, do not share an AppGW across clusters",
-            "waf": "Reliability"
+            "text": "Frontdoor - Turn off the default homepageIn the application settings of your App, set AzureWebJobsDisableHomepage to true. This will return a 204 (No Content) to the PoP so only header data is returned.",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (isnull(properties.addonProfiles.httpApplicationRouting) or properties.addonProfiles.httpApplicationRouting.enabled==false) | distinct id,compliant",
-            "guid": "8008ae7d-7e4b-4475-a6c8-bdbf59bce65d",
-            "link": "https://learn.microsoft.com/azure/aks/http-application-routing",
-            "service": "AKS",
+            "guid": "8dd458e9-2713-49b8-8110-2dbd6eaf11e6",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-setup-guide/monitoring-reporting?tabs=AzureMonitor",
+            "service": "Front Door",
             "services": [
-                "AKS",
-                "WAF"
+                "WAF",
+                "FrontDoor",
+                "AppSvc"
             ],
-            "severity": "High",
-            "text": "Do not use AKS HTTP Routing Add-On, use instead the managed NGINX ingress with the application routing add-on.",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Frontdoor - Route to something that returns nothing. Either set up a Function, Function Proxy, or add a route in your WebApp that returns 200 (OK) and sends no or minimal content. The advantage of this is you will be able to log out when it is called.",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "7bacd7b9-c025-4a9d-a5d2-25d6bc5439d9",
-            "link": "https://learn.microsoft.com/azure/virtual-network/accelerated-networking-overview",
-            "service": "AKS",
+            "guid": "7e31c67d-68cf-46a6-8a11-94956d697dc3",
+            "link": "https://learn.microsoft.com/azure/architecture/best-practices/monitoring",
+            "service": "Storage",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "For Windows workloads use Accelerated Networking",
-            "waf": "Performance"
+            "text": "Consider archiving tiers for less used data",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (tolower(properties.networkProfile.loadBalancerSku)=='standard') | distinct id,compliant",
-            "guid": "ba7da7be-9952-4914-a384-5d997cb39132",
-            "link": "https://learn.microsoft.com/azure/aks/load-balancer-standard",
-            "service": "AKS",
+            "guid": "a2ed27b2-d186-4f1a-8252-bddde68a487c",
+            "link": "https://learn.microsoft.com/azure/automation/how-to/region-mappings",
+            "service": "VM",
             "services": [
-                "LoadBalancer",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use the standard ALB (as opposed to the basic one)",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Check disk sizes where the size does not match the tier (i.e. A 513 GiB disk will pay a P30 (1TiB) and consider resizing",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "22fbe8d6-9b40-47ef-9011-25bb1a555a6b",
-            "link": "https://learn.microsoft.com/azure/aks/use-multiple-node-pools#add-a-node-pool-with-a-unique-subnet",
-            "service": "AKS",
+            "guid": "dec4861b-c3bc-410a-b77e-26e4d5a3bec2",
+            "link": "https://learn.microsoft.com/azure/governance/policy/concepts/guest-configuration",
+            "service": "Storage",
             "services": [
-                "VNet",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "If using Azure CNI, consider using different Subnets for NodePools",
-            "waf": "Security"
+            "text": "Consider using standard SSD rather than Premium or Ultra where possible",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "c3c39c98-6bb2-4c12-859a-114b5e3df584",
-            "link": "https://learn.microsoft.com/azure/private-link/private-link-overview",
-            "service": "AKS",
+            "guid": "c4e2436b-1336-4db5-9f17-960eee0bdf5c",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#monitoring-for-configuration-drift",
+            "service": "Storage",
             "services": [
-                "PrivateLink",
-                "VNet",
+                "Storage",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use Private Endpoints (preferred) or Virtual Network Service Endpoints to access PaaS services from the cluster",
-            "waf": "Security"
+            "text": "For storage accounts, make sure that the chosen tier is not adding up transaction charges (it might be cheaper to move to the next tier)",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.RecoveryServices/vaults",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (properties.networkProfile.networkPlugin=='azure') | distinct id,compliant",
-            "guid": "a0f61565-9de5-458f-a372-49c831112dbd",
-            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-network",
-            "service": "AKS",
+            "guid": "c2efc5d7-61d4-41d2-900b-b47a393a040f",
+            "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
+            "service": "Site Recovery",
             "services": [
+                "ASR",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Choose the best CNI network plugin for your requirements (Azure CNI recommended)",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "For ASR, consider using Standard SSD disks if the RPO/RTO and replication throughput allow it",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "7faf12e7-0943-4f63-8472-2da29c2b1cd6",
-            "link": "https://learn.microsoft.com/azure/aks/configure-azure-cni",
-            "service": "AKS",
+            "guid": "d3294798-b118-48b2-a5a4-6ceb544451e1",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/resiliency/backup-and-recovery",
+            "service": "Storage",
             "services": [
-                "VNet",
+                "Storage",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "If using Azure CNI, size your subnet accordingly considering the maximum number of pods per node",
-            "waf": "Performance"
+            "severity": "Medium",
+            "text": "Storage accounts: check hot tier and/or GRS necessary",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "guid": "22f54b29-bade-43aa-b1e8-c38ec9366673",
-            "link": "https://learn.microsoft.com/azure/aks/configure-azure-cni",
-            "service": "AKS",
+            "guid": "92d34429-3c76-4286-97a5-51c5b04e4f18",
+            "link": "https://learn.microsoft.com/azure/backup/backup-center-overview",
+            "service": "VM",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "If using Azure CNI, check the maximum pods/node (default 30)",
-            "waf": "Performance"
+            "severity": "Medium",
+            "text": "Disks - validate use of Premium SSD disks everywhere: for example, non-prod could swap to Standard SSD or on-demand Premium SSD  ",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Synapse/workspaces",
             "checklist": "WAF checklist",
-            "description": "For internal apps organizations often open the whole AKS subnet in their firewalls. This opens network access to the nodes too, and potentially to the pods as well (if using Azure CNI). If LoadBalancer IPs are in a different subnet, only this one needs to be available to the app clients. Another reason is that if the IP addresses in the AKS subnet are a scarce resource, consuming its IP addresses for services will reduce the maximum scalability of the cluster .",
-            "guid": "13c00567-4b1e-4945-a459-c373e7ed6162",
-            "link": "https://learn.microsoft.com/azure/aks/internal-lb",
-            "service": "AKS",
+            "guid": "54387e5c-ed12-46cd-832a-f5b2fc6998a5",
+            "link": "https://learn.microsoft.com/azure/reliability/availability-zones-overview",
+            "service": "Synapse",
             "services": [
-                "VNet",
-                "AKS",
+                "Monitor",
+                "EventHubs",
+                "Cost",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "If using private-IP LoadBalancer services, use a dedicated subnet (not the AKS subnet)",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Create budgets to manage costs and create alerts that automatically notify stakeholders of spending anomalies and overspending risks.",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Synapse/workspaces",
             "checklist": "WAF checklist",
-            "guid": "43f63047-22d9-429c-8b1c-d622f54b29ba",
-            "link": "https://learn.microsoft.com/azure/aks/configure-azure-cni",
-            "service": "AKS",
+            "guid": "35e33789-7e31-4c67-b68c-f6a62a119495",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/availability",
+            "service": "Synapse",
             "services": [
-                "WAF"
+                "Storage",
+                "WAF",
+                "Cost"
             ],
-            "severity": "High",
-            "text": "Size the service IP address range accordingly (it is going to limit the cluster scalability)",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Export cost data to a storage account for additional data analysis.",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Synapse/workspaces",
             "checklist": "WAF checklist",
-            "guid": "57bf217f-6dc8-481c-81e2-785773e9c00f",
-            "link": "https://learn.microsoft.com/azure/aks/use-byo-cni",
-            "service": "AKS",
+            "guid": "6d697dc3-a2ed-427b-8d18-6f1a1252bddd",
+            "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-overview",
+            "service": "Synapse",
             "services": [
+                "Cost",
+                "SQL",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "If required add your own CNI plugin",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Control costs for a dedicated SQL pool by pausing the resource when it is not in use.",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Synapse/workspaces",
             "checklist": "WAF checklist",
-            "guid": "4b3bb365-9458-44d9-9ed1-5c8f52890364",
-            "link": "https://learn.microsoft.com/azure/aks/use-multiple-node-pools#assign-a-public-ip-per-node-for-your-node-pools",
-            "service": "AKS",
+            "guid": "e68a487c-dec4-4861-ac3b-c10ae77e26e4",
+            "link": "https://learn.microsoft.com/azure/virtual-machine-scale-sets/overview",
+            "service": "Synapse",
             "services": [
-                "AKS",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "If required configure Public IP per node in AKS",
-            "waf": "Performance"
+            "severity": "Medium",
+            "text": "Enable the serverless Apache Spark automatic pause feature and set your timeout value accordingly.",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Synapse/workspaces",
             "checklist": "WAF checklist",
-            "guid": "b3808b9f-a1cf-4204-ad01-3a923ce474db",
-            "link": "https://learn.microsoft.com/azure/aks/concepts-network",
-            "service": "AKS",
+            "guid": "d5a3bec2-c4e2-4436-a133-6db55f17960e",
+            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-latest-version-for-customer-managed-certificates",
+            "service": "Synapse",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use an ingress controller to expose web-based apps instead of exposing them with LoadBalancer-type services",
-            "waf": "Reliability"
+            "text": "Create multiple Apache Spark pool definitions of various sizes.",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Synapse/workspaces",
             "checklist": "WAF checklist",
-            "guid": "ccb534e7-416e-4a1d-8e93-533b53199085",
-            "link": "https://learn.microsoft.com/azure/aks/nat-gateway",
-            "service": "AKS",
+            "guid": "ee0bdf5c-c2ef-4c5d-961d-41d2500bb47a",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups#management-groups-in-the-azure-landing-zone-accelerator",
+            "service": "Synapse",
             "services": [
+                "Cost",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Use Azure NAT Gateway as outboundType for scaling egress traffic",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Purchase Azure Synapse commit units (SCU) for one year with a pre-purchase plan to save on your Azure Synapse Analytics costs.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "guid": "8ee9a69a-1b58-4b1e-9c61-476e110a160b",
-            "link": "https://learn.microsoft.com/azure/aks/configure-azure-cni#dynamic-allocation-of-ips-and-enhanced-subnet-support",
-            "service": "AKS",
+            "guid": "393a040f-d329-4479-ab11-88b2c5a46ceb",
+            "link": "https://learn.microsoft.com/azure/application-gateway/overview-v2",
+            "service": "VM",
             "services": [
+                "VM",
+                "Cost",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use Dynamic allocations of IPs in order to avoid Azure CNI IP exhaustion",
-            "waf": "Reliability"
+            "text": "Use Spot VMs for interruptible jobs: These are VMs that can be bid on and purchased at a discounted price, providing a cost-effective solution for non-critical workloads.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (properties.networkProfile.outboundType=='userDefinedRouting') | distinct id,compliant",
-            "guid": "3b365a91-7ecb-4e48-bbe5-4cd7df2e8bba",
-            "link": "https://learn.microsoft.com/azure/aks/limit-egress-traffic",
-            "service": "AKS",
+            "guid": "544451e1-92d3-4442-a3c7-628637a551c5",
+            "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-overview",
+            "service": "VM",
             "services": [
-                "NVA",
+                "VM",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Filter egress traffic with AzFW/NVA if your security requirements mandate it",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Right-sizing all VMs",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = ((isnull(properties.apiServerAccessProfile.enablePrivateCluster) or properties.apiServerAccessProfile.enablePrivateCluster==false) and isnotnull(properties.apiServerAccessProfile.authorizedIPRanges)) | distinct id,compliant",
-            "guid": "c4581559-bb91-463e-a908-aed8c44ce3b2",
-            "link": "https://learn.microsoft.com/azure/aks/api-server-authorized-ip-ranges",
-            "service": "AKS",
+            "guid": "b04e4f18-5438-47e5-aed1-26cd032af5b2",
+            "link": "https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet",
+            "service": "VM",
             "services": [
+                "VM",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "If using a public API endpoint, restrict the IP addresses that can access it",
-            "waf": "Security"
+            "text": "Swap VM sized with normalized and most recent sizes",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | where isnotnull(properties.apiServerAccessProfile.enablePrivateCluster) | extend compliant = (properties.apiServerAccessProfile.enablePrivateCluster==true) | distinct id, compliant",
-            "guid": "ecccd979-3b6b-4cda-9b50-eb2eb03dda6d",
-            "link": "https://learn.microsoft.com/azure/aks/private-clusters",
-            "service": "AKS",
+            "guid": "fc6998a5-35e3-4378-a7e3-1c67d68cf6a6",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
+            "service": "VM",
             "services": [
+                "VM",
+                "Monitor",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use private clusters if your requirements mandate it",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "right-sizing VMs - start with monitoring usage below 5% and then work up to 40%",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | where isnotnull(properties.apiServerAccessProfile.enablePrivateCluster) | extend compliant = (properties.apiServerAccessProfile.enablePrivateCluster==true) | distinct id, compliant",
-            "guid": "ce7f2a7c-297c-47c6-adea-a6ff838db665",
-            "link": "https://learn.microsoft.com/azure/aks/use-network-policies",
-            "service": "AKS",
+            "guid": "2a119495-6d69-47dc-9a2e-d27b2d186f1a",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
+            "service": "VM",
             "services": [
-                "AKS",
-                "AzurePolicy",
+                "VM",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "For Windows 2019 and 2022 AKS nodes Calico Network Policies can be used ",
-            "waf": "Security"
+            "text": "Containerizing an application can improve VM density and save money on scaling it",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Cost"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Search/searchServices",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = isnotnull(properties.networkProfile.networkPolicy) | distinct id,compliant",
-            "guid": "58d7c892-ddb1-407d-9769-ae669ca48e4a",
-            "link": "https://learn.microsoft.com/azure/aks/use-network-policies",
-            "service": "AKS",
+            "guid": "41faa1ed-b7f0-447d-8cba-4a4905e5bb83",
+            "link": "https://learn.microsoft.com/azure/search/search-reliability#high-availability",
+            "service": "Cognitive Search",
             "services": [
-                "AKS",
-                "AzurePolicy",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Enable a Kubernetes Network Policy option (Calico/Azure)",
-            "waf": "Security"
+            "text": "Enable 2 replicas to have 99.9% availability for read operations",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Search/searchServices",
             "checklist": "WAF checklist",
-            "guid": "85e2223e-ce8b-4b12-907c-a5f16f158e3e",
-            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-network",
-            "service": "AKS",
+            "guid": "7d956fd9-788a-4845-9b9f-c0340972d810",
+            "link": "https://learn.microsoft.com/azure/search/search-reliability#high-availability",
+            "service": "Cognitive Search",
             "services": [
-                "AKS",
-                "AzurePolicy",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use Kubernetes network policies to increase intra-cluster security",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Enable 3 replicas to have 99.9% availability for read/write operations",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Search/searchServices",
             "checklist": "WAF checklist",
-            "guid": "a3a92c2d-e7e2-4165-a3a8-7af4a7a1f893",
-            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-network",
-            "service": "AKS",
+            "guid": "44dc5f2b-a032-4d03-aae8-90c3f2c0a4c3",
+            "link": "https://learn.microsoft.com/azure/search/search-reliability#availability-zone-support",
+            "service": "Cognitive Search",
             "services": [
                 "WAF"
             ],
             "severity": "High",
-            "text": "Use a WAF for web workloads (UIs or APIs)",
-            "waf": "Security"
+            "text": "Leverage Availability Zones by enabling read and/or write replicas",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Search/searchServices",
             "checklist": "WAF checklist",
-            "graph": "Resources | where type=~'microsoft.containerservice/managedclusters' | project resourceGroup,name,pools=properties.agentPoolProfiles | mv-expand pools | project subnetId=tostring(pools.vnetSubnetID) | where isnotempty(subnetId) | join (Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,enableDdosProtection=tostring(properties.enableDdosProtection),subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,enableDdosProtection,subnetId=tostring(subnets.id)) on subnetId | distinct id,resourceGroup,name,enableDdosProtection | extend compliant = (enableDdosProtection == 'true')",
-            "guid": "9bda4776-8f24-4c11-9775-c2ea55b46a94",
-            "link": "https://learn.microsoft.com/azure/virtual-network/ddos-protection-overview",
-            "service": "AKS",
+            "guid": "cd0730f0-0ff1-4b77-9a2b-2a1f7dd5e291",
+            "link": "https://learn.microsoft.com/azure/search/search-reliability#multiple-services-in-separate-geographic-regions",
+            "service": "Cognitive Search",
             "services": [
-                "AKS",
-                "VNet",
-                "DDoS",
+                "ACR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use DDoS Standard in the AKS Virtual Network",
-            "waf": "Security"
+            "text": "For regional redudancy, Manually create services in 2 or more regions for Search as it doesn't provide an automated method of replicating search indexes across geographic regions",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Search/searchServices",
             "checklist": "WAF checklist",
-            "graph": "Resources | where type=~'microsoft.containerservice/managedclusters' | project resourceGroup,name,pools=properties.agentPoolProfiles | mv-expand pools | project subnetId=tostring(pools.vnetSubnetID) | where isnotempty(subnetId) | join (Resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,enableDdosProtection=tostring(properties.enableDdosProtection),subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,enableDdosProtection,subnetId=tostring(subnets.id)) on subnetId | distinct id,resourceGroup,name,enableDdosProtection | extend compliant = (enableDdosProtection == 'true')",
-            "guid": "6c46b91a-1107-4485-ad66-3183e2a8c266",
-            "link": "https://learn.microsoft.com/azure/aks/http-proxy",
-            "service": "AKS",
+            "guid": "3c964882-aec9-4d44-9f68-4b5f2efbbdb6",
+            "link": "https://learn.microsoft.com/azure/search/search-reliability#synchronize-data-across-multiple-services",
+            "service": "Cognitive Search",
             "services": [
+                "ACR",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "If required add company HTTP Proxy",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "To synchronize data across multiple services either Use indexers for updating content on multiple services or Use REST APIs for pushing content updates on multiple services",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Search/searchServices",
             "checklist": "WAF checklist",
-            "guid": "e9855d04-c3c3-49c9-a6bb-2c12159a114b",
-            "link": "https://learn.microsoft.com/azure/aks/servicemesh-about",
-            "service": "AKS",
+            "guid": "85ee93c9-f53c-4803-be51-e6e4aa37ff4e",
+            "link": "https://learn.microsoft.com/azure/search/search-reliability#use-azure-traffic-manager-to-coordinate-requests",
+            "service": "Cognitive Search",
             "services": [
+                "TrafficManager",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Consider using a service mesh for advanced microservice communication management",
-            "waf": "Security"
+            "text": "Use Azure Traffic Manager to coordinate requests",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Search/searchServices",
             "checklist": "WAF checklist",
-            "guid": "67f7a9ed-5b31-4f38-a3f3-9812b2463cff",
-            "link": "https://learn.microsoft.com/azure/azure-monitor/insights/container-insights-metric-alerts",
-            "service": "AKS",
+            "guid": "7be10278-57c1-4a61-8ee3-895aebfec5aa",
+            "link": "https://learn.microsoft.com/azure/search/search-reliability#back-up-and-restore-alternatives",
+            "service": "Cognitive Search",
             "services": [
-                "Monitor",
-                "WAF"
+                "Storage",
+                "WAF",
+                "Backup"
             ],
             "severity": "High",
-            "text": "Configure alerts on the most critical metrics (see Container Insights for recommendations)",
-            "waf": "Operations"
+            "text": "Backup and Restore an Azure Cognitive Search Index. Use this sample code to back up index definition and snapshot to a series of Json files",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Kusto/clusters",
             "checklist": "WAF checklist",
-            "guid": "337453a3-cc63-4963-9a65-22ac19e80696",
-            "link": "https://learn.microsoft.com/azure/advisor/advisor-get-started",
-            "service": "AKS",
+            "description": "Using the correct approach to feed a datalake with cold data and having the Kusto query engine at your disposal at the same time, as in the short-term storage",
+            "guid": "ba7da7be-9951-4914-a384-5d997cb39132",
+            "link": "https://learn.microsoft.com/azure/data-explorer/kusto/management/data-export/continuous-data-export",
+            "service": "Azure Data Explorer",
             "services": [
-                "Entra",
-                "WAF"
+                "Storage",
+                "WAF",
+                "Cost"
             ],
-            "severity": "Low",
-            "text": "Check regularly Azure Advisor for recommendations on your cluster",
-            "waf": "Operations"
+            "text": "Leverage External Tables and Continuous data export overview to reduce costs",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Kusto/clusters",
             "checklist": "WAF checklist",
-            "guid": "3aa70560-e7e7-4968-be3d-628af35b2ced",
-            "link": "https://learn.microsoft.com/azure/aks/certificate-rotation",
-            "service": "AKS",
+            "description": "Azure Data Explorer provides an optional follower capability for a leader cluster to be followed by other follower clusters for read-only access to the leader's data and metadata. Changes in the leader, such as create, append, and drop are automatically synchronized to the follower. While the leaders could span Azure regions, the follower clusters should be hosted in the same region(s) as the leader. If the leader cluster is down or databases or tables are accidentally dropped, the follower clusters will lose access until access is recovered in the leader.",
+            "guid": "56a22586-f490-4641-addd-ea8a377cdeb3",
+            "link": "https://learn.microsoft.com/azure/data-explorer/follower?tabs=csharp",
+            "service": "Azure Data Explorer",
             "services": [
-                "AKS",
+                "Storage",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Enable AKS auto-certificate rotation",
-            "waf": "Operations"
+            "text": "To share data, explore Leader-follower cluster configuration",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Kusto/clusters",
             "checklist": "WAF checklist",
-            "guid": "e189c599-df0d-45a7-9dd4-ce32c1881370",
-            "link": "https://learn.microsoft.com/azure/aks/supported-kubernetes-versions",
-            "service": "AKS",
+            "description": "Azure Data Explorer doesn't support automatic protection against the outage of an entire Azure region. This disruption can happen during a natural disaster, like an earthquake. If you require a solution for a disaster recovery situation, do the following steps to ensure business continuity. In these steps, you'll replicate your clusters, management, and data ingestion in two Azure paired regions.",
+            "guid": "861bb2bc-14ae-4a6e-95d8-d9a3adc218e6",
+            "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-create-solution#create-multiple-independent-clusters",
+            "service": "Azure Data Explorer",
             "services": [
-                "AKS",
+                "ASR",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Have a regular process to upgrade your kubernetes version periodically (quarterly, for example), or use the AKS autoupgrade feature",
-            "waf": "Operations"
+            "text": "To protect against regional failure, create Multiple independent clusters, preferably in two Azure Paired regions",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Kusto/clusters",
             "checklist": "WAF checklist",
-            "guid": "6f7c4c0d-4e51-4464-ad24-57ed67138b82",
-            "link": "https://learn.microsoft.com/azure/aks/node-updates-kured",
-            "service": "AKS",
+            "guid": "436b0635-cb45-4e57-a603-324ace8cc123",
+            "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-create-solution#replicate-management-activities",
+            "service": "Azure Data Explorer",
             "services": [
+                "RBAC",
+                "Storage",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use kured for Linux node upgrades in case you are not using node-image upgrade",
-            "waf": "Operations"
+            "text": "Replicate all management activities such as creating new tables or managing user roles on each cluster.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Kusto/clusters",
             "checklist": "WAF checklist",
-            "guid": "139c9580-ade3-426a-ba09-cf157d9f6477",
-            "link": "https://learn.microsoft.com/azure/aks/node-image-upgrade",
-            "service": "AKS",
+            "guid": "18ca6017-0265-4f4b-a46a-393af7f31728",
+            "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-create-solution",
+            "service": "Azure Data Explorer",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Have a regular process to upgrade the cluster node images periodically (weekly, for example)",
-            "waf": "Operations"
+            "text": "Ingest data into each cluster in parallel",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Kusto/clusters",
             "checklist": "WAF checklist",
-            "guid": "0102ce16-ee30-41e6-b882-e52e4621dd68",
-            "link": "https://learn.microsoft.com/azure/architecture/example-scenario/bedrock/bedrock-automated-deployments",
-            "service": "AKS",
+            "description": "This configuration is also called 'always-on'. For critical application deployments with no tolerance for outages, you should use multiple Azure Data Explorer clusters across Azure paired regions.",
+            "guid": "58a9c279-9c42-4bb6-9d0c-65556246b338",
+            "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-overview#active-active-active-configuration",
+            "service": "Azure Data Explorer",
             "services": [
+                "ACR",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Consider gitops to deploy applications or cluster configuration to multiple clusters",
-            "waf": "Operations"
+            "text": "For critical application with no tolerance for outages, create Active-Active-Active (always-on) configuration",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Kusto/clusters",
             "checklist": "WAF checklist",
-            "guid": "d7672c26-7602-4482-85a4-14527fbe855c",
-            "link": "https://learn.microsoft.com/azure/aks/command-invoke",
-            "service": "AKS",
+            "description": "This configuration is identical to the active-active-active configuration, but only involves two Azure paired regions. Configure dual ingestion, processing, and curation. Users are routed to the nearest region. The cluster SKU must be the same across regions.",
+            "guid": "563a4dc7-4a74-48b6-922a-d190916a6649",
+            "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-overview#active-active-configuration",
+            "service": "Azure Data Explorer",
             "services": [
-                "AKS",
+                "ACR",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Consider using AKS command invoke on private clusters",
-            "waf": "Operations"
+            "text": "For critical applications, create Active-Active configuration in two paired regions",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Kusto/clusters",
             "checklist": "WAF checklist",
-            "guid": "31d7aaab-7571-4449-ab80-53d89e89d17b",
-            "link": "https://learn.microsoft.com/azure/aks/node-auto-repair#node-autodrain",
-            "service": "AKS",
+            "description": "The Active-Hot configuration is similar to the Active-Active configuration in dual ingest, processing, and curation. While the standby cluster is online for ingestion, process, and curation, it isn't available to query. The standby cluster doesn't need to be in the same SKU as the primary cluster. It can be of a smaller SKU and scale, which may result in it being less performant. In a disaster scenario, users are redirected to the standby cluster, which can optionally be scaled up to increase performance.",
+            "guid": "8fadfe27-7de2-483b-8ac3-52baa9b75708",
+            "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-overview#active-hot-standby-configuration",
+            "service": "Azure Data Explorer",
             "services": [
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "For planned events consider using Node Auto Drain",
-            "waf": "Operations"
+            "text": "For applications, which required only read during failure, create Active-Hot standby configuration",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Kusto/clusters",
             "checklist": "WAF checklist",
-            "guid": "ed0fda7f-211b-47c7-8b6e-c18873fb473c",
-            "link": "https://learn.microsoft.com/azure/aks/faq",
-            "service": "AKS",
+            "description": "This solution offers the least resiliency (highest RPO and RTO), is the lowest in cost and highest in effort. In this configuration, there's no data recovery cluster. Configure continuous export of curated data (unless raw and intermediate data is also required) to a storage account that is configured GRS (Geo Redundant Storage). A data recovery cluster is spun up if there is a disaster recovery scenario. At that time, DDLs, configuration, policies, and processes are applied. Data is ingested from storage with the ingestion property kustoCreationTime to over-ride the ingestion time that defaults to system time.",
+            "guid": "49aa8092-dc8e-4b9d-8bb7-3b26a5a67eba",
+            "link": "https://learn.microsoft.com/azure/data-explorer/business-continuity-overview#on-demand-data-recovery-configuration",
+            "service": "Azure Data Explorer",
             "services": [
-                "WAF"
+                "Storage",
+                "AzurePolicy",
+                "WAF",
+                "ASR",
+                "Cost"
             ],
-            "severity": "High",
-            "text": "Develop own governance practices to make sure no changes are performed by operators in the node RG (aka 'infra RG')",
-            "waf": "Operations"
+            "text": "For applications, where cost is a concern and can withstand some downtime during failure, create on-demand data recovery cluster configuration",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Kusto/clusters",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (properties.nodeResourceGroup !startswith 'MC_') | distinct id,compliant",
-            "guid": "73b32a5a-67f7-4a9e-b5b3-1f38c3f39812",
-            "link": "https://learn.microsoft.com/azure/aks/cluster-configuration",
-            "service": "AKS",
+            "description": "All database objects, policies, and configurations should be persisted in source control so they can be released to the cluster from your release automation tool.",
+            "guid": "5a907e1e-348e-4f25-9c27-d32e8bbac757",
+            "link": "https://learn.microsoft.com/azure/data-explorer/devops",
+            "service": "Azure Data Explorer",
             "services": [
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Low",
-            "text": "Use custom Node RG (aka 'Infra RG') name",
-            "waf": "Operations"
+            "text": "Wrap DevOps and source control around all your code",
+            "training": "https://learn.microsoft.com/learn/paths/secure-your-cloud-data/",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Kusto/clusters",
             "checklist": "WAF checklist",
-            "guid": "b2463cff-e189-4c59-adf0-d5a73dd4ce32",
-            "link": "https://kubernetes.io/docs/setup/release/notes/",
-            "service": "AKS",
+            "guid": "1559ab91-53e8-4908-ae28-b84c33b6b780",
+            "link": "https://learn.microsoft.com/azure/data-explorer/devops",
+            "service": "Azure Data Explorer",
             "services": [
-                "AKS",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Do not use deprecated Kubernetes APIs in your YAML manifests",
-            "waf": "Operations"
+            "text": "Design, develop, and implement validation routines to ensure all clusters are in-sync from a data perspective.",
+            "training": "https://learn.microsoft.com/learn/modules/azure-active-directory/",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Kusto/clusters",
             "checklist": "WAF checklist",
-            "guid": "c1881370-6f7c-44c0-b4e5-14648d2457ed",
-            "link": "https://learn.microsoft.com/azure-stack/aks-hci/adapt-apps-mixed-os-clusters",
-            "service": "AKS",
+            "guid": "8b9fe5c4-1049-4d40-9a82-2c3474d00f18",
+            "link": "https://learn.microsoft.com/azure/data-explorer/devops",
+            "service": "Azure Data Explorer",
             "services": [
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Taint Windows nodes",
-            "waf": "Operations"
+            "text": "Be fully cognizant of what it takes to build a cluster from scratch. Leverage Infrastructure as a Code for your deployments",
+            "training": "https://learn.microsoft.com/learn/modules/implement-hybrid-identity-windows-server/",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "67138b82-0102-4ce1-9ee3-01e6e882e52e",
-            "link": "https://learn.microsoft.com/virtualization/windowscontainers/deploy-containers/version-compatibility?tabs=windows-server-20H2%2Cwindows-10-20H2",
-            "service": "AKS",
+            "guid": "bb235c70-5e17-496f-bedf-a8a4c8cdec4c",
+            "link": "https://learn.microsoft.com/entra/identity-platform/msal-acquire-cache-tokens",
+            "service": "Entra",
             "services": [
+                "Entra",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Keep windows containers patch level in sync with host patch level",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Use long-live revocable token, cache your token and acquire your silently using Microsoft Identity Library",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "description": "Via Diagnostic Settings at the cluster level",
-            "guid": "5b56ad48-408f-4e72-934c-476ba280dcf5",
-            "link": "https://learn.microsoft.com/azure/aks/monitor-aks",
-            "service": "AKS",
+            "guid": "503547c1-447e-4c66-828a-71f0f1ce16dd",
+            "link": "https://learn.microsoft.com/azure/active-directory-b2c/deploy-custom-policies-devops",
+            "service": "AAD B2C",
             "services": [
-                "Monitor",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Send master logs (aka API logs) to Azure Monitor or your preferred log management solution",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Make sure that your sign-in user flows are backed up and resilient. Make sure that the code that you use to sign-in your users are backed up and recoverable. Resilient interfaces with external processes",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "64d1a846-e28a-4b6b-9a33-22a635c15a21",
-            "link": "https://learn.microsoft.com/azure/aks/node-pool-snapshot",
-            "service": "AKS",
+            "guid": "3e3553a4-c873-4964-ab66-2d6c15f51296",
+            "link": "https://learn.microsoft.com/entra/architecture/resilient-end-user-experience#use-a-content-delivery-network",
+            "service": "AAD B2C",
             "services": [
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "If required use nodePool snapshots",
-            "waf": "Cost"
+            "severity": "Medium",
+            "text": "Custom brand assets should be hosted on a CDN",
+            "waf": "Performance"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "c5a5b252-1e44-4a59-a9d2-399c4d7b68d0",
-            "link": "https://learn.microsoft.com/azure/aks/spot-node-pool",
-            "service": "AKS",
+            "guid": "5398e6df-d237-4de1-93b1-6c21d79a9b64",
+            "link": "https://learn.microsoft.com/entra/identity/monitoring-health/reference-sla-performance",
+            "service": "AAD B2C",
             "services": [
                 "WAF"
             ],
             "severity": "Low",
-            "text": "Consider spot node pools for non time-sensitive workloads",
-            "waf": "Operations"
+            "text": "Have multiple identiy providers (i.e., login with your microsoft, google, facebook accounts)",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (isnotnull(properties.addonProfiles.aciConnectorLinux) and properties.addonProfiles.aciConnectorLinux.enabled==true) | distinct id,compliant",
-            "guid": "c755562f-2b4e-4456-9b4d-874a748b662e",
-            "link": "https://learn.microsoft.com/azure/aks/concepts-scale",
-            "service": "AKS",
+            "guid": "604489a8-f42d-478e-98c0-7a73b22a4a57",
+            "link": "https://azure.microsoft.com/blog/setting-up-active-directory-for-a-disaster-recovery-environment-2/",
+            "service": "Windows AD",
             "services": [
-                "AKS",
+                "VM",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Consider AKS virtual node for quick bursting",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Follow VM rules for high availability on the VM level (premium disks, two or more in a region, in different availability zones)",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "6f8389a7-f82c-4b8e-a8c0-aa63a25a4956",
-            "link": "https://learn.microsoft.com/azure/azure-monitor/insights/container-insights-overview",
-            "service": "AKS",
+            "guid": "e7a8dd4a-30e3-47c3-b297-11b2362ceee0",
+            "link": "https://azure.microsoft.com/blog/setting-up-active-directory-for-a-disaster-recovery-environment-2/",
+            "service": "Windows AD",
             "services": [
-                "Monitor",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Monitor your cluster metrics with Container Insights (or other tools like Prometheus)",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Don't replicate! Replication can create issues with directory synchronization",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (isnotnull(properties.addonProfiles.omsagent) and properties.addonProfiles.omsagent.enabled==true) | distinct id,compliant",
-            "guid": "eaa8dc4a-2436-47b3-9697-15b1752beee0",
-            "link": "https://learn.microsoft.com/azure/azure-monitor/insights/container-insights-overview",
-            "service": "AKS",
+            "guid": "79b598de-fc59-472c-b4cd-21b078036f5e",
+            "link": "https://azure.microsoft.com/blog/setting-up-active-directory-for-a-disaster-recovery-environment-2/",
+            "service": "Windows AD",
             "services": [
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Store and analyze your cluster logs with Container Insights (or other tools like Telegraf/ElasticSearch)",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Have active-active for multi-regions",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "4621dd68-c5a5-4be2-bdb1-1726769ef669",
-            "link": "https://learn.microsoft.com/azure/azure-monitor/containers/container-insights-analyze",
-            "service": "AKS",
+            "guid": "6b4bfd3d-5035-447c-8447-ec66128a71f0",
+            "link": "https://learn.microsoft.com/entra/identity/domain-services/tutorial-perform-disaster-recovery-drill",
+            "service": "Entra",
             "services": [
-                "Monitor",
+                "Entra",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Monitor CPU and memory utilization of the nodes",
-            "waf": "Operations"
+            "text": "Add Azure AD Domain service stamps to additional regions and locations",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "1a4835ac-9422-423e-ae80-b123081a5417",
-            "link": "https://learn.microsoft.com/azure/aks/configure-azure-cni",
-            "service": "AKS",
+            "guid": "f1ce16dd-3f1d-45e8-92e4-2e3611cc58b4",
+            "link": "https://learn.microsoft.com/entra/identity/domain-services/tutorial-perform-disaster-recovery-drill",
+            "service": "Entra",
             "services": [
-                "Monitor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "If using Azure CNI, monitor % of pod IPs consumed per node",
-            "waf": "Operations"
+            "text": "Use Replica Sets for DR",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "microsoft.documentdb/databaseAccounts",
             "checklist": "WAF checklist",
-            "description": "I/O in the OS disk is a critical resource. If the OS in the nodes gets throttled on I/O, this could lead to unpredictable behavior, typically ending up in node being declared NotReady",
-            "guid": "415833ea-3ad3-4c2d-b733-165c3acbe04b",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/premium-storage-performance",
-            "service": "AKS",
+            "guid": "43e52f47-22d9-428c-8b1c-d521e54a29a9",
+            "link": "https://github.com/Azure/fta-resiliencyplaybooks/blob/main/pass-foundations-playbooks-CosmosDB_v1.docx",
+            "service": "CosmosDB",
             "services": [
-                "Storage",
-                "Monitor",
-                "EventHubs",
-                "ServiceBus",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Monitor OS disk queue depth in nodes",
-            "waf": "Operations"
+            "text": "FTA Resiliency Playbook",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "microsoft.documentdb/databaseAccounts",
             "checklist": "WAF checklist",
-            "guid": "be209d39-fda4-4777-a424-d116785c2fa5",
-            "link": "https://learn.microsoft.com/azure/aks/load-balancer-standard",
-            "service": "AKS",
+            "guid": "de39ac0e-7c28-4dc9-9565-7202bff4564b",
+            "link": "https://learn.microsoft.com/azure/cosmos-db/high-availability#slas",
+            "service": "CosmosDB",
             "services": [
-                "LoadBalancer",
-                "Monitor",
-                "NVA",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "If not using egress filtering with AzFW/NVA, monitor standard ALB allocated SNAT ports",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Leverage Availablity Zones where regionally applicable and ofcourse if the service offers it",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "microsoft.documentdb/databaseAccounts",
             "checklist": "WAF checklist",
-            "guid": "74c2ee76-569b-4a79-a57e-dedf91b022c9",
-            "link": "https://learn.microsoft.com/azure/aks/aks-resource-health",
-            "service": "AKS",
+            "guid": "0d934a34-8b26-43e7-bd60-513a3649906e",
+            "link": "https://learn.microsoft.com/azure/cosmos-db/high-availability#replica-outages",
+            "service": "CosmosDB",
             "services": [
-                "AKS",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Subscribe to resource health notifications for your AKS cluster",
-            "waf": "Operations"
+            "text": "Run multiple replicas of the database (>1 ) in Prod",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "microsoft.documentdb/databaseAccounts",
             "checklist": "WAF checklist",
-            "guid": "b54eb2eb-03dd-4aa3-9927-18e2edb11726",
-            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-scheduler",
-            "service": "AKS",
+            "description": "Multi-region writes capability allows you to take advantage of the provisioned throughput for your databases and containers across the globe",
+            "guid": "bad38ead-53cc-47de-8d8a-aab3571449ab",
+            "link": "https://learn.microsoft.com/azure/cosmos-db/high-availability#multiple-write-regions",
+            "service": "CosmosDB",
             "services": [
+                "ACR",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Configure requests and limits in your pod specs",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Leverage Multi-Region Writes",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "microsoft.documentdb/databaseAccounts",
             "checklist": "WAF checklist",
-            "guid": "769ef669-1a48-435a-a942-223ece80b123",
-            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-scheduler",
-            "service": "AKS",
+            "description": "Span Cosmos account across two or more regions with multi-region writes",
+            "guid": "8153d89f-89dc-47b3-9be2-b1a27f7b9e91",
+            "link": "https://learn.microsoft.com/azure/cosmos-db/high-availability#slas",
+            "service": "CosmosDB",
             "services": [
+                "ACR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Enforce resource quotas for namespaces",
-            "waf": "Operations"
+            "text": "Distribute your data globally",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "microsoft.documentdb/databaseAccounts",
             "checklist": "WAF checklist",
-            "guid": "081a5417-4158-433e-a3ad-3c2de733165c",
-            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits",
-            "service": "AKS",
+            "description": "Choose from various consistency levels such as Eventual, Consistent Prefix, Session, Bounded Staleness and strong",
+            "guid": "9f8ea848-25ec-4140-bc32-2758e6ee9ac0",
+            "link": "https://learn.microsoft.com/azure/cosmos-db/consistency-levels",
+            "service": "CosmosDB",
             "services": [
-                "Subscriptions",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Ensure your subscription has enough quota to scale out your nodepools",
-            "waf": "Operations"
+            "text": "Choose from several well-defined consistency models",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "microsoft.documentdb/databaseAccounts",
             "checklist": "WAF checklist",
-            "guid": "f4fd0602-7ab5-46f1-b66a-e9dea9654a65",
-            "link": "https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/",
-            "service": "AKS",
+            "description": "Maintain business continuity during regional outages. Azure Cosmos DB supports service-managed failover during a regional outage. During a regional outage, Azure Cosmos DB continues to maintain its latency, availability, consistency, and throughput SLAs. To help make sure that your entire application is highly available, Azure Cosmos DB offers a manual failover API to simulate a regional outage. By using this API, you can carry out regular business continuity drills.",
+            "guid": "a47e4d1e-bb79-43f9-bf87-69e1032b72fe",
+            "link": "https://learn.microsoft.com/azure/cosmos-db/how-to-manage-database-account#automatic-failover",
+            "service": "CosmosDB",
             "services": [
-                "WAF"
+                "WAF",
+                "CosmosDB"
             ],
-            "severity": "High",
-            "text": "Configure Liveness and Readiness probes for all deployments",
-            "waf": "Operations"
+            "severity": "Medium",
+            "text": "Enable Service managed failover",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "microsoft.documentdb/databaseAccounts",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (isnotnull(properties.autoScalerProfile)) | distinct id,compliant",
-            "guid": "90ce65de-8e13-4f9c-abd4-69266abca264",
-            "link": "https://learn.microsoft.com/azure/aks/concepts-scale",
-            "service": "AKS",
+            "description": "Azure Cosmos DB automatically takes backups of your data at regular intervals. The automatic backups are taken without affecting the performance or availability of the database operations. All the backups are stored separately in a storage service.",
+            "guid": "3499c9c1-133d-42f7-a4b1-a5bd06ff1a90",
+            "link": "https://learn.microsoft.com/azure/cosmos-db/online-backup-and-restore",
+            "service": "CosmosDB",
             "services": [
-                "WAF"
+                "Storage",
+                "WAF",
+                "CosmosDB",
+                "Backup"
             ],
             "severity": "Medium",
-            "text": "Use the Cluster Autoscaler",
-            "waf": "Performance"
+            "text": "Enable Automatic Backups",
+            "training": "https://learn.microsoft.com/learn/modules/explore-basic-services-identity-types/",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "microsoft.documentdb/databaseAccounts",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | extend compliant = (isnotnull(properties.austoscalerProfile)) | distinct id,compliant",
-            "guid": "831c2872-c693-4b39-a887-a561bada49bc",
-            "link": "https://learn.microsoft.com/azure/aks/custom-node-configuration",
-            "service": "AKS",
+            "description": "This mode is the default backup mode for all existing accounts. In this mode, backup is taken at a periodic interval and the data is restored by creating a request with the support team. In this mode, you configure a backup interval and retention for your account. The maximum retention period extends to a month. The minimum backup interval can be one hour.",
+            "guid": "a6eb33f6-005c-4d92-9286-7655672d6121",
+            "link": "https://learn.microsoft.com/azure/cosmos-db/periodic-backup-restore-introduction",
+            "service": "CosmosDB",
             "services": [
-                "AKS",
-                "WAF"
+                "WAF",
+                "Backup"
             ],
-            "severity": "Low",
-            "text": "Customize node configuration for AKS node pools",
-            "waf": "Performance"
+            "severity": "Medium",
+            "text": "Perform Periodic Backups",
+            "training": "https://learn.microsoft.com/learn/paths/manage-identity-and-access/",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "microsoft.documentdb/databaseAccounts",
             "checklist": "WAF checklist",
-            "guid": "faa19bfe-9d55-4d04-a3c4-919ca1b2d121",
-            "link": "https://learn.microsoft.com/azure/aks/concepts-scale",
-            "service": "AKS",
+            "description": "Continous 7 day retention and 30 day retention backups. Azure Cosmos DB performs data backup in the background without consuming any extra provisioned throughput (RUs) or affecting the performance and availability of your database. Continuous backups are taken in every region where the account exists.",
+            "guid": "d43918a8-cd28-49be-b6b1-7cb8245461e1",
+            "link": "https://learn.microsoft.com/azure/cosmos-db/continuous-backup-restore-introduction",
+            "service": "CosmosDB",
             "services": [
-                "WAF"
+                "WAF",
+                "CosmosDB",
+                "Backup"
             ],
             "severity": "Medium",
-            "text": "Use the Horizontal Pod Autoscaler when required",
-            "waf": "Performance"
+            "text": "Continous Backup with point-in-time restore in Azure Cosmos DB",
+            "training": "https://learn.microsoft.com/learn/modules/create-custom-azure-roles-with-rbac/",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "description": "Larger nodes will bring higher performance and features such as ephemeral disks and accelerated networking, but they will increase the blast radius and decrease the scaling granularity",
-            "guid": "5ae124ba-34df-4585-bcdc-e9bd3bb0cdb3",
-            "link": "https://blog.cloudtrooper.net/2020/10/23/which-vm-size-should-i-choose-as-aks-node/",
-            "service": "AKS",
+            "guid": "4620dc87-e948-4ce8-8426-f3e6e5d7bd85",
+            "link": "https://learn.microsoft.com/azure/sap/center-sap-solutions/overview",
+            "service": "SAP",
             "services": [
+                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Consider an appropriate node size, not too large or too small",
-            "waf": "Performance"
+            "severity": "Medium",
+            "text": "Azure Center for SAP solutions (ACSS) is an Azure offering that makes SAP a top-level workload on Azure. ACSS is an end-to-end solution that enables you to create and run SAP systems as a unified workload on Azure and provides a more seamless foundation for innovation. You can take advantage of the management capabilities for both new and existing Azure-based SAP systems.",
+            "training": "https://learn.microsoft.com/training/modules/explore-azure-center-sap-solutions/?source=recommendations",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "38800e6a-ae01-40a2-9fbc-ae5a06e5462d",
-            "link": "https://learn.microsoft.com/azure/aks/quotas-skus-regions#service-quotas-and-limits",
-            "service": "AKS",
+            "guid": "5d75e99d-624d-4afe-91d9-e17adc580790",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-platform-automation-and-devops",
+            "service": "SAP",
             "services": [
-                "AKS",
+                "SAP",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "If more than 5000 nodes are required for scalability then consider using an additional AKS cluster",
-            "waf": "Performance"
+            "severity": "Medium",
+            "text": "Azure supports automating SAP deployments in Linux and Windows. SAP Deployment Automation Framework is an open-source orchestration tool that can deploy, install, and maintain SAP environments.",
+            "training": "https://github.com/Azure/sap-automation",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "9583c0f6-6083-43f6-aa6b-df7102c901bb",
-            "link": "https://learn.microsoft.com/azure/event-grid/event-schema-aks",
-            "service": "AKS",
+            "guid": "d17f6f39-a377-48a2-931f-5ead3ebe33a8",
+            "link": "https://learn.microsoft.com/azure/well-architected/sap/design-areas/data-platform",
+            "service": "SAP",
             "services": [
-                "AKS",
+                "SAP",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Consider subscribing to EventGrid Events for AKS automation",
-            "waf": "Performance"
+            "severity": "Medium",
+            "text": "Perform a point-in-time recovery for your production databases at any point and in a time frame that meets your RTO; point-in-time recovery typically includes operator errors deleting data either on the DBMS layer or through SAP, incidentally",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "c5016d8c-c6c9-4165-89ae-673ef0fff19d",
-            "link": "https://learn.microsoft.com/azure/aks/manage-abort-operations",
-            "service": "AKS",
+            "guid": "c4b8e117-930b-4dbd-ae50-7bc5faf6f91a",
+            "service": "SAP",
             "services": [
-                "AKS",
-                "WAF"
+                "WAF",
+                "Backup"
             ],
-            "severity": "Low",
-            "text": "For long running operation on an AKS cluster consider event termination",
-            "waf": "Performance"
+            "severity": "Medium",
+            "text": "Test the backup and recovery times to verify that they meet your RTO requirements for restoring all systems simultaneously after a disaster.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "c4e37133-f186-4ce1-aed9-9f1b32f6e021",
-            "link": "https://learn.microsoft.com/azure/aks/use-azure-dedicated-hosts",
-            "service": "AKS",
+            "guid": "b651423c-8552-42db-a545-5cb50c05527a",
+            "link": "https://learn.microsoft.com/azure/reliability/cross-region-replication-azure",
+            "service": "SAP",
             "services": [
-                "AKS",
-                "WAF"
+                "Storage",
+                "WAF",
+                "ASR",
+                "Backup",
+                "SAP",
+                "SQL"
             ],
-            "severity": "Low",
-            "text": "If required consider using Azure Dedicated Hosts for AKS nodes",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "You can replicate standard storage between paired regions, but you can't use standard storage to store your databases or virtual hard disks. You can replicate backups only between paired regions that you use. For all your other data, run your replication by using native DBMS features like SQL Server Always On or SAP HANA System Replication. Use a combination of Site Recovery, rsync or robocopy, and other third-party software for the SAP application layer.",
+            "training": "https://learn.microsoft.com/training/paths/ensure-business-continuity-implement-disaster-recovery/",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "graph": "where type=='microsoft.containerservice/managedclusters' | project id,resourceGroup,name,pools=properties.agentPoolProfiles | mvexpand pools | extend compliant = (pools.osDiskType=='Ephemeral') | project id,name=strcat(name,'-',pools.name), resourceGroup, compliant",
-            "guid": "24367b33-6971-45b1-952b-eee0b9b588de",
-            "link": "https://learn.microsoft.com/azure/aks/cluster-configuration",
-            "service": "AKS",
+            "guid": "aa208dca-784f-46c6-9014-cc919c542dc9",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-zones",
+            "service": "SAP",
             "services": [
+                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use ephemeral OS disks",
-            "waf": "Performance"
+            "severity": "Medium",
+            "text": "When using Azure Availability Zones to achieve high availability, you must consider latency between SAP application servers and database servers. For zones with high latencies, operational procedures need to be in place to ensure that SAP application servers and database servers are running in the same zone at all times.",
+            "training": "https://learn.microsoft.com/training/modules/implement-high-availability-for-sap-workloads-azure/?source=recommendations",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "f0ce315f-1120-4166-8206-94f2cf3a4d07",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/disks-types",
-            "service": "AKS",
+            "guid": "ba07c007-1f90-43e9-aa4f-601346b80352",
+            "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering",
+            "service": "SAP",
             "services": [
-                "AKS",
-                "WAF"
+                "ASR",
+                "ExpressRoute",
+                "WAF",
+                "VPN"
             ],
             "severity": "High",
-            "text": "For non-ephemeral disks, use high IOPS and larger OS disks for the nodes when running many pods/node since it requires high performance for running multiple pods and will generate huge logs with default AKS log rotation thresholds",
-            "waf": "Performance"
+            "text": "Set up ExpressRoute connections from on-premises to the primary and secondary Azure disaster recovery regions. Also, as an alternative to using ExpressRoute, consider setting up VPN connections from on-premises to the primary and secondary Azure disaster recovery regions.",
+            "training": "https://learn.microsoft.com/azure/expressroute/use-s2s-vpn-as-backup-for-expressroute-privatepeering",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "39c486ce-d5af-4062-89d5-18bb5fd795db",
-            "link": "https://learn.microsoft.com/azure/aks/use-ultra-disks",
-            "service": "AKS",
+            "guid": "d2b30195-b11d-4a8f-a672-28b2b4169a7c",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/disaster-recovery-guidance",
+            "service": "SAP",
             "services": [
-                "Storage",
-                "AKS",
-                "WAF"
+                "ACR",
+                "WAF",
+                "AKV"
             ],
             "severity": "Low",
-            "text": "For hyper performance storage option use Ultra Disks on AKS",
-            "waf": "Performance"
+            "text": "Replicate key vault contents like certificates, secrets, or keys across regions so you can decrypt data in the DR region.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "9f7547c1-747d-4c56-868a-714435bd19dd",
-            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-multi-region",
-            "service": "AKS",
+            "guid": "05f1101d-250f-40e7-b2a1-b674ab50edbd",
+            "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-s4hana",
+            "service": "SAP",
             "services": [
-                "Storage",
-                "SQL",
-                "WAF"
+                "VNet",
+                "SAP",
+                "WAF",
+                "ASR"
             ],
             "severity": "Medium",
-            "text": "Avoid keeping state in the cluster, and store data outside (AzStorage, AzSQL, Cosmos, etc)",
-            "waf": "Performance"
+            "text": "Peer the primary and disaster recovery virtual networks. For example, for HANA System Replication, an SAP HANA DB virtual network needs to be peered to the disaster recovery site's SAP HANA DB virtual network.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "24429eb7-2281-4376-85cc-57b4a4b18142",
-            "link": "https://learn.microsoft.com/azure/aks/operator-best-practices-storage",
-            "service": "AKS",
+            "guid": "d3351bf7-628a-46de-917d-dfc11d3b6b40",
+            "link": "https://learn.microsoft.com/azure/azure-netapp-files/azure-netapp-files-service-levels",
+            "service": "SAP",
             "services": [
                 "Storage",
-                "WAF"
+                "WAF",
+                "SAP"
             ],
-            "severity": "Medium",
-            "text": "If using AzFiles Standard, consider AzFiles Premium and/or ANF for performance reasons",
-            "waf": "Performance"
+            "severity": "Low",
+            "text": "If you use Azure NetApp Files storage for your SAP deployments, at a minimum, create two Azure NetApp Files accounts in the Premium tier, in two regions.",
+            "training": "https://learn.microsoft.com/training/modules/choose-service-level-azure-netapp-files-hpc-applications/2-identify-decision-criteria",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
             "checklist": "WAF checklist",
-            "guid": "83958a8c-2689-4b32-ab57-cfc64546135a",
-            "link": "https://learn.microsoft.com/azure/aks/availability-zones#azure-disk-availability-zone-support",
-            "service": "AKS",
+            "guid": "726a1d3e-5508-4a06-9d54-93f4b50040c1",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/disaster-recovery-sap-guide?tabs=windows",
+            "service": "SAP",
             "services": [
-                "Storage",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "If using Azure Disks and AZs, consider having nodepools within a zone for LRS disk with VolumeBindingMode:WaitForFirstConsumer for provisioning storage in right zone or use ZRS disk for nodepools spanning multiple zones",
-            "waf": "Performance"
+            "severity": "High",
+            "text": "Native database replication technology should be used to synchronize the database in a HA pair.",
+            "training": "https://learn.microsoft.com/training/modules/implement-disaster-recovery-for-sap-workloads-azure/?source=recommendations",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "guid": "6d37a33b-531c-4a91-871a-b69d8044f04e",
-            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
-            "service": "Key Vault",
+            "guid": "6561f847-3db5-4ff8-9200-5ad3c3b436ad",
+            "link": "https://learn.microsoft.com/ja-jp/azure/virtual-network/virtual-networks-faq",
+            "service": "SAP",
             "services": [
-                "AKV",
-                "Backup",
+                "VNet",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Familiarize yourself with the Key Vault's best practices such as isolation recommendations, access control, data protection, backup, and logging.",
+            "text": "The CIDR for the primary virtual network (VNet) shouldn't conflict or overlap with the CIDR of the DR site's VNet",
+            "training": "https://learn.microsoft.com/training/paths/azure-fundamentals-describe-azure-architecture-services/?source=recommendations",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "guid": "7ba4d380-7b9e-4a8b-a0c3-2d8e49c11872",
-            "link": "https://learn.microsoft.com/azure/key-vault/general/disaster-recovery-guidance",
-            "service": "Key Vault",
+            "guid": "0258ed30-fe42-434f-87b9-58f91f908e0a",
+            "service": "SAP",
             "services": [
-                "AKV",
-                "ACR",
-                "WAF"
+                "VM",
+                "ASR",
+                "WAF",
+                "Entra"
             ],
-            "severity": "Medium",
-            "text": "Key Vault is a managed service and Microsoft will handle the failover within and across region. Familiarize yourself with the Key Vault's availability and redundancy.",
+            "severity": "High",
+            "text": "Use Site Recovery to replicate an application server to a DR site. Site Recovery can also help with replicating central-services cluster VMs to the DR site. When you invoke DR, you'll need to reconfigure the Linux Pacemaker cluster on the DR site (for example, replace the VIP or SBD, run corosync.conf, and more).",
+            "training": "https://learn.microsoft.com/training/paths/ensure-business-continuity-implement-disaster-recovery/",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "guid": "17fb86a2-eb45-42a4-9c34-52b92a2a1842",
-            "link": "https://learn.microsoft.com/azure/key-vault/general/disaster-recovery-guidance#data-replication",
-            "service": "Key Vault",
+            "guid": "8300cb30-766b-4084-b126-0dd8fb1269a1",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-business-continuity-and-disaster-recovery",
+            "service": "SAP",
             "services": [
-                "AKV",
+                "SAP",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "The contents of your key vault are replicated within the region and to a secondary region at least 150 miles away, but within the same geography to maintain high durability of your keys and secrets. Familiarize yourself with the Key Vault's data replication.",
+            "severity": "High",
+            "text": "Consider the availability of SAP software against single points of failure. This includes single points of failure within applications such as DBMSs utilized in SAP NetWeaver and SAP S/4HANA architectures, SAP ABAP and ASCS + SCS. Also, other tools such as SAP Web Dispatcher.",
+            "training": "https://learn.microsoft.com/training/modules/implement-high-availability-for-sap-workloads-azure/2-explore-high-availability-disaster-recovery-support-azure-for-sap-workloads?source=recommendations",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "guid": "614682ca-6e0c-4f34-9f03-c6d3f2b99a32",
-            "link": "https://learn.microsoft.com/azure/key-vault/general/disaster-recovery-guidance#failover-across-regions",
-            "service": "Key Vault",
+            "guid": "56402f11-ccbe-42c3-a2f6-c6f6f38ab579",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/planning-supported-configurations",
+            "service": "SAP",
             "services": [
-                "AKV",
-                "AzurePolicy",
+                "SAP",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "During failover, access policy or firewall configurations and settings can't be changed. The key vault will be in read-only mode during failover. Familiarize yourself with the Key Vault's failover guidance.",
+            "severity": "High",
+            "text": "For SAP and SAP databases, consider implementing automatic failover clusters. In Windows, Windows Server Failover Clustering supports failover. In Linux, Linux Pacemaker or third-party tools like SIOS Protection Suite and Veritas InfoScale support failover.",
+            "training": "https://learn.microsoft.com/training/modules/implement-ha-sap-netweaver-anydb/?source=recommendations",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "guid": "9ef2b0d2-3206-4c94-b47a-4f07e6a1c509",
-            "link": "https://learn.microsoft.com/azure/key-vault/general/backup?tabs=azure-cli#design-considerations",
-            "service": "Key Vault",
+            "guid": "afae6bec-2671-49ae-bc69-140b8ec8d320",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/disaster-recovery-sap-guide?tabs=windows",
+            "service": "SAP",
             "services": [
-                "AKV",
+                "VM",
                 "Storage",
-                "Backup",
-                "Subscriptions",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "When you back up a key vault object, such as a secret, key, or certificate, the backup operation will download the object as an encrypted blob. This blob can't be decrypted outside of Azure. To get usable data from this blob, you must restore the blob into a key vault within the same Azure subscription and Azure geography. Familiarize yourself with the Key Vault's backup and restore guidance.",
+            "severity": "High",
+            "text": "Azure doesn't support architectures in which the primary and secondary VMs share storage for DBMS data. For the DBMS layer, the common architecture pattern is to replicate databases at the same time and with different storage stacks than the ones that the primary and secondary VMs use.",
+            "training": "https://learn.microsoft.com/training/paths/ensure-business-continuity-implement-disaster-recovery/?source=recommendationshttps%3A%2F%2Flearn.microsoft.com%2Fja-jp%2Ftraining%2Fpaths%2Fensure-business-continuity-implement-disaster-recovery%2F%3Fsource%3Drecommendations",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "guid": "2df045b1-c0f6-47d3-9a9b-99cf6999684e",
-            "link": "https://learn.microsoft.com/azure/key-vault/general/soft-delete-overview",
-            "service": "Key Vault",
+            "guid": "ac614e95-6767-4bc3-b8a4-9953533da6ba",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/dbms-guide-general",
+            "service": "SAP",
             "services": [
-                "AKV",
-                "WAF"
+                "Storage",
+                "WAF",
+                "SAP"
             ],
             "severity": "High",
-            "text": "If you want protection against accidental or malicious deletion of your secrets, configure soft-delete and purge protection features on your key vault.",
+            "text": "The DBMS data and transaction/redo log files are stored in Azure supported block storage or Azure NetApp Files. Azure Files or Azure Premium Files isn't supported as storage for DBMS data and/or redo log files with SAP workload.",
+            "training": "https://learn.microsoft.com/training/modules/explore-azure-databases/2-explore-database-support-azure-for-sap-workloads",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "guid": "cbfa96b0-5249-4e6f-947c-d0e79509708c",
-            "link": "https://learn.microsoft.com/azure/key-vault/general/soft-delete-overview",
-            "service": "Key Vault",
+            "guid": "1f737179-8e7f-4e1a-a30c-e5a649a3092b",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/sap-high-availability-guide-wsfc-shared-disk",
+            "service": "SAP",
             "services": [
-                "AKV",
+                "SAP",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Key Vault's soft-deleted resources are retained for a set period of 90 calendar days. Familiarize yourself with the Key Vault's soft-delete guidance.",
+            "severity": "High",
+            "text": "You can use Azure shared disks in Windows for ASCS + SCS components and specific high-availability scenarios. Set up your failover clusters separately for SAP application layer components and the DBMS layer. Azure doesn't currently support high-availability architectures that combine SAP application layer components and the DBMS layer into one failover cluster.",
+            "training": "https://learn.microsoft.com/training/modules/implement-ha-sap-netweaver-anydb/?source=recommendations",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "guid": "e8659d11-7e02-4db0-848c-c6541dbab68c",
-            "link": "https://learn.microsoft.com/azure/key-vault/general/backup?tabs=azure-cli#limitations",
-            "service": "Key Vault",
+            "guid": "a78b3d31-3170-44f2-b5d7-651a29f4ccf5",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-standard-load-balancer-outbound-connections",
+            "service": "SAP",
             "services": [
-                "AKV",
-                "Backup",
-                "WAF"
+                "SAP",
+                "WAF",
+                "LoadBalancer"
             ],
-            "severity": "Low",
-            "text": "Understand Key Vault's backup limitations. Key Vault does not support the ability to backup more than 500 past versions of a key, secret, or certificate object. Attempting to backup a key, secret, or certificate object may result in an error. It is not possible to delete previous versions of a key, secret, or certificate.",
+            "severity": "High",
+            "text": "Most failover clusters for SAP application layer components (ASCS) and the DBMS layer require a virtual IP address for a failover cluster.  Azure Load Balancer should handle the virtual IP address for all other cases. One design principle is to use one load balancer per cluster configuration. We recommend that you use the standard version of the load balancer (Standard Load Balancer SKU).",
+            "training": "https://learn.microsoft.com/training/modules/implement-high-availability-for-sap-workloads-azure/?source=recommendations",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "guid": "45c25e29-d0ef-4f07-aa04-0f8c64cbcc04",
-            "link": "https://learn.microsoft.com/azure/key-vault/general/backup?tabs=azure-cli#limitations",
-            "service": "Key Vault",
+            "guid": "1a541741-5833-4fb4-ae3c-2df743165c3a",
+            "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-ha-ports-overview?source=recommendations",
+            "service": "SAP",
             "services": [
-                "AKV",
-                "Backup",
-                "WAF"
+                "WAF",
+                "LoadBalancer"
             ],
-            "severity": "Low",
-            "text": "Key Vault doesn't currently provide a way to back up an entire key vault in a single operation and keys, secrets and certitificates must be backup indvidually. Familiarize yourself with the Key Vault's backup and restore guidance.",
+            "severity": "High",
+            "text": "Make sure the Floating IP is enabled on the Load balancer",
+            "training": "https://learn.microsoft.com/training/modules/load-balancing-non-https-traffic-azure/?source=recommendations",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "guid": "0f15640b-31e5-4de6-85a7-d2c652fa09d3",
-            "link": "https://learn.microsoft.com/azure/key-vault/general/soft-delete-overview#purge-protection",
-            "service": "Key Vault",
+            "guid": "c47cc4f3-f105-452c-845e-9b307b3856c1",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/availability",
+            "service": "SAP",
             "services": [
-                "AKV",
-                "EventHubs",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Purge protection is recommended when using keys for encryption to prevent data loss. Purge protection is an optional Key Vault behavior and is not enabled by default. Purge protection can only be enabled once soft-delete is enabled. It can be turned on via CLI, PowerShell or Portal.",
+            "severity": "High",
+            "text": "Before you deploy your high-availability infrastructure, and depending on the region you choose, determine whether to deploy with an Azure availability set or an availability zone.",
+            "training": "https://learn.microsoft.com/training/modules/configure-virtual-machine-availability/?source=recommendations",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Apply guidance from the Microsoft cloud security benchmark related to Storage",
-            "guid": "d237de14-3b16-4c21-b7aa-9b64604489a8",
-            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/storage-security-baseline",
-            "service": "Azure Storage",
+            "guid": "844f69c3-07e5-4ec1-bff7-4be27bcf5fea",
+            "link": "https://www.microsoft.com/licensing/docs/view/Service-Level-Agreements-SLA-for-Online-Services?lang=1",
+            "service": "SAP",
             "services": [
-                "Storage",
-                "WAF"
+                "VM",
+                "SAP",
+                "WAF",
+                "Entra"
             ],
-            "severity": "Medium",
-            "text": "Consider the 'Azure security baseline for storage'",
-            "waf": "Security"
+            "severity": "High",
+            "text": "If you want to meet the infrastructure SLAs for your applications for SAP components (central services, application servers, and databases), you must choose the same high availability options (VMs, availability sets, availability zones) for all components.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Azure Storage by default has a public IP address and is Internet-reachable. Private endpoints allow to securely expose Azure Storage only to those Azure Compute resources that need access, thus eliminating exposure to the public Internet",
-            "guid": "f42d78e7-9d17-4a73-a22a-5a67e7a8ed4b",
-            "link": "https://learn.microsoft.com/azure/storage/common/storage-private-endpoints",
-            "service": "Azure Storage",
+            "guid": "cbe05bbe-209d-4490-ba47-778424d11678",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/availability-set-overview",
+            "service": "SAP",
             "services": [
-                "PrivateLink",
-                "Storage",
-                "WAF"
+                "VM",
+                "RBAC",
+                "WAF",
+                "Entra"
             ],
             "severity": "High",
-            "text": "Consider using private endpoints for Azure Storage",
-            "waf": "Security"
+            "text": "Do not mix servers of different roles in the same availability set. Keep central services VMs, database VMs, application VMs in their own availability sets",
+            "training": "https://learn.microsoft.com/training/modules/configure-virtual-machine-availability/?source=recommendations",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Newly created storage accounts are created using the ARM deployment model, so that RBAC, auditing etc. are all enabled. Ensure that there are no old storage accounts with classic deployment model in a subscription",
-            "guid": "30e37c3e-2971-41b2-963c-eee079b598de",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts",
-            "service": "Azure Storage",
+            "guid": "f2201000-d045-40a6-a79a-d7cdc01b4d86",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/co-location",
+            "service": "SAP",
             "services": [
-                "RBAC",
-                "Storage",
-                "Subscriptions",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Ensure older storage accounts are not using 'classic deployment model'",
-            "waf": "Security"
+            "text": "You can't deploy Azure availability sets within an Azure availability zone unless you use proximity placement groups.",
+            "training": "https://learn.microsoft.com/azure/sap/workloads/proximity-placement-scenarios",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Leverage Microsoft Defender to learn about suspicious activity and misconfigurations.",
-            "guid": "fc5972cd-4cd2-41b0-a803-7f5e6b4bfd3d",
-            "link": "https://learn.microsoft.com/azure/storage/common/azure-defender-storage-configure",
-            "service": "Azure Storage",
+            "guid": "9674e7c7-7796-4181-8920-09f4429543ba",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/availability-set-overview",
+            "service": "SAP",
             "services": [
-                "Storage",
-                "Defender",
+                "VM",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Enable Microsoft Defender for all of your storage accounts",
-            "waf": "Security"
+            "text": "When you create availability sets, use the maximum number of fault domains and update domains available. For example, if you deploy more than two VMs in one availability set, use the maximum number of fault domains (three) and enough update domains to limit the effect of potential physical hardware failures, network outages, or power interruptions, in addition to Azure planned maintenance. The default number of fault domains is two, and you can't change it online later.",
+            "training": "https://learn.microsoft.com/training/modules/configure-virtual-machine-availability/?source=recommendations",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "The soft-delete mechanism allows to recover accidentally deleted blobs.",
-            "guid": "503547c1-447e-4c66-828a-7100f1ce16dd",
-            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-overview",
-            "service": "Azure Storage",
+            "guid": "ae4ecb95-b70f-428f-8b9a-4c5b7e3478a2",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/proximity-placement-scenarios",
+            "service": "SAP",
             "services": [
-                "Storage",
+                "Entra",
+                "SAP",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Enable 'soft delete' for blobs",
-            "waf": "Security"
+            "severity": "High",
+            "text": "When you use Azure proximity placement groups in an availability set deployment, all three SAP components (central services, application server, and database) should be in the same proximity placement group.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Consider selectively disabling 'soft delete' for certain blob containers, for example if the application must ensure that deleted information is immediately deleted, e.g. for confidentiality, privacy or compliance reasons. ",
-            "guid": "3f1d5e87-2e52-4e36-81cc-58b4a4b1510e",
-            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable",
-            "service": "Azure Storage",
+            "guid": "5d2fa56c-56ad-4484-88fe-72734c486ba2",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/proximity-placement-scenarios",
+            "service": "SAP",
             "services": [
-                "Storage",
+                "ACR",
+                "SAP",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Disable 'soft delete' for blobs",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Use one proximity placement group per SAP SID. Groups don't span across Availability Zones or Azure regions",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Soft delete for containers enables you to recover a container after it has been deleted, for example recover from an accidental delete operation.",
-            "guid": "43a58a9c-2289-4c3d-9b57-d0c655462f2a",
-            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-overview",
-            "service": "Azure Storage",
+            "guid": "bca3b10e-0ff5-4aec-ac16-4c4bd1a1c13f",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-business-continuity-and-disaster-recovery",
+            "service": "SAP",
             "services": [
+                "Entra",
+                "SAP",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Enable 'soft delete' for containers",
-            "waf": "Security"
+            "text": "Use one of the following services to run SAP central services clusters, depending on the operating system.",
+            "training": "https://learn.microsoft.com/training/modules/implement-ha-sap-netweaver-anydb/?source=recommendations",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Consider selectively disabling 'soft delete' for certain blob containers, for example if the application must ensure that deleted information is immediately deleted, e.g. for confidentiality, privacy or compliance reasons. ",
-            "guid": "3e3453a3-c863-4964-ab65-2d6c15f51296",
-            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable",
-            "service": "Azure Storage",
+            "guid": "ed46b937-913e-4018-9c62-8393ab037e53",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-suse-multi-sid",
+            "service": "SAP",
             "services": [
-                "Storage",
-                "WAF"
+                "VM",
+                "WAF",
+                "Entra"
             ],
             "severity": "Medium",
-            "text": "Disable 'soft delete' for containers",
-            "waf": "Security"
+            "text": "Azure doesn't currently support combining ASCS and DB HA in the same Linux Pacemaker cluster; separate them into individual clusters. However, you can combine up to five multiple central-services clusters into a pair of VMs.",
+            "training": "https://learn.microsoft.com/training/modules/implement-ha-sap-netweaver-anydb/?source=recommendations",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Prevents accidental deletion of a storage account, by forcing the user to first remove the deletion lock, prior to deletion",
-            "guid": "5398e6de-d227-4dd1-92b0-6c21d7999a64",
-            "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource",
-            "service": "Azure Storage",
+            "guid": "f656e745-0cfb-453e-8008-0528fa21c933",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-business-continuity-and-disaster-recovery",
+            "service": "SAP",
             "services": [
+                "VM",
                 "Storage",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Enable resource locks on storage accounts",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Deploy both VMs in the high-availability pair in an availability set or in availability zones. These VMs should be the same size and have the same storage configuration.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Consider 'legal hold' or 'time-based retention' policies for blobs, so that is is impossible to delete the blob, the container, or the storage account. Please note that 'impossible' actually means 'impossible'; once a storage account contains an immutable blob, the only way to 'get rid' of that storage account is by cancelling the Azure subscription.",
-            "guid": "6f4389a8-f42c-478e-98c0-6a73a22a4956",
-            "link": "https://learn.microsoft.com/azure/storage/blobs/immutable-storage-overview",
-            "service": "Azure Storage",
+            "guid": "7f684ebc-95da-425e-b329-e782dbed050f",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-rhel-with-hana-ascs-ers-dialog-instance",
+            "service": "SAP",
             "services": [
-                "Storage",
-                "Subscriptions",
-                "AzurePolicy",
+                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Consider immutable blobs",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Azure supports installing and configuring SAP HANA and ASCS/SCS and ERS instances on the same high availability cluster running on Red Hat Enterprise Linux (RHEL).",
+            "training": "https://learn.microsoft.com/training/modules/implement-ha-sap-netweaver-anydb/?source=recommendations",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Consider disabling unprotected HTTP/80 access to the storage account, so that all data transfers are encrypted, integrity protected, and the server is authenticated. ",
-            "guid": "e7a8dc4a-20e2-47c3-b297-11b1352beee0",
-            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer",
-            "service": "Azure Storage",
+            "guid": "07991f7d-6598-4d90-9431-45c62605d3a5",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/planning-guide-storage",
+            "service": "SAP",
             "services": [
                 "Storage",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Require HTTPS, i.e. disable port 80 on the storage account",
-            "waf": "Security"
+            "text": "Run all production systems on Premium managed SSDs and use Azure NetApp Files or Ultra Disk Storage. At least the OS disk should be on the Premium tier so you can achieve better performance and the best SLA.",
+            "training": "https://learn.microsoft.com/training/modules/explore-azure-storage/?source=recommendations",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "When configuring a custom domain (hostname) on a storage account, check whether you need TLS/HTTPS; if so, you might have to put Azure CDN in front of your storage account.",
-            "guid": "79b588de-fc49-472c-b3cd-21bf77036e5e",
-            "link": "https://learn.microsoft.com/azure/storage/blobs/storage-custom-domain-name",
-            "service": "Azure Storage",
+            "guid": "73cdaecc-7d74-48d8-a040-88416eebc98c",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/hana-vm-operations-storage",
+            "service": "SAP",
             "services": [
                 "Storage",
-                "WAF"
+                "WAF",
+                "SAP"
             ],
             "severity": "High",
-            "text": "When enforcing HTTPS (disabling HTTP), check that you do not use custom domains (CNAME) for the storage account.",
-            "waf": "Security"
+            "text": "You should run SAP HANA on Azure only on the types of storage that are certified by SAP. Note that certain volumes must be run on certain disk configurations, where applicable. These configurations include enabling Write Accelerator and using Premium storage. You also need to ensure that the file system that runs on storage is compatible with the DBMS that runs on the machine.",
+            "training": "https://learn.microsoft.com/azure/sap/workloads/hana-vm-premium-ssd-v1?source=recommendations",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Requiring HTTPS when a client uses a SAS token to access blob data helps to minimize the risk of credential loss.",
-            "guid": "6b4bed3d-5035-447c-8347-dc56028a71ff",
-            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview",
-            "service": "Azure Storage",
+            "guid": "51904867-a70e-4fa0-b4ff-3e6292846d7c",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/disaster-recovery-overview-guide#storage",
+            "service": "SAP",
             "services": [
                 "Storage",
-                "WAF"
+                "WAF",
+                "SAP",
+                "ASR"
             ],
-            "severity": "Medium",
-            "text": "Limit shared access signature (SAS) tokens to HTTPS connections only",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Consider configuring high availability depending on the type of storage you use for your SAP workloads. Some storage services available in Azure are not supported by Azure Site Recovery, so your high availability configuration may differ.",
+            "training": "https://learn.microsoft.com/training/modules/implement-disaster-recovery-for-sap-workloads-azure/2-explore-disaster-recovery-sap-workloads",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "AAD tokens should be favored over shared access signatures, wherever possible",
-            "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
-            "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access",
-            "service": "Azure Storage",
+            "guid": "1ac2d928-c9b7-42c6-ba18-23b1aea78693",
+            "link": "https://azure.microsoft.com/ja-jp/explore/global-infrastructure/products-by-region/",
+            "service": "SAP",
             "services": [
-                "Entra",
                 "Storage",
-                "WAF"
+                "WAF",
+                "SAP"
             ],
             "severity": "High",
-            "text": "Use Azure Active Directory (Azure AD) tokens for blob access",
-            "waf": "Security"
+            "text": "Different native Azure storage services (like Azure Files, Azure NetApp Files, Azure Shared Disk) may not be available in all regions. So to have similar SAP setup on the DR region after failover, ensure the respective storage service is offered in DR site.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "When assigning a role to a user, group, or application, grant that security principal only those permissions that are necessary for them to perform their tasks. Limiting access to resources helps prevent both unintentional and malicious misuse of your data.",
-            "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
-            "service": "Azure Storage",
+            "guid": "925d1f8c-01f3-4a67-948e-aabf0a1fad60",
+            "link": "https://techcommunity.microsoft.com/t5/running-sap-applications-on-the/optimize-your-azure-costs-by-automating-sap-system-start-stop/ba-p/2120675",
+            "service": "SAP",
             "services": [
-                "RBAC",
-                "WAF"
+                "SAP",
+                "WAF",
+                "Cost"
             ],
             "severity": "Medium",
-            "text": "Least privilege in IaM permissions",
-            "waf": "Security"
+            "text": "Automate SAP System Start-Stop to manage costs.",
+            "waf": "Cost"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "A user delegation SAS is secured with Azure Active Directory (Azure AD) credentials and also by the permissions specified for the SAS. A user delegation SAS is analogous to a service SAS in terms of its scope and function, but offers security benefits over the service SAS. ",
-            "guid": "55461e1a-3e34-453a-9c86-39648b652d6c",
-            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#best-practices-when-using-sas",
-            "service": "Azure Storage",
+            "guid": "71dc00cd-4392-4262-8949-20c05e6c0333",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/hana-vm-premium-ssd-v1",
+            "service": "SAP",
             "services": [
-                "Entra",
                 "Storage",
-                "WAF"
+                "Cost",
+                "WAF",
+                "VM",
+                "SAP"
             ],
-            "severity": "High",
-            "text": "When using SAS, prefer 'user delegation SAS' over storage-account-key based SAS.",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "In the case of using Azure Premium Storage with SAP HANA, Azure Standard SSD storage can be used to select a cost-conscious storage solution. However, please note that choosing Standard SSD or Standard HDD Azure storage will affect the SLA of the individual VMs. Also, for systems with lower I/O throughput and low latency, such as non-production environments, lower series VMs can be used.",
+            "waf": "Cost"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Storage account keys ('shared keys') have very little audit capabilities. While it can be monitored on who/when fetched a copy of the keys, once the keys are in the hands of multiple people, it is impossible to attribute usage to a specific user. Solely relying on AAD authentication makes it easier to tie storage access to a user. ",
-            "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
-            "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
-            "service": "Azure Storage",
+            "guid": "9877f353-2591-4e8b-8381-e9043fed1010",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/hana-vm-premium-ssd-v1",
+            "service": "SAP",
             "services": [
-                "Entra",
-                "AKV",
                 "Storage",
-                "Monitor",
-                "WAF"
+                "Cost",
+                "WAF",
+                "VM",
+                "SAP"
             ],
-            "severity": "High",
-            "text": "Consider disabling storage account keys, so that only AAD access (and user delegation SAS) is supported.",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "As a lower-cost alternative configuration (multipurpose), you can choose a low-performance SKU for your non-production HANA database server VMs. However, it is important to note that some VM types, such as E-series, are not HANA certified (SAP HANA Hardware Directory) or cannot achieve storage latency of less than 1ms.",
+            "waf": "Cost"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Use Activity Log data to identify 'when', 'who', 'what' and 'how' the security of your storage account is being viewed or changed (i.e. storage account keys, access policies, etc.).",
-            "guid": "d7999a64-6f43-489a-af42-c78e78c06a73",
-            "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
-            "service": "Azure Storage",
+            "guid": "fda1dbf3-dc95-4d48-a7c7-91dca0f6c565",
+            "link": "https://learn.microsoft.com/azure/well-architected/sap/design-areas/security",
+            "service": "SAP",
             "services": [
-                "AKV",
-                "Storage",
-                "AzurePolicy",
-                "Monitor",
-                "WAF"
+                "RBAC",
+                "WAF",
+                "Subscriptions"
             ],
             "severity": "High",
-            "text": "Consider using Azure Monitor to audit control plane operations on the storage account",
+            "text": "Enforce a RBAC model for management groups, subscriptions, resource groups and resources",
+            "training": "https://learn.microsoft.com/training/paths/implement-resource-mgmt-security/",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "A key expiration policy enables you to set a reminder for the rotation of the account access keys. The reminder is displayed if the specified interval has elapsed and the keys have not yet been rotated.",
-            "guid": "a22a4956-e7a8-4dc4-a20e-27c3e29711b1",
-            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#create-a-key-expiration-policy",
-            "service": "Azure Storage",
+            "guid": "45911475-e39e-4530-accc-d979366bcda2",
+            "link": "https://learn.microsoft.com/azure/active-directory/fundamentals/scenario-azure-first-sap-identity-integration",
+            "service": "SAP",
             "services": [
-                "AKV",
-                "Storage",
-                "AzurePolicy",
+                "Entra",
+                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "When using storage account keys, consider enabling a 'key expiration policy'",
+            "text": "Enforce Principal propagation for forwarding the identity from SAP cloud application to SAP on-premises (Including IaaS) through cloud connector",
+            "training": "https://learn.microsoft.com/training/modules/explore-identity-services/2-explore-azure-virtual-machine-auth-access-control",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "A SAS expiration policy specifies a recommended interval over which the SAS is valid. SAS expiration policies apply to a service SAS or an account SAS. When a user generates service SAS or an account SAS with a validity interval that is larger than the recommended interval, they'll see a warning.",
-            "guid": "352beee0-79b5-488d-bfc4-972cd3cd21bf",
-            "link": "https://learn.microsoft.com/azure/storage/common/sas-expiration-policy",
-            "service": "Azure Storage",
+            "guid": "750ab1ab-039d-495d-94c7-c8929cb107d5",
+            "link": "https://learn.microsoft.com/azure/active-directory/fundamentals/scenario-azure-first-sap-identity-integration",
+            "service": "SAP",
             "services": [
-                "AzurePolicy",
+                "Entra",
+                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Consider configuring an SAS expiration policy",
+            "text": "Implement SSO to SAP SaaS applications like SAP Analytics Cloud, SAP Cloud Platform, Business by design, SAP Qualtrics and SAP C4C with Azure AD using SAML.",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Stored access policies give you the option to revoke permissions for a service SAS without having to regenerate the storage account keys. ",
-            "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
-            "link": "https://learn.microsoft.com/rest/api/storageservices/define-stored-access-policy",
-            "service": "Azure Storage",
+            "guid": "325ae525-ba34-4d46-a5e2-213ace7bb122",
+            "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-netweaver-tutorial",
+            "service": "SAP",
             "services": [
-                "AKV",
-                "Storage",
-                "AzurePolicy",
+                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Consider linking SAS to a stored access policy",
+            "text": "Implement SSO to SAP NetWeaver-based web applications like SAP Fiori and SAP Web GUI by using SAML.",
+            "training": "https://learn.microsoft.com/training/modules/explore-identity-services/8-exercise-integrate-azure-active-directory-sap-netweaver",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
-            "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/",
-            "service": "Azure Storage",
+            "guid": "9eb54dad-7861-4e1c-973a-f3bb003fc9c1",
+            "service": "SAP",
             "services": [
-                "AKV",
-                "Storage",
+                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Consider configuring your application's source code repository to detect checked-in connection strings and storage account keys.",
+            "text": "Implement SSO to SAP NetWeaver-based web applications like SAP Fiori and SAP Web GUI by using SAML.",
+            "training": "https://learn.microsoft.com/training/modules/explore-identity-services/6-exercise-integrate-azure-active-directory-sap-fiori",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Ideally, your application should be using a managed identity to authenticate to Azure Storage. If that is not possible, consider having the storage credential (connection string, storage account key, SAS, service principal credential) in Azure KeyVault or an equivalent service.",
-            "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
-            "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-storage-keys",
-            "service": "Azure Storage",
+            "guid": "f29676ef-0c9c-4c4d-ab21-a55504c0c829",
+            "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-netweaver-tutorial",
+            "service": "SAP",
             "services": [
-                "Entra",
-                "Storage",
+                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Consider storing connection strings in Azure KeyVault (in scenarios where managed identities are not possible)",
+            "severity": "Medium",
+            "text": "You can implement SSO to SAP GUI by using SAP NetWeaver SSO or a partner solution.",
+            "training": "https://learn.microsoft.com/training/modules/explore-identity-services/8-exercise-integrate-azure-active-directory-sap-netweaver",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Use near-term expiration times on an ad hoc SAS service SAS or account SAS. In this way, even if a SAS is compromised, it's valid only for a short time. This practice is especially important if you cannot reference a stored access policy. Near-term expiration times also limit the amount of data that can be written to a blob by limiting the time available to upload to it.",
-            "guid": "27138b82-1102-4cac-9eae-01e6e842e52f",
-            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
-            "service": "Azure Storage",
+            "guid": "23181aa4-1742-4694-9ff8-ae7d7d474317",
+            "service": "SAP",
             "services": [
-                "Storage",
-                "AzurePolicy",
-                "WAF"
+                "SAP",
+                "WAF",
+                "AKV"
             ],
-            "severity": "High",
-            "text": "Strive for short validity periods for ad-hoc SAS",
+            "severity": "Medium",
+            "text": "For SSO for SAP GUI and web browser access, implement SNC / Kerberos/SPNEGO (simple and protected GSSAPI negotiation mechanism) due to its ease of configuration and maintenance. For SSO with X.509 client certificates, consider the SAP Secure Login Server, which is a component of the SAP SSO solution.",
+            "training": "https://learn.microsoft.com/training/modules/explore-identity-services/9-exercise-integrate-active-directory-sap-single-sign-on",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "When creating a SAS, be as specific and restrictive as possible. Prefer a SAS for a single resource and operation over a SAS which gives much broader access.",
-            "guid": "4721d928-c1b1-4cd5-81e5-4a29a9de399c",
-            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
-            "service": "Azure Storage",
+            "guid": "6c8bcbf4-5bbe-4609-b8a0-3e97778424d6",
+            "link": "https://blogs.sap.com/2017/07/12/sap-single-sign-on-protect-your-sap-landscape-with-x.509-certificates/",
+            "service": "SAP",
             "services": [
-                "WAF"
+                "SAP",
+                "WAF",
+                "AKV"
             ],
             "severity": "Medium",
-            "text": "Apply a narrow scope to a SAS",
+            "text": "For SSO for SAP GUI and web browser access, implement SNC / Kerberos/SPNEGO (simple and protected GSSAPI negotiation mechanism) due to its ease of configuration and maintenance. For SSO with X.509 client certificates, consider the SAP Secure Login Server, which is a component of the SAP SSO solution.",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "A SAS can include parameters on which client IP addresses or address ranges are authorized to request a resource using the SAS. ",
-            "guid": "fd7b28dc-9355-4562-82bf-e4564b0d834a",
-            "link": "https://learn.microsoft.com/rest/api/storageservices/create-account-sas",
-            "service": "Azure Storage",
+            "guid": "16785d6f-a96c-496a-b885-18f482734c88",
+            "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-netweaver-tutorial#configure-sap-netweaver-for-oauth",
+            "service": "SAP",
             "services": [
+                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Consider scoping SAS to a specific client IP address, wherever possible",
+            "text": "Implement SSO by using OAuth for SAP NetWeaver to allow third-party or custom applications to access SAP NetWeaver OData services.",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "A SAS cannot constrain how much data a client uploads; given the pricing model of amount of storage over time, it might make sense to validate whether clients uploaded maliciously large contents.",
-            "guid": "348b263e-6dd6-4051-8a36-498f6dbad38e",
-            "service": "Azure Storage",
+            "guid": "a747c350-8d4c-449c-93af-393dbca77c48",
+            "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/saphana-tutorial",
+            "service": "SAP",
             "services": [
-                "Storage",
+                "SAP",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Consider checking uploaded data, after clients used a SAS to upload a file. ",
+            "severity": "Medium",
+            "text": "Implement SSO to SAP HANA",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "When accessing blob storage via SFTP using a 'local user account', the 'usual' RBAC controls do not apply. Blob access via NFS or REST might be more restrictive than SFTP access. Unfortunately, as of early 2023, local users are the only form of identity management that is currently supported for the SFTP endpoint",
-            "guid": "ad53cc7c-e1d7-4aaa-a357-1449ab8053d8",
-            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model",
-            "service": "Azure Storage",
+            "guid": "c7bae5bf-daf9-4761-9c56-f92891890aa4",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/rise-integration#connectivity-with-sap-rise",
+            "service": "SAP",
             "services": [
                 "Entra",
-                "RBAC",
-                "Storage",
+                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "SFTP: Limit the amount of 'local users' for SFTP access, and audit whether access is needed over time.",
+            "severity": "Medium",
+            "text": "Consider Azure AD an identity provider for SAP systems hosted on RISE. For more information, see Integrating the Service with Azure AD.",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "9f89dc7b-33be-42a1-a27f-7b9e91be1f38",
-            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-known-issues#authentication-and-authorization",
-            "service": "Azure Storage",
+            "guid": "e4e48226-ce54-44b6-bb6b-bfa15bd8f753",
+            "link": "https://github.com/azuredevcollege/SAP/blob/master/sap-oauth-saml-flow/README.md",
+            "service": "SAP",
             "services": [
+                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "SFTP: The SFTP endpoint does not support POSIX-like ACLs.",
+            "text": "For applications that access SAP, you might want to use principal propagation to establish SSO.",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Storage supports CORS (Cross-Origin Resource Sharing), i.e. an HTTP feature that enables web apps from a different domain to loosen the same-origin policy. When enabling CORS, keep the CorsRules to the least privilege.",
-            "guid": "cef39812-bd46-43cb-aac8-ac199ebb91a3",
-            "link": "https://learn.microsoft.com/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services",
-            "service": "Azure Storage",
+            "guid": "59921095-4980-4fc1-a5b6-524a5a560c79",
+            "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-hana-cloud-platform-identity-authentication-tutorial",
+            "service": "SAP",
             "services": [
-                "Storage",
-                "AzurePolicy",
+                "Entra",
+                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Avoid overly broad CORS policies",
+            "severity": "Medium",
+            "text": "If you're using SAP BTP services or SaaS solutions that require SAP Identity Authentication Service (IAS), consider implementing SSO between SAP Cloud Identity Authentication Services and Azure AD to access those SAP services. This integration lets SAP IAS act as a proxy identity provider and forwards authentication requests to Azure AD as the central user store and identity provider.",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Data at rest is always encrypted server-side, and in addition might be encrypted client-side as well. Server-side encryption might happen using a platform-managed key (default) or customer-managed key. Client-side encryption might happen by either having the client supply an encryption/decryption key on a per-blob basis to Azure storage, or by completely handling encryption on the client-side. thus not relying on Azure Storage at all for confidentiality guarantees.",
-            "guid": "3d90cae2-cc88-4137-86f7-c0cbafe61464",
-            "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
-            "service": "Azure Storage",
+            "guid": "a709c664-317e-41e4-9e34-67d9016a86f4",
+            "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-hana-cloud-platform-tutorial",
+            "service": "SAP",
             "services": [
-                "Storage",
+                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Determine how data at rest should be encrypted. Understand the thread model for data.",
+            "severity": "Medium",
+            "text": "Implement SSO to SAP BTP",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "8dd457e9-2713-48b8-8110-2cac6eae01e6",
-            "link": "https://learn.microsoft.com/azure/storage/common/customer-managed-keys-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&bc=%2Fazure%2Fstorage%2Fblobs%2Fbreadcrumb%2Ftoc.json",
-            "service": "Azure Storage",
+            "guid": "01f11b7f-38df-4251-9c76-4dec19abd3e8",
+            "link": "https://learn.microsoft.com/azure/active-directory/saas-apps/sap-successfactors-inbound-provisioning-cloud-only-tutorial",
+            "service": "SAP",
             "services": [
+                "Entra",
+                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Determine which/if platform encryption should be used.",
+            "text": "If you're using SAP SuccessFactors, consider using the Azure AD automated user provisioning. With this integration, as you add new employees to SAP SuccessFactors, you can automatically create their user accounts in Azure AD. Optionally, you can create user accounts in Microsoft 365 or other SaaS applications that are supported by Azure AD. Use write-back of the email address to SAP SuccessFactors.",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "e842e52f-4721-4d92-ac1b-1cd521e54a29",
-            "link": "https://learn.microsoft.com/azure/storage/blobs/encryption-customer-provided-keys",
-            "service": "Azure Storage",
+            "guid": "6ba28021-4591-4147-9e39-e5309cccd979",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups",
+            "service": "SAP",
             "services": [
-                "WAF"
+                "SAP",
+                "WAF",
+                "Subscriptions",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "Determine which/if client-side encryption should be used.",
-            "waf": "Security"
+            "text": "enforce existing Management Group policies to SAP Subscriptions",
+            "training": "https://learn.microsoft.com/training/modules/enterprise-scale-organization/4-management-group-subscription-organization",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Leverage Resource Graph Explorer (resources | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true) to find storage accounts which allow anonymous blob access.",
-            "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
-            "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account",
-            "service": "Azure Storage",
+            "guid": "366bcda2-750a-4b1a-a039-d95d54c7c892",
+            "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-whole-landscape",
+            "service": "SAP",
             "services": [
-                "Storage",
-                "WAF"
+                "SAP",
+                "WAF",
+                "Subscriptions"
             ],
             "severity": "High",
-            "text": "Consider whether public blob access is needed, or whether it can be disabled for certain storage accounts. ",
-            "waf": "Security"
+            "text": "Integrate tightly coupled applications into the same SAP subscription to avoid additional routing and management complexity",
+            "training": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-subscriptions",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "cb8eb8c0-aa62-4a25-a495-6eaa8dc4a243",
-            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-upgrade?tabs=azure-portal",
-            "service": "Azure Storage",
+            "guid": "9cb107d5-325a-4e52-9ba3-4d4685e2213a",
+            "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-whole-landscape",
+            "service": "SAP",
             "services": [
-                "Storage",
-                "WAF"
+                "WAF",
+                "Subscriptions"
             ],
             "severity": "High",
-            "text": "Leverage a storagev2 account type for better performance and reliability",
-            "waf": "Reliability"
+            "text": "Leverage Subscription as scale unit and scaling our resources, consider deploying subscription per environment eg. Sandbox, non-prod, prod ",
+            "training": "https://learn.microsoft.com/training/modules/configure-subscriptions/?source=recommendations",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "e05bbe20-9d49-4fda-9777-8424d116785c",
-            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
-            "service": "Azure Storage",
+            "guid": "ce7bb122-f7c9-45f0-9e15-4e3aa3592829",
+            "link": "https://learn.microsoft.com/azure/quotas/quotas-overview",
+            "service": "SAP",
             "services": [
-                "Storage",
-                "WAF"
+                "VM",
+                "WAF",
+                "Subscriptions"
             ],
             "severity": "High",
-            "text": "Leverage GRS, ZRS or GZRS storage for the highest availability",
-            "waf": "Reliability"
+            "text": "Ensure quota increase as a part of subscription provisioning (e.g. total available VM cores within a subscription)",
+            "training": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "2fa56c56-ad48-4408-be72-734c486ba280",
-            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance",
-            "service": "Azure Storage",
+            "guid": "ce4fab2f-433a-4d59-a5a9-3d1032e03ebc",
+            "link": "https://learn.microsoft.com/rest/api/reserved-vm-instances/quotaapi?branch=capacity",
+            "service": "SAP",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "For write operation after failover, use customer-Managed Failover ",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "The Quota API is a REST API that you can use to view and manage quotas for Azure services. Consider using it if necessary.",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "dc0590cf-65de-48e1-909c-cbd579266bcc",
-            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance#microsoft-managed-failover",
-            "service": "Azure Storage",
+            "guid": "cbfad17b-f240-42bf-a1d8-f4f4cee661c8",
+            "link": "https://learn.microsoft.com/azure/quotas/quickstart-increase-quota-portal",
+            "service": "SAP",
+            "services": [
+                "VM",
+                "WAF",
+                "Subscriptions"
+            ],
+            "severity": "High",
+            "text": "If deploying to an availability zone, ensure that the VM's zone deployment is available once the quota has been approved. Submit a support request with the subscription, VM series, number of CPUs and availability zone required.",
+            "waf": "Operations"
+        },
+        {
+            "checklist": "WAF checklist",
+            "guid": "e6e20617-3686-4af4-9791-f8935ada4332",
+            "link": "https://azure.microsoft.com/explore/global-infrastructure/products-by-region/",
+            "service": "SAP",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Understand Microsoft-Managed Failover details",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "Ensure required services and features are available within the chosen deployment regions eg. ANF , Zone etc.",
+            "training": "https://learn.microsoft.com/azure/cloud-adoption-framework/migrate/azure-best-practices/multiple-regions?source=recommendations",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "a274faa1-abfe-49d5-9d04-c3c4919cb1b3",
-            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable?tabs=azure-portal",
-            "service": "Azure Storage",
+            "guid": "4e138115-2318-41aa-9174-26943ff8ae7d",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-resource-organization",
+            "service": "SAP",
             "services": [
+                "Cost",
+                "TrafficManager",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Enable Soft Delete",
+            "text": "Leverage Azure resource tag for cost categorization and resource grouping (: BillTo, Department (or Business Unit), Environment (Production, Stage, Development), Tier (Web Tier, Application Tier), Application Owner, ProjectName)",
+            "training": "https://learn.microsoft.com/training/paths/implement-resource-mgmt-security/",
+            "waf": "Operations"
+        },
+        {
+            "checklist": "WAF checklist",
+            "guid": "2f7c95f0-6e15-44e3-aa35-92829e6e2061",
+            "link": "https://learn.microsoft.com/azure/backup/sap-hana-database-about",
+            "service": "SAP",
+            "services": [
+                "WAF",
+                "Backup"
+            ],
+            "severity": "High",
+            "text": "Help protect your HANA database by using the Azure Backup service.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-backup-sap-workloads-azure-virtual-machines/?source=recommendations",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachineScaleSets",
             "checklist": "WAF checklist",
-            "description": "Automatic instance repairs ensure that unhealthy instances are promptly identified and replaced, maintaining a set of healthy instances within your scale set.",
-            "guid": "7e13c105-675c-41e9-95b4-59837ff7ae7c",
-            "link": "https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-automatic-instance-repairs",
-            "service": "VMSS",
+            "guid": "302a2fbf-3745-4a5f-a365-c9d1a16ca22c",
+            "link": "https://learn.microsoft.com/azure/azure-netapp-files/azacsnap-introduction",
+            "service": "SAP",
             "services": [
                 "VM",
-                "WAF"
+                "Storage",
+                "WAF",
+                "Entra"
             ],
-            "severity": "Low",
-            "text": "Enable automatic instance repairs for enhanced VM Scale Sets resiliency",
+            "severity": "Medium",
+            "text": "If you deploy Azure NetApp Files for your HANA, Oracle, or DB2 database, use the Azure Application Consistent Snapshot tool (AzAcSnap) to take application-consistent snapshots. AzAcSnap also supports Oracle databases. Consider using AzAcSnap on a central VM rather than on individual VMs.",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Ensure that Azure Backup is utilized appropriately to meet your organization's resiliency requirements for Azure virtual machines (VMs).",
-            "guid": "4d874a74-8b66-42d6-b150-512a66498f6d",
-            "link": "https://learn.microsoft.com/azure/backup/backup-azure-vms-introduction",
-            "service": "VM",
+            "guid": "42d37218-a3a7-45df-bff6-1173e7f249ea",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-management-and-monitoring",
+            "service": "SAP",
             "services": [
-                "Backup",
-                "VM",
+                "SAP",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Consider Azure Backup to meet your resiliency requirements for Azure VMs",
-            "waf": "Reliability"
+            "text": "Ensure time-zone matches between the operating system and the SAP system.",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Single Instance VMs using Premium SSD or Ultra Disk for all Operating System Disks and Data Disks are guaranteed to have Virtual Machine Connectivity of at least 99.9%",
-            "guid": "8052d88e-79d1-47b7-9b22-a5a67e7a8ed4",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/disks-types",
-            "service": "VM",
+            "guid": "c3c7abc0-716c-4486-893c-40e181d65539",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-rhel-multi-sid",
+            "service": "SAP",
             "services": [
-                "VM",
+                "Entra",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use Premium or Ultra disks for production VMs",
+            "severity": "Medium",
+            "text": "Don't group different application services in the same cluster. For example, don't combine DRBD and central services clusters on the same cluster. However, you can use the same Pacemaker cluster to manage approximately five different central services (multi-SID cluster).",
+            "training": "https://learn.microsoft.com/training/modules/implement-ha-sap-netweaver-anydb/?source=recommendations",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Azure automatically replicates managed disks within a region to ensure data durability and protect against single-point failures.",
-            "guid": "b31e38c3-f298-412b-8363-cffe179b599d",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/managed-disks-overview",
-            "service": "VM",
+            "guid": "a491dfc4-9353-4213-9217-eef0949f9467",
+            "link": "https://azure.microsoft.com/pricing/offers/dev-test/",
+            "service": "SAP",
             "services": [
-                "VM",
+                "Cost",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Ensure Managed Disks are used for all VMs",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "Consider running dev/test systems in a snooze model to save and optimize Azure run costs.",
+            "waf": "Cost"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Temporary disks are intended for short-term storage of non-persistent data such as page files, swap files, or SQL Server tempdb. Storing persistent data on temporary disks can lead to data loss during maintenance events or VM redeployment.",
-            "guid": "e0d5973c-d4ce-432c-8881-37f6f7c4c0d4",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/managed-disks-overview#temporary-disk",
-            "service": "VM",
+            "guid": "b7056168-6199-4732-a514-cdbb2d5c9c54",
+            "link": "https://learn.microsoft.com/azure/lighthouse/overview",
+            "service": "SAP",
             "services": [
-                "SQL",
-                "Storage",
-                "VM",
+                "Entra",
+                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Do not use the Temp disk for anything that is not acceptable to be lost",
-            "waf": "Reliability"
+            "text": "If you partner with customers by managing their SAP estates, consider Azure Lighthouse. Azure Lighthouse allows managed service providers to use Azure native identity services to authenticate to the customers' environment. It puts the control in the hands of customers, because they can revoke access at any time and audit service providers' actions.",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Co-locate your compute, storage, networking, and data resources across an availability zone, and replicate this arrangement in other availability zones.",
-            "guid": "e514548d-2447-4ec6-9138-b8200f1ce16e",
-            "link": "https://learn.microsoft.com/azure/reliability/availability-zones-overview",
-            "service": "VM",
+            "guid": "4d116785-d2fa-456c-96ad-48408fe72734",
+            "link": "https://learn.microsoft.com/azure/update-manager/scheduled-patching?tabs=schedule-updates-single-machine%2Cschedule-updates-scale-overview",
+            "service": "SAP",
             "services": [
-                "ACR",
-                "Storage",
                 "VM",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Leverage Availability Zones for your VMs in regions where they are supported",
-            "waf": "Reliability"
+            "text": "Use Azure Update Manager to check the status of available updates for a single VM or multiple VMs and consider scheduling regular patching.",
+            "training": "https://learn.microsoft.com/training/modules/keep-your-virtual-machines-updated/?source=recommendations",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Use at least two VMs in Availability Sets to isolate VMs on different fault and update domains.",
-            "guid": "5a785d6f-e96c-496a-b884-4cf3b2b38c88",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/availability-set-overview",
-            "service": "VM",
+            "guid": "76c8bcbf-45bb-4e60-ad8a-03e97778424d",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/lama-installation",
+            "service": "SAP",
             "services": [
-                "VM",
+                "SAP",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "For regions that do not support Availability Zones deploy VMs into Availability Sets",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "Optimize and manage SAP Basis operations by using SAP Landscape Management (LaMa). Use the SAP LaMa connector for Azure to relocate, copy, clone, and refresh SAP systems.",
+            "training": "https://learn.microsoft.com/training/modules/explore-azure-remote-management/?source=recommendations",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Azure provides multiple options for VM redundancy to meet different requirements (Availability Zones, Virtual Machine Scale Sets, Availability Sets, Azure Site Recovery)",
-            "guid": "6ba2c021-4991-414a-9d3c-e574dccbd979",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/availability",
-            "service": "VM",
+            "guid": "14591147-5e39-4e53-89cc-cd979366bcda",
+            "link": "https://learn.microsoft.com/azure/sap/monitor/about-azure-monitor-sap-solutions",
+            "service": "SAP",
             "services": [
-                "VM",
-                "ASR",
+                "Monitor",
+                "SAP",
+                "SQL",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Avoid running a production workload on a single VM",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Use Azure Monitor for SAP solutions to monitor your SAP workloads(SAP HANA, high-availability SUSE clusters, and SQL systems) on Azure. Consider supplementing Azure Monitor for SAP solutions with SAP Solution Manager.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-monitoring-sap-workloads-azure-virtual-machines/?source=recommendations",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Azure Site Recovery enables you to achieve low RTO (Recovery Time Objective) for your Azure and hybrid VMs by providing continuous replication and failover capabilities.",
-            "guid": "2a6bcca2-b5fe-4a1e-af3d-d95d48c7c891",
-            "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
-            "service": "VM",
+            "guid": "2750ab1a-b039-4d95-b54c-7c8929cb107d",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/vm-extension-for-sap",
+            "service": "SAP",
             "services": [
-                "AVS",
+                "Monitor",
+                "Entra",
+                "WAF",
                 "VM",
-                "ASR",
-                "WAF"
+                "SAP"
             ],
             "severity": "High",
-            "text": "For Azure and on-premises VMs (Hyper-V/Phyiscal/VMware) with low RTO requirements use Azure Site Recovery",
-            "waf": "Reliability"
+            "text": "Run a VM Extension for SAP check. VM Extension for SAP uses the assigned managed identity of a virtual machine (VM) to access VM monitoring and configuration data. The check ensures that all performance metrics in your SAP application come from the underlying Azure Extension for SAP.",
+            "training": "https://learn.microsoft.com/training/modules/configure-azure-enhanced-monitoring-extension-for-sap/?source=recommendations",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "By using Capacity Reservations, you can effectively manage capacity for critical workloads, ensuring resource availability in specified regions.",
-            "guid": "bd7bb012-f7b9-45e0-9e15-8e3ea3992c2d",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/capacity-reservation-overview",
-            "service": "VM",
+            "guid": "5325ae52-5ba3-44d4-985e-2213ace7bb12",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
+            "service": "SAP",
             "services": [
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Low",
-            "text": "Use Capacity Reservations for critical workloads that require guaranteed capacity",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Use Azure Policy for access control and compliance reporting. Azure Policy provides the ability to enforce organization-wide settings to ensure consistent policy adherence and fast violation detection. ",
+            "training": "https://learn.microsoft.com/learn/paths/architect-infrastructure-operations/",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "By ensuring that the necessary quotas are increased in your DR region before testing failover with ASR, you can avoid any potential resource constraints during the recovery process for failed over VMs.",
-            "guid": "e6e2065b-3a76-4af4-a691-e8939ada4666",
-            "link": "https://learn.microsoft.com/azure/quotas/per-vm-quota-requests",
-            "service": "VM",
+            "guid": "523181aa-4174-4269-93ff-8ae7d7d47431",
+            "link": "https://learn.microsoft.com/azure/network-watcher/connection-monitor-overview",
+            "service": "SAP",
             "services": [
-                "VM",
-                "ASR",
-                "WAF"
+                "Monitor",
+                "SAP",
+                "WAF",
+                "NetworkWatcher"
             ],
             "severity": "Medium",
-            "text": "Increase quotas in DR region before testing failover with ASR",
-            "waf": "Reliability"
+            "text": "Use Connection Monitor in Azure Network Watcher to monitor latency metrics for SAP databases and application servers. Or collect and display network latency measurements by using Azure Monitor.",
+            "training": "https://techcommunity.microsoft.com/t5/running-sap-applications-on-the/collecting-and-displaying-niping-network-latency-measurements/ba-p/1833979",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Scheduled Events is an Azure Metadata Service that provides information about upcoming maintenance events for virtual machines (VMs). By leveraging Scheduled Events, you can proactively prepare your applications for VM maintenance, minimizing disruption and improving the availability of your VMs.",
-            "guid": "6d3b475a-5c7a-4cbe-99bb-e64dd8902e87",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/windows/scheduled-events",
-            "service": "VM",
+            "guid": "73686af4-6791-4f89-95ad-a43324e13811",
+            "link": "https://github.com/Azure/SAP-on-Azure-Scripts-and-Utilities/tree/main/QualityCheck",
+            "service": "SAP",
             "services": [
                 "VM",
+                "SAP",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Utilize Scheduled Events to prepare for VM maintenance",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Perform a quality check for SAP HANA on the provisioned Azure infrastructure to verify that provisioned VMs comply with SAP HANA on Azure best practices.",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Use Zone-redundant Storage (ZRS) in the primary region for scenarios that require high availability and for restricting replication to a particular country or region. For protection against regional disasters, use Geo-zone-redundant Storage (GZRS), which combines ZRS in the primary region with geo-replication to a secondary region?.",
-            "guid": "48c7c891-dcb1-4f7d-9769-ae568ba38d4a",
-            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
-            "service": "Azure Storage",
+            "guid": "616785d6-fa96-4c96-ad88-518f482734c8",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-zones",
+            "service": "SAP",
             "services": [
-                "Storage",
-                "WAF"
+                "SAP",
+                "WAF",
+                "Subscriptions"
             ],
-            "severity": "Medium",
-            "text": "Choose the most appropriate data redundancy option for Azure Storage based on your requirements",
-            "waf": "Reliability"
+            "severity": "High",
+            "text": "For each Azure subscription, run a latency test on Azure availability zones before zonal deployment to choose low-latency zones for deployment of SAP on Azure.",
+            "training": "https://github.com/Azure/SAP-on-Azure-Scripts-and-Utilities/tree/main/AvZone-Latency-Test",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Assigning a Delete lock to your storage account helps protect the availability of your data, minimizing the risk of disruptions to your business operations.",
-            "guid": "85e2213d-bd7b-4b01-8f7b-95e06e158e3e",
-            "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource",
-            "service": "Azure Storage",
+            "guid": "410adcba-db46-424f-a6c4-05ecde75c52e",
+            "link": "https://learn.microsoft.com/azure/advisor/advisor-how-to-improve-reliability",
+            "service": "SAP",
             "services": [
                 "Storage",
-                "WAF"
+                "WAF",
+                "ASR"
             ],
-            "severity": "Low",
-            "text": "Apply a Delete lock to prevent accidental or malicious deletion of storage accounts",
+            "severity": "Medium",
+            "text": "Run the Resiliency Report to ensure that the configuration of the entire provisioned Azure infrastructure (Compute, Database, Networking, Storage, Site Recovery) complies with the configuration defined by Cloud Adaption Framework for Azure.",
+            "training": "https://learn.microsoft.com/training/paths/azure-well-architected-framework/",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Container soft delete protects your data from being accidentally deleted by maintaining the deleted data in the system for a specified period of time.",
-            "guid": "a3992c2d-e6e2-4065-a3a7-6af4a691e893",
-            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable",
-            "service": "Azure Storage",
+            "guid": "86ba2802-1459-4114-95e3-9e5309cccd97",
+            "link": "https://learn.microsoft.com/azure/sentinel/sap/deployment-overview",
+            "service": "SAP",
             "services": [
-                "Storage",
+                "Monitor",
+                "Sentinel",
+                "SAP",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Enable soft delete for Storage Account Containers",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Implement threat protection by using the Microsoft Sentinel solution for SAP. Use this solution to monitor your SAP systems and detect sophisticated threats throughout the business logic and application layers.",
+            "training": "https://learn.microsoft.com/training/modules/plan-microsoft-sentinel-deployment-sap/?source=recommendations",
+            "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "description": "Blob soft delete protects an individual blob and its versions, snapshots, and metadata from accidental deletes or overwrites by maintaining the deleted data in the system for a specified period of time.",
-            "guid": "9ada4666-7e13-4c10-96b9-153d89f89dc7",
-            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable",
-            "service": "Azure Storage",
+            "guid": "579266bc-ca27-45fa-a1ab-fe9d55d04c3c",
+            "link": "https://learn.microsoft.com/azure/cost-management-billing/costs/enable-tag-inheritance",
+            "service": "SAP",
             "services": [
-                "Storage",
+                "Cost",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Enable soft delete for blobs",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Azure tagging can be leveraged to logically group and track resources, automate their deployments, and most importantly, provide visibility on the incurred costs.",
+            "training": "https://learn.microsoft.com/training/modules/analyze-costs-create-budgets-azure-cost-management/?source=recommendations",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.RecoveryServices/vaults",
             "checklist": "WAF checklist",
-            "description": "Azure Backup enhanced soft delete provides critical protection against ransomware attacks by retaining deleted backups, enabling recovery from potential ransomware encryption or deletion.",
-            "guid": "b44be3b1-a27f-48b9-b91b-e1038df03a82",
-            "link": "https://learn.microsoft.com/azure/backup/backup-azure-enhanced-soft-delete-about",
-            "service": "Azure Backup",
+            "guid": "04b8e5e5-13cb-4b22-af62-5a8ecfcf0337",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-test-latency?tabs=windows",
+            "service": "SAP",
             "services": [
-                "Backup",
+                "VM",
+                "Monitor",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Enable Azure Backup enhanced soft delete for improved data protection and recovery",
-            "waf": "Reliability"
+            "severity": "Low",
+            "text": "Use inter-VM latency monitoring for latency-sensitive applications.",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.RecoveryServices/vaults",
             "checklist": "WAF checklist",
-            "description": "Azure Backup's multi-user authorization enables fine-grained control over user access to backup resources, allowing you to restrict privileges and ensure proper authentication and authorization for backup operations.",
-            "guid": "2cd463cb-bbc8-4ac2-a9eb-c92a43da1dae",
-            "link": "https://learn.microsoft.com/azure/backup/multi-user-authorization-concept",
-            "service": "Azure Backup",
+            "guid": "07e5ed53-3d96-43d8-87ea-631b77da5aba",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/planning-guide-storage",
+            "service": "SAP",
             "services": [
-                "Backup",
-                "WAF"
+                "Monitor",
+                "SAP",
+                "WAF",
+                "ASR"
             ],
-            "severity": "Low",
-            "text": "Implement multi-user authorization for Azure Backup to ensure secure and controlled access to backup resources",
+            "severity": "Medium",
+            "text": "Use Azure Site Recovery monitoring to maintain the health of the disaster recovery service for SAP application servers.",
+            "training": "https://learn.microsoft.com/training/modules/explore-azure-storage/?source=recommendations",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.RecoveryServices/vaults",
             "checklist": "WAF checklist",
-            "description": "Azure Immutable Storage provides an additional layer of security by ensuring that backup data stored in the vault cannot be modified or deleted for a specified retention period. This helps safeguard your backups from ransomware attacks that may attempt to compromise or manipulate your backup data.",
-            "guid": "2cc88147-0607-4c1c-aa0e-614658dd458e",
-            "link": "https://learn.microsoft.com/azure/backup/backup-azure-immutable-vault-concept?source=recommendations&tabs=recovery-services-vault",
-            "service": "Azure Backup",
+            "guid": "abb6af9c-982c-4cf1-83fb-329fafd1ee56",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-management-and-monitoring",
+            "service": "SAP",
             "services": [
                 "Storage",
-                "Backup",
-                "WAF"
+                "WAF",
+                "SAP"
             ],
-            "severity": "Low",
-            "text": "Implement Immutable Storage for your vaults to protect against ransomware and prevent unauthorized modifications to backups",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "Exclude all the database file systems and executable programs from antivirus scans. Including them could lead to performance problems. Check with the database vendors for prescriptive details on the exclusion list. For example, Oracle recommends excluding /oracle/<sid>/sapdata from antivirus scans.",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.Network/dnsZones",
             "checklist": "WAF checklist",
-            "description": "To eliminate a single point of failure in your on-premises DNS services and ensure reliable DNS resolution during business continuity and disaster recovery scenarios, it is recommended to utilize Azure DNS Private Resolvers in multiple regions. By deploying two or more Azure DNS private resolvers across different regions, you can enable DNS failover and achieve resiliency in your DNS infrastructure.",
-            "guid": "43da1dae-2cc8-4814-9060-7c1cca0e6146",
-            "link": "https://learn.microsoft.com/azure/dns/tutorial-dns-private-resolver-failover",
-            "service": "DNS",
+            "guid": "c027f893-f404-41a9-b33d-39d625a14964",
+            "link": "https://sapit-forme-prod.authentication.eu11.hana.ondemand.com/login",
+            "service": "SAP",
             "services": [
-                "DNS",
-                "ACR",
-                "ASR",
+                "SAP",
                 "WAF"
             ],
             "severity": "Low",
-            "text": "Implement DNS Failover using Azure DNS Private Resolvers",
-            "waf": "Reliability"
+            "text": "Consider collecting full database statistics for non-HANA databases after migration. For example, implement SAP note 1020260 - Delivery of Oracle statistics.",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.PowerBI/gateways",
             "checklist": "WAF checklist",
-            "description": "Use an on-premises data gateway cluster to avoid single points of failure and to load balance traffic across gateways.",
-            "guid": "89f89dc7-b44b-4e3b-8a27-f8b9e91be103",
-            "link": "https://learn.microsoft.com/data-integration/gateway/service-gateway-high-availability-clusters",
-            "service": "Data Gateways",
+            "guid": "fdafb1f5-3eee-4354-a8c9-deb8127ebc2e",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/workloads/oracle/configure-oracle-asm",
+            "service": "SAP",
             "services": [
-                "ACR",
-                "WAF"
+                "Storage",
+                "WAF",
+                "SAP"
             ],
             "severity": "Medium",
-            "text": "Use on-premises data gateway clusters to ensure high availability for business-critical data",
-            "waf": "Reliability"
+            "text": "Consider using Oracle Automatic Storage Management (ASM) for all Oracle deployments that use SAP on Azure.",
+            "training": "https://learn.microsoft.com/training/paths/administer-infrastructure-resources-in-azure/?source=recommendations",
+            "waf": "Performance"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "When choosing the best option for deploying NVAs in Azure, it is crucial to consider the vendor's recommendations and validate that the specific design has been vetted and validated by the NVA vendor. The vendor should also provide the necessary NVA configuration for seamless integration in Azure.",
-            "guid": "8b1188b3-c6a4-46ce-a544-451e192d3442",
-            "link": "https://learn.microsoft.com/azure/architecture/reference-architectures/dmz/nva-ha",
-            "service": "NVA",
+            "guid": "33c5d5bf-daf3-4f0d-bd50-6010fdcec22e",
+            "link": "https://techcommunity.microsoft.com/t5/running-sap-applications-on-the/announcement-sap-on-azure-oracle-performance-efficiency-scripts/ba-p/3725178",
+            "service": "SAP",
             "services": [
-                "NVA",
+                "SAP",
+                "SQL",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Deploy Network Virtual Appliances (NVAs) in a vendor supported configuration for High Availability",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "For SAP on Azure running Oracle, a collection of SQL scripts can help you diagnose performance problems.  Automatic Workload Repository (AWR) reports contain valuable information for diagnosing problems in the Oracle system. We recommend that you run an AWR report during several sessions and choose peak times for it, to ensure broad coverage for the analysis.",
+            "training": "https://learn.microsoft.com/ja-jp/azure/well-architected/oracle-iaas/performance-efficiency",
+            "waf": "Performance"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "f00a69de-7076-4734-a734-6e4552cad9e1",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-latest-version-for-customer-managed-certificates",
-            "service": "Front Door",
+            "guid": "d89fd98d-23e4-4b40-a92e-32db9365522c",
+            "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-monitor-and-troubleshoot",
+            "service": "SAP",
             "services": [
-                "AKV",
-                "FrontDoor",
-                "WAF"
+                "Monitor",
+                "SAP",
+                "WAF",
+                "ASR"
             ],
-            "severity": "Medium",
-            "text": "If you use customer-managed TLS certificates with Azure Front Door, use the 'Latest' certificate version. Reduce the risk of outages caused by manual certificate renewal",
+            "severity": "High",
+            "text": "Use Azure Site Recovery monitoring to maintain the health of the disaster recovery service for SAP application servers.",
+            "training": "https://learn.microsoft.com/training/modules/protect-on-premises-infrastructure-with-azure-site-recovery/?source=recommendations",
             "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "graph": "resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant",
-            "guid": "553585a6-abe0-11ed-afa1-0242ac120002",
-            "link": "https://learn.microsoft.com/azure/application-gateway/overview-v2",
-            "service": "App Gateway",
+            "guid": "5ba34d46-85e2-4213-ace7-bb122f7c95f0",
+            "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
+            "service": "SAP",
             "services": [
                 "AppGW",
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "Ensure you are using Application Gateway v2 SKU",
-            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
+            "text": "For secure delivery of HTTP/S apps, use Application Gateway v2 and ensure that WAF protection and policies are enabled.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-web-application-firewall/",
             "waf": "Security"
         },
         {
-            "arm-service": "Microsoft.Network/loadBalancers",
             "checklist": "WAF checklist",
-            "graph": "resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard')",
-            "guid": "4e35fbf5-0ae2-48b2-97ce-753353edbd1a",
-            "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-overview",
-            "service": "Load Balancer",
+            "guid": "fa9d30bc-1b82-4e4b-bfdf-6b017938b9e6",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-network-topology-and-connectivity",
+            "service": "SAP",
             "services": [
-                "LoadBalancer",
+                "VM",
+                "DNS",
+                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Ensure you are using the Standard SKU for your Azure Load Balancers",
-            "waf": "Security"
+            "text": "If the virtual machine's DNS or virtual name is not changed during migration to Azure, Background DNS and virtual names connect many system interfaces in the SAP landscape, and customers are only sometimes aware of the interfaces that developers define over time. Connection challenges arise between various systems when virtual or DNS names change after migrations, and it's recommended to retain DNS aliases to prevent these types of difficulties.",
+            "training": "https://learn.microsoft.com/training/modules/explore-azure-networking/4-explore-name-resolution",
+            "waf": "Operations"
         },
         {
-            "arm-service": "Microsoft.Network/loadBalancers",
             "checklist": "WAF checklist",
-            "guid": "9432621a-8397-4654-a882-5bc856b7ef83",
-            "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-standard-availability-zones",
-            "service": "Load Balancer",
+            "guid": "a2858f78-105b-4f52-b7a9-5b0f4439743b",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-network-topology-and-connectivity",
+            "service": "SAP",
             "services": [
-                "LoadBalancer",
+                "VNet",
+                "DNS",
+                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Ensure your Load Balancers frontend IP addresses are zone-redundant (unless you require zonal frontends).",
-            "waf": "Security"
+            "text": "Use different DNS zones to distinguish each environment (sandbox, development, preproduction, and production) from each other. The exception is for SAP deployments with their own VNet; here, private DNS zones might not be necessary.",
+            "training": "https://learn.microsoft.com/training/modules/explore-azure-networking/4-explore-name-resolution",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "graph": "resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant",
-            "guid": "dfc50f87-3800-424c-937b-ed5f186e7c15",
-            "link": "https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet",
-            "service": "App Gateway",
+            "guid": "a3592829-e6e2-4061-9368-6af46791f893",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-peering-overview",
+            "service": "SAP",
             "services": [
                 "VNet",
-                "AppGW",
+                "ACR",
+                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24",
-            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
-            "waf": "Security"
+            "text": "Local and global VNet peering provide connectivity and are the preferred approaches to ensure connectivity between landing zones for SAP deployments across multiple Azure regions",
+            "training": "https://learn.microsoft.com/training/modules/configure-vnet-peering/?source=recommendations",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "description": "Administration of reverse proxies in general and WAF in particular is closer to the application than to networking, so they belong in the same subscription as the app. Centralizing the Application Gateway and WAF in the connectivity subscription might be OK if it is managed by one single team.",
-            "guid": "48b662d6-d15f-4512-a654-98f6dfe237de",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
-            "service": "App Gateway",
+            "guid": "41742694-3ff8-4ae7-b7d4-743176c8bcbf",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/planning-guide",
+            "service": "SAP",
             "services": [
-                "Entra",
-                "AppGW",
+                "SAP",
                 "NVA",
-                "Subscriptions",
-                "VNet",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Deploy Azure Application Gateway v2 or partner NVAs used for proxying inbound HTTP(S) connections within the landing-zone virtual network and with the apps that they're securing.",
-            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
-            "waf": "Security"
+            "severity": "High",
+            "text": "It is not supported to deploy any NVA between SAP application and SAP Database server",
+            "training": "https://me.sap.com/notes/2731110",
+            "waf": "Performance"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "f109e1f3-c79b-4f14-82de-6b5c22314d08",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
-            "service": "App Gateway",
+            "guid": "7d4bc7d2-c34a-452e-8f1d-6ae3c8eafcc3",
+            "link": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/?source=recommendations",
+            "service": "SAP",
             "services": [
-                "DDoS",
-                "WAF"
+                "ACR",
+                "SAP",
+                "WAF",
+                "VWAN"
             ],
             "severity": "Medium",
-            "text": "Use a DDoS Network or IP protection plans for all Public IP addresses in application landing zones.",
-            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
-            "waf": "Security"
+            "text": "Use Virtual WAN for Azure deployments in new, large, or global networks where you need global transit connectivity across Azure regions and on-premises locations. With this approach, you won't need to manually set up transitive routing for Azure networking, and you can follow a standard for SAP on Azure deployments.",
+            "training": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-about",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "graph": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant",
-            "guid": "135bf4ac-f9db-461f-b76b-2ee9e30b12c0",
-            "link": "https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant",
-            "service": "App Gateway",
+            "guid": "0cedb1f6-ae6c-492b-8b17-8061f50b16d3",
+            "link": "https://learn.microsoft.com/azure/well-architected/services/networking/network-virtual-appliances/reliability",
+            "service": "SAP",
             "services": [
+                "VNet",
+                "NVA",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Configure autoscaling with a minimum amount of instances of two.",
-            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
-            "waf": "Reliability"
+            "text": "Consider deploying network virtual appliances (NVAs) between regions only if partner NVAs are used. NVAs between regions or VNets aren't required if native NVAs are present. When you're deploying partner networking technologies and NVAs, follow the vendor's guidance to verify conflicting configurations with Azure networking.",
+            "training": "https://learn.microsoft.com/training/modules/control-network-traffic-flow-with-routes/?source=recommendations",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "graph": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant",
-            "guid": "060c6964-52b5-48db-af8b-83e4b2d85349",
-            "link": "https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2",
-            "service": "App Gateway",
+            "guid": "facc08c6-ea95-4641-91cd-fa09e573adbd",
+            "link": "https://learn.microsoft.com/azure/architecture/networking/hub-spoke-vwan-architecture",
+            "service": "SAP",
             "services": [
-                "ACR",
-                "AppGW",
-                "WAF"
+                "NVA",
+                "VNet",
+                "WAF",
+                "SAP",
+                "VWAN"
             ],
             "severity": "Medium",
-            "text": "Deploy Application Gateway across Availability Zones",
-            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
-            "waf": "Reliability"
+            "text": "Virtual WAN manages connectivity between spoke VNets for virtual-WAN-based topologies (no need to set up user-defined routing [UDR] or NVAs), and maximum network throughput for VNet-to-VNet traffic in the same virtual hub is 50 gigabits per second. If necessary, SAP landing zones can use VNet peering to connect to other landing zones and overcome this bandwidth limitation.",
+            "training": "https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/?source=recommendations",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "e79d17b7-3b22-4a5a-97e7-a8ed4b30e38c",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
-            "service": "Front Door",
+            "guid": "82734c88-6ba2-4802-8459-11475e39e530",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
-                "AzurePolicy",
+                "VM",
+                "SAP",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Use Azure Front Door with WAF policies to deliver and help protect global HTTP/S apps that span multiple Azure regions.",
-            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "severity": "High",
+            "text": "Public IP assignment to VM running SAP Workload is not recommended.",
+            "training": "https://learn.microsoft.com/training/modules/design-ip-addressing-for-azure/?source=recommendations",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "3f29812b-2363-4cef-b179-b599de0d5973",
-            "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
-            "service": "Front Door",
+            "guid": "9cccd979-366b-4cda-8750-ab1ab039d95d",
+            "link": "https://learn.microsoft.com/training/modules/protect-on-premises-infrastructure-with-azure-site-recovery/?source=recommendations",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
-                "AppGW",
-                "AzurePolicy",
+                "ASR",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "When using Front Door and Application Gateway to help protect HTTP/S apps, use WAF policies in Front Door. Lock down Application Gateway to receive traffic only from Front Door.",
-            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Consider reserving IP address on DR side when configuring ASR",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Operations"
         },
         {
-            "ammp": true,
-            "arm-service": "microsoft.network/trafficManagerProfiles",
             "checklist": "WAF checklist",
-            "guid": "cd4cd21b-0881-437f-9e6c-4cfd3e504547",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
-            "service": "Traffic Manager",
+            "guid": "54c7c892-9cb1-407d-9325-ae525ba34d46",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
+            "service": "SAP",
             "services": [
-                "TrafficManager",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Use Traffic Manager to deliver global apps that span protocols other than HTTP/S.",
-            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
-            "waf": "Reliability"
+            "text": "Avoid using overlapping IP address ranges for production and DR sites.",
+            "training": "https://learn.microsoft.com/training/modules/design-ip-addressing-for-azure/?source=recommendations",
+            "waf": "Operations"
         },
         {
             "checklist": "WAF checklist",
-            "guid": "3b4b3e88-a459-4ed5-a22f-644dfbc58204",
-            "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy#how-application-proxy-works",
-            "service": "Entra",
+            "guid": "6e154e3a-a359-4282-ae6e-206173686af4",
+            "link": "https://learn.microsoft.com/azure/azure-netapp-files/azure-netapp-files-delegate-subnet",
+            "service": "SAP",
             "services": [
-                "Entra",
-                "AVD",
+                "VNet",
+                "Storage",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "If users only need access to internal applications, has Microsoft Entra ID Application Proxy been considered as an alternative to Azure Virtual Desktop (AVD)?",
-            "training": "https://learn.microsoft.com/learn/modules/configure-azure-ad-application-proxy/",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "While Azure does help you to create multiple delegated subnets in a VNet, only one delegated subnet can exist in a VNet for Azure NetApp Files. Attempts to create a new volume will fail if you use more than one delegated subnet for Azure NetApp Files.",
+            "training": "https://learn.microsoft.com/azure/azure-netapp-files/azure-netapp-files-network-topologies?source=recommendations",
+            "waf": "Operations"
         },
         {
             "checklist": "WAF checklist",
-            "guid": "01ca7cf1-5754-442d-babb-8ba6772e5c30",
-            "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy#how-application-proxy-works",
-            "service": "Entra",
+            "guid": "d8a03e97-7784-424d-9167-85d6fa96c96a",
+            "link": "https://learn.microsoft.com/azure/well-architected/services/networking/azure-firewall?toc=%2Fazure%2Ffirewall%2Ftoc.json&bc=%2Fazure%2Ffirewall%2Fbreadcrumb%2Ftoc.json",
+            "service": "SAP",
+            "services": [
+                "WAF",
+                "Firewall"
+            ],
+            "severity": "Medium",
+            "text": "Use Azure Firewall to govern Azure outbound traffic to the internet, non-HTTP/S inbound connections, and East/West traffic filtering (if the organization requires it)",
+            "training": "https://learn.microsoft.com/training/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "checklist": "WAF checklist",
+            "guid": "91a65e40-be90-45b3-9f73-f3edbf8dc324",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/expose-sap-process-orchestration-on-azure",
+            "service": "SAP",
             "services": [
-                "Entra",
+                "SAP",
+                "AppGW",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "To reduce the number of firewall ports open for incoming connections in your network, consider using Microsoft Entra ID Application Proxy to give remote users secure and authenticated access to internal applications.",
-            "training": "https://learn.microsoft.com/learn/paths/implement-applications-external-access-azure-ad/",
+            "text": "Application Gateway and Web Application Firewall have limitations when Application Gateway serves as a reverse proxy for SAP web apps, as shown in the comparison between Application Gateway, SAP Web Dispatcher, and other third-party services.",
+            "training": "https://help.sap.com/docs/SUPPORT_CONTENT/si/3362959506.html",
             "waf": "Security"
         },
         {
-            "ammp": true,
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "graph": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode",
-            "guid": "ae248989-b306-4591-9186-de482e3f0f0e",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings",
-            "service": "Front Door",
+            "guid": "5e39e530-9ccc-4d97-a366-bcda2750ab1a",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
+            "service": "SAP",
             "services": [
+                "ACR",
+                "WAF",
                 "FrontDoor",
-                "AzurePolicy",
-                "WAF"
+                "AzurePolicy"
             ],
-            "severity": "High",
-            "text": "Deploy your WAF policy for Front Door in 'Prevention' mode.",
+            "severity": "Medium",
+            "text": "Use Azure Front Door and WAF policies to provide global protection across Azure regions for inbound HTTP/S connections to a landing zone.",
+            "training": "https://learn.microsoft.com/training/paths/secure-application-delivery/",
             "waf": "Security"
         },
         {
-            "ammp": true,
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "062d5839-4d36-402f-bfa4-02811eb936e9",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#avoid-combining-traffic-manager-and-front-door",
-            "service": "Front Door",
+            "guid": "b039d95d-54c7-4c89-89cb-107d5325ae52",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/afds-overview",
+            "service": "SAP",
             "services": [
-                "TrafficManager",
+                "AppGW",
+                "WAF",
                 "FrontDoor",
-                "WAF"
+                "AzurePolicy"
             ],
-            "severity": "High",
-            "text": "Avoid combining Azure Traffic Manager and Azure Front Door.",
+            "severity": "Medium",
+            "text": "Take advantage of Web Application Firewall policies in Azure Front Door when you're using Azure Front Door and Application Gateway to protect HTTP/S applications. Lock down Application Gateway to receive traffic only from Azure Front Door.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-web-application-firewall/?source=recommendations",
             "waf": "Security"
         },
         {
-            "ammp": true,
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "5efeb96a-003f-4b18-8fcd-b4d84459c2b2",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-the-same-domain-name-on-front-door-and-your-origin",
-            "service": "Front Door",
+            "guid": "5ada4332-4e13-4811-9231-81aa41742694",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "AppGW",
+                "WAF",
+                "LoadBalancer"
             ],
-            "severity": "High",
-            "text": "Use the same domain name on Azure Front Door and your origin. Mismatched host names can cause subtle bugs.",
+            "severity": "Medium",
+            "text": "Use a web application firewall to scan your traffic when it's exposed to the internet. Another option is to use it with your load balancer or with resources that have built-in firewall capabilities like Application Gateway or third-party solutions.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-web-application-firewall/?source=recommendations",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "graph": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant",
-            "guid": "0b5a380c-4bfb-47bc-b1d7-dcfef363a61b",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group",
-            "service": "Front Door",
+            "guid": "e73de7d5-6f36-4217-a526-e1a621ecddde",
+            "link": "https://learn.microsoft.com/azure/frontdoor/front-door-overview",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "ACR",
+                "SAP",
+                "WAF",
+                "VWAN"
             ],
-            "severity": "Low",
-            "text": "Disable health probes when there is only one origin in an Azure Front Door origin group.",
+            "severity": "Medium",
+            "text": "Use Virtual WAN for Azure deployments in new, large, or global networks where you need global transit connectivity across Azure regions and on-premises locations. With this approach, you won't need to manually set up transitive routing for Azure networking, and you can follow a standard for SAP on Azure deployments.",
+            "training": "https://learn.microsoft.com/training/modules/explore-azure-networking/10-explore-azure-front-door",
             "waf": "Performance"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "5567048e-e5d7-4206-9c55-b5ed45d2cc0c",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#select-good-health-probe-endpoints",
-            "service": "Front Door",
+            "guid": "3c536a3e-1b6b-4e87-95ca-15edb47251c0",
+            "link": "https://learn.microsoft.com/azure/virtual-network/vnet-integration-for-azure-services",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "Storage",
+                "VNet",
+                "WAF",
+                "PrivateLink",
+                "ACR",
+                "Backup"
             ],
             "severity": "Medium",
-            "text": "Select good health probe endpoints for Azure Front Door. Consider building health endpoints that check all of your application's dependencies.",
-            "waf": "Reliability"
+            "text": "To prevent data leakage, use Azure Private Link to securely access platform as a service resources like Azure Blob Storage, Azure Files, Azure Data Lake Storage Gen2, Azure Data Factory, and more. Azure Private Endpoint can also help to secure traffic between VNets and services like Azure Storage, Azure Backup, and more. Traffic between your VNet and the Private Endpoint enabled service travels across the Microsoft global network, which prevents its exposure to the public internet.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-private-access-to-azure-services/?source=recommendations",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "graph": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId",
-            "guid": "a13f72f3-8f5c-4864-95e5-75bf37fbbeb1",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes",
-            "service": "Front Door",
+            "guid": "85e2213a-ce7b-4b12-8f7c-95f06e154e3a",
+            "link": "https://learn.microsoft.com/azure/virtual-network/accelerated-networking-overview?tabs=redhat",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
+                "VM",
+                "SAP",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application.",
+            "severity": "High",
+            "text": "Make sure that Azure accelerated networking is enabled on the VMs used in the SAP application and DBMS layers.",
+            "training": "https://learn.microsoft.com/training/paths/azure-fundamentals-describe-azure-architecture-services/?source=recommendations",
             "waf": "Performance"
         },
         {
-            "ammp": true,
-            "arm-service": "Microsoft.Network/loadBalancers",
             "checklist": "WAF checklist",
-            "graph": "resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant",
-            "guid": "97a2fd46-64b0-1dfa-b72d-9c8869496d75",
-            "link": "https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity",
-            "service": "Load Balancer",
+            "guid": "3ff8ae7d-7d47-4431-96c8-bcbf45bbe609",
+            "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-multivip-overview",
+            "service": "SAP",
             "services": [
-                "LoadBalancer",
+                "WAF",
+                "LoadBalancer"
+            ],
+            "severity": "Medium",
+            "text": "Make sure that internal deployments for Azure Load Balancer are set up to use Direct Server Return (DSR). This setting (Enabling Floating IP) will reduce latency when internal load balancer configurations are used for high-availability configurations on the DBMS layer.",
+            "training": "https://learn.microsoft.com/ja-jp/training/modules/load-balancing-non-https-traffic-azure/?source=recommendations",
+            "waf": "Security"
+        },
+        {
+            "checklist": "WAF checklist",
+            "guid": "6791f893-5ada-4433-84e1-3811523181aa",
+            "link": "https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works",
+            "service": "SAP",
+            "services": [
+                "VM",
+                "VNet",
+                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Use Azure NAT Gateway instead of Load Balancer outbound rules for better SNAT scalability",
-            "waf": "Reliability"
+            "severity": "Medium",
+            "text": "You can use application security group (ASG) and NSG rules to define network security access-control lists between the SAP application and DBMS layers. ASGs group virtual machines to help manage their security.",
+            "training": "https://learn.microsoft.com/training/modules/configure-network-security-groups/?source=recommendations",
+            "waf": "Security"
         },
         {
-            "ammp": true,
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "graph": "cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId",
-            "guid": "af95c92d-d723-4f4a-98d7-8722324efd4d",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates",
-            "service": "Front Door",
+            "guid": "45bbe609-d8a0-43e9-9778-424d616785d6",
+            "link": "https://me.sap.com/notes/2015553",
+            "service": "SAP",
             "services": [
-                "AKV",
-                "Cost",
-                "FrontDoor",
+                "VNet",
+                "SAP",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals.",
-            "waf": "Operations"
+            "text": "Placing of the SAP application layer and SAP DBMS in different Azure VNets that aren't peered isn't supported.",
+            "training": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-network-topology-and-connectivity",
+            "waf": "Performance"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "189ea962-3969-4863-8f5a-5ad808c2cf4b",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#define-your-waf-configuration-as-code",
-            "service": "Front Door",
+            "guid": "fa96c96a-d885-418f-9827-34c886ba2802",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/proximity-placement-scenarios",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
+                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Define your Azure Front Door WAF configuration as code. By using code, you can more easily adopt new rule set version and gain additional protection.",
-            "waf": "Operations"
+            "text": "For optimal network latency with SAP applications, consider using Azure proximity placement groups.",
+            "training": "https://learn.microsoft.com/azure/virtual-machines/co-location#planned-maintenance-and-proximity-placement-groups",
+            "waf": "Performance"
         },
         {
-            "ammp": true,
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "2e30abab-5478-417c-81bf-bf1ad4ed1ed4",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-end-to-end-tls",
-            "service": "Front Door",
+            "guid": "18c8b61c-855a-4405-b6ed-266455e4f4ce",
+            "link": "https://me.sap.com/notes/2015553",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
+                "SAP",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Use end-to-end TLS with Azure Front Door. Use TLS for connections from your clients to Front Door, and from Front Door to your origin.",
-            "waf": "Security"
+            "text": "It is NOT supported at all to run an SAP Application Server layer and DBMS layer split between on-premise and Azure. Both layers need to completely reside either on-premise or in Azure.",
+            "training": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-network-topology-and-connectivity",
+            "waf": "Performance"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "10aa45af-166f-44c4-9f36-b6d592dac2ca",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-http-to-https-redirection",
-            "service": "Front Door",
+            "guid": "b65c878b-4b14-4f4e-92d8-d873936493f2",
+            "link": "https://me.sap.com/notes/2015553",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "VNet",
+                "SAP",
+                "WAF",
+                "Cost"
             ],
-            "severity": "Medium",
-            "text": "Use HTTP to HTTPS redirection with Azure Front Door. Support older clients by redirecting them to an HTTPS request automatically.",
-            "waf": "Security"
+            "severity": "High",
+            "text": "It isn't recommended to host the database management system (DBMS) and application layers of SAP systems in different VNets and connect them with VNet peering because of the substantial costs that excessive network traffic between the layers can produce. Recommend using subnets within the Azure virtual network to separate the SAP application layer and DBMS layer.",
+            "training": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-network-topology-and-connectivity",
+            "waf": "Cost"
         },
         {
-            "ammp": true,
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "28b9ee82-b2c7-45aa-bc98-6de6f59a095d",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#enable-the-waf",
-            "service": "Front Door",
+            "guid": "402a9846-d515-4061-aff8-cd30088693fa",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/high-availability-guide-rhel",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "WAF",
+                "LoadBalancer"
             ],
             "severity": "High",
-            "text": "Enable the Azure Front Door WAF. Protect your application from a range of attacks.",
-            "waf": "Security"
+            "text": "If using Load Balancer with Linux guest operating systems, check that the Linux network parameter net.ipv4.tcp_timestamps is set to 0.",
+            "training": "https://learn.microsoft.com/training/modules/implement-ha-sap-netweaver-anydb/?source=recommendations",
+            "waf": "Performance"
         },
         {
-            "ammp": true,
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "2902d8cc-1b0c-4495-afad-624ab70f7bd6",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#tune-your-waf",
-            "service": "Front Door",
+            "guid": "87585797-5551-4d53-bb7d-a94ee415734d",
+            "link": "https://learn.microsoft.com/azure/sap/workloads/rise-integration",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
+                "VNet",
+                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Tune the Azure Front Door WAF for your workload. Reduce false positive detections.",
+            "severity": "Medium",
+            "text": "For SAP RISE/ECS deployments, virtual peering is the preferred way to establish connectivity with customer's existing Azure environment. Both the SAP vnet and customer vnet(s) are protected with network security groups (NSG), enabling communication on SAP and database ports through the vnet peering",
             "waf": "Security"
         },
         {
-            "ammp": true,
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "17ba124b-127d-42b6-9322-388d5b2bbcfc",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/application-gateway-waf-request-size-limits#request-body-inspection",
-            "service": "Front Door",
+            "guid": "ff5136bd-dcf1-4d2b-ae52-39333efdf45a",
+            "link": "https://learn.microsoft.com/azure/backup/sap-hana-database-about",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
-                "AzurePolicy",
-                "WAF"
+                "VM",
+                "SAP",
+                "WAF",
+                "Backup"
             ],
             "severity": "High",
-            "text": "Enable request body inspection feature enabled in Azure Front Door WAF policy.",
-            "waf": "Security"
+            "text": "Review SAP HANA database backups for Azure VMs.",
+            "waf": "Cost"
         },
         {
-            "ammp": true,
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "49a98f2b-ec22-4a87-9415-6a10b00d6555",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#enable-default-rule-sets",
-            "service": "Front Door",
+            "guid": "cafde29d-a0af-4bcd-87c0-0f299d63f0e8",
+            "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-monitor-and-troubleshoot",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "Monitor",
+                "SAP",
+                "WAF",
+                "ASR"
             ],
-            "severity": "High",
-            "text": "Enable the Azure Front Door WAF default rule sets. The default rule sets detect and block common attacks.",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Review Site Recovery built-in monitoring, where used for SAP.",
+            "waf": "Cost"
         },
         {
-            "ammp": true,
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "147a13d4-2a2f-4824-a524-f5855b52b946",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#enable-bot-management-rules",
-            "service": "Front Door",
+            "guid": "82d7b8de-d3f1-44a0-830b-38e200e82acf",
+            "link": "https://help.sap.com/docs/SAP_HANA_PLATFORM/c4d7c773af4a4e5dbebb6548d6e2d4f4/e3111d2ebb5710149510cc120646bf3f.html?locale=en-US",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
+                "Monitor",
+                "SAP",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Enable the Azure Front Door WAF bot protection rule set. The bot rules detect good and bad bots.",
-            "waf": "Security"
+            "text": "Review the Monitoring the SAP HANA System Landscape guidance.",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "d7dcdcb9-0d99-44b9-baab-ac7570ede79a",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#use-the-latest-ruleset-versions",
-            "service": "Front Door",
+            "guid": "c823873a-2bec-4c2a-b684-a1ce8ae80efd",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/workloads/oracle/oracle-database-backup-strategies",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "VM",
+                "WAF",
+                "Backup"
             ],
             "severity": "Medium",
-            "text": "Use the latest Azure Front Door WAF rule set version. Rule set updates are regularly updated to take account of the current threat landscape.",
-            "waf": "Security"
+            "text": "Review Oracle Database in Azure Linux VM backup strategies.",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "b9620385-1cde-418f-914b-a84a06982ffc",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#add-rate-limiting",
-            "service": "Front Door",
+            "guid": "2943b6d8-1d31-4e19-ade7-78e6b26d1962",
+            "link": "https://learn.microsoft.com/sql/relational-databases/tutorial-use-azure-blob-storage-service-with-sql-server-2016?view=sql-server-ver16",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
+                "Storage",
+                "SQL",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Add rate limiting to the Azure Front Door WAF. Rate limiting blocks clients accidentally or intentionally sending large amounts of traffic in a short period of time.",
-            "waf": "Security"
+            "text": "Review the use of Azure Blob Storage with SQL Server 2016.",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "6dc36c52-0124-4ffe-9eaf-23ec1282dedb",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#use-a-high-threshold-for-rate-limits",
-            "service": "Front Door",
+            "guid": "b82e650f-676d-417d-994d-fc33ca54ec14",
+            "link": "https://learn.microsoft.com/azure/azure-sql/virtual-machines/windows/automated-backup?view=azuresql",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "VM",
+                "WAF",
+                "Backup"
             ],
             "severity": "Medium",
-            "text": "Use a high threshold for Azure Front Door WAF rate limits. High rate limit thresholds avoid blocking legitimate traffic, while still providing protection against extremely high numbers of requests that might overwhelm your infrastructure. ",
-            "waf": "Security"
+            "text": "Review the use of Automated Backup v2 for Azure VMs.",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "388a3d0e-0a43-4367-90b2-3dd2aeece5ee",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#geo-filter-traffic",
-            "service": "Front Door",
+            "guid": "347c2dcc-e6eb-4b04-80c5-628b171aa62d",
+            "service": "SAP",
             "services": [
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "If you are not expecting traffic from all geographical regions, use geo-filters to block traffic from non-expected countries.",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Enabling Write accelerator for M series when using premium disks(V1)",
+            "waf": "Operations"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "00acd8a9-6975-414f-8491-2be6309893b8",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#specify-the-unknown-zz-location",
-            "service": "Front Door",
+            "guid": "b96512cf-996f-4b17-b9b8-6b16db1a2a94",
+            "link": "https://github.com/Azure/SAP-on-Azure-Scripts-and-Utilities/tree/main/AvZone-Latency-Test",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Specify the unknown (ZZ) location when geo-filtering traffic with the Azure Front Door WAF. Avoid accidentally blocking legitimate requests when IP addresses can't be geo-matched.",
-            "waf": "Security"
+            "text": "Test availability zone latency.",
+            "waf": "Performance"
         },
         {
-            "ammp": true,
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "graph": "resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id",
-            "guid": "2f8e81eb-8e68-4026-8b1f-70f9b05f7cf9",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection",
-            "service": "App Gateway",
+            "guid": "9fd7ffd4-da11-49f6-a374-8d03e94c511d",
+            "link": "https://support.sap.com/en/offerings-programs/support-services/earlywatch-alert.html",
+            "service": "SAP",
             "services": [
-                "AppGW",
+                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Enable the Azure Application Gateway WAF bot protection rule set The bot rules detect good and bad bots.",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Activate SAP EarlyWatch Alert for all SAP components.",
+            "training": "https://help.sap.com/docs/SUPPORT_CONTENT/techops/3362700736.html",
+            "waf": "Performance"
         },
         {
-            "ammp": true,
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "8ea8e0d4-84e8-4b33-aeab-493f6391b4d6",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/application-gateway-waf-request-size-limits#request-body-inspection",
-            "service": "App Gateway",
+            "guid": "b9b140cf-413a-483d-aad2-8802c4e3c017",
+            "link": "https://techcommunity.microsoft.com/t5/running-sap-applications-on-the/sap-on-azure-general-update-march-2019/ba-p/377456",
+            "service": "SAP",
             "services": [
-                "AppGW",
-                "AzurePolicy",
+                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Enable request body inspection feature enabled in Azure Application Gateway WAF policy.",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Review SAP application server to database server latency using SAP ABAPMeter report /SSA/CAT.",
+            "training": "https://me.sap.com/notes/0002879613",
+            "waf": "Performance"
         },
         {
-            "ammp": true,
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "a4dd86d3-5ffa-408c-b660-cce073d085b8",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/best-practices#tune-your-waf",
-            "service": "App Gateway",
+            "guid": "62fbf0f8-51db-49e1-a961-bb5df7a35f80",
+            "service": "SAP",
             "services": [
-                "AppGW",
+                "Monitor",
+                "SQL",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Tune the Azure Application Gateway WAF for your workload. Reduce false positive detections.",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Review SQL Server performance monitoring using CCMS.",
+            "waf": "Performance"
         },
         {
-            "ammp": true,
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "graph": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode",
-            "guid": "baf8e317-2397-4d49-b3d1-0dcc16d8778d",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings",
-            "service": "App Gateway",
+            "guid": "35709da7-fc7d-4efe-bb20-2e91547b7390",
+            "link": "https://me.sap.com/notes/500235",
+            "service": "SAP",
             "services": [
-                "AppGW",
-                "AzurePolicy",
+                "VM",
+                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Deploy your WAF policy for Application Gateway in 'Prevention' mode.",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Test network latency between SAP application layer VMs and DBMS VMs (NIPING).",
+            "training": "https://me.sap.com/notes/1100926/E",
+            "waf": "Performance"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "43fae595-8a32-4299-a69e-0f32c454dcc9",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/rate-limiting-overview",
-            "service": "App Gateway",
+            "guid": "9e9bb4c8-e934-4e4b-a13c-6f7c7c38eb43",
+            "link": "https://learn.microsoft.com/en-us/azure/sap/large-instances/hana-monitor-troubleshoot",
+            "service": "SAP",
             "services": [
-                "AppGW",
+                "Monitor",
+                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Add rate limiting to the Azure Application Gateway WAF. Rate limiting blocks clients accidentally or intentionally sending large amounts of traffic in a short period of time.",
-            "waf": "Security"
+            "text": "Review SAP HANA studio alerts.",
+            "waf": "Performance"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "041e0ad8-7b12-4694-a0b7-a0e25ee2470f",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/rate-limiting-overview#rate-limiting-details",
-            "service": "App Gateway",
+            "guid": "f1a92ab5-9509-4b57-86ff-b0ade361b694",
+            "link": "https://me.sap.com/notes/1969700",
+            "service": "SAP",
             "services": [
-                "AppGW",
+                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use a high threshold for Azure Application Gateway WAF rate limits. High rate limit thresholds avoid blocking legitimate traffic, while still providing protection against extremely high numbers of requests that might overwhelm your infrastructure. ",
-            "waf": "Security"
+            "text": "Perform SAP HANA health checks using HANA_Configuration_Minichecks.",
+            "waf": "Performance"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "99937189-ff78-492a-b9ca-18d828d82b37",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/best-practices#geo-filtering-best-practices",
-            "service": "App Gateway",
+            "guid": "18dffcf3-248c-4039-a67c-dec8e3a5f804",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/sap-lza-security-operations",
+            "service": "SAP",
             "services": [
+                "VM",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "If you are not expecting traffic from all geographical regions, use geo-filters to block traffic from non-expected countries.",
+            "severity": "Medium",
+            "text": "If you run Windows and Linux VMs in Azure, on-premises, or in other cloud environments, you can use the Update management center in Azure Automation to manage operating system updates, including security patches.",
+            "training": "https://learn.microsoft.com/azure/automation/update-management/overview",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "349a15c1-52f4-4319-9078-3895d95ecafd",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/geomatch-custom-rules",
-            "service": "App Gateway",
+            "guid": "08951710-79a2-492a-adbc-06d7a401545b",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/sap-lza-security-operations",
+            "service": "SAP",
             "services": [
-                "AppGW",
+                "SAP",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Specify the unknown (ZZ) location when geo-filtering traffic with the Azure Application Gateway WAF. Avoid accidentally blocking legitimate requests when IP addresses can't be geo-matched.",
+            "text": "Routinely review the SAP security OSS notes because SAP releases highly critical security patches, or hot fixes, that require immediate action to protect your SAP systems.",
+            "training": "https://support.sap.com/en/my-support/knowledge-base/security-notes-news.html",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "6c19dfd5-a61c-436c-9001-491b9b3d0228",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/best-practices#use-the-latest-ruleset-versions",
-            "service": "App Gateway",
+            "guid": "1b8b394e-ae64-4a74-8933-357b523ea0a0",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/sap-lza-database-security",
+            "service": "SAP",
             "services": [
-                "AppGW",
+                "SAP",
+                "SQL",
                 "WAF"
-            ],
-            "severity": "Medium",
-            "text": "Use the latest Azure Application Gateway WAF rule set version. Rule set updates are regularly updated to take account of the current threat landscape.",
+            ],
+            "severity": "Low",
+            "text": "For SAP on SQL Server, you can disable the SQL Server system administrator account because the SAP systems on SQL Server don't use the account. Ensure that another user with system administrator rights can access the server before disabling the original system administrator account.",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "f84106a2-2e9e-42ac-add6-d3416ecfed53",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/best-practices#add-diagnostic-settings-to-save-your-wafs-logs",
-            "service": "App Gateway",
+            "guid": "5a76a033-ced9-4eef-9a43-5e4f96634c8e",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/sap-lza-database-security",
+            "service": "SAP",
             "services": [
-                "AppGW",
+                "SQL",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Add diagnostic settings to save your Azure Application Gateway WAF logs.",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Disable xp_cmdshell. The SQL Server feature xp_cmdshell enables a SQL Server internal operating system command shell. It's a potential risk in security audits.",
+            "training": "https://me.sap.com/notes/3019299/E",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "4cea4050-7946-4a7c-89e6-b021b73c352d",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#add-diagnostic-settings-to-save-your-wafs-logs",
-            "service": "Front Door",
+            "guid": "cf65de8e-1309-4ccc-b579-266bcca275fa",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-security-governance-and-compliance",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "Storage",
+                "WAF",
+                "Backup",
+                "SAP",
+                "SQL"
             ],
-            "severity": "Medium",
-            "text": "Add diagnostic settings to save your Azure Front Door WAF logs.",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Encrypting SAP HANA database servers on Azure uses SAP HANA native encryption technology. Additionally, if you are using SQL Server on Azure, use Transparent Data Encryption (TDE) to protect your data and log files and ensure that your backups are also encrypted.",
+            "training": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/sap-lza-database-security",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "92664c60-47e3-4591-8b1b-8d557656e686",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/best-practices#send-logs-to-microsoft-sentinel",
-            "service": "App Gateway",
+            "guid": "a1abfe9d-55d0-44c3-a491-9cb1b3d1325a",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
+            "service": "SAP",
             "services": [
-                "Sentinel",
-                "AppGW",
+                "Storage",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Send Azure Application Gateway WAF logs to Microsoft Sentinel.",
-            "waf": "Operations"
+            "text": "Azure Storage encryption is enabled for all Azure Resource Manager and classic storage accounts, and can't be disabled. Because your data is encrypted by default, you don't need to modify your code or applications to use Azure Storage encryption.",
+            "training": "https://learn.microsoft.com/training/modules/encrypt-sector-data/?source=recommendations",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "845f5f91-9c21-4674-a725-5ce890850e20",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#send-logs-to-microsoft-sentinel",
-            "service": "Front Door",
+            "guid": "ce9bd3bb-0cdb-43b5-9eb2-ec14eeaa3592",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/overview",
+            "service": "SAP",
             "services": [
-                "Sentinel",
-                "FrontDoor",
-                "WAF"
+                "WAF",
+                "AKV"
             ],
-            "severity": "Medium",
-            "text": "Send Azure Front Door WAF logs to Microsoft Sentinel.",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Use Azure Key Vault to store your secrets and credentials",
+            "training": "https://learn.microsoft.com/training/modules/manage-secrets-with-azure-key-vault/?source=recommendations",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "ba0e9b26-6e0d-4ec8-8541-023c00afd5b7",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/best-practices#define-your-waf-configuration-as-code",
-            "service": "App Gateway",
+            "guid": "829e2edb-2173-4676-aff6-691b4935ada4",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/lock-resources?tabs=json",
+            "service": "SAP",
             "services": [
-                "AppGW",
-                "WAF"
+                "RBAC",
+                "WAF",
+                "Subscriptions",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "Define your Azure Application Gateway WAF configuration as code. By using code, you can more easily adopt new rule set version and gain additional protection.",
-            "waf": "Operations"
+            "text": "It is recommended to LOCK the Azure Resources post successful deployment to safeguard against unauthorized changes. You can also enforce LOCK constraints and rules on your per-subscription basis using customized Azure policies(Custome role).",
+            "training": "https://learn.microsoft.com/training/modules/use-azure-resource-manager/?source=recommendations",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "f17ec301-8470-4afd-aabc-c1fdfe47dcc0",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/policy-overview",
-            "service": "App Gateway",
+            "guid": "2223ece8-1b12-4318-8a54-17415833fb4a",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/soft-delete-overview",
+            "service": "SAP",
             "services": [
-                "AzurePolicy",
-                "WAF"
+                "WAF",
+                "AKV",
+                "AzurePolicy"
             ],
             "severity": "Medium",
-            "text": "Use WAF Policies instead of the legacy WAF configuration.",
-            "waf": "Operations"
+            "text": "Provision Azure Key Vault with the soft delete and purge policies enabled to allow retention protection for deleted objects.",
+            "training": "https://learn.microsoft.com/training/modules/manage-secrets-with-azure-key-vault/?source=recommendations",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "d4eb8667-f8cb-4cdd-94e6-2f967ba98f88",
-            "link": "https://learn.microsoft.com/azure/virtual-wan/scenario-secured-hub-app-gateway",
-            "service": "App Gateway",
+            "guid": "e3c2df74-3165-4c3a-abe0-5bbe209d490d",
+            "link": "https://learn.microsoft.com/azure/role-based-access-control/security-controls-policy",
+            "service": "SAP",
             "services": [
-                "AppGW",
-                "VPN",
-                "ExpressRoute",
-                "VNet",
-                "WAF"
+                "RBAC",
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Medium",
-            "text": "Filter inbound traffic in the backends so that they only accept connections from the Application Gateway subnet, for example with NSGs.",
+            "severity": "High",
+            "text": "Based on existing requirements, regulatory and compliance controls (internal/external) - Determine what Azure Policies and Azure RBAC role are needed",
+            "training": "https://learn.microsoft.com/training/paths/describe-azure-management-governance/?source=recommendations",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
             "checklist": "WAF checklist",
-            "guid": "7d3df025-59a3-447d-ac25-3f5750d35de1",
-            "link": "https://learn.microsoft.com/azure/frontdoor/origin-security?tabs=app-service-functions",
-            "service": "Front Door",
+            "guid": "a4777842-4d11-4678-9d2f-a56c56ad4840",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-security-governance-and-compliance",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
-                "WAF"
+                "Defender",
+                "Storage",
+                "WAF",
+                "SAP"
             ],
-            "severity": "Medium",
-            "text": "Make sure your origins only take traffic from your Azure Front Door instance.",
+            "severity": "High",
+            "text": "When enabling Microsoft Defender for Endpoint on SAP environment, recommend excluding data and log files on DBMS servers instead of targeting all servers. Follow your DBMS vendor's recommendations when excluding target files.",
+            "training": "https://techcommunity.microsoft.com/t5/running-sap-applications-on-the/microsoft-defender-endpoint-mde-for-sap-applications-on-windows/ba-p/3912268",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "a66f0fd8-2ca4-422e-8df3-235148127ca2",
-            "link": "https://learn.microsoft.com/azure/application-gateway/ssl-overview",
-            "service": "App Gateway",
+            "guid": "8fe72734-c486-4ba2-a0dc-0591cf65de8e",
+            "link": "https://learn.microsoft.com/azure/defender-for-cloud/just-in-time-access-overview?tabs=defender-for-container-arch-aks",
+            "service": "SAP",
             "services": [
+                "Defender",
+                "RBAC",
+                "SAP",
                 "WAF"
             ],
             "severity": "High",
-            "text": "You should encrypt traffic to the backend servers.",
+            "text": "Delegate an SAP admin custom role with just-in-time access of Microsoft Defender for Cloud.",
+            "training": "https://learn.microsoft.com/training/modules/secure-vms-with-azure-security-center/?source=recommendations",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "3dba65cb-834d-44d8-a3ca-a6aa2f1587be",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/overview",
-            "service": "App Gateway",
+            "guid": "1309cccd-5792-466b-aca2-75faa1abfe9d",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-security-governance-and-compliance",
+            "service": "SAP",
             "services": [
+                "SAP",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "You should use a Web Application Firewall.",
+            "severity": "Low",
+            "text": "encrypt data in transit by integrating the third-party security product with secure network communications (SNC) for DIAG (SAP GUI), RFC, and SPNEGO for HTTPS",
+            "training": "https://learn.microsoft.com/azure/security/fundamentals/encryption-overview#encryption-of-data-in-transit",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "0158fcb6-0bc1-4687-832f-cc7c359c22d2",
-            "link": "https://learn.microsoft.com/azure/application-gateway/redirect-overview",
-            "service": "App Gateway",
+            "guid": "eeaa3592-829e-42ed-a217-3676aff6691b",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-encryption-key-model-get?tabs=portal",
+            "service": "SAP",
             "services": [
-                "WAF"
+                "WAF",
+                "AKV"
             ],
             "severity": "Medium",
-            "text": "Redirect HTTP to HTTPS",
+            "text": "Default to Microsoft-managed keys for principal encryption functionality and use customer-managed keys when required.",
+            "training": "https://learn.microsoft.com/training/modules/manage-secrets-with-azure-key-vault/?source=recommendations",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "bb697864-1b4c-43af-8667-90cc69aaed5f",
-            "link": "https://learn.microsoft.com/azure/application-gateway/how-application-gateway-works#modifications-to-the-request",
-            "service": "App Gateway",
+            "guid": "4935ada4-2223-4ece-a1b1-23181a541741",
+            "link": "https://learn.microsoft.com/ja-jp/azure/key-vault/general/best-practices",
+            "service": "SAP",
             "services": [
-                "WAF"
+                "WAF",
+                "AKV"
             ],
-            "severity": "Medium",
-            "text": "Use gateway-managed cookies to direct traffic from a user session to the same server for processing",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Use an Azure Key Vault per application per environment per region.",
+            "training": "https://learn.microsoft.com/training/modules/manage-secrets-with-azure-key-vault/?source=recommendations",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "ff353ad8-15fb-4ae8-9fc5-a85a36d36a35",
-            "link": "https://learn.microsoft.com/azure/application-gateway/configuration-http-settings",
-            "service": "App Gateway",
+            "guid": "abc9634d-c44d-41e9-a530-e8444e16aa3c",
+            "link": "https://learn.microsoft.com/azure/key-vault/certificates/certificate-scenarios",
+            "service": "SAP",
             "services": [
-                "WAF"
+                "SAP",
+                "WAF",
+                "AKV"
             ],
             "severity": "High",
-            "text": "Enable connection draining during planned service updates to prevent connection loss to existing membrs of the backend pool",
+            "text": "To control and manage disk encryption keys and secrets for non-HANA Windows and non-Windows operating systems, use Azure Key Vault. SAP HANA isn't supported with Azure Key Vault, so you must use alternate methods like SAP ABAP or SSH keys.",
+            "training": "https://learn.microsoft.com/training/modules/configure-and-manage-azure-key-vault/?source=recommendations",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "c8741f03-45a4-4183-a6b8-139e0773b8b5",
-            "link": "https://learn.microsoft.com/azure/application-gateway/custom-error",
-            "service": "App Gateway",
+            "guid": "209d490d-a477-4784-84d1-16785d2fa56c",
+            "link": "https://learn.microsoft.com/azure/role-based-access-control/built-in-roles",
+            "service": "SAP",
             "services": [
-                "WAF"
+                "RBAC",
+                "SAP",
+                "WAF",
+                "Subscriptions"
             ],
-            "severity": "Low",
-            "text": "Create custom error pages to display a personalized user experience",
-            "waf": "Operations"
+            "severity": "High",
+            "text": "Customize role-based access control (RBAC) roles for SAP on Azure spoke subscriptions to avoid accidental network-related changes",
+            "training": "https://learn.microsoft.com/training/modules/secure-azure-resources-with-rbac/?source=recommendations",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "f850d46f-f5d7-4b17-b48c-a780741402e1",
-            "link": "https://learn.microsoft.com/azure/application-gateway/rewrite-http-headers-url",
-            "service": "App Gateway",
+            "guid": "56ad4840-8fe7-4273-9c48-6ba280dc0591",
+            "link": "https://blogs.sap.com/2019/07/21/sap-security-operations-on-azure/",
+            "service": "SAP",
             "services": [
-                "WAF"
+                "SAP",
+                "NVA",
+                "WAF",
+                "PrivateLink"
             ],
-            "severity": "Medium",
-            "text": "Edit HTTP requests and response headers for easier routing and information exchange between the client and server",
+            "severity": "High",
+            "text": "Isolate DMZs and NVAs from the rest of the SAP estate, configure Azure Private Link, and securely manage and control the SAP on Azure resources",
+            "training": "https://learn.microsoft.com/azure/architecture/reference-architectures/dmz/secure-vnet-dmz?tabs=portal",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "eadc3164-4a0f-461c-85f1-1a372c04dfd1",
-            "link": "https://learn.microsoft.com/azure/frontdoor/front-door-overview",
-            "service": "App Gateway",
+            "guid": "e124ba34-df68-45ed-bce9-bd3bb0cdb3b5",
+            "link": "https://learn.microsoft.com/en-us/training/modules/secure-vms-with-azure-security-center/?source=recommendations",
+            "service": "SAP",
             "services": [
-                "FrontDoor",
+                "VM",
+                "Storage",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Configure Front Door to optimize global web traffic routing and top-tier end-user performance, and reliability through quick global failover",
-            "waf": "Performance"
+            "severity": "Low",
+            "text": "Consider using Microsoft anti-malware software on Azure to protect your virtual machines from malicious files, adware, and other threats.",
+            "training": "https://azure.microsoft.com/blog/deploying-antimalware-solutions-on-azure-virtual-machines/",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "29dcc19f-a8fa-4c35-8281-290577538793",
-            "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-overview",
-            "service": "App Gateway",
+            "guid": "5eb2ec14-eeaa-4359-8829-e2edb2173676",
+            "link": "https://learn.microsoft.com/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide",
+            "service": "SAP",
             "services": [
+                "Defender",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Use transport layer load balancing",
-            "waf": "Performance"
+            "severity": "Low",
+            "text": "For even more powerful protection, consider using Microsoft Defender for Endpoint.",
+            "training": "https://learn.microsoft.com/training/modules/implement-endpoint-protection-use-microsoft-defender/?source=recommendations",
+            "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "276898c1-af5e-4819-9e8e-049c7801ab9d",
-            "link": "https://learn.microsoft.com/azure/application-gateway/multiple-site-overview",
-            "service": "App Gateway",
+            "guid": "87a924c4-25c2-419f-a2f0-96c7c4fe4525",
+            "link": "https://learn.microsoft.com/azure/architecture/guide/sap/sap-whole-landscape",
+            "service": "SAP",
             "services": [
+                "VNet",
+                "SAP",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Configure routing based on host or domain name for multiple web applications on a single gateway",
+            "severity": "High",
+            "text": "Isolate the SAP application and database servers from the internet or from the on-premises network by passing all traffic through the hub virtual network, which is connected to the spoke network by virtual network peering. The peered virtual networks guarantee that the SAP on Azure solution is isolated from the public internet.",
+            "training": "https://learn.microsoft.com/training/modules/explore-azure-networking/?source=recommendations",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
             "checklist": "WAF checklist",
-            "guid": "5fe365b6-58e8-47ed-a8cf-5163850380a2",
-            "link": "https://learn.microsoft.com/azure/application-gateway/create-ssl-portal",
-            "service": "App Gateway",
+            "guid": "491ca1c4-3d40-42c0-9d85-b8933999590b",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/scenarios/sap/eslz-security-governance-and-compliance",
+            "service": "SAP",
             "services": [
-                "Entra",
+                "SAP",
                 "WAF"
             ],
+            "severity": "Low",
+            "text": "For internet-facing applications like SAP Fiori, make sure to distribute load per application requirements while maintaining security levels. For Layer 7 security, you can use a third-party Web Application Firewall (WAF) available in the Azure Marketplace.",
+            "training": "https://learn.microsoft.com/training/modules/simplify-cloud-procurement-governance-azure-marketplace/?source=recommendations",
+            "waf": "Security"
+        },
+        {
+            "checklist": "WAF checklist",
+            "guid": "9fc945b9-0527-47af-8200-9d652fe02fcc",
+            "link": "https://learn.microsoft.com/azure/sap/monitor/enable-tls-azure-monitor-sap-solutions",
+            "service": "SAP",
+            "services": [
+                "Monitor",
+                "SAP",
+                "WAF",
+                "AKV"
+            ],
             "severity": "Medium",
-            "text": "Centralize SSL certificate management to reduce encryption and decryption overhead from a backend server farm",
+            "text": "To enable secure communication in Azure Monitor for SAP solutions, you can choose to use either a root certificate or a server certificate. We highly recommend that you use root certificates.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-monitoring-sap-workloads-azure-virtual-machines/?source=recommendations",
             "waf": "Security"
         },
         {
-            "arm-service": "microsoft.network/applicationGateways",
+            "arm-service": "microsoft.cache/redis",
             "checklist": "WAF checklist",
-            "guid": "fa64b4dd-35c2-4047-ac5c-45dfbf8b0db9",
-            "link": "https://learn.microsoft.com/azure/application-gateway/application-gateway-websocket",
-            "service": "App Gateway",
+            "guid": "65285269-440b-44be-9d3e-0844276d4bdc",
+            "link": "https://learn.microsoft.com/azure/azure-cache-for-redis/cache-how-to-zone-redundancy",
+            "service": "Redis",
             "services": [
-                "AppGW",
+                "ACR",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Use Application Gateway for native support for WebSocket and HTTP/2 protocols",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Enable zone redundancy for Azure Cache for Redis. Azure Cache for Redis supports zone redundant configurations in the Premium and Enterprise tiers. A zone redundant cache can place its nodes across different Azure Availability Zones in the same region. It eliminates data center or AZ outage as a single point of failure and increases the overall availability of your cache.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.DBforPostgreSQL/servers",
+            "arm-service": "microsoft.cache/redis",
             "checklist": "WAF checklist",
-            "guid": "65285269-441c-44bf-9d3e-0844276d4bdc",
-            "link": "https://learn.microsoft.com/azure/postgresql/flexible-server/overview",
-            "service": "PostgreSQL",
+            "guid": "bc178bdc-5a06-4ca7-8443-51e19dd34429",
+            "link": "https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-high-availability#persistence",
+            "service": "Redis",
             "services": [
+                "Storage",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Leverage Flexible Server",
+            "text": "Configure data persistence for an Azure Cache for Redis instance. Because your cache data is stored in memory, a rare and unplanned failure of multiple nodes can cause all the data to be dropped. To avoid losing data completely, Redis persistence allows you to take periodic snapshots of in-memory data, and store it to your storage account.",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.DBforPostgreSQL/servers",
+            "arm-service": "microsoft.cache/redis",
             "checklist": "WAF checklist",
-            "guid": "016ccf31-ae5a-41eb-9888-9535e227896d",
-            "link": "https://learn.microsoft.com/azure/postgresql/flexible-server/overview#architecture-and-high-availability",
-            "service": "PostgreSQL",
+            "guid": "eb722823-7a15-41c5-ab4e-4f1814387e5c",
+            "link": "https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-high-availability#storage-account-for-persistence",
+            "service": "Redis",
             "services": [
+                "Storage",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Leverage Availability Zones where regionally applicable",
+            "severity": "Medium",
+            "text": "Use Geo-redundant storage account to persist Azure Cache for Redis data, or zonally redundant where geo-redundancy is not available",
             "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.DBforPostgreSQL/servers",
+            "arm-service": "microsoft.cache/redis",
             "checklist": "WAF checklist",
-            "guid": "31b67c67-be59-4519-8083-845d587cb391",
-            "link": "https://learn.microsoft.com/azure/postgresql/single-server/concepts-business-continuity#cross-region-read-replicas",
-            "service": "PostgreSQL",
+            "guid": "a8c26c9b-32ab-45bd-bc69-98a135e33789",
+            "link": "https://learn.microsoft.com/azure/azure-cache-for-redis/cache-how-to-geo-replication",
+            "service": "Redis",
             "services": [
+                "ASR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Leverage cross-region read replicas for BCDR",
+            "text": "Configure passive geo-replication for Premium Azure Cache for Redis instances. Geo-replication is a mechanism for linking two or more Azure Cache for Redis instances, typically spanning two Azure regions. Geo-replication is designed mainly for cross-region disaster recovery. Two Premium tier cache instances are connected through geo-replication in a way that provides reads and writes to your primary cache, and that data is replicated to the secondary cache.",
             "waf": "Reliability"
         },
         {
@@ -34071,8 +37590,8 @@
             "link": "https://learn.microsoft.com/azure/data-factory/source-control",
             "service": "Azure Data Factory",
             "services": [
-                "Backup",
-                "WAF"
+                "WAF",
+                "Backup"
             ],
             "severity": "Medium",
             "text": "Use DevOps to Backup the ARM templates with Github/Azure DevOps integration ",
@@ -34114,986 +37633,1019 @@
             "link": "https://learn.microsoft.com/azure/key-vault/general/disaster-recovery-guidance",
             "service": "Azure Data Factory",
             "services": [
-                "AKV",
-                "WAF"
+                "WAF",
+                "AKV"
             ],
             "severity": "Low",
             "text": "If using Keyvault integration, use SLA of Keyvault to understand your availablity",
             "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.DBforMySQL/servers",
             "checklist": "WAF checklist",
-            "description": "Disable image export to prevent data exfiltration. Note that this will prevent image import of images into another ACR instance.",
-            "guid": "ab91932c-9fc9-4d1b-a880-37f5e6bfcb9e",
-            "link": "https://learn.microsoft.com/azure/container-registry/data-loss-prevention",
-            "service": "ACR",
+            "guid": "388c3e25-e800-4ad2-9df3-f3d6ae1050b7",
+            "link": "https://learn.microsoft.com/azure/mysql/flexible-server/overview",
+            "service": "Azure MySQL",
             "services": [
-                "ACR",
                 "WAF"
             ],
-            "severity": "High",
-            "text": "Disable Azure Container Registry image export",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Leverage Flexible Server",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.DBforMySQL/servers",
             "checklist": "WAF checklist",
-            "description": "Enable audit compliance visibility by enabling Azure Policy for Azure Container Registry",
-            "guid": "d503547c-d447-4e82-9128-a7100f1cac6d",
-            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-azure-policy",
-            "service": "ACR",
+            "guid": "de3aad1e-8c38-4ec9-9666-7313c005674b",
+            "link": "https://learn.microsoft.com/azure/mysql/flexible-server/overview#high-availability-within-and-across-availability-zones",
+            "service": "Azure MySQL",
             "services": [
-                "ACR",
-                "AzurePolicy",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Enable Azure Policies for Azure Container Registry",
-            "waf": "Security"
+            "text": "Leverage Availability Zones where regionally applicable",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.DBforMySQL/servers",
             "checklist": "WAF checklist",
-            "description": "The Azure Key Vault (AKV) is used to store a signing key that can be utilized by?notation?with the notation AKV plugin (azure-kv) to sign and verify container images and other artifacts. The Azure Container Registry (ACR) allows you to attach these signatures using the?az?or?oras?CLI commands.",
-            "guid": "d345293c-7639-4637-a551-c5c04e401955",
-            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-tutorial-sign-build-push",
-            "service": "ACR",
+            "guid": "1e944a45-9c37-43e7-bd61-623b365a917e",
+            "link": "https://learn.microsoft.com/azure/mysql/flexible-server/overview#setup-hybrid-or-multi-cloud-data-synchronization-with-data-in-replication",
+            "service": "Azure MySQL",
             "services": [
-                "AKV",
-                "ACR",
                 "WAF"
             ],
+            "severity": "Medium",
+            "text": "Leverage Data-in replication for cross-region DR scenarios",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "WAF checklist",
+            "guid": "6d37a33b-531c-4a91-871a-b69d8044f04e",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "services": [
+                "WAF",
+                "AKV",
+                "Backup"
+            ],
             "severity": "High",
-            "text": "Sign and Verify containers with notation (Notary v2)",
-            "waf": "Security"
+            "text": "Familiarize yourself with the Key Vault's best practices such as isolation recommendations, access control, data protection, backup, and logging.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "description": "Azure Container Registry automatically encrypts images and other artifacts that you store. By default, Azure automatically encrypts the registry content at rest by using service-managed keys. By using a customer-managed key, you can supplement default encryption with an additional encryption layer.",
-            "guid": "0bd05dc2-efd5-4d76-8d41-d2500cc47b49",
-            "link": "https://learn.microsoft.com/azure/container-registry/tutorial-customer-managed-keys",
-            "service": "ACR",
+            "guid": "7ba4d380-7b9e-4a8b-a0c3-2d8e49c11872",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/disaster-recovery-guidance",
+            "service": "Key Vault",
             "services": [
                 "ACR",
-                "AKV",
-                "WAF"
+                "WAF",
+                "AKV"
             ],
             "severity": "Medium",
-            "text": "Encrypt registry with a customer managed key",
-            "waf": "Security"
+            "text": "Key Vault is a managed service and Microsoft will handle the failover within and across region. Familiarize yourself with the Key Vault's availability and redundancy.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "description": "Use managed identities to secure ACRPull/Push RBAC access from client applications",
-            "guid": "8f42d78e-79dc-47b3-9bd2-a1a27e7a8e90",
-            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-authentication-managed-identity",
-            "service": "ACR",
+            "guid": "17fb86a2-eb45-42a4-9c34-52b92a2a1842",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/disaster-recovery-guidance#data-replication",
+            "service": "Key Vault",
             "services": [
-                "Entra",
-                "RBAC",
-                "ACR",
-                "WAF"
+                "WAF",
+                "AKV"
             ],
-            "severity": "High",
-            "text": "Use Managed Identities to connect instead of Service Principals",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "The contents of your key vault are replicated within the region and to a secondary region at least 150 miles away, but within the same geography to maintain high durability of your keys and secrets. Familiarize yourself with the Key Vault's data replication.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "WAF checklist",
+            "guid": "614682ca-6e0c-4f34-9f03-c6d3f2b99a32",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/disaster-recovery-guidance#failover-across-regions",
+            "service": "Key Vault",
+            "services": [
+                "WAF",
+                "AKV",
+                "AzurePolicy"
+            ],
+            "severity": "Medium",
+            "text": "During failover, access policy or firewall configurations and settings can't be changed. The key vault will be in read-only mode during failover. Familiarize yourself with the Key Vault's failover guidance.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "WAF checklist",
+            "guid": "9ef2b0d2-3206-4c94-b47a-4f07e6a1c509",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/backup?tabs=azure-cli#design-considerations",
+            "service": "Key Vault",
+            "services": [
+                "Storage",
+                "WAF",
+                "Subscriptions",
+                "AKV",
+                "Backup"
+            ],
+            "severity": "Medium",
+            "text": "When you back up a key vault object, such as a secret, key, or certificate, the backup operation will download the object as an encrypted blob. This blob can't be decrypted outside of Azure. To get usable data from this blob, you must restore the blob into a key vault within the same Azure subscription and Azure geography. Familiarize yourself with the Key Vault's backup and restore guidance.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "description": "The local Administrator account is disabled by default and should not be enabled. Use either Token or RBAC-based access methods instead",
-            "guid": "be0e38ce-e297-411b-b363-caaab79b198d",
-            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-authentication-managed-identity",
-            "service": "ACR",
+            "guid": "2df045b1-c0f6-47d3-9a9b-99cf6999684e",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/soft-delete-overview",
+            "service": "Key Vault",
             "services": [
-                "RBAC",
-                "WAF"
+                "WAF",
+                "AKV"
             ],
             "severity": "High",
-            "text": "Disable local authentication for management plane access",
-            "waf": "Security"
+            "text": "If you want protection against accidental or malicious deletion of your secrets, configure soft-delete and purge protection features on your key vault.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "description": "Disable Administrator account and assign RBAC roles to principals for ACR Pull/Push operations",
-            "guid": "387e5ced-126c-4d13-8af5-b20c6998a646",
-            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-roles?tabs=azure-cli",
-            "service": "ACR",
+            "guid": "cbfa96b0-5249-4e6f-947c-d0e79509708c",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/soft-delete-overview",
+            "service": "Key Vault",
             "services": [
-                "Entra",
-                "RBAC",
-                "ACR",
-                "WAF"
+                "WAF",
+                "AKV"
             ],
-            "severity": "High",
-            "text": "Assign AcrPull & AcrPush RBAC roles rather than granting Administrative access to identity principals",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "Key Vault's soft-deleted resources are retained for a set period of 90 calendar days. Familiarize yourself with the Key Vault's soft-delete guidance.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "description": "Disable anonymous pull/push access",
-            "guid": "e338997e-41c7-47d7-acf6-a62a1194956d",
-            "link": "https://learn.microsoft.com/azure/container-registry/anonymous-pull-access#configure-anonymous-pull-access",
-            "service": "ACR",
+            "guid": "e8659d11-7e02-4db0-848c-c6541dbab68c",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/backup?tabs=azure-cli#limitations",
+            "service": "Key Vault",
             "services": [
-                "WAF"
+                "WAF",
+                "AKV",
+                "Backup"
             ],
-            "severity": "Medium",
-            "text": "Disable Anonymous pull access",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "Understand Key Vault's backup limitations. Key Vault does not support the ability to backup more than 500 past versions of a key, secret, or certificate object. Attempting to backup a key, secret, or certificate object may result in an error. It is not possible to delete previous versions of a key, secret, or certificate.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "description": "Token authentication doesn't support assignment to an AAD principal. Any tokens provided are able to be used by anyone who can access the token",
-            "guid": "698dc3a2-fd27-4b2e-8870-1a1252beedf6",
-            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-authentication?tabs=azure-cli",
-            "service": "ACR",
+            "guid": "45c25e29-d0ef-4f07-aa04-0f8c64cbcc04",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/backup?tabs=azure-cli#limitations",
+            "service": "Key Vault",
             "services": [
-                "Entra",
-                "WAF"
+                "WAF",
+                "AKV",
+                "Backup"
             ],
-            "severity": "High",
-            "text": "Disable repository-scoped access tokens",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "Key Vault doesn't currently provide a way to back up an entire key vault in a single operation and keys, secrets and certitificates must be backup indvidually. Familiarize yourself with the Key Vault's backup and restore guidance.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.KeyVault/vaults",
             "checklist": "WAF checklist",
-            "description": "Deploy container images to an ACR behind a Private endpoint within a trusted network",
-            "guid": "b3bec3d4-f343-47c1-936d-b55f27a71eee",
-            "service": "ACR",
+            "guid": "0f15640b-31e5-4de6-85a7-d2c652fa09d3",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/soft-delete-overview#purge-protection",
+            "service": "Key Vault",
             "services": [
-                "PrivateLink",
                 "EventHubs",
-                "ACR",
-                "WAF"
+                "WAF",
+                "AKV"
             ],
-            "severity": "High",
-            "text": "Deploy images from a trusted environment",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Purge protection is recommended when using keys for encryption to prevent data loss. Purge protection is an optional Key Vault behavior and is not enabled by default. Purge protection can only be enabled once soft-delete is enabled. It can be turned on via CLI, PowerShell or Portal.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.Compute/virtualMachineScaleSets",
             "checklist": "WAF checklist",
-            "description": "Only tokens with an ACR audience can be used for authentication. Used when enabling Conditional access policies for ACR",
-            "guid": "3a041fd3-2947-498b-8288-b3c6a56ceb54",
-            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-enable-conditional-access-policy",
-            "service": "ACR",
+            "description": "Automatic instance repairs ensure that unhealthy instances are promptly identified and replaced, maintaining a set of healthy instances within your scale set.",
+            "guid": "7e13c105-675c-41e9-95b4-59837ff7ae7c",
+            "link": "https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-automatic-instance-repairs",
+            "service": "VMSS",
             "services": [
-                "Entra",
-                "ACR",
-                "AzurePolicy",
+                "VM",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Disable Azure ARM audience tokens for authentication",
-            "waf": "Security"
+            "severity": "Low",
+            "text": "Enable automatic instance repairs for enhanced VM Scale Sets resiliency",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Set up a diagnostic setting to send 'repositoryEvents' & 'LoginEvents' to Log Analytics as the central destination for logging and monitoring. This allows you to monitor control plane activity on the ACR resource itself.",
-            "guid": "8a488cde-c486-42bc-9bd2-1be77f26e5e6",
-            "link": "https://learn.microsoft.com/azure/container-registry/monitor-service",
-            "service": "ACR",
+            "description": "Ensure that Azure Backup is utilized appropriately to meet your organization's resiliency requirements for Azure virtual machines (VMs).",
+            "guid": "4d874a74-8b66-42d6-b150-512a66498f6d",
+            "link": "https://learn.microsoft.com/azure/backup/backup-azure-vms-introduction",
+            "service": "VM",
             "services": [
-                "Entra",
-                "ACR",
-                "Monitor",
-                "WAF"
+                "VM",
+                "WAF",
+                "Backup"
             ],
-            "severity": "Medium",
-            "text": "Enable diagnostics logging",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Consider Azure Backup to meet your resiliency requirements for Azure VMs",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Service supports disabling public network access either through using service-level IP ACL filtering rule (not NSG or Azure Firewall) or using a 'Disable Public Network Access' toggle switch",
-            "guid": "21d41d25-00b7-407a-b9ea-b40fd3290798",
-            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-private-link",
-            "service": "ACR",
+            "description": "Single Instance VMs using Premium SSD or Ultra Disk for all Operating System Disks and Data Disks are guaranteed to have Virtual Machine Connectivity of at least 99.9%",
+            "guid": "8052d88e-79d1-47b7-9b22-a5a67e7a8ed4",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/disks-types",
+            "service": "VM",
             "services": [
-                "PrivateLink",
-                "VNet",
-                "Firewall",
+                "VM",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Control inbound network access with Private Link",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Use Premium or Ultra disks for production VMs",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Disable public network access if inbound network access is secured using Private Link",
-            "guid": "cd289ced-6b17-4db8-8554-62f2aee4553a",
-            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-access-selected-networks#disable-public-network-access",
-            "service": "ACR",
+            "description": "Azure automatically replicates managed disks within a region to ensure data durability and protect against single-point failures.",
+            "guid": "b31e38c3-f298-412b-8363-cffe179b599d",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/managed-disks-overview",
+            "service": "VM",
             "services": [
-                "PrivateLink",
+                "VM",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Disable Public Network access",
-            "waf": "Security"
+            "severity": "High",
+            "text": "Ensure Managed Disks are used for all VMs",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Only the ACR Premium SKU supports Private Link access",
-            "guid": "fc833934-8b26-42d6-ac5f-512925498f6d",
-            "link": "https://learn.microsoft.com/azure/container-registry/container-registry-skus",
-            "service": "ACR",
+            "description": "Temporary disks are intended for short-term storage of non-persistent data such as page files, swap files, or SQL Server tempdb. Storing persistent data on temporary disks can lead to data loss during maintenance events or VM redeployment.",
+            "guid": "e0d5973c-d4ce-432c-8881-37f6f7c4c0d4",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/managed-disks-overview#temporary-disk",
+            "service": "VM",
             "services": [
-                "PrivateLink",
-                "ACR",
+                "VM",
+                "Storage",
+                "SQL",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use an Azure Container Registry SKU that supports Private Link (Premium SKU)",
-            "waf": "Security"
+            "text": "Do not use the Temp disk for anything that is not acceptable to be lost",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Azure Defender for containers or equivalent service should be used to scan container images for vulnerabilities",
-            "guid": "bad37dac-43bc-46ce-8d7a-a9b24604489a",
-            "link": "https://learn.microsoft.com/azure/defender-for-cloud/defender-for-containers-introduction",
-            "service": "ACR",
+            "description": "Co-locate your compute, storage, networking, and data resources across an availability zone, and replicate this arrangement in other availability zones.",
+            "guid": "e514548d-2447-4ec6-9138-b8200f1ce16e",
+            "link": "https://learn.microsoft.com/azure/reliability/availability-zones-overview",
+            "service": "VM",
             "services": [
+                "VM",
                 "ACR",
-                "Defender",
+                "Storage",
                 "WAF"
             ],
-            "severity": "Low",
-            "text": "Enable Defender for Containers to scan Azure Container Registry for vulnerabilities",
-            "waf": "Security"
+            "severity": "Medium",
+            "text": "Leverage Availability Zones for your VMs in regions where they are supported",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Deploy trusted code that was validated and scanned for vulnerabilities according to DevSecOps practices.",
-            "guid": "4451e1a2-d345-4293-a763-9637a551c5c0",
-            "service": "ACR",
+            "description": "Use at least two VMs in Availability Sets to isolate VMs on different fault and update domains.",
+            "guid": "5a785d6f-e96c-496a-b884-4cf3b2b38c88",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/availability-set-overview",
+            "service": "VM",
             "services": [
+                "VM",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Deploy validated container images",
-            "waf": "Security"
+            "text": "For regions that do not support Availability Zones deploy VMs into Availability Sets",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerregistry/registries",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "description": "Use the latest versions of supported platforms, programming languages, protocols, and frameworks.",
-            "guid": "4e401955-387e-45ce-b126-cd132af5b20c",
-            "service": "ACR",
+            "description": "Azure provides multiple options for VM redundancy to meet different requirements (Availability Zones, Virtual Machine Scale Sets, Availability Sets, Azure Site Recovery)",
+            "guid": "6ba2c021-4991-414a-9d3c-e574dccbd979",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/availability",
+            "service": "VM",
             "services": [
+                "VM",
+                "ASR",
                 "WAF"
             ],
             "severity": "High",
-            "text": "Use up-to-date platforms, languages, protocols and frameworks",
-            "waf": "Security"
+            "text": "Avoid running a production workload on a single VM",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Insights/components",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "guid": "a95b86ad-8840-48e3-9273-4b875ba18f20",
-            "link": "https://learn.microsoft.com/azure/architecture/guide/multitenant/considerations/tenancy-models",
-            "service": "Azure Monitor",
+            "description": "Azure Site Recovery enables you to achieve low RTO (Recovery Time Objective) for your Azure and hybrid VMs by providing continuous replication and failover capabilities.",
+            "guid": "2a6bcca2-b5fe-4a1e-af3d-d95d48c7c891",
+            "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
+            "service": "VM",
             "services": [
-                "Monitor",
-                "WAF"
+                "VM",
+                "ASR",
+                "WAF",
+                "AVS"
             ],
-            "severity": "Medium",
-            "text": "Data collection rules in Azure Monitor -https://learn.microsoft.com/azure/azure-monitor/essentials/data-collection-rule-overview",
-            "training": "https://azure.microsoft.com/pricing/reservations/",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "For Azure and on-premises VMs (Hyper-V/Phyiscal/VMware) with low RTO requirements use Azure Site Recovery",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.RecoveryServices/vaults",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "guid": "45901365-d38e-443f-abcb-d868266abca2",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/multi-tenant/automation",
-            "service": "Azure Backup",
+            "description": "By using Capacity Reservations, you can effectively manage capacity for critical workloads, ensuring resource availability in specified regions.",
+            "guid": "bd7bb012-f7b9-45e0-9e15-8e3ea3992c2d",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/capacity-reservation-overview",
+            "service": "VM",
             "services": [
-                "Backup",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "check backup instances with the underlying datasource not found",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Use Capacity Reservations for critical workloads that require guaranteed capacity",
+            "waf": "Reliability"
         },
         {
             "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "guid": "64f9a19a-f29c-495d-94c6-c7919ca0f6c5",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/multi-tenant/lighthouse",
+            "description": "By ensuring that the necessary quotas are increased in your DR region before testing failover with ASR, you can avoid any potential resource constraints during the recovery process for failed over VMs.",
+            "guid": "e6e2065b-3a76-4af4-a691-e8939ada4666",
+            "link": "https://learn.microsoft.com/azure/quotas/per-vm-quota-requests",
             "service": "VM",
             "services": [
+                "VM",
+                "ASR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Delete or archive unassociated services (disks, nics, ip addresses etc)",
-            "waf": "Cost"
+            "text": "Increase quotas in DR region before testing failover with ASR",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.RecoveryServices/vaults",
+            "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "guid": "69bad37a-ad53-4cc7-ae1d-76667357c449",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
-            "service": "Azure Backup",
+            "description": "Scheduled Events is an Azure Metadata Service that provides information about upcoming maintenance events for virtual machines (VMs). By leveraging Scheduled Events, you can proactively prepare your applications for VM maintenance, minimizing disruption and improving the availability of your VMs.",
+            "guid": "6d3b475a-5c7a-4cbe-99bb-e64dd8902e87",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/windows/scheduled-events",
+            "service": "VM",
             "services": [
-                "Storage",
-                "Backup",
-                "ASR",
+                "VM",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Consider a good balance between site recovery storage and backup for non mission critical applications",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Utilize Scheduled Events to prepare for VM maintenance",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Insights/components",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "674b5ed8-5a85-49c7-933b-e2a1a27b765a",
-            "link": "https://learn.microsoft.com/azure/cost-management-billing/manage/direct-ea-administration#manage-notification-contacts",
-            "service": "Azure Monitor",
+            "description": "Use Zone-redundant Storage (ZRS) in the primary region for scenarios that require high availability and for restricting replication to a particular country or region. For protection against regional disasters, use Geo-zone-redundant Storage (GZRS), which combines ZRS in the primary region with geo-replication to a secondary region?.",
+            "guid": "48c7c891-dcb1-4f7d-9769-ae568ba38d4a",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
+            "service": "Azure Storage",
             "services": [
-                "Monitor",
+                "Storage",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Check spending and savings opportunities among the 40 different log analytics workspaces- use different retention and data collection for nonprod workspaces-create daily cap for awareness and tier sizing -  If you do set a daily cap, in addition to creating an alert when the cap is reached,ensure that you also create an alert rule to be notified when some percentage has been reached (90% for example). - consider workspace transformation if possible - https://learn.microsoft.com/azure/azure-monitor/essentials/data-collection-transformations#workspace-transformation-dcr ",
-            "training": "https://learn.microsoft.com/azure/cost-management-billing/costs/understand-work-scopes",
-            "waf": "Cost"
+            "text": "Choose the most appropriate data redundancy option for Azure Storage based on your requirements",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Insights/components",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "91be1f38-8ef3-494c-8bd4-63cbbac75819",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
-            "service": "Azure Monitor",
+            "description": "Assigning a Delete lock to your storage account helps protect the availability of your data, minimizing the risk of disruptions to your business operations.",
+            "guid": "85e2213d-bd7b-4b01-8f7b-95e06e158e3e",
+            "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource",
+            "service": "Azure Storage",
             "services": [
                 "Storage",
-                "AzurePolicy",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Enforce a purging log policy and automation (if needed, logs can be moved to cold storage)",
-            "training": "https://www.youtube.com/watch?v=nHQYcYGKuyw",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Apply a Delete lock to prevent accidental or malicious deletion of storage accounts",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "6aae01e6-a84d-4e5d-b36d-1d92881a1bd5",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
-            "service": "VM",
+            "description": "Container soft delete protects your data from being accidentally deleted by maintaining the deleted data in the system for a specified period of time.",
+            "guid": "a3992c2d-e6e2-4065-a3a7-6af4a691e893",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable",
+            "service": "Azure Storage",
             "services": [
                 "Storage",
-                "Backup",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Check that the disks are really needed, if not: delete. If they are needed, find lower storage tiers or use backup -",
-            "training": "https://learn.microsoft.com/azure/cost-management-billing/costs/manage-automation",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Enable soft delete for Storage Account Containers",
+            "waf": "Reliability"
         },
         {
             "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "WAF checklist",
-            "guid": "d1e44a19-659d-4395-afd7-7289b835556d",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-enterprise-agreement#design-considerations",
-            "service": "Storage",
+            "description": "Blob soft delete protects an individual blob and its versions, snapshots, and metadata from accidental deletes or overwrites by maintaining the deleted data in the system for a specified period of time.",
+            "guid": "9ada4666-7e13-4c10-96b9-153d89f89dc7",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable",
+            "service": "Azure Storage",
             "services": [
                 "Storage",
-                "AzurePolicy",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Consider moving unused storage to lower tier, with customized rule - https://learn.microsoft.com/azure/storage/blobs/lifecycle-management-policy-configure  ",
-            "training": "https://learn.microsoft.com/azure/cost-management-billing/costs/enable-tag-inheritance",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Enable soft delete for blobs",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.RecoveryServices/vaults",
             "checklist": "WAF checklist",
-            "guid": "d0102cac-6aae-401e-9a84-de5de36d1d92",
-            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
-            "service": "VM",
+            "description": "Azure Backup enhanced soft delete provides critical protection against ransomware attacks by retaining deleted backups, enabling recovery from potential ransomware encryption or deletion.",
+            "guid": "b44be3b1-a27f-48b9-b91b-e1038df03a82",
+            "link": "https://learn.microsoft.com/azure/backup/backup-azure-enhanced-soft-delete-about",
+            "service": "Azure Backup",
             "services": [
-                "VM",
-                "WAF"
+                "WAF",
+                "Backup"
             ],
             "severity": "Medium",
-            "text": "Make sure advisor is configured for VM right sizing ",
-            "waf": "Cost"
+            "text": "Enable Azure Backup enhanced soft delete for improved data protection and recovery",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.RecoveryServices/vaults",
             "checklist": "WAF checklist",
-            "description": "check by searching the Meter Category Licenses in the Cost analysys",
-            "guid": "59ae568b-a38d-4498-9e22-13dbd7bb012f",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/manage/centralize-operations",
-            "service": "VM",
+            "description": "Azure Backup's multi-user authorization enables fine-grained control over user access to backup resources, allowing you to restrict privileges and ensure proper authentication and authorization for backup operations.",
+            "guid": "2cd463cb-bbc8-4ac2-a9eb-c92a43da1dae",
+            "link": "https://learn.microsoft.com/azure/backup/multi-user-authorization-concept",
+            "service": "Azure Backup",
             "services": [
-                "VM",
-                "Cost",
-                "AzurePolicy",
-                "WAF"
+                "WAF",
+                "Backup"
             ],
-            "severity": "Medium",
-            "text": "run the script on all windows VMs https://learn.microsoft.com/azure/virtual-machines/windows/hybrid-use-benefit-licensing?ref=andrewmatveychuk.com#convert-an-existing-vm-using-azure-hybrid-benefit-for-windows-server- consider implementing a policy if windows VMs are created frequently",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Implement multi-user authorization for Azure Backup to ensure secure and controlled access to backup resources",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.RecoveryServices/vaults",
             "checklist": "WAF checklist",
-            "guid": "7b95e06e-158e-42ea-9992-c2de6e2065b3",
-            "link": "https://learn.microsoft.com/azure/active-directory/privileged-identity-management/pim-configure",
-            "service": "VM",
+            "description": "Azure Immutable Storage provides an additional layer of security by ensuring that backup data stored in the vault cannot be modified or deleted for a specified retention period. This helps safeguard your backups from ransomware attacks that may attempt to compromise or manipulate your backup data.",
+            "guid": "2cc88147-0607-4c1c-aa0e-614658dd458e",
+            "link": "https://learn.microsoft.com/azure/backup/backup-azure-immutable-vault-concept?source=recommendations&tabs=recovery-services-vault",
+            "service": "Azure Backup",
             "services": [
-                "LoadBalancer",
+                "Storage",
+                "WAF",
+                "Backup"
+            ],
+            "severity": "Low",
+            "text": "Implement Immutable Storage for your vaults to protect against ransomware and prevent unauthorized modifications to backups",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/dnsZones",
+            "checklist": "WAF checklist",
+            "description": "To eliminate a single point of failure in your on-premises DNS services and ensure reliable DNS resolution during business continuity and disaster recovery scenarios, it is recommended to utilize Azure DNS Private Resolvers in multiple regions. By deploying two or more Azure DNS private resolvers across different regions, you can enable DNS failover and achieve resiliency in your DNS infrastructure.",
+            "guid": "43da1dae-2cc8-4814-9060-7c1cca0e6146",
+            "link": "https://learn.microsoft.com/azure/dns/tutorial-dns-private-resolver-failover",
+            "service": "DNS",
+            "services": [
+                "DNS",
+                "ASR",
+                "WAF",
+                "ACR"
+            ],
+            "severity": "Low",
+            "text": "Implement DNS Failover using Azure DNS Private Resolvers",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.PowerBI/gateways",
+            "checklist": "WAF checklist",
+            "description": "Use an on-premises data gateway cluster to avoid single points of failure and to load balance traffic across gateways.",
+            "guid": "89f89dc7-b44b-4e3b-8a27-f8b9e91be103",
+            "link": "https://learn.microsoft.com/data-integration/gateway/service-gateway-high-availability-clusters",
+            "service": "Data Gateways",
+            "services": [
+                "ACR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": " this can be also put under AHUB if you already have licenses https://learn.microsoft.com/azure/virtual-machines/linux/azure-hybrid-benefit-linux?tabs=rhelpayg%2Crhelbyos%2CrhelEnablebyos%2Crhelcompliance",
-            "waf": "Cost"
+            "text": "Use on-premises data gateway clusters to ensure high availability for business-critical data",
+            "waf": "Reliability"
         },
         {
             "arm-service": "Microsoft.Compute/virtualMachines",
             "checklist": "WAF checklist",
-            "guid": "75c1e945-b459-4837-bf7a-e7c6d3b475a5",
-            "link": "https://learn.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal",
-            "service": "VM",
+            "description": "When choosing the best option for deploying NVAs in Azure, it is crucial to consider the vendor's recommendations and validate that the specific design has been vetted and validated by the NVA vendor. The vendor should also provide the necessary NVA configuration for seamless integration in Azure.",
+            "guid": "8b1188b3-c6a4-46ce-a544-451e192d3442",
+            "link": "https://learn.microsoft.com/azure/architecture/reference-architectures/dmz/nva-ha",
+            "service": "NVA",
             "services": [
-                "VM",
+                "NVA",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Consolidate reserved VM families with flexibility option (no more than 4-5 families)",
-            "training": "https://learn.microsoft.com/azure/automation/automation-solution-vm-management",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "Deploy Network Virtual Appliances (NVAs) in a vendor supported configuration for High Availability",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "c7acbe49-bbe6-44dd-a9f2-e87778468d55",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/identity-access#prerequisites-for-a-landing-zone---design-recommendations",
-            "service": "VM",
+            "guid": "1fc2fc14-eea6-4e69-b8d9-a3edc218e687",
+            "link": "https://polite-sea-0995b240f.2.azurestaticapps.net/technical-delivery-playbook/azure-services/analytics/purview/",
+            "service": "Purview",
             "services": [
-                "ARS",
-                "VM",
-                "Cost",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Utilize Azure Reserved Instances: This feature allows you to reserve VMs for a period of 1 or 3 years, providing significant cost savings compared to PAYG prices.",
-            "waf": "Cost"
+            "text": "Leverage FTA Resillency Handbook",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "a6bcca2b-4fea-41db-b3dd-95d48c7c891d",
-            "link": "https://learn.microsoft.com/azure/active-directory-domain-services/overview",
-            "service": "VM",
+            "guid": "ab067acb-49e5-4b96-8332-4ecf8cc13318",
+            "link": "https://learn.microsoft.com/purview/disaster-recovery",
+            "service": "Purview",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Only larger disks can be reserved => 1 TiB -",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "Plan for Data Center level outage",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "cb1f7d57-59ae-4568-aa38-d4985e2213db",
-            "link": "https://learn.microsoft.com/azure/architecture/reference-architectures/identity/adds-extend-domain",
-            "service": "VM",
+            "description": "1. Create the new account 2. Migrate configuration items 3. Run scans 4. Migrate custom typedefs and custom assets 5. Migrate relationships 6. Migrate glossary terms 7. Assign classifications to assets 8. Assign contacts to assets",
+            "guid": "da611702-69f4-4fb4-aa3d-3ef7f3176c4b",
+            "link": "https://learn.microsoft.com/purview/disaster-recovery",
+            "service": "Purview",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "After the right-sizing optimization",
-            "waf": "Cost"
+            "text": "Practice Failover for BCDR",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Sql/servers",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "d7bb012f-7b95-4e06-b158-e2ea3992c2de",
-            "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy",
-            "service": "Azure SQL",
+            "guid": "97b15b8a-219a-44ab-bb57-879024d22678",
+            "link": "https://learn.microsoft.com/purview/disaster-recovery",
+            "service": "Purview",
             "services": [
-                "AzurePolicy",
-                "SQL",
-                "Cost",
-                "WAF"
+                "WAF",
+                "Backup"
             ],
-            "severity": "Medium",
-            "text": "Check if applicable and enforce policy/change https://learn.microsoft.com/azure/azure-sql/azure-hybrid-benefit?view=azuresql&tabs=azure-portalhttps://learn.microsoft.com/azure/cost-management-billing/scope-level/create-sql-license-assignments?source=recommendations",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "Plan a backup strategy and take regular backups",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "6e2065b3-a76a-4f4a-991e-8839ada46667",
-            "link": "https://learn.microsoft.com/azure/active-directory/roles/best-practices",
-            "service": "VM",
+            "guid": "6d20b56c-56a9-4581-89bf-8d8e5c586b7d",
+            "link": "https://learn.microsoft.com/purview/manage-kafka-dotnet",
+            "service": "Purview",
             "services": [
-                "VM",
+                "EventHubs",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "The VM + license part discount (ahub + 3YRI) is around 70% discount",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Use Microsoft Purview's Event Hubs to subscribe and create entities to another account",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "ccbd9792-a6bc-4ca2-a4fe-a1dbf3dd95d4",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#send-logs-to-microsoft-sentinel",
-            "service": "VM",
+            "guid": "8cdc15ac-c075-4ee9-a130-a8889579e76b",
+            "link": "https://learn.microsoft.com/purview/deployment-best-practices",
+            "service": "Purview",
             "services": [
-                "VM",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Consider using a VMSS to match demand rather than flat sizing",
-            "waf": "Cost"
+            "text": "Follow Purview accounts architectures and deployment best practices",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.containerservice/managedClusters",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "c1b1cd52-1e54-4a29-a9de-39ac0e7c28dc",
-            "link": "https://learn.microsoft.com/azure/reliability/cross-region-replication-azure",
-            "service": "AKS",
+            "guid": "896e710a-7da7-4be9-a56d-14d3c49d997c",
+            "link": "https://learn.microsoft.com/purview/concept-best-practices-collections",
+            "service": "Purview",
             "services": [
-                "AKS",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Use AKS autoscaler to match your clusters usage (make sure the pods requirements match the scaler)",
-            "waf": "Cost"
+            "text": "Follow Collection Architectures and best practices",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.RecoveryServices/vaults",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "44be3b1a-27f8-4b9e-a1be-1f38df03a822",
-            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/data-retention-archive?tabs=portal-1%2Cportal-2#how-retention-and-archiving-work",
-            "service": "Azure Backup",
+            "guid": "b3d1325a-a225-4c6f-9e06-85edddea8a4b",
+            "link": "https://learn.microsoft.com/purview/concept-best-practices-asset-lifecycle",
+            "service": "Purview",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Move recovery points to vault-archive where applicable (Validate)",
-            "training": "https://azure.microsoft.com/pricing/reservations/",
-            "waf": "Cost"
+            "text": "Follow Assest lifecycle best practices",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Databricks/workspaces",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "cd463cbb-bc8a-4c29-aebc-91a43da1dae2",
-            "link": "https://learn.microsoft.com/azure/databricks/clusters/cluster-config-best-practices#automatic-termination",
-            "service": "Databricks",
+            "guid": "7cdeb3c6-1fc2-4fc1-9eea-6e69d8d9a3ed",
+            "link": "https://learn.microsoft.com/purview/concept-best-practices-automation",
+            "service": "Purview",
             "services": [
-                "LoadBalancer",
-                "VM",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Consider using Spot VMs with fallback where possible. Consider autotermination of clusters.",
-            "waf": "Cost"
+            "text": "Follow automation best practices",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Web/sites",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "cc881470-607c-41cc-a0e6-14658dd458e9",
-            "link": "https://learn.microsoft.com/azure/governance/policy/how-to/guest-configuration-create",
-            "service": "Azure Functions",
+            "guid": "c218e687-ab06-47ac-a49e-5b9603324ecf",
+            "link": "https://learn.microsoft.com/purview/disaster-recovery",
+            "service": "Purview",
             "services": [
-                "WAF"
+                "WAF",
+                "Backup"
             ],
             "severity": "Medium",
-            "text": "Functions - Reuse connections",
-            "training": "https://learn.microsoft.com/azure/cost-management-billing/reservations/reservation-apis?toc=%2Fazure%2Fcost-management-billing%2Ftoc.json",
-            "waf": "Cost"
+            "text": "Follow Backup and Migration Best practices",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Web/sites",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "27139b82-1102-4dbd-9eaf-11e6f843e52f",
-            "link": "https://learn.microsoft.com/azure/automation/update-management/overview",
-            "service": "Azure Functions",
+            "guid": "8cc13318-da61-4170-869f-4fb4aa3d3ef7",
+            "link": "https://learn.microsoft.com/purview/concept-best-practices-glossary",
+            "service": "Purview",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Functions - Cache data locally",
-            "training": "https://learn.microsoft.com/learn/paths/azure-administrator-manage-compute-resources/",
-            "waf": "Cost"
+            "text": "Follow Purview Glossary Best Practices",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Web/sites",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "4722d928-c1b1-4cd5-81e5-4a29b9de39ac",
-            "link": "https://learn.microsoft.com/azure/network-watcher/network-watcher-monitoring-overview",
-            "service": "Azure Functions",
+            "guid": "f3176c4b-97b1-45b8-a219-a4abeb578790",
+            "link": "https://learn.microsoft.com/purview/concept-workflow",
+            "service": "Purview",
             "services": [
-                "Storage",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Functions - Cold starts-Use the 'Run from package' functionality. This way, the code is downloaded as a single zip file. This can, for example, result in significant improvements with Javascript functions, which have a lot of node modules.Use language specific tools to reduce the package size, for example, tree shaking Javascript applications.",
-            "training": "https://learn.microsoft.com/learn/modules/configure-network-watcher/",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Leverage Workflows ",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Web/sites",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "0e7c28dc-9366-4572-82bf-f4564b0d934a",
-            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/lock-resources?tabs=json",
-            "service": "Azure Functions",
+            "guid": "24d22678-6d20-4b56-a56a-958119bf8d8e",
+            "link": "https://learn.microsoft.com/purview/concept-best-practices-security",
+            "service": "Purview",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Functions - Keep your functions warm",
-            "training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
-            "waf": "Cost"
+            "text": "Follow Purview Security Best Practices",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Web/sites",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "359c363e-7dd6-4162-9a36-4a907ebae38e",
-            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
-            "service": "Azure Functions",
+            "guid": "5c586b7d-8cdc-415a-ac07-5ee9b130a888",
+            "link": "https://learn.microsoft.com/purview/concept-best-practices-lineage-azure-data-factory",
+            "service": "Purview",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "When using autoscale with different functions, there might be one driving all the autoscale for all the resources - consider moving it to a separate consumption plan (and consider higher plan for CPU)",
-            "waf": "Cost"
+            "text": "Follow Purview Data Lineage Best Practices",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Web/sites",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "ad53cc7d-e2e8-4aaa-a357-1549ab9153d8",
-            "link": "https://learn.microsoft.com/azure/service-health/alerts-activity-log-service-notifications-portal",
-            "service": "Azure Functions",
+            "guid": "9579e76b-896e-4710-a7da-7be9956d14d3",
+            "link": "https://learn.microsoft.com/purview/concept-best-practices-scanning",
+            "service": "Purview",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Function apps in a given plan are all scaled together, so any issues with scaling can affect all apps in the plan.",
-            "waf": "Cost"
+            "text": "Follow Best Practices for Scanning Registered Sources",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Web/sites",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "9f89dc7b-44be-43b1-a27f-8b9e91be1f38",
-            "link": "https://learn.microsoft.com/azure/azure-monitor/alerts/action-groups",
-            "service": "Azure Functions",
+            "guid": "c49d997c-b3d1-4325-aa22-5c6f4e0685ed",
+            "link": "https://learn.microsoft.com/purview/concept-best-practices-classification",
+            "service": "Purview",
             "services": [
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Am I billed for 'await time'? This question is typically asked in the context of a C# function that does an async operation and waits for the result, e.g. await Task.Delay(1000) or await client.GetAsync('http://google.com'). The answer is yes - the GB second calculation is based on the start and end time of the function and the memory usage over that period. What actually happens over that time in terms of CPU activity is not factored into the calculation.One exception to this rule is if you are using durable functions. You are not billed for time spent at awaits in orchestrator functions.apply demand shaping techinques where possible (dev environments?) https://github.com/Azure-Samples/functions-csharp-premium-scaler",
-            "waf": "Cost"
+            "text": "Follow Classification Best Practices in Governance Portal",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "3da1dae2-cc88-4147-8607-c1cca0e61465",
-            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
-            "service": "Front Door",
+            "guid": "ddea8a4b-7cde-4b3c-91fc-2fc14eea6e69",
+            "link": "https://learn.microsoft.com/purview/sensitivity-labels-frequently-asked-questions",
+            "service": "Purview",
             "services": [
-                "EventHubs",
-                "FrontDoor",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Frontdoor - Turn off the default homepageIn the application settings of your App, set AzureWebJobsDisableHomepage to true. This will return a 204 (No Content) to the PoP so only header data is returned.",
-            "waf": "Cost"
+            "text": "Perform Sensitivity Labelling in the Purview Data Map",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "microsoft.network/frontdoors",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "8dd458e9-2713-49b8-8110-2dbd6eaf11e6",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-setup-guide/monitoring-reporting?tabs=AzureMonitor",
-            "service": "Front Door",
+            "guid": "d8d9a3ed-c218-4e68-9ab0-67acb49e5b96",
+            "link": "https://learn.microsoft.com/purview/concept-data-share",
+            "service": "Purview",
             "services": [
-                "AppSvc",
-                "FrontDoor",
+                "Storage",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Frontdoor - Route to something that returns nothing. Either set up a Function, Function Proxy, or add a route in your WebApp that returns 200 (OK) and sends no or minimal content. The advantage of this is you will be able to log out when it is called.",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Leverage Azure Storage in-place data sharing with Microsoft Purview",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "7e31c67d-68cf-46a6-8a11-94956d697dc3",
-            "link": "https://learn.microsoft.com/azure/architecture/best-practices/monitoring",
-            "service": "Storage",
+            "guid": "03324ecf-8cc1-4331-ada6-1170269f4fb4",
+            "link": "https://learn.microsoft.com/purview/concept-insights",
+            "service": "Purview",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Consider archiving tiers for less used data",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Leverage Data Estate Insights",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "a2ed27b2-d186-4f1a-8252-bddde68a487c",
-            "link": "https://learn.microsoft.com/azure/automation/how-to/region-mappings",
-            "service": "VM",
+            "guid": "aa3d3ef7-f317-46c4-a97b-15b8a219a4ab",
+            "link": "https://learn.microsoft.com/purview/catalog-adoption-insights",
+            "service": "Purview",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Check disk sizes where the size does not match the tier (i.e. A 513 GiB disk will pay a P30 (1TiB) and consider resizing",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Use Data stewardship and Catalog adoption",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "dec4861b-c3bc-410a-b77e-26e4d5a3bec2",
-            "link": "https://learn.microsoft.com/azure/governance/policy/concepts/guest-configuration",
-            "service": "Storage",
+            "guid": "eb578790-24d2-4267-a6d2-0b56c56a9581",
+            "link": "https://learn.microsoft.com/purview/concept-insights",
+            "service": "Purview",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Consider using standard SSD rather than Premium or Ultra where possible",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Use Inventory and Ownership",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "c4e2436b-1336-4db5-9f17-960eee0bdf5c",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#monitoring-for-configuration-drift",
-            "service": "Storage",
+            "guid": "19bf8d8e-5c58-46b7-b8cd-c15acc075ee9",
+            "link": "https://learn.microsoft.com/purview/glossary-insights",
+            "service": "Purview",
             "services": [
-                "Storage",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "For storage accounts, make sure that the chosen tier is not adding up transaction charges (it might be cheaper to move to the next tier)",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Leverage Insights for Glossary, Classifications, Sensitivity Labels",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.RecoveryServices/vaults",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "c2efc5d7-61d4-41d2-900b-b47a393a040f",
-            "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
-            "service": "Site Recovery",
+            "guid": "b130a888-9579-4e76-a896-e710a7da7be9",
+            "link": "https://learn.microsoft.com/purview/compliance-manager",
+            "service": "Purview",
             "services": [
-                "ASR",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "For ASR, consider using Standard SSD disks if the RPO/RTO and replication throughput allow it",
-            "waf": "Cost"
+            "text": "Generate assessment scores",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Storage/storageAccounts",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "d3294798-b118-48b2-a5a4-6ceb544451e1",
-            "link": "https://learn.microsoft.com/azure/architecture/framework/resiliency/backup-and-recovery",
-            "service": "Storage",
+            "guid": "956d14d3-c49d-4997-ab3d-1325aa225c6f",
+            "link": "https://learn.microsoft.com/purview/compliance-manager-scoring",
+            "service": "Purview",
             "services": [
-                "Storage",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Storage accounts: check hot tier and/or GRS necessary",
-            "waf": "Cost"
+            "text": "Profiling- get summaries of data content",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "92d34429-3c76-4286-97a5-51c5b04e4f18",
-            "link": "https://learn.microsoft.com/azure/backup/backup-center-overview",
-            "service": "VM",
+            "guid": "4e0685ed-ddea-48a4-a7cd-eb3c61fc2fc1",
+            "link": "https://learn.microsoft.com/purview/concept-policies-data-owner#microsoft-purview-policy-concepts",
+            "service": "Purview",
             "services": [
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Medium",
-            "text": "Disks - validate use of Premium SSD disks everywhere: for example, non-prod could swap to Standard SSD or on-demand Premium SSD  ",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Follow Microsoft Purview Data Owner access policies",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Synapse/workspaces",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "54387e5c-ed12-46cd-832a-f5b2fc6998a5",
-            "link": "https://learn.microsoft.com/azure/reliability/availability-zones-overview",
-            "service": "Synapse",
+            "guid": "4eea6e69-d8d9-4a3e-bc21-8e687ab067ac",
+            "link": "https://learn.microsoft.com/purview/concept-self-service-data-access-policy",
+            "service": "Purview",
             "services": [
-                "EventHubs",
-                "Monitor",
-                "Cost",
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Medium",
-            "text": "Create budgets to manage costs and create alerts that automatically notify stakeholders of spending anomalies and overspending risks.",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Follow Self-service access policies",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Synapse/workspaces",
+            "arm-service": "Microsoft.Purview/accounts",
             "checklist": "WAF checklist",
-            "guid": "35e33789-7e31-4c67-b68c-f6a62a119495",
-            "link": "https://learn.microsoft.com/azure/virtual-machines/availability",
-            "service": "Synapse",
+            "guid": "b49e5b96-0332-44ec-b8cc-13318da61170",
+            "link": "https://learn.microsoft.com/purview/concept-policies-devops",
+            "service": "Purview",
             "services": [
-                "Storage",
-                "Cost",
-                "WAF"
+                "WAF",
+                "AzurePolicy"
             ],
-            "severity": "Medium",
-            "text": "Export cost data to a storage account for additional data analysis.",
-            "waf": "Cost"
+            "severity": "Low",
+            "text": "Follow DevOps policies",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Synapse/workspaces",
+            "arm-service": "Microsoft.Devices/deviceUpdateServices",
             "checklist": "WAF checklist",
-            "guid": "6d697dc3-a2ed-427b-8d18-6f1a1252bddd",
-            "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-overview",
-            "service": "Synapse",
+            "guid": "0e03f5ee-4648-423c-bb86-7239480f9171",
+            "link": "https://learn.microsoft.com/en-us/azure/iot-dps/iot-dps-ha-dr#high-availability",
+            "service": "Device Update for IoT Hub",
             "services": [
-                "SQL",
-                "Cost",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Control costs for a dedicated SQL pool by pausing the resource when it is not in use.",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "Leverage Availability Zones if regionally applicable (this is automatically enabled).",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Synapse/workspaces",
+            "arm-service": "Microsoft.Devices/deviceUpdateServices",
             "checklist": "WAF checklist",
-            "guid": "e68a487c-dec4-4861-ac3b-c10ae77e26e4",
-            "link": "https://learn.microsoft.com/azure/virtual-machine-scale-sets/overview",
-            "service": "Synapse",
+            "guid": "c0c273bd-00ad-419a-9f2f-fc72fb181e55",
+            "link": "https://learn.microsoft.com/en-us/azure/iot-dps/iot-dps-ha-dr#high-availability",
+            "service": "Device Update for IoT Hub",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Enable the serverless Apache Spark automatic pause feature and set your timeout value accordingly.",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "Be aware of Microsoft-initiated failovers. These are exercised by Microsoft in rare situations to fail over all the DPS instances from an affected region to the corresponding geo-paired region.",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Synapse/workspaces",
+            "arm-service": "Microsoft.Devices/deviceUpdateServices",
             "checklist": "WAF checklist",
-            "guid": "d5a3bec2-c4e2-4436-a133-6db55f17960e",
-            "link": "https://learn.microsoft.com/azure/frontdoor/best-practices#use-latest-version-for-customer-managed-certificates",
-            "service": "Synapse",
+            "guid": "3af8abe6-07eb-4287-b393-6c4abe3702eb",
+            "link": "https://learn.microsoft.com/en-us/azure/logic-apps/business-continuity-disaster-recovery-guidance?toc=%2Fazure%2Freliability%2Ftoc.json&bc=%2Fazure%2Freliability%2Fbreadcrumb%2Ftoc.json",
+            "service": "Device Update for IoT Hub",
             "services": [
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Create multiple Apache Spark pool definitions of various sizes.",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "Consider a Cross-Region DR strategy for critical workloads",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Synapse/workspaces",
+            "arm-service": "Microsoft.Devices/deviceUpdateServices",
             "checklist": "WAF checklist",
-            "guid": "ee0bdf5c-c2ef-4c5d-961d-41d2500bb47a",
-            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/resource-org-management-groups#management-groups-in-the-azure-landing-zone-accelerator",
-            "service": "Synapse",
+            "guid": "bd91245c-fe32-4e98-a085-794a40f4bfe1",
+            "link": "https://learn.microsoft.com/en-us/azure/app-service/environment/intro",
+            "service": "Device Update for IoT Hub",
             "services": [
-                "Cost",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
-            "severity": "Medium",
-            "text": "Purchase Azure Synapse commit units (SCU) for one year with a pre-purchase plan to save on your Azure Synapse Analytics costs.",
-            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "If deploying to an Isolated environment, use or migrate to App Service Environment (ASE) v3",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.Devices/provisioningServices",
             "checklist": "WAF checklist",
-            "guid": "393a040f-d329-4479-ab11-88b2c5a46ceb",
-            "link": "https://learn.microsoft.com/azure/application-gateway/overview-v2",
-            "service": "VM",
+            "guid": "cb26b2ba-a9db-45d1-8260-d9c6ec1447d9",
+            "link": "https://learn.microsoft.com/en-us/azure/logic-apps/single-tenant-overview-compare",
+            "service": "IoT Hub DPS",
             "services": [
-                "VM",
-                "Cost",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Use Spot VMs for interruptible jobs: These are VMs that can be bid on and purchased at a discounted price, providing a cost-effective solution for non-critical workloads.",
-            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "Select the right Logic App hosting plan based on your business & SLO requirements",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.Devices/provisioningServices",
             "checklist": "WAF checklist",
-            "guid": "544451e1-92d3-4442-a3c7-628637a551c5",
-            "link": "https://learn.microsoft.com/azure/load-balancer/load-balancer-overview",
-            "service": "VM",
+            "guid": "f6dd7977-1123-4f39-b488-f91415a8430a",
+            "link": "https://learn.microsoft.com/en-us/azure/logic-apps/set-up-zone-redundancy-availability-zones?tabs=standard#next-steps",
+            "service": "IoT Hub DPS",
             "services": [
-                "VM",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Right-sizing all VMs",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "Protect logic apps from region failures with zone redundancy and availability zones",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.Devices/provisioningServices",
             "checklist": "WAF checklist",
-            "guid": "b04e4f18-5438-47e5-aed1-26cd032af5b2",
-            "link": "https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet",
-            "service": "VM",
+            "guid": "8aed4fbf-0830-4883-899d-222a154af478",
+            "link": "https://learn.microsoft.com/en-us/azure/logic-apps/business-continuity-disaster-recovery-guidance?toc=%2Fazure%2Freliability%2Ftoc.json&bc=%2Fazure%2Freliability%2Fbreadcrumb%2Ftoc.json",
+            "service": "IoT Hub DPS",
             "services": [
-                "VM",
                 "WAF"
             ],
-            "severity": "Medium",
-            "text": "Swap VM sized with normalized and most recent sizes",
-            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "Consider a Cross-Region DR strategy for critical workloads",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.Devices/provisioningServices",
             "checklist": "WAF checklist",
-            "guid": "fc6998a5-35e3-4378-a7e3-1c67d68cf6a6",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
-            "service": "VM",
+            "guid": "da0f033e-d180-4f36-9aa4-c468dba14203",
+            "link": "https://learn.microsoft.com/en-us/azure/app-service/environment/intro",
+            "service": "IoT Hub DPS",
             "services": [
-                "Monitor",
-                "VM",
-                "WAF"
+                "WAF",
+                "AppSvc"
             ],
-            "severity": "Medium",
-            "text": "right-sizing VMs - start with monitoring usage below 5% and then work up to 40%",
-            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
-            "waf": "Cost"
+            "severity": "High",
+            "text": "If deploying to an Isolated environment, use or migrate to App Service Environment (ASE) v3",
+            "waf": "Reliability"
         },
         {
-            "arm-service": "Microsoft.Compute/virtualMachines",
+            "arm-service": "Microsoft.Devices/provisioningServices",
             "checklist": "WAF checklist",
-            "guid": "2a119495-6d69-47dc-9a2e-d27b2d186f1a",
-            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
-            "service": "VM",
+            "guid": "62711604-c9d1-4b0a-bdb7-5fda54a4f6c1",
+            "link": "https://learn.microsoft.com/en-us/training/modules/deploy-azure-functions/",
+            "service": "IoT Hub DPS",
             "services": [
-                "VM",
                 "WAF"
             ],
             "severity": "Medium",
-            "text": "Containerizing an application can improve VM density and save money on scaling it",
-            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
-            "waf": "Cost"
+            "text": "Leverage Azure DevOps or GitHub to streamline CI/CD and safeguard your Logic App code",
+            "waf": "Operations"
         },
         {
             "category": "Operations management",
@@ -35553,7 +39105,7 @@
     ],
     "metadata": {
         "name": "Master checklist",
-        "timestamp": "August 08, 2024"
+        "timestamp": "August 12, 2024"
     },
     "severities": [
         {
diff --git a/checklists/waf_checklist.en.json b/checklists/waf_checklist.en.json
index acb339bc5..c52f1b082 100644
--- a/checklists/waf_checklist.en.json
+++ b/checklists/waf_checklist.en.json
@@ -1,5 +1,1759 @@
 {
     "items": [
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "70c15989-c726-42c7-b0d3-24b7375b9201",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/multi-tenant/considerations-recommendations",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "Use one Entra tenant for managing your Azure resources, unless you have a clear regulatory or business requirement for multi-tenants.",
+            "training": "https://learn.microsoft.com/training/modules/deploy-resources-scopes-bicep/2-understand-deployment-scopes",
+            "waf": "Operations"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6309957b-821a-43d1-b9d9-7fcf1802b747",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/multi-tenant/automation",
+            "service": "Entra",
+            "severity": "Low",
+            "text": "Use Multi-Tenant Automation approach to managing your Microsoft Entra ID Tenants.",
+            "training": "https://learn.microsoft.com/entra/architecture/multi-tenant-user-management-introduction/",
+            "waf": "Operations"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "78e11934-499a-45ed-8ef7-aae5578f0ecf",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/multi-tenant/lighthouse",
+            "service": "Entra",
+            "severity": "High",
+            "text": "Use Azure Lighthouse for Multi-Tenant Management with the same IDs.",
+            "training": "https://learn.microsoft.com/azure/lighthouse/concepts/cross-tenant-management-experience",
+            "waf": "Operations"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5d82e6df-6f61-42f2-82e2-3132d293be3d",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/azure-billing-microsoft-customer-agreement#design-recommendations",
+            "service": "Entra",
+            "severity": "High",
+            "text": "If you give a partner access to administer your tenant, use Azure Lighthouse.",
+            "training": "https://learn.microsoft.com/azure/lighthouse/how-to/onboard-customer",
+            "waf": "Cost"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "348ef254-c27d-442e-abba-c7571559ab91",
+            "link": "https://learn.microsoft.com/azure/role-based-access-control/overview",
+            "service": "Entra",
+            "severity": "High",
+            "text": "Enforce a RBAC model that aligns to your cloud operating model. Scope and Assign across Management Groups and Subscriptions.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
+            "waf": "Security"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "12e7f983-f630-4472-8dd6-9c5b5c2622f5",
+            "link": "https://learn.microsoft.com/azure/active-directory/roles/security-planning#identify-microsoft-accounts-in-administrative-roles-that-need-to-be-switched-to-work-or-school-accounts",
+            "service": "Entra",
+            "severity": "High",
+            "text": "Only use the authentication type Work or school account for all account types. Avoid using the Microsoft account",
+            "training": "https://learn.microsoft.com/learn/modules/explore-basic-services-identity-types/",
+            "waf": "Security"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "4b69bad3-3aad-45e8-a68e-1d76667313b4",
+            "link": "https://learn.microsoft.com/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "Only use groups to assign permissions. Add on-premises groups to the Entra ID only group if a group management system is already in place.",
+            "training": "https://learn.microsoft.com/learn/paths/manage-identity-and-access/",
+            "waf": "Security"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "53e8908a-e28c-484c-93b6-b7808b9fe5c4",
+            "link": "https://learn.microsoft.com/azure/active-directory/conditional-access/overview",
+            "service": "Entra",
+            "severity": "High",
+            "text": "Enforce Microsoft Entra ID Conditional Access policies for any user with rights to Azure environments.",
+            "training": "https://learn.microsoft.com/learn/modules/plan-implement-administer-conditional-access/",
+            "waf": "Security"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1049d403-a923-4c34-94d0-0018ac6a9e01",
+            "link": "https://learn.microsoft.com/azure/active-directory/authentication/concept-mfa-howitworks",
+            "service": "Entra",
+            "severity": "High",
+            "text": "Enforce multi-factor authentication for any user with rights to the Azure environments.",
+            "training": "https://learn.microsoft.com/learn/modules/secure-aad-users-with-mfa/",
+            "waf": "Security"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "14658d35-58fd-4772-99b8-21112df27ee4",
+            "link": "https://learn.microsoft.com/azure/active-directory/privileged-identity-management/pim-configure",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "Enforce Microsoft Entra ID Privileged Identity Management (PIM) to establish zero standing access and least privilege.",
+            "training": "https://learn.microsoft.com/learn/modules/azure-ad-privileged-identity-management/",
+            "waf": "Security"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "8b9fe5c4-1049-4d40-9a92-3c3474d00018",
+            "link": "https://learn.microsoft.com/entra/identity/domain-services/overview",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "If planning to switch from Active Directory Domain Services to Entra domain services, evaluate the compatibility of all workloads.",
+            "training": "https://learn.microsoft.com/learn/modules/implement-hybrid-identity-windows-server/",
+            "waf": "Security"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1cf0b8da-70bd-44d0-94af-8d99cfc89ae1",
+            "link": "https://learn.microsoft.com/azure/active-directory/reports-monitoring/concept-activity-logs-azure-monitor",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "Integrate Microsoft Entra ID logs with the platform-central Azure Monitor. Azure Monitor allows for a single source of truth around log and monitoring data in Azure, giving organizations a cloud native options to meet requirements around log collection and retention.",
+            "training": "https://learn.microsoft.com/entra/identity/monitoring-health/howto-integrate-activity-logs-with-azure-monitor-logs",
+            "waf": "Security"
+        },
+        {
+            "ammp": true,
+            "checklist": "Azure Landing Zone Review",
+            "guid": "984a859c-773e-47d2-9162-3a765a917e1f",
+            "link": "https://learn.microsoft.com/azure/active-directory/roles/security-emergency-access",
+            "service": "Entra",
+            "severity": "High",
+            "text": "Implement an emergency access or break-glass accounts to prevent tenant-wide account lockout.",
+            "training": "https://learn.microsoft.com/learn/modules/azure-ad-privileged-identity-management/",
+            "waf": "Security"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "35037e68-9349-4c15-b371-228514f4cdff",
+            "link": "https://learn.microsoft.com/azure/active-directory/roles/best-practices",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "Do not use on-premises synced accounts for Microsoft Entra ID role assignments, unless you have a scenario that specifically requires it.",
+            "training": "https://learn.microsoft.com/learn/modules/design-identity-security-strategy/",
+            "waf": "Security"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d5d1e4e6-1465-48d3-958f-d77249b82111",
+            "link": "https://learn.microsoft.com/azure/active-directory/app-proxy/application-proxy",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "When using Microsoft Entra ID Application Proxy to give remote users access to applications, manage it as a Platform resource as you can only have one instance per tenant.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-applications-external-access-azure-ad/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e8bbac75-7155-49ab-a153-e8908ae28c84",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/enterprise-scale/network-topology-and-connectivity",
+            "service": "VNet",
+            "severity": "Medium",
+            "text": "Use a hub-and-spoke network topology for network scenarios that require maximum flexibility.",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "7dd61623-a364-4a90-9eca-e48ebd54cd7d",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/traditional-azure-networking-topology",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Deploy shared networking services, including ExpressRoute gateways, VPN gateways, and Azure Firewall or partner NVAs in the central-hub virtual network. If necessary, also deploy DNS services.",
+            "training": "https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/",
+            "waf": "Cost"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "143b16c3-1d7a-4a9b-9470-4489a8042d88",
+            "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-overview",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Use a DDoS Network or IP protection plan for all public IP addresses in application landing zones.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e2e8abac-3571-4559-ab91-53e89f89dc7b",
+            "link": "https://learn.microsoft.com/azure/architecture/reference-architectures/dmz/nva-ha",
+            "service": "NVA",
+            "severity": "Medium",
+            "text": "When deploying partner networking technologies or NVAs, follow the partner vendor's guidance.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "ce463dbb-bc8a-4c2a-aebc-92a43da1dae2",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-coexist-resource-manager#to-enable-transit-routing-between-expressroute-and-azure-vpn",
+            "service": "ExpressRoute",
+            "severity": "Low",
+            "text": "If you need transit between ExpressRoute and VPN gateways in hub and spoke scenarios, use Azure Route Server.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-route-server/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualHubs",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant",
+            "guid": "91b9d7d5-91e1-4dcb-8f1f-fa7e465646cc",
+            "link": "https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1",
+            "service": "ARS",
+            "severity": "Low",
+            "text": "If using Route Server, use a /27 prefix for the Route Server subnet.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-route-server/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "cc881471-607c-41cc-a0e6-14658dd558f9",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-networks-faq#can-i-create-a-peering-connection-to-a-vnet-in-a-different-region",
+            "service": "VNet",
+            "severity": "Medium",
+            "text": "For network architectures with multiple hub-and-spoke topologies across Azure regions, use global virtual network peerings between the hub VNets to connect the regions to each other.",
+            "training": "https://learn.microsoft.com/learn/paths/azure-administrator-manage-virtual-networks/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "4722d929-c1b1-4cd6-81f5-4b29bade39ad",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/insights/network-insights-overview",
+            "service": "VNet",
+            "severity": "Medium",
+            "text": "Use Azure Monitor for Networks to monitor the end-to-end state of the networks on Azure.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-network-monitoring/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant",
+            "guid": "0e7c28ec-9366-4572-83b0-f4664b1d944a",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits",
+            "service": "VNet",
+            "severity": "Medium",
+            "text": "If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000).",
+            "training": "https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant",
+            "guid": "3d457936-e9b7-41eb-bdff-314b26450b12",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits",
+            "service": "VNet",
+            "severity": "Medium",
+            "text": "Limit the number of routes per route table to 400.",
+            "training": "https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)",
+            "guid": "c76cb5a2-abe2-11ed-afa1-0242ac120002",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings.",
+            "training": "https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "de0d5973-cd4c-4d21-a088-137f5e6c4cfd",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-macsec",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "When you're using ExpressRoute Direct, configure MACsec in order to encrypt traffic at the layer-two level between the organization's routers and MSEE. The diagram shows this encryption in flow.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "ed301d6e-872e-452e-9611-cc58b5a4b151",
+            "link": "https://learn.microsoft.com/azure/vpn-gateway/site-to-site-vpn-private-peering",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "For scenarios where MACsec isn't an option (for example, not using ExpressRoute Direct), use a VPN gateway to establish IPsec tunnels over ExpressRoute private peering.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "558fd772-49b8-4211-82df-27ee412e7f98",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "Ensure no overlapping IP address spaces across Azure regions and on-premises locations are used.",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr",
+            "guid": "3f630472-2dd6-49c5-a5c2-622f54b69bad",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
+            "service": "VNet",
+            "severity": "Medium",
+            "text": "Use IP addresses from the address allocation ranges for private internets (RFC 1918).",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant",
+            "guid": "33aad5e8-c68e-41d7-9667-313b4f5664b5",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16).",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "f348ef25-4c27-4d42-b8bb-ac7571559ab9",
+            "link": "https://learn.microsoft.com/azure/site-recovery/concepts-on-premises-to-azure-networking#retain-ip-addresses",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Do not use overlapping IP address ranges for production and disaster recovery sites.",
+            "training": "https://learn.microsoft.com/learn/paths/az-104-manage-virtual-networks/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/dnsZones",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "153e8908-ae28-4c84-a33b-6b7808b9fe5c",
+            "link": "https://learn.microsoft.com/azure/dns/private-dns-getstarted-portal",
+            "service": "DNS",
+            "severity": "Medium",
+            "text": "For environments where name resolution in Azure is all that's required, use Azure Private DNS for resolution with a delegated zone for name resolution (such as 'azure.contoso.com').",
+            "training": "https://learn.microsoft.com/learn/paths/az-104-manage-virtual-networks/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Network/dnsZones",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "41049d40-3a92-43c3-974d-00018ac6a9e0",
+            "link": "https://learn.microsoft.com/azure/dns/dns-private-resolver-overview",
+            "service": "DNS",
+            "severity": "Medium",
+            "text": "For environments where name resolution across Azure and on-premises is required and there is no existing enterprise DNS service like Active Directory, use Azure DNS Private Resolver to route DNS requests to Azure or to on-premises DNS servers.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-dns-private-resolver/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/dnsZones",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1e6a83de-5de3-42c1-a924-81607d5d1e4e",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-networks-name-resolution-for-vms-and-role-instances",
+            "service": "DNS",
+            "severity": "Low",
+            "text": "Special workloads that require and deploy their own DNS (such as Red Hat OpenShift) should use their preferred DNS solution.",
+            "training": "https://learn.microsoft.com/training/courses/az-700t00",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Network/dnsZones",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "614658d3-558f-4d77-849b-821112df27ee",
+            "link": "https://learn.microsoft.com/azure/dns/private-dns-autoregistration",
+            "service": "DNS",
+            "severity": "High",
+            "text": "Enable auto-registration for Azure DNS to automatically manage the lifecycle of the DNS records for the virtual machines deployed within a virtual network.",
+            "training": "https://learn.microsoft.com/learn/paths/az-104-manage-virtual-networks/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/bastionHosts",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "ee1ac551-c4d5-46cf-b035-d0a3c50d87ad",
+            "link": "https://learn.microsoft.com/azure/bastion/bastion-overview",
+            "service": "Bastion",
+            "severity": "Medium",
+            "text": "Use Azure Bastion to securely connect to your network.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-bastion/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "microsoft.network/bastionHosts",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant",
+            "guid": "6eab9eb6-762b-485e-8ea8-15aa5dba0bd0",
+            "link": "https://learn.microsoft.com/azure/bastion/bastion-faq#subnet",
+            "service": "Bastion",
+            "severity": "Medium",
+            "text": "Use Azure Bastion in a subnet /26 or larger.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-bastion/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "microsoft.network/frontdoorwebApplicationFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1d7aa9b6-4704-4489-a804-2d88e79d17b7",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/afds-overview",
+            "service": "WAF",
+            "severity": "Medium",
+            "text": "Use Azure Front Door and WAF policies to provide global protection across Azure regions for inbound HTTP/S connections to a landing zone.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "microsoft.network/frontdoorwebApplicationFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "3b22a5a6-7e7a-48ed-9b30-e38c3f29812b",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
+            "service": "WAF",
+            "severity": "Low",
+            "text": "When using Azure Front Door and Azure Application Gateway to help protect HTTP/S apps, use WAF policies in Azure Front Door. Lock down Azure Application Gateway to receive traffic only from Azure Front Door.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-application-delivery/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "microsoft.network/frontdoorwebApplicationFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "2363cefe-179b-4599-be0d-5973cd4cd21b",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/ag/ag-overview",
+            "service": "WAF",
+            "severity": "High",
+            "text": "When WAFs and other reverse proxies are required for inbound HTTP/S connections, deploy them within a landing-zone virtual network and together with the apps that they're protecting and exposing to the internet.",
+            "training": "https://learn.microsoft.com/learn/paths/architect-network-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "088137f5-e6c4-4cfd-9e50-4547c2447ec6",
+            "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-reference-architectures",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Use Azure DDoS Network or IP Protection plans to help protect Public IP Addresses endpoints within the virtual networks.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b034c01e-110b-463a-b36e-e3346e57f225",
+            "link": "https://learn.microsoft.com/azure/virtual-network/ip-services/default-outbound-access",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Plan for how to manage your network outbound traffic configuration and strategy before the upcoming breaking change. On September 30, 2025, default outbound access for new deployments will be retired and only explicit access configurations will be allowed.",
+            "training": "https://learn.microsoft.com/training/modules/configure-virtual-networks/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b1c82a3f-2320-4dfa-8972-7ae4823c8930",
+            "link": "https://learn.microsoft.com/azure/ddos-protection/ddos-protection-reference-architectures",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Add diagnostic settings to save DDoS related logs for all the protected public IP addresses (DDoS IP or Network Protection).",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "3c5a808d-c695-4c14-a63c-c7ab7a510e41",
+            "link": "https://github.com/Azure/Enterprise-Scale/wiki/ALZ-Policies#corp",
+            "service": "Policy",
+            "severity": "High",
+            "text": "Ensure there is a policy assignment to deny Public IP addresses directly tied to Virtual Machines.  Use exclusions if public IPs are needed on specific VMs.",
+            "training": "https://learn.microsoft.com/training/modules/configure-azure-policy/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "359c373e-7dd6-4162-9a36-4a907ecae48e",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/connectivity-to-azure",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Use ExpressRoute as the primary connection to Azure.  Use VPNs as a source of backup connectivity.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "description": "You can use AS-path prepending and connection weights to influence traffic from Azure to on-premises, and the full range of BGP attributes in your own routers to influence traffic from on-premises to Azure.",
+            "guid": "f29812b2-363c-4efe-879b-599de0d5973c",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-routing",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "When you use multiple ExpressRoute circuits or multiple on-prem locations, use BGP attributes to optimize routing.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant",
+            "guid": "d4cd21b0-8813-47f5-b6c4-cfd3e504547c",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant",
+            "guid": "7025b442-f6e9-4af6-b11f-c9574916016f",
+            "link": "https://learn.microsoft.com/azure/expressroute/plan-manage-cost",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/",
+            "waf": "Cost"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id",
+            "guid": "f4e7926a-ec35-476e-a412-5dd17136bd62",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/",
+            "waf": "Cost"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant",
+            "guid": "2447ec66-138a-4720-8f1c-e16ed301d6e8",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "72e52e36-11cc-458b-9a4b-1511e43a58a9",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/connectivity-to-azure",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "For scenarios that require bandwidth higher than 10 Gbps or dedicated 10/100-Gbps ports, use ExpressRoute Direct.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "c2299c4d-7b57-4d0c-9555-62f2b3e4563a",
+            "link": "https://learn.microsoft.com/azure/expressroute/about-fastpath",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "When low latency is required, or throughput from on-premises to Azure must be greater than 10 Gbps, enable FastPath to bypass the ExpressRoute gateway from the data path.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "microsoft.network/virtualNetworkGateways",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant",
+            "guid": "4d873974-8b66-42d6-b15f-512a65498f6d",
+            "link": "https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway",
+            "service": "VPN",
+            "severity": "Medium",
+            "text": "Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available).",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/virtualNetworkGateways",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "45866df8-cf85-4ca9-bbe2-65ec1478919e",
+            "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-highlyavailable",
+            "service": "VPN",
+            "severity": "Medium",
+            "text": "Use redundant VPN appliances on-premises (active/active or active/passive).",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "718cb437-b060-2589-8856-2e93a5c6633b",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-erdirect-about",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "If using ExpressRoute Direct, consider using ExpressRoute Local circuits to the local Azure regions to save costs.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Cost"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "8042d88e-79d1-47b7-9b22-a5a67e7a8ed4",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/services/networking/expressroute/reliability",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "When traffic isolation or dedicated bandwidth is required, such as for separating production and nonproduction environments, use different ExpressRoute circuits. It will help you ensure isolated routing domains and alleviate noisy-neighbor risks.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b30e38c3-f298-412b-8363-cefe179b599d",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-monitoring-metrics-alerts",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Monitor ExpressRoute availability and utilization using built-in Express Route Insights.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5bf68dc9-325e-4873-bf88-f8214ef2e5d2",
+            "link": "https://learn.microsoft.com/azure/expressroute/how-to-configure-connection-monitor",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Use Connection Monitor for connectivity monitoring across the network, especially between on-premises and Azure.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2)",
+            "guid": "e0d5973c-d4cd-421b-8881-37f5e6c4cfd3",
+            "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Use ExpressRoute circuits from different peering locations for redundancy.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "cf3fe65c-fec0-495a-8edc-9675200f2add",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-coexist-resource-manager",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Use site-to-site VPN as failover of ExpressRoute, if only using a single ExpressRoute circuit.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation))",
+            "guid": "72105cc8-aaea-4ee1-8c7a-ad25977afcaf",
+            "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated.",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d581a947-69a2-4783-942e-9df3664324c8",
+            "link": "https://learn.microsoft.com/azure/expressroute/designing-for-high-availability-with-expressroute#active-active-connections",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "If using ExpressRoute, your on-premises routing should be dynamic: in the event of a connection failure it should converge to the remaining connection of the circuit. Load should be shared across both connections ideally as active/active, although active/passive is supported too.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b258f058-b9f6-46cd-b28d-990106f0c3f8",
+            "link": "https://learn.microsoft.com/azure/expressroute/designing-for-high-availability-with-expressroute",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Ensure the two physical links of your ExpressRoute circuit are connected to two distinct edge devices in your network.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "fe2a1b53-6fbd-4c67-b58a-85d7c7a0afcb",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-bfd",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Ensure Bidirectional Forwarding Detection (BFD) is enabled and configured on customer or provider edge routing devices.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "669b215a-ce43-4371-8f6f-11047f6490f1",
+            "link": "https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "Connect the ExpressRoute Gateway to two or more circuits from different peering locations for higher resiliency.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "3f79ed00-203b-4c95-9efd-691505f5a1f9",
+            "link": "https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-howto-setup-alerts-virtual-network-gateway-log",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Configure diagnostic logs and alerts for ExpressRoute virtual network gateway.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5234c93f-b651-41dd-80c1-234177b91ced",
+            "link": "https://learn.microsoft.com/azure/expressroute/virtual-network-connectivity-guidance",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Do not use ExpressRoute circuits for VNet-to-VNet communication.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Performance"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "8ac6a9e0-1e6a-483d-b5de-32c199248160",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-about",
+            "service": "N/A",
+            "severity": "Low",
+            "text": "Do not send Azure traffic to hybrid locations for inspection.  Instead, follow the principle 'traffic in Azure stays in Azure' so that communication across resources in Azure occurs via the Microsoft backbone network.",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e6c4cfd3-e504-4547-a244-7ec66138a720",
+            "link": "https://learn.microsoft.com/azure/firewall/overview",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "Use Azure Firewall to govern Azure outbound traffic to the internet, non-HTTP/S inbound connections, and East/West traffic filtering (if the organization requires it).",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5a4b1511-e43a-458a-ac22-99c4d7b57d0c",
+            "link": "https://learn.microsoft.com/azure/firewall-manager/policy-overview",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Create a global Azure Firewall policy to govern security posture across the global network environment and assign it to all Azure Firewall instances. Allow for granular policies to meet requirements of specific regions by delegating incremental firewall policies to local security teams via Azure role-based access control.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "655562f2-b3e4-4563-a4d8-739748b662d6",
+            "link": "https://learn.microsoft.com/azure/firewall-manager/deploy-trusted-security-partner",
+            "service": "Firewall",
+            "severity": "Low",
+            "text": "Configure supported partner SaaS security providers within Firewall Manager if the organization wants to use such solutions to help protect outbound connections.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant",
+            "guid": "14d99880-2f88-47e8-a134-62a7d85c94af",
+            "link": "https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant",
+            "guid": "c10d51ef-f999-455d-bba0-5c90ece07447",
+            "link": "https://learn.microsoft.com/azure/firewall/premium-features",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "Use Azure Firewall Premium to enable additional security features.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-firewall/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant",
+            "guid": "e9c8f584-6d5e-473b-8dc5-acc9fbaab4e3",
+            "link": "https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant",
+            "guid": "b9d0dff5-bdd4-4cd8-88ed-5811610b2b2c",
+            "link": "https://learn.microsoft.com/azure/firewall/premium-features#idps",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "Configure Azure Firewall IDPS mode to Deny for additional protection.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-firewall/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant",
+            "guid": "a3784907-9836-4271-aafc-93535f8ec08b",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "715d833d-4708-4527-90ac-1b142c7045ba",
+            "link": "https://learn.microsoft.com/azure/firewall/firewall-structured-logs",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Add diagnostic settings to save logs, using the Resource Specific destination table, for all Azure Firewall deployments.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e960fc6b-4ab2-4db6-9609-3745135f9ffa",
+            "link": "https://learn.microsoft.com/azure/firewall-manager/migrate-to-policy",
+            "service": "Firewall",
+            "severity": "Important",
+            "text": "Migrate from Azure Firewall Classic rules (if exist) to Firewall Policy.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant",
+            "guid": "22d6419e-b627-4d95-9e7d-019fa759387f",
+            "link": "https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "Use a /26 prefix for your Azure Firewall subnets.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-firewall/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "828cec2e-af6c-40c2-8fa2-1b681ee63eb7",
+            "link": "https://learn.microsoft.com/azure/firewall-manager/rule-hierarchy",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Arrange rules within the firewall policy into Rule Collection Groups and Rule Collections and based on their frequency of use.",
+            "training": "https://learn.microsoft.com/training/modules/intro-to-azure-firewall-manager/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "0da83bb1-2f39-49af-b5c9-835fc455e3d1",
+            "link": "https://learn.microsoft.com/azure/firewall/ip-groups",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Use IP Groups or IP prefixes to reduce number of IP table rules.",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "c44c6f0e-1642-4a61-a17b-0922f835c93a",
+            "link": "https://learn.microsoft.com/azure/firewall/tutorial-firewall-dnat",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Do not use wildcards as a source IP for DNATS, such as * or any, you should specify source IPs for incoming DNATs.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-to-azure-virtual-networks/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "7371dc21-251a-47a3-af14-6e01b9da4757",
+            "link": "https://learn.microsoft.com/azure/firewall/integrate-with-nat-gateway",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Prevent SNAT Port exhaustion by monitoring SNAT port usage, evaluating NAT Gateway settings, and ensuring seamless failover. If the port count approaches the limit, it’s a sign that SNAT exhaustion might be imminent.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-to-azure-virtual-networks/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "346840b8-1064-496e-8396-4b1340172d52",
+            "link": "https://learn.microsoft.com/azure/firewall/premium-features#tls-inspection",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "If you are using Azure Firewall Premium, enable TLS Inspection.",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "39990a13-915c-45f9-a2d3-562d7d6c4b7c",
+            "link": "https://learn.microsoft.com/azure/firewall/premium-features#web-categories",
+            "service": "Firewall",
+            "severity": "Low",
+            "text": "Use web categories to allow or deny outbound access to specific topics.",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6eff7e6c-6c4a-43d7-be3f-6641c2cb3d4a",
+            "link": "https://learn.microsoft.com/azure/architecture/example-scenario/gateway/application-gateway-before-azure-firewall",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "As part of your TLS inspection, plan for receiving traffic from Azure App Gateways for inspection.",
+            "training": "https://learn.microsoft.com/training/modules/configure-azure-application-gateway/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "94f3eede-9aa3-4088-92a3-bb9a56509fad",
+            "link": "https://learn.microsoft.com/azure/firewall/dns-details",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Enable Azure Firewall DNS proxy configuration.",
+            "training": "https://learn.microsoft.com/training/courses/az-700t00/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1dc04554-dece-4ffb-a49e-5c683e09f8da",
+            "link": "https://learn.microsoft.com/azure/firewall/firewall-diagnostics",
+            "service": "Firewall",
+            "severity": "High",
+            "text": "Integrate Azure Firewall with Azure Monitor and enable diagnostic logging to store and analyze firewall logs.",
+            "training": "https://learn.microsoft.com/training/courses/az-700t00/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "64e7000e-3c06-485e-b455-ced7f454cba3",
+            "link": "https://learn.microsoft.com/azure/well-architected/service-guides/azure-firewall",
+            "service": "Firewall",
+            "severity": "Low",
+            "text": "Implement backups for your firewall rules",
+            "training": "https://learn.microsoft.com/training/courses/az-104t00/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/applicationGateways",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d301d6e8-72e5-42e3-911c-c58b5a4b1511",
+            "link": "https://learn.microsoft.com/azure/virtual-network/vnet-integration-for-azure-services",
+            "service": "App Gateway",
+            "severity": "High",
+            "text": "Do not disrupt control-plane communication for Azure PaaS services injected into a virtual networks, such as with a 0.0.0.0/0 route or an NSG rule that blocks control plane traffic.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b3e4563a-4d87-4397-98b6-62d6d15f512a",
+            "link": "https://learn.microsoft.com/azure/private-link/private-endpoint-overview",
+            "service": "ExpressRoute",
+            "severity": "Medium",
+            "text": "Access Azure PaaS services from on-premises via private endpoints and ExpressRoute private peering. This method avoids transiting over the public internet.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/virtualNetworks",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc",
+            "guid": "4704489a-8042-4d88-b79d-17b73b22a5a6",
+            "link": "https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview",
+            "service": "VNet",
+            "severity": "High",
+            "text": "Don't enable virtual network service endpoints by default on all subnets.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/azureFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "7e7a8ed4-b30e-438c-9f29-812b2363cefe",
+            "link": "azure/private-link/inspect-traffic-with-azure-firewall",
+            "service": "Firewall",
+            "severity": "Medium",
+            "text": "Filter egress traffic to Azure PaaS services using FQDNs instead of IP addresses in Azure Firewall or an NVA to prevent data exfiltration. If using Private Link you can block all FQDNs, otherwise allow only the required PaaS services.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "microsoft.network/expressRouteCircuits",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant",
+            "guid": "f2aad7e3-bb03-4adc-8606-4123d342a917",
+            "link": "https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway",
+            "service": "ExpressRoute",
+            "severity": "High",
+            "text": "Use at least a /27 prefix for your Gateway subnets.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/networkSecurityGroups",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)",
+            "guid": "11deb39d-8299-4e47-bbe0-0fb5a36318a8",
+            "link": "https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags",
+            "service": "NSG",
+            "severity": "High",
+            "text": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/networkSecurityGroups",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "872e52e3-611c-4c58-a5a4-b1511e43a58a",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-landing-zone-network-segmentation",
+            "service": "NSG",
+            "severity": "Medium",
+            "text": "Use NSGs to help protect traffic across subnets, as well as east/west traffic across the platform (traffic between landing zones).",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/networkSecurityGroups",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "a4d87397-48b6-462d-9d15-f512a65498f6",
+            "link": "https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works",
+            "service": "NSG",
+            "severity": "Medium",
+            "text": "Use NSGs and application security groups to micro-segment traffic within the landing zone and avoid using a central NVA to filter traffic flows.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-network-security/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/networkSecurityGroups",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "dfe237de-143b-416c-91d7-aa9b64704489",
+            "link": "https://learn.microsoft.com/azure/network-watcher/vnet-flow-logs-overview",
+            "service": "NSG",
+            "severity": "Medium",
+            "text": "Enable VNet Flow Logs and feed them into Traffic Analytics to gain insights into internal and external traffic flows.",
+            "training": "https://learn.microsoft.com/learn/modules/design-implement-network-monitoring/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Network/networkSecurityGroups",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900)",
+            "guid": "0390417d-53dc-44d9-b3f4-c8832f359b41",
+            "link": "https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits",
+            "service": "NSG",
+            "severity": "Medium",
+            "text": "Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules.",
+            "training": "https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "412e7f98-3f63-4047-82dd-69c5b5c2622f",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/scenario-any-to-any",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "Use Virtual WAN if your scenario is explicitly described in the list of Virtual WAN routing designs.",
+            "training": "https://learn.microsoft.com/learn/modules/introduction-azure-virtual-wan/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "54b69bad-33aa-4d5e-ac68-e1d76667313b",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/virtual-wan-network-topology#virtual-wan-network-design-recommendationst",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "Use a Virtual WAN hub per Azure region to connect multiple landing zones together across Azure regions via a common global Azure Virtual WAN.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Performance"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant",
+            "guid": "7d5d1e4e-6146-458d-9558-fd77249b8211",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/howto-firewall",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6667313b-4f56-464b-9e98-4a859c773e7d",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/migrate-from-hub-spoke-topology",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "Ensure that your virtual WAN network architecture aligns to an identified architecture scenario.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "261623a7-65a9-417e-8f34-8ef254c27d42",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/azure-monitor-insights",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "Use Azure Monitor Insights for Virtual WAN to monitor the end-to-end topology of the Virtual WAN, status, and key metrics.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "727c77e1-b9aa-4a37-a024-129d042422c1",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-faq#is-branch-to-branch-connectivity-allowed-in-virtual-wan",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "Do not disable branch-to-branch traffic in Virtual WAN, unless these flows should be explicitly blocked.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d49ac006-6670-4bc9-9948-d3e0a3a94f4d",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/about-virtual-hub-routing-preference",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "Use AS-Path as hub routing preference, since it is more flexible than ExpressRoute or VPN.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "2586b854-237e-47f1-84a1-d45d4cd2310d",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/about-virtual-hub-routing#labels",
+            "service": "VWAN",
+            "severity": "Medium",
+            "text": "Configure label-based propagation in Virtual WAN, otherwise connectivity between virtual hubs will be impaired.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "microsoft.network/virtualWans",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "9c75dfef-573c-461c-a698-68598595581a",
+            "link": "https://learn.microsoft.com/azure/virtual-wan/virtual-wan-faq#what-is-the-recommended-hub-address-space-during-hub-creation",
+            "service": "VWAN",
+            "severity": "High",
+            "text": "Assign at least a /23 prefix to virtual hubs to ensure enough IP space is available.",
+            "training": "https://learn.microsoft.com/training/modules/introduction-azure-virtual-wan/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5c986cb2-9131-456a-8247-6e49f541acdc",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "severity": "High",
+            "text": "Leverage Azure Policy strategically, define controls for your environment, using Policy Initiatives to group related policies.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d8a2adb1-17d6-4326-af62-5ca44e5695f2",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "Map regulatory and compliance requirements to Azure Policy definitions and Azure role assignments.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "223ace8c-b123-408c-a501-7f154e3ab369",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "Establish Azure Policy definitions at the intermediate root management group so that they can be assigned at inherited scopes.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "3829e7e3-1618-4368-9a04-77a209945bda",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "severity": "High",
+            "text": "Manage policy assignments at the highest appropriate level with exclusions at bottom levels, if required.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "43334f24-9116-4341-a2ba-527526944008",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/mcsb-asset-management#am-2-use-only-approved-services",
+            "service": "Policy",
+            "severity": "Low",
+            "text": "Use Azure Policy to control which services users can provision at the subscription/management group level.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "be7d7e48-4327-46d8-adc0-55bcf619e8a1",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "severity": "High",
+            "text": "Use built-in policies where possible to minimize operational overhead.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "description": "Assigning the Resource Policy Contributor role to specific scopes allows you to delegate policy management to relevant teams. For instance, a central IT team may oversee management group-level policies, while application teams handle policies for their subscriptions, enabling distributed governance with adherence to organizational standards.",
+            "guid": "3f988795-25d6-4268-a6d7-0ba6c97be995",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview#azure-rbac-permissions-in-azure-policy",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "Assign the built-in Resource Policy Contributor role at a particular scope to enable application-level governance.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "19048384-5c98-46cb-8913-156a12476e49",
+            "link": "https://learn.microsoft.com/azure/governance/policy/overview",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "Limit the number of Azure Policy assignments made at the root management group scope to avoid managing through exclusions at inherited scopes.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5a917e1f-348e-4f25-9c27-d42e8bbac757",
+            "link": "https://learn.microsoft.com/industry/release-plan/2023wave2/cloud-sovereignty/enable-data-sovereignty-policy-baseline",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "If any data sovereignty requirements exist, Azure Policies should be deployed to enforce them.",
+            "training": "https://learn.microsoft.com/learn/paths/secure-your-cloud-data/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "78b22132-b41c-460b-a4d3-df8f73a67dc2",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/sovereign-landing-zone",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "For Sovereign Landing Zone, deploy sovereignty policy baseline and assign at correct management group level.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "caeea0e9-1024-41df-a52e-d99c3f22a6f4",
+            "link": "https://learn.microsoft.com/industry/sovereignty/policy-portfolio-baseline",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "For Sovereign Landing Zone, document Sovereign Control objectives to policy mapping.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Authorization/policyDefinitions",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "9b461617-db7b-4399-8ac6-d4eb7153893a",
+            "link": "https://learn.microsoft.com/industry/sovereignty/policy-portfolio-baseline#sovereignty-baseline-policy-initiatives",
+            "service": "Policy",
+            "severity": "Medium",
+            "text": "For Sovereign Landing Zone, ensure process is in place for management of 'Sovereign Control objectives to policy mapping'.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Insights/components",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "67e7a8ed-4b30-4e38-a3f2-9812b2363cef",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
+            "service": "Monitor",
+            "severity": "Medium",
+            "text": "Use a single monitor logs workspace to manage platforms centrally except where Azure role-based access control (Azure RBAC), data sovereignty requirements, or data retention policies mandate separate workspaces.",
+            "training": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Insights/components",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5e6c4cfd-3e50-4454-9c24-47ec66138a72",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/data-retention-archive?tabs=portal-1%2Cportal-2#how-retention-and-archiving-work",
+            "service": "Monitor",
+            "severity": "High",
+            "text": "Export logs to Azure Storage if your log retention requirements exceed twelve years. Use immutable storage with a write-once, read-many policy to make data non-erasable and non-modifiable for a user-specified interval.",
+            "training": "https://learn.microsoft.com/learn/paths/architect-infrastructure-operations/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e7d7e484-3276-4d8b-bc05-5bcf619e8a13",
+            "link": "https://learn.microsoft.com/azure/governance/machine-configuration/overview",
+            "service": "VM",
+            "severity": "Medium",
+            "text": "Monitor OS level virtual machine (VM) configuration drift using Azure Policy. Enabling Azure Automanage Machine Configuration audit capabilities through policy helps application team workloads to immediately consume feature capabilities with little effort.",
+            "training": "https://learn.microsoft.com/learn/paths/implement-resource-mgmt-security/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "f9887952-5d62-4688-9d70-ba6c97be9951",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#update-management-considerations",
+            "service": "VM",
+            "severity": "Medium",
+            "text": "Use Azure Update Manager as a patching mechanism for Windows and Linux VMs in Azure.",
+            "training": "https://learn.microsoft.com/azure/update-manager/overview?tabs=azure-vms",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "c806c048-26b7-4ddf-b4c2-b4f0c476925d",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#update-management-considerations ",
+            "service": "VM",
+            "severity": "Medium",
+            "text": "Use Azure Update Manager as a patching mechanism for Windows and Linux VMs outside of Azure using Azure Arc.",
+            "training": "https://learn.microsoft.com/azure/update-manager/overview?tabs=azure-vms",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/networkWatchers",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "90483845-c986-4cb2-a131-56a12476e49f",
+            "link": "https://learn.microsoft.com/azure/network-watcher/network-watcher-monitoring-overview",
+            "service": "Network Watcher",
+            "severity": "Medium",
+            "text": "Use Network Watcher to proactively monitor traffic flows.",
+            "training": "https://learn.microsoft.com/learn/modules/configure-network-watcher/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Insights/components",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6944008b-e7d7-4e48-9327-6d8bdc055bcf",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-setup-guide/monitoring-reporting?tabs=AzureMonitor",
+            "service": "Monitor",
+            "severity": "Medium",
+            "text": "Use Azure Monitor Logs for insights and reporting.",
+            "training": "https://learn.microsoft.com/training/modules/configure-azure-monitor/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Insights/components",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "97be9951-9048-4384-9c98-6cb2913156a1",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/alerts/alerts-overview",
+            "service": "Monitor",
+            "severity": "Medium",
+            "text": "Use Azure Monitor alerts for the generation of operational alerts.",
+            "training": "https://learn.microsoft.com/training/modules/incident-response-with-alerting-on-azure/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.Insights/components",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "fed3c55f-a67e-4875-aadd-3aba3f9fde31",
+            "link": "https://learn.microsoft.com/azure/automation/how-to/region-mappings",
+            "service": "Monitor",
+            "severity": "Medium",
+            "text": "When using Change and Inventory Tracking via Azure Automation Accounts, ensure that you have selected supported regions for linking your Log Analytics workspace and automation accounts together.",
+            "training": "https://learn.microsoft.com/training/modules/explore-azure-automation-devops/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.RecoveryServices/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "eba8cf22-45c6-4dc1-9b57-2cceb3b97ce5",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
+            "service": "Backup",
+            "severity": "Low",
+            "text": "When using Azure Backup, use the correct backup types (GRS, ZRS & LRS) for your backup, as the default setting is GRS.",
+            "training": "https://learn.microsoft.com/training/modules/design-solution-for-backup-disaster-recovery/",
+            "waf": "Reliability"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "f541acdc-e979-4377-acdb-3751ab2ab13a",
+            "link": "https://learn.microsoft.com/azure/governance/policy/concepts/guest-configuration",
+            "service": "VM",
+            "severity": "Medium",
+            "text": "Use Azure guest policies to automatically deploy software configurations through VM extensions and enforce a compliant baseline VM configuration.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "description": "Use Azure Policy's guest configuration features  to audit and remediate machine settings (e.g., OS, application, environment) to ensure resources align with expected configurations, and Update Management can enforce patch management for VMs.",
+            "guid": "da6e55d7-d8a2-4adb-817d-6326af625ca4",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-operational-compliance#monitoring-for-configuration-drift",
+            "service": "VM",
+            "severity": "Medium",
+            "text": "Monitor VM security configuration drift via Azure Policy.",
+            "training": "https://learn.microsoft.com/training/paths/implement-resource-mgmt-security/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "2476e49f-541a-4cdc-b979-377bcdb3751a",
+            "link": "https://learn.microsoft.com/azure/site-recovery/site-recovery-overview",
+            "service": "VM",
+            "severity": "Medium",
+            "text": "Use Azure Site Recovery for Azure-to-Azure Virtual Machines disaster recovery scenarios. This enables you to replicate workloads across regions.",
+            "training": "https://learn.microsoft.com/training/modules/protect-infrastructure-with-site-recovery/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.RecoveryServices/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "f625ca44-e569-45f2-823a-ce8cb12308ca",
+            "link": "https://learn.microsoft.com/azure/backup/backup-center-overview",
+            "service": "Backup",
+            "severity": "Medium",
+            "text": "Use Azure-native backup capabilities, or an Azure-compatible, 3rd-party backup solution.",
+            "training": "https://learn.microsoft.com/training/modules/design-solution-for-backup-disaster-recovery/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/frontdoorwebApplicationFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "89cc5e11-aa4d-4c3b-893d-feb99215266a",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#add-diagnostic-settings-to-save-your-wafs-logs",
+            "service": "WAF",
+            "severity": "High",
+            "text": "Add diagnostic settings to save WAF logs from application delivery services like Azure Front Door and Azure Application Gateway. Regularly review the logs to check for attacks and for false positive detections.",
+            "training": "https://learn.microsoft.com/training/modules/capture-application-logs-app-service/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "microsoft.network/frontdoorwebApplicationFirewalls",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "7f408960-c626-44cb-a018-347c8d790cdf",
+            "link": "https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-best-practices#send-logs-to-microsoft-sentinel",
+            "service": "WAF",
+            "severity": "Medium",
+            "text": "Send WAF logs from your application delivery services like Azure Front Door and Azure Application Gateway to Microsoft Sentinel. Detect attacks and integrate WAF telemetry into your overall Azure environment.",
+            "training": "https://learn.microsoft.com/training/paths/sc-200-connect-logs-to-azure-sentinel/",
+            "waf": "Operations"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "5017f154-e3ab-4369-9829-e7e316183687",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/overview",
+            "service": "Key Vault",
+            "severity": "High",
+            "text": "Use Azure Key Vault to store your secrets and credentials.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "graph": "ResourceContainers | where type=='microsoft.resources/subscriptions'| parse id with '/subscriptions/' SubscriptionID| project subscriptionId, SubscriptionName = name| join kind=leftouter (Resources| where type == 'microsoft.keyvault/vaults'| project id, name, subscriptionId) on subscriptionId| join kind= leftouter (Resources| where type == 'microsoft.keyvault/vaults'| summarize ResourceCount = count() by subscriptionId) on subscriptionId| extend RCount = iff(isnull(ResourceCount), 0, ResourceCount)| project-away ResourceCount| extend compliant = (RCount <> 1)",
+            "guid": "a0477a20-9945-4bda-9333-4f2491163418",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/overview-throttling",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Use different Azure Key Vaults for different applications and regions to avoid transaction scale limits and restrict access to secrets.",
+            "training": "https://learn.microsoft.com/training/modules/configure-and-manage-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "2ba52752-6944-4008-ae7d-7e4843276d8b",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Provision Azure Key Vault with the soft delete and purge policies enabled to allow retention protection for deleted objects.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "dc055bcf-619e-48a1-9f98-879525d62688",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Follow a least privilege model by limiting authorization to permanently delete keys, secrets, and certificates to specialized custom Microsoft Entra ID roles.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "6d70ba6c-97be-4995-8904-83845c986cb2",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Automate the certificate management and renewal process with public certificate authorities to ease administration.",
+            "training": "https://learn.microsoft.com/en-us/training/modules/configure-and-manage-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "913156a1-2476-4e49-b541-acdce979377b",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Establish an automated process for key and certificate rotation.",
+            "training": "https://learn.microsoft.com/training/modules/configure-and-manage-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "cdb3751a-b2ab-413a-ba6e-55d7d8a2adb1",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Enable firewall and virtual network service endpoint or private endpoint on the vault to control access to the key vault.",
+            "training": "https://learn.microsoft.com/training/modules/design-implement-private-access-to-azure-services/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "17d6326a-f625-4ca4-9e56-95f2223ace8c",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/monitor-key-vault",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Use the platform-central Azure Monitor Log Analytics workspace to audit key, certificate, and secret usage within each instance of Key Vault.",
+            "training": "https://learn.microsoft.com/training/modules/analyze-infrastructure-with-azure-monitor-logs/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b12308ca-5017-4f15-9e3a-b3693829e7e3",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Delegate Key Vault instantiation and privileged access and use Azure Policy to enforce a consistent compliant configuration.",
+            "training": "https://learn.microsoft.com/training/modules/configure-azure-key-vault-networking-settings/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "91163418-2ba5-4275-8694-4008be7d7e48",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "Use an Azure Key Vault per application per environment per region.",
+            "training": "https://learn.microsoft.com/training/modules/implement-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "25d62688-6d70-4ba6-a97b-e99519048384",
+            "link": "https://learn.microsoft.com/azure/key-vault/general/best-practices",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "If you want to bring your own keys, this might not be supported across all considered services. Implement relevant mitigation so that inconsistencies don't hinder desired outcomes. Choose appropriate region pairs and disaster recovery regions that minimize latency.",
+            "training": "https://learn.microsoft.com/training/modules/configure-and-manage-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "4ac6b67c-b3a4-4ff9-8e87-b07a7ce7bbdb",
+            "link": "https://learn.microsoft.com/industry/sovereignty/key-management",
+            "service": "Key Vault",
+            "severity": "Medium",
+            "text": "For Sovereign Landing Zone, use Azure Key Vault managed HSM to store your secrets and credentials.",
+            "training": "https://learn.microsoft.com/training/modules/configure-and-manage-azure-key-vault/",
+            "waf": "Security"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "4e5695f2-223a-4ce8-ab12-308ca5017f15",
+            "link": "https://learn.microsoft.com/azure/active-directory/reports-monitoring/overview-reports",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "Use Microsoft Entra ID reporting capabilities to generate access control audit reports.",
+            "training": "https://learn.microsoft.com/training/modules/monitor-report-aad-security-events/",
+            "waf": "Security"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "09945bda-4333-44f2-9911-634182ba5275",
+            "link": "https://learn.microsoft.com/azure/defender-for-cloud/concept-cloud-security-posture-management",
+            "service": "Defender",
+            "severity": "High",
+            "text": "Enable Defender Cloud Security Posture Management for all subscriptions.",
+            "training": "https://learn.microsoft.com/training/modules/microsoft-defender-cloud-security-posture/",
+            "waf": "Security"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "36a72a48-fffe-4c40-9747-0ab5064355ba",
+            "link": "https://learn.microsoft.com/azure/defender-for-cloud/plan-defender-for-servers-select-plan",
+            "service": "Defender",
+            "severity": "High",
+            "text": "Enable a Defender Cloud Workload Protection Plan for Servers on all subscriptions.",
+            "training": "https://learn.microsoft.com/training/modules/understand-azure-defender-cloud-workload-protection/",
+            "waf": "Security"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "77425f48-ecba-43a0-aeac-a3ac733ccc6a",
+            "link": "https://learn.microsoft.com/azure/defender-for-cloud/connect-azure-subscription",
+            "service": "Defender",
+            "severity": "High",
+            "text": "Enable Defender Cloud Workload Protection Plans for Azure Resources on all subscriptions.",
+            "training": "https://learn.microsoft.com/training/modules/understand-azure-defender-cloud-workload-protection/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "24d96b30-61ee-4436-a1cc-d6ef08bc574b",
+            "link": "https://learn.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-protection",
+            "service": "VM",
+            "severity": "High",
+            "text": "Enable Endpoint Protection on IaaS Servers.",
+            "training": "https://learn.microsoft.com/training/modules/design-solutions-securing-server-client-endpoints/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Compute/virtualMachines",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "15833ee7-ad6c-46d3-9331-65c7acbe44ab",
+            "link": "https://learn.microsoft.com/azure/security-center/",
+            "service": "VM",
+            "severity": "Medium",
+            "text": "Monitor base operating system patching drift via Azure Monitor Logs and Defender for Cloud.",
+            "training": "https://learn.microsoft.com/training/modules/create-log-analytics-workspace-microsoft-defender-cloud/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Insights/components",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "e5f8d79f-2e87-4768-924c-516775c6ea95",
+            "link": "https://learn.microsoft.com/azure/azure-monitor/logs/design-logs-deployment",
+            "service": "Monitor",
+            "severity": "Medium",
+            "text": "Connect default resource configurations to a centralized Azure Monitor Log Analytics workspace.",
+            "training": "https://learn.microsoft.com/training/modules/analyze-infrastructure-with-azure-monitor-logs/",
+            "waf": "Security"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "1761e147-f65e-4d09-bbc2-f464f23e2eba",
+            "link": "https://learn.microsoft.com/industry/sovereignty/transparency-logs",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "For Sovereign Landing Zone, enable transparancy logs on the Entra ID tenant.",
+            "waf": "Security"
+        },
+        {
+            "checklist": "Azure Landing Zone Review",
+            "guid": "d21a922d-5ca7-427a-82a6-35f7b21f1bfc",
+            "link": "https://learn.microsoft.com/azure/security/fundamentals/customer-lockbox-overview",
+            "service": "Entra",
+            "severity": "Medium",
+            "text": "For Sovereign Landing Zone, enable customer Lockbox on the Entra ID tenant.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "b03ed428-4617-4067-a787-85468b9ccf3f",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer",
+            "service": "Storage",
+            "severity": "High",
+            "text": "Enable secure transfer to storage accounts.",
+            "training": "https://learn.microsoft.com/training/modules/secure-azure-storage-account/",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "159aac9f-863f-4f48-82cf-00c28fa97a0e",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/data-protection-overview#recommendations-for-basic-data-protection",
+            "service": "Storage",
+            "severity": "High",
+            "text": "Enable container soft delete for the storage account to recover a deleted container and its contents.",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.KeyVault/vaults",
+            "checklist": "Azure Landing Zone Review",
+            "guid": "108d5099-a11d-4445-bd8b-e12a5e95412e",
+            "link": "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/considerations/development-strategy-development-lifecycle#automated-builds",
+            "service": "Key Vault",
+            "severity": "High",
+            "text": "Use Key Vault secrets to avoid hard-coding sensitive information such as credentials (virtual machines user passwords), certificates or keys.",
+            "training": "https://learn.microsoft.com/en-us/training/modules/implement-azure-key-vault/",
+            "waf": "Operations"
+        },
         {
             "arm-service": "Microsoft.ApiManagement/service",
             "checklist": "Azure API Management Review",
@@ -2476,12 +4230,24 @@
         {
             "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "Azure Storage Review Checklist",
-            "description": "AAD tokens should be favored over shared access signatures, wherever possible",
+            "description": ". Enforcing the latest TLS version will reject request from clients using the older version. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant",
+            "guid": "e12be569-a18f-4562-8d5d-ce151b9e7d55",
+            "link": "https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version",
+            "service": "Azure Storage",
+            "severity": "High",
+            "text": "Enforce the latest TLS version for a storage account",
+            "waf": "Security"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Microsoft Entra ID tokens should be favored over shared access signatures, wherever possible",
             "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
             "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access",
             "service": "Azure Storage",
             "severity": "High",
-            "text": "Use Azure Active Directory (Azure AD) tokens for blob access",
+            "text": "Use Microsoft Entra ID tokens for blob access",
             "waf": "Security"
         },
         {
@@ -2508,12 +4274,13 @@
         {
             "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "Azure Storage Review Checklist",
-            "description": "Storage account keys ('shared keys') have very little audit capabilities. While it can be monitored on who/when fetched a copy of the keys, once the keys are in the hands of multiple people, it is impossible to attribute usage to a specific user. Solely relying on AAD authentication makes it easier to tie storage access to a user. ",
+            "description": "Storage account keys ('shared keys') have very little audit capabilities. While it can be monitored on who/when fetched a copy of the keys, once the keys are in the hands of multiple people, it is impossible to attribute usage to a specific user. Solely relying on Entra ID authentication makes it easier to tie storage access to a user. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant",
             "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
             "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
             "service": "Azure Storage",
             "severity": "High",
-            "text": "Consider disabling storage account keys, so that only AAD access (and user delegation SAS) is supported.",
+            "text": "Consider disabling storage account keys, so that only Microsoft Entra ID access (and user delegation SAS) is supported.",
             "waf": "Security"
         },
         {
@@ -2691,11 +4458,12 @@
             "arm-service": "Microsoft.Storage/storageAccounts",
             "checklist": "Azure Storage Review Checklist",
             "description": "Leverage Resource Graph Explorer (resources | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true) to find storage accounts which allow anonymous blob access.",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant",
             "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
             "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account",
             "service": "Azure Storage",
             "severity": "High",
-            "text": "Consider whether public blob access is needed, or whether it can be disabled for certain storage accounts. ",
+            "text": "Consider whether public blob anonymous access is needed, or whether it can be disabled for certain storage accounts. ",
             "waf": "Security"
         },
         {
@@ -8715,7 +10483,7 @@
     ],
     "metadata": {
         "name": "WAF checklist",
-        "timestamp": "August 08, 2024"
+        "timestamp": "August 12, 2024"
     },
     "severities": [
         {
diff --git a/checklists/waf_checklist.es.json b/checklists/waf_checklist.es.json
index 2e5c33a23..2bb0760dc 100644
--- a/checklists/waf_checklist.es.json
+++ b/checklists/waf_checklist.es.json
@@ -2554,6 +2554,438 @@
             "text": "Utilizar plataformas, lenguajes, protocolos y marcos actualizados",
             "waf": "Seguridad"
         },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Aplicación de las instrucciones del banco de pruebas de seguridad en la nube de Microsoft relacionadas con el almacenamiento",
+            "guid": "d237de14-3b16-4c21-b7aa-9b64604489a8",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/storage-security-baseline",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Tenga en cuenta la \"Línea base de seguridad de Azure para el almacenamiento\"",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "De forma predeterminada, Azure Storage tiene una dirección IP pública y es accesible desde Internet. Los puntos de conexión privados permiten exponer de forma segura Azure Storage solo a los recursos de Azure Compute que necesitan acceso, lo que elimina la exposición a la Internet pública",
+            "guid": "f42d78e7-9d17-4a73-a22a-5a67e7a8ed4b",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-private-endpoints",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Considere la posibilidad de usar puntos de conexión privados para Azure Storage",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Las cuentas de almacenamiento recién creadas se crean mediante el modelo de implementación de ARM, de modo que RBAC, etcétera de auditoría, estén habilitados. Asegúrese de que no haya cuentas de almacenamiento antiguas con el modelo de implementación clásico en una suscripción",
+            "guid": "30e37c3e-2971-41b2-963c-eee079b598de",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Asegúrese de que las cuentas de almacenamiento más antiguas no usen el \"modelo de implementación clásica\"",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Aproveche Microsoft Defender para obtener información sobre actividades sospechosas y configuraciones incorrectas.",
+            "guid": "fc5972cd-4cd2-41b0-a803-7f5e6b4bfd3d",
+            "link": "https://learn.microsoft.com/azure/storage/common/azure-defender-storage-configure",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Habilitación de Microsoft Defender para todas las cuentas de almacenamiento",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "El mecanismo de eliminación temporal permite recuperar blobs eliminados accidentalmente.",
+            "guid": "503547c1-447e-4c66-828a-7100f1ce16dd",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-overview",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Habilitación de la \"eliminación temporal\" para blobs",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Considere la posibilidad de deshabilitar selectivamente la \"eliminación temporal\" para determinados contenedores de blobs, por ejemplo, si la aplicación debe asegurarse de que la información eliminada se elimine inmediatamente, por ejemplo, por motivos de confidencialidad, privacidad o cumplimiento. ",
+            "guid": "3f1d5e87-2e52-4e36-81cc-58b4a4b1510e",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Deshabilitación de la \"eliminación temporal\" para blobs",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "La eliminación temporal de contenedores permite recuperar un contenedor después de que se haya eliminado, por ejemplo, recuperarse de una operación de eliminación accidental.",
+            "guid": "43a58a9c-2289-4c3d-9b57-d0c655462f2a",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-overview",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Habilitación de la \"eliminación temporal\" para contenedores",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Considere la posibilidad de deshabilitar selectivamente la \"eliminación temporal\" para determinados contenedores de blobs, por ejemplo, si la aplicación debe asegurarse de que la información eliminada se elimine inmediatamente, por ejemplo, por motivos de confidencialidad, privacidad o cumplimiento. ",
+            "guid": "3e3453a3-c863-4964-ab65-2d6c15f51296",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Deshabilitar la \"eliminación temporal\" para contenedores",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Evita la eliminación accidental de una cuenta de almacenamiento, obligando al usuario a quitar primero el bloqueo de eliminación, antes de la eliminación",
+            "guid": "5398e6de-d227-4dd1-92b0-6c21d7999a64",
+            "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Habilitación de bloqueos de recursos en cuentas de almacenamiento",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Considere la posibilidad de aplicar directivas de \"retención legal\" o \"retención basada en tiempo\" para los blobs, de modo que sea imposible eliminar el blob, el contenedor o la cuenta de almacenamiento. Tenga en cuenta que 'imposible' en realidad significa 'imposible'; una vez que una cuenta de almacenamiento contiene un blob inmutable, la única manera de \"deshacerse\" de esa cuenta de almacenamiento es cancelando la suscripción de Azure.",
+            "guid": "6f4389a8-f42c-478e-98c0-6a73a22a4956",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/immutable-storage-overview",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Considere la posibilidad de blobs inmutables",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Considere la posibilidad de deshabilitar el acceso HTTP/80 no protegido a la cuenta de almacenamiento, de modo que todas las transferencias de datos estén cifradas, protegidas contra la integridad y el servidor esté autenticado. ",
+            "guid": "e7a8dc4a-20e2-47c3-b297-11b1352beee0",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Requerir HTTPS, es decir, deshabilitar el puerto 80 en la cuenta de almacenamiento",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Al configurar un dominio personalizado (nombre de host) en una cuenta de almacenamiento, compruebe si necesita TLS/HTTPS; si es así, es posible que tenga que colocar Azure CDN delante de la cuenta de almacenamiento.",
+            "guid": "79b588de-fc49-472c-b3cd-21bf77036e5e",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/storage-custom-domain-name",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Al aplicar HTTPS (deshabilitar HTTP), compruebe que no usa dominios personalizados (CNAME) para la cuenta de almacenamiento.",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Requerir HTTPS cuando un cliente usa un token de SAS para acceder a los datos de blob ayuda a minimizar el riesgo de pérdida de credenciales.",
+            "guid": "6b4bed3d-5035-447c-8347-dc56028a71ff",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Limitar los tokens de firma de acceso compartido (SAS) solo a las conexiones HTTPS",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": ". Al aplicar la versión más reciente de TLS, se rechazarán las solicitudes de los clientes que utilicen la versión anterior. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant",
+            "guid": "e12be569-a18f-4562-8d5d-ce151b9e7d55",
+            "link": "https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Aplicación de la versión más reciente de TLS para una cuenta de almacenamiento",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Los tokens de identificador de Microsoft Entra deben favorecerse sobre las firmas de acceso compartido, siempre que sea posible",
+            "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
+            "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Uso de tokens de identificador de Microsoft Entra para el acceso a blobs",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Al asignar un rol a un usuario, grupo o aplicación, conceda a esa entidad de seguridad solo los permisos necesarios para que pueda realizar sus tareas. Limitar el acceso a los recursos ayuda a evitar el uso indebido no intencionado y malintencionado de los datos.",
+            "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Privilegio mínimo en los permisos de IaM",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Una SAS de delegación de usuarios está protegida con credenciales de Azure Active Directory (Azure AD) y también con los permisos especificados para la SAS. Una SAS de delegación de usuarios es análoga a una SAS de servicio en cuanto a su ámbito y función, pero ofrece ventajas de seguridad con respecto a la SAS de servicio. ",
+            "guid": "55461e1a-3e34-453a-9c86-39648b652d6c",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#best-practices-when-using-sas",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Al usar SAS, prefiera \"SAS de delegación de usuarios\" en lugar de SAS basada en clave de cuenta de almacenamiento.",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Las claves de la cuenta de almacenamiento ('claves compartidas') tienen muy pocas capacidades de auditoría. Si bien se puede monitorear quién o cuándo obtuvo una copia de las claves, una vez que las claves están en manos de varias personas, es imposible atribuir el uso a un usuario específico. Confiar únicamente en la autenticación de ID de Entra facilita la vinculación del acceso al almacenamiento de un usuario. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant",
+            "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Considere la posibilidad de deshabilitar las claves de la cuenta de almacenamiento, de modo que solo se admita el acceso a Microsoft Entra ID (y SAS de delegación de usuarios).",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Utilice los datos del registro de actividad para identificar \"cuándo\", \"quién\", \"qué\" y \"cómo\" se está viendo o cambiando la seguridad de la cuenta de almacenamiento (es decir, claves de cuenta de almacenamiento, directivas de acceso, etcétera).",
+            "guid": "d7999a64-6f43-489a-af42-c78e78c06a73",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Considere la posibilidad de usar Azure Monitor para auditar las operaciones del plano de control en la cuenta de almacenamiento",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Una política de caducidad de claves le permite establecer un recordatorio para la rotación de las claves de acceso de la cuenta. El recordatorio se muestra si ha transcurrido el intervalo especificado y las teclas aún no se han girado.",
+            "guid": "a22a4956-e7a8-4dc4-a20e-27c3e29711b1",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#create-a-key-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Al usar claves de cuenta de almacenamiento, considere la posibilidad de habilitar una \"directiva de expiración de claves\"",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Una directiva de expiración de SAS especifica un intervalo recomendado durante el cual la SAS es válida. Las directivas de caducidad de SAS se aplican a una SAS de servicio o a una SAS de cuenta. Cuando un usuario genera una SAS de servicio o una SAS de cuenta con un intervalo de validez mayor que el intervalo recomendado, verá una advertencia.",
+            "guid": "352beee0-79b5-488d-bfc4-972cd3cd21bf",
+            "link": "https://learn.microsoft.com/azure/storage/common/sas-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Considere la posibilidad de configurar una directiva de expiración de SAS",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Las directivas de acceso almacenadas ofrecen la opción de revocar los permisos de una SAS de servicio sin tener que volver a generar las claves de la cuenta de almacenamiento. ",
+            "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/define-stored-access-policy",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Considere la posibilidad de vincular SAS a una directiva de acceso almacenada",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
+            "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Considere la posibilidad de configurar el repositorio de código fuente de la aplicación para detectar cadenas de conexión protegidas y claves de cuenta de almacenamiento.",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Lo ideal es que la aplicación use una identidad administrada para autenticarse en Azure Storage. Si eso no es posible, considere la posibilidad de tener la credencial de almacenamiento (cadena de conexión, clave de cuenta de almacenamiento, SAS, credencial de entidad de servicio) en Azure KeyVault o un servicio equivalente.",
+            "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-storage-keys",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Considere la posibilidad de almacenar cadenas de conexión en Azure KeyVault (en escenarios en los que las identidades administradas no son posibles)",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Utilice los tiempos de caducidad a corto plazo en una SAS de servicio SAS ad hoc o en una SAS de cuenta. De esta manera, incluso si una SAS se ve comprometida, solo es válida durante un corto período de tiempo. Esta práctica es especialmente importante si no puede hacer referencia a una política de acceso almacenada. Los tiempos de expiración a corto plazo también limitan la cantidad de datos que se pueden escribir en un blob al limitar el tiempo disponible para cargarlos en él.",
+            "guid": "27138b82-1102-4cac-9eae-01e6e842e52f",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Esfuércese por períodos de validez cortos para SAS ad-hoc",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Al crear una SAS, sea lo más específico y restrictivo posible. Prefiera una SAS para un solo recurso y operación en lugar de una SAS que proporciona un acceso mucho más amplio.",
+            "guid": "4721d928-c1b1-4cd5-81e5-4a29a9de399c",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Aplicación de un ámbito limitado a una SAS",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Una SAS puede incluir parámetros sobre las direcciones IP de cliente o los intervalos de direcciones que están autorizados a solicitar un recurso mediante la SAS. ",
+            "guid": "fd7b28dc-9355-4562-82bf-e4564b0d834a",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/create-account-sas",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Considere la posibilidad de definir el ámbito de SAS a una dirección IP de cliente específica, siempre que sea posible",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Una SAS no puede restringir la cantidad de datos que carga un cliente; Dado el modelo de precios de la cantidad de almacenamiento a lo largo del tiempo, podría tener sentido validar si los clientes cargaron contenidos malintencionados de gran tamaño.",
+            "guid": "348b263e-6dd6-4051-8a36-498f6dbad38e",
+            "service": "Azure Storage",
+            "severity": "Bajo",
+            "text": "Considere la posibilidad de comprobar los datos cargados, después de que los clientes hayan utilizado una SAS para cargar un archivo. ",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Al acceder al almacenamiento de blobs a través de SFTP mediante una \"cuenta de usuario local\", no se aplican los controles RBAC \"habituales\". El acceso a blobs a través de NFS o REST puede ser más restrictivo que el acceso SFTP. Desafortunadamente, a partir de principios de 2023, los usuarios locales son la única forma de administración de identidades que actualmente es compatible con el punto de conexión SFTP",
+            "guid": "ad53cc7c-e1d7-4aaa-a357-1449ab8053d8",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "SFTP: Limite la cantidad de \"usuarios locales\" para el acceso SFTP y audite si el acceso es necesario a lo largo del tiempo.",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "9f89dc7b-33be-42a1-a27f-7b9e91be1f38",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-known-issues#authentication-and-authorization",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "SFTP: El punto de conexión SFTP no admite ACL similares a POSIX.",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "El almacenamiento es compatible con CORS (Cross-Origin Resource Sharing), es decir, una función HTTP que permite a las aplicaciones web de un dominio diferente aflojar la política del mismo origen. Al habilitar CORS, mantenga CorsRules con el mínimo privilegio.",
+            "guid": "cef39812-bd46-43cb-aac8-ac199ebb91a3",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Evite las políticas de CORS demasiado amplias",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Los datos en reposo siempre se cifran en el lado del servidor y, además, también pueden estar cifrados en el lado del cliente. El cifrado del lado del servidor puede producirse mediante una clave administrada por la plataforma (valor predeterminado) o una clave administrada por el cliente. El cifrado del lado cliente puede producirse haciendo que el cliente proporcione una clave de cifrado y descifrado por blob al almacenamiento de Azure o controlando completamente el cifrado en el lado cliente. por lo tanto, no depende en absoluto de Azure Storage para obtener garantías de confidencialidad.",
+            "guid": "3d90cae2-cc88-4137-86f7-c0cbafe61464",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Determine cómo se deben cifrar los datos en reposo. Comprender el modelo de subprocesos para los datos.",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "8dd457e9-2713-48b8-8110-2cac6eae01e6",
+            "link": "https://learn.microsoft.com/azure/storage/common/customer-managed-keys-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&bc=%2Fazure%2Fstorage%2Fblobs%2Fbreadcrumb%2Ftoc.json",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Determine cuál o si se debe utilizar el cifrado de la plataforma.",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "e842e52f-4721-4d92-ac1b-1cd521e54a29",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/encryption-customer-provided-keys",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Determine qué cifrado del lado del cliente se debe usar, si se debe usar.",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Aproveche el Explorador de Resource Graph (resources | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true) para buscar cuentas de almacenamiento que permitan el acceso anónimo a blobs.",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant",
+            "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Considere si es necesario el acceso anónimo de blob público o si se puede deshabilitar para determinadas cuentas de almacenamiento. ",
+            "waf": "Seguridad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "cb8eb8c0-aa62-4a25-a495-6eaa8dc4a243",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-upgrade?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Aproveche un tipo de cuenta storagev2 para mejorar el rendimiento y la confiabilidad",
+            "waf": "Fiabilidad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "e05bbe20-9d49-4fda-9777-8424d116785c",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Aproveche el almacenamiento GRS, ZRS o GZRS para obtener la máxima disponibilidad",
+            "waf": "Fiabilidad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "2fa56c56-ad48-4408-be72-734c486ba280",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Para la operación de escritura después de la conmutación por error, use la conmutación por error administrada por el cliente ",
+            "waf": "Fiabilidad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "dc0590cf-65de-48e1-909c-cbd579266bcc",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance#microsoft-managed-failover",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Descripción de los detalles de la conmutación por error administrada por Microsoft",
+            "waf": "Fiabilidad"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "a274faa1-abfe-49d5-9d04-c3c4919cb1b3",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "Medio",
+            "text": "Habilitar eliminación temporal",
+            "waf": "Fiabilidad"
+        },
         {
             "arm-service": "Microsoft.CognitiveServices/accounts",
             "checklist": "Azure OpenAI Review",
@@ -8990,7 +9422,7 @@
     ],
     "metadata": {
         "name": "WAF checklist",
-        "timestamp": "August 08, 2024"
+        "timestamp": "August 12, 2024"
     },
     "severities": [
         {
diff --git a/checklists/waf_checklist.ja.json b/checklists/waf_checklist.ja.json
index 000155a97..20025db74 100644
--- a/checklists/waf_checklist.ja.json
+++ b/checklists/waf_checklist.ja.json
@@ -8078,6 +8078,438 @@
             "text": "Azure DevOps または GitHub を活用して CI/CD を合理化し、ロジック アプリ コードを保護",
             "waf": "オペレーションズ"
         },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "ストレージに関連する Microsoft クラウド セキュリティ ベンチマークのガイダンスを適用する",
+            "guid": "d237de14-3b16-4c21-b7aa-9b64604489a8",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/storage-security-baseline",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "「ストレージの Azure セキュリティ ベースライン」を検討する",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Azure Storage は、既定ではパブリック IP アドレスを持ち、インターネットからアクセスできます。プライベート エンドポイントを使用すると、アクセスが必要な Azure コンピューティング リソースのみに Azure Storage を安全に公開できるため、パブリック インターネットへの露出がなくなります",
+            "guid": "f42d78e7-9d17-4a73-a22a-5a67e7a8ed4b",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-private-endpoints",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "Azure Storage のプライベート エンドポイントの使用を検討する",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "新しく作成されたストレージ アカウントは ARM デプロイ モデルを使用して作成されるため、RBAC、監査などがすべて有効になります。サブスクリプションにクラシック デプロイ モデルの古いストレージ アカウントがないことを確認します",
+            "guid": "30e37c3e-2971-41b2-963c-eee079b598de",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "古いストレージ アカウントが \"クラシック デプロイ モデル\" を使用していないことを確認する",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Microsoft Defender を活用して、不審なアクティビティや構成ミスについて学習します。",
+            "guid": "fc5972cd-4cd2-41b0-a803-7f5e6b4bfd3d",
+            "link": "https://learn.microsoft.com/azure/storage/common/azure-defender-storage-configure",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "すべてのストレージ アカウントで Microsoft Defender を有効にする",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "論理的な削除メカニズムにより、誤って削除されたブロブを回復できます。",
+            "guid": "503547c1-447e-4c66-828a-7100f1ce16dd",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-overview",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "BLOB の '論理的な削除' を有効にする",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "たとえば、機密性、プライバシー、コンプライアンス上の理由など、削除された情報をすぐに削除するようにアプリケーションで確認する必要がある場合など、特定の BLOB コンテナに対して「論理的な削除」を選択的に無効にすることを検討してください。",
+            "guid": "3f1d5e87-2e52-4e36-81cc-58b4a4b1510e",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "BLOB の '論理的な削除' を無効にする",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "コンテナの論理的な削除を使用すると、コンテナが削除された後に、たとえば、誤って削除した操作から回復するなどして、コンテナを回復できます。",
+            "guid": "43a58a9c-2289-4c3d-9b57-d0c655462f2a",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-overview",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "コンテナの「論理的な削除」を有効にする",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "たとえば、機密性、プライバシー、コンプライアンス上の理由など、削除された情報をすぐに削除するようにアプリケーションで確認する必要がある場合など、特定の BLOB コンテナに対して「論理的な削除」を選択的に無効にすることを検討してください。",
+            "guid": "3e3453a3-c863-4964-ab65-2d6c15f51296",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "コンテナの「論理的な削除」を無効にする",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "削除する前に、ユーザーに削除ロックを最初に解除するように強制することで、ストレージ アカウントが誤って削除されるのを防ぎます",
+            "guid": "5398e6de-d227-4dd1-92b0-6c21d7999a64",
+            "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "ストレージ アカウントでのリソース ロックの有効化",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "BLOB の \"訴訟ホールド\" または \"時間ベースの保持\" ポリシーを検討して、BLOB、コンテナー、またはストレージ アカウントを削除できないようにします。「不可能」は実際には「不可能」を意味することに注意してください。ストレージ アカウントに不変 BLOB が含まれている場合、そのストレージ アカウントを \"削除\" する唯一の方法は、Azure サブスクリプションをキャンセルすることです。",
+            "guid": "6f4389a8-f42c-478e-98c0-6a73a22a4956",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/immutable-storage-overview",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "不変ブロブについて考える",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "ストレージ アカウントへの保護されていない HTTP/80 アクセスを無効にして、すべてのデータ転送が暗号化され、整合性が保護され、サーバーが認証されるようにすることを検討してください。",
+            "guid": "e7a8dc4a-20e2-47c3-b297-11b1352beee0",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "HTTPS を要求する (つまり、ストレージ アカウントのポート 80 を無効にする)",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "ストレージ アカウントでカスタム ドメイン (ホスト名) を構成する場合は、TLS/HTTPS が必要かどうかを確認します。その場合は、ストレージ アカウントの前に Azure CDN を配置する必要がある場合があります。",
+            "guid": "79b588de-fc49-472c-b3cd-21bf77036e5e",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/storage-custom-domain-name",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "HTTPS を適用する (HTTP を無効にする) 場合は、ストレージ アカウントにカスタム ドメイン (CNAME) を使用していないことを確認します。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "クライアントが SAS トークンを使用して BLOB データにアクセスするときに HTTPS を要求すると、資格情報の損失リスクを最小限に抑えるのに役立ちます。",
+            "guid": "6b4bed3d-5035-447c-8347-dc56028a71ff",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "Shared Access Signature (SAS) トークンを HTTPS 接続のみに制限する",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": ".最新の TLS バージョンを適用すると、古いバージョンを使用しているクライアントからの要求が拒否されます。",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant",
+            "guid": "e12be569-a18f-4562-8d5d-ce151b9e7d55",
+            "link": "https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "ストレージ アカウントに最新の TLS バージョンを適用する",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Microsoft Entra ID トークンは、可能な限り、共有アクセス署名よりも優先する必要があります",
+            "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
+            "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "BLOB アクセスに Microsoft Entra ID トークンを使用する",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "ユーザー、グループ、またはアプリケーションにロールを割り当てる場合は、タスクの実行に必要なアクセス許可のみをそのセキュリティ プリンシパルに付与します。リソースへのアクセスを制限することで、意図しないデータの誤用と悪意のある誤用の両方を防ぐことができます。",
+            "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "IaM アクセス許可の最小特権",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "ユーザー委任 SAS は、Azure Active Directory (Azure AD) 資格情報と、SAS に指定されたアクセス許可によって保護されます。ユーザー委任 SAS は、そのスコープと機能の点でサービス SAS に似ていますが、サービス SAS よりもセキュリティ上の利点があります。",
+            "guid": "55461e1a-3e34-453a-9c86-39648b652d6c",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#best-practices-when-using-sas",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "SAS を使用する場合は、ストレージ アカウント キー ベースの SAS よりも \"ユーザー委任 SAS\" を優先します。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "ストレージ アカウント キー (\"共有キー\") には、監査機能がほとんどありません。誰が/いつキーのコピーをフェッチしたかを監視することはできますが、キーが複数の人の手に渡ると、特定のユーザーに使用状況を帰属させることはできなくなります。Entra ID認証のみに依存すると、ストレージアクセスをユーザーに結び付けることが容易になります。",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant",
+            "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "Microsoft Entra ID アクセス (およびユーザー委任 SAS) のみがサポートされるように、ストレージ アカウント キーを無効にすることを検討してください。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "アクティビティ ログ データを使用して、ストレージ アカウントのセキュリティが (ストレージ アカウント キー、アクセス ポリシーなど) 表示または変更されているのは「いつ」、「誰が」、「何を」、「どのように」特定します。",
+            "guid": "d7999a64-6f43-489a-af42-c78e78c06a73",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "Azure Monitor を使用して、ストレージ アカウントでのコントロール プレーン操作を監査することを検討してください",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "キーの有効期限ポリシーを使用すると、アカウント アクセス キーのローテーションのリマインダーを設定できます。リマインダーは、指定した間隔が経過し、キーがまだローテーションされていない場合に表示されます。",
+            "guid": "a22a4956-e7a8-4dc4-a20e-27c3e29711b1",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#create-a-key-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "ストレージ アカウント キーを使用する場合は、\"キーの有効期限ポリシー\" を有効にすることを検討してください",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "SAS 有効期限ポリシーは、SAS が有効である推奨間隔を指定します。SAS 有効期限ポリシーは、サービス SAS またはアカウント SAS に適用されます。ユーザーが、推奨間隔よりも長い有効期間でサービス SAS またはアカウント SAS を生成すると、警告が表示されます。",
+            "guid": "352beee0-79b5-488d-bfc4-972cd3cd21bf",
+            "link": "https://learn.microsoft.com/azure/storage/common/sas-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "SAS 有効期限ポリシーの構成を検討する",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "保存されているアクセス ポリシーでは、ストレージ アカウント キーを再生成しなくても、サービス SAS のアクセス許可を取り消すことができます。",
+            "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/define-stored-access-policy",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "SASを保存されたアクセスポリシーにリンクすることを検討する",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
+            "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "チェックインされた接続文字列とストレージ アカウント キーを検出するように、アプリケーションのソース コード リポジトリを構成することを検討してください。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "理想的には、アプリケーションでマネージド ID を使用して Azure Storage に対する認証を行う必要があります。それが不可能な場合は、ストレージ資格情報 (接続文字列、ストレージ アカウント キー、SAS、サービス プリンシパル資格情報) を Azure KeyVault または同等のサービスに持つことを検討してください。",
+            "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-storage-keys",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "Azure KeyVault に接続文字列を格納することを検討してください (マネージド ID が不可能なシナリオの場合)",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "アドホック SAS サービス SAS またはアカウント SAS で短期的な有効期限を使用します。このように、SASが侵害された場合でも、SASは短時間しか有効ではありません。この方法は、保存されたアクセス ポリシーを参照できない場合に特に重要です。有効期限が近いと、BLOB にアップロードできる時間を制限することで、BLOB に書き込むことができるデータの量も制限されます。",
+            "guid": "27138b82-1102-4cac-9eae-01e6e842e52f",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "アドホックSASの有効期間を短くするよう努める",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "SASを作成するときは、できるだけ具体的で制限的にしてください。1 つのリソースと操作には、より広範なアクセスを提供する SAS よりも SAS を優先します。",
+            "guid": "4721d928-c1b1-4cd5-81e5-4a29a9de399c",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "SAS に狭いスコープを適用する",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "SAS には、SAS を使用してリソースを要求する権限を与えられたクライアントの IP アドレスまたはアドレス範囲のパラメーターを含めることができます。",
+            "guid": "fd7b28dc-9355-4562-82bf-e4564b0d834a",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/create-account-sas",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "可能な限り、SAS のスコープを特定のクライアント IP アドレスに設定することを検討してください",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "SAS は、クライアントがアップロードするデータの量を制限することはできません。時間の経過に伴うストレージ量の価格設定モデルを考えると、クライアントが悪意を持って大きなコンテンツをアップロードしたかどうかを検証することは理にかなっているかもしれません。",
+            "guid": "348b263e-6dd6-4051-8a36-498f6dbad38e",
+            "service": "Azure Storage",
+            "severity": "低い",
+            "text": "クライアントが SAS を使用してファイルをアップロードした後、アップロードされたデータを確認することを検討してください。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "「ローカル ユーザー アカウント」を使用して SFTP 経由で BLOB ストレージにアクセスする場合、「通常の」RBAC コントロールは適用されません。NFS または REST 経由の BLOB アクセスは、SFTP アクセスよりも制限が厳しい場合があります。残念ながら、2023 年初頭の時点で、SFTP エンドポイントで現在サポートされている ID 管理の形式は、ローカル ユーザーのみです",
+            "guid": "ad53cc7c-e1d7-4aaa-a357-1449ab8053d8",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "SFTP: SFTP アクセスの「ローカル ユーザー」の数を制限し、アクセスが必要かどうかを経時的に監査します。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "9f89dc7b-33be-42a1-a27f-7b9e91be1f38",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-known-issues#authentication-and-authorization",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "SFTP: SFTP エンドポイントは POSIX のような ACL をサポートしていません。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "ストレージは、CORS(Cross-Origin Resource Sharing)、つまり、異なるドメインのWebアプリが同一生成元ポリシーを緩和できるようにするHTTP機能をサポートしています。CORS を有効にするときは、CorsRules を最小限の特権に保ちます。",
+            "guid": "cef39812-bd46-43cb-aac8-ac199ebb91a3",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "過度に広範なCORSポリシーを避ける",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "保存データは常にサーバー側で暗号化され、さらにクライアント側でも暗号化される場合があります。サーバー側の暗号化は、プラットフォーム管理キー (デフォルト) またはカスタマー管理キーを使用して行われる場合があります。クライアント側の暗号化は、クライアントが BLOB ごとに暗号化/暗号化解除キーを Azure ストレージに提供するか、クライアント側で暗号化を完全に処理することによって行われます。したがって、機密性の保証については Azure Storage にまったく依存しません。",
+            "guid": "3d90cae2-cc88-4137-86f7-c0cbafe61464",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "保存データの暗号化方法を決定します。データのスレッドモデルを理解する。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "8dd457e9-2713-48b8-8110-2cac6eae01e6",
+            "link": "https://learn.microsoft.com/azure/storage/common/customer-managed-keys-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&bc=%2Fazure%2Fstorage%2Fblobs%2Fbreadcrumb%2Ftoc.json",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "プラットフォームの暗号化を使用するかどうかを決定します。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "e842e52f-4721-4d92-ac1b-1cd521e54a29",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/encryption-customer-provided-keys",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "クライアント側の暗号化を使用するかどうかを決定します。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Resource Graph エクスプローラー (resources | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true) を利用して、匿名 BLOB アクセスを許可するストレージ アカウントを見つけます。",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant",
+            "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "パブリック BLOB の匿名アクセスが必要かどうか、または特定のストレージ アカウントに対して無効にできるかどうかを検討します。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "cb8eb8c0-aa62-4a25-a495-6eaa8dc4a243",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-upgrade?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "storagev2 アカウントタイプを活用して、パフォーマンスと信頼性を向上させます",
+            "waf": "確実"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "e05bbe20-9d49-4fda-9777-8424d116785c",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
+            "service": "Azure Storage",
+            "severity": "高い",
+            "text": "GRS、ZRS、またはGZRSストレージを活用して、最高の可用性を実現",
+            "waf": "確実"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "2fa56c56-ad48-4408-be72-734c486ba280",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "フェールオーバー後の書き込み操作には、顧客管理のフェールオーバーを使用します",
+            "waf": "確実"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "dc0590cf-65de-48e1-909c-cbd579266bcc",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance#microsoft-managed-failover",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "Microsoft マネージド フェールオーバーの詳細を理解する",
+            "waf": "確実"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "a274faa1-abfe-49d5-9d04-c3c4919cb1b3",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "中程度",
+            "text": "ソフト削除を有効にする",
+            "waf": "確実"
+        },
         {
             "arm-service": "microsoft.network/frontdoors",
             "checklist": "Azure Application Delivery Networking",
@@ -8990,7 +9422,7 @@
     ],
     "metadata": {
         "name": "WAF checklist",
-        "timestamp": "August 08, 2024"
+        "timestamp": "August 12, 2024"
     },
     "severities": [
         {
diff --git a/checklists/waf_checklist.ko.json b/checklists/waf_checklist.ko.json
index 83be3434f..7f2dce610 100644
--- a/checklists/waf_checklist.ko.json
+++ b/checklists/waf_checklist.ko.json
@@ -3863,6 +3863,438 @@
             "text": "Azure Cognitive Search 인덱스를 백업 및 복원합니다. 이 샘플 코드를 사용하여 인덱스 정의 및 스냅샷을 일련의 Json 파일에 백업합니다",
             "waf": "신뢰도"
         },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "스토리지와 관련된 Microsoft 클라우드 보안 벤치마크의 지침 적용",
+            "guid": "d237de14-3b16-4c21-b7aa-9b64604489a8",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/storage-security-baseline",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "'스토리지에 대한 Azure 보안 기준'을 고려합니다.",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Azure Storage는 기본적으로 공용 IP 주소를 가지며 인터넷에 연결할 수 있습니다. 프라이빗 엔드포인트를 사용하면 액세스가 필요한 Azure Compute 리소스에만 Azure Storage를 안전하게 노출할 수 있으므로 공용 인터넷에 노출되지 않습니다",
+            "guid": "f42d78e7-9d17-4a73-a22a-5a67e7a8ed4b",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-private-endpoints",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "Azure Storage에 프라이빗 엔드포인트를 사용하는 것이 좋습니다.",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "새로 만든 스토리지 계정은 ARM 배포 모델을 사용하여 생성되므로 RBAC, 감사 등이 모두 활성화됩니다. 구독에 클래식 배포 모델을 사용하는 이전 저장소 계정이 없는지 확인합니다.",
+            "guid": "30e37c3e-2971-41b2-963c-eee079b598de",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "이전 스토리지 계정이 '클래식 배포 모델'을 사용하지 않는지 확인",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Microsoft Defender를 활용하여 의심스러운 활동 및 잘못된 구성에 대해 알아보세요.",
+            "guid": "fc5972cd-4cd2-41b0-a803-7f5e6b4bfd3d",
+            "link": "https://learn.microsoft.com/azure/storage/common/azure-defender-storage-configure",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "모든 스토리지 계정에 대해 Microsoft Defender 사용",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "일시 삭제 메커니즘을 사용하면 실수로 삭제된 Blob을 복구할 수 있습니다.",
+            "guid": "503547c1-447e-4c66-828a-7100f1ce16dd",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-overview",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "Blob에 대해 '일시 삭제' 사용Enable 'soft delete' for blobs",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "예를 들어 애플리케이션이 기밀성, 개인 정보 보호 또는 규정 준수를 위해 삭제된 정보가 즉시 삭제되도록 해야 하는 경우와 같이 특정 Blob 컨테이너에 대해 '일시 삭제'를 선택적으로 사용하지 않도록 설정하는 것이 좋습니다. ",
+            "guid": "3f1d5e87-2e52-4e36-81cc-58b4a4b1510e",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "Blob에 대해 '일시 삭제' 사용 안 함",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "컨테이너에 대한 일시 삭제를 사용하면 컨테이너가 삭제된 후 복구할 수 있습니다(예: 실수로 삭제한 작업에서 복구).",
+            "guid": "43a58a9c-2289-4c3d-9b57-d0c655462f2a",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-overview",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "컨테이너에 대해 '일시 삭제' 사용Enable 'soft delete' for containers",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "예를 들어 애플리케이션이 기밀성, 개인 정보 보호 또는 규정 준수를 위해 삭제된 정보가 즉시 삭제되도록 해야 하는 경우와 같이 특정 Blob 컨테이너에 대해 '일시 삭제'를 선택적으로 사용하지 않도록 설정하는 것이 좋습니다. ",
+            "guid": "3e3453a3-c863-4964-ab65-2d6c15f51296",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "컨테이너에 대해 '일시 삭제' 사용 안 함",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "사용자가 삭제하기 전에 먼저 삭제 잠금을 제거하도록 강제하여 스토리지 계정의 우발적인 삭제를 방지합니다.",
+            "guid": "5398e6de-d227-4dd1-92b0-6c21d7999a64",
+            "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "스토리지 계정에 대한 리소스 잠금 사용Enable resource locks on storage accounts",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Blob에 대한 '법적 보존' 또는 '시간 기반 보존' 정책을 고려하면 Blob, 컨테이너 또는 스토리지 계정을 삭제할 수 없습니다. '불가능한'은 실제로 '불가능한'을 의미합니다. 스토리지 계정에 변경할 수 없는 Blob이 포함되면 해당 스토리지 계정을 '제거'하는 유일한 방법은 Azure 구독을 취소하는 것입니다.",
+            "guid": "6f4389a8-f42c-478e-98c0-6a73a22a4956",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/immutable-storage-overview",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "변경할 수 없는 Blob 고려",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "스토리지 계정에 대한 보호되지 않는 HTTP/80 액세스를 사용하지 않도록 설정하여 모든 데이터 전송이 암호화되고 무결성이 보호되며 서버가 인증되도록 하는 것이 좋습니다. ",
+            "guid": "e7a8dc4a-20e2-47c3-b297-11b1352beee0",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "HTTPS 필요, 즉 스토리지 계정에서 포트 80 사용 안 함Require HTTPS, i.e. disable port 80 on the storage account",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "스토리지 계정에서 사용자 지정 도메인(호스트 이름)을 구성할 때 TLS/HTTPS가 필요한지 확인합니다. 이 경우 스토리지 계정 앞에 Azure CDN을 배치해야 할 수 있습니다.",
+            "guid": "79b588de-fc49-472c-b3cd-21bf77036e5e",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/storage-custom-domain-name",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "HTTPS를 적용(HTTP 사용 안 함)할 때 스토리지 계정에 사용자 지정 도메인(CNAME)을 사용하지 않는지 확인합니다.",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "클라이언트가 SAS 토큰을 사용하여 Blob 데이터에 액세스할 때 HTTPS를 요구하면 자격 증명 손실 위험을 최소화하는 데 도움이 됩니다.",
+            "guid": "6b4bed3d-5035-447c-8347-dc56028a71ff",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "SAS(공유 액세스 서명) 토큰을 HTTPS 연결로만 제한",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": ". 최신 TLS 버전을 적용하면 이전 버전을 사용하는 클라이언트의 요청이 거부됩니다. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant",
+            "guid": "e12be569-a18f-4562-8d5d-ce151b9e7d55",
+            "link": "https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "스토리지 계정에 대한 최신 TLS 버전 적용Enforce the latest TLS version for a storage account",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "가능한 경우 Microsoft Entra ID 토큰을 공유 액세스 서명보다 선호해야 합니다",
+            "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
+            "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "Blob 액세스에 Microsoft Entra ID 토큰 사용Use Microsoft Entra ID tokens for blob access",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "사용자, 그룹 또는 응용 프로그램에 역할을 할당할 때 해당 보안 주체가 작업을 수행하는 데 필요한 권한만 부여합니다. 리소스에 대한 액세스를 제한하면 의도하지 않은 데이터 오용과 악의적인 데이터 오용을 모두 방지할 수 있습니다.",
+            "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "IaM 권한의 최소 권한",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "사용자 위임 SAS는 Azure AD(Azure Active Directory) 자격 증명과 SAS에 대해 지정된 권한으로 보호됩니다. 사용자 위임 SAS는 범위와 기능 측면에서 서비스 SAS와 유사하지만 서비스 SAS에 비해 보안상의 이점을 제공합니다. ",
+            "guid": "55461e1a-3e34-453a-9c86-39648b652d6c",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#best-practices-when-using-sas",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "SAS를 사용하는 경우 스토리지 계정 키 기반 SAS보다 '사용자 위임 SAS'를 선호합니다.",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "스토리지 계정 키('공유 키')에는 감사 기능이 거의 없습니다. 누가/언제 키 복사본을 가져왔는지 모니터링할 수 있지만 키가 여러 사람의 손에 들어가면 특정 사용자의 사용을 귀속시킬 수 없습니다. Entra ID 인증에만 의존하면 스토리지 액세스를 사용자에게 더 쉽게 연결할 수 있습니다. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant",
+            "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "Microsoft Entra ID 액세스(및 사용자 위임 SAS)만 지원되도록 스토리지 계정 키를 사용하지 않도록 설정하는 것이 좋습니다.",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "활동 로그 데이터를 사용하여 스토리지 계정의 보안을 '언제', '누가', '무엇을' 및 '어떻게' 확인하거나 변경합니다(예: 스토리지 계정 키, 액세스 정책 등).",
+            "guid": "d7999a64-6f43-489a-af42-c78e78c06a73",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "Azure Monitor를 사용하여 스토리지 계정에 대한 컨트롤 플레인 작업을 감사하는 것이 좋습니다",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "키 만료 정책을 사용하면 계정 액세스 키의 교체에 대한 미리 알림을 설정할 수 있습니다. 지정된 간격이 경과하고 키가 아직 회전되지 않은 경우 알림이 표시됩니다.",
+            "guid": "a22a4956-e7a8-4dc4-a20e-27c3e29711b1",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#create-a-key-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "스토리지 계정 키를 사용하는 경우 '키 만료 정책'을 사용하도록 설정하는 것이 좋습니다.",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "SAS 만료 정책은 SAS가 유효한 권장 간격을 지정합니다. SAS 만료 정책은 서비스 SAS 또는 계정 SAS에 적용됩니다. 사용자가 권장 간격보다 큰 유효성 간격으로 서비스 SAS 또는 계정 SAS를 생성하면 경고가 표시됩니다.",
+            "guid": "352beee0-79b5-488d-bfc4-972cd3cd21bf",
+            "link": "https://learn.microsoft.com/azure/storage/common/sas-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "SAS 만료 정책을 구성하는 것이 좋습니다.",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "저장된 액세스 정책은 스토리지 계정 키를 다시 생성할 필요 없이 서비스 SAS에 대한 사용 권한을 취소할 수 있는 옵션을 제공합니다. ",
+            "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/define-stored-access-policy",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "SAS를 저장된 액세스 정책에 연결하는 것이 좋습니다.",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
+            "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "체크 인된 연결 문자열 및 저장소 계정 키를 검색하도록 응용 프로그램의 소스 코드 리포지토리를 구성하는 것이 좋습니다.",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "이상적으로 애플리케이션은 관리 ID를 사용하여 Azure Storage에 인증해야 합니다. 가능하지 않은 경우 Azure KeyVault 또는 동등한 서비스에 스토리지 자격 증명(연결 문자열, 스토리지 계정 키, SAS, 서비스 주체 자격 증명)을 사용하는 것이 좋습니다.",
+            "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-storage-keys",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "Azure KeyVault에 연결 문자열을 저장하는 것이 좋습니다(관리 ID를 사용할 수 없는 시나리오에서).",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "임시 SAS 서비스 SAS 또는 계정 SAS에서 가까운 만료 시간을 사용합니다. 이러한 방식으로 SAS가 손상되더라도 짧은 시간 동안만 유효합니다. 이 방법은 저장된 액세스 정책을 참조할 수 없는 경우에 특히 중요합니다. 또한 단기 만료 시간은 Blob에 업로드할 수 있는 시간을 제한하여 Blob에 쓸 수 있는 데이터의 양을 제한합니다.",
+            "guid": "27138b82-1102-4cac-9eae-01e6e842e52f",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "임시 SAS의 유효 기간을 단축하기 위해 노력",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "SAS를 만들 때는 가능한 한 구체적이고 제한적이어야 합니다. 훨씬 더 광범위한 액세스를 제공하는 SAS보다 단일 리소스 및 작업에 대해 SAS를 선호합니다.",
+            "guid": "4721d928-c1b1-4cd5-81e5-4a29a9de399c",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "SAS에 좁은 범위 적용",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "SAS에는 SAS를 사용하여 리소스를 요청할 수 있는 권한이 있는 클라이언트 IP 주소 또는 주소 범위에 대한 매개 변수가 포함될 수 있습니다. ",
+            "guid": "fd7b28dc-9355-4562-82bf-e4564b0d834a",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/create-account-sas",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "가능한 경우 SAS 범위를 특정 클라이언트 IP 주소로 지정하는 것이 좋습니다",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "SAS는 클라이언트가 업로드하는 데이터의 양을 제한할 수 없습니다. 시간 경과에 따른 스토리지 양의 가격 책정 모델을 감안할 때 클라이언트가 악의적으로 큰 콘텐츠를 업로드했는지 여부를 확인하는 것이 합리적일 수 있습니다.",
+            "guid": "348b263e-6dd6-4051-8a36-498f6dbad38e",
+            "service": "Azure Storage",
+            "severity": "낮다",
+            "text": "클라이언트가 SAS를 사용하여 파일을 업로드한 후 업로드된 데이터를 확인하는 것이 좋습니다. ",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "'로컬 사용자 계정'을 사용하여 SFTP를 통해 Blob Storage에 액세스하는 경우 '일반적인' RBAC 컨트롤이 적용되지 않습니다. NFS 또는 REST를 통한 Blob 액세스는 SFTP 액세스보다 더 제한적일 수 있습니다. 안타깝게도 2023년 초부터 로컬 사용자는 현재 SFTP 엔드포인트에 대해 지원되는 유일한 ID 관리 형태입니다",
+            "guid": "ad53cc7c-e1d7-4aaa-a357-1449ab8053d8",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "SFTP: SFTP 액세스를 위한 '로컬 사용자'의 수를 제한하고 시간이 지남에 따라 액세스가 필요한지 여부를 감사합니다.",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "9f89dc7b-33be-42a1-a27f-7b9e91be1f38",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-known-issues#authentication-and-authorization",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "SFTP: SFTP 엔드포인트는 POSIX와 유사한 ACL을 지원하지 않습니다.",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "스토리지는 CORS(Cross-Origin Resource Sharing), 즉 다른 도메인의 웹 앱이 동일 출처 정책을 완화할 수 있도록 하는 HTTP 기능을 지원합니다. CORS를 사용하도록 설정하는 경우 CorsRules를 최소 권한으로 유지합니다.",
+            "guid": "cef39812-bd46-43cb-aac8-ac199ebb91a3",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "지나치게 광범위한 CORS 정책 방지",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "미사용 데이터는 항상 서버 쪽에서 암호화되며 클라이언트 쪽에서도 암호화될 수 있습니다. 서버 쪽 암호화는 플랫폼 관리형 키(기본값) 또는 고객 관리형 키를 사용하여 발생할 수 있습니다. 클라이언트 쪽 암호화는 클라이언트가 Azure Storage에 Blob별로 암호화/암호 해독 키를 제공하도록 하거나 클라이언트 쪽에서 암호화를 완전히 처리하여 발생할 수 있습니다. 따라서 기밀 보장을 위해 Azure Storage에 전혀 의존하지 않습니다.",
+            "guid": "3d90cae2-cc88-4137-86f7-c0cbafe61464",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "미사용 데이터를 암호화하는 방법을 결정합니다. 데이터에 대한 스레드 모델을 이해합니다.",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "8dd457e9-2713-48b8-8110-2cac6eae01e6",
+            "link": "https://learn.microsoft.com/azure/storage/common/customer-managed-keys-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&bc=%2Fazure%2Fstorage%2Fblobs%2Fbreadcrumb%2Ftoc.json",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "어떤 플랫폼 암호화를 사용해야 하는지 확인합니다.",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "e842e52f-4721-4d92-ac1b-1cd521e54a29",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/encryption-customer-provided-keys",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "클라이언트 쪽 암호화를 사용해야 하는지 여부를 결정합니다.",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "리소스 그래프 탐색기(리소스 | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true)를 활용하여 익명 Blob 액세스를 허용하는 스토리지 계정을 찾습니다.",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant",
+            "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "공용 Blob 익명 액세스가 필요한지 또는 특정 스토리지 계정에 대해 사용하지 않도록 설정할 수 있는지 여부를 고려합니다. ",
+            "waf": "안전"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "cb8eb8c0-aa62-4a25-a495-6eaa8dc4a243",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-upgrade?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "성능 및 안정성 향상을 위해 storagev2 계정 유형 활용",
+            "waf": "신뢰도"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "e05bbe20-9d49-4fda-9777-8424d116785c",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
+            "service": "Azure Storage",
+            "severity": "높다",
+            "text": "최고의 가용성을 위해 GRS, ZRS 또는 GZRS 스토리지 활용",
+            "waf": "신뢰도"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "2fa56c56-ad48-4408-be72-734c486ba280",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "장애 조치(failover) 후 쓰기 작업의 경우 고객 관리 장애 조치(failover)를 사용합니다. ",
+            "waf": "신뢰도"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "dc0590cf-65de-48e1-909c-cbd579266bcc",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance#microsoft-managed-failover",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "Microsoft 관리 장애 조치(failover) 세부 정보 이해",
+            "waf": "신뢰도"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "a274faa1-abfe-49d5-9d04-c3c4919cb1b3",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "보통",
+            "text": "일시 삭제 사용",
+            "waf": "신뢰도"
+        },
         {
             "arm-service": "microsoft.cache/redis",
             "checklist": "Redis Resiliency checklist",
@@ -8990,7 +9422,7 @@
     ],
     "metadata": {
         "name": "WAF checklist",
-        "timestamp": "August 08, 2024"
+        "timestamp": "August 12, 2024"
     },
     "severities": [
         {
diff --git a/checklists/waf_checklist.pt.json b/checklists/waf_checklist.pt.json
index 1e41cb251..f9bf55910 100644
--- a/checklists/waf_checklist.pt.json
+++ b/checklists/waf_checklist.pt.json
@@ -4783,6 +4783,438 @@
             "text": "Faça com que as configurações de tolerância a desastres do site tenham sido devidamente consideradas e alteradas para sua empresa, se necessário.",
             "waf": "Fiabilidade"
         },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Aplicar as diretrizes do parâmetro de comparação de segurança de nuvem da Microsoft relacionado ao armazenamento",
+            "guid": "d237de14-3b16-4c21-b7aa-9b64604489a8",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/storage-security-baseline",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Considere a 'linha de base de segurança do Azure para armazenamento'",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Por padrão, o Armazenamento do Azure tem um endereço IP público e pode ser acessado pela Internet. Os pontos de extremidade privados permitem expor com segurança o Armazenamento do Azure apenas aos recursos de Computação do Azure que precisam de acesso, eliminando assim a exposição à Internet pública",
+            "guid": "f42d78e7-9d17-4a73-a22a-5a67e7a8ed4b",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-private-endpoints",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Considere usar pontos de extremidade privados para o Armazenamento do Azure",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "As contas de armazenamento recém-criadas são criadas usando o modelo de implantação do ARM, para que o RBAC, a auditoria etc. estejam habilitados. Verifique se não há contas de armazenamento antigas com o modelo de implantação clássico em uma assinatura",
+            "guid": "30e37c3e-2971-41b2-963c-eee079b598de",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Verifique se as contas de armazenamento mais antigas não estão usando o \"modelo de implantação clássico\"",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Aproveite o Microsoft Defender para saber mais sobre atividades suspeitas e configurações incorretas.",
+            "guid": "fc5972cd-4cd2-41b0-a803-7f5e6b4bfd3d",
+            "link": "https://learn.microsoft.com/azure/storage/common/azure-defender-storage-configure",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Habilitar o Microsoft Defender para todas as suas contas de armazenamento",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "O mecanismo de exclusão reversível permite recuperar blobs excluídos acidentalmente.",
+            "guid": "503547c1-447e-4c66-828a-7100f1ce16dd",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-overview",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Habilitar 'exclusão reversível' para blobs",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Considere desabilitar seletivamente a \"exclusão reversível\" para determinados contêineres de blob, por exemplo, se o aplicativo precisar garantir que as informações excluídas sejam excluídas imediatamente, por exemplo, por motivos de confidencialidade, privacidade ou conformidade. ",
+            "guid": "3f1d5e87-2e52-4e36-81cc-58b4a4b1510e",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Desabilitar a 'exclusão reversível' para blobs",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "A exclusão reversível para contêineres permite que você recupere um contêiner depois que ele foi excluído, por exemplo, recuperar de uma operação de exclusão acidental.",
+            "guid": "43a58a9c-2289-4c3d-9b57-d0c655462f2a",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-overview",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Habilitar 'exclusão reversível' para contêineres",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Considere desabilitar seletivamente a \"exclusão reversível\" para determinados contêineres de blob, por exemplo, se o aplicativo precisar garantir que as informações excluídas sejam excluídas imediatamente, por exemplo, por motivos de confidencialidade, privacidade ou conformidade. ",
+            "guid": "3e3453a3-c863-4964-ab65-2d6c15f51296",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Desabilitar a 'exclusão reversível' para contêineres",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Impede a exclusão acidental de uma conta de armazenamento, forçando o usuário a remover primeiro o bloqueio de exclusão, antes da exclusão",
+            "guid": "5398e6de-d227-4dd1-92b0-6c21d7999a64",
+            "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Habilitar bloqueios de recursos em contas de armazenamento",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Considere as políticas de 'retenção legal' ou 'retenção baseada em tempo' para blobs, de modo que seja impossível excluir o blob, o contêiner ou a conta de armazenamento. Observe que 'impossível' na verdade significa 'impossível'; depois que uma conta de armazenamento contém um blob imutável, a única maneira de \"se livrar\" dessa conta de armazenamento é cancelando a assinatura do Azure.",
+            "guid": "6f4389a8-f42c-478e-98c0-6a73a22a4956",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/immutable-storage-overview",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Considere blobs imutáveis",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Considere desabilitar o acesso HTTP/80 desprotegido à conta de armazenamento, para que todas as transferências de dados sejam criptografadas, protegidas por integridade e o servidor seja autenticado. ",
+            "guid": "e7a8dc4a-20e2-47c3-b297-11b1352beee0",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Exigir HTTPS, ou seja, desabilitar a porta 80 na conta de armazenamento",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Ao configurar um domínio personalizado (nome do host) em uma conta de armazenamento, verifique se você precisa de TLS/HTTPS; nesse caso, talvez seja necessário colocar a CDN do Azure na frente de sua conta de armazenamento.",
+            "guid": "79b588de-fc49-472c-b3cd-21bf77036e5e",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/storage-custom-domain-name",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Ao impor HTTPS (desabilitando o HTTP), verifique se você não usa domínios personalizados (CNAME) para a conta de armazenamento.",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Exigir HTTPS quando um cliente usa um token SAS para acessar dados de blob ajuda a minimizar o risco de perda de credenciais.",
+            "guid": "6b4bed3d-5035-447c-8347-dc56028a71ff",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Limitar tokens de assinatura de acesso compartilhado (SAS) apenas a conexões HTTPS",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": ". A imposição da versão mais recente do TLS rejeitará a solicitação de clientes que usam a versão mais antiga. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant",
+            "guid": "e12be569-a18f-4562-8d5d-ce151b9e7d55",
+            "link": "https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Impor a versão mais recente do TLS para uma conta de armazenamento",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Os tokens de ID do Microsoft Entra devem ser favorecidos em relação às assinaturas de acesso compartilhado, sempre que possível",
+            "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
+            "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Usar tokens de ID do Microsoft Entra para acesso a blobs",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Ao atribuir uma função a um usuário, grupo ou aplicativo, conceda a essa entidade de segurança apenas as permissões necessárias para que ela execute suas tarefas. Limitar o acesso aos recursos ajuda a evitar o uso indevido não intencional e mal-intencionado de seus dados.",
+            "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Privilégios mínimos em permissões de IaM",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Uma SAS de delegação de usuário é protegida com credenciais do Azure Active Directory (Azure AD) e também pelas permissões especificadas para a SAS. Uma SAS de delegação de usuário é análoga a uma SAS de serviço em termos de escopo e função, mas oferece benefícios de segurança em relação à SAS de serviço. ",
+            "guid": "55461e1a-3e34-453a-9c86-39648b652d6c",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#best-practices-when-using-sas",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Ao usar SAS, prefira 'SAS de delegação de usuário' em vez de SAS baseada em chave de conta de armazenamento.",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "As chaves da conta de armazenamento (\"chaves compartilhadas\") têm muito poucos recursos de auditoria. Embora possa ser monitorado em quem/quando buscou uma cópia das chaves, uma vez que as chaves estão nas mãos de várias pessoas, é impossível atribuir o uso a um usuário específico. Confiar apenas na autenticação do Entra ID facilita o acesso ao armazenamento a um usuário. ",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant",
+            "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Considere desabilitar as chaves da conta de armazenamento, para que haja suporte apenas para o acesso à ID do Microsoft Entra (e à SAS de delegação de usuário).",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Use os dados do Log de Atividades para identificar \"quando\", \"quem\", \"o quê\" e \"como\" a segurança da sua conta de armazenamento está sendo exibida ou alterada (ou seja, chaves da conta de armazenamento, políticas de acesso etc.).",
+            "guid": "d7999a64-6f43-489a-af42-c78e78c06a73",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Considere usar o Azure Monitor para auditar as operações do painel de controle na conta de armazenamento",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Uma política de expiração de chave permite que você defina um lembrete para a rotação das chaves de acesso da conta. O lembrete é exibido se o intervalo especificado tiver decorrido e as teclas ainda não tiverem sido giradas.",
+            "guid": "a22a4956-e7a8-4dc4-a20e-27c3e29711b1",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#create-a-key-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Ao usar chaves de conta de armazenamento, considere habilitar uma 'política de expiração de chave'",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Uma política de expiração de SAS especifica um intervalo recomendado durante o qual a SAS é válida. As políticas de expiração de SAS se aplicam a uma SAS de serviço ou a uma SAS de conta. Quando um usuário gera SAS de serviço ou uma SAS de conta com um intervalo de validade maior que o intervalo recomendado, ele verá um aviso.",
+            "guid": "352beee0-79b5-488d-bfc4-972cd3cd21bf",
+            "link": "https://learn.microsoft.com/azure/storage/common/sas-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Considere configurar uma política de expiração de SAS",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "As políticas de acesso armazenadas oferecem a opção de revogar permissões para uma SAS de serviço sem precisar regenerar as chaves da conta de armazenamento. ",
+            "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/define-stored-access-policy",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Considere vincular SAS a uma política de acesso armazenada",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
+            "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Considere configurar o repositório de código-fonte do aplicativo para detectar cadeias de conexão e chaves de conta de armazenamento com check-in.",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Idealmente, seu aplicativo deve usar uma identidade gerenciada para autenticar no Armazenamento do Azure. Se isso não for possível, considere ter a credencial de armazenamento (cadeia de conexão, chave da conta de armazenamento, SAS, credencial da entidade de serviço) no Azure KeyVault ou em um serviço equivalente.",
+            "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-storage-keys",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Considere armazenar cadeias de conexão no Azure KeyVault (em cenários em que as identidades gerenciadas não são possíveis)",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Use tempos de expiração de curto prazo em uma SAS de serviço SAS ad hoc ou SAS de conta. Dessa forma, mesmo que uma SAS seja comprometida, ela é válida apenas por um curto período de tempo. Essa prática é especialmente importante se você não puder fazer referência a uma política de acesso armazenada. Os tempos de expiração de curto prazo também limitam a quantidade de dados que podem ser gravados em um blob, limitando o tempo disponível para carregar nele.",
+            "guid": "27138b82-1102-4cac-9eae-01e6e842e52f",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Esforce-se por períodos de validade curtos para SAS ad-hoc",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Ao criar uma SAS, seja o mais específico e restritivo possível. Prefira uma SAS para um único recurso e operação em vez de uma SAS que oferece acesso muito mais amplo.",
+            "guid": "4721d928-c1b1-4cd5-81e5-4a29a9de399c",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Aplicar um escopo restrito a uma SAS",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Uma SAS pode incluir parâmetros nos quais os endereços IP do cliente ou intervalos de endereços estão autorizados a solicitar um recurso usando a SAS. ",
+            "guid": "fd7b28dc-9355-4562-82bf-e4564b0d834a",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/create-account-sas",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Considere definir o escopo da SAS para um endereço IP de cliente específico, sempre que possível",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Uma SAS não pode restringir a quantidade de dados que um cliente carrega; Dado o modelo de preços da quantidade de armazenamento ao longo do tempo, pode fazer sentido validar se os clientes carregaram conteúdos maliciosamente grandes.",
+            "guid": "348b263e-6dd6-4051-8a36-498f6dbad38e",
+            "service": "Azure Storage",
+            "severity": "Baixo",
+            "text": "Considere verificar os dados carregados depois que os clientes usaram uma SAS para carregar um arquivo. ",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Ao acessar o armazenamento de blobs por meio do SFTP usando uma \"conta de usuário local\", os controles RBAC \"usuais\" não se aplicam. O acesso a blobs via NFS ou REST pode ser mais restritivo do que o acesso SFTP. Infelizmente, a partir do início de 2023, os usuários locais são a única forma de gerenciamento de identidade com suporte atual para o endpoint SFTP",
+            "guid": "ad53cc7c-e1d7-4aaa-a357-1449ab8053d8",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "SFTP: limite a quantidade de \"usuários locais\" para acesso SFTP e audite se o acesso é necessário ao longo do tempo.",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "9f89dc7b-33be-42a1-a27f-7b9e91be1f38",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-known-issues#authentication-and-authorization",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "SFTP: o endpoint SFTP não oferece suporte a ACLs semelhantes a POSIX.",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "O armazenamento oferece suporte ao CORS (Cross-Origin Resource Sharing), ou seja, um recurso HTTP que permite que aplicativos Web de um domínio diferente afrouxem a política de mesma origem. Ao habilitar o CORS, mantenha as CorsRules com o menor privilégio.",
+            "guid": "cef39812-bd46-43cb-aac8-ac199ebb91a3",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Evite políticas de CORS excessivamente amplas",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Os dados em repouso são sempre criptografados no lado do servidor e, além disso, também podem ser criptografados no lado do cliente. A criptografia do lado do servidor pode ocorrer usando uma chave gerenciada pela plataforma (padrão) ou uma chave gerenciada pelo cliente. A criptografia do lado do cliente pode acontecer fazendo com que o cliente forneça uma chave de criptografia/descriptografia por blob para o armazenamento do Azure ou manipulando completamente a criptografia no lado do cliente. portanto, não dependendo do Armazenamento do Azure para garantias de confidencialidade.",
+            "guid": "3d90cae2-cc88-4137-86f7-c0cbafe61464",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Determine como os dados em repouso devem ser criptografados. Entenda o modelo de thread para dados.",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "8dd457e9-2713-48b8-8110-2cac6eae01e6",
+            "link": "https://learn.microsoft.com/azure/storage/common/customer-managed-keys-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&bc=%2Fazure%2Fstorage%2Fblobs%2Fbreadcrumb%2Ftoc.json",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Determine qual/se a criptografia de plataforma deve ser usada.",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "e842e52f-4721-4d92-ac1b-1cd521e54a29",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/encryption-customer-provided-keys",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Determine qual/se a criptografia do lado do cliente deve ser usada.",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "Aproveite o Resource Graph Explorer (resources | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true) para localizar contas de armazenamento que permitem acesso anônimo a blobs.",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant",
+            "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Considere se o acesso anônimo de blob público é necessário ou se ele pode ser desabilitado para determinadas contas de armazenamento. ",
+            "waf": "Segurança"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "cb8eb8c0-aa62-4a25-a495-6eaa8dc4a243",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-upgrade?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Aproveite um tipo de conta storagev2 para melhor desempenho e confiabilidade",
+            "waf": "Fiabilidade"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "e05bbe20-9d49-4fda-9777-8424d116785c",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
+            "service": "Azure Storage",
+            "severity": "Alto",
+            "text": "Aproveite o armazenamento GRS, ZRS ou GZRS para obter a mais alta disponibilidade",
+            "waf": "Fiabilidade"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "2fa56c56-ad48-4408-be72-734c486ba280",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Para operação de gravação após o failover, use o failover gerenciado pelo cliente ",
+            "waf": "Fiabilidade"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "dc0590cf-65de-48e1-909c-cbd579266bcc",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance#microsoft-managed-failover",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Entender os detalhes do failover gerenciado pela Microsoft",
+            "waf": "Fiabilidade"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "a274faa1-abfe-49d5-9d04-c3c4919cb1b3",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "Média",
+            "text": "Habilitar exclusão reversível",
+            "waf": "Fiabilidade"
+        },
         {
             "arm-service": "microsoft.cache/redis",
             "checklist": "Redis Resiliency checklist",
@@ -8990,7 +9422,7 @@
     ],
     "metadata": {
         "name": "WAF checklist",
-        "timestamp": "August 08, 2024"
+        "timestamp": "August 12, 2024"
     },
     "severities": [
         {
diff --git a/checklists/waf_checklist.zh-Hant.json b/checklists/waf_checklist.zh-Hant.json
index 692a96cf1..74783449b 100644
--- a/checklists/waf_checklist.zh-Hant.json
+++ b/checklists/waf_checklist.zh-Hant.json
@@ -7067,6 +7067,438 @@
             "text": "利用 Azure DevOps 或 GitHub 簡化 CI/CD 並保護邏輯應用代碼",
             "waf": "操作"
         },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "應用與存儲相關的 Microsoft 雲安全基準中的指導",
+            "guid": "d237de14-3b16-4c21-b7aa-9b64604489a8",
+            "link": "https://learn.microsoft.com/security/benchmark/azure/baselines/storage-security-baseline",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "請考慮「存儲的 Azure 安全基線”",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "默認情況下，Azure 儲存具有公共IP位址，並且可通過Internet訪問。專用終結點允許僅向需要訪問的 Azure 計算資源安全地公開 Azure 存儲，從而消除對公共 Internet 的暴露",
+            "guid": "f42d78e7-9d17-4a73-a22a-5a67e7a8ed4b",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-private-endpoints",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "考慮將專用終結點用於 Azure 存儲",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "新創建的存儲帳戶是使用ARM部署模型創建的，因此 RBAC、審核等都已啟用。確保訂閱中沒有具有經典部署模型的舊存儲帳戶",
+            "guid": "30e37c3e-2971-41b2-963c-eee079b598de",
+            "link": "https://learn.microsoft.com/azure/virtual-machines/migration-classic-resource-manager-overview#migration-of-storage-accounts",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "確保較舊的存儲帳戶未使用“經典部署模型”",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "利用 Microsoft Defender 瞭解可疑活動和錯誤配置。",
+            "guid": "fc5972cd-4cd2-41b0-a803-7f5e6b4bfd3d",
+            "link": "https://learn.microsoft.com/azure/storage/common/azure-defender-storage-configure",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "為所有存儲帳戶啟用 Microsoft Defender",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "軟刪除機制允許恢復意外刪除的 blob。",
+            "guid": "503547c1-447e-4c66-828a-7100f1ce16dd",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-overview",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "為 blob 啟用“軟刪除”",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "考慮有選擇地禁用某些 blob 容器的「軟刪除」 例如，如果應用程式必須確保立即刪除已刪除的資訊，例如出於機密性、隱私或合規性原因。",
+            "guid": "3f1d5e87-2e52-4e36-81cc-58b4a4b1510e",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "禁用 blob 的“軟刪除”",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "容器的軟刪除使您能夠在刪除容器后恢復容器，例如從意外刪除操作中恢復。",
+            "guid": "43a58a9c-2289-4c3d-9b57-d0c655462f2a",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-overview",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "為容器啟用“軟刪除”",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "考慮有選擇地禁用某些 blob 容器的「軟刪除」 例如，如果應用程式必須確保立即刪除已刪除的資訊，例如出於機密性、隱私或合規性原因。",
+            "guid": "3e3453a3-c863-4964-ab65-2d6c15f51296",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-container-enable",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "禁用容器的“軟刪除”",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "通過強制使用者先刪除刪除鎖，然後再刪除存儲帳戶，防止意外刪除存儲帳戶",
+            "guid": "5398e6de-d227-4dd1-92b0-6c21d7999a64",
+            "link": "https://learn.microsoft.com/azure/storage/common/lock-account-resource",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "在存儲帳戶上啟用資源鎖定",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "請考慮對 blob 使用“合法保留”或“基于時間的保留”策略，以便無法刪除 blob、容器或存儲帳戶。請注意，「不可能」實際上意味著「不可能」;一旦存儲帳戶包含不可變的 blob，「擺脫」該存儲帳戶的唯一方法是取消 Azure 訂閱。",
+            "guid": "6f4389a8-f42c-478e-98c0-6a73a22a4956",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/immutable-storage-overview",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "考慮不可變的 blob",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "請考慮禁用對存儲帳戶的未受保護的 HTTP/80 訪問，以便對所有數據傳輸進行加密、完整性保護，並且對伺服器進行身份驗證。",
+            "guid": "e7a8dc4a-20e2-47c3-b297-11b1352beee0",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-require-secure-transfer",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "需要 HTTPS，即在儲存帳戶上禁用埠 80",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "在儲存帳戶上配置自定義域（主機名）時，請檢查是否需要 TLS/HTTPS;如果是這樣，可能需要將 Azure CDN 放在存儲帳戶的前面。",
+            "guid": "79b588de-fc49-472c-b3cd-21bf77036e5e",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/storage-custom-domain-name",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "強制執行 HTTPS（禁用 HTTP）時，請檢查是否不要對儲存帳戶使用自定義域 （CNAME）。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "當用戶端使用SAS令牌訪問 blob 資料時，要求使用 HTTPS 有助於最大程度地降低憑據丟失的風險。",
+            "guid": "6b4bed3d-5035-447c-8347-dc56028a71ff",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "將共享訪問簽名 （SAS） 令牌限製為僅 HTTPS 連接",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": ".強制執行最新的 TLS 版本將拒絕來自使用舊版本的用戶端的請求。",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant",
+            "guid": "e12be569-a18f-4562-8d5d-ce151b9e7d55",
+            "link": "https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "強制實施存儲帳戶的最新 TLS 版本",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "在可能的情況下，應優先使用 Microsoft Entra ID 令牌，而不是共用訪問簽名",
+            "guid": "e1ce15dd-3f0d-45e7-92d4-1e3611cc57b4",
+            "link": "https://learn.microsoft.com/azure/storage/common/authorize-data-access",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "使用 Microsoft Entra ID 令牌進行 blob 訪問",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "為使用者、組或應用程式分配角色時，請僅授予該安全主體執行任務所需的許可權。限制對資源的訪問有助於防止無意和惡意濫用數據。",
+            "guid": "a4b1410d-4395-48a8-a228-9b3d6b57cfc6",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "IaM 許可權中的最小特權",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "使用者委派 SAS 使用 Azure Active Directory （Azure AD） 憑據以及為 SAS 指定的許可權進行保護。使用者委派 SAS 在範圍和功能方面類似於服務 SAS，但與服務 SAS 相比，它提供了安全優勢。",
+            "guid": "55461e1a-3e34-453a-9c86-39648b652d6c",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-sas-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json#best-practices-when-using-sas",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "使用 SAS 時，首選「使用者委派 SAS」，而不是基於存儲帳戶密鑰的 SAS。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "存儲帳戶金鑰（“共用金鑰”）幾乎沒有審核功能。雖然可以監控誰/何時獲取了密鑰的副本，但一旦密鑰掌握在多人手中，就不可能將使用方式歸因於特定使用者。僅依賴 Entra ID 身份驗證可以更輕鬆地將存儲訪問許可權與用戶綁定。",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant",
+            "guid": "15f51296-5398-4e6d-bd22-7dd142b06c21",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "請考慮禁用存儲帳戶密鑰，以便僅支援 Microsoft Entra ID 訪問（和使用者委派 SAS）。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "使用活動日誌數據來確定查看或更改存儲帳戶安全性的“時間”、“人員”、“內容”和“方式”（即存儲帳戶密鑰、訪問策略等）。",
+            "guid": "d7999a64-6f43-489a-af42-c78e78c06a73",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/blob-storage-monitoring-scenarios#audit-account-activity",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "請考慮使用 Azure Monitor 審核存儲帳戶上的控制平面操作",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "通過金鑰過期策略，您可以設置帳戶訪問金鑰輪換的提醒。如果已過指定的時間間隔且尚未旋轉鍵，則會顯示提醒。",
+            "guid": "a22a4956-e7a8-4dc4-a20e-27c3e29711b1",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-keys-manage?tabs=azure-portal#create-a-key-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "使用存儲帳戶密鑰時，請考慮啟用“金鑰過期策略”",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "SAS 過期策略指定了 SAS 的有效時間間隔。SAS 過期策略適用於服務 SAS 或帳戶 SAS。當使用者生成的服務 SAS 或帳戶 SAS 的有效期間隔大於建議的時間間隔時，他們將看到警告。",
+            "guid": "352beee0-79b5-488d-bfc4-972cd3cd21bf",
+            "link": "https://learn.microsoft.com/azure/storage/common/sas-expiration-policy",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "考慮配置 SAS 過期策略",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "通過存儲訪問策略，可以選擇撤銷服務 SAS 的許可權，而無需重新生成存儲帳戶密鑰。",
+            "guid": "77036e5e-6b4b-4ed3-b503-547c1347dc56",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/define-stored-access-policy",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "考慮將 SAS 連結到儲存存取策略",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "028a71ff-e1ce-415d-b3f0-d5e772d41e36",
+            "link": "https://microsoft.github.io/code-with-engineering-playbook/continuous-integration/dev-sec-ops/secret-management/recipes/detect-secrets-ado/",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "請考慮配置應用程式的原始程式碼儲存庫，以檢測簽入的連接字串和存儲帳戶密鑰。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "理想情況下，應用程式應使用託管標識向 Azure 儲存進行身份驗證。如果無法做到這一點，請考慮在 Azure KeyVault 或等效服務中擁有存儲憑據（連接字串、存儲帳戶密鑰、SAS、服務主體憑據）。",
+            "guid": "11cc57b4-a4b1-4410-b439-58a8c2289b3d",
+            "link": "https://learn.microsoft.com/azure/architecture/framework/security/design-storage-keys",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "請考慮在 Azure KeyVault 中儲存連接字串（在無法使用託管標識的情況下）",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "在臨時 SAS 服務 SAS 或帳戶 SAS 上使用近期過期時間。這樣，即使 SAS 遭到入侵，它也只會在短時間內有效。如果無法引用存儲訪問策略，則這種做法尤為重要。近期過期時間還通過限制可用於上傳到 blob 的時間來限制可以寫入 blob 的數據量。",
+            "guid": "27138b82-1102-4cac-9eae-01e6e842e52f",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "爭取縮短臨時 SAS 的有效期",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "創建 SAS 時，請盡可能具體且具有限制性。首選單一資源和操作的 SAS，而不是提供更廣泛訪問許可權的 SAS。",
+            "guid": "4721d928-c1b1-4cd5-81e5-4a29a9de399c",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/delegate-access-with-shared-access-signature",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "對SAS應用窄範圍",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "SAS 可以包含用戶端 IP 位址或位址範圍有權使用 SAS 請求資源的參數。",
+            "guid": "fd7b28dc-9355-4562-82bf-e4564b0d834a",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/create-account-sas",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "盡可能考慮將SAS的範圍限定為特定的用戶端IP位址",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "SAS無法限制用戶端上傳的數據量;考慮到存儲量隨時間變化的定價模型，驗證用戶端是否惡意上傳了大量內容可能很有意義。",
+            "guid": "348b263e-6dd6-4051-8a36-498f6dbad38e",
+            "service": "Azure Storage",
+            "severity": "低",
+            "text": "在用戶端使用SAS上傳檔后，請考慮檢查上傳的數據。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "使用「本地使用者帳戶」通過 SFTP 訪問 blob 儲存時，“通常”的 RBAC 控制不適用。通過 NFS 或 REST 進行的 Blob 訪問可能比 SFTP 訪問更具限制性。遺憾的是，截至 2023 年初，本地使用者是 SFTP 端點目前支援的唯一身份管理形式",
+            "guid": "ad53cc7c-e1d7-4aaa-a357-1449ab8053d8",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support#sftp-permission-model",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "SFTP：限制 SFTP 訪問的「本地使用者」數量，並審核隨著時間的推移是否需要訪問。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "9f89dc7b-33be-42a1-a27f-7b9e91be1f38",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-known-issues#authentication-and-authorization",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "SFTP：SFTP 端點不支持類似 POSIX 的 ACL。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "存儲支援 CORS（跨源資源分享），即一種 HTTP 功能，使來自不同域的 Web 應用程式能夠放鬆同源策略。啟用 CORS 時，請將 CorsRules 保留為最低許可權。",
+            "guid": "cef39812-bd46-43cb-aac8-ac199ebb91a3",
+            "link": "https://learn.microsoft.com/rest/api/storageservices/cross-origin-resource-sharing--cors--support-for-the-azure-storage-services",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "避免過於寬泛的 CORS 策略",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "靜態數據始終在伺服器端加密，此外也可能在用戶端加密。伺服器端加密可能使用平臺管理的金鑰（預設）或客戶管理的金鑰進行。用戶端加密可以通過讓用戶端按 blob 向 Azure 儲存提供加密/解密金鑰，或者完全在用戶端處理加密來實現。因此，完全不依賴 Azure 存儲來保證機密性。",
+            "guid": "3d90cae2-cc88-4137-86f7-c0cbafe61464",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-service-encryption",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "確定應如何加密靜態數據。了解數據的線程模型。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "8dd457e9-2713-48b8-8110-2cac6eae01e6",
+            "link": "https://learn.microsoft.com/azure/storage/common/customer-managed-keys-overview?toc=%2Fazure%2Fstorage%2Fblobs%2Ftoc.json&bc=%2Fazure%2Fstorage%2Fblobs%2Fbreadcrumb%2Ftoc.json",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "確定應使用哪種/是否應使用平臺加密。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "e842e52f-4721-4d92-ac1b-1cd521e54a29",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/encryption-customer-provided-keys",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "確定應使用哪種/是否應使用用戶端加密。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "description": "利用 Resource Graph 資源管理器 （resources | where type == 'microsoft.storage/storageaccounts' | where properties['allowBlobPublicAccess'] == true） 查找允許匿名 blob 訪問的存儲帳戶。",
+            "graph": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant",
+            "guid": "659ae558-b937-4d49-a5e1-112dbd7ba012",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "考慮是否需要公共 blob 匿名訪問，或者是否可以對某些存儲帳戶禁用公共 blob 匿名訪問。",
+            "waf": "安全"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "cb8eb8c0-aa62-4a25-a495-6eaa8dc4a243",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-account-upgrade?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "利用 storagev2 帳戶類型獲得更好的性能和可靠性",
+            "waf": "可靠性"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "e05bbe20-9d49-4fda-9777-8424d116785c",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-redundancy",
+            "service": "Azure Storage",
+            "severity": "高",
+            "text": "利用 GRS、ZRS 或 GZRS 儲存實現最高可用性",
+            "waf": "可靠性"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "2fa56c56-ad48-4408-be72-734c486ba280",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "對於故障轉移后的寫入操作，請使用客戶管理的故障轉移",
+            "waf": "可靠性"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "dc0590cf-65de-48e1-909c-cbd579266bcc",
+            "link": "https://learn.microsoft.com/azure/storage/common/storage-disaster-recovery-guidance#microsoft-managed-failover",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "瞭解 Microsoft 託管的故障轉移詳細資訊",
+            "waf": "可靠性"
+        },
+        {
+            "arm-service": "Microsoft.Storage/storageAccounts",
+            "checklist": "Azure Storage Review Checklist",
+            "guid": "a274faa1-abfe-49d5-9d04-c3c4919cb1b3",
+            "link": "https://learn.microsoft.com/azure/storage/blobs/soft-delete-blob-enable?tabs=azure-portal",
+            "service": "Azure Storage",
+            "severity": "中等",
+            "text": "啟用軟刪除",
+            "waf": "可靠性"
+        },
         {
             "arm-service": "Microsoft.Devices/IotHubs",
             "checklist": "IoT Hub Review",
@@ -8990,7 +9422,7 @@
     ],
     "metadata": {
         "name": "WAF checklist",
-        "timestamp": "August 08, 2024"
+        "timestamp": "August 12, 2024"
     },
     "severities": [
         {
diff --git a/spreadsheet/macrofree/azure_storage_checklist.en.xlsx b/spreadsheet/macrofree/azure_storage_checklist.en.xlsx
new file mode 100644
index 0000000000000000000000000000000000000000..afe31be886e7adc0873aa1aaeff6f29853d55781
GIT binary patch
literal 26066
zcmdqJbzD^I7B{Y<pn|l7l!$b9gQ9?RcS%ck3=AMhD5-QK-QBGqptN*2pfp3r5Cb#(
zX23k>zW2QM-uJKH=QD2iK6~vI-|t%MS<fEND9WH*#lLjv()CMmFEF$uy5ye3Ag=ll
zf3OjMOzeym9qsI$SPkv%S=?=`<p$)?+t@HrzqTs7)+Pj#XJI}T4o+<vU~vhkp||me
zZf#r@wFLk^l4P*Fx<^wJFTTUFV8hALb?d<x6;!0BJ3Tmk!Lx)N<QrOk2P=z$9Hl+O
zX8d^oI|g6xTy5Fv2#bWd%RsD{TZMoUP5YcCmq0l!Md26Ho7l@9)FL5xGW>Cj*Umyz
zdTy(vE_K_Tnp|r|YamqoBZT|idUiK1BYeMd=@QQGAsE{^nj&Kecw=Dof(^f;HTbB6
z{j)1>5!UoXdpw(_p|Krhy^ZM-mQ>(It%38Hy1;~SKmVbdLfviNXe;zmb&|4{YlLK`
zxulC`coa>%_>^5(cN1hDiCuHbEjAGm+8`(HY@Hy-{#3yo`8DBbYWn5)_yi(_C-2R(
zj%z^Iu}L4I;YPb%&n42UATM(E!3^zB7HV*nhj^tO9LJ-Fu|c2d&vfoe6(*YpKho9k
zQ?d00*sPgv+_e<b$!2uU))<BwTz-rntLVc~_G+Nt6TV&N6>JrWlWf9AS;(wE3=|L9
zb$ZIY#QGp#ywU26ia<)8CLZIl^3dF7usiCATAglJvK`Ggc-3itv9M*2@wn)pxV<OD
zZiz&_bgA?1rAv4S+}y2Mou8T7m|h&&k;rXm_1R7H;J0E;oZVg7l&+!nx$1ILr{*Mv
z>*2iX%9~h=5O(T2_hUZL-Ne|ih`Wr^U>J9~af1zmvFr+?>m&u<+m109j%Q@+<0Q){
z9%cb1%%@Q!Tf*?8nfdt;cgU2~lQ62@YlcegO#0<=D3T&1ub+*uZ9y6W5-qO3%D9}t
z)OO1$H~?UCvNuqY!A$%Wo8&IVE9Mb46na{nSZW}V#N5rKuh&y=5o5jaXQ9wS2@ij0
z_oO(|MxzM(%}1_#_<mE(-(DY0tWY!bZ3OIM29!PtHhGtO`cA>TS2}CreO>(N%lvIR
z-f(Q2c(#G(WQW_YxNZge`=i|&mKV*b_8Qf`sgyvK^kyw5t^SMdQ#O`tN8pITO@Z(=
z)kGOsb^=^ZH+L%EnL);j{?f5XQB~e&EoMMJY0~As#5<r3%SK(*ZDQEsE#R;m93Kb>
zaO2qqmDE-kqH<X^khs^X*;T8-Hg6hCzSGz+o6cuA!pB#{4dWfG(V_PY8D*h-Bw_dL
zo6GpBx{TA&O;ghhD;kPVO`7PRDd+VrW%Y|kJ`PNl-^M<EzK2ciB_B%0ar5pr4V}@I
zz>P>yb<cLnDZd3Hgl?*hj!Kwhx1&?BtqWU(7H^Wx&R3li1#mpqu{yt;8{s4BwY#vt
zQ@U5ryJ-9NS#*piY?$}#bUS<J&`z|)8(K`xT5+V&3WR_oL}#<~8LC=555UKjakD<K
z@c{+yZ5l}!Q<J0^Q>ft4L|u=V=3BEXUzV4nR<6CI!=<~Fg*x%Z_ev9|xN4A<;i&&1
zzsXIqZ4Y3cz3_E+rdO!$g4b_<WihVmsB`77jjFHcd6oIb+mYPd!3{@XsBfc~zYb5~
z?!qhiY{I7jOCs0oGI7GoxFXH1L(3)BFH;8VxxE@lc>2gf=&l4hPO+3n7Ar)I_sMnd
z1n_mg!rRm9GrZcN;E~#$H^KfkzIpQ0Il;uGnVK1jJwyRqAzvPH489SHcQjzHd;N74
zC#QD>qYPUhL0Cj>WhM|K)9r*MC6FOfhGUG<4cl1DBq^-<QUD&aIqo&BbvgDxZ1GN!
zC~aI>5Tz8w>GKR-w^>@vR6Cv77Z_PsuNS0xU39K+x`@iJVjHIH(qP4`Pc1wqAuD#z
z@;|`r#3#$V+}YWjBp{T;CcLV1*(8QU(>zJ%N!Vx>h2dpWW##c_q%!`v6=?1s9FNxJ
z$8iVn#VO|iiCdwguUFsE=gMV!j!-b>M{k=9gQeDAVW&u~c|VUXlZJ{>l&X-YxJCH(
zeiQuo)v4!!k!Yoj$4euxcl+4*L=Dd9_saF}Ps-<O7R8VhB)Kl4S{2XSklG)cGcR6u
z5S5?Ydw(-Egw<tNx!c1xD(D0&mfHqj@`Ok}vZr9FqTpCmog3hJToGGeWXfWd5TV{v
z)J@2E5=%RZyVSBvj4O?`5IslshCt-X0sJlc3k%xY+AW5OR|k_7a=%KDX4|~rJihkk
z{ln)pY;x==hWD2WB-`TIE@ww26bdpo&)LV_GRy3ko6DxTez*Qk(2x~7W<X+cn0i5B
zt(y$Q!tQ>>)i0{6lTs!$DpJwh_X`#)-_T7Fc4U+oDlxXa3W(XcNh*&jJrmT}ABy8o
z;=g})XIR$z8wmZ-IhB3XG>)sMP>^uRBH%I27ggK@HjJ;^niMTh4aV0zG~%kb3aYWb
zSy^%N4nEl+?kZdEX35+6oMnjlEsf?`Al@Ktq-?+non?GWG6__VqsJe8QsQ3x`yt6n
zNYG;=TSZ*4B6HA#%-gj_`IbHn3*duXbABt(CwIONExp8AF5f0)UmdJ^`bA-e`0hVs
z<KuyHExF+kbr%!hp<upzEn|gwec<Y0cd*r}Wy|fDp4d?WacA7O$FCygmN?y~^oKqb
zQJFThFvys<!Sg(EayO>~#v;x7FDv);8BuJ$9w=j2)2g4+)hL~`6QQ0td+<@Qa5X;$
zGP2trj?Q$QV_3~`UA-H!<e7@PretLb?yjnJDC~m<VISM%sT(tNtS?U7h@PF96LE~a
zG4xs7mH&-IuT(qmS)*JRW4-?SlKK=s71wpKKATu{xp8JfLEF!^wbBvq=s2#2Y+7%!
zoK`C2?#Y}u1Lx;Nbfc#<fCSo1#V?9g`I_rkV|Q6MZ(WH6Xwti^EqW9x=fx#~{Dy5u
zZ@QEYF;p??SA%RkZHs5TOzue1PgukX=MLrHW)L4><hw1HZcs>AAfG?tT+pZ8Wg(I{
zeMi0JNH3muu^Ptu=Mwf(SWM?w=F%lug)5hcE|xGiJ4Y+0XQrmkPORsDU94juo46#+
z*p=hbj5V-@d5P&dHWsdl>5?ALQxj=a8a<G(m02J9eH=`Xs(%J`KuU>==xH*F-zB3n
z6oxjf(j_^O4+?jkYx;3KD+9dY4Wg&sO$@=q3lVFezMVKijojf41-lv2ag7caZ(wsP
zvu(8QCf4||6m09;Uef$V`bXYHiSb6>rH+pEK9`nez|Pvh;%r5`N%Jhel(*jL?pzeS
zNA)v&vub(<|7L{S`1tX+=|-d4GiXo9Y6ujo)kf4HrCYS=7_vNl>a>&32kR=HdH~x>
z+Dr9;0V<nWY{REveG7`Z@ZGuMV-+*K_(h&YW4MzJP`C!}>DV;o6NWk6r!3s)0U%_h
z$pu34CvLB)l+&keQk=jbxh^d#L2LR|aNf_Q01cQD*05#kncmiJyTq1+uw*@+7hOGc
zJg$w^75v$b84?U{6yRIyfW2R1o<7r~SU7Ps8ST+s>}s3cf?GB6>*dpWu}|X19fLNV
z&v;9Zr|nKkL*|6^E63%Jxz=EtnsBGxYL6pTVQ()tp^egk>9ukZui;V^*f``M2kHiw
z6kaK|k=v_Y6;LrZ6L=xWJ|M_`BDk|Y-hbMbC{ls7*Mzm!gjLvz)#EK(%}Op9>Opt_
zAawO1wDgzQY~$Z*1C*g3LVzCMwD!Jv_4c2{Lk`)~ZrKWo+6fY-&hn(x3!2e^_T;~y
z2@+FaZZ%<TJ$!=3o1#Cml^+7{JXm=ko5Z{H!fk1Pu6m8{pqC6M!~!;!EaGlg0K#Z_
zp9C7&>R)|Pn|r80DhoqR5dj9lInh*FrE;-m45|E7THA9JUKUM0b~URXwQ^Ts7FZM`
zSjascPs2JXje1lcrk~t9xpopaQlx3Qp}U6GtQH}lo>>5IYW_@tohFagp;J9PTxxgb
z;6_ISS1X5m)e5J2dpju)<gNBWn}Xa@gukekO1<z21W@>K)_GmOF@yK`N|RD)EAiDr
zK)U+zlfCz!o2a&#1-$(Zm-Y07_<HvUI0a-IgGZfbg4H1Tsx9cy_rroti5g}RH@@W#
z!{3Sw(zf0<*q7YR#3^=tCQ5{T<ax;lfo>93;HMlzKQd-=cr&NR;iGTSSio&{Aezr%
zVXJ5;+bOL1ktC)<nfuXU|C@nCs<iiS+Gk<Jr2MDCelVu5TRq^dr6Mef8@PVack$kG
z3heFOTxud0q#sGt##(7QZO5SLkaVdL0u;(;WFMZ*CwVvMe2#_B>+nR`RtVo7Z##HD
zKaJMm;59K5yWA+c-s7{}ND%<@M=5=Kq)b|qYu6ULg;pc9nA@0HrpLA2eK^iw{+b}E
z<3aL)<;K*E?q-0Ts8Gx5EEYrObkaautV8wUNT6KiBX3XcW6`bP7hDoPBvVjPk*jTH
zJ(iqNJSVC}qhid~M-ERP`LMFge;V9dy(%-oLN;aV>BVRpf6KbgeHxU<IS$&R{kjgJ
zqGhy&TpjL`Q1muv^#rP<0M4A7`o_V!GTCEYbKBYOJ8SpV_8$A_N~?H%)jVyMe#6^g
z=-9wO!&*4-b^iFMTS&!@O^Lr*po38~!9aTL{ky29=4Oyr60l|3b~mYdYTD38Ph_@h
z16n4!$*K?qvGu975O#2=Y*9{tZ!x&cE;5{?CLciZeXGJTgwDE*Dx0GSDh^q!->fU(
zH6Q8PhJ;mxI;WPw_|<$x_6QCOWoWw6W|}5%AAehdxWJ$WrHA8oV2!gJ0L0FbEP~gC
zDBP}}oedmxhg+&gepykwizp2X{{F_m?Dbglw;I*##m71EQ-Rfq{TQA$@?oPw1GntB
zE6oXOHazMXnTb+BHKLg}l>KC%_cuX0dv&%}_gtS2XYs8zyl(0}K_TIF+TYA`Wvdsq
zZq4Ior?=&)J=y46)s!FTU#;YlL`%)`gf>If$0KMojvXQuY`4@KH#~MJlNOS~v;iZt
zwmeZA4!hr$R7q`vqtfNM$25*DHJVaQu)^79H&jVS?z7C+2Wa047PUR>%J7_sf`#Ei
z@`gv7^9L5D1*<tBStpI{4SWoJ3Q<X7#W#<&VP`ur&>oOO292Mz$X*nArsI~!nxnb6
z)6w#an6cNsJ6d_XAyt0v3c3%4v>!I*mfjt8bkM)A+UDie+-flvx;NeV%<o<?G5PuD
zs?637_xunKuTyP2$&8r*?>f+yxZYwZFlu0_L&z;8tT}QFBVr8WybLPMRw_oeGtwy_
zBWlLark|D0i19)nsc7>A)?nIo)0fSzR?naE462y<Xvj;6^Md8HnHgBe8&BO;RZLXA
zY#z++Yi%!hw9>oIEyD&mX*)Ey-;7&I4W@zSRK_)hn^QCGd`^zOP8!ICpIEk>9c&h#
zSw_y<)QnygEjEZdQDO|yHs5ck1PJrD&N-q~%k(W4ju>xmv$fbNXyAE(z}EWAo?VS<
zQ9VyWItL$YCv@%4y+W5fq@QN&(n>9N22PU8yB+t}smlNWZ4S*a;73RZZ~wf>NKctZ
zZ`hr_7v-X9K=>lO{6r>G-v#_WmLO?!r$!?Q$}OU6YYEW2kr$xf?4qQ(SFJ{r!<%;J
zz}fW9Os_VHxRP#fbIg1_347t{W^MD_+bp_-`yg?10n5(`BF3MICtRN*4gyTeMr$J?
zbS$Hi;o83YTEVHsCq18dAp{<56deI(UngT59=~<FCzJ+VVVzx#0#>&Q=H~;O5W6i;
zmmEcX|6xF&NKpL@`S?jv&&F~i7~~0Lmf!b9NgsYe&+_KcFfe!+2u&Hl?iRh1v{%Qi
zQcHfDy?%xKvH7OF!)7Ft)%&P`>iNDth{PfRiOK*7oyv`s$=G`pzcQw|;fv<bUGMeH
zT2419<!IT+%`e=NeR_MuPHs<iyi84Z4`f<Ei-jBVGp|IeqW18;wd83bN}9>Raf|DE
z8wZSlM9lS_E%3bFR$tx$Pd$rjfqkX0zQ(KfN&};h%E!<n^f6T{oSc+*H%`}+zzK`5
z__s$QfLD?fQW9z8<@P+~`gX6iT7)H}pA7*gf>nk-&|Az!-`5%wW9_IfBlT=iPs=)J
zQrvUo;nW@O3p?JQn{#Yn$*BwzqLxdJyiYGpBjqNootcvb38m*RD=v*wf(6bj@lm3=
z;#fzV?S}$^agLPb^jyg&YAq{|y;MX12~<MvP!|WjRYrU$8x43*>`cKy@kV{;T!gO1
zQ`+gC-F=bPW;J^EV;sSHbq7WBjYHZsh|oB-v)AHd(Py5?)}^JR`)YtTnDVxzaufWt
z!Q)`_V@m-8)tX(@(1?>=k7K4ZS2)zz>mCaQ%A>Q7yAKID(BiPr<FM8g^hF9DOX&(R
zoqwLhR)4KOT6CVr-~7UcF6os@7^^LmvsV4Bj#02yL&e;KGA%@>&i(ayLUpv0SG!LP
zXbPd$kR1X<%J5EwTGPtsa5?rHHr>Xjr}-&G!F#9uk|!`@n&U+&n3K*Zp@z7Flj!^D
z5Xoi>K;PX~ixjdE1;lJufai9+|MaW)SAd`%*_~t%PrvQSKoY30PQ*L#>HPg#hsY=<
ztMqYWo%;EunJG58aTW9HW1Wf?2VW+1i_9DFx|_JNLxw3DPc~#7Bk`%DvIIY+C`Ek%
zbl#_!aP1{-d&hEwVfZv$v}N|}j4NGV0=4t(&G6Mk@)zi@5TCtL%_rpi8us?Y4)(;9
zT4R38Hv>!s)oqEb+{}n;cq_wz+)fxyoH`0AGUk>ZoDSz=Qc4_B4Lu*NM>se<J2^PY
zHtL)Ld{dGKZi5-NOll3zyp!`RcnY+6%l6h4f%M(zmzotEgd+~)8fIp^Vl|**S&8jy
z&^zxz<qYe3wpf-HeE8$w`4WFKUg+~4`W99S%`?5^5tN{iWz>;wPQGk&#AmiXCpRda
zrG=N<(}82a9{EAQ^1i@#vA)Avg@|N0ndHEXlUvBi#jtm5$(i#|h&63;&Ls7l3C+2;
zQ2-H3j)64x1hg72wgiJ1!nVQz1_vXo^|IqZb&6QGT*pYKou}(9`kTQ6mY4<`Zb@;_
z`Ta!;PrYb4dJ=Aa1t_PR&z_@WqXxz5^qjjvMO|x2u4oH{_Gkm{{so*_Kx@NY3duBx
zIU5CXG!G4Aoek+Q=__z>3x_YN_3a(E^_;+3M%2z4EArg+7I?eDVQR(pmgSyh@DYWA
zMluf+4KmfqvTbhGBm#YJmXXM+Q7Q*5VJ{y$a6kdXy7*DuG<TeEVQS%6fCT>=;+HpA
z)c0~()SYyTmSzu6Gl?gbhT1cwdPxb3_*pdX_h_$F_p;c?)Up!C)ztH>*Xt0aHmakm
zi_|)|`fc#<PIi$JGM(p2<I^y(OtMHOyTh~TF2Ur$8hG*1R%3A@YDnvu@X5Yqg_mBF
zh&g_MwlHSyE6;QVF@G)A5(9<R3~Pew6WOKBrGvL)xG+fT?#G$D%slOIa7zZ-G9#oS
zht=73|BkmnUdNI$p|~@nm_wxqu#tH$YNIdzNY_=6M`5?1>8{qM2F370R-)q+s84lx
ziA(L(`?M%8LS))i8Yyxo;Cx;ZXY-jLnIP~jWfu_w3E_gdE52b7D(k?<TJmTf6o`$V
znay$_Kq=nRS5v36dw;3Zxgk+Iynblo8bY!!g6_N@`4Wv@;`fq3TNtcCLI3b>>@1tc
zH&NJyMX>}giefXj0Nx%^N@E2Z4X{K7PtBY8*g7!uvueQ>8%~AJ-Yd*_WB4!)Jjrsp
z;h;tA6beyu@=^pGYSD`7ZbalJoi-dPv6_k1sF1<O3&nU@V@lszJDr~F4kzv2K2y_>
z3O~`H)>~VVE7@gT<R9Ju<=e(%;DVZ*0gB5kBi58@MndJ+9HArRAL)4>%D3teF4TWe
zI^>GpVJmPa62PCk>1Xp=W&H&*Tmed#y*FzG$t#XFo|e~?mWdgyn%R3-!Hy!WWo7|X
z1{m+vpF|_eztS&0vw^bD-1!lv&B@VCjw*<wXR})Ff(F>Q&XzQlv^LFdH!77&6zFlX
zD#;z;&1&0?b!h3U6m^^for9MPjmD`5q%RlC+iVgRmwLn~GPc_mdfplx%9<`5t<+E`
zNjm}Bn^so|1=TUQ)-EdP+1ZU09!bXBA*<<{g`Daa5~`~4(h9~5zEtsCxm)jTAyTdI
z`Gbh~-lSKseWZPFL_`iI4G(GJg#F73F0?zCF2>5`<vfA5F@rX^R_)d6_2pWEmFUBL
z%fme~7WzpDvB(UQNatlpUf`oW;#)zFrZIch-UmMNQdX3^0n<yLm-5jE*O~#gA}ZGG
zWrx_dg&c?8>V!{2q`qBhu~lQRr-R37OVU7@)I9;*mD-oXi!oOUR8E@GfhD3`clL?<
zUWjsqm1BKAo$-3PDAnA55UK~4<GnXF>u4!}6XtlisgbAO_`ba3x@?g_Fx#hc&T;}F
zSXzM!(0qybc%+%j+T85UX6Gc)nh{u5L!W(?FPsk{ghMU<>Hezxu2RaYB~Agnpc<H>
zw?vAk?W}s5Jw*?J<56d^XjRu4U(K|4I|<|<0eBreu-!1?4(GaUeyX^3ck|S}x^>!y
zrqIYS!Dn&}FStVLvOG(8>3&d4%Yj4u2(_exEfy(O|3)qkhih6HXKkwvl`+T|=+-br
zF_IsWKJW|!qdRDm(=CV9l|6&W>f34|E!fOhGmemi+Y55|rZ>z+7Tt;`rDVJxNUa~S
zf*3cv%0qCFtB04Q3wz?giV^A5!Hr?Jrx88(G}8Q`+NZ7>z_HoXG~h>3dE1b7$Uz>V
z8=xO^y}I{3gjY>uR+ae3&_GY+V~<r(DGg$S+Bm(7D^@uC;EcbOKc(;hQu}(e98^?W
z3vOzF>Kh$re;C_IVf2EMNCc3-KHV-Zq1BC}2RIDc+=QOhf=iEg4(HdT5(1-x#_(~s
zS|>GAR%X@Xq-YCatCo&#ndkw$qjLBKtV|1ydxu0LzAHl#Df4Ry)M+r$`cI#MmQk6n
z<icrO?sz|VCAa?Yu~s6A@XLmQ!Bnu89RR%lrB4rb?eX}w`j}ab<I-ABwdN#mIofy1
zU`oO-mpDDJgKE6mMkpqX`K1bn^<$2}g^-TymPAc`&^Y0lh(@vSO@mZXtwsY{PH)zN
zMm+0%;}1rlckCZ?_v~ofC|4MOYOXV?2E;|()^<Jpxl(1qd7LNBiBQqxGxF03=}(1Q
zQiVQSknGmo!jHw*7Tk4;dgw<+C?P!wUk&q=W;aCF@(oI!LGx<YGKP{qNo^eGX}l=z
zW(Z${*(iw|FM|3Sv=`Lf8t!W9hd!INOs^XuiJsRr@Z{UN?f9DZKy{9c7nKliJ)f&p
zM`4jF+y4wORqAsr+IzT&3Z7l=$~$8S2?5W7FPEN;JNWFy#dL3mPQQTrB_z@YmOzLW
zN%Xc9g+T9PW$|=4lwy}2$mG~ICKC*Q8I)5Cv@PUlsutvAvNLNeOvv;s_`r>Y5IUb!
z6L|}$hk+6@OM^8EntOpsLML&ACmWY7m8`fWqL)d<ZaRwC9X+H-D3d+aWYKV|6^LNr
z*&RBH&KXc>doS<p4v+`zpEaMBHxQ+p_0@i|^%Tg*E8RVrigNMRaVfV(cR}4Z(9i*G
z=AQvGRp_`kYH}G~H7LCrg3D=9HZ#euF{a4Mjffo-TjtaCKT_qf8adNReQr}|)vjTw
z*nN8&YU?%yE*Y9ODuqL&ML{okqE4L!tTmuBxNefLp#tt|?a1-PiI!BLa&80zCN%c8
zfC>2e7K($9X^pjdpO1#QJs2<o*r)+3tCZG~E$pr8d(TwYRbe)T*jsp6##tQR5R_Tt
zY>*voT-v8;1&#Hr9#bt&NTWb#^Oc%C_jBv(c#P64yhhrlUV7zJ53c2VO5FlwnoV?A
z8yE59SoHEH<=d37IEN%6<>;k@Bc+D)NF*T%h+^a<n>sM&Hptf%EOXg1;~C{21|a7B
zJoV7#MAH+{f@|DtRm+^iDQ)6|K+MN+5i?^3R}D5r)26u(q6#!lcc&M!^<V0@44utr
zoOLU(_9*zrX`Ga@4$#Uh@6pu_Y99b^Lu0_4H<~-iXrPUyX`?=H#hUt$X;+pPGd7bw
z)n>NmB>5XXjYtZQM|jlnrZxMv#yYk2YM5KA)YBsMc((-S>sV}e+g*K5WsY4fhWwx*
zusKV=uo4=ch76`YUy1RCgwerUCV?#|v2P5fa>~aJn;gao8+>GS<;p(aKJS$!G?{nw
z`pmf+5UZ9yXR)tvO@$1=ws?&??=<+48jVLjXZKvhv`zJ(D&AI-`(9G|vX3Cn;pmz2
zmvX+<T~&u>o6T?~{ZUZbZUaTjsYvhf-~hUx_q9@5=*fOxtYv`Ga&#>;@ly_*pwG)F
zzfdxWwLyw^y!K<aoy(AJZ9>el!lG1?En*Q2&pV~j2Vm@eGUnR{Q{+<%SL2O-kXPMn
zbjdgvYE@79=H4>gcP6x0IL|uT%(4H;rR7A%1&fMm9E)=k#a8t)p}w@WQ3yl#5a~0e
z;%UWOpkT9!q-vXmC2_-es4XwljCVK&IOoS)a50_a6OU$Cie!qrJe#Iv;x^t&om_<$
zbaP`7TykJ0Zg9$JDm3$^=%F^zo2hXfPTer&US1n@^-_zA*%wGRX#_BDR({a{r1hg^
zQ|mFdS`cJZFsa5&7M|`oIb<pf1kcZts8v@s380b%ENQN7U0&a9U#>un(Vztkp)*cz
zwl;s+7>Qa9gq2zv6+VoME1;bv7y(+E7rja;Uvk?D?TerqCtddtM>J5qQWx{W^rZ2T
z)v&_IY?<oqXt&k!F%nQCO$q-5B=~%h9#2-%D_!Dj&__1UM9u@-w>P~-;|2$uY6>!{
zRL}sQ0jI=u@ZsrteGZYeJMI99%oB|QPw%+6s+M)1t+9rIFur1HG1lwQeqHd@to7%g
zlSV^cMK7i(cz?(jVS5%K3(4gvO`K>#;03tNNSidLywRCw1Z?q!Ph@pTs6}V<kK}pS
zN^m=yCm9lw^l0)E#wyLAeXLk+D3?p#pUAuL(nrQvHM0N`DlwXF1H-Zdu8x7>Ujv7Z
zA8V;U(<}1M7kO65x(ucmP<C2!_4yL3@wU6Pf3-AHHEaRwRncq#DJwY6a?{j{#9fZ9
z($*a5BF1dKlj=OCk|e$Jlwj;*&d|x~fflo<TjBULj6^tG?O{dTaZwFp_q`YWdHYy^
z=Fc5@8+{=7<}+1;Df;%eW($O%46}8+2<QwbXwJDGf4{qgX4k`0r(cH*JJaLc=a0N6
zyhFh1vdgzkEpBnW9h1um+;n7L&(9ReD(*oyp2y#-uP=9r3gI$fwtgUfzT4SzQAI&S
zh&qyPb9Riinl3yudoQy<Q>s$&tU^)?cB-?pA=;y3bM_WK5?xb}S}p~Nok}i@%-!XJ
z0hec>+JXDSciz7oFKWd&0l(iJva~G>rURT272u~snz>+SDI|c_RA8O8{MvNT6hq5M
z8nk%eSe^C+3k!8Urplzb;Lde$W$;OO%84F~4#PPnd8HE=qr9S?w1@eD%jntt{1!{$
z>cyH9{}l1fN#@#PL$B&l#z=Tt&m(WWm9e#xS@H?|2A6{Tda%MZhx#^k?PybG_sdIP
z?95mCN!x332|K%MgxVdP+={m-t0L`oCqZ`R=VFN0C63$$F=HMQj2p;Bs3b64qOXi~
zIqkS^$e`9H(%A*I6=c_MzC|)`**eB4uWK(+wKkJ?n4LbYI<<)AHSm15Exd%#nr1oI
zT~YQ~9EHfr6<=-bmL<z;gME$-n+fA;m|iMr?fTT@i{sV`tOG6);9w~KEqa4&Z!<kv
z5ID85!2FS&LG)<MuKH!D-_Exz9hBNd2$@%(cB#2(yRw7Nz;o{@h)3kM40EHe>*DyE
z?weaK$8863%Z!R1lR^e}&I)Gk<?hA#71%C~)>`&>td4jlFN}KKD=3_Dt8Mhshd=FB
zhbPV|zO@(jv`lh9EIMnGoKv9`pQ5|HUuMWhPH7|#_*iOJW}}OPURWB?6&SoM0~?|_
zGVkN|9gjF_lvv2-66P3|?p1%g4KUP|4bl2G1x0;jM4jC@+g}hw_7VBMOwCRetpXB?
zxsYy?RtCPcUJljD0A}>p?iUsbEOqBg$b5-kn%~WM;4-6{nv`deOtCdBz5jWwcGFM?
zg0<AOwD9E2UV8GnR<X%)jPyo<*CU!{FDGH3V@t7-mK=RZa|5|kvhHmDnJ(FgfFek-
z{(0#&%;vX}9Cf)os5%ow*243fxjr*S&xJn`9NZt@-R8Yn<eO^ZX)Dj0x_W0VU*wv$
z9cg<CLAc>^PMl{_+pbW#=s;Vl$@%`Lkth@_Rg?NTN~mfBkKl!`@Qk^&CGkqE8e+kP
zcW=V%?uMP{E3j>kj06{9JxD{#i#BtsRr(}XqA;$|;8|-OJv<D1Pr1sO|7edy4h{57
znL1Q%c{GQiO5Nab?-pU~Nhzh#{MI0mNQJIYHDtVP%wUbUxV27qM8kO?&L`bsye&r$
zJ;_xmcI?6M=Au~(2PjN{wTyK6^!6hs7Ylr_=*DPAXSMZ?NC5%QM#jbKNki4)5=dwc
z2njcxP&VE{%ag*8qD3#iZWUYZ%KaOsg?q(eTdgxXuH~t5QG1gBk@_!SETBU@k$Xa4
z_gg$1J$e3B18g<G@Hp71wfEkp9h;)ax1G|(goiGA5cL$#mG%<v<tMXl<)0paab+N;
zmtu6HQz}POB%EIqc6Zx`FG?vVD6dW_c-2NOLB?Ku1}aFUn8d`n_LPXgh>mqlzM8Tg
z4!J>Rbrd#$8zKhgrs*xiSac4}yoPhel9tTwZ$@1;mU<aNC(SrH*U`-_>*}-NJx;9V
zNop<Sx;veBK`>Vu5!Wo_PL39y7p}TSOqTy>TEuV;i>&XY)m&6<c64oVh1KoErG-(D
zB777S1~E=DxX0AGp;A*ewl}9sI2bUPF)?Crn?(j|Zk>X!qF^uMOKxhrsnXljYJ(bp
z3zy5c8kaJc%ZsKi^KEf%U5&uQic_uXhUo*%S=Rh@6o4?m?F_Q&IR5FR0(Vd6Xmx9u
zI(>ac6hFm3$9ncz*r&BmJ}Wx+lQ(U<Nw`{vh$HSuLh_5ouI;r|>C0(9(oQYpa#Lq&
z70GWMR7E?2Uy)JKSGP-g0ri2bEa_k!&gKjSDV=>yuUio+cN_Dt+$suat{ijQOc9=?
zm-Ff8s+Hl~FJ3xWgZ1-8j2eW;<?77CIhvKcX<jZ1O^8?-o-lO}-FcSQ#~WU)KQJ!A
z4q7n?>UE;3O|ECJwqZ4>Ck(H~@lhIUJJ7mF^8GN&wCdE)B7%q{k8MfMq>pQ9Jv5Kd
zCJ6>>_a7H?ei~AsfU_Fcs+nK2gHh`W<&5>&udtDSqE4NX3`VOgYuO`{qe$~?on3F8
zA+l`C$6sd!+2If~gi53oEZWb5u|Vw`z2fVv;#%4$u<V)aHJh=$7(=bXwz58;<-*eG
zP<&}qTT)5zYBu!%QtW)$adJ@g$%ll(hth2*S|dIWj@h-Y*N%Sjh0-xvx#5YzHdKZ!
zspU)4HJn7)`4lFNtGg(GkOSd6tA;09i?>=wuRT}LsBh_q&L1BXf>m^9%d8!>RNbC1
zirTG_ACz`Tr%{s*wDxdJTC?_`-^+!n2SK|C4^QU#=lPb#1IkNNOIsc|wq(xNqZm+3
z6n@$gchIr@x`ov>ySdMqVpr9$Hp48|e>c^gLUk=4luF?0sXefA0L<b`Z&$xH58Emu
zFDxVO)DBBf@+l($<9}2{F;~5{b|^|}upy(Xw%w9X;QBg)sn{2D$i=||usOn|PNI{|
zHRfTua6HAm3mMr99_>zAnj<t}TEBaNM`3p!rZOVcvmQ+!c$4LvzQrn>zTQKD1s^0w
z(R<va?!#n-s#gD1HMPCgLo`wF_S)WIm;k5fsKFh6J+hnCd}^a8UO94yWH(T;vS1_7
z1JuUS<Jx(cN}AmZ>lH_t80}RG)0vgD=VJzS#VW5)x-__7?(PWm9ciz-meQtex+#n9
zd+#w;2Xh+`c0&$tDG02xfny0_YN-@F9oe=d$K|KH`o{!{Csx99kPmjk?805(>8y!Z
zdc#7<qHgx*N_B&f1`8XQnF^O6BD-fe)KdybMgzW{)(Ow>&Lq>i1B^+$A^<R*%i_l`
z_@IKH7jdTrO7?2$blM@>ux}*-tyW&+^}{2a{Ig@)M{+5jmK$|vALP=#t=an^*rTmr
z(_dZ2KaSXz#cs^9XJ~7O&6U?5r=RSnh!Y5&_s_19>K&FbfZ?6B>a{xuBZ(xN>yEZX
ztYd|z74dR5$ICoS>l5cl3xpI27Z{IwOLT1x)|{Q*6Rhew5wB@d-ZS%@WMbJ!n6RyR
zG0i<O@m$auBl*#!g3Y^*7g`guCnY7Ym>MX@jHr)Ftj_@AtMZ0B?%UEnImK9R<Ar0f
zLsvIjdJnGFlm`%+T3}UeHzb8^^r8<8+T07=DA8?Ck!QtlN+~rL*I!}5vA8ll(H3$(
z2Gefm5$K-~GdCeS+!d^KrTBMN$12{vq&czu$RbQ=SJ+@hIxw)wx-s@}6YbM8v%L+&
zGx1wr13hF!ov|`F+soGQO|{UQvl_ajXWhLlCrAcH=s$MHm+*%3Gn0ZmDEryg1ul||
z(^_>r9~N3NjGXnP=iiZ|m6VK)Uwrck1+tDO!TM^gyv{1&YB9SXYG)SUGh)lLuP2?o
z11ru{Tz5?;(swk$Em+M-InQy)cBc!aj=DB%eH0~k+F@Q~XNUC(XZss9@u#~z3yZLk
zeA?dQSqOWxb&b-Vc*_1-=h@kEwg7C#XEe^V!cnn+uIbbV!lDq=IM)Tv-68jGTz0o5
zq_4FLGg?Efp97o>5)A?xVI%6FH}PC!bGBS1rz|ZjQQr@yow~4UI_0i{r{T+6$8qgu
z>sW!_f-z@$&GdpvU_Y4|eC?x7E{cZItjZQcANuYg9twk5v+y{=@cBE814FHK=AIIp
z_$tN%+`NT-z!(ErIR~$Hxbj7>YzYIiR--|051)`+6K>#YCYe%FPb)a1oq6_!VoI{|
z0atC>nGui8`l7VrOlAY$s_mP-W}_a1jAHG_ZaQ${fp<A9-S#Va_T3`Y>3CSChCa1v
zl|hY8UqId>3nbtAN$0BC<>g5P`EAx0s?Y@Z#~EuiS1E#f_7d_>c*!2kX0<EQZj5e;
zC)8-pRFy~JUA!7>R7y!ccrZIF*a{p#ZGEL;^K^bMLU#yj4AW+&x8jMxgQHd-MjiZn
zuq`NOnJsFaGHc;F0C-C4h?1m@*`99vz8*5NDJc{k05b<2?JHVu+VWVE;o4=G8ZT#t
zr9{xlc)r~$ud`P#Y-?f@f|Z*Z*gCc+4J-!=nAY+RuUc;k7ztJ(<<4J`<A#BORcO#@
z^0db&B&`~D7J9@u=7TDUq_b<o7BLJ}wk>X(R!u^pqlIGw1^HE*^Yx_q6t95ta>8!k
z2GN1{Z+Tmy+$HaAbA@Mp${wJIu*AOQWkuqZraHd|azzncB^gJflcis$FABf}HT9-U
zP9+c@ce>u1Zc(HS?D)d96x&<_nq=VB+gZMe{2mJ-`55{7G+#+L;NZdG*wOHNUov5V
z=D<x(fDfdoK546cvVvaKvH_2EcY1__08<!36}6NPvvOxcKk+>CKi<wdmZ^-(kpO;r
z1AS_Yo)pGxjRYjXrn1GpDFl+u?!*&d*vPQF%hFU`u5XiEZ{BZKSbh2}03mk{NKTlg
zVI^8ab>~18d#h)vn&?Xz!1z0swhBqpU8z}aK{_8P-DI_i1fHrhNwZNE!Qt(v1P6zk
zvcpl?P%p@?K!uXaeyD7E*;a373ukn;@St04lG6#tILNF}hTFF(EVCbl)!Nvm*v1ZA
ztT7yuEM_=MeE!BK<v}L2-`euFN6=j6RXR#(|BABmovzMKis)>)J{}4s-1C$siB~EX
z<Z-##^k_%vN;EdLnAXGu(^KQhOWi{`==(pU@QBPu7QKT?xLSXT@j2rhp-8WPT{Mi&
zeiUaSnsNU;US5+-mTduN!yU5V2;8^+bU58@>4m`*igO-zVjs6XjF}O~V9Ij`Z%yVg
z24d>j1AaPazasVtExK+d37ezIe{Rq;B!ce757Cgjn76;orXSH=mVSww&P2*oA*g90
zsU@H~0e=~J@!kBpP=+W$)ncz-`ts~gE>pXfWrb8Y=Y>LXs2`pW7nCGw(JpzYN0=Rw
zHx$L9ubY13BO+qLK)l?>x$+`g_y;c8!a-o!Ek$7TCF;ko6bUfL-jEhir8AKgfPjys
z6p`;KZJ$c0`H?cH{Q{3qGtItC#1~<XX8VUZUt%>w`?9v@KWIRle|;Ko*>n|g`0mj^
ziwO88gcY#${-!40kjya9<!baI#@h8CF!kmMv>`7=q@UwvJf;gFR!0Zh_`iEv{g!}|
zO_TY-dH4up%<+cRmwrUg-k$iNISiYq=teJH$k{J23vTq5(fsr}{u@?H<_FFqg11cO
zNKF?2e3Vc_H$z<hNS@v@?dP}yh(kp(!on}S|1_9s`Tjf2MN}jA{E;3bYXy-z;Om@4
zRBwNfY^EuRi1M;2f4jgHX}|Lo5rwlLoDFgLBfE?wT>P=<b}$$*=z56Ni4?zQb%oOH
zK;-2Q@;D3FfDc}oYkEG=>MuKZ{ykw{hZP9-A})V06R))K4Mke0z2IuMW1!lN=&R=q
z*56vBfPuZM;ObAC;a&)nq-(dUg-%`j5P$!Ge=^Ub19|xae*RHLk+&ZpGybm)sWS;E
zO*B7UFn~zFPw~doC_fqKYWabOLvKFA&X3GN$j!$ahy5mZ2TfY2>keACV>mbFclQFV
zRl|%Cm-rOa4{j*ki|!z`B1L$IIP~z3@%;jXI~;lW0}!VohYQd6-J!n!XI;sbq=?$(
zR~J=`bt>|H`?JOiD3F&wcv{kgJ$SXO3Ck0YH$|NO$_-KEou9c;4)w(yKpZNPjUgz%
zasw8RxcmhL7#SiM8R96`4+eV4)L{0ACw~xyJjZQB=+<iZ)1K~cULnsfz=xcJk8lk6
zuMH5O{tI2I^G7<&SPG)L1sXrA`y&_}wC4fW>@7R}&GISIG8}0c{v*;}i5O8`CZC^p
zAkROr#3DdL9)70eA{Jo}#gF7bN1h|Ly_6=1FWC_Za*T4GYzQ`w+dFpAe&kvk;#_*&
z=orOx6><0l8r;78ADsI5-#S$uvWOL(jXZqM|6UR``1WrYAkT3<kr;UV!T@Pb=r;_I
z=NIT7pQDce>pS{?*EQ~mCl=U8k*XNW7leU;<$E(o6czf7PUQIqa%3hV4?jU2#lkB5
z1uF8qJP46E*~r6%{|HDS?d{-SkRr~db+_cM6RV3_;)n$z1d-o%lT;}Em%7#sAqaX9
zhhOx-w#$BHEAkwH7b06d{>;{Y3J<ShwIgp=@|cbPnXHJ)JA4jt*^os4LH3S5ObXNp
zi^;+EZFXu|dKDUFR{zXy%Efj%e@$$|oAF{fFD;a!h{TvexCEocUIx4g%)&OZ@TWKJ
zehdz<R|RANi2|_E@5^3R`H0WXY>E5mrD>#Dkn;6%#i7^uVoWh?*|G^wnz6$f;-axK
zv5nsQ(?7kLa4$z(&ggo%_0YQFO-cg!JCR~9v+;7G>GARj+msfgb`23vzGb^6OR4gq
zDo+Z7GFB;(Oq%k8nDirr;^?+$4%2%OF}{LiWsy*^m)CCRJf}Aajwj%LMfssZy7Cdd
zzow?elbe*W>ha1svRV4qC1W(YgOsk9ziY#13y{Sb&Y)rU*EF+mr9*hmd`pV*gEG2G
zcl4_f^ly2NGRJHPmvrN=<h-Ug(jK`Vh~2}|hnbCS^evkbq1eMvI)USj2PLVRH$8;}
z<%cU6Kd}6OZA6?inU3)M1K0fkY#H{SV6vZs`TBP-doI9CI0rNE9Lzv_ff51EMKDI>
zzz;9!{hv5gKBDx0(i7;9eeVZ5^97tLCH;4ge?mV0fto1G^pSFM-PIT8(9Cg_T;*KE
z{Y{fYfy0fQ8H97E1@Z_C>%R+%@%>eh-Cx%)!SM#F#Uz3~miKqRv&Z;e7V*pi=Pyd)
zp62NKJ=Es8AMjd+?a4*n%uBPWAfEZ%GZ%sj&-(p-c-GIcD1iPeMs|5!S)`hdS0VHl
zYUJmG=~Y;A{!nup??R2yPc=pyi@`U3soBX4VWd$hiNDKC5-Ii(A%2le4!5J|HDq4{
zFEV5<Fzc!PhH-Z_R@OxVqqdW3oUqj&`2LD4QQ===Zb?BiF7iVUGSe0+o-`veO_v~F
z>Lz8J`0I;I>xvPVWeNGs^+z8~-*_O(p`Nn?U;4Jo^?Ig@2oT6K898cQ{bc^D#8^V&
zbqOvY?YZ{@((ZdS2<_hkxG?<klPL}oj(@AHBz^=@uODwmC1znec3k~lueu!{7Ji2f
zfj;{M`iwL`&}X2b`2`umqQhM9jiCxkdZg%i@;ltoU}vv4^7{o^C?3Mc*jrK#a~0Q>
zk(CrOTvvf~^M2aTa!;-^@~g6b5{!pXjs(j#xya!*9)h(eKig3jpVkEcA8ycJ)EUAQ
zL3th1AEppIoST|L`(bJ-sG}O|4^!`a&rK2XUGS3Jd7F=k#r`*5=0B)mT%=U6?~lw3
zHgvd+@*5$vENaMfn){G_^CF#c9kOqR$lU(r@CQBz;VZ~ep)HZTC>6f2LP<^ChzGj~
zKN?8qt2G=%0cRma&spfO&=qc*^SJsec@Zo`JUFibgy?xG$<Kpv2*#;?<J|%A#03ix
z4}P!^QC3I(Tk3}5A)Yvg#^dTaG+|M~CFF)q!dHF;g-@Gw?v6hn<@bJqG{y6OVXFS$
znnDon;ok?j{s#->7c3x@pI1k6=O~pm0;u2n1LXPz3*<jp_>03tNNCSlK!~0fb*=;C
zIx>i#Y4fjHnE1b7Vd<Y)`1jB>I5;ALBK<w6$higk^Q6G0{oZBH3IF!brZE4R1^a(b
z_&E#h|IET44&%;$_!lgELj>_FZT>Y2LI2DG-~R;*{~j7%`AP@KOXA<Lk#b0M5YC|a
z*5b#BK>oKpMqd6ycCpX@GZFuPSJQDz>iyS@_RtW_CpXRqpIe<k-Oq;o;%Gn0w~msM
z2sw2;{edpgJOjE@3DXaB&o%5mlv8G_13o|RpMLBmK(^)G%ip`2%9q#p7$rEp^x0=0
zqc3K_r=f*7z4a2$zb_m3y!WrYK)>w7a`l&uo9CC`89cXP?bAOgqI@y&`LVN1r#aO`
z{H{O+nuu7_r6a!kz>=NjB>jiL-U0ve#`iGMJL{Uf`T>H!`zYVPoSaPcJ%@<qBlq}e
zmw&Vtheyh6d?;y7sNp|D=y|uC>`V2#hZw+qV!jIxU0!?(?|G-!|L)DtfdhdcGYPJr
z?{5nJxQ}oiRX++J1M$pxk7VmK{mNqg^-mAn=ndh&Q2dJpq=rq$KV1Bqg@3yL&mQoj
zNJ?K!)BoDT|7Z7Y*_s@P>$-^fevyQYT&cy_UgKWu5JLZYABmn-q~Ci44d+vQXC20u
zc?{C;-HYD#$xT%AujJId6bb)MgD`@E|K<Kadw`(zqTCR9_^&+te|G;yAb_0#g_VK^
z?Zr<JRt(wVV{Zv#psM^RCZvSK`*#@07b997B|TBRFQO<>IPJd!twijO*bSkYeZAOf
zAPe#xM$@?*=lRCqX=wMmo**SQHk6Ao_8e=oujg{f=flo5V^vgrkx)NhV!n%w60)Y)
zQ0x$#Ak?1EIz*Wq+lU<>M(?|enJJhg5+Uw>E@yr|>bxh4@r}dEeEJl%|9oq7-duX$
zoy+lE?A$t=xaZ={IDZu;Rk(%gqoJ3^iGAm-LE?)|7~j&+kFBo*@)ir|HP>9c%ta_T
zhuT!(H#nm%HeUz}h+AyD_rv&Tde7Z-`;bd`NF}mZMD!EVCqxd2#B6){y?fYw&`C>H
zk@xyl{8>25BegUZANV2S=W$Tk)<`7p>HKQ4h+C~G$^y_g-^X1l+iHpAD9t|vUZptV
zhJ0@yIJG)d{Rs@eN`q@IIbWV%Mf{>RXI=^x<19Pl|MKvTgS@0wq(t(t()sMfJ6AdO
z(y9N|uMQf<x16lf&;LF1dFP6gox1sH|1jVr&%gZmhk;the){F)U+rlKp^kqs8Sh5`
zGu`~T$xiov<Ds8_Ioe77`zRD%H`&cEhp_jnLE=avCg0HS9TXzb6yucmR|V#BNHec4
zi2PRqxl;6Vk~tT9x-fUfWiEur-zRWHHc2Eq$w&Qk;lH}ypNQZR5he1i$A6{Ze|6xu
z=fmqpyZM>_0YmM7!tiebx#E9fSjG2O3`73F@ISu)R}BAS1@ix+1HU~VUI*&txA_MQ
zr~V1UzX{~Z{RP9n<zdpF82+dC|AygzszCmKbl|t=!|R5-`N{qPLxF$7@NWXSkN(8a
z`EPj`^aqCj@%_JI_#Z2f{~sOr?fLMdq8O+C-y_78AVs`TV4M3sDv<1`_w&yu<Ne;!
z`}vVA9RUJzJAB@<JOA3U`{~3_e@u)xc8kfJzte<lWlo4kzK_+&mivbbNag*+h%SFI
zt^BtxAfozh)j;a|zGFu&zKB%=5!G+2hWTF;WjXW@nv)&=x@;k1x)|65=k^dNA^P(#
zl>W9fBW^p%|FN(x7fIc5K<Gfu-7_x{3mZb@FD~Zd?@)c8m(Ef8Yqgy}@*7HjxPVlS
zF#7$yEn+(OuUtT`Iv4N4s1R!_Qs19zD>4s$Eqn;#{<63ufc|}P@Bdq-AY!_pY4c@c
zaq=)?E&q2Y=Jxzm!5CsjLI8&x<&ZJ{U7#WQp0~-bOpuTJD-X^;T|m<CpWpurkN>%X
z|J8wC&u_l;L}2(wz5YEDbG!Zt!@mi5`~|~^zhb!mN43fS$M^q=;eV{)FAi)av)({~
zD|$3qP%EbfH3H~TK$?VylfG~}0B_{JE2qtdSuo<iHiP1eLGg7-LCPCTeLDqo@(;bc
zePH~pf*Z4TZn<-8{P=N}L3?Q;vMv-QGXrq5N@1Hr-s4Re+&(2u9`Um$QS&|;Sk68-
z3+?y~;I6fdG`V)Q9jvT~U&_Gh*vYE_up@qv<1lDrb()n`wT#zC*L&i0R}5=DduklS
zas~<V@mzzSZ0?WyoB^S0t<4bc(_=Yi(bjxd0n26E%02q^(++fpS-TJ8y!#boum+G+
z7Q8vH#YqVG5?UL-aM?cb#c7Y-x0AD-5q7p^uIv42TsLPF4AqWFMfk7`n%pShlN~As
zC;L|n8V_@uT;1R*&hQ6BA_6eud)qT<v#lQEUf{yoO{%RSc<XW@7J1X+c!%xbw+R4m
zftr_(4(aZ&KJ()apV`I66YPZIOyHXt0$x^BgZgcZ1FC_i)oGM~y#pzQr^35eT~BVz
z%x<{GO@m4%gjNB)lBr#*O|M}VyV-o!thEZjoK?}CU~<4i1<&#LC549&#@Gmo#eG4t
z#lhjzo<J`ss|S_b**Y=17d*>*NN2hEWcZ{!jjKNmkjma3a4?{0J{uuYYk#)xg!rk3
zqckU5oO)5ye%+L(08vw8lmUv0S<3CD*8Qt{F9ga%M{g_*eV%7Kkozi|2E4*&c}O?_
zh!VCSB>;1+y>R&^Zv>&3T-jp|athmWY+1B#*vU<{gW0U>yn}PjUK(o^I_;TMn0)c6
zRf&GB@pO=%1NPYoezM?ReFjZC-Ym%rck((m^_fBZzbNuyIzHWJeCG9y&C=eYr6U<9
z-e$+Kn-!nycLAkT`memRJZ6fawH5Ow&8>}y--%gKK6zB!lwT_F^=nz{tpfwQefBt?
zBYP)LH)x*UYaf<G(ZHZ~_#oW4WqPBvWqOgfHLk}1lIS`;zbf)z*uaNga{fpZz5!}Y
z5Y6}LO+1nvVBLmKke_}#S{tYZPl_xB4d_5JTsyKo<OoYguL@d=8jPNKP0hxhWs7)f
zoD5s|=$*}~y|D{^0T+dA)_>Vj=sRo5cRkJL1A*jKNkfuUj{RGk>Od6oK|oJsoc_`J
z&fE>rU=E)q<p^k(zOXgn7u!)!(7v@D4{Isv$`daTg*U6!omRNdpFbDYn!1{aarM%r
zQ;bXhr=JVsK>qAyn1-I)91k{(QNY{QSWJXx5+(W3Tdg7MA@V0v=7tgFceHk;=dqz{
zf|2hHRc`FQzB`%7*f%;#1}Ga_>WIDcafTs(osAx6t<=J@5|_bN!TDD34E~fVX}*<u
ze(|mCFKB8U8;2fo799c75-4Zu3hf*z?Np^t<C(rhi8K%0l1_iFKb2EZH~HoH$eN*J
z;yQV6N5SK>yJWX4Tl}tlb&|V0B3Jt{^C1g^qWZHA4E%NzAQS?hl03rkxuH4T%;U7m
zT<z_U(g=*-|HAN4ED+Ogcz{v%fwUNSSlYYlEo{L{nXrC#=KZXP#4~`5tzpLE?7c3>
zcwK6yAU|H*We?#OHu8kzY{Ns)Giwm0$Og6b4FWsyB=<4Rkx_zI&=|#be*%>q-m^7=
zQNJT<S^nM6?^d`uZTTKHc1|csd)-mU6XTyEe6~{k_5msL*W01*`tFMRISmY1lXy5W
z;q&wGVDs_g@_oC`Xd~t%AK~AhehGyEMIyLYKdWqo-h5zh>vG*}_&d4jK0`W1vAght
zC#QHO*+a^uSN&fex!yk&)F=$BA`4FO3igVO>kG|GdH#s5)rZIT7Nh@FiJ*FHyUTA+
z6mo{zCUTA_WTl7J_b0dZiBXb28{T+TF<Uavg?o_qhF_fU%I<3}<6+R^+b7pZI@S6+
zwNS?@&`Rj29EmXKxdRuNh9k}Iw1{ZkU`jGIes7{pc{#<TLAvXV2UQuR)Z}ift3b^R
z?{KsClfiPWv{j6!H<;=REp1*)2^c%`2yj)zqQ23^<kor9+E_l#{y45yQID;EO0Bso
zAe#8L3cWSSCu!S+jAG3zbTpqFDa}bIQN^AgvOiEnyYD<EwZeo8zf}LM;PuP?rk5r6
z9DGJ7Xl<+Ul9q7>)d&u<)(+_SZ^>0Dmy|UH_PG$CcrtwYN`&)iI`}aO6*fa>@o2(Z
zvK|nDk)+GZ0ipxZ(@SZ~WNFLgoF(Iw90S4$<8R(hOGHwC+_nhqbLQM3m0zY@GI~g{
zu$*06>1QBB?qSOhqwfputb>buIzZ{Ump3+X$_l;INGRxP$AUSuc-r$WLL#2cnD9-V
zU81tu7d45v)hiV=%46p2FZo~dznNbAf;W_x9D2E$X7{7use}3@ex=GUgNq;jzq+nG
z9IE{f&k$v+!H}IYh*Fp#B5Rh6ge+qnYsxaRZxN+rNtURT$zX_)WG~y4F=UIf4Gp*H
z%C4~$WBW~d?(H`B{?2)xbDs0Z`=0Zh@8|n|Ki_}e*GzO_aK=Q*^4fx1#z0t1X=h4l
z=iq##V$FO1+XbD&t$G>cMkwE58UC4XH;1ahf=G+leBmpGz)a^C?1IE7&N;W&JF@F1
z>i?8MQnuYU#aiM0=WpAHx^^uReJ@6j7n#8u)tJJ`I>a~;YiEx11xEy#ydC=}GuH<K
zjvG+N5Y9!~eDm$E_Djpk%1%U7&t|Sn0Ew&Zi|o%{%r;zu!IVE3n5k&iyHHB<KQWDN
z1b%-Fr5*TPL9A1!ET`xSazp_D;QDDe7#I}p;}N*)mTPZ+7pDT+K6?AR*gnv4E1qIu
z*_pJFe93w1nWJo`t^>~OJt}I=O-)xirS;0(r$cz>kB4b2M?uAq<s|c-kUgiLbGweH
zNT1al97@J&2^%ya@>RQ<d%;o;6$Q2;O3{y=C2Mq>2~6n9O5gIxF5`|@?UTuO=Y8jz
z<<0Tx>@ebFaQB1cELd?8Yf71M*o1<?h_?}u27`p5U98lT6-mVb@T_A;Fb|2UqJ&is
z^KCsV0dVbgZ<nJ)wr=-gj57)dy^HbfcTCCP(;-vF=jNbx<^@}et6o*SA=RGX&uUVA
zY5>2y=`roAPQ!KGN#6?VK%YxOULJ`ag7vmGsclF^AGF1n3$RBkHLL1?)>0-PprKU`
zvm={`(w1YBk_hGsoY@$sM~yV(T!8VLO?(+y%<$3P_o4Db!KXh|#&2)&Ow@6&%S^5+
z9vbKsn<{ZuGS(xSWp%CHu}H_pS5Rmk_XDn3+tvvq^tP^YiOGqu^$u9FO51n0(M+NX
zFL)GTA}g&ju31jXLR1ra`Ssn%!3%dTW}p939$D20jsloLJ>}7r=#wDvcL(MS&8cE6
z?vDE*J5-c%k!@T>iJNVNEliNR%3W8h1y|kR49ir#rzn(!+ZTT{JFa9h(<^c&p!?(?
z$*zpV-`x;dL9kH-2g7rrR_-3H(<WR_)rYSYCYEri+Br}qj)M-pdqa8BDVMHNTkq)Q
z^^m5V&L(?H$^Y%MB<ewIhl#%%-tGpjN(f<n0Vm-8s6SJZOZ-@KD;sZN2F0cWt)dZ<
z(6AG!CrCqMq{ccn=9gf8!Ybm0vZO6ts$4>v!_<?zs)9GM=$b;o?bm&T$C5l|Lr&&I
zs_w^Shra4-6$(*0_SP)k^>fPO-;2WFfOygJ%82fTp6=OxaQtcP8kJK+|Ec0_k|?Ju
z*RpBt7c#0lQuIM+eUA2KPg_RKLirzjW+A75H?~7ZvVz+Nz<WarhbsiawFNqfO_vN7
zX@<5MYDOB%$*G}f{G#z6r*|M@877)%E0Z2>j@{7x+}HM%*N_xUGhHHod8)*+K_0nZ
z&N((KyVzmY)Ryn__U(}x386=Fk@j*{#nRt0+h`~K5k^8s->kFp-pYuGTC@H<<d~>*
zJ)?QX0429>nAzn2WJce)GFr`MFi0l<(&+GB9<<?`>WCYhAFs2YOtyyFzFfDgK_4k)
zu5IR%0`}+^hjQUWEuj0D+Qd0GF}@qI(>n)_Xh;t}k*D?9tppfqkzZ!0?=6yC#k76u
zBQ3h!txTR5#eH<1q{hvMxK)x?_KStQp3AQfpDeADu+l=D+<tscQ*`UAnq2g9^=XdD
zJ@Z=ksiq<rkGey1Se}$s8Z8w3>70*MbyJc|VV-r=)+5#4<6~#iuc{&Z?`g@S*4z68
zbh{{$%43QB^|CSh`Ym*|A#oD?M$G*d5fX!jE1mIM7P_gJYYu<5*lCtxS5guSmpEL3
zb`9ctV>)%5N6R>F)rN)7#1O&BnAt>eyhOX%R1AV?{(XBbL>oTxxSgv!)BXc%&`T+O
zo%{BOPn^-_ylDyoumN1zM9a<b$vhCiu{5ukEZ?LMR>AA!27U0JTqB5VYGWA(O9vk^
zw-ImZKB@z_9S6#F8O=2c8s_IV(gOkYYa%9l!k|wCCp0|!cZ3zz8SK|<4QCVabSdPg
z+plxb@5lfTpTHBxe_V6Y;V33WPVMJB9!Qg70+V9taJk-Xj=F@&{D*`zH^R!dJHvR1
zOWg1sG+O@o0a$K`NZ=^ehp0esAXzIv15|j+I-~vb5OT_JZFvkVwRd$GbnMHrRJ(i&
zYOvNMaP#a6d)n-)z$%YWcJL~2t*j+m(pb-q<R1ft?{t5B$KIcv^SpF!vq+g**tNVW
zk(y_yf92RpT7gMY$i3&9XmV4*GS<ztDr|geXSw$&`1E>njsiB}{g6JJv|sr;%kSEM
z&~k4;0o`X_h8X}j@KgJLn9aKS`FZa)jp=^gqY5BmbD|7WRQ0LFnh>rRE>%8U$-bph
z;kNFxBBFibk~y<gPomRBJ@?;yVe>vvW@}*~%{nJ|<NZifKySwyw(}vxE9)|SvB=(l
zkH)aQ968l3Yg7yOb#!A1t?^P8Fs@wRlnc&P#V9+uekN&eh-dkUT=^sgxU8HDGi*s5
z7$%*#Z)uG`P<F`kF3;At2hL~hN+}m_^sYA_%rimvxh1eqOL=ZN0pT#A{x$Z)o`G3m
zm+K>EsRKfk8BBn6@niX01XdB3Rq0KTaMYjJuafcdLN4`>8<Fn7wSeRGPQK=;UA7_6
zov=hQ^8$p0P&6Bs8n&*UeZTU6`QVhs>P?zTxc(X^=1Z<!1=5_mPTiE+O{&qUoULa=
z74WJ@oNrTBY>cYqDQVO_@1G5FN^((RFHJa)N;vds&^6bTO}NaCnlVe#D)ZF4;3mW5
z1(Tq_(KyMC>D=U|tEcX?!55fKNo)Jv8vlqra|lo9NlN-~=HS<h$csarq==e2T7$97
z3dQ7R2hgS!$(JSh0+soSYpG}*^-}ev+V)cl!(xte3OHUxAILlO$`$%Kpg)WEpToLa
z$gSz;*l#F+44(4@01SPn^Pb{RANfy!f;L|h;=1n5%pZMahDkyd;Hc-?H^fZRWxQH*
zM4!%!B=k+iT9B0L)d89ELi(}6s$D0mR}B_LqL@uH8@)gjg@)L1sC(Aj!@LI~+qzZ3
z<jl45iOxUpNIbQssfa%fd*q&9>IJs^G2)(1ZWgF*VuLaE9nOe-t=9aiLgG8vVKnT0
zVdWRSor$h!^f<-3nGhW2&>5T-)AF@b^Y`M#eiBBA(~H-c-n{%U`?uHgLj`%Df{>Qs
zS3Ck8e-v=5Wv6M20%$X{eMl~3I+och0^@+$8;yrNA|@i2P;lCJA09h4OS=*Y{{+6T
zb6sI=OG~RDU}cZ(-J6$gQ*KxwRQ`Z<fL;e;_rJYN8LzT3zyECPx?R`g_YzJt{(|Z0
zc!d0r*=!DWuK2Sr?DfIJvHEGJQ}9kW&?y6N<8ux+k;teEZ?*U!q5B1VObCL^X9|0a
zIkDn=DR)jp8ojkl^$p7NoEIoOg-hMfZ|3wx^|MlcwJe5xqQ^gp@Ic#U7?4^S0LgJo
zlNM7-9<P7P%9@>&$Vn~$rCoqusUK6!YEr*zvL~S{Qx6S!7`eoTIp1)7rk0}d>3izP
zAzsTCrKm1spyuMZm;2%qgE8GpJG3|7aX}+%89-%?V>o*40GYtd|35i{{!@34m>*FT
z|H{!|L^Fm~{KNtPF~F98qW_ApV1zSfH~fNc&|m)_Ne+wzjLzAA6T~*{+a>rh2ma-w
z&B(&Iq5j1(Z~31ryW49<7RILfZx-MQ+g+AlEjA;Raq;;D)ph!9DPjaNiuo_#QRLrW
z{+F~ff*FP57kJZo7yN%@gpr4FQvTwZa{13GY6fSa2X+7e?DR8^u3D;YKc4;vj02!f

literal 0
HcmV?d00001

diff --git a/spreadsheet/macrofree/azure_storage_checklist.es.xlsx b/spreadsheet/macrofree/azure_storage_checklist.es.xlsx
new file mode 100644
index 0000000000000000000000000000000000000000..d2367de002331fd993e950e76aa4b22e09f4a4d0
GIT binary patch
literal 26859
zcmdSBXH-*b*Dh>FY#^uz2#AGVMLGe+4T$vKLAp|<Lm(j1q(-E76r}fFgG!ScrAm#I
z5C{-zfCK_30a4t0kM}v>_db8l7~AD$tvhpG_cgCs?ggkQbMn-cW5<r2Jr?V8K})h#
z?r{|Ut1kQ>Qv4qiTVq9g+ZPU;hA&=lxLRAuLFLYW=DKj^M}x9+Wn2(#`lY`BLCJMc
z4ky0~W@}&U(&8yG8#lKv)bBY0Z!uKFN~~~9Tl3s&z4&0@HdeHw{aw(zY4-x|G4GIK
zDw1?M+LMj%tp{KFabFPVoUAOG>*J6#cY;QXyOaniF*HtU-WMunq{|(>agG!Lyek?^
zE+ZJjdU`KdrQ@nf@=Uw!j>+i;q8bXtKekX7F1kr{9FP6Pv16ByZo$~r-juKhzi<PY
zMy@N(4NvCW;~B;ziS_7IJxI^LI@w(LX4JZQhD17jq>?{h&)n{Zakt>6i$YaYk?eIM
z&Th>Y?@p&As%8SnofBvu6<sjq3`?zo8i`9e*d|WWi;f-F;Sj|f=jvL!s7_in?LBq;
z^@6M{WBL`I9?xo<Q;)shojfh%Dtqr$;m|R8Ov1@D9!3R7k_rfB4&t6My8Q~4fEX+m
zu_!0eJ^y(A$vK7_%TIN2CL(v_ta9c2yyp7LcBPKRHQi-PWVh-KUQ-_xTcGWYpNULO
zyje3Ievx&+O3m{^Uh~e?tPrcsMX#o-?J|GOK1heZbv@pvR;Swvdd4t;s@v%{aPNz5
zEoeCYCu^T5NFi^}96Q!>^Vl(RJZr92oQ}^-txXTE+yvehwYqFa_^vdNeBZk{i+WOV
z*XxwiIh~5_sQVA6oM*$Mp9gc_rMeT<#B}b$;`5l}Cu<C2j@K@7U0^Lb!RkCjN1oa|
zfV=Gew&AY?iwHh;A+}3TBl?yAyIbQ^Q^Bt2Vd=-Aw>wW8DmAj{7t5WL5~Y6gtdDC6
zUE>%3{A}R+<L}u%UvvoabF<!FgBHAJr~E-meUmPby^rf8Gow!QU61RMljjnCoK3z+
zNfPeML8o;xEbO7}<NUYQ8hNDQU+&+!@@lw#;?36g*}E)Vi+-z@{0bijnS9LL`KVyt
z`6T`Or>fYU*V)TV{9&Zlv0TuXG@HwT_b&$d`Vw92l^4q>2lZ>8Q;NHt5I&!gQa!5s
zl#Anoy+@zHIiaw5)p!})hqzri-OS-^M-~|n^D&HQURl;REq1r=8wtm|;;F_KEoyaD
zmnm`ZiypmlyH`Bi{9O2!#|kP-4A0!Rtf6+TRI@Et!=cU@41LsCG#klg*}8H?kt~$|
zYlRN8dvHGo{Ub@+XA@3?bLuh<Tjxwo-&-=!wbf~!|3*KhcPzbI;_YAliSo;&n3rp$
zcR}(YH22QkTxMW0I^n<gcC5T(IcZ1mIV+lJ_%qXO0QG8fi{j^2Qc*_oAud~Qb)J)M
zn91h3DMTjNOANF+y}nYoR?QE$NqrU><&Nv+-`iRKu(D|@2Jyt^({h$<X*77Ckzg@c
zx;{%8#C-#aDUE@7;Rc}!yvqzyIJP<|akdcQt?yMG;+m;uCq@y7h}qMxnaG%qrJwm8
z?tP+;M?y8g(y-rmQ_$ob%`(s<>jmJfD_h_hSK+f)e{dL=HCH(cRz_5pbOfe_d)m{Q
z+qqm8>gig{7px*zxH%mt|AFGE-;C&K+qBDJMfcyDTZI%$E*z&1(sK!f#yx%XT;!(Y
z`OEpzz;sTuIRE3bo^i;tuX3-BER6GOhameZSHgpQt-Z74?`8y17N%*wSM0d%cRzUa
z;k~cnBC+-c+*NOW%w5jtoV`#)DijA0Rhu36zmVp#&5`8K@>b^F0KE&Tv6e|fX#Fui
za&~jF(^?C1-2S8zEus<HWU^!Q(sVm7-|M=-7&Vh^bznXh(n;P-OLscyoZxX1lb<6s
zOj>0iiCP$*{)?I>-!<KL<5J5NnzZ9BE%gaPA_-i8Ii2GsQPi5|2|ABM`_t(RkDDqh
z4?epg<4aaT<l1DvwIDx82E8IdKj{{~6w?1@?jv)i+z0nQI@avSWs_c{^g<wMlJvai
z%gCZ9SaG^S71|^huy^N#@RuJB9S@AeO09vfjX)pQNv~Y5aXf#kSpUwDe70s@6m?F5
zGyIHY{y4Gp`oN@l{(_yD{LtE`bIHM+POHl8K<|ivZIWnS>nl>**X7@K<jj=hV8qmU
z-P|!H(bajT9F}ol^^UxD3fApt#(uIH$SNh-6O!r3Nt*C$q9-<XQ_uT6XS}KnF^oU;
zHBlk+hvbb9);>I#)8U^UzGUE%<4!WXGm|6rIhO1AhlsdbVfOmT7cm#j(wZkHKQNrV
zSxpttW66EVFFr9;Jtw!)MF#!c_D;#EQPsI2X%hw&=}6u?Iq=eOreTWa_XUPZtdKyz
zsFia!<j*`A52)=9x$H~ryMA+}SJrc4?EI!<GIzge%>9mBVTzgOet$8Hs*=TVUHGxA
zNe6jqFgOp?h$*|DQ%*8rY01O?_3<KQYZ0QIBWvYby5XgX6ozO1<X;)z%KFVRS;RsT
zsj+(ZI(*L$N#2V6)FV}j4*1K+Mv+WB&wT7b+SN*<YzwcNY2-$xxuE4(o2x(*q?1z1
zX<|q=aAVH>Rm7!W@AZdV0({u}GcK2}x949YKY8i(8yU+>XQ8Jy+k-6UEFf2-I->ip
zNjQ?FVgldF&G5Jm>-V(f-8QX(u*jHy-pz8qoQWFo8+dEheO$S#%ZLv323o{2uT?#)
zt5G;)D|&Z)@4*+v+_~&1bl+-s*m<_I_j=Xr7u4I)Gw#V}=9Mf>k?m!bcDY^H08)%~
zmbx)Z^8)-kaU^VfQq(@0xaXUMvtYPnr*xyovs$@U)@uDv1=UHfRGb&YyR4(n%MG$q
z2-|$KseA(d$aL>)Fv<$Wu~Vv$xhAvi=rJ`Zsv9}1;c-oyE#D_!RiM6#GkTR1b@4>B
zn<lf<JRF#-oE4KW_Nv#W|D01{4@()Ve)*WSyG{N$$b?FY`TO%|KxR+&RTc>-tH4#^
zcLuo>Ir7<kjyYZ0t<Oc{N2t^xTY9nl@NyjIpDpawr-4wE{IO%(dMA!uKWJetw)U0|
z&rD4n9XR*@I_P6#IuRq116gwopYwNTEQQ721PLtv=)FYz^5Hw?6C)@TfScUm_*<qx
z>uXwaB_<u*VxITxzMN2;XaA^XZ_p)IsYXKls`|A_f#2!nS_5#VK{wsn&OPj+nU{dq
z-sBYAe!FXa5Yg4T!yw!sG(JOgcd)fr&RJ<s1mp^W0N_Ivu0375<sc_sH&DdlB~H(+
zf-M~&m37#NN7UFftYJ%Q&opn=)n#buQuXJxu`W4h><%A{&I`BOyd{APNO7hU)ejP@
z+nuN#S$MST;E8F?2fo50<}EtJJSxY=rUTYcuGf=R=a&rXiW{VpSZiJ7S7N<Ts|L`}
zJ=!EOTCY&~+C}C18lbxdr(}#3&H)1DkMYo{8(nIh>VhU%6*{{(_irJdG$242DS+(!
z)Cxs?n~P38C7P;Pa=pL=xhD$uglK?0r?Onum+TRV6q~|@DMLF;Kt?Y%N%i_JC+BY5
z)UMZ3MGP1zVGvS*adNI~7~QkB+1=<}8I;fu9h{ERsOy}m5~J7?#+G|*X#zYQTp%}W
za}e{z5RZW+72IGKN^#d~LkBP$iWuHtb)N~X4_rjsG!^g}x$xg}F>vc;HQ)Kdw_rgn
zUw$#O_F^lD*SU~(Bos()Q%+o2OUx^Nl7B)iVVTy-Xv0DX5-;4lYb~2&En71ZD-TQ&
z&QBJ;st+r#pR@X+*qsyFNo!@|DlpT}H$x&myxq5=hKs8~iVo4-cwLNnD!OG7R;b@4
z0!`{X(`2OUb-$HFG{J(Wp6*3y9JW``b9p6k&pRnwEOja%<*Qf;4?4hc=Lb38O#w8c
z)sF9%VTKZNb9G3-AUs_~*5sjco97nFamUG#B{_|e(R~%U%N|E5)0ISxOXWu@A?#KA
zQ(TB}r&reC>8_c4K+Htfl1rw?v{xs8!-5N<!=;cDd6l<*Tvf+)Wcc$t4+W~7a~XPP
zSz?{&?`(zNB>Pbg+%qG+u_l=`8NT6D?<Vs@xNPr~n0i7DuqdIQhoLONhB9}h>~ij^
zPWILnN1sgonK+l3OT-h<m?>${JFsWF*j(YX)NO5>uOP0Q%bUk`X`{U==`KXbG@hc?
z7TIyPTt@|bW~JTwk+yYh7Zu~>b=`1l8%(<>Sod*q0;c0G%Iz-d4G3u1CjaiR<$h{J
z>mw`%4qKF_7$?s=OZH0j<-n|LE@h`X?|Q1Dg9RY9canr$fN4Cpe|0ug`!AW4z19@$
z+E{$@oY=0c!`D#fm>o%1&*iN(pPf3vMVnwWN~3jhuM{`<+4*y_%NwtDh1w4Di8!$h
zk+rvasP4~e?~`3T>y!k2?hmm6CmmHC22n3SSCX-)mCRjSx>2352Wc{84D?3ra^Gy^
znCA^#VeQVH&~GqoG7jwGy<BFBxu1}{;Q&!0FJErj1SqV7C+|a$?trAH#84S*a%FAx
z)s)x`5xbQPT>3z<XfEV9V<D|pUS~VS^{KO-RVvTTDxxkSTT^mXmTbE#ha}l6RBb@r
z3Ms1;Vj;WL!b`i`oE7sP?$<$INHEMJG65i{Ck`Oy@kJ8zu%6S2)FchW2P{@iaLRzu
zuI7CaQd1Wc8mukcQ}VQgnK7c9a7-hxEInZpe&KTOsq@c~vqJ&=mD^(sBe5=N`bH^9
z{qLM0i6}m5-l%DFbZh-^LgP#pX2UTiSI=@O4oGgXMB*}U1coi~WlmvSL6k|WpbY-E
z*8Mzu7M{SO-k$sYrO>6dMS0*jn8)=qQlN)tq#T&3GZ&~de>%ay=kBaueU+hJxS-b>
z7A*>u576L8k9d{~j@OCKPpNlh6b@nx*H##WajQbTpWO4Oa`+uRK^znY>Nv$*hUe;*
zi%*Q{rYsP2d6~PCMR_mB`_(}wDly;76Va|l)zt1*`I%Z~U4!H<_VAigH@=9Ov;ngO
znPabfZ(dF1W$z4-J-=oydmaD{U0wU&)|t3!%>mlO07h280c$o1DeFr7HGpK7`7wxS
z-%|I`b4T~gu<*&JDpCr&32t2@y{HH*S4u~AYI$^wnRoKo*;OSaN!0{3+v&F{s_NO7
zhGG^kf;o_{)wZ3!NREs#!$zT0OFiH6v9?Rdk@94D$rLGzfiHXsy7lkslgYY~7wd$x
zF4C=b<bG3La#^D8b+=O@m)RZ32R2EIm5sI;4bRoheZy3Vh4tOYNp|ZA=&c@gjmo06
zwOQi8%)(qSvv20dYD@y`iNKuw4(Al5l08R+$gp>zwcDE-JH_LB13FO|g~^{hODW9j
z=@1G@^)vU~yHZ5mqg2#*AJ(gTRSVK~dZ;zczSY4Py1S3kaP%<ljU~?H3U+Cn>cC8`
z^_N@PW|n$bbX87e!_8D$+pUC4>#Xi|We%~yYAl~a;(I+L-jJrBD4Su`vzt#TT2D(B
zF-8Lfg$nvx`Gt2l%$V@fOuJOGYFw!C5c{PkAVi-fGB{@Psijvb*rt!%YDtHe{02uY
zi3^fDAT7Rs)#&Q-<V;rd)#jl0ngU3X)Z$A+3%QKB3iVY5b0ZV*wAze}vp8k>6=iH<
zATScBgB2r5qb`Ri*5;Y}ew%X7W{gc4Z|K`Aq}7zaEmjYjYPbQ9k*fyrnwvCV8nt#o
zE;GltSeU69+(cjU=v>e9`c^ug8!qzI;)keNN~zR%IOUW@6tAl*7`T#wSYOi%my9Qp
zR?&fFP4!rLp!<gMac{fk^52?w+NL;XcIZ`9_C5AwQ#awSCCQX!{5l{Bs_389WI5Mb
z+smK<7R;(%GNI{5A+?7LP;~Bf707HQQ09%Lr;=7nwhmA7U{j5P#nAy#vD&j^!Wz{)
zV*=Ht&`jeFnnG(!Q9C~MWQ0a9W;g*_VWd7ZZsVZ+m$ag?^f1qq>(@>J&+g9eYtzYb
z#fYI`<g9hqxlKyNHwL+d(&Zk^*DPYvlAqHi@in&<nA44qCik`4uZ0_IRY7J&%Cq9K
zc>8eO$zaR!2Q2at$Q6}&zH<8-wGpA@{&CPiZyQ>^urf#YMP|>(h<MR{NCTPqYlxm-
zKQuP^tJuR3yI0q}CQd7^NLlKH<_XTubCa!AY{-{|VYzA1cRI9Ru$QgOsJNG^Js%ku
zkitbpbrsyO1TMlO%4;FxLOtB8kovI!C55-C>2J%xK=-dowql5^B{%yb;oQ3SaWAZS
zqQYORJb-32F+b37$cdcXU5eS6Q3siAaJHw}*NYW=(71rr=T<dX#xMvkbn`d6h(HvR
zB(F+`V{N09uW@RNJu=ru3d_J#E%=7#)x<gI1^~iM20I%OU`uMS<+cpXV6$f3Kvo#C
zzTJZzN3ll3NekuM{|^s-Hs4hv3?a{tJU^N=gG^19&5Hwc<jrj%k-)mP)`)x$kr7vs
zh&xQ#cNV9HC>=$Fp@PZo$qVz+nxGK=S}T%~<?V{g(+IG^uBPXX1e|Qm*zesUPCr>v
zEw?u_Pr#XIaSr5%&`duMG%W%o2Z`Ha`1EsPL_$}+vJs15PANpvxXnhYYMuJ|fRgJD
z7Bjvi6qIO_G)w+|vGuuxTi<FT-N)Ueao~hBph1RY-#JuAiF_He|8$n<3#3-9J#O9N
zPPYLd9Dxb$PT7PST<SLHP7(3SZl2Z_p;#-x_2dtAd>RTi(K<hKb8sp@2AUC_<Zi+H
zR@h>L%9byhU#B*%mezfWRglQ;#m23Dt(C?IKijZR;c-WcV8D5jKtA+z|6>OhQpS>G
z3Vkzh-lKM(EzcacDvoO5`?T*Et4C@}#O(_*ukpHFQ6nvNo|C0A(}7#12UAJmmIfY+
zd~e={gX>o3+y-O6e#La}1~xVaHsaP8E&(>;hR5et`oY0#0l{lTZ6()$Vg(UyrB;w)
zD|bGPTsm{huEFuXVSQ_cnrbMd;zJ@1<X)SP@wxL*`tEZm-FPad(Y<@;+uHQQ+>~VN
zQ(aEY6meX%UZ3{7;A?bRnDxJsG(;U$Hx!=I%0C_VGCJXIf|;6Fhfl0al;oX`5v!g8
z%Fk#f3^f&xVw%cJ&`qTaizYl91@*;%l-Ip60lgH`uiifCNro`^WE8eJ;7cmwUN~F<
zuTwY}Tb6aZOyqs%oMEpUPuaPVwf2cjy`ko{FJx)@F{<ohB>J21*{bm+QImj0rM6j=
zM@*74wrQhbDM(s@W``d$mjzu`U6R)Bt?SG5Y1fkbPGc86>t<Wk{*JG9SK8=RMAP*7
z80*c}E>3hDrGvOsA}xaeK=uXjrq;l#avF2d4#ttu;o*%w`^u4G-pWCZ0TW|zWiQ4f
zSx(mu82e-W!G5x32F#_-8DbOX-XYq!0CiR%TwsI*)SphrD$+?Atp{@XX27_54naA>
zsc|*4Bu28(IA{vpEDegGL1l)4b{}#YgpoW=N<x>2%NfNa>BCiJZj2pM$v25N{{VH%
zP&h@`;h$(BDWKN-1^ZzaEV=5`S1Y5^m#b81r_}J#ple_+2Ob&Iakcyv_63uf_snew
z`^-lL%u=%oT>?pPea>)LkX}8>7n%A9c=oE#_^zCDR(E*=(?DQ?Zhn{kmEI{#IE7;G
zG=s3!Du^3_qDv;?xBkl>_<fD|W1s_eI?y4A9I@U}P~gnpub9B22hQ+UNfgNxaC^&U
z`EK)GwKL7w>t}kk8!h&krK9msK8w}Pj4;%$9U{4|B7SmOdY>Xj=);ShQwT?{O@P~r
zLL->JXM6uQ;Bb;;aKjz|r&U>$)n)CR8M9a?D|fdNX@~q8ucsFJ$#FSQ1*sxbLc|za
zvsd+On{~X&vOFLlO<R?Q6B97Dp~;6`8O{?-8&7F(NGxf@XxCTC_jJ#UWDiZ24(X*h
zMtqZ5(>BfQhDSy{Ps8dAN#nGZ-g{~Y11=}Xg_H>M3K|4SA78D5$lJ!hP9Eh2v{cNk
z@L)6O7DYs|!Kv69HsK71Tv|6fq0jzv+|IITY^?x5Zw>TCtsPGXq}`gA#`=b(H8gX;
zwT@Oexqd*8f6~!cu9u1U35&G55LKT5z*8RK2#W|%kg5ljnGvhWK29stma5qu8MN?o
ztz$0G<N`UmSa25sa^TPct9zpJxgVSxDDJ*1-04r)oEYqXf(*a=M!*ieRQNoDIcKb2
zzs$vGy???rO~<}3*i$5#(_nDXO@wu<p?R&lj32xU*}*t*bHI>d^PUS1Lmry4qv$6^
zv28){#NEO!r4LUm5IF^NPd{+tn6&9TWLLo<Qs2dBx#$7amw_QkU#B<+&gu0hA-hv1
z&z7j(DINQy+(@4p_5D1c#q3!myegAMn}4&*j3vKryvl+1YBv1a@Q@X|dmSWMzA#Z5
z)y6nhL`QX(P&DKuHd3RXZ40u011ZpoTt!<y%kIg3|Eyr<O~*>ij$+=40vD{sX;4ul
z>m^X4S!S@lxd(bJA*F$DkS)^Ed#AFbu|VM22jUD{&f$3;-gF7cG=<zn7l}Y!1rRc&
znHGst7FLpX0unjpK8+KN&W&L?No$(2q#7SLM}0BN1>;`rFSNM27O-kxWDl|*&bfI7
zZ2@>KQ7#lieQJCB^g!AoV<qXxcX2DRTEFYpSP%<4&q_>;Ig3K;KQhVGW>RRn?80@-
zE$5tXjXfzVHVYFjub{?%UjkY(w}sV?C$m~OExBL8RX(TcKiw9r|A^nE=-u^->2nn7
zNa!3cDs2XP7Q`#A59-J%TwIOySP(Wyq@jh;3)%vCE%M&`qhK;14jJ5{afX@CDtCYp
znabLbO=<0@b#70oXq&n`08#SQLCLaIE{?21Uz(F!zIIBw+X@&!b&YJxcbE92PS7If
zn6hp<S7mE&^RRh}lY$+HJ?lA3MNr%(s)faWfhlSUR_>C^oAfk-yS?O^taA&?yA=ip
zR%&Pg`(VQN0jqiId^ypLmU%bPF<`O)VcC=YA}oJ~mvRL9{2t2P-bIMH`-B>3BPG|#
zTcm#7YKsmrIkM?ltYlNY^EhQV=BBSi+$UWgeGW<5=b8)di>8)Qz1yF$Rv1IaB#=;!
z;G;p4T+2)AAxdoF-IG+(DIQQYqlg5oQ&j0|mA{}IQ&(1|QPUf&6&bHN2a<FRoL;zK
zTtyZ=q3q@NI`WLto6d&}7mmiCF5;y$)jAJ7fpvx1up_V*xn{>f$201k^6gNvEmK`B
z2?fo)8jFh+X2-4MBnb`cgpYQ_BBG386M&g3eE{|E?M3z4q<DRgqR>H7OD)(0oyTsV
zulDsjeO)TqoP0OFb^_>>3jGmzI=EK}r?MyIq>Y8oHqN0o1caQ0O&sMWQ<cvp@y|wZ
z_K#S@c;0{U)ZW(W<5>64?HERTd%0)wt0c<zRJUT}y8v-m1g1Z$yCyzDdmg(a<kTkC
z53W@q8K&tANslOMEM}^sZKqbfp~hs>mwSItncXPJ_p!WL^02y<SatsQmI|W;pgZhc
z6Q48gJ=<b(fx+0&d>A_MN2gi^cZV4kxDdx{AUx7GoM2PHKbcKQUF)et7ODDnqlqhP
ze$Z2X&=wYvBFeqa_aV9xtVjtFg}*UaTF?GQAvD3+{d%^vJ%2P^=slD(sBH@M$T{cy
zsZB&2|Mr4P_{p7jCC{J*?QU&is;j*XrTuf4qr65_)R_ysY_8FxmQJi>R8cH2F?Cnc
zDWpglsCkh<)YCw1HUpc3zI4JW&k70y^TOIovq^IGJb0<<3R$|CH=Vt9-h{SaC<GeW
zeU|DHf=i?Gs#0~joYGcTELu5$z#53~{fzHAV?>U11Hml3rdcm{a@{qO<?J~1>k%=?
zK6M2ACJboQ$}>KZ?IqtBX1*QlBqFAqib;u?n%UlK+%0x}h22APBO8KvOR!$(ml}IQ
zbR=F{x!^=6_nyIy9G_k++Ss!Q)m__2RR7RU&i`UBA0NJiFDCmxAG-qRZjJk(L&84h
z@vMu#G!Wj&h_V8#I3nH&pp6>uALIg%h*uV$3$ZBo)!xkUUHJvW%=f`1g~`hEqV<M|
zq+rvCC+|!0^>Jm_#Kt=3^|-LewU^a%mTr@tPc}E~XA`JE=s~0%1H7Z#3s+Ou`qj|U
zVN>hkxTGz6EqiTJhg`){+KR>cnoXIy!nfP+V}gLGm$1hzM85(e(7px2A99tWs9LA6
z_M3B>(ci-=YpqnrHu6T(V)9YxlChnGT@RtX{6p__b-a{)V&fbF5tBQ^ph7ig!Nma=
z;nE!|j?|9AsMY$cA*HTX3A%=1^fn};q_&<dK91p~`gOI~{=I1W2KBPSVMVdUO9{20
z`QlBwXcXvsdrKd%^+)hKL>k!Of&%J}ZG+K#@C0SjG_n`ymNbS!a{8>!bBXcaTQqQq
z0Y?jI_KSbU-i@)@+$yLi%8#RQZ&Qjc|GJ&M-ON75Yf+6cvCOZmu$IFQP?m*-j=fm|
zrN*3s2Lulhq2G=`=k6}KuWs9)P@J1Irh$6G%z(CC>KwGW8oAwRb8Xr2!?~=`&Wl%U
zH!UDpoIbsA>vXoE$Pu_#BpN*+U01Jt-1B=<KWnsF1yYm_zB@jMl24-uC0=dr_!hj~
zR=T5s0aGA5R+=+z3?xhiPv%@JJ*#1vZRD)xP@!EC@7X?sW2M7MR@pMu?wxa+mMQM%
z*MW8BJ5AkP31(lQmP~9(9-X%_F092h1IIdAd?#07z)&5~)oZyb0DElhE@!iOpJQVT
z-Px7oh9#>7|H@)&TGQv7j*WvfOVOx>vUNFz{DtB2{7^{wh?T<!YT;($OSKaRd3%aK
zi+bEsp5FtXw-Cq0MKuod3VJEnO!(Z2XJ{^kGH0i^_PWuYbM3rtxDF)IHKq~*7^vP{
zv@<A3UH_c*UB9A!q;Fffo}!#Iw@^SmEz>=o-%YExlfN}0nGJ29*FCS$N))5OA5-2>
zl_Qu`Pvy70QPJ1w>X4}~W4%(R@<_QN&;}*XsOPS_R#I?3S=4mfIJYYGmgaio4EBsk
zTAnr$QrpxHy=J)n@FGkdRfVKxFOU?irW|WAbKDN*O>?=o2}CM)lsGtPRP1Hn0`5ZU
zgd;>_;urVc+rnLxNCrqs+e!573M+I#VcPL1BkI~drD$h`7~oi-&D^eH$C!;SYiXf<
z$AF7jFTWXeAzY2xIXi9t5GZY}7*m5w<Um6h#X!pQL(9hVRqA49e8_|>RR(r>Wq|uK
z*f7CH_9W1#CWUsr?0v~cYdcBtMJp%E_O7HSlR5FpROt$8)=Kr28n=`DD+i_WrIp0s
zx(42kFO{c@aht&8H8~xvq^4+>2LaY1-^G=ptm+$X`KfQ`lc5q8)>c%<LN#c;V}Rm0
z0|~&9A$44>fN4aV!=#EWgN;}<=XeXmbvt;o*&N{=LA_B&s4K~vHHBk6G?^C7d@9Uy
z<?$0i)L#V?@@)jJGV(9DN$rme5hJO|F57~DC6IzAc6uXZJ3s@TGI>YQiK)_zUWJ&2
z!dYidp6Vg=(u>QA?cG#`P6ge%R|J=fLB(Utd#aA_T%d+B<ehGrwyUX2R@sc93az-z
z_o3y9Z+9PrUOlG|XoN<zM!0{sUNEdo`PLYAwb0r#pHIak1XE$b?q)^x$<rzF!`NV<
zJ~~~eMyB6>E#El5p0$+)<&LOQ8B1r8zx};1Y=2<)x@V=>P_vfki4VZ`lKys&!k4Xj
zg&P%TSb`+tJ1$5XyJ_0E(1oSV*Y4~-d4pnC>ReRg6IxWEvvD#BblK$BXaLc^F$+T6
zy@8y$wC#VKL<7;553k}mZ~oL0gY(83;=6sNXSpzBprJ=QI(4m)2whi~H8F}Rg<@mm
z4JZcxqC<tbnCI5n7j125w5~FaiCWOuLa~EV@|X`#!0XJugEfJh6#|n^Z}L`;o6FP}
z4)%njo>B|7_sl(iRH)O%J|<*VZLGk4J#n7Zavt8BUGL<Ch;>XC{_cOUL-6`T>)CFH
z;ji1tJJY8h!Tjm!=^r{R0PJ^imgY+qaFsi2Vrb}C7^J6ijlaLS2AwBrH!x}o`n;OT
z`mK4ef#X@$U#UVe&e5I)Y_sk>9ciA&qfW!otfH|osBU=8r-jFs{Ky=Tle*kyM!btA
zuIRCyzfz&zrPdZF2k>A+`{_V^>sZk%*`s=4t3D4shhWdvN~{*1+d}$HG&sPJYbVsx
zZ8mWXdk_`NGQjv|CFdzsR+r>acbI4MKnQkWe0!k`Q`Os>vfGMgu5CjXO2PJ2Be1b3
z(HpWjU5(hL>dWp(d@25csn0PU=oxc}o)0U`E1&OVw~g-N!)~}(Vp_)VbJL9ELbeoP
zZVL4QB9jp7eT2Em!5Ai24jt^*D(IEm+wg~wk67!MQ{AXUx9yfF7YinHI5BF5Kef&W
zOJ!Fw%(@TFXw|N&b0oczQ-{Qg`fSx=%EN4KsiGPmFE(av$JW@BN0u)kC7C(V`8%66
zw<qd&z@qc&C9AI{r{oHx(56E#dN{b^?y1^AyNzH}Q>wDw&D3tZ=g{ZJ)lVnLDZPWv
z+teUErz8rS=9H}z3_g0~Q3(bKSIxrS7NYVL;YB3vI1>AgRiX^4M??9Q<wRxuTa}!^
zpbnnWA)K#vvRppuq4t9QO1_J7>2CIoMWj(1sNBzpTMzZ>iC;%8#bPcUO2yzlT}dxw
zr-IEu6M}vQV<cjPF&gxL#gjd~9g<5$+a~Iy&~vwt9BMWwfzEuty>p@=|Lb`63}rhu
z^sLH#{bj}T^%Cwv&Svv*)}gH$74RHWe_m+mXblx2!ea*Mej^xNu;HvjSoxChy5l{O
z-trF-#H#>8feS*_(oRgMMY#m1$5^>-SyMM#+R39DP=+dHZ`4LywRB&W+3sYhWje^z
zv*Vb>79G3hH95%*LVId9YmyCfErmO@%4?J#0;(NSCe6s5ah;PEuX~lcqMG5vz}x+O
zE)Mv2_&e3?Acgyw3x=@mnG2Y<K~@3R`d4cqBdL3CD(CcBCVqS%D;L=bXUIe-6T4V|
zD;?a;tXqKnl|#S*t3>zcgrPMnNLLa@cVW<JS(!NU)ZM6bz=sPps-NAuKadg1S!7S?
zMC-Owp<02aM+`qA7I{HCEn^(Z-1&Y!weD#RK*q#tI=&^<yp^uu#d}@xtE_c;-xAdq
zy*!nOl%`H}S}X-~ly4No44TC`ynuu9slXiaJ!AY$Id^Jit64o2GazIlxjJk?THQMZ
z`XIQkz$3J8uz41v0qDn%exh!k0@06@IVjnz;p;zYjuRD9zgVt09{HiyVeBK?xu(Kg
zr##h8q_F1wh`xbNHCDj|RGuVQ;F{)yU-@9aG_QS4oj;R^(B=QSIh_f8r0_h`tL{Z%
zX_=GL`@BxYpgtpaHk)0{@+P@9zsc8z^cPIFZHl8VIpq(SRU(Z7-^nnfOs^R~ggxyq
z4R4!k=k1wjL^V;WuMCHd40s5iD=9HX?((zSI`M8llSlGa^y0K+>z|F}veO3Zf4_IT
zmtPAu5JRfkU*mAO#W)T&e_qaIae_r^T60gbSsv<;)FBZ(hDjwePEtm8v%BoDvo!)+
z7Ogip-NM}MZ-ch4>NwmeFK&1gIG<0fLdsV)_-gDF%F0?HaWvkllDwmSwPk?Kq0g(!
zd@y2BXheu-r9us#`x!T_UJ!C$;h_)JXcFRn6(RRk6k+<ft<Cj>)e<C8YyWu%`ZS2d
zsHj-O?6{J+m`(!(#mT`UxEaY`uoz7ujgd95P20dF<)+VTwF?VSB*mmqsTdZgnQ<$Z
zWsOq|&u3&z>Oow!c=ZR8l(&&Cx8<ckrrEpMuy5zb7IVBL)GtbZJ3S2f)Y2GZfZHn7
z*2P`f-PyEIR&@Za=?iaane-F&UpLTe5;n(whaN7kQIi7$Gj$v5I%nFOsRl#Fta$~8
zH7eFhzR%li1(k9xQZvOg6hOMDGavJ<3-;DVTd$846e#2rOx0X5EkN?W4u-jUxspjY
zT((p9FfxFwO+!40wpWulM`H}eiq?UZ4GosrAMo$)_*?6pAhrE>zcwTma#pGjt-fDc
zH@<4%I*BCJS);M)lF||a<YR^g9QYFETH0H6a3|-r%uK`h%UcSBp#!C?(4p?8Y)YNA
zgGsMXB#Rg3CU5CUIHB=wE~;_!27qZ*fCVfC=ene9cRs{>+d5ms_nYfWJzrg`-BU?6
z&h{2w7`fZslsqaICS3XgvYg*VhyTF<!5dxxP2|nG4)kfB7%&_&@xJw*uvI=*=+h+U
z<VxVCxJyyT4b!=G$2e%A`P!mcO~noKB%Ok!(EQG1eVtykND6omvo#zJR#>=qFp{()
zQaKzDf_gLfw-_Go4Umg-Fd#E4Q~sJ#b4)?XPCB%9%mksQ^m+iU$=yZ*G=P7~nVHzM
zTCp&|AlE!A-u9vzQC!$;Y+%GUC>>9dHE66(qgH?EzU>{QQT8%64h@PgkuG=gg_(nl
zpoN&4obo|__Hk6unmu-6aC@queT2vv+LaxdzvXA-l;`n<q`B+NQsKoO;a%mF5Vj?;
z1v&*p3TmU7noXUgOPFdbo|>i&(?`ApLWxwjj(noEMNk69!F?f)u3!n*F3#^)Os&VR
zn_2gL*Fv*=R-PA-k<(Il1B6shNR+eN)qHmUApD&_ti%zBZQ;k1^Q44YTh=?Nc_OR^
z)T6D<)GH{V2n-NFXFeI_d1)i`U>2RTP=r;jB|=spj4odN3VT8yAMOdX!B;F3wkxPr
z8+^>EL~MiDGV4?fR&-8xy;ojw;HX5Z<k%{t<_;1i*_9)?5w+#mRW^10O|eHlm0jns
z8@8C`ayhu}qIq#Zvvi5B!SPada_O}+;uJN>^b8nF8gNMTldb$X1t_N(dM}c*cT`mk
z&D>Ls<Zg!1LDb_uWp5TF@H*~kvKF#YR}a&ex7ufnn#bhHRzZ5;PPh(zw<!d1LjgyU
zH~adcv0jr`kvm<foLjhalukTRJb7>z05)URo8lx<yc;m?R|A_c9M<DYq?!M#x=Q!4
z*Ym|S84!Q)ww_H$otsqi^|_Xi_x<@*7Q5<Rv+F*kXiQauB}B15OT!ZtHeZssN#A>s
zMJ-Tahh72`JRP{1ho4fGmYy~=tTm&wVD)GvjNH???CCXj4#SlU^d<dMFY)wqoOn^O
zmMa%MGGNA&poRJ#r(N2H?i<#%9vE^GrL0}GeJAL8`PlwB5i9?KNbl4SQN*p6_+E(?
zerH=7y5x(LB;8i}My(Fw?#nzU-<4LG*8o#6o3vUoYV?GO8V1dYRvXf}m`!-jxqphG
zBZ<<8*4r9c4T6h#_7?A{Q#Mu3CleJaxK)fLqHG32&7ZV7ZCmq!Eh%(%m7;AFI`*t;
zo$8;9RywXl!n+4}Ecs{+v?`vkGq^?1k2B9zITyp}_Fr|<4f<&Bjv>l+@TIe@)d}jn
z1fIvza;(11&?k;<#3d%_SA=<?i7;CkVT(n!u&pgm`)vVK=Vy@fwrj1g;~x5X+-*Jf
zw7!}mp}yuc+Yl)_zNj?(i}gxXm%B&<Z%Q4Mv(5Y+OY2a69Vjg#*@lM<ENaDakhxN@
z)C~JgK{+_S``S-bm^Xql(H$vfHDZDTRgXsA4b$lDWyzaeZK#;k1J#btM>k?es&%I;
zQS9F_<qn{$Y`C6c53>f_y75^BAOxeC2XBPgsGU)P?Tx9XyjOAFwp&-zD-Zzh!oC&K
zp%Wk;kS-~hml$>)_fVZqyMIrkiyP4pkC;7mS4__tgW21)tib;W6ezdlc75;dm5gWe
z+w*&A{BD9{@ct#2{H1Ozi;>4vXuO7Vs&`@cWMG^4()EWWKSZkmwYZ@Cw#DEvM@Zsm
zN#n{gM$*7AYw)TQA{`?awCc~=pRXSDLbElZd@QMB55hj#1I*!gVw!PXtyv?HzBsei
zbMy0sK)_f5ZtH^J%8VAujmHw;vTn;&>%h9UTFgs3GJ>A~x(iw=1RfbF@E^Q;peI5*
z)_N7O3s*NtBng;rSfNt7QeMoNotV@e8X415V8LqSI9Il|@V@A0L`3M(j`Cv~!e-vW
z8!NEHvy(H@rWq+}Ny?MclI(4UOSC=oxao~&qcMKlAse#~`4wwwaj6W}6Eo72hJm1O
z92*j~-zgS1)+KBQN<H$uy7@a8Dp39#Y#_S3G9NC$m#lI~l3X>73=UpAiLw!)C29fe
z`L-Z*HBP#wXwMp^G9nhjLF)kGU$gNHcY)lz4SF@Rhn23({R_LNeU;BCRqgHo%(=!o
z-B#g5%&=ACI4C_0)yCdX#d&@cS~Ic53>&AZ7<yP&+#*ad0@AbEl+daHEJ83*mHLQ{
zDBeK>R}`ABbf$N%PkHWDEe)8lH;z%?`G-+0=RRGcb!W=AYd~F*;2Zh?1+{rc-1*ti
z5#8D0?K#ItPrL6+L-C2{()-zogei{A8C60c%k~;<(<AkDaF-hkLmiXxn^JVE-!Z2I
zsZ&wkifm5_HhS5!vf|SKy_;^V!D$6$i7QzT{n9rMst_GrTrXyGN^e15Iw!^E+&Um$
zYhz$OZZaj8XEoo=HdwFBI^bcUqtZH7RoW(0YCgFnQ&~A8WK=AC4L^~Bnl2&3oc5mj
zSi*$L_vE|1rkPMf+KM+~7KPQLVp_AJdPSGS9?;Q(W+1r9Vktn7AuM^dcyrocdNj^&
zyP1lCh|b-MTZjAV#=KSKAPHH6QL%YXbFy^ghml^M>M>onwcM_9-j#}Kc(<y&U_-oZ
zUKem)4zXcUGXBM&_&ZPF{^6PA`$Iqkiq6V?LHMaVUktMLFKcZn&2JZP(iQ+lv}5Bn
z3pg)|-Vgf{Y$GBTI4A$ZNXG<repP96y5cbb#)pwx=uhdK@9L-3?O5%iF63=KQu)gY
z=vX{=*>rB>KEQ0FufE$ccM7Xb^K>mgQ@vE9pxllR<skygYqb=VXv&b<pUy!qFIoT{
zvy&FsgTQ2|zD$?fKR3^CQ6w}fMsx6*)Jti-+keyY@q)#YeKug~$f`>hDTMFiS2;=4
z{als*(bWgYCL#phyVfj4tSBCN)^y?<^M(skaR4JsDVjEE*%MqMzCTCPQ#)cu(^N`r
zl{_Mk-Tf<2@fvMX3@CtXP={RH-`vXbvbaA&cYiE${&FVC0X^&6t8<0!?gL__TakWJ
zj6vh?n$QEjZzh=UfaOOH{V%?`C`3H{jo7b}N%YA}viE;6ohMPa<?2dy+;mQ9Vi(YU
zZoe86nSFhJ3~bST#CKE*{*5~AwG2GSt3I%_JVnAQbG+xMXaEZ@L}EqhL?r25aV=Nc
zGiT<(OdZ<3AD^DS{L`4?>2GO5eZSEKI5CjS%QDG;Ergep)c3#7C(Px;B0(F)GX8#x
z>G+e^WbfES@)TS(QyypmRmoisIq{}cHC!(G{Bknw6chau-xB=)|1k8!V<%kv_BC^o
zCu{%SFM19AJ~f^@+1^9A9PIA2*}bgKT%XRJJdCH&D<@y#fy;`~<axJKf9~w*nf}WR
zno<uAHzr%8ttcjS_JaC(i_0f``cLdjgC_Q2|0`nk^NNQdBF`i4gW{j_dJ~(j9NC-2
z3H+1P!>uvkw-i98P^A5`B=Kqav7g8v@nvaqeX=<I8x`J*>nr>Pek%7g6YGJ;lD~V*
zxmLG-T%m6i5@#3xQWW-bp9j3PFs@HRCw^P|zu03|*z%>j$xrcQ3gYScNmqcCqMzZb
zt7i_y)$Gf1VM%e4cz~8b7~qhwFK7B`88qF06PC5HZ%pk3-dN75pT_*GgtAz;n{!V6
z!W9G}VOqH|f3;ks4)`nxeJ=9qeyO}PlnQLd-#*l7FmpfaPe~izO}j>KqS<zE-lV5i
zZHqO!d-5>g+|3Z8$g1&p(tCM!ve_&vw7=<X;cliP`t6waQlx7T{sO;ZdE+;|ykX1(
z0>1*Pl4qCNM7XeJYEC`)nd)yY=Ge&=w|F1QFxDva<lTZw2H(y`I1&ECKP7GAV{wD<
z(ZjH3s7?{WUX1lFNi;&A{EZ9C-HbeftDgjqs~@cGn|2|W?l-W0FtfVY5n!GKV4ehE
zxFf(kW%2fZ14Ey@n@sQ}i1+X-1bkUo?#3e?{Rtik7x>>CQXX;0gZH&xQ4G=h^y7Zf
zkBc=#|E3>r_=!jwRV&QGt!gJ$sebaXs08E{c)Av5fSWIL(EW-kWwe;$B;gXx!{&7;
zrOq=^VrH7VzogVzwBt<%#a~Ji4KYV}+u?3p{mq*{oa7+xZ%qk#u;YE02mf5=N>~dg
z;P{nQa4-SIVIC8}G!ZUr=6D>x!p`DFfbxr7Jea%51Vn;(9KW*#V~jWdD_aO&RtT34
zf`bETu$rtrgo6c-ICLO5BwW}Ke{)!T#Gx_XAwg$&bLD60@lFp@WwrIj5mE_;CxMoD
z5-`Rbk#}?65P%YXpa7rBYppkOf736hj$cW*L_6Ta`>Uv{iOt|eby)g3@rojY?#tHr
zPuaE}5m6XkKL=^&*>}sAASA-iZwQ<C<j@gpA0`38a3F#p*=~Zx!(OL~i^bdimBV<$
zPekySc6)-^UljrQUji@A2cc5kWuj#u3T-n#7b~9e`nggBsZhput7XIG*l2%RfAI6>
zNUjgJoWupPZYYa{h`&C4IpZa>Nl@%H-az`MlGj72SMb05b^WdQ>kpSRe3`FilYf2)
z51%x|-+jY%T9#g=sVqzS0)4b}=a~<rM(>*5;2%VB-IdLLoJ4wwCFTlA8mZAIU*@Oh
z;%;R~$Qhk2wld;l@*_RZ=$}q%H0R4~_(THf`$7?u?s^@6mr3@x%9ktL>=tB?UYlMi
zeaP&q`I!5TAE^wpEU^lUGNZ3gJ9Bd*ldq<t;o)wsi?ij%UVK8|^f`zgzg*k!Nvv|X
z5d95ReP&uo`lb`-RX$$1Cm|ag-$ZH@*KDPDj{chV1!?*w<?||^BZK;gCsOTYR=DtY
zbz@ItykR!d?z`hp+QDJwqkOh_+34{(`e^-FvJBO9`Lje(20;NzXN!+DUg7eSz1;hr
zf!kNppPM>T{I%cpNBHGe8h=r#vQH)DQ7S|BsqEaRl5(F)n$Igm$j;bYp2wnxAk#^2
zHJkZ}pAC=p_a(iR|I>4Tnt6+E(!<rbLxe4XGF*>k9w{eQo$}fDIe9<t6weIVg}2Z{
zY%7XWWU}>m23@nm@Wkl8diawV^;eV*#AklX;kr1-r;zGXK4tgs_`SiKJs`UA370X)
zr<<7H0r_$_mOJL@n`nIC?1|6(44fvhS?AsBcT#=@II*hx72Z;F;5^%bCHY1qn{h$u
z5ld4|%~#St&@;>H${t{{qf(cpbl^UH1QTOH>`nHI(sq+U#L9#)1@;yNwZ*bB{AQ}D
zkfR_rq}qt!&F>BV$xqxY4957+{>0tvpZ@g4qH$+AN&40Oa9{EV<ZT!_ES~)B%Ta{>
z-ze`FwJHD|+93$?i)lCzFN$h5<%lcd9Kkn#YMeFryY96kq49syaSM&l1$*-#_DB{a
zslC>zL$0)%W=hWfju5x6?zQ4-wu23H+&bJq`z^j0i8mg<r88afy36!3fie6CenoNr
zqtiUUQ&2+|iBE&+AZa-~NTXLjrI=@A<j{QT_inHM8?%93SIPf~;XbR)frqThH?lDB
zX~-S{Wj9%Jwx{RK6~;p%1TOxah!(=f_ceL|rhIDpLT;>pF82|#n%gG!?T|A5j1NA}
zC9fMzFaLpN!+T#*mUM@TvY@*(DEbGQ6GR7SUL1r4kLHDd?vDpYGbZ=?0h%E1!;A@<
zcyaZJ5Uw+Fs2zw-`ShXal>Hh%ocjX|?E#qi%ZFf)moE+8{sRo~)IOL3sY5WiQUbc*
zKfvHWzE2J9FEF$dF90Y0h?CR-7~rWxFhJi%^x6LbjIcba2<Y2!bd7SNE*=K^MPfT~
zZSH-=3S7*Us`|e`WB;Gg{Nc$cvFcx_;rP$g{67Q+FJU};u79xC+%~lz@1qh1`nDbo
z!oO2P`=6=#(^E^}zp2LVKga3+Auz)75r*j3#7C)-wu^rOc+W5ac}0$w^3Rr-=-+>v
z;g2}{D?8j1z*9#Gt~~w|+Ei~Ro6u*|_h*^RzdH-GoBWsTmBmZ@cc~2_$HT+7K><AV
z`=!0<xhBBq^M8&w0srrYIz>RS-v+@C_FFT)4T59;a}j9r#mnH=z|cfM@%;JYAOfiU
zIpuHE1YMN=^y7V_Z}6qZtOrv^$XwC;#z_3vKaCXA(-TUgIM*BXgDLBJBg=V}0=7e}
z`%M&+%D{YGSM&hsr|asXvG$l_Kg$&}-<{JwmZwyn%)xkm#)r$l|7?ct?ZcY44?_H7
z<oV-2L6C<S`n_bPIB{4vjUFj;35=xJSAffm_R08kJ$g|=a75~71>ZLi3BhAX?76*P
z$DUr0najj~akSHqi^A(@eh##+xY=w|?8n1?#_bCA+gG33Fp&`sKRXR^OVPAPdz;`-
zd8k-DK6l3ahf4Ry@Lw$4TV^)@@tY;QZ*K*`lTrtTbn$7Yzv&Mi{Q94*+K9j)er$Vs
zs8O!JKgVzJWT7;{%|Y+D-gs}B^6ws?OopD&-z0cL1y24!!Uc~ON`aoBec_!l);uFR
zb>YU*IPmP7JP0+OWy-A(o)?Eb<NKQ{7rH-M;+dcn*l#L$687!=NdjS0M@aZ5L_DOQ
z-Q?+oj*sSv-hV`4AJXqAoJ_Gh^G6i+Asx<REgtwSAdYU~)JeRY&z?ED#Xp{(_TgEM
z$B%Vq!uI<(KF%jo9RBVhk!)sD_6P}ye<uNf2mMQ{rav5x#*q*wg2|&%z{mZl6fe{f
zr09Jp#g2~zdq<_Xzp0}n{1YP2i{Dbb;L%Mf@MjbVkd8z_@E=0?CB^)w-!**hEl(QS
zbH)A=BZ<$avis{?*MG6_kkS=@&N*ZD<6xvGWcAZCHh9(J@9fXc*Y|B)xzPFX;G99o
zxsMk{@tVQk*)J_zXH0+Kk6+hgy$|M2LQ;8CR?#yP?)=Qk_K(2<N?cqg500CJ(r}XJ
z1wOm+cYY>zq&Edg8s2yJ{!wK=@yvegqv`$`QKplew32w=i3i6Df^0iK?xRWksr%vU
zcCw{$zc$<R+Bn|&F%{t+0ciJYDAnz->iZD~ry;xxD!a}P7o`dJ_KyLSD{jV3+=gbq
zLwY-mxRm}m;T{3y@NH2@4c!X2dGqh|H*6vt$}S%&|FW%zLzp01;)sdvY+JdW*AB?w
z{cT8&+Jp!oDt{Yz-Xz#SqauV&{wWK|(dQuojKzN}2&8c!3;wCQ+bBNCL>{%@$$Nh?
zF*{69MdD}fUEZX+-95+jTQyX6@=}&>B@=s<_PZO;WJJqrhwi}N6;LwKp_?0#__GG{
zOok>pbP6&aHP9{Cn&|NJ+}Zt_-+q7juRej_0pbSU;vvBCFZ;`X>;5ug-{L{;T7av@
zz6e@(3;wQ<pI_g`&!V>vGwU|qz#q@?>~(8J;P>fpYhO;6ZKo6Y@PPk7P{u6baabY$
z)xz^XA^yX|e|r9(5eOpwIt;?UBK)sCU%c!>C79WGG)UL&@KXa`j0d&Byovg6&#COX
z1qmu}kpHQI(8S(}MDpJ~B2)m8c<ICIrMUme0u4TF|C{Ik8NnYq{1=4(wda6Io7)IS
zd`Nz!DnWtw?}Qw-(Gb_aJ(s@SEoe?i<?g_PRIUqmsKIOU525#dxUvH1J!r)LY9X^j
zknv|1`~UU)KO=xAk{{NRe?|CTdtNRzYB`-qdo&aOQ4at1oKP$BqzPgSKPbuk_VQo{
z`9G?e12FOy#QaDm{o#RNVO`*lO#A=*{68c3qul)q!vEUyjn@iPf(YNE6mU)A=WcvW
zJQzgw>n-t7j{k+j?td&uR1Dhs)l%>>kjGQ@OX&n96MX)hG$>ajy9NJI49Ne;^*<pJ
zYVp7wLdn>lSqbIlp9=^sk3^AR??`KQ*mrqEsQ(*;?oFBauGRiO7eqwlQI`L03;$Rk
z|F@=+`S)}u_&k!$iS~bQtjvEDtUn?COHKag0)opUN+8(#qwf)19_hUQ8-#$#QoInR
zj&=onHSBqV7v#avygwVX9A)|6w(ySy=6}m)o_{C-@AHTfy8ofokUzEh2SkDjc?pVU
z+&{eRi}@c52rhp&E(G4*pCyOj@`zUdHwbB0+-~Cso+Cmale~dHyx=?Z!Q1A2govXo
z|JxS+vB2TU<->#YeoYYkhZ6oAaPS!ZY)$x#`$MZoArdBo?)Y^4q(;6!OA}htAA8te
zKyZ0P33z*dPKgAUN3`k|#Yuc}S5YY8`5omoL7SO(Wqeb*W9CHI26)%wo}tdF;y7;n
zT}M7+em>(VGukKBaf1l3n<sIJ%toWj&=`Dc%EqfrAx#DU+b06JnK8}H3FP7pl94e}
z7ZH<fI&fyfg8dMUXh`=S2c5t+16!dzWOvRc1<a9RyS8L7-7uECx~2s{G|z672`4+p
zKw%AvpT>8caW>ny^MH^+3mup3g@D4{`L2bA%^2Ig?MC>>9*}1bTRT|pu~{=Zn;Hu3
zY-uf8q2O$?Zny?BfQ@XdZzqS|Lhl8y#!v0)^))o#A$e);yvix&C$<aD4D$wjc(}Zq
zt`zG<9vubUO-h(bNPz`-*`xb5MIoOzMfX(3x2>>psv!FHrKDZ%%UcTyOE8?(MxV>l
zsFbJV$llu}QP<^g*z`88)?vOk%M3kb?b*&D#d{gP2kF?@q%Wa%$K0y!BH;wWs+Z59
zZWsQzZ(xYVc17rabeldsI&*%<wGw8qw6X26ojzDh=SEYAmJEyembp__I}TWhYVrC(
z16cJ>-pDRqw0*Uz!A1w`SfLp1fW%<H7q_>>)*n*s4M{a^VTjNXqC#Tb5RBa{f9R%p
z0S|+~w_VD$1+dTHwNf#6Ywk?`T|^%H`yu{pezo&?82-7hAJ<|QD9+a5==7dKRL*y3
zvU9~G(+0ewJ7J6ey_g@VT?PQeqm6Vs%`DRaVT1)=P`_8Y&!7%1g37?89&T5&l9^Yz
z%eQ{}$8H?mF@zZHE_^y+{nMugHRkz|g}z}PT)zqq<hbj)gH9RR<>1_OaKO!J0@lnl
zKD302nKr0tp?0(0!bmK6=XM3`JfvKPW_7EFkuP1|(`D<sWbPUaxs?fy({PyH9PZmu
zX0<`)ItvKU*!oNr64gVS>BedB|6I?K8fghhHOAOgh(@7H%xoLCGFZ92uq?xki&}c#
zAZ&m-d4G3e+vtAx-c-Z*ZVWCIn-UlZtpfUNZg2b`LC`^J)e1L6g+br5`OBe&{q8lu
z50{GYKiAxfZQyJjnQXvE8S7eo!xrfU>MXVP?AcRJNyh)1Yeu^(HKWT=4E+Dpb)DgG
zt!s1y5q-i4!RWn3?=2>x45Ig5BHD=FTeRpc2r|Q9h!RBa1R*+!U?e0N5j}czuH-!T
z<i<T`@8{Y3*+16W<$J&Nz5CBv-@OYlPwDwy69%7Se)u*&tDaR<6xVS|$o1)1R6IM-
zl3Cd=@Sm1#oGlq`mho9kb8r)tS6Z2xU(U=g+Uh>X`_m(D*Sxu35C;IzCI<YQN1otM
zuh)c3Go5)+P}F&BFML@q4#E(~qjI02Gq|c{Jp$FHzcz0e$K%JE)p>T*UQM1>uid3?
zjh3uTq-&F`?&Ef$b5Z#^?ZKK3XF+-FwFuW4sZccFHM2#sM~YJTJjk|lbb?5`hI3_+
z;Dx8vViZ{4xdm+8>lTE+GcX@#Y1;RR@-3uck7SarRo8RdaaYu?Wb3!8ZW5pzd|M~>
zcDeBzw3&ThlNm7V`9d1Jn9pPvsXwGCpu$J`X%^ma-6g35=f&Ej$j&>H2d7Ik^gAko
zn?|XHLw@*)9qidDPc*5S(&*t!{C?mGC76ZlS634zW!G1{!?h<SUn`!m*y9hDd`|H6
zXgiW$l}Iptr3U?QR;@R6_%OK&*T{#vImSN0tJ#<vX@)PNlC1VR_d`goF8kY}hr{69
z!~}DJ`4-5Gg{gnxg916-$nEJ3_$!+*d9k))cEPT;cpW^6kXyr(NP}YquulRp&d3j(
zk;Vd)C{mzuKVqbW0m8+6Rq1|`w&4_$J?YLUR#T3Q`_wFkpZ!^({K-1v!1YPGDzps*
zy0R5~@4&tygSZtOd%DSXRFyd#|GX^>!j(HG8AhppO@%0@2{?*{Y!TByrM*<&lFI^3
zuANG(o!%sGeWDSqCb70H9v>0(eu$<Scyko8RWt3o@p7l9vV$loi4XK#FeS~MX%R4F
zu1O<UEqUial5GiEthg>5=v4)(aK4ein&z;;5SYBo)pmlWQYDr_CZEh5qwDvCW*wvB
z!8ChV0k6_~Qj_#vB-oGz5C;?*Kw=!8LFzoRd9@aUK6%kUbb^-fQQ4d6SGqAq_qsQ}
zBsnH07vX@>swrXf>t!=Gqzd_e<FNa(&=lv8I`gHdU`|~rW%JgPxIB2Gu@wBZS|fi~
zgeiz-F{k1b*7Yn&<5uH-3X=8=i#TLJ+7A+`*}E&dNjb?8B}9M+&LDbJWxb&T^J0@H
zBaEW>N>x;vV7}R|bj{7Vd?OGKGf%hW#&QxHLP{nJ!_Vy-c~n%2y5{<RNm&R8w}=++
zRe(M6oQw+Or5cM=hssxu*@-t-$@tUQxXJ`_`d#zlfh)CP?>z`Va;zl>tAZWL0~IrJ
z@>=W*3}3z@6pSs)r4_2LbygdCDiA3V##RzY$aXl80a+5$Pa8*kWs?}ujDL#54Uwa^
zid>A@e-SnK`HK%FO})2NCw%v_Ml-}3$ed{&^#HzBoPOLDHC6pN1{~L?;PzB{o-m}#
zeg3q|-KsxLs&&kXjFCj3|6Kc+GWs2HG<unav_-DU(oh9dV%BWm1}itmj4js>X7HZW
zJJ@#^oVQLT8J)>Gzt>=$^(X#eL1fWrL|~Uyc*Qy#yOV#G#y4QybJqNoBVhvb%b8l$
zz|rI_Uflr&rztUWImPU32j-JIr#VwBTlO!$ba}ZhoZ3(9(*LP5`pHYWOBXuB!4Cjj
zNX<_>X%A07XFHEyM$#rGNoAtIGw#Rxbk~4<dSoRuoGU3a1<dREE8O@R*6%F|Mnok#
z+S?xvvOy|rm%Yi?`Fy2!f`sTSs?b^^-Z(Oq*R5wn*;HgFr{Ym^G<Vw#3&e*y#z3s5
z)rCg1g26d2;-!Z*sTLGC*`n;SE3QY2kFyupl8;(vI1x6hOdE=M4L^;~5H5+knpmOg
zyTE^U#!0#NNSMVJVWlS(FMuv_hi33_AhUYK!99C+T4xYFDp12CCoAq={9)S?q$LbX
zC<*B@VV0OiaeEf?X>Co&SgY`KYww~4yzA^i^AfD%5&+ly<vIC4^XbOnxF1E0!1+?|
zCXV1K;j!2462}a|lt!IZR0P3-9pblv2Z@VM5kj@5t1~Bt<=s4s%!b(2WtwwDcJ*v5
z>h7vtC!H0ubV@mRZ+&>Dyky?hM4z3KEi_&~WMAA9V0=GDw^V8=s0!)T%osXI&`w1~
zS7VOsGTlS;jT&hTA*X@FbX>IfWAAmZvY8C`9jOHu>DUz`FRZ@OLUb27S;S+;ZYbK!
zdVNp0pMCFJRX}YUC<ve_WY3GJL5KnAM@iR|v^ME*ZOuqn&NpEq#YPd;r8Y+XM#49*
z*V-z`b(ht(S_-F&KM|mgE4voWogGoSnC=*`;yx@ki8ii4-xzKUsO~Wk0C_?4g!F9f
zUN5T=o7XXg6vdVjiyND6GVlQzN4qe&gIuYi4J~Glj#)<{srZ~xf^PjU;x;K!18QzI
zoyOs1wbX|CI%QP0ITPv3#PmEJukp!?(l7=C2vKS8nAY<E$ju`Jl67w2czs*gl}41l
zh!cIPu*nsZV!D)@Bz`jzg{UvOdG>0&=NU7Z=9IZs@20}X9n<l;kZS&*+a~(BPAzL9
zpZ1G=p@3*`RgM4f_mSb%2~e~Q>R^*dTJgESV>Fn^ns`T};oB^1H~{?Arv)y5GSZh;
z|Gnxng{HS8R`{9EOomtAdk~&a(R4MHpFGuIZ~KG0TSrPp(h|zjJMqarDL25;AD7Qr
z=F-$;Rchk0PUgZD=EwUs$d%AuM;hC+-<}KN9?#BXRuRpua&8T1w)Yh{_xE$uGf?Mn
z1(<N@m9YIt?>iE6GgPML?mE0m9+l=Fbf7;!Wfm*=D6M1VE{y9?DZSk-cSX^%CRoB?
z(v!X5!G~!)GK5lBoqssd$43NW@%lnWO^3Sm2##{>h7Jl=tP#Z$AL25ww$QaJee^^p
zNSEWV<#SRFX|~B+-lK8jU3Vq9*`_opykh1(WZ#!@^p;IhP5e5z?4#x4X2iO;O$~aN
zgwFfbT0x87VtFHjo}8iB*)w%n@acvGSMW}q4B;Zqx?JX_1})OAk#P-0mbiCx<OBMm
z?yOhW9>-pkuOD=pBR<AAcPBMa!qDxB953wf%{Z095QbS~E_R}YGxXYowt_rM1j7ww
z><MjuhDoK}!RS+Mg=A!i>DO*!*>cowVr<bip*5CqD?MK5;BCtf6@*a@zJ4pAy`XsH
zYAk&x!yC<|P{S+hZ{IYq$U|qIy&<kjH+gr}vx!ylcBTo_tvm8Wks3e%KEN6uT&2|+
zPsRe^NpTF#aEbH2dh^k2t0D*|Pnm@?xvhc_cYwkoudP$V_QP$!;|O4$)rUM~&*>Z2
zl_5YZ#d`n65nrL)n+wwR6X!JihnI2*8kAOJJ1?a0#zigx;l<g)-OkzL7T?b!JQWJN
zB0wZxNoHrER?>4tpnSRt@|dtOX0afvC&i{`_ea8XC&Pp5&~pTWw~|yi&zsic1IoFV
zzsD4<FY*FV?Zjz`aLYI35`oI|B88L3_NIY6-*#Bv@OHx{8`L~bRCWncR+~L)?R*G8
zdsqh*-Pz2l5M#7ks1Wpg_~R(SL^iy#eC?!IWV2{!XOAH{UrF&H&u&VgTAcTjN?F8g
zd*Kes#=6$`)6)6Q*mID~VF#Qa74vpV5ueSq>Jax&?Wfemb1%FIU|`1v07(DR{+~X~
z)~>Ejzgo*wSEmpBz}}8n_A5bkl3VrO#4oLCor&XJ%31x4Y*%T)<Mhn%)!N+PRIois
z<V%CM9_**zzo+QKy^i0`1i6n59H0iXSR6APE*6XIW9Wxa{H7VnVNT@+sEe5mu1~$A
z2$gEh;R%;lo;Xs(+<G1@e@vg@O8f8&E5Jb{Pgtot_Wd;aR;I3gCus$veG=K}kEfO@
z#^sp%;bVs#l=*6iahn)|WmfxBb1bMZ^~3=Ilf6fVuR}|~>gIcD%nH(7zvLNjRL@mf
zt39?8AWhI$)CO}jFSS+6vo;G`tOIwx7IPP^<RK$(p>yBZS?upDxIM+IzRA9aQrVd`
zq*{|p(tD9dqJD}8M96P>#?=;D*BhlYHiyymw`*2g@L`4IQvUb)L<HJ`8pul96z;iY
z1I^>C1PRJx?!jUhzf4-^Y2edT7;mPnqU9>=Av!kfR~&^IFi=Dp^YL<Ce0!i|LLc-y
zwg&ou#HQ_Y*d4~so{_k?cXuc^?pxfS8btfoHy*XBvhQNlA_uSxURzLPFu#PQHxq9c
zAHtf%n<UPjV@UrT&@yv(zS@g{Ot`3A>c0l`uj2jRVf|IeuT#|t!uf%BE6LmeN-oR!
z&&yyRZ`=ZUp1kUb7<#g@&fTnujDr=HZK}UHrc+C0cYF;8KVPSf8D9$1Mhmt`0n&M?
z6~ny5hs5gk?rzZrVQZwfIRY{Ktzn;pY%|uf@}JV4Db#w+rXN%-41Vsk=-jMtFTRn2
z;&|ektb<=L*NZcF9aqRGwpA51TBb~J(4ZB_A3G|{gb;pPRPzmTzAzMw_=M5#=<)J3
z9rQ{G?cNxa{qtQ>UuX>JFN)XlqIvn5gJA-3g?ZY+JS}wn9@=@B{Vd?ux`P_s{J@j+
zH&a~R%VF4#{zy|KUT`N%PH(KmHVk^S?@VTluWMY&;1)x%u{Pw}x4pdw#HtxFN{W2&
z7!$5-DEe7=0QkxSMbhtp`BbZ?mHA@sk@3*tekl>6Q%6H4+K_ija}|zSE17o@enrU?
zrkEm=*lAt{l)USts%~l!U=gI#FGs=RLqg@O)^ij4PSJ=e5sIE7G2vE#a=&h}i)X(5
zI#rQmSu)8DP4jQ!^MVs~oJfL&5x2OWr}75VfaDr?7Pwgo8=YYMr<VS!SF__{iDnCd
zDLT-HEpq}H?NUi<I59)%5CltBz&1YeUhAWk28{HV{p1-&a@}shpdkwn*{x5Gwp+P(
z=M)~CA9d}QdCnZ9VTnldlwH&g))f%;zembkeAHiC=+BIn{|lJ8jJ}-a@)s5W2*v9D
zU-W;oT`t2f$C~_xA70%4A3{zp6I?cx|C=DJ_1Z6jpL5{<Eaoq>T>kC;&GOmcA6b6=
zgkNU4+*JR~f~9PFsl~nwy}bDRhMHLYu@qefUKaD;z&qA|Kly*9{WAEnaQp^S*!}|l
li;P_6xjZR<^I+Ni;}q3|;$CFg000CRd&GrmY2E*M^&d)*thN9E

literal 0
HcmV?d00001

diff --git a/spreadsheet/macrofree/azure_storage_checklist.ja.xlsx b/spreadsheet/macrofree/azure_storage_checklist.ja.xlsx
new file mode 100644
index 0000000000000000000000000000000000000000..0f57271725fec7e6847dae38ff1e9a1857a17316
GIT binary patch
literal 28159
zcmcG01yqz>*R~2GB_Z7+2q;P_9nzfwg3{ec4vmyF2uPQdbazWj4bnMuNDSRD@XvsO
z&-1MReb)DV?^<wJ_qos6`|N99`#R^oXH-@K4j%i)jT?wJqC8PmgxjS=BcNA3&|eJb
zudaoTtd+%EYkIA>Z|UsKOr?6IP?{J}5oQ|X?J8pYNz>2-x&0Gsd+BVw%O9C}oos^P
zdCeUhz7nO-`8}X2j~3ddTQFm0YQOtpnBs(|t25a@dBG{45#%0NM2Mb7Mhe%QVm9*5
zn-P_*d#<8zWspwTz_vG%A5hF8N7X#1{EVZBnk;9M7#U;P@gYwDmIQkg?d^+zmt8n7
z6PG$I&U9}#+^NQs{UZd*PBjapo6xo2x^V;ZdI&leR(h})yhAliJQ=WC8~l&*8T;(+
z<)TlFHb*lkYw1{!SDEQ8p^Lo-S7_J_D{+kK0ND=#GL<;2A5BmSl!yxJZ{v~ZWe_jw
zW0BReVw1O{-;a?H;J<C1k*CYU1tukEYZxWP=qP?3HWQ<nn0zxjItE`xw9z2#xEzFt
zLCkmO-bVmp2EJM`X|9bMS|Bi<tJ+R_-zDkbI2t90;lxmVs%=LsC*HtcK=qZ!OLKPz
zvo!<oePjMN>9jWKuLe#uZVF;Y%DOQX`t<^x&bKOE{7u3z<8|4{bDpXXI12^rSZh9A
zqJNPkRAX{Mfh(p&6^$w=-#@qEZ;vpjSgG0`Z$UMCUU~-1<2LTn8R7jCw?;gS`Y?nW
zH`?ysxPb-5&EAyW#!$~p@2X{lAqQ6Jv6x`NZa^Qsxc_}ay!@dXye;yZ^3#ZCeDikS
zLnDm>7#|W+Mzqi%qk@g1Zo*Y-Mcu3cGoaEI-lDY|Bg6XCIt;;d3TqIIGY)5Y%JBqE
zGkkE9`}}BXem=l{e_Tv7h@$(pmR$1_^&%-a5gwushJy^7`_<mDMu>hXH&dQ8-L>}j
zb}&2L?afblN-%>#bf3)c=^z8#BkDJi51sLa=aA!O5EJhbpoe<Vk*UB12lH8o=7pKP
z%Ebu%`s@L=$9UcBhojN&4<Gk{y?4;O3q<{Ozhs<!kum5NPaAElj6U<t+M;0%#xRR!
z=zT|WxaIfkuD_Spox20lyr0WlhF&Af#ZbhBu6<6bnpD+fpi8%M9@IeQ2wqc&m4Kwj
zoJ*-@jAz+AmT-A=<CrJ6G_z0TsRNKW?q*LcAqZ?-qpGk)09m~2JRo(B?d;$UVA%rY
zR}^a@JTs{#vae9IC{u)NAZv_$c?H&=$a;K)jV*gGi1l0fn@3IoLv-W<!WM?Jwj(P_
z64pn^dU`1)RAe2s$|!y0^J+KJfI?w{@8hMnFpl5tVmx$_4kTehzQ099qkZc=I1E(Q
zwUuzjZbZ9JGu}i)!A-Q&+9uo7j=@8XHO64!uEY%Ia6H$#GQXS=;>PQ;v#_^auv^8t
zX#UCYV}uiAfc4^RD}DRWg16rFB#)H7_~=!G^ZsfG?{u2_<I;MkgVp1bsA)IINUzNE
zEh-VnlUfn}CxM(tqm^C!%AfRaO)f8of4}WZbC2dm8p3F(`>k4LAq5{3ts$>Nc3otW
zEl20fx7>*KPy7(<IT3MY=yXb3EA7}T!mEnA{8B?*tw;?l0hk>9J>Wd{N-UZC3x3k+
zc$(fzJhv@UF@p=Ag&CLz774H4B==VX`1QtU3K((S7e>L%6LU<X-{)r)MRbi>MfAwQ
znOL7<eI2+uSg{@I?`7tmDgE%XKS4pNa*AvhzW1|$Nj|1;p<K~c8jO`6W>zpicYjAM
z#NdeG=284U^&T}9a7vf({&AQD(=a&zLq|n7E~xH?H`Y^wd$(2Ar5N912(|HqzrH64
zA{Qe&dzYdLn5I@vw0JY^iJFG~VL`0h_RTG3TVClE46TG6D)fl;@dZI5l05q~uLHC;
zY?9QQZEbaN99(e>+$(Qx>P8SL8^pa44H`-#)4HiAFF#^PEa7#p_>O&x)zP~2$h}@{
zA@Vtg*v-J94=Z0DWk{tv4U*AjecaL=SQT6M!$=TYbA9)*Q2d0Stl%YS0wBb_dzSO-
zjCI!wZQc?yM_+B1FMAl+_|-Nj4~o<&$E35Ab0dhd<Lnj@O!B6X#P){g4D!}3d8Nm8
z8<7(O=xul8J00D_eNNFMpPONeoZ?G|b!9IVXCLz_J$G<AE{?3q)uS_s2~q0G?Zl%!
zjiesBw^YAFa8De4;o}@hC@#;fgY!=)o<`I-uj{p9;lIVpWXuQ?r<-{)AKwmb<a<ZO
zAjO!VMY)tM(iF{bGd(;ehx2LO+}o(T`l+pRbLmuw_p1nf`b`+oykp~ol(KUw022E~
z7L>*ClL{+iV!Bi>#Xdf#%w8-Br5VR-P081iqpkPzj@U*fmPQbt@~Hs^VtNsI?cLuV
zkaV2|p&Z&IG7jlQJ?qNh#9K1*7NnX~xEI5KI<uurR<EfsvgY_Is`OcQ8Tzb=2{Y?A
zQ7}P!;c_Qk=5}A27TRnQmEn7=Z`5Iu-rs4AqwC{|PSlvXyimr3A4E6yi<Ip92x^<l
z-s8_T0KG`XsnE_ccB@`kJ;*R%Hvx6nv$fQB6R6nEj!F6*tT=guqXoF{@iDNmoIG0s
zVB&Y?;bOs|`F@ZvK|}0?KkW23Suw81iRg+P!WFW)_vzR#OlpbQeq6o3BbP$2y8f|*
zLDPAr6K2N7g!gcmKJcb|Pmea)#)sa*$7?E8<EpO;#w>UqPF=kCDx0&C6|q0K0}Mua
zg2*(WXtl1?xxeI;h_EJSqPN;vT49;fbK-+>Y?i5{^SE_=aTMv}^wb=WRU}e>pO77U
zsBpJfv$J81R6A{zdSiZ7g2zj{b^ac+NEE4&r+A#^edZP7Azx^i5Cb+$H|WkvWHNRo
zPHmj$=Xg{<j=yroef=cQGf#o7u97}-hkoPktw;yuN49H=jydv~QE?!T0rMeb+k*bb
zrL^j0ATuZPyeSu5LXk(KMv>eZ{aHAVg?ee(a5$4Sa`3XHvj%OldtSF2@x)FLD%BsU
zMYArJLFoV7!e%5~MTlPBxbeN_)(!ltEev2`Wnyipr)OhLfBENXAFERX%nKKPK7I9U
z=yb3BwrUIOjQQacyc?e0`k45ydJ|QabFKM8Wh2@i%e|2w1FJ8$lf8TK`33_i`9rx4
zmm&*QTr#Gcf;U15Ec6l1ce>6GGHQBlUEB^r=wFQhrt6NK-Q0G;6BU4o-u<W^5bJ5&
zNi{j%=>&b;=~C~6jK!w8`C8A$Rx14~i-gt(_NRK*4v?h+H+E+wP@>skjbq)hyxZZD
z&Z!^h6J+Exr)#a+9iY+RJT`fLl3zc5u>&GH4LX@=?~+N{L?^3-tZA6DB&~+*LoRBK
zT)&+ims=bcxQ(f~W)*DG9gY}O?6(3e>H+n6lit=xJ+qt_t|}K+tVb6mHNB@AI}=@?
zY<5R$hX7WC!?@j$eZ{)E0)S65#Jb^P$Fio%Seo@U>bYvgi1U!kXzYq}!$p?a4kX{~
zGkaTd=z#)D4=?YCn9Gp!sZ&K&%EfnSpv&&t9WcGmMS=8=kEdQ-7uWRUP{;YIo7%<(
zFY6r_>+&3W7L9@pGM<2a1KtfcmEpQN4~w&At@6{Hnr63N*Ohv6*6C^2x|(UX6}Rc}
zlk<@Sj<}0cD+dsy=GcenWTql`Hwf#voQ&<<ltOyim)VT+pnkjA+l06O{XoU+fm!7M
zi|QuP#2YR<!fd1hi>5f1KIN~4NDUTEyv7ess7mpQh=3KCduH$hEKQmR6<QY)vTXIs
zM_RhtotYMt9L6n^B$m^{&I|oxN#iKCGEYDA9t4tTtr6{h2bSVZ3)XMm4t1wDwKW+R
zIn*EMUcZ|kCkM!Iv2kjXVI#2h9B&7Fe<>{tN;~Ky(Vro<^%?8k%1z}as+0rVwW#@I
zji|e_<hnc3FuCEzUc-I%`L49|R!{T872ly2pxJ5qW}F4cR>_Q~zSf-6H{`J5ZoMgC
z-NoAB#hK%qq=!jsV3}7@fI~M2r)lCMA&UwZluhBMs(_I}kF-0p*lFCppYKy_!MUs6
zu!vh55q`VxUF~DRA!4u_{9>;E80#q6!r0O#7D9iEL#kjmf&|TZXkXl?Msu~coKZs~
z#$c`~<nVOjvjFdD(Rmd(jBMX<<P$&_<A}?<w`9Y5`Ku&p3=-jMQa7IBDbGh|&3GZ^
zt$;0ueizqut)sI$NkC$>LauXXn<aOi-5Wq+9+_Kg)<;}Ec9C1h*{738pJ(9QpSy>>
zc=#^Vwu#5%csiN~TS`(9;VwEE{Fbb<p>UVMG^?lK%DLNF23bSm0DXA7TNYV$N!RH~
zz}D&B_H@QR=-^;yiD3#df4;T3v?{~TIo6Fc$U9OIb=ZL1aHh2sbr^SA0BG9WiJ_f#
zGqOT>H2TEgtkgn#WO2V${b=R1-R<OXqOCn@B*{wy7esG{?ixF7ZqAbg2`Sjm(@kyY
zft<M2%XlZ{RVT6Um4xh<BMmm8^LC#xj0I>pa|3Ew8t=Kj0zx)+x`K|HjhB47Hrsg#
zx!2^T;Si>|n3Vmh;YQ!So4x>Aa*sf)cQ+sG;JQU7f{&@1yz2~O-?|uRNk~zaNR0;9
z7{(Qn(A(6wrGDQk*t7>VB+db6HCThsori4)LG7+Sa5bmZBnP~JlO>N0jp_5<**oV=
zNu_HCyoIOqcD#F_4GTb@+eZ2FJpA?p4%Ond{bek>JA3i6Onk<gw{|5gWI#caLQYcV
z7_HlVkK$b_C#N<x5AY5X96VNr93aVayba%6>s)F@A#WLZR?ffXHB>j?QJgyVX-@_-
zH8ldwG46m{*)55Q#@OQ;-r%9saC=RVrkahLIMY7g7ickqR|mAy&jIg9vEWFUEu;<*
z1V7;Twj?yi_?mBRW1_;MV6_Ll&#Li}xnXRhp|;MXS$%+@j=P|sBB{aD+|9AZh|H@Z
z4}XBg=I|h&sOI%*P9(p41_MV#BRejngY2%zg|OxjTy?hEe7%~PQ>2smoyZDX(>1P1
z)7&F2!wr;zDk9cUY@kRFnusjC_^pT=!g9}9{Ia*ZQddo}dcXuZ_6$KNvkRCd?IE%=
zescCpALernj=E1!e1it?$Ky5eq|P+&5zn39DZ*DBim<(7gPU&=LVB`{05VXu1b6^v
zy%IDr%kCK0uF#)gtvh+1JE>3BXwOPErRSthkDX?-c50gj^3;Y<sOw-Alw=bfds<@#
z;<o9mHG}64Fh{LVFg8OdO3)z5ob_#=E+!9z+wA6AEu3EMy=SkceLuA+JsE><y2S4(
zP@_IFVw)P3Ph#<`6tSt#=olg@1PDFhAglhmGH=gP&EC|3-YkY^bjbQ*pf`zRI<<~n
z7*p7#?)3DVwXih&xx$kCp_m)VxGB})o`kum1*7vgh=yw~8Ter1?&xv)uD~IH?PS8*
zBbDeSA#(S7WmdG0;Mg}W32(Jf<KJp|2Jf513;+G(v_8sh!g)u}EsqltH_?^EdRV5Y
zv1xt~HF79_aLn@=`tT#2^yRT@?Lfm;yc+&cGS24uw;h&b6Ek81o#VLsxy@1vo3++i
z10h)h)Ux+7;Tcx<-VC|bk61M9_nW)b-yJDJpMOamsH(Bveizt$(DY(@G*x;jbW(d#
z;`p(zqqeL$S$_#@^H%n$`!`bF0}ge;$Ay_>nP^$O<rX=)f)B|ylBQ9062INfl&!*7
z%SR(w-IVn{n0=>xwk}<RZS+D*^F(u28VJUykF~Bq*UA_BpfD;Av3eHVP7P3GR%Smv
zZ%6M1cvPV*(eD;*EVo0C=jdvoHCvMcQMmASTy`d0>y3BJ-?TJaBUSgt-Fd9Q?aON{
zvMPqw9y0WmFGyCQ7xGpDy+&A1(su0>a%{YP|A4x|DM(~7Sq2i6coD^I)SfDlg~e(=
z7l`HPWa+Wt?9AVMUQ12?{hM2TZQVt6RdKy(c@nzASyY!yMVwMudHJijnwqXW+c(qT
zhAH#4CC(8k12+?}TfW5vQuZ{rGr&zNtLTe<4am)#{L7KEkIoI-pmxt2Lctll*vUBn
zyfPwl(74syw{ou2$)dS0px3r)^i4;TA*l&8i@_5l!Ehfwiaz!W^tn~uC;Nq`QC743
zu4nQWQzC5QJ1cD~r$kPfyr1`lnD6CT_>i!RELEY|FL{vhn&Ok)VhABSA*KmNH`d1*
zjJIsJ{wObP#UrzFYoIqlzz3TS&HX&tdJkN*n$`13GOL~0XS&9vbHNLEbe4`L8Tfhk
zaMDy-mzU*;F*t=qSnjmNsBc!lWMmqRgUS4G1TQLS;W+hhJ{;d$m`H#kG~z)txfz7b
zrkt~DVk4gA8C|Ya>D#=mrUFmv%`@%gjh1hQI);?;53(qk(1L>H3~i(_2n{Ci1D$Q6
z<wJ~lZ*jcc&#ZXx$m?5-PTiY`%~C?g1D}J>2k1LG10f{uy*HYMkh{q{M+0Ww?uz8e
z@A(XP)v0)Lfpe=z=YyLaa<xPKrGVdwxecJ2a%ZJJL)$1V--w(vWGCTHLI)WHG|_ET
zZ~yjF7>d-M7~?_Dbo3I1*fKWbw?_Q$@sAM_HNd@_Q{{zz?_TY@n3W}c=S#&uB@T2!
zYvXx9EA(AH7PbAb$&C5IUQ;#FJ3dVz>Cz&8r=rTjiZYV*h0$frb&AWtf?e|E)~#hQ
zPM0PSNh*jE?LnzMMP{G#UbdCf@JI@9Q<V3pZwches-)-WhvGF`#+gPpR-!FGsZ~zz
zILLh27kku4e4}(epk&OFIGC!k)E3Y4k<W$(z@Ga(V`+jM+u7Pt=kNv_Rkb@uJvulz
zLtY^l0GZuH7^%QVxv$QkCdJ3^>w--f5<)N8K~u(;_vSnFEF?EF!nLQELZWlXK>a+v
z-DCscawt=mBeKcya@7@_qamZ%E>v;0n8m$iFXcznBF73h8vkwKuznkB81mGJp?_~>
zfn!im;#uT|0<H)5n)6qtO%)@#jc`XLJSU~Y2&dr_M{BzLeMerNy-W?;B8`W|^6-n1
zC{D{Ga)#_>(+k*T6MH!ab|%MtRTbO7IBI?JuBUVdIfCMp5rS=yY=gl9N9ymd3?|sL
zq_wPa$39^tFjUsw-)9>u<AM+-a_{m2cy5lOR=+AUlp2#HX*X5g`H0;?Mq04~s(u79
zmu^jbvWOv{N>L-ZB%xbnGOSK5)2hGu2#&xXw}&Syb*nISOT8d<bfaLCRm!O%WLb;!
z01x^jsO0}`-+rSlgk^i!*utL*-5Q|eyx}u!UUYZ7M;qu(kvDz8U=A46z<3m@aF5^+
zuU^h=HtADCv_&%)dYsuB>n3_)Qa*udms`5YMMS>s@~+0pxLcEr8BcLchRI+OR~Ftu
z5#E7YfcjBrd`~;iXgg2zS8>elvDKwu0Be3((5(?;k9Y$!Al$T-UE}ZpeQX95TFd1y
zQNOgXua)R%fhRLF@Ge`XMAY45lEM3gFBhAEkfMi85W+d0Vss_cyZLrui|plC{*h95
zYncbuN>x=H`%NbL78csycx1jxH5ni<{pMgZi~35j%zAH|*|GieSRpSuJ%$@=P*<ml
z<Hv0dlk7y^)PoNPckzI%AkS4qxDxMyT~;4HN8vchq(MgbQAT)b^@nfErq9!qBvyo!
zw4*RIVLvZ)(-EaZp4aDks+oa_sY`1?z;f+nXRX_B+NZpwWGCPgM<2qEKD@#XfRrp3
zg^~D4BHC=;L9OX~qbuLZeY>Z-%ehL#>{@3>xkvM~UaHgzd=lxZAKQB32kecvdbEfM
zZRhnzUX6{7b~~oO)oF7bD@T6DK^BN^#_mpH=foSY9HTrHoMY$Z;3FjmTFPXFASjdt
ziQC4^tA4Y=265EYjkcS=GkS0N(E@qo_%XMjn_N40qo8kGerG!TcG13$PeaYY5NM2-
zJwK;LGXaC_UPT)xXjpgpu)SUG&BwbFYXt)VwdR@0c<*}c`g|rR1FHo~E+D(|86zum
zoSuQChd$j(EB&r+<DE}m^G2Imf2uv<OCm+5*I0Dr;`)}#S?u&8qq#K`1<#T=uq8rs
zb}XUSV|%Le;KBQvE$I?$4Y8-_L?G(Z(Nj(#`b<`0Y@qm5iOajj=*L{G(T`gg7464$
zPj|Ya3J%Tm^F~y89s_*X@{ui7g`m)@NxYq{0-IZ}HCdNO;t7}Gh)n3KmLY-c0I_(d
zR@o$TmHw9`vRBnpSZL<qiwHSpSr4}mP2ybI*>o%5K^w+@<X%LwU@s!GJVsXYA%mq)
zJO@YPVM>nFPB^FlT)u3$z3@<8-Zo|MD<?JjMygA-G3rwJBECoh)xLBy-&d8ju8K}#
zW}=eio`*6zzzrLWT@U^4!MnnqqCtt(=4@}PLAT0BP;jMbmO*u<Ai6nHn`U$eq3NmI
zn`G~k27(3~zgy&C!GrdSfwy0v&-6_<DElVX<=j1Kd8uGjR3sSy@!)tGV%}e$cQL=V
zXr_^zUcO<$Is(Ak&l_ddcE=^6ExoTY#{B&C_|vhPyo#cDA@DQq`Qb8P0$Zu+>7@Cs
zEr%KniFJY^QIxQIVh=+tdkqybTY31>Bad0slMUk8m*jen3=`5yc+02V9A#{%ddKcc
zq}8hX?`?70-cVF;Qo3tgr(&jSpDAK_(5?%C_^it`Y;SB+KlKy~+Q=P=wX#okK))D4
zc`<KoY7w!q)ECJ+e#p{sm#nViy#D0qVAi!g<*DNX!F}%VRo31um643QFTcBW%zx{3
zMAd(DlFcAiP1^SE8;^pyWt@9JspQ7(fjyDwd9z(@UN;Z%CkKzji$;|LT6t6$BVAKe
zz)V~=lEdcH^`>8{r<_BVu?q<Uf)<rO<gUkfJOP`p(Toobw+;uyk=Bd7>ji;<R_nU~
zg#>X3W%TrS+x(x1!lYK1yH-cxV=FtK925iT>E>RN-TCDnvpUXG*P6V|4Iq!YYxUG*
zMei9Iuj@roNZu+cRRpe&_(%+LeDL&QhB+-A+MGXkHp@N((Kza2>in2O78Wzpl-#jc
z^a}#qC?mSTBaUUq!^S!Ccp|3UU<8Q}vX6j^##Q~M*1{Oq*0+UkYi`-_RkVFKY*n77
zJ>q+H|BK&b2XcWQ7e|bMMT#lgfz`6hw56h6MC-y?oAvS(U#TrPpFbckU?|282_YnJ
zn~-uDTaTOg$=YmfW$vA{cYwGW5gfTYYu0SaNpKyVF<HHR=FbWM8$e@#Zg~x3h0=m!
za@oX5W0N0CvWq48J~G<y@{7xTdIKkL)tZeuvzKwYjdl;2s@*xkOQQX~&n+czw*~Xb
z24S3`Y&L!oSHsRib=}HjgxhXh;;f}8uJ~i_75k;J3?*>lq!AjcPv(cGHr#v-re!iu
zoby(t1_cIWT|HtSgy1SLqs=P6Y+<*R3iVV4lr+>;<g+xC3kfMC=&32ToLD)y951fn
z<sfZ=;~H9SgeVFRrX$`Y%?YIOXi5afkGNvIA>ynq<l=psYq-3bYX+ipT(%_HaMnQG
zQr3ePgY6G&Ux*Y5ETv`jbn}A_jSATIdK0qUlJ%p>NFG(&&Dd_ItEtnqISw>Y?A~^Q
zXw{{!S66ZNo`k!d&p1%2_Qszv%NWSJ9oxHzt_Qu(n;)wi9s(7rB%ROm7-!g@=VIrC
zhLkn+Nx67y9a^M)Zb{6|jn1o$Z^*l=z4FL7JWxg#TS7)DPH@QJ#PPzx&FQ#zeB5k<
z6-?MoHILK$5SL2MfYwXmiDU|*PZtZrhFzpn(dhHp;-{Kx>s(#=pfBYWZ+N-zUa3Qm
zx8BfU9<YE^32~^P0YyUt8bOP)_L+8O@QutbQ2OfBM-!f?+vbQaZ`c)L%wf@g9I=It
zRS)@Et6`J&N`Y>2`_M39HsH`9OGsvZQ^vSq{DA+i9J<!P%X&otWi0jv&JaIko~hPP
zk(iEs_9{urS&(BMw{P`(=QXMORx+-%ox0Cs)fI;?a*T60H@2E^?O3fz+xwi=8v2l4
zJUZU)4>~6IQh#;gdo%)pj7B2Xsh3p2wUy9{tjUq7CFj|_Kz&aE5eI)mL1-uVDxXS#
zx^k#?0WzCWFhMiZ@)4xe$jG-lt-ZU6usx!>!6D?0eTO!UP2uwbcUV*7Eh<qZpybW)
za#1ns=TajRT$GV`W+~;S&bqD38+2@k&EQrg)#PQ(n^=?&!^9uVpO0j|^RxE2MP+SP
zYj?qEZU1zHXlVT?h+4i^SgzJ+wh!=*ME9W!H^2BdoO-uffQ2^SWZg)Uk>f;pmF1(;
z`Hyo(0e6-xvNDop`#9fLJ1lLYTOjjF&|9pTG2312uZKXEjX1INm{hhurEwFdPk);|
ze0XC|-^{4%%)0u>a;URIy?U(7ess5fFb&l4rTR>B^681Av+Z}_i6c_8&Cy$Qq0j<4
z>5i^}+g|9sgJUglC?a{|ajPG&P%?Qwyn2LuClqTnBPiF^O*OPp-KKG8wo{{0Q0v@?
zNwii*F0`%D{~563aX%Lm`u_Ch;l$=S{jyIpdaT>&=Cccc^2oQd3Fq0k3+sx8bC81z
zzydUB9y{|*cYT;XY0YG94YatQQO?Kc*6zWAhFi*4Y^9GpUMgg=K0c)k&UefKy|QSX
zpecOKE4=JJZJv$Sj;{O-;j)_S&omXjwXyT@#Z|GWJDo9D+smVpv70u`kx3tAg`UWy
z0;U{N%O*Sxsh{lPorc7ejWqNy7%<En^}Y_KOlYXkaA7!VXHBu^I_iw$O$ah&S^btl
zpN+|3Y>PMcaw7ZSV_xQ|zsU5aFol_SoDX|lg@DeQ8AEv7?CkSg7q=Saz)E?3=Q7NJ
zq(NO-iYU2sj#I-JJwS^2Ktl7vYUl?|CAkfI45q4jSCf_p>lM0ztVDEeIZ3hj$q^a(
z`XPB#dy8V4MNECpg%0?pK_w}l>zd2Or~`#P1f7zI?XB63k%|dFxAhj!znn_XFlWH=
zY0abBSuOIOXkeQsN91D3GC$A^Nn8`T{p2NYrP=t<w$O;t_^Puf!Kq#NviTt~n>)9h
ztknABU|s{yPmM>r*k#de)J%kK^`CGD%$Sv&YpSXgbbvK>rDK7FcfxraRHxj^H_&oO
z^OB5Lp6+b68!!;Q(0)!u34N4uRA_yelh>%_U|U!M1O)4N*Cc@1mjlY-ec0Z$7)xGm
zRc&yhsm78(q-@5X3N7B+D9Hv%ZPj!wyPJdEj2yGG&F3e@RiTNcRr5G_-(|v%Q|B;O
zU$lqQhKqS_$JpE@e&tSbSmaqT4?%!qx4dB>&%Q=LFHMM7D{s-4p5=J~f7n=(7Gz$u
zOD5wgu1%-8W2~FH`nb6>=nm$$0Q7=NE3o(D!uvqQ>|3loG!tYYrlbXy+nQ5ik3v&1
z3m%iFl(8s+Eg2M+HlH8%YTNVn9U=(WE!vIiPDrtngb*hkt>zzRbZdIO^-obn!(FtJ
zR{EGTA!tpLS)h<juhz}`U19?Iz~ofba0*&l+t^W$0vo4iCed#$7Qsb=tqM)?!XlVo
zmP<q|6_0aZMdGy*nOM)V50|@OT9vAm>QS}8hVftSVx*k-5nwB6*>V%8V&W!AX1|9h
ziFXHlZkrOlE3n`G1x!nky>ix`a$;!L`Q7X$Xu6>fzq!S|KoiHh0;wu*+l6U_DBPc!
zL_RyY^~^EJ(5AIM4`{<A{tA~+B_+Ysy4@wFvDkN+*rJ$NA^Hh%wrqB6Jkjw~Gf%NV
zxtntJ^uj@S&9)_u5!-vYwUR`mO=<=4P`DQrq{bX=jt60oV_)-n;zewsEaE5Pi}ATM
zL%PEfcL`my-RjmfKA%l*vMvLrZ8uTO@D45VT`TJHSPy%mCJI#cdClogUp<*#FQBXF
zf06pO@HGw$kvwt5wBqqO;>d~#$Kf`W!N`Gn*(#T$Vi!6IOyxY}t14#GQpoFM=PS#G
zRWTc*^^y6(=_0qxv?ob~%#6C7{?NIF-4wdz8+ukmL*2giua=m%8t79N1bt>lEloGg
z-nn>SqiD>ZRG)s;ebmxD2NLl?ninGKUn+a~L?Z@RfN#&II^E|?Z;#*0t#2t3U?8Jh
zWpz*D;82E`_jRl;N47~m^=d_+S1M!M%E{94mf;j@QVLt7XKPV>I9~hsB!OMA@)0uh
zr1Ho)-T#e>nM)v*L5SV(vCzN(sd^9C9AM^vS`^;e^y;b#5_08cX_w)>3zo+1!P0h1
zTRom!_Q8tYhJaW(9y9V}vGqfdGcDm}67Ff4-VX*R8xA4BiFf6M4XS972b++{Sn)yI
zC;V&~NL#I+njN)YnV09y*~?{*>(8!;EPaa-MA2)Ltv67wg?yQrV%&HsE$7?O$S(;*
zL1vtNvYTIT7|Sl&v7bM!b)>xMAr$o?H@+%G!bJ;Oy(L->`@k|F#M^{K-F3rJ>y5s^
zx?17)dzVLTxy?C395pK$SsSDLpasYTWyFd1vFC(iOn=|b!~IXvUexw-6KRHF^X)~i
zr>tfU`03qZK7t&;_9Fl?;Dg|WsFCh`PUr1NzULDTwQy!<kt}%;t;WKy6pcg5q}o`B
zY(FxW!D)zixKc)crc*@jL?uO;XIM*2$;3=t?SKBncn?F9S8dAe-0{3;v7R7z^JI}@
ze?Mahu&*V*v1GivcI<jFFmX_495teGsIi&bwRU>)k~P{wd#l$h2GzvP`mp@?u)Ka#
zv4Vbo-vz6>B8t^V)J4N$Gj9V0FsxtUMk{29hjO1>rHc9X2Zd0I9MG|uL-};z1t`F~
zY<G>p#!kIv`;GrMI@}jmRT}(F`1XfMEbJGtCi4;P7uG(Tk+&du=lj#F&=1Z;;`}9>
z%aL(FZ4XCOM(IhK<9wp)y|QDG<O(1$`A(*(pIP>jaa<kzUpr;85``G3ae;7%qnL1V
zfJBpmkS^v4w2C)KVCnv})W8|a0!o+I*}%u}b`=Bd<_m1KaR{53BvUx;CfcWCMLue4
zcbs?&*nC&tRo7%3W-u$nFKu`ZtQW>lOpQ#nLO;p0h{8SS-2MJ3M9;4O>G9DLq#e8?
zdwwM8`?8QFdwVdMw*sQc^wn`;(8scOf6zIzHV9INa?*Pz@c6m-#v^g}AQ|0fTMm|w
z3VXl@yLz1BMi-TpAm=Q%vFY<YrHC6Q?->A5N%{NL>2|Ji#7&xh^w90#ZHJXcRGTqt
z?;CZUr)!heI$a?wedR6~Ku`jkSK~d6t3nXKPrawHfh6wSQ?@-W5IrV=Pb|=|Tf3=;
z@W_O$V+pr3vje;A1=}D=Fku^4Bn1oj5%Xw>L}*5Ju1{6;^xN}p(rDp0^OKFuF@mNl
z^4kZCvy{cWVV`LWaw^(0Z>K$0?uzyP20paIr%5<@?=LbOT^}KLh~iGGyr_KOGJa5&
z^_<iVXEN*Ac}6W)|G~+t7J8~wnPcvN(zhZ{&lTNRGr)Tj^SI%5A{AX{W}`AZ2yz!K
zJWpsGqf3cvJFMmBIOLg0jVGDaK=4jG)dVN0HBeRbqN1LNTzrj+HYHfB40^p&!!G;y
z731c1r$CTFQ{%t`weH=|w#z!78^3+Wj)1^+Tf(|e#nTl1r;3o3La*$XAfJialaLJs
zOD7}H!BN`#welfvL^zr!CmD!pDOls?Hl*y4X7t2e6XxYgsusp3S|fZU4$@%GIpVEK
zP~Q#YfOB%_t60((1UL|D8QDDx=pI7)qKDX3zKile0Xdh7%>X%vtKxN8qeGA|l8@%|
zhPH*|Hv|T&*xi$T`9p01t_?5O8Ab_%jZMj;k+gf5cV5(3f7vthWxl<7;?E-DG$G4E
zn8$3KVm=Z&?oOvZPcZp*oTA<>`i60EPSeGftx8CwYwU29qZUa<_spZ`Nzd4XjM(rb
znyWV4+R$$0^j9fINMjyWdPZl7FM9{q1tffhK4QGD105^rj?^!j#oJ?Tt}fN%<aAal
zN1$EGf2Aiww)k@5r^g^wq5=?Kw?<RAzbIMW7Q^a`O1hSp{zpl51#KxA;t3Hw!p2F3
zDDxVntOme4^U{vQ6U#XW!M$eXTUmXlcGcPS?Z;=IZsfRL1g%<96D+;d0Aj?Q0+haE
zxMiF)l^?C@3KS3L4GnhKbn2$m?>S61zxi&kQ-PN+&1C<+$LY(<K~3u-gt$`=Leo*W
zY;G#Zd+f}_CGGuZcsUs`;TRgAvzx8L0>|#P??cY@FoDP3imVrF3G{ZMYi2F3XwXqt
zFCDFghXy9G6lCH|=F3jm!yl;7J9fny-B9vQuC=%MV41aL;47J$=Pb3`*ep1;I}T^G
z)whG$f68~!niHf?Eb~w}$(os~7Z}cd`=twbOq)EdB}BZ(qZE|TyFDzch@;p5He$kX
zb}m-cNP5gRT!$}1&&W<#y5hm!X`Z_L)l7r|Vw-&v$&|%4vLS>vd(BMI@v%dtdNq4|
zwkogOmynz(`0$20thPH7TP_Wr%knaQag!RxYF(P&vO_Wu4CZYYL>9#d9Y(QKW<*(e
z>NQ&V`kl$j-wv^dyE^;d(wfI2xEq|wHR43+Z7hXfqd7|_^p+w7FM-qj&6`GZJmsmT
ziaf)4mJ2))yv7aZ5^IWWNcp^-hz{P9NpI)_qy4(JLS+{>-)uf?w_j(nJ__MIt2;T!
zg%r%L<trqUMck8q@V=m*;`tbB#j+*i`aM!(VJp0c^yzI_u4A-ar*z@~EvzA>Y`BB8
zGuniPR%zY!jEDhwIH~YfCrD3f&F;An8Hhn^Ye%EmIK0=1U~7ACGYvrz!!{w)fKw+T
zvu>Dd+9fFv4@fi^;`F^JvH0OpWxLA77n3JI*KVG3l0c%nL7b<PXu4zrJ|ya2?am|-
zAYOGF!!95kf2>`Z*Pbh0E>G*JP7}<jUpBb;BK6GladTEy@fuQdRm-i1w7rMGxv18=
zX(z9|5PzB(L#e5)!k<w^%c1zSY>0nidvh6CMFK9~Tno&$gHG4IRyVjOv11DC5;%}M
z9`o79n)|*2-#Re)5?jW)$UfF-ZqCSO-?z-x(n0Z!&q##&V8w6`_}sMtq@e=Puoy?C
zZm6lLY$!5couH2bfZvGc(VwchJnWQF=Iv=cF%nhUkc5=>009*fZ%u{{=t^sQ^mWWs
zc}q=u16Y^)ngD=MHm_#rxXZWt0&J-#MjJ@08JB`x8PiO5cQ%ozBzEKTW8V6U>3Ol}
zR3R&H@v81~jC{$talsGljy-;I4<f4-vT2yNN~(fg{IkXFvn3976(b})dSpgUHS+VQ
znw;|{!h#Ny*49qD%wElFS=W^)V193=*4{#5Jkl(CNJ$I$JTC8y*;->}Z(g<GVCDd9
zD`%0m*YbwGJegQ7bD8aIyp!|vs<!Tsr5a0YAZ0&=K4Pr7u%Xi<%cc(dk!G?OcVl}b
z@_z1LulC7wDn<AEP{~I5$nA^`89gNb%yfMCB<1zHTeR+yraJL<T&UsWyAYjzE<1n{
z^!sxwJ16VyC*~LXc5jkg&T5SSs^>;*Dg90#*0=4I>ON^>az*p20cn^fvQwi?1I_uj
zF0y-lT)x`G1rj;};$E#+N+e}O;E&&C5?_JJDYG`11^xC^x4-n`T24`5q}zqlzSC?S
zamE@KX}|Zdb#G4k@z=+Nx^7N~^CLMY=94?$6UsbIGl_gcrnETiU!2$ug4K3gV#bes
ztX%P3{9^^_hAFKyWW&FQ5{w_PPm(1Htd+Z=p$B{%Pv{*kw+v2yKRDcaK5SggmXkw~
zsZl&s@zBl!)6PP98L^`?A<Mcnk3ROa*)DfC0Z%!xhP#3#&P>;=yr<+%Qd0YYaIVz4
zb^^uKTZ)aIOkk*!2ZsoP*`9l<QBK$AICWFyqhyy5XT03n4WyC;SuQ2*x4EfmXdyCL
z9qs3Jg>n2i3W%KM3XB%#N9dq9^^g>w8`%~Prv4IHck(wgv+BfDTSAY-%p64DA#}#`
zZs6|$)3jP&8O*jDgR&vM^udZa%Z9PzNyLYb1{?-<zj4HDA8W3xP;V%*RE%^VOW~xp
zwvY~JeRkCt(oL9}<p_?*-d<}E2DFtvT%HwmiyiZ283W}GD~<_luWnltaN#jaFp?g`
zIIXI)RnaFoq4V@q^uDgxDU=gMPZYsAn(Le1G0NH+K=s27m(-hybY(vL+9hm_6jH#p
zncwN+uGmc>=LUFQr+s+RY`F8jxYCJY%=0rRr&j*^`Tmw83c#a{5Ao7_U055C#4jR_
zOF+6+p$2qLY$~UP{m3ex8ms_5RI>B8R<T;kQ>l2LdJ1GPea1@?;u>X7vD3#@pA0S4
ze^Qv3r%wa7bt<{k)j{?Vgp%<^dXyXP!g4jev@zFe_mXqijz}odpe7mTHePa>nrSa9
zo~@>nJ9Thukt@;VX}vFVj5&LHDdCfA93K%i(eqxiwR8%vWA(11rx^Mu;fc?Xql6ns
zBgvV!0*lbV2`Q)q&{H<^69Ii<{%X$pday|VxO(SY#;s<5lU2j~+?i*0ad*P8WMaw{
zV#RZmj-A~W#g3{-ipwNWyrYjCBUGbi9X?Vtw4q;C`<<)!!GyXp(5~d}suajvKY~BP
z$GiLLvu=S1IdbMrc<*l1aW=KgSnlDqySWzw-Za@w;RN<AT!INHni$Z9I9WD++Ey5A
z{?yjrxVmI_vAdWbqNIJJi1D2!0Xgh#L)f4+AO{3Cbf_6MYHhUcn%ancQ+_bf6Rdrs
zk%|9GtZues27Ul|F!4iQsqL(vo;@5zkE_Ks=6#>-d041r_Td>Iw8ai=u2bnKvS{*D
zZ%`~x^(e4HCh`1X0?7SLOmr=(Ld5bL!GdA_d%GE4TY?i^CtpjNgsR(n3!1JqRmWVf
zy|!n%+Fy;Yf!*(jN%mMxCP3T_8l3avOpne-;!f6UHi73`81o9cYZqWZAqc{E@fpdK
zbsr4TbAf(UOv~D~>|#+33ofT%`Bl`!Cc0D2#nwf+)YP<V-o>-{v0^+B7W*#l$o5^+
zdhG34ZhcU9eE)ecOG*66!N9~z@VQ-o*zm$}bc}CY2;%PQJAl726Lja@kE73|qS%j%
zTZ8NuXpCn!fivGkAV5DRrKjV4KD{vo8fqw8dz+(j`o;v{Fao*gfeJXJG$CW+`*GFz
z6b`4x6TZ}Z_3zF_@IlL5Q^yFdwOKB_#XucaQw|OKau!#!H|5}UAYk@bUyD<FIpCq;
zRbn|cQtv&RGPOi`6P3P?cauxkc*2Uy@$+XK&4`)o3Rd()?xL5hY!y-d$nz^9v+O*o
z0i*N1@o(Hl&eyq~p3s2hp6=k|F(S@?q5O{4PH3|q&ZV!qr`HE2u}x)LAKrwYx9YaD
z0JA9-DED`PLsHX5Rpf7nn@%kwSngsADQ#g#O`-Vb;@53$t@UI~^hn!}CF7qKR{Q%5
zDRSlJ&-Ez08cP(}cPLd;j+2@xeXi)7<Fc8IGZ-gTI>AC_Ki3bBo|AL`@@&@51AS>U
zC8^>G=!kKo0rr!%BI>D53UZf#N+^Xt#+2`n*%mEaoVHtnbhWw@52qOu;GJH3$)Us{
z^lB#+h`!=9oCZ%F_L(_iP{1kLeO)p$!yu5BbG{{Gxl;G(s3kRYwtUK^ZptjbwPLpR
zuyD)E$D8^?Zf#5x)_xN&Z$W}LP6Y+orglZq90O`zrdT$hoWv`X9#?s%a0~wGBQHdT
z$6T{LrsK~MZz9-|kydM!nV89k@!c)-dQPC7Y2U_}5!X-3xwLs_k;Fz!=gIC^Ph#AV
zpGlK%o|l)v4R;c8dhUz%wBh+$byUI90FJndbF8$!m!?N;FV!5+X>X^onAOx2Sj2rT
zHCr}!E#q;iGllzDYEdIgP2)vADUgqtP;Fhb?U_fW9G8Hnl2~E5Q^aAD`)$8m9XsA4
z-jMt~bWm`bpuCta@%zAo4^9X~&KG(r(T!CJTwi*KcRj0L_NLKdPd~HrkM576+^%bW
z31)HVHzYerU88Kp7jU{;;*iQq-WIR@h7zg-oMYvp^Z2`*Apb<6`cYN&GL3ufB9+Yj
z%?Y8RN>kmyuOPeG_5iRq&QZ<yPRe-soKS69`7$SOV8VU2>CSnINdmvCwL}Nn2|Jc>
zE}eV3cPvb{47H$}0GqsN@7xbBZ}$6oZ=ZA8(|ox`{qvER8kP3PFOa}pgJUlmOMgfp
z^t`e;cuFwg(~u|Wr11t!4b^4#2Bsm&w-qTqH8`Qr<bnK&sQ2htz@)9a0aW)}I2*(g
za1+aHE7VQfC#+9ZhoM6sTqW-X!+75JzWPLf=sn6uVW?ukx+}AEB<O&Z`zj8l%u8@#
z&o9Rn=>#5(*_R^kk%YmE`BMsnQK&dpVhlEWe-c$9eOiC^PB-W>tOfjO!$%o1CTmmV
zVjt2(nJC%A(q+1)rYIgct77=*E)F~>MHd~u(nC7t*ZoTauT!tN9^g+s6h$72oncb-
zNb`lZf?k(q*O^j<1bL*a8wA4ci-qcnT2V?Qea@Jsc%)$B(e-w2Jfmaon%P*#1Ecrg
z-zz;~%UPPwB@By@VOAmgkQ;jWEhiG4XY@-0@a>$GNMYDw?<qx!_l)xAp&ymBt6)&l
zCh3#%+*hHvtiYOXL(*nyq@!yFc{mVkwV=8W-~OpM;A(~V6nZ1np!I8mG6Rk?1ISg5
z(}Y}J6boOzNwo_MEnW;)*hUlcpcD!t?+AV3GDz(_2rW40e)wMwIom|Fw&b*4{EC$f
z2Lbv+NegRCE>Au>?f8#Sc^;$w&RS~IOls3R-9=dQBNx$MM70oQf7|K0Ve56n7M?N(
z*8H-wf_QTk@s}NfPp?0@Qm`Qm-GT-8`rXgq%I?1?yYXw)aD(uJ7SQ`t7_zt*H#-O~
zAB#sBg=1g5i@ouSAqZ(mwIcHHnYi~=Zo`_NaEd-flzsXux~>~Tw<v|)8Q%<3gf&0-
z))hGD0lV=tIjEvf?L*RJ^N{ESNcb=t^)e~0<gun(R0L60<eIgA5#xv8EmASePf(<A
zV9ga=>r52h<S)E${ti+eAIjTXgQOpFFPkggsOhJ1!)J2e|4DDX7vs%N(Di4-L)Q;&
zuGSyg#ZRI5Kv414FKYs-hwsu5<qBjM>^aqZ9dG{*bk84SANhBnVg)|~eJB76RQFe)
z9f)!rzXQb>;l6*#f7y9Nv52E<VFXbK2EqMyJjnI|o7|XKR0-Dns=a<Te&`KKQF%&&
zFyam-*bK~+Hg{bdSn~^!e=wE(yitz_jaPR57pY@H+h9{E`NAG_d{_{TBsU`748<nT
zCWE?!HosiT^YSb3UURt*b9s{NyY(^o<eJZY3PI?dp9LZSo${}3!IuBa)I#xBQHZZB
z<Tqr9L+F%3UaNP)6k*M8riH+6{A5}nbcTH9Fnm-pbZIk8Q1_R50nNLsV5aNuyu(a9
zcn~yi;ZKat`=FopSNYaRW|5t<&g$?89RCi3;v+N+%uXmIu;vFOJj`Ld51==GWq}_$
z12g#y8V0QSm4#yp*o~ivT$+Mq0s7T4L^_xg*yr@4dcr#*UORVwRi7}8+x<r{>$#WB
zPxex}2|{oDVlQmQ1E}?m$FSx{A^+c*`l?qHdWM;L_M04x(D4277ttwmV9gH|iX!MB
zgWdSK2N6JLTowB<tOj6_z`h&@E%tL?x%1x%g_(f9(|JokckX*zB?UkLwQ>1k0J^t8
z-JV=?n+<adO>+*c`Q<i?j1hX{x7!o<G+#N$i(-FR^Fy;^LQno?>T-`#;KjyNeGjDp
z?3+JDP{j&?+5W{Ns0sNNC}UJwVa+e`gTNg8l=d#z452_6C1K4qO8(!N3hi3=4n4Cx
zid}yujFkFOu8qc^R6+DDNh&|9{W_O0ZBQ_%-LNN9SHaJ4j-P^kVe7dSIr4)*d0~Ro
z_&#~^K5v?U?+6d^QW#P~7x+I4<3|KO#*|Vuqzoah7p4<*_mb<R(fP>y`Y~lShTc8U
zrv-j&@n>PGzVb+^VR8>s{7`}x!kS0EdecNRh!f}qS_w;d3*x1irVxEp^=<MK4nvXS
z&{AN^7JO!z9O`U!L|BD!8(a8MYM>m@Fzds2{*Q7tp3pI(eWF(6;*SEwg(G~a=$?hW
zMAM+aOZn79qxX@qli(@NJvHBAe{)&r%4rG3=md?t<vKF&^|g2l?{v<ZK$oP9pB~60
z%$}OgpMoN%-*;D>PB2-BqQje}jNvhX;)B@AZ=&Yx&Oxfa9w@&cvLWxJtLB4_sWqgm
z!bryxewZpQh=oVkLGM!#iX!(;>mySq{$gMxvLBrwfiNpg6^1u{5G7s;cJnVVmoC9%
zx(;U76_}|oF!e9N3{o?U%VK89VfMZEEARz=L2q-}x8x}i!XD6nluGae^v}T2T;P52
z-@zm)d+?R^i|$}aF!)|#<H{7SX&R}C@$i?=Z8;qz;pfoRRjfke`0x;4@G6d2F$Nas
ztlvJr^G9Az&4Z@z>pj$ztMv6y;>SVf{AP{~xy0o}B`DCkNC-cG*1s3n1D*4m4JUrK
zxPr7nl)Obik1IT=nG;&|6K>1>P8y^|8yOm5Sdy|N-z5jO!(*bgOQJn!eq-yZ-3s3)
zPSGKg8-4#WRYx6?j72Jpd>?=DsU<%E2P+N-3+4{5So?=Ne&*H|{Z{y&?r;djfSTZD
zeK1^K?B$wA34&t|W(yD8e>)TF#Y*94rK!Y#I&Adz9sWtT0UqLEo@<cyc|Qrrgw{my
zlavn&{E<Q!Khi@L!1g5IdU{Y)aOI#}TZniRd|#0UI{w$%R9duDeyt70->=2K&Bcf?
zG@z5N(6CI7c`{e{<T@I3x|b7SfI!!91xV#LNnA^1+-racLQzN|{HXfX-;W<^j`5c{
z?YTnj>*oFuTubHa;0p2<X?qx^hb~YnNnXWyru#XX4VsNVXo!17!>$LvXedMs1?D#m
z`(O!tZA5wO2Tc@=fjYcZ`u=`h{z%tIbKIe)0?T%z%un#4d=^sut09*wLuKe!ROXE_
zBBL`QyG~_lTs90SkI!0e-MQj%Qa3zW)NQnDJl?~~!S{ud*i{<`?ux`R`j6jtJw~{;
zo)f=x<SP;@xc?+^R+C=Vt)HxdW)9Ng2!BQ5kQYBmOgdXkdW~0puG-wUu1GBMi^L&s
zRYG3;CNUIeQuj-ohbeyHEK->(@+ZzAFD}b{4f7|?0~D&z34h=$as|&m;t!l1^c}t0
zp^N-ooW~tHmkYX%^8f|c|KAW6Z_ElNDb({d$)JW#xx^W2{!%ZJy7v%6pq_v0#U2)P
z$|cU+w|?UM*Y%wEL8n}b1?exGxtpMC{Es+8LHk|5|BUmN@_)wJ{$JqyAK=m9J%-}k
z`xl%I{sCv_e}Oa4zrZ=^U*P=bdj1(_=o<ec&L#f>=YPTHqkn<(e}G4a_qM*H;Fmvf
zex%9GPoA8w3G04-b?|^P(f8edM(8h={t=-En*SLg%)<YS5aPdJBK*HV=+?g=(9Qo$
zpzH7`7*eu(3i-Sfx+7?EdC<`@@X}8a_?iOuQ#KwyyB7}=s2S8BBd`pjAEA)bqWsi@
z%x|Jr2wiuOq5JIdjjKv0(BI+vx^wfliLm%aLO#()kUPRxUZ6IN;K@zk|FD5_lN{yd
z&kX>`fOU%>_tsB^lS>X=Km{HM01tkiisH2*!9MX|il5sNKSc*Yd_OHToR^MQ`-4Gr
z`W|`4-XA`e!Q{)}-#)q~1b`EmKUDP6hcr+?8hFh|yia`mpFZ4u;@v4;GhZG`*qWcf
zp|it@{M2)A;V@>l%brsG%T2*fSU1vL1UljOG8+k?vWNtH@neMLdldvyON8K`a)um4
zY48>y{{uAKFPN7H3}~c(F#(O#9qQ9f^Z#oDX7%R@AGHLPYYvt8XT8HtMKhN@KTbt0
z1p3fVJqXzTNEtyTKP()P%Sirto&S3umtKF=E^{~2mM`<$pS#E<Ihikeev-2Vy3FqD
z%ltbz^=23iX8uUJ!3>m~GtlTS9}ZxV{$T=2P6B&Lq}^-e{3jbQt3Qs0K!&a_I?(i7
zCl2tk=f{y9ma_IgvJOibjGWNuF3;fx(f=JEFt69h8S*!B!g_wt#_D|uL+2NCjqrrV
z-|P!cXf#akD`Lj~70O3<vU*|Q7u5KxN503;!s6WtDxpkgfHU|(4LJnYBSLmK=C@Z*
zGMAE|KLaHhY}OU(!URXqM>5pzF9cVQWUzXTb~mBCoOJ~WzTOP<5esJa>JbZ83YrM{
z(8`C-`cVr1H;bA5G8e7S{JSPQpqD0;D#Qb(S5JEZB5(mZbUnXOp@d%Mh3Z;%r(Z4P
z2`T!MU?k?$A7?8lCeX_g;jmUlt*gQ>udK5#tn5)?{9RG^o&-a6RMYaOjs~DRO2@s_
zxW;ys_?H^qlmXVO0hgyvZA$}9OQ6Lyn(0C>&BR4`8GfW#d6GmqK3w?^6XD8n(4HSU
z8{h;NVEx(udLY)HjiEh1ghAWVP190Z<PR6pA~<1BfGadtC%aZp_g400!D|W!y)1?H
z{2)=$(f!NI|Kfo1O6ITZBtZ6StAwIR8w4Nllj_ROAFMgztsh*^XuS1fN|ktP>8pAR
zK(~_ifnNMLphBeucF#w?1wHUbQR9*=#G@_8UsH}^w&ly7|J?v&G2G>Ntg9-R^Nb&u
zg<kx47KX|&^d79|rwsr12aL{b++Vi&BcmRzn0e1&?7Vs%q`l1tT(JWB{XrUF)(0s0
z*spe^Cp=%-)&9r_?4Fu9=5Jy`6H@)Rgur@!GWUNr;IAo-`ddn2JwM40&G~<KfKGrD
zG^6v^Gm3;O0)12~Wczs@ZN0;u(aui&TLz%D#h$?*1}myd^@J7B9@}3lY>!6h?926p
zSpGF3E6|?*-GINQl>2Wfh4uW{2Vgn>?+yrhx&cjC(jOUBCWgHhnESc$!fKS~Z#DYY
z3WJr~pB0vYy$zT8<B$PMNblbg0_*wT4ftzH|0pq7y7&GRP1xn1qWOP1pxmC}D?8jD
z8T|**MEF~c{-wfz@BYXKR5XF_{vw(;|CSI~&o$Bf9}M_QN||T=no?NLHPQSp4;Y=B
zy}yk5N5cL=GztErXbSw15142Q{6#e1|1BY~o@=7{KN#@Wlz#YIN?|>}MHBen9iS5+
z;u+68cRi#3Aesg(f2+~IR9N8OL^JR&qDk;K(S-F}6V3m@fWL|+#otm2>$xVH|J?yW
zPf5|OfYE<s^dCf%@ozQy*9u#@o)6fug!%KIqG{0m*Mwa5{1(ms!GOQ+gMojP7)&%_
zJ=ac}|9QZvvlzn>W6U#V(X=`IICiR3{mE7VyKm<WlYxR%J)@rbrlw2LlChQuJ#3@h
zj4QDYPKQ<bn*%+t|4?ttxo-O6t%I$`bRuXNPs($)ViRmfVm<*pcLX^6zq+n7sHv^(
z22haRdsR9}kq*)XDbhi@K<FqXk>0C?D!qt6Xo5&+(tDyHMSAZbAR@g91VWMzz4Kn*
z%Xi;o=A6lowaz)&&slrVo_W>^ZGtUYpsHY~>LwVh747A7%DO;X2(AHT9DPmzR&LfH
zf#A)(#c@ny(`B>!o26FimZrA(C96fu`9fCLOiQRm>r(J(vG}UW*yI#+0Ej_=m(*ae
zX3Wu^!UE=OsXYPnGovBqV$E%;M1M62H2<<|sg-;#gx_ju-T}Get>)x^v{yanDH|HI
z)AHIL2XW33dTMvl5gJ%QoShi=6_!lB0<O_H%T{Qj6Os>k8d~MITQ^78dV(;jkRyN%
zAW3Y{+p`(b@HSR?i(o3b)6E6EA+>QdZ>79k^IF64#00WsWMTULF-kkQrD;hryab(4
znFYn8m3~$e^l))}3hY>EAr*1jLq5MuJ_&|}PGZfgk$fd4-S3!!LSy@&(16pjRjCA~
zZdS`4G<tje{N!-uFjK8M_o+&P#qiNCL-(1)&Z6xZ!fcjXrmv~v!tt`#sgSWZWQY4x
z$eA*#?9qDUk2zMYKn9F>H$4{a>{L{Z0$qYY!4%7*POs%k(fXc3Fu#H;uIWKT+WXa}
z6uI!#oF%WYvvzt@ngM|4T7!>p8-5US21l{*JFQStFT^3zL9{<$Pq3h-;4JrxU+bD@
zg?sWr`p`xfG_C>d7(nP(>5tP0YeJfQY?v77fVmh<`ex0IWY$^gV$Nn3)=@&3_NH@l
z-}R<8g#Qxeu+JfvfmD9>qHxHg@<jU(xzUQ>tZ)sqQV(^VwP*rQeASo*OLVunqTQw!
zW-fc3&)Ypa>4@*vDeEtNe?B&c(r(7AHOsAc;O$j{+ZRJ0XIGsWZjsi^&7pSoI|e2u
z&>6laSzEaz%atv~(7qNV9^OnSYS;Qz3+4p8haNbqKhw=a*`3lNo`Td^=TXN(k^>|1
zt{??V30iL>px9I`qSzk}5>f~@#)QIP(igz7Q^?-l-YIY#n7cJl(e8$E-i5@X&{mj(
zdKZLUFy{Ds*@0bfaH!N*UohyT;j|&E582g`<ydxbaF~01GxTCUXe$@_-Nj^Mz`?Wf
z?gv`DWgCgS<8dM6TrSC*E+8iKpN5)K?T%5j*8u=y3c&v|)D-z;3|($&=?Rq}L-8~0
z_6NHFuteskArH2TA9&7faA+g7s$9na9xtL&F6}Gj;U8&jmUMu(ugxwL);Q5-Za@w)
z0yN(%f*tfHM4k9McVo9EXVTN31b_6Yjo^0a>NA9=g69LepEMh&IxO1`v4b+dr-|m4
z2EyD^KTxB@1vdKqQ+<VHZC~*m#(e5%=Iu*`0mmYCoZ|OtC0Py!j7u1IgPJuZe<sDe
zW2S?Ti$m7OjI2gW2hCncSq^3MWBP&%ZjZ+(cr;fkSg<#>Idxfm`vwyCl#NcN5u+Sc
zA?V<@94-Lp(j{J$=h&{38JdT*f)<u|Q~`^g=403S(fua2cRg+K%74hX5gfoz8pgMI
z4M;?d$2Vzrj%}AbhegXjYgb4@#Oth!4z3-ER63G`@s3G~Yv|2JM^tI4$mDv|t62!*
zO&zXi7!Y`xl3E>UjG}p@WCuU$^|Nm9uQmDQHe=8C27(;5Ds?ks48@MamRFuH-=g;F
zK<M?a;g8`p7iSyOtK{`;7xlR0^Qh^P0`cZiexDW$xbdPbsJ!6l@6S<tVspl2)>+vk
z<OgH;N0m?No+!>K*EcwQAU!M<h3vfzi)_6J+QnTQkrCpFu(etT<HYX{&BypWl-vT(
zH?j@r<Tj4I8(3b~y{DwKcX-6jibvkWM8PxpItWUrr37rg(b~!G5vP<))MP$=+2Eg~
zq*$dyv7(n?mDjD#P86M~drS0-|JM}ZaB^-+QqmWev!A}SKT=*@+d$i<#JU~LkEc47
zQPfh<((^AsLm6}|b%6PVs9|d5@;8-88+k+O`Vw6|bz99OPm^6b+LAD(7uZ{^_d=bY
zhZ*zI&B8U6D#Ts#VoT)vCwWvDCO(4H7f)Jo<|u*da?#>hAHdTR+g<k(j@cgkoS&M(
zU(w@aM3(11ix1f1>Jp54S?vk#P=}H~!ON+|X%Ungn!*mBHekC+(t0l%Ph;gno4T!Q
z&yA=VA_x)Rd_1mea-ObhS#$zCgQ4SDzdkrT<MoU3-48Yv@lvBhINNIZvs?#wneEIt
zrzq#B^HM~yYF+R*#_jMWAZ@03LbRFF$^F#Q6~zV$3VzJ=(ds@A7A|ePZV6ae|5QQ{
zt)XT}>r+a2dGzzE&3~!k7H#Rqfp3>)x<rU)<QN;$rdTdGd}yPN?K6+5yJ?;5_rdvE
zcrt%{u<bU=_*NI#epY6Z_mjKF*_{d<&bKo9$B7&%jS1^S(fKuE#bKCS2FAUo5~INB
zsL29jm#Go_Hn==0dR8x@O@6glDj`#W5^;-R%ds;tn=bcdcEvDvxyDmWk@jp^W<@0O
zLBs%&gwS1@$6<UQ*h;2(dPIX>)2Y7S49l}J6A;2J6#rN(x>Y>RN5id`$7eN+uVDhX
zZ+zh12Noi=g!DIu%W^K8t~WNgS5dMn-O5RflJE6D8KiuXZ!6-OV8vX}Tcy-fqQoV~
zSzB4-nJW4g5P18Ms(n9=GK{nK!+GT$o}dEJY`O^+{%`Zi4K{LU+R?u8w*%w0BC0Oq
z5CSa|(RXXR2y6c%)ez0VIeB90kl}Z%qhi=1yNa_znvpb2^vvEyIt4Xwmi4`_+?(qM
zNH{k$BFTs0dAN*VfV*Fi#rWVnX)g9RlN6vqdoPrM+KX7ejj)Gh3V3t8&ibzR^$BGE
zS9@T6jexdEY9D>J>SSCr$OFMNwoSGweZl%*4K|d?juF`xqdo7tf6Ds=eZ`&FIPr(!
zk81z`k1zm0{Fghir<cF0gXeE+{YQ@yE)^8bA9c!dgG|tf;yokpX3}gS`;PG@KfaFb
zgf+pSgfy(Z{b?VUa)ted59N-apX^bvC=0M^Mt{)fnp`Eh?W_dX1Nq6RxFQ8c)ppZD
zseafn6{kh@TQeq+kgW1J*#SMeH6>oImkw_#$RnjjxC`wmhiubb2%8^Fn@V~QypBs3
zdmoD%U!mc*CagN^qTY2b#^DFCF}fRfXXd?!X8LWO{LC&X=FVdWeYCO>9aTewiw%Dl
z{($}ad}|PvXhOc*xMh3_^}U6arR{A|bN#odgJb7fN}oC>s#R&u5orLpU}I4+$ZEQA
zAoirVk!-cpr->(IN^JOZyEKw5gw_mRMMn@K0+YH&hKOH(4H2!i*qXgCE$g_w&TfiR
z4b@vDa;WFx(Du;ybOEneU{TA$8}${K@|GK`iA19))*8vrxYv*G+?*I@`B7>uqM_WS
zm)?(fWsqDHS-o=Zkl_((Y}UwVs*DOEX5nMPAD%G8<$5&GeXbQ!{LtZDeqfDJN~qyF
zFNak0FpY}cg7@w#$2Yp)s{(7=sDc4{qD}&k8i*tr>k#R-n*Kh^b$d$^4$MAC{GHkJ
z>QXzi05dUq@>+W(g$`(4tF>5~RO%guSm=#N{x{D{*VCK>H$4U<CuhtnW@rXl1FJht
z?ofGa=7}2FJAB^IBDSi#6<QoqN-Sk=vCk$*c5~>{N^T!tvP46RrL%M9xp*=@?@JN)
z-tyRe+M+L7?sjnVXV6*(Q{#tFI{U2gG<IUv+py30l*K74CSM>DvOdwRm_TLvb4Wht
z;uqx3p%|D^g0+};2Boym7oBABBR4^c{zVa_zL*~UailYwokDNQO22DgY5vG!q%O2t
zIQZTp<LfRh+u}>7@BB0Yk<3*!0Ry{(16$)%k#a?deIi+vk~>i|%tW@tM>-AP7eE7n
z%&&c0auhEHyHo0StG-g}`N&{BL;KFAdv{Mz;rSL%SJU|`()D$<KUO_BS2L59R+l}x
zY@$h`VUC>Nz;G<4XvsgQiOsxNe5SNI(!EEiHsgJ+b9m{}CUPCQFq=_Dw7A84@I|k^
zyU?|_m#3bMA&W2Y5ued}u9LLxb4hnobq4-VXSkFvQv!k!#;a47F(MHuuuWAE-<euk
zyL;}Yigithw8^9wcj4o?X*>#u+NZjJXGHT61d?&aqGnBJhV>AhGMok&H7C}f%6ng8
zD6@g+4eV}KqKkYtWcUV#lt-3pGFRYy#Qdj+n!-X;%3Zv7?8o`t%Of)fb_q3cJIv5|
z>-GKTJ3e+bGe1dKd_Ha$w)n4?HL@8gm`b9vwdI*nd(wO%M|E<9>(_P^GWK<t@*Ns)
zZWmF+AD^H5QY~w{8r8MOau*jE2cxp2h6NYzCkIKJx~D1#fX;eG=#=_b*u@uP##?y9
zZj2i!DRMk#qfy5hHwa*xRQuT%i84@1%n!Br)?qGRR`fGIrudN17R$Vq6)&vsp7mS>
z;mZa;|IM&2s<`~E7*;r2kKT_kQ|z75o(2v@&Drc8;;OVqW4K;ToGSM+9^DeUuSoPl
zhYWxZu*GMt(uc=UZ~$&6IftdY#rojVM=Z3eP+iMY=ip6jt027og&LUG2G_Bly9bDR
zPL^jgm#6MEO+&7(OopXWAFw{?Cz?yYChIhgVH7^QlGW0nwiN@vltP-ztQNw{Gtk4q
z)l*3D*D)tq6NG(-NU@T_0jTx96Z=ltbd_=xVPo`qVP<ENUFXk}SJQB|$K;wA2t=Tg
zR4mVj$#bsAwM)3uV#Zj!98m4TYYlNPFy#~1R20Y;OB_C)CcFLph_gqa12oy7<$3Yo
zCqdFyvuCY?F9Fpt7NVl#4ZDW2`HXv*s3vA$eu!ZFO-^Om_QgB#{o?+kW46QsHI=8g
ze<r=viuFmYl!q*|zdb6lv#s@8`hhtbE}@b;gXIVpMUPIY;B$ei&aVG+Ax&$D=kfM3
zl!hAz03iKK`+qsp+k(L^ztsO#GT3EKn5+vH!;KwWCv#BmL;S&})|EKUt&G#(%zlfB
zd4!ccXR9_hB$?TX<i!V*QBQ8v?rxHCjyH02HrQkM3!<nmlfyav$>n762B|q0hTk+R
zGr+6fpy_65cip$%S)5Lz=InycJ5MTK+{$)!MiI%H4rY3~%n5iRo+qZ(5i>D8Ba~ri
z3@5F)>6Ac$I(cpVz`Sh5@!9YhjJ7}vGGZ4^u)*nsvcl37V;Dye+;Z|v_j}S3xV1mQ
zu(Fx&Vf;Q@;AJN+lg%;L1sP-Tx1v4vNC5_$mh3j5Jr=@4u*J$vKe6A;M-<~1vw*Y9
zalP~1mS3XZ+1)o8HKh8JKV*+zoJ;ttAc*q6=b2Xn^~oFWUK*p%)ZeSwYQYD+rMw%U
z+bw>lEx3WAv`tCZ{SBE_tc?gkS+p)F`sVVaZJrK3V}<#C%GQiRg_H6_J8o=eF}4*=
z2$UVUkr&q<B=f3Ua~DTv20>!i_BH(eO?c;EZ0y*5+C4|0<5b^FKz-wRs|NSa6|EOv
zuuMJ!sngj%fYO?Y58s`EnxvYf(IqRS{~S=Lm4{&M<v_l=tXzh_2K2Au{qJG@UC5u4
zwF#aHlc`oxcmUMgHVR6hpm`c0GOvq|ozMGIH+T4(_3~puZ=w6zJxCU<WNzorIm{(H
zOwl7h!VP9bTJ8eU1Q=Apy`}mk>yA|qn1XS1(%PKKR)kx_mqhK;w=)Y~Goh7gy%*9D
zRcn1;;XwF)efv9_q#~YFaN<M!!o{v@edO0g&0<<LiiV)-1c(OxAmNxHv0D(a(c+r#
z%9yqO5XjPsF|5<u&!W#eDXe3!PyV0JTC~h)%6eJ6)|ZQyU&%m^l))e`2ap%g(Eq7}
zr{%8#{%qK%(;-ZDk=8TC=d%%x;~bE0k&hPw=g8`c0Um-h&re+`%<&D)OWE9`FYTlI
z{kjhikIArV2F(&)JdRp<W?(AuRqPAdN6#XX-X|+dwMP0G<%<#K{p+WtL=gBx9l1zT
zfhoPMoTBabt8QW+X>WzAB+13Yt)OHwsxBJZ7AAqf;D@~m)EvGfbgo*R^f>p62Q`R_
zSgGS*2?eV68Ya4V6*%qC70W;qNoe$}zDuo&jMwqz6RZuo$9BF}G?@k@)_8E_SSE3?
zh{P?m^y1>aiH#vzcuSV_Q1fZa;+^#Ny9rv?qWja7Asm^3hxqxrtr43IE3(U{iL*B;
z4Ld}F`+=VF2TRWO2f3<?N{=z;pH87(vxpQdaoO9@%i6)hro#E(F<X~^>hDk3uiUEt
z7rJ#7eKq0gFDw8MhSl-k=>OzhU4>r_din!LUS9rRVxO)OT#ecIn;^XX#&3du4c)lP
za&>Rv4-2Wqzq0(^X}HRAby58{3zmh=Z<aqx?5ohLlg}S0*zq4z(N*A8G5-TJb^80x
z|0C^J!B>Uj519AKZ}9(+k*hpcU&=o`)Xx9<it1@zzfAW600=I>&o5QW!R6Pl{{zp9
BHlF|h

literal 0
HcmV?d00001

diff --git a/spreadsheet/macrofree/azure_storage_checklist.ko.xlsx b/spreadsheet/macrofree/azure_storage_checklist.ko.xlsx
new file mode 100644
index 0000000000000000000000000000000000000000..0ae78b40bc73f43b3cd699daefa48e604f000d62
GIT binary patch
literal 27646
zcmcG01yq#Z*1myA2?8P_C8B_Ir+{K04boi#l0!F)v`DF>v~+h5Fe0Ti4Bg!gL&yJ}
z!9ef*zTbD(f8Dk4c+S~}{qFtjXYX^)JEPKKmr-t9xNrgOLWBpF^7BTC7ootY75H-<
z`11;+D{Tofw_?&ZH)pgrHIZnS!2HULg*py>X<Pc~9a$3gQ~r0cmF<i+UL_AqJrCAa
zPz22!9KI1JF#6u5Dv5Zu!8mQo#@cx8Q7`3zKy%aQcb})7a#%*({PS<)B$1O{u1zrQ
zd*j7|#oaPlnzzu+_}svzJxs{1fLDg9c2bF*H=mk3bC?9<`kdo^0Y7{(o^ZM=r+%`{
z1hTQSO`xM!SD;rb2&MmUq3DCa?$wKc?UycGz&-DRF33_3;e*!)O|e?$8}(4p1*b@=
zk>}{@<Z{l}G2JiMm%bl1t)ImaNg68U%2qe97}ss%*|n1@3(XV1b(N`2$^7$`xM;al
zetg>~vL|_1x=exbW$ijb!d9T@NeY3Hi>izQ`xlv8x2`E%FPnCoy7+ckT%0=T23wbF
zxf#j}x6hZa@Y;*By5|mDklc^DoXAEkRUISiGG^eyGOI)BJ{C3Cm;cbH7)K5B#gZrn
z70J4m+VQK0_asa*CA`23Jw+$N7e3Y9r;lbZf%$DI3=1xk!6Iiv;-l|WjDEOA*J~p0
zij`G=M3ClhvbzGVBWMzPI{zqX=A-?^Zuv^JMwi!A6RVX+ZJJKqVU0P^i+`e4LwLRV
zBkF|<4R<bFzz0yXH(|1Vt!Jut*0LaQTTyNW4RPLp;`E>1nO_wxxerFM!B8zZ3}t^j
zWjp^N%+QbJ{_T6Abu<`QD~910FIQ-XUxchMW6|YZqO%<!$B(b?J;rtV2z?r56wJxM
zOOLG;+`YzsvNt+4<!28c6nPOq*>Xi&rj}kKU*fW`0P*|R-OOw73a>~*G~a}a3G`pD
zS-taeFg@IA&q-h)8oy3_huoK;oB8qsYSpm&&bOXVVnmIj#a<)A`QXV&u6#K#@G<B`
z_D562tm_}XvERMnK3FyJey@N2K5grY*Cw`C?u&P?zN8*~kuqozP3o^Hi#U3lzD~mx
zc-=IDx&004?z%7gwRfJLSFgb&1yhP$dQ>oEK2b(}SW1a2A6C<1W=ytp?$*TM4P26o
z6gy7-bRwaaI+$)vE9Uax!oEOOQCg=mgF_oh)Wz1w+aoJR5H-1VqT`us&M=9S8_o`1
zcAV=YIi&^KsO-iS#P+4~pkn#sRSeC6FN!PrL+P}8H*QGd1#oqgs6KG=>tUpL@*MPf
z!lrLQLCk6oLr*Wkn2P*+r4nW*#gzJmq_$@tpL$12u3z7OvvvKxi=;m(E5@C5DjJ<j
z-YXwRiksJCj(7~|;536@X(;)LH|rauzcyYMpvE6y2DvG)U3S=?tY4U#OAP`Gx@=Bw
zZ{%*3bIq8=zYYm?I)-tb9<3*D?1BWVT@SL!m<sk3q0aEdAi=RD4cek=r=7+9!tgQh
zabLR>$2yhpF@2@55WPR&UVmA$kW#$<rQx}`;Q1?WY4B(+B%$_yaJy8=_Ds&lSi8q_
zm**7*>AItHnmIq3J-sigJs%puIHPV+eVHv!X>fT#vv1-DS4%Pj3p-riuGW=oo-%x?
zJJY_B$%I;7vjSH@iMWAz>>mwG{PUkLU!-`aZs*(nN$ZK>!#mG0akE7nlbGN_TrbdE
zKP{rUXA%r8k8-K_FLsx1e0b++>Xs&XKjj@!ZlY3xbn`7QcE91rtQ{X7Mp$aHl)WEc
zz)fkH$I83T`-xvbety&&E79(dF~*zrqZn&1h23>s<yTPwRTsSQ84U2QC@)K}cwc|k
zAP}sACq6<ULVolnLCtQAS}7K!I_80ug!6t{q{T+{5}S>n<id6Bm`y62(B;ADr^KY$
z_DP;Q*bO&G6E8M2R7LSVjAG_rP`&snlvv3iO7%rRPZGKIMZK3V`(BfXdEymZwXd_>
zTbAs@YrpY~V$vaU&A;dU!j}iB63I^8<aFsF>#tyoBFnzlV?>r*--P6e9te@=%96#{
z1-Z3M@O>M%YJQ|6SZM0_R>$Sb_VpXLDy%W@=4;#=kW5#~3MI~nvYkOS&K^Y<+3uY*
z$X>P(lpNTq!HD%^ve|su<meXcbBGhhVR}RO@RsDq=8V~bjD0}`4hN_Gg0S)|Jx1eC
zK?==TO@wrZVbnc%v(=kKc%nGdA(NyZZVFu5If=*gFr+3>sn(7}>4=s}9e+-eZ0f<b
zf8|5X<2O{y5-c&=_hvJMzeX@$Ob-5($;VJNX&!z}Ke2vtGMNhPPWf%0E@KvKugK^C
zg^bKnJ2AK+=w1QJu-w9c$SW#Ykr0l188d|+Xa))E6LPd==&F6aLN_o-BvD02eIRZA
zxSqtG+jll#;;s`Tn7h`oEIoSR?9G{cgtLZTPpO9G@IEnPjjt<_S8HkZEjcQN7qMp)
z<4hPEvvGC2SRrc6n`>fB+vrTv#-50ydhLzhLH$wOYo5j^qB@%RK%KSO6LaAC-H4hl
z;X=62QynvDJfSRukw=LHr8?<G;EL(Rom2xJ<B{+7+;!D0M9MZ31LD3r3r_CA*nV!?
zkD0kS57=kzaBnqb-^9O+{r0_>F*aH|%5Kv;;{~H?g3#u$o}16C@#6P=KT6E9*$--T
zeb1uQtEi?GGx&Ov=7gKNI^@;+QNQit%hpyM^40h4d9+K)<%4R9xdR}9`=h6izDZ{;
zq=&-0H`@X+>CsqW@|MdAP4HQ#SkxsMW4*<uqEd^@)&rmG`=)6My0rDnGyUixW22J-
zmSN~!ozHA}K0I#`sdau0k!YkV*Qm)Uk8zi^T^4FJ4a1b^V<6-+>ohAB4f;aEisrX!
zvdVZ=D3!V;c4+N9H7TGLGN|Z$Q-wa;BU_HUs*EXYlWFzZr7#Dj2R2JHj+rmh!lOpq
zVP-uTHo0B2MRXd)Bc@Jf*`qG6ZVNx?Hw@!X?Mf%0eb!FLO~ChAGm|hwGQHb6qgAER
zP#|*XwnFuudIZ-@@iEh%TNtF;h}BZ&!i9@*moD5o+rsQXmc~}E_4KT*n2>*+?PDXR
zc0<og=J#_Gq6BoQjjyn5VBL!uCb*3Dnq6YN!KE#Rqj2`hGocc*S2Ds0!IHWA>mI4J
zm&Q*p-%G$_2<Idkv&qrji)(0?ugOj1f|u98PJ7Z}K7L^5%5s;zjZ7S$+L7H{4So~B
z5OOY@v6Z!^A<>+jU2-m;#nVwJ7;bK-X=d9RB`{i9a1(Q_r?C~jq9}M=ysv5j&L3F=
z0;Ib?rMR{TjUZSNBsI$cHDizqxEz(0pKjSW6rN5s=C<T^le<>Ao=$WeP4q~CtA;9>
z#zK9-(9BWk<1xjNFz~_B>VdAqp?MV)z&_XYXwhKl@T-PWt5am(QKQX%<CC>9LLBlP
zaMErcL>|7-)2HfeW6`fxO$TaP`8>=)zT19$G6h+gO&J`~>O6!l9q^46fwQ6(ETN~_
zqtj99Ri75wA_KZ11?eYSPDG(xJ(=K=Owe}RO51=Ysa>_J!ReS0HP}$4<RCIU%7=Au
z?5KTdWa0_@v!?oTQ)X*wRP6@n^T|-|p<tL^pT?-2*%r&taqE*UC?U9ri7T@YB*;&)
zLk`*PGj-W3Jc;dr3TTX#oQ@nl;c#553WLWGl%*^wuTDSDGNbIZr~JGXv&3Yw^}$qW
zgmc-9c*mZ&WGiNYo^0q^F?#BdC)?=L9w9ca3EL=hDNbDHxhTJmoz&6^o1yiFq4lco
zy9XmqE)!d%&2SGM2_kD^bV*KDK@#oKfc1Mx!5|L8#RwJuvE>$Q&vcxYU`m*pGhtcI
z)D<=z?Tja|hdi8_t>R?kj%<tb>{8h6>*#!m*wS0uXf91{X&&7VdA{nS2$O2h8a(ao
z`T$>!KgP}-luTXtHrcAZ1=C#H1*;8nt)=r(Hy^I<g<1#6!()aHo(U@EI=)sdKG=er
z@;|EN8&-5yH{D)`wVxhYYic|tZ(0Fy_2KwHt9j+(lwg^rrCxm=48tX3>E3CV!B`eo
zYi{AWYofips3AY5$>p96O&h7~;vI<UL-`<aD77wDnqL3i%yw=4HCGI$Lduw*JRdEG
za1FOTyg}`_HJXRQ*{**~@$x}^?#vqe{n6{EL)UnzuU!HMO{|F=+ASr0A~B-s@7Ua4
z^XTQ{^ct#MpO$vM1`Zm8#y!7va^ffEgiW6J@c2-xoxf_1Y?<eXe^aY{V(o#60XkT-
z7+hM(Qh8qqe;UQ>f=BNLgskP*Y&9rhQC8mLpq2dLo=jzSTNsmTj$}ge)agcP^`W)M
znm-vh^`ui>jl3!7>)}-67<o9((BTqf)_HfyWoxXpmFuhRM_-WiiN>fV`N@sZ{pLD8
zoT%E=s}n8@bzEcMEKAh%LS@N1Lru7PU#X(gL^g;Fyfn6!c}sJwnsD?}@ftg+y|E*-
z{Lp+uP#|>oCGoN8;>hU<)y>foqcQ!?q0!KxjKrIxd$yASof^vxeX?<i)Jk6uH`903
z!Ik)9O5&9k`&;W09%GIj0dGd_f}*ofR<1^@Ut~I&WE}R|dIHykWt`9*mynM=jd25?
znwJhJ%&E!0JC+_j)o_Kw>iwYHJtA8Pqw9C`_zi12>#D1=N^nsXq(QYim5$V;W5wC}
z2K=e}hhMF33U-svqAF}LkhEu<bYPG7#9bZ&X^c64*H0bJ8+kM3C|H?wn$MiAkhRDJ
z7nU<PTnRIQoSf#YU0DG?S@T&-Vtic?kP7u)%ZNd9H=~Xubez4rH!-;a-*G+7gYv3%
z59JM++H3FjxUZfL`IS77thUlB9vd(kN;}x*WG)$Tp2|R9o`u0zl^zdez*)3Q;wBDW
zq6IJH=Ik`=Tv8mYW4cHlDLL-7g6){WK{8@OxT3gR{g}WeJ&1H!6MP-?SyHSHCwEB%
zXAJ6SBWtz_f*z&~o<demrZRmh`qCTR6~kv%c4`}2k3qSd@Qs~}9ItL-M|*fjEbr~b
zWbeD_Qe?}bAo4=9IjJ_()8~1MZ>oFR3XatcdA(f>9lZ;S#izQ)O#IiotSY^xP$sC}
zJHl%852=|^cpg)HiI>Hkvo@Ltw=)WkGFO8fv-E3k$!57;UdjDto8kI+v5kt8=LM~!
zdiYXNjN8fMC{ySHO7%>saQPewcmhsL-?w;7-%Z9_jb9|V*HJ=pTxeRs3Nwb}EkY%@
zWbfA=Bu0`~nD#-7G7>F^9b!gd)uwBSL)c}jgq7ru>i*?QMVeo+AcQK_xzM`$sL6zt
z;wUbk9DJ<m{K8w-X@P61rZ}I6zL}0G!=Jc<$J0(aiyYw=e(}VQDxPm&D)!Z?G2O}y
zh+nf)hkq>|e8Xef*B`)a`lRUahNI&)={5hJ@|ls;Cv1;wDL<IWaJ=MLfdvu-Iu5Z!
z8VUM93rAgfQ^v4g=fF@KHn+{bwPxbHiC<ctcocyP+whqzqwtZtJ*RI?*z@3<Zq(j=
z=Qaz*Bn!r)Ba0l;?uyUL^6>DWLskBQkrB<)YMzki4iLzY<``KL)||u(O4S#X#5J_e
z&aWVrSux}x)wrwTW9FRIrY7{px@E-eOve(^tI=YHuP_Z?QGP?mxQI%rs;(SMHn^zh
zve3_|OPmphB@R8V8Z-rI5B3b?v6r<D=-X9~E%()TD}xT3%`~-C!W>8fHFhK|kLweb
zoH7d={id)>`Cr4__8)JFmaYn2rQYuFiQT!>+TZO{vnF%<C`C2#V7tVsYeWeaT%!BM
zfJ-U{>*#1{Xu&%IhK<>dSwXmG%NNGZBt6oeMtuT@w|ADVC=FdBu<Z+VvK4f$Qco91
z<Euv>tj#*~tZ?(#xzfrf<s)bFNFg<Or37w&{7JaMAGLFihFaM2IA{lF_HK9Lee#;t
zlR>`)-K7VH`m9s&QQ{>n^;UsGwfxICPhy;FxVI1C#}lyGhP|=@*VmR=L49j$TsDu}
z`$tX4$Z|>>T=w%$t)UE=eZva6-BtOgRh7BMyI`JbTd-alg-PMas$k7Gj^VMBj^yg8
zh5qE}BGxR=>Z&RlQ?PNkH^D*5L_~NPuH#NGO|#{MPq^8w<vQ9vbI9=o=6&G@_lN?u
zX0vcx9@e69Rt2O6X$22G+)<4id4>s3%h*~VFrVDa;MJpDlRBWVi1^e$18d!BZ-qz_
z9v+vh%B~5gRdjLstP?&i)zn~~udedawROqXwTpTUF%(qlSC8xD5bpzLl9As|;lDNL
zUu(LXuv9Cj52IqX^x-D${9b6e_2J1f7HNVnX@bKn{?=?zLk=IdHFfF8n1(tuJaZc4
z&Bro7BfdQILP2z$#AQigf5X;*dniVJ*Ai1#mXy;QJQFsWY~@f~Xs5$upu;5mG4aMn
zEGHgg1tx=-&*4$S&uvz9oDM35k}Hqhg?FdSzy>;{TpJX*pq=oeLlddAsvLH6ddV{N
zRKlb6%_M3uGp=y1nfm4w-N8_<na|D+7R69#S(bq4ZPO{Dfc-tmqEx39o=AccXz!|L
z#zAq(ar5*-Tt>EBTxVEXB;K>r8?Ni0DoU4Bq(Or7lBqp!x4Ykc?C+5vr-jYA_7>XO
z+_bgnEw8AUz2GRH*h!}N{Fu-slG@hdCi3SV-TiI(VXqb5lM-GZtD}O&xrgm(4c!3~
zis?h4<qQ%aYCFWrdpx2P-}C$m4QwoSh$_myo04FD)jv#}j5X0wom=~E?X{I4(Ork%
zY_9{I#!PArw4Ia8m{*OlwJlbZC3F~yEXsVBuddF9b=79J13f6Q?n?1O>9JoyE6(wx
z{p_GE`Ej$4q#bU@#vnFOl{87D93cgjT=UE}4&2u6C*R4o<EKXKJ2Q2odai$CS(2x#
ztS~TgGKOL**-bRqRITDnHQ!mx;-8n~fa~=?<71z<9>pfz-3wi!TuC4`8r=ROe}9>i
zOg`dfQ1o^i_l-lJXY)mbNv5ewi3{((FT3}Zr7s4V9~icTYcN+_Z_Hb$)^fy3RNZM~
z^B&;#9%z5)9oi}q%<Vpa{P~a-qV-_1X}DZ(oLFH&fqEfXJwR*L*0`)DxzK{KHDhD?
zrDp);Es?;NFIY)xqLnElth{keEQ#m1MdC&~=a!6T<Gv_<pVpRL8LV=?c}lPORVD4?
zGUeDry)0vl<gzE3qkUe+j?kFV*8S82&CJ3#YjGcKw~6ng4e1vOjX1Yj=sTqz?gm6F
zw{TZe`_WjR4mvpMU3Jo%+jrD+$r6m!;O^()>*op13hCIjSPmdI`I;?5il!Z^(a%R&
zY3-t0+V2SW#9nIpxSH?6H@q5eMfF_<L&Q6#kT289w!MQ#%4`aKp?>@12=j3KQ+ngn
z;gM!~BRHAtG}N)%W7t}dCB{)Y*E#laTm9p<V?`{>plNbOYzyEApi%@l#MTB2WTH!K
zUm|myMXGDHQ0`s4Rg&T)PfGQf`fM43O6G63^siZr5_tnuil#h`IC*cShEZHG^d!j%
zJ4(~GFOGK+^M#>rMHASfaO`BqJRe#$AGqcx%sAg@RXvf0liA=?!w~w_!QQS=mw#G4
z?amIgVr?Nxjc`)lZ$i=4qVipQ<E_*f^mxJLq|4c;SgQS*qbvMU(DoN2uLdO;(8TSm
zb91;pcwW)(qi{635$h7(>_6qgO8yyLa&94me>tOyO|v^2$HFG=U3Jy7<s^ROj|fl^
zSba!QlS}CWV)XXC3x_^Ef341l1v37`Cx}%WF!wg5$R~y!8T#d<W9674u(zb6C9%|U
z5;R6&fZ%Xr;TTOW^hq2jK<uW6YF{_{oVjC2f32i5r)F&aV3a^iJfst{pntIc#!%5|
zbCaFIKD|w6NS{Q4nOR+I^xf(_JzddZOb+waEKR-)XiaG_^_b4+CXq{?hzE8(W}8n`
zn2l3%ws+)endu=XwNhG5Li3tj&}j5T`>^-ziV8)!2ji4%3j&$S+nrlHJ{E$$(rnC;
z-4)?Y3$)tdU*&z$7r-KDnt_d*;X)r}^)jm$Nm1_$aJ(l26R+@pF>;;S<5VWS+{|@2
zrxcVd-|9W*-@?XQ{{6!Mxc9?A<A(u35T4EP##HJP7v2m|kz<kQ{M7vN)Vz4XOQErP
zh~=^)Rh-3)l4|XSM;DrhDF-je84`O#h7{itV+L4-tfRtn%3I;BY~ot6qYW_XLkUx>
z{aq;GTBK`|AkLDiy28QH=vsY#b*@vsekqfCy+7+@?hM$qB8N9f|0-~^Jjpp))v-J7
zNK&vnJbY3WN}I~-Ow;HP$~_Nmn_l125B5lypd5ML2k#j>l!v|K_Ay(0*)^wF94IpI
zJ-fl$HSJ^5fg<rDVG;SLS>fSil?Z{lsA2g?OK`{HNgj9DD<{<is_sIXq02c$UX?ZX
zS^52Hw#6Z*lArG$kmywr2`+!fT~MBji{idGa^y}lAJo<Y0fEO?hPS%7he2lKIZaL$
zYG2dmsM`32l|SJZwl6u@L$V85vYr{rPj&TjGG=#hiEniksV^18uG|R}<31)i+b_im
zQ{tlxB0L1D0@`ndQ<V%@A65yNmDSbuakSrhTD=fw;S?w;F94Ax6ax`1W-pQw9tS2v
zhD!GhT}iXSu2IfxqET%u`#6P!7R=FsbA&kin!|EcW*Tea{Sx)k4q0oSrv5>`8?SjA
zY4*UHRZhu)S&atqf>p`zz!)`7rvsM0fP>ME@g=Id#-)=|d0F)Alj1@`k7fshvgAW7
ztEN_i7&)`aEXyquSQEtfrBR6}Z0I(`rHVb*0<up-$Y-HZ?u*|nqcB_7z3F&K<NC7b
zl+luBPoDgYT=<Tyfzs@ZJRDX~)fKw-wzhnR22mok`U~_Wm`dB2tDGH)rN~QCO7>Uh
z>@=bC3|C~r#nx|BgByS&+W^j(8i~_e$4eG{q`gqvnACvYi-wq*Ox>4mF`-`JF2BH=
zXxeDZl^%TjjEgtj=Fy-)(Lq<`RFJ=g>Br9)r8+vD#Lf?{-QL}xHo#VgjzacLtrKIa
z-}Lra*@ShVB=4h+V30}l<Y#->%+P|l4Tg%<z)I~Ha-U5?6xlUPxsK!^19V-ScO-ek
zE9QxW52j5o_ZGI5m6$ga!|T~{D4_QJ4<D*57nm;=dC8{ADD>8KFE~zWl^5DQ=ZB}n
z+7@zL8rldL>CMJ|qcs(!sQ7ZtWTM+Jge3X>tA4)rNM6$z?ZxeFPJu+b*wNX24Bo~#
zN9j0K`P4AN#->^=5pUhmkHZ=(ORAR^GkRKQr3FYLcjbi*3+G*3);9Ged5kChnr5=r
zW>>7CT*S+j!#07vFF#92FzK^cwJd1DL07Swv3>LsRuxdF&0AL^eajqu`h#P&Gj?<Z
z{n)mXxaEg<cjZ=6?#cG41VpvQ!PQKQMdM?$Or0yMt4{V75<5w2bOil^OM4V?50s-T
zvr+uGQf!nfG+vvuj5nF9wX?d%K-fx>7b3&87uM7imklg7IYkj0<FbK)#ArzyvxAcn
zF=&!Ac=@L27kv4u$yB<rDPjqi_Z5^Ol2e0$J7scDEmcXugsrRBq!^?egTY{$<XzGo
zXlN;p<8!-_xG<ba2}Rfny{3df>$bu2Nxa&IgTvPi=bRO<3Q<=@b;VMY=<Z9N8D9NY
z+agv42d)Y%k*rRTVIO=cY@JYOmUrfL?jO@UEo8Tis%`k9JKwq<e079Ga{RgSg9)>o
z)ec*}+G>^M46_^!nYKY5Z{@*QL$lHx@Pp9-c3|s_szo2B@w!)QX4Z>hwuFUWmRe#_
zZDzLU!P#110Qa^Q>=ZO6y7!hk_l8sI!hV`geldhAbBW8O?<QzJ9juq*3R1->4x;-C
z=gMbxy7HY9jAL_YRM2$!q+>MLGV(LIQ|gpD-Bf*i4_-#j483Er_YUM5RWNBg^H4fL
zPYM5SX9#gG34cH&V@8_n_mWqSV+^e_I}$NN-#OHE&x~k46BfW+Gs9NF(zpXp8(ERH
zC$O8q2~4VZyuB&h7-i;^?pEDsyGj*wk(dceJsfa2GqXelja?Z0R@gRMV$NCmOg3XI
z{?$#%lIP0G_`%sr=skhTIPA9bw<Yt?7v;q+Q&tw)jV3RFa!V#-coEBx2Z_Yitna<O
zL{zF$rc=&|t#wzc4$Czcqx0i;!ZpJSdi1&{u4S#nVo8Z<c6D?!eU9`y7%p{$a3?O=
z^YZO3&OQy^$QCHHljC~rB(plVx3o&$>Vd&DxpZi$8uRRAzt!48c{i_BpIq6+%)Dp&
z8TcY37(bvhq!bpV|C#~T{@N{N62>q_7#N4!NlGr!)E#}Wx5A&$T9#a$-DG+oB00|F
zh;LSrve9FXXKP$EnBnW_p$=|wwKhIDQPX5d9hHERM89Pxhe;T#MTb;YwDW&Lhuya^
z54?l@(ja0u5XXS0{f<}gP<Ek&893?9=@`!8O3<kfTx`pG5jtX=0p=jo&pcIN+FJ$l
zFN01kl?6!rA%_R)pXGD(k2XG6atQFNjaBDz(de6TbB%s2-=Lv0)-iMDKOLcO4UlQS
z!@kJl`Mm7f!&>Z2B{fGgem7|nF$=SY$fO|=GiVI}3L=-Q5%C<c7`4EQoRPP2yEdSp
z*bY<Itpsq40>3OZ+M(Ym=I(3P(d+zEmE+*rA_I%Mlggfp0;Ss3uKPl1l^olfQKNa*
zNAIS*>aJ3%u0fVW-ZvWG2x@moKb_gp--0??RE~a5)mX%5EEW|dY@JFJvF4GP(_eY`
z%`3O9!Fxi0k!Lj%U1;R)dQN6W)b_StCrxG$$J}1%P;P%#+YsL#2@{sP>r`6iVq=Yc
zUPbN3AqoD-#O=%5L&VMv-!bJ>dDN*Ect<7%8L3S8)ETr^E0bLfSSniWx2^GtHCuz~
zZmd0vc$gCB%2sBCSIpEX9P4Ss7)tKxvcGB2`gV>RW=t#|H}!C75Ve+{BznrZW)M|A
z$i}|79HKDCVRI@U_i0<S8LUPwa0`c=b9bg~FFS-xd{4jZsz>k*wUG;Y$)43gDm7oy
z3_5O0F0A-B$LJBAm>KZ)&LqS>qKi!$UqnT2K<oGPdKXc9i4?dZMjNJFGVBFd^IJL7
zogvVw9PDVG#QnMUB=9uVRSqvX{(X^=zIei6mewiC1hVXQZ0}Ac!O-jN_fnp?6g)qQ
zZwc^fnKK3Rs|6Iaj}Eug7}hj{q6VABhd&>xa`~o^6$i30Xp%{N*4%06qaDh#X&h_e
z7O3h`=BLig>{A_yu;9&=e_`9W)Zo&)FjyKC1II~yQ95_MhkW|}wEofCRN;67^@5tO
z_ldI#83sB=zYo*Trn9aDnUce%zYT5LT7j#;d(E@3)q{9Kn>5(M*vwT-Xui43RZK#g
zM?h}-@uqnZ`#YYb$p~V0^{erO<!8rb5||Lew`D9$zCI(BwhR&aIML5;EOT`U%a2za
zNNn`&?YhOeX8CmQ<AOMfbOXix9ie%$*@reuU|H0MF1K2a0<EeOBsr6Ks4cmMo-J@o
z^Vm9Rbg0L=n2cto=Oix*3)$M`Kr$XC?Cd5b$DO<t%L!(xfP4w+W4Ow-USzX(^1e?(
zjDS_m?z81Y9zWq?gBr(`oezOvT(ri#ej1~TXsTX9>hv)#ihI$|6jE}W1(tZxZsvGs
z#h8+M%E%}O7|2J$JNUs%P;$<29Kn+I<n%S$;o&1aC(T}*fZ=W?wkGhfx}DTa#n6}<
zD4B)1(A*6rB$Olnk-G{?O`1W{?KZQeTg1jPw-t`Dat?6SW|O16CN7~PnPHw3Rs6`^
z#`_9h3Q+Jrm`!>N5-~~5zmuA~FHn2OvLr?$ZRu5&K(6XuGA~*7<K3JbLCzqO5Iz+f
z7n6Pt7(739W!6tPXNzOu%lD=%4;GL;hq*KKP&PMo=e9|Ky5#D3H&<!kPzC?%=@e2X
z&_S|9r{Fc>hbFQQ9hl+V1A=nZT6K{c)Y^`9j=eT`^lH>KyobE#Q9hrZ;N-ZyDJY=o
zeI&g^atof-Mf)AYwqZt|<AfdOd0{EU@nt&q_V{hIGcV>p6{7-Pa9l@t@!4R~!&?v*
zOkKU$lQ1VQeh@Qe*mFwMkk$w#Wkfld(JU;r941UnYu%OQj~-T5$q*fcz>4fx79w0*
zD#T{)rQgnVq8LW?#LSX;X`?pXYS*$el*R#TH}`4Yro9AHKP=3-t2IG;sh2S8?i)q0
z?Tmc!rxX;$)e46zK{lIZIv1LnB2`%8RSCYNQK#OPEH4ZYv(qMSO`I@k95bD{(oe6(
zashc3w%**yBDlQFmUWA{IAFdtlcxH0=HSYGS-~t<+_4wOd;Z5V#rQ+E@U6<88scc%
z?}Uq6fvHh&%nHc*cCeWN|0T8MUXns51^4XLOYg;Wq~cgRAk%^>qC*<i;kwK9TAij<
zucDi7KOeCH<(^(i50!xR1urm5?HcbCN>(+xXb!Taj*>eS?e_WL#4$o4ql(n&kktws
zhr?<|%>gz3GRVM@L;2Y0PKHL_>A?={1m<Dk;zR>UjZ};oU4zrV)CKRZXB@1#ILsR{
zlQ$1N=}|PxU5m`wkT%14e&~Kxw{QshvEnIl>Ox}HvajKR5pA`MR30k{EW6EVCDSY4
zN^GpuR+1kox`<~Qof3q+G(qZ=VcRQg;;^{EhJiMxRDrar+b5-)?Wg_D6+Gh(bhaOB
zw;~>s?<cD_^i8eVZBUV=bWQOdO&MR<wKP!7-t2<Eb7Yh_?KRvmGI&UNa4^BWNM?{m
z=iDG`dsC>NIw~1VR28rb*~v1LP9z%9<p3ot*%4+u-AEAhwKIzC&XW{;h*}>hYNcA^
zx5~Ob?yt_<z7{tnHM$Sq6L-%wIK`_zcBh{o;$_<p+X_3lcI@i}JLEUusI&^4`M$lT
zbHI4vP&wTG*6M^--O1#AGS1y0oId!v%4uBYVQb@N&@u4#y}Jv$r~lCW_(WlhNLrH$
zw^2i_;-X$M3W#@UmVp><&6bD(|5}zMxr)Wrk1}*1Vi{htC%rgfdsUZ-apVo+Rg9AX
z!-!U#_JVi1X*6g#W=qWps<`>O89&9|B7VPa6?Gv;%jL)o@|bT^Wu#S`Iw*z5fh2M%
ztvg{+sor9h&Gy7U{91R|!IU5ESNcoE?>6Uk8rBW32kpKI%Hh~gfV5W#cBLinWwx73
z32#l<#7s5muRM4Y>(wz#awL@70GoYdI!C&FbB`PxI(j|LKzbo6PAZo|A}8^Ipu(dU
zR)VQ_(r8~P*cn4iGsIM7Qw^x4>Sd{^7g25cmQx5K0>>1T;c`~IJPX+6x+IXXcPFMT
zJnwG0xq3cbJ1R594UOhXFWKX741M%a+)&gJBm%7=;|`8{nt4ikc&l%h+E#ltF)GE$
zpUB`sd&QUU<~UakE@<X``A%8<Eo#%ns`iPh_wrcK=yAFLU4J+AwXSP#YGW41E~Hhz
zHIIE`97ppx_w{}XsTyjS%<&FG?SNUyb0srTUF|RpB5wHQntEf|+7;|JeDf82#75!p
zHLF+(NKhBn;()CfYH{a|J)?^3)eDMT*LG7e?5g%Qfb(8i`+l9SXu9JIDfoL0#i`}i
znU8%Iiz6K!4EPxth5D!7`Gi%6UmHj}=Dijfmxz4Rmok#&Ni=PIXfGBM0&o0MmezKM
zd!9HFnjY|kvYSHfVtXIXr7DK;KN#P^XzzMbJ!A@>D+mIy?F~DeeBWj=cs>JHCfv!h
z(8d`$IR(BZXZ)_eEaffUVG&`Rl5E`ugB78QTRz8<2?$~p@P%Hzc0g%@YB<#P*1N5E
zQ#Dx>WbN6REbP6J-=3H9t(&v0&rgbpli8{m!l-;3F434{@KD`q^mZH}=$!_s$S!xq
zEeA*Pfq^+(3HA@pQD2!KEZgO78DQ5e%24|$FFlhoh^~tpy&WH^=R9#*SWB7QlA6n{
z{9yV6^;!mGVLKQ+DE5AFW1%ssRWdfHPxD&VDMK8yyiEhsE63Lky))b<YJs&U?laux
zuVr?h*l|hK3f<;pOwyhbx=lmpq(c#q83Q)F0$H4fHW5HVHL{!O60=Sg)EI5uR!r(H
zq7ZgHLLSyHf6MY>UuL6EVgW*R?M_^&MlCFkc0D8qW^;2<#fK|GVN>Zikq?gJAxw9_
zQRJSi>=TQVX&!Rwn^IRC%O1h-qmDaKgKx?`G!3LCFpb>{=_eGbv3Tf_S{nQGP;?Ak
zUqhE~HLs#sIn=tRo=#mrPE2~<VQgYu=DJaJ;mJg7j{E-hxAD9FiI^n^8kP{%(puZ0
zlKhI<hq2OHc|$II4yz$5V^6YkPOdaoi|$z83M8^#4|%LcQfolZrJY{DNU$GkQ|=2~
z=o-vbmM5->rj$@&<(FZ3;#Fb}qcbwJGhPFgZebZrL_W{U&jfqbgqA{vmzN(oCv})Z
zJSc94yFCIvjlj+?40FqC&%>$%qRLe#>D&R)Jkf9l%bc!d-R{UU+TPr=${n4D3GwtW
zRxjImEe<<bs;eA7YKJvnHR@PWz|C-!EpOZrD!y^exp-d+lz1Yl6r{6?7cATPY3$3$
zx=oA0T#L+Vo5SM#Zf$4MT_(AhY-KaeG8gZ-1a_X*3cf-k!XpyfzBU{tCRdkZt8V}I
zT^}ht=Hprl+^HwN@_acUoVdM``yB#p&XytH#K$3*9yq95TPPC0O-7w6!>}hpIq)o(
zupq{)hN|5xT!-^8TqoO0uMboRu~KYCKkzBnaCMk<>lf6vJ~G2)u<D>0`8aZb@^~bE
z=-TeV1O8y+h(N{4DEkWMp>*uEd&a2aDXbbC!MtOHWY?KuiK4ZMt^@V?V!j3NcT4jd
zYn-vFifSGKx4tsS82Qf7alpp<LQd@U<8YtM+87JPQE;VeTHL0N^YB^|asH(@bZ-4+
zcxX*cu}bK#3awUFddF@jmv3D&C>*#&JOsZ6v-sMoXJg+FdGwIKCiKzSS##lgR_G(3
zgrFcxNGwo7=C@yIw0FWUKRa1%JynMK5guhbdBr8lgVIQL87jZd;F}$!_Mm@UP-;!X
z5m;)%C|eUdG@+wwS$OOU89B8umK$kEEzppeU;kXmuLc?-%8nX}`P}=(_~h;mjld2~
z+2kdJg%%W*7+*(vq3kAy1?(ioy0?j&p{z&Ed04H@U6lnhWLFf`&Ju^eDT{y*FtCgn
z_ykKZ8PwoPy5+GGo3?tfv9Xwr97<0%1FeQg8+0={`gvR<W2QKnO@*!{a@-s7>w&D>
z$Q|2~`5&De9K%<DuQk-3$R4jl?Z`RduRehyy;{Xfhd4M=<@z$}8g+Iz^B4Js7C+4y
z`C7uKJ65qD+UzVSh&bEzeCyj~{Ki!)Uu8A~UYrZ-f+q(nYu924@qa$H&Q@E_uZK`B
zdONeIUp<Moi9$t}EP{gf;4q2(4yn6jz)LL5&+92t+Hgv7{jqlDsZ>q}m4hrl^8T_t
zx8o~*<PR-7(@)^bQJO&(W5<q>#J3mI^&3hsB0fvX1Y{mp$pkPyhxi9+2vrY-aTlO)
z7mT}OAnMLzFH;9SA2&myaK1)15+^4^6V9P8{U)u<^h``otSEC-45omE$WH)XeJYN3
zck#YLkW$*|^yNjA>ynMMqe0#XYt!QD=ZZeO#%Ll~JH)0*GNo5aV;gr@XwgD)O~1GO
zqME;%VLZe$HTEL|Jwg0CH~rH2)L27ILdNZqo|X*i8x66aKLzRe=3sXXXN>NwkB}aP
z(b9YQO<9&KUI}{oLh+8Xri5^;%~cea5XQEL2Op#=A76yd>&97{uyg2wv`g?A>7~AH
zXjspLq@YJ~Y#s_iZ9h3Qrn|ygDHoFmaE-3rX^+l_6HV=JghhO@hHSTkolOsfMUA8|
zm$JNF28;O|ICY)koL#J%?JJVkCvqFiEslJ9ePSM_lY>s{V5J)`p_+S9_E{`J{IBhL
z(_?REr%EY}<fjHD8gTP^6OuX}@{_z_)F3Hz<gnPYAAA^5QfH+IS)1FV<=x!6P#tgb
zp=I79wVg7~CYgX(Q6(R$l^og_cfUIp?Kbdbg_CwZdQMM!(YMXH@xTFcMsZoatlvzu
zx!=s=i@Ep^*QK>4t`fhMnc0l(mPIW*DRhf{0_6KfbJ6)071w&6+D$sx5ck}JiD>@b
zr6i`CL4hg3{L#!UF)b=<G4wlN$<$K$7JgzY^PZ1H4E)MptYd9@@P>Dj*{pg#4!AsZ
zdJ(=m^70<U*0euW&|$fLc4`DC9G|JWl8Fnla-13zUS%ih(z$NDb9nb^AOB-z9{i<P
z6o|UbozTxRQaP;A<E+f?M(^3OR`i!bqY7eG@57&A=Qz0|&$)*Q%1g1_21>iH9ElB9
z{8D!JoKy1*=7aZQ-zocM^(%KKT>b7ZEpDgKUZHh)^{{Jy@(QuHqH5qAllN-L>gq03
zbFIQvY*|!%S=5~9YDg&Ffv6EiicI@DOSJmyo@Y5?wZp4w&GaLV?m_*b<E+?7qUO<k
zD)#rV^422(u1O`C1^DEi?VYgpug0P*iwZ=AZ8MtInMLD)RrX)Al~QG&O2*CEdQ%hf
z%z<Yo60J=1ZT(GS7o&n&t!{vJV+BwhY-cSfs#m)p6;2Jda-+*7K^HQv7Uo*Wp03rC
zlQ+?(@*g=UY8>rN)i>)ZCiAAPLPtnG_=F$u%b!{+j*{mz`<x!m%+Bhc3cGj`#4&<$
zN(H%Kc$z1Ia4MYLxF*oSGq+U{3FpSsb+nj@`lT{;sH%hSO`-$;MlRCukM=qx0+eOJ
z0~K3Y#<*C!=FDX-H7Y1w<0a)IV<-Fh8f<w2A_`UtrH4bAOS?UpLv!rbQm<cQ-_r$y
zmUGAl!DAf4-Q(HtXP*PAZ*`M?nnd%(yp;xG@_%3U#!Z)BK*-Uo?14HLGh;37oSm)Y
zYm?zFc5&FC`sz`$gblYZ<vm8NH)o&nd{f4}#m#n;c|OO7-7lq$=(|RHKh4dOsJr`=
zQx@!17R6y{iDc@d<S~TD`H$na6{}wK^GD08`xA<JjMVHwY`TKBbIF!0_v3MHT)i5p
z8{4uM3FB`rYzqP|XuO)tg08(&ngSzL(6MDtVd&ec%aZ<f<~o%g_){^yz8gc$@s(I5
zn7V}<S&qDw#@$kGEE(+1_{$|d<RlxS`M@d}#0wAYHD+U-N;a0@9UJQ-n|kOw^_t~@
z#RJ#PS*`~so2jV_nS25jTgAb?TD3S6V-5#P5D?QzuBI1p4{S9z*s3!He8`T@{i*Xc
z40>!3^Tq$L+PYfn(pDn$_|S59!M3!VfKUlMH9oC(m6|CrE86#a^UT+(O8RUs+}=c}
zRq@cR&ufRzL;3jlVB1Gu2o#~_=9{d@_kc$q+9NB0f5uT9wLuvdd$Js{$a%W@>gyVr
zy9UngWY962!Gla=r`E_)iO9}u%)VjIJ$TRTK}yawFzo0lyhYofC~#sy*4!tkwNuJ9
zs?64P!;{~!vV;rx0=<Lpck2j!xye`?$@@S8S;VEQrsKc&dE%f6XBy(g0^eQ}RPP({
zXXjv*<)g8t;+Bv_U#YMuwy4TpB8rN^zt!U=r*|_ML{z<El1WuHtW+bkEN&i2b@t9*
zTwelatuGF9b`)TlD({e5)ubxfS0EMA+>WZAmuHPk=z7Mq|Jv0={r<FlW7u9)3emIg
z*07d63Be^38lb{hl?+H1f??oJ)y{BC`K-D^jOgn#<DN7jp=>M^My2Xy6FN?M_NzJU
z(edm7=D217D>FHZYYgp>;U)tDZVC+K5#AQ1km@N98`V?(D$0o1a>`Mke&~K`c`Vfq
z8q6sxrDG?SL@yn~-kjImPf#y9jD4zE;xr`AMg<RmgJ-uW>3~or_pKdGz^wAz%*yPh
zzS-BH;6RdSYtI5pDk@S_`myrCZrK3F+zd_AGONrit%+NzPD`HpWmW7<GoIwsq@Sk|
zpBQMaWQho4x8m9d;C-&6K^J{jV7(p)zPh$2tjuE_eyke8frJdJCCh1tv|?eEL(~&5
z@gB{CrmmX9Rg%gzY`vL|Dl?EwFS114VP4JRn^UWRE&N`W9QA%Q{uSeBEMV9|SbQms
zF|x|vDp2OSRc;M!G!8+#|6D}+Wk|9Zms92A@7=wg?<Y*}hyrZ@2~sQbt3tDB^99=3
zb4wM;flmaCjD^0fS0st`T^dWsI!l#r`s&Ko3!5Fkm->Z!s#V@YJe;-VoI8HJj6JKG
ziBD-*MBP6o(5ur<K_7otqhC+VQlrg)K2uIa!t=hBwi6;p=<*vKbu6r#VloP%o?o=e
z@sWW<)mJEoB~SLAdt^Nwp`RiRT{y<`pU5yX7dA;ThSF;MeqxqXnNr*%<#IWEd%uFS
zk1X6i$!nYEe|_^S7WrStb-XU>%^;cpWW~D7mWiCZFXStO7ji>yLC3469^-OT6Qa3|
zGzg_3N?v<C@3)%myufj7Qa}x&`K1Oq_e+g-@uMnXG%N+o5Hz<Mql-VIZsg|EbLm%v
zd^j$`$takW@YiYlz~_v{U(ciZW%PC$)jI0^tvr=C1)GTG%r%NAd4_dh_|vs*p#RZ9
ziQ$nlviS*j#!Y)*&R1F|1m*rSWk)#%dykLl+2|CtyzY1uuatz(4!wXf;q|=0bIShN
zK^aouS~jbVKoilN!SI9=Koc1Lf<eX$xoQQm3TS?<+8GCizgMjwSIJ)jRsqe~Dxul-
z4ADKM&|lUc*pFQnoz<-p`o5sXOuj_$oB41I#1L21|6_a-jab|w0Z5v)m;><dyYyX8
zEIOi}w5KH!P+*n58*=OZV-cA!fzjPJXJFj+k&^d4mq{Gh<i;ew^db76f;g~4LJ`f6
z1Rlt`?SmNpOg2QnrSbOFrY1ylMjUSwg@9UM_$$W|ec&eR*-{U~$+C$5m18~J&cN_z
z?zm)F0D0@2<r<%bY<^~<ydYxuYZcIcC7>V}f(B(pEdAeCNh<(LrO&DgkpCIvh~Y0F
zfIcgECOHiqqB*N4*9){1;FMn$e;Ln;=-<?WU)Cc)G`}KwfC~(NMv@58msQ0V^6tU8
zFZ3<%zzvyX04@G?8D?6;2G{-6RPu{GbfdrOjU2r8xD8CNuXOS&?x;Zj`z3mCd=|1f
zbF@W2R1h)z3CCri|LS6xptJ&_`Q>O6Ib!(JQA8g}4B#tGfOSW|tUJQh+CS$6(8mO%
z1sI6tSH7K~0mGm9hK2a;D}ZIn$mVCh(SlL_$?|Xi2g~ogn#kG|emjHnlV5s>K7HNh
z)h1d*^NU~ml)&&OzgQ7{1i!GF$$@&W4Y+~$QYJvd|6v*E1kJ19DIqI>-H-BI0jxY1
zb43594kG4==3LBy;jfq@`k46#09=UX7hK0^!0;DbK>sY)7JU$f=lECQ`PXG$fK(aT
z{6saw)f1TeS;f2&zb%B|JhJ&se8li4AD$r6gF*q|1ETrGhYWJW@FyP-{etTN=Q9z_
z58|_0v1A@~R*GZamaV(Nc3=Df?B$2+yeZ<Kb#{AkI*HT?T@|(&ajzGN*V|})*qIWq
z>pb>+pf4KnG9~#gi>K1fPT~-uw_dmsFVXVZzlN|8+zk-o&V1Na=`Zva_*^OCfwt(U
zuy=LWbv``>Nn=pl6lE8osC$Vn+a~vx9b+QPQe=x2m=%xEN%4H3r$USO<gFfl)#C@A
zO5C0IysnE;i}T1*bkTSgHc_`W(|9U9(th^|FD1k<{RI|9n9Me6@^u}GXTdjw=#!a$
z8ku@#q}Mqk70!$#Kp0u{%gD+zBX6EJ@)^=d6{L}vzl;<^8mV^PNJ6BM_DCa{ei_Mx
zH1f@PBel<re2y@({+E%BXGVITGcxSVNFpSXwFo4yJ$c=h*%qM|^Z4D*M}HK08?tZ>
zgW{=*A)e6NBK@XM7$2TfL@UOyl=FJrV5t{Jmu)JNyVu|=#{7a#;$?IhiU%?#lkB-D
zx|Zmu4|IOwca&~{{@fG@iDVDp#Cu@<8PZ##%v9l8@9+Lb#S*<?8V{>W6!3tt=FSh8
z>1ra>+<)7J_vG9CTft`!MJxaDP$BNWAL@_ar~F<aGKt$F=E?&D+NZbc4K-rwr+G17
z{^H&(YQ~g1+3X?~lR6kL5iEHJtJHb-z5Yhh+h1Tws<Av)G5k1LM}VIcoqpZ$Mydk=
zelQ)?3tZWj5awiYv1gMV^=C5x2x#Rx?mvi`tD|FCkMaYA2e5lrJdDYy`UKwhA|uFr
ztG9B{r@k2H_oEheJ^wA<hk0c?Zol#Ne&2l8$OCv1eZmV2ituOeEmMS&WYFe9pV2e=
z-FYU?BKtLjm4U#QV!Gh%VEhfCYPNbjQ36^|wVRKBM(}2S8NK_T8gBxM0I;rGDx)C5
z@-o*@uA3}CI|r5!qn{F>1OP+mn;z~N7+)RqaQ&L^{suz_Kp=sW#_K&D)jL2N0007d
zKwEv?<U90p+Ng6P&Y%Zoe?b4v7Xb1%9xVSBdcX6~>qG;N6m{LJ_XTV~a!PWm=`O;T
z-<;yMs7EnO7I}xSD2{|mJ9-(2VAOdvFQZKW=(5?-Erfm)AnsN=zka~kU&(+sRR_c>
zl<I+`+TkN4juw%Mhk51aBh%oENphA6U)+9X!WV5Tx640B08|oxd_|TsQW9K7A_I_;
zpmvrP^*l0+@@L4ryz&#7mtL*O7=IuW^ax2xINDEA!qK9ZaL>gdx{S;Xi3~9N1DQo!
z&OXXNkm0|CL<X2ek|=t%htecR_#BBWCLK`_*+>n{BD0aZHB-1>E$GpCU;rbKzyu+I
z@wTu8)R3H4BVu8BW=$QsVe3z1$R^DBFP%pQumYK`!0eB7<^MY2h;kkoKq)d^f!QCN
zarCSO9)CVv{|z!e|BMXwKO^&pOTPaW8SeiTndbmyg3JLVey3i8FJKz7c#{31%s&Cs
z@I3}lQ+{4e{r4GUoUT(RaUgdRppZFwHvcm+;s1;b<3A&#c0Snu9+|TL12TWO^zV_e
z{AbDlNc<CJ{&!$*QG+!2zfPT3bAvi)3HP0+%@uwG13&#rmWTiBxcxsnzW#rpgvCEQ
z{)ff45E=U~xzhO0i~t<{rz%4B&x|++j9z4tmU(B*RKn%1NMvH8*2XDXub0oi`H==8
zhIsCXQiXE)M{#gx$t@VS(!2PhI3V}V=Bw`jHTxHk8m{PS?0=cty!a!|vMC}MsC{V8
zq6=fJKZ3(N+k@tugZs0RA#I@eGADH5hYf%R<nX)(gF^v>!xzRW$X(vwVW7HwK;XPQ
zbsJ%VXb`f1xw9}O@A4!I|EPma>>@Sel_PVNq`!P%0`2mE{*X@(&rOs3mh<fL@cbdi
z8lJ;CC%?SQbNPRgU-Q6iY5sD#?aPNB8y%~J5HnCdJ+*$)lX+He{G!45&sct<dT=Y+
zjqam+4G}l8c49PCVm%zkA~_E-+xi>4*;4Ue5D?ja0al+KmyjSEAXWbV$Po~t2L6Qb
zG7k4&E+S0&4bgv74nWw}{N>3%KuGaV5KjLM;rqWJ{Ps752$km`{Ey{-L-;pK9s(wv
zhw#5AzviyZpszRH+B~hr{Nv!M7b)pcQ`BXB8!P2(C&FmR!m4y2x^kJ#{Op*|D)Ew;
z`EuVq<jh&FDHGWPw;oje@w3A#B3rdkbAY4<W{_u>TZOFavwAnMTE2WjUfvMt_618V
z7&(Ki#>_}NXl_Ngu^}%eA%-8_-H6Hn)&n!hlZ#eM)0e1l8Q|Fl$a@K*tN=zKtua8J
z=xQQD-ME+%foHcNZ>LDg>yIO?X*;9r#I6bn%p~Q<c|$z7don`b_#<)-;Y#=9<J@|d
zaQ)v^fg!NGh$<a1hkOJB*^UYczWyHym=OwqIfR1#$=S*NNh*W--+BAF{sWNLH-&$k
zOmD6QL{p_!|CXoM^T6fr6>|e~2&~fTvo-vzT>X9(*N-aETdKiboj>!sd(t+yp2zpu
zIUCzVvc8MZ|0s>cWiVrlHo4!0<)xohijif?yB{||hSeRFXqe2;GZzAb=s;TFDZtzr
z1{#3=xu@s#^Q3;~q5i4go@tK#zbG#$>uKg;Xyf_qfRG<0aJFX%{OQ2xUvj{~w)7W9
z7QpWyx#YKNDd}e=`G<#ADj|2P^?t=*Ci>=F^dB*pE8?De`u`)B17Zm1Jd2?dPij36
z_3zS)Fb?6<+2t{<{=X~Ft6$M*Gqh^+{Y4@?6%yd4@Y>?X@zQAHFF6o?E6HaFAbpXE
zqEZ=dH5hGm_g7U&0`P*R+}L1%ogD&-0TvYf3kzERV99?jzY8S8+|#p61EOqto&^Zw
z5I&t_!GBTi&9J&{Dd}^bMIDpCNgu(*v-2Z@Wq-(lJhDRM5%4=_c~lh*n~28$y+I@R
zft~yo^ywT6YX4>l>7Ok5kL3g+0MDqAM+8Ka7tGJG0BIb;=CjiN-<F$Ll!jYXoM#cD
z3>qT1cy^0Ku<Q>xf@QKF5J28V*8H1mGtrEHC#v;>XU@&%SfKtlOBO8uV99?h|GSoi
zpJxHWIE2mTSnywzYx_9?ESfscq9ShKLJx59><H35`L`UwvUdm|@sVe3M51m3rR~ph
zF8p9p^~VN}WP!!sED8FPCI7MfuUg`Go(0HS0{C=}1^-3)HPvB&MFQtp^e<cTUvfkh
z`n#OB|DC8VqPV}VD~MVU_cu!p{$$C2EdRTfAR>D9N)|Z!Afk-$=^P9Gi}L=-$4qlr
z=UIf<j=SywT>QNq{2@nFq13<1`Q^V8l}P&CUf4Mnp#IGgw(&n$@*m6pt|b@Gvj7og
zgw5wR{r{r8_9l)KkHNR|ECROUP%40nzqf-w<%mPWU*((#C~dzsbwoLDd;hZT_sOs-
znr-@TmQeh`lK))(S1rN%d(%hQe4YjWB!@VQyk3_jGEE78;YDFKD~B4DPuRE|e^OdW
zB=S6p#VLx#f-RMG(7$KM-z$nI)RrxmOdw>2Vw8ka@YrT+A@6kNU{-omb2wbF2laSu
zECTLQ2DjZQg)G&=Pi(EWnomxqX3fj0UBDabaVwY}Yr(c*TRpjPW=(#zadtC7nxUs<
z5GHc6j9uVATeAaKL7@Uiz<=~6pJ#Vk=2&>Rky$~Mn_=owF>tgEhaQtumhl{|PaaSB
zfDd_&W^;2xj^Of;PGw@8?FNbdJw;95A=mq^(DYp3E53YXFEURVhj<!c5G6rB5wi=5
zYtx#p60ZB8xFOUqseo|-Svt=#YSS4j$2p;+%?XyH(Mc;Pr2NYonLx80&e0mo>`}xh
z<Usqb`SM{Sh#V#EaAiez`tslj57fok@*Ai*DvAroBQbxmXV-4#cs4JWH(^sy(9|rD
zqQKE<U*1)5)Rkku)l15pY##-3ioT>M2=2YwALRT7cKQbRYS^%v`q*#?<p0%m)lpGx
z|921&L1Lu4LmFw2ZfTURK|&M>=^RR=C8ZxRNC<<}(2Wcs4N^lYJn0S@hL|7v*7x~+
z{NDH8weDT_kG*f4&)w&&v(DOk1Vy`*IO2)}vJGlLwzjmlHC+wr2<Gm;r9V^1^`0=E
zI(0oK9q2tBm-=F<4IXSSLktCth1klR@_)KGWH_;>lWfOYLJN8qxaJ;7b#=x4kU$|o
z&vMPMM!?SZ#wmhw++&21ZLcmjvA8eV(rJ9?ZAXAUTOhyCvm(i=!BUdJl<Ot$^RGKZ
zWY4i)O|4RZ+!DZs4|$+p%EW#!H}sVTk-|pm&4)#X-P*ppH68G*nFVF}-w_}21<ari
z_bXcVVv-rq<?1FNmt7oxLn7&gC4PFDZ8S1|XsEb)VPt1=?|e6#p`v-B;k0;2wu$HT
z8HlZYj~}XiN-+|*jpECaG}^6`T*;cKD3dvDLb=!xQOsQy&nePGGM(VmKGR!rh*&wl
zv}i%E)Ge;961h0<$<Qqt%Fnd$pD-k!pI?H}@mX0}mkbpyqV??}3!w9C=W+(ZUO<NI
z<xEXaSI~L=H2N7BbQxc~V&etcZ*buV@<DD?cuy9$F3h*Lm$yx5`5J(WyS*ogwy#%1
z<DBeuU6r31iTtqKC5pIIJweO7%d+qVq1!jt8)x^3Q0Nv1v5Ru4fTrdT%f^fJnM4-{
z(B{j_Z-MUM56mqk!y=0oXqe++FVQ6Qs<Fb-i)6{dsJDqs60#;{gt@79S#|9eSn}fH
z7=6QP_!GHdXD1c_V0mpY{Xcvf1%LVtrx=g9K}CU=WZ}cdALZ{n>Ug`80e8-voA;7@
z^hJh*XHGcSoN2iLw3LFC{^u<(OZ;0qh)IcN?r#YBzBPy5MmNitma^4d?UGB15$HG_
zf6}JHwlA)Wr~-LZC}iGm((=&ODK>h(>&}A;wd!$;!9kd8L2|SRTAC9%4<6MKXd$lc
zhb46ll=4L@wOJgQ)2^29)e-H&cC<5a7Om@a>MlZ{z0#B&qc0OEV4jBi)%{8vYHb<K
zMptRgGsfvuL3S6qC%bg5EgVcaCttVxcA4qeMtn<!m2Ra`wEgKzs7A?rHXUkxx~^~b
zW6ump({(58^qqbH=V3dnc6Ml?&vPmud7`n2BEoF3EQ-2A|Id^&PeQNic=NR=qfK_$
zU7aoUsC@ZQ*TfWeicroZBlk&p6ClYaF1^pz?A@J-ev)!qS=?Hju}@|4o)s2d%0KeS
z4uP0T?NjgxoroThc5K*N&Zb-D3K~R}LNU6&<96BQBMtkQa-k$ervY7T{7-h}REkD?
z4LKDXk9^QhfZa8cSKQoj?*&tiFwV0`egqwQ7)6^q3dtzJ`8fvL*}m6>&(l}8O2>fJ
zD!5V*mK^)Q{)#oeuR{o13GcjgF~k;NbRk2dO2DA?jIihR#P%VH_nE|P<O)$3F}20!
zOG?-P1gl$=J%}_kDY6?N4~9pETgxy%8&vby=pe|CMBq{qoEgV;pL$}ivK~Gf{c5!n
z35QEYvpCWMLs?*v3AcUvIvoZ>oLk9`Ei-8O>M~|0bv(Q6xYWBfJQJfoHKQt0=aVn6
zsmF9Ir1gu?eys<(Ph)+-VWy8C?lyp8S`+#|LkuB3lETmRY9EjCro5`F)LCyFqJ7R<
zL>BWlSzNUA{eo_Iyhg=|LaGddvv4j3yC_A#6kY^1+sc(DbtTE;*ZSmw%o7ULpM{%g
zVv^HHsOUYY=wt1DNW*4&XvaG7i8RAiSCp8@t4qG7ku1KDV_uPF59cK97R?Mcjice>
z>@*A;jW@|1w?qlSfPG%12*JE>y5jXK-(nrK_0$e<`0I+~thss3wK7=3wFGrPg^nuG
zsvK8Ge6$bLzNiXDKVpY-WFu`u18MU<|4@lV9*BoNr6PZ$7*tu$)7t{#kKg>b8{t76
ze;zwayVVqlJtHG#ql;6ILd-g)$arbxCU~pcgb&>fy>;<uqw{>NfMMmUiKd#4*+#_%
z?wOT8?0Z;#@Cgg;QtY}9UqX1vhZ2L?$Z;nnr;lD*I4CBnvN2A6_^1w;0Z~3T^}I_m
zY<I;w=~Lj0=6-x@*LFk#jY@@p1LNFq`Nn8lXgUEZxU4$5jb;CRyt~(Fb5-H)WEi|G
zIURv{Cv$X$k3m~7&?l$I(YpDLmiL>J@%^%{?j7+N?-oU|DhRQoh^X-Cz-({d-n`Cs
zWfz&(1320^fFT~fha@t)O8W-yp{#mFrWX(m^<LMDkg3`U^{c7Cnmn1BW5$gg5>X;(
z&TAji)8ts_%|4GBeyTprbyyX~n?8NcIsqDKXLHL+Nl88;u*$#7s6AVu=UxF{oR^o7
z!WCa6+j)+&^uv7f-u7!6CVesSz|?7f)joW}!l)~}jAqpQ{bWr9|HLl;n{M<!?P(1Y
z*7et~W$(TK06_4UJ*~TkucMv&FK=}-v-oSRyW);KrN0B@GaxRZ;oMA|eb2IExXF#H
zZ9Qp)H!LdA-q!YNfL*cNcEgKghtEgq2rNVoszm4wdtpge+_Rn)Wq%|yH62?hOQX_e
z{9b&peUy~Vyt=@IRxmK@W31GWF6DOxPWEuS%<_8?;$s}|ZAnI~Q(xX~dNgA!<~fue
zn<`uqb33kF-RHZ2%Ir(E9+WVvPtH?=hp`V3C2kt2Joh0PJ>qom6Fa>tMFUFG`p}n8
zxqEPjY)c?k&KN@R5T^-?xMVW<h2^E~Z6Q;=g3E&whZ+*ET6@wJ3AQl_fJ^?yqFjLG
zOv6yjkD><PN~u@l{lIDA(e5^hbH+dlla5MCyg<Qrad{vzZY@1WsK$J2_QJTVi)W3+
z7_%CxyNGXB$IhzdrvB-oqkMs0H4A6ln|In%`U@=L>XP_-!@V<(wUY--lcV(OrB;IK
ziaoligUGj!lL{lMmr-_UZb6174K&7zmjMLyT(r2Ollr&W&4zkWnt?@6?1~}&FoWbE
z{WVTj@u*R9Wt#=h-M7y&byh3=Yg$Rc09_$_-W*tt7?5FvXj@fppB~%Rf{+!x?<`Vm
z5>{PmW8!BbOm(luRzbE4TH9hJoFe}20d)-YP6T&mSm|1dga4-6kk}N$v>ZV`)Z$+a
zH+n$osgWmSU~AXCp-Es_%N$e`T}mKsYQE3N2V@%gw46J@l_Xl<Y~kRLff7l=<qQ{e
z{roXzpQ5l|)77TK^fk1G+Su?3l+re9B87#3fv3G2m!v3p*{DB9RLU!=1?{g$h01}j
zE%u-9916S8h%yv$A}$s7xuO!y*K^~=sooUk)D=-(b&kRRU?J9>w$$s{SC~ICAFB<j
z768ke8DhU|-WFLpE%wm>M9@{j{DyXihqfk2BcuzF`}k7IA09*^=<uxxj<oAn7o3Ou
z>C(NMv*j*^dz0&SE5DNIdP!ouzVe<;_3WJ_#qlnhsiyRmqa5gId#-YTQZ<p1P?I`}
zP4G@6r;C{1K(j6;Ysx%=#bjJ8zE)Tn>)j(!MR=mL4;NNH2x6Zv%%)Z1FK%%j^y{|u
zzIXim`F<TEbrzSu8J9r``;U}fl$fir8a4N)v)d%$$$ns@;mWi{v|wm*`=*LB*O_Wc
zn``c-vK1^)!f48a<Nfow864sq)lap4ukq(Y@x)>cg-jaH^y_l&mtoeold)k8E0=f^
zK<OR}-MQ7vfPVpTIuF@E6Wy0$pUUM$jhP<1smd-iCO^a}W;ucMej7s^*u=wPcj%z=
zR%`oVJ6<+0#4#bgSLgQoX5Y2421Wx}W3j70v}EWm_awLik7}jwu3_!SrtNFfLhKrt
zwhM{lPEaUs(r;Rh2DNQ597Xwt;L9xWQNBf`qyPzH*LSkK&S!mNlnR5(EFz216V05#
zcP1Vy$gzeolB;1(JoaOpQav7sxO}XT00}bxv&&SbtnfH4y6Et(HHK*m15WUOywzO!
z-SB!J-_772(pbn=G(!htpYD3F@vWWlzIs+UjoCl?2r5&|zTEa`WK)(;Gh^mglEZ(a
z4Fuo<ta0fo^*UmSSphtW4#BBTF<!T+LKj+;NwM<OSUD3~%kN_MlY#PDJG5=*<N=Xk
zz`Un(d1@Xr<oDDRff&klerv-%Lb+7mrR*orGy-QgqB`nTx1u|)rI7qOs^jkU8RTZ?
z=+4jg^O&8a;e6`>zFY;d9Z0hTe(OQmOr>Jv-G->O_Zjd+8~E{$w=*4#&+loVb8>hq
zh=lXJXx--u9eV`e<_JTPkAUizoK`um`Nmu#8gjf4;e^qX86eN<5nCT`m-AG;ru)UC
zW4y$zCifaUZ#>cy3}ks%CX2eFDZ({aNCQ1IKY}-rnO#w~eNim3Uo?1h!kCb+s{D%Q
zII%!8#_L^$OwK}E!BL@&b&b!`I{Ikz1F7^`d$vGf)cCYAF1t(R8TLQ5pF$tUt>8M7
zgaZ=*Ao@%De_E4UySTjkss3-1Twcxz0DIb_Ic|Y#B@gPn2&$geI1<D<m9hDn*ly9%
zjWMufZ`I@mCehgwzNs=Acjvg=-Ay#i_B<b-1-p&*BMS#ISRGPdTz3|k=NfatxQ(-t
zL!4^$8cr5A*xq#xB9!W|vkNZIJaLGKrS%Fz?wldjh4$4qHoyy!JYm(Y=*bxbf118w
z2T?hbeLV5yk94a?re({|UXPx&Q{-#rjM+rtZLry2T4HDjQ%@lAnC;zDeO@&CZ|zS~
zFK<HJ3`_pt4Ts;ReR{%v0i*%{S-8g%!At$L`HxnREe6t!ui4T`FJaKcO9<@~y@0vP
ziVZK`@=5SHdzhI9Bhs5%mpXZa67^L^;zL&ROshe9_Zl8*?++pB<Y8OQxXuM65B+p{
zMIN+*>xoNS6?9xPftE2(1@X$FbeyA@zD-%@Y2(tAo9-uXA!N(#6`$B}+;R|RT-L~e
zvYc<^#kK`VzU|f6#neV132j=xhA1(0z=vaEz9>=bJp(<P9zgijHK1D5IgXb#-}GY`
zb%V%KS*n~<ng|Yy&zu{@8zrtjEED~+L7|pzd^Oh%`S!YUssC!wzl!(2oAp;AcPDA#
zy%qqfR1muXRGl{RKR})5$@zgE7oG61!FQWG+)cWW80P}$zE<Bky=D@JLw7dahaK9e
zvGtJ02*KuufD~S8<q%KtL9yBsl>=HZrgloJ18`ZOC1gp+Hg!8AKb`hUp~iC|1zGuh
z;A;n{W52Ggm^`uY{yUe1C%Eqyd$0!XVGEf=x2PA6K-KV&^?CsU(IdjlIl|*buvJC$
z_rbuNrDel*xTlZ#fM;TG*WQ54Ki{?R8;vo;b@5tV4_<yo!<Z?$ID6PRdw}$PU)i}^
z{4C&Z{Q>PR0pLYS-!zxkMhK>ZAH*Dj6WGC;)e{Xmbk;zfIue`W>YJ7_x<--hZ4dhN
z9v+?mF<`?c@o%0-F28<kEc#WrAK2+$Ncj21@=}d~UfRdSP}9M+(^CALjwjmE5yrgJ
zx?9<W+a)Vb!krY%A<Bu;aUGUWprp!6buDuve-QY|XIU~<Z$e5(O*j>%QqizFejx){
z+*^Kswa@wqP9FL8JCsF|&;&wqUCUMR6~T#GP6*!jVb>UVx}4DrAOYsanr)HDPA?d{
z)cpDO?aY{H{DlHw;uDQm&5I9G+aAViVnq$6DCV$c_#fgzbXr0;>zAdzohHmOk?3~`
zf(JqFG6zczwg<T?iwe)ts86R*k6C0ghKLjo^tyI1ZjoaC@06wMkNRs1{ux{J|1y_u
zqHhKq{e=Ypf-$=O8~vZSqnq%XNk6~gXV<s?m)xJ51UGXQ{w4@%x$}$QUsD%uvfP{n
z_|0N#`mZd%<^*oC+#FQ@&4OVD`o;2lh<y`!v-9~4b+-LSS9BA2Q_Oz@jqLt@^8ZNt
xP4G?O_zk{q{|o#-WaK8#&7bl&59#xN{Y7;(u&?8t006w}J?vVwY+wAm`akGA6SM#T

literal 0
HcmV?d00001

diff --git a/spreadsheet/macrofree/azure_storage_checklist.pt.xlsx b/spreadsheet/macrofree/azure_storage_checklist.pt.xlsx
new file mode 100644
index 0000000000000000000000000000000000000000..6b35df13f5b835a137a01e7e7d5f26c63dc4a08e
GIT binary patch
literal 26768
zcmdSBXIN8f*EOo5pn`ycBGNW0ARR>M1Vshuy*B{?=|X_e5-cFnReD$Hz4sE8rj$hK
z5JHvS2_Ym9I0;yA?|q)<JLi4>eAgvQv(~-tIp&ySmbK!Anj*<@+9OAfoIDcyoI+o=
zRr!7t;ZrB!hnn#7(8)s0#pyAS-|X>YJ`V?bWw<i=Cjko5F{p-nWn2(*8s%N7pyWC@
zpPPRLr-L7EW$C!Iqo?O*hWC7dm)R>~@2&BDcM!VXdgfN&6&#?w?Oo8j@7@K1$fqI2
zm#ETMm`NJnJM=&C7o-sFn5Zn8>*15Nc7sRDfJ(&G*&8SHZip9iu;dOio~EAhVgm%z
zD2l~!pV$l5Y(KA=Jl*EB^Y8?etcFhQ4;RW_12AMq3D}PvIdb-}3l>f;mP8-?Uz;j6
z3eYw~73RF-*^#oRj9IjNsL7v^G*`YFc4(fal21caisTzxJC9kw#4sS$s;DBRi)8#T
zy~poPq$Fx(O3}C{FyASnu;34STLm|lkpns<POt)yM-BM^*rNiSs53g$Ro|aZ9(}o}
zq{NX%E7S$4c07Ln={u4W;vP!ZpA`-sQNbpVqzZAUHY90+N3Fqv)8<#6jV8?W7faff
zQyG!pUr;#B&ba!(2>(#>s<M5qvcK<KZ`rQgk+>!{o<v^z?qHP8u=FBxcl>nZ+r+<W
zMqZ!c?z7j1P~<i5oX-le$1M3aoo`dTJ9{f_>W#<I9_>1#R`4VC@#VT5n5lP9bZY_h
z=%1{8q@!+lLwe*$%U?&1&=6Sju;+JuWa(gea1<o+wxr+bgb=2MQVs0=HM^`(!RCA1
z?X+RVcGQjAlkT&xqiuo(*)Cm;YPxosV#y}vC`pZ3%+cB<0SfM-W8Ch8EHrPM`|xMI
z-$3ss*hUERit|uDi0E07+T9wNoDB9r56RyTz0z^QOudoEq*$3m4#4p0QIEh1y2d}=
z=49aeqwje>odE{<dpc~R;05n_>Bp!U{$dH_?GYg1<S>k8^SLNHaXMk_Wbzq$s@Hye
zEczs2VYi*`=f82#&7*$(`Nn11XG8VlueJte*|<8F{MRY{3-1R#{E)fxLDjlLA#LDe
zRqW2o?A2=`Vbl(>0`MnHnAN}=XM+6v$j)@DNN1FTdks#j$6ZNyy^xVoJ#6$qfG^#}
zr^ocPc-Vqgydpk5ZdchTb12)DOA*X@1PjP3%lf9z>j`5_INBM13AtojYoxVGkDof@
z)2+Nq>*MJU5?)0XRF;^L-mt4-@Tk;wD%Zv@pEe!*pu1#+$mZIjrByo@D)P0$kkdQ3
zmyh+1tka`$xBfXDMc~$HOUw6m>?~jE^vJ)lP8uIcgWY>`_eG-0DmC^Aikc0q62f%-
z^k1v&*UXQ-SbBpjZ(mK?5wqb&UmN;#?TQq`dUK1~r&ekJ2hE^>(^DNG5>M<z^W5Z2
zX1K33c>VjvS|O@hWXkdFqsS<4e7DHn&T9G^#!0#Xg3D*-FWJ(C`k?2-rAO0DxXK#5
zH|MdXF{8ftez@w*RdzW%Po10$Pl&|UKvlbp-dn3<!!t7xvnO6&J9q6!8tK66r^o7q
z?r8<snf3Z%#2%hzTJ`eDdMtI)gC~&GL*nH5F+Pj3<|=ow%82Tc_Q2HF5Eo`^XV6*k
zuFj==u__wXzrF{mq|-g{p9Y+8N<AA^bmNV+eMqtF;!)NhV^APG?!g@!$-iXD&*sZ}
zrSYR>MDCx2#Lb_4mU|wtI3i*YGT&3V_BzPV;c1o%TSgFlVXEGHwf2ktH-d+6U;p}A
zGS<aZu<F&=+}VtdS&AZR@i-}f_Uy<Did4`xU(yS%H;UK$SV7bl`VSLA>yP-;@LHcc
zp}(js_=5Ug3n0SaoDz~%o@M9Bdn3>&hhDOi;plUUG^$tM<vZLAj|sU+tIScGC9Shl
zMJ*0}zstas?~&%WN!dcnlzOzKr9MGiGC@FU&hY5NC<Z<21jGBGy=g3FM=dop`X4bW
z`kgBw^JsF}T2$#j2dBNqI^h|=64Lu>?gMA0a=Ld93wL(p>cj4N`Ncr$B>4r%lgJ_k
zoD55$CUX)f{AtIy#OE<!`z>?nQU|Y>=HL$-)U+3CT*)sNn_L}K$=1t@V#rBwpCYx(
zA2}tz(Klh8zvwKjGKl(kIyso%ZC#_y>uE&5HdXXZ2U@x9iz;v0bEZpju+lm=J-x9d
z(bajDe0Fi+I_-IFblls~9KGkJ8`kO1DNucnoM3u=0dQ<{_bvHz8;<h^4QBDjzb2|?
zj>$5nJ3JS{o_PK7_7ipiWx*t~tJ67hpJD}$rboo(O7PZCJdQbImD)Tpk<Nbduj)$y
zU3P+${_%;SIyt$OAVsu|)76sW!&-BL@(<ZH<s)xi&6z5FeQk)Y`F(+zI(I{$f7IG(
zMio+pk$_rQ$XP!Izm31vx|JZ~NOFv8vS6=e%#HS33A$+;|GVtNTIb>fD8^RxSQ;Lf
z_Ahwp#+2R2DW@8@vl9~edVh(&wP>b|FKg{vni=JI3j3oMG+#O1DEZG`vyE*?WWX6;
zZ}%e~l)W7Lu}iKL9dOs&QSF>eo;C7T>iJ6ZY+K)&@AI3P)?#+ZFCL;z4IT9QZsUVW
zftz#Q&mt&;pKjb15EaJVm<FA_*p`2RhJ^CvD@8lXlknr1wjjGX+lKQ|?a{p#?zx_O
ziw%6EJT2rgWYYB|?}}wj1DB%pr`;^?vzf~X|Gqa?u%jBCo#rgdui!;o3;NYVM!JQA
zP5`!%y<4Bva_6$6&^_z0Fmj%g*Sob{7IoUt)85IX3+i^3^KE67&bghq0BWp5mW~Bi
z^WxONsmRfh34lxVsjhGL+{IqYcE~sSJgQZ0<*qjQSWunxOw)Z)rqdysT)Cf@PQvk<
zW2Hj)hilhQ1~1z$^X-(XW}+0gU414e07j8Rx;_^Sc=Dg;Yl+rZ@kg)oFP}LU?WxD<
zwlL+DtC1CxfPB{N*n8Tou#2mV+oT-n;O&?{0)BW&j&r~!S}L<E`#je@IJf9|iFc;C
zbU7;7J+3*O2CX)Lc*G^0hArb*k*RV#|DP>vDC0_9fXb00b|%M;Ts&xDASV|);3G>*
zS0MlXUk7~*=@5~iS22q%e7^wb);@2xNK56FHJ`&EtoFH#r)mlS=CCq1`75xjH=TCy
zO&6LPHE!)hE%DT7&#%oDof|0XJQO8uL%zgTp%;7thv08so9WJ!ln#f~53;C?LbqH2
zqmXSJ+6Ki5{i0GBgxGoey+(B8p*1?CHM~%@vQ-ihty(h(ttc#DFLWwFjyF^Ja_>bm
z%O#j66qY3HY}2u9n6?B3)uJGv&*zhu9UV(1ot#kMwRQ}D3;(?IPTBU>oYC$$n##Af
z6EMxPj`AJN;mF$a0n=jxpbj7r?06YBWvT@Pj}I2vtjq>l#=tpQP;lej_UyHlZ*!V!
zimt;BG4s8>h*~c}aq9&tEMPPd<$!g8(lvJmC|BqvNYvWy%qT!-z-T!s<%RcK`czoQ
z+yM1Lb;|c5Y?^y0F$}8SYlA_qKGj#3VWzHX)C1o!4P6M`DNfW!3-=FlVuJB|BM$JC
zp5TUy4yc7iN8g4$#PH5i=0warNL=9;?n0k9<znfmJ>LyQ^lGu!&h)Y?pCcc<9|+!6
zhN_|q6Oiw4ql^7sT@3K@CEd*q25%a~0#j21g*k{UuC}mlE=maUkYfA#3m|>tT-bP3
zVasx_MS?ojxXFvhwRf`UFNykr=s$T2G%fbJ`rHI%;4PH+ER<?2lsM|)NhZk>=S@b-
z>*wr0Yr*)QcQ8|2mt;h>Uqq3yE`jH_a(0!B-BK1QDVqj-1Xz5ox9S#JCC{i>k(dh>
zNXJi-r6}K2S|J;z(DW5=r2-_Qq>BX6WUf1_G&niojNMmZEIyw|k7w@sg{DyJBksCS
zbmU-GYYbf5{CPgZ2B~}{E<i)Vrhpq04^>T&P_|O@>~df#%Z9AfyjEup4z>Ii`WGNE
zJP2g_6-DI)fl5qY+0$&mdO{_V_BL^OChFY_otA!;`DZD6y}QOt9}M}A9V_MYJ1%|h
z?y)+Zl~JW<79&}jfG$YUO{Y^n0Tn4@t?g>MRKlqBkW&sBhRwE;4ox{Y9WLn;$g#PP
zk|@|PE9=f<zOZ?6@P_8DzAu~frEj*kFdzLsjFN15>*0|Q0cAdA8j3QHEll4cQq^A<
zu=-JMjdurGxVtOxX%)jFHRR&)w7C&lS>a<|;d9K8(ig)~G_{I3*`ohpG^TfSNuF+m
zChz3AXIfAC7M1w9V==a~D)0Jwyks(`SlEj+>vZMXQ$^<gGQjOf@AgoE?7TAewuCxW
zM23=34CC03lW?l_?&+#p-f$3<uWhe$bM)k-pVZ1<dx<QdnNdIM-2qew(7i$86g=2#
z#M3#|h18~4f1@c|&8~m>vGGY&FlI}0&sj@wgb8pO9+GPvX6#|>+Tkc2y4!CIiJYEY
z0mFA!Ku=f8EYUX-k~djLv-}M_Cbp9~aQ;;xg*X#c4!uvPHw`mOj*iV78B(f7bvDx3
z<%Mv*(I*kQ;f#45Idm5%DIj$cRsqo6X7`rSK<~{-lG&YYM7KkQx||W$N5E7o92?9c
zyEmNF^J;UW)_g-y+REFeb!G56RP7W>ST|+Lek1CWYMjEAc2~{4mF#k4s)JxoL#b1#
zg>YNXGmJOn^Tw{G4;$|#sY3j;I~4J-Ro(rP1E_V!XBeNHvJsp$j^2*<0j2Kh&7K*g
z6~W!iJ(E3JTJ#h<`xqkzrFSU(wvC+DOAJ~-&Bm^jhMK(T`KteI#L*^nesB?k>rGs#
zkl=hJ4I9(X^~yz`2IY@nbi9_b&_kVtji)z`Hi*_0bR;%_@m?v`t&O<}xO%7t4F;En
zF)hz&FqsMH%uHC^LM<o-td&!iGS6<{w3z(#(RcFW(|YsEIYS*n_!;)bs^(XYx08RZ
z9U6kUCWITe>xXkh*A}<-dBt1y`A9i)=oUyMSPR)0+nzy4(*AY-q{dN$_C}x2>jJ*Z
z>tBUFsA6@3B1chW+ev%NX`77*nI&qDdYUO{ayYirF(KP`lo^!L8-UhY+OR$GXc=H7
z|H^$YSyz=D{bq2}V^Gj!V&ICK()F5J`YE#d{9c~(si3)89Xz5I=a?V;+B~hI?3(WJ
z^0)Tu-SR6-m9}t}dWl5TB&#&^5?kg7CYHr%gY{JxLZ+X~sYa2)@u7R}uDb?#hdi&S
zEx))ne=4Pb;|dHJl?&;Du51L)Bp^9!zlHNv8Y%k^VYCdAm^Omk#Frd<=JP6N%k08a
z_xka$y2fe0`z)zN9G9IoC!TFh?s(b_CH9qJyZg&*kJj=S7WSGt20hnrZhM>zR0Kb8
z3`UOgFwr$6baM%3YKJ@!^YuAj>%O$)8m*d-b(bt3wx8FFbFhw%QO>~LNSHDN@#dQY
z4Vn+qjw@rq8Q&fY=|S}sH=KPh1CFE&KQoRwvj$%;%>wbbQKY(m4jq~-b<wp4uZ267
zBn=r-%^>B{18@<EDKNBjZ+sR8YQ8Zc%geL9?s133EN8~meWuf7uYFr(DLY}pzl?U%
zVS`~rrCeN#j8P=It+*uLD@1HQckh94xsxLL6RLYVrq`fgChH=8V>5J5BcFc|>7Kcn
zl4M{5OVIVYyzZNQZ%(sfWC>(lFWzvee7dh=FmoO`DUrpYUzmYU7>MssuU@yFy6mAw
zKca5bhqJ=0U8z{>MMYO`=8E)J21{Bz-L8{JUMZ<}i*Nu$k=csWhPNus^!Hg6a#&hq
zyS}ZGaCAY(J~!A2iyrZJ<y_*&g!2~UdpUFnCrnUAH*IbT_c!6B07kTSo_bl?{v-9k
zD2eXS2*XVu@rvQKp^9l5Yl|sQ$jzj}daROUmggvQWi{XXtJkuxE~Pt5KC)qy_O@B1
zH~ZW*Ak;Kb!q3v{=#j#F0_*1aP@DJkj12!Zuh-R+&6-9NUM4%8OX~F`ZjaHQgHuY%
zan{w>Q-aC?S>h{zn1DxK-YS*zbGCM_;vQ8abEj@91}uOxnM)<?gHqeBmUeSHC(R=6
zitf^P)4V94wlHFCG2Noh+DR?1@5mWkSU5$4s@{|>bKe$R-n`mwu=?oHWM}54Rc=>x
zem-cMn>)c+tZ!qeox=_Uu6L`LaFlLACSScR&t|i-x%n130@-vN6_P2E$WFA(1Px!;
z{<fD14Qa+ht@F0=d$~LPox3nbIYu|6_Fjw-ei_)XmovoBzirN2uksZm{$-YZ^kD#U
zE+gxDzMM&}N_AVBJl@d32wT%zniDYB!Gp+B(&m-*u0JxhzKkr@mkKz#DFkw10J&@{
zE`6WssO!seUjr9tFyiS@q5R9k!ux*+Ud-lu=!VUxh|DhxCr#T@r6}daNww$AZOzYn
z)qQD=$gcw;s(=yup-4i|mjNZ<Bh}urtLTzEKwpBf&eF()2~z0(tCS8%k`xFI*(v`n
zz5%AUK@89$kES=&x08?>8$;G+U({y_+vfth<&3dkYwG}8U#T8LH4U9R+8e3sr?|kJ
zVYcAU+Pi9XJ=rhY1ltTsyz1W<WHQRJ^uFXmi$({kxO2h#vQlGVf_H#P-vXp8`?|4{
z%j~+jE!AH9NiqF<&YH8j0PU!GmHVbTz3Iy3K6Id|D?RR!dwAQcd=I70uIPWB_1XUF
z-|^AE0~<ki-OZ=^0(`8_4(e)04}462MZfP^_7}9r!c=Lt<xH};>=&l;kWdkZ_Jn+7
zhjDoQT2x}ZXjRDTeI6`3n94$`;U+C!vRijruSr?pKUzdCUt;C6mEy-{tem{(#R?pL
zPZtAk&M3iMWA8`LZ)*1B4PW3Y{uZvwg8k-JY{xR`+84Dw`Od+l@78I&DHZHVxd@Vx
z?F-p`FwJc&Rgx%E&HJjV_f@_lK^oHqUehen02gO7XJ<23{XUtMR=4X;(VZgE4)E#u
zt<Qr7sB)2V!ekk^e7>yE!G_9*kUr%_ulBL}H#3wKdB9EdyksxB`}7EXrU?rt&F2b-
zF7EkeZKQ~4&7Xq6-<?~^yhA5UMJK!>U0fvPQulqlWO}?rwj}RFc#KOcI<cczxHQnB
z8Wm_~xe#bQi1=c)XzXp_4LBQflPc!so8xRzY4v%^q`Y<!*8Fx-S9ab_rY9FKhsX4g
z-CL@!wH>{l`4*KRt<|*TSq>7ZtY!|Nl$f`OT4!Uan^1K73aslebZeMjcGXQ<5?k)M
zW}EA@0V+2kbzDcPOTUNcQiZvh%%c>%(iiMQsuVWrcqLcgU1)f>(0IH*;0qn!&T?=k
z9Q}m}sB+(kp1tb2(qqfN2;n@zY7J=TKnxG%U`vLV-0eG;&`~!B2PT(X0V&ory8BBH
zIEpe8e`Fa8@V1<#f2#8$CcjXIPzUI-yPs3J3YQ(1VZ8+yvC%JNqR-_zTunP0#7RYS
zlinHGHHhb|<lK=k9h_kiatlds7-Z{}vW^=`a&m2jJAC8OsqeWnLTmdi3kKNZ?#>Jk
z*1V$3t@{*NY#`KElav+lBs(TOYOeR1KA|p6t(v;M*tK>2ype43;(OV)$2AZ(fNHxS
zZgTDVql$KH!J=JP0wSo@BqhAiz>^Z^?^yEO;7t2dldL;c_~lXsax@x}Nz)*EbN5jM
zlQ6cy_Nr~-JrSn+F3AHlo<@9`aKcZOkqUHiyk}Wfxf0-h-TE_g=h@7vhbqort`a3>
z>9QnVQ~a&QeJONG#k%@tibKzvIAtcJ$ak0&_JM7XBD?&vHws-Q*U4_mhNmFuks`;?
zfK4g>9XE`6{)J%Qoh$fNjlwft>Yjsb?bnlvvy$xG)9H?Q%F*b;GF^e~*=Ei*r+6w+
z<wMl|m8}zrzQYd6dn`;2aeOR5jlH~SoNE$GuC}_h2?vS^_+_SzTr4QOb<v>m!dzsY
zSGmh;>6{KVe19>{y=yRS#H*aM)m9m{+>-<013muSkMsIuW8-OMioVE@+X|n}gOri4
z#qJq`nT)-1fVs(D&QCu^&kJs9rSh~&8TZ!AJg#*XYHw(BDF0y3Xy*XW?DME&mPoGe
zJ0m)A?72hlwNnaQ^4?GBdkmx??oMu_C#ybexOHEcVr{bwqz8kchPu_^yC@NU{uG3w
zDiX{(=-Q7=+NeY;yG1$=Xe+mIfS>j*V_YinL#FkfED&Jzwda(No7{5tm||5DQUMw^
zj&j~YvZgFS2}UeBK3pm@PV)^?261D`rt|8!Q+s+44`Y?Y_|xS_rswa=ipb_NqJX>J
z<pYc^^*2Ul!V_fJZcmjgk>zeP+m*YTvb49w1H5XtuL#j@!l-$5;r4ON7VwR&;G4>(
zrxo1-)T({;xjqdpKbR9cOUJbs&uoFX(dIJTEt+3@#9Amy(!^=F+90cE{Oi!5J+F6N
zL$XR?qWtog%<&@NB{pL7;?>%GJ8iQ)*x3!f@>Ql6Q#ZAoA=xKNCp{C8qtbJqc0TwV
zU;l$7(6;K-?(TSJfK$gkDzB6_-<$puF0D~Ii4Dp&%#qnwVqDUDth+XAUC8?E-r?Xb
zcjRnI`0PwPt6SGxXo1;2;U&IE2eg+*sYDhA<L$}gHk>4E$u_6M0kk}Wi`6|pn>2iV
zpz>pQf6S6~#RbHGfxUEX`Nc2;mBG1hMxR@l%^1A>)T7;1!;2hGc2vUpx<c>OWIwX#
zWCYndh>U!1OSbG@LzkBw8yL6}^5$*Yn=;)ex1~O9mU{bb%YHcjcE)q1Z8EZ?#mu(G
zlCA&;C}<EP$NL*CIquZ+Ew6<`%M!`!FV$zaNhB>KRp1jmI`-0Q{la7H&Xs)29#|2s
zC8Lx1j(+cw-8V~K<o7Mtj_$irhLg_R*pU<gSM3k(=G%&uG%@nQD$nx4n+eMt1%*^M
z&ot{)H;f?lyyo4TZyN~}eXN3Te~N#4rltIWmyix;h)A5_pohCd^+;2Nm7$ZJ!+NoZ
z2^=-ohibY>!Vsc<E>i2wX1rk5#{r1@bLY{M>JT325&jsV>C|;Cm83D<QT#-Fm(a3r
zia`MF%CY)@5s}>hGW4LWkM9ERY6aV7y^hN~INhP3ki1_vz{EO*JjvQVx6}eR|9CE^
zO>^?v?A?IdxJX>51DMsi^db-6MJXo|x)AFM_Da*r@&`V}ecy4o=e4Lz8Pm^B4yC{h
z)%)4<H2udH6$>hL^k|Cst1p<)Y>YsW1~7E5PW~yJxsvyS!Q^mUNNYl<h;eY{yP?U7
zKEiTYg2oC@J;%LSvc|AsLRY`vd}lqpQMFx%&<*HdapP=^q;bqiDz?wz#=Pfx{k0aj
zX<~HF%Va*(Kn>Q4G)OtyCCAebN-9;hWdA0)x8t(0<^eK{%nVctR`Q&1h=_^1>siy>
z(b!n4+Vkb>+(*PCU9OUDu%(Xa+vL5R25q>fTXU4S>zBgP?p*bxsJPRQ7uwdvYrjaF
zGP`Cn7fWPmtMvOTuie+RqnfJc-{g8MGB{GR*S_gO7Fw$rCH4giFEw~gkmO~=K#;wr
z^r}SUK#Pi5WID2&Gq09V?M*Zjs}<C&29-<^Ql-;&))M;O-JNJzNqq~8OaX=cnyN?Y
zb{YX+rd?(j|3a>4I%BJj{4~*+K!ppr2gz5BfuwUEpGwYwOGu0EIxTOT&Na)?UFaP}
zmtM+zFOpIM$EF)QJTfb{22Q2TKzq4v`UEe~)J<<Fd3w5~COVrQ0c(ytb*EkInSa-i
z@5=xNW4%{H<2Qirr3I?83)_~GM)m96`Qk=gm@cn5uF8$xS(^kS$g`f5&E{5nt*MBZ
z+iel@zV*XnsrDqIBSy=8&O@}7ICd7K+fKScuS)8Kc)#b^qa>E~g?R}};GEw)PggkO
zn!MrBxKSF0>@`ZQJN<X;(<-2PSI}3`Z}&X;gh%&SHp8cAdiG41Q+KtQt8@3XsXWky
zn$BD8;?ha^h|~sb@lbZYDPW3hL4`@hw}&LC_4z=6g9VFlTi5bjV_$vWq)(!L4e(o6
zeQ=+TP=X%JX9CtoqbkA|)GoYfmU=Lyd8@Hh;1>al4QG?<>@gS+`Ai+!ZN}>xulKeW
z+`+ePH!AxMhjE&K$awW|&aBIr>tO9v-ReSJDTYe#bHi&oeC7>5=$vn1YN4qSbC;4-
zX?L)bY|L^-!naPOiqvXF6~fg~`r-2Ynl0@}9(j@r9Zo=p<CCpOe+Jd@-khxI^=Wka
z_l5?|_9bKOxo%Su7^qUB+>Bj-U$JX6CI+(BPAa^d{J!xq5F75I2oRz2bu)4Wew<=>
zhiJ158_t~^A`6)B)zv_IlpEw|*VJj;@^#Ol`ta^s(AQIz&Zp{dqDIyU>sR_ETb4&^
z)3&=-{lB7axAOa03%?~~DB6EDgwz#1Ckcf)g3vLyu>M)>S+9|MB@(_RDk)keCFKxU
zdV+d`ozrc*d#x8-BQ1G1AoIdNMNp!FBVf>AA>YBUd&zxqXn`B~n5$rR;91x~)!ewv
zJG)tG_;p*>!*pr8b`((?Q1uc+(OVsC1n%+l^lx8#Z}K81y&g=DVC(G1_-HjQFHA04
z6vOxQ;M$`)yOj-_Q(7rkcx2lrQkgNG_%pI?XYv~c3fi|d8nSd6>G;vmbp|}N247|X
zG|l2~ptH5+G?@ibBq7wS!Z+x9g3~ZbUhyXOC{vIfc&A{2(%Y>m7Zp~hEIstZ=@VIg
zWlXcuXsi5A&gpG-@|av}!rP1iDktA!$W~7NySl_Gz>9jHZ&7k73^$!^>80`MJNM(m
zu<N?w-zBJ^rNtH_En%L-<P|gpH5=AY^>kHMm6h1_R|w-SxRiEAIg*^GyS^AJC$FX<
zKSVzGHq3K-kO>98B8mN4R@jQwP|w0hx9znb8@I%7KcqB6kAKt6XDY3MOu2IyeKKtD
z^B_Ssg!W)DEMDiUY&{c9S1706!2nSGg}xo}PU#C&utZ@>c&COYziOfE7d&;$^IBUl
zcTO;s8+L6=3_;hKBO};#;xzbOX#+R{V(+Qu2}4W4Waoo#pK(%%pSpw2X2e&8OVk_5
z%#~QLdnv@g7cDD`W01S%^@~Yb^(O5-YXfsGB2{~yu)fTd+yt4Z`i^a=eOPsah*buQ
zm3B(hI<s>nPO`dew^>-YI+bTBnH^K}8rjvE6<v$0(y=m~iq2m-ndx*=#H2mIZs7Y5
zQB>bnUfwKC7$%5fol9hEb2MKTKAsz-5Z~;dJL9(Z`BOS-eY;tPUjq~TQo)V<CI@2u
z;fv(S^-Y)gDhJc3YYR7L-}ubu=9q+z+>hawTA#oH-cOx+mmrrDHPw9YOdU_aUi(H-
z`MNH+*8Nh3#C`n%hkCmtWmCSmK4Y%tH5YDGXA_fXP{LMXKa-$s+9GQCDyDX`Ip4a|
z$10*BR2jEP=hOvPA)%AD{~)J7Bz0!XEuuc1!KjyYL}@Cg-}VI0O7M(*MGaKjXs75X
z%l_QM4|#rRb;(*}jM$T!omQ9N(kqk+wP3g1*%Ah6y`=fm-=@Z#xa*_d&af4ez7!kA
zx5q^=dY$KTWXaQN-2twtk2co>H(NFq<=Z>uQ-Fm|$DBK)rvui*gh;rG)W{a%)|1hb
zamFZN_f7<SHonzX&$GwK_;#!le?DJ${?!52@RG7^@$dY`tI>{;<-<M;dUh*q#cc_z
zV#`{XFG1X=+&>>wIu;3r9@Z7f+B*$S$M=wSrnnP~P)uN#^PAoHUa6d!oV$=bM~%mv
zu}&Zs@`aiz*9_s6YK_r4%T$_sXmuDr-FPqWMlblYHw}E=r*L<i-3~;pdSA3hig~jh
z*$UE}i8EfRGA6fvpu3Hy#5sd@T`M8w+$Ia7QTc6M*zr^^6O%q~N6erTu2SE0L4KHN
zIjA;5+xU|nWGxrGRqAM49)yV4O`?seG`Y?p)mn&d^DtbV6F1U9KZ!^m>9@0?0u_-k
zTh48`e&{z|j&?LF9WKrcJD<3~ZMQJhon7zdMwU<(ATe+>e7^!=R&O({!b&B^2x6Nr
zmKm)IO<*!|ml*+3xt-cs!8+~rKtD_13^1?1lL2>pYZ4!GJC#2aUQO$M=CV-PnQ~R&
z%v>k%VQs_)%J%js!lSa2AM~|1DYsL$vgCFJm*?Db|CTbOla_HiG*M3?dPQsJW~6Q^
zmF+zGXox36KhEeDipR9n#k~(Y<T6@cLZ|XfrxcmA7~|$k+27ip{C4^)lD&cOWbfoR
zkR6hT!^XJ-+n_7%T-~3%&tgtI<649X6`pwnb+mH;Z<Ze&bVk`^(#hai`sHpyaWRD}
zz9tIbXCM};jQN6gwF$03sl982H%*J9=>h#+c#r6Xu)@6Zg$`cA<G(P@#M=&=F|p)q
zn0s||CzUwTez`5R2P^g7-Os~8Ax94lZ>+58y2%LlSVhgZC%7IHz78R6a&(|rzci=z
zw2|S0Cac@<aWH>2d?5-H?3ov&*^sE<S~A+nA9R0Et(@&jIh$9Z6P?SmlI_Ym?veIy
z$^}jiCZkj7IcM>?JUzqA!3jq2@9ib!7&GjbvMk!E^Sv>=c1n?u&h<0(m;7;TPW=7}
z*QxRq=Pkt+OWx?}#-+3m#rT}UE+H%Gmd7zh9G>|IX$qKoyD1!ZhX!fSGaS>|Ar9=F
z(Sk1}Fc|YC5116d)dH+~!=0z5mqq#cNwnx-F@}Oe(Ul4{EA-ip!?8@-7jmI->ry-&
zs&%A|p3^rkF7-R`cEGDhCtnY1fdrFK;=B%<c1F8tbar63V2^ho@6`Ai$pw+iJfj|-
zvb-A?mgWZH@~tawGMf%Y*M1T1lZ3l0*e0s3$K|ek;<?a77*wO3>Lf{sZ#jIZY9t#y
zH>c<cHQy7vTx&J4{yY&^xtRko#AC&m`M_%Q+S}f(`H<{+z3{aX13vy3J$J8aSx<b9
zWyP?hxz9}n{(L05#GBI*Im(lpRXe)TX~R4sfNf~6Wqy~JXj&7%A8gXAq-(sJ?PSDN
zcm-Y~@X2%9|171+#c|0=<|W?|+h_d`MLm>dd8vH$+UBa+8<U16mxhz|6N&*BhwY{8
zgke(cor|8rqth@SK4FZwhcfBGoT*G|95F7r9UnrRh~hUw5cbRUBTQ|Mu=bJ?hn0FN
z$N*}0esOtzHGr>*!b^B<Z9$+dg$Bu#lW@Ai_l=(A%#>NM$>oiw3P8fM9>cW`1~s`i
z({)B}vpo>kRBIi}K1)RtthdPYC$x)Hfo^#_Ki;?iN==uMT(rTX1h13%_>r47(c0+U
z6LL*t$KyGlCwAnFbrl~z+L5b8tH8@o^dshmk{x<kLnb|A7T`<h@~B+jnuXk@4(Dd?
zItdSlqX%w4NR180B)5m25#894Oh-02x2>!T0!BdoCT{|`bZ=tTdelZaWnx-O5;ngD
z$ct?RqEq?Ezs$5eYY5EhPuecaALwh9Ap`3&sw7{k{9J7h1Ev18uyc9V!Q$JXd+WSw
zJzXl;c}uSk)n>n7SuUu3+LLQi)2IYHIop$*<|R`y59{`Hv(FGgvv+eFIM)o%ny`7<
zaz-W)#^MEsifwIJck-b6C}h0vm@IyAMQy_Ch8g&y3dW$w`$JOxQecE(#FD#tweHA3
zyk!`!-^X2Qu%I+wh-M|Im+<1Q;X$SZ@%;mszGrS(vbMY4$&aIuA8fceDc$9iTXT2!
zLBG$p#Z9r$4e*?MCS5+lcy=b7k8bvRjH#7CKlj{aRm`S4mAe8q&D7KmWVRgBTi<7C
zILc77lk{Rec_F5=j?rz_ZN;CnwDMB?hQu(`L#$@!g8%ZUbd)r&k;*;n^or`ESO^!A
zZ>V9rbr!|PkPq2;OO*gQExj|jD~IG4*%pi&pVIky4+t;~9bqa!;g>P(oMG!B{=53Y
z`Ho>YJFs!qh}U+Tds}DJWj9|~x*N-M2~NZ|@!V^G=9E)Qe@yBe%SwKsY_4x;-LQsp
zr?<Io1FECIhpcuziGMiCxBC1%+R@inT1(ONqmg}3eY%yhD#BEyf5vd3tL1${X<MPd
zS`{S&ipjo1PG4Lq6g$`l6i%3HX=^pa3oYwgS%!&}w-iXg`%1atgRmwyItJ9i<8qBe
zmf)zTy9H$Qq^b#MyCTmBBvIRqpU~)c>EILfn&d~<hdQm}Gw129l&Hu1cwl_n+BwP{
z0>Fsg2wkbtB*sd+ai4L+ROyEBU7u?ZF+JPXx^^_%jTzP6?6HzS4X~UZ`uwvg(<bnR
zmGtEY31V$sb2dULrtoP*r>lb)OuW)ag26COs=gv)!4tqzh*~SZvQj!=budO@25&n|
z!%7hy+p=%B$%rr4^1{uSg#~e6R9QAwu4jSqyEFNYju`WJ=8bxVE-@3&qFlOOa>!C{
z_|_MNu-fq2#@Wnvr*|O$pElRaXyr+(mC#Q?4O5S_wQP-8fuqdMm+&h-#=W5k(Cv}s
z4V_4*MV#I+-k`!7Aexk+dNIf1Ncp{L@mclO2Pv089{mjYP8RQ0I#BX^3XPxn!!lEr
zH+$Je#RJ=^?qPF9J8L<<cy`mQ6fR4ax*<OHIn2=KBf@*Yu71JSKTY>Lwgr_r;!1>V
zck^%_pELp-q7Ab0=C5A_S_HT2O<eZJSb&O{7ztg!?77proi%^~(dV_0a|1S*m(PRf
z$g>wphNIA409X_EE~7o!!N48d^Va?G%;3@(q4;j8-*OWjPhjDthC=WSg3sH-=b{2u
zn!)l}b%q@d@0?^F`;vT|=D$jtsf&Xg!)XNT6i@BU#abg2OF59n+_Q+hy8~g};7i&U
zJ|PTK8Dcl5dIdsLtiHy5Z2+8y_B!bEBP#KNGb5fwik@<#ac<qQ_R3Tyg&l*Z!MrJ#
zN?uFo<QsHCt|PC!YoLVbM;U;@2@c^g7>qKQH)JF4HbOI|sjc%%n?cWX7umbY`~3OZ
zr25io4o%}4SK2S}*LNE7zuQhU;Lq-!T958VJIFOfi{jmTE<tPSb0J}JBEgHOQtY?Z
zzE@pMrty+miya@Ag`vIHG?cwprgZ9TbNQrKAJv>kc)!}wUT^Xqm4Gi!fQo`gvF4bD
zm67jRIKHBuNJih<<~zD|*!t)B_-l%pndPH{utH&dN5h0pd#h>-YuirteoZ@IxxRHj
z_Tge1G;#WYo%DW<#pygIE8nbzJ1(s-jB}2j23w5ya?f&~Hceq(%&5tMK)s@v$}(-g
zAgm^yt(Yr9Mk^$fO={rwUs{(8s!VaRs9w3dQ<2&!_=*}MZ1|}8Vj<V-Ek`73tbF&v
z2;+)lU#PXhw)?h&Fvfu{0jD1AsH(YVU+Y$H1E_SJjF^J;3E2rVo9b_}Bb3&8`oXGQ
z4NK;l2hc_;$!?+v$mR*i<hR}7vH0!HMv_2Q2~o6Z0GOet^tp5?KQT`MwfuF)(lvXO
z<sAhOZ=Rml<Cdm$AgJInWPmrUB+q|D1F4bat6^ndji}BC=9k|bv6u2r^sZ6AKa4Lj
zWZZuSSb;pRX+~Ouf(g$6JqnKSDzNozLS|Fj5(v32`)!)e#4%S>XrbP5`+0<wWp-xW
zv6004HPGI%irL*rFZcJRiqY^nj53k|{{;@3GCrlm$|Y`9nIb!0Sh+33ao@Bb9o#*;
z$An+cu4A08MEGprF{y>iph_=}+MSj3$*GMf&oHla#E!?vROa4xu050=;+Z>rt-iYy
zm0|yFdw%cRo#b#3cB=AI8_<1<fAWL3V_&0VlbR81C=h#RW%$<a7@)Mf249n(z8s8P
zYA~2Dx#PUGBx|aXMI}V|stnbAvA0u~uhN+Fj`?{x#i`L=s8jnuS#l1yc3ifau{lpc
z%s{d+)Z47SY16(R;!~gKf#Si`#g!*Z;N%jK)lr_<flJ{_OI{Mj*18skM*PK64Ewwl
z#ylS?MUG6*Z@-W%zjKw!NtdJGomA>>>00A;gjMGqBT?_|vIXsXdl&nbE2^LhTkC^Z
zd)?Y9z?^oZq6q|;zygS(yAV^^mgj43VAPvcE4qlhK9rd<xDsMm_BiF+isY=L0;qES
z$z$$edHG@f;%|e^vetAANyuc`nNF|hLbNK0^<Y!qQfG3yQ_jO|+V?nrRm6GnRz6|z
zgJ&kZi&|<aqPr5;r<;Nt<8Yo?@U)%L?QJ$LSP2^m<zL?fJxo&_*)f%lV&Z<iJDPL4
zs({ZXzu@w~LRj2L=t(2n<TKtP;hVMA6{v{|yu;E9FD6@kyg>t2WNYk~R*dYY+=`><
zEax`M)~9txypj;QeMY`B)%}Q$c-2fz#VM*~cgbWW>tqkMr@{Gk2VXdlG4!-8Y?f;Q
zN}i)7(XIBC{pT5-;a&<Ujt0wjs0v31r+cTKE<vp-d!<BFY-j2k?AsKh(q=;U8l<19
zm8tyoIRM>r{L*IUUDXSF9n)IF1^x?o`Px)~kyLhhM^`1SrXeN)z2=w+Qnfh|yl{rr
zU1kxK?=OsOfYp6zNzfbYOVTg!P7k|-%63p@0!_l$7dnyyrFD^nnS{n1%1xX}I2e0Y
z<~QAQ0dupZ);)3<c=C*nwFoLl6`<QHl|uMWevM&K$Wb%X;nJ*rfki}EveZJH)GNZn
zBPJMqi*lrN*IZWc-nw1bm;@c-FJt@XclB$e99|(hqeP%XMus#_35Lr`Q%_O3*p{KZ
z$`MybRd&MvdrNxh@alje5MvMN+@`P~zy`EPf3p`lh#Cvdm+a<Wekaw)tHiIqyI|#O
zz20E~!HQ`%+=4Z`w>Ho%4Kk$+F26*SKZd&2rjE34pz~*jxtuN)P%idwznfzg7OENO
zcv<4=9ZxUhJ#S)N<L?a4->k#-X||^87L+>+FZ)Q2=C#_1Asek^Blo}QoH=7_<(h4_
z$Qu-X?ycXovu&T6H~HxhP_<~ja-(`V{dfECA3spoj=5yxCl0Nmq@a@!Agpqes{64j
z|AWVKuWORxa(fq=<xZ)|M4q%9|2BsLT`LaY=u?koPU?V!m&okDZDM6`wH;0^EpSrz
zi9Et~H&E>YbCL@<;9P&|Db~h_;_{QMjosP%JV`u!u9E5Hx;gvXbZRMJe-34R=mGeg
z3KUpT*ZH{=HtXT)GWL6EBh4}9Wa?Y`URr*>KW#sy*XqJ#dF}iLsm_XJQdl$#q_><?
z*T+b;o!-y;0DHC91F5Gc4QW}}Zk<xU9O*w}_Mm9-Wl7$>lN1*y_lGd|2c+jIrMT4U
z@2#mHi=<|g(f81MvR-t=zhon87R7AozyFj^B9!I#T|N5{dyP210Q9NIbh(>PG1s{F
zBf%7V`#dQXH^nu8!jp6F?_MJ({F_<lqFOZZ@WVlY=Un^eevzhgQ8G{9Esqr8kf%oc
z5=G|$J7EnC;q%tDqY5w2z2jlmlZ$=8bktJpqxi8Oo{?FpF_}GcJO0zL=Ht01&_KTr
z56a(OU=`5gy|o`B0#CfL56X}HjHTem_*-~J!gZQhwF`TPd}9~*7=Prae9UETJ_TJ{
zBkXvs{ge**Pvj4u=bWI)yKo2<@2x-%f+>BKB7-NtRPi^9?`%IxL{>2?pQP_QYkOAa
zh1>B1s!DFV`JL)JtM-!zn!GDYMPW}$5{Zuf;yg@%;PP)=Zhk~u1cC{;elhy+?`&zA
zc?6tOE!re*w)AteJHlC;0w0G+es5MDu<ztK;%00=oaBDkeOo(_lkoW`F3m;nTY;H+
zg;`VMQMWYnbbkcN{WEDVcZOc!t)HS%$~IY}WGj%Pk$DjnV&M16jE&@{1lcTtq9}d^
zigufs_yorKP;W9;Lwn+oR6{L-Zc_eUXUBMLjh1j|=j;>x9RpiN%{=E{G04!HB%+%n
z#Gtt4>F*d!#+rwc{EB+>B{Bu0aCSe!w@y@qn-640^gxt&|8Eak2p%Mxqe(2qn&-)W
zrx4mAsF&(Du3Q!Zu3VP#liu_?(!YV_uxRE%4gtdxf#He3aEE~5V+s5J1~yNoAW5|4
zLa-2det*_GJ!r3nws>*KA_dVR@zDM^gF=T4S`lmoE_@>pk50WnAQyj-0jvyK_*k<;
zCL4(+Q!llS+If0x38s2Ad;hRYsc(#5HBn{>rjM5X6@4Kd-?vS~1CO=d?yVn{H1-Ua
zZ%5J2(}~pM*H{(&N@C5hBy7oqgQZyG`XS!17B8lL^G4Cma?M#Pp8EP5OJ14JgxmM)
z3PF}Tf`q$%$&zqOqzCaZMZDohT`9Re75-mgz54$RYmI2CooL{oNO3<z5e$kQ;sHqH
zfq3AV`OU+=!Qw+aSP*#F&w#0LVg?XC5x=k}6k)7I*dZnue==de8%u5(sCbwR!pcLD
zXUru;o_J^%`%`MbLy?~*Mt+7UHQ3*zW^pL)t%SG}bAX^DVrwFNB7WCNIrw(Im1y8c
z#SSLgnIImbi6(w!incV-%Fj&cAlNwvCmKs6nD|kx2$94I60H1+B*BqL58`2pXy8{Q
zd&7y_|12*=D^0`$fmnhE`>i_vRcIk;lyqCbm)jQWamO-Vahe<ST=fg%6ea;sFn4!-
zZCn-1k3E;6m8No%Eb2~MfcnYezdq3l_$!_5e$OuGr*}b+M1i&G(@R!PKfOz43b7im
z#aS7(m^oQwS(}cX()>Vs{hm^Ad=s^KToc7Le`<2J7irYy*?yd63isyy9;;QS`CKHN
zWmh_?`I%Ob*Y@0<mzFd_Z)s(C5-+}yd6`a=;m3JCo95H)sfcwm!r8Y1CzMz<o654}
zDOjV`JDzBqEPiEv|1@i~#xIbX`yk&Q2B~uZGKdJ$;1@`f1CZp0K{oG$<lP79{|jXL
zK1ja9AnEo&*6o9&`vo#)ALNI_AkFqcQd<x~n*Rc6almBbAts{_K!y-O#_xk1Vr8Vt
zg@sg$KmRWD)9ur&8up~LGB3++T=k>2X^s>~zw9O>nkOzaJx}ol{%boGqi44bF1?v(
zV!N2O&tRq*TdZKrgI7KoPdFb2#a_4>SbHhv!Tiy5>WOr5g1auKNPoDicgm`R?c&uG
z&IhOCE@#|RHa}T?Txj|nMOW7=S{c5Nf3YcL-%p~Z<o*~^ef$tG3f7nhEeBR*KL51(
z=^s{|C&bB#J8=}09_%D~Cbu-C8uskBiy<_0ny;c?q=`BUp4i9KWTPi&+0jgU2vcH}
z`7;6q&4JwP_fKhZX>h1Ca<N+!#Quf-6(nd)mHGAQpi}#}30HpL&W#PJHvegjmf_8_
zkLBTl{eV|GO2mC6E^ZbL1$35E{kGM$>qnb#)Svn?@0nAqcMSx8?gJh$+P?KWXI{K&
zzl<j6v6@FCg1}SoPkY?K14b8a|I0d|<_ikv-3aTS{R|?HIZ*%j7wglpG8r#z)FUnu
zb|KzNh@;GB%d-b@{A6Z%Hlh9UeZX(ky687emz+EZ&wnt>&At!MoCxnQ9Ro&!hv2mk
z8CATaK_qw|*TjuHb8}$xVO$)9+j-B(J5L0i()bh^)DzfU6cpHbp5`}a=80822k{|5
z{SlwG%fd1D4(X40`+*V;VzVSFMu;J$uF~%{^3E;?`!t>UA$0;8o{7hQu*6XSK0q@>
z_7lxeK;z*E63~2jx~~>;#-C_TGg8ut{<ak8Ji$eJfX4inF3m-anh!;|B~bDF0X14r
ze^R40{y6*Cp^$MD$Q^+3I{p)kmtQ0L<R8>9AAngn`xDIkS<3z^e}M5iegH=97Z^EF
zqwqh#5N_X(6Z0=H%;S%x{u7w62#GxAahJnuXgOl`_mN5bkpP55nm^0;-_cb4AE5ce
z(#3zJrv1ND^M4VTB~ecTd(4N~lXqUP+K=~P2{Vs79}dF5Q`7q2srkbaLBju{8jt^j
zIQ?G)Can9Ro|O5g!_;UbvKxhG$yXJQ`4Obdeb9?D&CoAT9gf4lv!g_a&EdvFxMRQZ
zNFDpxc>ZRLP)hzKdua$+|GV)_Hla_ZrL%IX5UAfDh@3C!gvb8p)FhNpuO=e?-*sJ-
z5EdJo`$04WQ2PT|;)~uZ1XurC5fB{rI{wEb5PoZa5+H#3F$w%Zjrko7fvQ=7@%JQM
zK}4r*$t=Y4W(B6+ll<63)BgTRVritNNIS1dEcd5cirPL!a+CkWTFlCM(Fl+wf0{Ig
z>Hw+0izuoLBfw9jL1*MYj$Qf~se!{N{fJM9+0AF1{U?9cynPVV0#h<a4nWKwx6osK
z(B^;SXWbllMN0wO%uHOm@?#nmcwxD%3EO=AW1b;yAevrCz>v9dP*pEBYT!5tAAS%@
z1esW=D&{2jqk})7Xh&owR$loLx8@gV4<5S!roJ=&=rqp+dBjp&T*7|HV}DYh--;A^
z{F?;|pEi2Y-z=RbwI0)ieR%zIk|;H!-wF|W{M!WrgXyfS7k_Fr<nPxBE`G2h3?%fT
z`@Ms}Glfsf-z^9!#EuI6CSgp7VDT^sBq`3MVP)p~!uxnJ`YBwLMDEA*u^)&1Eq}92
z3Yer|{L#QTg|D7?F0>j?V1hJkzrzto*x&C@5(rKmCgGnDf04j(vGMvUz4h21QP_v{
zI|?7H6QBMOg?&f|Q7C^d$U<;I?2rqmJ`&`7?%C7BE*`#4kQzlDJ0aLluk251ggAeg
z`G<u}Kde;uzTSyaBL&R-odhug=wDi;-%30jM`E0aTONu6@b6I|N|CU|{_H~}fw<pc
zDegOUh=hMaBtZHtMUoUC>EEPCfOI$tu)hn12<bqI+!r@{-%`~1#4=K_{}}5BzBWD(
z;5{QnLHdgYHBu8m$g`*Pq6d>DF=1k#66Ry#nS-<^?s4%1iO}PNX9!}>36O|f-9NKm
zT0(Bqdte1llUj`(OyR_&dO+%UfB(z@70<7)5}uJLIzAjcY!W5;fnu1D-GnpyRZf7^
za%`&c8o~C#GY>KGp3+zCqY?TM(Y6om0qO+X2ct4kwggc7Xsi!(A1iFd*lqvI*;h9v
zW33q85YO$m2cgN*mJkcR&fl`OVg%aU=^~!n*S(d`NUXC`Y}~KJB3$}pe?Ojhj)-zI
zB)o9h+NVQb@OS#hIuo+ntmOyi)-4R9i54p0-?`Zp0-QIDxG|ZCyS(oPeI<hs49oj_
zgLr3{Q)^^cgY^$t(1R`s!Q^=kFHkXWO>DY+pgUMdZ7BVW()r)X+bL?DV*%6pg`mDA
z1SlSK$jQX+Z}DmLGp@Az-K}FQO>i<1c=>k)q@PIyc8GEOs16+-S7sQ2u)xC`0AYeN
zi9ZrUXfkwv`C))Cu~x#4KLLuk>@WYNdz%)q{T&Z-cSy)l#6=|msPel)3QQ7a+D{=r
zG7A>+_v-}qfPGgxMF|*)aw3o{mf0!B@h1WYg|j~^<iGDQ^asR05fCl>x9k5M0Zi;y
z5dIb6|Jrr$mLyr&+~Y$*I%ma5m>LLTJZRQ&Yk#}`#wrmABdQ>g=0F96D7%Wz-2L4n
zgkWNscQ_}!GycO4Dgi*1|7796UH|V08voGYKN0?~UAKi-AwG*46GHMU+X)IJJnReo
zY@<RWf4fddWtcuOm4QD}+39;CA3>9U2;G(Qo)7#-m-^Qo=3HQb|C8(g9f8=)&-WGd
z|BCQ`?fMcu=8{-u>)}lNM>+i4bwafhvm=U8Wq&Ls7L)GDM4H3ZY$lO8{pCvBK@;20
z^*<~ScaZuslm0(n|L+L?D0lyY@PF;P)MSJ#Ol<rx1s$S<xtmZE4+fF_di&`x$N$11
z@E;2}A}{}LDFhkN99B9}$wZq!CJn2)*FcrO7lRqUKXUy~h{RfaQ=U*VIQC~&V!8R}
z0;0*^Q6%p7yW|tIh-mU>)B7JHOkT6OGLuNitY2O0Ukakw)M1wY&4qs~(EPKhz&QV&
z?nIl1vN`h~jkWEMg7yc*f2+y=TtGB=NC|}f{_J~1lZQI*{{W#ad@JuY5O!Dy#A<ls
zDnXD3Lo;zUNOV5L^1r(9j|KF9=JQO*-<3eLc}NKaUHz`g`&uQGh(lWa10qp{*2=_H
zfd@kzLCpVHKs0%%af$t-<Pc3B((3;JVY#&rp>YsKs^1fqAH5vm;f2tl4_@38(+x%_
z!hiJMf4K1X1v7~nO+O!`_iF+n`TkS_(dHo~5HS4Nng|oXVXgiFkvJKYvJ)q@yZf^=
zv331p0Ri>lDUrC}uYB8A0@36ltwO%U_?_~-mSlD*u*WB?Q8Kbm0M-k3f4j#^bw%Df
z*4ZLfkP@XP-Z&6yX3seNPOGsF0B%D8UnP~Y>_#J#f>}V@KnNof%I@aa1_ES(49IQe
zq(mS+bs0<W;mvF85-Fg7@YHT-E*Y%hOm1#sp>GXhCKcsWiN)}*n>vMK=hBi<=C0nu
z=Ub83$`#YB2Ts2AkV^cne{zf6%|0YxdwgNfOK5vxcL!-IoebSB6hS%dZq`IY>kCMk
zZftc>0A74Ft)p&*@HRjjDwpOkQVjRzed&5{w&D}Ae1qkakHGD}n?g?e?y#sPk$5Xa
zjN#==1@?sVxKi*8BCR6QP^!J}^Vut4AO98bZe|^3a04;B?*A3)hHJe$Rw`ZZizyw{
z9IXekVCh5m*haytV^^SGFx#NazD)J}`DO=52h88#<+|^v<@Pr9U}(P2>*47Dy80C(
zj}w^Jx{u=vi@fmD^890x>&F~XCm?l*l|s-qxB=X?Fc4lB*6($t*>giodbt3k>XW|4
z;vpAa_bwA`Yrl<ni#y-mTIsUmUs1ARxogo4*rfu$YVqA<7KH4o;M2lk;iXQ#j5y^<
zd|WF%jnSjM5Vy_NkF6I<rMCynRh)L<Vihl~Ml(jVm>zUOl><nVp%0<A#+LSGk4{Ut
zJ)qAe=}6C<F`Etez#xr1^7!kjE*$$x%7*#Eyud;d@Fqj^Jj>kJByTt{l;5Rp%DHAO
zlhFweo|XH67m_{#^Of9b|57>kJjpj#qpxzXxZDz#JF|`<{<5)l=~BG0iNnk^4(RMT
z-MReclE`i(-s_7C#$N#<UC{e}d$MVb32B)MoNCV^83}}>c_EW<rk0uCGO8pJb8nSp
zW7Bm;dUPEgKjv|KJ`wYLWO|)yg|ZSfgW)<k*gCu;D9IdbfeIglnC`5*r!YbIVxaR<
zOQ1{?_(_Yjk14EW&UdFDu~!1s-g7da5NfFVxb5J*8qiJn^=aCLn*a&OaJEP}ys+21
z#w*>uXmWWn6E`|DQLz()TQ;Vf0Xl2$^=C>VrseRa^W8vWT5A+bVeV7u?=!WC*FhE#
z(HQ<Md@y3d17KBK8uU0L>?U9l0&m}0i}31M@%I`4R3WqBHBz9N2pdn~TXOR;6I($2
z?yd1Xl0ScWT~gxRCxGKej#QpG^8fbB>#h@j32UgX4RBJJ0?*CpmXR{_SuW86+_80E
z7$G&}EWBiG@a&=EHFZT9_byY@S0z(d*_JvUn!h>6{2_qs)g^~0$PK$A4^{nnIz<hx
z=&(!-T(!GaC8l{ka^tFI&Ded-q}GhC5C2bH*BK30*R}^C(MRtsI*}+tv>-$Yq7Gs7
z_DGZwy@hCrGDHhPm>3Mv#i&uEMj0&<hA1JTi<*ql-btSIy?Nq$-gDMEXPqC{wb$AA
zy{~=mKlf$q41U)zv1-{x%;W@OX{>Dn>43@R0tgmYW-Inrl1mKZXjc%$u!!|#7Oh$i
z&6#^`RrH6fGpdR#CW_I)?a^@*_gKFr3Fd?84OkJ{g*<GU@3*3dCx$v&cIv~*110|Q
z3l>FkZhkSAe=0Ados^XOczz!hE~j-{>qgucXQC+>m0tPMzz*l>M+w!><qhGDDQ7YC
z6N@V%_QH<M=?&m%g~`qP^8h;jgrng)^uUZ>m#OWxDTqzqC9-6aXS5l(B%5bTcKRjM
z-GDNN-0p3%z6QiSv#ye^hC^2j2`c(QYVs`od+_+aSrU)lmK_mfeosgv0_EyiEtQia
zss6Nfhj~b!c}PyRqGot`A!?OYa>PKOT`RdSpPqzcX~XWYo5<gr5IV{ijZh)wJesEa
zKF4F8p<QAbmKc*LIM}u=S$TU}X}Zb(wf?STEMpo&74=f$59oZRlPY1p{ZLox#g#pU
z`my%s@<&{{x?^q!7}o<9!fb7@lHvC(**63zkG9jXbt@_cRQ1rU4r8u<#V-f>#u>R#
zlf27bnOgVxjP%rUsR(+o+l)Ml)5?_62IzX{#&+M963UfZX<Ajzu_6nrZM9F#I-k7h
z`&Rxc!8LCO)~G+jQ%Ma5Hjpreh=?GQZ;Qx^JY!72=_Y82C4PTyjH>^(HOn()scgcs
zSQfixi_cb}Cv1_;cL@2Ba~xa7Y6?1XqCej2lJ@B6Q3dpejFC5n?Z$NA$~$lbdzCUJ
zr{WAsMX1*I7!$1=QL!3*GalzTlO@~*K^8;YW-{u&qxvIOBby(M<l!^sYb0u>OuF3k
zj0<Aj1;#0!+PoTBl#U&me(#p4L!&nK(l_?P4&z~h9yeYpz$?`>)vdq~tgGybiyr&6
zbR|_af$KNpvgN0(?NJkJek}upCMB-}h0w2WF~1;P{opTDqUjs8`xd^7nHP$5S92R5
z(hA~>5%3Xf?xIpf8`9A5Uwgp;xk~Y+7RvN6KDsJh1x@{my15X>xOyqiw<KXM#@svi
z$ag;5#K#E)mREMQy8sD&U8sw_L`7`)nI_^IB;r~YZxNlnEF5Rn93TiQVDW#yXHBTe
z?QR;#uRfMkP0%M&A!qCpU&^I|o-w){5+C(o&RX4C!mH8QF_cA7iE@iKKjg$bT!|0+
zP+XDh(T9%cH&;2FQ!=m`Qgtg=$g?497K}D>4N#7#xTVt=INK|1x7BoL`okr8Ch#Gx
zr0PaCjntdQuT2sq{Rvv(qUxH^*DuRg^GR!R3_H=!I{dt_v&Eu?HMuat`iUk_$6+rt
zvCQ4G?-uU6Tz_hgY0?UK1+O_m;s5|%c7FDJ_Vx*MbMpSx?b*U2u~Y_lDjM^H^Ahl?
z32iZ(@LKXzKJTXKnkcEB{RdmJAsM;0*476D0%{eGtA2EwR|6FHLZmotsxXE_eiv?3
z(%4VQ2;5fsI1!IjX47aj%a<K&8=>d7tS&HTmkfPT9<PWtU|v!c7I@;6RY4OiJ1Us(
zNH=Vs?n?gV_N3W$U-a|%bWkyj<Y|R=z>>Jel&e+`4#XD#w=+?Qm%tQz>7-u~LS**H
za&#Ry8J?<{Fw@sZxY~*KkfI%n5w=hQsYHbPxYg5ChMO}Ba~m5{5W|9#odcH|I=@<H
z`b9bZQ8|D|-s-H%L+i-~H0*m}18}j#uTdy;0yNUyDtE*k%4FVN#Y`3|*(Q4vh<&>J
z94=L3xjuDlR@QlCnb(Y{y3}Bn!l_Px?~a#t$8meb48Diw#W8=e3Evy<QPHO-v`Y;%
zhl0xo5<DM9I9Ez+CAHOh4AKX&2}UW%=;{TWQ-;?gQ}YHkGqsb4l$;{$q$3}|Bmx%b
zUYu@dp|MjDA{b?o`Ut!%%qJT=!l>>r<GYpcSC;<Qs^FRy`VfGDl(QHd1-}mD8m8XR
zG~DJScC@16JKKgz7nw&@mpGUQnS)qpY8+LSJ4<VuZ9!?W&m>r3rI(^bv!Y6t(_Dhr
zywKM_VjvY5Ms#y<b=O@9dS9JfDHBJh?p0k%>)OkY3gb#BWg(W^+*g4-!yOAR2Sie2
z>YJ=wTrzReDWt+rBt84eVcSf|eqB$8c1UDt4Xc@{aVfLoi}5sGO0Fwy-K2DdsS9`e
z;WCPTvCU_}YAiT7f`7LEXmc0j!6w61D2zE#-4=;Wwp@9cD9iE~39l<;Iek0YmCZ|Q
zFkx-jv#t7R&vLZ(QMGu;O$$?E*QO2WxgSLVI)G@7DpU}9YY4qQP9J>(iQT49RDUHA
zgW;gCr`*%4|2hLj2Xj34Z^}_Q9_mf4+p3ypFz}Nnh&=V5O84#kK!4G{aI%^?P=$G*
zr}du34o=ftQBF&7FFwgXnUN#<)9M-DY^tu(Z4@l?cs5dXakTdvohHT?r?)%v^_3*?
z(acmv6~*kj@J_!$Yj3_=U!PDNH|q<LU<(nGVu9~zy}0Y1W?HPG9fu@zPf~+Iu%?R>
zR&kOMscmZ-P?1B;v{uiTYwEVBP`SGweFXFGO;28=g===y21QbQiXgilZz^TpcnGe8
z3zZSow=wV&45=6UQ<icVNnIlB<)S!7xF3bDo>2=a3VeJih8u<Kdub}qG^Q$CEaE*t
z^nM=2>^LN%;x{=;KiMvCM{W8!pfLMXoPKXN@|yye%Nn>%l+CW6X5UfbIQb?g61rD=
zgM9hIrgFx%9y`LRfoB6r`}6>Z^QZrO$IYa+6((4iXBu+yLU!cp?5&iCa%P^-l*OQj
z??#zb2N!syXXD13gu^b48>y=BMR7A~5se!Kaevg@ABa9NQcXfUvi#BsQ7S|3KaDHg
zCATMlG;>`H8@OpZT|xe&J|J){tcN}xu^z|O&i&3{CCrR)bL?F`pNh^@_B+a|G>i8n
zK8^h9H#00QU%RD3@mLQCAO+Zya#R_%$J6owt|YsJrMtuYNLV6fn$_tq<ZAH=C$&_N
z6ZbRN<hHcyIZodM#6$se?WS|Jd?p!bwA6qE>UBZOLjh7RS(X%?$IsZr56_tg)N8KC
zwd19b5pNzqj(^*DIk|aXyZZB)lcED9l%P<lq;;~<E$$+eD4VQOiy?1_UCz(!N_ObN
z_cfes=e|dya|VZtRZ@d;{n)*yk#0TWU6vSA>2g4|tFSHHGtW#!T1Q0;0ZJM<m;_$=
zy2t-ctP}dNUf28h_C8ti`Wx>WCx0^f0|IPCXBMxv8U*7RCZ%(R{xnQBo|RKswsBk}
zy<IrCcfg&Lr>Xwn%6@WzF3j&)r4oFmwO|kFU|$n3w{o^O@{0b(VOx$kGInf2om9Z1
z>X7(P?PmgC^eVu+BnT1#0MvhL|IcR0_8uOtzsk%M57%jNU{70|AYn+Y{7#)8<!ied
zH_CYTGX6kw$8~m&Q7+z`^_rKVDICsJk6+&%^A<eW+DbOf@jV)w3h^50$07$Z`CQWP
z<2Q?}Bc16m(#9!yw6Ipaj=Pluv45S5G_yA9@L0q*R~8{{ZNG?7IpRw9V1MwLA8=nf
z7o^!4_hAxqEdy-YPF=y{oJf1}{kiRJNZG<)kt2s~OnJKSQHNNvRet9aYXTh*>o}I|
zva@%3!2PD+_3aO=3u_23)8cHgCtW1$b_W8-K(>%C$Zx#SVyt#e*)2AX1X!=DP1f#)
zNrUEoQfC2iGelc_#9c+}0Z9Re3RxK_YQv8!iU*HzGJ)z?3dGl3NVSb2O@o5oHX2iR
z6Sdw%3N4^h2-5GBmS_p7r!8qw)%VN-TEpxl$;x8&p|L!lKicQ&k+M}lwo}(J$`#IP
z#twpnE+Fm&9e644(Q0md>qGg3UY#u>Jq(u0p=Cb&7EgQE5DfPI7Sp%CZ2p=Uzy#Gb
z;F`4s_ZM^@_Y>UhwqZ!;eGN@}L%CaY2yK*YlskR3K>cSxORc@G*5Ct~fX`gkzXSSr
z^8PcdzY@7S<qlb-I8dXK)(fENzMA){6#9wr8qnwXZCBLbv$ajpHwFk8w4ikR&buQ{
z-4sEW?i`L+o9wZpE8#{M$tDFrni#8kxUcNs_1XiC9rh3+y|fk=;DUH__?(nu`bK8n
zbM{l!8sC{TY}L}he7jBic3o=`V=_|cnMaZ_Y5r`_g#j93Df75yZRBvN78$nQ@S%9z
zFz7NIG**cEs&=+C7z&?TFm3Dd4X_;WO%Ch)HlXz9zal@gnQ`Hh*A`#A{4}euQ1gKL
zI6-}Ez=02(ysdsFa5s2BuTva&oc3-)#BVj6$R!A2iMSZr&iA4x&Sn>?gZtq|3n2wV
zO1M2^8NO`{2K4Uk9smhYL*|K(@5L-c8kxz=gZhDQy^&OX_ZQ}BObj#1XCokk%Rfpe
z;O)kGH=@nNCJfedkQ>E|?x43!m&4VQZ#-?cE(OYKxN6_Ayc=v2V%(?9z~@iJ?55kr
zLUgNeNSgx5#qc!YTCi3hILX~7&v}!%P`)&YiqXLOtL&oWc&#vkY-z|7*7aQF?j#@y
z<;9m{l`Oz189&$5M?#VXi=&t+045vjJZPGgNN-h0)V&Zpn5G8j%M9KnMd&w2tko|l
ze*Td(#X|?~lnfcP@mAWIb8*~xsWGd1?+n-Rqts^#n@S+9c%>AdI|PLEME~3O1wX03
zuCSj*D*w*~<~;hm<;ve!03eK@^PlMdGhjInKkq&A8-9o%{$HF(&J&#P{Qh5p@a9Xu
z2>!JX{CSr1NATY)fp`Cv<=27yJj?l_`oAm$n-=Fv?DNp`o6m13!0wN&=sfVenEwW@
z;(_=H{HF$-2cH*?-{3b6zrg=PM$Yq`UzERj3LXD-i5ln-;|*s305bd?g;%ZbPCvi?
E18@3QbpQYW

literal 0
HcmV?d00001

diff --git a/spreadsheet/macrofree/azure_storage_checklist.zh-Hant.xlsx b/spreadsheet/macrofree/azure_storage_checklist.zh-Hant.xlsx
new file mode 100644
index 0000000000000000000000000000000000000000..5ff5743f6559f6db8a27a0bb582b4d540985a312
GIT binary patch
literal 27123
zcmeFZcT`hP^e<||hEi1ogop)Dsv^BaK|n-6MXFQ*>4Y92gjhhNMvBrwnn;&k0z^PS
zMVj;yLhpp0KtjSxz=Ha{_x{%V>%Fz^S~AW|_L;NyXMg6i=NzJUmG>Vwv1iYo!+Rp0
zAJb82P`UM*JZd8U(2;*kK_+({LH14p#`gC7ZnicmEh^MCg2xUHA@94EMESF)(A<>v
zkFRLqckwB{Wb2Jzm_Gotb9evDn#AvSj<YyYeu;m~R_JQO@#|gZ@iL8H6a5p%AURi1
zPXqH<Xj1^}`)iYIyPx=6IVSdPq~ybN2fu>3OUoNsaK6Mn&e{>}YZ7@}fXsn2N9iU#
zF3JQjDvL+(P;CXMH=b0FpZE&eG^IiwDrdU;M+g_b>VuB#CHuZ_&mQ{SA(((1%_uSW
zgcw>s7d%mi^k2`p(&oyLMcdy~8!4!5Yy#pavo)KbReCXBV(8qZDbZunERF-Km7Ww0
zx2De3Wc^S@#l&Woc4quBBcMX`1V;ny*(hZ>St_TrY*QJjd3NS{WDh&tmwe&Sp(vyH
z#J!P`QK!{zRhy@56r&E)ow;#{Asl=-?X-SAdzLedCa^hHs@zp|4Vr-6h@=h@#9J5)
z)-Nk%#+v)f>1jPvw|nYtJ8M3F)=KtaDvxujRy*Es@68i$?!vBq@M~#?kQPg!{??)N
zv8G}inS2KAp7H_9PDXqa0@u^!5!PGhPbq0~MjpF)|N98W-|b+BMyXyyEQoWMRJhrk
zEp63k(hd9*w`wN3s?dXb_SB!<vxkw4o12Y*vxS+h*-m?fg511L6R2P01d_IA>+BTf
zcJW2n0hgl>iwUo<-57P93VCB0aOEP)h1Z|Bj~<)1jM%%s+&E${VqWkV&xd_HuDt-p
zw{=}adPpepW{g#s2%iKmjZs*~f;4G;aC9`lZLLq~R?zuxRL1vec@6SZ_AAP;zOv{L
zTv#jjiMBlKm$WyDx8}H$zmK~uVWlM}iH~`Rj`b|SkFP^;|0S-6Z!UVCRv0-NGjurq
zI5TaCH$OmUe{k>((5>uHTdgd*kk8l7op{z)Is9t9XX@hRrg@)b8lT)-{-z((Hb1JF
zf4iO1Q(YRl`7(WxTQr!?Hd3(V2^((F@7i&HZ|_6L+f{+@ilCjkNAE?Qj|rK5mrypK
zXC%m<>gd^FcvK>I_Cd5VF*S;$qL<c}?tEDpdTGywOjhChHXT0q<})#So1$4z^HvDG
z2aC+a@#CKDDx?#h?ml3VMO02nzVX3p*5#~jB^sb24I<{KVedz+`N#d~m)B36xXTbE
z+FJbZ5+tCLpF>UoWHId0J*}ziw0_jgEXkS^@TEeVx{YI0e@{xYeCW*=v8s!78&6i~
zE<#lU*{&WvyU5A?Xy1$ZP*hRlV%(;<CC?gnUk&$pY1ZYs`nxp^bTV9wy@H^pnnL^C
zH%98FM<>(ZFd%e!Y;`GjrA&0(?yW`mYY4GjbZc`lbqNOoR(avG*#+{~wUC}`GjJd}
z#o%&b6$Cr8Q4oQK5xZN|gcms#iM$nxvb=$k>pi87vf6JS?;Dt$44a~Q$<4sMC*@#I
z$kTllLh=uMt&KaqapI;&*%m!K-`h(ccH{Ls=q7pi<Pg6}VO^=Kcu81UexqM<h?gU~
zxdWJ9;(OD4ws<L{+SxHb)l?=Up9vW%P%?e+hijqcHi3Bxb9*`b^}&8EQATo>QfC#Y
z>9dtQQUumyMQ<JUikdn6Ec0al+@Pp#;7mu!Qi#8|?bG+F7vK3a=O$|>-EBPWb1h)t
z#?{sksYpk|E2Xc7rs>~(n>zM^P9jQLMq_I5#j#{Cfj{oW<xu6TT^wLK6CKl-pvpZy
zjC|${R627iS6<M`*UN<IGTcFNC;>K~B<X?CT-x!Vhv?_WQfOa|DSdN!xKGFhs5(t&
z9JkC#`+BZ#>?SK)wp)rfmZts$Tk_ue`pOsysTe`&>4$qwU$bhP$2`0h)R_V>-fMRM
zez(OLWp9T3LvEiO*XLBb8Cp)rbBwr0F9deJn*MkxO(hl50pLjwUo>r>QJV9ki&L8Q
zdJ_KOHeMExtIi$=hClr_EctoJsqy+FV1cd2%SX_Ut8^z$mpfCR%QLvptD3Hz^_n#!
z#&!Ilb@t#9rPZzx^XxeXpla_*_0jkM0hi_bUp=0N`4VW~2-}`eB%D?aZOoX+&)5KJ
z3cEu#^52wYnekgk!8IGRzB2I;-f(p?OjIp1Gu);f3m;(%IVH0XOL|NF+>-00Zk2KL
zf!0{Hv>}BvskYCBHmE|XZ#>}?RJjsod|@I(u_jV*Z)#XnrX*kGh<(KI$H{dgBdMH+
z&z7<Hez(3t;}ablq?wUf0#;tL1YO8KFz{fySILx9T`64nLdJMO2zMV-T~dzmJ)SB*
zpVv!A&!`@}J?M*Q4y5;H^<F)@)PBcn7)6b9j=$1r7ICdHQ<7=I(&r}UzypRT!DB;<
z+JGt}!|quRt%$;F8AY_i*49Fzt+(cx8$L{a<$u4_mSRjZoWN=Eg0Yn=^p4LIw^d|S
zEGu6BYNI!Gufn;=>hFpLYrZ!h+1+K3%`!(_Pd-`lDBTKHJ~o3*GZ(i;eQ^`}RP~Kn
z$7Q(pjvsa!@+^!d;OXiOK`{~hwFxl&>95(R828h>e5GtnbGYRI?yJA`v{lu~*NtyF
zPsuwoyxs5%RhbZS>ofTNCF{IddDUfQ^BU572z?r+-={0|ar55$O-+vgm{%<yF3;+e
z_33Hl_JU+C4sKold^dAC{q<VMa&s^>@8PTM8jf?CU)Lre@dsz`S)0v#Ei7@!Y{L7}
zZP>ooG`U<iH{Nq396dN9<M`&t_cnP~@eqY?O0}LA2$cq&GK1=zvbbmJu5+?Ywr{9a
zy7`zS?b_^0Zo@xvUp*XvvBB_f7O17IC=;ALM@MAz!uzy5PwDbzKhJ(3R#__WW?2Ap
zeBT>)?Mp7R;~ts!-$%rtp0(R`9(Bq6ez}mxpa^9PvCAHWnzATf>alzyo%TKb<YoC5
z9<h^>iH4a>8LH_W&KXU*4VE&|{VbYQ>-v$R<3&V)KTFv0%{_rhYJ2uvg6`XMdZ&be
zL5|i=7G`G7P6FG1?bI>UL-43V@z6$Yl55=3wAYic(*0Er1i1D*_j|-}8i8NUiV~(h
zal|Ym`-BU3s(y|zz{@^>j&1<9H%h6y@tbn0GLYfGqp+tvtn?poNPrqrrYd(fEfeNh
zihyknXX4b<Xwg+3Yo#zlSdX-qljr*d)-v&UnYsArEr<thW@-4r0u3rgW}wnhGjpiZ
z7d21Rf)T3-4_(Up0JLkaxJ1%$rePnl=QtZs289~zJ}%?6xo8Z=kGep?n?&E-x!ewb
zR}~aTN+;B2BE7agK(w~*1Br0oiQ`RMP+^;mTr|KA*nxwWG!Qb?p)0joKnb)a=Iiue
zd*uYsZWawt+=8yHlhz?#<<d6MY9JcWT4!fF1|NaX83cCvVn#{sQeNw3NQAYksBREx
zp;&qXL4w-~=>y=%;uudS3(<B@g_00gE!QR>vQr7#U4d6D5l`Bh12+?A+$a0N!CMdK
z$JF#2MSR^WAz5LgsI3ZVsY;N{YG$S!w1D7-Tiq<t-kP5rU6}Q-$Q@!u5+aF9m^=bH
z6HSQdZ<@sc013f>7q}8z;;JGfwh0C;tz6hb5#@yOQ<cFhL5v&405Q^>Lag!m;Ifb&
zLOrck4zWfg)|eIZ;duAJi&>}%Bs0QQ&bEeCWH>6uLf2xLbJLiS)XSL!l7*Z^3~!1&
zGiH5S79<!61&NW*ax!SAO+nr7;cXv6rfkkP*3#4Vzig3}AZS8TtJHZ`ng&O%_uvEE
zu}y_q=$lmwRBg|+duB2%6QH6oP2aq#*B*D2w961Y>JvT)%}`q<z~q2t<{c3oGK3d=
zhlBAidK2h%6ct76lS!uy*5XvVLsAiGC_^NW4Th9(S+JDk;#!~Bc;yW5T#X}O<$)r(
z9&-<iHdf}LkZ0@T(;bVp1#M|a(s~O#4S(6)Z~<0{fO_Ido$4!oe3gB)58b4DYoM?@
zd>8h6bEfRS$!U53NI$l(!YbHM^jRit$GpLG?0l2;vrnl+u64_vju{(KU+{s#7y|&0
z<e9n*Add@rpOD*py(iRkFqDq8>?|eBwVIhQi|$ij4xpbGor)7ayeaL2G$*3t3LY=N
zCzsjT6{MQ(LfNHFjE}itUH2j`WsBhMJ-h(iD4bl}OZgNl)e2$%7+;GH+k-trim!F;
zTEwYrfw=^S`KsT%z3~1(WTC3qsu4+48FoS?A%o@G9Et8De8g5rw+f%fd{Y^{6@kV#
zHduR@FE2~3!7($~bkf-hAasLhNh}4TWSq&Q@|Yu`P()E<$=+}D9mvkK{xqOBm~?HW
zIStj`pg0WO_!a^HUK4-b(VJyH;%tM@=_kY_FLsFvAlDYsIO|Jr3*O*UL`hrP!RQ26
z+J#&a4!)*jm5gkvB)}?^d`fKbCE}~ahBMIid(<FL$(8ysZr9QNvKDJb-eKtY0KpC@
z^%9izc(9b@fPeP|B+b(Nq*_$qm}U}bzs>rS+^vz)_*t*+O@x0%C-^%E;>9@p)j&AL
z{`u#C6qO4FG4@b&QNN0qaSv(MEpPJLR$nl}N_4)oX(+qDQSfMAclN+zP%fUa$epeU
z8N48dnm8kAMGA_BrLrkc!kY}&9tMw=_9xBWOe~d)M-y4gp5iK=gFv{n(b1)e>5SC3
zlAL`yT#ksx&YC>^oiP^R>NSLj1M%#u;Bzs+qeWjH7xIgIQlm$TF5;)^t580lX*cio
zDaiB&Eio7PiX5T?Ci4wSc@bth^(!S&u$3Fay`qFsUoH5&TE(=Rp?)`xfCIRu85+*_
zy+vA4)6TzOH<ZSXUQ@2@xPQUrNtizKyvdch&ED2o(1Dn}Q}1blS=p`n3kIwuKU7qj
zJnSB}Gq3A@%9JG~;13Sza8VJFWapy`Kk#}_82bf-@6SIO4nF^8mqff*hg#^Q8D}@G
z=6oluxMICDI;>T|vh^fRgKl+8VICdRA#(=NUjKNYAP_crpXn;Xyoqa7UpCAU3>ot=
z?lv$UD}vZGIDi+QE?k4W1-eaX$AjN~=|vEoYV9rNhZhVsQ85`r0dQy0^_4f*LAivb
z+-D@Gq+%gwo7~x&Xp95~F<)FaH~{QSBjD3fY9%0gNypI~TGx@zv_jJr7$I18-m-Pe
znxKlqaZe#`quX*>VexGxq62Kf{TCM54rOA{?+|+KkHCF%t?!=>ym!Ay<=k;Qo=Jho
z{9clUOV=gF={zhoco1lf<LR`~N+wB6l}srN-^S!lBELDD-3s^e7id*$=um4&K&#>6
zmRnCEtw_tmZn=;N-}ZSBBCRiDftI$RpTK1)w#oS}Ui@8rlo2CxKnU&D%n>-#>QC!x
z;f`o6at$sh*wm-%8s^WS9W3e)YUmJR+=e^8j8Co^+%%tARS1elE3{w2J@-9(xNgBI
z--tD{boP1dJEt{*?V92Jl7)w>poVo9iFjKuQUZ;EtPLv<uDTE-Ev5pZ_YP(NVQzAh
zJ>V<DmobR<AE!l_`k+h$cDPiB;b(7b%M<P3Hjqx-OwK&?dq@v)!_x5rkhJOQl{<aj
zMXRggL%&a}HEFA}B^P$5+(3$@*;f?@qH`wd0Wa79JBktSRy0YithmXTM4wKbA>L3G
z+yE}jt{ah=_}EDzxN>^K%8`WcxSRg`0Xj0GUu(vN>65c-q)je=>y|3mbYL&-GL`fq
zs3a{7j*y(KwcDy<WrLMM!F@$8wAQc^h-U@rVH$pEeW@@vrh7oNa^;HzNi(63VbU<(
z5K@u%V6w7*0S-uPiN`FIwre)H4O;Vv3%tFQm<-k`V#T2P97kG<r3ig_BOg%@UG#Hn
z*8AYe&$W+5+JOfglEb-QUuduDH|PNOGfg4POY+_>#G~Qd%gLmOami7`RXtkK=^F~^
z_PXe6=bz#)xK^wnOyEL}#s#RmS-lNjFPR%gITox=f)VT@hOwB1=8S%M$*Bf^<JL)z
zs&3k0SxFjS)#)<E6Os`dcZVXIy{35!O4al7)bj+SvSvvZY%eCd*y>1bFeid4|L4jm
z%%_yJ4|!>4d%3IW2M6JD<}i!znCI=-6Fk;T*?K$`OS40Lh$`{YLwVa~m+oCwdME8u
z@IK9+zg7JkDA_U(qcx|96;tkT&+9&>J;rY8)vr(MNIsoZR7n7I-se4BX~Mt)nxeeI
z-Ih+<Vx26*RHsUb*R96aOqkD`tUYU;b*l0DHYQKhPE|U(-xwlS-^Y#)fPV6nYofg#
ztGs%W279tO74Khsh25~IXY~ZwC5%`EYcn~X2e<z~`9pR+QEn;bX$cc1=BYPRmx?0&
z0nM?Sl01c4nXC}Q{^}c;^JnJH-?|-sJJb>|%s+E}fO?gFrT=vOW>YafPa1cmpx-g(
z!sBZar|}1czi!RR7?YfuBoe<WJ}U(@ts4VPPk+7DPP8#xz!As3x(-arG_567VIND5
zdTQz;-|n|Wk#cx&WyF`C{1CAi@rc<i*h-!%5>mf*81ZEvL9caQ=Hm+DT654N#XH?L
zxv)5C&-h;9nN_u!k@!rIZ68w*uDu6leiHY*CMQ;6#*xb~ZnCg&BUa`Z_7zqbs*MCx
z&99y>^RgGO$Q75)#`E_wv#>x=RED#?1`&__J@4nvKFXaXeW|pAA`zzqu2)5Qt){fN
z<h5KR=kyq+US{3pgs$qm=xBbQEnW|TEZLmu>v!)~$<lH>IQb|+`F_%a&^rV@(7l9N
z{kJV~==w=`<3vgJRmo&rdCy^6C2Bt+XYjy-qHoj$?<V~<4KA+y=T+UsY|~J4#VK62
zW$<cXw=qsck1vvyS>)bq3p-B<8mPf0B!lz8SQj5Ryv1v2P|fA?klpp+U_!U8@Rzan
zoZi9dar$K6$_U>|rY{Od*x-|xO$(-lY;0_2;AzzJlZJ#u7w!4yt}@w9qqo#!2USZX
zrz>|dxG*j-Q@KgKYOvC;E%PWA)zy3J7(TcKlRbeO+5$+DU^a85L)0>ot|^$YFbQLT
zr16$v+YzMTlhr(GY#ucy8I--I^Bz?Qr)=nn(l_0)8(Aoqp@+>JJ^dsV#sx7tgb@H?
z6v~hqYT8G2D4=|3XrKP#rict|k2um+cp$p$M60TUpZC*L@rdMU)#OBLT-~V3B+gPI
zJ9QTI04IKe@Gc^_UlnRGs&Qe>>M=-UE*VpqB*wz|>OgHpm~nZ4_yK5HPzN?zYhz|+
z-s%h8O1pq}a|s9SB}>dA*V^N~*vHjAxf%m(IAn%$B>rn!51eZIPl!#p(NbGbvV>Si
zSG9v|qvRPI9@iW#%@5!?IiZ&?!B4rcCVR0a7cSnu_@xj)&9r7ROoh+eu;ra;P+(;H
zRDkShY4XDM7LJKwd~IgRlK|M2pag*fFXOs54^>M|d10g2uY4^q?4XxaQ8a=#*k-;?
zGe=0#!aEQhtD~KQR!8T&&gpd=YfwlQ?a>ulJVH?7=0V3Do53rmHTB~s;3HmX9nC7`
zd6U*$k63aPot-9`g_X=K>L+TG8~_=vs>iciM#RDy@rf?obE?41{)Og;c&T@IQ^^kq
z`uF`UhWf=Q64i~8L?g3r%PH2=!D!ktBIY@h=iU~0@y7T%@kF!+U2yRCHEGZn9X%N1
zoW)61+L{<|O%>bxnAlQk;@8+#@%SsNHH#1uu7)dPk%23NPVK?4nJ=mYAmiz2)zE`?
z#0R**>C`ki;<Ijv+@8{Y#@b?Qp7~HTzM!N+Fe6*6Pn0WDf2x>~tFkBJ5Q<_&5sm3D
zR&CEt6ZY{unkcyfOoUd8aIU1}cEPqFYmM(=8cL-s&tg{Uj1PNhhFPdysRnDc-Ig+j
zVr$}79yJL<JuCsqoE{?3my$AsLec$hn5jMm_mkOp1GB3EXIkW}6u<S}nOJ;ua-HbB
zVvO}_W#Wn!YHuag5`2?BO?8YPti{&XGOX;ecdd#y$K0$XsbtF4dzCi5z#n93ZU|GI
zuN!ocDIGu<JgR&ZMEzn;K>Nz-$emSnVgdl9R;!!X=OHnV0f0V5S%7TxE}M?(a)bv-
z7wEo^1AFyABpY=)Rofdd`m=q0a*f5g^Y8YT+D(f2LwWg`WVfXrI+t`&4olT_tO;at
z10ab6Ja%|Hed-Z$mSwH1%^lrq2`75bcnxH&xJe&$8Sx4q!?A_1vu%Xw$@2NSWA+$e
zT3cpL=Opt_tR+ivot6lm*c^D{M@YU^46JI3$FU%Moo|dnXVM!YRW_E{fufLhc?n{c
zim+{Ft~$)Jk(H|l3G#C9q^jtrN_Lj1=scc8IxmNiL`f$ErR|401*s!hY)|jwn#N{G
z-dN>|_7N_eY{Oli${b8ws2r$<RZE;FFi;2C=vkT?+N8JLEz)$li(vmEai$*v(ZL~T
z9kUO0v-Fns95yp);T5$?d#BizSZs$i7;v6%I*so`0eBm#s*c1|U%yLOPC29p^4`|U
za#!=V(DRe~l!M89Ko<%0!j1P@l-$i_J)DuL);|6MYwuSztKkgXXoMr*vrl9I<XwSZ
zdye1-I%l<7)`{?YEh$r764=S0%&Jo;!;odIyq-pWi-1n6^6MIFhl;!5rCgIw?Mhm(
zu8yBQa^fym9m;$?5JUsj63WLl%iIDavtRGWz9Q0U&F?G8rMWiRLpmB&-Zxb`>JqJ@
zPDAY-T~)B+cKQ`=|I)<V6}<;R155dCqL_%dVy!KMD*uup#8t@2ma<PZfJ00qF~f?*
zLkBD1hz2H}BQ!Zf4)#>EU+bfEs@t0@b7?WvR$S;}Mi5SO%p=jIhj1foVNRAXp)hll
zO|Sa-HW-K+c^<b|>a3wCbp5j&doSR(dziajHn5C@H{pnkp-BnUlj)3E(@igvcs>Kr
z?Mc_gm@<dbjV}_!2&_@Z3W2zutN&K!PR)#jr8Gtga090`5I8?w>&vc<yX7&^3yu_6
zy=C}8cdAY}Jpgh}k8e!Rqv&pg3Gj@XS{DifcP)EWuHtJTU`l=|fFv$1J?~sqpI5nG
z=XJE3HeHS$e@PFRa-hHg@uie_w%FCx*~HyzNV}~Xs7)wmzM$9O;<gCQOQ>0s<K9-y
z1l>Zf&t)I+i5s?&F5HzV7@N|QtF?JzdVVPRd?Q%e`H;zrPkNy%wg``~+vkgwP<P-@
zIU!uG1}l){$ygTgw=*IJ73hZUmiBy2W0-@I%FXq_<PMXPVg6Hii4X%@nPV?BB5)%{
z+H>U-$Rh(T`j3{rJ0IfI@2)!~knR%<NEigDm272Y*J3QYRnNZ%)VZ{_tHrOXmO36W
zOZJAO6$2#B@Zui3Sa_siRZlfn7tHk?w}BvWwbl;HADt0lgGaRZ6Uo&ak|xg+K~9QZ
zG`gM&k`~qCQ2>!#<r#jjW-kj8en3dWVegMdPY?#x9@`VphB%KrU^GY|F5oL;+-l($
zP93%`7hHty#5>=d5x4vGD+HbsIkPlik0)1S%eUa@$!{tNMJyQK3uszfZk#ajB~LI_
z45mn6R6NtTJPmkha(X!O%zkMlqtC;N$s=!(qJCE{*%nqVfqfXz1xNI(CTdqwp32<7
z;x*Fn3r!^WsF^{Chq0LZ(~GLj7vG49mwx(^=%N6+d-Raj*+iSzsFSzmFDFk}MB5dJ
zvor>{-h(V8eD=>p$=T2Q5@IUd`1-3)-rC9Ef?naiFJ&K(rfk^ieOQP^qo*S$BLIY>
zVQqPz>~PQTwqw>dPeu3kZYCmA@0>Y+Qb?Gr`bHDkF~_aZ86ERpNRP%fxzo*ZeKE>8
zdt9A$BGp7P1|Xv6vYrPSsMYX*WZ;?vCu#Mk&xo-_NCvUQR=u>N)qjY53tPVig?$~q
z+I(jV;(8HPdNpT36sP1Xb*v^vz!;D)p(tHdpa?0eLJoI)FtUj(NXbbmU9!@i9a>$0
z<vgNc%<c<odYy4JlkpzF+C{Ckpxc!vn!x&8!uUfpZ?k<RDe27up?18&o?AV4tYG97
zTTk;q?+~?S;BcG;aGLiCPkn4a_Gw7sw+(bcFabakolL_VZ$j2uM{mvKoD|*?5m=vq
zNwY6(IqCytbZFDCO59DYgLono3W9o8RKmLL?w*+%eI|5>DVBmamHB+qRYWmZ6ERn9
z#U!J>By%)N#H-C^MMdHOWXaTry7}&}vM4mUkGgrH#GyK@bJLtJp0H{;c`UX(<<NJB
z?t3EoitW%wpS{Ks9ri0NiNH;7r}0g_rx)|$E?x1>VN~ls%Yqq@;?0Qc;tPzR4GUQd
z+|$CY%2C@oSiv0Uz$mpcw-|fw05Mgds9rAa>x<9V;vfku8yRY=F{&hu?usyLE7dsy
z(b6K4fiTcWUF&1#i>IT#Xt5IRBm;9Rj}z&hiP+qz)n9$V@|y8DPOXqYT$(rb&`$tJ
zCB!}Jyqn3ubroo+7v~kU`oQS5(2Lq|XBTBz7hMf^jNoH84lTBQ%<ludiKbB#<oAu7
zhU-!8_K&Bcb7d3w4&K;Ov0`!7zA*?JT_rvbVui-A9SL&mc>A%!qBZv8Xj=%<o;_jV
z$-0!6pS*87TV!kl(x`1XU3{{tPkJE331<T7vTLqNw(4IfQCrAvz#-J3AH1?t4;`(D
z!c>pl3~Z#iM?Rjob$pl2)Gsk{cd`GFLmO=3<15G5Ije!NQIw(|&6f+O98o>a85GX7
zmVL~x-LRd?xniYixO~Lbi?xtN;VWp6eE}2$>UiCX5YUTT_pF7Y;|JKk71S;TW=^ZH
zeOejzWQ<`;b62c+i+tQWc&$R<dsKUvuXU7FQ1Q$y-!eOu72nz`G?^ZFOirB31iwXC
z!Kz7Qy$x@^C=>PZNn?#i9p($eHYUERn>Cp)%KJX7b43Rat#YZh2qp``fK|-z>R=<0
z%1rVt^?vQ+Dl@KS1tv*0)!i|O1?8-KXZzQwPI(${h;s-GyWHiIgw`z@#04uu^nz+h
zLj!V7hTSe<RpJ}wOW1O|^PpHMO?$OVBsZ)1W43p?)|N%qdRf@0V_lefrz|K0wrGL0
ziYR@_CYe)vbNkrBMo4mrY^LfmZU&7$WA54{MOTh-kus)3KlL7=vU4*vW%f{VAF97U
z`K08O&i9OVjoAczTMPWkVPB7kko0S9)A(Ft%$g3#OkrVeWj{<z^kBPh`|3E4sB^jR
zjj6o|@uwc8qAz7=xLM+}WjeP+n47?1W>=w)QoD{&@f7K$snON6#^{-rXc65Lzw9Bb
z8VP^9Jr|MqwSfaWOI=k|!1RzmPpqxF&ab)d6c>w`Nas`0=gSSl*x@arC78G_2U8w$
zeba)$2oTg!GV{jWRo^nUmh2@59&8S~fe{fB#F}c2016tNNxD%MMatH^3m<S<aRnKC
zX_Y>1kV6gxUG{>}4Eb%2^c4x{7ES3Hb&hO`@b?r6XmePeXyOczd$6=wXP`D`X)fdT
z#kB>JR;8EBgU9z(UTzR?3(d)#z5izZ`e=3OU|q!d90ik2r39I(iPg0gUdIfAFwqJ&
zh8;`7ad`~|Gzp!_Xydi=DwVmp_JA7r^7)teih+uWvMN8FYkCI$zR`xT7k8sVq@{)$
z07rqYFa`I-N#sYTu2^N>SZDj;6sIMhFhqloz8Js%&0aB~fODNSikbSd?Sak7&t0JH
ztD~q&@|)d6{Tt_9hfBE`Qg5bTh;khcI3+K^q<umh8AR<moUrj(80CUfHtcAx?r52}
z$$N_jzYi3c8ezKj%z^rS84LgMcTG16-4lSox$YOfa@pEddp4KH?VS!ji{?*B6B0hZ
zlz6TKX#aUC9hm(62C;ur)VT_V_*8!5Q1@{O!w+_J)GfaFcfEJCKE9`|<!y=ZkkC8-
zGT&jM>oCpio@`g2!12yQ-Q`%VoK95Y;98CA)4-ngVU`=)_~UKX<*g5(sI%x}`xTZa
zG|ow16^q)kuduP^Rf~_I-SEs-MX6rJ<c7pm^0QAk#Wbd{b#JMb4rIRJ1HWF$O_(&z
zO(G?V;9a9f>wJi=okbO2QU{e?=+c#EyYs0y66PfalzH=N_4N?c5k1mimIb?nL0AQ8
z0^4)!1x>9+I-aDzQdQ0ak{OsMmCCTgpq+zUD_GL#(rB^^Wa|MfZJQPTHM*~pziVkY
z4;nn5?#1Fbfvp}?0T&{nQyvLv9$Ths0&az_zN0+p-3|`o>|g8Sbb`~~4Cu@UIyM#%
zAA61uW@SA$^i6bH>^m}kKX-J*QEG>Jv%I>&lLkiOgJkN7R_QM4JjkBopP-GXBx!Cf
z0T6JonpO+&N<nheEca>=qp;G)3XPa3A)4Minfeb2dr-~B30V=NJ^~>XJ&$i3Ltt%6
z*w(^6M)2n(D$RQ=HKnncYzg-Bc<3%nqEaVkSMsNIxHs*kqBU{JcUNw72)UV453ZhM
zxe9TKvJS6+D-<W^>IyMvnrUoA*|+<p;8iaR8Ge~WT!J>6Noj1nY(6w@m>?iP=ejh`
z1EKaRb2DqH{4~=vO>;-p(Xhh93EYQ7+P2)9-zpQIm+9F4WgpO&co#TWh3M8I^xgj8
zR$ikK#m#zAjM_xI-?S)foiEptZ?@0Lq!I4gRuzOT+I&zl?aGzLqxahHzS31`eLmgS
z(*{Nw6J&JU%A?Wf9*6o8sB;|Y1r6r%97t$7!>rRb(e7T+T`5IggIAZlhSHd>t*HQ;
z)Nj)DCJuJ4MCa&y=t$MB@NE@zNhHKh9(9`vmhgOi;97dMRjAba>9NdViHQ01{)RO+
zq*WNl>51m)FH8z&P9;Q2bwj3a&o756Beya_qAS^1U}8(@ElxzQZ&!I;)ioGg+C%S|
z!0x|dS;%ajSkrdOi*&~gCwdS!&5pc)sAP8>*Wp6Dl7G?NE46y*vaoY!XgT(weX)i~
z@ZEk+0rWom8;5Gl^Obog;xHe_?qI0`+zsEa4s<S*TZchI%%$4w*VQ4e{nFLychV$<
z<71O(Zi=CYB@8b*zf?Iitk4}|A{-ZH;!Z#f`p@dyX3t5yKc5SI@kW~zZwGd)s&%QN
zyhL3=CAm~#sJb>NB0q_sBJ}4l&4Wsv-<Xv`jotEDl%!&sVBf|p7YZ+^2CZnxu|}^H
z`KIM&-pGwtFqV0ZntKut$`}Ou)_<352u3Y=Iy=p0<=kLysb&!fh|zy$p7ZLyI&)>>
zijC?KEC0r%s9xnaV`kL*gbdrtKSk>@b$65-F7|u`<_3Hkui)pO)Nmx-asxjW&t;Op
zCNigMLl7!Qu!qq8bA2Thaf}Nia;Vs`x|8?Gmh#&*N`EYAyaGe@W`*Lu{@AAZ4e$j+
z@j0)M@^V|=u@31lNrPwjwcgvI5umQscQg2qPQeSV<J0|4heTGZCx*V2Dk3WmX@N3$
zoB#?(UM}GZ#<Q&4au&EavLZwl<m5%KS<t-A^*KIT&m>VxH5+CwS*y&;=i*?QPM}g&
z&J%hd)ce8`^ntshPCk*J|EPR#sZf9{h-SEmku5sUh;edw@ImuhkcQ~iw0<s4$gH0l
zhqJ>y?%NdJ&M%+hJL)3vf!o=Om1%By0;hGdEdrgh!fSraS9q#c?zVYASv@qkY5tzq
zdW}z2RPEfMN`)gsHgkvhJ~-p>s~Qpp8q`;;kI7ZdDtMh${mjZ9`rWx>c<e!<`NmqK
zdY>)~Y4N?FfhxM-qR)v(qcZIiK?cnu*{7aoNT$*>81ugrXYGL0W>a-28TV9`!?D!F
zjm_>-1Z!pw-0+d*F!_m!D8@Gjd4B(W_7M~>|AzWAr<RJTa?75+qcpxBmo=+w<t0lt
za>dGz&~zi7v-*K;$+Y_3G!hD=ydoAwSbRx<JiQ28=`S@Bm0Zz5Zg!yE(fU;8Y%LlA
zHAmf6@-pytiB{DD{5RNNn9AW&yy7PIOMTPu&0xCU@}g$aYNOWaYjncwrv6L|eAdTc
zGfa!a%c?&X2(xxe>PYdptT?t|{J6gGbaG)LV3PGXTy8Gmc@jIYi)#glBwZ=P<88*@
zc@;mq66f)NjeTJfn>HD+R|{y4+^iJ%sFpj11+43q!%|x1!C+`&Zc2{n`<ZWgYZp(m
z2hQdys1ZC!U!@FJiwRsd!sgEw5t$RXDOb_8yw0w;B}-d}4+yokhO4o29VaI_i%#F}
zs%2~A5=}qN#n$fY8>i2l;7o&3vU9r+fm9nvMM0}&m2nKzeEND8(*|yd<BL7fG5v^1
z^KNb0w9$44SVaLlP^OT_p0w<?vT7vVkw#krpPzTmrfraea&hvPc73ladc(~Mew;my
z8A1@Cr6pDbI^99Lk^<MJSKqAiTiw8H*`7E$Kl2BA)_&XX6I$K}bm^8eX<JhYd;C3f
z8Ea1kAH&j|#u>xnesqbo<7`%D#^!j_R$}gLePX1Ifs|s~xni3e)Ggg-`16`+zz*{U
z>l{x6wklwiK#~_o7&#4hLA=FJL!n#Fh=p#mISlQaa+m^+X=yT8?YOf8k&RN#U`*(n
zOU3|$hdB`ahw%jk*>Q}6+QTk-4Okajbm?*nTQ@p!`!_cUgrqevS#;3k7h)uXE$U+W
zPczS|=4TR{x|3N?<B3=Ixpby%MRAU|=ug|buGNLU5uC750cmx5eRn$-+24Y@TcotI
z@4J1w&f4lJVadkWYl*&$D9@*u;S2hHt{#SIlUE3WpRU9oUi3tqM`J(-JAi&x7Aadg
z;Qd`??!#7dlQ)aY#}#lKc?K3;Tl#GIS5C^Rl|}O2)}pUL%wYpSp`+7FlW_2wiD-Vj
zOrBQ6w@wvbU#^@A&tyG^&udh08fSsLea&?z?J-PQPaugjo}QkC(ame9`ARQ;H?T%l
z+#$R97=@CK#l~{+_^fwM#dzU1JdICn@uy&Bfbi5vhD3OfWI=|VA-c4wdmt}|*1*Ue
zL+b0B$A%R3iyCg>@e;-05orNEJq_ROj7m<(XU+^zXJtJ65HuW-@-Ak^*CQCikC$T8
zm@A!R%8mjr-$MmPyQkV+GM94e2&(ZSW-{fb9Ey@b%Qmrl%{L3Kb#a$uP=i!q&+nnK
znLAsV>K#`a#0qjfjsz7PeG!v)T<x^CZ(@djW*cXD0&V3mM@gIDO=vuus8ai+KX#H9
z!q&Iij-B<?ec=FObV*C+oMfMX-w8ElJ74-RiFK_2+kui<CDN^}v`Yh{&!F??W8~?e
zo7DZYo*b!H5Y4pugw*+sCVFYDK!bP)OvKPMUno}rxo3@90;E#JM4Y~L@_I)yv{O3o
zah0$gp=a*iY<$sIL3}IR#Q*tpi8AV%!}=-sgoi3t4zBx7RIy{;B)FlYVTQm@8zIy&
zDjcMW@iG3$BxUry@{{a6CMN%KCdkJW_q1V>lwBu|&<>!Dv>ImQ)Yp^t&v!7_gqQoe
z6`?zWi_nT8<Gpqk^3^I9^IC*ilnPsq!C4u)Pj#Ki+pj~$0x^8L(lh!-Yg5l`J(rlF
zB%#GXJ1pLHN@kKjw@L>2<QC|fD$}y%Z3zuXX{eJ@d(&(E3gxV^Px^Y02runNTN+tv
zwaee+V6bF0WWstkf|eGo-%_!TCx2&&(B44XoeaJW{k$sJ0Db9eedC_U;5XgYDf`9E
z55d{4U3ug3-61E1(}0b=3)mZ#nf*!)_W>irx_5UDhQ7SI)MVHAD6Y8!t|CL{)E4Aq
zEI;#LFBY=!J^b!n0R3|D)VE>&oJs)$K~cV88Cq&yRHjsHFcQW7!cKlOwSQf?!OWR_
z+H$^SHGQ4HZPmX_lh^)^)cvLscx`m14>Z~Ak95{k*kK`TI^a#4JCnA8C^D!~-&bc*
zXTl~eYGcp5gL^G9Idi7iI`j6sYvSxqXA1ho44<A@WxPj}aWd>}4kgUTOEV4^VDUbx
z79@xfys=mdNUKqixmgHt1A3h)=5J(SN<s`60EHDb_5yNA37Kegx5~S<Rk8@K)zWHh
zkp`6CR~fH^BNg%M3wUXj?!~(a@piKfTeD~|7~FvFcc<!Xm__sx;V4rAYzx`1A`>Um
zHQKOpjFA{Sfs?qF6wmUV$+4k{8#wFeEboQE_C#*+tzR`EP3k||=%JK5d|f<MFK!k=
z7$pJ#eUhGqwW37~vcQ^RB=v;-RwMtbt|e18I{;zJYwDbYyY<71gVQsMi%oQDG^G=F
z*edNEKMI@2uPlE_+;}{1g@$L%mVP-``JCyYB(j*V-<77@chRGJbFeOKe~!4^_Th!g
zSKhk0f@-#Igro@QZ||4Bdx+%W6=SZ`JFq`LjH*A@)u6U}LUi)>lx64mdZIxlKzby-
zH@!9`c|uEi`d|m!poZ;z_#@wFvlH0;H5ivifIB>|^QoQ=1&=TUytnV}8f4;4(sj-q
zfYUChBA(kP=q)t_XQoN%NskZDTmn5_>mW&F<R%lp_Ra50(-#_lIM3&l&57=p_l2$;
zQmbGXBU|k}e3=*)dVG!1NnS3GIoktGZ%?Q*#BQEra%vMLo(R3zAHA8hlCZ|7OlnC`
zETCH%-ikvBJLq23jBq9-v~kT@&b0YQ+mOGhwccj%D32D?*GDLbKM&5J1uW1aAWO|K
zkd)rk=&&pxJV>;lHO*k7ySu0$e+0`rhdSe`dFDl8X9{Sry7;-^a$QjnJOAp9ZS;`M
z^3>3ZsFR0Qkj)zxsl5i!`_3(QhQ;9<IZ&UhmbA)^)<SNBU-SwIc-41%d}&_k@$jsD
zk=xRBBLT?M>p4`NPwkrEIXAu9!-XVJ1;{<l6p7Hj@C;Fk-2_hK(7`=`gc<dA`ni7m
z0-y^4FR_K4&0gc~pgD^4&;uuVyQ0c^H>w9|vryFmye$uf<(4Fzvs%}%1}F3uVl6I`
zW*ksQwhwy5P61u;2%oml@|XRK8yd$G2I+a-Vl{?nXr<w!OF~RY8HC0_K6<PhwbDXR
zbj+$)s$`6wFB_Rdb|m{v^gdIF+G;X*#4m*z=|lABt=A!YkyF`IJd&b_egsy2WST9l
z79z&RZZ_I<#}_!K<yFy#)_w|m&nI9NI>*V;|Bx{I98j-Hr?)WPE~)CPxQ!ifRla?=
zl1jZ7xZx`U+`BoKXfevA6aZY^uw{YobBqDu7fbh)B-oATzCGZl-pk}UvzfcXpx*1i
z)IFG*mR|xa#~PedE9#VH&#FS}qxqViIV6?)GImnr>*iV<qlYNM)dRn#vLY8q>m@W|
z;NCTeg5<F+<jz}*Q`h^=Y)k8^Z>dF6xgw*9Ve$p;OSfNyCTB^<PRtBn(+Uq#R98kP
z+1%Uyx`ELtl?Q7U8Q-nL4_uW0a@R4u$hY9NRBX0){*uLu)`#JI+b|yqL|RmZsIA;F
z__Z1|df)QF)I|r!!(Z#ujxdAn6>s17nrXm0@Vc}3mhkOop-HCP;$QpHtT)K7%8P_K
zOx<1^`q5pjP=#-oUAf{ZiApuCnO$p^*I*B(-hId@`=Wc$vwU#vlv%(})0rr>?%lVq
zP#qa{VF(XW>*gH%9gP0;Vmd#G<>C#cdsoBHn9ZyEZ63cpY_fF5Y*f7(&-eAz_Pd!E
zHupCA)9z3F4tl}F=tGrX{=IVt4)TQW1R@x4Ib5bQbC-8niW}N++1~XB`#l2kcOH?R
z>O8o&oc>_x_Z>~3H4XR!WK5zz{zUKix1^)b;U^FNf|%R~@Eqf2r8Ez>MSvwzerN8;
zZU4~3F>Y(}M>3kH?}|{G9b_*ERwo^md-8i3mnSaXdu9)F$55JI%k0ekSY~!lCe@6z
ztkDPEw>J+T)1=;hEpBOaN`rb|)~UBYiLpQH$a~!3r`6Hduj_2?ayt6@6XCr-op!k{
z{8W@%{z>P)a1~0kLyY6SNme%~!yoK%q4dvvwA%ZXlhXWxyXY)=_>&P5Z>_3X!)0w%
z4l{SrhacvsmDsn<GV)>)vQJzN{9f$;9N?3g!=StVd&oe>P?{ew<jbFYK^gvp;mPG=
z6f0|5vK6`cWmV)$8UC`eqNP}6GLWsv&5jjAzWqIobDuH}{PO;jJ1w{T%eA8yC#h3p
zv$Wp+*h!yHb@EV#KT(y-(5kp`siVvLmGMP6GVQZW-)^7JU-4y_dTW2Vu5|Z)__2$M
zI=*5Hdv`c59Q-PSVb?~oI>XT=c9$Xi#6`I;_qr&3e>&?k+%c5qR|vwvl;O`1D1G^t
z!ZhJ3l;&5CSQIJ4pE;uRDd<PRYiY9_cKI(ROCJ9A-+}DEY?jwso9$*tFFv2r08)m(
ztjPTn9GbxJ!^o=?)BnBIT@kYB4?dHXA_G7f{tA%X_ovGQkOL$)Khd|iw|2f}=Fl(n
zDSdk5wf$y{l;)>AyvI}Ker|g<a(@TXPTGsIpFiNA{!o$sFnjsFeo6G=WG(#V%*o%_
zXW)lnj8!LucwxUHJx}hRpnn6rD?(|0sNLg$uK>#MXAG3S|KUb*43y?qlE&eb;m;&d
z`aXTpbXP-z7&uI|N!Pc_2FJq(q?aEypN76o;by)aoF7c?-@i%zw0FBn`azz{Fv{>J
zc@!yEpCfx_v)%ke|22>@{F$Tw^xX7+;5kFS+r5qR^~=A}r}XJfHpu8xnqTN|Qs#c4
zPwwxaKfaAVISk4dxa5l8|1ZqKfR7S+uXrCL!$SEbH<=imuus~=UqLpI`<EV3*tOmK
z3{nF~8U75?ghIqCn&k9QnqS2z13(%6Ob?~MU5T`bch7kr%lvi2f6e?)lRu52G{3Ug
z38xHyW|7jD5A383SD`e&w%Uv$W%zTeQTpfVXAXVkq%^<eaP2&K_>0n%KD`Nr(v)Tg
zRN2S5r(OfgBfi`)xgB}`UEn2iT^<J6h6hu};}5|tlc%LT?>u}Ln$Ga$@NkmjE!@?k
z9H(ynvXgshMqhd3lDGEhwhKOV%IEJ~RKFNXUn4&rf-yTG%lk?&^$xRobD`#i7j%sm
zJf7b_oOd@#=_tpW+mW~5-M(<%JK*a@R3o>ywxIFtsH^W{EwgVO<9MU8dN7sl(eTYM
z@(OW+ukXCRrEr+(wOV<^y~BA=YQnFY-4Sos4LL2#n>=;=HpeGfe@?Okw~a4HT@DGP
z<G-BdERan1=!VZFv#*hk?~2Y{@z&OCBUgc!J||Vk4iwfrxT<lEnM3b^!L)$_$ESVN
z>R-dJjNh@Ae{?wSTaqZZ4;?jMbPC<0bf0w7jGI?wOWzNCuMCuZNyYRo{F2Gns4o9c
zbdP%F$tMktQwG<RI6i%+R{!$A&(z!g-bN~fnS8n6olENV;X>Ib{Wv~d4IF$+j^mR>
zsO-zs)4zbcvkj!_ZXlVrfsEV+QiuZN_iNtR{F%U}PUaNvpTS)6zU4FcmQFS$h?B$n
z*3ZQJZFNOe@7aw$i_noz7f+{9a`&=5pCPb`JovTHQd<4R(?#Uel|E1;1I=H3b_eK)
z*G4wv!NuPpjO|<*L`Ips>JOB8s(Z+T--MC-eDQRQvfwRNGQ?#Ep8tSY^I0Bw5dMn=
z^?tLw6qDG}=4aa`4!WA=d1cMdcAErT+A)dzWpXF4Eb<Q%9?l(;N54$2<dr?zWfEUr
z`sk5U-2uyFGTXH7yxL(~<7G|}@_=C{k4IJR3zlMyo#yvjHd35Xc|OdW2^G^LT>lkT
zsF&J*!rkXvTSWUC%PZb`r|yv%_SuYHo*X{!j#nIdnx`B}d3SmB;#K20EAl3Af9!ug
z{PKhUgC$Lb{3{VM5gm07{2*c$?})w5flIsgN`(9w{(!T#WEPI)AHKiCLLHq?!{ouP
zjgk}jp1e`U{Qb_6Q+VZP3Ns_c$b(<8GK_vY$w;QvCDorMVtoIvOw8zaRynnEBQZXn
z05QE&|C<}Vb8w8%xTBX7`I~i04vu6P3)?PyI<k`-W-?PwIgsaeGsPOPLj&y7pJXD~
zmtmjoHlaSVWAgEr$&h{7$3ILmPw$xc|1znwFZ2JyMET^7$%9`e8TMrl{xF%P-!WnT
zWdgS^WB>nxiOT30U#6m)9()(CN5&ka_mMZpOUCbSw#hY8n8iL!p8HL%K*sL#6#j{k
zXaBFs{~DL*`Y(o>@WnrJUH4_u<G^=?FgmUjzU|uZ$x=tUhCH`xS90YjQZ}x`2zi#W
zasRK$PFep8muo@lAF|l#?RQhtU;X3SVfh*;)qV<wQQP9K+BieMm(187;!ZBo6ylO8
z?oZ+I|25fN^rq<S+xGq}di4A}65e{wKgHqlwIkKn`z#oqJuNibuJuN|nY`Y5I=??x
zsvcT?dhXI`J(=r240r(E<iU?ha`_tBfaS)mOT>rocF2FgL?`I%7|Y%t<X2BrI(m?4
zpDh1@pSe5TcyuoZ)4rd%qZDSbep>N<#lEZChZ4azW&{p%!mT4aCp90=OQ&PM^MpRD
zz9hZ9b;vik4RE{-{~`PjEXW_ZLq5Ap{t&lkdAuN6aggF}567g&#?JhxE!Em@Vtr#{
z&;K~|oQzH}vOmb~crf@E1dSi%nm>l@!cc5Kt@!>Q{<Rz3Y`nVoQpo=2i9j}t?il5O
zcKYW5tv>&l)X1?jKSU(G^#av%A$xgpl=~HbK-l>4{NFc#a~pd#?(*PY1M=m+5gMX5
zANm8Kr;4#p&;QsRr~h{F#Ifd&C&`IAc4k}K$q4O-lb73#(6-CJ5!znvPlO!)K<NLy
ze<_xNBWBEQ-<ZXIQ{?bLihdsZp`YXoA7pnr7`!{f%%x-!l0*DSk)bPp1JDpIh&0=U
z(7y(MA{4nhg%pHL$T=zAd8P^c+rgs;&4>IcL<!zLe2_Wxw1K?bp9qm%-jzYha({3L
z{)<BjWRCww0RL0}zF#=qY<2J8VC5Z}gX%jcKlQ|Esnd5@RVJ&AenN1{Y>51{bvp8?
z(Dq{)WuH7{E+y|K^2`p3|NpV5xffs(-SnFex@X#LRPIyew$s7K9;AE5$@1Ng=N;Lw
z4)XUetwXoxC=WyyOK#*DL80I2I@RE<L$MOvhNAsciB=1ros(wZuUjzao*|bL3x^++
zEL@-ZX6ZB&@aywX-B@))`TGInxg8fUfx59P4}Xh7$4D%?FFd&FCnW<A$)_eSocgT_
zMPgieB3yYtRKvmnM7|>Z+%6X<?{rSwIr(Ex@?qe*vF-Q%SU>nO*$eXAPKZY2>z)3%
zKDK=#mhtEHGGE1Qo5goAGQg?X(y7_+2V+kG#$!b$V}EN(dY$-Wq4?y@A9M<UJF3Pw
zss3?)r#|uxw>2llGC(ppwtYC3@ppWMV&pyDI`T8VrF+fO_RW5~0d!KO0NCue10dN!
zw!a;mzU#mKW>*CN8jzRV6#>oP5jcze5rOaD5l|2$&+Q=iUmjAf*ePs<>)ex+<$kLs
zU$b~xtvJ_@x})nE?j-R~2FQ^7&-{PKhY5C6jo9rV89Y`M*?=Fio?NFWp4KSN^;<Qq
z9Gb;XDv`b5+AfUS4w5tWr-RCuMt+v&|27~mxhsP5e<B$FBLe-uQ<Q#-;zkJN%=O<M
zQm)vM)wU5bN65?l=17s)WGp{9XFIPpEGQgt{F@^bNOoo5p8$XPA6;B3`c+(dw}TY$
zt{vg~Da#a+v;R$z2Nx(_+@ie8+IDdCZwJ{^UxK1`Mewh|pAk6x9Rd802v+~$&^gLp
zySaTf_)iZhSM1t`l;w6QU96MG&uzGqfrh_1LV@Ie<iBO#2#I@gbvMKm@Y*hr_wvq@
zBZcJnzbT>~vMoK^MTMdh34c3?4?p)?2mjOH&j?!njsW^+1e1TK$Uo&2d2ah~^Pe8J
zlRw?H4Jph0F3n^Kn*LJ=W&Y*}1(IDE_&30x{*#69P;#u$&~69+6+-6!lMwFz+d<~P
zgz#U3KZS7b-w_=9gG0?v{!Y<fLimq|+gJSFhLq+0&>8cOf5^zezd1sIWLF0MH~zol
zV-I$0ezn`de}&Ne^WPNtO9+qcCNV`L&2RlFg#Q|lm)ynj7ym>s_D2MAf2Zg#A^g`v
z$`!x2p%8hwKZTIv4;f+pTL`xy*_DBR0{rEFbg|pDuj1!-JNO?$NdGrQ{t`l=k-r_J
z|5FJ6!{E;d{uaXKm*k}Wjv(-F4yFAig#UO*x#IUW++OYvAyoLe4Y!5R{L|kYp+K@L
z1OEp2(|@uME^$u=?uPh3gs}c^iu@&n&5^rFOwq{tKZWo=4E~JZ+usqG{22lHeD^1Z
z{u07}JQVu#L`Yfg4<Tg!QwWz{2^=}@#b5te!SBJD(Z|hZ`OM(8Shm6~K9B-~i4fL8
zNW^YJFR)20xk;=v%4u43Wo8Mg58U~WozPHE36e7e_aGrhbxoz9da+;BRg$&@)x1Qq
zCpbeY&?us_6tqWL8a0SScx<+ieA-HMkY6_@DBt4jB!ByFjn=Sp%T25k4sU`~m3xSx
z*wsqZV4I5?jB~X>yTLPF>lwE7F^?Yt7F=P(+%2rh>KdvYY>0&5F=(&At$ti?xaU>|
zdMYVM(PLD^W-~MQlP!_~4#IpOVoQ@VD>lHWT=95x9aiU#<NkFIuB~M!Y&&dYK*V0w
z>cEzomCt&AR<39Bf?nVu0MHkx4aMa3^GIRW)x@#fn<4<!!z++(nL7un2*WFFifxnZ
zm4q`JFN<MclGR$OmI-(arfGDnzh`x(!53c$kq}|KNB+0zU~mhEqXJ|@W8*FwCJY&?
z;c^r3d?rcqp3ejTXZH^<$$VsmeN+Q1VC?J`Ff+C0(BPGt$@Q@P;xhU~%>+A;9dIRV
zPE9O{iDqi0N;r7MwhvghJYHESP#EC^SP`&xB^a*C=Wop!dK1TiGcEX;%@a^U`*)$B
zE%RWZeRCFDfnM0OI+K8@7WRjqoQGh|J?G$6*_$7jjq1>v%KKZmdZ`Z#ZbZ-sqOa|5
zOky^&+bm{#<8{Q7P;lr;fCv&FD$r|QR9nvcxY9wZO`~m7vB<4r+$qN)Wa&-IbbZ3r
zL45!B+$T75ue}2>_jS?glFnZER%=RDE;#K=d{J8b@PZb60gl{iz+g;J3zMXYlF`Lx
z+7dY{DSSHyAom6Wwh2XpyH(N%>O-7%l8x`0Ui)VAi-lreH%$(TY>8mqihy1fu$lc=
zQkRsn5$T|U+Ue=_SL`q(2v<g^jUo8L)j%<4=LS3R@ZM=>si3V=1VWNT!rOtjth<S8
z4bEV~`s$gpgj}F=_R_i`X?_hUjuzQsoLcXx-7B-u-wR;h!V~3IEJ5Hja7oh*RHtau
zmFy}@FQc@6@IogH$Ob6ivTCmEZb(ZTJ+!tp*o}~bT5TDw%$JF?C#-I{cY@X<{-3(8
zJF1Co?*>5>q(lrzFA_kSQi6hXkRr{1^cJcpy;tc<F9D>85-9>wL?rYeL<vn2iXsrI
zz@>K(gwVd|UGMtjyKiQ#nKggxJ>~pnpL5o%*_*I9(`s<3gFtkrLvu6-N+J+CsL^8H
zkEr|Qo87DO%hy65O*SpP?3lCnTWodNw(zsLPV;fiQGumoGPxLr%5I09!2b00Q!@gb
zdrSrZplAU9%hylrr$24Fk&D+1FYs89c^n(;^jLv&(I$x3BYSRX8K>>}P+m~1_91xc
z3W)D$#{zBmLK<8QOF*w6QN7K8v>g59)hI7EnIVHOI<1L=qjz-&GFU7xuRa^wB0n~{
zV{n<d$dRqatS!EfzO?K-HzvOks4e+?xW-N3>TGJLu%jIHI+il3#jaS8_?ruIb*T}0
zJ+mnl^^h?-`ia@Qi3cbkj(5}sw_e{o83E8Lklk{w0!g@;ay?hr{0eD`kr(z9wDvpX
z->Z-%&?E%W>d9qy&Cfz^w`*8#>aoO}iQ<!+H#n=#D74=ZKD}X3k|J{~hlZJ{qMM@g
zXT400crpUTsgWYaTL%3G1j9Agy$L=?5>1nu-J8P=I8n;Ta}!HWQ>@ofhTVb5WZR~Y
zFTjM7cn4|b0@fIbsnWhS=ls8}LGMc|JWsx$%#XE}&y8#E3n`{Q6jp%tuI*hiQfkq<
zLhXKESl~x~X7O#GJk%h!q&%18bqGvz_Dg_|()WzF_0!s2q@A5x@95stK0WuN4kqK?
zf(S!-exRuCqyNzfdkH`3>DJ~JY+x8u!?^KbT0pqQ$g$n7iKh5q^|!V9HcoWI(OU;W
zZ2lC6`O_qzZ4H^AFot#Swhz_gOMF@9^^m=HiDt6EZymH?2Z~!iczAtlF_HOMJfgR5
z0wGB_btdg#==Q~(1e-HejMmN~?$}g}O$rDfpz0|e?IS)dqcU7P<ES3}utM0|$Y7;s
zP|2+^x?;BUY2sX>oS;3M#o;JFJO44+o4HK68M9IAf`W$YJJHn>$~6nrv>$tS3<cQq
zp@~oxS!PI{j?+T4DY=s*1$N?y{Q-R~{*wWetf$mS3PwYVjQ;}eh^hh2KVxFT-4mzF
zZfuDEW}TA@E|l}VtbEH~JT>%Hue_M^6(!MkBt=5Ib6oENvZ%THBx@EkrxN_XxEV`-
zc*heVqV$?8VtTBINt;bE+S?8vl9NAHJaZqTtg5H%`eGhylMk-jrF((5q9P-HkvAEy
z#AN`k#8NZh;5GD$y2HT%E5fKYxOV7eZbeN(E)TaN_pv~emUHEn^&KTqqz`rr!&1)m
zCUg56FuBYOMy85o6Nn_!9YwppFmC_Adw5UzV2>p5X_}h*re_LPNGE%)Yv1YdLClq>
z@OS6)6HKK*4tt?0-klw4Qgph3F$+Ah7ujaA1bI~7aDlYGtHvh5a~kxjatJY?RN&B}
z_(`~zc*HaKa1N!AgIf5q&r0{M1az1@inCf?1=t-F>ikV;0(E3Tg|Gd}jX@&(=X&%Y
zVOtW78!6cKKz5B?>M{FW(M37W=y!p1VP<}qxun}sbn>xa9#=3{a}Zv^@z%<%Q-jtH
z_a$XiN#{kZXyV;5%84)s*}Y+@2=j=wBR<hu1FDt`vwHaOU))(!97iDqLhI>?J0GST
z-L3ljgIZ;9$5#hTAuiBOdaHbKt2+(FNk@a8PA#0e9N;mbrB-KBTD1x+RZ?X7)5e!g
z&HIfmoatc)Q0t2NFMZ}F`drmP$KTh#;zR#bE<^Z&{sK|Cu8IHv)PFmYdU*#p+k5@8
z(>60pF1taLtC%0`=YiJ@=t@}lmr_OwxK|CA1SxcEzFJZC+>mN%Zg%hHRj#mG^u4rt
z&0l6aSezYJiP!D%C6j%7(PrcZ?;W|pp@c$t7S(3s0!eI3ABe}i>XiwrSjh7?2{Je+
z<E#=tZ<Kv@#l>jJe!c>`OT9K3P8S;Q3>)9{!DS_6KuY4tlPWa)XGK&;oYdP15U@YO
z+CVx%6kp=0nIUvF?^(Mf8)nB|_gLA05mXo9WG&cEfwL>gvvMU7PtJ20ut-XyR~(<7
zTv-t})qQoex#L)U$+yM<G$X~+F9mSRUz|{QWI0@qi{CA(2hNoGHe3xEg7mdDOC4~A
zTsA>hGE#<!wMZ%g_mbwb5aQM5%Oi)z<*h>V+{UC;WzY#K`&wSGwx`C&Lv+PByV~<}
zpZ$b~d}O~MqmPg1X6rBR^Ud#wa((S%UnsQ_(@<`QW?=Uc^->F?tELI|nVzABCiN`F
z%14i=*#%fB`o8Lu^P1s02wEXU_w0-Ff{+Gjq5AXuV9D4%1{K?JpS8sM*>~qEgR0+y
zf&ox*qQ3zWaTCbVOS__`yTN|e&VmMfvf(OGZ1T9O)Yc@>1j2N&+D=KnwXCMe3X(4Q
zRFpZs?0mFf_T$p|bjP42Pu$HxylDlV0oN2%g)tHZ`Do^f8`#;mEoxC))?5iKiYuj-
zG&SGgyawdz{W$%yTOjpD9m>Md@fkrPm4ZJ?%%kf~{Kn<NPg)+fXw%5DYGz}@du5Dv
z&j-@EsX2sN+9)m+rA-@sLfnw?jcqy!Qf49`@^~gb9jtCa+*odK6!GJalr{unQ_L4$
zCQC9sDMZv3F&%&C$GqUCgAQ5hwr?nnZJYPkgjR_JE1DUebwaI3O#UeL*91hfRU!j%
zYdyH-0Z_DT;ob(7jLK`#7(5%54fVE8-Q2h<E{HA550#^ENc1GCU90>?5B0r85_#-5
zlHt?w6?D$8Xt;_oK!LHlz4?LaCPB?aMoL{~I|1&O!oU_iws-=bNYj$LgN%Q6I1#Bd
z)8DavNe%Bq(AgTFdo6bMV0<LAl4@d^fAbTxxud|jtLthlC-ZZGATt4j65ieP4#G_j
zV|8Z1kNf18qS69`_Y7x-EaJo>(pr{OT?O{l(wjYAE~!`{L!^ubz4;0rj1HfpL#TbM
z35=u~i=e!jU?^_Vu&-Z>xLQtH*Fw)j(xX!1M_tCICw~4+2M5(*p36b_;tB0l8Q#H{
z!i0X)@1AP%;|*!j=Zd*^@;ava@td~E$b?n4vN5aqjmN9Lwn+SU8g}0gD+Q>4`SN;B
z19{_{$1k+y*pAkv1VXlJWG~E<t;%O^=&<J5*K@5D(k1N>2!5a`ZD)g;=6JrMe8b?Q
z=aPNbCT^!bk}~#qDlhE1-`UTogq`M=n1~xd@rRus&{I+XKjvgmCmqlW<Q!D{-W`3U
zrv%RnHUF#CRIa@6ds1A{)&(09(<Y8{Vcm*WqZJpT>ih$i!rDOzdCPGeXwFXPLYVQH
z)z6)EU<J*Q7oF6V>1JQZy&HH`6f@1PT)(YA^+X2<pa9rVuvO}!6X?JIp%llk43~Ic
za;Av!CKV7_t~!_>{=VYE*-!Ma-1lf5yHQ0z%wu4#^=PiT_b|gnb!8xlN^RhLkH7d!
zrdb(>ffE*y{Zsi2b!y9TXrdG{5c3%>5ce=oduOlf*M4quQZ-%Ah*BxMrL%`=m0-?@
zmJe4d$6Tn7oiBKXNwLLz-%T7wb3VAJd4fO)zomub`m%bB7CN_!V9fD`5^n%iPW)B~
zk9=bR2~7pzJP5pRXBa3nx6RWj-0C`5r{#5c=R0M}a-&zZy&olLhh(p!HJe*Q*%a>)
zCa!sc8|$SU$j*6NzH(SBu~CHG-r<DjtEspPeNTC%74Q4>tsG*!`PFuztxdK6<ig2z
z-)oTUeoKx>VeIE26$)Or%Kfu{YX4>ZbDpn=K@@zX008aZ+W*sy+Q!Yz>8JW9rn)(e
ziU8YN;`q)4*WB8y^`(AiUF}Sr;8M;LU}Cq-%GS@powHp1G9;DFf#%6Oqt9M^M{8>-
zhB-b5pGSf{`#$Xzc0U6<W;`Tz7TE`yqhS;cBe!t;>UEkf7Pe>oY8@pQHIVy<0zSEt
zc@ma3GkApqjtn<e_bDF0Ly267T5H_bVf^(>eM2;D1(!oI-O+BA)g9CF>HCp=`z@FA
zwGjQbv6PEE4o8+Gnh@rJJ<2N%UK#!mQ9;WaUzw+u@;nVoUI<5F$XTs-cn^Ur!G9I5
zb4Lp^TccjQhuM+rd0s<Vy6D2OCcfe){&C}^Yv8k(;$?rh|Gso~CX!Zna6xA03E@V7
z${tnTT&`&qO!s2Fw9W<&U#o~*Mp3xFx+EQVw?jhoeQ+IJ>3gNS9@#+4cxy4r^4Pns
zv0PJwHn}<!EET33Y0G%|3J2wTwtQzCA)M2ih%)Yj#oUDEN4F9?G}lOV@Ow12@4toL
z=0an7;^V*EzPx@Pc7LcFA6Q#YXwu*#8mB$^L}JtiqtD=e=bGL~y;Z#L+925=b^Lmo
z_Rj__v-G@HO>D?SV&yXb-JpLL?|(PzuR?B1)uxOT0jj>G^8~25Eaty1a~)&24)i|!
zfO(94y0j|T2+fOkeO0!h-Fd*SmCEPXmc#aXl{L11AzTkHhLQ%P3p1;P`$%GM*6gTm
zvIdjtq`!9rPKz{!Pm0@RtUSxlVm(%>_8Cv#tDNorhK8XxYMYB0QVOp=b%WodD41v`
z>%Mqa+$63^qp-J3opP^E_mN0kFXRdW^0^2(r+hMt4M9v!8@6D4{LQ<4Qo>r-yXF48
z*TN|lV-8~RS`h~?Khr?Wl-*pt?OnZL`T_3tUKT$KxJ|!Xr&R=anBF-g;JX-3>KK@3
zo_8(;4SwDp2itPhB>ZruGo{csE#>rxrC(pc`gd$??Ep!TJtoOd9>h#X>KWho2Kfa1
z;8jS|^>BK!+CVq+%|wJLcK$~x6#{)vM>g76cnG?jQ@Bzx;{y3``AWD-ifj_vvJ7}j
z)k#C!+$abZe6LHM9_&ZM=&XfdBE4PIqd`^3L7$X(JxIMvAMWCv@36{PbgK+b!vM9M
zlbjJ7sNv6}obB<5$7CrO4FljvPjHS!3NO1@!X&DToIE=|j%xfBFy)@6J8D8Sqggsx
zi!2tKu8aUb3)-T{yW148R5vX%^#eY_bxFTfEEo&(lG~hgwA*~CI-&I7gz)i4nfJ(E
z8i|CAP#LjyNX~#r|97+w@uB`&!hUAe{J)@`)9BNwHh*IQfH0EQ|3?2O<K{H{bhyiJ
z_yO_s{}T0bn&7mx{yzla&F6m+{HxLaX_nIy`QI!V#{bIlYg&Jr<@BKX9~Kg*#V?lM
zL+sPg)1A+6sIAQ(UD0XaX)*r|)Uy5O%Ksznr@^O%<2RVi{ulUv$jE7)(=X+39*X<_
Z`iep|&k_@T002tj`k1I%CJsN3{tw8C77qXb

literal 0
HcmV?d00001

diff --git a/spreadsheet/macrofree/checklist.en.master.xlsx b/spreadsheet/macrofree/checklist.en.master.xlsx
index 8fd65efe1e9ef3d655b7c686e9c5e5939219b983..6d100f3346123dbab2fa543e4f6e8820e9032f31 100644
GIT binary patch
literal 476940
zcmY(qbyS<%^F55aL!r1saBV5Y-6cqY;_mM5?(XjH?oeEcOL2F1e{=75y`SFSA4#69
zWUb8EXV0EJbDqdcK|*1Hfq}t+W%whhi4Mt#CxYHhfF5X|hk>=eyq&d;J(I4D4Wo;t
zh0Jdm#6D&un9Xhlr{>f!q5>3Qp0KQr-;9odO*EDP&lhJ<d{(Zm!}xiOp=4A|DI!;l
zyOwOML&*FK<j=fgqq$+ZyY5viYrYY+c&G)$M3DV?mWw`tEJ)wRx0`E@<`_kd9e*bY
zI@f&%QuS}EvVX6oCN5tkKtMZiqvQ?8l;TXLgZ>Ct9Q&l0wLfb8Y5?60+lC|m|12Te
zkEk0S927eQ7#RA0m!NNLXZX(=0%Nt!{h6@_y2Boc^c%vUPWr#zGgBe`SXxpSw^C1i
z5{lD(Im5|pOhmp<v7dZf!?c<}-uu%RJ`YoI(IY~=Oefa5JScX7Jg{^{F1{ZZBj3Af
zPM3-*=iU=^CFcZ|QD_=U=|Yua>;gqrkG6wL^XSK}-INXHr++Bmca0JsuxY;FpLqV;
zcSJ3YdXb@2_j4R+wp}iI@5R~8i4u|HsB6);Uos5e_OMeHn_Op5^1e1Gw+(W*@l=1H
z^9$?3-x))$JZ^XFJ)pJ^wT#R}<Rs)&EXBs{L$4_jlbe6>hL&V#^L!w-^`AkAwV*Ki
z#4w7#4LvotWyfRRl^NK6^UT$KCZSH;{si;?;uel(DwPHUf{hdm3=@Q#iv^Q|iJ_(8
z|2?z(gWQ>#lr=sFS{Kftx9X|pax;<WF8@yn*X3GtE*iT6m4qa0XPTG<OHw#_iefDU
zEb(wHgxdunAUi)K`(Yv9Aiv+&H}p)+&LoV)rBKX*5=#Ddif&x53|thkc9rT(in(un
z8fZxiG6!Lnc;6yblMCM3T&=qm%hG~k0B2;Q3K|?ksws<K`94l*|HQD!)_`A^F7Z3E
zCE2y;s*(9wQB>8C%Ia1Ox%g4AyKWrYIUu=Vnzc4*Hem=W%!&gc%$(hLFm(0#RF3{c
z87FLRx9#s+<b4gyRtl>i&+}jcar3rL!+FyHhXtE-ZxB7t5p(~dZpYJuOvay#R5!=!
z&(l!D*Xp14q_m5}*t_4KjA=PO9ipsiL_MJH`*jgN?hR^mb4_=LnXCNSb8@X>g3ST=
zDRbdve&V<-UV<>OE1zB~Yv2~^#kqB-dlZfF{M6Ch^FsG1ORcd~1D3W5L-&}YX5OUq
z)(fGn)vIzUI#vyMB*0RPL-{e~B!AzxY<3Vsl+V#{`E%2m_8hB=UoB8PeYp6V-ZnW$
zXpjqRk}#4&0-2L&n<$K*N;rYQM$aPF3rXOcFb(FEWxLbR{U*oD^ONSeW`i$Kz-{JJ
zXkt}FIw_fKP@UB}M5Ph<_4Ppb?9gvH;t#Lq-I1dm?PB}t(KUY4ZotEHvGx1YmekJ0
zhL^|NtvZhu)>XCF)A2m9cb7z`l8NWT>HLi`Q}@Snb#}JdCUO)?*rjKjj_zvj(4b~g
z55yPDO-L`^(6`U%A`k;Ub6_j1KYW}ALym1^D$*`_gDY|&wTKC6H6HYM<AfnQ2&oZl
z(pml(XtZanENcwxMa*=0+40hDpOZNhq;qN5*|@U@TvC5e)Q$L*){fN?`TT8QW_WN3
zOh0l7QV^@%Dn5j**KNjyKZ1(vXZ&eAWGPOY0LJB*su-F^<&x1$*R+9BaaUlp5`_h#
zup=#t^0*5KILU?xpkVkg1BE`}NGD4)mOmnV*17&@gcA;8Zv66=e&D&~Ftb~;^{j0k
zSt|u3p&cU258<XIk_aH{oE?>^#;<iONI0OuDQhWZ?;K%VV=pQ|^W^*mYV5}H#68CM
z7CbI8qQy!|r|5i$<&3mKaeXs1P7^=FBtM_?m@c<7kVRyuB)r!4q6p=8khI+M4<xlc
zn1$tiYz6%<=EbV~G>P-y@P;sQ15Sy~>%Vw34M~L>N6bK7Ii_78&Bd7Z(-g}Ta<St9
zN)s+EW{)LKL!dGxPOKslYDWJE5?AYIWjROtj&E@dZ`zOX>+#iF-lGpZ`z(ve>m1H7
zghbquEjx`4i2iKNYBR;Ls!2M|3@ET>@JbrZ+T2OtA+FeLeN-^klvHE1S=f5_H<Uq)
zoY6$09x+t5SDSw&E>ClGf2vDrtuSOXPmTUDMn8&E{`iY}F)riiN-kQyjd}>nI<x~0
zBL=pO@NgWz)$b|3SQn{zw)B%mcK+-7rnHxUK?hDgsr1n<+wFjoqxNSZs+<Vc#pB7b
z8erW-TfEj#D$gktI0ep|e9**mu1S3Sx}D*bl64iY^_@s8e+(TDS7@IBExepi-gahW
zfW9_Xcv_IiyelSR`R1o@B}fT8e5kMR<ZwK27gqblp|9iZIOj)>gG$L~W=SeHOyjc%
zp@J=?6bQPX`vvM&J$t*V=5MQ<8rf;*QMb&^zi><`S>g`W9CU!q37e>LxL?8|SjCeb
zVyZ0&He@eMh|40sF{T<02U?J#%jrB#8N9*Arr;+~pq+?tOgZ#U*wWn>OH~<pyCu~p
zWk$I35R81`38#vXNiY%Hz|8ov1Sftmu%^G`6ZNPG6@)-5Yt+MtZf7;YxD~jmrD{u~
zDbt*HjbT(Pf=)PS;+BUM{{)q_@%spCA(l;3E3uGmOQ72xz4&}3Fez?74YHu_Yq)2N
zP*>0BY&}9lYt@g&4G+nV4`2D5AM=Vgw{r`bggB~bSVeTzwdw5(=@+he^kS9DB`h}!
zqv_U8HgK^Uexr`Ug(=(sE?))ijLzZ=1HTUEBu&`@mhA#7-Uk05;x+-*x^jW`UH2}{
zG8p9QIXH;lrm#_KW^K_u09M%y9ad-9_s7|*TT1Ws?(00h)WkIvvLsdd>d;D!Z{E`v
zEynKC)@U^|{dFs)u8l^mN;i0!aT{hoq#A2h=^ICN3+GJ(1sWGz4e-P`m#kfKwXIa7
z45^W%yp|`E6e<&GyH38oO6LE$$B!;@f~6a;VpBXI;P`<4e@mHnGzZp_H4Io=95vYI
z|0`wA)^_IhCWeL%_Dui2{9DgXJCWm8MB}JlRcz|f$&d1+WIQ12^If&o>MR%-)G2tJ
zPA4bYfnW%0s<ok7ehG6?kuPT|YS2Dl?HKUj2?ytq;h~?)Q-_7OP6U2zxw3w|macl2
zSOtDl&Aw=AKbCvJ@owQEIR9|))GTb?j#BwO=3X1$)Ump8<^O8$ZLhiS8XLA~=+=SR
z-rrcS3bp87yBD0ds@y!_c?U~qDP3{w#pF^HWYavKd+t*E(y#qq;pN`lJj05~cg=OR
zjf(#`kW_T-vV_e=8aaP;9(6(7g}!n<8_u`nZQ`Yh!_f?T*MFz|?(y6Dmngxz8x!Gf
z_M+o%_bVseF1V82+=A9F)BEMj`|KdRo;GJ`q!-Pv;<6j-@-_xO&t|4N;@$JTD~5L+
zLYF#p^;ja|qWcGRwRKB{uEd>4>`XrI0RQ!4;;jm5!zXaTt_hNe)nEh&{jF<0;sLta
zMD=c@J<_*gBF)F(*~8xYmkXm9>$%dzq0~#s4%+5!?B%T==eMXosO-E}iDbJ6&a6+a
zXCLx-b$f5b&!`xh6Q8|L;@4M`x{HU7<=5xmZR$`_Z89c_E86vny;^s&)9csoB7xfN
z_l{=T2dj&=S?yKzHkL!w{w<DZ7eF*OFt4+d?3clH`;7-bz^{jm44<4R^o${!&Vze0
zC$Rvy6SS>-`_B=`=<}p`Vx)No0-FqezHH0CLQXzkxkfPOSo@3E6VoG+Uvj&zqMhD5
zxq0wKc2hXn>n}&2)4yh!WTxXIyiYsdi)y2+nEP?JF`NzD01yP-=X}{YO5P4p5_N~g
z3Xo@4^Y8Q1+28$o*_%t>9(mv5Ko@0ihrIbrQM0Q?lL2%m4Ju!4$UQZyzU<O`_MAX{
zW%6E6&aU8b8QZ*!ZblP(cDoLKW$L~>11f!-;UD~7eA0e@1qPQizv6Tja&u)ebn~rT
z{~WY-CWD1}JfY9Zo>WI1odDDN?gnOed3~S<%hWre%QO*4@U+Eb?c(_8`g;~N$z$Lr
zlQ-9S;N9_$0^%kS$H$vHfpg5S7Qs)FL;hkygDXd~a6yYHTk7MNMPFSGf-cPby{#UJ
z*g7hsXD%|079G+EXHA`8W$Rb6BvmeUr+qv6kg8ewn^U$T!!t3*FPl(4-J-0q5w@9s
zcd*`^;_(b#);&O(J@RwopS0!-Id3)|!|%FUAHkO!R<b<Qnk6M7yf)u`u#Vl>AnEoF
zetq}kxfLt^!<K2b;ZVjiTl&?q)q^`|ozmp@0Y}%LDNlzR((Z0iuMg~}x5#%M7l*i*
zjg8}t%ym*P%oN!m>+iTl49U?$3tYGY?yL~I1|<Lgmt}l1kai!u1-9v9H@s)Mx$axH
zc#KqagT5FoeMai6$6dHU{digmUa?~GNiz`NfOBmN)*{_N>#7z}ULEF)%-Boi_q|*v
zz#PB(vh{p2#<Ad8yLR2#`=oBxt@i<xwWaev!S8cqn7NjfrDOX-_!a6gidX-rt3|A%
zn_BE0cpBdC-+RZf=e8M~e-!f(*v2;po_-!hx%E_)fGb%$Cgp#D8c;3m5T;q%&eGCV
zuBrd)uAQg5yYYuuEk|ZCG0jDHm#3x8i$r@X;_YYwD>2)*E@}ep#6fCnku%gEgh*cI
zqtz|#9N(?rhAy=4Gu<As=9k4TJxDqu*_m}!G^iW+E;Xr`+V8CQWL3?tYSFT#Ti9tA
zI50>^l8{V0>1I6D5}$gXot&5KPtMFwjB9t={f}Z@L;^nYbgDyj_}0QZwKUiSaJMS%
zt@~K|E~*o2Hjz%Qi03xv8@8h^9+5K|g0GjPS?}}Wyv2Ju>Y~~!OK6#YHoxZAv?N+V
zZ;Z)UMX7rM9#E5z;t1$e1<H4Sf4I`$LtF}p@mZll&$gFmrEk`AoLl9IX=22F8sfra
z)Fa|cf<>HSXA(B@6S1I>va~s)DG__@3p2YbJ~97R+<xFZVR^67<xqwCg-mNBaT%x;
zcp|-OJqEj=Mfjs|uk%%oY{T+l5rylVwYD1N`rOz}u?6W)luES{^&2nWCb4_akUt7e
z>Ddr)d}azh<)DC63OjX-fC+wWN>0yMHyuqm*bzG#gKoU056OJIhUK$c&!=ecsz<+`
zFSH8|n`C|7xHjm$LB8QOqQ2pmkehDB^1`UAZmtQ75hsOrFE5@Wv+5`ESzDjIRz=am
zSkTB|9)wKW_N{ASg9S+}K99M;K%jRC!BK3kYTkIdsS^mh#W){3;!G{qVz?K{b_ja>
z7(S!?QF=kNNcAg}<yUAhI<*as?P)N4I6*qw?+J^fUuxrh+!JReTNJrCX=v1gXs~P*
z%>8(57Dz!v+dXxh$ecCv1I)%6HAgu@10Sq&xp~O_D0`9HD0^@{irJ1Ws?CKRE6TF7
zLix^TYu28$C>Wtufy!50q|wVrU*6W7YJ>2m9_&6-HPqH3W%=Pd0LK2XBHI8CNPlhF
z^i?;X!FS7!WlCG2%zv>^{?aqsOK_#OP81lUo(fjX`D-X-w)t~hhWL`xsoQwCK0IgF
zuqwrMj4h)FU&M8wxIO0XoGo&S|IZ&KhLJzNQb`dzp8{L-wK1GUq0@c2gkM!wu2a;~
z?c9})dS5)BYGY_>(H%<U_tl=86Nphb0(Mq3Wa_LCzKpaTy!6YSGGrAoSH?Xd|32Tf
z;IAAjM-t<MxAQadp<%mR0$idA3Hidh_epH_2GvzCVEP8zypwIVGVs+3xoV!r#a*x!
zWfSjo-d1rEKn^eUlk6DBlKasc3lJ^YQ6+M*_M@ZNTP}`dEXf3zfA{5^x0NCBSNmVs
z1{pw-9SsZvP}tzC!mmu=xU^U>tO3L*tO5GStap-=<r6P3CRIM%6dXSe=*mlV@Jz~f
z-aK3RN(u>qgmc(=lC4xBYIZO%Xof)quz>`6Im5ro-sO3~ZEIrb&Bug)mG<*Khul`x
zerE2)9fUe}Sti3|9P6Mk(n=arlS?wBm$1uPiAuM>IhG_`41iBD4E(uJVyItt%hF32
z2!Bq=qN`Mco5KI=14BATP&bADv9!OX4()*>;YE}n>S0tp%gALt9kcK-#LY^PO<pH`
zwqfXXv;ELtE&@_}p^>Et;^|c1Uu_{N^f&L;tB6$lwSyJ07bblob+g`))}_DB2unNq
zwOnF4K+$+xUqjmzW!~reIrDLg>?xOBS^p~_GKJbN<0|5X9>vfPL$o&isSDjv1Iv+l
z456_CI5uc-lpn=`;MgIRH(8>?CLbKaq#yG3*5!lSGob~yTYhFvi-N#;`wnjB1#rEO
zl!o2KS`BcqK3u!F-iDD)^oZM2%sBof`0lZJBp~Nik?u)zbrglOQt)aqNPs#(pa%w-
zvLiD<V8INcF1kH8`^M!I^#;Dzwg0djrradA3tsWK)M?6q6I$IjCy^#`jiLGpxvpT|
zr@t^}dw9>qUua*C5Pz~5jF<aG{I-i}J4Kzn&d2@4cfn~Q=D@1sbsx%KGn@vW63|1c
zbgXp6&JfM@wz+ZT&Vxwvz~Q0tT9mUTVW=GZ2K0>aiJXJcYi4Rz|6<w7@QaA|C%0<0
zRru|K<kMu^rxo|i0i_zQs_S%NZ4$POM?ePJP{4%dYpJSVq=A|`l^*<-bahgOAw>mm
z=Hhel$>f1aZ)(T){pzWSE!>zfVo}Bw3AWU_U3!!Na(nFGMt0Y`tV50VJq+0^rRc35
zSgn6yCs$!cX!VmKTLi%#6CT2c*BbII%*&8!(349K$zPFjCX-rSm$DElevxS&YQ)WP
z?14jYXK^h1xqC!Ilyt6{X%E+eU$XeiN@WN7CY_n%vs*&aOQ$&MLg&&3c<z3FnDPQ0
z(?lY;gg<UG1Xgp%4xYHbU+GjJvJq$<f;d~;gl%)LCuu4@c7|?On(qfuhSv@s@$xub
zPfzj-^^JN%yN>0?rp%7}>g1EqfJx~7Z^_ppj2(d!7Qx2jh}Q`s+*tGo8B39VK0~fL
zzgoctILGS*8O-PESk#`s;Y9VdUdDanpj|@BAm5H2<Rn8$%bk9)W<DSNLlB=7U_l|E
zIF04b-25H(?x#n`J8qJ{doB3fJsDRKnEv&${KlB`UesE12U=m$+9(ZqodH4KrAP$2
zRC{0PQsDpX1kRSUz6upD(QYd2TGP_vMyVOSzVlwyw*>be*80D4(FSsDJ_o<DN82-9
zr(%j;YI57E5pWVAzR}C(QAoWqvuw+UY@->e<tBYGTTY?(B)}6<Z(<rzC&ICSL5VbC
z>@Mrp!Eh1&C3Iy%Yn{5TTmOA7sy(&&3!6wNbEadyQZ>FB1a|oNXMek>(q5g<Y>9Re
zQ3j^JNeLAv>x-S7X^cO4u;|=TGD9GbGM%d<NhxsOD00N#h-yy~baFSV8Q8<K1F?2p
zDW-=w<WA*-Sj_$xNe-?E8z>UCe<GQRFv5$5!XqO>VAppUWZjFk7H};_8NU|2j7qP+
z^U~fQXv$jeT=S$yOx;v!>k1xql^p|`6%D0BR{t#V6BZxFX`+S6iz7dYdJGDRi!065
z2Yg9P`oBo26enka#|_s7F=elC&wN)$*=Ae@`NwW}K*T-314Hx>K2tzIQDDDcVEhT{
z19#%%rvTF$xV&%8Y~&KlqH3ch|5Lhf><B$tu4Dt+XvD9CjU|uTVLz3)ks1MfdJ<vW
zNbdpws+^31OcaUiju(avn#WjsKl2nURkLko@3IAAC7hg+Ei$k@X-d|7a<%XFA>#=*
z$+Gi!1bW$4Prjd&*`)MG$9b{mW3AO3zZnIZa$ltNdmzbpj_t%Er1Az@b?L+=kEW_`
zF4JFOgV%S`+hQ`++k5N!QNdEO<tKeIQ_D|^9GM9&0vZ?{#2M_{_8ReHqJM<vnv&(G
zUYF;ZzD<m&h?<bCYU8^EcIYBQz=3;qkMEvZwtLpJbUdJ%;b!oqo%O=eKSmfF-7P!e
zc50D-IH><@?l`t7YQ#F7AG?9i$DNe-Vs|Z^3bZ$-6~ZGNpGobHDav4anm}b`y3N<N
z_kaPA17<Y>yx_v+YsrlRw03Q<DNV-%hDBmtLYWj6;S2$Wc#ReEV|a}g(n-7tk$KWw
z$pzAiz3WET3fRH0Z%>kZywpM2=pCY>>=2)}xNc3Oug`qu6Ys9)-G2SyAXG3CrMWEp
z1h$r#x+EE}jWO7S5h%+aPm5tvI&XHJSHh63jz6V+!lr(-O(QuvryS)8yGzB>eu}&p
zp$I5V`;H+!v?Xn*oG%300M+?~8#Kw%jjD^Mt){jgiA-3MU*cSyob8=;ls)}%X%bK*
zSDoOtn@&W?oIRooWm8yw+e7V0^r_K;kKMneP}jz`oaOwooco^|46}!|oN2_h$Uvw2
zNMrRr+Qz}uc6*E8ix?qqV@u=`^;EK)T9SW9kE)R_+~`bIKJ3NGi;Mo@h{o;zq*EA9
zJd#kpR5-x1aa>BoH%c#MrB$6Kg*J;*wcg=o^=9s>G)JQhBg>@Y$w&)r8I(ed==D9{
zyMyz!z7f2J&S?R4Pe%E}?%c?7EFGesGeJl;6BFy8h;?{6mp+pd$!;`ta?rt2H|bN)
zXPO68N4%uk*-H5vj6Zp#XY_M$UI6b^(#M@F;ckj(3##5p!z^nq`q56Gf$$z#MXo42
z{pIRxf&{*(zb@)k^lB(m>UyYD2eZf8K$yG(z03ddYY>f907u_dab^ZqUtdxhMwY;W
z|9H6<!vk>+1Tb+uX|L&xtOU)<{TaV0G3NeSpGJTv?9*CFNO3awJK+fzEM<~nzL>8G
zZ6yKW=uD~*U2(=yK>2iS$nOXBR_dh7GI6yVM$^qh-_jGE$#!{&b|JJSOR)e~f>wIe
z)xhy~L0Bkz3^xT%eCf;{TRU>!H39h3zv-K6jODx5O5vM{@D<z*L@+_rEiO17{gPwR
zLsA0u!`A6~woUV6cmig&@G=E9_7g*@dV19_IM*Dhu9;0RKBjDW7<s1XQnAjr^k)P$
zZZWtknaabao7ipuZvJD3?!8jAiHn?DhvOEQALT`?bJM;501rB7Ipwa|7i}bgDpz!i
zor(|!kgk!!9cf|wg8!|tZ%1PGOs2;j0##qn4Cgo1xb};U3|&%OjDc>hPLu&ZzA#!i
zAMR+968=c3240+<H4i=1XljyX!_87MGxK4uNn8fFJ_WqBOVA~HDN8UWP$1{5E&Dyk
za|%lpKuh|EhJVGp>WPTa+%fGjbZtma`&ikLZ8vA!&TQO-h&@py3dQhfd@E6La_5HR
z@o-f3M6P(7fu2XRKmbi}c^jn{`#}?ZAUuR^OPJ<{jLEPz9f}@4UnJpI>!l(aT&{)f
zU-FZ%hcTRM#4*T1r-KQSlj8}5ToOX%vUJ#xpT|VuIXi&&Wc0iBKSfx;8Ia)PA+iHt
zGw>)7*cBx<59O042{69xaTA%${cO^Su?7&L`_E3E+gXWzN_aU#TeWuI8c1!n!Hp(N
zb}c=rT^hr-sI4K-g5k#AFQY&ieG~l)7HxjZ#w2Cy1_-PYRuEXqa2o<jxc%oun{YAb
zc<KtuHV*2qRID<e(bR4GQLn2zOV0Nk%EiMfwKlD2yPU$5)!PnP=mW+W*gB0GDw*c3
zuN5>)znU>?mYYJ^;Y>8=SnZiXCCV>+b94dF$`nTaD<md62{%hmNm{m6c3C`1@WyYP
zpDUy`dIWD#%0yFg5e%ar7+~rYd&oI3dB*}y#7pY*W1z*xQLuIQjhik5fQ$z@r~d&`
z{!17S2uPlPfK&znnHzRV7*JN~SYj&Xunj7O9`qDSp|h~R&JW&-FE+Z|VL~X&Amu<4
z7V|f%`yRY%CfNy9KYP0D{9`cUVF!LTjNEaX<IgY)UPW>J|59?-X4KUqXf6lcT+Ynt
zCj!|q%@<f>Fj7AxD|cUF!>Zq}fZr)NK`7xn6nasXE3!#kxoG=ppCw`ba&qIRB^K^#
zCk1W>!u=iz``0}90Ki7$61K)3xhO&2s<*2OW`aC_9@#5xv6kZ`B=tjKQc{Oi7qoh{
zlu2j#F+gA*oRf2EUaz&0;RHUN@#H=hXXROZj<W1{7m-Z;RbGE)OVRZ0y2|WOinTSa
zmZY*QOWoRjYEw-^>`z$vp!#|C#k2bo9NR~ocZ;S{zARLdc5bC5Kw2oc&f(y4gyw*0
zu;Hfqg9^?(YL6x0jsXU)oKp(vM?wk?6WL%OW-WW%EFTBFj=%_%E~6yg-*utt=8Nx~
zQ%dZB=!5nZM4vvmja=@q>&%{p0>LcW^AmGNJ&%(+^OWCvlylO)bXNl0b6-hfPr}l%
zZ6=nHl~gR^X^~ah+NV)J?u+AT_rW5^DzD>dz1uNi<=Y*)hBY(ygA7-E`QMi~M+Z|k
zHmuXXFyGDEpHSKena5a&xuU(w`k&-K(UaH$al%a7Xi{}C3QHA>apd0Rg~@zD*X{Nu
z#|bwsITduK$1kP1g1viFCk8J8#YS_&Pe&l9P`l@a<`T-JO5mE|8p~vyt$WCdZX~M%
z8#N}hb2=;Xbo5sYf%aH@Yn>E)|A^ri<I7o^4S~6gpRMTxHdO&0Tmu?$iej!WMa@6D
zk^!NVUNVbPOImWuY?dY_oGM9=!_8t(K68P^=jW6`^QJ#j=^*B7pr%Ax59h9se5RGY
ze*d0Q$Q2wZ%NY%uKl{+5KJb-SMraR_fsRi(jG6M@NLbMIh_P47n)jJSwcl84pFwq8
zKe)B@Bv7l#hth+bEVskqud;-&hb5nD#U+Ch!bcpG5a^~bHyPKJH!aR>HZkaFC9xMM
zf<+pzJ2Okz!yA^C?Nldvcaq+j5%XN$>mQ2AL*=E2*fw9A`)17Fd}Kkbk?7vbHQbm{
zVUo_mUGye`(8$*m@3It?DOG5%vjy}@B@QXHv(py8scWTyW7!a)i*$ZxIU4EWM&X~-
z_OLBZdy^5dfauKcwUD1V6Gx&@jE*LC>l7y);#*-5s^wH-))2aQRs{pgh2T5)ZZ(UF
zJAKk@tdF>5shwo5=pNVLaslmYluKt$X-si|9eNE4lCu$t05@)9Aoh@HmM9C(V0AX*
zsMUW+nVY|Kc22o`_75q)`>)A9p$Hx-IdO4rQjz+Ius%h<MJ^ShPK<wgJ{~<9gLSIk
zGb3}S4fp8AA?~fT3ciOg>O!9PR4*bPC9fL{Qdlm{%`>-9EIkFu?l}Q1*WT-k2Zs%i
zwOuM^S$6?&5J3}fFWSq^X&PX5%BmJWE1Esz1hCLw;l!b=|7$bF(trj|4{-)gv`bJ0
zx!>lZF$l@`(SRjPa64f&-K!OmOF}N$o;=_9@>KS$s1-Bz!v!3tCLHNPx!e<D*G8rO
z&_9+7wM>SEmA^aK5g}~c6OW?>U@VTrM->YxhMpYifMVPJzV`}!6q7|Gh%enjkf!qU
zqZeh*6COg+J`@_Ku(lm4l4s(y=abbq1@_ap)Nc1SGrSsFFr!?ZP3*v+buy!*{$CKI
z1@cW!&nZn$K_Gr+_a6j-XvDQ+a{75O+|FCGOfIlYRaxw-BG0M9^wC=m-WhL}Y*w;&
z>|?_ULTA@TLu2{wZrnw<0*-0Pxky=<zo2WXn;__jCXP54%lWtlrpJ_agb-whGllGm
zGlq=CQ{@e3Rtid<wED1)q*h6YDS$@pQp_uw-djOrA*!c+f<Me&=xv44Ic0ZOw9X6F
ztR^Gnjkx}{MjChn7S2o~7R7!tJ%zaAPNU9f$wjOyG-8SHrZP3)wpvbIXPq0#*~B{U
zg>AQzhqS19RvS~MbMAIAmrC(Uh@1oddqocu#zR4k2z-2Vf!GP6^1h!n6aiacr{XdA
z3z$4?M!6QQ$33vj=Cs;G|3u!OT%6I}K_>k`%X0MurZi`{a+RC)oO*@0H`NXm+(nwr
zN)pV%G^&C90-UU4cIfyP>Vt3eizz`U`mZPK7PUQGld?MmdBV%^kVm0l7AwgLZAEYx
z0SkiI_hjP0S`@&Z7j4pdR&vmid?@}ma>t{96;IcWY4dBxWqB)4`ukw=jh}oAL^h%q
zfl%22#l(2<zt31)wH`Q>$LG7iN~qSIpU^ZRy6&(ZUyu6P*kW>_+>dLf2TDt!+#LW?
z&M3WEc0|BS!|Ziz*jzIi?eO0Oml0p!FH9GP>!tJmFzP?&SEG-}hk0)3sTNAwZ`9`p
zEO*t%u>E3=HAxMm4-?)NcHM33dzC;hT>1~&>wsA94{=!TAhuKFAN$0MfAu$(d;SW&
zlx|qI$3)nag1#!MWUy$gan&b_Kyp`z`a@Kh8rj@XKt<kWt1H2N(10#WeS^2#wW`fn
zjjyqyDu|*93w43%wS}kQZf8rdMA@+gunCQjm!zf}#FCIHN4Uw)`!z8$`d@W9P@H6s
z=@rhR;rtQrP?%N>8swCLCWw0I9<SqL7Fkb3^{#QOOilVp-vowNSMM^$WjdC|hn#`D
zy#Heq&#!CItE*0_>#I^7?I=|xVT{@mFrg5Ur#wvYQFNb?0tC00s$O!<+(+BiooEkr
zgPshNV*ld^D_Db&w_b;>Ks+iGrgfz}Zji8Z1Owzaqt*B>juAtdTpk7p<C8_u71=ql
zXn!?)5xSFeKV@-U%m^6DnQKm=3P9ARFzxI6R-1YdKomY3C@f4ZoiA*|6c*`e#hsx0
zAMzxKvYd8Gv7VOdoa{?Hm-gSX=%J$@ig_(!Iq_ZMKRz2m72smIk2iOMS(hAoD-$2^
zhMp~qDrGw6u$Jno994F-&a=8vW0pl7F;slZoI1ugfxGfT&A@Y=Jl0?LVUE2(pP~Lz
zqEeU!ea_{0fBUH_*hxO{8Lt!#E+Xw9)qC^z#WB-`oBq-QbI?U8iw>KhHSKI?cR$h0
zgl-#$E-{CLH9d?H>E}b5<a#!3BhEg|sZ&yPdX(L4ui>{<+g8k9g9;f$qx}ET9NPTP
zhwGHMhe|b9C4#X-@Ui3OtUYKs<Eu~jwEX$L>xf#3Q^*g!qs<*Fqh*X1i>AFOtG_cd
z%6s)~T9i9YqTJ2tc*7X{m;j|2c<cN@Y>7($RGSG>kX_f7Ry?jitbGMct25kNP7D-s
z`?0Kduqe@qn69XN7<#sSvH{J;j>B;l;%8%I69e04N{&ao)!e|#*eK;4&nt1Rk>v?}
zww{!_RLhN3<P+ZJ8334CJ~2{7dL*H4UW*UzG;ExqP%n~}e?(#D`<gbdC*7~+wqJO>
zA0H}Xn4(sSEtiZJh?|4Gy>wlV4Wq0eKb4&s2i@F}J9gm-aQG_}jF0Vv47hIA1>$^{
zO@fvWoeOCJ^b`H<{kNm^mfVvKmK1vj$r(kWsL`Ea+P%&vH{`)(*QjY-wc@XD^ecGG
zDVRR!&(A3^MqLYk8DHTVWtiDl-Uo#n3~DBn$RgW;ITvHhgIsMVr|>_GR<Q82Q=d^{
z#^?k1Qba4@X_b8VKxR)KW=3$|HS~Afx9gPcPzV|JaRTzToL&3B7UPgL%;Q`$&O;U&
zKbjHCIzu=a_m}-O;MVTBH0KZw{p+V2sBe|R&*<AFjB;k6p{kV7JuJk)zti=elc%cH
zOubUSg1fNXwjARKMmE;m2FGI)m>5%9+kc8ex{wA)TFF>*4IHCM$~oMOV8$Kx1N)3Z
zPeh~}dwm(dWsye=2gJ<-|2L^7p9R#lIZM=i|75|<3KW@@Fh~PBW?p-~?d*>}-`{j*
z5Gb8oyPz2lI~cxQpNtVlJ_^^Z<9m!k(dP>}_N1XzD(SvKAP1K9PSq^m!BDld1qO|G
zU?cwQo|A^-6ei);D0S1Qkw$$3YIj*dE%1#>BsESuu4IprdoA!8&@tQ})qc~UX`tKt
zc8`n?c^>byZV<$sKqZ%%13sKC87~G~f4e`mOLI^S=L+ChCvUj|#@U!04&;1CxpBd$
zA9jXTq)g7;w%bijJ_TBF|4)NFhw%p@9~eg>i~S;lxx*G@1=o?ZURN`_b0OG=o9Ns>
z!;I?ZatRnH?HdMRB+SW1nt(|b#r^qrcMF_GQ>iE%cyXNmq#s)m`DZ{y>r{Rax1|{I
zWY)=xvOJ#D=^~jaFv~sCgr5ZtDVds<&}X)ZVh07YKK{iu{{R5f?JNPq2g21&Vb>jl
z$GGNUBwt=p4NpkyN2$sT@jx-3=S%hC5Z0^~u=^MJYeiZB@aC*?w-@6wRcKy?8~EGj
z?&tZ5;#v!m2W06l@IO>!sYIh2#VAf-S;f~6|Hk_2IqC|Rg(^QG)0kpq=JticI4FKN
zf<F@Dfyb|9Luo`;{wT|}HU^Apw_7RIw1hSDPc3?r{Pth5_FTdfS$$xXSp5emhA=C+
zz6GSN_kV$Eu>3+q3gnyDKlU%RJ#WKdK2X{tv2s)Zg6DQuuFliAGjRa!Ej9bg?>)1_
z%GW7=%Bk7+qJ}k-LWx2P(7epqqUtOv&G7!K;td-CU*y^4-#s?;Hh*(zLG2yliu)N5
z?ZT(Rx`HcG=I81;d`?Tg1-}1h3;A&evO!yz4T=mFE38!(Vif5Qw<{JcsvD*KGn3X5
zv08Ule?yM$$i@{a;dN=5Chb9bw$30tWfPXh;dNnAS)q!jS2<LgzEl3O(GlOtz&qyX
z9Pqe0o*DU%go7^{0S(SHUl~y!+EBPcPm$dbXn57hso^&I6mFMa-=*)k82O!ZCV3zO
zKlj&j*WT47-WC}o29yUR7{DG%kwGn&ygZm6SF+--2*Vn_1N1t*CG>bcS+FMneZ>Lf
zkVyQ?|AOh!ULN)0#t7RePMoZ@P;+~449`-NyXkCJTLE2@HRMe+2DwNS0~jd|D5f<w
z6IpDFU}twabNDo~2P<&Zc{0G(r~DDqW+OsKpN00Mxcmfit?vX*ynEcXtc&WGtbR)N
z+|dGM)-31^?C{|Nd?x#xvXgpD@F~X&2opa&>$RrELht`JWCCVb)9c+7(^&{#i3$K=
z-0%u)-|iEtCmT#k@C1G(Q$vkDNOG6aaVXt=XX*|PT<Vl`HJF4}7QG1D$l0_j3=9;6
zTnoj_whNWHti)JIdek~l;wal{KzE!<yPRvOr5MQ`jTZ~9yFIuBr7jZyjFePsSgC}e
zbC3cn^erkg>@~d?c5eqXs^IlPgFghD@EIQ9UXfAFc)6AXU}`VEu=$~m4*dldl{f$K
z@tyMN5mena*^;B>U_L_-hgDZ0E;O0#u<#4B+^%5j<5pY6V<>U^uq?8M$Cgf@x6xfI
zChoM&u#Qjp)aHCATNpjS_CNont6eZ}e`0#2!QHIY`Eio?dRDbMre^v>iMT@23Lw4V
z-*p3|<#RQ=bTFY!BnC-pw$L6(QUQc!jIlZ-X2vx^$q9R~P;panm%IY1)+YH#pEbtq
zU5E9uholp696RCQG(^P(;ZOd8O=^mzyVgyi3+jG};`T8XM!<w(gdd|Of=k%c)gC;&
zeK=FhO!LPoZlqOIyX(Rf_w?y7VN)Lfcq;Sx>^*v-V#1HY-Y=8KIyH`W1#0802O@y{
zOgz3c9GSg(&`jvr{_zwv6Y3~=w;C*S&m{^n+7mAl4+$C;dphOqHMTZUKw1Km=cdvF
zCj65AQd;sNjSm9<Km8SKHqgWABhCZVU%6bSju}%!BKiJK5j@tP3N9<pQg4e#XvkW!
zsuWgk9i3B<Rd3jygEm(8K$Ee~XjoymnyYRc`^xYK4yMS|oclw;d45LPQL)D8;diBT
z4UG5Cqwkg6y<|Tqi@j#h!yE)2hw@Ly@xu2Zv$N>ZNYM*t6sa9a$kQbY{}K8F`6H0f
z57FHLX*=cQkMQp?A*;Y|uo2U3vtS~I^mG>qD<gA46psFitp7HE7L;(bpoHTFOcu_>
zg9q`)UJ|Cq#&)<Ov%HEzN+E_^hFK$MW*F)iK?$TD&7r}d8PKx*Q!2CjrT^(d)=ku9
zU_ufs3k}#p(6DZ25&MQ$=*u)+mk66zioM+-R9;3lvPX~&(_V=&T5@25V~(5`tPP%i
zysrhkRe7mPEMf}$QkpmtGs{8#5(d8J>*`daW4muG{Yjt_-vFNld2jTuw;yT%YPf#H
zX}E%rmQEi_1R<^aN27}S(`F=86>?1-bc5Pi)=GI1(ktejsYIc^2O=@tMK&Pf<U^}$
zN{$G#+(BjUOei?`u0VZENtS2B(-=lP!CH=R9*kdhZzbRVA1>U34jTBe+ogFWUV=}`
zT759!%FnDVLJTh+QuaE>!!|QuP212`ZBq^?;BUCq_id{V>P@z;40>^F(LUqXJp&F1
z{`w|_$nA`m<lPLAZ^}o*J%kw`o^h;kN7+L$O+<GUkK<~1pY4!tfr*SzBOGolLM)+V
zT2mJ*1m1mxR`TgyPJ-V!h8O9Kn-9yMf2}q(tmJ4=q9as|wl@1JRp4gQ1w+f<j=ndM
zwXxwh-tVTl+v-u`^k%D!hgH9jvTj%MMCqIV9qTA`xDcVhA?;c9($=CJ!xy2=lARcu
zU7#Vg|7T$sT|8U~4D!JFUhe2>@hUM1b?nVzLn%BAH%jPhjj>jJuPhJtgiYA>PN`HN
z<F<_9(7*Yzbd_+k$N;mO-{6v+Gr;vu7H*L`D=I;jk}Sp>j?*;(VI{_GN1*<=AIP16
z{hzKuO>BDmO=@PlRA(nP5h;M2?&y0&#oQA!2Sxs>7G1~OQmLG2wSz}({HCk(DiJ~v
zOC@a0j2e>$WVn>JIQ&=TtMqZ$X2X?8NHDQ-A9h0`my0`R?;~30TqlwP3kEB{p8#Kn
zI!1%o^(1)!P%!P+07P1DBT32BY0JqMFz|qC5>KW1n~N-UZ{=*ZDRSUNh^6xVbiF5K
z$c)>Zp^WZzXe=E^GGsfQlZ^U>bSB=sszM{8wffNlmv#3|-y_>)0JPkjS2^$D0vIfK
z|CW0vdWQU?XliCkza<)&+nq9|8aF>Q<lGrc48Ghaq?~`)1O=IJqY`AVlrYuIO_WSn
zygHGe(rODQV}+Sc>4m|py#z#CvO2WMZ&(u(f&Z&`TOJ93-tGc`FG%qwNBF;G#8>s(
zM71<izauyLyP4Kb?$+^=Es&9Q9=bgL0B;;VmZQQ@pqqy56{y0eh06)z^dV8C1pl|h
zNr3IWCZa>lL)<dJFz{>Mz+wnacCaVF=bnvy?1a8n)8&W<p$o_}fc?+<@j$_gnu7aD
znSqz+$Z%w3JJ!p+!JIGDv*f~a_PxANd9&P`=D*5SvPp-q>RoKSxfymYC%5;X)UBr1
ziO>$7u<|Ut#+Ft6s4Q9sePk5D9=v2O4z(fM3#1gHU3qQ%A^CIO^GSd#u_(g<zuS{K
zzErM5y-6B*-EW$&xx%{=zvYXzX?s<5I!i$_*;@?*ZQ}G%+iHyB=&E$K1o@vkIU$_0
z63l>nO=e{|9~2|p@o7wUU1CIf{4srsV|Ao#MInv{GHT<p=*naPHuXs!Yy>{IYaMjX
zP}^xHe)x~SD94&$ZSl2GY-J;SMGgf(JhMzoNn9S{=9<7fWnT~csQ`MloxY#303*rf
zrdD{(gZEE+$k)GWmvcENBM%4}N-hw7Xsi-mRCv(wnga{fpq7c{P@zL&QF3~eg806t
z7%~TMfqL(^-9P)^D|nxz&uy8C$6v@NS4^Ttz}TT$wdbIFRpCOTsM!by4a@q4i%C+@
zP2}zP{<jgHphNd_R7Qz&&}0b`j|_m!E)2Ho-`kv^Eo0_RPW&k6(cW3-^}1Jhe(9n`
z3j8GVy4P7tPu7_1c3081#|(LrfXh9-8m8ICQ+6_2uHceypDuaUcB4YQSQ>04Aq@HB
zLiTiv<c}U_>2YhlAqLtCRoopMXn21U-}fR}ZF!VRL~tGoZ5+U(#KW&;VX()SQbx!h
zT!*x80t+}`nnAf;7h`yi&1eKuMu!RrBN=B^22Zl(xJ((^fesfLO}!+GHRwt<$~`i8
z$I79F_}joOaY%}wX()*BL#GFM&cT%)ts@D5@4Y-bwz5FrZ57+oUs~bMK)65f&<FLO
zX&jc#a8>?J+H~-i-Yr0E+EjzNq{8CY?KD9j7Wf1?=K>r~E&Kd$SO6HnL9J_2nn^P=
zWSlRHD>f}29Ne_eS!*a^0b_lA4CDd@{e2(wO$T6qy3f9DxTOIrClCB@T&ir6?4Y>V
z|B361u>AMmWQ9onWAnQLZ`U($904n!o7*thGnT0)jwlo`9ITvevJgnP50MTf^P<f<
z!A<3NZh)tCb{_?GR#74_-)-1ta)dq1N+9jqN`*Zfn8$Qb(7WNyRhI=qufYWpaH2w5
zGVE9uQ7!icJ{hTM8kxCrMsL$2M|L_vBmn*+nsB1%d;U@wd!;(FK0a`gkiAGV+<Pn8
zs+}6B(iI`%)`@<=`JQ@%(a!QP|HR=NN(!ypeV|Rn8ZH(Ear2tJ%}?ky1-b!80pMN-
z(2kN#KF7n|?2s>^sC~<lIng3I$^dtqbOkh|V27vW|2%*~Ijh}uZ{w7T?Vrkq(SYH>
zU$dgP1#Oi?K`%l6xU^?8C=yq<w3U@^%eB*|`bf*aeD*h?d`+<0d0HsiK}HQZBqWC&
zZ9=C_vCAz}3?c^I9nLtE=UH6|hl1V3=Hw5&??3`h_B<9GYs|S(&PB{}IIe<x(DyH7
zND4(Wv(vHk{+zcCqfaM-qr-leIUAgx{JgL76k)n#xvEd*8=ik3ONb3C8mK%Ys4#su
zTtCU)b#f+7ee|e4f4OgtvVJQ!)4k4H-fjH>d(^#t;(lUqdRmmFyO`d<T2QrvT4u%F
zGWPVaWxD8K$kXa|eQJHbv4S~8IF5J{+7^9h*#S(VHY%M}>_>4d7o&!nR)jg-*Yxc1
zSD-ph8*suf)`jtaA+4XJmr+ev;T&@XXhV8!LYKzkf65{I56yM>B!xkA5(d!;<{s-H
z9m<`o$9)ZsXx~z_qj++vyiseFW1DB|wdiJ~rriouW+E9l8$b4H-?!mr6;Qww?n*zN
zJ%Q!$lSv1a?xa2pz(yK|4p9>GK%o+|{r9R*+;au0n<>|~KOWdwyLIJfcpXt-jG7fq
zUqHIwOYjHO+B}CB?wc5fxzcU$2HR~UY?Lsm)Q=kNn?nP9`AFbiP4PsUsEen2$)r<_
zi)nTc(U~hJ#&a+lYgyHNF#g+#{{cXF+ekowI&r)*bOBQ(atO2lhA{Wau>f4sNSilv
zuIWnu5`#uwiB3ENFy?D$)X=0+N)&#bMUfKxmNK8UXpWk*=t9`<@gsY^N_L$8N}~qo
zys0?I2*S<EDNKYz8|efQf~E%DO5V?PLoX*-kmGbIRLzW<HB_?RN5tuzjmb6#t=vZ6
z>Rl@YWBjjw?VkYnx!Oqhae_iyl`ou?Xh{|01R0rl@`x!R;Zl|JgzKxSxjjdxq-IrB
zp24JdN!5d|D#)AyRy5R{(ELTx$t2`)@`>E5_NiLEmucf85S5YR30cqK1NBW!4nn7Y
z2rn==KP3Z-jF0oEe7=<BosvtJ<X{X9`8_0KX8%FNosO^vKxciYg#5;l2mzV^<BsR{
zC{A`Gviaq-r&C`W6RyD&T{{z>;JO(bX<Gl_TewKSeeK@GdIJ47BiF*l^Pq4KDC0Np
zoz3g7r7RLO9`DY`EY!s9ZObb}ltqGhphwy_7b-lehm)4@lG{(lp;ohs2*FfazjV`r
zz5+b{TP%1iP{n{B{Za}ar8@C7nFx}4T%UY;oJKnt9nB#eM(<#KerBRJwUqtXp?#7*
zz2mF&kHe9uN#eH_{{61ib|`U1EcV-mwh(l@z?vacTAbmHdTW7l1~Ha%JX(erzHQ`5
z>|m?#c6*E{U$>LPJcHbYL|#hn#1<NkL7W;AFE86H(icbnJJoy)>03-l#?l~@C@HNZ
z|KG#@*nDC5ElLr1r5e-EoGJ<Y&^gR@d5pf-FXokeWiK*6<+RM~MzaoFV~@3LoeQBx
z>J59S+b|Vp!yz@=Ijd4>7m1}&#i+j$!WBzmOy$z|bH+i9J~;~j1-&oZ_jA@R#O^x5
zH!Qvr=e)0-s(Y&*9~2ZQKKNs<4tL*vbuXn`7$$#n^=41X{)qkVYWle#^f%!k<`(lx
z5N{r5^K#!6LDrwB4Bu36+)vgy|GPg6b{DuEc^S8jOuNL+PxS@s=zWW5da}EyBe-iL
z-kl1Y6yQBT=K+Y8QyQ5N+YVnW8(mdK?Cf)UxK^fAP>lyXq*f7--A*@un{>qJ*hAI(
zy}R7xU_EtCol&P~wJA}knA@hl&_2<;!Q1Qw<7&}seg8UHW;G^P!wgiKs5<r=Z1p%C
zUy7z>E4g8b5t5rX0(r_H`v%;E8=Tya{DB{D(_)A20-8i@uld^%F=)mHda+Nohjr{X
z3j2mp6OUwJDQ7{gOn!4x_B(p!Az^It{~KEBuK;XCT_kK_KzY-IE&y+lPC7yIuu3jL
z_9{*b=TXl)qV9+=qodmB4uM=nzjoK_hLG*`%NPZ<H?c83`b${IZ@eVMU|?xZP37?W
zJ<sX3O#-#Ix|%$EDKYGGS3gd{cR7~+&t>;HQEp&^MaMi-y`UX)Lmhn@lfva_J<&nm
zK~r`M2$&HvIPaT;=*^o#AHUiA81S{MXTKv)t#A!JTM^w9OeFeGZ81-nA@3-d@dwqG
zmJ&w9i$t)oke_U6!tz~T@~;zXhY9vHl4<`WBCs^Qz7tKJORyEWtEGmr9~UHYQ3>o<
zfjO$Ft5z|TSc&2)9SMN`t^|;qcg+z3;pspG^62yD!6gY46a^GA#f~sM5vd2_F`*gs
z#<G9_V=joFpYda1665|719YOQ5O*1;fB_;#K`#4eNO3kHVZo=oF`EEl`u;nElCn88
z=`p+n-@S;R@ofj~>1|^+@pV{J&cZ;a?5d59y3?hoabiCqB|Jf7TN3ZoG86&WdZdFA
zA;3X(ID__7nC|GY`rD_xE{3m{=e1hH+#K#pwz!)|`lF41_Ls>QlPYAM?^{>$+!i#U
zPLX%7E*LgmY&k;ry}ahcwmT+-e;T-R$_5CmtCK3FuU`qd(aF_#z=!`{_;}g<a5rOm
zANp{4*LFG_{@`x>z^-|`_}F{31pl!8XsY>mmrm7ZUJ;=9_*jlNURXXhY$xU++1Vzw
zJxkxeM@o|#QxQLAJ1<5-B%priqyUqQzdG|h_WsMPZXVGi?>?zx?-HHab)tkYqs=pc
z77PQMQ9@5&G_SS6hl5sAp7M7n5ud%tjKoWoHk`|CpOG5IMg<Gv3I_Hl-j6xOJEN_I
zMnaNmY$Y;bWFncL#byEjraT@g$Psj@Qke$4e|+d2UAz)j^EM#ltrw|KL&t7SOgnz;
zOl)N{aHY&Zly(p4f}=YMXeQr`<DmOnZH|Ks;D7)c>!K4T(}ORC;b{wg9t7E6^Jg6n
zgvh&$gCL__YG{T=cQ~|UsV0YawfYJ<1Nv1*HKq~-3&VVlX+V8GV{U$US9WqjHAN1o
z_8U+a^^4$bC$sW`KZ+slWbB>%<c=ZFxR#4{!7e<IQcfJ;npU)yBZQio?200lN1-d9
zhDM7i2yH~(kt0d;H-Jl4$q`H~g%Kf;U0@QPB6UeE+{*26v=u<ogfo5|CU?3fVstJ8
z%4Np)q$_o@HxKQ{UzN^IJC$RoK0a&U1YIO`x@cEB@}u)>BDF^5HAGF>IMZ1v^=r<5
z2qh}=tZd94r;N(borFGTJQGNAjRm6<4N!~!43`WjQDm;sV^t;#0F|%FSUBLMHfE2!
zrToUVi@c1h3(OZq$}kb4ovQR2l7DX}n<7|+(<%81_jk<U6FCDDm^=pq>@5QSTv&z+
z#@y#<!{C%aA@2M6{wO$v8Kd7#+iSA>5sRAHynz?*%&9OV7?5=t>1c+(#$a349?>1Z
zw&AhMm`ipHkD<E*gPm(Ve4k(RVWP#Qs=JXl(`Ip|SjNyMWZ^_}FAfnL7F>e)&BsS^
zKnP@Ywg|4!_PC2*#hS`hJLRj>o~>$GNhWG>YhujuNp(3UJD~lGHplH1lLvB>YX|gn
z#ki4ks9Vqxfegt1>$G_2BScM2^Q6p7OF+dl2I0F;V8V$FtC%Y)m3_j^zE;81^S$EQ
z{dNVQGY#Dgy&#}j&pI*N2|@Xfg*n6Yh5Hd{v~F`N!*xGf4jNIj+ALW95?yEh5~M6G
zf7$eWi1^!;6ME=(i~>9$yK<yI$Z}5rcjPDYHvtUMFOrV8x?6g-swrrjn)YDPEXCF=
zyV_)%vFY$IGVQ4c1z+PgcWQ_Ky#Z~iekFhty-Y^nZ&~HcZ=ji`Y@`8|)f6Ep!ajn&
z#2y04gzKtO`RFYa^v#vbxc#eqk7S6#qVI>({~r<87+81nbkj6RW7~FP+i9#D+qP{t
zY-~GegT}UPG`8*Jz3uaV+pqV2nVmgn&YAh`Zb|7H6?pt3td#?Wb!mnO-)v<Q>u%Ga
z=u@oCN;e`GjpT^8%1`CVG<tkjp0-4w&t&-~4`9dJjwzeP(TAFAkpC1>=_IOj`x$s1
zWeV3DX7>e+B4P{)%P(Tm3aptUYQ(Rtr<E2~eWwq29ciULllIe9G*XHD7{uR9d*@&m
zE``yRF697wT595hm9#zskut0ZxZ!&o9U`M6_Jre7H5ojx&Mz2T>wFp1`iaffi-c}D
zpimaD541FC)Ug7eYQOG5l2Yz-)>epQ`!c)aq=kh|ia_dL&)!=nd8AIX5{{|Y*m);?
zZcG<qKAx0b3X_)s`xn5884J?ewH+i69aY5dAP|TT2;D|wfjV;Q$RE4&)l73L6fx26
zKqztkCrW30lz~YK%)V#|ssHjdh@EsIDNuvO97&;on(+}{$o;|>rdBaneJ)dbeNl;~
z7D87gHL=;ue?x*c-Y?ky8w33ncqCX%%Bka-DU>d0s(m%B&@S;mRb%u{&?0Rv&<X;o
z+B8+uAY#G9WMr%<1a(b)o5}YIUETJkX~fs|RrFG-Jsj#is9ia4y*Y{au1Zfxm^n4$
zJW7JG7}5D8-P0R7CTeLtXw8%OD@tMS_v?xC@9Z-3OS9U$ZRBEms*q*ux$u@7XiUoX
z0YH|IDP+ix>n`?{%#cQ~M%9ddM+8_QBN?C^X!aV0E9p?~4^P&I39b`EL`8~Vn!2O}
ziDd}&k^c+Z-XdWU81~}tu!||HhY)4Q<kMqK#a#Q&2xmC0u;L=Z%8n3b;VNbP3Vm5_
zo0Ie$Y3lFcOjzAW2@;zNoDhyRj>H=n?+}cix`sENyEbg@h|w;T>q>3qfmgLO%}wxw
zS+?-X0&->H?_TxFz##C3n9@l6b2B=y7jxSbh$V62IN<M_q=&(rEF(qww|cc1HpNQQ
zx$TX(`^jaH%A)=mPXw3zIwT-Nkbn%)6E`Ob>9i5kL>*S0;bf2|$v`WTSl5VyA%zVm
z>U0BH@_kfS?p9S-mYKtpEwAFr=02BQhdknmq`F&jU-J@uqqGfLZXm9pa?kD+du3F9
zy9FWBO$(CK@v)0T=}^?K7U8usOYkw#5+=i(g%aWykWSPCS_~juFoAGM)D!s-VFQ-D
zZvT-Ttx3-XbA+mxV1O1W@~dDIT1kC8XFb-MJl#J>@9l)sw;Mw@v<n>n2(w3w@CVrh
zof9@AwX>?j9ePQ*XOky~oHd+3ui2K1n=e1t!<~(&_|m#8d8<>7r;9b5nNFL)jeHfP
zT+8NyMhz^Qeg%G?%jb0R9eymo>xq)@_7y>V!%!%o=47PY?afI+i45+DHQNa;-FDCY
z@{t50H^}#&IAO9xTo7o-U&sMRBZ8=#zL0^Cx<c|nO%1A>z=`C&%*RtrN)!z?K;+rJ
zOgRs})84G~M4E<kD;gpdd1x#JEm9L*9eu@io0rf=9;s)S^2fCsbkr{smDw)yVygr}
z)SD-CRkWs?53xbJz+*NUcLUD;;-W7Y*+-<6MQ7-mC9V|At->RH%C%ytdR;*`lN|T`
z9#=}cq;U?PUmfQIdA6+bV%e1m{eTKQh6D-3_RVV{@Nt3o2Y+g?r=)>=N%X2@I;&LY
zC74uaa5~d)97xV$r#68H{WA_RaN{6quzv=I<QHYIfRjWp2+$gDDM0%Z^`;Xc<#<hb
zMRMh<7fI@$4IdG1R?=lvFqK1lgqF}+(br2xl1{{jkXG7Sn7U0nt()i+57Wyf*1jCh
z-jsanPGyyRy}SbnJ6Z|&FbVMC<4Q1Q3C)({^j*t<+1&+x!vm|C8QioP$6bg^RY`J0
z@5}8GqH7(rpP_Ua%f?pF`S-1v7c4^j@@iY^>I&H7A%;P71qmdaBZ4Zl3&fGN(<%}z
zPZRw75q3=G;;utoLI`t+0HQ?hf{<CN1H<9_Lcy)};#jmJ%7n*-I{CA;?r3;vz9kL$
zd9_9_iHfgy#jubmpO}9$S%)_;dLML}x*W6%#K@<km3adB`O};z?U5a0Z$z=;0}w^q
zoTxs-?gqmJoHS3+I9+9&83THA4VXzAO4;I(l!oSrfwZf4m<X#0g+y{fXDcw9SR-cr
zl(_`|9D`aE@y$Ro>5WoXkw01=I`G~_@S%>6j63pNIOV<guJ88>Teqi8H{0Gyq)G~p
zTUU4GV(~t_b$+M$70pWnI3b4tG^?@CW9^_8zIpvqTwSHC9}$M9iu)s#@U}{6y@As<
zH+ZRRhpeefdn2T)y-rv{k=R>pe%ZB2G+F@b^hu{aqw8*mTPvg}wEMTX3W9ti?|)zi
zo{p~|(2cJEf*nFgWby+dF;6%v^>F6VcY#OtS2R?TT<h31;k>%VV)271%6+|4^q)pg
zfF4yx?Dj`la;4Co_AdZ#s!5e~f{2!)OjMOG8Q8lW!ykku#L4b{F{HHl30>(Na0k%b
z8NtM6&%zbm(Fy8%q9Sjs%r(H%=Y4-^w`h^u6X#@C-t_^Int(4|Jly5gGiI?Sy1;Wz
z-2H5WGv0YWi-p;_Qd$#&naJAfXatvVeeTy#(n&-P2G9DlTmK?B-u)tqDZn<t2bcYo
z@T)S50bs-L-`PJ~aaQjz`chk<{`F`QAAtNq&H_xkhG!uFVxtzRi4uC#c(rgWYhNsB
zI!?|un`hc{<JGkbDH6hYg0mxFhhGHtOJ|T+6X1Rh+lpxb2n69gK>Ul2NPu15Hs=#0
zurC+Lsg?|<uaaF_g_Xmeh<3}Zf2}Zhl{+39cwR%1N-k%%A$DD8Tgs}F1as$}e+sVx
z-R`MQQuuN`5xmIHHsX8oofZ#wsa)Z7670qHYWL}8h`p71nnHE{+nC_5UtZa~?rgaa
zJHW@3n)z6vjJq~y7_T?D?LpVWXLuZgJLCz%qs~77Q2qa|_??$Q5*0~T5mgX8{SH5e
zi)Z8fL-)0^da6y7?ZCrS+gvH-8gyUVnaMz=MHn4Z(&fhiWcvqz=E2>GXP44g7IzyO
zVDUW`1249rj3%PMVPj7fw9J)og0KFGL;3V~*_lw_mLKnsqNzzi<nZ$MsA~DXSJW9~
z6pG9@cb*N(xBpVL$j387k4;oeM;zF45>6NBybN!rWedFJe)^66XiEyuw9)RR_Zm0p
z6R`>Y#K)vXm+|REgtkR^beCA1YBV&5f9>bMyn;~lL%a|?u>G_m3xL<7*$g*0hU`FE
zlq^N|8(szQJbtjzOVk}H^+J$Iv;*E>^xzf{UlbWTO*cI%gIKytF2d1hIU%ZzeSUVJ
zXH>VoQ;V9%3B>YIcm#L%XL!gg>i`bazwRH<Q|_;S@}c-i%-C%k`ux_*w6jUk!a2c*
zLc2bgd>0wm`o1xKq!N1Ga9at^e|Jsn=`yz(8%D8O^dob1#y24rpu4d<4ZHMX|150h
zdAsirk2pKl<@uL>hhKg>*SYGni2VLZ=-ry*k;J;q`&P8C&+?n{eIa{$bl7p0C-K)z
zKjygRcIn%XU5%#PqZ3Trb!&t}poR$Bn2F2(vf+yt6~Ek@oUkn4Rn!(usQ~fDMa)x5
z=2DgpdCN!qqHF04s~TYlagNJbp6KdzZasT*P%*T7Ybk2<sv7YK9&n^p5(h_nD6QNK
zw08ZD33Na*{U~6r-yVF|o<5{I6p*lgg!o=TLH~X_6l9FM_~B=Y@K6*>I=@~$j(zyW
zcz|eACX@arnePC@^lr>VoZP?jBk>0Xhx~_l2NK{u1r?Lhb9AF*&F1lK$`bQzuAgtN
zmP2@IBs3*rz(OmoUu7E8SDeRt-ioq*!_1(zsAy}f$ABq<wUEu_FU4-=PS^cdG8=~d
z)@i9%wg?HF(q)mb<z@JWE`XGAL_qZ^96+ukRRs}o%cSm$Lq#?vGpsaNZ#J#QG*<V0
z`AQxAPv3ebDf<+>B>Iqm`Ub1Ogo+zN$%*(uIEWicIH+UG!D_b;wCt76`ygqhL($T!
z;i|vAsf{1s&LzN^f}YmQ%LX9V%BQETE`*Wm-BaG<si*&?VP`W7c+|o+*;;bN#a5YS
zxpR$S8>0*-FWM8Nqlh~6PgxiScG0e#^Z@=@;FnO%BM$ov4=flI0u9p7is;Yn6QC5X
z$f|BW8xABsxlcs@YViZBBtNRIBEJaGc<3fXfDh1je@mlO;uS+=1KWfkov$smkGUfx
zDx$(mKOw6ZV%MCzJg7>bbhIE|Ctg(IjoKn`uLiGU8VP#pIocfC5yQU(<RStG&^+Rl
zBAgSYs8q#y742ds1w^v~-^xYnuZ?Gxj~}fbFj5#0e6fIEIJ2GiDqkAJ*E_-<Dd)0C
zBZb)EdC|!n6puKuyg;rU_g3H$yy&B^I@Ltk#f;_uIb=V;xMDwH>GFwzyrfuqP@xe3
zS6V_9R7S!VOjd%wbA~UWEJ8UpQKc>6oJw^qq3YHbMCq7-F#Fp(>-OH#TT7<|Je;`f
zE*BKn<s~i749f*+TL-yEz4$GM0yi@jNPkQK;Rs369@3X&x6ybJ4%!P*3r~I2m1+gn
zNia4-SR0MaB37GaOc_&3X35S1wid!+FE}U^EN4h#NYxX~XG-xWLvE}+YaQlf*kiy2
z@P#2!a?`jF>l@R{q**}njpEmDwFrk%@wj}`=^g$VaJ2}MC@WEv1L3hjlBw7;fG<y>
zk*Uju%pXvQOrcLHWq8<)hKSV|24W1*MSVJPky=*e0y~|ff;-YW#q@;0Wg5++(%Hmj
zuo$9{Sxd+0Af<JM=S9TuK#Q<=zkD&pPU=5M!={o|NYs>BIQ-n0J-_D(V=R--mU9l+
z$`ZcBarYlj^En^Z-cPnMly0-iMsugzC*NOp$7%GmY2!U`;3|8<WZ(?m3p(l=-kb}d
zqM<pTl?J;TZqRg(6bK#BRtF$heQMAKt=-HMl8nvFEaPL5Rl%cL2;T@hiUuyn?j@8a
z2Dlu5l3d;h^sF-Dv78jv>uypb`z;RGqfQ~L#V<x#Shxz8NdFSM!6E7YJFy%-aB#@L
z#Nt9NY^pdEJhwQg;^vgGMt$2R&NQF69ZpSaE>j}&H`9D6A_AB?3{@}Ut5sX#em;Fv
zDe}x|6N!aHBbeI8704^SBJtuG>1RO;f7^sExLcI|B2of;`63ruhB;Q4X~G2=y~%$h
z$Al)q3Y@h7D_s5&=3g*hSR_B@1A{^KhC_n|1``gc3LRdOgaL<K%0_fM^*W4jSh<+~
z!Cb^LR+ZwjYoJ{0SLYFRHP_{wo%Lok$Wi=bvMm}ZK(o|2dIU8-A5<!wOLF`2^ed!%
zZan5w5G=?XKpmDZ%h)gt8c_S}H~NXXj%+aX@bch=6d{i`D)smwz+K^>hBSsaNj&;A
zd=<&ZWao^{KT04tLc(qao89_r5pxbU8KpwHHeyM8NI}q7E-*k4O;d*K!%QhM(uP8K
zmdl|eBd#n;yJK8fmL!|hRcRCI#M0SwiZJjNqGOST;Kgqq07g^Sq7C`>UTmo#B=|eV
zbj(BtSB4@Gd#_#PgIYyViTGz@{Oz?87kz0JFLmx8mpjg5)NEGW_>UtbewnP%*Vr}V
zpPovyIjrKfud&x31wU<?f5vhD@F6y)cRy>Mz!refZdyd&vEw~Ai>Ob?V47t(GRhTU
z1(7(Ii^zE}GDc4euntI9`5&H_U@Q}MM66x9Fy<E!Gh-D(b=0nnC<@+76iJLw-7J;+
z1UrkxAHKg4(&|b$MCcA<bT-i`n&T&SYRTO+fxin{2oc#b0b+%sT@GZ}l;Z<pOqWuM
z+J{U^6zRyVtPmy=1W=~KSX>>E9;ik{oAq=~9MQvRjqMSi#tq`Qd4x@#O4vZzEB`;i
zJlJHh^1uYgw1<cUeB}xf526Vd2Z&>EuI;gdo}WsKxs^+)T+}avFObbv1QMeyEH`jf
zPQBWHui$?BaAPO)^J|E51+H_U_7@6{7aN-|c5D@V_%bKmdAJmLNYqhg(n?b$@F!WH
zd=}E$J@)t7J)}xo_gEaodi;}46XaZ4c=%fsUHd2O#GRQHg=_a`LYz&kPL@_%@UmGR
zuR{%z+ZH2UawI`C<QDpw!w%kOqvv?nxqXW-OL~+-SGX}#a0V+d-k$dMblSq#7w-9X
z7BYo<8Whc)*e%|_-pA|mK;tgrv{#~9R+P95oVw^8n|`U6rZzF6ODjU!*0S4!(yyh2
z<J?XqsXd6@r(#!uHV4I7mn|`YV6U{F={Mu@<c^viD;cAEaCyQW#$q~}TnV=$TbG?Z
z^uIOrhzboeFk;r8L*wT@9vEwQJgVohVU8U!Lb!7OJk8H)%Xo>D6ky~q)>0@zbgV+~
zh!9oIGQ7|iW%eNFfWXCg(mcda_C+GoS(873=lG<hdABSwM(2~<aF6x()1Mh?<-vB8
z$ZN)4I_h4Yjo_k_SeGadh!o&YxwLWj)Mbmgwx~C4T*}pfF($tOplTZCLYK0e-<`=k
zv;D!u$LM+yMjg>H)Lnn4X3-HWvUU{?bi%oHmeS7#6vrNQ?rh_K#h!ypvg3Cdi1vX4
zM*x-q@qKf*FTU79r6AUy;H9##kKgWcsr{y@8lL5Uk|jx(Ls6%G_m{d~^8-0$${r+@
zGyzS5kuy#?PJsSE3D^?G@0%3r1;iozM|_1^9MG`=in`B}sY9LYb}y8=4@gp5JbF5@
zCbaf>U;8eFWZ$kukM<z>aw9NT>$+tuSL+zlo*s;1l=>Dil>6kTiZ)TuoI$cFRiU#P
z-tQD!iCh&(CfS3}wn-cbq4;fwUn$yE_iuihX>{_v?u{Lr#-5s~JI({*7fy`<mB!w9
z`k4S_Z3SH_7Sx|F(r^+ckVi2;KMBt2!wSUms?!EW1KC3^gt+_4Eg<h`1p#@KjvqsZ
z0pEbKZY-E(G%6JsOXkz7zGIr3;Xt>eH8U#RU_S(F@mDDkS!9_EbpcGmqUn%=Gi1yO
zG*E)NlMe$a#0npd0)4fZa&;^%6bZ~4KOn3nBf%XBF*B9%i1=T@Jq4bS%mDhn@~Sfi
zM*rTxt!aK8#u?mnsAR}KX~f=e!{>~`ZpYO95VpuG!chDwos>^Ht%Fh8gFtoE>PBNO
z`JXz{MJbH}Gc_tdMZPud)CapODbGlCpA-SLZYow0tZ=Er>Mq~VQhu~vmPiRY{A+K2
z_44UiVCAj(O(#$fkxqsv#)XhOjaEi*pw>!SN#THiUZ&dKJVNG+(kjna(Rwuo(@k<F
z?g(%6NFGB$t7jPg`=(4BDOFbgD9RuyCHeo=X;f?qnQD4!ncO@Xk=(;+)Zs)*1JS1#
zQ3B%8<LTw0fm;ReRwX*pxKDTBz33107xib+EkeaYkiRxSQ7w3c-I&$=0)B5r(bgEh
zj-SCcC~7)l&O<bfVE>pp@&nuT39aE2@z2zkCHNlFdZq2hmr^LJUK}mIfVBBWb3>NQ
z%`uJ-5#9<PpwX;}e@SEH$XAj6k}uw$TZUx_(uHG4G%Fyi)KVL7x0$=lkg15k3zI}`
zR?BhXhRo8I7(ur<n;X+`EwzYwC`iOVKiZi4V4=?H%U4~dc&+YHGUwIJeaWct&LjgI
zycelzogQgl50>eChgwAql-gvgGRu{nMJPO!^(=oO@5ZMytu`G}PwRw${u(tRZ6#!a
ze95v=t;V1U2E4JGUfnwZ=9oDfZ8#8l(z)2s4rLWYqGj^`tLU2INDcQ^NQDBf0vAbP
z9o3WbaM5PWPlN*joi3$%pS^(D&iVGxx*G(24Me6P*ngXdDrU0e229286L5;k9x!UD
zdbW7a|NipkLE<~R;xY)*JaX93%BA&AUDi{oX<p5H&{t3#OpcTAjMHu@(&6k37B2p&
zfI1;+M75-+KlvMZr0V3<Z_Nx!{jB2;S~BMh&Yr5rYBF*?zC(9^RdW(^D5w#eF+3pn
zH6DNV3KZh?7}M#8;p!z%kz~HG@y(>50BkaTP7#`o#&%KEloN!(cEP7R(ZWxFx^O}<
z5j+USZg<RH%H3{udfmB*UnYpE*ubX>SBP1`y@esX3y+{QSDTlTBs8~5!J9qNngU&w
zy}_mxyHKVQALohESc_zD(c0LQyE4GPs4(Gz@vkIH@4%Pg{&GAnl>9~5(z0~DW<PT8
zK^jaK?nTj?y8u9ggq75Q%~_f)mc*}+w(5(bLnUz(XsgE6|Ha+PRYGS!ho3D?a_(fH
zs@g`~5OApToku3O9uze{p@X<Hvix(26cbBvW<|ZgA9m!rx*)`=Pezv0S_v6%I@0@7
zpTiEf3h%m(yB%>zCn|+l3@>#r%G3dORY%L%|9{vNJm*LZ_Ety)2kz>PA{-t>Zt}DQ
ztkC%lZwFDP9L*iY-5&2cfs28yHOIOW!%q_?z<lwR9Sue5XSVijZXc2cc4PnS2U(1x
zKxIy4@^b2if%>PKG9xmQk1bmXB`)!DV4ZgE5YC+kvraW!AMr+O7-dAiFICc*<YFw>
zZ;cu~fE_;b&AOS&?_>(5y7srx8k7OAATqerbbi(0fFWT0>jiGG2f7>Rhr5e`B&H`m
zV(>s3?>P|V=y<btl*AfC6ch2I`a!L#MIUymkA&SRDko1c;k(P03KCNC>ka+MEx<u6
z`JB5eC#aC=a|6?Etsa4`%6H$2Zx!T`vn>`hJsE^Zgwye%5Q2RCP7owEfWz|I(uWlf
zY8!L+(+`7~#cSzAh^D}^>9E;6awgOH`RZ&%rI;Ln622c`NzJZw2?H#rpUBGxBu8D*
z)LSe_;28u<vMlR2J)POx+=$Mz^B?liM|N@-b<hVC>h$0fdM<^K7;RecVQ}$H;<Eek
z^D=7e`}zNs?iAkWOIzK9OF7Z>uqBaM{ZaCaP)5(Eto7LO5VVo|oH(vuAF$`g0^E|&
zSYaAu1RT3ICHgK9DbAEgx-adRtO@YOfSK;=iEP*}Ii8v)Fvm#|y0~zF<09YCpV3m3
zFgo_!8^Ip?_9=Eba<oBo{E8#mc<;!RR^lN*;zctIKr1u>Ge#M93@twc{h!-7%Fkhz
zRo&16s0xUthXep-1yKt!J}KDs|Bk8H{T>Vb%?l<ni<)HBCK9JwDwr%=mF&(73XIEn
zStoKWP*Rm!KwU0hfn3V>3vW<?SR`=)v%0e1Z*?IjHbPmv5Nu$4HQYGPsj6uHalR1%
z8qwwaA_SQaFVt(E@EkX~%2Z;9*$fp~Gi%Btv(2-~a~ag6mk@Z2{5L?Zz#sO_VEcK^
zVARVZkR*BV!kC*pu=+FiFCk81L?@@m_vz@h<V0vy%sCLjBy&cYAGp$h_CEr^>;!S`
z*tGZKjZqJ>hgZd+qO#`fag9X&1QiSGEL#j;8rd|GcEUT!D0QHfB~lGF{Oe<!^`|>x
zd*p!^-o7qTq!RPs^#3Zo{}zWrkfVYE7?4er$O@r?_Oc{M(@j(w&QGzg+w}A}QN8pX
z?JTNuBnV$V(;Y>K_Q{Htqh|h~(0wnQ7aDBSQh%}Am{coJy(-iHP;VJhoJ1zipmM0{
zT*0gc0c$gC-SF(bbmJ}@i>az9KM+ZBX;caR-zs|HvzU>ELf^HI^_)RdEHp|j%ANFS
zUl*SCF#w+{?hZDieU?i@!GjGapbfOu<z_3FR#S_!(R6)D?yl%KR_<_gx}@^nZkK9j
zaQ2c^kF$4I3QKmXl$A?OCSyG8%4E`eRE#TRgPR-<)iL&%bQKF2k~i~yc~{WGYJ}Xk
zspzW|=TlOHBw<*GPD%15g^t5quaAA0HICmuSkLBpUfDXIn8kEXUWsuK3B9^YnT?RU
z72;iE?$<1PZlC+uTyq1Dzy2jNH|{<`UvrJ=r=}eSyo3>d@)6JK<%HZV<WWFNTlqYm
z>9r%X0f*KgYxCwZnxpd2DCU7^+`io0XVSAX1cYYnYA%G-*9ylM({$Dj{$u!pM+}bn
z1}#&oz1c6;_gmm!6&J)U>lZqBn-k?cNsviE+Z%DjbXp<RahoR9+3K+N-G>bpTwi&R
z4~dz|7xA=;gVX-MFH$#PkuBcU0u+mirl(*cDTJcryUPRtC;O#woG5wY4oS|pxyr9m
z<)=%K0aNA8CD>kg*3e`c=^>&EuU_Rfc{IFzUZX1`y|49N@;p4GJzcljv-Yrdn;An-
zbWXo}WY&Sy%JZ~qvbnB8ZFr(nXlwpREp|hl#;}xqZsZDd9%B~+Pg!g_9{x>}u<k<b
ze~=TL<uFfnR4~T?LQVu27?FjJYp%k+xMMU`O5XAnD!XS6K{+(G>5nT5n4rx%azDQ}
zL9e9m`=);S#S>{3sE{WcThta>w&#9120oh|%D+(JJ|(Mh){?3u+^dS=1K*}cq^3jq
z6v+dJym#5Fuag8O{f5lUe&eNCByOKYG8kCi_>Y3ZS@zU)`+3xKKnm^<1*@?~h#@@a
zi)C|4(haMBM}!L;hvda*sLB)=ml4tNQgM%>)^rOI7!w)(O4nEufeq4b#jLI#{Ks;F
zj=&nvfum2-FCdw@8JmqW$$w{Qn#=TNFS>u?<Hq7{*;I#c>ht*KvbXH~B6wm0->^}o
zLfc$Kb3AnW&D6K{J$g=py%Ln@+Hi(WS55Z9%s^T?G~9BJLw#eZT2F#-Mw(v9SgQN$
z=M#?oT!Iz_Gm|dP#vQnSg40Vt;qFLB?Vb-5oEOe`_Tf}&QidZiILOs6@2^?sIdlb*
zB$nFX((cd1KR!(!CCzKtkjX8&XeQ?YX!_E8yiBI~Evg(!iP1e%2O{2igzVW73-D;H
z`Un<66vUZX2(l{Rg#QS)E`IV!Z@vz`yh_pgmY%Byc3`W3op*}xK@Ty7r05Z3|23iU
zFJfo41V{1l@W4TIVmncTy;9CbKG=W3W?&a1IMS6N0E6u<<$PioPVFtV_jVh_6nzj9
zd%E-f$i{?|=zFjVD5uSlFs80pyQG_{>?+XqEd`W><iOHx<n=QLF@0mzI&e#hGN&Hi
zz;nUX(%VG@Ef?)4VVAJl+p!sKP1&ctoJkRNP)ze^r(Ye_+MenHSNVrT-nVTqm2pvU
z6`-ApdB^of+m+^f3-k44{1w}BFf02Eu&PZsua$Iu|8exw^%2kmxVeo1z6GsiPFBqF
z?%GGa$Xnt=A>)bk*~OQ`o$Y7rPPr1=OcEo5R;RMeEE4Qyw~;mq*YAl<1Prs2Opnq6
z8&oMp;+TheFewpIv`~-{<!vj=AV$EF|2{*^C$?>ulpmre98E!aEG}`oj9N@Vf7y%$
z9rX>C6C)8;VTwF&5_br3S2_=IjzAbAot1)Uw*9`Db6QL&^tOGKfcEk+i2#iP3=-6p
zi!H<bCsakO6ob+_b)R@U?-3V{o&~fCdp4f4JIMz)5P&Cn*LgkRlvQ&kU&Aj8?Usnr
zwC8|TCtcu)=7VM8m8~icE%m<5n0Hi8mxl>xw%m*`VvEub&LN(k8qja_sLx1ohx3JU
z5HVQdOg%uLDWuXS|4fJ|Uo7H_=!1n?2_)8y9>fkqT#~q$h_0>2TVq=sOiVm!5n;H)
zna_gxm<W2Dh5zoyZSEvqF^&U0aBQ6?6DUM|M2M<5j*2?I_=q$8s2~NXO}i?aQha;q
zfsmB@g}`|B{CwgM$BKIs=+CW=6ZA)zg=A0`8E`D6Lqa=jJzC`!V2EwwL`HSMvNEE;
zg=BlT{D8+AJz%(<nAREjUg)YC1!ZVf>-uGI@()io35px->B|~{J(t(RKBWz%>D49$
z8n@@c+x6I#h@G2obC1U;MVwmcsG*I~aK5U3Bef*CsXEqy^>RFhGb@9h3hQdAu)A)-
z;7xhQIUg)yPxsMLjvRFqXyaLbW?_ptXu3SedCL?#mONqfHh6<J`ijpm4}T1nD^v2L
z|F>ZESPu!aq?E?SUa)^GLB*tCw5O+L{M`upb0VV*r;2>&?WiRe&gzj&+_JzS?2dc^
z$UhA?13zA9s4qnV24_H=hKksZ!)tG@-r7^IdCDZLAwFnb3r4x=ZEeb`c;{^YHi8@s
z`91yl;o>WxRap*B)X3G%x#8~fn_L__h&!hOJMNSL2@+0mweajP>cp!V;Qpq?vT2Q}
zraFH1_E&8GOkXT>bnB^3LaPk0U*~ijTuHblWDj>JI<`_kYM+}4uU+ad9aO#sgJqeq
zv#(+Oc~4}PDqS!3pZPb2SZWSV0tEPw<p#g^clT}mP$L8hP%76B(7^L-q7fli8*Lf^
z&J(K_<K89XQ=a`h!W?bR(l)ndEoT3JvM~-~g!^;3jq+z&1RIjTo_sl#X@G`IQ^Q(!
zh<;EW{rOI-C{no$>-CN8ZPrnuIym=hhygqGQe17?N1l)}zw2mQ0-s|BQvuO{9K`Xq
zB8V7z7wIDH|9NGWK$q7(%%E=-+5tw^rib0v-Z92Zk;Xb%6kk27^?a~Js$vmQjlUoV
zeydRUf6vL)lVeY6d7npW3DgtVv>EC^ha!eByZ4Y{g6Mmb4I-^|w$~ECI}TxO-RcoK
z3#xG+EH+1B+A?D^3sb5>6#Vbeg+V_V<{aMW4-EWhEH_i=<eWo@tXQ);#8DZH57)%H
zKST^5r9{#9vd#;k*cUh)?9=G}ZAc1ZbkVU+LXi~Eg=3-4Bwa^g(eF7G=41%Q>i0u;
zR~PjdiT>pOMUZ9#4XdKntN#8O1j!rx*RjW;g)@eQ*Gp(sZ*F7DOY4ZaGx1bOZ>VPE
z{*muOWb<n1ux|wc`#Ke1dOiM|b*hh93%8mF&utz;{K<xw&JpRx(6|vB{U2ust%Y%P
zV`rhErb{tDOVIY_%aVN<yuA9=j3ak}46-e?<wvc62(44l1dn(pS50QkY)pI+RuI;d
zoe=%Mg@mz1PXZS*`FkN|s1z8Yb(~}PgKcM#F%D-p!qv}u5cNn_zqmrc1*<HK;ok=%
zPbDODfe*hAN;d-4VSK+(jHT`ebLvFoe`AnQV^1b0)o|wO&pU$pBfT7&i)4%4lfwNm
zZlj6=AL{Lns!652AY_cvRNzdkx|X{C)}&1R5svyFo(lC0K(|saAEb+_2|1u|MU>GZ
z^X)q=vU$mM1wU`PBFU|@<gd&7PCy(p_}tJ@yBJyZ$k_;JbAL&F;F{R@7`d}V{{H+#
zgQ)RZc#n0e1Q<=Ew6n^ha<IX3sR?vMldE)nS#?=eN{9faEN>CKGh{cpQq0t!VhWiq
z$lETTzrVLAttS>6om=>oKtQR27CLpmU%r_V3iBpm$cq2o`ja|cx5U7|xc!$nrmH;_
zrWt{8rzosyqmJ&~Q08P@mJ)0}G_Ue<vXqaTeyfM*<{~V_e*Asn$8S0wuy=p|OFXsI
z8hUjoL&u5b_m>bu6FU!jcD(f2%1)0<e)0K79Oc$25B;j2>=i5LgO`G{zYxA#gbshU
zK<j8H>##omk{|!>RbJlS+Frtyi1G<9yVN=SHH-h{S>^CzfV0g_|Fb~3?iur=qAWgF
z%YI@w#x05aW2@b!yTYh?9mt~ux+qg+6thXF!~uD9kGIVk)81Bw<zK=-*@D{Q?k~4c
z?gJTrDkC5&x(=4Gy^-$cpfdVNx$7P<nJj5jnqvFIMyJS0wYDzTTdnYE5ISp)YpJ<C
zMB_6{;_+HnBhiU>rSH&#zvdP*3re{=dXDTA_krv&nlMk|n?;v=Thi>?cPGbcIq-zk
zsf4MuJ3+D`=aJ<T-|G8%8Jm^m_I=gO^d;FMSaC0MOI3?u`-WO=Nf%lsiqxia0pyeU
zYK`eRVeU*Wf;R*IAdzV`EvvBo@zxZj;#NZ-^F?l-P(XauEQcLBd_6tn7>~xIMiW0;
z>fz!|C`u(wFqYlEC+(-aIfX1a=rUzUAu-B{kYT*M2@NheDAv^7DJC`QY(B>6Ml1)>
zzZG$_xsy^?+EMisu2RDBIAEvYk46+JwW)iMN`#_dRUE+gx5k^Tu7jE}XZf;G@Dx8O
zmR86{zqIjX0c6V`(lb<&YuyZ$_THSIObj*Qh<_AKPfgMOG_qvnNUSP+=buTiE-Li_
zy*lJ9daLGqy%ryc)J-*sc<Q!@xu!-3S^n&Weo<y50cKmHJ@NgebGy`%j}CLg6kOgs
zSPF}7SIk^*WM&*1tTqcR$D_8+xF!$Gc%&hrAO|}?9ShK7!n{qmgZq8xW8p7~?+s&z
zgl+ay1=-EyT5tKumTxtO_FEB6O2wJ<z~(8MxIHSHBqt>5x&D?4)QLsv^U@QW4mUC3
z!>j5;J=@7$!-1gjc2@-4LH6+M{gbsi<U{*<ISL`ai_*2L=54F`=}x(dLsWHOcIvFn
z`r8i+cUK-6i&=@&*Y;;=`OKYA2Sti8>(~0%{T`cTN~g<RlY_FN;n^1D!)%+XM()-p
zN8xno-QeSS@j<y4JBs=%Q(u4t<ovB`=K1A7kwrWcw|9%L*R`+C`v)8CbAs8ngLjy(
zXm6qmT8*f72W!FS^c|ILzA6(-a#6LgMQF*PyD{t9{C)iRvhM&*q5aQwVr4e1bePMo
zOKWRXw6yK-mjl82_!ov_?Bf2g@1EB^Sz!(fl_HzPXi_{SRMY`#e0O~TpO1)l9N_lI
zc^LUmE|s`S>beVIlO6I|+!p1y3sFWrBtwtJuJq;b>vHk$8Zu^cv9}RCkHTUWAvrAO
zWqmS{k7UY_p=1&tWjtrzL(<!yo6$b)bVX%P=Y}xUw-|a$e)^5b`k1p+Nn$Nm*ShfP
z;?Uw5=a_-k%E0Uus4z$FLJY8KN)q%YAL0ds>VbIC(;CIbI5P#N+QN-}mwy<bni)R@
zVqhf~hym0*)n&y&_<q{pW?_OF6ZU}<8WGFI!MG8KM6nG8tGi~OedG0XVLja2nzu>=
zjXsl)?=b27{9cKU>6-{NbcQ{0c45npvXQ~9k3v?SD$XzX)l@H-2)E(=R>Mz(2wYi(
zNmkYtMNd#9>60db-3Yf}y}4On3@UzVBz|gvOwyPL?wzOu%U5Q9{>+(%PG-^?j+*Yw
zDZ)E~GU1&SzBMtIZ%~oV;l^a9%)5M5;SwkwFIp-lpOuy8D;)o*GbAbgp2j^U`N2zC
zH2mdNmEdVhCKGnGZ7BW-@u9}$TM&1lACm3Ob5pZBfty6fk0tLum)c85k=cD5$Ir+4
zBEWV<qsF-sCmMNeN8_P7&yPc;*PrTR9xX^7ZCGnWVImF_c%rC&Ecwq=O2`XC(Z9QD
zS7|;F5uhG}rqHI|jPA}A=1{2_jiC^ges6e6@%$}&SX^J$R>FC<NJU<2Lfnn!edH{+
zx>`fv^Sb!uEH24Y8*9qF-ST4{U1Bn?-J$yNDN_5U;k6^&5%sG?X3ksr>j<i6cMOaI
zfx&221p;jDwz|d8e3lI#Ly+Q+<>D#{38Z4+-{7<Mxf*UhT2SP`=loz+ON>f2`@UY+
zg=sJhp8y{0i2xd#iXl=>3fLTTb=yK+6$8N~zi2Zfcy5I`(WV5+*(`M`*h|!rPA|>T
zrhf3kxIezSWD)+5jqy4zi0s?-+nQP$!HRuZ(JbbQ9Lf6Tp<Y*x=St-3Qa~)=mra-l
z!C}HPPZ0*}GJrLThdqN((d!i<(5jvvc3)Il#&K!;j7Bp%Wtoco8NuG>K-u}n6z?M)
z@#IU^3x|EE&t&6$Rr?{7&O{GAQ4OP<vckoT=te&p%&R1wVj#6~u<oY{Y2@|tSBB4^
z*Qp~Q{20NKG+M)URP2%;Q8HcVs8epWQ0LMM!;#zS>5DS?*VAJQxNCUhyaHNVADan=
zLVhrveqB><z<P~#z#2lZ<kaOJR>!7QTPTLZrQ}Eob<Q1+ZlLo3kT0Kpj9%zupOfZi
zQ0+rtRWQVNR6Z7#`41U$OYp2%M<5nGufq+4((wEfv&pciEyv-FvM75CNCg|v21#zp
zeR*}Tkw0#TCzw?;U@oqu|AK@e*L*)UKz)K42$D2J=bA94T%2Rd*!wTmd-*CNbvDpn
zU7~g_wMt4g9nTTAa=ncgk@?1F+#NMWnsj}Ybl!RcL6Wp=4_wpPDY%-36NtDy7f+z8
zq-tI1qTJAZL?WK-46}^Azd-+~3|Y79Di3;P)|=o6Pty&CFoDF9FglFu`*!Hes9%#6
zx`VWW#S~DVt8`PWVfeiQ|38`DE6~Mw?NFw?UO=*$Y689|SSy^0yABUVj+7(2e=Mcr
zJA+?n-OFCiUrqj8d6!74mb}cS^n7_W5*w*dy?&w-QfxVYs`-I)ApR|MH0w$Dh!cr*
z8HobAGNuXG-B=7whnLL1x1lZH4x}O2hJHuQZCw~RJu86cc7YnOA=+|1hSv7LUPzsN
z*ru+~LV`qZ66_6NC{@D_fhsTOxC^NJ!b9317e>%6Scpbv+?aq<=&vfv9fUIO0SPRq
z(=_2a65mOel{}qyZmXB@<}UDu)qXa0&q7}}F;C5eE<WaZX$5L_$6Ucx;44FgSH5Ut
zfFw!2AHK)x6ce+B6HMmzbDMmd7kBy(#ot7Z-|wK(-;6?_G<Ba`tUMI^1Gs`*(*?T}
z<3M?mg3Pf7+QY_5vxHv;q5dkpwApgpH@kTf3V>}Axd`4<j&zuroRy2h82wU~Ju|U~
zU!e(q_BF+8JhCi^%R-KTQ62xsXYH$8xW1K*CGY8bCso&pA`S~7cb?0crpk?b(N+QK
zoR1o-<h>L5vG)eOMHO-de^NPLv{zxNZ>;1d5gF^Z+cp@*lRZES?LG|3j!s+p>PMD$
z*PU~-Ma{5J4P&o{pQzH9u&HR10KvuzmxN#%yj%K<);gkljw+pa`I{rz(NhVpLgNeB
zKzRUt#K-ld7(MPWU+ttMhtfsn%xjgoPl+a^uQIu)%@_7W%`Feqw*e)H%-vX?7ORFP
zMq`Wle=5?~y^<jNZ&;ft-e2_Ysxd}V<LuPqy2&x_4f`>4I<@F4(fu*pbi!#@?MDB_
zW5NPFK4sc>0*q%Y>>!baB#+lzZ1y%$7`BFz@DZh?efEaRH2YD)I6TDK<8>V2iZU#4
zG0Cpp=kxo3diDlh9x?M#)PtqAm4--uvH+5ac6OZgJ>tM&X<RgCJgaO>v}q}srg&OD
zUB66pkmD^;*PN>0@JJuAfdgxUo}fYztxRB$a=V&ccCjEHVL3-ex%gjbk;rTx^{6*_
zl(9>R6MK;1g`3H7Av=3Jd5EyQ<iIR*;^>6I(L5-y6pua%2hJf-h%L-2uI+#%GxK`T
zK(m=<em@>7D)n#Qk9CH=B*jfC4&mREnE%1^M+kY%qnmNq-H~O-Lcv(igCzi@`kg$w
zRr3LjF6zj3$;yIi;KsX;XP}p)8EO9_qL9ho>rpRt2Sy~9*XTU_E$ps<LSaFiH@vw?
zTrcxUz0fOD`Kaz#^Xp5CS$$8Ri>r@YP>|;UZ|KnUW!gDDBR+0maevqz9aJTe+aIg8
zJPwEW!c!keazW(ZS!|4}^0P!8^O+2WxWR}=5(S-1pZc927G=S!m!TKQ?XQ9?j<bOA
zWuW;Ndpu()7TY2T9rjp{oe%D97jz}yT)H=?Cl}oj4Bd4=a=N_bxK^cSWsnrCpduW{
z+p^JjqRv_>Lw-rzJVZrC(R`%oSOFz}S1I1L@_4Az&YpMpb+bBasp`c-YO*CyY=*#J
z+duh$D85}P7nmN$iWw7a0^Cn#3vM=2MQFoSa>zk$+8I)6n3%$<^BTgh98#@>CUKC{
zT(DX?Dtk32MDXtUe~kork>Ib*idgnJ9AlIQmJX8im=&-oj_1SI&<1#ObX1Ztq7Z^{
zrU=(i6Ne&&xT|;tjM0t7A-L5C|C-pJ9=yfNKOc5%NN}r6ILojMAUWn_qTP(tjbxnv
zLq9U|Dze>9Gd&iY0`l2qnO!Q5DiVwry+La<4|)<0qzGmqks<;`Z=B`dEUI<0>~LkE
zH5GZ}({3j1xf)&DOQkrFq#bx2?>K-f;Lm%WygrK8v^;N1RMF2548%3^m#Quw{W$vu
zD?Pa8v^ZquxuwYot`K^f7T#^Yz`%PopqtkEYndEmj&q0(-`KAku%&i(cOU{vQC=#?
zyoWPy#QFz(-XwkAA5F8K<Ms1<u6K_Zsnj<;$~2m_?1NyE`+nj;bngcfq#~?^a9n@=
zs|@R5MT`?u6{E~^IGZ@^tiQAO)L($Z$P}Kl{9YE&rv9<jiQsLS0Dsr@BUZu#zKbrx
zFgcq;>U5GchHoNH)2ta>;bP{_{nEiegWa?=#T~n+kgpT3Tn<Du9UZY{Hx}L)u*Ztd
z;b!9qNP>-?Om1&0%62RD;~BTvA$K50BBR}n^y_21M>od~0#|I|=^oPgn@EmsmKyf7
z#FIjgeBA#fQXH7bq6yNHvnpI|?ocy$(^BY8U4n&O!-m-~4%|5~L5;rar;>4D7CMKM
zuiK%v<e0<sh@qXAIu<)>yVrwhr=p)~XX7gcHxBQA8ZkizG{bqVBUsS;8MObHh1BYA
z3#grp6sDI9)T?IL_ldGQLjPM}AsC~Yqf82IN`FxXHWohOEqSdH7OjR=Q}uw=)N_1i
zr>Os>!-lX@%lMp`AxQc1u_nWMK`xfZqgY+9UBQ@<0DNHYBL|sO6m&L%8gtEo8PJo$
zx$;<g2F;Ws34TW>t};OC1awBKBPv5}D>v!st0g$^6cKNl=+Sl`D*sJM&@+n%Yg(cX
zFeTluf3S6FM}gh21lO_Tn8CuCW8-iwiJEnRAwIbL(b1#*;sZI%@fNI`cWn>kciH<F
zJB{RhIDVFNh%p$YzHXNhMRuB~(2-MNE5m69XMZRMKL^TzHp+$0bvABnnWmb2YAf<N
z$^B-VWSLB;C;)<@cgVF5MOSw8IW7k`bmBrI@m|#u4nOckGogAPg?cyCt@O6!I|#Gn
z;DE#9x6c+;TRg+MH&Knt_G`E%Y6Koi^h^HDL)6X#Pm5kw3eGlmwPo9LhQbeB`%8HE
z4=%3_E_M%uX#9YF>nz{6^}azJStB?^aSj38H88~EXc^h4{5B;2yC>%~QhRJB`XF9C
zxvEt+K%bSuMTzvbP=UFbiv{kf=-)!GBq!{duRf(y#y(tXYwjb?M&Nox#lD5MC+&0}
zIqU-w-N4I_wgnQJ;z84NW;22EJxHg5sHJncC|#>g(w6o%2PFATcCwCl6LP?(RE~X*
zWPXwUKcbO#dV_s(AORh8o)L|Gkm%gtt<AVh1ea1=Ftx$7Uw|=i8?(AY!X5k<ON{hK
zhkSK^EnqC-Hh*HdkE3EYu<{qLdk1iPJx?ci@^<gXuJ_&DO#2qnzQtdMHfRg`n-AR5
zDt>zey&CB5m6a9OW4ffwLL})_*R-fJ6w@19&ikX#kS3DSYve5;XQ7GdYfT0h&Z(RY
zkOP(^px@zgF>~xJ_dbQ|37!Vie%?K*f#!)r1*hMh)S_YNzSQ^&ERIo@R<<;>@4vaW
z_g~QpO?4pAVN@b&4n$L|iYjvTrN?q==9{f*-jD{lnI#?U=xo|Ovy)Hl(WxEziqbH<
zIB+tM)+9Rcn_#aZ4?JMS`Xm7%QQx|+wbl(qLBQGbM7!MNA1lhfaoxG2surf2hudNQ
zBN!cHR0xn@`apsuH%5gNrp2`MMzPS&`OKob?5g+O-G1V$vn_P#^DX-b4R`FZl(%$l
zY)SfJ-=B!Rt@fa)RQ1Qr!}(@7MA;3q5>qb3!*pQ~8`EXT!LOE?@Z5lvPuJa8PHZdS
zrSuRKYbpHyzy$GahH}A7WjOID3i^G8Qnl>S?Ln>y$#7GyjsWKU&T8!KN8r&9yCR5R
zqShN;a3@|aS+6b2?$=x~Zh<La<86xBMx&$^O{z{jz!6Cr@CS<_BV@4qG<3lou_`St
zRQoPaei`-dkuO!GB1kQ{*#&$;<r}Ls|D2@(_C5C4aGPSA0=Xc|yNvAGT%?9`gh(a%
zu5IYoC=`*{C5|vU{*&mUkb9#ZsV#~F;6*&n8F`DnE4CZ?8-*?Qb14qQ`B_{al2g%y
z7dPZNoc&_QTSD3K=O_-nMbCGp*NcV$RT4`tv_Cz>X3TcE22(J9@b@C;UGX?A%*LSr
z@Lbg&btMK#A%aK)k)l|lgJPi3-}C;bu!{UI+vX1zJT&c+w|B?8=BBW|HIIdgv5d2&
zdm=^bW$x#<H)KzxO&{khznS4icUt$7HLXA#X_Rsi9TCzIQh$D3P6FjUa;;6raLXjR
zD@M0$%8D^(Mq*Juq$gZ;9Yg30eRw;4=s(mP49xS{B9x82a9Hp+%i5Tuo|Q-Ugg1Sw
z$`{ot^(FAA67e~0r0JW7{QR4SwA$eoG8k3n@Zb#{F#Mh80d!g5?_+7+<fLIfZC(t4
zx3`71q3C_Yd*LN&@(<HbLD>v+$)dC}THh~T2I+&F28F&lHvjG8ezcos*znL4OWlg8
z6U=4&06vjo>^)QUHb1nReP#G%W#kI#mw4gkt7Qjw26jUW?u#Y8J=GiWT=WOHUndD=
zXX~oKSGXL7u;d3^;W3Y%4iCK)!^W#mEB!??zF!n2pQ5fiAhsIFUA&q3ZU$#RU`)CF
za%nKW%3_r`*TaT*zo;uO$S?5?=)+MZWVA%WRSw-Fg`dD(YKgKJN@-T2WX9Aa>Heb{
zterU1?=HHy+KMy?HTktLh3+gJq7mAwAD|F9Q5CQfocp|xBtOA+gZv@}mrjferM}`}
zJ4YDc2>UDgA3tS45D(M_3<7KuKFUhfMRILeoBNdR`Mx}*ajw_JY`r8kd`fT<N}{0i
z-QCrGJB!in2&GEbfM>hVA`^a`-IF}1VLZ?992;T<9@L}lI5DYzuv}RS)scJAs+5x*
zx|gxRP8l<2Dq<BX(eZtOSW{AJ9g9{St|;td6KC9o1w`Mt`NU^YHVy~=I@aX;{&N0}
zMMgntg@@=Y3}tTT6*rYogL&=`oo@$luHe&Y_>PAWP7XH@MP|LD?X9@Uf1D;Q!>640
zA;FXt=!rH#s)sJ$jqQaQuKe9jh5_?M7ap2=nOm_`lBt)5@vdM?3-DS6*;8mnN$QD<
z?<P{DY1#<3uLC-tX;-3Hz8pfq-a%!Ybh#t%lB`$7$XUGI?t5r{IDwt1)tz6t)*UD4
zD0_9DLor}>6Vt!q#;(S)B*gqfC^ko7u}u>^50!N=OMLQB0=;w)pN@BW&RV{=MUyHI
zrUmIJ`yCGQ*zF{aJ2f>?d>G(!80Kj7YM~r#1n}YZJD7hx1|2gTXSAtk^zRZ#l-AL2
zT;vkm2%9K?X`f2f6tHify7uU#rMeYC?OJSdjzG4>#~~)|<4SU77=`qoS@pIV#P@1>
z-pFx~_8T^?2^$uTWuT`v;2bEmPyr*m5W3BS-J-k|a!eY>{FL~&0&eil2<*D4$fq7f
zIS`a_R)dhHDMd4%9@%EHEgWR)p$|s#mC^qo%B-n76>nSRKWX%sqfZ7TGtpZ+gDVSs
zxJ1qPLe4)MR;-3H^xvi>q=y@21}f24(z8A+F6>zf%u915;i9NHc%Bg%#p=d@$Lhxj
zhqR41eKL~58;JiG2*u2g9XAzPU?5j0Wt^K7B96myMcQj81R|Oj2yJ_=IbM=I5O}@J
zb|S5`%KluO5`o*<7Vl!?io-omVBwsZ+a#eLSzK5U2Gks;(mpjvO4WN`f!}n1qbq9m
zox4nZb_nrQLr`OzZw}B&{iPED9CVo9p|ksPM_^(wswU!6p`)4p^%d$xxucgAlt5>^
zOAB!9Ru9`tsFiMM-Xv^WvI;xvv?|DK)mne;DZRdKe{~*Ua^ULV7us7dHfY;j4tQGI
zIONeZQ$&k7D!lgKxE6NaIF7Qa3}_~!;-+Y5=Q{%!WZ$ufeX|5ODlZ^6U7YI@DR10n
z(@A`kkwHrCwYNH|H{kR&utdkf8wE~;(Ix7N793RZgIRf?E!`6cHdF(g+n>&^;C0{~
zmC#Of>9gl{(!oBClOTmCYcYPYrB-zd9zp(McjSpwz^=R`Gu9r?yz!SC7h~qIZag#}
zWpBkE$>%aIWb!z7(`Tw|*d+2!i>;eDRfXir5?r-R%whs;2|sK)eyhAFQH(ec%KY*D
zL*hK^QlYBPg)^>eI<r@nt3Yy+?ks<lRu11u79cyheFyFX$A|fZva}v_=pg}swVcIA
zIiEE+H=o0@o_v(&0}dnEUk7ned8|g!e_Hr^5{-`bhmWXoR=8EKZ0gtG#7ZI=M(0u?
z7%npLCNY9yD(C{TD)5}@7!pue>dHbYwR4-K+<(Qh!UlT?e?qcGsZBwJJqlmEG8$}i
zpweb}ZcIhIZcb$YE#McfxpJR$T2J{prk0fR&-UBz{bh9U&Xs)m$m|W7Lil;xm$cEz
zq~k}>Y7X;nvCle2a;*dNz1)9{UR#(M@1Cf^2tM>T64n;*A6AJIf%$qMRt&eIgV~17
zU&as^E!%@gzUjK>*WLk8URFPNFymm3Z`~K#^2?#k`yitK)Y`rZ7y`E)MP~o3zC#xf
zaNP)v?5G@pX?pqpurIaM8)8A{PfhGA{y(O!IUvvX>t}8mOUu^slWTd|Hnwcr#<E*j
zwp+Gq*|u%H&)V<X-hZFn?LOBrKG(Tjh~I^o@mS~p)vb+8Yw4Sg!b0QH^{|*!jt*3J
zD^&}cii=7#hE4oWlwk9%vRWrKd~dsxp<b;Ba?s#$9`h~F)BTdpq9rZTU`{^VBes%o
zN}uXkyxIgYG!kOhy>i%*ykCxSj}uR2aQN=uC~4U>C$I`ud?GDUkhLAo)bcdgh(W6$
z!=?`-pE$=aM9zgbo)cB7ZeET0QlyZjS<aj>HopwL@_q{XnPe5xTO&W7O8S#4K)jU;
zEFMwpXDrr72#LaW#c-&6-qLmuU?mDQlQVdOW$+scPVpIY^Y?W&$#y6o>2FqS9Us)Y
zH;w$%W-REzNc~;<N*HU^T##ofm9foOnGI)kQ*aJj@Cg#;@mK#d%*sH8rgm-XbWqVM
zfRp_mS-Apg{?)n<sMtV`R)*?I%RWBzx($tZ#~ix%TgB(~Cu@HC!MZh1FRB7J=a5ZB
zS!k0fca)q4PCoY^^Nm+=Cq%Cel%mss&M#s?)S-}l3wNT_gMCoH7AY%+SNC%z`lq{{
zK+OC#a=H`r1yr^s8pp4*r#@F*zr>mwja$81*Wf`~jaw2-hVg3~vr}gQ>t!(-h#e3x
z+lJ=aK`*Oq0B1zu$6o9YBCnb8%OXfv<ZWar$NWbQodoqr+#)e68!o~=Yso++FU~Dy
zviGWBu!hYPVp&v5a|XjkelZ*W*pzL&>BLCQ4m8{(<f+t8*$dy!f|c1^e;XKRNbAqD
z$fn57J0mSPSe0|_Z(r{a@1dgLB9ZeB2bHLRufIyMCJqP0`oWx}s%Ev`>GSG3HtbhE
zwF(fMq1-5ajF6<ywDKS&L(@JR>u>KYk2kIdzLO64PE~kdUKGE8^yi)G@MG64RisOE
zFMD`A9-E^blzyquXB)C3z63Kq8q6#Uvv@}QN04!i!@|ssn<kx2??a!lTA@s2dXLM~
zjv;n>`yUweq^2JMuXZ-P2j%goCw0WW-kQ`1bNM;6{o{(WXJ&PIKSD$lImG95KjXbT
z_&&Ui&(Z9%<$7xatvxmaF#%2adKc<-5F&m5q$xUqbZ(&JmkN|-&H|DRP@1AZ&*ngq
zRib9aA|k=Vb$%ou0OB?eCJ(|ANAJ~kk$i&yMm_4hQrf+ItyRk(j<lsG0=f-hT6giW
z)(ztDiHkzSry&+MbYJbK{;d$*;PN2*WT-}oz3n80dZX4^<vr)oN59lCJS5)EIs0>q
zh}$HV#=owOx6xbk#i)|>dEU|?0War3^J|>b@)3hbC*if9*Q}}Ro#BV+Fp&x!ew4tl
zi$Xmf`g-j=dr~)p2!DaYH}+dq8zZ?gQg;E_&pvOC#5t8}Q*ErAM<`#I-3Zm-_HrP7
zf{tQE3AdEw?v1Wl?+xE<=U1Z{Ly_Cq(3RW*;$lNbZ%xOixZz2_b8)pDy)K0ATa1Rc
z598rx-C`4mzO8Z|UN1Etf+_zIs;YJE1GlrK$m1|}_Fr9XmF(J$Gi-K^GVQcIvuHlp
z`K8Ap>r!RG)d6u#f}qYGxbPTWkB#t~9D;Au83}`Eou;7q%P%$Te&^&<Rop-#6k`G+
zOy{})@XLSasWAp|XQbu>T6zQa*dxNUL<VA`e3cQSI?k8~nP*Hg4as&+o65uB@QbL{
zdJ82u^yogZsgcC#_+d25*7-Sp@j)J<qiW1M!_l>pmUKPB9`Bf~&1QTC1k?K0d46q=
zHMqv}a92Kyl~PG$6#W%JYb*-L0%mS2M*F-Y9I>J(3ND>AOg$Hd+Zt@0K?RPG4QQXc
zl7f97hB4SxL{>c=d{y4675iI=;WEV5NFRbr0EU?K&&(N{l!Ev<c}Pc|a;}KmSSVxF
zRUl>-rW48+`$st=^UPC%$xrWhF2SY<S|6~^FP|c59G}}Wu3zjt`p-||a0;;G#~j*I
zVp!wy@0`KEO^OZMZa#{#iaf&hwiZbHq`8R|&so}i`cp|xq#in^bjpwNtGX|R-S?Cs
z>37JUwiti}!==Z1`9SN!Hl%z>_$l;(sf<Qw4bxZy&X%wjLZto86m%peWKIo~(151E
zm|H-@mZs>xZ&D2hHuXVn@%sTFEAoJ|A+SoL>uTiPzI%wAA#IC-c%ihm?t*JMYAMtB
z)7b$!?6-Up_urA)7SnrbI%3aGWyD=gR$8f#r6Od?(@lR(_X&P9s+2S)0ZGAO=_9uh
zQMf$DEyIsB#rDUMG5xB9RRz}nIC<4fk|u1JS0y*6VCk12GpxNvs-T>$^_j&(@t4GT
zdUe^2q1C~}WzS~fOvy<FE!Mt?GQ6pav#nWkv1dQ)%+{E3@q0NF)**uwjEm^Osx-;|
zhD4{E)8mqhl+-ADIn$2#$BX-N`CjeTlhnYyRK;aJ{tq>FXr4zYY4<IfEs8V8Th($R
zx2u<7*Wz(Yg|01SN_A+I5t1I{^@zFC8cr`+-1rif>m3EtWlkyI5_b4K8GRS7NjtF;
zuiF@lQ0Ve3HL%Usd(cBUpyR_WQr2Mr|DEjpq60Qq`bdZuP)97pnJtxLsBSBbwk>Ms
z7gVeY8<Oj{k{&k%j96#;`J7sKV4q~QO8v-ERm?qBBU$CGQ`ByEcYlUvC(w;lps9PP
zoG2g!v5?q$X;x;tEKwXCRiaMxlMhW{%-=?+ya-&9nQzW;=_yUuv;TFSCQ^%TD~}-v
z^7+(&1DJ->Uggw#fn>K(kl*$W)KFDI7;SD9UUylkbQm_Z`DCF+D;=PAZ*8C3X=V`a
zG<3c^mu$DtZ#;8#7Q|!yuF=E}Le=1nJ~@n|HX%LE9{s_mCFu63-&<`{N7sL7eVle{
z_Qto8veANG2~1W```BHP(TK}Hl*&ooT8B(rxjphX=N4qM+R+;v5lPihvGp);y%Kp4
zR_4)jNXec@bB!JAo@c8vDYM^yRtZ7fr{vE+2vdD$q)y{?rv!RI%f4i@WhO3JJ7nRH
zy8q946dC)ua8PFgonZs|m|La#Qb3{nu*mgsL2kkwx~X~5Quc{Ucwue#0%pLw>Em;e
zt){(_4SXsnSadDBDsi<BRlv=|9Ct$DvoS2Kf1R{za*TGXyDd*Q)^)7Tto=MC6s&sA
z-Q-7cu8b-<62mnYo=sDR6vUD8e|3RdF2mto@jFi7yn$y@=i0R|t0CZI>5!vN_7Ju7
z<s!opIH>k?J8<JVtj%l0`y3U`t*ChOW64k*?v~7pZ;Lefiw0G=LfviX^J7A6=7`ag
zP}zs6AGjYB$un0Tq=45d<W8tPoyl9f0xtsaS!E27T1K`7b<`h<+|afXa`UJ6x(Kr=
zFQGik?u6%eJjj))b<*O#X|L*4F{MW39V4k3P}gj4`~?+x*q)vxFnPO`Dfy?-H&e1u
zyzuYjf0jV(-IRxmksf43D;)$NQZ?{g!pG-$beqWL6zl|O`3=`wN&K7S<+8nxk^b7f
z2`ow{vY`Z$m(720O>qV4d8$`9A2fA5@A4FR_fkUXIb?&gJt+33Wb+Pi?np6L%|<lu
zxzUH;r9+s}WNdD2wVou8?HzgzPjOhnAzgG@yPPW<861BNpZHt4K5w_}rM!RA?{De`
zLy5M~&6c>+BInn>xFS3bB)+2bp6s<R7abSXVml|ofG}*o1w(0suuf92{zXA;>k@z_
zvj67zRy`)7?(LLv()Z0bhqs_zD4JdRjc%%1pSkDjebeNgd}DCaSC@!}eq8pei)1uG
zih3;cms&AYeV#;87?*a?MqjZvNj36}y700w5DFGJoRsO+=*HIj8xo5aqu|rOT+Oi)
z3{yMV`ruB8S^wZB^|~esc8VhbRVM*s>~Lie_a)M`R<U9$Xcj`sHIi=kc6c*5rvc_4
zK!f|1=Yn&CW<r6=)%|>b^KGLvPevdXH3>72(-Z#oCwE`UGOphCmVOnLDUXj`sHv26
zvwdhilvKIAFP80lQy;w7#zQFsd3&iww!OZ?6Qc@YM3e=poK^gKay$YPa;lCrtdINJ
zy{yU|EULG56(8MrB6D02Y57O$FULZlj129t|7c3=WA@=ri_-zp#D)w+;M8(89nw=m
zv;<*JtnVMk^Dj=^=-&l8UkOz=qCknCtv_advYmC};5R6U8<CBL9wSSSd4Y@^U|G>g
z;R3izg+r`tR`iU%YTyBl?fQ<gRY6izpEkkuJ8cL(LV)RVLJMBJ6zvFsD=GXVg`x5K
zPl>J$M`AYb%{U|Yc2(OqW~uZsPjjWku>c9HL&`ccfNy|gB0qsPB1HXtZlXD}ZdJlz
z%Me2*+pc(gxWB6rFUbS$#gYL;8^9fyN1CsnZ@ZlsJyo|Dv~Z;(9Gp)kT~|N*-6A8z
z%Hx}wmFmBb{i}K3EkyZv;^A!7Yy5f0lTrEeztSe(@sHGR33adSJ|<jT$?|Q7CN$rk
z^|H-mYNEE|j&@gY6)Sq-t~_EIR3x<8o;wPy5nA5gBU+|5UED}JzCa%AzWC9$9FMve
zE?;{buh^__Kkk}sy#W8SjK-_!yUJxHUJF6@`803MJE_R0S-gsijYz4lL+97bjv`M5
zJ@Z<wv}Mp~t$1PUuFxK%t}m0#Ew&dR5j%P09x5;Ik8>@bRfX3hBfdbKFWp#~d2}RB
z8b=QF+nHjGuarbCTo_$wmTjD@aD>)9nYw#6ybtRXHj{3;bmL|@&weZ(Hhe`E;v?pH
zava|TtkikNv|4hYGl@?S81Tzl$KSVT_|9lW{j%7Ew$SrfUn3{_4_H=k({+InBPE!R
zpK=r|a?N_(MT{fuw!Xv|^k96G%`R~|&HvHUfIMUETh*5^j#Lp-C&{#*CSQ1J_h?1}
zp{==nrmX7YTp&6yez*;!>BQ4EE^0?~vyRG6iEJIh!H``rS$<kQW{P~Ixn+`Osd3p}
z`!n4*P7<kowoLWc=9#RkI`uYKwS@oZV!g}I2Qf^5$-F^SszT#Ka@za>g+GN$%+c(W
zMB_g|l+$>QE%<(~(IrV%owYO(w)8d01OKA*2fxRurr4k^uHfCx4XHbrgequ+KyJi?
zohxC{(eJHCdf<p|EO`N(Bcpk}X{jHX%f77r^ab=`WxRv1$53#_SPZUn$y&lSrXt*u
zDv5w+t~v#d%-o3cuoNE}e>=|<^2A*1NlnFcX~1&}@p;TM%v5p<c}4!gE6gNcptYN7
z!gI5Hih7rqHa~g!PENRrV2w`vfLT{8H9$*6D2ieJP;IvW^z9J!(>d~g4q-<NJj4v}
z5Dv7!LrmO&Gf@?4+FmwE##&#+9$WVrEw!R+-}M+DsMYMbjQFSWUnSRAIG9M+ir>V%
zC~^1yU{4oDNJs3M1MX$d1}`l5`S3#oy4v7?=K>$Ee3`c1?Mn=vZ1BOt=H<I_i7EpB
zuB$yFo!|@z-6XOo!+A52-3pL5nr6px^g)3%RTBeg;snxEOZ=CnDq@q<gv$W8q6xjA
z{dJCVh#35D0MO`(<cY+(AB()~=?s<?ThC{II&ufJwl*(p^>70Zh&h%b`4{6%0Ako0
zXE`N5Z+KPaFMS1|A|%75KIhN%|A8#6;>4O-?<=r0{ddh575kb_P&K<fkZue%c%Nyd
zOeC+T?`V`27|%UbEn5@A10K1k_;s6k+NzDRc@)&IyXQjWV^C|jxhZR>Jn8~$enZzp
zgZDN(tIN0UsJ7Od%f^FZfaU)5fUu@O8z$%NOB9&vxVwEt4(7A3Jzg7(+rv(KuopMn
ztf0lP5)&pMnpRT#OwQ!hVBtm^cpnVDtbf;uiUW(5Yr_(&(#*`^q5BUcd}xAFQ08GK
z+(=Y$$<X+RThxEma9-?}(L+0#kRb2N*fv8GE(~2J74?dndg1Rx&*x}=k!An7C1d%j
z?~{jA>^sD<WTw>7uwDy4yr?!seVE4+xb3@IWqzeUTIoL<iqCAkP6AuEC6q?j2Jh8B
zFv(n2@q)WVCSt<P13BDVh-k?KFzEM*hNeN+?HVt?<{I6x>KQlFqWBgm{vYV>A{k=7
z2tQ@4$pYl4zb9t+0BYW2{)s?)_&e9LFjt%1-n~?*b=*X<HqVNoZPR!R+3m~)!JJCW
z%R%z0m8%B6G*!&ZRtZbmiq)sp7FkvB2cVwGX12A&n}wT5>3FIn0WqffM+#W`iF^80
zLDHG0&wPw+4@c~lP?xyyCTy`hkW91`FYl%@^w(0{;rwr`{~OY+%3Jq_ZIfK~FZT=w
z4Q=v_g;}&+?mc+lA;!_R4lgWnJIz`cGUNZGOdE^MPe7%zek#9mR%hKKA}q*q$k{$4
zLU@vD`3z;E83P2%#NLtfb|s$8GQPYDm?d2`=|#CkQ(*1c+aU2>%_S|kPB0|HjY@Pb
zD12xLbjt~NnE@*n+HvpOWVxRNFD5BwmE0AFEy)??Sslt+dIfRFfDGyJQT_HC{k=&3
z+DV%J!2Zd5*H8e|m-856Y}<G0@%Z?E;Jp!NFCPaz?_|h&2~<2J=^5LCRaUzR#j~o{
zg5fA=>A^PLxdzTR-ry|^;}QBpu!k|t;ha5OZO^p6^?4^EDQb2G-h!8>Vv4&qEgk1V
zQgR`kKa*FF4{EzTq@t)UVKJ&ll%R|WIl5sME`OB!mc$Fj$@p(CJdHSxkmDhYo3O59
z(Sgs73FwRUYN{Wbx~fW3eyp4~Ur9~vy;5@6X``dI`^A}I(8ZsJ|Ix8AdpFL;T>O#m
zDc$Jq+PtTIkR4o+LrM4um0%190h5J1=i_2?3#1zUM;S?4S|o0+AEfH=k1t(o-h(?#
z4TSB^reMLKm~B2jB4K&f?Fx`46nsbIeUGqPP5%kF;3VL9eLvv1_!HaILOzaMc;2tI
z_kT_bz3#2h7-<6=?<)c$y1m?-VaeIZHxnGE<?=-RaupC0?W=n=<d1z8)KEVi%lbMN
z9QHSPYVFs!++j)-2jctuK<TrILd2DBHKfY-IShlNOl$OzFY3{(WfhF5+JM{l-_ngl
z@vofoX>kL&z&t2H-KKnH$>zwlvckpR$RQ3kX+aXC+AArB>eGrC102seLG5S5)b-|6
zw4=tVTs$LE0Egsz+o3PTW5%z8V730#-D;19sYSK?6gNurb_j(N;o9h{JSHsIb{Xg>
zVYKL=jt5$dSR&mfEAHIugoVyIBjR=}lQ&{M1kW%;tMVHc)>#ubkW$_+(ayAx<7jJj
z>_~nWZ!j3Nsj85vztKKDm>>DFns~`%hIC+-w$c=B3EzEEi}=n)o?S-c!lmUfZNkCP
zcs|1NcOmUCC8j4mCwl|C`w}}nW6$Qkl_sY;Xh1h&AJstjn8|r*czq0uTKH>U-tiY`
z$+M+1`^mafjW}?hh(VCoBhqO=C?pXEjXiNff#m+ROvzk<RTK8x^h#>WG1WvVAbH<>
zvA{ws$is24=A^&JF$<&oY@8R*61z{NvMk<aQj-Ipwb6EKca1&6u{Wl&$YYOsR&qaW
zSHumnx3Iukx4?*N2D?yL<PVIXXb4tO+d!#i1(te^vth*Tdf3tD1DupnBZO+R7x=B!
zBack)2{=3K7x@`O6U0VtWK&kO)MDW`JI#c^6G%eO_#@C*b(^%m0zE5wXNb)@92kH8
zRlU4WUU>elIL3T?{q$Y1u#TfiR?R9GGt1{iwPNFMuTVO*!Bpl;tQG{FqCy7`Myn5+
z@?o0t*aT$07r*J+1s;$ixj&K=mzomJD7X9kv_`6er0)<yyVX_sz?5(h5&q|~{J#)Q
zGE@f%Bc<IWAb$)j`f2~ipE5?Q=oHprwNIh!4k-6pD3?t=rob-|VN)ElOm8xBBm>d)
z%|=o-&OBx9XNC!F2^)aZ4mFo>3i!mSQ^*aUgs_LEF!xp(aoaeErHV0AD>tmTzxaC7
ztcaPR0Sfu%aM$-^iRa1czYU7dwpu($9xQ1$wKB%{odO<Tq-Ai*(&7kmy=*%se_G3z
z=lcCE9N}!`I($FN_Bu#r|JJFW8poLi+1|~zoy~=nf@_4JJcLxlMt}AZDvg?mY>WKh
zI2f(?Js(p{Ho)4eiM&Hh_f3mcJ_n*Xd?ocSSni?q{wAT?LF@Ht>Xzf_Tb<T0Dq={r
zd7U|YpIU_}PefBuZ^DKc7mH!X+DT{fe)E!+(~VnFL)(zxuohB6d!~*}J~3z2w9Kd1
zu7|sk6h%E33}CZij{8$-WMjpkHCupr1%ZVxaVMSsyTITRcw{CmAyW9PfxyWCy3h{B
zZ9_sIFXBJ{{;!>og1~q<67mknqDCN#Y*N%kbqlRubn@na>ri=^h3r!cxifzNzvhg{
zz@qA$cHNXWaKy4VM6SmMkd=7vIAl>AtoLf{^TVlvXEgLaRzvml?wm@<(=u22Mjw&r
z`Ef~Uu6&~XEzo*(v0&4Q9%=zb|EBN>dpbSG#fc143-yCY;gkst{&cz6k>&J)gA7@v
z{r2-DcgwbSU*}qyEKpT7M3Z73#d4D8bwJ$7E1+%1KKw|7fVN#qY13G$;61#Z2{i~Y
z28*}XZ{V}`O`MXYn4z2^G8B?^DMrZpaSiNrnx&ux8va)z7vN85LC0Si`5P823+pGF
zNOWDk|KnXY7$j>_ktXh~vQp7wwL_M)%i#8&uUrWw-<y-<aGT;{{3$!*2}?Lx{i@^N
z5iSA2d`4RhTvtsY{-lv>%t&8@dx^IL?KPY%fZKuDlY9b+3*VRxvxktiKOB-T*Bl;r
zX&$uy`ohQ(u>9KQY~PzUE)HJ&X>{NBLHlyUEr#tMXOBT}zGb;kC&0UPN*$2rt5V3&
z)p*`{NT3ow7=FFS<}GlD2Mre}SeBHbn!2~Ia%ag_zNK`H()I^h3U6pX1q=jBF!)Dk
zvGy#{UqVQVbmEwqgE^{#{K=EDittskt1wh=-Mg?XU*KgaqI?C*4Pk!5{820B5vQ$2
z^-?!!HVYW3D#<9UfT;`3qr5u#8#SKog--f5|8u!1ly)}|a=rrbY)d9C(`VE_ILBJy
zPvkFii)Lwjr47Ty&BH;ItJQfTztg)rFcnux#}Ns-`-wuZBDZXKVSOnm$1987^^N&~
zR*PmekNQ8WMdPT>W1~J2yJEF~Lpx$OfvYP|H`rj1Pwa7s{}m-))(1QEL18VXh1bil
z8rlZWgVM<6=yRMFFUwbL2n%w+t=N0)I#koszvMWqZ@@#Qc3#3DOuUyL8LT!EgHRL%
z)e&u~Gzt~kBW01+Z{bUS0R#sB2M6_)Ik8GyF2*IBT5!sjHl}HjWH&;1QqPwtJnNGJ
zaaNtJ<GkX9%$aQ+0^<-=V7qy)O65G=z@#a(-j2pb{x~%~MEdHnvhQ07!H+<kkq+;N
zs~f(3#{!p9bAd3%nmQx0B3$uM`9%Y>nEdk;s!{?Kv;LR@1{tSaO#IDh%!&q9UmB6p
z0-c7rpII@JKqpf@J0KHYI;CV2;~K?uaV<0d89nrg!t!3p&3-cVI+~>G?$@#zK~W#6
zJwklvP^XyK{=L4s-*hp_tGD1L>dJTol<y+9=?yGZ=RYa*e4|i)=9j6gmXO=dC3W2T
z#d{gmnfDQa=0D8SIDr9YTNWF2x#$(^$4Y~ZnSeuD7~<)AoJzr$gs3UwUBdPsfONVu
zwG6hJN9nuER-R+}B+ntxF!}JwZ#`hM$)<vTrhVohB2FM1PMIRB{u+K3GC4dK)cJ<V
zem<n72Nl)%>pt`vWx^ryP5`Z-Hwl0oulg?+I}uJT?67(_Oem#|-<ceDU0AwK;68%S
z8BR>zX`Yhr+$?$2&2bk)GN!fqYd49cI0_^W{dD1CYcNR_c`iQxP;{v|qmg}7Vnyfp
z#r;#?I|nVx!aDO~9Q%p%O%1g8BguW7PRwq^tqtt_uLT4iUKfFrBJFvP)0c#=@>|kT
zx|bp4)pr}b^-W!8ih~SKi0pfZ-wV$TMvo?@0?nAJDog(ZEdsyNj~p_z0f~Q0@%u>%
zAt+)m{C_^ic$F2e>30e`eU3|&HBQ#xO#LwJ<2v_z(*f(`k_Pooz96lCXs;a`w2R}t
zO{3KL1fhpFxZkAC@0;N1O9J5MzvIo0^blOEMx`T9S&_%RsQ^jb#nKYX+EDPtozLYw
z9R&qDOCJ|-+P=597|i0Fg0lsMBzK3B_%(aSp4G#srU}Pkx_;L%B^dE0_I>k0RuKq{
zyTc*x<eKLI&|_PssT&w%XX$1L{^7$95tG~>&tfdH^xbczv4V*b2@MNoCl8%UP4nxQ
zr_ub)a?PjhE}HU&ZSO~%>Ay09)zTB9@9&+JbMi9#FA?&tmQF)Pu4NaX^ai=FO%h$r
z$v#vHV~n-`L7!;bZlW|VwODaf(qqM|76f$&HR%|__($ma$D!GGeVMt+{sC9t``sNS
zHA3*e<fX;^4v%9zBQ65Sz;gP+LFHM@DRf<Jm5Y(Cz+XODg{g=c9=BFIhcm9AE*lyT
z!^hosUA%oYW5${nmBZ*%$@W+u241+>An_gSt4dAgH3kUSv=zw1IV&f|@%2Vc^2Z_%
ztAXu*($}1MDZu3E*C9ZXV=V7tyLx%BM)8KH>H;|;8sk9jP@PJ^vn~j7Z`7>(M~i`z
z7><7yjL<+x8{+0Wsx=yPt+qu#u-m94(J0H;m2>N4)VGWfV=|NdN!3`YkPQc(=$BhK
z<dRS5a`tc|hM>mUMD1cKH9PNIskF^UJF}I3s)O%!nVgzbj^{hKV{_utzh)!mkH-un
zkwe?pq)hDeG4zKW|Ds*>wl_HucW6zy(+f`g3)J1uP`bWYEmr{}?=PYLA|gut_(>VE
ztoXr72rV#03tGrl6^OA8Gg83Go0|it-aAcyE^Z>9N(qlc(roGZV$pBxBF*};q1@yE
zF@=%KK2yBQal?-L!F{=edgnVn71^**noa^!Y7H14!2rUMCRh5Ph*i2&q1_IrCd6HE
zr>>*5AL%rI^28ZM0_fD)gBIji_5_*%@aE2rQ~_e(G5y2zBIT=Tz2ApARxsP@+TLbl
z<%vkYhj7`ai>A`Zq1-4fTK*DPoFDB2t4voVhz(Wx6-vwvm-`=vnAiTdyr<G-?EY|1
zMjzUbiKo4IiQF3lTaF~msm>a(_pQtLiSVGomBy{Ut!tbg4vAUBnVOUAmag}5FQY-r
zIQR~scN7X_^&hxfSaL%U{@l2@X=hNx?^SRIli$iD$1qGT2T;jjoI-vOOsdR3h0~f$
z?-jS@#sog`X4X3JcoI_?=<+{ZswyBEzwcDd9$r%=dZ^B1xlyu_S+)?nW@&&LFKdE)
zcPg5fTSG$YHA<R@mH!sAS3K2~#ji}4L{C+d^bii+R#;%d)0n?(U&sM6@JwPEXcw3<
z)7PMc->X(I>NUz=T%q)ufB$O3RWYqPXbhkaNpm=C@YB>b=<&`j;_)txuQ?^gUl#GN
zsK%g&Rgn!q-tgWDXo30SsN3_+4OjCY<7(`FD|#x~#Q_<o)_0i}Q?eCLl5_LzqO=A{
z`L=$+Y}2tV4Xjc*KTIRU5)-jd6rjAnwIomJnT*K^IfS`xXCmDI^F(HHk(HU8DKAFN
zcr@b{#d=lxbf2op#Po~iXU==>boiZYTrfQmfPlEWg`Je%``=l<f39<eZ%eSwAH#LR
z=WpX+O8zQSTQ)E|z|6CA_Zg?vr-vz`(rJ<cz+>=y6_f3v5ySjBxKX)XuxIq=p7}3S
zslBYfS3B$F1IMqv{<JGtHd_qdJx4#b6Q3V<t#+PC%TG}ilaAW1=Cx$SG^jg}j?}Ai
zY=Nmb!46M;h>di6Acz==0kkE3yu)2)zi0bsjf%VbvxmJF+U))1Uu%-tmQZk!X<a-T
z86YT8e!#n2W^GsQpD#mU!cC>RhAo`Esz+K>=W|bpg7l|Xk)8S&y3SlYI6z+nHs{q|
zp!XKEKS%{qU4Q)<0wnQWU~Whr_K3L*!*r7=08PP->rAhThsS4+nLcc?@XHevTMv=@
zW@YB?<LJe&$MwmB)*rDa55vmOHVQS)iZ#m-yWgrm<jPq_NVN~rr!0Y^y~ofPao9v;
zCtU$sw3W%DSp7f*z>mG;22gdMs9y<zoV??0P~|PC)7{!olFDVZkyO?RWyO`qwdhSO
zQ_cP#D6xipY;#++eR4zJU@L&QpU0cTRTkG8Sukonwo|LZD|*L<P+2kVF)d2Gu7gD#
zJ%Z%l#IKM;w33%PTH?w`Uy(W5t)j3g%_uQ#pOpa1blILN1T<biaSrBKuwm^ecvHH0
zhrT#d$9wCsWx>33uy9-b7B;;{rv5~E$C2<!qSfnO6BnV0KViWa1p}HSHN%12*d%Z%
zrn-FaCMOXeb%DZi+8PmSD+779+>_}ZLwJ$gZKWSO{%<|(Jq#+Yz3kHNR?k6QipKf_
z%9hE)?<OgWlTCmI;cMPQbo=^1p+ph0p`vU&&8iJyVvl{FpvIjp5xEi9^)N<Y)x=vQ
zEU!o4JQ^L4l5d_<Np;7V;;dvaG!?xlEkRbkt&U4Cx=ye|t~1($0uZj?LX>H3G9MO1
z4bzDt7T*;{*mmO0YYM~3mtEuiI24geo<{urr0f2e#k}j>ymXwNvcMSuyY`#us@)2|
zGB^G2AV{D}eso6pG-2Lt)UB$N;HIgPP;?wRg2dB;mR#!thoA3n_x^HpMKXq)(C9eb
zLvKuHnk&KX=xEHQAR;!k#H!DC0GROqvLttUI1U24Pq2O-FL&~FWLrTvvQJO%3L<Jx
zk3OUYnk=VjpqGEI;^pgJL2<^Cwij_icDCj51k-@A7~4rpjZS=bMm#6J<NrAQor#>?
z+a>n83iM*7$U+wj8snmT4&5fH);mS#GXD9e%kt-NJ%c0+75R}@{FEK$QpFlxWBj|b
z*Ww2~&s!ZbwOdG`ia^37zRRMmiK8IK207Q}S~u(jBrojEYa*@S4FD1av08~*f}itm
zbCcGUyKl@j7@Tc$yV=G<JuX`2+T3|q8Jd+I*x$ztrFoi3z4+zLAig*Oo+gmP@e=b8
zpNg&o7SkCKiYfJ9i_U=h&_ICH%QY$ZlRC|S5Uzi5=~E)4%x_LjH1rFhwY#4|OM2fE
z1#t5`|534ych8n6_|ihu1*8HgPjyAv|JJ;T9>^R6%d}u?9?%!_WKMj<M}EBMhVfSD
z3QY4Ws%Mf?vL8~GrRuf0{XChG3lxo?Qb0z|<g#&@Kux1DUnh}dt7~Ll#I>N_v*+dS
zI`lxdGDCtOwP<G$EELLf=mv?_fh%){@`Ax|EB-lUSUaQz9TdF>I8=iBYzeP#&j%LN
zQU|SytI3_utYPs@c#P}A{8D38`&?0-gkQG;EOp}wYax<HiRVisvFf5ww2&!3S$keg
z-ZkB$UE$d8RxC3Apf&dAMeLc5blLZa6l`YU2kxRNAYI7sg`Ec>{|4^!gZ8OQ(h0j#
zl;=SesS8v*y3l|~H3wK7HhtcofCBJ`{-<BQ`6o!#?Ib?e=(5t6B0}6_O(jDF`aQT8
zb^Mj6Wy@U0!|l?H)slFJES|H+5rrM<bW*1>%7`v!n11&1O=8bA${$8>e*@se-$O3J
zy(^Ygd5vTNwqAiuQYBCjH3J(a-yz^f26Eo15TIn7eTkJhAq_*7g$N~J`SZlTDkPP2
z(&SUHn!6AH^+|S3Vhf41<Bs){{rXgIhqIdM!|_3v^g{N#;%lo@)JG-d^{$zyiL;#e
ztvp|2>(h%>wI`Wc>27S5n4DMTeQ(5tZt5kF4hrf_Cc8hqD6N7N@@1rN?KTDaYF1G7
zr`T3t+$Z8)Pz2|H1SE1sef<P`?k4mJNI<*9TA<*kl^$!UrhAo7sN8Pf2CMhMBz{fL
z$GFLGZt<6vdt3Q{#7COj!fYIp*;_vvn@L(^Wdq|NtJj%AF(`s06a+I?fc;jtQ2TmN
zr|JEqq0nBh1dpFkw4Z-a$SiIffcY&+^94EPi)jZgPDKZmxV#ZdyW?qQ4htQSTiKh#
zokU~pmk!~F$c550UXg=JH(A6mvS6Eyvc0k+H)kdA7!U3~e@u9;a8!vBFh|$<X#Z3@
zqUv^a{vx#TT~gL-SX|xoGqcmUGh$h^<k;<nPLR80x#SSG%0%Sr6^pBY4>wS$a_?Zi
zj7j@`lU0DU6>ut1iu<@Brop64^7G(a?|W`vI;Rxn8=u;6IAZla1<SelvmrgrIdyi?
z4d?PPe`JHqvhGD2^5El73D0bQs9HibYun2PF`0T_HrrAZduD#C<aWZRdpeE0ypoiS
zBLZGfu{vfR4)vF3zfie;S@V_AySqw$cd<y#Wq>~r<+<Ca))V_6LQ}x41+1n~NKuvm
zKLX$McJ~;>rJaQD1bs{r)D&ZkyF%R7ZbgnX%|t?&ZS12~wx)Efwm9htfp#~s8<o>~
z5e)$Iy3{?70%2rlX{`$x00n)L&k#;KRx-x<>STJ@wTLyva{=V5buxV*h;SnVc7!TX
zeY_}lo<j)-7tB-#LbAl-cDNn_|CKEsseyR6w5eDg+4ogJwuOVEF>raZ&0$bnQ;Bd+
zg-?OLUS3Mh4>y4<k2k=qdATmHJB2t2X>0Ug<Cn^T*^g8DhX5(IvYm&Sqi#-?obOJE
zCAxq=q^R~Z9?v43s4;fAYTsWc+Y@yFC?GGQ{Zni53_IYYCuzPk0cbIT)u)Y4dAf7~
zZ+S_VD|7(-*MPPB=lof+<QKsS1_jKnT3ly=--+omB2VO69<l{GCRi&bpsltLxa^Bm
z4q6I3=G|NG10FP)dEwVe9nO9;yl~aq@fII}*8j%#0xo0(7WOI|AR0m7R)mmkLSiJH
zWCmJsHg_K)!Q-I{sIwO%L%V$*_|2rY@zz0b-`Y$azrfr4nZT_SJQY+>hx7cd%zxuJ
z3y_^zD9|HqylhL`Y@b1|^j+1_c_IX7r>7HOYCMdZtd!0<%TwlV=4ftMZo~BMv7Q%U
z1zVZ^djINoks~I|38m`%A(m=S;b-8BqR?g4`XC!JDv3(B3b`nv^Vj+JAGRMMfzM?A
zH&7zz;IvZ*Ff9pRi3kD49?1bnuraQQ&82l;xwp!uMM|Zv>PTCMi);&TBzOd!nGjh;
zc<rmu&Xd3D%R6L+MmGA|l5@`Pf_DuYXmItf+De(;!A|8auqeNbvB$e*V^G3ba|7oK
z_wPA3Ier_8k6&sgKjTY154u({twP}5#YF&oSwI6{XAEE4VC#{{S3moBQA1!>6t2lC
zj$^qg4oW;DciE#Tdmupx88|?tdcCQZH<KMqy_FGI#D1g=RMuVi2;Zd?2e^GzkEHid
zKtZ8%U*MB)AL2$^gJGNnKI<OG*+|Bn%LIZvX|g#rhPkf53qi`4lqe_=)5ji!AtkRW
z+f7G+9^~{T?rW2%1SD_gb80#~tcw)g4mDc{m{NfupBf}^`2E$mezoTDMF%-C@|Qn=
z`_0<Gsds<dt_@w{PT?Cu3SQupc<rWDgY6q_CD<~QNAR8u$Mc~${E9$)3=lY1NwZVy
zamu{6M`)~iyv@bh8})sD;Fr?Cc4xp;W3vByAJ{sz0Ny&6E+_HVKv9S&2@UKZ%zy)F
zSfEz_CN9A`|50~Aq#s~p@}DTXI3+XzO!6XEBK|;8X1o37hbgLm{;|)NxW`dQ%$Qv8
zz-ZnseQCqKT5Eyv&=h^)oEMKDT_9b+cJ@sCAmqMYdDnHCUA~|UcU46Ni@jnNb@_o%
zYVG^Vbf4`~a_3)F|Gj~$6=dr~*uDnY5`-ayU0&}Mro(gdVMlRTP?N@o>fAYsV8Im-
z_{JCCA178$YeTpnr|{7)6|M!WWzaQi4dpR#F<P7sm*3wXEati1$4JAQW+fonoHdvF
zNy+r#oz1|Cu7|_vWZKH)Q+0#P*j-=LX2oB)#$^`?9vyvsBz_KkW)#+&PtN#DmBeTg
zx7AZMuc)@6TdUE-0X@2J3Hog>`Sh~ww41=T9UI}ukv~Ko^j0vnRsc<eP`^)d9*vkA
zJ}bhy3$jb-Cm~i8YYW7;R)yC1+I2@#19u_sfH=kYQH|E;OOa-_A8pNF@A#kX=_2GK
zhve~U^Nj1jMrICIH*wAIxdsXvC+@;6QI`8c<L3(|`EWmo9Y`51v{&$$=%|?7{7&8%
zfc`VY+F4b|h?l64mT?c>q03?}QI&&aT<;v$7dy(O2^0EI?;)cQ%s!<UB=7!~oCiH2
zOks{lT**GkR!DChxtbqJpN!%@P97y;oGH*hJZ%fbMR26CCcINV^2vgKFdLQj54+TK
z|LN*|!U=aLU?kk?x#v;8aN(ZGvhr$c3qcvgHR<Vw)p-IspRElVOOnmGG(Bv;vqMTD
zU;ni1-FC5%P4E~n`G`rQl7mbw*Q(P5lRZv5Af(%r(z+KB-r^(g_jinS--2RK(eceF
zBx*nM6ut1y)O`#63CrETiF@_|s!(^QYvr!mH*(B^HD5V=<k$`SL%)kFSNo^Pkr|OO
zuTCoaa*rdOT;%)C-8r~B$+cP(ReitL<fIyXsX~`1lT@JXhP0Ejm#FyZ6IG)2Su!Mp
znP?8!d2BD2HD+j5{tyldas={Q+$C7${GiLsBrJL*0?DO#|4;+U+std*w(!|sq4OGY
zL)OgXx}LLx6GF7J2#(B6vFt-Kr}j~o^@DIJ@hua{jOi^{-r`|I2)|$bjCx#ortWfJ
znAK3!V~cRdGB(rS7VhjuqOPBQ0J1k08UJ^vCJL3r&mkqB)8M}7Z4Y(}p#9{Jg}EsB
z0n_{LUz&Z5H}okPiz(+myCa=yVrd=FTINsrFoZV;dNuCdg#Rs78U(%-G(_jY+EYx}
zlU5*9kUjz_y3U=%r3Cr&YuptE{vZta`~evzQ#~|?$|vf~AEyc=;*P`+WGbJ#VfT74
zIn<xs#o7<)O@qf4_+he>kUtmlQn`rrl~F3h7u0QR*9F+&3xY_CMvIi)7HIL9r})Je
zyCV$x=gl@jqSW6oB7gECJ8aBzPGNP+#-EkBg1IHg*Zticl*7(<_1*l==N1$JAzFJg
z2w%n5_f<|;;JCP9R#u;g+W6~43n|t>L$gpcKvwnAp@uMt-uvhfE_J*^5C#C=I@;j8
zyI#IyL#qT+_*>8<^D`KR&yXe#Nz(6syCZq<<+kGR?uyjBh>i5Le$GN@zzCFD#!Z1U
z==+5O{g@A*c_?iVev|o{Lh4vI(RZA+1hqZ*<ZE@soiNFQFJpp0D&)b2uG@U?F;pS_
z>6}8_amMo&`ytGrPeP4)9)Pjmi!^zs{L52<+RtR)D`Bt5CcJO4Qij*_S*QV94v2?4
zaBI8+-?P{ch;cWvg?$4nS$YEhtRz{G>0xMr>AfWa+pxv7PZWfYoC@VI<VWwN3FjUe
z|5Qj^k>C8yd#Kww?4K*iTx`G1N@CzCZ1oI9Eyhe+aeP=Zy7_HYi|?>dQi%CAq8!nn
zOc2`90D4mxd#oiv<6uL#j(h1SEXjyBTC+X6vEiT)ADRQqqE*S$G-F0mZs=I!c^`bc
zzE_pUgipW9!ZaT7HTr*#ta3vhITwN$#0<2cdK4_}h{=iiegaJsp5-H?6+5u!L=ue_
z?3TLq7D4$p9aUPs8O2BLk20Pg$*(Uhjo+r5JqAAV=`&eXhE>k<TYfwU+^Nx!29YEK
zPvi6~M$D_yFg{Sf#?v@(wbj_*!e{ZRsIT3=`~3&Qg)`&C(*(1#PvlcXT|}TDX17kE
zSx$hEiPW9tRpqpo6*g{zoYMXXeBwU@p)t}7UMXF2QV}pa3^UD|IjgU=bdzSaz~7Q|
zn&`JGIGzWr)H?3TK~)VGT`aX;WV8kzu_%_TJJD?-)-ITf^hLUwjO-W40&H~bo9TW&
z`hvOZ%Jebg?;PcWM$Y-L*!;~b)Z4yu(k7XC^BrTHtL_H`_rkT>r~=d0aVk0$tg}hU
z+pNtN_BAO#V#ha^TkelwgE<_wDEp*3-$A=&VfhV6*YVtErqMt@Z5#CGL6?Vav-g4t
zB`noTfSU!AR`t5L!u=~KgpXS1Ci}mY>%-JQiz7#r0yLRUEPrU01_T1YA~t0=aBU$>
zN&d<!!YglaBDx<LMujc}oOfHRqiHrKqOCa^J*!xy-}ysqFu9OlTDva$fBL)6`FYWM
zYduMqy^xnv<cABMy&n$t%ES$H3X078lW7sfqxFl1*}kahn=S5m=F=Vi$mZ3bbOFcn
z-P5x;f11rS0?LkNFq*VjpX-1{#4yztR4sm8F?ul-q*xo56FPu+=%;I{<2*vP3}Eqp
z`2Nk6WG=KXuP0To6}E~40q_l0-0WTA(%XH_v?(8*?U@~d1K4AEv}fo?(1$Eg4&9dB
z(E}f4%~+RG>}U`VxX+bndn#B>(1@isXR%HH%a&Et!}QG=ylZGTi5o&XA!80M)p))S
zLMjABs8R|xz)<zsSbCIUY^dP;zjWERrkhFMT)~r7*WFc^yAYnLI(U1s$hz<;&QN*c
zaEHZ_$NT_1Verfrwx0=$x6(#A*zu^u(sJg9nSm`DX6+4+nZwS2v-Vl@uXbQhLyQ^G
zZTAJ!xl`BYg_l4CQ390pbniQrJ;TVjEWYUwW3ej7tLs&R8X4~fh-0GCXzr2g%7U}T
zOrJ*rf>qW(W1GvO3&{jj;3txw0srbP4QpfMpwZ-F5*NAps*j}*(gGWAtq!YJ$Zm`^
zDfvCKMLzhH5Ok%~;aLS=_l1Wyt>_8}qAQ%1SOvUX!`!@EUYU}#A-uIIG$pmLUETPN
z%Tiy_Ru{1S*TQZA%$UGs9TI%DvU|4l@k|hG;aeK*p<m*sS-y%Xgi_fR#S+h5>)|H<
zv+-5O9}P}M-y-%$$xi!e>_sOyD=E=WCx`io)4tt`jXbBQ&+%MNeeB7@=UHs0cBu(O
zjJ$Ty=c<0b`0?U_yO1{!TJk?u^Z-x!mlbLFP&MjwZg;Z|+;?b^pX2?S^tSYnp@kHu
z(od2%K78H#XW+ef@pS1)KeO*~=Fac=5VtSLNwkj2TzIz%MXRM63cty1F=N?(@$a!e
zn6ek2OJpPV_^6SGUvrIasBdb9@aouPL-lPLB8IymSd|66GoT6(5w%8q%CA+if7<-i
z647n<KgEEpl<Tc{vlMJWbLf=NuRYuO&pp}kQtW|(B~OYcc^c@!^OVZX>G0-zi8#a`
zdROw-!i36Mo&#RnLNGmNb->^Bz&tOU(3CA!nH)jI@&^1<IeJ@qvkboHeAf`2fxkc=
z2R`%fbnSSLwCPx$z|%$Qa5UngwAUe7pq7RRei|!Z!gP&+rQjv>txqcKq~6cFGJe1N
z>tZ3}<YILHd7q&pl)qP#PZ+yhx|a<hfl$jLIp%yTo1zt<?d=!1StFU|<P@AchP8?D
z#Pz|9_wop~VKzDHulek5_-TZp+A#3<^#|Lp2HN+5edOC$)2bx8)KC&C#fcSCA)QUf
zlInZYNP<gFKMgJ>LXj)BkN3ct>hD%apA;)alFQ(L5UqsKjV0YDN1Us)WO<R!g(}UX
zM<`m{leDm>G`H=dVFvWcrA4Ie)gE>>lN|ka^Wlcq#gwe|)+3VQxvOM=x=$KihB72!
zz4pLw`i6j*I&OKA8YXug>&fQ6{?&i(3md{Q&^Gkz_99RyzA4`xb(=lWph;RRGw1pm
zy?So^qRXk&QDa?r*;`+t1^Du5&HZzO&7Ga*I@z7C8r{A*!et(Jd0R#vOmK>9&^KO)
zDLPwHwSYsBM2L7ec`u^mX*Mh{H<}vSMkXKMG;Uba;-p~JJ+D4k@VU|9##E3k{vP`S
zGlm4L<&wr=BKf5#!xHMaXy?F-qRP9__=hkX%H2hI$kE6dSiUD;{7=FKCy-)+R^mov
zK&pkCy-eKl_H)=MK^UmE13(ui9JBiwDjqw(y;C?iR-MYGK=i8coSDoq4H<PWi^wZ1
zv_m>S!m9h}Wc|Fl6K<9>&fmOyZU+~OnUYW&Us@a7T=`D_@<wDf)WhWT+a>vQ6z;2+
z&enD`3-X}F%4+@Nr8(AWw10xyQX@w5_rS+P$kM)uE-@oCx4{onKSBg<{zs@W(i5I2
zT@qIGA64|ovR03r*9bg2jyGM22``vgQE*K}Wk$UpP}Sz?WiwpgT5*)|$PIrKND<C<
zt`xZXH8`<^y9}Tcd2eM<n4z*^^S420g_|I5r9nq%)c~+}mL-J@)pu%wU-8#Jpxmg*
zr$%<=Cma${L%~h>=WM(jtr`rBG$Qsbx!QtzXt&HGEFR#2B-q=X06*hZAYJ-+_ngf>
zPM+iYKn2(QlAC*dbx+W8KHPIBb$#C~zZ;8I4&k(N*O0N`hu)cexUJL6&t?*KTeXO7
zEAR&bXr8~3sP3b00qfo1yqxv!%f|`|uvP8|I3*{czD=go-r%5pqTu1o2z`sUNDgy_
zupKYav3UNJ`BcIg(ZfEax>I*;K~vHJU0H<O<!|!EFs*%F`}j;Gw6PWwx)1DUh@b=0
zU|R$(SC%%x<qAh*Nopc^IhFn`uqWl_2j{H!M1#Mb))jS>RO2}EQpH(h%snaky&2#c
z>U-#Mqd4*|Jz4)miZB6Yq?13$f(*Vv4Inz>6jc@MI3nGXp@N^%UQM~niex6`5p4?T
z@h$${_)8bRhv00zN@!;V-pFxN0Ui43FK*T{ESy}C_eW1lmb{Nm0eUzH^bFg(JMF{A
z>hauJ2`a=cuR>y>#T^s35~R;WYNkSN=|$ZpFCdqsF8P3n0SQb|6(H;tTq!F-+L5{6
z>@ZOYdQ6;*&_!M{bYS;7v;B;*N?Mj8z0@u#T=7?q3n8uPm$8KvoSARAX3$hABL^pE
zELUzDp#D|_J6vXhr3;UV50b5DwJw-rNf*pGG54a!KXKyNs(i3y9<b(}ch&+;$?z|F
z41M&yC!ujK5KL*1UcLCTx4t)Q1SA;*h6<)3GL2LJIDu-pmk2ub0EbRLk##fDD&$Pq
z4H*FAU#W1itK;2ILSt3vD05}m+pPat3$Wu(4p}_MX(3T5vK)n&JLXBU;6BgMd*RW_
z$+yeOzXIIty0qk=d~P$Jj<48krYI>t!cv=8cO<wgc51Gkc(TvjR1yYiDez-;8$K3;
z2XES+@g0JqZbX3I;z{ZX{>%(!K87t`)xs)(*uJi3u?PF>YuQ%<{6XJmBMjD?X}V@m
zs7t>OZL{(R2BbLkjG?ZAQiXD(BEisAJqqsEH^7GXf}K^50m=wq$~<TUrjAfe+AamB
z=vMEjF|-KQ`7zyLnEHFkM#tmYI!v=FWMyhwu+aX1KEH`1&FdtVRn%IKp*^_Uj{xJ~
zSC~5hTLu%-;8fMA80IngjOsk5{@s9(p9HLx9`akB#y?Mp5hK>MK1o2zfy1qH;cd3O
zJ=`(AB|qGMn(E+u;isdf-igb11ZC!c*jsl_iP+yjci<)WJjA&Z<95%}7T|xu<GJ!^
z=a{Vk)p}VvQ8R|A=%=pr6B2KdN-zzd%At{dwiBlpt6!RR9ex@>{1<u&+KYvX`&9xa
zl>q^hfA0<+gZ2>#K%ViFFi>C6dh@I@45I?;tAthRKRR1}w`0YK0X7u02{^LdynRrD
zeUuek$3H|}FYU1QOQxq@v?%u><jxHrnU0*-l`#&T1)~N}#`UgGB#Ztn!rj&dv*IPr
z#E^nZDSUF^Q1idaGP1|SXEsn^6rYC(DZ;jD#rE0akfZ!7!ZYxQ7?K1@q{5}Mn5cLt
z^P@tfv$(M`L?0~NqJwWI$CZ1(G9^HfeAiANOJHG8DB$5`ab|nHs~rn}`(+F!u4?6!
z_B^PY;j@XAO2vLxGLhh)c8>YuI$9=>6mc0pW8C^ux1dTQA2gg6x4vA;oKcDB@@;#9
z$4RDMda1W2g&eQP1cFeaR2B?*5B(Gta;w5c)7$`K58YIJh-R@nxkG_?TXKDs2qa;C
zhcX^2N33bfSc>(j(b?>x96J^d%iZye2qbnwV9mU+Jo3xP9qQ*6!qCawghKrnf{gXn
zt%l<f+})?OYp}F?65`SQ$z-foo*5P&M7*ykB^4+JZX+pEogytW#afKREc#kQuFqYd
zf);C`_`tRO6N~bTwb8#WLdCK!)P&g3DsbD;yx5(Etpy=yL*+t5z!UT1Xc)%Q@7oA7
zt^o|$aP?XWUQEd>&eM{*kq2Izje(S7Ny4s^lVh8_d2Va=Ba6Y`mR)O&7z8bcZDlEy
zW3*PcU=3CDz981r=9dk$KXoHKa4B+xLl}h%Sfqj?jGVu>1TSk_?E!(TaArQ}m)yus
z9g&F#@m4exlqwyVkkkT>gkTwsux$A7U#yk>(d)gW3ppWH{6k0w^(g|n)_sGs^2|v`
z+7GHilq^M?_^zI(21g?y=F!yYX4z;?KDekArUD;#qjfsnOm3<3rZYJtM%m`J@d}7W
zQhesxz`Sj)nrj#2*V5~PwwjK*Pt~siF`WncvvZ=PR1gtZd0bKn*w{}9m||)!@OL`e
zeDhrN0gDYblIecBxKrmZ;um&2-LjwGTrYqhnpA?E-x@=T4_zD29_*pV(O|=xJTVam
z(H5-o?n>qN1$2d?*pcF`!2Ai>eVk<93wlDF`wTRlqS1=klyO#7H8KFLn$r@PG;Rm=
z$a0x9-Nr0ocL8H#lW49}4`m}--l3dNWs%>g^A;RNLb_XJD5F1kD>C)^CoKs60cX8Z
z{kZkm|D)=vqoVwtK8;9scXvp4cQ;CRH%NC%r$~1<BHgWobm!8Iuynku{=RtLe|FDd
zFXx$OX6|R=&fFn<jjFa<#1@N^-mpY@6sz{c3^x2_7{5{_LDayz#dd?ldPGw<6tL`R
z-a$9*8n-o~we0=2%u~0{hn>@>y%pU#x`9A$>kyL(QyUVHvkqd5F=+6iYNop!+)`B~
z|D8ORbC#a4#BI5Bnhzc<gLCLm=y~7Iy<MC^E3Q|r^gD*T%TZ6-W3kHj7!<JDuK(65
zqCQi-g$o?2^oq~gXBE_?9P|8AMje&pH)_C^$oIe*=oJL>vse$baM;pAKdVbUCzMBc
z?}c*!YNRm%d%++#*1%jYE^qdZ1e*k_VnPwOL@FAFPJ*VN?nNTBAL&bg@u>`ENpwjl
zw)iid%tC1l00!<WSMr<15{i;&*rI5t?g`_J|40dR)1vk}tSDoUlw=;y9$(BEZIJ5P
z=162`RcSt?c;45h$QeC(Zt^^~SDOY;?y)H5sQ~&crsfdvc+){d3@{_56>%G;q6O&e
zYsru$CTrO1){<Pqr+V<4@_&*TRZ|ItuD^?cG=KG5BG!=%Qxzdb8MZ#}f8_T&!Cy~^
z83KH^Tp4t@o_;_kSCM!9RkM5WHj7)SP1ZIOLb3S(o%Vd`$frFy%<k;T1&P)vew85;
zxnPj(dbDx34-`N$C(@cb-O>+i)+7gXHEX{SVuD8hC8e{`3Qhm`GnmZ2Jz~07Awm2r
zEt3Dg*uk9dT#Fa(xjsTCfBhn@(ZNTGlPFFn|Ke*}5efSnO*d7|jyOTyAt_%dc|o_P
z67x1$M*n5Hn%W1%0lYl28U5t=X3Z0mFOz4_zz0&>xcH*EH-F_4$}%2qHG<I#MLZbQ
zui%S($dz2C`}iGY*QwsnPd%KB?l50^Y+yw-6ZxNi`R3zott%R_Icl$X7l8DCn$kP{
zwhoO{-pRTTWsSojY3$~Gmt&Bb^Cdb-*W&SaX12Lal821q$3sx_Z`ireTj*M8a1RV^
zi3~_W*s)UNfQjlCY^SrOZO+)rqi4)P!MeF-@@P)x4ZA9Ci(WMiJMW4gCJ6$kkqsvP
zU~sjvKj_L*nP&AakC4&YBk~jE)0aM>zniq1{{Ti>en|-?IGm}F4$4rvCNhpXMOUWS
z8Yvo@vbhGw4^h(d%qv-^+%f=thSd%<>~~V~qvNSLViWSF(0&g=sG8DAgFS^K4;C^Y
zA06=<>U~TcY%&GZu~6eH!Ck^-rE##Cme9sM^j(iE+Rcx7j{3Iv+G7uQ5Z3WRhVi6&
zrVh?wbq62aK&BDkVRaX8R)P&mHS8CjLE?Nq<vVx)Ba&W6{+4L9^Zio;O#&srilB}R
zlQuXw$qG{{(%}7s&R4<@5ICPx|J)#+0t0>wgt+Ck#aVPn;`#2EdKgADSM8%KqAJ7p
z;wa~SE^#7HHm_i1<1d8_2Cx6tW|_+&&7DucYkN}n`cR4se!t`Wd`;>HmUbjxjhaHa
zycbfW@q+B6WfQ!C-eFV#s{l59pHzcok*Bofd>!MlinA?=&bfnzC!0DPWJol)cyZ3M
z{s<Z~t?nk4aQtE)5#^AhRpjrHCYn|#*M7{$HDa*|PpU>rc`^mmEF-%B=(%G3C%X?T
zj~|_Ah)FYktmaI3adu3QXngXl?sDt&yR*Fsw~E*4l9G~YKdrveZ0#BPhF|P2H*tN`
zo?IgHs3xG?m(p!>*mb3E3A$vM6*u~Hh05H#^c|wb64du-x5SglI5v|k(@U@*Ts4W~
z7P1H(on#__Jx;y&_xMQm2ys;mCmqr_zhvCLBFf*F)_*7pgoP47Zbo`1c`fG&mZBAX
z9uQStuGrCvbp8M*XxJ2B<@&|3Gw!|Em&UezLvX$C2QUa{SioB6b&~0*&$FjsDY`i%
zZmWZj_RB(@dSDv#ILTGq4aL(aCw@U}Hdir{Tu<`TUt)t)ZL&c5t>pJd6d465GwJ#Q
zG&x#+YQ??D4#2*EJ2GG>voWO_ecYP6ts7`n-|q<}73_`}Yc9!0$~LB5$py-en42`%
zDRz_@!3nwV;Ag~&QSH<O3WbuIXGFhBv8;1T_~V*1!D2)dbTy!Qr@{Aw`mkLS$B2|k
zs*`N5g^T<F`ekIB^$}X&+g@-wDw3q|;;60l&H_TBR0K3A;c{}nM>sUeLVCaPzIG%e
zi9P;Y4@(!B;Ww4HCj7OiJ+PHrM{o;V9I&4EEm~&X5~*wk0};j1!7Uokd%<?uRPmlm
zVBYP>pr#2e=i{=)g=2kWL$+)C`qLL4WQBX1;h^<~crLFMpiOX2rG+}Im=N+KT;$!c
zk<jN{kcRD3d{`)e(xYDN%_iCJrJ-qNFd38>bz8tjl?xVTIe_B=lA%fve8J3xB4lE8
z`aQ;n4zXA8F!ago4R8HAa{Q%R@bUR-{8-!DScj$QG|u#6cV{7Y$h5F&RAvMkJjXMi
z#e<Ub_adxOu_;Hh$l8sV8ySd$_n|?w{@@R=)B0rDen&stKmJS#=2|i!;mG9qKIhL&
zJ9l(KEc^bTy{CldChUuAwiWj@zA|r3lI>c+lqX2ZV1mY@_=N&Lh9c-=SqIZ>0)xxb
z7Bg*Qo0dAji!NVx!Um$#1b(&H9%v`5v7pwGcWgqa$Jz3a;YTRGF+q`P;oYYRcST1T
zpr*03#BG-HxpOtZ|0J-Y@->ctkLc8;N6?2oO0hna@9ni)BI62NZO!)gJ@A>9H$f3j
zxZVs^?P)~`@DeAVzP^$3ZZ0q+{>LDJgU|=JZozs3x)tgvPt#@t;X9CV8u6;XD=GKH
z6;^=0=55`)8P|LZGmNc#Wp9SYb{2AZ@Qr7gP6^gtkq@3Df1Q2!%>Mymfc;zB68*8k
z<pbyEua{13T*VDoW&)*S*I*t-9f|jgo+eou-HZ3LNLiY>kEEVQgV%Vwzrt@lus}MG
zmn?Klkui<(Xp{+-K!LU^6<UK$sM0OIa~LT>`<<oAz<((VW(V2nKit@0x0<l3?jufo
zQdNA1N=A{j3xShhE6;<N!i0qN3?sLo8M~uRMDXb>r%lZ}lZrt1nBUf7Dx`RGG*`l^
zSFs+NQ5M}jk<k(^oh6~14p<p*myM7++Bl)wM5lc`C|V?ovC=5oXE!tlS}yum=l4X8
zfR>_Xvh1X@%&1@0FUv&u8i{Rws>V=P!IUc6AKH!~YFc`1dC}*7Ox6r{;JSh3)sB1$
z6lhBN1fv!7^`~m1U1fr=U~0o~aTw1p;cN5Yu>Iff9%-lEdPX5<n<Iy%%6&dfr--hZ
z?1(2wOMy<>4o?HT&$%SIDr~fMTdrgLrt;tWqbv*j{Mm+PDGihxxbByCHnlZ~Pl&aZ
z=Z`Pj&AE=H?X}DPdS8}jmXvQ^LKJIL_o3^ML@2E}JiL(w`G`wl|JgM5j$P;>^W~B{
zZ8L+9bnY6uBfKDNMtEq;i_<nD)?!lTTl1idC^9viz$c32sl64YFLcHNlh^1Sg>j)n
zqBRInLG=2bb6$=h9{paZ{s$L=n@<x$)>5QJ%MIwNsi_jl0rx>6uBIj)KnF_^^o{F<
zY~^-M?xG;1xeEWRPZ~Gly+_K->RAsEn(OCGt{s@pXYF@hFQ1>3#!s6UyN$h~+E1Fo
zd1BwHnn+UbuGy-i5RT<1*^0y#1QEr)^@5_qp;FPgEgMolkcfs?s;7v>sF?Z=$fhwX
zJFc)omV*Aru5AHz5WDC=?1H}QCvY0iP>2B|Vf7O!=eeIVM7E>jSzBuf{sKI+_TMjO
z)2wLpqsll$>^QmEB@o#DaXUs-!5t=rXmXsukN>-J0t7@~w{Z077xPoP&$rkk0Qt$4
zZ;VT`$VeD%H`ypnF=&~S1Gld&2Uz*l-*5e{^VYx<w?Xc^tPa^!c~YI^WrZZbtiq;9
zEO1azQzjz%-o?(bak44rdgXl+KagDxQy+MF=?pCuc*UUmbl1K*ujY~jg}1wYulcy5
zp&wcwIS8(<hpSRkpL3)pGGOC^D(7_n?U%`e=LWw>ZPIwdf=JkbIrp$B5%pCmUx3h#
z#ii%IB}mmS5i=()9R(-IZ}~Ujbv(?v3yJs3d?@HrZ;eKv_P$3=)h14Pr8S)_9O855
zgv<W1&>Q#yf)j0MIZ{BmyTSfSmt+Us`1aUNjs>-BYuK}S1u7ZB@uQRA9y^l7*^QHX
zYc<<Asx2EOZpy?{q-P%s=KFcpWMbXo4=@Xm#2|7eLSUb5MUnr=F)$9@i%4<b6DqGn
zyv#$#L%uxd9g@7gDhwvQKy@-r5Dj8H2fyO}t4l?4?j4f-ky147@blZpk&rcy4FiaM
zl^8x}VmGi~hi*@wL02RNF+Mj9^>u@F@*!HjB>rqVfkbCnzBk{?4Jt=}*wbiPBDy)t
z?r(igA|I6YLk_<l=HssKO^Z1JCBi{=kj2q<qOVRMuKW5?U1XIj#}m$xUxq<@YmgP)
z54D(|p>V_f&w^K};z%MdgQR)_l4=+$?lL}Cv|On``NjOi;rU!k$Lg+-t9{zx_4L}6
z&gC~{N+dQ_E?EEf@=`AsrxVA7nUwaaFv<onqlF6Krg3(eKMN!|u$CKe1zh<-P(Hvp
zzVFFhu!kD0k8&=nSvDjqw4tm%XhHVY7c1N^+4&T!y|ydl#!(VE<v%~KZq?+fou1W8
zy-VFz$^2^2<N-}QuAO6nAiz?~Ve6)xI~%1VEG`haP;7bSkjr50<vEGR$)Z%?;quAu
z;q-~|7@o7M^<7j@9M|gl$wh3E^9(F*)XiccsESI0dU1=8dguKJ))^En_ONgZ9C8}5
zRH73S^R6Cp?5;-VXF4W+jRgQ`jq)o<oe8Lpx1rI3RA=D9RP_`btM{yPjU3z`j#i4J
zQzK<*xGuO=9a&*>{^l3-X^5+zHx!iA`r7s8)2^S!>9+?vXram)b4@6>N%IQ@?z78`
z92n;7-HypV6~05Y=z%BO1yGm@!ULzcKKClqDDQFzTOBO6NY!1bgr8B*suP<g`mChw
zUrU43i%IL3!~5JzzxMxenOuo({E)w0)<7+*JfS%$apd6Ls6EsTf^JB3rzHBNZsM`T
zl>uCgfm>N2DCe+o<aVn78}VdmI)F89?Rl7(3baJ`T(O;B4o~4p@pf17rmpDlq`oM}
zhTf8>oZC=z&wYM0$zFtZgOxn)%^5rUqgn$@$_JfE4DL=$zCzmLKbqyQ>PZ+whdhe*
z-dg3Bz=?(mGK+UpHj#q~j-S0Md^eNVW41q~A4uWrqedQyjIckSdz%7wYRKJLs{)RR
zuizzwPj93=)S4kUwLS&^w0Uv9dH*>sMXI5#)Hj4sQ|Y^BgT8NYQ}pNxu2l8)`h6FY
z9JGMrUej`0j-UHl`}Ubo&d52EvBUVIv_>T0K41YV7E(2bpp4I9Y3%AvCiImP7D~z~
z-^ea16nt99_sb3vv(S+D_@PI2g;V~rVj2?PcLIM^H99ZFRuKg@1pFx@N`WDoGy#92
zuM1G`N|us02ZxJm4uPgPLp*-&Fz{*ghMHU`yx%8l!7kDpj1$;~Jf>ftIeJdM_s-ML
z!hU1ChrEC2*|uJDm9$PY$$cjkgC4WLxIxUD2GT$>JlGc>g2zj^b0sLF!y)}%^+KOv
z)Y6<6Ka2)x8X}3ZlEnVb$uqzPG2MUuA6YBx^PLvNOQ~O3L^i@RDylEsozxosaiG%I
zw#D?mcWvgP$P(38<py&_RGVUiIg~%|9{}$Ne!TP)`L`j|%0JF}0l`#2<Bxy51oHoM
zN{hcYHMx9VWFh^tB?!R6;XaJ)f<ejSd}7<_JZlj4jQ{$>r4bT}Nsd3knR!<~f(Hx<
zJ^#O;up8WqCC{HSE&lMcbHK=07T1K0Q-JAu1T2bx883r)-TMMg;Z>4R7{6MYDvz*^
zz}2^+>+*vRMt)stznT*uVy6Vl`T&~lW=!j*XF{v)DW0PhkQBL2gK>D|pYCrPaD`m|
zIDzlRZ|}GPd+5;yx#il!&87(m#)HAaLO=W1%<~yA_9XJi=Ch-J4B-mB;#i1F+{I;0
z|1Ai|Hu+n4aL3g-h3GPA<&~8R2ZF70mzbA<<vxTuD@hU#6Ty$zb?=XeYx^``{1ICq
zQ?jG`I1bU$Vn-s4^q*<n9QB)q^z2|BytKz9X+!oeo$}-GD2a9(A_e~v$D??4$33}+
zE}kQgc1oquZ7ejWWT#KX5c9U@u^%WvR9rno?wtk@|0l!VcB!j7EwX!%3|VqkG7((z
zso6%$@RKdbRh}R<Y~3Pw<9Z8sIs2>q*eb@ZZ_oE1Z=AeQ6v7D8>OOYqaKeK<RUqI0
z;Apfja%o$N5+LZFP={+eXjJfkOv@G6a-xa5hw|v3ko*NYRpcGPy5LUS14w5pk$AGn
z&>K*)MggGcyc|bVm1<^^YNP2A!X)rWy&bp{!)5;$3<XD=k$OI-#Pfrko-JxFYVz#;
zNa;qoHDZRj5eA<QC>@SU$P4d<$l2n-%d=np)uTo^<n8VA$cI%v@W>Cv+EUZQg+EsL
z{Q0ZDOYO;o=bToT=Ss%!RK^NaRL2E-&6MDL_%Z<l1m%4GP*=JK$jw#?@XA9#!-T;M
z=DLgiL1Ek*cO~>)^_I0}L!uM(O3MFi0_r*>@R2_7w@v6*vR9PkpG3#JP&-BD38dz&
z6FijQv%uzqJi&+c2q|<|6*@73M<&`Y_f&)Z{8BvAAo9Y+d))|Q6WEA$k9=M{UbtOV
zf_yHA4-9Wul%>eqy^EO8GZgIHn;5+LL*6a~cjvq;CpO7>2i9z$OsD?O&obW=zhaD5
zkm17Uzd74GVG00v{|CeDj)6p-dj@dp1@}d|hR!Zi&=J}8uDXi=f6=~#Zt9+n;@-hv
zzw9HaPNdTkHLNktWkvtVSTU~3JD%v$oTvtj3{IDDff*;`IJ{@=(g~{TzbrcBuA7(r
zrc52tfz@Dio~@^J(Gd_SI#@}gJ5jR*q2I79Mo4}ApOHG?p9v<a!`6*lD7dE-_4RV0
zn<>lwshl%~g6#II^Yp!;Ly7zoyvwg=u$<CGoA7(=iF=if`_JW7V8$I20EJD5iEt;Z
zv6(k@H-|m8=}3g5`AH0U(XuyLrf@qh2M;~p*b#!Uk9m_#;@~i8ciZx?A5;*|=Bx4u
zHrNSYK}xhmY8qNA{{W=m%Gn?V-;wj+{dH;>DF5|nt+MZ`RYrMPy>g*Szh9)zKr6$6
z142#e3~TOS?98Y7%liN~ElRdKB*&!~yp>^e+^R6Sa8{&tXzuf{-&DYxKzP`o;=nkJ
z01;MhbkO!KT;e_K_hFgZDVlz-d$lzr(cax394R+qK+Y9lWNd_m$}9i7WfIq$sBJ4V
zXVMIXjO!=$D9IP_#0gHTI+D4Ytuo&bF7-CgcN>p3Z7L4e*YjK8u`MbEVjm}h7c)Uc
zN+7_7z};Jc$aH~!Gp>M@us4uBkw3G8fYic93Nf-_nTg*$!fh`Eg}sr9|H=x8mZ27C
zt*sRhD}+I;AX_cX9?TgMHyJjOAr39@vWo4E$^O_k|C8hX9+*9B<02SwS(>d>1Kn`I
z@z-nOP^@W8WUPksilGiAzGE{s!_|xq=k0}7FH}Is93e{)VK{LZfXLJr`!BU4qI<L7
zxFLImH_MDUFC<)p>f|fK$zNVKqQvJu6LXmRamG%|-IM0J1Ykdg>fTqUi#5;PFNx^P
zP;Fsi`zL~nvLP^mcZ_BvVfmKIZ`R$w%49k!P63H^v}li!%DQ2D-8{(3`3klDZpbF^
z)gg5tsC9aR#KA|M|BRVRd4`PjlcL5vd$NiCqIU5#PZPa;#7i|i>)9lu>oi<33zj=o
z5)mfHd}46wFHC*oPQ}{LelKijC8OFBxRH2QG&6lnL-U2^QzE6xR!JVs_ZcywA@0<$
zSD30jF|z7OsbvSjl&wFQ9C>f*e&pK^`FA>19_(R}iuSXYUJurD16}sSnK$@#ezOVf
zAJ>FR$FwC!%HoU(_zJ=}uW7Oov;Vj=jKxmp4Bb5q0bmo&iDmSmQ>=Pa=UC|tUnAaP
zQS0kO$VyNKrNeN0{Cj%ZX`n?<O7}a^(~JGV_{oj$+0LV_?Wq<aF?Omhxm5i41eXEc
zcnNa_D%;=qIY%fImiG0XM|yQj02*JHM9s-<?3N%L(PHpGop7U6lYh3lIXHJD)&|9U
z;RH(=I!_$<)O)89kN81`l<XnhE(|s_QBNW^{2>|kSKez2$BDyNi|2!Qk0s3BwRkA3
zO*-ZPN;%5e<X>2|Mf+u=>-CUjtgzF!O)O2Yw^cDI;JFDlUrOgFWk5Grz5AnL61<8T
zAQhW}Tau?0iV>(WWP9T~C`Wn)C8(&gSrmyOu~ih9#R>1Ygz)N^CxBYxgXkyCK_Fb1
zR66fbXpl%AYt3(DlG$1Y!@@x=oc9fqq1$^CAu=;>U=3Auj^TS6{z3r`>_}-(jKqa)
zJi;GGS0y^w6y)d{Lr~C9m(L*Y2VpvG9qzfQ*Qp=SdTU^mCFbFW@PCtHMM`|#)}9!b
zMACybP>CQ<S4EzKIzP=?5N}|cQN;MO^-bHtd}P|;=P5_U4;>M}I;KRV+{jpcY2ZSh
zF(1${vGs@>MjSdPRIVXbO36Pf?wFytOr!wc#)nfWEY^HdCN)B`=s~ew{Hnz?(z4XO
z8ZAd6y9Rrc>{@$MlZajdccgWx#TRDWDf=HIP*(vXw<#WMAT7w3A+h1lXAT@5{tzU=
zKC8Gcf<B1|Sk*MKab`Hq;(AC&;lnia+50LKRAA&q+gb60;$=J8hVrm-w1lHoAl<1p
z8jpo&tf7wWk6R(}E;hx9fF1y)nF`gp)%n(y-J5b-S0>Fd^v5T*E8PLeP0DLK=U5Z7
zSK|}0OQbni6Osbbg-Ln#lKi{GE30kBp8PKampb)D84sbCyMxI>^FkGI#?r&Fnikre
zWmw-bfE5kp^5xLL)kCk6e!n))hL;gP$s~X}F2_v57tWlql)u{}(WyEbpo>f0%qEb)
z)R8tMpK8?KjDH{<D^R_+Vno}~>RvAZTJw)F2`hl_w<*nR<?GX=WZo2NV{MF}FZ8iU
zLeQ1`L)fG0uw3zCgxOOML&o&(Zf*tXf|GfzVzN}3DTY(k=jR@^XZAS;&-`JL37ZpJ
zi%__K;Fk=CdKeV3^+1Wt@!P9u%BJa*6d6mXdoZL*Y=x7?@tdt*Y;lYH+oNwzQB5CZ
zp>RP+*rV=378JRw4yDv~FAarG$c|d+P`;RmWz)!ad?ZzsO}1Zly~M+RNC^bEGaltc
z75JIMixqY=#}y0v2&x?2TfOWMk9P?XJil{#QHZ<Q>1okYT3$Umu-MH*_K#ZiZz$Lz
z2%jiL{)FFadxh{P9S{~!U_l@?!5x?_A<>)ima@Ww0r$r2dm_c;kzGx4-j(_=G-!sS
z*DJY@V*7a(kFxt9a?Rd=#%iE20mi8Gefv?0DP@oH*P(a_YM5fw((KN5?+{&F&>Mip
zZE_*HrH#+Lfb(^NJZh*odKcagu2$-NLS;W_=L~WMR-8;@?r}VtCnV?og6t`G{UGRX
z=)>>vLd)JxMNn3M0>0N(f)M`#!w}u8-Rh^JA-xJ2OK$V3Rc~&H>Oopn`P-2etYV_Y
zJN@irjb0;&b~?>g$}!>F+{l|&G27=<avv_7-jFsfML8EwRdol92_d7>TT(N{iZijE
z**^yXZQ0+0r%z7OF@ShHYLdnX>}q+)aq(^-gWxr}W+}HB8(l9Oib%g21!xW8E7qv2
z1kc>2kZ^#u*eB2wFAM|8Vukkm4|~a%81NSPB^jI^32>fru}9$^d6^wcX?rb}duL-n
zQjMkSW}eJXc<UYed=D4eIC9)4L(2d{i>YCJ*7{4%44J=quYQ0$-q06zMHVXwinpYY
zPhYXvO!;Z#Qj5Qvutnz6AoVsQBxG@A%KS60{Wodsew0)ozv7ceIS=ZExC`A@iJmXT
z&qyRejac==mQ|tPZK*LvzmXh;?_vUb_DZ%d;g?ot?WXsOh@NVSV&Sm2d<%9CMH6lk
zT6<~@^jg$<Ruk@A>#GJQDsh)qGZsCG<>!lzcz;4fQKIl^kjnpp%1o7HWfr5<LBqNy
zB`)UO29W$z^6EMdA;xx!=HGVW{>L!V_2B8-l#SnZaXWIifYsYu=aR3UXJbz&bvpB~
zPA;-^TrG(!nuou<YwcyAvQy~giR;o^0lIFp=G)QLbxn5{?PbHS4^QsCH9}nX-9vet
zhvXaRkBicOeIR3EsU;9a4^UH7sx`{`m@M4J#l$y34ZX}oJSLhL5^&U`$8~Y!cK@l6
zE75}yvK4$y$X5_#*C}yO8^7f5e!Nl;A<ML$7x#FOo|n6XETq@1`INOF64I*>#+FZY
zkrxu<0f6Go9_t$G{Lnb%f;ektR~L4ECp<2i_Go<0<ISC6{6~OtC<Rl#)H*@8y7zvy
zjAes~-Qgj{oyJz%o|W?Lg^m)?k5L>EVwuMO<cD%Y^X*&~10Mtm{UF&zF#jHLc*Z;~
zH4&pi$f2_OvwUK?Lnos29*D<Zl+j?k3eI|qC9fw!xH%L&((<)xJo`?F?<0MZNEJQ%
z0tVHbfGDin<mBFo`&h2aDyr`4mDLSoW)OK7097b$tmhAWjv+fDG4=B_$8T)BpNlCf
zy24eO3c_TgOPlw;vj?pXex)vu_=>yvT$X@fmU#yjG*Swg2}Ip`a$N|cI^gURV$u%O
zCUacPfIVe~Dbp{83)*epgU{Ul)6Za4qHpdJKkl|QblD<11;sw<OYs|Wihx=SCS^F0
zyWv_<sP{#KaxX(w!I2@UFbJ5DgOVxvY13qmpmefCCj{$2|Ah3q<%oWg@AuN9x`GlO
zu)0CrtNL?~u|)ihaZ+w96R_#n=aBH+N^IcFdxtq(!Czr{Viyu}d?|)4#N7Y5kMPa}
z^){3r;?d*v4#U9<O-)n_y|#$^6C)F0D`^T;z1S2btd+WOw&MQ<3_<O%i=kRU#~?46
zq$?z`t)ude&{wT?fojQjDfy`2F>hmT!W6hyUM)DKPJD{V$Gv~oX0?{F_fqg&HHrUd
z#4>Zql9SWOm>Dzv*Itb}xia-nw!{nX`4F|}DgnMo)0L{g=q#&e*49UeqhL&7OJ7W)
zNbUU>Hd&$U3b-=0qw#`rd!cuf$IB;XV`uw4A18j%W?ZT}ltf3nDHXf+3@ZPUKF+bt
z_uQQ0?`ZR0Dyn5EtoCdFI6L3wWp=$W#LD|CI~wZ6HvVrSuO}|pl@w_z6iRw;fDS8C
z{tJEbkLF*bw<#0yf^gE*DsLb1zM;T^3ex{OJ$@932N59+A_7`y(q~(J>4Y-oY<SRh
z>rHvMXT$9vl6i6B8>h<H$70ERFHY@0;{8@S*wcyvdn5``89eKW0~4fSh9-PSP54u0
zvtjL!z_Sow_>a-~t*~>US`bI2elPAW8H<1~))98`>xl|w>Al+>xt#kYl<pNxn@Y@!
zON_UR%!`gJv3Qf({o^ozzoBRyHxBlep{{g*)0pZ9HfjHH4+dy-ej06uvKZUaO+$j$
zu!rm$>>%hlfKtDU2ueIZt=lD{c5!CYbJZrZN)qnb+k%n4W_`Y<MJv@~3|YJTfli}S
z2F03rc?A_0`yyHz^ZG*U+D4cnXa$?H@0k2$aTCj923apD7B^?lCA|A`^cPpBFB)xq
z*Q;94{?B)NIWJ8D_fEpG_v$8-LKz8vq5TRFtqVHR$T8d&#l(!?jTFhI<_;Ur^QqO3
z7Q0Rx2BM>q*DN?m{!{zOb(8I0dRAxkE{`j<gXv-kp-Fh$rx`ok7(b9VJ(kti*Zf4{
zc2BLX;(vpi6--CWwG6!8#3ab|w9>!1ka@GrB8U*?L^N`l)EwFn$@SN{W>ahjIoFAB
zTUE~V$Wwf*x#l=Gro*2o&cB3=vc_{$U7&eW0Qz48#w;o48S=G!dQ=DXE=vkE#1aX%
zS$NEmZ9Cj3)AG8=?fcvoTJAaVqs#aELp(G1F6v`#wiTD%r$qM-gctQy>nX&WC~XV=
z%YDgD2ik(YT{%q;PvzRn7KeL%d{K_p+ccASV_}<ryaBZJQrC5v)LX&N46xdG8!_O}
zea!(B%2u>ratcEeRlrfAIXcM+!d|gS#OKDad0&<VgiS>2;(d`93Rj|oTy7sE0U4GE
z7l=*|x!<}o=cUGuLZZhTv`?(b2o*~YtlBVmugo6u_}(dJe4e#$6Iu6^;O>(|bl7Gk
z95Y||t5$>DeOQ|aAH-Q~8A}GiOefLpiR#r$6DdXF?-e}Rym0^sulzymZ62zX&@x^C
zX%-6=o+5%tJ~mr)*)kj6pt#8!6N7MbjRQB}E?8v3$6C`hA$Xcaz0yA7@-JRoi<;}{
z(BJOWgsnne9Qki7F1tSJn`-XpAHEz*$UGEaMF{BS9SjnkbJt4xqCA!f;A?>@*FYy@
z&4A|jApmRCz>3C<HH3Jq!D;b2^-sxPWP>S@11#&p`C=<xqZ5)9@8<Wel)5p8*vKFA
zH~Sr_y-54AS{YGJbGkYmXs+9Ya!3suPA&{H;9f+pZyu~W1dj&pYS*ytjk0O;sFy;^
z<KpL9@VW4%yB{GODj(*~+dl~Okgs7#91z`JGuM_8>vv%<<D;3M9bbiR+GVWR8@|tb
zxj)~xO>e05N^}gs4B(l8`BHj)4OzLDbG0I{o8&lYi}n|do&%E{t4uGEgF<YYHgId%
zqFs<+7m~hrvqgSF7dAWo{quh|oBceF2o75>GNj;s;3?R8;Z$nfmg~Ojn*6#v^Dx{M
zB|Qw^w?(q??A!i}yWjU6yydI$r-!bcGy88!N(P$?M{VA2KehBzgld*f?)_i7@>vjq
zULF_g&X%OOxutx6vTCIv{srnWOh-qi-kz2Su)X)(vEbr;&C(PUA)2Eae!83-I>*%k
z!7i^fIffE(W9z|Xf@snUwC0}0jPR4z%00@AZG)KXEKAW2zuLI{kl`=N-}vLr0uc_a
z+2e{l8fe6Hq$5Qv-hsCEgyhy=b(`Zx!`_tE6(@0Gyw;po-h#HhkWpb#lPsg1GDfx`
zi2SGV+BfkajhFtd@pI~ZWkw2DVqqL^CZ)C6nh>*ia~4uM1G^`1sW$q3BK02y3f4&$
z^T-JT3c@(B`WnDNcR~C<_F_Tmmf!}%Mg`MV>92#wOx_sd1!$<S<e3i3qZSo2L<xjB
zf&IfE))mN&e0p$45C$QDcK_gcC_90tN$r?G{wnpxQo63gZY|Ar8kjoflxz>d%FKHR
zs%l^O`ISet6?bZlsClBvXER2mcq}}fa6mEvhcQEfIy-&>sJR=Y$nt;)-4JqT)X-rL
z5`^H7$I3gkre*S&??z}zxS(%N_QuHx68^oq{0&OWzH9`+tiywW;X~}AzUyV!@!q!z
zgxzCgK7kz{VbRR}aPAh-H7bVQNcXON3D--%M|A+gTISKLX9kSsOfxTrBJb0uOV^nT
z1Df)*sXMT7lP@^<ct08fxm;O(bA}D+H#DZgZB+3%Q)#O@<v8I|D+6n1UM%A>;Y?#=
zARS(1AF)Gpj-?0ZQE;C{@Wb@(XJnm^PCEB5PNO>cuYJZXt4e&B<l$MrQq?}rE&s|W
zTY@Mf8KrMWbN|T+yTHnP<jeEK5yS9p!hIW*u)TDiDG}8(<YWj(0tNk?*xg1gn)NMU
z;6FGlCUgb3K5jDl=!$9%Cj-Z`NtX|~8D10PdrT-dhAp?UwFI+g>ewVh^CA{aCK^Hx
zBe8GrNrnO!z-CWBtA%1wPGsdiM`bq(RdH5O6Ruk<n*x`cR4XxUt7j?aD<^#fgBmQ0
zVZtR``0-=@NJftRj}M!Fr(0jy0+_)duuyi&ykI~7B2AxG=nb9BKKH}PJAWQW3h>WU
z7!zP;>O{kn0`l>smt82t?*336N&s}{f3f638(XFGftMyo7SI^?CvGa%J$zgHr7C+c
zqE%2W>(1?Kgi~~%^9;#kX|}@myx`x(faOlAOoK8lX(T)8Nwl9tpq&TBh{Vuv#z#jm
zCK!h4z10DQ|4e&+tJL=aEwY_bKWZrsj?NJkUmb{MnVZP(=pt@Gp|>BT8V|Cd4IONN
zWC$<roK9TJc6LU^Fg}5n*sFx@2%=i_7I!r1vPkz>+{h+7mO==Ey)9fQIY_{;MQy@A
zAx}H_(4jFwMHF0RHO~<lu4%+<#jP?c>a7=*Kkt!o_@)U##jBbIa$VK7-pXnd&Yqb%
z<POe<PAMRBHMI4am2D0ubXPRoMAf)!k>L4TV;_wJRB8^h$SFd8PF%*YH)?QgmC0ax
z-&nx(JU6daJ!=d-Z~?8cu8a{i77*;{uWMp;W<I8*FA;iQ{+JkAy>zcxBfOD*1eg*4
zd4AsJ#0>mp-Ln%zb&BnUl7<oR2OA=#g$$g-;?|6b1TCoD%?u}0ro8v(b1JCI6m-kW
z{|YDi{gI=hYC;B7o)lyKt$l=0UOt<}kV~;`+eobh?7wAs2=#K)mp_4d*AU)h?_EUv
zq=3sA1)HW;;|*jmeAiI1ac$PLluUoZ1l-Oma5?%iMEhm?Bb?2Z#GCiGeH+1<e9#xT
zDkW(#e`PyH>!{8&sM3-qyt9-(8n63S6E&Xa8y)%_pFR3w7KGHl)9nom0d<f{(ScNI
zk+$^WDL_p()gzVw?wc#gmloNV?XMI+Nf9CoTs^pwf;*6qX^u^Q4RB=KRm5D%tjz4@
zT42@aU3yK|lp$!f1(rQsAx#)HN`;)5gC=TwLq`~Pc)jn5StH2#bU(_JHsw_{H~y{7
zO=y`A8Wvc(9L)RORu=j9S%YnCkeU~(;=uq^(R^{8aXe4BleF3gj55;>bb)JhAJ8wa
zwzgZvD_P%%Qa0}JV|{@#-~n8!rILYx2W?a(!o4e)o?T)&#>zEkp8)nJ>Lbq!^@9T6
zs2Czt+Pk~nK-(EF-(SnJCuw{9`^Ekd^Gz&2_Bn~&&#f<>J}VhYJOrcFpHz(#H@{0?
zg?HSDyEiPw9xZ<Q*#kPT+J)vm!3KOakpJmt7sLRg4bHbyf1<e8Pgd&<uK4heIC!tG
z20oNazlp<E1{{%5hkvwoN6#Hpg(a(J{wVcrB5t5_r7Ana2d9)4WfezFTV#iJF*!EW
zQBWt?(`xuCeWR+3*5;a_X}4LgW29L~b5?djh7;DbRk`b%<;4BzL%}JU)%y=idJucC
zWlFq3&_fNs?_&VLDlT*^${^@I2J|;ZQCO@b$XA6T#SDS%O?3N6$0Ycv+@cZxWzZoD
z_DMr7Qcy(8*GD8pVjMoHD4XO(2U)(Dn9-K472ge5yO?9cUML_|sB-Su9KnU1Ixf!^
zF{wl2lXQIfzE%jNb<*mV5kI_)Zt1nfLH(1`tq$mms4{hdhLE&XA%}s21n8&NiekVW
zW!;GAf`_BNRxoY66~JNbM2nUNX&Ywgg@O~bHA6D}C<SVnJBxABL#vjBSJh{53w(r=
zxsYdY213n@=`GT(j*h?%=!PgT>U$fyvZHa@0hm_Hd}5@xeL5k1hcY}4V8*tbT(L)x
z$1c1(_isG06(6#$owfFek5))`Er3xL!Jqy_s4i~^)NLs<#87gLqnKH9NpZsEv!G26
zkF%)iE%suZlu`eSgvSZV4gx=oqzFrtua_Z-#5x3t#hZ{41Q9@Pp{TcIq{@VSe#^WB
zBM+DHbkmu4=24qe`(c6E*-0}+|M>gRtVjy%ZR;9)Mr?eMH!M%vNuHlzXM=J{m>}BW
zi0!983}eWP{d2embQwWAOu@z~`URXea2gD)NPCkMGC+INa`i-`c<exjmT4^hdcsqB
zLo>K7i$Oknwym5a&l(%T%Yj8VV}TZ}-nL5!4b{4|kD7b}x(bJZ0C_y=7If2?Pq_i=
zv67X5*T_?=^x0{?uQy8%s-$(YiHbmmF{lLx<Q=F3Fie8fqTxhXW!D*dOA&N*OO=@)
z#p2+aWVPd=jBr7fX(Z6B|Bnpye`J(qgUApEnt_qeW>)IUxH<MFXDg<Zxl0AWU$J-H
zEgBvO>Ec;hSo*6lZ;ct5-0Dzj9+^7`+aX+0WP@wX{D2YA@|XtRp|^MY%n8u;V>)^y
zv<r||vt$_jp)P}d<Iy<iG77GT*{l9abTef%Mr@#2mOj-{skWZM45vhd0Q3550Ngn9
zztRLuuSa8NO234|8$Vzz{sn}!dWTHq>Ki6`c<II$FCk+H^|!*>cJpqQXD`o-$A@q(
z-uQ#Ho?nl;PJjjaZ6yn(Cr&lkHz#ruCkO^-H{<xLD|eWF%cGEjYmd`+1}koayECAf
zOr380^N$-^b-`MpdWu~yG4fYV&I$MGmXbeBIa@)^LX)!KoQuujC*vvE!aBUqDYj1@
z-27)RfYr7}w6?JcCA*@!oF6A@PYoZHKEPE!RX<3k-G06+G2JDapP`wCdE7hV`+;-X
zhHTM53Q@q&$9^q0qC@K&chMW8a|nZ4LE;I=OouD|&{GCAMDx1248;VZ*;>#fWq@)E
zC>(TCVN9cp(nw$pB>Ag9gRamZ+~M*pwcdGx*-U=Cwfc}#x)6}Sos)r)cQ_HebbJvC
zt;nGY*{5g9IrrxUT=YUL721XyxcN`l-C)Na=ISgQlRo0tnfJ>7;tdu#hO%Hp4{Bsc
z)`FJNVdX-B19TeH21$X_N9EI?tK3^zPb4L7R8qdC2967d-cxBAGnV<m@sYmg+AJ!V
zvZun>m$B24myx*z{;+5(K#393h{<`gpZ`Oz@{CSiA$#coVnlV@UxW>#!N%!jS?G#l
z&)|D|=}OPh1h68@M&7YH;ZapGm9k+{@(%_w$~k^z?U@`55yp>V141DeW<yJZb9l;8
zp>eAcwy9u#*4KISknjUa3jdX7DBS{ISzFMSKqZw>ER*SP4L?;BLU>RONH+$Pr#N08
zFl>6LapykdA=w3E%zS)S*l)cVXpo_)-s^eDQH)fRH@-M^gkrEXH2U@6Es*0OxIZB4
zvYr3o(?TDi6!u7sBgKlvbkyJc*vCwLc}Fi+(tQa`PyV;)BNWIc3!&#ahtRb2XzQ21
zPx?f&=eavxaXQ%XY%*#jWnZG)fNX_!t#%w}5eI}%!btoG6$P{^@){#Om{wbCKjb<<
z-f*3^e=yyeV=$bZwnnzdS#spah{<_*UOt$&KXj#8Wo}RSa0!p-U^qo|xUp0*4V|zG
zn<-AwHJp%}qd*2~?gV**`%Y-AJu>|vB&eaz0+_S{LdYATAqKyPt@&*~$Q)qm(~7NU
zgE98Vh`;(YP`+{E^3~#Gs!wa5f*tWfCWvlkx`)k#Cc$wZ#l07N`B@{<(B*rOj=U@P
z7<qlN3^dQljAzdw&dI<*Bj)-LjHnzyW#aBK(}x`0n@(odu%E86i#m6JxT9;hFizZW
ze94VkYnKk%TKqT&zS;*ffICto+*g`hv*62s@WHaE1s|TfaY2?7mb6p?(|NN*xnH^m
zoJOU!GD0qgvR*!z<*mtj<2xBRMaF;lAmTLx!UyYw!_V$0)`o?_y4sv+*6SbR;51@N
zPwyMv=2^U;xz{BVVDOeJam`Z7kQ}!)%$#U`zK9&R=k*&oh2i#-j&UDFGzWx(#9GBZ
zkLV~`mtt!#jQUAqpf3V@G{vf$8yj3Msn<d!*O-=^>k7h~ZUBlJ<3E)<SV5d3%1hIa
zR4%-yTn!+=*@01qO~zL~@&AbkqQL$<%J0-4HC!s<{(d&d^&3ZyDMz^4WPTLkmQR`m
zl8A2*YPht8+HakzVxJ~mie*Hal*J0?{>)&JLzZ1^U#LxL3I<yYP2ZbqYQ~U4jZP|V
zBt-FL%aHtaD-z_xau#br;FtLUb7u2=LW0LRJ~%YNS-Tc0=xX<*5p-)GsFge21R1Wc
zM(^hKc<ypu>KoR~-MfhPwi=-h>!%cSxa5D%@PcFZYN>BrT}2MQ$Z7*;b-gMw<;`#t
z|J_5=q8|W=r;QaWhC;#})E`z;n|^bc_Z`X|U#+Yo_f3%KT`2XjO*qC7>3>|Y+JF`y
zVCz6bk^%Bf!k11a=sOzWnmU7}Au2;{i{l4aj{Ex}<6;}ghxQ8PIvyse#)w@_@Gb!e
z_i)Nsw=M)h_UzAdFJgmZX_0t~q4tO6vc)ARbX12Eow($`&{U*_%2M{iudvG;M=q%n
zxc)P%?Ki?hSF*Vvv)b>`h2c@iO9Jqfb(i!q6E3pK#CaOftic(dgWa*#A_9-9gs1xQ
zF%d{rR2ST!^*L^+w=+0x%Y&T5c?I1Z5Cf`C1}Oyk`F0GgB4II<TUwYCU4irjxT+lj
z|1}*|zG^pIBs-$m!7nr&<c%59SAp>7Nf8!n<s+5(QG4|kU6Ia$AHWHv*G-<ni8H^z
z@^7NbQp~%}9I+jaDMD^RaA!-$V15i-^dJMBj?$00f%CJPeCi9L1&2@NPqBgk<zEk2
ziEc^JdoOXB$p(t>Df56X&mEv@Xb5hGi2qeXLkMWIbf7VS+^|V#5VM&ajVMi=!4_l#
zEG-Vx&wxJ(7nyz`FE=jXh8fl%1rTs(d_Ven1O$)ptGoQAVoQ`x*n7FPTTxCs5~K~L
zh@RLd$!N$a_t$JNf(;?65pc=Ftth9`#Z2e^RC-obf_nQ@GNT54sd3;`Bwi@`usDn{
zg!n3ZLvVo=maGtbQ9ac>%!L>)?SrA&ilmBP&A~i-X~-y9O}-0#IdnJ(51R(=%fY?Q
zcPsjA0ets!D+}cv&!Wh>umS|^!VV{gaNllcb87o6khdbW_CL<lteERlmI_tO-Ycug
z2=Vc%w>^c=cCNWt`gfd~15H~OHG%8P{BrmLJb~)bTwh2Dy8CR$FB1sZ?U@@E2QVzK
z@vW*mHatu|0b*zaxjvC`L?+{ysv7HhLH`_Of;V>QETe<p<`xD0{F<<+{Y<o$rr3+W
zw*;Ru>o}tyF_?60_6&Bq|G_0Gt4OE88xc<6x^nPp+T3UGw0+gFSWl8*=g{yIFPHH4
z59_XSYVGsv-bw{UT0HMrGe1KX;*p*WNw$n|c_*U!gk3ziSovaZwl8SI6d1WdK63KT
zNSUq>nO}2QP`&LxL=M_haI;0ey7}Y>q)7)9rq0y~C|Pm%BN+RMY>9V}%>@oItZ0R~
zP@ZPmhdrMF^!?#F;WHnbWwtAcUw~y{T)Yt>o$Jh<grI94uRds95guy!Z~*Do_ElbH
zhS+Qp(SCIar0LeItM@6eN3LB#G>&6vwLdo!E*gw+Z&t~2X|7gXwhIbYUezA;g|6%S
zu{|~AT$`O+E%P8-0z+Wm?rP-oAN#v2iZwmn+(@oJ=NzK(dAlrOP$`7Hgs`5Zv=j$$
z9Cw;X&l(JLJ-4nNyhJ@2IQTt5rQR1Z+l~3WB(yg+la5mfPcVDhM_{Ao+6{4v^~3#i
z88MCkM}A_b(IEf_$Ae}?H`=dbW6-N^J}Sz4TJiXVp8F~zmVP4ebVV}ZJv=gKl~}wj
zjId<3{y&TvD<w_rwrKJ86--kz-u2_WJN{9?Swd|lYXiTKKDlPf)!SmAn=xBHV-Ar-
z`!4n=;+>ne%t?k2pTD<TVR`raj4zaP)Xio$;5|?Z9S&-0=V0$z%$Hl4F#5f6JRF#&
zvcv7pWL~&h$#24ptehb@3anwli1gMqPX<*dXo1N6tu@sH6-%V{+&O^?7Vm2Jumx`V
zqHq?znPd=eAsmBZ0*+PD);tE^VmjQz6mx<)apyQ0A=lOVZKs}u7>3M1iT^@{cS75z
zk%6H?24l!0<3o?}wvQt-%hQknD1HWejX_SQ-)u6t^x4uto#<Je)gDKt{@(tVb0Y4|
z!-~0Y7k$xxjg@?ujqFTsntkeH33fIywkvv1rPt8-Wp<I{#!(2vCyjXsc)$7?@C-_8
zl_)Z+5bx2?7at1?A%~9X4I3G{FitzBHX$%A-lS@#?=k8Pt$WK+`<^jE9z57kVRFri
zYiB};po5Gg{K30TIO0!m6m)KOYg6vF7g)Og<x4!G<}Xuau8wsb@=%sk9P$>XiGiti
z!7ZS9u9sMJ3YHB`9cza?QMBf7a%#&otl8{w&{?KG?KLixQjMMzi|Qh1x&uSkew56@
zbgCQu!r+{RzM4{>1F(|V^Th;aboj3j&7;j_*0R_c{NOWGvo_nc>ay#iRddC)e?t#d
z>4Yx_Dq9<>IzA*?%(A3vv%wp8B}-nlD{4^;sc!>ydXWXKGA369i7P4R>B9lCwQ9)%
zt^|e8hpa%QQ*QW`AhZ>yX^Z;X9l9azHxWry*XEKH0pTH)713+pKNGo&ybEe6AB!yY
z?%-OMIQv03N}uVEtu*nX^HP;%xIa-`LbAk0vZBCL7oN3{7ELA~q|@=02)ZFf!#gKC
z@(zWy^^~z-wppHZ!RxUjAzdrvMB^ytE@PBuEd85_jHytfSTCU!lOBKbb_=<lDE3Ff
zWdgXODA>duQx&v|TJ=OvKlNVx&H&2%w>q0`X352o5zQQCUdwf}3CgWFe|vws6N0kI
z74oC@c+o;};y@qU&!yyJ#GqRuo1G|Tq9S(nzB+u%m@hd&m2I?9!ppdqKUT>E-k#$6
zfSp{EFEVyM7^jcBf+thk7qu`2{OSj>4ZIx32Zh24k6wV17T8Xa%9;ss5hHvyJ!zH1
z9*$bRnN+~%^0WT0Srz^~8(w}Za<3H(8Z!>`vH4sIKl=OeY0lvJp7;%X!1h(K>?^Hr
z%s{aZ*}K?YBZ0TzlOH?Y<5o6pYo2iV^L!mb&7cj{@y6vG_I!E1W-q$cS)R6e7dCxC
zWhggRdgQFMt6>0cFhsBJdJk~2;fz{FJ}*5)I^KPUZp?{j@gDgtYtxkOkqGIoV!aMB
zIIEP`h#E|<Maoqp5Tnyr2CZ!rJ)8JGRJC4|iiD;=`n9k02+n)%9h`BtjR3|7zqNq+
z?oZ;z>_5uOHRl4`zdmGA$HjDo<!)xsFY?s7<kRp0O~;ey7wI?VvQf<nM<l-7PO~o8
zsMVxmx98Ol_k-S7OGV0Y^xB7CbHof(1s$}Oa$4UzpBQqwy_IXL8x=25==(Alls}nu
z<@=UX7u1KBVWVuN87!I-xLx_yBbS<?XlRNgvGPsd_c)1TS~F<$<=Cp~K<A17HC9)n
z0(AkOR^Bb%HQS)X_%CoU8Rm`*mcYS}&?Wk2xlEolc=w^xZM@0g5!3h_aWE!){7po6
z|186e3(?Bp9VnOl*~TiL6ZXd)#~4+0rJR(zbip%B>&?uV?#>-T(^tg<!9)|n56ojb
z`LG~JOO<QhuQthe%GJFRu0KwH^VvHEAuR`DJdFxk?vcVsLRpe5T2>=u#a@U8JLZ+8
z50T#2E)q=X$38255rd%WP9lWWyw$x<`W@4c+3@F<^%rGim>zK#q-{s?VxM<p`E9>>
z69T*~^!&x!n&NW~HVAS^F?HvSybCM*u&W%F4HS>wy<1&+DO%)zj_PcwP<VLvbaa2_
zHAXR4W3HR8|C0Px@OUXf_NJ4k<M#bc=NGjE#%^>{>K)vGh15y9qdm!+{7N3lwZbw8
zrIoU$>o<+Jn&BPqwKTWGo~tG0ZJCk;n)h2G^?FS~TTdRrtRA%W8k;v{RAmQ9dY}M)
zDswdh9ijtHJ5qG&!{6b}>Ye^82QW02ndq+`HciTk%fOjzX53?&8abgPZzjk0pB1xg
zKl(hY_>>25={1hp|M~^y@a1dNiPJQr)e>Cfm!q%nq}yb~R6fV)^H$eBOI#Zp{1Z}7
zXU-mryKXm|PE7)W{74Hujb17?d(+sy^nPv|!s&-}kh~5XJ9m4J!P8kNRt~dD=LM;3
zk8*rYkE#ZpPtHdzthf7+81U;yaRy78R>UK5{JRD&sE0ig6HiBIA+1LXy9P9(0`Z+)
z#b+|7GD4=+ANFO^@ZmKJ<8kBKysURi>@(k^13<m}Pw*0@|7&P|q(8Zv$3(TRzjS&5
z4II9#fyc4FUz1-V$d`8X-iYmJOkXHijnu?6kBL{EFbt}%!|bIJN+ibxB^}c)HuCqf
zo#4z@+-xrqFy4VK5in>-_Dk$NIxRi_YB5Y^B!lCOb(g}Nyk%sm)VS<!3k0ni{M#~h
zimQ+O?z%b>S1l{f3ue|M(L$Fch!6DS3xslXu>F1*A%_&^XO$f9{axxOW%o6oz*eFm
z>RW*$5e{cC;HgRj{~<6;*Ku2q$E^qz{=$5^A7rH)P|nEGn@<*uNvllj;z9NDHkxK=
zP*&YKs<*YaiKysi+I2rK)r7XKR7uai3uIDB{%5BHL$552&(hghXYZOrQDRDThAH2$
z&faQjSd-5p`AaDRe;(g_CH#_=lrf#Bxllkm^a$<uveP^#RG|i2bv)Zo?f1i?Z$GOl
zw154@cZRb*?Bl_M`-sN7fs;8`zPYnCe+7Jilyh{Kz1>TKFWZTEE3zVrH#TZN5$KCs
z<X8o&E?$H|V#Gsv-(TFTCtbSZ7pm3f<?s%_%n3RUGIhkOhrS^w5VX)nB_i)8cq%9k
zsOfmgH^{h@7_I;;%Sk#*t&@*>(@-_}8B`T`Q7WXw8*MLTnZB<%@jiB@&yW}NkMKQv
zzpD(9%xkZ2jfk+N9)aPrqY0|eySlO1a5em(Jz;eGp=)MiaF?Z_%mBH>Pat~v2@`Zh
z#E3bndaogo*LQTm;CH)TL5VQ({VLs4G!dK8JOr#wAE08d{zdj=UeYxm6$<~4sc(#q
zv-{p|Y^$-I#+Wp=)3CACSdG=#w(T^wZL_hRNz$-k-)VpUCw)KdS@$}#?mgT4I_K<3
zKJi>53mFtJMN7VH-{b3L@cRNYmcGlzV}&dFp*@9LkhbSV%j^RuiUf0LQ}-lc<G!;_
z_G6{<j#N)OVofxhTEKopCwj(tkb7Ve^G@T5D(+FFh~Bf1-cPuUUe2N>e<9LN7PeF7
zdsF3JB6&EE_lHmPjO#9O6CALR&2k@mwnX3U=4Pp5X6bGv%p!Oyf`*iJpW^|*Bi;)0
zr6bbrjf#Zc>=pFOTaWQ{2~}?`ORgFZ82iw!^|h6}^B^0VQQIN2HW}?C=@cs;U0+zj
zVJ2e<Ibd$@je;3M@I5uvt$!)+O<dP+#EY1TuI<EX<?oy^f%RTPmQB&-$sDv$ZTBl5
zZoxa1P>xhO3K*L;QBGXH6%^@nm@3FQ<!5KMJtoeS=>%J!C@Zx}9KG8BcsXV@t#bHJ
zI!WjxinT4F5*t`WvEn1%*)jiUgZ)eTdi0~;`Og8$>aY75><WkSlwdzU_L_9!tJU7*
zGvC3tk#6fVzqPc8r7+MQb+!1vQ%KR0yOBaIeiU5?YAjkfigIZ&%Gk?pl8+{Y+)-il
zgU%0Z@i=AeIC52MA<rDYl&x9cubxcbe!htQ;h%kCMe)n5uZ;-#!aaG9<NRYIl)&V@
zJLINTVrYrsb`9$tw{mAza)K@yE>qw|c*)f+yhh)aC(|1neqBTN?(x4i#{9CIA&H(r
zoB5z&^CHj!PSI&)X1mCOiXFG-0Uv&CKOnOObm-Ehd{w@*v-RwKec|P@{VYw>ZgY=(
zveAoIygp~Ao(WX{-Srw^JCRU2Hri<^U9}u(!ryW_LFK}iv3AQy_LtZ>ERhed3qMGq
zw_qU@WV50b`?>Y1GKA1oUHX%S1iWm03yyF5*NP+&wVcY4xiGO|@1Qr=C?FN%A<Uqd
zGtBeV;>eS%dM%g2H@YmwSPc9KOVzqbLMw7z0RoYJN!EQS>5BOz{G;;0x6=%wZ#qjA
zp09i+yT_PnJp^>Ct&fMYO=euesAKs{MR0!2hS*<16gB7$i8ofLXKo35>zQAXLSG&i
zXrRrSC9bPkpt(JK10iAb&*9Pe*ca0S26Ye6`zh^`bMWMy;PQxPDN8&8S|Df6ZS=w#
zz8oN|Vm!EOa<X4XwYK^?Bh8HS_pj7!)S>Kg2=q8hdvL73Tx+Hn$rNdl145Wv*hri4
zk}WztB$GPV-(7B+R9Vusa!SpnM=o`(tefyRhjr~yuS3D8b%b{>fLflmt*w(5V~sTx
z-b?B8TK21k8rRS%<M*QDA6`a3xRojeHX|Tc{_}nv_pLH6IPH#coe-I=b5`GJ-f~N;
zd+a=%S*;QtcBSc5E5vj>;6&idT&1w%ORu>aF%rA#YR;%~2ae^7{F$zZ_N%y7&@n|@
zRU~kCLI8NqOspuDAL<N4pm@tDtg;$qeg2KS>@aSC&=0V0m&9!+5-mllec-OzV?2^r
zuFaSaXl#RsDtTk5h36Na=t6ctiS8cqJf(sQNP><qWjLdR!#wN<$SOv5!H?M4>HaKG
zuGKzz%P%>jLle#&Uao<Z1NBY_UMOjka;ZhFb-Ih|Ri6${iI;<4Bta9u1fG{YPaedk
zp8L8&K3VfL{*s{Ac;3~1d`%O=RI8!Jz!roqo}PP+b$6%57$%D`I7=!tn<!X!wz@`n
z18sjvM1Q)ajtx(KfU$>L6QD8<&fFpvWh(GdaQQMX5HdI@a8m#5&N6Kylt$h<AzZ|*
zu*5*o8of4n_4<9CxkRYTN(~*GRH6g%W5^4a<JPaY^Jeg?dpWH{Y+=hZrP28XuVQ}*
ze^lHfq;y%rDMBf*M<y->ON>N4_A<_1pv0ACO+__Caf^ob&08b#g5w_J6=ugG{F)(c
zFfnHH<(c6@8l(Yf&;nC*Hyv1{$wzSNC;6ysMKQ1Uc)kynY7$DYchFGE0G<M6Ok6S(
z(Nm7!#x_1A0{V}elIY#sS1~CAuMCn~d%t;VSf!?$@RahH!ouuofIa24F&6VwvagCZ
zEZQm?#4mtQ*jt1)J3=dXrSQ99H6vm4<>?FPFUH95Jqr8^eS#eM5n`cv^6dFIyw0C>
z<}%6fc2lB`*gUL1AMDBZ49}FhlQXqUiAR}PM4CqC;w-y?O>pJ}bQDeFa9(Y>i-RKN
zQMtS6i8$);)#~+rG8~cSr0{i0H=$m@qO@iXE6wKYj#Xf_LLi;|);?;!i)OVVI=_fN
zD(w-{Li3Sqt88!llm9n+tVG!)q5g!6G8$~LT)$BpCV<61<~@#ci(YRPl~2%{J7kAv
zKKAG`7RZnAK;B(FoIV9zG(TPA<^fiTP#SSxnT&n(5r`L8g_#Ihjaa^;t(lU8J^P+D
z2~=MrAUf7_BnF;9ihJR^Z+y?vH#DB?`Z`DP<U<A=S;ya!8K>nnD`r9}d787grE`-U
zmR>zzHLrs`f?EVjk}L8=Rq0$`-CR;2b{VfSjW6Ms&wIp){YwC$Cm0kKJ#MO^WyWHv
z?hL4*hP9~t^kR5wHfip&P5D1TYv0_cyULxS%*P8ov9({0iTA8iY+q9cm}9q;KC$Tb
z@bY3tQkW4<WvyYuBjF?C{7VeDH9#dAzTR7uQ>u5Xa26z1&wq{1$JF}7<~X`g$y<qx
z>_7F{hx!9vbTbY|f8_D~T2mTRZvsHOO3ps#1q_`ANPNoHp|9Doox-D2)g^BodpzyA
zxR5>3`Up5Z(d++9b}Pz1Raf>h-S(DUrQ)mkK}ky=B(GT0(P|HyX%*z!HsNGAy+JX)
z9XIM~zaJ~;o#0k<OGImT*<!S6A!g-E(%G$v*n#|jb^7Fw=`qM=ZN8}MJ@xPvIcnVY
zZ3a^@UyZBOv}_|jJR3_Vq%zfXRIC#oK$O2)=`RfVs{SVXONe1Udx5KeC$omu-K!H0
z0GGd(#vahFkyh!&P*opbti|z%D1S>fcELo|Cwj!{g^WUN5QzneUtz)s3fFw8J{LDb
z48)yq3=`9vH^=xG;F^}ouUxl&Di3abkE61#@Kkg(=xmMsF?b=~FK7!^>3IJD<GJvt
z5=A{NYkHX;L5ci5$mz$+qS?w{#r_ih$%;qFI?d0OYJ);OyxBwJST*`AE;2>Dl+X1s
zWP&NG#Acu0GL1eapXovuf1R|BA18d+3q_>g(KmK@Jk3l)%w5m~TmJ9A`_4*UH-AI8
zE4AU=3cO}-I_H&rHfbU^a6vKj>=H4I5t*B_u>I(7B2kwMX6CnQRqxYX#czdW>>Ajx
z**X>XBhrW;G-`ZMaf->^h5%=~1OyrGcH7T8j?})Q2409s*HG*eA+#&7P!{N$RJ4!Y
zyD3Oc*$@Dt{<+ld5$NBUZtYc0(Ch6{38x2zz6#>OIK>y?4!JTp?*dkRs@tIXntP~1
zmlKaXjq7|W?<vn3nX^T1%^XWW{XtV;IA9)>(mrevocuxYI_Qwd2Ske0Na6xb@M;CS
z1>hC?b>mv?O+Hnf?Gn)a7Y{R6g{OBF{7)TA<|!q$az6fYWk_2=e7L?#U&k%sr!mV}
z;VRvUb?H&o<e7v9L_YdwbksDof-UTu9aZE`>E?JS%QbtAcrJEbPaYy;l6cob|B|@U
zB;P<CH<bm+;sB{fEW&)XW&mGvWC!VR_I^pWgAQ9tn|Tw1GQQ@pj$KwJX?T<=0N+jk
zv0?*tE8<_EZqFS`fnG9`EtQ$x5d6wKf*-;!X`54<dPjw5n>k5)L)`UaGhBht8x@A{
z#mDJx$T0t`{r!TNO`0>4tV~DBG<`(TF2U(N`SL{y)_9R5L<SiWW8Pn47sgIPGs}!t
zNlc%uDx_UQw#T@ei<r8@yX{L8K)gJ60|^lOrx*Go#e$w&S|yNPuoM!3#p+-)Fy>IA
zPsB~&bekv1Q`Yk<Uf){Fd7u~qzkvZzBCFU73yE%#$iE+uyM?mIq(nwT1NiZ@1OAe&
zUta{b^5dv&Fs~9?N^z<M2TJb(`%Ut0Oi<fm!-PGecHRw1{4-lPK2P>$etwYIHbT<*
z?qkZ3Jd%9y{qlP^NzgeZQVZNk4PWL<bI9Pk&neVDl!KLUaM=Qvr_H{JWcP^uC1A*2
z(2zH&qS_}MB0Yvn;p(^&F<wLA8hfF1bY*171(^=8c1IZhok@W%n)c`SKNZQIr~IN!
z^6?j>8TA=Tn^rB$F|_Ct_I<qsKa?T=*-2U>{T?RVLXX5tBHmVM2h93;t}b~>6RLv4
zvtEaVt7$tGT%ALGdZ*KCr-7d4O|F-m!68FwPlQIl)g)^-_t+NMU-Isd0m842K}OF_
zH?|gV%Zn|ueOxFC{)C`fS_aq`{y|?32{8M&)ewGUpVV{9Ed$bn7%JiO)b5;P%}ZS>
z&$HZFto5x{E%hu@2|>Yag9NX?EdOJDps|-1EB*$tX4{jXkB36<;&N{0M<#kjjLp?`
zp)U}=$><-o4Ip}-C&wbW+ln$NLC3fz&NK~6*-C06aEGnpSi7Z0x5)mIchs~HegzSH
zSd@kE>S@2i0_h@BP7AYMgAZGUTj|2iU}V5E3f}hme0^^uN4Fj+C_%wkFa+7VTaZzd
zuJkU`7uA;eh-Ws_@ug}P!;=$s{jsfEU=ya+=$Z%uaknc?3wph>;FU~GHPgRbH%RaV
z8MaD9!b-p<cRp;L`#?FV$7+<dn-(OzzvNvpNO-joWuk??m$-+4Lt(w~<Dc|jN&CpA
z=g?yV?h1Io<Td_fIBxd@6FaZbxK>CYfhdf?76HyqlFC!O<687D=ou-s$O9=j<$S?z
zNbup(vpX5BU$>r<`b}u8^v8E%ZQ@!&i*CigNwOBF+d8M)cz^#|w;Ct_c)LBypnSK0
ztC-V|S&x3OGiAn~M6?62HN*ZT-P_~ezOf<nK&S<U>Q3A75li*PL7_cMO{r-&DVQq;
zIs5c%%l<1EWl$y&D^bjpl5<`HkGeZgU1b`{*Nx%hLv7sTpXU282*HmpA(poV<bh9z
zA6s9yW4v|puM)^^j+-?WBzW&8@jFZ(;3l^TWy7M2scA@Pt<5e$fFLeg__E*usF<DD
zAtR{+{xHP`#JDkP9EGt<^|F_yFwMf#sXj4$aP4=EvtwdVMf(+^u_Z|LUu;Ag&x0|B
zUV>o-g&<R*uiw%J0tu+xY{e)1M#Dbte}h>V`8@+cG>Lz^1<7;F8=jf!adcN6nV;@0
z!eGQ-fjb_=@h2PL;`F3}vcXul!31an3D-cSOrcPgB6f;yA4fKz(zy3tSpYVly?c=f
zQ1NE$he<si)l^;l6;e8W^@wE<<E$ml2_`Z3rsJ$3gE$1YIYCYf`9$*r5>|dw2b`d{
zm|{GW*?@kaAqEH?3jKo)(QzU1F_oog4afZ?3m}a8VI)@OnlQ>-ChRdP5apQuma(ft
ziJC^LrmR7dxAr@FH>>u}O8-6#!B_4II@0ue3j0_6mQ6g(UWIk&PO4O!vcoBBwa;N~
z6Qc{puirL-zhPU_iATz#TKcUD;&&yfyI_y^0J9_Z1@Rb?)X9{ev=wWW662uEM>HtM
zLc~I~AS>}bVynqB2_!zgMY%0>zJho?;^P8P%>X&m(=4Ms?4ShfN(10$tHl7mK>vJ}
z4>r&4@(h}grn$62%0e-2YSHYo5sUY0{=xq-5+%fJ{r1|1(w)f+?9S8c^IfFuiL}uM
zb2@MjusXtI$iqG9?2rN6gIvXRXPv#~8bRNGWI&f@#+9t3#>@+A7kz?=!%Nt;qJC35
zDDya9oz`W7qM$9w$M^R^GNYr)k)OU|vc#sahCFUtH-VjK#Q_n1IHMW7Luh8Q9oCU5
zyRI3|MzV7t*xJJZ%OHROa3k9}fN!bzGP&XoFvJv&Ni%JY)AMBqcJ9S8ASeb5SG<D(
zyomtyf$tkg1X~4+KS$cvhVruTvfYfnM7xy@KYbaG$6CB4Bl1C#=KPJ}DpTXUf^yN$
zeSTY~m9P)Ghk9ns@@UXI!7L_y0`vo(FU*@(g*P@OyH#$6pUb+LHq;eY<X5sCK-Edf
zMa8E*lPSgT7EldI$;rp0sVZJI)6soSFz=^}g_a#r_yj*%ub`+fT3w(0dk;|hW{nU`
zN3m(oj|Egtq4rEUgIqgMqI334BzVfYf?fw@Ze9<si?OTJH7o5-^QN2F^eau&pHJLR
zJPs8FrEMF0alIz=Nz0*kTC*p{Mh_w(&j_B~pFoG$yE0y^a-9QLtkJSlP>ipZ1*wL7
zWxdg2M(j!AcLk}azm1b6h-D1Mh~&|zE5QOW=qgg+Rd#};(2Gl78X!Sy{{;_Gl;OR<
zZW{3f$<c|HO_CP%1equwe;EqrMlBbT=6+;Jo0ZA+fj@E_rv%@AJ|4o0I9)Um^@15;
zxeGWMx^#nCtHw-RwpW)c9VL?ZOjZ)Nt3WxFD=jaWXtFg(;Ea;UM2Fq0h^&W2>liLs
z5<ndqOp&w$P<a!P|Ivj|;`5^drBmq7qvAm>^cRe6F%QsHFV@hb>=*-w_b&&-km!%|
zI?W6>hu2Y_oEO9P8?k!*JPsKydw`2!xDA#alUQtn5hY18Lh2gBtOU4g1OZrdEO$kH
zi4?#j&s!)bx$$Tx@8Z9Z)G_3}2^}Q=>ER&-8u!hD^}IU)<P{E9O15xemMBAZ;+Xl^
z6yCYepvO+{6`+<QIW|=t8pCA^xToq{BQ9@X7?3~dI;I>JVp6|TnC`<o{#B$)c(Ar+
zGJQ72bmy-<FE(^$#0lo+J>&S)9P-VIr*RoZUNB20$;qGYg#r`G5duiSdZi2<57iNI
zSwQoWldz_1@4pL4@#aQn`4WOxrx-Ewl!HM3FT6Iy*MDX?<3A0*-o2Xki<VrSwL0k_
z7Bia9V9x!hj1|V)qy7j>vpU!5IGjTc$jS4lI#i#GbcR_MsC8q`Hs7mD9lQ?DO79kv
zHCnBifV3<6sa>lN8wjh!=!u;m)Xkfm%%BKn)`_WvN%mpv{jza?s`!5<@{!B8dWbz}
z$qcVlCL-<Kg6lja;}_6G=PYAz73x9AtVSi=o#th}>L7sy<#^7)UlLVSb9cFoDb!Hh
zhbOY}c4Y|23hZX>L{aqS`sQss3Tnjm!FHUZuHG|jF0f3(xT{eg&ZniZT|g(Klp%pI
zz5by>Budzq33Y&*dW}nUX}v*33Sbqv2!YAJGJ)qtVes;ih8*NnE;+LdQLTN?f5xJl
zp9>mfC>UOJ%%fTEtZ<(X_!H_p`(~xNq<KaEqUd_}Y;^)@!*!}gW6H=G^@{9*VxipW
zY`uZGV$xX?-0(wdGt`>`hSe0a&U_HH7`HF{%O4_=VTuTs#-hj@Rj60f@5GHz@KpnE
zIHW~5kxo^2TMdMeu>U){6_F>w7PM513lbInfUA+Am~9hE95_K8N|<bhG4VX%a=Kw=
zd4v13?|LrMy<xs}KS82qgWkKV$+*^Drd1ubT~|N(?eDa9QFpd&-!Xn1)Rz04hI0>D
zTTq=FKtXu%_9=dU*&x_whnZ!O23?|0Ssgzh7s-f5WZL;l?D<(Ken~E=+Mu19OC@55
zsm7kx79e_Jm(8k5?bG8f<9r~Ulz4N8Zfkc>V^=T!xYqvW)d;Svea>Xmc$Hmq8<BOi
zS?hkq%5V1H=8;ej3Z4{l%=}f!ox%jx^V?{NM>>Zxj5zghcRWp8(f*Q<>qOEXwN|)$
zN)-A*zS!#iXzuHFW@B$GTHGLQ=&YASDbR|yv}qSbq=&1UT~)xya!#-tX~sQ7xkkCr
zY#;RmG<EuME<Wymbhxw--w56D&NmG=X#k$W^QcN(e+>LHo%3eS$!z&ckK0D*RW;p$
z7GK|w)0SW*VDa?g&H0Na5IMwgyqKkLncXyGE@fNnFCmpT3WAJGbvMvRU^TVr*C`5X
zo+m<oVEFDw5+zb9yr*IYTKoSq7YSl+@c&~jfodVe6-s6Up@a3E`wGBUB{69N`%s>b
zV9Bt_dtvI;pW6(|lq@2(-Tb)XfVbpf`S3YgfO}s))q}o*NrFEn|DjE{CdF30%6L47
z!kH@L#C)93lr4>P@=Fj7%U=S>$3>4YttgXjE*w*0x=WSDG^-(o!yc$rAfv@}0WLp^
zWX$}tevg~?6PJ$>pp-Hvx^_-1dVMZn&r|NC2pT8QGGgCEFY)Zhs8eZc>%(zX)Opyd
z##1YH3k#_}C+2Jv^1Ypuryi+?`x6x7P4$An3c$z8Wph!B^#1QC)Ex<*>^r6o->Jw(
zv;)Wyp~UEPp!-v`pWneDPJ>JB3O*wc3qHCdWC2h2mPCu@x@N|XlM`>}#}`+$za+#c
zpVT*!3hO>!x>Z(~!w9zk?z*hRu-0Kr_#u`F-J|du>X7(b=GK?wvtn=O=LEHAtQ2|N
zCX&hQUHLGZ-(9!Fy_PH0_D@52<XTs!ig4O+<+>GDUsR4DdB3#LHc}HA|5D8&IJV-s
zyD4l3eh(fGC{1TLPv?)ho$-9nk%5#S1c<=Xh5So)m@Oo`OR|d1SnUazu_%})r1%c(
znPwa_Dau3{x~<NF{Q64Xl+T<%1o|SeI0%Blg`de_O^`|3oVkaoL(bD#>{QjT9kU%i
z2|NP7Q_Su^D8XS;;;U+^vO};;`)Z3^?2O-_57kzOuozExYk21}HcMc&@Dfrh-(T9L
z96yA!oM%m=TDNV)760(X0)Q{a*LBpAsvS_&NVqx<DWN<?8J=3g{2`yj#2k&DimXXL
zR~iDl-(1N(uS__Cr)Ngxzi^C~B84J{R25wWDmuplzR0JJP=c<+Kl!J^4HOV@$=9qK
z@(b4wdP1`5)dw4;8)v$IoOwz-j|pE(lDG++mU!gBxA$L;_yba}Z;^>N0Dl}n1M=M&
zmlx^0N61OlY1@T=i&&7Onv8lf#i$;`3&30RDErv*G`50GmgN1NG5gWQzhtOHe926u
zR0h>Xkb`<{>(Atf7hiV31&-eLBtec>hODj9s$HC{p9i_ftH?X9t^sqD&c!(&ft~n=
zKT8PvxNUCO`?iRKq&Up9#!X~{7`<pa;2+dp_<A`EW(}HAuX&`;^j702fMBgfSFI2G
zhr8!)ZE6=$9#2UO59_;?=o6+|e-IM788ItM5JI8~LP+R9*uQEX*`;eDYt<DdLc2OM
zBR!Bw^{7SIVH^4mN+zK0`<tHa5{Xvvbh51r8SORoS9JpMNblmVlB}e;N9%oe@rguX
z?wS;ldMj<4mr1b>c2iNAT<8J#Z9)C*7QdTyWcHp3I4<=pPFMJkQS=to-mgb^@l(=%
z-B|N{2)@2R3H~j+<};W5{C5~l%wqA=G6KQ4f7ify*RqS&2tLmaN8QgKutP@q;g^31
zIYD$JEbr%s&P$WDUJoN0(CMD>NU;I35g85FI7b_pMKXfue`w{>&E=1yM^^?XxKYaz
zv?y1knS`q}a|q&}Y33Y@JSZ%RdP8()b_Cg3GbdkEmKJ_*I<sc`M4Db#p-py)<NW+f
z0Kf6jo-HYKx~_T?#Jm|aGO)2Q%(rT!F=J)jDhjH*+C%MLvEFbE=h<Do{L|~Ic}g0d
zTycOQwW#u_d=Zjozx>g7iCkLM#?ulNe#*6CXoK#14rQDl2S2PnjiDRYh^jW*S{CzF
z4S=2H179cnSGqf<$!T>npHy2`&zly&YQi46E!pv1Bki_0T4Dc^Uf-pVce)+5vb$uG
zsd|H954?U-5(L!%sWEA+L}?KZ_Z(Ol-GAW&ix2co{!38!sD%$(#N2P%ty`xHDN0b4
z#s9TM$dp5Kn<CC@JZpyMu`P3Jr)EasxlWWR@e|xc?~_NdQ{*Cs_66q47;b}CAdg>+
zXNN!sc_YuLCn{$eQm;4w7GDSQFWDxs68%<fgZB`NpC}6jwZw)RTgx2ATjZ)L^`b`9
z>Ws?SE2RGBod9W+fXGUeUXXVZ1eOUfWr>Am!WZEwXR%rzVYHx?H9_B@wgDAkZgpO#
z5^3AcBpa3?O2Kj~a~fyhyWQGmP?ObZZV^L<=iuqe_~^{Oi|S}jxWW|RD0tMJESCt}
zSV@q<*bL*d?O@mSEWyI)<%f6wA>;&}FTYbfHV>NZDJSmBnePUyT>=bneq+?t@N734
zkL)@(h2I=!wOt6JCjc0+oWfKco;)9+1Zzc=Qf0%eCOYuzysQL-{RWiyA-jpu!N5A*
zSrO_gBo`P4k{Na^P<KKlvz>NUmIsx&`2C|<VeKxl5*wQ_ca^}U$(xRRt9r)#t5k3j
zv|=R6mww2a5MF=0Zq?IzgkR}Hj8oP$3%()>fAkH5uWE11hcj4LQMEBy5k4o9T1Kv8
zLZUA+B?X#GT)GU!Bra1fE!^Y?_++n5^y_vpaPGsWr~(UB*SRDNHnXE1`H#mKq6HQ{
z-+Bo&o7m=9wiR`S!r5w$cS8dp@GA`UAu@cC?4UVG-v6i$f#<n#G;IqU@(h-Ukl~11
zF0iQV4`*-`Hm2}rt1hV@D14ucu7KyJ9PNvwo8?>Bn$sTo#hdg*3&O4UwI10w(+ybl
zeREH73iB0n=<Kun_X<?7O#!0NuS@-nSD`4bVlY;py{CjuHhN}KCrN+dcY5sU%5X%r
zwum`{$8mk><;0G!1e0%tE|*+-N38>q@f8Vn*2!p$WXGYeS9ZcrNq{Z|zli(#ie$eu
z^NQg{f3;gmO=V?ADMAL0CekWjq7|CyQ>&7WLZcA-?}panD3)Ig(ZQ@DgIuQ}OR2=d
zNEY)x3w2(-fFg2I+xRvoO^Pv>g$X2g8wMv}=vq23D9>YV&O7KjX#e{1NXdw8sdzpj
zWhFM@{7%)8Ap$wC6Zv#q_spAMfh$)+<9>EtNC?{@nY^aQkiz-L@wC%t(i$E8VJABZ
zXBx1J{brgghFykB*U78lRc74+ehiz&SZP>SSg*;=w(gwMElCEtf#!s7v%^mAl2(^j
zk_-z_`yWNGTPo|2BQqaJsm6m~FHvP`=zmjwA3<ozV=6GwE$34%a#CAt&A4`3SfmRd
z%Jis4VF)(xA7DPKp36n4@H1%ZjzQUCK2rdv`k+BqOXHYI?bzcWuoTn&sEl3EDXE+*
z3#OsaW1#+@(2%@H&U&i1$NH*OZ~{;iCd?k+VFg`+m9=<BinxQh)urnU02RRN!RSQW
zZmuGbdLNm9m|_S1z}`OJ0NrP6u3HWPq!ri)lU+`9#v;AoOk^txZLuzAUoiY*if-|s
z**SjYAxEzvYzx5lenkj)cHk&?iV=>d(Y00lA+s?0&J8`CwLR@%A!LF$=WM=SUvjZt
zDI*PjuDp@$XF~l8_290__N!ug;$)xW2MI#8;(Ut9BC5x4hwRov{@$SJB?3frk(V{|
z)K6kwBwk56whCA3=|rqq*|pT+oB}=kbs3&WIPq1a@|{8D!%L{tdLp0)a90Z>0ck0A
z>H97C)zkI>8GjN(e2-mdjieS0<iCsaX0ekEwWS5k_t^NZI6U315>NcDaPuAtrYc1A
z%yivODP9VKKbYtO$^j}a(eyahk+Ii}8?R-9%2bffSb4iu3vNO<RZAtLSVhUI&<Bfk
z$!dLRG>M(`m*{YA<W%jZEZF!v>Q>G0;Yjujoc%RFV!92vT{ze7w6U$=N33+MQiz)w
z!<7VJt*H@}!Ejs<?HRD&B1hG+LCyA<Q4J_^ETK+NcbF35@LZ2l9|&KAtDAWoN0WYT
zL71_h(n;{DHY(KFyNxG}NGp@Ow%UWqu!|fBunNJb-KG=f?1x)Mr8XAvi;-)&$tM|4
zAwFPK&X4oMD$QhV`VlgX4E_oG@_YxhMA1B4hJ}$bhutBPh!nq*msG|{sAcd9z7ogS
zXq3~Gtv1D)q4dj>yjs}#39=KD1-tjGzvk^zf<rdm)%ST5!uzWbS@)2sOAv-gL^!gT
ze!;8Zx@<I%pyW7?ZNM~Uzih|Ch`-Yel14I;y*6jR{c=pV37=v>s$PKXqtb+zu`V;3
z36!HXQ{>t7t=l(-`mJV$H>0_m?KA019x?$LjfaNr!L6T_?DCkEHg;XIiHYsRHoDg|
zggtT@Ja9OAKEcFT@&yZ*joGiuHlYZgJDjt)alQwooPXio<n!m^M_}d;4j<OUWTGwG
z)3nZY45Iq?y-4=3T-s3EL4W}K9aI}h!RFlLQGIglBrGzcfk8E!gz#@IN;Y{4;`jm*
zRN{buaA_^=Fne0C!dRGFlC{fyQtdK?QUBq`Dj)djyep{X1c#g!OvV#I(QkUI+u@~d
zDq-nfs>Itax@yK1V?jD?fM6EIi*c>`YXF>wJtR-B!wrXaL}w7-5wB8MPlUh=$^M3e
zVp?sxMfaqLpPoR#Fn#!1BPkectgju`cw55LU)J63=3kDHILfWs9?SoeW5`h_(k=Z7
z4G8b0?|Ba=SkR1rmEEmJ()uqZh*}~e1b6x3^NHm)9_UPT-1mv0ohD)~e@E6mr(XP=
zEK;>?c*N14yJUxTgSRtn86r|e3f6&rY#I-(T|JzLJ7#>uJcU4kz&eDLE?a<)j8lzb
zfAo)uz9S(J6CxlcfIBo6??oLa^f~9H9Q3?IGW`4bspZ>AY|%`yWR4a$%ldxaSt}j0
zTEX0I9vt!A7N={O5H1E^k#wE5hSQC#i`cA(LwJr3VYw~iu+mRhNxf|TB)PE>F8`sr
zY2c!cTpSd>J#SDf;-U^!?CeYG(!D*O3yDZ=wRAr#DMx=MSzCXZDE2EoLCmev6n{hf
z3bm3Ib;pkG&6dum{gwNYgOx$H<U*1*<p4uASkJ@2uq@rshG`*qSxki0{`du(@M~hd
zGZY5@55F*1c~`HDC^xuOPp?C#nMtURUB}}G4cv}9SHSGgD~1&LKgE{21iyZ($*@Gi
zas1vVAB<faW(for!S-|fE&}&XtT`m0Sf;?FH7@oPdfdrRa6+zG&q`abb=b5W^-%N8
z@#<qrh8o0~rW%xVP_czMvW-Yp5DhJaz5N6>N@=Aswyx3X{1}@bJ9szB+M6n!Rm<Wy
z7U#gHrAqW`o)4wm{Q1jH?NRe8XKtp`r2O4d6eoHNKgW%901^`S)vIn&J?Zwieo&W8
zQhSnVB32^v5dIRaht~#zL-5Z?efxx1SnM^*?!v)2D0*-(?$|um+%>Y0Kru!>bsc!o
zEvOOT5890Xzq;T-6h%8ymq;5_7kK)8;UA-31gqGSOREo|G(I7TG^it~Jf70x&<EV~
zB{VGW{$7bgBJWzt2`2J6%Kplkeo$=LS9k)^)E`+IXsTO>2wu7!bjR_*2M4$eh_)N1
zcj8KzT1y<t-aOL7^dfn9{o=LM!5(vZ2yf_GH4@EkA{3sw2y3R9uPSR9!1f(&vR)i=
zP7|{<`yo}|oXGw&W@Fk>LGBpYwns~s{lf3yrY%vxT-ck(Lfxh;9_^=o26?Ps$N}-{
zQhfD2Y9w_r_g+VjZ15KsxBOIv(@rJF5H$|onq0$Y#jtIgwhiGCOE%$$JP8_5*%SBM
zSnvCjav2pjaaVU~7XeEoHhB?RREl^x>Kv?uEIH@_Y`=<Yx?OyDMoSBWy0HXzd^@ZL
z9iMIdDn9PPrAIty)tl0#Ux*CxI(QAGorDVcXFNaNh7Qh^eqw*ME4dpAA8qGo>FRo{
z8(3NJeCHgHO59H;YPwOiv3WstT7eE$120M*4)|m^UVP+UUzt`TrnNM|n$4k>jl~EM
z^=hQOSC2>&2Uy^J7nUO@;E1%FXD3ro9^s=_-i0v15vD=dhFbk4-|cz=sc|kdxsK|L
zLck$b_<`|%<qDsBiTTY{2`#8xArifAc3XItKI9;K8`sGZ&z3|PaXj}R&KAtV=6f!h
zRyO*ZFm-aAe){ou7x$P0B8O%Ks2K{v``)WSP9PF#hsZ(3tb!X9YiB&D#DtQX$wPWA
z!erEV7${@`V-Tf*5|#UwiH-UA5INl45J8!^HjCr^N!VcWO^3NSy-x|s<w|RFNn8=^
zS6g1Twfm=`<js|uiK@h5A2c4X4T$=uSBM3UGi_o^N373|`bk9b1Z75TQk8T!?Iy*W
zGn{>S(RvKAhmR-5FBh-}((B*U+--mE!WOp>c0^YR6eTuhD{m4^#1YhGe^;w%FDKgT
zY7kpO{E?>(v}Vdu%~s+Iqrd;fQ*L<$U#xA((u}vgWdZV@NIN@@-kyb!cWVCKDpi{$
zsh>wvfet;jvPKpynU0@^dmZ&pD0+KT|Et3ywaZ~D#hFklLB(sO7<;z!_x(twV-J6%
zq!8yv8he9%x?EN^_7;HzlzsV)qt>g`Qi$>kiS>;&HNB0O(27CSmm_PBq9Xc;){aJ^
z4a@3R{UoCmV!rnqw~sFm7u6aJAio&+>lZV0MI60<9fjP_e1eY)XKk7JlPNAn*4`*J
zZ#G=8gb)=ukIQx@C&+>RNgtc92qgU?kn~v*@*bA3D}FUsU8Em!Tj7hQn6KuXqnqN3
z@<fREvP9FfW;N!T5;iU$6${q}^SrFrL<!Iq+stt+_az`PP^pq<s6>8_Eklzp69<&y
zp%s+bIm8C)_IPrwR12Qe*?Qtu_c|+2noxPQeY1W?t@`E<wZ259Ab%(Y`NQ(Nndj&$
zyZPWRzaNm(di7#}#n;&<+P5o{x~+kqexQT^KKe`qO3HLy+Jw7&)21^-o!V0B+8o{e
zjz?Hhf+wWh>F9p;+W4WftcRV?6Tn2^!rwc-p$AchIy}bVrm9?2``(Vw`6GLx>NiWA
z_pDe1c7)QOp1y{6*LY2tv}_0^yX8)Jeu89>%^cn}?`C=C>jnGQg~%4dG=mh`3{qr~
zFgvxJ3DTPM29Yux()lCA^5a7YJ=V|PM*WGc?X(yg5zU}zn>I|>-++La3LDjoOsVgO
z9@dM}i&S^(>&boZh`rZqphyIn-Y!{4SWq3h74lXt2T}EUgwXrA^(UU}xLl`LeJZcm
zls7cKI7YCE>P&1&GzMo-_7ocYb>&LI_~nDjQ%@-17d;tk#Opiv-<_(N7oq$ogY$+^
zd_iGfHkizLm>bsGSV94twVL<CD$!L=SVyf5#4p%S!MK(4#dlkk<h3}L*~KR`<IyL1
z7EZtUGs1@_H(_PHGT=V#gxjwe6hnO4DYsi;WZsg>gmj%%a9=S?v7Mi?@}yE;GRxXx
zyyogPvpHGu!|}C-xtt`7+O2;}8g5D`#rsUrb4ohAbMYkzS-VoAh_mq_chNAK<J^1E
zAcVJcZOWyHyWqpI?7p|Yti(^bmqNb%JU*%VOwRSxi7`5TC;nHm#K6g^yLQKQ8Lv?r
zIeYYRpQO5aPZpUm`=q2QLv!xQS%-|meMlMnk6H1{EygW&A_oD1V`scmsl>lhAAQUz
zdh~w$>C1j^F?{&HzRbs+;e(G`Qqsvz>Z^#(CBbh}!<g4P)Y`%o4teGB2o`GXy=y`<
zaed{qJ(jE=UN{04mY}h*lGKDZ<@YeOeHcmN8uOHtI5-y{6txy~k)m#VeVo{|PkWst
zz#F~u^;8K}Eghwg=^se$k#HSdRtU#DynZd6tCYKG`fnfcL0|GlKB_Bc)xW>m2kech
z33U<#dvYT`IDlU{5iTVXB{SHujx^sD(5Reaa-WL_<z_+?@Nb3h#xT7VG+Fcho)2Rp
zohmp}Hxws+hpy;o{-6(d%%AdNjN*@j&0NvYE<3^$4uIu*FeZQ&e)4MX6NM8QPe|`J
zh`IC+Qts?U)H*vc>q&SWGhL`vCvzRpKkIGNoWAs{B-M3!vOJC1-z8TW`fyLaI%K@;
zLq6e)T2LjzfL-^=4Qr<t%eqNTHX8-Egf#Cux^9vUE$h97JK4ga*Q;bRpHjvwbGmt`
zDHbd;XwU}^{UYJq;X#%2e!czmW1G%8R7ED^+}A?xuR8nTj4nD&j!jMOCZ(rSc5MwB
zEf0#BUl&e-uM~jkMqQdl<~EF1``YoztR`gPw7OBs?VeZzWA<UmyO>PWG#leiwFys*
z@ru<3fptIM-;4Cr#vJ+rtujcyg;UsN?EK4bqVAYXK5k*jAhlBogVc@zQae>`;~)c?
z{$mM|zCKv`*qTz^OIbtkTxF@vCRR5w<4#1ecI#(j7mebe{kh+tLmZYWuj+%z!$G$o
zh2)0jhmRJx52jipes_dXpebu2A72f`Fb<LGbi&W>0}96MC6h5?Y*G$<nLI~&Rk~)b
zGBfr|F)N1s$i4<1it@KNfTj*GzA3e6-v28|sjVQTvKMj;UqCHq+>qm~d0BgLC!o+B
zdVjc|HYXuI3jeZ_{zzNBi3&D3N5MxhbK0jm(<x^m!sccDLMV~=fS#89@SVG$_(@#9
zO+5<4Q3~S_3y7n+eL&Hey=*c@3gc2?2CrhZB*2eb=%`wufK-Ohpm-K^TMf0Xn?>hM
zlV^Fs$5+WiU;k(l$1-OVp_bbm2f<gTc2ne5pX7aJo6q~&#mC(xm#&`l;?ge%nMxN<
zQ@er`mQw~e>#qetC*Swwt~Z9~{XSORcz@XUU0!b-S{iiIT%GYCa9M0)BED@adZZEC
z5PMp)L7v95;uurZ?|ct+0DvD?%k3tR@a2vIcLaw*w${M(jAzr^BgIHfV}pu1WRWO|
zl{z==)am8{2SkDA|JTwRbMRrNbn(K=I{k#wQ*iyn#V@%yAF!AV(T0FVmei(Hu#ZfB
zKdcqdg0OrM+3D7>HgX0_HH?M3o9}I{Y}#b8V&Lb+<igXpT6m>RhcAD>AH%4Jcnpf;
zMNf2+O$dmEJjln$pqkl+_ZYr-i@{;R)ek0C|4zKv!+7=NH>3-1O4Tl);H^_sY`rJZ
zdA*8ZTp0M;svK!nz=P%|d(Yhz0{NMy^)o@BF5NWDg0aB-JHhqs*#zq8=*LO)l?w47
z{COu%N-X5Zwb}GJd4lpjl$XWAQ+i9>M5U7+Ki$PZl>XeuREMwuigOS$q+CH}4?>2N
zw<yj*k-7LLa}C)l`zHeeqGg`9%-pxYEc$DOD>+|oDEXbYl)r`fdJx;c;NxvjOwyL(
z0N=`TjA;zpOM9dRnGUglTuQW@(P5?=diKesbYoOGMdHP}FnX{2)3J`*d=Xg7K*ZEa
zz{Qu>pkxjv%kN*QyXlOVj8)d~W#_~;m{002kTUDX@h5$=-TO4$Pmsvr)U)kowI^`E
z58Rx4AfvUh;d_<`r>;r1+}>LW+8%*JY<!dXueIj-!Ds7gPnL9MxPo6Y$ky%)E94I0
z6wYi*^3-uWxlGX7-8t$sLGki=2P{i=x@o`6n#p<4l*)F71J{P`A$g}HUp{!G3tEB?
zCMb@0Kv4pOQDqJzafxlQ^2m@MNU9;BaT@fnZZ`R|Z*{7DdwOo|*1yUJ(EYFarFqEI
zz3Ku)NjtM-f+j@bj(iFriO)9VGqWB}wZ{d9ZhthJ2oK5QtCpU^XYUBb1#=1?|G2aI
z>YdsYY;Sg}b?TT(Sk_7xWxEw^CwIrbk0$eTTCrFpTHQZ53qpj*cPEz|?mY>l#(O&=
zRu^*cq@pzg{Gl<8ZLGBq&%G!t(Skn}wEx39d3%9w{o%X0#yE3CLL6D!Xri#Q<TNFY
zMG~k6-dGdJNuaFOK4sWDDCnPiP@?PQetz2H-P)-AI}*>6;Lfm$ifJ(uFIF%Rt#ZVs
zNZWvRll$cB5xnKENk{!*EQL--3O?Xmv@6AWo_;5yQj)ZJT~3JS0U$6zUf+!M-NPg!
z^ASAFX6XN6Lr_(R@Jy2~aXPYX;0vxn^a=w8v})?&j*~}CUhbPE$1fcXI4%xX0}!~E
zr{AseN{)kd=|ig64|6)X>X!Ao0%Lr7^kzA5J?LJN<5EEyI_?S@=Y<KHC8lKiqoM0a
z!sWm;Hak9hNdzX7KqjxGN2pKX3X-45{J|5(`~PcBXkK1)AG-jlQXuubg4A;iQqNp=
ztC;#D29R+w`FqesEzNJTxNKM#+Hw4$MWtGQc1-`03GtXoG$LEoT^K_(wWLS++dGb1
z2$OXk=`lx3E?=M_3!8ZwV?9Db>RCadvoCAB8C)%bU+NlW`r5KF@^#>Z#u4NrR6v~p
zK9QReF-wo*C2T4q^A{W%w*M1OZFr6u4%4J8NI0udp*XY7LIET|Lk%zGTAgr9jRVSl
zH^tmiY72CCYVU7>VpYS_wuD0;fnz>dU)S&X=H>!3o4b~jF;91sVXDge*KUxWdJJi1
z*>#R!XfT(hWM19{l1-uS!9Zf-Vw-P&fmdoCh4(xU27&fHes;U!oy1|_j9=HFp#QA<
zKd99k_3n9VAXl<B++2XfKzIcu1hs$|6_|c?Rzg4S50I#27R567L;@~QG7K!5xsj++
zQdi3@wvrC%m<>`SM!8B^CtIBvsVr(YpdA2!j0VY)W)NgF_zGe66ktYy4Dbk*p9XJ%
zpy7-R>f4VXq{@TbVamCKpx`~I!s5!oB>%rw5<f4Cs~s>P>C6H|DyJ3y*w0Qbw@EgR
zb>#f{>X>-3JV{W6SmfOCmbSar-?;g{Nwv`JKwxdF;o$=3MWA!;dB5DG!{YVcM?=qv
z7O@`+yDzfnSQtledr)5U1e|8gHHid=WJ~-UN~7QZ8<yv8b<U;E0hY}$XZkRL38uY(
zi1xcceET<e6KuoL7bh5hgt16RpJPojI7j<ir7(QkJ5{&aaWZyxCFM#}Kfz8ik&}~Q
zcb%Mv#q-g0XODpCq564KJckN8Wij?-iPC!&cBFaYaiS{;{yYQn6(#MKTe?$Do0qFs
zvc*&E&3)v$xPhB|^VVr;g~yusBuzMJfh@{lY1qe^2J)pyPBce973QoK&g-)r{g#W+
z5Ck3u&m+gz4JhdEkcGtmQ(w?$!}}wNr~PAzvT!MSQvA8k!hx=OzBu08<)r*$IhsRA
zm#))d!?(wBmy5&ntdjz1bI0s7PUW5YFI^_N;Zo|i)=n$?E7@sssUHke(?2K|i2zY=
z6>Y~p64CX)FL|Yo=+TYf2W7PP{vGgMXW$Tn(^B79{@_5^@_4POYRp{s;0GUZ&AfGg
zjDN~+A9hIgAa(sJ4C<7i->QO$++h9{rf7a89a;Q7_nTNmp$L{?t%QDzJLdKGrumx)
zw@mv#VIugIm*$8>+}g1uc2SykgwlHaDsC;2TDS!3X(^vIU*uk@og=S5Is3!i=5w8J
ziC@gC=sGGc3S+2$W?<_W<}QJR#~*dbnAMF?UIECPSM}0b6BO6mXUtOBNuP&~hl`Gi
zGI||glNpQEFPHcRYe}YF*<sk|i}ct_zj2CK7_1E9RQV65qwX1T@IoIf<C<Wv(eprC
z<~K>YC%bZ=$rd1sMlCqnrW2Gc=x$6Md{BdHYZ;!}ReOVV%vv4yen@xNDPaq&$Ylc4
z=U;Z6P7tPFmKHM^IT7(k91do6$F)}gj^<T{jMf<~_4Ws|R4FoTTP?{4{B?X2>VR1O
zVNRJ;Swbyy3s17#s@r=|@Sp%VhD!fM-C5&^9L>9U9i^ODtSL@YW#}NyDaPRKlz>~>
z-V70?C=AooVrg{k3+o+^%8s$au7S;?udaoBHcHV#Q80?<>4nK-djexcHWv>e=Sx6c
zg_kPp{Ki3DBMz7SiSO`gn4`aQ(z0yz%QcW4R>Fnk@nN`uswBmc{u!L02av<1$Kfi;
zhwQiJVZ5jejthExOkr0v5u7dWEYF;Lh01$`<W>HMcrV-t%0KN3$(MzP)+KGkM>5?n
zZx8V~yY8iRf`E*C8MTh58yGA0xk!WjhoP3&G3tjt&;cE1Am^3Cl+AdNyxVJg$S&&A
zT2{~{yXJCxqnEWjUyRp&`m<s-N(Cp*-L!TJt)KFOQ>tGBV%11^>Q%zP*OJJ&+&j9D
z^Ml6<_{AdDe#l5%8nFj%gAQEx@0;>N0u8WPcrZ$10vW(j20N@WkpC6=%I;rFUar2<
zEDY2aE67r8(~doL7U0|ZWU4EY;#oeubHL|>zoJUX9U<>k1jfdvew``X_$k*?89Y-L
z{XCC-u~v5w;HUHO-6hpc!{_vOv#z}&SI?un{lhi>>4M1Bd6Tc_e0aNrwOR{9JqoF1
z>zI_X2aCDIZb4~B7<+^L?EIjVayp3|o0h2a7F|{7m7g{1NGhyOPkTbRq^R4u!>^8-
z$oQhS9$Dj4G<$<y7JFf9N+VGoiwWN!b}u4{CbeG+CCHsBqC+#@uc7A7ljP!(f3amA
zY8yEtK`V-YFVX?p&*vV9PQVr-nInp1L^UnsJ}0{pRHw{HeOOqNz=5_dCqA*rdXgm$
zyK;RmZR^A99+Yuh;A5#jr6FIp5^nw(zgPpP%3dBhSHTH-06BrTkB^4cIgz(^n>taK
zVIohOO0Bc$95#<2e5p_jstLFO6Jh_e+^Y<t35zb?327%5Aosk+ozHRI%vUsEktE_7
z?^xAVT&KtnSF=_^-e3zD#;fPj75X~)`-x?0Yg&RI;U$`7JQHcpS-j#MI74TP%ojSx
zQ;SMjy;VoB(!a&dNAdY$Es!tdU%`0B9jF#{$NN_R7?xFrhSnLO4fa%vR4M9JAxdWX
zL#$ENw>*V@p}iH$uv|`lycp@Q&hIlq{~3aTyKKeFl`I3u5c)u)8qbO6Q##twes!C=
z-6yl*T|}Q`J7Zv!AH$~1q|8C2rElKmj$QFpwonl>36P76Xx9<lz|Or|Up=+GclO`6
zVt6Hs{0fl~*`QYQXDb-VjuW&MT$MVfVp}(rl5ER4F4r<8yo!|al|Wz<(;K__@*Ef6
z40J#Fza2JzB7Dm(UVIsl#GuFU^(xFgr8qld0*NrTg0mISiXusTrb*;%ygC+EzkEk1
zJ$2loZ@`R7Q(wQ;Bu*%A-&8GrZnzz<fwCePlTv4&`Lf$BrS5?Rw+a;$0YPmLjQ+0O
zO}<r%E5n4pDRuWGtjD|FK%Q}ZJlr#tOv}<LBj8Oe(|`;jxYKrCI1nf11oU`+IN`pS
zL=E&CA(4AZ`V>lx@X#rs_7lp>uf4GdV0Uk!$uraP-p;W*wr6iD(N9@XhA@Be$uWKR
zi+~>H#kPq`*)?3T9d>?ApFE8Gc7?D}TlY8RujpHtBFE<0=1GT9r()w1TyZ8sX{;W7
zgj4~^`;D-Eyx+?GJ_7LGdZk$9n`!mK{TcPLa4NtVhUgs1zK}Og8)5yLt59PWXINl^
z;NkjoQ%9-Dj5q8L4AVg6)b;1>h5c0lA8+f--?#UC%K6D{wMn;AgHtyG-fP7B2Ak(}
z{7r#62Hcw`3<p|-8MaQJe||@vZ2Ab;JVEuetcGLb!N}Mb_VBIe2A$SqPF-Pzhlnji
z=N&6SKx_q{Y|8uJ(F5(=p{9>aQ%#^G(gHq{U<Xw;d00TtP@rk1S6ld+--%ksPII!m
zDj?@|;Xlo!bE})onmk;+7k0L1xgg%<{X2Vtq!$q*0n8Xl<f-wsW=fw}J*xO)_)is>
zA>~X}*E0XzQe@Br%&asCQkUll6MSkDgIF0V-XXKxz0P5BCRF4d2td}q%?y;AOO?a@
zpDJbHw8SK7^2GY$oW<QLR|opKg7s|6EmNCx2$DNfc10MZjK-!>f^*?eNOUW})`co_
zz0&ISNo+PQn%jE{=cF{5;f_bJMS1Fz4YvuPRS`F0O^k3d`S;k;euwUP4aAg>0R58+
za9KhEW+%JudD3^vOd(23yZnw}g0<|IP>$pp%v@N$mc^-QO5MyU{t*8nTB;Zdvy(0n
zGbo~g5M^2uY<kOpI4&4AguL~qJJka2bh~V=gJHoJoDPMY%znhX)kB^$N}0<A^=u{A
z)}`0kRkEdwmkqS{*(P2*Ds5gJkFENL>QS*D!&#JIh9omp-<SFu6(EBiK#HeHQ^&Vl
zlpGII8Mfd<GSK%%So1Q~wR~;v@}2n#TKv!bqKL##+Ihu60c)QCbYP2nk?>l6lVF^C
zxVGr_r-Es;L`nL0N?`2CL3du`*OYB~i!({K+U)2FXz!PW^(L*ziZULp78^Q$C$EKx
z&+9{89Wb}~hggV|{0YGpwxc08kx+MW``RUSDF{w>jPn`;fgb@lCtKPjB6hh3S)t=7
z-1Mv*wm;djYI+%k2bEXvTonPS;j$WbjF@k`|4hgBxszj#xhgoyy0s@E&b8dfln9p5
zN<e-!;70SwYl-%r9_t0rCs4;f#8vTD&x^Cg#;el%$px^Ke4R3BNHo{uCToTjeZ0k6
z<bR!l++$=KcxaZMP)BmD#4$yqgbkHC1zsG}*#vjS5HLk$XGetb-@Eg*FMg&>j$NmK
z-rXXP7SutV{s_U=weRExX?dtUy<H^l(N%DPmGp>-yds?BA{<HeTC4k#byUI92PMO|
z;uCb2qdW1!>>hBL&p*mzNlnb|p!$`%^*#u^nw;T~I&<K;!2ddalFoa!=RpeQkebjh
zTeh#F8rW-63Y0upMKjA-^|SVCSNOCpcW%tgvcL6A@rH^;P47}?CLdClG8Pf|etFcE
z$mvCk5?rSrN27sNUb;XJUMuTLZaw*bOuc1P989w=ifaNP1Pku&?(P=cHMqMw!9D1}
z;O-g-?(XjH9^Bzh_IF-#|FMRd)m>dxPnUP);$g+*-U0#KLrm*$>e^a_C&)?hl|*PO
zwwZI6nDj&2`cp`k;9Z*h+LU}87cQq@6&hm<Oa~ZXK8{q!QJ$W}*?p>2l~U{X@7*&S
zg!<<7_6Y2=^sJj-^^wLD-$N%mA9$0d+})FY9vKc{g%*rE2PdM552giaKu(@%UrATe
ze^?Xhq7xv>F>zF{HOg+wXnIy_KuUGy{RNv?RIt9`fT>Kb<Wq$i2in4Qph~C_2IeIs
zP8<#>36anOcloV*X6h=%Nu<w6-HvRvgD!{WvKs=xy%G9;9Kk*tx1S{Mc2OitBH;P6
zQu(Hl2kfSap)Yj_T?BqLtL8#E`ocoH2v8FU5t72(%zs}6IcJa585Sf{6|6|5Pbow=
zN06;5s8|#9MaZn17-xpx92O2c=vP#-KzsQUAqVknNC8gq!$&f1AH3EZg^5l(8NT?{
zXxV1xD(cwuvyb@ZR@VD&#C#?pNmr9$NkPnc4iLhPnH5|Su%;iVPv9Im{#sZ(7*mcY
z+=G!R3m#_T^~RB{Kc~AZ*F3GX_s0Tqw%fJ_keb&zV0T8}PdNFU=ZN1=xT*pQpn+nd
z(ZWqoNanCaQ8-!*<TK2{1g;uY7dR%imm|Z0Edz@8=>ec`z1vW`KFA?XdUzpuO({d(
z2xh<`?;P61ryZ5{`h#ckKo;cP9q-G@lG$l(d`>5eNd4GnyR-Nkk^Q|_2dF8XNP#8}
zh{FmY0v#NGCwr(V(oYfqE@)Tln>u>Mkg%B>z^CZ`0ANVh=#;GfvfbG>+&}6Y*M$jI
zlf?-@)H`Hy#d=ZQh1Dyc#jEj>-+?aEGra^@o$br*^L<x;i(4h$gGC==Z<M1#hvH7+
z1sI71rJ(p$A4Lu27h)NGd38CirU*%K407C6mAu@D_-H!N2T+Fx=+S>_bM!SxAkcqj
z=(`vcj<_0kI?gL7LG+;7O`-g!zr^wfanWbP@zEgt%@9!O0$xJp(C)%tHD&yPq!PHg
zf7`z5B`>9D-jZV$1D7V~zcZ{PW=GEohHZ}L!^sj$f=<efI5Tvb?41;KMQb|PI>?F0
zjiB?V8xnH&vs|XR4iB}yMhvF;guRzfgb3+LoDLS8p@X9%@?UUf0KwxR=jrl*Xtp;2
z?HemaVVR$qv_@x31$mj@76$!Nb*KDY1OE{dYV)Mjnoi<yX2v6AjflYYZ5sgl01!}h
zSwpcSs1&+Kiy%Yr4W;md0i*B1)^m1qIKPwq>qPH^aPkJSXvsJ;$RY%0>6`cPs!C+m
zc0@xYhqUdB+eL9;>?6NJJ<|_R(Lo!JuY@xr=zU6!K}unQCB<L?U1#4mhQbe!Xcsw@
z*p?*{B}KB;P&+pe8s)XUKl6=`W{`wa=K;Q6uf=n{7QRm}r4NlbCp!4rZY?VOb1y3G
zV2OL{HMVmvf}`dv-1+2e{JrOVx(v&Ye{QI2eUD~4t*y?Fts5KKuD^EB)d3@&FyiCr
z<iwgv2P81aiFH69z%wy@08-rXuyRVCe%uzsWXu?hL|Y>p;auOD3S75o;=l@fuUJ65
z8IZW!9h3lF@)$WOU6dG_A%atCFIE^i;WoD}EOoP5NV6~5GfLt7d|KkgHciE<oY!IX
zQv4^XBFTF8PYMQ>=E02R%`K1Gcu0wB{I`zVES1=v54<n*t)G9UIBut1;ij#J*Ed#Y
zw&`^`K|2>Kz1F65JJ};m>+~8lafBRh;S@;QrP!zsblni6hbJ(PqX8c>;u-tlg_57z
zY8MG|34q=IxbN$MQ}A?&Lk8mhTP)P}kGHZwI#U<kdCyQYe33>=>Q0=}be3UErCb7{
zm4%_DKPT$d3T~&&OZYB1lnnOd#?6_Q3|>ppfbQmoB5A;7RByr_D70-`mcs%HZQE`n
z?0pMZs~=!#U<Y0V?9;?}4W7(Us-M{aqfSLKB3jLRDP`Y%ey?0{^Co(EbC9|A0Mkn>
z_W&d6_PLF*@)*7}#opnmd7Uq%ICAa6eFB=$;u=zCQZEr9Da_l^$nh%rSMiMZn9nNO
zeNbC4tpR7zAsq}WsO*u}0Ig^dI+z9=mNn!voUUke`rZijN-U=fK??OMkh2Rzqr?3Z
z^nfx9EbF@r)<IRmT6ok7jOxu`ETZFq)n<fWrucxu2HAeN4^J79PC9EVn&)^kxe9r3
zV{U>l*+Y{0r{k^<kc+(`L!f*K&#e<(if^ojbD@pE+FIOIoc^@ygT;*LxpX@jy(y7r
zYwrSy2X7{qxxuZAzyHZ834vz_D3l5r=NZ=!mXeU&-7;~L@~6u$zbh=9huW*n|F-UV
z4LZ06<3GU2JvlXqU!$@5IkL7GN(5*X$#Y+nh9a!RFkc_n&54M(Vq`PVABUV(y4A_o
z3rJCFL{d}>Up|HwyXoK^NGs@2V$<=P>z3%Yy!0rTa%Fr7)g3RC(@bsScsSVH$rX={
zVfy2UC7IR;4f2hO`>Q-QxM<)+QsK$}ARwI=UfW&1BUkSAX<W=2&1Ia-`eFhhpbfN<
z!{$pf$1-nz?@Z5iCwJGYEVM@o$HCM$#&d>I4h`dna_8Do#l+sggo?D=8|-16`(l`t
z*~237d6lGeq#H{mFVf0ee%w*3<&zGU-6PuK`4<cCNKwb>(S){-cYBABZ`z1*fRVEh
z=XEPWOQ{}>pr-A_q205{ilIot8UB=y>RnCTr_rRAbW2Tfv!jA5>#45we>0_z9?Gt^
zG7p~KSjle_nfHT*ULUoSGy+F%s1weQxa693mP^itjCC`RW?QXjY8pW^8=F02V@!GY
z&tN$Rp7VnFhIsHR3tO)qQ^%5XT+_pE)nr}L+jxCBTF-w0UNM0rwrkHoVKf!z7XE}M
z;%C04?v8QGOIORGaE!pBgB!1-ynNNjz#=@P91o~ai>ta=o;yIMEst@pO+iDwV-h^K
zv%_+=H#mK<2S?~Xe*x`IKsiQ;ciHQHS6Qpti(=Q+knjh>g5&P^4{FpnA5g<cJC4(w
z@c<Gl71ZJ2)md~C=f)A-?6X>Njj-oVNacB%rLlv#igzF?MlN&Zpj^RcS4P_K|FQcw
z2kp^jU6J@i4$rm7LFuLv=5Iw=e}@oz?r*|WC@^^YY2S#>g?NDI@7^bcy(j4V88WXc
zJ?S6Ke}+kmq{jcIM*Ke3!hN(?6!PYI;8uog6zO<dPuy+tYx_<4(JZotBZkR^-$UH8
zV^G%VS|uKLU7D5QTZ}hr&SGhQ8{dsBgTqueXEx0D_3|AIOZu}saQSi>e9}DmFFeYw
zCRtg@hBE@4ky_X5?FS#*3%RKuu47E{%wD9uA?DJbC%wYiJ*;M)z25GQ<nV$3m`4`?
zbd}0qO~lU3I#w?IY=MNlii1chs}g_}?7d&BV)T#ffAscXTtW!95_p{Fud{GnT6^`&
zLISJTs2JwDJJpe4zw<&wI<HDd^}A}Agm7MIi_3z|ynQ!62&q4}k0Xj~0e$z~bZOK@
zj=UMDoz6V=sC8GKx(Ss~t1-kdre!%TuP6ufckGGJEs%`ZuE{d(-Q5S13u?zwu{0@7
zqgeB0ax)){`!;niH)E+ywk!u($I?A4HccJ(yE;0LAD?AWGniSI+cZ?*U2mV5Vk9yF
zS^*#GVT@m{NaQb1tDER+#|9!bS~)$9UQY8OUGE@+6^o8DzlPF^Ir8F+-l%3b;zjRy
zaHJlim{pwbq0keJIdIDWFx)A(ZH|~xeu$<x0G=qH$p*V8wco*)rZ{BJV+U|F{wr@$
zgvMM_B+pd+GfG%po;!OnRt)JyPgZ1!%A=XMEDXI1aSrjWSWKy*Ms1-u^0=m<sJpT*
zR^X&5@qwV62bC+Q5;5LHfm4{$sr0_!?zc7!@t4aLCTab2gO4GGrvs(9#)rn#tuXUI
zr%J0DDw<rUVPn(fACg!{+wy=#!>;*mcs*OR&Ew4<l_98Yc!Kv!LD<G?ea1u%ID5v?
zg(Ec73k6lgSGwBh1NR8zUhlxoRExKH9M@mRKR;p;_$v>961O)(74|7FVzin2#UIVe
zP<kwXKBDhbq^41C6oqDWY**_gddtnTNRGYXu5jCOn_JK6VdlH^Yd0G^;^CR^DY*`=
z6i{5^F#E9}18*qBW|jst3ks4=^h?y+$uh0n3x~<?eBPnR-!mVs#Kke#BQ})mgRP?$
zt~0a_WA>r~YZ@+C*YK%s(iGaOM}9QDg?E${v#VzxsFcmuTH(s@W89GPuIXAAw!+&w
z3fh((A2r{e@7;t(Q@S`CBkeG+cTH2jRjgMeh<{|OXLeqQO1>IfGhAEjb~m*}J3rZM
zsSUXr!|UYUZwp<~_Ml0waQV({*mWyZKS_T0uqfv7c@5@hvxWKH7qeN}PUl59_O8bs
z?~9aVCnFlQ|4syT*mre?)WjigFo<mEI@L|X{1gxCqWq>H+|o)jWWsaPgKZGf`)A$q
z@^itI2V->P|G;C8BYH*hn<gqp%_+1`LTPp){vgm@(2RL(I+U}%)&8;zKJR*?4)hNA
zyLe4Cg%Eohfluuh+*l!`$XF6h0qe+wV$FHa&$7&AS<cVd4%QD$+KT!mlYNaZ+ju()
z*sCU<N_Pxk&+Rd9xnvx+0{%E3^|~>7u!62m^YCpqdvZZaxy|1C58)IJfa~-Ccin?3
ziDdUkCjJ}depjo*Zp!HG-gjLs_`Tj8;T<6D?Gmm8zF)|JW-b=4L|F7C)7>=~aYhem
zH_!v;P4g^UZ3llK>pX4x=o%`=_imiNYi$?#tHFq;Tor5J4SmRwy7BCo$IaQ*?eO@X
zadL*XvjW}SgSX02z8PzoZDq|}j7g}k9w;1sMiROEf!=!qZ>BI6ljuGI-1ORm&v{Dd
z4U{#11r_l6{!QF?5N%M7>+CtiQNG0zq6#K3b0fcWAg4#gcL_t`!vfzW`!WV^<0L+0
zgnyoYuXZfK_fy>7eZSO{``&72Fr3rfUa*A{rVnOqmDij4?i$rO3;9A@sKr<YWd9et
zxovG0=b(d>PCXgXT(zs>_@q4^IngH$v{O`Nr_BfdWDm}1Gvq6wOlA}q3pkWLIeplA
zGS3ZQf3ev+?;P61MW1$1F2_e79{gAmuSD`VIom(SWVpLd0LfD`^(ZW(Q$DVZoM`=U
z&uk#M6f~)sQLh2_pLG)g_!(sOMp1y^nZ-6J^@{%L_T_5}$Huk*opY~}{A;fO-Tzra
z#fTdM6)}*FeBe7SCwS9Eh*x>r%o&S>!#d((LU6K89dv$>jqj{%6hI!hd9xu%M!5fg
zp^m(xNGO4k@^NQOK&wdq6sy)Guv<stIGluL`dsN6DX{s9rgMZ~q{%1#!o*nbZvCl%
zD<H27zd^91sDSbw9S=aUfyr=VP;g?%2=hPbw!q+kIoZanlGpFRz3yWP?&8rEk=Yrd
zn;MYT0d>{{K`cW@ga0dB!QlO{@Yc+zPqo2(V#o_469h^kv%!48hMIh~pU_`xLt>Z%
z<*cUPAjU?Zfh(9g9<sUv$`14eI+Mo_Gm_Hr*r1o)fi5@jOTW7NQ~H=vlHIZUM0Xg-
z9a}m^5oC=!2BW4c-f1Uwjd20dzLbb?AGrfkVac<^l;e@+Kr;5p=bGh)2IlKWV*Pyi
z0OjNY2k{rj#s(X?ErMHdUa2A^i)b)%_C9mnc#Ht~TMVV#gW11UNpX}?E}vY~BNXdW
zr?O1@wrNJ1bf4p4$xMCjz^%|rIKG@U@asPl;Fsr2(VMGMu5yQI9vh0eoJD1isOcIm
z%dg_5($&(J{-48d*?4QMiEn4O?T<0zgX5}%K?OgKkieLbUGmk>+q{0%;zD9o4q86_
zdPE|BGA#Mrnj)WG$FgW&GSy!!m6=7wtr~L3{x%YEt;?%7dUi!nr&EFKU&C%!v#m_}
zj%9;uxl}LhX(f3Oe8h|MN{PyFOpB&UiFP%pqt5U(?Cm-}zkIk?2Xga+*Vn(6RZRs+
zpUFMJ6xbjIdI%|7GJm_1lYNY1&i9V|*-TdXLH4G10MCQ*FRqkq4`jp;d-D08I6osz
zLxEj|Qy6MLB2l+Y*kAHYfPn#zIBG)vbM+KT?qYf0&c$wv{Kh42ZU*qs0%UHS2k>T}
z?fELG(N3j`*CzpCzrSY9=W}XyCeX9V#Aq~6)9>F*wY^3>cAA*$z2#${cT2`Fd(W`S
z$<AUhd;iZ=bO(Ks4z<hMdF}iSdD`|2kbDWWPex2~XBr8hn5RG6Z0QH^y{qSCTmSWg
zFZ;AO?1&sJ$N1kQ-}P-S{iqhTo9|6;D&lXTC-;O%rh+O9_iR7NP*PVirD$jy#6M-D
z;-$8A$-*Y*C?R)qxu29E+g_GMwZnDFaddO-oA&;^`tz;v=eKjB5<@$0+p=4gz`k%9
z-tD6&UEhrPQ2_FzxO3P|ZUy*6aGX0L&OzqA_ED>jiv7uY<h-f}S1Rp``<fNMfbX@o
z4j2N`>H+&7dzG2H;Al7W+~{t+kg)~?=RD1IyqLS2_Ezua_^m2m$NAM+b_<!s=jG*Q
zD*jWWms=n5+p-fpS(zQz-L@He&y=+Ut2V6a??ls{N^21Fmk-Z`gr%elLlj?v$c4tN
zT94<HP$`lS=#30MNiGjtEhER~qXNs{o!tqGKs+t1=T$3GT)Qrd;y%YRmtJV?u~yua
z+0UZ}4b93Ljtpt}*XNh%4vk|9&h>NUz239AbV`pmY8S$IWoO^jE8AX6)Ko^?jx))P
z{WcC=)po=^eKXn*@s!-3>71*%sFwlNy0#74N`f|TPQzlAUIH5Y)$ND!e@v*f%LS{O
zFBfzp0k%i}CYc20z*bJz{rR4nb*t24nNrw?zQ+>Fe%8B2KD;5BcD#ya#NY8k^z!pD
zTBA+jl&7druaPEicC`i*pZ=`&%4!2BsdAgne5>2Z?BJn}5YsT9VIs_D4GIIr1**bT
z^EJnPp;9Vk)$|4d9zFOL1?M!))KDjPtK<;RJ`{q&mRbnw@&F9D-8<bpWC7HlLGBc-
zGl(xNei1J)9Ekr?JL`Aq3mfMq28Vu1KA<j#l(gNP0+BQBt8bYZDSBm%8PYWu8$B_@
zt*P*tgI|OPd)iw(-!!px6cRKXvnR02ke$SlRTdxivK1vu#aLz~7wv3gN-ILDk{>hR
zswR5SW)Yt`m{_HvkW+c<a-;f8?>x(cT*I8dahkufHW)f*kA~Qc`B}GB$xq?1GSO5y
zSLDsME%1j}-=Q{$C#-~@J=x%a!C;q+mtWKO8%*49UlbC4F^bgiP0c;4=A0kZzN~mA
zyAdwK7Cdss*Rieht^Md=c2slJC}Q6Cw&y<KiP=_N=9^M^xY~@U!>^p8Y1r^M)#QLW
z3f!IG0l%&s2-Ozqdz(2QNO+?sONIn$BdNv>D_btTo%deU`%u3ckGx%Il{Phgp}w-Q
z2dtW%Syom%>}30OPl1C=i<>8*w|#vyRcu!rH16r?qs2tdjr9~vfCbkU;_5Ikf7f3;
z1YUKn`(^`ku8kRC|C|U6o-avy<D{#<g^8D8yPD;FKV%|2b~L%(-3>yrsNW0pz16nw
zAKsus)*LM#)eWZ!YuBN`muhKIG;`-4^YEnp#A@WjvQBeGy^(P*hi(7GSf+I`QLg0#
z+eNX>CfGaXk$>{$tY*1574)<AQdg~t|7~DAreE=(umj(uQC)3qLCa(1nZU)vL_r>?
zD!77e^kDX<#{<}Y0I^o!Ca&fD$P=WXH})O=bS+&a*&>_+lt$T>{9Z!Ttb#Ft>8>_Y
z-MpB7cRe<upqAH0!|Qz*eLB!AWv-KbUOy&&M`E2dZ+jW?_=}PKC`6?gG|e&<?c?lL
z+DcjucFkL-6Yj6Qyo%e#g_Gpz2o>1XGTJI|+sRX2zRmp!2Nyo|kug{fZu~OC{o=W+
zeZtlF&|<xp5C`&Edcixm$4<P69b#kx;50Iv9Dig0&%zfVG!}9Sxx)?E<qOcdWkgaZ
z<ATCZ?;4t;Fy=oHpM)&xKZNyVFO-J`dVncVJO#i`Tpl;(VaMPJ3{sZY3NKnU`*I2T
z;|q!4Ka%=C-c-iSJv6jx%uOKHe2(xG?M+V!0F^-87OoAvIkTtKBcO$>;)oO<-<815
zU3@z&+j9$?!}Kk|mqqnh@;;QMkTPQ&PQaNm%}&p(bXHwuuP<M%TiHL7+j;Dqz-nz0
zMRqV9WM{WcmHkk;JS8$Te7x2Wz)5>Sn)S!9%57TE&z1{L)tW0ybNo)@Vg5zVxmQsk
z8S5Bn+O2MBJH|7t><0G!HrQ`r?Hg2mWkf#1;S<Ug!Wq+<8!$i4a=AXf&>c>V6Zy~S
z$9I#W(aP3S_>ZftZ5E_lBTdkz+S8?(9B(kLv-^6o<GBd4$D3>kqrE3<mFwq8x>1SA
zB^7p)mi+#Z{rr80H-h8u?$Z^dDa3eDsK0Q()^Z-q?uo|~+oT%gd>z9Z=Jr04*2PQn
z^~vwDfKr;5<j?dp6brF-{_}JzT2j$|&3v-ZQ|NAy&`qs0?YAn)=`>r-GKBx@&k|Qm
z?%m~mE0-5D{?<0e?rw7~ORvbycx&}mVJ0=|T|pi2cO&NjcCAxF@|KBSv1c+CD%T3@
zcNcG0{GRMGIp;U<Sw4gk@s52JP~X8#c$7v3|29<&>)psn{@Z{bujhl!PyGv<pJ3~<
zpUakHg??o;OEGK5J#@~n^FAoDbu^Sf^{ApLEJS}meBrDA)@|UrO_}TBaD!jb*X@!7
z8x4ug+NJ{iUqFsH_sm)a{`IV!%Bh1gm+b4?oDs9d45$_a=t=G&CaY4PP1JUd&Y#+w
z@Kg^K#gm*hX-OFc;BoG<iD`0KeNt*tT64N>Du~i(_vPt=SOZ9DZ)=;8@nV3pA|B>6
zlNdLycKNk!)YS8VW*N^UGO_NB*^CCIN1XHcI2gzg^Rn5pkJ*N%5qE=|`g#bK6#HCI
z9-HLx5tx-J8?8@S&^Ke+&Zyj&r47;SvfG+1qdXkQ@#~ruCv#KXP|PkzEY(aNP(57=
zU3G5J3WK*9Q>gzk4z+k$|JCGgD~}L*Dycm{umRB5CE?u*8!#>2<`_|t-=~nZ?iZ~m
zhrYihdB?GnmIhwR`{oAnN$|oGpqb3#!(|)&{u=z3O2X94*5ydIC>;Q_y%$!NxMPa2
z_mL+cvA2UbpHkH2lV_wJSp|Z|)`awc$%$v|`fMU!4tc7<j30<8_?l@dKqM1Rb?>A-
z<|B`55BEDz#igxV?~AWFy&kgJx^GKpx!SpFPKB!`<J>r133qnSZ>~eq<jh~@;l)AW
zyU?eBy;_wJUdJj`7RP9_9%os1DAFe;A}42iX9G=xcw340XBB=+tEA6{s9);o_K%q4
z5t8B0j7A2HDR8;}Fk`r*g`J-Xy{Aj4J)4^YG)QOYce>B-zOlUu!QAJPR<5yI23LtH
zKK)kaI%F4QSM3hy5aaaJ!m>(qw1HZB2?1ngKY%T`&`|YlqsLu)iEBD+x8#KTsLUI=
zc{Ms-WK@8yPotGBO`~miHbHpFs|lPO{%ovrB*aZJw!qmj&Y<f{38ty3m9a94bq8;0
zAnv$x%Koo*K4GJkR|mX0KSa)ssG|(3(8YFC>d#`@;09EtBXPlJuUk`wl*krP)`Dn+
z-zmTTv54GB_Gf0d#wx^;iu-exX|Tma_N$w>6zz)|$8Ol#p9H;@bjyWZhFvx5{UZor
z${5@Iub?ES3^RGSBA{Ae!C%TfyJq!@XK#5*HJ5Y#3Kyx6r!5`vKXu4WIJe$M2#um~
z8bSp($>&jt^i~}julR^u_zc8mOuU?ttLWE0b*S+kA&*CA;6EwX1^c;GQ9r^I18!g=
zWtQY28{F&YeF0Nokld}U_shQ+@xv}xTc#NWc+4G*)5?Io28Gp)TLW`u*i8J$^1{mP
z3Pl26SMv5#*th>Gc1CWh8Zs$J*l1%L<)BmIkCh`eKz|TAc+W+p3^<p(Bv0Fz_Krqp
zy3E4K*iem`y8oVRzfToaf-jagW^@(LH49oJo#uZ&(|<Ha#zvpRDEhL)x=5OOzqw^i
z-AxA@hF`H%KLri*xjo*m2Vbg#n>vG2u#b6<i^w=5bB|^SV$6*Mhd#Cf+y0&qe+ygs
zeP2?~YkfcM#^%BXd&nV1q`XRik7YfXI;*&H&kvpw8$E?f?4^KH>jV9~z4%Tf0qYvh
z@vY^cDJ#sTD@ahKfUP1NhOHu|3)jf4O4^sEj&Jqb+%UnP!K|ci%#gc*&<ZBEKRIbW
z14i9CPYICSQp6dgzHD*Bye~g=yB6&qs~>P^1zLURc31hWH?=R>Z2RivS)k8XZ+A+H
z3EbMSjY!Mad`xy?<z6kZve5*!^V_@;#j|+}<{FZ{8@D#Jt*d|bbC3T~ELe%C?v7kh
zM(0$t5br&@3`bkHBB9$?5kpkbKMXuQ{ub}ha9Inh90DaNwNH+suj=!evFTF6&S$Km
z4#|{aswFd91X+*&`9hc879bO~>#br*fSe(uRPCX3KyI*EMhaor%iq;YViy|Uu}Ss$
zH{u6U+Ohp$sLWweWs&Ik8i@j+dt*8iN-(q|#NjYOVsQsv2}kC;39B%5d%t3b?#`K5
zC*r3eDczGIx3qXOwwWiIdKaH`unB6A=*(2-or&J3Ld1G>uRQPr)ok{KR!E^$+SI5q
z7r=Nn@hiWPGP^xQAViw{F{EPYDW0%HLtBClX2OJJ7lv3FY3;gMVK4?9!%zj@7~}<^
zmax?4C!{45@?CTKo<js;MFyr7{oi<*+z)5|X@ubMlUO{|9rTGDJKy~7jQlDUS2Xlo
zx~zWuaCCFgaO4Py+k3$&KpFA5K&xH*uumr$f>%EM^8L%PjYaYtD;6?76+IcaFc9j4
zTAZJbK82}07d^>A3q`W%**>A;$;$VP@?&^gHmnFX15G<hMO#SxN0comym#N3b2;})
zD8M+!(M8p-7)S~+GO)OKGqec=orhzR*!d%;*750vIEf`C+#d=gan{V%#0PWJHND)<
zia~v)WBCZlx=-YjT`DA+7?@I;IH-v5GG&}Y-FNDkhj}+byzL*E_C);Ctl5In;f;JE
zz8k*V8Kl<8sEG51hF1_Wq_imdVpA26Jym-zd88hoH*<WC)Ee<)F2|U(C^z#+k3qRn
zi_y|e#s22RT|t~0Ewd>v**+2RfryLBPyOv(D)(xk+j@l2zClp0vp6$xPckAlV?2lZ
zG|nnpOBzPvn_^Z|ANtybaNgcw8<f1bSNo0rmWrWIWgiB{{Mi-vK8W?4oNiK>$aODN
z=6F0t&zV=|WeG-3i|AWrtIwwA8WR`ndY<8S?rty5eATeQYlUGWNatR+Xy*SmQkqDQ
zqq+2qh&hahDU%KJ=x5^|)v|l7BgSIUjXC_o=62pBYVBc%QACEsb`ifym0!%wUu{xJ
zeki%&4uCdL$S^4^EhVRSfQGea-|gl&yrje+YsX=Up_+(<A*=!NlO>xGhCnDR86m9k
zw<<4)IPcmkvoU8N1*5UzE3GFAVtN*@D5QUl5YEs$wG8IDcnN6bK{b2ODH57g0#6@O
zea;jGL-Tr5?|vp7W#4_>UzIJ+i1(dQ{fXNFzc=fcV?MSehi6-=;|zJ;_nWL+R>nEE
zSAVu@TJTb=w4;QMA+{wQisbxnpHesO`mXK}gv}a4BOxl$RZ3dDxB=8aa2OnH={wSZ
zdTZ6u%Ard^>r3ep`T2yobL40=BNcX~-qnJXPH3i~_|?rW>2vuyyRqH4;K<r7{j96|
z{cf%^13vEH{H~dD9cEOx9SfCakeDdPSF}wtWsz)!XpFoJkETa|Db4X=$39*Zrc6_V
zjVALmIP5VsoTzu|DfB!+zekVy%WJ(bFp;*;<;7n4lN67SPR<P`w32E;-^N8a93_7Y
zmq~6CRt$bp;%vf<3Af_`ttKwYfrqx~rYy3lAV<;Fff{M62<jGWiWFC53TXzU@7Zja
z{Gr>1>(6~Bb!ZX~53Rg67ewli0ufkT?(qginLEEY<!fn~yrJ5wG_g!`LFw}677fri
z5xwD;hRGquOA%5CS>t0vI;yV5A~Q4$v`ua0AC3wroucq@!9HfCo%Hish`%3E$C<~%
zBllfW#dMFlZj^|C5&vk^^3+zYONvOv*pPOo{}n(&gAypQ;H>{;t|hZ-=LXQlWa9jU
z+*rz#V%<gr`I6mz@NguIosSFEjn(`qARJxz8w!%3XemJvTu2rXPCz&u9Mz5JCv=UW
zYiZ4bpVRZO@H>07);mxDA92J&Y9zsb0$sriN2Q4<IEpBcM?H#JY{Yv=6*r^Fh!#Gi
z^EEUFq|7yUr{uxYNsk?)EOR_25tmtroZFifgLVhQ>1K=wXqyzubqGP>c3-Hv6pBIx
zvbh`r4jbx5sI6F?(c*?34)>=%GQIpnAJfJO`bVv!C+Jt`L8%yi1KO!9sp*Z!ReulJ
zaWKF{{5V;uakzXtyQMJ>*64>!5To&+kNRac=ZhS^#S9EjAtRF!8PT?TOG<RO9T%0R
zD2T<lXq!&TA`=R@5}nt}ng#3gOeps#!|4MtMtBFwzwGd~oxZ%|rTa>5Zq6^KnHDe+
zJf%OA%$IJslpw|3XLPRKThQfQeeqrQe!Y1f+%zIHJXEVE8>&7UQ<shsmEn)Y=u(_C
zRHy1PC^kc*LEEfS{?V<70xs<=06k4_2O#HV{pljwSu^0=xGnnlLJREYpb7fVEmgp~
z(=RrorD3H9i|ZGO+~2w2vO}<38~>gIo9?Ohc5mkLM+Ujj6l%x`Wt52-+;~mpxN@-b
zkrm6^g3ywYhxNoMWxRBwn2sS~oP&ooA>($j8eOJ+dN#z`^QduTR)o`4n2t%leJbb*
zE2QwBEbrs-fMBC=51QZ-5PAXh(iK-Q7=3z>(X(nk-6(BoUN1JKWa=Q>s$)L+j<NI0
znH~v*8qVd|FI{S{`IdKc1E!5++$lo`y+$DDFc7OGDg_~?*tXH^HwdvMTEEU~Exo<`
zj3G1rKk7%j?gwGt+OLC{zmoq0juEpp;?jG~8Vg;&!^i?d9^%~MZz5vfM?JA*Z~ow`
zAQUppR>>M1w=4V2t9s9f|7L+@8u0WUIm4rL^pq77+aK^^RAoJJh;8&jQ=Nr|VQPr?
z8~HmX;N;tff^}$SdSyxKdop7O;#G#9itPw6%*os8Xz#2BEO(dOYnEB)f)P1V-X359
znvrTjh{c@Twy;+fO?FDRlm3WLk~}E9Bui)NNUR%=LY@KYx3=oFUkI-ZDCa=Zvd5|4
zg0h<J{3_E<Y?6Ur;&uC5pR%Db%~ZRcD7Y3gr2OAeZ{b<>&UdL^L44AXN%Ba|>^<I~
z28nb;ahKNCw<B5siLKA&^k1DUsRmfFpnTWp#40$VwJ%f#(E8)3qlwjk0u@}}0uSfA
zkKDD4j@+poP3kX>bXs)bh}Ce!EB-ArgXhpYPoxG~1|ZdQV0;t=sz>Lafb=ewP|lfx
zLZ9v4hL)ojSF(TPcD?EcnaXO)GCYA8-_>#YtL~{jL~LWC_cPMS>8s;5cV1f>>MUs-
z%u<hy_~^E#s}c2Db3_~bLxxV?4-u8URUqMEN}-u&;SQW9)KI_jfr*z$;!|j*u0kNE
zcmGzt2nSRN34C35Jly*}yH~?GhcLFe3!8k|>xABaNYfTRmZK@3zG)QQ<XJkL$}5qS
z{3xdyf`5utu&;D3rBS>0t>w(A@Ufh)?^AKh%fqt<;T=IyRW!cA<1Wh;n|Ys`iS(5V
z*Hl_qI^0@ck3H3g|J)Mdy8{ISFIqG<dazBrt73*B-Z?=7^{Y0|PrNJ`ZhW&y^~gkh
z#dEByu9t#E<US4etIWvWbCjQ-Q$O$-6GRX)MhhEyp^^02OGIwRVv-Y7BM}%pp4O#0
zc!J&*7H6pKR<~t{*2X;F;UEcq*J7eO0>(D<&uJKb5<3sEn27_&n2aDM#}$uz`uY~(
z^;Br=Fp>Kb#oH2n<9;{`M(h54ca(7(e1|nR%DOnJtV<u<$AJ`ep)!Fv``CUcq8$xs
z0R)@jatk_S-+HWq0}Te@9<g$odjdKdiNp4Tv%Xv0JbAE17r*?LTEKpUjKI!NAZzp&
zf;1UV=-Mu*?V&)kzQ6#2MNDC~zfn%GCj-=xtp2sXnxzdvdYdDu&z>d<Rb4ZrgyH2@
ztDOrG6B#!KU_I_JUz<#f2+oo8kG$L4DwZ~MX%Kk>YY*yQ6I+jqSU}`?ntHDx7kZnF
zHD!K<_!PHfg$F%jj;lweSMI9Ew>4Qgc!2qR2!q)iWZew5giGdXwx0mTR{H~<13K2Y
zJ_R4To{bF88WDajpmG7l*v}plxlb@SZr_)U)4Q%>Z$tM4E&C_pVF7y=<G6^u%zd3c
z6mN!nm6h1L>=D!%p1X>?M0+K#%9L%mIs6haS#OXm{9Qe$UZH${9QMrBa2)SN@NZh7
zEatLfY$af!dQXP7hs-X?h60>zQjuMzea2Kb>y_k(1Yq&0yurs2d+k@3eG<}t;slun
z#}-4A{(41~mV%`}MRtIB#QkDV!(4O&z38#@bz(1OPT+RJn``&ujk#-G8{Q6HnWu=@
z5Z<IFZZ6_|>xeDM@5QvpP<dET@3k1?QJw7<Q13Oxz}!_-S0q~A&^R#N!o3JkF*$IC
z0N&K~fXeF}6nA}{$`u}B?&s&Od&HFS7yzK%v&OO;Kx^voqu%&08nA=lGLEL|;K2;}
zsY0MP#U)6^3~#CB96<!RpzCfvaG>qb<FP>G;0v=rpHg6ctIxU_(c#yw{vi(zwI7oz
z+WLX&9}WQph#w(>uDQ&M1wWPV%P}@N_nO>i`Jk2vHv<=ZZ`^X%S<ia;;zKR7v^OL?
zJhE{WdRXeRhQGi@nx=hZUS3}Qx>E)E9|7HeQv@qEueHCEVsJ2nZGOFK>^P)^#R_xy
z^cgYFqw2M3`9;f{p6Q|eHDnEr7#aD}_u2M%HEJ=YVjiO>Dm%Eu0(MM%AZCI(m<#tP
z^#iLhu{3-as5={5L-^Cr@;6W2Z$N(h9ek+rg$o&(?}(|+;p$(4uubY`8(1d{-UQ4=
z-&?bvyH6kbr8MnLz`FQf=``aaMIK-!sekfboAs6oI|oqr#wk3K8LXMBTFhjtab*5z
zXj>m@b&h@GNrYv{tsESSot2xm$qvc-@SU9Y=2Om%7jm3$F?O*w37Rv2@$|~LKn&j$
zn~}VS04ZSVCoy~niDp5Vxo&`aHZD_~7!ot~<8r`BRbW;f$@{q=ZQbA)k<xO4&V|4i
zgH}>32j|BlL+0nKRoI$UVyK(Lgp!MD5#7L_{vKnOnC6cK+VO%4uo^@1(H=Nl17Cf9
zTJgFvF#~@;>mLQn(fVibe=_<CMY4FIBm?<*hz01E@BWEVi8YHB3ONl1L2~Oq88Q0m
zGtQza^b;f_1%j%%mb%`ZeAO)%q)Wf~$FhnBTnE*t2cg_j5f&dKc)rYTjy2s^V;s4z
z997IcQd#EJ@3Ue#S#Z@P1mZYzu>`Q<kSuz<e#<Gg?qO2mDi$uJ&SyE!3{f@;CC_Tv
z1&N0<E^;r6ODBt4r(44E$PBJo#AtVh-(}M8{|1z~3r$@8NNm|10sBE7>wH$gW8l6m
zU1z_JI&g3D#qw8a(g4A3c;wY0&vKdjX2qc$YFkx8E@<uRAXXgGMUOMEY;UZbhO}xc
zwRDH12;y5Zs30=&&kVU{ps7mk2zw9OSb|x72nCUXT9bHe5MNSz-h+8?T^T54KgdjB
z2qOJ>V4a5GlGxjTt~YumIsm~_{@By+tXu2Y+CxzO5kcCc_aDTi-^8>+99y2)GK#rw
zU%v;s>vd#QrxdZsVtBwvDZ5N5juU9|dzw48h$6at{4$3lDNkPnS(egAow9G249`6Z
zpiG-koeR-{3}UtaFIeReRkZ(=+F%p_4mY1=$kX;LL`57+SOg9CbBe_Co(RdXA-;KV
z+(R_j{7x(FM*5=LO-S`L@dEd8xgw6Rmq}o{PV3+!MHZ;%yw!j;Ytg-%IKcUdm^Y!-
z6>ojmTi3gCl&OG+z{Wo(mH6<G)CGt(y#RfMaFaPBr(`0<UKjLY&>)~7`>rG_0e35g
zq$Phv65Xh}t(dXz@^6f&O?tx01XABSE~NQ$Ii?%ywh;bmM^okp7g?CJuk19&EaK@%
ztp*=+CF_0oT6moxR1p+vLoV%j!f=~W7t4<}tgu7nv&!})AkaxQFT>qO2k~?Vt{3q}
zzJ!{^p!j)182>wvYxw4VizQ2qQFrhH?|^W|LsU?!TTYZGpI|TlQxCtzjxyLI-fp9@
zpU}(e_Yz%1EO>18g^21AgBVELDm4Ru^6|cB;O};|t6GzjfgL^ZC=KTow&N6pg)dF=
z@F`v2ApR_&ml>vJ=<CvXCrPOR0xF&+G9<xL1EO+M-@_FEA>`S*`JB`%h!$>~VIf&)
z1Np2$QDN3?)Q?mUjFTOycjf+%DW|Y?d}oD>qmB5t7a5(ouvB9`2c5bj#-KKBt{y77
zcne-%lepogmPP(C@+MimkrCzHk4(x3d{{dOP~nT4iZZAu9(QVa<4Yp|N}|aOJFsSm
zXv2RUD+s(_rgb9>#}FA#5m>?`8@sq5P%YP7p>sm$3!T*F8e}Cw*?1qdFs~yeJzi?V
zf{JG+a@t9E`9|{KFT;c~o{T@tw?7rMB6Q_xj#J<}f2$469f^LVzogF&!6+Ns(Zv}$
zI(4@pyllZTI&n-=bItkTv&xsrPhms|6}5PwD077}GCXq-;Mo7YAXvn+2*QexBkEtJ
zJLo}a8Bf|MPWq0zpa}*tW5Qzs8PGK>6pH7=t>drNP%)5{u95;b*E-M!xI8j>3rWG#
zqRFE<?M=v!QcAj|8v1D=3wrhypGA|Bn?lMKjkm-%y^O^5RU{VslaVp35TmRZL(Klt
zM-h{W&@A3qa2H5m*?TU3;G>68err-05JP|IqgmBYhd^fm(z%v%7-fI)3jza~aErx8
z|FAzi?CKISOA%p`*yLoVDm_LR_vVc$wNSg%(5&^bpQphB`G`qP%@5#BEQIR%89E-q
zg`?g@VAm4aqHbO&3KX&0r`EZT8=6;v#-H4K@gnuOKOHvZ(4s7=_H^-mcy7@q-O6cf
z!nCNfFPhYaW_9t;*6uYBPV@W79bLqU*c*>sJbsom^2NjqS<BB6E#%{SW!KOwo|Rc;
z(8qn~lrfd2dg8>=QVXt}(WgeK>pu}?F>}d*Fse*HP~CLlT6-$*RM^9$*Lp3Po<TLQ
zjNWG3*V(P%d?ygX@R7m+Y~b)N5};y{%h~RvWtrdZeKH?|Za=_q_}fc-`p;&`g*p=q
zxYd-1MVMgWeKYLBlIck?^Acn$_?b*}P}0g*j4A?ET<@Fe*g$<;5q5EIr#lX>IHwcq
z;0xK?NVcsnnk>^DbQlrncT4rD3N%xPUha4is(hZ2O{QIcK1gA9We$<pBpj;_mZ9S?
zV%p>VAoFcw=4$7sJe2)34yFC=;t!jnr@K?{GF!jslOrsyf0E$|9z@n!O^N5n&vSm5
z_f|QkCoo@s>j0G)13fP3_O64|k(6A~3g@AN6*0v3|IRPwJ_$OU->^8)UU)3Z4FzyP
zoF2m39c>-pygPHn%fkC7zYcKF^i_`(otBJ_DyXbN+0F~;RDLMT)5=E|;tZ8h*F5ao
z49;=^Z-4PEb^wJ;X8DhDTP(?257_Nw`@~IKB2bzPV!G>ef+iHoO<N|IcBHwb+?z{n
z#?HHMGBx;qu|8fs1PZPRY&hV)ba^@MgzY1si~5ht1o_<xKrdk1X}{Zx!nSrEzk#*r
z$+-|C7cf+PdF<b!$n81H?8mW8yaZ;Uy*w*S^wNDwdE?%cQ^Lp_YEu%hUAU^iOwlOk
zp<yys(xHs@|ArmKvl(78G<X~H`+rv|&RF%@#!!LPPIor`GyQ97`^z~k8(FD3%1%fO
zWlYK4GtNL)Q_oT)a#2%J)d`8F-r1<qBaTs3->>oV(o0b0XETyi=)1g?DPuj`iG4~%
zX%%b9&51(*ZfKXX8Z2nE2svba)e(<ZU^Q!hpR9k!99PAU!}(FrLoN<|(|*jg811~^
z;B3%1TEg!a>lcrO)LL{c5V1_q;Tx$e&^Z@%l%Jxu_10Qp=O;{VmR32AOFUu=ib$<+
zzI<23Lz?ZJnit|-43j95rxBaQ!BKHk&9+cJPQHT&$~wZal@rUQ_>7KTN7(cc^D~?`
zUfu3ME|A-?ef&?hi8BwX&Brv^q7WE{$tk=nr^p8&0}8zY3Z^m~Lm~-r$Z-5aZx&i8
z!Q4umJGbxf*NL7^i`|rnUwi#h10gNOs05-cUUEV*fc)q?h*0@+akMh+il#%b5Pi_=
z47FJ8yhmWS&_Kn16k>QJq%tEiapO-;<Me}LL!lfd-vw{9g&J5AXdcf?%r%3?JcwwX
zRjoQGCoItXGB~B5y!B2?ah<uiP}PKW9_{b<bkzcEX(#c;b~8EU=Yt~IW*HWcvCh^n
z{99+QzM6xT?XIkXH<j#6I-Q}_#~SRYY!SWBU;nQFwpe51IW_Rg5~;J&JsKNrEtpw6
zJgPv36g7>&IC^7c)Qv<0Zgj^7lzjk1URnOX?1RkNh2<E{vz00tYFwxcndbP25fK7l
zkYzy3`Jz<0{i5lo>YHKto6>1M<+A5Q2+C^8w4)1unTu<IE`i%GwLzj(wxh~|)ab=}
z2V0xx>V%NY&B(srHK3iLjUDtRVE?Z)S8O{WEl|k@Nw5(f&zi`y*1&zEIFha_HcTdJ
z(HdYKFj@d7wC>ORwQ%KMkm3MucW)$M#>AKf+FsU_Wzxe$3{_zuvcR6b1Tj6>m<~Cq
zYOR#fc+@by<H%9V`KhFZ(kWLgh6>;cV?2$$5KGPw9H$en#>A?x7x^oD{%@J92~G4b
zPL8>~PwHvokQuhxgLwl8d)7Q5`SoAbLTvV)rf!7W{jeNh`<MQ0V*zh&Z=`F<#Fz#p
zY+wQF+gxNMsq`cYmh@`W)6)*Pro@8)+lzXg>Dv+bO|{}(*Q2@`cVbr~=^gTJ_R?|O
zm8Fhbmm-$8+S<YM9Dj)i?|fg2*R#U$Z1c{g=`na}hfY+5Y08l_IEN`CScvZE->#bj
z4zT?VFrYA)oh}8Nki?BybZTe)sM~-wS>y4p;waD?SwpTHoa5cE|J(}O!C4FTTO&+P
zgy?g+887o>7==-elIwS($*_WCPvM%EYnwZr=c4lUJAQKtl~gtRMtAkn&AaU=Ro>au
zl0{2BvsWLvTYB!imD@jGg9mxHU%LidG2?_Q_ms$KWo>Zcj!7sQ;YG%faOcC6*)UMl
z<n1Y;w$r*yY>qt4QI2Xp{o%8L72kP3HK{W^qWuw}9TQS^lrV`ito_9?37g9wIz)}d
z5O)1i<3Be~3OM)`jym1=y>Ez{c;-Ma9#q2YlGTyclyRNL*p^j>;3sA1lxA{DcuVcx
zi>Ge=66WSOb@ebmb)%kT(ebtyZ>1?LI4S9TL6YezoeV;zHE{pPZOZ5u@_)tX76>@(
z(7-5csSZ?MV(tEM9CQ=xK_0p{dQaQs9kwx}uvfIcl~qdaoNwssgMdG+n=TKuC9Bqw
zK27H%Cq1YH@T%rzKkIUgTzRXj+h2&lg@`mH$RcRY3!k!=>lG#Z^6XN;#s(wRKcm49
zw=Rqa5Z$eOfIqdj!Ldl)E`YYt)ReXU_6K`~!}k-r4ID*m##mU}BXx5Nsg41;)Vz^&
zfJg+ZElpoB-q^C`Xdo-6Cu<DM-f!&$L?7gjH;X9{!{NzWw*z-UYh1Pl;%&4iunwo4
zb$iULV;K)8F(%X5+l`C`aaW5R^&_U=Yex3#5A8EG&_NyO!vKsvXv9mazR$>GonG@d
z@iZt3oV8=7_@>j@1)MgT8wL5ZGl21rZ0Yi3q|K{k1ThU^_@y3l+_vW;uhy+4R!Wx`
zQ|Io6oSE{!kWS;%{>&)qE|GI?`g`1bKTWFz8rB0eUSE%~_j7^m?N$xzN4ytjAM3}p
zBL{BdPMU4^qRHm|Z*SGi^S!2Ya_(2~LusI{+_FDHs!19n0Zdy2!trlc(s9Ebt&ynQ
z(yRTHwngUAY3RSr%~_pIYyvO$;x(qk##TBTrw0JiZjV9x>(Sg#3Hfl=GYPoMH&6bu
z>ArytXUU)%&=4G%C(Qg4;ziN*NL*Qa;eN;OGT%+hLdMmBUVErJwH$*l1X8GbVu1bt
zj!P_ze0`fF6N6NA!(f^sZ=hFj>fUd2|Fk4kCDT5(0aHFeg4IqWF0dpLSpB204NIDZ
z)Rd-|TZ@h^z0F+u<EowX5ml;PXgM3MDq1CyA-%0Ll2aY*elNXkB?i4pv?vE@>A7~`
zF5UV5-YEH1>`6R6ag;X+Z1`FJLoTJ&ftgLD`N_=PMRCm4uvfSq`k33^MdawSa_}M#
zmHJn7#^LyxZPC3kL#w0hXQmmJep$qoy1G;@rS?wxtHBRO#D%XLEk-*tg>II-O1?y^
zR!;NhuxzvR#|^H}e>R8JQWhNQl@DrOh5Ic%Zxzj#JakucHH;73{;vAmt6|JHMs)?R
z3OEmHi8QK8zar50ha>6}-eerVa;N)A<H*a+Khv*a{ErcPwt*^p@mPamW9yynLjw=e
ziJH9}r}IWi4zE)r%$Kjl-n61z3eXbi7UUu}p2$82_ZH)07ri<!lOGtJc-Z?`TwJz3
zFyfnrK0pauq3`q1tfnN|z|~IgM?NVGwe(1f(s;2uoDSl60SW(qd~jjIG~|<X`^w1;
zYf46JO1^2{=01%ouN!|lNGVm@S477*e6X-N)-Zb8ulc1x$iBgHF!<iGVHJPj2=BE@
zUK2<n<{Vkv`uukj41YJ#_r8gdn4c-*J6bGzHiH2qHyWvEK<Kt}=zI*43QG+8Cl28c
ztfThR5bU(&1!Ixc3_Z_+AF9c$v(HJ)KTAeh@SeB<E`{VKE=U-gjuq)_k+oP2W+|uA
zTSy2jGY1ym7HpuFBes51-tTQZe*#Pw)o!!Y?v^Gy!FZlEugS>r$)V-KM9SSy%KX1=
zb#2Rl&L;c;N{Qx*chli)sPXKPCe#E^`llj;d|Q*hks?e+YgKU!bMLol9Cli}=_!jN
znR^(e5&WJn*j$_BalJ)zkmS!IHJI+gGe6GPFNw6DW!o~_PkLKFxX-?*<L$g{_F&dw
z%qCvl$SDiGbr(l-ySZ}D`mc9kw`$rVCtCEzFyX01PRV@CZ>kx01@ekT)zVYpkK+GN
zhYESd@R`Y$6Ugts6AgH=$8cQzpkKcbJ**L-OVmhx0*0(apdxc>_C0+6Cou(Hf&6>O
zTQMKgFXJhUl#l(De29V~TL^j2-Kgdl)#FslE6d~rE><Bg2VL96vu5#RJWG&&Pu_;{
zrJ@E$@Aakh$vFX0O=RlB<m|fKXn0US@1ZNg?MdSaxKBm~WoV7mtc<q+bh380fei2Z
zv4qNNX4e%U2(0o)O?Q|Z9`KN6d-EFFwoKnrcC-jbK6#xw1RN*C$cvqyufVtQt#EQ$
z87}1hsjr+<CJhO1PYj&=LH~d9>QM8wKWWfHCTVbqO+$TE7bo1WkY<cX-FBaE+g!Km
z8yq|3PnM63r(C}5(bn;3|D?sp`cqqgfeJUQ+#KaB`})sOe*F0mG;V=0LM*_oRg6OP
zfVuSQ7cR`g5IfDFQew(b)g8|}u=b-{2hH*-d|sHR>pl&G8Mg^`dxrOeumPf?Zvd<O
zHhw%1%CGYLK;0wyN$8q780)E8!xI`ogQl>Fz)eom!D;aC{K;GcQPDq8w{hAzD2WuU
z#im*C((Dwp#G<A(5%N|V<QzV*KHpcIjdy>oQA6KQt|n}l<cktV?VXrh!JJ+&k3{W-
z08*fT5@AFkb!SB7+%`sP91Q<4xa%;uMUr|!v|CG53p)cY_eEINaiy+9R=Tv9ISN~(
zT3;P}#D6-4NbE*_8{8@%eA<nO^Doz@Q_LPS)`xu_d~T4lIdxqx{fkNn?N(-!<Q&R}
zx6)1pD~gXve>r;p*!|I+o>TC1ai3!hE;l&zGz1p(deVXZU*P)E4{rc22ZsnJgh_%e
zox@;S+k>p}={Ni^lZt(_j1HaNHb8HwkV6jc|F@@J>>pM7>MFzjN?wX%j3qZ6lzeee
zVr#J(lyWTIEWK%!rnMKXOCO>d?Hv|kxy>^NbBhiB2hK8m#h}$bBEngyA7bbphWicv
z`HEoD2ONCBX4)K-JlRzU%SZZPXMy>Czo!FMvVx(zk93fLgYgd03gxh4J7G=?m%-N~
zMmgr`Fq@fj=AT}R(_p|szR~P*^P0%FLD<t;Z1QA<z~f~GY+1VhsoOrg937&agN8ut
z@FfT0E{^LWO{5}vLQwzI)SWutaE?IU0}Zlu(POi{Rr)$d;|JFNA;QQxOd}1ZDzW4L
z$J95+M;bI+$F^;IW81dvWMkXe*xDo$+qQROZ*1G%c)xkyd%xZL@60p5c}{g#b@k~w
z)jRLGs^@o%tAMr5+)*<86@Q@0hK0BWzjI9;dK686(XA=rp_faMiyV5EEl!GUdiM5z
zhMa904B(7~63d2k3j2fA)cN~?3tkzdT=;|z>ahw|OtE~20JC)v+w}hlLi<qr3|@-E
zxQDS>!#^tx3xUJE47?BeW8UjK^3N~x4IVwmJ>V9Lo&^iq>vQ!}J1aV$ExLpVRn3{8
zdntA<zR;<ur9VT<Q64RV=4VC=euMN|L*en};+x^YgK&d0_TyTE4hT=||G+lMWW6dy
z13}xil9?ty!t&;H?GbM`w1ox%1piwwph55uns<0`ty9_HKxiZ}Kta$utiZdjp@TpV
z*v=sYn`Vv8-u3f53Dj4pg{CEnzQtX&#8DL%gaUJ?1~y{qLfjPlBXsd*29$tP%mV$4
zpB_G_@ag7;V|Vq^5|b$|R2MukV1USfe`s~Y6=^--iuQ}fO5l-eD><(2C0I-qbVqkW
z#w_oBANnS~7xPi%cXqbWMN_Uda?__IKX>5G{%gJ~_JCtM+KZvF;~6N^BYGqEQ8x6x
z{vw`r;}VxB#$wvMb?drgUmaXW><*p3s)8e<W{z8hEqTG*v+o_!wt)tk$I{o<HG(kN
zV%>$tn_;D6r?zb($Lj^_X#wUsN5FL9k)8Si2<SOJe#;ZNcf^hT(68c7j|}_SEb&UV
zc>DbDl(V(c5r3+H{`&<jG_`>ceG0T@{e+jMl|z#q$>6VAvC!NVNPnXmr*$}@s=+g$
zn0H)<*;*woB4{ZLw3{5iZ=K+21A?C0L&X8ax;eJaNe~kadI8Q1-sd*1(xOpdMu$Eb
z@iYke>IW*l`*``Xs3!LpZ8jv$^4-FEwD{6LEnRj4vfNRhRs?#+L*E(d=Qvl5hp;z}
zA@5!4jDsT&=|<y3)8F`K#Bp!rSKPTt761HmZE$+TSEFaZgV4B+P_?p#Y()Qfs%+&!
zP5w=ob;6*iQJ?{D#|rTQLsD>beU;59yjm>?Mpi=QKHfCD61XsnF@qcn!4w*TbGk8i
z6eZ3c!vKmE>^BIxdU-e@MiG1b5!8#Yc7`c~jBsayqud>n?~on{{W>B40xV1Z02)GG
z3Z*p9`3Okm*%=DLcUA5*JHN?FzdlvUn98jWlyNnKjDZTG%Fy<RMK~?^WP(;sx`qn3
z5U^+W>uVmD7UC07WRGig&-MLIC)O7m12$2n^j?P?QL;tNjM(zQ_^J@pO^7=UPmXyS
z(t>4KD*tpaT8)50w`h$D(d1Ayj_ayQdFS!GosIGQ;ab*rX~Te-Eqm@P6x_YAQ71G~
z)<M`LQpHFFSW)xA7!p`ZSah;)limUSUMLX^`wpsDI=H25zBy4S)Z&GIcLE~SP^7GW
zilP*U)x-_uuXSQ5Uu9vnDsPtsm=Dj5>R4afoW{PcRx;dM!jBkBgJ#g&n)QUQDGyb?
zT1wF+FIs15ZK7c&<`Vg&$7Fo`L~7MhA3lGAv3(A?w%`Trt)=j8U)K~RTaEdRra5Rt
zV7>NdPyf%vpJ(DuDW}KnzJSlWZ6h)iw%$=Y?yN*0j7cC2wn5lTQpHgqjMB&-q7<gX
z@2pcKs2&4zG`HFqw+zRI7^xNhDcr!P{tXUEsmLgBa1v#B&LeONZ*BHL0>&KgHYi#)
z9G5-XafQAEZ%$s?iXpUsLAKR0-;X@&Z+fik{OS<r_Y1$(*I@UEMl5QoU~8+z3~30$
zzAN}+-J=qn@X4uVN)ExM=hc$4bX%X#YHX?HKIXUP-i%E0=4J-d?{`CC83C9m^}Ek^
zhpN{2wrLwH9Y+S@E6udkmMt-2md>lnYlZV(?z#o&^^Y@Rch3;9Ei8zO;W9P^DOXJ~
zKog$gUiCL_D~>^6FW3Pcg-!P3rb)Ao^9}|WwE;A)QSGxg3Ebh}QCEuGA3Rn6(Dv63
z=pg2$G|BRuL-Q5hrVKc|8*e4WK?f0LhNHq|O2e#d$))mKBxoF8j3Isf*)6)7;9%3&
zS*E|;=uRlB!`r(MR9cX*xtzVgdzIWK|JlQ&pbD^U;O<&fq)ZJ_XQj_SveS~#Kn7pR
z6Y?tAW0P)!Q(nLg2Zb$(#%wX$xjp-`?FyS&b=jaw`4jaWPY;EgU}_Z6S<-<!DhYot
zb_2!g;2Q)vHW@o^9;E!R6)L=W&@gvI-x$i2LI=&<MgTk3UabD#B#!rF(fHuo%-CoN
z;IRn%*Yns3M*z$9=rH(f%neA#9O+m2;VKP58lvnSW$LW;ahj8lW#+nrKsk5p-FYF2
zQqt?iyGyH;X0Qj^<~lgr{0dPky~xxBD$SgG^ep%lkkCM2*{x!5wg_(nt;c#AP_F^S
zznT^nfw$2ge6ghxHl#0E?`J?uuzoct$y>n_JM76s_;YB?kyM#8zq^@mT(T)y43I{k
zXi6EuP0ur^Ge$Zfixi`i=-V-)Dj}Qt1y{~oepnwjxr3D~G-wjZf}0-qZyZHR<<K76
zb!|+hwfaz&Ov4MHON}F*<ZHa0MGyQj6@>n$r~Cj85&cSy@V!FS@v>E;1?)TD9Po<R
z!g&yiXFs~fXs42&bo;*>ry6Yu-!gliM;^f9l&}QB${8V;QBv{rj(7+Za*&+Q+_<B7
z3HKIGQOXn}Al%m&V0Dr#Ayd7N7$)GS-x(0ZkD~0p6<{dlNdC><LRAsZ+@1joHo$Ny
ziyD^~tGW+;A8%);e0EtVbVjz}$5Xp(dpcNRVpM>>9IqVa8mGK=cxL!oHL3Y3gYvQD
z#+Y|@S;>1r%#=eID-)r$;)L=}G90=;Vh!feHNhDmPiBli!uj40yJA1TFBp^RYqB>q
zsQ{M%DM4BU(79+}iB}~pq;cmF<pw_TZ))EZiS#4or35JeqbxFA!qJmvNgw1hi8v1W
z@NK-^hKjL1FPz-PjYvFretjn3gy#6T$7yL@uSGU_`J#LE<}p;?o74m;%@6Y_m-FyU
z(@HcrO{HP4E!&>bV7&goDUp~SRLYDXqyBddmLg^>%Gok8gt>Y$$i1~T(lULke!su=
z1V^S@4^JKXa@?^;ppS#4k!{b`XSup3Vn<X5V&eBxzHZjFpRSc=0nnQP@2`(Bomv?+
z27Vu74pYee<>i08-NW;@o=sPGt&u#t<~gqv_MCur*!an_@gF+`8>Kxv^t&u02HRt@
zUcpWW8C%dGdi>|xzb0sLX0~-|FFHPOQk(X1POyE4*vMvy2gWbz9U_5vq^lgNSErq#
zx5V@E9NCYBa6XCWFw*k<KFQ@j)b%x6)><}9SukzhZeG^u8PjLVQSLSo%y$*LH<)op
z(QSP816u4+^bQ1iI}_g-ZWcLpXi&+XOoc`%T*B`H30%}Mb;g41El$uhpQD{>x&LOm
zgwM84L%>&xR-1m^jj?{u<}L?+B%)qcle~$y^8>5h{`7J^eJ6!>8?OId)$>eBT}e1x
zj?p<H)+#Vw(N|H|u(c)F#5Gf9>w!Q{-~F|Eg^V!s(V(|y27zHrdF&uXYuRUykp?c@
zS$UDG+0u;;<Zb<N53IG(HcNM(^}rM9l|lJi*d0?Y7|RD68<$FJO%n*m4U+Pd-)^BQ
zNCL^~v+n6H>tWw8wyh$W*xxW#-BR590%SPX!mdGt?ofJX%I1~EIyle>oGr#m6Ep1s
z>xRHbRsQa+NpwPQi3F(kfm_G~bMbu>Y0mIFMb32e=<R5%WdGH=-uuvJ_m&q<jHO7!
zGoDGpp$4?+GG@9Zp5R3B?6>_=Lpzb?r_k#d+1*LQy_ladqTiS>8<~|JKOG;(n@Tlv
zBAm~R;;DVh8|q@5;6@P`==L2QdwGcu5MKv~gGw~OwL?jlgzGF<pxRroI}&#@-CFm3
z{fY9c5ysIfvkan_UQZ`VfaRg@G^pqh)6va=f~o45?3Znd$iNeCXFZ}YIOyMdVDadw
zTqoTqd@y?F+A3QSubSu2Y6qTv;38F>?QCz`1mAOS-?b|g#QoEExS6;5Z>{$i+{*&h
z;(ji5PTV7^yn$t@gJHLZtush@Q7`X`3Wb*zzTKj4+)vfCH)4Kyk^U5~7f1PJjVls1
z0aGZ$8UmAnD&8JTLS_!(J+PPr8OjEaHMzr)=#nt7MPa9aC1HszB-tJd@;4Svf6XT)
zkIYq*6y`Y(L_~>;=z%Idff@BxDe?n<y%bh@ere9c=|%fgc<yZc9V%YO_*wmVB+AtF
zyQ*8$M?jJjR`{`pJJ9P;KaWDeJ>u;f{$qUbtR}V&-K0tN8f^`_CfHtPGp7$?Ev^ru
z2Q1n+(&(hURQ)fya2PFG@f3A9)LPX@r!-OVatzCcG9(2YKvsQ!xT;)0KdyOnkT`0G
zbRs2Bt*Y?90BMYvCi(!Ng9HZ15Y)H`(iIFFu*LR{jOX1Mx#JnGYm3>=3@_&%%49v2
zT6ZewQxruRIj2=nOukf9!>_B~e>(CEDj<SYgSLtF*m9OXl|jT?CNrX2E)`h)oQqUE
zk5rGty9z^?7QA<K+PU>oVPtLy6cFItcW2iXK-oPDwodjT`LPI&T1ylO^C*1eLkEu-
z%FdqHC74Qb01xF&Nm3IQ>F?_u4Wose|2LfjE%@d`;-mNo0!-(^B8PtpTSuD**;Wf%
zIWb6VYHP#WKvjnkO=ZmxdFa=MChbJY>iFmW_GuIwRHdhjGt-8yYkT1m2AIB?&F?Hb
zaGgWXs}@E|4mlKaFm#4|KX&%A7y&c@{#dgg3;p2v^NV6SFwFIn9B@yJ3JBza(}>1{
z;<43Egw3#!*<~9w1KtUD`90M2^Pi&`D~8?^3s4{D0UeD8=xE>B!cT-w4E<KeJ^zRW
zrivkn4wF<(oqc-MsZLy^%6)&nO1sQ?G|7@0;{M7n+@!3k93njMtiSckdI{Ju;;2Zb
z`US>nN(zF*u$Jg+=FceRi}$+DyX##OYQXZJ^^SI<!#DdDMr19QffqQ<^hJ9A6y}4B
zAtUGlE<=k27)Wd*K4y=%OQbv4sI#+s+k1C|kAgJ)KYqT?%gc93J*k(`m;_oA_3j$_
zxp;cD*IajGLC>H%?l{GZCL-S<84e}-gI-MHwJz(!@8AA`?AHw427>GZf<)E>f~@BV
zUr^$32$S__$Ll|WZd_6wqV(`1)9>c+WxGtx)oZcxf3o+ub!8H&>)hUyn_d0Mt9Xio
z=`SBpsXOtlvFq~4<HJ}Xv8cCOJs1s;=s>5DHM*g3JT!8+d??p1!-x-EP=WxZA#{fB
z4j;HtbJxW?uXJdBXQcyb|4gB)8d3sO>Pk3emYa2^*vcR;A$6ERg8Z@u6%K<3DU<;V
zg24t6hnO%DJBROITCTGn^(hct!)CQ(0xZ|%z(>tu-_&Oj>&w=S^f3W4m~GyB_y{}}
zukW0D0{mBqhtQKU+VOU(g*`~1PJ^`*r(Mz|Oa_9QO(BXs4u&}3|1N6oiERZsK<94)
zI=_@*;VsKS4w*U$em42G;6q6mM3s9|Rp{`WnLCS(_W~&igZB1kul5>g=8YaTDOk|E
z^Vts)5-<CasEjNHPeIf0&HBp#_byebg0i9WO&M%D>MxTP9pj7;2jeUVN1M)l>$ck8
z91IP4fR+0iwnLAvBIIRfV*YOnkogStw}VDqx-O76aMUSFTd0YIRmqW(RTOImts)-D
zvOl<6gBfa*t+R=K!`gaCa}JWMC!#eqQ5=Q@12#{@FC)XNDE_e_B${HBr~+lOA;8(J
z4IJo54hdqBtr((wvaA4sD-$y~9J}BB*)-xF>JWN-{HR-4gw%`=e51AOzGfxuR6{Du
zrEDmWvbS*0m{p-ib0Y1Ydm=b~thf5T*xi+B=kHECFI+2~^c@gM@eG^I46Qfr{yhmy
z*auH~(vTImu^G^~F;G$D;6DXg?>RY9{n>Q~XRjI&<x<2Eh8qymVM>0?7}=d0Ew*^8
zU!Q?Ru-Y-abo$udNa@G#K729ut0#d6Pq)Z5CQ;`wW#>!X`vLzqAzxF*;|jyRb%kT5
zvFcHl<sgD6LI3YU&sdbJAW|G%3^*|=H}gA9bnFqpLi!pgos$%QTE079J!y2~+cBOl
zT}|&!d`00wRGESHu@lzfGnwStYrkW+?|0xs)k}NY^XZQhkY&f%Rfk`7$i+$0@3Zrm
z<I-cVlvZ$oBexlp%Q)rL3~Y{L18=b}qYJ;k64E$q4*R)AHSr>;AY|5mV=O{Y!ho(a
zD2(@2Hdq^#ez*ne-%LZPDrkw!Q~N3coN3j^v%2y)1Hgp4>)O=y*=w>Ay+y1kb@3|0
zl+nn@G2_Ea(p}}}<m2^(B<Hs4Wh1Y6D7xCoI+8^w(P`8GoS8>}N>rl9F%hXps+UI7
z+T@Yp6usW2*jKf17@YC*$1|)^>+w~aW}fZSPFvR2a)D~dZLy0?`vjEQE6SUk6-qu_
z12~It6bX+Km3bbA_(hcfW^~W@H@HahONUf`%@d2(`w`o~Am;2mxt28S!lHfo6=|n$
z?Vg&&9OWGDNK+F{G=tOjzb3yz=!|?7+WWPZfU_Jhn9@xArS>Dz`BF;WS_pwL9@IV@
zvT4OaStv>blu`|GD89P=3H<N6i`2;3OnmEVD@0@UG5SidmH<ocCAAGNtucpHrvktn
zx8U-P8m#&-^Qs4@+4b?cO7>ydJ|Dn=QAH&@>UZ-hCz8QYoHQ`7H9QYu{`C7jaW}v0
z8TjX}%_#8Wt!&0ou>0-pI<Q;s{Uc#}%fClB-_|cP)T>#LbodeWmcm~&_8i?*KMw`{
z6+$f6tlz^Vc*b>D0+)qm+&sE<r2uZ3`rqOeT=`9qG(gcG47hkzMh+W=0q9%s&Z_3B
z)>9zmaR&KbJst)<n{7cj_YXF<Icg#3=GKy|oB7abJ?>&B%Aw<t6s-_*G;dx$+cjAk
zqnO&<Z7?7hhOrqUrQ|?O_2E#IlEDVsF-V3>K)#SdvP3Q8*jYD_$n$q-%fpqXC$%W{
zBVn~;{7YDnwAqV6Ze3+Tfrc{{VgKB3PiIzETYb5&m`fo1QYsBL>N^*TBR<bN^5ofT
zh*{|ZQqO#0{ADs_Y+zF{!~dxcsIeq$GbHzS+!#tzbnV*2b}vo(dTX$SBR$izF4l?M
zd_vCAE?AGFu$tgJ9>5>fNW7o=fm3!d0%5UTJY?yVIJ!fVR8o=6ssWj=IkG+gR(4VJ
zZ>5icvJeVT92W!{iy?AY2|R{&!T&DzAqespM!EF}A)g)Y<e^%6{n?z({nRCDI$efs
zhE=xXvQOTjI_6-lHSrv|IGXZE4X?!pu!)U3@VvD!ENPhA{J5=g#J3-L{W}w1sOYRY
z1Evs>!cc-U9q|34iTBmtamw~aFfjY3<)%m&8A1o^W3g?97ozkS8(Pg^6^Eq$rB9TI
zz~4kh8@WbL4vekyB?X4YLV1X1ijGp_@da+y{V7?y)$jf++cfMSt9dT_v;OkI2a<!i
zTU!=;Ot`7NjmuY$V!zEPQ-uAhm^XJJTnl6ERB6QQ+fiQx`v`L=dpOV`Fs^KF79A;^
zkT+G(no{+%$935>WqZ@L#lK2cMpQY(=tRl|!ryt+`Y0fl?f1US<Ohz`)d*@lAp~*n
z&3ikFL;pKMacIYJBf}A(L<d8>i9}k}VI~r1-_PrBEaYAJwexc%^!Y~VXFP4SSEX~0
zK$L@{{O-?`I7IrCjgS(ZOFZ_6>BId&`a>DaSfy2DB|ncWr3%)mZRgRMMn21PjV%S5
zrb>X4yCQKbHh*8JYg<(c#tr{)mTgB3`o5eOS|DwJWtSeK%*GjAVwu3k+vcs)w7Yf_
zyT%XvsnPD#JOX;D!sDJ~CebV08$<d+4nlS0KB8*Eg<+Td{a+i;ILE^yDebpkrsERK
z2<FNUo`bapqat;5+rPkjU9eqw1H$>EB_`2TNYL_dsI&e}px|bxU;ISk?16a23I*9}
zaYFqCBT!rC9@5#O>}7b&0p9mdb3CBHHa4w<YcLV+cnz0$J2gn&3)7=2CXxnHn)_Q4
zy+@b?bzF4cHyz;{Buy!jTmOKo^9wU1bDLhS<GBB!dpz5_FS=qTOv8~QOYRkThw)Pm
z$`=bLc?XFwutwThq<u3{c-qKz>2N|PLKgc1UJoDP%DPoKWFNt?r}!{rTl8{rskq+H
z8I|BbupWeXT-2tJ@b+N!Bf-^(g*naut37jMZgeIS#T2Vd=R4KX=8x?-Gy3{nKevVd
zIiUi#LlpGkk4*SvH_rYcTZX6B&l#Se$RU_Q<E!NvmXYP|W@yo(9WFbj+62>ezY%Y&
z-T<yvuryZ?>w_UtZV96?VylHtuC!XLA=t06n7nQLCT<qBe`~$x^*;<p{C^partLO`
z^nM!T`IQOyj>*tUVh2t${>&E!CNWeC5lt-V#e5uUlYe#}PAC@np$L^!pBF})I$`*p
zk7p#N@xrzJVry_MsAppS17+)1oNs@qtzPIzc-F|>ArsP`=(4iDBO9NvGE-kjx_GDA
zTF%&~&Su_Sh65(PZiDrmA7ol!>UZ(LzFC8H(%`c$>T+qxd%${5t1xNipetuQW4^IG
zmhykn8r<o3mPl7zC5VQ^Q4|S=TeN9YPfq$x{dN@-=x~T*o`3HN8V)tXgDW2Gk4GbK
z!lxFeAsN)^L=6Y4Hacy-FDOm2mUUOD^dl@F?`iX49!ZVzE$A8K$;wScv*pfbA&}`w
zxJqr`x*nW4P33*)+S6sF3jO-Gc(%&B$uDhC+~QxSNDmqLqI(}bgUB7vyrI8J$ZH+y
z&Jf0GB77>^23>|oICbeX@I$pw=D0mT@Rg_)CFi5i0g3?mLUd~G9PWYBL0A#$C%HBl
z2{bmPFxE=cUI-Sh8J+LupvbITZdOkkDk1Yx|B`YL?NCJkLLs^kVt;93bj2`uQ5J2r
zX`?f7Sd#Z1Dg<BXHy~s2CFjF^W08-sEQ_}c<oG>Dm!WG;Z#@$wn{AXGbdr4$@{%hK
zXUxrCHI!5Y%^7&<E-mg9n4%Mw6KfPCV25D`!U~ic0-pQE`}+;MRc=NxtN0x}u;gSi
zT8Ajy1jW0=3iv%YJkGzR`3Jjp{}>6@%{+=F9QJoxej4$tAK+B@zjxt(VIe2c1f6=m
z{~3{?M!;860^(0W2jl|rQ&V#b@C=-e!HOt7g%gJf{?^GA7lfaKF-K4t?Is)FtVb|l
zj=P}wHlOkje!g~SE)YJo5aLj2Vk!{+elhKZIS_t4s{J|lDMfBrY!6+^Xnv0A_*+H~
z$dvsfO-Mz``<(+<hSMiADFqj_(TJ=gT}D-pIMt}codG(Ql7sOeoC%OS|0WseFp}C}
zGm`R);0WTFg*t_M5_Z}|(Fw^_)akpJkb<~6jHZ_%f=01Hy3cB?M8`3fb5<#T<2@2O
z;AiaLA{=NHJc1*0l!zCbNY?N%d5(ZEnvCeELZd7Xw@gthD*U|UZjO2Id8wP!Z8dpv
zv#6rlfrX|n_J!3U-3{5qj`dpjG|pQvTMjk@#IMZ2yQ>kNMX6DsI0kLh&i%5Gb`iz7
zyX-Y;&LHd_8{vbXd;Kfm>$2L<<|<lF2-&+_daFr)qb0(gd7bTD{0563jJMr>GrUn)
zZ2YJi+|lQUlAfon&*$}2M3zO(6kcSK@^_}Eu&mutOznKD<?=2-b8>yQs9C0N3@(k}
z%w=gDCz#k%lx%882Mp!Nn>tf-$M6m4Y`_le#gF$xw^GuBGh2xOVA82N#MOx2`i<b`
zP@-m>u(<y5ZS3~-?J37r&T33=zudHS-D9J83a&lf_Ivwdt-EGh^4w%M<*eK(YtJzA
zlux$+<{q-oOSuakAcSHbLIr2u72X>QGLpbkgIU8d697CP@MgzhjU7^q8wWn&Z+mF1
zlR?20oG+gyWmt)wnq*E8iaGkZ&9}DlzQPOvseiVF!8*ZFvM*M|Hw+1~C7TA(0hGD&
zrcu<~a{L22d$0p&&}-&N&;W0?T^YM^|8#GgNqsKYkJ*W!VDk|w0A>8YLCwZvxIK8$
z*-M=Wu*(`o%bWep*Xc~mse-$F_>gkHR6Xw&a*u757=&zS$jh^_>T0>Z2T0-)l1**T
z$lIt=J{nrz-tr6heU~~{hA+8_YClSXI9ASdw0yDT?c7#_gdf0c2$rauUg+~KbQLxZ
z37wH&z70GH>{ZQpud5H$v}aB`H3WmZI1kji-MjK)p}0HW*2RsoV`re~#+!gsl5F~c
z4!{Ir3#aC$2V&cW9e{%lF;5;Hvdx692xGxDvj{L`nVA~r&V5OONiq`!VE!L)Kk%w=
zfZ%q4;9$sCCqGa)!!Z>(uR>W0FYBt_()5uwZ$D%vch#%b5rz6c{2Tn5{AiDFxe8MF
zZNpNG8&TcE6`R!|78~Nvr|Vz9jb%mWeIOrfHLyeY8htl?$zR&m#<gzebF{A)>eXcc
zi$V{bZhe)#p#2AT(GN>qP3cuK5PHLEO)0+?E<DQY-7>|eIOFY4Le!epsV4Rq;aOFl
zA;Ebul`CA*pG794`C}~&f0(s3FE=SU*>e7yYHl{lO)1A^mj9V*7TQ0YFbqnSo5qIy
zPejogNjYt4&kO7{YHF9OFH9y{KjSYZIA?v>f6p?KKQ|=DH1s?(OV7Y)d>g1;fx?TZ
z{PrOJ)%@(+itSehB|hA#c?Zu`s1zA~`~4LtDhOPBx$}?C%%!e?i@GzRsTa8PO<xWB
z_;Yu*F;4@SOMQ*=L)wA13j2frOwnK1*moH_pPOCnZV%h<F&UeaJBop}PG^!ZTD8PK
zX)G$a<xwPw<f7}1fmefb$w}yk6%g_|Yx4euWq%@%U;Xg#qH_vdV^50l0#!wX8QaQZ
zY|wO6sDK&f>htDN{qYAY_BiAL9gm!1s@U;-3+())VgMmCa752Qe+Sg^8QopeX%(AV
zlY*MNR~!rZ4cVRQ1*hPlzyVIJnS8q@u$)R$+AoG1Ai3kl(8603IB7s<Y2c1BnnXom
zt%G{VjB9Vmm#6MorZ1qAX{RmzCCA{Dh)lk(@A@9&7DA~gaU;TG7`A+i?cb8qX;zSE
z!itO_Gn|nVQ#8LiSFuV3?&T4_JarpsV7fHE1iMvv<O=incKv!&e6u$gmidLtl(YWv
z)UFos4e<)o58>L+U(pJ!cyz%2Zc&lx=&W!oF*pB9zt2~~)NU{$gl(bk_RYR6sFY8_
z8zF&p2W8!_ng%?!w^iRf);feDn0(wj<|h%U*NLtG`%oT7T<#6HCEI+9e2L%{F({Qe
zjN18Y8Gr?Ya~+q`BJXS3X<wx;N3V75r}ty#VyqzxNQ004kSO<R9l7#eU_1zD>6QVg
z7AAm<jt>@=A(_j6yY$3r5nH7^pw_J8LW;HU7KbAHhf^6IGHmpT`BJt|ORHZK1X(Ig
zFmyqrny_B`VzGivcexqXCVrI`(M9$wZ9d#{ynkH|PMAOL>u^IX==8N4ReI;EaE^#_
zl5Wmd4G?$wFBcLYFOL($-_jL7$o_1AeHEeZ7a%t&nYiGP1@C|4K4Cd<HF9(W{fWVz
zy{9z}cj{IER~g13y<%|aB2&V)PRP|Ed42)&_Hu^PlsPS%IxD<+VkyJOfx*WVe|T0_
z)bUC?y{JU({HO+~%G=ZbNZmODC*H<nvJ&>R5caaL$rT4)w@ETqh_X`au`}55`VV_h
z)4(DSdzDhh1+*d%`wl>Kvkb2-_<ruCd$amrn>mMzD{#dm6^q=h0?D8@b#M$yPCnc$
z{n3<AwI>MQ0yH-R4n)CH0m6Pn8X`UY7cVo@86@5N`Cf@&ZtCpKPPJA<D1xlU^momi
z4Ep1lF3d=9q*C3<p5C@jlHG)^OL}*6m1wa5XgMP()BVtjmcr|#!rIKh${n|oOghiI
zS{mgZp;~16S(1xE%};08O#!ma+n*+V<0RnA4Iy&#EC$$W8eG4}b;f6P1!1HwAZO&`
zZ{8`U*-<I&cec&l=--k={>Y|8A3k#Cxe&tLueA`?L~WzSFBNgX($>mIQ`?}a>Zc^4
z{Rp*MJ5@ggNk60ZAt$oc_huv(bq^wMJgP0btkQlt*MJP0c-!3F4e!B~dP~R7_fTcd
zZ6}xAWGNap7OuApj)Y6c%pKV)bOLA22JKt>MEaSA_s_^%CWs}HukW&m;}(DTVr5lo
zoe}utvu1yH75H;)X)|(iye^S#c(Agc@frRu$(R56rYXATfoKEZLOiv8#P}rPKwHW7
zH)DN&@9e3`4A7H0?;nRg1~bHWIwCP5eMJtK9lBz^Y87HSv+h7DMlFopqla%-fBrIn
zZ*whdo22)$j2%s86KJ!%<Dk8rK_{^$XP#$TElELGgDT@3C(SEEp1g;bgs~i1940w<
zB8)Seja!^z(T%{LF7|DhA`i4{HQu6K65?N~n9jjYc6$F+oF?N#Tauj!JwXXIN;$6U
z_L;?v9KZ?G=gjkR-INvo_NjXWYh?qHoEipLQd2L`zLk=96?~dj1|@-%`5`lg8+D32
z%NV3qzB`g9rEaZ{D_>bc<l0?&D}U6x%SAb`9wf4SfJEzUo^@A&`qsZ)lQ`@qx};xM
zcCL-k&S~xnI57|pij-k1o7LB`2_|Q3w~_Pd4kYct#k(bkkPl%J(AMrq!$L-=*s$cw
zHRX?j5BFpm6H(ZQ0pc9K4cfPd{2yX!i35Y+^q!vkKaix@i9+4g)Ctx1iK?4^Zp?1H
zGd4DEmHLGVcn}ojmTxY@>d`?Oxx1fH&6V5B8$7pcDM7}nwtTCt7EEK-fY|w!TUpy^
zE3AAOaTdzjqu@fH?>7Nz`{jvaE_+x%0W<)ktO4(GE9=^E@rZuAdBTB<NnYlVh-vBT
zDsJROz>NUGA}I?`?}0F{u6**IX|h}LcZ#7Q3R)&A8Q3pTsIe^h<`ao5NfYa;rX}MF
zr^k>ijh8G@F*5(i;C^#4`DDSq?_n;h$SLCcUs!k~j72$!u+fkhWk?XW&)DklY#*>J
zTuUN?ECR8guWU#7gf|%pbSr33B9r+HB2ba$`yBgPkjrext-#knMoA=?76zAwR-S$Y
z<=g8RLdSYUk~!!Ri^l;A^V+p3awxE5oExO0V<c2%8C2m#ac(+wNZ|4;b|<aq)Jlm5
zh0j~XFqp7J{_-*4Du@lzukWU)z$Hf<HEuh==kaMRUR=$M%zPgm!lYa*ZXK(j;-dm8
z@K{umi8ms;a<Uz}%f3a`YLzY!WK^f6P#(js#U@gQpl7uPxveH;E8gsT)*iXHfWH%q
z?q+cOF|dU92WagT3l%;A${AA8j<GO{c`*KX<Pft}HH-v-uLQ`uC?CPj8PY#;#c5XA
zvv{WNDqsKUC+IIP`9W5RTM-VTAH$^j0Q8pA6sUD}A<WD^ROG;NQ7PsFDGer0zrHoi
zNAI<sPE?7Wz*_pYB@3BJ+*3I|rddxymw0_auzIKw9mmewE0TxG+JfGQz_tJlt?9D6
zX0)&IEe$$WV7Zc!^Rv}GUTz~y_W52FtBO?lyz>+@wT8M^&4x-L5K6UR!Q0w=!kPhQ
z7L2FXI&#3hezan83(g29#?S<EvqHMrR95g*(8g#;e@+9#jT#me{}^eD<+oH~Y3Bmy
zzZnQ4Mx2#Z0rdMvrb?>YYDA&=ep%5;>MgK}PRQ9emM9h?_}blmoKM=%W$iWTylSzv
zd|4B+YyAiWj#HU}FL-|<ZpRm@x$meJt2jXwx}+XagWH`r;i){UOE=GWTjs|$GLs6N
z_CkHy%+wL?EX<Q$2a`Ii5)$^KN7fPgVwJdi<}4ckxq7;#qo7AQ+k@^aM!m%o^bUXZ
zf-^0O2Z$>sxH@27$~|L9YufR-gwEqox1wmVV5q0F-d>0J1gv?vJD>QD+NGRwT-Q5A
z;3OStYoO?-I~AM4DbLlCUTw5r?S&5VD0R3=tt~g4E1v=9m*wxnCRby(W|IP$L}m^n
z5A90K9v>8P{70Q^36MN9I&|&EY+B-Eup}0p?sZe#t;S3a|6eLYIO&f6{p}(eXU;<C
zNU)2{a@-48&~!SQ);naooXf`w6HZ->J7a5G^qp56sz`SA)L0eL4vovpo$7YrV;w&7
zo*fjRRThaF?M+A5^=%ptucXSdQ`I_<teM-r*S)2y6p7I|u-4@&;jV7g5G<jVi#)L!
z<^Xt^h~=Ui#cMtqrWsz0V0rYRd1C=`fhnx%45KQuNe4Wtkzp8vv&1OaRS7?1SYD|n
zYpb)J1hM*1$o~pfW=Fo}&ootOOJ{tX++Wb8)9!mqaT0|HhQ-`>>g*}{8f^<p<d7cf
zLwkK6ega?QqB0Cd6)q;nPCqvz&G_y&b3Fw5Kokv)_<UzAk3xT?6dwJ%Uw;1FLz~0#
zcU9mC+%eT5m=O6Y&n_4pCh4^)v0xl#j2o~0{yav*=vV_{o^pdU(9ScBk!;Mg=JE#-
zCOJO+6S7nXMxl0^6amJJ7sdp7x3HKoJO86dBJ{h%e}1?yMFpB!P@qfO{J&<7*qJY`
zM6lH}vKUdHz~>n;X>ilY@Z~8}S8<8LTRlrd@f^n-<n=fxB<cpG)qWiK%<7(Alw?v3
zJozrgxH{cYqMoqWS6MFYO76jW72<qe*_)X7(Y(Rt>!3SEh3z6+RM4~$oGQu`%#{|6
zviOS039eAuJr9}P<*W)n0i*Vd4TBQ5H+0Zs(EU&6hY55?173_`f_>sob+o>{(i!R$
z#DVfcB#~tABxY@O3{-f_f(f*%iM|pUTufZ%_ra{iY3^1s96HSY|JBUEV6mfItd@Wk
zPXs`a<0XjH!`^`cE3RUpA857$Kkk@y|7@>rb!a=f_G;=^%PuDdUoTBi=7eii!A>&N
zwWS*88Abk}5LfBa^k5<XRyt-pPAi<erp!w6;6L=}G&vw{)@*ryDS9l_$E_*V+pGM0
zoQ9Y##aCTrz7}9KZDX2xzP(jt&^^?3xQw@(dSTD3`&Dg-=Icf({jp=B<+;;FIWKoc
zy;mBS>P=4=kK@rxhT?v1CCyE0zQLh6h;zeB!De27LD@d~i|^`0;Dlq|Lx`0H8-kc!
z^rnZ!hd=;@BUf(%r{?hNX(M8xnmGdX2q!?o0)a3kd`&MbAa{fZ-2rvtksheDF`3*T
zk@ilX6z!9~;Eox`ar#^EvSYW>ziO57C6VdP`DxVxL2VdV`o&M7TKuX7^VY&AMF|G$
zPo}G6c|37Fq4bAYug;w2@#wP7BU!4fjcP2EKziHMiNTkccqZ;kT+SYi?;rC<1?P~S
zymT4e1Lt8sA#{eD_K9}v42Egdq|QtyIpR#<L&RKvB{modcxvyft8c{<pR|G%pFdK2
zw|~V!=ZUCtJ-&IAfD^oMYVwUuuWw^dprbAbdPc-egNT+G^m=t|Yhu3n_jRVpb%d`H
zffY1%M=+nuqOhU`KMW|+y8ST4WW&*!LrxMYR$F`&%Q4lc1Rn?;^JBucKfi3P#16*n
z!?vq>V}lNJ|Mpu~0}{N;trxaI4ROoi_u?Lmz#=8_(j~v{XrY6-1k|Dvg>C_b4=^rh
z(nNg%;{v8g;f%y-S=4z0Fmkxe%&-l6=d$E>+0ZpIxOZr1*%0Xcf}{NPztTU#=4gED
z#|sJ{prh&jdcU(gl*P;d&Ux7jj>G>s;b><@BV9B6Y5Camu51r;+LIru`-}a%Vc8jd
zeHQHj@1Ze9ctlrEB6nHaH{;FV5|20GgyK~$b3@%fJIIS2*PX5Kp_}YI3;LkzqP3hF
zdq_=We1S&SEEU&3E6*de>*@f9t5Gj!9WOZ$gDF|5p%|YaUs)`197rDgR3g!|O_|fG
z^%tWPKk>HPUA8!RhhImD2pUx74xr|1wnD+HBg~c*iXN*(0R#gq>R+OBE_7V!yjm)!
z`Mbuu=SbF1LltF7)p0dPYYJyOztrmPY_}U|-Gvq*iR1IAt<BfhE}B&woNW;CP|#w4
zt#{z-G>LK$z}}T3416CB;inVh&a@*@8bx_0%Q@8dVwgz@gRCWPqM$QNpSg?8Aaeot
z4VKtnfdf7d`oHR@Aip_~7pn|X;Di;)Exi}QJ)k~8KN<EXQEC<l?dDDLYoSwGS%L_m
zYQdJ_TRg4oSt4MhQC5&rv{P3$mN%p3q@w};Cwevt289G_Sc5d~O_O$_Ijo$%=WsXR
zIB5s$MCU0g4i4_0i^yLze`&}wP!{gI$Xj85`y4~}4apC3*x+i2YE6&ISr1JRam6o6
z3#5Ra<7yk3+qnI&sG=ioZbOM`eWUaYccEFf{L5iuzO;aLs>S3~%&e;f%mMY=hNR6^
z`~Md_wj8&v=XZ3?D7lvDKTX?L-bU8!!Txs%sn?KiCy|Cc0@!;_E>(3i+1IZ+5M7a4
z*#CY|V1$uRalIPuG%Xk89v>o-g%+Z_jIT#7=ewa-u6sx*+A4mnKkni?-ZbiJ0TlTj
z4=peRcTVxZ?gZ+W7yCQ;{g&9o{NQVUR&w$NmT<@!(0w+<H&(*xRr>F9a>7ZjV6!hM
z2xGHfS@Ze;IS$Uwl#>%6$AKSr`p4WN+reez%8W24HmN&{M!o~)XP89=vcy$r>aBA7
zq<aq;{a);h{tVnP({%p-p*xNdp?col5q!oEuaCt;dW7H8A0CFPwa@4zJlLrL3}Npg
z<qWMb`DzgFf)v#7G7HLHm1mEed{H3_@+ylqgP_mG?lMrl6))#+Tfu=RZd=it<<7e&
z>{+$(|5c6^qAO~7I(K%;%`V<EpyH<LAM@V@6%(<J9uFNv%V!8ZfxYE+#>_AN<HO}2
zp$s<t13GyR?=srXGJJaKl^kt_Tfini!TYGzQ`oY}+I~;j6<*p{1_qJW2O7~7&O$%W
zi{pGtcBMYf+H*Uvy3CxxDR?F4!SfSLDD^BV`j4dK9=FW1i@Rr?@?_H#%QExEk|Dg!
zLm3ND;!MESAq)?<9Jfc&JfWly*oym0ky;6Ioors+&v(&g4Ej;&_GJh;al^MMSr&fb
z$)u(7+BPTpxfg&8Pu+oFXD(SAwQk{`lM$D7XgVXf3@v)ZNm4}}tMZ=IJ(x>~?aBTV
zm+-$K`IsAaZAfO83E0&`mPpbY=Zhf(EPO~N!ji;A!wT{pNfhf9CEFYSh|KK24fBzA
zD8!|p5NwvqOBhPd&4SQz)bIhIOnbuLHCI+XKyXn|<J^ls9NsxGu;t!MKX&Og>7v__
zDxq|>aR0x08r-tgPVT8CO6yh$LHKzc!$ukg2za!PX+<lW>APx}{e_r92C1zT?kTLl
zyV_}ahgrML<FZv%raYDuSf%LLTZ=w{6AHd3ScPX2YIcd_%j{VSDJ{wrZPCS?ub>Ce
zZ`DJYP3p-0O&;v7SpNgIh1+!r_#x8(;LwmDmEgHiht|qoH;i>J7n0%kJ&F4~zbl*h
zW-Oc4zu});gK}LW90d56jT;8=TRwKT%q-Ey>Qvt5!}5l6%5iA632%X}pWg_qzB*26
zcgWOL-WSz!+B50yQ>bC4gV{gWI_5|amrtWIdL9p4J*{6?iK;V}s;}aujhjKyx|7^#
zMa{Jeaq?c{R6j0i6(la3v>0-E*;t|e=2^1d05f2(AF~(hJ9`J2VVqlE?a0Zt6zU_%
z#iA;4lS*+g0Jxnil5MKiTq8voJTliA)<AAM)=rP0y*wEPKAi>Vf!M!bV*D_nH=Z8Q
zQ)l{erG@`un$E?(?eLJY`?WM7+)!uu?!_&M)0|Sf_sem~dDM3c8<M1!SO~e0c4NaN
zADcZ(2g4O_GN$P}iNE{9&}zi=I=;w5J_Mbzdf$rS&_s8*oD5relJoDA3)jM-<*NPz
z3D2KifndttOEu!`jeh&7(XRfgdl#wooYdfE?)~iat9W8L2Vh_}=6tcV%Q-gW0n+me
zZFD&VZ%%X3RjhQ`g@Pz!kT6V`<CT7YToU7bIp*mW<ZD-I0d;z?aj$dql)u6bNRKM7
zAnVMR7fWPfJjOTliaPA&slJSipU_UO_&^Qk#66SxI&7U8Wt?4-^0hpvda7{bYIn8x
z3<>|}h`49#I1VrOO*PWPj$>Mk0c)+S=juP%*r_}n%>Ypxcc)HrsaX1H1l9@nWxv~4
zHh*I0sqrnDJTgHoz#!yK&&vYG+;Du4CN1*%KJqrx50t|2$NfS=AxkU#s{!CH=C9L2
z-{Pkld7>P8;_N9EysE~H)PE~g_OBQ&!xk<h5|!Iw9_VDy>L4n!AGs9p|C45{AQk&|
z`Q*eKt4aEFmYVBHzLS0<;G(*?9Ygq#<|aSDR2+bggJc*oDw0vKI`LAD5Z;t%wzynF
z?|LTXLB4O27)M~SFhP3HV&1oKHIw|DVwJ+K#us6#!z&-4o&c&lFk`lD`+j;e^G6Hg
zTkoGbjVg~=AIfrF<k<$r+X~5Aif%fAawKw-yrVAbZI9;{%=NfiKjri2G+lVNc@`s{
z!1*D9ZT-+zNP;%_)uoAyo&e%<e(0(t<p%5lFEp;&D+(hB?x^(~@x4;rdFBv8p$(0?
zXQ2hXo%f4YOP!(Vindk83pB@|#^7#3r!BAb2e16vys2@PXzj#~`gt^A)<YJHC}Mcj
zGKo~FC5-XmhR4gG`(c&;6<n_u4B&f0-wsFg5SHEyRScVLA*ns@sqYW3?@}1lZX-B4
ze73uNKHCN2qBvlZ<)JqSeck#!FQ)#b&aVVP>EUw_;z}_P%JU7r`p@)=k#Qce)mB7X
zIMHY(Oy=@vb>l0?cm$WB$1yY4`Ms>ZkWmq;O&&3Hw+5$j+=bs`VD(c(Q8!1PcK~%=
zzKh}eZHJHdX}6GrTcMw_uaQUJ5yN4O>ZcLG*}H(A1XAs_miyuRopQp2>eqgcp@_?x
zBkU^dnN!oXy0ZJ^m@1qDb(jL@u}c5nR@$dr)!kldjDkjv2`3YF-L{|-rmq&?s<1X>
zDj_Q$Z#3e(a~e|c`dF?Tpgj~>!@7r@!o`7>10LuWB}VYXcq1*Qg@oN!!;p&D0n&4&
z_i$Dhe_*2h4cIN)riNmqyNIgN2tF|?wLaUX>iejU4gXCaYPYrHGH?gWm$<MG;il1e
z$0#3;Vwf!ApFf0O?aN9Xs^OUw+<^Vc1{_H9$WErt;m+JcY<j-9sc<O&`L%u{XV%~h
zc6Xm30ZMU#p?GbW=G?_X%b}SqYUl*&6d;S*g|$7jhN{)3bw=ph9nqNicIjL;fj|J@
zJJtS!m6ZqJ+H~7=rO#FMM6e+8DRM`;WYV)fQ<&pXu8AnBm{rAsB6|m9avkF;2d~8e
zP`+0+8QTDX`$Z8Cd(&iqs4#$Xz=T6Qu*hi-#!$e9=s#x~<nHX=LHy&5wAT`;y+RLQ
zf7ZLnng&+h9$#9PfMfAFD9Y>!)n8+|eBNf)lRo>-=}aYSI|4cWJ@rS7CcfS^KkP*l
zci%M!6b}AHau9^^7bG-z%;}z>O?Lx;qE8h7j&<U$5>)PPUM_OotphoYLe(EVYvbk)
zU+YgZ_#=8Cc8#J^MTgR$LR7jB`}VoAS5cFa`!|<E2BL)4Uek!}t*fD$HC;N*caNsD
zHaaciroQEKN{wja9*5qjGwgw<$vJP6s}x=V<zxES8(~n_k|oaL5-_mw{c}{WB1j@&
zu}eL_%#KJ4QK#AbR*tvv-Re{BVitTO>6ZecvHV$C0?XJg?=dh>ESB79%gJMr-D9%I
zP_icSFSSJfn7+_K#K%Z3X#rM*s4@(md^~jTeX55Kpm+v!NA5T#R*;hHy>rd4spxk0
z4$7yeXZ}iYj8p?cM@;(nXH||_%^rv94tn`1maSZ$p|sd02H$KvUC1o1+|$kiZSq1Z
zFBdrPve4{UHr+8ghHl2bIqUHBwU@zkiSMFrobT)iAxXj;sdx{m1NhCAleri-M0gfF
z-J?^A+`c*gpLBb!A70At9n;;}HEZ^>*_iGKTOAX}Cbjv+yPCa}3ZRl{Rs+4vA|Gh4
zB)-kxMt*YeZ&4s3FTVbn?G1}K59b$U#<*iRCPMyB!)@-c6GG{o+gJ~i%s;-jz<6<C
zhP({_ug8hV%{RkQ{9<gpZ#!z^!pd>95P7P1!L}Pp%>}x7JGww|5KYO`P{U$C=w^Y3
zs}jf8&Ttbq5gb0@gkMY_u=o{?DK0J8LI>P4*>zOT-q=%syLK(#_B*<V#W4^K%Ah|F
zhrY8!_V?&&6OxiOjzR{^0BpzQ?#d-&744Z?ciUe>PcXi8%%IfgkKu&WK$@ug7ak4r
zvaojwyR!OuLBVBaiZvGR#ply!|KuEEu#~>#Au21qAi4^XIH{a!`7S0E>%!xH$cqhv
zi)<S508&ExB;4P;35lQ6Tyu*gbCJc%kJB6T@D$rvG_YdAZw+KG%T2_FwfqUf9IZx)
z_w+ZAfD-+_=)=hQ5_+!!<pAv1(pvu_Hew@JB=Wc%fn1cP@!uvP41zo3bjVto-eHa7
zp6;1GN1Z&y$+2wdH>_qI`sG-`d7U!0GY(g~<8=R=Fr}@a`VNY=>YKurm72Or?k8b7
zF1!i>d~X94P9K#)VoC;@1c#S}qkZMo@8Xzwgn)Tz<DLGN3d~u<jY>pL7+l4#3UAd{
z*P}#Z*3;>z0tE5C+#ahAyZ~kc2siQo?rTBLkXm$1gb-$pWw<l4x<{V-jGp!kW#?0U
zxlxe2km<A*2pO7f?CHBBN4o0WX`zD_)*SJk^19#SFBbIvK}xIpJ={(;Xcev$=VDkj
zP(13U29=b1h9_e78lJd~9rQDt`XADQnC}}F&1h3U)2z2BD6=ByfAQ-_9ihrL&mlJH
zdojsL^y{#o<I3$*SkjvN-E`9^q6DM@ANoi9=j)3_9SP*2#ko8}q>}R^!m7YvQ;aL1
zm8#V20>G*45n({UsHJCVc4&f<^3|=qzLwfHiV>E&ze>lKG6&(-^oahqZ%rAe;Z6U~
z5@jON@H@*)nLCtm5Gpsd^i)_1Z<u?QsK!Y-{kMhT66L?~-@VjB4DL`M4<p*;F|0zt
z>y@Nc{aw_H#Og`eBsJD3UHV<L{kiez)f%bx$VbB&<zZ}M+{AT-WpnF9)xpS1V<1lw
za}bqh1-em-<{_0(>l{3Vbg*Wn@yA0qm%uWIF4Lo=KcSKScpptvvSklP`AN-}iY&mf
z@bS>g;LV)(S8fvGAn?MrEqdpmOKfh#YK*TIEj(wP*>U;BOz=(Xbypn(MsgsK>mno}
zcDTU)ywE+EQ22lJq9WzB8rf*suMYp<qiSDvmo@=%M4f}DLTk~rh2pi2oWI+0x?F_o
zi*7lv6HBJyr}e-a);vsW_&c7{s}!=l1Zr@D4wFZtd){iw6(a$q)Vt!+o4hZCc2+Ig
z^)+wt5MRxz@V$z{)i0UWBL!uoEeO_82s3zF6tF7PuD)$dSusE@$tI>JUW6Vq%#f}|
z5KHL*f78AI`_H)wxr!CH?qzalw3LM1e$0c2Q}ZWAegcc&znz4^k4`?q?{HqQ_HEWJ
z(9L?!=Odg?>T{GY2O{*l$?h)7me+34F2^7VF6cOk#Ch|V^N#siA<7AqgRE&|+ETeT
zd^GUX&?*dAY9Bi+-wf`u-}Ycph}=OKf@;)loX!90x(`9a+a}T)qII`6SbETwY8{NB
zIp%As4jkaPyJElV?RHsE5se#pO^|yb*SA+6K6%@JtzWCr(={C3ccNn`t&{Hy&GHj_
zZlmf3EIq|xC-K~BoT6Wvd`R8dJVMSDS;+lomEn_VH78g%#$HBg0hUz8hFx2#=-1Os
zAK>xG8>APbg{vh^{veazCs6tB)BX+SpJ^^Q*~Pc+Z6blD2{QPhCS+}>WcMfDPKhCL
zEEyfe^%PjqQFF$>e#sq;otEEumfc)*i2FZXh>C||WN}jL=g^X)*s;U$Z$mI0&>Hdq
z&ci+Z7W@ioM3mjJW?@-Da#Vjk%T`IZ4=4eFmZ8FPbQ;}hQDrVOZ0%<*KJM(eckf!S
zZEMp-Ak~t_mwvn@EMieM+`c|U8}Hb1xb#M@II=Qsm_8Ee5j&Rsw91)FjgiDEl9CA}
zsenoi11SyhBh*sRS$_G!tn_PWsP3lbr$kfIn5c6};go)$GqA=+grJz5+<2*yn@&w*
zI(T8xjpQeEK9e@E?W{XvPytgnwDJ3|XvqIIjzKeyHG}WRNr5y5>Jz44?1qb)Q5bTE
z(2Pxmj0rxmqeu{X0N54vj&(2X@&Bi`yr10-;*+HJnI?#oKLG;Aw!14wZGpU5Y!YJ#
zbm`gcZ9C<&?}X54g_Z|V9W)%_&+;8se?T<v<{T!{PQ6`8d!FBvY;Nd_MDOOc;aN$)
zk$p;~>bq%`kG~Cd?JEx92RYA^AOem;g4BP5%a@(ZlUu5~DQ_f}`~Sz(HOJNYzW;37
z=9X>S#<G`f+pCssFSl%C)mojf>}6ZOvp(N#zklnT*L|J$<@bF(*Ry_fMM}Ik{D>ha
z;O0!!f_v%7Vj`^a5F_c?%g4wlqshR#+|fvmFd6rczX@hS^y?6eAQpr(3S(Z)jbfVh
z*co^xF=!Oz0%KB*xB};SJuBsR$fvopa@U1qbSTn4UFAIS@|B--N1i-6`W}e=A+PN;
z_|r6-?HguTJXAA{!y?eVT|{ae6;!{vtz5h-iL2iceqFMEm30{x;I6?p>#eS^AAY~!
z8pL0YjUBdletWt)SnPbhmw9{EoNBB23|Ulm2q!8iCo-~?9Et0!r_7}9lseJTv(<Vy
zVb0nvGBd2b^DkIB)bzf)g{~Wu+*oDGxl?tFJ9{`x!JcIFLG&&jIk1HT^_9Bi@9d@~
z)B;7((3Ic&4A+*VFCmySC%(jK>k|Y1oIs#LO!H~iwD67W$cvaSK7-Y`N;I^lKlL=X
z<A&3!F(BBEdkkObW-`21xvxAZ^*sN9BsL%gz7cMw5oQBLIT%cFnHJNw9mRO{{2g0d
zqh%RMjLRSYpL3zG-z~k6yxh=`kO6IiEDBd1998|L06PN8Wer&jgYgMM>=CJ}=loFu
z;A*q43sQ}d?8F#V_~ba=d>y?dAuSFvAr}Skr)h0+R5ltH%py}j>_D!TP#u{5%}r{x
z^wDk#D4^cLMtR`f>2J4YQTpLEkidZtB@UPvrBE9s4Hn29Sw8t@k^R3JH)1>tM}HJ?
z9}EGM9LY^^c73Zr3BZqE;?QlE$o@A)>3Kh2Go$#47{}jfrDi)XVHh{B3J8VO#i|mr
z-XDB%&!luXx+&0ohFrXRr9MLJ=jK^kd&keX##PhN^9kO=6WQvUZwpg~TI}2P@g~^x
z!(P=fjD8cpl-IM@-B>jP+!ue8T)5T}UYkmA3IoeIsA?Ubhl?ihp1Zh3e|`4UfU!|P
z#jh`yldG?(mj*go!~#akUtv05EI3;#{YPquW5M{={4F+X2nF?Wt{ZkCXHTaX%{fRk
zr&}b4B0F}+y|7w;DBN?bT|@b3Hip~c<q&1R0EYmQccRt5E)sDJUq6WRr(M=6_;wu$
zxUEdp7(2h87DAGGQ9^R{Zgul_J--lKe)VZxVIwZAN@*Ni6s$phefW6}CWN75P?Jsb
zYc83}4Ke~(ImwgjePY`EsLc=<<B0abFfO{dR+}`%<}%_jqmFKQz+Y-%&umHQ-Cb}J
zT%mqb$X)`Yj#bC(xSNa~VMU$vj+ft_K97Hwr~m%b&2Xlyh3D_(BR`Gy22Z75=MU%)
z`TVG2J5|1Oo;@3puhrDgAAEC2L^+!ep5)1}HCs6G0Y0xj9=#*G-f8R788b%k)Wad>
zd)H6$quKmW>D2wMglC(XZZAB#vy4^Q)-EAF*DEZRZz+Sc6Z;)<L|a%gR{0v7XQY!D
z6Pjn-26@Ygx?j?CD4AqUb21hByb0e5J*NA}6lW=M?SR4cS7_YvFU>rxmB#G-IVJ!P
zyZF;`H}{<m%(IU9O8>NM{3UYB7{y{f+oztToKwwa_bAr8N5qkH7dUt4q+EWkGaSRX
zkMwI6L2FCsGRn<OjBI%HGUtxUQG(J*B41xT^HCW*&tXSp<4u*fF;U+y*Fua&4|9DP
z`%x4VrQ+eIyO8cBz~K3>E4uvjQA+<w_;afADNNtxh&%9^(E~!}Vi6R;-Gf(qW3b>f
z%B<~j;O=hq0R|CBlxrt&=W;bqan0io`PHI?2H4OlbU%nH=D<ElrxD+etRI;En|LUg
z*dAl0Z{+UQOFMF!+Ic)m3x0qMB+yOVK+lNzkzL$J@0&7gITZ8*QEL-3NL)M3JLeQ?
z@LLX5&oDdgzwks-nm>95ZOI}bjI`lNv8}XKOkz=>1#Z1Y0fwsA!H@YJOxiDbyhj2|
zR1abtqki+Y;%6kns0KdQVt{(nQ+S6NjE5oHW8AjKLyrmDG4UHQ3W;2BJq520vjgHb
zd)*z0{(u~J>-YiwV%NOK(?0)YCt^<HQ%P8YL880aWy+}sQvSK%TE*Zq`uyoYr^7ST
zd+?kF7J3RL3A@pHuCX*~v3F0}yI!rGyB%?rG=G!y0f?EX_y)3yatxSE-=$Pu(U2_Y
zj#%Jez>CrGryZ^Qj7-cnThcPtP(Fn&V`v3kFX7mHWG+cr#<wL@TI*T5xF&QCXa}*m
z$XV}x&8?5zdcU0Ae*M|XmJ1HSbApZ<-%_T{HeSdEr}fK>6dnyWxI>O5<&F$E=??o$
z@|B!~LHeJLV*`XmKchXdNyF`U5`d}b!%D*eI@}$3e(9%w4n=ew%e7zC*@(YzpXBrJ
zdPk_zmy-5wy;;RI9N}7brH{96HC?^Rxqa2#r;6jf0X@D>EZ`HTY2}0s$Oump{~T6<
zO6qiQS?|Xx*tdmMk!5O!x$U3WQ_Zx8o8;r5p$5;ExuVl^J&E8wMzryw)6T^(gm<Sx
zau=?hKp8ClNeQli$Sr#|vrU%-ym(?$pA_N#6;9pej+w=eSq#%$p%uStz+osuNzpvu
zi1y_J2tbI6zSvrL$!g}zbLXjTqPyG_G|gI7tZ!Rxo>q$lUZy{maLs`b(G~pR%(n3p
z)SK=HoA&_Ie3)wv%<@2H#n5lRIP!4xx`g<iZX{IKug!6+o=F~_863AeyApHV81G+G
zcQ=PJ10g6cC+bNQX&*A*#?la+YTiZVt0en9(BxMol6-4GOQkdI1WDzma-Locke?iD
z)s=0Zig>61zrsk67`pSJBB)g0B%<x#7RzaMc<P@|sGdVH#-gB*rF6ht^f|L~$fBh}
z`svoIiM5L5)SroS!S|6gZ6Puk|HCMl6A=}Nk=SpHJVawtV@gXtYK^SEwp1S?FDZw8
zd?^p{urSysF(X&w0lrkdHzGs_(~wbJJKY%(8_;~Y-*!FF1)@ASN@5>h&W4cVT732O
zqT)g*dyFluzGc4P!ENCr3;Uu?|3%Pkq;HUU7Vy&cl`{9f=x3}Loh~lAoXQZ8tI~93
z=B|U_1-M(D)Y2-T2I+WA1O<HWxJ%bPj-;42`vI;T6638uT0lZGMu&`UZ@z`_3f!#W
z2oIc``QNz3veifZpxhGAe7?8=daDi!JNbkTrC4v0=#Tf98d{}%RGC}8P~wJTs=k=X
zTDr;iGvyMR_}tWLu7^<4cIv6M6>HnELBG6Exnb5QyjH-Xjt4t+CFg`HL?JrKm&=9}
zHs7J;Zv4PI5V)>_k(9Om&!;-bKL~d6$X@Q&tE#|1V<;#^fDkk6!oo05eVg#iN@alG
zVlot7$E4fR9{L<3>39^$bbGv)2+FYg4}NeTL}taanE^f^{5_H$#cq40A3dQ~Doc;N
zQC|-FWkStL<=^WC=hq=qO`mLz>+g6Z#qISa<OjBV_t9>3dQvs5D!p9=*$?ywFJDLc
z^nCkX3S!V%HC-_kGN}t5G(G5A1hbb(7fMWzsB4IT9!x~?_v%(ugqklXF`xHIKA0B|
z(QTVNlh#8GrO)RsHrc=#UDa%I0;m0hEAH!G)>Y5F)O8QK8M_G$@Bx>_<j{9j^cm&;
zR}ZC+@6#CNGmdtIU)VAXs`=+Et7|e0+SR%{a~OlQ_qDCKqw%Cg<A2}{Tbp%$z+AxY
za=?Y_m<vj75{K8!c$aS5`T^ckcH3Bgb-KH9YZ?1NsrfVg0DSbJtcBY?)9cRYk~Z?y
z!**RUlmB#^WeuYX;;&7ST+(hO_dQqV`YxZvuIUG)4~n14b8)ft<BO!nSp2c}5sGMm
z3lzlSJ^C0ecD_woBRL$y{~Z&{c2^aB1jejm_#Myf_Q*4t&dd@igR-Gx`SGE{(HHZA
zlc(EbnQ5wefW!`@ief=~p(g{bY)<UD8DClcx_!d57pw~#aM$S#eGv9JjDxtS5DlJr
zf@Vl0qvmEPqs5C{^+3aCXq#Qi>i6}taUt2PXzNi>|NNb`JO3k$Uq(UT1)tL{x_)`O
zp!j#DGJBsAWF_{jB#lr8<_Z@6QSX-sZm?S!@k-ztE4Qz$pWh!J<Pcx*wu*EuX+USE
z>n2O8(@F~)x@w93ywb6WjETlCOW5jR`tUR0?S2*vTpymS#}yhhpBF})w$y)M(PlT5
zZe%%x(u`sLi*N!2i^xdlw;YQ1z|Z{4i2?b*kNahu1YGc;;lR{jFriFzU!@Ftaenb8
zz>k=lckR64?VS(jg^6QT-Y4UQ{`y@TAc;&8I~$*OC6BdTR@JN|1uYDwTP_rf&X0>j
zuPOxn+sXn-dIJMUruGKSQ7AS1PSrbo%JugjtL@tFB@=OUGS<Rnd_bJEvhP7y$VLXI
ztyCkrn~ERy#K%*07qdD)2EY5vwybz8QXB&u&#yM;%uDxUzGq?l0v>$bK#<|}HT%fD
z<DtxN$zZ({Q5(yqAgcXR^P7w&lAg$vzYaWi{3M{;?PZB5X~4@!hw$|D_j=5R`RDd7
zw?%a%ksNHs<ocHVjrwAlFn>;>A7&OKsc{U`W1cD4*99}L*24hZsg&-UcUnz0*DH#?
zC4SuvblZL`<2%t6-?UIHxW|{t%*FMie#H3@wWdGYhDHni%hMfIc$;zSrICU(Q{-zJ
zA({ua?8=YKW!_J=;*I)IUpL>|H;W&}?u;zfCek>6?^~9H*HGV;&n6OfB`zMS%FM;D
zsM5gQ-Cawnb=NsyYN-o$2gL-q)rT(hKoMPh>KCV+1zZ!t#9}4qy){TR+#NaL%!`|P
zB7CS}%6#x>y<#+u<Y(rnvcO9$ZJH<&x(>cv(kD}0zQDhwFTQYJm<QRD<tFUdB^N|~
z2O5kBd+Fwi@Jb<!$k(v1XT$FH)$O1)omRv7u1U6ceQ>mRf%cH)*c<J7J+<Uw-VyX6
zc@lBry&E4xA$Zb&J0)R}fpZH)G5e+By;G>qT~?vpdal~MK2LG*vQHl8xv!4-etPid
zf^h{rKFQb)=edj<QYR$5@$$o70VdRUh|NfB3gjIj4Y5OJI^f&~s1EatCN)>uDq$=c
zvIPOf`7qi9=EcOR+EgswfJBtk$p7~w`$m`?#gioq>e!_e4pqkwT1Q%BH9AgHh)!)s
zT4;;?pTPY;IT(2H*Fq!KiKtqKc=;HgCo8@}uVz&zla)p_(&h7)t(=eFf5(-_caID#
zc#PlpxDUmX@q15Z2Ln<^h{q<ZHX$+PkpO71?!}8AAKf}?r=7GN{<!TW1)!NJ&9)Wn
zdnUhpsjQwYo^uUdP=vTJhl!oCQ_7$|>DB~A<PVbAsD&I$rh#Ize-6h~O^ONYpP?24
zbhs^;8nrTMHfot+<%u=BO3`SD5X|^O0?<kRD#PV+jO969Fg2gxE$o(>m7flS%FJKs
zF*oAHts*LA%B*|y9U3bj2q%EUVWA?(;UX&Y%w$ji0O&RB(l3(6<84~uUq*WDqQgT|
z`Iz1ZaBzy&Fxa+M#2nu|AbzfDHg2(=!+4~JdA<W}jo{CPH0#mMz+jd&p1SN5k~(Ti
z6-IWnMEn~*34QFOtow4Qs(z<fi@x`vQ)13=xski?j^Ec23bnLg6+abeKNr_kLwA{1
z8gj#!Uf7ZX=k$oIh<KhZRgz5u(9gXC$a^aRA6D0m+j+UrLe*Oi)HV$dd@8*C;Y)#p
zuLgTdE-M0Ad~BsvS@hAOCW0jV{}S!@A=$~0mQ_lMD+asIa5)l0moqe>kX0XkI$>Rq
zrBk-1rUpKnk_}ul{DZisDBm3j@oFd#VmV+;OOsP>M>xQjL@i(+aKC_@K+=IawS+m3
zFH?vNE5@CxmT!$76UbAd(NymTxEVWBe?DX?NH17#+|puoJ*o{nR4uFQBk!C(z<A36
zSZrr~jHK0=u&`AT)K9om9z%U33R>$!+_K9EWu6R-V9G58wb9!my6=PjIvq3{-iL&<
zQcH1QTo5+N&<L?wMaC0-7!nTtSfxPL<@XFWgY%->r`&I4V1X-fX5zUFeC60;^#;?7
zq4<r1UFA&C+I!fM-EFO7;>x1JTY@XQ!)x#$>=vw$w!AJTlSVv<w}Mn0K^GA%jLR4W
z!Owlj6XoJ_tFl@>$q0B#ir+we8O)AK*tk%?z6`?v?$bZCPzrn3k^S+4bAf0vmoVRz
z?><Kevk}!BlO7t-bmhDYHPo)v4ZKp{kvkxgI5-RB_3moLto0s1hR*TtcZ+b~5M&qO
zv%{I#m3*r&ltC;m!?`jADHfjeKNpKo5RG^6nWG_djbE@CDU%kk$lcQ+CS=2BO~m~}
z2NKWb<*c;so_2~{*$^)?*J?EmOl*skMyTb^Yk3{Vf#D-OCz65{i3k%fZb`h19@EZ;
zv_2@AMR#+)GR)xv#?o!;GPs5+jd$cyMqP2B(33Z%3~<n&rfvNH(-@aSlYd0RvuM!q
zX)$Y!)J0Y+ZahseTgc}H$mos$i}Nor4P^D;z_0yd<G=|JoBZ!)7G8cAXUwt3itMM*
zpGa>HU^iXH3<zb@c7&VgXMq_FDn!L$B;9PbDgaBPWg5;10?A=ake!DBNy7PM`uEmn
zEv_E!*CEqj@F0cbAzb%P5|e6dY`U}hh~ln2W<lvFrptOd#$(eFlv34ykA(*YLuK<k
zS-MyOLmO9`L}^LJ?eEcjDFWdZ5)JeVTZ4<O2M3<MGT=~$`{wzut5)8LWm6c$m;0L+
zqE9?t*tlGp8F*YsNQLP?-u5ojajnZ)n$!n^_a-5!<WLo-GAC5ZO-g_J(SxWxu%gY8
ziK&c3c7>Tm`)_0lpP&FrmFK}y&Jvg>9P&EQ)`i$lA)zbIK^*dQmDb}&aRD?j<~>59
z5IF3LHDOScKb7u44ik<+dqZyWKBNi7Vh@IVWaGzsi%<g)!2L3?L#DkUO`~W`5X|n+
zWQIhyGFTM)Jsvc#nqks7=J~0`fxgcu8;yGZ>ZY{sdB+lhu}!kTJ_$BN6Ary(+YR{q
zT5kwwlAd1c4Tvn%dj^+#B+bb_AE#x^sH-7YO4u^;cE2(~dNo4r7sPt4of3$QiaoF8
z(?O_rYbQHVVgS`IPF?6Q0qblA2b*3BOa;?o2LI8eA`S)i+nXpNwZ_pcBhh@ai(jNv
zu^=w&arbbyT6OQH#7H-1{en<8zG(du5aoyAAW%R|pn$NXGg@_Omwqs$c*ub$2X5G*
z4bYzsyj;6~K&LF_T*inWR$4hKXDbL$s(gXF=j8hCqDIyktT0|I0Ahs2_L;`{{Xtt)
zTZ(bjHW*xr>Pm0qfx_fQ6&fLd#w||cdZYG1!DF5oo8y1uSfN;1T=<?`jVK|Lbg>=j
zxgp;s;CsP1X|)fa&^~+)m?~g9moeof?}N?$=jVCF!oOnt@bVLZe*U2Zl?UkO-&wLJ
zrCS_c+6-Q0zizd9JS(<$mJPhL-<7tNU1sYNl);E7+`1YiM;@;4KyU(*!QV#>QSaTL
zd8$3IK}y0I4^%;vdEZ$fGNew%wPS|xhXX!L^LE!@;IM1R5lH2+M4|Z;-fZei4X6~(
zS`uI=0dyL^^5~`3tc~SP#qriv!<rm}L2G^@Y<0Myxz>7!w`TLk_%Dz#Wbxx|98E_U
z#z}~uNP7ONOMkDaDy$8c0;kV1h2456O!}*Dk|-AVy?;q++p1QwFn5Tkm@iJO+VV)b
z!c)*m-Z)OBO0ZlG-AcM~5e(-DA+GY13Y(*7&`8z7>dE~H5{zyMN^W&HCH)s&;SH!k
z0)S3!)lKGcnB{zd#{Tg%0T!wPUNHldYMEpqcj4Q{bUL;5tZA6N7zqfASw*xHY}Q_L
zzBBE0NoHA#^x>z1vlf(Am{9(3>kwy&f3t8x;=!zV&uo)4JDwD3a$7Mf6OZ{pANeRo
z@*h$YJ=6utC}$imZNZaI^q(HPyIr=6=9>+Q?RiB-&}A`dFbr(=i)yRXlj#SzLn$jt
z6%B+&$jA$2sKYwAxYEOlcpNE$ShxU5ZIHgqqaQ11|6BFV#sy&OD=$G6X3w7R(5K)t
zQ^pH-V#iFPgH=iOOpkcd&M5LrSqOwG&G@&d7&HS4!1iFNrV5NZdHF-K7$06=7rf_p
zn;aV_UMtT4lXA(^6PHG>H3Uo2rL*auMsiMGPcln|P#V9|%jy&U$iBaVj}MY#Zt)n8
zuYa7KQviIUXoWy2@Ll10b_jkaNND*h{4kmi6<-AN)%<eUEq(WP39|2w7U0kUza5j?
zH}@@O8xNPsF9R)RKeL(w$FL{vIqp+e=K4K6Z_ynwg&kLx@u><6!mElUlwq3YS;=eN
zxZYZYFySlnmn}gF*QeV3*Ssl09V7whhwV%0!GlAh8nA~r_rn!Z`}_PZ<+0aHBl-S;
z*#1Po)Kg7&x8E1p)s|Xf!xBF+qs(!>c=mC#jKiW;+VR6Yv-CBruepusACILwRbxO!
zEk6~b$tJ7giT?tH%JSnxNUK<676HDkiR_A!;0zb}b+^I{r#iAtS6Ki9P@2|-LEfdt
z>geDm;bUZNF5!eYiE}Q`yqSp>Vb9>n@Jyu<%w8TOLMR?1tKZNP@ssUc5D!#@eH5wz
z%|xA=ae2K=VIGr^&&+AqoeDcI6l6uGno>*1Isev1Vn0X0-7iCs`sNFNXSf%CXY=*6
zpxsz#5Ct6%JVM>bwb}H$(5iIYQFb1~&3UP&UqUF|e0CXpwqz-d^qQh!y0tv=zEmMs
z4Q1z-5b_61=kUecDKd2G8kQJ@Py_Z4D-i}2=EJ{)zNSVYrIK`8@I5_|f-BDt09=}C
zjoN{;=O8iHDz<&7J-CPe9Rp_gWnSv_RG{_MJ$Ko?L-ErCdu3}zpoH*HU)hM(^1y?6
zE0v)ixmY}hXUfiva~Z9~Kt9{BN@VfayX+gPMG(}fE_^Ztz|mZ0{4u2$dc~8ez0**C
z=}?C0xn(?j4F9Vts$QwVc~NCS*Yg08*zUK?{u`i`ENG`k(Pt+o(DegUN1dQ3ty<-x
zLU#Dzv<a{vw=7B1*Cg^I614_#AK^5^Je~id3c|WR(QrDHsR~3D2Z(AwD+HGy5LHm~
zwifisQ1gygcPBmEu$A)M3AHDuuoWY3pz>l3aNMStj&e|I+lirn?8#5o^C+Far#BvY
z=23km?-v_mntYlg>Sj7Z`io^ZRIT^TilI9Y%R6x(mIkTcPs+~DkGrW4U#BGP&C*m#
zyATSRSuDf|In2!|<^uvyuMx-(a0AP*#eoZL^lO^{xUW(14Q(h{ke-R*58bXwi{M}q
zvwxtA1?vM*1|nAgL=Fd~>_!E215M&NCR`EeW0{2k>PpZ|<!d&AW>~A!fu3BfU{<Ts
zLQZ;uZa?Dg80)uW3kXf3K}cjY)LIG~6D&#LUN{5D92&;YB~nG}Rlb2#{kq&qyISw+
z)U=D0TW}qA7TveT$}<T25dr$|mUY2Wa?j639h@cfH|>!Q`(S^(POG-#N=%m9b7M+n
zl{>$k1P)s=$tss^0pXexmG|){l@T9eNXcX<9ED$=1e37dtnyZPzV8}S|Lnh$NN|<*
z7TpUcfhU2(0#AxZ*@+xSoAh`xrOA)tjGd>u+p_9hDX$y3sr4<K=-x3<uu~EOmFSdV
zGwG$^0#wsp@+Pj=^0Sh+W)LT?<5Kmq20_?ga-FFX)hl6r9wfz<i``L~6LXB0nI5Bx
zJlY+m;QI3`6YilYJZ@H`94gEuFAY*$(%va}zFsu;Z^H|&y%vIhMQ<98=LBTYF7cYI
zzMb%s$YfPJ%2siGur8kO20hnIJgYwKa0wPJz5XY1Fi*5tQi$P2z`5}s!y{ipKHEHM
z-xySz_|(*m!dNn<+C{y;o$OSuyXv8Ks;D`eHQj#r(V^&^|I)?K4*^xRDxIa9RRUp&
zmGyJwJ+nlXQ4AM3(<YhRj8>6AG%Ic$7cH1?Q=YkJA_XvzvrHW0IEFF*JMI#h33!~*
z0Pwh7YOCT0p8~EOUo;VpRl(BR()ZR5r!Q1XCOm0Y14+l(_l9p8vyHnqBww^qJnQw$
zYLu@0rXQg+aWX?^&Iga40+WvImvhH*b=)-U!}J%lV`v|To0U65AZSYlBhaclv}?JN
zF#S0>Awk2~WCcjCf)f)Fr3U+KMJQ`-?~1s<hu^RZ!$2UwAH`CUlA28wCoG{$_UkvM
zbxNUj?0I5B>zZ1kD(_994io!h>e*pQJ|L01YlvvYR&MaLrrwe9BFWSuW7;**JhnpW
z1-E1_3wJ&}fb0E%?Csb^2CXqk2D*g7llz&{Y>ynPk&r!S3p?~C3v&v|smv()9L~>!
zm!+T02AM{RB7E2_B3Ri&m8dMT=7S>hY(L;y#G>37iG6C7|Eswv<d%u2cE?O0lsVn;
zOGRUfC%if54*U^!^1fg3Pd6A54eZ9R^@%0!jxPm|UrH~C-1&kZ#B1igul=Apn%w*+
z28pdc)m=9o5=E-L-T`!Ku09IG+}A(eG|hersg03udh{yJtV&S2$M*MA7L7s5zO%Rn
zr4!ptD=6xkQ)6>1q4_TgQKc1pV-`<G$1p=5=TV%A`Py2hO_vddStqBxfMuz1r~~Kp
zxNGu>R_2fBg&$e+Xf97Blz}-!B5_;=N_DU_c$9l8Ocq&fUlEUf;h>qn<<Mg(JPe7K
zYlGr=3B{|dR}(A`ntPXWbV$Bs4L3dH7??@`&p7Gdm|4=%M@;9$<PQ(oBZ4I9G=iar
zLLaPWskApam4A%%ocP7aiTp{Dt^NUWK#iprS-H8qhK^9E`~7^$I}6A!Ie4`{>=bDD
zYQT}B8#$o~Si#pMR!AZog4TD3G7WBXL?Bn857_(UY=ME=1dNNC_$C<4!!*VUc@cc_
zI^DKTSa3uQTnLoonH<JONf3@iA?fS+D?>QqAwLLYDO286velo1h=1$GkCFl$ecXaq
z7OQw_jE(GbSXE5I_wZiJUVhM<qdt9l-XP#TW7`EQr#4aKRSm3V2L=r<Jk>z%5-{f=
zxR{KL(n!3-J>})HYVFoc$spDoC!!|d&lX?#v28z<3;n^DToJjf=c!#e@V9An#lrzj
z!y6BS$ZbOGxfpN5&Lt=~*YEkd;UxC@Rnx7~I4aI-Y?kY1`eyJOs9(}H$C(FH(J^vs
zo))5b%>3xD=Ja!Dm%`}L$<UQmBA9H1pkrtS{vOtVMAHR4%m;Xwc_&lud-a?T;n0KO
zZj?EBnv2M|0*j<yOQ`1#1+RkISx$S$OC`}=yE~N04{e*l-Ekc3?;H4Hn%a{aQzt(B
zQq=M%B9=Jjx$fc}OXV%}d2>rI;zA#8iF+rooyx;TCE_S;rD43aJ^DkeSvZ4;#&une
z$Y%oJ`*;2cbc(D56e$0<K&#y-JB4G4?z4Gk-|zP*L45V7ZZi-KzFaBzG@MSNcG0!|
zc;LPQ4v~}-?cAjbJb$mfa_T&$xSuy(%C_)J89svS$Gso->TC>$K)6$0gN$3wJ{MTX
z0A?(3u%Sn%nA;tQ)%hl6wEY1H;U9B!yDS#s@6m=XLnJNHi}~sePBKk8kY$|dlC>(n
z{GcI0I0MSH;R}=tG|-9>6NO>xQR&=BiX_LO6nS+&*kdXCU~k8~@X?W-f(rq%=^aU#
zd;TSbE&IoYyJnk*x`0WxTJ4eK+6g4Vm>ll|n*wQ?UZE3&v)&<K-C<>eaE3c-ZUeTC
z?ui9mRg<9C`3-A3AtQEvY)_f=nJ)UE18Qgpg!pfetb+zIcv%4v00v1D1DG@Aol<Wv
zC6ABR1ux;|j%lBW<IWCGI}?_$G3APGDLe~#5A49R?6JqbXI^(5_FwN^F+T0Kz6y_Y
z51<?HSFGxGO4B}e-U*=V+%Eco86tzFwH0>t%toxGx4l^vJCfnSq*N1^kdnJ?&YgT#
z(---Sm_gV0I-W_$E$x#^7}Q77pX~j!gn#6l;Zi~<Yu{{Fc2}FQa}2OyM1?N9$lWP%
z&gjJVB^g&d%~UNuMM7B_m1sG*oo8$xZ0Ne&bZo7@|M93gH+&snl(tZ1u%IxE#6DuN
zQntQx{kTj(HtE!RIH=NT=sV`$>F;y#vgb$o!sOcQQ>R-9;`9Ki00witLIozZ5pxEd
z){fc65t18B0WqeK1>sKa@-2b8AcIq34_o&eH}*XeRQwqL$u}mlF)Y8d04^1X`q%yn
zL0E+DqE5rkl!3KeJUpsE1s|@E(0#8~ke660scFBa)vwxVZl11pxrf`YR$kp|Q{v;k
zkWjm2)C!*SxM}}6VLMLRdnP7LlpbBJUl8BKD@!hU#=9fXQo=oZ`uY^>=^`(_)DkZ+
zGBH8_DebmbK$$dsI1N8lEKav$mk<J-UI9#LBi}Ld!JyrJ#&X`La`*ILP@t-rH=Dav
zTktTEji=X}6We2z(LMT8n7ZBzNkT{1zRM3&_0fwKZ^LGOs-3bMg~iqMr2j;^NlSXq
zM5~EXq?=aknGhXt&XGVj>Dt7YF1tG%s?`4yFdzEd;}<B+{Wmf!AxpJxwkJ3N4Zf*6
zJ_+cEOF1-8wJLgbzO{-;9f@sa`n{JG2NsIIDzQF14;9a!f(f{%x6E0Mtm^GM=N)~E
zY?mN<tq4E#0_{CQ%n5S066>x@zw0jxEzR%cM>X7#TYJ+J9v+jgrr|?1$*=aJWaW%m
zT3ILG_gYl=>>MccvO#QP=z?RuLTi|5UBQ2%F&rZJL-n2A6`^{A$;X!XE}&@PVa{lv
zKSld-xj}4)O|K#h2ix&Gn;ui`?rL85-L*BX&F=l46>C^taNMXJ=8ZcWkJWr|zOK(c
zd}<!Vo(v(f`Swk!x@$N@KM=Mvh~(-+&XDUe8=Z{Uh_T=#4tAuW<Bvwy%y~c6B}OG0
zru=_udj!qbMENp5bvPXQz5BC{BA@j6uv6X2qOF43)k*auVJG9U8<mW^CdjhiM)Zym
z?6{p3S{yG!;G(ZQy2mW}yVj$$Y-;w|(-T;(t{%H0d$${d;nx-1v=796sY_M226va^
zuY2l(uRo5l=r~rCKyYxuefB!!+Y__T`QIX0cFcJv*p@eB;HkLlP-0^O-MMJ)pd~>)
z4;nkVc*@vv%?uS}uy@R<@Sh~g?HO>23DN4>l^7WXL!Ilmaf_=!Wks4T*Y7z?E^r%3
z=Q2rfz1reuze3aA4WFk2Z0`ze{Xbl<9VQ=z9ae_bhzW*m1T!xBg52Tsd+c?{w#Q{F
z^S#O98>8F-R_Fm4xG65b`{=n++t}}5EojWW$DK&Ft(;Avo%3_|V|Q9qmB0`UQPNv`
zxV;4$rHRr4xEG*$N9N-Lb?q7!7x_Voc&3c-8iqZ2fdP*le|L4oymO_#p7YFi-`4#>
zBY)V>gMQYbyZxwNw;cW`O1RZoKYgWoGLOJ!0;ol|!93kS;npCK9kA&$x(S^jQ9-jh
zJWgPuGEOP79aBvY^|TV)R54US`V-qns=<}2NpLHik7d-v7LsXvOZ0#;wEw`+zZPGx
z7!sR~tD1MwTqm+)P&4@zw{%@UZpo-=fR%YI6PNt>-s|e&ezUHfMb1|ZxvLUf;_>W3
z`Si3I&@b4**ff!eTzHf9@D$^2d)vy&39a+H@SbAkw4lhGg0*8n4kk$@Gpd)?!HQ<H
z5YK{?tDt3JbRwEnwz=ir-Oc-7M;q%Su)YfimdLZV$M&5=%Vehe{2>)!=T%VA9w)fE
zvJ~s5{ef4_XMtYzRJOvv<K^SYaBHf8pK^@??rp#E?M&B+iux(XXTifD{abmjk=W)7
z$0<&EL1({gefY=Dc47&7Zr6I=M-8q9`~Pw_ZiBr<y=S`NT0Pgd&neVj;{B>SvZOU0
z#mB(dyFOiLKt&>d$Nbjy$EJABold&z?H{HR1#i5&woW<VeWz_{yXm%bS67mXM<4W8
zwtac*&K3yd=dKji5H3CYL-8s;>?PisVu}$Xjdy!J#z;0g6$ZK}c8|9CCkn2-l!Yy4
z7}v}n3fd?T0(f2C-Am2xxj|<8ME%AuQ!x(H|8S=8s!CDvNAr|iB9mfYqZ06vqwKYu
z@_mLBi(p)G@C;Qo{?f=HwrbsAsaA$b`GAU9vV;I4lmO+gBF@L8vQtC>N-MA7LE=a3
zcEQMkB0)Xk=a+8<tNt^Dho@Fp%PYHwE7?V#^u7!@t?A`^>-b%`UEG^3u5lDU?8-#N
zE_)_xbuVDIOVD$<wy;LcVY*&%iA~3BA2>!75K?9i!(z}gW>AbC0>{SC>sm&PHK2ui
z`bz9rCYMN(=J+m3j4Ovpqr(2<emwaIJhFrmR*xJDx;Q<u$}GpW#FT$*VVt^Yu6n3S
zlzKE%`*JT+w{AULdo}amKh0TV+0NUahOOK%BiSIQ7x@3k{EqB@ye(1cJ?CoUJ_hI3
zE(#HAvzfG_hsw76yFoujLTxNGZQu>e1Bla^kpU2RtVOUm#Ya4dX6aDme?r)z&F8yz
zFRIym<rVv0`^FTJw@ZSzqkBwe9xKe=Lbao_%P(fr$o$OSTz=PgB6dIJHGJ<^r>>BU
zf2}{*2JZf@;i*##k#KEE_tda^^Z<pHJd@MRRkH}88Q39dR*DuK(JX#ZATiVaFjA&e
z=x%UO`K3RLRbPx&Hu1}O;ZOT5jH@FQ+WtQgzTS(kmM0LsbMZjT*S?lVc_s+})Dhr6
z9X;1;6}Dg7S+pfw6dQ1PZ;lr~Fh^4Uj3VOSnC+jOZ*vnT<VQGX0@mI*n?{nOyGCHh
z(T91on`sR+v`OLQohm7qh_d28#rR}QfO|KQMfnh9|5xOV^pE!RLr7nlBj@_szS}p7
z;><idGfTtK?o!DvvU+ey_0_n9HlKUcT9LWWcdO|zBbKqY<9sM>dT|D1;~%Q@)6HM!
zPibD>URP{beLSnR(w~E8M^_RJzR=*`yIWX#S^YTf>`#`<i%Fq7+AuAu7(76^y;x_g
z6Cbd>C{^!r)v?Q>vEsc#QK!(I!_46NFvli)Ni!<;Ie?j;VygB}I0zEsfkA^Px!NUh
zbTj5)ky4^r5{qw%5pwpwdSs2hsS`f+x+e7P4mOX2Mqwt;4V?$*p|URju6q&TQ5y<P
zS?L1PinYnmXq{7LJ^QXU7)y9Odrj4#`Mw?U$$p7QFJG|Iibym1&u79Wpu#AHiaGIb
zj-r*N`&H=i6^)NqJ7ajr$1Cq!R$9bb?TD(i8@A>b(po*%K-Uh)883!kUa!pWHi!i-
zk2PM$M^!pj4p0=yb;7GoqDnV@v$0mL5v4#k0l@ObLc8MMB}}fCI18M&7`4VT%NCYY
zTPKuy!hAtGXQTTcZ%JOc2VRN(<ws`KZ)>bXXZJk-VR$^f=hx0?<Pu+!cbO7X_6@VH
z&2oDpvVuWIGRuBt=)eXr@FQr>1nxXctExV1G;laoLP2^}=}V@!5mT3qzQ#$CoJdVo
z0T%pO=^jh9e>Ec?mt!d)9P5=g169*MOgXy*RLxz$?2^>OO*(9iIO;{(Xc#n|T?-xn
zJ|7B+Y*Orlg(pc55?|5kU)}UcGQ$whLKfL05?eT1nBL`mui8HoPNM3EhV4m+!wHQ%
zI2^kfKQ~gFvW!z;iJSw^)Z><v6mgr7s{Rym^i#Q>`?KME3!^G(DeMgX9-YEP#yO3(
zmYS&}Iz-?qXEQHaz4f1Pra*{`u<$hiB>zFYK!syf(PxiVu&Sa|+}fR7eSTPC4XNue
zj&%htTP3T0r&axfo-}3-Pm(;=$p!ne$4>hauXVFRvf#GG&Tz~(#>_z(I{mwP#n~3s
zl~b>BfxNJTI6}j&YpcbBHLv{W4Ee817ubq)w_bPl-ME&spV5a^V?#{tdT@h-f78O#
zz=#&T6Kh)cRDN~LnkhG=O#n$Jt3HoEFF$cWQJx-esWg)HsBCRu0M7*Vw|X+Y2Zh4U
zO13<f8%K9-)q45%?l`4;-B_)jNp4ys<>-QGdDUHXr_<@!YJSgRx*YS`Y$UuA-k=I0
zE5?zt0&-z=vKId><tq%;>I4`y2L!Ct^S$3xn&_Qjn$XHBMSTC%W>`*B{{hPr4P(wa
zPJU2>+GGJy=B=f7x&U#5pB!s<D@g?M>sdbL$!^pJ@g}i!d>f_(+oxk4=C1O%UhC%U
zoGr?%yL;Ez`_FYXl=eB;l>)^N=VP0e?j~)qR)7H)ZikX3!{3DNHD}2Zm|Qa?#L7^n
zMpO|!&QyQcVEL@S6<CUcfoYY^XR2B%O-@Xm=h%G?nzyEMWDUHHp6h+@&-53n1E=%b
zboHOlzQQc*^-SDcrM1F~75<*Sg*-qiG~T%Rc&5zO-Rg7aVa0s^4P$h%PttR3r=aMA
z*RRKgRz)4+89Oyq$KjK2ZM|;}=JTx$GR+kpW{!TckWWUe_oA^HNMeJI2U8gF!EDkc
zC{I((0pBWbTzSrX2=!kc!u9WIgS04C<ej+_(_<JCY>;U`XOv2oz@my(6b|V;Z}*Y)
z9V#kmZq12yH}{K$&G1}1XrPsMSN~C<1G-10_Uo8Kp@rzuQH{5h$Hzhd={Gs1xn?53
z(Bq>kbml04Ey5-~6h$KonAK(TVrMWCs1enFRGxO=-NG{z_*abGf(tNk9R|&?`YO)u
zY(BD9Ha@-tjmwSpL9eY%`ZX-&kd0zhzUV{PJ^}RCTuW+r4omm^1*$r!t0k^iBK+zA
zY3(fTsd2X6EwsROU#k8mt7J^P-)bb9?fQ-;v+!-EfHk7|aF$L0cXPn{at4JRO9D0>
z9Ufp5+HdH90uJy?zr={lgFyECsL3Sa-xBc%e3Bk0)hz3T!t9Rm4N$7gY#KgWw*scc
z(OgHx0}ECg`;M)4PhZlu!uc8R&f_Z09i%`ZXGg{w$aZE>2VRNovN`$I72MDN^<&34
zpW&G(u$AI<b4HjD$cI8FBXsAjq=;$9;d2^=e?m#qRk>3DOJ%#^c!K|x$~T}C*jcWW
z2kCZ#muRyqOwjctP9%w6SJ!H6eeU?R9ey5d14^<N{Z-fYhbnKbHEgi-nl6rGZy%2z
z@fA4_hrDaT4*V~Qk2!waZnL)S+zZ&pRD3hddpX~-IF0{$?!b95P8wcFMCqe#<L2FU
zr4jC4MRl)NO+&~c@#wVb_jML@-lxbv$+9kori`&b^iu{Sfpcr6^5FXT&tQbG%QE|z
zrVDTj4&=A12bkc+4v+><(81kv8u~sy)6j1e(fuT5o<!xZqaOIBxX3>Vjt-4D{_!h)
z2n!tnh83$AMiFfU<Os@#{paRj-dUtkio>`{9svvSj1H|&HxC%LR*oHU;*hY%4%O&7
ze0Gid&5DQ5_3a-3kJo!vKKCLu)h|t#4>K;$2nFpC!s4<0;bytfgfVO=vp4AXzGpx3
zS&iSSaBGa7i0lL#<p80hf+9N)0&%*SrGP=l>LJ|72kZFoENWq_aM}nkoVvelXA~It
z0MIf;=2#1R(lu+lnBh>q`swbYZ~mAo@~%H~K_G#1--;Z~#2$U8AC4BBiQOI<e6r<=
z#j_&R`gG8Fbhu;uIE#p(Ko<27Pb5T#RI@RZxP(oM^-jn|@~}NKYk}1EibS0<Bhqj+
z?twv-71d%J`L_?v!vrP>k}r}$1U?Pco$l$H%LNO`6$)8J#KWb`%db#LS8<bghxCm6
zWrt>9P?6%h&!R?%)l+ps@~pCBP}DX?VT3USpu#ilfUV;8RCF@^<FfaIY~w@4^>tIX
zvwAp)uYd3-D7_XO=mY`uW7$_FMfDPc3eV&<2z*xX>D&JN<M0`%95JYhWAp@47b@^K
z_BaNi#8}pp=`$rumdu*K%y)meU~#J>l%X#Q{c6wbwkq8WY?`LA2&7cte|Yy;vi<-B
zgc>O*6<2NvC^)377=+ZG!0p@n<C_xB<Grs3<K1YoXxrG9-ZqBb9}{nX0Ib|7A3ek2
zK%$e02wY~M6+JukPuq1?ADbOImOO6<-2Iol;+%@7M5Uf1&&dWSj7&F2{Z@_V*yS*<
z&y_YfE3w~smD?i+AxL1AYcgS)X61{&T}%K?7E2U?J`AGqV~<z~DKwU3q#>W8wMMu&
z3Y2sKF0^-i?{~64e3o)Nu2A#_X1;g@!!U{Htk<u5<V08RvepoNzC*-o<sl*+nv;uf
z3qPt%3Bn181-&~g+ZGJxxD2!-mZpg9kzlW(#ijDN2S&)RDc3i}e<ASwcPEX{bcSQR
z&P)*?+0Vg@DDrET81j7-&5Zjz8(zqFf)IWV!*$d@5r~EZAz=6{s)t-X)x;*xX)7BQ
zpMjKkl(R_H^Rp^?!RL8#giBXHfp45hCJ?M#Of`qKHq!>2O9W#?NF28IP||*Jmf<I}
zKB1Mv2ea^T8Rd6yWDr#3<@U_%eh%j3|J?<kro|#K<Kv>)6m8_C?NV!HMP{AXe$*no
z(@qr2AEG{D25U%A`qNA?8}~?rX_}Ikw?XZN=ayPVURu`=hsZ_=#t#ZsX+{%jO&5&`
z*tmBXly9#(8z{OTZ=0{!s&|y!>V7$RHZDH}J~J$PjqJViG>_T`<WD4@rP*CPu3v@$
zO{Ha5F*^=Dcmtr{WK;}5;xMwLrQZmKLJ%rSQ8}3~2wF=J+LBf{tZ<_dI0lOGLmn7%
z!5OVkemFxFw7-DCAxMp$MHNv1%aDSeMfSzQ9?C&t!}DG&>ieHJ?bpukQ^_n>hMFR=
z$H?=}_-m&*9EZ<^qv$0s_YRR#{%daT-IH#e%fwQ#$NFV=b=Lxn`bB=bH^a!$dIomS
zX47TFs?XQgr4S+@R5ax^?Ccm0RR3M6AcCdkAutQ$qCpgIl%z=zYw3n?kHe=k<3d@+
zOO{g+9|?n?C;f#{*ic9*Op}79yloW)VzPRa2!et31tc0d7~~wncSzZwbf@!6^OAUH
z(y((Z&$~1qNGq+pO)>XI$7#LDatm<Z?yhIy+auo5O#EQcD?vElR>}5NzC)$6jQjP|
zT<)5eX?m56!(YwM9D7Eo&g5}{Fd<MeIw}TO2}=2_*0A`%e%e~M=Zjf{_ISJ@J>u~I
z8$y0Vk~nbZQwpRb5ri}bB#o?ggtqJ-TClK%$&kMPeSM0Wo_z$o#k^@8d@6=NNi;Fq
z#m`b0i?hU?)7S21ev0ekCXxx4o+IpEm#Vwq#-r2Rktm|EYOHz5+4&L+X~15jDkgsj
z_$N|Ob|}}mGu_6DXhn5w#^4ZuV<OY)8JV>hML*0J7~`_P9xyTnUdG%(HY)|VhI$Wd
z0aEZ+CeD-DpI4qkcZdz|ji?p*M7(dzR$QWAoV>Y48g=;?-GYld1T1?W?#;RrgKYwS
zuJKp%wYJ2Kid8tOZn;`;puW{8tR@`OQXH)4HpU<3jglf_?jsSjvao0?0b-F~`S$8Y
z#K|ES9{O$mMuUWOXd7b>agKzFLqu~bE3ye6<$Gu?zmMjdsK^JJs@#_!l~4Uo=6TtN
z=5Pg&)8PXonF*!%oyQ6%T}a-_528VryaXE}%3neWVO<eE`B393^(~VhG#t_!O3Df~
zqL{u>8U`>C!u*dN-k&X;4nT^jmV#Ds%|2DGpc*SoP4*AifhH;@a+IQXn0HV2%CAE6
zDOZIm`*e$rT_Kqq><`GaeNa4@aQQ3{PN(P`>5<v#<$U<8kgM)@ob5X5hjq+vt;ja4
z(=Cj`WqU7;lGlZys}q;SEcDya2t)(Q7tp|BOkqJwfegzxR()vgA#GJ^$mpd;b3Q~e
zEOE!BJ8^Q6$CaxRV;z`)KW#f4C^!OB8yOT(Lt!Wm)8fsy*eU)b<F7ZPJnkh?`;IN#
zvL3Z<&3aEdk6Jb1`xNA|UCN@4tp{^U-oG?!8m?tc8OMA3GW8>u_DM=gejXxic_uwO
z4t}Usdr~&>#(anMK3mwO($6ne*A{Twd2WR%rZJXYq4wH%vO(P|;ovK`FD+haCdkOd
z{mCVH*}B!swNg@DmRvZkmxko}vqPFA6zG3*GpsleF-$Nxs3e9;Y_51A-0*F@t<MV<
zeAV31nNkm}YkH%$$iUD1z5jz_1xEq?Fqq#zjLCUgul@HA3)l%KM?CnnmDA5Uy)AvQ
zb25s~llX8GAEah~K`-WB^pV`)PGk-4X1R`ccte7-m(#W5%e?HmRm_?4@j$hk#GT>q
z86H=5i952GGjWJM?0Ip0=tuztjB;*)y~s%qr3Q+rOR@+TG>FG1(mt5K={=zm8pgmy
zJR}Zie$`#SWL6&G#|7heN<j!Kj=CQRIry!A)d$&kSG+vj$JYqiS0Co+X%A&F9_^xf
zfu1U>zIb8OF1Sd-@Wh{X|2)gGC}$<QiCeG=v8Xc+2l!sj`ujqhgM$0aV)vi-;;y~5
zckBX&K8$^L`eN(eo(UYvN~I5zQ!(W)UE@|-OdESF_K8%ZtdE!^s6)4ZDa*}%khSRQ
zh*M?PPEr9~7v$6bIcbeziNLZOF3eSrZ@l$_j?E)H_=Bq8GVf7&?n%?y%dH={P?`?x
zCskB-|L-l`YW|wJU_`?XL;$NJM++|Gx7*t|6E4O+2Ys;~&vd#Fn;^C8r&v62({fW+
z<#0MA59MvXQ7$df7^bYhedhK#Xco2}>SW=8SMV@nTj}jf-v#oOPWs}H_np+^gm!4k
z-A(viE4DYrrE4cWJu7*ymYp_3xzoJfhw9BtzgD_B%0`7!Erp10Gmj5XVDd9y=sf9D
zspxy%YDvn$hpNZJUw+`2qX^`WXLT6t(??#*@LS$C63s$x!co1Hr3PsQjNsk|$NnCl
z`eL}u*w<npw(h5`hmrmbtRx?V{p$#1CATIyEG~uoGDQY#Z8&Dk;~#1jFEknS1StD0
zP<BzR)?emp|0$cgny4r$gEtC_;Ovkx0B`rOh8O@leQocN3ew4YK+b>t&;-x^qD8A&
zmHN2nC!DVnd1M6=HcUVan2S6f8NuE8uM4@v*@<Qv!$zgaHS$R_hklsp3(b|nDiZ(6
zQ9u1FU<LT^zt!)>6UYuwp%*}f_FiJI!1(wZ{SJCudR)PaGfz|F=5?!dZt%Ve_U$L7
zkYnXR?|oNp#NsDiAKE(0_?|jePiA$ErmIK~tk}>Sbq|n;aPU=q)kKXHPvoxOu0Rj0
z<gUfj4x(Wy7?H(LB!nlya)zuv#1GObUPOr75<25X)>`&LfU5fb&79RlO1{&W<pLGe
zoGlq;mYaqr&y=CWlitMW)Gy^1#XigKx1ZC*1KqlL2$qhgPWNYbmu%h1&zxRIupYim
z<|@Mbek>&(6m$>1dA@O2><#3^Gec?dgp6-%=|wK}pT!YIsKMh*hbl>fKtKj2Oeh2k
zCzSujsscxa$rr((gpr1n<4edY(#wjcHjC!&MV^A#nQ!rPOtn+MDL@m0|4IsKB7`KN
zNdf&k$1^P_qOKaK+y(j(yBG5-DIp(2T|9TazE{h0hiX6P<!N6-d?wz>NKfS1g-Z_p
zA{wSIbTm&CxWybL^%ak2HC;61w;=(}(?r=mPn<)9;|$5;6lqU>rm_K;3QDIxFlv69
zG7+>lBQn47*+<<)`BQjj^9T?*M4V%Ci&a!#5-I|&9s?umcyiv!2}hJY8O|#D&#WAZ
zQ@iKB0&s7&1!_1ACZs`5;SEl%ZSoTD3~F*yc~BQbss}XrS#eI7J0_7HHU_XeX+6^L
zTv~*~S%RFwN^J$01+HDGsGjRs17Lnn7!}^i4`Q9-k8VDzj{aDR=2EmKs$aH;h<+|I
zZ2icZB9%T)asf|z<Q>8c^;gW;4nYu<t@mIN!204$KzXL|maz!A{6ZB3^qwbkNJxY+
z({+V>U<D^HbMbIS$oH7~eV}h7afjj)GCS%oh1&x~d@kiuc&*Xnn}+JTXiEIi%)#?q
zzq2biv9DX1D=%he%Muj<7ad%>eK+;`U)*vYNN*Dp95sTdtEVt3-p$s4eNc^Ic9ZIw
zjXc{#AnN;lk&LI$<bh*y#zfWAPc<4vBM&ewP-do@M9Xy~a?oh5|M<BG*4T*n!vGH7
zzkI<6e#X>A=J7jUoQbUP@!{$-6d@_!Z+s7uv0TX3;F3U~bsrm_`g!-9wr<&}{iFjO
z&MFC+_P*!?i<yo^J<3~MvSeJ(G-PTd7avN-&?hnrT1hUCDQ48yf*>-1BJQ|#C?@2l
z&oyL9`lm}tu!S}?@)56(2PTFlN~?^f<4`S9^%uL&uU{YdwUursCXCw`Z#9!=A9v4t
zP^E%#5$&XWJDKYQm6u(=>nOeyo4*oze<#L^_up3=Jh<#<(Cx-Y0cGNrV)uUs#?=t~
zb~z*g@(pPyjW7n*troSu%uKD}r#;?|_jM_mr8SmJzT$f)B1$(9lA$A#KT;_};M4}6
zV=f8<{ZtI3pkyD$fs`v^44Kz%6V;shEDc5-aih6C7H{B`ZWyv@Q<}qjX68NkA-LeM
zi{S&)rlAoC4*ph<noeoVF#^JyLV(i}2tznHF|dYA-}*(u>Wy4+Oe?GvSvAg@%q%q^
zTy@3pj_dI8!T&kn5D^Gagg~GOfpwAiN~0RS8_~s+v9KC<<rhWG`#yfN<bHFW9WG>X
z?a$_gMg-ZP+aK=dO!SqXlqh)4cYk`jyBoN1P01k69;Xaa5CKAH$9eia-thQ<)$hR^
zc5VzdWKD^j(H5&Ug8>_z$z`Ftw@Du)5j(vkCtr`=ZpIw*HyxQSg2rGQpbq^`M`pAI
z$F+vOjLp%KkMzO+$JAAaMb$oSN;*WOyAe@ZkVXlWlI|{P>F#a;rAxX~a;3YwSvr@F
zWvPX4#h<+2e_ULL>kRYEGjmVebCmFNEOwDRHfS%35BpcwaTm(6xlOI7TAV!(Wt<J_
zMn<dWt)>Tt+p7o<UU$2YPto=6_6&a|f2e^{bbr;3SZz%7*#ptUcrhc!Zzv39(?=7r
zzH4ij$m2Ml$cYlE3t#2?2jppSa8?>G!@iQk(jx)sNr$Ll){VVhLeAprm!Su77Fp*#
z2aW!=IzS+}{k@GvtgLgl+k|JOIe{)gr0mlQ;LJ-woNZ{IU~#3;DC_aPA0lEr>mA-z
zSAG!9FqeLWS^FhTGF$h<Pl=gm)!*yb<uC|(wU(KbzN(z@8k;5eQ9bj`$Z`7f(4zs%
z6OoPvoZy?igPBSIdlp0Q=5m~P-|^=44#bqeQwC}}4p)xjZ4Mcj>7>%6R`sY>gAAai
z4|9(G?2O)#IGf1N!2TQ(B;&e3eET=PEfC#u#ttnYT_$XXe$Z5}P<s9%+%-Fo*p@|&
zbV{FmlV)UM{?H2Z?lIiDy2IUdsUqDMG%l@JW#z%TnL0h=b5NP*j8ISHuKZ;0b!yCS
zMJtB<t@qO7OI;WBYu<*n@GdP#<J?p02GvW}ICm=k$ro%NuF98M8p%b1pSK0aI!{R+
zd1bRw%~HIRx&QgP&9^&#wed+1dZ9BL{^!(&cYjA)(YMeejWC#yRD0jA28(J{wBr~I
z;lC+)%Av2mh$_z`uHv(}!oG$6=+BYA8@1vysBWMaHV)%3DanY5{0visfAWK}ME!Gg
zg%-)EHt}dQ4)#ZMT^m$hGJ;9cFz?-gPg5HbGH5PCbqr^7?7^$Y&1b7Ja7zaX;H(p&
zmUOP$Qem?%kx2Om!l6i$swp8zp`6AKuH2B04PTSSH-;r<MG4jnF?)rCvzNG=D^0-T
zI1rZiLT$XWp;xR-m7_F<s_pxK=SfHOIj9f+#rvYNk*&4xjwk#V@W<rpBO5w2%8B*V
zaQKwS@M~z!dxs3)B2`%-r#(H9O7>941io)J&2Darw)q~GA}z0_<~|i=L}>L7U-HGR
zVA#$``nd`fx$dNjtYM!0g$@RoXY@o{QmBcn*x79H*IVTxOoYMmtuCz-hoAMoZNvyE
zd~s$Ex_ShsS^_>-u`k;_l(bC&m(RXOGfOulGF%lfl4&pcyD$IdFK+?tp%m;4g_k-5
zT(#VtAy6xX@O1RMi&h^Bl*BTx-Y1T#A-<?SV<Mp9Hq@2DC+&ZRxJcmH2ov>Qvr*TJ
z*y|<kzV~C174NJspg)UijQ^>-!|8W{>eKKz=9i7iwt^7%(#}^&8!!0uu(#d0!-@|8
zVQnBG!l&TNDDY<39QZiByxyI?R56R4R<^ySO;K6X1F*du(1>m$bW3PYMOV?jzuUC!
zAZ>D~0A_Ouqai~JkUOmUI*HF7VEfc4(U}z6R>J4R<y8^Z2~#*_$#fHGnThw)r*!xq
z`@y&(fS>GJ|M{gI_^kvj+_P*@@*6JsOU(BG;X7Y195=#KC&LuyCgJ>pYmhb0@4*?k
zufMA_1w;GrRTXbcDi%;!B5{R_^k>J1eJCGXQGB<Lt{;3$0Nm|hsCHiTMWImR7Rv}U
z2u=6}!kEdmQ3i0F==c#>R-MBgOO>Hs$~($vCc_4do~4wt>KS=^_f=Est?Hx5Oy27_
z7WP)2j8*fbFNWr6epVzemtA1JDW6)dUg(WKN&pD$-5Wr7nvBX7J$jW5$KAgqKz{VD
zV-TA>-zu&l!MB{OSh2vla~|O!7Y;#7q|Rx6LsrX=7*N3uo6ihF!hFg=L?w;tGfK8$
ze9fC~;stQ{nHs3Rwzuwb&6O@lr|0wZv7|(Y3D>?621l(t<M4qB-CM_oJJ}!_<q*e<
z3S)UdMbj>u@2W37y+Gm&nnB=ZV_ljRQ21*>65y^KEj-vZwRcywl39LKMlino0sGz1
zUb0sPhaOv~q(5Q=wZgKo`HLlDv4_!EZUVih>}^yA?|eeGCSOgM-l}PZXy{UoR#2hi
zd3MWDo>ccBVA4F!#di6@ha_s@isgWkqn<ddMlQ~=?li5m;hdB5ioua%cvT0(X9Yp>
zw;?zH%V2WPXbkE)6#qSbUjp6h<vp2}LD%}88y8~;48lJPC*+<JX7g-RUs^qI$+(ek
z&s*L+QV71SnV2fO3HV9Xn3#x=g)B?`!4q6qusR6+JHf@x21(F6WTmbbw%<wEwfAKy
zGwyULWx$sqpZYjHeXW)$Xs&noU#Z_5v%X~`Y>^VC#Yrl3xpD|V_zIqYLiWXQVT&;Q
zB?(g0-kC5FC#2XX*2cMGy_rv0GJ$8*;SQ*v*J4wl{u1LwU9sAUapm`GJL*EYTe*V+
z{k!OE5=9E<t^2>7INq)M2%|IJw)-T*CTU7sqe@Kr;ypG!_3!5UbyJK;2NXTG|E1GC
zD7U(H;&;(S7W3<3t7g%<v3t?X9v`6g>+<UFMoJ1etNM;zlk2MQ+>V`Q)}70nz0)Cj
zd@g#HgR3#6$!xWp!6<*wZgC}hFl?-+5)FHVY;Q{Q!n~JKstqLYv}6FIWC8(&SZ$++
zjN%_CQZ&p*#Aa=x36`AVHnS``&Z%T|IYm^Tm7Xd!VaQ;)T&-Pse=RF`d{?Dg6zV32
zV2+tjnxQ$3+(>miwKsFwczVsTb|*Ftt52>|-2PH$l*re>B)n5J?Zy6+B1@*gM$+HF
zM$)(blyA6Du_plM{d+P4VZ7*S2}7!kXENseEg1&A|25sV5PM%Y(HOy`u{x9LZNx~w
z6>0GUoc^zm#EQD_DyL#!4~}z>1hI)bFRMCB1(SF}@}bu$zTgV-yc2F$w}hgci|dw|
zYmt>qv(|H>zHE(1l?z2vx`%#{>WCp7Yu5*zPgJhRjrwl18C~k})ie>L)0<~gyB@Bw
z^McVa0*}yS1n1lD@BJfrq1N158+<kE5(0(77!~bzQ6>9n6yJ)}i-G5dfk%DqNFkE=
z-f9PLYCG_b`eN_LJ%2gbuR{xGj_=e;8l~!GMoIwCmR)W)&tcWMO9^!~)6-=)@ajz!
zFgZ!s-P@b6`KD(mG>;SRAVb;c^E^<v5$O*2`CXZlT{ca>iue<5y~{WoBjF=&g%)I}
zoWlZ;Xq07M#R*Mve(1VE$^<SRtblnYe*}+1lxp^OuGk+X?@B@XEEj2r5JfZ||6{vG
zQXNawtp*l()we(|+E~7+Ngt?(Y?#@9^QJ58nO6$TH47<zDDra-$6r}J<OuToP=-$B
z<v#nnf?1nvaHenDNCU8~=1c|qd770o_H9nsc@GV0Mg^8nEsjpg@+85W6Rv(!sPM!j
z6CO%&l|R$|Ck|GmS@ZJ=j~Ak6filmzMbj#O^-f}De!);7tW1WH>qru>9GOn1t-na0
zJpv$NH<7bkrB8J{#K{Gg^P>-HrkdJ9Wa0hAArBetFM{B^eYyK>y>VKhG(+B{T`*Ip
zB~XT4ef{(3ehW<Q7JWj-2v;6{>qKi96m8D-ri!!U@6cNedq;vn5Gy^A5CyX6=WT90
znkmT>*WR$8eCbQ^fet1)KN8G6_KyFe(FS}+f<oxhl95qXl^HF7u$d7<QIHesL|%@U
zxMjdPQU=m=UE$FJf8P!kZNS5Tm>TN_PXPic<lS39_h;!pfKE$z_Z(y{ln7msGezn?
z*X))y=T2!2dSY=NBj#k~cVPK4N}k(IGwR<k;x|8_(f+MPlX<;6!U_DD$3{82&V*cA
zjL-u%qeYUqR){#yMH(j*_Z>9Ef7Z?*b8eg#n0#6HYF#w_swN{yTz>>D(IDqPC-)BX
zTl06=j@9SX1@2aiv;pp`?p18~)H_H%MrZZSUu-<pS_y9stV>PSizq2|Qk~bi6?W3D
zI&jktyTZz$y(>PDod#ZSc^%cU){Wh(EXC9Py7Vv(z+tZy<f(x=C9V4gj%WMca4*F}
zMOmk(S0^l{>AT1Ux-i-}Uq8{dW2PL?R%OTHDgadpX+;#Yt)~zBqsNkj4keZQi!QCE
zzCAJH2_5GLtNShcJVR}R_7lj1#DrRIIW?PMRkM&`J57B#@aXzCQ81y0)|ERj%^Nrc
znD}xpu@mQ-ak+)lpcv;&?K{G5Bzf1$=y8ZS_Yf06_Ly_IL{(B~y=5}VESns9N#$~f
zzpUC_wC$&n{Y;C5M^5LXcJqm<9&y0w6<n3ni$jo%5F>NSu%f-Q{?(saSL<m<S(-;@
zLg1}E+~{qY){ym3iX!kX6F1!@b}f3-0KhqO^12pzZHm$1e05>dqFs<Hrbmf<N<$#V
z*#z`ZVy)pa0Yw;9bG1$4bKohMHlpQ}2kmN2N0>Tx-e&$Vi#aX`IS92;7@T~(1?q0C
zley1r!3<Km-v<s4+fV;j?~P}mU{4&e(7d;An)L$Tz4+k>!p@m{rE@9E*f7pkdYi?#
z?Vs9g;<s$|{Z+bd{cMtu$BiQ(Zp3>bJ#TKp@G^anec;+@#&9F*`rRyexb<)9R@T!B
z>qM6^`tYmM>9@uO1ZtIc1c&Oml73{!`fcTb%k%2PY=*(gqqi>HtA_uYfO|QWq9vy+
z(QsGwKk-n?@+rphDUW*Arz`6(%y5RhW26K}g!a=M@$8#cW|o7&{t)Yyv*a3~JiuMn
z%pt{895%}N#Y^ss8R-2xvap3AulZTL>NsI%0qc>}HvT`hPj+C<TssT=Kmf@26mM16
z$Ru`fQ}VgPk$}*#A4K)E1j|)3M|}1=a0mr9*lXn!{I3;Ibp!W%pa3AVYy=6nE^h)<
z-2N>9{{(*gUAExQPv&EYqBwK^zNw~*umOCh1HB!%pafQ3H7=O$*$nVq@y-yRG}iD#
zPc*?N)8DvzHhDbx<udT4RCla0rf-bbr^btil2=whP0g>X1DuJl7r%^e%QdOA)&=j0
zrt3~?f)Nj`@7`(w1?Lea39%f0V0sgZl(hY#yprO<wMg|9ez@0$SjcxAn777A#|bA~
zVGXS6RACZWuRuPwuiwQV)AgUeInJK;`oP%H`Un=}ONimT=eT`^i#Rx@wUqAuRFW%h
z*`}XHUn=L%gBaj|X^qP)W9~Rx&t%K+ToOH-{P!T_?d3C18Ve@6P@4F@+Vd7KB<vQ!
zb|Bfj0R{hjH$|=Xo8r(N=sHQYN}!KGjC@&egtkqb#M%0HOo6QxPB#d?IRfD_R^wBj
z=5$z&US$Tpc{(+(6s+vto;Z`bV6)!K*81o;pJO7!={m{yL>EP1A`|{-X{oqHWD&+h
zR=RFKOea6-oY5Q^#5zZ4TSdLAk{hVxq&DPK6BMwqVeM$8xT;Rw8A*!~e9+FTh?pi!
zT6f~W{Ti#RJG=^-=&40&u%ZfGm5HM!A#ADlnC57Pq0ytu>upCgVg)c%Nh-f_HQ)AY
zha^1r@(Bzc&OJSI9G=R%J+iC5@B;4tkaVP6q|6ph52w^n$Lav2Yi>{RIok_$WKv9t
zEh6&!yFC!6<_Z1Xh>^h@2$QhjK<M?oT5FnG5%KKXrej=1{jt4#r!5o0&9zsMsNf@P
zxWN`_+E31;P@enc3B*|bQ)Fd{;Mv-ZEjP4j3d<jvYmUmwxRUaA%uoMWEOa&cmh$+<
z(8OvJvf0eOcN?4$IGjU&KffDOZ(=_vt&OjC;NZMugW`~H8-;QrL(^>9$6ZsWbxR$r
z?uCtkvlZO5ELh4D?k#7u(#tj}*+fJpl?sa&f5t2g(Il=pBF>GG##IAEK~l@6W;&fL
z*h(xfI12Ab=ww(@Xr2iXq3iv>Xb}&K7W>H`D3#|NSZrB6yg#m@sJZYy&$L6m;B>HQ
za?^75cW#IUyjQ>ybT}$q{GB&UuqP3{$^Fu23rN&Q>-`0<!wCkp9?FL026U_)A9N(B
zTw_pUnaU003*h;}_XPAEOC(NgpHEknW|u@AFj{d$Y&`lqS4W=>;~BBjg8sZFkj~{@
zY&%ZH@o2Fa)c@f2ggV)Ds?zEF_C@f`e2TN#R~`lDQ<AO&1%uLNY^gHv=!$L22Efso
zKI$5EnF~b=_LU9Y=oeS#EAN(JpHGBQyD|6VmvJFe!vz!%+2LJJfliQoQ-laOR^^x%
zH#YRm<iK&esQ^}>PB?3OvZSciY@DSj(bRu|;T~>kpez(5|3l_xx#{>%k-xVca$mBa
z?Ul6%)C(xLIfePO=E-i&lkE=rH=ZDXZBUxE$kOrDx<W7t_`D;K2mJFk>Yf^0*3#q5
z|N2hEQ;^}ZAjmMEAJ5~#*7(TrJS3{#rcqteWbiny@~}jcc!nA?smJ8UitA6;jz=4J
zAF#*;p*^BD+I$>T*m)tr&g<92UsHo6Fc;@y(4(1wTsMG8+?`7Tblq#rA+2U9-P_n5
z>4T;Bb)uqkBV*k_s``Ux)q;kq^V81Veyng(pY3J%M9MJEWKgLjTbjbFr!Ie7@x|r&
zw%&AvI{!cW&c7Q(Dbe<lnT{%w&Jcijxz4>x$9c)GlC6^+e^YH<**I0X;$B5HGy!9O
z9p^%h6Fyf>E;XZTc+WTD?Zveq&R#cgIzOZ;*<e^<evh=z0IImVVEU#8lp3y5k%c`;
zwP@q00BWE4>e)}5WLjE*({4Wqd^8eu?^fXE%*J6s|M0IneDen3Vgdjdhz`SL6e?>&
zGy*o0ok>SI6xmWsAN#NN9c`hB@b7Wj0Q5J;3B)!$y@@|DD^?ePCd<&zlliqF<s<CK
zlH6obefFlP4@ryax*_W8o~K%}B41sfiT{p7j}NfwU(1mtW)<r^&BS(nR=ivHOZR<}
zA?jlw?7c)peci%<B&qC_cT)a&0IFUy8!6X>8&^*v2?w%UwjLJb)vt!O0myF;Dme0y
zPd&zDTEQlZ5<}JQhRf&PWA7jkA?$r{mx~=>N>!z$;N!i)g0|03QI9;GA6#SNtao5(
z?G}8<qIcRI`<`)zZJiDa*k2U2ZHMgYkU;`x_?YYgeTgD<*uM?hwnIqAbA9$phOAop
zmoGX^Ac-WMfQc0e<HtDq-*9-rWF7X8@JrMPZe(*NV7s7yAJNdAu0cf^vaM<?Y#SYh
zlLwu|yTg$qX0wK=Cz>=>pZ~$9yo%Nbkaak{g<rUmDe*}AN`T&CY};+2f&z5C$y_yC
z605Y?HnzuH`0u#9;1*!7I4I~}GPtr(cJ%gAZaw7+lN1zP_U(ZHz??ih>J;%OD3?Qa
zW1mixSvD=27r{k3XEGDHW9E&w^Pc(3+Wv*XPtwNa7?B}HaO;NB(YNG@I|pf^f8#@G
zv}hBVzuQ}Q5Wdy)X#`<ExKz(}ugAPLlL1FuvsXZ>O61Lj#gQE*=s%gf;Xs=+NZ>y*
zLH{SywL`5S2<?b4*#0WzwUo|KLQgJqX&jhK5bS<%!5Z1T<0S%`+Ovr@ODAjQH$d1E
zR$X#CHVDc<fQPSk+OX*s6Zx8V@R0Unp(fT2uv;bI{YpFEQ~5Agp!QUXfKa~!lqI94
zQ;_67Zby+zMWr|YXg@Gg=NG_j@-K4bIZcH2nxaPG7Uri<3wS2w+7F7+wtpP>b;Ttg
zyj-Vzs@3$qJoqB0m7J{N;Ba8ao33>;aUz=}pyy`zJIt-^GkLC$XH=f=GR<L1Q@IG3
z+Y6)FO?T=K8>|MGV1vnLUL{ziayv4-2l%r4Jw|Gy6?ne{UA(qzX7_O4a^)%Ll`=e{
zqRp57R<Sui2bI<Zqc%8(xA}VtMZ0dPbNGct#-`5pH2>iR&Qa;;i??quz(8=OUM28w
zvlf6^9OqzaFLFVc5{DJIx#kM*?kc?-b7YW};JkGX(~e{x0X$nkf*~p^Bh~M`()Ef}
zG>bEq&)P1}D&H|MBOL#-QgT6EgDY9lM|}+FObD1%zi*SD!UC!$P3!;E121y2nwaj^
zz7<nWa4(e8OOanS`u?WN38>4paOQMf!C%2Bu~(q7ayUm^`cQ>*M2#BbgZVkBOviRY
z^<MwvJ|>m*ubvp5X*X{%j7ucee81V6jHJXF{(3x@-WJ4PuzRf`seD0juTxxfb5@LS
zm)ph<LW4E~_rm7uq`quhf~+orNngmcdl;7<zBcEy6#m%7O;oV#BIhv?;<%jRe1DF9
zpT?EF2Tg#H^L7%h(yu;k@4H*Q1)Z}$`*7zc<8VFv;qN$(?GsvGiK;Gq1hnU&AB+kb
zZZ#<TaJATUHiRrVhs9eBxy|7QZi&$Tb@v=dRKwt(scGS%<uKm})bFhRRBoAa`(T0M
zQm!%u)hwz)CQ$Nvs#YL5s_A}lWS>^rG%=l4pKi`eCiQ%nh3Zcbj7o>ifeYBsg>TE{
z+GNaKJC07vl;Mn^6P)oG)L@cyr?7yl87%jvF9f~W@fQSe9%-Ui@EB@ZaZhq!7PI}w
zVqkA`PahtX6kIb*pnIRu2&pa7RizLPytHmy05!7vG@r?CPpYb@;9YcOQ*cF$gNqJz
z&kdtiMZG<7%HYu&h9?UtstKVNtH&zjoX0!UXd^?DntHL{t`B)FdE){eqGJ%2^fQ7)
zIu_Jew$B-;Vk~O7UDw?L>D2<vyi%U4gw!^H5&Lxdz8~NH3sl(^>{Mvs7O??J#x`iA
zGew}gSITo8$nwqer98J|Di?z47dk~|-PPAU`t>`UC*YZrk__Doei^iLoQ4w>yL?Gx
zNuo^1t&4h=Kem(Gvn(1h+NlJK<~|@A0@4;z-!i^H3RCJ^(Fc(F9`+lIK{Ns+#zea@
zlPXy?qO*{$q+X%~*KWVe58{eBUa1SJFVF|k9;>B+A@Gba9pb@sC>2r<bG$Z%{S-7`
zK7VuT#6{Sd#+HTN)*VnYkWJq;O>p<AF5r|ckMr!lR#|e(-kVemvnKBJP=dOv`ddNQ
zn{-+)!-ZSE@a=M|^77wV%AE!5_B)D!d`!Td`XndKQ(S4E^<-n*Y+RJq24DQ0`Ltup
zSJRWNq~aCti=(@M2Gxj9SMaW;PN{#cX2R~Mw+<J1Qz^KiC;K?|#<YRS+vV5qG&7ey
zo<G}^aVX>lRa&I@TF~iH0coZk@bbEDRF1pI70mk_SeUrBcnmqeQOw2^lvgiA8`L*i
zZF1N~#eUlgMuJgXSddDj2#&cfSC)$xbZu;YgK8U3?yeRXuW$gl?7kmrtj)<*rK$cl
zSz+G~BuErt`GCNV7FN%s78@)S4xKc0UHZh}Le41vIxG)f5lfotQLRaCB2)xOrWXW?
zio4f&(lX!E-f$}?a)4d2T28EwJ^`vj(GLk1gx!AY-GHyu58qrDyJ#(s)E&g*tL{n6
zUuXzL6bU(&@YAUA()v9#R{02M{hml5VIbgIa;~C;o~utkCl2orFsM1o=i4T<F(#i5
zt)PdEL@QZ3vPdBP{L5PF!G7B2r`Nr-rpEkY>APWJ)oK&4WShRf!$h!rh-Zl(jBvr~
z)S_UuqK)1RoFN3RTHo&w+^EPnHyr+C)hUnH1?Q5vdooHc9N^yVdfuK89)*+m?nQ`r
zmjkx%XR$_GGVh48eU(V_7Y{H|9`ppV9>gI?q+~($su()W!Cngqr1{1YHSrz4hQy2~
za?pYzJi>kj_ROQA8r)lP2#|0u2%Hto&hr*!euy73^vmy_0vB%6S=_aT6OwTj$z#6;
zr?0STeQDv*<^ht!3oX{=Z}mw!j_Llk|KbZ#j~qNm@2;nuYJVZezwY&yv`K>J`-A}j
z!w+@Pb&F9vdB^hFJc1mpsiM4mL7G%I(hB;ktgVw6&-W37q*FZgec~I_)HNZd9G9Ng
zPa}u7`9Y4q4#ujwuz^%*dMTz=kVux_q|SJsrC+Kz4%<z!H@d;g?E-3=wd||!XmC6o
z67uZlj_&qKZalMC^Lo~_8{uxucZ20qWU*wqAlo$uJ=c{lw|A@uF$f4x{PGM^0PL(T
z%$_%c-+HV_2#UgGJ3_k5RyflKK0s@%#wX>fkV`uabsqaIy+A~rip<Y-JoPD`f_XNr
zi&*S<<fF)<|H@c)U7GP`?<U^~*z9F9ewY{GxG<FRqX+U*^Wqy$_O)CZ2zwQO`03vQ
znMv2v^cYJMdaB<vU}Npc*e9hz7RzBGSmoJ1HCb3<n!QZ%g}@S`_J3K2gTZvWci{1P
zM!As+>;t>i<HiRj^aHpiO_@VSeN~j2Q-SDB%m)Vq*FoW>hc*d7>^Mtn3Fm<(>_#5o
zK~i!pzuUrRu8!zEx0{jq5+QToD9EUzate?otJ3plPsb3bC#<FBTK;+(MBB#!lAY{)
zTY}L|TPC-5;xpw)Qb8qSv@qR&)C^`SEu1xQ{Er8R0^`ALOlp?MDsh`R7O_-a8}lsb
zjBY{Bi_c)xq^`3&bxqElnZC)4MwwIVrjnZkLStZ=zfe@S=IcpCu$neN8>?k=ORA;a
z1j5z1)=MDkI*%XG@kgYoiKh|#pWevf>1oBCahX8_xN9;%l};U}nYb*9o(wiwZ)_0v
z)E1O1!CXk||09XY1tZES?yfAYn3?+QN4*Xg@FYHW5=~i-GxokY_j<8;I8~AY{j@Aq
zw?q^#W`EQ{%MZ!`|Cnsdnt_7)Y>rp=RUA6t)5Oa2Z5*BCs%MvgA#FnnOGM3^J$aUp
znzyC8d;YC?$CX1Jv5LBrr{Z2TEvSjR&YNV}I7WxChN~x)z4Ld=v0%N!FoqDN05i2`
zxycPuxg_#j#Oqm`p+_^3$E7o%q_EO46b|SAZJs(0MIH-oEC6GT1s9leTz@`RPMDl<
z8t4*Kk0(>+t-FC4e?q@BGS^P~4@6SWP#~P$7-Stbb&>na80C`9t##L>?TTWdtRUNv
zy2|N$v*4HLTsg@;6G=Zw3>w@3jt%MOF(fNIk;wzW`kl{&EuIk@Sy7ib>%pizP5}ZW
zf0v>e^|<Ku6rX%CQjT-Vu~ti~S~upMe{$d@7vEIurRa(59zSxOUKFY1nUx+0ab*{1
z7zY^2NCGT=E5nu^Off)%hHxk)<OIO^oSuJ}$Ba265gYT_@2+7aTNde2Q-Mf?q(XR)
zbkjiDBw)q-HgViXTocDbM%yn#KWvz5HHgMd|0*LUFwQryTp}Yz8G7a-)^TV6vQ~5t
z0>P5Vxom~<*5TB#Wym_Y*f5p#n<DUJ)^NSL>f~6~Qyy5eOPt!;>ANKX{a4P_{GVUY
zhbLR>Ol(smBlhe|0t=u8G77kzDk76GMln<8(Ep4jJP$Ek2aAWcIE&>Iy_7!zJ$fvG
zWB0~VhNjb3KWRu=5KpzWMI=aoyU_4mLs@3FI5j8i71>&-0WhlQJt~#79T1Co?}Sc1
zdyy_o?Jzu*UWR&}ci5cbxzoKU)qf;j@3~fQRmAq*BBpzJ)v$N>+Q@-zr{yRO!{!U4
zhWUji-`B4#M<bh6p~ob@7j%yrR}Tzo;ur+AGVsTz2XV6Bq|T2M--5#UNbvl0CF~CP
zsV^PBTQ1SJmWw2DNr|@`C7N85Ik%o_=;l&f`|8#SpxLqg4qPFO|KD!280Rxz=W=AP
z7-jh-`Y^*I9c1se)AvW|kg4ApcaGi&PBOCG)Y;-f*ky~292)h1n$RS;92zhi67w7T
zRD(fVW|BZM8AeK6k##~lZ4_x|LU!{JD*~1H)uR`nB|xOri5#OT&WiZ(yhnl#Jyt>>
zdZO{fOL4hX=(}J!@)7UZ#=^l`rSMQMxNSW;LvV?Uv;k=DW&uvFwE~nYFE8dR+#hT&
zc>6WH$Z6=!lL42PaS>Yop~lq)am~nA%_V0xoW8M&{rw^_IgnXX3YW>BCuz7oby~nC
zn+Dm?@Pobn{}xK{)i|<cHu&w0X(=fOloqayPAiG_PZ!)~dgoI7RK&2n*V^x#P*9(+
z$Z<Nj=(cdkdJkR|{_RwLM&EZ3cj%<5uuq`N)#$h%fs&dq)sX*+*Y@>PJ=!+%@K=IA
zxpmYqH@;@71zotk9DTTbhZ;l7WI~E~Y*#ZXv77~WF;@6sdEC4W=Uxn|V&zc7V{98H
zZ&hytudoy`_cti{z1msCfPYnVJ6ZHh`ND8SE^N~auqQugy0kMO!$ouQ`!FuK^ml<S
zTJzYX7$F?8duedrDXDan*{h-kMF!`*nuqL?`)ytgg0#hx=cUTw0%jh49_o7m)UItV
zd3QZFuCI;Axx6fN`LNkapZo*sMyK$l_*&7^Sw&gWvd?=MTE5L@^~)uvGHEV(H<DX-
zmC4~SmF4O51<N1gJLN7BXoz8_t}@If&&gM@(7fNBfN_Ci`U$oqX{@Sz=*97>c$tva
z<)2n*y`lM`E*~=KRx}HPJ~RvonSY@VBX)1@irdCBW&F)f&J}t99_s)y@&FD>e<!Wi
zj|K9HvYS<7(p0}#Kn*02mGJtoVmKg;M~)!rfT6SV*;Hbo&_t4&-=9EGGt&845w=y!
z$0r$`IInplcIvwIU1~7#y1qgM%MXso`JnAcuup8^EJz8HTl6nWT$Wr!rVX6Q0MmD&
z=~o%2e1*@k&u_5E@bLn@Z;Xy!h8h4@bC!jaflR8-$-!c6eD*!s8N=0@p4XFBh+vnq
zpuO7w9tK4nIU4U9c<qHKVbD;vkfTUlz^3Of>J`e~pu6iy@D7R1lB}R@ZVAi1n>uBt
z3Aw%3jggQZeS9IK+>_^~oy@Hv%05(ufAjFHCtY%L60_<~-KeBzijRgdX3#44WM)0T
zps3)B=;mnSeZC-UxI#{TQ~ozq7<8TyjhF#FG>WvtSrSv-)!Lo+g^x+shCi~`jQU{4
zWx_--sLP>gZ5moEOHix1bNenb>}RngeX%-pU1I34R9(QEhLp|N-PH1B>#T}TYw=%E
zEaiaDG$hSZepOz$b{kNj$1_@W`tdzY>OG~xYrRP9^LuQXKz;hq%X*CDmE~*mj~R?^
z!e7JFhp#W{ni3pTVH9*nTR+>0!zHUrkFLX{IWznmZjPL8$nUT5kfvcDvJc?v#lNId
zEBmdor6l-9%G2{LQ#5V&LWRB;g<XcEt=8oQv<R+R>rola<P}<NV71ppMQsI@q%#)@
z=I=-qA?6nteNHcR9mtuW;>V7eMsuLU1i9c7`*lw(D`%j(u%;cAAkNNom!tK4?yVHG
z>vzQ=)UhtaNi`C!VJ)R=zFC}H4=Lg{9S>T;iGaMo$^WU=i|9-nehYx$ck~IN&s8hG
z<h6q^S)T}23u)UplXX_>h<S`gIfNa?jgGi_{XcH>2x9ZgdWvOnWw3-WUX9Fk5|h+b
z(lw2uSKgATcY+O%7=^rEnm>xW4o|w4L&Deny7^kD+}iOzsT@jB%At;~vPq@cEXMMF
zGe!0GLQ`Z6M-i}|)7hl|p(S`Q$gXHYmvV)c#}e)LX4S7c>)Wev#H30AX<8LJud$+g
z2}jEj)@OQonEz&fdT$Z)Sn4ShC1CQLDXQ1x4SJ6aWu6lzaR|$+fS3Cv(x5m{$O-1!
zp;4Xti<aKapEE)^(}&#$q*qmk{3k(2mi)Yw5>~w6dVT|BZBYOjtx22spIr-Eb`gnb
zF!p5itMh9O2KBK#U!k+*ibff{_~%wcjJ9}OxI|TkosV)94s^g95a{5rXBWAp3>41i
zY03Ve*OK*$K}*Ph2<f%}oNo$rd&ka9DrH#RgiGsCzI-nas@r#g^e-=^>HNe4UPalp
zd^gQr&wnKl3co?v!%pQ8H1*)&BH&?cPD~h^6FK!$JkitO(B-h?8mnh!YNdLP8$B$a
z6oh5hYhQ>gML+E@f3zWXJ-Fh)8ULw*q9r0kCZ|Z7WZ?$x$OA$3M0A8no+NYxE<VPV
z<KYV^A(3p)$OZe>SZ}S|<!q89Y(kTqen5-tQ$|$mP!5u1JhE-4qa8)d7>i4$#F}Gf
zYI2@_O4mnu*kY;>$q;?cf7J!rIBdP@W48)o<tb8`Ph(1P4D{%V47tsH-#@;%-6xHs
zAnY5iWilD<jh9oKOnUb)2wGFzm8lUTTJsHV3SFMZim2$su>{BbNtSUS6GuG0`A*vD
zFD#3jVU-Y3?#I^<;)v87yJeCnPvtls_O7*flEe~A*KB+ZT?Y(hRX$6DByjJpMlj4p
zO6yyhA1=1c05XKJU2K|kngx7v%|A6=&6}PnAs%_H9sD@L?#TnFj#^KTEFIN3JLMaW
zM#4T~5KYXdXkEb$Tgb5&%H9sM#$dDnnM*7=kOsK3ba@B3`yIdGx%4svqZrw={1;s!
z4EA>9f3am_6}}y21p3)UG*0=2YqAs!pd5ky?mGFdL+{3$MfxFuB~APKvTl~J7c<rn
zRyX*;n~IrTwj)^%s^hfo9^^hjejaDx7k~^~X4ay@(UIYA#Fm3F_;?#ZUH$aE3H6ht
z7iYElbcx67sa>yBCzb_@)t~h?mKwJ7Dz2DfCOsB(uUz4hV5dJ=P~>)*MXJ2aTKoHE
z=vD4054mP}3d74^^SkLR5=n_3ph#!UABxVSX;;jA*y1fpSjp<J@eOFHT-{L-&!K5x
z$k=tLCF$Y_dRi#^L%BP6iHI44U5Vh?=cICzK3gi<=})?hB>is(pj<}svq<u^Vk;Q@
zt`r6Zj~AnN3$cLZH-(afvN%>#=vr{@!Nlvq!?OW4P9=}8CL4>j=?r9`RJUt6%}Vv(
zn1qcp2Fn?>`|Ycox+PAamM;vEA32KxX9tIKi2u}c=lF~wVgiY1G0-Adh8H3R=nQ=+
z>CI#JQCPO+hvzkr%_c8n1`qNZ-bKVbD&wuAPfXxUM{hw9Q+|3+WZL>9hJC=#)Az*+
z<p;cKclMQ<yGp3>jwMl?Z#@pbsv0G5|KyiTlQx>hWG9i}#^j$Q#(b!l)&RQp)k5Yf
zzv=bNf6Esbb>-Gfs^X0zRXNKu$%@KS+TbY0s~8WQV}G<&Je=9eW4C=GWqjkcGrdZC
zX%Aw)pfDUk4;{@pt2!!Zc|uV3lilIo7FLy^>k%)UtNMthncQ=%;qVJbA*-eq*U3~x
zMMbj3PJ~)ce3;9I0sK;Se3(g=qA^GGs6WRqH8NvTS|+p4m~y13EC^McLpD<jC<RU@
zqW?>nxvIcE=osaafq#OR5Dp@L&op5k#rw_RW})iJ;P=yRtsZuF$-;I`IzU!eSVL0;
zb*p11CVwe6_E#JBT++E;>7N|5A@Q6ecBlbq_eYIrTrG!bOu7A7kHU~Qy`1{f9`Qva
zt+%8Oy@}`lBBldq@r#I?_zZ1RK@sY<Lf44%YxOuNCInIaDT`tT1beyfhb5uuw^VJR
zRyn~@GfL$Qq2ta@B~1ptm0sfM2edQR4O?9j30qxqQfSmx<^L<hWv?3c9hUa56dV+E
zxQbiYr&(sS8Kx?vl0?)0Ui)Vs=yX^aiUsU{eZvse($-CwNAi9Xg`5qH+Vt_Z;<{?K
zL=|{93XFU1{lW7~(Och_R(+p0EZzb_*$c(FE&4l$a~{xb8ACUlYJh%Oh);u^d`^;*
zr!9q1v#eWrb>;?Ecor|Z7+x;y=C8sCq5q-EHTXe%ZJez?s8ag5w|^+>`-WjR`iz-@
zz=|#(h|v{J3iz&T@8#!~Ho1N(sBPbS4R&a9Fx0NcZ}B1&?U0bP(8dW0D&>jxsJV28
z2wsjaloR;VAGkHBuxIb8wCL)@_j@gcdo8`ghScVSk>4E7*I5@@L2t9n_xw}pX00J^
zCe6!-S9Vv*Bg+GF+V(=__uo@MA73Y=-%5p9FBF$Ui#<UU`WF#y%8H^rNrDd!n0rU>
zf~9?5U97^?Hm5vri+f;PsjB{i2e;kv`}j@ARD99z{j*-lobCI>|3)O`M~N#;$H23k
zMa;}QPrH_%I=udUg!_XsiY!F(*2_J=@B4cqbx>|iT3rlZ%f}3RGd5jST9oGH(hSGO
z<KdOyMTY(f{)Tx!!VCS$AVp5VwtRRh8s}^}3|?FMh(5sUA5?=z{n>9o3K_68s|Zs)
zhA}mlgE^UD&`=o3&_g=$|J`hnM3|Mq+#G6q1asLPi(_}Czv02uV%*f{KCHr1oMK@2
z8)Of;_<cO;-2k(jd8zceG+$Nokk7@06OJ?2<B)@QSYX1^I%wlFIrD;+r9J)<B|_FH
z!u?4*m!qiD>w{9k_Zk6X97UCiI!<{558?PAk==(tAMO<m+%JZwsgj}t0jP=u!H&Hk
z8cTJxd@}}*r0bua#;@DqNdBoT28aTu;UEYXSrk^q|6_As8lana9$}5_n1G_(@shwj
zTW7mC#?f2w6Wed)wCZFcF1OaQpJP_{*c+?N(TaoO+axoRl{4<#tu1f0$~U>gYnAm)
zYB+g(XAu#Rrwhsv3HNDD^{{G9U}?FwK;9UQbhbEBBtf8hJY9p4{5Lw5i?h_J>kl8|
z8O2#ZYQ1nJaC#*FZBRKwBze_H5&6eGclVK!jhx*YGm$V0k%i#N@j7iTx~toHes}93
z9Ow`L?6qlvA+HCLsy2}g>nJ6n`D(IWS`)loH>u!;MaycM?jf3p6mcYL75ljyujDF$
zPy~V=Zc|6a&T9e5p}odPXnQ&Wb$k7zDaGKU)T=uPE=ClEfxHSmbWJr*yxAdTGIr}9
zk`Hx%4pnk$8>f7J^6|LV5GtChR9N#9r0@*{niF)|C;H%*#2ywA5*4mw&M)k>x<XI%
zoNQREJK`WXNo7}tPc%=5@ih(^tI<#|p&!|t^qUr8oW1b7uORi>JJRB|?}nx-z-<ah
z`Ar93<5}7Ou<#&`mQsOCJUjWzo<4uamoM(|{zj*)vdMwGW(3c2)S1_**5whE`<c0o
zqL>-#H&_B`vP2Oi<&#I|(QL;tf2h=dUsuro&TvN_W3qbifs^?;_yzszj6Gc%%w63o
z;>(|8lQrJ_{mrL|$3;VjS~y&VLCvJ#F01fp9Pe_zR$y)9;Y$x{=_c<~=iswAP6s#O
zyhT19j-Pja+Ah~G?g1S;@{j8d8mvhQ@S^!cAD+a##b0qCVJ`jpq9?bVNk*Y9L>9wF
zGGG2@fszOX!&_GT-%n*a$|#+SLp5)q^40)twa=>3j>UUt$HvWPP76bIULEJxlXCt?
zID3q?mluk4%jW~u_FnA*5%%Uv6JK%o?ajYf#5Zk#^ivi0=;MM5-?N(Gq(IC9dGmul
zz0~TrEoA#NL$O6G8@U{%nEeiyBJXv^u0Av7rhX&w<+jIGjZWbb1FuK5`_2$ZurUAh
z6A|~G92jR$qdj>l`uhDc;W43PX~(^a0V}gwmrxd#8;{xOkA=e8EbHxIUeftwW7fBg
zO*occ-C2njy<QQ!oPKiUlfj$r#4`1uey5UW*1O?1)91&7A<PnKz0EuPC=*^?^w&3D
z{Hc-X;QgT)rPjCdhkZ<)okUlDA)d3Gx@-=EH$5URLzcIf?mT?nyAEd9MfqDRak3!V
z9AY;9JW#)gEpD<Mja<(p%@^T$;WAB!G25TSLBV925FS=drFChm6s+)lYut|v1^C%4
zQ0nb#d<ipyBix;C8<a-*pDaDrP1LLsI5%!>+RIsl(QeC1w;40}IQ%kMUMO+JWfv)H
zkZdQDn;{hi$IDt9{w>`FTCdl}?}y^M*x8HB-VE>=8o(^CX~SHd3~!y6p&L!w61Sh%
z92EAXQmC_ou;jU~5zQ$c#i{s<tX50dGw*ZpUvJhc5#@#&OC}PvkTXaGR%uRy>4pdw
z!LQs-W~-ELb-gKwPxzOIofw8a<X=_1ok+TRw@|%LuWGucM$}WuCab5fKA6q-jr|gr
zIWYkL<vO2%BSQ+6MbWo}Jjk6U<?N0$8OHluvIO*OF54|sjP<&X_JYq&rj6;TSAKwI
zde-KI$i?aIp>HkU2=8HEG|ttwKfPvK+B-0V8hi4R*4n}|jVCPexD%TG?u}Rby*KFc
zSIy40-QnvIgp5SxztjT+q>;i2Do<a_8ODdw8Dlh~GAGe_`Fuax<XsQ^XKr{$QADg>
z{N3T`#*o+I&wegBw(M!1ubrs=2)UQQdY4<3GwX6Ry!JW8oMQ0q*IEw#6lRKGn)=IM
zg0S0D!x&{~OV+c76s4R%^BQs4RHg=%2uF%rR;K7Xw-=d;S8|ZPkB5dW8OGyPz93sw
z^B{-<FX&k7E;N1Y?Ax@(v1hK(IK6I~`zaQpyZN!edr9sFk8f3guuDP5?M9NGhcwi8
zMy;UIHWUD@TCkiXZ85Kfz!3<Afb+<kDK^HgRhDE9?X1*QX~OyO)E_RGxf<F08t<<z
zv@cRQ@=4uUCT9Jl-HOCjEFa!=4{(KkTFsBNG0A(2ZS`{;J;6?kIbyuCg7!=Jh+nM<
zk&}~eh5QTcYMamxlulU}UIe6-rJvV_tp+jIpZz?K3gtfn_dvEjp-h5p8k6*o(yn{G
z@Rxr#@uqF)FRYS2o$(LMY8KlbTPP9s2Q+<ZFXfqs<OYPpCcdnu<t%!!oR^T7l;&Cr
z`DZ!6s2O*-*-dkT0*T9OfR7X9ih&mN9EX_RKTBa(#-gb8iY@9)KXs+UoWjH_IkyBx
zJ4%gLz)F$IpjS?6CsvJN^|b%<kdnr#LX=dXd~!}0E@ijri9V-7mnCn6G`<+!UMMN#
zjFf{`X3!$^t@zWKW~-my#>U?0UD*JtNi^^Cbij@L6$HfZ*1r%s8ZLGXe<A$iB^nxu
zBmr)H8wLmm&#JIppQAGrBf0IUw^oT=vY><Ni)aeF$4ow@!2ambS855o16;EFvIq({
zwb#xGFC^HV&>F%{UkD+_PIso;OjAuAs71B`$n1hoovVurKN+K-=~|3YD7(+QE&$Dd
z9%r%&0=wo*r{Qk;6&Y1-NX%lbzvgz2OIc@GGjk9=)A%GS@g-i*dQV6$*5uC}EDU8H
z2#{*o?L@t*C-tM)@LvR}=2Z1-EFYYHT{68Y&6dyD*sUm2dWyehTUQti_teSVi&=Ra
zG1-H6AKNV>L8-$Xe_Z#Ax#ON-5oyW<o@}YS%~LtK;YpH*|38m0Rb!7{(T%2{hF1}Y
zHZ`JGbz#Vjj;3eyjK`9i03IT)Ju@y{YMZL@=qvWlpGOwdd?Bcj$Y*38zC9Ncr{N>6
zCViJ*ko1Z@FFR?bNbFqQ5LS^Y%=sm}!?i)axjN7otJ5SzF>D1o16AL}P^faw-(1(K
zUgT*6%=6oIPmWHrxc7}MdFuH$x%cTES@f}avbw}7)sVbx9TbENgc%!ezH}epjTcoq
zo5zfo<jwofVY^4O!DJEV?pUhUXB%Hq%6WEou&%WWy{#SmdWnHOkW&WSMTr5{{Z5gb
zrF1f1fxGFNY_Xcv(C&Nlq##{phTG?~0FV!r011h{yzq~48n;b!WXp#mGohs<)TIka
z)qnHg0Avt&2MJc$G{ssiX`WZ1GY=cJzVBYQYpY@_Q<4qI$uK&3_vwsAG@!$>;8*)!
zZ}$;_Ht|*Rlj@-l2-PohV?O$Xi81;%SS7_E70mb#aVrou+c<bP>4XO#9J=_?!QBi@
zw!Q~%ry!%3w1w&%Y_tR6N}W<v0wAL@@)v3M7m%D}PPZnv6b<{?LJ@P3uiz9V&nHC1
zJ2LrurTs6S)@b*C;i)_v&JQNP-TbKyjOp>BR%jCVp(ES-lL2>lNxmG3--yKy`DnBo
zrfcq|l@;v(e`j3yC2nKjaS?jrcjlgBzEE|IK%ruP*sj{x9vZHZuVTC|!T<bc+&Krr
zQI`4&Fyfp8z)PB>6Y}AxZb+0&F4*4DFAs>*vzMeev<TaH$<3833B-C+B|DGfuGWYr
zvJi*hIN#uQAkLp&@84Kq$I18kc$UB&o@IxMrx7wHr<u6TLrZp)og5X-mbxnRfL0uZ
zu_5BTi-fpeb(xaCQty3xLM%r#GX5;ABTpJhna)M4kAvgLAo^=P&ZECQq-^sXW2v_Z
zx(Vey(hKiVQ5Bl%in6SDI+s@*__lgi*Y8%IaNT&h;AI<>a7(V|q%0#(yT=mG=%8t4
zA6MxMkU~yjvN0}`@2OPiAms`i)fCqvaQKq)ubUw4xu+q!4@bR?4j#+WG4j1m3<fPw
z6bOgXp=WML(`5CQXN`MUehOIkems9$2<m;f$*MQ!qKt|P?G+7k=R&OzyZKIoWccu9
z*o4x`V0W$KEF^(BRyg$2CceBUVz!^tZJx)?WU_`!MjfDB^GLt0aFy<z?K4SN1?`I(
z5=sH5V#K|JyG8KP!h2Qh&xjhZ(qyp!nXW74O7GW1s{mIq!B#(x5%Z@f^3j-H@LOm>
zbO|$8{i!d$62!Q<2q^N#g*-%!<QHF`vA2Kh457kp*oe%KNPY5R(krqk8BI7uUHR2J
zT`u`uo-J~FTv?i|e_?}8G2%n#jszVI{x)$oTv)k3djkm+^t$q`=~LW-)ACvHx|n`T
zAf#tvtA!Gh73+PM&;&~Ch*)dUs*(g)XDS4893^m1>IWGNMF#_~R^@Yj%j#?{Sg{#m
zS+T+8oQWZ|CUa6{cU^6rs3>@}2+|P~T*}amkUqB0&`T~UHR5af@Hjr%PsGOTcE8>S
z_=i5K`Q!*yI>H)>LBV#*W7jO`2#M1)@C)4=K^J}+Tnz3v>{o-wjq^oCY}Ms*=DQ|m
zOC7&6yi#c|c#jx(>faQ<Bq4g6?fW;Bs*qtteC1-J85N;Im{6EzdF^RDT_mmEKUGKg
zt(Ah8BL!a)QT`FNP2-Xf0a3AX)&$lKrNpisu9&8()NN*5B-28~yc}Zodc5eZZE;>%
zZWC|RXA50d={S!_+3r_lI5iyVc1_$Z2bnqUthmeV9bC}?`f9=Nd1Qrqy;Em`ofww)
zJ;)ey(h;1SIc5K<Ww^(-U5DdsMk|`9Foq(<%Wcz-T`t5XEI(?>pNW3HF<XSIGjtM)
z!h1Ze&MVqfwnkjp4_&T7XRz?z=#Ms;Am^x1$qO+e8;3ab@q!4B78tNiUr0;eS?NLf
zEw}6M7)z4K<xpOngXXQH@jG348m?;MUJ#5|y*?UT`U|=eY%j_Zq;(i(0qNz2BD-wq
z1=RNHr{BB0)B}w-5pxVLIEI%VfksWjI<7n6a!6D5+8~4jfA>J5m9O@7JOd^6DSU=a
z_B(l}ys{&eUtU5l5$BovVxn^>cF=^5Pfsmtln#ob5B%oQrrYaIL74cLVF_zWHI!d@
zdCkuGUN`wd^_%>~{ZyA&0sfGJ=AI5+py<@jUSh=+A^L~+UlV=(lj;Ye!%s$PA%}W2
z9|RgXe`?rG2W~)6=6XBe)tg(qXjMZ)+|=X6p7SgEJ>ccUkn7eUu}P^QF^5;g-FM_@
zy*|$sIzlrIk}!EO*6nbEY@cL)W5?~{r4M;@hhkh=Nb98XeoCpPbTmZ_>DNNSLTDv)
zP(flJY2ov+lIn$7FoDm}Tj835`}$??KEkR2aqu_a^S)OHfo>OfL)^6IKtAucZmghM
z0M<r@WWyYyfrIDu-WRrN>tBo0RlzTNCPK4g7M53LdvW>oWLbH=KQysBbUx#s2>yGC
zwZ2}nb?<g0X5wU55eQ%+c9Z^4Z~@)0V7$-B6-CQ!$f6n^^bv`e2!6aPA79g6vo+&-
z!puU#u2S;d)*>qq(Y~EJS(1UQaf`w+95PaIGIq1Np5H?5O{O1QTB&*d*_0)3iD_@^
zmDlC@$qc3B(v0A95e|}_JclN#ADM8U>%WCFU+vK522uL7_-<rpMf!UNY5<QRMKT9e
z#p3ihU$cTrhF*SSkD^wv>7S0aWxyS~_!EJqR_F{O;zHO(X->On@Hq<AY4k<9l*jwl
z_>7IUx#g8qI4*`Bp7>9CZrW$;&A6d|q%Zo(ytMnI5oBBUCNI#P11?GB%i6cbu9P0&
z;p_!5HV6?|&ioFc{ucO=Ot|G#sH}LTba6^?M~wHS(+pR~>i3?efFj9zUJOr<^RkA)
zA5MB48--4!os_dW`9zGkg_7<3B*Szxe|<kCBd%epSOnTL`Mh?V6c%H%Soq>j3)mvP
z_VM~CLSq6|b%WP^<m+@aj~H=Lm<D&9G$sUQ8}%6>=NN-8Q-?Jjo}RU@n^x}iY~>dS
z@!o6iP@{jC2h-|&1Zd4o`9Hy%77Du~ruuQ-*_k~Vd|1%p=ZUjUiD*!m^1KX?T2&`B
z3ixPI{_034gUt!~`GXFp&UrJ5)_n}5;leluXoNLe*-2lZ>@ykClzk#F@>-FsJodB}
zvg7N97k>oKiC#!d-8=}-3wecG%rK5qWWTw;*MaW2+G|w%dyG2zU{9@I({TfAYM~g>
zKk1jz?64^uwE=SN?ta1YlqN?-M4!C7wQs)lPQndiDnPp5V0R7oQq3pAkhB}2B(fnH
zaReG{aj5>Z*rI7x5p(w*i$0CCfr^SFF~iuq@2Gaq*L$fRwe*|+9r8LUwZ9TsJD_ul
zvaHB02}?>vjt)~wOAcQ!yUbfyL=pv!UPeP;RX%KJS3a`5ctqRAQvt8^rKd^r9-vRV
z9Jv4KY4<P^^}|8U6EmV3rcy<q`Bi8IsJ~iE7MI8RtdLx(G)aF(_>nwNlrDKTf}xXF
z^zjno@kgV!UrHcR;|Eu8+JZs96%CcEBVpfKU~z)h17zZP1lpzCp6i|qXuZ1sxti_0
zBhkT2%rLBRvjvia5|Lpi1%mudGS-f%rpPq&=ZGoA9x~(nwM)H-b$@nW9El$*T6Vl|
zHIU77$O1rkEQ%`eUQb_-e-evqsQUBBqiNfMP$?s90&o;;O)8p|LRz2z)%NS_J2>Uq
zijP$dM6@zD20yzg7&0^_nhy?B{*S3|4#@lc-p{s{y=vLEt;My>Wn0UxWxHkDUbbu5
zwx0BRw)gk5e*d=G>%Q-E&ULPHog2>9?P>HHHtn4Uk&mro`?o_LoR!D=B6*AF994E7
zel7#g$vvKyhB+a7<Bxh<(!`~<M**+eskH*Wn+5fs;~aA`F3M0;qIVI;6CkkcUWh*Y
zxN;|;sg#HnTJ0u=n-LY?^WtJcLU>Oo$7Fgy<Y1KSC+Qf*Am_}Bd+8xF9{TV-GA#7C
zMd`9yfV|_7;uauPemID&wz6s3qFHr26{mm#n&)I|8DpL@HZ{ITyqpPi6mHxBD375X
zGcY_^T!AfS4D%{{Q(JcJt^iqb_?Jb6UQW3_FyMPq)k6Ps+7@R=<{qdxJbj?2wB{9;
zo^Ousni6WeDTo)y%6H&x%}N1Yk@q7xix`~T-0J)-Clb`wpL%icHf@&C3l(@28eZI9
zvbMrCY+8P~EF5x7y(JtGsB9HAULR(ypDgzt@;o;wsh4VO)3pIOUJAFH=$zhCkzaC>
zwLf(mYU$WQqeojY88(Hw8NUGNzV6~5L2BB|Z^^>s{*ikO#}C2r?ByA7?8obk2DwV^
zC-XH2efPd6+{P5N!Lp8{2j?I&Ml<b`bCUe?y0~-}QiwP_R6iAb(tQ;54@5c&Ex-53
zMFL3T5XPX;8X3vNd!xGY0@(a=U=F^~AxoS;H1XJ&b1t?_!(VAd-qnvdTx^(7ZZi_z
zVoh?j^x^yx(fXsv5N$K+`1QKNf^HitrS#_po%*#IlzdRCsY93>6p-6ehEPQ(_6mjw
zzWgUWZEd4QB>jf@mAA!P_yrkL=AInx_M>(qX46=v_mErTV!xpX`sKQ1-zCg#--<%J
z``&gzze^_ItQX)0eWXkM;K@sLV<hwm?*W>>1PO`E>rrJG7tW)R2Pw19lnoH9i=ybL
z=;sOeoP?GO;Fq{0A2^*<DrqQiz07lo3vM6Bje>kdGc7~18m&qC8V40M_mNXA2}MIY
zk?vVhlntI{2uHznOjLEAHgZO=FSiV$Mm}jngWw;2#QuUQm9Y+(Q?koUU=7i*VSrwu
zPTN7_B8Y)ARKR1^;;2orn&%{Hy*|2LIR66vp?@W7w(Icv;j0c^9UkJG;P(F8<I41j
zetJ|MZlKR&#v$k5+JlWre&8b~K@y51zK!|jf^lz8%Q$wld4+7c3hmf)i*m+OQ`Bf0
zB6@n%zmhmKRKoGAJsEdY*flLWdNn@*glB78c*+=sw^TX*RXg#F->lQB^jaZuVCL56
zH*aKBQyVL1PPKfGHfwLiHz#%XYim}7rhLdEawJID#p7#m+Wpc_pM_g&6@v$%f=HrU
znYW8gbzjr0ajj!@!r;TA;9iyh7U|%>oEZm9;t&nLKn5nBemEc^x6Vit2D8mIu|^ia
zf9>B=7N<=6-1YUCp<9Xje*u+h6oM)Zw0i;2?ldBbRwa7Sw3gvK1kQV;Iw~+8&e@7>
zS-PD}h0t5Vi<ICWMAToUKKD^09+)cm*xmkodTdo+vzW8-S&UMEwT5>higwo)(k@c&
z-&`D{Bivm4{+Z}jIcG<y0y)!N)Bd5`IkJHU(o7zcvq^%FDw8^Wi0|(*%VBahCvEKL
z2*-FxrPwX?#nN%+hY7;XMGu0h0aOV_^iVISBLL)_&F>Yc3KQvlEZz?fU|KDJBTdW{
ze^AB0o!1CS9BI)u<S0ZWP3N<k416nk_+X-N4^I#7%cJly;_lN8Y~QMgE2So%^+MH{
zyaGbS@yKMSmhYrM$2!a{yJ}?~fkgb+qsAc)IF;k98rbStgKR-E;5Ss_3d3=)^~#y5
z8q<wQ`*z->1ldtns%(rEo7ls)z6(8vt^Jbx+uW<?;(3&YdG{ybBh00F+;lGC{}cmy
zPKo3Ve0^ctfFo$;A+b?r-Ja$`{St9%&A}~B`FtX^a7cFLZZ6?}Rv}M9l}P>_LIx};
zXqr)~`T33xn>=7gEMD|G`=pFjWIcjN=>MvvXyXb2a2s09&DWNNI7*kV&dM+TK6i6a
zfCH~U3~jxpbD7zT#(|1U0D{OACV7x~|NhH^(Od(5DsNq&hAI^L%I&3;X;nSF_FC5^
z<-kkJmt)*drz8=I)!6d-){W3UjilVXHS)5#uV9_qEf!J>Yp*V|=RB<Y6zS>tYaiB5
z?e-|9{wOwVEStZL{2bz7yX7d_Zj67CadLg~AC0e4rtq7y!(1Ra(L~vsnMF%a6aAmg
zEM<ag7dI5yBt<=5%Z!dH<Kkftiz)u(bA4}dYx7DKvx$Z}k(sd9mL1(X*21j)2JiN=
zvMm*#c6(WU>VjWESb9b{veJt<ZzUi(3lJpZ<Un;sue_DvGYb=8K<T`qC!ouyRne7l
zHm&3vn%S=4*V(g_kEZr1i!Slsv2tF4meV}orgv)OuU*R&^#Cd5T(D@rbZf`)MapkZ
z$~Tc0=A4#lr`LiW!a4k#$`@Dz$THfEq(va6H9zK3e^g)1RThu9E-}%Zhmid#g;vNb
zUkW27!Z{uKuPk6?73Pk^Bgs%n$9Z7K-16z_^m&l?X;8KJnak_H{!2JgLg%hEWhp`?
z(QHCW5j?y8_pDXto)Ds|ic8U2kL*Z+&lHw^bA?)@9xmsOR6AZ<-e!br?jM=7wAZe$
zHc1wV5=G&Ms*tiN=C+V#PiQ2YOeyDQ_79-ZX^gTgM*Wx)y#K3F50^I&VJ>BD0$i2t
zGH0f;4GyDz4fF!w({;e6))0uk<{cKh&PPExUk>i6JX?P^nWa0RX12-4WptdOCtzGk
zw8Y~^OafnBU-cQ)r@BhIC(`Zg@JFi_`F?*_*MH}va{BD(a$*3R0TI)PwrA2W^ww3K
zrHeChh@>5@R6Zc%(=BVGBk-WgoU;a-DywYjjBYhnlY}29MYI?r>pm1CTk%nZSt_<D
ztiTAwr`U+poI-hA^J6bFRWHUOgCVn&oiqABac9V=&-y2a0Y@?Lwmu5cGT`|Vn7Q)@
zY9wVJb&|b8kz;%Z;hY0S3*np;`I@m?O_2@UinBY%E>aoTTczdxRd3}TbD1=0O2Ed?
z!k4pbi%(s?n@W6VCdqnM5)^4Rr}~jk8H5r=<CFSc&t+$}yk{l1kWbS|UnwNktZC**
zy}F+BJpFPMYgYv48jjh8N>)^3@{ev!Ub4@s9)rlS@u>^eei)0!avK)>Y5d)2$3FPV
zbRxxm@<ACjn+Rmy=)y)8>l?0$#f2yZo+CpTO&72=!T2}1N5j4d;N--ClN%-iPA-WJ
zzDAi1b0m|)%rQQ!Gv59@a$bvD>uzNz8_bffb8yVMl1L)!WS*|!fDV7nW@U^+TmFlt
zH;eX-rp-Y0=9U9T0!>5fX(Q!rVauv<jq0J$Zr&#Ij2v)7K+K76Z{BQLS1Zx@4b^h$
zE^&%IcvR3&PTW*9vmy-p%@K{7cxY-eQK8-%@(axj$Zxy7_O<~#Q22;q|3cUrJ16Hb
za#9f(!uH^900+7^MUs%R3p8eoR@ZdQBDIG8ueVUq4CWyq&g;Hp(Y>BqnEL$jcIA2r
z;NI?%Bo?k4*5F)@aLb%lN`MaUnT!stg2v<nkF$o=KtK%^?fTaP=LB9yZ4Q)5mT_&5
zXy_Nb&&^_yp+`<LgZ|@Wbdk(AY@;|366(c`Cday*y`_Ja+-R7DGbMG)$Xq(6xFezo
zhPk`uOHhQVX1_0oq0kp~O>8kGeA-bi2+Gg@3yyEGBH~8o?qtjfVb^8&!lVT+0*_B;
z7MeHK9_#9&EQJY4RVB0iAo0K(97y3YcjMMfn7Jo}jZ@=}a#{EN8`_vz1<9?#aCqLR
z6jF(r7hjYKDg>kp1D9sAA?!sNJQ5a<BCSqYhkg<b3gVb?UfeY$VV-DA!4Fc$LhS=o
z2_4|Nm(-3ftv>aoSc|RH;*)=d>z<m!kWl{&rj0l(enquc_I0)xH`g{n*0n@g5`Va<
zVq0v7Y!wAx``r?7I60+2OQ-@Zp$y{$;n-;<6AaK+qvRy}iFcRgFd!qTcCuxc6i~*a
zc}m#8=r{?V6Sw+J_Xa)UKKn3d<fB-Z?Am6r%%@;y_AM$7T@`0+?}LQ<L%Y?yi{2ph
zsUjMSrA)JOj{4i{8tRic48|YuGsNW;u<pp?Q=Day;lIx*6x=fizq-xOrkILp{h5S)
zm;M|^u<B<pHB9}{+PY9p?XWK&gH@Q7BuGk2@?*U-U`R%taz5j$y-&g(ySwBtQt!_s
zV!`KrHe`L(Y;vX!;KNhIq+zPauxz3?oQpesG1^fwhT5I1C?kmFWF=8My}RNuAuziY
zAb9Gem>89{%a1qbKeIN?#`ps=Uq1-iX0!HxpN<ES?xniqQU{M<))u7(Eu!}`n~s=M
zRSwes1iqQ34%{3?^*$0XY|w(kNMB{(NYFq~k1MYr#0Y{9-5lUtVTGi%%aZIBu6o^{
zmeOGlKDVUZg10Ss;SI&DxOZx~m<~iZHyjum0A8rQrozWh7?Bi3;M#xISgnUHU2~R5
zv0>b|v6O`VrE8f3N@ExjY@fmA5Mn7lv7|6{#`A9@3hvavY9<1NG_N_!q<8Y7^HTrS
zhL_JUb3hO`2ZH#n8|ggnL}$Q6KK-jU+vfO_n3r~ESY+|aB|OfSRqM>$@k!fSVwd>s
zKug`59d{97JMOs4YMOJ^`l~p=;~4(cIjeCM%!^z_>tqYLNS2PhMSM@B@mkdsGoQhC
zCT=!v!>v0dL-emH6^Nk8Jcf+i!6GnJsi_4<l4-v?UIbowWYB4RG*VRkb`%WD92esM
z<KH-$USJ|*Z6L&f<1}_BRcmybJ04rVdmfvo6kaM<@c*Im3=iH+z?`raOb<LBX~$*_
zyy8apuF>y@el+)N+o^L=sr9RP)(6V*!huzxN@*SE+J=u8%L3=fSMYV9NQXfmLn)sX
zFJ0m!S{gcOG*Y<z6M!<9zfp~Vyxd*v&?^KR4u@2Ik#sjMPO%MtbTjV3Lb_P!s9zuS
zG;9iFU$NBxcvee;4|^^}EuK=GN;*gDwp1WjarCr6HDn)$QM>{`QG;~!MGp7cSq)=*
zKeGkpuKHYy6jyTCe|966-p<Q%B3e;g-7qA$cFhM+B~WCfm#Xc<(L9%+UaY3Ecfw+7
zk7_jm%yK-Jz-Cqsu$gsWF;ul)vMH31AN%neBz7IlhA3>7arkJoG3_)rn|l7Btv%|$
zOb|r)BYY`xP>g!qp<`dAEO%A(2C)5f=WyGAcath`SevV#<#@F9x|qCsZekIa)L6f#
zSK;HD?v3DMIWir;9zo=gBk|JO9w6OJ*S1J^*u77%(QiI$deHHZyW%)!1J<rMf6C<H
z)c6r&aGwV`b;m1lot61z#R7A?qTF`n4rzQvNh0^uE!nOBAsDClL%<yhvuQl)--vQR
zlIJnuJWU2ZIe5<CC#}K+UMCevVl+A&4=pP$)En0YT{D#KV7vT287@;%9utmSf<I}E
zYqonrWZ>(|srA!Fdxw1r*L7QfdmlX^B1O?do*S51_3wt4mv4TI1>jyF1Qr20Ozp33
z)X;i)$Qi-(*iHf+N~<Xigh^aZ8~J3nHw{SPEXN@Yroeu|5cmKI3x4n@41SFSAr7M)
zLJ<W;&6gU+k&>VC(t@d@fByX)@p;8LjhxBwV}XdjBh=?d=qd0hs8W_KyyO7ohQY3r
z;n#BaloF~G8R|@HuU#zcM8&@T`YD*`+?3p@JLFV#4EB~o!2r1B9d1#bM9=iZ<o;rE
z?N@0ZA<`{=?h)(kU7AXRADC9^ftt<=;oO)bS=8}%)74uQfnj^OqYJbYA1A3)hpEhw
zoj5sAg@GPoto<(ihb2^^gcwB&F@t1a?<<Yg*elht?vU<$gH4a)s@w=6|5xr_4a58x
zwGNO3##e&6No+(3i*hB;2haFn+|~S-LT6-uuBo<wSm2_%$cH@GIBP93+1cea@%DP(
zAiVHL*fry3=o|qi&orOdQ)x~Oyb`upPRuOA7d^RvVjm9ial>n3j{jBRHj0E-0kZII
z>i8mP&pAc3O9sL3!-3HhZy+HC0=#qA;Q&G*5sRPq39JMsisUVKO`X1`Hk?{;F~l^i
zAf*HF7bN}{X{koRs4vOD*Sr2yG(0HPYq~EqcgrGmG2fm&n3q}LMD=ohE$Pocshrmw
zfCiO5M#Z_h9#G#Uq9IM6!g=O~W8lb>Da&;apPG&{lKvGLkw|TIn0np%BQ`KSD1Lx8
z=JVfuMI;?|?9Q!{uca6R(PCb~*~k26af5x-O5pd^f!`k)SE(P~UrGtN!{?bvVBc?_
z2+z<j(Q^rk@@Q4S<)1+|SdmjKp|I*l_q-`xy_3<JfIZCH#wML3pPe7a`0wk>xP>Sz
z>B6Hha7<EI`m|(2Td_$IBiu&DbugNJal^=N%IcDuBM5~k?*lkS4FnEA_|E|5RWOI@
zT^G+(h#I-wiI(jumL^5h_pwv?MLoPr^=&I!XY=yvTNLgX>p7N9iEl&JJdsR;z=Kpg
zE}XzjyHNf{;b{bT5DpTy34~q~jPj2Mx!!!_dX(oP6XQi%4T2$ZSo5<Hlxh|v?04O6
zoUDtn6;%(YnXgy4)o%}5YjssNyzbyJ=j(j9SzCAUZSM*tqmK2$=P$(BJLG>#*n_i@
zc`VP`dDE};7vZc-g7OX+j<luTn?awgm{T=R*x&4uW%O!{Yxc@i&%AH>p6OBAv+!E`
z?0nmC27J|2TZbwj>6D)wk<|&&oJMNRO_yk)Dq!l48espU<)$2vRd^jIUa)}on4NQI
zRljCqq^>V-xw$cwS>|qBLFV$ZRS_3YbDGRG6ZKz{Bj1*|CP`K*420CHvm`fvNA?0O
z2<_D`fp=6RKCBMTkCjGb#^H4ynw{bkeu(J*b>5Z9h?!eaQKb6a)Uphb`l<M;YS|`M
zC&B|vD7OsYGPBPRc`{o{ssN72k<>R%=`GVSr^msRFWTuGh3ad^46SUlx}39R%X8XX
zFZ!*sW();U>}z<JFP=GY#I0xxfW_>J=b1@}b{>amzY1-I^-HWhOaI=4+2iioNS3ev
zrTHbOeFl%Acq^*cnuyqvVgoEOUMR;NQ__G~BqgdI>d0PNb|U)J&F7E*i*IdXJfG?&
zkYs>>^$(i^!3jxDN5+T!taEXU>lJ~!WAHHfNl>d$(_b>oh4_G;k<Fdp44rSYU0A#_
zS>D8-=8`Ta`|oYxP#uMq$5xd;B>L|THe=7#*=-vMa^R0ZohHa1c1>sRW;cHfkU2PK
z=@EP4|0r93Zj+X1hcRo{|6CNRA`ioyC{_X;JFMZP;ZIy_u^x{eG#HexH>HL}*Ju`~
znMMKSla6gIVn6-eq<YCQ+0FLOD)rh~2b-J{MICI_?u!rq;r@5@o{dGMq86}iqKDSJ
z8fPusl9%(<qH4MnkeT#gLjkYr{1!|}C_yRdmXt(<jbY_4xOMof`v|^U@gK&LL1D6$
zXCo0}m6>sjV7K9Qi*$rAs?g>+W6Qqg7uz8)i?W-7U=-JxHH*=VF0+C|Y$Mp>Rm39Q
zv{iKD!=b^U&slNpHyF^w!s`gCY^m$+@d3r%>3JtUTs$xQydRA4x!gRTAF?TF7gpX5
zCI-1OL~kEm_YYa5Q*gZ{&ov0<J;wN+FV4j-w=+0Wxs+Bz4ChXtu@068Z<K(SvQ^6(
zc@$XG2yPAuImlyC@w-h$4Ecdjxhc|b!NEyVX#R4AD)j9~G*!IlSV#0DhmX&$GouMl
z)T-+#lZzAMl*ek^q&gIwkiinIir!M;yMxRafBNFo9XV6tNKUF6Gxu@-_om~Thluv0
zbDoKSr`gKdwETrE_>VfxBxpMg7m45oOyZUH6!-fD>u}KU87Mh~b5~+FkAl)oB_q4Z
zbi`=;$PZ&?u6~xX)8?q*<VK`05cu5q)v~|*3Y_}IsucNxsYMZ@b0e{=jHm3w)spLr
zHy;--8bR?71#eQ=9V29>1%JzZ74Ttm+zamx=NpG%#E)^hjhdruuWzhrA4a;m$hY9k
zjJ`Uv??}{10k#}Se2x+#o%b6kQmeoEUWGb(&^31@DAci<ahZ)bgA`yhq%wU#0lxZ&
z;@NqVf=dWOLh?~&4&=L-c>r-*n5mTB4tDV1-dEq)i2w7iJwLN_cx!)_>F;~vn4_>W
zA(V5WSkO<F-H5n1f7}d5u`pH__?`)Ag{=moEEvAiuBry;+-HzgP4-B*jf`={eYcy&
z)lo2v$hjGKNi4x?iIyDBpTBjEQ=t_ffGczj5+<O-YDh>7GRR$a)Wv`YHHfiY9if4f
zl%7z7bZmwS#uT^%8t?mVwrfG&aqz}X;zL1)YY@~u(^b_D{MmpVUp&^m(>6v)q~u#{
zMI$9b1qnT@Y@aH1V26lx)vHk@o13M~FHCNd#yvjwj0(Ew&@<*1XT0|NjN6=oAl4LK
z;mt35D$eyWcIgC-jfxn$7^Ck!@i*w2EeI971qDJQK>xy|QU>~0v7axshixoqRKM#M
z2er%tW}LUmf_^OsF1!>bmFl;Dk@+*sD4p86R}HvwKf}26Gt1KGY-SQ09h0rscQZ_-
zaEvmfyeb;aT44+Qi})?R=49YZLXx)x^EIqOunB@t2-l@`v^qFR?B=LOxy7e>-Mg#;
zFTSr>waf_@tPi&R;{JiEl50C*(fvck=+6SFKjXupY5<P!lRtM~t3L})mr{g;)DUyG
z%$|df(lsMEJDd~_RrCKhz6i&3X6s&?KjT9nm2D+0h9@CC+=4oF<zYaG{V1t%lds$t
z_aG7%WhFJB-MV52+{CskM1%$!?G_*}whs{D(I?ZrwX*Rbka!8spj_$b`;s-%jv5S|
z-Q=<#Jm5^zcrRu-e~SVEToyJdfp|96rr5Yd3OeX9F4gRd9Wj=laBx`>+a)^Wpy+aH
z%oWTK=-(2VQ3FeKQ7OJ9>Xo8W3H*P94YLF;rijw?_n=TAxXa8bip6nqq!NXUk+Bx-
zO%|+pFY(enS@l>|io>UR8^u=7<gY60PYlN`<xoEHl<f~i?)dH^!QRrgtuIpRa_78E
z+*8!0Q`$LVGI5FidzOyzT5V?HdFVR^Tk536V#6ikU8v39^}fa1C0;gRrQqrZ^k{I|
zhgh<657U3C`<;tvVrAgy6Ttvz?D<eEIKjxh^t1b56_uH2qc^OKXWV)Lq4aaLudkYd
z$r+8}2cO>|r^%VGXP=_YZd_&#7WfO#EU%l-<;im8z96NRPCQLgWZkC@?Jq3fHzN9T
z()$w|d=iBG`oJ{e2fP51PK??$RYe@_q>-d%YQLzV=0BvJ-8aOY>cotcgmjOZ2vxkl
z8nN*hop(rM8kpY^T4Y(v;)mGl4c1i+uY4r4<3HUnqIhvyFT>OHDrL7<AqM>g;x5w5
z^KvDjg&SknVUvSY?EIzuY@FclkZKp`e&^V1B6<1o(7NG18DrMeTy-DUK-3VMFqgBS
z!f8VCGmqcX{U#|Xr~P6*1y{>{3rOa<vFRsJ{%#U=y&v#>?X;2+Aa>&IpV*f10qW8H
zb3MUa(Gvo_P2r>7s%`tyL5A2VDakc|$7|Mk8-v6-aCZYqM+1o8?8_yr&pH8$C>}5a
znW}4n2(5#`03e8|L|X=XvJHyMR216pWGG^dy1}T*QIcvfaPA-*LHyoVWzJA=vJ;aS
zxGLix(qW8W{3fh`FLFH~@W!;PZ|FV9zird%$s+QfQLL><JzNgpB*M;3J|DM;5X-m$
zsOQ$};#{k~cU{3YW`9=^DbKQX;Y6{Twx3KNv;Ge51&@D#Zkrw9hMg215NM~(OekjC
z;)zu&h8@&amR430qu*@v9bD-jk}nO|X8X`^#=za+*P`c~ZHC;g60Wp9M>LGu@v6=u
zGn7l~{x0-u^+v2*Q7N0sI<9bUjV}7Jm5*#RHz2@^zcEOuY2!2&;QxD&;neLqw`APh
zEIYcw$5JYfr*bKMj%arM<@gO#LJ9j7FP4cGgyfOg5~r7dL^SPB@{Z6Kg7JbEK0t@j
zAAG5!H_U<zC1NC$fKN>LXc`Jrt4KR7hE2@tYa;~nZ@}MvVUq>CmZJz$PdYF|p@xlP
zbI|yO4741PDMD-9dqHGCh^x-t@McJZ?2mnO3_0Fad9WV#W<c7K%2ZhZVQLOU&R;fR
zYvv&eVgKef)lq3=KIPqRCJv2$p&N5aE+dmACRNh$_&tlMdpm51d5bsVnQ^$vrUUX-
zq&`7xgzk&}{7)ppUZ2<U4FTW?@MQyX2|R0Cf?dmKpyQ08T(bD=aH-a&V6=e}%B1$|
zZ3DMt&avN3)=5LdkF!hgzI&?dra^tWCpw|wYsEFsN+|eT_Y)5=f?Bdh<Rj;+Nt^g#
z-A;?>ps8;VQQ_j#-vdGN31?H0e&Yz%{Xx&yJuPg(^&Sua1UNQ%I<%%n4KtE56?-fr
zsu=&ZzD>1k8dYS3u|&||UWC3rh|+)T%Orvc{9ru{G#`wQ(oiu0ZYaX8wkOQBtTaOC
zw~gcPmBoR-EiOTXW90*ds;}$g1YecK^ITBw$dT^G8WlZMR>~+`3hyTWpyJXFmiYwm
zXZ%8^kl&O|6Uwj|xgr+A0}677G!7kzlJN!YQR1|U_*Aqs|3e`2E2jGW^|0kUFg^=I
zM$8jP36fFdsAR%s!0=5Ufjw0sRsRgjhdo*q0w;;mgw<m1zw>OU2`o8g%S(VQsi54)
zR^*7Ftk=smhZxxsd{FuY+9FhDnRBH0&xaERR5E;MN}}Ly($Cp6F{*e9%6`<)i{0W>
zpCE>E)6OS+KfPyJka<}ob?P0mu;LRs*QhU~=pM&+HD=6nx!tsOc>vu;CVI%5Rqt|>
zl*FxKbeZ+2`3dT>hx9kDW_$yikJ$`yiIaJ5E6489acar2s1aH1%BFocXcK-6=2F0b
zU8jhP7&-j;)1v=~+q58~$(f%PlZ#4r%JH>I@|>FsnyB&g%3lJor|AV4K2>Ud+o+#l
z0kehD893QL?ppBvX&qKM0)1vgu>6N{w=^SL**jFG{PryO@>$_Fzv=j@7O41CE58|U
z!iK-VHeH}=VjSQ(3l6UtZ2mvOxXMd$?5Fj^NhRCVbGBIV|2F8)ElKcf)~2y+hs*aL
z(I9sYoo~c!>z?zP>8}We(rzg+>Hn_Csy*p(9a!D_-66oo1<i4^cSO`D)$==xzpKcH
zZVjp;NWtf$ih}Tm{DqI*^pw<fBYwyaA;eYL?z7;FEnweyN`l$H0SVktuip_QmI?#0
zVtZL)IClv;7Jx0dr<-KNv(unBD?ZX}IP3|Y+)YFA-APh;e--Hn5;(Ly?Y!)MUA~4w
z-QMQ_tRH$s?S$bNrQ8F6doaqh%!?TBGN^4XLAG@SoZ^tt8de1)&r7=3-j=O4le>Rj
zmn?QML7tishLOJ5x(A?3Me~)kR@^8!O5{C<aISzIkGU0uRIcjt)&1c~clD6-@U&Gr
zg5B;3x&!(xdU7T1_ieNm6wFjRn=-{GnRL@=Lbl-WW$!EN#TRr7c677G)j?sP*paEE
zZyi+`%2-!vTIIHrC#~Qahz{*Cwu^w)uvVdPy15(a4wu}nB66kR?u#Tq^A;0qj+k|S
zwQ{f%dppnL>-jZnT-)WSZU)tH3W@5Vpzv~2{l=9(`m`9dibKLlg{Da>O$^{LSGt;$
zK{Z(*L9`Qf+7DoS##ZLxtpf3#U8!<L_zn6WD##OKfiMDp2nq@kq=YWfA-mLrtTG_T
z4l7eirEeEM%ozD0CE^E{Ul$li?(%T%E>=0C#S8>96bLxjVQPY42(}7Xic+GrJQ&Fc
zx-x74@9*S}A;!B8Yk1mo95#HOSsoG^u`$S2`<>inxBKh<4#7EZ(YMERtZV7_LCFgl
z{UU$!;Pn@cwyvHnNQiJ~34G~HIt^_)gGEb9&7ti8v3h$MwL+!7YMu7L{&yhVBdB!+
zbwazqzeZ!Cx<*TyU}HcHVn0VXifS2x{)D7;uGDV+utPYHjJ!OkVBn!9f7<!77(DMc
zJLV=8@_F?;_g_momjpJ$(~fEjGP?BK7vNHVDoo_n=T*yEk_`!XltObzktBrOiHYj!
z`JMB>$$u`4N@?}w-f@ZgTzq67@YyupK5bit6ybCh$C1D(j;8R4o~;bKB=cH|C$Xjk
z(k1OW5v8=H*V@eg4-Zp?Kf%(_YxMP9O)aCJY5A0LZdxLN&mc`<q+J`c;6!Us00l#c
zr=iF34uW$`Cs;A{n>SOjM?}jOi;4P9w5VbBClS3i`<#g|B0SDetKzFh$xI%<0&uo;
z;0M_EBT3Gj3Ku7#{$Or9Rv2BCq9v$Mb!gBNlL9!_fIg(D??Bm2t>kUETLSHt3O#dv
zjg?-`;yWgK3}9#pZYWIHF#tcrVE6d-J{AIJcMT^Q*D0>^aC#P6Ti*Wo(+qX5c~Zmv
z#v!bwmC3E}@ii8lj8`vz2bQzdIE~23v3x}iB9Q&ndeQBCsl+*ziLuaBQ9Be?quonc
z^Bhl+Jn}7m8`+w!{H$bfS07{X&Tu*m?dgcC3icP1V8oVOele9goXDsd<(=?=E9Y5X
zg=gCN9TtfQ5IF764R^QN0A`QxB9F9x9+%%cuBG1`F0O_-XhnALy}>;sFkBVh`D~Df
zpE2BRxdwFNRF{eba?zq{9Mp3$5J^Fto#6h#N-jz;_||y~;O(zf7OEd1Y)X9DoQgZP
zc@Z?eB*Fr3-MZ$CYx^Z%4oiE2`;QJvL2M>#!+#qzw<gUNMh*3C@iZaL?uiNYg}XQ;
zPBqc49~=jEN_Mk#re2U%(&PjE6*`bMg%GOTUHp;YxDOo4olU8XreI%$=S*DU2R<k9
zkM4DLJk>w$x7pS{inz=oT20zdejQs6W>4u{klpK?@94CeWX;9;Hd-Qfz>*nALX(zn
z5*}9i3Yw&}XKHdCj5Uim_dm%b)hD7Q5Tg3V&V`o`->4ceiL>r;O;tLPR*$;$oPzX#
zume15$nre%W(LZ4eu(WzPYhPX;op=Ab_dW0FyK7~^ADAR<gdnytjXoceSHQyLU39}
zAkr$Ty)d5DG|L$mhIhh3o7KdJ{D#q2LN?*`5R!yAa->)zHtZJD$Hrih&q4I1h~=LL
zA8j)Mf8TTZ+DjI~Gb;L1s#R39?r^RWs4dY1<SfFB)oC%yM6w+`9SrUq%E-VnfzW@T
z5T}JwH|duh2;tXov0Y+5>+)q#66DL58d|x}oB{l?LNWO`4NJ6j#AffVvttNBmmg*A
z)i7kE&JhL2HnPJ2Ia37EG!zOC9j6O?o!eGkg@bS5jOpny($4bQ+C4b5R#z}M@XQf=
zIUnc=9xKAZfmqzM`3H=h5pmS=8pVL$5fa|Nrp0h;;w7BoDO7Px25X$ma(dsRrE$Pf
zLy}nhXrjvPu^tfR`5B9Q-09&otRFRJ^oeCa#Q8;EH2qCE7Xh9zvo+7!{_uy7d%4cJ
z(kjw$liQkZUju#4FoK3BAYAaoI%lZJS%ZJ)j1}jvW2UVN#|2`g(vq9iFvciN60F3R
zAiI63QK6Mq6YF4bqk2}+%d>`;3;LJ9$M}B^3HvGAvpt<2wV~$dnA|0ynQ8da)J_PH
z-?e@dV;Fh0seHI_=Ule(^22H5!{5&?m59Lp-1k~5eeZQ|afTGa<sLmr&SX7}ta(>r
zH5bi|_%cvonFL=l_UL-V(NWo$dGHI*#XYDhkrGoh%YBv53^u*Z9H91c<%rX2O@Vqh
zp-w${CPk>@c8-U5cK}G@De{_uUI<pJ*V;Y1xl{uXwjLq8#V*%}bnJb+3PCo_IrEOC
zu6Y)@h2l^QE>%W+n6?H!u}WZNah<s+9=08NNK`!637@dzh)MXeJ-~C`bo^RGWC@S+
zd!@+wf=1?WtaGxH$Rc`#00V(8TknBck+II#F9#9>0amf9#Gkd)Xl!d*0lRV}9`x79
zRyJ%v{MUA)&&9RtK%Pr(2@3gtJeOjVi3%I-ImH64L%W!tdX}ddPYFb_#_N-42xOCV
zL!aD@5NAw10P7g)IPQub7IG-RR+`HDzEwFz=A-%I<P*5ja4U)2n%k91J3y&0+}l8W
zKh=HT%B7GWQkNa+=tTg0@8HGw9y4|{qXGw}5Ip?IuKZQ}ZBhThxC^SldFg|F3S5&F
z2Z`r`V#dILO!q0c6MRo)TO&39GfEkujj_|TRvJ4`Nd4N`1m)`8>LY~D38Ch$jaLkD
z+e*d8P|H);&3<gehiKI{duX=L8+eny0sw(W(W{M{H%=~YssLz!)pUv6+?V?1%DC56
zg+@f4)cJxp;Wz7Y&BY8*L^=es2WBYNI>zjrKv2X_P<7J1jPP7CBg7`WMLG7;vsHu0
zHN;z*)Kgq^@Ze$p+^zN^85FVjvl~I}#py7Sa*m1dW|CiyhHojYWoKyfgg3)|&FX&B
zF?XZE?Dt^s*#+nq`|O^_22Ftjupzpz>DP&idn;}w&5k$$=ltRNsC+kg;AJ<w7OA$u
za#MeG6gdsOnMts;APCDZCQiw-xdyxtk{>I~6X!#H=@vnwKcpAp%xl(m{rrajta1_h
zGcg;Otv#zFJ>!LnO5$1l9xt~I`H-YonwSZ2wo*!x(%FP2n#6IdEGQ~-wWy5K+^)NO
zv_9^fUHk2XI<V}=#w7B^tzWcH#?$}P3c~3|zg6OB%Q6;9;i?LekzysFp5&Hsp?m(Q
z5vLGBy9%SU3vF8LN&m->K7WW#nXy%?7oF}`iQjKZ4iRg8D46~9$XXN`3ct?rvfnyy
z$lzM;qib`#y0C4`P=`B#uRye-nFJ5y!(?e_QT!}`BjCGK=%wg%PgN{0ChLtKS^&TO
z;)57Oq@O0mv$SHSEyk+Y@*{c%Z49t}=IHUpvW=8T3V+|Oy4h~ofj_aZ5|aK`_J&S8
zVt?9&Q0JW3H;OlXNDmVOq{Ce(5ylT?LVRJ2^u!(ApAEcd*6C>XDd%v>Xaqci^HB~T
z`5$@P6!$<cTvletuHrc{yX=en=^&2H4SAWx#d(bF>{yI#>=0|us-jn0DoJtr13N<0
zURXVD#>QjYv>{{idszG!|8f$y+i38WW&w&6<pig>OGDftSr9Dc1ceGJ*=J;bTsLvI
zUXSX9rbdh^WLb4ib5jY`{gu0~=RY?o`6)^z4EUY@@8e4YSp4x?4~p^^IYQ|_?FeW!
zilgyEVq-(8X7<Ba0bhSm3zsC>!4tjvs2A^^$YU9JfE3YZrOa)^68WtLu8{3R+lmc*
ze$L_jv2j<GCq9DkI@a5-MFpYo-P149V6ycBgwCcKmg7DzhcgTt4x9-GfQxGVT`;@m
zK$L<nhIj@JF5(z}>$^y6ebMGX)LjTN+^~{(c%2$$>c;Cbq!crA&QxM4Wx|W)`)cHd
zKvc1R5`Z`nORnd9N>Bcju3Aw{%d@u^Mip-1vSN1)F0+MvAPG?38llSOW-_-9qbMgd
z_FAhmEj?Lz704!`bmQ%Y+v#;9L&6I{*~B7@Z(%|Tv2(%2_(K-bwJmdmnggMBF%WUp
z3vk&bXon1Tw-^yL)aDUoN~vK)1j@xCCbNGF`~Uxb`c0AlxJqxjpP>{>Qk&m_hXOOm
znF&>|h2V30;#B4+SKvS~PnT(%*X~S4O6zMa-*Q)R3w4jj;)!(iH~1*z-C=#)3c~@9
zT#z9oEYEoJvRj&Sq?o^9<KSHdlK&el#vY9LHckvh0@2hMmJ%a`(J;jfZ9c#oEuVKN
z7HtF>%lF+!_JWxNhfOa7jl5kog@li;njbd{IH?|)Cy{ykLkO!$r3)n<<;X+_uDv^X
z1YtLC?^-@YpAYU~Lq2?Hky3ML^$#`sD|TALClA6tTnO8}yshfA%rv$?UuV7D%r1C)
zJ89OM?Mr!^BY!XUSUXlYQhpqex-M^}WaGtLnaOIuwQJ?Enn)W%e(IHXT9vnO^DLlW
z$>cwCPKyrKu3a14eye@((Tybe3e=^PAj=kPXSJQK=5JR~<}Mz53W%7bl~Es3aNYX~
zjM^eNM|#Y<!7?F*@UMvBWBU26H);Mw<hLl?>jY1%W{JI`qy&R}`mD4(9ciUl2JkVZ
zzQC9~kX9Q0HWS4ZC1X<80v=#9!4qY)_1mNrls)~(;OY<FzopB#02X;P`r<00L)5+L
zdGPlBHBG`dB<e+p>Wa6U-zvg&?3Wgtk{?Z8bB|0ISpFxHhfgD<wbu#0>xrxh5hOzV
z$0|n532kNK<W7&jRj!mVV&FgqikD2-Oz@*TJAr4Y0SBVz`wlO}3IjPFwd?iJRN5NE
zw*%r?E53v&eRQ@&bNHUdJsBq=z;-?BzNI0_Q&Zr{HpG(pqflz1e!l_g#|U+~e&%tm
zaL>c=DkQEJM1QS8{&#|S%Ct0KBYdZ%L}i1XG;zz08g$1#c5}!whhl-Q-f7e3(Aqe>
zLNu?dw+Z^|)4<H;O7a<jbEEDlDre?R=QHJP4$FLnNSO@@*nXR1-_sc{@n81jvEBoI
zmpb(XfsCytg>Pavh=wW#@+Kks@B^2Y_L(-UhxG@la($4NtKj=cUYL*vZF<0!m8i}?
z17Bn94@>g%Rq++Z0bU)Jw(hB|C*=zRzV3oOSmQm>GjvSqA@E$;_E60u_?TZK;y|Gw
z*W9tvw?1C*v6%-tg#AxT>b1evx83B1qZ@Qy*oZXbLm6Cw9{#w(rw>v+xj(Pc1oOj7
zMCIi+v5-*yLFEGvu7mHC9H$^P+@{UZ)pN}NWU-8h1aX;M2XtAjytXT{w#}iHi`IPl
z997M#6UTDB!%dXw;;mNztlxG<k`G|)DM!I*t?)MP#+&9%<Oq>R;AkP)2mh^aVD-z#
zkdbI&Oq0qLw+yHv)2<o89VFD;KXsY~?tw_!v|we*bXWb|i`B^RzHnHw)CRQM7gL~6
zX`;GO$h@cjl^%tHq((5{J>Mcmkn|i-ppamSWr@Ecy)Id!!rhOx5lf=kwqBjK(a?cA
zAK8y#TipiC2-%nr3Td=I3S`Ob9^}#A6SG%&JwQBNMV&ftxg*vFGR6xK?Sei|OJKFd
zn3HmcME}10v#DLk!MO>NA%fObUvwi-4p+sPS|(8q{x;`Bi3|f+ky4UaH3n%pO%%cw
z8N5!&KW0L}{|i1ZZ6i=6-VG@W6~eA*CBbH2`<uf9LfC~yC}RAV#}e_i)-UEO!;!p0
zS>{}v?xh%`9az>eEdtiME@miJ6F@{gwfGK22G5F(I!RpF+ww_ls0Ja5LN2GzD1E-H
zI87`A0x=rg2%k_hTj-wynXfakVy{Br=I4&qo<|Uec&%1=@|;Vjd4-O=y;3zMmAfh`
zNKa%`-(nppr~)6d@0FU!>izw@HQL9&{NbWz-SJo|B##b)WR4t99Hp5h;6Fe!hX>wI
zh20aP2Qwqu<JRk!aI{_8G4w50R-2>jOP^noQccVvD8r9H648HI<|iRbz?2-eF!eC+
z=Ls0U<mJ=h#_Ni@lvM8W$C@R1S719uAuGGfsu8SA?p6Jk2`aUZMt*o*0JCtFkf{dp
zE-&@FPwJ|az<(B~4!jAc&DRx;@fJ#fF!+&Z+5G~!tx8a9`6E!4eoIAE6`dSS6A(q4
zPxP-scDhWy3AYvoC@IlH%{vGNmW@MSTh8NgFQy?GGMe~%0Nh7b*T-E++@0~)h6gfm
zq0@4og(aF%I;}7w&*<l<09C49)_mrPD`W@lyEH4GJJZ(ewyr)X`uyOz{ZA|uZ&dU_
z{oc2l+`?4r?bN<<m%dH|+IiUiD%Kd6?cjZ->Vd8MvM-Q@WcnzZ80-$M`O%eHHJUuq
zsLK^4pv0f_zk_kH(xQld^b%OK?*T|r$AkqmB7A->FGCJ$_h5jyYHS@Pt2%2;M>(!W
zS6!Ex_{9NR@aks|*Z8X$At#0GvT{rH7d^mv;WmeHAthhZ#;NKXB%Zehws48@yyu=g
z>VGMbzg96|%7;*_=nAE*O;Gqy^S~u|)y=07Q{hVf&H2@mEV)wTAiQE*FvQ$tE%TKY
z3HtK%ZDsJZ_wW*$;8B7+2Wi3e4PXo4n0P~#vg@-5#S@S=rqWL!`~0Z_PU92$5STzz
zi6Ua3XzvdU({9Z7d=rMZ9X2IrD@Hwht&9(gi1sOpdd5t_ZWdnXGrp6)wuc^RdsWV3
zpVA%h@}`S>g{@lpP3_V$@R@u`vAjXyPs*oV!TM+Mq|2GW8rhTuz5rX3sy`$fLyYv9
zLUp^MEMRPwS4tz1z2r^#(L0@72~*PYd#~`PccLK^{i*+eBAyg;*DaC4??)m<1tskZ
zsq&AOFO}cCp+6l7B|E!?ldK^gr|sdjr>&V8nCGI->xA)q2X<P3AllJ@5&{HKHX&kh
zr6I!~c8T;@pSFc5%4Eq+KPu!hR{)QT<Ml0Ifua7xP=LEEu{Z|_N-@>MHJckF$EHOX
zS>4leJwA!sN{Ikpo?%G$sO~u49H{kDF<Xn{H+=*k<>xz*$N7))2h+vtSK{!=Dh4U3
zsio4!7W*2&%KhvZ3q5ij_(m{5Dz%N<8%`Vl-X6TP<^74Uou(M15^w633@7fE+_HA2
ze{|%rB+2>utL9lKuxT{<PVRE8sM^#+&52Hdaf|nE*xO~6E#0K~1u(u~UHHY=!Q%u8
z{qF!uSAZ?kMqtbI^iRvQoVwi@1dD|%SpWl5h9#v&EWKYT`6n~W{4~HS#L|)HJ?5UU
zDI#pZ(3O=k_npx$$bQRbFj={@TJQ-U_1J-Kj+|xduKBR`dvHW@*j3PwV7H?GIf@RH
zCAHv5u(e>ilZheR6ie5f$TU%Yl57tN*Vu2Gmce~+LcgF59|5T@4@7wfm<9rLze_n7
zA)rfH$|!pTSQV2MoHjU>b4hA1p2DI$wFAJ8F@2pm*3A^UkQvd-qQM@Ev#6em)12Am
z_Bztm9Jj3Y{fiA<yixwL*D<S2XhV1bZ1iWn(*Y^%r%&+GT|T8CQP)G+6iTDp6o@mj
z<RQ&;&&2;G%XXg(Jigk444kZ~b%|?M84}vc1<STUT5WM-PT{Y_PO`h7XXW>s4GycP
zEM3;W?+_VwInG_|*3y@Ec{O%DKDXVsnBFeSIH}s^pJ`a?!xaZ<@~of9lKfSI@K$>;
zeqsG&q)6_O401v*NFRcOvztvh3JNwJ9WGIO!=p38(aW%b|NNeFBKb|=w$m7aIcFay
zgPU{3+!0`qHdWlH&%rH+-Ozd)UIF$n(Ce;Mes3@{o^i<be3$1{$bUX2L`amAS;cRG
z;%!#xS?~X`a%?Z{zSrbM)BTMz+#m2b#&N=8BZOKEeAwjrjF$8-w`pDPA^nAg#YCae
zXOB8xA7X)3z!rZb$&xtlH1sT{EFqN+i$jKPRUIhyZm~0>+K@{*4N;)Qek;@lVBL4Z
zh?1`dt-kclZFe^oS-gDfOjqIDfp9A^SFkSa<<PExwyTHa%U{-iDQV3M{+o(UEa2U-
zC9rhSB{OBEe*};kg~MQVr#f~|i~X*ml00Jms-kR?TuCQM_|HtYx7b7BHhw!wK%cb0
zEv|h4i189WvY&KNRAkDQ5G>TM(Sxi%axf0ed$sc=dvazO`PhFju!Q%QV1vlAbAY~>
z{8Mx;&0&EsMA21HP_b$j#L5s>i4AgXdpGMD<4Vw8`z!v`#8@B!TmFRw_pXArxXb4B
zbL31GQB63o$^Fp$`a%j3*#a<^8{M-(%Wu7MBvN~N7!&j)b#6d0oAoMR|K<XN__wAb
zu=+k}03U#bj`Ag8h}Il;XshK8=Yw~TGAGSS@HKTU+;~qvKJa(mHNd<9lrNs>Fp*(b
zIzE2#>vdVW>Hs6jqllAcCREeT5YfB}?^ZqnV2pS`h0o_K={&gw^;;l2pGzxwwEkig
zlz6uKK2@ZqA--@%^`9i&y5g66yX-Rsm5oZguFdtF%Ps$^TCZ8Ed-8;P=JHjbk&)q+
zx8}}Ylrm4yiNW<N6g62t&d74g8>49SZWP@E{=fAflQi_C?||i(5VISWWHBVgITS-6
zaAHgOQPg0gaFw&V<iO9@<KVdKeN*;!yl}sUY;_L)6DD|ePCMTlDebw|)>$R4Y!%sM
z{J(xCdVFB*as68=gz;K7)e$`x9|sPqmBOrEp|tW)Y@MGGxd9X<N|mfSNf=9!Z~!?O
zJoI~j#40iGfyAZR`l?_g8L@Kw<ib%>Ux`C?VoQi9Iu<C)nx|B#V*nctpHn!tQny7&
zCOHp=b~D&^g8g+fL9BTI0N$J)VjfNh|MBdZ=ueO~o8<7<eS*JD{f6QQ>~d<MvNB7m
zNQgjv155COl<9?WUL0zXs);QuKGgTYBgNB>`bQ77`S;#p(=L2eFesBIB0`&<#ZZWy
zoc6Dt_ZMs|bqX^#O17(c%HFsRT?9S*=CL?qTFU3<&pe6$Lc_{(4>Sc9KO@P5;3t~Q
zexd%7s<JuT9tO=6azuCooS`NJ)oDajEv<+5y2AXJi75GZ0CIjV=aRdLY~MVCA4GAf
z>9V`HSNC@qUgts#LWN)_CqE?!(FKo771JBg*STo89AcBkNk0|Ci_oaP46OfljFf7b
zb@vIwQ(({yrZK|Bg*}qs>u9K>j$jG(h;DI2-i)}T>g(FV)4i{HIsZ?{xHRDZgF#se
zoU6u**etOV+mZrh#hX|&V7uZj=>BSzXG(RXCCTUfrJd&4r&$nD;r1N-xJheKsKjob
zp^b;<zdYQ~SmhrYNFWR2T!plg8+8=W{Y?j9{MsO;Q<3PI>QnQ^NBq6O#kC%!_sqW%
zz0|!!aYBsQKXeE5z6Kvu5lL;i<;<qnq(q`g35YI?4WR?!*EN&-sx`v;UH!6(w>Zb9
zKqMgQI5qv<X#vdtNR1cYLj#dzVfd?*)~_hWu|^qs194L++0YeLIjxmRVjY!&!H#?X
z{}n&F__yL*p1>8~WY_|(xKuFuLhqyK?oY2uMQBg(I6K8m*yD69Gr=PrwGXW`zW-sI
z0X$+dO5eKA8n@Bv>o|W`<+0QKihT*0B%g4zWZtw57#6_$muu_;Z8>xIaLwlL`_Dck
zKdyd-LVkG%+aVJKItq^OSjANGLnbD&<V$TZI{6h8afq65)$7o0gx@3HL|%H;+u@!4
zt^)vmMW?YKvHr9hq;n7$UuA!Hi~Z%@@`6~lOx3>Ou%Pro)l?&5+BMQk$(KRuv@$c0
z@M*SFMx;f?p&NstkYC?FJWl8zJ|x#AMjaMcYx+wx{e{%`M@y<BJ0d-9I$|8)$V0ud
zHLt(LiJvARU4v1)1hc7m6-WH<=hzzq^<`-h4278@+T`Q&3=@rvdtFr+l2O7#RGF<x
z`V{hsfZG7Eg5GIXs>diJ1&2O1aF%=CsJ%eTCO-utklD5Wy_4y9=|$iz9Cu5kQ}uOZ
zP7Q+bW_@AB{r<K{_to}fzvyb9w-Shg)op>6`I(4~Z9I#>^A$jACpP*<wwu)PLc#*P
zQNr>KND)MS84smg_y+>w5YmX@OUt@{Lej>(GlBYNY&2PGFj!@!blNvk$(WYZs%Ll-
zp(FR?2Y+GW;GD^Oqt+kTlY$!KD}!;SZoge-@Z@=4!FU<%2EhO7%u9P%yj2Sk?35Qg
zol>5<<mrKSXo7)Ru?gQ&m{A{i%MCk<;t;BvAv^!|pDEZC1|GEC(VwHjuGHQ9Y~t>}
zHLhDZBbTqLt~-??7m2wLD(U+K&3N3o+qW@Sn6J+;4I26mam>z*s=nED`rNzJo);5~
zEcq^+uXQ$GA7wPE@^kZt`SVk#NT{to^vdrJ47+zN-ey!FD%AIwJj`bFiTv62q~3d<
zBNuee7Pnc+CZgU^_E`zi4^~qx0{*rzV!`jxX(_-7(iE0d0=)nW4f!7%#`TunD&Qcw
zETXCiqU;%G=0){qZ?pKuf7J6dKj+@9)4ty63AmXWaWRcNZmY1kTe*`Df1xP26!-1y
z@OWGBQ6KIFZIKko$-b=a4yKP+%yHJ*89kpBzEL_IAjz7|*#FzG+uzaKd{p*ZYJIU2
zpRbJ|R49Bo9yzahQoqbAZ1JCH+q3UdB4Z!euaH%&gp>}2Pno6t(H2k(MoO_oZLBEM
zR;e1XBL+YGj$GGU*v7Ipe$2{BU$03~oz-;64Lsw6O<Y`ssVO@$E`ui9B)>k4nBi_S
z2j<M=<Dy!VSB+4EH&n{Mpi3~PLF(pz(K~%;0+09`)#)p=Acp3k*q_1lWTlnnq*AKQ
zQAJC(<K|>Vox1#rqDH8<^wr47GG@UT-_grI8uZr<1qc~t|J;V?q9zoj!6ZQz*GCiq
zDu-8E_81D;T^OI7UXUgPuMeCO%~-+99xt1w=g@XH&QC9AMd{wl-`X(-oOVwe&_L6a
z;aeo@yQdTEpg&CgZOxwngZtw~AD)Y`{L%WYx*PVral@$qz+3mu<VGR?!ShvVwc$-$
zz$K3T*0Mm-{6~DOF^-Dtgy*<uvOU(EW}=F5@*|0|J6FAL(z_m`9oao{L$UD@v!6{H
zRo}Fr^aE=0&hhuJx2^8H<Pu|a+lw8096nw?92ueI3vzi8kjAUyyI9oqJ@&Fb-mL6A
zhToZr*)@4SoiS4UO?IYq@DV9r^hV=-nf$Xq8N&^TC3$wclHw)OdFnbT5C1==t~#o!
z?r9TOxTKUINK1o+bT`tS(%sz+my$-hySt^kq@_!`OS<E`>hF{HFV?#2u+H8y&pglU
z*>m=uz>>oVZV=M2_GS3D+AKQgr#Es#e;X6BzVCJhG(F^V*%$9RU_4$_@`37K;TOYV
z108}tYQ(O34)e=xCR|>$Y+WgHguHs>ry3$KD1+T@uXtThGj{<Ula)EV1vRJov)t4Z
zBm1Q3_0bK}?3H@xCOpEK7`G3zO2hk%zs{wm88F6CvwPJkudMsVNGZO$f#xzP5K<yX
zl73~!Q2Pw~`y0%7w0{Ay9l{`ywCtako87PtPkgAY^*#yI5P{z_ObNKX?{6m#_N4{f
z-js2bI${s3y>U6%fH168Xy_!cwjV&XK7Y<X&U1&!<1+0y12-3)kh`#2cK2M<vE{Hk
zl7IM1DA$-1AM2vxDfvHl`I_p+kkUwfEFY85SEHHo?sIH0scslVD~;44`tV}3U;Vj;
zZs-%yV57Oi*FW6csr20T#MPc_j#1~+dYm^bI@)8BB3ewDbQ}b>EPL4pa;tV@7tE5^
zBj&(fUYq6K1C&V3EjYTNbmTwON*XtyC;sg?aYOJ;LW|w<UVe)B&Lr}jamQMEOuCwI
zdkBZPf3hWvevcYkUS`<i63Zg#-;rpbgmc$MFhyFQsi!OQZ*Zo`IE*=aQi*a@A?C^1
zm2zBCs45df6jSa*Mzn?T?~G_84!o~|#&(O~!N(fPmSik=yvt{%&D(iW<xR_IIl3)U
ze2mlFIC8GzNf5{wiy)yx5ErkTi*8v`lmAo8me#_IubmC!#srZ{;rzJqm7F8qAli_^
zt&S~GM42KUD9*f~J}jM`>Wcmsnv;t3Mq-mGmAQ%-vx<Ccxh_<M<+%#J2UQ~mDN>UO
zk=1t|TQ(<kJmRDGS@GdKzEm1It>_4!#OwO>Y@9>>?wBB1Wr@0vnAm`bkw9eYhEY}W
zQ_-igK;^rShDwQpR0tbv(kQB2b+Wnt!mDR>K9P9DO5m%!94?Y{KrfQCrfEh!iFU}N
zpbSg%^-Wt^p}{X+tq-Hfli^2U{wGu8(6U6}>nVH)d_?^GA=(qKexY0|SVDpXXN$(0
zN3QO3zHxGWu~adYepJcfSWe$JvA%q4<2h#8Xclm!y1X{mS$Ta{GG`G{(IOLhkkhuw
zhFDK~Nks&2KzkGUGwms;awToyb6l~^<fH#_!<U?EB`cQY*9X6%*CQ*qE-@>#7VabW
z;nVO|!;vJoEIEI*{KU*Yh__Ti$SrlW7oQ(HDBRh%LjL4h|E74lyG6O;bGZ5xy)3S?
zdLkVMcL=)0f**lWJG<O0-_;)4R?JGURpd!T9GfDVnMYBC2I=Bu;W;|j_~&ru3cU^+
zheXS#CS@7#sLRG^l|AiOhveCr39QMHSCS{I+PmH`yZM>Jc=&B?JC5mNS}?D{I_BCo
zE9v_5neh-4Skg-zg5Ia(rt+R0pP}<T+iNyBL*j$E$gjeC!%(kt{=fNZl8ZMms3xVO
z8|-y1nd#1+^9PBqx@WCAc<lRKP$E`1@q3sFv@F-idiR7Cfp)y5GEtxLo!n@?owGCz
z{+gS6Kc-)_3<Xpu>*aJy;v@|FQ=*6KfC3t~kwVJCf`ZIW>Q~_qKpgrS;mfMUf!3uF
z_p~~}xOh=&6l(v9yvY!Ku@+9~;_)Ht$q-*E+m8&@#R-Vy3lD;i)2Z<#G}*WnWo0%G
z+pI2I>^PspRObbH<XL-pw~pCp{#4L7=Rw^@n7AzOZRRK_Q#xdDFlUtpU5X`B?>_2?
z;gIg@rx(5U^kV}*^$+d}<dL>>hh%ItU?uu4q&o4v=W=rx@zzO}QK46~LI&-SWzU-{
zA;s|(!L?Vi62a?;>HPtkP3mcgrMcr(>OXINw+Pi{l+`;2U>h8&q!CngUi<oyMP+4A
za)u|gxHcHXr0&lE3NXO5dD)P|aYu|WVuk!vL{Z+CpE)M+jA6@y>T_H?xk|Bau`Zy~
z*W)yoJ$tmWLcv>--tYiD?)0mKMvc<Pb~c72XL8`;wSxq`%+XWZX$!#ba#U9|(%=<>
zx;XQ4U%0`s1?3-oA%{UwPga|o2-A@mqSwqdoS|P+3Eyv~V?)2}GR_(RRYr5IF?WR<
zVAj73i!6{qJ^82qhrH|tGMEq)QgmokA8Evk@2jGEiI6e%zpg4OcwK+>h=EUz*7<Db
z%oEpqUjGDGo>6exCnAC!U<pV?&NiLN7mxgv@0`|<W`ep5YxC*v=JxzPCKFRlW)^lp
zpt2!`T@w9qKiVj6nHp71l(23gfOiPf)L-={DDcHGC6PbI56Mg@z>e8hER&qrr!y4#
zKI`{6tpTOf>)DbzUC~&}BD37O{V59zQ!&HKxo{ER_oiBXHX#qVdq2dB-+K#GAq3~V
zS&BoY1TN0>fA^I&tsw;&5#A=F>X=X&lIan4NbKHrV|Xg}@@$CFczP2(xcGXme$b)#
zx6XHbe2X|@1r-QRmNb89eL8;<R%uT=)zcxps%TG%y3pP&@m90eF?+nr`I%OJIi~&e
z6a$Zl;Q7IOy6!v~-4itOmD~_!QvRgb6oIVISwxW0ndvV}T3Yi9);ueWkK2w({oF5w
zT9GJRRCZQkOAif}m%;4P2pI5)A1F4^IE#%Vg~(A#o01}&MAMY3)XDxwn@pzR3_lLZ
z62V4dHbvD9&fW65T*Rh>Im#U-6$<!fy@RLi?eXio)$GDgn~=F{6Oa)mRn-wcB9pe7
ziEOdsOhgFh>yST{VC<nTzpDjrxxSCn*b5c9`q^By)6DmXGs<xLS8Q#j-CinICQo^S
zbwnp|w<ZSml~1DLYVFU7-Jq+}{^yb9MV7{JYIBfxfV*|7sk22V=F0c<UG_C6rTMn%
z#rVx*bYs2uEPQCC6Llo}QS$TC1Xtha&^#zZjL1}@j(e<nJoad*<KUtMcwD~2CXEG1
zk5Ef<^HzKE#`{p7P9kV@HZ09E&{k7iwkS5h_4N^&)D>Fr55)UhFw?#hFwRhZr|qv?
zQlkf-w(Y81F*ebbbfPD_J4Mm;RGziyX!^Ff?&o>D10X|r7C}$Uc(g#6lj)a1AB5P6
zsrtM(B;QQ&7-WvE>=Z3>MnH`ImL3gWkEvF)=p<8UcVeShR7Y}D4cn=)BuRv*kyZRD
zM57P}dXJuBJ)wbwKs`=Enm{V|0cz+P!H!_+ObB+5=}0t+bHvq%KUPllMAzc2#sKMZ
zVw`$e+$rM4ql4w>aK!YYoe}u<;ZkVj<9D?0J~T}Mi(gMDO|3Ja@`;Z2#Z0_za)1h3
z2qK$_5T8ZFIi(%pOd?`(%KwyE74v9q(vu~3A1#l%jZCuZtanR5Ckfrh*opo6jLR;E
z1`c$}_%w6&mTA5E6_Gkx^>l*;Fx-g%hpw}C`ZGg-2wp{8poslZ3LKpg4wG5wQXvt|
z^|*{-oy^+t52`CFI`B=(h}uPD{c7L*X283cgH1}w`H4X_R_aL%+iRtZ(pT+9?OgCa
z10QTIV|c91i#>682fLU;@Zt@FHL>1=cN4~|PZEAnI2P`D$2)EQA<_?h6ur;zkC~7<
zzwh}?lDc$#rp{kA7(H+0k+?VN3QdBM#-XkRw`R*HlxAxN;=%7_P-=)ked3Nyb;JUk
zEVtv;bNWz9WdIXD=3{K&B|CrAPwb-XO|u|*Vv7pzA@E#di=fV=QH47F6x7RDNVvJ<
z6t(C@vcw?2Uod*sFu4({r%_L0P+~hjzW1|jQX3>+TBo;vfm4H1z&iUICmnmwr+1jP
zS8%ru?1j|GKUlwBM4PnVY;Z62`lCO=tGlfl=vhws%e<=zK1Bw5qDp4NVqKbLe-ej<
z0oF-p-$2s83zFmO*yblx1lQx!s6|(d$dyB@50Upwqh$X-ch7}``wP;!9`M|GEYk(9
z?r47dV4D(e>(Y_IYq^v;`$kB95!^&p?f%UV_Ldy=SD#qt!p!##41Ia}<vdq%#w+Vo
zjHU1N1X?UuB_+omLY9nA8OBzOo6_sNTZKo*rtKd>H=fM;zpb0ScJ=i>%7|DB{s~$A
z>Kik6?$ecT@UQzjf#wIdF+I<B51v;CSw0X)$HxJ8eM7LfrfHy?$IG#TAWpqzUamHi
zH~cpl0l55hQN~BsMaj$?B|&bn%+Fk|LXD6(u7h_LI~>%jwL1{V8i#J0UT$|)bWa{i
z&R3hv%misIsRd){D=8%eD+c<<TO9Yd#uCT#i`Ix&?&$CMMteot?+z+vWNc0@C+996
zn!V=w#QIvnjWn^G_?xVCTlgO@)b@eL_rX{vE)T>K;3kp%&fEP43$X#^jq0_jjq8GR
ziIeF%Wyu2k^RT{IW78E$7Y0!mg%Y+FQ}~>OU-$>&N_N9u{q+HCSelDueZnds`HYC8
z!q$d;zyJI)cy<rGU11!4&M<mAQi&u_C#v^O-e^o<+x6?xk^z5*2B%#B_&g=JzVnH?
z_<rNJ56J-9zcIwt4S2-fMw=z6RhBe<`;!^YEs)_4c*e0sa&C-NM;b=VtKUqwa<s3`
zLoc}um*P<1Fp!LKA1{apsTT`eEb7w1oPWI)hRZYOAYH>E{hV|f>#rTVYmgI!(}cKS
zyLmr9tRE#nfHu(=1}oN;I^|@+yB)<(aO(b$4ITqZH7SvL_)wr1!PVmv8Ww4-@&L&z
zYqASH=$c8B#^wV?_4XeJ-ZV}Jf^zG1!*!U;4tq#!TyVLPCFhafDSwEQ-iSIci}u4-
z+ZwhO`a>v|Ch*R<2ctV*OUb3tx;j1b&GD0YNeC>etP@V&!~>SIe&fycAzq05-KFaY
zw;$oKAozy#+hB7>I_LL&KbH(`4LE~0URfna?r@rdfzIVM29fXqZr)6T<>I#R*LgyN
zab{iirEB<8iV-twa>C}_@Rjw&9V-fAu7}pFcbq{zhI2m>9c$#sW8dt2cT=<%*ZL3y
zd<eHhTo*PIr;Vjl!U<CTsU=hk@42+m;rxvy2pn+pI5;f_f$6{O67ozTY8oG8hM_aq
zk!6llg=z@<luy}^@Dn}&=cA*_`V0lfBJR^Y;c!}JLS|~1?>>+56g;NDSwlLShU*DB
zfUf%^gFtzeRNs}z)FiAvvb$-!>bS1fB`e!jFy}XHJSKrjrlObfIL%_poO#$P;oN2$
zmJvu3xLSuQ;h$2~5$tk&7aSA8bNHKKX4i+U{>LyK=0`j=i*3Lfbz|Y3Iu6gY+4SkB
z5&v&Ku4U4vc-|1oe2nPbsLClEw+-#o;B%JzZtjH8qT3WYw?ALGX!7Noh~_@5Yk$%j
zG<7|9$uqJ(O&h`@_G*KY@2sK>nG_H-XUBRV^lq`0Wjnf|q%a|X*UVeoKD4S81Y0Qt
zzHE;{(Zo={(1z;WeA1#^>YeRywMRU|*bY%>jil9705$85oI&%N1@0RQ&{WtUrvKl-
zBBHtw8@Un|9pRw<tT?`FF1MC?Wlh%d3gZn^NC)|ioBs(i+j-FC@lER}%UnY_xSI-!
zS~lBnkQ145{h)^924CI!R`c4jrxT8<rrg`#FGV5g#~+^bLsv9fB*WDZL_|KLzmz|*
zTpO}%z~V#u*ssrH@cOkSt9bS)XGz(XEiCz$&ceTg$@04n?z|HI(g_|6?Ch>N-oxL)
zOm#Yvs2|m?jKOG;<Ge~Jhnak0C2B+7@#y&pCtg|qt)V$Z0rdB^&FHZ@DVcyp9Pvt|
zH)f9}Fe)*d%S&)<5;rtPrdId5m^;2$fnR<<^-sZ(ezwZM)zb;U&8YooY8KHxINquC
zW?cJ_d0c+vf-c>xP7u<1b}o6y+WUSJ>t|{6h5pae&k6Po$hqHtSx2UHe{OPi&cL&^
z2a%Q@kTxZJ8xiX=@!n1wo*ROTu9S-Mw?q<iF&f)+`iY!~avbJb4^%}HMn-RY-_lW4
zL-PfNj$E|sC7p3|%^<PR_9rQ=$-cA;Z<`q!GkrGdQs-;cSUio%WN-PzCI~*A$mw;j
z3S`i3cP+-3cjyi}nyfagEIUv+f1t}s*3eP^si7*+CMke_H&?o&OJ^Gb4+ehFK5{<&
zm%l49@d|;&{9REE*Kr?U4K40(<T`BdtWC55*W`_b5BhLC%id*7{=sfjl?dt?*&(aP
zx0pri)6D9g+=BE+&eDEuf~`^yO}pIU{>&s_gp}wHmiE=83mIVQaMA@?nBMy%n7_3w
zPYXyr_Yd#_E}GLBaeW=KUKz<&6|yyYU$>?{v_UILzaaa+h{ZZ)TsRD+UvN;ar7bn|
zHPyKJpXURZLuMzeS$nmVRvM}CGncbGfb7?27nx>9ouK3)xJHiR8b<0?750%SxrH`b
z4&qi`-zA6>@CPo__X_T(Tj~d|o(Ib^a%EyQp6p|5Zk^_SKmtwhL355N=ZoXNfyw}n
z^1za^`fZ-WOPyti5r2EQ>Ifk3=T9RJ)wv4bb~x`r(6k^Xzp;GrQ8r)3ijlVeN`6hY
zFysebNk1s#k4v@IkiwAR#HrZ@c5#{(2iVQ$3)gA0pF5UBG!in4_CELRSlh?r{ISrL
z1}M+SJkjJipwVN?y8dwTu<SX9<K#@XD0YO`)8pKmm(jiAN=<;(7Vp>|=7MAURJF24
zM#E^wDz>Q+;gADh3RK3U`lkz`lg88YSh~}Dr6ymuC6#}w9f6e*fnvf0qau_Hf_zn@
z0>klkTg&Km!|ZEn;G5y+or6dMpLgw}!j2ut5J0lDa#jpx{PxF8SVEAbamJ^7bE!xu
z6#jh9xW_pQi2y^CU}LTQAta&rG1cw!@sW?BRH5ul{P}{02m=30t+MV7IPQrJIMUvf
z31*1pbC&$2Ta)m0EOuwSro&(=72@>*fV1>0uuYtPXEf^%P{~Of?8_{s#F&>F<Kemq
zlWCoA_rgfiPm+#aX~nYR113>_Kk;IAwxY?MQFg4g(Y?~$RK<b{`-z%`_M{U`dh%(?
z(SSMi6&wQ3&o-ak!KZ(eA*Digq^fftCx0Zkw#msO$8+ABG?LN$JWD#2hiAY3?vEcF
z_hv2<CB9WNB=E$ApXlKnBlxK%r#c6W=n-k$%AkIsup^9RIi5h~_xR6T^X_|CcZhpf
z!E=?!5c2@f^<8V*lYH`M7raxTdb!?O%6fUR^RX-h^wT9H?&@?!lPSF3j+yNTm6b*c
zU+_h{bIrbHO1;}(>{lHhZ|z6Q4w%~)#eixBGvc_bgW86t-Ea!9esRusm^Qog1yk&R
zyixW@`5ly4j-bpbb{z4vj2p<YmM^X~6vpX5Jj`bNTmUlKu}}@o$XB5bWd5R;p`viy
z#d7Qr$AaDR!68+wX!1ZszkrSvJ)NKzK3tC%58k3vw-LFKsno3hdfL<Xs0t5+R$z{P
zt!yuX`xmFmAk-a{Ft$(KUl3Y`x4&Z1uL-5P%FYmOmm_?ehMJYJ%;02MF9W<sj{7IQ
z)<=x%siE}i;6Pq3CXEkwTf9vAup()ml)O^#alN?p0^yBfNzD>Oj3aF9w@c+p@d0bR
znb+%-N@VMUfFr5dH%oCNrq+M?GY)PcMR0r>7wPE3Wn%_gTeroU>+pt+GNv)I{RZ1*
zH9cH5Vq@t#N-gUPmuoi4xZBeTxKDz)ygHscu<0zx{~P58g>tUAD;VoaF*GH2rkm>2
zgvknJI~r<|PkoEJ2++Tn4V&4wEm&*+Bpj`P#gQNM3$(aq@93zb4SUO_1g@eB4#*(o
z<-B~<MIF}~_ExOr-3>Q{1)0`3e%^};u3STt8%wXlZM%APtoID5Vz_Z#WRn2L6<|PX
zK`&CPcZuyaD*V<9tZqFMyR7QgOqV0SgVibnRBnnX{ZZW^$!hBBnrMCsmdyeo>!U0_
zt};!^r3$1PR^D<eo1U6AE(p2sfNT_CH+<`35(L(mx0^toOu-XKJR|~oA9+58*J}9e
zMN5`Kpi_!823pp4OQ(%k_o7yaL95W&|JH=NC!Rc+_NY9WqaibEj_k7z$lhcGHhTB5
z-3JqUcsiS1xMVv6BOBW5Q<u|X8#ND4p>toFqjxH-Sa79bR6q%P+<}mQce1ngP|(Bk
z{~HH1kR>xm_u;WZdlzF-JWpr3)Ow*J?OW-OQ#|&_>Zy(4(<L8Q-Suj=FM>w*!FYGl
z#Qq&DdVm$w7wE(uoa3d1p5Qqu*HW;4$ia`WGd{y3ub0VMVnUcn8S^eYZF#ep?NJ*M
z1U{`*#WSaJfRlyMDOccxpbn4lt!M=ME3~7DmKf~rH~hX1(k6a>q@jWGb6Rf=Y+8sD
zXu5RaFi>j*$$@^VoBSy6M<r$9<>o<A|5Lwhp1ko!V4f^k{f0ScQ%94=axtVWGVF}P
z1Fl`&Gh|!GS=-y&tLwx4o{=70v<+tN$1X|p-fO7Ou~I^#w38(UEEHrtETpP^aWY;0
z9`=~5gIQlK*FHm!V0kQDKBj=_9?{KJh~6j6q#u0LP&2UIX8gVg0vDwA<sUq<w6Bu_
zMuigt!0>3F*)@N>lQdfExvD6A*Fbc0oT#XRX+gVrCi^5;A>+-d9J?Z8-g#FG>fKT~
z(Eenrc%j$GsrG9iNnQW;u|(#`GJoc#srp8te1)a)QR2XJ*{jU?v8ei(aP4WW4c!0O
z2p?!ZGO-=^V1PvLuw*bJaw3_>IDaGohqK2|N-o*M?XB8v9us;`78I;e4&8)zeWdW+
zx)U}@loeN?35_>?VnG%D!Wmub{VTO?uAxaI*eFN*v1(>+cs0P-nIcOyM%Cj0c*m4>
zOk<lLyOzX3(+JjU|BMNhkw&IL@Py{Y@;)@*#%dhsx@xA>e(=XjYs0D;*LgEGdcG1<
znF#_Jx1S=RaBqHUf4+6Y&2tbT<>Si3M|UPQV2E}%Y{UzCJta4I&~Ej7D$a6JYf-d7
zWm>`eU?he@v44+NvZC$%wIm5`!#wqB%V8_q(*+7f!`_N);rDtvz<1{2En;mo!&|nv
z@TFjsQJT@E#4YUWM65ufjr5JG;d(#%GX?S;VCNudL(+=|b@64S>}mO@6xC!0_?j+>
z;=+t>8i9eLnzTz(x@q>Q{0$l;x<|8e<?*W(QR@T~Sz|n9?C>*|hV1Ap*`jXEu;Lr5
zuJ>}ImZRxH&A+Qqqf(XRnjr2yv$>e8)R_Pv^fs(*7Z-kC*nO5x(!klAv{6J1aX%7m
zXS&df-ZtJJid_>Qih(uA-u$B3?(-MxjHF1}do<aEnQE3r9Kw!VfAiq|RhydS^4Bt0
zSZldi3!xY(8E`y#<<KrJ-OS{Q*?(#&uw=kETK+-@X8*ySYoYZo{v%5?G04N3nElcN
zhoWr65*BQ%Lb!>9ivJ;x4o`tRcT|BqFnRbg-*Le5#3&Vc!WBZBV_0vB2B<ZpL_9mv
zAh%>GoRt+`c|2q-BU`?HP@be^zf3+S|M9z;RkefmAeOKy(}eS6;GR6TY7*sIK8791
z9mF0%Esr{~YJhU80pbmQiHx1A+n8hFn;39pjDc?l;<}bZ%ex}&$Zt}^{>8xg&5e_l
zGcHDS<eSo1sv}*i+F{7XPtT*p%A0ceHdJL>uBnxvNygr6k%!bwwf!dH;jwKli9f5R
z!!5wr#3hh!)&_a8#uKK%bYf_2X=MxBUV$7v>!3>)XMGE>gYv>qbieG8e}>v1gBePz
z{Ku^8ZBne@kp$n4u_a576Zk5lM?xnXNf-nRwmGd5@1r4N)Ju;M))X>sdJT=9)TCAP
zeGWmk8ukp7qj4}zaWZz2JHYW|m8_v}Yo(76a+(aFXSniP)sO($&~3?FaBuKmSLV=z
zWd1`DjMumRU_<zW4PiV}b-H=c8*>R$7E!`@(kMM0w4~gUbb>GIJwx&IV`|EEk{*`m
zU14%~)y4<VU4eP1hJH%S^Y|YJbfazZUOyvj^4^-4O;t?G-g|kG1<72aoYK7U&49y%
zTQt<dF9;(~>Icnzg^0;rg5v_H0g(w_a?XK?os&kawUggDr*KZiC(Lk2?&?IN4^xzF
za@Yv7-poZJG6;|zXAsLrlL2A?E8tmrIrMHg)of~G(3LTmA*%v)jvH~DmY;D-ix!GH
zF)Wy5P#c~0g|fOQ2;+5P8W=X@Fg_l`I(0D~_rlea6R`!p1R+Q&Lw{GxU%#*>`_;Sf
zHhc>vm<yd8_tzA2CK!u`!_C<m&#!X4^gU^-m(BX3X{!$=s0noh>ERvm2xnQg!vtz2
zz$@l3RzOZ=T)348Q&?B3J*Tu?=lXC$%2$hRhU0wv&?B}jr*#9Cc=1lsw*fD2cC*cp
z1HV}g{N_u&@V4bpW|#{ti{vudg1Mg^+nf{>Bs=MLNX#NrR9Vpy!PLSN>=*%cYg=hP
z24W|XW<#u^XiS<h1Rc`z<B;uTtnaAh!ZPkJ@s^?%cv}%1M}NfPl$Gu$F00!_H@0J`
z-}+f%JXi7{u9;G?oV*ViUI>QH^@t*?DBUcKrs1AB8W5|&Xz45iSZS(}CJ@Rm4hYG>
zqrjv!QQso(mxe#r{<@Hnz)eh40Lr|>)0uL`=$g5p5JAQ0Qkah%xzm`7NU+&<Qyb;t
zJyVM|qC~fiZWQ|{Q3D9IMZpkw$*1TC4-|l{p|U_nWrw$Ule2oUqdu59wZ9;{Dbm*O
zmlnD*xtAoO&Wvl+{P0@Va7!1>3Z^F+LFm5%dsQGdsx6SL<+6j~RU8&7CVPX+$9AO$
z7>yCLf9L-S71mObuAbEI&hLJYs7a0~CD@0N)`;cYXi3*LJ@+hwC*xJuH59Da_&#bF
z|I3hC+s58r(008AD~4NZgmuBCTR3FvYzpSb8A_f!S2H%h)y|;oHs;fM4dY8~CFe>=
za(nfN9n%Y7a%MSW180go;K$Q2n1wjearq-xfo?bvI)|UEIEJ7xhlvwh%O66|33b)*
z1-80fjK~MLA;6FPhy6x9BQl*)BYvk&Y0P(S&NFYvn`<bgWD9_KKUe}B*3KFheW|gI
znteF=?2L}3`en}Rsj`i}N7f(UZ7l#iWoH?d>PF`M{wBC}a95e1Dq*>i-03fkouY&(
zCH$C-((!I+LK=1WcSAhlcN+2Z8JRor|HJ)t_lNwyh!6R}+;47vaamr*km+ox0F@<O
zl_BI<xn90<#H_KQ;C}8bJe^V%9Qp;HpJwV3_S(c=ndom)Zvs-<MJ*MO>86t8UJI;0
zs9uTyal~+7snKAqI<0fK5*p1Ffk*Y9?C4^br)0btSn@kN`hoMfElsyRf@9dqDr273
zP?A#v0sA0hY&qhnJ*)}mm06DW;6Kc`1N&ECyh(3-(*vPhM5b)CF`p^-GqvaGES+BA
z9#Ov;f2<?m^fwTU8f+TjBayNo=(%nkl+Ue}B{H1iyQ(fM->P`bJKmMzgjbxd)%ujV
zr(GgQ+4&f--zRfe&_qqQmcgs7R-jqOv?l)Zz^_(Bmze0om#pHFj5(UCG=F}r91`gV
z3LGiTQ*fmN*%T1)|CJ8^TAqN3W?%rg(t%)#<B2oDH0UOpGQ;u86n&rZR|p>X8_;sa
zW9Kits=s(WwWhBV_9=uB+|5S7SL0<OTe5Is--<@sbQZZy3rP_=RPoe?W*65lMVk9m
zN#8fHmtMciqAAQ*Divs|2r*W@?&th5M4J$tDuKj|ktr#xhP$shwWh`5sBKZnHH+VQ
zH`U4tl|7=C@i&>zhMOt)RLR4QcVHh6KYL|wv^a{$A_f_ns@9=L=RC2rrNtsB|IGz(
zfc~OM4|_E{t)Z1XU`@JVB!Yb(!MpR3hrC{TEwT@4b?kA&3uUX+tXWxZWd?%gPT!s)
z%M6iFrb-aUgVVxhbt-vub&<qgkK!*hOhIq=U-`?J-^5#`y2(Ys7ak@uT4S=&gfM2z
z%SGR~V)l6jrkSF7NW282XVcg>a4>!Y2jg9Bgtge+MWe=0a2acolyd0nFZu^sTY^=i
zr4<5)y5bec^tP;~k;%*tamfqRaY8H`u*fPEtGPXHr*{<v(hsEWHioT~#g;@Wr0Y?{
zdpg{p+@b^O-juUp*JP7~-vzZxxb%E1wDJmF-agk|cU`lZaRkP~Q>ub<!gZS1A?I0{
zkDQ~Gj546d|48P+^?c;A@LVKVGG}M22*hT26K>h69L+dpRd=^kT9niem15F%_xEsX
z-+0pYDmUR}c2KiDJv=HOLERld=n#ar4}I%yL*#lw%+EC*js2Uo;mgpIs?Qhpn<qv`
z?66mf3T(4|9pPe)#s5`6dEVW#p{4h!K1k8=3YbswqM7(B#^P>Ry5jq#Cfr*6u_WA2
z8u6PwGnA3DTfAH&g>FAlQM8}Oigzxeie<funib3HkL|cS%GyITTOXe*EzZb`H6Js2
zw;SHHmnjK!N6H^1c%NMITVYwv8alct6c~Rn@1Y0{awPQzx#h`O<K-Tq$&bulh00qJ
zKN&9yX}&EvlBnD9i-DEx(g~uFFLPHTIZTWp_>++_9HMOYE3?3J;+*Mk_IdT>#Ii$T
z#K>p_o%Xy|OD^!;arZsC!}Y}jJ-k>J^6<v<ET>|vli!!(AZBUKYVl&t`dIkRu?D|P
z^>Pv5_pZ~q|B>xsH&*7L?V|)!k<1i`>jTTXuf;s^{YXwy9)r-4IWf{TL*;>q4bv$N
z`0mIML7jdp1jzUM2`Uwv%{0z*_qJb-sFAhHo`;f4Lo0-of`96cuufCEC><8T!AMoE
zL#|`y#0)O#R>&|2-OB?JPe+Pk|3C#p&|&|mS;gAr<oJ4vBW~cK7y|`ZOunG<e#FDW
z4aC640WNO6!oL^8I0+N}%BrtLqJhatwDcSzz`N!Y%PE=!%+N7>p?%;dPv!gy(l<O<
z5e_h7Y!ejEeUlYAO|z5ffX*biWEISXtFmPQ_+P`~v9I>vqGFieNO?d-a7A!70vEW7
z6^GGilWXN|B1!0S5&7Xj=|u-9!D!ovQhyT>G=ShF`P<~Sz^uL7(_ts*3_~kGz|oRM
zIn#u{p&UxxbwBDX+1uooETqXPBWq8l5dV>Db_Sb7Q$5Gy1Is#L!H<uv+PsAKX_PYl
z4Gl@#M^j$i$k}^M4n|r^!cEE#Wq}#8YIMmRdsb<K&*j%PRZt(<Bv8G~_RyK6H2X!d
zSdGoHHGglgVv#2%^K?#KFiVbf4C!0-r*287ex$o%#B?|9n2`N>ow~&zlAC@CmrwSB
zZQ5mHvpaP7PrPHjjxb_avlKFRwl%~{tbNJf6qpu6-!y06NYvT}w>qNiJz70h<Wy?a
zX3wmBNQb7oZ%!Q}$ZIdDm?dCesVFV=LQgV5uV(#t%?SelG%L({q5+5D(*HR1Ef5GQ
zkU`<{MCxQbA;NAZsNzBp+-655v9|HtzUPnU6r<%T&Cdfr@v^=IfOtA5Gi06aT=_B?
zMWK8}T+vVx<4)Rsm^%d}qt9H%;BPvd@haObSgU!+ez%KZruGho=96gJM<#Mj9^87&
zLe^;WxJ9$~0#O$q5bZr|Tgd(K+TjC0ed-#xGb>B<(;!~B9QL~Cz0DJ$z8K*wH2-=5
z^5&P2s%RP>{(%2T_wBu+sCLTh)5g&XMp2G-5!dK*85iQ7+X8vw`%!PhR;>@HfbpGV
ziwS;JXJN?n^1&9>U^WkQJ!7Q<=pIT1wi9;`y9dosIH^KiW6Rk$JrwEif~SvOlQT|y
zHok-u`*%|7Aa-HYKShuYD1NyMxRC6MED9LgE=JbPFk_xrGjYMbfV3)lAZYxud+I#u
zBQg)a+{*w_u<kH~wY!bod1!YLqZ={}XMd_yWXWDY!gnR0y?4^YVG)%987Z}=U*!U|
zBtQ6pHQNMz=K5$GYx-9E*-|@0A=LYxU|&kmH>im?WkJ61t%>0q_rf8E*rReH<8I7j
zpDv;-)|zU^^iVV_7pRydXX}H#NBTDd9(T)=?uyvzFl!Mo9#?rn<>^SG2X;P$V{Ydr
zc`Y!MPvHqN-yIBB#6_K<(~L2v%H3%ql$8e_$N2Sh3*26H#<BzfmPAzQ7nji9$>E!s
zH4uA!kDoc2JipK~P{|%0^=#Oo+NytWnl20_H~f<CGcUw6ZL_&9fn6F>22m|aML<A^
zCGSQqur({cU50gfXuaRr<J|Vsx@U}T%g+IF@7Pi`DEb%G8xfVr%0S{wwBoED{2JP~
zSR9rGch}{x&~QT&69Qxa&{8qp?v%gIsI~B)wLLmWMDuwuccMVe(;isOTVv2V&&LGE
zQ=wHP=&HmM-f7)gTss#DHQry)kDKPh<gq|_fu?PMdhWW(NEeSTd)Nerj{L0=olMuK
zx5*PE6Z&sKyat%snY?SdNEu7_ae(;_C;BP;!=@WTqXgHMSQMNQRYtv5RB;32LX3KA
zYdss>x2yg$WFO4@kk)Ed<EQ;<FI75{#3TO!lDQcyBl+MGG_h}Xb;VR6`IWAgm}PU@
zv4k`Gcj9^x>{Xb5u%sU$(%PG9z0%eiYd^D=2n=9dxglzOzVEJRb`JH<fA-+y<%tM*
z;^n#Y#1M5j)Zj#QIu@ZpYt;DOr!`0%2b`BeZ(IaE4)iHk130l>QWwI#8hcM9?ekl{
zY;b4>i@3TjsR=i>?=;865GD#mXWvjIAgMW9O{KnD`Pq#=(7KMPz9#Jg4TMNCUEXJ2
z?DYD^vqXT-JX)jo9>3VVaiVCJ`_f#8R8DODs4@#OFqMD$a-^u~FLekq?eCPUBY&cB
z{mvRzuxLa%7OfBCn2S10bkkW-O~853FNU_bWJnxpY<E5UDs+M=+PhH~jYOA8qDp}o
zMDU*t)9s7f&Ndd*U3-R4#!)@Ecna4~E(0Of&03OhkkN3F0T97p?!6eD<x1SpZB=_F
z&8m4nNLa{EZ|V3Ux=?qt_AfRHv*cJmg%@~^Qafg!B<S>~-Lxg#%YUu9z(01>AK;hu
zkTKME4))J*^My@-<=(!vf!gt>w9gqIGK#_rf1fnv30i-_1Ed|mGsN1)G^ApNFaVds
z5GeIacm_IR`0iZ)GE^yMrV^J7ELHZn;tt8)UM<z>sQHslLfpX|q9FTxGK6aJK&p(}
zszvBBCErW!<gIxLwrTmssI`(K=QHL_4vMzUQx*H<*T%X^?m?OCGsYW<jti3t!xP-E
z0@QrjYp{M}BuOt``f({v`h$)E{!pZh3|pXlLG{;eY~)~7;SQHg!(nu<J~Y;W#I#;%
zjQJ($kN%t(D8t$>X{227*aH&n$ip-aiJW*27h;lniX-hrzhWL_=a^+a7YUSHlTg(d
z*S8;Yg4uv0+lzYH>l_>>epoJHKOrAJ73MTHONj-8%lVsF#{ItK5(5R2>5}7-E4&J?
z?=(l^2SlI7!3P(66?o^7bR@+@|IK+iOsB?Pu~lsZKj0xhM3gySpHaRZ&}@s8iDVD4
z!$ET}LKxd{8ulUT<zl_U9;=B8kj5bYdH~H2&(975g#QahqQOhC@y<N4@y~uFgQl_V
zC!B26!j;2`j~0clCA0pq&a!!0P1<JPbr*6y(H2{UV$Z60eiZxe6>N`FyVjO#dpF*G
zFMj_SEz_-F!se=lb4l<J#WT`6=qFC*Fm}ssM=DnMpPI5<;HoezfR1DQBwKy(J+v9d
zIWbo8s>|1lJ3@5+R47LHQ#TOS%doO$uU&t1=DGgh@SAOKb!%NwN2w!lTwzs^Ec6hu
zj6^}C&;Rt!3>-(i)-EF?1JN<$E=|j|%aCxLRCWl`t~fIgK=CT<rDzBmRqM6E`rQII
zK9CF~f9Q;3N)M#{XQn@8)ILZMCLT)dE}vki)qEskq3rO`Qj~4_?Xc7&J(?4YBn1E#
z_?hV?O<)@@5Qa_27d}9QLiTu)-0-2rs_6M@Nrd&ti31mQ`y(*<o7+gF)Hn6(ZHVAr
zRxN>akrJ(^`t<Uf4A`#%Ma3Mx8{FQ75@NwzK@LS|w40!{an}6(%_44{B<AT4ibs^U
z-yT|;-G~^3rdOfVo4cF*!)&=8Lv(<h<ug3=0Yuw}W`A=oB0w_-;oP)upytnyq}Y{e
zi94ZTwi%y>BPZz{egXz)fPpB7W-st$$Q>(3rX4At!A=DceMVQ9LF*$iPuqUo{|%UG
zGRzb?4&~!f=#7`RQY(DYwC>Oi<zf@@i1c>OCQsbZRd*y=P(VBb^tkhhq!tW&GtCMy
zNqS@DoIlx?Bw^w-WM?Td)9`+LOP^0-7Z;~9cBIhg(wsyZ$+=GgNC&F3RODan7X|%p
zcz<<b*etD+GBJ~ps6NEdW9<3{)sG=^LH1m^;x<T}ATI3!U%tg_+vBp<R`$y{1PsPm
zU@<n8?L9h+PMdU;k)!8(&!4GGp?_fInI;PV4uxcfPf*YD)({bVr&p-u-lZ(3e!SgU
zt|`C+rDqlnjrzrfZOi0UFbQN;`-on&p%^At6*Wh0<YlpQxKAS12aZ>j<snse;b68w
zJazg2r*xH^dRJGfs)b+LLQ`+HZ*6xv{aXJ>_o+O>**RNY@iyU$KKiht=6$Yy3Zuf`
z;;=qCr8YE35ywO{??Z4Xq_&@H5mqG|h|rhdYz|H#)0{9uDoXq%!E-p|DPn41DpE8)
zQHv<666UODP*W^`qjv8qF+DncyYuPkO^X_`)$+}CQ*{%YzGlJISfo^apAlXp8yElk
zY3{dsC)-T&e{;GM)U^{p&bcBB8iGZG3S!~w;goq$FV~qW*@I*QKg=*}&l;Qv`HL-(
zSBxEC5{w-75qXBz9QRBpqlYeQg9JU66K9KNEp`#i8+2e#Ep3*sAHrW<nqI>SClB@r
zR#lWfy3z5qg9KYYXe1Q=0(4p1!G0@nHuG+;(58ff0K8Y6RY8Lo#?JbyTo7NDO3ExS
zARHQ1-hD=gR)&Dqg4pmSV2tB<^|62r)h?Wb@XLR8C?NRe$c+LM$c(^)f`xFXcYvVZ
zTI+-4D_~zkt{v?W$1UAxyE1aL{YD0VVUIiYAo&L1vbu%yg>HoBsh6X~HCg=C)on;Z
zqc8|m;K?owd6a`jfs$-b^T#=q@U{8<vYBz=Ssg_d20vHEz1~&=63MwTdaXX{Qw722
z%G%P4%Zj29y!c1Rm*<qBh3Qld>>rBE666X&Nd2yytnD&odyo0o!&ye^E8G)wM=KqO
zbD`aL5R`GqxVsBB%$HggS5$BK@&p17EIq?ke$x8w2hXFTL9q_}P>eOjM56oZDJW`#
z>1Z7QK(rqv{=-Hvh{RvbL~VeANI{i`hzyzN1BQZ!-wg#*>EkqB*_Gr{+CjZV!~IWj
z6EbIv2$61tXbRf{Q)hR7>;R%WQOV>tZBJ=r3b!P#0`_r8TIW*H|L*Fwf`14Ekke1u
zK&iLA_VeMvz4pZl!dJkiBIFkib7Sa)d&#B8L+?{NP9{?M(mIV@tNLcFTjZPddxFB%
zd^two<UG=X=?v4H1r%W$^R-p3F~3D`+v<?6pn1vI5%GIvFul3=TY#BL`noBQ+2VI7
z;EZb(Se(?#c%et$hLr8g2PrOug%K;lZ>$N44U{rQMGF)7852#RH%jrhJV7Bq4=)Ik
zdu#SK;KK&2l>^x@0(8ddoOGhN4CFke-fLaVAVAK4_BAl}7~#7m7~vgZG6INk)NwEv
zj4-5sq}m9J8*k?a5$=<$`CBgW^PkPdrmkBqq}*+jFG-_NA-&fTZZ55KF?_uL#rn**
z>O%;--z3rH%g&DScOMp#9~lwOPN$Fvw%&jMh6Zx`_A3BJ+X_i>8z_qV)h-v_Q#1<t
z1u6c1JnZx>Ozg5?q}XIu<@rMEyJdobqIIs|+V9MF;<|uQXwrF2zVO;0+(%Yd>e;kB
z^vs}Dji66w=cw|BZ)67l6~f4OuRmck*AG{%EgJPGfHYr0dP`4;NKcoXXE!+ZN`W1p
zu-A`(SnW^%bojD4pA~ui-D@rHyBCMw*qLp3*~)ki?{5~fwbgIRP_B_a2_~m;<E&*k
znPa4I&tf-x{b!2qH2m`jaD!TfS%-Cpcrd8m+w7DH>Yk%XgU%3p$o`ROC+M-<FEYYi
zFEfuoCpABb?GfKEy_YKPuTjR(&P;ZU{ac7vekJc}P1=`y7b-=AT#55=UOJH<?Nm7<
z=(VN$wqcjHygWC5S~h4jzDZC_cUijw=~z3qU~l@fED~Y=yJs3?4xzWA9!2H)jCgjB
zjh_x+KRvPs$zFu;uTmp{P~W13b;x!DEyVZ`zd#Mw#Dw)GeZWv4v=T2RY~ZJddhtY0
zIL~{qC*J?|L<2*fJ<byS_A4B-W$E$K8cE7TpPM$QuV(E}RLO51%ID6IH176HAojIv
zQ!dEsl4G&sZ;)LlsSkA`!Fae6y=(h_Jlyl}BU>2ev{iud@IU}_0nr$94IRHJ-KB`{
zo8JY$eh*;(4<=WB#XxsU#6W{Fxpl9=QE=+1@AU@_HKAA31$4bx8lkXlMKN%|D(}yd
z5Y#TtD9*bQZk!gDt82!U&jR*W1b^mzWdnMg9Tef#=zcP9<VIY-9Y#RQunpprGz6NM
z<q_gbS3b-BYXdkrDI9wWr5$+!J18RPz~X0ocJpe4%T4UgyXzCmWR;l%R?%>h@H@8W
z9fa{G*Q<_$GhDl`+BLpsPkv7m9;$ro=mSKRoL1;^UEgHdoDG%wFYqJIDtf!gDQcAu
zTEC{eqIFmJEMW`V?z808k)0jyMRB}&wswi%Rv`f3wF@)D`HBml<bsl-_Zrv8Fl#RK
zZbwK>xWIY~Bf^0$6_hiO8u*8aB-aX=xnVw)Ss+G88@{)hq7QnDf=(FywvsJY;&q%w
zW>G2w@+VY&!52D0iMV6x*_~h#0@G3F*FH?JU<}3(@fi&Br;h73aA{n@34d8Zv*6RD
z&Rt2af&8n);2%1^=s=6$u;}3C+IG}@5l$yhKy6H^q_BM-FCrIZL!QRYQZ4rd$U^v{
ziC&Aw&>{&&(7!d&dQ6O-ZR<NqJ99qNK647SkfW&ftJAein;KWWdxw4)DJXM?AQV&#
ze$7v!vn&O`zxAhCG71nXKWZ2gMkibPJpMJ~cD~Jfwu_H_3TyyG{UBJeWII@~161(8
zy+oE~vkYn&trY4McBx9YN%$D68-l^{!GUR{|4prJ7hkK<#^g{z|F48RP^lKFO#2KR
z*C4pv-2z|fXPY0DxZ{}f#v8b0<VF038|;VHfz<Y(Ke>@+>gq3HfH&R5$#si{4X1?N
zwvpN}7w>s)Xb@$n9;XC4=W9j+cEA_l6aI?<XqR_>2`6m-+C!whq%E(Koz-=DJdRvh
zHEL=4sG?%*Cw4+`psDOpLKrt4SLfk;&d)w#b_xk5yNC?wnh`{sSK%^*_j`wN{ddRG
zo(ga4S5F#N((#=Iw9bPZUD?i%7SArUk}I^B_bZMGV(ikY^hs5Tortvw5)X^!I&n6B
z<qdep(N$rrkl=HF>A!foc@y^J{`oMsfZ**4!>J}R@Ye9E($LJXYu`;Jd~K#sBdIc9
zDu0xFP%HRHjKmK-72C87E|S>vLUT4lo6XaToQEeEqK{JVM5zvotLa!=r+MH9Vy;A3
zY*k_-XJ9Xhg`8dYM-&vVZ7l%pldO_ZCG6-Qi4&uKxJnLu(Gd^<pnsg8Cwfdo;QfNu
z_mjd;LLN0VV1s^fB$`GtI_YQ=ScxVn`r=35x-tJS+7bUL>{N)-CR$2wRq-*m{@0fc
zK}Y@<9ot%V)%*=#74R{Ae}Jp5e;P!l<2L){Tb9g@!ZI3XW(kssGm2Bso?Hq;t(eax
zmK8t8e~ICqNvLA|fd6*2>~Q+@zC_MMF}t0>MgH+~R}!^%%YDi@%#$R3Xz}g2$TaV+
zC*fjrJEA;b?dYTqG2YwQhW))gE%_fV5upSPVWVn{igs@y#>`>W@X;?u0?u(e)o}Zf
zCDJ4TT}iLJ)`=;EZP;I^RH%q2fw74xLBZGtO5BuY3E!DA-;4Vw7=<D^)AiNb*Xiy#
z!!-5Q03}arb2{JB#+X;ZKeyKVtGnAfqs!4`A6ul4mSj7p5>R)@Ofs6vqed;I@BhDZ
zWSr+c=nC7^B!dgl<@nU6xBg4!zTmJ+A2%j|pTdH*&X_0qh@03X<E3)U;hb@Wt(kmP
z#K_j!=-4C2zVJ1+e0CBacxo9=mewz|a$FwW99Jqmm5GTJB{@HM>(p9w&PZ@v=JDQH
z?6McZQ2_xy;upL*Lidvm9TpM(Ip-Vyx;Lm{QkryP39QBze*-unLsb)3+m|~n`|`=)
zte>Npchl;!Xl6>3fQN^BnWEMtF)J%$f%wWJ-o*=X9Icw<H9NX4j)B#B0MDmH@WF71
z!Y|96&v(P)yA#8*X`OK6XNU+D`|qaSa5QVlxC;R+n382a305Rf18kYdo(j#OSbM?^
zL)m{V!gsc-YU`NCAe8Tm6(XL*Eezp?U}jIbhKLirQp=hZhG9Z`S7=y%Nx@y*WEM|e
zX;d`h%t>L^>l_pqz0krx=UYf$&Gc}4$-5$s2NWP;H<8IO_t7@4lzwkNL-|)t=|GMP
zgCe%V-5gSa>117@YSBQ^4>5)|--dOG;k)V2KosW;8bqoEFQ#7?&v3-iOm-}0WP?;m
z*VRQUe~T`I#B6<;togkdM@D%>!9)379Lo?cu9v`Il2m6687E$9pHU=dqmkGF6{7%@
zZ<CkX($y>{@GS~JNi$N6o}Rq$uf6FBfyLkz0-^(8n*MB(5DSq4obb88)VXrUZ(FUC
zSOE~x0f;~l)jy7c(LuR}D?ZJGE9UTXqj!l2pwyw?LhbMD_`QN;hwyuPzgMXP-IB^f
z=t1qoi<b<ntK-hU-Vn7}$WtI0cT5lf&85Bz`Aw0MUo)Ax0|8(qf|EAnWm!BMcuOz8
zdY821(om%1wQFdaY``aq{Rxz~8u+rC@&({&W#VCKRXDl|AW1afuf2>zxn?yA+-D*u
zDV|8Wsa@py{BD3j>GOQk2z$~+1e@2RwR6xj?Ked2nRYeAQwtDx@d3o%{PyAhYVq>`
zcP6sAoT@<Xg^7W;C~}F$#=#dBjr)<0!=V%Oukhj5!B1ek6duQpYd&pA)O>P;A$PeV
zLAbn9!#h06%$&%VE`r%pi96l)6Mw==xewpV<B+;zQYd)jfPM0#`s6N89YLFU?PTJz
zdSE;*rf<*j7Y$dAAZZ+QhY3|da?4u-#0J#ibH6XP;1cNh`T$l0^b`=hgyx|9XZ^so
z<${>Lg#4I&MClVp&9?qt*n?yOHWCGeScsmuaJ4)IrULna+Io!k4gXO&<Lp>{+>h<k
zVI?XfW}aPZP3sJb&kJE6ah{$kF;~2l&~D?N`@Y>jm(L+xI<J{=tn4oO)buT5bDPtC
zYcHPAqnm@V%4#jX)fxX9SV#7@VzmQ}sknXio4VJBfLbcv@8hQ@PB-wdC{8e%EGz{>
ze-Q<Izgx|~pAgRMFdyI8>%-Q`#ekrycaMr5v1*0O*^$CW7?wHo;!vQjXOo48X;UfK
zp}<L1HedSi#sgECFMRX%Z>xYHQ%R4;Aj5=9?|Kp%^Vf!_o7+N$bv0Ti_xi+n$Gi!@
zyp=as<-O9?)()+ICZM#FpMBov5WZ_=PeK2aWZ!dlZim6K7?<kW*K1I~q{26<ocfR(
zB47$zA*RA-DiV6hRQ`u?FYb9#7~7aqz>Eu8F{knHrG8Hlr#A>qWM!2)B42Q;c#8}b
z_r4%91bix|V%gqmO1Aub^<mP*c}_^!Ogq2aXZ1=r_oOr*3BMK(i(f-iUuDym)eoT2
z%EI8Ta<6nL6zPp+{#r?qa4v?SGd+y?@O!*auMaYj3UpQfI$&@|$SQG%2$lr^f(N*R
z+YbK!vn0jc8gek~$icA71oeSn-h_RR0sGoQ*P*r-nOJd{e_hD*k`C!}KYX<@L`icb
zJYCr}`zE;UwC6L3f8NsdrhHoj2uE|yyTD0~#@cgj^e%UlKm9YG4@gJPj35{a-k$7l
zcOwiuC>R@Ea#*#y$AVH0@djyF!oS}o8i?tlhS}Q)eE|cY0FwP@_m1y}v0h(-k={Nc
ztvk6hP<EHf(42Nc+LZ)AMP?%H8v>^|5wn40<+;#$7rRrIAV_1cjX5v(<GXvKeVdrS
z&tz2b=g1WoS56Dh)l*{>27P<tzvH-aA$By9L?O|~<F6*7W*}ssr$e%f@8KU*EJhrN
z{n|XIM$RAglBAAr+ylPfOaR2dWRG7_m3ir+FR+O*LWy6&z_@>U_}OB*^>$&eStF^m
zi5I_mU0up??hU6=#4A9N+^jJg!mwEQ---zWP+p(<T`v?;QPma|LnZ^g_4b_2ce6f4
zD<sh}R5#VI7((V3@P2vaDX;HgDxU)eFHK@paJ4wQ(~A8dI+1MVk12oJ0?aupgyn}@
z+d4O@%(Q7)S-Uz|S!dd_@FkH<>;0q3@4ogK{PJNVVj+LmosDqOderY6t&qg3z$aJh
zd>jZ)A8K#WppR36jyAi&j((yd6Ak$%3!IKt#xw6JyLf5$mp=P_-kJHFndUx$9?o%1
zBE>#7)=$T6GOZN6bSo~kQvAFXV_p*D<6vKk9QC$_=aoy<Q5t3kNxBkdZkTEURlF*5
zv7<5)J*(HA*?0vyaQrIC2O`fL2GZqs?*s}I$K-pI@$VvpI)v|hAvmihhn*8YctpA`
z1!G4tb}l6rFrw!FA5-rbU|ADv3zlu0UAE0GblJ9Tv&*(^+qP}nR+n9KzB_l`n_uV0
z$(<29V`XH<&R7|;Nzto)0N$<;(Enu}BI&;n?+sjuRQE$8G3Hydg9Ddzi6~8Pn(;Q(
z@jLZg(Es@@QK`7C5P&AQVAJ=Mza*x0YpGQhnJ$CyWeX}V4(Tf1qp%Z82L$nj<KD{^
zsBoU)DKMjNZ8EYG%YwzTUiNZ%uh${87djKgC6U82`v8hT(HJ#cGpZvXyWNLh3f7b|
z+D&N2c<{e0$er8A?w<iTF@Qch0{IZ^$6qBw0DZK&P2H&SH3rpQyb<~JZfD0oS?xks
zAo;Clq?J2L_@h`*wbJVm52uCzRKh_VQ^Pb9e|%2*Lt7x0wymsDl6~p6c=H9t*xNY(
zG3me74*yF`B6R)W_ckysSlI(3Tv4BUtD_>FSAKAfIB_p&btQ*nHsC|m!cC4KIJqFd
z)I8ibhq9e}?His>_mW&)8g@9*rTFL<7jSN1Ss=)(8qeVE_v8I%S+q!)%gqjhgtL=t
zFEYd>mv$M-{@^V~|1WXPv<LQIC*{n7{U>K{GcN)X=Ply@QY*orY7vnzPrfYRWr3h<
z94;R(9b)qWsmARRPLhLLd@5V->fM1T|G=tbc<NOdl+veOB7U}UF(#KO_!@BDYB78t
zxj<l8qsFp)KI#<Q^{4HJy8V}_o(hEXgdvQk4Mzlq!U?4Q=z)%<zGvL;e>F<)u1m5t
zbTS3~5auBPSLz?G4>;A+;CJ#kirQ7R29UeKWif{SKXUiLZQyY5cz|XgYM-!?5OUD*
z?YB!7I`4TrQs108e|<o+1Odh4!O`pA=2ZH%?S+Xq(?mgx>&3VosmjFwCI3Lm)=Qn=
zgj1cU!wvy^dA~vBnJA#Bb(G}$p#!R?u$1is^eJ#fLEwcLr@Q)O5`)MrhSF09#`FFt
zVr*_XvDlhv>;LgX1#|d6k-SJiUMv_UIg};5tYARn0*$OE2^f^Ll(F1x!*ErxUtw?4
z+BMiamR%@0WQ>*Uno>teOeE^FW_tah<<c|<8iiHRjsVtfZDlWE#N%o&SL;O3r+}e|
z<PoOcw;5YU^T+F>saU<}AeHnYWka|9NPtEf^Q^4Wh#84~3+AgriihtnLoh9SS>pdY
zkJeD0>yHPrgaNo+E2z&K#88sVFF(0v>7cDYhL^j|4|ws{k_Uu`N7;mHcz%&w9P;NG
z0kAXhfQho_D3&1hv|h<4u%$MQulTLJR8EOorypl@<Bn8SsT^V>Zclw6$Sy1ZW5Xd!
z61x68WuOZI?hQ73EFc;uo<rmP3)RQU1CP?4n&f{O%}{6xgp~BsqDwegKxjCy+<A;9
zB$jMX7D^>A_(+9o#;PuR$N7eRx_*gMxhbRB$*IFD8<X2%)>jlXc7Ur)CA~CCZ9hi{
zYnNUYNt7^g{3@Z&Q-~(PlD>oJX2jJ0R==qBg!oLQlBa(qM<j;b;>l{%?%fYKIQd<m
zf8oVk(jB>4yCYfteI)$!=NJ~<_@?|m<nFFT-37hC*H>x^B(RCRYC~R@a;I%K>*Nt$
zYX)SmYt|u%)?3)Bn~XN?>n+7rDjLGQyUPzt-EwV7pSu;gT}0aU+us*Imy-0aq<M$`
z54ihP3u_=ZPuvn|I&^w^K*zQL8MOC?yMFMbl5koMmZyU3j!UTAvKTzbpa@}GdnWvm
z)@8{f*_`1lz-UNdfEE=0Kl|al)ISX@$^K`*3V{7ol`KpDU;7ceAh^t-ZvwIt!;_EG
zFnjSe3GxEDyp+x}3P5Le0QNh}Q^@T=yF75(j)=6mZE;)+e^j5Kf(eAmBI1twT5C=L
z9`U0b;1zIIKl;Tr$tQ4^paH>)3`SxfK>2^<Lm(NvKo>k0Ll*$H>|t{nbAm%j6gZ(!
zzX6`_MBrw)#>A&J{-38#Vs*Yc_Y&1DofX0boI9)?4D$v$PkSxRY6Z7==Fa`Nw7|JZ
zD|o$U@?=Z!f_9~26w>U@0}7?tUGQOx>=Pof+9kNW8h5kTde`S}PjO4v+b1MS7q`#5
z64qijHq3~%69o1DL_opyE01ejPBgfKY5!&Kw(zn*h+v$o`wtr4KtznAL<E7xn&25(
z2lz+)--FVTN9?laV(c>RKvYICBcV{H5jf@F)0^iyAvWREkYm-IPl4v%nX4YpR@7WY
zgT1JJ%xbD+Oa?EMt@g|H$GI)6n19N~$#{z^RGrM!u2YI+j3<qZ9%tR&&4}jvvf}?I
zAc>my(=P&0Z&>G!m#nd@;*zNou==<TYY3S)UkvrDfh@p<Km+3ce@fvzVwbazNP6?b
z>8Fst3Y1hhc~?AyjS46or^tJBH}7a6rTM)VILdy9|2<@^t!+Ih?Ohe8{YkK`(#`q&
zxNFm^Ow^B5(<_!d>~f3{2)n(g3(~Ut?$+{H(x7P&R;GRsd1{lYHe{G6Ib!)Wl~TQI
z(UQ45;sB~aqr21Hbdlp758vH|f&2YBkTY#602<w$Qk2=Oeca_ugHYRl7n!Ty&Y<?;
zChE|NTsQV}ZpKLlV(R?_Z|<J_REEJkx3sx?)FJw;RU`LG&S&fX5f;Zm+Za*uPMc-I
z=4Q?Eq`HSKw7^FKwI5i$Cj7SaPK^-faS>W872VbJo$nY@Do^MDnvDM9MeOD%x2x2$
z?-JptB}D4z0=AnP*#zoGRrFBj_$H)K@q!@Qus<!}@_kIvUV*x+RDWAxJ~*pJz;VG_
zU45+{VY;1$FE#w@A|;%m`Y*elUyEm;@Kg21U<L|7!T0n^oE>F1=JdMDEL@f$A42#f
zBrqHCPjN{Qs&K#)2`b|K6MxlY!MOgbQ)<*d*%^XS5u3Fo7mF4}3iIX48n%=Pj0wKY
zR70BhoMnzov93M*eefe%gE5bs)ru09{#%hry4E=0(l8HOLzbH$uE+%SAy*PVMQ2M#
zs9YcBx@ac;T*Tb8V(7c@1=-6*ZrWhPZ7(o^+;T^$vMt`bY2;`Ai?9+d&7_`I2KM1>
zk#U}$o$=PT%N$`9)Cwi9ufFq3e1gbM6ie8$%uiti<~ucCEFKhh@y8gv)ew<gk801E
zwh>KR3wt;$W=HK(=tBt{rW|eu+5|Kx=Et@hCv}^s^4Cv?XpIcU8ikG`TWzIo@e#HX
zM^en|P`A+{%W|_;6idWaQUALc`QMTZiJp!qUyii?%&M~?>0|yimfM(G^{J?PAB5^x
zjxBt6%H*9Swb{o{zJI}USHc;;i4%S(6D~Y;{As$ZuF5p3cw6QPRDL(1L7Hc1%}h1w
ze(D0{UlS4DnN_Bv3Sj0MpehRT|9JK9p9z828!#((kl=1wbdeHdIsf`CcGacIHyU4;
zqJ@DC${n`#=0zMCpfRS%Bjb+%VvV#B|Nbe9Yjn!D8_y_(iU(Z`b%7Ut!FTW{NpjX}
z?4qqLxd#()4~bCpy=07g+n0kH1LUQDg{sfpzSL!j>=DGb<JM&Vt}RVXM{m`v$-l3E
zl5}y6(!RyYEyvt4?U~Mu>zhiKGuEcvudF{B(=5r_2f~3D1!tbEJNGi(b*Yh8p4i!Z
zciTdAb`PF5?KM_cRINb?2aMt4X7Nh7WSb$-wveSk)UvRZ5>wZ89HJfB#AeRAl{ts5
z>XUT+5y0&M9u6q=V=ZP=;|a7#ypXow*RDRy#nBFzIk&C=c-V%P4`dq;?U(tIBD_c^
zYbhQFp=JLr`>G3}g%+r4-3Yu9VlVpE1;egWKRohdJCdBST6Th<U2&9pG(f61)rEkT
zQsgn9b^t!2+mn?>T;u;eJMyYIOIQc!8x%uHM+i9)h1!*PFy(@e+4_Ib_n9wdwd}I6
z@h~WqBm>`Y!Yq)LyAwIR^G-eVZNUPpjBT7}I2{kV9OuSSt1^pS26zvv0HLiU4_PpD
z!EL{Co@e{v9b61LLWCv$-&X++fh-^pII<YblJFp4W^uibYH}B_mX_NEf*4|zIKASW
zVx-SiVieCIzl#3@?bwheLa<e-P+C2aq!Xn$c3s#edt~<-pduMU<5ID>X|7&i&W^xe
zW5X2kC~4_rf^_B8`1o>*FuZhgr-}<$H2ca(1-8W=?&)A->I+sJ1kT(B;{LH_-738a
zn-i<aR-Mc1_tuR7&GnnNLT#D9uE(0|-wof@x^!*|*NS<!_xSTNj%m0JHYd#&T!VPg
z1Y9Ie149Ps_~28MHZvrnZt4jp=};s$q6U%(PNlQR4t1QLjiFqY5&}~SDvoK1I)sEL
z9U)}~vaD_mQ^DM4*bFRI%^my_uP^QVn4vP;gqgp`pRoCNk*gI8F;o^}HBaF{h5^1J
z{ZBV#9PGwYFst`-RO2r=a3_#`6Mi?;c<#rt>qZ2;Dz90>W`M~GF_enM>6TrLmn?Be
z#OX@BV6E0Q^^PmJC+Jp^oB5_4YY#MEM9Ey)m^u0xa>}dJM!U&E|J58knbLKKMr0=k
z-43GmQgvf`?-or4UOr9t?;#i_={rWbKE|A}b6vq}fIVnFWf{bt7w6dXa>RXbVxIA9
z95iya{>Ff0As(U~chm!2`MT?Hs=wp5v>2!xRX#WP`P}QM$$y6Wda?|U@=1aMA}djw
ztSl}5?PSx5xb3pP?&4F?^Z9wcd_P&*F;U{qEh(^-I{fd(_b>0#GG5iw+F%#yyD)<J
zgI}qWZXc=*my1ZwyT%v@&qE$T)!@N8twA`ZBZuqTROa!c-wh;hb|g5jf)pwQYl$Sf
zd`V{voVm0KOpKK?58Mwpks5s`;KC?<gR!23!>?<{C*^P`>_YN>DP@ZREItPJ@RqE0
z*{fiOA(YLSG|cg4=9l)-0Oemjryf0Y)}B$%fvGdY0jXuh&_-xV#X>J{@lra!kFZ3Y
zt8X`_8J2TO4_5zfa*%cXT>sUk@itlcoyaF{GDCZBoBkQp4|4ynZ1|p`G_`eO(J=f_
zyzS;W`qseT0p#%h<6a9Myu@x(IIHj1T^O~DeZT`qtodYpVtdZ%(3H#|(9AgqM(CDV
zPxkxx6sqIl9~Px7-@W;E^*!Wf)_!Ql<>kYeTN*&hF`<iy3O`2Y6L3LvASeF;qWNTn
zbyYH6BacF9T174H3l^1&i3Ti|@*TXWhE;{}Qk6hEg5GIt-R39tO{5G2h3|rwA8rZ8
zskfS-g}p*1sH+wQb$?|X5YhM9(j5mP5cerK(0q!|Y_#xxskCv+U>DJ}`Vn{5vG2i=
z1=1*T>EVs60MMB>El`+d2ID7_is!3<07MuEs{ulvvt7^ceG|3;D}+Bj2FK1%ile~C
zHw`_B+J6-~Mo#KA3rSagfdJketNv6JAVWv5%@%7IZl*q;L}4s}NK%8~u5VwSlXWF(
z%@=I0T^$UmnblyZ09nv+h+p7Sykbw~FID$;J}o;uQKf=~i6ig04I$c<mUrEAFd9Yd
zO3td+=r?*b|2D{s)QY{3wEp4hFUJ3*^`3%5%%^N3!3Kg_w(miqVwgC7;UBTL;_v!D
zSa^Oug9gqFg9HLBeux>p8h`lm=HGu>v4uj-(V6iHs*qBO^?cbaN!+;caDTZdDIBe9
zaO_wOZ05`MQbuJ9t?ZPC09@UYdg=QR7HyQsNK(OSfR~FYCZc6)L<tvDg^j1llG6b#
zb&ZW_K)E-RK`{EoSm0F8NCKEUoMMGuN1VRCSpV9oTazTaL3Ri@LYud)vt#swd(y{N
zJ6(K`_2_*F-P`G7RPe2aAj&0>kW?}l|IEUI6wtL2qe4JVO+9S+Ic&OU#F6#nZW3oP
zBnB>BLjrF{f&(i^y$eNDBm^d1y}uIq)J)Lj-)qReyx>)UmS^nCs2w*LbS5wUI6$sC
z=~nH0{%h3y-Dh$u-alD_7S_xFzS)Ygq#~P_D?E}}kROqg;R8=&0KKWwO)oUUxuIbh
zRVew+bd%$Ds#(g<<`N`{OspPzMvv^>7}8i+UxnO@I=dxiik0O$S=^Re&soRfvUNRc
z3XSKwxU-C?S|IoAeaj5^t@!IJf_M4mAXxx!IT=<V6i`Z^NdG$P>4s$Dkz@y_%K4-5
zYneeXG$ew@F|5CJNeJ5h0mXpK%Ed!oXUigsR;l%5PhG)=<G7djxM^!nShB*!$F{&b
z6553W=iWzc_@vA?t3}gHvu2q%3f$OjEHaq8KmrL>C1Wq_RL5<l{0EbpWW^X)!O*^l
zp|l-o;T^Ej6bwoD-1LX@Ux$6&m3!6SQCV69kQ!E$k@5>TN;U~`A0(A3vf7+mj>U06
zI~7QxhJ1P$$Tl6bOAqZ~=^*gV8f?k@#^6-g3)u=)a`xPN8qB&G9>@Zq3lvdF6msW*
zG)n~csPA`RCer-dL!st^*;9puT9SPY{11fj?f@>WC=5rz@&F-rDtW#Pz-6`Zk~X~w
z)qd+i4X?4ZGLb@1Tu#9T&$f+OpMY7gJK-ZhUN(t823Fh*2UGxr5croD5d8aer=Ay^
z)UybX471XIHz7<kI3LVFgPxFTX_gsYP_#fo0lq@}v9n1C%GT_rgi$l_XzV4nH9~<C
zO(t)f_GlJ&zW52Y4dipewKBBtn&st)!a_XOizr7BdGcFaCEN1FTIp8D!T>lX8%C8S
zn;b%avJD~%l&<1!|H;`2Q}{-nb|iS*5OO-YDfaX=mAH%F_@M)~+MbE-LER#me9%T7
z`PYfxh6H>rvow|YN`Fgwd5cx`8>SP~LhsWC`k7By*8*Gj=^>cFxmE=o#crTV+;0WF
zW^JawI|;j7{z0AL;}K2}x|8kQM>V4%TK$u`<WB3Bv*FL4cwbw_5%h*?{3qLy`}FQ#
z%faiPH5DeFuV4(V#H&G?!9kj#(^0B5V2!F|uX$5=KwGvn<?zXzk|?=tuw1i2ks4qo
z_ZD0yiv5Iwq{kGy*>O5-GoQl8bGn6rEj8c`;k6VcYB7*L+U<S<D<DDgz7f9(Xyh)k
zU|nbUoWr8dgo_GEgCn?tu#$f=u0K4*9=PnYqVMxmtxXu@JC*@vrBDnV_}ryWx8ayJ
z>>Fps1WQWkjpo50naF8&KJ{ekaAq9OR|sh%pniF<FV!d%x$ZTSH*779*JQq=&SM^$
zK@o_-@*%|fG^qC?e)^LH8w;Zj0W#8bU<+Kwp0wjR)>4RvUAJT<7*gpWy~4*p9@%o`
zp>c64JJ7ae$t-8fiG509_>b1bi6YxU&Z&9vdem5lSJHxAo5^byyCyBVwct#LQxJj%
z2WJIARr=ux_ec@E!l5$mv4-4M=({TFc43sp{hoVK_qT<$<xNGCOU#5lNMONARqR`4
zDuch5PAToym$SL-S+Hiu>LYl(MqF9(7}4uyH>rz@-g&KC`YXbxxO$7~N;c(<WKXYN
zsf|(CXj)JhU|9H_bi=T0xTa0>c@m`(G;%hlqy~^M=AjcKFL|e!^*EWP176;V4G|GD
zaNgi7Z?X9UH_{GR${JS8<Yku3<f9pa!J%1hCk;#KMQA#V__TR;exEWF%<zCI)O(t9
zxP8WcR1v($L=df&eV6GhWlUx+V_rU;zBFHat8c%sB~!iLhXp&>2@yu$V<=19((QP>
zD9xvAvm$g+I$~j#Z#kOgj2`g%UDP@5AbTVjL;J`cKK<??AmC+tz?j-`>H=?M8rPZ|
zYh2M{oMs@KeQ?oq!{z!CN&Y#b#Eecq`L`^(*d(vaR)Zl<ZAQ=TE(6k3wh+|swL_=W
zbUcPhl0uqx+><%6+@(!GHqe?56*St8d(tl6=-=g=wloMDV;YFr_>$Ehx$Z|BEKi~K
zTwJpm9i_+GRF2=fp;dN4PNm|8$EHA2?le*iMBSyivvl|#n)*e+_*1Nc`Jkz$T1+pr
zEZT9Drv@HU%*4j_Smy9VMSd5$6y4V$DFXc>d{l8RK)uIS#X$)eyHPj9vI(#kPKLC|
z7CiES94>>QPsU^#VuCeVlmQckE2sD)k|!>oth1-Ub^@F#ZSOk%n%j(|jb=L{0-^M>
zMx%Z-ZN#8?r6-P{cmV-Tn)VDqJmAH5+6g@2%1&qLhY;&n{k1|(yNGFs3dFK1hB(f>
zxqlYE6+~)oo4Cnpex(beWCK7i@DPvn^cJnbz}ev)&MoGs*(t+4+Mw?o@kY%{3eFv1
zZSMsG)E)WRDr~wNS=*L`N=m^ae`{%Il6NO#Ef*Je7}aLq+SJtWHX(gF;yxBUf0EF=
zwGaWdb%=WgjV61&+VA!bJine_$1?+h&T*ee-t9#B-rVJuKilXp4ZSN6ZI~tKKb~dy
zB4IGty;{ke?^}DgEQ+O;YK{;MQ_H*cXIViQ);`GhhIz?vv)#6_Y}RL#IOJ?%q5DBk
z!ih{Jl7^!?g^ObF!--%l+|R{F_#Q!SoZa)Kr9&`z?PdC5ONv7=spVq^VN1Xljg=tt
z$_5J@gCrpXs(w~denWWA8y8zj5&Uw5;dh`oFYo3MYxvqh(Rp(eXs4-2fVD?yMM2e6
zR~9Gn`CHi`30VwOQvb+d!PL#L;s+e-nAGIYZ6&!`hcZT-e=RfsOPg;6?n;TJ%r6gG
zW9wL%GEB54xcX}fn6!6obr_<9_Ya4JD&K3BhAHdM<f@5^KxDy{v`_tQ7^YOs!n6d`
zjt57>e9G|Dp**smXgW=6n#YI+UI=g`@2Hdw57ciNdaPPG@VmLmxkZNnW+rS3c~WIl
z5M`-YR5X@6t;9n=|8hOI2NN#}w)o%Qo7|u!J$N6uTtC+fqlp$aXBqasPT*XrwU&tJ
zn?5N^msa8QTv52^#iDL{@?<T6qQDST>Sn!Y3zk~fU|Z+mHCw7`$M|L*Q_Gfy&UV9!
zPNBctt-)(!Og0Cfb>Q^>88a=HDt0yT_p50(C#Hh$J-euRZwl4CnLaTG2@UVo#CWyQ
zXtSjkWRN91eJ`G>1bXW%;ETHA(0}CIUG7J7YlYMp>=_QM2_}>KO?td+&!^z``w094
zTxiQ+n8OjNP68+zUz6%?5NFR*@Nn<$GZ7TJ1C)zEpA<g6SI{0F;|H5Tr3FjBk$KBm
zmltj8PW{JRo(wx<AX*;Q(V62r#avj$*c{}S3cj32M^%-e>6BZ>fTUy(GNNH&PalUo
z8-k<8GWPMZho(}UhEMPJaMB8&pj?IaOHDPkf|+@IF58*vsh3hD;`!+p!!mlgGBpqw
z$S(4%v^DY+7s-wX9&*z$?f92_3Jk_;y1wo&Q`(usq+*E^@OV@(-g)USpO~;v-OAjX
zY=FKy;W)(IsEZ3;r6qh5JWR`*rvGY3@*R6<T-xT)>J{5fRZfWPAc&JJVV6-S$eH5t
zwhYypV;lx(;uDR#xoyc=h6?B1=B1RuI{!^`e5>=(y%4icTrMEpO9e{kCWB616yA{l
zZxm{K3qm|3YG_wmz)+5?R9Wlh@X|2IxnYL?Sypj4UaFqtIET*=x0Xy=t{rLYsrqY$
zAxmaWt*f5<wZSVF0r}6VGt}dXq|+x$ezjo__+3Z!5XT=tA`I#a;-VSliA@e{p#>rE
zNWara@uGiV<}uxhUu?(UP&hGbxpR_1s+gVlH+KcTXz(90$)gr33pG8{(vnQFL13HU
ztUxj3RYVPjmB5daZap><LJ$WN!Nz)=tL&~dcW;i1?7}-VH9BW*2H_j|#Tz%Gk(LA{
zL>ly-5`^csFPws&PU=lz>b?323B1raTzKUxe8yF-BQz8+@z8kUYmaTaX<J<0rTQD?
z<cA~-Hl!}I{Yp_N&{r)}eK`3#ead8aqa?|-2zAQf>aWFsb1<}kd2{=NDx~eNAF!m&
zCu0a-9Zue-V(+6o^0hNY9dKAyTWlyYxeRK?srR3-r3o_T3_7fo$jLif6ns6ErEWLU
zPKKrhHtIABIU?^(b-JkbVrtiRC$Fujegev0MYVLU-&21sPa#0YNUO=6w3No25WTG1
zncI?K!By-Yr%%cPQg7Yj*tA{uhp#hV94)8z2NMeeTn(*-an}5SpZxSMBE5$$cQ?el
zYzgvdOc$KCQ&%#5&xD5+GOoQ>tkIS-jKf^gFf;2a<cpzwy$LE|Y}Q@x?J>mZCqdQf
zyYa)wAZTX-hUBvQ930;b%XZCF-ppqr$9<(U(k@2ZkSAgl=&A_|GZsJ7&TQLvUYtgj
zyi}T7)Fv0$XPx*itB5GdHAiaQkoFUl7C+Q-a}d5qvZHMAuk=<eE}3D;k4%TVyetbF
ze-=8{`N*{F3X?4%Ya|VU&M!Z7i|U%_V<6it2;JzL#9z_EE6#K#1!4n&Tdv52vh3Sz
zr`xkge1O%CN&2s7;R1-9Z8(Zc|MbfB-_IAlE$T!vGp#pARe<Gbdaf>Dz{Yj=R`7ha
zuT?EF?M%{{h~vp3`WAfv(PWoX=UPHS4HB;8M=$zQToJuQSNvJ3Qn12ij?It$K~>GT
zE~vlm)8z}9`1!?0j%t&$XqsYGcoP`-Zd$x0Gj}H~cRaE@^xDua*>FWrYts;oy@Ci;
z0i!me=?=Z2(w$Nh3${TL?J=#bI4sn+=1_W+?wP&3c+ojnn|gNxIOwI2qyOu_yZPd^
zLHhLBjRSvw%~AR7`QR%_XrA(Qp<dW-$LPJsP&!f;%=1o)Qf53;{V;pDl214L`5(u#
zj`JS%M6_osF*JV?%s8MCbW}!|yW{qy-GzUGJTpcT;4sRJm4|?r7Yb35<BbP`V%g!$
z#Fsl9HVoL;T^^WrTQK4F_Tc!r!%IoAf)<EWe0_p(?FDz(0SSW7OE<5xu?*Fl+-`5a
zq{Ek8UtJ1a9^LPTU-b=H&wu{aBf3nx{n9VH)hBrI?jWdO?mwI<yv(Qj;BEOGme`q-
z_0_Fyn{l`Vt#QIdB8ieC2Ati#b-VcV`Ec%86h2N+O10<bp2egiw@PqqlXgMZv{nRp
zO-`0Zzh}&OSM_G6O42&*(#~-SE)t)C`y2-?=kxBQcG1iMd28^YLvd;8S~RS*PRkZN
zZc};X@&<)_`%V+KDEnG&Y-XV2BQIp}r>!)sbuK%#+uG2dB3JA^Ys2ORaYC8F>m*~Y
znOmsQ_s6lbVI)V3&-HIM&^54KjR*L0H?=_=>n*a=-6`scd@?kGFM$Dq&HA%X&ae7u
z5VfHx0I4&dAuFsnKDEOZ!08mx<A3@H;`;F(z_T!H2s9Gg>Fy!u#B`P^GuJpTBOg!s
z-JCPVaI4$fq5J*EQ2|(oOAUCwi>xdL6Zx+c>w~Vz&`oG^hsI-g&HE<qx_>s3#<H^3
zg^Q?6w2sMh3d1G_&u#>_TYdBUT}K5?VI;o|h7&caFLniMfA!2^YCavHiX^PSQyR;|
z5;}S2Ft2M`W{2*XNeiD7>jU7U>q+h`1F4L(E6o(tzN)z`ZnakY5%W^DJaZ<us_lx0
zB{*cO+J}MRSW7j#O<!LSt~<p-@7_DdiLrWNL?t~(|1c@1<WGy24H_QUR%Lc;=$C>T
z_}{CL4(@yTDi*HNC&c0-MG#Wk0|9(~t#p>k&j$eIWs(=36O*M)X4qdNdAwRb#cOK%
ziqo|VDxk4R>nUC3`)!JPVaT{u*n_Q23!5Tahz+;3qv88g2d}0I5q#G75LbPP1QSF-
zYSplpir{bCWuD^zM)zdZs4?VkJQ!BNk>Hy5i^V%t3i=B;iGO?_A`)l0%dT@3k-}A#
zzuRSF_TXi{Nv$A1dNEgff4&>JaT8?=5Db>sMBn@`NV`txo3ErU!MD2oNb%Or`n&1V
zYWx1$?RJHR==S2%B)z4$6Xza#st8t<l$foOQ87QIWMq<2l-;SiI_W(Oe>^y)e!A*3
zyXWtaUG|RUtgpJrmti%=3<OC4V=7yK$Y+V)3v1b8<G>kqJ8ERM(>@nwnHZe8JK+2-
zONEHwAD<M+Jrd1GgF~Zign)!O3=$|S=`aeH>oZ^Y)$ZR_`37NuYMET9jy|;K=2raK
zOX6^+=y?Tvvxu6g?L+{3nroF-u4OlS%$dp{FO&IHnY6hMYCUtjg2b$PdtqPE9+`Na
zDr;(~&S-WWz1Gl<Y}M_TdvV$_A?`w^P$yfPf0ore>Wf1webZ;u=|%2=TW7m_&;hTW
zYFNm4Pq|;PMG5yh>X{1c)r4&z0M>~}(!GnGd2sX3#4GUi{2hMlQRxllqOL<5iz<_E
zstUVEr5jzLsU_s^%IDNDQ)a{2Uw#8Pm2@DkQ{<7k6s;4ez&Zd39l$hTwb>tpN0CYV
z%2?sKd<N10?V?zjupQ+`5D~aW&NIpgNX-MyIxRgGsxv<?)ssf6pXBi}1hJ*_Y*Qag
z#*Pa1+hq2NkM8K&lUizE|F{j3v2I^q%nB;lOx#+oq;Mtdu?6M~%*o{LhqU{7+L%DA
zv2DE0D!FMvm1Ug&{p8%ke{wpgF_qoBpCz@=r)xbzfH1IpBh0B^JIpfa30q)9K`JiM
zsg?u$PhlSqSeS84gY4N3jg`ty9$JCZ$eQ1LsK-`x8Mt-Qf1qic(l$m^pPqa|vpX{Q
zTU2`kP%^2Kc0QqC_medt-JG^+9sTXmY>3L3z<PgOp}4xK$xphjg8$V_lg~f4oXwA!
zuh}ljIy^NOZgAy=tM$`u_9?$$0hZE{lk;Q%w~QL7+5a-5oP&}o#i74Q?0DCf=cjOP
z^{K)yDv<~0$V*w1y8Nmc*Pid5$S_;AgU%?&B<~K<yd(CN{Uboq>TL3&<ET^UN+&P`
zd`V+zFKN^db<q-uRg>Qnc$mSJKP?bD7t*rDY=s5Zk$y_XFLm(eo8tcPC$+uR#t~P1
zLG%aa(0Z#GpIABk)>tm9%|NYro8PFlo8Il^CabL;I6*&oBte~2(slLwJyIIzSD9h}
zZT(EnTOE&$mOB}9{FwLsIJ3;}FejcTO+(O)gf~BSGfbtYjUZWBD~^VJ^S)>TN7g+t
z_T|?^dR6Dz2r#>wf9D0dPn|;dr2BMPb%d}=){@`T%>?!a<r1F(e-@RV+*OP`2QB)9
zc}7u1d{y3X`mi<$R13G>GqU91^*yPI4cDyUk!9IFA7m{nZoR+C+&;u(A&HDrw_*{e
z%Z=W4<_)!-6FvO69F0K*43L;Y6X5u11}KdR5Dv@W6rs{OMOPuF$R2>5X6VTyZ`>(@
z&SDaakP~>onZ^ImFDpycFekjg{0oVamhUW@oo>-L4BAr!?ee%|#qu$j_@##5HnU~y
z$$NYS2`Z{Ea)14MmL@QIwSa&;sG#xp#JU@0d0R;R3J6P=eGT7$3ugg|N8KnLLDvsT
z=LnYZMJdDa4^ao)V(b3yrW)n~cU|(lz1y6KCTHuz@kc9Awpx1SoaW$V5e8*4qLMgR
zwMxDanG8lVJq?>FFoxff9Stpg<4Gkvju>}l3-}hJECEbW#&Frz(@pMD2fe%+j4mB3
zk~#~WB+HmL;+vWM2v9Wwz4~|Jn^iWS6hWLG9%N99@EAF&@;Yx4K37Bk6JsC5*s4l=
zBP}%e<bw&s8jv4En@W0ggVagkRhEvls>xwCQiXLEbF92c3^FvlnCex4B^E>(=m?PJ
z8(#`Rk%H!XSd$Im5%%t5Z&4EV^uTH;o}e?K!ax0iaGOypC=e#0!t}CV9eUcAt|Itj
zVyM5&2sC5x)`3j1f&ib54-$_1nGHSA--u^H!@fJoM#Uz{9_AeZmXVqPSmsC`UYu-H
z!j8ihDh_-^FsiCJa$B|#aNg1rcqx3i-#@=X6yif<p2QeGCzx&G`q<-B8R?xGQoZO-
zW$XoS#s_k`N3(vB-}tTuF{#f_;=-YzR8)QSFmE}|+l0gA7!R(1M@ELqkEz%vOr@3o
zS<4J79QIQxbX8-OyJp^O%&$4UK5Pt(dmDsQ*ND9{mLh8p&!<rT!u~l6jHbktU9E<j
zJY0tn2SL};=Wh5t{~FrF55!8YtDBS*KlybU&y3>!N6YWDa5cf>jLp%QG6Vzj{u$<;
z$W$RsJc@!V^+i4I!~+|A7z)_U5YXuDjLi%)aoD;GRd{NK{12&C$8eNoF<}GLWzQ&Q
z8*h?i3S~TT>Gv!tvz&NIybO8R6t6MhEmYrBa7LM=0x08SODK(bWrbBmRMN$GqZ^pw
z>*FoPy^S*(BgaWtcA$xw%@%#*>9$E&6zQ&a5rBHyghqemjjae;Eh<BzBXLilE8nJe
z0Kb51Oa5jBBeOV)`0@A^ok3y)k`sF+c|zPd7N5v?q|%p4`+_=C@GIU;N!3Y}PBhL`
z7|et7AiFMJ2OumJAS{3#Ak5s1#T_6lKupc^(g2o7H>2+mN+Kvm0*#j0$X|C}AeM*^
zzfOcbok-#VNa|?JS0Thf-hRX*zJXHKXN1(^7=4`?v630ng#SLR0a$9>yDtIIa{?=%
zXNkk$8z`XyoDT5tEQ+FR!j(Xl?{|#PrN4GC&f-@HTDR}h%gJs}le21nyL}tyg2`PA
z*0&wYbeDc)9Mr36(ASl~gZ*?|Yu7*We@nthOw|4*pz`KU3Abhzf;lxvAB+Dg_%lc%
zUDOU0^<<&Lm=hT>EQ%#=0r4i>t_5R5tHew=d30sifEME>{Ab_&i(eQ<97rYzO|hCk
zZx^Iub9*9tXE&X6H~2@WAa4(_*xofh+fvAJ6HEU>UlNFA%pQamWzQgzeIQ~z8cWYb
z6Cx+nHPL~^cq{JOIp8%b&{buU8?3;A)-7faBF{$5cW`A=$r_U-Sk4fjQ<-@#Jq9Rx
z*B@KQk&t~xg(&+4X+dnOm7k7HYzbRs_JO|?QQLJZ|FicJ%K$|nHVPB_?yl^xe|$^0
zsn)R-xL^AART%O>v;?0)g#o)4LyaW8<`Q9&b@SSxD)Hxs^G~{Jnf6h{X0@%FRwV7r
z?*Mar90tVep7k?h$g)L^3oz(4kabYBm{(vHt-~GtGy*Cbrc9x4y-|3?GoE8;O{@YK
zm&@3A^RI(7o_n1?Em)YJ&JaMSgYFNVU*A1n=l70uueM(G=M{E;R6NFoM(DX5A6QTi
zJleJ>iO{uF`~=r(MJDf3ttmE6>Jn#Dr2HU}NWLqLI7HHteAC}(Wm4~}H8II1Cr!W!
zR0O07s$iHogmf$e0~X%$hyar(8Cgf(A%oemnIb8^GF<9M{`wtdwrxp|AY!|sK_Zp?
zQ?58q9{BDlzqXl(1B%M9U!v$p(b<_L?OxcN(vm)qs%u^etDz@SKq{Fp81-yVc>65F
z8pZ|9UNwCnKUN`#lxP6<RsafL=;l{B>5O<w(L)^F(O7v|!jc>dgo6k~yvRuKY&wzw
zTBx=l);wJ-djnZ^tTn)b8U*FCb=bs#rvaK{A+ju))=#2aHAvVi=!pKwy{DgIy&iud
zY_UYCm)%3@LipQ~-wIIAqs|m(H5@_oLQ`7V8qUOgJsx74KSNtGCu!UR3jMO*Wyw!(
z+-%If@o;eT8O{pUcS>lQ%jMb7=f(m}{3*<4p@;ezV!+$4TpH%V;<JF$-xzncTx<?^
zb!>6$BbqKy%(@I;I+xunU^F;hKrde&66E2R5U?JB0@q5F;YFw1;~;4f9-s_!k=~sv
zA#ghqXF_i{JJYIg%4D@G_O+J~*5|5m%2YS<KRalLHHn6!Un(cq=8qBLFze02c^fXN
zL<Mig&K)`=>D74~RFd0Q6@}BgayySOmEtZwA}Sf~L1;l-SIh3v<*$4jh1B}-cU8>i
zX>2{SeL4#wdJ-0keYA}ep@sPoTYkq_GlIeu6wyi^rX7cO`6rUVG;%@{|GB`R$87<q
zbq!F9R$G~Ze!l>j_1Hk%^fG?B!@Ao_A&??$Y@T$}&DCD5wC)l*dV)rJA42g2{!ais
z9Ei<|yx^Z{>@c1?6n2bz2QsGQBuNv$UZ<(sp(elViXaqIEsxNN^YNbmOnm;WzU%1a
z*`gzYmQW0G|8honsGEr2=;~DdneRkDzKF!sqCBHgl-4K26h&DVmUhGbnfyG}!-+!M
zV{)P2aR6U^0e3bV`tRiM<saYfZgZ**wegF(Y3Am1PI{q`&fwAjymEk0TB@i@pGL~Z
zg0x%$<*X%wf^KU`UA*|Y_fdRjWZ^1mKE)rn8QI51qDSy$*GFb@CXwCa)%RohrW&4f
z^6Lvq686tq3=P$A74#Q@p*eW?1`dP79j*{%uyK2%mT58f+<rlE`TQEyT?et+7B3NJ
zs4)(nY~s*2n>i`so7WfgUsd~!9m68*JxV)WzTcQRhT~emhh*fPd6@_=K%|y=ad~#e
zCw&pp+phAO2j}J#4dY;ROrY0~23>E?mH3tqb-Eg9p)qSr7HTRquSwq1NjN3W5Y6xq
zPyIxBbTTh_`dJSF#SRx{3Nyqx*DKiUkJQ<S-HvWdGG?4*MPe=^>uWTtL(nop4{`ZP
z&fuZ)#vdfrguAGgdsJE!wfE1)qMlBe=?W??zmJevR@;Z;NoRjzCdFU!MMxnC590P<
zOhZ0lQ&Hp<YsK=xzRyKb$H`H_d?79_0N&>uBo@NYyL2+N!yEKk69R#trJRdwdnp4R
zC0HmgOVj|lA!{^?%tA*n5AWc}_Pphv?zwkYYG<Uy!ZjruC-t@&Xpc53MN#I_z2d5g
z9N#jN5L@ic-^uk)U5SGb0Y6rW^5%yLs9-@EU_7_jP!9I6nDfV8zjR6rw_@xniHkJd
z*^l#-S5x=dN-_hPbaANy<$=Y0BLKds4IsR)01B2ffFHJA@@7rTc3xifZPIno#TP{{
zpe~6Si=LNiDAY5bNMVqXnY9y&(nk60pQ@mX&5up?i!~NM%v;~kmz+bR1hEOpWx<*`
zO=rrZ{@TX`S|)O<*=5>WQ1m#&7bW~YF#TJm8vQirf2h~}mYm$9ciyz9vPmF2rYCpe
zyOuIhH$+mmS<ZlL$yU3GkqxG`68u9;XUIA|`J5~pw#;f&qmN6;6tisz2jm^j_KKbl
zq>cHx7}=UynfCP$d&MS=RcNT==2GmpKhN>MGpm6L@kkX?)kP!}&x>;)9spAK*g*AP
z07&_(739C+uZ?DbWXun%bTerdq1VtwNkU$*G5bk5wqQ9FSMTq8?wywl7<`xruofA4
zc{8;fXPK-yd1KgmG1vMUDC#n-J*b;H!dGLV$$qp1FoNjj`%IkI>1n;cm;3JA?yIa;
z%s3J<r<dnF(s8Iw+G=O$1_H5B>4zd;gTBl4j(7sea~0<m>Xq>Nbc(^8<{^DL5t7=&
z)(%#lbdPRtqt%@0G0%}k`v}pF{3DFn{!E{YJKh~)LZuB$RQH;i$#7j`ad7iA=z`ht
zwuqKrWU~`QR8Fcvz;n(+;D;{hb+of>gd-$yN*tJ;rlk0dZ-2zyFcTl4*N4G;gj?`g
z+_fM0t7XS9^gMU<<)$d6mVGD?-*AGY+bL@WdV0K#fwNVyj6lClx6kc(Ecd?~yMeuc
z^+OmNIe7Y+T0Dxgb9EHrcbu7zZ*<*8#x4BGDa2q|*NwIF8a>wf>ra$&nFq}#K@&4C
zTy+wpW|WZMO%g1Zfa}stff>?sSKpY+6L{&wjn^QcOdo&)0MHp{)S!0?fXkJ_6=U!E
zei}hO%RAjzP7o-8zZQm=cxe;G^%HRABqAhVaoKu-;3VE&qJ`r;pU2-y?)iR#pb2ot
z6mw?qrF@(pR(&)#$#O8+UY(A;4t|k(_)XNE3Ui7#O?Y9nk0YILZC}*$)q1HX<3ald
zaiAK{cQ8V+dLoZ>3JTeX-PezJI9<B?DzD?tkT&3k%jrP+Bl;%f2F^gGBLq+HPF6ug
zrLOXZ9hu-sl`M<I(mVE$MS)$*!XZr62sm%`zAFIWr6Zt*jH`xbCYZ6~q}n_d+C(T2
z>mQ2mFX6f6JW~wfZv^WC1RqHw5Pa-G7;VLONg1b_q&YVvPtgNt?e@Tl#?i*YqbEFV
z;&t<Yp_xJS7`9x`;!AsQO7RdZTL_qB6a~w6lbJ<sSZ`Hhkc-6>MG=n-X5=A~3PXBM
z!uA;(Bm;Irk+U1aj4(wVZMQrEVgA`+<PP%dq*>%&`=oEIiX?XT&p_z@bt!*lUEou@
z4%)R)dxRawYTd@1nl^gPAx)yuP%h?`(V)hqp>8d3k9gAnv>KCItLgV@TYZ)IonQFp
zzJ18{>JP!A=s)bjSTt1~;Y}Eon_5+C`4y1WXdEZOFItsN<9oaFDL}17HRFnebENrt
z?1CFj{R>NX_Io=Ssk<>0{Io6&8#vE`L>{A?D9u@pYnr&AnFdpEY^WB=&19(`>&HUQ
zy(LK-iwa5qc_<r*h<kvCqTpeUeaMC?7NcvUCPfx87>FQ&E8bQprj4}9E%s<Y6Q+&q
zvj3oC!R<<)hP3PGOe<OXLtYQ<I=WtDRTGX%9gSxdUD6HX+5_6)L&chl*!dw=`q~AI
z4T<j1oXAWzJiJ-k2TT;4Frdq8q4(2She<KYj;y6~3HE+nG2sGaWrR~+8L|K;2WgWa
zLv9}8kvCm`vdH#3cBo^psc|PYKQ~rdNCyBG8=>^^R10hsT6mx{{E45`;mHj2bLL|b
z%&xGl<scT^p7iO^|51;|w2x!FrSM4u;MtwQmk;3WlB4z(e<n}mQuTU#6EKDbs2@8k
zx>q4RP~C=y>m>K`^8UD)1~nn?{I<OZsi?H!!5AethF`N(39G01qJh6Mz4Z0za;gFb
zEp`m3$|S--wCJ20W7JbzSEH^XHEUi#?-S~F#vcm@W*!&zG-{3)S0&Ljjs3=uKvy<#
zJ|0v-&!@M?C7eciR3OWXND4@6sY{n{9ob>w;-Vpxmc3PFosuRzo9PS(Y2{KEOj7jX
z22?y|7Al_}Op9Ur%Z=hwHn0})ka8XcR>Fe9?ITXbX~`pk4)Ml3jol}so@5G6Gm+M4
zqIka)OCp%rhMpD8Hhp3wv#leoWY1DpV!SyozLS_=VhjtL<Xha`yt{AU5Dl`bAu$Md
z_906{+r?*}^hL9~^#jh_tu~g>#QikpeVQhETXimt?Cq?<Rwe&)?`y22xEF6V@*!+6
zMVwx>{G{G;AwaD#v1n~gbEGwh!-_O_Zn(NqmbBo`%tf?r7%-Ctsf2I!?VN3JEjLN@
z;I?`=pAH-(KM}AI+6EKwYZ65@coL)xMk=K=Sl@x*<E>$4fELGtYkh9nn%{YOdzjUP
z3A9791z!b2PON5Ov579lca=ZlONaD2!^*p?Z&GA(@d@`9!kj23DTKl<jZRtdVacX3
z4nj8cSNo{rY@E!!IgoI9)V{TscW?z!_0oh6Xe}RJywNi+cSse8vd(hXKo`V(ULh+G
z8*J(2i?_ZdJ7OC5iub$K9}Uwl+_7J^Ohe@nS__hSE4m{ZiWovO-oUED13s#>i$USs
zwO?bWCN8wPqXBkC3XN~-%5Ip8V1FSnlC62Z;XIkKl5<WqKP06r@=28~SM^sYI<$D8
z+wpeh0_^11f}V+MTPoq-DUQ+WdCDAbk|TQ4eCrR^buFRt3wpb1gjk$O1=sVJpNUqb
z%Ry26H9=J%0M-2(2%4NkF{v-y^Nx~W-dLH=7+LXOZ!ji2gthK+lJ;mr#$Ep)ei_*$
zl<gu~a(LYeb;2?Jd->7Pg7FGZcF%1}?&WM*C|{g`tT%lStTLLWsMFHeX_Wd$0SO!0
zT)cL_UD1A(!`D@jl-*dZzAQ+TEAL<oy~B#Q*hHzJ5+q1)=`@1euJ}ML5k#mKpUKPK
zIA68y%~}cY&D1d$hOA32^cKZd3qhWRnrB3qFq{PleU|-`gwtpu;b*MacZ65hkJwSY
zdDezDYjRr7^#L~vO-hQ{z{A7iOD}FQ65TBjb{9&%Xx9_L_bZwwgtIUg(^OSm{oRk<
zlHD(xt2Dx|xiRcynbJsK9_EYnCx-=yuPA<LFo9x$TN~Y<o5=6nj??i;XBBr+7^*^J
z1w{K*PyuPlyb(dUM-DpeCcLf4C2!tA<(-id%(AXb<cG$COxSKR?@dvObhOxZgrKXd
zR?UHp#h*=ai<k1g?0!SF)fQDP^l0tzURAr@%y2D%Z<6z>{szgd1*ew#>q(LwE8O{H
zCH@-RKX1VI4xc|u`3*l^?^i#k%O5}9KEK!Cj|?rAh1jvx@ZY)$nvTYj_lm<N0^ZQ~
z6bhIP-WuREbl&5UM3KqcGjHiz_lw`W-2uv3fJl?@je@;uTT`vija!Mfcy3;G)vgM7
z30S>X^z=BbU%3`^+a-Y(pmlchvh01_Ry*^&RY~Q2d=+K`8;)8#n~3SRRPDpL0NHUN
zED00;%FcKvBq~(==sMFu2}3)#GQ7p9<5Q_#ujT2n>GvTfgblO*@zA;<Nb>nnyy>HH
zbIlSf@2hCVBZ4zs*nn)9lWs5cawU<tmB<t+hf>tUmxBd_oMcR~Xo+}Su#U(u3Jra;
zK)dn9Q4Fb6QXcX{9%z{8ZkW|mHrf{aglZRn6*GZIA<9-9eBD-AoRg{8&i(D$UhWJU
zN2Nl}>#MBjl2p6BDJHW9u9EBMo!UC0msD>>>I#8Hj=ch>QJE;Sh5FrBkFJYwU;;Yu
zk4d}Mb|G;+a9nzTJ6_9<T1b%kYc0OGDj86$NzGrgqST$b!)8k<Ay}i}T41s*aN9~z
zVB;z9K`2Vs>KZnibD+;=7zsodkTu*;{4yFYKW)-DE2|FM?%gtbL6*<Ch`B>hnX>Uf
zg5x)8vX}NZVpk3~!)ng)n%%B%7_NZl-CDKb7^7tcQQNhDKliTS;awL-M3N)&VFeaT
ze6MwN=)2dQZC<xrD?QkfnF_msa6fT$<Yf&WPj2J!gN#uZ6*K921A%1sEGg&`Qvs|9
z3A_<0qRRh$l<l29J+%AJU7Hv)Z6d3<(tob7nF$9+1KD+E$dkK>O_u(XGc>*AbFWG&
zj@=OkPpb2d-{50>lkatshJ(j8(aVCWCd&7_r>$6c#D^N}OzLpgqE4;UfWIhEx>*eF
zo~Xfa)sobiNXAs{?qrOhIX2ndq^$^qz15_{!5tifJ!JdpZ7l8Od|vv;%#AAbQCV0H
zDC<Dm7#1v)QCAiL6juMJp`GNicS>?VDj2mTR($fHP!8B&hI3B`oMX6DY?qY@V8=<e
zyu!4B@(6PK8ICEv{Oj&`n(CJQL%ZBtExFgWfec<&n*Z<V8kkql#V1bDN*@z!0z^Z~
z<{u%(EAgzrTfDaE&s*BOw{Ena;}OYB18XcO1SL4*2TO|Dege9L;)n$?P|+R+5pG5L
zY^Wt*6GATdOBt2_DGe<<df9n83yHL1I9XyI>2Jh+-L0dP|5%GSJ<4N>{hSaS@J^n$
zA!uJ=Q{FL&Uui}My-u4@B8*X++fmoWV9UXt{r)Ar)Z@|6&8j!zoI6=hUm>yG`VLQ>
z@0q`(j}IMeywiU7a^zg=^_Ok)KF<;jj5^HUHTGl>hk|hWQ;@&JyT9%$tq7uR_0WnD
zxRL#al(z$T9K6(>-pCWwe(=>dOI~BBvr6T&`uhHzcHcX&7JD)zft(_?*7I4}=x1#q
zAL11!O)Vm4{kJ7EB?xe;dJD=U1F1UdsXaoyb==-^O@n*2Q*Gz<>g7(c6;y=-!ltE;
z^pj}JGxi<$vP>uU8@0dW#H~)B6}S3tb9VTr=>!d5+=z128BassqmQENj-R#5b8xi|
zC?G29>cZz5AGGxL)vb>;q8eU6&)wX{TiJ5H3_{uU4$>ah+|wsG_zEs~p+$llL7(p1
z^lVb|MTk<OW5L;~%HkXAvRrDH;L@-x8rJDd5wsb%pIY|Ii0lc*bjL>ZW4Sv2d%apy
zy1sEWbOK%_Z<)Xq<fG4=sNf!X(Y6`4>{%AwZFroL?8(_w2@pAwvDN0V0uC#Tm;_nt
zC}m(rDoKnjt{zDC$bfLRxCbCCP9B6Z{)>U3P`)@t#j|7>C1<zLiVERLaBwVPz$^H9
ztuWk`V-t5v;y>dL^E+#4-s}6_{mP^vAjY;n<Z|tjJli*g5^lfz_eO|E?Z-yn%qP4F
zG90Vkj5Fi{1q=t5_*b0m6hLGoYO)^~X98LE)Bk`)2AE7Wu>Micutz47xQU#~R>|E2
zJjS1~0N9m4lPN?f{Yt{y)esqCyAEa+7vQ*;b&vb|dU;E#09(O;zWiA8xIN$9L3|Ki
zXC=yKqHcav?EI6b^A71DZjs7Q-1I9g*3N{Y;<>rUX5PLn^tcMnqU2;|?z@{`vFyV4
zv3}g{;Qs;UKpDTGMVNsFKIokXDm4HAN$*WPKx<%3i{+5twSuR_z246~*8H@fdEj@r
zQ^v`IMrrpQ_Eka6l+Cb531W(VT=uzXm9KFy1hRmh7>CeS)aKFwfb(IJ`8=59So8k|
zWksz$jCqwuLBN7g_$&%DpJj0nvSsG;Jo3}Xk4Kc1jf>3Z<09Q%OjA}QQ|A<AbuKp2
zHE}{Ik@GZ3A1V-s#d8I+Onc%xP0T~~_w{briOK=#a#1_;0it(ZVMB}WqS+P=-`Omi
zUDiC>{sLkIkeg5`q$AS(wh(`9G1aT?5zu$C8EK%OQ`4JlG(oE8At1+^{~xYNL@qoG
zMV<00Wo1&q3n2_ymc%7Xd0B`kDhiP}liI_j1%re?%oOR7E~bby-NgivrW=oW5gaqO
zUI^0s_;TYkKj?n0H0guzJ~YzI_$qb=CLl!&Yk+~z50fhmdO(v_AlAZ$6`a%w^vG`>
zEWpxQ4$dIAz8}?l`QhuAS4KzlnHXx|9tZiTSno;yp=~VnNXs|trZCmNmEtiZ7*G^g
zYLsoop-dsDLb)SS*Z52CL5dEcLFm;|MgiSoRDEF6^VP>_^Jgejpvj@F!r&)W3B3t<
zmF0CHGM1)k#-b>QSP}d3DU-!zQu911^2Du5d|Q>w24s$OF-?__9GX*9$&+h=yPME1
z2D;r>{tdXNzVq!K<VN1Erz>)IwM@PUfDY-0#t)VEt-NW)X-<ZBj?p{4aca<BO#p9!
zv{j@)%S~<hcc^x<@HR~)-vukJDbOV0$YN2i#h=JIrubd#L@qhw)mnilH!DR1W{inJ
z%!SYhPptz^x0s+2X3=?$Hh%)0r%|I!SA1nZ_+Hv*1VIkHW?p4kw9IN2rU6tlib}@Q
zq+mSAmVqC|`O<fSEyHDCD}dQx%aJaoDFBkhbBY2W$9MTM=w_x&s7n!$P`BqShDxXb
zYHaoP_o@cc9MO5PzXSh+fmFkHd<{AZ>KlGl|Ma>4CvaNo2&_tMKe+(-rVUgsl2X3_
zJy71MNbX^)jE{S1QNRXZIMa-#Dxd1rK|wdP@KzK;f?lKJ*+Dm&pe1Heh>kY@Kl|*U
z7oNmbn29)KbzTBDc$Kj{4-%H}vgAP;)toy48sRduRRu}o`Rk3L8@aj@<+t_f<i-2O
z(MA7~*BXNe)m}OJ&=A?(>N^Cu<fI67LA4)$dN?+~!756(``t>x{#&!v_yGB<ZwhAj
zyJpqw`Ct@9)ahb7^f+X+fNnBDW@c6TrbkvLEUy?`b1cg0kmW%tU(IDEuQ_$gxesk*
zA6g2$^n^n@j*S~Xw9Z1`6Amrae*DlnHh?&;R10~*^cC*<^Ll78@kLQ2=>xhj^a8vm
zc-ttyeGkI3y1<vDVod_u^ZH94=WbW~19kiV;+U=D(4P&Z!=`f%JvFj2+me`p!e&t%
z){uZ(uqsca!dCj)eduHR&{JrZCmj0ms?p<zp6WxFEFlm3xiC8C!WZ7_n=cDUDFdEn
zHTTo-61tnt3tX*Ql>h^oF7n7cC|^mpFnmnup*(u5UmRmOO`WrmTG({X2_{P@qcxEi
ztPb;vMR{DYJStOGX1Sl2+^-XNZL)Bg*e966T0G$dkMqinpJ1ww{zJ=`e6#+3^6OqZ
zIv797jvXLQEe$Kefa(CE^IxcY@z9#f$FY)M9KAcw>Dgc%Y&z$hlEr}in2Q*^W;~1l
z^&c}H3!epkm={%A6ia_Z)28-0r4R>CIH%*3X5;6S>SOXbr8*ctr;Z&!l}jAfQFgV?
z062L_HP!01(ZgS~9wrX&8N6h4qX~z129oAi$H;YB<gr*LO!%=pydvNXkS#380zkF|
z%h-1oa0!>0eR!z|^b-#6c!}8Y!%Ow?`$ta^55s(JRLMKy_@2uS<{ErKSSW8Dt==|3
zA`I#D?+&Y~Lzp2}a}Bt8aIgISkvOGiFip{oCY;h45Q<+NBL|7XRWSfo$roG(_13GL
zML__NhA{J&Bc?!ZpHh-iY5FN02M~;(QmT(9oKmWb@l#4uHtlyD59;Fdv3l!h{Qj-?
z`r0eZ<QMX&;^_tV-+N8-<*|Rg-T%e=LlGjI1Zdd|JXXXpJ_9pAH=1yaXJ7_?b&MQ@
z3UR{#awFelaE$9ZWxPrujGu;~?~b(jcF^9Z0(w^c#-CM@&)vjhO?LU_N+rsjx_hr2
z?Y{Ix=ciAwqvgm6CR=u4dm>!-*3q`}w*Rc@cD=7)>8gPIRhNFNa$m)tKy=_4A}dw8
zwmOt5AV$RM$)SJi0`*8AQd*43z=1CS^oQfFAvCB1>FcV`;l0BE9QN>60PA`GIKVSf
zKs7+&8Th|^XWlohT$mvo0CGkE^emtXjwxz$Cl{u$0y=VkTE@u5jLVomi(ZHxx!`HV
zfzUY5V<}^~A4!8Ii&$Lcd0G}>?uTw`+_$6IJ~h1=GDZenM`Vm@H!fpz%P|=vBk|;^
zc<X5OwUH-_Yc`vOrz;S9AE1ihj;Xss?qj(=paniCmO@C=Q@&3Jf#W8x9ugS4QB4p@
zK~cE3#%Xo4QM^3*=g1|bDlHsOyVdp?uNXpz744l#_*I?0XnV2Uh&`kN@{6wYtrkM{
z)4oELg8nW*Er@Nk&>8y8y-ER8)EiJ#2eJeow&mTf*<#sjJ+hhSh4%->+WR4ZvJ{GE
zw)cEHC>)^yypLC?t8EslBB$bS>6D3T`?7sy%4(@m5K7$tvD?>Gi@epC^VspLAShcY
zURYdNB1tH&4VHWl`BtZ=hFL{xtT?1L{veh1+WcYF8vj~9X+1qc!<`Ql@Mm!&(IdwR
z4+6*?tfPF%qC}b!ys9cDc*estEh|wt3DiR04%hossBeabqq-c^a5U@Cn1-WUj%he@
z`IMi5Z1J@*adD5|a>(e{qM*~H5n-pR%6&B9H)#bUyE_Cx%o$#2vUVu|4|qs_7)r9w
ze5FuxRLt((6F;coFxI3^y&ADY{AM+}rk}<mLDI1lE!pL;)(j>qNh`y!CS#30)LAB}
zkpp+y0rI1a(|h5qSKm|~GvDp+{&A2dj!8Y}@(sAxHtU1RDMSVR*k#^Db{2AFmV&@2
z(O%r!6wjyln!Wd1oxgy;Mx@h=_1fZEQMnM^hw4)wv_3}KYtZ6`ZnFP)_k)i|>6`N*
z2mUMqBYNa4@rxoTO6EsgKE8P(ZL7G-Se5gTS7qR5V&v6g$NYVFu>CB3Lv=Z(Z|J!F
zn7%nX;!n4H^ZIJxx$Ua4`6{X{D;<Zcykf{U8dwn^4_kP#s5`dNDN*p(SbhqtLIb6P
zfaixk?$n7rKj81r3;2^GM`2PdlQ3pw5ydPLv3z1D%aDaZ#7mKtr5}vkkaob|cSqXK
zI<ZujV<(ml+K-*sv%~$5T6&k(kt8Ggr~{2YM7Fs8Bw;c*2ZWkf6Nl>jfVw{~piYkL
zXQezue#(|XA`ev^6^us-XJH=lI;}%L4V+0-p>GG&{gFuaIfsg@wKsC8$Po7z?`q@;
zcI{|BezM3txT0(?ss-@ZmZqqv%_4w)lC87_q(<9y-g9New4FKjT9u<6{EzoiRVbFP
zxL1>&qI8+SRXgke@r{rO39mJ261?a}dU4^AOX(R$+OcIJ8Mk_)Nqydfy-ppj?&ZV*
zMA$ybSUDdw;LigMkR!(#&&wdqSzbl~i;5y)d9^HA631~8L`e~bBT{OE2K<p|{W(%f
zbvY)bWb}TTl%5S6p!a~3QmO@Yv<X2x78+$t-%oi1(FO5N$)c)2g7t{it3j8i9{kU+
z*+RY__9{nwwfznO<d!z|y*>l1I$%{9{Xke4UPHt_E7nxiKU6$Np@f%}l<VG)vz1RI
z(Y-BI2?}$s-u(49DeNs0(s%wCE!QKWd_JzipNFd;M~;(_M^%~1Cr28wC<9Rr0?sNw
zU*>+olO)RBqHN<T{1HIIIigH;IVQ>^z+svwpN*_|)N)|TQQd;n4uw^L^!2-3lOKb_
z(`GHQy&YPre*t!AC>mKjOuA5MI+Q_|kHpy!9cY0W(J7Why2P<}ns!U*9heQy5%1u~
zvOVl+0TnG)s&JHoPbrc}4Av-VJ|4h0X@DQz)IGNRtswN;(`qQ_%!|!?zc*CXSm~zS
zfWe{kgra@rYhk|UhQn8Efr?IczXBx!A9D>pl6ymNvqv9^<$Ez@oEG?U)Cx;ftDT~w
z)8F7|NoL5>^2Dznu=WPbsM7G=)fNsAQ26)!I+Xr8A6nzjgVvBEXEm>C5u_}wgfvC6
zuwWT4Lly@G=XsIF>2kyrv7t3SS%2+({Y7;-roTv(&oupYHnfIpISBb4)5egFTpDuo
zSm8lFC8jxIYLZkUrPysv2^ciTRXN<YkrLU};Ux57vt^aobpFE5efgBY7d3gba5_gR
zCRTM(7_=G;-=_ESZgqPHmc*COpKv8#zJ7YOFh%<ytkR+;z-42AS^r-Cov5We?zO-4
z*rdYH%uc)je)`iZv@N2Z)Vd3(*GgOJ^5Wjh!xoj$j;rd!NIbKVItKRA6dJ_$l(~{#
zsRHRH>ztQmbAalAkRxEtRu1s)%Z>N)ooJ-Us7&;|@xi^i@Lm(&2X^@Wumvr(s?}oE
zxj5mG*6LAqrpH&Y_Ur2pVD%2S%}@iW8$(|oCI+UsvM-dRgVBl?ja-7F`nD77RmCFX
zgoetiVz+<rz5y!WN*7%E3g;7OKcGI*4j4R!t?>M+QjS7X_yMu0DujT=ng~UFK6=cb
zhaMwGj&jbkWgf7qgj9$kuUJ+TDGQ4r;W1BAQE;~+w$WogSy%3SMf?nCGO~~N{8S~n
zYe$Q5J?z{9rFaRQOSSxC$M3ys@%@t~ztGGxx>%f)04cx~y0=vXrm2WzR(fu-ZAav*
z>yI3Z+&~`fF!w!F?J$w<qq((c;ym;<K|s^?rjJn?D5f}h{fjQxhDFz#H6>8z<JkOJ
z+&81mrzW9dvZ-LOc2+{VGK23xq@I$?jd{LIg)dkbffUz4%)rybsxS~zoOvk?DyI|&
zHh3<0e()UG<rAcs?1PkIvc;$rKWb^e2FY%(kpp=lZ-wt--P|j=>C%k7?|i+|#Ma=p
zfC#G<bH&;aoxc$eAH&)eC>#pjhO%~#jJVVtLr!j7B!YQ-E@RE7vo~l)7xgw(&!uKZ
z<ztfz_TxC`MeegW6d8;1WyZJ&GFD_!8HPntq?wxrDzMRR!Skct$S$8E6jUFyP@Ii;
zd(?6u6eM&{kspCu;}%#K6%*nQG&lD^FR7%UIIPxy;v8HFZMg&5jtj5Dp1vRO{&`5=
zcm=faJt2J`3LqrpeArSjkKbgh`E&{CxeF9u3^RqInWDC9nJSh=$qZRruE=W<ml5-q
zQ4aZ9OP2F2U_lv1X;dwjweNnH2R42xaKmkWU+wnbV3KO{+rGJX(w>lAy)jUgs}8E7
z9_SNtm98B9UMcD*LWa)9RMA`V`?b!Q#VVDDLe&l<{P=GjJzWcU0)o#COsuZ>0oH_g
zZD%Fke0Z(ULe_g8c>LjGwBG%pkgDrWbiB!)oZ@M_(zU406okxlf&Mxy&4#aUAU;|F
zCF4r@xOfR%46RD*@KiZGe!CMw6}0~YoMk)kRKgQ>uc(vu`t_dY7y1A5m>C_toF|W)
z8RoYyA6n&H95mL<EG@V^fhQJT`rmaI8(??ZDmW@Co!0tZ>J_bEl*I#fVut=`+R3e#
zuhkCS*7K9;NwxYhKU8-1^h_v2#Y%M*5@lJdM=d~I<u`5X2k&;>6moR%QLsTL+9!a@
zk|2j6zb&2dPd1sLVCUhq$dO~Lk;A1~?E6x$6*ZUvwW>2wrd3{6rJLp=uyI;}8>jUo
zy+-1*X6iMnU$<U68@oks3Fx)X2dNbtq0z`bz|+%u;EH;*{J|MkoUu~r`~uSY8LBlB
z8jBk0#ULW`0twsJ=J~2Q-74it>W~Ad8t$<)B*aWQ(vB{~`Pzf1iTq_ZE!D&CA9Z=0
zM{P_2%dWI1c(>ly{g`SvST4pnRD1#P-G$-^S?HigQ>>v9Xf0>?LwTt>`1@rK-9%)Y
z{BgYkaGTLBnEWdTetYwwxn2FK`LwR&HV6%i?*@a2uN8wS<pV}peLFn-nw1;wfGzyI
zu}QOGcPmk%pRECKDwaw;IZstX@4_>m=`)ww8NSo;7qTh(ZdRDetk26!c?Ms>1bR<1
zev#g8R3FC_?1U@?sM)t_Hwu8lp&F4?qN=`tT!yMys(FK$`hwn@t801G@0B+L1Ar=h
zX>%{T0^sm&zbe;VwCV+FHfh~9FCca4u-WR81@a)6?ca$t&gWi=(odetSghMMw75iH
z{QbUVa0$!X65N@3ADF@TG7IBNTmfW7OGk<!*=WKgFc11jjts;uP(+B;dErB~QO<at
z<xogOq)CzGsTlE+*wDwo4SjslB|t(RXI=tSzwS%mY&aynCEB<p^gdbDPyiBgFHQqv
zhRSx5)+hH_6%sc|g}v%H{)!;gN{b;_AEH#+=Yx@JaP~C2J-l%-L@Q^_)zep3iBqB7
z!7AY24x6Ewt&1b8MPGRT(Ht-W{X=)$ntj14&v=7ur8cv7Ng0p;aO3^YkFFnXZQtYQ
zOqXG)0(qk>g5>6sM5APj2`XY9kd++SU#b*ICh|OCQ6hXOvRJZ+S3FP4GOT<zIy$g{
ztbrTI`Xm)W0$69N2)eMLOGTWGYo)iOd;gNyIkGLXn7}Psh+!C4;U^wjg`TrQ-8;un
zKZ8W{{b;j8b=R96_8Uv_uDyKyH#9ni4{)&ubL5q(2G9Rgg_HXE18&4H9RJPa=V^2B
zC$NRAiRjR!icK04;@+xi@6iV78{Fu3E&NS~Z^ep;9rEV&-vDW6CUB$7OR&vMDwp!n
zDbp6*(<M}U+w~#+JydP(14T$(r(uDep{w8na(STgp!0703-6<<<^;wTW?aCpfYe!j
zN^LehvZsuRhX1fzwavC8%QLNSy6wR&f$`nel&X2C-~P<J{V(m8G^G=tTo#gUGC?WM
z!wr)o2Qe>#ATC)_M}kFulCiw5Drr6Qj7J4#Rl1d;jT;W!xZx)$MG`MOQz=sYx|QPD
zFk*U322Md&fd#q?^>)Szg#AkypJ}Sh0!Wjs4B%BtC`I>|Q`0jl@z8e8DAX0b=8^p?
zDTO}?_4;ac$tC^l-3mZ=aLif+0DrGT+PySn0P%8xB-c`ab<3vDs4Rr-5Ci4^Sw1r{
z*R;0~DTzIYc#Ui{L1yOxgvpVkGV$v&tXb)U%nF{cBFP2IATv=2%uIC4tPKzj+yLPx
z$t(#Bo+-0bziyd58!t?63CJvnE6S}B3K!oB+0o}6*zI7zuN$!H<;$am@)qLufjHE|
zOPvs6YB;D1JM32rW^aQ$GHVe1x9zX&#gUP6fz0PvxxK~e2CJ>{kMyfqX%v_Fk$Fp5
z{isLJ8jHglGf$4M*_0ZE!&?AI@AAv%Pde^icm3cStk)^f8P{y^I!*ickKU&nEEoBc
z_tJl5z=)WbH;4cr51uamQX;RTGVPSJM(zbXxoEc&(%=|p7UJ;wCm3{g;k^uAL3)EX
z(5bz)wu|3jc*0EO@hq*ku{7jfhOfLUwJMJJt?mYTpf%L`>l{$>?=Iy5`Lq?+CJM6w
z!kvz<qZNC|pKUE8vf1j)j2|Xya^V5oNa^doV&0&Bi-IwJ*M)fCP|D+iuWbYaD0d~e
z{%%!;jDabPVIysP8c(KnJPv?N3b3SE^Qr6L94bSy(S++@9^RT9Ij(q|C1K7=9&#4t
ziO;fpS+F2alCX@0zjW5j4Fel)9k}7vPr40AnDxxtfP`V|m>b~Qh%4c22sYWW4}T2q
z2Ku2(78^Bmo$s2pT!i<21F9L{Zbq-#uM*-0pn88_Yp1-of_^Q&@vhqS(KA|_awk1s
z8q&1CL#`Pp+{w$m#_D#O0fZ0vBL)vac-ytzgZe`2L4ApP?=VN>p^M!f8JoRsH7n@f
zwZn0^wF+yzh4PH;I>2)Wlg4mtAAc#EdvJw$pOu3jLJvQ<p<3@_&eXhhl8cGVn)t7>
zi)o~^CLO~2?|ugWDeMcDjwMLCU^t}P-Qt*t-#i(XA~fDp%Zk!1CaAl4sAh8HstUxi
ziYu0;eg&R>!KBJtvJ#@e5s$bZjf8t`RCC})H9tw;QC-c|cO-4+xV}3Z>P+v8+uctz
z^Zwkde`@b}DgNjGfRdVE0Q?X0em%l{{VU(x|HXSf%mD8e>Jf^Mgn`#OfT}Sc%E2@k
z5M!IomdS~2R*-kl6#!N2Sqns0JVKD@>Ql$Pb?Je7#BOZCrs?wDJ1;&MRNce3f6-n5
zEpzALtRYZ&r*d?4+TNpyw>m1zaWAzQB);?Y0pf`lDyqQ|SgK;mJ@3*WQ~}Ktv0DdN
z83cU?C=>&0wRgm%=E<`x)vHu&a$I=aU>YHzkIvyYB^ympN%Qzk$&u?S4D%?<SyuXx
z@s<@VFB8t<w5*FHilW$eKgdHHq8+*++D}nQWLGm)64@`!<8$q3HL8v1EjdP@oK{P8
zd!>O?=nkJc)|uDtt)4OOvjS1zPJM!c6ax1TgYU$XoE#ZWE7z$RvVW{4Y~Er=hz<S#
zkw{RPHanRHm#FV0ZK<kSnS{~>JdlN9ay4d-R6+{R0a`%($pL2CzxU+dy@j<YUgGxh
z1_&$B3BdJB8!8$?1VnF!nXH~C{03fm8?D_s49Qx*K`}#6P70iqUb)(phm9&^hweVD
zdrDwITnsivLtSu;F4Y7O#X3fz8tO&1-pj%24*PY}e3Shb&7YXl2l$o>kw32pr9^%)
zmr`<mX17ub=Mln^BPUtPi)9Kd%S9}og(7A=PnIkU!>F$6tSm>!ph6oWPfqU)r9`61
zXDX$qleS(vT8%5Ek@1f6aXWv%%h&JN9EG9Rz9LHz3>}AOs3@{#><$aEgUq8quHm^=
z+gv87s7xkm_ezu+X0?OLsC#j*UohOIXTf1tnbc3EaS;%w0<N}(QnG%m*%rD6tD26r
z1L)8?-UKzgRH}s-#v?Ak=G-;+JIt@`fMK1V=@AeYNOcDq`Q+AI4BdUi>(+!)oZnAP
z9o@3%B}DhA>isQV6*rKJ4aMvc`3C0f0g_f_Q!|TS#a^z`{Cvyrr4_nY*57BH5;&L|
zhSwjrd<j<<c1)^KQlGih==tdz;XKw^vRz$9c^Z@@3(HE{c5zWNo-R|Ch+Oa@DnvEH
zs~y@|6XEk^O^{v9Rik7PSf?62J8Od8l8Lq**<R@!BT=0gbq3L{Cl4GVjkP1*yu&~S
z6gcd#yKh<|0hgSIG;VMyR_V!p+)mBt^xr;gax8_tu7#;p+7dHXSO)@afAapfS@LJT
z2Tkeyi~s-q<o(K#2Sy#VQ(MqaWoROvR4~9FU^QNxQW96_pZlVGmljhaay(&>sry@~
zY^$gA@^4>m5KaS-@Lm7!X38($!N2!<NsV<JoBHtOM!EYizQ#0FPxndf&6T$Dw!sL^
zrS`Ml4{G_E2mOWj>!+_j|1{hWq;>ChMgCe2d?{CODQBsW(>M!%x%~RZTl1Y<fZ-e#
zSWHZ#W^^-jqv{{Ph>t&IAV1|P%(fg_8O7jw?bwX_TWsJ#?N3XGpy_>xFI7+~dUebr
z0fb)Gh^N3ma5wz~LAKxQtGK_0%cHyORK`kmBAEr!nIQGX_Mcc5g!!_2wM_ho8mXkB
zZZ{ZUv`$gerSl*zNs|$oq#Bg=K>`grZ?!}$>=K3Q(S*mqzHku+|L7OpLBS3_;Bip@
zJUkN%lrJ;69yA4kzCZ4;IA|}o{TFOC7Sww2^@sQIQ3~Zz`UGFC6?@?HxRnC;*gt)g
zMb-xdVQvG(blE-AEM=s^nSBJ|QCILZ6vK(PniqTA^ivzTk~$lx^icrV3IotRu%EC`
z&MAydHkx3c%*%cvN6zasj?&U+X_QnfD&vG@Nyb^~M^P9T)iST#;lI$%ehQy2`-$vo
zu6;uF>$XqM&VHh|WMH2dFbHj@&@;e<a{F325hc=(Ji_*%`Ub6~5GIehTnyhO#}}$~
zLmF;YD-wB9Rs4in>%`5h>Vb5@L6q6ns6xZZChuT<Ki*lFppNxp){s0YCb+l(r;^Ds
z>O*MwY?O0jwtlp<pj&Y-25J?5dNMmo?M&xmM^*o#L%+OujHS^C;UgR5r2n5#R_A2t
zkc}oNt9e;E<j7$a)nOc_tn{H|Xi}9dPnH2odFqQ=_)=ZD>)C~NmQMJ5Svq7_bCngD
z{^C?tXJ_fqTQc!6MYXpq_9MP9ZLlAU{r)8ColsxIsHdZb#554W-VND<(T*N+;7+#v
z>)J>2H)U^irZ@ifUK@1yJ5)<;m&t>PeXvwL{)<PfYu{Ge>O{w2?-<>8E2NPmpC|fZ
z>3t7Q*xVgV9}#Jf;R_uOiuWq+=%-fxqwHsx9<b8Y4m!-l#i<bMFOIW81K!Cd6I9T=
zEFf}Ze_2H$OJi2WQt?E76fmCVF{^_j5p^9#b>?Ql2<<GO@cFWU$gbw9AgW)t3OYLr
zXly*&6aM;Y%pFco!!nu%UWX^!PA+c!5!-3#6Mg;b+gDKH2VN}NO}}dG=bQWi{0+qE
zw>o<e2SB?(%c?eb>PZ%t#%B%Sub3AI*hdo&w4DGtn1`Mj_SiGyy}bJJ<<*3Q8O7qX
z6?^%dV;H8qv}bGEUrga`*}V`z3VPvP9d_VnfG{O&NXHstJnFU)w#AZiYHP{|1NpMR
ztf#ZF7RuPd&><p^)em~4u~d307NIkoUjGf9@N0S1D3pkt*mp?Po|HaxVmDMVnt>C8
zfl_9wSB66&^9iABsZ;5+_|DHS3g_h)ks}9T6y#NrvLMKO7KN#Np2lU#6jrP7GpT^x
z>ekLL3ZE~(i0q2aDY$a9vO${!7>jJ%Q-Tp1)saF(s7<nHLdPEjlo0~}kRh1p@*P*(
zNr~6=>;{?8>d_=EDk!O@%717e!L8alM0H*QIjp98*zZ-aUWEZa-n{?!9vb!<|Iw=j
zM<A2}R_=GJ!mb!#qu`|;u0eBld>*z<q(+dpM5i)Az!CG=b*nt&`@5#1(3RvyIP9bI
zlZ(Q6$wlPISyJ#Ilctd$#W{<Xegsv|LY9d*T;^q2RJof-A+(c=!skmaBD-=6EY)g?
zz*22T1=f*2L<lUIxzp}f8%+n`Z4aA5o?&Ui+cMLtYu(7N@pTZ=N+vy+=+v<54sp|i
z8cqD7zlA^Dz+r6-ju67`CR=1-{p?o0obC~bIZ!+}`;L}IyMimjF%Fgi691R$L#5L?
z%&m=cq@?kj><+Tg1bLj7-9e6=2T4+tC1*hz)hy!NXS}FGmRC|Nqo_>F%v}v6w9`An
z=S%M(yK>7T)oO}7o}IlxFPjudI?2S`pvr)hXJ6l3n0k&<2qrif@Y6X7CJ*=S0Qmu*
zZU%f%Ru0GTDgTrAhoX%1{H6E3z3Bd^P<{*VBj0@!du8{+zhBuoB7|U3Q*{c~`FRB4
zygUMOWIr#tUndodLqC>+C1RFE1!rMYMR693AQ+(o3GF<B@cHrx$gbRiMYWnDSZAjR
z(90h98!1*eviVJ)5ULmtbsVwo$i?V0`fmJdd^}2qGMVN0Qmr%+qtRJ}{RIZa>VCo-
zXnQ&bXrV}J)#I;Hy=%^Ouu%v92nnejXkKlUVyd)rW95h%LD%P=9*s%ef7BL`xjtlz
z2{JklSWk`|^MF@HP_j@2A&Y{fV8B+vN*+bRPx7Q532sI<us(V|U_IHDQ%1>F6J(TZ
zJ7$d1tETQgvW4P6SFEUt(^=Q*m@1cK&yUg*hjfScCO49AE$+U-6fpF+1t6th;!pW%
z!`j#883#Fv%}!pA@Gq(Wi6ZS%Pd|O_sg%pFVsj5<e4Q<;j)(e3gy9OTv1KNr()I>(
zIW3ap>Pe9#Ta1fjG!Irzj+_@&S`<s41$A1mD31lpfJ!TlM8J6%=RxLn=tMTGJbFG@
zIoXw4B&k+YL~@+toe)WK)uc$0RPaN=Ig*<aNa_a{${@Y8=Tt>6$&a3^-R_eRWokxW
zRSqtM@FC;l+ZK^I!(kP`QqM|115I$wet+tDtp3Z?o&;RL4xw6VX^Q#=ujdjjZcP+L
z$lp1TWU|o&5u67}CP%KMkuRdMV16Y^Cf|Sw%a>)yYT$zrMG+?4ZMjA^BsqFMNHW=#
zTLh_AQ$+A=*fG6qQU+;&FZw1_`7pRR_Qo9oz77K+IpOW}4)+yYAo|)M1dSTjblmQF
z36`YgRt1qBdOsgUS>X0!di;(7@<Bm;kaP(u5O!r7j|p3#(%ZVx#JBXCRc5`~o$>Wk
zV*7NKa<a(;p`C}*BS#ihT;@xt+f(_RMPU@md$Z(F717W0APD^|aSN@D(~F)Dr$=_>
z7Fw#+6rrWse(uX%5<=_5;(dAZ`cz$%w~lr{YY>-)g=nCK-ae+ckA1q|ugoRHzBbL8
zkW^xn(=Zk+SP1p67{G7uI6$%G#+f&0Z(y!egcy9L55})*UwSH*31Y<Iq5MM67Jk)x
ze-@p12FqonZ0SeG<R}sU<?q+;UwOM`Enf6d(5flhqaf%}S(2UDG<%`{hv}LV%oIPk
z+*K|6Uai>C{m)=t7T5(o2<(nA!W-)wwBAP12lYWD+ySO`;B;a=p<JkwLEGf#!|I}W
zusU+&EXYMzOIslDGx<zTvXt?qpR$w(MVv=*QSr#FTWnZe^n9>7vMaZ4p;}GREmYf4
zn|um#j?gYt)82Wzs=bd!W_nn=G1l+7s{RSr_L!%b98A6hx{h_Kw|)QW$ccUZ4(#c=
zS+C&*aCclP8ZYNcF<bNyw#kI|txBZ1@IX8O`&Ksh`iF9sSVYED(o*>{J?MWR@t6?s
z;;;Ccc-!C`{EIHPjG$Xs>I((L`Lvaq8_54(SgN3d>so|D)uA*@Yv2G^*+ARl%=Xr#
zrYgG$@-6m4r#(Ogo*jS-#f43sRw=igLM_{f!Y`;4A%aa>J5Q$CCR<EUNb^8;<j5kd
zLb1#u76oYnrKSp2luMt*MOg=aE+Rfch!NQ!yXg5qc4Sv>g+#TQqL4^p>rrFJL8nb9
zBB}+Uh`tKGY0uL_Bv`T6D5^ThF*|MhxZtRzVoc`H({zj~s&V1nAfc>URi6W=9vK$E
zW!35=tCLR~<yf#^E~>+$SI+s*8EWfj0Y4ws70rWnks}vzmZf<dvbYKY7NuDRT>48^
zBuSa1g^2UmO~Mt~u&(I&U|nQaZULVG>mu8ZyC9y7>!MqbOwb0c(Pba6`S$kUaM3#^
zg>f>|p(#tWzq2A_rgM}Z#J1`Se5e9U*bB-Vb%-p8eyzG#Tm=Yr<NkxU%n{_JBcW3B
zz?rF_AqL8!rer@GtWym6qAJ4H>l?+<r7N;qklC)KGz`Ase7mQVkDP){d4Q$#imH2%
zjX5Ey{iVhKe2`c)4<ts8oR(pj)M3H0AOOnIOt7r1e3m3><@@onsv~!0@yG^=Mb8Hk
zBfD~oKZzAO0XihK0Lk<`dd)k@rn?Y2O)^b(aILCsLFBlTwxjftOO<TL+ebz(p&f{^
zPP;hX<NXTR+=y@=T(dB%<GkN4>E+TS+cY}vj~@bL5rkib`V8iM(X~b$AXSchIvn7w
z(J|evAG(C)LLhO1G%7G1ym;vHfZktz@~|wiDukn>ept$~?X~AHe_Vstj;R_xzQ6f*
z@YiSzD;BrxmOm(8rXDP(IaYY9Nmk8Rs;p*55(*C*(Pe)FOE#`@(^VDrAV=U%aN7BC
z4n~e_G(jEB!^n{%=gValW)YTrOj%SGA(Ib`lKBbuE2s)q=e1iM*%-O#`7m;1S8jDg
zBCMvXBa&r!R2@ATDo3`^IXd_Kkex%$iuu8!2xUW(8E=We-@^N0xhZNnICvC#@_`9c
z(OzI3M1l8+_;WvuJRa3Qq%Qh%aB^g$3BolGCr6GPM7}hPN&%(xLTT!!1u)8mERB6$
z1ibWXK7zrqadOe~;pE7!+`>h2j!qXY8nsp)cC@+g#L7YNVgh20UNk;i4Oq_R|G$T)
zf7=dEIbN`Y*g1Eozt)UNkD<a!QS8`bK?DQ&b5U6P99q1-ADY7p%|isYAwr5w|AQ)k
z);(#Z#;L;0c7$_*T|yBnO$(z+2q4GiU^}2NYtbMB!7yJJ0v$|MozU|(<*i@B$5C}4
z`en$=`iJ*bly}=^-P}HCK7ogJFE-xGU%$S+c{SJ#T`NKD0HHC?p~EE`P0$$gP<!Oa
zNh18XiYf;1Jr-3(z<4ME76wUCL$N77!q6StsJ;04P<v!oPK`mfnyxV%1D~|&e|9aK
zx`*BKG{!TEPq?cXxceRk;&xgcklps3bTGT`(!Q15V=_nYFt^7yPPd~1$QFQ5gX{KE
zj_&s+9$~z0{mUI34`AjSji<d5NC^v#Y@VU!$5!kJp(B?^zQ@TH;}RFo1Lct;7gd-9
zCFhJ6DU?9>b9qN|`8@aYFevl7%&QTJvq5?B^MUfnuG|tw?$30II~SWrFP@Y;s>QW(
zG!LLQ-34sqkq|oP4p?_E;Ci6kggO5w$FhZ7K9?Ki59?!N#v@LN2sIg6M9v4z#q&UO
z<j6&lWy>(FSuB!*MRg&~SW(4n83KJ)8AYjZ^FG8jXfA#}&>Y#7TSQ3uvgsmnHg=9)
zJt-sfSolV4lvDy_8!f1gFoh5g2iIn^)A($t6@>=ga7#S3CkyY^q*AHi&7hDhW(b>{
z#2!U+>HFT#P`>JZw`wu%nEW@)r)1jlJVM_9u>{}KSJFAubY!CmA~z56MvfdLevt9h
zXZ5o7Syb{8vK9ra{VEn&7>FovM}cD-@)kcI<c;jgEpjCBoW-X@h}zkRH+t2o+!P^h
zPs6*t6WaiiqMnwsNDlG|%X%8dO&Ce`4K#0qJmt<?dTK->HVaN;ob3MLzC(#Y&(II}
znepwb9^op4y8$y)Oe%6tuE!~M=cB>md1x?lWDzA{7{n0^{VZnDlKZUigC#4fI0?C5
zW+HbxY+@S?7C#>vjO@xSb|i(`xY$um$HmTp1|vj{Ufdwn=;OyP-b=h3;8<}R#Dpaz
zZ^hmqjNtjy41AWr_9{P9D|UoPQj>sDcX}k{kJ;ep=-=GxXVaiku$&4ySrh}3F7JqP
zRx1u7jdFlBsdNr0q>A9@{a%v+H@k1GqN|70==(K)I2u+C)}v8=u5R&4eb+RQ+<$c^
z=OixVtb`|*^GyozZ(ly(3^rEna7vh;45K1jOpxSxFe-9nUWu{@q|I8D(Naos9W!3?
zfGwB#vX(+#_@z7dKel01@$<o`$gbWt2My>Ygqg%&N&Q@c)`l{OP-cdZXd1soI#L`k
zD#r~v4y6Jq>hCVRk<=AM$R;@ti<AcV!T`>+*7V~5$HK3pE7Ti7)PYA}+d^TK1E2ni
zydAnpFFboV9k>Lj1ze^-8eB&EQ(q@o6^4LX-WT2<$UtB%R2Ace#4)L!9u{i$-vpK`
z0^h4VzAGGhK=EN=C!o2sNLH1qRR*Gd67cmH>@`^rP`geikC06!D1v!#D{|y4O0qJJ
zIZM;HWKkjn<8hI(gjZP>MWqM}chY5S!>!`ygIkeZjVb~Xr!`R#Q0>RBb_c-8p$~{w
zr-2UyYfq1p>PfXM?hZn4Q1b;!R=lFMv;jH3Je^$iXlto{2B*f=xGQ6qcXhW_&NRHl
zrPT9w$oHdQSh}c%;VA4lo7K}=TK#u?S7{!tS_f-e@1^PS-RIvr$CVW4ZS%^e3+e#Y
z<=(1McmP!R5u)^^Cgz6<WVd&yWM2IIr+fzh6=VBi;l0r12mX*2iPUWHH`h=}8r%->
zC$TRtUMX$XYxFPIpZlWM-JC0gc<*|v&8*-RV#`{M>Zd+Hr+X3K@k7X;%KtSgR4411
zPhqH85gkY9x2KbikxeG(w|RIna^y(lS(L}p&<RUv=<qsVoX0sZvxZ?F^Dy9U(y`da
zlf}=6CnLKW)o&yaZK8fVmwSv}Jo$2=*SPBqfuW_dFknlIp~b4%4nHBZ84b|e)~ns7
zFS6Wgj1J?}W4f(+@z$^_El~$}inRNtQ5J^c0@Ut^zVHXPs(qQ{bHgMLqW2F_Vwk$}
zx*K<;9#561xm0{cJy5bqt(AU*oR6)F=V7bJk&7@ZvNSFj_sg0^!7^ezU-~TMu@qJj
zrBPM5MbpMs#m|SWBD)$DO%jwfQ8drSR?({`Ws_dyPTS=!$wZtW=4lsPuBn8_x+1Y8
zq?6nlM3*QEGI%X?Jj0b$*FobH7bvF+h$$tr0fb1$$O4mL{bcz1wvlGb-G;Q^pIow>
zY%xKG=0T{)k;|gWk}TlTUN5Bi4ycH{t~m3nq7JJPi2O!kPd0=qem)2l+102Fkuao*
zGDNi>mmw#LiZtKpg_3dvKp_<)g#havmu4S6IOPqs^};|tM0aHPmKyHsz!=0HAk7H4
z7Q{l`Kp6jeA%}k0mUp{mYZ537m{(O2H;v?j{%0uet=PozQEZ^fU_V1YQU;+WQoDkG
z;akxh+O;(LKk{!H(+F4$BhX;98<uc+f$EYh-Sud>5(s%c2g5`*njo_CFihmgMVJQC
zBF$NpM<I)1sG}S5oC$wf*GU+~b>L2^PHYTQ@_ZO3va2zXB^yo@S+czw^++#$G_RU$
zdMdHOlHNum<q_ovNL^2p5XfiT_3L*E$Y*8Zc6`y8AR#ab60?d<3%6@UJ<m!9$UyTH
z?mC<fjH8BzP&Aft&>!8R%l6&@Q?8z@O?caT?x-nWc-M_$K2xvAk}I*+9pIZ<wnc3Q
z{yzK*E!OSnv9Mg@t_4b`4r!uOsJm`3aYFPRX&WA=hwt^18DEBY+x&x0#UM-pa^LBv
zF4<&Uu_W`LTI9&mo{oxCRLn1{3KWZAJSZzxW>r+haZ&owh+?s!TFLW4waBhU6$^>+
zny6ULuE0&N9xIGMagm?5`yD6L3)PzN-aQgftFD+XOaWkH%f+S-y%pku*?8}-y}f*9
zQgL;1UW!=_o$Tw?W`#l@FPEn#W~U_?Mj4&bfTdl*t8`*oFTwT_CL8JX^(#G5l{Tpc
z)x8=6r1D<2LLB94L%a?L($4u;Di7ln@{<zwbGX{bMiaz+9_)-9IZyqvjCjNfzlPK#
zKVbP%ESb-%Jjs?>y<C=VakpV-$@9U^$gW1koy4n66!)`XXY}f+=QG)2T*TX6P#(z_
zA-Cl8>|VhcjzsvtL;`-QQ{u~8yHYNeB0Ci8ReNWm?Y&iD<rw^=vY$+zA?g4KyjRLx
z(p^}On0Pr%w?HqRH5;5KC7{%5$%i@FVuEzeL#UA>*F3L-ERR`~hVn8F^Mdgr6D;O&
zS?58S)+5E;6C0tHJRd@h>}pgxNod<d={&nmD!uwiRN!Ru(~vcju3Vq=QB#&XxvPew
z(OggZS|@r36S)*hImq`il=s{BJZ&hNItR(NySq}R-fDv|7`Y}$R%$gH+pggolxUrh
z+&1fj@;|@dDlS#E`mWk(U;JIl@|{@UA62Qw$9z}7gPDn8y;8LMHwcY`d2UsCW&KXV
zUmQ=zPIAUl+24-}DdOY7qJn6&7J=1WfAMsUL(0)dej8e!oDaQA=0Wesk;AO;b6zBD
znLw^&p3B=l%p(@Z`7+DG+)u>FZEr*GlIMfokzI}I6B5=oQJ<U*!J}92a`cg{z8tm)
zNJDS9jj2OcpGP5c^qhCq0!)qK7D|h{KtAN~ziD3uTE;pxO39IYymQbWJM@p=%h$Uq
zs}5rt0F7211}dZ9&HT|iE~F`sE<Ntam8>?04d}`mKmy9whzf1jREN?;!Mea0T>b+D
z;LD8-VSh!4?bC~bl1(Pa?L43zIkND5Kd6d|r3GKI$PWa|3n{mvPQ)@wt3dD(JHQ6o
zCC>-6BfA=v+nGQ+vi-On;KbXx9ez~P-{Dj|C|YBA%bJ3Z_#o|>!^QUdYS(OO#5&c#
zi@gL;HE^@{)L@DTN$(=^9I0s>(<7eXCHG!i6ho?&3Q)^I@0xYhYL-`6(N^q1UoG%i
zeb|eh=L9v8qEoflJ}8n8a#I}=dOiX!nTLQQN0wJ<;g?mys-TwUdIUMeX_7M$@+9|#
zyj(Lk<4|HF;F9M<z>!^zO6W`k9NB*SW_>d67};V#EO=B{8vW1Olm@65A(JG4sW-Qg
zWDLM!rZ*k&8qx?tnGo<u*<2k14#J6L0>~NBmgxD2s$?FbiX6Gj<-aAVU_K(MmT|)J
zsPLJ{qnJl=o`tD9_bRawRmt-qs>rTJ<z*(KiflhFFHVLo(h{Xw{nk}-QkJDu`hcFW
zGZtT$r8LV_9mHSNJ#czm?;PX&Ax%c4!IQU`s)D>0L|#=lu$d7`-04}EqN^G<YD%zT
z;A<eC^{UkUU83C#*OpZ&vJ+S1J_ZV4ol4R(7*aH#l<Ynkaz(b7AiMJ*SLDb=l=3hS
zIa_8+sCt#kyDmy|CLfn^niYY3VvdA}Y{*see2^=$t5Mk{aYgGDB6wAH?r%iU_1e+H
zxb!|5bVavNESnu#*HB=t@g~|L>Z(Ee5UFAyr%FMl6h4~rO1Usz8e4g<Rht4nK1!49
z8LkxZjUnCH@IUbpXhTl6rK-QKEYD`o*LoeDzq`A6ZF?2Uwd>!(x_Up4UYi{2p_6|K
z=&mU{y9f3$hc+S9=P+rJjV8$TJQx@`a#7?y55o$o^>7x6pkzGDd={q5q)y9aS&Y!s
zB{mE!c|I5z+103AlQ6K!a(y-sj9&l1-~98R@S<zKH28%2{qwJc%#*z-X%c@*Ll>TH
zhE%d#iBlp&h`0+6Hs}$Va@*#xD}^<vMtgu}LEJ=7-JyhCr&1|v7d*Um?+2FGIASxd
z5iZ>TVP@BF&t`=rl*$R*nyqWLOzz!gB}XvtO;fr{&v0R0sUQw^=@7WDn=KvzB<`2{
zjxFUN!w=F;WiUWbE!20UoZAp#-(#AEH3=Y7*p?4H`Olzky>_xgZ8N(JfTke_tqq)?
z4})SML%sLr>iWwuU!b8GD>T(mS9ZQV`l33`gVJs1;N{3h6Li}=yc{_)AX|CBBUV@3
z2hOjW<yDz8fVP%tndW}w_I#%{UM_t;yd2rpm~JB*PS$N?52Lz`UO#2CkS#R93f{CO
z&K!*Jt~v-hv(#VHNgJ-|7=~Q#edqEPmvRJFM&D!Wy{!2j9N4QZ&~p~AH0d^)O8{!M
ztOcmM2|FVjX<`*9QC)tzk%kWZzt`Jp*Q}~n7y6ScCmJ{OxJno6!IgZ=XM;R29VXUL
z>0(m4c@z<%Nv@iFOOP$b<uaWIHzP;J64!AOvpg3ui{h+cJWMO#?2e7s+bx$i+$?=Q
zxEa~is9ch8v&nKv^)N1%PbLQ=TR=RD%lqjH#Gwo9$ZLb`8>VQY2ez@HGvOuTzRbO=
zuRcO<NoF#<px`~BX(@3q6R~X<oodjDo%V}EJp#bmNAxH6w$e_(T0Qd1_w!wNcR20i
z*9nH(AS=Cr$9(UZ(Ad)rT=1|fmNQ>U`#~4|IDO83?srK8dz#$~RXq$NY{PsQ)rVeL
zpMBfER4%+X;-Qf{;Kxf{_(N{-;?Wm@Jt!1>Uaz0hB-D4HUGQX+394isl#Lu2JnvBv
z<Sb2c!J?2Sz_Oh&aJ?IMqg$2OP`32>ploDUqpF02vQ1VcR1a=YJiT~QkB}|Y`vm<0
znpk0&xm;_j8BZ@Fx(Gi6ImDnlfPrWa!umn+ycB)OFt93=sP!Oka4xPF3WBEVW?d>|
z84v;Ymwz_|--#gvXYiX2>Q2?~LAYyw<y&%1NavH0Y-EcG!Z{DgMvfd7VFIW%mh!S-
zk%%(J3%K#iD$VOaWNGRyFPhp&w)FXsY-CrX!bw&b6<hfVJN44OcC;G5+a35dLMEve
zR#a@OJ%IM5(+=OKR%I%@iB4mp-??X~VBv5Tt1<c)^}-(MF(e%Pn5xOb%CENh4e(W6
zt^vD+L{Zy4+9x>aJNfpt6SLvHOo<sad&ebsKEf-Vhwvgtjsg(}b(FHeuW}XzSqX0W
zf>m+gizwnj&fSzusg3YTpAX?hb~P$zWVKDFoRK)IF?<NUW>U_^>uYYrp36n@A?i?-
z!A2<{B+4-t#aE=t&ve~e1+`Q@BzFE6Rm>7`pv|sFfaoxo{EJ)B-0t}O-NS{H#vc%E
zTXb!#LN$ic(CCRDnDJrBFI<hdL^5%LT$0P7L^hfrX!9Uh<j4iD!W8NX#9>*oC@lrc
zs+2R%i!e_8D9X8;cObPPS?TjZvdFGR1&ypC=@hiHfmrmKCjqj_=86kIZQMT&&7QY5
z4}d~uf%MryU<d$ftP}c#jDQ&Mp))`>GLz%6Ab`E_M4uJC!g3SJV+$w}%@xYv7p?v|
zOihaA7LI{za-tm53e8SZ?4DfJk!&$R=H`K{$dR*U99Efp++}$MGFOBwFGL`pc|1t#
zl;<LM)5xbb$SQq4kQLe0d(fJvCE&_6gQJiLA$n(5cBBU$ik>`R&J;zmpDXpqk#8-)
zQ0y@W_jpm>wY15kpk1jdCTnopyu7|@U-e~GU;?(MMVWafh&>Y2q8EAX$zl3Y)O)Uf
zq`e$WTmGzn-@X3ZE2}hf7uV4V3$48SZf~)G+g8u<s0PfD7}rE)HSlg-Lnq=^#dClb
z@%m~I)X|unJzsx=|AiG{cOO1@<=tux&u!RVU{r*}PYh$h2e9L2!vK>ZK<o=pV|E$t
z7Nu6GJ$Bya=fly`d2lpx<kFA0;Hh9qEHV~VIcGUn1?xo;g-NkYL$_wJ;b`ge!O_UB
zMl=gKgK3)OTy`&dTu>}7O+upQv?l4V&`-ai=pJj6sj+Tqq|+elFDIQhye|zYX9HfN
zKANkNCWpVcTgh$Pm3I$@gYVOCJuU~*C_4gUQ(@8+x*kAQDF`*Wc}^)jA6S;o1D25^
zCsh&0b)2$10bp4eMvPZ=&dM?fBR{K(#CNATq&BcDeLi3r+0}>?k~5elg;euVDRe-}
z+)_AFDpB9q?>>KOhh+H{#Ng9!RwxMW!d^6n`0M(xEft0VS?>vHC1!M5TCa{uAF2!Y
zz5z0CWosAmb^7hHUcr4RkEndVuJ($$yw=N7P!<qSEt^;kb>I*q<?tLJ7};oo9L@uR
zkt3&mki^TVV1V?5wBwNRWwvBtkOp~_<^c3`%b^VfOP>!2Ms_tKhvW>V$syHzR1TdG
zFqa(Cr6Wx-aFbixMJ0N!n&KdjH&AMId3^F@OFQo4zk5)$46If{*vRdzN$VYjhO0W~
z6&3P$H0vi#)=rI}@Yd!Z9y4(hqIwRliEK1MROjKE$dQ8}NO&ef7B6|kB3_0pE2@ME
z;m6B34wtd-#%yLbt|@yyToc)qTU6;8OcGVHxjWuTkE${#oWe>r?o3yCs#oX}RY6Wu
z&=ZpwPL(D7dm~RX5Z$S}NIm3Ei!8m(rvy<WB05vLpV(kdn42rVvo$SslbWK2Hpi^L
z#QC-s)~SO(ofg%J)cEAmTp~&~8W+)Q9>j?pIgHY(jFTmUVpA;g>zYBTAoJs@3hHGQ
zi_}dXo!Jnl?D-&0WLG01O3q-Kh*Hf*MAXTp<q}U4kJX8%y2*L~LjRVu<M~62_jbp(
z`@R$}Bo7Q8p9EhXICsCies?Nc{T)5m)7I|m@6D=G6T#FAH4}qjkazL6-2)*fFzmg)
z*4PRSkXCcURELeejUV0cSIRjgXZ-T@^%c71rf_mm)-m}Zobr4=&M2FQGa^S0s>l~%
z;xoT2ftja}uT)4~jQnLKZRI%QnHx%+**K%@`EW*LS0nOF&S086p9e9bM;*AJaTh)}
z^0Yp<rF^7-BNn1)cDKCatG(xK`=i-afS6nD^xxq?3X)_TG3X5~9_&KjN6uM7mdUSC
z5BoY6yO+RgXLS$vxH7H*j>vai6n2nZ+?O7Ps~To#u5|R|qSn~zsPIu?@t1v?#j8%g
zX$Z!J_aDtcfvWBr?R)R4`fybZ2-E+2vj)OlI{Sa!+`_%D{s8+x1ixW{nUrr||C`Oc
zr?MuF`%tCS4Vj>^G){dnBpec$hY3sGd*RZn_=D{CMw%mQzJvS-D-=GQk_{7`GKxl{
zzP>hhhMfB+>rhES{cS6sKrcW2_DZb`NmaWq0kOr!kOd7Qe~PyOOBE1<TllrrRvl(J
z2|F@^j*c})#Hg;XJLs^fby51GkH6Bo!5k{<;1r^6bT*tx)a$yFU06rMl#s(iqo`lD
zQs`t~)b5xMhIJC4x-XK;&?4DvA0HC(q_y}TI{*-qa34}UX}AyBWWrrE4^~Hx90XZj
zgz~*t#A(T*x=dIeM+x(V&qEPLamd|qi_C`AWzPqzBfA>8i^v&FyNk|dhoc7`GcU=8
zUG3c)FxPe`BNn3FUusoiqHjQj{;)08OYE_|MO-%2EG!Y#E*OOMxGg?y?=`(qXS_W(
zCJXK*Ry2Jmb}LMpE7#4T8r-j~RDdU}MO~l-w8IuCmHP<jiF>fKC<zgMI%1D(GC_pr
zA@<0TW8cq<Iuk6b<BUad1k5p2&Pq}GNm5qJG;lM=WHw?idp^V-+0}>$lK`(NXZhOE
z!H7ZW<YVjeZ5^WQD3Pj#$2Q#1U{Xcwr!W=&RqP5Oe+FRGJJ>+|Hf&D5s{U8A0**$*
zrASCU`GtlirZymzjj$68!Rzg6FFL?&E9cU}*&p@bzI;4ca&4M|V`!(Mfyvivd3*t_
zi1<b07S>daLw;!Wu2n|3);Rc7*Om+BIRgaPY&HA4-a8w5(YdY^a38c^m!c$p&6=9E
zSep$JZj`Podt3^ofX=}(l8q*)pm|tEa%7RFX<fyFl`#}TuM$v3JZE(o_{$>8L>Rj3
zzhpL+F?&8NBiYr63ZgNIeN{d}`J4@Bq?e68WQ0=P9E!HwtxO#vmoB2Kv66J{oe9yG
zJVGO)gEK*8q}G~(u3Jnf7jgy$H#O+Wj1Bp$=oqsrKs<rUeW7Jv#a=OQS05N7ulVm`
zg<JsL&l;o=(r~7J^f43c*sM9N%#VKsjx|p6fsi}ruuIMdTW0gXmgLAuDT+9XLKgc$
z%%VI9SRO?{7+Vxcki}uj-9g~Y23uy&2eu@;8c_-~T5?n=P)$cH5+};iCH(YM(U~<!
zro&f#_lh4e7@qbObSi;eT2;ZLo7%p8D?3|Pr4tRWeC6W+_tAy-S&?d4#CLiW%i3u@
zSeb0u2Yl_gu8AWJwn2rYhGm^CFF@DN6`D1B6CJ+rt~7z>+9n>cR`>Ev@CNk4n?OE^
zxGqQ4%^7lWkJ<dN09MBsCim*p3gvw6_WS$xr^`#ZBfIUz#^{|3X?b08_#l^B^)bzR
zeJPE%-gf(c_q=HTC#Ej1|D_v(nWMnEu_!h5^wO+klL=~S9&(c$xrm_1W9G9oj#CzK
zzh>D|YOOE~xbXA5ilPy3yp7z<o)5W6b~U1=sAdz?6xDP@O`VI`q#LT7U&u=alD^*e
zc}$;2fWF9%RiP(DL3ge`GzT~yo{8b9_vi|J0myHVRP76q*Zhss<zXDJJ=p+)G*2Cj
zg(lkRCW((83%#x1F}<2uXvMh^eB1Vv2fafR?5(ci9_XEZ6>0$|)~;9*VPOmWtu=@8
z=t(Pob=6bEStAYJS`Qv(nVEXGYR}-CJ|6rD6C^f#F|q|{&i>$<R_T;g+>m|im+5g0
zLyV!c_+ai*MlTd$9-Nf!K0Gm)0@vGLTrLf(B7l=`w?e2RR6~6F6+@`+b3ngjqX`Op
z9_W`Gxy}ne@_EMcj7vK+l+VySOywU_k@_W1E1tR&=`tJin>`=sm+Wdpfzue;Q3Xyn
z9eaG9i}<A%S$j8F8-(3}P4#K(y}Y^k^h!nKEET>OGv&0?skd7Qo$pvdFL-haTASzx
z;G-AaTVXiREN8V;0B>(z5wE+)FVV+dEX?)UE3R70HP&&&_7Ob$cI(;Kbs(3tWub<l
zzJ=c2NabwU^W@_f-|^CVhA7vnmWpU6c=h0!fUW^V%I9|jtFU5%i_;a&EKV7z%6BkF
z6|9pZAJOFf9Uk>2QyKPt1&n>rx7ry(Go1s2CL2xAO!HvS<j8TI*GabItl&#&T1G+6
zilR=XdaBZ8>c@#+yLoOi8wQ;{9}Jr8YD6<p%_e9js_BSnIZ_PSt(xdDJHjMQKYN@h
zV_dihq@;P{$Pu8lvi3e357KFvh8jnEoEP3N%B<^r(2HsMMmzgm#;5A<)NAvE&Rq<6
z=Z<aeo`!NV<vh7jj;G@JSm|sYR+=1H@H`2)AFG;2QBrZn)3Rh?9)v-X6hRQX-Q2m2
zmCm0JD@}IgmS?irxI8<Wj#wJ>vPUcpvf&#AGttj5GT{7LO4YTz#PxNwAj&9MC!e6H
zAt!RB*%(`~u9+%aQql7N=(RFM)D?`{^gX)R)6z&TfXwA5TZ{{1J`WX5j-1pH_mkLX
zMFn++g?s?;C`(yci6Y7pzbHeu*`M2}==}Lm(PUR2<vUS+dBbx4v8!xDNGI8ktKqey
z;aIv6y$K*Ldirh|rFwvx5RWr;cm<gP(p*$;Uz4xXTI4o{mCg1C6JqI@y&1A~5BYw(
zKWvp>_>s82`~1lm*~&N5H&s@0NAw8Z5dnJy`GPtKELQ>*DAtOPcHrDLYy8Q32Mju^
z5?%;vOsdd~KS&9%@NUW-I891^kG8d3(q1uGEszlJ=1$(?_Z&*XLw<x-5jyB4)yp3o
z$b>l7xVVt2f=GgTlmInETmJg#>(4)R@%B3ot8cyL$F|Q`HXB3O0_1n1wa@t&?tC7G
zn;bcgqdX3xf`ti`pQ(M$vOIw5s$t2~td6U~ooSrg81DS}Fx+HUPt`tTKV#a5YB;KW
zoPchy_4N`6)k8IhsyUBS;g5u{FEi$$ZV<Nw<t#bOpi&g4yGPbmaDwP}IOxMQFHvo%
zpIJE|P~UXW5wBI=@e0zB2eh?TWmNCx>gwa=&DAHlXG*1AUfI2<Pbf8cPeX5Nu~M-f
za@n-do)31-=Yd_xk;5>IYTyI#%OI5RaX({Ok;E*>;vmVRXjw!fCW8%j&7TkKN_O>B
zp(Xnn6I!a_sL(oLuWo@IEr_hI<IaCHkl&4KN$(up|6!x&k0T3e$OXvo;K}<K=GKd=
zLero8=tGic^1c1|iH)^n&~xY51Y50;H5tvn{OiB?QTmtea)&==f9ZnQ*8?<w@fK1c
z@Aq31HNznWE?m2C&XFe*ib~?s(3BQY#iLmVv~$F>H)3<SQo5`L8anhLuG`BW>UqVE
zBHiklWY>3n&feLuXZc+ywMh!3!;?uinxHx7VT{R<laMd7Lij9ME+ZBd5qLiGg4JOV
z<~8TS_uXj%xs5T-pATb9cJ)-vN%k|QInU+^rFQ{T=arQ2DOL~JNna#u=(_{heMeml
zK}rS{XJMZ@@uW;2YAgtEm`>2V>0ev&_40$2FrJBr0%G~TV=y&g2cQCNydRoFAKB)y
z6!o20?FK+xWfCEmkx5NB=+e`JDL@dqyc5-74MqQ21r>(eH!Lm-$Ex5h#(=%gf`3!R
z`|6tE9}2h@R3)?n@Nh%V!UOa#bk#NNtB&azs^r<L&%a?cYSRvL@msGt;A!jz(S1vG
z^xbe-n3~p)IyOs}Ps0P&Ns|vTsSJ9Y=7Ugimd|o4F;S|wA;Eo3si$-B$7G`k>S-SS
zm>fCv!>q`HCG(d-$s*w=tPr96qew)S0;91QQBOAhIDbC;G1=8q)f3szn0g|qMdkS*
z^pX>YJXJ5z<LXpD1yKR}NgneX6iq4G&9;M)oIcJ(^p_m3>-kgP^IAwn2$(`m!-)C>
zvIEfM!r-v3Pon6Y4!f<++&orB23oAy*IMtTl+jm;lLJfe$TkleGjk_4z0SgN_p0N%
zM#1iW{zBt7pw%FMwnN-dyLE4N3;tW~l^nHG^)|ncI>!q52fzK?{1CgFJ1F9HvTqF8
z_m{>G`TdO7ic&03W{V|TOwcOx0L<jbaa<>UPzzQEe$1kJSuvi+iBvKot*SgJ%EFBd
z%xwU3{(Jytva6?R6|$c(twPea(pqI?&PSR0ozI8p@vWoB?)?a7eF!)JT_Z(_SM07S
zy^SdE_;%H9&^ov~K-l-kwpTij9-V~lp(gU;gz|Y|8%OO1{v9A_P}bD0F`$i=dw5ti
zhZg^$xxbeZJ$wZhIBB6U8oFoMF|jh#G4M;pR)Tc^J9l`qQxG}%dX$z4I*$i9Ki-uL
zR5{h~h=bk%-J^6R7)UA$yw{WZZF}gra(gpS<$kmZPQoCg3mHYEGQ3bFX{<7kFlo&B
zQnTupqy`(@6D_<eOQA87&E96awFfdasufv)eBaC8gXmzpc5j#oRUiQ2c-sc=3UzNd
z04(H*pw-{`!03D)Fq#}W&3Td~g0m`5eF(5ErTXI;^SS)bG%E9`9PyUf!07z>fYD@E
zPgQ?pKV#~T<eH_`-^iS8#uAK!4~mFh|9aC|UY~!J|L>32M44A|94qsKSMq)3wTIhV
z(eAq_@>i~FDV_Wvgywq^74GRTZKQ4mF1;0&TQct}^=@q2rd;v8QAfz((A8x%-`cQJ
z^tEMyQ{u2uS)VrZ=KF1@$yAcpO3J^o0JW3v7RwdvRnxw7g;kH$u09KuUyrK3!k@p(
zPqdgqS+2jX*q4YCRGcMJ(Wv?~r}hAgQWk%g|Ei16Vt@~JTXtp{d_Y2DaY!lpCOHT=
zF2AW7vR21x3y@Y#d`E0CZY;Js+C?JA7vAA7$_+Cc#Z)Ta3vbVFDNZNyywaNTd<1en
z4}naM9Q#GdYbbf0Ci4GfHD`H|`z%kQn5PNUr&_u-rHw$&pAUgdcJ)+EN%k|QDbHmf
zrZ=H~giZn^Q2j`YVbxUH*eb1xAFr$Lt5%9mcephQPCMWUMd<!!rcb$B>jx+lqP*;O
zOimXM5n!zDcW4k|;o0s{hZzgUlLAwyS%1e+{zl~=NJD2MrTh=DS4<)4L8FCAr{mk+
z&1OX~dIehJCUj0rU|&*D&4t&PuZI;e|9|%0bvtfcNfUh)p6S(H_Bw*Z`(^Ldr<ZKm
zRbJb-w(8O||3DJ7vYkq1=fy7VryoQBAd!~<nWTF5{5WfRc3DyeKq3)=K*SecRPy4e
zI%2N-9%NU#Kkar$`AF1~(V9OU;aki@_>wcHK~UFeUa^G7C5yu(WVwiA#*=~<RTvdT
z<wp1xHo~`fK7=nh)TNqFjx(hBQ#p_6MHtQ~Qlba}KvK5D{F!|I%~$NevF1C7;HX8>
z^j8Bw0Fq+43uz-Um;wIi&dh(Yl8pyRd9TaLBf*Zz-ibfgODs@-P<$7Mw?sJKpY-#h
zHQ+=d@{r3y2a!8$V&LBd!CxlSlXka5);$-~PjhvWRqZFJ+iLrq88{t0@P1QYT)#K*
z>-^*Xw|o5dkBa#}-K#*|i@t66LEY4t1?jJ|H|o7vpOd}OW^(nFZJ(s4{mAT0%u9q{
zc%Kn|u~WY3r~Ph=7x<O6HI3Qr_vm&ZmqG!*&N^a`EfkV<m2GmgpB5{ID3hO#H@7va
z`AvUEfI=O%c;wiUM((vu%c}><o=+jfCWS_r^m!m}a%Mly!m#EcllEJhbRgO-!mwf3
z8o1=Oh`5tZDfTUpH~jESCY>JYGL!BY$8FMS!J$;AV-<#MIxYIzA|w;uz0UQ?+w51+
z<=?bPYy=0e<XIC=kNxZLh<y@4w{+RB@jCgV#cM2bkzfo;nViEGFFnPgf`dM;+m%8|
z>=bnDyI7$~lKz>HSJrb%t~j`#&d!G6to{1yh9j%OVaTuxi|O8`Ixo3CO?+OHi?G;g
z)<ttkM(Rsl6l+S5IW$vWEnzrVCyi&p(@kd&6tgDBp}`^jDt3Bdu+1{GZiN+qDf$oU
zm1~wjw}ggEq2ABiCHhOI{7hP6&?uqkbfZMiT>0`A85JcH30yPNB4=eGZ`e^;7eO9J
zB8!|X{jnd|M(NqW?(|TX8l{O~cUo}3&vY!p7`Q1d-m!vzmv=UG<&qwTe2dM~%YoKX
z^q{}=Q5^`;gN;}&b^GGB!9sS!iLc7SrF(dqoP-#5-x|*aRr^C=2TAOMb3inE=H;x!
zAcn6DqpI;r@qu-FpJuVy8Z&|6d}SKYXTiljk+wKw&7ag@TSYxCMKvw0+-7`(MR3q1
z+Im3y%?KMYfmxgu8et}8q0;G@>p<jHlnYiBQ7X+unz15?D(3r1n#E-xir9G_js4Iz
z6VHZ9r-!=KOiV<j(}II$Viqc$7VqKWy<1=rgE;S=j)z(ucA7FFZPR!i$zk<{RNfEd
zZB%`ipAicnuTft<^mQ%fR`vS*JG`J=DWJd>fC5*5J%w){;8;l7jLeL?2Tks+@3g!2
zn~=AZU&Us_Au?n`&h?!~IX8<(gd-^Um%4oD(%eU}duZ#Mt=*cs@8fPQ+3sP}?!P|R
z8AjMruixFgzSENt+D~pOm-bJFx1;DB?WbnuaZ*%K7BP{DT55lgvOFpymL|LiGEtQx
zc9y5ceq?L^v%%Zxp)S?_iSTw>a8Uc5@b+Qtr^J8NkfMWV6rg}Qszp%JC$CUs^ccNB
zT>^mjMr_a3O#ke9Tr3+=kSD{vuNwp%B74w5=rKa4VI(|)ZNFU(xJR0N^Jwa1mZSf)
z)z1vD19%_(d&CoAVoWh(RARG(ZbInQx0|j({Gk;ADLmBiGlgO4e<dmoi6_Jz$d430
zlYdZEyhlv=8U`xOVT%id1BE`IF8APS94<Lhu<@N{uUE}A!J6u~#IiShu&o_4?AHae
zlF}Jt<rBl8j`UEfZ`NgxvPKgi<FwESYcvZoPR}e#k;GM<vAPKbi}SK%yowT*2T4+t
zWf3Hia9g9;wnone8K;N3)EW(sLs+A!ka5Q<498I@(KqT^{@A~~E7Nu97x8X|tjJs4
zh=Xq*$`-tItOW)OsKoT6dw;Z>Z)Mwl)2wXL(^zl4cfTU9voe(&kc`kF7ae{L{~5f|
zY@zyw*Hnp&v<evFH9__*#vzWLjl@RS*B6yZ`~B{4azfLor6fr)Xps?mJ_~zI&zwe8
z(=<UPwL2+TT!@C{b;70VQP*)TqO=N}D9PAQY(0NA>@_{qrFuR*4x#5$sh}OJFwX6u
z#I>&13;uN_4}IxBcLny1);@zH=^-;$r=7^uk=Hpba{s??zk0Wj-QGd{dIv}$YzXmu
zm%xVPnZG?!P<W=p=TMCT558@_6dQw^d4vFCt7yO!A@w1<ABK35Fkq|0D$SELWZONu
zIQq7si`cN?(x#EmuACYZtWXgX?eIVrXW8o2#?C&9p>TCVg}@EnpZ5m3!r9VZ!<WVg
zqCsm~h@_|r9(iY!?<ye8*lp`8@2!A}MU6mJ7y$h8zF1z?mG@?|X#tP)8qg5ycCjKG
zhC6h^<)lo8c%$eX<3-J!2U+IxreswNW&9$J7!UH4C3zj@iM&RoS>QHascpQT4dP7?
zb*b?h9)~bqG==n#@p7_OcQ8k{1tS6GIsmD(Shv&CT^~9SpmOr@Gb-d!adkt0n5Hf|
zQO?7r-R+j=*WhRRDbCv|VALS|3pE+IKs|;UVz$cFke-H#b)2zP#v{`&=S-rjoV5Pr
z4R*pXKe3&(SJL=zAKDgE()d?qA$CYzC%2GG*C*qdQFM;3Q!|G#x+;PNSy8b#DGF8!
zzh+61fvZx9C>(H9GF#W54bMyub*Ziok3;A>4H_QObtm<+Tg5NJ4j*^W(M(s~FM=;M
z<Bek3MY}+#Gxe}`A?exS&*Uex8vx(SgZdCxAU{*ves&*RpC2D4U$y97K#T_CsAnki
z_1nF$;Kx^<c;pML;=2EE|MCj2OgPBlCCL+Vv}&j8U-01-LhqXp`tv65s=_z;5kvzn
zzYFpPGl4>w78+q1W&wEVnS(qJqRdZOlT|U3u0YKSkp$38OF9BEIs$IfklUu=*#Nxs
zP#-(^J7EhZ3Envbhi!qILinJd0jn53{(eiC25O`OjvY;bu3NS!_ZVRkh_N!oONNoW
zT`~Cpj|;dqSa);6QV<Vt-Zs5!E}Rq^v3Aw@)qaCoe()Z;LLTZk4Rq0}<Ue}p7l&)B
zElh}H^nJQTt~M+?)m@ohbf+#)hUB8?99^bnu4_QuHZ{x2FlTXH<*Z1Ogr%V$mW_y$
z)XfVR`-QE`&j!h*hZ@x7NrHC{!Oy+dN9eMfcNcq6kwr+fbg#dM%coz&djTWARD4*N
z)9d=EA7nKNrFA^B70x)95;a`l2M;A*4>V{8AS&&%|Mbhg^!`O2ynprX*X=j)Q{Pjn
zUAOXXz7SgiuB8dHk9xezxp_~V_tRDls@7N4Yyb4HFMm2i!cCpX6Hu6r4K}RBvrw4y
z%vGL7MH=Ufr%4DM<tmmZB4K`5q)C+LBB|ZkgTO{%2G57WB!?Q(;%S0+4#B|_nSO25
z;?IQo(qih=QjJFJv#l>0;T!9eQe71fwC}v?QZt@EZx8CbOX<Y^SkwqS=)u*}EnXqF
zuYAdyH(#tznfByj1>w8ybNT`<@5noI-D>1uKe+t#X1~;LX1MyUyq$m??W$(GmO*Y2
z028a~i8@@#C3UGKy<-N|GMI-$BxkO}FsthzW??D4<+ut1;DIVw!P7Wx;wUe8=2lA^
zhZsB`4v`#cP%S43-Z=!FjP{Oq2Az~nnmJzI>g`A9DE-)-7YY@oH>P<E)L@9s3VP7*
zcV)YWYvG1B&7$fq&sZDsZ-j=@Z+lSQqR@VZmgtb9$#j&}Y6VBT)L5y^aMB+*s#l#y
zU=~y59lRGG?|*&?+Ia)CC7broC%lkDhgDDh$()m>+FwDAZ!}aHV8p+Dd4Hv<K2$#t
z)m)_AwH1Pq^pG9xz+P1%L#53YOK}#}VrP;jnnhvbm2!K_|6a?TiY&Phm$cc)yI1}U
z26O+Y+ZI8*0?nnS12mmD&av_yxBW0od={O*YKf~2nd*6~sLi!ChWX^{%eQ>nZXi1O
z>t0?WmWna!z?_fvHppG!G;7mwlfgXPBsp_a#YGlYHH)fRdK*F6up;v#mWo8AWn79n
zs@-PI#!Uv#hnpma8Z>K@1n(Sz!`_AiDM=VHO5%+=lr>j2@@K<67*6e4C8m^}!A%aF
z+l0}g-$m;L=tF1!4yV!@R6ZTm&cVc{X(SLViOrap{BhyjmN$a!H%kUB9<RMy(*Vej
z19!x3QZ-R0o(}K)T?>wbhnxE#|745>{ste3!6QAV$)LUy8uUQ#<za&{4{AxyoF-Mq
zt5UEyDN7cM)MvcT3)X}p&$29!!+5}8*ig&h`Jk5MP=f|zlHi>~aKI08A}jAi1Dl9Q
z9Z<68uL~1AB0TZIENEV%mE|81$p!L#&J*6LZ`Qn~_eR?_4@q$!rS99II|LMNt#?pv
z#}83@EB<})Rp;-wIsw`FOj}(c(wN#1!{Se<<`m>1y>Et<a~|@LoH>iqEaf6*X<7hr
zQ4SG6UNattVHk-Z$^$1IM;zG5!{GUlhvZO$$~j5!&LKFUoKBqK_)7{6bVM>DMgHpj
zcJ~GSaB$$wS=@)nw);}*C>1!MW_W!%w2u3kQY1~Jb28B(yAL|hnu@1u2Wnqoa4`^_
z?KO*~G$=RavXv)!7Z_9~MRR6Di+R8zoW=($=~p!SCBmo`mv(Dn6G+nmtZSyX$BDht
z?{etCEVi2C%_JL<;Yp<$e{`1{yoy-Mq`A;wIE!6ejcBIRD=GMP0XHK>%Ql5R;Lr;q
ztP=GVll7alwhWu3c_2x0<|K@QJm7`ATV%2PpG2CZsA*WnMOLMCl*N%7XB5~V$>8}w
zlH^c>CTWu3okMW=f-!)KB#aOxb=RWH3XzF}NWztOfB)W7iHg3A=nnGapLz97fa3tg
z*WJ;2s(M;c2%9yqa(!IJgilYZM9%7aAGP3H!yd-_wnTt{R=-s=u+ltq=A*+hs)dm6
z)R{PiMSz!ItCwH&FR$Y;$IGR<kE*haEzm6Ow>Dg&<h9jp^v|{Ygh2Sw*}O^lwC3^}
zrXCE$yC>^<i(<LT@p32%NsG(PysR{-jUmDX4@$nzPVoB5T0dpTRcU)Soqkz!8mOn!
zD~9(Y<6SA*w7vBC;0xY%Enba#c1e7PFp1O-a@?V&V=sew*h_Nes!By&0js2dn)W13
zSs{v$RZSSDO%SIEch|HBHuf@jKI|nq)SykABzWf#98A>GukEynB)qa~Lu~w)ll)5E
zCuKYEGHl=$$fS)r{{F$c|J!eb{ksTNdDbXs_=M`3g5Huv2YEgt)L-YWdV)y|pdgQi
zGz=iWY@tX52=fudeFn;DIChm`S$gs^xp+KilzK$A1`NI39FNixAPeq6nhanbDr~!5
z{2j^t3BA9RR@Sj2ht+-_43nHW3DPW2s+2XnfE1GaA70BVTI}adl!aLoSMDm+z=mN4
z&j-UKhZ<D-NrHC{!GYTuDQ2+M>T>pZv-mELzW0mOH_a+bl4;XpcF9&1y3k|x0gE2$
z_!a=g@)YG1-3~d&yXIhs`wy?wFkP}1Zz|ZqLp6F88-w}YLW6VDj_~R*#&YtkFFwC{
zskKf0rO%R}CD8EkLwj?5ruP&+ml3ukRnmud<G=fC&h{;T6#8qi03Yhgc`_jupBSDY
zXtBswHgX&(VX;2$5nLd+iRmv%%F4C;{N{lA8W!)WFDy2<!ERNK%<Bt7a@}*ozNGw+
zDezBPTZT>2JoqO$v#7$XPV#~kK_(4RnAR+>n~*h4>iePJL_T-JKLZ>789X2SlN@T$
zBu#~Xl7hpYh!g%vgH0&0Bf}&0xodLz*#trqao@H}jX<dcT$)VtQ>@7Xl`&mV3ByD^
zgH<urM}LmLK$G77_4Q}CIsJC``TD3IE7rameTLw#G$^RQ(s_V}BUm%f&7DmSz?6p~
zuPpMi1%wx+e17Qt%B}8khRyJccx-o~e;h?-h~?*2Zs-~yvu3@Jm=azVTMR*guDMbk
z=DKh(j~CH<0hHJ3TRBbpywv=a=5=9pjL!sdqK$#dsJkG*XsjBPt;w_V#Y$zwFApkh
z>NVS%wf{G{z}tV-`+=El@K4{w6Dy?$*DT2DTyj%5joWlQY%mWGOU_(|eiqCB$7(;2
z*Q_QDSQ&86ijdb?5!FT0xH*9W8xI>iA0Cz*%HjRIc0Iun*E(U~Cd~TAH7l9irX+Om
z`&@%*RS;IeN`eJ3Ei?$LHS{KZ7m#h=a=TO$9YS2N-=&4xv3ki~o#}23WIbERCTUU-
z)t4H>-gq0VmwjHkUTmw*ifTT?H-9d+XsqRvZ0&$NftR<QR$cetJ|-s;-{l|o9T6@J
z!k56?(XAr>Xu|xu$I^ecXj`<?S0f=mWdo+5X-T0GHeeo_mYkUfQ6i!!V|kGY7DqwF
zimXmqUX>{iLtX`iJJb@|Xxi}k(6r=GZW};~VTAPcK(F|_Y4g5uz4>s`nv~UG7rxpp
zfaQ3v;t2TTBVYc2dr;S%83PBPvFA+!IY&>$+@+ksf9mc4+N;<SE{;u}j9k$`xi2>I
znj_7?0Tc7JsvhscC77;SA?F7uJTUVCp*>I#t@`$9#*)aby^(j6&Avk4;l=NF?_SD3
zVokmi+oFk2Zwy!R&F%pTg&9Eml<B$Y1f-*&mVoh{&0yVOi`e&iao!%#`;H8}k|M*_
zAe;x{C1);!APbWW!mSOk1Qr3~aUQXRS4D&=@?#(W*c#X%-thTAyyQ>=*1*Y{ImQ}H
zgYwdEeo*KRbRD;U`<<`~<QOW%DUZ)@(2;BNq$<KrLYm`xl+p9t$qBYz#|nzDI^CIG
zPpi0i0X1V${i?iBZ&u8WOFGuuYm=w~M)l(tuw4nfqjdKf8!-z{C2dS6_2TyKjmNxK
zi`{$aWr)p7m6JRA)V<hwFYeyl%TH>G_j|Z@^q+XCB1G~A0t{%!VHay8c`ed0rK8x6
z9j7vdL{Q1E{(67^rsp)$8$fwepH|{-1O8sW6b7)<ll?nQ9Hfnw3%DfR@U1*C4*$ja
zahco}thaViny`-7gfMH=<{;zBq{IlTHV?x~&g?gJ6c&EQioC2K&z>`0R|(^OTJbE1
z<0x^b*h3q`8$KU~mmF%qs*ym+u~u!uyl-4@K8kyY6xZBCze)!Ow0+6<tLmXQJU@$7
zh-sq{wv3wMXl!nV?Hc_lt0h(s9CJEdX9XRskczl?R96G-IC%UkG~d{H|ME{koc*<I
zcYrEVJq{J2AN(QztEc=8ixy~yY=7VJZnu?I4xUHao3`D3TL8$Yl>hS7KUEq2W+j$v
zDX%m@*o<x;Wb6;pUYbE2KEK4Wi?15&C%jj3xT|hk{`&cY_u{+!Uu7o&==c?1v}b~#
zOu-Z`R8nY!HJAs`C1;LOp71nlSXmbG##1LHE0S1VfT}poiabcm(4A!pZGdk0d;nc?
zr~zw0iH)`f(_p&vo4fMMq|}iSc&`;zbz4@-3hhReAEKJ3oVq;SO(Y=f1IfC2I;}A~
zFdsxR5&7HM1*{J0qm$ZlV3^rh3`p-{lwtU3uf0F8&FFrytW}ZWF;iflneL@b07lwH
zU?Ag5%Mz&mUglXSl_s|ieQB8v>J8_CddZoCD5;~oC|F!Z0gK~0Vr7*#%n$QC3wV?i
z^?*X#px*HLK)vKp0}4%&KaN%CY0zH!&8a{pDbXR@ySC{%5?Jx|P8ZegOyIA@Ud9;A
z6H*LgpRf%!nyMR94W&>lb|_B8IH<>ww}JJNKPh$$3@@1U@nO#_#ODfZ6!5U9YhV^$
z=_lVlw7_}yH-NjzUp_A2f}-9D64G6BU{rWHuo(*Dis}mRtKg5=dQ<TVLZ1d+wwlNo
z9C8fks1j-f$Q=w%sqn=ZSW;qy2G7I5k~8zTsH-5#Se66uBZ{R4htgG-${UnTP)C00
z&a#F!1~z;?3@ka+fCiH&ys;WQVcs{cHzzfihTLvdDU6D-b>Kz=dad!w`pDO7k|U2C
z`(2|;aWQx)5ZJB&PgngsQekioKuK;e(Ww35-|k<Tz@Nfd0_fwXEhHH*UZ^;@R@k8o
z)1O^3Lf;?yltI_12o+v8HBs*kxBhMo%#r)%&-GGn@r_jhDD4D1s+wG(yws%j`Y4WL
zungR!9}L{f>S=&B5C&7FMQHXgM*>O-zh3>|D^(5L8%JqD07a%ejDxnJ#&_C~r~eeD
zPEu%u^_YhiC1=hm5mt5Rvpgwd7B_jw@-P=HO_Dr|Qc;W4-Igu1(W2q=p+(7|2CN6k
zsyNWgV9I=NTyIQT4N3yNSQEqp#RZh4fg#+k*Yfy-*xTFvvRlEe_u}sM=a+;DaZXe{
zw5^6!S<OBk+gdF9PPUrB#{dnqdMXv`L0+JF^4mSiI;hiH`Ta}0^Y?Ve$QzDh*}ues
zAN6~9-K%b1P<;M~9nX4TyJ6H*HG2R*P+<s;E49)T=0^{8ZH*7+au3!S!ky9@;j=C^
z2f@L}dSJkn0fo7aQ|Q$&O$_9dwOf@5#%=}ui%}+I3IQl7G{S_;L!Oc|$0AJX%oi*w
zLTN(cCT3-tHmpvox|TojB8%K6#73Tm&xbrEhZ-;;B>Zm3giOPo(r-K>`$=PDiRxV3
z)Ln^gU+3DF#T;Oj2;LHM-akay-4j&3hjpz#fJ?w9Kle8oc{|ZnO5lGCBv!9XlE5HX
z-8H-j-&CbJng~FlGY*e@sn#H7J++3m_sfNhBuG(mjAiY78qocp_mI{3bZ=aXW4e&T
z0wW|#Fp$%)d%gijg)H=^cc;s0Ob3UC^T46x%pxf2I*MZ!7NTU(9G3A=-eP!=1XWU&
zv4{t-6E-+Bd_Hg}In;pFAaQL&R%60^Z(MIoIvyk>w5J78N4wR^6abCNJ@1M1HPU;r
z6kkPG#qUZiP!s=Qw-ExLqi$C}?Yys`0jlMPb~Rvb%i%coG*G`meg#&qiv~btom~3u
zQNJSi;3NMgRHH+S5=7@14y}S!t-IfWeOk~FLFzpn5y9!e#&906k(`<PRb579!eUW|
z@IOA2n#vi(0>doGMR@!~$BJnK8^h-VHj+aPC?*Lu8&b?^kVaa}AQx``_WPB0FMY{s
zvsi1-x61+!ocGk=Is-tQo3EGcUbQgCcRo{k(RV|aKa!oD$>~otSx3^(JcX%c+a4~!
zaaYwVz&v>00TiKQ7X~pP?LfPSG{9cF+wyI$y+6Q3KRDxUXr)!zrkCLRehHOkrB>;V
zJGjRKD6b!03cVx#DAX+jdz^fJ{q737Ns851EbNCjYLT*S*{@~WoNZjB9z(}47CUvV
z!-mY7n^Y$s?<=XoKTRS4&`-dyUiP0BkKlL-1`oqj425lBaLSNP!Do^}BTU&md?q<_
zkOy&;XM!aaa0FCg%6L&mEaYWU)=iZbg*&+s+4#)p`S6+KP;OI3iVc~vDf7K?y|LAX
z;0i#C8-Ctikt3Y8OhR<#zLxs1Y`=ab1EbW41gEJ<p>!kLEuOnx^N1Wj>>1Se2HJ=v
z*LCUVziDHfbmX)WupUb!AlxnxgN`PH=;cIJrP5!vLkUTtVI_>_!6M0-xnBe+&r%i_
zxzA!=`>YJJoCy&YQ5BR`l!R_2v|*9t<4sV)X|PCofrgZD8XS^-V^G2`uWnzvHE;k4
zY4P8ycE2s=&oqY+4DZRSs_0RXkFMAJ**)Rnt2!xF$z*ql=x@gg2`Micpt1+8yRN*p
zYbvY!0eSSw8Pru>Jz}S!{bOHyzqYDtsdazAenr;oD6E^bsssD%W|Fsc%vb!qT?q^x
zs5I>YVL(=^X5IVQj9+{2u*n(Vg!;?Gi_h;qyu6mbk>Xsv@V8a_V<~D?m8VjfJHa1S
zuwlD~`AUubMxKB*;v1n$>`9xmjo`Y=BVMbH_~GG&buFA;6cdqn0W0@XuLvyi!DWbW
z7szj%Orw$#Bh1u1oFge$a?Z;v$ykub(pTVR&hjFvSyePuQ3qw24fHpNY@B2Cd^ksP
zr~xxIwWa%%`QEtRcsPnl%6_q<mR;TCb|<}TmDFQ=zk6smi@(EGwo(a%X(Hw!8YFh{
z5S{ewA|h+hCUtv)vMu#M2N8eIYF={Hr9iveklp$5wNbr4?m+d90-HuLl{vt~=tftv
zSg)(`<wzKY(Z>C%Pl1@(b(JdVZ%lzGl0qXCc^*WOoVhFn&;2TAehQ6Br1~;0(uf6N
z!g*ZzJj~sNnUM`qjGhmoNDeii$RvGach|?`-+Om1?sqqB-Z!o{$G$@jkAp-h+6@M}
z^79W^=k%5XqSw3K!)<zJbmPT`x3>ywE48E}YS6*<7q4$$c3uf8DxvjG)FjvuIg6U)
zw!aeSFu?}vI7-pLZiL^f;N)=%^xQRH;}UC8DVReCPTHV|8mJrMOpp>m51pIw<Du=d
zk_+hrVN>M?@#LXfwOA>yNE-@;<bXf_w9#>eYwxxvyRb>M4g;R+O<Rdt!M5#`4Mn4V
z?VWB!a9I@F(GPD06dgUC$w__g3;p{$iVlNT0GDB!4z-NtK`qId<u#~Ii>zk3;5Cay
z9kQaVYw2*LO~9)#3CqH5m~5zJ^n6fDa;O2rM2Y<`v1t_+nJ`GxAeQtSQyC9ZLf4AJ
z=7*#B$?G2(0aMjtZ5&{Tpb_jGKRafS=f5>3GF4c&tgDWV^wP!z?{-EbrCYKSYX#%N
zcTg=`yN7QNo&Y|zBJMRk{)5s$>MflbI2|e(&4WskGlyXi_+jm{!sm^04a%_0SYAhs
zh>A?aZlFSBBPFBfLrRiE>68JXf9?msVmd+rDak=L8hTEvHj_|BN>o)g17!(YZy@Sc
z9klwS-s5M-kW%|ph9C2M1}j)~EPTL=3ksrmQo2dc5Y0i3vDz%k{s25BucNeP3Pg|;
z8lg4wAcEw~^4y9=QAn-fB4lw6o&TyRVr5!pxu2K35pIBSWJ3g_=Yt56L%G$){Qxet
znM@~1&v{VNeEa%~i%gCjMF-P?;0;*=fSzO}mNtGK$kSAl9M#erdEg)v2B2zFlWQ7&
z!=)3Lg3hB~e|D|Be1s47Bd9!Jclk8oMSM&k0ypGGl}!l+98L!NC(pBuz)+Q4F(kd*
zr6xWyXgwrXlRDl0fCqnAtbrT+oGcv1)x$!37j>8O@5wFs*RLC)AyJr^>mK#vyVuG@
zAPxWsC83Z|fH#Zv(DxO`+r*16_xCSN0X7;kl!Ru55TRR?dwm6Z_sK(IOb+hzwx8(r
z=iexZ0lDyWsBJo6Fq#J#Bxg>tJTB9UvqV4<VOcdSFO!&6MG`0S_MS!QfFo=J2BYT#
z43a~+4T}2#K8l_6F`ag0a-VQ|>fz(q!5V2l@*#briD;>#)cnab@77qF4#kJJ;*O+M
zsudAK{@MLFi2HBxZ2qdb4h~3O@4k5J{RYstThr7>zrpbX0h$?s!#~7wNvYTrfE_6`
zLd)g>?8up80PN&Z%7n-Y)#|gTBhI2U=1H0Hl8XUv*9O={&j+w0hjMF~`vFF1+2jt~
z^wh&zMu|GK3`4&fKlA$5djSFB#cB_9@3+=|erdW{V+dLubdV=nz)4%3dzGIZ&m$*l
zJ0=l+z+7sz<%3hJBk-u?Gj0|wAZGx@VorLldg7QT*(u&x4K^}_i>jZFMZb@2GOPum
zlyeGuASpCLIp=}w$eDSVra@lhEKgI;;wrDDat87otePrMMV|ZNK#<x7*+tI>vLlCb
zE2sMbMkpuE>NljE&X(E-)Xjv7QUi4K$u31TN8w3W^L`<{JdAxF>Cee0dp6X=NGzej
z<om9Ohv-Z8z)0*w55ZHfXOMTs6}ORUKk&djvkWh8KfZlwh?Y%3upVCpqS1@r_N&l6
zg?0$~8?_wD^8YnwyF9S*`Xc@m)xImq0g}N!LVdz&dT>7<x}H-DNuza1kr9Su9>k5D
zIZfkC6j{dV64KT=&lw<USQbZ3ki|t&$8K~@Y(w1Q=YzPBLpcozDfODKc?DkF=cT+@
zl03_#{NNRxe)Yjao)o?7a2FcQ@wCR2mtpln60ZX?cB7di=z6GG&nL4#8!)VHDEt@s
zN>WStruKfh!xz*)-QV9~9iHi_D}TQB-mD+QBlcyeF&}1VJvx@LEAO}EZo`?PJv(k$
zc|y2j5`ktCcx^*!wrEs}t42P9C&Ps-@A}HF$iFKf@oRaDKjgBfQrqMg<nkIwp<!i@
z=RxVnnWHoasyvV??sFe5&I!wX5wnN~IWMX@%!|sc>^77xem*E2Ih0%3DXFo_PRS1|
z`&f!WLg7i)zaxb=&O!-2o&Y7P2}e(r-gwoYb^irI=gBudQg6`EznnR@uk4^Yyr8DW
zfuA+G-!=ZgRM##|l5?WaHea7nVrktp6$tmfwk=>{;RKc^H`eT3n+Mr%6}Rxg9e&9-
z5J-^n!n;9$9_wOuyThzH@cwa~z(!V*$F;nNY=N9Ww}P750E%2*+9e=GMp%h?NH%h2
zQKw~))g{ZrBw=x!hO7*^U?NVEh|Bv$6uHA|v5jPlpAX4K4&}BIl+;)&LCFtW2`8k@
z?GjL;x;vhVzjqZaz=vfTub3-xy=c&p-SxdRDXTzo1Ii8fWVhl}J~#y6?QSWmr2V+O
z=H@%73b^`RkCS#K6dDH~f2(@Ib?`WZ#&PSpO*)|itXfa900&*)jLx7?l#9`Y4#8(Q
z7{JD|ET67S%W~j7IkRj)wAyux!9p8A*{M!?VzX&C+pcRByjXqE3dj5Xm%E$)fOpk^
zrG5r-$*?o93FoWD>R3#UdTuF`w~#-s;diUu@`<uem$&#PMMhYsdGI`P=CI*)8kRLn
zd_QJ!5>-sPsxeFBI!{B9H3@e|K4Kf57e607j~vQvoyh*wBdrr9KN$F+Uwzm*QKG-A
z=y?~{mwVGh&k;kfG__Y_o0X5SP2^KTr0~!~P=-P`euG~grz5)uv(tG8%zy_NI#u^4
z719fQ@7<@*_aLY7b6VYZ$jB@oW2dZea{R%1j|oPA*s;ax2LIdcr5AD!H>|_SrG{@8
zj{wDK%bkiz9JIuH<bN(6rK8lD`t9QH=%jS{SKZEBHT_%dA4~a*wlV1E6Ek|Pa;<1&
zj*BC09C2523HGo5_7*)xnKC(-a~zT)BTUXb;2k-0DlbV{9s+Ekh*+Ga2`g$}dPPkW
zCuv;zb>Ys0#5V9Qem>wGIh5Pvki>x_O%5eL><~Homv`4D8o@vg06u-!kGp@2tAjRh
z-R((*7X^)5u%eB2qc~mt;>ttPulT)PVCSn%Tkk7XpVXmg?cPfj)>HRg-gFr;r1+Um
zU>-Fw*HPB4qcEY1B(o*0i_;-^@jM6~Idjf=EzkUlWd(qVM4qxD%_5d$RT9g8B~{{X
zk`UV%y!iPrc;rxSU8JP+)+97=a<6Xsg%5#5_g@GF9MQG=6YNQWbtwu2<h}TG_xANm
zI4|(-f+acj1s=9Nw2h|r)6ew8=cARXNvsXT>lw|DztlwsD$=o&{>f4Gfa34?mCPG$
z*K(=7{R*kY5ONQCsI4a+o81-U72v4gV>%scc#Q8BTX{7?qBbNOeDYqrdVTlhWtSht
z-fJf)!c(!WPJfhQ+5Wh8wJd11OW0dC+U&8;?6DT#)A~iVs@6LyDtdXlYf@x{L79h6
zBxkOhIIF|DU}2sIEG~nJl}Q~ik;FVKvZN40(GDA(7(X96ksQixP$((4L77HgNWbmy
z6@qMaZ5sdRWL$sQh1N@|5tI0{TJEt0+d=H}#bPCY56E^jGnH0DdH;U#=Sxqy%qmF=
zslv16B0oEx?85;T_~0>{7Ha1ddHBFXo*EgGKYf7oiJ@Huoo}l>Tnt>$;mbpmQ%D0z
zp%H334+BWfoJUO>`Eka=PzV-hMa_ybsaTXop`XNMT9j_y(b&cS#?OZVB!_aVEhXhv
zTS|)Xpx?OObXa9+m|<59gKDwq$#6w|d}}?vv=T~4&Gq>NV%)_Ibq6FlpPEBnd?Wwo
zS6EA{(gP>Drwd=9U~sYSp$Ce*0GZ6V1|9F@2`m5e4JgQw_iHP!8cVB+U%{lienJKs
ztv!b*O^gBB??B+({ex0jYAqb+>~uI`JP%Gt&g=&w<#}AogSBp$ylmGjFAAs!2(lor
z<&i5Ax5C<R!ua{%gyc|eg{7q23OgA?NWbuD1pwLA%rQM`u-T7r&D_F{hqhsgar`JT
z*{(!iIYy{3HQAj~)T45l9w?}k64-AxJ4fB9v&yYGPC0h3awE@TfDeeCGgINP%KmWI
z#dVssw=Yk{0$m^wR(Qh-2({!r#vIfNuUtK}j-FoRsyLK+I{Yx62R|fduA><4;ezEA
zbY>TUJblwNWmyzNRqQ8e77qXkZ1`dPeDFhZD7P|GQf_6Qj5(xVc=!+|MKQkARmID5
zNqX*>WwLWgR+$W;wbb~p2M6p>J+|6W*Y0c28t`}!%yS*!gMirQkZ^FbSKd8PW>Hsr
zE6{BY<|~a4k_un9VhePkrqX73$@C%L#REGh<jUJ4F9%;edDUVg&B1mD@ka$VI5*T)
z|5bIv84pRpm`+g>ghja=he(Qyuqg9zh~&(PDDtGt6IN7N#^Ok1tPInDrD0TNS;C7T
zbI0`(8;6)Y9}bZm%4tzZDW^ptr3NGG^b3yyB$49p`i7e}XwGK9R_^a(`@Jiq!;jP*
zh*)>@{{4fu6OU5UxcnVnbBPN$^)Tl{efDGRp@Ii+farpA)0RX%kPVi2<WJsL0sNgi
zr~*X%0t|@`fX=qb=LJQ)mb(Np>+p8{U+(|*n*uVxMMEvc`FAvVG%m0CU6()$nbae?
zFouuL2RyZWF8j^!6}k>e*WN2dD1zNf)Vf3RP>&^_MIa|@m&8yY=#CKxuV{7-R51|h
zGwa$zB{mEnKrwXiB=|l}D=nS}&+O(GHL*r8u4290GW`oy!I%u+i-KK}yOJzcBqfFo
zTQU!GNzPn`br1##XCeq<7MDC?McpJUPefH$by3y>ykLoqxlEo9b4d>6Hf)rX+pv*H
zO)^kHzv-ZlM2ddtNi(|Bx4-jrJ(eiDL=OAr?%kI+uYY~_>Erc(e0Z-aq)j2#0S6Zc
zjKZ=ufd?}ur1<w;Uy##mq_&_xz5dHj+H!ht`siY>=I|l$C+L~UavJ6_XiM6q^L4%g
z{SK3!=%SVI;K*StusIa^HPUppU1JjH6K|E87^~k6aPHZlaq80+?ZzIUn_!>%tKDhA
z2+|U9RJdJ-bb@3oJeP`zUU#j$;0df?E7*4VIbO-N-mfZ^VU=d>s<&{*4I~NAiu}S|
zu~JfKgbA7l=p<+M%fzpEAw8;~4q2Q<6)WSqV5#)EO1~+BupaQOY(Qs1A+tJ`O08zd
z%K=Oog#Dq$`PA`rdQPsv*N!pVjAo?R;LXiFAz_XvncueHe5}5*B{&Kj@m-$#if{az
zSY2ti1!D^M8^zjJVa`;SMoTjRfIodN=>rwrSMh#Pf-ges?<tIZq|k`{Jr5E{&RmvZ
zlvJ6|5)sI|Ly<PD6m`RR&f_YtYEcbDBN7`Dm{2gFOZPW5&L#VsM8DnMd9T9P#P*(y
z2_z+5+nc0U>+@xB@aY|kI5>rkYnDJO31%Ma8|1;X)-gd{`U~{72V<x}VBL?1d3!*?
z>T&I+A7{qJR5|Dv_7~Lk#n|7l;gv9b$p3_HJpd$vIzeDLCe&vNuN)~fLVf1J+sK&{
zKT6`Pg6_SUU~!eE(87<iENJ{Ds6>#~?uH$S4R1?GMzagmhZ^S+^&!DnPW73LZzCmL
z>O-RO6oa<3-(dFTHaxh|L2^kUL%H|*?jx~7r|_<kLL+wQJkS?8b0i`tJ&9SBXAv0q
znDJ6>)38pfAZd~yEZhuIi4FQnNY<|lcPKT^B|DVFV>x%|Wc(K?>Dr+r&Ib~&U2t=O
ztM_DxmjL#)xE9w}&@^G8na$BWcL9PcDD(OXy(+=_mTmj3gCC!3N%@Q8QRs-kbi`3I
z4{=1!oJ2(~Qt6-6(6216MZk)v3|Lx)L7f%6C{uR@Lt-P25(*)4>29XRxnwt!9YZyR
zw5kyFZYjT<k{{mJG_{%B*N(s^370}d4+Qi!d(*uDY5xx>f%<^pQr@ta-U~yLhGouI
z-tI?>xrDB_hXU|k!4G{I(7}+<9Dv;ZQ@}f<&<G8f2i_rPPW?E}3!bwk4r_TK%>^s+
z%4ZqRqB0D5%#+Nm0XBFiA*r7()BtLnOEiG&YdKN_CR2Hlk}k_m$=qQdy^T-|@#6oH
zE7%jxW9=I<b$E;Ic5mF~KH$H7T2&95cD49B#Y6IoV{YeOo{not=HXh%nMKC)x{f)E
zd?9_4tcq9}78wfyc`HrBN(kY*_p*&^Nl3n@3->ZL&Lw-9Y`ZveFHZ)$kdm&wOadzq
z9)`>|O#P=Xuhaz<)CF$}SrjQWVvEj0YmhT%MVS<NEm%_}1++?q_+M4CFev>j_oK8K
zsF_G?v_?Ym9bLFZsc|mZqI5e$i2vQSk6fO#_ljPSppGKP7~ZDN*@<mR;y3ErFx=mn
z2RFQk+Z}(@Ox=CWklwl&*}#mUV<S)L$43f{*vRuh0_4nT8JA5RLG5n@%mi7*a{0eZ
zRB0N7Ifsaab0eoVNFXJX-j{7;a-0h`GC9Tt8<`wqa3i~CKfjSl8Hj3YcR@bzZmTIa
z&+klf6xYrqg@$)#Ixovh&TQgjENTMj(Iz5iMJQqx3gq0WlDu@^=~6q(n>x~^kL~vE
z)!3a$jdRJ)q{es!+~=PS_c^g8=}hd<mK<6FVpo#s>0fWVkZ*+*u1^qfAa>=H#2+a%
zVpq;f{E;)qkx0S@izI4!@Q1mymr&qTCt;xKo4C8SDYX-SDM_Sq;jVm!#2+~ZfZh&h
zPKk{<IRiMj3dF{w#NI<{9(yY5M&fYr{4c~;t6aD`=M^uKYT0FAL~T>G`;9cW3k@RF
z?m`QJ1>jUAcK78xAf(8My*)4KN6uV}sNj_^SXM!suDU8%k)#RBLO(Qx`R=`KC;d{A
zhU3D${R~Mza*VNidvf}3a21HXO-{I9_3>dHP1qWkOU-v2=l~l*<i0Ju7yt5g_t(IC
z2|=;XoA%s3`o%Gc(<V>Pwx#p3ZRE^A77_C(mX<h7HPE$AeU=0fkJ7j({M3CJOYLl1
zN@kBP+_%q=Z6n7RyKm`kOGEpX%=77n7_QAr$##ZWHJJONs2Bd&EOr#T9y!zpE7sus
zz!AKPuRAo-5)<K&&IY6xq`Z0kov(HlKpe9w0C4J?POSHe@dlGBMw>b=tggUKHHUyP
zzAoGHT;}o@*Q2|%YkH<IotG&jXD)diVS6;>h={XVu)NMW<GhTL4DjcC;8d_Pg(=x`
z=tAv!hD;$j##rr|oHHaP$7mPH7tyye>Gm&fP;hhz^&%NI)_kR(!z2*9ZEq!DOuz)A
z)sLqtNodBDE=;7*2+f$6btGrbgCwf+qG5SagJzTwD@qZvGT>p>WMv_Wz^xf})-k2a
z_b=0oXUIB|V~o{|$yvw2RUnjt6nkh}=@4O?;w>IOOYAhlu&24g|8M15;uZF>tp&yC
zIBJIPz%H`i9t?_U%&oWGR}WA>@#ec+^*vvLn(Gh2onJo9pI4?H>&kltwE*(z?st4C
zkmE$v6KvYE6jHwod}V}6O;2N{^U|2)%ta%Qnmo=~m<Xv-LF@x}ddR{o$wevz+)vyp
zWv4MyM=}3JD)kI$Omd8|Dm6KcIk*ahO3~R*)!Iy7jSX{pBi{h9fQ0&xxk>3%fn(*B
zhRvty*?ctBpSiCCq+iapHDt&7fRf*%E;!tp3p+c0Dl-&69_-q?BmQ!AGK+pPRj2)E
z9vnCrHQU(L0r23;wgaXEL+5ASzrU3)@@wloh~?Vuir67LA!H5}Nmgg_#TFqG5V+8>
zjWds_gB2XU8Yo@q*5LN@JB93&M>Wzbo-W3#r>-JX&Lst|(1}*$teedfR#iwTIl$)p
zSGHL!msF`Xy$f6?|MU!XIxj;_&dlRX#C0H8SwbVHs3}<4<QYo~5%^J9W??gM<Fqr>
zDcJ$&LNoOY8ESHjSG@YRU&{jt3jDrOMrv|?nv}FD3~@2!;fRkySS>owjaKV+ziWZZ
zw9=zcr@fmDqt`WV#=~eLTr{@`k(MLFJ+pVjd9OBzj{eS<p#DIO-aV2L#72-D>JtoG
z8kZ_vbuCxyIzwPyKfq5Ng@W4dyO&mTxx_!(^FR$J5=AKL>E)9`RUP$_qx5-7I-e98
zq0ckY`R|9tT~(L(yBp~t0(R{NTHMIFm|WsT#q=U=*+Qo|8MGDI-Vj!WdjBXcimIpr
z7DQ3a;;_jWkIR7Zq^$k4X#!phI6pS1Af;&sF0(4n04gBI7-v-`!wCl0V8EDA;u^N@
z$^S0edeE3q!~6<oEL=K}F%h&@6D}zQReyqblr%1$_)~sG=%{EwFEmqC$25HI$_T+w
zXgj3E;b1D%6B?t_F}0#q!oH2#1e8w-gJzte|Jp-360i1{3elVnJHa21r$!f{qi^Hg
zqu6t91YC8%iRmJ2`c0G>G^AGj=hU-f@yM!HSPePfYWJW87Aq7uo=lfhw=013?>Cg`
zngZY;g+`dJ832y=!{WoHYt45L+Z*K<_l8P-GfXk{Q`U-lWuA&Mikg)9ej=}GbrG^6
z%u|-7Ns?w^od%&h`jOelk&Nszb(ysy$GN~-kz<UqR;2WxwHjOlx3zMJgLe*b3H<`7
z)5!167AuC`7qk`V$z?hh=e$iDF<B-}%#)?gU<4xn=$G0RIla+oA7`uVRHx&e|MGQ%
zbP2{mf}7U<QPD*{fyvl#D!~8Z%WvD4=r@s071jqGc~u8FfosD#3om-=w#nxd$RKN?
zp{4}83#Otqr>;rl;<{`TDKu=GvKbJb_rv1j-71BFW{ND3ao7@U)5^av_@3EDt~6n$
z$hWWKs0g43AN1m4aZyUAEtO7HR+V`eCvh5x0W)R8h%%Dl;r8>OX(H(t^abE7uKTr1
z@b&#YVT6WZN`wt^ydYtA-254@fm&dLXFjZvAyk2Om9L>GJM>^NHU|S2N+0<SLn2!g
z;_~cYGgS`)EbZ8$z133EbjX49IMPvIyOtd^_QJtTD_ors)L?t`OZF@EWKY|jctmPw
z?(J8q9p=ewrZEuIV|9&nx6&m-{s*LR;hmGSSgqRc_~W(rKXnx4d@k~_JCgb==0exV
zl&!SZE6oPld4c#eOf|Ex9-p!(Q{Y#m&<Kk%1Ag^>Slne%q~%`#joHavO_`Gl_aoc#
zHS6}`&A)A>aj(R`9ul0NQ<0C3Wr@?!ud6&`qKKubsYK55I80d+iBu$YR@S+jk2ABe
zVHw$)YlNvG+hh%y8gkOR+qZ<N8OELwrpEDtgsE{iKI?+OCZZzM1Qx3nasxc+hA=Dd
zy*#%6L}k)d7uWcyyY5q7ze?WQ4Sy8a8A2JDb}d#+?H1`mR1eZ^QZFg3O1o6H2Gm^5
z2~}y^9kSXgjw~HAhWRXt7E)`cut|_YBeZq~u<ZS?xY63L@+{w%sI2(K-GDN3*UtRt
zcrB?|i71MirD0sNm^XqIL0vErWW27D+|LH0CYg;|%gB~fBeaf^9o?vaP)c%K<rQm!
z2k_qs6`c%Ub1jFtjW~K+km4qQ!cVRty7fXABUoc|7t}Bdkh4QKU$v;h4zv)n#1Wbe
zc9cU0LI74CNBQ#Wr@vBD^-VH6vU?RYh2~DG6<sZs0?i3tMugnI&;?4jjd=Cp-dpk~
z_|3-LGdx@$IUZiL2>`|~js<dR_;d(fHV=YF&RhpslQvPocm!ONIS*M81r19CuOm^4
zDB`(W32g{oMmAv@p@fv|TqUH&?c_JK{GCI7SO*=efx0&k7NEp`h45aV4zT%Lo=}%C
z<n~?lpEF!BPpDO$QXO_%1Ep1l2ruHxW#?35%5le6Lf)4ldD*~%L1Rj_cGUSd1wuy(
z4QR(lhiDa-xd?(xZfd_|ab4Doi^OMHStSjZJHH6rtr0RC1DBDgs}b9qlAXJ~9jLNV
z+j}w=j$RF`by9!U;HJO-_xHqRrv@|EudV<aDgae`^{ykd?((|k*g;8S+pfHFzcV@T
zpHw@h6H!R2WBBX{INBb!A^{GA{w~-*OqViTN$oiQAO{3Zy5+LeFr2Z)0}1B6!uu@#
za$^;kmnN;h;#jVWhgKu+z<cO}x?IRRsa(^p{8(`dep-3@*8a=w$6N0nb=j_4$8NJy
zjio17E>>zLd7-^u>_oTS<O4zRI*hbw%eHFQ8VaGFdH1l`)NIW+a=XG6?gs?XOmjrM
z`&;M-JY^|cae3<`Qe?zAIs;Ppepr0e{Z<9^#cGRz0ImM4hhngf+L0MM%Zw6JQ8a2r
z$}|b$FsfLdBq58#x@0_w6P8p!gy_p(W&;M$hB{_sZ=?|hkdmEi0I6}u8o<erN7rh&
zd~1>!=0U8qw(II=JCgmsx;_)t!$L??a6-YN(s|g)q2r=9-4u;!I@V0pnqD`yFwg`2
zOJ%G6uIjHK^MEs|5f{*yse>pOg18#3(n|Csr7LIwSD~R*8(vw%OCCef!}b*S9Y;Jo
z8Qv%W9RY3+WnrdJ#gIZHY|IRd<@;gri(+WKDS<DK+1rIlYmMPF6D!@SNZW-$HENwW
z5B<EZILq?5VR2fetnh=FRaFrbRU%DM<u16)Y(!{AwvrlQc_`VrmWQN_8EJVYBST%Q
zapk@F6ZzY}wEG?K+<*S)GDhS`^0FZB7WP;N?H>>}-L4q2JZ+U_QpGuoM__zM*t2|n
z@VB0{J*$t`#kfd-aN4%m=}mf9e2Ju!JKZ}<S;WJa>g=2DlLL<`U-ZB62?^73c|R&r
zWQ1Xvfr@-TEbcNa$}$M`C2ZhJxRKs0+lE{AeZ69Q%akXKM#cV^T>iy(d1R~wW{3zQ
zLaj;3{jBo+j0H{MLxo_$IG5%m^@Au*%iNEW&}~F)yk<sX6-O8m5??vfh>)$JMjDaH
z$W7O3^xd;uwu7G9T#vqqC+|BVqjb9leP^k}20GlrXQUq?wQwVL;81LIZz@%>WG+zK
zw!<>l@}p1dod!YaK;9QeAL?Hm&q*>Rk`g0ybRKaLIddJBkslNZD+6HF;CaJ%nuRRP
z%dm`twBVVW*g3N?h8fu#YJ?_`n82BuK#e<A6DFe#U8^Av(2rv0(gGT5C^jbt&glVT
z;taZxx%RrnpBy~5E4)$@w|KaY_qY7JSI0x4Bfiz1IM`q1mLrDn<T1AL?*G%)H5{c~
zQ}B4C&<F*aN2o;3>?chS_)@pR#Fzf6k6o8|z{)g>xx6fkx^z=N=Qb=ZCtD>AD;Oy|
zQ^Ck_M=BU8Kd4~zYM4-=`^rqpziT??bLGHEUA<key|>t3)I|BZoYYZL`AR`;H6HcK
zfJ>lI_RMGozH5%1&zj$Kw}7T+@XH_VfV)V(2YC{a62pp;&jW`IiC=ULt+3Y8;O!M6
zNaH%Bb>VC2H^LgThjqoQxWM)%)QH#SiOHiML4mA-66MX}92wU~$BNZalmumyu@o5H
z<Ftl+b5^suspOFwm1!Bf^Ub*pD9dL6%1GI{3QmnXR>3DzRJm5erPm}-N!|XsP>>xG
z--+sB)h^qwPZkHf=`Ymtt%}2P8ca0*a*MHfN;|2ip)Ygv3k<90Jfzi-_{1pDNx=De
zqD166Wns#t@(GqCelFcwKV?Oo#H@&#SRT55>{o7-XKq8U@)^)8Qg*IVQsa(Q%E|Ox
zuGJWHYe`|K;CTH`-nmS&$GEr0-scOL;icA5$iP9NiPU0jDGD#V<m<jl1&7q2O8GDC
zj=~UxvR=;IMT(42)_DM{A@K{+M(WUP0IvFo2$iio7`O6BEDcbSZ>k5mdKIJyy9&1p
z)s<SQG)aRdk24n4Wy0d70d7a%X9=&PDk|eB<pWN#joHd)V75rvx#~)dJ62sML$*lC
z-#=*oSQGfuI!lcJ+1`WXu4=AnqBIb5JxRu>vMsHO*GJ+NhH1CD1|F5TJEB)#J;3U2
z__Eu59(1IGwfp@;7l!Rd#<UlB@r%{>_8a^G6Inkkmt7_amfRGnfviG;e&&?`tof!J
zzFpZvdoLRMCJhgWsVL}D@a{9F$Y0&5ynEG3jgzj!HO!+ipHih?Ql5f~mX0t!6R}_K
zmFWMCNoVqv{4mKy9r>&gameB*Zdjg`1xxa#fIx08e0S10w?Sq33{V*<JJ(7$`Q7*+
zDF`V)Y$b+3WrS&<$?<e11&f@HN~cuehX!}>uN*+p9;9QILV+@|Rvu_7u$}|UVmmA*
z^*J;bivyF>v+MxAW$W#C@)7>7x?;jJNH5?I!M|fyaaA>Oe-mSv%0BG2XePbeSCCwm
zpS!((eeeChp8Q{vU((Q(wzYVDK;#cm!Z$B<q<SEMD$ehmQ2ObtaQO^Yxc9^2|LsZS
zkeTw0Q<>9ChOPk69?Z#@mpL!gqUVwCSEV#dS(=tC_VbvPL6|bXuJZ=|Rq%nkh7AVH
zXMh1o*|}!PNsKqbEKLRjx>mzwmMF2e8o*}sy@Tdix!-PEB51WE<LFp(v{#_&?RCk>
zm3P#!<E{DhYxQXutE)#bL*WSMbX=YI9_=9(P8k;k%zO9g9#~v=DkJUP?-#ms?RPoP
zPTHP#Qh)C&zU+(iyBP@^bU9d#6d7TI=7Hsg#HZRIj>ZA5nRq5JzIv+53okfiL$WmX
z!zKt=Rmlrg999wIVUw~d1(<x!%OrE7R&pCJm(Re<k+O4bgp(q0gpHVtmm?+df-^D`
zK#igC8?D$vsKKbyfqMYn#E*wX_27Vkzy)RdVEA=R@&Hk{V1iU~?y!2~O1ENte1uwg
zYeG-@6M$qvW)J(mbx;q}!P&65h3nFIt0h{;=(FS1H$)SwTaLm5npUv%>j3JQuqKyN
z50WAytjRoB+>rQx|1F5HFgWo)N4NhRzLo!XW_tPC|K#jH*YdySLF7O2QRIK8Jq%11
zy;TqN&(YmDqenvZ8ZOdOR4h!hfW-xuk5i=u3u3>_MU~f4IFK2!p?diYs2(Xh*XTJ(
z97h<v$xuCdHAWgdO8!@4gcM5|kOOV_YRl2rxY>xhg>Iu>qjHx$VOU2LqHQD)2rb*{
zTW4pafjiB98lDf83hh2(a-izh3)}Vz=+t}Oio(<0V9C+JL!#Y-O=A3h%4}T@x+6tK
zn5}uByCLxz74h9MVqLb(?}lzvgoPk^6RR|cMUk*HOEVUi(Ah8NF)NBBN}{OdX*m$l
zv2l3$3>+RQJJ&*xJ@ZCdh{-rS*J`*710`mPlzLDEIyAb73H0Awfj}wyAPKlIYw1)#
zv<AJ1wWt82=bc>Oy=^5{z?cjb_zEYC@QRb0m(5OSh(u26f{y1s^sbEIF`iwu-+)&n
z2Q)t3>Ej)GeX6t{E1ihSB=-{lL0OBeWXJDE*(cXlBJ9(2z+pa*T5(AHA9+cm7A0u1
zC=0TJ<sxfXECSAW<X222JeA%{<QJj4vq5fSA@dnnNK$sLHKN8HYmFvjAziC+<-M0@
z$1A=BuC0yBHj$XXcDp-cCPvwY7htMho>Nd=%k1$k2mS6dw1?a%Y9A<AK2cpy+ZA{t
z&%BZWl*lVqy;PYZYQ*JIN0Tc!fv>$!D`0`#F21hdDz>UrANZ{*U{Iun$VXI~sn%BB
z%4D~6apoV2<Ny`qpn6nY7EKW=6i4aGP5Axc@GtJo#}41{{%^mLSuNM5Bkb069A`d{
zS8+)E|E?-2a-DdVmr)%BEDAE8#c>m|GO06`CIJtNCa$W+O+8fDsMBHw>Xek7Y0AiP
zN18HHe$bS;R%5g&BM13l5x>iOk=z;>hn99iYQ17Dt4%`sy{($(mCw0M=ar8X8CJex
z9yWAH{37K8rDAGv<geMPT``nr@{^79Kd0y$xikS!;vkCymgG^y;--ul7g5E+y2;`w
zNRujZUt|g!1X|1hfs(Rw_05H19HVcOL7=YHaA_FbRkhL73>vhpZW*WkzTBuAxip(S
zdi)B$AtmG<0gco;s2M%6kO<MpSMoD*IUnI#@Z&+~)UcTfgApCU;o<E^AcPGdF!ryZ
z9GN&-o!<$e+|!Yz#XMx`koaZ5Z-d)m+L2<9P`|zs2jAd@%1u346=ziyHxX+BKVfka
zLQm{Ou%e9otc>y`9RQOSHkh=S0VXA7=PI|e*Xs!7o(v`>B}b#v$PsiA#}B^RVSg6j
zDFTf>RBP<JVo{LW=n->&ux|?*gJv2bK(WUu;lR}a<G}W%O`)LLLv`ty6S@VjU28(r
z-#=`xPE5q{uaHOKWp{b#AC<Bhmjhf$kr6gyUTa!%=3Kh8X;DSY&xBM-Q3b4Q8VDhZ
zFe{~V+lYbl)&`6gGXSHc>|B*}wx}JUl9K_Wq@>nF(9AEdZeMF6CX$_#9Otg}R&wV&
zF8=JeIOJWk&rBl2^8qEtu@YQ+e-mQu9qXcp8q?KgDE+at6VjGy*u}<cf2>ZGi_n?N
zahasZ2%VY1$@hL({2zbLQcF{n!cWRlu+T4Rd1)<t>A%Mr%d$KU<2ne^%uO0t*!a$3
z2ELP&ovYL{@tvgnuu@OMcamcNvm-#$j_rAecH5yc&$_%wwX<I#SGI{otvBtTi%0k?
z;;NB=7s&nB<cT(g6_6Afp`Y_0ltbdfbQxQ|zUjh7H{E)%ZoOESNFg+kdif>{{lNEq
zR{OC$R(+l_o)w(cSyfklP{wthx;4;-G8QwSjHK*b4V(#OB;|)Skdo{?U0Mq%(XPh9
z@YkO@izd8l+UczJk0rnh0XGc<8g&aS)G9%>U)P8uGQTn{1&_D`7L9#*M#g)E9{SOm
zBNi#Njvi+Gv%J_nY=lrTd9gzN+@nX6{`?X)Jq{<ZZwCysZn2LD@P<7+ZGpuXc@`Ck
zpn{3ZB{7v`x_cz@gRI*hLU&@@?3DwK#n-&97n;sn8!)M5E9fAC<lR!uR+UiwhfK33
z>a7;oD_LC)dj7~tuH08?FLuE72r&a7LZecE&fQBGy6HI0VjfO&Nc<n~h)_#Yq**Mo
z3OtV@WpR)PEH6Tz`9%}QVUfhq04$-f(VE2!v?eJ#*9^`?Ym)NAW{{H9w~GNw=p;Ej
z<ZPfF2~RmBC(*Z_!{JJ?|A85r6ahF40KBv+%I#|n`Gl1EUk<D!MMkLqyq?bF%v{L(
zdI^+688D)RdBgHjIvH`5l$nU)Eaz_Wt-^){7BgUhr0iVnnh6Ue<%hM)$>68Rw@BTh
zWPj6%W^%h?(izLA-rZe$KPw%pTSV=xLD3ZN)*0T>4)Lc6PKbSfIWmtF8L{u@H3=qX
zPU^7XNm{Wa<#4^tW0vQQU|E<&aTVujIkfL>uv;+$>_*DY-S;!WZlwJ1zNg##jyY8*
zX|wY+6ryRD%k~GB@|cJd0PuCgsFP@v!J%B8W{ot(EsTWxTa>}S9P&kqjM(_|AYVh`
z|3JtWxhQ4DqcZRX^P5Iqc)6$;uL9}wRdHDdJg9=GaqFZF`6^~WzDU`*Iyn>aMamEB
zBqcdMwL^_CgxyrIOk}(U1S&4qE1>DIy|4G@tNs7lp-bVTj|!%_klOowQ3GPDFaP^R
z-Wk!?Gc1w@4JuDWDboPe5VW~K%ofF6uvHUqWDo*FBX7`@HJCz)M+%Lw2lJp*L*oBP
zdq6FUsN=LOqKp+mBv|YRIV-9(WO-CXy!4|?B$3M=B))~4f*+>Z16p>TJ)p-OXAfxk
zA$veej<3_B$57qcRByyS&2t9SfoewF|628zlk_UacT_^jy2*8hWDBfd@D)7p@Aj{C
zjmjYk^Q>yq@8wW!T4+$UQFOYGOV8Y-Nh-29VSd$=EKZ~n<-VUYKatlw9tKqr4d_o`
z>(6u?6fHYff9Bz!X!&9NnS_I)#g3XJ>du6!Wpdr^TGKR9(PC)&iyL#QzWH*m1XpmR
zwJR5{!Jv{&&jtDEFQWE-;X7~y#Adx&Y|W|s;>#~@-V=ag`i-2*G8y=UqSMd8LGgdw
zIY=)`)}(nX%8C_9%~>2Kf|XHNFp=e9U5eUIe5YTW_@S-G(;-i^>|8x2pGlc*LVKqI
zod)L{Jo(6(_bUumT8$A+mo@oMQ%R{B3fJEK{hiMBoaeTcN8oQuXqGOQ@tZl7uf5xy
zC%32W5BKRFYrd?busx-&wb|88Ynf6&;rdBub?i9@&FAjl-%=`nF=~kx8KLmAX!!=k
zXVhkDpW;F-r&hwxiXv#Tnx#pRv$!sNR>V;t&u!`RrhZaK+*u`%_>ryU(@|8k>|8A;
zpUJ7^Q?XNn^9^b_B@cKDt#2mYgeP*>ha5Y_X+7LMtp#GLx_)#}>;p+q-5>#qv!7s)
zYfox}{yY2)nh}3*mwRaTh;YRcdnCcY=Fh152R`lg3V_al?NE6T%or<=`S5dw#7osN
zfDiBoa4vhdRV9|X!>Y1P@Hb;kw#Ep-8X!BM;qS9sKVf`s0hBk2&>nv&A04frS%<|I
zGdc2U<TLgpp;+^EAfU3;m|&zV(#4oCT4aPpnuQ4)6u%U6@*qzW_We=yz}Y{t?Y3s$
zgUgH(wHR4c)m&5+%jzs<abD+)`?1gRJPuMJeUc(~cBDxB*fvVjQDC&}T%$xjlhY_o
z#eNOWH)xawN&f81!l~nb68#4IWSb|Gw>==#?{?d@ci&pq=`MiQ!Bcwf2{3U0Ewwl(
z3^MJg38nH*Hs`J>w#kx4;7KD>DLZg6eIG3{!Vb*Bo(+osx3ha&j1s40eS<_2^vWec
z;m3KJF`oH?#SQma88;1!L>d-h9;datjZNYww$YdlT%%>@8jXRrxP;M|3RfGPZ_sGa
z4TKHOTlZqqafoB}et~3n7Cp?>nfr?Q-MylsfJ@6u)LF0sr8u+^a7*es!`-*wL14sg
zyLglzQdVaxcKfwO_^ZpiRD)_$?S0jI9+0^PMhkqCqjvyzqs5m+dK|+{OxTf&p<T4d
z2s<(Z+V#;fbHJ;xmI}wJqRfEjE@dSTau!Bqzy;6pv>1s0rM4bUM^4eQuYoJz(|RYr
z^uMExC-jYy{}=wa{_CpTo@=juH!v@uYR-nQgxp()+^r(5RL~{e;OTzHH#;Vk7jsi8
z93aoSEmbH)kM4}JO@<qx=$tJ{&0K^@9W;5x{Gf?g%;h0b#JRjs^Rn@I(C|8SvXCWy
zW^c*qa3flF?3SeDhqk0^USdm9BB!|;$Nr=Sd8f=PP+Wi;X!j;Imp(m5Pu>N$-Okz@
z4vPExyFSgrR|g$i<c+f0VKegW4%qLu)uP?^%wb!3%T=@(T^e@{Aue<v&5amp^)LW#
zPY6YU=I3AT?vBo{9}9WPaD_<5p5^av4Sd8(B14i_lShNoYXWxowo8N}zq|Pa_(K3c
zulGCj6yzUF<K?T4XL^OLNW0LVSbbk?+Li7@rG}En(LxnR*^5M}J@utgy`*S~5jsB$
zYDLeS1$E{7Rn6k4fcE5&!7bu~h0vQ^q?I2HrJ-_L=chxhXxXtkPstDIylY-U=P8kk
zbe<aIR$kcDeq^AL2i<rNuUsz_W@5itw_EYjLRYBDSsaDgG35Kd{nlR{kMse9WJj&P
zmG*UNzu1AJCT}zH#;9wBdlRsQtLN_@R7kDYx;IQI)m3-p#EJUw+KVni_lqe&xLe4p
zj$Fp4mtaEV8-bV!jT`e}8mmi_fmKmhSP?vuhxDaANNI@?+B&NTDLr$MXIT>^5et(d
zV6n(cmPdKOguK&5ji>`Z7&xH|TU)1tuxQzL*ey=q*dScFJ$FNWJz@kxUCD<Q)qX=?
z(kL;FtWssVsIvF_659E!sgT@T=V(&BAX$S0dXH@_mZ)*cjkJ*Updr>g&>cku1r72Z
z*3bOzJldCj4987qGRO%<=R{PV1LUOWgZp@jSs?cK^>HUHjoJd|+ojO&-qbv(OX>60
zRgti`j&sJLsHKpHBlnxMN>X=rC$O<h!3-=DDLY!N21hurR`f$V)ru7B(ZuI9$RVgS
z=(FN*<Cv~p^RMc}167j$U!D>eB}HG+tPHlBM|knF-PZ@DCi0+yKiIwKU%bN%3o=G=
ze*e<AkXl;zv2V|lMbVG%y7G}i!@3vDqKg_7pOj}c3*Wam>tmKG2YXV0w%<K4j++-*
zwm0qayrz;X70Yukh_i%=s1Sgf@?pG+)kRiBX<AmbyD}gNY}8aR12sj;j@Q(o5eQ8s
zAKI;{l-QuAl8<Suu)OPiGAed2b?J~AMs?zVwm>VseA+Flt@j#KO!W%Fe|n##GY3xU
zmDk07%O}m|s6O}aav$wBAZ!|vypCV1TcEmC-rnik@%`<G_k<5fzKT<8r^BIw8E~kN
zj+wK>=Vic4=0`yPP$V@gVtHOwc@Y*>8TeT}a9-J%qhJQ+h?E_#1w$hcT0lOuTMH<$
zK`kI3^PCoR?XnnLrfTnpC<&!_yJ$CyZcjrSte<~-2b+I*GgD9G+|1LVKEXVw&ye^t
z9YMJ~g2bkhM?8a~^RG~yVA^tG>Vehfa(M^}Bvg=EuP98oNWw&Z!BGq@W6F3ULKX%Q
zuS8asK{#*_*?^#61|W!(9j}5zBM>S`KD1i}2S}4>6(k??AEtuT6FF6Iavw?*{Xd{X
z>4iGfzycEbL%nPv$|SCN&9Xd&NJdbxB8xa{qO$b;sHqA!Q(zL<*p*-gc7>E3uRlX0
z5c)$tv|E2Du|fSAU?}R_x!HPjqziT{Nca?Tdqd;36#`jxrhrhF3G_p>(1;Uj9t31a
z{QuGui)Jh;(kvAX^QCS<*=Egn83yv$N)kV={3;Kfjn$IC27UxHfFGpnc#RtxfzUYe
zq1_rsi5-+o|Lu1|?VKGJr3xADOwcs!J|<6~Qm*<Ix~<|OT-mDm@wIp3{Y`92A@|$O
z{pXKwe*WaW*y1NpeytiF$}{ihdpYhqZzaCAyM;z+382wgY#(2G^<IFIFLql`==|bg
zdI6g-+uS|oiSgR?AJ>Urc-3+NPo=~8&|J-K5Q%9$xD~?s0t@$7=qIarKU62U#TGM<
znl!{D08vQJG-OezwRKvQiC~cTO7#DLNhr>mgmcC~wfJRlPiAKmV;>#w8%9AMa2~TD
zgD%l&5wijs%5#y`Sseo%cjmSTHUuS@0YM>U$6JJ<5eSPwKD65+jH2ctEdnL||67Fl
z7GVk&hZGv&W6Z<ikTa)MURGrjGo<;9Q@?<IUp|XOk!hAsC%<44*jSuk1{Q~u9j}{1
zBM`btKD1jmDX~HSn0(9wzqoUTKi%%-rZ>9UyT!m!0PH6RU5O!&z2ENI$HPk~d=^*k
zXpB#H(525D2-IGu9@x3pr(;lpc^DLOW?-vL>a=0JNTp|5q+IUxJYhlJ#5q#_<W4r*
zB(O0k!3+!vDLa0z4~;<Vb@HLzdwrP9huG`nW1hPM0y=}(g48(9EjS%m5zGTtkTdfv
z&Z;Q!SzgB#5Gq%!h<L-IBC5-ZXIT{wY(X1X5zGKqkh0^q;51+b{m||$H~_4mw;(0h
z)yi~<9f(bsx0k-mcl@g{yao~Y&~A6C;m?<M_ivPI@@Tfh<`E6<l{Bfsd#8PBlR>`M
zAoPQ55@mBIFw4+FBR2dD(8Wi`%vDx$k(3Rqc~h`BO9NI^Ny?fc%!?o|e0eW$ZuroK
zJcKhK52Wnq4L>--`3+A$v~$CgVnZ9A6oj36=oMfQYUdZ|o*0X-54)~MhvNS}2a$kk
z&+QJXMz;@O#EFeeK8<T5lS0EAIh@C%Le4B=A)SOUWtB)`X}Qakm1SD8vf)8e)_Ic+
z@DPPIA|RZB2q0z0Z{%r+0Q#Zb8+j@sfPPG*yZ&h-tZ?zGUqAPiN?@`9AYd+WdaIlE
zk?{F$vB0~Ae`*MiG14#I-QK^nE|lFp7$*e(9O9#5WuXfOhE$M(?y%`y^4$ZVXjQF~
zcEr739~Q_%rVbG3k_puP_~5tqQg8>DSB?arPiGD-m`UT8<i`#l2UbC9?zSh;hNEw*
z3IH@?;vPZ(*hd_PI+=h{_9?&zQfP#-&jUV?Gbcq620mc)iri;$Q$hGzYJ3vLJmE>|
zSD8D89ooQ$a0c*!lpU|^(|`~3L%WrID)51R%yTydsqMrLoPt&$g+}baS?!eQnR(_H
zRhq`oE>y5M5HTx66tgs|3qMGCo;Cx1lb!buXXO1!+3`DYTHc?2X!j1Bn)jz4^UQH`
zzsDDT%OOT?2OiZ&z?Sy5RTux&%B-Rdg?_&BgV)|4it^&n+FyY^24{@dwYL&KJn;x*
zdP33Lo}0fT_EB>|qlM*@X+ojeEA4eyx81LhT&%x>VAV^z0uigYL&=^<eK6SuFG>?Q
zX;pXRQ$SuvadM{iA0`DV-ygs>!b)C!Gx1mP$QR451M}Ipr4FAdC<#(%gzC>=0Qu;c
z*$<i^D6@t|c@1pr30#@7l*P5Ef`XTIB-}BA(1t98Gaw73?1#R}0J+5#s%4;_;kD~w
z24wFXvY!-l^LfEH?iJAWi=SJ$ZJ$P!WRRl?4Ja3X%Jl>raI#2im}Oz>uzR*&T;G6e
zPfv$3g!7;bL*kd^EjtQAww2~guy*s6uXJtRP0adI7lx%Q%r0~}_%NY>)G`6>d+vw8
zx&_rwL7c(aTQHGC@=&fS0D-#|&_*zXGY|}<>|_NbA7+FCQnG^z=vaYqI!D4VOxD`l
zLDT|HJh>RqkNe;xLO$n?2NN$^)}(k7``#|<uC<W70Lew&8RAW=rV7%9OR3>!osVA}
zPfAxxks>3sbyho|LGfV@Dy(5)yjBfTS+kMr3xqK@(s!tzZk8NLh8R%x-YAqklMVsD
z>B_03mL8}r!7@Xxk*URC099vk8F0pZsj796)Ja@rfK+#@stqj&XFv-`*~zL(KFkPJ
zrDO+H)k%CYMpcOcygwh8f7z~iCI0n)tmW4anfU+l|GkHLUnsJ*M+V;)4ZgQuEmWO7
z{D^E-`%Pb~XgS@gO%OJ3um^%BC|3EsC#1i9FUKp}Kd-v7<SXRq^ay>vxW5lAGD4qc
zB>CSDi%)Ftb)cV@@m!K?VX8+M;M-X&l8_Z8j}YLVCn5xRyIXH<*g-f0c0kHb)?4yn
zM(8aiJE*r#c95~UOCuVPTj{^{?T!Ou<OWeYDgenh2%S09JL`t)y%5(@?RHXhX^}tu
z{y}Q5ROPN4>A?su32nT%>kut6LK|nm5Z(`q51+0IoZFWk<A&Va^zMlM#DU+dL&yx9
zF;Z$tEsCiqVNF&Q(*13G>G=lG&O72fN{Vm@yBpdFiEsu&f|Q-CmgK{XP)ka7P%RxR
zFis_@0ieC*zoR|^&JLk$U*6pRia%lC#e{LN!)NP#Ux*);GplrYi^*-xmeZvkULS_C
zfQ+N@RssSreDg#FUoNJ-ASFg<<~(!;IddiAhL>T(;wX}*Qk@ixC%j-$9r#fw{795;
z&ce_}XM{7*8Kmsw?N2_;i0x0w4sQR!enVqafP|Semfr_=xHFAHu1*+<fB*2)R&}}V
zdrPAJbVpMQ3^wplb>2NlH7Oy{C$E(9Tod&*JT-K><z06pol@)hi*1v91&5s>r|DbK
zzW)51$_SqJ-`06biV%ui5yvq&9T^hNLxzwuS7pQNAS+oD#y*R~vSB=^bJoO7TnUk;
zLFEo}Mm91ent==<Wv40|{V>DIM#>H;n`;F|DH=I|cK^(-wD^7@%PjZ~nmA*mzgHsd
z)?rQ=(%UOr-8AJV-p6h~zV)uK_oOFw6|v*VN27N<DKfm{qj@A4L*g^SDvt|{c4@y4
zIyA^DEEH@&HHT?z#`N-DbW<ajOQa(7(;#C}nx`!0P0Wg{2w0OBQNn93k4krhC9-iZ
z<f4pGQ}X+ms;1<_j8Icbc2G^7J%fJT@TOT*>Wwx>YU^ToBZuumET*fgW`El8uju_D
z^&3=Ad~G*6Tz)_arD&q?BKH^X)nd8)wY~E0pda53SNw$>qa)M!ZME3Fgf4=8%;m-B
zj`|Ha>yWYTPCnDJUBlnyr+<asBrl*I8vb?V-CBe?@SB&1zxwoJ1)q|`{->yRAEjy#
zw?%rtIC3YX&<L|JuPM=x_<uid6*+Y*f+!E<JrF9nSR8Q9iXe+wm=<x=G&vM<xov<A
zhlysuVMtla2Egw9(8`_I0{cCo`eYBI*LUaWv+o=tgT&qRL#wCMzVItvecPWSk9_MG
z;uo=8o4PASw|K~}*j17Ahy*o{ImM|H_wx2Wq{s->naBAtBtDTuU!StLT<5s+k9nsq
z433iP6+-j{VlOGiUSbh3h`ulkzv%PWt!_5<Cz^r%A!RRBH?o-!t!|S${?HHIshgor
z)sP^49VJxH4GYqK?YYif9RsRjO8z80wWXX?{`T%w*s1813eog{A?vKeP|S9R;I|cD
zZy#C!Ww%T3#qHm3EBMt*xcTn*H(_Tykz85JZM7V*8*3TWvZre^sGh5Pp3?|WCkL)U
z2N9K*TIuLKV67#`endxX%7kH=g3=*{Mwpg)C>?U<$Pang$V+Pk%{615$m?sACafx;
zOLbcDFm%U?A{(U>%|PjpvX?69@Hm93PDSR>Gg=2Dp_Mc{iHi3u9tGx|y+^*Q9>li8
zYoBZO-Zj1J3w@~VdwFviQe?#DodL)B=$JVU>nIDQFUKREu{fz4RyIw_f*^}T)`W2(
z-08Q-Mz};X5H6(brJHwn9AfiM?#Dt(+Qs?$xrt3oc4TRxi#p!Cbgv^^2kT_$Vla09
zbluNY)uf3(Ie0QxUX6p9PUv@EUfrp7vf7THwm)yr4SCX9-JDwZv6G(dR!a+voBp`~
z1nlxj^<eMc>EtOC*EqX>cV~v8n$FT+x$7jEj<$*Bp>2l5|A9?s$wjH6D&uA4vn+s$
z={QeWUPSU=z6kQ5PLm{Z=K~`fUK7oL*O0Q8+KJ(D2s?3k7a4l4gL|JNs6)@G9W>Lq
zxfb7Vc94NERjMkbzG~aQ3(XD=9XO!360B0Ix*T*tq5aC)c!qoqGPy@ej8L<AOc&(L
zJT8K|sbW?Dv3(o{k-Sg^855%Mi@0ctICZnoL^k9kngKZ>WiQ>!!{ZQpc`D3=6dZr#
zk>nTZHf1Q@Fq5X3EZ|5gpVVohBN+=-k`48zhqNzhKfebs=tC<{sOyv8D9(&+*M8Y_
z1~ZjyTT}I_1a&`*t^lq(ry$|j*VSQ;9g`jAk$<w0XV>1lowwfabdjB+q&7#lygk*}
z8@7|ZlFn+y^#S{Yr|m|3Z{d=sDh8pjV)cYhu1X>9>&5Q$Repj(L2Rx@==Bt04^n7^
zYR@C~AZIQ!KS_f$XK7GCk$Ds{o&+(g>aq;$q$;Y!T`U#Zu$5>AY=xA)RJDi4Ayj)R
zRD~4ma`kS#ro?~iROz>M4T_?38=x>1ET(cIr6TW93HlV`9zU<bDDo^r1~P~`0N;X6
zbzui3bY_hK*vc`biv)IJBfjpTiQpP8fKY2iD8UqJ5mIP`63hUvydM_7$c_9a#F{~f
z>LirO)aut4I+E0~#C3q|JFE^HE-#$Yn=DdZvpA3ayb&3&@3=M8M%F|#kTs<2r5ZXs
z4xyn_(KPgo!_g9YPVER<&@im8<y&Z#**(!AHS2pgu`0e6c8$}E_xuBYsml6HC<T7i
zx45v-W>Wb#V%fsU38(k^=?eN`0A5Gs9-EEWKG?J?l=4z9Mti2ykucG`#xz6XlSmy6
zM)a}W39BONLbavVB-8Y8Qe(@K#Uk|?uXE0PiyqFYwy}-TiDzJRNZAY3mLA6?c;^rt
zQrn>!4HE9(-=EiAQocV~^+-KcQBQl(%G;m%<7pf3t|QtNHr-|iK(zbc?%#AFA*Gh`
z5sf;&gdh=4Ze<G~qtJ6?3_V)cNAh0(%6JBZs?+P}IHyUWVQr7+p@4?OXXPXxyUqIF
zke4LaEYMwXSOV3Mv5?p3yr?QxSzU45*1(1W#WSElr0k{Efc|m^tie?H4=H%;X6xi6
zVH2oPzU(3HBc0?of9}L;Yg$=hw<=iD>+^rxL#HY@wD}f_^hDiVkGqR6xaOYTSf1Wk
z-izNqytIgH<k<brG=8~7>k27Gptcd(^H<nh!xXSwdUg-VN1^)g$Xjw}y6gye1$`i~
z7Z*JEekCo?@~JmGCof5v6>2Hzgbpb(!l=x{2n~r(tngA+L#!TP;cMHv2(yYzt|Hi)
z3rz|2prLLp#7d~vjO!v{WfE5`vsw$eO^J;tif15-NZCtG$pFZQHYJqcpeY##E3ya<
z2xCHwbG~G=_d3*=>Uys9-vqXl=F2l{fttJ#05m|hlLJW|r_z>3`yD_lr<oM&5`OkW
ze$v~D9gMS8pTb111$9`fVR`)kxur^7Y8t+kO1Ws4+5`zeN@162!X8W^5F&*}ScG}d
zry+5dMZn)_$ROWHiw;Y}<XjuMW}AHlxNg?p0SVL~`R<ACUBnWs?2PM}6?r09X!R~~
z>$nYLif6!>NZCtud;nQQ>o_GisN=&}CeZPZVh29p9|(0IB6Q?XpwX|@9UZ-J?Xh<R
zL3(gck8a;7OmAd!RvUk!!xE|J^ikegUMQ};PXIk$s*dpTGxcJ-Uh*ezr6=o0=Ah=-
zJ-rV?9NaCagMA9nh!h&3$TNUO?}x>WB1;{8fRh($<DZU?_~b?>1o2v6b6_xOLZz9#
z(Q6JLk;~5Xvcr$7#Tx&kz5u4b0A_yyHzjB5n;?&(69$yd8c++E=q?Z}2IO!YrUfga
zreV3&1;T9&Y`j!F1209&UTO^n&`Y#6n2MJo1;@qcN%7Ch?UoMye@X8iPGRMr8+ArV
zu||b-wcWySSsor3SZoT4@}%5)`|}X3N59~yzx|uB)mTu{;&ml0lx9yMMIwbpX!bl5
z7CCbUB{fh`lR`mF+~iUv5?(W`snM8ww@TP3tat_ri<G@oCCG7xRDu%x+}{WZofw#M
ze4!~h5~8W(jn`C4AJlek@WyS9E5u-QyZNND6Htf^?3TYH$&ghNhuN?ecwm?94`Y0_
z45*>?QF#+rO{R4Kj!=@znTSY{5h^kd8#N?u4!^I`YV1oq>+s!g<U+v7hCi@-{8qMj
zu>H1!RbR+!?rtN*4K$Ovx&01hhU~pQ*?tvg)#0OKAyVB!f;GHISzO8g;dP#~#A+eo
z)>s=470<v!k+PR+>;OiI)>uk#5H~qArG?K|7ufrAB?50<kFZx~)fcf{K$jq?Nnh{|
zYTX;Vg7Cu-m0_V=?SLqH@UVOFS{`S6NMhY}aDMGC%aya=L|(4sLsYHQqo<epcC6`7
z&OAmfn#D>HW-4y!+nOtGmA9rCw9lqd7GO$?B2s9C4VcGXG$ejO{hNws{SeC~>+ZFp
zw(4jJwWr=a4t!o$()q2+|IOapHn*)S>7svyHB&V!sWKA2zs#<=r@U+@E47oXOp>)y
zXKvk^0!h&3jx1?J$&UB0Kj;QPLb4i^$ela$;Z)769ouREq|l8<_tQ_uQtiXIVLYv3
z<|m@6MV3@aDBNmqL&xG7&@oc>T(u|18B_ad&639ElL~@qBe8H~vB^OOis<bfu-2M_
zIMA290=R*@)=bwYr1~(iPGGm)@TX&0Gy}B6%PR(z<mcCS!2MYv*RNU%1h+P;-R<3K
zr_4=hYGoIz+qQakKbDs<K{DLZZ_%aE)A3sIJO-pO@w1}U@|wD2{byLGzdtrOMiau*
z)T_xg1t^1*m%OnCvGmME#0rZ7)UEI~pe&vNC?jRhRd{loF@>KBC>xt`6#YyNpdlpu
z7U7_Pjx43ytn1us&{otfWWc`d2?6Ael2=-bJ<!l{Ye4C+k#xHI9xCJ8d+;0hatqYh
zI$-UAPoTYeeJgI4()s~6h6_ebzY&-EPDh%>^N?m^;%BL^+^vhJzYB)%hbeAxR_^Ls
zu{Bw1_|s$v3;CLotOy}B%_<&3sZ+xl4|vHMQPfFN`*9Vy>-1t9c^1z=o{_TWsxmc>
z`>uRFS@Omqd1B;=5{I)Ec<(pt&ksY)cgP_(Ly#Fve%B%z+YW3}x^^}&jFdP*(dJPk
zku&>onTtduEQqR-#bp>W-lQQ*crL1@YWyg2A47=^ze;AnuSnT5_bxfk=-wqINAH{T
z+V}IM)HRcoA5x)vw>x|PVila+;M`#S1z*SupT1?*ZO5@#Zev6Zgx^G7kEKqIZ+QAC
z9fu1kG`{DPdGM$)@fl#qPTjfBJ3q)b;b&3<>m*`P4I!VX&RL!b&eA9-v#jQcy!E?v
z&;~svGeA$I?72EfjWe!;(<E<PYd;qAA@q>!Ble?O>}ss+QEFw#Pnvci_AYAThrFe3
zvARI|a<>~Ue~%C%>EN{w?PiC})ACU9-YsEFeQ&%6TKPpSeN2w-r43V(<H+Iefi(eh
zCVfDsU&VvmdaI2J;{uLC#g3s0R!F<B=<96-JO(0`U=JJ=@oJKWelK_G<G8}tEBxc@
ze_3q*(zW%!+;0E!THb|V0mq+?upm?Tl1QNwEXcg(UF6KXEK}Y<XVpBcSX?y$%cG`b
zQCKv*sRJPrcT4NU#ug<rutlWoxf)B2Gp@1IByU`6AFVbZMSG<1kcIY|oz&W1SD+3E
zLnumJfTMkn&q%6q0|%xe!b2F(o|;(Q>gCt7T*+fO@IyaLeUEw9(o?`wRvy1vpN9D;
zrJ$aL^dm`$6EtF8Gcj`J$`3Q(>tjvq$H3oJuri8j78P|GCOn9X)Lng(*hrjY1`>yq
zJy#>BamF=bn&gdZ?Pr`})EEbpJ9>Lwnr>cZ=)HoQ%P${ZD)^mLA;aP`L@`u~W2ak7
zj-(6ehjSVK>1df`9$IEh{G4P#eJ_6mH~bL#*2jwEACzx-rcX(|o~Gta88iutgb>oF
zOk&3Ks$jJ!^B~MbS&ifq5*rJX%)r8svghjK2(-kZkJBV?Tx&nAu!fX>qc2~59^bGm
z7zQuiA7CnDh=nmK`HbPnJ0RslZm^c$E+MIZ++(!#`<pJ|z(i#S%YTvz{_XQijh<ED
zTDV3&@Wl>2SgYT-f(WR|V4-FTQ(|sTJH>3|eX|_Nfh``94Dyk`eb#e&^$stw9fnqc
zqowPxbO-Uh3azjf{5#g6s{^~;URXKSasy9<S6i@M@BxJSLM*Ur$s>0PyoVGz!4%Ew
zc{V2QGDUym>~CvL`g@qJ)LuPnIqzOu`-cf&h{dcnVRooj5k*x}>t5^;iyOaYWu5pe
z^#i}DD^Z1GX2-@GB{T3wr0lt7XBv6awL@|&twAsS#Ap&F|3535bUu2B6gfcy=b?wj
z#Lvq!s?;&V?oi^s?eO^D^9$gLZ(>c*zSO+$Gra@qebsr<)J0yiFcQ*RFJqtaA{6re
zT9-wXN;iLmSun9dM#&725h-gR;a^wl)naw4S^ygi`NMIgyK;;NoSC)0oe}y<K86!_
z;Cgzbm45r}patl+%QuALQbU2efXvFGe+E#=-@bnR^cq{@c8cQDCiZ;Gx8jjMc@LqA
zOIesCxd0o#0DtZqhXTjGSi<Q~^@bo<={!8AgMN~Epr0}E^QvT_`bcw)GlKytZ5TXj
z+Kqhgiv@uIB3}fQut0Az2F=M7c@&heFzlA3>3ZEdX(ND=83-U!cB)QN<6VFJLa5?Y
z_9#*il8ACT*S*<68wF?IL1F4I9gGJ|G3F0TU@2@n2nk8ol`jD(pxxU(mIUW3+5*MJ
z4bTDk3Sl64mG(%TA+>-y*(XCHiiymITda)meJ%`HhC&q#oK~RBtK~w9%b%4C%^&fX
zjm8x8!=YiQ6>C0-DtMp=rw%&buj~RI`FQejBA*bZXn_M<GoL=lA6F0r))Dc?JNTu3
zEMO&;PpY2|-_T*KP2(ckt$e-x5vKqb8-Y#<zANc@b&4QM9-t2jl_daE^|Tg9@dNCS
zZ3PrQB*dTmzMW=lI?^ebhjbbfpOMX4_Gr@AF*ARHZwbQ_3ZO<9GwO9Tyr?6;tXNRy
z(wK?3WMxw~EG_*YE26wC#7KbLMmHrh&`qT5RAWYsM;o)L@Fv$(`VR1?d<w#xx!AG>
za#T<!RRSQDsa9>pcWrm4suAqYrY}0v*0dgaYXD$LtgZGN=u7lJzf{Q~9BTzc-l{ZT
z{HTP28n;$KpA}X#8LoEYtsa;7lz;J{<QC>@9{^D`Ec_mb_t5H=Vzh}I`C6P>KOG>I
z%mYY`iU0R#J@q<xm?wFY<t*@%Qr`ZPkd+xPSW@~;97jbKN2OcqZ6H)K0|-URPStv{
zAKFv7X^(yP*AAg^JP9RvdG&c*^J!dC#Z~3}?P65|g}xlaTMMz#0X;+>R@Tc<*x`-P
zWqCpxjg9JjzFBdkJm0I5ALNWbpxbj>RYr%Z&SA@T1KpnKA#_XF#ortc=+xoq*sEk7
zDc6|zL`IDVslZHsd1r<Ns8?b7uQKQW!eT!SSP=o|C2wLVAcO>;Q-4z%43^FSgORcm
z^_LvarN5-mXx_l}=oj9{KQE7KE-ChIYc3YLrG|2ebzcy;AILF#r8|tnA+eVHov9!C
zmwygY|1T;!cU;5h*G0zW=x=OPztVX)uQ73>U-Ayq@inRyWbM1xVHO2J;2&2K@_C@R
z9J*35XiLRn4p;Q7ju}*!8!|h$lGtdibOu_Bl%1+1Bu|k`Nv6_Nxt{#O!-MY6Z<ikl
zO`(LryZuw&H>I@22WcNV@*cSqj~DWI+T5ykIr>D@P7z*Qr3~b(mO}IgrZmR@5I#5~
z)d{wDa48D(A-?M&5ha3&y>H67g@&;D9910;9<hl6PNzB>?6AC`lV|j9ZKeiL*Jicb
z8sxI3khbapVP?}np;-YFHBj4b<*)gs?vLO;@o2pk!eu7kwd=U0_vW}cm`7kWCO+O9
z({S58@}>Q6#!LC)32Q;kCM`o*Wp&7^C<a#AP_VoSYI&rJsLBOzs%qp&wUJ`!45Sz-
zJJni{?b}?|Vk#4r>&fv%b$P_3a1V(Yx;z_p7!$O@gA`8s&U+!J>0b87tWk9gu(eIk
zD-WMSr+L>wCujWenal>4i=P9n?;GDjA9TeB-w%VtSU~Xp4T5P>wSVc=7X5ZT?O+2u
zAaGg2ciC!s92o1uSOW}ZA~bztcxFx0Z8EWK+qP}nwry)-+qP{R6FU=3Y@6qPzV|x6
zcVCUw-L<O=s|+90XOq*vu!%rG%E3D_7Ci(}nl+efZjQpq!<lhZH0w^~xb4}G8+BtN
z^Djz4WVGg7o7MO<v_NKHGPXc){ON7T-<&_Cm(Au&Vqi`Sl|#v<rwL6uANR6H7(!a`
znV8vM>2rbmNX*Kyv8;K^6Emg5j=Y_xCphs?tRc6kl+Y}<?`T}wf78QGakGke2T2Km
z@9=m+*cAU|NUPp4nU4!@;l?qK`iQN*{rPtKdiw#X4k4GtAh;*E`nv9G_w0)D?A_Y$
zY53Kq#{`Rf3fHp+J*7F(tq0YfJn~|{rK8{GyloToHnpO>+3)cOF{S%-2~9+CfYo~w
zMjS{ZQa)fJ!1(l55EhTt3Mru&rMFV~`@FHXG)%kY<x1Vi18R#EEK2g`%4v%gA&QgS
zKg}-50An$IkN<*BH6EH9Cs?vC?YBm1z6KRakECYK7%)w6l{wrCOrj}Ly$lDig|!Ic
z5*DH;K#r>wjrqJxh7das(IzVFjbJ1g`{|Vo-w`FocPr!H<>}TJ9k784%{!@(ApPro
zP7uQLYfyGhG0)xYN%(djd$Pu_vzPs(?X3dqkzB3As=t8S!%T0NwBi9?mFYv414>~r
zL@;E!g*Y4_0Ls}A%!E4xw$E+4b323e#iQa;E3dfw%gu&na^mgkGL;O(qwHy!^;@^C
zK)k@%T3{ge<GmSzK+((TK$m3uaG}%RW#&k+;*7D=6<-!Gs&AF13;)%@0i-S5+g_GJ
zv7sQ*+<w(D?HqDGumJ14$eI|lGwOzCyDRukEa1YjFMHaz7M6&wj6u1(-~x2(8>5xg
zE@H61onbu=1QmaNlgx{*uxHIM_u(&>(M8@8Qn*#jx@Kr|Bb2d|fA4yrCkD252-CZP
zo1W7?H)o+KWiS$&vKz9uD{ln0x`G@2H-;)H>P)4oijd7?@lE0~S4%YZ-j?20x#~r#
zYEhppD81%H0<)>UO(SCa1kK9TRO$LTeEvD@2qDH}7yl>f&hAJ&dW7xFc<n^XcI|hn
zN9T5w52X=S*$HCg3%+`EZqGPhTXfjktvj$2qb9j7?2QI=dlxUi02780a#>*C=@pwj
z>Tyut*vPoa2H&d4rW*L@`F5fKoKqEllVe_FfxaSjFey5cMS_;OQ${#q5i;%L(tzSp
zms}_uh>XR+faFFcc`)`3o*;F)1l!Z*6XZ2d!NDZM;ctxylOfKSb~#p%K<%9&D%&KH
z>g_hs(5lFvQ}mKr{|Oj1{#wJ+D`mg7bEhKgKVBqw?Q6S%ZL6>(9^2|*-uf-jk=7i>
zj0=udfo%)`M$BIaMK1##_;VpnfcvW?Q#A!d`?wle$MkgRHru#@9ind|$V;VgNB9TR
zasC&Womz?ged6+%Z7B<*4&aB1Ryu~Gq;!w;m-^iEz7ICE=992AUd?sjAOPh^zg41s
z$YVax2Qtta^10Cn5opm%_nYAH8!a0iMk0XsNorq$E0UT%kpNJYB&rf*K#(40!ojeA
z+3A8rrNWVc_NnV?wW>XY8H&27yVr(;Ed+FR{wagIquj9X6pyX$_JPsBWMBN>Ai;$a
z)l=2Ee!$zoQu(exz}H;$u7H2<+v}6tT3=idD{T_--I9jK)`yAtckzK%bYOX8gr9oU
zP&j=w5=|DZu^j1n)8qv;^tOegc}Q0iRsp@Tdr@%mK_^;{KWKSyvT=B;9(K>Yd9${C
zy@otCinHv6?QbJqOo=nT6#GnVx|#sR3OP8%#_F!PLFI-(?fj+p^|m;h%jULp3!;`p
z-F6wAv-$v4oMtb`Mu4IhZ_vFrt$K(=!SJ?Du0Ku44F)&Gd`4bQ6@njL=9Q_#WJjpQ
z4k9T&C9fuH-GekrN-$WPk+Pm=3{P<zStS+wo*IzezWN@-&_2M~V13%$p|RYzkXZUB
z9zAQ=p3Al1c3j@R^hFYqFC`G(HFf7h?MZLvg&;ovLsLc#Y9IqM0N3F~v&yLhd<sZ*
zFmz$d_Ak)Pa40}AX~CXvu3I?#U?Q>xC*nZY@B-FT0u)4pm4jhzFKrMq-GD^|<oc~B
zD;~sZLId_ZZ3v3EnQr6*tv=ugMo=8dxA{=h(beUE`(<iPQ^VG9LWTB5{AV8BaH06M
zQJ*Sid`Aqxci*YX|4_vMpqUD~)$CSlpv6T@ZY|a4+~d1d;G0gUx*wqt?o9S@^zy(}
zSHEkemIjV)wd^NgpfJGexGLLVHlr*n7&z5qx2HTV92gt<3CDzPA|S4BY(@!Lm8YEz
z2}CnOWju{Ccf7C{F#;KE!V+Wz$kxJwF&rk;<jQqj1OaFTim)FB-Y)`p1&ZC)r6JjI
zXS0U}U6cKvjHuZGi;n=Cfnt-Vb4tH=iE$VtEmfE^^M;nl0wy^^2P&xyW~5tISW&gL
z*6anUW+mMXSX2xECM5}!^zBla;0HycvPlYLoBWmU$1hj+-RvxasEs<^b=1rA1`z(B
zrst_X=RESQINY=s&ej<UL6ZOcyFHn|($--5)M9anWG&b8z{7>#pg5Q77a`$3Q^=be
z0{Jn|Au0qOc7~rO73KQSrX6qU9X!E$T+4XI#Cy0kPyRIN*B=f>J%=!KrAk{p)7<D$
zqoge}`f%k$GH%-NYu0(K3||@`{1#z=amiV~J-D8jV)c>#X*!I;A1SJL-F853aad<4
zF><Kpd8ifoCE6X@bw#%NkNQ&o1{>Mj33?Q-*7(5O2_Mx#)))D6knxFG4trp^3|zJO
zcy&={U-l*1w7)uu@+i?z2#S#;(V|9@dNx>e*(@haO0jdnD>HU>+PvTaAkf;9bfY`M
zIA);Q0&T)iJ7C16tPg37;H>uhZ|1d@5)9A2Go2-9f%1sZR;vmUcjA>y<Z|I-%?b;~
zkGHvKn|i;WhA}*R=$xHcNh80h$K9Oqvm9hUFWtTV$Wx=+r;CkSmsB#uh8Tm)m!Fe8
zl?5una1XIqLe1?nLu&1qqJc=$fhaj%l*0W?n-BZ|=Ho5pvKo7S#M;HPwv>;`QP>@I
zU0Ke(^US^OzMA@r{C-AOliY%yn3~#|j$sw;aW90}<EA-b%lfRh<NN-NOmSZDgs*W_
zXDS+J-sN>Ido;=c?fJG;nAk3~r#HIKDj{ky!|f_u8y@;d_Kl$KRsNiP%Vyc<*2>Np
z{6R=7o@&PDF%74k;DIpKWdES0bxz*h^Gvqa^^%m~rh!x1z=#8QPqL4Y@-}?+4%U0T
znKSN}dWqU>!H|IblyZsxKXx4U0j6wVM^dx$EV!=G<BE-p)!bxMp2DcGl&@XxI3VbL
z1>WkkBAticj?eq&(yEZJ`_-)hapg;_2}g^mU2mc*(sOM2%M@nR+dSt-ALl;#Illqy
z2$X|Zu@xZeBpMcu(iauQ=*K*)wGXd~QKq}dP!8}COMUcV4&S<XL18quez*`!YD%Ax
zdreT<sSrY_Vj$rPd$ab!s14W(Vt`VyVKwuwqDiIbpsyRH@pRtJc?_(+L9&3WDx|_2
zWC_l)*mW5qj|aeFZwT~`(RGUtEk9U!vlpJH8@?!F?F4`0$9>G09nOV|LNE@mF^`^e
zr(K#;v$Lv4#vqaHz9NKBu~ww>`GqL-8A?``>f_+=+Jo=X$2>sM#EA?>(?lx~XpCKg
zHGr~xZaIwHjMea;mc_mJI;7;5^H+E2=@+C}329(7w)@BzVjDKE=>#5bg}Ddtb=|g?
z_!+Sv9B|nyDASlU(mhSIywxr$B;nUp?8PoG<X*<>887RYM}h?rOJr8SZ|;=R3aq9l
z8Mn|jxB{0i8?!H)6$rAzpk)~5J%h?1uc3WHhk`Awv4(F|j(T@%L;C~p2doYuz)uEz
z5#RwARCZMb(PP-_08c`Wg1bJrF`#4T<Xk}Q5`57Nda*vad6M(wq=1NDxi}ne>y73)
z1VaOY(&6^%uM5-!#{0_;1xdLVwl3UdNYYTJ)&gC^2pbeAVqrje&vmAfx`R}#ojVtT
z92fZ$&#5-KhH|K;UnVqqPYO)2rl6TAO@drzl|xEwzdwBCQ?bN;$e0hz1vpUWtg(2w
zD^}7er#Jxz{?5r0#oe>Xixulp@YeC~pYWR_H*BA{-WfRNuNVb$=V>1^4C2zRugb7=
zA9*$aAiby1P9>r&-tehpsHovJ?5=`6x{>dnx74|Rt-I)PtqNZMbprxDjWmOIwj``s
z18etCTc(klIq5S>xkr)3BCZjY*iOBee>lvBBK&ASMjR#R#EtpAK5;W<6jL^g{ovIw
z#&q|CH5MVtRwk8d!3BP3LT(ptD5iO`xI0lqEPX(1EshI|vyw3<$d=Tk5{m?<fXgPH
z++EqFKR^}arTnc|{NyBX9QXXsulw)Ut-Xih-*#oQ*@BL#8Od>i542(}pkCE{c5N7F
zABMK5u4}b!{|E!S>ZbtX>?pc^1CKoDr4a9rl&&Pw(3UQF2#n*0fiRQ(lOULn!)H7T
zWeFuduyh2%r~69!Ihg1~2C`=n{X?gzb5coEGFFJ4t*SU*gB_5Pq^@D(&REJB3qokA
zjY?_hIx}4<D<uuszfX^K8JJWSU6TI(FGt5ue^xMfG~5^Rla62QyFsu$^k9KD)#(dP
zhVktYpSD_(giM>x;S1*stJy;Pa5IuIA|_wn=l2}+T^ZQ2kEGcMR8e@N`>MOEUiJ^t
z+Zh;Ck@b<3c6M*ljs*>@l5Du7ZjdX{)3Qe76Lsk!PQn-oR2o7a#c??ZSsFqJ@K{c?
zlBTnL$C5~)G<7MEXr^WHFU4p@VNd(k|2QOX5%&6mOU9>MNiiPA^(4|0KO%5@r|5Bk
zzhQXMewt~y+XypIafMR|Ox2Y!8ikrGFXoSm(BL~IU$bGnNaOyQHT`)Dg7!=-=7DcN
z1FG`{54<QgIWCh5rlhk`*MPhH(;)gAliaU|5?OA0WO4$^IHc$vtAJAZxu#bNj=7D)
zYL?O2VfGS4dMbOna}BhG0TQb#NZ&HYE8aBWLCGgow|Y8BKAioCr9cj_6pfxrF-^&(
zvj_1V*{ZA~ts|CxsOTd3;xUX)pY~0~LSJyzh!j4XcIA+mtJO+SqmqJNi^wbK$n&eH
z0j+A4T6d25K7S>lgqJcT{W%*syS0bPLCHiE_6u0tKY(aiFHH+GeHe8KLv54mX5M=l
z^dsWOBXKydBYUyLEud6iaKSJ@@6CYT?N%#CbV~ND!Uf1`U#hPo?7Qk<#Rkr?KTja8
zU_H0di8b0?tA(A(%bjxLekLsT1o*kl>+Tt+nj@MUP|>2R6PlU-n2d!;AL<_VxkCK?
zSQ*niWMM=vxzzed#WuC=m$!qI6u84z`kNjQpm3=vz0=gdJ@C;}B0}Nu^VKUw7UrLz
zjN=Z?heG8#^g9<g^%W5HLc3ofdjUu%K^0Uo8}y`OPCFu|8*YJ*awQeDDn`7=q67t?
z4krUZ-AIC>oSl};Gb^a{<AiUkuKVg7U+B|X@YLIH5zPj=ED)93sCae&)z@`K_qb3J
zrQgUZZIu>2FuFOyW>r;5^^O!>ZIAww?$Xqci9}0bDz8~-Qb?Tr{Pl1|+>P(<?vIr8
zqvyQ?4uGQ(jNF-HDDD%;%}CKG-qIOOb6ofB8vniC|3?243$euGFr{TlIx5C?B_4i(
za<;0Wj`|cCauP?tywiY;7OwD2a=;6_OW|%vo*08AX`;k7pO%Z<^9T`l%b*xVc>`<B
z1Q{oWv>?cITAvG;kqrwL-RN{;LHBnYDmI7fXw1wpU{}o&$%Qo87JEt^1rV6k(aCQA
zL0IX5^B$7GLWJeA(wdXPNo_3rk${S`>zk|;0`!<2pVSfh2z0pd4{rPR&;A+C?Ymd{
z;usaZejw2x0WdD<3z=Sr!tB4lNlVQhqdk|~fZs`q|9qZJ>vh5!!^0P?^WA$Qf-bAu
zDy!R!HNNC-OW?DD61kldoNt~}D(GMYRvU{8U~;%rJXKIBdl}@i=1-1%<b_Zvp=kTN
z^?ZZVNXzLN(E%0(9?+!Kv%VuIU*2zLAm#%czZNxiE*K2x4Gi@BOIgjOyP{CJg-ni>
z^kO2DW3~Kt5guwJLn7v(&Jz!n5J&oW@r)~;V;(BZbJmEaT?A^3k<|PXI^Bk5L(o|6
z4NER7<Yj04VihFMK_^ig(#;8rp-Xxe5{OJ2@K=pXv0B7+_55Ci?LMhY!As_$`WVQv
ze#>pV%FQMfr1d!v{Te&sH#5szmK!TBncPPE4$GaPHYaVC+*p8PX9{BDC+Zv|U%5+G
zKK;R0$5-sFM|(s7lw*7)_`Kae=vKJl@AH$oYNy(uRXzn3;i*>)kj-Ij5!(9@%joMP
zS`PFsqMZCJI>xf8sxfc03|$VKw<x3xCY_z4r50Zvm`y@sX)*;Y09$q@2C#st!N+Ax
zD(?uE)3)v|Jt+cR?}L(EzS5{1z(IDIoAys+!6>4f?wHD?EYh?e>M-SvpiX1gN>x*$
zpIYC3YH4UT7>&6EJOjF*D9n4tC`dU9511l*IhfZP-mXCnfXrd_)yomwUWWtpH(Vip
z-U{{F&RLehbCa%#!{pZs9u@(<Fu8%~gmfqx<bFe^OjBBg?BA*U^<pXDN0>M!M&;d6
zSZDOw>ciLcJ?-l+Abc!g`8{iX^^v(Uv79j?w%b;Cijqw22tw{wN>^b8>gPJ$H5&0#
z0*sj(L5*)iWl}x!E3#3MXpIl-@J-#PnQ%mOz-N&Ht8CAj*i&rOz@Wq;%$gST0~$&#
zQIgbtK&8*_oN+k?dg{@5i_I?)QY)H4s%2D_oB*iJvNT$G$^C`Li@(GA)E#2s9Ddkr
z<vE$4<jU}QCN9b<vm(Nr^c&aXp~seLj9V+5k(_SdC0I9RLC{(516wXl<;uiyR}QUW
zm30*qESWMPM9Y-a{MRi&8)qj^$8HSzJWtP`M`dnLViUF?EER$>C8Ra(o9~AjJj+xn
zZatjmIIa+0p=hvNJ&5aj`_rjI`DUn#`+uk5S^cVwqLJn*FCmaBL`iYcmwL$PP?Fb6
z+caPwxqtdXS?c%u^6T{0jd)i#<at=*%Z2b)u%*K1(cnz+_7q@9B82fxLz~Ca!0(A!
zGaLPEnf1J!wvkfqQe}Org{AytR0GskLQzY>cM=sFPj^-o%T-W-2)1nG0I9w~gvExR
z?z#%JR<OE3q+OICsJ|&4Ubj<&PSsekZvXpy{@13b&h~HiP<3MSy083n-@Sbr$Q<Tc
z&-uMbSJ~NV4~`X8Ta~^NOR+IjNmdyu9A%t0e25%?9sxaRyY7V39^;hb&EM_v)cYg>
zlMR}Zd;6=@0)DC|CQ4IqTEI)-AR(KwC_+q1o!p4DV=h-Hcp1SqHYbn5eL{X!(t1QG
zHfQ-@<n56@wq&HPb?Qs=$HL9P!^5}{NWX{g%LWvJS^R?~3l*gzuomGt#dGejdc~&D
zxgOgf&#B`;Z!7C#m96KJ`|cnben)$WgA5q`X*tmyLdyh{HB&XahiXpDq?o^AsF={m
z;VFf*XPUFYxdxfF*A{A#5m-D4xY?Ij)-Sv8<~D&R5uNQai!r>W<dr{6`{K6oLEd!=
znh=FHC7KH8Uuyy{mYsUol5p<LHS7u(wNhZ$8c>xkr8t(i9(%RV`8v*|n;71Zj(lQn
z?IY*o8arlmZjesuFmGjUBzij@SWT!ND+bR0B0ix}zir}jfF#HKSYm$mFP{EPTfoyN
zMGe1DP&_vz(|(iI9H0qUMCBPGO>ER^$RpV;IQ%I*OAZ32<d#^nNO{Ur3qw%ri|%(Z
zZ<Cq}mC%Gfk5!e+S|-MzjUc24+a8}Hr3nNpsi8jQJFYvE`<iG&T}lLj-<V7rVk#O|
zmZd&*i@5sNSlUS#147m>A@6X}IVxk<z<%DG&qmV!0vv)DbycK&TL&nxumoaNuF`&#
z+IPvYCyDdZ?SJ%D)q5_~?Ic`VqyGk4lIh#NPJPn5;{erEwRJ2tsa}m;8DNXgDDp>!
z57!KaJP_Zq5T$02c7C|x)$5CIc^X(Oy&eYbr>4vQo$od<J(kisjkI-czat7WJ~|Lh
z4J$<nPf&xY9WKHShY^qJUqY@e2rdb??LbK%{;Y&YB|jOv>-T51=lwURnTUV(m38q`
zlZry2t0#%|kqm)P)h_M>r~Kk1+Xw(DkMBe|Le=H;v-Z(F>-x&${%DG4AckjIy`mi%
zvZ$uGsiZfwKw;vE*9c})pe~Hy2TH0OHR8(r^)6OC)cu6q8ksmGye`%@c;R%)#$Ne6
z19vi4cugB;Dc3Q9A8#+Qlc3WewA3Bo?bVOn`fuw-Ilt@d?V6zQ>Mf(s@{Nt<$BLpJ
zq;{TD<57nr{S<<2x;J}(2G<gh4x-`V>qXP0k!Mu9n%BTPe&iA4@=JmI+N5?ns>-{x
zdv;=)?V`pa-QI02i?@1zb0Ctnx9pnleP6oK(KCBR7||2s{fl#MebN&HHP?jV8!475
zCO3gTvJIxJI#C|eZk83n^d+(Zu`nTx2(~F=)GF;)nEcctG35dAP@bRtL&D~<5x3?T
z5zhuMr?_iIxKu4gPJA5?=hL?Tq)U3}jUdTY-Ic@N;j@o*YiAtWbyXO{o{{wC9Xopn
zu?svG%c5Ant3#N;X0O(kE$5J}y0MC0wKtA89p=Amz~v$^xdkcBU3@W7KO6)*%RW%U
zjL4}IT0nM2`;-$}v&k7?TCkx!N-AR{agOFTC$6Z8BJNG@+~Tg5CnfL*Et&!B`8CDM
zlKuDcY^LX(6|VH^#ef3PpL&AcM^Z~#S!)Mp=J2^ML!i|L(FErN41C9WAdo-$v&Ve!
zwT1jxqt{xF3x5VeP(`#H@A#@@`?>N4|9L2gGZvoWu6#+b+A7B8!FO@P&BM5F-E6b4
zrF+v6R{=P1jM2fYh7RG<SoERufn9u0G2C=tXMbfZ&)NOSg|Bx8NGaX%2>3s_p|wS$
zbz&g$OoS>5u$D?Bej&zdc{6sF0hZ<iCXF`*6=&PDmMf!s#UO(<zXkCk1!R;!y|N*>
zU;hQKO=!VvyDnG@uFD4OrM`%>6^dcth!Gr;(iryetmjo3dt~UvmLHeK-8SQh&l6K<
z25HS#D><2f5v~=Sy|yWYuM&FoZqN<l6H=7oeVbI1CF?I==m)O6Pg@8F++Fse%U*{T
zH^oDjzjPhiesNO=Gs?OQ87tN&jBBMGHS!+YP-e<B=b*W*Gv<}3CEat+9wf%N8tKHG
zG17-$nnwS_TrgrHH|nr#95h}p=eMFiHA3G<PgLtF0%<^bkE@<FaGm-g4;a+$tlji6
zGQ?6|fO>ES(?XY4s!ZiXbz_Ew5j&wgkC{cD<F#91Pv`r4<F&y@DKn@x$J<!Rk<391
z(@bfumQzkk?={h3pfRHmH9%UL^Nz8OS!)O`9-Wq36;Ov{^@XE1?)2rt*Cnzm$&_m`
zPnB=BE7|8O>^NR4?lwT?>9b~U-FBRPl?;|H3hm*iwi=ru7q*J;Qtdj>@7v=Y`R@63
zeP8>j<gexM<N2bj9mAnP&GdA%G@jkwe_-MN@&2@wen2h54;z_COg6^Gp0UDatm?}v
zW~={X(;a?(LF6?C+w_)ywab>lER0gww{QS0(}yXEsG+9TOiFWDnOR15kh-irftU@O
zq+?_Uslf;`BsMLtt_e6DVY$C|o%y<CjHEu(q=$uTDg~|{&8naKqAA1}yLVcqtMnei
za)r}yDwJ;#L3NGV!4_QDZV-a;>-$VpBq%z?H8TEFb<s}#H33Y<KEtYqK1^Pu;0vbc
z;YH@Wu*~SCTF?uokmTKL3*sJNEc1H*X(~CP*VuXxg^{!DP%Y%j#sP-eB^E*lt?M8H
zdvmLP=m9$sI@r&G@{&F!B@<B6YzV*D0KTajRZ|y`Tt6d3Q1iw>bZa3j#+7T9NFwk{
zb!r?)v>71bg{I_GYh*-gSG-VVE*_kDX|YH@z03$Y{_46Y5O3BG(qR(lf1}t)z!vx|
zq2dW8dTS8<tO5j9Dos9dot|t3bO_!d)D$m!2N?S8!jj8hbt+&GzCr)YD8Es*y4AM5
zqMy4@tqg#0pN^&-USU(f3U=a#f60dPfjt;1nCzqYd<#bt*&!Tf0wF`Fsf%Hcw)P~A
z3Fc5jk0no75XT>Af>!dn(X>M~I4KUo{zrte0V*rVs;7X`?G&MvSipA*ZiF&{4-ft?
z5SXwAuUc+?95Wh&aZTn^&;s%T0@1Bq-%rDC`kl?N>Dg#yU(zmijoQV<45v|0S}FD~
zVaua$AR3i(aM~=0W^ANFB<__7#iLg*m6u!DZ)Jwj5@$?N2d$hVrs)H2!zw7pb-~-!
z+Cug&>WrYeA~On`Q_!5{C)P%smu3S`f}ftATYkHQ?Hj-DPx%Up$dYsQ0=k{2@E=8s
zI$VYGJ#)8sqhdIBNE~kuk)^`gfz^Sj<?IqbT#xF0KtE%6_vi5bq$hBf647}#RxO}t
z2@dj<bnQ-I&61M*AaBZ2#w%3mZT5K`*dEkppj|#_8&sSBc5mIy&kjUT>5<9($xrK%
z*^9&8_3eRK$D<CD6)Je6zL&xuVs%xfTNmNsy{=%zdL13R1{Fq-OVMfh)m5m5(hDnN
z4tOTho`(Cz&?4o1jgLPa;igb6_bIch`$!FNw>X~?_1fX10%g4!XY#eKdQ<Ic-J5RI
z4Ag2Jzl~C;tEIQDw#6NhpG51j;V<OFdBGkC0h=l=qJ)FM+M-)yZ$JY?Wh(RU=)z;J
zglzlCO2Ms%-v&&+g6xS}6mg6!-dG)AG1(VguBj=hkM1xFq?0h)SC_##LY)!h0vya0
z=U@6~-dXFhA~U~a61b%%g@bxL5$AoN3cKTtL0<QP*&`s1oLc#y3ky=BwSj7NmxQDS
zc@-BkUPtUR`Bn`*J7Eb2=8T{$-s_j6rA4uX$$&x->7$EF488EtVVMSjpyZpEYrWZJ
zsWO0702^Ap13IwqzYXPiw^(!@v*250@vd(#5kh&ot`SCxq6>9;H_(<<@_TLurO&Km
zsUTT`-m+KmYNtWq(FP>Ww{?YVf^H|P{EI>gi)q)i`5d-i?>Z>0Itd44#SdC=BS51a
zW|EA|=X(6q)yxrU3Rml^@bR8`YfNFR^n*=p=EVCGi^(%`Jj?@NJXyK=N;vTj;8<nA
z<9E!HD%2OxyCaUN&Ipr2YvQED9vdFB5YskO`y0UtB_Z#EGmbhlzyv@|ZVFU%@&6yo
zUHV-_^e|+f=FLa#L2UiPoh`NoKg3tL?#&jAMT4<~l>2&{f^a}#IaVo{(^kI>(WZr2
zLn8D6T8eU&Zihe<+7gCFLCb?NpLoy?t)FqfIPSjilUH)-o5ie~*qlqGnN^rKa{a74
z6c}4G_GJmbz3dx6%)4XN7XDY4WxEM?2XzKS9X5&pgDAMa#1=1;+CK(8_znw#fkK}O
z*B|UTR+Q!LsOW<IAXXG5I)+0hO(__q6DXRX-{q81CAZsL2lKym!dUjyTP{^un7H?y
zSeV2v$B5kLBU7ba6YmW)x@;#3%AP-TUuYA(^Z3iQ4Uiz*>aNwR<uizV7WVbBeX>`e
zB`G*`Dw)wZc@$F}BC2b4`;#^uUT?u`TL0Y+Fd>8&)!jaBITH#?7COZuoCGzGjZo;b
zwy3|*zCc=o3joRbNNiusE&AT)qRFX^NNF(&KoObG;-rQ1R|I5*#@-H>IgihX;IyMD
zI~+HE^7B;0+hNc(HE58S2V$SD(TL6Y*CgJhiooMa-7H#%iCXe~0WFRtByqq`PFEku
zrCUYfl%A|tOLZLr9fWAGyH<85`3UaKz3Lm_{j^GndVG-BeMok>vpynyNwuSgtoeY%
zO?oc{r&=~X|GVEH<iyHA;f?4~pKaD%Q3M6s>Px1V4ly!SAvNpwy%A7Hgji<rz>SJS
z8yWR!e>$uN7&?e{s4^<ahr-5x5FA>!jBN={2ltv<0x2QWf?4%RECMU{kT%U)m6mfo
z|0THt|4r^S*Q^#-Nf;<rL_hZ>XHq@{{a~%eK<8^-KH`O13Lb4VnEFW(ruHPw$RBsg
zD0S0aCDFDw84`vjb7@Oc0g1Khgt>E#N?Sr;EIT5JF$gVFQP%L2hvDdY+~;{~B77>6
z^hpaf7pX;luGu;Hr^Icw?wJ4yiaOYh@lqZ8m~)6V*Xn(lrfiok(@|wpnz-rMuVbs@
zMQtS}ZV*Hh5j9otZ+_7Mh`Qj9buT!1K|MJ`pQf8%B^tVFR4tG`Q>*F6M#E{Rhy$=N
znqy;PfV~DABO={fSGSH`BY&|TbE`Y9n#EhfZi$#^wK3Pm32hOomoNg8_9>`ZUQqJK
zX+~#FFm3wz6!LXBZJp;>39<w&l&Ipe8!1|sV|7!kD9l-&ngt-1dp?7@yFjMAg82)`
zq>5K~QmlfR4D58a-FWmj%Dth1v9>G~aN&w|{4~K&9pzii(z8<6=}>p;Sh|4}48^s3
zhb;<D05lCc!2UUw4~zg9S1Uye^Vn#F8K0CEzAE&N8J*TXm^Y%B7iDq+%lx2TxC?D1
z6DJ?r()OTxUa;KO_Z@hQouAC>E$m)Zszfco-{|yx&~|}{5wv^DGwr%rmOIk{Aymil
z{u->HYV#W3>=3%oBnY7Lu!1!kk{sxJZk4kow8_Mtuj1OsEA0RY4czhack_a6>2Q(~
zdA2Fib9%SSN)Zw1mv7#y?V0dTJ}Ac7=3(Yo_)))13kd_!sMjBSgfqzFZ~gT-R5&;8
z1)oLYOfFT>p;?|GVTHSXS5fr7c+tgA;mqcyQd;x`F}J1RBTT2Ii%cw>{R0KJ0(d*l
zjKluj1XwtE>xWvXrP0H5y9T77yzI`9Ft`wkL`9X-;&ZauIcZ(*6}-~3r&Qq5A&Z3~
z`?anf#qt`kQ})md9-!&j^3kosQPe|{2&{arJon_pFyWl5N>A0+3L1KJD#0$~?Nrr7
zL#Nub(`fn@^kijoztyX+6TNo1k9*N$KjAnBeUhhKyqiTrldD35w`kGz1)Dt|?3hJ1
zOw^fv5s+Z~>tL4;jrVhnAon5;CWO>dTE$9Pc&A0cu?)qHCP(wfU9s=$oFCH+Lp47f
zkyD6_xA#UaaNRG<-;9V&>(R33Skx%y5FmR+qvv_|Q=9nXOUL08Cd(RiI2m#}-WLA{
z=u(p_VMIQA=t~qj*D&AW$+Fl&UCc&nz&TNPBP+jw7X~G*G%TXfQtq(Rr+TxaIAKUL
zr$f!^_0NQQDd=t#nP@=-oU~M|w%I)s$BGoDw{zfb2XxMp?cgTJh9-Cys^)_i%$hfz
zm0({=qSY>U*;f=jZYTt*#ZvQRkW}RoQH0TX0G^_Jy}u7NhaH?&A>P36aDkrfNc-+J
z!|VMB%y+Y^VW*onjy0TOx(`=VRnF>vxO^^jhg2BpWH8piz=PCgVk%-aOrj-ckVsaR
zBC*2I{*Fa$O8do|;%#Xz);MHtt=!&|-A;UjUO)*E=rOtuZ&!5OZ1aa=e>VreOm@Jn
zwPU}h8)NU&^5#CA`d>A?E-FX*zm~KC)m&Z`e&&vZ^=%COYZMRA<*@Y~L#w<mhU4ed
zyXQjRts9W<lXH(*mlyb~Xbzv=CUt5U%h&CXwnd-xF0$8zT12GXcS}$GV&neN#Lx4e
zw<f&;Der?GWe1_W11`Gs1!Z(mV5t;YFSCAXO^nGKLE^g@K<HD7$8qDNpeRdyp`^xx
zSHw^fY{1P{`lc+ODoOB@R|cnyaCBe@&|F_`oXOnjqCk}vn|nf}e~k)nAG*;^J07i3
z>BjF4v6)CNQ;iLMpt0Bbqh^!9Q9M<ZZmp-6Xv19*at416L03R3_P~Em7MovjjKAYq
zY`AvFae~-CEHE`2pGVQ8fl`$;BunR+^%zQNmGsO$tP}i$j<UU#7B!nvP@z!vmCcnD
zD(6mAHaQm+ATO1NhhlmS^<$H)Ru#NDJHgq=v2D;<xn8r}5ORvU!0n8w$0XjZmfR2-
zJgZ1o=eEhy*ugOD?F;X-^P3j8$5ycug)&6nsnD+pSugOSQSCXP7N<{FXHquR9WC;L
z+nmTGAw8gW@xr0$?8!NTn-1YL3L_A;QkLkH%z<lJnh=jnnC4L$rMy!@BhhK(QnO_y
z4fU5-9-m;C1rMO+Ja)8Pcd|9c$cr~76q8>Mdr*We(WSeg(n`gkrKIkJ2_ZK#Lk6e)
zM-0_qS?Ru1EWsW{RK#3EaV;$E>x!Wq-0xuj*7U_g=6!{T2WPr~;A316h$|?e##GpV
zA*oisaBcwzw$@mFtTjP~gmF!E^>@{<fh0s=kP(}#$y8;0GZsKDbS8!Xwje$eq7Usc
zPe7)qnC2}3;&M?@Rnt15njU6NU5jZl=9M*BMdhWOBBwqdiv5bWEfGAt7G$fUPkH6J
zly+GT)$cSH<AxBHD^prZFy>ybUZ=9$lA~`8AuTco)%as12R_{0Gv?k@uSPEHq8j+T
zXa9Q(3JaA`H9|XVRizdB5`D28IF;i0U5oiQ0jbFh1%zDp0FwU#)cSYugOGvad&5BK
z_QEp;B=cv{zFk>A;gi(pUe_ia;U?u1mUNM};@vmiQ=1tji{r74cL{6Zo60;gz_T$W
zfIufSYm1sQSV+YnrZ!u$Dg#5P@JAaz%h9|mbyr+Ql+<*O^{9MAA|*d(rSx-&(@L_D
zXz4)kDtQrt?D02qquSiI^>ya(j>jfEE}~jRR6!7@{O2A}QwZEuM}Q(tu|m^X=ZB^K
zbzaT}rw8nP=Hea9uQUv^KTSy=LhGgpv#t*2JRSsprni&#NwPDMKWz1sBkB0qtQ4R(
zv)@rq;(bkIsM9-B!8JF{NV$^Jd?+DRkWOmb5pg~B(>_>bMhe-vfArgFSSrsIZGiQG
zEOzp{t;0fBbMpHr#N-vTu`U?^&Ql4f`Y1|REzHQkQ6+$T6N=>c1en2irERR1-Thf0
zEB%XNRATuzGLMj5Sz~2_F-2EUN{9P^Y9~9VU+&Ak^W4vczPCpLp7N@Jy>_fW*A_%c
z+HH6i8uc*$<fQ7r*3rP%&agwuk~^5Kw4(dwhxsrylg~1z`g694nf#44w<b{*ggT)`
z95E5IemSf%*J5`Raay_5C_r`)$H`0_cCbx@(}+F{K$pBmn9GrfWD>g{Ao3_xQ{D-<
z)`_5KGBm^q<<i}2AY2LmRo=iEPm(RM11nI_r=i2TwwLxP6+Vqd{zYeZnicFVA_-2q
z1$Pczh`dalL(PPzg!o4UHGw62ge=4rHu`|koEJ*@%|y8rj)4&8KphI_f8X~>sF`9*
zOrrp=r%TaPLL~6}*s16-l%3iw=*)Z6P9F<45}r^E{BG8GA-XdMsBlXf9fptN2#Q>G
z&ko!op|><QGzdHa_e0GYi3qx{`!kF;$k;EVK-Z9IsH@43`;pqcm-#r@DOe8Qpj@T!
z`Cot{w8=cJ?%b#VV8jS5*x!`EvGC7`$H)$_9_=9?$YJ+Ek$LTFTMHo<cqxBT@fWo&
zc?y<AY;%stFKZ|5{Zh<_IGL&Vv9M=XEC-TyMjRw*Nz)c4sM*78WcAa1^cDo3Q!)61
z?h4c{K9vZg+4<+sMu22t{Ddfat9$v5+&Hc110&4g47t@5q2%0t)2vovIF*c-mQVt|
z@uPfiwB3v_FG90mQ~>6$ngpJ=c@|V$jS-YFuDYm_J<Y(7yoCn4geb|VXR}|qv42z=
zf?BP<d_M7d++bl4-E2w<i98{^gU2`T=oAEsO{SBD4|MqR!ifki<d0G-D~>jjREZk4
zN*9G<rc=<!(z^z{a$|1G$Ju`q{?}-9Zu|b=08u9o8F%~s@rAkT2#+s#g05d@4Tyxq
zorjHBcN%<uQos?G@lDvE7B)Et1Qi0cTp>3n-%evbCrUZ~p%4yW(wSmH*c6=AHS2^t
zm&FI7a`jheib8WDa!_zejo?<8;&sv}A7yVL%7d^2jHniO=LC5~NQ7)MB{XYEHLmYs
zC9EPo4-b*`3$7?VSC}~F-`Yf>z|GxjAh=~k{EEpt)b#M1@&btsE}O4+calHqarkn1
z{pj$`#jJ_GPyFFu>C$&}a35GkeL4?bv24M9rL{8_JXoYT5D@@bix#?ADI_4*abmw_
zMl<m?7_1aBi*hcT99xMI=YMVXPpH>lIYWb$f{UTWXF2`fV+c_sbDi@A>G{En2~%+o
z+=mPOwUMY`&nQV9R$v%a@Nh$-M;kClI|>RtG)eAkp`{aNZx%$Natg#B48aa(oY2zT
za>Q$>0crkfdB19aGBBrz_Zln4xhu!nYY6ioX#PW?7=Qv>5vasUM2?egtb8c;sYb*W
zO1F_F#<jey(E~LvyB9H#<5s2x_Q(70&YKbAtEW(pGz-lr_}5l1GB(K&qP*f5aYCNQ
zX;(a@B_;Sf-V_in7R4uXHC4&-dU#FT*ZYS3R8>a$Pr(x2cpHu>qPG7vqVlh^Pdw-V
zt;Y*4?qXvumT4Ckbqcsn!&#^m+Q5Ib3zKwDD(0g7c10B8MGzI7#Wge2Ht%Gh<9E=c
zRrX?$O3p!R?I}IQyVyx(j{vNO_`g$>ddO+godh^VsU$32?qso)f`(Kt;OFy$ZiCE>
zrxBEG*=@>Y{*7H~>4Bv${$%kHWCpx;|KcYe;l+wZ<nxl+C;<N5>4(MV!x=-(Qmxty
z*6N(m#kyZxK;iU8#FhV*B1gIzmERf%G%0!Q^vT4vuw_s%!^6y8XieAi@;%e0=`$3u
ztbw`v@aslO1*-0T5$YhK9gS~=COLx#JPw(KmxKi(ZA=st`o<rUZU99PGfsrCRBPl1
z+z_Q^JT*&bsYF#ty;LkZyK@BEl5g&M4tc2jugA#8v9{Jz_D;v}GZ$JLsTKs@A>*z@
zRr#zstv$@phIYI2t~u6-^?cmD&$;r_y~!<RqpKp4NR6!M__jN2L1~g$%}WhVlxB)K
z=ft0Da=qhDO7o=dTwZ9oX4ms_wJ`+Pi*4qTA`K@7jRiv)M!+*^(2RS%oR5l#Di9L3
z4BFn|t<egHDQb*8*`SfWD4xGkmKgv~vA+EDcQOn1IB<|+x_U3OfezL!+5~l+81{AB
zlRkyZWd~-4Cz+`H&YMZ6znHMfwzg|a7x>#xC8vg!P$gmn`~Yh-H*;tDj9C8`604JZ
zJ&GAYUO2xitC$xrbVMU+yaZ?+s@8jSYn6P!8C$nmX&ky^>2KVeIJavIC9Z|;!^KH$
zWMyOBuOu%kOJ{TXp{l8asKHTnd>*Y?XRlVX*q)8Cdt;av?e_N#t5Z{b>@3uub&g=-
zN4uoGRuM<lgIRiW3bOaW0JBEBL9r)$GdK99Sc$)oqR#LYnEvoeT_cD0Cf%BZpo*-T
zl5DQZ3zTAdDn*1bc<cy_u`@fF?)E-58spmz2L1l;`@OH;Pm?0T(VTJm$XTxbi&@`e
z<7!s=i&;4vjFQZI*CtL#=CtWAR^-A0cg>8z=lt!|8&VghfCi`pYNb-aYw&|gYR;$!
zC{?0TJs`}DPv%btlczAd;WO7BP(!&ffB2t0SPFIPoPDJ`3#<gGe%o(94QLwGKm5Y{
ze6bp7sNWbMZ}?Gl>kTTxEVb;v?bmpLrYt%RiusM~*}6sRKUhBIlWNWQ>#qrn+^KNM
z$%KWQSNh{B*4m_(m%X#ONa|$4tIWA6Y7=h^C`{4cmt@A^O@?;)O|NTH{k&{cf|bet
z%`ulW9~Fp%Lm-f+{-Z}&dQw2ZuZQvKWS5}6$L|1B>7wRb|L52JB!tEE^tU4x_uI-(
z^t_UF8WWxxb!Gl9$;>{2MvPUfSF;<|7AladbdbJEU%pik#B=u2nY<megL8HU0{L0n
zDM~EWP@xZ6uiEOxETVpb`H#D)ZBB;9hkuhjzMNG2RrbmMi4J>MzOS4^U`Z)o5QDlK
zey{nBs>^6S?GCn;sodq4{DoY3E8NzUgX;Mn<I;73bO>tZ9!-1~K?X&M7q74P6~7~D
zzaQ<mr}2}Qe%Msz(4o#vIlxT##PVij5|df7H>JT>%xUd~2R+k-AaWS%0>2q>&VZBF
zsqRhn0l_8&YVH4r36dL6c6WYC$Np6D`3ra33y_4I(^LxIsr0oAno&g|_;gCqzqVB7
z8-A>G_;*>O+28Z*)?^Vk*oL|giju{~StANnKLNlW&F?&lrB~>_&7RCc2}Gn;S$!%*
zh}K-L0FFOtfz0$p3Jdn54A`pv0y5p%DM}bD<xk*YgA5LPx+azP$(|H`04iethYE?d
zC_hD|SV`#bHV;vjwIF`ELA15%I-7V7Pw$Hi^V8V}Gf3m15(5t34WkI*Ctr4i>)zM*
z@9AlNb%GvfD7pf3S6uR?1)xb@Rv@nCN(WQLn9+S*(i+RCC?YFt$Fe);L&nDceFlsP
z{=YG;9i{JoQZA4twF|JmDN`Fl9?T7NUUj!sRNd_F^;zEwyki%F){Zy9@K+kw|LUw^
zbRvNI2RVL>LVGU4#fjTiYY6TGf6f^H0gfW!Q~bn#p0H#<&CVpoVodq%m~*~@gY|@}
zIuWc*>4z>SK~MUS0MKR1))Rq^u%e^8fK0V!5>8P(`9sF!a1z!h!c6g<gHZGT`sUy|
z!D{n%p$hZh#X`$h_z;c$a8`&6`fVL}b#gpbyj*LvD#EYl7QNy$^;};rqUwSG#9CZl
zxDBBNxGff;JC>k(sfU_K{WiII!UG#8-b-AY6Wk;(pc%iPL_7&u1RfvSKf(TAi+9+y
zjv7v;C}=#8I0HMWzhBYqVRvo};J;-rcc@N5l}|&rc@T01XJJP>m9VF$-Jq_DWFRe%
za#$*6*~Fq|x3f1-LtXK?0h8|WnM4|QXQ1M2^EuOSOcEm>b-;f$wz#gFI1Kx@rANUq
zgx|(}|Ll!7DKqk`LnZP{rXO?sn=EYX#etilS78?RsaZ;WbTKv19MLJ2@oaYb=TOSX
z8fg1tP5!3*VezBn_3?{G`Ag3Gqh#;&J6GR9J_<j>2<_*t4M*R|K?8Otg8;VRB@g7{
zWwDHw+?~18a7{ihPfy{*Y;7{r2t?$GBjnz}i%$+Z!c833oe{Os+$^orqbc|QT1efU
z@nqJ8;FGxH>cKW9&&hWuBhPIy(fYLQ=(y-zxk`awuKP3|tw*NU2Z?}Yo$&o5P`6+F
z+0~79ygE6{Jag4I&&t6nI0JGr4RlI5))I}O@EQinwr>D1tl3(WEqP^HDf_<ryT^1O
z9jfPvt0@TdCYNQQ;?#M7^s;uL7#GvfJqHEX4bA@-{Lp^+cxlhg&@D5IiwcF#&Qf8U
zrn6d)H2{IN2O+1I<1@XvvF)nwo{kFOc)%m!Zo6#BVW2AWTI!Rup?X=vT;k@M;rKHc
z8M#u0d_hP48{Lj1*42jr_P%G>0;D*W9aHjG{5bGrCVUUZwVOxvpESD7@IH*WqbDL@
zVgSYNFCL5vFhy42!x~r1TtL>l)A5njWM*MWv90J#5^GvtG{U1fQ#hdyIyOFK`~JGu
zrmKEl8ftzWCm_-yiiOTcMxa+mDW};gB6kSS4@325fq|Zsr?&xr8<a#OK;)aTp<&JL
z<;$2b*t+qo+cm0<TD&3!nx9la#V(Ih`*jx=#u1-o>7ntg$Cs9?`R-V2=tv7Co!HPU
z<ph?~3ijV`9i2;GTW$sdnJ9&|G^n@L|9o9_;}pHVS+{yON)v-qa#e;Uf3Foy+Aom=
z4u{&t4gz*866T4mpI;=*dG<0^iw}HJS8qID#8!Ay6ssSayZ_Iv`XAgiG?mccNA<L6
z>9Au*bRmOm!?+6erA^J<XFZqnRQ!6CWsU6$NB|QTf2FFabJI!Z(Mxr16}PhQd4w-d
znF$C{9nb5-D$^B&lL4`nj|tJxOS#fx3&guIogIjuppWt!Jb&b-Yaw!<O=G7+_w3^>
zQw>iqm8YdwyiE9t68v6Dk}Dwg?JGNdoy-D!4uRSWE9JiEU>y4Fjmhy#HfgXnz}=W5
z7w~no{9>22>Xi!M<!dZVL@502TL1AS6Js3<sY(>JT5}`hEIdtZO`#xlnj}nddFTbD
z=WIR^3M@eflBA7Jp)~551_NHnm~8KOW6D#QJu7pXw7=wW&-(uOe?8hP2%;sh<O{0Q
zAL#AE2H`9VhQNm9Z#!yl2eR@42eL<_)$^!$Lyq1o-wD?O{j&5~+O@>3{IlluM&VDy
zv6kO!-@1;)TGjUvBcw3dnS0L4H=Hv&&6vzGOa>vzfz@E&q`BjyNyNYfYtJ=6t$9@0
zO`~RRk<sjhWv=Yo#2p*wshbOUKz88gD-$aVYaE>uzsRc{{2RN3<yC#>fKY_;B+001
z#*~Y5FmTpidnOALZ@ZBQr@YM&s^thVc0ga7AIrfY0wHD*K|I<CaR1GjolZnPT7J{t
zh!pw7A#^$R^m_R1qV!uvq}SWjkVWRKFu(%lEaygvfmb+X?U&KHwTd4Sy5Hyt7v7S;
z3++@VSNTayvlo|%v$=@?mMOiaZd#bDw(($K+6p2;$4gr-%j{pS1BRdP@Aoxe9)CBA
zs+-#|F9v?AYbfJ6mEmu1x3A3g<?GZ(DH>x3g=vf><DYMQka~=r`o;UJ)e&)u?AD8i
zZ>!ei4_t{`Mvj>F8KTq3b9gD!m||hnR;1|iAf%C}We2>6T}|B2Rcuw43L?a52d;|L
z@phfJm+RCQG~?E7Ja!ZI3^SY7cXK=NW?USWMdOu!V7POLJ@SMUlQcJQy7y{wv-~f?
z_*cd^Y(fq|!(Ftg-;=aO2>8`Rt1x|G@U}C54fn|U?!RBG!_`9=xUJOxbGLDj4=~k8
zoG$S|tB|oj3)c5|$e{Jqc~U$NZ;bOh1a9BXLCDq{hlkjkeHWaJkiU%hMSTkAid%Cd
z5@thy0^ZThEmF~>hW?~<YPyhCC7(U!YN&TDkk!HE*B`3pAi&HVh=xsxMZeuJsgy&T
zkOAxiNL!*&nXJ^<RONm}zcHtNziXW8$&Au?S!ldiiBZJNowhT>c7|XJzQ$gIG1!f5
zJGW|5AumZgC9?7C*)Ft+O~mtg#S8oPW4?DtnHaZ7e(^zSVfrlU3)yg9RnYU)O`R9o
zo7^lx$)dk5j_X~w31deY_ylJ}e?1jRUANF_djots>_t0tHm6PVl`jb2GF*y9QWs@I
zWYqR^y=-e=T|jiAXCJ7jU{tQbeRCp82`tf!Q1^^sCF+sAb$bR%1B;Y4Qw{d_l+Nim
z=Il|#F2$7O7d&h=BD+#Z>3s?!3iHP07d&tS1E-VU{Ol)*JF@^MFDD)b$X;wajOWj~
z0x&BGyw4DO!p+r>K&(jmaNdFO4eF{$mQ+<aNeg>dNaA4HvUy`!5Z+(omK3VcG0l|G
z93#{3B5$G%NsZCP&&y;?53%m`%eLFTSgBC?))c(L9S$uDap@dG(PJX%iOlStsj94S
zT4XlXDqHC>5CZJ1H8s4@zZfKEJu~7druL$frX<2?f9l~YKYU1phgem4Mri!*)HDJ*
znI<fUT5TBHorp%i0p+k|bk*J<Xx2K-VS9q{4JP1r=-cmq+*X0}#%C!c$*RMSRYlL?
zB~?A2IZRU08W>zJepLi&UU9R5P@ZUSvby4xD63tSZEg!##-zQU%dyIKffNPRR;Psx
zxT;wPiBLUg-psc%E~^XL7yLyo!5tV6eH~>GOb(Q;CAdosZ;Th3%y)D7HT+`MUA>jc
z?AQey+Y@(ImT8@NufDi;IEcx2;iF^aOhCyJX1!9E%D*sd--wE%-!=gYMUdJivpZct
z@(+0vS6SQ)`uR72M5b<Lcqf6y0*wKCS3wK!K6um$nc0i2Qj^XZ>46$a>-@N3+V)cJ
zcx*?ujm8uLXdQD6F;$EJJ$B?*S39=5>(J>Z$#}PW42Q9YB-7%xBJ#Q(iicx>7nf&R
zz`vJ^eq7$zt5r(NpcXbA!wd*D(i)i7P!E|HFvCET0QBzrt&f(i0<w9<l_&9u3z%0F
z8rb5Vd;jpf2SpXbzsZf^mQN$A6N1#_1`$|`u!Os_#vc94`ips2I#kg;Kj8Xa;A%G9
zHYS8C-w_@ZuOi(*bAXZ*ZWg~9$RVALRC22^<C_u{sq6nA0G>c$zpiCayoSev^pu3I
zYU}GG6#fDp@s4k9HHufRNi9#mi6`AlQa_w7$*3P-(qX}JA2Kkn(sh%TbZgSydIP|l
z>?*P3n|3A5y*g$gCobJlj9Lvh-+E6$ns$jz!_^uNzM4ip9c0q^hV;&8{1@e&O$S?L
z^T1Z*%ysMsiC>f~Ohai!<2+^s&l<)XzYYtaXc}RZ$!xGy<_23$wxZOqsAL~_N0V$!
z6}@(dj@U+0jI@oe)*ALYmDLmI=<JqqTi>lV*z|t6S~7%0X{}QQO9}}BJ9%Y?djYiT
zq@{7JhZ{wfgEaECv{U#>n+p`~Gcc)A>Vt{*%$o}B7>p+Oy0xf418uXb9~pB%>an&@
zYoXjDh!OLxRQc<tCBK()`1gDLt`-1S>kf^c_#vMiuU}97CtI8a-eHds)9^83XlRPo
z9sec<_|3t@B}BXBb$xI^HKsu^g+Qe2PU_VCuDTlv9`;61zNnBM9;O=r0Cz8cXz$m&
z+8XO^d*chB2%?PF*%TzC#0kc09#V~*xrmCOsS}?CQ6d1}BUs_{j8y>-qbAR*DsaQE
zGaIRvxshs<jTbenL7fnWi(HL49ls*p#rxEsf`l2H23#9m_Jwx?+yA#+*<sL!ux->Z
z`j}RpAKZPU0??1<y}11P>E%A317W<#$CXam;RM%We|+o`56wooQXWODufK8Sy`V%l
zxL|vCu~u6qzLXBf0`9Ba5RFUQY;K9tD1nx96+3U2f75Hw`8tJOUGBOa#Kpy(^wQ)F
za4r8THp>n?I{~f3h7~B_6WCC-x?|7Rp^FEuwrVL*VgQgY7)HTVvk)**@`kTM7IM8q
zv&TJv)Rla&`a)iaTlo+=ohbdxh2TKG@c?9fx4gISV8-iK{oHNEx*Hh&jJa3qrwkSK
zebShAQse|nH4lkM&K!#*th1<LNgZV@4)cbU5f7P2iy{+wloXj8Q=8dH#LSIEoNTGa
z5PpQE8WXchl#bhpYsVlXR%#rSh~f1w(n?jEc1_VGym1VrqwIt>xSs3n{83G?y0ad@
zTSzwmV^jOt^wqLl@l9>tjdTxW9g9Y%NkyLxsM19J(JpD*^0eA1UuB?ecsBb5jyzbj
z9^0^=b6nQeuRrLl`a8h<AS%j+Eer|%Ei6J_)o=y!2VeoMr4_Ar_?XhSgcT|Tz$@>a
z`tgw~XYrmd)yFi9Uzw?4p?h;)^wZF<8J<DE4Z*FUdKiY9dUy`Pj!_%IVaKLJK(l!e
zP;%zFY4R-23s#64x=0IY$LgB1JQaBugk{Ki;Iw184FS#F5YVZ1j2zZ&$413Yv18;Q
zZaX$Qx3*)Ny5+b9BL|VMYYqFJ56+D4go|Js6HU8cZx`?vxK7C5jGHF#8i-UOxt7sU
zr6bmRS<n2a7EMi!HymlujF*HK&kBm&@y&g+TYyI;<Ws5Esp@8i<$mkMs@>Xl?-C#7
zSgufxd@I1g+v=ZG4;oBUt~Oi6P!6VJ?{OgNwpvhlAoAtVwty5Fw*~n;!X|R&ibrwS
z)D5dcfGoyg#>&7?SX0R>nY0t!7w(1?xedq7-EiE=w!qQK$Yl#Cu|M}RFPFfA-O=1*
z<S--FU~JJRSpx@$lMb{~597V~^YSHxN9(@V{KiC8b)bhNo_c%YS9y@a8s=7^AdMna
z;cjy)duY2>3$#nA(ujfVO`3Enw$dN?lN{JwRjezJx{+XHMe6H=7)EQmZl`Z^VtI$|
z3QpG_|K^j@15tfBAS#6Z0C*v~V<`7(D}aP@V)@W+R!dxxB8fKe0Wi@3ifSu>8A8z{
z;`8w~c8}ykY6)N^`*p5Y9XNE9r8&P{6)AFprI`ngCTHep;0Ih}EQ#WZ#R)H^!_n08
z3KdsLB6t{7BbLSnN9R8W98C^8VreL`GcC<Dr1a>b9ibgk_H$3tudT+aInUJW*%*DD
zF&>QZSDN+*VSPxjts|Ua*%-=vz-LkYp5Jpiht+{>e7A2pR0yQ+MR_cMWCx;P@5wi4
z-qCPRGEGMMw}*C2g<FJsd~@yT2PMo0^)4OeV>)a(p9fneXRh)pX@VexMy)=Jn=E5R
zn8qv*ilmIIIt{qHwj#G-%lXfNEtA9ExVTiVT<cN23T_O>o-iEKV9c}_X)egFT1}tH
zUEW$rk5BL3sl*3XciQPKbP)iMZzYN@ymAM`shD&c-kC}RX-fjYm=$*P*-GaeUHXeY
zL9Ws#^{TIlIDCI9?V?F|<Zl=J;V38T+cUnCqhrDag+sX3F1Nraxgsg4_<GRhV+*x&
zP3@9NlUa$w@{~<m-65{Pn&Q89Qa{yo=#*s+ePHCP>%`uxmP^2rF#Jka_d+jU{}o7W
z7l0)bKeh%OidZpjN_>TyWS=+GgU<lw>V!0;i85DcaFwG4&KVN!N<)c@Jx&Q@pbg4u
z>z9HlJq6y9-kqw#S$cB+sqVb@d<)zyx3H|Cszn1EDC;@}CQb^SU|;9K#L1b{q|T5Z
zGVpoIV!w!4nPw3ynkLHqqAJ1>zSG=>iRV8DCQc4JYF}wKxdU567}#mJaawE-H%_vM
zk@8;$<P>FV58(s=FY1#u=r`z%ZCOuMb9Kr)dFxo*H>;W39>)906n`O#x_gpp4wM(R
zRYS12MjdEaH<%%{u&=s;gvnubK^zjgLPQs9!LSDP8D;_6eN-GAttZRrQh)(dc-Frf
z17kvC*;lvNOH_qy*DGZez1tSdD2$92<yNi{E9oqW-qt@UgY)(J#-!f#rv`NWT5gLD
z%p;c49h&f=f8GJEpzW5wY!xs<MY9Ied_1bJ0r-dE{0peZK~UShkk9k<TJ4`Br-|Nw
z3P(3=yMBU8+bVb7i|b!6yO%0ejLtglP5FDMHs*l2z>huNt?(O?cV)S0R|--g{Zt#(
z0Y1VWUIRC{8vEeeFonwqzcXX&6QXzLDa(E~aG#Vo!K}{%?vpcDepHDdN|}i2gvBDr
zSlNUL6Lldk-6GEY+KsNrZQy?XbAbEgu%l+35>zd=II1p!uSO00H0(Ytc5-2m<Ka=!
z9gpI@ke1{nn7;2~z10b>V;k(Pa~f5lUs~lq_M8fFbvUO&PaObw`|w!PLN`KFss!71
zquT=lcyrN%x1^54pTN`&IEDisw-$#r&UJsF$SeA)YVCT+<E4gbJ-_fRvMl{_f!2Ms
z+v>ZAO?0nm&MXKPWge&(>bO=<2jJ)P0Qlt0RT{*+iltQ$Wh31_s1x*gz~V^wRaz#(
z_iML(umSk_&jH|*!;abqO7ML9Fb!i*i@E(iN({iH#|qr#IePWsuP=|V6L>G=EH6#I
z9dAVK5{l%&PuTXap;Bn--h0_QI6)z#)>~L@!p4x`{Khn7(`sDrbQVz2^IP2Jje4BE
zkP$Rhf6ON9x4AekFv*W4gID_9^nT4>hj#;)$#G-)JVGe9tfnG-_HIp4mG=Vc2#^#M
zGLU9tzkKDrH%r^Q=RO*UhH6%a#BX+9*Q!`he&P`IkUq0P=bH^+5-sSN64r|PYMj^9
z=}`B49@L$jITUpn2hhQwNn#dfRmFH-1T3lYunL<n5TUz`L2g6c^PdBCCx;!iSCk;t
zGL$e@(?IXE7#R+vA5`iQbfW`&^X}gJ`u<Db*HoXd3wdk<zlmugOqdk%jogVIJ$+(B
z)lO^`f(l|<-9CU@Q;{fTGXl~W!NTQgTXkFN9h@EJ3*JF7p@HG6QB*6PyW>yZUt|Z4
zBv>_HT=d=j9>wO1^sN>b23N2Da`pZlrP<UQa`++BQQ-MJ6gW9^mL+kS`Uy)i;0rFR
zlI39#u_UabqRvGgj_I|H0?&UA3Y;AFonq%ardL;^tGTT38h<S<KHPyRot}mOC&f(P
z2U4{u!Tvz&do93C9G>6m6|0+08aCb|*)~Gm$2(vizAowD=!LvIx)K2oy1+PrCQ*H|
z91d0di;$&#SyKT6_Y(Q9zK%?JCaY?vT5m#}AG%#Qh*-&Iavr_Y;m`Rz_%k_kRg`&|
z%3DGxF9uMkQL{4keO8Nt#}QBBq8^D5+wkZ7=fI!IVMkPSgckNR6`cluCdCF79YYC`
z4L22g4<Fhg_e!hiwlT`NeO&3x9Iq-M1=oc75LP`BImCi?ZYW&|J*Jsj2Z}JWiq7kx
znJsMT&f@X5uLYoV<qFn%Ck#{g;}Vb!=9mQR4;JI&?^T?yu3t+p8X!0Kntyz|daY?@
z^)Roz=kG|3Z?)vO-cK=Eujk-pyfWX@;d|Ee-?i&L(6HNo6Ic{GRGKJYB56{lkkOJt
zCzzCZNMv&6u*gF{l#YB*2jI<TIpd=6S<}Q^lsxfc?v73tHWIn`IY?x3Shq<TS<PuC
zg&f3fQb@6}Q=b(40Pd_Qv)-vX`!(;n$JM6p%etQ(zBWzyaYNx)=|GcMW9b9jkde%!
z?+gI(zxH-1=YCF;elc(n)uJA#h!AVDTWYEh)$~AcxeM$D0%qI`l*eXO%B#7*-!1zG
z1VggNm#FK;tcNx;+B<MSEFV{H`a5taHz_o(+{HX-F*$SHMBFcgV186ee<3JxmZwq1
zq^bwJYLX_*-Q`k+4J|Hy4z!pYc0{?!mu2#4{YE4ddm5;i6f>O&fEM-hua{TypI4t<
zicY>x-1<lBfDW}xwXIt1wxx6$>fr=d`87h{$>&z8EeHH#M6*pHkNw4~GAd(!@Gh=M
z-&L-$*UuN?)$OapFy6~P9bkHf4n#bP{9*-&mEV^Lz`<;Zs+<}w1-9|f^#>421)Bqn
zM|5-2)j}v+$<!-iCdz7htC%FT{b;Su%tFc;OYgfoZIs+^i33ow^X}yXw(EsuqmWBr
ztAmb<KH5mtJdxiRnFb{#POwGuz{ljwX^|H}P{b_pGwEoE$Y*&29o9utMOBjfh3{@9
zS=iv?;^%;m$zexq5y^C{&u7X6O+y=#VxztVjp?1@TVT?kFf!Ckf7rc(rPB=viCbM2
zv_Atn4+8LI072-EEv<XyeR8hyUP!A_tC9fjJqrF^p_T77pN;idyoU59r>|gwf&pn)
zfRJMY^#5Bq1jHo(<sk1jkNio+FEkk>7y|}r)BSa*n}%ttWZAY?-W&PvjcH?#+!+Gq
z>)_?oD`1LKF4AyK(U}nI&Gr47_Gf(oUy>Sw{cY7MD}}Amy8SU<Qif*=;W8<7g6)}y
zTqbAE^Dxiqn6tbra~7wu&v-3wI)2n7L6pR`?~hz^Y~*tBbCApAu<u2EOO-v4LcPy$
z-O8&jQSCrVkJz76xR(hFG~R&u%7)UaXCJbBefYn|$LjhZp+$D3U%XEAb(#!Sov?(p
zqE-bdjyvA<R5Chag1s3`>a<_dLalXx!R`H3Ef}kuHUg=5mKwQ*1y^X0q(h?zL3m*I
zYzmul6%&}q*@~-q<lRtV`O15%{;3Gu4;F#kj8GrdD!{jf<^gHr@&U@XItwL@FL<lp
zgXsIm;iQ^J?NQ(xhB&YMth{_7boiCy`)uKh8#)pzJg}$@KW4k_iDNrmF4_}5_O<%v
zY3)V<8qj>WOUzRA>_b%uy=jnq@>h7s>JDtM7X7qY!54*Gq}F5o#y2$<i5O6~IuzRN
zx%=}%In9sq1VEOe&2|Xh>j$K4^%N8|DRhFZo`-@aXZA&&L{aWbKe2=k9+h<1!=`3Q
zl|@BR<%y`=RVIavf-Zgz3Yr|&X{#xr(`@xL{4*`KkAH^O@oBYat7GH5ag6h>+25Wf
zf(<&3+DqE*ivdX67mI>!%A1@bWYopugv};_+5gvO&$ijp@Rg<^y>b=b-QVvNX5IYS
z0BQcgmip_!&9~(MLDtnE3M;JM1%e4LEUHt*@(V@2@|lpo07_$UI}dOoP4P)`xsf}{
zX+ft0j*EGKV{&HR2xu!1u_CFZ1?5%2AlS#Es1EWn3Pn@6%X|wPa9sQxz%e<j(}Ge$
z@9-`}qH##M5!-nRw3slLq-b>~>YXCwF;0crCi>DQ4IpCUH+}W5G@$s2CsUz7KkM7k
z7i*Wqnv3xMu*MR~zdiyDQvU~2Fwu`7;C~<_XU4D;cG;IxpziINNGKe!4CK+rhkG_;
z0ptkMs3~u8qbdr(JOGI~+`@ZGk>`fw-BvLmVKv)&XF>?tB;t`&Q|EySCiG0c8$>Ji
zHXl!w{Rev2Xa-)KsW!9JE2s&<qBi`ydYJzFgJ11EJv5QfugCP0&@?SV+wH#8L(U-0
zE*vNL(sgm6k|j2jHp}wFYL{4W)JaoWwPxtHr{$vz<P^$tQs@K&IS+A7&fMg6+%!P9
z#CgTys!Cazg(a)<pepk;OyY1P6lo)_i=TtICWmzz$g_p69YQ14@oe&PQbKAEqB2*v
z8@`q{2KKDfv*)Hsl`L2C-<a~>t6SFg&A27HPn)74($w9A#Uvr>gNZhy_O?%H9qUct
zUNNz;dd92_TmyTLiLfT%R_eAxx@65aDtT(iEfJOgkO#>0;73XbCxS}%pB-A+8QTDM
z=a_lW&ts@}Rpp3P9=?3i{F%Voxp`Lj1tH%HO#!ptmgQKj*+ri&-uvstVGUaU7s~KV
zfliY`Cm5c2&}nk!FiE2(E^;QoJ&QxZSs}8LB}tIwdBFXYhi=1TL#K<M1Dz&^bs8Q@
z=(A8v@r3D_29u`6NYg_}44iJysN4n;R-p-1poNlsHRH_|Qh=7<gBKUV%#al7*f>CY
zO?Xv&S}Q-p411yJz4_*OAwF0Yy)w%$G3nIBsxxY;J2t{7(t0jLe;?|-AjWWGzmprA
zF<pjh^_LsE1N8hd*aHCD)wTb%Gt^50s2@u@n@PO~r!r5+OBeI-(&Ws!A2(H!KpSPK
zgUI8M6+soSEQsVKt0{`YA5mr-FJ1f`yfiuN`_=6&$@Wh#M)!>%w0Rmpnie}VL`4Iw
z2O!fCRE2pc46*1^Ov7WU_%e{el+fzY@9oG$NJ!RMTxJg#SVCGv`JU8G<zBZyQ?Nv+
zp)_vA(RkadVR&`8gK^jaJrjTztP4^PaKvgeh;0LD$nD)$k-<TEDA*HqF&J35`)fj_
z``@Z-$>5Agb5a4bHn<Jl4uBL}JKQa=YzxCgCGD4xw-EWi!&2{s*qZ(*fGHokrr4b*
zht4HBx-+oR!GId?{z8+DT$pPf-hpZrZO0H5f<KVj61aTjRZFNgQA;Rd*G04T#jrD%
z-+TU~d!oSC0q&9a0ESWp1I<@uDpL-bRQ3yAhVYenC`{P)_ExoMfN`sV!b{iGYS^wy
zEDuF1l+B$2fG34cu(|U9@Z`*~pNAp}Y8EApw7EPkSf2P9tD_(btEz~6p1N(W4S+9x
z4gj7U)@^gi#kg(mG{ie8rqR>;T?vdG*7%ZNbx&&A+oJLGr&(f9A#^67rW~#vYo)hH
zYSjBHomeO%1EGzsMY91qLs)8JQQnXH#lLoIUWtGEC(|P3pPc3!SEs|?V6V3V{YCKu
zItu_2ecv+6Hz>b(?-JV1NzY3fzt!eDP6(zF-?JxQG<4YW)a%)=>EA-%r>*^vO6&Ws
z<<^_o>+GPCkVl^603!Kh@%pOdhF(7oyj6WT0a4p-?eMy^0IRyk#39&j4~4f~9o`B}
zWq*I74bRlK0358JdTg^8FpZ4e7(TB4%aG=AU?eomQjkMZhYe$|Ji;c@YD%H%ro;D(
zdGLL5=AumFvPyhbraq7dL<uXKjI%JW;@nT`ri`5iG4n0>KK$?#3?e<O%OE-y<1&b}
znA0HAVorm&*AIa<i1g@V2GRIxU_h`7-9no@)mx-TfGIeaZJ>@CL3$xydx*TLpXvR?
zg_;{VL${bS(9Wp({64qvo-b*)0br^PfO2(Jn0kK(<H*@uC5Xa!RE=7CaI;*?{i;S~
z!zlj&W1Z?5RjX?My(tXFmjlJgp|Q5iEARFz1`dt@{4!n~7<tmhUknzWfY~|r9_^jc
zLZikAMW-7hdgi98qd4<(mS+%G7fr=DZ&H?IJkFXdP2<>^c+C93Hby_C+<+d|ZH!3J
z{JWbEufP0$d8|eHwM))zjp(mNTO-=k(De!D`d-+hSHm8(*QLqAZ61)$bG?JNjupMp
z8Ab>?<E&Oa53J41HhjzPEZYDUP^s33p-S-utVQvV^+LaIsyl%`2#8&3RDvGivx)k>
zfCqT_%Clb++)Lq2Xc}^iq&>f#sRaX9u`b&@Y$<hcjfURq@*)V)zFW<QfMIsSfvNgI
zC>G*+S3xRp0b$9NVw>x97j<Z2tUlI(%Oj^+?QZW5doU=QS*uqIMi6ea7xIoP&@t_E
z3N#CwV>7zU)8q;S6rE$9D7mIcMG$6!6-gFC^)zQ?6eg@`@`8(^Nz2&TK|S+B+dTc0
z3Iuvsw|OE92}aD*qyhw5>;&^f*Djpy32DB?<F;wc8c_@QA83s(2I`?6VukL_7H-74
z|GI8lSDPMn-T$>=M{L-HN(Nf!1RFN1l7XH%4iY~qo1A44V!HyL@up~4(qv5~$|O!w
zXP@EBk8B(EQz{wgVcj;2tST6>VUvm&Xt5L8aXN$#G!Mze_A-lV>w^|m0AhmO%S*Ar
z=t&<Kx$Sd_)IDzOp}pTt2*kSr6S)DCa`n>N3Vv^}5tZg$fDAx|SoVV?=nMJZr*gIW
zj>}Xn;rfqsFOMZj?_2$YmAo7tc4$APFaSz#hxSyaO(y{apdZ_*#*;zrC^|=tshNX9
zR9RJItV+@dIALp+hmFsYxK2eCgd$5uT#?vT<DUX@r-%J0ws5_rHJPURR-8l+6jGBG
z9Z_ad3^IqGHtmDllJDE)cS4;haot__)2@^|*n5C_Lp7H4M=G84>Yr$+HpIB;!o+Wp
zAbY*RZX$qVG?e=A4i_ta9F;_`sqZam)c1e^#p~%+Y<{zY?r;MmxMps_gcb&Q)U%3Z
zy<WB8BHXE-xY#smVUQ5Kx>JoU4LPM2TdJ)gx0d=@y{4B3O(|8=fW3FuBQBeEBOW1{
zx7jUpy6%f6SG>_{8b*^&g`G!R>n~?-WCX+Gj96E`Pm2X1Gz<gjh4&dXJ(8IcbjAMS
zUq0Ijgxml_!*rs~V(yj;?2uq(Pc<XB=HrFD=W7M5P(U}{trTnfkcU-#lqTfeZmo_E
zhs)>?E^3YKA>B_;kpbhGjt+Z>Ipy_X8y*VKLGM(O{?1`q#!d1p)I2?NSfzE8q?`p=
z4n#Of$#@)AOq%07tE;>!-1K*upV%h(r=aHPVMk3eC3u2Ko&=tEh#i1APO;C_Sbr5_
z-7D3RTjN!)?cOJi7f{p-{T0Y!U%<WoH+iX|cHdjaO5T0=^!w+pmmk0Wt2L>n=T^Gd
zTU0biMr}WBRzLcP^I)7byg_#oR<`AEpl;8Y>4v;NT1|LCM6kg(d*n|h7T%*mma7_W
zbytg4QQks#PIyu1z(QIMNRq4xDO*5R9}r13$Ce&91+(zs^vp?;l~E-UR&uyxg+<Ep
zItdvM>p0HJD#(J|Z3<G`6#Nu?I6dsBDWC*TFa?v4;tsLXdWzEn=<C)c(8-$JZWBR$
z);S|ZfoU?_(wq6B8zJe~h5U_f<yI5TI*eOFm<1X_4yDez2Z`}hI^AwgJ35dj#|MBP
zY?U4YP&VZH*(VMgZeu`4bMF|uQQzOY_e=YA!Ts#JK_2utas)#SG+%aJU$=bHZ&T6!
z*lj@2z~O{PNp3E@?_jlY1?K(BQGS2(hO#Nt%XRn{ld<0@I>)F`GdFQA&#9_maqL4I
zki2F^UHdFZt0eM6QTw?QE}Hq7ZB%{=_M0Ad)TmH`zZ-6<D@C+K7?w#ma9V6Xh9ljL
zPwzeuriB^;YyZI`hkg}E4&T#keZKkf6^6u0xo!{o)1S?Rof!Sv28#n8JC|Phqr4=v
zi!GDtXsS>Yub$%2UUFnHG*|#IGzbRhmxQbB*QJ{_-3xB~ep|AS1n;fH;);2rdHXuU
zm;D~@p5Eme`hHxkZkMVdk}<+o^1J`{+f7?v4BQZ^B)7xw$c~*WfP=2^TVPZkp9FY6
zfqLgH)X>OPivCil4NhM{ZoW9xov;>tbG)MlzW0O_zICzJG~iwUXK35qt1r8e-v@H`
zXk0yM>DpuHg!0+W+G|XpoV{Le-k4+JGu($M6FC7>?@;z}BRLCGPtRPHQJBR%V<P%L
zyuIs^8@G}!`YMbaF=IKRA=L$Sn~4)UWVIzLmTc>&ZLK-`A8ys+m`!q6q~u;te~<vG
z3S={Z>MDCrOnBK6vjDO(6N$_(zbqx8Webs)4#cRwn<b)_Qq?N#Bx~PE{w<h#{IO9d
zi3v`0lC$9T0kK#YGcKw%e(;8U%Etu+XH!A0>i?LpxqOD5LS&7?gc=U$*!#aLX4~`k
zIqN~(ZuE!0$U4~&r~hW!)`5B9GO-q*WOhUJ`cWwQhHCn3`WeJd{sJayTwe6iKxSi`
z^wh)t=pi>RQK#Tx#!<=OpbTtw-PvtG$g8$%JgYMUG9ECExJy|C8OK*<MOjLjOOmHl
z5y~1$n!Kt>nq-1zvd(xOxy&`bOZi(M<M?BvE(H@j&rTu^WfpcE7aOYopY^uS(mE~-
zdy8M9-Ugogz73|`9ns7{Cv#Tz9;ba==0y7#<n#J)gu0gdsrx_f_j==*rTfVEg5Mcx
z@nP5y7WKtm(vU4)cP^_hy-B_&t{u_J+{UhN8FJAO^Nh_lXE5;9!>KcKi){K>+N`-t
z0J$bW_>p>dr?y|$huzk8Rgd@1U+&($dVTlqX7&5+r<=iH-uS=*lPq>PGR&>a;7t#h
zN8GI}0$$@QXS5Wu&NI>$Fbtiw328({iC_(9O7XfbgB$`?>I1LSzXy1YJ~rl7P{Ao~
z1r-jv6<iEl#}k)w-G`tLdH=L1@}#CSdXixrugwaX%8p;qI&(nRjUL^J$>=gEEzQ%D
zO^xZDo4%-~olKu48FDjTtYHVwnp?%$5Xqt8myqES0T%kzd5^y2MaXK;wyqS|XJiPu
zRXWVLDC;@WWCFjGx$^WKIR2`??fPWeb@8W;+9jpJYa$K>{hjgb5N;MxcakoHPNOU5
zEUA-PDWX`#2(1_=Tna^+EMX;s7^P0b?!<>qr+*K08hvckonV5K+{ru$H7@oXcY<=$
zKg*riY1{e$HTGw4Jtsr{q0dvWYJ1%PQl1Ap(%SSny#EMp;$XOY%)k=F(L~<LWwi1_
z@55peUyoxFo_y#ve8}PNwvd~4v4idEfPln{9G;e&4e-xpH?T=mS_g-!|4@e?zq|d;
znAOk0B;&tS-0qiQlF^lQl#mpFNmjL>gwjmkP7>9Uv`wU7NtV$zoE1)eOmh17V3N_t
zM(rNuMW15#^RUUd*l71Z{t3w8?vp-OuVoD0hJHzF%2!RR^K9!Pq2SxYSUDLl`<FxD
zJ%cdThL}FO%cl=~VU~G681=e?etiF;aS<2T+O=h39Foa)?=OAVVe=Np-EPy317G?M
zU1+s3s1^ezxm>~j)Ir_bA{k^~`&`n|6`rA<G-1gR*nIXhAj))06Sp)u?#RU-`PFym
z%k^|*CDsRVS|82#aFLjPn-CdxU;Lu@IQ`b)eqiaKvfNxA3B!x;H3;aPo@$Q)UKs>I
zO7q+?e(r`QIrqD`Oq^e=8wXYNQ!Nk=I|nh1dy2S+U51!OS5E6R%T-GW(~%URg~~}?
zwTe_NEofU7vZ=zjp43N7r+*J(8hvck!(xJG*A>LU&I3;4VxxnNakbzNfxrsAX^j!p
zP@cKO241rjleZnNDpyk|SZo!3-4_pex*6M}qJ0v0KkaZ&c5t>W#eZXVyQ3$$g0p!t
zzG}=18*T(ho&$8pCAvN-_k<olWU74z&Eqfz&a*o15+4%yu#*<vx$Yb)bWGbD3@eP=
zvn+9Ea{Av5+spbZ>PxVnF>ptl586(bfws|=iz2NnN^?@yMMh}LC21N_5~1=WFPciQ
zD%^XK`k?Lf?*VP2kBxc~OmK=PnTOiO#iErdRCJ>M@G}q=kJk@=`a|D#w)+0zhQ>(g
z4Xq1efY2@dcHMl32+<Yt!6m@$%53EE>Fv*&o@)s6$Kbi03K)V5E%C<W2ZM#m^4g)!
zJImlbK3aM4lMZxDAm|~-U6k$uB+R&H&}IkJG;ZF@0Kn+VtjblMNoWcMZlR`32rrZ%
zSxYkpkia&Nq+omiaQgQEfYHZB%^MS(V&3x*z_?i4yiu6#6!W(9qP8%+vB}Ah{h1ru
zjS1EJdZ{C;*jbDqWLe#xKwbhqj<^79+yC@V(=qLNWkvn`i<={`Unm>w+bQ?X!1o7e
zrZV&JzQ8fujnyC1hh_M)&sb<3dp5L#n8%p0RTp3GVsX=@dCt(fdJWYh*t+4U`_^}(
z7@+V2z;wo<v-zgxFNSNLi$6T(Ue^i+&#-jaeOxr+1k9k{;cEc(+}E`<*Cos+JsXCM
z8&=#QErTJWE2~6%9ANLy3sDowTODuIWkHk#vY%FzRT-{ar#=ih{d-`@=wqV}2@{;+
zkmli#ak1yzT(E~Y9<0mJm`^h?7adlJD?wk^-<{fla3!|qzW&qGWsc>ao1xm=Q-<l_
zY8ctsPeXbFl`|kZpnL=e;;0>=h-5<}fArt^Mx5WazqV`f@V{J77j`Mur=GOGgTcca
zhUY<^k3Pn2BJN9;p^wp(c}?@8EJ~8nToIbGTHjr=jFhR&sdgw;k%p;xQXhSs{ypep
z^s!N2g0eeL@Fnx0$GBMUOAz;g6J?(#E!OQbe29;_L;MN)$^!o6|AN&!NSZLcs8`{F
zws^)OIrr-cc9S5@bD9ka(&IsI)FfjrYHWC^3H#*&4q!gAHeH6SMORLWO3DldfLB>b
zC}X9*-82bF+d7q*$`hJJZZ|%%HvM~$wdi9%juQw_TYeLe|F9E(@ZFz?2bhPe#l_HD
z4JP5*%uOZ0h7Us>!R;Jr-|kgiTjEH93Hdm<6=8V_6xg}zeCEuXzDLo<=lU{rf>}3T
zc00?zY%_q?4P05=5iN7#=Fb5Cr?er`)2hUXlpTrccQ69cFy2G)<-z)<p84Jm$GCzx
zzWT$B+v^h>{R|{md2WG>^$9`qVSFtno$^&#)c${)6s^By|5{_G55afndpt+pe7pH^
zJJ568c^KZahu&O!;lp&bCtuXE#(s4j4(DIX<(3wFA;dT028Z3V<|BmDWe8z(<-Fph
z;z>)2BA0~LbxUeiGa`7y+osC(A4KxHK0-MCdl16tW2d@CRDSI2L)_y$lrS!ay2mN3
z(YC{oS+c72{nm|agcQZY>0#yaHf^uJTLu54jnAI`hE!hJVcYA&>c4k<)%G1th_}Qx
z1=png0f=+<8*?++C<a%F{&m=KVV%EgTN8#9hfS93T#nUz-h6UvJVM_lakkeZ>;BMw
z<)@2*JR_~YAssP*K)V`T2Az|(d6{!iuuT$yo7kG5Z=~kw$B>*odSKg-huz*w@tk#K
z3?=2&Z!qEDY(UWN+t$3ftz3EAADR`k6JI}=+>}lJu&=u{j8Xe)n2`R2w+M}8V;?H!
zk>=owQK1P=X&Js4UAbsgk=1ES+N5plbP-n88L2sI)0)dVPs7B{nU62d{vLcW`q+t1
z373yKB~&u(lu$9pY>)b;fZ*txr2fgYLpWNnTwk0q#aHh6s}ZFlbjV^^_Bz{SY1|mw
zJfTsy&g^M8aNTF2n{|BeVB;_NPOtZS*W2XX$6vbdJ+_)o=tyv=d|BVd9?W20-@EqC
zs&_Odr{X-S4uW2rDzkP;+tUMwiDK>Q2=vfUaI*`*y56$3ItPA4F$o`c9sqcg^he#V
zq;H(Y>l(H~{h`zLplrs=`{971@St4>12=jD_s?;N5^x%N9MInsKYwRB_&ge5qIR_~
zhy~uR>5_MYMewS;K~X>U-w2{z$fmn=xlMt?_i!9go$q%|&}hE+`9n<hyU(KQlK|?I
zPk%+kAELT|Mrf!++!<!e(9!716)$*EKp$uY%@$3T5U!evD6TKFA}dN(1ZRR*nU9Xn
zBIxMHE!*oC<1S@`Gele<_OO9}uk*T^5jTiE!w%X&JRm0YNp0446d~pWpS|2$T<H4r
zj34bS_MO_fVIkLNFyLDWoz|$(1O;6N<3(3)B}*k!8IhvVS}JL+Pis+;CIu94TZ*C#
zgUm7?#+yZ8yw6im>|xJQQ0y7E>g%t2?1;vM;tF~xxq9U(BKFw#{WJuhufT2)+_hBu
z&F*pabANVtU2fODz)yjdg337`0hujBK%y(xjVg+oHzcnl02?Ywc$%gplU!C1PG+hK
zE2ocu%pwTL=P4)lu;(Zz_KaJEFcuYvE9Rx-nPMW3z3w4@cys&7PwKg!ZNJ_tknb>u
z`FtcDDl$PMmm%rUm3c!|TPl5&S2EM?lIhD$opF*1S<0*}D9@U(M*2v)EP|wao<?F1
zdyYn8&p<U2=O2w}<fY`9Mq-Zz<j4PkkouF7Cu!z34SKiUI`Dkg=NiqprLSzgfm*7*
z9)cw1GM`TciHb~6&t*t3bmgjSRL;tVq^hn7&1*(jlb56{E0yLVNs2P!FnuIg7D0kN
zPd%}RJx4vUX9Q1kOen6Rmy%~HiahqZ(|ltYZ|@A#nL{V(+tuxd534)Kwml4EG&^QE
zkyh{4NBzqVlYJ1aeKuMMm6)Kk%g{pT%9N+7p_CC?G@!JVBD`Xfl)!7s^RkHEk$kjJ
z7C{R=Pie7-Jx6I#*iA@jF`>B9UP_)RE%sQ`+T9b`m?-pa&kldAv{ooXqkhJ<w;Km|
z*$;!V4iN$Ry?zR809V-gkd$m0Bn4f$VuCBGeJfWmKUv6%ur^bquBx)mi&_*#Bna>!
zDOm)P@;rq_+3cR7up!uhf1V<$i{nIMs(UGUrn=Z;Atbm}cBZdf?V+^}(Y-lTW2n#s
z^;-srKv%A+LX=81q~J9GBBZ{uQ!0qcIkemJx+-{B{d_<~76C*&PyJB3s%NMl_6#%z
z#lZ<Ng}anIQ#kCgM&bJ65I}b<IN5;np4^KNRh&ang$hkj#bpI(bY+%`HcMzjnk3D&
zDi)G7LQzst$px2nS!ZEzUgj5|vq%B@d8&v#>^Z84J!7IL#Khx@c`13OnAl@MF)cl?
z;pqQpx{M9XJ%F(LDe%CcHqNg+X3Hv%=*lJIf@O>nNNU36Tp!6&Xg?`wElN>APBW;D
zxnFtABbCQzX(RfuXJ{k(j8Gtn3Pp7gm2^!o*R$=Y6e#EWZF^wd@o*AHJG5)XR&Stp
z6Bq$EX7<hwpjHR9SIl;N+2m&+*NH9|QeIRjuDtoON)ftppKK?P^wd|OniG~+(quhV
znx>HR3@fi+DMGh5OL_l-N)h^uX|5C%kE`*er0+`cx9DGX4vMJm%h2k)eH?zj59{sK
z2JD|gj}GbO`~p$Fpg{B?F8<|s+;{)+>eWWE!}jGvj{|%ub`P%@=+rAy4pzi=aqkX~
zuN++iSr4^)Vm?U*s)tw5rUn{_*b26pKKD-`9ZP6iYDZ7Ctz?pAO`UPb#)fUhFIwf{
zq7{UCtGCR2r>O?>7gVm$XZ)Ze&eccPLx*|&*%hoOl4s_Ej`-|J4c`9t8b%kaVHk&a
zTzzy?*u1#d|2YxMnNz(&g(g_evg#GOGUH9!<e4B%tAh|KQ|-~~Iwg747OE79;7ynk
zI`^wrdANEtM@#>L5*EIzi?lnUr?U%MPbAOu6niWLA^(E%0nGN?;`IXqo9RK&?yIb0
zB?NR;yo7*?Owih86)tpTRU~;qD?wml3`~2-NR#F@VO5qSZ7P^3BXNjd;mX4mt~px!
z7nHfsXSkyK`*E-UqPMflUZ`XU!h#81uQk|&SdSiXC>DeH`t<V<X?H{7_RERCI)fbe
zV-*lhpF^C03Qf@UW#uw-<wmusELBbN3}Ws~<yzNMLF%;TDNDF0(r{~0?w8B*aJg)b
zu17c%R=@4`yUp(2HqJ+;Aiaq{4^j5n1vFIhGcwZz6S%JEV~`GABKp#3V2~ECc&9ck
z`N@JIJ#$`tI_X&SL9IUj+*x93J8sCat|97<eT|^H&o8v)%L;Ai%8KSJtyx2a%ydA~
zh?ek*r=*g+&WfTavj}Bl?ibqfaG`CEx<@+lpRMkZ=OOAoyYz-i;!U-v2&UUG8sXIc
zhat(hq$Jco@1W3j-l#?3?ra5*t;BBs2-ssI{dr($_YDED19Y<?JD6X;%a_&f(3P1|
zv?y~%T3P3W=8bmyHP1+y$x@1<Ez(HVI``{$dANQz#}2S3zJvR+YkD!$Wzmj-H-V?b
zqnp_kJp8x#$7jR<&|S8U815hH@vE7V>BS|MJK^rbYtZB216sv(P_GWq$|J3MvtVNB
zU3h)-gx9xkS09Hv0xYZ7TYWYQj?6E;iOC)0hmKzy)#hlogV0M)-i$5oSuHz9!3TRE
z`z()!4M!N7s}|bKT~j1tq1d-U%j>Ab1oK>0-$Yl=3fk0dDPf3Z4nR9b7|l5mrBJD?
z7;AXsnDXnJIa+Fagzkrl7Wo&{HPL5GO6bh4aiWrF#}FzpW_dR1Pcu^6R+|uAoKxdO
zg(j%uvKlA4a$eUWS6M++oxr>dsV~H`%}JZflBqN)5+26X<$jGbM{8}*QOCcawuwGt
zk~+?=Y@(95I${!oIzCO%xOR0L%ouWF*CeHt7SYyFsTa}J`4!N7Sp^hbS*n~dnJS`H
zwkA}GhBReak}B`fpEL{&p?(FFqNTNG=qmb<XXq;Wj48T`3P*Jnl|*$Fl^Apt!a-s(
zjpGCZL*Jm!`;NG4=<TPGdEvUc;;$y)Tv4I8!qR0`PjqFA{G<hGL|*Ao9BMkUOm!%3
zk)KUkg>&T8uX@sO)pH2E5KYCT$FLhwPfYN3C|<9)GA;IDO`Toj#J~7IKHscDsYO)s
zEql-lGMJ8R0^v?=TAMS3Tjuane%D=mHAisLIW9L)=YbZfr)OaU111n%-dNs_{b6_P
z#|Lq<V@uznFZ}oTR4#P?xZg%aCYZspE<AMQQsx!Qb&Ol&sen;`DXFWJ5neX3PAF{?
z8ZiUEph?38&6pXWg~vDMeO!g%y$Q(q6@E;IZv*mi?MJ`wn@=|@^y-O<J?nyIn&iLe
zKik;EW2?WXVP6GXaf8U2@$N%TX1ZxHKeB-*^>r(O@rR;cDtIu=FP_q6#Zz?UiZd$n
zIw2KrVE84#VG@y(OxB7vB2DWmd<mp}@sx&(r!kAbq+=ElDhN)oh}qRq{QIKDfJyx3
zMlG5Kl|F0uhyKBA&V`vU+hsXquk@CL|GsByG1EIbeF|vRJv<J7b9C$sX_2h7MF6YS
zH}<H#|LN#I$WRa5tKB`!&3?3r%(a=|WG4a0)1fyJZ-1_vMu~$0R;%eYXAUDTJi`nP
z`@w>SHox9Wm(_dGmD8%_b;&ZKIE5M*qY#TxQe?czSjN(tMhwlb_tJ2^H)d#PaWrCR
zq2|3QhBmvL8~(nQ)-`klp@ry^nby-ECPT>N2xj$#Vc@$yBS-4B-i$&tOiJGwa!VKj
ze{U)Fm1n&@!;86)Fi8y8q?x86&o}TK0~$`i`_ozm=JcRnK4?MntH^X&6&YQ*OletX
zf{{`sI(Tcf@ic9c6KG#+wG}lik64gjMW*2@a?FCzQf2IljS2n$S@=F$UvE!+Bmx}A
zuF@pnZDXc2yLgOBjwJji-kF9<d#f;ao!57tA{QQ%>AvTKhs($6wAV-0Xec`lOoKPW
z<%YSF<pw@;1NJD?;Rs_m^f74Xk=i@VNK0vrP42#JH#=sz-|SP(^R_Fs6^F;Y8A-a?
zamSSp|2kT+RQ*T#kr(|)b~C&5UIAa5g-ydD=BB>8$K04NXV`B0rWLbISV14ByR+|m
zdHh=C>%1S_8!kPZ&Cl@??&q;Vt=&${U(6}Pqe2t>#j-Lyx^knmS4d<=@+>I{6%8ev
z!tB&GsZ_~QQ6%B^LF$*`X}Am@^A~viIpQxc!KMCUcJ&?qA?|{=KuqktH|uK5O{~~G
z1ClQ|kPWbzZNT~;7;s1LPC9&48)YZ)xmeVNpf}!B2)H;B^Fe!?+@B8j%3q{a3_2tX
zq2YPJjoHTYx!zHc36`;}FpsXB$u^+{Pl-s{5-NW=X;{NySXEm#O;gsfG>BiAr{ThU
z%rek!(U@gmf=ex9c2yq#A;Ok{iTQ5aQ)TJRaJ1J#xTEPmHf#qFlmf}!dS}@2nnWLK
z8^{R)ZSUi=ZfL&w#LkRo7sOGC31+dZAdapqc*~lSC;CoC8$wmtlExr(6IC_(u&9zc
z+}B3^f;bH~{Km`zt?I_i0xf?pG>h4lar}pHW)TS_(f;5OgK{O{F%z@xUCoDr$enV7
z=^g4El)g`E=-|vrKiIHMhl@p$toD#S(Lar)+XQw?8;<s|>3LY{!p)bf*GE7BA00-e
z55y*j>SGSFH=RY}n4tA=*y+pR`(eUDKkLa7ml+d<ktXJ7oV-)an4itrjY>=~=4EgK
zbY)eSMI+OcR4M@mDQ(s@t%bfV7BrQd@iJ!2KAeDtTc%^ijDitj#*Bgo78>(xTmk+=
zOfzOo{M<s}9wtr)pupWcj->TENF0pR+#KOHcZ5L!<BbaJWd(pX;M^YWgz(!yva+`X
zo4+xp&>KTHOek@dy57oRh}hqI;X;uYsJ+dHM9^iB2y|syh^$aq1E*zc?pTDegp#DK
zMM(u0BB4QhD||>q5pD{P*c&Pxvo}<5p}nEcjoKS3`6G<4`su_wmy1EeOY{jJFK<H^
zlXVQEfyIWJJU@h&E_vd{4);T}OcrFbgV|u$9;(fBXJqspZnSf*fVmk$Ry$Dm`rM!^
zPXwZQlR$-GLQY@@SY1C})em%kXHHEw_e@{*w&v5TuWPn?^Wpu?>f`R4I^2Cx8*{(>
z2>kLJ#7=Rw3M58Qp}46Q%fKM$%1N6RB~3WVQ)tJLsw8#6Dk3v|IA$$N8kvVp)dzzV
zIGVzmL_hSpb1yyuWI~_!3?NfrPeZ*4vDDevkSCIUrzHB=H*C)Yc$58xZMR@+-msdX
znP6y8F!<;0)aoN^ZQw52c)qQrK89K|r)2~?nR@sZMu)E-Ov!L0Sby{JckRa@?eXvI
zVgH}t#Qs<vANTz%ioROm$lHej4zNUDbU-ZR`6v-oWP*JxLy4d(3tmZ9i&h_Cr4Aig
zS`bE?f|Qaql@vM4BBi>*M~M_T-eR78`~^+#fj!0SV>WsOmHhm3e}u&*Yod?%{mO(#
ze}K2C-yL+QC-f0yKM0L!>@XZGuBHwfK~y^gyFpZYKHQ^N2KPW$E-RkpMO~4k0O}s?
z?g`U2PFhwoTGv7<5sA`#xJQ8lC+4a4U(hKZ*i%fkXTv~HNv!`86}VMq6nh^{np43J
z_&6PR4}H_+Q2Fg(_}12q@X{J>`_P6-JnOC4oZ#YQh2dD}95bqEnvo}ACNjg|R~^Of
z?X772U<ZE<n}9}6#3<%~Gf<%kX0Z&Mfv#Ma85cPhB&A#t%Bz+%(61~To^vI#td0<%
z7d|+nz+n#a%;GO-#YdlE`sO|k(KTWkvw<5=B+sHE?6Gb-1Zd-jU*G&gtK`G!*k|cL
z*UeqObH!Wh={wJAEJ>iY1GrR}g04-RbJe<f?D}B(+{{Hs{kdObBq`_?gBm^`JW(tI
zPoOK)yyDQRNhB`{pz_hz^D@mzo>MM$z%Q~q;`n{=M1i9X=4tp}Kw6DHW15D~#!ozv
zJkxOOu};Ikd%gL_9y<b_8BnfPQNQzae7O1QtHBV$KqE4s8<4IAbk(5J&adDX%PRQj
z%4s8cnPxRfvr;Q<Lb(pap@QG!EU6QkRgozGg<ruh@RIjDrTq&?s{?y7y!%%p;oG2G
zOkL3t_aVALRLY=v1hB4yf?ocT_J`D-_{(nR23(mghR&|#!K__|sBgPH^mkyxNcggU
zPG7Xy?6ei!03gPk5oc6G`dI*MHFz8c(DP0L2hg(#BiPT^9)RxI89WZa20K$-b+uN+
z)aLZ+qe2r*Z5bp0U71!*&C{YLHP2I+{tT@`ij#s;TBLcwvMdq-`H+AjFvGm(EVFHG
zh-qQ+Z*~v+(-G+pLZv?cyt;!bxK_)n^p>~59mfm`Ulp+>OrVc?T(mBRX_=7NVe3Pm
zg8c%2CRb<Q3iQ<dvR77p7g+T*zMOxBK5f4!wmE)z96mPOpC9&6rLpvbpt-L0q3<pN
zX7%+ba<D85Pk^a?Pafu=a2CsBzL)+emWh2f+yIrBU~<dg2I$IWR7jc>q^t@-XsR00
z6r7Txsq?CBE2gS&g|hJB1_fT9pJsBHeAwhLsn6@f5w4X#Gx248oyzStxapYHp$q>U
zu0RI9=N6!zJ%3`)=e1isD0S@5q~WLZk0+0HQQyH4^TU?)$Ag}&tdFGAQ7`u|<z{j3
z4{LT*c1-cOr`_S6ZP))Y@y2)Ege`t`Z|1?hnbixu>F+T^!?qpBdd<fI6w9yx=*m>q
z6=fCGhg(?^n#q#rvo0Y(KvR~M1tV-}J{F+Bi|5lU4U-RB8YVT-(q>ou@rAMTEySDt
zQ7fd5iy*xEeRDi8Q+%-Msa0H_Y>5vyBb3&_R{Y=hM;N4cZSAsO@$T++T=f=89{qG6
z7q9Ej-aU3l^<e(i=EBU~(fy|><g)|Y9+fT4m}1Pu&woajWdJyR_f^xpZ2k?gvgeZ`
zpdu5jY#9OoUAaz*OxCp`RU>r>S@DWAJj)0xSXrrx)k=m_45g0%DDjf{Br8MZgI0!0
zO|!DVrXyB{FN|0jD&P*3pItZYsJt*adC+;(!qDg1(_;uu4co`ik=PC0yVjojrrf><
zajeG}tbo@_Xve*qtJi?}w(uQd(s(A>4e34PghKa=+YTxcx1DlXNgiEUU%FIYi=4C>
z%;rinPU^hOiD+AuRt+zjCVWDbeo4N>i`dg_2d!2IZ3mN@Xgjkj@A$$x796{nFftKT
z{B~zRDg9{f-_*n2*2;|$4fJCWxjFm_bPw+BKm~xQDFDS>%ly0xtP0EMEgv48DKVo_
zE>#UHcVBjgBRQ(W!;nYO=gbyHkpu9vI}VVXzKd!PpJ}1<_h!|7WBdN!^}~Q*#<EKp
z%38@^nqLgQ*yYo}j4$>Em8K2MVFwgy4+83Y8qK{=SsFcq6Y5r`N(Gskfv^L!>N%|b
zsL%wvUIryVS5}EEnkomDXQ2oMmh#$hlb3BJs7PXGq7Nk~@#6b5yT;_hc8wP9r`h#v
z!~njqZ`ZHiT&vi>4Ty&bt%m%gBd+b4$}Q2Ab_0*bAYCHzsye+3{?G(+mp!Mbu)q6F
zZ^$=2%c!;=%gW-q<cEF_%Wwe&UVrb90KFN~E<HOhK<^F*$aflQ9Q|!9_vjN*^lY6&
za)Am>u)<}i2Xtjsq_m*5B$?$}7p3J|=e6ZpS7{mUcPf3<Ly6-Ardc5-AGSgiV=&DM
zXM-E?g|WyK6L`Bjtj?JK<?gH%<BB=Dne5gW^&xZi5hR=YF0ci-f(|z_ZE3xkKY6Yh
zzG;}1>|IhHesZmYF@U76T1&~H&F!?8@Cmtt!wxm0IVcHKXo49nLrI`37p$raS++zq
zr69B^nYN%BCUdrSB%-M6uo?L%i4w;YOfw@)K5Ryq)I>9y4TQiKw(vK^mQdb{ue-JO
z_NT2&t9!|lzBmjzJG4SvHP&~b1<ZBNwO&AP#OAo(o1O|=*=&bcuCKcFY01$}&N7fM
zo|^Z~lkCY@(71VOlQ;dy$MsPSrN-|On|uD8aa3f2#Vtc^pevW0Wg^K^ZETJHM@kuK
zq>d(4QBf%bmrWHefR{dMqr@=|(<}~?4_h2MoM4*8%?4)R3lD(P&v%H~VWMw`G&*>H
zxN<>uu>;6}J|tfJ^r$aQ<nybKUmn*`!+Q1k=WjY({N7?qH~Ou7`t8?qvp5YrJ!5pH
zU5vGD+qS2+ZQHhOO>Nt@JGE_3F}00-zdd{Qe@>F;-aNT+=2uu-#cSAEsCNT`F9Ocs
z?D3F7-!)c)ZW>}Rham$(gy8$LW{00NdN+t62>Sn}OZaQbJdk_sC7QupwBbW^AutY}
zf=Vhi^!h2-@Xi0}(-_b`9aft(b3}JNj!o5tN<-Ff87NJo8QRoE*~pm4NUg}e%}8F1
zs7~SfW0KWsd~akUW<e|4yt>hW=4(VZ{RfO_6nB$`Ka-fkmajR_xWbn1Ja$px4)z7<
z4~CL?yaXUf)&(tt2pWZ2njmH3GyrbaR6ZO%F7IHAf}Xcy06oX(!jp9MEWJ+C1KY}+
z?DHJzscQV+>DCs|x@bA&m0(-Z?jmVdgtF1lOV&D%+?P#=Vn}7bSEM=<TZ5+pjy9Sw
z)7+^!i1u}8FcOW>1DJ`)&gaKv6F;+4ZO8xo;pf*a#^!Inu4cu#k?sL)0lxS&!y3%{
zW*zWlyTlw<-iAz-ZrY_$Q-s!k**J2knU=T|N!K2UNO~7*ESd%UpxsA7*yD|tFMmy5
z5qXEH*V+|;-{I1Ld-#pBsVJq-hPVh1lo>=i3TUg9&7`y(lbWlRA&q6AY2Apb&nX--
zOk3!NA4FvS0}|~hxHo#x4R?gL<uT9W8Uk;WO`#edl6*WqkLjxo`u?(9x@!ybm_zUb
zjmmG9kVV0Fae8yydbJT5&tLhSDQlhp%P!8V%OKQ>P$v|2xAU)q=W65{n3@F3_R$S#
zN}4x3Zst16`FkW!JY-d-`TO!J0EBnkTtKvOCzbHnyws!BU-Ji+fN^c-fGw$Iqc3y!
zb8hz72nNmme(q#jkep)ugCz&P%bD6mzB>4~Fp#v4qgYnBOOZ5<*$!D|)iBZG;@CzC
ztP@8CUmy>XiNpbU-Tbq5<j%kM*vGB?c#}~AEv!aQG%2>jT0(chB96nc_vj(^{nl==
zuA9l3#tqiuw{-PC?4gbVi8sVYZ0r7Um_MgWJ1<|7?7f4K3GM64JRf&(r$Su^r2fL2
zb~*)s&ZRac`yX*@Pt4ZLi^%sDBSo);`a44`eaJ4y7@;n*f{Tc3I9<ft+~_CytMUFs
zhbM%-)tU3H^ww7pF#>zvly8y0)mf28`U1BTX^a~=Kb$85iqV;h<4lC2stlmWg|sg(
zrX=7B&~~&^IA2yns!FRl$E_s?nNF#QBvlx}k&0g1VFe^hx{`)t$e1WPuU)W0rTP~k
zirFjYtM^v6?uUr^_a-p(CJFL}ublpvn?h@~H+tS5#+Vpn{@<@Fn5`R#c6hJYaNjqV
zSe%1A13ZtEqolpKs|UYcrUWTN@ej{5gb<xnN$i7GSg26Cob@W`WL%{7o#iU}^pmv>
z>ZOVu)=K+yhj(~vgZR-ZwV}j>k3lgaqhwnKHn>XGha$m^mFw{TT)?tXZjZDB4OAWk
z@EJabg>>fZZ=lTjcP(hr^)qXXqCht9@x|-4CRqF;FjV+5z<$fyUk|pympM)>!|9|c
zoWpCTyOh~aV<&`Dr3VEC91Auz$cwS?(@X}FA1g&^AJ%X$R^5ov)cv5~iZBxr4PgVF
ztZ9+ij5x>$hBzH;vM?PiRTnd<aKsZ(?TgySLi_ZSdL4aOPU#Ov`=2ApdC%taHrqYF
zjlmVP@B6}jO5Eg!S<Mee(1MWdh4x{b?~9-CgF+&j<=c~^fGV?BLf2#dHPM1&={=dH
zP&RT0N$tPy+MBC!Xa_!4#{h`1S3=eA+{M`pJESd<h$F)p`S!uuQM&7msa|*}?hxJ!
z2b^~-#+muMgz+gSGlV^is)Qok$a+4q;_#-a)^4IL_ijk4e|77375V12^C(Q&v5EmC
zSz)rh5aA@*-4#<1xKqzf<435!?0;qOUxQdpGn^Vm1Duw!PB@j&x@qcTnl+7IX=?O^
zt!>h~B{>yr3m&~36I%Eun^nHDO07sLp_37EsQBfmEHfLDMW>7}97K=bM*WSiilBGI
z<p@Yc<wxl|gKp^Fm4%Jei*7EiOgKBjVB0A|<858UJf#1eDx$vi3|+pf_S{|(d@4W_
zDSv;2l!|!ZHjQA=hF)JlWEs2f4JhO57AcSkRh?XT7hk7dLAe;<-CNn?8cy*4+fClP
zb{2;A_WR=x@mZ6Ls8y9Fls2ErN^F%0E6;_=UMOoC${vlnU>bXpRGK7Km%wid5H2m@
z<6($6gn!W3kG2IUG~9;UA!%_^329%ui<EYw+t)yMPGqbU%`Us4$N6q$5>piZ@>}|Y
ztx>-&OUx9mQ7NwXMW*>;^}V~M4rIeoYEo>*h`Wsv(#97(3CFK)r@R|jxwpVU@ur&)
z!|C_NB%zG^LCCrghwuEbsV_hYVs*2d<1+DYQslVYYSe&melzHp1_1la8bo1EKL_sR
zYPoy9t`xuv2Ker1Z6den-6&)iN)3E4WE>6nYi>JDODL#K&8wVEW+J)eE=H4?DGMbs
z1PW>+V|}PCD=!wsb0HA^Qll4DD7-fs3zFKQ88;(|H{mdcNflkd4T8rx6yi@k^%njG
zrFStS-WW1Ln8{whfHl1}M((U+*I$R&UHgx<nc@NqxjV1+Z(~0vqEf#BP@mI;G4I8k
zlL$8GZWo5*HFD&xVD%0sQPS#<P43u{C;bgv;Z4Jp9%8#|GFSo+o8k+XFv=IRQz#h?
z%iw7GLF;^KwJdt(q)bwoGK$?oFk7s%AM%{Cn2Y){U93f&Z;yH_QhnHDgdJWo%;u|Y
z$||Z<zCMEArROu@C^!RUB;udhOQOCSp{T++9A@*J7R$ekcS6J8r0^&*S^4Fs8)lp8
zBNLA+p1i)DIGUQPUz`o|bbgk}NA|@)*`3~sf=8{_1TA6lsh54g_MR_3T*inTOioV(
zI;d-NtNp;DNPaGzGkuK$V{^K-__>85zV(4x^v~7cHSYYe)!Gn8!WtM_yKKSI%6H27
z(<}?>I)IU1%^XLaMPiu})=mGxKpg>ON<Btur>eeRA70ZTL?=#*p5|@%f)m)4oaPk#
zVe7eIZeVy~9V3U`!7%YM=H)Uj>^i{sqqXN#v!fo!Ag#9(&(~&O1sBRt<K4X$Lic#7
z7<)X%fp30f6eMMBEZHZ;uIkqj_BHRngFUJ8kau>xB*v#TW_7C@qD{QDQ-hlVI!I!;
zoOOf-=!nb?t;~8O2|+9jIG6r*dX;k!Uhi+i>AHn~x`mfpz60v5a1CK~+f{V+WN5`i
z;1YmQvD)ggd+T0ms?eqIF`8|N>s1&aZHjLVX2s)}$@EP$f$J}}Js31mIvf;tN;*-)
zA2(gIR~~FI{^6Fc0XAoENGb>lRhvQ%`X0}C62EWYGu$p2@b^h(E}@e59xhKO-RH6c
z^0+`*k-Jq+VP8UW`Pi}~AYITyOEFjT{_1}~EKzeAHZh6hg2n){l33>~nrK}t1%;c^
z7$r2g;uSQ~LtLOXr8SVYVDPQaMoLe@nrJjXF=mV%_7xS&7tB@Ky-V*9vEys-91VAo
zgW(tfFLM_ZF_YVyb&ob5*Tp)h4tWIP@^Y}N^OPFqfqrF$hOaUvP>LuVVkJB6^unD#
z3=Nfp1bXc~gI2cnR}6jJU+;91o6~{JU=|iv_XIEHaS5&Pd4>qZ{4I!xoBSj1MDmE&
zBA8=scdX$$?X5<yw@kH84WPHOWryX2ABN>VI-}7>#r8TnosFk$eH_Ddc!Js>E>-+v
z{c(ihLEDq}=CqC`43LHc4YIyk*q+!Wj58_Rya<K7At9Z&-zfifP-jJQ1_?M4%M}BJ
ztsOH)3`s~TxDDf>{o;tnLbvpmnOCOfjn5|K7^+yRWs)>%<~iS0_uxH+ql)abG1=;A
z)k5);6ELbVi$(yKXfjlicaUKoGO9T7d!J&zP|-E#LGfg|{{*_vTwH-Mvl$;9^3Yom
z&?``FQQaNzxjTlL3$4XLOVMwAVeEHjJKhwOi!j_CXW%IIR_<}rEYsWNj@}=;q0xWN
zSjvbz%G;?XK1vW-5q}ikD$?<a?7iJq3FV$ai%(rMkniF1)fhy2K)nQf0-h(p2&-||
zfv6d7Bcg#JU8Y4%CUq|hNohAIwF5FHuhLAysG6r?q@TDs*17`gWLM$44r!>o8oEp1
z{w}t6?Y;()zXQRE-y9&jNEcP}%0a|wIzP&gaO5b@5BC72zGLrl&N%(v^a<!%D@J7A
zNw{<PLf9KVpNp6YuuMie|9La`2(j{4|GAi8{FnLy0drqn0<6E)tbw3uU<$TwrUI@}
z7jfBwADo(Aoey|;ICoxavxckc)RsaCAk8LS@rGdP5}w;2r+c~huXo_7Wh65@OhsOL
zb2F#~CC2`-@;oBBOV*q=zDvz|(?@`^U_&cfKP*rRs1ZgEs44oae1tSH-i_=;tnF=K
z&kI699i#O^qq5>JkA?=n{}M^h{ub&v1y+*r0CosamhxIOdvFfxXtW3cb0UrNX*44e
zay>3n_M(}L9&f^6B98b?VL~m1yNOmxXY^>W9`i;t=uIq%l#1xX>{_?ZxRxPrAMz2)
z&43nER?p1i-l_FZ3{Z;hu==GbuRUF8G>3~q_65h5pz{ZXzGIAcb}QtqLBHq6<&Re(
z)Y#a=;qb`P7{ww#bJfaB>YWb@nxSh$e=xHJ@8!PrSy9`fT($FhA*;Jy<&{$GE-phn
z(<Xcs4iMs5SnUzEbH>*%i=6jW4S}u$=M75j9MHCA`NQ_iT^oM6XM|jD&5Dq(?T&<u
z1ofKqLiB}HA5jwE6jb0GRHGbNW!B&9afd+8FdtBawVI5gv_<zughBGbB7T2tD~v5`
z^FpADZ$!<;l%dvNw_G#~735!I5+a^7%wH29p<mJM5`@y<?AjL%6m$^yO!t+VpE=YK
zBJLyRz`>^wJ%JI~ENOFby9EXax}c`9S6t_Z4Q)C1y%|p2Z5R(ABtre+*Iylt{#6>Q
zTS$>fzCM~Hj#6IjBqIzb<55@6eYgh*xi#bWJ@0qL^}FP#>MythR=FPAYtuvc1$CHY
zCS(D=hXU|DrewfqXoYUlQpqXMm7+9YGH8JXL-8XLa;vaP$pD#d1cSU4yQgd(Os*ii
z)?|V{Q+b(LFMzz+@iVZMFPq;F%FlN%#BHf>HfAB?{rePN<?*{VgZbrPC$`db@0VL&
z00`?+K1*m~j-74%$O!7J<BrHevd=7=kZ#x^M;n}BWZkyMJJK09k?OH-{+5>5W)^3a
z6n6_=sNFOq)+#J;IDm&yrb@z}&=~g@E05gq6ON99jHnsiM?1+D0py6~VqEM&4+$SV
zh;1OYavpKpY=LF%exF-Fyru8CB?NV9Z~lpv&NyQ5E}Wz3HXnZM+5=w~6%b2mrWTBG
z=<1{Si?^oJ$P47tcT|Se_u9(ncQy5VWFPjAt|d7)0`>DUJDX(s{j9J!9!bU4PHDv`
zd4_uHC*J!<pneeda`R{gtEt03^5Lv3J;-%%_m7c*riUN-bn!HHRwS<Mb}?NDYY}aX
zs2WK%IkKGo5ZhDqvec;5)?!f!-)}k73j3>J?29l*aaI0HB}GGn?c!+&c6n{K?dL%L
zA=Zrsx12amzO#OoFqQ1bc6=Z|VdTpo6CW?k^(hB}l^7k2QI8ysCPw3P#f{sA988v(
z0#(=#!awnfdi+!r@Jsi<zY1+Fmb!kKr2G>=JnetR`t`Dgc*8F|HfS`XFwYHld9vkh
z5;2CjhkuPT8Ux=8sSp5sbBg;$%gmcUY!XrJv^|>+Otg@yrO!rE?_5L^NS|&cb)Iuv
zQc@#DGm=^K8zcfTum%%^Na?L1w-^-a$ekY-B1*b%!|gqXyZw2NFd!<!*VXmN)8lGY
zLM)ya<Ofy(B8Tik&2!u;_bu$(xLX4Tf&b64(s%deYz=Fk|F4CdATH)F%$?tG94@Te
zUJ>Tx{X{PM8|(URhJKL__E)P1PuWZcZT(gWYqxoHhU+ER%4-kX>$KloHeetu`-eW-
zlD8fqncvNCmyWIRTVE`mWL-_}ZDI_MaY9wH|8%%bLhpKr)U@Zr?;u`5hum+5NiV`~
zB~|%tUow^<JCMH(9YQsdP1*<P$LIuFZ2M`9Pbw@0+97L><i~bUx~>Z%5h47({Vpqa
zNyA1zJ2@!_As<Lb<D2h0N9Hh|fRQ#gulai*F2Xt!X8Jc=(>t-x5I0%!Aenf&=>&O+
zc-LhKd{+oH%Q=5csi*Hx1PPpWqH*_F#!0)J)mB<+%!CXtp$fs_?9}8cO|FtAy2_Z`
z$Si&15WQ?Mgb9@13hoM(Rbm+%jwA01lLjvFI0aSluu#54Q51=zzb{)Uk#zJNN!k=$
z)pgdMSw;W;uvqTiH8@!i;Dx;pugxHDt+{m!A|{9g)zv@bU-d$YkbJObx^c119MxT6
zo)y5mj{h1j-QNue)i>iJG^o?}@Roa3>p~WXMnP~g4Tpd)p4S8U<1De&2mbnU=k?CK
zBVQv2zFcF~0Q+@g^X$EN{kOV_NG83L(*|CI4gYq(NZ&9pZ@s${`vi*LXoo#2l=<d|
zk$3s{Q?Ks1d#5bIH?J2MP9CWNhs=GTmi4?Z%WOc>_1K>XB?y}#G@6W*-3}+IECrnf
zlWB<jvd`Dhv>6F2YBFL6bGD0P&~GMOv?vL*$uJmE#3<EzX-S0O(a2V_B7wJYYdfd$
zFUZlu0qxfMJHG0)TZ0XX_2}>!6Hbw*CG+RvQ>&|e(J5e7XH|2i)Y1Xm?&;_4_rxJE
ze=rn^cfrR`xu3m4+`j^F^C!x$Ig9G&(xK)Ov+fYzF*B1h%|k4jv^H(Z0$ACnbqLM=
zF}BB1e#5TcXJiG+8Fq7!d>m6ifO^2MGjb4AgBCkjaclh+(MHufj&!D5a@#Hb{YEV)
zPtoJywm4}&|2VBj+e8yf=0E;Q?!qy)?t6AvMCL?YZJGPvz9Bbugav)VGJ$jO`+Lpi
z;wFqht-nMrNg$%^#<5C(hOYRhnO6TUSSM&fuW!t|@8Fhj<%EU+Aq=JfQ)TxCoZ_$Q
zA2qtm*;tMFcHLpd*NHxcK}k-!l)gNx;eQa+>01K{UBGv`$%d@n`fT8px(9R<hdAw0
zKnE)XOaTjmT|ay?v6*Jw#CU;SMvO4eckqnp4Y52Dbve&0wbXgZi%tMxlc5=bm(C*>
zE>a|Oml_c?k4hkNz%GOU6gGK5GQYq#O649T2c8Q&mDygl0tIE{D<s;#GY|e(+;-xR
z$#_4a=YYU332@r?whzOKmAIpzIb}Z$g>H`^y}SckiYw>o!wI+3`&aS%q6`7iJ3qCb
zQC!)BWT71Nw;pbLi%y|&^dVWoe40T;G<Z~Irs}+5g~)2V?Yea0@A=g18tI4dH8Mb?
zVqVsHNM=MbyR6FACaanxDeM+GU`F^4Aq`=hjq9W3cAbUDk8lhLMVu56)`|1tkbpm-
z@MX2RsqLman%9hozQ^6Xwr!p*s&j8N>1gcLjdL6LrJUYk(ZIELGTY4R2V+7m==)F`
zNB0M%-5LYwK)CM!m*;}WG&TVWJx|~xy!60@0*^pBWM2~k<CVcGWDO^K`xmVM<_So{
z9_<;(iOEBj**c(xDNS9A0@p79voii!g;*-Nl%ASu4rf;~mD6b6;mG6x2QKe%Zq30B
ztMU&a?$sW$%^%YM{0eep6F9o_vUC4!yVb)idO!jqK~WdTivS_eFDQlA@@$vS@wjN|
zV<sNdjgShVh{46s9FXI1(}G|X(MZ!yR+hqUIBpqmT1o1Xrk>dBsufdalNCo1;GeD$
z`YnaJ44xcUC1bcieU1X`XT{j={dMPOp=MeOq0Mpi@7vGiQvr+b@qF(l;ipqsy_*S=
z6;eDDP~Mnf#zf+J97;)2IT_qyr;nVK4sV6RAXNvL-mX^42R#gnLnyvnFpvR_6EY#r
z4uQ(1^eNgpm<N2?kFMMMtKlQU-#u5Xk6>9}OIB};V7Wqt<K@JD8ncnvlCVg{g@_jL
z1-aS~T0$D;VFlm{&WnG0mYr;>p%i46GH5*~s>-BDUX%!%77fwwsd>UC#NB8bsEUNB
z;!-D+Hydn*+uXH>5biV1q0XqXSy!Z;jy#O~Prr9Z<TxT8cP4MO?6$`voBvQ3DZ7jp
z0isJZt#I%`b#(VUwOT5P${*CiR$@|mGJvu@ww$!22^JK{H_J$f>JND(YFUmdWlOuB
zdb<6tu&AyLh;|$I{v9`M#IBWGo?wxt_Cx_88={_@QOQmEh%?wWWg=pZe&0Ph+Pz}h
zW@!p`IV@yAqh1vcr7VpQ%wTktdJYAf<dYVq{u{x!NnP816S5sNgSVQLW0XHo_}bf>
z|CZ3#1cse#srnEe^!}VcR>!GlYVA$=01a?NFszu`pU7DaWZ&a1+r_kFple0td?h&%
zO>x>q8scp2lQ31j8j{L-63Y?W;Aq1pCG@B?8YeyI>0@WR5!+$}iQ(ToviEpd(Siak
z^+IfaH+o1q#=*WcRn3Pr7^2n9(N9ZgGKo^ysSkuD#y4Fmx)?fWyc}&6a!vdE3&3-r
z--BlJo#7rM-NDk9f$s$PNwb3HYH^aK+jvdgJYI~*ThcUf{3Tj1ux=vmrhXI?s^`LA
z`dA~I#`31;;%@@sQZi!?szl3sE0Kw-o-Uo?8CZl`F;Z=AQy;?9-lM^%mmH<inM#Z5
zw3Di|OQ?^emcZ(D-I6}4!psuND=;W<mFRt!7w-my?IBCG9KDpzRJ<FgM}N5g-L8hy
zJL&}(L9+Y<()PPq`qR@VrV6e@Q$W*93ncCuRb@z9O%cLWP9mmb&8W(rv@E7}o~=4+
zszY9if~;29S7oR*N?jE^A+8FJ8dD`rMJ&(~Q#);<e&aBc>YEc$jAs%m60#$FGB-W_
z26dZ!AtmTLVQ9(9Yhf#zP6glQT-eg4SXaD90sOb)TcY+S;V(~}mGlBdPh2QRSUuZ=
z%V>wKs1=9|$!4%r5A$V=#aY$IFoJmr*DM;=qA3vKh5av-x~(#bkk!$m9Bgb8UCZDm
zx=E}f+IIFp;4l)c+_T{dWcGthYbh-Ywc%u*IHKH(lE+jt|52>;xY5BNF=V$vvVqP|
z!v)iwfnATs39eD)Z2mNezZ=|g+(pc+ETbLsU~yV0%%d9elU>u%B}AEEJo{ZmC51eE
zv*$gBQbW$#;98s)CHL&+|BKUF)^NeI2@4bQ=`HNnnc_3+Rt{ap!k^)J^}B+4WrH2U
zY@*Ghmeo_$d|vSs3vp{K%&Y>w80F#DNvYYTnndsevtc*EWX@2H+IVZKdYK8!<OoRL
zHK{AwxzA-L23!%${UpC$-~}96I38U4*1w|;%q(ViOT*_K*WKWwMcx+D*XFB*)by{q
z-0|O|WbV2zb2||>Tx0nlyf8E?mwy|O^@>#2Cv}<C(BtCWO8V3m_-LUWo&+pcR#T^~
zguD_5%H(kjDo-dQoHja?!PUhcp_3h{TAIremN0Jfwpi7;hqE%Dp|`y4u?SqZ!Q%hb
zB)}~cVgE7!9232E3frj0YGH!xR1%8SY^%8PkXdeWnWSd*Pd){kCU3opfK?8IBu;UY
z5<N^U&ZWaBc|;FlVp81|*PkHRMnW^|tk-%s#~(CL7JpO;vBS;Z3{#lJv}-KMJ*usJ
z0kBtEi!Bs2<6sMU<)$qwgU%WD#qwXiPF+L>v6G{%qz&hx4Up)B)_-kq@0qCeV7Zv-
zko{6VKgtp9vmjd>cXW2OSRo+!Z3+r(n}vw<UhjzoLIA3{#4OXy)hw%;<p7=>9dmQ;
zFCA&@L|R1}rD_^?u^X4a{MWQ|7f~~S#G!@itwaI*>%TwUQ5~?KQgzn5b3EIZ*9U^E
zSXRBA7!drnKJv!>sLPjz;5v>(Orn{2Q#i3QvH%iMrmn|4GRaL=+8KY6P_-jtm+dwa
zi<H6TT&fc4IclW*Nx1bACB@AI;%{J-N(ZV`9wEhUZ(eXMS-CIc$7X<_T@fY~K5Z2c
zx8)!4oo5rNT6#7k@23aSkAzVlEri_PM07u=?mBM1k5*_iV!Qm_=1<iP&Ur7YNvB!Y
z1oo;Ua{263UnYq&pttIIo3@62l76p$p%)FVdnh!gv<n-6=&1i2|7GR+clU1&lYR=x
zG08!C|3oRo$J>>wkUwr}oQ<QQny3{sbp3mk2wlhDPLoB191!6YmsI@nbu7O3`QvTK
zTS*S!9YMvQQ;V)8vrKzev)LF9MrnEH32na}6Z73}5;rYo{7Lehsd1%q00?-dy(&i?
z|D3#gG0OGfTBV#!-z5*!JmhjezK5laxpR5fm4^hUaV4P^5l6TDQwyQrI7BNa9YJ<7
zutXRI)j|^-SC_M#8`CHkr5LECn7y^Fo0zj-XquVGly;bnZDl^N0;cJJ(uSw$&m|fc
z4e;P+GMK6jrTOC}`+PaDKZIHwccncbZEsB{<5o;tURy<84sIl+jSM5!f@8j*oMk4K
z8<SQ^R)gbT#jBTiE^c;I)kwD%7v1lHw)=%9eulceEy(k6$>7OUW0a<0O7{<u6y3|f
z_JCpsY+BNyIl<`g5Sb^ANiI7X6Tq+KW>XJ<-$@&-)z~Byb8ICTZ0E9@$WCSWQnm$e
zEP10ce|<i^L`(^@qpa|zPx#hvTrNd_aW;6=A0a~Jy^Ksk>p%S$>WcBhG|gu&Aa7-F
z+*htz^0<1LX?DsJe3VsTwq#+`DqG7XHKL2EMTxDEqND!u0LGU9jKkbr=5Wv)6wkpO
z3@l-t)(8$EnB0&r4uvpcD5ktwUASs(;^=Y9Z5A;k$F@jqA<<Mvv#E_rs-)OeCUMXv
z-(sf%fNX^}aZ=+(2P#S)@P@gXDo};;!Hi~-C)6)$OB>FA#e|7`ly6q3thqtyF}i*i
z2s_bFrj@oYq*jyIsp?-yme)Or>7JypmG)_-YHgf_RI0k6E|3WH=F&?#6gL@7Bhfs+
zVY<PonkjL6WH!x?qL3rdFZ{ZbQ2=`Y!FVHBNaVJ%0o+zNos3Q~EvytQC{^_&#e&Bb
z$YwVRLh337vKeU-Q@LjD|8r^yMZqy}oZF7gMsa3If+yt1>2vzLJUpxa>HKp25%k=~
zdsllda)==KB%zb%_RtM+J+D#rgWnc{Xa3p_Te<O><K9MB9#@xRYL<!NChp0g;&;6G
zV`(}Pv{@!)lLnO*ac7yCzch>Sw?%0qGD~b=0dv!BNkQVhVOPI+-V@ieNTt=kXE9-z
zi<3x0XSk#dS@D;1Pj&6Di&gyTN;k@!+9sxEUfJOj(_TQYCr%rjN?e_;I$OP_dUDNV
zOL(I!Qr%;z43oNI;V}({JdU~lEVoXgi?|sn&hup`D~(h4wXDPX80wnF^8ufa9S;i<
z`#@fp#7xCF7`bK|x41@{nF=ek-?f(B#YO5oq*m5hMJA>ih1M<_U98B|=d@EBkqbbl
zMK=_RA+rk}tTVYd@9@8qdc&Vw{$IsvcAUUMBWlDGLAQT#4A{<}&lblvI{MhU97_S>
zY7%0e4y)E|Bxpq|RZ%K(6q>>yN?+i)|6qvdV<*Mg!A^%Vk`jeR##mChCHv|&&c8NV
z_=b2$+?9J>LzU+P?=JefOWxU-;lb7&IJ%Q{d()=xG5UTrK$_tr^ZkHs;cOBY@UYZb
zfg0fcGaU86U+#bFJhj!j#@5q1+rn}n#$IoECsfl*;t4B5Am=VGs&K~PF8kbeX(M_8
zkbgqVZDE!BVY*Auc5p8ngPd=Azy9_Dq%tqBJ(DhW&f#y*v1gP52v*uIph<Li$59+V
z7CFGcub*7*CjquJy>^<0xCVpRY?JgyT}x#P=9IKhR-0J~gARF&DhC}%+{|Z>a~n}T
zfKuyOrz&1YC}-~q51C+buh-A{%oWo+>b87$Ck)6t_3hsR?ddrNi>aomvq>+ZEmg8k
zcWSG$U$R<>U4}dm@{ja+G8^VzIO?zh-8uB*48={qv0gVSk8g$3(#B?xk=)th*ETO-
zFs$XoQcMt#aL}^~@TOQM&nA0HyhO6`w!ukTEL|2;;^KWboAzZZ=_-eRD_mQoJb+`H
zsdCid6_VG}N_Z9`BQV3M>z7cSSrdy1g&jsGG0NZ+(^}Njm`b}OQFtMkKs<IT9|N+R
zCHB(zO)W;(4LmQ&qi4@$Q~)|omQtchj<>DQuKgdbgX!?H3KvH>)~eM8KX32X#Zdz9
zcD4RnR~l9zTw){fJL5N|hKskk8hZtQ!8?3p_CVU7j4Uxm$-*62D~ukJXWyDiSZT@?
zNV72Q3U3V16klYK^i8RMn`NEz`Ve18BISHYo%#wbVyDJgY8pz34l_Zk3@+}Pc{tV>
zTHsghq|)}p#|D5$sXZ%Kugm*1{1(}S^d#nCqb!aEyyb;v*k-QBMUpf^UUHf%tJ)E!
z(51DiKRWa{ex(X1$P^)yU$M@8M8$x6bERq^D-y{NMZ5-4jO&a3c|JhUkM1PS{L`=*
zJ$$r_gfqnG=ZU5H_!K6$R}#;t;Wz2%!K2L)Fud7>zw!2wNx{*Daq)#|Xv~zbchhBG
z8}=KHwabpLH4@M@*KYO(U_+LsbYJkV9Ehjz?|-x!>L^N6c=PWxRzr<$*Qe<Z;BSBn
zDsl)S2b~tG$Vk{ZOW_h6ya=;PZu^?w`?>lfbhZnU#V%l#%P6B=46tTxTs9PwCgJAq
z)r76J+nBbb3~pj#&Be%e?~_;Gf=k$Ga2M!g=|&+!V1h-ODf4t|$-#EV`k-elLKc2{
zLl8#GUBsU(3a-2z<s!eQrK|yEv}~4I%D8%+*2<%1Gg4|n4$59IT!rBc>aEIZ*vB-w
zdNW@o?tMg+ag*X~R7s2ey?gy17HrLt{NT&~vJbyKXVtp-D;xxIzk~&ze6aLc7r#Gp
zqT|1RpevvjsBB?@6W9c#0L&``<V=gC!jPO=hN@VNoRaT|M|aN9v5ZDXKSJx?`9By*
zWq?JPVr;1<>Zdqlb)<Lw3|Wp_mI{|xRd%yGMk$Pk;D3s&dS%|am31&mk@<BsrR^Kk
zDP#Sm=0k<(eq;U0sPU7ZJqqI20s|ph72^MSy@g>uvN4Ij26=J*U67Jsv}8dC=h0y>
z%rr_^=Wo2TF~f!R46$sS;{gkKmB5rMA0P%rzQ)tyvehV(t!vToBbrUqsHHBm?f!95
z?O|hy%3f@)IE43Tfxxr##{KH6g+QR!nbJDRs-E0q&mwa;YB?m8)k0oww_%Rl*S|eC
zcna%$TVcB`$uzN7BmZqXyHAkMz0Z#PAq1_Ow?4PNZ;mb-5iq3ajXj$aq_Si2i+N2a
zpsy*n=<Jqp*hJPOI8*GTZ)nmlLW5Kgt-E}>5~M&F70pEp9Z>Ol9J~|?y*ST9oRXU4
zxS*^|>6V3_xFa(>Qn+0Y@)x!WsKQp4nR$W<8<FPO{{sH<LSm0^MaBaidqAb;;`E%y
zy8-ufj1X;$XQ*5$J@eu=^rAJln{{>tN7FBFvAN?PkKd|Ac(wSWm;3<;K-tVq!C;<E
z+GVq-HNgN1Q44DiOMY8PM=Ouh*r-UUbr9yghrxCgI0gY!E_chho0>TJ^p2&4!|s+E
z48PO-Age-DPXAemh;<Om$VxB+tx5rHdu@etg?(ENXbIZ{RJoT-2Hiu~;+>6h_zvFF
z6q>70CP->r^@wlXO~x7ejrkB;29D#Bir<Sx#eBY3r}qtoZPm&}_nJLerw6L`%jJFV
zJmC?LKr(7eNsglRY4;9chRzTt!D9cL7+hCPB%pF19U5ILFOg*eR+1OA9E}z(*<m!4
zDjCX%<S7QrRR|e0HSS`s`2wrrPwt{e@E7(laE^}p7ahv9UMX^GhDy31pgD1*sSB*j
zxr(dSOi3i6oao(h5$E@9=y)upa#fF<=pXtwH|VYchM>vOmBWovXw@OP%CnWBJVnK7
z!w?A^V_d@z?q8Y>`~A%kUjgTWvRShEY-k4=B7>{qQUQul(ALd0J%M%Gs%&ztQ$#&r
zx`uUn(o2HrqI#J0HkFgv`;Mhq@5kU>1wDZP0w)_#?y4Zcc#P9w?G9{Xst1VXZLKk<
z#O;e(jKvDM#aB-{9%ZlWvTZ<SKArEBmf3Px*&Q2-N;@|FPZv9SKU}h7CyLboaay+3
zss+~5Y7^dzZq=WtVcDf#vR0Q-R{lN7VS$c%Aj|w@1MezS3!DmX5v{~b=<Drqh%p^+
zTDS|5zqA1i*6u;u8B+P@SN*a$zJ5p1s-uvr>|>qy9aOHt@Z@c}j(Hh<wkF&Hoh_;7
zC>DCu*$N}@0-p+-ikH-)svvjoNr^c$WsxMRm<xnS*HH99I?`D%3J49ZQtWNu1fcAc
zKomj-=hxY)1m+QfWTP8rL&z3IwLr?I!N4DJd$_F=NNGVj(oxMSZzD*xETSC*te=er
zlI<%FO3(2Z9%D$%Rm6AU7E1&^0)PlhWK_gQUx=GVxzj=iZa2g5IJ&~AV)8K9KmEjv
zbDyLmoCPle1Jq}+#TvXKbieTTQ`~0OY_Abcml|%dfq9cFA>|tk+kCliJA0TLRsitR
z-Hw&dWuJ&D@Rs~Q;q-Lf4+_#sA%h8vS_w*~JC!tB;2bq{eKbvBi%|_id!CBGFL}(8
zF@TLo!iQTBFRi<%``Fyzp>u)leSG$0v_q<tDIx}Umc0^#*j_KNODy;A3?f+H&>Z3;
zJ+LA%^BF{X3>^<EjSMn)Cpd{k4O@kVF`AESt+C7>CW}E*2w*Uz|JV}o&=_6!)gOZ@
z!f8&04HN_%-yBPPbj9V0Y_2&n)8ZfRZYf>LpMVQcJwtZxHPj93|Kx-+(y$#o6)Qf7
zpQMHY+i<V_09_YrtHT??&skR1_9G;4*24;z=+KR?7d0KMB}9)P(E|@IfCJ2DgFkAe
z`#bd?E!nQz?X~|Ld4PVee(*OeBkWfj4Z-sOxq5BC6qDS&Bt&C$*4U_Vik78fLl%Zi
z#G;3$rdDYdn+^`Q#||mXV8ALjSJ?jjD#qR+)bIc2M5QSi1@mKShnr{QwW5wU`RI3y
zYF{_deDW%(i}(73keDX99>IX#<f&>oggYjhDXppxEvCAvI#4_dJr@Jlb%R}xlgIJ<
zBxy(?90N9~5P&<bn0xs<j+Bv?%)*I;0&}6Zi_tGm8~5Yc@`%S}n->AO!vM$)w8i))
zHE<P`_Xf`E#Ra9TVm{O(A&N!6TrN)twg{+-=IdHZjgpLUOE|UXxCfeZ2h)GFSu^oY
z)Qt3oKrThT@j3A}6Qm=vTEoF>I1I@c^aJ|!;^uMZ2C<eJ2;_ZM*$XS451dme`F$|}
zIFk+vABo+I{~ZTCvw$q4f-b42AeAV15yqU;qC|>S@TS~uu`D=><&fy})4Y+WKWb7u
z1xzkR98VNX03Jz{)AOle>v2ha#C|UVRR7b`$O1yvag{l^=k2t(7|_P(KoG_`RVHUz
z9TJdnDW459KA<I1P_oyere#5*OG*2gV$w)-962eTc_~~S?h8us+~@K#FbsTBtnUH+
zMSn;8CxAo$Y<bii;hiRW1<wo=a_~{WFb8Cq>UselT-BI=yHgXwLtMjNHG5Kc1uQ8I
zY%y&!y(D<qY6dmUaa=2$eR56>1J*gU!nWoEAN>*bhx3=qoWO>X16alM_x43d(FYh&
zd-lp{LO+o=rj+%20<ba57ZD@n!D4DRJ+tXTF8FRjL{c#`>pv<<W#7|M*6lswN@`aF
z;HT{TVo@>l`o+*=bY$I<Pztfa`f_Chg{&S^_R~~LQi6#&B>>@+3R~3xMWn0DZ{Kh3
zGLep(XjAr$^M5v+8#CV=pge4@UmZN-NXLRy&0?Rs8WO{=h9}UOa|qL3mY-m831B>g
zbFMzyBt?lX4dVbuAoY*vQ)LCqrg>fV0+P3>m^{m>DV<4bl3d59^6SQ;u}~XYYFrgr
zmTznoSzYMw*mG6#N52ha{AFozmc!9u1W2|b0~eGg0H!Zt=0P@eo_%RasV%$#XYhj}
zI>}kj!jNXNnaRkh2h^sK;7~dm+?D!)BJD7KBbv}?p^K{H#)zuCnGqqtBD#L#V!bUr
z#FpiJ*<`Xt!ggXF**x=?;<VgfQq@xl0sc5tHH8W@O9PnR&Cdiczd$$zIq|uuPEVbb
z7K*01Q-$}|G)qBiv(if@T*OT$lPKu5v=$pQXukODJBbovCc_!+Dl(>y<U99^=jMg@
z99`=;VK&hsWUuB-%D=lPDV&kJd-pR(#YJ|xsd1V7C*?a0de?_ujmGj$D6t;ZoL}Um
z$T(yD5p~NIe|N|i7M1or4VUH*)Dl9y?(<Y=8<TiP2t!?@<l{16{tXA{LU|+OxdrM=
zY~(Ow%1(akE1(jTo-gKd&r0hKd*F~PB~eki`AhaXiU-umii!drg2}==ra77Yeg&ze
zGIXm+u=iW9VOV5!RDnWW21%;oCS-P@2<mq_uZmzW2&zpTjp-*KdQ#u(OHtNiN{FvF
z8!N9yjT;C2XTkX63Fg2iaB51&mj?&J!Vo8q1|E04e*G7GCP2+luF@(zs=LZoE~zSr
z$CLBZVHGCm{PcTZcO$oz!++ri<03WqN?Cx5{x_2!Zz`vOV<BFaNr{a^0(n(Y;7X4{
z(g(l`ydTFTX6h@@VC;m@)#gfSFei}iXLMU%0l4z&84EBbn}Atd^r~{Jun$2}DGOwH
zW-Oc3lvJv!EPJ$5R_FyzX?_y}W=W0G#yD(VW|R2w?m7ZudL0Ki0`8(`AjDTyL^ISR
zI#ac7MBl7dC*R3ttlO0t5`6|}r&t)p8E|ywOmkUnmiAu8bO#dyH0?eOxho#1sCp$F
zYk!JANVjg{03eFseQPUir7Aqu16RjC8r<r4)}Lm7zh*UzkS$S*BvDMd50>Es!nkeo
zy{pQ#lm7)!`g_CFCh-hygTcSK!SDeRjW4J&t8AWP4zJX+ILlw{#--etf>uezRUX}D
z)v?k2s4{yToWcrtSb=5X?wS4Q4$aMoc#w_P3~37mU7NqxBsUHV)mx$+&6MPkxZ#o^
zG#L4RKJ{L{&K)<0__S3}`Z3gq&hI{bSpcJnxS1A;7{KSUQmB5PYo?YaEvr>ZR+Fj|
zwI>UUkpK(i>oSZ}0uKJzlj8(EbsphR;`a3ijHIcLcTc{SiQZ_JedItF2>uE8-v6}3
z0uXL-z(TDBOcd=%eCJRWswV_><x_|>ZlY7u9@h;o|C{3P-KLwECuT<KfOTwso9Q+H
z+T+&4HSQzP&acU4K15+-E}mRdcvhJJ^K|OJw(&5`rZhm@s5X`k>IUjMg1h2mYRF@|
zzV%KS;2NV_c>WLf<HG?2y-wFa>-iE0AIF||J?i0;IRp@^2^$vG8YNQ@lQ&JfcqlWa
zuWS}Z60ek=Dzhww8zz?)FwkKbUn^=t4uiF@S@2<;`~b=X^r)<QH*D-=gW&{HGTswh
z(64bKa8oU9_$rGs1~H;i(*$`VM4%Tj&&{nAk)X0cpsKwm$pM<$RdY~aCcd=)(j!x=
zz1JnB%MrvY(g<ki(2uVaH5tVTjm%z1RGfpQweAGg1%^<~Uc2_p=TM^GT}TI02s5;d
zZO6(QE(_;twj0DeT`%`~8{&RAgmXaGlOOae>@$gm9cG0`o5uz3p2Px$Wb`4b#V$*!
zA*bCH6@sV7hO>60<`33lm^uP}{xY!$nB5wC2M>?rJB%|>H#RWDrhnd+PT~9r8g-Y=
z_U{G(pASp41BQ>fF7E!@K;WW}MhMTC09y_*!!mD4y^ZG+T}!^ujfu2|jzt+=YeO;1
zadOxzX;NWD9ag!u!d8?JL?#?hK5{Yht@pyDYW28pfZ8&b$@}*3=prC%At>$kzKgZ<
zp9?uB5@UA)!Suq@QuaYVvRGy^GvF7Zf}zNo(j{k~ky1}(g2zRnmV!w=<B-8EWt5MO
zKp&aQP={qH0}xTV{q0w~DUB{rOu`0Tf2;vSJh|c!&h773?d@=Pc*=e&aitB|-<rYQ
zM%N7S5mKwa*ZcN;==|$OJ<gt`g7E>hp~8|BES=|&SPL4JHZ)KOtc5(b6yD)MoI{KY
zs_qlawv`AtW>WkS9M#7UNl6V_iL|48uAK8EY!7=r2$~5fwSWlTqkk!&#V?$pqiGRa
zSB7>k{YqY9%O*sdOXu-jWczVK!p|H2(@c^W@+(+~Jv)C-OpF>mwc_b*1q$NRc$1U8
z(_Kau9s8KBoP{N>;Qpa|CHRv8V287+UjBR`sWn3(4z<7b5=`>%Kr>vL+eVv8a4^jd
z*IXq-ceZ{b51YIjH-CdNeEcQ2HWU2)67l22wfNYl(ZBQk`Zcu@Q}0n9!2NMij9m#E
zO`!(McbMUAWB_LtCPYqghC!i?Ni(z9LyT9pqnuY#V*k|79u~}e&8DH%f!cKcFuD@l
z!wk?KwM?}jqc{mMz-iW=Z@V%00~+B>yFY-6HWSXa5ukuijbXw74j&*T5L?_1l<7Id
z;vzc6tQu*XBI#7%UCr*Sni|OoH2NtDH8=cDrnk2PYaxHE)Ho_3!-+(P!9Tl~vR^m*
zvv{m?3R!s+oC0G_--u`eb1~NM$>)<BB^(z%^B50*2ygtye8+NnSZUaVT$mPuqr%O#
z#GO+?Y+2=6PX0nys;thp6j>oJ;R)R6(vR~3!Wrrn^Hq_%vd2n>K9L>>HuLB%irYgQ
zOUbR#5(V6!P01o5Uoi^xdwU2osVDDYRs#=90~O<;F9`^bDt05L<dW16Fq(sb>jtW!
z&~=YrQPnKapiHy^@VfMppv6r9%bFswwRo+4m0uV*`>SKCW~BAB2cGX#nRZuOS=xE~
z-w&sVSt>up{$SgdzZsC!$!M)>j`f*x+_S5@NOi5UW)tR)s37ABrH_)5)*4&oR*tGx
z>Tu3Q78|(*S#>g9saSFen=Fgw$HcC;P!ncq+&MVS+dG5kU2OE5HP9b>gA6M!=8XWm
z59@B;odB(`IV%rS1VqS)@mr~bS+cJMpD$Ky0tl;7lFYj%CZJiQ4_;3keiMuxqB@ca
zNnJ5TB`r?7vh!$FHF!B^)jexveAneLDxFod9_r!W7FQNl7vNgjsvP03i1g7^knuB5
zw+S4Okc^+6h8MN9@L!%U1~w{1d_wkO-NCu>VnMX?9KGDcA)7beD2@fgdW~&i1hcg0
z;$Yhe_AF?60AE)X43*wgzna7WnhY=u&P_^F{X76_uqnDN(E_?UGQXo1lgwUeqar#~
zrM;0A9KHWsRx=>BA*2!wkoW*0(tv)bc&dg>FWi>X<lDtk<{AtAXn<HX#ab-O_{Qvj
z&Q1fmDA*U#d9rKWk%G&JyJoN8cv$MFu*~-kagl%|FS3{1ff8SAOA*V%NaTdBj>{jd
z#Vm1B+TiT2CJ_)9HJ(6G^|X`##56>FFlteD2Sy1PPbCOFVd6RjBH-U5?K!i7K(s`K
zPX5{fUM`s6sAnlwkPSq?$FpkKqb8CZN~=|Myd**+@Vke$r{ErX8eGN1L`hYl+fax6
zmS0p$q!hiK$dr)58&|D5nm;mH;7zWARE%Urpz9Fxp^!ApLVy*h{LNxS4~6Ij($FfU
zBwETPYU=8VuTZps`AW5zrm9LCjzgp^WcMe`QN(M&eS5@z^?28ezSQ>Q#v`7d5woY8
z>bD53USj0_>~U`@{VkmnnkW)R-Q}g&q-=)zOaFM6XjU@Y3OjzmM%~00)FSrU`>`?W
zE!2jZ8mH_RsxGGQ7itGgWa*~@*dI~;15R{{00up|&=|2R#fOdZ0CMyxf{D1zaZ=8u
zq%<+bR=XIRB3I;q3tb-CsEb1NO2NJCW7W~3^Fa;384bXx$p={Ld{%j^_efmVgIjZO
zh#WMN8t}~>E-I3a_#X6TC8L_M%16tpg+d&iHZObu4$2Wyre5m$H_^!Mb}8*CxP=^`
zcOYcpT8xD6Fj8Nl+aZ|+1G^dnF9eC)kv>`MGKPQsH?s^vwnae|b=(|f(v@snIy0GO
zZm9_gos4yObDxs=0$fT~mBV``C&FB8BuAh_ulb`k{%Lh+8}CXn4|wODZyBOXeV-^J
zKT}lfqD#(MoO~j58B!<{7XQOV=)7q*E7)nF#AwOkbK10-h&5_*RG)(eYE%F@Hk$uv
zRThEi^eZA4;i}#C!824!w*F>?BUCxh`uS{<xLE@55C=vplV^*v;6K4;Pzi#Q!!vSM
zo~t^pRw;`*FUREv+G3Cq0R*1HFj(JsqPX=fC`v&7BT-#+F<HM%>iW+_VX_=xVvzcY
zc_uL?xC*p4`JhQ8bTlg^eH377ARZgN7H1L$I%!;{QW9rs?n}C9@I(@GYT3a<(cMzg
zOmGVs4Q@PvVk2{W&bhcS(vl?`wY#>>syRbJgkOZ#A6Vqzv$o(W76J6AXqp0Ch$bUw
z(_vL6@j&|wtUjYL8C-RA0rU+zNil%gqm~&;C6)r3>}SUv^M2rmWaU`}WCu;OP@9p$
zafh}@CJK7;7w5n9Szr_l5kADE5kkr^8>7x5mER=Rs*wZ_?kbSL+B)4hI{+6v6dm?G
zTm{wz9oQTN77%!0U(?LQqL*OWL{emY)QJCNlRDVA!hyv&*B7o*^eO5rz<5#xK}8>!
z0tOovWCvSTqdt(zMj2+l><}5IIj|ti2H%hX#PCt(X8DUy_F-Z<I&ehyLU`d8{0}H_
z;%YbR--#vc3G%;5MK*80q;1ife?gkK23rn2c$otn^{l`mM*RGgRj~c6s->)kQ1Vb8
zmD-`K{ZrCx@Ha^SUg$Y_@gfw=jBZYWACsp;xj6#cDOr?()V7F$eWPi<BsZH|rgJGt
zC&ijAI|Em&2>h<(ePm_<&ZuaRD^Kl(Xi24%P>NC`{I&F@9we65X#^wsTbJaS;BCP5
z^hU}S`-~{SqD5I@>ycgb-Qx4EGl+4<NM9mgMP%$r|0@F_mA?HnQU#c(=mVl3(C%Om
zsK}d8VvlNU<f(t%)X~sRP{Py(6eKxdQIY^IH+b1X^&w5*1TXqL<N7w(x;Va}F+P@$
z0RO|Q7$mBJJFeA_Z-$eD0N$U&>oM<`XHLQZgRhUTJAsS8dyn${yY>F+h~2|SuNI?M
z0|9Ci{lwsik3L{**8a+<==5H4sWfC(R^-q#rXuHEtG~r*Oo>(06fqX41S$c7VqMgv
z6em0;CbwJxMdXsx2cv!1Jn3cI_3p{c2yk6&IxaZgBdVeULcBD`7;QlF3_*!}6(zSa
z>{1aH(oavt0GII|9K~U_P|-szl}knRJ9q)JXhKQ}BUP4Vx9xzUnBwlf=$6ps2|PXS
z43+^4Up*lPfn52>b-=|_g?%hLvO1vNU)dIPT=vC@m&u|8t)~k3^{@hBpF|0MKul&5
zb>nYJL(VyC#iaC*+6t1^y)a<ws}<@(;4)yQ#G9fnM-{MT{}*=(?j2UgXZCj~X}P2U
zN+X*xexk$2<&OPZkiFx4Hevs{%%lRPy{c6Y2(dQ{DR4Bb+&r3WN_s47rVZktY2mOc
zvE))k%6J#u6b&Pd5*X+z#e}b1W<Jn}S#cIibtwU+&t4rF+`8Ms$@zpY8yBH>;z&Tv
zu19r!eu@#PPMi*S#2pL+=a&ID!TX92=CC%II^vk)<V!!Y-C$cZajjz%bk%>SBqml!
zRtZ~|E4^T;R(Y@MlNMV}SM8}LmLq*#J^2Yn#el1ZE{h~hGk1YJn9siNwc=GBL0c5)
z14P0zUu59_HRC(mny&BPk|6Q^6N*>O5<v0YAcaPhJ(xS)+$rbu8`?W0s)^#5#?A%g
zN&Ctei<}R25zUtS6lAj1sJF0hcUmF)ut}*Gnl9Q>!W2#8M%r+fm&l&e#@{famGm>B
z&pl*^J%wI8riCHnhrQ9NdsS(k>k!QAi#2Q43GjRdCS`SrQdK^{C2nVu$Yqv^t`kes
zmy8d=D89ll2}ngxiK7F})a7x*>!gaYkt}{)qx}2OvslEh!tGemLvDMRxZ>eOxANe@
zvD~Zs^}x=kAy5b3<l@JS2032drg$GF|N3R$PJHW_@m{XMIVb9B1#yWADDjfXu*{bx
zk4qc~-EkapQ<YI>>_u5EU0f@Dvr-2LfJ}xV-euSnf1zTeJHv2*uh-v*R#!nLF9=}B
z{~_rrgW_tIDDLhM+}#Q8y12vQ!3hM1#e-{tEbi`Z!7aEG+$FesaCrOG`>}Pawx;He
z_U-O-x_cr`?eV(c1GZ_0_!%AJ<kY~wBS*E5pF+D}1!!P2KLKAVtC|MWs*uB9RKmxA
zpnxRsoBC&#LUOIlZDUibgLYJkm7U9zceJ};>14nSsRyqsMY|}q0XHo0zY~PxuBxlM
z7f4M9=6hZqV*#Y)38L}fa3|~ZXHZVH0=}9m9Wc1Mtdym|5uh_6(*Fx!`ONUddamCe
zdfj|3<fe^k(lM(+At|>mToKTcOR|=LC7K>2I0*4WAk(kLr887H=D*-`mR3|m&45lt
z4!JFMhMwr{{6y1pb0Fu^hg(ooc;7r!)B%px&_%d%Y(5xkpZNaFLEujr32b|Lsr|Wq
z7WTzPFF%Ie^qD0ad&cjyXM@kQUlg}uwGmbexy|e3p!jfD_4yq&#etdZ3X25|eeGQA
zpX(E$zxQ?)j@ZpBH(_^Y#+yU<D1#ERRB}wwSqZxHf)cpRs`DZ=CO>dIS;}+!RS5SW
zb}7-Nl=H&XH{@h@#V?mKyWiS+Fekg&3Q-ZZUS5B&GM^M+0P?)UW==kAE{!uk4JYvJ
z^!!fyDe5Up#D1+hB{LYhw&1bisiT)<?=xkkrW{CXdzwW1Rd#gYVtIM%of;Pkc~mhT
z2lQ|5ldosH0}FKgnDXBJXfzLb7<?lHDR4Pi!v=nrl1V8dd*3AMz}e!Ly@s|=B1FAB
zUot864Z~vjBnMmSe@D*!Z`R_g8h?v<oD%deCSG|O54tfy+o+9p;M>AW+)Hh)$p>bA
zvLR}>-`k~m<2REJ`t7ZyrKJzR)dX>KIqx5&oO}g~1U&Vykvuf)Xcg*SVEho$d<h*-
zR`B5gu`utc8qy@Vsb54oC9R#)z_wv?wH5LBQbMPW9or!))r*A;fv(`;C_c(ym*#M|
zrWP|6Rv>-*Re%Lx(4Qoo=7MznIgJXxks1|NR}x5~U2JvH#?|ID417a&(FJ>^A**6E
zf$<*SDo?P_!WOo!eIObAdVy|IgCiL}xnx3YZu{4za$)jjVwWi`TZXN`l#Uzh_tOE`
zB1}2?EdUtXNHQS<iX~)(812U>(e!vUJkTVPnTgW*-~dJV@k9-&8!~hw$&{>i9avd}
zDrnQE5L?RT0%mz_yM~s7+n<V^5;uA#T==O*TEquOj|x>e2btEgFQt1Is$I?jBT2M;
zUo;TDaCi&KaE-Sy0tpl|HCv|J1$!~lpK+y1XwNwjvkbBnwR%%2MmU;kiua-1b}LYv
zAG$mzp(zWo)+nU5u-XmYP*jkvg(HT_#C_k-NItgg#U(rXr$g+;M<;5P=exHgIi%}G
zM^)}22q=BN!cV1qxjy+>7%T5VxA3>Q;wJIpr(<gzVOq#+q9C(TmO_C3-m&sY#9GCG
zGA%;n!^oiEbJs(_A3RN8KYSw-lz;17zUD9Fde!{5bVqn+C8xY-ToQUao{SOA_wxhZ
zL?7sm&I`RwkHhG}lhyA2LFx2yqvivCRM99SHtr{-x4Tue<=0<{;AZvlWYvFw7l;7k
zG8vMjlaoH4Sqr&XHgt9oz-eMz521F;pXDxo0jp{sZ#-EPmvfV954BF2`#1b$(q3->
zhyAJB8z0B4yzfs=0MdvZ(;Cq+LLmlHC7hpT3^>Eu5k|x^i$#5jeS3)PMQ^x8#g2d7
z8WYK4?-@cZ0IOd-Nq$2SZ8Jq1fkIir1xA?HMmSdqz}E4wq~_HgTE|Ew*|=78QF5H{
zvR|poE39~!dr@l48pz$hopg&aXu)|V@ugu|(b*xU|8B0#q)<>K6hBKQxLVMm@K}iD
zx;q^CWGj1TG1JlB?FY7f9A^N;P^;L?R3m@EAy|;@YmMLJ`s{FmA@-2!B(E8QoS+T%
zd>jYKX^t)n0e<ltEe$a(QYMgp_MjH&{ukH$_^{=p_gP)Uuq~YfwL6R*?e_^Krc4Sq
z7>`CE_(%Oo8c|3Z@||ny?CK<ZKQ~>OW;6^4A7D1DAA-yUxde<>hpS23@X>#>o3Pz~
z6gqW;9YyepDMyK1B3SEFT&D<+GR+>59sMb4De1YtEi9rfpPF+`S<vXEwlkJu05N?G
z@7X=|(wWHvLXb5y!Jb!!Acqr8SUlqUg-@pqh_HQa%n0g^f0DND(I~G&Ro#JqJ0+b(
z?uevE*)ev%OxIJTg$wac@*c|T05r36vPW4UB^MK$LW2*pfXBcV5YDp3f|-<dauJzj
zMq)?>?O;bYotpLwYhghA!;ot?7~{fxOH6yyag-3IN^xOd$?v@Mcl0bCO}8hvL&gEp
zSs&C&i0rJQrBOyyAchvyYsi0DKQ4mEKBLozssL8|YTxD;12TSJH-ivhVU%gwvtYU-
zE_?dy&dyURr&M%KF5o=#rX{|=9S$o)#;1mhW+tjndoEM<7EN?8=hsA*RrlN5Y*-nx
zmRgXxpMuo1NGkqPjWU_cgkbQ-KgqEU;0|veZe|D37uikD=d%pN{qgVqI#T^KZqgio
zQ3;N#W|+e6t)L){C`~_lO=AXB+`8b0JcI0<27<3S<5LxK<J?M3V1!FZlq1W*O(DvA
zIYTl(_6kPDNZfw=t^+#y(If(+nxSCp{wf(iyx(4$1~HIlPQGGp#vKH!cEUHEn#<(0
zOj}RXr;pcU<G)_{v;^f})`Hju>F2rZJ`0M!1HjRFthcSv`ntis83$r4ieeTXnnQrB
zed<`mbuHm{V&%y1kQX~}Yuoq;Y^EKM5@y(m$DupnJF6N}HAh`ci~i;y3ALSc;f}LA
zPaZm~$Wl_(el9~@VX>0?owrL5I~sx+E1%bP^2*5w_?kzbmx1NTS>{<g{sRaQXP`AF
zU;Z*<CPkD~M7CGa7_SZyjRh$^$4<0Q9*`VXmhjc?Mfcnhjw-D53yu?h`~G_^(FsLE
zJ{Kd&_?2s+_=jfFhxYA4^~FQ&u#Z27J_WX-sRks(RC|s~;WI+PauAsB@NEbSV}wbI
zi%$9<4jTeAwem*tGJeXc%W_PXM*~-6KvRNEyVX0PUMv9N0sk76I39A9pg9_RA><of
z8?o~Uy*<LWr+3p8{?SNG=H6fr=Jk*q6mQXh%oz0BE=0ceHx#P*A5l%vTQ3LW!vqnc
zz3YTss|=z&pWZ#QtVY}tS*1168qok>zkVVPwbM6M-?D<%y2uhwi||bPoP|{kk!VnF
z*&Qa{4;=+;{I|{Q?9})~UC|`AD7dVAQqay4(<(=%Jl;IURPN9uyXe-z$@dN_Q=&DI
zNxRm}L<TRN#@F{=XR6PVM#NBHTR10;BKr1W$_$zXY|0~vwl1WOq`Wm8%yTa%0jf=<
zS&Ul(WGr8UEg}DBjdecLbFQV7?}QQGP8XMjX5@N<NmvW9_=vuxFgw(z)VN>G2=e`+
z{ewhaprBG0Cutig8<0~UOi0|w9SJL9DIeF5{Ko?F8I2(Az*(0vpHy`0H9<qYF{g4W
z7Hu3M(uP8;2#<3It-P(Zw3uP%pTmZ+G7BuT*;uRFnFMhoDkzrMZ(_MG(x=}c^nxG8
z1~E|Xd}4BJrRXR|M%4}xQvjN{vX)r(=GfX!gz8=2=;$^)-t)=yF&N-dATl~YNU%X!
z(>*O=+fo!zqM?;;>Y8r(ljaulVO#sL#4icKy$znuqa5A-2xCQ}7HN>^u$L}ghK48v
zO>`;1C~4O1){P3CN(}eMFmPy=l-?de5^U`_&DJD6y%Rda0}!4dVi?W=pqw}FwDu>j
zH}h7&KoWYO^}P6Zud_|IPSk9VGS8ep7NBx#rd$c~b^NzXc?y+gx&r{>#wM(KUVZc2
zYam<K1M81*0i`kXyeF2XT}aoDkgku!6E@yMupDXaD8!o7CHaMs_Vfk5ztE5G(82es
z-60lV2i;>{br`6){^A6jM{T8UWYkhZ)upgt<Ia*!pa0Fj?VqMCH%$(hcmq$)>engk
z@r_gGHa4(U3QYF%GOg2f<&y<qFofnp1Y83l7zZlT_MK{aRjvEw?$n0YQt+8e$f3$3
z^0ho!$f~c!k1oTQg$)mt`Km>&8pJf(CH%<CoQ2u)aq=e5o9R8F)pw@ivH!&LI!Lw^
z__DFE`_AC;k%eZel!)d$$r0V;f6K5c4J+)=et(XA)A8kI_}p{j{psFb;@ZTRLxu3d
zV}*6$(u5-uW$&NIgE{dB>_>~aPYTosOCt5-%dLIzZTT?AuE=1zgcbhdY*R)tYw9n8
z%6uq@mdjkVKDss&TNZ&!eF9N;4uw7GT62m7wta}+sH^R5GZ!i_T8Z;hbe<jIJJ+Zd
zqqbT&UDLXG)#OHt0dky<pMSa_jzkcHCR^gpPixqR4i;1TI##P5gUg9G$<(w+mAeq(
zl*h+1CZ%%f8Ie$QWdI|1W+WUTA|S%DFwZ-&EUYdDyNGWRHjnQu9J$D!OGd;NGol2s
zKyUaycz;~q^J*Vi;`Bb?!|ZGk0-pczmrs1C2WEeYbYRVinh|Vkygd*T_fZA^-D_a1
zB0_71QH}(=K>5Ya0yRtNrkY#>UJ}Se<LG6kA-m+X)qHx*ky8{H4LkC5;W3{Epgu@N
z!rW5f?f7BSs5VF<Y`w=e*L|Y2TIW`xbk|pn+48XU1tBOSs!EA$(%(NzZ=}E7D~y)p
z03WPP8;~>r95jo?*Y}1Vf8(@~C3x&6vDjb4OCb9kM;|%~d0)p=GfN)}>=l-N$ZRDX
zdipRIN+9RvRac=mRmv^FP4B^}oDGz-U`JdzmEId7dnJN+9*veh6FQb%!B#xy^@x^m
z`oXK00AOrzf-nl|jK`THM9AD5OTi!4vN*2pCa44FbHnb=pHN5>;R#;6eQZ`e<~gZc
zQe}Ek0z-#=&}CO<NUGo^Ls=nE+oRqIhvc%NvRJ2ukh<Mf;r0a6b0)^~Al9j+(@(~j
zZ%g6rmqZh79u+&sjYd|dhjrE~p{!30*}s)~9#x)^{9A2_gS1p0-6E^rhKdPki8@T{
zi#l7&h?PR*FP;$b#5bDvL~e-jkPk*(`5HTZS_Olut&Lb+&a77D0}Y8b#cL<x(Fuwr
zAs~lTtHIpetK*?L>|vZ`B9%kf{PHe|gO5ge1H`*lhh+()uCA~oc**Z55N?3I{1e(M
z44K`RJ*ZYKK?kT(BEhrlc{S6bHP|f60|kEOBA=w4XN>s|R3nh8ehw{3pT{5GnnKU;
zbkrwSY_#ov`PAW!)EG*-CCOKnKio`O$3IaES5T-#o+Lu71`s(0B4E+m{oIr0*UfS=
zVE3F5w~(e(4tXrDbKu;L4R2L!t#EBNXOB(g%TF*vp)?`wDAHndX+1%+Th_Bnk_A7D
z8NW8M{)aamuo6l7=hUS&n=lYdMS&o`slUpDyB86_l~NffcyZ}C!7HVp!9lR8i8Sf#
zNetU3R%!u?r=?kDNFNfLpVA<<0wid&vQ&U&8wG4StF#DE6I{fz_JIdA;<0BUlDt%E
z60;bMagD0}1AGbuRdJRj1qn;Ln^yW${QHiZY9t0s=XBLxdo^8VL%TJ36VG#vFp!}V
zWX9t^o-GT;&2=i`l;^vS+Gw0C{a~PrIJ3?fcHxT|3mTus7?H<?xq)2#7(x4W`8p!x
z3X$wV=lBk(0u2e?RmH-zle<V!0C#XXz08@ouqS(A=NQk?Fd9p)>=!JaskcB`S?YqX
zDVEneQ5flCu?h0H=6jINv;;lrmLs#c5JhHS=D#57{`y8>9>P_r>p&$_@yAq~FnR3j
zDkb+mjj5=ug+B#vN#=y2%lv5Kr7aknG+Awz@#|p)o_9t>*t`;FZb|&dn7>AyL{b1P
zoSMv8O?%{dtFH*vh3ag3eHx%4(=ati6&zHK{v?UN-2P41kX;-)<sn3*y{Yq1$$4ks
z(#(|t`0^Ind`@?k;_8kwczN$vuOqo&ujVRe(=lmiRhu4HX?37vR8qb$UGnO_Ksj6J
zhe~7tn?OmFF2X)JLOaSy1A7c7M-MuXjkPLAJJBqb-zJQg$f)NW#Pc#HfIaSCRz(@W
z1;fyuL(ynih9}752_@RUb~dDu=y9S;;N{|0iPk}H>D*R}4v`#ql&?W$X>}I9MEg{Z
z--lZGIg|GHHP{^B1!xp$>8BKg$k~_qS?S<OlCy+}=mzdK+LR<LPBwTdQs=~jDeVyT
zQ>YvDQ%-z}TC&8;e)Vr{EA^ooUWYoOgQHc7SvdCj5jlg^`s&x`e1{3PgpSB<Yh_;f
zFEw-SlC#g$pO6_h1A6J>FQw$4+>`$~3hP;I4&IthroTrsz;Sd47aJ`aa(H68d7J5w
zT)!RT*Er?e9&Zc&B#-D}qQlUK;p1pIZ(gE!8(DB?+InGGVEe&oohIH_g_2c{-^vhy
zv-4|wBC_X3{C(A7@8kMkZ3~D((ks=~zG5ZTuN>o#u=qZXno?W5u-+FuL~s2D-k>BU
zoRS~I_0wamS+dj_08LPvwnM4WUt}giu&2bG!qF9Wfqbd{*yOE2ehanqu}P<9yY-}|
zgU}-j6Kd#4!f=7tuS`$&6#{l75y{i|Aa=0|+Pl@4;}x{Td4AgFlD?Kf|4BS4I7cXj
zQkz|HMXa5*sC`Uknj-1#=QA~Td~2c~3-BG*1I1!cs-Ql?b{M!#!Pj7pvmW-x#$|O^
zkScRDEeVzPoTkR!RAWKLpbjyoM*rOgvx>g1tXO5R*JqY-Mz#Xzh<;VsL0m}vg7d(=
zKgTq7&8FU_-`m@|ZV);#34>o4CUq&W555TNC2tCOSu;#v`n){-)t~tH*6SD^b?DpC
ze1!rhGMKtye*HXN<3E6StDTTrfyYF+tY@bOi__^V#4ZB4fo`S6jU(C6Qs^XZzzpdb
z0XC@=LY-a#Wf+7J)`aQxEc?>NzsSd|V9!9eQC6Y`*2!wi+~|Kcgy?yrumtc|@!@pk
znLkDUp@m~1O^U%~YOV!N7XE52hq9}Lza+{acaJINU1j#bnFu6qj=3_7n{*7aIP0_I
zp_0NRGL4gZT=XME>V@S9!Y8c~pWIWb_jjnM>B!nXpS!h#h?>ou6g3(U`+#z2dgpx}
zPnvA^T}}*Ev=bGe(xq>`^V{LvU*soV$k<wrneum=xdn@xWG&uG)&oD^y@zoueb*2t
zZf>>9(^hPttHVo46nAKq!fNs&ptR(30+3bmUGU_Ex83u5)UfM%XtQEb$Yrk!(S&DC
z1dQExzn$D0bi3RO_&bvh^<5q^K<(NgOSm3#D#;o}M?XnwN;NTB64zSj!ZmV_-u_@n
z=-A=>g&TMs3P%YL?!Am<L%t|s6k<2vt30%7gvBc#{9RoUvG~{5zRLvGCIL0Tnf0j2
zaeDfBaIPU>Z;BeNQA90FJKqW=aRN%FR+UH%=0ciCj2z{78Q9|`wHQ}Kw#^c)e5#Sr
z#VFN}vypXavzVeeuHD6)#LqcsJ700KD#j^TA=gwHQ_U3lXH`wj7{2B7;NV;BTMgZ?
z`02(=G?IexuD6b`xLgQIn$a~H*^4;&r@NbpKNMjGf!il@iLsF7&dEt}rv<6*ZJ36O
zn0eqU<gmj)GNEU4<-SOg;z?=W2i7zt#$JaO(Lkm+hqp2vFZWc(vbxFL%FWpYx?KPT
z&mqd8AI-qGE3B_MQq~%yqpA6bcb>&O=2_c$`x5?jiG}4t8>rLQIkjeA=?=-`9G>CP
zLJANSEe3$mQcn_#Wc4GttEhD&ID1&w{8J)0$+%-rDfi1cLWPqPmjy>HrBuO19z3Lg
zlH?;~VlvnAH<A6xCABnP>`G0dWZlYcXC+B;8xhwSQ@t2f@r+*lI>VNPsL;%>OK%%9
zlNET@fYisfZ@R{NN-TfwO@vPVow{t&svS3ADHMG9mZ3bZ1s0C*BY5(_Z=j4QQp>?-
zMQu=SH?;b_TZAV|+LpdHrA3c>lLV2+ZgWh%Ic*Wpn55&Brh0Dgbzcoem8;#~DadJW
zvCfplhZfhW^Y!u!$MC|+uu`?t3A=QHQzd=#yE<Yz<Q(k+7{uAXr~HF471@otYwFbO
z<$;YCQTDyuC4cVyd=vbN-M~MC)R>yf)r*$5SsbxA2yjo&su4u2Kb0UoT+?O!O0BBg
zjZvDFl}oBpLMK0(%|mVl1R^68XRx9~Ys#*@N)_3W(NYsQR?^fb7LJDQF#?1s87vzY
zZR!_JJ~sSl0u%y>zIeosZ+sm}uSGfj2jcJiQ&ZOZ(^!J_WAiDVd1U>IM}_()=La8#
z4?}XtvfZx;(>~(m4OnXCJN~cK#LrV9LWF;I(!El#ieLObHc!W(Cr-WLd$^BNQQdC+
zHP$k7-af69Ti!$W{xW#l-sdXZ583^a&FvaMz>}UbNDIPvWxlDTv~C1aU4nsQzy#@3
zS>8l`<@o8@b>pF|W#ELR6hUGUSv>ZkL)@42yb)vqmoQ$0C84SF+YB5L+lgLQ#bO{x
z0!dt8YI|?|*3ECUiIk$v4G0f}lubx$9xtdE(I*(jRthFTXn^5v?ATzfhqMVLrGT8=
zRJ;{rN9r~NT8hW$n!l|d`%cWm8|6lsZk^*CGre7gzYimS6S~@4{jvA`Z4j|MhF?$f
z;CyrP1njaj(2ZMfWB<bFOvD9+6ak%uylZ8|6X=RzZkM|Ri`_9WbwY>R-~%}zwL<E9
zP^Z2;N&hGbXHr^$h-_<X-6W_EN3(+?S5KuIQtztxq0@1HBf3CY5^P-{s7g|_XO@p8
z)tgfoYQJhOZSAq?$Krz|j^7Nsst<iGLO3iLMMQlEb2xr`Q!~NH5_@RzBS6|W<rJM+
z6R1Z!9@>e?1J7WN^!RNWJH+MJJx4*X6yiMEU+eo|ek67>{prx<v65N3HSwa%<;#L$
z$!c981J_<ZQ3K4YGsA1zt>IexNaYY7MtrXQt8CbAc^veJbA?&PX#bttKuMSE`6BNT
zuZ&RTRb(c-CCP8unS*Cp2HaGoa<dq9%cFvPV3>=?jf`)f!qaN(MX4IPZi;+A>R{<R
zg0uR6F=d9yS*%|bL&1X0#g|MX_ZUE5uh;DHzdC&LKrm#8UlSYY!isrbwyVL2m4@Vb
z{^kP_MKy&AD$VpEN$fG^<;y6hn|oIK5zw_3BS-CRQ&X*UxZIAk=VnSt_IknBjL{%;
zND;9+L(i4EpMkR`-ibGk6A|sE-@#6%9Zv&#{!@AOVA}yY0k%Zhi>xc=u>#;wr~)iO
z@$AX2Mn+vQBG5S5BMb97I(t-+-m*bq^^1vMn}2MP*P3K7{!il0{FACWY&)7f4M!cZ
zLNWDi3%@UXAgl>jj3QD1Z!oaLV<<s5hPFnA-j86httoA+0L%|0sH5GH9SxzaKx8eM
zpOPxZZBVB@r)+HX6rEzF9YocEp5s!FGOIG+yr*zNUc^k}U+#DbL~nmVD?-2jw<<lt
z6zkTKpIFVbf4*L!c~TK1)7`gF3n!83Yu;#=v{8$Kx-f##yne4_<*ANX(>HGL$`?!l
zn-or5xR4hh<AAQ5Mm;7rr?o=?XOw<AEVw9WpnkfvDJ&|uci7X1+v7D>Ni#g#j4&JW
zOf?PN{25`zDYmP8b6WUFcR`Tfue$brZ6mT~QMd22MeUuOws84kaoNAaKThOR^JMTP
zpKckRw%aLT`TaLUvqTc6j&>lHxTWBorpKH^zL&WY5ghGlD_kxu3BjwoL3r%?%5;pu
zp3X!bz!W7wzd_`|P1m&tiCO&0;zCut)H9qtJ3gPrZo{)G1dVv7)c6z$F@E06hWylD
z0t+Bf04(?Ich_G2hDmuuVzjs1@|3f=_~PI8=+<#i>~&k(ob&6Mq59_!iBZIp0${c?
za7{^RS!|{Gp<a#-w%?@gxZ|l_)0kAC244*2&l(%=+KE*=BfH<<#J-UYCuk;5qz)$^
z;iI^U&nB!20d0@<dVc5F)Sw$%Z?Ji2r^?9P26|%L@N_sHQ{zme$9<)rm6fS+-cBSk
zp7{-*B~vX;&cQ@&W0vd}6NOVwMPP=47A3R4xT<E$)tcR~yVPnz5gFEdkj!S_74H0S
z@s*8emK0`h%B+p$x>r7>&(>$Zg#tuZ#5a{3!5+}l`Ncc_DvD2@tM8A=E#aJFT_N6%
z<TfnS`Zs8O%vS}Q==Ou3!xk(Uq`fF=C3&0w;Aj2+*)O@W5s?O_)MCte@*$29F~hGP
zmf2tBq@H@e-z#S~#)pqIKU5zNe|O-&#kpcLa0@Knc7AB_KLjGO)Vi-;+sFtb_Rwrh
zRA3$o5T{x%W41NFC2wwM$@L1B>ws-TH8bK3x<1iU)Fx@y#JQMoc~?6aAV9PmdsREi
zll0wLLXlWh0y>e1{6IbyZgzcxVru3BUUr<8#EezIhP#wzY7yCt#1y%@&Y9=_{r!Mm
zPIZQMVR({o+FB{1AWnPq`eAwcC+JOu!sgRR2_DN>bZK?_Ivi(dXOz=GgO65r8B+vV
zY<YjBazW-my{m{!U!7~Hp6brpo5&N%ONzGn?2343p}E8JAXJN?$V`{8jfVCn1+_xo
zr0@;{jpICBcsO+Yq@!>DBE=m!R>j0Z-NroP&IvrVmubBA246eW(W`uo*?en>=Ob^n
zdV4bpHA0z3XNQ+^9{68_^JqWi1)1Wx*-JYXCSiHjO*~)#NMsK!{{RZGnQf&A-W=2X
z&b$zKKz(1~XX$BAeT9MIayhd~^D!gQ4P_Q~n90;ZL&gbQVyN~hrN9h%fG*vrgvfyE
zNhvP)8KTphkif+^d(2L9^qjNM_bzt>YcF#ZrN|Q0LJOTgF@?^acKc8v`ywmp{B@s6
ztaPsPJ?=Gp4ciYg`KfI$dM0jGL|pq@Vp<VBI7adNyXHxLCHuG4W?6j-?}gz=-#oOk
zTVpanCyrv07fYyNODV4}OHJlL1uShg6+=(F*s4XBmbb!>zao?TYuSD!bks4Y@zH&^
ze6?-%eiuQu&rwVCJ{Vne&x`6@<?`hRW@UxC2h35hX3%;k_@bY-VLHZTp}q7m!y75T
zjOtce8@F;~D?oMeXl0x&-5|5Gv2rx?3gn|qGtE*)$(8*^mL&o8@9kFCJJx|MPfMSq
zMrv1V`)n3LbXr33KCpHv+M`udK+OZ>7_Ve#2Zcdv4Pv}6CI`U3<dGSxgVe{N=GYL!
z4H0bVOSy_@k%@WEBL%H#FTJf0AbP%d+Ks+%Qf6RdKKO7Kje&~BM$4*tj-Jb6q2$G>
zn;_~yxn$~rzr>7E6?Rk5EaV<{w9Jtr$|ruHY7Wxh^2X@XUN}cc450{mVR^z}R#!BZ
zY^jLGU&36<xeEc^7%qQ4^*-L|?0(OrEPlNsa0gq4{!lAZZ-ZP4j@`cx_fi+|qA$1L
z^eQQigSEqE%3bmK+odRqT?b<9Vd9t*5le3@=yvy`mjHGASyVTrR%3=l)v`n?J49MP
zXM}x8N(F<@xr6mQoo=ipO8v^Yu&M_92~kfc$g5Q3&-9dR^v`gN$e)np?qFs_%3icK
zZv`&&cSd$<IrbYqJtdF%HcT6DH<!z2)p+dbne2QjpalEHrrvaXr?<mp^GxO|1V*#H
z?u?x($JCtZk$>zGR+f>8fzJK?pJeDvchgMXuj;Tdk7giAswssst+teI2Ke1<i+=Hz
zEUGU?PAl<g8x6Z~7L@!JP~s(!i7Cmd9!1h|Rpr74@JgjCA6@o9R^e3m`~@(r9FPio
zZE=#|eU3<7P33N+gi4j=VG-_XNBwA(4CiR}JkK7i$bcuA&;<J&Lf`0@-yLREhmm1)
z<@sG<<~a|f!`I5J`kkqS$ii9oz@kq61@1;`nCM;9zrEg$0oCaMn}PJWUqQu8*-PN0
z^IojR3@>uI0limeH^JoY^yGk3Jr3*rgnIRehg?g51Ctiu!mU?%meEC;q<3}W3+;dA
zgMQ4j`c#3iE5=+<b)FgmTBmTwhy}nFpM8=M9{6fFD<z1y8AMBxuUqodhm88;`$0tf
z_KguOz{HiP0_Jv>M}i$0hCs187e9<5v@wV^+4wF+mC*;HY&D^&e5O~D)c`TWpTj26
z{V1Cu=t?H(3xD%u8}sgB=!IcX{Tzs^nq;kcNcD;rDVbMnmhqvCfC!$8Kh&_E>>lvG
zcPu11C3$n7nLxP?iZjhAcxznk`GXj7`tfgft#)(&Jh+7oEmE5#s_R?IEX56!iD`GG
z9+@i>)A%7CELeud(tGu8jp}Bubc+NvfsG=?(0al|F%-b~oqVaW=pQgEDqc1?;>V%n
zXs}`t^;Kdk=~05>xxs+D6dN@_*vQ1w74me6D~!dHDZMjj+3eU*RB88zYa}`gfuE<R
z5;JTR>OIjDU3&oa#HN`^llSeg<(g)vsaC4ef?|U?D+_^BFnu;N^HfghK+U?qLvQ^9
z;=^)boaB{-sFlzY8L(%(zflLd4F&iw#!!Nk--}#ZWW~+XR&jYq__myTn0KC_aH0A=
z>4RhOh4WXCl8%5(TM`ASeEv!#EwOc>gF*GDHlEb)W3MYebO5v~WvbA%%&KV|V?gfA
z1prCMM)E|B$2k3bdqPvcgZmAmF}R?Sq7}q)8I<C$bDw*&Igpg$rEdJKc>Ylz6-Dl@
zU<W_ne&nYShz_E?sgwk9#S0I6gY_EKIgi`tSu<pzd4WZ&=;HzeU$TapUmC{FD#{$B
zbnqbVV)|I)jdW4)jm5XP1v!C|xNnWyh+b-XX^58yzbfytlUtwLKFUDeZXdTSmrS&e
z$L?1iU`sfDl@K;cP^_ldu8~4<VtL27%}v2=`bd8n4z=>`i17}11)qH-6b0g$O3Ta|
zfmd}TA#(P0X?*O<HN0F}2ov?gyG|yE*<=U%HW`~}zpc|qDH%p>Q+@>@B4(SCB&fg=
zQ9{T-lxW<e+#V@QW+HAW(?x7#1Yfl0?Q){V(6@3|nvqsQ4d5XChYU?L(&<N1zx_UR
z2Caw$D>SYVC}pW&2eQw%{p<dg!{r&G6Qtha`G}p2yLH&M@io65GnebJ5#E=K!T!7`
zMy8iGQQmVi^w6fD(asrqZ|cvF2uULZRyLbp*)|3J6m4Rb5MI`T3ba@AZTcpj-jz@^
zPQXhgYTtv+LkV0@0@+peO7*Av+&l}Q>%@!THgg3eG@~z7;%Fnl&;Lc2PTrf1+|y5s
zN!&5cG~YjCo9cu}m0U=CE?wnxkO9OV&8YA<{qBCZDR`=Zcsw|eNBr)MlZ88B{zC3}
zVv5Te*YyYOdEGyuHnQBJqqL)qmQR-<mT|cm2OXY+<hpKE9P@;qtgLero2eoEk0D;|
zudau^9R0-Gf(v|*UsRtPioM1dYON{{NT0tkQGO+K5BonXajL#a{QBm_QH2vpwmh=)
zJFL#N)ttgs*544fSu_ZCD3%sZt#XlNZAC=qJ@i@>D7H^)X*3`FBx^F@Z4$K-?`;wB
z(1^U_57_`rM#YD1ckmel?kQ|u`qNj$YqC~FlUTW)*W-WZOM1rmMN{z>`?>8Ud+=@T
zPe+d44AVPxiPLc|HghDKquFy_LotDb4g?1`B|Ct@n^r|&`aX0m%J&ouE-;zp6g^xz
z1YDJKJrl}PXH+!IUl+SMf8p2)G^TVqA@P@}In?Gj9FA?YtG95qvFp7NN?1}JEmZJP
z)A;Sh3PS)##s4JDptt9FCXkCIOmBzS_PhDi#gURJ2^jrF)S)YsG%qiYW>m*WL;?r>
zRzi&JO6fvGi3)nZwCbP5c2GPIIlUli10`WO(%S$?TK>Run?D!p5dx8WZ}0VT0Ith}
z{;+O7=-f)T*Ub`y$t1EXYq<HOXEZ7~503h`(hee}q!H}VfiMzT_j$_EG%uD|$6T|V
z27!3tlG=zG2QQ8T8|xT12e`qV5F|iJz>`itc(YP>#nTM_&Xi(*p+_(5QN9u4XXJ3`
zq9|B)5^N5n#-k1IC9(Z^C|if)L7tI36?b(oN8PzMB};^q>t^bjK+(XM4$nGX1pP^&
z8rG#l2*r<|Wd(cFPbw6mw_4NLgf3Zu;*-=-?4411J-fEXKEfE0_K0<ykj%XMFpakW
z9Xeg)=P;Z;X!@f#ZfNl2!4><oaXXzAQ<(n_=7PH*em!QXo}_MPN~!YHidCERCQW^l
z@T_4Gg~nbo_R(`QCo!sJ2(HhQXrUJz#TebFwb9O75HaS3LaF_L*FL+x$7L%Hk%4_u
za|OTlrbO_A6cmq@4xO79M9f7{Q3wzN_*lm3kgP9wL5}j@Zjm(%AxA7s6=MyIN1?)&
z_`vum^*rchdm<&oaH5Fwb34dRL(kPlT)_hSI;&U~MotA8Ue9XKoa(h|jCN-ya#)(Y
zuCV4Qv<yO~n1GEnR#|k}b}V?fm>_eH#U}_Q3GQ}k(f<b4ok}pvnJa|{)6(eM7#O9j
z3;yuFNad1IuaMc4@TPLg15S=HR!1ArCUdO2tgOe5AK?CNfNa^Rz-~iLC?8;@G9h)c
z^)u8yW8;H6uLeXy7Am8zgCQm~OJzDEF(g?bBm7+ig5BgSYx*_wVPgeRtIb*OH!&*b
z|CTD+VhLJ~N)qs-={UlFEAEc?kLFIG_biiPVZ3W=uo@DK`p|^1?c1?dw)m(R;fu^(
zpei8@VI+LJwUab-JuE=+N*SQbwE8kpFfy&LA;Dv=bJ)%6bxU2fp==3hge>{r8b)PF
z8ZzK&Bypr25e=QcB5^|XF_)%7C(_b*Ss5^<uD4-S=KYf$*rUS(guzB$aK)t~K`nPF
zpHPCrTtil>F!%pr+T28kcn0dNceHyAN|q~?zt1OYz8%*kMY9(EEejITMk|OPtLOhl
zARHMkppcL=DH)qR-V{kk_~byq(B}TLB5>b>sLoZFHeqBONZdh^vp?27DQSZkOxDy-
zDgz0?McaU4L1(Q8$@fWk1<u%cgg*Ai6Yd*q4YD61MByLfdFCGpXbTQ{{GJtH$rtZ7
zZ@Ut#oaJWHOjr;E-II+Z!)6*!Vc-bcMy!MllzmDw5K#Ua+<&4wD>hHU{YTBb_}a)l
zjmVtiCimRW9tWLY_w2Ed*4ryIGPjEo>QxKPQ|Kxu#1<|@1(^(j-pw)Nxn%QPz@B*$
zgtM}E|9-7twGN0!79ZI_BUnZA^gLRY6rM1%-1A85GpgS$M4LrS=$mYySIilVhI7*>
zr9S(LIEXZrfg|sEW+X#h6~dfCfFod|!)$htc=vagnUHDvB;7gLaV(i8vvDexM%dO^
zrSXD|&n*2m+6|rd^t!9g8rQ^yW$dRwh2thBt0xliA{%m<z7NphzOm5?DcIv2Xi1jD
zGaRgu{aSW_c#e<aFY{CXTz5(3L43fx@1U}}cPK_t4;rY~My!QgdJO9R{t^RnK79B-
zpg=q!E|%lv()nqu**X3PRw@&h+wc^S=$ad|o>iu<3@;szP~2>XHQB^=k0If*f(*<u
z{HryKj0ZG>5s50gbOv=W&BVv9U8zPQc~J;IulKnU|5w9j(P=F1J%fxmlXYdIbE*MT
z&W4>EH{xgQKqkadr0^Utl=B&@3UZ&cNqrs~GeMNL0YLyxBln&a)k!4b@8qNu7KYE#
zx!F+8GZ>sr!q4I(qj-Y(AJ7Tyc$sXyR0{jvcoKv6tgT2GnN6)1W*SJ#?uJ_HpsyHx
zlH9>BC3{$;!b?E>1HPoWB0Ct*>gk)=2Vho-3o+&2M*E8nBf;jj%QMno$oYNALJox;
zkYJzyKfx^sA2&~*>#`ccOR@fhg1fX0Yci@Q?1dSj)(89b{y{ao@^{<#!=#ev^ivOT
zY^yD8!?H-aCWt9~xhlQZ_w`CU1rRZV@;7KQzgch6Ub}xybVA&I6@66*Q!@b<pCT3!
z^c;9tqJeje2h8^r6Dwu0hJR>mXAVDbA5G>l)SXf-6tG3K45MBf=A*z(EztE@Gds-T
zT0qC7QOw#i6&<$UB+q`h(0{0*alq_QM4#0Xr-k-y`}eRI44ccMEu0T?CQ--8B%R8c
zr|>#O1$wl(JkR|&{LmKut@-h`R?6}5hCjGox;rHhDaZMcbQf!3BdX_s;5HaNcNjgI
z?3UR!t$GO=L0TsDT4SZLhzeUCgGG$zII8!V{MzH2`Sx}_whtzA&bBjmLQ@ZvSJ+Ef
zrec?yJ2@goi1VY+?%m?)DfOn0ID89ut;4)p+NtGJEpi1UkL&obbq#{M`+J2eB&%?b
zbidPQuXgE<6Ke{Q559M)_JQw5=WxR=R-v}po6FmjBvb}k4PRoj-NZSbs*v=L5yfKu
z8Y!TPGwYLw>yVWuFe*KC?X0bEewX_EqsSvB#a^jJIU&hMfGarj+EK0^Urdl)RQj}>
zYWPKfzz6eZW#`O8e*#<W9T75q4j1Ry33m_^bMi5*?h%RYW7VO3)$hebc7cgUTTE-V
z+6>3n^BpEMY4fne8B}R@^=$9aVoT}?=3W(SbE$6JRctCic-TO0$`uVL++N;92s<%V
z6-L?`Wk~Q<X;V00N;Wz5qBYiu;q?_6SsY@|D=;>^zf)O;Qu|d(vSR~$=J#C}HQ)3n
zKwI6NDIXsuDh4S%Zyk(DW?kJqZ*VyXSFJ;vP1vI?`c#f}H3>#>kzc==7IcLD5V>#7
zt~2D&b!8ciG6;2^={;w_)Y6Q!=(g1`$Y|F0ps8<fei6h@5|`?xi|EbDy}2tb78%X{
zf@VpaL^aMuL&rgsGKw1hbQ5sBe-G0VV`z4kR4Puj517S3LX-8xLZT}QFCfQ;Iv=vd
z(v;~&t+L?f(TcA`^z`Yw-dF?=iZ6~u&bsA316h5eV!QN{T;@#W3@77L2oZxTp!!%8
z2~@)zUE_bmhuN(FU2QC6>zPvnl<)|$@T~@c`U44!Fd7r#mVHxG&$tbZ5Wf)X%#ji!
zDu0VRs6FHvRrwk|5mrvg!2k?E5~SRM9SbsW=!PQ&?P`F+99yilFzZfM&kvr)4Eyco
zbtK6`|ITXd<df3Uw7MIVK)zIC-dHx0W3N>x`r1007SpqVgLYt43DtjX!iy(s=_cQ$
zN+7Dvwk8hSv4Uh`j-jkGt3OmAW(&)&`#cy@4NAUEW17ond{Ysn+pyWK`M=_#pgBer
z)v*lcnP@i3c60b(k6>~{AbKGjIf1$vyZ7^8&;*1-+}p@e1b}6%?@G6#*9s(Ag2%p*
z-xY!4bgw*EyT8ZTI723CMo01g@X8^szuH-A;qXBUJ^xd=RYmBBs$u!Id(TH_Te|y2
zFj6jZwTYFhjmMIwVJ42~$57b1+=LgUK!|%d@@~8A<P^>eZo>d%&B_waRTyGO`~zV%
zP6f{JfQ5RgpGQfQb}{LyJ_*MBVX&Y3ApC1N#FCysCs(G+VXn6^lKk`wKPCg5Huo|^
zDnmnSZ9tN-PV7ozM}&_i*QN-98GETLu#TVStpCz7uxw}hU5X?F0!XFxAxq~%X!M!b
zH>xxnxUSOG52ucXyuza{h>4=l>qZoNRH5Mp&x;f9)W0~bwN_YBX%KIOIJ27{osF{y
zq=&479MQmI^Z5g>=jThPSJLkPhJB!((yLJvNA1<Re_enzhO)g~z`ChThA;@`mSWC-
zDqN&PkFsLp4j^}5XwLO$ZwhM>zBDsv3B45$pQT9pcP|ZegiJe4%@k2vL$>q-!`=*F
z75Wd=DB8hc{*nH!2f}`&fl(vI17|Xo^S{u&+}H;t-)NzAdGW`RuL)gW%v8h;gR!{3
zZhfCS$V%^CBFkF?<`j7?{`O?lWE7OcxQ@$p>h`|eABR|^_jsD|L@e+YQ8E5pJL=F`
z5n*m{k8*0-VLjZBu`l&76g@`7#{=>DRFEK##t;8IwEE!Ko~ABn8nYcocoVNrF3^1u
zjy|?@ivs0J8{vp^!6^lPdn~Of*E`SLFt`Ja@<RnYWz?8CAa7VIVHTW6*9!1v!*?oM
zhe~H5k!8_N>nx{s6V!XQ<*+o49!XM8SARV5-ab;xeNF(E)TMHzJSB*oB^DY30ULv0
zQsPp9Ffk|&nZ3lFb0gWJ+c<7ptxO)mb-A00%$e%bFp0Git0^&=kBt)Z(wL6Blz@<1
z(lzc!YkhuAZOUjV6=kUK|Ezr3Z+`g2GWO?_W0jS9TOVCbARjX>k4(=}#;jw-S+aK}
z*j%?PyS+(GmeL)fA7tAtU_eM6yuD?pA$6!ReiEBVG*fvEL?|&z3F!JAp3NcR`Kv(?
zSb&V1-?7Sg)Zy~Ok#*ze-crlYcfRau4_%2~O)N+Pta?~a`hf_8%kdIuDCRhE=T_P(
zky30%p0861vs-kHtN!!{stXTQ_k^d+i%T3iggGXgGP#c+r1VZ+;C?^4er2iWfsle6
z=X;X@oU09A=;R@q;(mUNaLNw~6a@Sc^+49y8F+ZC378H7sx<W&iP?7It>*p6j$qmz
zXf0_v(ft)2p>8h|H#;+&RM@tpL5t{m37XR}o<>@tw3w1tjCEsZq<~!IL9VYEnyyvg
zuKrBR^>b*UxBYvUte(-~{HIJ>;)6>w17hg5#td~`0yO4BpteG7)ksCW<j+QAl=i1J
zb{Zu5B<%Pm*w^#rhL$MxMt{4aS>az3!iN`{8&i6>`;JjMm-a?*k5fGuNOI!#Y!mQ6
zgt&T%c|7r8#A!Qu`Y1W)ozV4HhT*B%s@Xv-<L;%GEfNIugYUjh?{T0%nD>b(%l4dY
zt4k+z#v_<9TP;$8eK%iWiH7+%i`~5zXNo9SPt|T0T4Y}`E0~{CBhF1XNA%tmXLa0=
z62>|_OpHASLa{W4Bk~02Kl<@n(qvt*>$CK*L(1BsaNEO1*x4ZChj8*>rQ8qH=@9A4
zz9`hM7Y5M7g;96&Ej|P!nuc6B_f#NbCHW!J@L-Cud;{6tjW`j+^mA^|e2<w2t2-`L
zkvngWj#CG`UUiZDeNqt`Vk-crfsTv=T0cDF3R`tX8MJFhW3V3jwzlnGt_3(KJou$f
z@o&Z*sY=%uj?DaH|5aaMuuLdi)hNi5rNqC@v0y8JvBBc`I6H|JHgvnGlzUE_q`23p
zok<+~gQnh2n_h&PI!3+YzrMTB>216P>~#6?RUtX6AJyJ?^msRJoDGyS2a<>5TNuKI
zbR!V#H-hm2MqCQ8X_}%fD0M8%!N~ad5P6G2If`&V)TSzIs!caEmjY1@Z4)spj0Fhy
zmTDhD&GU5U&v7VA#M=jdlK%F2Svp8ojJ)TPxeCmfeErhha0o8s{W|Cpr6I<LX>?UR
z>RSuS^e9Y%b+|oQ?O37-$Ife{(EgEo@e2wV5t{MnU(FIPF+z3c=?+qySK~OO1js?E
z<GNzF+AwN|9UviWVC$ETHDsY8Bv+IOOtVpY3d(clXN5p6Spx1KQ!>0Q&rerMl=#h|
zUhZ_!WF^+f-g(&e52Fuo-&puHuCD~;E-SNtD{^x~-{*bf=g;8~Y29xhX~0Hu`<eWy
z&(Jt`ti{kI05P}v0BnyLt%h#3&^x@4*zKhr^1TW^a*6YmW=zDJ!cigh^e)y90uPWX
zmo-1`EkETtoiW#V*_+%?lW;0+rtq0IF>HCyhol*ih4i-Hk?ls}%Tf|)V`i+fwMeYV
z()5KE{0DO6F*USkKGardWc%-toK*W-GkNT?Wf<?*znNl$!>g_SHkeEsPW59_F)k;>
zBiQ|?p?LGlpUw(9IQo2?ln6szAE+@TRv#ADYC1S)^ve0f0AOob8nA`cLWG%w_3o$v
zRvcTeYv6oWZAOAP@efLMV&a7}?{GpSgnk5%0ja>DlE{UUN6s<P#%wssWdsnQLMDv*
z<q1$_reL-vJ5$}nU(&bL{Vg`#`_d@p>rlYUX;-Pmma~fo5#TvGcsOhWsXkv<@5=@I
zCzQk6fZuX)9zBHX8JeHn3&y<MgmidKVVa=}f*c;qxxNR!;;=7fH}2Vot@FxjgY>^p
zJt8=66s+{gb|pwH!e1`knBYI^sb9FV(B*GBHrs=4+`_!})Z8M+FP%c}W2Ashn@+cr
z1Y)l%+6}$i>Q;n!fAvkq_x?UVv$5FZe<H7aj!xMvhfN+VEqcuQjSqn{@zhw1s6e07
z+0!!EI68qRJb^P`0`o1*0PC6#gf(!uD0&L3&`c#GNfQ|rPh8&6UyJ*3e25PIfmx8F
z=(a}oV0`?4F!-bO-+CEqpr)a>oX0%Ju)kEQ%ju*a3~qgYKYrhB$^E$AhvX#sczirQ
zc$@xsyl=_vf&4u!{=Fm5a+kCY5i$-3WtJLB(C1N31Y&rCu+Gpg5!kQ-<ggikQ_wqF
zsngVrBxf;3!Y!1f5J(p=w(S7{A+a6R?4dAb;=z|{rXxl{5&h982*Fs!^M3<T0(w^1
z>IwiiHzDCP`TDn{WeAX15_?q^6UZCLRM4_;2mmcItH!{=8S1%YbjQV}7{XxWK~xA!
z#a`$at$t#`jQ^I}Y*Q^3Z&2FYYk(K}9Cr6s=SJ<1pWE@H3%`cu9I2Y^oiO_xZd8g-
z*S4Y=o-p!&otc~xF8hLvh!6*8O_nZD;=&=LiFlx!NTx?W=S5KZ2-cYTbZ=~?h82lH
z8zLkfYuvwiXR!cK6bQ~29o9I_vTI)Cp7Bt-eU|&ezK0EYYkfwwA_t9pk`b(Q<Cysw
zh_K)(0ShU*@!GkkcM9jahS;`*Lv;Utl1Lq!H@T3fEEtXFn?SWu;Q9)$BF_<})r|C*
zz=TGhKzvQDJ5RMSy9But+FXtvyF?;-iJ-!)p>T*-e${Br_q<QSw%aQE^n`HZnx6uv
z@6R9=ea(%D12L9Q6OnOz=nzt#RR$~kj9lGMu<p^cs{*8gMW@SYAxI|YQ4{-ja1F}u
zCY*qQ-!Lc5W4$)AV}j!`w2IamN&D*?BLu7EkIqueIYne<>fj0U8Eg!aHr3(ku?}w_
zaC17WK=7c;B1F_c&1$x8|2;wa_{m34!T!EZH(=9;!lMvo4ar1I3hJnxW#~k$G|}Ow
z98$b1bcnHVlX+t`Gm1T)3Gi@-ZK>niR$0ldoBnvMtBc+Zf5&1XOvk`qF4516^WqgU
zc|zS{tW+wchX;^2*9Km6y1@0e*kI;KnX#KOHQ>Np{59n^>j7jZ)(S`%?UB#3JO!vq
zRUiir2l?%NZt^_2g+s%4CN)&~PZ{h8^(4%mB8zvE6KJG?#90k_UAAqT4ek@0c2O~J
zKH+?|gthA+CZlPPS-0hOVMm7ezqH@{rs7@8k7NDTxJ)P~U6ca+H}AhXhde01)eP4d
zf!G{`Hd?qMgRdSr;)1X>PZFs7`X2(hk-dfd5h_jx(Us<#@C4f21aQ9?ga^ZWpEQne
z6ftCk(&0)?%yvfJp3M*oCou}cldCEOB{sq0$R^wqH)4n5HAiB+JXlYfP$S#(yZ=3k
zpG5jYOxo>Z$x?pEC08qbcV1(B%BsKg`eV}g*0Xj#wCP1{8VGUd5rIg=pxWGwhrCIW
zlAFq)qWd|lAz>Tw#U89+YUY!#P@MElT3tJ#+8hw(SS#%cX9q@+DM$SGqR+U7F8RHE
z1S*pCw9U)>j9KxhT+Q)z<PNFEFBT!Ax<4#Z_er75>RhG#yEQX4mAzC+k|BWv;d8TP
zdsFqVT1hFI9&$`*JPJ4|@WeLd;+YEpOs_>GX41kxNmLaI!A-CZN5Mb}GwJAgvxV%T
zh=H%0m*a!EYkVAonc~&O`K+JS{;G9NQ~Co(;>3bBs-4egioEN2%=+ED+xn5K9A@y}
zHTn^JZ`r$+!)m!ym{?)^om<dP(6P+Mi}#G|*6v`O_oGfD>^J6F@EZ}D6HNz`U0oHG
zwKL2K;i|UT7#-uVGTa(cAlExTJ*64K*t746mQ87p7|;a8sH6NeO<|pij+76hcxi+#
z?4L3S$Az>#51bMBMQa&$k<TDge5fI1GE(@!LdIIec7UN#Jh%B~<G!+H^fVNPRhg6d
z4Zu}|a^P-d3}t;<0}gM8RwbJ_r6lefn*;yYo6;EB{c%W#8qAvdEMAq?l%b_NIYt{>
zNLvOA0&_Jb{@4kn{f~q?M!Qn?&Oo&XcoQF)9{_)R(9Mib3JR)2MC_jOco2lnN&Vw*
zd_>g*I9}EpCjE)lS~58)z-Txip22an-Yst@l=MGpq#&f5y%~iEMgij;T;4SEw_Ak=
zu;UVe+E;~<pq#~xvRCI27Nq|HRza!0lLG#)3DfLa<%!nwjg$qboqkeTt8N)MEAn)+
zQ9vZ>_XHQ8-iu9=jNsvE8B=oSILtGVRDxAOkOCg0&+<TeqDdL}Rhs8HPu$6;$j+EX
z6EdbGt(%8wGCC4DqIZ>Cw$s>BQ|=Vvi^C-tUglyU9waM2Hj4^-ur2^-ktx)jja0uY
zIPryQYlRGd=Y#YSMg`wHUv{9thIbWv!>6wlgq^uBt~_0*cpx*^-j@Y*BtU3Y-xC-8
zx)%_w*`b5H6fn!j{@Y)qjF;l27@AEXC2{c1)S)n|02Pn&)E5szO6DBiM6I?zTunZx
z6zdYMnZ=?Dz^e41^%WBq8~Jt6GE0&S%WO0)VNC9v)KLgIH&#bM$)Yq9EYC_QvpfwU
znGof%``(G{gmE+>VNB8v$n5zEW0Lf%LYh(SombxcT3j2Hc<jOPvRT)Kv(Hn6<PsYV
z*m1q>wp;1SXDP^VsMqoUdua79FDxU_5S7J=L0jmPt-<esbU-&;=t_fuLEN<4<f^Nm
z#4~L`RQ6`MQ05r<N*zLRev&$xmZT<khU8gQMw|sR0fVv1kQG6mGT$%!Fb)bx2e^g8
zPEtn`lGG&afKZG{QWHYq0E=JgDF|Kbvv=9^DE#8pm3pAQv9jtLLQCm3NcXsEmZ-un
zZ$ICB`uSB?=6-m65TfKfo{fgg_c!z|VdTh)FU2d6-6JNRI{A-Bfn7Loc+5P1ySsml
z5BnGJg<vWj{AmeOp}j}`gg4}Rw>3HJx1aaw^N(dis0-!vq%=t~LUyJlrOBNkO_pWS
z2&~H}m$D;ol_D%F7WhS-rn4{+u{)X-*-7bWLQ<Nf9gv;#8?8ywyZLf1?T<&k=}H;A
zcK)!!X;I$g{muO=$wuFW>h4marKcjO+BXuSf!tEvVZEgO0QrzIv6w@47x5UlCpT96
zTJ6pl4Zs`YQ7qPYAjCwO|DjC4&Ai2FTK!xS>FcyqW`jJR%ReWHMzHm?%rLn#B+*0_
zRt!=cklrX+7Dg$n$~c(?8BhJ%jfooBnc-+cW|*WMU~4+5ixU|}aQE;m@*500d2bQd
zquD%rmu6r{$KS^1(CkKVHMP~v&0Dijk9t`1CpG>MEEPh?+AGz;3m-9l2EnnXCxl6o
z5&SwWAx!QpAlnvK6$|TG#iAIhgn}w!z6cZFFUvR`n1dVH3E^l$LYSl-;8%)F)xgkP
zO3~d(XLO4}#<_Hpv5W2_|KzR3W;t(LqNwP->)BDGw!mV_-q<u6Hv+>$R|=XM-Q&Hf
zhYuU*2v;7dDF~IvT9xy))TJ6N4XWa-qiI_n>Uab&Hs3rO!)b{Ih}hsb1o`t^{+74j
z+iMSR9Xwj+D)gmwO1ZC9ButIV+O5D9SZS~UETZT-jO9Tz_6}M!a6eEQ|D0SlNi-lq
zpB<!-JBxha{xFv+JCjbX^k_4d7h#nYaaz{pfNN_fqoWDQXp(k71nBnLu_~K9H1Mvf
zI+Hd4#3^Aoy?23eO^EkAs3^Yt<Av6%YBQ#7SoU2!YdmN98Om5cDT#gK9oZc`Pcv%@
zOVx%i8f#!0GO-%3_N*JOdXZ`sK#bLC3s2&a$KX;bng<XDlyQTifq#YeEkKcy@&WCL
zZP~1a>O0u2N+tHi4jck>!0kG4Q3C<KVjG(Sk3tC8>4Vxyk`Wiww5&I|Go%B3;d2I=
z4+gmpmX}$=!aRwxB8egK;g(K2>m5zVdXuyR(n&Uk8pPU8K1U6JBiB0;4?2uwN@28O
zxOjztrKI)#rGj{W!PKu%xJ*wCCBwwAj?3`<k%M`c7uqO;pDtc0uUT^4v$vRUxAM-!
zg4Vre{A=&;k8{XAZcR(S#<o>>IX@no*XYpHVq3z<V9438pG`x&dL0-;Hb3IsIae{e
zNBKTbRF}KOb`D9-wP@BbsBXS}8U5zl?Pgv;UHY!Y5yL3_8e9rr>$P_;Z+`jCq1+w5
z9vJ8iuYZ3m<&uAw_paPR8X|L*K9Y}Wf0z1_=6Y2^{7<hGAW24u|FlX0a%Yp%WRNss
zkw_|5R6)Sfs`8_tm_g3SE&g_;Ks2FJfTSG|e=_m>Lj0`+(V!A=bQ;@TA?mjKWbmFF
zBSL$_fO_<n)1uYX8PLx&HMTI<NX3;KPo?qeXYT@p^5P2q+o=EWtpW(Vcx--L=o?O7
zenfN((=q}c5<qM~-eG7r3_qy6OAN&y*M3@lOmgcAtK+FD_vAA=gy{UDfoNLM0J*bC
zsxrvpFzB6Pyp94^LRUyu&LD~779zW7AevA#K++Bf(U_tE6qhk+R`UG4v3s0#I*3uM
z2vg471sJ&E_w`)2=PN8=q6dWB`o=rD%wg$S3*%p)j9}hX(_^Tu*>(uoYPOg<wPtlV
zJj@0YJ*66FEX5y&ZtK#W-p<8QGf$8q=FmjN*R2^IZf;4unjv8SEVioN4bO1gI{4st
zaHq3(e(6Fqt#pCh*`zudq<&abm67xnXMzRL4Fb&|{=n#w*e+d&CzLLbv~EdqZ8<`A
zNb>I9*-Nb`pXdc!9~TaC?VIDPbPU^~OlbTvn|;w+QgBV$Z3D(fWP|IYYvNkir2E2k
zQ`ksGve4~PfgNQrKM24?*aD!9i%9vVT%AEpDb{B-RTT@qc|aeJcY}dmJQx-+JYOsp
zax*A@_`x?2S|VhRe6KFqBZ-D(FP>I{K<;cZsti&`@)paaDOgJZ#D<oztRQpbmOZ-!
zA)ZizK++D#-k1`Ev9}nxSSN|{58rj*Mzgc>i);gk62+4W5$<2E3xf0jkr%wUpyFn&
zz-u71_|$ygkFa1@*q-2km_XMS;G`*Fk&Q4ScFaQ6cN`%A=k&yrL?Z-XTDbwavq_6G
zNHR%Zs0vvT&q9W+G+~rNj>#<mcDX@3q1=F^9T0$VJ@KU1L((6;eb8yJBI*}XH>>(k
zM7r4s>AlY}D2TOdh|q`6Eh;u&S$S2-Y#SVqj7T`g7?0pP>bOq6J3mz)PfOL4JDa>E
zgJcnl{8%d9u%59h7HJw(5#);8d}pWX;|ZyHl6HXa2Bypp2gu14`eJ%DgZCKQbl7&k
zi09uBLE%#Vsx75)znM3!h74Znk?_h%R>(@a;oO9ojt%vD?>OAYN<ii0)eBMBn^>s)
zn1k(=1!R?S!Owfp4A<Vry0cpBQ(AtKQQwxrw#or6U%acUW8!tCQV-^O=u=?*Qm>A@
zV`Y0mb%V5+Aa~`)W+z`F?dg*wBSdvt`2o4JN!c<;YQdPR87rbNXK}`}5}Iv_f&Sju
zE<cDTlpm0^1ENZj?Ozdt<`KQl2J8|<@p*(A&CV2;7RkKPQ#X0V9-9&vj}SRmjl)Xt
z4TC(7?O#BNHOAM#A*ejP`U`Kt_AfrJ6u$cpE@c4nui&Y3<HkVm%chYw6xL>LFSKK$
zqWapR!Uu$%^=NQ|$p-WS-6yQ9hCuda3)$v5#@fu>E==}`zQp>_c)a#L(~pYjv;`J4
zVN7C)57yK=8VHI*hwOhycG&9LB31JNL&8i_8i-*<k3aGG!pvOQtrrbPIHWmMCr5rq
z4v9X$KqH=3ph4~&q<)wcS-^aM7O<$~CCddDZ03tZWD)d&4tPCwfkr%`K!c<mkZ8x2
zgzQoj3O|c`^4^5UQ`uAG8d^}DRT+q@qV7MuV+w>e?~*oP?{yPKpA_u5zT^PX2vgxo
z9<{v5rR+W=pzng~2D%pA8;nVSg9Ia0<Ufmz<Yt8kAjldy@>!hr<oVtI@wD!La_1-w
z{3;JJR{C&Bl~v3#Ur3jp2RY9x5$3r&r5oD?7x9FG3zBw#r5#%mEKO1L_M>FxeQ(`x
zp)SSjfwsn#sJ*9mrRpkRZ_vroz*_92i?rr|hPXxe=aoTDKRk`VVZ8<e45v>k%N49g
zX%qjUQ0rhSFW@xtUOaj<BS#ej`R1HVe|{Z9Jgts_+_|pOBFHMKy~7x0%OwHJf<pRK
z@}E&Lt6+M7o9XR3hIm3914%o;^d#A^_jFQiK<~`Mb6{HwUiOlYz;w9M&Gw2BTQ!Et
zlqeg!fP3{Elr$k1)T4AF0M-w9G15Jhp2eg54p2>_>CzWR<6iAwP?4)>t#nSX>p`Jn
zL5pZ-_88AbmGDS|2FnOkf4~war;1gJ*O`Id?RpHlM>X%EtGAQaAqI>wqbukkr{oip
zbKgmd;YvG_G>oz$NJ7Dqs!CWii+z^yQ2r~=>ZB@o6=v?5|JY9E#}ktIB<+9<P-Hrg
z@Dh)X5D0Snci+DJSrud+Sj`uUrj$M}BpX`QmJgrp@D8zn4Ria3X|$yd&bbhkDSJj|
zfRGCEePW&imjm8L3*B(@)10e=m^gxUPUFp7sHV#c9DZ?uFUeFOw5IU~vo6=(PkqHV
zF8%o(x<y}qzW=601xtK3V$UwaWQp}UuD!oO|Iv20LQnym9tS|_d?V!rCYxP(*4xC(
zs_P2H@>nR(GjR|V7(uK%6YY>J0z>HKr+cK~t~L;kVPGx^VLZL4fFv1lp-n3)Aa~|f
z9F}ETGT~Q%D#<zHVVp8QigI3LvpB5W2(7VQR1i-nDj;bGg!yDNc6uWe+i!<oznYu|
z?5+94`||7k$A4vNcKhuesjbh+mXkyySY%qZoZLCDv%D(Pf`wrrSQK!d@gS{PTI3@4
zVW33lW|73smM0Uk<s_|}MQF0qqEX~JYWg~8W|$ibPN158X_9EiHTBT347;^zvCG?y
zbQ9RGILs1erz`XO{*gn>^_6a1mMRp-<-)Yg4zb15pXl)vdM+6Es(Fo}p{?nf1hmDb
zX|);DO1FWj;h9~iNcV;6!WlT&mG@nUH4@x5oAxUXw9tLZi~TMPLQu#TL2FWyWLQj+
zX^Cxe=Tg*Rp7{YQsz@3`VOcQF%Z%~T&vQ`}xzF9@S&5z4P9`L_N!kH1Ils4_Bz+5h
z=TiO>t#4&`Z}HZ*k{4ZfI^6iuWoWmiN(qPKRoV`RyP4`ldG9)dy(<o%{lTBxeplV~
z&cIz!CK%x0>N%Xfz0!YP8S?mfut|Q1#o`)=>gh$yM|<)|DRo^{8t>*AFq5u<vaw4I
z%>4>WAhDTQu4jGX+Pk$jruHbFJuyeq(MsEBR|gadgx*#b_3KJ>3&An4TY4>bRv}#8
z&f7j|)EZ8Jw!UWt+$0e339777C0OUuWvJHcx>ktZDk|MqPw!!cYZQYcpi$n#jzc$<
zAg7U#JmAnI=T`_M(<%hWox>`hm0Sd@EVGP7eweZ>sZ&<Y%7WJ-@uLA`oy4vXNG4PW
zkhBAu#IYrzKq!h{fneb3^}Oz+$7VG<6H1mZlAE{;GLmQne@x5dlRIZs6~(E@8Dtfh
z^u{xm`TmRrB`*`f1tb;R{9$MElL?u8l6HVU99t6nL5?7Q$sgr$Ejf-w&S_vLiAJ!<
zv<x!2v&ks|B!kbQDi6R8DVSeYao~#>g7j_{u`|fYgbXrCJHR4iGROq45TpZfN)vI>
zBPFb^^*;K77oYiH->sz4f~q~7#Y5CODvU`!X$Onm+4}D{eEsPC{QG(#*<#~eQWLA+
z*b}SuIbQ4kn&Vt_H2tXR|F}SOYY5+b!MAXO&wufsu;g~L6R#8s-pc|iGf!2`1L3P?
z^}K}MN$V|A5_fujmn0b>Z`1O-<jzT)a}mcGEAkM)@S>dYSoqBMgQ}>~g3o;SMB&8F
z?<N!SyCm&bv6!olJ4)ov2W2NoJ09*3c%Fi;JOY^&5h4Uk+BI$M2n4E<wyqO@aBS<~
zo%0i^$+Sc&xpP@$q5u>&&XWMrr!j->1SYR?1xyu01CFDeNKGarQc2oj-Z>vhoh0pe
z=RE`&{{1V)kl(|9jq)+k+DG|yV^&htmbf_P^loaBWCX`d%R-Vni&<P0BABrp6irlD
zoaJdMy@V);D&J4iEOw{f6FUo;Ovpl#w8I>8GK@Gyar|C?2RF5}FRaE$opP)tlR&KQ
z%EBp={_ZF3X}{BdCNkONxt$i``7OE0w3b|Q=b+|sQpO46RV1CvXeRG2kp?UcqcX~p
zf(Mx!^)9iqc*%q;9!WdQLnjXjCMm4IQ#Xa?B}-I7ns$q0@!SuNwVj-Ceo82rmJ%X&
zuF6@Q&&rx5aV4aCDb1LCmY1w7syNMqBq_=P?P8~dk_jmxl6IIgPR<IE6dIQLUX3M!
za2N6QpOfw(iAH?=)6zZU&OAt?nnRMOsO8t6SFyZiW)UmHGRpnDEd0W4j-+<FC!LV)
zA!*&NBT4o%fFFI>0RS?|1|;#{?7PB_+v=Vu>GAD_x2?znVpnVw%IvW(^F6&SQR9UH
zQ+ymxJ`Z?sPtu2N_kyqW-g&UjABuwE&cjB6=Eq9a<s*<ed=&6OwsRaVXF}b5aaXSu
zt%p}QH+Hz3{HXT>R^E%F_lqA7cOREC@*5(HU`UE#AxkGDi|&TWAGh0e`{&oMam3km
z@3WW9QvL4rvZ)}U_8KrA*c`&`P{SZEZ9r*kr8&dOW~JUeUohoqzdkPU<ZDPdul+!z
z(s_-f#Mg<CmShSO+4CUJ{K79QcRVq*Ggs+^%oRyHAn_F0D2YF*OY&!g#07sAVKR5i
zPO#1FYLL8dfWC~S0(bmb+70IT-sQKudj*24D=AwdDs<YZ4irM`0rD+=s#PtT+phWy
z@ds9wcCbqUl{YB;*wZYJ=lRz&Rftqbo9Ej5)@U4H;i+03oH?SOXDN8A@D_E$LD##d
zwal?InL^UJ$xoZJIS$6XmG~idwqNqyJ!&<%>Cs*E7OnMN?Ng)bgI12`{@YmcO6VO|
zdV;7SLInoS1F4zL=};w!MkuEV`KP;K^6|<^LAEi@D~7dL3|=5x)|}Er^t|Xgj*1{>
zX_8A#6msdF%%oz1v2tY|CP|#SOAAvw^Oa7>e37&RnusE^G|?VFkPQ~5>JFvusOx#D
ze2)#Gv&d=BSc#%8)=krFyI33AAoH%vufvrjv=6cVaqWXOAt?Vi;Fc1|D@ZIW%!iF+
z8~j7%eU+zF&w7urVJhVOi!>M%3Vj0;hDvO3GV^my*r!|B^hK$~0q#WE5ii=)feO;e
zn?2%>+kg3QNgRjaU)nvOh7Q(z3mdC0E<8C_eqjfgx`iRU@FezMIH<9zS(%j;DEb_Y
zrNchXYwvFg<_S>5aN5NImYBBhHcByJ<>h?usH8?ZC*w&HjnGIFGM;zC<ii?i&9{&3
zYyJnSqyF1zjAhCCzFhVIF8vCk&6Jv=UW6YOvpP-^78O3YND*{u#yQKvRERXMk}`4k
zXQp-nHl2`wC20rL6xmAMt0@Z4@XGt`6QPyJ2LT1qHx~b2?PKmV4cY=yw~cRHKCvO$
zb9W>Ynv{4a$2IAvm)+x_w$u^&Y+tEW1oq`vP=c1$?LTZo$Vmlb<E5%H!2XK>^|nHI
z<L<eCn{QxnkN1g}kMapx@A9`#?W-&Aoklvvdcv#2k9qe}W6S>)TV2%NV8&FxsrK6Y
z=~<uaNWc8CC*C#>D(PyY!X9ES_C_ejYp`qPw;mbk4;fGcF3X2EppoUG+0k0{oFV~|
zXoOasP$Y0SOg`SuGkTSE6`hq)sL!mgu&2~1IftExNzCJtrMv`0lqh4osAA|TO!GPr
zS(*;`pLVfAI-yvBq#aPFB-(zjP6vR@$t57}bWldC+#-eg2+I<hhkOrvJ+qdHbY%<;
zNbw8y09{j1?x<lV&A3!_)-GC0@4V2&Uo5+;Qzd=83Plu(2s*uwO~92Y8=kK!`KT2r
zlztkZcoGXWPZIR|ZV7N*3UXb6nm@{g6)W1m=^bGO5lKk&=|u=6$q0F#P=s(dOg>(o
zg{mZhnQ`-y8SUJQG$iQBXcG1OSs15fEUlp=l_DL*LTZe-$XLRwEQ_L2goV2lBDG5)
z(g~#yB<+ASlMUJi>vcb@ByYdZ;@A=1Io8ryg+=r508)rR7AB}NUp<L-JAde$1Mw08
zw&d$A!lW++1Z5Pekz5TRo}mt>wIoOW_6jaHg};F9W%x-T`GwctIsQm!5weT_K&JP$
z>w1s7+$+wFfpa`*OJOCpKbp<=gF{?<UtgY6KdZ+d9yS1I4K1W|{;+D~ODgxq&|(9>
z8G)u0q}EavI_{-;Ll|ztP@IZ3sWG8w^!1h$r7_Ow;wOnl=!^-)CwIf-V?C>VFY1}e
zZ*L&zOg(Y|co=D1Fz%N%i~O1Nq4L>`g*>XlQbcJ~6>c?QSG}YYs$NLi0X0F9fi`%l
zBfh}A<E^-xuf7wiVh~(FS<Gv-P}iQ;TGN~kg%X1hW|X0-YwYAsQK&&t$`l4b3_=T>
z20?IeiUI~gV{Ze-X1F;@k3OKfE?Vy+Kx4`iGHIQZk6a^k96qlqGTf>-85EEG5JE>)
zj%k;}<48gX=?ZHOLzl7g3SNFMnw2msAbwAu-BOtQ%F)o)%fb8YkBNZ1FxkZbfMMM+
z<x`vkkU$cR&?gg0lkSGe|DX93<iH7Dlsw=O6BUO7Xf9Y*mN|>7C@Yg9&Hc(<#E{x0
zQt5;eDUx<Ty-;MMa$1AaC9q2x1!;d|(4nyO=@bkWbZ{nz$RP?bgwP%*6>j|<JaoBy
zJ>Q5Q@`SxtZ<@sqMa`>s8w?J}^Q-4Vi0!79%REK<=d^!gU{2(HfBW(6SMTz6!P|BL
ze?djW-m0$1ugwlzrB@)t+9o4}_?+4>l4yhwPpA#M8zvuX6!d9nV+6A0!*a`vK}*Rl
z_27Iak}^tSmgRsa6lc;%2-Av%c?#u?SW@klUAr_bolu%a(he3NxppOFmZIqDVBdYa
zfnI?5Vj))Lv-d$>Za+26F>~UBV>u@;o?nfYPOC;EcMg38P0D<~gl4$3U>UCqR>H8a
zD9rsVcXywsb~Rc$p&E^(9cBiyw#>>3-hOo{bZUi;Ic}`lXYbz|2-QjhMEXnUe1THz
zj66b16I&eD(kkO-YI>x5wo<ct_A_=0P;DiCct3xzu97a12UiLL?f`J%LIr2Pz<7h*
z^2&QF85PG*W7o|+)MoNc<=y}CH&of&`$Ik@Q@!n#e$s32Czx#qYswv^Z_HH@l<p^1
zaUoUgv~9(rM%!#7R3sRI5uwQ*S0<`F$#23DDmuT&FP&E8NA6tvaZ!rEXSs+ti)Nx=
zd77mxhYIo_NYZQ|gO%Aue%XW~KazG(s$9Dsmm-n^LM*@^n)iU;I_^^p=OHgk{;!k_
z+081)8HL=;rGQDIVOGhe;Tn)T2eZNyipNp`$9~STI)g&-xQw%;D1yvAEF-h4!?Fq0
zVI=J^tBfcRySaBMU~+{o3$Ef$??vOimA)Vp<;iQhY;fk8&b}#xqc1Q&^htCzQfN#b
z*T&?208dlw=8G+$n?Hz#Rc6nP*;8YGTq);XE66MP4=mMExh|^`V(&DFcGhd^%RUfx
z<=vXN`+JDHYan&81>3lNrNC_EimRPMG_$m-h8vL{-V#Qc?iGT8tqvuOdw<X{3|r-)
zK*#{byD<grWQy^Z&6BXM5WTogA@qv^p1|r^<L9a`;<foA3`z<N(h)G)RplTM$Zc<Q
zn|`<YNw7Fh{x4!Bz<ET~Wh@_5so3G*12xlXFYCSc-ih0WWCQxPAxTE4kZFJh<jz&;
z$J{SxEQM@9l-JNvz)Mz^&`}VkNl^~mHg;K8HleJGq#afvV=BAcDuh}AT9tkRMFF1Y
zt@N0{dh%|p{IqIS(pp6SXN(ddi`e#h;Zc1_|977ub$2k7LGHE)dAPyR?}))>*-<KC
zUNt{fofT%V7r`=Y7C7#sy7u0w0xYPb=Pl&p>P7|f9(xlEh#z+Is_OyOz;Zi%K@VuY
zZm8t5cgdBgua&63y7n-zpcR1n&z1K{`uEta-3^DdYAB$jze7k;Po|Wfom7OMRpOwt
zhAqu!f|J;#DAy#U{G2i^l4yjSPXnePcTPm;7m4)LleCalWt{ucg_mNVi)<EGah{d~
z<(rvZ7nMz@iy~=<<$OeG6fNR3Oa<I7%6msBo}SGJmN=)zgd`fl64QVv$er_2RDQxM
zR{2@NqI$*|4<es&oMk9I`80LMVKck7Bb!j$LDK%(r3ML(aBO<zz1v8m=WPRNVRGUP
zxq{V`^P&X?O7Q_p0>Z60lFTZ7!c9H3t5J;?ckrq0g-v8?*RLh#RXaT(cQbFlgA!M2
z9n!0K2^0vD3CR<C0jc{S3QI64^;}LSJ-=`wn}*&%?p)7iJjpA;(pf5*Gz}xh;eQel
z#c@#bDi;GTj$N{lO(<C)Y2C>Jl1v&A@Bi*nSaf|tt9v*wM55go%X)n;x#I_a_MQT8
zkO}@cCrM5cjo^=IN%A4`vGH)z4$;3YR>^AzER<uR@K26s9)<9tQ<bl+4Ik9EgD5ZS
zP4izc6>DByDa5up%m{g7;l5nA-*?ww)PTuzd0|3r|9A>utgmDq_}8obrMi^}S)-mP
zj>9;Mp|PV7Gv@oEV!Y-)n*~w8OFx*+X72K!%+C8~6Y~Bf?SQN~w!HH08eaXx7ht~<
zy&EL`QISJ1Vk`8CwmPP|)lC5Vd1gb(mN+N3OcIR{!wI?NPmY~W5(dCnFU)%(#o*1Q
zbWoZfVsmLk;1#ad>Q{boY*^Q4#~C9L#&uE0Yz6>+fRxUp*(-0BI1J-ZR7K^x2Lxnx
z-Z`6)cP42E*xRw?DE21v)*X9q4!9PgDu8=m?Prxi2r$IIk+zHcHl)(J+^sM@3o>Fl
z2>-z1GP6WW%>XCQ<rISRbF<kr+zxW*JPLy(@HxxEJY`W5OIsz&0u~o#7AHk2>df7q
zpV`ULY(jFBq#a-|icHl_4O%P|`M;r3d}*PyV50Pu#+7u=8=RND^4eV?)rGdKCGV{_
zqMrW_ef0ke>|h9ZSaW<|2NA(q=cHOmq7ke$A=P>}O#V+abEs!NuG!zb8E@o>-%)|6
zZ}ej&&6{o0;xxib%g)ghAHUr0g}VM@_Mg|bHH3>?&#MEIr(gYld;isdsdU1*b!D3V
z@$g2{ocQL&DPZO06BEC$dG~lne`h~{)}dbvI}=Y~y(6=TeC8`H2EP3J(Aws+!HCa_
z{bL)#?yFP3kPFT0`f}c`n(b=0SX}DE^vCM<e0BJ>t9|ao>OqRLJdk9Rt)`b|?CXnH
z|Kb1Vt7c_?jhfyzi!YBX_AiU=U*32@1S;X!UT?f4g5y+DS<YAE3}h01r!M1Jouw?y
zW-}HA5eyqj3nr?#_OnE!r60Q$yj}2+O(=LEX$KTMjiiH(gj&NZb&poX=ihFwy!&0z
zmYeySip0Egto#<0y6Fo$?xjNdmT$Hzsm|qoZ6EoT4Ey`DYI-XgX=osT{^k8EYY42m
zB6O%*S}m3QI0M_{Xu&C7Cph;7u=Y*5?fGIObdCS<A@A=U4|rpB8mlB7P7Z4kz4Q0E
zDq>TkwHJ5>_<8}hUq11?+{tSU^K*-)RrxG^y6!!xLG_J!3^l|RKlUsy%|)YH0?kkW
zkb&;If=YV5+_iTr;5%N-|1iGGu`k0qANJbm*Zc%w`@NMr?Db!NfnpZbzHZ`U1z?p6
zGp%nc_>!{x&H-j3iAG${6KXc@hROd)*Yjt`GfOunNrEb2l^@qo0uV3`h9?eusznf{
zl{>DV+tniZglZ9z)~%9UTV8o@-!{kQPQG){LBR+|LhrMdd@L>naop-*$k2b%b}cDi
z4r|_(%-TYz6^p7qBAA&xk&Bs0qG4vvrvV@hk)O!Sy?SDD&kdIfaaTeHpWtZn!E1k(
z!{8cLrg_1l+K*TkRDvZ%Tn0htN7c+-RhZjFE%}6^7Ls-_Q{~!~U}uWrwgc^f`n|T4
z8eH<B2Hr8?IsFu~`3mAAVD`!%<Tpa`>N$8gB+&?7orZ@qME=k7i^ylDB3}PzApHCO
zrDwEf;@akQZ>{UEUhFwXuRLX~4}46%kJT+-^Aaxce|bQ2`9zDDd<%XU7j?u-R_B!z
z*2J$_ktPKTgvdoWEBv5zLzU)s`A9yYe1xPO7FH6m2kL%@f*vHbF?^3%S*n!vWnC~K
ztmo7qkVGSdbsAL65cxk*SgB|J=L;(u21+3LX2YNVu|WUR{2s*4^G}sJ>TzbttW5GG
zVsTK!EXt(l@j5G57K*3{sw@s8_XvsHF6PK56myWY14f@?%l*9l(BL<6rM@-0&&aE5
z6CTTqe*?!#GZlV!k7BVlhNAbdXbS1GfzSE+-trjRHMgpg?CL_&G(4wdgd`dv!P8(#
zhRFZfrXe{xCCw{8Em9U10l@Lc0In`l#xqexMK}{-=B`-D?TVFrLd6P6JHYo8S%1r%
z$o@_w5tXO3_#b<2k6cJn3idePVtG}?vL`drH|p2C_U@YUI~EyIOPeNs(-y31g`r&6
zT80pubIMpqq7i~K4gX_^{GTm2)PsjLpv4B#E(?>8MWv8tnxE#Zi1WM>GpPS_XQpzy
ziYA{>MMKgKn`so~J}RTjRHIgayF#zx>1FJTLEi%h7XZjgQ^JI0g`kCTIwd$1GoL;a
zg(Mll%F`-thRFZftW1t%siLw9{DRH0%x6)U)+`rEDVe&iLJ`lRI7;2DY!|8I6N*$w
z+JQTOBD?wRt-b*;8c*;rMg6hX!?sbo!b~iyb$pKC4T^`Y%5{Kz=<yYBSMTH7JvIIX
zBJf@Th0+GQ4^~!Cm<wE0O$cueQ0d-^_WQP3dzbRDUj3C22y(s*g%?gzjF5+EunI%u
z<6#v#7-rT1EZ9B{<~%5=pdLRgr2QkZOo3fSqKX+0f|?~!RMkZpXTi)pmom3&Tk;9D
zEhO!LRM5342I7(s2#W9<7#>|^?P|9y09&E%zzaMzz`23RtPly7PFb@=OhPNSWFTR+
z`mz8lm2EXjdZcVTAPB8kO7lvKsnUzeVYJXQ2c?#}Th6JWA&Evv(=>d8A@bAl4eWQs
zz*pb&sQaCuQDQ~ChnZjUw5)v=r*XuhD5zM$3+ZSVJW10)#AP@T-m)ut@(C3^B<+A$
zIkr5})1X$;aV`{-&P`DL<(B6m1?l3;2D@?OH*|q>qc2n*QyNr%7sa03yfZSo<=>&)
zYz;xq%^VS|O9S_#u!dmrw16f;WxrA4L7m=VdYxYdluxJv`sCR8q$*1+yQ}28{~-!X
zIE?x;-ke?SqQ1J%d@0^Qz2%ku#mDN+yt-2VzW=^^W9l)lJbA$H`;{@88x<$r!Jn^8
zo9q2net-6d^@_Sp_1gZ}6*7q9!|-P;TG2HtcoM7XWbYhr@UPeNiu%A8F0X<&sw!pw
zFRD7lE`@38`9jE7A}v_?M*o4)zDpJJYbAxaJhJqaH@os!_^Mm2FZy}Yt+-eFdb#(~
z-dre9!s<eW7%%bdys;(f)vNs%t==G^?<fZ2B8aj)la66HOH`Lw4$VQ8h_XP0^{k%#
zf9$<&lN+~|Ciqvlv9n`2qF^VG01}7^e~=~F(q7BfO1`(JXJVoQZ&}3=i>%>`Y~9${
z-@Z7=OcEv4L6XGn-j0oq==N1r@yU}Up9Bt`^EMMr&J$d8MS=^8omuZN*b|4uZ2d!)
zJT&Da^)Qa#mR+t-9h|>BL7p0%&C48@cdkGoXDm;3ohwkwjbvV^Hu|5wjqGWn|7m-}
zNy8MS!Rl6qqAX3DEEfTOxRyOQw#c5M$vL**;HiT}O3(2_->Ov6u~~nuPy=a(8Bp8h
z?Q;EH^e}h#W*^_LU)*hW`=P*f80P}TVUU%xUqSWlE#eyDH-?f6hs=^IL9ZtlZdrsr
zQb-!oG;I&v{S{HYi~bn*ipQ18v2yQP+R&U_*QW*G*muRgBd^L<=lO+!UyfZ4??OC~
z-@(>m!`MA?pPYo{C<;JM)<CP2-tq+d#=oZK%@~`o+rZB3IN}U4Riq8PEm(GbeO5>?
zzV7>Rf8KpRd^qW|nSRIvgZ=dNrSx4$mK*YSA+I;?{>!xwe{TBp<2R446}RrwRfa#L
zE*|G!XS_s8eEt|;@WXNqxs=bU-{v<@-WWKD@z&BBcKrLD*}YB#d<Xo4T;Zn@8SYLm
znOwPe>v19cPpc4b<coLz!{R?}A<uB|+;)fidy~d042SvOhW8##rLiv0zD;?D`4w&+
z<t)O_*_U+l#Vy}_^%kFu`NlW(><jxpEa(tCe006XZeBz_vRw}S;>>NVFs*7_TmgGa
zcxN54)OW<YKJ=|@jikliytHBYGI)K$1&*Cl@{3mImqC2`(<%jRHyi(GDa_iwp2k<?
z@vCFwP3T~eviwGP*2XuDLW9pEB@Ax*ujW*I18r&^VB*gjPF2|Ac||4%4mxA~tm-C#
zTNXlg4Of8#5xK`%JS=D@1hFD`E<AItDF$L`)8;I^J^=y8&Tq!&<scv|ETtX1e)at2
zm%H)P4FdL$G|DMHn%I`@%Fqlw34&iur$ShU-5kC}U!7`@pfy`GX89kvcU`?TfB$H2
z{xbFF@!s~|zj<PF`{sZA_iqvf-Vaj@e~)kAoB#3cB25Z7JVfZVR{+rmi1tWMINsq6
zC=1!!MxJl%!#A|;JJz?+#fCu<N^+t_5Tp~fZ@b>wV2fQBXv6d8`}#x+96P_u6nlfr
zR?Fh}Q)bbx&woGWIY8oVFdp`XM<uk-%VVfrf%$a99%SQp3!_H?5BZw-`*>ZrkHYco
z>I8@ct$Ca=%NLa6eN`TQeEg!9_uFCr9zMq(9%b2O9_I9Mr&nPQ@1sk>qtslMnuotn
z-5J(<E{Wu}A=LMV*pB(QJt`$N*V1>z5;59{{K>gK(*noNG}Xa@FE+dV6FEvqYaRSL
z@Bm%bO6S-lCm&kkKn_VGX}{>2;}0nw{Y0-E)Gxa@GXsa5@r+euX1py}zG}-Hni~zW
z)YW_D<BMFfXYN<Ke5cF4vqxLy&<Nr(AiU|RbyN0de8YTvMnfKa?87&`7EZ?}-FK`d
zyyu2!6`f<%G1f93;-XM&q(~c?Kls<@rQq1v2fx@pWzHkUz%K)gEXy0CWUg&`JCB;2
z8t7H(LpFyHemqSYxQB-Wx_?67Y`=Nfryka6_A5*lm?lEQx^N3h>og!FE*Pf*Fl-sP
zq8keiI%6TINJ;s%V3{f%jFybFT553Lk|Sq`FkUsvG1v1Mk)X@Dczreqj-3(Wi=9s9
zn23R4--&Ay*>4CeO|bPKyG=?6jDH4aEl&qYNvny;+06F*Kxfwe%gol}!EIFZ5$a(#
zUD$!H&fZAS8scG=S!f$$jU|G2X(E6lidqN*QR8{=H27i~5^YpYyzBENaO@26&dZlT
zh=+lbDDeC5?|=&MzaQY#zub<+s0ar?#N**+yB{arPkghVPuQW3`#$ADtdAE?r^Lt2
z{xQy7(HsQ_ox!@QITW~M+8D!y=?RsxC!D)@TJ2j&tn?!8$R;j$#l}vw(K+j`k6Po{
z8P*j{&a)2h>5#%gsnq|8eHX@e4cY!*4SgP)f~Ofgsq6TDZ`?=JdA>M!jYG~LQC097
zx6G8)At**Ha~+9viU&8R6_Gy3UTD*3QTE?x9=xU%!D|#-CQ-@cEQwI??}s%`p;N~@
zIJm>P9oDDGpPTwjjQu2DhN=2K<?fuM&$MSQ|6KI(d<OGIcFUAe?5EdbyhHC9=N$@}
z=N+w!YonH#ZkSij5o#f-!?l2>i=IfvjqRGgv%WZCnbJJ2O)KKsD0YT-=LNOrQw;Gd
zjVsx-x7m$PdfUUur)gBcG;e14L}dGvnTWCJ;&%Qx<P0`dwe!a<)6N>oxFwWzo^WO*
z(JhMy0j0dK%v#r%12Z%a57LV8Ac~z~Q%!6T1<!1S#~GN@F>?3a0)}~f_3Lp_N=ueq
zLEW3%+~31-v$#W|_f_E5^+7*c7xY6db8WQhnI*xc>dQ2fhzcSNZEVwcDMVS?q<PSf
zRs{V}><qVRB7P`%j$3xK&s)z-TpAb#e;nchBePQYI?)R@)6E{G6m~lWN?jl1qg5^F
zam$o<hPIv)W?1yx730K+_@7=VA*^6l^O?;rk2BGVI1`GUq11T|=n+blB1}U&GiV$C
zG_Af=ykI={_?yFnPg43YK<yS<jIBP8zfD7QAgdngOs1wWsnyqEn}%uZ?_dI4YIwAB
z=Hbb)!><eXUOGFXpfea))n6XB>^twgvzjzs>*#*Pe_3NJF|HF`6MX1&`RqvZcnz(H
z*Pz%L1{O@tGZ1Y~@BIR1!z@<I`{jNdl!Tuo-#>b3+8K98$s!UhO$|<C2U97?e#lu*
zzkuWh0Ht=WV<V%XdC`~+k>&~R?m!B8h!okR5NjG4g)sAq&h|Ly3}#kDbAByYwpy~L
zRf16G1L0KlMAPWm8O2Q_wPO98E0+fpXhlE)#m+FZCY*qQpB{NR^nAOETVGngB3oAe
z$!xD-={&ME`gyQlX1_V%BXLuje`0fDXt<61zK55N+=MZ1OIURGFkUEb@}HJ|m;-;@
z?hOPX;u;?Q+;78uh=fmfIb;y-hHjDRR5K=-4Sf}1WYQmZVKs`)k1M8;5y$xFT_pbX
z(F<A^y+AEX?^@{uBTYQX5Z?EJ=wN!n+TbXIUU0q~y`XvYf>uN?Q0xrx3nme^V~BAI
z%`~Py{P{2mzvJpSNOh5Yw_$U;H4k@bK-t)hX6W4k^SJsY)M}@2#c*zUgkNvgWVmz~
z(=4`l4kLQ6Xm%NjID=z#feO@eJP(`JH-R*Uw}iJco@E*v&&l316M_pO6bqdw%>xy*
zB2a;1XE;_9sK9Ne8S<agPJdW`TticrXaDWLeY=R98KmJ<R&ZiePQ_zy-KTwop=j!n
zGw{^XdRz{ZrAIwEomqdAdd`CVu_y*3={2DZ6m$kp>p~l-<)$&tE2D|jorq2V?}_4?
z5@v&J8?AI}i_I`8%|jcsBD8^GXLyR%(3Sh@;lQuX+fQ{J`d2)7Umop1A!qQaBHHn`
zV7YR5(R@j9-cA0Pn>QwXrL4RBhYv&J{Jax>`fkF0xU1|M|B_$hU%t4;ciZ6~kOA~W
z3KF!<fA;9Y@$DWvIQ+|xoBde2IbQF}xk~w!@^X|s$LZeu`Rw$vRFbkpQi;$nhxIBb
z8Z1#kDyXBBL|NLCuIaUHMBll-Tt~_BP!y{OMWNX8LyyApHfOWp0Q4%?h6AvLq8JxI
z?*f0`QONxB&g!B}sAUz53XSJ+_Xv?vwrz<C#uBdEUbdQAJ`-hPd6bD&M43?R45cvG
z+&+Q=zldyN<bX-Dk0X~~1wD`1sh37D(R(X!>-v}ztBX0ImJRn_N#7FD_a-h^$`LDN
zL!1ju7oBV+W_%Qu$DCM2%n8NLa0_h!e9>|>(+K#f1}RUG?x{{G7=JF0E1{4x_)`&A
zdRwskA6-rUqpQh3psNW^Fl(Yi)zXfzG?&eD=x^dFX}oh(dewERoZ7?kz$L2)T%y>S
z1qy@BZhk1RtnVY6;lD4TAANJBGd>DBWBscOf})mr+nXS?Aj-6iaHcgeQU}uXEpuG(
z$kG{iKM#VkiXbS8ouTJ^S7U^p2=FSAA9LXTf2#JQA9|7f*9Tx(T>uuf+;AEi;}z*F
zjqI126Vuo({wFXI0^{-2TV{VAfMpc{SQI<M{(?z__88*dq1un$E2{RRh%-1=7fMAf
zYpvUkDoy$x$`Uj)#A;^<RbDapf7=#&22+-YQdvbP6~)eQ4DA^_x5A?K{((wA>Mi`6
zO8)3uEiQ=Hhd)_e_!G6<a&4$^lnB;y!dt3|ZX#`4rG?ibIMdH~t9kg7RfIoL><n2k
z*eqE~g<D_cL!tZq|F?-z=$k0g@cIZTtBa7LmZhWG_s~aLQU?)I7irkgxO!5n<MF9s
zY(~||Bc!Y%LW*MN>RD0XED=#)JU02Ixm|Cf6X<|b>D&&~*_ls|id->zt~O|+KGbZH
zI@bp+SzXW)wcIOC8)+C}As%BmGmgX+T@v4NDue5T7sY84l;uH7RuQyBv9r{vsmMaX
z7trU6l%*1Du9%^UgU(=0T>%zqnY&<kBO20aE(teKJF0^uwqewEt!o7<?|W??^=d1k
zUMO~sH7M`{=pgH`njI%syo5hvX#p;sn$k~p5$d4EO4LC?^VDhUqFbnC&7|Z`HiUPf
z9oiNvOD$1eh)xO_q$)?Z+B~|2-rhOX!LYN`!NXz`b<SCON|*V%8}XH_xng!G4myK1
zb#W^cr?}`v4=t`8i++vlI58a)M7W@IqeK%}vAI8O^SD)85w}9Iv#gnqTp>KcgH>O4
z>%dl<e?M(I&^J>g<n@8DwywYmwQNljv}KaW(0IawQ$z_)NyA##H1XIcY+0sg^EgFY
z5vM@0vxF>`Sk1;zQTSiS8FcSXGw6=(*3!u^+#2@;FEPek6FNXaXE3HNbbwm!X%}1@
zPi2aCarcW9A;wro9PND{c;{Vt{4Q<t&_P=fIzX{ytpJ6M3)tU&4O7dpSARk%VE2A=
zfH2_S-u;SD2)p7>Nydtw^3aVhi#h>;tZ^Sxo6Tt?N&MyKp=~zIka^gD-3KNKU{5TL
zyMtZBT|;Oh{Apl9&7he5`r&8HiAV3cNXYBe{I*WbM=g6Etdg=Ly>gat=RMIpI`OR6
zva?V>s>-TCo2&V4g_@6IX9!tSPKAQsg08fK-8Ab2G<IcAn$shJ{^?`jG}#?v&^2XG
zDCi6Z)oJyp<<7UhZ@>-HCi?Pm4I{?IAKPAZqVcWpq1<}3&9(ZrLaRryGYl%2L}-H{
z{y92NySvR{<riV?wx8oFbnFql$(OA~3XyKn)de$v=Lw;ZGni2)jH8x~lzr2CMVK?3
zaK=JB;PowGt)N^{);Uw20MX{ccv~Tiqu3c{TwE7~A~I$iQdk_DpoKBw@^)h=<P1jC
zY1F9Y)>|WmgTd!KI?OzB!?ey2BaLA_6{@r4DxNmisM`vS8pX~qqF@qX1crD&b_ILf
zXbk!GuMwJ2&>7!<ozRS0ZsJ$mJ1a?J9h~4*7n#6%;#}ui7zxAt%!-f;&25FyjACaG
zOa-F|126=fk;eKAGPT!ro6W~*%>6)*$EgHq7-if&cDr$?-f>XTu%jd=HXguXiefy}
zBXqh(fkr`R(5X&=MlD+_bqBr9spSyzGCfJYtZtl>+L+))ITeNH3N)`!piyjjIVqWZ
znoKBStg$#9dKP|bhG}PhXzlf|GVyPN>#=m<7+j4cdKeNobM$I6%rp&urY76Bi~DfQ
ziOL<Bhs|d7G|SLi#kVXJGS4wyCsm`C`@R(|q&rao^IJ?%ME6b*ql9UtZ>4F=O>}rJ
zRr3m|8pX~nStX+g%P_<X2&qGe9lA6x!gdR*P3qyD7OY+5SUi72I_M6hz~$eAA66{L
zU)nCi)5ASp7c8P_ODN(DuG9(CsAZ=*PWuKT8sP9!)ke?8M(VUWG+ozPWoNjO3)H+q
zphmGX>rufZ!W6WFmtT&q%`sajwSEt~he*^k{LI60l0+A?TSks-H;1&+!0X`C-`)?d
zaro2SrOuW%?EeVEl(aF2IlXq+`4C=RBQ>L-GpJQ3HKUe$70=RK_M}e(d@SvV<;oG$
zsV0(+H*DsV&2y=lS4hn$c6NYI$?B|BgMwd7)7igh;k<d+FYlq+^LDkdX0`Yu9=Il7
zDree$^Fa1MKj<`_)~bio8@U-tdmLQ?Sw)+}?cL&k9hUCnbnV_OR~wvz*NE3B=nM|l
ziPxy*_{6%FMt6&wrjOn`bwr7t5^CCxxrY1R&u}mouX%-djbi6HSg?u^uh{f!Yu3Be
z^*L^Qkvc<5)ietQ^}f*y7U^)kbj<6dW7IO!P>!Sf=n6p@VLZSQ#S|q>H=^rAt2$lI
z8sfQh%qyg06g#uqU7QGxB2J6Yw6s{Wi@s0Xz0wd^7<!%!l7&t0{;=9FQ>Y;>Oj%_d
zsLW7T6ECtlo(~ZwT_Yi*pfi|MCn2MjStpfNjuO+0K)8Yo+MohyxOQ=WqsHoTCK1mi
zWL_a5qu3cHVX#;0xIz@d`Y7;403<ljiw_@uc{CblkP7ZoitDi_^C&k@A$cE;Kf=BQ
z&ekL#JXWCN*0p_#D6b3mR%F-pGBmG~p;61C53Lkd5}}}!z6(CCSgt36$~Jmct!idu
zXr9Z^yh4UXu`}$tHa{B$rio}zL_%R*TANf0zZ<6+z_0!(*bke?n!()$r~Z4EvOG3!
zvwG^#`MO{mKhRyTSMxf(8nxUT$u0Muw8AmM8{QG)V8EX6z3r84ye(Jy@m#Ow6?!#_
zogJ%JvWn0K*T&PtRycm8F~5snHn-86j!a6s+$1uc_P!JtwUAyEcDu!YHun$zW%1#c
z-_ntAxlL;rMjz}R3gXfAdN;4ryHU%n?TnB<5YezEdd!>=+d4~}?qpDnm0r$lY`Nae
zEA(y@JI|ks1#c8F&97J`+C-mcOw1VS;nFE8x=`atxxd5obJ*S1K6=xi)6!!;#g|Mc
zF?a#Sp38eap^!7!QzvhumRsL7jk2D|6fLn$OO!DR+IgGS3ehQ9Zgneid0SM-+bDLH
zJteD8vj;^S$3C0Ii|uB&Bku>=ynMgd?V&{YcG$pN+(}cJ<<#y4Aqi>-CkYCfCyA)j
zr%}t)c@y2|cnX7|&OGi+@f6l_B4jU(3>{Ol98wjzJ}oNrX%st8lHx>)xV?P%<Pfr8
z$TvNV_g-y2kF65ouJmTNS*5zMu>Q2%Zq~5-3?;a58e86`D)abK*v>wTF_KrOmoA<?
z|M2SD#itfw)8(y!P{<i<s#CC0%L-Z>1}8}HFqz3oMKtdy3DMOtS{Z8F@;oq+E7+n!
z!A7xj(T<W)ghUwPmk_^&c-9(oyIzJ*zr`&pvgPOH{`JA8GNAo7n0o*&UcCAK#mhmE
zHhs7~n5`cipp%#6p6-S6x^NGr!xjoUgFtmUHEOxztP{Nv@c`e%!<Op;v5l65#to}g
zeTWNLStAs=PAw{QY83lhHj?($pDwIcNLcDs`34X&VThkLt5tlHZ^PciqtpFEa+ecJ
zw$Z5>0wK^@DQ<EQ$bJ3>A<E@*Bv8m1G^vx4QOgE;j7bysD#c-rL}-a-T^pSo)d_2;
z>S;L-TI5o)sF0FT>_s%eE^^X;;y(87&0B;s82sq+Ob7G_1B1xd)70g7#RaTKac4UW
z+Tm*X5xBE(gMO4xFMrfN=;jNl`UVCN-a#GFC<&x)R-4;fRK`Ycx<JJ1MQl+gVxyKl
zZ#7j~5$9Q4uau4Jm9&&}&ML+Q7j!1BCUOy5REXFp_97ypituK=+`~{WeBr{NV`j<y
za0OVkjtv!`{}!n><vC++_T{6xQOFrQsgtNt%O?1ii`K-$SI0;s4I{cU(DT7d=S1KQ
zD=R@Fm#9UBM2%uE;t8tlW<0rBd^p%$JWeGcc~_Vmk6v!f7cr}_9cJ&YH~ZAZBsxtg
zl_=#M?H0R(yMvOn=%&NM^?9oDFmAv61c&{&6vcyGNdCJ8F(CaZu2W;McF>!WGBtK5
zyg6QU8*aloeKwK1%Vh2JwiX}5=j79w#eLXsAyfO<t7^IcTy|&)m2MfbUUra`5JKuF
zMVr(L4MIH!Bm|6pK!u0kdL>=dDe0(XspGO3*UNZ1pz*9}8SLNjoY0ttacaExp<K2r
zawT0<DCsEnqK5$O{4u{+&Ojs8KZbQYT*B!gOR$@A@BDJNJq(Z4!XMI0oOv+r=_B&%
zg24iTuGiB=ot}<bR)%*SOvkZYMFLUlhz4z|F+s|}gy+7TASH4=T~z4lDE1-(p=sIk
z1j3*jn*wv=Vl+B*V?uB0jopVW+|j_WxG0ZnTNwMMhy9Qk41b*V?BQ&2bpH^BU6W&u
zg3jPro#u{OHmwPcIZgtDNg>iUL_;$i%SE7_mQ9$M6e4oXT~ui9DE1<b6&srr&J-B#
z&5*x)YHPAP_OII=AUi7M)r~G5G=m+FAVZP3nKBZNo8wq?{_f4<?J+P7<-Uv5`4=|K
z;T7>sucNmZS320s?IxaImg`8_u_I$V5DyuGo5TKg1HYV71$Q@Nm*M!SMfUEWB-HD|
zJ4PdpDB=wE)@lBz<=*<9JI6=}k;2?}k|@_w;+g1sYq>OS+0T@@<}WKWe-wKOdrLR)
zG;dJ^#H`;u>a;oaFi5$_L(lG0kGqj>qmVnaAzqCyOB5Ya`=B@DHVnG(v9I;h{6g;x
z--1!dJi#QLb9`J~+l3oXII+>#wryJzH@2NLHk&4Cj7E*^q_NZ3wr#%ieBb}`JF^e=
z-uGGSTKD;8(D9{lEu+hR$0VF(g1@)1PGVXKtuKoO)MhNHyZzI<Lqw||QN@mz05WW1
ze<e@Ec%kf<T-*50vl%DF2&3Z=em3_MAsPy$t}>L)=Lb6KA#x+gc=Em$LKlZXgz;93
zqbmx|2zX67xznvcjjLL49*a5$uV2-a<ZTB&GOWs(r2OoFGbHBq$q!v3wYwvxz2&}5
z0-Rq+{!D`fzt#_B(qDrVEm%3OJL0G(yfm&X9P?^NNj%3|syE_FCih>qSuSE|kNxY{
zQFbdl14Ztyc5w5*&x#||B6o6OU(Uq8V9-p~{7mqS<X#fl)DJ3HlqUIRa0k&i4s}_E
zp2Y$)I~R7_uR;~&swl6>%#e-OLwkD^QV}VXx3rA3pR5_02G}{ST9d9riI^Q8_ng8b
zIDyYEIY`_f*5$rP2N*CVh~*`+AF1JlfhC`!6zs~c`R2~d8g1lFMXAG+W0SD?l=Rd(
z!vYAT^aZHk$$)jfv*v+$E##*cE*vgL$fHsG<>~0SJBYnUs0^<dm~I?o*!DN^v=6F|
zN#MI)c<J{#2sJ0GZ;|!UG{lQI07Qjkr(dMrULsnda4KhS!7k1j{L#3XaS)7RU5Do7
zgS*)m>F_)V=;8=lwE%`>Uo_zN2!Gt{>;3a1+X+iR0k`hgrF&->T^wx@M)g1X14R+u
zNhk+?)&;>ONsi;{l)i~tW6)!}2z6vt-%StUJ)EJiFs~1Y2RV@93Kxx@6(3xMKA@o&
z)^9HJfJnNySEmzDsrWZ-#!VE?`FZRz>Lq=JsnnI(-*e==aMlTJTgj637WJe>l^B0e
zEpD5Kp(L0d%7z^FmSDUlL_Bo{EIIydXCykQ8S7Yyn>g9sCe~o$seX0>PW*-IGzQwt
z;I}k-I6vz-qO?0_9c`==Sz=xEo^!3CMEu<~eW)>T*!upmzEg6fUlK(+TOA%+C%xzw
znZlL#vohkCdh187p~KB0N|W+AL3ks}#t7-nH#pT$p?-`nWZ(01C6hK5rQyFBq<m=<
zkc0%tv^vk4#~=OWu`aS-(c)8a8M~V-gsvl#17C(?f9D0k=qJ{yP_R?@>I}LSNfKNG
z_Kf*u3S6_tu02W*mT;Uxq))~%6PLFcjaYcp@iH`KVhON&n%pP8gbY>&9_KE-rj<C;
z^ts>u7`QB1e0T3$J5(bSI~<e$0^a7nRUt~}rH0*yH?vUxNx(daRx4OdMIWd@Yrs%A
z!RurMN)JanK}Tm(-wsfIq1l;$!CYp{>3n^!Zg;Hz+D}`uh@=b^#YBN;Fl^b~?fYs!
zSl+NA_N)(-znBZ(Y9C-pvxznnK_+S_9j6jRHgMmWzlkZ*rM`OgQr`9Y<IEIBi^MA`
z9J!O>=MNHF7@$-c>#$CN&!#r`k`^K@W_yfPyKyh3gG0eMMA;_5G_BcBsdB~;C$E)T
z%o^?G+`Jsit`sg;D#`%Sn;p>1-JY<?xFMSR{qB&}*70q3;i=~M)l5BRT^#U1<?ukI
z+5CIjY?sv<DW=DjwcqPg;ud;}e-K9z{O;6L#UvA?hcY_Vw0K>!Zk?FXN}VwhPjhT;
z*67w&Z{D;o8eK&u6J&b0?BTpfgn5l`p_ty#-Ip6qY()JUrIkd2$dmQs-9&KzDCloi
z$8bBUF1)>hdOCL?9$;c@dum@AT^Mt7`Lx$Rb%6t{T#lVU;+O8{HRiQ#OAL_nln$^A
zP3!h@gi+9l(=s<-Ufg__(ngyCix5TZG&j#Nk6~sQ2n3cSB$*fja#tW+K=OI<vpax)
z$_9Y}DS>P<Ps-pcL?Z*3EwtKq$Z`$!T_5O^p^kFjXv(&V%~lO>7f77aghp366X0ao
z^OilPd7Ds0-GG&uC*<gCH`aP>zq1(hzlh1YXXSji_N_*IK;U1zCk?A&`u$xmo?7EP
z?oQ&jkfM@xL2Pp<S2hkKMsb?CVD*?df`OzASoFp?+~I+Y_G(m8Y`7dR*{gp&GVN=<
z4kY55=7l7I%Q_1Zx!moh`n3MDCXw!<2t@?G0NN+Ph^6M+NQXi41rpzRdn@9`6eEQi
ziz@6>*bA5!iQT-N^2-5Cc}w!W%0&bsU~OUWY8Lf|I6lD4F>BxFn$JARUW+8{b>Q6O
z_y=N2FB}j!mGh1w;EHSBnXT48D{TCk@zh8#YL4n-Fslg%lPy}^HU(*eM~9_HBs-5s
zN7mU9dVm!qQU)3FpdgwOvTZ=DcSI+KNaGPeD|T3#x=w(^)yCa^WvnJ-hhQnG?d1~C
z?dB{p6TBF^apTeqcyxkM2$n>~X>|oF)#WiPd8zF=2*i3Aoy2A2o|xp<cO)|Ml$w<q
z+18_fG}EMU+oAzb(b<P6D_n<tuhXy3(=7=RaG~NY+t#RMidVIgTT_bESt~#hDdm$q
z{<EOtA!%d=*es|pn-@*cM%HpsMeN<nTo?|*TlklyIZ|@@H`%&#?)EpsHy2BfvK_~k
zr^B){<Fk8yj%^tjkTJAs)zqWW@0<JS&?=@3ut2qQvq-;=u3{?MY7@01D6dvwr;i|J
z_iNOfBfmV7DsRb~&WKR)FRJn(G!Z+$M~~h5daVM?i|IviD-4$l|A=AP<<oketl!f<
zZ!%fvhHFo5w_(@i$)4|A9k!Od)n^4y11_+Va<pk$T0OfVyftTnF|^fhQ*-!{rYVa_
zpDjuSPP{|s*E-6d$M7PC`^1>ZWtDu-`p8rKVRf^qn-rDTiyFm^EM!4HcwI)~7Sk!s
zwO0;JtSYZS!VV}pKm4t?fpVpLrjf~|*AFj}V>*YHSyo@1?Zbh6NN~C0voLZ~YF<gO
zg1;?$3Q66u%i=fWQ}EkV3jcIGRw>^_*HCl#hNem3U-C%FaTJ+h9EK-4KM)lG#`E+2
zHW#kI@9FB~HEnEts6*5Ar7w{Uo%@XB^SQZOU;=B7sw*`=(YvmcPm`!|+}E+RS<t$3
zajGv~y6$&b=UjV>tQ_;GH94L3yk^*+cvH*a;GWSE2u!X&7~P*Yq}~rxE^BcOvJ}B&
z->j|(fEl~BU*CNy&|62i#xd6O?0_!2!?%5mk>9Q#g%juvDc0&`h8$<n@5h)ONz+|P
zfY?Qv2%V3Rw^iCJn%Oh)de|$_q$!kbVI6i=SkpmjV!xWZ>WlL$Kzw;FMFyHQ=V0s6
zyHw<J_ZElp#DphO6biekH9y}LU!P}u%_}9E_4#6xF=t5d+(VE8Q_wEWX-S6C*&15`
zQtb7{EZ4u3WL;TXkkWJ`jIv?HC`=mpIZgfgi&)>-7}S5SLlx@xs$<#n0(a>6h)~G7
zEY9b%u{tLmNEK*nsROz{%U}M8&4ZOdjt=k#9wf6g-WrOtxdt*NDfXBsKYqtc1ZYg}
z<X<~<hGItTeK5a|oZ|zVkN1J)UQIgvSguR@_JK>SdzGSHS1Orx8x^v@YlM+-CRb{U
z>K)`7mezmG*-#kpjChz>u^@b|IiPsJ2;y^z|C{c6ASIS(IWe5|Cjn3KjkaM(8(mK|
zI0uSp%oW^nF90hOv29U`K^}{fm&4;EIpQC(y6@n-6w_lEE>z*aw85ZMKYK`jG(Gn2
z-mTzYUs7z}2W}au-25+9Fjuc7&NCZ7FuisKL9P}B=slZBDoXU?RAM5-lKic;T^ZQN
zh6Vkgg3;-#(`GLBO30Tc!i(Ktj9(Yph3*i4$>Y5Cr2N(5^;&80HM@;f@%SrXg1NdG
z>^UWNFi`~SU9=R5x<bsq;LB{F5%7t3xXm=9`f%>UqR|1PN~042(b=Tl&V=V@0`{06
zHqG2z8|UjaWDZc6TZHYM%;fAIEZ+VZO~^#d{&X1;lVpkP4GJd7_A^ZCH2duX)`&6*
zBA|i3C7~UmvrDc3&zsQM(ETIw>U^I-|ICJg6z`KE^;efpZgC7k*Y6|3zE(D#DXdAW
zf`a6LlIp1bygYUt1Dq&P#&#y+QK$sOCS<a<?n#VFU#Z{|zOoh#rSTfRg#OZK8Kme=
ziYe_jh|mSVjy2~^|5$!BCm+;U%}rmgUwfGKR!>R%P6>>Q43$4CcCo)qm~|ve)JA|w
zQHPLN;RzW>sd*vMX@|#jTqE{MmRCX6T#`<>^Kx_L4Ev}ualR@R8a`MFQ!^9*;Yh|F
zKG|gx*bZx5QwVvtn5~%&X9!mXmoS+Kcl$jOH=QgxZU_bjKs8DYjSl5Yj@)2qxQL&d
z2?)k@%AEyd)wZBGjkB%Z1+VXo9t_p*>Sg@&%)%C-0EBeyLuyw8drI3-k!+UTvYptV
zA#Hs2{sh4jW?|syjoFopC@{Nnf`1T=iWHr_eKK&3gLzFy?7Ov>)9Yx)f)~F7{$K^1
zxAl!QBj#74A2<%-;a|Z0w#l6Z9IB?_?#sdD#?pXxZp0)NFtg!s@ZPU|%|8~~qdiVP
zC-fGY_qnKgfoVh4M%x4DqR0LyBD^u-@|fqI{9>nk-@c*dCD!>dBV3KfD!j8BJ5N0;
z{JS2CnJJ8d2|$*~bJ7QOZ0v5#jOPzoc!;Uxk*6~foa7s2XoRH46LI%CEfM5ssGmT7
z1sCvf)@$H+FWYn=W^<wZU)dldo8^5GWDV$W5%$VNAoiEn(WhVTK~S;N1797(%nQJG
z^oZR23;FW?4`T4t$L!1N2@QwEi`-#Am#@h=idWs?RF4ntq8P=T^(K_k?l)1f`(;Y`
zLs=b3GL}+^R^*NLBJyuGmS1Q4uJ@Me+Lg}Qj~CzG@&rGSl=9_27G(IiSGTrF6%Sr>
z%1sJerm)f<is=N&-{HAJ5w%Ow&A*w-g+~Yr6<<ym?_#@9Er{o;cAu$tcNWI;vEKvU
zRpe}m5i+PL5Q;>d`Wi@AB2t}*h$K~3;MF&dwE(2LtvyYXW`b>G3*c)4h*J8Ij`_$Q
zKYJt@plotb(ZucILZUtRQKPsQX(R~v1%>Atf7Uy-b|Dd~?(wEkAq04EmWSa|3^e4y
zjm4z;bmp}0Q;~wT|Ly_o5$)%rRlb&^<zdM_M5{AUj|d8${7L|8-UI~6DB105t{Hp(
zCelu_t3#ggT?X*gzwB=l8K7;5*0O(VZ^6Ng_99t3@Icl#oKfhKaeTs5{yHV_l+vHr
zw1zQs(>kPL0GM22st}U&Au_sK-+64`$BYp;I7k;F^T)-PEUJh+?*Gvim0^Hi$?@<L
zUo0Jw27N;c2W@+CUz7yX1-6}~)S7bfPg?(~m(x}yLciBE`XL`q>18bIz9~z#w7r|;
z9PGek4I<+<4IEH)?Kb5|APh)t6oB&!t9zSuk(ktQrfL0v)DH_cG;xc&{dn>AU3;pX
zzGnBOG`cG0PhP72wCd!pkhLZ`S?kV=xld7)XSTgQL3+M9p5&n_mI0b3_&oRM(mQlJ
zpyo|U0(7f{$q4CVb8x9wgpd}$KZ9l7eI2cAnBoZ9-)1e|qlARk(E4jGSx_w~zNM!k
zOK#pzkYQOp#cfwGHox5cE#0R=S5TER1pAM~Hqk3->T|{xmVXt|0gaBLuVBD93<m7$
zYPE^5kAd)j`!=xN$7c4a%qdJ;+-Jg+V${W6bU524GlHb}`K<5<hZ3)BP~C_P<lFuJ
zs|l^V`;&P1R<6o7Y$E^Cw-%yVdvv4P`_r2bRhqrnbz~xj?G$GXTXY61vpI<-uXR*Q
zNLMA=6%Y1!A7X+jtXc?6e(_&1g%C756mJQ(FfB({;P2H>v{VslF8Q7FQcis#{n|rE
zP)^j`qG|K+#npjp^|wUUjCuIm%l4*vb-<A*4E4~f7jbB&h?Sc+2SiwwD7hPl_-5;%
zuK3H>ozcERc888b2{+OD_~1dl-QdIRF9v8RBDKuMs4tGd*QenRqA@RD&8E1kGL8c;
zE5;mCsMW;ZPZ|PTTnh;lQNFw9q?FZbLU!ayiPlS{NjoN|K8%Ko*4L%`Rfps5(-9Xb
zAuUNJDtU5I4jey4@%J@(v6K(>I;y62RL{nJLg-Gtb=kSfioX-rO>R#;ysc-N(58cO
z))Tj^g@s$|()TDNbMbA0VbKBv)`VHrZS?}iajkN1WR!wR%O>s;H6eTQGbK-$1r`51
zBWI{@?wLuVoZ4v;q>4%~OKt|5w6=B8i7#rJ=cUrxgIgw`PZ{hM<9)l^<Rura$?=R0
zKGUOet~xqJkR%zHOnfqxB$50UFb_NFe`;d%n(V90%INO>wKJ%28>c$A5T|L3Dms@;
zaaKrZRu4=O3=G`AxF8v5#|P=<{0@M;p@)D-#XX0zZuIE9WGJnsG_0dSg!&6yyg?tr
z_KxbaxV?5dS~N6B)#N@KNN~N~d1-!mdvx-9cB7M_bvc#R^<ZgTtmu+!4RNx-*W*@V
zAv~ln%14{k92zkzqc3z$e9s~?zRondH0I-7>vw1!lV?j%o!Vb1nt!(D!x56qn&h!s
zpzqKBF{3P!AGSS}Y_;lDpy!|mZj0PtE;N&suqX`y=Icn9?F&N54eb_C(*^vaXjSdq
zp2fcncv)oiW_uf2nif57iBQ4j#8dA!egF>0zfmAB=j5W4-)qeBKkNpYR=!zyc1+$(
zgD^rhv`gQ?q>`G+l<aiGiW3Tk#EX|{95rzB&zD|?qdIf7+AIxl6pZH~*sf^@`75Tl
zFO#Bq0|}M&S(0rFcXPAZuPL77`wt#g_~%LH^P*643+@5v&H(j(MrC|Kh)PZ-F#(5Y
zEl!CB!(&71M7=RTYu7GN_2%wU%#({XGHm=)GV_+cJxUEdaw~UD`kGY9`Q>b9Wdzlt
zL;VNG-mEDBss-BN#Qcn3@WK^r{hGTXeF#88k68H+OZ{+kF&ILOZ|b<M0$u&Z&$&JD
zu_hie?9Y^Mr`wK98(OyC+WP%YS-wS*mQy&EJpd5DiO#t&2+kBw2nREC3mURlE&JiL
zv(sJFL1NK3SUF2gj*&R|r|Ain10La=WR?^6=mPQC&fZQCojjWeFhbei-qWtU`9=lx
z?emOAcA>VK6EA?s5*L^G0aTi!OB^j6s#XfQcpJl>F$1^65B1yCH4^?vxkFPs#(M|l
z@cNF1gQo*y5u{|<d&}41;Wr_f&e+L#sl8=`Uw>})f3^y*l}ydKU^%EK(!K0W)jG+b
zbK4$GvmN(u3T7k32QI*j8W|XZsos<!OBo(&zOkrnY%ZM@)G>X<P_|Ll;s$&FUpH(e
zZ}+6og#6;(NFMROwOJ4#u4{!THJ7L$>_?M{<YB|ZFml4XfA!gXuJ1gTOrW!kH089!
zk;tPYOy4nRk{d7rodV7`OO8Xu&$Z|fNq*QSG$$qtceR9EcU^R=L7*WR5eEJxwNz>O
zlL67pP<aHpq(BSqGu{%}J%&VIl(5w+`BrXTJAq)^meso$!3=&>!w{+D*Rmbi8rLaI
z$VR3Eg&3MK;)2#b8t!wSps@C9giv^8NQ(kPe4LwPVmCE|)U~Dg&>O<lk7}&xVQy#8
z=zP$42RNq5CKi*Nh0Q8%yOs=-IOz`O?vqdmeGO$QtO&NT!oMdj1w1>aQ$P?w<#A!N
zVfqWHT9&pb2|L!c6ZEt2_}O{>SVgqIMa4ECv;hylrj%~(yFOPJu%bQ)x|qM00738?
znjAa6A-gF~jXkq`QrFGD6bxNgD5QnsJM}AzOAhNW@?FH2Tx96>e_0!xc%dh?Ll9tC
z{B)(W+qjH-#a-{4GYadk<Ye%0X!n!BU#tIo+3suRjv1eim0z8VE0ZmDgY0Ty`Vx^P
z+V#f^(%~2TstlYvboN51ZRtmvAhpUGH;hZnUZJ-@kXAnixH9qsS4Kaojje$1$R#(e
zq_<`(6hL6W3I)jwQjx5q0VB96dYW1N57OH}yJ7$>L?&m|PN8S8Iv{LZJyMI)zn9T-
zlyk<7ku_HIRh%&rWd?Phh`S=nHq&+tb5#6G0~z#pQ)X3FIc^ps)bD+{B<1@goSQ)q
zY*Fk<@<}cxzPU4Rz;-8Bx+Z1nN$I#qlV5~4F=}T3@}+^!Y^Py7=<<{EQ2lWKq#3WP
z*mkmEH`2dzC<My6qY)d<>$NUC-w(FG=>4|=S+?m)`iXjpItL2!YO8kw?gk-9Y|^3y
zL`ZqLh{HwpZpuCSsfUnG)RR5KYv9{s)cgQ2**zs~P7pTB&6DglzK}1>+iU>SqJ0YD
zzxvD>*n697xi?M_l>nT)CD&(--n6IC?SOG<j0+Kx5YAIlJ|+2f1a713H)F2UkSyI&
ztM(At`;Y?IBAM$eukU20M^YF@5U~m-w<$0%Snh?pB!l^(e+5FlaBv{E64|Y^aqLAH
zmC;}zA=$Qx&dGO6$%7CsSGyqITNK&_Rz&CvkZB%3EBU)<#f0&^AKO0xWwgn73)TK^
zZ|a#f)46hGu4Xnv4q22O<G9@7N;6B6ROL<?;Rq<*1gsYh?EOmWOczsMe%G8Cup&W%
z8Rzb{78o1vXhl>NS9qLk$`vPhnv%G~N?6wB@ooVJQTiQh@ZWtH@WDY!f7u@2*?9Xk
z_d&WGcx2L|Lvq0w+i+4cJ!75fMm9A^bJ~7v5i#$S_ThXs)TMwNw{yLXy<^Ja=_JE~
zU#y?nZolmb`nG<b52c602UgN)vmN=Q6i5uXluUM#W}<PY2k)!SQ!Xq}(!GzqYlWhK
zU5=6vd0R9m39jJ1qt(9jh9Z*DeGijdis%;NoRz;QM8@(HYeqN<*sZRe7Rsj_zH=_p
z*~cBK{r9kKZT-7N=ouIjMcjN2#g(+Fge)1h4-I1V(zQ6wa9AIQ;VQdRp7iyTP%5<Z
z<gELSWyI`dPuD<zY84IdUr|fcBBe-a#%2Y%vGlJ94fGDB6dAh89Y86(D!#{}&^Jm|
z7t$Opz%|(FDgads7DnbLKBgIMd_2_nGW^cy3vd;V(=lXx-4bfo97Z2BK9pA-%Kf2|
zG(f~EeH`r}0N(Am=HbE8&zNS0t8zu*-(q9YsbmV8Y7^s@m?^eQ7g6xRZ@|}G`q<Q*
zSh6GdqD>^NXB*bqq*X2ow=iA=`!eVA_Fs%LKdw<M>YmF8A-EVz;2R-qw2QTI8zWTh
z888@8mseQi3>BsO)zE`)U}&eq^s63WgmA#HZYjlK%Q`+Ul3dzYc4QDKA);d4Ieeud
zJ~li3Q)lp2Sj9R+L%?ep6}n%W;EqYI92p^_1f%@NKh-hO8?BXM^2)nuQEW(jerwr`
zCi~X=PLHayy&8~^CDsjZbZ4Z}(;>U|W{?=Q;krV^C+jX{)USl*Qqr0=xO(LY88vu|
zjj3CUlVyN?cC2ee3uQ5is%MCYPyLa0#8bjk`{!G?Jn70q_t(32DqUi*GSbcGOaw*~
z|8)FJsfn*UGK&efvgJKiDA%7YEjBmTjNaejD@R=fd)asGJd4DVgxdA}H4H!aS{IWH
zBIboo9b8TpIf&=;`j-5ch9r?prZ`>r5HgsXMe-GHmFVT8jx<0)JCo8#Y4OnXJdQB-
zVL7@%E`nK_N88|AivY?JN+1hZwi99+|G?!OStG*WX8z&PypO*!8n><$0b@SQshGK1
zt4j3yQ1N<O2A}3j2rEGu??H`HoZ2^?O)1yyCG-y-qaz+=;Pxz*8Ng`@k6tZXDPGTl
z=un|KRc8cq@6f#;APOI*k)G$1FTtyxu+PU^J~aY9AGZ!3dT<fB4(pOEkds;40f%ON
z)uZHhre4)c!D~uC!zsrNMhZmT<+yEr(H`j&5kg$E`W#KSsueHxt0{^4L7&%-=Yftb
zu;jR-8L1mn6v(oA;E2S_)m;OZRf#)6N$`v1|0<OHr5KeF*db_>t|kdgL5`8B<0|>Q
zG*RYMdnfGWD!Jf+*p3XGu!noKecN6CDoi5(=D7<k!JVQ8bUlN`d7XA)qd*gBKuOIu
zkO9ynOD(y_3B?6Z8f#|@#p$7JsI9=r@>!F$`@r8;BU94>3MGNQYq98wr?VAexl*;3
z2$GbmfLf;*v-<VV)0*W>kg~vN0)U?BAG|cFrBi`Yv=pQ7bO|*2j$SGI6$1XIgfP|5
zSQwi|EOvS&CdqmPTKoaShMlZ=#KZN>=Id@2vg@?CYvBy6tm<Zfvs~2fmxPV$??z`_
z<$X0f6rZ@`v4@qbUQAGr{F;0vX(hx{-<4){6+z2tFdr-$*E)4PN3hLdahLeW1mGvH
zj}MukvBKY~<BG_->`>)m23@g?Jldm)yVE@jJF|;5)pn^utPjkGu$RSXp*iGZc$WOq
zi8*}syZda?6~7G)*bCJa4cpox6m?9n^gRkD_;if@`FHC6DY|y>UO!YcEoKdj1b)m#
zt(BVZmZnwO$W-rC4OZUwTMZ`_l1k_uOD($~{hpA#XcF6#s;z&c)%DL1rr8<tN_~OS
zW9$!^s~t~aSR8ww3M)<c9W2pI<fa4*2QVb~K+<m}T=mJ0R!=(}!2amazW^2@q13a?
zaFi=gX<0YQMKp6~ZsK^twG-GpeH|y@Mul5|ZBjx`E-2@m%n0GU;<6hKk#(&PPb0<B
z0TaTEZZuXorS{o=@p=xD%rN8hb~G`F21mQP|Dxh$^2N%(6^1ap8rw7F7B+jLs7?pm
z)Jt@>z#&KT_!wDSlg+nxkhI*~2sT_sgF1=06mfvLHCc>#{77e+!vT@_z1r+x2|)Hl
z!T}Smk_d7U`MN48kpwkzzmB|@yJFrDzGtl6Br|5sK5Q6_smZ$3*2R$pz+1E%t_^U*
z$q##Y`(^?#4DQ9h^*5xNAPx-(t~w9n#g>jiNHY@1iLdRElQUcb(wvv42HiqEviI^4
zLFq2X7MZpi_F)I$1L8T?PQ{TCvy$0MVx!zr-Gf-_Q(6Rs3Bb!~6yG{t<C?AG&r8O9
zjiGD_uGI7`L2GaXbofbI3niqX^<quyXp+Vw2OTG7f@X(9>cKAoFMnv?-Uuu_-IZee
zR2?fm)NmPyOsNd95M|@*!#@~yS>#j;lS(U>S^;S|&`X$up{9fwcXQ0^MGb9^yLy9?
zC>fSt{4>UOwwWj@e^Uouw}7@Xj*^2d+gu25ErvD@r@t-0#>GMz6%SdflC@}7`XoF0
zr;)sTC!0q&N$cF2)_*8r4hhcb7|l+}-nU@5wrqi^%rGEJ9LxPU>-GIAsTnzOq*|`d
zQ6+mcyLjb_3Q|snL-=LHXOPdxH4f0CIb?Hh!lXpPCe}KwnN5_`lBH6~LyD2#66unN
zytCPva)*(8bS3`IAdyh2<@HzaDpy+eDgro8GRclC{vp(0N~EXZSQ3P~I-H)CiA+XY
zfD<A~XM*zu_98ZoMBljN*ZJxMgxbQOutLPiyagN-B%BbLT^p!I3S1DEDb+|Z)^~Al
z(8z*j)q34m(N{flIO2z};^6YjnCfY9DpnDCzz}Ht@lL2Urn8%GfL@qz{t;`VlAqdm
zfI*9bs${Dnlf&tr>0BMA0z4Jx-9s?tfY{JHSE7{jB;Rpswl)3wfs3;~DNf;%H#&#`
zr!X@4l0T*2aOcC22~e2Gj;lruC`=`w%Rb#jFbQTsRjHAnFUs3a0>rw@{gasSW&+$I
zh~f@Rvi<&cZygTaLB)xmdGt%a6TfefDtzq5q+R9~!}uJ}%mf7=MD?6P>&&^xSDs~^
zMaJpFYzNyE;LoEEgyH;gZJIZy3_FBms75tbJriJ^DkchiR*}(>GI4yd?pU81WHYq5
zRvv4NVEQ55<9_W^zuHaUJ3(l$v(7PyaS-%%yl1?i(^It{uc7S6H`TGh!LX2r<c2?S
zr%`|$D{9C+tHxA0M{jk)m?1BwksAbA?13)CRSlVV*dZ`4KbRLMP*C!crp=s7ZM|Qk
z^sBgR8tZ!1YgqT+@!e6Fvl57T^oCCryU{M)rsEW58rf~(=ajBCjGP`#@b_bnjGz3c
zH=vY#tOAB;!2>0Md%+Gm0!f-6((mZZ6XJY@p>u<jVW>k=8_PVdp=dasM^b2(ECotG
zBpKPuQtm29xy)U}{y|~@DH0LaN<hZcqb624wsjq1KO}2!GZDkHmO*m5f1M=Wuf|*<
z>HOEsj02ZNo<%`is9d0`o&qp5qLSa!#i&E<clmx8an%RhTvJB7zf{URymImrZfbHb
z??X9Z?$UkRwDuwY25Wy&=xMR=IslBZY)^=|d>E^V!|}CD{m69OJ$*wDcm4Y$6X@#4
z+N;+v3!BYn&mmKSEZDaKqC3D+V~x(Xv@esEj%uRpdD;h4SHCG{1`^-``IY#Te~kb$
zN!@J|0qR|O5s=m9r1E%;Va(2pr-L0z+~C<Vno?IuJ`)-5w8&q;dnhp_qIjxrr2?Xo
zuOhfbSO-5qKVZa*vqZA!kJ2Xt&Q$H=>w~sK8&@6GD>pc}pS(`^;Qu;TEBMFYjJ>u%
z3Y0ODgW5p&;3<+=ri3rW*jyE&w7_^AiyF$#9GO2|et<kL*6;_hpknt5gnxiF!x9~K
z4`reXuU4Qc`w<sWw!5_<pvJ-({qFT052Af;4!@0#@2mcaW~xOvQOt`PpMV(AxKJ08
z0W;JsA093^adA*kZy)8ND3E{$|1KbUJS_%mrpEq{&D8}jU3>U1P1E13n0urD7OhU>
z9Tzm^Q*p`{76AvWhizYyctYKwZsSmq0rM2pMfu(iC3Go9*UguWjH5OynF{r<@3Q-{
zm#>4K6^Aaxr&RwaO$<rl3zr~CS%zc(#cfcgxDZnk9dU3gG=Zw}pQ$(;*jD{rG>sQu
zp4W}?$#6Sva0(HlQTL<EQotp2)m&6x>3&PK2zoIoR~5SRwTi)B^d&q8?17e>VtSN+
z42TdLYlkIzpjD0Skwa0XKl6u|88&lY$z@;!?v59dY{N5W75*hx=KM~d5Zl2k@O7eZ
zc22}T&lV7!ei&9d8?HJw?lI0WnhYy7=yXV_5ab|h^_#8tz5;PSByqUWL^U6|aLI*~
z3L$eLiJecZaPfPkg%v%^-ya%pX-5fmi_X={=GoBHu!?Xq)G#B9FzQA3(BL=AOa$jA
z`<@%&r>yR^O77QtlSUsd1vv#MP~2nYefxQ_QPmdp6R}$N`M*sie^E=L=XD+Un?B&{
zIVq@=IM30LzfW^(>XfPGsE^%B0t>S?wXW$n3(cQ5kIcm!q(QSw<8hGRs)Nmp8_b0N
zdevg9LKlfEM>2C&InXy+(Wg?55b*M7)~(|-jSXb^#PJ4I9sdRU0bU?Fx7%izF{}jn
z-@HhpU%Hfb-vTxqP=MUFt|SgKmXG2eG;4$PsAopAyH`)>@OMvqPEi~#H*odq8UH@(
z5KdR$*X!N(9g`04BX!>nSKkA5r%LE50~q~?>q=DK(ITz$9VuL6m!@EPOEIhBHlmKl
zh$tk8rBSh*p)vVyp$!NnMbQ3r8ht^Wf#9aKU+#k-aXUG-7b^B>6uKcs;g;D#;|zYK
zSd74wFpz<0wBr-^#mYvt7mO`G;w#W3!O@d0JLB8dp&@aTBvwPkB835~-6$M6DwwM(
zI%=|AGt0^B$xm!F*4)wq6d9sN&Wf+7V46exgsoF`OiYI<?m&VwF8CvXsMcVs|3*pY
zIOV>HnVll-QZmdB96P}UGh^HifI2ibd<s23RyTN)K2Amnl_@;C(%D1s0i-Vx#im7n
zd4*g15-rA{tf0{|7agbE?dLTN-+Qa({{u7YT%fGEI5I;N#>WEorX}Q@<-Bfc187sO
z_5t=Q2sN{$%Mzl4*XeB$gkn|OmYaC7$voNYn|Qqk=i93sI<OF05<jrtcQTAc-g>5)
zQKDHaTh$SRuun8FIkngJoZQlg8IC6qztv<`aXF@%JYor_{V@P%Rmt7q@V&SnhvE{u
zQ4a*F(q5O$J^}mj`S+bFS<rAvrq%67^?G<fKcSCmt6=l}6Z53<ivlrsupeI0s^cw<
zHk7x?QU0;c;=EijXr1IKO$y!S^>Cf#+#DGyyKB2Gd7W6d_Eam|S3k$L7f3YD)fI4$
zr|-*@`!z~z(pWWHBSEi8@w7832e3~XTEU^Zp)Zy>8KY!_u{VzWQ~tg{><{>#7}|K;
z2_*N*(x`I$jmx}!PeeJK>CcEX%39A4;eON4oCYWD(7ARBFrVys&$%2`9P7;{OMMq#
zEvIU0s-q4D!$NV0qG`{huHJ@P!?!d|<3LO;l*7E5EDDE{bQT67=CAF>AhjLfBT$8q
z<KRkY0(}m_hfWIZ7Bk6RPSA#z2g_?KmV+@OK(vWeOIDP_++IabW;0b%`WO9uomd%o
zgqS_X)0W6Al-2z|mL2e+xQpc}g*tft*a8@<rgy->obgimIq<qq)Nu4F^3BaL-&4w_
zW(Gqp^JtE*kTKIlib;A5f%m^$50w3tpPfngR6$CGpiNnfNu^AE1Su{O%-75hcpO;L
zk^Kpd|9s1`*<97J&n+j#V(x_D-65XQ$<5YzwtzE7fu&VOX2ms$O_?hWWP55BY~GwJ
z#u!lAH7a-3jvmjz&(<8op*k@haBu-MWLys#`tG>!>ck&vj4};nbXfxZ$IZp}<86Ou
zxrQg$H^7fZO2v<8$E)xmx_tNErmjNe$0jzzr&-yjTi(o5(nHz|Vf!%?Qb;F!tV28p
zcQQ>M%{1+@yp7BQ-K;>`U-K|%Fgaos;GBtpc`c9sY`Mm9z54XJ?=y}NDlj`xzgk26
z%=#no4nKBjF>(u>M=@QD+A1~gd->be@&&e-Z<vHrq7f3(y5}*w2~_6NSu!r^q)QqM
zo-6UjHO{nt|M4J2FlZsdhN#@Dwbd8af}x1yYb{df(xR45g-Ynsj1gNcsYpI+dO#?0
zhFXI~WsJm?r?V6Sm0=Ki8dfq7*!G6aIL?t_b^X)-cMF?%{!+AlC44=g-OW0l9K;{C
zydxKo8Sa+r;*Z(|s)_|yfJ<s6;E0#trT(->{8T=9UC4{j0uevit3@$+-S|&u-TeR3
zT}{R{x+MruVy;=91l?Zjgv3J3IlxzCDh;Ce5ff+G=aSl|Tj)p>F?^EfbFsyvUGSM-
z%pLERn*ST*8Z=lKY>7flIAY)?gyl;i;2s5$q+z}MH&hh9^xBR=<C@$-o11$J#lK@4
z@%BkzxZdkcp#ox)@|{OM*)}5$OgPA>Q3rzKQZ2=IYTThKTy6D=hfzWO?#uLMeDhBW
z<95=mZ;bSNj^G6_`Lu3cb!lv$snH0kK%}u3;Z1+Ir1#;Mt(yaQ@k66?y8y5FpFVt{
zBtp|hTYY{)0jb*N{soT?1e6Ttc-FM@p`JvPqt@aT=e#8v(^M(yN9~}(OF9l8aAyMN
zk-gbBNi^notbj3v(of;tW~@blI-`wTwt|R|)!7EA>I8&a8q=IvgKU-rJ%^&&rt8!e
z8OUDWi@ZxE@s%!nANzD*6ZiphG3hEtJpji`nWxI)Lmo8@cUA6Y34?CaLX?hny<)CG
zMzNcDR8AS7>KRXWIzgLd=S@im8T5n$!R=n|{&Xo+9F0r96&SkFc(t_hJA*Je@Oo_(
z++*<+^fxER@y^^Rr;HkCmr~LtPy)HT+Dwu|&K^7UI-u*?>9je|2@++5lhd``nI3Pj
zm-nj4!W}IDVu`J?uk)>^36?M|wzng65`g{Z1HDcHnBWj(S%+0K=N=pgQ&)}F?WZn;
z*WG+1($W7{W9Z$zXG_gjJX12_e`t9y@X^FkYUxTM6@t7+2sVGdN_ezdt!YLM(s(o}
zLqsc-&Hf`H4)`cRw`93vbv=Im=V-Xb@J2=a?;&QLNa2~~bh~YqhD@6QAgPEs;?n7}
zHeWVWYHr!d7LR8N*-*-PZIt0FUfS$`N|b_`hWObA61<?B11GSQv5|P|$xUj~pcs>D
zFdj1(yFWi1t^-_UR<>L(M;uQx?}lh&v*6|e-k&F`KRG}4JrFO(S*_U|t!jvv&3B5X
z%9xKPwxh`qctZ@ZUT#-|_XGXBjcd8C9J&L&0$zR(U7qP%QTve|Xs|40&R@*blfQV2
zWC#DpzHVX5=|Qv3&_aeGsK59;TaVp8Rf#1?*VcF5$!R6QRnGamojSxEx5f+wVR1Nx
zNYkBdCs++J+}#WmJ^4I$mjBoUlUkgUo>~}-ENE$_=TT@mXjB~yN>^I1zx?^rHro-N
z!5bd)z`)ww^REz^fRiFv1Hz8wL8v`uVWym4>!!C?H9;c=X8czs#*Y?6sI*v|DmvQL
z+N<pdjqm@}TwVt2j#`<*y<A2*i+$qUMb{N|ju(AHea+KncZ#5l*^n+;TRulVg2)B3
zmrDEtwuWeo?MC9Z*{1zkCIezIFlY$?mshbNJs;R<HOb^`nO4I6X@+kv2M1%~lVz9F
z5g`WRim-%fB?nmPw?2vj5HQ)-xN`#-Dr2$tTr@|TCf)*wp83>m`5aa03u@${EHkNi
zKZY>cqP-x&XaEu{KidH;8%F-dZQA||xfsbAS&c>f(Li});1YxS`eGlK#Hd|}a{TmW
z>Z%|T27%|Ynb;oumsYM2zQ@UQU<q1f$<Bv~w`hxp;xHt*(rj#-^P8))H7L*4lF-Yv
zNyJkX8wx?+_n<?eb5Y!{>;9AYu6lNM0jhi9XjbWuX`irIOJ;1CjIy0IU1P@vmP0{v
zCb*9zjG-jh>c07}(Or<L5)e#BXAF7TVzMa{X`<nIfphfLIOi{>X*mH3xq%Ho`SL(*
z!iA1~9G$-*<&ga%Kgv}6*K$QoW|SIJ)DG;QuL^FyMEn6bfs+D#h|yWg1*&W6`gab`
zk7YS*=OeVG?P2-V<^P7>UsIx94{tu4y1_1k{n|XYAcu}3rAyg0)C~wEbcPX@bq$&e
z6H^&8aP%1!lg6LW@AZYR2ax5bb1U#$lx5N`X?fE~XoiY`$>Dq^hx`z-oV$muE|P2L
zr6hzVoPT~t>eddc#$$*3l89gxE@N&$NM&q#3}cN=vEn-DY5^D5p)%4|)2Z#Jn#cZ9
z#Hbm`AF_ua(=kJ01On{rI=QIe1UEc_;6(0AVxpRa_?53(8S4Mit#y51>8PC$H72(`
zmC=q5dlkP2|ES9xtg5^g=<4J=Wu52xm>YVh&zas0{5wVBnW^c3;zGZBnT9&D94<U=
z^Yg%k*%Q8w-v_g#!m&lp<_IrvX$=YaFV`#SE`L?kF8vI;jYo`duT7&@)7weU%R{^5
z+Y_<Bp5w;(48xU|G!?%l@}qbCQpNVk@#MlairCe$huxcT#E5t~3tmJqqWH4BAN#*u
zOTy+rT%P*X3KNO<kI6Gq%p9tSZYV6=-#htGH@nQ_>j^<rCHiphhT#s1eP~xsKu0S)
zqCe7$Uvf{6@;+;0FNI#7;c$o<NvAm7@qacPyW#`{l};Z$CV(^N{dlJ`1|XzH1^q=1
zF^|xpeR3a05Ncmo{He@hIFpyGxvr6lH%LLVe?aA|11`{65GMNRi=kZd+#tqgluS&e
z?q;~O!&v=3@vv{ZY`~aBt=v2=uREKT$?EieAu_l&;`kGjo}cPXK=d=*Gn5r5IMzT;
z*GAVrW?fjfKg0f0dR#-YA8BCHP8x@sNDR$r;flHhr;WAm+JOg_Oryo?>lbj}4|w-^
ztWxvo<(%m%>KT5?mS_qU4wf0(=>bZ~q5a~u0J;5XLQS*@(c0S&dOp;=v!9r-kb5w%
zW<HbcAqI>@6)dx@RE_C9=$%vLyJsyzS%oLPyrt$2`nLK!Ohbii+X773d|q;)>Yc`N
z+?82qu{Tcfe*lMhOV8)U##p3-3NfFwY(fWT72zXQ+sc3)3C{^BYLWup-Ii^$UmiX^
zUf;S%dQVy(r9?oyd_sV-s<H-fV*lz-)eK~#o&G#cxvy#I>F&p@lc}G$tSyJF!4}b@
z`LzDN3A!d46?o7cZ7q0c(LDDSANS9fF}b_X2f$lAzt0I1NA8HmPomPKx1FQB-`4g}
zP(!@E09__xr0-;t#&QN;(2ZwVSd75w?IJc2ae%VM6eF5F!KX;0LkbN$B`~2h`U(tp
zT8<7NN2o|-*xq^DU+gMzphV#QD?Pr#;r@Mej&hpx+@Sk1>x{-#b#<5>70<L14B*rU
z8CE5@mbUT0+31Gl#fAP253@&%ms^pQ^P+|-ip#H~WoG6}a6O9Vfs1BrZ>Bk0>=tD9
z;-EPz*++=yPSB34jeNQkexH53u5-%DeK{=R_a(e(i4b`vet8g5B%0$0VCvo6V{mpe
zNP%j6bHv^s#(A(pc!>m_GrgyGxLfx_`O7mtIZCO|z*xcq34Pkd&-$Jx9~o%)UFT-K
z`^B{-1XRw(>s45y1YqlfQ0l#KJDv|OHyC<xDZ6;FRRSw*DSHsxX5;CIUvNRQ5%AzO
z{p;L>gb3qj2uWy39WhC2U&U)azPArcc-8>xj__ptGu`vG-x2F0n#4j0L5_fbZP~im
zmE%Sy9HsT+d66=Op&&UXme|lCi%=>^?DXkq5EY}tC98dEr7pbWHZiFRfS14Yi~45A
z3oZIfpoI;rP|{HghCvgA0Wq~0silCY`$VP67}me_FP)*g%EGqw`pc3Do9de7F|E{a
zm0w*Zz1OX0^sG(b*d_F*QLRAyjg*YSyxy3K+7i>?GyM^QqQn!}3-pL9iJ7{&`?jEx
zjV-po!iD`Hj(H*}px!pY>Pv?gf$h3%=k=Qj*<X0z{Nkl1y2`d9Oz$IM=wh+AWLIpF
zoo3C9?<2xf34J$&RO(^Mc1@pl%+e_vF569V3fzK4z{6F%_Mi7zjctdVk%${@y@_4|
zanV0;cbl-M<*PjZTszWh$~grSf_9;<-=|WRg{hy&`17RJX1gktV*;FRToE_f>KSO4
zj6^>EM@lx3j8!E)y5>8FCTs?1RN}Sl{ki3I{1Hz@c&m7a3BP{KKGbeXfExkfe?d8K
z4kzrZcv9?U!etPET!dS2GcZPOM7o{Bjp^!)k+z%4!<|OP6pqPJA}<_W8-cQIBdZBF
zwQO;9j>C+`4gdIC865sDU87qxSKr+g6iUDoby>rCeKYwDyi<tH4a}&Fu@J}d9>^XU
z&k+BFqzb2nyzMDwRW%petK~32lLwD2^sjM(`d<fZW+R6jgy;{A7KxcgawMvsD2=MR
zRMR-e?*Q2<_&9L*%SuffJ4`P?xLD>qzRP??>NA&K`rLru^6~=%K2Qj$%=&tN87rcr
ziu)tt9d@qn{+z||vR(PQS^Rx6Gi_7IBew6o@8h-}9uWAJOK^l6-m$o5j_djJQW%*K
zH&DPVV`~ei`;Oo$<?-5m8fwhp`R*duXS<oZZ$juLeb7ko#Yw5V{msFl>w{uw%)j|=
zGoW3@bvHuWZ~I@C^%q`sf#(^L03AQ5h;YZm>j)YnlNzE+K3NUmk9MM>Y3UQ_pb?K*
zyZW2D)Cd=MNgAAiNd{Y-A!pV8v@(gS+RXdI{1>5sr9e~Se*;N+n9hT}nrLPI|8?F$
zTnuCYeG=m^#a7QaTXTk;G#8U+l^-Q|)5^+g5~QofPmHt9cv}Qj4Ks+;vLh}ISi{il
z45S%E6#K3C;`+iUwO{9cl^<b-4NnLRUuo|1u|aSN1p879u8Y5Mz;8%eZEbgub1qYI
zfK4aJ`xF(v;;5tr^aGkgF#?(r2G$b$x;x0HZM}o7rA^{q7PRd$i8^hVt<?#i)=kWV
z#jPpz9|HB!^gs<fB-&T!B%PLFGu%{cJQ&giuZz_%Cw$v_FAR7u-{xF=-2};>efnN6
zI+2?IABKL?`fqYmrz4^IsRo;PL;`3{MWK(C(L=pmlzOTbcxjcVG4L(+;;w84B)LPi
z_1`kA+alHB&zsZb2Aj4YYS>oi56ie4KO5HUo0L_dTT)HKi})PYhz~5cBiRA!n$D5>
z4y*Bq>D32Wq4U%q(gd^svq4oN4f3(u`IYef&{iS8STjp_SIt*RLN2+hJgoG-0C7Sd
zA%8kdeF^2BJUquIN@pn$5r@(gzLasQzFC{pFl<T@3T}QRawT;#?QC-|+v7fw|41a4
zW&gd2Dk1+^Wb0p=UI5a=iXY^NGf4FBP<Hes3b0v!cWC7xf%=&*z@6U-e0%Q&;_o_S
z%axvHB?3A8e4(QEP0ol|rXAW`NXCVjv;o`Tv>JD1`EC)sULVi6OP(BmKIgUnE<8>#
z`O51NY8V%vsN8fDJ=b@8f*kgXm&mX2+2(6SnpQkJ)n&ksxr2LfIec}fLc+#Iw!hB@
z2$7g63LehqBxzZ>;!7^hR<4%va&-owMr8G5{%K=ht2^T#B2uA>JUVlN_x_B<fGCO~
zvj3?$Fjvxq#_L!GEZttx-2mx%hm#-Rlyz`9m-0Xs`|<icC7=ogw2F~}^{9q$aj<-)
zX@%UZkRKJNg8YqC0vIVPUSZAQEQpo8*tuum{NlYjoF%y!vEX#Z5W|FAwH>*;{LV$Z
zMvU(7=cQvWbcoEa9%*knqcO{swX%D92`qnSt1Dh(#_on$({1BJO3UNi>tWz-i26YN
zNdcX{DH=kdMJp9-93(H*nKociYd^cc*D8b*VP-iJ0%4g&iS!Wm0`-AJSfw_4_A+~5
z_I-9fO*aD|$wI&*S%uO=X@x8~#VeA1mTs2pR%eojB$mn02frWeK2@n0x#Jewq{=H<
z1+?B;(v1e;&;3P96n&~;J9WQv>@7)&d6oPWI+|<tA{N{l7^@Wh1OC$Q?syB|U{W6E
z_+N(RInO~{dA{kO&t6VeE(eK%dphFI#*+2en-W(GP&MA}lCA~l5B_dsS`te6gg9Ml
z_qty&ES)Xf^BN1)C^DW1xKkHNyZDXwuCLs$yAhZG+&^vPWegO<J&KM^L$G8c%if>2
zJHMW-us8c1ZESZElx^Os5j}OBY^zd#Vl;$<N-NGXHwe=0WXi%g#^Pz{p@N_^7avkR
z?Y)=tTPqakzk!`p>8j-El94d7EtUNpt@>7yg*0-!4Z@Mc0}`PLz+K&uO$gZmylDBK
zX{WKz=y|Ja4FBAr9qi9l2gjyY13LJ(gY%fc)|wBbKnw$0eTz`iuWsVfM<Nw9jQRfM
zpw;F)*EHSi)71vCO|TbVG5Fm)5HZZW^SQ933t3#eoZ%<B%eFD40{*<PaNsLq=t8Rh
z5-Iz<lX}=NKDhnUwfhQ}jW>c9Dr!2wlkB3p3k-P{+jd5*l;YLxt#DONHL0F4=rS?J
z_o8(VmG}i#Y{)d?4=)DRM#qs&K3$w@*v;MiCO}7xDsbG#H}yuHK1~IA4~ml01wOV$
zE7EJ&Ve-GO<HV9}3Wh()1AsBYgVi4mJIuu68|#c(Ti!hgwXYq-r!ALXM>F2BOh$_o
zr=0rn6w1`WBI6G=nJoqq?I@9`_>$)*vqaLI{cRc}3%M$xS%iDAt;+^O)X7c|D4kDY
zJk-rCyQ6FG;2F{ljWu~S+q@MAbe@|YG(EBRvnxhs9<SrUZl5^$-ai?@v^Kn%YH{si
z?XZ}XEZ_Wu`k*pRy#6sXu^`7Wz!W!o=Tn=x5Vc-vZW6|kL*Gj<k3q~Q<u;c8T~4o0
zW7oilA=Ad1$zv9wmSCW3NdVqklPlutCJWYf>$YNO@FQk@Md0j$t5n_9I*^ml85aJe
z!Dg;*F9&~s5?%qXH{U@svnkA~(=M#Amqm|Cv`TXpp%N^<R%znc&eQCaa$FGaa3`ZY
zi>FeBGA(?SV!ni04tx5;VfCUz70j|{DvB?e)sx64ir;t^ik1p5Wwj+hocQ-}J|{`b
zHoe}u=w@GsZUV+yk5r~`NjDrsEmK%St|$^sj9~@W^hJ3`ZAXad%mguFw&aj@J8kfn
zb0>;oxtu8Yv3nXZQ=X#{#;34YV+(jV-74@++*uOejlDGr%;5ESZn1d_amq#&tIMhJ
zB8!xUN-8e$D&TYAtExzGMKNL;o<$HP9+(s&J8H@Bj&Ov1p}9U!H~NJFqr9gr1U1Cm
z=(<tz)3fmnfT6{O=81!%Q$^_mZ0U^_oAk>2zrbUti@QDF3_bQcOF1O#XwQ}DGCmd3
zVnG(4wCi(@7C7<fkt&Td_DHkS7w|(W{N?G>;@&&s(aG)KHozGzCIDFO)Xw?-Sgi#s
z@CgJ5Er|w8$2fh#^hO~a$LoJG;)DF%K|tE5p@r7LvAH`U8~z^_Deoa<la8O)B4+vp
zMHc|9RFB|gRIz1C6YtVs%}_d(v$c>=$U~ex-lLs?_U>ZGL!mXtrd*tBq)z-2c!kar
zL{s8``{2}=-~$q5t+b_hy_{rP08fi^Ei#f+sM`Mk`#=Q0LOUiqsY5SiaTH|Ba^as<
z2>&Q{mLvFQGRu)mhV9&sy!k)I(K)G?=P)55o|%hdbPD%aqRaKtKdY1eQOneD)e7T?
z=8O>zofAw@4Y3sB@ze-T%Sl}<m;PCW^p9d^>4E`|ba@5&6R!_;ce8-qH?GiQ$^1C6
z?#IJZm;Pz~(u?0dz{3799*)8xg_YvIy<DT~%+G~OzWM&QDGWbdb-7!ZQwh&h#g_(<
zj4#XL_PfO`R2J^<wwwJvZat7a6t8(Rj2>~D!^$sKY3B51aaccWVWi7GCGgvDXFe_A
zgNi%qnB5rnNO)Qf57XO;uS!EBgIgJplp<x{$E!VET3h(wN{`3&(GgY`9YHN~DpcDB
zLt5io!l93Z?b?=5DO_uu4b4o=8Ox(1tRgysVrL%@v{~5ncud`G&zQ1{UoCR-lwLh{
zyzNu}TlmGJp0}r!_t8k+v9WUG)(7av{jk|$5+(kYO6<BmqQdGTDyZeSIXBw3n)KfA
z=+AW>F`RMYDV3cPj`gN2RkJ*z!YU#vD0Y@zb3MKg8llmYxJt(r&!&+`(~7sa3uYAw
z6bUxe7p2tN<B-UdIaw+|L#-A0a(!rn)rB@t%UxW6Lg*wBQd`1Jr->0=AU^nBQ`<1+
zW_-Imw81Ju8z^>`FBb<mP{gV572+I_rIEb<G+yYG#{qub?jbmADY-l~ABCJjjJj|K
zYS{{&nsE~7#u<rW;=xd}cra9fh3Nf*^Is-L9`0Zj;SLl#ON@)d9Vp^e`~dT@XVE*`
z?9CYMF!v#K>%{ngU9`AVTp!+Gb>R)v@^sWA;NTM;U3_Aqi%+08nu`uT`1fT-<lzlg
z5#B(tvy3Phy;+PK#RGPMp9&XvwN9zA)11}gbryG#C1Jfe+};hGflUZze*_o_GQ1vq
z;Rkd+I&QPDo?IUSVRfnasO9P8N5KD$?158Z^nghl9pDiCUvPiR?8%jXR-yc(*je^m
zoQjVkP8-cH%XpFm&lWZsIQ}ftPY>IT9VaM8Cw8m@O8v7Dl3Xt9qmVO5QYY)9mV4g&
z21+$LV+G-|r^HHWNYFkQEd@8_{<JO2Wqnp5>!aAY8D>SR2un&cV&E)3HUmzT8ENgn
zoYE`Wvf!XIXi%rcqn7_owD|a0en_9?sI*@=6#&0`-MAoy4@3nDgQT@1#(GYqW|7O*
z8CD*(*0#B%-d0HJD0Y^_D6)J8Lt!sc{y)t4Ov2COx<y#zrXJ>t!bXT*9Zdy55%b(`
z>q-Go%l|gq-c1X|mE=ZmU$xXR)iL6vj^ws&JTEHM#Y3Z{)_B9UEpOv(9t%J}-E+u|
zVdu$x=^PpyF|E+AVZsP}g{#H8cse{S)X-FJeaxCeczuoVkAlvicAfB#;(BAKwtXPl
zi@1A3UoF!*PW1oF-rILKjvMKtUxjz~WXFAehRql7EjhV4?)LO_Z~86mp2^Mr2ZErj
zj4Ual)ZLy>e^CX1f@~Eii^<LYanIS!v~3kZQdK}zJylO7wG>H{w#i6^T;?bKvk8fR
zQg&Q7o?Y}$N({A6Fl=ZA=DD6h-z{!)z1|DYF}=B2E~B|v-zuo$g&+ER?eQJX^pk77
zgA1%}(jF&mH<%>7)83!{{c88v=x17DlU|1^@(#ums@0vk*WT|OQ3B(P!hobXc*Lr8
zl;HZ3=TWo8>fZ;m&Oi(fX3#*nK(y9Q?ABbPRo-9S$iv&USO8A~#T!mPChg3UB1f3R
zv_wC-axPSo@<y<Xw;khom9s{+QaiIvn>9@=+a??@XMUnTn~>-yWyj6oG&Ubn>}?m_
z!|UAKX`{&FIJPP)Y|3rsxL5qC@Eh1dA9X5&O||U|{0FVHqv=}mhG^H}^xS?nEw@ju
zoK;mED;*9A6~hn%k+QmLw0Eg;5f>`wMH=p_$^6`YHX*l9%8o14X~}(3Y*&YDv;1}<
zJmRxIt!J(IS3fwJ;P>ALc*Mw+XiYgitDjBF>XR$id6mhyD_9X%+Dpsyzl10n)^;V3
zX4G-ggfYg<&+2CrvihX#xTcIvydX4%5(D;w`BH1gdb?PFmMmSm2ViZn@Hdg&Zi74t
zk^a^FY!T9$XLmS|5=Usww3I)&vdrV8Xe+6Gds&;g230K-E6PlDao2T8J+i;}DgSIj
z%Ab@S*P4?i$kSqvCdluxt6<sBH55IdkMw5Qd;3hFE{t4^R+iJzfNUBXK&~vg%E~0m
zSeI0VY26bFrpk9olcimu;xT96M+346XaFfYt}M?TC{Ig3Ah>g)ZM6;c{XajUPl_C&
z0MmLJ$dxA~GQvdVN0P%o;)XxSlYp%7%l=w_7j{1HkM27{S_JP#VCg^ho3*y(GrWx-
z*bnAbF5t%(=Z|>oM`p0m?+prV%SIbcQ3LZ#-XyHf(}qE%ZBsXSRXr{cd~7&A5Ry#*
zLP*(h!=WTccG(a!(PFt^kHXM%>@tKHHhTN<(~ZI6O{D8A4ENhzy_(6k*aQ9^CN`{=
zZGUM)ZU}#88@HkN=E{C-jC{mS+EJ;&6>w>cceO5JOdQ>9b;!Oet#4H)v;^+`(0uFI
zYN2{g^>@oT)%r%hl)!FqI&zauLvF~GyI86$$vc)LDUh)h1*_7yU^VYj*=2&aak%I+
z^O2iu0&+vjj%#(OzXB^fN7S2=2lc*tSUpO_^yaE=rXZ;L&-2Y1I<7&nm*|laIzz2Q
zdl09iJlQmsBy#1fmb@yY0#1-lhqFbh-OV;<N!2uY*OqnOhJzID<0O0nPD09#sthSP
zsLah@-UU>Kl)w7A)UoTYO08fo>NhwrdEs~6pW~j?W9v^VHUjDiz&(x5u72Ao>~FaK
zt7U(`)Z3}rNTP{{ypd22niLvWDn6}Ofn2%n%AA)nVI?nH;GNO?P*Dk1CY)z^)9Mf=
z9K&!QpWqYl2~u`ksVGUm(wxwzBbpUnqYLH6vz_n48uzD9Yjv-`bI`9#h-N;RX@CCS
z1xek*brNp^HxbmO)A0;G4bLD~PB~9&)s!qvEA6ReFd8eDlI3N?1#gln;b9IV?&BGJ
z0-iz2j_VRR7=B!r$hLz0#+T~>F}V7l-cu*&0I<B+#z_Z1N$+7I`fa%|zSg_Xwk-i&
zs9%=z?Y(+A!#;ucTI~0K6|;>#JYUb&{pOYFqA^1wwB!DD1}yJpcQgm7zV;fL8qM`B
zulxVFB@8ivyO&-E5BqK&2vG`sO6vhBbc8}rLnO$RtE|o|QAw5-K+2`#bS9d-WU`Y5
z&v}t#d2kAD#(hMBPe3F{S(?X$6d7;fB1Ny^+?31t+>W4HZ|8>NeV<;3-EB6j{`Z%c
zb0yY`3qRPszZCFM^S{hCAzZ4y*CFdn%==3?n%Qm%21_uY*!((EhkUg+p(hQg+v#`(
zpMY1q8y9yk4`0!vm$zEaq_)CKGv(eC-(3<~O+BEf^QJ09%c_d&(4$frtJ4yS6RI+A
zL{fEWxP_Jbun3<3i;%Jbtqv@A9=#Ou*X@c>YDyAsGHOs%e{IkZBbAL(!GGK?T9|`@
ztyfw(Z9y|Y(cM!2jnK(c`W;B2BXn{aGD5D*^EytlB4=$@0RctU=`Bz;tkqtkE6)lm
zi;s-(3CIX38&H;KcRG*~*J`ddct}ELKQQ!c7ozW%a)!BVo4o6zGn<H6%%uL`*$Pls
zXvETg3Ir3>szGHr9T4Hu01<NKf_Jq@YQeg+mW=Cwl+|1oOqN*E5_g3Rm!onY5aAO5
z5mGjwEab58y?#}*#pp=!<};x}qZCjgx?L_?z2jh)U(~40H>DO)KZBu7O2T3HFgR)8
zC)&NqQAOR)dK}m@w59sv4hRi9rKf@vIzq#yp(y0aMcs%tD+Lp64$YvlWI`n^D~qBi
zv%Hj?hug2XkD~AiC<-YX&@ggP_qaz!h(_P<=fB5hnm_)>$~Xn;KkN{>eq}p|G4FxF
zMIS9!(A2rr>&>8y<Q@QCIOKS&z5cFKYk+SdAB)T=8|2f0>8;qW!whrp@VT|#5*O$Q
zV(ro+=g_LF4n11`8c^W0ffUSa{t!uF)LMKK>s?vDzPB}0e8J7L2zsqyd{Dd8+w4YL
z&mejZuBR(&fhq>PwkvmmQH&<RjaeYQ(yWI-Tz|3cxibAHn>(>Fvx(-t6<0f9@IB$O
zjk0}@dZ)(=_RD+ZahLk>!APNLrBPV8h?kGf>iBniQ)w>rgA9@0@HV2&S}b~uNbwP7
zK!Tu+8(P9y^iTAn_t)wFbGU;?e_^d$N5mF#!kBql=!h+30uJ|XTzvfHN^Qt&#|g@s
z*&NF8@b~>CdWG0L&ERFSUM^P$<KYj1w@{S4$yHmiTvR#CQ!QDYWeroQNJLsTWib|D
z`q&nqfNhbof$fZ(I=**cVrckjsSl__)r+qK*KtjRB3f<Nw_w(=F|F`Yrs8s_O^VL6
z=`56LwP_oWNop%@U<B(|g?tOz7+QCzQf?SYHx|<H)3GH!0b6=EF77n^+qZ8QdW+j^
z8-?2a4XBd;^!1O6H-Gt?{M%1|-aZ_Pt3L!Dtxg&REcUEY9Sq{+l2zETk;z8;DrH_J
zBd4$rUhxUw6)77~+fmeNJd`9?#e)|Q6*zNjZ7|kqBBh7Z&>1o{{61<is&H%~4`xE1
z{Y*Cl^mh3Tjza4T!nxSHM4fdC8KKLkv^J4KN9ghd(Cgi}_|)Cn{DB3F89xMGKp~)p
zR258A9B25otjUU&C2gHnRU(q64M#S)kG<s+us2ec)_79nnHx2A9l{B9-j3dak;i7C
zwYJ^q^3p0dDD}C?wn*3Y)Ed|87#GN1@3NUMoBnb>>y&(ubLFdoIWd?VdPoTmhkQ>V
zn<0h9Z6=?9>Af2lpK3FPKaXh#m(3P;`bjnfZ1N%S7Fyu;6-mvCyw--3)j1PgTe32(
z>ZZzo-876Z=03idPrw&R*?{3tBEP&3#A=k(VKaF@jENF<$Tw0&SyeT~{lC1oK#h%w
z2=zS$MkIxfP~T}VBDr#lg9?RYu<0_cw_R52ZI`ur*HwDcg*`W{GCqu$Pk<3g*?`JW
zBA_xLcJyXTU1+^s*zO>pOu$;~`Ft3d@yq-Eh)vTnOKaPgclz@Er4_%tduZ0Pmg$|E
zH98*eW*eq&5m?C=w|`oz?vL8-UaN2V4E?Ge<lXjHxafasb=9h}VPe75cWj!xWnb?Z
zf}YI8sP@9{qFSq&U6Y|9tiAAf1`#uCNEpdGhhO_l{zHPRWa4#gBgj6p*vt>T%bx=8
z(x(0&q8<rbXEqt~UO`R!D}C)-V6l9MZ$J$r+Td$6`H}vC$hVOz25s?l1T>$9fRZcc
zwNQCcHB4lc-oANVv09}mOR~0U%chBwv<us!kAUVA5KvM!V2gp}jv-p3<PUG;mgLWb
zotREqZ8ruyimu-L{1Oz{WSZ7M+6QpIisnwWPO#ZI(2idoG%x(qpEjcD|G2(W^ObnG
z{ayMB{@FY%d;8BH@qG7w;VN_w9`bJj?=z^>r{k>ow7xKM<+7=B6&H#nIbd3;60EN4
zlmW9!q0+d>M;Z-t9{|lK0HCC7K&i>uGeMsu)DNcj*H$3*fU4YrztM^N*?i_;&~C2x
zb=zHN%P-FsORqJNvwRRCvMb~*1hwaML^Pj(h`t*aKO#9h1e@MJnVT#G2jtH6CN!92
zq042WYM!%(=QZP1R<fom1yiLg+N|MaKEhg<`>1R_0hJ|X0~$<;Ja&;jAFAek9k{^H
zNH?u)HOgnF&Tk#2|NH0*?9sNH8`&<kHvyZnVLF75qjQ0fgq<}H%)|*KU9#vwf7kuF
zDW*bXrJvm{kPdONi6CeiU>4X)k)u^#_|w(jeu5#=`UWlt(>MkHC54VKjcNEVxw0&Q
zkCoS~X;h)Tg|=m)?oy_zvMeiJRBb+@mOlQQPr!dk*??L;oBfWI__&xqxW)^U1GH|z
zu*3fGziu~w&}#K%_L9orkyj5Y#p#f3J`J)ZR~AJhrAQmbwcRnEv<+*3BC*a}Udd8c
zbuy9x@FClL0%S|d29)C29dD$>RR=)@#19zDGaJjpae8k#@(D#a1$ZNcj!=YYjCSP8
zvPrtK%}WMB1>-ubU_yr#tkqFPu7e7QDZ+~2gI)Oqu#1!pC_+eN*R^m=U{78NgHatN
z*m4d4fdS=G76vnM@TD0gel$4T|6_hIM)(udQ~nYEqCfIq;(ql9j2Fyjp-4c?PtPDC
z8p?3a;iZYv;YMsOK{3(8$%*uQe=_xSe}ux9d;Oa>RK`NSyPzqYj?m@Py1&SkUFggp
z6k%KkBdh_MN2OztOot*6iG)qT2hj2f02(P9Fa=5^9Dz_$U+%!?ivEv_g(K}aZQ$6H
z%dK{+&cxle(SObU_WA7#q~l*h)n!!1zZ*V8D9b4j7%6mwvP|pyB3E`HDHCO(573T7
zxSA+dRap%TVo>@NRF=ZWo{9<B6Ddn83n>y*mcT;$tTtM6Zf?NIzQ_5$t-6ODb1lq(
zCWuVCxo~;&!)ijV6;cyYXk1N-X`Ni;%2GCMUDhcBhl_FTaxtM@E+(|c)oF(d{H?H>
z_()4J0cjy+18Q>Gpm|aZ=mi{mjU|>Fl*FI))oVopH1h0zfMLKx!xm=S_Kc^L6?Lp!
zYE2|L$QueO)9DyYF%5$uSC&bW$QDO)<}jKw#nGIK=^aPLs+4KfhG`26AA>0-U@)X?
zK$)J+Nk>Y&Uw-v!a#zb4=z`Xyuh6^BTq(GrcJSP`vtNYCsZnZj3Oqmx9ib)@;DLAJ
z;{T+M74iW&Z&cPKf~93wG2Ya$t2K&24N}|1nW)k*B3Sq+L@@z{AY}vENQu}J@E9Z_
zu<YJ>cmu<QA%SJGwqibqDj}<%uCnwZ+Et?K?a||Ef>f8=7>QIBc_%^5JskrmreOf&
z%ChBHt;QM&)2StFa7v$>bs~7y>N8WQ5tZ^WfMNm$K*|PGDzF@(K$OJm?LwMaE-d=2
zpsq}sv9@#&MqVqZ0;ebPi)o4cG4a!b+`TQ$`+<qotpC$yDgXGp^fg{W|ChLk{)_(L
z#ov3XB#nG=QdU*M%a|2$sr|h~N+x1eu!I+R)wVpZRJaJU@G*d50tP_J1~mBDomr%W
zufeaN`rb4mz#yyn!GeG{fr|xI`1FK(F(KjpZd^R1!uY$(m5zvdn+FoD-tYC7siUOj
z+NvZ2z+$^m%#k*cXEgN^(lW{FrqUi`5~qx}P0MN}fZs+HUBxq%k5md2e(t}RkozZP
z1L}B8?-!w$l<1ybn&NY@-t^2-VE^!WtE1EP@;+MWGg>e5L)2Lj0YK}80js`=hjY`w
z0-Q|x7wz)fVy-;~)dCT*0Gg&-Xvd$eVAz|oVp1&5{RR}I;{v{=*<ug1n%x7MWrG~_
z8va{+6}Gm>-A{k6U5J^Ef3Ri&Y-<Cq0<uKiFI#8=zktWmF3jx~!YP>c1S{AX$%wAC
zTWNzU^SGAMdG8)KYo&jGCxAHFzY)K|jdDy*flElCBTRY%T=H&QeB7k%i@zLd1(_wC
zW?0~_)|3TP&&<m-g>q&F!Jl@C+MHE7{KM$4(ZL_Yeqjstftq3hP(#WFEcn?#4JqLp
z?w^%fnS{Y$3)&*rht%m!;F3WdJRPYirnN|oi648c4E1`$>A~)A?>DShatoy8lp>O&
zk8Fa0)mm8@&&!lmY16Te=LK)#w$6CCE2{8;qGAG2M9Kyf@!3O<XbEUFw24la$Fk&k
zLkp(2MQ<?5yT?M|Mn%Bs(ynJ%dk+<&u=VaP;|3)m9_h|}zemwl?azR4A5Iyy5=i4`
zhBKQQpq1Y6qcgGas9qg`KK!LK1Hq{r$SGJ3DRhLfOv7@>m9xB-I?hzAY}*2u{8Cm6
zm<=!LxKxc$Srx`|3LncUCSW<FY(QI|J$#9jaN8yv)>tYlqFb2NWpqK9dK;5Hg|e7i
z1^Rj(^;)|Y58AQmx31dE%{_pk3858TZcx-+7kvnQP0A5C1@<9@j?k-Vun)O1bht}d
zwg3uNFi=u3k>w>za$bw3PV%g+f_hc@uunMw_910yy$UUNSg%NltNZ9}1kti>hWJ5z
z6R<1I?$r-}GR`iJ9>xCY-kYB-`d_t(BLQ44HtIXNts;8$pToXsn)TWxG{b9c>mL@<
zBRWSGQ!(4@Xj6?BeIBWc+l$ED$rruQ#kHD?hqEM(;}?<XXV-s`^O@eGFMd*+E4c94
z4{)OD1NC;f)Gj-mqd&X=e;siC9(tkl{XgI~3`_m=Qt!I@zV+@Z=5jk1?hzZ&o7v(B
zM?h3z>jYYSEAWi)m*EkyrC$HyUfn}EyFol4qir7El(}6*e}x}}gd*cPlqauNN_#uI
z&*8P<b*lA!4~yu%9X_v*m<<@Pp~TU@Sg!HC>vO|2-VZl_@ll^i>bq1c*RYQ@)7a~!
z|LY2*wY`{AuidUOojx3L7t!DB2VgBvDe&Ha@IXJo#=L#pE0$}m+cwnoE(7tzgF_2-
zyn&>V8wG{c|JWK@TrXi7owe$#e!X93>!mGPcrnyp-0B@`+n`T`r624DW10SPSdB@&
z!g|G4h9;1OCeo2s5Zb&*q4CYDoCZdcE7x6Bx3X*)r0yBdbU-1}vSU?KE7v_7-n@J;
zvYY@$lCpu#ixR=n7;m;sZxi>gwLWaFmrEjRPhJP*+9fchMPIgS$h#Ypb)?95%X{r_
z-Kw|7#=Y<tC@?mL$)mHQw^yrkB*sAX`>SgHd)WYkH(1UadmS{j_0}Z^keGR`Hn6ma
z(wIkQAC`a$0G-E+$Qtga<tI3umr%@jrv!L+m{~&>4UknWaRieO9@OH~QP6T43QDf*
zfB*)$R_)sHl2t`q>Ht|v$hAVMHLS%x3R+G;K}p$w76+E|RQDVd=;o^=RG7Mmufm^~
z+YPE1(4uT?7nRspEx~gEet8l7IK#ROP}c2AYo2o%&xe0SpVrIo59fG<wypli8n5jp
ziEHiFce{V}G>)UQkAHq)Xm0c&2n)gmAj^3#=H}?v$FMnQ+pofKw%{oVr;e!rH$%Ym
z2b#HUPQJy7!^rod&vMME!FfaJ{3(zwDRhL+PwV(1S9Z_=gM=>QbyKk_Nn)0^O<O3@
zK|VLE^FG#EPQY48*?`UmmLn8=6j?POKPolSFMzu-2c{xyXNMh;P>55IQc~y$g_wqv
zk}H=gOJt$rkfM?u<Ao?#C6a{Iyv~cZsLNJ{yQNAWDJ>@;rKD^?A)bwt(u-huE>hz{
z=Gr-l=z~Mk3C0lMmhMW0kjLt5cA?MRt0+&h=%?9B$KR`Wo0ZT(O7tny`&aU1_R{QN
zLncK>8iA@c@-~Cobvg)JPUDv(R~D&i)3Qlfi(_%RM6fE&Q`WR?tBOkSsthNcOCQB7
zC!m<5Y(Tr7jba8C*(>DeE!%i>b922{&gi(t^(JJ7AMA%JgtD9hcalO!D9g0|B68(c
z!32b)VKRdf$0Qc4DNDuDLh&{iS)*jQXruHo#&QD2NXiD3<#ddZ6oo+<15u>JT4)`c
z__d6diAdfpdmzG_nIr>jQ^1=Cv@9z_LMM#>CGVhZsn@&KW|vCVFGH+s2_+Q7*#Kby
z2^F{`k>Mq8JE(T2LvrP`4kmJC$rTJCYFLs%Ubk&>nA%mcx`=TIQQPGsdz251l@ow5
zQZ}G=WIxi)=a9;g=om~m0MSR&-ERCH%QU^sOi=sz)5putUq0gLwpP1Hc5|nl``bI{
zlE+R=?PU{sbPB9S3LT+G(;A@2m1U|rnYSe?l9od!T*~S=Zdk)hk=2=qc^od0D1BV3
zoPcYQvH?9hhV75gr4i9#>-xR9@91u6_7yi#<EPIzdb5$*=@x6EqK8}~s3WJNN#!&&
ziCnqO(wdib#hN6k7_YQvByz!7Ayt!e&htct#{`x>np93elStWsjyxMpq9hJeY?#Rz
zEc$AztC0s!$MMc7+HE}w>b21|`u%=|2~15xMp~_LP?Pgbtl&7?+r9MXfeF=Qhy804
z#7pF32X*gs#HpNyIFT#YX`8_a7naFVpL3~p$m>$%EKg+K#9V3bJe;(xe8j1mfH;w|
zwC<521G%!7y&YHv4r?X7ydel~w(YGljR2;64x9fCcd_FT1_I&UIAD(b!N5|;Bn<rC
z+Dn5mcSz~j`E1Sl!$`dWmjn1^_|qD6o5(-W&mT}iQfOQWt7*sqxpL04s#LjTs!dYH
z3)!+NO9kulChcTV*VPEMMdc$0)db{#lnp51F_Wl_`VpE(LJ!}eCD)KlU>4p~W$YiI
zrmAB%<{dw1h^l6!-kg%FCxwpCn`yava^);nnLbu)2Kg$+Wl^%Gs3hwOQKTYCAYB#K
z8$VZHO~}=gvH`sbiHyy}3kWYZ>*d^TPKMK@9mX%~i{da?pg&s)<HY;bKz`;M;>8(`
zT%@$<l<YStbc7a7%YKt9yM!i#yp%oy%Z630cEpM<5lNb-kd_K-k)QppCS<=!*?<;3
zJNr#a7;Z3=+(ddl%y?g|u)h9gCDy<0PBqjXwPV#m7-nMt8^GlOMbRGH)@)O2ILYP@
zlpdXuG$)0Q(4%Qdb8=;ux@3^DVvw|ALS_w<Ni0-ZD#%!c^~g_}R}+%vq-;Qso}DzO
z7ct(@Ff?vYgK+n0RX1DAOl7ThgT9LOY`N`Cik(uDQ*z&=&=E>9E%!~X>{6Bt5=<~#
zsbB&o#20Oo=Uq}lekrUZe(t-PkozWO14<GS37uAy+$VkL+=<??cilWJ#0uNd?(b*7
zqX-o}XE(2Yet{<$RJQ^hm#G*O(F#aQ+!e6m5b$VdS6Eu?c>l6j!*~-s9VtyaC2>v)
z9ieH{`h>>Bk1goN!fnO8vJ<_J&1Vo(6SdsrGrRmKgX9;?mu*>HBrRsY@;GiF_Z8N0
zKV@G{NZFIJ0Uf7A_L%AjJ*Q-$QD*4V1y!CcHfp`zt~OX}_V;CjJatNc3<}-gQy4{B
z3bAH}rGIeBI(=`k=51g@(LW>GoKI9IP|cabYFcPncQk}<N)H=`NkIz<^cRsfaY|O7
z6gt8trZw7(iT?|2f_i3`>t&Ga)BAo|GtndotEwiIx!{oN3)_T`CsY&g1X4C&6O>4h
z(1n!x>~o<(mABS+LhnvN0Z5@E^llmoK(6evxD3*5`rGFz6PYYokyb@kiX5_S;cwqZ
z0jdco04W>z_9>C@w@(59kbeE;J$iesIm#C>ifWEO!yb1J36HgcL0iTrB$VTn^gk(d
zgmO$9-7_ZsFWi)<XLbo*1_?OEOO-RB+JvQrY~w5ykbeuSr4Kw*6MzR&HlUUvO0x0k
zdZhRsQzM+j%+}kZs@l10h@xXneWL)z%zx)9?iYBNBE-Ioc>Fs;cTa&2NTDNiciO0)
zG4X$)?o!X}^1=*~fG~KzVxrXl!n!pmTPsAkX0i5xi+TcZLCVs)ONs=y)WAZEjnKba
z+aq<cS3M3+q;2_zeYb_l4x0xzAriW|7wQ50OV@)%Ve;hqA*CgS#+A07HY;aL{FzE?
zJFQ{7g<f+l`ptSPA^SyWF8SatGtD6JsCQjxdKIZ+SQ7^&aa|G)k7^(7s3)Kur0i#H
zl)`Yo6ABzyl~7(1<uGZ-)YXX~#D=5;b$wCmef6uD&F#%#<N~7<cKup}b3iWlMsM$g
zrk)OP)YAYCa%G-$LL{nXP1(f|HMFdfjbL2xI?h$zG*!3`xAp;!dIG>f%8skbvzggQ
z39BmEvsC5s+Zu)}k1EV5Xa*^Cgvv}qGsu<8w$6*Ltyx(C$yLR3RyTFWWSsH1F4MM3
z;;_p2XhuB&%^+pRRp!~C1}X6lszSg|yYhA8fAo>p0|<um&JbpYO~sZT8HI5=MyLz5
zU|@ea9kQsWK^El7oVPOX(uN7`?lZ2PekO#fSRKo(OJywhNS%M}Ll*S}$bys|R~Ab0
z>Q$)NkraE4`^K$7(}BXK6$|;GLkh7lU9z^?128g}?*JfaioHim9Qt{Sum<ctH#lGl
z7<*=>-FWfC#^&eDz-fb~>8KZ4sLa%fp;!_M!j1fF(W>uI8UhYVAKj|u?OLqvX3{N2
zXy_@32`O}hj!r{N$dz>{T4u36{^G7n7;nlF+@*$TH>xY!HdkpKu8ymH#H5~pn2@sL
zI!Z~7=qM%jWf?(p`Q2JaqrX}5Gpim0>^A79G97r3gEp#U8=AJO*65jSmV*%Bsr1rF
ze*W?1OLX<=tr1;q`#WC}F9jbya0Nm;PeEBop(C_&T6+SyawhA7S5?Y{lG>SXIcIfO
z0AZ=#S5?<EZ8H*v`dCLj0qY=T$F-A^{IV8ZH<RzN-Yt|&A+PZBfbH39MfPH5JU3Pb
zm@!ny=RhgTDewa+bcC`@YbqdDu5zVntud_2GpT(uecU!GPnaqc7a}XWj)%eD+6MvZ
z2_OI|JFYC0<ng1l$x9d^%uIY%Q0Ionq|u*O%UdWJ(7wJsR^P&2b`cqBy;&diSnX>l
z^R#jy39h~vZh2nCfysLSAdD5~hUaJvrI-5j{qG*ovDuv5wWvD}czvg%5%n}Qf?T<5
zR1&9U#qv_>6IB!mtCY%ERp&xAoszj2NkI5$L_GnGAZ5qZ@R-(wP}L=Qfgxh}@%u)t
z!3q2VQKu=*g-qLQv4v_CJam;Q(S(X!n62Wm9%6~Xfu(;6EdBFPkSCYxHF6-Ww7)2z
zwR9PE3h)tJcMjcNW_&iVOxl{y7Ghy{g+IewZD7e+LzHu?R|3Qst0LN2zgqVC!EB?L
zwj703Tj%JjT8^1J{a_4uUtGm0q2H$iD)qE}3UcK}l&#Q8&gxokuDnh-j56gcZ|l00
zO;#sa7}ltLSfic*Yml<z`b|lWx89JV;5FVseF5mpIq2>j-tar*`C#30Zicg4Ht=B}
zH8rN{r@&HX&%Oq|{Lw74c99Q~E}4OnS_OBjij|+a5z*YxkGQ*mEnT^fw-CE8(XD-a
z+x?LEVaQ@4B=iuu_C<5iANrli=+H~R4;RrZ9I`YRfcfZo)Nf4;XTrYo2sx74a};jZ
z%ax%y+bj3?eDl_=?Cujdmu9xi(k#)tzLeE)*xA7Dd{1)sgxWSiK);VWz02$fuh5W<
z>{<T;ZhE)MMfA4wejMJbWtRm%A6^6SOrg`iv76o+OE~rSw%Fja!6UC!OWhhaxzCrq
zaxZ?XH_W;F0cm7#u)^-9?d=h}%ju9;J*{JgTsbd9n&wr(I$p<&7d&C2ZCj>9rCqpE
zwkkYHmd76O1V5a*yU?;@y9+HDY!Icz^v<HKdxIy|t(YwkzqcurPR!<7r_Wv9<h=_J
z!7~F>f&kL#57aNIP5}kj11iY3r8S99Vg^b>r#yZNJ=THk$R%X@?F!FuueRAd3ObAS
zX+TkzTgM@z?Gz@JuhpKpTB0R=x?*9MMcxdj8qk`Vnydv>Ohcc>tQYXe=h1xjEBd+G
zt=-)HW2=vLv{fLevEyjKNA+vB#2~$!Q_{~iTVaTGT7Sne%mQkKTcBECi+BT-|6q^O
zxHHH+ZFr}8Wj=il>;Hh1Q6?d!_GjpvM>}47yB8u)6zrgev(EqWR(oIGVOyuay-{07
z(bH|6UKxl7nzWHD;V`~X6beRIR;;Z>CR&*$RhSru$BA$2r$cqL?6|Fyk}t1bokyeo
zL}+QJ8c@Ww(+5Wo2tn1}=?S{H0592`Es!$>AyZ5N%DkMLB$5J`*Qy$&EhnROC^|)3
zNVG01nz+bvCL0bD{_>KELdW=7%7s*wlu0^rGNit?oQ~Gfvg6wFT(pjsc#C_1+ZSN>
z@xE2qAAntWK38+%3qBcJL(wT;Ftu`0N&ST;C5zJ{hpBuG6TA=%iaWcq%aSq;Hp}uj
z^S|KJu{BzD{0pWegQ;j*4B(QXj@U0dv6X%L*qQ6|d?5}0v^hlk!5g^3(qy*xpXf}?
zzln!lJMb@#h(hRlGgA@#3*a!xdB3#0ZqX0JN<Umg<fCXmWxjmy<|WXN1*f)k&!ItT
z*93FG0~wrVo4S9_S$Q&+h@w-BgIYPSL@m>@X0_xg<4serx{W0(@;on6UNl*l{*%Yt
zH;&V>L|S&-I8MS6X)#Kp2>pMotHy;|9pm{@cW~GQFr34iveBt9x3Tx1eX(=xHEs+s
z=xp(IIsd9pYSO`jJee6#p&ehn%HS4ae*%Pp`ZvaHl=k|V$z7X(6A2*O9p#Yz-4Ib2
zN=J8!-2C}xZDTz$77Y=wHK!2^IvMFi(J2;0t(+H`;H@mRqgg@&Ay`nF3f3ldTqlJn
z3Lc#9#N*tzpwp2~T6Wxmo=cBLOMvn0+l(1VV}qjBC?ghb*y!qUsA-Msjs8ZFT&;OH
z>Np`$*Soz-KC!BPc0ZeowbR=X)AkG_WEHz?(eMbn%*_(-(RLI)HnIIHotw69h<I(8
zl;J$Z46!k)#|yX!d7+FkHfk@?1h!{WOsn<mUaSX69ZU|rOGv)n-@|ch%oXt$pu=|G
z=e>CF1{KY~mf_39?&FnOchDRFRIYCqe&E|nwSd0Sa||8qzM<L~q|JAG$D>DbOG+;V
zsdcDPZbpGA+ny~zfuO0-EiVr?!M_bC%MshiBuJWGx#~pQskCHe3oWKq*04&*jOA$~
zMBS8m8IK&qg};rQ4oTCp<J-t6aUPyKpO$)ec(7Ox=B`M<hrZ;YeFpdyk#__9MX+6|
z)&@ER)d3$6H4E8~F@K6=^u#u_BNoC~Xh_){pJ=CV9?$n7IkbckF+<iD&&+-X0}13q
zbcSPE^zS}@GQ4b`zkGagj^h*H<I8XGH*J9U*a#-s&+Ff*PMg8T=7=6U6m|;D56HoM
z@Cki?K<*GU2cC6ild{aZ(b;x^w!aqN@IJ6t@?M)Zyi3PMj!wKg30@p#M!^<J?{4)1
zz$$k3lUhcfRl8lZFb&OW)C=HiJ^cN^8(wV}h$eS-<PPe^fh?TemGs3ny9o;C(e?Ga
z{`~Q4TY>h@l-;Q9uI+N}ppdG)Fd+lDY`DL}=mQuZ=N=WK5%~Ugi8p;6y=`qCqF(_4
z#AbZ`>o1_6`Ypk2vNaT-?MtElnz<N;j~?@d{exce9{)(~e<xR2py-tSkDO^%3sJ>&
z%34_|m>k@)s%c7=HEAJoQNVzn@cvi&``_tR7PRd6{ufwvZ|@`aI#PTsR?)Tk`f+9O
zY)kthEo+R>p11xjr1MO+ciA3-eSZq9a5bL~KvJ}9{;rSX{;{g>*?|vdX~pel4$*pa
zZ#|yq56-VxE7;+7C%rRPG!MLa`-vg3kJCq%b4rm<uG2u#)B99L#h=-y0?*Fme7S8I
zd=H1aQ|QOdafDT(SjNG6x-@4H)<fU2(q<&2_8-F5Q~B0&dT|IXJ8nJCoySH?Tq~HI
zd9HWGuWG(r8T}oG-#J!7&@BjB0afvE7O<mTk_VN5;j|%CQd7!-I=?a<`jl#(Tw;Nu
zQ&e+u&#IePX~)o-kjQxHORDLQe&8g}aSj&CGnkK6#}yMQtyoiWnPpAUlvS{~fycG4
zoTpcI(6Zyo`CP(GTH+;)Ny3tJD31FLycz9GeM7fLdmiFfqm9jWHiycgy)CkrYv8QE
zh=zKnw|iY}X3*>_sHTJP(i9Hu@}PvKo($Kc=oC$z+@b0;bvN1a?xE415;MuN%>(;3
zTWD9mXNDb%(p~BmR88HfTymDg94m!mR*NcSsmyrE+c+L!+T@8}H;_!I8z5yzb(fU<
zQJ>KwkRc@nafI-4am%0!SRdJ6m(pe?epPzgl}H_BXvN?+xcv%gP;vaVj&JnWGk>s@
z)bHIl8@;t(Tl8+$tSJs*`o;pK#kA14nkUncYI5bKNwZv*G0Rm_>YcIZSfkpGiAr!;
zNuVSP@|E+%N2-$vNHr-tu3gV<Dy1df@6+L1O}Sk#!)U1YKppU!GZ_knP3Fgtm79QB
z2fObNQ0ilGvArS!JP;(=>*6B2WYpv9VuT2~eF4SIW)TzHc0#%_n99|h4$&Z?wkI%n
z(n3e5?KH@oTse=koMRO-FBLF&7OYAu!OEo5`=L}x5$0axi4U146CiU^_R}s0NT}_z
zA#+mV6@={fk>0Oho6}$a=0LF@lqE&4u0If(aY7#}Ep&utOvBpAl{1y)c_uiMRS7ex
z3eH5M)gx^SndDubq;<ITCh@WMWCGSs%8qYn&+TKSCEg%Y!%#YhXWN4-sa^MG;?Oxv
zFq>KE9k-*w(K(OI0Mc`q)~TB1^4EcZ|L`Oa`c~d8zY$t=Iw+k?1EtB8^Q^8^q0hlK
z&GfO@0tFKcrYvNdv}G;orU-I!^27(FlL??SDLbx3lw^o3gqC`ZWr4s10y9`mxiqAD
z_q*rqq*?u`IYhqEnVn>6xc1Kx`gJ|8IQQA0t>=hr4U@|EF8LcYT~o?-LbEC@bcDW5
zgK)`}i<t9DyY;N&Y0G$7DOOi9W~C^zCQStwBiWP0hj5b#5H2Y@u5ZtVa7l^lCE$lc
z3F-e8eOCLtG!`N8CxH*i0k4dnLPp*M)(&dU>8M>Y4YeazR;7S3jDlq`@EMgdV@+C@
zEJ?IyU!)SI4uv(xN9~dcs2wRgt~r5K3C*D-@VwhEM}dtBPe2yxd#5iMREX1IjAR;&
zL9SfZO<q^6Vx7!^CMcDx;j(3E(!^yIXGNC>n?-rz!x+f~7=x4@R|raSG+#i%3vFvl
zj;^kw>*c)wpulvR1K59W>fF6~2#$~eJnH#U1}I?YMT44iI&P3m>hGjiE*jo+ZPqe~
zt{}3KtkVC>ln$>F9bG|i71kU-g`Z4F;ghoCn)B=wJ}H6p1?Jp|Zj_yhaQ&IkffGn2
zX`v%@U{Vhxy|N3QS=Isbat@>}sp2eES&<}C=2bJ|`1+ahWJ0E#lpWWBXJ^VuiPvAQ
zhOCQxh(6851H?dt4xB*FNDCdI1Cu({=#_b<^0d>2pQddMvz_!l&?J(zd77x4i&V!y
zK^;i_jB`36<4nqq>Og4K!#Y4pJf?#3n4nC-k84?ju2EAD1es`@$kgdjc?|?A-7p^m
zP8?frLl7p?w?fhd&?4h%luk=6lPk9>tA&geD`i^g7+Th>&WoItX`D7)$Mb>*sjGSF
zr<T(Rsbx}jT#cTcTBg_9dL%ak5#7=##!&fi_FuP~KP1r$h=)I|mxsQxH-SY$I}Isx
zgo;c{<B}`KZJlwEalOB!1=IUZ$(pu^S)ODfD|lVUMc7wO{WNYmA&pDQj;jbI8Ls^&
z#fI$$8(!IG++3o+0=FDd#7|!8y%+TucDmm0m&Zw}Jwg&t3<I!*XupbuYgaWDy34P#
zUduzp%x(zl4%!`hziokzA(S0@Q{Wo6^JQ~*+H~O7LyCNQ);XP)btYGCM4MH>9gt^I
z0ynE-Ra*%rM3d!Z!g(!5_Buc7oKDC(ld|KAd|HPWDR!;zaXo9ct_2vYRzMfvq$D(%
zy4DSF9K2fg_sf1L({vi<WfWb|W+=CxYCoZbCk&FJg^p0dX-R8x<toXuwyHZ;)h#Gt
zld-x{DQgmumR;G@D$IDtQ$J~)PDomlvg1nl+<8*8#H+g{@JX1e72H(k(Kj`pGbD9V
zt(i*QZ_u;9U$$ya?XSnI;D%B87sV9#u9q2yif+Xms?F_(HZU``n|(jm5oX_GBK#$k
zQo_u=jhHL!w#S0Y&3d`GCG?lNzks`VdI~(9mI5bNt~<SfR=i?quC(?hJZ6o|QkIr^
zr3$6MmkevKp8`)Oq`*npaqSJPdT#fx>z9NcQ?i!5_{PQ#reD6rZUHC_Aas^YZ|n0J
z&gesA4z3Yl;NY<BsTTv68g9VXFCF<s?;;xZ_^x)u6^|}<5nU61Ie)T>y)$K}=h_>G
z;a+or7Iwae6rKCVcWwtO3@*#fyDR-5UzX9Gny>WLo)&soZVtbLch)1u1(BU=etLSF
zHkuRg)od+u3BH4?Pj5}3hdzps?%?Umc<Bm|us=czm{wrKIK+DW03QUYEi{N7{L0p|
z`J9-)6wrdu$#y!(kxm0S$dv^z6>k&8nx?FEoY2**>8g?ywMybFZOXJ8i4%N~Bb@+p
zkh0@@!)R;L-X;;GLZmNdH;b!*l*U|zI@zepJXZ02o+?uz+L$Xtq_Fev#7<kWM(L}V
z_ohp5$CKj(q1p*9WeN{K(S?~gW~u1BE;{h=_HpJ%ar2I*U2j(NIsVaK2U#Iu*eH-k
zY?NUM+O_`JZHzLbQ=lPI=m;~KG{$UH{P>zyOZCR|E1pT_n0a@Vt(%9H{uE)%<VZ6e
z*UMTaEXgvMo7<I4@Frm*Z`!!%x<u3?2fYtar4s-uQg+;!gMBtZ%cUf3y;!9GJ6pD+
zmP=g*8~ebUbsc)PFUwkk`4f^sX)96R^}E5t*w*yyTJ_*_=S~PNg@%g516S@2orSv@
zMnjj~T3LH*9(D{q!m;)4y3ZVk)<%i@$4lceIJEzX;a2=L*9v@SM{k9@kbM%f=iH0$
z`s}^;K4<P7>m?Vh!Tey5&F0Pu%oZr{crn+Mynt%D?Lls#H-RrDxKEr81g6s(h{nW^
zZ6Gqf-)>jX-wZRvebm-KJ+dfNlVx4O;yBkaKwGD*POE~IMV=RB+7?MV62bZiWI6$X
zBxT39hQO*vAMf<EJ#hRW&a|AzXiBT4R#Y}yFzm*(#s>%7qhp-dO2!u}wPineRs^<}
z#gBezkK3ogf<4DAdFEhR!x?>Rx(A&T08ae&-VCIA083p9Dh+w|`RD!x`Ua%qfEBTi
zJcqr^<%Lhq`_wgoE@o`eb%`W|d<^%A$wT2LN_ya@;KHQP5nIBv#;q~&<6Q?+p~WOt
zCNtB<g*<HxzGt@9Z<^X2sHbmvRwtFHm}~)1svGT?6xwkpWmBa*=S8AMb_XAuPA6c~
zr0mDgw4fgYf;U&6LOIqjU+ycl!2T?l9dh+)XzTBzv#VD(H!ra1+-(LJtQtenhxt8v
z@*pJiS-4`RXw!}Lg=$We(l)IxWUr$SPPSPxg>Ar=Kmad>LvhpqDA*c3Jg2t{b7$BW
z-kTn=?E>}q>1wX6-Ln3g)NZd`1Z?l`V6zazp+8$JmR~LB$=__`d>G2`hz17`WM&Il
zn<cPwDMK7Ectv<O;QT^5Zg=~Xsh<M>lR`(B`n1lsG4YV8>n&M3N{ibkfr7DfiTcQT
zv0{TRUjE7SW&aU6TJH6?(2{oYA@Evwk;bjmp}(rR-UFnnSfxV^)@7<td0RGZ6`Y96
zGru+=n^2oT%8u;;q+oatAjOQ$3>i5WXKVcho%K2B^jY>!A9UYQ%l~S+5-;#m*TbiV
z)Pc6I*K2XFa4hM}vTv&ev+ecEwFH)r^{zpFH+tNx2{qk4kUyJL+>pP6_0;0)Y`t9I
zZ4u@~K5xjJNTG3a$|g;X92IxwbgNIlZG%>XU)&{F$&PB^usM*Ar8PcRb=|Te<vNxY
zonm#;)=VX(Xk}i-<wz`@`85{g%^zb9C)Zezk|Xv&iMc>pJn@Sy*~$<r>NBR@8p37|
z$KIgdiL#bQ1`bEKLbn!<?c`oTMIc_~^Oui*pqAP^tZdF~wvh8JoM$FerEfv4*UPnb
ziq%}9wVJ^YX6TY_qqu(g{wA7>2l&m}Ild9T7k#~fT%9nWQ;I}Lp(6}vT9F7T*Cu6G
zbXm=SCY|w0=%6r5I+iQZW~xzHCc+KSnO`K5O(+r}Wyf_quxdCIBqhHn%P-#Srr+%J
zPHQ1%H}ETa7&=iOP;m#nbxcU+crXJHdOM~X@<YyFLj+?Z7D~rRfQ5A6Zti%Ds2%*2
z;to=1L;*hpL?v%3l_aIso48@TZCWN&9<#EMc_*}T)#1sxJoBqFvI*50r0lo`k);uP
z@BxyU8GSl88^z6E-VvHbUD3JGI|_FsEfec@$d@;2^G&J6BmPdq^=a{|A2!(N{6rK0
zG0aaqsvpwIr+osz$D=#=JT{E&eEQwZ47kGrDfkZE$X>6tA?O{riOl#9Gs*<w63h9s
z!~7Zt$t?u-kKiWUDd6ANw~4I#`kf*k3m6{~0Y@Kk5(c<7Z>~OEMK^{3%WGRQ6Q_U^
z?!JN9WrlVwx`C0QpRL*I8$y~Fu)}4ul*^TcG0i=1?q=(jtpt#Cfh+zEvJ@R249diC
z9&(AN24$Gf9zsfs9C0p8D0g``E`C&;ViJ{xUWYjtmF-|uwqx&bn;LVQDUqfi-$+yB
z2~RW0syt5_PuqrxoaZc;O&-fw|FRs}ZTvEvY(g0hDLcN~P?94)8F{mJYGJL)cHul7
zs|&e!c{fwq<ev1E8aMzMdlBP@Ni?<wVAuj4TY#Zk>4zZ`h!fghnmyq+Q^XA^R9w+q
z5$VPTJkfC~v}pbNl%}h>kjmq2!d>S%w_(^vw+qnGJ&shkGxS6O%7n9=vgA|xUrC`O
zY<WWQ&%1H)XXP9`!X5qPF<)Jn-W4(Z;Brg7$xJ*i2|>OmA=0>NrC?>nJH`uHusTjS
zld?`~nQN1m;RcD!FICDWlq!+3;}%YimIV*u$L}kx?)_&V)V7|*FP{!EN4ySP=|;hX
z*S%|j^)AeeoZi&UEf)-1#CtUi+j6YHSofyCDDWR1?7s1oI&<I-znb?;oJ0pBlIO^W
zg6Frss@Zw=A8Ob~dbPp$OW&$~#(&`*5++Q&zQAF8dWB9lp+e`~xOm8bjRh+6B_LJ%
zrS{HPpZ4tQYQaR$jAw_&>wiqY{@GW(HLnzAt_fqM-bo|kQpRz~k`Cr>Wl9H<LYr+7
zCmAoAD$erYR6m~iwL{s2+96VQ+*rvv9b1~M9sfW7LYODLs`IFS)p6lhEE2GTnXQ{E
z)q10K2|lBbM6Kv+1*Dw%<kS-VBffkf+H|FBt^Vl4YM9|-av7f;6F*@G)P0h?A*93+
zW-zV!nq0X}n=DT1oHYrwPl~Ezq9{|AR!!RQq^Lz1rqjy&+LmlWZ3`(ou56U#FCWy#
z29++>Bvg*BaZ&3h8|c#w)5U=c?b+!A+<I&3J5K67$B>7JvLIaAMPb)3A72U`xZZkj
zu%GORU=NN)19s}b<tSA?r4ED?IzpSLHH4EZ$9b0|u~y_XkF}o@Lwi;#64n$Y7dn_x
zZ4+kM%KUPSY(hB(DLbys#|`||UoxS~l)N3aw;d*xYwNgLt)ka3271VL47uh<Sj@R8
zrLy%#1LgZ}GRof7TzQt;OFvmsoy`np6WDn#BW?ycx0u{sPp?AArd1(~i9ah$kl3W*
ziWd#SZE;F%#X3@BIJleLtt9j5{4Y~m(bPRKeV$?U34@_L`pE@hNMz+gmgPy)m8<}g
zI$pE@)08c1JE_kJAfV+VFpXcikWHvuAZ5o5>DgWNq{Ii~m=DpgpMBdXdAC^3m$wfd
zgWc8=c6$SI_sf3~qj__MX+X*VsJjXH*{6f^*)(u|O#H+^`AKf;pA;xl@2N}+q4is_
zJdZ2w4#hCrE9b1vI<C);n8z|)vBQ0|o=-sQN!d}oCnb$LL~1`N2X&^e-fDN)rEZ-w
z^w?K9gB4y_Gk|<Ll*4L6*?<QQU*BA;cD1y4Nn7fo|7D#QxWr+5An%X12U29*9{4nL
zeN6lrNno?}cThxhkN9b?xA$Ie?2Rj55o>ujgGs*dgDZM}o<)#vs>q9^t9Z$>wt-QQ
z9q_BfG0R1p$*j?lg$TP;+z0IW1i+q@9k&Qd5{L!eB<S-9xta*upsoNI$sQyEyZ#RP
zfy~a6)T$}swkm(|NL*qvsJC5TXe`5Nv$&0*QfV#b!?!$eo&WNFNcId@#w0fQd@#uF
zSNOv)?bzjoK{;H>I>?%Gn@>V2sI=QnPhT$lOGjs&AK$<YVqzJH6yJVAVCm(xL966a
zYqmZGFJK*8Sffqn1##$+FFIi4CsqKwGot?+p&Ig$;xw;Ro5ieCFncoN9jnTwW_i`s
zkS?lJ9ENJRUs}K?lopV(<JL$?hM^i#?3K%lVvX~o%4t(xYN1Cr<Q$T#b7e|kupP_}
zva*BChsqb~b7+>cJ=5MbO#}McN863Qh2PA47q|xiB|+N0eX9Lc2{3-J0Qk+#CC4D$
z-@JQ_>!Pcd0LkdjUERF8iT+Qd|JP-UEwH*=dTrVu@>kVF*Ry^FqYg+Im3)N(<2s$X
zf={5XcsDNoFNa=I=88n0$~^T;Z8@Vok)K@id51Ce(yJ_vWuwi%EQ*HlxZ<oy(t^cp
zTXpcST8y}-eq9KkP!~eVj+;MO7ZNuA&|KylYcH6ya0MD3VlsUFSSK{}bq;;cZgvf}
zblE!7bN3HdIPuzj`jz=KTx%#|b(g{`;30bc<Sbq8S40>iHsu*_Ki&X)(#GI8(am;d
z3(<ek>uj`*ztwhf1EU*<7PMhS!q%T(GC_(QVe8XMCdR~1wRM3;2;m9ty-X|~+UA*#
zG0C`H@Hp*~gh{C#ah}SIiL@)2ETH(W5=~x)F;(tYP4Ed-6Qu08EruAk{d^-~ljIa>
z11#FHs!n6~PC7Uk&5TkSp9G(_zjNKtE<1_kO<?6F%f4TBdTz&8+}}gjm$zV~k4Au4
zu{G3p(f0~zhk6FAiWRoW%Om<8`mZ-a{)%N=#xXVpA#QvI{WwtGMHuY!Nl{3VBMf$0
zUBsC9zus{sj2IXGU3T@m^tJxK1Iz2*{#~%Yuk?T2jp%>kt?2)rb~CV8_S)Rg@3QOT
z_7$>LqZ6uVlw@g9CXClY-;OM5mhiZ#l&sn;4X0kYU#r0<)M}8j<NFF(VR0OWLCSw|
z#%{P9po@Dg7QMh@^Kz})B}|5hIs-!NXcUIlQo9#Hr}um*e;w>uZzNA)4A&WIFpc3O
z4$LsWp80#6f@vm)cPqHtODtI4yGh(%z;AJ`BDFm{zv_Y%IbwU5R&_BZKA}}>*seYQ
z-2HCM2`4O(Byo{N!d0EKqAW_r8(^xh1ZQ=fXL**jq8OR4%KbtNKA{kUlpVK3lEfwK
zZBt^dx_O5p;sI@|pTW+Y*9^+Pi(lbLUg<*;0%<%IS4u*qM)V}M8b%94r<W<nLOk+`
zv+i@FxK7e11;vlo-S-xpfjdt{Zr5uwWX<_3Pj7GEi!m)^SRzf7G>7j17#o&I)A0ED
zsC|GOBtY*2r<a}ZX~ZsL;{Q&+o_Z-sS7v2W)~r%x$GA!a6Im>o%0;11<1DVzFf%6i
zD`NPBiWpLM-0CUGT`kNzy&=97bD$hJ#K`tKaFO>gIQ^+P9%X}PuqC`WWC*siClUj!
z^!5|XH&~k<YG~hiVj_{XUwD|vJ&l85wQJtaO;Vb=;(TrsY7$PAi|FG5=x1Qg9k}od
zX=YIMrXtg@sbJ%G<Ca=^De}Ex&lk~OO;;T%;-gV|cV3qXR8`y73NxPGzx>&a``G>y
z-u(GzGJ#HgYk~dY^g<p!jnHLG{C`(@HTj-ISv6UkB`izIm~q~vtjXJw6?r1ky5mxI
z;T~`9mmTp5Wk;m!_?8i5fjMHgAbCSP;zI38>$i_tIBkmBunYr3>)@q#zV;LPO|28q
z@6+po__Vs9G4W^VH|Q-hFGv5HEtU(0@=SlS)2`G>DoqZc7CBE!p0K>iGRC`xGodma
zl(t>Tv!uvnHsbsG1wed40T3xWuF}sg03sz`s?K%*+L}1ylRothXM3}y4c@6G^w$7N
zZ`Ir~^I-8Y7JI?ib$x`~gA@7fPFak{ErlWCz=yK$D=Vz60L=LD1Ul+`cz#t8DRPAU
zOsgsy6MtS^oddd=bqClzv~Mlc-Z%J6`=MTq<fW9n%UGAhIpcW>qlt3G>L!cJCadyd
zq>w203yJaxg+!$6sQr+Vm>nKG$w1izc?DaG`VA(z163~cc!Oo^n-5apdQ5pf-0Hkd
z-?y~I5sn-aYF3~2wVm%Zw)HRkPCY}9JtTn-Op9Duo}ypg_vcSc@$s+BAjrYh+}$c+
zo8;@FZIcukx6ORo7!`8mN;^PBEi)FEN~^w-32V9z5-2Jy8|?~pDtvV0e#KBep<;-X
z9asHO#n9)MSFeuHed-d|%V?p$ocr1Lp{r6m|2v2QNyqk@D<A9GMf7K-R?%a1k5DOx
z5>un1o&f;<U@kjbN6T-Er}|5%<@0NDNRcDdasn&IyK(V<`;kGu8ri5gZyLqYxNdb6
zQODZb<0UK0il@9ylA;XLhU9*2Pd=fxhm;++n`e&*Cnf$iurgRT=&<|K55+hK9VF~a
z-Y$@c&BfoV_451d9{!4DYe*sml#VNMUp|EwgcLf$1g2HajERr;JnB&SatM_#hxf&X
z_r-=JEurMp!*^*KCvhCJHs<<ph(*CfSqs*dvXybt@U{w1JJ0<JmV8153n@FU<dkG^
zPBne6u1eGK4?guOT-M0Z124As4HT3>MH+NLwm2Wu<d?Ur7GZ7oD>nw<QBT^e^P?GL
zEHq&Dx1~EMu%-Xe%^ZI(XPdjVQYO`>7RUqj=+?C3HwV4K%PAy8h0Cm#NYDyA26qoV
zuu&nuiXjg%1$g?ExSDf2@d2AWSIck8(zvg;##6&)BR3@#Ry2ErR^$axvm(cv*5rj$
zhELg%Pg74d!}&eNhurbTNd4w+wMlM(;{}2^AZDO4_@p8Pj?>dCbMk4GIb-7g{^OK-
zHFZ&PRZ2KN>w@v5N?28=F^lVt^R&)+HiF*eetk|pp+1L{9p7mvNjp|J4C2xE>~@?T
zibtP`kvUtRq#bs>f#-(x1I+!TkZeC9d*QWF`A#r-hm@H;zn+E^Il|1Q4H+U=7D@+D
z4fJQ1(9xP!9jh9BUUHc?rOJ3&i7**J?pK546RJT-*>No<nLB_CU_^&0*`F;QL#hR0
zGgxT-_WC0F$>?&s#9|E?&SuE~4)FR6g&x82>*SpU^y~D3jC|Ul8gk{lO*@enlI4Yf
zprhifsyfBWw9L5VRnd&;mtW(MPpEMqWykf4o-K3CE=fr{4YSBxw}k1FSoG`SZKxx(
zMA1)TaR-Z@KTZEyswTJ+@&QmA*z=KoQsf8)n}+m{iT@jse)6R>Qe;gMD;9U1jzxr$
zOvpt03X(T%A`+QoU0C;hq(7g4^pmpVx=(UnygwpEMG22p#h8K@Bu9hV9yq?QUqU;x
ze_%f@f43I#hoNo<K6-BoU}oAtzRp^}=y$dFZ?rp)?!ho%%+}fH&0WiM(2_k2D5e_Y
zdb5DQPHV7b9o$d`cM1yzDRhL%O#{!z#Q&WpN4*r)@}jA;lGRD3boifCtd>Q}s;tgL
z6KAE$v#`neNO?X1DJNyeO^%X0u4tYVH<adv*?*U+J%BNyCKF!y(){HK3W3qBNeX-Z
z^<b+#5EOtJ--)mOuWcdgerXF~J*Nx~A%%{xo(a(Whrr5Rkr%4uIg4f2FdbhiR>g6}
z;#@o5B28qSji{)PeCHF8Z&G$#MNgaBL5e+M?6)-eX5vjdXoq9)H*Jl!eeu#A5I=st
zF@g)&otKLc%;rj}9Mh!!^k>yZZ^Q<UGqql=XT3XM&OX2S@f}qSMLtnbDNo0{^J#eZ
znE1bQOD8Eax}xH$k*v;J9hauLVojFTOqEsIHmZ&DIP66gKGI!GK)OlUQF|dJ$G3BO
z(d`2BA|7YIV<*@DbUg%a4DHR$wN2k1rf1Uo`p<J1EOkBWe|4wKMRc`^v@Td)^^Z4L
zh3)O{%cty1KI@%huWb~xMm?EAg<S1G+J5uyim)&8>FF4S6dAX!Vj3sMnD~UQ1ba|E
z&!osV5tntHbY;tmysluXT+C{oCHgSZzETnAZ6?C?goTfw7ZVV4Qg+;=$RQcWwE&Uw
zfD2j;cfmIvIKwa|q*=F`kMlmk>mSJ6p%5341WOfZMn39`Ttr&`?BC&UF!<%`a=wMJ
z1Xvu>An`F=*!>xeZO=8*(Y_hCW|N!<yBNo7|8tIGz!X5j5%*Uh>WZ$URC7CS!|Vp|
zH)p@SGkbUkND|^`JbXT9OjgXGQ`oQ#;xF~B<G$nG!>q?Nt-c$WzB_R8U_JJpfPs22
zOHb_q&o2)kMUL15rj-Ybi9Z(`z0><Q`+9E(cenSf?_2gYdEPca-AkFtRwyZ1*_NE~
zs;!uadCaPcCxy~SZe4}BISaoapqNk)K+2A910>nU<82^7&q-cnp#Jb((5LR?lMEbe
z3;wR)u#i3S!{JN5h;Ei%Ff?Qs255EHUI;r26!&;-hOTho(clDg46hG4zy404ZSTR>
z22tksd{Pfm<OuVdR+=y-{x7GA^O^>qQh1E_3X*RwPwJRgMae`NE5<t!vxava%T$rp
zX~m0ngh#jV>l%s)bq%EKxUC*Hv4uXeDf#Q6w#_n}+j#P^L7gEPhSzg@e!vxWzq>Jg
zhu{ytKq~>eYt+6~f&)JAt=}x+sKg9MKf9m7$aka%Qk(6{Be=5F*=A;tYdJdK9kDpD
zb_GlwU!Ob!oU1sn()1iVCN9EqpI-<-iX36N6AA%71XfOjOk1tuOx8^aJQxLQL{hOd
zYZ9SESrv6SUsCuudoclLCuLtP4~qO45ZRSC6T+_p!geB|LBlQQ^UX%AH%wa+=B`cH
zr?+}~5HET4Q0jsdIzm6DA=u=~b(*(HS4kEpUB<Z3dt}Wk9XN@mi$&6jwg~eX6h4Ao
zOhB+n*?@kG5*dK38#wVkv^i2&dTTZw=s*OQ#Gg6i{C>OGjw=8Ho?#z!ErK^U*SmzR
z8UH@e(CVN<Zg7}WzX4K<Ud~{8^ssx`p{E|^vVyz<Ix{XPg5r2g@%alv6~6oV&Gq%8
zo&DQP@4sf$wVC<!?#jWb9^wOtjHNdN2h3$j@M-5*()IT8qd!F(A|w3=H&Ew%U_x8q
z=!+rW;t%aSx0liz^~{t?`!9*ILF!8*IjBjABMfjF#80kVCasKP*)pEhFy0B^mYUZr
zh1pK3ka0GW&@Oz4znB2=ld=H=B>4-TZGhxR3K-dp%E7=q_C~Sn`{HK?ZQQO`%U-?k
za7oiQf>&XF7VYNGKks6SN6Lvwi%0X7j42E@INN|fq1{{^O4v@Bojvvtll=1Dq&Rja
z@FO!Cem=w^xX>=$aW-U3-ngpD>zVd}_4|Cl(e(O>K+Givoh`fRRoZ^Bni{J`6LPpT
z`MPP-IlXwHm^K}QT)D2wvdi*}rFoq&uBwJrS(PxQo&Bs+Z4xIVXO~|gP)w*0AZ2fq
z)L}2_(vyV+yB?OCZ3Aq=D=J0tI&hgE^*e>($^x5WA|08jIcmH&yWEr!f`)qQ0BNip
z%xudH%{Wl=JEG)@yp4dvd^$W|OoQjg#GgTtwF`9J3u5=T_Zw~L=DR0YWXWgmT9LGk
z_QqOS=Zv?!(qXFvP`;HS?h2U~Bl%??g)b(c@TBaBT2o?2ReS}cjW&NW+z)1w-b&n>
z-5=Ci|G(ZbF_nZ)49;8FJeav#SO+#=Zri;YSG{S&AN-+QXKyk4i*4{i+`JeDB^zlw
z&}&I_z>~Kh3=B>O+KXvD@MGd9p)T&l@7T_Fi5-K;JgG3>Ztj?n(y_X&mvh2us5iy+
z8IbTYXDX`|6b8g_J;~a-th1tMWIIwSS@?wk#e~8DQg*~@D6!+LhLV2kb|)PWe01u5
zqxE{fVb>6y0=w}-%pW#0*+;KH-3{e2{xkZdoeXfE&ZC!>fe-ShhLOd5?l1Z~-K;^_
z@x8v{uS}?5=X74%5bEaY{X5DxIi)Iq6gt9!CR7D{2&`P@v1k&}usDN`!8&hsXs!2g
zS=DJRn<OsV@IGGp(0e%ndM9PW8cB-<Rgn}ssEPyiHUm$)jlQXd(9GAf<$5+K7Eo&c
z^z+-@c;$dbk#`i*C{k!#qsnPW_?Y-VX-}^7o~+hVpLq=0tZt#`(~Yda^eJmy<gs6%
za@Y>Y_m!o&P<fi`FF51i&lF7LDrISs38~7aNz(AnT>5x<IRP&xWk>9Q6bst{CHC*L
z15zPFc5wOthw`7<?M*9k@k~YT-~|#&Ox<d&nw+<yWo1=BteHqwmziK))--XPb+R5|
z3@LrIx150XlCmR8eA-+GQp{0J&JHQ_BZc$_EWoFbE)Hnc7g+IRvzvs@p3>b-3LUX`
zPlHg$#Q&G>-E>2EU6h6DSgaKsS}$5Anl#ZHc%H{x#<EJoH0q@foR$-SQ&M(B?Z@UB
z1V-JGvN+U0>#<|G0d+?<a=jNf`q6tBB!a=rxo;mIUPYJDpVhii`b)pO`Sjt(pFT!s
zJ$?e^S7ye5-u-{N(bs(&E!6FDGqa@z3i_C5{r!um-QpPP*`|+_1t#`Wp*Y9KZ=QB{
zjIQ|qbCJijj%H_YSNlVGr9Z6&BL#T7K>c<Lqf%@`s9}bm^$1zmZc>LFppaf^%&e(*
z8#L<^@zr-m^#239tPk4dA&WHAYZ$~%Y`GxJl6u}WOR7W&&XN)a4HY$KHO&4Js%*=a
z0|#6gHcKDXEhnJ5r0j@Ujw8FYSyHn9zgbQ<%Tr)&Qs{`&b{ecru3X5fkxj=LQugp7
zu7MmpW|^u>%h(epGAVsnyPN=Pld>ZQLW+gmH4?|(bJGUj?Bmr|Yo0ThotFkZdC*Y1
zHxdWXr)|Gk-tPw{@L9B~N7wjx4ZQkpYorv8y5XS0oetxc(_mb3WuSk`+oEHlF0`Xm
z7eXssm9wPkc!k~CRhS;C^kLj`0*p(_jwsw|RP?0S!5|laO+pW->jd@SbWF0GhDnku
zi;|Zz%VSoxTmns)juSJ{v8>M8MvAhOd_)g?OtPGSNs_W7dO(ATN2H-i>7f>Q$OA*{
z=l~jh!hXfSx}C^XncOY=jUgcZ{PyNYb70=PuV#IZJJ7k_V^s9kx?2wXxv?dGd&y^N
z6FQ}}m=rof`6ghO9|9}OvJon8I@XG=W?D%TR?EC#U7c2SQq{3`8N<rwBZuV#<dBpd
zQ9e>EtaX$asLTFYg$*XdX=T|(XSa8of$h|A&>eypp_8NEKu1V_2fG@jO{XA$q|g!C
zG_BQ^Tv>6YkFK;}QsrE4Wlh1Frf68xi6n2@sw+pj!Al=eD<>dor0j?`O+wU2X~T~D
z!&-Uyt(RXu?Fyw~4+DVB`Px?P+z18u{9Cv4f&T^nv~aZBwa(sN-MpYiB%%ig2_3cY
z(7BOI8c1%~eRodV<_@Z(OsTbX)!d*}yQ9LS2%vJr8^5~If*Yu163FiJa9|gQl`IzD
z!$3#>cHk{&E9!S_Z*Ug$rpnUNv}_?#!`V=HsV56ihIa~ZND3Wcc+-GGa^<|P(<Fx4
zkGhH(?<C~gwDsjF7rDrbSdPpttbE|GngAS<vSGuc#ex<`iXHSNwaFb;1M)H<H6Vq?
z)u5Wj)J(1{%D9$A!C`KNj$sqUS*<e8in6Waq!3lng-`R!$IYq<xEU!sq6U=MQTs0`
zeQ5u^+2UsQT0nx$PnejGz~-{sY;661YxWu3RA9)9{@_LQSJP{`zx|!V1_hpiXxnI^
zzD4RD$Uu}KnL4!o(8KMf+3INe!BL1Bis!9OM=iGtByHF^snJKQ!UGYniq*(Ik$Ue^
zl~GpYaP*jwIZrD*hThr(-EXic5NdscHdodN`K!wtse3V-4`X=_J}t2uliy#^3{P)8
zttPadeh91_CtZ>>r4He$7C8QLaH`9K@m9&C7EPO}a70)6$X_)9`6FdN8p^W61)@I&
z1b5lioBi@nREtkbtv!cq`*q-w%2w&A@A^5w_TKMmO@A`Xe{k8EZ#&@%*EfOHg1U4%
z2v|)60msCj2R00pDy)YQ(`>oE6^q$#_=R6`wyWi3SgXtYO5VK>6N*p0CLkBA;uMGt
zpu9TaC7eGsQ+cKjCMlt^F0A-I_E$~7{z%zT#UDrij;OCDui|nJFpyY>kg&t+F90Sc
z?d`lsaW?Sjpr`FEimv$A<*XfukhKS_zsQXv@bQYZA+0~xmUZyNeG|A-x&)gPIl@Y&
zkr$7Nk2m{cK`s-mnft-IwSK?QB7CXO%J$)MF0ief0mas(DN|(n02G%)owl})J#!)Y
ziph863QHN(`Z3<XG{RV$NL%M^&SeRueqj^waky#%4oAw4nn+;L<E(?YK=l27{`-C<
zr26B3tn?cPkm^7F?|0BU0}U(wm2oOB>}}C@F*6Nh@FP+JY}dQK1JAEB{Km-A>0by~
zWxc+#NNJbuMqjU4em@^te9n>eCn8Mf`NYJe$Pp$qZP53a_=)`AdnWNb)*SL(xQbT>
z<$#Q<JY{twGOP!za+N|gVAxcAM6Q~E$dR(6ra}o0Y@WxM3w4nnO$Ylww#$tG0-7~q
z$R^Js)(GV8tGXArL}%(kYx+iu&b=1<U*2njS*zU;j=d|qAPnI7%*mw45e6`Al=YbS
z_!(k~rgoh>c-XElcZaV1#GY4WGi3}1Bv6(>y%bmT%DPh4+PUgt?N=o*izyQ#%j<Nk
zrmFIx!fFCkNXm{{LSRus?I{Tu>+l!Ud8n+w;)TyY-h9EIhPkY6rnPpJzRq;~y>p9<
zz1Vryrn`B_V!ql>0zkiJr^9y$UB&u=3R|Du8A(bUq5acPNOEPVcqf`vhpSnpH`_L^
znaD-WvNnmcRK=NU!h9!{k3v=xP)JgCRK-TAlaJYKsf)brJP!gK@B^%@=TCUMetG{x
zZ)O(l#w(!84m<7=`ikMBW*fiLn%O{_UdID^yH@Q5+%*hU5d&MZO^EMUzWkjAx~3!7
zGQ695^6JyiCZGRwnvz8ssGfQ9jRbc0(}B)v8qi6uESpZWN!hS2<uT)F(=m~>73+A%
zrBX$a$dR0k4|G-&fKF0&RKEj@63R?BM)qbNg8Ak>3M{~3lz?H4J*NJ4ifTOqL|p&?
zTKFn$IeE}~zWVSwI>*rqk=jT~tDZmhmlQcdtERO)j)_l*JMU+h4zMl*uyg8w1Ij<4
zHq?=!Gy8g<=U0;`ZK2Y*NJ^F!Rl&IEIIGJ#VO>>cxoCwx0Y*YlAEm7(ptPjys3}l_
zhCJen8K7+Pi0cqyKwW1DI^Ez9+uObox9B(^u>_P_-Y(ZRSGL#iZkpiH&;EV%ayFlT
zS)NDNz>~j0dpXnB7+NBK)*<W*Aokxyp=X~4VhP|NM`Da?eNXe{3jVG?{ROyR&!CqF
z{&gN*c`eHDn-}}P`uJ@DpVF88yONs^TKy<z{uD@*6gt8*r!g##iT~@n^2ulCD#@xu
zyXjDS&3GaNtCNzmw5WO3brqCe2kor(LD_l&C`-zYQpkl?J&#@r`RjId*tAH=H)_6e
z1=5B{WuG}^s5IR{aAqBMN)aaty&!p_kRs!1TTg4)91}m0H_@IV___|!B|h$=e`czN
zd|xR9rVy4E7?$d|ltEz1Ffz60O<2`^;JKavJd?8Hsva5<yw8{z7{Nkb<?Y^l#siGt
z1Fw)F1N*4G0GR8je|!Bh9n51luhHVL-X4$9Yrny&hlN=6cS|TwTh61itKY69{OScn
zE*tTy^5F*L53_Q;l>-7VD`SX>hgkvUzIOArp9IZ=92|*5fsPJJ^of3l4G98Smmd*^
z5k`FqBuok&Vb;?iVRGdxPDR@3pd*7x6kOyw{K$%&$r=U|6;h;WIJ~ZXNVuK=36rv8
zJ{Kt%F3KRqYz(rQ-7CafqI<E?_udbMYKKN^4LtU{l3z-5o=>AoiX5Rg6X4$uft7jM
zW@W0~2a$=A@x1L|_IkmRq|8*QW7&FS_Im9js`Ug!m6RRdSSd+c)I+Nd$v=xz|IAdt
z-JJEugD5ee^#@qlDI|{u=b90MZWPt^=a<)J2nsa-Zg14daLFgLt=u+^AA2%1%i|2i
zM9=pb)ECVk%n+>IGd;NrLs`de-d?*)QKM4Gw-?+xPseuaY1r<V_`h*f3i(oGCQH%C
zn3V~%@NgYY>lj-9D^^LBv_+n0;k<n9gSqttFqf32nHYm2A*-b2tRLW}{Iu%p<pvU!
zt~bK~N{i+4H)W~ifXfv4o5A8BH*ybit8C1@T?F}b$@?JF?xe&K$~~>?kX%`4m!a(>
zXEm@A@-)e`&zzJ@sV=U0-PODZx8>G8##v9mI7!)2zkr4(kEq!srLDj0I3F<AZF&h|
z57t2<Zl5+zoS7aV=(X7Iel@D}4r*=gmU>IRc=8+5wb&1XdmQn%s~qoLhldfgJfcH^
zxj#G9t6N9l2~(x+mVfZ83@)O#n`pJ&*dlgAUp5Sg)5d@^P6pX??Gs61Pm~8dUe@aC
z65M!Gkq>p6iwE?jOp<@w&NfdU<p(IlNA7gOq)utAB!!N!s%fp2<jPGM=S5OftVn9;
zYRXb3@`N+lHci^*vX*(c4!ZX7(s}}3O3IE}6(wlFEW(;Xvu}+8|Ga8JJ#B6j)D$1V
z_$u0bwy1i$wEq@AZ^Bc(c_Rk_M03zq=Vo;R`LZ1xXUwkG*VHF5Sm#>ZZh@J91>QXr
zOcSbiN;fAdbcE_n8;?6C{w#0hSEW`ALjNb}8D`#o`%Hg@dM&(7u<Mw?kZ2uEXs4yd
zG0_!|t4`sJ=&)V*Aa6YZ<RxWC?Skx44IeY~de-Ui3IwoMMD#HFVYr)pa-w&zMN6?#
zey#G^JMmt;FlF&BM1^1N_&>dx0~j@}=1Vv#;J8{noC8@XK*$D0=+>&g^BY?!yP+P8
z_JU3aXX|MUx?|!K=C!TW{c@wc%I0TU4E0V*OADcmrD+&fMa)E72^M>_5Mhh)VdHuN
zY)s0IS`67-x?Ie(Qd$q~<}dF;_CsA{cd*#Y?HaOoy^K26wSRm%jA@`RKR+-T_vYuD
zAHB)z$YA%Ecg`eU3^U@qBqSs%ca4u@w>C^*xUs)-2P0)}r*!I)LPuEKG~jwnd=kuH
zzf-7}{ue+E)H_QoZ7<8Avw$ldHdVEhOnS7vVT<(9>v{ruP0Eg1Bnh!Pi`-?#Mus4e
zm%?eK;HUlgeWMn=<GV&mYj~`S!++ZXoi!X@qKD#l)edpd5b=O_7}+n^O%jaGetG}G
z>k!u0-f73)OktCr1M~m~DO%^#lufygGZ?b!4PCfbh9FpnN5l5v=lUcJPC&wLxbf{m
z?*j9Oo$)_;NXoRSR~bkcpALK1(_rs0@e|9qjpeGv9lZF~w{Yd&qMO9_Omn8*RBAbo
zSp!`VysdNA<Xp1S<2(+Ta~^vjIs9;{In%Nu<{Vsfyf2OvKimzmJ8#W3O<ZQI&gBt|
zz3JV0hW4{ofZSoP>Yk)c3s`%%Coaw&HT`&gBN+RpKM9l7;5xlGq13|;SLU*!g^8(d
z=5PnYjK9v7b8GktV1JxUbkGXvml-%<X`xX&MA6gja8x{Ghxj{Ndm`3)AB9)L^jd5E
z&emHAMR;r%fgCPBp`SgsEXpj$rU~A1R#&-VsmG!mwyeartkW@hT6Wa3=x@b$UD3`y
zs10}^e?<`S5NYY_!1chYUYRHjeL(9k4lUO9;*q_&@6oz3I_{KmC+Pr?n}pmWY)ZSc
z7tu$kBb%E^UivfbtY6Jx?x9_5cVz*lhEuP0Vd$P`d-zBTyuXk!os6EN=oDi*lKffQ
z$sL?I(E9c8_;AZFE&PB^sozz}^fsoqx=Z`c;UoIBGyB@%$Hi=g|1n<xvtI!7zktg|
zu+?Q!W!aNn*1;mF`_C;2C*x2C#?zu^b=GyP@<=$t7Mc1Md3q55EjwzFl%Vxe=@60@
z{bYPS?N$CmyOcOF7o9?9Np2cA98*IJlXA>7`}-yKdw`BU7+=!=JdTKiWAR~s@ZN6H
zIF#Q;L-{RbR3~(n(?UlW)uhq_dgT(zf1&udfZ|`?RazT!(K4+6wY7_3ZOnXaJiWAl
zmi@Gg0tj{dXLM`RSHU^~9pSh>p}jVXHAYx&lSZ6#P^2eK7EsmF!58%#Hfwv8^O%6g
zadR+i&Rx#PfCYFT)sdH(JY<s|gnmA|qnj2vLOUm+{-fe<%fHnIyKQiX$7jFPF9P;+
z{DIxzx6<Qw{__Uj`b>v4o3&DxK%RSf^%c4i*gLzQe^CcD@k8K66qc=%b)qg9m->H1
zTU9Lg*gC_;!hK^o9qFfK$Lers$^GI+YHE96<*nJAKdXKQT*O*`KV!_{#R)@4)P5qs
zamFk*z;iabyPv(%`}Y=7=GQ|#r1j18!R?i4?hR*uVWT12)_UMJTGh=KhTg_dqg}Pa
z^vu3?of^B`J!N+%5Fyh-M_AsZM(|PbXB5txtid-mpR*y3QLWeHLKqwM>^zA@E48E5
zHe4H9$~z_s$yuB$*{U*^d8)$3mixwbdQk)|8>F$K#ddKE=BL$s)M*-LXWrZa&y%aD
z2c6xkpx?1QxiyFM_mB{?kkzc;{pnE7-j(rSu!4cS{`~3=SbHS0W0_m&-T1rZ)|h<b
z8eQhg+nIb44{7IHQJheLR~fRZlS>j%bc$6?=q`Vfm(yX%f(@Txz5V{!&LwzuB94AF
zl_l?CkYLvlO2V}}s4`Z2<UL`dD}19ny=H=z9Su%G<A_5>MotnoP_4MdIwLz?dTv|8
za1b|YG%~fBYE&#wUIQDNM?vD~<7}nU?(4IV);%<n4O4-E!p)}UA~+4L7ij~a*+OqT
z(6SjQjiVnZXf!7mQ=sS+qxokRQwW$w_?yDf&pk67c&ypBw`${%DIA)9B2-Mjro60E
zfS;HYDU@n=f(e-A*QvVA^ET!(3zqojap@b->BSYa?07sCYM~zvFWQhOaX4Rq9dXTm
zdB4kR?GU1Fmq>$cuAgC%ou9m+H2t~d546M)YCfqqonATSO{H>`vm}!Z<4u|}(G@An
zMWtjXyEw~6w%*FuoYRX8XxZ`L;<ze<kqBeF%3#m2_f-fB>a~suS4FABT>JVqz-VW^
zz`Faj6LrOrF3WT%Lrdt~2{iz;&=G1ksRm$Fd_vWY9VP$F4U~ElajA`<%`=v@5MyU;
z#i~*XR%A(2maWKjz!x@y+BbvKk$qZrd;=wU$M<4v3eTtIfBX&;rm<StD70&r?Phbe
z=b5YTIyTv0?WT4kZgmjW8+2Uz7PGIj^%j}a^o|<srdI1K-UAciyw&cFK+ncU;PrL%
z<?f-^4>Pkv6g}L<SN)|g*Ct~HV5LcuK`V>W7C9f9W)wUIg7NV7A9do`*1|!Hdh>C-
z!^<W9@$$dsn?Llk_P=g7f4J1nFWkW4rz33lgzk1)=m^`LMEFgwESjbe9gGU8Qkb&W
zC9KN2hGl8piLOnQ%7fF2^2CSDlL@dnDLZN_q+~cGCdGylupPh?bz5yOgO);lGe)aM
zQGwlWulHOVPzQ&EA>}}ndQU;U5n%enSm=N|O5!w5i#TG@wLT*8WYI^C)#TlJggTPX
zLb@-c#JDadlUT>;m1Ufkz#YOm9&_M1s9BR`Ez9b*NOO_!`u}C`-Jjezl046U1*e^x
zCe0WkA~Igtv%PD4h!SliibJX;yE!`>%NIzDP=#8ciWK{=-|)x>!mIGj1dyDbvAg@F
zTO`XffGGEj`1sR~W)&Nm2AbuJKr@t`)<xK_{IvHrl)qOT-6_VizR7p*v1EC~&))y^
zxXtSb%G=jlAE2@IrQUTT7$%|t@Pm!L@SxBMN;WS9JSBdPSF*kef22#_{hW#c&BH&m
zH<|NpFmQWTb+Ibt%80CKns9?LS`@y@MctHMD%X_NgyT}C0bV&Hzzb!kEn&3Gdo)WJ
z%f9L^*+YP=FA?m!92CP#yA2A&EZ;V&6a6k9scA^;pRg`ITvN2{`28fYtlzqP)EJA{
z6DE8KruEyq$6Z2Hn=eJU@Tu6`#rsk+BC3tOwTsaQ?U(3_wE8!ETY|p$ExEQFnh?ei
zVff0wz3bLo)OQh9_R)t#Wxe}-%tMYTTWuKdrYU}pm0ay1wZ46lgi*>JeWQpl^wyvs
zh}m1@^w_WAF>^`C8Va585}4HteNuevCGhWs`1hNx>DK*-M0bZ2>!R2{P4q`J)GaCo
zu7JU#t;n*<)ZO^3Oz73J7G-Ug!Y<`<RaZ@=rVKufq01RDbSOLJG=+lafIEE1e<^T>
zpAtvLp~wkFFfTGbC4OEcp$!g+*v`7STJPi8#|}kex*qFkq({HsXC94cziOYa>fF~t
zWlgvwmU=0QTr~k$>N3x)F%u0?j7$UQaz+3h%8tkMpxCpUo9}<?4P+|W7e0kf$bCDa
zw@yIfhhKhq`!tSa*|(j4(tbbR7q`vl;>+TbYQaB=w9`H$5y3c<xF4cHZ5^9yI`BZt
zPy8uI&x^}L*>YYedrJJgDi_M3?pp7OKC)e=iG*Uc-i3YNY(QKaZUiObQuA^_-OJlz
ze@es^vA1*AL2KLw(zv#q5!Z&Ylc&X4L-Ut!-cQA|q5SLib$_p}<WGBgDAgMG|8Pz1
zRMvZf?*)y~rZ`-8sT!z#7!=obsH4bS(0_Um*+KfGeP5eNWiDU(9z!uwu_}`GF?7ys
z`kK!+Xm{vEK=!n~-URXR=l0@Oe2#y)>OywI<DzZWZ68MxZSzhR+c-cuNPe4UA&0LQ
zuEgOR(h_UxjMp_r`V{`SB}Z51_51vh{<8a8)GsW2)9%~F9lGz;=)#Wc+pxXETfL2E
z?wWWG$GzIDqf3N*fxGaLW2!+zi2`44nph-GZEDsP6@kNKN%;F7eUn@szL)dD_fz6C
zeC5|en$lA(`hTL|QpC|V>jJz_&~~hfyv~+oC1mNt`=rq{X|rAlTP~%`GhgP-gcC3g
z*~=Lrdnh~kK7nlx-ZZzTy-~(m9vm7ekw&*kl|i5DcF@!vO=XSwo#_CONBe&IM}26x
zN+J2?Ch5r<Pt@Vhk6Ryfd{&&M))u!le^gDIMz&500}@Y8??_+o7TeF)3;NRkw4m}C
zT5tV{at00`yd64AFTS#wYD$l{Wz_I4PXUngQUIpJ|8oovj_g+6_?7cQE=?J*&nQv4
zA{VAyuC&f_r?Yb0@X}DfoDu4WvXcQ@DA`)xvls6sEf2@utD>z!`>@%T)ZZ~Ya&gl%
zyUvpmb6dKTcm0X7TVhVwuIY08n_#rNb|%(tTg0Y-tm5n-*B^=9;HD&R`o5_Zq%!+M
z&yv2e^9MLX4u8Q>8@fEdK+bBfFe!dvP3Wg!K%)EQoe6_zEBcuwf?C50y`-t*8MW&v
zR+_32D4H;CKWV~)oRRPVWvBh5ql3ra{Q7Lna**un+x~8Q7`aL3RogU{uBhR`Y?5>8
z{fO-m!r%3|(f|10q+R|~>k|PQes&jrEOLT=&r4*O67TgpT%-5JO;l?N(e0lqmq{s?
zKuOW}p&~76)h(!3x6lQFnya;-Dy_aP$heZG=?HR0Is%lPyj>wd_I7`=`1QAEZ-Azv
zC(!Nc*A6*?bkf--edz|2xNbf_39skfhqjk-cOrC$a%7hvL(cN+rWp>5@H(O-uzP1j
z`vzw(?zVB@!K<~1Ep=kTSTdNmKS$c`oS$RE&$wLMh4U^ZaPGqyb$8P*O}PvGNX5f<
zyH08iXyv}y=W0t$<fuQ^ZTRbAR}V+f5b;R11zp)L$xVPlCz#``76g;x(?c=(4k4e5
z>-4`xQHG5N){4Gvu*|Y@wGvgPskN1AgkQ-z94Sp!`KDM^)%cO3(u4>#BOwCHPFX7y
zY;R=aM+y`k0?>!)MSX#B?=pyI2%U8M#iOvw{_$|a^i~$#8|&53jgfvT-q-H-G@&T|
z@qx@P-uvRuk--haW@w~V+eLABOzdw!Z4rMXS4KCh`|yGLWe?`Jpc>%oEu~*~71s2u
zC%qv?S5iz#`qO?9IIoUj!b5E+-EP9M8LgXD0(D4s-`au2!c8BuSSU1Yv1(qkf+_KH
zFNoA^VknlrZD+2C6_qi@U;@29&usgHH)mNjbtzX?6b-f7%~dIUDV^})^0+d~QrddL
zzSATVH6zIc%1+uh%&H*EZjHRpG8sFQ;d9dSxJ_^0AE%}L4fPIft#fs7u8JTi=;BBR
z<4tc|kFK}FVcDILG*VvlHFNzb`G5cQ<-7lftUkU%y2^&)kM-5v)$qpY3WIL$ZsWT2
z3B>JIL_X{kh;{7l-%ua#O1c=E<>JHoL%`bbxoK|eKB&}nc>lakhV(rdoV5oY?E7&u
z4yD4|&iNbuGkR_AiN(7`u*le8C|)GW@K>MLb$CO>IgV|P7<e~al6ZqvWcuAOFY#td
z{H%9F_;tlv+^A>68)AsWpPg_6w`EmS)zVj1G(~QNwmN{MtZK0;mU&}bR@CKq_aK!f
z+^87|H&AvwstCoV`zb)tw|8YY+ZM0ic1^tcGIJWi(WTvxi46HM9dRa+0Ho4qk5s@S
zCn)s1B$6rdvlO};1-`x!MP2VGY3KSwY=m_|_88ofu8iCZs>BnTYVkbP;!(FdYIaA3
zc;m{PCX=Wc$s|yA@`yu%&)&ZqQ)MJ}Xel52Uy<sPTDQLgVyl<$7W4yc2&})!#r8Ny
zQ&oN#S!+azFHZtd^O8WO#LsUp)xV5+_6LY$!!O>|gXV%7E(%@Mh49WS1$A<xMs76C
zeq2@4Yz{Ren*+*Ds_Mw1Kuci;$fxbP?h<_IzOV^Ebx&1yMU3ON<q>_<C|)q42H(N}
zDqM6#T`y0>Q1cQoro{jA-nlR(LszlWprBTRLN8q{@=O^)jnn#cjd4XzQ!><ylnf|4
zsmL%TBN9cLzz*~pe(I0wAy86pgZd6xxO8`pm9>X>O5JRl53vit{;s@kZo6q8?T3i|
zgLVos|EYL2Z~j<Q0d)W4iN7r!koN83+3js}MH#_|<qPsJE<SBHcULr_cC%TmiuHzE
z4D>PS&VRLSbE2+~uMgG&#&}6K0~9*J9Oq>-Oo^X5>OSmKc%uobG}|BftAh(*fX4HT
z6KxO;6QmLMg5pI&E3b(D8xg11cHOJSjWf+}P&4uypzOr$eq_lfLDSkaGGLX{qa6AN
zkUe~$gQxd32O=+H&Qs6S-7u1viF8c{8B3qq+`{#B`?J-MdDP_xeHZQrPk*DnR{dkb
zulu%z=SS-{w<+xr+I#qd<=-A3E{ng^r~zG`m7wNjB}|E*QH|2(b|%RPC*Hu&cdvaB
zd(aDNLQg$%!oel26V#-NdQ?@p9WRzuX$pdxk%9naCv0PMki#LV7FY+8K9(O#%1ncj
z(|;Rm=Oc}uI(T!sY`SBQiGkF8fa-ASP(s{pA1hD(_%Z~0K8HoxRNe4H`;U~;(@#v_
zUfoa<A9d&HoNz~$Xnj}oQD3h2H*K%c))u$j=*;!57UT^-3?4#9)g`$LQ0N3po0q#V
zCEi;a-9U!uZoRGcPv8Ib?c1N<{qk=wetz@IcW-`qx?exdGOKcvo2C8s<L%Y4_v@RH
z@0!cPnno{0+2l)_`;duz<ub9#nz~&1y2{kVsgours2Rx#P<FzykXVfRwnxuydwu(I
zOVu5dDeLfY$w5SqThQ}bTchOjKHEH|kG2^<U2r$eOFtIUja5(Gq12sG$=MXU%ri$V
zvVcq4G(e#fEMQ)C!<6{>XHA;2-q#eMV+MWg-tQ!c_^Ca+qq((K(3FL~b^Ew6q)8BJ
zMiK;+oiGNN0+Ez$oMjH^fxpDD%Jrw>`j$%bwkv$*48}1um`*I{a}okgTRq=1vSTMy
zYiqGF+o5pe&_ZYN<F@)eklg3v=UYtwt{Mu=_7}d$Z85d={%1f&cS#Nd6gt7^=H)O<
ziT{UHj+_TbXn%TFn;<ua(3Q_=7D_2-XhPrqebhR$H0dFmk@Ns%$E_2JrPlf5wy2*M
z8w%lrzV7fbbVL>XwQNxMRl-fwETrvl*z0_>zgQd5{Bg5wgQ1L`zFj=KZtr8;A-TJo
z5xKr?^9SMsV{oPHJ~#zN<3A0>=WQ`ayndE<0jvTL96ni9+_c%d^p@DHe?MOMwY_&G
z?8h1b<AmEZW}HxH+Bma$=?YWg|22#g?vE+z*h*VaFKwZ{lp<G|6x0E}&n+A`&NO2I
z?!qa?d2w3|D0y-MA$-FBpFsH469}=PjoJ6*DF@lSl!GbpuT%3OmxBM>itaF?4tE$}
z(CG6tE~}exunN1%s4cM!cVVNfXaX=Q*;I91j~DxAX|h2!BiR7TPMo$-td9{SNl0(o
z`lBD$*S~kwAXH0vcLU5EJ^GhJ^<eDP6@Hn&$E6M<mAjP|v{aj9MEJ7#(vLN|*%Y_!
zfC%!u^yUADbF@7k<D;Gj>pw(1dN1jQny|Kipw#%qk91S-8}EGITr2jkuL>H~`K52o
zx*KLj_n-5->-uIJ&XZ`k#b&>4<08W+A8r!8r>9GUysi(^qLa^j@8h<+oUZ=My~oAN
zMGTb0ZnGbce6p^*d)Tb-i9R)(p$LZeh30S6C*h5{u0Hm^HFD;5H=%C4Ml8{3Q%r^%
z5qKY6(sl$2o$x-ImoYLWeo^#tn3>qs^NCieDeJ9kw$Q1>nYRwuk)$%2EwV<)k|Ohs
zcOo}cA*5;QQafd2HJ(J0rAZ{&j3g2$JALawlG901Q1mCV`9pt%ZcIn`U2G`28cZe0
zEe;2MZ$Mq!LK+=Ism^IV`2EV8m(PECKi<n6emES<hax9f!@Sg!De<%C1FY_XN|Pys
zSEi_Ai^#G+lhf3|ODzKJ6g69*k!ONto(Ww_CH%@&g1RmA5yo+gNOM)P8M!J@cH-C`
zS@I-0hTS~4O|)-wHl1dlTwQ6QMZZ$a+V3yCE&IL<_*Bu90V+3JylcYm@_O;;<@<M!
zsTi7O3$)V%7mvOp<D&n16%hHh&6IiEM(=k`V6<jv5#6$Q|G79&-^<(Ys}bTSemF_^
z-cNUSeXv<%vX^v1fkG!3?Ysn>De>vfSq}~}+H}!wdYp|GSSdbbNcg`X9S3d@mD<rT
zG(pqQgw_F<b6a^qwRSXtyRplB+*Z?coNPuq4wRj+)v^94T|&<I0frv%e|4ltrp8-d
zwV$UOK=A0<`|lsO1u^fxU+m~t*jA9nMk9S5{vg!dM*7L2v>%5`o>NY`MObg&t$nX~
zOI$c!joV^`uF*liHnO-&a%`Z`2^Kdm$7V|W!lLUwrKaC35qJ39BM~OnbT!t3d{ks+
znee)if=0geLkh>uEKRJ*W+c`?+38E-c;}D_D}&2!iYlgYu8wMdRQf}mHQ7P95gxjX
zv?pcDd+jXiw)Tx`PU!Zyr#}p(-N*vaha0&jUY;V8%}bG)5}(d7t7zbsDC*Xko=lC}
zSK$`ETW|N&==*82-~8=<rrDQRWs>^%fFYpm>CY5F=`=!TO)hfhe9WimN4||4LYhUB
z&B&sGveSkznn;690Etm2I{IB)9ee_Z`&d6WGmR@gX@@``njE)QK&dg5R`Z1%I91!)
zxP6Nuy}u-71qz*@`SVg%ro>OLf9}uA@ctLQ`}x1o@TY5<!A`v~gCS6#QquNeTg9-g
z-QfUqA8k;dB^Gqw8=<9NQ8RfbVhu_+3~F5W(>#}KMxG0lo!0%)CLCDz$NO)*`T3Wm
z{|3Fq+gM@O&X@E*jmCAvb2u9g_oKx={MhYqp*qAF+7N#1+r4<crFz16of?7)abRI{
zOJ2}j6DwSrbsKU#JR%uTjV$W?_8w5=1bdp705c{2U*jY}+arDDODikkjiD>m(umRq
z^HtVrV;a5E_jUNbHKmC%*^ERPC`(h&fEghXewTW(0FQVz@`z|sZT&y%H29H*p0ODs
zhlyN$BgRK$Nsqz6z<wNV-vyCf#11a^p~ja+oW%2sRRNbxRS;5j7d{&COGDV!;qZ$S
z#M)~dHFDeUDWo@4GT(E`lW_OBh|=03pJ3eYhOXf4+1M9H&?o7fiS2PYw59A9pm4%X
zvFql>ja)^iofznMGx8d^JS8Wamy$Cj{$JxY05fu|sl4;i&!|PP`bOlc_Th|mS)N&)
zXRGl;Ri_y_dPYVLl$|_O$5uVX-w5SjuR0^(uEc1RKd!Iu{#bmti(|CgiYKy`*0!H?
z6XAy;!tGD@rb1S7)!eoXLcU$!eA3_ERyY3^Te032S2z1b>wP4fS^^t^9~#>T6q&XW
zJufq6O8mUcm?1><v7mXP(I%QAe1TvLU+VHap99<!y;Mc+wH39IrtSGwP-CsC&X&t?
z;S82B?sL#-I*gu?4g+P!U3*aM6o&&8?k8isd;R{qr{BGJ&!>a-heCf^t@rmjBzAe5
zr03;^+L^M1muOjiqvDv*);2!vj+~_HX?F|l4;t$E$GRNHzj?HO+;!{OwgVN~1s*sR
zTO3(Ddh`DK$4}Z&TH9#n>gw*gKfktJ|2mo_+}{A&u^e5KkhY1>_2H}rhI>iU3luuR
zbY~>Jyct>9JL8SZoiN5op=l0YS-NnJ<+^FKG%nNQCDl63F3~fxOQ0;iKtho;VmqEe
z0w3|N`Lu36M`dBdx)x=8S{kDI^(W+8fKMNJy<eV)pl2i^yct<}wK6iZWi4tN_@--B
z#zJKgt`=F=tm>6E6YtP8xUXjf_o3{Fj(m+lBk&=;mar)!LtgD++{lwIVQ>f)()@Fv
zGw=hCy;&{~*y|Yq`!^#iSH-GsR32U>%VHHSrd2JxtCnK9Qh8q6Y_)9sxYncra6Kac
z4rQlm+@atD-2rNY<U6&A2~o*Nn(i2k@0<56i~iWR{~!9vA+<TbV*?a9L1|_LjNgo`
z>{abbUpJ!8=vAYOrSRFZ6q#?-GAN8Hs`2ipI*r8Y8If2hJE=5dvDoSJ2uXJ;(+vRY
zd+i=dd0IC4^{4K9TI_F$;XmLR32>#+_sr!HPdy{z`DSG0%Bw73ZXs0J&`eTQh|+p3
z3RyM2X#6sqP~$3-Miupps3Me|R2f+3-zRB~55R-+$$O^rHa$#O?V>CH@?-B&R!eD-
z&RkMR4~0(9nHf>SHzO;nTxX@Ny^wV#sZt^rMcp{zd}B*xYnj^#e@PmE(=!5aP<B#h
zU?csLUNg9X{{xL_M;kVE_duHabkg1TlDHZaIzd-v#MR!6tXz84ShHLS>ufEwq+UI_
zuEna#vZ^q;spNP;jZOnrdPcws%1-La$f7_$ki?Kg_uG!{yhAE$PzX|rpD6d6ipOFK
z-CZ}svbhSsa2kK|`~K0d5;W<6OO9M%E{qzz84=C2t5jW8G$erhsY@;VvNFOdYWymT
z!m5emB#o%(84(pIJMBsxSrz=gVR<omMp;TD)xP(Ud1U&Rl;c976HI^JxO2F2nOh@O
zwF(Ar31OrYWnNOJL}}|%7OI%2r8B8p-OO;SL)l4PfRf|r0>z$@mye=DL@M7EyUmy1
zsAI_DS$GZH4&$TgA1Rm|bOjfV!8OLz1PV>7iJ9mAo)SO3SqOCz-`?zF#}Kz%x@@dt
z2>inNs&=bYtwmkPaEZyOOLgYL>#C*}J-RYdj=!l)>e@ClT-#7~T05ard|W$`SmL#N
zIG{CVr1s#n@6#vR6r=X2ia8d~pS}I5X=lI2;mJ?mzkl}h#j{_K7GL5ChC(N3@x1cK
zDRDT?WVu`_?{X_Mpr`1G;gu=%GQ34Kl|yKs)uJeBCA?p%N;g@xlx|#4Qx~(D;bMle
z(|QVP$_7u+D4{|5USSXTl};E><`uUJ`r^e;?~xu}QuYRgrf*PC)T&jvTCTh>vJN+>
zypf^^Y9q?h)GJqHX646g!A$BdHZ$DCP<HzFeR(Yy6pdG@`>Bm+s8X9}K?Pt#t_A(!
z(VN$AU%&bOG17rce8*7egm=-rVy`K2_%4!ixy+S)`W;YB^o=s(mU&&c0B-@~bhB!L
zR;r~?O)digmM+UDR5SHSn;AZ7C_Am1Go8{<{(i)3e|uN2x8XV$E_Uz=cS)fV6golS
z=J}oB%6XHQrLMea@=UigO$(V-!meE9s?0Z~9-s4JQopmA;dh3z(~1FWhsO0`V!?w#
zd~AvhMfT|n?7IVr{^8$Vq*ZSJ_S5=$-Tn+xnoB&-Q0N4undf<iE3agctD-a_H_JTW
zp>e|7)k>7hqHZ!P%c)i?CiOg<8J=e-JDytt#X27%P#7fjx@~_<`O3eouj}pS_VDT>
z6NkQIPtw*WPr8iawzpBtqDxam_D_axCFGDK$K+pc>evJNkhobjRIGUjhIBs5ZYXzG
z2X;TdYjGE!6BbxsSDU-o*l$QCY1?2z4Zg$=4uww8;Ca<DQ{pFdWF9v3X}fFUu=`Ib
z>P<%nFdy`_rLR}3YLyA4eI@iV%j|t+R9r!@CIkq<g9T?IkYIt}?g7H!?vmgd26qYW
z!GpWI%OJsnyE72nT?QCrZ{FJ<@9aCfe|CTFpL_arSNFYLRo%Di>#A;vuX?om1?O_=
z<D8H#PvsA-$!h_@HH6y^S{T?w9wdnCx&gR9iO@DVT>JI{0SAtqCMO8l%XE>u=~W_p
zQzDEzsdlr#InvcuIWjRV^xQ_L{3%Pgx2Lbd>-?J+;E~4d%w6d|w6}EEy8@D)WoHYQ
z(R~CMSNlr?%uc(KDxne2x-6P{P^e+>8Q!Si)3M^c!f_S+ezeM+FJ8WHH4XqUPx{mN
zcZXQKZ1dt|*6dRT2}a43rcG!Q8=M36gO*CjGOw&Bi~N)EoqTHu`&hN#v5O9Uxt_`9
zpYi*JhyJ;3Mdc}C))x0OtnE1bj$v8$n{HZbyjp!5w4DmuqN<*`GV^0~k<m%{;||}#
zcal{-&>bm}o{Lb5@@$`KbOkgQvTxJiJ!ek$3aM@=ek4q_;epx<{N?Wxo|Wb2PuGG!
zC34d5As&ZL5AL7WQ618hLN82>O|<UVhMdH0Zo0QxUxUmtOx}*`TByzv4SoBuIQcUo
z89&yqhOhytw{HX~wC(WnK04K>v||6E-?TQ{ltgw<Lr&C2ZZdOkaY&KBbQ3*Thy?Fg
zDxQ~ONva;JwO~8Gcl~|q+#)yu=KjPFYsNKsSR)8jI=i=jNoW6qd6W@7nIJeL)SBKQ
zVP~A(uRVr7?PH>7acKcA(*y@&3<)2hYIlN;%uLKipe`2<=K@*wdpiD#4NazG)C=QX
z_Swv5{hT17L+F7ed~3S_K65d=d`;UTe97FJD>HHG0K1$k@IZyx-C0x^0H$)O|8Y=9
zUPhS0oiuarI5u!+?2!noBlW$Q7s>Z9%|~L2W-k}l$6Nz_Z}?58AOlz4J18a=%Q{`$
zP2qc9nf0-&(7wwz-#QwP<GL}uo2=%$vi{TsF1St90S2$SokTrtY6o$SMqGAtF9a))
zU%9-jm}2!sGX9Z@(YeSyZ-REBnuN{32L@?ta@$(=E*k*&5X+w5EPGEk=#EiPkifxy
zVAORq)_y=v$Lt-3v@lDcPLV>U_3;|!-y$Q&jsJc*;qfy`{iC;r57c!9wut+jnB?%#
zNXa{Umc19Y-Oxrk+v>F6P+&2v)UY^PoyU8`G~SpfW`LW#O6w;==lBD86bn^8G;<EU
z9!6PHUZpoNJIeU?2SV{rjxML$$B5!2u>%Iez)_R5G<DPZJnxMS(<Di}qln!%08Rpp
zq0MB<c(|ziz4>$g>tnAlx52B9*x3FO*wRr&ZSbkgJdV>JXn}2|RX^8baEy~AZsd@R
z>S3#XvdX&Ip7lW|0nE0(yL+kKw}acD=fmPWyA$b=%*>`qdP2UYIuZWJACu*Hu;RYq
z6cLA+wE%3o0AGp!-CInP500d>9RfbrIUta?hO$F%Y6b7m=4Y&%;RcGnww4EwkN4S_
z^uir98|MUv`10iBEx7V{lKIC3LzvpdS`@hs38<@5_<k4W1aU#Ie!5!i@-K~sh-^28
zw~uJKjA2Tt^JK55OdG#1kvCJc`Ce-?hsXUoZvKOTfbQb;fe_cEI%{8G%L)e!DN2fE
z@vg5IfGZW5NRG#LA@*)ebEDx~07p$y)-I1^t4|u2Z&O{&v}q1Ui_axFJ4q89lgDSZ
z7_b_;wri%{UZw6v>ll;2XkdTV3CRAf6x1O|Ws3+afYm%Dt<C_C(uv1hs1j-qo9{~Q
z(_U$iGqF8(2H|1~EkBrBDqFLH^s61QZ7QdDWgXeAGnH5xwmO14Bt}tgl%yip&UtFn
z=UzI1?}cyE#1J|0gDE9vV#-kMbZHjPuXR7=Wj1Q9)%HW7>f~sR>^Xmd_cIt?O|PY;
zaA95k-05vU8WA9>bE%GFmT$(A8VO3PF=%=9NyCr+8@0yVu6>8=w8v5gmrvc(nd_TZ
zEcCEbhO&km&s~CthQ|DCv#B5L5(4Zw3chyRMURi4&Z#7Aos!V!k6KL=0qI|Qw$J^&
zeVIpel&5@WlV-tWu9H%xd^KnhBW?BhZ>$)RNiEUzlETLe?VX{sOPy57CqU<f0iAnA
zb6uk~(Pq_O$Rm|WRYiKUR*Y%9+he!;uv+<2!S}1D$Xx0hj7MQ!U6f)nWs*GMbrGx_
zR;daX<Vm$k0KhT`HEsHAMf>419A%YRzdl!C{UdXjH)gnXv0krWy}67QZfWC~)tp4(
z%xyUbu+2Qn&BAL4Zfz8@PjqhMu<clG6uWSAaglQ-)oIQfC8}<Fwbpg&`0}L_e27F2
z9!{d+L?~4TihEc#jTQKa1-alD%2%F6k&)2RG?&`2><(2|$!T@c->laT?V2B)&zaSa
z?vJ)kF*h`$As1P|kdgR?E@Ok&1YGzR(_gnSfZ+0H?V4Yc@mT5cSOp~e^5FD9*MQUO
zl#P`1(*en5hQ#w9LIWXwx*6{cck(d+^w=r+AjsIe<r_)!8;dMCW4?<3G5!sWNEPO(
zoXHhTy;oqOp%wy}xS^F)!3wwqu3vhLH~=AEKGq1ODwbU+JL7H~eAU&srIi#Fc3e|f
zrx3bmQpmM1Yj&D=aNd{C93NT44h&yGaI;WL@w?vMEx^~JJImUi4i5S|l?~d=VT&iL
z?YGB>%#E?}`C<5P)zPTG;-Q30Ci*NR06_CgzGFsVs+vjxufk<wC*`5>@<e@NjnY8w
z=sOW9rtGIbi5%t)ullyu;;R~nB#6rb#rWEu+?Ew5QBnBcbplu*>ENGOBO%jYhU3o_
zUaST;dblK4kofT}9ZPXTubk@J>A8S=@9)=3xT46}pM66gG&SGt1rdB#rxNeXU60jP
z24*~rVHwI_1WyX@ed<`+NVI<%$(qkh=VVDcBs(Qi8f}tL)FUMofSSnm&=sARpY<hD
zRwL29l4=qHj_~1NQYC##I|bi6@UP<+vFpBE^#rDSHmDox9sSvpu1OGLlHU&Pwl=`F
zD6p9+-&{(TH01|Fe*$mhG?XmHosK_ySVgVch&<BRXW`nm$oY>!Dv^R5+2ovyCrcwc
z%F^q%ZMznC^0L{|Q+InT2w{*#x;y-n?CsGTlAV<=Vb_vQC;gdB*Gr^r9W6_Z%}KrQ
z?}q8%9nB9-<xsyMuNmgvv(=8LH{R&R-sUcn!zbr2+EPifGYLBE{$O2^A4fnk9y)(|
zX>D;$IsL_zqf$u`$Z~EVik#Eto(#$@AaCs8Fg`I2ILtl_c<8j$lU#s*%lJ+GRcA<u
zj}(Ldee|558a(JO<dr9-kKvOY$H}89!efcw^9Gys@3{puN<n+>>~Z;B*gR+Ie19Qu
z3ltWwFbF9u&G5~|IdVY{i>L#&%OP%wo|dYaHu_@x3OCcAkF<3c+OB#s6Qf>AjOXA;
z9jO%Tzos-Oz)(2w{bo$^-P`NhE}rER&M)Mu)z|{y2+qsOBP~K|@=Kq_wlM4Va99go
zZfp_GnazbUX@iS(*Gb%?qLtabbD_apvGAhyQ(b54b7G_*`$tVVU~!Q>96qWLnyHAK
zI6UY{P9e$-;gUU{Llj=ktUkxna6Je)-Fb4;iAQvdvl{r4lQuE7eOLeaj!`6Z=(E0s
zWrw)RxBakt&5gv^=X<b-*Mb0ONJR4r`a;%JPwb4u^K_yUS>_#0*FyU(<&JSsN9Yr)
z`Q?M`CVJdOPAJ-~Q~k=y(GsatRay%5l(wSIhCKo@NAyV(Png?LOEi=a+ekmp8{Enr
zVU7yN&Rw<^7O=U9q&pW)T|H`h!BPc%6EKlMhu6o9Y$c*I@g;xg?NpAw7E2vQh`#!o
zB{BODT{RQqNE2sXryKV>9z2r|WyqmaIi&MMKbh15CVEbJ>O3K}56g#iScgB2&kbeg
zKNAt`aoizk7P3SaLfy_T>CdosII!1Ry0<aG)9$1T{1*iQT!S3>IYiQ;EA-jyaabp6
z%-^<O(b{Tp3%wu9$9Lv_*M)2Hfx~;W>I>cSYSehzH2T%2?%rZKAq!iK_}~s%@L8~-
zq%>_e!VAQ4Qiz-XjzDN70UnI56nEit6;s0vb$e;^TyvNtyewAW>G5y2?V^}Y|13^L
zE1VsHmTw<4XFWw}T4VQiUmtpjKYPSA6a3xXK_e)V+!<Nx?zYnd5NYuk)(Rlfq@E`!
zp26qO_+$%&r_v@&T{Skr8rpO!^w}ou1cBNgEv9QqFH0sQ<tPm;NLNN)bc-)wIJB3o
zfWq1qkDr?ml{!CTDitSd)v26ag560sCF8_RHEuRTVdX>6)Au2SgD22}sbvnfVH~I7
z7en<Om*R>Jgi&L1vLOo}y(9DrmrtWx;gX#>IUSs|sZuu#OxMXPucEu;1&%#}Y`=w{
zi?3fR^d7^vxki6}z7B4{%B)K&eBR_%jI6T0a|_xn(yMF_X{h>`R)eYxkDUwZY4}Pp
zRwrMl!Iz}=#^1@*={0kCiQ%t$?wma31A#HQ_OuYB{DEh-k~K(x63Wv!TaTk(X5<Fn
z*BsfWAew|hj2w;`d#@<coKRj+$`;=>!H!eg|CCWwX)!r3edMfJfIW9A-}NjkscUBy
zIft)4A3EUoq6DsCs+qVMMnwO}dfsSF(|{Q$U)A8Yho-VlvSP&_POkm2kAs8nZnwTg
z>e4x5CR=bwL#;wCIXqu!6ProBtCTi5gVS<`X{IE_?s-8nx~=3ka=h1^^{n2BnW5{K
z^M!C1qyD!9h>H5!c{9G{XY}|1e6-Z=qa80g{NF#`>Wxp?IZ{0w2({GhD6~*52f*Ge
zQ7L?fGH*HhKStqhrBca3+w}UaC(Q7u2}r`(x%X&WHG`ch8aeZ=;ueoUvSvPs*W-_K
zAKi3X65wcR&+0`tdJmQ)=1)pFC7Q2oa+K$m!`dG^m>XOgCm_-QT<YEaW;b%6wzQX_
zOhjfv129FQ4fKkw8|cuy++@!4m5LSu%{zu&9EkVSb2|Gj#8-XL_a^%)+VAlr79zG}
zkA=Vm&?b?Z?&S%!^~?tl#tRE)|I8Q|@INib2FoMxvv<Qgzfu!_Tz(B-i;FX8{J7Zu
zJW*m{210~i*==i+Q`r}VR-6|SUb<}w#c~<2>myEgU(s{%??cbWS#))3Y}N~Iv^V>5
zR>rj0bYl8zL1yQD!jF>%Zf;eKM;XxRqBUIH{^o1cRowBr!qt!JG)Eg2(vIMy{nN1n
z8#&_Lx!#e-jcYE`hKfoF#KMLO^rcu?tzQ3fQNv>5Tp5b^j}HIp+*g=#sj-<cw`TwX
zR}(vm?tovQshwTg6>9i7`4eysuAW(E);UB4?7(;*v5ZN_Zv#%^7W2)CXSwvMB@QNB
z&(Qz8<53#$yF{A`%jaHaDUgQOW^oMyirooDfyjLrJwmSYUDumTKmv9GTrZxhbtR-u
z(r>A~*A?~GH8J_Dv@f}vaH(vz!fCormGPeVhD;g_fQ-(5Zq~w$xM}H}U45j!!wU5!
za24ejXI8EIR=3t-FCGNfIQ7^n$iXC<CzUy}H>e%`M0;a8lheD7nXboiy+=tDmQth~
z?mj9#3^8=8Qd)cK4xU$bm}SD_Z$zWQ<vh?L8W|_Ry+N-L4Qf989;|8TYXcA51w%S6
z3^<?<iKDc~1EcwFJ{w)tYIR1o7-hCauM<b}><UYkeqNfT_|$^r{p@tGWgqkP$_43j
zjD5(j$K(Za*50AZ9Gi?cL!>oafQ82GXzCkG4Q9`L>x87YDiTdUl4El;)+7@VVx|QH
zY&#!DBRLK_$Nsqc)=X{l*DzG+(wrHIbD!Jswcc%!ak9TC?Q=f;&fS}24}B2KPM=rZ
zR}=M8i}I=fNvf00#0)v$-?xTl+im3xn`9J&UlOZStJ7ni<o{V7<Y>@VHxbgWT%U67
z$izPhu9@Ovt6><&rxDc%^O$z4ZMWb$h@ygWn;|mx4B;<KpQZEq=+XfQuhDkBO)w+3
zX)>9dpntuy7`J|?uBkqe{Kq6lGW{~=R=e&(R*3Ms_W*3nX=*%k_Qv~*{aOFa_Sjlc
zc}j<;L#<T~)>&$iJWHyA@M@2EY3ddU)y0Xo_A(dpubiPbrt99I$DIn##Wr8<>})ZH
zv?!56=DmY|fKQ2=7YsnSYGdndJb6mV#d}|BjWcLruz1mjn@Gnc^wl#&@*~I~01{QM
zMpExArQFZCU-*WSc&Q!EoyNtqWUam)e3Zc~P)RuA<^r5$BL#In^_p5f7DB(=kF`Aj
zAe*)nZYQFO<=wKM?SCZHO6}UW0HCWPzH27GkQGI}yl+Y5mIG<u3{@oiuui|TI+ryc
z+3J-w4sLvicK7m?Pl(2$kV=+IY6Uda=YS_4R~{6uAh&e-<PxT?zLe^pbfGcm;hF^z
zS!3Qa0y?DF<d!S5HYhP=Zd5B)W|@hRzO^Q?Ekj#YVxyOw5M$Yz8LnXD?ky>cHz?1z
z{HNrdp8(yp`^=W#gTn>wE5ST;9i4{r$9}Usu5LWVyr{{Pkk<$5sqTeCXVDK2H+N?k
zWBTpdtyC2bb%)u5hvPLhbGz;oMDU@b{y(EjJ+iUuDgK^V$9nm+ZDn(62hM_<?J;w4
zx@F}%PB3{}?1N|iJkS?p;50*=i^Y)c1dH)Pg9W4v397QrnLs*6^{_$p$TB^p&8?mT
z?#TLEvT811;NzGnI0q7-qry0R%IMc;ueqO-+ewo#1MnoqcHob{gUN6;;L0uX4qZ$+
zhZh&_388B0OF1zzwM_lN_}dnAbeZ^=KWgH@pBnZdw7vxX1e6#G4e~qJX%Q<>X6TES
zlr@H5^x1#vf;KPSQrc~`420z*M!pDJFLvi30lYMtWKC!6Ey|`gLO;2Yul+Im%#(Fk
z7Zg#3$$=`3O@3ZuQ(e_`qHl`3060X6!)>x?l6u|&`>vL3EY!#viE<TA*^z%rhXbK%
z8=tjw$d1*ulC@MeCnNbw&pD`L#zLe-7A!cEE#(A`eSFs|!%C}wm^t+g6El$E={TQ#
zQ{jDRAL-EmRGu*S4|hjLsgSa*cq(+sl(ptE<pZ37CetzIfCkoa_#WF4r%OmtnN_j(
zLWT-3AH#UYYH>9hoVLT5mW^cJm)hlQDZ75aQd(@imMPbe5zG!LHWSQT(*nk5SO^V*
zC?_UWC|>YD=-#buAz<m+2^NW$Q->NxCsD807<#2=s-TcoXvHf74V4QBrejtfk<q;a
zbbBjpXEK-(S~Kpnoz#^ut&w+{PnW3nUiF9~T|?QO+k0nJCCOW;J0H)aFu|c@hIw3u
zMiLG8@-8fNq0M6*p2hsp=GECG=VvVb2de{p;Y&_x)$R1pFA+Y?dgC-rOMx6iy=weg
zn+|8Rt%N7GQ|P@BwRj_3iYFueEam-qBiPZQ`QdlAF2d4>-UcBK)57gJaaJgkw=(Yc
zz}AGLx4z=D3MN>|WrJc4J!f+?mYfUf#|Q=owIVTh!R!kQ#kZOG@xUa=CrlpCQ{Kkm
z**65`nP~Ot#Wiz3q<)}%_2H@>6>iU|gVvfa{|?cu`LiKY6qblfg-zc+IaGj?KwLks
zjM+&%f+)I0=aEVZc3A6%wM6mSi6pax1_B;H@oxG|s1?@v4f<+<RU>T6%<7`i7c*>x
zYE8~%Kg4z<xUz>Wm}oNbv4DN<LF`hvtH+WD3ikWTj$FO(1Hn=n6TL7wS2a*w&5^^S
zannBFvU!E^AS?R>CV*#tez5vp=M|TJnh~9%_g&bazbo_CUy4lfOqcZ0&IM~3ws1S-
zoG01$dmInZ)+e^be2My(6FEkbw46<CR%XM!NiG^<bAsCg*^GGg-{y}O8C7)OP`=Z-
z_BsLa>t*Znv9FE)b?1p2WgW2fSoBasKnfx*Vts*4fli(swD`Y+ZiKRST8uHpzao;Y
zlq@w++4WlbUe&M-o#mwn;LvTcKLaZ|FY-vKQ$h9KRNKC|+WEx{A>|y8e)_VwuK2h(
zzW+MvO%~{oMF1xF;fP^!hG#X??dLGNxfwHcpFg&#FVWe(P!q5@&Y4DH`h&5Q?^6MN
zeo-Q$Ow^U^ri6Z&K&3j@n8QKg3l1FiE%q*1;NOkIg2gUceTkN^E9bS#Fr|07Hw(j)
z&V|Y)g~_}BV(G^65O2pzfn0Bu@w=3is(kOR_2*YyN2N+5S@vVp*edyB(~R9{EqB3w
z1m0w2HD72FXnhWwj4njqv9SA)iN6d8iH~Qd*J)koN6(Y{3w>%{?&8JWhBkvj)*knz
zy4x);Q!Pr*Wu-SWhINw~M|&V!D%0jXj?E$@gsTo7gKk}8%41mfcWzku)>3b+&Y*D1
z(T~&zH}4<ju6~5~$4j4VTM>uOOL|PX`;!~r8xUR*wn{|x^}!V6mGUePal-U9l%zWT
zi4Ja`nKDW6{TaDeQqssbpr+Cv&;4=Sj!NyixwU6alolaF)k8FIC4mqc`>MnEt%wRf
z8(z({R1{cxDU^!%%BKC2cg-v1=GtzlkmAPX_59{5%BcaUdt0|)22(60qr%M}p-E`A
zV`H0H5(-*b<w4aU724*bILm;m%1?WvQ0c9xoFqnWeXUe*vgDQ{ZrOU9CQ+|)_|~9?
zx`v6`N2wjpg?!lr#JM4LV!FC5%`L1j%S;$GHpMPx<3nqkkAEAtD+|}I?UYGS#p>Su
zrj2Kka*S0^kDTkAH<agk+>r3-*NWYV5UJXNCsS8yQ#$feTP0%PYcPI=RK}Nlzln4e
zF8|+&V8o==*jH2=0lY8o?_Ha+3>sC^gv!Hv!$AhZTCMpNN+%lujtohm<@-OCbYHgh
zh<%vvE!(BlcWaLAQ)ab(Pv2W_TXtGtm!nQhoIx_wI@)(6mhTL4yCfKrUqXwel!5dr
z>n*rJT%c{3l{=PnWN+u3s#mTSpJE;>^zZMc)&*gsBqw`qZ4_Xhr~>~rwam4xNx#1?
zbD-334v4d%Hn9Rj!nJiG>^EXIs(Hs$prOfw4`n+tSfpz;7pGs-Qwt<kZ`!Vl#0ehR
zZj76FtjQ&IG?BCyIN3@!Ctn=M&T!F>$`wn9L=2a!SC}vN)PIoq`1ibuJ~6!kiDp6T
zcTYLGG~N-dPNA*=LzSK`r`#OxdDcnm*m$<}-dtuBt*@tW&7n(Zdu@V6*1nBq)brw3
z+@f3GoezG5L2u0#kA;Zl4mx^EXELupc=n(lv48^caQdp(qjB^&H8)YqGl`>n84niu
z^>{vdT9l8MG~~p;SFBYHthe#rY??h#Jz$CM|F&RJ4mv0aTSXX|sC#vqD@JzM+PX+s
zhp*!ChO+zY&ibj5Hw4>!zpq4S@T&>d%@uq1!cPpS)xD%gZgM}+=}LH0yYF{I3tnw>
zGz7eqc?K2k3-_EOX6Xww8a%B`w|tr|xn7shIc<5I?sW|Q0?F`61w8yV#+dQD-+nN^
zFEeM-UtozWY5N|4^^>uVG5wEB{^zfl2jm(z1sSiA;w<mCCN!D&%g?^p>u$uT!gC&q
zWkPuACSmRH&(9ya7o#$k+SP)wROh<0hK%R&FnG#suG~1ij=PQ;I!-^we^Gv!Q`%;w
zvkX1ciGO8tkXjM=V%I)U_#}kdfHEX9$KjH+TsJ7yeY;e)O!c_iOCq7mjEiu_a^_1?
z(tA**l1UQR%*GH(wWhOnbbr`nkl`W1=N2Mcx;8y&vnf@Q_j;$FWn@N<AC_lhGDV^=
zew1^PrldA9Vl%;uF0-HOddcr2T*L5@P>8!eglsqj6Z}?aY7i0a_W^ALPQ~{l0M3G=
zK&CzEc)2VU@O{^;Wp)WM)+_h4I<0hU;C)zgY1C_~=S|TV**^bJ7$XfsSbzRakrD>3
z7|)nP7>E49kUL~0rC?C8os6P0o2&a+v3DK7boj%S;T2zJpJ}hk*&uN8N%K%qT9ai!
zfwJQ&an@2osbhT_AEU0NQBuE3^<iCP=d(6LBi3~LnjswTKFwwk4UxJ78Ggk1Wkba4
zUz<thl-<K1Lv!;z5}oP=>M-Qu?kOtTFNcWl4!ar%V{`vB$)&~35yNLp6mgh`nb?1p
z=PG0SEgN&oa(HGKJyRRZPyOfw9GHt<1EW{7r)->AznN8;;>ap{@fl*U0qr{fJJunE
zg_Jndc~2$0NuVwq2v~b29krVAljv%|q?}~`V|W}DYveWBBAKM?Z4Kzn6MhxiCH}fy
z%j0u}a!0;6k5gUuDHpG*jj^6YUN3_#=N_ZOK4+CFg=rl=)GV;UI1>?8de&s^+g?`_
zmGLwxD1n?UW4411s?D|bu4O_(3APK<NxvGOg4*5r7gk`pv!Ed}I5!%}tJ<xdm#C!J
zXrog;Jxa}veZ>A+X5jNo8;c~w^;4ZPdCP+hbV99kt$o6U=K#i!o^FznCWR+=G=Oq0
z$YYTyP#4V{?sVo&HT|SFC%(@*{#2{;^;-;KosW7QNu_M9LrFd+P1??yPabm-u_-P2
zhNGUENjh{Qo|SRRyfO{{D6l4O5sy~o2=D3YpgLx-QgYJ(r=pW*|2<iR2+Nq1uqQ^6
z_1VExBdDWnK<e>wF4KH|XoG9L1%v<cI4QF^jJn`88!^8v@2LZon;6L=d5dOjL-5eT
zDLplg@C{b|(hYBcOqnoeG#<RJoBQD=f4ThNhIUA(N{$7&L|M~dRjK5&_LbCIacW1v
z&9|eBvlYAZB=948n5<4z8VNXvv9v3ZST2xxBn+%&{4PvQJ)Dob{yL%b{)U5raZ0f!
z4Id2n6eK#>>d_@;@&5@wg;wtB-7z-=(Bqz*SvE#dXRYn-9)r^%dCWs49xtje>K-px
z(m!172J<-TeD9jT=Y0BfRc?UqIr*XdU04Qe1Eu38ICb{1pm@<-XSL&Hkq}d<L^c~8
z<j3|H)~oJ>p~ZwPWrk{d6ZyEp#JAt`@Y@Gc-VQma6+`CYWc_>XC96mW<*gnyt6cB<
zP$djp1RF@64s1PidMIv&T-t<dt<_mMD;8D@>fgiimf$D8ExGj>KD_2zpAg$E*)3%D
zr;eFfS3>of3=R5GEO%4F)1B5WZ*u0=c;;hOEU1`_tDdJ65mW51;vVNV2$l2On>(Tr
zU;gx(AdmkpIuwBNd|?31hPiqiqkxU21Y5(_IyZ4P{w-q~PH+!6yelYNedB_uFnM}5
zDypo8Es|k~OvwbWn-~a{Oblti>{r_Ca_RO6b8)z5>wC_%kSrZ$Q%o)#?`Ph;_H+9^
zkqZZ{Y*RY1^QJ7lb@yL!$?s?_WPC_*(SXeqEU&<xQ&%)-{H6zkh*6_R#+EGjpzGq;
zOE82i`Ua*9$wTt=chMzvy7b2jJCzKku0m~t@~2l6>6LIOR2+Haj=?*7lqj0(4#X-v
zUr0o)lGNX@)jH3myD+O&oK7E5T=cvkhxy4(E39w7<@#2c)4Q%dJi)?RXEek{e8FPL
zKW0<9@FS7e#7HWJC8R!|;Fmb2#0d>m2-M_^Mk+_gWg@EZ_&{5^4>^(VmF)*r1-^W^
zmB8Jc%Lxd61iK3wgbfgj(|ef#zLF8NLwMjrjR`rDsA4ClCH*a2Btn^K^RStgmL;N1
z*>-3<taorKyQu@`VU-264_(7fFN8|Nr(5s7|JCtQFeuH8B++Lw@iYnOKsDf`?t>$g
zKp$@&GykNq6y@~+^V4PPyr6D#KZBA+K9T#DWek66cn<4qlEk)^;9|$<Acr%HS<f+G
z<4bgZEuMOXgL1U?>xFi^>%#jM+lHAF3+7{bPFr{Z;cLdAOhbkA1s$oiHU)?^UEjJ<
zZSw-2lBcU!{kxa3;>`Mt^dS`9>vn&s7Aul^d>v;fWB1qaU5=47m>@qyhh?7mGI~tW
z(bj6ejK!eJlD$DPd5b4&iV}+-6G`zo1@*NV4KiSJ`t#(IQ;?z(9ND`VeMn+P@Z%aD
z)SYS-2C_7;5_7fI`?cim;Qg=;l~0GG!)&nfhu)L-83v}Zgty;S-ggn$Zz!f7XD&)3
z>*YJ9p3M-W;kE~fTfDv+mk5h$M^(QZdUs~8PeWa?3?)WIP8dfn{*3<<JTIb(s@kKn
z5tbpjz7_FBAU<8)k%!q)dm@HT(UGA|iZ7D-DsAv8y2L?rgJs`I$8<XJN~)_#P<2?4
z7aMGuyQ3j!B!TrsKI?joH95c&2{s?m5lofFFGVDiW{7^VegYgEV)mL&Pw-P@9;DfX
zId9<EWSOVF2BB;m0N+L2@W-b&_)kpkS7STTEhHlk5r7!jk13>N`r1tMlkR?9v69D#
zf(+faI@><+{EA-t3~5`{_li=Pu>IaWm19yTu@-ZNFnY&KBsewg$g?iHV-<d#c(aSE
zAd6XFl<e$sD?V#4?Fhn5H~e&wgRt9*EkKy~y~5m57eg2_nlJ+=4w?K8oMB_UH}4>4
zoZ4+q!-oOZ_j7h_bRo-6U(TI`kLqxs;lIoH2d5vJU{1t@7#AQ+p_Yhc+f5rLc^d?C
ztVZd<qGQoKb!@pWYvhOLb)}CM(ZXLr=elTaXJ6;I<adP>4-9Ps|L(X?Mm@em>~$5i
z1^bfTPq|NdnlEA_j>F?}^AM!Q2GaKzYb&smNfgn|<s1m0HpwG0?|d0cOJ=!B!Agk<
zBrQepbms*`Y89C2Gl6B{ke5mp<bEkJk^sUyf(<@zP&B%J4uVuQ&S_}4*hE1T-iad#
zB?h^8+hwd|WMHu(+RzZt1N|fO_lpg-Ry`iCk8wjc`p|_ftUU3Ax9q%?J{48W>75<F
zmk;@XE+#D8-U>?I$Ic$Hpbqk#bgC#1tPHanOkzwuX8dUY;ihzgpSZ7mqM5>yoL#wV
zaaJ!E|7uW1j!EmHcMGL5AM1H%W_9m6&6Z<MAwOQB^w#1Al5$0nPCIvy3LW`rn&L@f
zIBI8<%_|;i;h=tDPw{uKq@*=zF*IL~uf<ed_5JFL{YO(zJ*$lm!@MIlitP44)Kwkt
zy8$2yy0$Khr2kuGr6jf8r|r|C-clj+#R8Bcdu*3*D~{9`d=<y*rI8Q2#=b-2A-CR_
z7k?aggi2BiK1`hJ8R$5BAFUVIERIR_8}diA<1ON@)G|*L!qbIGOI_{SgtN8q;Vr1+
zo)OG{xN9gN1a_Gh+_GMtkNHDUf<kJs8IDte7Tf}RogqiZ5b4?etJC`6*Dgz4jdF3|
zF!5lzTMGL>mCkFaC&vu?8-YxZhiSOL@2q!hXwR1s9$fc&3J-2vEI}P%&}4{E`{Y$~
z4+&Rr;G2#B$oOr}s*1d=PX%7(j;mU#ouMLLsz#Hys-{9oPoyh)@lX`bsOQNNNPkCX
zpsb)7foQLrNS`=ZnTXgqCmVYKpNgAP6;`iCCN9=^FDRq>+Wz>G5?s;oYaqxT8z*}l
zgF%>u8>M0yA%n`AGww$ah!;<%j!cmHJ0u`vgCTR<w1}*k46xU?zRo|)nHe!e_vkky
zV0>?x(Dpj#K>IaoV-zB_Hh}22LCLklD5u9=N&>F^Y*j+g=f`bnq4WkrrKrpp!ZhLD
zojh+}hsuDWu<nej5B;LT9t}&nhEgftoLSCYv4*&e-7GxCr|C*7tSJC1;l_MnJxetg
z<nk7>p73Zi9L5)!M=A~;OPmY4`8hh70bS_(vlbrsaKshFqY>k6>VxwxdGA!?m(w-<
z<J5Ia@qPzB_v)wiKbm9TReYT+7gcxi?SChD(dWZy>&ckw#v3d@e|5a6<T2InWxd!a
zNGY%{A}gi@Fc8(TbkuNKYI&@cp3)&aQ7jAXPl|yuHAnzRIQWSL3#o!hBSBkj?Z+fX
zVE$}WGo4p@_*<)eu=MJDXe)JsDRL2+781ZMGD&r`L0_7cAa;Rv>Te_=Bx`pRD|YeD
z4cYpmqB6c*X$EL`67u7LZpd~`_Dam<j3suSJJXFN!{w)11x0L-tx~XQG9}B3vIUav
z$O~WK@2W?tMZEhg)^$m4lvjkFzVCvBMbw?u^XI+u*|)jNZk@{1G4bu7JLj{h6x_`1
z6^#0Jn~Ll3Lml!x@W<RPrINTz9JtCp+2dA0ajM$feANT=TSwvKXNQ|L-{PaM_YkjI
zgZXY@&n!$QzSqUx-W_(U%!@s7c2778YsZzx)sLs_M0J(6aXzSt5a}yE09fMM?j2qm
zbo!d_C_`)Ajw!WOGMz(LqisAgSkAU*%_-D0T*6^mVcIhc{6%ddoKZkdy>AC@+L_!H
z^nDRonjmdqbev9_RZ-bzJ;zfZ$qb?M>sEo3vTcdDwZUe_e0r}p@xxfzPNI(<8v!o2
z%6r=M2k%!hEI71ALf!-X!0}`KI*UU{H=rqT^_6sb2?{H8y5RjS=DGVL1N=S4)>3pK
zuxpXzy<1`N&Bu1rmbEU}5aI4*^Fu>*4-nPKGK#6uP_LcXr`|RH!}3Qfkr0bU*IYYm
z!dZjk2B#=PWNir<L><^i0Po<c^b%Ay5NRF~oBb)#C4%m6q=@lDm_#niaYs~-aXL^2
z?K_v%m>hq!4`Y#bC3vZ6OcEs&B{J(Sr@UWYHEAFUgbQ&qe@~+lPOITC{5A4|RBS=o
zi%jRLsa+&g-aucGrcDmR?OH@dUJ0-1_b+#mY>TTu+h|#T2Zb6V<A%hVTI|;J752Yc
zf6S|>1@AazC^&8mPa+ZByA~Gp_aYZntNFRV4wV<|l1Owktkvh7NwS<uD<DX!qXT@S
zi+WmLpv5!RYMTxc<tQ?=vNELXjx!Z2Kvd?ORBpbl^QGqFhgnMo0D<VGJ%36>X#dL2
zsMFpZyI23ZKs9OVaRL0~6@%Q`J(_At_X~y@82^wF%@@Rql98u?B~|1P(mX{s27lfi
z*OIjZr!16XzblQZ#fd+RU%$<6_K_LQqaIUGipJ`T_?AsLZIsbL3al}Z(QbnSoYyjx
zc3bfahL6~Wh?;}@X5L+qn6cjjZq(X>qt_(jp&pGBCmt+d)zC&l21w`}DX=j}aM9Wa
zEE*{2{(O8}=P0vg(;nuHZy)|s!&sMAxe~(FZG~-8sJ3oh$r`J952?Sscq}OTkNu|b
zNVb&kxRAir2I#7WsL3@}7Lgf=0^m%+@h#&7_$0({)Mn9VHHkvHAB~&L_j9bl8-K9a
zD)5U>cv9E+0o#Tg(r`iwUiOe~J-N7*cbC>(XAAttTY)5c-DVee40|)w!%vA-xi6c~
zl()CSTFEvTVp?Qt$(U6Do)Ek%eU>0X09Sqc{FgVjuy|!i-1K^EMG}C>*Z<o25XcC}
zWfIj7w{w0Opepl0c4{+!IB~O%R3m&^A!Xz=PHe%V9vJ&YXveM#D{RTn>(CP8hh&OL
zPg3xvJ%8DIt#*_9f+S~2XMPUBG8Y8kAAm2?!m!s3z$(-Y>zWC)Gl|>jo84?Ao%=cc
zkUV1N12l-kyYzrT>+bR@d=RGb>*{LVBTT8`NOh4_Mnr}g;ts&^b;cP}gcZvk6{xpt
zMVWQ@64~*e67=>=Ed~-;OKAC=-1o`k6@UN^TBB0xIRd(~h6Sa<bi0|Rl}e}<k#G=n
z&Q!eeXN9CMm5?xTf5=U63}+t)5GG(1lCc91V1!38iQ-1tArCOb45`t6>%!WCayYkA
z70N$kxCgBg0@mA$*t80VpqyaIjWVo}JMErkbv?*H|J#D<{vdk192XJDsQgM0!3XmZ
zfjK(eX1FWHxrd@;Jc*kUvxID9_V6z@kiyDrv6bqWT_n)oa^59QOxourp(hb1*NsGp
zUQ{crAfcQzynCji=Sln$R|19qTCv7BcM8~`jms&*V*K{%1+8D%;28vs&nXP(tP&u}
z=YS+ReIvK8)1M#Gr+aCra4B7ew!iRcUhvi=a!QrNR$V`&HV07ZgkL)^0J&y-6dlC{
zr_JR2(WC#ih;HJw`%S<+M@6bAW9>y?%@hNq;T;k9C%Cn}fHLZ+LhknVmc8BwBLz7g
zso<{|ZPW5q@lLbQ+F%>I%uf$-bCYyB>zm47Rid}#ebFuqv&9E0V|HFZ?`V0Jt}tkW
zHnN2Y-nLxJpM8KAnLKT-JrGg7HS>_j?!g#j8)L-OIELx|NTXhhRN_;*W6=Fbr{f>X
znPR&BJjGq&3cHdHSl=hsw&f_U16FWoabY}b%WA(sx)<^FtG(Z}8H&J8HTm#GKv#lC
zW8&*E$tGn!M$Akd{8~0T`rI^S|7pS!GgmQSswYo7!U!bz?y@wKQl-iy#KEz&wa-u`
zNyvEc)<e-A;?H*f*GMX1-CnpTV+Z{okC;TGuv17yk!Q<Zv9kD2vN7;etIrgJRL4&J
zfxhLF9tjbhogX>Z3h_1F&V;z`oV)v`9}#otv){?na9`eYditlO<6_dvkH@<`DmK}l
zj1X*&zg#3)TiNTPCy3)}d6of@lYYo{4-zH<^lH$2DcwRY*)FR6I~U^w@m^*TnVCzN
zAD~Hn0-%37@D0OW`-PryBpoBI#PHnipqnITcb<?UdpA1ZP|Rs$JwwQW66TU}R&#rK
zF%r-AJ6OcTmtbnpaJ!iwkdy<M$!H?cmZ8O3{jI5`;}s(?IkxbRV7q((*c((kC6L`S
z&(nKlY0f3r=DpN+Iz6?nM5*xQ;b<WX*03QF*_YHk=8L77^#|jQee4WFL!WENnmB~U
zE)2ISrzT4{zp<;BY0kTOFrPx$RCfP{gPk%Hm@$1uojt`uch+8q;zV_oJ2r)cTsis9
zX(p~T3N7^8J6h6<+8{rfJI}bUs+WT*SU9TLM|X5rSE$1FcQI_NILR^O&XSY97t4Y9
z$662SK3}Op21h^P27lfQM&UuTZ&}dqhbT`^-4|${1cAg`!rD(lD)f)jIWJmk?Y1nn
z=#vuaHJQWh+zP@<J@eJSsqxk`<R?Y4ZnUJhn~h+fFahzHGqr8Cit7@q5!srpSrzZr
z^-AekR;et{qsEM$f$hC>Q2-yU*x`%0u7uieTj4br=s8w{r(zfK@md)eI!emg+leJ)
z@VS&}11r-TD?rO)Bg*aqv_o5;RFO?YV=FZ*H0Vl7by{uve<@p)DjdMBQv}$L4$<~W
zXJ)XbtY=bFzm5*M1cUSh+^-*@{ox8^<L@t}CF}O=`zw=oZUPyToR|~15;Qrh-wVNW
zG~M6nR$#U1?%B`CQbreV%njS!1FC4lw{(U@`wVh5_1t;$M(@7qp{gP$$aA@Yu*$ZG
z=hqk)SxU}>5ya_2AsjCJD8PBV85}eADMvU7@nb~5;FE4ML&8Tjt&q2s-AjL_k*DJI
z!uTq!Riw-H1dmZUidp7|PtkyN%>(Ze2{!GDvmP(El1&$J>j~3BWS#}T_0iHjO3Gub
z{A4I>n>qpuebHa2Gvr$LSd8mJ_mACHLb+8E|A#!)<ndA_lKgA^03F_ZMfdcN{e|_v
zrUR`_n|=aZyG}b23nDOh=yLGJdiEb2ccAZ1@S2!*SF7lmG?T%fen%)YW|bY!keBV}
zM)>iC?7lJ(oizxkm~@}spb-f*%`Lp+G)sXkM=lAPJ|fV_uG`F<SZb2UnUm-(T}jD!
zo->{^IXh?arar}d&rG=yh&OT$su9L}`0dA*o*sxrdrUjxWGfNoR9Va_d1wfM<`&qC
z+MTUmO_8u{usT(SpRXmV+E|UtVR{EuzaRm;2K=_&3fBhJdFhYX%w^@tTDEFln&|O;
zRd>Q)k#sltu>OkcN?zwz!rg1|Wku){{M+Z!jA((=EH#+oM(IZ9ACh-tzsh!9dEW}$
z#(KVPc6C?$dNV)72V3(3O-Ryllt(&ecu-adK&R5>U>mQzTV?9;1y3n$0`yuC8B-^x
zpA(bboljwg(nRAKd2_yne8m#F5%Am=iy@46%)p}tDxzh|d7ZxEqH9u>o<JE>Qof8(
zNw{49ixl4j4x<@8!g&F@eA-&^)fDWPPaN{cch>*(45-DOCFhU-sv)vz+8n6Gs(l)<
zk$)mR6k#`#MNiugUNwmFth3OOj5R73${N?OFnW<GWdBT$nxp#S$9uc21siM|a*pb%
zwch-}2x`|Twp_DI(3aNf*JIe%FB~o129yhavEr2ySv^L#H$IhI;iuxi1IPe_vt%rM
z_jiI>qgI{8=l-|-PrW5kK=qPbvz{TRnb~8ck#?TJOOe<KdiO&g%_OP&a5AW=F11L_
z#j`KKTlJ`I$VF;CH9jgkN#F@c=}oZ9E6#=cYva)*x5zuXCc}&go~ZlkF3yn>(n+#@
zFpk->Sxg}%1WG?9S$=T;%exqw0r}yqPs!o&dZ5lBXJJ@EkojyS+G2BS;uAj$`Ev~b
z`kgG8_=J^Os#_AX>$hW0<KBls?gj}s_M@5l6B--Eu4BEf2b$^~GO}>iXTkv(*;^oI
zWbx{G2=h$u9@0`BbB<YBRyavgg2;dp_wUcF1HDwjXD24IIxKk03vPb=P3MPEnanuL
z&6QM5{&)i7I&16&^~7QFmIo*Umm?S;{=zl76$E}{fY=oI-Zt9F-@#gns1^>_op$F_
zT%l9S$be3$MPw_FEnFnlg2wf5*t_s_N^BKBo=5b}4%$9Ij!19ePz1=c{*ea;__bIB
zw(>{<<n)`LpRU6f%h%gL9uoT0f%X?UiU3oO)b+>%?G5-b(Lk<Il3miJO_{JE{AvrE
zR+fP}NDkz_H(mcfnUqb#%@U6aFllclKbr<#FD`xhpDYTH)TiWhe?7oqpJVngXU-Px
zgJU%4=62dYg7pYUn>*Rb;<VrE=r5k<U*17p^83y~H^|=|KN^+M(BETo``^QTh>bAa
z-I@S;I6x0?bh2my=<WW|WAc$7cVfCjivH0nYL;AHX&<Z`bpNu~r#^yQ<Ol*iD0k8$
zKY|$WFQNcFu#b}TSZO?h`2EnQJo1axi(A>im7}`?&F+y@z94%%M~X=$c@3z>@#VoJ
zQVe1d`R&bbhj>>Gk!j}(G(Jy==dK@($3Rz*?hc%+Z|n!y)y??NNH}&U@L6Qe7RG<P
zj{dv^J`2o4PDZZQ6^<efC?7#i|LCDTc4j#7`T5`IRFZo?pndzpslU-ri=CjG-|R#L
zLPpAOvN!X@gnr5r69`=&QV*R<E23rh)M4JaO;7_`K|LfCd3{q!b>s(VHkwqfU@n6z
zr0QR%I|qa;4WQlZ`uHXLTaeenEV%z<u(nVLdHqzsAp*#th{3h*?33a2s!ucHHyzxp
zP7<kL>Mv|KlF@>VM;wnIBSZjuS(JN6A^^~jC3ytL+szK=&o2P|fC-c`?-9XTdDMYX
zxA(qGAY}%N;z_=b<LdlNOeP8aKSl)}O?`=ZT8#O}C=MqMWmNv<cFLGEb!i&j1vL_|
zcm3$H9h&Ez0rlteiy!}nX?n94`R8*3{t#3^9xGALV<fMx*Leuy(`J`KUr*h7b*&Lr
zXXsPQoL_vC2FSg-yvSt$^2C4S8Bu+)l2@1OcK^tyLThs3S`xd14QE;fVmEgrVuA06
zCL%auH@}V-guZ{8OHC2UQj^Jw*u@_+_>4Y0@d}Sca<k|@mGcd{r7L6{kR{YjzCY-(
z8<87ri!(kw)Ggty-}C|)x56z7-4fK2rt)*Dmm&0WR8|TuVFmh><p0!|*gO5n#rYfP
zffK2;Nx*w+r?(P#F@H6J!+Yy%(XL~uFRdt{y5FXJeOS1W8lV7bS^eHeuZnV4K}8!|
z6O6(v?r4CBE(8^FHF&X!(#xVw@d@`|Y{{!i(FqqvDcYCaG7#NCxecgbO&jjm5(QU0
znIzBr0bX-u7QU&XluXqY^oA~ZYoBy4`Fl%0Bt~0uy8n$=k9OMQmndby^%ndoYfy7q
z?bFW;&(%S>ygql;6k?(NH-BvjDQtY@WfE;s{k~S0iP1)tn&J?)qEC4a^y~5!{KGxJ
z(;Ns!npK}9HF)k8!v<*H@tqqv{m|Fs$$V|BRG6Ikk)~9OO5OFk;XI0TLA_5Ut0d4b
zx}B}gYEOMTY=Cv8J{iyZ?MZ`MRCy;*3gaED8OG^>5v_?0j?%Y#8j4UMhw)_1Bn6M2
zyJfQjFW7tLM$R|%HGW^YJm^hPYBufW`qp>|ZV`|B7fL*&X?H$T^g8#l8%&|A6P{Tl
z;J<5(1}yfsN3jYz6IiIMP92}BEo|v2uY@1@o5u{wxu=iZ=gNLyLWMhAj=o2<hBQuG
zJz7Gc47Tr#51%v;Mvr4B`LXy%>L<rsa)%f9N#9e1=>`HX5vjc+wr%<A@D5MHcGrjg
zeW!<{?{w}`w6ZR#>plW^!8?y2?#8FfXprsG9w=ic`Ux@hXwYRAi6^+XX6f35jQ6yi
znmgw0en}zkd3N%U*&%%0TWVVC)@GK;_+(lgSx|%1(J!LcYkHH%aGST<+Oh;36eRXA
zvWY98ORKZ4R^ynUD#xPzCF9X)+Y=O+6my6W@N%BGV86dNxw}72gbKC%max32eYo)O
zFfgMl-*>B)5zZ(W8-IBC_5?xP&V6&3s{@s5do4Q0Y8)KQO2&0CJnjxV6Y8fx@l0G{
z?KKPG5%!W@tHMVa?p@s3nb-#v2h7a)h|Gqiv8UoE=gNo7JsfGjh0_>=;|6Y)#>~n+
zmHrM_FE0ldgi6)&sXOTL9163A$~@HoPS6)}kOvPS0B<!+>?(LQ>>lJ3il}}Peq6g1
zE)ouYs_y>&#o6HObdUO8!WF|CTLBgb-#yv$Y5d;qbG^#s?4yq^INw%bvRsQ0j`<**
z9rYNX`(8Mf>IpyjK1As89m6fY!@X3^rqtmXXks9`X+!v1Ea<G?rw1ScJ>e%EFQ4Cx
zRlx+?+t^?RZl3;XEuH5#xTTK4TW25D_g)Qcc$7^FCiZh{<)<=5pVWX|w5V526Krb*
z+Q%4RW=@`&YAs{?H$sdB{rzxW8MqeJ>JHO?<kvc8&YXFTPI{^T?+QkvP8<@C9h^Ng
z0ovLPMA-t?#*NUyf2OCrfZ|$tI4^(u7$0os@V^ykfmY4Zk86eg6`Of^X3DjU-Q5UL
zT$=(p@Bd3qs$=HWnHSfd(7^`6deUpQAHI->um;+ehA&XAn#CR0^0tq0!OR>yGi_SN
zwr_-VoKdM)%~Jnc{*q(n$eCBep3oA|(3DpL&`<%wI{Ktm2EG7PNII?+Y#(EWnR$3-
zQbDbNrvGb>Ud!0^jS$o^6L#k1ye9<RKpakbIRi};A`XFXQGhQ{t(s*X*8;s2f|<E^
zW(q>5|Cb!Ema)ehA%tV*!<pCho)BUKkp@(bK5@u6t`%+{bNi3to&Q=eYC8t-9%vi1
zx+4JFxxWztig%C{CcQ@Sv+^j?Q9f%G@Ta4E(JIhMN0HSk@JL5d)GA0#M^V)(fTp8p
zYO!e}H`Q#mKJzsh2r<F<X)^H31cNL6>(}MDT;bj(6O4xR&acY}Kzbg?&v^4~ISEML
z0Qnhy|Czp~?pzntM)eqT!$->9?0NB1$=(!ooQ{|CnRR>`1u_p<J_?D7)=Ua1I(F*a
zZ>fPBrDwkJ5wB@Qz7+G6`nQ=8(IZQO`(g-u^NeZek-^};Sc2bq#vJs>^5DKW0;GK7
z&-BR3;J$bQk$huSdSrEQUjl(|{`9iSv+IoNd{jGnGCi<wQtVkisxLj+SFrD|Sk?m6
zpY&uVVBh3eNC9dVJ(&gAHzl^Z0JVyq%m(b6I%y|NJntcyM)11Oc$gm95iFTbU|49p
zOpojemdqf?Dl|T%NA?6uW)l1@G`^=t_61935xg!k#%4ec01veV7@m*?gOPG#V~SAe
z7|6oGNV%~SMW{RsWYJ)xyjc8V)GrKVabTqUSfyfAO$M?gFj7HmOfjlC0~LJYN1K@=
z19AqquaE$##5jNfIS1TVL?BXP9M6DU0PZU$@GUXUV?Zte_mvR*E-|iSK&}Ayl@cJ8
zUM`E{UT3hDqK-3=)q{P@V<Dxee;LS{!M+u-)upJX3}kI!-^$ptQdA^HvQDsXRV-^6
z>PtqlUa)U<ETjzeH6z&o*taIOx(xLbBiRVpw>I{y3{|9*bQ~;F7lvPs`lXa~68yU^
zjI|t9v6OTgEK(n)RF0}yN;(VvT^|N1f2LbXI>+#TlN9q)?5oEN6eF8sAjLNEi0;ac
zup-6`VXIK1qZw>c&(5OT&<^a%5nv8`mMg#(CYB5TmTP$8=162$zJ8_zyjkiC@*D&8
zJ2c%=*Z6;#5aoZFU?3A{*RK4VZYk3LPyQeIU>Z?Q^mj4hgyDZa4p&@IfryaycVAvW
z;Z&kvQX?0%CN87H3ZyyH2pBOyRSkWno672};cLa-cZ_Lg(>Je&TrollW&B-F_K#Sd
z{a+d9R3)}ux#?jBa>YypjQw|gO0~yxpp0P*Y0gq|i|nuVNRa@FZYf!U89=Nc_FT7=
zc2%tk9+CHtHpcNEZS3ej+R1;kU-<sfO8=vMxA(7Mn)H7S|34?DeRff16puN45v9cT
zX-q(J?>F2&T1o8Fl1Dtj@c&@%t)t?Kw=7{KK=9xapprl!39boR2@*nr2M_M<?oJ36
z+^HbJo#5_43wL*S*SR-6(>*=&ru$9zH~spp{{Fe^aB81@_BlU_aQ8}akHchSS>SKq
z8#VKxkv&H}X3&iSY}4<E|Is4<-;ED2_r`*Yy=41Kr|^OuJOw>{;1tq(!BdEe2f=LM
zk;&+TN7mg79$7qiWPcIN`3LO(nRY>?^(BF2!D1A8)fh|nh^Gm5&?A$ka{rQSR8<qw
zAmhIfI!Z7ARnOYUEeo{pw6TG@!cm}ZS>^92%-)DroJcEGRM!c@&~S=oeC4)kSCM^j
zs{WJll?U(>5JS_cobi>{>S;yx!x+VxG&Uu58_d7UN&n3!!}#Yw*}${?=OJ>{7+WFd
zpX|R9TAV-ltFg-}{|edP3BZS(@6cQ}yPaU4&M$%QFjO|Xk6{0$A36VFp=|c(aD9Vp
z_9Vfy%gA2fd5j=7%+cZH$Wh>VERw1T**JMqd5l#7;@>hX0X5*|0UB%?@_^r`{^{%g
zH4Ft&+oT}iAHp|5NQHJuB8cNW9cjdt1v(7I|8lrI8}Kg!{#AzmB7o)DP+(DW`=p%g
zYm{L!ygGBoq?{aUYGE>;bmq=UIXN4~FG+X!_uYcYA0O{^7MHUE-(NFvCD|goA!I=+
z!1<J9qX0+s?+M$L7#CDJzm5V&9Q;>>a1eX?2m22pLkIBv;M`FTd}|n}n*0fIz;GJ@
z%>FB(fD+nYjr~{2{(r##wDt8!H{bvSrqQtX7KhyiHmC&V(XjUy3ET%Rs05bLun!hL
zyAM2sx!AZj%^izD4TEuYWYEwqi*LQtT_@ZTfg={7Tu^~4jr^4%`F<;i?IR1~X)5Oi
zxT?4eqBar6*Miw77p9VqssGvKFda=bk=^~o)5PYzKb56fzhOTzP@Clh)Gl-2R&gob
z@B(*k57rO?f&@OG_V7DcL3IRFbO?bJz|+5h3fw;xPk{=9jAZ~!b|0#_&wfYQJZJKc
z7xujau!<6_s%izR92~(uIAGPxBG`f#Y+)4uw)l5~FM!W6%ofbV)1VPIL}xN-@+{L)
zvujO>3Y>-){Rm#&)8;EkQ|Va9gB|_m$`2Wff57}|R~3?b9ys%8X$s9j)oRy=x3KE0
znNm^pdLfj)(9N=wXk4Ib`I`x3#;Uy>cdzQ-3S+uIvp$;{ep%=?Qw&~8z)LB32?H<R
zflC-nrk~1U8fbk`;bsPhtMC;=Ab0y=i*2UE@D|MTa(O6bC3M{WmZ2_A<I7pufxf%h
zG`t06pxh3MX>l-q2E5Rs@#UiI0LQ~@8NT$XuHZ)5HK;NfiaGvvJm!v}VRw2A<`?wC
z#KePGUem>cn8~S-@lJWf$Lvmd#i!s-`NU`UPPuEj9K+V%>|VKQtGeROV6kw0OYlpn
zh~m^z#rl=(7rBA*ijxqgiszQL<&1vmJ!WDQY8IHwe6toopI}*-=31!+kIhL6-BJpw
z)T+*%DwgdRm)0jErcu23r>$$>78{tDlVF{h!grBcQW$I0q$kQGDlxHKDz@yKwcz%%
zOmBB4OQ%r+`KRq`-<B9`o0Bk{na=Mbb)+!XsSQk&g;ZivxKte3H|xOd=a@WqCWod`
z!uhA2Yu}a{m{^dApPBCOB6X)QHmFHYmi1L)GPqP+**ELK?dO@Ab|#OeQR4Zh-D}^L
z8EjjSn4X#5?;`c5FgB?TOqO9+Ve+|DAUQM}!0i{95Oyc=XHZi4r@d?6{xUGJBndt<
z#oa?1N?~kKlb$M*sKOL?slae(HiFwPGQHiMWSc?B;h*-eeOqp@ZAp@UW(wJBc|KU?
zSA|(A4Ch*6QYGO35?E^~bz(}l*CH}l_Ol9e&b5Nb0Wk?aw!}2U%Re1dYk7EL%DU&R
z0W<4RL)a-Bt-|znt9b0Nc(gfbJ>xf>WiV|;^7h7*f6x0XY`0VG$zd5vH72cl#Zw2w
zcDTX{s`O27KO!Nt%m$$yzC-c$kewIp-;%m;UI8k1Kr&u{tf?O$D?a}BrQA?2me;?*
zmC-gXuL%!2;bsB`&llGBZJHoZhl`|g&mWCaNFFyc%Qgzg{&xbHH-|RO>-nN(0jxX;
z{Jn#NJ6hjE^>HI@Ib2A8rcbsqQ1(&zZyKJlNObDsF58-(u}A>{vK<h}00A`^d<Fs`
zFpviV9WYSrEDmVq@#hyGW8KmE6{>|>W{2fMTBtM8YD?Kl)v--_#-ag05P1Q}gw;gr
zSIPkXUNHC$1mcrG5C>+!;0KtQ0)lKXGi5c|T1*+sFFp+fRY1@S22EgQ1_*wG888?C
zGqZ;itrL`C{JmhX00iQ5K(GO3z~BJP%mcv%n3=DhXhlc~;ul{4f`=(V>!zsib{j6=
z^(F4a7MsJQki}}p{<Q;DJ_8>|RQM!KO0x~uHv`wCveSomGmksiCt5jDnyEStvCde+
z42lE1_<Z=qSIBm>XyCfI>`t^Uq}}Y3t#T<{R2@g+XDqP>r2)-+k^JIo@jF@^0Hh3r
z^p^n(N@=I+IKHv0yyV;5V}a4lQm!3m)V8{&*gC|)BlmEQorY$$1f*(sd)LJr0{#nv
zQot1q11oUm0ahRdu3!_`6F;!0w5(QF^%L7Tcn}C;yqigc2Z0+K1UAMDZcGH&SltG&
zRuXWnX~0_5!L|NB2aN~R_5sbaz~&r4^JK93FxWf+Xf6pVGy)a=*8(lMf#VBE0pqU&
z<6rRs<HNum9RoXZOIbV4gb%yUoj4`H6G6~00I~o<5+G<30KNX(f|x-~dVr?7UO-bU
zsEG~Gqz(%20fol{!v7P3_Lu<Svw-lLT0po1D0~kPKC1=@uLXqLIsn2`0MLAxO$F77
z?SKDjco-;gt^rD<z>-a%gdZ%)0%!d{gZ`9&beABq0j&GKNl5~Qp<%~mREJjXV?K9`
z0F4JoGY`;QRranY{##Smt&MBPw~HFbmv;w6m#!Wc;~*;+$l3?6nt_d`|MRAtptEbo
z5_FZ9uESks0`s=kiSXCSGk-DFcfARW<y-@dm0}Ja131<{Pep>M6#&Ik{l5;se-12u
z*)0inLJDq1=)U68bpzNF?(Ov2aVoGPffI{FcmTMtfkra{$o~OUCk3<~0Hi|ZK+zjO
ze_VcGgj7I{z=<uu0BRc;1^}Q^A*ufX0*6Wk^a+3?21o*+kxuR}xS&v>KTLpZ-2WZq
z`exEq03yi+g9k){NDHt#$Z`b2>;7h`q(ASeeQ<xkzX?M3;LwfW3jW=x*6S5uc|1<w
zmgc~n0ULCLfs;ys!w-W^PQb0#|MygCR^{aln0MdUG!uY=FG8H16XAal0Vx2-pUVFS
zumg9n%`6}!U=M8L00>O21=Y-gYW4s%w&#GF8kfHY2E%m#Vf-Lb7|5XmmdE`qQu|q*
zfc|4v805;ecRfG=0?Y;fo24{B5wW0%pP-0MK-b@C3OLrG^*<x%2sEB7u)?4zz%YL<
zjc_<U|J?d|G}Zp`@yD=n2u#tLub(>f^2UnFs&_r?_^Xb9N0KPT@#Qk#QXCwzj@RjW
z_a^Mk+Ht2-8^G}g>UMJz{})~&16lel0Tvs7kcAy&Nm>M1umF~|Wz~GNbtI6F1mvr3
z0{KwDBBnn@USJU>SfsiD7X7WDhfYj@tP4JpbtF;Olpq@~Y5{nAbrT+JeMxoUE8GT<
z+qPZ}46$^q3h4d2g1b4&yQXZn=KYbb`bT=<pGg&gNhKSAwCxcQY&|Wq2*}>Lw69lh
z%+m|NMefxPoeJ;X7;L`-Bc`kKZ*ZHzMzH9v9w<852a7!Zsb~r)YIivUuAGo{Q~rM<
z`QJ+G3>pD~f4H8UfHYYk4Zj=MdlT#}r2%wwz5+WAgB?>qnSX027AS~)W79+c*BN-i
zvrkIH+VPL9qD#L2^r_|6;kDz7gI}Oj15kZDpxzx+54+@Z+`s8vf9C)_b{d$4yHeSn
zv%}D4Z~vOqelk$LaSSkC0Y4pl1Uvvn_}@0Q?B<HIeJCIhaOw!TSKEFUAOMV&3J2VQ
zWp=<TxB%{mUjwP3kpDSVEzmFJymIvhx*7g2!Tv(!Kc!9<0DgXu9~b2J0r>xUY7G3P
z%=sW59!cd2I2LHYo;I5efV=d6A$4=`<B|``XD9&2#Z7=8xB9Fd|4S(;$AjzfeD@pG
zBkpZPT=)Bg(J+{afC2wP^S(ye)uB!6dOjN8#jS|~)P3(CA-FIfv__A<txk9eU=;us
z(mMB!mH=D}_t*)?B@S*g0az=oRBOi+XDqPwVgP~*WRL&afEfgr0#$!a00F_EioYVL
zBL=`G0Qj#8yn(TZfU$}+fw544N_t={^=4o!3}7rpV4Avrgy;g0=OAPffOG+nk01n?
zp)LYoi3VBz2P6+<X$K&$KnN)28vv09A=&^75y0|~5MvNh20#E8aeWko=mQW=5CS&p
z16ckM!Ubf51b~+Z*8yYZiVrYmU_j-@F<{KN0l+jkP;uh)_YN8crUMKM&>R4!+XSY2
z4NjK{Ob3_)aez4htl&Qy1Xy7fpcN(oT4A8W_!_jrG65?LxbFuvfqvOAV6Rz#_L>A>
zuK{=Z00^|#G68!HxYGwfpuGly_Hm^W;n(0#-^?t~s<8#EniNU!HNdKI<^il4sVtBH
zuxj{||F1!k022(n^*^xyc<&?t-bT;@dJXX2X9B$Q0Pk%g!0Q1v|Nj*9hZpSP3ig}_
z$^Ubt_JKtMx9S|gtvWYws}AhwGBffor<|a`&cPFK1<zw1Je@zs@J}gQYao@J1iA(Q
z>W>8iy)hA(hum?(_HpmQnZE!p-p7Dz&;!>H|9_o27N`bX8qmgBbF&7@LC*+ukN{C2
zBVZi;hov?E?+F*|p9(lpfawqqm=1uh0YC^~I`jfJ%7CoDTaY6ZoD4AV1V95X0C4#(
z58T120Bh291F$A>L2EJ<uqFjgK$AcKbOqKy#|HEWV1Qe&aSYf4ZgU_AGz<PSf$mq2
zp?7c}kL%j|+ikeV-4QPI{%l?2?y3@cvmNVkd6oqmyT5{ezF&oVT<&XlTwiV9-;eHl
zOhDak&vv)(Z};bKS9{?1H>;KRH?#X5`yQ89r_=X0Yhm;E3m!K|yYue1t>g3Vmq+6k
zP><`?ZH@br;Ua+NY#QF^dcBF;cz1I>zXb8P3}g1V+B|3QxV+7|zqq>AxxYGZygSN*
zx!=ccoL@K6-=8+_LGP}|=kMV2cSox|m5tXP(w~qY5F#KTJVZ$H!BTcz)-DpNM?g61
ze272|WF1YJ9W1O(Yz+1EY;Bk|to2N7nE!mi%H(Kf$^?GBQ*UCi{2_wtN->z|s@=u2
zD~+*s=V)&_OImHTp0}xgN3#aLv*c=&@jI%G%c75F)!OY%<E`+DABh^p%gYwaeI#}@
ze33!tqbp(EHiG;0{a29^D#Xso3RgQODMVM-9xAUTPT?{c%jMla-4zvbJ*8swl6z3+
z#`3Zw4wF@L4Bg$`DMwokZieq~J^bN(*Q=?rPo)@QdpHy{x~ux+2X~w-fBDmmDyz)g
z4o@<ds^@eFD74zJKi^(bOX;x7>Cro8VmkidZel{zt~^OANUP_Ei{GQNw$+fozc9(>
z^p#DS#;62;zFSZvaA-645x&5;BQ6u!!EC{nu)sySjKJL8FuZc__0}Ts9hZBXJ6T%K
zlg^@$T+Dc&9V~MHKIhKH`cTSX5K=6mI~`Sh`TW7%C4|5urf{sU#<cv|fySNIL83*F
zNP^yl)wwQSC3%N;uAl1Y$3>}R;B%g@KNsHpVAO-9_2hF(<!o8|<aHT^oZR6~eSkxg
z3NOp$avq2GAlXa07Isoiev*kmYI^?yJtRI$B=>Rca_`Q1+KWU&_t<J$O(|pD8R-zq
z)*`$Vy{aZ=Sv&bGm0g_3LwgC1fq;8|Y}*;Wnp=wrK~e0~pkt^ZCjWhcYx8$(Xv2&3
z5<>DAJ=2a~6Hx~QFM>TNI<A*m7d?JkS$;m$>9mVS)XpLLrAR?vfc?@dPo`Stlve(n
zFcXRs@7I@RIJDMW*>>=re;dkJQ$fzaZS*vOb4O7BA$FtDUZ3UTS0=fPmxF3QvNqqN
ze=_O0YQ`d^Y&M=6n;<26%ZQL`lCs*WIfZag%19n!#;)6Xz;{e&$TIm=uzAAdV~Moj
zd=~Z-4vUgjVP#BD)fnY-hFp|OtJP#;)rw-(1=#oaxl6hHt<nNb;ucTS8_V48ns?vB
zgw{K~9e%V<MPyt^$5+23tm{3{DdyeK#iU0NM>3gxI-w-r^eIL*{}budn~WSpJ`W+j
zk&-;pJ0-@llSKT3^p=gYBuK!_rX&kJmr<rdF_oQ(N8^I1e8RGNwYcJe83q%S=jFCz
zG8e*VF+#aqx%c8L|5&?9>i2A7zoZc`&l)m%^;CMfF2i>W?mC}-`y#HTFgoDcSefIW
zIgI39^<4+&Nt>9jRevB$g3%l<IxkjJq4(-z@~5^>VaLlswG^U@p_nIy46;?8F&P@Y
zef1N^%GE>WF7}l&P4iUMK7Ke<@@?)(pC8U6T&h4Bwm1Scq3<Km>s5Z#DnJQK20~O9
zecSO0e$TlgoA#Wo32wfZ<8;Sx`_Sx+$&r_PaI>1{6z!x@Q!PljT>sR%eO94<rE@_&
zlX2TGIBceZnQW;3^F%@UyMlsHYV;RclVc@~a(SM&cSn6C0_!LgjEOR6_20RJu`xL4
z=78r?4k8B3bEyjD!@P~r+;#W$rnD;DRwsyjAl$lB(l>8thy9mCr4<dI5#wX!7@`&G
ztQ0dwZ@6t#CfH%vW`vI8vKJ(vKE^lO{ApUIpEa0GyC`Z7D-a95Myy~wdFS1J#YmI8
z{|!Rv{)-=pA4@SQF2^C^D<YdHJEPmsGeTk^S)(}F*Gy(%qdqA%4jcBV%RJ@V={BT+
z41J%E_}0HYb>Vwtg3yQXduN!M(aW^eA-AI0!_H@R)<ZINO%wt=!zcaqvvBA77kbIx
zv*#X>`R=Dfv(4p}{L6MlFrGol&l%{q5~<Z(%-$#kF4q>jCw=297}B3*!s?eo&FWy1
z{Y@syXB{3L^ze3HMz({82Y4QWk58h5lOW=XsGqkp;X_=OMfpTpN5gUqrBCz6)ZAIm
zk|&qt{qA@pJEiqL=F3&*>Xl0liV=-G`8-JNW0FYaR#1ws_>vS}9Gii{;cvb*M)e8l
zSYqKPaS$3BQ(Ds@wOCfZ9I3oc7+xMmelmlfh^MuAqrr!0ssMq9bE74_a&j*Ss1e^w
z$?LCn*A&f?g>c)YCwM|Ec&uPs>AJnxg<6)E=Vn5jDA3YqnxDk|aqT&Ervf85&hRiD
zly+H~%gXGD4<#{#Z{1BXV~jk1cyVwozb2i~?UxxHmwU~dxqv0`*-y1e0L7<f;N=XG
zMypkw=hFhYr|+fMJLUD;EM9fH9Hzj0dc2F*I|uj8$mhu(r{NOdxAG<-avrC;FXJ-5
zxVRymp)E)x9%HCfF>4&xe(3>gFE0D3=9r!xl`G+%{AE>((vy|C9koGs>Agq<Q=hLf
z1<DV$j*G*3nWzs@EgVV(k7sx7?*uoH9Q(Q&PfbIAgh`NjcxXOp7TtFr)?=N%cW4{C
zeUsu{_i6lQV(E*SnEOhkQV4}^BZADu1?wkcseZkDdGW<1Q39=X68Z^>y;ULK!>B4q
zoW~(@uu4-1b@BLxOgo*jj}gkecyT&%@v%;LQ9v?;)0Kbc#xXU%-qATk9Sb6cX^WOs
z*4=zF?tg5iTvMjPNvb*HLzhlsabeY%F%YitYoXk;sM^M_I6vjFyDsk2r-ZneV#5Bk
zpPqQsFLu^^==tfnY3!wPi<=akI3v=oh4K9R1uCxc@2A~iFU)Xd<WK}Z_k2>6{(2#k
z?l;oWx^jn26?gM{fD8ZE53j4%s*K`;bb)i@r~Y`;J-<*RV)epRX{T=Js?sm45?dD(
z4jMHzZ@%`hBQAG-eBp3{2xUS%L55<K)>k8@ZbekM(ojx>1eNYapuG5wCDzq*vL+{|
zM~Ab}d6&OqV549UoBKJK<#F%PKL0T;F=wc(DnIApZ`_-S&X@j!2Oo;rDPL^d7<Oyn
zhVs&+J~>>b4|po3q>*5DpXP9~5jKW<d8-h7Y-(4uuaZl4A(Je_PRj27Ncep-@CL^@
ze{~?k|5&Z7JC4H`dXUbYg`<k`5;}LRg1N^CrRCVtoi6&slK*Nl|0T-}DSSX`FZ8nn
zhCu;7Vcbh{7ym8u)C1O&F02D=^&q<%6$4yr>R~Ko%omyfcJb%?QAvT3U<nK|s37|{
zpG}gO{;7@R+U572(By8Bgh4#@N{hgwlOw!miW12kDhM`3U9BTu)_gNbq%36^eHKDk
z7=yp8QFLZ*YIUZjzZT=%!Oz|6XKCY)Gg$upeEqH6dIUSQvH$$8;_@KX7G;+lZ~gPM
z6UP^%eo+t^o?nREf^Vvph7N+OhnOB_kgWFx4mutz+tbgOn<#9|HbZTekoI8ioIgYy
zE(de7I8o5!AaEYORFY4xLROZNxa*y_1SOZ&MO$!=^vn3Bf8l=;!XYcqHWNWIkZh|+
z4YAkg&24T~!KZ;fTeF(&(Z1mMtzGqIU9`4lIYXLqz{Wl5x6VcyC%tVK)HfwWE$Mh!
zfcHDTyxyvh;g*8V&c~vA`t8gold~v7PPgVOj2==4O6(@4G&LHmTU^xe047r7MTaVJ
zOZmj0pAk<D)JU*6_i?r3e~SG?+1p)n(=<4wrVm4=L1fj1$kE6rK0y1X#xfGKuZZ0!
zXup{oIQZZ>>)|pXZ;)F`p?C`Gfk<t1_zzNoARNjL$=M=^u<Wa%nJG8@8&27;m*vHa
z^2HUd)R#|%x=xcD+M-Jov7X@_{(MGSiBH4h&@3%fk36VpsfU57JuZW8szvjxgM*rp
zTrU<=M;tk!i9HL`KX)VGe3`bDhq$IRg%N-1OBy-p5{Xc3fu`;d!?$SK%M=^BQ~9+Q
z!Kpg(zj+v`_p!*{vpP$43O2((f2l>BL<%-SN42DjdlNoL*%cdjGOZNREibc08)C$F
z^Wk?r(!<#exj-mJc?}Z}kM+!9`eR<(`AoBE%BOaL`04{4DM*noE@d9UD81$%*P~bH
zlD-PtNBQ|J<5lW?i`StJt=v)(%!kUva;mvKZ`*l)^JV8dX(?owq1d?9_Cp~t^DQ}L
zTCqxl{jb3b0c=sWY*A}-RK@O|T-Kvueaa+<H2$zi%S)?hx}PnfxkM-I&VG&3{w&9p
zS-)<Fuv@~o%%r|j#qin{dry!CL~%XK$e%(H;x-N2Qr8}AowCl-L;WFcmbxGj2+?px
z#UsGr6x!Wd9L#?$;KyLvWc$usJYP3YN+ZrcU})Oez03`=#~l2=ri~PMJEM92WK0bX
zPVGH?6b!{x8q;GM+ZEi%t^1rR>q~;Qnjf(7{zx^MoCN(Fq=bj?u{Rndhd4-u_;4y}
zs=VkuD=W*#9v22wxv$L*T?z}GneWwjyJwrjw^z~fn4U)Y{*Hz4V_2bfc&F8SMvAGy
zxI*_!bZv7bZcEL3Jhg(FlEty|CGj1FhY~DtZkjSWA4qHY=T0DB+Pe@wR*y}F2stB>
zy02`YYhK92(s?cltJQgtGHU8+tm9|rw#RmokD(Qe7Tb1;uW2)>6bLKp;$~aRAaBu3
zeD0Grze2zL9R{aBU0$Ux;h^SwBURo3)q9}RN2jGlkM%PHHsF=y_)&$Xz+C*L-UX>X
z=~doB^>L3&wTz8{vVA)vIib(%1__q?m4ljXu@cXKCK%l$xsd#Z&Q|L#^Z7gPwYD!c
zg^;ttZIP(DFD*T6RZ!(FZU~wg7e&Wi8U+4QDKV$b^`&*9R`$7THfl^x!EooBt}6Ox
zwT1+a6?au%8}H5UBAqa9TnvqyL>rkbotrS3m2Vn#)o(FBJ`Ql3_XsgnbJsOp`Tli)
zZ09I0UuVL9X<37&#A-=Dpky&ZBM<cs%RUV~b|O10M0I0dEu<u9e+~F!EtgoccRtfH
zzq(yf6hG~_mdYy)SEwSz2-;1Kt_?QRc&4Tt=d8-0^#m2TL?w8?P?BT*RFb1_7QHaU
zR)t3{krh}QudZ}C*tki)9c;=dd1HN#J~eioiXe3GV5t+bIs7X>c)#ZHFEwtTGXcrE
z!|%7tr)kvXs@e;m(l*LC`~?T@9Bm48$MUITz3A(&DeYVK9{hTdXuJ7L-Y!o31Vt!$
z<50l@QFN%=*B9l8UGCf12VRV5?4Ii=zZ{Q`X^Wj5p@qV4lw?f&s0q|3Pdk3g-97(s
zyXu{)dore})?DTlf7aY7i1-buUcC7Wx)Ar~?dKsTk>=uyl1!PKdj&p0sJ58q%|o1z
zCF^5ImhB5>*bGk)<^8^~)6lxxu93YkkNZ7>A~d*JqsS9<@Ok%J!lLoi^DN(NdUY1U
zgs}m-0TH~E?v}517QE;TQxLec;uW4ijj`2FvdK-Fx9+}cs|@{!icN1vWrPAVBx5t~
zzon|4R>kyfs2$*ROMkoaw5FbjDpq(IS2HNs;gC(?iy}p#iBAVb(v@*!DG`)EJ#b&{
zbfqfFv0{!TEkpav@lp#lG(KD`af8g9PTOFspeqC)SMLj^qc6@7r{;?<w^1F4yznh<
zO&eQWlDQk|FFpkOJfuW}?Zd58Gb4JmL(fp@;ZZ81L^qrXeh2AFS>}dnI<BAXjQm1h
zoM1gK+#m6o&=d=MD6TXS)9P1F`cV~vN}XV*#w9_lImQ}QG1tzi?)KrsjpJbC)5B$9
zDgU;xJ3caeDC&tWknCZifh7&N38pQzK~r+lFJwYOl^6$`wb+>0DG|GJAq<z_u^+w6
zEnCAvNrg=)+xWNi0}O$pJ0ZeCzV%=H+gihf-ym9jd63RAnC{q-0el*QAK4Zb&T@$t
z#Lp_tRg8(8I-=;y8SMTH?`WAUP(@os(u~r>@VirGj%9dbvb$+ci03-qats7*5_x=O
zJ*;qfvmuxBCQ*wNdG4*?YNy26xvAE-v7Hs$$cr~6QL3xqr!wn#Jk~#{>-Vhk<VTE_
zPxPLPdAf23*|@(aeBj^R2PcB?8vLBAbNFOoti172J8eto>tp+V={6_mr%*)G_*Oyh
zW|N>JlWY?Ae(82)vjKye+|PuLCN1Ci`pCY$hVV7r)=Nk{kq#z+2X{TsxfC$Sp4&lW
zDz#ojf}?SI*Y1=uGGdgCGiFHYl$;WkqF-1=tA(oRe>|T?I*RbN&+8}qC;;2LJomPY
z^VSdjRl6V2*A&<yK7n=fwLhm1f#63ojP7cI{s&=V1eRhl`$#e^xmFU=Bjva>8Mblt
zSrq!9{n(ACi9Q6i+5;3fag$bk;l!3gio0(=Flu{#Y*`Z>52ZqRMNeNwh2%Wa<^HHO
zNV!JtP$(%U{tK(zGh(xZ=O^D6L=i84VMEUxk2-jws*yiGMgO6Q)n2WkSMF$&f3!mO
zj;lRUCx&^P(1XIB`(fg#aHJqyn)ik?2FbsBsk52t<+1a%vwrdm8b^0s8HF6uS5={N
z81myvPf4B_yjRE7S>4orX5%lr^5xB7YF5Or%_o!T+&53zqe2C>a8r}&O)>MGLvYK(
zl})gJmr5E2kO>(b6?9lOX)Zi=Gpcd946kAo<`(a#z14RSt0bbTj>x{SD(j@nB1&%`
z<l*6ox8q)YN{5MM*CHg{lZ!EGo6Js#4$aXKOG>&JY2L79j?bu+acD61=<H-v{&9F~
z*=&f$NY&W6f!%JG$c(!6u1sl^iOeG-c@VwN@BK=jGJ4Fhxy^Jb+dJGHasnpRJAdAQ
zkEV<cHu%UCn0vuGKfAj6q&4^rZzH0Lo03uqogcDgVG+}yuo`54Z}7vj>6UxPTS1ze
z8gQZ@uajUfjHg*tMuwl-Ax+Q!pfu>VOUq75ErlyEil0*znE<~q=6jbA-BYV2x4PGb
zl1-us?DjCdS9t@O`f#Yp=m@UXR*j9n@z%TP2w#}qiaJA5=Q}nzWn9ES>(5-qMzc)6
z8G}-<u9lyaGa}aZj*Jt^`}vfitYei=`Y35nNAbh}PqK+ty_VV0i6lRLuGAK5DYGo5
zt<=@XEtGu5*lSjvtCtpB<GtB2*-wPO0`b@B^DVgfdX9Y5o3St*rb|oFhXec-O7;=Q
zEEGxyq0P$f^u7vm_H4tcq-f!~SHgL?mopA)j+TxrLWmcPw#b8lhjcU?lD^+w6U-N0
z^1cw0C}*Q@cbY43{lR3gz=}by<}!!9o5bkDGoZU{y;M^7__bL1OMcmMOcs;c=hVG<
zy)xP!LH4Iwy=PnDwKzi6H$GOR4Lh$wvvM(uC%N0_2o^*5raP`vNauQ_ojfqPNTsWu
zZ)Hjh4f!rS)X4F9(D_|Bthrjrtd0kZ)kH3|ULp}4YjjtrH>-}5!@%-mj+(wXIX<je
zX7`R`ghp0!#>s=`<5Y&>&etRLt?u9z{SZ-I8ZLk1^IDeya$@qw`UDJ|{Od1_A#8lR
zTtP<OdaC*=ZARq^oU>u~t&@V>UlM|FH{Ka-ahQv<Dvk6F{Ep~(p2Cp+E%oI)Jyj9Q
zr<&weY1Va#^K%gosfpvc5WQ0JY3`j~GckN0pJR6Z&=O^8?rtil_#T6NU_(;q3qvU}
z_1madsHNBfU!LeHvC?D;z0@1`aQ1a~?A(Y<7sMuwq0dI!I`bLVMhF*f4-4NTt4b5W
zrkIUevXNiS@06az^S49yClyT?&<bFn2*Sg9G&x0<jKrT=g^X17jvmTY@agHn+i<O9
zZ+=U&*_4GyE&p<K{~v;8{$0kX`JlDYTXe7MUVpj2F4g!|>i&Y;STiihI-a=UgW6jL
zq)r~h>8+<7aD`ZnzP!-PIQmTK^?v!!X_4yE7l*NmKK)@s6wfpEt$kg&5%HOz<T_1H
zVhn4wTQbE77_3S^$UH-f{(eAmLEtKcd=>K~{5YKlEnMdty2_-=8Vkxt)!)KiMIqPq
zP`E!Tiyn11kJ?WfKRqS>1x?J0&(FRz;?Z%;JlPx9tbW^y5FU{Eo9e-uv&sRjXvTp>
zZ`X@aDy(gE3R7G<o$6OTx+AnLJv0&QFs)`U(N5?O3Zb8PN9l5YrhGk|MZA4wrDnv>
z<2YNooDxbiXx>UPm3cCqxaXlJmx?A)vE)m7KL4Ug<gbP{i}L=>P=>Icl3Zb~gr$Wi
ziI-NmH~(*YW^|YbK7L?-vFSU~4;}*ay@9{*`tjuR#%VO&GmLQ;aMZF;w$|5^oqw#;
zK(7ejSa&Lid}*+CW;v#oDDt|F(2DkDnR%~i6URYf@De=+@_GtcfmrYGdn}{r8?%_|
zuQ|&5`qS6k=*bWx9z9pc^x{pN9I0_0@wa?dvB!_oEUvjtEgE!{U|P7A8lIipZDP_E
z(ejjd+Rk0YkAxP4%a?~$ii?rC!}8r_X*Qm>YGZ5lrS7YcQ$S10v+&z5B1CgpuNs*m
zxr9prEnTR!fu=_;Mk6PW2NeV=Cy0qy9RnQD)%49CPIcw-(&*)DQ0|yS=0c*(`|Hq_
z@?XMt$PVM%ZDNQGnn?QxvYhqdH}DJrq5I9rERP#kV%Hz8+{%LiV$O%<@k1V&%Jyd{
z6{y(I)t&vqi_=NCQF@Jo2hVjS{Jz{}7}oE8cdgOiJ$3R1%ad)`0Ml;FINFuQN>U`a
zg@@Bh>H28Bpo1N6J~6#}W6#sqmygJd=b@A8o|?JsengJ3pP%y16WVZz_GopgNx5Hi
zrg2wGa<ruwoQQm_oWbv=kqdr!=Jj-a<fjn+xDh_(Pg>h-rp2b}I*ic}Khk8nDec>%
zShRo8!!ufioR&7ET+^m@Xv+9{tJfi8^4YyU@9|FAX0L;RhkDB9kvK8Bc|NWI3&NRM
zsbS_axhd750TzmNdK;hSg+vGe;=Si>=3e8~@;FA~-hNz;`&p54^>?!TD>n7U^aS9<
zzYYd(#vtlFozlID_Ik*U@+5TqQD7{Lep~PG=vV_gJY<eSkBl{ch2>lM=>vTJZv1pp
zt>)ID_b$q`3|<AFb_tsClw+|lx$2w=4s6WKo?nYLRvNjkucG)6ZZVO?e3_6Fagc>N
zGOi%$7m})@W0lwFDyc4_ygfRWt4H{-Ci%+Y#llVYiv}4IB~sSk;oW(2?^5^W3$!E<
z$wP1hnar7(%;z0gSM8%O3;KBB@3XK~qp;U7ClRDy&KD#mseUC@;J18)+IdRMj&bsU
zsR*lw%+!MXx?J4bMxL2lfo+1#cQz-#<c1ZBa8H>pK+}@*8-9CxTg%2gq@-_!IseiG
zxwNh7)8mtsPZ9lhm-pA}@7>HA?tk8xyYKBQ9+2<(-7ocBbj;!~+x?U~nq8%HbV9tp
zmz^U~ei;c}ZG!zM!LQ@(>mxV_@A>s1J1d;{NoVfEqTXj@G13Q^E%glkMV-U#Ob+Zf
z@`)~`p4ZP?6VL-Rr-s&al4$t+flo@;g^xb|8p_?ZrDzKge4doH&@pD8g;4rR%o3O0
z#Holf@Ec#o2ij*P>OI*~H5|%XUoPLcrzNl@ujqFGpVL3KXM%RyA^eC{nR}<QQRK~c
zos`eggv{`Kx7P1lq5CugNsT%QG$IpQboahMvc%~!^<6wg^eqI1Lx{;jHhzZhNa697
z<FI(aZ{YDBisKg$KfLdap^(*yuB4r*ny@>{&9a|Pusn&S)y{Y7#QP>?5$W$CqTDx&
z&eE|G4&SLG`4~}E-gT02Rj<4Vws04iunA`$;UaI(k~2iQUDd_7Kntr@ycotrr>~}e
zOB$;8%KGgCI=;-?<mf}-QQVIsD+rZ4;|_?e6P@iwuN!~!+WAWo1lyJg2tMvrm?JT;
z`@+zDwAV}3h^sx_-~BwLHBvIN>tq+kd6l;9SgkZ-961Ght8GBSZ|m9JBR(1;z+Yj(
z=5?ir#zSQCP9yg?XhBItBa6#&ef>CS<7Ue<60UyA`Op;KR@ghK+lx&^X-l{Cu!!GQ
zxvPSJ{_riX^8{&(^!K-uc&Sf0DeLh9N47;?nv~uwtm=BNc7}e2GC*wK+AZ}cD!#lg
z6PUiah2EX9zjv^>!@<<Pl1RQCrSeR=og}6Z_!4bYBFMAi(*XZKv18bOY>V4?Oy#lQ
z!kkEoi(kKol1W=@3UwGTL!NGB5cKC+Vtx<>n_u<wY~TvI?8-4oZf;Xqyz)Bi)gSM8
zZI}4cY$>v~IxgwfBAwG=%#C0yqlbq(Pj{B@MuV`aYo#@;G9PDW{iDHrjj4nOl5Oz!
zzE$0i%gnVql9?|go2-XfBj_D}Rop*xKr-Z~Qm8u;xJ6C!7w&?dbWjQAPx}$k6m|0s
zMR$K>y}pz_<Yh_FEMM&OH`Vmzb%iwGeY)fg41jD-LgmzqV8ctY8fpnw`yc7Cdf6U4
zQIGwpVDRRHO?<MG$t~7hHyLeC67~ZgF`69;_As2r$qhm2oSvR8!W>*d@d(+(geNf(
zJh6=vHR4MN909j5xO;JP6Scn)eqt9y;3ZKBrdJ*>`Ry{Zzwqtp`aOQ*S7y?;SCef>
z!m;~n;oQXH66i=fnI5+ucQ+z8wr;nJ{1f&|Yr|QXR(3WvPtDg~L%%^9XJ%%4Ed=gQ
zR)_VZ9nW>QM!ZsCZVwE6r)wsMP~P)=TQsBj=swc^iP(Y8oVI^D`N8#UQroFQ5<4mP
zDjCL%YBb7`DXT46gwkX(cXHeCR~3)FTnzeBH|}^P&h7V3X6hU<@|W}2`fG&rL-4~b
z<KcTm#a_y$aTZS^&Q^GvGNi+KEo`CR_|yfHo=_kugDWye7`p$2LQb)zWL*^ru^Ji6
zE<K>sDE)Qwrce<Rk(-<n34QXqVkn`9-L66U2dyzIf*oJES_S&VixW%#X{Q)%7Q)Nc
z%W9P)!k}VYtRv(>R23h7^B7cEE0HF7eNFc<yrREaxz37<(}YD%ahv^9aq;{@MOk@w
zZke9ingML7$~0(ghvc~pey<682y+u2?}PWOKh-v>B>N)f+8LX_$(YL~sfNo)ahJXF
z&OPIy*IJ24w?8g%nfT#LSV|LKJ-YUogC-DWVmzqh71*yeIJ<<e>*IX0H9DHuNh6a)
z#3p*B$K~hwCXn7AqxV|RgooFnV5t_1Hr*;V-VHbTXcvh;sd&LSsp8$Czha~q3uHS_
z408j{@YvC~&>f-Y^d<mzX{j~flhx_sG2LP7P1Yx?V<!Qq$NlQrQqO7ZBdNYoUGLt^
z*vc!&SUjm4TcELSf?0tu4ZiyvDI7WJtM}}_7{%wqcsKquj32aN=bvJO&2iQn6JgV-
zSj_JB!f5LD_t)$=dYU3}A}Q{lJ+4;KY;KXUEF2HVJ#J70s(1J9wjGXP0`alX0xixv
z9Fg{~V>;{bNe|(4EoC1w{k6ODS4%lV6;&~&?BcThn$Oe84v0j>*2V=)>zwU2*BTL>
z3;G3?-EGfaE5Ak=XoW1xLJ?##zV46aZ8P8JdC#NSQkJvWT%?S$v8)?U@zC_k;f>>F
zw)PjZp-1OgwyVlJ85ELXV^79;Z>6DqYSAU(K(43es(LR>Kb<#N^#VEYt4v*QOd_&*
zz@7JGM#Mw*%pl?C^-2<7o-1{B6FsHXvbJ8INEx0G^XnG;Tw6#RDT=eQE}+w5_o#zB
zpW!w|zMSn&-Bu_(KLAE+{X`spLe4is=8!!0s=`yF&ac>MpL#?V4cST5!}(3q__nKA
zby1ohp*#nyv9YGU;o&o{hP!D0@fX&Z_m1&jGJFcH7JuqtUr8x=7|OVx)(H1AA{V(w
z75m@QF{~V@ke8%2dV4hxLw#hbxG>%mW9*om2yks$jjQtxytvgK9hADiv{~tiYz>XM
zo__7bK*NxDD`x+ir@-&c{mpO~$@qRz+wMBNa%roR8TwUf{P<kk-O9;|y|MoG@b-H8
z38s|_|3-bmu?6g&z6Pn*k<x>R@mHu)Im;`CJ&1s6Uy((T$0LZj$BkH1QKK($RW%`W
zW=6HH@pAL_^z!;#tBNj!%K5?hsrt<8aj5H^_1&F<Yfaq+O%r*;qe_zX{q`(4^!DJ6
z-1)XM5&o`<j=)@?pt14hU^O6*nFRWE`xsJ)QddJ<89Q*R2ouoI=r4j7S-@L6xE&A;
zDsQwOuN1Rr68Mq^VA&;fCfwjCmb(wUa9g)w*-iEFoR`hg5c?jf@3Ko-mIy1LYVNB&
zHcZ#cB477mM-#d@Tj~sgYZQ9m$Hu}6`<jTLt|{>L)i6a!zg9uR-DYb!S<5WbHOaP;
zx7!|b@-lhl+iSX{-}6}yDn+7-M%?dxu}`H)MK%i?eLUvtTkqAI?>$-^i|y#H*IP}+
zh3YUZ>n-I%s3f0!#@EcSV)8bDt4d^|xmA*e7D;A4f?2aS^6Uey8uVWAYW9Zi!eC%C
zhHO#!)lG?CsxlKjc{K^vgJKaZvOEIOam|m$t@T*xE$>!C?}OiGJbvk9v{%q<PCacV
z>p{WI9uVA(@wLuo&fDPtftMf7+@R`yx4HG+^~w^3cY7Cjx3{)m{=BetKV4kwIUOBs
z&yv#O?KL^>?cu@m*cMdWY;ZQqJSQ`WZSRZUB|TcN=X%P!w_ab9avTl~<F0qYgTE1a
zw<cuVF7zwIU>iG|rSYu++d9eH16}z*y#&OD>tD(+8a}J`k6g+`nwFO<MA1L3!}T|`
zN$ZG%B6OwlZNCS^EmXQxlN?Wtq$p<Q(&A_;vSG^OdMCN%`+i5hHus+&#L1Z`aEK+Y
z$c<~%`T3DWph=bbvCgZ`L5wx^S{Ac|E`1RWd|Wr+*R&<HVq_}mj8CFL`KrRz;z8LF
zvbZ!2<s0VsF!#H~@jjHHcSBfuFMjTn2NM?%R}ZOZ=iY7@PjVHrZ5OVeiks^uT;h3K
zsngi#J}+_Qu_T?UCGc$P4^tYPi0u{?^Yb^?u#!`uTC+718;EaJ@115}oeJ@wu$k4w
z{_M<EBS3ts@?Acyh;~@peQZ!NZAG-wFltslwP6XB3Lo{i^vtEYo-*uPb_7oPA^FzR
zl|_4jZEtF^-lT`hhU+ateftQ;v_lkdBs1FZ=%E*;E1u{sL_F05Hl=uPO3Igc8+MKh
zdkx`iM4BS3gc0tSgZ*K#^>6h3@kg1%;vqyXPQ5pVlRY|XqD|^l$6r!)>ZOJ|ud5gm
zg=bz4B_xR7Un#|9QY3Jv^{@Ek6fJ7E${{wQe-0XY);FzMMZk%F@kLix^JDLc%Gf}q
zg6hN1yW@JhGr$vGV;{i70#PQ&&E>95yxMgOX$jf|h<Bc3D+PM(4fPr|R2q%_a4BXQ
zT%M(8glK(~%1m}M{o<(Cx0qF~lFQ?3BSo9w#?UPz*;woMpfk*N(B?JgItPLuv36C0
z_>*gvw|SaKQn?>P_Vx_D=nS{-9Q$}r1(rNi3rMb?<1<3d%YBINm>INBPA)!F5fn=*
zZ^?7TkMKnMz57<|T9}7^Qa}?b;dQ9mlVA6`=}^Q0>>;*mOEZQlbDn1G#mDP}SU(+d
z|7mTskrV<)5(@pD=BbFKSB2ZJB)^`+^;D5Ac)km1d{p17rS6L~<p&r)i)7pj6osyL
zy03)B<zIi_Rj%g$MZh+>ph~rJb5hsBpJGbneq%gx-Dgc8dTxR~BZlc}BiMPIE>Zhv
z_F3j(FDdcP@OR0~DT!x(jZZKQHh#Fx{~+}`JHiWzxI|}nX7e(~FJ!F6Gy3s0TQ50V
zPo?QWrG*qicZ?k6hGJyBDL?t<Yd_h{jycY!vqtIGgH7{%sgx5#jN^-xZzn1!2EXNh
zD6;VB<TBNqQ+A-9B)(BqEo3zP8jMS5{blrt*q*OD>|64#tkkgR!THu$J@MnFZx&*Y
z@|_fBh283ZY}f{UP2D+n{HAThtgF*761%9pw}fsvIYfs>((6lZI`jL@%d6F#Ph`f%
zWc2GA9;iCnY($3ysNAJEUN=0n#X2GrrA=*k7<alD%QQEy3J6_^j<wCI6ZKSd9)7RA
zA-$PjdGG%Eeukku4yNJy$i|W24TZW|{EaX0*EsTJK4;}c=Sn>>hzyK_46pMO@lGt#
zNLH-mbykx<)V5V@U)b`pG9TS;fb`UF#4qpOMw*7a$R~t6mR;Bq0dAr$^|C!0hFwFQ
zTe{=YDSq*^DdgFH=DNDx<1+MnV?uDXVa!%?LO}j5@ljJJaR-`MR*3{{ygQQi#0oya
zhFF?EWfK=JI*gHW#;-Bl?iC5y?0VI`7B@FO-xuqutbIm$mM+Xp6Ikiz;^$uc=8m+l
zB1E`ylpT$T9Arx^u%xr;A~m5%<(1p{VHXdAEj;0uc#QN|&e4<U!;`{<fggwNViZYq
zJX(J2{ScL!ZBPoVBcMznew;6^Q*#n^d5!uofm8dM{_GZAY4WI8ja{vU*~4&%bXb_c
zG45_6>hOHN&m%&Cf1B=F!f~*ipw8cA?l!Zh1?xQdEMCj)QLnX+o<>k6YWF;4X1Lio
zD(P&~bS@gJfBjRPpF$>N>7-+kB!REr9{J0Q_&ijP^YKYF<bP);j)Foz++g7F<gfwJ
zIIAu{KXh-(FK6xROLNrQ!LRd;H6Qr#xTHs4NsT_?ctV~=CVq%zo^9r==)`RIyrByN
z`O%=uqQ9`iYa-f%l+>eJ$wq^h-_Ng7G1YuT>R+8hs;J5v>S5wnccl0$-jfT9*#4<|
zy!yQOr;mTQdnyx6p$v7JsVy&^eW`Z*)nmgbeH1veInPem1)bTK3Jh_E#s}ZM{BXFi
zXJj~!;M1D4{WCbRIZt#+?z&m+*8xcvsw1XvfeC_#gl%j}-LHDYv9aaXYFE0yEj+8R
zYbb)Ow#$F7z9$Mh<wbE}8@(NNuIYwN!6P^KBRyT>)DMh5`7Qa*tqS+L3MYwiD5~`u
zTVnT|=M!F34j5L;AtMen41bVLdNV@&BA;Vq_Q{MqCC}L#natg}E$S|zLCZ8@9PAt9
zw+GR$4pb#=NmReqVl&dD9#ZoLVBW<ctxRw6Z6uq1{AJLN!L5n+1mVJ+?fKPPlxL?z
zXXRL!&!@;mWpK@)3xyR(fk_0TWLw>nGPR~b6FmC0iWMp=`Mk;Wu`hDoe><#$iM!pM
zhFhm`K2`Ce)XuBadE6G$p26`zX4l3m{5>gKm{)+&;86U~zOvDH7^;xG-QYs*M24Mm
zTw?^Wgjz)QoA9(wf5$ZZ$m`@dME=OhdRK(V<OnuL_{WELte)!8_NrXAZ|asAPLa^=
z^o@ER4<9EIB$gHojIc49a=8FrF1q)GISKxh+{l(wH2<>oY2I8LkM!K}ZQgbz+CkVz
zk&yo@61H85L8j=^+@89YZw~ZIo)X>Hq9l6{VfmgpT3wn9J9Wl=rf=DCBhT6N+$kp+
zu#6_n%O=S42UFBG47=dxMTNqR1~)x^!K)T{_G1`4B*Xku#`^aqWKZs>-+m+KV9RFL
zP;0-d>K}=gJ*=5_QPWa;jL9?;P-yTe%87J@^|2}r)AeCWy7Ao)Zg*x~rhPg7?>N#L
z68ODpGIIv6yf*8;C;Vbo+FS{<-$`{F-7NUJsK>9Xv!u=_ol7e?sT~JLFT55xw({WM
zn`AJJpYrsu_eV=XSQ4btbt}dnhU&UiT}^5u#J07E+3niLlMsAVV>M+Q`>5YHg?bhK
zh?~0tNAQ=?fj#sYp4Br2v{+cGR37thrSg#14E`5rt#QKeKq%gAwNSMFo*$xxEJhHj
zcw6xMzR{m{zi+MDp0$0%xqr^!s*rHbT-IG0Q9HjYgocACn(mD4Wqr4=95?~-DvG@5
za5RWmV<9Yo;0!*s+5J{?UgOQdCuzElvS6jnQ+t3qT5C(I?Kg;^&;8uWYKa%FC&NM*
z1Mw;~zEnbM6P9(T{lUT0t5n`&G!gNZn>AL{+2YCkx4W=#HfF!@ROg#V>BnEfaHGY<
zlRosk6Gy(>Q6Ur2ir*wVG7lzE`p`Q7IcEq=B#3m<t#jtrD@r$oYwaK|I~>C=<nUk7
z$sSMmFY?70vWSU0Czh-1av;=jg>dL6r0<sJFFxK=>h^$BRB!p)E3-$1K`O*Q$1<+v
z6!nxMQhzSQm~qzjntVpX;ZI}Orlloib^NB~r?HP3X441Nx=E?m7O$0@3>J*&tPb^|
zg_68fk;J8V^b0ncL=cqkuL-sgzx|Bp@Ds4vx;-e(8GiGdyI;EI_U-E>z4?&$CiZm6
z-&(q*n{H8@qf#TTwQNkniP14^`d#ZoXonldP(z|#KY#W;At3yb)92J(c3uxpBh>uw
z@*kI$B@9vJih8{s_FiGqqqJdvcQ#VSe+hMu%zmDq{1z&cH0^sA%8czY-q!ZqjH1-W
zn$TS8V+bCHBgO-%DR;<@MY4F_t+F_Qa&YjYMSF_*N1DHU$)913PP&;RcAU`SLqg;z
z@9GX&(K4!8qI4k1s#inDhRPokD+s3#pfI;b<X`)xL*0rbWK-kfJ>yj>HJw&Dm?THC
z9*1Gdw{5GAIpDnVKbm;J3kjb3*?tlB;m1u}SS$WyNU6`72_8zMt-tJ6;xBWRi7lJJ
zpT<AtO@)KdMQw}|n;gVVBaZJzX8qZ=_ZeeFMIr1Xvh!O8FrrPv)+fZ%=E5|B?!SIh
zw{7UerN?>4W{WpJ>7Z|x^GeO<@#@tt3$MD6`O#YCOk!eL$*RkRcz|>r3TdBIkt$_t
zIPTG@%#|%B%}oruX6QSvU=@YBdtp(AV)=FB?wlxH(ic$1%e2TTs6`0s?UUt3S@gYb
z{HYxD>Lu$_5yFVfbS%Fv+>_)O9#`SgbsDswtFyI3D?PV)_9(RZH7zD4gsM1GT}`Y9
zLf8kMh&7C5n|of0`YkvdTn5VnNLGzpPmO6^g@+1S12=vM5e2V|RDK|-n{lY)CoC}v
zwGG)j#}aAk#4K9Oa7Q>Xey*n7kkZ8^mKe%-@mU%FjSK!SJz8yxE5T8hvWgJF8jfbC
zEt6;-m*I_w@PcM(O4nLW%{>Ti5P=2H8z;A0{;C-g4crHBh%B~JtNA*9`KElFxnlny
zwQFsgep~IjQPozj{38P6=1X1&w)JtIF;P~u5w)!+hKtX8D}1)H_|!KS%@l;|G~!W`
ziXxRWi@|g<*3Y!Vunxrwdarav&n;uEV;@y>@6+Phq-hoT#1RPbex2BVYhH`7pnw%!
zU70Un(w^X{ZPA@zQwsc-35^W%%vcG|?>7%(kdmde*Cp$yIsu2;521;%Bg<5TE?xDO
z6|XyAw-!P+pB;q!L(^hg?e@)2t3>3o(y=sp)vt8xFZ9f~RXo~sU?Lp9Pjz$WIumu(
zF633Aa)`-pebRX@n2D!{O@`<1>inG`7LMdby(m`4ND6%qFn=+j&eKePudU68;G~&I
zFkD5@7IKUE-u#{>O=aj_dMe5mM7dFU(qGAe<p}Fypx@V8WqDb-Rxa~BL{x*bglpQs
zN0;47+vA;r=@-O9sWYWw8ac^dVFzAcaxjKmYxQ58x*-e~;v^M4k<?!KbmYz2?@X!C
zNXMX;uqZ*}dd6pQk9dGi5JeDF_F)wDITrAL%=RC&hg3RXJQhmbL#!}>ZdK`L5A!!o
zyVTY{ub(eW2`LIQ#b3na`YzENW@5(a$6jwA*}p^4FU^&pi=V$zze(lrig9D7)9<l@
zsnQ6Q{u$d?ZwCjhOl-V$Z@23JG~5)&z0G)lLLDc)al~LL^7qAIHX<A3<=3!>QHIs}
zKXDp-3<pGw{Pv>Wqx|00kjliotE)+Zx!+X273(+gk65^_9UOV%Q~xVyPc<vAob+WP
zsm1;V#<z*VJRBR0XhnP<XW1usgoFx9^I@lJAETe;1f21phj4O}zy0!x*_VQR+@|ki
zri;eae*=F&fWHI4fJb0K-67CU1<Nl~Xwo1LB=Pd2J<GZ*nxri2twIYXdB>7DPvdRQ
z*0wz}P_Ln<DL<Zbu>1si%O0XkniNX2p!x$-Se0bdx#Z!u4UUjqHPPA56<=-AQp4e6
z4av-K>Xf8?&q^A+%c9BrS&Yk-9%T5>NkshUR94DFEM$hhn0ov!d}ZV3hk6WFr;T<z
zi{L2Yy=O>z=Y+kQ7BJCuQ@63T+|kx6mu7<Mc2SU31Ft6&@;;2(2^e?Cmtd#f%PfoJ
z3jP;7avAD)KNm87Olsdq-E$3{NhMZ`>Gq6Hpqd2Dk7Csagql5AdedMful>AZlpjNS
zrabm*Rs!44+iCnb%(k!6Bs)W=eI2ha=E@9<A?#cg$b!k;pOpajD?{f;d=8K2Wul{d
zxfI6S6KL<bnBPz_k!x16+l1{ZH)Wcje#*jBEy9R0`~_X6G{%heEkPk?CCVLOwHp=-
zX6!I;Oc>j?>w9bfQ|iSAn2{~Ok2xJ|0WWyzB)efkFMJvfGz^&SMr2+fiE`0(C}C0f
zH^y2g+k+peI@lgsWf;r8D$8WlCc*Lu*Q^A;1IGUv<D5p_Pa@>Ux&{h@=5^=(FWY8;
zhaY&{UZ}AAqicq8-;Z{ocP^qd+c6GChPvNJ?aA9~na$NPD>dFZc4A1308GdOONN@^
zkM{kb;4O4NiH;u&dwg+%uOmG37&PMzO$`W=VJIGc5U8tBjYI^7ErpDsWcX7iZPN~>
zEQy^TvwGAh-s79X)<7W!Yz5;;&C)z=^vqvdlnIL9>MCrUGZY<v%4q1ywJ&W6ixver
z6ivDq3X(rVGc3wszNKjmx+VCLv!}F#x6s_#s%Zk%gbL7JGt?}9N^8g@5w#7$f<+@B
zQi-9q`BO)O6egsnS=T6IpC#s;y>AqHNbn<gPiYbik+Fem-fu%T06z}+lm@_^GF?8H
zRiZ6y?&G&_A}fQcc3d-*SAUFB;Fi#zCQ#rQ>Zwo6ml$fVKib_-Aj=HJ*I&}(&QOT`
zv7Q}m<H2WV4At0=2RR#GPE;dP+I7KDp8bfK+i%kd`KW?g*9_I#A43jMb0Z7w^!S3z
z7KXCzNA&I!trUh@?MHw|qhwG@%CFbxw$pOc?^imc%G5POjrXToY|qy?3}xYu7$_Q@
z)Cd#N_gTB9Xjeh1vRt#$j(-Nb<%zBFme}3SP<WQ38iqpjk2Qhgv!PUvp|ZS}*}s=X
z<TW0hns9>29>cgq5*|M~*B{Wh=mwvw?egsh#df-+77`{u?zS(A7VBRH56m}2)q*kc
zV_^Hb$sd4*_Z2@jwGY>JTw&+@!N|f{UM4o80sk=WmPoao|A%S-hQjl7zJ)pU4)uF5
z)Susr&>DlPuIUg$hKlq1XX8EW4lYOm!>GXA6KzdWH-@V7{nj@itf7kxL%sRuNJ?WU
zDZg(N=55xb6`qshSPTaDHh78CEk$|~mjBI468^ZXB_J`njPK}dI)=LNV8^C0Zs9sY
z@qUbE0`s8giHdLn1td0pgk^|Lp-A31rwmNG-84{ZG59>uS)smyW#1^Woa{A2vG)P~
z1(s%TT8gL_j(86%vu&$!4l>yuSK=Jsc#;YyD|PwZ0*a~tTe>XF^G)Ga5)UUz)YQ^s
zibTN7TU+3=%E||qt=|hikf5d_LMQ3y7#+}dkBrWjA3|kxSP8<rd_@UMRh`Cnx|h0l
zO8#E*U&rus=#^_Ky40w6jcSo?0l$5Fq`r@qusXqjjqiG`vB(QU=c<ve8jlf>20POz
zbv2@I7Hfo763f$=$~4hJiYmGU+xiA$iHKI2if5hBD!VJWZt$pf_0ZL=9kz=t(}TA7
zI^8JWDj%*)MKq#SrebOL_xJC52&OS$im%`)^NZ;G3jU2`(_phWeS<`0Fg)T6H+3Ob
zuoCEI&z3i007!K*^%dKF-Q*-?olI?>7$Qzz6!pVQ8ztp^VJs<Z7o$e%3N=9^AkBH`
za-@vBpIm`8+{u~Z;Fw>XU*2H&I?*2dDBxg`#F8jYS!Npc?L>VQaVp}3fONx9GkyR`
zCa6Ga=DM**fWGZn3`mSqF|NU8-h+b4=&JxzHpk6mitUGg`CysV4+Ry{dBaeV9sd%1
zec7OMw<(3U<lO;E1^aKDRx<lorJJ(R-^;qRTTGm#BwT(ps)yU_`Z^udM6@)bsmK$s
zR{K!%;|-v`WG!&q2LDoY_3q*-8dnm5Kas<_Anw|QG7Ct^UUxH@sCqEY%b{-uHBZam
zR191gSs?CqMm^GB4Z}PY**OODxNq&oUN2-EhLE2_DlYXXcLu0gW-L~7DRReX3Yh<B
z^K(jcq9~j0$jR1lj>*h|8-^n5JL(>&;hSb^s6;(1=~ktAaAo)#hQjO5q`q@Ana27N
zbGA^8Ta==@Y#ZgvLM6h!4Vt<P71W<{7Ini=Dt(&?x#C^jWxJ&W3#{BQlt15wh;_Pv
zy}|;!s_81nHw<OZ571XHfgWeAF^;Y%m){LT0rY-BsnrU%zK1=R#8B;>1j+E!&5&;=
z#^2-91E^`C)784suBwWVb?jayzJuwZI~DagVxx%DIDwtLQW+lJL~VhA3XRj$?U$kM
zj<Ah`A=w#<Q9Cb&)gX4(CLUFIt(3rWe>V)Z(hsanU4gPVlk}Q9nNa#M3<rKYOjtJ+
z?b~kYHTgrLmc=S?#7-ukeyZ*Hds{Zr|KsDqu$Za0Kf_>8#fXl8olBUxh5B`1iC{}S
zAl`wPYZzY6^vIVW^#zW^=4$4y!J6dbt6g)Ld{=rRvv(cs?O%IjY!2ZZTBkt<zZQ>X
zg1VX?w>pM)<O)f$keRA!=K@2C^g)<Lv>O7`r+Xf)l72IpO8V2rwAqMpNRI{6{Rl@P
zo3L@sk6Rt&919uWwbg9vy|rmKSg4`Ih;5)>S)0I$R>(@POM19ZrmKE5J*mpXQxklN
zT(hhL&wg(v6InlolMHD!x=U>(^(t#|pofiUhPvuuRxsvm*Qz6BB+fTLw)PL(4eCY$
z&Fc7;s>6DAD!O$ls~(2lTFMcI^9|6f{XKgufu2mC{mDrE$%RKc8!pQwCSv2BY)co(
zMcFpL?*B5`LT}(i&$bZ$kfb#yUlyvnfVY<@914a=xq1+~GUd+UVcG<D1`-v9qV7FW
zF>$rMe{1GL4>AS3M95XG3~M7XPDRErR;^aaT3UGZI*B{))iOn2RwZG7vR(n*NMk};
z`=fX2DU4AS%lY~BhifrEzqq})5UTj~{9Tn$0zx+omE3pFQlJ}Gw!Uu1u}NI~V#5h~
zO(L3#UfGJj!(p1Z2l*h8<X8CQ*ACyW-Fo$_j}5$fcNO7c)4K$Il|^FhDtz<EcYiI5
zU%Te~)g1wMj)i^}^oyjgCl5P7ueo5p_-nm})s<{%Mg&jRWps%FiN9KBcZG5@x`Ai^
zx+ydGBVmj9WODAOGC14A_y@H;`G#4dVeRX$`@rQiv<cn-xihCYs}#2E!$&yw<1onl
zd}q6E(kxx7_#w{7P!xu$?JoMSjw1|_s|$q@8o##~(}{bvFG%3eGf0H&U1H~b0*NZ(
z`k^w!L^W{|HX!*qy%M!lIMZw?S1f(Hb*Xdj3PU!NHbjH+hM|J{-oe^{;aI2W61dw4
zmlK3XPaD{5$nnZhs$JUfeU+7XhBj6tGUkvUzcUx2gV!v>5jLpB)UYKv0z*yq6*}V!
zOv-dJL^y|IRW;hn65)96`+kObE;7rUJ>l+A0JZ398+T)-3!3P^Pc{+1Fs+xG?EH=+
zpFjSGq0IW8U=X8}VDr*Lg@JAu3aAsv(1(-y+VZf7<5ifuIRGR@R&N-JqaOzsMr~{k
zmBZlj^IyFvTz(YmB?mJ@_48cTcd7x_j2m$#3!yQ+vc#-o5)DH_HSD})Epvqd=~16Z
z@8j=GOh=ZIa$PqJHOt4xpGA{avcaE?Cl9H95QR!t>qS{_y(N+IV?e}QlofD)3BO7Q
z@16|h%IPuNiJaK@9D12~bL3~xlbEaC(kZeGCCHy2BPZ_Dxl+EF2%5SLSUcZ3naO44
zWgY2B$B)W%UA9DBD02pq0Yk$|x_~I)Sec=^cladhJq%X=BE^>^V&<HN9I}I&(d3Y2
zsMt+_^=eh2+dV@;?gQIBrUxHQP8lk4AGyFPsnKVLm)pDwabGc%={{!TA18s!EU+rr
z4M*ATA?$9<8l@0XlEQ*F3{|^Nu>FrX667f9eH7rfN&<>_-*A-p4xXX@Ohv%2kwy9~
zXmWDY^bSTm2vQh{ev_b?Q>A`y#aL6H76MN-KLlx^!e3!bY!WMTru2MXAcj)l&u&*U
zlm~z51&R}Cx=)Lwyw@h-S=Et`y7Pf>R@rjvtrLt9Ygs4vvbNP0;F5{CBGI$sP8b~<
z-$m;<?T@{a8ijH6Lylg)2Ql7zXMKQ`h$S=$X0D~VlaMDHfF0G^*8sM{dQ)Zq8ZON$
ziOvfW8z)xv>_dB2tsk_>f*HgZl1;*ifQ2<lqHOlO4HG@WF5)LozHexolQkCtJB!z4
zY2?hX$P6%%2mgua;;c#3?6}uH)G_W@BoubkitIqxf^jf+3o!|ifvR|i6LnPYbd|uw
zyi22h{N<-ikp&)Z_{oG1I>{;MVad~2Z$#Lr<3xxKj=D9vi=3+3cw5l-DHgO<`9dX$
zN<^b%Zl#auzU0h?>@Me(<b-TUrP;}pyN~Kg4`|&c!OC%y$#6f<7$xCxVkz73aJ`QJ
zlfWcJVP~5%>4?yID@EyRf8eLDy?0mh<Z|yC<HXbr_KX(I`@lhOyWi%1{_<B}ECaI{
zqAy*|V;%j1k=B1ta`~>(RB3<@lZkN$u<3!~rcR1(Cp3OqFMNU0hb5_<`hlNf_wE)C
zyBh$43t%Qgr{-ZwH6Qq?bMHcP0zDR-DOhDIHqGbjxj?HQ{v;Wa_hB;C?$<}knZ-Dy
zPCv@0c?a(MA10IMKJ1>fONsdh%Z&~23iG^fU)&ZN+7b|>rz&U8<GK|##3E!n<jilz
zJ4IN=-v@s3+Pjv+MrLV3dr&@1rl);G@7T)=Rj6f3?{fTvv-jKRgGzHY(j{Qvy#a1=
zWM{FXB;zBf^~0i0lW4Ti!+xF6UB!-p1Ol6x*qpLz(md=??E^z0?H7Z}iINZ}3Qimi
z-q#9!WL}<kAe!dugsmkOCvab!nM7ifOp58a(yG{4J7cLNHmMeMnW?Ubm|?5V1S4DU
z4G<f58LKu2*4X;MN_5)|j6UvprysjdOpw~3EXN{kGAwmmNB$yw$&Va2PW&ki_Ifu0
zY9;*;&{kuzdlc1ntc1J|Oe&Oh>aOLBt^rAGoaj}rt8;n%z8@W3GPSP~IJmL<3?plR
zue2Hkdd7`JwgD$Xwlg=nVmpIb5W_IXt6;FLT3IJM7hLQriJTo@i)7jf>>F7ZIdFrz
z#R2BF#(e<#9@U>^lBD=Y0lSt<1ucaWf1%cLlfvY1EmF&r%=`Q>nF9EBSz+<B%uUgO
zPk$EwYOB1Hzx@qW(e1V7pu2ljYwK__((S2TqfMYAjO^GI0=+t)Uw<GAfqvj9@4Y*&
zF|42|qaOCmRf!MtmNL}!4gpERVn@K92i8;sjH=aJRc6a{W-*rQU9@SIz#<C!Eug6C
zR3p!n$%7cpTMabJkaROsou*5bx^m99=Qr;$C;RbMnM|zv;DYPG4WOrzI@|s*nHcv;
zW7a8wdSXF><3x|V7=kVQVD7*}HQ+{h)re(Q-aD9L(Pnohe^RK8%vyAx;>RD+v;Vz$
zOrGI*74#rw$dX1u<*CTC@g<Zs#EMLQuBy2b@me;s(F_*iq$v9jlPPzH4R@3zGE$C)
z4Tk0*ewa+B`;<wHXK&C`Ge?Q7GI6u6%XYP{S}L~a!(>X`Pr;hz==o8@K}+I%OB~7L
zT*wBOH<D6JrlGyPd5-z~0zj-$t|lS@Fy%!1Ocv*bHO9#ht+Z9|amO){(OS5wTh<8G
zjW=9wuIH$;@OX<b6wZFkAP-Vg`Y@Sl_H&KX$wabWo&eN+B_^^J{<t*gm{#D;ea1VA
zS&D4b4n~*FhVqlRVwulL#8dGiEMqXnivj)E!I3LtXfyDzhqYO%*DbIDVSGw}LRx1j
ziSI3Op-y57Np4!S=on5?E#1jk*kKSu&FewnQd<Q_U`-}%y*o5Bcvyj_l}7eD!e1Z#
z>;lUE-LUgdzHW#XKmYqDGhY9rFsqZhPk+p0vHG42bY-P?UA3mC{J+$1=cr(PaI#?(
z%tP7M!kj`{Y3GcbT@3ZB-KuH->COg&rx`<8>cgFeC;zUjgHzzfr4p`^DEaZ5{lZ{o
zG<u<Y*vQ9v<Rnaf1cnsQ#!JU&XMdPXR+{p*yMPWGlwiE=zFLjQO85@|$>G%s_Hy)L
znIIQD+<p+<&X3)1jmr7e?UhL}B^rY_!P#=xb;jjyGR+pXl6N9e?%<n5%8%Iel6E8!
z<)|tB0?RB@r%zXupfexs{2ZBzUfSMAqG(@?#rTEriCSz51%ufigI!!+;>rBuZ8DkO
z^dlyg0iR_#d~wxESbd9fV`H@7;^45r9{;%m7#!{J1RY{`ag?QgwnMYY<fu;^<sB#7
zDsF<?@5(wl2Zgly&<)|uHyfOB^Wg(M*!l4++bW%6kL~O_8WiYm<f<>@Vm&IqX?jCq
zC}VBOluSxX9*08KGI{92<A<Z5*D{g|*pWA>{S72|-Un()muQNFYZY+d!coh507$mY
z8ds+vL6#4!M5`^BJM|zoC@vJilA~&wMaP*o40WuZ3~4I1G&nnPJ7JUFHRYWm2Npvy
z>Om;6DdH8mGF|XC*a^Z=aT<O;)^w~@RSp7%ZO_39zd@^`uT6%^RA^HpXVbAPFmPrN
z4I}K+$Y$W=3(C|AW>j3Rfb1Aiww;5@1gQHGNjf?XNNfz53BgDOrU>a78e({3>e3z%
z_*Z|yL`gSo0b?QTz?P$2^|M7yaMYy^>SPiaZ+7zd$>g{$ZEefP<pBwr4ArT}-u5HT
zmKh39J1iTp6~Pj8kkZ1eF6lR?2!R!MWhUHBL5Io=wWmXZN@4%>|72MX+vUjnabkQa
zM^);B6SqsgL@~22-cXdqqLejG-mR$&CW$!koeE6KHEvvHS0Y<!D*i=zR8k-N-nW_c
zskkxY{G#KqF}o2vzsbebwb33V8h{h?3Yap^k#C_6lY6WsWC$C^<k;wJ^hLO`S*J{)
zH^JO`1zpF;O!8_u)DI?sz6om90qu+sH!xJO0_X~d!N)4ylnrbib-Ai#Zd4I5{-HI5
zXDzKWIa6WH@+L@K*DQ6f1W6*Biq-8N4XowYrYy6&bP#ui1>4KkoMu8V7HuYLu~aI-
zKpyf0U^2ODw(-A{iDd7F%9h6GpXOeiFD;_K|M=<4Uw(X-ld6iWgspA=rDY=kq5oH`
zB?@fFjZA&X3GuBA5WeE4V|@TxpCg~5cLXe|L@WVq8ITdrPqz91NPFUnmB)cT(4sf|
zG^}5u^Z0S0{U8w#?h_;+ew=4u)DK^~tpOQ7te2=tQC04=(0!7nyK9cnZG|Q@*$(_j
z&QsdKCA*sz078TjZs?j$3mbDe{_;?bjBF=<j<Bb+(|C>Bj`g-YV>c?CY$SeuGlq@C
z&mmWpx>?mq|DHw5Onprkz3xxwNftjr?+{e8QP2u@=sI1k#c(wxfZy^H`yK+f8oM60
zw-xsd+wo|}xD79wM$y+>4%*+=z*sg?^tIEgOg=2i@=g!TjY>)kK*Ei|MjdrG3Dk^}
z`L7bNJ)lzfubYc^Ng017;ZH>XO>b|F096P?X@i<|WHE^j6N!Z%&)bF&tyDSK+et+H
zh~85X@uO^`1j$-0RgLmWqmV!wlWjIz9mzZG!zH?OO1MTM=SRX238wUTb+~m!3A@}f
zl=!xsXW14eB3?(`D{<E@;ODDG!Aq4;M{u{3Nq8r+s^6t0<sQ7{C(P~RhhTq(A6rZO
zi;=AaChk7yPKeSR3N}l_QUc}*KfP`$N^~HPghgA`-n>*qe{62*EkC_)vu>0|p|q^G
z<D*USPshYaX#BiS2<>Pe=q*2)Z@admiyj7KMlO9ERlOe>WcX{6HX~hsw+uzSd$S!U
z3DBvBJ(q-KRb7GsiIXR}*qupEXaY<5iBtW4x2#0Hr`{g;d1MZ@g^pDr>$J2STIuYY
z3FH$iL|PclHA57Tx8VmQc7A-w7zfzH0vL5+LOm!Htkkr76sxLrn|WGb@DiylcFRgS
zd(a(?tQ$-*u1rn5sw~NX-&<A+*cM7ZNusKRePNIoY~P!+`QGFqAu{DGxI|hFzp$R-
z$y|<x@g|50iGm*u>5@HSvj-1Q1y%&OWhg8C450YY20v}grc=QVYATqT*)x*~5DKwO
z&AF#sWGd-DC86?U35RSO?=nesnFVowHj>deENj)+Dl=Hp8cX)1uxr_PXH%2{?;`>6
z<PpB)Tvu6wT+|r~Mf*v1m%~hI;$$G3L!#kF7<@GZQ|AMtV_Vc?7+=P9LZj0$G_moP
zp_(%(2-F=<xb>05$d7My>;G}e61N<sn*oZ4Ate<ZddpFi`OcnsVV;IH$6-pXoU#px
zhbOskxr0vIVnJ3hxSdRn`84JbI$=0!Dg!KZ5oM+9C%(wjmCXVXm=F?6(%n0muyXKH
zFe}QU7h}Z??R13~ddF8*u2OO@<|x3t1r$A*7`2p@G3>&yaFlI9X0P6I)KuOAW|u--
zLw*CMj(ulNSv+rd;$OoWFiGgSCr2&iE%dlUqk4d^F!m(4d`ZZvF59Z3BEArM@F?a<
zN%pZT)1g>V(pWYouHLLdsyUj7O{Su3W67L3nwHT(nM<r}vAAI@2$%>c$p+?X(^ir3
zZfBWLUsG+Y2NEVvc7t~fHOT~w;D*kpyJaPwY~gIux@pmLv*k%6Tw^liJgTc&i)m+}
z_8dovW#}-&brv#1mwqiwez>ejTY;gNGVQqQF1UR{v_<-Ri|4%y=uZ+dKeFRxFY$Y$
zH{pYlAJI`?jZ`JB8|ZOBW{T4c{R_JZ1g0a0-|$kPmCa@*@$;lQhit2`V%fKo$t;tW
zyrZlxL8M4YBs?k1DM)yFSBw#e3_4qo2zWA%Q~H7*+3>s9;-L&dFqty(iTkfM4hA6j
z?E;vgNGq%sXYas;-DDQ__mk*(vX3q|C~%pcOpN$(7=>)Sy+R`3M;{I>3A5y(kZ`{M
zBdc_#Nx2kwl#6ZxRji#Vqv3*~A%F~Zgbk-h#S5W~eJPq+;$I@6@Z=0AGh|cm1nTIP
zb@~l`0hOp_v7*C^I7$NpD$muOw~mIvlRV&Z@76kDqQBCB9^uI%PJ+UdMm*7YV5k%P
z9H{tFhHd{+l9U=_R9sP&U>ly5^zW7@5a4_zSp-LYUz1&F-0iv2YatgUS-ts|qdu?U
zKThNioy_TK-3;<bg}>xP{(v5-nm$?JDAt>7QVkg0zhZ?f4r8tr>CEJ)(2Fb<dLmt-
zA6*Gp6@sGh7|QONsbuN2JJoRqAh5il_$WQtcrpfKuG(lk%<-)Q#u-n(V1T4K2Boys
zs+M%F2uEeyVfwuKDp8_R_)MQ@p_00c@BF`LN|d=d$VpU{l@It+$Z<HC(k*4|<~f?M
zX|XBq=&s{Q7R(sLUcq!jnbx!JLQ+dQ5QU@8ETCG--^pLjkTc+*a$zLilM=M~Os4kQ
zZz_21o?xM0d#VmkP*N)xUho-tq&}IZ>%qQ21_R3$h7GUd6u6D78mqgOr(a?9Ds`|6
zVKPzIec+twlYTRgh@A4rK;6VH%Y%U8$gu?zUk%@~`MOqa%nOG&KhgaB-{#-VKl`f}
z=jIC8K0H~5qwXPbObpdsyQSTny6Zw#dR>xs6hkdnLt?A43D5UosMR_;qcG{gBnXCV
zA=sh~^`9^lW_<yW40*-~<Y1}a1Jek7eWS-KL%+mnN7M|(QoX;@RhPh143(#C-qp>9
zXPTc8kfhI0=JfPnIEHeh=IHEB_q9{kN@mTPM8cCoJXL__;+&zx=raLhNHc6^(<4=T
zoo&-DbX=!ap2f$u2UQmX*i#XcJ*H+O^=OT+%A_}32G_H6qm0-Nit$+49pj*G%`wS>
zHc$aJL#lEtsRR@Zxd@^FL%Pf@!#~FF0f5-jj-$F|D$0RXx!##{;-)TfNqh$r44yGR
zk1o!m`DJv!PUE%M<fgWr028v!5|N5{U6z<OV)Lr8-vVY3PvYT<)9Aa_>qqOEUlIp}
zYeH8?euPB9+SiCxohI(3{Rshn4S>UwmH0&7MOin(?&JZ-Sr_LFWkr1ijFZJvi8*yl
z#5$nBDF9-~K~D5x0~mfTj~&Acbqlp<;8_8k!;>=LXlt{kmPUjz00vLa@C^F1fQ=`8
zIB1+$bDxIA&xP@FYM=m@A+s1Biko_Pkr|kcDkS`waf!>wT#X;Xijf0eek6mCKh0e2
zTkKYsStcZWWE(}eR&lWbK@*oBF?p6I$k6EuEL+o)oS|&!sZC&40hsz3e%zOOvvwf{
zps#9W92hhAHB3Xy;X)F~{1{4;GHxt>M2vA`@nd;LQ@MBgdHBw30uBop8==4iO!Blq
zWl!@LXU?oDN*DZS5B-Y<=tn?1@S};(GiV0V-8+Njs8ZF?M*Qd|zc%8>UHP>UKf=qe
zjs7?!`Q_T^kHey0exsjEX7}WcK942pL7Rre80D0V4gi$@LzIsg68}S#k7z7@M0vNQ
zLSRrApm}q2*Y)toqZnakKJ+)9a5ZwZqIG)!IX@Enlz!w#H=lxrA2ECi8cr0>7gmTC
zs)*OQL|HlmFpu>@NUhayE1t<*%mp5`ltuP{i32sj?t~-*R!e@=><K-|P;vM$nprOp
zje(VUs!g&a3ccD-?EN%oepKoyUC58?^ydYGmqM3WYhG;fAvd;X(KJkcEaec($Ll(3
z0C}AnA>Q06xQa!az_azoMg0AD^PkL9;NL_106zM4fgAx|G-dqmH(eJ0OXk(Tz?;DD
z`>)Z>`{roVLB`yvlsg6F;f;FMe~MDb_KraxqG<HmM|}*xDLSpwk`6)TsGn?A&8?5Q
ztRLVh3k*G4m-nJ6aTXTneAW*|j4_zVI9>J_jg}u(+d*5GnbLiECg^N<6dvsc6;1$*
z{0Q7GMun&H+UJkBf-4yBD9pVGJS$gPjM7YK=$zP|g^s;xYP@$-*p<XMV%y}$<90f9
zSI#{gA4hHFZG0$ShO4nX(&`3lzLWx%rPOEu(NmM5@bbZ}%Q*nCI$Vv(zUr7LNrrOE
zJ6(!0ZfT~5>hy!{HLB9Q3qGWMo(!d!sg0!q&Vb^~j%O?%1}-~aq`(*~gA?8jirK(Z
zfO*J96bjl7cI1T;8s-3|z2I9T!&cT9B#eo}fdvns4fzqfoi<#yMI!M}$V~5iYAZfy
zPoce~S2vPMI0o?ic-S+s+F4brTK(RpIz_P^RE(8lzAD6t{@}?3rcDEFHJZ<v!f~-q
z)du0A-a(d1VCw)$Vp<h8PHZWCHxv89Cv*w~M<wd*X^?;&opxDa$1nkY{OuXRF{E+B
z5Yt*MVV+_E_2FgRP3K4^i53cgVU2my3M6KZO4mEou5wC;qna-v+J}ITAE7(2?T-&_
zXkh#Z+{-vwwh9!{!m-dc{J7rBw2g6JAG;@WRMkF(`dbcX*)HzZT}rgQRI8vxpP?}K
zy;_WFJT0MF?q!xma+&DpUM^wyl*m}ho$L`)iYH0sswg#FfK9N$@=zLCzn0L%rW61?
zLL2W5-8%f-aZhO-jXR@pTS0sD#+1epRw&vAU?>z0k4RlYO@yEN1Xoo0>)OcNN~7aP
z?p!jIQDH0#{}!+%Xyz3G2Xq`&#7D|JI2`?wZ-!>CnMs1<C?>uKoVBbPoMku|k-Tn{
z6_>Ndx48Ij{@J~p&+r&wa66u@n6Kcz7a&Fs&BBlLVH+&!H0~2;w=-yWR&saR8H)zb
zrwj87Xz2WC;qG~~JtvA*Eg~M}54&BRhRKiN4GyZUZ1Iq=1lyntMb3TQhI@$)#CrSv
z;D{(xE)8JvV_meaPKMgXofFBfUqJ`r3>DCy5G2A-1l?<SSQ)O!s_c&rDmw+FVd9ex
z_5E_xNFVL97O}CTupF-Oa?_~zQ6ta9qu*QHD;tU0AH|}iW#TT*Im)I#8`EQ`jvf?>
zY=okPOOEe13L9Pkuk0%N3Ge+&U<?6AjrH+lT*0$ZM#P)p&M9jImV=jBj-u;(*Brap
zhU4PLa7JGCt>F27(9*~llA4~BI@0aD1G%g!bPUm;-U4^=Qf&K73K}6lK6A3nL?3+E
z#e#rI?GHI)H5;tKc+NXEzLGj!25d$A$PgY}cU7y$?~YiQ_|c)!!ZaKOI?Yl%rj8ae
zzJm?c`oAq=5-39fcnia$iB0-zc+W8ugCDwOcO{XIfX0vP?C7Np@zH?z(VCGg^_EC=
zct`Q0HCr8JbxM(u9}yG5Q1aaz@8Idq7FC;JCRT>^!Wv)v%<geMyVaj04=TUW{D+}Z
z{Hg4q^KHRz8|EokcfoAu$}=S}a1^5-oFBSc+})HA8>*NMK;lP%o@WtbNP+fr)tI%W
z1<U~5)UBaOGb3VLF3rfb<;E%47Yya=51(?c;D5nAdcjb@{@I}MqefaGV|V|E0SBC|
z)74rWLzFHUiqStSJbrxXFuapxOD`B|*B^#yR4PqnPZv8YOdM?`Ydp?esd81zYMsVj
zL!Cy?k31blkLikQ;Fh?5n2-f&<7swUg@(<K@f?QT3zIjs#6RwjK5Z&zStl5KfDV=4
z(YY3Yo*y|nj2=A>qH~~Nd=a!pW-wt$VgOoBlu7@dMM*C4|5)sx4-FOYiAWY7abx`+
zU%O(C@PE{iCNOf8)VHTgfOp3o;VM%`gL+x^04l?ex8=57*$dk;=Be<|S*~(SB|r-+
zhfm4F#|wrc{l^p(o0$wSFq%zZq>>t2cNA?uXiSqUR2xf?o*xVa|DSE_z%P&QvQ#%)
zqbE?p{eolh05)yIk00`B8-ApcPuuXLoP64bA1~$8HvCvCpSIz|ahbIZ!wL-nZL?^#
zEs=;?Cuz~5Ut`CIgC$#}iBRtj)7LWT-N{=mX8){_!rT3#7wn=5Bf}~V6E*1W_pu0{
zm3%11ALsxtH^Yh#0S!BXY0jlavJJfg$hh&Wwi(72+PmY7stFAZ^xuz;gZVo%L-44O
zsSAd6AOc#-0(D6@<M!EUm45uVZ_m#!=Cj}1vIYZsQ#JwdfENraL7X<>HicKk9G@#5
zn0uq<OS1*tP@FhBHjaM)w2w*Ll3KYmHVmZ$kQiLBbKykq8mmGNkD?#Hf_(@}xHn>%
zX80y;Qk0=GUp=)cIFayxrpU{U>OL^-pif2q-;ZMB-ZN;YrIJR@glsBSH5!b^-46g&
ztN{O@Cb@4X2hn+z-MeuVgAL}fK}>WLaN@{eO`r<7fMo)sGE5#_1;&-3vIAE;G=saH
zZUIhY_TWk}m><LJm*KQoJP0%$R;FcsZ;h>lr%-eYaAK<gYh|PIDp_<N&D`0Ffo?w<
zHVYm+cWVRP7E|%jq>MF{qp%ZK=TkANy2RM-KIe3usv1uyA7)OsLkNG^B2eEFM$fk}
zf<9UO2DS~tiDDi&pTojVO)cSdA~tc=(x9edj{DU0R3T!C!aXsH1zSaEU;>3&rVXi@
zcfqO*L@@usCCX&`4HEo%-3E-3@pTu4%#iRrW@v^xDj3#{@J-~z0irHI7{;=@HWUc3
zX`i)9){=HyF)S>RsHG|rWUUxrj`7%5wiScyOOy8Mlp~#%G)-t27Lw>EK&QcGEIwGm
zVN@4dqQ*N6;>HA*q)Vqxs0Tauc(~JzFcqsixNSYs2Hh@|0gnlYgqW=AM6Qyw&3jM?
z2k6!gAarHO8aX`7=CUvwbSEHI4hfkR<?+w5TEn?~5GgzW2E~xbsoV2-ezBCd3yce+
znur~bOL85_M31AXXdL`Je<uRrN1ILr!pX@-E-gzFY*{o|RZ8E%Cnod~|D0IL-?unK
zp3Y)C589c~VvUM_CJ#d9N)-4Xso}=KL^eXIDo?dB#_jj$#^g-ab{ca7`~&zIP%%>l
zFG*Zl$WAlTxcTue3b%zS5@kii)Sh6+5ab*yKm_m1yYt110W~T5;nosem8wpSRtMb{
zZ;Gj*IRcADnj!Ue=Q*|&cA90|6sgL4RqM6NXyV4PoW$Wa@db*80j~bT6XpgdN8Aqf
zbma_C<Db{NjWO5^F!pzQ57{4^fRm_ybW?^{I1H;tAeZQBs|^}rw-pLJ*_b(EYpdsa
z^f5dj#7W7pfW%`KUYe`1R>5|F6l^O};B6)&iiXdLN*?rA$7SXo8zI2bY!AiC(I|g#
z<L)`}tdC=bh(`uOqJ|msZs6~(lTX<_So6uJuAt^?yUXWDxh3q#hhu??*V<({7OFUm
zy@m1MLL$%u>iO4^?l6wUD~@BD{W<VH&bhl}U`XH0D0uh>(Ty|}^=wqUM)yMt-TbiC
zSk3#srNkmDSJ9rNtL-=mTng|E2$l=G;<#E&rr{S-RMF-6`}Y`CMl}gTMmkioQeUCt
zF`+hAg{;%koD!R5bZ7C5b5id6f@498Zkl*%5t(Xk01eCXG^*HL1!<g|31o*eE6s_1
zoewnJ4;m3PW=;jf6mWpWp(D;&uy6&#DiVA8v00-OyYU>wk8~o9mLIuG3T-OPAf1KR
zqSw=-(eR^SPe8-4endSG&Ktbm7AN?)Rks{~A5o(Gf@6h<K{uiUGuxOvkw-*GXqOAa
zY7hvsbGhJf-N78p{1_I2I5c{<BS^M~@Al_|v1~~4g1UQw+HY~)=8NsG8h&krTj&Oz
zib&nx-@kJ)HDbFK*x=k+CT7I+qJF;CBOYyOSEV!AAhoi0`qS%o>n5jnDuzWVOp1Z}
zT4iOe>gWzZ4=YmmkHKz=T;f^TYB9J>gXZLx+Xs4CW*NGYY{*co*Rrl?RQxE`7}dUf
zL08evr%KM;`%ZrdCWxvq?5Jpb8dJa)z>t0&-4ec**|4ULFYggh5b}ayrHi8*fdt90
z{sj%v8x=FR?2rFBE-R5?jf|5U;7H^QdEU{;*JUHn>ys=Vj)l*U2p$0+h4<mtVa;Y~
z3gx-f@FUxRpA&4{28r5~bWx%UhD9_^!@-?bh2r3pW8hRb0pm($k<Mfncb+JH*OXPX
zx%l;*&Ng6J!s2lU`TZtwHqaJe%MN|b*F~JrX7glqE)E9SZg=92Oa_T*vXT}-hd|qX
zW)6g8QIu_go@B97g{tB6k%y;TdXd?kQ=se1>-jaQQhqU6S&WzLXnss*Tztm%cvHIY
zc$?WKT=uJx4u-ep-xI*|<2k#<Kx`IMnO7}p2Fol9LdGue{~3lVqa4hoh9xKc>U>9{
zs!Jo<fOOP&6N<Q^T}6|X!g$F}nu^}MB&Mm@%|T4#@=kI|(@ut!D10q?BlBVZJ19gy
zGi$nk--tl{xH-ex6LtwNR3od(ikd`L3Ei<w?~O~ldflQ@Dx^f>oMAbN?fHgbpIEZA
z%o0_IG!N=TeyrqKVDaS}9##dWED8c333Da6T@)GoCUl(uz19z~e&#m53I?t!H0?5;
zGptXs!?o}%1cRlpGac0m@P^MB)}+|(R=2FUQ$7n2RYJ0mnq6~-Whb6xI&wPH@{H0M
zI3{2(%Y?g3W0{JhtkP!PE)0ZU)=K=t^~)D$n*X9?9&KOz4=Yt;cf4Q9k~~VDv#JWQ
ze+2p-vwsc~LGL#hooKkG8IZH?mO>>py696=2%sw{m;-#WDHs-y*lvmjI^ATrfBMH4
z8V`R8<3lMfF0g9fsx>AbaBq6$oUB?yusMXBR5lHaK&v}w_COlfR7~cjak2NCoQR8&
z?}WxBf2RSl_njOIh`r<FSU~K&COdrJo)Z`rLVEw_3`P65d&rz!p*jtodfR}%fTQj?
zL&^PJMuAzvC2-+~*}B9mpO6&kIYaIHN05E|&tKl<@vmv}{okw>`||5iVA*qxK6|Z$
zh5T3BoMC4iNR1ViO+;D)f0KsIo{IEf2Xfyb-aS^b@SX(Q%v^X@UN*}8({-LN>9|uX
z9oC|N5zOC_LQL0Db!DT)NrUF+T(J)8PW8p5hztXzU4B!$&~cqwrD3lDV>M!C`%mh}
zH_>gw$wLzwSK=qi7WUaV6_v)$FQ(=>*7J{je)6nV_Cq0ezD73>qo|u#SQ=T0w7>F9
zm`t7h1Y)zv#fnxMp0ko$A7ctsoTVZ1KkN#}!ik7IarPZbm2)45Wy<w8?@g4W8<aoO
zL&*`{iLM0JQJ7Dri@rC!cYDj}Tsc}Rt<7Jd5wUkn*;7p{GhZha#$r_{uM}{uIhjcM
zzRp@@C0K?cEta*^P2Jj=-F4wdz?Hy7{rwhv8YLs9bRZ-P1L?Ce4&(!q>6a6#)=x5+
zXw>Xj&}a*)m6IzM!^=8KF})Jgw`G!OE9;-QG-Dbve~*@ptLVLSE=)O>^_^;}Ow#JV
z^T~9~_n@q5wMjAM8JH1PU+7CSc*K7zvowB)tQ=Kk-t=WfXsn!w)K<s^R*D+I3J;KB
zs81dq*rjc?Ju`>{pt3)Bb1~U?Toveon@r67Af|C_tk*iTF|vL|HS!JGr9#jc`MZ-2
z4^a=9M#=AxF03otW-Ximmb(Z9HneXUs)@fq-!jw*-?6Kp8xf6VvNR&TUZ8+&!zR<I
zq#woJ{Xnm{3^l$V@5>q16hsdTx~q}A>yie^iR`>?_p%E&+EzjGN=Kc2?ThvFXq`?-
z09t-0csqkR$<x9WPuujN-!wFS2XOo89{vd$4JQtit2|1JrY(RPV2%?$R%Slo^H?Vj
zLn-S$3u>ujIdD_cQ;VTW^-ktNBkN{ckWM(iF%6JEsd*G2h62u{Ir!3jsYaP)u)-?%
z2c3Gbhup(fDx@$n-avsX-52T2={Dj|lN!0&iFNSqz<^Qy2H21j4BVu;tou4)fgW2{
ziqc0dyiO0q`ABG>{2f8~3z9a2Nogyswp9}3<C;u4`dDY|MrNrUn7v<?M#qonm@=p^
z<y<BAWep?MoXmIIr#a?TI{PM&&EZe#mSC)qi;ngnQKI=|n$p328xnEOP)mAGl32Q0
z2e?@$Q<6SHM?tQN(v)};S-FDYCbNf-f^YN5#G+4fx8`M$qP%jk`nXeCgNDlf1j{AP
z`ol<|=XJ>NWOQbA#9^fKu=e3hboj$$8qUwNF*v9Ky4nOS`=Thw-BIn8cDqid;{5tu
z&5q$L(^}nw6%|!=*$l#vj&=`Brr#XC4#}kwZJmiM)wJ2nN`<+5CoZqwN4`{j)YY_y
z|5hbf98p;;N?9jeFOF;r<Z7v}VN=4B1Pt6PxlaRf!Y9*Xe)*BhP=$HdiC%tv@D=Nv
z-<-z9-|>UdbPL!oU<fv3v4c57&E&^u-5{jd&rh26OeTyRzKpJ6@KrLTzxWZGU2bZZ
zQd{zIrZf<6*dEp*mtWJo%|%+ca~)GQ)fl{~_Ur~rv11@lNF*pLmE_?4BvDmXKA6;+
zO_GZKd)=+FK$cgx0WHAy5Ub1AhR(eM^l|-QnQw6X{$!%dCy(_5>2m`C+or~f6^Y1X
zTf_m=ofBj7L525g_!F=c-w!2L%z<=mPV@qXEq|Ynj%%d~5zDGEo&!sWLcGb7sW6{B
zY|Cbi9LQg6;P05hdR&a*WJ1eNT8;13V$iwaixVpe=9fpypF)j>G!5wO@hB^vy@xKC
zN?_<+qET}qOhKrz%DgF`-6m;+9_xU0h@C@d$3$Dmn1=D@*pFueJ&zseDxk=A9dM*K
znQZgXs+IXt(r7ploo-+Frs~o%QFnYkPG1vpLoOwk3>BMqP9JTih#7hkOp)5>`50fq
zY^&~gS6<>+XV)b|Ip@cGC^}zQA7;G9THM*N7(0!1D%x{G@+A$1e*}+<j_^ZyShBzj
zX&NItZN$C8>IUUbxNq+iBDej^$@HAVmFv(GqK%$P037x#23M7xkxAov1GMHeVEl;-
zMt!35MraJ-6d69q?16Ss(U^?iZJHA7epw`NorcctAnQ0PKmuf?-s}@#0ZXi^M)#oX
z(lRq)yDl}>_bqza%VZf3T7X8)iPw14-en<1Niefs%cpamiw^h__2p}!zGA)Lpv{Dn
z0<=fIv-gi{V~Q@Of=0)Q_v{<a15{2VC!otXd31I_*`NV@+txK6{TxGWIO#xl$V@m>
z4Ae%QJ`NdioRHdJvw=RZhTlU2<V1GhDYfjBJ-XoIDA!nYF*e6Hu0xyhPKAt1ew1g&
zgjmdDcjD^nsQBaMz%c7eRua;-6SrdNbeg3&NKvH4B<rZJ6&AsPIXFWSAiH6ls4O*Q
zm0chO37(b8^mqhEeT=VIE15OxL0F;A<WYW&$uy_;`87;sRIM6Qw+TzdZ4YYWtJ*D{
z2?GF_PibX4=d}N0GVSR}K~F_~CI!uj9BobG?VRqW#YrtYzvLeDNu6f&?#oJ;`qe;B
z#i<4*r9RnU(gq6}*u5!!0J`z8D9byIV}21K`lyl`{qC*LNEF>o;&Z9<Qh)j3*UiN{
zU~6P4txJZY)3L!Il0~#mSL;z->ly4%H1l96CjA&DR}oW`Z37fK03Ih|MZ+^D9O|{+
z*S6O6D#&<ar~&=tfjODBa|kA*Qw>WeEIJ}n8$}o4xMV2oJm@1Ubmt6HRNY)iB=vC&
zD`zw7()Yy@x)HYu8ZIaQ&o<n$$WW=kS4jqw1~w7&$kVVmk(_N<Xpof&^pXSSK#3H?
zB2XeWAhht3p#bw}-T{qmQHSzL82N=XYgt7xJP?B<Wz}m81xt}%PA13vq<log{S1lf
zmy;<rA4Y$#vaHWNREfcwC|lP8D_mH4V-K8$$dAjwBT~1kAFf<(ZY9x8rrrGboW$XZ
z#hLUjj}cgio*tQ#$ul1YroL9NZt5CXv~nX7odf6y*tH4o!RQjhZ-}Z+H?mQIrRXmw
z6Kg))0C(y^Y$T9vSLrW{c5!3CVUS;MGMVPU8W1LO(hO#^vs|r#<<X${5uH6jJ-e5B
z@$@iS&QPFvyzJ}_OzcI|r&e|%umHv7Wctkekp3pcZ`FbNGF$I;NKw(t$&{L(hy5&2
z^$ZqR;TW!w{<T?)<KCwmf*%nY4`|>!h1qU;A<@y{Zoo+9M}%Hz&N9?*-a@*_wFM^J
zPD*3q$A`w4u&;K>o&|ZYm$9v^ZRRF@xXDn-nWD88scvBXK~0K5X;K)`KmZr$O+PBQ
zgrTVO2-WzVSWBbgq`Ta;k5;eo`y<s2FB$7RcLBr0uBQP_#g^{x@3-K9d8rDN3N?{7
z5q4Abv*UjMj@(atTGh%X3yYus{gbh7{=+){+<p2ZbolD~3mP^j>J-qA0@H_r9Y>6%
zoI7-J*_DB!@$h3n&)Hkt$q$O&VBsng{uP@E7_RGl$xzq%S>f>`Khu~g45ga`c@ajt
zIeo5_&S7Mz;5<=>^W#Ec9bT`2OBg38I?jaDu@;!zk)#sUP16FIa)6tVp#t;)!`vGH
zCZm(a#g80qbu4z<CKvGcorfVD8$W79c^bOp6`L?0jFeNwQ|ld6U#qM{|MlJ!TwnE6
zEFRpU6CI*BnGSTL;x(F%Z2{}b7TD%}RJYC}Caa;KfyR15&00mcQkyci4`7G7tg;vd
za}c~gFLmG74=^5bVQVvBMTKYq=4>>-n4e#xVk^-^lgUdTJDaOo<!K8*bs{#j2{)Ov
z^h@L7$D`<TZ?6(TqvOY(w!^2#r6N3q>QX;z-I!_F<;0{#qgHj8CCgA^`c>icV@x~n
zwUipyZ0k10BP%6Q?bQcc(;)fLrxyS@6_3K?2mKCywShN3zqpCcZ=#F2JqjOJ?(>4g
zW|PIwfe$A-mX)&f|LeQ==eHup67oyjp+n?9SjkbJ*t>(o=kX2bQ7y3=BHax9oK}xF
zgV~LPhc`nh>M^;fQ>}(e?`$aaZ$~$FE#5|hor*~fvOf&QL~V?8+e$@0fBKux`9N#P
z3}iDh0al)gWmeutfB*5*m%se@E~kAq3<ax+No$6y_3LzTl%o>Ds;gIe#HfA)<cn^G
zaJX-PY>naSHjb6nONk$9nBVqf7WT1CiW(GX657@%i|pZumf**`4*D#?o=6@d+^G>Q
zMr006jmVeU6Y$$aUl25~{`)0E?dwNE`|j6erh3*wqvPk@dQNowsMqgp*?{?L{|P_x
zV<lyc2^W#9Qhb4hEfREEcqh2S1|NT1)No<_J#>|fLri^!lGa^!rSYBhr=<nT$N`r!
z9|hL>x|~e4dY^Cg`Ms*FWU7xp;u>xdvPi#$`6eb)t3C|cW<>Qws88bqUO?8Jxnw9;
zy*J`p{{P*5Yjfi`mgQgB2t~~|m}yyl#YAmJZguzeMpRGNbawBD`BDLqki;@cFbPt&
z^ViS4c<>=g0w~L=>xt;Dl&FVw01!C$b#AN*^e9a!_#!AuJ!OgZhzkZ^J5drpaC!u0
zLew=p%ziN?>wQ~nS*0;1rok7BN&z3;vKmiKKMH!3CBv?y8`&rkUWrIbk=np8y^QUR
zROugJS{;|X#*{4E!qZ)My^o!X(B^IZH2-D%4&AsubZiy`HLZs?WX5xD_*|9+9fb>u
z+SCBa?vjx{{cJ$OUK^I!`T^1-IKw#u1}@-d7rK+m%HZ>(qQ_tclN6!r-Wl`wm~~yP
z{NU)38P{<28Fw7mgL>V_+_DVcMJ~l>MhZM%zx;-=6a9pJjjI%uD3PT6tH$FzMctuF
z2qVVxpAE+&{+Er2y_FM-i>Xt;b3yQepgc8CwyDCs()`P;9!Q#_FA;TU+A?oHI(i&N
zq4&EGnN37!TjPb_ZuAHZrvLQq0+^i)Ij2qwifkjFnqz(<Y&L07isFKl26a$zs3z77
z{t8O*OscJ0kdmH0Uq0sIV!F~7wsjX5lbnX%p6b?%xfb<Ju7(k}E74qEU!hCpN)`$H
zf+8^$Omdz2*)=K6=>yd)-I|3Z8fUmWxr_mGfpO*4H(6Xvg8GfwnQ)iNrf{Vo7<smu
zCk}j1B$f&Mp<1mFEJw|jOn&Cg{rvVCvqgM^M35C3sXCK?JbczNTfCL)N;YsRsg0C=
z0#8cT+TctQsd}9acb|vT34)r|Q+DX~=#`~}J<Jq@^b<<_13-{Z{m=m*C3zi2w5-}s
z_$t4c-1TYv%8!Q<uc|Asr;+dH61|Zs>W4#iddxlZB08~xeQ_}*>nZ8wPT<%sRU8(#
zYTX#<bK69yrx>%OG_Ch!Nc0eInk7@Ee1dt031|Jc`C)#b@R&*XF)Mu7UQyrB+WnaV
zQA-jOEDNz4E+%IkbYr`$WSyWa@>B`6+e=gDZ<-Mqa<P-|dV1vRN3I8Y^ejyJED@Pl
zW0*@dOL)N#lpYNW+T7dX67kHl>~k&SpMRSFMPG$~-F0{fuU!41Wbto2FaLdc=v_-(
zLUGmP%ic%4gGW$vdq{7@ODUB}*@ry@6Gg!uh2I4GhDihtmF8R!l;XxF^ZnM(ZaO0l
z%VPpbC8)}M7}^SE75_5<9!2_grkSHh%~q8x>O{)QJYx880w8)MY-AI{gMJxFuc5Wu
zr~NP~v90|uc^tz@3J^uYx?`tP1JhxKN+cWZKVu21avzgE(-~J=;7j4lmL6N$olj>B
zy0T-F{jY<ZY0b38s2}E~xKb|K^2I`8&Efph_3bSx>Un-Kc|q+rDJd;3CaZn=gj|Yi
zoc@dH(TDKtQ9n9*4B~jzrXLYK3h}n2^aUx=>URuxT}-|jZj`d!9ki0>*Dt^Q{?{-6
z@#Xj5e*N;#zx@3le~aQpav$H{-|*FfFT`!K6wBq^?cyQ16NH^pcw}L>tz+9x$LiQl
z#i=A6+qT)UZQJRjW83W5wr%_5-xufNoV}lYzn*nbwQAP4#vJ1vcgD4vqPvH$uRQ7f
z2WxL<a!ZlJYiDu}Q4y?>?FXl(E{%Wh&ROBOOn1!`YJ9yPkYRK*9k|YI_Bt={n)xjo
z2I&_qKzJ!BY%04<F0l0rJ>kojq~zUv*sGdl7<3|l<-K-rW8EgNU^UWQZkGaN<?pR-
zsGqR_o2ecY<-Vp6WQ19FlQe>&f0nG_0}PPhy1pm^N6@l)^PfR%Q;ch03Bmf^85KVt
z<?`S0w+Ef;D&f4_p(Fa{ZTtpH3g7G>4@W!8t^UB4lX@=v?LgpQf9A7w@JUJ~Rko9H
zz%_1E&v#o~R90q!v9}UzlSz3SwCO?grg>yH>~GE$n6T>@HIIz6(7UpGfb+DAWix$F
z*Tt<m)QpLiF(k#FYa^N%d)V99<6j(m_F?A7me%J8$HIM`<Q*2JQaF*2js5WfGoSQ4
zBUP&9h(jCD{DV6D<1_6fIO~sbm`jd$13Y~8i$%hKV`k_sF{np8jr0{6Ia*zq>xw{J
z=V>E?qcV!}AW?G=ysJNYQWJ+vWip4oOSO)pH^kzz(i@bCAs)crE`VooueG1^*elFK
z*oFZ>aR$e3XMZMBgIkYo7+PK#Qq~SK6an$w71ijY-sap?nM~vY8~|d3FDTFVqkha#
zBQ(|VOay1X8^Aa|lc+=Kd-b#0#NPO&Ee`J2j8s5GST4OGuUy)jw5%QYQG-i&aL|#+
zgqZ_?5baxFjvfBUN-yvKj%$mN=7d<9o{WVX67x_VcM2_5iqbdRuIWLS8N_nMcY9)~
zk@&tXHW5Z=4KDt_leMvmiprzw&66}LP~n;;7JdY_9AJXA&*Wx_$N-nxyoYQrZM9D4
zv)it>6#rb8v~kAhvUYjG>iN--Y1|ShvN<yEoDq}Mw)`ly{V0Tm;D=jS>T=)#(I@N>
z0}0LRYP1RH+d;N^)e0vM?pG0PKE*5@@?WY208sUDbYzxSkG2IPTsXl^p?t-Q;Y92{
z52S%7ug?Es$ib20W%H$PR*DSrhO599pEM;~)}hYcssFb9-4>0IVF96pi~xFBDUO#b
zuu4m16#q>gCM4uEKXMpn@@CS1D-a#}17i2#ra6oMPZC5G_>DRvry^bCIiR$Vb1~dt
z*Q<{I`#OVGq?VI@(YC4857vL#W~SD&Kf9-;+j9MAR<*>UT`nVNDmX1YQ&vw+>Fc`W
zV=Ez{mY1HoV|nPdfRfZtB-f}SGc*uL|Nd<&TrFZ?x6-o|K^XdH?G1jo#zC_VZXO5m
z49h@S$ZsOa)9mlEFxe(RFj!SGfSisdSRd!+shF0gxceI2BU86?vM`3-@Y{hJ*G{4!
z4)RFXdkYfKdO_T;^Y42sLD{;!LeRM9&|(@JqA4G5)^A}-kCfXYjnUHYHVj~CBnyQy
z5O*858K)!fYD`&?;hqztddOVPlHJ}cZ(2O{h35UHuG;=%8^Oj1aJgpYaVlkg_Enh5
zaMZaG)u*gz-R*ammOps=G1TSW;AXRlhVdrA=h?*S$k+4l+&Sal-xquJ_xqGQl$PEw
zdrxEsrgwb-h+>|avGGyFL-b81=ob6Oh9{g>ic&-Y`$-9pScOt#xEA+EI6C!}N*Gp}
z^h=MhQ)-{md-dc(aQxnSkGU7GaVI62nGl+Qq!n9O+Td8VIv+bT*p+`#C)vUL9AHhG
z$N=BXy^!MJP^4G33*C<2I;s|i5++pXkYqL1({bcMoEvBuB*b#viJHfrZ?DjmM9mtc
zmN}-Mm~!&5>(ZDH4X1vxF|#k!j()nec!ZsxVS-?tVA8gc)Hj&{O0RaXrwO@jJ{!2I
zcX2eG7*ifTKAV8-e@9^ODP*4Dx(+H`UcVA^?XGMU5|=`QXdN;H0$m2-i|Ke+KWWPt
zF!w#GD6&n?pC&hTWoq7KPZ%G~`$Yc5#SL&@$f_cA=`$jTMjI^Y76%{WMt=K47*3<_
zl@tTO4s~ATj2(|V{fD&zZuj{ynvk-&aeY1(dLMo^Lp+RhZa?ap48fj2%fxAFY(WY|
za&~|OfNH5$954nR#pjJayLT^Q(X0F82;5RxY@jJ)ZY6e1s^IM@Mv39-FUKol38EZG
z52zZ~MRDA=raX47?yYjhG^F$U99BewVeJ0?@dg8Jdyrb%Nl_|Dgmz~mZ;m4_$1htN
z(NSE=;ls3RWVY%WAu7`3?+b3L?@>f!EZ+EgX-3ppPX^{>Jz*9{&~~IL{#}jZ+-M(K
zDi-5HmGzu&7>@RjRy#D8(#UB5v0kgrHu$C7OIGnH@abnQgu38^NQr3N>TNW|`F9OL
zp<($#h7#%At28wuI~t+><-<x{K;ek(_^%@PtxG~^#eyv}+)yhVXp=gZMcE;`COVA+
zJpzb>US11^P#^NaMlBgDUjFu{v!G6Y&7}$zC)Sa}on**n2$i9ysJNT(YdB<{iBV7X
zk}<WHc{A^V+rU4-4X8YJ`5%_5JqoE`#st3}l8wqPSa7RCFu#Uy_C~OxXJ<kUbu+$^
z4g*740g8uj;-`(<*Q)hw+e>`1Cr~cZ@*7@T^fkQ{lW030ZH>_gA0U5OI(8UJ84-iP
zw;!^LZHy8<ElDokzEXYJjum=Y<v96SS|mikrhEfE*Nl%dYiLJm)L@Gnc3qzdWx~O`
zAa7{t6D)+Ynu{9dkw@#Af@*kM$a47a)DB`Cxk|SchMGZ3W(Oe_sW$ou|6U9)yK%5(
z+HRGVRzOviiW`&`rU+U0{9^H8<lEDCi<|IZ9Sn404u6tH;}4*{De*(vgn>OBy6WW(
zoA@r@0XIZ4GLq24rI4JwZIE<YcB;uE*gyn44TS3Zh^S%j@uk=N5P*1qU!&QPP}Ur2
zyXcECvr=2zBaTAueGh;VsdlX}=pV34;t35bgdn~7Sw29sg^(J389F~F_ZW-CkM|qs
zul8Ii94i`P1665qy;3hH(BIU8s=={FINX#tY`)?y5nb^7p)Ll+J_J99!n-M%eNwt6
z)tg^#0(V!(yf8^=$u%cZwuE8Ll`gs1$2Q4Cwqi%UP5c9>y)ZR}sQ!jr5yx&TjIIb^
zq)hR}YMCTP^b|j1x)b>$%2FbXv`NHB8R3hRq?$6o(Qn`t4BCXpA-N&b8~YJ>JwRSb
z^;>|Evh-`Sr4+4G^&Lp#)I!~F5qH^pvJWjDmzZtRSL#^Z{0j%*|IP|pC~AdNC7SBM
zKi>p%rRXIsf4X@je=?^hC;(hPAS}5tio>pKETV`1IW|0b47=(WPpdE_E|8AkHV^`3
zyK(Bvasdc>OAQu9fGOL*N_SeBmtOIkIB2u4FB|E@yt9L)J-h;(oF=cP^P$YjDHen0
zn$(ZaE^ojHS?HN4?Svo>0kKXosi^DaOwEr`D}1EZb^z(oJW_=c_D35&CB%S@4_k|d
zO@TG(^XpdZE?JbM6~P^l^;U}61RKn?6Lx`h$q#A&B+{=p1@M5|cTfE$C+r+3Vfoar
zf0fp5S2JCQp;F<ion$f|MU@YYl}sxb-FTJ%T0lQD;Q4;<l@xoWgWQNPHRWAvXQZaX
zDy+U1%19h<BcDw5_$P<^ErZg8e>NXEmvFbAJeVB9)~8R<>R>PT3e&XWmo(tF`<5P~
zaz1EYqs{Q-XSsUej858;BLv$BR|iU)&-x#5iriSI!o)1aZ__%fx9eVh_O@U|-re6e
zHqTwQ=nL5pY7p~R#d4WA%tBE(VD`W>Nb81nM0-U3N_E^a(|n&iiVT%=+nlUu#(0Ce
z-%HsI-XofQ+zD?}QT|ihy7fyPw+IjRU1<4Ua?{=In*$PFv9Fv5cSYa(2;$k)sYr}f
ze2J2m%cNCb9xJI79}%6Ls`%>Jzkz0rWxuO>6$*@fAWTUGx<G|*?7O)XulnO=fqsJK
z4Z}W7x<H7;_aOVX4)*$q5y{yLqnu+hiN91z?NRB(t<L>2YV`ZSlRLn2?Lm}@Egw`o
zK>L+q0^jk47#gn~VO}}sG53?*j}fnD6sTfMW2w@U)Nwk2fj>guiy#|Wx~~n|{+*<w
zx7r%$dOu<8wyUm2!|iq_QBwZ;0!0YO>+2TKRb4k0{<V*YvGC?Q@N>3MS`dPRe~3->
z4{q-)S~*GO<@X=w{ZaKlIMsA_DP}H{1&%;mP(bj<UYKd&qFLKtpyu)>>9vdHGs|Po
zofBk0-)oM)d;wI7UD3I`jS>}JCYq2DDoB4AXY$Y4tD)xn%&B9w8b%xUr3S44!*{!j
zl<%KGz*m;m0wLh#gXY;(6`kHaeiK#sAQ!?NQY%FYkHa(VBI&!fFV^5fDNy8_))L5;
zO(D#??=M|&uY;+|=qw@M;ES+q31wV>#5r{ZQ+AsRkITP{(I)AVST<cO6)W2bFXN$2
zW1T%Y3e_cFj*s66FR1J>58Y1Ncr<*CJ68!U?@lFt*gi2sb3QB?3x~*@p%RhL{m}z;
zT_GA7Pxlx=URo#!!JXB=ot>Pg*|nm-$`q7S&o-60+VIxXK0lE^qQ&f~zzfpErI_CQ
zD&a>2y2=Swu#A&l@i{b*S_dm68GD0(s#zNa&Kj0-3Y*~I2GRJaQ&yO`%0aISlFM_e
zSPh#xHYGe3Qu3+0=mzod@I-%UQ^geBcmIyatp*F+zLLokHoB0i#p|Ne&pB2oKqX2g
zH@6SYWxA)9|IvU8g=nzmPYA1bO;#)sv`wdY_AhEkcj8)#yfjcSV*pfukF{@Rh72Gv
z^8z}v$2L43a~)nVY%GqxkRg{WL}cW3v;%VzpJEqX(HgOxxNIdSI9KT}>UaJ?2&jCW
ziCRfHeJvqJbiG5>LX{8x{<sr1Z}(y9wM<a6g)(V?)5rjWA%R1!u|K6+kQ9Op9()5k
zef!w#*IWiZ5TSz_8l1tzg#4EdIN4Z~a1i1^#!sDbr-0ontbAD5!j_VhwS;7N$h9s$
zAM<;6$uPH(K3>X)XUbG`fX-9kNnP^xh*i=JY45oi8$Kz%+upU}yb`yzVL$_&txO~o
z_w+tN9&ZHj@?*ZlU+h5ly0AbZFh?xKW$+&uucj@9m&OuDbTMQFxQd!=oa8Ve;N$Vr
z`eASPV;-a)_IYMzPweBhp1pdI)px^9mKS9v_xN%<1!=MVQ#uWl9T<BX3(v3HXs4Y8
zIn?ANNbX^5X@;yB4$LEN@zo%?Y|3A+S2y%7;P0O(%T3?2RgqG*Pnj)eb&voyZbSuD
z77cU6>^Y|u$y2ig`mR8Qf-%kR>46lUImM=B2}5b};+np+I1>x<05Qf*k((Y8;@f#Q
z%3OFCxujVq@v<zt6@JM}>vSYBIh27}_0&?W+tmiS`|{A9`S!)85t;A=xO>gTptK+8
zM*P?q;|+K{4g~GdG+>85%Y&%P*KTJch~muuBhg&L%F{D8jZsDVFb}a_b#K0aGPsTF
z$^)^hOhL6DwuP!pD+skfZLHrkSC<NA65YKmY8c^oK%z}M(k(HVQXk!1yh8}Eaagxl
zUs?66h|N4-sM-Lz!lzNWW@fw4Ut_jd#=<G^4E_2;P62T_p4vcV(sh><UM9Q=vKGg&
z>inrGq!!Mrc)R84Z#b?>Zn0s=60Y+sV(K1b*@|TVY2{o`^0uf(*~DjMU0MkQGiRnr
zzwRtFh_9sWnhY#Zz*y)GjdN^KusRY^l?|tNc&|C0$=c&AJ-OOEf!2WCOOI5}Uo`5m
zp4}58shNR{#}Y#2AfZbkBH^*H{1Bpv&jazVAY3L3ub66#^8K{<#QxxZcf0m!$ulA!
z+q=>*G$*Ob@Pd`whOhpVuS)~HtB{q0pZS9Q>oQlzp|r(&T*NkEf$Tx&+%(q&J;$er
z@q00Zm&cB&T^k}IdqV+34|%1(r8)6~P^|X>#GGT!LubUVY2OV)WhwN>OfqQ%ISAbE
zu4cEco@WLJ5ohh?_0m7ddBm*0g<G)e7sk(^8Q$eb5(iHF*%fb(8m1Vr1*ltWagIiT
z+R!h4wUkq$bP7feYU+)6V!!YGc!?3n5<NyZCT6=!l;%YRBNTBLvQ!hm*T|M!uy)T&
zN*#%Wi>*EUx8@`jw)oEdHva(MSVfxxBH=QXG_MMY*?tEsB%MW22_J<Vhi64sJuCRg
zTsDS=j;Dps@4SI}{E=xE@Cr8@PnhArpB7|-fX$#xt1KTqlo$P|W$8<+0Sv2H)<JIE
zl#7APTbr>>sC?<m7ubV&t`grW#$MiC-y$gjPds;AMgZ2&5ybcuNMf1QmrZ;p#RJcw
z>1fS`{NshXBCA)Z1iyb2cmDD$s?;l30vi=<OTwYQnAxx(<T$6;CpLc_Z<FTcR4XCk
zhd4Mu#!}{*P)@9hESP_`5}(oY%zhXW=UkbVdS!q&D`6S@PS>S#;V8K?m9<GJju?XU
zX_HnE69RbnMa@j*sxN)aK&gHaG5IG+I=0Xxb7oxL8+rmmlMItUk!uiP;HGk6){v9Y
zA~$mf;}>c01Y`u9R89xA?U<@CKw{9`_?<CaTw>56Sg1!QLM!B*)(Z-<qiTr_vQjeR
zetIhM+%>FdWz<7&NEHM3G~I&H7>ku9(+=Rs>cXe9C!!@}dxHIV!;_c<E^h2H@lPG9
zL>wukPOj#Nbe74lvdZTdvl<)Ss_;vFJ5FvCg9%ZWU?jwvhzRg|*wgq(L}#w(!QD6r
zLeKJo#o`Jc>vt{?%0S-@485+BEtow5I>BBKdOL?JLT8X8i8wdvT{V=*?W>mB#sC_c
zTC?;9f|4E;4ah7~FKuyf6lj5gj1ZXbZ*diU7Hbmey~Jpk9iUbt<8M)sButC$a`H32
z$hvdMq+Hfsa`H{xv9$9(E!}AdU!@|cpI3}}pCeuGU)2hTX4w{F3&}cfwep5?k8zPM
zhVo!R1NZr}UCqEQ1W5GzWL$>98I?J%$=Gb7#21I<llV-LD7M{lQL!nn1#}VnM$sC`
zg_?2j>sc~3Jj8&N6EoI5t#nHJjQufXHN&ega&rNcDtHGu`M$3o&Oeug%C&9?F2Tav
zap|sWUB}#JY;pY6R+ME_Pk0_?S3Cn|KcPc=Amca!%pQi4?r9%8KzX6W{|HkolX{w{
zOIS>wc|`W{&lo6u`Aw54LqkK18!jWPXpR~)QTNm(DE<KzIPnZ11dZ7Q191vt2O;Hm
zRJm?yQWLa2n>A5lthJzKIRtBWvIf8Pxq^-OBF+{)8Y`Po;U%fCm#cvmDsc!$f=~fx
zouLrN9d%Al{sn<_O}CCd|FQ*c;}za&7!#Lt=@|h0G@#ZZBqOZV<*-PpsZ+ogH1xQ)
zMBc^9i68SzUFUx#f4>EPf(ZTs$G)mjv>zTJs>wN-DItc)B9esz*B!A|55Y3~i%s7<
z1nN0`D~wg$YQ4Q~A&;p<r8>d0wYItRvHX3xQp)o_P08@zKK->A{cB*tB4zQ`xbrct
zYz==e(Y|U!&+pNXQUTiTjD#2uxf%t)_Jn0hX|4IrkGdGmho*`d&wx(Ez9BMEm+xR_
zVxVXR#L%&|VU~45wlvadgQ~_;(JRsYnI#gWUg|7<YzNiCWgaq|Psf`2gOSZu*r?QK
z^PnL||2TY-@>^ifN+x1b)38Ub1+yf9z7@$5CL`x3c#3{GgxXsZgkxI&(CAXB%(}v`
zw`o2x6+c`fv6;?|umLmT*fZUzQQJ6~LXTY^SYLzW9i<u54Xt_ST%r71{8M!wSngj$
ziF^W2JmfW#Aj|s=bZeh&i7Tw8b}VaHbnA#3Vw))<v=93Nde1(7T{>k8cn#vkCdsBZ
zjxYV`J*_urqhYV<>L$`MpS1h1C7(3!J(6W*(q;Hw->*LuTD@RMXxUv<3wQ?d#g$hr
zDoW<66$Ov+$@J!Lg8!1SnD4gYi#&)sSe1btv_U3Kal>`$0*~PipZt{(??$5GiHHxd
zt5wAI-kGX()4pO_;Xdj~FiW*6Ibov2J>j}@tU37|tnhhBMXO{4BF7o*eFe%w1yMvj
zRl^&ovQMUK(9GLJB?C?4Onwh}_3?g6`dhMDMmiETyi7jUsibm+=Of9sF=dKBt)uh|
zin|z!y%gJE3#5vEa!bT4e;ZX7yI?7OKH67@PM<CwR7m%*1#La7BT8)GT!VbSL#{8P
z1BsOu3F@jWj8;r&{!wYR*tuiQbXE_n9d%XiIYu#f>xXCJTPXN3vM=&{(qBAZEz^4j
zo<oC0d=h3SnQp$d0`Q$$evH4zzryU>7MVK5L+nf!o}F#8Jz?_-B>X~Usd}N{KTed3
zQEvY52kIPlS>zh%H8@3*4CE|Je>u9d5ApX_A$;6Ct6pabhL=r5%P%8AXN$@OdrgYg
zacF+}WEs;e{oPm&siZ|>!+D5>*O*)^EU3f`(9~#C5{sh|E@SQ|Q6iVSfm-a!)87L5
z`-l)qIl=8V3no2SQ&>5H6TF4>7Fb&3!A>w>Zn-&8yB{hVZb-Nu=yA(pi!I(2G%<{j
zeu*q(NAb3!WT=>fOBnwr-8*k)Pa$%lE$!qoRCZy)<sS))2^HxA&W?_Zk76|RrbRWy
zg1<grBo-lQ3{>ZBfHbL;3vn7qjSZ?gJmz*P$x3>jR<SqM+N16Xm;mTA^-a!Gk3{%g
z)Qw9z3=pxX^u33gIk$cVn>_i`vlMvo1j%)Z*&?%<6GHHmvO+r{+<vv5Xbo0l_UVdt
z3jG&dH;&vB#Q8_1h^P9<0kl|n7Xie=n1dyIMO(!jg_=bNYqQUG64yjLMZ4C$fgu~^
z=kwe<_PeT}D)9brxz&I$-RAQo4`n7A#DmYpMl_?4rm1Wjox_wJIP-vvXaiJMtMjL*
z;!s?ypyEfLUAoDsIPBi5w{KYXT%nfO-Unk5WLo7b?R0bT+=dM}dm?9l<JHe*lJ4g6
zz!P50Di!&s8enzwI)13ZqcQlSnVaU|y%0S-bwgC3#06g~<A<COu;cUNFexdbW9n7&
zk66Gc3u`K2w8=XMD-Q^*jpM$5S@(EsJO|Ax;z{G+R*R_u><V%mN8?GYK>E>gOmk-q
zR?kjNl%O(EcpgD}^-!5$cVa{Z%xN7}xU%N5hB-|8RR2c}`QTC@BBm~aOhOaFYz#yi
zQ?Ds3z~WIA-#r)?@_FIkn)JL2+A7^4v{)R*16d}}G+MV>-@<Xe08)Ca2+kIi&sE93
zvbR%S%Ch0ARvxH3j1T2zwctmR0u53q8UVImrgM2JS+W|NL<C)@PwJ%Kw5<Ih$z?=E
z!DCy~DqzAL%8O<;N#1ol-WWx9e|^yecaG88_B6V1?`#s0u-%`|VVjsDcwg5%@q0g1
zGWG{|SXvdr6HNyU2rK9rPIZtIRDk9dk-7MLKXMciE)PP5Q)h@A0U!q5kJ0(@I6gaD
zmLl;cagBVfb0PH1zo6+!e{q)2&XN$@@mt@E@X9N_?)>^!J<v>9`LhyLW@)H8NKNKx
z$8dG4_bH2aHOhZsZu-HfP{I;vJZE?3B8LcO)a$Aa9bX(eq|b^djrCeczK>VG&2?>U
z`AL5YPrLiWmAzlGBVK6eHIv;Z-`Aab2JfER@Q9d`+~&}Z^MTS;9}WuKS>pRX9>{K_
zvJ2~IHK@}3zpMTpMsZ4MHd9d}V}SYmC_VJn-{Cc<X0(j1>J*z6#-={b;<!=#vxot&
zROk7l^q`ZM!2U~aSPa<kwvC9uK~baGIms)PE+3RyAWg`jg_<@h`DC|{DPKKbPwyW6
zh&`BZh0KkSxEu<6>OXs8t`N;i@rauiJH|USDABRYz6J-hUIm&EEJm90ezdg<iYh<*
zCoMn4tK`6LNX#=_e;OQ!B7(LdA-$0(ks1rauuxRFqSWz*o&Uw`tAl~_y;>F->X{p9
znH;t9EM-|pa)+6kFJr)cujEs~*@kWdo4bOR%MKufj>YVP1Rp@8bUrtJG`wo1S?NSB
z677rq>41?{+o`DO%eA@azFMoU8qunf-#@+_JwzMS7#~+t<$?^c(2tC3ZZoQ=-I)TI
zla>GJ1--5t|Al@&&Hte~Y`3{)zaSXq{9$4Weu5=R6$AS=%pnVwNy&$zj6*DZe!uGg
zw=uIR9`bs!%bH_yi|dN4(^W>S)qD6U;o>-Ii!vejE6H6yPGK!cAA;NyLGybAKuqsZ
za@-<=4iNwpZo%`0c&yGS#o~O3q~$HVSpI3e(O-<z>{^7_-R@CMJwFZu<yxg^Zn(i!
zn$rz4P5*9Euf7Wb6TKiV^Aw#zJqlFsz-er5QMV`IFMpnWxIStmWfH^CCSFB}(dl<|
zyVLh`IQjqq^6Br(Sz0%V*+?w{8;6(pAA5jU!-t`MDH-R~zTymGn27kNyzGLhcOiL)
z4(Pv}(n@UU#0->#KDrNMjJ}^%rPl}G0Nk4obPZKfxg8msdQ#34kA5f*l2ur~mH=7@
zP%UH!mgH1|dVNKGbf2F^tx9$ROTu+Ur})>p)<w<(u?AYOR6GPZFd{&1FTEF#ZNF*|
z1}33ZpiJuq93nwckWbG&%=Ao5Z^#n&FFUwg*UC(q>>y%E*pOxwj4BF=HG;PCr<^yE
z86%$beORqqglzbQ>y@C)M4}DukaEmPo*kx+G_dCem6IqNCw6*OOf{E<fgu#Jez7WN
zcS-g!;pYkF0I+S<)284qu=2BXGmU|z>u%V{RH9C9d^Qhjvn|7K+WiI@T6>hfu@klF
zxtOf{U^`FV$=Nhi79m7q%T%L`)QDYfbLoqJQqW_1Ni<RBic8N)n_5~^>JDXL^|-vC
zuXFNAPLt31J<e2Y|F2juLfzT_I!g~WT=Y%5*TPoyzM>%)CAIRW;B1Yu0c4|#ZQTRI
zm7d{O3p8Y+Peb~Uvxzu)EQ2h?$DC#u2@P9_+E#{9r|E@dh?0F_jvYz^MYh>cE4x_N
z=cUy=!N`<gi^WE8XK6CULNcI&J?pB9^h!VdlggUSgk<U+n^IVC5rFQE@8I7|IzKJ_
zz!kng$nEb*=lg(hc)zz;NuTKvuIr6Jg-zOU8j>{N)<ez{ihJrR>zILx@si`rab;`%
zM@Z~y>3K3=E6}J+Yd3ZXRT)Z<=dFf2fBf$!6?~eLhu8Tt5+t#N*Q?cZ)lw8YIcm^1
z8VXQE=_bXBrr!E35Tz|@*{-*pY&7{?-*YW0ko}JBh6@EhyLG^6@MV|2Yfxo%v!Ows
z2dbECD^itmex^L=UqLNT$*u)LVd9B`e2`Kr_=Gs9kNW)0CyMdQ&y$$jWWku!t@jt<
zhbllyq4EAvYW112vn|y}n`jP!FCoc;1bDb@u7aL)UIljkm4D!qcE)MNPxcc7#GZDV
z$S}bV?3;1R#rQ%T*Y-9?fe@vgoT^-5$QqP=cKMp6Bb?oT4_@UDoW`EOe0bL98E^8%
z=fJSJ;oStg-3f@srL6^YIr*TE<#nW(yXzJ_z{kT0wORjIc<FDv?Xe%FV*)#u7co`?
ze3iI!;DEtLqiIm9s)xWzb*(f+5&3fOzW1&LW0KNM0Z@KT>P`kx+a+<eoZYp{WkmpD
z#P{g#>|XHUJv#RKY04SVju}1_e%+p+vT^+v28D`*8taRa>@d0?ATRIJXUHXo5}Neb
z;fwII5s}gx0`e%E`i+&5w8Yb#-3<Mw-LV<d>&*<AtIqMzp<s)miI)B5+05*s!?VMz
zk;9v!ZLN#q^Y<Jnq9?%MXK1o3&~|t3v!2;gdGot4{n7OKV;qomz{1Rp{2Y2SFS=@@
zBm9Y)H=O;>j>khwbPh{G&D4!uP>U$0@{)*13>z_a)lHVW6IWw_kY)q9NNh#R80kq)
z&9p`6&wq>8HphoHpC~B7y+#J0fANNAwyWczXO4>*V<y-b)~8mTLJtS3f83D)WM8H&
zsq$EXLvo+O9TJM8*Oxh3M$nIFDoH!neMMAESP?OGOj?Ck&=Rq2_r0+5(fF!`{^6Vq
zr0kD@<t*8lyO7o&n$K$q0%*#iSBO1m_&DnRfcZJ`p3ve^S20>ocKcyS+E6<_sjS=h
zyehA5$Xx24mXzR6pN+3M_^_lrFC7ORT{KWxJDJ1*mc(k+g;I3>|LBw9?yC{|;?HWo
zBSiVJOb~f{=zczA9oQpZH`>S0=aAEUDx7PKse#$TRWNHrAa4CZ<6Wu3Uxq4+dtTZb
z4BB&}a9vhwVRo?WeiwZ7?f2q~#ZC;Y7V7}O4*v1uH*%}o6sKFx*B=>@%f3&sDKn$Q
znS-Bw_@nyqi`ZTR{?MH6y9T4&d_)76USQ(NIlR`631+t9W>%c8BSj(9(^QT-Cw%nV
zlqd<r7a%Am#^%p(A<|AYRL{}Ec!9(^)#&B>L5Ny*NTHq$<tw9Xl1!Ul9I?S{bhXiB
zR~_HX!sBIPX}gG@m(=XGx%)aCdD2b1?n>WA^qAzC_(cR;)<mq)#QPej>kMJCX49|v
zXUjjTw4!J6?+R_=6c&{h$4a7Y;>19T8KP$6^Q{?MbX0{+&Q5~KrwdTt$vZCqGBMk%
zU%Kj`u3c|XyT-l$Y-O9lbh$_PYZa{c{iejyLhvhW`VR1*#-|AsZYBd5;t*uJlb4qI
zJc|!G<D`|R7Z0Z|M<6)0nAC43MQ@b=<P|rNIVNgT{f?`(1gB#MQV6CgOn(R4M@F8M
z$L<55wWODbHe>y$c~{MP{?+}uyKm=Ed9`nK?SbKQm!V{TTl|+nXO&d8n$G;>=Jb>2
z9uby5cAgnt=Sko;lO8)!UT{s3qBPuxfpYrp>m_u@mw_aM4WU6}`dWYHE&e9nsJuMg
z)sHe7buqw3y8ANJizej${hiNtnZiCI{{0KIp5TNK=V&>s(+)2WTIMYs1d21l(8rHB
z91}7a>OJn{rjR15P1fQI7P(GWhSs}-hxNG*4BSb9)ChBDDz<C2qe+il<*TkLh(T2K
z{H$8<KH<YNznS_?;DLK@@b$<_&>9HZQ8(js@cHodj0|u&M+_~7;VD#g)8W)e*XSV>
zp8^;^{koG|VxW9hC8PHAabK+ghY^9Awp)Z6&J}F;&jayT<8=?NwSTwF`76ozPxq?R
z!bCn6!et7*7EKHcIvtCB$~f`7b>Nk4C^o^oblhHkDOBcdr!f<2VqB&mFR#?`r-`2k
zA)yvmucq=<aw7%^wjVRgQRML8N8#7<kJ3n=f$$}~Oy6s^{`(**Q;#5MSw8-Vz!h$N
zOZ}j^uRB3S?Q_ITdIgC%M7xJ^DW_N@8HuIZ(giN-#@lH%;|v%(c+j&I$dM{L+iCU_
z{3Pj{LNcsW@ozNfX%HvD<F+uEYp0gUZ^jt?f<O+gKzO1q0A#uW2K)RJwqkpl>T5WB
zXK|>AYJTia<BhNDNpjiPmHuP~D=xuP8_EhN$30FeZc5Wbv&us>56$1w!?Q=1%rKlJ
zCJFh#jcM8($$m05OnI3Kq;O{}Kf=fzp0L&Y9cixg=D#n9KKBj%Hl1yTEwGCuy*LrO
z=lr6b;_)OE;d$$?iS8y^81<3*Td0^*1>qq`0NjUWqc#k?(?ON<aP<<oMlUo_tH_+S
z67~x8`>ByxZK0O|n-;yGJbUhUAB|l~9pHjLn-ett2bN7-krOCIfhZaNNoK@v{}=Yo
zB3#q130|b4`%%`~kapS>t33YYN&|v_GR{_%`sc^M>p-%93Vi1nHGefHrWyJ<|MUg@
zL4ApA&$}yAfTuI?N7V_yJ2aE2{86e$#4+Jx-0*w!=ATI*gOJWqAl4B?_NYWa!oG;$
zd(ts00MrrQv|MY4DUyc%9xKrY`=hIDyo=`Nxr}@OA31a*70vheK#&O@`tR>aDTLS<
z@>WM$RcgT$^c!u%NVp7^^ax#tzniU@G6C0hI-1NlVvgRc{Vnobaa!8cNJ5*}i|uq&
z=3o`x83Q3@S~~bjn_?BV+Y|N0E-q+*<)OqC-q|jv`kM-1h+%dfQOQk4fYXD@Q9;e3
z;#X@V3^0pWy4GnOArzdUY@XfeG1mhEb3B&Bh90e*O|%y3Tyy=#Dc#ltQ9_bp33JNn
z!r|~ZP&d<>;lg-Qbi2h1#$zc4{#0-w;D}`W!I1P|FRwSGdtT90&Vms@2S&tzPk0{m
z`)5X!nl*)Jz>C1=a?jxW(8(dZo{W!ImIj>*+m8um$%d#JV(t4_LEo3TtxvCHDj$M-
zcU@W+wck&SYxXJ1^(Xul#IR){SHp`^6n~BxLEmT%==>rDm;`|ypVc4KvZ76BR{N;o
z#5jP3E4MU(?^nz>1yWKzhWD`J+T5JvEnjOnn4+&5E5o(vx`tlSH(*K(C()k_G+E0p
zq3J?iJKQkvHYN)LG`3J;Q~nd=FQFNym`;<t5c~~EE^+i22clNrq~n)a>KHVBDjgb?
z&Z?l-6tQxdj-s(~2vJc?U2180F+Pw*>$sHwrLs4ohh}9#M~|OXq3g8%8taqJ>&=d#
z@I+3$+k!ly!&Anvr$KjA#ff*hbENT85jMbXYjA+~l@3kGBdVum%JrKV{dT_OJJDSv
ztQ%EFMU~<S=N_!3-I+=d7Vo;SMi0)Mk#ZQwr{>^UJdr@ZUSOYr51n6LmaCh`UP|%l
zsml~aNTvQc2UgOKsJzje{%1CNpqfWQ@MzbWKBLy&jjA~$GNDdiHkjUZV9Bs7N_qtM
z<Ilkqr{6-60TL0TYam8C95Pme1(O<t<jMdA06taGAtumbGy(H^PMQXsMFa+D;>H<q
zfj;xHXtM=#zvc>E2~GC?GXSFR_6HptI*ZzM$qBdjuYN$R!Z~--JJaz@1P3?M;;cEp
z`X#0ytw+`_jz&bixF?7rMLh}wX!nVtwjoBKKlfjVG;eizYV``m6lI!oZ^~M*Gb(l;
zLDCF}d>Zue7qF<d&5+P@1U7E4OMAIi!-AMZ-J2?6B>sYJ2rUNzXN<01kD475W8?_X
z>uG1pXNP<9pk{`Zi|AvQp{_gKxFY30q2*477Wn%4BNPNklimPxKcQIh9}uZnrsurY
zhDK*rAAZNE5w^c7+`2S9f>lBP4ez4ta3b<^LhK4R2ihL)`ql91tPM$}`C&Qb(!u7<
z?4xvk=&OQcsgl8!i_Eg?9(T|zNA>zr>&fhM6VMDbGBG5K;KUd$^BXI<&mDr|^0(DS
zj=Madog;5waCxpqo~d_Wk{(B@Q1O63Z0&{0#Ri`D4Hx1?rfN$Baqdu1Kc64}YfF$_
zNkChoV)=F}U^og0HQXmTa>+F07bd#jtCF9dWStvYPT=h(H_9osHp410)<8mm!-?vT
z<^G9kSYsPYbC*hPqIl=BxFzsf$~z(bxx1P>2=9J8L%8(4hn9h+urC~m`{?m#SYldY
zU+yX_oj_3Hur@gI0KUvjlk<A`I@p{|!*G5oZ}4TiVV^tnW{`d?>g%r5T{nq?kKdce
zChqo5A?C=ar?SyZkx2J%dibcb{goNsv=&y4_sEw|G8DjslhrJ+AvI21nML-mm@<B~
zo;F5p31`$Z!GZ7?*g57dY8XMZZq@*kGPDT)AROnNE-XX$Xn%U!nIp%v;n6*|^=9VY
z+v9@M<$b&i6^bP!SjILTvFdfQZcESi6h(Jw4QMpCtP`!R<)O*If;8Re2bm^EYdemD
zwXv&h+kH-bS2wSNu6Sa{tww;XGEVl9IBPM+WLyNbAiyY&0!<;SS`5YX3#5$h(b>9m
zmpNJ~B5@K<l*<YUrp$LQrw1qqJQLI$$A{{aNGC`Jw-Ts+aIKdWmy(?m82cR!PEj#X
zqMl2|v*jFXmm=;-pImf73BlZg$p%-Pi|@DHJvw%_g>-7Vl2vHY3sFeoC)kvM6n&&t
z#?KgJlwb3{Fi>uu<u@>4pTOyi2lOtYq|}QmSYz8!iB#E)_lra8CyL1a`0^m5E-Rm)
zWYd?u#7ntTCXtS&befi&B}nA_HkCTqB?$Z=k;Hnv=pBf>1R2+k7i++fqS&K)V${T9
zSu%(bO-lC~%tfogIEjZf`aI;uYqY3MmIF<cNaQ#+3A+oR5ag>gy$CMa1%<`OPMqLJ
zvKs7u@#O(L`kjsb(c*dnZj(6E_)HTr;AAa&x5*sib^+`u^n-h?K3iC6Dz*A|{l<F^
zga0;VazSSFkFCOx?4Q7&8z=_1V@if^Xev>ERCSZq9dzl8+8DbY>7v;h{|@{G43SIc
zu~YiIDhsZBGXFfOzRNxAZYf{Ny~q3lnc2rr`3GJ6F0b6?!rOr)TON>VN%rB2DQ2Q&
z+)!N6juJu)sj{h0hSMfK7aQ=y4yMT=Fq;;l(P9gn0x-lZw6b>dw7u_l_~6--Kyh5o
z#T+9m|FOW$QVI8S=$m)L@q6tRsY~e#!MBlZyKq2yGmA%Dq3A(M8qqmA_P-Ws$ibB9
z?&UwBKnh3bCqbfqY%r++Bs^?2L`pQuT7c2&A<{6&me3$IjDvEII63TUf!<w7Qf349
zRc0ru<}_4E)+`0TRvk8uVMbX7v?-|TJiuDXsY}Wf{8Z?jL>@|70Wh>BIZWRNV<|Dn
z4?3L~Ej6^}0lJo6(hAe?DnYTk%;VpQL-<V-E_85EL&k{|KTU4Lfj=9Wf=9UQK6%6P
zfV97oljBt7qS0NISeq#x_lv>ZBm(;Wf<1O+RF<>VB2UP{I69yt30`3LGMK2aIwe3u
zw!%atwL#!IF;S7u^!^L70n<bS{SiR0Z=A{jSec5yNG|H(Qb*jvWa4I{0k3MJET@}f
z!x2Qt$l5{i=e#vArFt?dlp;pLqZ-<M>MNk04R^hf{PHzz=2s6pSB|&!laAB4-`j7q
z5-Y+srH4cEHC>LPoK@Rfs(}jdOC=h)W)qsUE~L#`q(=SY2&&5x*mqvK?Cc+hpPCnO
ztP%1<WQwlF8q+>;j*PVg$$tfMdvWUepb9&%7M@wmTL<={Cv7D*f5;sPJ3;7BLZKeR
zMUr<ZD$s6(o(Zu>ofTA+e`F5K<oaGOOXF5cGPBjRuR#nkRJ4a{dQbgGgH6-0x<avN
zwms5B@r)6N%%dZE6K94j_<ksisFk3+HDrjT8uqk_D9fQexZu(>_&1|rK;m{rK~4FL
zI*UX=g|17wQbu@Jp41g}_$Zs5jU8ir3uP$?FIY#PD*H2)`ycUYykLA2cD)L^LFe&@
zz^_~p^0j3BpeR!l3fh}WDV2!tjuiB9jj#Tw+PUR<b}^0B4fc3R>%yfo1l*39nZgKg
zt2#8gG&SX_D?QbVdkH=%40MnR$#d#w=DEV)LVCZ{rcH~yFbri-7g>c-S8P2B*0jO=
z;o)x)9oZ9W%-?<v4n^SZXXG=j!VIfkZw%BS+|P;lK&wB_OLncQ%X{_p;FwkCeQRBK
zA%R2(WgZ`muB*^4Mi}Ju-m(g}u5rIYSh0Ia`ard#okFJV6IYSemi4~az6J%drfU4%
zt}aTOO9TUkl_hUZ*Z~jP1c4^WLpnc=IjQT~Z?muHOs|P*o&wkPmmpN!hABgAEW2${
zZhnv(<7N_5@+U05&}KJy#QH)zAqK2=R4IO?FI_j6ZybFf-R*p5^JwkLltVDBFA<v_
zc8F>B{}f65+0=hRS3Y(*!KG|uVZmIGL8oQ&-Nvv?Tz%D5#I!_LOu8h@s)wrm6GshK
zR;l-Wq*ym6_GH5Pd+4V#Q;JOhc+rW)wPR(jb&gp9F=(y_;|wZ>iyd#egWP)KysPu2
zKAy?<|KK4P;Gg#~zF+<o3#Fc6wBn6KiK2hIl>+hL7JL7`Dzf|jZ3fFqG-}josd}JZ
zTcp=N=*5}v;H<r{nk{UXO0EKXWbv?u)d{oFJKCwY$C6YyZtiA&Q1b^1)WN8^P37|m
zAjF$c3|;;XXPK}t5#Y_mS@(_4kcoOXk8)L;gRyy3m?t@N<u5(HXXFiB<+WLrEYi6b
zz?^<u$|OlWN&q=YR)yrj)!WTxc-uu5oZW&ElHDy!=!_@1Qj7OIe%>o5zrTm(IbMHb
z10N`R?9R*{almaj+6s89thIX_Q8KKwARthDBKijRaxgFGdz*A!!mI)e2aZ+-U=;KC
zmDr6dEkND;%F4y(iqfkf66iV|`&S9I(J|P*1rN>sFUoOheoJQ#^ZU|xw13MNf)&G{
zW|_{N28m&40LZ=izQW;Dq<&uRr>~5>!yALN%9!pkpaG9a@jfP0+@f$5ov!WdGA8Nk
z%p93q=uG(%=_W|?z?}$mcx!lQtoR^uCea=@LVNjTeZmdHau7EX^Yl4HVdt^@OUPs+
z$o>7l8H4*{2mMO$LAIsC^r4^^Mo{w;1<FqMLFshRG+GbgyAon9XU6`=VilL!g7|2|
z&M}|qdzd+td!T8$7gln(+<;|&`D|<iks4lsCdX*0$g)NM+&{`>+I05kX4A*t?H0vi
zq(Ez9L{ptozHN4Z%h3th4qDplUt|V2{2w>IvhwI2w?Cc%vxNpeag(BHE98Saf^!9e
z5W&TAM1JA_PU7oN{&CiEcxaC;{k=YkZ-BjK)}(6Kte-Gzn5hak5{fND9R7i-g&W5!
zEI<CrMlk<dg&GMc160#+S)iiu!u;%{R%`qF*i0#QBZkxs^D~DERew=eX5B;Bd&H5b
zxot$eYxIG`&_7WU2)ZV-`zt>@JYWf-{<b%&(mp!^4t%e#X?3U)eJdVjUOmtN_8iAq
z7Wl)nCEzVwonx@3yj1}=m$c=#H*>aCr?s1X!8&$XqmgMk$EX{2BMq9g;-E{Jhv#Xy
z;eWRE2)>ueuWemvERSLUy@)Gq3^s~@dMErVRggu*&3Svul{Yu!*CHURuMZPV_$4va
ztKz&x_Tu-}q}GS|1vVqL9f3X%zgn6m7o+OMB<Q#>f$pcfjW&Sp+ivR<Pn&uw_jUAt
zm-0a6aup;{gr6GXg*DR%lO-UBfLJ}keq%ye84h;jV_6Sb`GGf_j>Y6>?eu}snq_1F
z%@rr3OhCXUAtn76s1_Bii-{qA-n@&f{6agY1dqW6k6mM?(Ma+y{($WIOBM1eeY~5}
z>;B@S+mr24(th$zfN*t;#EXFfDR+C#^p8Z?@dU`j0Bf3Suyi(uxZG32f=&OY?8y91
zSTg>t*j*E2r`jC@eC4z_0igW!oBm^w6?!R~ZGPQVWp$W~3)|}?!hIf!@|O>m#v-g!
zn5fYOMfmEgJM=pIjp6LJpy-TW9wpZ#HiO#uwXzYB(JB0U&oL_QjbdNdUt0Yc2AdTX
znrNFoGp086FLVTo5_ftaNr2@83~i`jxLVVJP*Y(ewdi2Ic@#b!bKtuNM)AOKMtw`#
z!${pS$k<(AfrPWnp)!eO(w9atbv$d=`~wqg;Q>VQQ0UsEyTR_yQ*J^wgL|@KQIF5<
z^H|3c*P$VJ*IYWR>6wR&Jhm5%$9hJP%9W|h^Ec=KB2+wv|KJS-Y}*(P0wvpgDbVNH
zd`mo2^0Ho#W=*OPm`vpq1t~qe%)?-hEM*=M{+TsK;Qrx)^R{~p%!F7N@orfB;gbEd
z{L5QOiE$<~=E<65w+BCkNQ6hVzi~&C=noy?r**`OPY!L2l)UA;4dx*B9D?t6_QxOm
zu$UU7tmy31j!Sk%ZS2EG>~gq^YsPf2>+@Aii_@1gM(|sk!=?24xN9Wlpg6@~idA<f
z&|Mdk@9_*`NU1>{G)Q-a7;Kv2)cUs2uJOKCB`_|N$d>pHQet+PbojW><4)o4%#aCU
zGb<f_U-!*6Fl|p4r>A{*q{u;^AMTnCn){|3pzGTBNt^$NZh)g!YgnMj1VL~B`As*d
z+mhv?qOS1nVRC~Kk`Jxr1^_Oy!v`(a4m*dCcb1P8$Z|{a7Z#`Mx!}b;Xl5H2O=jGo
zZ797OCdt!Gc~{Zhk&If@Y7fd0d44Nl9APU>RDJ8xbG0=3dMlt>TjDB4{DvLpW9)vQ
zWhw^WaeJqVWFJW0c~umnDQd*cLFtR51-gpRb+*PKml&X4MU*`D9a25EmxyS#Z)<yN
z#rFXgM47_+jD6=2;-GdaFp?<tcDOS+ER(ipi;0Rl!n=bwx={X+Ql~h%?7?Pb@f&eK
zzi7a2<P>4JB8VpNZE6pw=5mE(l-}bQic8+s!f>t`S@em!Kc3_D>%fTZ+l6+4?AGkh
z^lj^k71)qiazcj-Wkqikw>M(>FtYDw3H{j>!(vT)Sj=?)b#VGPw<k2i;O8)XCnlS-
zp|K_yg}CKMqyl?yv_}XPkg+}-3dkMm9m~v{e2mjRrVQz<bUQ5I)TGd>w$0M?$|OE7
zPE)Ra6)}<-;7Gx3>Wb|0d6`)7%409WuG38ip_^L%R>WrnKi?1JeBbU=E}vFV=64>~
z8$4R^x_@O#tUUMyI`o8c5HfnH_=4OX5P#DSi2bY)cgn=wp0pgiP$36ojIkzbZ6XpX
z%+WGt;=~?#49Jgfs-9*H9%3N?j;>sdSHH<vXKJy&)5DvUP6dS$on7p8P<Ko3=tQ?<
z#e30^*r<$3ULf6i<i`#6zw9Fsbw4{Qw)+mv(rAf7(_SIOI@eD6E^StGQ?RICA+&+r
z7|WvOKFkJJ-dziKo+^R~)=xPoYF}a7Vz2z;oB(-?H4azvaCx;M=#Cybw(sYxp_6kj
zbGS?>b~Y%Wnj27iK_lJ3SOyKj*daHYmAC#FRBGj(_F=fX_SUpq2Q-qA31l3y&DAeq
zIZr~VNt`YGi90UW86S<-n;hm8;J6w%l$HDmDwPQOo2E9^WKCy6$L#Q9v=zo?b5ZV2
zZ|G_|TcB?^glGbHGY)sEb;n5q%N0X$egjI<CRCK~V>z#TyJlb!IgY3ocM_M$9#pX1
z{H>;E%t!eiXIwvFa~8t!mpqPVbEa*o&=$kkwa&hxmuXSY-NTq24)2WI@=^;>`n(&C
z{6LSL=!oVNNktfkIp@ooi|D4?TJ*d!D-9i^OF$ZMot5|a|4;`M?p4-5j*q{qEjF)&
zjX6+zZAf>T@d3XrWxh_<Aene^9e-tGVfaJVLZ~V_jmrg1P$EhzkeA9|&>$@gXu6To
z?Jh|*x;O<`&YO)4lb5o87+G&b{*~#sle5~_;kG3Ew{MB#(2h3o@POH7TxD#KR3r<T
zs9oaYDl5<Fp*%5Lsi9urKv}?G)T6Dh{rf@o5L+q5$H<j(y||7>n+8Tar}8iyd<#9?
z1kATol@4M|p`Ic!_qP*rJ0tM<87lk-9nUQ4GV}ij8yIz>QfwtBagMs;%N3$JRw$z3
zb@sd;RqP`&g%f^-rP%xi4Y+y7gFd^9j+K1`Ro_OA=;RJnzq?c4l(m6*;=TAV%;5hm
z@ZlQB5wL~I{f(Nf-Yd|Zmhg~t??`2Dol1)osnuwUaNlY}I<FL^p_sAg$wKZC#yOGj
zS5ct1qd%zrbM2i;P~Lr<{5=g*z#3R-XMXW1<6lYv3zrhSjEJ3BkJMJHqgwY%9_x3R
zbNN4?>COHB2{&+-Vhrd^JAxRj4di%gY7u>6`P3eJ{%&~kol)D-b0Z|`qf_&x)_BLC
z8uQg7@>oJkmDgr}se3~G+MX%27x4)Ep!n}t16k-vy8=o^XWRgl%l>Iqrt;@p*lX(9
zX4VM;e#@pZV+ATj)kD<&P;`(PG6S+q6r%evNtrVo5k4?{j;U{H^r~;)0fCA}2m|&k
zCi@qnOeijGytR7|u5>Jr@PA<pU>^<+G&{|tFk+!uAsyvb+1WAw+j|?FhaFu@O8Q?A
z14Bj5iUkW-IG1f{UhM1CChffD6cg2YK5rk@dY^mW+uM)VgIwR2H^EP=!N`4quI}!g
za!9?fHDj8TvG%n=5l5=S5yQr?f$vAsg(Y;X`DrP)3OlxWDR&nK(+taPY+>TmQt4>L
z48wkWV5&g>>-CfvrLAGtetB)kbB*2BbKX2st6~nsRR*}K={>f}2(pf(TAi48`EIFg
zm#*E0k*pfHg^}Vrb`PnaYJa)zEw1|FbVd4394z1kE)qMT-VY6B(ZM2vq-fmu-4U4@
z09q{wlY19PDR1d3oN<(T;X5K+qbIA1^;RPPiFj?uv!WW@wE-?>aLUoMJ2&Ia<>_>=
zxxhXbq!QnGs;mo@iRVSs%=Ld-yXvT@x~@NfG{O)9(jXup4MTS~2ndMa(9$r>P}1F<
zO2Z7@AqYrFw}MKiBHf{se1pC|&-=KZZ+-uKv(~+5oqNykcTeoS&pvmZyGL?Rm9SK>
zunDi$u>75<ogEt+`K_h~T4Uy+s}+Hz&^D3_ikjtF%^cW4#vY~)gT8aPK&c`H-=$g=
zo<5YLPl1^yA<D)$?(6FL!R`UgYOGItdUg~OcZOUPp3hpAd45vyaY3PC`~vOCZRwM(
zh+p9a+-0?hF0ObcaD~+efLmfQ)?}n2M-z+@s{#Z)lBmZFI;jhaN{kkSJGDM^ULWo5
zt`s-X7e|UaVv}v6w$rmXIHVgsa9G-W+VbTbtNfto^!8vkzYOZ4;4RnkK4_TJyECAx
zhr{me|ECZG5I?o8uVyY&7J8`i4O>@X_U=u*b2~0l$pK7HGg5%eaxmF{k1@a~HsdL)
zg>|w2zTSRZ&B^$CD!@K1U-KShNs$CI8%zo5sd1fY?r2rv6#QR;47`-}mi@n@3~2GY
zK!1f9@Q~G-KgT4-3Vi#?XNR%~4e+Ux@|LqB*5;F0W)`X+)rIXTO4>q3C(yE|0k%{g
z)RZJ7D539rf-8LRe-s$F^O;!fKhrJcJ|?a9W_@2cK`)w!CnhHlf{av?6dFL&f@82~
zN5AYsS$<T|N-{<vpQH~`oFrDG!3ZCUZok>$tMOKxBcCXwQlI6SLy7(c^C{8|IP>xH
zN$LOIgZ!-j_AK-=k_=x_{TY@VmGAX~bTKxz32lpXHSRZ)3%8}GZShdJ3v_=_Jg$N_
zkX<^5Cl!BtDgS(XQ?Y{?;pWpX&a>MRrX~{3OGMH<3g(HjNr^}!*~nKO#)<PYQd>ON
zm8*j+a2s~m<ZVdyRq5PkX_-d`<~YR*CIacnv~rg5n~s0-n<^xHKBR}-c~AnM=n=?9
zy}~(nXRam)44ig46(LF<me|vikCRaE6r9+CjWZw=GnrAIcBY1;&CysfUZRomiib9=
zedTAZ7g;hLDPYff9AL1N$fh266pqE_ki#0TuH}7U)W1$x^iKYzY1Wgaapa4{D^BhW
z2%_3m<N@Vy!%pzxr55r(nzJI&%ghMuwWvKy96;2KFM2(i59@K#9iQtCq!vyyP?x<(
zDO1jpcjPSW7SGeb#_CEk19|Irh`l$Lx+lgQ#bJt}|NTrl?#nHijE@XlmOTNR%ecPq
z<0<uzC6)5#Ln7Wp*eZ}XW{5w5z$o_m`oqkE^-KTtgcs%~Ez896ac`oT2OAd53w3f1
z7K87>6%Fkr+lZnRptFHhM2i%8w%47f^sst|Y3s>sCHrLp4F7^Y8T>Ci8sU99$;~u@
z<HE<B>)S3HS54~&z%X32YFm>Nm`x9JT6bJ5%{QTF4gCsC)O#$3Z^i-%doXU-1)o4L
zA{^#`x`<a;>IV4_*Qf0_W6F($P*b0=4+4;%(Dk<ss2;VJxDKYC$_ja4x^Op?BktU*
zyVd)#C}Zp*EQBUTIWoIVF7O5Iqvq8HR;$5xjXRlhzOZDL=$ID`W)g&K4H8HCMb3lU
zN08^lQFRzsSH2Wd#+A)P4<2G?SxvW;=QCc@+<7u8Fh_8pt%g}v#%&39KHWGta1#c5
z8yb&PMW<qlhzB^PZI%KXNT0AQd4|q9mF}sgwSAG3&5V}gvdn+qI+tUpp;9?>wYgzK
z1LrSX1OySy3sYmTvRY$y33W{ogT*1K{UTBm=b_2$P*GarvDXoIG2rktYN{a>w`#!S
z0bXK4><;+|4-aQZh(s&9am05JJ~xR{1m{Kdbhw5TJSchTkkU;=rIKiDyPU6tgaAc8
zfmle(z_)G?zPPHS@?e?|)TzP@KTZ(O<+jwHd}y6Gqd9&0wl!VikQGXn(W~jJMKaKx
zHz61V9V8(Q+x|+Hq$z=+Zi)+?kckO6dBEGFH`59JF#RC2OOwHLW}dd2hqJJeir0(z
zwOiNKj-aDb3HRQLl4<X!41XXxYr`rj`mhZ1r12YTA*w-s1}b#<g(ZWrTjcx^L1heX
zhpN6*{IB0~;tNRyiSRDQYx6C<QLZ=Aj$~44x-+yUqgz*bx!5)v$tJAW>c^Tm&bkm%
zF89iIb%x)*Y>tqH+LcFq#pa0hRV`jRtIBaM_##s!7jys4Dfrbgdr2>os;_^tM^_5~
zF2{NfsHyXcmKkI-6u{9DjTX`{<X3VaAamY6t=+O5p>}#E=>1ulddIOJhsr!mw#BaV
z#KCYt=K4-n@m838#Ahl4rl~X{R}s0+C{AN7+=O5QEI3I#fiwxoZqWE)toWnU!eYS0
z5b;x{I+@mv&PP%4)LBG6=ld6(fyti^r%!{>S%p{8#*LUwEUui(3b`NNakBS-@Jw5<
zy+1%_o&J(kK!U4{I^g6l9g+721%t`zICTAcVDj68jDpX&+S<KqQL$V~*d#fEB5ia`
zBHpiVZYJ(;h*GnLEb+<rk-@tIG-HrOlmR)cB5h6Sr+Wl9*#VTBEFEIs>(dRwey>Fi
zS+?FwGY)x^bw8UT+&Er)$_EPbmR3>ucC4J&Psyx^Eb+nNrUYjp_(I~QevlbjB5H6v
zQK9(Hl7*)+H&+j)-LYtp&lqmQl~PGw`K;Kb6fu|0MWLWldup7ItoC3X*-f=0KK>w>
zB4DX$<lDteCZBmx@L6wFU^7VP`l200OBL-F2><}V0%Qi^Jw~|6|A<2a00wXX0CMD2
z4|^_mCl@=YwWTEt%Jnnh<@9i{kI^%R&I$l8ACOBF<+BgjCK7_ory*G^%A!B4bLbD1
z7%)&Ugbelkd<b&8t&OA(gXH|XIjf^u(7sYSWZU2N-$o=1S}Dg&`Ksw;Oulm#9p_*<
z*S4K-hF6wo&r&RfV1jtFqWkLVmt~luUi*DZGkwjuB<e(`x;vkN?K4iTlIJfmQ)$yQ
z%_+U9o|?&YLFS%c`o3L>>?l>=nc({rk$>|>tS1kb9NHjGMS1|QD(9F)r4`Mx;w6WP
zIl;{Ez!STxFCsZn>~~up1qM@5qZjq@83iOiu4SaSm`LLE>V@SB+wW~Swce|51vNS&
zRweU0L{t~<m-{EW6YU*;C3SmQSWr?l+))1`$KibW+2`Pj&Xt&T#9Eg8{B~3EB323$
z@?|F3HEd{8`I4bh_^@Yg{WhPY(8HEq1YgSeF`Zss=D|1X^*TB_&fVp^(H%Qt^7+uc
zac@lH>_CRTQ4D|m`~Lb=dE?CdYbV(2)X64Ns~s%NNB3FTpHEDGo}UEF7ZJlIuTHs1
zSm^!Rg#-NjTlEY#RiygEB{e$QT^_lT%+qi0WXu%->RuC8;4TA)(i(B5YPFS2l1C99
z*uaVf7DQ2v@tNeyWEp7q*Z?pm32T`Hp~}K?|4O8naLPSqSRTfji`AoVFQUK6{!ye$
zut3FRzCsk2c@jr@nPpP_`I*x*I?%pa#PuxD=hI}%aV{-R*Hn2N$!h~NRSCfgfqq6y
z4Ef^@1@t^w_-63SN4jbAQ}g6R8>%^+cb{FA`Yy{HkUZ&<<*<*l05z&51lR$37*kYO
z$Q56O0GHVmur~X9a|kH?Xaf9#WMJynTVq$Bu4y{2rrWZcCaE*l@(NYnDv9nzNqVvZ
zDS9hDzNSmUT@%6I4Q3CATrVlIr{j~VnGe7P>92IEu6=I7CX@%o@8Vs|PN`K1EIM6E
z_$(ywh2RR;Moehh=(+Wt5M0$(;SqNlM2uX+<H%iW1Z_Pby03>k(IiDp->z`whheXR
zjOlT9Kf+3LGi552g%Md}x6rlXD^F52%w;jhxCuMCb)EHV1`NgWVFD~!o(Nhqm5HJF
zj%h-3k6D$3BhVwu=BC@c>vO<IEMPsJ+Q}kaE;{ihucoLOK}WVc_9QK$ArHA}+w-V6
zrvgWxC?i9=Qu~oM{Rt3J^wvX-6vNN&&Ro&94GUv(KVDo766y2aCYu6>gwAfQNd8la
z1p>!(7jFRo9IODq?O#d^g?ZXrLT@y8$8aldMF4oMpYOf5s!XKs|3O|xyhJ>!{z(ZK
zjmPApCqK`VruH`9U@?E}vFf=Esg`b<u}fc?v8i4wgKCbRst3_8UPahwM<3rYpRNjh
zIIJ&(AEjv%O3e8f?n%Y_bT~~RVO1y^Cyzv@OF(@rTsCq2vuSN?5zm8q&t{D&B|+B_
zaso0NZT-h+#vk{4O`{vW#m62iD-E#UFLfm+ZhnOPH1I_c{|Kme!=#d{EYhho;1MbM
z<hY(%B7a&#Xy9w~VX@FxdWb+q)yRvU_Sbb)9xu#xs>bvSvZ~A8tfUWXQ)Ho4uc_~0
ztkjM7I=oq@iNxipq)3apbRPj2&j~i(CORfWj}9+cB0EZo0^%4gf_&UfyiOYqc)%f^
zozJQ<EWnkmcL%re`uSP4DM&HhvK%Ev<`M#)d1bF<wDDo>lCi|ay!sSB6c;#qFIjI3
zbNo?{M|w!~ve=8mK<&hau-d~jhYU!oC5<D8S8h&KXJ3#UDoi+``)Ji3uDNQ*`_PS|
zS?~$yO!cfhIiB$?B~=V;?2X_{o3`|zAMXu4_W`+9W>aE3-it(Bl2W4uEZ^f$Yq>BJ
zX_0#dY-pBSRoI^_K8gt=;YxouHsHcUYw%JzGr5MJRFe=p&4#FSc($bB!)mV!ye?&q
zd^7{{%`B?XjAdrme^fUi=1vhG$YUb%@&#Kd=-vCn08vORtIr+M>!-Teu%`JD86B_X
zu>?FNo|FhhN8_gU@<&#Kfhcy5^=&}a+l6|<NrEM1vHTY%?y$GP8x~*0ExGJ=TjWx&
zjf?R7Mh*h)Ej;UlMrH#>!X7I$wm+;@Gh=U8&x{kI2^AH0NcsAOQjyp$7E8+5t55hI
z^x@Z<e7oya)6-DFa+gn52Oqp8vsXCqsg65FeQn(qFZQz;KBUuU(pZIudNzWOp0<Cz
zq8awO8XcA18<<JKhb{otiqNXfds<&2To>UdlCY=K!nL3~kyi!Xd}I60w47}T*Q}$v
zN1Cg8eP1^N9L1IE;+WP(v8_M?9i5u7Bg^7pOy|YayG)Fd9+bW=9vA75-F8E_ZKd5d
zzt+HsAEbwOg?9Eta{?xQSe?{l8o^+B)M67dvtPn}U0TPwXKM(>+~1Vq!;!JmJb6Eg
zXqVZ7AbZ^7?ctO*GvCK~pAZi!Y5RptPk#5wSk6rRl7rza%PLfQ9Ku)mY{BYcp7V8~
zD2+nKIo`;m<yrrGM;|jUk6pjZVZ9k)%W_v{@1U%%t$^7W^`a!v<9!#alWBgB^CvA8
z%>vwnGL9yXJ3An#78rULS{`Y1`L!Ckr-TRcByT~gWnxX_@|SBheQ)pf?6fXRMD8;f
z>743eD?Y!vydT>y@~TV^EZ>$|vAHJM9pL3Dc>m0$`moegoAj)MU!k8JtZfd4?~Vcp
zixI*8N?6kD@fgL3W2ti58ZgQn7t^h~7=7|6<###^RrZRl85ZeCb9;`+QH&M(Az}nD
zC(qYjQs$`V?~b}@O@J0GFe&x`w~{qc)ZBaa8r>K|gIT6%Zm;jjb#l6UJPilX;!p?s
z0{}I__(Ciua@a(GR4kCx5Tsiu2(OcW4@iG2QZ63#{g!8Zf!F~?FRmIxpEMQ_n_j95
zB9)*tg-@s?3q+BRJy-XyY0SRc;yPOFM<@J)_MeupQE@A>18D(CQ2_v4WD0h%w1;wW
z-kh@%RUJ`z@T97UEWv6e-Kad}Q`NHJxJ?mj1uwc2%)5_IW2QRjtO-@Gv$Hv>2>5f|
zsGze5`(EyDqiH=*1)$cB)g&8|Z@>mpmEy?bkAHVE1!Vtv#MIBx<@l*l4SK13jFYg{
z46V0x$00dE`Ci%e@}7#U;WWgbPxX3aZVczc%dD#M?aLz2e&O)Z30-`?qP#QvaROW|
z$}PD{B743KeuOYLtM^!3zdm|bOd@{Pp2dxb7@w5KW_GGRL;q((^|U05ictUnHl*)H
zfNbc0{5CTuC%d2Sn)aUEEI05<UyN|Q=wqyCDpPmp``QNXS2f9B%o8f0FgeL+nB(}5
zlcZG<D0#F`;)3Yze9QfcxKGq<b_4^;4?gQxnj{t*BTA~6taqy%aG5_)Z1EQX<|P``
zgFtiB%@ZapBX!&6n^F)NyVmYcb<#V2_1;_lxLhboWzs58{&J(ZQQv0xE7UgVZFH~X
zb$2K9RQPIhyFFp-4^3Huq-Vzlc{0yg4O$<VL?{GNfTc;;%_GuIJ)Ef93}uZRY@emD
zO?k7}cM^W`d!Mneey_^gLPM1QEe-CeZ?=!wzz~y|LcOeXt;tzf4=?R&uZ}lxItVlg
z^Imru*vA7ss#<!D6+cqIQ~f)h=~sV|TCf&jlc>i2$LUJ>x;RG}iVeot^bHSY=3e&)
zc@iwgADoESF?sA2r0o)uo|v*UVe%Af+<9f>x^#c%OmgO^^TWEFR1k*Tbz<7O`o#u3
zy3JRls_(&WP-g9wX!MZ`22luLLX@j&l+yT3hEFz!Ufqa&jmG_%RdgI^kiq<QiF5Z!
z+7UZA^n)nE5$#)-cb!ot8nxu3Gs=GsYS~j4&U)lv#vrAa;@6=565tz`{P)oQ6y}~p
zb(|n>ph6Xq3qa9fBfq%JagLM=2)pd;4jxY4+<DNfl^5j*FWXn|zo1b|yl>l+MP0l@
z74d#OKzo|EMHG<2K_MUDDl{zEaH4QP<%6b?^2Qdp!rdCM$Y+td{USe|>W56d>wL=h
z>eZp84sgf*tF|K21O!X6Q@jp#!9wq?AwqP%$C0fnh_NyyobQbfy}2XD_!+YK#|!Je
z%3iMy`(`h$=(TsddKeA4Cir*l4N3g7t%zkx16rg2n;`ubVq{yN$T~T~EFEEBT~B9A
zsPT;u_vj93ba4YOQ~D>_+%^KxY@g>D<zf1EFlO{df)5>4&%fCd8Di@imeN5Y?(A(3
zd-NS1o&ZtmMjyw8Sck6!X&VSE@ecw!p$Pl|o0Y}-M-S5~76J{2*S?kFWq0Ukh=&<)
zOloaqA+}3CJMedsF$Bmbh{tw3Edz=u*r})+>3e~FbOt2vFuLQD+pBfoMUyKWRl!5h
z-ieLj@=_Ymjdy_MKieTM6e)|xC)IlTRp>MChX&R>oYhfCRCl_R{uCg-&V@0{IDwgl
zH+r#U00ZM?R3zR!9GIY^>fExxliDU4r*<o1I7K#_@rBnRcAjQy;AZ2B*z&jd8G2&f
zE?%EuFjV4T(bnQ1M`1z6`uhCsw=&qw_aqdM7<(CkmMRJ=3EJOFIfXuTr4(dOjvx;p
z^7#GpNA@xRVBuu0<>KTF<uY}4zUkaQ(Q$z^?btUZk+Mhl8;VT*QM&#cZSLe^`ET$j
zppEKF3?!QV*Kq!3@JG2ok|M1W%-Yhy^4FQ?-w6ET1WBfxFaXVo_kS)#{~`$J#rn&<
z{r9r;Us=3An^noa0RT?>umJadQy^1+ln)*lzm4R7SbnM2&&*G*pNjQoxBR(2{>|wh
zU?70`2jSnV<v&^ebkP4|L7^7;$?~_m{wMU$8SQWAeM!v!p5Oii{y9VZ4FpR4RrB9Q
z<xlXRmgsNrs`O9r|6-T^<oQ#}|K@owgZXbduceBPl%ku-8yD~qDT?%Rn8@7!08#8P
A6aWAK

literal 439831
zcmY(qby!sE_dZMs2uODgAi@xm5>i8>ba%IOcPk|&(%s!4-HkK~3?0%nbPe^6=kq<B
z_xHyhX7=?w*Iv(xd);fTjiL-95<VOp94ef(7^;@!pxlQ9*sn3zg$=t*?M)P&>>Zq0
zjT{_UJZx>`Cgjk2*f5aSI+fiTQ@&E>V~PuY&1{=saSd)@u>Ar(K0*T7d3p|!<+6m+
z&^07WoU&}%a&ip55}thx6&e}N`I@uoUCF*27+FJ#l@Fjq?9H_W2L!WY@Q(gztlpbu
zk+g7~NECIi<x`^T{iFGguZA8_wnUDGz2o&pC<0IBeG=1)rwEl10+r0|Vf%a27o8|A
zM2i2<5zam(uA#%jWJiF5!}<Ro!NlIl?C%+ZV@Ird*{~)2`#tOr)@iwVPIKSt#gn3O
z{cxer|7dI__)Rta-j@LEh^q{=%=11@PcdRNN@2s)&!|}wMG=}W)Ay!3<Xa9lBoWm=
z6n4xS{1UxAz}qi&-}1Ir*XQ&t)z?!r22|a%t|^@4`IKb&4-Dq{4{i^r-w;Hw&|FT!
zHjy&w;M33i2_whTm+tK3U-f>&>Q9cq!?~DhYm4f&$hZo$hX17ZvHJ@mWn@`aRA_$q
zZ!47?^!C(+Cp4<Kxi7(=gI&FxRw6<NuNW#A3Tb<3^F|WOHET>G&d!HgN<oMTvCD;b
zF-=1bBnA;OlE=gaM16SKm4CLpAYz;^uR{-9?T(aMh1?zx|6k2TV1JTHMTRMk8V(K*
zra2EARu@Y%TeJUtvj5fHk(P`-84q>`(XPMdq27EWrR1it_D9e88XSHGr+kh0L_&9l
zZ}GO&sEV{j`e^tcBJ|NNX2q1=2_wGSEdUJ&2XQ~(Wazag;wH?6<K-8>5pJdJB=Jip
z!IWy%sLG(7=IznNPMnq7`D#nb8>N|)|Ip%T->FiX8uATzL^G_c%QL8%4CV$s9WpL_
zW0$XnKP#CNcI8ZTYBJKI39_TDtfrPXDj)O+qJ8JNy6@zI;e}__+@RNhE3W+egA#(3
zyO$uYkqJm+Zz0+ue(g`o_O?wfcW{>K*Yel7KCCeByr|W6Uo$0QC#2pQz{z#R+di({
z@b#gQ`%FV^lx??gJNSdUO52&55j;e=$#-kP$V0G;xuhF?jkO)r0l3*3(Cy@(>ilZ0
zv9RUlS;>l$4GdD_C(R(>xhR@LuyiV$S}y$|Ak|HD;mvd-`OTN0t+DHl=|-Mjcdi;P
zbqSg2CR@w8LG_^<!9c%T<4|&>3V1_~uksyJebP<ws%PG6=Nn}n&yN%BHFrh`euuDD
z@Q1XaqBCa4q-?PPez<XpDB6#&-c$ae{3=W*9#8IIY!mB;A;K%pfH!H|>Na?_#&ZX~
z)r08$2vidB`b7|)P#Kv<O(P#tYqx?>VGe(G)*tbEa6$p_<OkjSxwm0Z<XknpEc~ex
zcnvMGf4p6n**ISH^Le<?5!A;&t@69wp8@!Hd~8>>^u0cuIk#Z#e1cYGWm&DgipKnU
z;``muXsLT}KrgWifeUX9(N8G+ffz>up+8_6ZjnPhz<nTW-$AZC^+YJNJO@!9K*6Yc
zZ7lR%9I=gp9?c<*eZf?>HGOejw|^`0SBIaI5aS;RjZ1zSzpj&m_q#7A^n3|Mkp!u&
z_-#>8-u_=h19NaDQFDl*_^ozvVVvDwzdVE^>1ed$4&x9@h+0H&PewGQuyrfu%<np;
zOjV0If@4%^ZP3MC8QIlFJz$EH{t>Ap8Zq>i)`a3`J9`ZNXY`ku5R>6ZHzM?$xcPOH
zV2JGyn^&X#Z^vAkW?DoFCv<jo@rF67NF|PGC%R9%eJl8gs7j`X93^kMrzyVIcVhwd
z4j^|(Bj>gU-roW*;J-&jHrdG-7D5KukEqL4R@TD5>yf2f=H<QLXUb_0W|tT&j;L`w
zF2tM&kyU`IV`yz5&(3cXDw}Xw7ikJJB+T%V4&vr~Ii!Ttarrb1%7j}){z5u+O+Ch#
z{`RStp-8TP{~al?B>u$a_x{JjFr<u+2X>M1)x!&-fGU&BO!t_;(RKczHRlmwV^E##
z6;3}iU|vemaQD~Su*eIVdAH$yN$uv$mQO@>)rtEVU-IqW`Xvr$u5H8%0?OB#Z<H<c
zq_tQaX4fA-o5`U^{nEpr|7oV?tTl5FC`)zqzO7AcE;nPbPKi+;VIC$byXm6`e^1{#
zRfth+p&!Jz4{t-o{f5#)u{%oE9CRC3WQ5W9yM#bDEAM_~P1aAuw2df_T6S-f^P*qX
z)qq%xE<2I~ygxottyDYK5~n|yB6x@dPfPTm7%~RUv5bpbaWXqqwXYPizm$j-{>CK8
zAKqii_)<YE_fJOD7ZU^gh|~~?8BaX)vNZzUVvKk}5Z3+6*QkQ1$9CIA;rFAhM36n#
z0o9}<t3-`+*3sW+;i63?v}i`ey&|<szTF*_GZ&R^_3s#Gu-2`uxp*d3ZAk{JciP~l
z#Vs{?yiZWj?Bb|*@w8?|e`L*$eUN|kz>;D%6l_C{qhNSDY5MRoHkmA*7W+VgXVRs6
z%#rD;NT$-<-z%{$F(cAjko+f?U<6&HT)d^!DqcF*9O{ST{$-Pmfan`Nq!2VldGjt7
z94EUmmi6E@eN9IOJ-No*GhFi;2^@+6ORrq~xLc&m)rmd)*;r0J{e%L}b&*bIoFd3#
zaN_svRK)yR?g-x|v5v0c-*sp|nk&`oSAC@0o&puK)n`=BFQ#WRD2Oz%@e7%%YSLO~
z(~dn!nWZY!irLR+hturc98hCdgN9wj3z7wZ{DH~>>Fq`7ra^7)iF)$+?0@p@gnoPu
z0knu{)|QF1ZhCj<l_I~Ynnp#K_=FO@Y}FFe1>}%VH{@_fdA#|3dhy18rSmKol#;Nl
zL6fM-ToqoS%j-XN++^WBWshC`tG9Ns#IxSKS@oPW<NK<Wx=elb5_A2qQNhfoV3GP+
zPg7E<_jC3hIR<tbGG_D`GJf;piOLlTj2#Eu_tJR_S7b4TZYWHnm7FR&<UCI={@+wq
zeMgbZ4|xH%3ZR7}{$DC{w|BC3wlp(yac2GJ&p-L>N4s^>B5z{ltp+bw8GnW~2{-Fn
zMN5nM``114jpXtXqfS@pb>k@CkY4kuhgs<zM&4f{1|(q<csu`&ca^Uymu>GM6z^|+
z8Gyz8cv`XIH@_^?-1z9DS>f)#`na<SxxO1)HRxQ~x;_&*)Sn@1R@c_D2lVMb>|8-y
z^%B)sst)c?sK9sNN?VkwMyEGdYV9k_8fnX`sg^3nN8CCLXupF))$sO3R1Z2I&H>x?
z3OY<x=(kD&Lr?cQr3Q}is(`C9tG5YF`~m`DM;ok8YW{Z<o$vh*^goog-nDzKUxJ=$
zaNIc(?)+_45ihf<7GWEuluB5uRoWXGYVRjH+Z`V>TLc{BUY{3EB-}UfL*1?24g9?u
zE52gwZ_HfRJ((X#Bn~HxUe~f^U2Eup@|!hF9wo1){Qag4yk^>ptGv{~1};O_!I*hM
zy+~8OIQ#w`!%WS}$9{OFRTm(+<DO2zOZ`TH$Lq>C`>_JGRZcv9PqnJY;;#?w(8*4%
zVCH_KdVjCC5CfTg`_AF3pchp%=j@*C3n~8EtEr9r`<M6Ci(o8UZ{M2h7^rtC`jukE
z7!%f?2}miRF>0zoesR`zv8BjX?>b?pxnZYCh@{W@^NEGXF6ND`&eIRuQG;6{tX%A;
zdk6xOZRFa!kU@j@ZijNHI1SW27GSnyQW`5U@d;7!s-S?y?xBQ3<38KSn|G4Llm5tV
z*Y1Xhf@@1DvoDICoV^~e-#ySfwt$#-<_!oRd8T+EkJ%TU7-Z)^L7}~^R1=TP6nAR)
zFLF5dB3%5l$Ll&32||8+02JPlxn@4Z4y;b4KqjU=AKjsX8GDba85aH)7cm=d{^pQK
zgV`hh`L2l6)h*Y!Gg;DhLhsWFf13mQS@lNs?#s?Lu%oI@r9SZKR;wJ->DvF{&*O&c
z?S#LNt>};A`>O4X{eANGb8wt{hx+LqmJ-G9TX4OBpkAX8gFA)C1~-Lbh6byKwJ)CR
zway!j(w#g14uaN)W1U$4n(4Q*UguyVriwD}6n`zX)(4RO@r=bj&((69)t^t+#U2OS
z99HY3cy?^-woE4~>v~K#MLku?Cmj!ok82#>lV)x?BZpDC=2e~X`sdUW9YX|kx+XoZ
z=-Mu;t%F`3FDiDgl{xR0c~5HWyf(<-@i&t9xFDLvAc_=`f7*0$>Fm_@xyL$Ie^~#>
zrAl_EV=XFhHw+#+;2Aowj|Hz%S3NDbJ<JzuPZnI|$c*L4ylQtoZNvJUmED=yd9xk0
zQU?;+ytLlDB-^}f96RW)i}=#^*x|WM;nQz`uxorX*&ndd?6K0=-H!^5z@Z{S^n4)o
zd_eYmuno|~*t~oa{lokX>~F2_o}sdiN5{-g-Teh08(D+X<{0o;R<i8|1$4=Bs4k*9
zUeCSVB+5OiUs7|olFu{uR8*$YE(*o4_L6(|ura1%tx}<GjQ*}8M@Yl2vy=gXX$eiV
zOdV?TQ~W*LBO4kBcf8A#XkYf~7gVEm$6%{r0fZp8sv>u7>>to^=C9-r*hUxgr$Eo$
zvaOH=&a{*VHUPpJtg=-q$}TA;FB)t~U(2o9_HVCfQ*IKr$OB4dpS=8Ey}PUUv^~Ge
z8dr8oJb8jQbyA9)(U>o!P{jv#gj=e2Sq)ECDBf$Zib3}3Ol3M+C`jXV?_%*s**Vq~
z49is?FZ<=M^-Xcmm~rV%u(aQ24m_MAy^8c&!UJ+>rH1&1wOO57JG<b}rk%ZQgV#K=
zJPBC5dX?L0kvUVO<ZBBsYh|^=W&oPCua+R@KV=_Ie0<4j*Abzq<J77a7wTQZGQ9{X
zk9uhp-d^9CG`n0n-Z!khSB16J(2YV7(-TIyG@Q#PAp8;C`m|<6hi@h!fjK)p_|kL=
zHItM6O}$9gD|kB{Y9Rt4%r84x>R;I1(O5K-U%c7yQ>_KM@H&qaM>;LWNOb4u{{G^6
zWFdwrt7$A6^pb%JgPB61#^qk@t(-Vn<GZPwJ7zf~*cVr&Le11L$GVk0CMI<zUsw02
zD5ho=|ApIqMPNVldgc*y!Et)v-?{h{`X&wI1kK4cvN?4Z31T&h6<=19$^3^?m%^kn
znq6aXqq2dMzp=N=!fY=%(pzNIn4c+`o)bJ`wrlE!)XX=a8}(8~_5&OBi!Xs?m$`3k
ztsg1@yVi_LO*JL6t2;J~3r+Pu(Vh2gF98}aO&u72b-Mks64kVC{3Gw*no(c%_O!kd
z&6<fv`BHhg%l(gt(0u2&0#dFthz`x_Y-`4)gXR$v7aUtSLhVyE{orE}G>je&g-k-3
z1ny`wS8aPMfaUO<c9LPDu1nGLF|cQ%IcuIWqMg}r>Ft}5bSe|2lpQUq9^M8$;Hw{w
zfdT=HGO8aH-vq}Su{h9eA?yrpBhZk?qKC~kUTQ<iI;(%)a?NBqfLs~k??kHbj#iRp
zO?)S1sAtXJ%z7=9RXk4mkd*XS)Evv0`S==*89o$+=CN8IVW!EoFF)ny7B3YYR%YRR
z+dEmVwnjWxNh0L|nJfLe*R&w4;P`!yY2}B))yZl1xD=88p-%{XnkvAN(uq()V%*ep
zkOT`&32Cx+*4|ck=svktJON2f`2$JnYKE!b^<Ziis#J28WyPq$(ZSm`OBcC%x^e|Q
zRObzQZ@6tZnyxWz)8Tq>LX!@de+!(EFx=kJpSIX>uhP1xJu~Ld4W@W%a_@~HyGh+0
zs@k`QbE)SC&uD7=6>5fM--^h!o*!a`L+I9L+kFPyi5wX+$^G{J+<84TcC=~CWb*GC
zS*={@AV!9K480>cr}}FXJ-IKhb>)80{qNF4{WT*VFgs(<O~xf`Z#R7m=6~=$9DM~9
zc?u?SVl7QzE^kjMIPNw(fQdoMo7xg|lR@hJN5+fv0A@sUuLUu|qnymE0YQovH7aPV
z#!E@Tq=kd*cq~|24Cge_XcMfa$bT0_G5nwTa*A$g70v+%pJ>R}Kjm`$@7fprmPv=8
zJ9ALmVx73UsZOGmq8&2`n6_OUZnV0}h)5{#Ew}rV9ru3U^iSTDH)qy?NjX!5ddi+j
zG&DI+XnRBG>Y>)5m)XRK%4tC2u$uW=w9xJ+$JcvVWG&RcD+c1<l+qS|7ag7)e53{3
zfo2EAo34Yc42}SAYgo#8np59Eq7go?(9u{m$&bB1@a^UQj7%?@Y*BKe0wF6s8uRKT
zV6EVZm|%VDA|yY+R(5dbU1RT0&m;%ZY<6mO`rZ;Vl95u*WL9RkXuKRfNOU#@EswRf
z);NeivD}g#nI;?ST~BBk-bPE~4tAZxXT;weaqp$XR7RR|e<yL{tb#O~AW=3dizAdu
z;{&^~!O#=oX=ouaKyCoCV{%Fg2QsI;&RcR6Hy>ngVp|;uRz@mhR(d0nfUg|FK$9F#
z69h=333K37?&}LPw4+*x-bT)~O(LuQA^h%XnwIM!vchlD+C}FUgwkw1yESIgL=^nd
zkEtdRq_bN3;G0IgA}s#1b$#cRto#KMmnR!|^M5Y332$`<2m5X3MA9lxJV<>$A{>R-
z(_|P6KxSstQ;N@_7$WEP3`iwcNi6=JEse$?78e>POZli7hqrE?>|-oGxhcM=6o+Ta
z5QjH*>D;&|4dN>sX*UbfI<6XvYy8|&P<6fiXiwqhRF>6{7VCe9q-<BAaOuV>>|%b?
zj97;!NSe|S>U<RKYCgrtc|@7(hNaXRy5V+RaQ1!zX~aZ_gR;b5eE*4EVQhJWiuI`c
zOVKg4mHV^D9|?s=Ir}k_O9iJHxzqe9vc0U={>d-cz;!CTiYFrJtMH@1N8w%Pg7lGf
zjgm^zSi`R;zs3qIGH2%rYl1d?k~;qiH#PN&i~cg1^RHG)<Y$5cV5!*mrDCreve3tJ
zGPHPi44w5fyRLw|JgS-gh9n<Bo6V+nre!%k=~B$jW<P_5UTus<r?*`QFXru%m;P(A
zhOEAc_aMUTydE4vdhI9CUM>qq=gt1Ea=9PB8!rsRA0;XyGSnE;(ti5d{!}XnIbGPZ
zBJ|fJ64lf3EvegXU$`{S!8$r^U8l!d5=_ewdn?jHR<M)qeA3Lqyk>`=O~wc(LL?q|
zuqfmlp;?^fHKa9aB9*d?&bdfPiRC-F3=|Fh7fsjw#y=8g+?lZR!EnE|WcEjE3F-!f
zj&%T^IT0<lqO$BGzIvUz+~QLCFD<V{`Sym62G+EKc5_EaHh5$DL&xV`syr;v_1x}e
zOc3dE#>fy%D@{9WPI_}YlE?8ok^shlsrFIFhaL+pYzwPeNIx^W4427{7CwH^U?z&7
zFmz0U<h|;@5EUg99_#GS{8}pbb)@`{$E|9Ws$%#~${F<oF`iezQoXtfcP8ft7p(MV
zm2Ny&6@sx7Vp)XgVCgt>)EK8a)h~^gvn}c(7nF$=Ez(D*dO|=V?K^2-!8#U=p|Mgw
zo8pCx6=^k>w!=pqTUUkc#<TJ4A5bM<^3Jat{&l~w?7NTxom@6!!s)}B$tf06g1s@N
zc5=xxBAi@Ux~I&PhbCiYMmvD2K_^QAW(80btPvoy0OXt*4i9N~DrXp14OjIewOKM1
zoudmRW^1?DK|F{`J1dDQY)v&Nn?*H=s%uI3T?cm|IBi*7*%z-&zpVACWg*SA?e$_r
zRjzh@#*atkV=ImTQWn(%pR&|ao1C+N%qJc#_)%0~pwy$6hh*}|+W++H!7{wo4E(%<
zi;<bSPb81+pq|_;qU(@I5IbnRN>~5|**QB*q(^Xg6#tu#%)flZ$h<Ql5nv>b#R;3;
zF+-x^O~5JcD4B;E{f;43_LvrS@;buvFL_#UU)cYX?Z@-rvr>*i&OO^8RD6v2N@KMd
zm?q`Rc14R-(J#tJ@#cKVc}Rfh&AD#;s51jcl|uycH=Kxj-Q`mXdgC5<=R!%Oz_kLh
z0m?&{_))Qhf8lp8Zb;yI@VlofZ_l3iLF4{-QHIT-@0&C4FH?Dc6bmzv_LL&v#lQKX
z>&-ADg^9j8t5Eh8Gw(2N9KWvG{CwNudG30ta~WjFGUk2BWEE7s5a?~87r*t|pZ=Z&
zl(a3zU*|B9bE_M_?W~kK@y1dJ^0RB)c)W*M!`)M%Nj5Ckw06`+A1QMUrwL&<_Z{Fl
zBv-P;&znJs+pv&aq1X2RuA|cGTJd;R54dO}zCNjs2sGl^Y|PxWqZvv_P1Xpmt)Wa?
zVlWv2U6X#)CjpF9)&?^q6wRmSz3HrHp2_Z9n#Ic45wXt0puFW=o6VG2|Ho{K9;zmK
z>+aXr;Hnv)Ppy8Jla4r5XVCS_j*7{1XbuY|Q?s|8piKi~4M$DM-1eS*_}&Ymhd+qc
zRovEoX<*?PJH7Zv=a<l`$j`ah%@aL}+mT5$=1QBMUP{!=wyX6I#QN6ad!XlVQW>U&
zPCV3H00^Q#FyM1sXD|e#N(mTcpLAC3>)d+{xjmQ$4hiEA%-JmJ$+Wu`&3d0-{OW0k
zc9-XYo(fZ=p`&dwnuUNw$cME2uEWngfvSx{)00>aD;Xomxq`4buMT7xMs5L;?c&-P
zZt}Td559>&tBgF}VTq8YH}?bjLOcYRa&cwhfn;I-0*(<{avyRFDDhQ(4-P|s<wHAz
zp%*V3iei%a_tO%pw6T4qSHOl#zs~(K%lf)V6Lm{pkD>VWgR_?ev+-;4r96R4oe|1G
zn=xNv-ft@hSy~W6-p5nT+_VmmA4%c~w$0Ue*$z-*J*+Yb^ayK-CmG^UfPW4zMQAbf
zL^|?gY7%;r;H3aI<r5c4JgEJhl?ZXv{x5g+UT}m<xcD<id<cI13%#Gh&%!H(5>u9S
zx}ZB#R`Fu}cV<s-$Lwm3UKra1T?Mon^pk$Zs}Y>Bq_qk$6Qi!OQo6tb8h(Wj#`(F5
zI>F*>B>saF{hFM(1|1!PNs-vG7!Hepv-9Gf%0!=9dO)mQ6G!G}E){;P$)c8eR|Ekt
z@>xYW$MoG{keFbc5{ECx;j^m;cYEu?s}tgQC2mJ}KQnX_4m(!%ie9-Jvv!6{nb`O?
zk4dmvHS0X((-HkCt2_cbyj1Tfbq_I}zB*Rtyfj8>Qw{I=y2%>c>d#Uh=4QU0iOA$;
z1b>}Z{YMd=jzA!yd5B|suw`7soSR&N`g}T)2Gy8S9CyiKGq;-NIY5eNWP=FW0q9K1
z>jTRQ^^emCf}I+;3%&kw_4Jeq-@php{4?^PSdW3%dj!L7=z-kzLW0t(!$x>mp!K=F
z%@<N~k%>NqvXQXoXCTtJ8D*t4sbr>k6vK&KD@#fY_|n<Xo9Z4@eRa}j8`lHJw6)>?
z3Xwg`q54k(x=bV*FA$+P%yH=Gv_v@R8*tAJDSSphgc4t$ehKp3w1Okpd}t}D`MJ<q
zo0>X2BNIh{l__N9lkNC)+OS?2rRmyuobi64Vv<V&8UOn*4iguf=1z=*w(zOg8GYaH
z9^HHFqtPCI6wrm@{iN8bSWFjI1~X&O2M0o=W_jdPRYG=)%y{;lCH0SpeOQ9{An|`u
zjqR;$4^}%M0-(Ge_Cpvqs1;hR)(gd&5qkkCZ7mdwEP7E(xVoz@T6)WB74|3xMo~I<
zq1Y(OsPE|*=Ev$sDv9Zyq_$_F4RbStDd(jZkajocTeg&NkO1(g`b2<E=G9B5S2zid
zeL-xE8*JARKopHX0{FPk&!23JqY^nD6b*u*YNPmps)DgUSDfZ#-HuVfW<l2|U&6h0
zOcz|?pU-0mJvQibC4R<R7lQc6`OqLfFBXjdJr&Ulh_Rc)mMzs45UmGQGHfmXF_L^r
zgP}#<64dXfi2RFXxhn)^7l`qno95AX2du;d!<RS!w)7|HD^?HW+Dnf~t*%S;t6Uu`
ztEy)zi?hY=tV;!JW+k~mE&QE7R_qQgA6r70Zk1v$T-ut~=pqX?cH7|!ZmX^!%hP)T
zlxv^@#K}h>&IeZuQ=m{1syKh$$v8EFU_9!DBF*IMu&zmW<2?zh5K4&@X*fy?M{HAO
zhtHZ(Q-~z}4hX{G!q3=;*F{S+c~>J&MPR3okZh2342^8yQC*zaUyQ^UDe3t#rtR$<
z$AbcwS`jdO+ym9My++|eKV|`=KPZ7dUrCk-@1IK@3MQfbBR~#9Yjr@o65qt@-L|&1
z4u*9+<eD*$-2-RNL)qi2h$De8XMQ9jf2@LYMYC|mm!<jNIDTBy@=e^;xKI+<Ww!4m
z&9w^U9le@yb1<=Q6H+cr`Z~MdyR4t1w^&nIIuQ}G*P3;Smi}JX#C>R*Y>}WjqjIU$
z-VHG|rct$XxOO<<enGLfCE{cbP;gZYi8c*wUZaHZ6L-v}ot(AI&>(M0c*wjRHm~1i
z?I;uZ!0XGHCRENu6dE@gqn#eakp~Z8(=+2Ua!W>nc!CI*@_NQbFwd>e^|Gd}Lag|Q
zFk2RqQ`7y6XAM$S;muKLjMJzWG-t<J=BCxWN7c0|E;<G}rY(}-F>Fl=U(AeaGa+)v
z1%|*87BV>)3wH~ZCcO?fVwns5C%~^<jRN}uXxu3SmtIg`i>^zKzS2t|{*qQFyZvG$
z_{5X4SsH1I3`+v?tS?!NxNrQ&gEa1{O`hR_sC=o!+l}qiRj;@KR110<{LZ|CMPd!g
z<B-aqWaVD#twvpeq2V#2L|5BA&XyX4EALNqi3lCo&?a6b>;N>89BI*f1q#U|BF}ZB
zZYgxCdC$cfvGotp9dx2Ydz_z15uXRHz|MoFM>N{?r#Dw#I2DV9mEeLO;Z<AURqjcH
zV}ki^A#BUFI>x)$tSGHyOAAcSs$r>vm$!DqcRr<^KW)8OHOe;7e~dKFAbVnj_Bg5n
zBq0;d>%1`NKPKm`L`QET3*HDpV{_2p*`>L#E!;jSXaVgs2(9y(Hpe%Qq3cBf{IFsB
zo+WBZQwZ9)i3#2)c33^OW2Dhrj`_+4aVX_F{g7ex*f*F~a}Ac(JO*#67neY(!IuIl
zb2V)&n`Kv}jY<2PNTcQxRr>I4+B2a&UMgWx%}uawjR<$6KgHAMmN~EKr%sn(DnTmE
zy<^O*A3TRp$L;J6{LJ?^x-?ivqd{3>o32J#7SZyaneRi;s;PD*{M4=X=~!k!JwU_Q
zyaS&Rnh_63C?$&275SU9XUmO}$At+znuH55E=7)tB%tSW4r+z&D_4|^is)f)-7MfA
zg8ShPenEAQE~NciK=^7Ebb=CTDlWGHm+}Uz4_#F@`=ooT1s;3`<QJf?D@uA~r%$>U
zn12QOyyA%8z5(<ae0jk#B)A@8)wb4`L;Ai+Wc*JpJ~NuM){Q(4dea#|YKs3k@E<@g
z+c!Xj?J)N~0cpL%`s68BPwN9(7uTCS5pTV=lAhG<cSALt<zDIRXqk<<8nf!`m`Y-D
zNW15cKJ%DHiJ9|ciG_J__XPDBuk@y4{Lltc?9OeQi_@YCkK>@)^+lIOEGt^#qT5hi
zE>Ld*{wNaH^Vxn2p184t{>-sb!DL!Qtu(D?dxAELw^^Q?>zqcv<!@!@@%KON-)<sT
z^9wm2-@s9NB>bU(NneWidOHJs6~+=zoY(lHd)&!`k9px&&ET(%DZQcG%*59+G5sRt
z=BH+B7NXMN=q@b*srCQPJjVaB19s+)yq>7kB$fb_H1|h~71<lvxi%G{^G}FY=-_k<
zQ~caKK2GD!W^7n#^8$pDy8#p*R0@m6!_Hs|s&;4^B-hdC7`Elg#1u?=5lhh@m};8D
z-K3F_hfVQJ0wgn$rcMFqQ%dWSQL^Bc&rv?e^gOVWy~aCQD5%TAEm0Uz)VGs7hE83H
z)mOd4w12o7OuL9{{-K9;sUkj7<0?qbaMhZ{oRgkem1=u?+dkT<x%y78YGmJzn`z7I
zVY=eA{kMbj=)81_%eRsoUAp7{xIyo{V|?8P&|>iAxO`MY^G=e`M$kcS3ynp}F<&_<
zdFW1xf%s4@>G1r2MHoDtquc$UlbdSO6o#<tixD`BY!^Hsym2^jezCr?R_FGLN2@V^
z7sFXhk0te_S^JjYtqx^|Z1vZ0b$;e;zPjHLE_kI!lpe@WZ*;Z)5khRlF+Onv_;&E6
z_W1P?+m2SBxTfUrhD5fKr__T^{GihAoEzn5N~ur(m9v6E;fWid#6*}`ywWYb)odYK
zgblYOvgDpG*wPeuH)rD`e@V?BSFD2a7f8)d7vb!jGVB37UMd~8tt$=a;n3vB3eDrv
z2d1(-i~Zh}bmP@@%c_?&&5Pkjc`To5s?NP;n7g*dURd?m?=M#>M~Ns$=jD@MR<I3+
zOl)mVRx;nbPbZgp|32EuDSd5oNmROI@LtR2fQGAi#Mn1lo{}K5GK}GfSl>_V{eMEM
z^w7#jKWWNGqw%ET0^3H(U#!N{i)W{D3O$Cj;YLin#u^J77)&#E=UBCR_bB09sqY-H
zGGPuVf3Ky$-?=Q&_$_AE!cntCvXE}Z#Jw*w@OW##Mv$~=gpe%meHU#&uA3@&ik6M2
zUaYltZ717JPm}6pcJcDx9<Uj$bXC}UXEY6P5r!?{X}0Q9SO)Kf9t3)F2#`2>1{_(0
zI7R+P6D5AeB}-hYg@zrQ-XdxJtka)7syh2Mw_iA&)0F&-)E<)9zTN%)laYcy4V_Hq
zhPPS#MKR{9pVb9kJrGICo1~a&kA)%4?myN=Ty`~r&&r$pM-HRIu<|et!VsuAtDuy9
zTuchkOlxRzD+S4Y!~wtMxtQ(Rd8FMPf2x_JAg~+VQH3>ELS_9123HhqQM`>;Y`Bjf
zJw830Zof74V2tO!=SgvuaWQW*P}jMYD_5UIC%CX+I$$)~_3Tc|yKc8WFip412o(Sw
z4%Y0HP#U|t`Li&G!uVho;s^|s`8!lH`TdIFdcDEpo-7E2NTj(~pCirewmDs;h>U1I
zb3}*^oeH6iJO{w;&By9=(91*_p2aIx2Oe{G#@Q*r$)%=5C=(;D{E*_?@Khen^T(FX
zhez~=SRK8u!|Cpxx?oAxg*~#Xym2_z3a<*ugH%5?^+z{@t!ro)NXu8P@hVR{;i$4n
zWA;f0Fscb7Rk^vE{y!_w4E$9#zJ!{mwI`H#es*n4IBN<BNfotGJ8M!giO`s3UE?p+
z`<>E2z9LOFA$@IyK;1AVAZjMktY)CZYNhJbYTc>=P?zxky6V`s-E8_9DW$T#`SIwo
zRT}WhIGh|Yape}cEA@bOW7(gD4uyf_%}#)y5E>MAcSj}L0O#Wb0nT~uoLVyzOY)lA
z0C_70hdy!v+2=Z3z>9}xw;9!o69)O??((p^D-mp0k``m}9h`l&@>z!AVI=v&#}_#q
zL{s<IbdK*f8Y<p5#1(IyKO|k3i2KE%aeUfaxbdo}wUTkOQ}5;M7*mPJ!%?hrn?HIu
z>P=S845q}YU(KTkurmP7;2?mxeeqfHJ61lRrJxh#{*|^XSO|>>3e?@jb1+KTB59Nu
zH>RAAjL0_B(sv@9kKKThdN~NI&q=L|KBqC2A=;+NEF>a%S?cMU<~#;d(Hy>mF(qGZ
zw%~M)lbAMQjkS-Rs&&`a*6wpQ`xR~u8xIW#Cu=<o=t&O{zZy=Iz_iaIGeair{_~g-
zl=+&Cq3A+y$fqbbbF$KQ>%;(;AAjE2CZx1cUxah>uf?Bg%pPCQ{Kf;5yaurCWh>IU
zR!Dvy*9GFjDk2cd*9#@!FR7dlSphU7zi>FPb1GFf+4P4a`-3;wKtmCeZ!>~qPT1H1
z!8A($@?TlLxa<%9xcKkc_poaQ;xMN?w12%n)-^7_or<&;mFo^|@${%|AQw#C#p^YU
zgr8tngv3IZaH__)D5u7m@12{Z09%y4@!l6NAvMhBlfM^V4Kx3~{A`nCw#1YIL|{d8
z&Rm2S5EgEhdRAFGU%2-Ly<-esyL2Dva=Wucy&bwcwb?_-Y`jd7FE6h^@+>|vPI5w!
zns1|b3FNj#R1@@mXvSM#>v*R9MxNEY_~&Ta_VS>02_wp`!FkCPk#kEEG@kGqn+jeX
z7em<r>re%GFwM{7;G)oGMOqjE_s7KF%Tvsc5sejsmk8+?a|YLG8G3gN<O>kqi5@GW
zA!=-T8irE+T}1nwME8tv@%I#hXy^+=oumJ>=V}*i6uBymmD~rs1GPlN9d51g*&v6W
z?$x+EZ>284ABka276QQ^d?8_SJ5Eusj>qGB-Mkp5D4}64C=z&gC{ijIu(!eER2Tvt
z&T%uZ>lr)D{igqE=R}Wui}cwZKlW%Vr?UFE<bN>WL{u~M)8TTzNmb#NNCnKtm%p?u
z?9Y%(gKt14lkgve?2JHfj(WvZARDXwz1yJa%?>tvF(X@b<5#N=O2o1Iq)up!pd<-#
z@7j|IBOKp&i3=sdDSFL5-p%MdyAoz}7c(q{Wv2~Ijf+T{PW(4X`iDW>l3L==hO!k1
zm$;y>3B$9M?W3`gb^J0GL}Y1{%V1`de;XSdjx~9{m1o9$B)(x>hxjQ?!+53wyeAdg
zx@}d8bJkHZVsL~}pKi}o_scx;X&5TT-w7W#+LD~<qT{}w`KXiXwr<#&w?us@C<$3|
z{wW5d;!osf)#&J&ly9&?htIK?hjrr%&OFvbw#SbcN2Fe$dqD6D=tW~ci+_*#9{SAW
zwEb{BcNJ)`K&z?0vwnHGTJ9lmUFyU%`;$tb#(g|r)K{^Un#vEqU*EYXNT94OyrBHv
zweqVQBj$b^%2)ptDpFk2)RJ-Bcxm;fkyV?t*`TZ{^}Jfg=2VI38UoUfuuk~c*+B0f
z@DZ*bx5O_u?3XSO=V&-rCA0Ykv2@7|ZOuN2_d@rl-rkE*M<*Bw9@eBijNIxlk%7FV
z$6bql4S0k3Y}^xfws2kyI-JneBYVcf<jx68Z@GGkbDo*2pR3<;_GT4AR@Cm?UX@po
zEAClb+4h4}wC*C})8cC36$UN2-`rj*^rrT5X0dG&&F~pe$i4-gG~Uf?&v?yc3n9p%
z^d38<V;0+o$Gi+`9;I1Gkth;SKrMD!WSGF~QH0l+&gFHtbxmt@eF@^3R`Z?l5j=Zf
z1I|2ctr3HS1OKx+UJor5dvYJx*IzU{I-WuX^?y3V>*?e3{UA!E13Kb`dc6S`-gNv#
zXrc3rLy~P!d}6xOdUE93ofv!gWXsJ+p~^jV7q#E()p_^w9XHyAQhPt-yjwRN>u8v!
zE36Hx*oiE=Twl1_EBN9Iko;%QlG?Rr%Al8pV^{4YmhHF+HO&cjC7jvib58hiNvqD9
zj1=eFSyA%K#iSu~^(xhh-|8UTVx6XeP6tZ?Z1Z5lO|;wUW^p;btfs;B;fFW!oo(N2
z1Qys{s9-Hc7yj#v(gRtu*hK&S<Tx`zWaM1{V<Y_V=nEvyB%;a|F&QqDiHq=S2|{*P
z`)y{2e5U*hpH;l<1SNCKe>;z2ObW)^K_5q#u60s+h6c(7I*+(!+@^;&l^XNZ>9o^|
z^zFZ*`0DFBYs@(BjdvYKC`5UV32KU2dwsC~iPGHuyJ+^>R^L>Ip`*GrVeZI~Gp~ts
zrWc2EqJIV^65k6p&f#2FG(+=JVFO(cBWkCCcG(9pfI5J{XjDACSwPW!8yGScS!?<1
z`l+6{5rneFQyr_L;&V!z6ZU_-iR-*i#Q}#it|ALE0{H!8{<gF7t*$G%%#<jzwF;?s
ztNQOv$jE-{8MsvO)c|A|I3jt8NufXSW*){v5ilhGQOnno7f6NM-V*pff#$(@=8>WL
z12h^pvPd}?63plz#H62y_$trzYH}cst=<r~@aln^t|xlI!*9{L^r$#0yrCj0&R|7%
z-JH(&eqqVl72_a>WpjA=g0jV~F2YaVZSFF3xgqJnx)lAa3tb;*CV6SPi7Al80h<k=
zvMC<If(scaN{Ee`@~z>bN0(!7z>4>Xmt;g>bp~ZBoH>${K15~{wj$);j&+VJJ+)~!
z?U%#53Yjky^^p4pu<D}Hfjobu+fobuP@$l8!)EHv9KW^usx61g_1a~J))a@z#?_K`
zyL{zD#`K_;t!bsqerf>=Ha(UicGUh{SlmvKB@D>n2fq6XCoIAhj3NYa;Aw64WtPRH
z4ViGUtIHD_nR2oMeMwBs68qNzUErlt{-buAALF&y!a45z=<$rCGXBq7e*TV5q;Tix
zZ^__mw#yXlO=|WQEhw5C<NtC0yL7x0IC2nm4&p)?t}G3ewg}94cOQZKZamjwE_+o;
zH)>yqZ!>eGEJsfZiP-51Ud;{>UlJXaxZ=ciV#jFQX?(_4N0KFiLL+J1MY`3+DHi3#
zmn?YdIf`8FXo=q@Bjx#aE{0d<*=79`MEh>JN3@M`?4$Qu;DJwmIMzB<3sG6EZ7VKu
zJ9!dyg(o5NPw#=%=uqPR$>Qi7p-l7~*z;Y`)=c8r4)D7Mk&M&{9X}Dhu@F(+j2txT
zs@3e1J)VplVGCO#U+Tfh{zCGcQH3(alV2oJj}}+kJ}`Q;&JxU**!mgl@g=c|ILg&O
z(KZ$i9rA^yu6_f=cqG$oxE;MNIZ}6}Xja;h3N>zwJIK)Gipl4nYrB1G#yK(`3=N&r
zxwgv2)FulaDSphI%|uW7tC=0uwu2r7h}3Oe4g%FytqYogr0i!)**wdA7RV;EQ|>6C
zTjBe6lMg`uXV(e5>-~7I<w5coiN+7{E4{o?SAcy`JK}jihR*F=7e+@8$btN!H@~dB
zFMqY%I_F6)wu*yo0)HW0;v7{x@<tX!RtatHesV+4nXxWhDJX=KD;X_{eGvOi_PJnp
za1lfyh-%M;twiDm;nh)G9;lVzO%j0BRlD&!i14b-NAWu)hQ$KMMWdpFg!)5g%<jaE
zzF86y>zp{=fnl}GqcRRu*twhkDYC>6*OO2`L?EvRw<Lhkg*y{%oR8kkctSzB`{>#<
z=u>2Bb!Hm4+G^RWbsWi8?vRlCnEu{Ny;BmI%%JQ@KTGZ|dt|p_%)9mGMmb2x^z)ty
zH!{h7Nra)c$WNX#B1!Oz-sVFxSOy8JwTEGK?xD_yYI`ebYCZjyqY~0>VQuhrGLx}J
z6HUAX1_y+CxZ~OBlQrpT?AOiaco>;uHG%Th0yXKb*hhU6Lc_pbRm8&YpLCa|Rh<MX
zd3oZBRl9ZL*rIp14HJcH_|CqsYZ<es!x}m`xtbKEOCdmYB3w;9*cb)5#~hwjQ18=#
zg%;(_C|-&^QNd9Yyudwd(=$`4>!U4aX~R&L3Vu_Iq^2al46Vi&dG|&c$(8FnzMgdc
z!efp?A3MRDvBxCjo+<KW88fxGH?yu9O49AWYiwIRz3Ud5=4Z(qujAh$$HpJoKgyQ3
zHV8FV&icoH)GxN<!6NoU=IO=s7CL$Q0u9K%+i~)Mbu%*%ngClTd@me8-Rrl3NvAYe
zBt+C2kO>4r?@Yts*N1a2#jzbcA_JWM8}GLG<AxIHhxF$4bo}131P^hn5zMrJV$LKQ
z&+&SGRThQ7pLe|j+Fwi|5Nte*Lw~4UZzfDz*kAN5PvM}bx%c?CBF_tWu@$-Q)(3x5
zpvYReELnlfD6R)fbGFE4%rm>+Q>m1zU-D=LL>h!~_)UYwRr+)X{^nhA5|C>1E2RNe
zTH?+w$JY-Iv3o@kj0&4jkznQ&txlWksUQXfv-@YTkj053?mXd$1P~;Cz`^?{$S9Ex
zf3IXqUw}%391G~nDZUy$Y#9#bKF3pWNqv8!db;;u8>b-*&I_QLah|?(J{A7K6oK83
zsI<i`e%ke|3(=WH53*<SUVzoG4V8j0Nq*>0*DT7pndA0O_JNWB_H&j6EA$}tj;sZ$
zYW7^>QG<prEvkc57ag^;tR6aS0Az}YpEEd`{Z<X3hE)DJSdcQ={@se|6@$h!%ZQ?O
z0fjQmS68dtAME{~@+TgP8|8)r{MUK(YOD{yUKUOh(wlNcvzPi}U&l806D|?RO?KPw
zX9&qmv+-ZMu1n5RZ!1T_0H0c#J$KkPOgWNTggqn{IaR!GiOP9Kmi8nWXv;M^Bmo&5
zJ6C2~hi!VswwD&T{lxkq#`!(CFD+;yKD<fi{3coYHrAo|kE@qb*BXZFCwQ`_3%dJ_
z3}2^E&T#5sTIF_O6m;hl@xOX9!~LtLl)i6<xOt+9&7`l{zzhPuevKo>t)rTjp`ruI
zrc1~#H~+5tw{p9H(9*HDVZ?n1e$&Pu%befljhy|VKI5GPm9Z|@R=y7JRM*cjj_#>U
zy{$ifqS;C&3~t^Hdm+SckMa-HiE6D8Ny&o=O5~%LGI#!bg&jHrL6f|nfd54`Zy*z4
zCRvgZc?~nT^*FEGum`O0$_a-r-Md32V8<~OSoz;<sh@uR>$;hP1S7N2X}H-DFd|Ed
zBF0K)Df5%l6!}{_NbA0SuBi%@1=BGmQ;nV=W7Tog!)1j|vd(qHY&R&4Lj1@YMp7QN
zu<pjpu$eq+V-O-#d0+z_A}!cJXBWR~1sF5O5YWy*Sp(D^UrzqXteR)fqx}0pk$2SH
z2{h8QS%8@Ni6~d#dHjfc6-{><Hf81^&Uo0=UNVb!B*=wfYF~Qfcseq%cDtyGq(`Ws
z**qPnK4YLz<N!Eo*NC1lRdEuV7`^=bTkY-FjLSdgM+&W36-P$xu-&9NNK}njcdmzS
zrGs;pf~n}_xv=av>|B*MY+EF74ON8Cyp<5iY_91wg&;+u7a1xMe^4JN=%t7yYDThH
zz(FI={r8QN-OG<%MlK|4-_T?{e2u&L4*FZDQ4Gtnl&+%Nm`~oOTNT=^^LRBqgf1Q3
zA<~Ul6+kAptHbkxp>C@kEWc0rEw%8s^Y{W+v-6tS05EX=(&GaI=NvWz@h%^u!(gLC
zBIa{Z-#-zPFRVG!J}Myvy4?3L@mgx*Z~w>De#9Ae>~gTdf|~89&&lP>rwO2yls=)a
ziC^7(+ucUNWrN@*r3*XGPRwIs#Inh&yu9lJqJ$N*{E+Rl3AuLbfrCQnddm2+gOgH_
zjCvN_C)_|AOixwL6S=x|ptlWZ^XBmEiaZs9Jpwt{6+~NUsOB~<lQC>uhL^g*8NO9o
z1+?!>6x_qOCQbaASi&M|!97jT8D1rjgZ^4`-OI`c5cXZ7GK;gj*(GR>H3DIYi##X(
zzt=zZ^78KQHP$sBn=rOvSbsLyN9rN|$eZ__(o^eOn$V0aD4A#GZ9;{{Wk$EF%g>6q
z!Lu2@GOU4HIXe$V*JXP~uSE0d#hM3rzQv0;L^k;BY`|sIBoZ6Z#oug<PX)VSPz3if
z0PZ1w=*<LYC;`Vtq;(I^aQpWy%p_$~eQfVFB#@}cf3I%9#+Q?<Ef~8nVeUaB7i5=D
zB<TQ8t&1C@&G?Vdx-=7ON~rBCMOYK-E>7UYrkDEuE<0vV!70!a!7!0P+E;qOPGw8Y
zcdp$JyKH-vnY~t!N^~Bye-Jauzx~S}7L_>CPdUT3Uw--Hh&(mdOoxJ-N5kKt;0Fgu
zxDj)#oBNGElw*_UKheZLJ{y_MUN-kBcVyCERg=bEw(v>ve1PNxFmnZMk&oeF0NBr~
zu=>VNlIYo&6d$`MVlGX#LW}wJI9r!hr;UX64PePn|3Gi#=!*y-BF|Y`BM|imFB<Ii
zE7F=9-D%kTiAGcjmPw)%r&(zfK@%HhN&}c9dNBue4!U#*t7bXJ$m~0A1Dq#&zF%_v
zo=X*NAKZN+J>*LmV<F6nghpxKWBiI~V;-6gu$(Qw24sA=6^GXQL_Km3uWvJU-dt?Q
zWQ`RHAwG4x-z6=J-6eS)Rr?;yj^g{Z?>~|K5JX#2GBD}8at`GG!5M-20;0IZEgIMw
z1_x>DiF4}{+zt`x<^?NU*h(EgGU?GL>hf|R+QuNbKZ~>AhwA_nrwJxbLl(x;@}B3}
z!9-*A@dO-X=pfgAA6y%MfUtrq`@(Xf)>p-6MkA-%uM><KgEqfBY_Oz$+psdT)$v5m
zDQ6j-M`-ZnlCB+kyQ#ERZV>>ik@5}2xtlP%g4J|1@$-Lu-0X@bXg=Z`_Kppexg9p@
zz`5?LLot00>U3VF_NFjj4+(6utLMD?<B8TB=23Mpk2(aU%#$@fk&IG$>W$(Bzx^?|
z@peXi^={GiVRQI~hilP&>|XcyIDvGpnKNmZzkC@&LL5)6)V%4ZSGC_deE3A+10>I1
zNEsxGu_~nM_-a)UhyP&@t8<IWdUOCTubG(YZ<7E{3$Y)L|HTj~67rBI<#uc;Q(v<K
zG3(3__0@E?$cNRfloO9`BR9ByxaZU}N*c%3waY<FMUXf|8pqysTJDI9{6U|{nGbS?
zn9Nm}5q=lthg9<ZaajbUQ~qvGC#=1ClW$dsoBj_WN*!Fuua}D&Siih#N;`IUzK`k>
zmKD1hM6XuvV3m%{9)o#6owfQta;rY%L(otC<A?N&rVN;6g6VG+OTR%^09L#9TfXmz
z7+`HJSj4Jje=sV7D+v-tdu_m1xzW$ebTLnra#UTc`b2nFi;+JjxECaKFAh|G&RHU*
zVf56&r)J+o84o>5v$Yju2~>K8OM=>1A|`;Wvh`eVB)!A{DX_U%?eG4VF$t_^j@PQ`
zKGcAUs)dnR9tta!W48oS6yX8NtF5^?RaP96LFZeMAM_FOo_03>kof^hMmU+Z+Zr-H
zoVY+2*KScRQispqUWlGig;9`5ti28--a>iS<-03dKei4G5G;*H3Z?+ad9Fy{s6F+t
z74XI?t?Jk<7NgHDar6#)$nhur@_Gv=b>Q4Wqbd<kGDZ-Vm*A3L4XL>njoH(z<Ub+U
zAG5<)#VUFhM&Dmr!5KmP53P_)=}R`m^^F}|a@E`ZD3yfiY?FX0kR}lw){N&gD1{3@
zO#7Upl2Pf{!%xkU#bNv%m9DWt-$vcI>L9kaBmgxY=pR<DZ8RT1hu3X$lCg96HA<gn
zPMr@i83$TVd0}tn2z&F@e!=(K-CfIW%%M+go2UOW0BB0d(bXZTBvKkm%z!^3@nWiy
z*%+TdJYkVo;)MwU!G$TwSDH~RMGxwY%p$vEKT3{Ri|^;mae=QAks_2-|D%N(3XG`4
z1|j$`f>oKhl<LH#ruEH%YYe@?2U6svwiRRbs|tDP4<@si><j)&sE$&_G`fvJ*^|y5
zM~HIN<mKSIK~L>M!cb3b;MR&)Io2W_{b8z*rZofX{}krp0v9cu0#9{Wu>W@U;2QIE
z4U6FH=$pD|zBW-LP@*p@F86v;*6<D?Ilo?XZ2~M}VhO_*Q9ZLiyR5z!14-)$CDmUR
z=^G1|<dJfhgn}`B;^?xQJ2wpVw^R@GlmDzEKdD`RYOcg`zn*;}-*2}>zuz_Tc^Yra
zASiBJDFG~zuj*)mXXFnrqMyXKp`?Otmu~NDP)Pw2cg2r+16k--u==(SI2X#;$c}c^
zk2I$t?zlG$G&LgL!~5XTZ7enR=QRjR8s|=nJYd8bw&b}iv%LRkXy8Lq9fKxA?C)ef
zd?TKH%GkA8FERizmFUXj(0g@|XWO>=)oPjQiD%DW!~FG>2<Sosq^s99-S~Lr5Ze%2
zve{bKv8-|1ewppBDHC5Hw17H?f<$;9rL+_S#e7|N)!g)#ltljVgOQTFCIi_uKfiT}
zU)R!wFX09vfQCJ<ra@=AP1LMhaB!r6{{QAZ?;dHFSUWHvFu;ohHFKHy&|n++q~4NY
z9CtGdtD_>>-RF`GMO4hA8sc`hS5|8jdw1$@{cd!h7h3pz{*_hPZqzNPUK(EdH{O>7
z{C$IqJVBMWO(e3rJQZ6!)_Oz^u@l6>a3xh7-!ZmD17I1I9St5v?juD5*x}*b@?$7(
z%YOP%_A`HV?oQ_b`b?Z&I{UJbWMltl+@FTHNW=!n2r$q4Y3O9lNP-<$8Q<OYj_n1!
zIB91A={0@OQb}toDI72cB%pS6`1OHYVb{?-w7%+~gB*-9*56V_jKD{^^;kR}!|TU#
z{kO)=TLP3W4FIo+@Rkgu_ShbL^rP-5V#3Q&wG!u}bwX171hD?@c+Ltg_p}h0lCEJ&
zB8Mqy%Yz1c|At{2u<ucN+R*#h@GBi`)Bruc1b@=ly7Z(VbKR(X{4OUsnFuO`(si}<
z>SM^tU0``rf|7oU{l(3$DPSC!At3K1UDfAL$$o5A<P?0eL&6;3tBlE4q7S;1F7Jjn
zpWSD7_oJ-74+$O2eR#cK?lWbf=((97vVAIE_ZZ$r>D*ZFyokr$Fr!hEbSPH;_zU}8
zRJgTZsQv1B4ZI82t<Kg^7`fSYab?s}){e3BKea{^N&hyia^?&ib47afTLC;%z2vI3
zS;AjW^uFQPtHG}cvjw)|`TP!bCJKMH|39X#Iw}g~ZA*7ZgLId4cS<)1NOzY@F5Ml{
z-3`*+B_Z8i0!xRa^tayoyZZeBhr`Y}JoCo$*32-r%Cu#{cGi;DUBJ6-$%f%1%j4~D
zsFQHo_T}DsKBdf;Pe$rFk|}m|;b3NBGd%RHYXkBMBpPs|*_q7jx}|oLz(mNOaYEFz
zWlu2inQJ3Ml3DPMi)sCK2H=(>-Bag@!=rf6!Wd>ZaSi%J9i++9i930F{ZRn*tnC;Q
z>SeHqiixTvF<>Tqh=$A=WQY6nmp1yk8wU*!AKT25T}Bt*`hBL!>cueasZhuCxa+UE
zc2Qg5%^2J@-ot^Zi+Tv&S?A(C6^W`8($RuAU1rf_8Wvt+Gy5$Zh*3bd>6#`8_knPO
zCtmc+w_seHt%N2f7E2GT#Qq}a6jf!u+9yh_iH=k9WMQO~#~4uI-el>HltI?S<?sSO
zThH`HyWNK7=#t=RH+a(c&Ke{z3ckv)Ji<CU`ECE=g%OBQCm=g@gJJ3skav8bS!~2N
zDEXG{Efz77;3UG6z#Joytp`?q|DPT1(R}&6!`dfp#@{=9@4H~setpvmdr8S-adz_W
zO(<`zBp=`{>7C9^wH|NR`7*8VWw^M~B;~Gre_G53{8s${!f4gcozT4LTf6zC4T8N$
zAW$$tGo1c}MDiXZB02Z1WbzQ|XG|$kUfoYWR0HJbXtQ{L81F4MT;EFNd>i$a0?bTH
zP=23Q3*+^EM^aWM1>2gOq48`9+9EmPKOX;7Nt`s|wvfT!N?eh}djlII=484!Xuk#M
z<>?TP)DJj`sdMUtUe3zhX<;;OM^{}IjJ@u6n)tyutcAzxK`o2F%Yw5C1A7{C>C}?A
zrHUv^<C-%toYt&2aAu+Md2>3m;ZZx2aCr@Rsd3Nu?R`prh^fV}-zmoWTW+<v`@Hu>
zR@RmzNeg3Rp|_^ds{Hi!rus@2aEVzIp2EpQpc#O>FHR@485~ybF%>PpGQ1uZ?iw0Q
z<T{JRTBJA*ZcM)|H?AaUkTapFdn}uCOT)mwdLBVd5aGLOiZl(aSLUm`*Z3-+N;Y0S
z0@|7VMfXOpdE!G9BsJCy#p2oJOFMDO*4I&XB#SI(`&4LiaX|6m7^R;vpc9%30xJ{z
zR}s(;G863y`4k5cC*ANTgO%9>Sj^KfrGkgaX>LWFtB{bXA+WOlXJ9gr32%P?VM_mc
zbiO*?B<Km+Tqy&L@&IC@-Zu^AcNId!;!3x%nN^Vn$2k0QSd!w4QB;UaTeRd-uJ&VF
z05aZxq>c<e#?lFmpGmrR*)le7CupLLw|vAzlE|2BjjC*}&4{#l>qXoLE2Z*R>3Cik
z%)gZ$m?Js%Wt=V$b9@LzarSe~*Kk+gFg>+~a*w5|=IYUEV;4)*ibbAiwkD?dWq^~8
zhlTYnL!=El9LWN%`S_bvShtz_y!CL!onueHJ#Pm$*apU8$elZ()3W>yK6^iOMCs!2
zRHa`;P8p@?@iF3hD07rdQiuZ+|DWM6)8zd&eAY*87NX@$wnuzqB5xU%dbQIzYz}jW
zFL!4g9ZmG#CV;gz=&dCH76YAiIpAhy`mIAoeT8q+WfGRcx8stVH%kY!pQK#zxF2*I
zP|wHnQ%DO6ob{MRKa_l*@u=FZx=x(V(#8E6o>~(;Ubp6EJ0iF(F)Sv8xU@Zkk%FNs
zD{5uwY(ZeUuM1yS@B`yRNjfI@E0!RugEDOTPzViCOK+X25?2%Crc%wB@extay{gR8
z4)NpM@qB?sQn6vM7gxfjY;DCNv#W5Rr;gGCdkxS0{Fl6T_KZ65$NB@Rp50RCRXM+r
zP>dRpq5d@lkKu?lG`wagv&*S%YxMK|;8{Xfl=QV;I)3&4JTujcz-(VP42(zUbRa-M
zk@H-$+z@<WES%HxG9O(^{|iKwGq0z&!{)k0;}Tbi5@%2J=bt#d1ICUL$+CDy%|VNs
zM46=pz>tmJtYrbB6)^dVf(AYK;Pwv*14?WhW>`m&1l3~!BXy(zEiKb8$BzPzlpPnK
zEde6>_fB-ZMOcZ7V}j8o0H%Ri6(>4?+BgCLbDR#K)O+w@Tmjm0{3}zrHU}<4>-u^6
zy9NTS(%Q%GE1MOEkKUd1>5Jb)pMCm7cpk<JzR_|k?RFDTcs-=toVz`~hMo9&T6Nw7
zE!Mw>0v~@}r{mKfyds|Z20D4dN&PHkj@XY_CMEs{ZYw0*PeQ^006aSLFga6^K}~!p
z%#QurdfJG&wT%&^ZpXq&n0N+9bhM=8{}D>7F+mtui30^cR9geA6?Y@94)`zg<64bB
zJ+}$5;=LYcowmx5n;Ug?9v}C1)dJXS&m%utd@k}ioO<P!D>WMMHsczM>{_tPu}&9f
z%OF9Yfad9u@<tKB9E1HewE?E}@8Dl7$|zHlzUkt*Fgg4N5owEG?$J%a7bb9<O7hFd
zs9jsTk4DqkzgON5%B%EWo=Y<%=mEpp0>eu4vsN?>xGEI{!%8#!RNL;_kjwn_(nEWl
zsOi!@R-v6{;XxxJsmgM(%Ukat!Ri6nINb0i^tN<k8#X8UB(GEZ8pG6)a2eoeI!PAS
z>1W~k)-w|!w!%vE0G2VqXe@&C3ZUc;5&Jf9XPEepB9VnqmH|vbCtyVef)yE<Gjyo%
zbd9s{j!s+dL)(#8bkqg^gZ}yhyVdFLN))67H<_jIC(X7BwBzSlh(&IL`K0HYxHQ|J
z*8^`9VR-VS^uxZu^ehJvujGKOYUB;gHDTry0A7q4NrD<tX?+JgN;%u(jWju|Ax8`#
zy?$c3`vN19IVJvIxRYT^{cymGOMYG2qRy6^jybYbN#J%ZNp^lK;dfW0A>DeI{L`7N
z;ugbKfx9@hh+x2t|K!!ab5q*@(`9J!n?rV6mBVB8&6S_x!&2szO{W7cT*i0ab^WK?
z=11SHAir7QoSUfiPO2+=Jw(hAFAsRQ*9;B~P>}PHfpPm?j9R-E)|OjC^zVYQO9tWW
zLGavTedzcETcv*`R@cj+KG}+1F7>Ub4r1DCZenqtvpbJjw)>~6v4$s`vB4WP)QZ{W
z%&x9p->&D8v1{R%+jb8F&z`kIopw(DGht2?+Hsrvln{cYvh!$EOvi!P2gF}dMqFE=
zx8~Dw%Aa~5gyG<x2q7;pYZGKju2VPGN?;KJ>c_^B>f4z|>vYdg17{&of93s;pbjbD
z%R@b7B0>15>(akRA1`ZgRJ?lkkZ;KHX1a>gmm7Wf_(mVMQdeX7qiv(djpV}qRQgOx
zu#dW7d{AB6y+Qqx=0|Hs^2Zf{ns%rB*e9b8)DZP)LJhwI_fs^xcNX-0hT#LBeXL}5
z1;bif{5Sud8iC)_yP^+1hQ2%UB!6t_Nig~lObXXvTk-`Hf^W|3Q%D!>Q2XtN^V?a)
zYP;GEg-&+%cgq6r=I(A?Q}nwzm0l4+iLz!d{To>8<)gjQ+et2JX#v3J+N9IGMf!Zy
zsZ7)MvSaMoUJcUcLu%?wdPnNGr)VkFZ?^R4r<3_9x$6FE{#npPhyjQv!@@ZG!K3b2
z7K{u5QM^*h5a8AH=>HKwzxuXf0pvQ8iod!pxrXw1xVqEF-%?7=|0S(WT>i7Z|LX`8
z!;SBnu=#4arQ9u6ploYfTdd-HE1l(i$va5kL{U|JCucVi@>}HYK2pKBZiZ~)wPgXa
z--Zrx2$5v(i6D(8e&}JLM^-fC9g9#l3gNClMow%tHg_{)*69V8P1nMs6ecUDE9*!H
zQ<QMc5>4aGJb<a{RCeu%itg^M{~M0-Xt=tc2VFi4l44zdjeeL<-BL%)-TAuAYsgEE
zLEmInG-3WT*wJ@=33;8JcBiP~`j>75^{QgA$v?6qFf*nOw+___3?r4mo4oDU;MXJM
zmH5xK!e2|sLeGNZ#Oay#UID4S$5-i_Q@AkNbh#^?2KyD_KlQpa-9F!2%oBRdW=D8C
zHw@}4z{_71g!gx+yG847xzXqmnfu*iKd&v5{<CXQ{5Nn2dW4kD2ys(;{^Ro<e&MBa
zLwko2K5S81*)V-qb$!?uWi5J!EKpmdWc2?e>@u*auo!K)kO*Zh>aaYa&>ce6_bA>f
z*+dcie1xR=g4ma~`Dy*^3+5#d@i^IR(vJ-_o%?r-4d-#9>GQd{t28&xQN)?Jj-_!=
zqEeTAww3>yL5H77a2E6)3?zfI7=A=)Slau-@fK$n{WvD}B2j0vINhFAFj9s;vXIeF
z4Z&{1?L!2^&?ilgJ%Q^GD*1`xEjmm<svhJq8^EPDR*CrIM;zI`Tr{2!mwDK&#k5@9
zw$s?uH&*eK9^@NYzjM!kB#+(06@%}`DxkW8q&KFdekLKM|7DM?PaI=Yo#^J$-=6o5
z2>9$DBJ3@bmyHTA6~fi(4sCv3GeWpNH01k^2L_bT1g(n)v?{^t5n>hsIm|)Jsign#
zr}-eODDDun9wer1$qme`*)M!Fq+aMdHdl_XQVTbZ@_($G#ymR&0lXjRvX+*#@Q}#~
zk5F#~2{LcNLyk492SkUF!S3|StcoO;EP?2{ukzn-elFhvS(vi3QPRZ$<4w7@Q37gT
zg=ZPO9;W1H+u}Tm&d);?I$wM%U$dy2t6$~L=B4C*UOf1YoOby<YajXg-W<)p`eQ=H
zAgOLzGqR3R!%qLMY-EvnSPy;-<jSE3b|JIr?MEJp8MN8HSsXH}2=A_Xi?w7=DTYVn
z=w$pCc(@S(>w$h4Ug3`);r^C9tgPrN!vieA_!5{<)4!~Ia*lM|?<CV741l*UC;Xp0
z(>AM*HN5Xi6U33AI9NB3Al?gi@gELO?Oq{0wbtJY|HE4HF;~7!6R)k%ubL}G1;?JO
zD2S|QSVE)ZlV-tHXoaItl8Vq7g!`|`R^f68OhviQ#+O!4Ii6%Mu@R9OnU*}$yAoJ4
zyBrWa#-H<RSv}P7dI;+l2|VgCtkH8Pm+DOef6eVpT|Fyr7g2RBpg=iJNx}`BjVew;
z5To9AzHBOVu4*hJ;y>&-f(Niz&n^}P{+15l0z{ic3W^`0PRJkD^%u$P7TS)OCPd^_
zK&wjT2>CF_9h46EbCo}ko~<l%J;^xYA|iEiz>prmkRH^wMCKkOOzgbv4*9ih?7Qhu
zrsjS&aOJOXsdsO@D+NIWD{JQ+bUEkH>^|5ueqH<p#h-al(8lcw$Wge?`-e9iGY^g_
zhqu+Ux|3H-($`fe+|TN@hBGCzaobP7c-8bf<^Rc<#6vx2!-USoBuKDvU3lgl)BDS4
z6Z=O-*+7ovwXQ7{x;o%OqI=_*eoaSEaMLbG=%-M^qeC6hX!DJyLHbC?liI;7|BF5E
zEyLBT0l&XCgro6Y5~jqu91-u+HG&-;3of!J|1iuPuITyAhOIl=DL6a#llS`_kWB;f
zt~=`2>jY-8&~}_CwROW%(*n5xXI5cwW6;E?=YL}#rhMRC2U4%6x~>2wItq<BBspRl
zLh+U-J!VIPkdM#RKc_@GGv`7DJ4pN@?xY$&q2z0we{?Ahc@vIhy_-E^Zs4GH3Fusy
z@9I9H`8lL*Qva3sx~GTma25@7i{xUq>7o2B$(6E$#a2#MqXtPO2{z8nC$tZ9z8mX0
z$F7031fNcB68mgv=8A@0FRF~u_94q6S=fdz%mMzEzst@doJ^!^N2V!?mYy>*h*@{^
zoy_9^u%3VAN{4(Y4&0gx0QmnQ4Vm||Eh6V)x}?~+O7GSC?Y}*h>oZUgvOxPqh*PJ~
z?ZHcBBdeZ1hQfCvbHCO5AsXQF2uiuW(RjYN&_0*+@n*O?N~n0!m={$3b@$4D;XU~n
ztBLcZ+uP47b`%*y6}61_FLNV64Z#Z%Qe4AF)riBSfkN<bRq`rg<;>-{$5t_ew}Sjl
zg8pK{n`IF@7sDe1W5QGKFGC0n6Q_=%quti(BVB2h3gxmFUUpwf!g!0e-XXy(8I=jw
zWfh9U`yC0To!$A#OJpho1^(Zd<xYrxLOJ{snsiCjZ+zQOV3r{|csP}pq*Blr-c<k<
zKL5XrX5i=S8_{zyKd>0w1m+#fcfxrJcS`&MOk#3ewO9^*^}ZO_`rHShHcg`6<Uv_S
z)O?Wr;>m+5?P4>wQST)34+)$^@AwhNKmnmqQ_YMlj|+M^SbN;l%;bmrEI`gRx5{Ko
z8$76g!ZD_&Qa?l|(zc(v?%D=;lea<%D3r{|b^Kx0clv5Rc0?lefto2u)AH3-48?Fa
zAaqs*c-L6;)yP-VL!U>-TlWTrty$R<7nIMY6S3@p>an%5;2RBw;QO)QinD#ECpQ!-
zkQfHJ=>%=|#82p&-NNauocU4I0UO0y@G-PI56fR9?MhIvok$RY>T74Q^`5S%Bubu=
zgRN&u{q?SoUkUm*$j*eTXGlHLSgydY_LL)dKCZnU>Iy4BSAO(1GMXlReUPXrY1TqJ
z!kxE?8lW>GR(u0~5x`F9-7EM!-vQMyi05U0`&W+CmhY*#aBqHmdlarwAsWQ^yl~sN
z4<vrW&ab}-ovjec>lIVbtBMoNYGyt}$;wj)M!>FFpRHm;zwO5R<Fp;faS%;s@@DPJ
z0{F~aDtoB22HMpV>mriJai{+5WX7K84STfw3EU*|7PS9t;9Rp9=76p9KT^qs_Adw|
zjzI-N^DUh{)Xy7kE;x&(9vkPg@~_;4GCu7bkp4+5F$OrCr`pl^q`zfll9s;Qz;E0v
z-M1{7lG2M$F_LAHg}FN9OyI_UW0B!_%`1jLn{NXuFOXC&aK@qnYU6>?)x75DTzra%
zs#)UELhrDCpJ<>OKH#BUl8Kw9Q)U4lVO$u!)-Hs7s@-RMn*y9WH+|4`<h%)$gY)E}
z{i~S*B`BCqB>w>QwUG}c58TTK`$^c8kN)^smfXhIK7$4}BFZG_j9*`Q=Rk(rvI%01
z1W#e0t=i(`ivyXh{%m9vC1(uICtLe}t)hQt&5%Ykgr=p}btl#|*ugXEQDCmfhll;0
zFCqIqvl007KN1KD*`I9@^&zv5i{PKXFnuj1$VQaF%RU*BIYpa#R!1LuW`4gskAX`7
zsXJ2LH{}<Y=BIsgtVn31O_BvK;T!xO3XAJ|ZiBSvQdk@G!unG0__<<NAE}-4CaT;!
zFD_H?E%#|Tkrk1mRei{rL1o~^vMYm1uk*Okpv%0`cB{4ZMMDz&hH{V7@ZZR7WkO&&
z%nXgM>O@n5QtsP1S{1X!&*PM-$rX1p@}r(N23`?QV&`tX&(Foz9o^<Q*T%C{rKgRh
z1ikv3xQ^d1(4@q^|07W6dA=}!`Er_(I4nuXW6E&E_|7s7Cg=se?kp|9;|f%>KF5Fm
zP$RAiHG!bI38jEiPbLbUsObl&LZKpjCdAl<rlegLh<y&Ir(KMN?_V;~X0rVV+e-3F
zh0&YDM`GAX`Y+@%BLYe=WQ5<4Vat6tzYt7R&`RGHDxhFmn$jn3l-GdoVrc?8!qVsu
zq(b=1V3AL!14V!=I$zvAQ(UK8`&w_8*fmZtB)O-PNyV~q?<AEF6i$A}C_^Lb8g5Tu
zW|Jo$aFa+Fwsrj1#3=&;0}0{acp*?-;WCbojDer>ZQiDM48*vy!#HB}_KN=L=}>;L
z+9K^n=lN~n5~VNRQW(6|v}DVeww9t8K}EnltC+mCuMDAd`_1AJS)XHsYRBd<Y)QD)
zZH_xztS>_dVg+u;Ga83(IR>azQpLyhcO=JL!<4HvW7m6!31YM~(2}~Qj{C(IYzr6e
ztsCPRD$bbK8F-ermdIT^rcBv0{yF7CMZ3H;W=tbG5@Lwc&Sx&aC}pgRD>PBpVkq^l
zc&jsk&;sXAeiCn6%o_P5Hb#!^_PH+a;f`no)B%+^l5IE=VtE&;h<8+QGtY8g`1(P7
zOf>D$<YDu~Ey?SQV5)ac89kZFyNX(%Tl4cM;jtp;Gc~cnQLRk(RPFqv<fa#}x_-`{
zS#ny^##+uk8ny(1(6_J)FP+-FJ{CN$0LN2=Oz&Nu$6<uq+KRYA4yNAha*Df*9I@?Q
zD@Y5Hzxb$&Yh$0pPAI_m(sLgcGr-TiLT^8b+!Xz!trKt;zw6Cx_ZoJ+Z(1?*0KLZ_
z+>MkaDf`$E%4ky}Y=&|*kWeNwC<l0`)8_j+{$a@cE5MC*R5sdl!P7KuT0rZN%kVsg
ze{InKMyC$}x`eLGfv->LYFUKppR}D98jhY9RsAz$>4_zMaX2F99IY|Vq3rjW<2!M(
z<6<7=@IO@`Asb5RE-oZ}SxW){e!iQIH|Pi{Nt`;#BoiphfNl4QzHA{-z7E%5_mJ%C
zsp#Z*jRZ{PWB)q4_R+WGf}i6PSPtKR2KfWh=I-$2@am`K{|S8<urcPJ3CDM#)0d|;
z<P-3t_?-sWzDS-}@?*!dIC5bAR}<49m=L6oFbA1~{ecF#+*b_)b{?1BXl$3Q%(ZQ(
zc<N!=2>c>lH6Ek6^C;;Nj392=f>QmL>xT!~YLirKBt8E;h}s9ok4y`E5*c{cXLg-A
zCI*7i$H5=?R)Z7!t*cXXzIwS#xv*s?>um$pcqVLBH{BUM#s<0mEf$D*nns*#6EK&|
zrEFOhJXorbI?UU8j;GDvw`{Nv)hhgTj##TD>TdKV8L)E*P@7~>j0A$EBw$XSq26AB
zy0H)|*j0{fglf1Vs6=-Z;khct{E0ZHe@5V=RkL*@_+ay?S=XZQVx;S-T1wF75#&#4
zoF0G0@?#TiL$2BI--VqrPEXo|VnE%SZ_ddvIeRl2Ca@#;xJ{;gvE(>|YkR@Rutq@w
za=mGae;}FqTglUOqtE_^1Vhc9MWO8nh6H1NnW^4>OBXQ#@%bw-&MolG^TAF{Gx0#q
zeE)WyM_8?A`P66iU$sh*&l(aR>6~&Cj`mWwE!eaE$rSO4E%^8m*aUi=ajLTJMbGM4
z5`=cXoU<6EyuBiyoP4GoX5SsdiDA$BFEt||*vJ`le!w;6D{E0hQMz>q*e=5x2t=+!
znlq|W_oHDu-aZ^|JQWqkwBDHNa;+P4<XcphDe&Ami_0L|dT3NtuW%(2t3uhQ;v(2k
zze4BibDsuZcop_uFO|kn#OtqSk;a>AekX(XVw;ZnyWQd!<o`Q6r;N&j7F-@CGT`B@
z7dK#I+KHE3d&@X^)rV%njLg<zS{OT<`5#6;8N69b#aA&78tl8Kw$+$IgmO)(0%IPj
zOl`LK6F)_a90#yhCWX$iKY|88tD8dU-z1Hg9OQJHpdfDy_&G(C!!;_+yqCTbKhosW
zTX}V@Ycs0@jsty~@dclNH=7Hupe8%kifxhRZ*rrx<47a}ABFc%js;&x+(BDAgfur_
zr^M=BY~wJ&)kVUTY<x3tzEQQGiSz=l?&jI2d-?hK<~Rv!^`;{948Bv-<9Vv%7W}Y~
zvzYJtE4loW*^4#{Ao^WMa@pF`{*Fy9TJv*CAR87$63B<J&7)UazXf$Cji_$v7V_f}
zABO+~QZ=|sdC#LB@yEfDIZ^0un4yzYox+hNZz9H&Ef%sU`TgW|N?l8qWyWQ$jf;e$
ztB5`yR2EcSh_9c>Y9AAtc-u0Jeiy#`+$nBBFErt<O4N@zW;^`P7C_W^`J7pXT*kiL
zp6ll?!V~oT#mtwk??1|?<{9O9#>odJln9Ato6pd7(lV!=hKD&Vj%y7<#qMb*?|m6w
z=LwP9_{HP#7oR+Pw7?CsL^c?oym*6sRtYlFK0cx+RkBp+ZH}<_0C%l&^k#}(`P<}(
zS<U{Bni^=9#BIm<#~WC$IaM|$AEoVmUsDJOo~g#w7QXtpwgZFcCb##|X2+j?B)-^A
z{bM${9;m25SBzb|avn2c{s7Nl0)8y99Q`czw};+mc|?guXS->B-0crM2Y-kW(?JPJ
z@EOTJTV1zrRl?@`Dwdh7hbQ%{Oyg{Z_RT__sLSK+o5&Z*Jz$_LhvrML!)o*LpnA0?
z)baYH5~rg)_M=Z=csAK#+60Ni9Ia`+W_^w;_%*#|e|8Ae&+)?B($uNrpZ}>!5)mAe
zXNR;Ea}0USwk~>N5kEQ#&oK~#Z*MT0Ywz;KoPzS<<Jtu#KL4psC^6+tc%PAKGr^ri
zOyz4cH8>1KC<~k#%4+yz*kU4UJJ%}V^-+{Q!|xgg<0h*Qy;>{s$$R3BvpS=EG#Q+e
zvEVzz*G(10bqcQ`xRQ1oQ=hSlDT^=H6@|P>>t?`YzKg~ik7f=?`-c_wpfX3VotS26
zTI9*>q+nH1ehEGg54`7%)YC-4TBCJiqha>Kt@7L7(WU;AFJJa@FwJ(Or^tK*KR3)8
zz^p$_M3I6wAwZaMB2o{}hiarMItCO6M9*7F@vZ`O4yC9xMnw;#h=2-t2YGUWoNs&+
zQ@rOp%vEc<tH(Uj@;y!Rm^|tqZ!Af|md=CQ;(&1~cJuSPf&_-TjiMkdo?IF4#o95}
zcT*DJkyc@ABpy%y;SO?%5=-XHeqZ#>TV2(2X3W;{Iu<u=_1)TiIG=+RmXN(2WST#S
z<3~9{z=->0z7-`P&9kz#W_t8+E&I=opG%~Z^%2EN2Bj-v0a+DrXoj3QGltUD0L~u{
zxLe#9?5TsV(@Le9wj})fQ`H@YFuvL1{WiJ;5H(`v;<c0hY>E4L-L6j$yE$&{5DzYK
zWWku3KTUr=yzS=CEw&7y37fx)RgvG}d`9}2uCB|cqD(}A3G>!Z9*d*sUN1ZV-Yt`M
zqkOuLrnY+#A<yHNik3^DslUh0;qce11h@%D)lEZiXfx*lhc-Sd`^z5INyUJ8IDZcy
zM63ya93y6MiCZmF^1c4VWlfyoTLdyTchB-zlkC4VNj%G<^eUE0gRS}8zP5h{yz{6R
zhL|8#KOaW^4AR~-g&S0aEGD>%WpRD}X31@XEO(bigUjElx~ZngC?NRj`XH(*>n6yf
zdEeDb<BBBigQwd}w^2T6Ta2(umV!@yr?&IV8i#*>9=KbM0Ev1dKD1xU`$difO;-Xq
z&CaBrJ}khT0G@Z4vIX?#{fCO6INXqckU$q6wdjYU9H!}cDTgRb?hN!YgeiWaH8-cY
zWkCta#({OF!FXBb<~460nrhR?j(ZASDq;u`ej#LetR+3XIXJvI;AC;IV>|o%t53;@
z(BsKY3McFfAlBs?s(jpyTJ;%|&<`0)VZ(^A7*c`OJVJ6j`J1DZ84}#$>%u=4{!o;M
z+5eHF{)P=(zE^nUyO(-mSvXn6JeDcT_Hc!r&s3ZxU@gTXccn5ZU7pqb4Cp(&6+HGP
zRIn_2=g^qzBpf_lkpaxY=r6JN;E(wkvX}@*MUpC0glg>}6Z27FiZWd@CGgxn_knl?
zdf^>m|3Wx4CJ4mW4eR|40e8PH6%0X7o);=p5mzFSB#!Cq#^?vQqeT5N9P8e@x!j);
zo^YY?A%Z4sxrQ1%t)v-OKzE;>cq2sv1(`MGp*!$J=-n{*(ILS_3o#z19c@w%Be*YU
zK9iemJ%#~2(=zJ+&Ih1bQL>Pkf)v5I88v*ln`r>g)tEya)Y4pl<z2<?m7>c!eH%=$
zcW1m#|A&)ZeYKB3Ue%N(cFva!1xgTEnXMxH_w#QLReGhiis)xC3SYn9&XH2`Z`o2U
z+i~!ZQ8P?${5DkAp6$^$q0CT_U5uacLu*sYeu`Cvprt)DFMYuWn4LM&Ns@ZIYg+sD
zr~GFVd?To{Tcd^;US+X|*s{}+#%@V%BZ8mG#?W*G!-(YGN?b6(X5yC?G~Pr!m)Lct
zXniX_2JktG8>BP1Ysa6oe1`+p!vd`;;GWUNUdnI@jC_@zf_6l}#~;%}i7qGWKApZp
zKTayrU8{CcZ#VZY@btti2C^6()!m<0r7wI!v2sqEs2GTQ$JZ$;bEsK2>kdj&_zcT4
zvMdW=M?>|5<vGDeuPGTeR%41h1Zqd&Di+r|WO(E)3w;FP*A-Fp7%BZt;<Bx3ELae3
zGc!EGwsz7&Ed}VV#?E`j8{}q_mc?h$!~KZO$S^A_$YS(7cyOOz$FghyYfVkXuZT9~
z=0DW&S<gu)=Ej($;@>M74=Dio+d=Q7{ZvVs(>ou@rS8H1OTaX;u%^ZGbDR0?h>UG#
zALKBO{`RGz(I?I)$^|LFvqxa4P!-xSP^;KYb<A|1*V|$rvXI1b?EMPfl8O0j9;<vP
z*NkqgKg0|kth5O<>HK2JVdW=@pgh>`m?(*l2-|aj)zSD9VkoG>+=hT6tYo$dj*C>Q
zH&y}&q*=$T(icv#X#u&$#O&P=+`lSV7c)gR0_H3CV}OWP8g4}FwPl-*2?V+*1V;&E
z)#|T5j=Y5*TyY314o1C?4IhY;szJm_n&pSWZe;W64D$$Y&gCPv9O|}3)8&1w2X#si
z$8uh#n@&iIvw)l6H{P%pmhBYXZ01iMwDy~aaul9!tw`XMR$~$yKB6UDE5uPT$AlVW
z?icI$yy%y4zXH6G=6W-)=EdKO_aAW)6_zC&%lzDypZo56(fz7&IxqZm5nHh-Y}xFs
ztf5n_-6Co5{v@g1V+jvrv?D2Ci+okXI@Ui3kH!$da;dG1PGCdKg-W}vvipUceoZ-~
zYKZ*N=mor1)Cxw9j?wI+)mGB1`;t2b8vi0gZDDqSK5ua8w~o&~Q1%y^>_<toFP~0w
zT%`c;lO2<w%b<tAcn}7#D#bt1Zdvg28Qda>i6L?FfGpK&$Y`KpqD9`WtedA>h*vCm
z#U*2HQd!=va35~&rF1_Dv@q7M68oAyfAzq`Fyrwfu&hupe61_t%q{bZ6pyP!=6tT9
z+|IA*{GpM)0LPlLysL*>&!s<Smzd@Iy@aDc27HVWIgh>s^bpHi!hQ+IDD+-?rZs6S
zp)W;Yb8|_9lyCE-f=F8JRf0Is{3Y2_;bDug8H;KXwTt{U6e$9BWF#(hD<lG9b*NN-
z1-447a*EuYHM`uhtxtG2)~<q{2G??f9n?FY8WUa~ZmkD|zK}kkcE(1(<4|g@nr-FO
zIbDa63>>}u1)J+aJ-5s^)uy>G+KpC50=lxQ_qe)uZsDHXpF0#envMT9xaKrH{?3@2
zxDfvW-i}Ldt-8*EKT_)lSIxMqVR8#|XC*tGIG_S0Pd-7E0}XyOSgB>m+Z!NBo@Ucb
zluGp%_^G@}_>K(YPu<mCzaJ{Az0zwWjam26t)fUu^+b%pw)F#DWpmO)YcpjzHLW>|
zrqZl0hOiXvD4X90Ax?Y()r(6aTqGU7^#dz})$K7fxHPp(TdPV}O=@;sFA5B9x4Zc4
zg0csW((FgEcvgDBrx?z<)He%T19iL6;{k$J_G?F?#ODl7UFoCtssI^~JJ-nXt*Ayy
zgTPxUG>mU$)>f30(S!{rSUB<oNFR9cjzDFV$&k3@GTv!HGPd?oveSMwqzf(@qrXvz
zP^3sZq>T3{mNDv;Qb1&QDxhx6W#zWqmZ1*rIu6uM2kM;MSPtAfJQ>|>9(OnPW8BzU
zZ{@E^@cWP8xi#<WBtR6Ka2^jWbY0_Ftap{H|Dr{-S@$5BJF)^@?zBB;C8sNlH7x*r
zx9DB6hd#|~1#Igy$mD8IFIT#Bf6vyQmaKGnw`BbBt0`+mmnm;nk}^KFD*9wBQYRdK
zTu{o}5%1<Od^vZ*m4pkm)W*L`&{i<{dPundtkO2>xhd5)^1F;ppZ~{P-ql0eA=3G9
z1=uxu14|X*EJ{wTO?x;v$<HOd>Su8vLOLb;V=AwwmYq3+53Sq6s)||k6pY%^$(<XK
z1A<uT=S7N@3-IYng`(bK5<jk8X$_MbLVf9T=KN1+D9FYHdI~ht^8ge`@k%N1w|L(<
zQV=%?_I(sSv}(ucglB67D&N%$CNI{JW~V!GQYkO8A-41h@PR$GCtQ}eNtkGLHhWxT
zKpupAwcFwC`7D5bFUh;8HXE`}VN6iM`L)V{l0D-~>kCizb&<*DIYYhqx=>GNCDf9)
z71NA@1;sknhqgoV!i+v??%*%>5v1$2>EhTBcQSNdd$O&}GV#hO?rT>R!YQhWJvA^N
z+WxYN>};GpAHrewu`J%A;E}A>$7K?iqJM0cyUMwMY-m-@$NlSKFv-2jOV@_aJ0}Lp
zlSY}aW&46OY=bkxyL5ltb%vl5SI+mpkOp#VsW|b!?>&E-%vuRm(TLD%{J7xKg-~lZ
z)-+*ceV5sq%aer?p@xT5f`0VO&*&{6$0gpYdI8(Y2>CXi4IYYfj8330Kr2olLN@2~
zk&KlEE1kT5;0$82s@C_)nI7e0m96V|EFK)MHRZTIVOv_cFvm(q{;{+G3**{{#9yn|
z1){V?A80bZe9$(~n8R;gB7!M9h&=@fxLe%~H^ydG*wB@6StxcZ)+aL_@vBT?l{`RC
zWSoq{TP#w@e`Vgou{&OZw&kKyG?L9^${(PU4_8aYD1oOUcI3X6eT$xB6_7y1EAvE2
z=Ak?w5P_5?mA9T|C`*|5u_m!k)jSDyf+HHEB&Bemc57!M2<xS@t(|=?f~`1qe|7Mr
zxB(hx2$8#Zj>BjmuGoLgc>KI+Uex6^u)d6B+MfS_ohWNok>-gX&NlYj{JX=W#^-B+
zZT7&1ex-4OTcxADs^-(hx#o)Q3K_gjfi%~jKrs#J=Yw}r(%9aQ9h}XFUTl+hJyzsu
zG*qXoDW?h!lFtl#9Z8FXTMle7R_$w};x04XGF7o~t#qffZ*NrxpX|8u6ph5Pn8@eo
z<V)33l}q6BvM*R<5Xr(P9z?~2nU4g$nNt#zeHbYa<o684i2m&Ig)3UQB!zMgyvvsm
zEc<F~0))?<g)m@-*swjVu%5KpUk5UGS1<_}1Ei<SFG_umu8tZ6C%>#1Md6b*vNPz_
zuRl!<Rq+;@dzY<uEfzQMm%ZZjTW54W>^y_dJ+GrVjzoJUzT5A&xEbr_e^Aa5*t9w9
znBjlTsk@uFr&V~2@L4dh?){##vJKjAd${fYDmAxae14V)RE{-RD)w$ZporC8wav}!
z6XDf^PE^CAEn!hse4D#=CvkuvOkR~yk(VLIJCZixi`Ql?vd^Bv=1ES02(|Yo1F31U
z65;KnRE~imY33@t;IPpVOEd{Cc`sq4+tH~Mds?9oWyxLUg3wy5m}xmIJ<WsqBe&U7
zZt%pE%UQwbAe||oiVj&%4X>>j-dPV`*a%oHG$Ck4L#`x^AxRegJhQJFq5@rLRLtUx
zBFms9YeZKs3&o!Xt2Zkrwy1UC#4n1dRG&aq$obJdJxe|}`yNNAKKc1}^1*M|Lw)vi
zZ=z!I0V8cT@I~m+NVpQ>MplD;^GE`Uo^bU*%9;R>vTW<pJ=4|BXk4+{!{z3`eAIPa
zH&G`Y;0Hq{^VwjsUqasfZ4%|B7f6asPS&!3#Ju7!8!*i-Sp#L72#|!%n54I@&g!5`
z2N4ZMRqcZbb#%nO*s@nzLZxY>SM0O*0|iU*>WQD9V@skRK4l$Qz4!k)UZ~W%7&S3%
zmc{(CNwdfD4h52Mg;!TWtC?ZfPRHP6O2KC5{mS4b!z$V`oSJ<xYp(#O-hf)Ozuh48
z)tvW89p{jw2n@3{-tLh>Z8`*vm_iZH=rfCJKZ{XM4IHTKKb&O_@*^DCe65s9(J&;O
z)Rh;D6KIcWfDcGZcU}53@$a69Aew@bY`9i6LJg1rRO2;jItu2-bFP?Or4k7qhy23M
zM{FhB*EbvEO{+cp*$zwd$$<AH^Y0!^O71B-`M!P-y2ZAvbfTchG3A0<uWqnl`D(hn
z1XmPmG4g}h`_Rm!pXIV}$U9%@uEGcf3BJThM2k?_yUl>)thr4J5(@mr{Qq)U$5<;r
zz-O5re6T!;rMF1{u~g3N4>6>7BHs`1XRM@Ru&0SWIS>)uNT!A^PJ}p|E3OFZ+vr|s
zVb2!}IT)PX2hJ7n_GnYjmF`QGQ+rqGZ#G#~-Bf;`=)}%)E&YD39*wplVQU8zw8S!`
z1F);o)TbRnn-^n-0bhucg|ewK@<>ITGZ2Cf3NR_7<{T;S=Az2b^|!9rW@u<mLLi~0
z{~%>av=VV<V_3fq4W(uk??mu)VUBcoXU5^GBU=9J=4fSstokCL<Cp8oGK#5Dy47{#
z0mrP%^NyRLk$*aW&1cMVMYd`;cX=UH0MvrX?QO!w8}8Tn$7RLVjU$eRQ`p9J?P3iZ
z45@7HJ)LwZ9mVzB{ff^=89~P%vSRouzPgglmV%PM8f0bw)oj)kPnvFI*s)dMraZy#
zAL?n?g`rkKW}U+~uA*PUn^0sdr#eHL%#4uB^ZBzLLJt;VLMNDWFeTBcV6^m6IQ8<<
zd7WWw78TJx@#O2<-_heG{7n)x75WPkw9~46$139J4XgVQo653pmTWr(MUnWm2<KWZ
zt{1;LEk7gDIm`e$o;hce)%R=8-UY8m$K{eNe(T~>-}_1URX?)!5faCC0N1==>{<4)
ztA=*p1#)%*L7txm{!|wSftl`3TJ$+i+928-k@+npW6Swf%e57Pe1zc&{vQ_YVu^ND
zq@JD_^@1payoIUUQa2F!k=y0hS#ahD+m?%lG*cP0<Ru!5c-`_N7eq`ANF~PLz%hRH
zavk4Lsx4D&QoJYjZ3fQFRpsy$P6T~@u_94JYnT{$x*I?BbDd0^WTmO+1wn&S6C?=%
zkbp6SF;*J*p-eep8RKS3{|o%>M5iB4n(?Geooi^9q@Y_&9Po<2u@+G5G&VvR<B_&c
zs?n1jh@E-FD@`~DsBweV{pO$a*pX7CFS~Lu$1~_O7FNj4%zF2zXJB9zX=P4!19#~U
z(8)Ug>Be<|VP*lNX+m~`OwD<kEPQ$M;T#CIA0gVzG1y>CJS;^V|2_m{L>d;_OwwFO
z+9%c44}~A-BxQ6}a3~`zMa6JD87*WH{6&$F5&t3+DfaIhp;UHH^9Lh?4ZzN{CIurC
z0VBhQS3LtMU!XXAz@KM_dlEpi`oM7GjsIQQo!xx<-O$6tMuCgZlpMF69sQGi|M)aB
zV6l`7*FL`F$Y&8x>uUL!@NxcQP882Rt!)*({pVxu<L=j*cavUG+-cE2saXay82j8Y
z@pcppqqs#`HtLX}s^Rtej14?uQhrHDh{~_^F|U&|QYQHQ?7?IHlNv@@5DaF>_qnIw
zqp8B!3Shd=Z|H5fu8QX8HU)O()yj?4_5mS^yjy|zcU}x0om5TLO8V)MFgJE4H}N$$
z?6s@ts?SNEF)=BhwLCXY=eth^SxJ@@%%R#5kWZ*1{nnvjT`}>N6wnQuk!g``=q`Jr
z1;}~a!jF@9-%8Tz9fpt>&)E~Q)FAzdG&`xVC)5dk>t=)g>JabXR2}o3NL7?~dN!s?
zo#cC5jy2crP<C*EJQqLkvkDl`n&*q#JZAuj;h1FCL>#^2E=DdjiXTALXrLVuZPYHw
z3cUK{<pz6j#A#&AcL7Hn8-J_y-w}tjnCeDC3^FT<;WDw2MQJ=5@(Ub!zP*b3E%XV3
z{BgjawC+>!bQ{>z0BMb2g)Xp>0WP3zz~Wg5=*&~G5k-7wQ^pKbu8(x3nj?&{H~%p1
z@y*=)v(Ii*28sS^C$!DANh1#MBS7`4oI==(U8<8r@muH1c@-bw!d3tx25?N=Jg^b$
zrNnjcm3C080?@EFk29luMb6$#iGb1=S($9O%v~9+xGA*nEI*hMsJ6&hwEhUo8_j68
z=Mxt~rQR-?7Ito^Axwz}JPyni`ZY?l2mHrh<txd@?P}hvDZq%YQ+IxyOZuXi=6TU;
zLY#|BmR=GiL8V_3dO`8?95qW6#l7bJb<eV%#naO43I!;(tkECqQa=~~wM%q<@uHYX
zXl>I3QCE>>(?b2YCr4-7%~bPjgN40n_)F2zRs!!c24<PqQ3?^4IH)PVWf>AkW6g2Y
zaC2A_Xl?V6{R*9&&^L&#x>H$r6-qNxDLWs8dc5@HXds^b_1*Wo>e=`yqu9yK%&}34
zytu)f&l6KdxSHPRcBB91u7R#^+v~Rb88hg0!@aiGToCm7<D1N55l*6KRUU$gTlRfg
z*s^VTa<BS(oy73e-mUk6y*eR&&B2p_$~a^{wbA302VveyqGKMmvlR<Wnklbj!NEHG
z7qP9j1ZI15Ts<yuDj;365$-){cqYYQalOT(uR2_XyuBY+TJLR2_}xEc#kgYOMwSrm
zJQshT*QMk<n*|QI@Xa)D7C5z|9BZ<S4J@uXYV7A9@y*$H`%LxI0YVN0TIycI8Z3&d
zIk-(wdHFmw8ig<~9QjghOoAq~)<D@-YW$@}%PN!oW1Jr!WcLHTr4T&VSQ#?L_t;WL
z%_3WLVF9hkpwIYydmtk%P%WdhJ`OR0J9+qUs}kab<slmgVbdqXuUD7pk5gCL5~PeW
zP3{?M=(+%7)@N!2I*vQLbk63RJ`=xsJ<9YOO?;J6Oj(Y9r&|CaJleUDG*2{gX0Il)
zUR_S-$}BE>XZs<#*#1Q}%ea$S@wh<zx_&-K#xvv%3s+^h4ra51)i|6H)4`hU7?nn7
z!9=i2OSO`kjqowYP{$!q>`oU4Phy<LciHwbrFWNEN8*Jo^~sFoeiZ#O<uN$DEJ?`8
zYD9)KnA9gPsuXK&zBLAbbMLzEKVqQ#saF+IE=_}gXOiPGMKAm5TX|0woE)2gkbUb1
zs9Z&MnCEX&O0ye*fDNp2O!2a8`#T)UOyVf3l!LWLZMzXgnsDCI!&QbIJmCzT>#@+K
zk2c&f_rI7jqR-jzHq9b0^k8?|kq6!I1J09cFA<n;WhN-9CRLCyW|iaPQ`UCO)Kzh{
z?)-o1{Q-hE#Nm~qN4yCJ5)CD{6-fX$IBh)Wf7PxQ1w~;qUkG~qgtxKhK>NsoQz%IH
zT+>x?9yzPoF)R+~muqBYFWGqzJqlQ13{t;ZgnLeT((R`HIma^P!%V#pz>1cpaKV<k
zWflpq4~yA>Ozn;@c7aoLjLk6|z8{*{lKELoyqR<+Va=j-3qs`gN|-;bs8D$d_vJkV
z{Yu0&aTW}m8+1ksW)K-qAOAP;!2%v%LED#p#*>%W*L;eR=Yl8Z*Q?R&l)W~dYM-TO
z7^}@3zAvM-;SEBmhCt$3#_WUHCA*Lx=MOsP^kwz0M<ct%qr*#rW<r^x=KZb6A%JCa
zo|Ilkroe68ke=4e{VrTN84MgC<psG6C2l5`I<V+GRFp}ey`;zSuLTO25oC@sq3s)M
zY-I;P_XxtsB}aOE#}dN5OZ-Xes&x3(WeEkwVa-r<u+lH{y}9SoybY=AP^!{i-Lg7U
zV3}@H*mpCQq)|iq6f*TH%{tm-BZ;}h4{@c2ZxLEvG$#N@RAWU&f(+c?rGIqAGsr;?
zHk$8XT@gVcIC_51h!m;QyFp<=p@g+2P+QXVKJ;5>jGJl8-Ld8LRTY+YXkWI+k{(v#
z(}G$PJh}kEp1Ov1;BI>CgvN9^KlZNNIZU?=+L~}VtyVWUyo(H51-GlX41Y9%J8uad
zRC@^H;paaC;E(QuBr8e7X`eIO!6QEZb?^$DKWS7GYjlfQ3XOd&z2m9~q<r0PDDR~2
zt8;`qT_-kJ&6fP3y(VL=g?{c5D&8+xe>k5;Poo2FoW7qskx<Z1@4?5q!-?hxVbrIs
z_!N1kXbsFY`P(r;us4F!{4A9|y&Tz`M2Pn?#KBAm6mQ?+hsfYvWIomk?qCF_efm!@
zN3B8UipJLC&3X$|Q}iq;B2e;<2pq6KFf8v$T*B!fR#ENh;h(;q6`4!46hN(WCeN<<
zxK``q9f>ttV%O-T=GU(oD_bqT|74Y|lL^)B99e%o^Bxu)q$E>YoUqt_urZVR7s_jY
z_<^DSi#*q!ac4Mvr47Z_2}$cecW(JcnY!S$TC@&X2I+>x*m{W7EMlB%?_c!&*{E3r
zl0epE?0rr1N{eK_C&xxj$Vp%NN1U&wW6U7(nn2k{pIT^tLAa)Sn6Mty!W0*3C)znm
zN}9PFW7R1w8r4hMa6$b+kF;44t;1-pnt5gsXq^8wWSFVRYCx+@r?}GCEe50zLI+ng
zw+3GpEsf@Ai_vRxy1E)OAVZ2aPLDk^7jF}IEd6wDtlkY)c*E^W%5xsFJW|4WySeV8
zO7$P6udUChe0W^BH<1%+mX>P&VqBy+Js8zGq<iG7Y_%zvtX#6+!*%zjY}Vg&+2_62
zp$9KTq6cwafTy*6{6S+>T^yAe+5W;ipOv1E;8kk>tE%r(C9={T+8aC>3l*o|ydGcI
zj8=4~za6T6dc*i+Q1C^Wq4#oj!6m~fbX{?3paCsuVqr;g=>}B7x#syaJG;om@5xen
z)dJ!qFgT6X^@!ZyQW4Z<c1=C^=wOqAN;))sB{vxRK^J!fZ8w_QJhmqbmvq}{hM);V
zwY|cLV<3`dJ}%6TN)Uq$qUxgj5@q}YIHvY`shfhNIaqt+sQ7N_=sl?>;{W>l?-N>7
zuk2E8lY@2X2)5ul%<v5(lFxxi9Ybt;(V0qkult9h!Wn1tHx>}Wo1Pps%U09+mpS7M
zvqp<z-f_ou6Ad3HZJf)o*RNtM8lJmmG+&k!%(wv75fdEPalCd#t;LXRB^D#*^zZ<J
zlyFmUa}W<iJOWTc7oIM_dAsLNFm^#%2U4<z(oujhRW$mi9gHGxh5@kdI-M!5i{q7q
zdh#n{3{;xFgi^b=Y{sG-zW-PVH!>cKr;EnV!I-S?YtPJo7Rzyh8faeml{hJ{p_!WB
zVUFZi{|6~e?9P$8Ra_Io1pLRJ+a;(93t|?N(GVX$nHQ87AIKj=sLX#%w-F>Q2PWGt
z1m>3WqCsg&gr}1QTVo|iz#teu({O%wTGy@X2s>GT$}g|^ufnd$mMJa2Z<5oQ6jR4W
zxwxr6rCsCvgvv?KvGGNFx}k(PJA(C*$(2SF^5v@4>&|wJw`(F(*`VtoQ|NZPL2q%$
z6m^1u6X8Ld1R#)}$cTpaV6JY&|HD19$!tst^rH;y9zu1{O26F$KCA?l5{a`fp3+!G
z#%n^>+o@eii+GSyK7J|^F%3>=i-I&8QSQHn4oMzSeG5-u#7F-O7>qX@k!A;ni9o3_
zNV!P<ZAxT<-Pa=-y#1sOKtQLXtCvFvRrwR}xHNzB&1mX)NqRo}d#GJC9jhucKd&S0
zI&Ij#k~&%@Q%d}8nUe(72j1;34Dff}AUKsVNXrGN%d)@Xh$=L}#|>4Urgt3eL024R
zOZG2OJ0hx$`q_7d)|ETnw%d!_aLJmHI$D5Af4Vw=L3~5FWR6K1%NM7=K&OY}p|6X<
zjSGWtC0!k<9J?zY!iuS)`(fcE+Rm^-!B2qxf0G)8nivILLO#ig9y>^c-1<OEQ12P`
zsHNHyOf(ft+Jf_VX*btYNZve(dQ9z+<*t$)Eko8uv8)Y7#liWh4}yC}v*lM4Ce{=w
zBJ~xwa4LZ#-kNbL5n>lo@W=%V%z7Q9!Hm!dT5sc3u~@?~xzTh}fUM1zrC<<pe?WA}
zfiHf@xu=9G*3v7d^gu?nL4U*pAXIvVk_1*lBIWTi&*yBG+OJSaxB-dOHbw1E1<t2y
z($)^<Bd9Z+_1F2M(JrzOJ6EecESfcUN|pGn40Z;r34X#laCxs(H|(QqkUun_*!~Rp
zSm!QoP*-!59X9_<Ax@%AD7<x70-9VM3Q>PhKmVyW`+Fmb?G@~Q(SX2R+=6VjUBEa(
z!`~AM!*K0gT;FL-@H$@cuC@1It)W}$OxQz8^EzyeYnbb5Q<emtv3Pfi=0Q0nj#uUW
zBuH8?mEs1+sgQW=3y?+Xh>Wld*^3y5mCB!1SJhoqx})z(W;c=rM{?q7Scv|@Fb3;S
zEEL>4zkV9+&)32xLB@D<1FZBmXP@5K|B}DsP24ZgY>k1&%#!=<b;g!vljpRbzgiLQ
zrac2!(q)Ahtx4#?r*D)+b9!zRX8uJ64eE%{@3<*luhXoJ+s%Kplaqq<(_|{{Sh1L3
zD&h@}N*=L%FpvfNh)mrw4VUcwRs1eYq|Au6NMYDqZmwZ#RG^qd@QtnwnBZVoun}ed
z9bm$U4k0nc`WS0Oc|t67y=4}Oi1CC_#k+z$NgFkPygY5BD2MCX=yKh?ozj<au|%6F
zMQvZ;T{v%@sAp;hN*E;Q^i)EW-6bqn+PYF+fA2kCbP%riB7bhvJ>t!DhrNY)g`niX
zwSCwdRMH%Fac$T)8;GEUMka72y_=|##YHhG6A#$KWTOv9HvREIMhw5+LC&3J8{to7
zoCD7<<m3^BSz)|JQ*#^r3tH6~{6k`4n3DYPx>Z|g0c&9N7XQA+s0q{#%!y>?+?Gh^
z5cP7&**OsFv%9y@u703K&!=85tl5lcV<1b!;d?PwLA-C*hFG)W%46h?R;8L~MU!$E
zhb9zVWB5*2siTzg7?auN6)3i+&nyuL|B7kqu|V;>TfiY)gLUJv_BQ(ZC0w_l^UlOW
z^2>%W8TNk7T?RXz$l}mO-~Vy-)=^bQ%loiMcXu}k(w)*F-AEm}8zc`c-Jo<ycS=Y%
zNarD?yW@cLd%WM@#k<}=bg`Cuxrb-Zo|!%K%zWyqM9IHgTja-+MT>h!smP*BQwkG&
zxyHcZK#R)UQ58!a$5X<77eOy6{<wl3Bq?o3vVchkS@ilSn*?tufjWiG!XaCM6MCqh
zZoTC;h#T1E@Ahamh1BQ2tdNfpR+<7W?Xps(+Ygsm)6+V#w7ZD>z;diqW@Bi3-86F#
z9lyha&c57dqz94Ah3w>3tFeRfeUp^YoU0tv434h^ABNc~rr94-6(KZqsDt-Z6vC+i
z*MPUv5(q>3cz#$HnazPNXqXSt``tn5(w;&1ek$RU-XJ;R1sifUsQ-rvfSmO0bgK{)
z1QQ2x*$wB1RHHv|?^hON?vIwsF|oyh_NT$zlHeH1F$3DU0Y7ELXGxhVRt1||5;aoU
z90S#<Bld5ug)3tH@ObFEoH4)cil&0oq#ZG5_PZ7G;W=Z-dbmRQ(RGG^SU6%Igm{@{
zse<GG1R-a;YT@AMn1!TCzh3Ut4`J5VEE8N1CC+%G=D7m1i{Ak$^KwGbgtG^R$;(QR
z@Rq~hoW>>Ox!(|Nk!R^ljD-C%AuCWy)wZ0Rh3~kAiroDJTD5+U!i?J7>znNC*6q4N
z3P_&P3*mr7o~Li}qk+R5k}7^(!oq9_eAHq?;^NfGX;QLZ&S7Irq3mRO7^q*Lp(}a8
z9NsB1gthMmR-r~P`47>qkk@j*6t_T!Iv<Xpt|85tDt3NWg7>qO!S|<7t1n&zhof)S
zhvtl-#>{=bDmW|L(~|*)J_xqF&mK27-1%kRk<f}Ns&gypI29UA*l(9!Yh=B~fHxIw
z56DpM;xdI~D=eub<i8jt_PI-7A#7mbg{L;_<0Z<m-hS+20HkC7*B0GNZ+KWqzg%)r
zYxS3?QhZ4uY@ZXUxrtta*YZpR<~nWzs^knDx3dlxEE_hc*WMAc%M{L^z`r@xHQ{b6
zzZnbP5`&*>ElPK7@LxLNj<%O?zi$=Ep#Hrp|0_7Vd!IlMsBz@PCc{6b>mHuiv&6f}
z^K2(lXJkEL|0v~aM!c}eQ)%X$0ZBtCfxbE@&D9i`wa}O!|D<7jn<H80WUh9v)^{Tp
zg?^Rrnq6_qKqEge%8u(RBk;($=&4_^KxB`=&EDl%AQoE<&FTBZi6&4Ue7almK*8N%
zTVt~xx{prYJ(sM<b(88ky2}Jit-i*;_$o50ea~ieK<!(Y5z>K>pBO@>EW0@q?`epG
z*%@6J{#^wo8#vMzb|?R;QG7CC)z_>O+7OKr9Q54K9j^^(?L!iEEPy0Nw3flOb(Mx~
z5?hZQek$|1bQJe27$as<^uGJ!($|S!vP&0$(51)PUVH+r!mP1J;vHJl(ZNJMvWp@C
zbw#|6ye|GQnWiE!2NOl?z|?_j{HatC1=D-Bm;-7qx~uP0tT40=BtIp08&t@!9zwo~
zeXyo6gULL+HYURU?@7XqPvx;cjm)I#;BJkx8+v|oWzOTO?HR&jzGs;o{V+2#fEdF3
z)$SYL?d561#=}_B{i;9LUPVKilPO*GCxLQ)beoPF#s|=ZQf<oas>{*tkWT}*e+gmK
zUC5lm0GIp+%br?U(^K}0scU2D8KXX{d$#<8-sqw@wsehev>wPQY;pIJbR0CZar_ab
zL$t~+gg<W{V0=@jU|t{VK5hhxFPG7DTK!iaR!+%fFRtR6v*tc&Ji_^ly59@#;QK7|
zJhU=GY22OKZEHS_Ykm-{`yw?9qk~P=&e5keA5Z!#^qOC})L_3#&1gwrt^BD;vA@52
zF{e>a_)aya_({TX-8J97g<s4ix&NtgNyEby$mrXt<`WO@cCuE!7ylvC@q53L41j1Z
z!gDw=APpoS2ICv&i$urVv+*2KFIcIC`spL3AOKJ55p=}cI9MVWR;g0_j<5Rsj04e4
z^Iw&atpJVZ(1?r}^1?<zWQ--8PTb`E^Dq@^W;nfPQ_qqee=t$d)Xtf3Y{3O3V-He?
z48#_j<EhT}ir<jAJC<$VS=dA0akmsPgHzb+-pq@D8jaiSEqS&hm<u!3@W+fk>}4xM
z?=2B|o9~@XG^|2|K}h4B+AFmA#qj%pfSkU|uOEw$v_YuqtA_wEkP^&w3PnR=8A2pA
z63%4We#i4$XvL6t7wgvYy3$C;u47olJdi5+pPK?YR`FAwxg@_Y+=||8Vd@jeKbDYg
z+L4aBV|}@fTBVH98q4_FO0b>FCT0u%z<#qLmY-w(voK~Rl72WLtqvqm1mowGibNOP
zv!x$WTb0pMYxO}<GZ!bGFO132=ze(nE3s$GoDgay0zJR<A7n{r=@7^iA&`y2Fvg}0
z{|B<bQ5aJ-Wj*@pcSADq)A4cpqxdHq3v{~0L`rTQJHA6w8vTeX7(e?(>oIv#$4VeN
zcgSj@0Zdf|8%xj05X==^N3rc@;;f9!b%t=fHDufL31ooG%5pZ-OS^~UZr!0%Rbl^+
zuI3bsmVaoJtqR$H<qczOOZR{FzdJb^5@%BTgY7@r3D$g>>)aY+b#FiJQXcdH{)BNt
zLb<aSCEj~3AnE0|pJVG?Cl8h5w$xMLrjtl1lOGd*t`e0oC?<0wVCnOX+YT$fp-Q@W
zW8j+KcDK7~-C2%yId<@dd3fAX?`hG_7Ls}|XExD;q~5gy7w0?7oWJs+x7C>SF$v4P
zjdQ_@RJ;2~=*5Ch=>ZMsd0Sukik#C|v}K6o_Wfm^*??sOSX;^lIj<PJeiC!}(D5nQ
zxQjP8t0i#8+N>)T@h(@MMN#+<KSYRIry{&|HaeCN)*ngc&pm#)YoZ@+MEwk%>R(uO
zO%&goo7?jjcsV)!vxa@!`A!tr<|^_FK5KsO@dxBn(#kI}KVNWl?6cwq@9QrXAQ_ix
z-H<_u-!p{Xs{NaBnZ9jdC75{_xDS%~gpqQY*hj@Ic^bin0tG-FF#WGqmY#8o!N;Mp
z#0{EgQWyp|V%!i_Fl=&LjirJBP(*tCKH&#occVEblHxE@&tf9HpO5}_^!s6G%W`ZP
z{wLZ?^+^ECmnFEy1vw_&<AT35FT5%vZ%pc1W!OAsRz%A{8TstNpf4Io4r^_QfM?uS
zQ}}s$!zg&<s#*s(H4E^bq!zn?!Gd1BE;x1xF`Mv*+|}HozkOXGe^a94Y+niC&wcY)
zd$7>^TIFvwNE4v46Q0MClYG>dLnQ}rtIGS~oXof*6C={HO9Y*M-*w#M@n+4gF54Oe
zPgKA<cR(QM4U}Q~cK{bU!3FZW2=W2%Nik?~Y^`JtR@$iJgTS{0p8wL7nr;E0^~)|M
zEm#X&g3942$KtHjck$m-H5JP4d~Y|=k8hQtgc>)Zq?$`Pu|zcK_p(I~M@(`+N=F$6
zIUC;eXIhrCpOHOaDDUnsyy6y48Lq?@06Yl9T@-dT2qCBd44we7g*Q;f26zv(#Q2hM
zUM12LnF$QB!c@I=IEU57+e?sthWj6`A_FM~PqPq0lx845(&s$kwTrg`xY4)+La;u9
zqJ1%dDWZkov+|_FS>DCY`Q17TnV}Q0B%+_?AAwC%pMtMG=R=Cliodd?CCTRRrGNMw
z*wIv1YjOV0n?W85P6ONRcyKRab_Eh&bCNnoEw0<X39jy@I_D1P2EBnZf`;)$H5ZHe
zK03!tn@D49gMoD^x#o`L`GvR)-)Nzl0|9XU??fG@pdcq2{P#rla`EfPbJKot?BW8s
zm)^OZRA(J0lSe)+F>8=uj1a`x7<t)CW3RN7zuUlB5+}=+Tg0n3BGytE6Hi}`J<cJm
ztsWh>(KZP7gEw$#TGwmWwVTGpC|;5;UYct%J5!Po{xmbDPwp?kH+O4)w)$jZyZrtc
zn`=|Co^auf1t3@o#qJGf4b*5C90K&mk%DV0nsEGN$_U?Y7<6;817mag5nrV?)B!Zm
zoHegE_`C=Wnpi(O5Mq1U5E=c(&~M=`8y;pjU_P5HXWUKEd(F;#5xuKzZYpB)4ufm+
z?!Y?8i#-WXfcK4quh90J5JSs~%12%eJI*=p<-Gl=wN=vUvra>CA0!P)${rAP71-8<
zyP*Q6xdY@tZzv56lm`%#Sn|H4!|tf6B?jyUg;0&_p6*oS=0S3@)BiwioT4-c9!aW#
zfND?C?_YhoWQ!v5Ys=5z%~pnaAJctygT2`y`|O#!nF1$0`H@!^-u_O;;VD`hFP^Or
zUDIwerK5*;`W_#-jtF|30~e30&#$rYQbM@{8>2Z;&pyTBmeX&CyWN8l5k%o%OL9r@
zusTCoaeZ+02@7weO@gIl?cPw=LPht%Az<lo7)E{v(4eJJP$3%h{1T!PV$d%QNmX5T
zeV&4A{D~Ib7xaGxk!B_M2#7`LGtmT81>@u#3XDwZTnpzth{^^GYFv)pJ03*yYzsg0
z5byq2!ZQDaeiW><=WF=GeSYU^Shy8^G|V`7k<IQ+Z%sE90Z)MO!kbWIXqeDKsqv@+
z1X%`HdMYfUL~Z|fn?jpj<6jxyAirZnd95-+lka!cbnh7JR3MGQ$8V|w0fabF9mSv3
zEoYI>DZFzE2;~>--ylvgw?B4489$|1L{dqeH9PrJ<l*~gNC4NVe{YiCgvX2)89jWx
zu{Xnfg4ni21clC<!W8#iKLW{)!8s=?oC1Z-aFrdBzFYZS?+T|cZ!oY@{r*{y7`J_h
z1-brfL8uq(kHJB~tAgJ)s<F!*<^`5eO@QQJFU9R$R$*-Zg1G~$2k;YGd9O&Zb<gd0
z562q64h^Dp(^~omP2seTkt$9GuW?03&g`5>{3ssLMWBVq9nmP=U*Uijn0FB2?obpu
z{t9;wtBsAli%A)js<LKD6So!8oK4&(r3&+<CaD@qq2s?LVzo8P9<)0m!))LFvJbv+
zOd`9SI=X$9lPUSY!e!8)3=_6di27-H*xuJDy1}749Y+t%Em~|7cif6i);TXR{BckT
zCGPhWP4C_L+7#`lOop$G1`k+>_f&vtL`&0JNKMudo2AEOxeKq_nl=h_4Uvpvw{;X5
z8mqOChK$Jot6%IxqEKY%o_e~gkINv&fXRP7k@Y$^DKk%-5FW(Pd7-NL&f0!+uH7H$
zo|mE%`RUr2a!O#5&`N>pu_Cny&#$#4W!Op3Q&PIbHxVkb9&S5IXC{#vkBX03N2xFr
z%0@{{6=FATmfY7sfr$&HnxB}M+>(-%>&6e><V!Ama&tz&u6w=uPBCbd#D>}NkgKn6
z>IVn1ZD6w?URV~hH&v2eZW2&;%kU^!Et&cw2X8a?z<6ZuFx2!z>8Sau%tHaZPbjMo
z_qCN=<GAl$f6oY>d{J_SZ6k(HTHHuzz4Ic*fO)S}vmL@#9cA=LC;|)dWg?!cTtsw1
z`h%=0RyGbTVjG*X5RoKvBWptl8_Pd6_BmLu+t_i|g{ZONZn0OpG_vUp2W$%Ij}$L!
z$FUtOgGp#7G-l+JuDID`bAaqBE+Hpdo&RqNMP4U7dnLuPVER2Lf#do9p8}-6h0Yb9
z=pkIKsb}leO;JW_GA`mCRAU5QeVC0<wh-bT42SR!&0M4A$Cm*(w5+lR(!XM0;^Zg_
zGgQ)=6W-8CvxWSV3;pmz^TrOPK18nI_)R0x=iy4iuhmoEQ=t{}oMcE55YK%$ecAcr
z<{usONMmn=t8c9;GSUrNMZ(xs$wyh1yfR_zNft?sMed2lrHv#AfT;L+)s)d4p=|d=
zRQpWm!EET4;mLl<7`%woY6wKwVp4=79P+8i3f_S0e^xPeQp~7#B>%6gp{D3RYJ~iU
zgtw6$8H|F1I`Pk1C(D9KaFt3CT1I#dFEFRqIIx20w|<AMXRMKY)ikW9?&sjoX7=tP
z*F@u?h7ttcsQ6;llql_?Y}Z6oleTHC4rH84i68I^;%DiN2|i-s`*p1b?XlF;*Pt8k
z{}Uo~D$uZZL;@nj*d~J&fvocwV18DvvAhFnJkTVEn%6M58eym_G`U{cSVZ$->nWpR
z+Ir#Ua1A`?bExcb`%56x<EZ_y>WZaIiR}1G{g%(ed-Ag>3!@Pedy9{UIa}FBGa*VX
zr5($w#v+*zN!29?lu+@zODR!`L)kKksGQ#21~H6cb61{Y$z5`&;bFG$%Y~@a$4q{W
zUaCh4Var5%&Bl4`ca?7JY-m7EjWm8UX$2~R{S=K;z0qXHp_vHdu~Y`OS|n8pK8v<e
zx4Xf}E>KFy!xNYlyBJa_+Hv*M>ga9dT7$*a(h9%x)vhwVBU@tkACpyk3cjw?i65c$
zE%O+=pL(VAZ4q26DMx>VB7hD#v(HtEWtrUQ@+rdQ)(30TGiplQf@R^ljN2e<U#~oX
zlC+AuO$Y>e66qqS`6hm04*oQil5BC}+*a*)@;PXu#J_O-7JOj{_Su7w7&I*v!3|xf
zG_o}s&kqG{Vn%adAq3U;oZMU%YNlis8ucFGNw_W}w@1G&vb67&L~t*OA&JcHIVYZG
zNEZ4GJF06AQWd2KIQ@VGs_MH`lM4hJQWUcL^#L_QxHj@?;WQ}JWOtu)nM1lYUvmn7
zB;oZ@S<$N?-b^GACubXb<c-!fEw_kqQ#ikwO*QfI*jwwFoLif&nzK+{@=?MUP;3R^
zT_v3G^&biU;<KM%4|0^0GS-z%4?6txMT-MiwO-T{+fUEq8LiIQ8}ZtQ_6#{*I^_P(
zQZKpt$iq!Cd#zQ4q57g)ImdWhIo7C_oRtvD4PHaIHH31*j9~HUA<_JO!Dv3!JHBD5
z9$8&)o9{_80W?BLQrmEcFDEii;;GiJzNiCMinNIPr_c-pVI2&uM~Ql2YcN^G`92ps
zkT>7}u;Xybg?)JZjyufLy++xthQJ8a=D$=`uX4E*ts-)S8A&8$4yns!t}<#TWuoU)
z8jzRU797dcW6t;$wpWqA7gt#B`c}0j5BZZ~_dv(u4vSBNQAZPzf<UD!C&$t|iJQ$-
zT62~m$!7AZjlorGVhZ^q)I~bDIv|<II1gaKxhE(`Jhfx><oAnp5q))*$AgVeTU7vQ
zaw+;|avR%2dF!eL*Tg$4j9(wPYQnE*282H9<zID>>2bBJ9?D=JP8}nL)mRd{#x0gu
z!{irDQO$A%sm>rsD^kO7e`UT#<`z-;+}%=#p@qeJY1-o=$|6Zah+MKN44D0w@jsms
zQ_LU9he(y`L(xCuUEb|LcEvtN{5TgqrW4<Dll|n<p*mqas*u~BP*m0@dOSl|(armk
zGp<|nIZk)N4uw02ebx#yl&G7)2FA1mGbm499{Y48Xge>r4_ky56BT*$3uTNeYth>}
zG6IR$6AA>ovCZyZ61;;%3&J1SW?{cLo_nar=~h*jS0te<W!^ruZ*FRLOyLV03qq%F
zl(tvrR6tjG=*)fIyLV!<cRoa}zfLtXBF&I+(JbA2Puwn}haM&3`?(q8=ljcZ^f#{k
zhFwg+#y?&m>YcIUy@yTf+k2pMaK43HZ2!b~xrT^F+@)xGfi0Y!YSm2<_5^>Xi*Tf#
z<A!j#Uc(pDDsE!^7=RP^CzvW}wq~O4b(@fYa%a0bP^(SRSI$k?=%nwHsp;o1$Suqg
zYf4#?Y|XF73=KLAD4*Kt)`S?HAMu-8RotEDsLu|$-B@Z$MzrIkc>)^7p>(ZJ_s;DJ
z9s<?A#+O}(x6W3Er{xolFECoB@!r?9!bvl8u|L~ClT~x+bn=d{k2Rg5o_YJYKew(j
z?{Zd7*%fgIrOjJm&JcAg*urpDV)isdvSDQ2u^^hOVvxxf`BFtA-0EWCb6iLQM6I#A
z6_{T0y`$fI8>CY#Kh?fttN#$`Z`~D%zT8{&40LEhr5SCuUw12C<%xH}2s0TJ`kjB#
zfI4?n0~Qm-O%xK@pNMUE9QHouUj5D;z1U@^#vLR#XN6fx)Lmc$lT?N&UglzS9u!I&
z5!6RpJL|C~$w60$za2d+E^TPt1eL1s@90t8WasuT3;rHGwCqLo(UYpt_oqF*Wt?ZC
z_oBaFip|V{hL?{vj(vh$v8SCyl+#nhzZEahm{O1k`p}(9*Uok>3}etVG-7fY*Z76C
z{nu!W<^btrBANKHdgPS5$JJ1p7~7CejJed(Q8;~S0;d=}s47g9W@)x{BFX?;m4OcY
zFHo5GFb0@vagvmAh+|JQW?rKdkHSGv+OPI6RUY0ch6TMDV*iSQaAXwC5mzER$m*@$
zej0vp@57Dy^FrX<pU!JRRgVcmkk-$a3b%!!uELCNmPXio$H1DO`m=8a{}K@o5exY=
zNwTk&>6gB@vjZ<Cf%88gBHS=Q`<LNNTK(j^ATw9JosBUD>Cazyn>+5ckm#A3xfL(C
ziMFn;zBYfh?Op=Z4SAdm*7~4e4G0B@be?JKd3>+_$=;%KLKZB^_3&{CO@Zb1vqH~A
z^>MB(P1yiQ0Qowvmb^Xc$t;v9Ox@KPgvp2e=S<ywdsok0?T5rIZf4Suk|;v7@OUcy
z*nl-8xE8j?R9c2>^umgs`5RoTZG?`xQ&U}0P*GY!Md*_yP@oHq|5~^*c^J+@7_ffz
zXX|pLnLIy*l%g~*g0n-oJtOHU*;SN#md-a5J9oViTDd8wY-~R{77NbcOyjv1fg3Fq
zWS$kD3R`x*x5zc5@d&5(j=Tf7cRW+26rSdc0r!4>>n&~Og%HqQ(k7;*>vjJUYhHBw
zrXgvbXXyF{;P9rX-#&hJyySTRR?au5ix3Q&$b9i9R^<XP{7oE$Vd4+?hL`-e<wtGJ
ze-kp^$tb(9zw8hDix{y`w|@;m>PxQun|Y^Nmmf1E8ju-A`r*T|oU}D^ikBpDjvZIU
z!S!FK^$U`259juRlQ*1Y@|nxz7Qx`Jz356mG=r&u8*6!FRX;YCn4pL|r}Q*sG?!M?
z?&U>(*((kRW%3Mym5iQ$@RQC8RSq~^6GA@-q54!{Do0vMbU+>o**L60zL1B4vJGt%
zJ(zaHB#s=0!z{7Sj}mbvJ6UB%DT2H?QH?b&?J205Ak_DNK_24m5ZeC#fqY=pN^d+=
zdvNeTeojTR{xz}&Z%pelpMxat3_+;PjR8z40^ND?<p7*OBTO`t#L~ff3L<Ks62+)S
zE6#$uXmCt-x9ZZ^t?#_ByWtI8T=T?yAnrYOM5*s&?|B}GNSBM?qr-G(L=^gly+a$s
zww516uYk&NyoYC+`t(neOWhXM{#+ijYW1V1Bh9Zf76tWvP=uWjvE{`@k>V-3?0Wem
znn_k9h>QjP^zD!dTzFL0x$g!FvpBtxu4euLCUm$3XgOq;C5?Z2YW}Uge7{sZpmUgl
z?910=r9Plw#?w#Si{sc9z8Pa2$s5Y}n;_3Ks*BYH4_1<{_M`k7Dq<7^J*+v^jV~z9
z)F&~7pvdzTHvkoBBm}qqzqru_L6kFsf?Wk$H{BEuk<Cvt&KzLOn^Ib8(W+~ETdbJ1
z+MyV*X4FTh)Z$h()TmpWzB6OQbmu)&amkfJeU&AWky~VHV|IN=a%Gt{;9pE7*Ok00
z@$<q?mN%4g)f2OTxHsMbMdBy>+k<KSKFm0pyq4cnk-lP*Ec}d7%>_{CPc(Jp@57B{
z@n187MYDl!TO$%bb#O(k<Uhu***5SU%IMrZ-K)Act$~&u&l8Fx#1x)!TGuF`#%E}R
zNv4i^H5ZTRxbq?$0JnXr<{}~YJ|c4|*9|%0t1P>w5MdN}L)jt16cP8PI-r>TWDh#v
z$oj>&O)J+t5kan=qmr$j7`8HEPT<rH)f&M5k4d>81wRwR8h2o#`Iu|K9Ozd)wOL{?
z3iEl&`*tor5a71<WHa<>@94}?bP-+IbZRtP&9ZgRi$aa-w&v=_S4|O2wr$YvXyzi8
zrS08Wv6Jn2QacD5@FH5CvLxXhU!EYpHk{dDXtBx%+M&T)jX7{%sjhqSAd&PkIJF_b
z#v0@Bg{rO-hy|9?k0iDPN$RWgAah$rKC#h=Xj5Zj;v{G<DZ})!A)&km_~i$=T^Bp5
zfQrb8^PnDFLr+$@EbLFbgOJXna1DofAtOf$7j&Rhd}}WF_d$wBJh3iGCF!;>(N^&9
zMqT_{n<e8Qpphd_Xw%3Jzh+~5>qMB_*5ZE-@Pg_;CrS|NW(qUyE<xzjX-0!M>lxIK
zNS|Ha>a*!}NIw2JIS%S)D|me+2A}@^?@?~8k}?V9wNg_~o{GTEp2RcVbi_^lcpL(&
z1$LAad8$Fb0f&O<gae;7*FK5Qlm~9W&5sKd_86||d3!9KoBr^hZe_7Ikm@a|C?sRv
zH#d0r!lxr_s>Ghr7h{aYYbd!nz!pK=OXCn7-^_9O1>XnLSPGMPUh*k<mp#vz0`}|Z
zd&=Sfx&Pr^N`>{suqto<tq{U$c?PLdP^uJnwdl3-N2fs7$;^A4rM*u$IiLi|c*$Rt
zKSP*bm!wK}z4s-Gy{CBl_46Bg>7BdgV-}T3j?LW2i|>itM~N-4A$gC7-!<XkkO;jE
zip~TQp#ys+zNEAE(V(;^I(>r)aTyOMM#LOcm|TGUyWsUsuA`Dt@pK4bMrpF2qUvlQ
z{tgKF&<?d{bn-i3-Usx%e$gY)p4M%grk&{mL6NQoblJf;!8>3fZ8Y_s$f4qDVn7w*
ztOQ@ENFcPCqer&br4+;Y19~X;5k3mT1p2;|Kq9K<1{x_GFK4oP2IiB!M-u{>S7YV3
zS4>Ls)sRf4zl`AI(aN~(%9OHZJg(!rHN4BY1s8AVk%%o1)vw*2cfyX7*K`1weI|~h
zaL1o}=D&}_zLNgt`)?Z$erpya7K-tN$%+ZPVLI`GF$f83417;EC65=k|M44?xc+1+
zyZqafL7Is)Wqnbc0+f$<$*P2^UDOQGVgJocO?OcXcrvsLkwrqVz=U8y78vqD*hK!_
z!r!0nvOx4Y&-1dLDg6z^&}gCQ<=)_vmTI59gLJni51aGawad!%Ha>J4$-3Is9^a0n
z@m)d2QIBaUU-~b1N=R2(I2(fbA+#I}AF+n{=v$J>B1UMaI*jBG1`R1q1=r+^JN{K^
zt0p%D4|eX9Dk7b=yO5NfV43-ucab=)mD+yqHr-~W|31rn?;pQKjIPtgdRrI!y@=eq
zk^)%G4-alh>wWgd7k@T?iFcS<FkSWMNs}|?NMfPlWK^(FOC2phNMqDzy^!a&1bA=8
zrx+{!l9i^3lmC{IJfiY8_-*RwYav$b_AEZ_`qB(ii1oZ3L{i>=mPKfI*di%vf1uu}
zni$jS_0X+)5f>1}It|Sr9UM@LZ0Ev(7EKMNsH7I^EL%eVv#Y{?$T>F%n&quPw^t|1
z)@zM`SVhhxHy%zoV~a!<6FSCG1+~<)0tC*3Z&l~3J@lBj1bKcHycE7E&CG~}9VS7D
z54apS7Id%L3cx3|NHok&gVgn#ka1Z1PTnF0F7=N-7U{IWfm}xE`n**0#_4SYu0ut2
zv7<U<BswpEdkqFJ4+U2pjuF``c7Gg-iy6klCgO}UB3i1JPvNifWCe&L3)pbv@Wm2v
zLa7*0q|{&{3(O7g(}T7H>w?0il5s?KXo?)-B{6qs<M&g0RA^p9_{Usmsp%1k1V}aA
zFQ6x+nH+MLMZ5Ti5+sjwtXr9`Ri#?#DFVqgw|6J4o@a+~<}LPhL5zKd*1dcrx0gCA
z5`$B<Wdm)-JpHo9kqIo{2^baF)ly9g5c>D=5Z|YD5b|C!TnOtXa)eW<-Di(T?Zf8P
zs7K=z5xfEdxxSGJhS??%KyE{KaHxsi8W&7y!^Gg8yC~f(i)Lw~29}UXIDGL&@>vpN
zUYP@GT4&$cVs!GnJXgG6-+_%f_{PicJ70S5zN;I*VPPY8D5&3%M(T}m!(5RyZcgZN
zqLx~h#v738*-T9y1<UD6Lm`d?V1X3H-z9}e!LGk$TS0jB0r>k}G1r$)5SB<YGIJR5
z6h<oYx>NotY|Uu7C0<@p!l4^CH4LPKrC>a^0t9=gd}0g)k;JXvr+*7h3neN4Wrm4+
z$pB7^{26c`%rEggDl=;*nH2evuR8K(eZE>7RBG7thlMx(>u53gf!%#V&o#Ayq^Me|
zUjf^bEapA?c_M}EO2{AQaYUxKaUl@yBjy(&<CT1KGoNu$2$Ps8@IXf8|N3*84kqKS
zFR%X!`jxquycR?I>yHiIKdn>sD7n{y4Q`*H<9xD0^w)lyi4xtB#avC?e-=QMUoA)1
zdGRnfG{YMI&k%>3;(HZ~U>zh^vtJq|q?=B&gLSbFNF1Se`_x%6A`mk~+)H&`i)zOS
zM*uwj$a=*5lnE!LllUQo9q}<JK^9^GE+vz{An3@RXw$0@0AFujAiLY7jJMY{CWN|1
z@GU>i3c)U#oe^yLZRy0gttKm`WAl*dXe)^nIIuLMFX7d;C$oiq`>2}U9VE1GkJ`fh
zp+S!J@zawcu>Nz*l}BSRBDm7ykX|}xR>RP>UBpQdz+cLIO=Zc7U9zgOyOr$5qqGQN
z>@!3;{etACQ~;TEtc!H-+Yqp`v02O{gA&!%=&H)$$ix`U$4fpMwB~j3(f;=WfKh1=
z){}>KoaHMbRVBobw?c!ybbaH7D4@cp8kdRUX=3lvC|>?F4eZo1zLLc+MVT&1c}?-l
z!fVw`gBRm6v{dCs6knl1T8Cef-0x;d4(&dxHBFq%qE3RzGvTxB7Hnu1OydaTI5Jv}
zwU;;(%`jaT;Tj1bmEP#TmEIYqGz3>nOxD@xFFE^Bc2Su_E4Rr-1N753wSNmjgoyu@
z6E(V^SD!A$k_E!8iZSDNjrj5*#?0caQbA@rt0?`zEI!_T29+Y-??dC_XARzI5yS3J
zi=@?DAjL!WA?FFuviHFb-2>?7__9yO_Xl@ZJPrRJjI-Md<(0d}K#%I4uZ5SQdP);U
z$6B1^+X@!JnTRMZbWtD1Vc__&3APn5;?-yHTa+fOFK3deb_)<@je6PSB*n3{oqS^3
zA!}YQGk}{kp0h=02ttf=0Zrq6`eUI783VJvlYo5K(Y-e2Xta^6DQnz1^>~%}vcr3~
z?YmQ~=o;<YPV2F&QY<9Oy3Qw?k+F<nD6I!tZmb@wgs&@yaQDKlzRVRF$GP_^U}YXU
z>Fmwxhc;Q64hWg^kfwLJS=EK3DFOtz0uLr(@+3<2l3OrfF#{10uM$I4KGF0sd5)Vi
zj_@^X86qnDkE2u<aI<pp62O6Is5%=R)<yE2``Y^1Kqjv4lfx}eK}{q2$F)Xc*n6ze
z$!)@olE$tv1p#Z#y?eU6D`U4~iOlrvEIqX~l^R|DBQEs{^tGRBRoeQqSAs@Wj(*Sm
zUf|UBr`e=9?}Xcu6Zs*vhj^eOzE2zbQJP{p9h-GJGnFECDwiT)noCS}re`YxAO4pu
zmMT_Le6$mh6V`4ty$~i9;0Cw_L#Ox;TVc{^t`;F{h;MfgmNg#r-UR`JJ2Nc!t{}~7
zAJOH|N;{aQ9VBHLxMfQQ5tfKY!47o`9|IVBgRHfE$lOc#RfWZ^#ff^?i?@J3j9$ia
z;2~p3UE*y{^Ra_@7SY{#ChYTArMx;&3SC9W+9bv`g4(|7U5gC}S@MjfcX8R)g<B{B
z(zyez=V9`6u{SOYqJ<K}DX7SpU>G0O5>?<5_ENkE)E^3!5EbhG1thKlT(&M=>9`P_
zU29s8U#30s4``O$6A4-&)3>@&pF?x`XFd5JNXiJChpyDQ-@7Wc-k&DX;l{2;)##TI
zkEK5*2+OQqm^wSA-tvGgO&M7?w4GoIU#NJG1cejISkK0vtvyoj6zn)MA`}61Ji2{-
zbZpoeT?%$VY_-N|+a2YD93r>Z*=lm0*7J6r@ej2O%^3@%a2Ed)K(dk2@w5nG{|zA7
ztZYVPxGjv<oIL@Yo%b1tUz%jVg=0e|W1cWWR--3S;1S28N$b08kbXTnFF91c*ir?&
z@Jh0O($mF!W4B+_0D)`pqMhB_`r2VC9-hF(1sDrc?C6*=SKw#|MV^xZ);2TMEV2m|
zP!!975Z4(XDxB11$NYNDS8{s?AlKaVFNG4|w{b)ZNoDfp)ANGrW}%@UcIah8oT)M5
zhzc;rQ+$BYTABq{u3bz&2x8N-G7j6+t6YARDsBF_3N}S<bsnWRPFkd~dz(}<Oohc0
zD7OGZXN(;Z@?JvJ!!;#=%7p9!I*Xl8UVjsr5XTs6n1t_BQWwoXNuu*5dgxN<jsF@P
z)Bj4sNvjHJd}CQUXFPDFS}S+OGip@^*q0|kH|fnRMT`#z93jV|(D{$!WL^c&vZLMm
zIsi#e29GY0bfmN52I%Ui{&H-JbwUOp$rmN4{Qq!lyeLD+Ll6-|nB*|`_%HN#vB!JG
zJ%wVW>?V-XyR7~Rl=(dv0*wp=n#1+aIUgcB^v-rXIu;kc5m!%5Z%MOr;_o-$-xqPZ
zGh~F-`1BMwm05!PJ>9Q%Cvu3PXN;aqKhEy&7z5+Oa>fc|{V#fN7;g2vg#5dGTUT*+
zuPTS_I(|UdrMP$(l@N9*Q<typUv}y7G~`3$)Iqka@nqBq957U_%5+@2QY<GPgtTmH
zuX$RaHh{F_t3kFS<Q3oyTe08F1Spg-fC91yFey0H<v$mSVAOLBp%3!<r$7Gosp2&N
z>!$pO?^+u0X-H(%#D2OtGy+rfpkOCM;c!bl?4CEguMi3NLUsYgL#zxT2wg!nA}HHK
z>-pw>WfqxCVfHMOWw^=@!l}x^{)8mwxi1qUkLR2a!hU-q(ghIuS6vgC>{eggxzMPH
zWGDX+Nrj(k+|SO23*?W-r`S<ATZ!cT^|tOhzrC26vdY}J>cdPFEcd&m?4NVX4b>V8
zH)c_3#1-JZKHk{$k3*IBaMKF(Xju>G8H)-)LKDUoB^mD;W!jqgn6!SouH^0jMm?BR
z4gxlFHoz~8F0SY#Ap~8?M~-haanwpdlHX{CyhuE~@``Xi6GTJSzUuqvcj(l*5ok!o
zz|<lTr+?JMI9BC)=YvIHa;r@v)!1r?-bN}DG}!1`Jn%CX=YpeO=W@FlT1Wb!9+I-)
z32PR$3wZSmGU`K>>=aV(sM2m4IVHJbSK}e3HfNLmg=buVG9XJB4LLdLu|gwR%sZQ(
z8+4K|&I*x<czvk7J*Lx^3AQpbkQM(d7QX-iW2=xf#LVuJ$f}O=;~8GXc90D5Pc{^V
zK}aJ)MtKgg-?+5PGLWOvXN^Ov`2w`ljlsSp=;udq4j>Y4m$Dm&9f>T$ipnDu@;RUg
zs8xH-+pt?@bIaSvUXduFs&=8>Oa%Xzg=-$<yRC~<EXm#a48bibp-y=kIBnq!)aH4+
z?^U~z)VyhFnQz<TzZM$7bS1;?iobe-by`xEWP@yEh_+oNnrk<h_N%g{rTO46-PYQS
z4`{aLyCifL?q~Y{XobVN_<866oCmJn=>YG;+N&q_*ca`{lDdWH^!iLWQU}f0;)XFG
z@7mrHCs*lBs?j;2{82e9e9VX^HR(KJAJ`vjid_J*fA2bAd#`ET$Q6WrYYHT#MiJ~>
zoFxyxV-&53n_uAvc{bNB|Ay3FVBLWz@b(lV@Kw^-{`}R?LvGdVy|6M*HZO~x;lNL`
zVN=v0#l5N`e8hJp3FUR|Q|+8MHG)09eu<E;9}tcz*GWCn1mDTQT_vGx(7S$0&en#b
zx%HK!Vl@t7kHhB0GvAh}I!6{{?+5r{z2?4RCpYL9ckbjM+Ai}U^0|Z>uz?|ynx>D#
zlydNB;LDoXd;4Sj-d5>nxu0tVCd@^{4*Jn%#nKa0duY2HvJQF4nq4;2Opcv;*ec;}
zeX<?T$6>&?#P=qQgrjO4sfA_;9|@%k&HM_6;aEZRJo?|^(AkHPL9D_0jy6lK0qm)T
z|H5BRHy!!UUf;0FO-2dhzl$ECAallkXGN}qD_G&*OEEOsKM`Ltcq1h_wo&6fEDjV3
z1FxM3SWV5(>T7(D^s6uK?RrOe6}%Wu6O1X>h>&2$Ml}qOOr#7iFf(T^2`x1zz&f}J
zlKsR%6}-TdL=|C$I7$kT{D*|!q!`WO4(4AZME@c|4%moKc#EdEbn=GLqg)zs_vr@f
zc%c#?gcEO~;x9A~)Ent&-7J-+8vA4_+8QU<lSj56lRmWYWFo>aY!RFY$;|lGA|%^E
zFF(G8qkTw({W6(>Bi`2+#YY<r54EB8G<+3AW8#2;i?xs+ASU-(_V^<OpKO)_PYZD&
zk8dSN<L0v07JnJ$o3p#7Ci3G{y^uaH2(U|fKTXlZmki!cU?XkXX|7o-dCNmp@KA93
zCW2>a&LkUepYHf*GGZhk&ym|FDLx3Be*V^&q>feh-f#4(@0RbPG@HGTilUbIzRy((
zGg2p63hkJ&i|_S~3%>VT7ukxxpTIwTu)=j(lZlGG1~wdft_>PRx3unWS-s?(?}J%)
zj^913lgv800(T}$d4df0n!rG=``L~-xS)p)MuGA(^mivWPg?1q+lfG<o2UBgx-)c|
z5h2Rkk9eMkO~AB=kUcR;zFP?_WN9yzZHHs8#*Q_(#%thfQ|vXcdghij_QQA0XfUu~
z-)c?fmkH4Sm%-nk$lFgJKu7K4&UYJeSBAOiPa1LFjYc1HTJBjWxjoIApm1(9Hq45%
z^}lJ}B4M}EkJ6DUPNikPNsO)J0%3oczF=Myf}$i1p59Yc{Z=6Bsjx}0-N)3PDH+I|
zhTzLh`$h<ghSd0VbR(kQAU2DV07Me6x8D$5N3rAUQt8)|sW;(umXC~Hj6@Azc9V~I
zT4q92yGVvEA|2hgm)_2v16-$5ph+r5-dc?eRsdLj@|83=!hW3WcLikN2JCNss6#=Q
z-+>C;!zB8K=nRIFz;sOs;b*lvZkdj&oOFeB(7;msMEJk%QUIj+3W+6_1tNkj)VD5|
zQ6z{6xC-+A{1&hTot~@FsD4YUqNMY%YbaWmWbY{by${gmY2P+9mU}zoS|Y7r9@QoL
zC{m^y;4lRSNRx1ev^;L)PIpi;Z=g>E+K0Zm41<QycZEQ=gm^(tqAYURHSx(DCNwvR
zd;l(_{JwPRDpWgen0V2U|6@(Fh18fL;P0VNy&FJ*`pCp@fgr0pis5uqlg;W@$4Y?~
z$R6Upq?072)?boDtJ8!(sj_$dG|ld1^FTTFc^4EXO6pd(r0nm@zD8g1<0uL_?)Gqb
zsq+w3#kxbw*Y&dxck$G5a`wVwa>tXCqR`%I3Txj(X%c)>V>|2ZQRP*Ode^CV{jjXM
zTM=@gnHkfVJ7s({WEvfQ&#6J&6J$PVdggZaM;!(19wgm(4!2UkC@x3CsY7F6B@0Yq
z!vCB0#)9LnzrSfl^Qk`-*;rvC75RM+#RdM=7E1{2>T#x(RbA6@`Kn)KF^-X_fJ~|3
z&ta{_+X%XkovW4c?>f6~@_Qh2CkMDrFAul8JFBnnYIAIhy$qH|$nX3Qzs8TQ5F4$X
z>AYxg^~XH9J^hl`&Q&D6%4s3lg`obzyuk)R{TbRN6?(W%T>PUhoT@m(1R)~yxGc^+
z?8Q?m9CM^E2v%B*A`J1hBlRUh@Y&TF4ZG50)L$jYxz8U@EaguW;dYLA8+^n~Y&EYU
zU8?Di1Pek_JDiXZ;!nER*(6LH2-QI8hu%;SA{|+Q-MA|_R9TPl3-}suDVcpO^`kYU
zi}YatOa6*vVV9VqkU!q8^*slE_6PzKgmD=`bK%lSL*)bnT_v&AoHan;>wr>A|9|jx
zhzWK$JIntShnJ1a8S+;T_C*XMBCAZLNzd4cqi8#)Iw5e=wHjNTq$}X;0<RPRyEd=Q
z1M;bGFFJKS18M4tPJ%vvOhvW%+b;_R!wu<|r47j4h4jn5eQV?0qTtJlPs0o?@5{PN
z6CX$+66cA@iAT@Q_7zG@@zqG^h)>ss$mQ-<9|qfDp)dG6nZ2F%nq<VuW%93{lx;d{
z_1Qbgzn>d&ePh`s9ZYdR({;Jm^oUluX<+Umc9LT&KtH-R^4(j7^#hmVwlD3%A3Z<O
zlKQK>weMquNA0e)a?Qe>Kc-iHBby{y4$u2w+HvesDTwn@s;T9Ka3LU~TPwJn(ibxP
z3U6uTeDB{7SlN!>NB94Fuf181u7Ard&@B1TQ%72zNl_^twaa2O+`ipuZO1R&y!VY!
zG(33t08R#~A1GqDGJy;a6`b|jyGr~vPInBl)=LQ#KM0mItN|^P;)?c1PmvSjD!G~-
zg0{DG>)ee(AkAkqW>msh$rTjFd48znM$IA-rrG!_alMJU6Y7w|TE(X!|36W{t<@k(
z@^-mx>Um%-!%QnHp0(O-e-L05|J~X_hv?&PH*b%tsBcH*qqL<jrZ;S3e7fLEpFIcl
zoihB}pVxUT{(t(}@%_r6Jlq8ir`$Dhik~)q$aPSaohZw2F7wc{DgN}9Idty~?il#)
zcVHpE7V@yO!}{pT!e`ErL2s!|PFb$r$6x5Z_4RP%gw)_Gp+pI5Dzwgu7oUBsts3uA
zOVZqG_SxxJ_WL#bTiaDK%~e*qr*?;dF;Osfr{^!wH;XiG*}Nu|j`Gi$JQ+o^d5S4s
zu1ng2x_V|$pVqh>Jy>(jJpDw_>ryrgLPdTF<t)#%d94<?s$Z9?|9&hPZk*=b3!B+9
zJUWQ$mXmD1az)eBnsaV4a*Vrq+J8n@nTV{-sl;Tuu?Q{!`1sitrfIFfHR?Ds=~gte
z>h6j$v(jQ?MuZT*V?sj$He@9P`LwVKtwl8h<>rFLG+y1ejx)R@m~FQH0KGFCP3avu
z=u)r_BMA1m`BJ9uYl3X&Ax&e>?N1Qy4YrLH!faA;J1N+uqMTaiVy*CybcuQm=ykO6
zE@`CvFr$4-+->*$r(vDJEXAmxle@~VyPx$_@xXvjvl3RS(h^G4+`f>pPjfi3e?q)!
ziPW5l!lGL=-uh6IDMY;n=DAy+tyIz5(;j66Pt9bpPnu;57)d>JO-4%{W!g!=BQL)`
z3(pI34Yb_yQ1^QO*z(uDw~2Q5A~Uzk7SOg`5ad;x!dLw4Yg8T>c>kkXnoAFCYqWL`
zBIZBXAkhx4JyW_VuirtR4k%X2tHzq<MLI2q=Tw>e$ZnGh7<hkwmIDr4n+Z;W3_kQO
z*nh0d4rt)@pH;qyA|sw#TYGBpj+b$u3-$IblF~d9Yfq36HmFb@oDZfHR%5)G%ln4Z
z!aZv18lCN7w7#|r+n7SxlPq*If1SH}>RsQhgAQlfE(NH753VIc8Sq9RAcl!Z_QQ$q
z$qxz%tfqT&=ucCO3H}~`K?2woCWwA5J_R1Rcj=(F3qHvhIC8{A{v^XXXs;Lo-*<7J
zR4!>vm>%zj?Jh`;Ixc-I8)N-A=;2ud$l<jS_&&C0Y74h|r|je9Be?bMsNJ9yb(2w)
zSlj!ljn`w}b2YdU7Oqmb1XNiMFP!ys{8Npto;#^~AUD%LXIrj=U#r!9iYSe}+-RK4
z>(6JkfmW|N2}YfVK{%88DSdQl*LEqZD){^svS<ihBb^wQ%GkUo{M<^Zhh`KJ`7-=G
z^&6L^nq&)*emHpQUr|v<4SozfDLCgpn@ERUTS7~j;MbKHFIz&Z=p#4r4F>I3jeg<8
zXN}wSMTZcLf|Y$Q&5DwV>-`N~i3)}|tgq|@K;9s-?d@W)GzRx(?NYLma~beJsN{G=
z&~G+lFIM-hEo!+aj;*xe7{f<ay#wy%`ywCnB+UbYLIW1T<)W<QZZiMTQ48!2GKD|h
zQ3yupbiTr==U|K;5L0jg!fL>I->sa^pFEEG?=%hvv=&DC-@5)F(fwmo04zv*KoZr~
zFRGjwDD&SfLM78V$|c2fS$IxP2=IwX)yG;=3|WbIv4`)0bJ{fx^eJaxvi=J{qpZ_Y
zkK!%cEx{c3`&m<o=Vf~btm)OK1!Vz29MQP=OCVVB=|*M1t=b|mW1OT$>ATgV<uZx$
z;Q)K@`x8}*zCw#s<@W~qtU+=82Pxbp2CYt)#omKri_0}Jt-wM*4zx}_3-Q%eDmL3g
zZml6f!Xq%V9{fxvzI#%(QFY_Ycu14OB<r|6*x<pVUHH4{<yamE{$-l-hWSY6(dt*Q
zYH-Y$!s_Y3m6xR>&)IQzTYXcw#|_~3Vz8Gb`bL&iU($!6cmzT#-W#l*_INDqwE}$H
zDwM(}f)e<v{~0{Fg?4tFhd=XDLaaOxt;#D+rRZ$RMa;B0F!LL&nJ><GIL_B~x|f;r
zA<4%@<3&xPt&$l8_B{N;yF`lD<L@{{7wvwu$j7mez4po4p()ha41FL$7)Iu%hfh9)
z=#x|g4o!5a48aKYrcd@!)O1`S%E>CxK*H;bd9qTFuP%&^;%Ul3IPI-;D>s(4e3P_z
z?yC3FGE^(KTAR;O?!)(^yYFQ5tB;yP2CjjMmVmqo?ct{Zzk%-HfZuuzV&?*2yEX#5
zF-M5git6>Oh2QEY3&r>0U`e8(;JEyV6*@~Fp>&msqe_PBx9!7G=iyAi`a0=R4F7Ds
zpRA|w*%LoUiOAG|B!a6jigi1>_A=-8NCup7dkel<wza%0KtlA^T+=G1$5?Ih|Bc|o
zM8@62AfQyk5e%MqIE2jM9Pk3)Y#m-rSk!-1u3BQ?)vGO^_h$TrdX!P*(P0((r}b}w
zoEQ<n&$b>dJhy-W`3g2l<6e_i`Vl$X`ieZy%ZE36@q^5kR1{DTqQ~v_jw?fndk>o7
z(8o(~$)}r~{K5734tn-pE2p1vfj`gmnb~9$b+JH&Chv7=o6zuX>(`=b>LUv{2yjZ%
zv~T-It(lS&bea2e?#`oRv*n&JD7VCtIR(+5y3n(}CQ+%wkT^*z+O9NoD@IIlO~#?E
z+a;xpifW4%)sH9pVPqHW4~j#Ey3dFeBbePD1_m))i$*W$i0GHC==BRb1)Yd#xZY+u
zD;dXnXGRrChffe%s88)%iP+Apqz;x^*>m&@iAgyMi=L~oS_a&(v0j@F^nOsH>{&rP
z?t-fuB)Q_ljY*$xwhqp~$}c6qQVNUwjPUkqkzJWTlk6(F7?EAMCD+7nbEexQ+s02s
z1uixftYmTXzNc+M532<$jp5BlEsB~<Wm!y>W6sW<enXLnU5%2K7Y@e>&}atqlQEbp
zfaqc<V=WDJ`}@{ig(4@Um6xX^fQL{c*O8;`PVaLZ)M1a%#vkVK<M^E_YN~Pmcou0~
zCnpMg?n>twI9^)mnGdi6AF8gVKd|ha6TYh<87kC|f5%2RloimZGQK2ep&8T*RF#mz
z`qu4*WJa)(qm5_-n|A}w2-g;T0BbtZ<sv42?<f$HuP!US!1>*#;^c&qde3I+!cGh=
zJ$R*?vHJ@)7D|v0?ihohCiFJ}fMGPM33IC@Ig0C24WtOnRT*^&H0>&}j>+I@W@Jx?
zbD8Q6$VwRqU<{jxkJ=$%+X+gJ8YZaGr3l|mkqZ_8o)}jw^9&Y0z-Fc)yE>V=9iZ~Z
z*RE$Pw*Ke$cMT>kHXzOX?2fRcxn+t{gR*P>JF;KMB{hlPaNR;Lmt(X$W~S=jZr!VS
z23aXZ29Vtl9C~Jw*A2s4lzauOoUq5L-GBd9nmWSoLUIU7mPo3l_SZkIT*j{c^Ndg*
zQkQ581KB-u7nL8wt@doRNP23@cfP14FGf8dO({kIhP%x89h~LksH<!DrhYR=!wExO
zJ4WoEvA+xcZJ)QACk@$N`tSDkknJZ8!=wIgZ>8?84W4=~+`jA_PVunZgS2RXUT$c;
zOzmOe<xA$@#Cz9%i~^q?(YrR7Qf#5}HyVwQ?*eiZHNOW#l)yEZwD=uqW|<p8nOeO7
ziqdl$zF1W@tM;uI#*za{%7;ZJ*P1O2TANQ>MW_z)(M4i49wqX7g{AVpHaLTT{F-tt
z6v03aO>4Bz-}#d%d>)p;yhlwlm3*IE?w{Jbkv=l$yZA5hvbnnw&SHNj>iZxf*s{;N
z#wfhsL4MdbG^vskbDZ}dIV4DBZb(QLT@lQbuLMyL-t5}vhxhk*EX*U5(oaCYc{7?9
zOYQSNX#5tt$xM;HVSu0k-Wej>2|@vz50TA1){%wDOSOu35oUb~A3^jsC@II)xHIX$
zE@>C!%M7ao{t0{Rx3DFD&f9y~%^ge=v57YQ2wqem7s#Gi;^IAZE}H006A1&{bItay
zZ)ba1XVx#o@Q(;#T8Jh0cDM6G7NEag2Z~ccg`BHt1@aR%LCsx0A7!5BHwQ9C8R|@~
ze&8@#=;rKuzR3?cDq38EbAy+L8Wp9S$$D%3rWw+(<(G8O28`XR9o_YZwd|$gj!AT*
z?voMYV~d2!S2Wk(URn}WEHQQ(c{`f4d}iP1B$Qd|KQHv|wb-2c1{i(8I+7`Yn*53B
zg-p`r=*vjaRK7yiioW$rURmbrbk3gQJ=A^q-r-xiy(0Lhd0zuuaC;tS_F_qXaDMDK
z)og+d&_jsq(EskBIBR|G`J~;i%yB2P?ru@}*4%F?;=Z^y_Dna=NHKcvw!b5wmkdsB
z_%LHbaDa12@ot#y8|xmrb>gR>%4qQpuqOd0ah-#3OMnUEtvDWBLQVT<<I|f(f$l~5
z*@gi{;+5q8kE*YXinH6<hT?9exD<-JyF)4N6nA%bcXxMpcX!v~?hNjf;_%J$ocEOT
z{bI3Z)+9U0zH;r{$-XhAz)H_+5~n2U6C3&&N=dL~;#MF3HH~a3p0$;7yEzt1qIi;D
zH^9BrPEGEs+NttxS8s(xqStF8U)b0zLBHGU`Ojq~x!cNj&$v$}9j_O}k29OuOV+>i
zDWmwnKbP0nWu~1v)&bIB?VgJ%a58T|MP7y9hWL8d7@S#r^zH|1@gmf$`-JNyVwlG^
z*V}K+^;WEZPO{J42y`@d37oeaa4Zd%jcmKLEP}OQ;5HSXN|dEmrOb8-Ok~Rekl0}S
z!+e(faj;S;DT&)JylT5i4^W}!F<4n2Go{M^aGiI5`Z80dczRq7a@QzumzXj7(?f~L
zrS8mY9Hnzub-8Plxv>f2{x!iBG}-M^#0C@_gL*<}r%>yt*td1L+P}W$Bdp!FbagY6
zjdV?e_1$Ec-xA8t^NNHoxbEZ$v{SrQ7_-dluJ5#Hy`Yl4f2gimg;!uHI~rPgdEIxx
zt)^>#R-6O`*Zpc!O=L6yL=<t0VO{LE2=WAU`WW{`29om1ccy5ImVGas6-X4~`oYXw
zzJ-ptNuo@mFaOHi%xaf2sc&-OW7$<REvU&dOIPDqRj`16mc7yRIB<?m;;iAlH3`SB
zD|FY2{$i`xIg}k${UjTMYV^P?dQ{uGB!%Gm(*xrQb&l!B^1ZKH{zh<RjF3_?`XXvz
z+I#uEz@g#8V%=MASCR82FaN7-m09RU?=OeeP@_qC7Hg1)Tg(`V<ri-+9%EzH*7eJV
z>i6&w!!nl2cPOupa_`-D#a-{mMe)ugJ&`K5<P{nlZTFtB*yK-$68BO;BK&EE>e|w;
zOrWBats$7&t?FNb<uKg^5}<rr0~-AMXaCywi4LL}Oro6*L1GS3R0~#d4~s4kVy~4H
z=QO$RkZ&r$z@2YnCx+W#zuo8N-I(q0_#_lW^-j}u6);IcODMcP>kb#_B`<rpLnLl?
z@MO?b`A2G>3jj;n-H2Mj^_Fu_^E;4Uz9mtit6oduv3s^LiH1BO10AYF$NMdjE!mu6
zo8~Hbl{RP$#~toq63GLKD%@?q33hjda80z6ZPD=c6GVs7byU;IZ&w)N?h*-@^Qrhm
zAte!9g0K^pPm+no&UPS?F{gP^PrByk$Lp!YqTjlyRl1JMx$HD4q%fYWPCbs;Ou;(6
zFrw{f^6=;LmBxm(RVSl@EUq=rlx7fSUUg(eD_cv;J?U5<?P^q&1nQf5f;dE)Z=aaE
zf=jxmWA9_Q(laleSKX0X!<Svl?tVLlc%d;o7Qf4$1-uads?HI0qKLEh0zIBKb^*PU
zf@GzGz0qlmRE-$~y>+40=I_d`PfX@0#WA-1oPzYEkufLwmruEXI<kA-7jk&6?kvNF
z2(B1+_#8wZrdh0a`Al7AIYHQopH@(&?Ylpb2>%8R2EUo^=2biF{$r#L#%d6FGE2R^
z=Ovm%Xch|cG@tsYeLULGnCP`^IS5y>MWwAWT(+({c?VfZ-&IDJXX>`*c}`6ZJ7<(c
z$pP-1o4Hl(sEm)j0?9)2r_}?MqXV<y*SP3!LZ>7b_va=ty%sYGG%=cLt}UpdhJj?C
zzVMQ?8P0Gryq54d#FE81N97mC<<TmYu~Q=bC&tL|d3*w-Pb;TO*;55|!fySnHJ;>2
zeF2xE6Kg~NzBbTwf3@j+-xNQsJfq#k4eW2~^c{1W#aU05w$8zeDy0tGNq*ifvEpH+
zI(g};F6M<veEdCZEjSgrHj~mAf8|tZ6t-B^p>#`=LXg#*75?g95<O_yo}5$Vq9{J^
zR5DQHw{Z|Yl+ZlMEGKOoJ;<~E6o)Z<FkD@z&QG5!{q(qr#=>P$?oY7luUOLkd#GZ0
zpxBi%;Wc*D5I9eV-ZoDiIWJ1Dp?c{0TMO4aVZj;LE$^AA*2M*@B>CCvva-?jsg==7
zwh-`eZb@RbuqdZ>wdP5Ytyv^o(q?^dcI80eqLfhF_Uvb-4FQ0-a@EYP<65qjTe~yX
z0La_RRBE+V!`B;4Pm|gj8^^b}u!gpirw5qvI3^c$6W@;Pv+=l*pYE1Y(#DqcH8&CW
z(PRu;0UVY!UFAzMHQu^arh?C@k#L8p=UvKRKMW}AEUyGKpi(Yg6b#GELo;cbTyECZ
zJ<AFvjTKm#<rnk5J@?K>;E)jRDk}4?h9Be~d29yPvH(utReAR|;?DBvQ)){Ma?kh4
zRMZoxr30A7f=tJ)&?T!s4&8pp+uaR;z_*lC%Gme^;8MifUz|xJoN0I*-i)@kMgCsS
zaL$kkNvG;Z7<+TzucN^A2y06%y@$r80<7FOtizq}RpKfIH&HAod)W)FO^rawJTd<I
z)WjwJNE!G$ugQYBX<Yi1C*t`2Ea5AL43-^6A-r7Wd$|+a)$eb~KV-sMq5atRCc*=T
zx$z&V9dUzOZ_aTGOM!JGx47_PvfLsTtJUqI0Tb*IS2CVa&*R_UR(Db|&>|@~vbXN<
z=E;1m<dG+*S1XM=#H;3m*t-yZ<#Nmy^4<v;3^o<V3MLYjKj7~rhsu3b$E^vhIOs}z
z_$ulqAmgJ8&R>{XbzeBSnnl@&N6ja3i<OJdV{z&A^t62^y8bH0<&pBM>;1Q`ey3OW
zo?|Cic%0Xt+>XQ977Cdfzzw8ue6*$F1f9v{lys-v^*oic+zI-E+eyK_AIS+iN_%%F
zA7kgTPy_1pg<a_x?S=Kv-o+rhD%x9cXRPSV2#!|hKz%5$gS2QOP40HMzr>24ifcvl
zq5$=TV4(jJN`d)JlJg;-q<WLhJ;*4u;HJfZy;tm4<pMvUQEo<tvQg3)1=6SUx8%_5
z+(!@<&M$zyIHI_$>>m<V8P19`)h9s?(bmpWQ^$7K8MMxF(#he64y`WI$rAexp&4r&
z7>MJH97s2eNMQ^`U&GI+_oz?|v~;G<ZGhkY%VGRMF83W;g~gHZwgdddK&1_>rC_f{
zM-2`@vTq27K6%_2%cexMurTQ*q<ixhHa$VZwULfYUr=}Y{;6eu`$Q$gaUApRYA;Un
zP|UF(x_K3oojC>AJ=VC$bD+hLIkdZWpiTa9D9%I{CLdetv*ru$N}IoN%YCrcmsHQO
zbep-1d*i~1@pmf-j5yD>Y7oT+BD(hV7Q_^X)ylv=jyCR0e&quQL<Djtjyi@a;l-bu
z^I|3X99v!Lfc?07UX@?th7D+?ku0CbnWe!$tw&4I;PxHWOz0`VOV`7jCbJ9m0RChY
z4hJn<D~<N0(*aYKo1ZHcR}&8#Y@qeQxF&Zt^j{wlE^<8z)5bRN4|DG5$XB5877cRl
z1ccpDAn8#rhW^o(Y0qplW%OFrB(}GSSN*m?^RfdLP6~!<Whf^DCEGw_FzNt&(TyVC
zxnckMlUbYcRnQqK(#wh|)hq3@Z#TK62p1~^Z<fj|8`f0C?gUI7yM9%_!oj2IR33GR
zDz5D?Tz~}uF`X-SE%=8@S6rbaw23qPki0;ZwiN*LWDsxrCl?1j|2iq#Z0pRZDO#Za
z$0QjO6-c6iz1CnePNC{n<06=S#k7pPjWHR;Z?1FE=e%za=gXhZU55C#3_w@|JsN{`
zr~JqjS`84xU5x5oaMlFy2XyhjlA~lX_<S7M&$Y<(dx%qX7*{Ev6!J1}80<b@>x%7}
zH(Wouz6m~gYajH9Gg^u3z5Qr<TU}2FS$|-|s^+K({r;1!fa<s9*<?`jv*w@OIdyPr
z^WmU}c~T*dKT<)>wq28%vR(dxc!Bhf2N7Id{qj?L%pnhyVH0yUNKj>RbJ%Q_HVS&o
z2)p%QitgZI;=^RX)q9}wI=Ftb_mHk?u!@o`aAgw=#qWB(8FpXZl#gvg39f@AobCuH
z@^DQ0C9|HEpJWq){(fZ?-}8$9EYKbTz8EDX5PsW=-+MU3z4|>WzV1f>!>t{cAvb*U
z1WW*(pJD;7YpEN1cKCmnZ;IT2$Gem+tQ7@80~G%Ym3PSB$*$Ah{uj|?yMV;+tG6of
zD`R49vtj$hK={`V0@Gl?D=2+lbl~rwY%_2XrF~h5N{`*bMw@SWxcMmD>9BV;l=JGs
zfo8)+&_lga(I9O0)~9Y(DRmQ$U|792SjUSnhL~%DAxhZAUB~usRd_hWm{4qT|0z@u
z`f+U+iS`&cfXmoj*^id5?{D)QZ>MkHFD~Kz42?O!%+gp~$L;@dYXv_CZPfe_wrb5f
zOdFbnUpcq4JJ?1rKHK*7bw>fP@+~Jg-e;2tRhEl&kXriC6+9CIpqKvaI)ck}pJFV;
zv$H^{KSL?mT)SP`%&7gev*UpOu}LSKj<}<BQjbzH_jRa^V4%?SfEKZ{p8#5fK_cII
zBc<{y-b;uu4Fo8@t7F3H3Ri5l)5#0AqmvLP&WiVqQM?Jhbe?PY4`yI6Hn5W(prokS
zCk9{E();Dy394*CV%g{QOe&XGX4)EfhU@G7rMZv-YrO*<g(=I-Q2GKA>?z0%;~)$b
zu52cu_^YEg*)|E!$K)3@iQ=Y+YIRi)0HyM%Ah;`Mvaqn9E19M<9zsvT#v}FDbV$S9
z9U>3O!F$^HQQofLZwngpvCk2rR#V(Nht!US+pDSuqB~*Lvl9{CuIz7tACb_4_cE>?
z<}GDU|D`3sAI7&G{-rO?87!Ilyi?()ftt716XYHJ&hij$Q$W77JNp$+afEa)8^zXx
zg)8egV23)nIRtQHlQiD1N*k@y%Bb!_+e}=9I?6*97fXHP6X*o(Z2i!MK}e;M0TBGl
zFGIEv#{o2ktwkJ|;o5z@&2{Ug6+vsH(34*~;P-*zg;I`kNl1pFo?;#B#W1b$Ro&r=
z?5v_zQ<VxkS7eidg;Y0*$jAG0sgZ)~xIc}pa%w<N-=~f@W8D%hCDt3#>E)s|G@B6q
z`_2Egv~OKUq3q(nmY$KE<O*@Qq$RGaIoQY{aXZ4@>u9IhcfW~V6|Wm>>3Mm;weC?}
z58u;lrLvw}!DK6FuPwZ=s43er<#WOCRa&j3aIvi^vvyl8M&s(jai@UObEMo4inyK7
zw_4Q-L?MJh!$(y9-~!;*P!%^xeoAw=5fF4cAczd*#Mq7FHk3eDn}y=@UOmwUMjJ=T
z=iNOQ!C$O|j#<8|y&*45XIF@OI(*YQ%$M7=VE#w87DlcdP_~vWbD1?`j$9N*L6%4R
zlP|p5^tk;OcWwi(j6mPhqSk&(`;J|c&wu0FtK$iec}zR(JJ8Xn)d~LBE`@4n*I_J|
zz}wS!OD-1ANCcFiAElYU(*lY&;`=n$f%Qba`Rqv1JFfG=l5Xhe*(d~tGN~ZU^K^KZ
z1hgCaEB5f86#Jym$%C=T6QLUu()MgNO!i5&(R*?q7H3%P&3`F$nFm^&L7bgX&jAZJ
zkmYiSe9#;HF7z_Y`%_<od0QJ*1kx$-@#&J@yJwBPg;&0O)KH!yD+XXsBcVGa{Kl4c
zY`B#?dpnO^Mu@Kgu+J7W@2B$iGsBo+&B)fO*mS?Js?{qj+Wvp!&aCd_y%cHy<!Xof
zgTSHI1RxRVB>T##+*<X-?I{Er&R_f?(EDj*)bvPve1v2JcDfL}D8U88DtaafJ(i6i
z@W>7hp!3V|!1cSag&rd#ESWzPXql9U3~rEwEJnhB**{5Owey3YGMU^76O#Q{@Xo4l
z&PyROP_S^zY(y;lBAQ}o!JjaSpNeO*{GS(uxMF!4vX^n2=Ao>TYEM|&X(-9}Bih@)
zZsZ1Yy;*!78<r#YMu7$Fktamw%kugPn%epGQqbHsHEFcnj2O0F+3!GN;m)QJV~FO;
z{>>#s&HjRq62RpnhKv-7<&Va;!-oSm5pgoLiBp3YFM9hrr}E%=Wl0PcBj9@?iF?C<
zko_~BhS@wPcQ6B^Au0EsEq8j<jV<Sxwy@|UJ04)qAwlMs9Cm?@joSEjN78jqw919B
z*S8xGMDt18h`IkUwC#E>(7_J>tQS||YKCdo1&iVz4>Pc+I9k$CJHNkfBx_G+uj5Vx
z(6QGkX+;%w>C-5oGQ0_9!ALyT>rxN|7ruzpBt-Yi^CC(-f>Rgz!a_o|OrT|Dh_!o+
z*Nr&p4~K8REaDEcQ~wWW4dbbdX~RlL+4B!D?Cf#acED!<7rd8JW<;WYxyQ#_3ZHd-
z{2N>p>+=jXBS3b)P0d?MdeQpFr9O^o{SHuQ@r%e6P^bbgqRb;WccCgAq;Z?gN)y@E
zc&!Hcp%v!sgg>#SJ@?+##|{$UcHXA&rr>6o1Vxz+h&~*+WekHg-;6YNtFc_|WwZ5O
z9(AT*>?M6^pgPNUvNObU8N3`sG27_zt$u(ryI&kJZvD!I8Gf{4kQg1W^hQ)SHatp6
zKvwSIS1}6$>93%DP?!~A!gr-|0&qRLMn?3UM2U=7`UowQjj!b|g$4^iQwyW<W}(fD
zBU1svBQF&Htx_@;nH0O}tHmqb@%C6*v`wId{a1hX9+r0Zf{Am4V=Qgr>7lYG%|FD>
zD9VL+=|mXAWlu%Lo@Sr@dsXRg1+f~qwF)IG0&u<y_Q=(6*x6RVe(*FqE|tXY&*f<c
zJ|P-mJZ|6jY5OaHkU3HawWhH+6R-hgOZN^HYIqapgg(Ba7|m8NTzh|MvHTBKg<<q6
z1F<U1cKKhN3}V5|Kw+9jGURq=FgCRqw#pi`5w?iZ!)^MT8RnyRbHLOgBy`J75r^_q
zZmuK9i!@N=B3Lek85a5pIw%PtMsQmcPmvJXSPu4s9Q?Yh{Z~emy2rH&Aj4y*&X<u(
zR}DhuyGB2kB9!!QyQp+oH>Y}Rg=Lg7YmMyQ2{PHCZv$_W`CB0`aEd9{p|JbMr=<bW
z(gj|~!J3aDT1OJDd7lzVYfA8G!Em>tie4O;fNdYsGp|%*Wca=H3>6^5HGU$P%0Buk
zpi#OI!28cu5Fm#KWLH!BFO((}dFcvnVGCNMfFJ*l|JHkJ{0cFF*+&>W9*{;Vdd2t+
z4j4Z=sH1*3jgG!b_E&Kj3uVIF6%~{ZTlU8X`YS_qZHr^L{kL?q2u5?Npwh+=;YZYE
zcguLvCuQx~ITb7ZI<BBHbrtw)T$0nxo9KB)lZ7r%PQ_1TEknqq9j|~FRjCsJS=}@O
zT^shv4yCkO_WD51%qYUt<<JRJNl@v)kNi|38Vn1UB(FP%i+sY637bE!kM%i-<+2QF
zMu@5Bw$jPyk<cT<tmL>04N0Tx`tHD4lzY2MVc-$r*h7-vNJtM9F%%-4uofhE;1ez?
z9P|%Kuy63v#eldqIF&X>b_J}V7#-YJqYkE?uM8gtHU0~Jy<Yhr7HMEaF~vf9iiC9f
z1HjngFXFx2kxfMMShBDyP3MapWZNmx^f)yY*}4?qotyg2+uzpuwH+(`bmf<dkC1*Z
zkx7KvtF{BNl@FL1C}@ePOJHv(yT+Ftri%eYh0v*(!wh09JW#}vkJXy|fRcqv`eX)N
zEjA;bY(BFARyJ_8X3#VJqQCdk%~ryK?0!Lus1g)YLhQIpQW)u*f<_fWgx55H49|YT
zm4Jh$mddAum+sy<qSmoJa*-_L5n8NICdL6}PYU`VSDkp&G%8_*K%5f3bfAt5+cZ?f
zUhKf>jOV?iEA}k9Xd_7fgq*c%g3lgMv#CM0RpG47x3dYvDNKFr38UFh8Del>7)%vU
z-`BY^!EoK-pwFcI>EWl=Q<KLB1qYOr&U*ZroZ0QzP9dT?KNfc+0_6^uq-PCWoErn4
zd;V`dtUKW1P9SFdUkcidilUVW9)CQU+zQ;WzMGJsjbU_c@Zng(*)-6o1T@K27FR<d
za&;MFcy2#>*3zBimn^5MZ*wiKmj;f2Pt8JrOB9#lKn6ce!0mh6PAL@Gb$`9%YMNA~
z0-c)u&|yS4xDYO>&H<<cqrhX#*708Lh-4*SOeKYB&NW9F)a!8p>wNLX%#(6xXX^zD
zfTBI8aa)M%MQ*>jFXK$g6;~Z`g7o+)^G~22ikN6)7VT%VDnbK~gEPhOG9%gi*bQrr
zJXrSPB{m+s_#zif5b%jx`Q*XU=~QtB>v5lSCD6m)9|=-1xBnPIf}_(E5n3t7Bci;I
zkr~N+QwbsuN@?d=eX#ygRz^D!8qXNgWZoL-FmeoS9+@|3vA>lFUeT5TZouOQT?)c6
zkO;vI5dDY-7REwz@6pqb{a+-=%bmDt-G95l8ArNzO@rrQvtuj+H7X$u!{mpPEn?TP
zZBk=M+}vCwWGjc9g2?-CW$2{*`|{4G{z8pyW~jX~fyb1t{Tyx-SU;9aa_AZVyQS9)
z?Gv!+fvtDQQ2IPKWbbE!#dh_?XvAl@7iBpi!&ath(URz26hWL9z<LP_5%G?NU(J@O
z%=bPK@UII`-A6ux-n{-^zoleEOI%4Imp|1=qlD+#3@WO5s)KEm5PX%U`l|}|k!Y|o
zeDZ7<&{I#>dJRN?&{?E3<pQ^(Utt90Hvx)a`5g`-f|;gCc8j1~88YkYd=~?oWdrZL
z=!pz@)+19j8&fu{{mYlN)nCIgzn9%PAfR}ULQyDv131Pq{CXscuaB;eD8bP~hUhgN
z?HctFYmh_()ADo8#beC+j;H|hYAN7U@3-CX?Jp|(`Z<`4+ECDNOoHYT(tVeZ&mxD&
z<()Vj_;rC%w*lez<RK1tQPCOBNyv|?)8LNeOTd|>C?l+Y97R4P>j!rD1B+UEMcp>8
z1~<M@R=z>(->^_)3J!`fK~UwHGkgkNkr|X&a%jM<zaZeo3I9EmAV(s8!=erRR?I;t
z>|gPH3D+~#QO^rl60mj75|E3%jI&mbv%R&XR6MQDTTNQ%yxXyz25hwyikf?(vB<C8
z203sx;igUs1hGS5(e4tKF3uIBN?8&omClM`XVMlHuDn;sXMIicxlQ`ot8RuL2I|xc
z(xGFUuqL^HXA(Y{&H{Q!^HCsR&h1wZl5iad#;g?K>3XDT-^<XF$zBy{%-aI>qM0*I
ztk{_7>@>!mRee!wd+tW$QJ+N=;{eB)4T`8(V-}}?36c=uMucJeO+tMJL2P^saxkgT
zr?hz!bg(QxS1;;7!Wer9rJ<Zk6YDRZaMS+B41S2rKr@g6%@E+z0p%bGeZbb0#rjkY
zs2Y(x_x`$Oy&vISZ9@SV(4gMm3z)WP*rr=8n|ed6<Wq7ydo6~%ebZTtcoa5dPcMPD
z&12LMR+O*I?rh|coM9}7L^KZquP6njf^>nn%~&>Em$ok&BW*~$n=JF~Py0xgWi!4k
z{e?9L%uoSlvb?mx+A4<NV-Ss?0t#u0NZPK0&Rn%PuN4GhY?fV(tKIw2;%Ietbb-|;
zMViD4VW~bw>^Q&RZTXorz)j>Ui_QBXdfVJ3%k%6HuJe}<0nuuf`eCqgaJUQbFp3KH
z%J4OC2bO?$iF0PdG6x~`<*kY@>}8>UQ9S1ho+6V*n3=Rae+h(Yg|$T#L-#eyYD+mP
zbNUL1infTOb`ClipETx?2tq}FNj=W&$}(_nJs)c~!l)%=ra+C4VDo|sl#0E2MMw@$
z#$))x)rpLYeH=0mjlCQTwW5f$I%R47Y$p)@;*U-lzp#6xk1CmsGVt!e|8{baaaI_$
zBrIec`22$D8*Y)Fu=a>#y*L?Al)WWjaiRiwjJR2s=l`1F9kFPh%bj~0w4!3vJ>11g
z-N#tEIK2ev#XfSU%H(XYTTQH^oVI3^R?067D$4Rq3Z}K@rv!fla{%ZwF10Bn=idna
zBmJqKe7l77V>gmJ$WGc&lyOY<wx6h20OWsFz%aL#lpMqc4l$~snQtaSp6E9b{Ca92
z7-lZ^S{`Q-GD5m-ov>j|UI9KEL=JC}1U{Qe6rnxYb@En~IVzwlQZC#5l1{lzZnR~<
zK4)P|0Vxb_;4NaaWHhCS68a|ytRDE;hXP%c!g!yV)WY<n?di*46X4X)$&msmbtbvW
z`0uXn5-!4?swhl>58N-sv!XpuqNi_CMq{%t0tXxae15*BfB<+1Gv%!y8+FfR83~6I
z0+k84kxSGN!4+`|@DAx_m!wn44CSc~yD7e1^*eNB8eKl5rn_|2eX@VHd&_}@IZg)_
zyKd#-AD|Bm?VM1CqlOg`LjTA^<Oc||M}9;J;a5CtCN*(=ppvv-nIpu+Mi`<0F%EKG
z@Rl?|WT`sAXp$Ob0@P_w{bgB4+t~YdzCGL+Q`7GdBZVYjA&;mwq^>}1jtKMtEGJP=
zNG^ubErAcO`dcwytQZ1xoxHy+{0Q{HAV&%4^k;081`NiO1rRc-54@Pq5mNpxF**k1
z%?mz|R1_>KkcxVf?PmPwF8fG*5n^&Qjo9Q!(+d8n0|w0LDG@e$jB3J?X2U^t3@C^!
z-#^bU3yQ;oK(-K*7@Hp17MTe)EYYXzp$B7sh}dleWBD$TI|LN5mq`2aWAL=jFB*8H
z?m*>v`EwV}p+-?6*WKRj<*HSI>NTU1iNNxmeIAp>54%xcp<=g2SGXrAjo9o$@OnVJ
zXJf;!v=9E=5bi)_P*>=K5vrW`1kK1V+obtls}!1Z$=9}36cGa{Q@Jn_U-*-WXC;Wr
zD6;gnE3HmA!A)6u4@vee!m*cyCvQ4$gv}GZnlJ&d1_?6swKv2EoMpCu`<r%`g?_p%
z+jL4<?yt>W9Yh^m)DNtK-bVa}NfQW80VOqeOHjn&2SY#{$rlq@x?Kp}W{1S)h>app
zcAkB*c|O}_?eU_0(2})VP|_H$=WTvtFZ3i3PAgI`&;tzxnlD0_<75G=ov|1WttP|7
z3Xiy)OJAn3=B7KK$l(9y6QupaZo~gn8y}oZI!!1lMLAMFcYTIt!|obq=c#bL-;e-x
z@}O#i=^Zdnd8q+Zwmseos4RKojbV5B6!5$=KwZ3yd*-iXXa(52%@9e;aIpr`Moo!;
za~9WPKn`!)opdzrl;ww%a(+5LhdTH*IK%N_*<a^5_A~MhQFinc4iuc0%nr%utOLMO
zTQX%IwBvaE9tE4oqG;VCMkl~bsn`>N4W~qXq~fWTH|*JICfo~*t-#x1kP9a_+$Mll
zE#Q}2B^j;>#Z6&mA@ICwJ$<-ywM9)J5&35KrbB8;Xu~1ZO|Px#y4#u|BDc+?^fjkb
zwzmR-oi_LbRT1zsXw|~T<q%0t!9)ro&H7O_5Y5+>AfLd-XeXi%_x5LcOaG|6pji!V
zuGfpTdKG)Zs0fdl4i~YpO;z4W$vn@0hV{2MdOY}oAMS~jM~U9uS=NJ_$=>`w{5uoR
zibid$5-3B2Y)7A)bM)C^I4_=bk<^2KMI=;&Z05<WdUMv8tdpn8)5?=NimiAaw>H51
zcO(yv`sw{L(vrwB_JW%ohX6tz{fg4yslKDUEG*UZ92-+p5nrm<XJ`v4dlLAlbb$DJ
zq-q8vgF@@WIRdniTu&{_U&DLKg>Wsab$nLO$CX5Z7#l7jmyHw^@ipsseB5x~!(T1X
zy7RB+O+pexZ)Apr0-Q?7DH$5}s)Vp{0bu4rU0BN&FKdg@u89;Q&0e#s(4OM49P+H)
zI9a7K=-Cg9Y<^Adjv&o*IB#xx=*)*=8qa;uUWdH?qCtrj=CR&ynK@ULa+!p5(D-vO
zY2xlvX!3rtk>sCtPG>tPKwQdlx38aN_`W{=N$8Hn^5({oJ#}794ifRfUU=fWpN(H0
za`eraXI|;s{*ft$2dy%(hpsUCaIOSpq}fC9u~IP2BU!WSZzE?OA~N=P!K#GNGJM@X
z!S913Rk1@BZ6XXh-M0s$iU$$Llkz((=9O_4->@yW5<^XY;t^a1D2*}@&`n=dDGs($
zx5V_zI~0<5m(eoI2!IG{s=sG$5xgykd%bEdfd}$g-`bH3h18~tA<a>Lsefc~V9std
zty0;3QH!`WXXveVjl!|)RGPr;{mGvSJM>dv3>Sac>WgSba8cs=<!UWMoUIoE%YUB3
z5ViJK55`~Bi^WR15D}%C@G!)|&>4K2Bg9!4tQLG56e6j-(5ZYcUWZd^YW5osv06Ci
zXcsM?oC-kjTXM&u?l2{OFD*MRX-M>UyBZc$w4OkTv^8Xl$1mf^Ggh$rPfKaY5JfX)
z@w%R$-JWej*x5oDz?Y2J4JRnV*lx-y+ycEqd5!Qlp1ts10?yyGD<JGl-t2-}z)F!v
z5n|4r7rKZ>oOUJnojI~yPLm(=OKS<WRcEsOSem6G$oRD7!nvHQ!qN9Bd_(%n&ts4<
z79%*A{UcT*u@O?s#`=~=F8{Q)h78s=VGghAeKNn@Bb@qKrQ>I;eo)CBT-cQHGuZ0j
zx$jQM+uUeGAJ<&yFDnjNMqK;?yd{xTgnB15WEn<wF(8CQVg?08f+w>7t1G=_!HXd4
zYlG$GTOiC`ZNhZllVUO#R$nX0A0!c_3*7?`h(I!GteN{kngO<#va>r4oZF|H^2Jl<
z(L0>e-Ugp%c1#(*`NK~(*A^g%c$3DKX*fshAQ*cf8j>J3S|dL*;2zDQ(ngymcj=o_
zLp13y>;Px(BTm?eJs*cna5pHQ@N8$L3zZzStPp-OH5qt^J~*tS`8iA&hrHuEtyqid
z&2z7-;ngS4ci0@o+^Ai<ySk*g%W?lCo(2AeGXab=?`;3qQ$&hpJbl^K$$~?3#EX>>
zT+XzA8Vy@)g=vRST2uJ<&wklv{`h{&8U|3;u$kIjSTwRaaXV%Ws6#&BzQ7dS|JZwe
z?fxT!@yM-Wy;3eje(rsqO=y1U9lFWTR%IaTwE;?X9BmX+(HQhtmqBzLdExq&iF|+T
z<f}B)xyQ%m-X0d8lzG%@+LF2zU|I_89;l?QSG#aC{s4i5YZInbGFf{ar3tVfr^(8G
z79sFpOMlh%ZK7HiV;b`6*Y!XBs(Hw}c|P^F4823HR2Q6H2Q~ESFb9J~I&v|h)b@gG
zcQ+HY3I=A;^|l|BJMWk7-maL%`Zu{8ZcSLv$gQ)REQi2Ma!*2aRAidPj&@8kw-$?P
zN2EoA->kR@11%Z}a9&6V>GcdGNi17ozz*6QqtlLJJk?ZUC_BtfC!r{N>MY|qhyR40
z%aAE2u&bI$V6L$A5d4i&KZ@XBVtf`o9G4x+-f}H+_6PV{B1e{O8scBtOPIyQtSR}0
zq<sTJc36Fy;FPtf^4^)~xr@q7;m4cgQzv-R9l&ELm!kznrgK8VJ_Zec<R@R`x}0W4
z{!6m;Wd#maH(xT~-bu#e!Dliy+}DE5U`s!i3#UTp-v;LIRuQ7KQ62xJ5{I)1O+eIi
z(;BnEChK-g5b1k%J9=tHi*^5qWa%*b&EJ$#iqX1x;@8pZ{cbEwd+cntAD88IuyQ}w
z`?=0Qfym&{`E`7tXtBFr{oY(@lVAdB4vcRjgrvQPSeYdgz4qasUDy%A!{votYdkj>
zf|mjxBbLyrg)BOOC?D*qyUj@3<hNp)@noA3p6Du2iHAe<h3&tm07AWU>47+rQKRo?
z`|^ec1E^U;L`f#%-_HuFsw<pBO_R4V+B%ISR@Iqzkku_YKeJRv=fy>Hg5jRexV_#!
zBc-#I4H0F;HOf>8wT>UQdf$tAiydqa=hWiZ<t%HZnXxndmJ5(dKM3lI4CWn6Mvx5p
zb^nvw(Pd28in@4(dqnl@@auTq@{X%nwIKCxxi0t*&3<P}AH}1O7zMrUw;325DXg#l
zIHK#HJowidljBdXczj+jPY9pXze_~Yp7J4f{K-$IoMXK?$&yIi+54xnc@Lv-Y>HIj
z1ywQi^uYsXWYlShC)%|S4)Z>+A9om#8ZtZY6yZ_gWD%jAK-vGFR#pE8N3LrL<!|X&
z-SMXhvDXrsjbRMu1S3TTFL5zguP^gmNq*Av5CzJf$V5z?P<)6Uclq{z099qj6Gy@@
z3_zgCB>(Efnwl3+IH0UM^je8mS9vbv(3WA#7Ltm_Q41Yt4%Jkf;tv!moq+sbp+~<t
zXT(0qFy-6Z88R|*!pNMyw#Pp1L)GzM<$YuM?sP3O6-8s^xs}Z4MAVHQwqd2fI-ng~
z$62?F|2B-<K>qE!Q-pzgsS^|N7m|SnQ>%fzfaMi~Fcm*!dw=qMs>d$~t(}HipWCUW
z?Weex96KuaM4BumcNe1~QNmI6{xfl4id^eOrbmXNr)dGoCq|SRiBA__Nrp!kuQdXa
zi4ZDv<VKa;JS-1U!70)fPXMEH&Xn;wZAYg<ax=$!_?&+yRG@sAg;%alqup7cux!s4
zp=5>~QAThz;4|ZsEfKc!Z<99|KFJ`^B|T^bDkq$M2kS|-R=`(9C?kgFRq8}}ID#3}
z-Qn&H76H@gwwyft|Ft!I;ynU?`6h2+)<fqzII@Ta=7mN5oevrP>gVF}ZnDia(xca#
zTBth*KxvwoW9%J?Y$(QEuDh{oBUFv~z2;;NbaO-5bHDlOd$lv5R=M&)Y-$)?F0Cwg
z-g@#nYF2-reb@+K|H$CM4NUk}Bl#~t)4{s>5uj<Etg7~;5^Fq0O*gZK@5`qSrjEBx
zXVTk6h>im_+?VtEuZDuW!0yOzUKVB}bOIwl4TZe01i$me#5!{;omyDMDW_|zW(V%}
zf<El`4x%+c`X2{B1wdIM{%)1T<o!1r{E{O*vtWea><ze<WhWZJJs6}<-LgZf!jMY6
zTz;gST%T9PLThNy*U!n9#QeWTFmShdnBQWO%k%u&f(D&r>E0Ym*DS&8Ga2x<*k%gW
zcd>0l1<^8`TU%{t9?l*0jLQT3MmywJB7CK>%{Lm`a0Ju;<i!f|D@WE;zeJEO3$ovV
z!}?!}Kr5P=lCRmvQ|SWm0CKp`>%Td?m!cwj!#-*MH&QBW$yACrRyi0{lGnQ)vn<{K
z4P0N&pjm?VCmbx?EwFY(_!3~^ZS9~Bm0CFC{8qv|F7bD&+qyH9sm{o>{W&`1C?jx@
z-bk~?19tNN9YVk{>;uMy4Vq-i>Fx5A2fOYR7zZFqfdimrsd^CTiXBea92g5T2UH`H
zQTM+iGV4ykF!eAsN2<M295~r_3YEoDtrT>MI`K&0!2hJ^s&|TI8r$H_$Fx+t%e63N
zTqB0)n~eSS{v}Wo^ovmlx)oAE^cU&yRELCPH;E&dTSl_!)X^y#wAQMa5L8*i9*M;V
zFpZJ^|I=EbyAC>dW{ROB4X+OyfsM2W(=Z!AuLT_(i)8REBDARc%6)~dI?OvP=(;Ul
zJEV;TJgWVvG`?eWeE0c=d};nXZuQB=4-ha|*&#AI!4QR}JC9uZYU9p|9E5mK&pL@<
ziwj+EOE^L5Lr>271;T4cIrfxkx}G?x=w#^J(!%}`TV|t@W5AXW{v)RiaPg<`oGXuq
ze(fqaz+7?D3!w|>8G&L%-4&iA`?~4La~gT6$7efbxo5MSKxP`XzhZ*<9~Kg4%RDhO
zL!Zvy-(+=RVY$P=(HR8CBs694@+8U57?Mf7OjHQgsIUKR&ji!#KmCWoc2EfQ#T(8X
z3~|ZxxWwu*5&MDcn2-G5fkbyTN#J3v6~1pP$PoD#Dzrvt=b99_lE*LH4R($12v!FD
z6Ilq!x&HxYoZxW_T-th=7HT*J?V*-QWiMnV>vS&a%{IhwWz+3Yc6GxpF{OVZ?>e&I
zu;kyVC{yGuyq1Y9C((m}2Q9lLfO{QBZMzf;8F9MXXEdi~GOvJ5Fq%JiC}rSFG*(VR
z7w&89R^JhIzC{?L8UKee&<}+&;gC&P0DCQEvwF55sek872H9rRt1M>#biWkjhBPs-
zEkZ0rMe0VN8UI)45Z>;Dm)LHE-S@!j26eg_daaSP*l0a*OqplsGzRm7)$^=-P{wln
zfUzOU<}_A+edEV$N85Qt)8<bDWGnlB5MvUm`twU-&m?e$r$=(5p?fSoA>jS9{is0L
zeU0|O)1;71R8!jfwuU0sYCrpoII1RG`>ePoRauasHld|MfRO$AV1eK{LOCmRVmWeC
z<e)hr<bohy>WugEQ;0y&wwd%nw8@#5F}v5Nxnw9OdZX)2=4)m;n^p+1IaB^&oj10~
zlS2Z`=^!)mGA-(4_kcFsrny_$8gj=b>f2kD0PfYQfLfziV0QAr6&CuxlsIzfWAaDB
z&m^Hf_L*%nK9cW>I5_W9kJ@++1JwHqsK#7$UgV2&_B*{O&kTOvTfIxe+jj9rZK)=>
zcYosurEg~`S&K#2SAYF3@A;_(O)yO}PdZ_(?ncf@V8fT}z8zMt(qq9F>&b9|R>j6x
zS+*zlKZxDx^YTtkT*_zBg6Q&-YYkUZ*;Ch5lrqiEX3WW1@xT{T^yVGtDVq5B+(p7v
zc7Dx9?y6+RDFbrPDJ}4Y6?R4AJ=shte#h9;YicK@uu>f@QX&eqrv7y$6MOBkzznJs
z5xC%!52Ff~gDtGk!7Rv44T*%CaEmn@AZ@2vcy#h9zl;$zhTDJ%&J|n(7K=4beAILk
zV(7YlI;SQir?6111Ry@_(^AWoC=40V7$l%ovM?D2V$#x5)n9jeC3~u>2E3aNldAS!
zcXy3`qpI4bolcGC;J6hg|0&?KT|WU(rEJ2N3FJT;9=hiHd%OozJ>K^IBeCn9P;aZ6
zYekVsL<MIhUq}E^NG9xVK>PcAX<$s)F+q-qjIu97O2~^I04tpPtc0M^pL*a55&}6<
z2tJdN%K}mielC&#tRc;UWT2j<!;>Y+T@0y@G$HhZI0;&OF>acCq5sV!YO^K7QxCbF
zK=}8Z*agXsC;rP-OgzSpwG32oj{>_!2W07Yz6lE<N1>xKI+TUPA;zqNJDtB0-=e53
zQaO6nmv2}Wmh*brY!I;9)$MJEBgL;jyjMprDxa#j&+VuZ`7AFZV!{ip3lk*@DbuNl
z&1|<%`a*O;AKhBgjy1l{R3th)Qj^G^JcU*!VyLr_aHu)nyOyO>Ox>YXsB@Gu7-Mb5
z5O^D0E~X*~14nKslIo#D=A#gR&p{yvPtvpgU|p?;cPI@6K<C<Joibbm@=CPgS>8IF
z4pZ&%psm)5)qeQ;b2*qWCmoEi{L~P7c-y;Um>x|_U!vFNN<Gi=2W4rnw1ps7xa1e=
z!ZOC{W}Akf{VSA0uQTx$97?*AOQS-f((fA`_*!zHfa6@_R+mzIq?*Y*O09d*Ut<_A
zTC1OXtgYg>HxnCU#Q!{DP*CmCA*TH4Rv~x;c)v{-iQ3$4b$LEMZEX^wGCjwsE;tko
zZ1We@LytJv5YF}bN(O^4ifkVep;8@K?R|#TJ)}k?3WflcVY&d{WM#ER<zkQdpYkvR
z9^ss;7-75}D=mZY-t7?R3rY7lqvm`arL$3MDqo6uovrodU<G3UR3lYgv#{s>aaGA>
zn>w*}I>K66>(0TqV$^5-_D=If+%WL-cHh@EuhMv<)&2!mI)(zxYfWp(?q?lM`6gZ!
zKCa8cw+w~4;OE)3ur0V2d88uYG8b>BpJkPMvz(XIY&he??Rkssi|D^W^Kq)4Ht({+
z@8X{XRMFop+R<=Nnh5pSx-)W_(p4R8j22V}DmdBePqrt@gy_p_@r*qZIjQUM(t!_<
zR1DlH!Zq2po^r|R;DKY^6O?~r(s$W0Md^?vRcUOcWf>(ho5txD%3g{!i_pmc{d>!Z
zusFXfozj6y=1K2Lyy{|+YoIw_(9h>a9>YoEwMGRBq2ZsAIV`io7i&@{Mw=uAsV|p*
z%;H`=Fv1<l5zBHuC&W>JOj3k*SOtTgP7`z}-!hRm!^$&b27ZA_M5j_4?zv{w?>dxc
z48Kt<r|L&}O>_NPW5%w~X+yN6D!k9h9(%eiTqT6uN-q?D%M?BOsM^ELA)uep?>$P9
zhG!o;ocd@o(HpAqvBmFBkXxrDP+Ngp{Ei5lPrdU1=^)L5Tc8sfNtOz)Y^b1vwodG}
z76LI{(7rGO;`QeIROaR#_3radv3FQQY)5w7y|&IA>^zyZ$AS%1TH8@YKx*9TfSI|M
zpgky#&Q<hO)4c0$QKIzOt&r-G`8=&3S$o{guP_|;m<@GUm5F`$q)W3xeSpAOVSJMA
zd>7L(CU3?Ijqn($2AyS6-HKwJzryGg5#>s6sR2}R9G;)}pIhK)PwKcH1j!f&R``BK
z#EPA`(Kr^C<j914kizK4sb79EH!d@|AdbR#PyV|m%Zmm@`aiLFJ%HvtHW`5SE<SG;
z7({ZRfcH`=ZjCqAM$3O7?cgobaKsHl!JFMQ8CGLbq_ldelwEg%_k7&>Q0yX*F9V4W
zT1Nvujgpw=I$002e4&lQs%n5V7dz+q_ECdS&YYXr$PN4CPMY!5EcM}pl&4HV)Q_Jj
z;yXvoA2B5E_{;Q=WX2R2L*l>~s+9jXhVaYg-ESvZ64I-SH>7DYTbLDDuv?4*i89z=
z7h0$<3cJ;;3$xMkwoa=6&2H-R!zb5coINRN$LOrM!hA-X-zu@E=8<rFoW6iABO>Z>
zvHP4OgE-;a4@YOjtjJx^(@g`YjnO$Lko;9b2tzEbAQ5qKd;Y&UbD#5$Z$3Z{yM$C0
zW#n2uw&mx6EQSd;WGlsr|6^E%2$Baerq9YYFFs=0UH5!Uy-_?ad&RB!uwAtEMzDxO
z@mguwebqXAtq2viBI3qx>tbB3EnzNhPwq{H#KvLB7Q%hYY)7#ldgtva-zQ95UMCBF
ze0MU82JK46$xez?^OEj#K=aVOozL6aP1~%Q%6q=7UAisQ3tl$m7*q@Ebw~A%qTS!h
zy36yqENel@8l(GhRChR<U$Noc<N1qR=Ss3+Iq)h=B;%G$5%^|*rgg+A8!qsE1P`VC
zRs3;_HK^4w<8_n_P@Te9$oh*Nc(xCZTsUG{9g<*K0X=d7^hmzDgsfHBwY@_$?lAxT
zl<yn-4)Jr$X^B7OD{}%DghwCp{Iz!R={u~YIoqmIYIs%Oc{VQo37}93*SvO(=thJ)
zh~Y79GVGq~e0+&WS%Zsp6k{svUJCM?V1V?ITd5+g_8T7}OWBRXxKGn;OMq&ZjWX_E
zCe7c)S<!MESHTXj(C7*o>JH84lqIme(H(`ZI!1Z9zM%ez@%ki$csBM_STcZwRbqsd
zFMgC2W$GH2+ilGUL{iUOHo9UnBLre=7wd*RVb0mp_KFUfM(WYhxGJ)0-n~?HS?E9~
z*=D2$63#@Q*S-D&bPK~q7qvtEku45ZV_!RQa)LwGPm3?9$HC-lO-eqTZct@K-aAT_
z;P`TNE6#;LGbh56Z31tyXm_%ZXUuT91m-@N6tJ@rre*nHi6XnCr`%y31-L&A>j~-Q
z=N#<UQU859Qd(_b73|`y9p_S<5lM-);1U-{gW1cn@?fsSeU<;vxa{3sM>rj@HP)Cm
z+iX07y&!?pzb+q<Si|e7WS?0NE!Nn|cfL0GWn$6min2O!N>N^$I_uExM4tHhM)C4}
zvx-~2;e;{5{@srISijs;C{RJL$WRW;+x>p>iJV{+=?ywTnMwywup(b;!xZO8nS}9c
zvGMGR@6SnBpE|~tB-xFX!kR@H?dk@VvOUq#l$h;`oY(Q(f;NG<m!mY_3_5=5X3^Xt
z|3nvvVVE%-hpccgN%ghXJP*Y4e5-?OqV_%al!h`S=iK)@-(!(!nZ{LNiz!s<(>pG9
z{PT=9{Iu@+DP8k50Km7z(-)G`7b&SnKZ&>_{?um118yVYqIgSZ@V<Gs@)$K9=SBvc
z3Vdfun)v8`*&U%Jd=|Pvzu%lc9lqMPYxD|xq?NNy$Hu6)1HA)M?}C0gJ)m-wTV`@J
znl|hE-+2(zE9|2Jloq<w@BAD%-U!H%#hs8z`zW%J?$y31Mgcdsrrj1#;*U#nOMUA|
zjPB>x^^?|C`*rP<ii_Vp4P{v=_|KVIU#=?eb~1p4Diz1|5@&cx%XEn(J5S7VC-F7E
z#2lBl3aNTXYv@iyO}(r!c_c_4F#)9@WqNLjUd@EU?Ojz^+N{EDR8`pWUvj~u@X}H#
z#{EhXRl`_{VLpN=sUZ^*b{Nz0{D156vNh64en3_N3rtE7#Mm+lH6*1l`}OR&yl)i6
zrHP6mNF>zb*%j089{1s@^F{mA{O0T=8-h?^atsn!JB?B}^$#?`t_n~-3%gDhKPS}|
z-V*v|XzB`!Q_tt?^^Yf{*RV>lS-3GcIG+2u`+bM!L>ga0@=r}qh<AvXx!ijO>!E-z
z`vjxS;@RE>{)y#@S&b?a?9YKmm<NuiLAUw|Xu^<FeHC2t;0X*jM#}kb>l1c}ESY<c
z=ja(I5JsR;B8x+R#U+52)#_ri5OK}>2R6zI^@tyvmOTEx?g4OOrgF=Xl+)R6fpbl$
ztVW2RV=nf#Gd?4R#V7Oq!Ru;Tzr=TxC?$%dL^M{LGx|w?=*rp2Xg;NJu$4La($0Q+
zNvrp!nepgsd$2{4;>~rX6p9VWVwRE&n_eh)!C0c78?8E-=Fjy0kr317bl*0T4c>qW
zF-?d$tB6B_-}^?@WE(zfbV+^+RMN{Ul^&V{isH}U>#<g15(oKD<cB}%b6lr;z>AXD
zPd$9yatjK;WBnc*J2qD4JHi!iFNn-G2TNU(`S$=PwNm!%w|$H6rq*vfy!Zik_wP$?
zj@kxFs>y46>aE)^Fv>}HGLu4HB;Kkoj-Mxo$}?E{0>izVwFt^?K<)yBU;jwdzBiS>
zn=rP%J)d7|zteWtvDIm6_1HFMG<|toXszA3ef{nQ4Z@dGhUj0%IdQ8HJ;;5J8AI^o
zvOulQz7_pnh%qHp$Lrei6zj?cGE#NnJ=3~I@Ds9Z2o|n1{#&q$#1hv~)of^t%ezg<
z?gHb|KNWOcceGwZfa%knOJ#WnN|oVK?(c!oquFJPb-8C%>suH2kq~zCbYy0E;A92Q
zYMN37*=2W6q>o7*pqUo4Ltkg)r6HC0PRMR%G)GJ5>e`!TWh@JCrt2Ur9x@sVP?J_)
z*;xD~M7WB%jA>Z>StKsj!9kpzKKX=`fwY99f@pAq_K=Xje^=A?Z+d&ZBsKIbENZ9*
zG;lP(y*ZyIDjxm3GIaE|A?eI|b2IF86*|4#xOOS=PS#%9diSc3-c22o@W9ql&f!G%
zzu}(<|A{35#%Bytc?2$Bf3wR0_YnYNYon?*+KfPeXRYc0+GVW$o1Cx5m$org`&Dyg
zZOYi3Wk4#YNeAD8sAiHV-lsmlyVuL~0qW6!ttMy`=>2GW3^mYRbMGvdg<lTI#LCME
zROP!(vZA?%gQpuDbc&D+19cjJgHL9LCVr1LWr&8v<G&`;o0aX5Qz<K3)_7RQN}puA
zJuf~felg*`Udokf{p1=LFQ$JPGBPz8XJc$E*5Z;B&`vJVH(38ogIl7Hr0yGGI$jt8
zLkVj^+=}XF`(DCK&BM?%bhzob|G|q2>7)Q4UZ4W;Vvq=k7ZoIrDEsx895LV0yttHV
z7$Csccx=#Gf5^bru#BVaSTfnnDs<<cmF2R*4yNrFA6RkH$i+}-foaR(;v^v!xf>%2
zp2lZQ8zyc$rngQ-i)MKSSGLn66EXgfSfaT__3C`=km02*SWA|Lt(#%$;u&i#!BDl+
zQ_<zJwuhT(uaC#n;0^_1-@x{+7(8uk=~Z_3vejD|?@{$hTj#c{G)}X}Pd?`xQ4ie7
z-wcGjDalXx5(=X9KNJ^6O^hf8(da%-i3JVuE<0TYyAVJwARan2SKuHv2JuL}I=ThL
z@w{^Qqx8p^*e!<JpBc$VCjdpW%6srW)^S7>C-2?Z3rlx$xkc%~q}0YRS83+(Q=}pv
zyKZGRqut^?PllyNlm^{)x_GDc8!vM<srvZE+K|~}Bm#5;eoL2qW%G>()91X}TYH-I
zmDVq>($AFb<V%8Ftfkah<}<)qNH(>X2+*D04*C#PN<SX~vx+X*feICuDu@qGrRQiz
zvz|QBn3EAnwJ5Q#Mh#5!uhiHzd;P(Tt#wrd18*+&;^xHp5f>z=nkK1_SMIZ=2kx!y
z6`6Uxp%e}VNp)h{$EiAj(fY3yuwU_LdHUAnPLw1Xk0(2msHiS-8@mFbp#d9JEfAPe
z99+??d%*`<EF8@yJZIq5Iv1%)WGPk3@()uEqXJX3fpvYKMVuB&iX2z7PvT!X71ytW
zKlQ|Vu~G6UGml%GM(1(%(Vg-ow<Qo1q~aC#f%lr)T*k#N3Yf2Ar~OPWKxSH-jadq*
zo0@*LF+TJHPG?e`=B*>0FBep}T!?P{Zjgx_Wav>&X@<3gyeDI5;TPKq(o<IEz6bj+
zt5eWc?UcR<zK?4qNT`=HEX0<PUxXlTA;rNlP5dradqPq$E^voh`g1|Sl^&KH;O2TB
z=R}WmuG0WsiiLN;@9a{MT|l2Px^YnUNQ(5ZkiEo5mffZKKD^}p@^tF$@pN;scjx``
zHhg!$_x5o9v_@60D3|RaT-LGj2=glKE)Sp?llc{eAP=lml%Ax+%P;iV!<%3nv~uff
zSnxn5GagH*N5}(q9$`M<;{P#qjp1>2TRV2c#<p$Swv)!TZQEvp#!eb1jcwab8aw&s
zea|`V_iN_4X6Bl`*Sgo*%Ufw-ME<uP6F)#*(5b4p`p4JJnhN_UKc5~N0>eT$$O6(%
zDDjq5eOPRJ#^?B4d0@6htkg5sZk{C^KbYyvc<r6-`K&M+1M}2NbEM`HPaW6vVgkbl
z-e6%nR?2|za$&Y<rNDpxRslkg2mc+e0;KC6(;JF*`!<{qH9%oziMetJojw2}5B^uu
z5u@a&{2vp`fB=$SM}YO|usVYNqif}P?70NL!H`B0njmi^+z?TA4Qma-TYdlZ5GbF1
z+>mi1sk(QAKF#O4M#>H}cC9)Ak4wJJd~`ikbyE%NnE-D;DBxy23})0PKaEc*2pc78
zWw<Mh_;r)Wc&jhL2SNOS7i4A0qz)5@go#7S*ui>8W&>o}bSP^8MEv1z4OxF-(76|V
z#JTe1;6R}H8&91^;APU3u?S6giGN`Z{J92G_<>VO?aS!u_4@^MDwVorTIu+xZo`yg
z7ixd@3}3N$x?~Tp?S1QRS0?{_DQGse6hM@PU45y&Iw0Q}Vood>C`4or3!gTvzi#y@
zdfOpIUhPnHg?)d*3)yXPDZ@+-F;T!sz2=e2;Bv51uAI;c{QmTpn_9Di*PW6SzGKKI
zK}r84o8eKvj7Qdk4U=PO`)ynS=I#HMd3(1Dlj<3%dRqIe_4NZPV5V9RBi(B)!H!c<
zQ(1e|HNR86Et)cM%~u0s;n>or_wq1NL*WYg_GrG5yRTwgLyr`I*L^H(L#-U<l~z5#
z*WP|)`KqQ%3Y~=f7PJ{pjFA;KP6kju>yKy&uXu8oUU=2GU<i5Kw&}2IMz%0zK^aC3
zEc@957Te&|Q&EPt)#1lGJUo9@imS7`yB#vZC(nh3(13Ex+J&UEmk~6AJS!XOE@Kpg
zY!iFo%()I9ZAU$?8Tj6YxA&pj((mN***Dy<7n(5THtKo<!HmLYz9v>54N`Yk$Rk_3
zsWSgG#^xU;D`<mhHzXfQ-lpAaWTbW0wgEg>JDd1&L()}!sk18Jc34EWQXl&&+Dg1v
zs;5NrxxiO8V$MN9Y<+f+R%lJF)*b9wF^~3ao7(+@UL4q0&p(S42d;U^5r~oMIa-7d
zucuAc9XM`15F_KoiNuw>d2m?%4kd|igg3vG1)0brw~)4XD!&%zxLfY?+MuzJ763dQ
z9=Tm{iw+!XH&KS!VAeT8-Ym*_%ufzWT8MeYS%3GcsmHC^aqk4&q2ZGeh07#PRQHY_
zKLGkIVIIk7YjydqMykfPi|6EHR4Jsch=?^VEYBYj9Gc72E(QPFvS=Sr7q2?MwZW8>
zei|&o&I!X;On)DH4)VRu_Ma2=VmuLbt*h2}8+{(mc1UrTJ3MV+x5s$B-`lBoLNln-
zQNq}6&*u#swoPTA>R|Tf<B0cccL0S*ip%zRxc@Cg3a;w=?v><zcLcqLOqF9P19-v9
zv92VwNiHnvXq=xhNm=*~qe><%jRe29Uiod_1o9<ROE}DN@jGHcDq^|(eE~S})IyOe
zZ%^T6@z%Fj5vN`UJ2sBXo$a43P&kkF_Uo_??*s(rHitt6Ne7M@kS)H;Cz03Y2le)6
zQ3Ut1HnHni`#Xqie{tmNOkiz?9Q@Ant`TUc9K+vJb#sO1UT5W&H^EdNJV1sWS9Md8
zFjJ#~GnUrQ5ve|b8`;hz3KnSp{KZkSh<owp+yejEtJC|e(#&*Z;YdA*?T6wB$;8!>
z>{2+%_)&J}O14w?To(n+Zg!JV62*45(?3Uq-@%Js`p9!II!qayU=I=bE={94plceM
zdl*TvhtuqDP)_mKesYt9;=!Y^HrTZUt0EHUVj$-S2~9xG$e>Z8K;yzv1)ns^piidT
z+!VJ=(>drNWG(-k&TzS!p8U&{2)ITLmUtL^hmzPedN=>D0lL}cWAp@tuZFXlfR;t3
zBjf~q@0W<jM<xFK-7_LF^?&EjRK>5qD%E7t*2y6CbEQdb#PnLF&uW+gXT_m-H8|`7
zY7~LBgHf!8$bkDCcDqJusa988=?mjIf2B2G?MMMPG(<luo;uJs`FMp?M%rg%{5|)2
z-r(iV<$p!wk$y`aQw08wC7-oGgYk=X!(HUpkLKgbLn16OOyVKuYj*pk%f{@hc}{tI
zy6!o$F|>(ASE~LGA|_qnIoT}Oi^m+!#LJiLFQ&O9ig_Tq?9UC9+rDYMA=l`NJ*#zs
z28|>63_f#ne7tF|NO8=E9Evoh61J1O^9Y(<qaa(4AZBOjl;7}6{r{@$uO-63uK@lW
zQH~>{rCaitL^c9449<IuK7^~g$|O?X25~<>Z;Kj2Cx(*VSKRC4_C`L4cvgn4jq!()
zd_d$~L(ZP*+%(a^>27y{W-&nWI6dN5J{DVYI2bB0V#&Y%@eF@xK*~Rm?~F_-*OA6E
zEx7OUSU~5<u;I-y7TR#jbCJsn4d|&#8qdlx9=uzT5==DvG6h*gz1<kFtJ{CjlakCq
z>X){ysBEI8sF3{-y_p7zGGk{jEM_oS&=H<{Td$;a8jF2xz%<1-OMe%IYlveW=bL1B
z1?xL+cOVJWsa<yv`YF0<T9;I<5zpz0H|Q`9%ItQ$2gm$ZBnq7|O#P7i-grbcg_x9M
z@+d}Ah!iu^N;Gv-x5tf*_R6?*Nz-q<a_5Fy`^#E`ptp20&(9a+)}<0!soh$svYucr
zElnqEG*Yrl&JFHrGC_XDe{tBHZ_6&}yMr+02&=D-Y6jA7KL^<f*y^&R(_6SLr>>X~
z#s9IQeRc+KNe?VDJz1)!`_>gmT$i-^*oE$`|7iV5#ma#q53b|}^L2iEgf&Qs0L8dz
zOtHHSRf!qa9eJ(fwSfIuuz1__cUse0jzJIv!iD$7FqISCz{OO_PoM1F2Xw`CJ~@Y1
zj)4o5uWq&XI{CCKi%v|3Aqjx)6iL>D0@$}i^w;4xxYD10Q8C{r?C?r2@1RUKwBW3z
z=@Q+qGyMpFtF@t6;|7ZxKP#zAP33Nt`&#u=Fx8`}XoXX6i?2c!xHJ5@uiC<x(ru$%
zRI~(dNWnWvm_zGwFGFTjHAq-|U;70VYGg~T2?SW;vf09(AT2>wJ8}RLhnu6zWQ@8|
zxj@~M<cAjm_;D-{TSilad&f_<iIRSwY~)9D#a%wRh*u8MOO#}eZ%H194u_S&#7&e=
zny3AQ4HxsSKIGsaBbBloq<`XU7JymvQtN&mQrV82)v{w0*Wf<-b1_4W5$3O@aQv7p
zo;izOIsAN(pr3lPsHua<y~?b!^r>!4$;*%*Z^$1lscv81?XJ3Xx;fMCFy+3FN3xm3
zV=-CM-=4Wzb#?)6qRZWiVkamHEjDNVz;_c`2n>qLpT4r|CgU%Qd#kApQcF`Gb*2Xg
zf4Ik=_rA90vJ8Lgv+Il$A%la>(3>d!^}eF=GfsKugNSN<sLUR}^p{T{45R>4<i4Rx
zmPcJO1Lu&`28~&4j%}a)0mLtMe3Tas)W4e}Fu<h(Y>o=BIXZ*6$oTKb&A~9_*m05=
zGY?C<UGZZD+<G}loRw`qH*Se}ww6ZP_hX{>t_mq{mMOBoCUu(I9gEaN=5yH|x}dMT
z0W*;nTc`u+Rb7T`r=EA6bSl4T+Z<Fp&*d!R&ezVTa18Kgxmc*qZwY>5dXC7fa<d{=
zPYQ1y7jJl9F>j9hzVboDvNkkhjW6Ed12O^Ot+a1D2~-M_Ol6dC7D6-i_U%A~r?KVm
z_1p(%;%~%VAq_tBqMIjEwiQPmz3`g+K5d<;?;^%t#PT!nS|=%{=F#zjDOW|j^=XK+
z^E`)ZxPkA7wEpPnjOWJ3Tc4)q-K9zeuxW2W*PI)EWBb^_i1tT5OfKa(kYevkd712&
z?!w37aYLrG*#|S_RX#b3*C+}b{L)6B?AZrsDQzI<lOs;2mWpf-K9YLQ)*<U1h~^v<
z-*lq(Q;y<417Ix(NO7gs04T}=5SmnEk5j20Y^4ONMQL`-ni&>m=UBb>>^qkMz3Z-8
z3jce5w+5u*2D(d(@vslcM)?6sk>AE;)_}5Vvs=Os=2q&nW-58errQl*sO=$z)UFll
zMa>UK``1d2VN6M{Tk`#7SBT|H1VOG$fBI1MI8R#l8a3rYkQbm2-Qm2O7q9n4C1wuR
z#@mNEQpJ`GBHYY9acbH)w?zwtHR;!fL9moyN4iy7$l1-J;#4z+F`+}*+Y={0HlNL_
zMtWBa{ts%~7e}^?<Y<AhfUY}hL`L@1q{49V_;Bnx4wqYk`#$R|Lhe-#t-mPCH^yxQ
zpsev95i$mBUaC2mr4&m(<0}$f@-oXxwc`nB>9Zkhn8)cI{^X`D_KgIVev?yb3H#z@
ze(hCZnNecj6#=%G6V$z1ssUUr^hPp@xwQElO50d@Wtl#~XG`$+mXgRlQRuV7>K}4G
zR!=-=TyW2wSEJg~45Sk;5a=c$nep~1dC9ClxU|g<1X&I;<X$Tk&+fpolq~7Hw39@w
z3j#c+H@pny6~@~nynCO%+Oy4WUe(t`M#Z~cER$q&%x<z{_P}hxS{pb)jH7{CMh$3w
zWnhQzp!nh~&^-Ptg81T(hw$<X(>eYDaPOe&=)n(rr5H1)qknOzz2p7(94BWJM1Rl~
z|7nw~I9jmNVe7t4?@}Mc_2UGC262sZ-pZW`qS)j6SNWwN<}qqUj)o4h&>hVh{U&Oq
zr=<$^iITSYKyfQ|oH$3caw^<ATXJ`+cMo--S<iVloOSl8x>m8XA>HSsRr9q-BUeZ(
zT|lYc_b$SG4+@x{)1N90GliV`ok{YdWykLpZZ!Vcyx~e8Q>f05V5mDoMyf>$?1w6S
z;#SVBogfOl>n&<TN3%C0!kk!7iTh9sY4)5;Dl~MTbY}JSu$;a0STJ(F^Ox+aa$X*1
z3qQu^x8Tahd(Tz;0j7irJX$e``4EK3B3TgA<3EiU`81#pF&;$2nwi}2u(#_E+0Nj{
zS&A8;Jg7kbvvB4FGPuitddEsZ6zGOhG7MX@z75DBq22k&@<-*qx&B}iiaI$DwY{!9
zjA(&Zoo2&Q8+8+C4T8yfl~a>{$7u}0idc1+A3*n|wbO?B-iRgQ_iEk=V&m-s{;AFO
z*%vp#+h21zieIzJ`Hh=bWRd|@ifsG)FMO0?TNA;>$EvrfrAR%-?no`nIf2cTa=qKZ
zj+YWX%4(Aa6c7*|LIRCsM8s`qVBlOtL_}y{tQix5T*e=FLr;rN8V~~wh1THP8Jc6i
zgMt2<pR{KrU|{rlhytxROH75=*_wxm=RoCk4yls8?a6bKfg3oBN7|>VYQ_ygPcUdF
zyEVcyn;Q9sA2T|lQE!X1-x~~&O=-6sL!{Qxj~qEpD;s$nbAs}f@>lCx48ibs039wH
zD@)DEr)1;{N+tM&nB^8OniYMMhW9}0jA54kZwf6T%TsfbtYP49fXctDad}pVTjQ6|
zw<qG)XaJ)^faF!7(2A+R+{=ahOR2y_$^#+HG2^Yr$C%?B%t+Hg?;G>8Q*(%J*?3fe
z|1#-}s|*IfBq{)tnqtj)#LrUqsT5*fwG&W`Z7sC~<A|-;wsOtmG>3lJ&7YrD(l#a5
zJnT+a&;FQbJ(TNmO+#dn(gnR<JXU^Iy3fcv|H_8GZGoiH?mclW-+*pUonQZfR6T-a
zHE$hqV+!|M+ySpbu44K6RLzF+#^+OPeiBky6E3dCm3swqpZ{$e6-R)ONs?!SF(W%C
z2yvSes<#j)7-&im>NifX|FGaR4LzuqoE$W9YsZFEl?q@s84aYyBu$b#Jjh>@O~%y`
zF)(dPFkdHjjAX_=R)%gwIv;B)3t5hqk^alpT2i)}Wv0*1ODP1TF-}RC5#=iamlpf4
z-%SJJzq*)L4+j$OhTV954vQ{GoJ(RuVXDvvpGjqTIZ_pfPB+rnkw=?GWa`)QrRPK<
zZkGWTs1gh$FADWrCD>m=bh?rbbU)UE$W8OKMyDh)y;TpYKS#6hw+h%_97UWK5dm-%
z3BXYrMfu`uY2KzE1NBTI4cHB%Gs$ozm$KEoo0++#U%7B`M<R0?S*NaUrfP(+Ci-cx
zTCr=nbR_CIy`$PWcXkb&v;8v83Rci&r4fdhpRjK(BWHTd{r7)s_zr-EUO;iq5TGjc
z`<mctIS*I5vg>}Xp^o_=h00w5vzny>KK*~bb`bm`eh1H@JYZFz0CZ!HA<ySo@&qsz
z=;&A;vygu&Vc_5TeAVRnD7egbr}a}YGn}d@ti;A!Y*R-dvU{A$lD=P!ynZ409ixeU
zTnc}(tu7B%DSXM6W$VomZmPN@86E8R_))&8mDhZfqTyDVGr`5Xb0XuwbplqC$5Th0
zM4`tD7niG`yWJgC!5&J!QAtk7EmRE>uxf=%K+V6axGN6aFozDp<3p&C+=aM(0t=km
zg@||pn@Mfzf6h47piXnYp8kv!$MnN9l_;eEl*i})!CaL41Qq~udH~E-?+)hB(V_vv
zP2bKh80$TKz$<86Y?g8Ni}G50_g~5>Ze49s8rqpa6&a#-gM%YFw^2dUtJ*8TQ+VeE
zDXoPM)YgWQc*`%V7s;315^o-Zq*FlHFq&^#H+h0)ja4a^La5N+pUOAntSB;EQ-1J~
z-N7A!4jininA6Xf<WL<0OGvnYA-5?E6$=#mA5v8->QH&Xr486sZT*fbPw&l<(oqgW
zdpr$FS$hybFX{}@_Z{X>Fv{XxB#AGIla;2u+Md~!O~?q<=EQX+Re!8Ol@Ox3m)*(a
z=AI(%x#bBI^}qwpJwn<Byd)g$1UF+BC-hl+9Wc=EVMc+YTbo1)h~TL-h(4_T=0W(2
z%88484*)8U1OeJ@J#Fe%gW;cX#>pAf_u&iGye<1AU%LuI_f!jFEKig7;a$cQm;o0V
zvz1|Ybj4f#exm}u?SQa4y!RM{daR@rXiu0_!z!+@CFL~tgV3sM{#w1N3)oaGzq<A#
z`E#BHX-H`+jKDYOig`ekjeSb4<JfIgJ<mMhWxEw~)mRCih`kRMmpd*e+=OlXseauo
zf!6!bf&9>cZk>aTcn~-@E8tI3E1xfCJ$n1ViJ2k|aF@YND<<sVKZQqye0Q=C7j2rS
za(?>y(xO=%zO980T8GEt<#sfrpkhGGxUIG8IgYLU`}SLRNc9+B&tYF~jAa<qD<|C~
z)C5Xc&s;TF(^Rjg4sTYZss(n)tbG;h$5^f1LBQ_64&7O}!iWGO8GN)-0n@RvFTte(
zfYA%D>xTxXBCXjdtz9al{Pr6AMcQQhfZN8X;&i5ToVa_G3H~H7?(Zqjiv)t{^FRRf
zULY^OhV#+-m*8MNL^_BmWAn{jR5~T8>`a3Ob<PWFyLKXl5aWdWX&ckjgtj)Y>1P-z
zQE$6V620XJ4@>(;G!KpmFW)n6e~_*fpNE~+eW<fiTP}wOWxMtM%z{NPP`mVKEqz?i
ze4}ZNSB`*^1tyZfikIH@sWJ_>e22*jXbYct20bfvm<&i^mI*PVAi?w<;z9V%_gGVW
zVtOZEzQL0KXpThTv|%#tE-axpOA_pTAp@1(5iLXc83^uy$6$A`MzdS}R>QFh;W6sO
z&V-HwbFBjW7hT|IMKFNfQUP?HIz!<#4!CwAp8#ua_K<w+ZknC`XYq(7zV%hdY6|8S
zC0d2;=xg6qZcV=0NfA|+fVf9{G1%*y(0<!^*lH6~6eeRM1cb7jVB&meB3eOMAbZ~o
zBudWA=|qdVti`H&=}W&`&3wab20{}ZZ0U4k%i>g;CHd&RUH1>&jtQ5WDpih@HPwjC
zRTU(YoUoh47f6*-?%apd$Uth1j!{TTcT$r{P0q`d1&<O-H23P93aT#xqm>`R?fjoE
zIdSs)ThgSTw0^JIU)@HQLJW>yhbFMN*kcH@a|RK2E#P(vSwa!zji9bsLgOWjwp*`E
zHPaalj_fzskD}XshpnfgJg};~+2h8!qDmS6rpS-2$zuq;pIIPA4}MN|d1LkcYhsp;
ze=Yk+`Q?i}_(O$YCOf>j*V^Zu_xaARL6@*p>1y*cQUH%oY-}qY6jKu}wBf|Z`QI*y
z@Vz_V@VQq)!K<M)ipd5Blj<y(L(X;6b?6ov86%{%vf36p<Xw)=znNjgU0hFoZx7Er
zM^3z55u-xay}+)TlR@Pvf|0Nn1+)n;@vfK!x%&H$M_ES*!HGI<8)q%V)4_wYM^(+G
z^T+a^DblSmn|M-}9JPpct3(@)WFRTHRaNGelI5I1a?&q^O6e!_7Ynv(de#d8+luJL
zA+HT%^|t5%tlj99)-Q9A!8X?$Y!xsNt|mU{yZKlh^c9{?fw`-e>+QZS6vm3|E%AOF
z*o6oV;e0w^GhrMe_`8Tc5(0M_%WV$E+%yxst?Nz=$qu=q(PpkVQ7kbwwv!cb4&iuz
z&73MOM4zV{MBW2OohtLL4zIHG%rqVLroD-!ckh2Dx3^s{%LJRh0<%?I9Uv@(Dm0)w
zt59dcpSaLPBUEJQR4d1FegEyQ4qfInv4~j7T^neEf0E$*8tN(3j{jEIb+?haVOE>9
zNW%)7PrGlaobqFux_<16om=Mg(O}_T_}ta5YJXSc^R)Om=WD+c8)cZv6LDp4I@vnG
z%&iMuvp__rqQyaZbj#h+b4<(PtK5(V{>gVzm?n|Sc-sp+9CKcrhD+`$ztMpeBsk#(
zX#U|`?2^DGQJ<Z2%Xg`u!koAXQ8%HDct~)OWG%PB1+phMyd~}DAZ2Ex3p9w65CgB6
zz@0?ivxokIyIjQO$&Gbvq+cr*P=vXmh;&lI0JsJt$_qn9uz<10sbd0W?$%Qn=3a!-
zz%&z%scDY35Y_VTUseFV^8b=f&vIBoPd64&$zu))r4AovQE!QFVD;DO!zecNL^X0G
zepJn7HfJz`=obT))FJLdz^svVO^4^fApb$>w>@ZZ!dwMJWN2{3TrXb=LkMrQ+d>w@
z1e==lr0erfqpJ<Sb+LMu8NZO_c8oQF(1}MQh{2Gt3||4&4a)j9%TnwZv3R8Mc@0WS
zkr6s}v`4#cB*9RT83*_Dg7J-BL%(CXwY*)C_}S;(`y3}jxz=Q}3|wq@3ZMc~xB~_i
zjDiFs1Q3|SQUr<~898pY>Mp-VBYk8Af3{pl>!PaOI_le9qf|TL`WyLUffDaEtwZ=&
zvjReGK>NfcG>wxyVn%za>gWwV9<=7+n5?E`N2F-i5HY1M(<>W|6Xc)&utPAu9GM$i
zXH1&wdcR|O1RPI6Y`IP<JT@RmsK;K-7X>;s<p!Z2b2(Y75XT6)v&avm>&u!cmkw3B
z5>Ea+k5fwa3-2T^-^=2-+dAEBKbEUQ%r3LjO2Jk>8{$k>{k9yBF0_vZ`pQ>X>tmnJ
zd|B*XK2HTZIht24i>j3edEYNWmSb49_KP>FJkd8=K6kHX_kG>AYuZ*j`Nia$J7uJs
z(D}1XZ{Gz?>u@`yzhN6u3&~fC9z)Xz$<rYhkk>--1^}LjgyOzO-%v<NW`NfR+odC6
zImEf=PD!OE&)<796aOM|M%4PH052SZgvGck5S+`?35Co2e56d*B}wNMr`5I)^|AF-
z4UWzoo{(LmZXa-s-S|#|Nn{h(;aHjQu)sgKKmnrYBK4#vRsN#$?mQ>m<CX;a$#MGT
z{Tvhx>*``Pz|N5w5^AlBtLAMrynh<L+fJpdHyT)<JlHkwAudwVPh_Y(hw64Gysd$y
z<{dPR9O{Tc6+Jz?02z6;e}cM|K9aXtp?~UP>uP5$;Dea*4Cx!wEY6EP7bfq)Hv4eA
zf`33etM63Y^i1(tQEF9X*^1s(VmuSnwr}be$}*BSJ=61HT@?=@-Y^|s#oq^G@g?I8
zQ&GZ+ol5$$og}HjRfAcoo<uTyc`tbUc9$e(90>=yG9Kc8IB@clgM>M`J3*aIAF=Qo
z)bc~*xA(}gb~deKJRH|}r8E;;&3vT6-=`BfFM=2e@w#x@;6GZ(C!*d;(0}1Zea9Nt
zPPnbh_TYR7M+rkKYm&ggnGzCC^{xJb{iY)f!OtJ&dp=iV@l{<>h5}X@IkZ}%^0uE`
z5>d?nD{WqWqA5*TLmW;>8e`Pp2ZInXKmKv}T<H>$5!n&_45RcMUmS~=4<5>g+%r$=
z+N(3;ThwOH=kc%Ts{#B8rSz{#p}s=gc{j#Z#Z(-*04DHas+E`2DzS<tmsdJ|AFr}R
z7LQJ1Kz%(QpP*7op^;+Zj~yH3F)FQ9LJdx3NbXZG2o}rbQ7A8wuTdG0;ro?@BrP>%
z-){Awn~T*TOw6VbHt1ZU3?DP9qskX5^i=0GQS94u-c<Ya^~_+@s%oHg+Z_$7{$5MN
zJM-7>+*hPLC4OitD$-ID+733O1PzCF!m>cB@s3KW&e;w-IfH9TC|U!Gu!3JuF&(Z1
ze6nT{@^&h`{qkY;kJ=3_dPH0USW}ME(#fS7M)xrN*bK5^_|uDinAIs^FvWZW$CgfX
zM_4)#<sc&5svm2|qWE=_0rtl;=<OS<`s&dwW`^HitW~H`)5oQV)jz0~G;VF?iZ2tr
zeC`!Be_M2G)j-ZxE92Z*R57}P>$0{M@W8$OxRur7n~TYb&N|Q?90NLE3oJxZw%V|S
zIa8a9a<0%gdwus^`#8&Dw~}+qS}I-3EcZD6xR?;`E4q1%sU#IvQ}QM=Q>+_^H`&#$
zJ0MnVIO)P{Biq0o!|v1Y<>V`h&_pV*7P7c_<{>megE6f#lAC2P=r_yAE7m(v9j9rM
zFesq;Ly~kCf@E1UXp<wxGg1)E%4-_aP7$OiR<ZO2vew%exIN{S`u(`4o!|B(3MVBt
zQ#Rd~$0e!>-28J_hTY%uetA5fO$|`Hgszmjm<Q~^W!1%WJua?HLss)GxIPy@4%u6&
zMi}?Kz$QeFrHc;KQ<-#O6zz4owhK%uoiFQgce4dzwTs)SCVwCAF339#m}{<>+B8Gs
zChNXfS!W^3Su-paM!s7ngAmL4@=4~2*L9i)%jy*_7t?vC+Zbeb-qDn4Xgt|`ReH4_
zz_j^D!PjgWM7JP97+0Q;*~8cAYFT9^YoKf8nNW>t#p{QBJUWLgg{jC`Ez+fTqoC}6
zZLnY+`NK3rU)<otj3k1&_X#)#+GPMN{)Muto*?#nKMqRXuX4@5y6i)MHEU97V$$eM
zdcI!62zF-ze6Ljy`>YM556e^cTgSKKHa*piZC7=8Ce?3O`UBoB)PuTn=W%H>mJyv?
zrayVrlGu|zoas$x)o0WrT}>WX;IFq+qEU{iTF-;|sr)%xF{~b8U{tpoUq{gld1;90
z;SCq0O>Xou1nQanBB}Vb7Cp$h_v$xQT4X*7iUO=j{qWiw2J;?2Z$A4Kzk+=(=BDT?
zDhE=f5pZAD8<!_kP-vtWG-!*BI%U?py)}*H;ajn--soLWt69=B09prEpQY6i6c@Q|
zQg&|3OWz+%mL?#nRC`XXe@u&fs|k{;a+#*A43eXt6*Q{4j`$}1_;`W+BF_q&-PJB;
zS20ZK#oC%w+K)}S0%QuQ;h94;Yei47!4+wQoSF+r-kI?2QV?6j+vgh7R2w>>?S4(w
z`=g4@T`?qT<}_!|JR15)6Rj%iCeH06_OYz2E4gmh=#P#4(^aFrM@>G8%I4zq3$<<|
zDNTH<@5BK`J|#){S>&}R>_)jgzR!#vo!PW)0oiv2s#D`sjGOt3ci-x{ecUy6)qcO6
zV7g@Ao}9%ujEbS%aq+&}Rcw3^=uOZ!wxP>UbJ6>~7W=pycym~{>D)4Xd$D|DEJZ{q
ze)8+OQr>2fvRLb`d1$(wd-T-_b$%})-(+{o(NLG=84Baf%azlnD_<lS(gFz*SGySE
z?`zI780b4I-(6_q^iRs@{LSBl_EB2<o4-@yDXuBEyJBVzlM|wmnK#adyp)HxhXw)?
zvq&OdP#}n-P*D_FYXn5pK+1fCD8q<##4@i`5+vKQR}g}rF}MIH6o!~3a{xjR;-r!w
z$fIGIv=>~%C`<D^aT}!4fj<iOsM0pfD7V$rxEcSz>=<6Z&2rm+Bksq>?fGPoPj8Bz
zuCyc{xf>H{0o=-ERQw}nW_wTp`i1|!U-}n2$gCLRggjrGNP^<yPmag(q6HbVVhx*g
z_itn;Z|Np36WupWefnFSYEI`nf@-<ztYJ23Wqw!duzeeL22b>*!Y$R#KQrWQf*_R6
z@&mrYV@c4%VD)HCnJI4$gdk!L=^^nt<wB`SwHIK6aPSa{{z920kSdq32Hq7xw8U@_
zJXXv|Os{A8(iaI?%*jI-(uX2o4lT?Hhbm^?UmWy1*jdf}7Z2Tl^IMWmB+EzfN@W{(
zR0jLSYnLE40@Q5_ze8R8C8Uw5+_*+*q6WL0TjH(?FtQI<*Q)oyg|CYnkL@-u?>(**
zeEG53;US<+Ij!_e*N5Gp%0(+9JEa*^3;ENNbje0{04~K$(MO3*bNU5V)sGeBp4boF
zEC;Va8$To~khXos`y%aE7G1!cIYmv*+tAE|{P}cyJ8rkKxU{wC6<dtEY6?--hH#6%
z(#qS?*^bP-JlKR}@vTxfxr<l+rFz>KsOWgr>RNU)3=pMJ_hN)-wTu6dN9j?cx1vAf
zqUUAA#Pi9x8&TKVNxK$@=RVGhgG6zqYN7~ffu3s8w3Dz9^AaiW7fpq0253zSQ$r3<
zus_GB3{N<oq?u^kxY4fkDcHA|gn29UJD(u7F4QPlK_LDbHvP%Py2R88Yn~P%ftIaJ
z*N3=g)CHLO()jCFb@CxyiOSd#-bAe>A>5NkYzs}#ewju!7cem+%5H9-R6>_ZxqE*(
zQn0o+@v2+RMJn_?62lnXjkzwO(WkQZ=|vy6Tf)A*E{9G0@GK}mt<H>sUf^gwIF;9x
zg7jW;<BJj-b~WvfSvB$v+3#}LZGDlxU-&%7N)4)wReQw76Wc-yq*Q^jrI*z?C8~_v
zC%Jh`&!Y_8YZpH&CP}y53!ILJki;4*f5;2}!b}-KpdhzUH6bxH&>ApF^ng>q@4FWI
zpMW?|Zm$sNQDmXgvqbeWDks6kvWj860cHbF56(dzYMc@4RyZ$37SFeGG_K+Q;GVa*
ztUDk3*({~5JRmVWobKPQ<`GZDRi@7UAsc<`{8aAb7q>EAhQRF-N}XHi#Z@Pu$~n)!
z<@;qyocj%37hbGVYs;@|GAHe7snKQ$Sy4y6y8S%c!ztd3s)j`V;T4ux-cY|6Ox|>n
zQQ;^j_uAN15$-F1(X$UllJnTOH};RU<eq1yCF1WI5S~0?a7=b-L#i0!BooG%l@zGb
z8w3U<!^oI&WjBNvCyYUTm4AdnBrb@d!dfkTfydLk{x{Y5th^Gm&zkxu3sOI;B}mjr
z&nj_pL?hpzq~Fth&UkgbR?TzC%cVCmY)f9|VN}NL_ApgtH>GcFY$eDLz;LDI?@3U_
zV&bGn)<kvJEq2@WNEshYPbMjLk)*0qG%<+xurQTF%<WB3{U4!O95)4xRoSTPEpu=A
zG(}KNPih>q5}aJWIU9}7_{3xi<e<Ywa@i<tb+U`P_zB43@IGx21OyQ0$zJ%ozRBU%
zj*#{_)L1;6p2Ut*XUH`a2jM-0<#f1Oun|wFtBX7Jb#t=kK}1!5|0+Y*rD8#$spY=0
z!Mt_(6qFxHeWaxj`jy@}q7()bS;}pk63tI>4D0kwnTPu1CcfdrL!X<U^;c*krKk6{
z*Q#j5okeK7bSfQ|@z#w?RdYD^rmkhh>;MyCTfOz}g8Xp{$Y#6oVuCp)PDHBi*ND{K
z|GXtkFmFOnL4D*+ypB(tJ|G=QWFgELf7*U^NCbKL0T(L*`ac^UY3vKpOnqsTNS_RE
z-~pnvQz}I`bn*cmj7*=_m>2v>BQK!@GKZ4T5J)T$hM-jC_ZEY4GUf%rIyr#%AVd4D
z(x|5Anuf*rY}J0k9}YfbG+u#Xi`FGEOoHYc5k0X*&L|0jB5JXN=1ZBGs}09jm_Jfq
z%?lMW3Ydrs!+a05Bu3-2|E1YikS0Humz_bXQXl5qdtmxc-MLFkIlhVe@?xfZc^)-V
zgs`UB3tjau7pcuvZ#A(ng#sMQ;*IK>)MY%Ci(W*jh;AK(GLIc|ypJYw)onp9zCI45
zANfMbTnlRgk-ltXs*5*`(;gmej2(`fR$qq2%YaW}H?_OchUjlR>r~5A77nLVs&Qzf
zUPh_bHckT~uXDf!M)n9W!8{=DOujs9D5mo~*?|!!R%2w#6<ia1_|<}(#XLHuCMjm*
z`Q3I>Hvy*H+1)J_!2SxaW3CJ7SabHoP_0wGo3v;@m8*VnTjP&_fkFAKu|ycYws)PU
z+jJpRdVM{t<%dziE^SL2(ln!5Zg_;JS+s@)GhPf(!NieB(fuk>{3Qzm7v5#GR-tq>
z>W6wONkVxFLxo8_f>uI#;s{?L2_5yfI*2f?fd6@j;WLm0aw~HoTm~h0y~p9jn9;Es
z0+_f_&Y6HG=!}dr@{zTh<mY$WV%LDl_5kCbW8(`+o}YP`*|DPTIR_-_PNOb-yJ37Y
zHPM4S=c;8pISr}WyqY3TwbbXy<CV|NoR^d?6Gp95Hj6jdX)O`>ZT=(~JORy0<?8Gk
z7l6dAFeUaDuG)DzS7QyF=dpV8u!zb`)#hS%5$>%m_o2`Is-ikHFTUGnD>DDD1+ij%
zUyjPhii;PTRP{p#j>W^%+{&z=P*36KN4ejQ>uU&PL_T{Jv*ej+_j%KHR+fY|xXsDE
z2GT2{2GXmw5w1HJg>VssksjMA4!<O_lMUl=Oz<R`dw*fdZ-k3#Dgh&vVB!da{qYo6
zar+TX<k5wLGd#gAh*C==Z(n{ru$y}s2Suyd#9LKg-sz!wb9uC9i0`z)X{am9S>fga
z{~ISM4LM^nwjUM=4VE!RHPe&9G|<CJs&%C-@I6M#G{KBf)*_G4%#80PMER?0Rt1Me
z*r<&S8G^>(^r%@mWy`^Rg=ilqa`dxo8f-7yzCqOquMVr=>kC4I8s7KGSr=rV4O0B-
z6wAsBA2^>_UQ2ZFw}k3};>#z4(2Vw#z#>Vq9DadODkCV_bH!M6@%&w}ce*<;b))=>
z-Y3QdJ7CqcTG@thsdj<h3V*65rleW1s8~$(l}=Pw7}W5YpcvLPFn|b*uK<BhlwlDG
z_Fq4g6yxW(U}_IoP(RXqwe()JL*mZ}f^-rn=#)?NTZYKD$ogo|AuD?v;6E-GlqsTk
z{KRaOHWHlSO5(TLYugt1Gja2hbZH{^{K286Pv9oMwH*Jkq{KY|RK@UvPpu9RkK97r
zmNpp3n|kZw#yn?POD)MKlZEr<nzpJQ{G)iPyVrWf&Mqcc^(jdAN#KW@r*SPjgntPS
z?@r{=F=^#=16<h6A;1TAwl_r>#K(6{h2=>KZGM`_Pz5Tq7m2i0qj3>o6Q;gk8X9na
z{f7sJ=>dFvS;cWJhUp%Wk3&pwY<fFC@drd+V?e;1BI13;j`021>2=~$*-xEyX!Z6}
zJpDZR-Ot{cIrV)!+{{Yge@=rezJGPm7;EhPN7+f^qK`G&lz}ShPnDM}z}{`awRN6#
z>8L7NwOf4%yZbj7s_PDHqoPXBwFF^l*R0WpE#1sZ=1O*Y7o^~RKAm>|bkuwMxD0xm
zt8fC?U!g}YC@(sSUqviPZrxMXNppuV3s~>N&%*esc(z=0oq|mvDn<qWYf~OaKN39_
zQKk9$;%y4kYG317-XDcB9g(-CniUUjU|SkQKAXDm&%8p;`zHV$Tv}4-C`Hks($D$u
znjzTmG-BR!lZZM?Fi@74s1-rQ0fK+rN<3H}4)QL+xxvkgyE$nuDM7*a4+na0KfA9t
zq-E7=k~^C}+4MV@kdU}$;~^Dw7m*xHR4*B5eTdX_4TsRd1;5&>F~wzuOJK7hBEkJH
zN)bMcjW|Q|-i(Swm`WP~r7X555}eYVPEv@uA&-Jo0?Us)W7|)E^P+ox-!IJ-<&@xD
zT$Ic`3BNl;YkHOz76XHtU|phI`Jo(QWrb4Z@yd?1!Kte$-LI-F-3CIsi&bAttw7`(
z?7N;HL(qrmgz;2&rI-kzDfEj223l4*PsAie%pv197i-D&QfSN@kW~MFqbE<j_`myT
zB7UOs6Qt5U17ly^L42{{pMaOxqniQyDJ#78*{<dF_LJ7?pzAz&E%f@L?U{}_+9vx!
zA+oH2-v+I}ZsXeXK5TsOGw;S)WAppmMo#2WG4@dmex?U7%~e3GM<lwn=)&)RqB{rR
zMfXk@7qRkpKSgKPT5jE3Z&(y87v~XnnNhsjeC94qZc@^MCUm!UZ!cb%fd{wNySwph
zfm0HesM%JJaw<RNkNB}#`Mvvpz7pJh)a(uDehT}(_E8iagw+Ip))fy8F@LQ627Y<I
zRr3P<{WZv~C??#j>$Gzig~L?aZ!zy$)0fYB<M-2o%O?R`)#=MY`3B4Dgh8k83c?{v
zrBPnZpuX4A)Reaq`LY0<#GAr{k5`?W-|g<gR!4WYC0k!jogF_9th)un1O3^1cc;sn
z0#jsJO^Y1P=uWL_yS|NSHcUQV?<tkz84ID{X&cF1U!<|167po>s<ctAik@+<b*}_C
z#{Xidvdz8U>T^)bzOk+lrP7jXTX!rQdkN~|HrB~qQJJk#mvSWAG-=y-5w7L=dX?Vt
zy#pk~gJ}>3vP^UF`I;LuJ7x3<qHWEt|BcGiS{{a75ZKTAsy;R~Mx&WK&-eZQ!Q@)%
zbdycDGg?jmZP+OM<0fo4rHfHJEOYCCe1SAhjnmJsZqJ9Td;+(2f2gZZF!w@^uyc<J
zA>1=m6}`xJXn;5pX(S>1k@8cL@3EXKd?5r`ye6v|1?AC*r;E1f67jQ(^TQwfvpmiR
z-73Rn&csx;+|=W68NN$A<Eo7Pan)n$;IUKhT{&+(y(_WzNo91d7vXLFrtkDp&jRAJ
zBYwwS7skyeMc>zLe~Dl!e9@3^@2)pp0mi3ES(<n)KUuN#Ncy{Upwjf>R0|7;u%1}_
zP7fLF-m)2^fu71(JbIo&EA`kcmnrLGP%vhS=W4A(ERe9?xBr9%55w&l#K&Pg>N1HD
z$5NfZ*z~Mpf94Azu0FlAQI7A&u_Vvf%qL9TYhNh2ODLV6;g;#RTrm1<TyS_O4`mBe
z@wD$iE@QzcJO#shMA}$`l5PK^>c-g6)pI$GvgXc(MAEpa4jY6?zv}~y0vj=j#S230
zw_-k?`m0E)CDuL&CB8%_{fwsCLg<KZ9b^Gstxa(3Nr(GybapfXBAJ<*tS{0Lu(;%)
z81(PiV}Yza59EZ1s{^k_z_gf&TWW>|#Nh?>fyJ<zGmxqmA~Yjv*d7gpZY#U=yD7l?
zz$54U1$!Ap2-++BJpY7jNA@DhQ+RyK0!82j)OA1c9fd!yhn%t-zC8bC*miE7{&aj=
zQIsS9BFs;=IeN&uF)KwE^LZd=bBW*TCr(`_VuCvxIgg1Vg6YLdne>x{?+6oNefE~x
zXu`v0St9w{SMdL&RFD)0K?}1{MGZug!%d_M`v;?t4ora2oL<tr+z5tXR&}nXWwCqd
zl!xO+)W`dwL-q2F(uw5OreWQAV85&&9}T21T1TKnY`XjIszhDJ;+)uucYhjH$<f_+
zOT##Kh%*t~DA=B>IiQ7++>C_>m*op;m6A$=;-&IQe<v6phl2_&>iJ{X0Ve^2@~KO}
zSgs@j)5Ay#X35*h)zxEO@kLvr%ZZidKgeYq$;&U$QXV9vQ*E~>xr8;|>2&_`>e@Wj
zt#WFym1<K9OR<aWRWxcZ4ys)+U;{G8haJq!k7FG8(OgINui7%1kE$@zX^aE!(-fPI
z15FzE-BBbXq42^7Z6P9=`a5_!xuF(L2d`+*ofAMPxo;e>|0NV>F{q<wwLRK=Jt?Oy
z#$+H?dI@=lTPuebi!`CBYF)mZA7?&gO8k0lEQ+y<m;$KjsnE&f51S^;W$%l(brpS;
zdZ6J(I-&xn5;sZ>W3=P|Oy=$Y2bN>l^j-Ef4y=Fad9yY*IKz{=)$=VA>29wlaCJ&)
z3jKA00A51Fq3-=IF*;c>mGN?v!B?OH9AfS-;kN35yLr_az5ocfg;?Q}aL6YMR0|?(
zov%IZVdNk78<>@FN%y-rCSCmt>w-BWDRfm?rpww=g33}6ZaZ)^Xy{fxXfQHmS!k*^
zD8!ceaH?G{+tXp4H)yIDh9EzDrJ=!qcMXYcrY8wpVx}=qHQ4Pu&2|E|n1SITHbXdg
z=znttlh1?LV0G?OX#Ihj&3o9+9m}3D%nYr$zp$)2N9~rxQhPJ~st-KPmRzHfzo?(s
zyMTk^l6b2DKS-sda4y&@g4*-x=lK}5DE-(?X0nT~W}%^VOPO67EguDSp_$7c+ts^$
z80%W$q8|Y5eDRA(cKMJnOAg_^n2Mo%9yeQ<jIHbG1&H;ChQ`^ms;;vfja=-#ZYa66
zl(O+5?Ylk1CRZ5TS&`EDgL|f{$*k}sk&sU}nFB_BTV>(An{4I|zf~XECdeP}(e8_(
zUWZwfM=y=`4H}zXatj@_M=uujDuXiG?2USBAJ-w{3J#u>CRhpIqPk+lfNDlJ-NLaY
zvA2+F3tsrXnh$h^FB$$<kt?=@h9}wDr5xirTtCFu;arJ!QXw}Yo*#p;H{~8at{+U3
zBa?iMgAMRi!2de^TZC2k`Z*>~jw6g^qK~vVWrzfP9O*|mOxcrOsIuj&#EQrvByc`r
zQd+4bv=-SUd~xMH-ux%My*z)cLZU7~hPX%TUY>Ll>0RMUqS9N9TZ>g;EdGae*oGy2
zH7Yu8JS`Vi42Yv|ffst~mnyO1*Y_Rv{j>hv$9MIHM^D`JQ(c`1nG%n8QE;g1qgJ0A
zQe=UJDb?dkDd1n5G1D>v+heGD4D2xwAKbU`<{IEZK>o?J(FO&ipvF!o^)pqN%aC;~
z+I8UAXXk$0)g3S(mb|LIMezM@VJd$v{|uWtzlhXz@uTa)**yJmL@f^Yd(2~6=JWfN
zZxg@tlT_&l-NSAv<D0!*oxIb#=TjZ^{aV&jZLlhjH2!3v7!#BPC-#tbNS7YtF=&el
z4fv)jF!hlH`cJ0lM2pjf%qVptw%gs94`JP-u5&sU?U}%Cmh>*ib?Pv%n%G6TYXQ4B
zv?-!-{oKyR7Wy`<>2p!Hus5a7oEBj-pZn7{Q8&A3cc<w0af-)27HMWB2-|fNf(c_S
z;lVz@HFFn>)qpCB-a7g}<j%~3sH5L(80h+zN_#}sPsPTri~JJE%E#X*Vn%j8;b)^J
z#im%zMnxb0LN-XAS(;e4yb%s5O5rUO1~Nsoc#XVm4lt>5M0<$v#D^QHM2WE0m(3Kh
z!gDxagOAz`$@LalNUHNZ@#q@}4oxS*A;nqz|ED#FZy}MsY&M9p0REa6zb?|_0}zUA
zcnRh85mV`7oQ-rL6;mxCzn=6{h#ht-R;!q>b!l1cK;yo62)L~9suS+ATlGoH&`A+j
zrIa-BU+|@!E7=m%Hs<&VjLj(nw^;Dy-=&d4)S~qxF(H8>yCGg{{q&QGID=q?mZm4Q
z(2d}=8lF|CM5O9wAsd+ujp+v(!u9`8W*MoE;IhZ7`6uXjJt^ZiR5V0Gfy^zr)S<SF
zCEoEb5@%;!dat~tXYZXlcxfFMk$^@VF|!4I-r?!tSY#FNqySFOJ2|vj;B=r^m7YQ9
zO*oA(O8+2DfPRANIRz7k>XKa_PwbDJ>O5(ozsS1mtXQi4WcoU|`0`kQj6ZC@Om`bF
z9!|g}Uh!qmkEQA5EQ(p%(9EfR7Pwqu)|<N%I)zDyqiT7=)_DAGEDHZN#NnIcCrxNc
zNi(sp{F?k}ix0KmD$`gX<&WKuJEYDzRAKb_+pQ%XIODrJyPVIiq=f#B!De0_p6QL#
zyqC(?sf~uHYAVd(+nba~8a%C^Tv1Y~e)!&!>fZ_V-+zaTO*FXwNc;Y=#idtz&(q-6
z1&c;I^^%*)XVk6V5^WyemXiMCG%;9GGhx;U+CX*Ui~!#JJmqi&2L9tu1;mUsE7ZsD
zT-qnl25U}jLbbY;(_hPRnj3u$sIzU`R>kVJSgveFoWHP}15F-uzg;3=tEnE!Zs3ia
z@=;;6*!f!ih}9ZkYI!LH@ycq`hCq<}tv4KL36KuEePBF>p<Y4K<vCehC{4%||2+Vm
zT{A(?Ja7o-Jkg<Z!wWea`jS!bpf{m>*vT|eMT??2V2KaaQ>+%rz3hL3{c)Z#j1hTu
zc(s3nnXV)X(!u8TWPS%sRoLi*V<OhtottPsyAE8^X)^M2O{u#76-fyJyQNm5mz;--
z0?~tL9}mXnX^(1+O9%{a3aH)i1gdbrDKOIp=N~wIoLISW!_jr^@_t)`?R&W%*!p}B
zdT(?5$b;Ox^g~7Xy?a%&pR%s!Opv*%6~82R!|v@`;DED}(y@lY)9gVQ<_$g%d)i+E
znz)#tF;VOwQ6DZ&5;4jpaazA$Tz4A5W?f{!Ap;itZy7>(D5L?=W<y8>K&mV->LN?~
z2WaxGS}}>!$0MUKIYO%6Pc~|XpuS|>`$w6fP}eq?B^SrHRcdjUWt~|TL#ZQ45U!1x
zyFEGZ#fmviwhs&JI7ysMf3auz$7-^JL7_+Hxel+4<tI7kLoQyv`FO6KI#9oRpxJk=
z-B{czdig5SU{*qM(i#^vH;~IF{X@Tjfy_apt>1{1)MS^rZc}EC1GXWZ^iU=U4~Gim
zPxL1iJ2(<>{!#(X-+hjLs^)o-O!>6fzO7Um+{Z49$79vAXoZ9!)M)P1K&w0A;Yhoi
z7tyXI2OADo1t}Y0Q4aGY81a;EQy|I(E-KLf)^C(C1eGDioYiUsxh?>=W3!!!9=9e8
z(Fi@Bx&Cy<dBd4p%+&=C8DdRFsItO`|K<+v>051nXtqzC?}Db9L13Kv1Ppx^pGac@
zEs3&)@D>ky$(AbkkJkzpw)h_{!F6Qjhp4s3uWkOtbR{;Au>y+UXadPMcfqSgF|5AR
zkgVE+_QOQu-K4fA&2yq5@PJ96#1g~r;_a?;sbH*IuPhPnM(j;+7OC{Yl2(tws@Y4t
zwpOc}i+1abEAMn;Yed_9bh(`TQ8`qQ*(8sD1k=O_fzzS-SQ~QjUyvs@HW`3gSPk1(
zyTiXPm!_F!o7Tw((oF7$s@d33Mo>s^G~QHjv24ja*>}MHLHV#T;?*v{b_Xl~<uZsB
z7#TXq7fcm)_C8@vsb}1bf=NEY`#iL1?mgvl;9p=hE_K6p=%`-(4FL(2FX}@PeMu6l
zw8Wv5FtOyZok~M8*!JEq4=USIQ!TM_!2cek7Cj;Q-W+QE;)bH$ct0D9NF#ockQSt=
zklagAPTW$!a^7+<LykP#S3><+lY|i>HDFDZP=GbD&_$v4X38fGW_KCP3TRbih3oru
zrr6SaY7bY0E>ur3{Zre&JbKJosyQ|$Gl6>WsJuoe`w|2Lyn^$k;?^j|`7U78z2*Le
zy9eE#2I@gTc?|B%9MS$Cv!4k9=gaOZgAoCY?^H2Mw7F~tN3|q|8sW$(0h!4-QC&)b
zVSxc1=}{ky@887ypg`{xe^wxVgY^hT8s$^n;aoIhsh#mq;9|FeC$B0@Z>@m`t+2l8
zWYM*Waf^5UWUTGwPafXFSKg{FAaW7D%EKWss2c3bg|~kXBoknbiK{+KUwp;eSBngX
z+?S%eieNw-v8b{>xj%XcFwT=bYMdM$@UuUqT}ZHS^KTywWzURbsWkQ(nfO+G6Ch3t
zZzweW=}-5y0i4?^(`sD+kC9j%>V-rYUFih2M8`>YSwQq5=PQEcP~A&k*@>1~h{bBk
zDAcdJBf?$(g^y+7-hP9s2grYU=Fns5hp+bf8os(UrIS~zD%znGNzq4>NLq&(@gAQV
zp-oO2HPH`T@&3Pnm$?WIXjAv6wWS~6gmlm;c^Jx+M}eGus_Q*T@ARcDXn{28o4<H%
zCJ)Y3&R~`nZ;@(dn3Y8*gqsGYc^(pjoC|0=#K)Ns5^i<|vif+3DgmWQ^HoxsLXh5l
zh9)l1A0&bG&I7X;Eu5tvD`$%$^wE&}@<&;4VGNhOn<Xh5rP7{kGjXymdS}8PT9%P7
zB85X6vlE)WX5uZr?xBjku0G%Aem+gT*9&ycIntuks!j9-b)2TJ8~12gSZ_0MYET#V
z&ioTPgs)Xv4NIBjD@=xG&Ma=yN7gHonY0k9pN^7{;cao&MH5fZ?Aq;<viJjwggybv
z3;rx6tOjdI_%zC504(+y)X8`S;lrV$ain$>gMOK3!f{2${~uAu99QS}&RA}>uw~me
zm$h)SYk93@+s3k%dGoTZWn0U(es}HnZGYbPp7(Q}_c@Ps^ztY63x%MqC_SR?qfJn3
zAxa{8dJyb<YIt#9zCRUg@W&(6Hk4@XKIoPUh<E52cWm&V1W1)jW+d@)6_v$3lKk7A
zz!MIA{xh6{-ojLBKhGI8f=pyN!4iX1FV>80KQ4EYR7R1?1(mX;K|0@PtR9!Z8M(6O
zEugW~g?OVBdS%4Ho$GVC%v5x)uF<<<sqccHF11h^@mBf<>Ub(h6fZFrLaez234udc
zu0IRkBU)rJyp&*3LA|>(?-L~oqD~+yF;GcD`)-T_FLIh6GamDcIvD*sOS(}T5===5
z^sD>fkEmP$qE-VCwPJitqJC$=FH2;1Cr%0Fx)jF6Q>dt2j<34pZ_Hww5uM?#Y(+o6
zF`Ta#g89}n1}iy2DyQyv{A;0Sl(%|iv|bX=@{G!XIn`CPmXgm__4S#!J&oH>MIqSx
zDM(Q|pyfN)-&E!m??!z7DE$Nty|t16nMofw?m^nCCBpC^H6}S>hEmCGe;<wUs0Q1F
zJGO7B;0U1m>;6^({7%*I@y=v%Vi%$S32+U@Vz?T;VTwXy)s=}!pTsXuPJm~N##~I#
z`;}Ur<+CNVr<J?xk!u6HOjXp5rI{gY@?|=mh;I`u4x14MCk**lKF-Q_tYRNS3~tg0
z3t(@@(zVJ`ZLVqR59Z3JrIv5)bNfC64YQS?s8tmoA|E3JzO)0(<Fs*M#grdGy{l=<
z@#QvMqdN<Hy4OAx=Mb>vcqDddtv^||J6aOpx8IaZ{dma=7|~nJwrSxqGtO{b7=pBp
z&(9FIbr%B;%xN|XoP4%ZNFC=ETBzZny)iJ=$bUpr53@J6Iyd<PL^RtCGJGLy875_+
zlRp6aqtp|A^XOK%k}#U38+&S0X<tO5`tWRy9KN|SKx;Li>Z+kg6XxjjcOXe|&EvJF
z*Q~I<A5YqLk6T6_(no8{Ry@$pgtPyZW?SUN_M=@ac?@hi3<hYzD#-dnD0$qgKJ_On
zq6BsqeE;G&1-K#qR?|8f$Icfdy<y5%`Cnj=iG!3b%Mzkqn-em~`UB+h6(ttqqyaYd
z9uX*XrdFmBc7eB*(eXz*PnYH8AJ#6G_SJS5<l-1N(Q|41IW)DEW~;R0&4TT;5(?7!
zR|W*%RWO@3c11B<$;~M$WpJYF;Q-7-ntck{f@>x*{uDIUib6`uLITWj36(z0<YG#j
ziLcWJcUe=HNaC8{pGxC{F3~m-N=gofNl5;O!_P2E6RUGMc_18SxA%l%X!Op@vmh-y
z>-J3yF-J}%C5M>tFVHD~4a!$|`_>71*F0dn@c0nu38bjuT|o>KB+iNU_0(DoJbp_I
zfA=$?tq4JPnG!SNvyuc-8)NyZ%5}}TJ4casxF@33gQ3yJW!b%N7!NxXzbo_E?GVsu
z(U2<B^I`JfzG<tuS#jXGI4f6wy+_~Z67q3lYuAw4d1K&1TbR3;N7~us2AQOD>Ojsi
zlcaPxd9bEw?)xc8m6TW)SRf+yYsMFmFA5xXlpL~$R+E{PT_-GyVGMlqw-)n7QYK1{
zMOQ*;9E!mum8>q9v|ELK$EGFSDfElV;OazQ0ZX`n3F_k5V%?%g=r#yPP@?qpQjn8I
zHxa^vO;QW+>f-PsYkBoGiT%C1IGosn89-Vd19)nX^Ch^)QG6$MkUi&?k`e5y&D!&U
z*3GlXP#Y8UFbO0W1mH9j3Eu?PqMPBxqMHL(eSiV3a|mLzvKrBbs|#i~<Qeowspf<k
zepkkHjP<HFgR<Jw>t=YRt6BZb8xUQchN{;Z!CE$9^Jo#@rj6Y`kU<()WV5CPv&*pU
zfx&ngH_s;O!2lC3eSZ8ABj9@KHeR0{pKbW+pEc!=;P?9V1*&2~@IJ4Sb)i)H`O(J3
zZzX=zQdQ9z8Yh(;wk-gsMSIoNW0uTOK_Gmh_0npNkk2|*%x$8F--L}&%p`-Tng|Pc
z^}vw(`;A@=*VV-*N7QK-yBEtuP8GP!>vg#ep3Q;cn|wwYDj@}#;pdTnhHIMo(|%P=
zALC6rxZF>@X0F$dgEPtGKuMRiiBPX4#Rh#`yB0BL#@H=sy9`HNjGYkA^0SD&HgFd2
z-a7AQP~+flP5F~g_Yp4hDHgGVqex_9TrMdUU%RgDJM_JT;2VLXkE!?i>(eHG7QLR@
zdb#&3pA&lp59ridL8ta$A3Tp|?&fw+pm6^TJ*5eh!gIw|Xf~!(goXVRM<HrMw?|5X
z1CK5+RewjSlN{ZUfb-0p5yM<ed8(9fcjjpvl?V@>Q1Du<$3^4^8SHXniEcksiAR*V
zAqEF-As`9I!kwY<E7M&d>l?zN&SUxHmo$MBoEg1i1A|92js1a_l%FKWJkZ;k)hIK?
zu8;5?63d=g{72$eWJzo%oPI4KUZG?$+E6Dki*s;Uxc%2$-Dgn_NNwjE%Z9HY(`89-
zqx<(Zy8bQbgmz8Db=C=d?AwvXpQj6!P!m!O<+;R2r;Gj`5juPcH;Vq0b5Oy^#=sz8
zm{{1bJf`Se3N?5?7&A=G#JEjsg=6J?0C4ZaD|3l5E2IUE=5d3F0UaL1ToO@N5*2=+
zWSbKFbShI|>F=dHvugvo@v9k*@mtNi%Mu?5QO0!@2%ZE~RUgBR<gXqUWSlQ*IE_Hn
zClH9vD;l?IkLzMB<Gy|#7W*q76V0MN5lDDppfi;!<~?_-PsaI5AgP|2pxI8c@E`*D
z_B0rSY&guc(#m_tc-OIW|4f<b&~d0A&B2~ZRackb?E6Q7P9N$gIbye2NA`twhD`hl
z*NQRHml38eerv=_p1bdAjIJ!S37G;5(D_&2T}J>~YZ{9MGR2mjgq@kD@y}hA)0)t9
z24>Wd+3z<3X2a&RE87*rkAE+N?*xi<&3?{HUC|Ind`Teh1R8e{(UKse;n;5X+5)=i
z;oss%F%IzJXez|Si7BFgWQzP$6~^gj-1SP1U!T0gINjKBm`vuzZy5$L!q|G<2r!8(
zRx()bH+ryn8wCaq_3atigFv4(4g23`xqpG%_Z1N(NDWZLo9dXW8o+A2=Y)rseFzf8
zlxN`x*E(u6sSCVp|F_M(H$P|_cSg`QhYXXjhKEe88TqI%e0Z49kqE@XZ=XDq27-ua
zIeO9^LX=9NdtX#@E(YMshaSe<Ok&0Frnv;MiH%`?O;VD${`j_!nP0UvstQ<jodbXp
z7_S5p$BY^rFiMWzO{=Li;7_br!Y58;r-Sv*$_ppj5iN$@+O@tROm5L`;KIH=d1Y*%
zjn-?lvq9F9@DsmH=>k;mpB@3wgJINZtAHTusw;FI=(1TBzu;M6I0}lm1kA#w<SAYm
zfC~5^9H0*V)q>6-_|4vFI$>pyK<EA>yhJ|jakq?S_ONi6QI@*W<%=heZ2c7VW{BMe
z+4U1`2khh~Y_2J)z(plj&^6013+ZD9vrDl9CXIY6ZpoaR-eb9{=wkn(^@YdCDW!Py
z4j{W3%9c2?mXz=<!G%6e0=5+QY5qFNH&pmy%8K4(gSQr#WG_TL2c@cL-q%GQ6cXd#
zB(uRuWUmoVT7pfY-e<Tzqn;X9DJAqqi@$?f>ecM7=ob{j;ZF%c2YF-U-*XXrK%Qd%
zVqCk)avS=Nl$j9C%2npH?Si6j3|{Ik>F^Bd*Fqr<Oj16t%b4G*<V`CY%<wOicN|C-
zi_7dRK%684Xfsz!7cycc%mVPDY6Q2!*vE;|BM|rSRb6++NdC7o_x00f!lbZtS>|B%
z+H;R@O??^=76Q9Z3LD-5xK+=`!$Lilc+*2`DdyMOGS~CP_d%5&?yCjZQFx5u8IE?_
zeY0?FKR5a`Lf|4m@gZrB=>R0_5+dLC86pB#k{drAEE3RLvx(r{Gh*YWz)yYq5I&8{
zQ}4ZB;`GT4`bU);-WW_S>{P@cstjj{BQ`k9U&1y+JiM=PfL!4(=qp`ucD@=BxUfC&
zlJ9H~EHRzUFIDk=aXT-~0GQbAMQw13&@d%AwxrXWW~j_eYzW7BLSpdYRF@VEQnBNy
zq3k{?-mlx8?Rrx)y0EJdg0{<NP=*F==Z^cCH#HgUz8<i4WaQ&3-}>Z2V`_N2(s57(
z3_;m9Ho(JEFTVL(d{zPsVenCLL(5*b^B0&_!FgL(vN@%b3|Dt)p`;>-DXPA8kC^DC
zk4f-PV%cY|ho;MR2ZAKlG{Skk!C|zWQ^D;o?P&Z>D%Xs)*o#88v?8;XK1j#4re=nW
zK=J`+XA0Hn(gyE+tVKHa)kky9v>Yo(Suz3r2Y&vD9{Z#FE2Wk`jRDw~Q(p<pbwi`w
z3Pq*TRqs)c=^;8DP#Cy2lb!U|*j80ZRUA+^iV%s=qxuJtn<wEG2%-THL>G?;xo&{_
z-Cz(3E*_lW1?77;kr&3M#Fx9Od_zbU%L>~X_%4dpdkgT_P8aAOe*rHW%rLv20X5X=
zx84L*Scs0B3wi1(RN(J!^hY7e7fZL?|Awfc0LxhIXDx8i*HiYW(9BHUSW{&1RPvIl
zYG_$zqP~gHOh`lB?j(R^*jEM?#_qe%HjTa3PoRTe>!8g7xLPuSu@WdjjCZ=?I8i{J
z&NnCS+*(uY*jAAK{ti(}2z5$tl%Avd#!B^hvqTf2PX@9Pb459CX{}eWbtgR>5nhTB
zRUP5xB@eYf3-n^}fp$Y9UM(Icy)ajka@b-@`3_^iq4P!nh53kFQX!9Q6|@NDRgOjQ
zp`M71lCO5sYI0xsL-3b8UdW)Z;y17vJO`BC9o{hc>GEGk)M*NlFV^qG^#^Ncdrdfy
zeQ=riF!_OAfWq^nG4LpK)l>QUn;nIT-6=WO@zHvtjOAX{5=@&61aJ@8)vFM*wPp|b
z#dhZfD?TCy*kchDHFAe*z3X8sBuR(@UZ5)ln2CLkY48D!hK98s2CevqFnsKSBhamx
zOCW?fuL@7$O+O_Z$K@yGkAd35E}FTf@7x)(c^cuc&ONG@%JGecLmTZsjn|xqfA2l_
zB9c8wp_`LFLJf7xR)t=eIM=!itI`?!TJw$pAb!gc*yy?=fKt2{TB|)V)c_6;m2jdz
z$}UDYjn4mK+o8kJu7&Es>-tIDK=rG6V}-Io*;}9w0H0Zl_}0e=PiZ)e*dXCRZ~dzj
z6of%<`8`MK268kY>J>TyYd*q5eHPG?Ce$uKB;sj6lMYN98avg#sh4?TsJ*rrV{lr8
zMc4-7=ex~lF#ey`{h{q}nQ!Td6VF+ayts<H9dt}?%YA}!JoeB8?0%32`>^&8f#0Li
zCcc)PMjs<X*^O1fZ!-=iw7BZe3xQ6N988`kXih-(*kzpFjOOZiy?dGCP{%~hWY{+>
zCmMcvN@sNqxLh8Gt15HrD|)6RLlH}kK(fDa=skC+pZkG*8Kj3*2fY7pUgV|*$XG{G
zZat97RaKwCm6FJHD4X1`Q&Ctasu;{2k1?~r9()8UA^%5LBTM}Flw0ejp9b_34j1w9
z7}l=<_mXwJxGR=j%9dIOhIA`-bIR$fTw<qHpZb*$YTPy!cdfw*l*!A)Y3EcVGjxpe
zNsd6Hhg9fiw!nQ_-t%HD2V*{tY<3ZRB;ox5V|ns+5>>PK_(fnzB7v+)T#z*x04fjX
z|B(!9tK35>Wvl}9W2s;-Fh_T`jS{zxYVf+F514X%6_VKj-gopK?3Z{T`xuvAc}4#)
zzffO}SdfKns1N+}o7iX?A0!pb=J`%ly5}u{$C1HoH2Rga=l)MU94#SjRz)UO4TU$H
zxb5}(nyR6ZrI;?OdVgBbTme~Foo|}46@O2$A`eC}p^L`L3v<Z8m1c+dp%o8u(`l<F
zBT#k$h5zxOhk(NG?x5-Yoo#EC{tTmi<?E)qN}U?lsuYp{50`R}A2aoHY0=X~P;HIn
z-)fE`fkSfP0~-+^^-NlOFr5Hc(7H6kBh7%lVs7wWtOC`$JCo<?Cp9L<T*QtYtNjNA
z_t~eEPY(~K_L{)?!d$S`KA@M)$O5ZtWsMuki<=9&PU6}C(1JyB)|@Hx8G}WRc*ao@
zJCL8sw}@0Fp^MjkFtK~P+a0v(wd{PeAM#cwjIwUqmDvF9bQ1@<)zpdE0Q%BMD>cyG
zc7d!iip#Fc^~YIrp^AeVf?!%gD4F7dSn*TU+?N`y6~>0b1~x=I-kdwI)m|XB%}68b
zeMJq%UuZlKrB4k2Ay_0zO<rVWDG6a+QURI`;F46b@a1l}af)#{6=soFrdG4Rdx01z
zf3qijk+4cl*wLDx4&W}-^<EZbU6u#z3ZFYB`kKxLRLx+A?k?*@?qf&Ug_tJ0)%``Y
z>&l{E+I3B3U0-!E?|+fmgFE{Bf3?#|n$s@z|N0``?bQI3Se?T4*k}XJm_H;_r~U4%
zWrQoN$qNbmNJI7$dw5SLW<RW>cM5a;XKUcr?+a35{lG1%KMKJXUbGjl*v2^u0SGN&
zs;yz_(wvWAo88qrBvN}XsL^9s{2sNcQsp|l-QG8!vE0<Crx_y|9aVEIGD^HD&~n3S
z4!hdEP~6#ST;GmApZex}Zp)f(Cs0QhhNro|-S#K?xxWLnrVp^UW6DmEb{~~?#zY%g
zPxezujiHs{?dX1&WI}a0K*)N}Rg&^gQe>cfvtuHTO+McFnQ8T<hurh@tk>MZrEBtj
z)Mi;X1@E!4+Ckxbtvalkf!^cfLT;wFep~mMRwwPtVr21SzDS{x%CTcAe_ud^ON`v6
zxP^yfCeQR?s{F$KfR^L+#%I!<bjx!0(9#;47sL9}7;yitbG{CHtc5HqLzFFCqGw6@
z=4*%Kt_jm=*B!Tn#gSN<dINgrJjW{%Z_fnp-;spmS~TPf9I96SvKnbEyW!Y*td<@f
z`Mv${wP}^fmDOOELLFz@0aSRT%yvXkuK4!%2jpskJN9|8VMnE?qdpFG2b;5rMh=61
zI+X+C2{$HJYFg&b2EQFGi(s6WsKg^iLSi?ti&mV}#C9`3n!waR{ZMuNSxS!i-Iw*e
ztdrG5e=?TRrl%65_kWgp|4lI8?g|>bBiYOOcu!?;jOGynxC>U*Mb@nHB$ictu0Fi$
z9LgJM9Spv7tUyqma!b25Ei_b1F?UxW`?j*x%IW$9)OMW8>sr)0G4H*WQ)JWp4Ma%D
z*7r?G4lT|7{1;`mfRH?**hmtkYF0zVxC9({^mkE=(!xqE=^x!xEB(gj&+EA&-4Lb6
z{xRbQB$Y;(L^S^4Mo{y|8%_hWf!^r6g2>Umy8-9x<!`tr;8wbegX>>fPx#`?XPhaj
z+Ut-tr_7g^QSuK-P^#VYe#@Vs-)%?ot@M8z9T#uJD${dt1o#9X*$ym~lKq9t9`pbN
zS0f2}H8TQN<j+|liXjT3K{w$~<)k{@2HR7LfV(z#7FwZKVzYCUhe5A~ipJubUSe`R
zU&5<mT{{AN8d}=1r(0}hY~-1KQeEcME!S8pbfZ|dn4(;h%ZhAOOUdeWw5GQK5^U`4
z7;@U#TROchO9w~~yvX|9y?J2!6r0hPOS?YcU<3=kk-_EBSM`B;d8#aR)L2fb#P@O5
zcs<)meBNZnud@E@rFRak(57glgMHUBi56Z3>(-vcr^zX+#wW%q&|I{h&FV7iJe-|{
zqt%1-vYB;@qUlwYZx9xpz>$2nSq*%c7b}z?U`rpK7DXD>831shMG%qlp?u5#p)a<Q
z)R45y;N34mWHaStckG0~S9_o@5cUiRrHIZqA87hrR?HoHB1QJ*#Gjd|#GQy-lIeoR
zbRfwT$#Zq+3|~4e?s_`y0q-_3#jY`HMdRG+$9j*ld7}NNE4!B2R*v`L-Q%k!owdVK
z2T)z(gq{?4Tn_hT#qX_tU%#C{#*hTijG_aa6SQ)8rS-PdAwa)GofCe=oGHj0lZ6T=
zdGHa%4PKPmqUQ_6DJvT3Oi%#N5dYKG;-pLp>107NyJMtGJWTJU&=cdVKy47pnd**@
z`X&<*?>9@;IK~_~KAZ4+k(mH=SL<C2=$Ih?gcD0UJJ7435)#RRx@hIHsn>bQ6qCe7
zVLZ{8`qlhkb3Z;-%f$B4GD+(N<Ggwc9~=moq*1fRf8aSd=qpd^S44+%RG6$ZE7%9r
zz+SIO@YJAu*QnYsJh;$lO7U9hkHUJ&yN_%_JbqsL)2Z^k>W5QRapxJU<u_ol=HSF%
zS-1z}rSsl0gC~~%p`-3<O;}aepDNF4L|W=3vF;Ubte$JT2U&(ZIPs5Z_8^@#d_KqH
zAMRD1=VX;dV4|u((4QYa;97+@aOTyfB&J8_F$Y+DNp)~TuJ8-=sWfRtFs11s`@Uwt
z1GGN+P?1Y;RkKkF!04-T>1Q^slS55;=J+VIsK_@HRP$^-dzHffn}gx-aIl$tx~L9H
zwV4d7a2XwNna~FMrPwT1UBa9Z;K#BT9i>=NR8C#-rJw^8L?^wZK1XtcC|-UARFnX6
zO4A3E(4E$OXgV$H!dtQ~Zx_-md>oeEtFr-nO!U;<@Xprl!yH$}n4)YpmmW*SbeXsB
zpSTc-{vpWQok16E6xYUA)Bk|xY%AA6Ne7RFF787MpS0tAw!C-{4Rk<yr38GgUu9%f
zXSG|YTp7QY(VnWQj?~yz!-GmkWmI8T9M@!ysgsmG*bgR=59<W8rXvpY;1;_fsmVP}
zG+u9;;Yp88Z<*%yh7Bz&nSUy+{kBAAz8Jb&ryhzDlzW$ko>(W>Z*f~(ZuH5$@QVJq
z>QgDo*IN{2aVb5V59|_7NH%o7f2nG)lldo9LOWRyVgwnlOh+4uByHX@(1?ucM*%5j
zWOG>lB$D~68&X31KUUj<1-+su&Nr}yrpZn(Fp)F272PvIAITc<salUt1wX)X#=OuC
zRi|;z@mAf)TudFYo<ZB`t8rVbe*JrPh}qcEZtK4uw-Mj~B<Lte4C+W_D}Q0Rp3FwR
zMbBd*NzybSEvwAgRL6Brsz0!W2wi$TBak^%p~*~hJTD_JZaL?4CKGES-$L4pJMGjF
z8=cUKurrl!(UAqaOnU{RX3+ca%WZ4qyGTEkE5NEDZm&0{dtw=>cmb#=YxTW!%IdEg
zumLQApztKwV;?Zr5wjQnyvKsxqxBT*Oqy*SKba~v#6qDauV?@MKekG{cjQ*6%MBXe
zWqJyqt2{ZbCl7xLXG_1ZDPgMR?48#=*LWD*4Idztcy2FtU&vLoxHgDwR@>gHeB3u5
zK6a|JJT{P!7h37<cOSnT?X}y!n^kBJ=Bt@*@ct8BA3v?p_ua7QTfNzd5~7HOF+)|s
zk=&>x&B|~lz03|$7)6K;f>p;$`XTZOun+U<@AeXWUK&^5oiO3%HyG?WHBDyac_J$u
z2lf<f7!r4koT{|s(i@`hFKQii$FpQ`3Yjl!;-qva7v{usgXbqxZ`!{XYr>!I)!#@>
zJo#kd{^2G3^ay&A3*@I4yRfA%EebJ)@An~nr+FUIKk+l@XZ3~IE)32OlW>bS`y2lb
z=o->pi@UgOSElu&<=o99=zv;Va}uehe_r1^hOP`*M^g2xrj*h9e0vxcn&ytp9cehc
zt-J53&o@vhSG_1!9a!|YD|WNA(xnoEDGC-Su7l&`N!3NdTk@;Y++X|~I5_~0(D~b2
zQ)Sy3D)z-t4+mv1G4;Dz3lC79bnm72dMJ-EZnlx4>@WTU>i{xMle<`OPsS7k7Uw+(
zEYpv;@;p4_*lC-llakF-gAUstR)%-|`+{|>kGE>-c;okj1^3o#^8?If!JK$#qdUbp
zwhpI>xn5jW7arOeY5i!ekl@Ynp!*gARE_?yK4Yqc3-2$tA>uVyGddVw?ZW*q-u3@u
zoCR3o`fsX|lS#|`Rd9PAiIDXjUkMFW%gf)#@`HpS=i$L;vrk(GmFNHODJZnuI*dP0
zar#BG;|s|3{IP!-e}3PHVj?Vfr_g(@y^K8;J|g(IeO@|YYIR^iVsrl?;%oegea!;F
z@A<ilV-3qQl`=|6oFA@SJ3w{mjwyoOhVjmX_s~pVB)JS)zYJ~Bt77^Fvc)3Oj&!DD
zHw?&^);PcTR>s(Xl<yt$O&Al~V}v6QlN31eobc`p<Yu@*&(fdqdf+ejCf&+GD?s7E
z|0c~038s7>DXQR()i+U9aVPC0RJDnShackg1*P6`nsTV`AZGRn2J<EI%OWlTP?8cT
z`OFpFOLE-qt}7p=i>iyxL9;A=-UtU;>l~!fCzmY<6$m5xu-&1Y(_`@f$GzST>W@Ma
z;Au!7ylA082w)ezKbZp+aRowl%ornF5WzG)e5Y~=3-PHM!zERC6X}Ja7qnh5-hW&h
z4$vd4kT%6MO6!MUkp}X|K%*9Ca4-v}rUZNoXHVY-%Q>z1z22o{5P(>ou_7OjHPs_D
za>|U5_JL5>)3G-2YqR<Bl<-=ZVprfMguzs608L<>rcNo8P{A)3m3~me>krsM>Z~-l
zlIzZNV{-}vx?9LUv1dAwwwP9ogooUqO$J15j$B?MB{<O>3<+Aa^^hDgnte*@T;#qX
zRN&@6FBOp~>LFL2^0w1bof#_cF2yKFTG<m|=xix?{jf8&Js8iT{R7iINFzbRX1;8@
zC<jcvRjATCJCrH-Thiw`?dJ$aa@``2c!8+!W$(VbFRPc3B?w(T{N0Gt1A;HK%M4k9
zD5Gzz7eWbHa~CP09}VESA)+!Ac;^|eevptfiJ6oHt_t%nsfz<M&~^bI@0~~|ZPM1|
z9Xs?TnDfhYW4%=u>(k@F?S##-+zz^lLmPh1krAYo0J&+g%)Vy7^$HQ3UQKi;WR3e5
zzw+<HLMqP3%N-T9=TGTJy453~vI-|SdI2W>oS%DY<jBWYbaz@JDU^{y{sO5wa98Lk
zh*5~N>RmeR82y0IcQ45-X=dPOMG^8CA<<BcM2Va}Z$BYrwB#N#s>h-8X37{`SeE{_
zY_V68j2;rKPUO$}j8<hV$s9E0f%eO0dRW;m*u{4G{a!)O5MAQYSMs`o*szV5jq_3w
zoKK6Hqnz>@L5_79<#&E}zT^d&w{AH*2VT5TZch4iPEdc$FglJlpN~jMKf%#>&8^->
z3&SPdk&uAWc$E%FvBGeLzKnK|v`$d}ReIQ2_rdt|9>7CKCera(x0Q^n!VGnhats}`
zE@TSc@-mU+iy%I73S8fZdxU3V!QR<l_P*1uSD&ssgiM()7K&LhoX@&8XcZQ#W4`Q2
zn^bn=VClM57{!Kg4GF#!F)0my$#0N-{M-o>@hi%kWQ3@b?PIwwv66sLM~)QyC5yP!
zs4M{EMu}g4GYD~7{NI_9z|8j@z}G}4mI^(bbXIE^w2-k-XpKL>SUpKssULdVy(u}A
zZOmViB(ulo<|#VZEK^j&%)dx4mURY{8uNK?dxv^*!i@@)qIy^#9c@x{kFRasXK+~M
zXUFg)@VDWvf&*xR`M`cE^_9fOyl8t+Sr=7OyHr1-qLjHeMs&j)^t%>$W)0hzgxnoi
zYhq(elXqV6F|VG4fw#93v#W3}smVSXE#pE=5;VP;2P8XzmTh+VA<zb2IgMuRm#-##
zMeXsRoki=)%5idM+Q?h-r+NnB@u>yXOZ#~f_uuijhgs+kW88Jcbl=@;ZTQQsv>Uhg
zLxRf-A3W|7z}|Ra#?2ba(m|JC#=RH=WZ(dyr1m!hh>8m4OBm7Pu;?ZpQsZG1e)l>D
zxk9w@C?@EjS6+c6_V)Gx0SQe80+RF(kWhbti~$?>4YQ5gs!p{6P1X529BCUKgZZrm
zqJkEcH%s`vS`lg9BGR{WmwSzo16R4Z_ymz}y8g6BiX4rwlF<1>unaa-bUKA1QrZzM
zhh<#%nj?4u=xBmSz(sUdfCPNJx&>YPpLU2r1mHBYZ%qPDcFm+Y1#vejv$VP(vp`8O
zR$e+5v^T6V)u3J}*{cL}($B0JN>{K5o^yd>7^*ee_Lojx$sE4-YucvkKzuZMx_|yM
z&tF*H;4`@Z?ygI?k$(YO#OA+F$_$tcLW2BeY@tZPnfPb&7tT926JP<8h-kP@5@WJz
zP2##CQ@0%hv2h=<FwQW#D)b`C5QPs8t@$e_MAM*%hR?kX!DZ5n{9@cSPPfu;7GWK>
zdtAm~=?Pg&Aa}+x{>J)!9`d8}0xWZ>8cOlwDrLE}#xGt=6j%N}7|O@SSQ>e}BU2zV
z+WW;xmnDr9xEEj1G@vFJr$lxL)yhCC!2?wV-j?JjnsLNHDI^@d&`he6x)i&7NX-+p
z<R2_7DAmDpZ_VHSfyJZ?eQyY>rWJevB@JhHUHpO7-xOba@^)0D3d_PWX{~Bh3+#rn
z1i9-j^-R&ip76yka>r1GH34!nicET|95kw|sv1-balsGfkmGDo>8s;RHl01jrLYO&
zlpz1xG!l8zd+u!!BxutUMVaq`x4*>>ZQ8Ct)h$I}j)l<6j-T>)Khsb*Bv3(ib=@PB
zc7+YVK2tL+Y-V(&C`N^eZ12>IrY;FJ)o%m8R}AFOsn;GjjE(qSz&n)OAw`4HLUrN4
z;n%E70RLN~0ilPZ2Qvu9A_|j8UVRbchpsA)1Hb>1l=TV%9ZG+AF-(PDA%)-9*z1*;
zv%S0#8C`{O2tmY*;RQ$@sc?1IzXwJCZCVqrM<iJ4k!LFWnu~c3_cF#Kx11AYm@D&m
zDlm55+b=H%du(xOI*Qh6qaZJDN-pZeB+i<1NcGtDHh$@jv4MIHs%g#)nG!cawd%g^
zy~)EIb=`{d5oPaS5i2g^n7YN8Q&tY3T0*GRaJ+{|+mJ}kk(2E%URZ>u34>&Xlm@T(
z4mA;0gNphRL}i6U0B1AG#u0`4ZCnz@CqR~7)PER2pQSG;*#~iyS4Q1$m4^d>gL^fN
zlX2j{t0*ua3~KR(Sg@w%n_Ga7NV6V4$J@+5ICAq2lV7KnU0=(Qu@u(1zfp4TuPaiP
z7>lskl~RRvRhUoP_$p#`QWI`9Q375bK;|~fsb5|TN=5v!)u)T~;WGkcbiyTWI+&%U
z8DiE%y=ON*;r55Yk_C^m4mSys3xQps0R3LI`$!YFgFHI_?N0ug`Q)@^xi}q>&R;D1
z3Bp?4e?JP4J;GI1J-KR3EGM{ggFgGJJ#x@t{LL+E{$n3x6HnpU_hPRpIe%12qLtR<
zO)eBI6W)V{&$)i4HAIiQEk~CO8Q~9%xQ|f;zhHfDgxIRrVV(X|rk{3>okTu-@$=XW
zL^GPzGGan#VoqQacuTzP8b8HI5}$Hb9RY|V??ER7h4=~dUMB&eEPD~8%e4f~yFdwO
zDF<Hv89AVLKT#6tU|VIT0s~S1g<uocLDfo)F*EcoOU^Uj12jJEsC)@pFt-@}Lmjcf
zGvU^g)`Pa&n-g1w)W8VbD_c!leBM9v1KmGh?BM;0zpXd<nS#a=(3*IVPlHJgNhZbf
z!}BE@Q-!0O^NUOdg!3bZod3UD)NPUA=4K-JTmi&Hr=fcnI=Zt@FrG9BpImZLJ~y_+
z1l`OXeQsRAD{6LYgoITMeY!Up?#YPea2*!ML*zcL)vUl#NP;o?xw5WMgeqKt2AGH`
zx7YA-_(DhpZ&-eoWs@|G=)+eq)E^k$6!V!qJO9z01qglerr<_I_f00W!Xd30blkmJ
zUxKP&{R$fM*c(;Q1cFLG3jFA7u!<T98YLxaRrJMBKp$}-JmbV0%4^^MOaZh~C`b)w
z?s@|AeYEPYipDGZ2n#Ejhil`$pFe5;_?!vJj|m=U&{FnLAQMFIxke4%@aA$Y!pZ$m
zsziXjqd56;EsIA%fg*YUV)Z050tJu84X-d+<BpedYXVf@;H%U^Vsz##I*`xCFKQ0k
z@Of=0obz;@whYHqiCgc=Sz!QH<iCl787Q#)&)<~zC#Ol=p0Y#QX0U4iNWVG+7FJiK
z=c=XB<R$ag7+V*s2`dD@d{yOD*(E9;qq2#K%j}c2z`Ui<<_@VeA}JQ7x79j>@c3UW
z6{Z4_F;e@jRNPNqGBf51Q;vQhrYN{mDnEN@lMep4p<sy+6P2Tg8<j~fGT=L4$_5ky
zQ*mefZ^qWy-sjaR`TRW*E5456!*c{3-SHcf<$EuZr?D%pR-S?e(mRDre#<-H61|6f
z9=naE3YwGqPZAoOs`En+GGB)Vl?PvqYJ&NeS)p<cTw~Oq-0)EtHoy4qK9-;r=@;6j
znSo7{hNb^bWsC}hhVNA6f<yV!gVF&O@B6V&6g%iEBO<8K-6uww43v(EXVwi$L3^k4
zeT-5vW|C6!S3tNQI5q758}Z>t@KJjvs9+T}BMA}jjr?Z5v$nLa1ah4b94pgpHo88?
z76>jQ7G3gSG?phkfd;#9D}DT~u&XbLa|Twy;|j%#A4i=11BP!|HSjMGk+AkbANw{>
zgOJBil8(D2rHHp@45~n59v&j!M9PbBlsfNG^tkQL1IIRm@QDAmtVZ`zKt_6U;}L_1
z2|p5W*F4je$oIsIMhuc_dml5tc~XBnd%9v6uqC(=sk$#C0Z%Re<{s4u4m~Cym$Ac)
zHXCA7bo|wnvB{A05V>KiOU;>T)&?nVQBV?R*cRdkQwC3qJ-+bN<oLA^cs7Vr2`~up
ziDHjQAi98WCVuAdOKPh|{|aZ0QMDH)9{F?xZLO-(hDSsx==UGBM<3@yu6S~T{{gTi
z5|DiLI5-*j`Cbwn{E8cAf;j82jEV=oLIbiOtvL*4uOuT4%7G3vk?<FT0ZC@I>sEdZ
zr(zz$>`85N{5#C=2b{*m8v@M^oA9C)`HheIJiou&3Q?jIx4<pbs#{$}+{82v_i@s+
z^Tjjyclg~<d6|Y}9-w*_zP&J@;q`m*!kWE0I!TPOu|%EvvPluv0hZ*6tBH)kTEc}N
zCDqTv#L&(=-T*YbIz(RE{>P-*Gr#A*#m@#Q4F<s0nxsp;j6GZ}0X-csE`VBNtq(i(
z*q=c_qW5?j>U!AvQeG07MGZQ$3>B|GZegApVeL;F`hIO@<q2HU;ycB6s`}feD!b9l
zQAIv&k#Jk-3~Zu8eOgIyeFa$40pZpN)ChkGEUmGWL*bo^d;x8j<*=jX(0I;*K{!)g
z_k633#zcWYCeqg8km}*luXt)Il!LMvv@dilxXKcIDl!MeAyZIG+z%)f_iFRL^q;++
zi9TV5j-up$xwRfb{KDVE0@D^C&<>Vf<AC}yuoN*9={>ff2n-BoAmUrc?y4AAGAivJ
zzm-q{V?}NB3^itr=y5`31TbCz&p%xXgZ&w{nPL(dq)Xeuf^yAZekyRn)ey)m0<iAL
zPZHr&XxA1V<!INh1HO3IHtZZ^n!2pDF|Y0<BFn&#AS1(o^#*MD%mVU1ENC$PHQ;&!
zpndUau`f{DGc)dRuDM8ZkI4+oBj3i1HIUoJI2$KIE6p1^SOOUT0nv*O2h&V}foM<*
z6Tznqj!7`3)}S%CnAip{FpYm{#hO7d-#yA4`CVr7^a;2i$rK^eul?{aLL`^aJVKo0
zRAuYo;+aOnH7ZU!IZTg0a|$GqsV}L)MtLcnphpNj<pqT85E(Qje~OH^7sMVUMz3Tf
zQ{G-5<|Uv0ZBNWT7d>aJ&xHSKSZg^D_ME3HgayvI_zfC_)IPP{CD#@67{&`tLhaRj
zhTv}s?G%syz#lMM6s+327~-jBcN8Bod&qoYdDUoAs+H)NITxz$jK@x@kbkTmy8k!O
z-U<9U;@fSHPh3V*71YRdEfM#%B66FRkoBBqodw@+CHx07Se`aO>t6{60e;Ya69vYM
zel7l5XHYH|zgt!dvc(D}egM=xsEpm}M;9l>v1--Hue#hAIk}#*arYYi;&K}Dw@}rA
zUrDalszVo9xTilpKtB<nGU_><$p7}0rxPog^20A7zo1uo>jF&v<qP_iO)g`g5y(0c
z)cZ+Yk@81Qj=sz~=bDa!vo%J_%i>q77cCrV(r@`~5j@E1&1C9AFBohUPszS8UbqZQ
zl9exf{)W4n_x#Bnkb&-7jk)q`sc1I>?L(5Opk(l|SIG8{<xwokX(~w2@RXGRf6ryH
z4gr*RPtL%TQ4v2+Nn91%VHR{Xbs6D-E_M<`8YS3VT^O_YJX^CXE5OY^tgPU}J%h0F
z^am>oL4UHH5#!@YkMGSQ?yeCrGqCvqU~p_F_4s|y-^Q0!TzOAh$7jH*c_0);>_697
z%-3GqR1_56iw(4Ldn$5xy`%EEPdE-89l4ZyNBG&bXqP_+{e#3Dvy(M==$i^hMls6i
z2I0R|EpJL_F7&js0)M|L)U9v9G9k5VR@i%k(@%{bO=_f~Qc2rCRNr2sPm<NvAdLEV
z8n7_V?>8X!!u(^ZQUcBd{S>0MDYI4wgi8=a#=umVGc^e=B;UwmLfq*IIcMDj(yD?Q
zk`1H<rRVpCOnW~Bbh_+xN`Z|umJf$;)#Xcct~5x9u)J-f7C9KpOKj6H{>yUYUMd0j
zCCnG7@%mb-n3sc5eLrN-D=W!y3~_=1iK>$E1F<qMZ@tD+nA!!6fAeJxpjO!zBj{d0
zI}9PLUKgb8Hg?S^ePn?L8xAD(x;SZ3j2Co}tLH!AaO9!Cx(k=WlW<(Yb1wXe<x%4A
zK`lKO5NZ=pUjNlCN%9Mi_P!x&fZa#&0N8GLFQhLF0o`uPVg~$Hvzy((#N!XlpZy=(
zQ0hw_wp2PoAKOSKe^k7ozQ|^cBJwx+v-Z_(Ia~Km9Ca0DA~3P2#nL6->clnF38T3M
z;z#H#!e4thIm)Ru?z08;4TerT*EL$CUe9Q=d8_2Vd1BHNEQ7pI7MO%CL^l9~Y#SFm
z7!!m6PDA_rN$G%!+_f_UWDvc6L)f=5Mhp3nh827LD%$J{ABefPCO3o{Mg-f3_}3@{
z{@_jj%TrjJ(8Pk6@|bV_=J6zX<o7++H%~}*d?$Vr&-U9Z+Wq6xbwwROwTS$8SKIiH
zCAI|`fi~~!VRZX7-{4`=<~?;@S$|C8<^7DJkeqR@n0Cv;u6Lp_UYBtDH#Lw2N)3pB
zQUkw0se$bo*b8(VNJ{cEP9lSpqu69|Tg-0d05Dv<`9NcjSM+@S?L9Q=DVzjC&wN&N
z56g%7mizY)d<WDw=wEwgjd!hKosuXZI1>)uEupn!8CZ<M)VX^}ccKee>H(!S5gz`^
zqH$o`Xdtu)Kk>-~TBB&dRWMgW4ymlRI5o#WQ<0pJQN~=ZzW2YPKrI)-lk*IP)xf!A
z2eX{h;k<eG6$qO9ed)Uv@b@SbpSzx5nR12k-{ZSq4XoXV6hg8woeoq#Ho2CRjnHqf
z@s(U_Pd`sR`SVtOr{cc}*uB6XALJo<xDgJ(@!!ouEA~kPymLGDdoE(&JB3UIvw*AU
z4M;d_sqsSnFa+vci33A`a|a0iCV>#f>ytL(OrLxx`j!=UBe^;7g%>B>G!F_O_)nWi
zVZ*^aQedDO)aFrvo4GAiD<vCjL*7T&oNy5CTwCZ!w=T*KT?FA29zPqC9dF~dqtB-|
ze025Xjy%3zUAOntR@5s~%k|%UdkQ|4I&#q%2ktA&Tg~ZZ95h=c^P&5GT3GZ&9()C-
z6}`|W%8rCXv!A4kX7V5%DpE>7(d$BZkm$MTM-^bfY7-WHWjWh+!Jyv)S*U1LY{Sq_
z8+a@45iWGbPm!Kr-nD9TO(1x5bp)Q@JU%6qwvIV|RynP8{G$H$^JUGw_Hl#ZNK3?Z
zh0(P`-Mn&f>FmLEGCxzvO6t=gXWbID{>;)@@g$MwLGE0hH1-={=r)EI+bV|7><{^h
zfSRMfTCfCs|H%z-y+hI<fOjEnq(ulXjgP7kA`4C9%N(+&6aby94mth!n%f9sgJ}?W
zhPU@jEH#@J#FbCK*8O#kH0$&;H_@;)6pS~z?bPk5#$o#iBWl7y0P#A$kXw0Kkngtm
zN88b|-V7WT`ZE2`bx?ZD*p`T%<cZ?w$_;c;JYP>-q~`wf-<;0|@M$#g(vv^?c|yNg
zGypCp>OM6t_c)p~DEFW)0nNvR0QB!G*`J+yKY_^p@ekSeg3^=x9+G9P>gB7o@@-u4
zuy8CFp(AHi`n`x5JI*|V$IUjyIJ(VuWrjQA@+V$~o!q?Nl;1{Jm3F?w@Js(ZAedge
z4MLU=yd0o$t=L3y78{r>4jMq9oq%wK|I&xDfATNYGz*EB{_MxiJ2VZt#UN(<*e4w{
z3)Q9A+QFn`C**3%=l&w?>)PWb@ZI}MIe1EAPIGr_&i4wWCri5{H_EQ+VLwA9%u_D)
z4PXL|9cF{pd_66q@m?xvmOi|jy9M@*d=z!i@DbUhYd*18jip88&91y1FltdWn?Ak=
z_Pv${id*xe&fUsWR(4v-Hr|pAG$6RNw7(}9sGTpZb+5FPsESP5E%s0f42G{#x@=L7
zN3OU#%6@DZX!|;coOe3q>@t&`dvWQ>&P@1)k-rV(!Qiu-pBSxZ#K68Z@Mi>)IfKe4
zd5QZcvfmRkoJl5<QuRMXp~a7?<(=m$T3$H=V*V-N3<8NWH(G%d<!_-|#PNlAj#JGy
zcF?K7XFuF~NqULyvZ;fMtMKx%o*+~d3y-R~W10511iunIqwT6MOt#%(O`UXA->dj(
zjt+gD_aqwqZJb*EWrJp|gE`i7Kko57#$DthBkjAutw3`Fcc&3dW~Z+njCZqVF8WPz
zF4W4wtsJ8i4M2z%yJZaT`0DX`-Sn6HkJ2LSHdXs!m5yka8QuaTm|qq6wA-D_kWG3(
z)$<pDo4~8b28!=&dQYKTHIepb2Tk&pN@D-a1#pw{pK7a$8PlpjJ`30$Pj9lvSeZRx
z0wUGb;?<q-7a1nlQ3isdlt5)%P|D5?_ru_v#IpubwoZz9doz(Xu!25O4A$sERc2Ka
z@gbNkyMEQRx+k{|_qQJiCfpQ~4XJvS^yB4XKQd<CLIm72P&<EVA0dzAVD->@&(aUc
zMsToin~_Ozen(Mi!(;KZj;I8ye&ug++iY`bQ(Jd)!Fgm*Lzr%J`{VLw@I}t^NP!$M
zod`@M<7&U_m)7^JEZ=@sf`j3b@8q}*D3(m$7}OEnsUIJbJn*1u)X0fP(3>Ipl4au5
z3$UPM3n@&jch$@c*}i$1@ly_0#2FR>rAS0jKDT($>^j6}CF$)T@im`9E?~#ayZIpn
zs+t&}l$Ly43CY`L*w>(IEakStaLgiD`FdKtr+O)}@;qz?d+~0Aixw;*<-vi(Fd%ZD
zk^Rgl0OiVLTKZFX7)}cqiyL_7iR8+86EmHdO7}Mm-8<r9V_IqsiyVTSXtnwLOK_8$
zOx9kdh};h9@GxGz8;G)B3o7C!K4~0h7d<GJhSo;gMEpl@<+hIp4l2fGr31GXuujTj
zkO$HLKlx}}Q&o@OvHoyq8Gq(vn78KHQTHH_Yibm=-C=dX%zVbJb-ZXOYt{3UXu;x(
zoDpzW+RqPnbJtNG`Ko>C=#XT`WiijT$mjdu<;;JT@n(4fg`C74C{U%7oJ_<xj-{8w
zpcmCbc%qEE7q>cNEBf8u#AR)TRoKOBJ)ta}-SjHi3tar}6@2C{uw4XBm;EBd_9Y8f
zb`cqyhc@<YW++{-sKfM}(5vYs7>}BjqiGkmvfk6RZf8fiQfe2L6}&Mfl-j$o5k&5$
z!0Gif6<2Lj-xj%1N9z8n6>jdqgP~~6bE2KPOUST;3eR2BCVreb-^ZlOapiJDBZjs<
zoi;+(r1#FYIHbY@<3Bz*Dj9vF(^YZihLm7%_;lan;T6sIder48QO#b4Wo2jFZx5Pg
z@;N{xXs2VEydle9Mm9C^o8#>F_J?M;73yYA4wJ{J=bF;cF}~H#k(JZKhttw!zO2WT
z5V>vlgcKX|e5~Vm2>#wEyn8H<o}E}Cp4kj_2H8ulfCC7`IcP+q8Bu$5>8;?d+*lsj
zxA5u-N~}6$Z~4+G%*=W(AQ9(;%p!6>Nc*ec-nxO!L4R<xj~`u8o;`XBKO|V5eL|}x
zKt4S9=%!mB01GzkX|5LP_!v9U`IPxq?y{uFX0Y2~Mz^<d_6n6D?N?T3-JoGRUv*Tk
zGTw}4Q&h&#Wc%`vi&;@F(<dywJbJyv1{t#WY$=ZPua~UaMM`}+h<^KQ)FZ?=Mp?}#
zvR+Btuh@}BNo?>UDJ!eINHL#VYOQ$ee7_*jaU~+nLcjzVjV*ny*Rk~Ed{&<4&ILDf
z2vw{9L97NfQFL6*NicbFh;_3qHn+Z|qT1+zxbif6G&#6Zn{Rye8F?j!>#??F=@Pqs
zqXpIB(P$O<g*~(*y&J(G9l;?N3u({zaKt*kSEC$%jF(6e45pSynJ?{V0EfPZL|lAD
zRlNt;BD7X~Rk7A{o{!zNjpg%6&s8Mw@z*77+Q+Tlh1;L@^m6=GS+~dLlKTfoOG)a9
z69Kxe1k(&7<@afy%6Aiw?syKD_;%&@kbfVlxg5!FJZJAELsl6cL_E3*u-IfEF1J7Z
zLERFQ6PDfyy<Qtn>riFUH|^-%-3GWS=6AU}D%q#TvE4~4Ka+-GTd%!K9eP*s;=a;i
zs+t*HgF9g{u1?uInEF&Wcz(JM<f!%ZI}CI%J>@<}F5>~C;QsXe`J+Hhw_}a{laAY+
z`#nmPRSWy^-26hNoQJlO7--ne$JQsgXP1dsw!lM<hP3?B5Hawy!*iF`k~AeQ<5mjJ
zpDyL$Q#Nb%6W%<;?oT<*5cP*;u+GlfHkZ1<`rG`*2G@%>QS`WsLIKb31k2j13GO40
zWXh5dA6~x8ysW)VmtpQJ666D!Qh8f$v7ef8O}a*0dQ|0^80il}$@im3xc5Y9V33~w
ziEZ(E6R-#9I;f|gdX{C*uOC$(a2r&vY(7W}Hk8&NU^T`Q`AC);^Tz4o_>z0(7^y@4
z9)f&7@j<W=(s4<BsWu#5cE;X@{f<E-zldJ_1Ijht3NO0EPya+Pn46!+!816q;QX^G
zApVhs!Cu`b(_~%+Ybj8c>KA8Ki3|QE%iKItkQ4NSTk1g}L22G*1CFr`H0D3y588KG
zar_{?7@El1dZ9OB+85>pnkpViECnQB7C%;BA1IH0ZMMIw0k=Z^_VMJqm3oAB1~a?w
zQs?0EVVc8gSKGk~8UAQze;@wAC`f^5{6w*=_`;x0>qf0UjV$|i_jxCn7U^=H$iXmL
ztO&#SlZlGP_?YIs6TX2Fij*Dg7J#~Bysrb&2(*7?FEo#<`3_Pz!SeVG8aqDs_u^60
zRO!5j74s^G7VE3|AFMESy}wa*)&o_iC%&+J{iIzgtveEkJ-N{U_i^<La{;U?%YJU*
zRd=RNkWh0J_@$D71PzCTSdo<O@8Eid@yZC%#Co%M|14eStH(!FUzgV-y2A5vS)&u;
zqn~xYm$P{|N$82RG<+~fw{cE&ouJ20tKu8U*4?ylwWlckb(y$`G=k^hSx{2?*s?hD
z$nSaWC=_2ksmqfb{5EBxeA3=`Dk9+g%HE4B+>SG71#8_^F{Yq-Ydr;5^>&vX|E~4m
z@yNMZ{o!5)Is#S1ebKkQ-iUepFYNVDB<@7wcfv5cgKi8C@%tg1!@_7T+~19Y$2~8y
zxs~nTDbpvu(aU+o9p!h#sFsri2?DGGH~OUIn>D&{0{x9OWv^nQ*|J}0mwRSb<j3Z@
z4%&)H$qjX?Ws$j6#rCpx&IZtJ4Ln^E`1ju(Oy>D<`v0#E3`iNeBy{=+orSi<gfs$(
z$KQTKOE4oHP#9hBY-3RQ1S5$vFF)^x-S0d8L7FS!O)=})9#}tuP4K2|`-rQ(%SK=w
ztA}5BppNl6iq1|X%2?BH@2Ows`5%sKSvicqaD>1(3){*{mP|$J53<Q3rC&+cYo^fH
zUX=IAF0D1VP(IsI_J52;Xy6ek#OnjYp5AC7!7rxx;R56UDbzjBuswh5DFo2HujbS^
z;_>Jz8x!nqTW@ggF%P><J*XfVh7QDPMZ)%8<=w5P*Pef!=;cqnokxM@(@srXfy!`#
zC$sYO{+dRDp_5&5fqb2bT=o&EmT%u@t8<TgFdc^cni7ih$#P*qgP;64jAuM3TB%(2
zkNcM7R9AihBH{VVHfDEY;s0`*JvaG{u*``+VmsE)N_v*McV-F`WC<<k>bNv$H<A;S
z9LmAfRlG#x{|uB=e!`m$O>{Rc;JIAJ>v>6xc6qky&|gj*>W&i}ReH`dn6m&T_HRiR
zK6!Us5s@Fxwid9koc5RC{b94bySG&iL?(yA0X5PO8dE}Aq14C_Xw-+3mB@V2MoAY{
z8Zi2AREHC5{+-f}R}F$q|GaJc@6G!2`+e)v@xz1Ja2H=n6fCidMthCUYfF*ze1Q*Z
z(b7Ao<x+zoP3~{2`MVbJ?rm1XE-CCBUrZWv_n{^K#6|?1qcZx-)l|0lJ}G(mj-`MQ
zB~$wL%L+v0WLC^XKf@#BSJu9RJfd$RbL@p~{B_3>boNCNqwzAI&25zZz+wGf)=7Qe
zziN>x`3H>|>7kqLqLzSiTPD@dxk}yS0jEZxZbU1u@Wmr`*Yoe$o))1ucN5EL8X3Es
z>9O(wt9mvj&8$;5*gpGYDW^Da^x-~&>_X(kt-)g0@fA_(m_d^??l}G~x1|R&3IW(Y
zuc%;t0`ozzfp52Mr)Paa%I4L==(c`9z)dd)42ylX@ghhC&ONO+y?-cNNSb)-T+fK`
z#RaEsZ2w?-*71-)g3;6Zye<8IOkH(U)Zfz<Q9=+DL`pzuknS!C>F(}smRO`)O1eS1
zyL0L8h9#tP0R<N6cg3H4-@o>pJ@=f?+_`sVo|*g1y>z{bU|MbU+am1S(9*^yega=I
ziQ@LFQLOK3rL?c9k8*E`A$=tY);-G(l{x4LRL`;<4?%g%)j<O%?;aMA{59&>c{FVZ
z!--a$sE%S#=I5f`DRI)N)8Nm6Srf&31v11*nE~*DJO7Yj8hMo2lQEHc|D6UsXh<b%
z%o5FX*H-2s#gY7JM^(nP|GifNYJMv>Bk!C&hix!<m-B<km|gN!^!#cys=O&YJ2h<r
z6nGGbuc_LQbPC63oejIWm&e;{AZA+b7?YraAFW2+^9dOCB}jwboZ6jACLtaAbDFVi
z*CmQ^0#^r+CaC|8e8>jh%X^guJG{tKNfJ<!(5w?@*;puzTe>(sXM^bB_>x>2C2W$8
z0^!2w$%dg+<So0m*tHqVLtp>#(6fEtb^HZegW=Ar$jyz2nITts82TH5z}oNF=;|?r
zEFl=OGf>N8V$}aES>5Z&zDWHum?h7t-T#%TWK0#j!MAps#hn0RRQ@H=$YTYmk7rBJ
zaJpE8=vp@IdJ62v9b|kpPk-0Ot@reRUv(6Cq8A8yj`7q4GVg_JiqUDbhz2!<<r$by
z^B}}hU=dX7{H3bG*dhQOQXCR9=&kXrF!9LbbSNH`9}ej=ssB_&<_~9$y&PS);j10<
z$_8tH?U&s94|cM<!#14(*3wn3v&A0PH)tKX>}M>s$H+?^aGH*~qSvZVwIVoq%Rafb
z@h46CwI&hdWN2L>OJ<-)kF=xuQuvVrNa(QuyZOW=TDq}(%l6BkXZ*#r$p`E4aY$Sr
zgB1edd)Eot*F1FdtO#w&1wlif;NTr)cT;_m>MoW^wQ4D}_dcg;6-lG4mCrVdoMx9g
z$kv{t*<J@-sK|*&j0kzTB)_4l1Gg?F4^@N-`$-2K(z8*}zlje`c>ZpSF}IH|lsWsx
zNCq8h>io?L_sJ*M*MTR*2%W_#OlOw3A>`6Ly#8W7{Yp8^-eD;k`H1vqhunXL{M)JF
zOzlrPLv4`P>^sT^p47iMw{xTX2KSp7ct~NDzG?CExJ($@5c^yjf(-_^Pgo6sC-hzP
zWW#3dTid%%jcWcP+x#CmrJ)QO*o<b{TPh*+tqKM2r%&yg0@|ctZA{eD%=YC9`Ud4G
znEEyUxf&3B4P6tN2F%s;g8qK?hc02u24AL!t;>@9wHpc~IsusC;X-1p%b=?{v?Q_&
zyZceX{w4Xo%V_n|^h^`M$Vg<w$*MT}@GeM;pSH+3<yfSwz+|;@$85as^ZRS`!{P7z
zxXAv0GN<Vl->7yZ5}((8u$Fu*s*Hx4=!i|FDhwt`?Fmu^m2}ke5;&_<L(*6OJRxN{
z>bLgY_|NaL4~Kqa1@(#E7w1ux68vaYF9@;}TEIlnjg7oUx|>PAy<Xa#A<TnojM!-G
zHhTN&0qOHbs<$Imd%x~_%4W02YMeH?wjkkOg(_UwqS4P4vYZ1=sjBoCTfJ^q88dwQ
zO5$&1zVUt@W;5{Ap`+~QO{oyC7UtlQ+qmbh+cpVbGBK{x{>s9>y|(+!oAqYq`k5ro
zC(CYPtmn0H=e{04g<}Hc8+CYZR3WK`uHzX;9S}hw@i?yYzQbbZ`Pzv}n&-Mc6q&ws
z+WqRe>{PE(G()l!M(3ZT$zrjcRG)rf65$gD(0toXSuKPHX|I<j=_^ZrPVn;J$d?5r
z>WUcu*W}2V|8n-pUT@Mc8*vPnpyK#{R!*AIeNk@_yZKy{Z(*^`6wF82I_x^Z|1K}I
z4nx<SVC-rO03wn2e*2BvG}oDhnWOzl=}sRQ1A%LPf>_uzSYwY~^<JqNlN4zfx$0hJ
zw1k}8(f4mkPRu|tFIo4d!_K#|Bw08v>f{q{Fhe262jyg>v7z;%Q3H0V4!Y;t&;H4l
zmKW^Wj@(<n`K(b-H77VF0N6kt%PR66>X-EV;x!^t`yoN<)uk<%j>5_PesnK=a{}sj
zP`^vQ+%u?dOG!>kHO%(;zW8c~+}HYkgV$Q`hD=u{M22hj1$Gb!JjJE|CY31~F8Q1S
zZ78_Db$ic$D#$U~sbL4fl<cRG%<Df(kEtj_G#~8%9Ef(1Awx-dpH1nstihtL5Xum(
z5F4WU_5Imxg%y+ROeX7AccP;IKUgNg2`|IAU9^nr{>JI+@+IUhdy1|Hf*ka57*XsP
z_O@xl4v}W7neL+Fi@C%hsu=FObT3a}ydX+koKCwFGpuhSm1Nh#d+KSvjvUrg{jbk?
z&^>=1_cWIuAEmBq+wa_*!kXNOoFxsPMjb3Cxe4<m2|SpElA_^L#@=TJ!x+I)2?6Tl
zu<MpZc6-Y{Pl<*|#OuGwQC69Q=8A?P3qNMeis(q)iEG1UjI63<$Ek%$bvx1{tlLr^
z>V3zlE*Fi<3sT-eJy6Y1Y%8ypmV)KLwyz|6o^7QIDq5wM#_n^!^xs@fS5Cd|aAhJ!
zdI&BNJ;8cmuR9V2pQYqDw0>?RF02;z_rwdH1Q-@wlHn^~87nP(6}VeLtmAr1;wv{;
zsic-0Wr!H8H_Tu-#}WVWtIKGmmgaqj&Fs*NE&b{$_8pZ~XgQFShaJPw<6GXd)uX<T
zFB`zNCe^meDMNtfO4nA6yYG^mP$vp8Ls;j|-j|!m)wE+Ef((|=olbJZO;FNzFR=|q
zQTRr_bjJ%Lj#m#MXF2?`1LxF_u?w9|94}4>2MP2m7O9Klt$Ly9BA|3qAyAo^%#Iy)
zr{O;<S>pYHXc&mp+`FuW+v<3<y-4iB3~6w<oVvbAw|1W&RqaMRY9d~0QyfrLk6N{4
zmP#RMU-obZrhSovz4Obhjh;#mG_kp0>Ah_rOg}v{T7o%vSm@&o4{682^kMw;ERV@P
zn<k<lxh>rg5zG2;3XozC$xBLiOdwO^FeH9-Wc^d{#0(}3RhB#>alPC-=4G_M&hU?i
z(^hsatiT{%%Ie!ZM19^!oqE>t`)!_~Qo_`kL58LppZxRXWV*Sf5>T;C7@ILy0tD<;
z)U^8c3WEikee3CAb1spn2Nx^H)UvE4Soc6|$|kFsksb#Wf*l6?G1Or&aTU}Jls+^C
z21ncq_*d?{NGcMzuPoe{50Az>?Cwj%e%$*G7v9)moYRmOE{<C#qm3z+p-Uq*hC3TE
z51P`wnV?JAyDLm{D_>2XUW%=>8E#T{{{pI-A-ZJv>a{<;_ezHcxASj8RBeDn-}_2u
zSin{Nu!!kn+zB3+<*HJ8x(;HxSy69svefg;uMm@-SA?<KYJYc<IwEYioZ4Js95P_G
zL`&0Xmi?*o!x~*zPJA*GX`URl5oFi0GH=mNW|t~z!(XO#Np-Rvh9n7t30jsFS-N!d
z8z9Gvr4a+%Wg9ysd`Yc;MJYCf()Au{4_COD=U|U|CL!Z~<_e+Um5;BaXyH(hR<r;$
zL$hlbO^zP}aS0#n_NTzqrrv$2f@+nWMdD&+$h`W+CLd^rDDAXLjaCOrZzNs5OfhwD
ztP`Db%XAu}YOT#IKxDEJUUHT{sg<@=mcMFo+PbV??T%+?uZ2G524uqdi{a9H^|a_0
zct*VK0n{4>_9XHNHd2ldjT{~A5YiDQbwue!SG}_E4vt4dmql-HNc@QC5|B>;Z*=iR
zb90Yf$o8*d`gSfPbDhPiZJ-~U5^P%c)G^jqg2bH9BKIULUO0Wx^?>4kX=uPU;Svxz
z)3}N+a)+iswnb4FY`4PKG~IRwopqu4=aO7VOYD4SZu7sEuxr0Wt<KXwRlSNyYMzqi
z8R4@vIJ#=DJM>FxRvf5uEoc=mP1Fz;lp5A9ISb2@@h`!{ZM0EWExXld#bI{&hqPp>
zWtsGjFam*1#MgG2qsByK5Zk<hd`NsKVjV4eapKA`Y{##LdNK-p51mFU*~4gt+Z4Lk
zu$~>ttx`t(&2Z%%bNTdQ!E_sCz{u$3A2>yW2+2IVe6N1!O07<L`Tf_IElGJ}pY$Jd
zwK_xBp6`j-3rV)fq*WG<+dnfzBK)sFV{X(37a6}4A+{luR!id2wa>}j_F63E;p^Ay
z=)5Mu*ylnQO4hN2nC4h3vpsgxUsob#0-Y&Zl&yCo_S<d(N6?8xGhFw__RiFqlK39B
zQ}=7ujx%-Ny=wo=F{5{`)DxJ$S)`e$le9x8<3i-*w<(PGMKf*7<1+NFQ2#*~Se@pI
zrjfv-H{fb#EjVzwXK6VPiZ_RD^~qUyix5t4bpH7ICn2#Z4!b0SO|Qof&QO`&5k0Rz
zX<F99fAI_r>RY{@%BBjtA+}VV<S+em981)dn*=d?;;<LtCZ27W{L{VYTY?`Z0}wlA
zx;LisWomdelvCeoca5ZuZgZ^>Df-QvAa2apmZi@W4G)=x5SgO~hH(x@4&N`BG~ysh
zGQ5gs5J-$>LA5v-pq#8;qC^tjS1AnMFR|!kpvp~HxDE1Qc-)uwFTE=^ods~Pzn&7g
z<Wiok;%72Ud)j?Fh;Dny>#SiR%3W59pgq;Pzieo?;?c@J1@5uPzxriot^8S&oj>f#
z&SGfqhbj~9jqd|4ti<%wMMeN&Al&?_5szv3>i=uQf7ITcn0AjEuzJ2!6&01>yGM%v
zdbH9O?kAvVu#c`5<!G}O8T0Nkd#7%}?Ray72kTC~7jLS!wrN6g;>0>18f1w)2A6g|
z30CD}B{r$S7&aqA&BlsBfiF}|cxDk$`%74**{2{zgPR$3x!{>-ci7uUuk;!*OvQm)
zG!&%=H_ALByr0D=+!Z$;uyd0M^6{W{SAVus@hcV#Suf-rq1^lNvyVQa<RE;}CS*l}
zV5rXeB9|})tg!F(1$ZG_!PdiqJy+|vabT2;@(@9+!_CW{O=%&2a?F+15;IRjZhbLR
zrxKU{Qinpxo|Dda@tHc(c5mXg?>}r(b?&__VI$^fpUI)=IMe#QbOC4*R(ct2z9c4R
z?gPmP)jn^To^`SiDO+CQWX0l|2HlL9LzU>otuxH$wF@okf6MI7>N619={WBgaD*N#
zaqh?jR{z~-jX0wc45@K;cJV|-lyXju>feQTRocGU7pm5J#y1!%HAx%rV?@Co`*_^c
zjqn^F8wpZ-0@hQ9So%giNWS;f@;4WE*WAwkikWc$E!R?RhnDO)U<#4y%v#G=$6?lR
zcen^kCq83vom-@hFK6J)t8F++XTCJj_^S}<2=h{%s-)EH+Cl1Y3sq#*I3)(s5r3((
z`yDo>Ql-5a8~C~i#?t4H_WcX4G;S$kc3sGx+%(xR1{5{FzL>$vImPDn`^M%swX+9M
zz#ecE^#w<SzxLxr%@6WlMh(bN6Ignd(x0fcPnLq&XrXT-*8^A&p)B@z4OAyH`f*9D
z48STT9V(jlEaK?c#Q3)r6e;rH9jICf8oL7wQu|qhWH#{}WP~Azn8rsWZAB27ZwH=k
z%fS5an>LUy2}9492~4ESTHLAztXS9fDAE(Z9SkQiGN(z=Je0%N6BiKcIBFAUWO(Cf
z!ZLpus*00Ia8<m@^CZq8GA0g*`|6h$Z*I;1J=UNA`BCGA@C7gdrn_Mp2g1!6xlkjL
z6<UA<s}0J25@nPclFbdjleyY()Hi8lF>?;^Ep+Jf&>WpQ<nv%F_t9u^BPrxt)7GUb
zCyVmBd;Ya9M)vGi0WE=ET}5gn+p`;Z@I?8Ti7-WroBI)_>f+#j`5XX|RdMuk!|@(P
z#USZ=(-GO2$so?4n_A@CGzE<Z-{(53j-QHkxX#fh%!hAI6(3#Df<e1%Zv94ngPc~~
z4+}Hio2hh~m0($Wh<uw~vWIo3KPpPVvmorQ3q({{=Q}v<&68q-J3j=^eCqA7U)Os<
zlO|k{hNKLI%8F&*eUurlptAIu64i5A{8m^c_UBDFq@5Ei+gqm)W}S=Fa^;^phB#p2
zeiT2>6r56kJg^gjl&c%UV)1k>PA5)De4h-fg4d+#(QR1q>s3vH8P#EK1Nv^o-|D_j
zQlN3$`ZYuIDZPb75z6jpqz#5y=<9bnyhJv*!rOh{-_E^k=#`=H(|D*1aW(eQsD4#1
zi`8$OR7g>boF{hPbCAPD5MuMBU7AiPL+xa6gd7(u3_Cp5g)W`j9dhdp8yn>O)U%W3
z>Jlu3@EtEK>hK4gKY}1!a?sG!MzmN<&87Rh#uWa!(Y_gH)6uJiukaIG?T4X?*7vzr
zlJ}WjdfS&tn!+Q>hH)ALBL>!9B54NC!fw+|d)Ee#a1O^{PP|ut*d;gdSOT~0<FD9Q
zecVu{Y<mv5^mNa;xM05uG#+-U;(5<j*{_#$k6xS~{dd`!^A~LFeF=W%iP5V|>jd{I
z-ObdD#+`+gEz7)qk{81qt|y}hqw*+@$bFuYb=LRfO=E42l#EMB?jC@Yp1il^4%OH8
z1?jdIY@&k=o*Nxsm=qD*|J1AeI86o>hGTP472^?fFb5>Q(kO-_@x}#DN5V&m*v#(U
zqYRGg=#utG;r_F-s7pjCbs%?M7z!Zwvav{GXZXG@MR0-MVf02ylh@M{ANSg2<6;eU
z{b<wrLcv3I$Y%OT!ZO9}TC^3`>)H~}4aQGJ&*n=7e&I5Rmk}NQ>)f_*7$q4E;+cZg
zV<zr2vV>>53DYjiMHafFf~$Jbvn!zcPox$Y4IY8R<}Wyd_!Tt94I%A42l7Sr1ZHc_
z1V@-whUkImeaA;F?pcTqCtpAdqA4q52iAz;gEJ@b1UrJ);KqD{roq(X{tHO}BUieC
zTKMg{sYAPw8Vtq2at6mIfinuI#kr^@v#<^lHf5@0@)t-dL&CTXnMhglFE=U*ndL4>
zdMfb#sY4zOr`=)?qQ^=%9mnZyIJcR1r>HSB&sP!NNZRfZ<0$SewlnQwZnf&^v*vJP
zKx9Z54!Oo9lHHzwO&oEc?rmR%I{kvwV7o~rHbV5*(+1YcAL;2K3F*!j@2;gWMAg+z
zpd^G;fg_LRA;slAG70W5(JJ^TJvgCcDm}=uEj0-H6#3Rkb%qphp0s&BD^bwU-Lp3<
zhKl9k=$XKRv0zq`4cn2duBgi9i|$zYC$54m<?#L@n%Cla`74!S_@HODbqodn6udXx
zv+zV|$Of^<K66xKC*At4Z|6hO2PfGk$#-7MG!`ExE>G&{cy-3filZ7$bk7$XJ<2XJ
z_|RN!7wL7K^$K+qY&~mcc+R_<wOzR{%a<$7Pmz*Gu6i!VTrO1dGoWkTds-LcZo^hg
zTL|3D+@Is4a3o;G!k(`D$+5K3B@I#ILb3JU(mjY1O_h?euT4yG(KtQ)Y8zv`zW>Wd
zciRQ;Puon;*&AT6BI7th;g%RO;O2_A+RN(x8*&#)mF(6~pVwTLxB6zPZ23sn9Dew+
zBHtnLf&%N+X2eOQpuOyd$tk<>1vA}N4*=`RjmhXi7B+svewwat>b-&{i!I?qN?8tF
zO8()n6KfVKk<G#?s!!~ahCfVElm7D_Zcmbo>-~ls<Y>R>o6Mkxma^PCI4Vy__dyTx
z8ogDxc`HUZFm=yZk7{y{Qe6UCJ?D%WQG<lg;{=!w+{>Z2vpX)Jx2kPpgRipB@xkoB
z`97vdg*_b9uTOJ#$*BisR)zTtYPCwB@nQvwHY%A>#t{Pyb)R`co&%KKY>X+!m{H>%
z#aa0BBn~FdV1wM!bc*?kwRHxXzH<iXCG)2dL{m{Z$bosshmGkeBJ1LjbwI;JYZ(+`
zE*XQSyJ=86b&seriEGg8Y3Lq2!jr`Er;<ww_6}pL(y8K%>*(*S5zqOGvDPS<gFR42
zp@5r{MHPpQSc_jU?V0?s3+F#4p@@j1?#vw)hSI}%&SZ0lk>6G+ietfFLwzxi7PG~V
z-Ha6{RB>pCJDPLddQ|pVk+mZ=KVnpAc9;RL7l6v`#Dw$LKXuWX^f3)b7^8B}{$`3N
zoSCswqUmHP5urLzP%?hity~n%RCVlRoJjEBA;?c}f+3r}2p9yz)I|u@HdwFEG=yCo
z*_Cjv+`^1Mc@HclTl~f*dN<Znq;tQ}_KDBR@VF3b`A3Uc#DV$s?Fg<(XG41WLi;GW
zqW<5bAxo(M<HQ$3IMh;s;;)RtF)DTUDmi1zD2G^H2@>=c{WRb|#cwWU#QJAE=0*o_
zSn<mdFE)hi>)KG^o4aRiX?Oz{(LFr$O`AW>vgq@1deLT(LR4Xm^<t5#uY4~VuKE>^
z9Yhv?c=IHk`L_Ncu<RI2e(cIo?fs@BzA<B;t?;@*DU?qMcw1~l)50*^xfrv!peN9q
zgZ<AFML8nos5)~`!jLfM1yjud#*RbOp=krrLZDg7RhH@RVvRx*d$<AfeK=1W9~p+?
z-io(#36Ah5Mr!{9yJ7mJs9hSk@RqshI>5nREP1K=&d+-&dm=vL+tA4po2RPe&iICE
z|KZDCc(sqs1SK$hX*J9O>g?sA2Y5a~fCRxaoW4Gb{%wEmQK?=&e4Tl1s_dcYWLCuI
z^U=CTZn`pUxjS)sy$LYd9V1Tr;Gb9-0~>(@CI$%G62&w!v4o+D^!A0jyvl;&mam`b
z|4;_JLgbrY>ty(EvLT2Ju*oLECYzLK?imoW8t9;X_PMPjA#^Yvex(}1Z#8?Zn*Z|q
z{d0axznVU><|>1;#Gs8TeZiI50A#|q_#*7hcXqQW6pb1;;4kQnPSD~WJ;`RRGQeoT
z$kD~YfdY8UEq6?_V6B-p*RgL!>)NDlahATEOCx0|wa2+RKkm}AIbmoET?4d}A??yu
za<7!Ku1=c}aV4p|U8{<Ji>TIQ2n};r+KC=Df}%bIml!mYG2lSF6AqLHbyveo{VQoi
z98z`v3^U>!wzx*1`1bS47m$2T=Hc{zw#+5Y72<9*whOY2b()vki9rM3tmkxz8knF}
z+}dxqdv<%ZHB&I<N|Hz}YJfTMMb4!clO_Gmo6<S^Z*6XcwmQQ*nit6zr?_hueG#Gh
z(?OX@3rG6QDS0u&Vb?IX%MW_eHM!$=R;?%o^SjEGsLAcIeBu@mrL9n!@SI@fZ!@(S
zfn~O78y7ybGClvY9ET!yyZsR)X0~a!&M@n;drkSC%F#+F1G*JXUc(3Qoqa8Me%t$a
zA>R4}DRp8UecG<EC2Gs0qQ3$^4zt!&?lCwZeV-oB^x9CF_n`0&DC?rO_o0nTt3t78
zt(AN6;CMy-V@^2GX@6^gY*=b4L?_S*mKfqEqWf4o2R&K*e09leSsu-Ff+w%+Nh1V0
z6G^%ZKN;eXp;qlFvt3R)fY*ee!Lj_0fpK)#e#8zxJ};NL+(>PTy?ARaGDf$H;Fy4j
zzZTrHve)Ov!W2H2{j^Jym*XHnP#V+OSF|3&EVryon4gF;gO{H@f6$u#V-+xG$$6e-
z?v$(!xk?c@41s%Uc{nGC56xTau6g29>t}?&{vjNex1^hz)wIh-Q%b}kwNPSYrsQSi
zkbDrwGuBrQjQdr>{lr7Bc;`cS;9r858y}AAoe2vb{@0YSYIY8t?MwDdvx-YQ;?Xai
z`jiQy2MUw&`)OJ<&44=G4*XkF#VskYgI^^WJv)-Cc3pUBm?hOrBshhDGzIH}4eaA8
zMt0Q-MO@AsYB};hLKtXrDGz9JPT%Fy43RrATO#}ORm^;S#oqOoP*{S4R^rOM6!x;`
zB}l8a9HsO(+iaNEd+5iM%cF}6eGhi{`~~BKJ~j9}EAHxK&I>!wW!>3{<zuZf7f9+m
z)SOo$hRv=vfxK9vUAM3>k>d5i945k@@#ku#9?!R;FO{i^&!Rbt{85!D6{v~#DV(r!
z&&$$aB7nZJ{7-}%{FgWG%#(ja$dx*kyuGgDrlQ|PXo>Z+zAi7_{}?HruTge!?nBNx
z?vgFGRQLP$+79sP5&?Kubd5xR|7Om!bpa$5AS2ew3%Ke|HqKiU&iKStnvhqP^C1l;
zOrdwNdT+jOfBK8}X@UQe(%2X4g47MTX}y8#3UKa8o5qDdtj+MO_)}GwiGF5`S<Iw$
zW;GcAHMEb>Nlw$Mb!ffL5c9B`J@Ib<)vi$~ME4VE?6++?N4npFKIHd0zjSw{&JTP*
z(}aPki-J{diOpxx7ZvBJDn#@9`u&Ca4;)ufLKy_YHr#yJS9xIGa=Od5`RS>zO)Bmv
zz2!mdm3eem!a@E@$!O@Eii~)%3A56@hx|vN={Y*{_{H;^t=Zi(P~4X|tk#~DPBaf3
z!0t3;i6DC%qG->y^oJY;;O<^PiyncXj*@?b?6F7-W3p!=Y2yYnNyBF@Rm{e0_n!Ms
z9yteB>;EGcHu4fQ+?sIU<L@ta%~`ceX7N<WH-uM)wqfxEdF;XGg}B|b>OKD%wB)vI
zyQ@IR5c_F79ManuaG^B*^5PFxhP)K4_cN+yM{J_PHIZJQlpj^{Z*z9uQ^`Dmp9{_A
zlB=qTe|rcs#+QQZ|1-vwh4vM8_~m&y)3W6zQ~d0qwv}InkrhAfpd;P)fXeF{Hqw1r
z*lU{>tJq#v;mlx0P05+<K1*)K`|8&99W}OT8};CjN^Ne_g~CLfqd$BRjkg8{u;fx5
z0n-s4OH5iDnV&7e)m0&OQdLM)2LmBfbFjZ&6E;TeAJv%l;3Wg&v2!90_I`<RWAAvC
z?eA%^c~?Dkw!0l&MA4gp`UI}iGeeowf%6|>%&h~%*bnqCu4;5EdlP!~RJT9;VfA;S
zwdDrCNR%0nspWeCr2A5=p0i4VYK!UD#~ykq%#TMKshsVdEnt0pt%B3hR9DAsO}_Ie
z>znU*wMC^tA6Bcw`RR8@CYu&GJ#coGVb!0u`9s>i2BbH8lE>iIP+a;t3ey(uq@NG<
zH>G2P-l49rggyox^9=<3Z=YW`RzhtOdx>Mjsh7sjKgN-!+tROs5$k~1%sT%&{Bc1H
zOK{=t4MhR0G`|yn*2;aW_=iJPFxU;63zf^IrAinLYF(PHOGd;-FHNjjZ?Ydvk5T{l
z5R+>udMkOt4Bb#8loOcfJjO7kx2}j$C0b>qi<DS&-YMxMBlw^Ps)QN-3s!gwj^2iD
z*lTJaP|-~D>59?%rp2{{JM~%J=CWAxr=(XIGcx;LEA-{uHEY8n9ETj{^t^Y<g<A?A
zPVfTo@DeU-E)KR7_<zROaLXF4g=^7(w+=+D$N1vVvt>DJ50!|AQlyOj(pU8vYqs>w
zh77;cCW#v34Qb?<&j&Lo`}E(CzS2)3m#1p2`FS{86O>8&m_>J?eWyJpHamFQrK9!U
zN={<#NRxarzqTYzcT1s++H6UZ+tJ59Np8ElJMHvnNX#-9zV6nep84?0xZh#Mub@+E
z7w%ehz;A>ez^;hAZkFQ#4fZOGIF-AbozQ!cn<X0I)A@&HuocK{DlS`em@!R2kOa)j
z^lCSwpOck^=Kt28KA%!zti(t%=U`OU`#t0?NmlhqPZRd)X=2}rJ^;r^CpkB($b2C+
zUV=VFQkGOXX_7!SDxb$4HUj4##*;6?IniGc`7-~!aNU3-Od2a;`2+G)cP>HWdub`q
zNVN6!ywC@~V(b22{Il+@b$8nQ`ywv-v}!_zHKEsfhwB4o*nimYc}+Ok+JvIbJP45J
zBD7A*Z$iq*Bje1vMj>ayn{)QcA`<1<kl4DQiT|n)*y!VQ$HX-UPqB4}0hM&yKqDK+
zTJGPIGFm_M%CM{Xk5UbE>&{)kBoe0DBg)iZO1x5IcV&nTq~s4%qiccc(xAw#`1s0a
z!fkLrso<43*ra(RvP}<^6a7Ls<dua&k{+<)Ucaot(ze>&8r`q%+G^TpN?X&;1*u71
z*20)DYLpt~)Vz;=_lqJw7v8xDge_D8apFVz+|bo4@6IwPeQx>}xdir<^WM}`1)y8`
zCtz8oit1?fot`_ea~kjBnLRLBs`O#|Sit^B4k~1g%$!}9lBGD~`BbnNdQRP)A1A(q
zq}t@UJJ3`Xm!@&bQ2U7JW783)lU-idItv1uaMTT_ri|;=I>mecC|*PwBzrnp$MxES
zIgz@<ii@h%MhefN&f?TVo+@9*iv61Hmh*h&Mk2C!0TRy0S|&EX62r*)z-X;y@15oe
zD|AE6iyveVFVZM~XSTz4HYj0ayk+iQ%%S3`6jVz<bHR}JD2LH8T;8^}u)Mb3ai~7S
z?21-S^c}>o>}>5<o7NAzh$F5YyFAF^m)A4lTg!Z%2PUQ1Xihp(_u#zjnK%nY@APFS
zMR@ASCQmnQYGw+v9#6(e8!kd;f<vk&T~>#4yr<E6Ov4D*e=0-buzy;OB%h)VlfxHM
zgI)yu>Jsp`-}_1v{4ouac#BN^kovg}hF;=hHcp9*s>gOroCxtHwX@G<VMDfy`b}zQ
zu1oj%>C%Red$?3rWO!2f9Li;lhOJBNv)wOAI<C8yU#8@ISeqt_m$e$W1&Wt5vG#ZX
znz6T=pj-FJWn3N|N2$_<62SY`_Z*ig(~i$IiW5KOhsKRky{Ywxn;<mMK6a6{yjsii
zXwI&?4gGw3;sjh+pl8MPIG#f7;=!;RP<smL&&NhxakG7T3_B+~^X+I>+}jzm8f-!?
z9>kW|dxtqIPBTe;A`B6eR*cuDfv@QD>EQn7HuCp+h`e3yM1Bxt=rnL7<YUuK_9<6K
zftO8mAqAG`K?mn0h1=_%KMN58@LJ+G`NGkvBCcdj)tc}Hz$s6q7dhPyMViwavYRR_
zI2+{bz;E3@(3oY%n?NUQHRmtbWv^WfJj)L30@h>$uOC={6Sp3Eq1WyM>vw;oL^Z-}
zC_?kk2na!{uE|-iDE#J$HNa4&gu5VHd5v@QnDaW^KRG(3_r0dG<Hy{AC-|wBG?<?^
zKf$RM44E1T<!s(t^}VqVw_ji{BWt|xze(a4-K#fWHLOFfa^}N>22<CR)p3(qGK-I6
z1}9Y=6aB_{ve^{4%!_*u%l~1SsEgsvSl{oAu^(RguNrGpE`bc_XY)q~_tD~;iUUc)
zqEV_Mx#x?qFl4ukbMN;TTrTmp-`|9ufKZl3R8$NviRroxH8XJVt|p5`=y7`7s82da
z>j3k*k;<g^pH#TY`}YxX<7y!25OBim^yFoo#(kqh`s`4$4RI`YqcS(IvF`49hvS8_
zUL|nZ<@6dl8TWF=d)8~^u8<9^n=0#M%mHD8z1gR(C!b{68vNTp1>rcvEsJd6r~RG5
z*qcO=%{HFVH!<SE4`w&=CQ<l|F=UsS)S#fVS2A1fH`R=1c#+2Eu}Bf+Mjwilf-}79
z5Kf|);Kzb_l7Rs66+7|kMh?}IryOk&vzx$k%e-!AYKQQTK~NU7OW6L7Bo(9+e}4g0
zR@uM5v@Hi3$Z&tXha~bYULbHOo1J><$`P1Q&)&4CA7`Wk@ODkEo$n18qCD)zK`|YF
z1v{rl!1O>Rzd}vK$v00H5hPXmap3kPnJf#nMWI`qfFk#6)x2lzCm5{MMI{&d3oGvk
zyhHB7+lA>y$w+v|P9SDGCEvoIg8j6DEk)g-2vaC+%)DiFMbwbPloXAo<(9~rW7D?L
zw;pNe+2|as2TCmC8DR(y{H7vxM!a1^mT}W@0ph1q3NyrXyw<ZtQX+W!l?mV42|21#
zu(Ev~HDW^W-RCZRT!3yA%a0aw@4#NJNV!^#_Cz=>q#Ld2&^q@}j7JU~?18|VT7WJ(
zJGJLVRZjq&YAd@w{<U@P^{#Hl-1oSJM&&wfpAGz0cA3i~`_2+HU&DRryknU9?fUKf
zWsJSh!+HVudXYWCFt1Q$cHPv!1y(wH#w!ui_(|myL7j+CEa}7X*PRbX`#3)Q3zJc&
zh#Z+-B&pv*9Rp62K4&zABA@l=QxsB;!s7>>^Xf81Tn9&5W23uJg-P9Qv|qW*k2?Rf
z1)A0^TgS54&drt=ydMpk2+H6}+M7$d_;qIl{Y$274O`$Qs&?V)S~>rc_Fh8FKSYNq
z!8q~j{Kw+&B|N@PhdRB71dl=_AReZ9kw7D0LL?-8j+7KXu9U81Ij@nIHHCr`<x0}%
zi=Vj6ffla-w$;n-cOUoY&xGJxxIF7M_B?06(168=m4Nc;0Rn24uL%ySweTF;sVuJV
z`WD&`Oe*sdo`E=y=kRybBm07gmgQ%5rxKlhC%pKqXt(H-oz}2XKD2gRm$BR-9P2u4
zBy?e9`(glOqm<2te{!|b7xw<5Vw5avAol%V$}X`K@>L?n8LmVH1>Ex}At2|PDzTy`
zrEi0i-}^G8H&qm{0Yd-s2C^(Tvfb5SjLmhesNlrUp#7hhmm*owXXsW>*lxX{T?^g0
z9)~6<-4}<t8q;1J$NbwUGh10#-+YEgXsth0yL)*JBHf;)gWmCA-&P)wZB>}oej)4L
zJ%i457?@1pG?p66(guM;{Nli%-Nk-5ZarE0ME=cm9Gyz3Jaqj()M(a5y{n1@tAT(_
z^z5p5{a3$<t(+u~6~{2uU%3*WOHz+uUD_i&fs-QoPv!(T517n+e`MAg6?^J_)VJru
zyT-6=h>51_7zx`As`IV~H@8D`Ue@=F?P!{Y^}Cq^YC`<-6A;at+k=F$dmPu*VL7A$
zGqdE$5nm@?Vu7{Kbo-lzWwBg0PjCIBBO};Qp%gRwc^L<MwV@?%<Cez5@rn>^-!lgG
z^A<XuCJvAiKPWp7Pl^~CO*>=9-qU15t*j6#JmE_{Elv@7pcD(35tdgkoUe`v<|BXo
zFNa9WOV$%0MtE>O3Hf+*lcuM>Wk4PJ67w~mm+iS&)1Kc{8X_CKbjs@?sruQ7yLY9;
zWZoNN&JNcQ?46;ktJy(q-T;}LW`j9t$A(mg>!O1F2`@-)BOh@2-Gu}<L((rLchq%y
zr`f%lRf@ZvHjGrWXa8KKlNZta`khWy!@Ux$>Y_~D`h7qliX696LZ6n2Uq%>ju2R#)
zK8_3;y#)84#NkW)?_c}jM+Ix8eq0(82FhN)Xuf?xYtR5KxfHz4yyPs3Jn~8~2@#66
zzx7sSqMLID>;{CGfxcc65XTMoc2_ec9PJWKGzP7ezpk9Nele#l<Hma(z!wH|x47Ip
zN6ut)n=%w&bjAFRqbI=F?rqTi<SX?MF}>qnaySd=AtfeLnZ%lD`mspmS<ATRmXkM}
z$iIM2GKK!6=ZB~_G4{^fb=?zCsoE_s`0CWNQ8PFk$OQ0an>jVeM{TyPzr`=lG|oV7
zK#a7UOOLVB*&W*TS>U7!oLse^^Ax|H74S|HJgT1P$kbzELgM}dm{xlF^}M4xyaf?R
zu#BYN0EJYP$vU|t{ZXUUVwJTKU@iF=@5SIm5&o@fcnh}xf*<||KdpDY%~A)l6w0lK
zfyTuYOo7IWjv`|XP$Km42~m0Rn76X7Dh`eAvj+$Jn(UfHGr|WF84LX9UAv01%RF)K
zQOPm=AI?23Or>5SB)&(*@vU(3D~Y$K%_<<Lq#6;XK2UJAQ4sSX8X&LBMusCtdX(Uh
z=RJ}i{%e1j1fx<1m!73_Mb7x3pLgoho*c_2L-;m(A9#n3O^C`=?u~zB-!rA<0hp{)
zYoR0OUgwr}O-AuW=!+g-*96PBcgRO#ehNP1jR5LiMEEdt1XMm8WhPYR&+K9!b<1OK
z1<*UFv5faFeNt4IEDqzI!-hPXCnvxg9f7?Qv5^D2qD?E<>sB^D=i;Cozo;sJZNNrV
z?NtCCF!6Ra5Na*ETH}7O?A&3nbz_3IU7oP|7RJ*96`&*HZ5<p$qa97EfDLkkR@;iy
zE_&(_t8Kx9InL#VTHg+!oaM3z2>K6{odX;kR0akdhW7Vy1gK1q6JcN!6i8rME+!$j
zEXe<2Qdk7)$O(t=|5l3c32dd{U@K*!wEeyVg?z!bMIqkfm6`Hz&4Ee}_%8Z)9(ekI
zy|(wGArLGBnu7S!)<pm_k-TS-8QA*I4^y)#4E-Js6ZXx*ULxS&qvBXGn72?W`Ammy
zab!2|efglACH$jD2d~?lSo<2~{E4C8W2B8B)br~IuMng|+c3*JhhJ{|vNaQjZlyH4
zx#VJCleWo!Zw`vZ=T%7PE3cD>v`zwBR%v$M-Bq>P1M8iYxHH(jVpq2e765IQrs=}>
zB)r@Oo3rnBm_Z<|`h+Ri^X}Q22Wnj;E!(zNwqSkT{X0h6D@n#?1z&Jo%a3F>La;&a
z*#{{50UY_WMnosN9Vzl>4{BuH(Gy~5_t$HG<r|XD%VPc(Da&nl1o(ck;^)gzOhg|s
zhDcu6kVkeU<qj%R#}85e_t-%LoKgqtQ_T~x;B=!z2CL|`1%Yjn!{CWE;U6j!+`gY)
zk1q>Z*NsBmT6JfgDgnki{pF~Ob8YF_^foR`fj=Aay)SmjyIlXaP8p(ZoJWuJp@t=h
z7{47#jz9^F8?O#l$T9w|dS{N2Fj<aAG(x}-_OB_>d~*XX40{QwcVk^ku{0>u*aRbh
zP#oL(xlMEas>3R+1rG}g=DjCXy=D=`3L5O~aN9`UHpjCD+2b*8xqG#aogq&{HWZ1O
zasCrQfStx(ae~5((tI<o{RuH>Z-)Q&`D+m|vi?30faZe*pXo>4=?Wrpi5ch{Z2l{T
ztEzl;Ljxa>9+L{<gU=9$Hw3_vEId?|1miO7{(`rHxk9hW^=XZiXNkiVb$hEyNP)6J
zm5*Jx`Qjw+^Z;w&6<l<qtm1y5=dLaNDqvF8AI<`F!wWS&c<7V80n1j^y`JD@)eO+}
zI9>xK;r%E2)V7z$TdYFv<8t&Yp0~Q7u@XYQ+f7V#$24COFOH;$2b?dA39IsxACZNI
z$daMpgQq8pheV$N(n1)DK3T8lV3=>u#HBCw0gU*qa16NqYfk8f=b~$QP0-iVIM^*!
zQjRZfnBd4#z1(eEIMc_6T|wJld$6+UajTR_%XfS1q6mPpndDoFG?mXm(34@bH1=bJ
zA#X#C?-J`u-vnB~{1XRXZcovd!vrY;K?gNI(ND+uJ+7oq4u?DeHnHf8QhgqrsUOI*
zogNk+)`%{FZ4gUmB-cb4L;ZD9!3a+I<VCfT(cr27&YW>t?Bw|u_fpWSY^O(S!Zq-o
z3}6@9Yv52dMk<rVO7qS&v~M0+)aedIvFGEqqg;V8!6AD-=AU<r3K*rgbWuf0ro1od
zt`I3?n^r;BJ#P6s5ZU52+79c?Bgkxv>iA1Q(Y#f2YY(k9cf~<A;m25>;-20KbV&lw
zN)It`+|!!;7pO<}x^MEo4r~%Wlwa~*NF4<vE}`H$&{I{*u~uT(d@k%%RTv{-(v8(o
z?i+N;uBgf8`#^s2c<8Ut<GqApD|}>cUnYSiMN=JqqHZ%Xq4qVtxXGi>MiyVH;nduZ
z{-&>opUK@s$4=|X5+|2_&1&b8z>){DX@1epjBmt3Qh0}mht`z~{rll^5M8ckGH`aH
zjAYORR5~01hs9;_(Wh+oW2T~1t1W!-%ten$tHl`g0nT>C3RFG0__eg&C-Q>2Wa8T$
zlUDi!C&z`wn_U11)?O@c(edWPMet~gB@%_B|KDx|Ee0_hg9rvAj!v2oW~@Oqqx39y
zSwE$6r7D4L`&3H$0xj%PB?d91$C|tr!aIFek_Z@LS9Z`h@bF**+oONgDL+rRWnz!B
zXB;!dsrxD6E=zmtlmRQA&TQYDhiJ8ULC$V|ta{Y?@R{g-=y`*4w1dHV>jVa@Ea_7=
z`*tgpy54iOsMpd4<*`|RP)Y09w5ar8#I@3wNMLum9e@JlX{Ewrp%|h?YEtzK^?iO`
zK$874-4#-Db+3HTM$>`#-0IzN0l$mcm~>+5W;%8{RBD_2F9c=Qw_)mDGU~UB5my6J
zqmVRlQe_Xv1}l&$Oxt74!KJBxgMz1phNT~4oN*o;JMKzw3JikAB{gUSvIy*ar4EDM
zZxg+}TD?*6-NL{;{-V;f3Fo0sj~!Qf>t1)e;Y=~KWpKST%FRZhTYS_Oe=0##VYVY!
z#fFVH(Hi2E?5a<=-z)cS`}t4$QTr@ohxqi5g-1uV*tPCDbKs5ikt6k;$Q~8hZ>d|r
zb0bO=#lGC5l`$F>?ggE8>WlNvcVBd9&;<~8j~ELVVqS^DcvAoyUl!cGzimJ){!yc^
zNYXy|IjMw{NMP-o%NG*A4pgSCD)|{85ko4|#ZgN9Es$Xn`Ed;c5k8x`lH|mMI>NP$
z1pM~eTjdX*S{+rk+|JVKu+5h1ikrKXt**xHqnTKV`Hn4sQd<Ic8;Q|5+1-<C%}R^k
zxXGgJbkHbWj4=1d`L&t;GTlr{l;=U;Gix|MQ5n~9nS%3&srd`5CHy_rC&R;QKNoXM
zu_buounT@OfwGr<5aoFUH}Ciac)IXEq-&)Xlj9{k$<SpBJ$7<O7HQ^3ZE&7)d`>tf
z!y>SeInvk}2|-EjsQF&p-=YNU7`JYAYB$oXf-snK=<MFDtx3vAMy>LBx?LPaNWg9$
zZmF-Qt&7aIxX5p|#Fk7Z{nnyT!~T(d8@ulIZqQElg5exz8ptz>eRyUPyeEB>^uvfL
zY1#iz9c9|ccVXmJb;^e>n?cf$A~h<(lLQ&^s<%upKgkz<KO1^a1|3S5Vrc$Pp;8Ek
zCaxsTFoh~J=^OCYi4mW*Y{)jsn`q@G>av$Q9wG;1e;OlylfGwkt#$nJnaz*=BPqmI
zBdS6^iED@Y)i<1+lX+7ijSYKSfL6xZH)b6tC7`2U6&;IZQt|wYLwLG#CIp!jpHh0D
zDR=%5XKmVu`2=%^rFU*x%1vV1zL%!wLXw##tvN;3`5swH^{_`4W<s~t#l1RzA%14S
zq25ZLXv7*YDtYsV0q!Y*kx>DofG_+)><WWw6}(52^7jc7##I{h)>BrV_4ipgMKlq8
zT%KQj-ncJqyTcsp%La+0O8PdqQR);}u@Ani{FsoZyOSzZH9cv|tv2>b4Wn+K-EY<?
z(;b;(WN!x0YYx9g+qsze6+}f*N(*`iI#VwRtStQ51|EznKHu*Py(@3xHLjZ66Wq!E
z#0(BfZ$W*!0N0hh6w^KxIdDe#K&Ezp7yaZu5RZ?;q9ncrq*ft*>5=xD81!0w-92mc
zrsmf!!0y?fG5^F(+YU7I4ise<`qaoVw~0VEE7q!XFB!y<fz?21TK&|5r~ic&J=maZ
z+q=)DRrq}~{Xi7B%X1xB-;;7fV?q<{3i9cN`Z)Fx+PA5k@8MH#bB_<$my=|RhhJl!
zCLJixjk8#G{Mw4LnH%Vu29W$@*;uO0_-S<4>tr)wnFX9+u`vAgSu*?GHr_0%!<Cr~
z6Vk=>=rDcOzzOvqTA{iFQY;@4sU#X_oaa$VewN%-(i`>Cr>{-a$%5H2JvCI-Ux~;c
zHqXAp&}YK>$DX1LLhYa46*Z#9-YI(5Nt}Dje;H&`Lj$b$IQ*EkFg2*Drd-AdXY7J@
z5gicvYvvs@?viOH^N5VBeDZCtnht*Q`)IZv)HIMXcUR;)h-V4foNn$^rxj3Mh%+l8
zO`>eLqs}?SXo23S0F_1Cwb?@%D@~1&{u_W4e)Qbd?U3qOb?MR^e}WMCR4FWG_!&ul
zz|jt8Xu@OMEz)J94qKOtwMpA2lPHK0Puzclfk<6;Fdxoy%|hC_OZ~6JBL4#Sd+|j0
zxH8?SGL?Vx(<c5pW1-v3B7)`DQ?%ER#tmB1j}|<s(G>uS;`6Dm@o3v3ySq+{E~hU8
zO~;2Pw-SlXC~QwBb7Q5O@hg>wj=8wsdG2BF9Gqr}t)V087-wtF7PU?+zOy*EFb2$H
zlbMqw)Cp=VzdA!(&aPBf({=E|@tB%AV~8^iCqFHLArjau&~Q}38A|XND~eFp86;EG
zrgKXG4xi(`0p0``Nl<Uigv3tjU~_d={5J^)oc5xLaJ@g181Okz<d!WPwS#B{pDuV8
ztA#W;*KOp5Da+Pfq(o_^;nsX=u5x~Fk0Vr~0V>K!1Z2(J*Fn67SCVi)_@A=ZUC%Ga
z_$WLS&Az}*BG!>TL5)q9;P*0lMW%zZ|6DYwDN5!E@ay{&7EC}~te_mVE)ZH@_!>dt
z-#!n=Xn#T(Zu2Y_W|k69q)NPs2(SP=R%2krc1<LOvP!qOX2p!R#kNqX_SMN{n)Ka)
zwz{ZywMDvfp+`rF9RqJ2rKP-da_NB+NoliiKym$*!jeT(g9{!}*2V~fF<DX8zwZ1L
zXC{oH2$!)SFM~xqsZh!__m}YeE8((a0i(j51ON`AGBSckn8joCbo2DKfLR|atp4hj
z9s)?(S?x4+2)`fKZg5;Vm^hbhtdZtkss2C+jwzEd-RUVJWh(;B=H7PMWSgD=Iaj4^
z7kfOf*(bf~%umXLTGHMoe#~4n!1j_iwrFHwWy)xZDJL)XZhVqQ(P-;?+G*sB@xVc6
z_COUC#R&_;VNg&hENP*^EFzukh*>-aY=4!Y1{F<CqhM6T1b2M?f7ONd{#{W$QtTb-
zDdx(i>|z<)JLhfNdOpnkmUB0T=uj`C_o_is#-o`-UCknHRW_Ui3z0jT1N}~-X%;Ka
z6w~J{Ugk%kG1tqdK*JRYLfPs%vXjMo&*g&SX~d?S6dm!FACf)%VQrIzxB0$t6Gjz(
z1%>ua8~GOw1ZR?OkQXi$#b(Jz5uSE&OrzX#y^+si;{O@!^t9PKG5N8Ptm@u7Im|{_
z+QI&44xENoJ>@qEnn3AxXB$*?q@uyxUL#L)YoYw=(O`-<$qAi{4<?Ux$VP22lhCpS
zUz5~Koa3#V+m2@Nwc0o_RY1yMb}(J2ny;D`MjjLTfB?Bd`Zf*x2YP}(V8@W36_Y9x
zi+}9=o-4~P;Y#etOs`TYbug_HMclbb{Lh%9G7&cooJbs^LLFyZJ&}#gY^2SDiu-IP
zPy)~D8A7!-?iLdlh@35}N5C46HFI9Sxo+`1!ST6NUTTPr<|?-bsv>a?ny!`Zxnf=1
z9icONqvPSftGJzJh@SE)%tBb*0WPGm{X5)2O`EVIL{z5RYi@##vQj(nC>pf5LpUqV
zZQee2D&H;{kcjASiWDO+`uDJaGtv2wOmkG<Ol-{YRzjuneT{he2PK+8ma~AbH{?=Z
zBKyhRM>}dr{>?*v6n8vgBHT<2X3v~K&A%@h80Yx4%hOX`DCnw9)9d9T3x3)$c3>n2
zc|6^()TlkZwfC*ag?EHYGs|%^1YTWhp$QbD#{@;-06=XMQ%QA%3A_Nk$*61S4mnMX
zy4XXJMVb&N2qx7pJ-dEFw>RA^$XUt$!xm(|G{wnWRLJI46zE}}{uvLKG~v%DL1DK3
zpI}BUPN+qb+;NeDF4gmbZh9fLgOyJ;&DZk!bhP_>uW<8Q&QhgJiZ??<_bNfU$1bGO
z9l<l=BgnTg*o`-ZPoAe0e{*7TZuA6N@b?yOe$?J~3$~b)<F=h#`1-;MH%rsqx^{-h
zgsW29Dk$zAy^ry2@t~B;Vd2i1PihV!lyhSmQ&yA|Ry{x*sH%qh(-jb{DwCVR4L1Dd
zD?sr&P@bl0vQz}mp9yIynuEepCxnssKQN?<5Nz~?L^v7-hIAUg8BNDT0Vf)Ngig-x
zvOz#~rZ|To+qAKy7Cecmc0Z5jK5{YIJ7x2D2F-Q2?2hT94$UN<Da@rnhZiF|bj-02
zWXV7iA$4`ZBNw+0Gple_W(T(F<dj}u!u4HwAjx@&c_iJdJBBM@{(?T&Esks+(Sy|S
z1Pr%0hF6RxyM5_)IVe77B_xvgQ8T%30N<#I(~z91OcAB{|LGmiI0)_*XEoUK59B9E
zR3nnT!{UaJY3SkK`-D4-_#nNpNF<;GreCSQ<!!gCTCI$cmDTQ9QJ4^E()N-49ZlTJ
zLOh41WW%41O42zBYd~KoChl!92y^R6T*GoFmw#2CgLo}RPdqq{B`=q+9%JH9y8sDu
z`>)o?jqcj>TeJmM>!jv(oS`nSX2yizai7Mq(YvRMaZjmq0A(>Rps6e`r(_*wtmXFU
zN;gqnUd;f{TT6GIZSUfI+H87e&6_0TpZ4bzP}A@QBU(i%?h8iorS~dP81}gF#7cno
zgZ(ds-;l>)!>)7isfuUJd-WJfta!h_+Q65GRe_7GM!JD&{rNK*WA??Rr-j-(i!VpI
zVdR?|vc-gp<hMH}61)u>#rRd|n(ls%2!kcNkPEwB9EQy+_*KmA7`RUlmRQS-fNF?}
z(~GLNdsQgalJ|NrTLVc)DU``fOJ0mx{D$jH>B(Uj+^0ux%#Hq}>$j-)2kafg>(OFu
zRp-8^d>JXSusAW|F1WMt32|Oh>YaVmXn7a?UZ6+w@fS(=fV!ls3EN-y9*udD9J0DE
zZ~Um)CrcCQ>6Myil?rFl^HG=w&X&cuq1QL-9LIRcjrG*w(ADY4m>mFnL(jo)0jd^@
zu@AW43lHQp#ea=np1KK^Gc2l$=+aHbw$0q1R(UZNoEa3Rqq4LXy)BoVQBI8c*yLJ6
zQS4bc7Zu6~>A$u9LCTus{5N4B4e;s5fsbN@7Y6Dmi-_aCz>TkoJ<*a66eQ15%8NVB
zSI3=i+kr8TETcOGNdI0n7Mp`00JD?#Fguw^-N5)N&uO$%?RK<Q^_hX2F&x*`_tuK*
z=d^MFYrQ*;QfB$abX=en5x>V2|E6anthjOE(fa)gB}GH&py^}27Y7|HhopJd%Q4ZL
z7Ty0N>Z+rvY??SocY`!acU($RKtj5^rMtU9I;0z<ySuwfx*G&8CDQ#}@q6(P&OJQ$
zxo3ALelt5WJ6i}*Sl(OL#9m1I?6B|mA^ihTV7?+T(*?o3zRQOE+Qp_m8ByhLr-b^h
z2gC5&k)&<L5vrmT8f-bt{s3tgL1@LPckl+XdA8sBu118vjOzSTl~izV-1Xp&KdNGx
zq<SI4uY&^nbD%>T2R~fO=4^bA-~>F&!2YakC$-MC&qR#=?!D()mW3iQj-Y7I^raB%
zwTX-)t%6+SnvnLWOkdK{PIE+Tr-2d1OOJ_IFeCOaqZa*$HOUFKpaK{2*1`}6^k0Bz
zVYlJvV$}&*PyQnFi3~`lntyNu2|a4$L23lrd*KF*2{)m3w+kB+F^1}2^G|<6ja=PY
z9{0d)h7LdZ`F)C}b}%c`vMyrzPUbjs-oL#52K?C2s{WB^EG&b2VKvh9b9wB-ajfa*
zzu8Rgd~)}ppH6`ZagI3;xr&0fYVQT-W8DU$JmjVj!pUe?S)mXRB_&>I)8zS4qMsw1
z9OU~T-6npEP_!ttl3;C6Qax_>Mj#8pLvdzFzByeMEYmQLY7m->u4lVIG?K))7~Ijn
z^uCj@cH&m^TweR|b4o629%Fb>Ikm3@9QWyoKWvNGd0dzFlMG6|l5?C!hU=oQn%IfN
zRxeX>z+d_6_4z!gT}=)h7=ZXV6+v4JnQV{@3uqpvwGtGFKfM1!cm;an)%z(3d58P$
z+fam<7$`Uy;v04;d{VsEPBQ&eHwQ4iucyM<w^08W0b}YL)v?^c6_ow!n0mwu?uS#W
zaQr?3p-uK~_R8Q`cFT1Q{rUn?DXVD19IY6B#?>C^Zex|Krr4p<cYlIs6e%sBPM*$;
zYNMVsYTAbR@%STTs8iSEtC$2Kl6~^Ij#%RBvj9Ju$`tM{&VSBD6AY)m9Vr3Gx#)so
z)eQdPRmq)f>eUxE5=JzfTpez4-y@|=8Kr_UTNYo}=SU%&ilbm*+o9w<5LP)#8}OLT
zxAXZNKATtH^2e7A_fa&vw!ZdENwmLt^HXM%B;6lOdLM;ScHFfO;CTBe0|cm}fuGxh
zFX(jGl#<BX30WnXOkSg1JNMuwNh`3dAZf3!@1PPV)w$4AwHhxwv7SsH2+LlGn9#!V
z(j2>vS2}>!QLnX@`k?4WZ<=tl3I&Kj-Z;8a^l<$(ZAIxr)0A=y*0RkUI_P+g_#sU)
zAMI~~<2*@3k|`pIiB+FavF<cJg2d}{Kvn1`+{7#@CBm6#eAIS>Yo7eq3}XZj|97-l
z{7Dc}Bk)dqx}6<$iAp42eDv}!=h4ROJGl;Phfw;UxV)P19USjk=h7^lLeQDta`BKl
zw6M?sUCJ>dzLa~^CzQrov8@2XaNkYy5kHQ3bco!(I+do~ncG*K675cL7!f2bdLk$H
z8%3Q4DK8yB6sF(g<6=kxC=kaMFv9#esn962a{zuSaJ#~egscpDvRAb}rXv60c}^|U
zcU;gk!$H%W?k1Ph9w)YH6_x=hrQH*S6@%cUb~gR;rgua1EJqJ?Ev>6US=N32veV6c
ztj8Nv1NZLcmR={>Ftxo{P{R4xYp$*+WBzyuTEVuc?F@Yaj|qRsGu6H(aL9q|Z=M!L
zQj{VoQt~ZVH6;lYn%MjB7<mI0y018HR)o;F;9^%7J_oO&pL4<VofI^+=s#0~z{vAN
zFbPFmQs_Z)J9Cl4bQjU39!-~qVf@YLk6K@cK7Y*IJ^PfWh;M)Y#&dvP3Y#m)dT9*n
zQeyqwiM@*LxeAoE5mik>s7SOs|KxJv_I$CD5$)7IvYX8ZSyccfNouEapsAiTO4|LW
zA*GpmCy&0LYj40d+IC~{YA;UpkT@F9g2W&tPf)}+gAwv`3i(yT8@QkU_&wF_BPwat
zOKN9}yzE3rJ9ZTu2{javfwyPYWTI2Lh)|=wQh-p8eybj_Qc#C7!FgACRxogO8rDo-
z)UL#R-YqjhHd+LGjy1Hn*YPuG5+*Yx<zV`Qf=vI@-_v|EZ|^0Tt`eCRbheaOiVSIr
zMW!CB+c8b!zP?A;RyT5sM-_8l?1TLBuajgxk*@bpL?u6{nk4_Hn*)=h^YJhx9-ynG
zUBcbbx9o$Hth2B;{XKz?>AfMfiqOhUK}F-&F8*-8OgA^T-97`BzW;hRVCwi$w+Ce1
zyy1_OSdaQ7&Uh?z(D(j)M17_%rU-F5w|YwPPjAkQeoW%O26N{Cyf1Mjcng#d+BBt@
z^1pk!r>*>zm)_XfO)_I+@RKOL>D}&h!9;UQ0bSI}>70XQG;UpDn1~X8aUPx`%6He+
ztVjN&J-&^{u4aO1H%-QgTQ`=9ztd^&Z`Ed8^cef)W|-8ktp=4{%JaL9=3vZ|PEp+$
zbVJH--b#jn)_*NFDqvc*?MStw!t6JjAN;6TKR-$$D7VyE|A_hn3!;YQgIU_-r$dv+
z*aU4Q8gz+2gQf2Er8#xh9xG7BuglJN4?B*C`gIAf4_vlASycaaUPSKK)nZ&E81-?K
z&$q(9i5FAKGhVJ!flnqY|5a4~QL|XyNY?=LqyIKA3NQr_l?-iYs-TpPhr!SH>A1;^
zCy@LsIkNuI$@jJX8m14A6>Yg}Os@6IVAdQxLH-PFDbo@M{5XUhs>Q3B;?KFOx}@KU
zkjDx<KUA^Jj{$`2xp0eLnlpU*0?IM<gK|t&pd6DXMv#DJa|rBKGo~Kqq!Lh#ZiNK4
zyV|O{xSBCX0de-Vuo%}JY&MU>4+zTHyiE<c_&6V2p|g3r66S8_+tO6+XslgmYw5nc
zetA09tWX1;^C8`;!Po?k-1%p}oP9^vbl?fA{N*qv)Iwq2-I{hGLy1{M!Szq8tG$G!
zCi|3K?dPDUMepa1Eh>1wXT1sJx2<0?dy|itaR0U^nK|;AY{ATNruJWh%1WFwJc8pt
z^FZs5rme0<6n^hd_st3j-Tvt59y<A2Hkfn7^zn2GKg$_Z08tHr5i*9{P;w9?h&14J
z!v53ih$E0V4ieyQvUGI6Yh^=va29%Qb(qHB?JdX6yR(cG(Zp45yobn}Tmm8)A(@1*
zG!^J5H+uuikF?CMpA!-?f@2h;cH0x-aQowB4KV`+cA(^-`|S|NUg_232sQ?y*G~|=
z8skHHn=hTn?_~?KG#2k%4y_|s2*u{RLe+t4O{~*beZ@;urts<)Lbe)l1EWiDUhWBs
zSYK*nA8p?rTNjT!7E?Y{yPb&MM0(4WP(Iq4O=qGGuX~!DvNBWqpM0p-Ada<PnddQn
z96I{j{x5PjDP4k@JCWrmEi)i16Dp7D3x6K)ZOAvd9k{6Rk>c8rsX=W@(!L{t|HMts
z>20O`LBzrbknS(~mJ|*c1})D%3uOf^`rg)dr5gxMoG4zls-r5I106el9R6}D^Oi)3
z_&`0cK(9+TP>VlbV;`6y+48qJZx-`$g8mY{p$P}S6tGl2o}^tkpiaBDpnB-j!B?U)
z`hbQ7qzF@v|4hoC_TCK_BDMH9dnrBTnxzeKdmXIxs~g|Xer!lSq!nLN-`dTNRANq>
ztn8)N92?;MJtb@zW?Bn+MlF<c*_%w_CmisZ{%a{7b@f7`cHCFU$_3E(tgk~XBb(G-
zh_K?}?1kDU(TmTo#>`SFC05@VHS8UWv0|E;%$;W%G0xrQ2~Q%=d)4(FrCH8uFA5dN
z@7qpVEf4vuWEhbCOou)xW1-(?A!^xWF6rmZu}{bxE&jV?(1QehWqLzZwnv%Kb9AgQ
zvV^7IQUvBBBeJ<PF={h6?I;XWpP5Vk)ezr;mn5tOD}ey->M1phWxc{Vro_)R?8Vr(
zw~VuETGmZ-NZ%VmGmZFqR=MK<K<z8Kuh$L?-Xp!Z)9GO$wU`*D)Izzla$m+%LTSEl
z#W;%3gB|YHP<NNLve1$;seXC?S{OXo1o57}4K2FAuSvhs=)I@<$kMG6!=(qIbgs2%
zzHQc>TfGjSSG#?ox#h%+$nz0jgGMUc=R=Eg@)3r(8ZE}_;~D_I@rB-M#%=5h^-?0B
zVe4X|S54j=Z;H0a7&d>niCV&uZhE~v)V;gLExgfom7k+mMr7s17O~0c_Le1Dg!l=p
zRI4{RDpJ1x1^ib01N!}Wt9Y)qJbN{D$q)PEkT;}OuNmSHeV@j>6~m^(igD}v-xiU&
zf)8%iPg;Bn7WNbM`I|$o*IEn-dy%m=a^soPE}$;X0B2C&IchHUr`)vIHLhp(wrqD`
z%6OvPXUCJ}Sq?1V?fpq|dF{#-=V3NW$K-0+8A?kS^N!QdbgjD!%g*0}u0;LcG(b&<
zMg^?mRR#orp%k-#i%L54cK{l$P3pX|^d?Yma76{grvG%D>(YkZXN3jYx4E+i6e}kB
zsjl-=j{$y9Z^mmw@5-D;^y%~bbXn^5S1kQ1^`oWKa{Nau6BRketd0~Yw#V{23Cm(A
zq~+bHE;gL7_?maFEeppj)KgZL?~~qOC@KzH6o3+U=j|)?<UbEILo*zdFH9}__Zc_m
zB(9zGtcTV4it1eA!^Sq}k1q3NI(~gF-pJ@n2Io&j9Dfl?{px)PjTm7@wV1vl1A#Bu
z6p=jf@bl-FJ{2jSa+TtOImMN}^;_lZ->2~PZ2Uul>bE}jxI&+_V(5}kC9501V=qAs
z`OyaskRd!RX`GNEn>!w?qyj5l59fnc7N^|7FK47TO2)bo50SORB<x-8S9p3bm&v0>
zt!9Q0@n16Scvt`nT%!e+K)oF9Q^lmF?DCZ)<albiK->4(OPBto(m7PM6Qh99%Kzw!
zhwIo`X}FSJiSsrduIp{Qsb`j4GF7RZt9rzJu#C8s@_3C`KWm&7wv0@FEu&rCeEHFU
z1Cx(F=5fs47w26A)W0gC6{1#$SYw9UQ~Y^C!7VvQOD!-2_6x6vkvv7WL=2~52t282
zN9DVo(!Y%aE}pBd>!qx=RonMeHphD{TJ$mM#r$O2<lK99C0kmHVZutw*ODV5@JZl|
z%t|q5-70Bm*{^CCk;SN}@q$F*On<K7oM)F<K7SSZHua1O>CH(6YCatgp-i7s@5I{^
zuP9t&s*)kce}t%lE+?ikrHJPkjG+S5V{Xk>$XRc5qSTWhz~J6{vuJsM7?RbNj6XD+
zz)6;{`At>iqrQ}KqUmbf=rw??IKr45qq<ye@Q@3;N*;n+FlF=GTN-*B>VZEO6j*%l
z>1C<@mbAtr`&hl!-5fyej2;c^oKe+ufO|rg{p}>ThzW=~uvm&CX|$LgdaknvI@qX?
ze!y7EVNcq`g;mhOlJ+zVdnduV66K0l$%#z6u<*esFH_jeVx+_XyTC4Ckv7+e^YN=V
zg66R8pUW8vkoPOXOAj6E6+*-U6ebon&k+k^j<7Zr@lLam&p5QkT}mXd%6ScC4W*9<
zt#kmq(WMb3<%XWBLbf@SJNcmi&=lxfl+r`~PC*@uvYjREW*ByhHf)$CeJHe#XF9Cl
z1IA}UrppdGhDR<ea($(=8^Js%hTX<Lz4eq}dR0VZ`57x|&_XJKxXWKM^pvWh-|8vh
zoq)#Io`CLBoSc)yT6L+jGr!MmpgCd4*Z$C?=^hm{t8Hz%(lL2l9PjK-0FLlmxc%S>
z#ffeIS&!6-`z8^5-L=#tFo~$3eZ1+!X__0LV`BYN#Ey-3+{2LbJRWUSMG3Ael}1-e
ztN0#(0+Enl*q!pJpJ$w`B6?MvCGGa#6c1oVRYWkv_fj%~KP5dOS{xuw$GZEX=Tj~{
z*JDZ5lyY4ex^K6w7mwI4zc()_GO?kZN8^D7uRqzowi#1C)tVvtzAwm_lqgi<MCp9b
zr?e0eNvgl6Y2GrKj>i1LI6OkpUKRqh5!g?3CU|mTtVXkR7q}DM-{Pg@Yt;H?Ju^qB
z&H*ixwx1B=u^Z#ILDzkVh!B(L<AOhUm^t6ym(gMKUs7DJ@eTsd%}j;yy-BvyqeA7P
zy?k`;3gC!-Cm;&kWtdcyhpuj7?ivx5tXJ$1yA|ZWLABOszF~rQ0;)Qz)7t0P{dgLU
z*a51g&9TIc)j*bEi3;FBRpEu(6I+cN_EdAlStQsIk=c%o;NeDZ*J8g4Ef4qiI+i!5
zu2se%E{wnEpnTIe7ZGq7ig|&H_FW7kimDCEg9t`FHV$DxXfF&Wk%k{@pmEGh2v$Mk
z{D5p`JKrugn|V|j6a({8tEQ7uSb*e-5%`viTU|)gGfA(gz9An8y2^oz*@4Slq+w%X
zo|P5%)IumW+C(V!9js97F&gMEGLX*|d%aux<Kv84Ljo|!dCoW%B?kggOOgn`gZVID
zny>#Jz!8%g73JG;c_w!^H$XZhsB~+XrfAzO&SquA^Ba&bKJ_h+r#OeTXqc&{9h=>k
zp0EE^PNN=uqu>NZA90m8+Lbs$C=HWVldam7ZCPkyJQp{Ap=qq2A2D=<_X;laPn1Ll
zxezHmUny%XrgOcGLppCI?rUbqx`SJAeIQ&Yi;!0}V64Qiwc0nai0fvFDXEf!Kcrd=
zmr_DUFu=UfIL`$_rzg;1)x;=8pGpwH^JC2w7+@@zfnM&;BS-|bRcCQxVqyos<;1&J
zckC+^!@<30u|u%rXT7>jb@c+Q?-?$3xb(?bM`<|HUo+v?`%XPIPj&h9)M`AIzPDZX
z=z44?;XVa-BManpi#M!jk@hSAjCV8`a+vFsA-A-tHMD8EXL}noPR2Udt(1_sk#1Qr
z3U>A@P0Rzsrj@4eKJ%$QX%&4u&RJ={;$u&Vp3KA2pc>NmJM;``#?s?(gCX?{ujlHF
zDs(5;9j1O?;Np!6+;=Z}Kf*r)YYmn6oo3dTaaCNgM#n&9%W*<k{^&~5J6D+>K7Pu<
z_U+@@YD9ziJwFgbL#X;n*-ZD|ExUL-YG)q67Gno>Bm%=L)tCt8G|*We5cbB2bm;d}
z7V=bS3|p84zg{bY0(2p5m_G%oyq%+?rD44nn{OE$4%E^A;T7GAQ>+oPeK*ObLJ2Q2
z{6e7KALsb0*A3SrsGgWYc?;DI0#i&bzoogsZLenUNN*y=80+x<r-r<m_^yF!&K-R9
z))+JSnv0!I+mmzwG$1PbTzu8-(8+r0`23Eu?P6C9#*M#T=UvvyKDuLNNJ$}40#N5-
zpniby&D>81YxQ^5MLvg-L(lm+T*fHt?Vx03hrj3XYSGQFcP@G@3A5T2K(#tl^QJX|
ztLD>VJrwUF8MR%rHbw%?rFQm#>W(i-^fZB|=1Q&AUw;#QJ8emlWsrHS>OeW_sGmp_
z_wFoxQ1UEJD4xi#z2e9`;i|7`gMW&CFe_jwr{(^@wQt(r7Ld*ZU2muvmrn2*+o@W-
zhY8_>#0ZHIPhr-u=uG7xN;S!r8qKl2EJY>TcJ>k3UyzpT-}Midu*?D`*j6Z6MTI*^
z_qQPyep*HWoLsy+f;iJ?ie7bVuP3ez?J6W-uhX`={OVi0aA@ROfpF|pD0=NZ;C*Tr
zG`!#TP(&#p?dUEpiYE2DTPhDyMGWI~VnwW+8vHA3R17^i>Nlh0Sv~o%&@)t$Z;i!j
z>XdI1uwZyHY%`1oNf5uX+M4=Gd|&`w1`>y!Eg;TW@@ak9mAT9NhXC|-tA?j}zXBLq
zXkp{$dT(hFr+Wos7RDotN#pOSW`plHY)ud2OZ+|TJHFmKdA1S^(qW04#SEm`mC}}k
zTpL@FsSIS7{*<f!kf6&J%UbLw@`;XyRFz)Up5lhiFhbIgYzIqbYwAQbZnpOo625Hv
zewip97X|fG{{3bEJxgprTf}^-z)vl~<hqKvVOO1>zYFW}-cGAQ$9dw=eO745>bWSD
z!WEj^`R*(?;JB=m{f>$2rl>5$>v3kOeJZLsJ*Pkpb6TuCLqu*g$KagRS3i^mp0p!G
zEh*6NOl*#><UQP1yPm12!<dP0Eli>MTT^cm?KJ;fk}*BhIc*%jp2H&r<?34yBAZ)K
zq@}j2tOk@L5pLO6=;HB&cKXoK;#q>jPB_=h*Pc;naH))xH9w7TExIYAB|(7eSVpT7
z;%o$>#C*2qu3U9f!Um`Z+BmQ{M3udS?1)#Ph9#a4K~JW*`ll^+uM_Aca)$rh7R^*-
zO^NTWdrf~RF%P1|e8!mLl9WU`oRNAqVbYbd1uHr|RH^S&ymNE11e;F=R}o6ienCba
zs`O}0xhDBqa#OS>Z<t-Y=+I9!zY@eP)`&yhesQfBK5=o1Y{^sR$$egm;z4zR5y*Ns
z>|Gk$zupp0DiV+ToJd8SaS;i~@F>MwuUhn3b?_=y*5Ms({VuONN%52j%s!Gx$28K(
zCR~`8Jm^Wg?y2YPL|A*+<LGFEk?FBwEx?x~)Ooi+7!eb1pp#D&qO~aA$`A6UQt%9E
zqhiKpAT@A9i{k*=)$%mP=cUNWCT3JxnPk)`F30zS5pNA?{}alCnVBb_vI{uOQ#u6&
z0SX-E=rZd>ZgA@^MHCvBbi>TH{A}5Y?wzkxzwuE3EVGS;L<XL!j_wu~&1gK|aon4h
zd(1oTd&DhNoZf7+UWFJJ^<-DZpGwMQ|M4X!t0*e_szj<euN12}*~`T*lkls^!s5U5
zFzKqPanO|&lOR6UVppYSU)YACzd8w#gtBo@YN^fgk!`tLgo}5jhCv3HQ&pJ1T;!wi
zv;sIc&9=a7+)v7{T%h#Ltp@zRhMGORYrR*}2vt(ay;I%7%O7-WUuvyxFn&YOlH1H>
zdwrGOB~kl_IzQhKv|iZ$nxgEK;7^9Kov~3)knPeAz#aJ%TS;*dOS1bpAx?~;vrFPX
z^NqLb2kvr^DZD4wv=Q^h#o!QN-}Ut^x$8ToFa?WUWZIJ&?{6|G1B-<0sZI!aCW(jB
z(VX?eE)Fvaq%9Dh?SLOaSAW!$bo*nbjI8?v-OTecBgrzq<<9l`^X?=jir3@A)c4dM
zF4M=5^7v*z#^R!fFBKs_uH<-CLNA}(t(!C&?l1M~-0BwV&FJcNhF8sJE!v)E>Puum
z7ekltoIGbd@>c{c6hEzXD1aZ5Tj(nvw;6ichns!4)fohY$0$O2<r5Ka$+KvSq#5e5
zegU8GBSCik26csF!3R1B_MawF5hFEzdZs&x7#2;8dm`1yOpap6MHxcy-6hQ?+#%hV
z4b5C*DTFMnM%Em|u8*ugg#|UKK4)F#OaPbkG>$_$9s}WF6SU}}ho4G|zSmj%we~R|
zv35ymwNe*fh~Z-*PCin0O^8lUJ|6SAu@Zkx5}Y<m=6y{{kXoG4RkAQ~&>^Tz=KoQW
z9oi<{d+wx8aj7wv;@#riXszu#LD9M(`WlK1mGOn%E2pMqq6=l0HI$$`?Gxt#y^;K5
z_HoyrW;4Y2TJyw<G{z3S(=&pz(x28)Z^l0nEd9|_0D^SyEhpL@#wX2P7*q8?tT5p?
zCT%vX5zalj-+7GPTssTZki?W*uhRgX7C_t6@ej`NL*;81=@VpuKllO^Y)ws(B*XKz
zXccOx99*_Y)Y*Un<1s(FS}u48?ygzo`DX0&>aO6a@Z`(fovBmmHreWj`Q;OP<4EKe
z67dau;3D4J_wdU>C?P|x;WP*de($qMO7S3ubYtv=Ev%O^IH<1I2U&kdu(vP!7cV^c
zHufLPZ5$L)yZ11;oYy4$5x}{MJ+oHw)AC#SZm)cT-&|X|JQ+Z5th;;ap3Zjc_BlU_
zG`PpZr9f2q_wVZ#Xgkpv7UFZc;qL7{gx!1~-rMs?%RGnkD#w10A;9xRiE7rK`zTLt
zJSIR`YL~-T%vi~ERiFn1TA&~Ne-f=c8+#AtzwAMi7%_P4+D1olN5bL))B7T76lvy+
z&|`d1w#;UZ4BV{H&}LVysy=suQ5|mehq+sgNPNC3xgIv4J8js_x$vTY)&lm?tRF}u
zdE<F)DYPgKZQPR10rPUKGSt_q3bR1&r7J-@=uGpe2k680W}I@PrTTZ%xA#WqjocY?
zxENW5YFIZ#;jV8J0r%YA#6hR895c8D_t?{cXwUK6=gsEtoN$P!EIu6%)#GT@=xM3J
zlU^yD=sfOKpMbNxgkJ?8H3)yYm8H2pacFx}<;Pa#uIgQXI5#*aku>BlYTfp=ZFQV8
zLDUh|bKj}|_mA;EdkiCj5kSn?7-YhHu7Fa0wSg&{0*6gj;O=`LE>ks3iFZ@YTZ2Lz
zk-J&{sny^Z1l>djbb=_<hmkSk-pZE6vdvXBB+3;JXwQa{UU;CNhmy>&C4HUnuK3Ar
zsyfkXi!wZDr`eDb8L2*tTQ9^7a{fz{Y!}AG*h|nW2`hS<sfCBC5$oe6vvT#)=1PlF
z)zTr6q9AsfaD$HjBgDZ>aTi!ULOJ-doWOV$@B?$HvZIBIv$D`ivEpF||KR0$44}|H
zcdu^24#_c^=D@Posba56Z|$h3prcFPu5tYIPUVC0bq3L8Z<}Heh4wVe_z~e!W>Yi)
zlEoVhL<_PoUzt4XsALNCtFKt4iX2Lg6;c?68_jyNbl9!oG0C;oS9))j5yM}1>kudl
zEgN`8gjhRt5SeH_R=N#=&c<wMOiXoIC+FELo2$c&)?WU@MUP?1misz0QrKWf6$`YC
z9n@FH{Z{G(F*#hmt9B5^g2>0CAef2lgKGk#+<D{o4PlrJwWihpa5C|>0+?i2LuX)z
zUGTm*g(Uh)WdvM$@E;$lAOsm2q2Gx@xw4mJ<WL(pE-dY(tVLI?UE27}-ZU7ThkRL2
zcV_0R114XZb`S57*xwa9MYFDPsmQb~*Wqy-7HBrD`C1)mNu~b|ngo|2JeD4T8m}ez
zLlsS_h-o|Ut{AOk-70{c<7zn)@wIxVO6%mh4F|w=oKnY`yKHvdyJMYbXQc5h5Zxet
zqezi7f;9$wTL87#H%L-V?M{GGf(DJvsg<MCmh08@kXL|9<7h$@<oLBxxuR7S?g+=z
zr%7r@iV=FsUfO^~o%t^|r_Wm~4_Hl;7-p5>Iei>bTx>J-FKXgwq1^p0`gn9|InxN~
z8qm4OU96+fG?Lsd^k+9|e$su=vcVtOuJ8dy+w<dZrq*9Upl<ssrF}WAlR6{U3UQ~V
zu&ev5$N_~*J#No!3s!y8-a12<k58NNkq?A1JW-ad&zD}$9qv!gR}LbY@r`FWih<~B
z>;^RHO5n7H@6|R2<gki^s3&dQxq6uSUl){D1O5}Vpz}WqN{?<_b>PY|dn26>0P5==
zgqx|%6Wxe(=>E`LCsF8<!FYO<^O(!~ZXW+d7k*mXl(O@HuNY@PCl0V0<OK5f=10Fy
zdxA?}LqV=mqHl5(xj7AstCEby1{j*=^pnS*4tz#e@~!PKfwgHydG#!=2!D8XvF-EG
z42B&^oW$^0>SW*6dNRIyDD1!E-Quvx^!hdxdGf0*b(>q*k*USk)+!3vJ+t4Fyz)Z0
zk|0|<#?GNOACl|r!kwx?P6^|hINNs^$`mm*F_dz+DyC|Q5vx6%O+l}skAgDTwt=@p
zgta3~MA0CVam56+A?3DE^+4$QWB922hkd>73S&?_-iQ<C6uPU{+YJjM$5HAIu4z{j
zZ&2Lll2&>TiZdMt)j>P12*&HXg8_|hm3M5ByHz&ygsu8OmDp5ceGV76^xi*NuYllU
zY=lk+$$GTTP<m9sqd05k6>Y@w=LH1At$ufr=$3YN?{&1(bT@;eE6nm;A|gy@k;PhW
zE!BNG<84@?*#c@~ZXuVK@g3QbH=#HKa8OaTl}rPOv`Ivm8YpQJj93h7IKy(7qzsMd
zk1k5!EdIQg^%C#E```|?2{rHYtB{1zjy<GbiaXVW@7MywVlRp%B!o%6ig4HGvsn6-
zAh||`M6MV|Ux3;RLsi1I4AP@5u*nCxh-S<JR>ZIaOb1<9VoTF*aZ9?@Rv~#twpc1P
zFe(3e3I>zlYB-wyr6744%qBZ!x0EwGUH=@$HP@K4bQ#{dU@?=fG|}r^G6x<0K%0~_
zyDZqs9II-5r>48S0t}jDmhn7l^sNM09D}qL1ct2>N!`?F+mjQ;yQ`!+VoJy30y--2
z=(0Bp{p9}YADE+3StS9{3lZV=&V{v|FCh&FvmKkx)vxm#C!p0bvtUWEt%(~{jo@0^
z;>4=xKXLQ9QACx_Cpg)Uuflc0PoHd!@5WxYaF$-J(z3eLT$SJKUs3`cr5wpk-H%JA
zzhtVW0OxwaxEzemUV>UCW*7_lW~6G8pn?~o2t!p4x#8r}?<Swpi?SS4`%6pBE}thQ
z6MQ|v2)F2nUISZ_yt-%I=9Mmr-*A#smeyQ`XB?K{6ckkSr)F4_=gZg`?}{fg>qi{x
zR)Uo{D)QE&ojJDg9ha@@?XJNbO)r1i{>qA|mP4pWRxY7Doi)2vb9?3tF1vdG4td=p
z+Xh4d>D}%{R>impjc>Zc-nOF}-w38{BESV!q<wXy-%1fSMKUCx3eR)YV)0IxkwZ5Y
z?7#Y433}^4^JKbn0p5e7?Z5elZ3nCYLEMk%K2fdcvC@=yD8vcET8A1}=jHaI&m*2n
z?si(1nGU$PE&jF!QNX^L)g|1;|5VX{5zz((gDO>0JUZaLK@F@n58FX_UQMH(+_xD+
z&XU|wRFrKh{8zH@@O)hCHvet`B8zL1(WDKEPIpx_h$uauwkHGTt<=mth)&i|b)QN)
zXx*6<Y!)PHxMNp)Ia@>=AySbL(!1Dd0e^zkZ(-)UQJt9ttcPggHGlhz36A4lkKocy
zbLuA(2e6D~HzFT1nFUX4{3jx;cE5bq;41{I<pi{Mbn!a62|eJNg|*>qm>yX|;m=QI
zIw-zh9kq}Wm^Ls-Tgi#0H$QXrX#7<^Mr7-+oUK^szm(&L=*;kjwwkYSalE?a7djTM
zjrCHLDvhbPv<cS!#eCgiekr>kxrD+0mRr}pl38l8rfsVsuChLBdUwpw9<Y&(w_bLw
z!MwQ!cw3&Kdg3e}l-NU5Di)s|$UD~I`Mus9H>k0YZ$qYM92RFO6=d4d!$~#Yb(w0p
zo{fOLJ=GxU$jZR?)+$Q?;y<ePoH>o)V7uf=i_Up{+wa9F)Psl``DmEQ`9+Nbf;ezN
zdFWka`YS9^-6K}k{K8wn#p)%$Ps5$c@MO@NDC}3f%HnEY8@abq8qs?Oqnu34nyfjs
zUSD&oXqJPLTqm4XTo?01PEP8%Wi1v`=z%xpLpuHwdl`b=n-+W{*kZ*}&De|Km>H~{
z<Puy?3G~eqmmi9$_3I_ohsFY`<(F*t;wlbQQ4*zP3jG%Xk=w%kWxvUG^MNK<V(SAS
zm-kHb&7@pJQLm8YT(gJf3Gbv9B$cfaKf}D|B<+TEtID<AMBpjR+v!XJ7Uc0UIo{-9
z&heGMwjTg`@RgGT2Yn?C77v%q4D6jht8ZwHUlBJ)DOs#ztO2=<!m{g=*&7YQ2z&d&
zzftf=A{)^7jiB+vawZT>oiE6L5zIC^J3RF)J7cuxH+!>uH)$B*7u|+~wQgWSo|S`1
zudW2B{M||-Y-|33Ns2};YTArGfxhC((pgepoobfPc-XxxF}AqHy?9IX;r5QN5?KAq
zrv#y*YgSG`lg`6PtmP}C?_pv8p4v^go0Dja)%+<}!?JbaEKvp|Nu#!Xet-P+F90#-
zaV0)}!BJuP1_s7>9N~*JSVkx~iBvD9WFNU;i0H{P^9PLW1L2*VQP3&SJ4|zR=4xP@
z0NZhd|LI)%QVI$cw-?fIB>a}{p}mm0r4(C6E!%9;TXTi6by^s2GxJjysrDwKW;<o?
zRqM8n>#v)c_=N@Hk4g(L>jeY+%$&1zA>16!Mkjyq&=!P;wxnuwUNmZSM1yLCvvB@|
zsc(-Kds)2mt#;((?YbluDu>K$BLS}v&02lq)3iOW3qoiHY<@uQ>Q-W<v*MTGtxxCI
ztM{&2f<*ay^@2EV*UHC_c5TyFfyU;KD#K%(N}`wg!(-!`FOIL~Du|v0dqB>vSvDZi
zYVTtBts$pE)YRuONX3GPRK;Mj^x3S+sGbkwv#$aV^8L#rb^J?m{2Ci?N5467=ycD^
zMNo5KjOi()*v)Fm7ZSGlg|HN28W8K+r)B3vvhJ!Hha$g7cVr(mm-KhLXWP>!;K|4x
zTzf&o<NS_%LnN2KU4ls7Iwal2WB3`_nVPzxU%X*Y(`mtz<kHBF9l_N<A=k(4^m@Rn
zBnIhQ)gOIRW$=9h>6`w$!;|E?vJr5w8}H)vW<0h^-Xqd4p_Wbx=T{#75Z;O~OdC<$
z5Z)%nAooLxo%7d#?M4(vr_S53>a<z%k~l+LYnQ%i*7T}MIAbXaKlKDBgT(Dl;{RA4
zp~(aGbi?Mu50dS$KeByBzCk>jWXFv3pr(l!dkAz=X1qVnxpOvG*kKqr<1a=jj80$V
zf5BEfT;pfX@h98R$8E>#75o}9TKxVTxBh@6;nEmW1#++VkFc(01B?IsNnF>?r!(_P
zZ$(rbQl0K6xd_lL=D7Ewtk+L2nvY5o)!xrCz-WTN@4qvpe|RvRt|uNgKQ>R#KQ<a}
ze;4n2oaob-u(D2r&6P&1YXG1I|8Xl-+_yiHMA^72*rcDrWQoyGbTb)fCZxgf%c5M!
z2TFbWsx(Iub;har&%<*^+2Ha*Y6OY6{;9+USMgbG8>9bW;ZG)N7-8D_fvq1odF)%k
zGhMW`@hk2adv|&ctqS}tUmRC(Oa5B2JloR9fyO*Ii!p2TbsRWjy);N!*L(v*^?XT4
zKAFR$2_RXG2HwEjtNk=M0I%<_@GX-Q@QQYCJay@)OLdxEbDmTF@}q7|5>vxbNca()
z-D+{)6*zpibpy(yS<Z`V6Kc6T*4+NOhKo`F%TT*|y6PEl=FnbsGdE0K^<Mze6FEAt
zVXoKHpeQS(irJ>==G-wES{eKOh1;L~aO{y77HK34#nsZnSg;fZYRn8XnJn4}Kj#fG
z=CF>CjMrlVw;}(T+fiPUg&Q_lcADUvrjWwDq*Pdel+<Rfq^uC9hIIc+1Y1W_?}y_C
z8SOP9*1O;J<%<=E`1C1ITtZAwi73S0w;geI9bfe(s(i+5+~+Nc#S3MRm)cRzO>txt
zz$e`?lQzc*2wp%51AM#-_kiCTKXr)Lg6QggY<Z8d>iL7mUeVbq!ZMGw#dPrONuD)q
zaLJq9g0GTh31ZrU^tZtwjpDd7ne1%V#~)Bd!Q@_pPY^J$BpuLi#Gq_PeLv0E+mWDc
z#jda)U!hUYIE(5K(!rn~uc71<W)u)Oh%3rC(876C3_GnFDs-5+WA{|?18)={@Qi<<
zyr{7&BFuBR0sarv4ITN=V(H;<r5X}>h?G*J_r(y{pBy!n(NJpeT-Cd}UPYRV&7KwP
zIosR^B-0!K1-S_(0G1!#57}dHd5Q;tQW9KAOoZ>*U@Hh;&=*eYv6q+J@264LXsgbb
z#`0IGRZca^67?HOTb<~Szx_DSlOC121S8D;G~P-4hg1Y*mTxplEpwl9-wkU&CUp!S
z+k{u2cpVs(otgc*r{W`SR|sO$`Hg@>q)?z7nv4CJS}j2!{&;jxGJx7xF5U36QeZOi
zlEjS&XJznz8=RaORxs=wbFeT))Pb2#pLi+Rv;-OCBfM1#*rKDx>G2n|Hk~^>T5%_0
z=0@`6wEd>^gY1x$K5o_pFYe9rrJ`@5lFsIYbcyaDGG{-6BF1b&o2Xv`gu>ClnV|&~
zhB50e>2Jf&KC#oK-nQd;#N{z&Q=!|MI&&g3zs4>HHz9(Vo1uF_EOX#&nq{p1%rR@T
zH2-N^X0=|PpME~mx^;YK+TB?JTyK98=JI6jGG7ary_#C4c(pdH&M))azH)-1Z%D)t
z*(Z~M->JWO(l$l;4!)uz3fXz<$SUuu)h8!L@w(u*AAlz0Pc(P_&jUH1Jt#kc(r%j3
zVmd=xH6SnWO@c_WZu^9U0@p$Yjtw;0>#oyPuaiV%UKh29B+}J4_-<RnU6~{$8s+_`
z`*r?DmT1WRZhsV+U8kZEWFnb$jg!b9LL6;)54MRye2pW|9F9Dm1B|=c{vkTOc3-cb
zdkPT>h@96YIP54eCtot(wrR5AHiFFWVTBhkX)US)@;>)pW~kDIeZ4c+9H^lPE1?rO
zdF0G`Wf^G{3T)p#Uch^--pOsu+?#{r38zF1q|b@mC$tiE?$<x+9|?ruWGKu&onFcm
zuNgV|T#61nQp-4>a`J%}daIxmM#=V7isTd9*hB+~`5reU8D4_@vm2aEZ_!+~yjR?U
zCTsm~OP<VTs~|nX7}IUOvk#@SRS^rQ&8Ulni<<U)f<+Wn&dWNz7tmVLvG~Mk9`Y(r
zajd%ZIp&oKAbE=Ww3%Qc{vJ=h0#JC>D+w`cIU?C(bz86){7Hs>-%)v4-P7#SAuZ5_
z!TW09_t~%gGL)!1yr9~M22=AkYu`1%az>#IWGs*|qc9Cu@}*>ff+npi+y)x({_SWk
zS_JW6z!(b=%UbU{iKc2#*)Wn4zp09Eo?N7$=6?S<i_yn0h(-=b(6R7aChqV(pDblq
z$t+JB+ZY!0mS?v7OZhSzad}D`5YDw{t0%cpz5)zpe9sdVb!-6K(}{m;HvrN)BAlMM
zXcva4tZ0n>;qloC;X#6xQ;F0i-HOU;ZwGAkVTwu9+W(E240B=VfOHoF8q)|KbgzuZ
z=dq8)%(f8xICV!Ht;WRsu04s_14W%y&;l;NGw^+UwbYh-T9TH|hhOOq&w-rj`|x1s
z&7*$WCUuKPtxoQYbDmXz%LWmoEM7JP?ZX~VPZO0Mf5Azz%TtNYo`&Bgs%1_UZR<n{
z+^Yu89@=gUQLu6(pSyIH@E`FPYVXTgv+;^AGJkBNRh_pF&knoSJy1M*UN0%&ob9A|
zKIE$JTY%vl-Q?#T?nTU(ziU2ORKNT<tnOS8XM`t`uHtR8kX%*bTq^yuta%Cu_lb8X
zM5`t6ApOyQp~sEwrtog-lNJP70j*Y4JNhc|<}poG8ChJ0{C17FQ^i;0C>ueE%SIP;
zhzzPIj4qu-;88<0pW<(_=@K8KHCSkC|04Z~{>?|RC-_QXmS}(j{^k!$2eg-u0HFpn
z@YOp#wp3x;?nd!lplP_M<S*DOJ1N2BL9VMWJHkxJtFJghRe<t+c^~fwJytJs0fyXJ
zn%6rs32h9zER17#m%Aw@@#mPm#pyNW($n3c?S+zEqThp_C7A>2)_Jsp$XYy1oH28@
zl?gyvJ|BB%^U0TD5hsFDwwSRaNUdR^OEC6rI0QegFPgl*Rf@cRRb1>sEmPW7eBB4~
zuK}`T&yR^B^WP;vNMS^o{nQ+-1?3cQ)0jI<=Bmcjq2S0Yia&4=l6ZBfK5^@0-{Z8r
zMMmu?c7c5y9-W>3r*^B3Q^brc)f_IIReYG@S8QOPV?0X+O;3J1qH6X@7?2{p2;b$4
zGks+A>#B>)x4}j5bRbCc{2H4QLd6>s%%sP1zo|eoGt64mYG`)+dYI1Aq^E5(O{JD?
zivY-*Z(Y2lq{v5(O6GKe7Mc7L7&p-e`Q`ecIE4p|npK;jYQnqL=Z$C<W|ix8$vM6-
zQ0cE9YwFi3!j@p$jeluA3L>z?Gd3RykcSXLt^V6J$<&#7G6T;lHWAvMc@p`Cwu+BI
z=5Ri@BF=f%MEwc;rr}yCp%k;z_fRdOi$U=Y;<4o0fR*L4&3oUjlKyQ#BQL~;B*p9{
z90RG75z7lUra;<I0Q!?hlXO`|n9}nM=a@ECBJjK?I593qjk5;*Dr0yy>(WPpZ7DEb
z(fYG)r$PU`E(?eUpM3;ri^x9KQpSQc`2%7g$9<SuM(#$I*IQBa89PELlK>Vd_tm_m
zhwGgKZhTVd?{2i54)i-f)m61hZy%Vr_KRvlp1xl@8Rw$EM6T=mqle#$(tLq0DjlZU
zVbNQOB0qYkR-<V2F05M?&MRSTYS7A@py(eCl);D@dLV%sC2yIS7ju#t9wID?|DMvV
zr&#hWv(B8`l0zEogE#9>!9jBi)QK2bwp?93=u31`<L|)mIcs^?79eoiXE<g?R+N8C
zX}0Bti2oZ`;6zsJ=aj|8_-IIDNTL5dSK@73kD{w`AK&(8I!|wk2baK=M%(ZIIE73M
z77yZ-IEYg{s|Xxx+EX`?e3|R(Ta5fg{ilhvNn3nvxYsQ-kGD^!)`~VREpt_po{TcL
z!=kDPjVc{p`2N>=GrkJ3E$`#20P-PMfBfvQZ85_Kegyds1ffMjgo+y)a9?|Y?V-I0
zXX3zK!6XgT<Oy`O_;87g>T1Xz)y1*Ra0cq{0r$+2DzBnTC4ls6_y*5~9Hg)UO*px&
zZMkQJo^q8d4h(A4tx_D6H&@f5GFP<qR*@~Dp7$p@Lg4YL_*38`Qk=q{FD=c$wnpXt
zIvw1b1cs8GF)HKI^(maG<fZ+w%jKmxL&{phsa|^PEeuB-dA8%$Zl&Q6M%C8l<|sy2
z_;Hs5G9Oxb*F3MgSwCxThKd#u3nz<5(y09AjFT)Z08kjDE2pWj&>hzbg>M(W?#0Dp
zAqd#op(DkiY$an)zVcc#ntF)pVA4sUA8+86iOxsnfkl0($3dF4L5>GP@G08=lzoAc
z6hvEOHVWNogc!Z~3-XYG46q@A^)S0^OK!9%G2>pg7$v1ywV0~PaEZ5va0&5~;X^Fn
zcIisZ(Ux&$dpW;_z1mj?b}+kbbFe0meRcRbKKqB4C#_+>i<Elm3ql5_4@j=WfA+BG
zca2V5#KRj2{IFJn<~-!iLS7+Cyg&4!a^4rvqXyq8JMJ6%f*Ai0&9hy^oCRq9>ld*G
z=cF=s89%AuJ$!8yiI+?PgKvXLzC)2IP6|<nr`XE>+*8Z2{WjTq09W}H^YXgDd+>Dp
z_452U^9A7H(k1;*B2LF!s0{GP{8kQh%G{8>*3fTR>v&y{Mdp1yXUW?+?kb(sFE4Zp
zaL417BhpQkUQGK>jx=SqDerMW1>54glJraG+wK90EraY@>0(v{Rjov?23v!K-ekAd
z@a<A`o_K=fuRXWwud@L4Hr2t`@vi{Qg5tgN$E&NDe&;<cOcu2Cs-Sxk7(xW5q|MoO
zrNB~MM`TX>4y+^C$!*VPCaxn>al6%FUMCUTzif)J!JHSXzxII)O%-8*^^@(!mLqS4
zK~!b;Cp60LkHY5{H#F(t@&*-nK@Z4jD!x>+7C_5DQ(4&|VJ5<F8QIVPbGsN#JVe=_
z?w79{tBU&Zw$2q{$M!wqcfWr;FX`|M_!`V~-(G`4EuE8jlgPycT<=Zp7Ip_Ec5=L>
zbi=$O49-rAE{>U@zBwt$0+I*8Y|?{^yv5bt<1v5|C8kC?U1=Mb46hsZ2k!4SvF5Uk
zim0N`&GU3^f0SskQKQepeHj~rozK7TE3CF2kO?KBE7FW)DLuTWcBYClpC8>g3HxP}
zqusB!6hLBh?sf3%gflaX80)D6hmWSPz}H)ae|B4Z2W9!HvPmsW)V0R<P3=00G2mp^
z4aLxOj1RT=aT|x?dBH)Ves%x`t>to@`0(_azV)5fddF0z%cJn4xys?y_OWw8Ec0*M
z8gDm4JinXMvb%#;!EwhM)ftpG>mCPQ+K)Oi(sI1Ls^itEVNGQkN$HFJ=F6AgM<$G|
z?>C$|w2WmK6rN=$arSQ4wbxQptt$+OPcEyUPPk=wZBk{zGZx2rz*wRTANQ}<-MxK7
ziaQogx;nmfER~i*$;2e(Np)uR=T~Gv#0D$*V#+E0RyDZlBZ3=u&G|3KyUz~TXpJ?u
zSp#X*a=1I(>aqmh`XmliOC9QQe+k_t4DFoEs<a5u_%7&ilA#ON3K;yhC!G_p@)BWb
zOWi<p7W7$qcI3FNXc>AAaK_kD!B^p701%6_PN4U@789uhIgPS116fc_v3jrY%;4Hv
z!CsA(b8Oddza6|0ghG-?XACpfuASB1wigg=ftx&8bs11sDA|@fA-W(4DD3Ej?_4^x
z6JitspYK^Za=YfNgZLFBM=5>EdxC(7z6S;UVjbEZH$eY+_zDQpF@00R6TS=wP)#5U
z%K<31stp8oVZ7qt3dgOkIomt`O@oM-j!CS%s?!Iar3vqua5V^P#k;g6b5+~vh`aiB
z;@GXpn)1pw`%No1!#0i$p6q%FZ9?9Oi+0`=Xag#qOwhTSer-lcZqQ-nu<fb%Ve=_#
zJ$P5Ow27P0U<*x0>*FP6ri+8Nmd}gj@ZK&#K##mn-8kRQ{rri-96LU1!UZE=GC*pu
zdIn|KXFzXu!Q6$6Gc)Qx&?EImxp~;Z^Weh@_{}l-pvBK#gT36?cC_zoV6T7bT7BO9
z<3M?hSXsZt4LE<_R@Oo1TuJ-b(Eb(j`{$XWV+C}A-U6-wJ~A$an-``zGD~k#qMhi!
zAx7y55Y2*BQ|hxxRDK@%L{LS78lO4jfNeY|Mldk&8dccY0_V%ngdi^PlVzYtQDA7_
z*>}Fc>O7LDJrsD~=&)63tp+6&A)*4foT<tBI1i-Y#Fr+-a4ZDiMZN^3g0@Ut(6^Dv
zgZE{F4Y2zFE?tQ}LJG>ml}5JTLMg(BzgK7MRZvvUW^tlLh`*E??)(5pOV{)d&i9i=
zCQng7Zu>hTfq3n`oQE&R*&`vgQL<#&TF*}}TA-JX@5BUZWc4sIQJ|7{BE2F-;BZ^T
zlP#)-V~ZB=>V8Z0gHU0~yN(uLoZBETQmj~L$sLi<w!5_>IIz9!Aq7FvrEx{pmuL(C
zOj?){E(09)t?Hervanh|&`23T6cS+QSVmN8SV)vVJ%bXP4D!^Nm|hWxr4tNVx*Qxr
zL7))vBWnRmC%I@xP6b#3c(Bti<mYp6?HV6jZ}oB%ZwIAcZmGa(d@NKa8jStyIa#mP
zR8jwls@<GMey=4fBLeVzx1iKTTyT*;XjqbL3%MZ14#4<mxk83j(K)~(A2r4k=%)s5
zjHZ|`{lG-8aPKw-31jxkCWD{gvZ<O7g?WCmMj$pB{hv*vlAA?4#~!Mt&9qK%SE~_L
zdpda!Jnf0gWf3{G20C))+&Q%`JH0yg$SJ%bBg;2=mwGr;ROwyvgqL)Ly?*if301{s
zIl1F0Nt7Y0OPu1b=D1)^8ivZ!4Jj@GUQjjFOj`9mJ7;}T1+0pF_3#O6?$K`Ds<yzq
zNv%#scH6FwCt;XN+LO?H#fh<EW{()9<WXMjw$W<Y>|i=F4U{`1y*f(g>ZyB?QHNSM
z3)|Xgx=6nGcHW<(nMDKU{6_MDfPPQh8Wt%Ciky$XIe#5;NtZ=R+csjq0!k!NXWaqY
zhB^)Gu1WTX-F=BjFHs%v(Mf{}8Ex?%@_;4_EoOtqyhl1c7I#gvE-N*HoIEaH^||CM
z;g?z!L)$?1OWP6j@A~PzpJkz#CAQSSOyDe_892{fG0CK;r>Uyr5gunD>(#Mgu;l(0
zIMH!~VNIL+gesyASAVh}u1+L)jBJ0CWEkQki=bPBepu(GnV{nk9}Ar6>*!3nI~G{A
zv~GB_2=~74op3Qkp;r1k;g|UF5>^oAG*|<zfZtcIbl7*|37_D2kk7+I<dL#+Dy0F*
zMs-m~hv{2n{|>GkaglUQnSav-ja*Llk<D`c|I01^)S|IFsnjyrQnS*aqnpF+2o21j
zDQ;UcK!WZQTs3iq;jP$JLTTPf$oRSBu&hW`kXX4!DE)nvh{J7qV*D27H2#LJwSx-7
z;_F=rmh}S@aIa`HMB!s*jDj%(;!7o1<Ums;=3cjaC_;&`6n#t}R6D3AMp!_eAsz0h
z0i~Y8Z?aETKR9s$UomU|rLpn?PxCESfE`bWvK03d3rl$Go22a!C#F=bqG&r%2e6PR
z<VP2WLYR*=tNEO3!h|?&jNH>&e<6!n+Bpxh`;u6dTiH|X7M1(@DREWX;+k6v|Avvj
z<NlPf6k8%)96dpg<b4;I#1~D2n0Pr{mJYaS8VkYiQ%7o01(UA<=r|>4R&_Tdya;$f
z!}t-C+OQWPp({Z>wpxD5OAPqXP<B+mO{kdfQwL;X`N25ye0e;<4^G=|v11j*Q@IU^
zH=78j$m1CJ<0Y+=VqpVI-}kOI&gTar!|;X_$F@=~(Ho#qKTwQJPfG|*p|_PY;2$B*
zkx6PV@KEuv0$5HBQI~{Yz`{s7d(|2^SIe*bYx?r;D5EzS07TtiT~Ge-w}$GS?N7SC
z<eE6$aYUu=4a+(=nhK-R9Tt7QC|7kD0&V4Gq!57dtC!BQ<MTnHqAN{KfJ#WaKTXTw
zg8L3$H;`;;EN{g{$DN-qim)wWK?P+EK4WoHyV+g+T0@AZ(=5{0tbtKFT#iui_z*EX
z>t#pY&dHRp)u}2D_9c*1@7I&~s!ZMl3$@Ut3hoFi(#B={D(HoOYr9AGsk*@H1Tne#
z)Ua~_v^LVz*szL1FesiMyzr0ZuCr^W&6Ji4tl&>qgp%csDoy<8t*LVm25f#-JJ{a<
zmt9@O;@0!!$W$28j(gX6zpN6syvnNks(-^b1sPg$%cNOVL>hi09)kF8+KnsB&AVlq
z(g-UI@U=93BRVM!s_Mdxm!mVwVBwR%?>9uRq}!3TVrO_MsIJ0Ema@e}dPNFTeV^>S
z`Hz!@B#J4Gh{8Fkrxpri&KFHzTsNWcb9+buh)r1!{tX&oV<%aC86mcD;au;5lEyKJ
zFI(a9-p?$gi)o*~88BCPM*mJ4BEbq5qJEGJcvm_c+Ee&Hrmi`@uIFjTb{gAhY`d|o
z#%yfcwynlanl!eZ#*J;;?``}2weMf|bCYxK*)uycJ2U${vsWa@56-4rq*(u3B(k`e
zabk^@SjCyBpf;t;I1MV7N25Jl=It(@*;ZS84BM9}aSkvvw2{$sc^7=cX$i=dC2mV!
zuOd9@#=kV29!|?zN;!emTkS<g{GONTMgTIoQM7ImfK29L6C<Vypw#Qw$+QE$R@cC*
zVHl;-p)k&zzYD^~ijMfVrPl}wAg)2siGt@@O8Kj$TG4~{PjH?ET21!%Z*1M(hI8Hf
z+swT-KAj|moFaVOyU=&^RVwCEG)QA63;w;37jGr1i{|R7dAA#{JLgv|H+&4d)l?qs
zz?N%$g-%{`#0k!Nf9z;ewpv#<ctXQ+;w&Q#&*%7}E^j}~5o3^?)MjGVBhoX&6dkAG
z2S>5}&myxRjI^BLnW6y}Ns;gN{w*@esQKW)Wgp**SSAZ&<10*WEl5Q6M7^?}8+bkF
z(MP;S=is;@0JuXaiGS`)5I@$O1}l16AxpS4eJriu)35c@La3Ls1#bU<$-f{%|8uG|
zX@vynEtqameAu^i#yosXVI=5mkvlE~tcmG=5?TR`rfY=|69dm1lR<kT9`nKybJ?4w
z0DQ4o?v+EcRyaa$a(`0F{;4$y(lNB%Ih@qC9=<oeD%tf-o2b9hUEn2J$x*q}u9F*Z
zZs;%O+by^3v@safeGb2`8G%bn8wH~^BSGtzCLue2p|4K;;IOWk%-M-Vqgyok-pWrB
z9}*QMcl2TQ!Tv7liPI37dd~2&u>jG0yEbpi!#ZV>y%;NyGx~N7;(E^aD)Syluxr@r
zb%pS}YyN2Z-M-2yx{sa-+}|N!XVWg7!a)@BPcbRo){%jG^Hes37%bcreSk3)LE#fJ
zRt*YU%vA!R?3Of}UFK3$M1ku+H*yBlKU(Ft1#lzViiBADE2Hvl%rSiWD-Pc+&Z~A?
zb@|p@W7^Z+!FgKEEY7!!t^Fo|8Qx?%cUI5zGlxjzjC*<~gz<l440$6_-LPbLjKSje
zVY7qdO4J7eeC-wqB!?UaB>ACCOX-QvmQ(6XIpY3pOd=wNww+)L;{$?ThUv_!3u9sY
zIb6VLRyAh>-06=9^L?+blz<(;=_pnojuUbo@3lj>PILy@my_3RLPYFt6*<h&+gZFc
zsF%y}Y7?TEu=W+Vt!AT&kA81IpBGbO;8ovF+B_&nJA4)!pWCq~dnC2du0>x*QJ5z5
zRXnIanrpimwl9^zDV#ddwkh(3(n~d|ny0R%EX#x1h#Q3fc>K2?A3`)$sex@2R2qj=
zSU!)R5FAEu#ARnb_QCC=)<-=2`e4qK8-wDDdse^>R;-bqCEBieRY?mZy525<5m6bz
zQvA%-`zZW3jV~+)&Pmk{ko)Q{e;D>NKV4id<uXk9I!9CColq4>))JEQC}n+J)`*n2
zXar(%w|eIlz3jL|OzZXo{CjRO-`d-+3f7I_n5~hi^PoFmZ!O#2bGed$(%bDh1G~@?
z8K1b<PxPuqPJJ!SO!)a%khyDD#MqlQ5UGbfXV^zm-W$o<un|ci(F2CaQSQYr`=bN~
zTR$X;Dbws<Rc{wk+Rz!kC=NzQ<Bg{bso}*~dOJ-l=YqYTrK~mr8!Qp!Y{dj=gIBy(
zaYA+Cylmk}k~_+6I1koEIx&Nfcds<A^g4~9j@c>nKW@QnUYw;Uc}cJEYE_}M0eZj2
zaFaL_dA@L+=Df^aN<Cpo>>+R_*S`V8LC)$s!yf@G0xRu{_X^MO+4ktsdK?B&J^e6O
z`YWNYK;W*6yP{1401T6ZanL>1Wlci8(-GkiI=gwf05?HM{5#ek4-W_xtxHP+LLLnr
zWr`)s2y&_%qY_Fs7VLRZhNz?SN}Z|CK!Zg7pD7;pRV<xg2?z4)TB<S)ebX4;OE76a
z*>Jf5ugOTVbSd^uw{_uNGkLfBa-Tnl)L*b-75Ey-7b%3uD~XTRS$I?=OV|HP<{44|
zHl))bfDKtlGHfq(YC4A{z08O&>K_&f33umIZNwFz!JQ!msD((`{cm4)N6}~F2eoa8
z5z<JZutQHFMt6wOwYO30H1ZTM6V{$}rN!>S^MN(e4-ff?q~kl=_o+urh^bb|imwa!
zcdPsQ=28g*&T<8=#7iGfI?8dlxUhFo0f_J~iE=!WY+|St*=dHR3^Rqe@Ym-6fVw((
zgLDrPdCN((s0Odre@swpPA*K2CzuL+tU!B~=}g-jkrI3_U<TNP!uv78$KqX#=HQPs
zn54aM*NX2}^;S|#t0Dd7b17*-;O?Pz3J5VLFxFaX2#Dvus1^evoNWb0%yiwGtZk*H
z@@`DX#(l0U4;7Jy-A1ZXas9{`wNB|HV2#)qyBGhl2qSS2B0aznV&H_ZQb3kwvm_En
z(dr^TF1;zK;UZ`x0yein$6AG3J8wNo+m6GyOIS+J>*h;~0VquiE*pum46bz4puNZ)
zbJ-8++>(GU9h|qUXipYLaZTqseI0T8vEx)&Vhu*6H=hPFDh%=~I3wx>$P(&M1jkM_
zz>L>z|2GkdA`gTST7F(60rDDwUt~>?^Lf)mR?2qbPS*}$+(!AInUafxwl*6PQ*Pb#
zb9ozbr*Pa{jacKX_fys6x5mY*+`!4!qJO+Ew$(8|t~1smQN#s%qkWa=D&tTJD}-Yv
z|G}b99R8{}>u*YSrR7)W*7P4%lSPtdny^;OZyfOCu%Iup<miAWtFOT9#+{B`><l`$
zzMy&^P@gM(Mil*+ZQuW-j^CB7E{_t!^D>*-pVZg;OY<zO1tkD-_sAs_Zxe;$r^Xqs
z<5EQYP?OgJMLog9UmmCn(O^Rlt_MJSMZ~-Q$9ay9f{bnl2@`|J!<DMFO*9O<`)asa
zwjFmGT^`<#%@(ilJ^2*nE@R5&Jqw$7<;#ZgdgGd;<vH1hOFuwQpZ*ce&<LI_IV6*1
zLr2||@+38L*FAkV#E1a4Nem%5shd{ev$oYd_Y1vvyK6#%IhTeXD?02hL}ijy8_x+1
z-;+H`)N_T_Tz3UA-rbI(3#`LFe|-9&(&JBJL#;e;U@&W+E7a&OyK2*q-T0%<r;<OO
zB0|o#Dc_~wQ}$kg)KsgX-e*3c>DD+vMUjN))i=dIsLdKP=0|9fiZ)|fl9PIJeHmSx
z3p}NJh}3`V`~uHJxT|TjDQ+gHq?ph>BR=Av36DdS9E3|}hTFV7)sFAED2gl@<4?jw
zPcBbV^-8;Ek6_)k$CskGv6Dyc&}#C9F#gk6PREW@o2tC>-yIw|B!6NJ&uvngxg=U5
zP>8oO$e1!?!IJNcnR=3gB(oY9zF~)H(2(Fm&Tr)a${>IXL;i4yb}k$@E~sOj0cOAX
zp-hxB^NSo;W(!1WZ<zDsZixFl!b*!xYXc}j<7mtC%oztVaDr*ffzD;Yc9v$!0gSn}
zS|h^wFV4Zd$WlvzQ9WJvys-kdYCXBhC5=kVecn?7lHKqTxnI^vU7D_Dvnzn^tesfd
z`-kpaXU$e~hPKGX1ZAw9&uONe&uga5-WF{MxvX2MX}oZ%-wv_dxX0B6g6TAfw_=iW
zKImRRBlkM9ZO^N3_@R}gHR$JJQcExQuT>^W;pmKV$x>S0MTO;ho2ybCO$}??8@HAP
zHNIbhGDBmA#XES#PvHn5<v*sqtknr(3HLkpEFM~54dYy99phYf9itmO5{}YoFgTZ3
z!QL65Q-eF}E5oZ{E6z&TH2ALxZ%R3W-_u!78~B|x6?gz#s7I8M-Fc~z9es-aRtS;B
z3(HxV4XlQ#Inrs0{#2iR@Yv!bN7TQd;~wD)&pS2?An35C2k&z#S38{``x!sMd%nmK
zEC%iycDEl^;|))3Ad^{M5bZyq^Y{y4_X}y-9_HZ02Rx~LQDj|j^{(wq|Fg08wA>m<
zuVdOqu9KjnI)Io%9(GB2K!FIqbBLd<#XXuXBG57k{O7T=OL@oMdQ0?LTD9(ZB<leb
z?$h(CcRAAo^=edSO{b%_8@$geAm}+QV}A{gZE=^krueAx6wbUD$4upwEFw6ZyC$2K
zq>!#DMfU;#YR+Ip<LCduvKLkZyC3L+^8N}ZBEImYb%Zt=J#n2c0#3b)^m1G{O^@2U
zvT<y;bw%Frdbw4au3SCT!ASj3JV-n_deOQN_Bs>Fl}DkzQtvU-+3xECHQJ7Ka?&!?
zivfppviMZ<lb)Trl;q&kaSFsp?Nh)1y=_xU0E}saWuSSU4|q*fcjKyyoX|6*Q%Q)k
zadiq$3rq3gVp8%=mYKxwEsr9@%;Xz8%^$^IhBe4O@tdcfLo&Ngg=t`q86;nlm!!*I
zxSP;28-RRvfR~l}@0E7bfoTtQ1Cjx+)Vvp2=kukiIX02!dJ(lb7z(I)Z_|v~y`ky2
z$KC3?JMh)Sy6Q8nB@u{5kv7TTGXvLJsb5%CZVcCi0NHO+-D?DBl6UBH%EpJ@iY+rO
ziN(@teNS{qn(?F1M>7pknJgm(s~npfJK29=m^VDz@HbWt5kP@SH(V+6>O3fND{Zjj
zGQ3|7mAt5G3$T0XkyE(RRq6gc1jk-CrkEgl{owPRECyv|zfM;jN$S#tPW$UMXUI#b
z$7R(jZ=?A)qWh$V*@F^p04}ELpg4o;C+<GZYs7;n!9I>x^m1k{L_K+!tKuWgrUd-6
zL)o%pCQR}}W{85uvxZep%#EEn(%+nxjX*x&jkQFO3d-0a96Ph_F{p1N4bbrS;qmrm
z?U-UazdGIFnn%p+tK8?u5^0ENA5f))&b9@T$IVwfdHiQ5K%r-(v~?Bw(|Q`ipYX8N
zu4ifx`cn=e9Oy)VbTR+|pv-#_5@zqBtU@CxN#}Z4%=i7Q!vf^<Y7}blfAHWle5Bwv
zR;W(^5uII^oi43<5ox>b)l#g;psjFM&bxV#-mkqaTkF}DL>2QnYEf1YG|YMFxB}>F
zXLhf}ZS;%9IXyl$Y9V5ey^3m6&l;@H$Lsy})xj_4Da)&G+G<Y@%f=yA&&JJ4DV;ci
zj=er;9<aN^tq-TF{7^3$oWkFU;txlyNko~!r=TPl4@`P?3ezPSC#DF0XCg{)2=GrF
zEC;Alde|lkR6oMO87(iggMm?v6Kl#!4e&1)5lQsr7&%z}0*(qkF#AGy+0(DDu05;p
zM)9S$%$(yJ-MTe=J5#v<#j_#nf2yf1POk?NRq{%3tE-;P8=O;V)f|?*xAjmblFFIn
z{Om!_Rj^r`n!}5RjBIU10UW01IFI=JYI488ZZqq&Ql*Qi3(M1id@+62Sy6p;FM8%|
z->w@zcLuLTapwsI5u$gB;Toma?&68*^u(gef$=;egLe%cP56XC6sm0DFn8O4r+qu_
ztWo;%Y(l*mCGA4(Wym=)Ie50Lh$zS$PD3@LK1(A5K%yxJ)4-yrKPLi?ntu5PU9k+6
z+BH8LFcbOT)RmeFFh7yT-S^CX>d%nm6<#I~zFqoxb5}7_v!7TWU0Muo3A~m7Ox2{N
zQ`%dS!#Dd}Vf3C2R78nj!P=z3dzjuq#d@<Ft*0$ALp7d_Y+Dg`G@&eNOOEp=14Xv2
zn-*uoK{X<YsY@dmKrZk7z(x;?!|GomsakAjJ}<m%6`2tAH~*}=^tHU1Ts*iJVJq5_
zSxWulL9J$AeHOcXr2h!+W@5MUeX(KlnVB124%n+R$*$jeK~-v8=oYhU!eg$pLW`dI
zc6}ED9b14*k8G1UoMTPg$zo(;B9P>_9-Ky^Mgzd$X)7B|!+|-_^I#hNuIO_#+bUya
z!qpa;tairq30vENB!4S7KRGdxqJg{n+h-??+Mv0WtR`!&Ig1S&>J5AEO<7oA;peTM
zi&@Sg+17Ma5s!EI5q@|WlNwsfv2@YB=bg>SjVwQHukwTYthhS4V40hRyWVR)gsk2a
z^YSqA&OJf{Sc-b2zea{DV*~P8+J-dZP>w9(kc4srudt#tA@GtgXbV)oFQ2k1BiEAj
z`?<mwkY(wATSPO6T|*m@wEntA?o?}uhhdHTscTlnyWDkoSn&iD_?I-c^BS3JvxwYI
z-0VoWC(=!2&(p0}JcNAggU~_>D(0ab=Q`*e-mln<TodYwuNh1&%*MZW#nlS76OA{v
zMJbSaYBJ}{hV-LsVMJprR0odu2vQW#1WxnEI(S2%Em^suk^b}1SYEzJ5Jt!y7}#0i
z?8c7yr<|hv+m0uq6xf<k-rMc8_N~i@KZCtELC-s^y64>A5vvoQs}-x-SM3qcA*fR$
zJ>1zIe?D~PT<LnmjN-LXyRIRNTe49rJ+Ehj+SbGz-6|v4ia!6Ty@J|)qwkvT@D+I8
zs`%iP3PpYd)p$^fLjF~^o-}%!G%`Ni!6MBEbuk@qA!5?+whfe!a8n(=UEMmFpe3$K
zoW8;{XYJo>iqG-y4%f;&Yxq<_1MIQCFrF>f%g$uuOnl+sU62#L_>IZFe|h%#=~zE-
zmGg$^6{ipCYrRbSs-C;feb(j-`h1By3!EbFuz@_!)dPl~<91tTwu7$91ae9popSWJ
z#qfG{@#rv#p^$=s)$V+NI&M;4H%kaHOSsgVk-U2}TrQjv+ox9RMK@da)EM-GX3A}^
z8^T!bw7dNCEnK~t+xg-RgpPSCHdIZI<{(=GvZ{US`Gpz0LMaLDrU%AcK!uHw+OFF>
zq2r;+?V<L%79V@?cWk7_#McQ*bNNEhv!7zn45Edy1V5+~gXs#Zp1<~bRM#za9-t=p
zgbt2Ndf#hi4PBC5T$;N+SE`@iL|AyiNG;AP6dEszMY*YY@;kU^uJRLjFes{PTk(2a
z4d%%osqrPfWHrnG?oB}Mlh68EsXQ`Q@mUg-HAtgbt8$|f;pO=(Dw}En$As|#eX+`%
zeZKAb`V!ZQ9moGu6snGBova4wkI+l$Rm(aCnl!jTdjGG|20O3zz7GE|CoM~G9J9V<
zj}JdG;L&W3Og=FdR$@yoEsSM5VBcj7H{+V~cLlB!|BSge;;45Ex?l@A<t0^VqP2AF
zsv@1MH4nO%B&%vjY>=#21&Np3l}}<Nn4?s-LDuL7{lbqag3n+_m~?cg>}?03_{UA@
zhR&0BdcHp0HncFGA{Ndz@0J6K<?pAX_s0Yn@0zd2A&;BGclodThJ#iT0r{G*icd1B
zb;@k!f$5jwg)KwY>VV%P3R5J&%G*+={+|PhiXZSbhlg6Z?3V}#XHQ}YZG6-}ZCD-;
zP|uNG>(b7*T%I%+mM187e==KrhCJwW-|-L@tuoE*;9Y8B^^{{{;Xi-gecO~j(sf>~
z+DTar!0vY3PCLV{IqjPVB@i9t9LG2dwb+Pk`hyA5MXIF7i#b88$;eY@RN%b}a8SiJ
zUwm80*0rr-BW(IfNj*A-L6qRcrX<%TRQIh+@wS-Z<2I9oDH;=OutURNCp<zA3b?*p
zu7jad{<7!_w!euF_s;3riPyE=P!8KPGlAC(FgzdUN$!cA8r`a7pE6uGFohE=5DMke
zZ5d-IQz5k9I14QQFQ?f=**Pj}2amq|WZV_I1UR?KA1zdQyGD#jr8d4;3gp&mkQ9Uu
z;-XL34UnWV!p4UOne`lFDFf2W@D<?bfq%#;DY&V{jgc=jST<BrNLHIs7ozh4qzWFL
z?`_ZJ3ygZ|SkVCE{gKTU8r=Erx!u0ugf$26h3&otxfk?=(%SM+v{t^xGe~nQy6AH{
zs8y|xE{X9oC?<W9MM}MM-8<;8%)1D0ugW>N{=9f4jhBB@n8pb~>2WwMROELW?ah@C
z>V((r2$E5e|8RYIV~G_;XkrK)#BV$%JYq3mtX$6&X|cDU5nI%8G5T|24~&EH@0Mvn
zBnzQQ05xj8QCn%G@Hf29(mT~rQB}F5DkHzi`lg<5%DpKQ_0l1qOfJTiFAd8VU~g@1
zVkC-A>k*7HG7x$z$C4?W*loNfUhD|YWtz=LS2MPa@iZ%2dn&lBOM|5mw;AZ2c#GrH
zn8zZ1qrHtpzjd&r4L4BEvDaYSTQ+;k7dMH`e|z=h5&JAkva$IyB@>q4P=JsT-vk*|
zCaZ>2yq*c31Ss|d3qB;|f3+_&KpFbN*4EfHHIhAPI<&Df%p+ByVV_pbe6e=ZqmC%i
zAYipGX_-pymEjph<jSs~Zt$)&!}}<HO7{t?>}t5x>v?%qx9w~^UQ#pw%P<u~=bT^z
z58oZ0KhoVPT>(&<?MkB%{ViP4ZZ`vxC0yByJ_rIMUwp>w;2J3yxuo80%>fPYow(Ia
z4!OV7{9*(|NFF;^<LuOMm*?J$?-@~$Hlvj~UM`|w+TMdVgGcuc6C+11gTd#+!8xk=
z9v-?W6stZuXZ2dW5kA#cJgG^C>$3qhN#)a$AQ!J!$jRiR`i~&bQn@qPS+3bfH-Y<~
zOfxZm>2Gv4yB}>fdwl<O@sIC=ETlxBv!Rz<(y2&JeLZE8iiZmV*c!Y9TO5pk&7Ft8
zE3B7#yHA<t;-y$FA-foG@J{08Vp;98`;Xfyty)0XVAPxQ%!fk_EADlwRvV=0r^6o0
zS~X9&tD{<Dqo5{yA?SH{hZZjbs=}pWE)VMW%Ao#Tjf<zx>eyQh4A7VKss8DH`wA?H
z{>EDx$)a7?Ixjx0gm3v8T$U`Mm^+R>v()HM*BIDLNw#=eT_okYJOr#M;z+SN6JnH)
z5p`4&JvCtJecAN3R9JtLh(`kfvJkbR_)=HX9ayFwEJH9gjx=*9rSh9ZDzw7$PR3TQ
z0w3H&nXxm|LG9rI?woG0Yc;|Y{jj(y#h$0yKuLm6j*s^_r`4`Pnc_uHJi9)o#8|&w
zz}sNh4iZKDCx3A^LQK$$0J~1;G;!nJo=7!84TlZB6TttC{+7ZYeFR8D)X0Ag;~^)U
zkbpJ!nUHNUv5S+!_<QH)U$W~wR1~|FSjhW&KtU9~-`(l#lY^^=YO-i1xB%=k0UBCu
zx0raelvtgmuk>3CPuTQA*jpE-;$1nxa|S?K4B3w(n>Fh_6(~$4WglE&TdVCJ{^4jl
z@Vjz0lQ!k3){3n@14q9#dTUjw#L_xDc#8$QfA-Nht8jfk)hIT0VUw^aqmx_xA(5(V
zd9PD%MQ}^oPLH^d753fl`RdHphu#I7!pDl8QPxpWEQhI<dHPRSg}O~9`U!Uc4jOX?
zNCD0jYJeKQo+fDci4s{OR@wK{qD*9O>R%_!bO|&7R}E*Vc&TGxQ1*0~7^Y1mRYnv!
zVFxM4-q@-3qTva#U#44s(B8J<Ht6E9+ELK?zM=+qGPvdJu>C;hq^h*%JV5_@c{8_e
z>-iFz5KAN|gdH6Qtl9N2mO_L2(X=7b9BY6z794N`Dd}G=2JoPWdZ`m)mD^HMGpM||
zM50%+olKm4TCZXqd+`y~d$yQdBj7||Dc9U;)(=dofxl{co3V4-)USwt=?sAWE~YL#
zRT&acy^XI5U447~P}G{~T)$09HaGJTKu}Kn4cTJl);VVG^Baf-!iFdA+o<FYxIdHb
zQy6eOL@aqh{(5JOMufof*ZB{ffaWr`F-?j0dxR~O{>TYj(*8K$fGt~nTS)xD{v3}j
z%i$Je?o8yxcGY{3^=SBk-k=pM@vG07cS8kthXT9bzWq2eA2I!wEnD2tZsK;<lJIZ!
z;KE;L;OX=0js=2%7wX-h<=KuGqk$d8nqd{l1rzt(U?oC;`!|S7P(6k=CWc>w*bb9V
z+}0Kp1bCU!;JZ9-d5%}ZhfB{l^EWt~HFo>Xl~0d3?Lc3#lJ)q8=0xdj)(;mPMhC6A
zUYqJ**hb0`<?S0MQC_1-UiCIuneGNP_>bbH$skSV|B$eTiTV>jC)Tng*YRhj*x_^*
z$~OfD=4=V6)94UD8U)K=(z1G&xc{0BSqQKPhE7_0!B#sdr#yEM>Tq|`fP>{jwxxIl
zN&`2#>0wE)4Cj1W;UDszp<ObdH_IRjO_shXW*b9DDTl3PPg+$C5I8#1SS^Rt-^y5V
z^e$*}v~F4<;D@_vl}iZvWcjBwU)?9%G+rfHzplqCA$u=7JE87aR}butt_D!F)$wCs
zM&VH2eYHlM%`c^DUOLY6RO=U8-S~bl552F`1tab?$OqxxkgO|avjJ56araUr69&dA
znH$KW#vZPi!Xciq<T`T*b0w|s_gD=F82o6ldc~6??WmT9(xbEek|M~qC2$$z9?52Q
z(Q;da22O8i2PJs^%ECAjIBc+5dQ0I_C!TRgGeZfhH>r=in5dm6G~Awj2>l6wR~+K~
z+2MKgodBgsSn7KZ@)xgCDPSQThF);FlQy5X-LrG&<867oxuuWC+@G9&Yik1^!kis$
z**2K6X%`lR%_dfiViFiJYuiE+V(x_?*-2}V18&)09&6k!q&!|Hld>2<QErEiGL+_B
z`j2pNIw)}7TG}xze2udq@7(9#VoU=e%J936n-K~R7lgy@n>Ej@u=aWnQj5KvLw1^&
zN&k?i`L|<n2Z=ak1?(YG^)H07FCA4&Kf95nRVe_G!Q}VpNJIfH_-nf_Jia>*Nkp7f
zYf=DY!V_?%w1daI+0yAr_;4J2tAD&JXBJ`sQt_Fi*lH8=QSk5GIG3#woIwS4*<9=3
zK>Z8Rtjk=KqiHRuqJ`sLdoQdd)1REtE&sO5vp{E~bg`TOI?<Q4?<j+@v`UK{(*j}>
z4ZofM&tLV-ZtnHHy<?=3j>)4F?HJHzZLa-R^tF)Ja(25O+ahC*%Hpy_ZTo)Ct_7TS
z@3GyZch4#?9N#(SepSXpqZj9SPhzwNSZt9s{xhlA1}UDCvl3@d+SlLeU=iIV!4;k0
zm`QjDC*Qjv!n5tIQD1Ra=#83l``LEU0ZjJC-*Hlk!HIKu8^=e7-^b(H$u1N*1X9cG
zFJADj)=+zWRRU?_Uw}6JuHl{hO6j@E7mh~b%GqJEU|}pHkv?)9!Q*;`Skl@4iG0<z
zB>HGGaWX59>(7FM8*;<}PzI1PW*Yc_h4Z6f?r@DIFtVBBjb}WL6TZQ`f6Z_nJ%Q#f
zsXsXZ{OH3=W|hqIN>cf6vvl>$sDkfEdOlV3MlQEzY)j187X*o|KW=Xmqn`?y?v`CW
zksY@)HUGn`wjL<uj8<~U%-w^d=-u$*+_uAFL=N>mL_2%c!FFcfp8YrbD?GV-4@srJ
zW`9LG(7iKhko9M1hIV(e1NNG$&HB>)D3Ru}M*2EX0LCrGwAFep#1Wpx4BX^Z^(%j4
z%_^XApe_NvRCADAj_29HGF};Es$yr7u6Gc8V~g|otgmj#nq|AzTJM}%3=)I-!EDY?
z4^|r2R=>&P(kC0YEQDc&PJd1BxN>LE%<AYVYomJ=gFuAAOWq@Mxk7wX&p*zs6msyM
zBl_G9WS#i~LIB45#T}iAMt<-I_gc@+dVk*Ajfa1IK@=x}*0<FL?n_+hC3uBPN)0sj
zGn07_o9aAFZ_v^EtV3+0R|_~q#PAG93MM}M;l1;QD>;hRxh3Wv)HRJ5C=}D|YQZC>
z*BF^$6;(*iG<^_ch4nP5iBWR=yV71A_~vh`6&(Pca(Ms_emcQP+bX7w%+;db=~?7q
zT%{Y|OS)!$D?NcraQ#d*bU;ZUc3fgDy|jo``NyM1*?j|eR2<YV+R5XdbouFk7E|^z
zuH(YssE!iop-mN3$cs|)wz!plJ%kdD80a^;7A8%x{$tUGgN~^4A)thy1e-}Nf^r``
zoDTj1{qyyg$Jvl&WI^N7$`U@8e)7iCZIe#-A0G9mw<f}f23FOd-}N02P`Q=b(`y`d
z#@h3KaZ#ry02rYO07mHXS4Wt(xSs0K;2@_gM*KOgCC*ay^hYO^CmBVtyO2Am{k6YP
z9HV{UdvxtIkAkh;uUTP0+F5Vk`QJ_<)mJLjLYy*eyI)VwN1ax^R|Q21ap>PK&nQmg
z3@#H^pQ<cz=j0c%G+!L8;jO4v?xrd~AF6itkT7Q+FYG(;7NFmy>^l1(QQuLPL85uz
z7ume+ZI-UkSvW6BsE#yPCVLcdQ7teyKiGU;@~p1fQ1w=6-jDDs!$-&=I^b73)x`3c
z>`Nc!pS2P6O7(Ixa_{SI@rr)xA}_(Vt9eV6o>a1g{4APHbHmHzJ-W9;s&C<M4Vi;o
zMEPbXpQF2!mwW9k{3KIMcejvo_oN|ITIF&Cb$@y{{4Ajh>88bgbM`25lyExuOyagu
zN_r%XB+4O(sV)5bV-rkY7%5PJ+~`9w8LGZ!FGyaZF%wiO!93uY_T4c=Y!8%vXraH0
z4%sv?;LbF{uUpd+iAS+-ulpn7{NY~r+#$sv#!cSMR?T(HLHn7dyv8W-KIS5?pS~~M
zI~$;ZAP?{n{G^3EV7Hq6ylIW_Y+YaYCi>&1b*Jn^k>3e6Qf=S`p;_hj=wcAZ0(<s{
z&vJzQ{VV$3r~aAOPO$Thm|dmT<9FBM@*TuCK|CohTJh2s#Da2rt_lZJLK0I5ls`#0
zG~i37UnCR+)5m)834`Gm%A`n0#TuGX5LNJoNMnYG0;X@Kq?vwy!4?Xl*bK4LNm$}k
z_*rqGK<9|ZFcw}O^M{Kw2-6p*CQ6>AMJNc!xd-z!R?2%v3nYS!wyY(WFFU$=C5;I+
zQch~bO@n1OA*Z4Pb`oVIN}|pKWPhSiBixioTP-GHTZy>7{7qt$G<u~)G(y9C^vr&{
zOmY5-7Y(CoB>c^$f1zk3PZwDM^>(~6&(EO`Hl^Mx;tf;F^%DbUhWVRDw2V(B$64-M
zC9OiB?o&V_ZtbExbZXjJ>#qR|6|)Jl-;o5X75$^~7Ao(dI<H>?u(fQ_@iG>nOQ0z5
zO8I1$meU;n?0B?Ku7G0`DDh6Zz`qU6E;vs4$WNwEdcbM4TwGtSSegYAQYDmJ84r-C
zUQq_H#MjhGfF($vE$9y?h%bhXKv7WrOPNI>gpD1I^W($CisLZATxV$E*7DdV07IV4
zR-d3$d|;z5s)I$|v|078;>C>1c)6NBIeSt&XLsc>`#SXue^9o`{mN5kBg6IMnxN$y
zvNDEFBdZ=ZpPpvk{a2oEt%o6a4CqU==L<Dyaq8zDiS?bH7a#I;SIfF`*4~aG=OA<-
zmX0$-IVvTxE|sh7i&+0ux5{lbnS0E}LvvZng_R3;u&AY=jpdK9=T*R^izMQ|^2i=T
z4HI!x{-ZSGGUc)sP|u_*^KgZ<5q5EM_Mt60{)#AFSISC8@kD%Ja&CHqOC2GY6XfxY
z=fYd6V<DIeZ)Y^4M9QoOkxQkkQ#A1LL$)znFYRg)j?NP=v$|z}FQC{2klZA=Cy|sj
z%n}7u)})|;0hj8tHPuw6DyYeVSVaQ1i%~HFS$~}~(;MKN#40#v#mg_-oq&-HxEON-
zJR}89bR<6y!N@(eo=))I`_HQPy7P4yK(qSyoaXOV_Bdj7qVF)<&9%$UD?%Ec6sCq}
z!Kdb(JahP;<69~2!f<MV<K>fz$P`E<oflr7BEZDMjfmn{3YWMEoQt(Tk_t+?r2<V1
zj}eS3#5hou4*$&eW-3O>n)EVE$G+t#X6oZiBI+)+<j{b_Bp_^$kAURIpot71o~#Ff
zBG@Y#<V-3ti_SoAGBaa=&+q6hg{vMb{rWPkz(3;mMe{iIlNVJ%JhnK7d_IronpJit
z{45{Wtkv={YJ{`Y*5vz}?F(YsosV{>V0zVk^>obEVa2E|)A4_g@8>wKV@%6W)zfB6
zq=67dL~jxyFHko*GgAkXz~Aq>W)NeXXc3liSozi^BUNCA)Q>lB>}otuwi^?@rGRh~
zu6Ejbnwv5qs&?mpls)3|8Y21Tvy;V_lq>=N?VLq%7gJ4uLB3Mh<F)Gq@5dVA%iXp+
z7d&&Obg%Hf!+L7b0IO`TrF2mf`Il69_6Xp6UvT|IhKbieG{N-1o@-xsy=aTf;IQ<)
zCNsZ`WKkvlssaRf<`yRSge$QD)?Gc$_x|Q>F$C83+0s@<%fXdoMoTd*ZyLOa%m8A!
zn<kW&tGpM5Pq&QYI_@f_D<q9AXmYtv&jUl450f?)m#>o}#Qaz1o~`eQ{rFQk;LWV-
zQwzRcT@%rq<>1TJWo;|4jlkgZ)Z>-@VY6@y-LBvnVGQ|Ca+P-v*Mj2JSM=adpI!M~
z{dt@6@vFeA@`qWJ9Qp2}%!svEqv37mQsHdp*m*lmdi@Oqr1kt#MQ9v)1EJ+?`DJ)F
z$S^mldd!Oc&Fe<lC+4UsY39P0X<HGFgKo6VQ|sB&H2q_-)UPJrh<QA{0<}gSJ8^^(
z>O<yD?fvqo$~oyDwm&AQzIUP%=u(NE3cj`5ZY^~-5HJmL=!nIo$I}i_)DuoWuCN!C
zGDg<}yf!!%GR;u1TAyz{;Q|h@ZM0T*e4m_OJy0UJL*zD%_$<qy4D8A`mUIZlHGM%*
zH4{O_w*yQHTu*Q`a8VUZ2ll<#Y)#%cY}Yeuh>(EbEWv)K^D}4jk(;6lWi$#Ga>J*u
zvLv_L^oSGao;~hH6aqAZh;mWh!a00bFVh+X;}n6&6I`S={r*4+8X*UsXE-y;U|kv^
zfImh;&Fg;>HxOWtwRvRGGlQs9M&Z|~G(fNfWd_-(`1EgJP*eJNfPvvDzI_2B#9c(z
zqdK%5>p~ty3cpzB@%#Cll4@()V!*ktEO-m4$LE5)G5^@)pMJ<5tv=et|7{e#V`c@E
zNO0$EK{SAfQRqd1-gvg7{}IMSz6&dI2VO%!pD6(Ow^_o#a0D>+U_~N#>scO%z&(J{
z3<-C+CPSlxi^P4UMmzxheapY;6Ugh;i>w;c`}#u5#cg3CpUZ{43|?S(HV6kx0uk*S
zg#0qP<_zY-cdp~5Q<)wbeBJw+M<W|<vs!w6rJWCaqBF$WsquE{ZF}kMC`Z8{ngAX7
zTSBu315&J_9JLJjp+T&dA;1#8;BMaxG_ZH2liYnJ5vc)0Y^=>bp??yZUL`^oRU=0S
zOx;0|CLZcEZ<08N$wufw5tT}Me#UB8<q!X3AR7zjx}!@+nvwH#$r@@GOZ$~=BLVY)
z#-<!;i2n?eR~91DmPt=I78qv@5i}hL)+8GiqyS5)fhd<n7&mnijU*E;^nZpqLwLq*
z)O9doBrrmNcTW;dpvo!c7-eWZh<n#3aBN59HK#*{arSa&*384sMd!Fk&@{501fk!s
zDP!v3K)AibXU^0pkS%@o>9<pWV3IwHu(j6}j(x_aLIf@H_4IRi)a{mJP(cF;7YYn&
zrcnw^c$S~RWv8{B`SArC%sylVLpyCn?6CmUO*q6*icoI%Dhi8oef?g_ffThs#bf5V
z(4Dq?m|#M`LiOx%PZ=){sX(WpbJ1D#{=%M)3Q`ik0`cgj>gXHS!r7RA0hH;j0&`=~
zvymzRSI+YQ3+sxVs%~KY6S4nXN^4pMM&6(nG6c<r&WNif)Lt=9P8i31e9y{0O^=4x
zKb7cd?>&mB8apa@nckG;Anfs?%CXt%a@n>~=g{TQZOqsGV(cjYgj=FQQUKP2tI5dX
z72Q~fLOAcVuuQ6R{^MNMvw#@St9E;gA22cEIb$z>gd@r|@nRueBu<g)10Y=MpNyxb
zRI1WI^@J8KRp@<mWI>!+iSgVS!ZUr#E8?`)+$buXW(mDPxTbGmx{kRL6MG8P=}#8V
zkvz!YxWMDAAv;`fbG;q9M_PC1wW9rc<-O5HP(6d?HEksN-@EJBiRv0M^;35rL_`qV
zlT4bf#B7YyV9b;baiDq=A6*R$g=3rE{C(JL%tBM|K}7Y~LBUJhr6gy~;Bo3Q<G^vB
z-?=CpiyDr_+LS=gjE%Z!!AMFkcN5*KiWsx|$y}#1pxA7t(ZiWN=KAYJ)3d>M=%Wrn
zmiR`PXTO0#d<#?y#_};QHU<jl7`BZ+3k!6}X5^35Mi2Cpo~fTT&O<ack<i?!b^FXa
z@M!;U7P@kKQvicW0nCD)02|SS5C7@7I71RH`&oMOE9*#i@fA*>mrfaa&$B%|wMCk}
z&vx;6T<M7K6=?5$^Ys>cRe4Y<#wz1PBngF4xBu`M$8Qh6Ri1^t+7;v<46G$^2n-ZV
zX9x@ok!gg1O4>>|6qwVT>2^t_FPPjTt4)si?IXP^a}GteMiRz0Dfd51?V2K5>Q^IQ
zQh58KM~F*_Qu$Kn!_I6vxDtbf>)n*Q5p}&x!7Lr?aA4I-f6ug~>GmVsh7C*E@Qk2f
zmFtvJy`P|8zjbZyTdPXzvMKp|KSynJdKtU`IqLD$Z=Vn3k9us7sg8l#*P`V@IjNpZ
zkqORu@-vLav~(1-bHlnD9Oagy7J+r#ZU%&%HmXQ))+N;GGAYa{k)P{`o@$?c&v{Ic
zzai=J;E`)g18OmObaYiV_x{3rqn6<7OqlhhQ9jNe>kto{p1}Zbck$ULh&*4I^T8i|
znS9@CSEAc_Czkyx;(c*vlVqoVSL#JWj!V?!>XuDvjWnsw65)W}<TmjjEj$LF&+svv
zP+Hi0068-v<gZf!664Zpdl=E;86k)w2?PZZD^k29NAP6#?m!V+yLv(9q9tes<yB=9
zue`$CpH)z+2Oc((#rr)bG;umgn3A_U^U0VPmCE>?{YJjsJO~H~v<X?U?w@PQL-8QR
z7yV#ClM&kd<0vuBXJdwfz~fqAy2C!<Uy{H&pa6wk0LS&y-@pe51`kHp(-?+eHwFT{
z2N)Pe3CnX<prvo{APkf%F{7t6`o*>avj$Wz<+8ZnY`+3wcYbLUEvRi?ZlVmoCr@Xg
zk`C=5i+{Cba^E-)>aFWCfJs1}7+90Dhsl^E)2HHo!W`ZruG$Is2FFQ<=xw70)E(65
zZDtSZ6uyNObm4Oenff){EcU+7wN0Bf-}IQ+CB(vG0bMczluKaHID*MH+K3rZ<?pti
z?Sb!X{R<|{>Ft~R9cV^nD(R?X-NtREzLy_y!tJ>#k5dwG4zaYL9-a&tj8bNP6ZcYJ
z)60_9{NwgPs2S5C=AUp9(tcVucmuhvhLL<oF<AFAB}RaX-bx%w%@u~I-A5};Vc1X~
z646Ai>kGoySdps#h9pqSuuUl&_AgZQEx?mB@-&tt-HjPg=mGXCQ2H2$3fY0fuM3@X
zKUJ;CSga`=-{i{BfAZ|N&4(gw$~%yt5%VW5ASD!yk*WQOTE~`PupCnPQXBT-7)wtK
zhG1)8ER95s!-fV*3<2A-Xc(4Kxkv?7K$wBn)yvQeEL-vK`9P3(2F9Mo27pjC7_<z!
z5f7mVg_;7vQw-tdxL}cW>|l>lbDz2&J6-b=|DkM)z4CMYXIDvimCBXjh9&*V7Iv21
z50lm{BIwKgfis8d4YYGZ4d%^|rb8ayKu_qN8{g)3H#ci$+<<3eofiw*+Fo+JKH<4N
z@2c$}L7Q4DPWD4+B&22hd7q)4v<$|Hl}PA4lino*fe-qAIBqn%-d|IR0X>v2gvVU{
znb{Tou4fw(A<bC2Y0VOk1($)g0vp51dwaj!=Ojildf7gX3;z7NFy5fng2{rT1!dkF
zA&`P~rsTl;nFL*LnNshv<rh-<t~e>m5tW?P`D)Ee@tmPLa8r9l7rls=VQJal4$ORK
zTY6%^DBRP3c&Vl{S5uLAJIi6<mBGXs^J^Cjuwp3Zl^r>SdHQw{xV0v>Ou*1N1Lrn1
zGv`Mi#~oCJ(4m}>oy=eB$HndZ<3X1nh+}f1&2G+v3xdtvt?J87j{Eh_IaAYILDIXI
z=g;an@2cMN_1##mue(xjlyCCOgez{(J`K$wRg?0G`HHOQWyRWOi5_+(IL|_1CT^_S
zi_H`4vN$D^w$HZ52Wg&37%lCnIBz#SS>q=3ejlo6A5CblGnenT9<XscAD|UI(>D1N
zcY6T`w!P0tExrS1yWQdq*(6<mRm5tVeP(BJh`Ub4f?3}whPSas9??OQ)wstC(k|0<
z(kv+kxra)=L+^(2Sq!IjoR}p>&z(ESSdgK%&gv|qn&WgFT^7h`f7KasT7GmGVds&x
zTU510P9x~vH%@m33k~W)n~;3V<0;uksEpkl&Y|#m*4T5}iqSe*))~II#goNpP?~pq
z;tu6<ppk{_KQu$_|GeLMgxJ-<#Sg>!-5gPaY$fn*VqRW^!so*+pW`6>i5xF{X}1_K
z9>{x@&IjHW-|Kv&^_}h4M!rO+_VyI3!!F22Sx#f~xT2e0%hJ1nGPTn=b-HTX#rju4
z%Uv8_Gnv@OTYuD;Qij@g9dgu|KM6oJMyBgZs&q9*S%Jqmg;5u+fnQE@q{n4AnFf_2
zJE{OJQ>TvY7USOue_fFJL4;4CMvkxaHnae{yFu@6gHpcCyyqQxo)QMS9tZ04Ho#7y
zj#ma>?rx!CFw?P;h<HVN)wRI=80m8ARocPZlDoisr*FEf#e<vsv-8IrES8b4>C2a&
zly3Z~hV*Bpho86j(#GUPe}#PH176#UNcU00NcUbd*A{G!f)FRfSodxNuE`XU`#S02
zG?4ajjAy8shLL|)2SCV)yS+1lYxpbV3<RY*E53>>_2VBE*|_ZeSdNXq$^975x0Y0R
z2>%@ISS*TR|4q85BO5^gYIaGPNL7Hx8Gp2LaTM%moB7mlY(82{WxZO<jKQsaeZ5Q9
z$vCbv{KO|k!|8h!5Eb97w=%jT2kX9Xnbe^m?&gn`OB28AEqbykw3sV4T`nit+rk$R
zsb!QF6do9a47KnPpy5PpYMARM*6xD=f*}e+(DdOO)8B?iHMJ2Wh>8J;?O(sb@BwQo
zMtuW<Q7T_!%$|MH&l~K7gn4Qs)A(PMATYB@L!q`uqxAMAmk3v0fH|pN8vewYgj^x`
zVooGY#EpyULkTIdZ_%M3{dY&gauu|f%lSu*6fiIz&QmfD7TCv(yUtAdkgJ$toCY9T
zn8&z)E7}D?m}pX<;fw>1dlTmU{{80^D!I}f6coA=qw(Wa_fdBDO&W|^_cTq<?bZTK
zzN(v_R+X(pREz!)XR%<z9&x1!B-QZHKM?LV(RzVZEud&NznUK@{M0jJD#iYjK1p$u
za&=40K?{~yL&d;B$<v6}2a;8B8|uWN#cfb;@TciRQ>YaD4N!dx5lXq5nM%{I#ClOS
zfsUY4fz7CL+yUV-3B(;KDmCFH?t=XK&XRi(r#a3n#qn8CDkwIEo>F~1_>B<=+n+Eb
z_foO|dcs;3%Gu$Qs!>;;z96tjls&s)*#`71_hxq5YUaj?$v?>guj;c?sF|=Uy&d?H
z<I?2KOapV>rS-Z~wF96eE<0ViDlBTJ-?Di5@%!`6B-K;s{FJK2YL~b>VQcwqOn@Y&
zafdj7)6-*UV<}K`|5%w{BnFy{t*E^aLp)9+E+_&#Y#SIC{4=uBt#odt1QM~0NoL&t
zQ{Y(c$eo>$NF#s(4{eup?@?xth~c{_z!Ic&IFcwRE1EXY$<v#KnxL&ya6t6jf3ORt
zbu#<BBWtplf8A^&twe%B51YP$yBN69HPGX7O-ZMoxI_H~4YxM1l};*vB{G~cDq@9Q
zjBdhD<Zm2<)QpE<X>W``11R8V_4u*c7c=RJ>CB=x&laj6GJQcU^B|lzYv8I3`eAtV
z4GV!`(g}p9E(_!Mv)yr<v(SReTJ`!DM04ZzeK~v9_x=<Mr~BilD4ojhZ4Ci69{?}!
zPU}R#h6(UABEM6)9v~fMmhR?i=x(pwY|1u{YxPZXWLQ-?(=ZHo8tQN%VQ9qoMd=_p
z+cWCFz6TWZz*aYb+ClfD4+|U;LIndu(j(VZJ{u+>{px2EH8HGjFY+9tyV}(>7Z~HP
zzB1o+*#|)hl&-nEu}WsYSpvFK`-M;JcQDFCnP>W?Z@|q4>gA#nBgTu<l{gScg10hH
z)N!DXMF`6Wu1pGBR|&;#z$yPz3x!qvTyiy&TtEU{LXN9m;7;}KxFcevAcL%+Pg~hu
zGLl=oTH9jR`0C9cet)B`YEZm>!pa$rQ8sX3c0R<guA*gAv>P*}))rs=zMTe~!w=I@
z4U7DV=<Cyl4J0m`tr>aIJ;i!R(BaLj5fd-kA9I1_;B8<`)AP$M-t)Tv;U7so2E}V1
z5=sUf*;+U)4aGPbt^%O4+PPEx6O#JDlu`oqj1oXdGyoyhFeGJ4!h5!Bu|Rq}+^)x2
z1K}i=d&(!4JRgNr=-A;AWn<{_b!vLPR%8@MFehz1xKhd?#yrm`+`rn-?}_HTV%>sz
zbLlgrNn`$r1R;22F#(l1-(vR|4}+u-kul=$P)7Ljt~6QWOv&Jk_ewdF{%Os60{*BF
ze<PP8NY9@{a7Ak5aEfn3zQwr8$-V>*%mco~5I@|y#1X9!E+|}$M~&YNOLeD^epHj<
zx9QSMzH&z~u5>EW2bW5y8*pSvzx~d0$p>r!D?%?|Md<ZPAWFG!X9=ANG_K01A&j$d
z!oTtrX&&k!gc4F~8o-pbyCV22mjKMO*!LgQ3Gb9Xj&Mrw%~p&&NssJT`Hh&39=30b
z)^EzEZgg)iop&vLNe{a3lUeTk%=@3U#guP>Db-GyUSAL}<kOUC=ig`PBc?NxM|n2D
zf`mJ+c}XwYSp>Xwyvvda9lf|sV!OgTW*zGM`i!>l|0Eowwp%*ksP~HgO)2g{1YkNN
zFFes3xO4_)W1rAl+)~FukSnz6nF#yCJpLu80{Nd-q^hM?0Ldw#Acs2N=|hK*fB}_7
z4E94L{!8gfWek*6OlH3z5TQ}=mf(RwU&}WYG340e7~dX9zC2PDC#6r7lFLbhw@1*<
zpgtHeyG6dJykT^?+KL&Vo)r9T8nCAbvuc%xKqZFcQ-vIU(Jdcwc%;dv@_xIIO<;;&
zf21RWa@60TsD*MMhgmQbOvIqM<egB}->bZ$ltH!LyDj4I`<EmF^Eg5|9wtFMCh}wB
zLqV##rjF#1&`a(k1%~9jFQ$YP2my_EFOX3@m4l8KP=_~Ep%?K}<{4fqSJs9OU^&hv
zS|anN35NVJ&o7yRDO+$YiF#9yc^9u75?GnrpV-$^jTPeSRr*L`TIq1NGf1#ar~cL!
zSV9jF0_fVA0-^zh43_@fdXXFDCtSDbNBYJu<n*oF_#-l}LTU=fADA-j9~D#Fo?kFb
zbtN6{c21htmXFc%4u7obclyAS*@B_0|4Ns?(soe%FI~QjLOoW@R8K+aYYF!6-SE{R
zzp)#L7pi(MNE+3qzuE9y!v);)PZENjfOPrrPrBUkF*<{`qZs8Fkeve33%BC_k6k^S
z4o14?DnuK**#zGFrbkpQLG|&?Jeh}PR$~g~Uvg)G#6JtLtsLSuxe0CI7H<LyPW_KY
z*nhN%b;1r?Cw%5Y(LZ>>))EtUiJ9Y@DbGD~aw{|4mU>rMJ15`*{C`T%aXxkNgL>uy
zp!AtaksO~h<q9`ta37-aOVl=&XZD)bMt#pkn%q4w3>wxdoirqyZ{7wFkFS)?s_;?z
zIKraSqiI7a5)S?p4g@0;4iqzmQ&31-f)xRh$O88xU_5)`iwLKIQ?rKKKi(r8kZ}B`
z#r{p7@&Q_$571&k>B}WcL7pUGcDoI3`wfgVS$_M2QTP$J;_No*(eIzrbaI^K*Y^9b
zPOIrvq7in9bHMm#qujDy1#7&v1<^u5-Dqcf=qx^3uAf?{hm9_H7hZdVf!dDXIkB_B
zrAjydDS;UPF}ho3X{yAi*2o5dJ)*2vY)<uQ<+Jredwmo<uvp}TlfBus=ciG}ZVux5
zfoNI}hj23v6@dEmuVhFl9Ws@olQsn?86pSU>RE0$u^;h`Z3yX1HcnAMe0qFtRKwI8
za(DR<(ksCyr%v`#IabE+w}a>IJF4d=S32%FHEG;4JYNQsL3O4CDw9VQ(><O0^D5yz
zn9Y4_z|a5HqWydIMG&-#6G{t)>h9jx4z5(-Ozgdo1};k5+&*AO_^vJ}iYEmZYtVvW
zVg5g%AtrLcyPIC%4Ae7u@0#H_u7Q9|?4c|it(<lWnZ({M5u$IJ9t26I=)bZnP$U;i
z&&>#n&<Fv%XdozDWDyh8;qg+}0pywL@G03!YA=5Av%*46(5q3)f91RryB0t>51d@^
z-r_(2?f{610W`*rKSpDRERNtBX%T3ztMAbJ@8sTspoT{_#+AO=jZb~WQ>>NnV1V3j
z`phV@pGv*8DG{Rs;<x`@&O9V{Dk4(b&DYTVft?iiv+EFK+$Uhgh8R7V_06D`ODQ=J
zL_J<-MX=9Bj_W^*`Wbj%a&FJ~)@L0eF@I)HmgRvm5`xzdq7!ZB+ooac_K)3j*n&tC
zPP?<^2KKXkUqnY={$Ytj9JDMFe*6Q*EQBQ1|H7BJUs!Q7l{#7vX4)EIRgJ3xUtPOY
zBX3Z(Rn>q{C5jVO;0p1*vUILZ2^OgE167vZoeflG?pFbKe^rh&N!V}FhaC+v!3lAA
z<L}V6{wRncjr;ZH2cO_Dp=mC*125IzQmE*F8o-IID}a8uv-Luc@P7MmAU$CVK?%nw
zNPvNC1YY>|3=2O22BL|I*wXwMH`<AJRM=gmX7k~W_{iHgHtU0dnjo38lO}XV7K(8n
zs-+SOE&UjA{w50q2U8kf$)IdMa-zWEPx5Uj#urGt9WBiCVGDd$C!S1u4z__Vu)>cB
zR+Gi^3@MmX1V+{%yv<D%sZ<I;XfUc(b{X}zmJq0krC(}kX&MWc*uYT#kEwSIue1ra
zhT}}^Ol*5Hv2EM7ZQI7gwryv^iEZ0<^6mM~dCxq*ckiqFu3EjSy1J^m2ZoGf;0ieA
ze80wnGM6Bx0dZ?_mlKLIXl+WmB6RF!zPU!EHrVcgKR@yA6<gQV4dR0jsW8th=~jBM
zfq8e^be;e08qmD2tPD|ym|aQ9WPzGV+Ey_w=(t0!K~6IfvM<sR@Bo^9AS3!PHy4;-
zF(W!HO1rIf;tw!V+HC6~Aab)v|Bl^tH1P4=1=wbIn3R1?Q(%Nyb&7r($tdMejj2N*
z(eOz0wSEK5bn5{igmz#V#;am*ww*^&kW4#f#$HMlQq1kJKpj7n?`5FtUwJ^j4<EHW
z&>Vl{cZs;^E$bPQ+s)Euy)83vjww8EtbRgp^yx-LGDWEfkL{Ag?__}yN;WwCzD>jb
zGrLTU>>2{bA)(i}eE9!n<U{E2mqC6m2Iu%YV-{e>X-W@L%wxcexhUUXz?s5o{jb}x
zXTC(qKGEWmz_<Mp;QL@YRY=YlY~z5T9Fm&YE^i14d6JvV(x(5eVwb`mu!<121z}E#
zTe}0}s3|XsUCukqBO?71nkQ8qo<0Az0KKynz(DsI15Gt6$p&kTU3u0)@ypFdMDq1d
zu`rbC&B%I18&D{_2vu<iww>*VHSl^`zK2y6+jGb&(ts2}@T~(`)@voFyJn5xZ(K*r
z_e0uOM)e57AB4#FViO*vJ@{z^mCoNgH)My?YYFCE0!@S>`~5e;jDfvIAN$HI1}xq^
zRKs}r>c3eYjJYEo4ESH+FS$GZ05g`;ApL-?EE`lZC^D9Ks<LLB%v~RAm<am`*1<?`
zQpcM(9=u|4P)`tPxQsgTYj{Ih3pMXr!4NoTu>sRm&Zp>ibM119$r_^RF5P6@eZM)I
zVCx4`CZSezKW4<M_%7@Y&@iUK_R_3>cXDi~L&<3h)dJvs_!ONDgQ)2XaX+=9om@I)
zuhs8Z)Tc5;wS+HTPGzEW06)uF$M>Z)^ip=g(6!J39G}IF4-taYde+re_*Yq@^mx*x
z=9*Cue<W$PwMbANmdlYjDoOZo>xg37C>XG$sytDh$RVpivaxVTmVWNNM5MLN|85bX
zUxkqjB<%KB{fIWcVEW%w3lKx{eG<M2vORljS1fQWJq2X_iqSK&&~Uk^@?k26Fwmh&
zMpK3PzHs>+#w`g$e5x1gTCprXg>s{%c@#KD4Fr#r0kA{qGlB#P8BbTJ?j6xd98MC#
zr;Uk_fscGTHNZvsL;&i)rU?B%^<SH_Zi|C#H~Rfme=kaPuCJbRl71Z`dlF<{Gdaa1
zA?Dp4H1j5#t=s3Dxi4rkLi`9hmpSC=x&vXZLx6^d8I9Ycw^z{mt_mqkIk0+>1)aDb
zg;M;y)GNqpkOV)61id#Ev;%^2uJnRgoIG_B$hog7U!RWcG!00R_AIOE3S62*N2Ap7
zUjjr;a(8dWBn;lx8A`J=)yb@7m^`2g7NwI6x>ipJ(K4cr55?hZ7aC1PUt9lQ_ySSd
zr23sGocF!ZPnJ9gZYb#Ng<}d2xy@RK6M!!Q8x%5i7I}X>j;fCpZo=ZtZ`1GAf`IJP
zv9dqA|5>ojO%K4NFYU7(pAgw^AG<}eAjj8i8<a(BY_L5nmY}}V3Mc}ziE{=1mWk>R
zM(f8%n48w+v~};mo%A+<RUegpQI<j|@gs%54N^Ys0pmXN3p%s9xT9+|dnN$!PSs;?
z|JJc0adq6>VzhkCd$q#AY2qVWQgV|6U-bgK`Sqxnl6V)P)$?U5tJ+#FUxim_(^C(#
zW>ADX_HsZTp_fZBIi?EX)LW&DoynT8EpyG)nLc7l#a4Vly1B=7L!3Shd7A08)7C(>
zl(ss?a=`G5kJkmqd*dW&<x}|W_)JG6%~~sCx}`2{y2aMhN8L5~tzsSS7b2H|f0#lF
zsqk1Uz0hS_cv!-6RCjgoe8lSiV<y4-iv$hra*2Jnd)ys!rq=`-MeJAPK=XUtKKtJ@
zsTi<nODb051Br?j4mnX;P&C6RTWp%yydVb0-K;>_ei~_iPCXcikt*+)E;Lv@M5fbR
z_M?Ds`0+b8B}S}t@GOWsVMLV$2f!tK+meBl#A06z+aSWc5_(EPP!6NoSoVKWAFq2R
z9mBwAaQop(K0c1u#JrlHO4=+yqrzhUO80`{I{~qy(FJL-7L3nn$bUtz=kTxkGHv2f
zdeuq7&_BQX;N#U@YhTWiL35#1(tlzsx7%C&R)Ee}BN^xZn`WCaR=ck7S`obxdUBR6
zMh)4G|FT^kCj%R-F?)i+g77ZCIrw)o(^?3_D(PLj(#_-z14sXy8Ag%Uj&tZqA5&D!
z_G5E}9*!&&y{mQl0xH}e5>zkU?{Z^&2K^$%(jD(*sc>+FFfNC-xhId&B6M{d-_vwv
zB(AmjYsK!V)&h*n8!+}0Fm{n0KQ$zdn1!es*(KAB+uJpGGf(ly^s;G@&2OB@w-$E4
zg;#0zRm|n3ncay&(8ubCY#s=0apdd}Pt<Py1U>)qR`uB$tqA9M!tEwa8tUM<$SXEf
zcGW6Fu{zp2q91?#J<Vb&XA!frx&wQ)wOJ0T`U@+h>-%)Y#>u_Kl0c0MeSs=#b@a03
z4o?T_llnEopZ>5LA~7|@KgcQJ%Z7FMM*KL&>(WtOSQ=9%=S_Aw^8aHh1<x-Wa<t3E
zPTbD_!s9W9Ix9ktet|Y?aI-F0(|*0ExOS(lmWZ5!d@viIpg1xRjMd09u6<Tj4QZ(`
zLc)<@l9?0@H6vHp*}p8$gSb09`W0wPsmKOOv23B61A8W{g7wFJYPkqE2;&j-ieH(%
zQU*}DT-Uqi2mG{kk<uxZe(f6}cyN0@?QQ-u-&VWv2Y1%eg@)V4rE#atQvaC?ZKqA@
zw)6KDDk;-8J$bcn=p+V1v&!iWT+{&+H~C?vYP)7T&IQeF|Ic7_wgdi9J<NgLDdL6&
zr;|ia?S>R+evReojO~Vmx4A%ViIxMMVKYB;*lj}sTxFna7_J8~A0Ywp1aT|0&>{fQ
zwX6)Mci+0r*fMK5$pI+<6zjp4<$_*|()u!)Q+}s`b!@U8PkH4*&C4W)w8Y82Bari&
zf?2v{1OelH?#Z4j5jB2wTjT8Ewbo(mb4<VSGrl4q8~P4Qs50_?(Upo9{O61;g<W^`
z*8Iv7u*x}oCVigERKsnC+lmz;SCdg2T~v8LuN~+HWyLo>Ij5joApV(?LiZ(sbXR)f
zi4OGHPD{dx4lr{aAucFrq<RCiXBvw2Bzsx1K$~+iVYOBwEkZ6-z-Uox$4G1aI@*b5
z!Uz}fJ33_xSFVVdYbGq=Vdgebxg-p!g5%Z-YSgB1D@tCtlra)H!7@6`Z)S0K+*8=n
z7xt}@P+jaY?IyW*AM(XfF@E{IuiM~UE;GN_braG;zJn=ImiJ_4Pf8}oiC*bfv&yDV
zP2qumJ<cOtl~#=gYP@Zk6;eqAyQVFNFT5TDt}Rub2v9qpI|CER_&zm{0{t>7Y>Rm6
zX2Kq;eA~&sRy_I2_sTX|l&z&Ql-bsqQg~$+kz41Qz^a8Mw{?n1?PxVXmhwsMplJQS
zi|A`S6T&1a_XVg`d(JV*rd_pHtN!V9Go}k%_h2E;5tj5@{a?>sS5<Ob;dkgT@zyul
zg80~5V__ZxhG?&#z<BJ~d8T=gR-K#0iV10`-;lpQ<*i8Ltdt<0@)4<hR&laAct3jR
zErS~Ie$HFR?(czjt_%!i|DoO*WkPwDm|U9>ze(k}%q4Bl?2mM{<sFN%0QWt&R%Cfm
z^2Ug@R*7kqy?$2SJlV)Nl({<P^e2LjHE6gZTC2Ki_B^f*1A0&~kgw@i7UA?F)+2EB
zPwLB}Gq$5ufOul0477}AY(=LGloZ3%vPGMk9W<>NQN1-q5EDR>jHG~Zq`&P<uH(}@
zTY+^%rv$b5AJ6Zbqc-3l$)<P+j>KHiA?#zRXosa(lO%tT;6?gz+z~<_x-}7WY~#v;
z8#K<DxznBN>w|paETTI%flY-?nDBMId2&VxFqlk`?b0|mUdrqUvMN#wI_`>A$JaS{
zuO>hCu~`yUKh|yw{>)K{zSn(cuhbl$v-f2r?ZH0|S4XZqL55r+vbUp8WNSqa2Ydos
zYtSI!NIuh^99n{7nqDx-7!zqgn=p>B{CS5@45=D=IH*O2rWH)2wRtmKd<nI^9n|6*
z0>RW@J%s}Fga^<Q*Iu;_J?%o47bWZ2x=^wYYkwBoBkLY%yB|?Ta_zaonhX$3ZF|KJ
zC`1ED<BPu5GF6||5M%y9oKKh(`-zCkv|*i%q*Fga;37onl2Hy(i{+5O#6u6vRTFnR
z%k-|2W)i}x_9|*Qn$->~x)r;Cd+&a^;O=7T_5NcCdZmZz{ig>L(1RA$bYObZ+#2^)
zO3%D(3um3xW(r>zUEp_PyQAC4XUV%?Z$A~De78Fyj;I*+Q|0K(9)|RDSk!CE7A7rd
z+weE9m%4wRmH&FCqs`^kE}rc<25O{FEMuyU&b5v&y9c;<oG=A!BLaQ1B!AT6g37=y
zmQ6ukLE7SvOn(enG>$0A{hx#MZB;uhLNc6wDDV*=Cw|XN5-?zE0|vNNVhOugvF~N(
zy*@ro)qPgW!;actX|~w7+&Ct^IUZmFVEL36NM=z?mHjg|ju+0sS}GTRJ|0gN-AgiJ
zuUKb0b(no?AV1$dUKU=QPuwQ*rWBu~<$OhU%U)q2#1e(+%+6zgNFqmmcS-Hfwz7aE
z2=C9faQ9e^D6&HM<l>L4|4@4&lysyw5#A0b8F$MT8e-Y2GW|)QE<{)QKO6*1;I17X
z>B<~Gjv;FZ9DZ*MN@BqPB}QCh157*yNZ0Y%aIKv%CK&e{_(NfLxy80poRpiV5=!s)
zU113#7+w6drd<%33GKMh#&h{~4p-{bx>h0lX)Ora1^i$iLALg!gx6rG5&xOxAX9(F
zL&=ECY@{&BhoNFkrX-mnj+K;9-1^yhiecV}^U`80n`7PX^Y&q5_Qytd`<qP))Dmcu
z_y<Y(@NJ_%sKEyt(tE)r@-VM$`=3JJ8J<t~)KMv{C9-!*E3)^qHP|;-{gDP5XZ8Ka
zB=8fd>ipo;S}rJut*Lw(nYeP3Y+;jtf4<lI*_c#k#i-Pf8&<S$Pz^%Ol~npVrw0io
zLNSgSGuiz1Px9A+Gga5fqjl5YdWn?q6h7E(85D6vKb)Il%k>>o>1Pl1OySluS{(2=
z38A~#t|r7tRXk?YVih@17HpcGngv>7oKt!_RU8a~Dr3+Q1~OrkFgKl)Lrmq3-BQaK
zxgx0s8cG?t1d`*8P9%cddpp&0#}Zp<4$6k#*AaGe?TR2t&TeVSVdwuZ9Fi}in!KYe
zo%~~H&TO90OI<Fs{8}b|5<?s!f+LAQ2sdo8g1m_?0NPC31Bc09g;O~9C?G<J`;0gD
zoG65Uuqm0R74hvB%C1n;U*Qen9q8UXp=YO23B2g2K|UG2JNZn&L}=p<BrV0jg5h@U
zw`10c2iR1;=r!FOu^T#ffawgeTM(ZA5z>(Xgs?o@F%op&tN|KBkKNon3^G9xVX5H^
zaqd5J@7(SIc4gra^dnoO0A84RSpH}>{VXXE%h@JVS3;+A2V0F1&n9#0lL%1)>)=}E
zob_Pt=SJ75fVzuCPF6i`(5EXDp4_*^l~m=X>N$AaM~m-T7iZK+>Z&f_iO%UORL_0~
z2RF5oGJeR;x}c_z88Y;jpSP*0r^^BXp{p3GXzBa-^Ef*zEfX}hS>NR#ftnZeU7^Mr
z_|idJA1^ONTc^*S=#i2NnXnyxQ1}Jqk=C6K?L4wzvFt3iBR=a)y3{bYZ=6?Ow6|4b
zu_?zUIp>%TUsz5&Qb=#gqmo_@rgurFinyVh2f3y(^*4wSb44=s7Zf5f+ou8#OIKsU
z<P_=G8wlfg@~4;Z*$dju6Gij=v->eFMM#?qg-C{6(L?ePRxx|WMMW2skTt0=ny(_x
zh;I8GkQ2NUmJw-Dm(dDgJX|>YUsN{qykdNu0?rbWHcI$}{qY-Ex1A8Ms*Ilp1IjBY
zK7Zcec>7uM8V;rf+)7>y=aB5APy%$aAuDF`%b;9JEd$u;w=KO+D#1ckm=>bFRF64&
zB#4WFFYX9Byn*;ECGjh<x^?atmf&=+2v|;~9TLnumMOyC&pcH9NUA=Oc=ld#g+E)V
zSq}#0tQF-iv@k#<?n{Ys)0HV2EDsv)OlImECFq}$F$z_z=eJzksfH>`$;W9rPZ(jQ
zh#Icx64l+%(}GRo)!l;r<P)O)%-yTgOCgiHoHK18c;q4^(%T~pvx-;$4}Ri17-6m~
z7$X7rA!ZZ~7)E-T#RDU@0R=X!9~UH+u-@LgD!H{=<=7fCobdDS9Jj4VNDY=^mtBL!
zTZZN#{a!k$4fQb6CUhB^^@$CugdKpOvCn{O7LI*9dv#hS*u-z|bbD*(cM1$wx5sq`
zL0G}z&U7W_gK-nRC&r}xxUFu4uxVTmIYs1oO;ZmU8^_I*sS9z>_44J`H|yu95=1n*
zCj`Waz)uu;4%{?B`@e@7vH4_fH`PS$s2e7%@Nc^4B<+prAP2cUjVcw^YPws$t`2Z7
z<StsXG^+R&p$dD>Kj2cj;*io({%CmiC>DK_hS5)R8m&|?`8i3hrbD-IS}z^_Ni#Q|
zXjY2bMEqQ@57q72YQG=hvoy<&g{rL8Zb5&i5bWXc+XD(#ftxiw=TB|%g7nWKi7Qc#
zavc3dcb3=#h<W76VS0Fa=#d`g^ix4pZwF%A?<O1T8}Q|=AQjW>)h&$CpRE;<oz1dJ
zkxK2V0prJw&5n5x8MIqesCQ_bC%G?`%+xBHAX9EU?WM3*sGQe=7A-~$%O(9Vp&uuV
zh*LzMH*|^qZs?d{rt$u6L9m5{T0aS%>j(h%nML96zT&?Q?ax7b5d6I(VZr{1s&*^c
zA0R6KzoL2+eG};YQXu`t4xBD7=vMkNLi=V|V>W%@Qu7FYud<t`It0Zzg85NtvD+#T
z)$!WSnw1*<TCM!!dbcvza<S?9&OeqXqvUjvJasjK%P}Zp7IM}Z2G84nNRrOpvBOfr
z;`@g$K1rN!;xgO)=Ew9MjNY^eSBkF0+|_dd9vj*U4I|1GV_LXrd>R0!;i4l_SSpO5
z#RM=0JN176Z~dzHVC?I_3h{&e9r%xti8NJBcD1EV7y*oIgna?S&tmXys@d=-M^q~Z
zf~8*&&dTG&eVzkJ`7YZwz4?sWAIgJITI*;cQSr>r_Edzg986L%k?)BA!T8|^vr$|7
z62TUCR)t(eA9mfTYOBIq6>>;-)wp7lzom6h`DlKzSIWdgO{rzJOHBqh`xjzp{pjg~
zsP4#@d^)UhHNyGAxMrHBOI`a{oKm*8p?5hwPdDg7J>75c0!#S_uu(01`URz&N$s*q
zEwawnZjJ>k8v@^?>mHtd^vjT%7OJZ1@j&HVaiv6hSqsLD6e}l|lec!|8sxsn3=M6y
z7MTQbr#tTv-vJQ@)EyO88tI9gGY7rnt9{T9&bs~DxhBewNcgx<Mr(<^)v$YXYl$rr
zB2x2qR!|udn0gvx@qL(-;s!9bc)oC<xXpZN{(p2h>)J#K$ZMqp(4oldOgCa7{ze}-
zzsKwAw_X%b-qBX;m$f*-@}@iW9#{&}r74LPRqoN{t!&<KeeM<PLoYS>k;h7(mU91T
zZIUHeDWhySJHrKAo+vly=DXVyti(@a$X<uEp+b9WF!acwLO_saB}8<>?{NeK>5%5Z
z1Xwb%_rd)X_zVdc@bf=_LiFysGLwBSFp&Y)1)g%#{ijzTy2LLSi&y4R#9f|Z&Yfo0
zt~7c0l<OHtU8IUXWFS@nD#Vj5NDt0=hu+!!SKsC;r?=h3zVud=Nr6&K4YLF2Wb<m?
znVVVa{8`A@ir18wiQojPcK_=fGv0^g<IQl7)ZR=h%Z{w!&mGyV$M<^mU2uKG1F2Rm
zvG*I&`{&!9+rc~kCk)TL6BFK+?C9sf|2Q-!7F_QY=3IXr8r}kL!e>WwR-`fiWJl>q
z9h@xMuLAP(*$XC?vnrK&Td?^K6i$k$b&L$|H!LpxwIT(4*q~C=>l#pjq<lziojkT5
zAi*^02w#j7p|&$#&*&4OvSvIH6r%%Dhder`!8F%%em4{cj4-#mOcS8=0~)ih=o66t
zP7U&<6))E{#V;6p=1kDhkHNXqMH6fkkS?f15K9?m5)vJ%@4T3mSQZRId6!4Jkn&__
z?C&QY@LTyu*YtCa&*<EMSskB)vWY3ziQos~gmn<>2w=R121ZQP<@W7+_Xzlre&-+k
z$DZapJ>YyU+~fQOP!a$@LT!z|!47(3C<eE&<PXUS_UIPWvCQaM<ZwD^WYSN5lzJ4h
zN~@4sQ3^`TnGPH932}$`;t~*<MAXz2pAmXR;`R4PA?#@0BX$cT?4WprjXb&U++a#>
zgf$RE7?~tivQeA#N1_mR&Wp0dct_%a{3A8C`31pe)j7exq!udjCSZ3wYlD;o$_bAY
z*ukX2m(#v}<>yv2Ig5IkOXP9O^5tx2!Z@*&BXjpe%jEmTnBHTX_wt6G-XlBxzCrUO
zNWT|#M`OZ|(Gdmd0F_MIFi(H0v`^U_Z<zP;pU8??JK(<-OkV&~2|8h>`)wL=Z#3G-
zpcB`$bX4%=_gwM!w;KHI{TEx~VwVVnk}Suk!wb!$i_n~{&8@DsnJ6O6w}T!3tHm$G
zqaLG@hvI3a;<;|WK+<sF;r4J=wn4s#Q}&x0P=!P^pid`oKU;aA=Tu4{uSk&I778FQ
z0pM*D^>b4nk|l%bRt_EGsFHj={lifHOupb)RA9<T5TJkJAy`lbdRA2g`YWD7fOz;K
zb`uo|n2R5Pp%s!s_^c`K=IXrSwnlI2`~y<Zp#2<Ms^@3ncvQIYNI(eG1e<W5m-^CS
zUJ;(>!jHOx-7a-SxSnVS9k&Fyo}hN!cSX`tg?PqQsrx`!Q%B{06-!l`2#*-{P%zBK
z*b-*{M`G6PgN|PogLi+OQ@9<NbPo0$XI*FJpI}ZRt^C`EkeZ0guTt{er*Fr3ee@15
zO%*~Lg3xMS)9(9j+m-}SK7o(dJ>IWSCm6z8kG%^G-S_l9Z%SSBzsFV$wtBqF+pZ;e
zK?j^pG>;YIDDxD~P{HmeiMJ}99^!g(NcPQ13r{y4)OaghvmR+<EP^zClHDmf)3h|f
zei1khccxqpB*x*DJ2=0?|6D5-EnLnhA5NKF8UM1>6bdX9y;|5}GPZU;6??FL=HnIc
zlC|Kl-e{R#{1`Voo4+33v)BDNS*VEK4&AtL$-<X#n{2r?zKakn?A|SpWVKYoldWmi
z$m?AMw^NO^l>hM{?t-Z7&at2G0Y0bzM$eOFyA(DIrmgcVe|Z=_zUwxmUOVQHa@YVe
z`L<31ozO2C=flt)Oc(o)c(^WS4?Zep4u%25GaOV?=f>3!7chK3p+@)%;}b?n97H(U
z2NplOexUtW<!bAemq~>BdM{(HZKKo6tvm<+e8y4=*;?O5*&hVh+(4o$4ba?s*7lm_
zbHv#kg*i4wY)dBJMkiMf%Y)#$z((go%SWg*)+XyqKrg|gnnFtE$m^+w-EVZ9Z7bT+
z@YQU`>j`jf$Brb5*kIG|jW_5`FwknvgxZ13n*x_BL~O0M>z4m_YFE{sZ1H8De8P||
z*on9<5+O!(Cfvxtvehj~cs~nmnoTH;s#WLn+4oYvD*J#{Zgfrzm}S2}we@#}mY+BF
z#WE6X84q*!x}ewQL_xd&)1mq5jt?o%nw4BWQG7OhrOFWC?^!52F7cs)#w^luwbdV&
zHO13ZHbHql1b2!GSy%iRiow~*^vS&%Z{N<6A-mFb@l#8UA1&Ky9+dgGSZEHqSdl1k
zkNR%qtLB^d;zZu!X>cU^2`zp|Gx*Sb@q&ZxKmmH0A~Z~6v@Xew{%Q`iPMd2(cx*;k
z{SWLwxPf%`+^tyl-ccoW$6_z_xx~y#0-_e3Xt-s45Ala*T;H+tPJK9iXAW>rt1rvJ
z=h_Gt^cEuZ2wxiiq*ko;s9I=OQc2)s&4~n{CSq!7y5!p^(3kW-q&}h)#+=s$&0@|5
zznfdNSS;Pd<3l%{FW{D(m76;(7>jUNEI$7bV909R>@mYX3K$nVi?&oWSzMM{o@>FZ
zEh!FS)N`*RfEP>=VHAz5@0INzflNrn^aO!1$Nk3{%X6evkgCL0u>j8S{HDutPKdep
za^jbQlrPd!<Z(3!-Ml0{jB#bgdLeMDcvo(XTYj*tshohA9%chfc<+JyDDD?1zu*dV
z;GvwpNb>_yOj#9afC{U-q{RFet`pNptlTWWiMm6|ZI9l#=*4;O%NfU#*X!J+QlFL*
zQUtP{HSN(S7*LaT*8Wy3AL&e%R_ox9#KIt|?+E5N_<7o-O7{4n(&=#EzSVq{TAUTf
z4R<Z#R^WKp)w~^t;o9Av;X`@V;k-?2-NnG;NIE`JLMb@9jW?g&8Fn)@C>0hAbZi5O
z^MM9SL;#bzy<R?{p83w=KkXsXbgaK_TdcpzXG5$}e^XMBx(#HTg7TN@2M4rpxqr63
zeR|qSQf{t{wz`;B@!q)YaZaZI`l3m6PdLtT0J)5E^Se5sJ}b_OQ&c`sVbj$^s~8l1
zjn91hRqZPJdjd`Fd`K%>6m1EZKFw`^Yf+9?)Otd>JOZBgSTO$1dYz-a?GM(fd6@$8
zX`>)F^luwrDTuA|LmSd|S#Z#?QLj%ujvU_F>zBas=lA*R8_BhgkgH`(`V2Twdp$;W
z`o(MOJGeP|YFHLpkN`hKM5cW$h(V6F?gz#p_9-=-AsggE95?50RvKVnrT=$h8#Gbv
zN6?z?r<YV>Un|}MO`w0L0NxkY!QY#3E|!N#bmW;Wm|warVS8Ueevic84<)Ng=7i>l
zVdqZ@W)_ikX;(BCeYguv=1d(<R(6I8cyiZ!d*Q}zOj)FY<vh0+gCye?fdyy2x1=UO
zA8+9ebhz_m)xS3%_Z!_DyxhRBVYUP)cwq4Zd77>&Y;)9#%kLk44HPIK0%_B60hn>O
zYTKqflI|nws5OiP2f*YAz-*C>|2Y8yEh&?MsVb61-7>*%Q}lm)^XpJbXV|qt^egaS
zKDIhpSInio(d8Kj;XF#lXNI<ZK_Lhis<ctY0z(N;>%|<tQ)hxQpYUPx1tBZMrm(a-
z|I<V^l9>^>!e4W4>iIg^JAB7EAZK4cP56t>=^Kqe=r&^>D6`jjLL2+8*;M41pm+U@
zaUEB$OO(ZuKYx+1CKBRm1j+aY+bDEOsMk;c#Sx8jpx;X#^?D=4J3(*CG`cnTKi4g<
zzM|?|b#WEOfjN$nLgN>boO@oY!Qcden0S*N&<Ysp3OldTacJ%ta<jJCJbB8nVjUeP
z{y8qnSu}5#40rWeyY^W*2WIWjI>}4p_(MAs4=rxARsss^Lwosr$WBaCQaXGbi{4wl
zhx&K)3Qm#bU(|kkT5ZbYLw4u&0mQ!m`PMB`>93ehR~k=KDr?9Wj)~!=%au;Z9c2>7
zm`YbZi^0yq@->@NUp5>U1ajQ!mq=2no?z&0qIPNPfmols&Um<Lg`~iQwBo|(o;tgX
zyoc3VH684d4K#X0YHi`zZsJ;cCzZk)|A_@gT}ns>RESH8xMPLRBxxCdi73*IIHh!B
zgB6zf8x*wj@fGl6j$#?-$s0%}C|kNFvw<+4z(Y7_*TlwSQQh5sE;Za16t^WEKonfb
zHN0B5ti%NZU4h%-_*)hHnx9fw)t?xiv)@?k!M(&RU2pD=8+dTkOQssLEOUh~5j}M-
zZj(8M%JK(n<s44^%D!9wZeN&E8Pz5*bY)4qwDMpq9z3OmADKbQFYvlYu#+2nhu%ZV
z+ph(hx#%BKe8;8^+50+4B{X;36du?nQ8l+=q~`tFyr|vy#N76vkv<Urs5EYMVG2xj
zZt5>K70Q}nhzXMCD-q4<y?=hoM+W_V^fSTn4r9j1CYG_D6^P-r^zd@-Om*s35A5f#
z_S2G#$y4=3p4(@@7T@BxU9?}@8G+jou=mY8Fd&uRxqQ#}XUelkn9|G@mB8l0Uep<^
z+lfePDHH<6Q7PxI>nvYCUq8Y}k7P3U)r`o22|2|LcRJirm!yP`xl`P@Ol{gFOy!Y^
z>|^?V3A_A9I~ZqUG65B%G63yB8U~g8U=V2~(2v6KeM&95IL>JIhqL9VfKB&mDj9x-
zH7Q}_|MXgtZ>rJ&JZv1|03-FS7b(%4ZDWeDuDv6W_-f$=lIft`diw0KgUovCa!?(j
zluXB|zWMg;a`8pZ=X-fp0M8Nr`jDYI?n2eMr8QF~byvpL$L}({@i~aeOumh!vDezp
z*j8Z}5t-D2dwP!Ek@0;B0P(r&(rpQe_BA%w&zvOB=EnxZV@~~OZ5+{gZ9cj~=|l|v
zZd^&R9t1vPL6)}yla^6rK2{J^gB-Mst7b(1AL<*gJ|}HWKQ{(YpPjfH7HI1C2;I_~
z_8-JCsfF*t2YOT6pz9K0&u`}5a-ITVH0ch$hoGZ>6fUeEGX(_FmNqPzaeP77=d7D@
z+j0WxOh$P!Ng&j}1C($Qkpwsg=Q^hm0r139SAkHwgVvuEmC$DiDM%UlUTFKXQd$wO
z26@U@orn>gq)mttZ&=DL?^{G1%w%2RBoXhw^E$9Zu=b0%8}rL3g=~Rb#I4hkLdFE5
zaC8Yl1ePoxDs$&zE>~bF1fda+YL-fcb9cx<n4_VB*n`tn5}bpRfcDE-L3v;|&!-Zw
zZ>L6}g%GZFFQ_*Q@x+wPVNrckwOlRhPd0>j9aiTOm8{U@lD*G)^!l=o-r{ZZ0b87E
z&tj?@nA&k?-VLjdYl5#lUahjW5uBaHm!?_2)rN{FWEu1QM9QV$29C0gQI8@7;f)ps
ziK^VThMkwIf$%LcS%<obGui;{xg?0!yYe70;4Yq_Q!WfQ4C(qZQzFHCs-s)?W~{Tv
zxo_2qTj<#lA#)F`ACZsp+?`Usf^c6uj#>KbP(Q0#U5)zxx?o8WT!=c`qBP@Px+Xco
ze-i8t>e-@A1j5u)Oh$gln8iQ-C#1R5F`IpDF`F%)J+#BIAnrfOBmRB<$0WeA$z`?Q
ziqP6HKOAv0g{Ju395^kfI-dlw`q=`-+9Dv!k|?naGoOP<@b$B$DdK&6p_0$JU4#r3
zZjx&Vw*@~Qyj645iN`%qV}K5iCS=>S7nb<W0JG_ko#chYLJt2F|By%fWV^Cl)TEWN
zEMjPF4D)<t5yZ+wHAsd8kK~pUc)k51-Ld*z?}qLe51kGE6O4{_7w=!3tKV349Ysfa
z{pZ*mTWhD*x?r1H*hKrJ8)9qW6@<T}!8W#zxtH9VZzO$=E^W6@3e<k|?h204Dp`T~
zK_}0skQHg74#7J66~ck})p-zwk_A<KF&qS;;$W=Y%h}Kht7dUImtltr(87*>R+f@~
z1_v=3!DVfA&(>T^{<5G$c4gKP=${4)gz+~tcc+x9skejuBopK?bqAs<P<CEDBiF(>
zxyqZD1pb4gsn2p~&XijaxPdbQynRxeg*h)4NxyvorL)j>DoyYyr!J3EZVvV~8F4uF
zE=c)$lh<jB<}8Z)<X|q0frnA(Lc4Yl%0`N~{&7^X`D^@Ci%0p)D)t&R+Dqf6)|Ox|
z*gaYaz-&a}{ZF&%nT)x4^#n4EDF=k64HQRp*kHW^!VH`FLIVGSTSKnNVmk{-Vg+2$
z1JC2hVo5L#Er#WY;aJP^*4<SIHQjx)uQLA98Prc_kr$dmo%S))X4_jYE?@X^GS*cV
z?lsb$JXa^9nXEQzK}r`qy&QnYpL@ce-9e;9&rH`ECqYp31-Rj}tOu$?USkFJ88tFs
zH6LW+me`W)2Dfh8IaGh!Ia+`w*|mpJHirG`9~Y7Wd{*ehBylB1(l3ro@Qg~r2m?2B
zB$nWyT1px&dWnQEv`?DA6l!+KJ*ip-xDBUfiFcCTW<;8PvVVx!HCA0l)sbFi0wAKZ
zQ)^kMjo`+iygEG7lhu}+cUgA#S#9k6QHFLw-&)6TbOYNI>VOQg^<?CnpA1qH%8n|r
zHQwB2oM8ihPy&a~;`1EjTXhVoVU~O9L3hfKq>(p`{*$2guL=t%i$t}Zt<PGO^%(_X
zy~XpG(sMjeegj58qbR#}E6T=^l>TueNdN(_fp7%#+Cnff^ZZiy5e~_u+DMTsAW)VR
zDxPGjGo}UHW-tiouC^N%uH5bbntBxcBL)ybn^-oLr^@@^(Eaj~GF7muB2_fNIKI)T
zQpwXDfB2OtkUHFEy#Ap`wNw(u=S?bSh~sdvnAuV0<wx<V@DrIAwE)!5RZN=ipMBY_
zTC&ZH-bCy2Nm4K>K}(14R-pMAdV;65;x2V0dVydNDZCb<DQyM)?iNTc@hCtWDLOmV
za@LxpNwmBVVXHwF^KtV_6vlwzEMw2i>dVxGF#Fiy__2_a%1WOadLWbR;lKmZ`zTcK
z_Ekm>6YKOe7t1q)aF5c||LPR3Xco^FoGPAKx<hPH=E}0B8_vtN-&Q&HI|hI8pu**2
zDpJ6-qay%~6mc6dsl_ZyK;R5@s0@EteKO)tsE#h3sn!n-)y^=Yoe*Ka`&VdM4f21=
z&i7J111S6Kud<WKx#IUjVKR=RT2a7u!u^>q`290>F$6Bl9e9%~saDOZ@<OEt4OKO3
zVs_E!Mq@WQa$HYKp|(4!ZRn72PmQo(2D?g*9@~G0IvB4iR>?N+gJCaw^0Ya$xX&8Q
zh9G!8QssRu)z~7vXH*J9msrLNM50r6N<|96mCPWxl@RbD!^z{9GvFTRhWjAp3HzcV
zzZUQXXvDX%-@#0o`hT}ian~7fzys@#p0!ifV=$e;&--^LdD#A1aBcBg03hH#oSpEX
zHkjX{#Ft?H>;`&}hvi3OlM^Dm`;q?eee9>z_h}$vqO4gfm98vl#-QGw@zh*1(!V|C
zQjUvP6g1X!WZMKEmbSfA2MmIx1Swy>-o8(tcYJ9(QhdH$e18J81b@F;lBDs>tn`2`
zsmK<HJOzBk!+a}C@(+00{=zs!GPHmrqLH76=)L-Iw_!yM>!yIT!JrXFUWs@Jlsw^I
zLH|N5UT4sW{S{D&e;riYB&x9f78qsmc{fWmXN&8O+ikC|x0RPRx|B_vo%Int9vq=2
z`UeqXI(Sh`Av+;2odFjZ*G6VBpSSts7+2ZnhoO8w8BXeNnJVa%HI6jV!MR&=uGgx5
z4B<1pSuJ#E9gPok-$!d-ktHm?9(rBTtQ^PCniRr6JI4`ZJ&@i7c*0U2L5P_f&}@8$
z{pXhdbZt_1m1U&H$4<%}?T2Qgh2#zn)K~YEROG*=;_4k6mzNGTAqmo26akE-F$z6e
zHzNDpI@oi*_@8Gh^oC!a>c1fLRjz^h<RUeo{&}hxtIE`X%}D)sGYV4fz|^g{=P86^
zeT5wL<UF!qkTyv$Lsw>=LXDhicTe%vQZ6MMqik7UFJUUBeMl!8`{u1vD!-*v;PD~r
zwkXGEeROx)cSp)p!EL|ohd$^O<!KU}TUH;NA9)#<U$)mb7cIj8uRoGmHqI57ZuMQK
zoN+Y_l?%|8Fh3ffio2H6vW}X}6$#=f6;Ztqa3YrRRGI5|j|5pgH~}%GevfN`z92Y*
zNPI9<b%X7F>GF|f>wL;DJ!9gnASv1c)*ZXrt@T31)&~B%oH(nI3om+mn&9BP22Gk+
zf)ibJvF_9mETj0yqFA(^n-wEnycmMI2LU3r8aL*|?_GH7z*t7ng^?loMMrw3>*#l%
zDn5#}BvRNy(G74dQy;u})zB)E+Stz_z-;;xXrR-+hw3Cj^wGdDf}PMt(Er=S1m5$?
zUc#!1UI39opHRwz%_<I17UJ6zn*^0WEM@>>wHOVuBz$1Cq&MIz%b6o+et3LT$`~+V
zH#klzUUA02KR(^RD`8bOC=LL3Q=OL}*p4ZJtF0jNWU1apH;q4(sW>V^mrIi?v2J82
z3nme;qyn5Zg!cQ*kbFsT9QN#=Iv3lEZF5i65Ch4!>49ZmzIYdquQR)A@H0*iDqs2D
z1lCqlao67?FXmQE1V+0j_|P9<bpIsyz3AZ7<$m*{;c!&{bwE8OE!_K~-ppu5_CNcY
zwBxnx*y6Peu&?t-R_cah5(e#%NlPS3O8s^HQCEx^9**-F6?nbp!<7=Li1b9YieZKj
zPd4ssj%jrw^(#;^*(z1Yq1@n@QS}4L$)vRR=gZVGW(}tKy<<}zT$r>s=6lY8xabsF
znX99p4Ulji{-%EiizAoh4f`2Gom~VK1@juJqaNsILJ_DF{T=b2#p$*O6dYRw{3V?o
z7*e(XT~2VuRH_(}b@%|r!QPhWNv(In+qt@`6tL*A$$soYR|FuST-52G511mdHN;Dm
zw<)>O#3^CXaa~NOpT+I<nVYAL)NEGBchZ_qBWyh%A^7~y<uh<&L1XV1ot98ACn1)b
zHqb7Zb1jn{uR5n(Hoj`MFZ_8mD&l>-F2;F9ViwjkM<Bj-(1gB7&fe3HH^&yE7LF*d
z%qQ=s1b8yoK6cHFWnMwXHf<bK;>YH?r9*q|?xaoubDlNE)!$EV;q^b`j+{-kOR9&+
zXEV+9F}T!2QKgp%h0$>poYLUKv3LUP3)yaOE7bAF2P&jrrX3`9derqfYoDFES&9Fk
zq!)ycPx;A>1#sQ{lEQI36j`S=u?O=~06U~jC;o@melJx=RBdU;zeeX*36rRyUiSQ_
z9E0qsy4y{N?KT}e>*Oyohos?HYEuetul+5)1Y#F$+>_{n+Zox{iRs?_e$QvfbKyle
zm!_nW3Bo&@#nnf*ioBY(`wHa?P<L5G);tHbE~SGhG)XK#!-wP;zr$Q=Gpeq6&0n4i
zbutqlZyEv>RE720_)7@V%0~n33TTS$EoIl*UEmyhJN^{-5hVpm%@Ucbm`k1=O}4~c
z1(dp+7&5Y#o2b&?d4$n-6rIwp%j~WHB+)V!hQ$#wJ9$D_Nuv+i54pv^(7<bFyK_O-
zlY!)+V<P_xzYsQ33r19v31R`lFF^_l**_3H%mYbpUG_b-HY4E}#VP0Qt7Nb(RAo$M
zsDeVBWrm!ebLlE%3|0@1HJuY^BSg&M<L+<nQi~vVhC!1WS99VLM&^rXu77CLqpIHv
z%ouwRT09@Kh{APcKEQO<)^C6b+zZ4D)1xAJ5KewDJQ&215+T!En-EGG&>Pqf3L^@a
zQ6m>d=@`wx{0Gs6?H+l@79M#3MEj$Xwqb%Q%v)8$EtJjFT={m`a||D|dW=36C5Z=)
z9&oM}6_c>ro;Bug)PuGs%&MGPoJlX}r`4S2oF*P7O6i^^nt-)XWI=C<>xM#hSG;M>
zV;<sNnr<+`m7fJK4pW<^$6osTkfDFjWm5^~og-3DVaI7~!Ft`rI)gr61}h^`z!z~X
z)^4hxxCIzuEGr*VNa|hP%A3~7Hlf~~*Gf;UQnIGv&V$TIvlUHQ7sYybq{?Z>!7lLw
zWw;F;-#9U8e?wId;+ruRAh3A;0@Be;;zi1PzY)|a^gsGB^_>ppeb89^_{A!vl?!g2
z%}x-uhIS19A4+$fRbNoFrC<J@j5>=oP^0_KU>10ZFCqGjEpDS*wH1x{%3M&(1M`Wy
zcOHIGw&>!&bvN#JRdvpj#q-t3dx(O|9%1Di&{4nStr?fnCYGR&fXI~b>uH<O#-2W_
z0LzvuD08crrtKBrgj5@ZuhnKhOD#PMp-0O)r45B*eeQvCr9)0NBdi%x>ki9J5Z#A=
z%Zt5=RQ?nB>p&h@(s;{M9QBaq(48!RU|c9jsV<U6;6JO+*HAqMtp51#>Xizx;G+4N
z>u=zj*2LJ{y42v2XFPsK`r+<eT5Inpu=OM{uDnyh!-dNCk0TX!*wN)%d}E#;Y8NQk
z4Rm3T{YHa~;&wN`lWDt;gE2qPsk`oeGrshD9D-~r!qNMqVHUFcP{*5WPhOJMk;gK8
z(`rnLJt!J9xJ!CR7Pv*DcV>}pNz?zfPpsA1bTTmr0#ztHV@Pq}gd=Ap|1O+v?nQ2(
zX1cERl4MzcI-OX<NEnHbS|XA}+nq??9*3OfTc@9K9`(|__%BiFY!P)VLNkkawEsX>
zx}!e-*rGoFuZ5u8F-J{D=Gm0M{}wg-WWPr+ur)K#bGwzd{>s|T31Tv`FF`yCseH8P
zPV8dP#N+bXP7fy6aaQ!`s=Xtf!)9~{l5}+<-Z*XE{)kBl=qo3sMOr)xsdHmH{qixi
zk`k;%P-9uE6i%s{%&Cff6I$L}WBKS}=`s>t!>R$@sC|a~EG@CZnJ3B@--?TaS_0$x
zx`gAmYut}(@r=;;(?W;EiadrdOmFK&p6pIdd;hRF3PWrpz%8Dnk4F6m@1sGR47|h8
z9);n$q)9e*(8(WRBmQ_{^#Ayau;*g|`4yu9fBi*&C6t067-ADc-8JG{<I#@fDj*Sp
zL~3HA3{I}PrN>HNLz<yfh8{2%HU#DgFcfVg3&Txzr!Y8aCO3u8;p9@p;?n$Apd7+b
z!rt>Dhc`%%MA+6OUVAmbRgTNL3&r%ND49F+Nu=7-lWzFeO@PN*{RA(t{rcbK6?0@b
zvjQ%Sb)csBZ+z1$D2){y6WO=U_I;y&($Smc0Zc~MJv}GT*tiq@{I&1n>l#tj$y&B7
zEi?>Z2TrM&!{ahW1{IZkuM0b3f7;di%`S4<C}#OD=hiR9UR47HB^}5tR&6Q9`;Fpu
zi`CMw{66H-X>+)OABE7Qt4Mnxy=mYTyOw7kbs|i>jc{q37;iG#V$K9Y%Hr8J%fRxh
zWPQO%;H7M<X?3rqJ!`t{v!*&Crn2@e_3WL7XIiljA$jj)7QsmXP$@^1!c;AtnKWbq
zecwG1hhFv@pB}?VltxU2N3v_#ls|jqT#Q`wkS~_@6!9NHKzOL)BBQ{5;(xoJ$%o~b
zhEg>I&9W1O<oK|QLnMb73o29-tOlwmc8toQQoi9+MX3pVEvD=qnYtioem#Do0Xb=v
zdy{SNWusZTL^nm(ZsN(VmAd_~n+47NwLVCeO?Ssf4k)oD0}U2FoLP?I;~(L=ho*$a
zB!Qs$_JNl4F{TzT!uVs_9T)@^J?%d^8vgmzcVSTJF9<;3J13%k0d__HAdq2_q<F-5
zV{r3Y{&-=pIsg-Ub^yW;C($%J=v!Cqqzp#kOJH~`ekIZ3TJdOgI=(oCNZEj9$n}YE
z?_?zz?bhB1l=c5tYCdF>p3+u+{nGn5lj5CN9+QPZFVydwC5TneF0@H^bVWlGJ9uC2
zfBjbrp+E1c{`G@j<I}$se`7r`#-o3M9Uk3*wDra0{bp;%=lHrL2Ojx^gk8tJ$3y7O
zx74*0`kw5rZhiA@M;M|`TB;XoZSLgw_-~!y{&Ms5j3EpzH`(!VH?{*(zdGU*C}K!x
zRA|3(_F0KKlIhBy-<!wi931~FuVIIzXe^Y-4Z`5#u?VV@6-u?pFw0J8jP>iuvd)1a
zr%~f*+mG5a8*|r*Hy`<)t9ZZR<yHJ+D0M&+4S$^f`RZ$b(rw!L%U`)JHM=x$ziABm
z;f#A>Vt*2N{-nS0JHMC^U=;z`6u1!izvz&DuWQ-Hk3O*ve?M}rkH3|HK5zTS@R1Ch
zrJ+qM*~RNK*~f7uIa7aI1Cs29_gzUGXMH;$+{#%LuHcj(Ylb_n+HvbUe*c($A*iQ6
zW=E7Q!75PvTb@hI*(lT;42FY3qDMb_3k&fIi%t?grJz$tbIp|t{ua(TFzW;Zh4Jsi
z6~93WJgijqaTCv-?jkA5vU3ValyNO2%JShwP;Z-=<2noqDA>KexyibFog7W)Y>(fm
zBEpM-<z3XK!+E?y82+;REXOuvIr!LTVCxqUz&Gsn$t^L0`#3Sua{60n>ToQYGTp*p
zY#2a!_L6=w<##$2fGFVG6oE-^usu1{eMPihz1*K9{7*Q?u4(l@gug97HIzTR4f_z|
zf9cbp%FX|2X-|o#1ox3d&;`Uuh~<4LRZ|?M$0Y3YzaQk2vc79QnLBm&k7+mPZ8f7E
zIkmCgKq~P$rw<|2$|Ic5XgSu@?r|DG^faHVDZ8*=F&zYj%z@mioZez@7cQJHNZVKI
zJe5-Djty`h7iRY4=!wdo<LxJBie%_kR(PwAzFAVm3mlOnBCoS)RVmEl;~#vO2iOGH
z$MC{lmEFC4m0By>j|$jF(-*X|R7bZO?PLyt9Wm|M_vMY6q=z7<DzL^yMw962#~0gY
zzm%OBcEF%dQvSoCec3pBG!(}cc&pG29+VbQ$Xu%sN3LBsQO+vH+x&J-5v-t2s#Fi~
zAAi%ccOo}Jc&Q_jTlu4m#8r8-k>F;>KBz4tYSmq7G?`NA1wfiLyZI!SD~pB8MWGYi
z^Xp!@P1hwbZ>G00eV$ui(zUYdvbn{&c?qwwY3W)7agyt9%Po1arPX3@5w8a*+8rM7
zRHMQJM6S|#L`HkIY1@)<mJ_bw3-$`%K}m`BryGUqnQx}0J<DCE^Jh6m-H{|8LR+HH
zmc^87SIT44=KTw<gj6u_tvlCPYEX6f21qR);N}l1kw;gUQg`ahD(9?SfmT@=x1w3C
zDFOM+6@6VRyCTKvbaOl9NltW#i&>e>7<2*o6w){0szVy!@-5)VW|3>lBDhoQ8Lh{z
zvOHAj?K}^q+IwLy4YdRW2e17te!#Gw3ItK8AjqmCNT8&qj|hOuw&RVt6EG4BOkD2o
z{|B%g&AjpcXsFj+a9i;5A?_O$0_t@|Tku)n2bEkrxb`I}*mn&UF4a(8yV7U%JrQj>
zxszh1UG^L-i8QUea=HmVIdhQDVw-lFnO$+=`=?^nk?-A$8Wh+F*8QqmOuLmCkePWc
z<LlNo5;q~T(c2&qSK@35bR7(u--lCItma-(NDyP8k1{}1aXd0Ib1|eGCw=y;7JJS-
zeBSN6-rvNFXQiF}n+t(l%N-nNgNx=RFJ36UC41ZAT^E6sg%8;yyjx_;%1%n}>{U}K
z<Z@K7Vsc0zaw^o%93U^AoU3i*dIprPRNU^EH|i(1cDkQ%4KSi_{CF+al%kraBlpIS
ze@9yqi)gm?c(2`!lf`Ek>!kc--3|cfN?`X=BdHW?n~Gd_MDYi-9&PRUcSqHGTsZzA
zEiz+OqQ`WQ)@x?L7CzGm3Q`~rX{*yiirQjmE5JH*oJ79UPJpkZds0*egvYroJuR-K
zt{UObn?uEy<4_Pe3bTw-S_d4T^gzC}WhG>d-(+oYTwrshxi&v-tCb<pQ<o;tWBW7i
z{hcC1*k|OH=9@Y}|F0Xf!=GC)ZgdG;uG}Qtk~CI&{|s%2Pbyqy6w#&(w0Hkcv{#bk
zROk=Mw%%WXkM=zU^tbX|?inq$7732<;>w{3fv4hDamS5_PV#G_))`n?=+HI}nBc5+
za&{;%;H-octu_hcW=@7IcSM+36$FM{VQhDbIW@b<S3`ITr{sWP|B{F>vb3RX7-KFt
zNI9UUl$;cpmV@t7mQC9Wx~2&wxN}-Ypd+xpX%pQIXjs48Q}vZ!+-FH09B@8PXP=x2
zi!IQV>kMRQ)^2{W(LWz@`j)G;d9s_J#H8nIEZ)CU+z=|!1bS1YEq~4HT$gA<b`?0<
zpGUNFE?}r#$&3o^Rf;fvz^-u<!{2tDil*Q|4MBba_$Pis;HL~-0VX+my1hXjCOOyy
zo0MC+r~TM0*R@)lF`!yaeKMZ`mY6<_acejZF!-NABCK~d9~xy7xk5D}=29FH`QbH8
zxK<=&c>9t&A_6;T2LxP0*nj*H_z|{&Z$V`8uAn(%Ve>G_vD9$#A?v#wotPEV4u9zJ
z1gDmS);+qDd4`Q9N8Gi6)n@KtLiwY`My>Q?i=#&cdPGlF++fFj$(NjMp8NEiDV(K6
zbMuP|xLzS^aBbra3kK?WfMO1S3aWSYU(2J$Qs;yHgEBNy=RtY~q486JM6v3<dw$?h
zy*WqrDy=6p&ct}a{1Lr5!Qs*W;-=4MjCG0jg-4XvqHe|8u|)i_fjyFK%fA9QS0h`$
z5oqIYJB5dMyfxd*LYszfh(K<1-C#lS^8H*Z@UmE$D;<ocLE5}~hXu(PYhfNiv|H!@
zfgO|;OS;C%j*paL5ks})858O)%R2c=5!#FHU8OveHH;c8M7(_sGLgdL^j3}F(LtUL
zl=Pr(GS^zNQt!ZnmoeF1+jFI)`TsHXP2rg~!M3q&+t$RkZQHi3iEZ1)#F}7Y+qTV<
z|JnQOnXA63e9wB*)vM4|)#BDaT25J`yoobvUB-6Cs`3J2oqNExL#~{GxlZ3o9^Vu$
z%G_K}E49y`4RkiksvEKPMe2Ev$#@^!7=9HWCU_iGc>(({-$zAgCU$K0T|r<q<VsB$
zrN!1C{&&2`TjOpL$3~uihD7D6k32&P49Tf>szcJ7IuII<W<Fy|xnDL;kFm=&vPYSz
zk6ID#{Znsr*J1n~TtUH$dj~m%a;QY}?2zV1iJ9v-O?*X3IvM`m!=p4O1!P%YzG_~P
z7Aw52jpLk&0pYGrOwDayq1cZ;O|9&qvyZEIsZQ8(p`h)>^bG8bbBd=-wt**75g|;=
zCTvnF6U25jxc9n)$h0_^I&~U~rpMRQ8Spkg$l4PG>si#dL0zH$;qk&&pMc?7B}Wog
z-a!<F^IL8@aNWCbWBhGBt<^-l<{n#gKK5kLqSXJbx2Mvh?DRtG=h(IQgRN!P(oE-s
zUPTU%&5Uf$(Se2A{2&r%V=}sXk2)v)W~3rmD&4+^^`xEdCTDGYEo9F1XA`ioUhVzF
zX>Qogc&l%*xY@(Q53AeDOLTSP2Yf9hJ-r^2Gd0_R@tF@_yB}n|yW(A02eikogB!0!
z*B{xj9>w@ClN`JpJ-|J8)toF;ZhAXrP$7i}EGvMP{7+)#x%C<Lgr~9+(}HqO?cl_Z
zxBbC{-@1J|HdeqUK{uC4g4QKrIFm^dyh$R?A!k}X9Dx%dU~JKsKogms>wyUGff6}h
z^yB%viMFSc#uIt|e@1XzA1o|<|IPJwVCvGtJ$X`P>^tr4WxKL1)9H=+mQrv~58m@;
z8}b(K(nHFb;8lf*Mq9i+;Y^J@_(%qVBAWOCw`0ky$eL;6_$S%j_V;s*JTPZSXa{O4
z)!37}`Vq;J#km>5p9I?%&a(B`c`DN-m-(N<Qh-3gRAaDUf@#7Bg)K6mgps$TZPG7-
zu=rYFa>*UYFgciG`AtMYSMZd+sp=#@APLJMJvbvnsMGKP+N(R``Yu_hz2(Hy_S&Q;
z5uF>wE&m2|;kG&wGPiPx^YS@<AR7>B?Cm;Km3=t(u14XJ>*c;xY)sA1WUL3ez!F-0
zGcQAIXYKIx=k-8{HA2zA+FbY)<z<Ha1B>SQ3v^K4j}<>jRrxsj_KEOmTD~0xR6ZK0
z<b9?Ps2|?mT|4bC9h>H}Uib%q)Vb;Ezv&?feH{iE4m3_1rqLmxXEpkNT_dHC3S7Qv
zBn?8&b`#Zy>-__hK<7s4Rt~x6KbQjFFax!z{J&u$1S`HA+rrj?zX442I|J8VSq8WT
zADUw^HOzSeL;cbfR5$=H%kw#Fy6uYX(p8Q*<#<HX49v}p&V?UBWbbnZ`(LE8G_#@m
zOcviYUEEn&XSb&jH`Y3l`RTR}%Jq_e@)-T=k11YR2QCd#YJ}6k$Fo5x=P%RilgRPz
z9Qne73|Y0>mM`-~!~*`(p#RA!MS_Cy>(*izF%HB?>&4Zuqg}P7tcUm9^~_d_w{urC
zdjac&*6N4W#x^iumQ*up5^&t-8Sd|`OWUji%0!6zO{0y$%^A2WkaPJyMyM*&-}qiW
z{s1OS*-IN0x?_5}R&D%dONi|Y15YX(Z%Sl(ps@uu@X*M@+hMOF@2*R9-Fb0k^5l$@
zHQc8>g60=>p^HXVKAwF}6l~fj4KR~nw=7|NIKfZ{T1U0^FpmDr6wBsZr-ul`p0SKF
zc5{ASn`BzqdYFD`6DGbo?}{fzg`3;$*PftZ8q-KfkHkF-bS=|8hNZ>cP-T^qt))+|
zO(3*hin19}ewIUj?6y^9ix4}qxW?xbD^6*LKcNe_x(@aA8msrwDG)F7mKr?IV2uNB
zE2~xICI?E!_ZJMvlOM9?xl&I-gJ>;()?(22XGo`-epmar4{MW6m}_G{ZP3g{bx#PR
zj0~{vIr5ygBRw{v79~~29T*@TIK&@{#3);RZ{t6`o4vlP$)-hxMVNd*Z%M<@2Dy%Q
zAwJ)Ywr@$m{vVGx<$Zq4+lg}D&xuom!y)DHWawI-Eyg27@c~5mP>#VS$SJD5my3Zu
zOSqh`u)JBgDCG*`gE!4fhh%yEDj|YyA}!P6owou%2D(kWIByEu;#J{v@nr=gK+`3%
z->%;P3P+Q~TGCb0gS*tkz5eoR>as~(`*uZN)lkfc7F~no(YF5NEHB%4tmEa{w9@|B
z=rXfihbMqkwV?UwBK+qvL(ebXolqcxf3(2X`nPq5qPRc813`ScTnS7S^r<}^weFNk
zQ_o~uHiY_@x?gI3Xo|*1yU{O5S?DkOW<brzP+bMOSh@GH*QHm3yHrc6+Y~!srKmGk
zCUJP?1b8S<{aYdj1U}@2T#T3z9`8=pHSmGUlq!V21T1#%>;1j6{V+m4@hj6;t5@ll
z9nh`0YiuSjmTI<w=Uh)4-CMO=RGPd<tO&cJj))O@u{L2$g!M?V_AM5!^c|@ev6nxc
z$rFb!M&Wyns@cHd?_g$pJzYn3pNY=35g-^EGR9B8RRDW#?blJ(SY`G?_+5MrD)jhC
z<L7K^UzhIC1?;{8Yz94Zp6Sm@)6Z(;e`sOcX#Q5oje!Nk4#7r7NK|~|XF*NCP#(EK
zMtYn01w~}C<dpV0_c%3TjTI(QiN{6UY<(VeJ~mkzqPQPPVp=rn7#o}~201YsB`h(N
z@NI>IH9A|<g9eO~X>l8pg<9}ZVW-3s2a<Gt8@%Q-Bkj@2a1$dwTrxXS)k1F2J=KRt
z=`!cB;I6nQID8?rAItylhEiQ%Ql*n5a2erz?*_al8G#;UBQd5(Z5lBL)^qk@4^)#V
zvb`BpI<Zbz?2>#r<$)QI?fBG@`BnPRxHa)9=Yy1Pv6Z|lY6lO#n9Z&KgmXSIk+1|$
zpgw)M7c`fS)#08KFufR*z(H*uNogHh9sS&J=3$y1WR@bcmu>==qj9*MZh|poO=!i2
zm}0^RX>=H01p|dNn_w!T08(sb5MT<IldjU@JfaG>;;GFlET3qWqVt>ijSyt;*#sF8
zMd3<xy1a?mxkGa}A-N==9O0m#?|D>%FGT7vGiQqu273mmXe8<ifPvFx)I3>}t8l?t
ze*}+(e(PN+t;&ZSohy*>?bP<M`0)8@$#mGpWRH<xL-k4Gqm&M(hz^-AfYgRY*o6Mi
zJ;}yEQ{$gZa)Uls;Kfl35I>6(GX#Niq?E09WN}<iKr0Upz%kuanRo$U55~Z4!@ftN
zl)S{ZXSPPRTRdTG{6T(;S_!83I6k~Ah`i41FIzGM>5S9Ba`@c9#kzNF715{kA2qPv
zgzVNCo?EPNvxQ3+kKwcdFB>htAl|!FV}2CiTGh(1C0~s2Z<2MGQFY|>rE*|+udsmW
z9qM13z=7$7GCaSBA9mxTlGF%_3ew9;s3w#4Y|JEuww0Y5b1>t;@K#!%#8u-oJp8hD
zH%)`-J|_a(g3rdpaI)J?4=8iX#Z-dyIUe|lci%u(&&_GQkUJfn8bb+yH~>qUg>MKK
zz(gh<SUc=!s(p_;R(yuMH{TRv4_J)LaA!dh-q(}nY!go9p1D}sWES@&DRMxPhwp~4
zhSP=#!_ntfFi1Dd_M_plg7aY9d1wIfB^?(_;jyB_bQ!=#&@buSQ&sm+|G;EU-6K6H
zIh8}*1G9e=I&!%(B9ABpJZ{Kb`j*{@Bt%d=>ZhPMnz&QlZB;|DP>bWp;$8z`QF>M9
zIg#onya3kFP$q;$xF=hY4C%@DBOijAR!D17^hU3|_}i>7OS?9(ZYI9Db}{x`zV0pW
z%Wo}tpnGu|TRui_-JT&@*`QvgD9~tsx|yF3fsvnN@3X+<IP`SsxT{y$)_CScX8`WQ
znhN`;iFu&3{8t`pdXLn8oLEWhrvZ=cJ)GW=Cp)P%dj<y;25HNSs&Lt=NL<CnHp*FD
zGkAYkJkEL*OVAcX$k4M>w=eR)Zh&!43mj2-Fvi6gcB5}k)pc}=7+7D3qYKAO_5hAv
zn$mx$^$z4b#AIDc2YL8M>fob{DbOEyCx?Fh)C1N9t2MPdP*PA(8ROxX`TZ2_C(PCJ
zvZZ^6zCV|<aR%@LXKB}JVvg+^T%i-~09yVOA^52S-gIRe=S3UaSVGODe#!b4?M@29
za|cn*{PqYpqKCdSiX`F1qzq&b7S>foV2am6R8U((#~D!&h}TtRo8DFZn!F}E200PZ
zaP|_F9yFCEv&U=-$7^)B&1?#h%SdIBG$bGjg(Z(<S}!(h9goZxxtAB7){5b^C|A9E
zGcYS))-?J*N0^&NhSSIuG5aPAPAY1M{ig1>c?=aXh&x;gvJ=%HqSAC|$(vZoMr81@
zRc1_AZR`6VQ+!u@W60QWUc2#*?gM{evKRSs_Y-U2)99fg1V+@)!hp&MJrL2ZORBZE
zX9_B5{FuxLG_k=Ds{rIW31$8Z4~<@j*{013E*EKvH?v3G>!IAWs=_{%VlK~nWM|pJ
zPwshlD5LJS`%!#NK?5lvl%K*n=AC7^y|8?5G)A=usGqVfaz}Jpqb;@~ol6`doK6y(
z73b2zDwf)5;Bw$2cWCX~Gx$5bc5}b-tVe^=l<a*(nZanlfo>C)g&>xYL72e>7&1i>
z#&JOU#sv_@5d!r!Uab{GNhOeKg9&Je--XrVfNoO-u@vc>NT^KU0`vY79ygqHpuQ`j
zz;##*u<+je9>5tw2tK%yM$mCi8*%;ROk<DhT5blpX5H7jo*WKkukE|uDhJDm?-zW#
z*X!H4Ob?az+dcDGn}0nmb@FRr0!Oh^2V3pPX!%octz9eNYNII2f}%d%EZLNz&{Guf
z!p@nzme%qCMFP{4K4L5B%_;zO+FrF<xfA+^0Q4m5h@wEmL?MkxF;#UIZKuMEu(EYI
zQ^5*bJC6X_cs2~Xl7K|QioA}`gDwhY=pS2j8!}6Jo$^%O3P^>+m}5(-cbB75_+cMj
z`t>-G19WI@xntrKovD&>9P3eQtW3p9JP~W~6GkENSQShVjWkmdTJAEjghLW)L&<`o
zvRihTfssa!4xA#fzf=~!Om@Q95q|$H6dwHmpBesL{rc44|DcStAJSN8QM_Cu<)5-b
z)*qm+A8=dlcA>&M)+AmZnOgyM-rmZYJ$ZN~hz8JOSRuacjn$j8IKwDDSTq$U1PmUz
zk}Y5oJzATjwQJHgLz-~7?PJ*PkinY3Avz{310eB;4*Dv8B)#MJ28yT9B5SQ%o4*u)
zU8is`w0bifvfZ?b+@;<u`wa6--WBS7ZGXDj@j9G|&RYS2JRLPt$YE8$CpGY=d{E#a
z5a-djS7w2u`XCN%IqtF<l{XD|MVPfIy_cLDr|sD*^-}JV-_Ho@xL=wPNt<e{<D%W{
z<feL4`V%-Xi`G~{DwTMH*5DH?Lgpn78PneJ{EfrhL<U1df{pG1fdmkh4U&=lsx>@L
z)6&&{Nz*iwW$v6P;{@J-b*McneC3-oP34NSb=lv%ON3BEr$8&01MIT)^Qpj_0pmXM
z22mkm#@}ChgCo;~3VJJPpP8r{FDrW;bVSQt`s@KVaWV?ce-y3*&%0m=)aA{)MDDkd
zgaa_CjDXlfh6ruv28Fg*h14VVr}M5ubMWvvIWEGZZuJcw$n)U}JCv~!c0V}e-ZbXP
z>0I?<ZDe%#mi6s&&MMd*Em5S>2?`Pk5(+XazR~ZJ=m_yJdd6kGVA2VZm;L%3cB=9|
z6!T8`F#L4?bITy+_VQX|!SsYyW<M-D)*F(%L*AOlBrbK#V^mwt`cjUI-J}FDv-xyJ
zX{hhV<(Q}~m`EC_uR>fN#mfZ2D79dsh@fE#V@4PUwM{lRGx*Xnl@_Nlb(l2|9d-^A
z*%EsP#}dXI`$Lkze1}|mx%M8knV22ew}R0uiqG{+S&8Adr%?C+WkAJPUV-Tcjfe8#
z=9~^GQb1|Ju|*FGth}~NoM@q_E>yIKKOz*h7ec72Q*r68UDL9ay;wYc9g}}a$J)n@
ze;$7H@J;v@7SPprlMcHUXi0trGDh^sV^3pn;}1-?60z1L>>wAyMwcPe?S5V8y)akM
z`#s*~RyL0$g7$CcC!Ue^c*EbqwH#;<GzI9XSz%ftU?K>sFxd8JI61w@Sm{M>zgVH3
zGRAbuVCx@B`n}yBY{-3lAbc3F>FnelBKI81U1!vOw{88V>Kxo1n`)%xxdxxceOt!s
zXQ9GXg+(UBc>qkid9S>GQR5Ij*i#y#Mh*5^)%D*X+=|?Ewv)=lS{tO-9rX^lUZ@i#
zK?z|q#Th#dDSRUz@q6BAQs$&C#=v<n;=XbW27+q_@UOGwB!>l-@@o`(N!yiDrW|1+
zG^BOpi)t;imAEF_QAagfRCc~8yqcL5*%tpGQbwrsf}gk2UnLI2^?3aGD1r#(i&`6m
z^0f7{?b+vK&}C&hF6f3_UF`6x<qZsbFo5wLbYslxlM3`*<rQR0b09{(_AcOSd(y}#
z2nj}~2CS+YT)K8msvA(0X|5<zH>VtE80d_?Q$dH+VNBh2KU9c~<qDM#paHQ>0C#K7
zu$!>#f@Q0w7IQk+Rli%N5;IRFHp4C^1JGyXrAZ@M*g(;p1adDSSOg`JMV3;clL4ln
zQ`@+hmU%#dx%dAx>MYX^CyeV3_R~S@4t9Zk!dqyeW1P*I!L)k^zSJ8yHQfQdN=*5K
zDRwP>q{|U8D#P>`1>lrP<W~Bw)2|YD6+09#UrQ9Tji^xkH4)$eaX^IC-0qGQr0B<M
z(KP9M+s}gWFtGtqc@4`zt0_IQ?5BF**y_VWw-wm_linrK@x1|dlJ%q2PPfzW*qB9>
zIIg*&r{5CK1ruxD4mqF|X$ru|HY|_q5eLUh=e>@MkDN64(rW{bv>ixeS_{PLo1>z2
z-UM8^tP}%O;eo*@x(G-yN1%UpL*$S$+^Y=n#O};d#+nZqX<Elp;8sQnwPMFY)i2Z4
zeXVS{DjcX%jNa|ZQ{?tr^f<X9cEYjt3fL$JYcD;7*tugG2xyNlbG*502O6*htgX#1
z8^*ym0U%7$>v;|UK1!Pw*CI2Y&lB6>!lxkTZ8bkT%Fux1st)}eRAax+O!Z<Yz^pXz
zVd0}Pm){*LJCPghK1ZUfP3$6+@9utgu=b_9lJ{;GiYlPilulu7lpX%DY1!IPM;hn5
zW*Zz0LLsgdG3RpA9jg)jUb>T`iC9Ln>4j3r5Gjdc#`4i$gUK|6slG>GtAH9L$Do_e
zXAC2*PG+}`{cm_;z9oFD<#ePFt%Qj69hw~fT=#h2v0iN9fqe}W!6b8=N_`qgc>?t@
zLLBSBkM+1)qpvmfIvG%o@0T%p6@3QZrjIjdQ6rW34boqsEMGEya7yH*L#q2^&R4Ju
zVbAMa5qe^v<bl?IAu+j;)0k?fR;h+QJ#LbG!oxLNN>0QiuA5o;quPzgLv;Tqqj`lB
zo0k`-KQcU%xW3S;U<zl3S;qC->$EK_-<C36tH3U1tpP)7N&CntLKO8&K#alQ6bL4`
ziVNW8yAlXM>pMxxOSHGaRv!1FNYPvT#`4eG2_AUD0Om;XYGG;82nWqcqWuHsP4pVm
z1Nai$EYU>um+I4*xsl0H{1H+07lC6llN^LCIUXc13F+A~ig4-v$*!baxs?AT{!xrl
z1^pb+R?~w*tP7mE)@S|1RHhu0=!)ahTrD^pYq6?SfGT8rtsC@F^hZTcm->Mg&rwr9
ziF#`9>aJ6zS>nEnn~5Ckse*%6$pEjoHL7Kr+WeEG3VwI)Q5NR({2Pal9l!SZD>gy)
zO7`o1Y9dI|;Q=x>uFZ^nabIZ_`?@AlGMPxt$=<2iM`6HsWbIVd>ZnOv{Il79DuJf~
z106k?Klsv|y^Rt{@2U?JIV+Sez~3j`B1?(yAha1>6cZ9%SG=JNMtrnDKOR*?*L1J>
zqv_CryHV-(;(ufE8yc3I^Ti}@<wESKxW3eF%mSc6=I;-44@KO_+%qkeoSS$o)tU5L
zdpEQ;lpwAafVErgvjk+0BCbLPe`RheZ^BI%3QOU_zMRAI{T+QM$KRiJs6G`P%Y$<|
zmq?IzzpcS7tR=20aw560gLp1EQ`oYcBPkNP$eOEO2wPQiBpg}4)SsM<Ty3H@@V#t|
zita$|2%Guh9Ek}0%ne3`q<nywsPs1`6{}{TNg%?#I;;K>`z?uLllngaBZOK!q*^PP
zNFmmSeF#i9NDY}|&JAt-F6!vg;$v!Oii5N~SS&>l89x+Vi#=`kFX>JAsn<`Cs#Uo&
z-2khgmvuMdPnI{O7XEaP$d%T^nvYUrwsAB3lO1ZVQ7O`qt&DL?=t}}>*WJm5^R>Pv
z;Pv$1-8L$*yD`~5TyfFtgpGloD%uGY*F-T~G(;9@N=U&b7{!QpK2m^k)gCx*=jU1-
z)(3Ib!zM!OKV{b2e!QVA91r0dUz7e~j@OQ)I$qMO3q&X>uIwh}@+%w9tEeWj`?~1v
zdG>l^FRROo%!Z`bC|9JhQfVt@_UoQIIwUvfIUk0G9yi&dK5?fic3rqfrt{|^L;<uc
zFLAsw-a~7|L(ElR1aJ4`3*xX@L~cNC0Rl4IZbmRIEwo%&_-|=xP=FBfvVUzF{|E#b
zhZjE{<_LIAD9SS!>12<jmRd|$<c2eF<*d;8-#9jylq`57BPPPqSqOva8404}*HbBI
zUmb3J;G#$uyU88N3Z2{!ydI2}I@O|q1cr}Ge7SZS*bVGz8c%9O4j!-VC5HabRhGbs
z`S!RxI%%KnAyjc=B^Qk%o%Zac8IsBkZ-Wl<W0@IUl!Hi;kieqBVZa3mTHzGQlj^}h
z^%1gV#4}5#L;XoWLm48YmI^V%G1(!U5m7oXkM#YQeq!I`eUfn^QALVuypZuymT)G%
z=9kqAW9g3nODcq`m;Y36B{M3(+6ezoN9qw!DGUv`3`J;+w*lnA+!gu37jkfCsa@t>
z^pSGTu5?o6l}bTR;zE4lP4Wp`5Y6}Xo`?)O_&SQV$_6RXlP234ee^6jGX1D8A=yiX
zd8#yd@@Y<}qdI`bc~vmhf#jBuUw$uJA&$!K&oxy3w^*4JLWCf^NcxJI8N?&k8iPU(
z5Rt7EK!}5a+G^y0GdAl$UkLO5gIGTOr+h2fZ9dip#D9qM$r2u}Y3l`1M#GRl4R451
zABPk=%KE;llp@4{oEztqAYH>6SZUaU$7>$g#58+<Oh7;YT|ex(nw=o)zacb7wdjpE
zjsu{Jw7iHkmOrIHHIWW?+EllPui)z}_9tcr+XcZc)Lev9it0vMxVlEB=tO@nQq<Uk
zEWsQ7qh%v#zJjB(g(NWj{#rVqr18048i#KIsY7Vejg4C8|L45}mUxhL40dpIfX*HN
zX0g5oO$#l59*0}kUKWtZaF8BAsq*!`Tin^}5A9LP0#7EZLb6+cLv9|}pPO?iv_Zcu
zu4&!l50z%k*?2!tU{5}!1(e+)2K6Q1Qoi^)wY9@e#{{40Hp4|^ks(VT0HqM>Q+pDm
z#o}GyI6R{De2EmHpsz5apU(^29OJv>>&(DCrS+OI@k@4@fl25A!<~k=R>Mz!^%Hgp
zAZv%eITKomvpWcdsS*P^V{**f@e0_OVOw8)rpj26O^Lj05c&;=&<4C$d_7c;?j=`+
zu6yOlB<VNFd+#|nLZSIRwA*q8<Nncv_z#BfP+){sLU$?{Nz`2MbVzDk@T*5sh=T5{
zJ&q?2IOgF0`BvD1wGyH?wz8sqEbaN|nBI{0L{xRq^sL=uhAn~g1^JO|wiPR4(WJOx
z>RZ9N&o=Tb#M_H_XnVg8_ggPid#EN&HSMTK`&l+UQx_^WZFf>=+tvSM+%hq%rMVW<
zEUX~%(OvSajqHNDG5f>nN1;3<z7psao4dg;?O%X-;_*iZ#+Yva3k&r7-fZnwd`i*2
z`%#loA48MjbDu(|=YCjBO|cyhy!G>srU09x#L>xx*m48pYiR@+@KuQ{9a~Dwo`S`^
z#Zy*ryq!Ug(g{uYG$!&>5>q8WS=`#I?vDG9^JG>>`AoQWcIRa5a+FbSvRFnO<(0U@
zSw@7(E2+zaS;vQx+$W|5o1`Uns=JenMvgu)p(#p*{706xxbrBL|4WvgtmTxO6Xld?
zqHMavLG*oARW?MHR7P5cgBHelprt(w?N&9w7Eu&)fHmhvyywpg_wAlAi0bH#&x{Z$
z7d=;|Rx{aByxM9hBAeUM_eU~?r@m3IutiF9&d}l^!07!8-9Xmh7td}ynEg(1gq;?~
z5K{u7*Eq%y@PtD93K?V?C~;-?K1gI1P&PK`B(Zx$vW{pbGww2;-#EX%#r{9ecji9`
zn-hN!zHxrakPGQk$v=^|ld8UVw4dcoZrVVH*qnUs7{k-))d|M~6h4d+-39Kf6?Y$V
zfOJCiXEA-fLX_WW9LKnDgNa+MG)b_M)`hwlgW-S%1s}JNb!dmFr%OX2K?X+ciL_$z
zt~8cilPH;SvZs)qnS7BZhAqYHn;xjuZ!XI1{DdQMaR?MUvG06vCAcB9&b&Bw=V|VD
zlBe#pn1`AYsJ_OThl0;nB@sdRtrC|w|CH~iG%Bu{g!gl==)TijL6xvMuP{i{;BUTu
zW~NBhovl<=A8X?{ym%_ME}4el=L4c}w6L&%SEV2I>e&h-@{E&Sq!(_{Xfp*1h0C?(
z;$Z&7ipnfd&L!pWMkRi*3)sO4NaZiHqQ2eGknvScm|B;QFwJ6~2ztmos5*tiYxA6&
zPFz}o1Y)M1)ZA^Nt;fM--d5CQM=~k_$3*4%*0J2RSrmL-zYGE659~1U#l_)jz~{`%
zs1x+xN=dN>7k^^$7r%hJ4Mn0lGCwSgnNMSmL{VdJGTNIIa4YY%4QX|TNw3lBTC#AR
zjZx$%@2E^(AY(FOqgHWik<&;wAI6cU`e<%S7^S$u8-F`7NO4DLG^iH|V2Kum&jtsJ
z;34>W(TAfe)oPP4RyK?VF2b4q{F?$3wo264-N@1iv~Vu`A<Fp+r@9``l|oZbilGmz
zq5)BE189}tXZ#?roMoS3mBZ#{!VGh+51V!osvfXAbBAFfdX@O#iSjc(-P?Js5npjQ
zv71YR3&}Qzjp;6k>rXeHj^9poQk@p(-x%p`aL$q74N{-;hhd)r<0<|C`NqmR9`hl_
zk=&YJ&h=N8k^Wfwmi{OG{Fru*bai-+BwdK@Rd=Y8Y6L%eNg)gVrh`>j7GC#e!j0@K
z6kIE<Bt4EcD7Wouo$*<#w`_u@+;05DSt!1hDgq}@NiCbHBzUfKZ;7nFhzg24wB_XE
znLp|nL`#Y^+58z3({b`ch#_JneCkOt^-%D@bxl<wWg<popkTA+{iZ(spt+2Fg`OXb
z(39xRsL}<P{kCUPxBrQhOVus5Pp0dtk-o}(eQE7=M`Iz@+cw6U&Ff_?Rd2D@vm?Kq
za}2i*;Pjz->D!V5F7&zFlsM>cgD(v_+3RozpCJv8M~>E!@Ou&(q`w7&jgtr9A0=Oj
zfi|;@eMdh3$=CmHRu@D$@$7q(&b~JZm}*hu)RA8#btWo=Yg4C=RCT}8_~uoTN}rTH
z351AoiU*@1kF=m`ZXrRb`)2HWxc5Bzv0&FBlQTC6UHhR+htU>=<Y@fB_?&{+tP6k9
z9ai8R^5yiawmhD~j4upWy2_ukD=*hNgV|<fv@1`l$fLXl_qj5foS@NfGNi#1H2E_|
z@CYplIguC@+?MJ99eYUf(9lcYP%$EjP4F$Dx-v_s#bJEru!0aLO%>_pL<L<k11pZ<
zw&Td3F=8&jHUuR#((8qZeNn92dYBnX4Na!gz!eG#ezG~uradrloJ58)$&vO)UL^It
zz^IKCL}1ZaEbgqF?1KXwf+^avKqZzaJjil3HJU&?rzDb~T>SU$_Y987tMIC*5h8zG
z5D^TraYe8NCwZBF6e%!G8Tsl^8Tnh01nPJ(Qi(^DhalUTRUrh-&_2sG1u?FT2D^%?
zE3F0KJ8PAE<g=D(h3R)5=eKIo*K1$S1<?88H83+wpJH2xvgjJ-N!5BDJ6AeB;&F4}
zGDVZp8%Ko$C<<y^f{Lum8YN?0gAQL=DRLf$y#R?g!ihFn3c^)+BE;be#PwKrn<IGm
zihqh#h#bV%<$)#{7#7`*h8G7+32vo)91=vRn@ENIj{yM|zLhBm_j4+MD4F>wzO3H}
z@WPH{fF&=-QPO*o-wzhsD7@L&1^*!BTLpp4x<r2M&DQ>cDm_x_pF-4i>ui%{XKg4Y
zixtc@m=QZAN81X-5`-5X2lbSB4>da9jJtlLzH)O&K*bRwxop%X|EDKMXePHMR`Qbt
zE<}|lR8o^QRMKZfT-Fu?JODq0<a#zd82U6m3!caWa}e+$BFO|zul;IU{x4o3WhM@k
z&j}8cZ$m<500M@Si~!3{^`DPQa^L5rBEajbJ)sMg3FK=wKmOte%J%{8IuH4>-B|8r
zz-lf&+%p}DOA{Va1xm(O23cI`O^!xL<m7eGz{rNJO7gzdko6w3rWL0R!=U^p@RI5U
z6;DPLV;h64ve=Kkq9x>E$BOt3PDrG)l-37NdW`(cF?lN)zMsHLZ%O{__JUXsxnr-=
zkol8ck7MYg`&Fe%AG}Pyfq28ZTHTHIrMD-?dz)(n{FCK2;EDkM8SXY9HV)qWPsI8W
zdVd21I?i!L_;lc_as3Dy>TvHmHBB*t5BSU9gcCMUwgm6Boh)xJ%co*4iqLGJ3x-EP
z?lx%FS#GOy&ruHv^maZDL}n~D_DM?*9T@>YyE9oVgK?3GQ2^a}BomdlkR22OptTCV
z#x_&<)lKFr9;$44F!k{{L0!ZY->1)93I29RX8K%tFzrY$sM5I?ZBEIH#Snb5=>G61
z*zphc5>vm3z^tLW$q)>xZhHj3oUsKzlPR2b;rY0)M^?jAT>*XKVzf}FMpxjP21TMB
z3Ypz3A_qokqD;G5vu!;&#cNy=P(Lh*KDRg&Z*Yk|F>xphj8YL4g#;1>f&Mf`!9s3Q
zM%p<R7-+Qp6e`8;pd$UhX4YYrgz}k<oKhc4A?vp|9QrOv0T>$$BB<>zXLvlh;N~R$
zD|1jCVDQ4<wV<l;3qtT52HTVjfn?L~YEs39$YUKLQ8Km5P_MJpO4!1M=4J8Vll*WI
zO(*Dbsr#S{ojR@1mYH^vt$00(e6vF3o~+7L64mKl^H^JcpIy<E_DyR`wd1R2wB^n0
z72NRrbI1%1;4ICl6@V_xYYt7w81K6qdhZFaI`J9kcPr2frf+h#Q;yqVJ?o8j*3da}
z&*)reZnY%KZbzG^pH5oH-C9nR=FMS~_e*luk_=2(B4sT;fEP0)v%Wpdp9-H}50HhU
zXUDaIZ1KohNYL+k8{7RoIUze->KLCaXrWj72G4M4p|N!g-&1xC&>WaKD1N0&Q|HQK
znM@1OK{SMe@iw#ky2hn}`FqU*@kItb(8B=@JQv>2H?;c;;gkHajh}5O;{EszpYyHW
zj(qBe%UIbF4f8ljdbHnfpht>36FnQaigYZBD}ZJbFlTN}047NJ!*gs<cJg0GY{Ts-
zkLA{5h1&TEfdnuc<m!BUa>{XP-qJ48V8*XK{x<~~{h6+t(f86xRR!<b)5jJ;bo=oa
z=<jEkkljJ?+j2%E&v2rFSNbH+5X6M=v)nQTS@N}I;>YxYf{h_!Kv)hmMg~YJZJ=#9
zQ6PW6BV3z|xUYwU7;r9}2z|)>7eZSJ6Vh~cy&!r!Ah^q#3t*}~?$1DPjstj2|1kN-
zl?H$G78{}`^_C9*O7}H}2A0(h>f1T(-ZW!3hwTbNhhNoOFjhnx8OM+LhoV<|lb#%+
zXr^IlXFtKagWR{}i1D7`cE8Un-ZR8a-pCk>tj{R@07nnDP=mE<a+14=E~p70j|+_i
z>9_Ph+DbS?g7>Yhc;DI@-gkRXAB-Uk3&$7^^t6Go0YW{_uiGUJ6%^GVHcGG5KQ;)P
z`9X7S2Kv5B%MdjFTI@E56p_aOk%VXBWYH7;o`UWTI`y`DBY*XyR1cYgqlm?YtE?@v
z%j)?<$#nu1jzb1MWQ_872SFq+VIGXcdFoWD@qq0#_P&xxQXryci0c>PneDIj_Y9kp
zoj!&d7`777NiyTlw<WXBx0rE1Kh49QtC9C7-1INrgqK|KpHsD7n2?PO1O`bY!C)-J
z<66opIKc`BT9U^v-{Sx5gt_TqkKf(6pEPlVx%%j5NO)+OgHrkQj5#ik^Z>@vCP1rZ
zeG8}=gn2x(N>pQdSEt{d?rdOGf|ZSsa^H$sK}8}3fMFkR*2c7oiS3>9;08PmX+2e%
zYz=_oweW!3gC~ZKf!S65LB3|=N?RRt#j>g|TSu))D(p!gRhckPG5_=3vwFY_LIk3p
zeA!ae6zC7hfE2kG88vc($^?&UtiA)YY$6u{v@zuF{uwOV_P#2#vQq$7A*2=Gu*?h3
zz@RGv_UAbWxbC3sZ7v8nUQv69Sq3?EiOvEVKsU^MUxfrB+5x7B+kR-9UuOjD|5%~*
zACPdL6OeFeq9|^Rfxkn3MV1N7B{G6uJq`n-_KtlWU5o~HrzPC<j$+#X(AiRhvY?FC
zcf~S*2L%(Ig`%;0-0^ia_OhHH7fvDXa1Xz}c5PgPkd8u&tba%k5qAEt7;FHSl4pMx
zQ++}j_b53F>umEYUZg(b|09vCYSW$4m<nqYwCWufPE4j~aG=(}(u<Kj9vXt-_1h#w
zS8nlGj*EZ5!Wg#N69pF6IJ*1XdzI!Uf~bh_PZw0gPj}uwXy5O4YMMH<i&qX7)aB&|
zRs9>!Op{oBtFG0z>azSE!9y?DQEmYHc4OX<F~f=V=Kx1AFV*#7wW`W-`hOMRv(D3o
zBJ^Xl&y>)@c*dQ1a2~A5+?6%LaAnTtb$yYXB_H=o01*-H)FrXDDjKju6^Qfz`G+@R
zR3e@=?V#UIyOwT0bjEyU0bgefolRGW^^NtN9e>wLRhz56SfIr-K>ngcH|EIq7!?;T
zEEs(!DhJZ)j|y7)2X8Mmg9mQkga>Y#C`@PF4SFDY2^c87be~DFI0NmTFuYDq4OVoG
zX3gO7&{>Vd>Mw<sd=sQ!erVEy$N2aL%1-B=fe`zODnjE@)l}>awPu;wBQb}uU<V>t
z3om=}bJ+mgD*iR)t>l;-A9blZTl?RQWtM6c@G$LSEj|g+Ny;f>+MGzq^={j2G|hD!
zBs1Ys53&f7`q}U00S*P;h`Y!G2WcV~d2smal_6*!fDX)TRE3LB#ycmMYB<^O_LQxI
z`gOG<P_2Cr!O5RlKEGf~5LKH_8GkJ_F#fvu{!hTpu8*1HC5pfd<~BsFMF^lJP>iBk
zU>WO<)3g|F6IA`9mcM>LQuj?jQh%$ZE#u~Jh&@;GuRu!sLK-G_msRM`(D1zsX%q$Q
z4;nG~-`;DsJN)X%GJR}cu1CH`mCrhDQiIJ(sLb&U1K$q|iHQe-F;uYe8}5VyDV=p%
zhE#C|X}+8vuk5Ygcr}E#Ok?`xO<XnwAr}Yki(`Tzx%-ukDdo>;twy0U;CgkYr*b8-
zzK;f4jySF12C8ni0W9L&C+TDHklIfx0fF<7@*h)<?>%ayr;_|R2@KAe5>IhbH&Pi#
zGf;eu(ySWk6_BeR{lAN+I@4LDz|1)%hG>eajnJIH^1f<uVL-gdK9+YtzC^Q?v;=H3
z%OA7Qi_JqOZ+4kNU9FA5@fO<6F@!5v=lwOXAyrhhuIeb!sg;<nR9GiHTwX@=R;h)?
zhIqO6^_wZtr()pnEoNf;4{i1**)dg>5j5ADtiH^az-y8~Mq1|pb!Q&L0YPj?(tFV$
zaGT=W+tDBpcEQ+&ZE8u3lphgWAwp$@slPD|0Hc{>9p-47lkDJeIuZXeC4@ei9my{a
zyYJa}K+87n#A#UTbR8|jpsaOEd!=SBWkr520-&bBpbd52Uzc>$SegKXg48PIG#@d%
zcbGkjv!Ut9K3*68bmwR>wBx=L9XVkL?CubKEO>(3+k_x+c!K`d2oW^ld+Y|kk-7i7
zx1<^8>2F{tFi0vEFf30&`WF5tWRjJ}6SQ~211dobNnE=|VEDnFMF6$F#BI!=T{mup
z-HJ+(xmeY8UqbP0azsEB-6L^l@NTfRH}~=9%BX-CwlyHfGDhzuMT088>Fz89k{?TN
zyvh(|b(@MV<27~M{G?B<nKG$+Y1bA?bgHzO?qa^lyaYIRdQ3ru?bs7)1uJDG??SUc
z(4I$u&>jIb&_Xz*S3ns8M>qt4m?{_&w!uF^q#Ys;ov1abpM==rQbZ!-P1n>)3!6P0
z>YuMzmHz$-r-J{!f|X{^w*zrpT*KkQO-gr#rv?JN)v6ron12Pns#x@tPDjh2_Z(C$
zAFY*6!5(`wS3ER;q;M4o3>|?4#qLZZ8!AD@MfIuttc0L4{0!=l>owJ$KRtcqZPyv0
z+sUE2GS;~guM~E<#Wm9dbDekU;b{AY6TQ<@n0LtuI+iu2-jZ(d^*OZ5kT#7i-%7}y
z$Aic|jy%v}|7Wj24g}8rPXI!>eUHN#0t$&13JS<{J%o%BJjetQZPLMl5gS}1AaIZV
zzp2mu9EltVTiKjmmV&ylcyhYXuJU_G=|22iKW0w0@by+VzX0TNjfK7DCf_#w0n*XB
zo@ZJlZ;|#Zm3jjsc|(C-Xmu2x!GZ$=rCc~r=0jD9UjH7V>=x>K>Uw!pzIZi>a2Zt{
zkVNbNB9kXwd1Wi}i-pq*PV#V94JPlE<LIiVV7p!00ki4u8qtYDRrV!3CjUTSo0u>q
zholcn4*jdaGs0K5J3H~H{lv7bsQRQ$5S{Et*?5>S!N45_hOcN5ew!Jen{^dMyRnQ2
zX9rBYL$BpCu$tA2{uQu|KRIig-11x{el+jzkG?;wHwv{h_bY5W-cz+Tudr2;!L6tH
z0!)y!r<fpdXcG0Y#z^ezq=CT4Nch#s_)`mcVI@=);a{bcNvI>E0Q73aBS`KfwZ<3w
znEoM)X}bpLz|2PJZ?d>IqDhR*$5#jz`f83Qs|%>WX=Ip&x?#6(=CPna1q6FB^TG{)
zMl03Aon2uYwc&?j)-QC8$XpqVz$3hGUlAg%e^0igqqeryAH{4TV@rsw)A5d@8sN_L
zDH<&O!Irq=w|PD$)J3VcQJyL^#8!6cL?K7>qb-=vm;9(!RjO%@2T=r3@WP>vaH&~`
zBJfNCD<G%{QJUBS1TH~zo4^7DLL%t<T1?bIxFJe}Bx*Kmnt(E&&8BFt8Ex4yj^&@+
zf^|Ac^!6bMtTZu{7KX&0;j$pgPF=`FG-?Y&;0WaH0Pm6=Ala%itgTI)k&H3^{ARS0
z8c#_`o`kuRjD|Fty3nFM{W$ios!A|TL)q-|#c?eFmE?-?v(8R~0ToU8(PQhWYH9y$
zTtBgPlPR-U!-s*&9`Vuus^A~&NL;mLL`@gH+`$u!1v5A>a*pZrLt7(m8>Zz=SFhJV
z6a!l6oO8AF1TJOdXB81Hw*DO}Q|E1mT-zehG4qzCM`n63=K^$;W2Y}R{E^<cG21r}
zAaS2Xz(v`j05cV0@rwcgC;wGQr#Ym(VM^>q#WUnFIw#6Nf<(KJj085p0fqmQO4LjQ
zKw8fN_-2iGG-7}4sHSitHbl$~4C--1;DZA_c4C!)8Q-7nk{cp}wVDV7*1Ymjdxn-F
z=lTa->%3zX(;QYpBl;PVB&Xrc2u~}Mqz*xUg7=paVgYe+x#sG#1M$@Pm^+@*Q*^B%
znI+(K%owoh%m8bxUhw-K-ebSrl=F<CuWvV{eys27cuW*2;f?^T23*2CJ~1wYGM{5P
zQY76td1{vAC++gVw%=dV415kH^C{-;^a);qI6!Cp?$u%j&UrZ9F$`XqLfDSaI?@k@
zbwcNbn#E|7TylkScB(50Y?|f&`dRQGNkxa@=vXnC$;L*`UAiM!BmtL>{cu0-nA=~d
zW*u-tP;q$`+dqP8<yRypXG+L>y`Uiv;RVqFiK;slc`UaYmT!+mFIb5eL`aJrl>eVE
zIBgcM7Xo?H#YCK+i-sUSDS`Qd2Q74JHm|tF>wHc0kJ`bccZOddc0zosozRFo8;pTB
z2#pQK20S$kAut!lYCZ7*HvbzAS-dFCOdk;Y^QiHSTeuQNWAFD%Rfh4PIlpoIz^62c
z|Cl`FOTnnV(7waNSNXC}mku9s!KrQ$Mw@QNteiJff0cDWTd;i4MIc~YgM}u$D^jQ8
zdoiWf@^$8nAaI7m?643C9TPAG!x0IEBVamef<dw{#0C}+7$`C%q(G7;9SS758>A^n
zVNOm97}x!E8`zDJF#9u+F~6Arj&N^-oh7;3pYm4}NTfyl55|Md&n+dNqG%0xrCUsZ
ztnn(g5qG6|fSuB%-u!au$??=NG?pwRq^CpXMU}oa<-l}$!{|8es`d=TXW>F#IO_ef
z<}mb7_;~miY%al-ay?f0QXk?=XH{jv6w9vskR>H#LGT}hS)wu!xbwl&0x}SYmV)i!
zflL$Z2qvWbig<A}X1w`$4~bOym}4{>MMB^|`u-XL!2}5z2s>GsUKU?}U>6*uP2IX2
z0p1|cbOc&<CPFCX;$pbGXS+#I1&j?rPt{`wFpg$11#6q<qDC*@xgGZVl&v7R>BS>}
zhs#aY0@tk9jAtt8tJY5LlYJf%EzpgZH_Y7XOzGDIPVkwr&C{1*&aK%@zwQL%uv_Ii
zIs+kxV{BUv9&UbNgGM!}iw8_jAr1qH9O7&U?)4y~M*`#@c|tQEYq~9=qszRr7i!O6
z*TRAuwLOy&!xL!SzI9{M>kv?yKi^TF@y3JGd=JAfMT#^&z%|fB&r@Js;;UU(1D6un
z1;KxQKX1PaflCrIEwBs0h!lpdD2gn)8(vI8!z{@(3gs&zqk#kF&@B!Gea$J3^N;O!
zmqGeIOGw{m2~gLXCl&DOw=B}~b4`CXs5v811kmc_?dyGqe-q)dZpL1iG`p;|PW0=-
zOTjWSXg3%Q6wa#-T4oi{!q@M;(5r)dckjgud)|*t6B{9&vKC}gS}0$5_6QaP|0O)!
zNl~rAmRU%}r8!1HaNKXW!w|U6QPTp$5Qv<j+J_3tB9MO!^Nc_Q#LYEKioR!R-_J6|
z@<8A5I!`nHbBx5(oujS~onfSjffScL>3}JPp`jE<+);|+Zm9gER=lqG{48H58lsct
z<a)3<@bm>;;%1IIRZD#cois(3tf14{&{^S3?b-+-RMK))z#3SVaxBd?sp%VDTIjmF
zYgqMVZgP)^zdrCyN;f5Wvd8Vg-W8`oV`t$t)D0|we26-8co8{|k#|^Lg^%;(g5h3;
z!>7rSreX_4(vb6F1=8F6r$yQc0&<@<(u{lY8hew1c>f8o3`UFOg4s&t^sx}r`WKxr
zr3p3V(*%bK8A25JolOO`gsUf*kEwi*$Uhsyx?ycZh(05aS_@;pn7JBo_nTIU0GHY1
zHS9)!l(s#g)R?sB23B_c%qPgSwuT%Q0`FoP(MU3T!60hQfP>*!`Prjk5jd9t@`GRz
zh^zs&o{TaY{Dq;h65`MRCGMEWqC94ZA_7JBHNy43MgB>+#E%;T2eX+0e}g0$_y(CE
zW62&6t;&8FgQ%Yc<^#Id^B4`W_h+BZ#VH}!Gd{s&eijtxMQy_GVA@(VgJIUoSb*g`
z6JvlfnPN>>t>fV#h0L=4hOJ*cyJ>)5GdHHoG+<MZrh^d!h}J?M=MUX^Tr^KUa$gNO
zSTLO7H)@P;q5{kh!ayMU?N1;*N)&<qTh2mIu(kqXo|i~hImNe`f;dGzqbL;4(ElHE
z#*m1Cu$hJ7Zy}5Tqcvp$5o#`g0D~E=X^7FBFG6nt;Nnr9jXySib*@K_59eG9Ai{8V
z7O*!q+X%KBU&(egT*2Bcmdfp$?0r|gndHb*faR|pCu?(%vfj-hc*bDvdUvR6vPq>_
zp<STAb(KWxW{TgP?CaHiooaWv718^L^aH<2O>W=Hp?~9H<>kWy+@6h=ORo|ygiFlT
zSC7@OE;)ZVaG6+Ffj|9@n*_y@F=Vq~AAN?RxICmAle6LOpMvD|^p%&LiN-s|Xoz)#
zvo@GZGSWk%!mvK2m0B>?Q>O{PK_gASzGf=mLrlq;#W3(yR~+vGnY%9Dq~4wtocXQa
z!c6gcT*D#&^h**bOeM>)<eGVKZ~YbBql8pl!D!4wH2R>Unbh`KzaUE*r#u(-w;f0A
za<%C(JnQ6b5F#*&02aDNL+4DW7r=F0$G_ArDD#+{u1vp5c_pa&jj98O<IZPsMEq=g
zhsrF|vTa~IXeuxcTYLd36`&3aSmx>NQcRI?B=+%7&4phKHkQQJ%8m50$~Gs34Jh6B
z_h{6|C11xMYT6h(iox^Fu_^sONYmFFrA!r2TG^gnjSsB8j61d7$v@tF2i)%Gu4?xa
ze?Hn>umQFS-T4l~il4-rNQ>+_j_re;1x-<HT69A&H_>NRX;GP*mzFA`zu2KJCgZTa
z-?BmR-b<NuvU5~gs`QAaE?O)&pbk~$R}hY*ilRkq-fiJ6nXKV{g#2_pft_eAKxzI+
z)wr6{LpsY`4F6&Wpq|MAjd_>E)!1H2RCrB<i#fG0Myd9^FLRAkcx_<ZlFT>|z)a+p
zghEmkk#3-f`Z>&vRYwp7WEuI3YlPx2!)}+wNHa+~J263(%=jo5p0yp94K?MJ%ccRH
zI|lL&NhedMRrihZMGdWLIC)nSs2<Jn*KQs85Po1EnZ7=2M9~iMGaP)Pu54bu1-8@9
zZzS`3Wh}MZ!meYQ#!kH$5RZO0+`TG4R>g(p!V|kiM^_nxZMTJOrs-JDg{Mz%iVY#c
zdAV}+i!9w~za~B+(q#-e%~T8{$c_ym)X;wyt=@Lh)GCV3Qb|f+gvgt<kBj#~(Z@tO
z#y_WU&cz2E8UDRCK%Crf6J|SV`{sq<0e1M*_lheAp35@`R?mG-LjlgJbO~sxk}mpl
z>zje@vZZ~$Mxn{)VgJ=fh|EeH`iHXGUB4yl<HVvjObvd-H>5Xo6qk=Uw8H>I0SsGK
zvBidGtnMN(20+-FE^fWX2SgQ-)lXWn@1_XXu`RdlXNbkvnC0>si4W1-Sql<7N2s_E
zF6ou70$=QFsE3$Dzj9g@C0VW3HWI0UooTeG?OZY!5v-V!hPFs<s0cdRrO+v44E~u1
zn7olbfQS-Ce<E;T3P%QiqF}(^2_)sC;qgQjd8=wL>N3oVsNJn2b4j2AmICJBz$1S>
z38JPy01>v60R1dP5YdY6tD2K3Sa83<#y^Eoj<0hj>yE^IMl*NoJQ@yo-yQpS*Vd3)
z!ODmrY|>c-*6trY;UC^QNW){K3VXVr&}oEA=bl(jN%;flb~4$p`@Z<ccH06))0Ih~
z;>*>f2GZjiqsu;)eXGz!hE-C$*tkrG;iGqNi0z&!?N61wJhZKWaaAuKP>M$c6e3C#
zl8C@XC>`aKh=L1H&}m}(83^K!#7M@ybBzrksxNN2ALl5<%Sbz@zeWDBrKTAu#m9#z
zq|(HJ=@e}cgVMslhEuvjG7Xva$FCv8U231AzmT++2n}s@AABfZU5%zgzb}t#q}Qrh
z#$x{nqWc6XysGuN_^`dvaG_wxsLs=b{#hU227DQzOB|D4p2bAy+KBsuG7Z&qk!$8j
zpv7YsqToGmq371vT9LZ2ST$h9y)l;ikqgM`_qf%KglR3mTB^g0f{yJPlfPDSxk`WC
zh2<sKoin_5Q~q-DVAV|=_OT&5aEsfzrl<5Qs9TvBPzF{~+jg?0@%iOa<Z+i<fVTEc
z6)3_zh(+0Bp}XqLxLgr>Q*IGB-lgVPTa=F1*+k%5l!DK)9_n=r5<CgQ3W9>CDkM7g
z^6)^pO!Q-;3{4=C#Nb<h{_c9guRm_zyYBYA>l86j-2j7#un-Y)#+><Yl#yuy4?m7U
z<^~Hxc{FLX0i=5<&dAD>ZBRrp5|!WW>7=Wk2?~_y{bix}OWy0&#kILMsyWFPQBzUo
zOX}6kYepSgBT?``gODn+Kyaa^7TOw&oVT1w={nSr)zALtnu6^MO#L!PkhgcFaV&=W
zTHonL!w7b;*XB3hLyJ|1!T7wBG53`4&i`ZT9Rn-vda%(N)2VISwr$(CZQHhO+wRm;
z+nTzanrFY?Ip>?__s)-<+(}kea^+gdIh%JeSIc>W>fU^>@HF#H`_3jXBe`eXs-kP-
zb!x4u?N0A5=P|c##660(iRIkuAz(WxD>@jNGE8nW_Bs4nXJ4?6VZ&kwhA%xgeji|M
zId;euPQM>jIwu5EqstVJi6B+!oD`0ULa5YDJJG#ZNHwKiX-Ok6`U^-t@}Z@Bg2+f^
zX<BswVzd8DmuF9=O4r4y3bz=MV^8txC-1HTY=*fxkv!aXfK?kraCRbV#zFp5bNa<&
zxjIwi2*>`(8mxe47q|1O6UhN=2A9qOwW2|F54HJql75CAh2aPyC*N0-pQ&SRPPgYQ
z?^#jbkYZab^VYp>cN^XFNDFWmTNf4hFE8Y-L$Xk=5`WFV&C=~enZBD)`k4LRf_`IV
z2OPczEk1dFR7hr$IazUL3vry%XNnG?fZBpJf~Xp&<-0&@6w5MiGa-4!zrgXBb&Y;L
z`GH=^3$$-x!Z^qiz>BRWLlQ%JGGvM2#o!zbP6*<~Alw_Mn5yQ`Q2^Sn`Z7ZN#GZPj
zIK5LQi5`lVs%dG?iNQP;|FUS{CJDS4J2|`&7UG_mm_E=}1jLb%6Q=FFWc#4{{EDhN
z?OvEEw2Ox9t@WiWM?>V-%Nhi2>$4Znw~}0WP~hKn{-e?YSom4`U}MxcS6$tbK1TJ~
ziC-)?taliCTU}}5=+AItPgDEhoq2{BoETxhS;7pD3^2st!VE(geqzoT<$EEHx6_aq
z>L>{%7ZC`aKmw4@efaA{32<SB|H`Ql?qoxZ?Ht1hOOZV|+vVUP+$!K^WqM+ajo)yX
z-_6t2s<W`xKi0A1*q*nZl+~uU7Ra{*z@(SWY<TTePxHfUshf(u-v%6qf5e;D1xP0-
zB*C}ZJ!H}vxY{Nco_Wz39_=BCEp~(?21{dbc7z}fk;YUfcsU*=_RvTpG5K|u8D=FE
znRsT5>FI&BakmCb|Hp)llSfEm?59XZSo|yRu>KdW^c(R9;1HLM0qAA3tY3Ke@u?mI
zW9}29{%!ZaX%NCFf_6?%O%W}idyM^{li}EPaS9o&crSL)%wlGPwARvLKk1LBW4%w{
z-w!S6h26|8p1%H)`v#}_?b}uK1hvVA4lqv{d>4eoPF^3tgXONYHwo*|UsvEimaltL
zQ1nvnz4fBX*s4NmFLC6|t&9TWw1N8~p{svMh-=>X(PhQd;CI5lh{VSyxzr-4lv+DH
zd?pJ;+ERIS?mCjRqU3Q<bNwdY|9JW{)t$c~(k1>wes}u(=DltxV+SLfG}1@c&7m*v
zbuHf+Xm&9pUh9#9gF7SMcYUIl^GEXpyff0sXi!M1xMbEVV78+$Pf}aN)V>4}jWhk9
z#XzW8vcHU7oPQA)UyAo)Du)L!G2?@nne?^`7)``ld?4V~G!^@SIj%OubD^hA;M1<{
z*KEY{6Qvx0X`3S;toFiH`2;vv+gcDRsQArpr@mh}6hx>sDQ!T(N4#*4{1~;c>v#J;
zU%Wn_kaxu*U+Q<Ww2oH2Gq68Hu;D_~hF|et7B?BMyrMMxXMxLPiz6(Ti!)9NA|6do
z7a;@@)D-sSsXqX(N2e#T#1kKsC*qqMc1#Fo5B@2L(ENw5k%^X#((rMP!YI3gWQ0`>
zH^5@U8)k6{R^S<C=~3qGYDHard+@$(bLKtu_DSQHmAYmiqchI~9eLccJ-rNvn;{W(
ze|S7=FK&5zo89(Sh%}}TqKfNfP*fMynC%VJy2tnbJ9KnYYYFu&^SxtMzWv<v=|V7`
zHuYp!|Ce_JrI$cEeb^n%<iM@oWy~g}b!P%WZ>rycr0Qzz`cX{C7u=Ut#KU~E=Znr4
z-6Ua%%okz4_WB$Cs-!;CpFT|){BwpYNapTwy63CqGnh1QY<jV391e{Zn_J@zfZP)k
zKnHNlA<?4|LjOhRsne9J8h~$#QabTOyLP-ZIQeIX;own|lTmi_6GJTj2ZO;SL&&M6
zJe7=~6)nFhL3nQChV8UYM{_|3!2{cFYoQH9%O72#yf%hYMjXb<LI!#lNMnwtlNq)b
zHzfg<u0_c6pLrW)np_5Ow&myR?#n+lTVTUV7`{-lh2#6kV67B4wEyN78Z9_>fKAX*
z<7s*xK!Slyf(^o*#}2?O4!~qAijla_@G-xse!MEHBHqR0$jPpaiu-A>I2UHl1TaHZ
zZ3MnA(w(;PkdQH}vceDf+Vg+UrbD$#A8{y()MuuW-wm}TQ*7hZ_WwD^DO%XJbg$Fk
z_hRPGdGg-J1x~os;F*&#gYr4iri@Z{VMl;s*qHYQv8M0KYenbQ@V;YN(YrLb8iiZY
zi)na5qL=u)q>o^~k4|EuC*y>6>)(`73eAFU!uH_S@bsU`$1A(0_vNI9SLQIjh`kI>
z*uKUX^}AHV02}jFxFNPqC^a{cv(v!sZ~nKI09tsD*Y3$o-1juCrS4kG6<B^3bXyEQ
zx&W&puPxXX$gu{-CDDbo{<)F&<E01Jr7B|~p_;W&-ud$Uw4M``H>q{3pTCLGbn_&t
zpGh~|Lc9<KihAlm@6#c@$_`b`d8&&QbF6LlQwcllSGGN7ek(7+Ow;UrY`PD^%jM}C
zH+K#Gx|=t9m3GOItN4Zc7pql#C#-w@l?<A`{ChNROTP!!6}{X1ml5O@y_ki+qRMEV
zKBLmBp2(1uB2tzp<G4W@0Q_|-YDX9|0=JR>FU5oDCO@I?<~)U4ekjh5E*Ta?vw}AV
z(=j!H>lRn&MfV~_(L%*2!n8U=Fcjn)LMu!YhNT@f(wT9q@hp6ntwR^z-+{gA>^|d?
z<$Jo&%*WK6jzY2ZGss?;K{^?b-MT(xiBc;+L-(LPRwDXW<mYkhJ@U$SYH%laR!T9e
z+jt5958g^@hNc?dWYZ~W;*&TBUBTF`Ms?`Le+f=G6`z+yQd#T~0$(L;(ZnM$)SGU%
zU1KQ56)SJ1*LI6Y2ze4OT0pD(Mj%ys)pTS}{>VL1B)=Uh63vC}th!D-GU;7x0WOyv
zL`f~<%gSAzj$D#|D5kk-&%c97;lLj4IH}mooWQ6xu)MT(Oqn!ZPV9*8#duoW_u?|V
zEI=MxJPT<Imc!sa3t<!@mtn#xXDlw6MuJxoM*DCnpuD5_o+F`YYH08{H-^le|4+#S
zN0!Ub$C--&NVMgkWpLcM4RU5ri@=AZ=R)Go{k6-ScjKqK5U0aFPuKJkTlQ)=&IN<V
z`SyOzIhYiQO{K|;O@1J3%fq17akhGE=x_5Fp>q(sna2hlWmg+7+=YUcpo*ce8QZmg
zg}6+!%IMf0Dt>FBl;&K-{QTrPW6JgcQ0OIWLWnZSb8ALS*cd+;?t=8v)HLqjQry5(
z4croB(cvG@*Fkz#d(l;URWne0Uk`w=_tU*Rvwwxo&|4B!?SQ(`fcc7`86I=!L@^qB
z1BJWien(3eh7PF1Z6{=bbkC$>u7Xq4S*O6IA9uZyAh7HggQeFi)3gh?U>fX#5zE`u
zV6d)<O0QEoIQ3GviP)ng9xLlj$2|<H4P$$IUqSwQ?CD(_+>9>2doqHwr+2%3G74!&
z_w*F34oYH(eElv#CDqLHB#9o5AahJo{Tgyg;PCMNccH!|VD$99oALC{7{lk4U~pX%
zWNO^RWz##xm=rz?dZ90h!_La?QepElY_aoK_S<B^QQE-oH4?2Ts5s8)INMyVdX=-w
zFTCsi8IZM3QiaJAj6HWpP>0Mq!l4}>Ss)0%3K8bg`$^{X;Fh#BJ#&N$Imkb_k%}1+
zEa<E`6mrdt-jAqrJ)16dDT=KcXtkNN!koYSMty8g^ImO$bK2R-7v3sV#D@BfFsSiW
zx=v$ba(X%7!Ano)c6)GO+0(H$7#)q<(}A%+I+~}R=BSkr5ylDqIYCYdBP>)LV-|{U
zqG<^D4NfoTKcOm?j1CA@^#6sb!N`)~07qj#UY8&T8WEO=UH+Nky!`7PysHNS?^6C5
z;?|hcunMM!dl)|3=_cC-#re@ih&g7wjUUs3iPySYGuyTtipq*7`DJ~1Ed}K>1&qg&
zE`tFsU$rSrLrEG+mY<^>>aH~<_0B=->8FcmWbw+Q(1t5wYu2kKp8~s}Ci)Dmvv^9r
z-Bb6+SJ$(ePqlxYzkYPOfr8)7B4D7PhqejpllI-MUVV@R`^QJL{@6L0F8i#NOY{l8
z#Peje6_?TYxL!o>__BGTnrAY5rhKsxai_8OF6>;n(pxnfcK1i-EuYocjTObtZ#Cro
z4LzGDk&^g6jK0G#wa@hHB4|;d2{Up05%{A>{Js{C7F>7aEc&rkWnyDUR;E0$*cjZU
zi8aC47(}ZhA{n3l62AR$Z2r3fYry^xYUI$?oRd~lfYzk>IGk0<KMV8R$yk~AI9rjF
z-HFTd$l$si$eKzOafjf0Qm{8tPtTcIr{*cm?(hJOeb&WAMJW=@X~=PyMA3H~(DhMo
z9yqKa_GR6)-XcaGR1JO8B4RRW#h4_u5k{LpU*(<m%J}n4ro7tQ&?97PKVRChZ9FMH
zdHdky%62Ts%fmxbofA9_qt;4)C4%C8=S)_3a>=iEHroxADe`KyKuWPpD!OL5sM1W@
zdzXKrEe-Njil{oiR1ef$4hx4`b<FZK6mMiG*^GW^UINMd_EosjX$`&K09hqfUxL_N
zRT4S8pe$+(Cc=_0ju?ZBvbZdW7=sdR(HN0LGvPEud~rCSA@x*aKsqu#DK#8O8dzXp
zcT*7gPe0Nu8|C-Q35p`%v^07WiK1Y`>n$ZXq&Frs)Y^bc**$Y3#>L!XIF5Jo@LLuv
z2Cqll{yyWGMBoL7+O{J#MG7iZ@RDmUPYvCAIX>X2g&2y?{v@S*^KV)w7RR^Kg70#R
z<ta{FAksPQ;!W*ai~tXY&oS0(<z&GU6)jOEDsS)@UCEDS!*a4rR9Tr|OZTZbzZ=~Z
z@j?g{e|pTrfMLm>1}R*FIdAf*KXrO4$1ONxp(_UfxQpQE%=O*)Z2vU2Kq-j<KpmV>
zW6-~P3J9V_QOFIi8);fzy>N8o{$WcZipbKL`#95)0m++!D{(3^R$TFcOh-;edc5wk
zMzVN>@?dSSPgoN9ily43I7dLOe`N>H@72yvN#j+M<n?Y`+xK$fe#7+cX%+t9i9a1P
z0M-O(HZTe72D+p$8X~YLe(Fw<HAw}o*!VN`>a>~u(xG54l`S%BvXDUba7OM3bF#(V
zvsqoV*zNK~BfY*fU-yld3qHBid3;>h*UN*&*?6zk`+fg$)0;ID9H;Sl7Cde>S?GNc
zZom<XQl%OXTpW_J1<=$>3sY1BlN8Vxl7frVlUX2um%#ZwEv=E*Jg>w^>6Re$@7n@%
zkdaZcbaGOnEWQNqMN|n7AY#V{60?0VIgGUUC~_|G%5#+Pw#RA$_2ijn+CWk3lz|ur
zz<V0ZXy`USqx*CRMbjzwx?<}Hu<h5fF=vH(t{;o#cQ=Fro9jh&4ke#yRI5{5an*f_
z7N^0zhTLkL-w?%XmAFhO<%4tMaK=QKaNqR={bm8v#2}Rsy33SdpZ?55MNuLX5hDDS
zXd}=exR8d;TA^}7;HR}}6ckGA2V$Cq{<-`$8yyGsP=WR9$GbKT+c~9ZC1PX4*iUVj
zccOdC4odlZb0VC{tv=d5tUMGLjpBY#NDcB;WZL(|r$Mevv6iK(@d2%=v4O7t8S9wl
zM>G?m=`k}>nWvluq6o=j5yjNs>F6NF(~WYqzZ4qU|Mw0e+`tx@_G>0G4RH2=Uqml!
z4tP=hM%pICsr(%lHH6-A!8Vpz?6|G|WJu3-%UWg1VT<<{t8So33N;7WDZ?vaJs$vk
z*IU(BO$M<m=VNV#*B5~o^ej*y=(v=&8v!tThD&&hZG*!qyjfZvZadGT{AS1fwh4iE
zX<)OyF8+g^z)9f0^-SIlMA%gPM3w*RF=ljRP(!AS5e*sAn9-2|4LPI{15#8~Rc~;R
zeo`W%F{;E=q;p>@&G1)H$1TlKCP2F7-&B{uf(b1-n;DHUmj6dEdUf-_-cnm|Mi5M_
zT8n34z>t$L{?nG)QTsw0iC(FKB>Aix=a7#PvF%f@L^f*nMph3Fx?e56nLUC26;$cT
z#!nrXk*@St;y(*pMm7*H;L;cL;wg0({Rl2oa9sKxkd66TYNP2h@bA3>A`h}DFV-p2
z?OrDwyE!3&HFft@4ii5?Ov0n;b+bk`6sdY!Cw0O;f^BQrcu$$D{m9;%vBFf?Av1dq
z)2!_uYKpXd#h`lXt!@t{&w<3B2J%w{gJj-M=FIyUDv*jJB$+zpeZr}S#q#HNaN$^w
z4EsZE#>>5k<xpXojQO$CBfWVUnH&*_lPyOkMg(JIa7HG;2*t|ul4vYalZirxylH+y
zJuYO3SpF$j9Gc{~qglHq5YzhS1~%-Gi2yf91h~QI6Tl4`aBUSL47peIe_K4p0`rJ1
zs0b29+9e&-Vk@_oAb7f><tO^B1WkIgk7S}G>u%(Pzj<uM*-v}BFdj0%kqXhSROTT6
zJd5*$+Gnw>aN<^d*Ay?%$$mV?%w2b6T9@&?Z#`SD{T7YGnSDiE=UHi;U`19kGNIBg
zMDU){QSjh}VQ_2!O17jK7#ReS!J!!dGX#DsWN^W}OR522k4;I;qmx85LBi|?L3Yhf
zxHJO(RZ|E*WYG+qoY4pX=U(Bhkt-U7$S+q66eI2s;yqTC?)Kn3x2l8pOZ*r+RZHXb
zN!fui@T-K<?ABN@bIiyZYGS0mF7a1Fs!seaz|J1FGkYCA+3xBP2l#gblw+(*y(;|c
z0>Racxs5n`k<-}Q;oGv#3vozNAEeP(N83R~$D`3*Qpa5?<D+M;0;%r!0dWvX)8|;t
zbs+TBdD4ZYePr-cnoMyoDcpwkK|wDm)YXi%GQ9*EV`UN%$yNf5<QP%BvBkv9ghECl
z+L6or&VTNBPFXGOM<*@pGKcoGhASYc%455ShmI8@C{Rf)15>+S9*d{q+6l;tYt&^m
z8wqIVbrf{DMD!|0TNhG@UDOu6<UUW^5OjxO!t)>{*RC<dFX88qr+J{6>gmhWa*)75
zz2l0kR|PEzWNjFvFA#HIO>_L}K$p>d4Z1}@-(&$mpOaQ3au&B~I`SscI3jH(Sc$Zb
z2<u3YiL`<dHm1-ztyLtF*X1NM(J3a1D2Z$OFP@`A6m71Ek~ku4|IQ>RSF%LfPR>Nw
z#R#G8l)LAbm$~h$Um&g;n=E}Gx>!S6FTlzRgWCS#%ZoF5Lp1d!x*mz8#6L-HyB_aT
zXfnc*Z+^y~Yt$v%O|5HV`)dGY5Ff2n!`wyt=iIORJ2YS2G(ReTruNR4;&Y(!EpNUV
z4r589^`Glf=2cF0A2=`8&5T8hQKf3rQP=c(@Ep^Ny%}y?c0zBJ9(i3W9qiGOE_O&q
z26v}$bVx%F=~69lOdK$fvc&noIXMb0M2MQ~n>(VEP)18>Z*30hHvLOI1m;fZN!iZn
z06@uvET(^a{P-28NMPG3%~_aj1&f<WwZ|gKImX+A0S0@})S5UcOj9R0Ui*qy=(>}i
z@JAn|=#c67+L8NguLb#d{`+Hh>Rshc6$1LEuu17>j?))z2XNUoE~@%d?!7#|oc3ct
zSM#`!n@K`&EB&uVvIG{e$fEayb*n5x6E<`!-MJk}oXcDjEN^nh26rS#Z*svk?$R4_
z(?6jjbFZo_G(PZ?Mdl>Mju`5O31%#f1!=*(#{W9Hic=;xB<$ul0F?Jq789WTcyrww
z9m{sf<OumG`iV!25XL9%-5zYDP|ul#1D`E~u(KYh&8c9|P%pn1%{5=Ofl_-Yhj8~j
z1!8c9_8|2`A}*$GVVho)uHXMN#UK;7z_A9@xzQaar`@b{#}JbvzxTuT^9wa#)tW-t
zyW-mmZB_sROoDDfEsai}!ZW5G^&7DxvcKLhSGug%=8`UZbalK7f%9C-R9pOx#5!Ei
zHCQZ#e+?zOIPR^wDIr{Q)*t@kd-u*=%f%#kB5@tR#rJ5=p(e*|p_4+V>_9<rM%YFA
zu@TN;`0J|6KK!?bMneM2>|zl@`*Rm}vjN}N%Lk=@B|HMho6`aNLoE%#F82dnyDE7@
zY|_QL7+?@y!5?c|q8eY+7i_zfo-417YMAySDj8IC)K-<QP9lv49H}{Sz%#9h8N+)C
zIBz-5x!1(h{y(0a3j3zmr0nKcfSa7l{~tH8Rke|>F{5I-&22eW>6iLFjFe+<aGA=q
zEOJo)awohi4O3POUqJx6SHw&D#!MCPD<AS$$KXq;6)(u^@X|q&#ZzOdv=EiJd^pX9
zeW1yw*ebj=_H2U<0jCp8jpz9@)|UQp=b()4$R102RDUE1isnyRM3fI}oXOk;wA800
zqz6}Q0YIID%HV>f^jH#aF;SuDoJ596XQU<%L5obYl6%c85=pGLLRfiRFw%dK98g{<
zsUT%9r!d4~<iTb6!OOQ}D_Z;x{PdT%dQaUH+KZTKjDBBzZE;8etV89o_c_ef7CPEk
zo_&W@xDWKL(EJAFZB7KV4L4kjxr)ewBleDB!QylFem&1`lc%C*RLm5u70ta^<2Ci<
z@WOBSa3Yj9atckR{`BIZ{K{CJE4IE^HQq2iE!I%|e^oKkh@_0B!~sVz*A69^xrL;~
z*}LCB55XhNvAQy({`kL^hEe*jRZ08V)j^h`HC9u=-^LrHtAX8s_XJ|Ftzv7xWMF&$
z^dq%vcc5J%(?M^ukmC$zh+ag>KD&DTNkvjzZCuf{VE*?pS~q&LvPuS)c=iL-NEz&}
zvzl!ij+_4JX4Yn)?X(z3y_J5ar3uxE=ULgFnx*T;54$oOYfbC^3W}*8yjU*DPs}Rn
za|`VL?6K!ih0PHn+s>K75512#5#D``vQ^F?70g(^Qn6lKt;sQL*bdwiWN@oX!k3%#
zX!Bxyme!-C4_;P^=LKk`ixr}k!CEO?6{3_vv{4@c{$XYx2YDeM{zP$Wf~tujO(hXi
z1kj+;Z=L|@e_dDM5w=RvKQoo0fQ5j@@|gbd@#1!OnZN@iO$IDXAN}ZPf(~Kt>#0|p
z-Y-`&;Y(e~Xm5$1A2QMPKd0p=h*z~tP7_LiMnL|gUs;`EtpL|C2YpfCxZx>poaupn
z^ygXq2?Nq9{iwF#9Q)lYx|#+|@*K>s<qa}{BeNDv-U*p)2cH7((P15`5neLHuHf^r
zlwn!KNxKP`vp08~Z$L!t%W{y<&;Pqj5hi&5YVvE;wS`jNe3S6~4kH);VfY@od_i_~
z;Ok`0*`y^0`<;A_Q?t50SB|%akLLJ%DGvHHxNXKXITX2{aR7aKw~CyiY(VSqOWbEF
z4H?uk@e(fT!D~$E+<>NZ5ktB%xG{wbLz;3(gDNT`6};ulP@#lA$~dWUnq2fa-0?Wn
zQG{0XO$pNYKT}jZOfqB2UQT1^#Rxpi|8o-m{z)Sf_&zZpA-VAQ%fDpfl2;m<qT8lA
z?FTgfB^DN!RmR)lq0Q%Rzjj=>b%#W8M&*K-C_1yHHFmG-m@_6<`mdgg72=%sB0H*a
zS&aVLzzq0WUvOrZ5TMfcPRXt9Sq;!K-_@J_8dgx3VC&O0#{v}GRWDDxgdHkktC^GC
zBG^W7w0c{^G(CAeDcqw{7c5Uo*MxK>NKZ=93F$<1a!Zwwk|InJ{@d?D)2t+iL^Z(!
zazPD^bE#6e`=o!30};{Wo|K)Oo)AkBMaRh(Zy%n6Hvut!KAS$r&9l{+FY0z*Zxp#d
zsEyC9BP#8Glo#}?%+7mCaGB503&@=gqc^JLjg@^Xys}pC{nIu!XlV8!5Ng-<A;||c
z?<BL=+hKD*o4#88);?Ho-reWYKJNc^tN(~8DT%&;DNtEj;=|d^Wj{%|SO|_yWYP_6
zd*k<6Ni!67m+>VPE2@4t&5@;m`tG`XBDOU_{>}ET)`E{rs_kYV5S%UStL{UyJ2iLX
zrAuM>_e58e;mXR=-PGZ&XX%ryo6n@)M(q-8LB)&LlFBuqY{9ama!D{t3b&*Zg;2I}
zNPd!HM&g7Nr~I>n#8UIMr0QUFNMB_zNJ~PwGML5m-|2|BNg`XyPA+SRr8tr&ku@}S
z=yn-eLJ31>+&lW#G3{vQ`t8}~R|7vjxA9K3na^U&g75KXFDl`BL1_gNm_kvlbS5~K
zW|ZRKw`X3se(S9E`~4Gh2dQ8Gx6f*=#!IwlD;2CeLi(Wx^<Hdt-aMxs3UJ8=;Sef<
z<t`q)%WecnIj8^6F|crfb}viq;hMENz9u`)Cgzxma&r^bE#O@l`|PuOP<WVXMAFul
z{<8d1!Y7xG^yc(=UnM`zQ)rla6=s6Zjt1_H0|@*_!Ez{RahMW#?4EBi@_EHR4oA*c
z$MB~@AEMZu_wNJjt&egq+6X`FucuUAz)b#oc}z<l#+yB7&7U`##<gK$!IGwFX^==7
zm!=8DF!A_{2>SIq(P>{1Nv%=bDPAe*wMC|>V7h8jiHI8@{hwm?DVwJ0;e>`srg&J(
z&wJ1dB3GaG#s3ovKq&x0eN7Cis&ilCef2(<Z{nB)!iJro$}ZR*@D>`s+Uji2A_VPD
zHN7f-l?&>IwLaOOQR25gE7jd#SgO$7703gn3f9H}<PsfGa@&!zNw;6K#UkoGQE|d>
z17J`(kT|5aoYtre4Y96Kds7-%A0#*0?YLcH(*-4UfpOK^oI&|sLR=GLYx-8FEl}45
z0MfYDAQF)|EdD&=v@8t@N|!s%D?viix;o4&g#?TB5*P_4B(O+hK!es3Xey17(B5af
z@zM57pPT?B{-dx+7Ea5<2@VSY=b1QRfmm?v%GeTc^jPiTK3J!d5F1vZAlc{Qza>yU
znCzk#<$rzl#O;Be<>h^Th8AFgHZr22X{$cMmi{y5_9>{=W?{^TAlvt+=%yH7Qg(_w
zB%DdJp7IE{CS1Mia+FAPZ^hjY4=7u?f=4=)qm#vRH+n3K*SR-=?8AK(sHwll_|N!y
zj)fFVXVZUFW!v;F+CuB&;}!O!fewX<{$98Nu`?f|A$YN5OSV-mA8B_s4v;=sZ5SJ^
zD(@;mKGNoj`AXw1wJ!<!N+X_YUwcO4lOjM@7aU8SAYzpPM_MF;6Fu8L7`;_4^T4IS
zooB25e<WBMSxfB?Crj)A6QoU?MGrb50mE&let!+$es%?$WKdzc9jL9U+X<qEn``DC
z(M-FXAhrULGi~$cmuI%(R)GC6nkp>yS!teX^GIN^aoJABgvC9#s)y)rWpn2m1@Y>K
z%O7SD2?Z^1Ma$q})<6y4b6c8Xf4(s@dHQ?uLfx*ozMm>Xh3R886W5&ne6#YAT!nds
zb^WkSt|xiJ(!V3zA5u8AI<KO>k<WWeoz3T@+XF0xEcM6hvyS?%Ru9rL+JB?@9aIOa
zt9CweQdisP6dDK`eiPP%KyNWDzxwl=C|7T27j6L;LJ%jhEv^>)G0}Yl@4h?lbp<f%
zep}422h6(9xHIhkM<y9v_4C6fF@a_VMxsC(nl?IOUQ}m(1ZJ3^=@>viVgH{C?St%z
zwwLn>HUQD=8^i5Fd8XeV<^FOuCFN+Wr9yd4zr_QAvbC_-=Wz-2%Deeaw7(BhA#R2x
zBiQQpc;%Ne1H~!CtCSc!-!`EZrxd6BaZi7}J$ae)8}h8kFXwZ7w};`?TMwTwTZ_d`
zaa&O!;men-R<&5_NwG!lmF$BYmLJT37bouG?Zp-J*D~jKeddR}ruuDzxptH3F2;i#
ziaVsl=mn`wg<k#bYweyBKLs3A_UH8S%qIHF)M<Qk`tHm3q%oKU1N?ztcT+lBNzS}G
zb#LCvO1>LV+M<Omz$O}87PkMhiJ%NI7CGv#zcGmoF-}RMhC&NOKa*)554PHm#W^f&
z|JekHhB<j9Z98Wr%+e*8l<iHaA*TUg6N_@$7+5@mqxv5M1(M3e0yfRa%T<G=x6}MB
z-0T^f@1JXgpLqHs6PH*yhFVZe&>K21*+oRc=p0G|R3L#^3WWC39vpX~0P1_NUGj%S
zO4IFZ!_8E>;~MPJ-2RV;06%aSYamic%RX-}TC@@2UAk&<g6_N@tNAVQ?&~a6IRM%U
zcK~gL`~P&&Lr4|OG9{S?jSn%zOz4rIZn|A$xwAkpEd{?}f<*lfs^}nBGIYvLE_9fM
z$Rpepu?yvf4Dn!Ix6ue!OmdM&^Nt#|_QcestUz8|_4~Xcn9(3I661$BE}u+D>E1Sf
zg<TO5S03{^jL6US7xhNfyXvRKG`=aTilNrZze5{iWkgZL8n!YnK7Ly%q%5zS)sPl=
z))oZ!y8}Uc{#&+tPxSb(Ofv?tOyw}Q3Dhf9A`{{}_5b6B5@@$s0D*0{)T_=5a@a)W
zGu3>Txh3;Dw}o=2b*Aag<4ohsFkWXl(Ks=PGle_R2xAzx$Vd%ECn1p}+-HU29C-b}
zn{J$$qOSjm)=BD1<;*btpL95oIo)`9GR+9c1r8XD$4UX+eyBHeYpB!%g)OaOY4{0_
z@o6w6l}4qv$yaBK$*ucPY@^{)sB=jBq-1MNOz?g?vg3CmGT>W9!4m{Z=`*{l{1+K9
zCgg%m7ts(yheRpF)K9`?i-IStt%feH;x|En2T9V0hQq}hkzQZ+9BtZ#ux)O>yf*Ih
zp9d+Vh7D2DsL0cQeLE>RXPa~j0?Ac@o@Rj?u#}^bgHt4{;*RVS6ukqf-JX8Bccnje
zcM*qx(j>r?_-bX?=dumJt8F?8saITj#i^d`X_zi@sAUElr*d+rVGcD){Ww7{?I*BI
z2`8yh$}jPol)w?SL>j3vVQdYk4mSQzVKKOTq+!Z_s$qzQ=rFqRmq50XeERD;XuBbZ
zib-J$*3|$U2v$Or>*juD5xG5!0PlXva?{R<+1vB`<dYg^NRLVXPGgm7bH~D}zgoI2
zH=2$Bfl%?W#x<x^h(1z4_nIFF*&iO_&dKuPm-M6B3wAd|NYQZRyy=%Bie`d;czIs?
zUl6*5ZM3qBwWcoKNE%{L%k%|ssnM`2)#l~FqU)cZ4p}*SKZ7MuAgvo$YN@K$7Hd#I
zw}G;1sqiZ|V7Ftl>TB#wqS7t6w|O&Q4ar%uC+kkFP2u{~*kbEbIbXCggX>cXeQFb4
z6*FltpqcWCZ8SmwykJo&j*4j?`Yh5QFhg7~TK}RP!BDnO&CR(Ftqf66BPKD3@RFnr
ztqa>j3%P7aOJ4e8ZL>&ASF)-OLXh5lTd5o^`%6BpJ>B6~BfCyiFN@;K(dn$V!aTVu
z9Y~EjiLq7P@MhNYaa|XwgnScDP?Zfuv(h^Ru{bY=S&i16X}2yis)eZJ1|euoYXmUX
zZaxA2{-PFk+3<bCXAxY{TQQjxZ_XL;w2t+$&;z(z;Q3=p)wE#cWSL?W6J#lsvqBY9
zjMA~GDP{=a9dlYT!=10tCjsG7bPv(w--OV#oZkT9|Fnw=tdy#nvX!eCVxcOGRN#NA
z)aQS0gLfOUYBLh4sza!0h0t0m-TNPvwp)kRcob*TdK=hk3W-bLWPi)A1jaOIOnH4D
zaCid+B-CD|7XFZCm|iZ-rP_lZyV<v~;7wGx4E3ko`uWM1V<Fxj1vNcO16*Bn=sVAH
zZk-zkv<qOfg7DN4Z#ePdQaC99HC;Rt$P9){;XD(-6oM>@E}9PJAtIdeeaQ#k7Z8IE
zvHTd3&g6e<$k&=V>^Lp})inKoiL(#VBq1m5<RAf1(vHwOdWNkm5ilY5;`Fx4s{*#b
z<f#|iS`Hf%aUhrxLg$LL*3m7m?ppbwo}~VJ#5`|oxf6BahFcne@S204XDUBEOc=W+
zrHuLBdqR0!)sOvOC-cmA2{2V&WnIfi!hgMi0Rwn}r|!eMvOl4pck@Cmkdk7IsIAER
za@!O>NYo=%+wLyz364{-@T4-<T*i-3{kr$(-(Ii6IrV=BUg3+B3V9T1v3RVxX=|w?
z9fb$FH2ys1-^MAu0E>|Cf=`>I(n81S)6-G?txy{f@k8Bz^K!t(91Kmk<U5U}U@Pn|
zvWD#XV@=ugpw(nqV-^!+HKlVy7E{RbQK=qA2{f@HuqZqXKN-su=)oe-<WyBe^E6tT
zdqdWLa^6CAP1)s14H*EQ{D2`0Df}jBLuT{9?T1^EUSfR^1!k9q{nl_A&_hX5{zt_r
zXKe)@{wZTw^|RRpPJlZQ%BvdYGtDspoB_RNsZB49O-&Ut5Oh;X)x!QGcYdulNDDl;
zcO%M<Zbs}@8@%XilH9+!eAE1EKK3DP$jR2VWd3<DRB<&qk_j@CB3q1X633)yT99lK
zfeBF;04@R$3Tk!{5YnQPJSV3xoR|ylAB!TqqQy8RME*wwu}qVq%M%kKfC`Ee7AVDJ
zi4hIIe-x|n_j_JUruM|}o47Ebk->gH3X8>1Rl+(?!#$?C>J;T(tnccx+?)t*Xf{nK
zdMn=WI4ALs(Ekmv*sk^a8>_vmkR><n0LJPw*O(&7UZ`UUW3YXGW2SEvC&wKZyM2rU
za&>ZP#IP2Hvs2Q^{<dNJTEnp3f5D3!C!HDAinzXiPes?Q8~HoG^~>q0FysuiB;K9<
zF+HE($H#U2dnjD_bwL05@tKy|v=<|@*u}(!95;6cc{-h1sItQUg+xP;+#+y(ms*0o
zwE2I`4QKjrSQ|s2)%P@3$}Q{<q?cRNt;7w#c;$m<)_T%#Q*`Ix&gVD<?kq0}05lq-
zxR(WeHX%q-lrzZ`gnC#`(#a>3lFbDqqH3s`e~vwktW|P3*98BQ*G6UC6x^KM5CD12
zF(xFi@P$MTp$i)wEMvY-RZO6g)^Q2vbz8OU4}upL-%9vQ|30~$NI&hwRi53}{iRM5
zRd%K8Bp>ja1U$G3QsTw=Xw@L*2C2@Ut+JKn+p>3xl153Bx4(D^mI%%Z9i+dNOn7ir
z5P=UXQ7u(l&=CR)7W-g!F4k3bDXUw#0@spt<uCupa}RV{j^F{bImH>t>$3qnWfEHy
zO-vHKEZ;Jz{UM}@gD@9Q0UHhes4PucIxTqlZ>jo?<COl3|7oXJ(hlbr@&{FqZgyRY
zuF$V%<Bg|TC8<g&H6^Lk%BrmO=4RFeFy>-Z%ou1fiOH`A$njti9vp*&^NTOz8MCew
zz*_?%1GsQ6bN+TDPXqY;E3=&1EgPKW4-TaiJmNRol<{|FD-=5&rQykslE$ZL?9w97
zK3@1>r(@bbUITX?;p%SNHq3N<JiKX{pF1AUFgaCyUJf1~qj$<tAudZ4aqhIvk7l@&
zeRbhaZCyn>5j+2qS_>fWJ7cnQjj-i*8L6!EuvU}wG>_NVheX&^*dK^|NCfbDlRs`6
za}UI#Z3X)sQRn#IUP71qG$!%2HWecc{)qSAsNkMS-+2_Uvr@Xf882GNZZm3~24@|F
z&=_1z-?<|K4_9{z@c*kO@QbTq4G+;;w_?s7;Z3<cZqH47Lauoea{GGS_S2?l`#PJ?
zu>IYf{PJnA`Oq$!pmvd{T5{Gx)<`Y9gyJHryV??Yo=Rq@iNmtpb*lW5?dy_#s+oJL
z`F(K??#j(z;|f2w;K=5;VLR@^ce1Tk=2XPm1!tt>^|}D;V@HvW0m?wI_fyz20??aP
z<I1>HgcZS74SzTH!A|k-76UR?J0`mKN%d2;48Qheh-mIs?Y6WtzdI@dqaNXIc955q
zADt{14)qy<PCYft0<v-pTxU-M0y9z!=h=Lg1-D?u!RF)JVTK4VhF8f$<*_a_Qw`G+
zdg8FrQ8A<Cz*$}Ui%-yV^h5dEnt9v#er^`|LW_K#XCFl7(Nra|8Rd$@h$!q4zD_KA
zMCN$hKH18DECiiefL-Y|?Fo>S{$$HtOnqM3Wnz;@+Mod8<r*qKrpgwG;I6?-VsAbB
z7Fj_CgjdZJ;cS&3N)cozX69)So0Mar@-&L^XWOXUj%0nUOBNqU)a>iYPe%n|qfQDT
zoqlX-sVIs}woE(m(_0S9nbV%90ebm7jS&8B=ALf;Z|jAskuufy#mLq<v>UaP75i&7
zlhX^L#^LlAjui^Gj~Cn{0~}b&h6WVLglB|-W$vSCW=%{f1qSju@W40IDy*<j@&a#V
zX6VYKEF-e$2vPa7rSG02n|Fym4B|w<e4nG~a6pm2g?=f?rs`#a-4DFfF`IR;w-^#d
z86;`k5+5o3F1f%#SF8-m?s>wF`F3m!qbe&m8BDFlL%*cnTBNKwRFH_|<FUyAnT8pW
z<zL!#uP+5heG#Y716$(%85b3_chy&PP~qq3?*A>sJPGYgPx6|*iom0p!tFY9dtFQ(
z#h}QM?ItW<&;J=GK%M(HUQ{q-PsKaBeErNk`HD8rY>}Va(q7jzv5ALnF)Aqp_)1=r
zm4rSyLq!yc9K2XF#i(3{X9mLmDf@Um_jvvDk9qhL8{5@Yyj-(mn?-wjahUT|+eeKV
zYj>QRj;PppU+7Gxb2=H*u5rIuLLA_gHyM7VkZ>&RZSvlT>W)4IEOvH@wZEr|#Ymki
zwYQgeDDB63y{*~Y_Pv_|Qu^eqpPKy>`yB+LN+!g9##5wbfo0{TQ0tXqQ1a5h=g6=L
zd1y=h-4>uY7nF<!98VRcFs6PWty+pkaTSqB8E2(n(ozn`C3$H5_;2LIDi~oE;^(Fv
z*!;E&5rZ`kL3C<4WD`2v88QpOq1A{<h)|>AdAzW`0Wr#oUWWVeq=)VGC8T1ps;K-2
zANbxF7*5OeeALekKKgm}X{5`gK0>2>Az^vH>9o1_MS(pU4QLt2ZpDx2F>hmrp`exq
zxV+%3s{@{;MO|DoC7AsLyjgdVdKsWa8;raxK#NT}9@hV9;nu07Jj4QfPeksSrG%vJ
zIb*9n&|6Ved7pCJiJu2o4{+B1iGu%MXT6e=-Fz%oRt7k$?P|q-OoQ%h79-sz>ou(l
ztK?P?=f)puo{h^4w~{y_$7dKnH>CY8&~B%PnL?s<zgq-Ghq`>j&=^yKbztQ#Q{jUs
zAL-osqPb2pzj5|`yWEV}=!?yEdKXEF8HcisbV3zJk?XKuXX1rDllyG(?4~$%s&~5A
z*OAm9Pr0hyd88meHhwlP7lRmky9d`*3y%8~Q3eP(RppK%3qLgfazm5<`6oZOr8#aS
zfhCq%%>=VjI^g1%g&e4bOcRGy5Di@vHy=Xx0-&NM4<p$BRWWx)hWou3Ss0+=RgLfq
ztM1~DIKlihm)0RFA+BskefT(U=<Gn(7Kg<{2h^@-Pud2WF18?w&<1rmb!{5<&i3lR
ziv)f0T*Gp25!?OV&)Rk)XJt=*oq-QxpR1pru?DlRC3ZBgyY#*67vfJO=kco`XGNNJ
z?@6%fJ2z8TVMv<72L+P{jJ)j-Z)b9QSFWKEqQs5Vtp$xfE2`M(SL~K<ug;mdFIo4n
zR`zI!68V2mo8EGgkrm*&cpE~Skrdv_<Tr$PfRFdq9orSLz*O-ZV9u2B>8_BH-f74X
zVV$&8Tr<#7jbQG;P(Ie})6Ct|%%98iaW{sxT0;4`fJfJhw$Zpk#y5n-neDVWu1POb
zZE|XHHiWON(pug?7}#{*FV@J;o6pHr4R9DE>nu4M{0s)ZK0{XBEyY6jb5Rr7K5Bpb
z>Ot|3;GzO**vzY-dUvX4i)nN8fmfLBSn{^emS_R}j(ztHGCeKDo2W}xMR>l3Pj>-z
z&(z8DR41wpeb`UA;>$v?npObcLMG{zxAvR335ZGhl@X3j5S*bnPNR)8`Rf%QG8Yfy
zx8^Ip?;?3DMc%jL?PZ6yTDfV$GU=~j5<<tEu#%sY#58hA5%<I1fW|RA&o}6Qvxry=
zL+n}n?6*Uk1$z<PexumZ@0iVq|9xHH|9xF4e`%38Z#VD?s)9=+e|mL#EJvQLN$pN~
z+wPH=vT7Vy_36_>RNsNndBza#4pm@uIYkUSCO#csaA}ZJ3qOf8&48;Y$(lBg=<Cww
z?o1UTB&iBUA6)pG=DnCin!Sf=JAAo-<kH{`NcVxmE$e|04*Gn0)Gn=gp!^Kp3QsZ(
zhP@Q}4txUk(jo>#o94hOR;F>0z6_F~tMKn}dUo}1;G3$wOJVr4ltJw0KnqSy-pU)Z
z-Q+axp`h>1usOBOV`j4+-Ov<=Ltf6x<AO!dLtg62Qv0`(yRl>~xV+o}Jhm3O;U==k
zn{g7kqNv+q6`6&O*~J7?S)oR4b)HJ_|JVw0jGG}@D+oVt>A>o@Rgdlvacp}v=4t80
zM0x{;y*iBlM1Vbh;t5wZXdjWGrdGpXPiCpUT(;e*JhWhr@3+#%@3>8RDt?|2?8if9
zM=ozwizg;|5@q;yb-g|B8$Q1-NX}H(qMCiRrMRQvwaH#8&JUwr<OxCv8N%r0)EE2i
zL%vI19sNu9Sy+R150DTyZM$P%3;iPqFYlsVbos5BYxWVlJNNyArxz+RdyTd$wCf;u
zdD8C!TNktA-*kVKf+|8_`AV3Xl99cWNY?Pe@EsXR_=wQfABhjpI5YC<ns)#6iNc+f
zR-cv0YnpssrikwNyB+wkJ!__g1Fg~!A(dMSMQxn&xh{@KVx{}(5-@%YB-I7+z0cfV
z&fZ^sJv0kP+muy<@$=}8E*EVRb)Wx^X_<&K%ej7-NN3o~j?i^$0VOx>K=3$7w#Mj{
zHtkJmT~SA7IvRH90km8f&=6#TjEow9V{$I`th)nl=iC-ox}}uN9w@y8{xnzRrK11j
zaonP7UlsxzBB93;z>X9m`$MqiCXDS6X9^^P++bKXscHeuuDXb<4kCRZ#X#>!+CWkV
zmNt?)kl2x=tmPcvNTdmj;ha`pBGDW{qM17Kp)Z-5LkCf(&1YLhlSzH{|5tgkshOQf
z2Av?tHYh78+Z={UQuv74A(EZjLgN&j+nxQ*nD{b!xX1esFNiD&&?lggFHdxQJ3YRi
zAUTkZTj*QxC%Oa_ue)wr(ZWk7<~@gtj)imamju|R6dc|!#dKb09bK`wVst-YRl+%a
zNI%84v*cUbwIiEgh^#Sd;x@!X;Fs}N^?@z$`pV{&y8;eoii)?@mYNV;t@3)K)$8rA
z^&U9L8hpkpS;mcWqlVLM*8RLKt6R2Rq&2kFCs&epR+80v%I^eQt5&p0zC!B2qqlQ1
zvj0}2<XU0d)AFv$<}4fPCNRu_BBcw8PL{wyNgH9IX(}}gTh9mw8<Ew5VPN<L2@Ym8
zVWY@Q+9}NU)l_!W5pMj1Cab#eV+{R)Nf&nZ1L~WN8z^37N|(HDWZGhK)M%7H{8HV}
zjH)!u|HH}o?lY8pP9CWRG$S<`^O;{;3;=B;w6o8Ug}J0@vZ^#r7#9-*^~57osHJub
zoNZr*lZ$No=xi>=ec9A38m*XzYRyd?bF}`$8K1>+e;5-&XiPF2m4#xelt>XP#2-1;
zLQ$z}JF^uI6dW(Fpj|`Ry<w!});e0U2NhURW9-3}Iw}%7;#r86T^NT|4PVayXU~8@
zI`a1Bk|Mvd+t>`zkyXgQF23oJ`2Cl9aD{|8R=lgcA~nFvv=NWNAxT7G{!uwqtL>PZ
z=6epE;+j(9ircSG3yZ~ziTwI7YCEFKl?z_Z6HYP90<>i_XrNLUy{u_XN8@Qd@(%(4
zT*CPy`tcHyrqomCZ)~fb1dcfCuV@e@wP2bF>%QZrk-7%6Jb?hiGI9!<l@wh=M#}CX
zBPF|WT;F}(D0lCL@>1`@K`-8+!meP{?@-<;>#aAS^ZB~90lL5nhL!bLm8IaEJK%Zx
zRHQXec5Rr)xK!w3P7(TtdZ*E6BOt5BLW8&w@bux6Iw%em(dNK?aR(ehN7hVq1z>zG
z{_(R|Ei--9cv_PY<H?wrDA7#v6UYxL(NhZM6=&R02l4?4JyXs|%>nma7FkI&a7EO2
z$*j>--Avg%p8#NIa)4NhZYJO_GZ`z{nYzU+v_Tg;liDqM`7!p<JI?8fn9OukC;p7J
zpk4X0HV@|YTTtP?T>D&L#^SLN83}n#$QY>U2Jl)mC-3koco~a(6Q38dpGb#}9R1L5
zuL(Bd;L6|NHML5<p%?TfKU&y?J`wNoda4=?%MP}KNv}g{cd4qJ+AlxPUc^fRi@^hJ
zK!^_dG(wAJLWKSXc(}1*Lmsl)kz^)$Nkvo42;!6kW*M;LaK&^}2%6y7CE9361SCd}
zYmg|wy|w@6-ii#A?hb>DQjiOXsHfPKZa-u^nl!)Uy87j>R`citeM+yJHQSQ9ZsOs0
z(s&(Zi$9nhr$^!TCJf~CA2WwH1c{gk>Ox`UTt%%p36S+4MDlwfA&%AC1|A6-_~uI-
zfK<*><Iz#>NcBkrgaX^K^R~X<y1_mN1cl{B|F|y+s!qng5(O#^WJ4qz1|Xs$!tDDD
zRJ?Xfvm@6lTr@?{_o^o)E28wJ{e??3Sw_Q$K~8mjn~0qr`@?BIia7H#V(JI9)tuKK
zXwnsuNCBg6cBDH#*(usQNaMEj@ZavS20H6rn~0CVl?AdyJ20Rf#nnj1MFON^7;TvI
zkJ{36rW(P-qR=ow86%{z5{m55zmV0IRdrJy32mPW4VmwD_?arWXtSciaBIV0Vfzly
zQJE8{;llcPiB|TfiD}bF^CH>aPfoVCvsd$XeS3Ug@$q-0xo~pXd&lo(fE$`>9!G<(
zk#F(3`^@egq0}_z^Yy;p<tLrI?87!k1!wl9FS*Y$;jXOgtRWigVy_hLe(bxS-HP~Y
zLxZA|R=h;U=i7$p56hZwqT8Oh6*DX0w=UmcbFi{?eTe0A8?w6vfIz;p;9SKqqk}h7
zqyA{WQVc{040HU&t++4nM9e^^J=pg5=6BTGqn+w64<>f&^x)7<_90ZSJ0{X*2vjV?
zATywTKt_BwJy37i!&6lVCz&k*^vQJ-Qr>k+cTog2xP7RRX=B48-<c4lX28U8=SK;j
zAgxc0^(ls%nYR1eS`5i!#74Ks*{#DPIEPI9ZU$a8coRrDeqcYP-n=*IY@xSxsn|t#
zC?n)c=)Fjd$e{j)VMhjvQ$0=EFDm+`+@Y7c6-{`Ig`Mu|BR??nPc3p@VV_*n3sY1w
z<&)GHn1d7DNJv_SE#!=??y1r|?udnw6|jsLoS)U%wcs|dv2TgJxWK+qeR+Gh7c0$~
z!cJ|Wu~!+3NFN+4SE~UMl`1f44jBSBI1wE~+09rvms3!55%A6IWjhiz;BBEecnZK!
zzse%Dm2aUIIxa9y=&AG+Fo<7gX;Bh&dC>zY?E>ZnhrUp-J!^T}qqkGUSDC2g+y6;$
zSX+8J5}(9T4T3a|N$i+fMgs3F)l_hoU0@`rwd(fB_}ib5t;cy8U@Dx)!HtG$c(P-j
z(BdSv$3YXlDJiurzu@)LDTf;o$U#zQ<g%TMY;BX!BI(gKA#$TlKY$U`D9F$op`50T
zl#VsQAo$2yj;2^@7O5n%NT8yZ`h;ZX)guH2XLSoTxKC>oPy)<!3zP5kD@trbi#YJ1
zdY;m=VHmyVvh<J*01HN!$D}B(Iu#2>Lp;yuVCe~rZw*J{oDF@Zn|^;9&*&4tV`0I2
z5dlF_bK)66+;U1n<&@_1T>?jZUAII-AgTgEQae;I`$H?m(nf!V?0{kf0qL~PtR~l4
zjd>-EPKhKrw%2-uUi^6b0xMZ%S^MiHpvD%3jue5{p|E}Z4^>dn^$uS1z5`*$5&31Q
zdm*MHc;QHC`{zoOhLFCu%1|o(emtS6UA<(*Y&hLF<sPnz1>ltk(3=9@a=?Z?_>3fS
zI4gg`NeqhTadM2AB4!v%nWWh&5ONQ)Q9`gYD-giMumc+y)xaEMW2L|uB{NONOzgB^
zV{9@j1jgTx`GbWenG?vUDT+Hq7j7H2cyu4#r>c(~mg>>{#yuMS8gFfN$A3D~9PsME
zuQE+p>Mt^qCd{|ke^o`K7$znX?3FLD)L<C*`O;>0q#;Ci<aehvy3J}%X<!?#-kUVQ
zP+4kEQ8Wk*41<kgC4OTnC91wbxeW|wwb1?kV-f3srv-Y&Nj+IIVJ((LMfrjRyZ=>R
zC5e&Zm-eo>fpcPyL#K#bi)ci+<(y6d=tN4RSPSobZ@0*&+_XF=(O~Ygi)=d3D_h@8
zFp1t_yVgdBY@Y>Mr=8kK=c};h6ADYw>N++P5{0FO#<*JjKLGbY2)|v((?J5^Jdgm|
zb6Un_Q%8`+9svbOR*{_lFJV=h24PO&#=^dkO^`r{2EET*$XGk)EM%;Wa~3kzhI=7f
zdq);BCIh$H%3a_C-gb&999fxIE7p}cJ<1!-i}Ip9>w7X1H39c%6PA-AWHAYu;2x`z
zymXxD%qVYY370;#-Oa19D-&zyoRx{S@d^q6ebNPhkR>^pzrZ;K$f`uc)1R;VE8j}w
z`aZ*j1F|Zo1pZK=5vy`u;1BINj#v^lB1xj=8-JK{dkG0nbrJ?Lzlqv&n?f`27h>_3
zb64dL2>hXK0O)Oxl^j`^lOur6SwI#hCiWge^MFNAgBF(n|5M<rWh`9o^O9ms7KPR@
zqPD5p-G-ang#r;OccF!g1>inMR<~{LkhMKM=oiil`k_77EGlT_Gm=$Mrn#;PQY2|Y
zvd|AThk|u&M`qA3!h$1bu5GlPGuAfR#>lme$~)J#a~4joZM?(XYPcU(w+Wqwxzuz^
zf$PM(_{+oguYvahF2z1=+EeT37fUBLn~Vy%*KIT}+J^QFydE))Vs44UQ~_P<)F(+0
z(I}0J!cXmovB-?Jp~E|O-Tr`R8`{R$b&JWn*R5+7EIBc#Y;TxlsqQ;TH1X$VvBmg0
z@wH;yHF)1d3tmOnJsN2#0^tzO2Ba5+ylMTFuC@k1Ttrm>;53vLTkj<OkqD}2ZR&aB
z`UE#w0u0)CShnS<$mK7#q1&`;dZaL#7b!&LN?J#v{<Gk#h_jlJyv`}1w2YE0h~t7f
zb_Fw17-1otbG7RSL<-S1#%kB(n4xnPY}$qLMGOV&`t>UoC^$NZdZFAEYr68}U~~Yn
zU-m`-MqikS+v=xdl|(cH>(#0m)1!{jyr?7Ea~>p7ofi$siyAbej7U+kkdy%pvnDGG
zRs?p<Fr$tUp1yycX8eGtBihDT&6pf@bj|{z6sXu^+j57f*|bmGng1%N>7ig6sadmF
zN&J7u=TaPDpW2#XB&ef$_zLVIyKb*h5ytGiZdW}*{=}QFeAah#38Yl&OK|4rqxpWR
z^RX_ySC9+9M|Z!aOC~r@WIn;BJxQkZi{mFlRBCz{GnyC1M0+k8zSZP$PQrw7l?q}X
zN^FEA%#xg?jKTTDu2N<gGqNP}pQTbiAdHE&F;=A}hcTVAfT$E6{gicV)zMg&s%ZEd
z02UBYA2c?}ohopwyi&9IR0Erj;(gTTb%6BqzB<jDt~MzCJF0}kP9NCG;iz;|^sup)
z-VO5P@~9UzGMT6Sqz4YXoQhlRau0ZLY1#o@3aIxp@84hZ7x~<Jk8HU%OM~~wPPj6M
zjHLAtC|+~|G65GC>Tcu2Fx6!Rg`WmeSNb`){`5{FJNZ^ExHgX`<JEJYk;(hw0++&x
zmPE#z&9lg=;8MJS&FP<Pvsf;%RBe0}*mnNu5$b4Ogc|Lc#u<z2fRVC<YLQV>kg~}$
zk`^rRqp-}v#&O~_Bh(QVWjxnR{eTEH+Qutdec7$~h6D+I515gf9G`add+80HF`i8I
z*3yo$TGzX63&ggSCmY6gdpjA%plejOCvFqrpxFtCG;bNsnS&!v2elFC=&y7M>JL>G
z`XOmSQT3Zbeu8F8qg<t{zV?@yX9z_c_V7~&S3zz6+jFbAT#AQgKaj&Ih$19S`|??$
zst&5+V){HKoR12P(C2vt7+vDFtV{9P755MUyLJV&)_7lpPw}E6YLYs#P+?92b)32@
z#HwKLAH_vc6;(ijD5^;uHW{ID84#M3wVyUkKnsWSV}c4IoOa+mtMUUt1!x=Ntjc6K
zfurBSsvyP$6IZZxkN<bk)=p!BHS-zvSU7YD#zfFsMYtptR6c_HC~jOl_MQJk!ckFx
z-k09HmE5M`dzV@Wni95yTO10eLXJ=yot~anSS3+@TA6_ISz^$%GxT3O2uF&ey$FRU
zPKPa{PlsI#7on$bqy13KJ~s@GI^e|gH*D%nq#4wtR>Sw?*hTWls+L#{-rs8bs00=(
zA#m84N~dmD0O{XtFw->!z<~;lFkSO%8oI>YrfW^NkKL8@iw8r+e;FdHT42@+du5uk
zGK!j%_<q8VYIPBkBFs~grAd-zVVwq{<MzWujzky?;9P6<1CS$V8{@3iWXy=8U#GRg
zrx3hzxR+2bAaq)g{gcIth)N~O3Jl~jy^Dj`G<RniH!;tKI)f32{DTjbD{_3IQ$9{7
z?NqPhz5nvC5p)UKL4uRk?n%-`K7+~FQ0#*L;_mnEh47nDr%L1p9e7oHF@cwwa~59o
z*lpwEWP(9f--hZG?EW%USabB4GzG$g3XQN$^J)yb#K*f;5(7;nSs<aXB*>=aPYC?Z
zWW#3~GgH{x*Kt$?P^uMb5|X$mxzm<%rz)$;JdBe#4Vc4BnJ}UVrBJy3<TOnv(S$kx
zoWym%wh6wzzekLa8>WQVAj=CPX2;H-@fxTFHe%0*InsnGP&b*6{)MPlq-~D4xRClt
zx8h2q6GD{l{c9rgL4cEf*;0|GC#1OP;0>vExT8R}E!is-C>qlx>s3Thf$fD~vRlcK
zJ$GC7B&eaOw_C}&%tyWHT3V2gC9YUNH9GDR3H}E`;X->SXR%tfU&Ws<z5i6VD5qnQ
zPyLoOL@^gCN2YAKwO%PU(B2Caqam`gi7|Z4qD+Bbp+X}p%DjSmE^(Vh;g){^G-gL<
zHEB*Nu^vfB*Q8&ISO0g%jeEuZ$3DUNDHXZ3OiP@GeqH4mVMWYMO~rDO$6-pEh@~v4
zv$D?Ze4LSq4T~_C&KOgJ$vRC9+Ud>pTg243v1f>>vAiH+YS7mbs@Y!x>l+oWCNNnw
z;|t(fRR>ym@A<a<T_}^vx_BwRb<=;#8)nISyP;1^)WMJjrd_iYk*kHf5Y;1ho8(J!
ztI{r|tpPQceL_}Rw-v0mk|Rr98AE>tMGLC6Q`jU>p%Gd;uhN=JTx;zE-^+KUP*(B7
zU4b%E+seGPycSoigcU_i(lD+`OdCdupe_gtGFn$j?q`l$lh{P9#TdwFgw~<5qYD+B
zR!Y2G=@l!22k_rdt0>xl^GM?8TGh5d6&4lO7bx`T7@|rq^mhbnQOZVWm;uPy3O8TY
zD-*T8;m%UD&}>BYMd3g&z{-nO?mmC~E7sLeZ?`AAmzSnc=}VSvtl5$Yb0Q8SjIUoP
z38u<My!vqOE$K6SveD-Zm=aL_N*uHi0LCwt39@N8D&*Gicpd}~?YR!JCT*gE&<MCD
za~hH&3L26yT1Tv8QABgQ5}FXa7#rRgCB$UsDk0WxFTcU%Z!Gd|9Yo(~oDO2*pW%9M
z2nU#aF3&=j#Fg7uS(8w6#XJkG>XmB0^d2a!G(_SczFhWBwFo(G>5B35G6XLhm@p{f
zD(4Q_|IndZwPPZL?$#n&#bwTdAmfYLFG*aNHK8o=Nmf=#L;1=t0()tM*u=oaDC%m&
z^2TK6E^iB}Y}E3ejD^GBNG<RC-`<;a?DoZuHKvbWeF8RQ0CGQnQx7%fRbk{c6%~{e
zw(Zg@cUv6;|4Ei(IueDTy0|_&0FJhYrAUCoU^oj7gXu$tE3O@<2eL=dq^h@b4HG@K
zVnc#{FU5IQe7G?Z%u5~CUr~{+D>ki$pMiH!GkCe+XHq`RefqKF7W}yK)T#ZK>)UJZ
zUg)x!w=OC(b2a9kT)9}up7??Gez9f!a^nMn<aKCi)0S=3t`!tQj(PjI*wkcAH+;Fm
z5$+pYqUlPR;_PprAH*(;*^2W^C!r!E_R$%T!uM|RQRiEEq0d&GxCl_{PX;Ik>8Txw
zwzEVlF>;HB&PbUiK^#UE$&(}`aafmxCUHWN3WyMW{$b`YfF{&2MvEMcFo2lsTmy);
zJJtYBhCHH@4pWCR!#uK;(sq^oY~E!5&%Vw?^|)Z%6dX~o$Z(#h<j`|b>)MgpG#zTD
zV2<9X!WJ5Opgxqg>hCiD3L+1pN7>>63N!T(1x*lF3#+tZ14-!$O2AdZ(8>ibt>HPt
zko2$v#eL5a4<i#N3P4AI+k;t{DO542&<Gnd17rE#Eq>M=+F(lH$0O!)A>3Mv>ok2=
z+R2-?^DfoUd7?D*^SYuW%j1T`X_b<~4`NbPMNm`;H${~_;W9Q6p)p#kX@up$WanBQ
zlrm<d<(Z5OMJ50EbgMkAH{S(``(3-+GMh0%=anB8_}Rj2X0QB%fK9h6B3Pa}X_;hl
z&f*Ce-v#WMzdra|&&r<Fhx4LcBtSTIt*G?Iy(_vDq?21!J4#x_{rBnZo2ruoL*?)O
z4;&$4TF$RWg^G+YEHhA%@7>}y!y+vMlRv@+euOLT&5|zc$k+9X(2ht?SQr)aYkc|_
zU-_1?W+Fm_7!hnvO6q5o?`I@v3Li2A3qmP3C#fGqaa!hnl!SI8V&XMpw7k^_BZA@_
zXBrW-G}K5VG8wsvN{TXC*RSuKXEwZReLVWYp1rRE8KufKs548&Hc;UfzQg?pu7w-6
z1&3mzYE#LKC4GSE+8)bX^RGUyw+aNMF7oay#kYU4j1y%_L?uS(=se;gwC6f3BR?n-
zQU<`PLGy;tGz&?Xmth$PX+bkPv2$!<3}dwF(g;mJv3WB!0c&@xCQL>fqLP2yvaM4K
zaI7KQ9Bnwq8;rhZP-WYd*Ui3D@Z2uNks3M0!*P5#<=?zIY)Uxdo$|!N{z|u8U<i+f
z(ebnYPo1qfOuMGw@lc@=3O0{W3GLZWnjrAGZiR`@{Z(I7U7`Ug(=4X^u*~YxPW>F4
zu(%j4LNr3bP&nC41;g4Mt6-A>a`<eFydAXEWYWy%(t+a&d%a$JZ$*7keaqL!qz;10
zmlA5L@Tiv>Tmp%*CtB0+UA^smQv9ad1r$Al55Ki8ck%2hKB&Y9MVSW<bBUjI46Q`2
zrN-M!M3BODaO*<X+;4<ACXefi8219*Rj3fJ%`@R!zW@c23R09ei&JD=x0V^JqbLc=
zCL<{@y2oh^@#d^1byM*zH7e6GcEp=aKv_HkP=?CRRdB4`u?jw!q6(FC=rsydlBd7^
zD#*MN-?Hj))h^qIXM+P?*B2W2R@r_!jR-XVaxL!WG3~@gV>!%CM_R@6kXA17iMK>Y
z7tTNEmI#}tEKDg^K1Pzn&$(Ocr=+Npm=sYH^G(-}{mPE=j7{iOJOg@#%Fb0vtlhCn
zIhmddl@v-TeOp{LF=5Eyc>Ru_xpc5cySInl=LPieLg^?(;2_b2Yq2OP3NO5*>mf@;
zG^s$9{9no)g(eVXJ)gM?6&azd^8i*Z@iW3ka?@-8uKFYpDjnY#JH92B8YoFO)gzz1
z3POZ^hTECyip^A-q(PI%8HwsLA#u|Hx1;Zqgw|0Nm2s3(yOW%ln5|?6W($>_sjg_d
zBh?j^cd9EYsd)RP)_$<)EZPD@d-sC7vbd(crGY!wqhO3o+fu6d@<6;2*R-9=ffq{L
zZ_%p<53sr$y6jh<2NmgH?*91DU&Hn-i?A1X@r%{h_6s}^fvlgF%RZ6>Q?8TLKvp6_
zKhcT-)_l`9->%H2y^F>?Ny7j|C<>|+y!#|V<gadI+`VeK#&Or-CG?{(pIoJ1Af5s`
z(YWzJMI6TGy%had3_7E)<cCSl>c}Szi$fAeaYOQ~EJ%_!1zhCj%(n-f6BAUH%m9_4
zvU9D3mEVmzNkLF~x0OKaI9WYyRP42mq=+P^gVZUR_@TfZ^nn5>+JkV+l1Wge$dw10
z3X#tt(qeloCiXpHE*5(xXJFX@d`su;wtNVGmsK%g4BQL&lhLoDs<_OWxW9_UHI=#9
zb>jWK>sJt5=HI)%e|_)$pC12T9bZz=m9{l_eL&<-R>CjOb)<SkfhyMD98vn|tZ>N;
zR=D?W@qc&_IV3uL<5=eSkfAaFlm~Ov=2^}QI_Y`j`&G%!QkJGAiTyk#We}#suj{;l
ze-+ez)<{e+U@`*?h|112OIBjM5oT#J7!Z|om?cc?tpc!Veea=pM(np=mIAcelX3K{
zIm#=L`SvPh<kCB+*zs0>`?dTwwAJUM=%z#q!s)m?@;%ypESxkh5}5by<2|srZe>K;
zyWcHT>e?T?pDnjN@3{WnS9Ccf>GwS%Ht2k?94a!x2F(M@xx}a1AS#Rl95cn9K<MhZ
zF3&sQpp%lMu^%=;K&px#sN%4S2o0N*R4KsZb6O^u9kr5}c)4T-UJjL=Ya^@_fg^0h
zWV{?c8#)RAryGaCKrwd`ztOS|t{SvD?YRfwO?-P?RF4)I2pmwlN6oLJg9ie23noYg
z=k~KlE>$VkrzgmjH#+pVKLJP<!R%q4xAyX3dN`X%ZlNkQ-YALIGx}_4^+lkG<tazv
z0d*-@{B;0zj98QNsRvP!5!PfLEY2nVk3R(=7DjaZZ_)L?g>U))o#>u_`Zr4cw&wrU
z1L6M^L*f6OHW=tEdMgL?Z_&*-qlZHE8p_g=RU}NafW!sm!>Q7O1hHS{tjg;sv`0n~
z6RMZYfa;;LbB&&r#Bqetn+(;%XJcIG6P5q0jgVw119G4ZU3FCW8dn=uw@_`=Yh>(l
zAPnn?LX?dJ0-<GFed+BCH*m+%PtEfoL!tdwbPQB}yfAGqgG#-pttgE4N~9d^4N}-W
zSR~r-$IRCGpgUA#gxQ)0x^s!o$cXQ^5#z9>KXaX^5DS6wCRS+>vmzmBmS!X_p|W32
zV^S1JltfWY)6#LHW8(0V88|#tcCLj$Yvzr#5R-9usHDR%U}8E+X#hnChejnaf&S|w
z5GdtvNdhj+nmZM6TO+)PHLC!l=N%p3y{=*_U`&P#e2Ehl@QS08m&s13iA0X_f)4xL
z_pY?z(Vktk+kjWZ8`M7D@$mM&KAGAtGM$jjB>M<}psW?FWQXsE*(cjlLhRFYz+p0v
zTG1u`&pf1IlM*yplm%Hqa+WnDW&tHM@+-m;nsV<Y@{7=3*&s2okjV@zBq}@C8e#2@
zwMLV%kf`K)zHPjsOQ6}>IGq+06WDg!6J}zRZMXna_2QI*s$6D|_A%&ppP)SCMpFAg
z!t#;oddjZAYkB&;G@yhZvFfFa6k#ncm+CgTf*ts!_i+U*klo^81xK+}CF{U<GJ!#o
z8VWw5Qg^jB;#NAkrIIuMlq3g2LH4po<zZ1Lu|jf`%G`v{_nW`C*I(Oz!~0)<N26M{
zMTgj}={U}09<QQH{9h|e3Y{mK<z-Yy0f~alCvn__q)h6Jq)9--qKT`ju~QEvCh9bq
zfjUKH=bAFC-La-@GU^nSJj;}!lzs;BJ3klkr6KO2xt-uzFImfK9gu!+swSd*wrN6?
zZ#p(KnTHK^iJzr>pj1Ro4*!^}+7%J<gnzT){^ulp!=@&nNgQNxK$1L)NZgb$p)9IM
zST|W51!+=6j)RN|0!?OsKvCJb`es8hj?uTtAW&4&p<#Gc)kaY>DA2Y%WgPqae4%dm
z)NFRb<CpLaF2UCbXr$6X#po##i3A$?l7EL!=Mx+YzCAJ(8rEHj%ZQ%faR2nf1cVJB
zFy_aQj*RWB=Oar|krB#04_WFGKM(k=aXUmgQsfEp*H>)s7d%tBv8k!ztg7NBB2C~Y
zBu+x8iJdS~l#!p6QJ$m@Fll0fNs}31QdD-Xa$9S?j!^E&U{X|aJUR_)K_zi~qpPi`
z&jLI}pt1XEE$Xfq6yzp)M4unb(}KdF=|TvQ>~TyuaJk1g(7iAz6l8g*K0I?ox8SvF
zMTq*xhwk#oL>zu3cobgrhlgRPn9VpJ;EIZjuo?48)1p1++@(#6Dk6TyxJt4rAZ63Q
z6(S3>k~_Bzv+uX52^dXh07g;SnJS64J5nW4d8bOEl7}jJ_v-q!MKRHKZdz}}SI*Po
zd(Xwe&zeJIQZPL4QF0tA!AtK~#@61UE_y;^`rHhuKZbTf*itsT*m&)?)v<D&)*0(>
zaaw0k5x35yGdTI)yT$+M`z$&&RmuFMEEx&?qUMLz!sq^boRKWc<1ns+AkFNgfvJh_
zOlRObQQ5glJrm!F%Da_%8om=1`_G;LO*yuw9onu(WuA0-1=Y@OCAhNnUDSHheqTJn
zQ-P}%1iV1*zs7bnbd0u4VN_^@e$InXy2Rad8690;_18vM{d|#rzDOTPK{OESy9q--
z@O_`ue$2O3pQeOn1toP>)s-KVah<1j4K$&Q=?o|%DmzyLXF?fKdA9~yp^R1+7ZvSu
z95jFZv9qYJcXc_P)$XYTcp>1Xfk2~ffrVNIsCMgG;E41`x}@L%cfg`C56^<}UZRJ-
zwR(#c6j}#^89$bb?c;_qc_+_Sf<O0QXxyJ)!lD<=F;TYznpwA^jtKCEJwA89;wyL-
zC5fPfiSsGZnPjSZq~Hfxx8Inm#J1T<2V5jy)4E<LI&WpbxR$M;f`}mR=4!U8n5;jf
zi#1_ywGg$E<<Vf^kF5C2J#c%m1+GW9GXNqqECgs>y@;Wkj?+x%;WS<1|9nRTo0=lc
zVwP3lc@!y$gFGO45&Fb0nm7)NB#s=ggw#Z9rZdo*sO(%bI1{aj%Dc@VCTX57a7$<<
zIo#)Lz#R!sIwVK8Zv%(JrDXpDGc@T2VE+Q(g^^Ki9&6AMV(NcBuo4v+q5kt~I-@;P
z#?R{|P!46lh!W-v$xH5J#8pyeEQ+(7+R3+46Bd}xfCZwmbG2(GED)7<YZoRtf_Dp*
z{apo`(d8<F&LVy4-OWqyXQ^X#D^PoDP&CQAb%J-aNBk**6J*_=kIX|wMy&gJMS{_u
zlR9i@l2#;1DI9O}nB;lGNET*MT*Y}>y4Jl3c1ve~-B8)N>wYHK4V8DVd%Vo=m|X>v
z)+=8@A)0o%Y`=+A9)05k0DM(2>gYB~<4`V-qehD27FrVgTbRK=AM%BYj9B>dAYU%=
ze<I`yos_boQ5pD*_)WtPyp&ahRsr|<s<^BJ8dO2l*mcr`e5ErWU#RR{otz2zLgn2$
ziAjzQ?Vv5Vu$vN=DHyK-fhwl!70~pU-q-un+5Ug+(WUU!CkfMBaP9rNr~$Dxr2qZG
z&y2#?(=3u24a#>!F4F+j5R|zPm@SOEppzX?!5{>NhM%A@YcPcp4;30=59UFsT;l&s
zdw@*}tK+mRqKp(l#7OK1IVq|%BzaUswDhBlC6V18n7FBQ25t(Koof$f;-*k}w>@yO
z^||x(&^BbXHdz~S2=kl(bqF;>&VQ|Zaui+__d7D6WSr!BL(%~&82ki}^sD)?%2C-z
zVIrzMrNS#JG(xp!0JUx{JvV8RvMf%BUo|C(6Rt$L@8`r%_%V-$K~+Q!{V{P+=?okc
zDmzzyX5yewdAI&d!$IL<`$ZB}WkOjpx$al3E}AH5F%<p9mEKj~+}%sT6>Mqk%7$yu
zsAOGpfq(ms)!r|3>%D<{*Y#%6>0SBa?w2?3F+ef;Mpk8+4tz@I0iRsr|IB?5<<D!<
zJZ5D@iln9_4iiSoC@cue@~|#h?I*s&FE$}h=?usdDmzz?(J@K0jcD&=pp&aV=gx=r
zyjzLON~18MuCm7esWT~MLE+lFzrRtjp3~g6d<*=23B}U+G=9-lwqAPITaPbKRUhu-
zy~z18w!-$9y4GY@*QI4j28ruOmDNSfIVe7N|Na_N`SVdrsK^L~pGV8*5}%QqseFnv
zwH%uXKP!r$$!d}&MNZ<n@JSIz0pGW|&zt&59Z`FhKxU$-vKc5URCcD8<72XEIV$DU
za#w#YEl1@6Z=v)}-#3XJxvxVmD#a;1+&-_Fz*P11=pfk#f}pBE0wiZYLnALet_|ur
zJcDAyU)$vliaiRrVkv4QLBsm7Q2jlhwz~wNGhjPp97IHnrN_MgJx$^z^BBMf_!Bsn
zz3ZxCOI2Z2+9r6Wtx2bi5X^yK2h{w1X6Yw!KeqtN8%by{KIB6eR#4Bwq7#uEJ{ms8
zfh1JqeC-LyD76SMA{Gh#rErUcinuLOHV+f#5<eGn^2m1+^7Tp9z}Y>KuB*w{;4Gtr
zPDU10HDy&rvO0@NoYy&_e(aMxkAswPpQOm`6)7?k1(wY~fuXW<jS@O0t5KSa{c`o^
zG)hjAKl89~?D!wueuI57&6AGX?h)$utL>$C-x|m1{sOIsrwrT^VB!E;YH(0!WZFRy
zO6i?!P90NBlf{j|vqGj~cHn&aK2&6c9hiqbbBX`M*}V-$iDR-pH<1K7b4gJ6ah_&`
zW<DcvLw!=lO+zA<hDDgiY3(RulbOJ^YzA-*m7Qxe&@ow!#$>pft3RjFzzYa#oVTjQ
zrtTpQ)%!w_-5K;SmnY6E`m=jUMFEGF7eZ&j3Y2W$M!+eluMBtJf(IdP?7GDh|B|#i
z9oz2K2H~$t?~(<ob+-5A;CVpg8W=6an;g6YxErl_SwWAZnTZiQaz3;R6&YbiW<a}c
zEj<Uc3Tv)#q$<h`c<xeC(jX^cR0fpMEKdvj{a<Dxr?MHyDOC0~a0Pr^Z~2e@cVXiZ
zeZ%DcLZ8-uU6tJ$(KuVbh^pB{Y$}G5)=APz30+bJp6<7Fvn5=4MQlo52k^bFLlcG2
z)@`?JsL+TdIS+1x_FRNX9W;4G{Gf?QO!+2J#5q4u)3Wht(9k-yvyf#b+$fs?H$r8{
zE=f$@wIpr*B1_UqF9xw1*ZRa7c_+;)P+Wi;Xx1jyhd$NMK;8wX-QL=34vPExn<30X
zS9=v(_=&RGielv57TE8)YSHcn=CF>RawRQBAI4q76_;=z^@$jA^~43Z*&!qa>c4-v
zxjERszAgAJLnR_v)GU90t>Gg^5E+8JiaZ*eUVULF-gYUV$nUN`0{#%d&+FY*cnbW1
zF1&o%^GvTqDboJxkFCBgHtkB)p^{DU?PwvBqs&Rd)E@iM&{|Tc#0Z_A2em?b&Vst~
z{i-H$R6u!hh~O4+K|-ia&eF<{9AT);gj!`YpjN2tSe?h@T{>^;7twk2HP6v`ly!_B
z*yMU7ppkpkc=wN77ZNkE+pOD;y)e)fGILh6Ld-kl`(J+_j*bWVATG%cN`Fi3>(zd-
z1xJmaX84Iw<q8ibpo635A0OnE+MsoBh*YY}{>Ujh8m`wa`Ww1mbOOT7f**DGR6f4|
z6T;sJ#Prp;HXpjMIyV_2D@r6*1W)KDeRd5}RAPj-&Z|L+_FUvy)<j7}!lVdD%<_`t
zQ63P+&va44>c9^iJG2SH%4UGDP}z5)TAVtu!F6SK>V*1wL<@+zqJw7DZi64v91ts&
zp}Q-gl8?@6!F3mJjjI;~Yea+IQ(Lp8&^YNv8pwLkkiE|M=}24(YUDl4pZ*L%`=Z0J
zoP?%>oU(Z!Cztpc^ufb@ik=|y^zgLhmPRfCq+AO6?oCaDy5v4@T@?w5>o_MAl3EJB
zIa0q#t0Z+qcT6l(HUrCq%8pknR||+*p@X)o6(*+C3fCZ9P-@U8$>BytxOPn+<c<fb
z#Q&e~65^Ir_=<XFM7enZFJ890dN0+4Z&dKWtVMtEPDEG)V-%(LFSHA(q*WdJ79op5
zhi^UdO-CVR^XQ^n;*;X6dg6x?XTzPPjKLlypzXGggo?#0ShhFq646v_reePD1#y-T
z78MLoQ$Dm;k-Er=C{4?%c4P)*CTc31fto^P$7`yq1w>QPLEAMI6LV@RI!tYa`C0Fy
zR<V1oOZ(I?vJwZB1zOSN^L9~n-fK`XSu05V)BD7oIdD=hz5edEd{%6Z@_WDWb+p}p
zur5gQI({urf$~&&eWOmt_tziZV?N*%I20;0LThKhp>8cbXNgbCfR@CMfc~LKYEr~}
zzpC;gEUGf_v)Zv=nV6$&2IdHr9j^th77#5!2W{5^2Z<7{1?VtOX+d8ui@;&3_P((a
zQHr;VcC+Z$G?c;m`S*9Q_}z;c8<BM}Plx(s^PoO1@gKAW<$Mcbn~HDo1d`4lAUi>q
z<rJX@QtQLzJ}3}TL2SOFFrh376aE87F}RE=p$Q8~7(}#USy=|5eIv?EKu|sd5QNH(
zRzYVAr&SOiv{eOBF_#MB!~AEdAUYzO3Zg>pI+Xd3BrL*pC_Ph$8koS-`h&h~!OA4A
zX-%>`g`13^B1INa(nMwH`%zOB4yM4|#IEEsuq&wSc>Qs;fani8XuJMkVov>WFcb~t
z+)O<>&;_#;Bz#M7dqd&1l>oA;NCBcQQ|O0KA@`1z&x3%t#Q!ySEOfq_ut>9%HN@w-
z1!<c#p=B8GZ7WIqxbmw!v=>&(P2fj91Nec;j@LL>3y8*{gSKlNCZ^LffBnOzcGe1u
zT!l1uCTN<dKE`*TlFxbv)mFtMT$-wR``Wwmer21I@%46f|LOM4&mX;uPJBbiuVukQ
zzUTdX&)a?Ht=L1mT_}_m0~(!0_w>T6cMOz#vF$vj;*0y?1yO|A<nGZU7RRptc$xTx
zS1lJXDs`O?#nsFLks_=Ir$U%tVBvm%da{c5Lso)YbRzPoNJDf0Pzdp!TowhJTdPHx
z2nKmCMgM;=3B^g1aLO3S62An_$>d~U?AG$WVHD&6r7;OIs1ltPF)5&+JY`v()iKa<
zXLgHVLQwJ<5EN8)yhU)efLH`{&~}U9qUNz%1WfvWTZH)*VG0%p6&m4V%){cKJ*QP(
zR%H_tLGu}>egXBqd=jxDQ!Jl$e!<+t;^Z^1IH>G+-E_5p=q5U7yKZ7)PX8Dk=AK{N
zJHsEZcYM)nT^-zF;3xq0lfA0M5Xati+xBVy5DMQFGk4I&#~Y~9r#A#_tz!eWuJ!2{
zlzbir1??HwYLhx`2rW|XnHDMKYdud$kT-EID1UN0n{94lQ1TfV6jXNnT6eX8taWtI
z_O<RH^TF3TI?PjNKtN|8OAu?vx&)^KEAn~33bbdM#aR_4KFRC20z&1A6cKGmR77=I
z(JZTC#}YJw75NNc1u8p!2~Go6;Dfd=K?kq`UxJumpDWV`cHnM8zdiS5zKW;X@M=Wh
zW7}<I!JoT#_iv<Y@}!r;=1CabOKwt`_fGlLI)Z$!K<InXB+TYcVU|IKMlARlpo?2e
z&sA1ZmXr;tX;Y9mO9N6=NlKa`%!?o|e10ylFL)F3kk5cTpt9o^{4~e|K4|-bp9*<E
z1!1M`dj%p1wf75DO^n6E<F>ESA^E>gK_npCv)e+}X!i(499zg!5Dci$h=n|lM+NPf
z#f&=%VM;2N#N2Y1DJjdeBxOT`q^$EMbMO%5CL$o8fe1il$1mh*hyZ-h_JuqZ5r7X<
z&|UwuVa9dwtIwZ?OeHYc01(iJIJMMu`AGPFKUv^i!#@>-M;qyjch~nXj00tV4i+7P
ze-8JfY-OMe98F3{LBH7yF8THmP_#1FNjc))=f{QMA(I;jRLKPDelhUtdoH*I%qtZH
zpwA~ZE$B(%m-yHAhXb>~HMbiGv|;P(WCDO<Ox(d0fT$xbnmXzLQ}!vq2UKW;vd;rP
zpgku=5e7bB^orakaZ|zdHP`qgjA=rX)UPtf9kvO4$Y%f_P}%XyJ`MPQ58AHmQ-Kfo
zFi)KnxV9rJa0*%h6&kSu=ao}Jd#0IRRB0MRxll&pfW@R>QB2aTF8m;+dD__hroxQ-
z7c=7isO;z!=xpKi3d9F(U4f{WYX#!NJh9!}@5BqgrEo`XUOdXLfGr(tt4jW>rCAj=
z6zci%FTV8tl$00y*8URgF*swiuDuoe=CLOr(_@m}_Ei5pv5)Kv3N0+3brA|#UTLSU
zb=%!akc$mR5RvuLu0X^{?vS!aQXh1*!Hd!ac3N2-`52JbQ=FX0{fAD0%J&<vjgXR7
zU-bPed!mbFUxE4L+aj9}`uo{b9~E+|elddq<kr%&A2dNwW(|q*8rawqI5K4^iECB`
z1ug4{+3yGn6S7dufGnW0ABHRg!7VOPEoPnpVhPZ}IAm`uvL7XL^J&31V>?xujGtP*
zfS+wv0&9&aKso!)=M!we(Il;*?S-ks_Lu&}_6yk7^mHggF%Qb%5<f3)*;5dbj+-+^
z+RX!9socD)m<*{dM5MA1Gtp)5%ZLJEqXgRb+z)|u3$mYrID@^nAS{Xard(A30=Fxm
ziC`#ZAQ({D$qI-LW`qJ_vQ7mY)u~PAP#A`eT6<f#wSXOuPX^TE-rI=;pL5THDGpjj
z&*CKZwO!PGX(4_9;*+}7#G6J=6@&|yT*FT~AHP^eif2lpA|teQUO6C_xSNAY<ggH0
z%L1vS+3@)V!k8=WJJiotODaf)2vGK3Nt8X|4gtOD)2X<Y?x`)pGK0>M&cz@ARVQ&7
zP(ppKs&$dnNnB-sRJW_D2`wmQKnqaW$*PJDW`wF@vQAYU)u~NYkp{f)Ps@Mr*0f^(
z<G-!>&kvFK|Mq{qhkRd1vNf9r-&YuXZ?{^=JbU<4uvP6gL$0FXbjvb9qIiSZ5EMZ%
z((gUS{q1|+UfF)X?9-Aj1y84k==1sYeNd4R`aC1Z|K2S=vAoxwexAp3iOz-29wC5l
zCoxMxQj|0j0QWp$A;8=1dTYWCiW#s2RCco7qJtTsx0tL`Z!tkp&0(zW;)n*pt@K~J
zc1wXVawAYX@&b}>1axL!?~D_!cfnqAwcB#hr9uAm#|N&xT$TH3q<byAK(z7vsza#A
z2yL7JLwN5NckiweoI9i*iv_v48r%`}jXl3tT_F=uj1f~yY*KVa32Cyb;O=kZbI&(`
za^4Z8QBs61>~3KqB#Idb2~>8nTB3s)p_Z7eQ!PhzYEwz90Vr?zo6twV*$F7y-JAQ*
z;xBRWqOWm8h0oUex?tZ7XIAQRCxY9GEvFAXyxzac0y2)qTQRtRp_^yy^5tyW3sho+
zX3j%rpgmVCZfF@cB#t7!E7eIsXhI7T)qx*{%#T=U=PWEtbVe})oq@_uUjFD{Ml63!
z*17yK!LxQH6lT&Gejl9SP815cJYppN<HJv#ta3fnmK6HaZ%r*Q*uYoie)q`Lq=Y~p
zKT`62jnyw<=uqjF_SKD4NNwORHcc|H^mv+_W++Ab`qS?+B6wVXTg53cLMU`bEZg98
zWJoa&8G`m)l?|<ftRzhs`y>v_hR~qSNfS45#aNmKmE)SzM1~YIkRhn-WMxAKGeX%g
zS*Nm%>eQxaIN+p{1tI0CH28iY%FO5%ia3j#{y~Y9TPI@55Z+#y>ZT|^#d+-d_N{j*
zYEOD>TVX5SRw4;m@zWtB#XJ%Wm-vipm8XTc?NWXpRA}HwSV-7_Yz|%6jHu~7@1%y}
zUQ!nNX^@d9%~KN7CMHEz1f<D}D4{jwTczWM#l*c7GjK1c>|`}X2QxxVF<GaYVuGJH
zv}qQVe3?y8>o!(-v1a=#7G2d<u|I9;gYf<Y^&4bQJhU5iUA{*NC269>LGItZSBvHH
zb9?FCKs~;#nDGnVMo*^k`)aX$ap}D=?p!WD_0(^dz|sh;bvJxW%XSUV`L{nqZITPf
zhlYP$de;V_4t(-r|D%uJR`4y}?B7_mz2&NboffBnQBa`~W@BDaBA56-p0^5p_m~Ay
z9`JJ@WO9)>pp+Cr7Lzb7;;3nINaV8H022;V%z(q7vW5+S)%&64E3pOkdqnlo8b+^g
z?huWiTxbX%v>fH7_lj0uc59n@qt$lUa;@{OB;DdZzha+7G9VIUXL=XMcHHyJ`=BBt
zRA(ONhf91SiN4xp#dMwG&OhXxI`?uEo39XVU*PT~6?ZQ&iwNAl5OMvY_G6p6MZSUk
zfj_3I8!mgEy5a4h>V}KB)D4%^03ee*wO2t*_3-8-EJ*parz&^#45*SR`6Kt#mb_d3
z>CLOKSJ6v(MKb_~jJ-}=#dKQ%ep}IX_t*j`yIp!0*MGmR;G-9C^4-!e%#3&na%Cmg
zDLG&_Rx+|=PhVzGj;kNf@eNQf2d+U65#@(k?&v&<TuUnI5go88pEN9%C57+GxRBGd
z2+`@sSG?!Q4{6x&Lu&-ZHDj9a<7<>Aq$;3Fbz0FdwB8j(eqbu;bd(M*d#;kY+d))y
zA~MI)qgyL+b`p8tvv^`6?(99$ZS}~y9<P0>*n3~}Zb<aOmhaicWpI%Zi+2Vb=ho75
z9M(}5a$k-{G$V0RH>7NulmtN*v8)N>f?30FeDRx$cRIoampym!y4yh(@6>uMxTM-=
zMl52qB1;QZ)Wyk5)jAUMVC)S29gJB&UDb1yIce-W1yAPEt3_kF68g>Es~cHPR@w36
z^5^ZTCXY(1>s?EH?WktEQPM)(n|@ya0(SW<Yp@URbTkUdHBRo|-RP!}qO+Et+_sZU
zM%xI{=}xLs{GV5J7N3+Vsxn$uKFI>en2z(5<VD2)<+C6U>NH6rYdkRWBhyYyhu7e;
z=h_K(JBXb)yNZmZFKrp@)cv+Tm4l`$H`naz)fOTUI!jfC)K_i$cc$3Ep#lfgR)Se-
zWtD^eQfRlb6`sMzfd%()i4kfxi|GRInZ`v>H&sjuAhwUgAmRtAAR~-5ei0W<5vNub
zn#hmMwLBeig3F$}mfh_jYk4Bf1Q#5?<)P#k@-(F>-b5r#GFiZuR6fhyMBQX8WJ)&V
zpYGGX$o2dlz@U#U-=SU}eIhwCy1x9ft_-F#+d7@~Dg{+Nj6MOb-=`qpIONrd7`q5|
z=pp}PBF|oW@3!80w^d1Yl9F0)-Td@ai`uZg>?L<rE2=iwXR+IE*w+>gc`{=V5-V2E
z!pW5(#9h7E9>2;@kSHjMt08(lf!G5V8ll>=h&}M0%gj&GAk9e{6p&;dg@h(SOscvp
z!#b&oDzPR@MSfzc_H@_^E_<$OyW2rjdm>cD(xcXC5wu738WaD$SEb+AH7JS-aDc*8
zFqzVc<cho#N-%^FcjEi<8ins=f`JTf9e{5^g}OuqCE?6!1JLm{xr+pLV#6MGP(*MI
z2SCWRLX=<vwFoXWLJ4MoSKhnD&vGNbFt#ReMRjzQN#yL;XF8JDw8V8F*mp=BHk2PY
zxi?v)v?g&L`+37MVBfK8XliQcbYu-Kd#;AM+d(vRBAUk1qkGrI`&5pg0Sy!RwX}m$
znf-|NsafB{j#be$Gjp6S-qR2Cg-q+yS1It(P~yTsn{nmeuw@H7C+yzq=S!%E0eBr5
zdu%qWdo*cRFy+Nw4EIbYBVmN-9L@a^g=r2+9W_SusogRoBkD}G#pWba^l)5b%aX(_
z^$D$WN_>MJ&aSqZskYNGI=Jk)YKyjG6TGnqI@Q+EBUjts-rIB+lOJ|g)zUy!G|*nO
z{PZUu9+&a%E23SBqT6H-h<5+`{hR(uNU9|tr&h-oa7iROH=+d)Q5ZNfTtn;YNZzZD
zv}b^+`UD~wTxf*0&q4t?#b?DNpZdl6<KvR}oCT^X4oM&zGG_c3oflO_Dx)fn-5TVk
zHJA<s!e!632537jYcLW1g9{#>pzYo^*2>)u?tQqE{O0?XtvX%GN>r<YDSdhR*$ygI
z!KO_+NYZ0<e?0CFzTldBYGHY5VR;vSe0X6H+3>c9m8t!5gVq&7j6iL}l;<z8xtb|p
zx%A8$l21(5;o+y`-gKEa;1$$?6t%cu;JX#KK+EUB@EpA)W>&DNv;=e}V}yk09Ha6h
zFha)}Ueao?)gw%NZCV$mXOZw(1Y2{aDZyqcRHcPT3E7%)T_mJT;)-NOX(78QDNIu`
z9Z`hKo@+`RARpY6V1iCl;)E5AVl+V8Ii0dOcpb7~c|4c;uP?Tw=JP#kAvAfz0B9iC
zPWB|#J(aRN%I^SLImM)4rtp(*{F`3Kw$M%|za;{_2Gn6Ko2B(5#Fi>~sA*`&m2%N8
zl?h^iloC~@5qmI!KnNEaVG(9QpPb@0iy%HzkU_fP79FOB@V+*D&NjOWaNT4$1D-|=
z;_sfQ+C?N0nVoSRlOj(T360uCRviya7*j9<#)QhAspEJ%4jo4YT{?~m-m)!teSZpY
z!)DCQJK7Xz^lN!W7hbsX*n5H?)s?6EGS3vcHnQHUwLj5giRA6{LEM@jC|-IW0eZZY
z72)}J>P5F+(r0g_IvZN1pyr}_`fv%cceX$_cKpY(C^A0ZPDKu80FB<e#kC@H9esqI
z7jomD54ZT_N(BVPvB2cOAl!s<Gkc}x9KOP*ov3MtKUa&j_>cSni24DD`2$>)l&r6U
zJc^DOP_#8bCooY}AV>_z;W$hSQbbKda-#}_-5Qv9sbB_P3Y9(A8aU8PxHXuHmvZ&!
zI5nW+pQPK(9sK{|-aYKX(m&VgEFi@S71HN+GtFhWzhQ`EQ&5y=>DHUyhueDL7d#KA
zf8Dlh3sPFVKBWcI><OeuxX=jAo`=Fhd(I%G1`=vgNT`XMoU24aYa()L6z1Np5+({O
zn1RAVWzSU!v>lg9V1l296Ct7#jxI;1(BLfzG!;Mb>P+dq+|G?SaqI0$U@-dCe3aP<
zD8vR<%ijgbkdYE6qG2uYz%JWw+W0CNP($OZ{3I@mOsfkxL`lwOBEm&RsK`8QluKN1
zeh=Jg>`JlMiFd!^69GG$_=DVwU!@Zp+wWVL^#woXZa0iwK{1)D>#vYzNZzZR?K3;6
z4!4$xNL2|5($FF$amD|K)_G16qlAQAV@*6%Far;T%ATvS4vZ46v6!F}H|grqK<HoJ
z-`Nxv9l}oTRd=jgK$Re_Nq6E5YMdMUgz)_<D$PQ<+5%CubF;g6&9}211hH;<IKT3j
z`OFz_a?cM}d=OR3_2~J9Ivp$elM}<JS+iJ4!c566eO*(@t@2hUgAUO&%mPd(QG^SP
zumQ8!i=5(T<iE-LtZ!_&B>lOT)kYpIqW0Lk$AM4liaWn`8FRG{<A%_*iiw}Fs%BYI
zB_Xq`y$Kx)W<bYK*>lw%ZO5hdlZqwT#2{M4mZMIv?!rmiM_{eh32~q=dkJs@cdhQX
z4@mXb#43Qj=!Qq9qG%duDGsmVQi*?m{RrHjmEii7LxIb!O}l$|Y<JS!lsZ>-**+|)
zqw_I8j4_Pi*7B>_G<rH-E11QA<P<;awwfPPSET<A>D2E>2FK|9>uGdqazz13AmqhQ
ztU=5@a~6@ppa8Wiya^}^W&p}i*>e@%0q?>Uek!2M)uR*rj5eSkB=kYRK>;0Ea<^IK
zx!0hrLbn71_Crqyz*iJM(i-f6nwDDuN{5A{!rf1h8NYY}zk#l{K#i>~tUd4vlvl4#
z#fufUe!z`kgHhu%VpHGgNV8xb(#$1(miqG5x_tgSBVvAt<Q6C8u6|%!9kqr>lOZhV
zG$mOPLTH*)G=x;Ah7uakk~FNSlce_JDzfM41t#(=n1MV)WzSV*tR4GV`DU`@8{62&
z-8^C9u-5|b{f7MUVYu@hV#v*K$qXjHTL?6^d9jJ<+S$M`RAPjp&7w%cd-mfpX9-J4
z5LG3K%P=IgNkfv*oK;QL_)+B8hD`WXFav&t%AUJ+v3A^R7n5|KH=O`1$1&3lz}h?A
znd?_%!SMx7HP)ZeB|q?~Q)a#Bs7RLEXi*K}*Eg@HLMO<Ap8}6Ug+{FTdGIKg_zW;)
zC(qnx?jP7p_!-y0I*CYB!<A1|=OoV<C216tSyt18pZe`OXo8-C8K5Ur_FNsr+HvdP
zG|4x%u^-*};ChHcr@mLqT`e+uq*`h6lV-7Gdj~c4ou5*-BD;Y5at|BIKNk=p?%*xH
zE;c*CJk2*1@7)U8ROiMgpp{?N+{dKCy)<D;ydB=$6R;+Tm`Q)3(~sgSUwZ9EUgH9e
zLf#!i7A)g-VcF-~GI$MvSb{Zhki@G<8v3=|$*+qMUbW)k)nAs|zjllIFAv+lUh%UK
z4B+(JAr@o;UlJ}f!h*~y-i7x}%QB@6R94Nyio{hDkUVNi5`{%Wn>t`Dv6i%s0ux&l
z%)l0*vgc|n){a|ar%ArCjop1ugNgP?;UNm`H9M}gy{<qWkhnsT>H-|?dwfP*jT_i7
zB@v#0@$9LIQLUc;Jgb&(%Yh&IVd{ItyWyUK*k$?ltMqB;4^s;4U2s2gIu<CHRZI-;
zx$?sd`1(i_`!Vo$6{L)!nnXpNh6xSgBDH7VgeDRvoPoqaWzW<Iv>m5LOq6_M8~gY@
z3~l3paz`!CYhBGtH@%l|bAA8eg@oU671As|!!3pkaqLuSNk_O4e>scsM}^!=J)DP@
zafzQ3EU2IOpWuccLf`tkBK|=7mgo7D==3x-ZOWiYNW>W9K4lUUnpXv>S(yi6#>&bO
zPY6vcOgIAzgUX((j}B;wMIWb0zOjvcTw)C>|5hEo`Z&I3S<nn#wBNvF#84#0$l$ZM
zj(h}CKEVyPpbsku>Yw%)4gLO8rErKqWe3B5<_iAj-3x`DmEc-9Mt-Hso$z3ddgBrz
zAUlJB>MnGOx!&z0vyu0w;Ybc_@dC-fU-{2F)u&hQ#38m5SF6C$(sd$rN8o!UT4BxT
z7m<f9H|)js(ulE^8+apev<2G*Ul34VxC`tS*p`d`t~OIN9o`eps(I!Vx0#~9QS!I7
zBK<uKS1PZbEGX@+jP*kp(8P+UHez<Lkwj6I)T$PHMB>J;Nm(a8N&UcY>WWpN%j}qV
zqi_b^2$en8>`WtXy0J*Q!W#I{$K58O^8Zq|N$4nX^bjgCLIdZahg{<4#TjMjn2737
z>}k=7?SIcNfFr)XYl8BndcM!}4zT&E^P;JXye479xVK)$KA}a(`1!RiizrPJ7qeh!
zf{el$AR|;(L&86|>vq{b$P&OBL;m%&(!I8{2b`I;I-Mc<ioS*wcVO%B=RYsKKd;}8
zO_M>J0(U_$E3^I`KqY_q{Q1+BD2dxiicgc+^Jltc-{`aVHI(;K1}2FQ$;2<f<Gyex
zaO|@c?EXk?2z->*&2u{FC!7cRafzRoB@5X{iff!`3{Yvp;7POC@OfV@5d;uA5s<<H
zwaEw+CzIq+kitSlwIoH?Yu8B=0Tj+a0HLx|brNgu=Jp;@#i{I3wyqojL{#*h-1`m^
zQ-A6_-X<``=m#rcDO_}LCB$7<x&okpa&P;)B-metEs%uV03F~{2o1qhnk{vj)B^Hk
zpEZf72xK<YU}c2gbE(NPB&uNGv;t*rS4%F=|CTN^{U$za6sDkWP8fz-vgU)Rga>-C
z>j>xjrJ2CPUymP7_!~kO3*Z1(%%@-ZpDkPhs~hoekMN;-Enp?)Z>ru-%+TRoo5Dpb
zwtRZ~ElvV1HcU7rVy?L7)k%UZzJY#~s4NDUs^>Km6hFZJxTt`_2Zi{fzqi$lO-DL~
z^N>z1@fp#qRgWgUiiv&%zmm9~kN`Erm|@e=(4vm~vLZp5b7RKhl9Wx|khJuJtcdcm
zVD=00&_p+dGtf<_>{MfhwTBzCsqiLSSKOHK7qFQ#8(Y>ujtc4|QvkR!)v~PkZqYr;
zYy`8i=|!i@n$|;Y4FD{$wNZXU_!9l!FJy2?wABKUw@l4v-zz4e#tS2%&$w395w69?
zYrn0;tNzu4lw0U;@f8qN!@!?_cu!c}lDUe=;nQN(`so0va2`O)CH~LRdTcsqm?wFY
z<s|TvlAr#QkdzrMNK*Pu97jbKN2OisO(0Y_0|<r6PStv}9@=xcS)BUqZ!AJiJP9g!
z{rb+W`8Y1AqB3*-VcC{Iq0bxg){Je`g`PkjR>ovV?C^%Ev^>U*#zs~?-?UUvp6_MJ
z4|3WcQ02LeETcnJr?6zZfo@ON5PCrD;xCpLwCeD5>{U3Al*=VPkx}C-S74%kyfd!_
zu&L1XR|!-AA+etZq=<m?k~T3U5JG^@uD>Q2ESv!bLuIGxFIwHrroYpWWN&Q4|Kr-G
zxtQ3ytv*<&k{Z$_R&_z(e83y-mG1B!P7rJH&vgFKU;cZL`hS(TbBKnWT@26i%5MFd
zhx2lYYyIM9n2xT6T0zvly9%=?2m&8b66}2-xg4re5hzPVVhTs}td0p}muoURyONk_
zt#Aff3zeO!Bq&djO-ZKGRH1@@{CRzQ>4}{V*Az?`yxTw2d6Tze@IjiJ4nIe(*tbi*
zJ#8Ljxg514DyK*sT)7OytX7Qm8zwi$01!UdBjpaZw<KL-cqUELjcsFNTN`6zTN~p}
zvN1QdZQHhO+qP|ElYIB{y}zfgneNkPW~!=BRoP3yJ??q0po=Dg$zFcaWNA~wR6Hwb
z-tA^k=M%RlBq2JJcI6&;Jla%sKq;;iZ&|ZDXevqKzxmEKFy_uS_KG4dHfw*eY%P9b
zZ9)@9nfK`&)8sOETDMR2@qy8$w03Y5A2)x9|32=4Wq2DTTL$ycwZR>ytq@TbW2v1F
zjy#l8d|*ftQ=2wZQHy3+5)BVxiv<8FYw4G4+n^ayCaYSS>ljS%QI5{Qq3X7L$^1Sq
zZB<yi;Ia*QQ{*vc+n}{H1i6ua=61BF-EY3_q&TMe&yBnRb-Lx1(9BE!73(}#M&Pv@
zS11w^;>M@n1n>7%j(ZcZ?)15HEhr&MYvpc>4z>FavkPTyaQieGkb+-MgugCVz*w2>
zEPNxzyr2yM&&t6|ZU1Hu4gMIxO<;CQZv8PLoJf-Sr^7^`G45WRQAOV=jc1^TQpaDr
zcT)c+KjGkaC1U_3MWPU55-Giu9u)3a8}tsjH*R6m)~G1uD`Prnw}=T99&RIlMx0QP
zjyM!%BI6h^k(ASri-Hxrir35ddRZ|@NGs$I3=;~YWUmMGjX_n?2Vm)$Fu(z$b!iPH
zYqLf-==<a)qvIR9GMd?t_AM5udcDeak0_}RUFoPg#TEzV)uN_ASb*Ln`OjnB+yCxA
zBfskk83Jd(_T03j+)ug+-{^6fvZHZX3!w{^0o6S<zhMPyl~#QX_*T&&APj|tj?jka
zo1^J0i}!i7R{9Iyq{GM1jMm|?&XLy>KgF?UxnZ7>@1`i4@~YV!_O0XJEn3;IE&NoP
z+dvX}+W51v{9mUuY=M~Y{!b)HR8@BKQvF);2s7PvSS~Vj|IqG#I2D1UEtFamm0d15
ze3GORlW6Zy>Ykvqlv8o+#bM*#>q(vwFR!i?1T~Z}{^1#LVK5KtB2Y_L0jTi<KQI36
z2ffxDELXU-@&G5`uEv%sS+9YvwSwQvQcVa^bOoWo#6v0ul8A1AOw4i%eb`F`lDQ_B
zhIk0-oW*+QG>70xK+6mKEIeQGuwxp9z)4rtgI_A{<(Z}L)<d#`VJ2LFPH%F$5PAv?
z4>kQ|IHkN%z@+&anokkSD;_w^cVp&Gd3{r@bN5*v86jE4dmO^d5f}0m&K^{glgg$L
z0QEM@4XKV8tiw!mZ83w|1`5T>IW#<+oB9efEdpS90LrDCPb<z!6_FTrC&~Xhy>dD5
zX?-bKTa+Y{haO?9*YjbJ8&x9CWkbru9t<pi0@H21K(OU~X}dCXVil^ooTb9h{y-3t
z2B?O$q;ZH!V4T<z_|_B&=NYIMrNe0r=yx%Z-OMsp`u!rp_L6L}X+wK5C$sBCL!c2k
zZ2BYfOzc|JuG<FCR@+l~W?*c~U4GhY8GMWK(g%r)`f9glvsSP0In%Xmxr9~L2)?G-
z9P|K62cvTix*3vXYVsl|HUs*Y_Y7Var8m#d9ls^@L#0x|-uqKhHmE1Tz1jx1T-NxP
z12)va#?H6GVuC%&zy9p;q5H`xj{B4UL8U;^q_j^Bu@f7TJT37nE^f+zL5ISc@&zjV
zROBF*w|RY4@83kNAl~7g*@!8h)%~KZhx>Fnlv=<n-atBPk&v1?tZ7in-@hc1h;>U-
zIup+p(1N=)#%|R4<yG^zckD*4&J}X2mZomiT9UB&vEjo++2L7EH|%VDo0(Afv%wDf
zSA4Z&PWoDPfNpC1_)ie<F7|o$;q9*JGU_Jr++{ozg?n8-Nj9(_je<hjm}Oa><g6^(
za|n}IK+=fSJ^!E$@AlUfQyNW<gYu^<6MLsF0N49gP`@_uc%=OY1KAn^uL#*EuoMa6
z>qvO?4c+9kR*W82u#@vae8;&RCd;^|e@+M*UdHI_r-K!{)9YP!U8UeiQsZG*${Ar(
zbs-s=p>1E#;iY3`0R~!`ch1smuh8eYM>k$|`@pQvXkT@^8}n3}*k09M@v-yE>)rL`
z&8O?j_2X^o>ZHQPen=ZWqEPbR<I%yhc^Ea<bG4Y@Lg0`9jpm+6(oiUd99A49z-jH!
z2{R~~e-*+>j7?A%NFGRuJ!NM|3H`q6-PBb*o0Sc@j`i(EQYjS@jlgR%i<{$5G(`8=
z{6!DRt@$=B(r+PPzj?u-$#Wh^8C2LsiyZZh<~rR79!n2<ELr>#X1~2(J=*vuB!fWn
z)VAkOf6DaefV19Z(~}p2-v$k}VzNCaw;b#u*W%E`Ww<%mSU#>GtEzK30C2^Pf$jy_
z0RR9jPKF*A^3pXba?Y^5EvkCvm#}c4*P(VIJjAZx32@i{O$q)@r3gX7_*$H1c+x`=
zMyAOH*DZSKuIj#h_-a}B=pHR9$1#v?{KY8$LaKIPhmZ=I>JK}RlC}XdIS|-3_-)9Y
zdqPl9_cr%?5u$oiQs)R#Rg3{Pk$I6~_A<F2A`S?RF%TLVzowH~j8nQ*2FU3~v5Vi1
zu!7X9trBjR8rro^Dpx!&<1084RtBR9^fy}Hfea{8F_$0hNjNcG0naiw?i60f%?g?O
z`hFL6L+btYq5-5D+U1;}oguD^4G3fO3ihJZF8>gwXQBs2Y1@;fXbkF-BbZ7S#x}rP
zbg{LE5r!}@aJt7gg8_talN4V}0P0!y&_=AJESN-RQhP#(LYM+yV8k~{y9F<N6~cdr
z&DWsxQdGpR*_0EbG?gs~Jn09xf<(|aC*Nntz`|TxvnGzG8xMmlAM(Tz+BXYsmY>3N
z4*Tw0T)Ky2i5wgc34Mgc@D@Tm2P#G}>?;igtV%yvdN63kd3!S(&k$ueUAEu8ut`Ze
z2F8#HC(VL^PU$LD+U!5?x_4435@*W>J~f{(5I^?8bptsc!dFxX6()TZebI`Jy#9LW
zlHhBKP>ku82~%BLx2{5M%~sTESoV#DT}8=XLO-9v@kxw!Y3pkPd2sHLM}IwR58O$q
z$bC(!?`<!%G=k~z=n@zW=n+OfOqJ`kcp70o2QYT12mkztdtprKPF7|1*v{-W{5j&u
zti%5)a+8Ccj;@y+Y9H=T6hkFmy!!WjY@h6XJlU)G!aFY4YruO9@gv`Tu?G)AFj1y-
zTrZqYCv59NS7eZ0KCg8^ZPFU+MCcAE3*1FcFH51G2O-5~&rQc{N!CI;Y12QY7gIwk
z`UxPX2K_U5ABiC)CKX%T9@)SQOUui{#4+b~hu}y^%e$nWZ)AwfJb+;c-&z;iuFH&3
zU^>v5uT0c?k3g<b?oFwWD&uQv7sSqL*7{Pgq@h$IVyG#3%HrmNlwf76=hfPhvLXx}
zA`*X_GhdbPFzd;9*D!Ge3<GEY+UR+e;nUxhd8sKuyvp?eY><&!im2IwQm(+#oRasH
z6)=hx=Ar(&OmeUKeBfUpK*L%lvtha{W#RN%vF?)>Lx=yaJm2G-rlq9|t~txT(07|}
zD@!tA0UFhf&S3y~8FO(rfZXLK`p%^3p3&y|Mh^rMQFYr$+g`fO72F-^+r7i;OdWu%
zFG)The7C?0Z0a+njmKa8S&<wd%ANH^CH`;JDdQ6Jod30%l_lV<w{isInBQ}(?P`Qi
zvOs22PTQlgVW1G5`z$}6@7F-M`a41gEQo}oKXD(C^ay$>fx<o)oMfCjw;#ec7mZBv
zd(f6uD#(Z{R4-~$mIcSHR+@YROBD|lEtE$a_;%>{S4q1BNYD;dc9Muv(Hmp+jgL3U
zgTal@Ge>PKxks=;>%y6BSF8h?8d6DVA}jfA^x8ZBwtmUGfB_-~K?HilB&aI+?{-_+
zo043tJNAR+54TdWlvmMyd_?8N1hGMcoC~sCMX@1UkzFLrM1E4YNieh{q1Zqrkl&@w
zCY*WUcL=4Vz~94~{bZiX8Ze3HCR(c9k>JW+iY|_PHgi!Z&mDXL(TvPx5jvaqjD2(h
zWKX|z&_j|7vZOoUm%9UjEOK3+X6MUU>VPZZ@hrvlFw$>Dtjt-h;LOPNW!)iUi43s~
zA;eO;WrlC>P-1T^n&Koc>us%KiJKaT+c5HI4WV%Q2}nT}#Ce3>FlVQqhGBOI8vo6R
zz}_=Yg@6isrBMzfKQtA>PH7<A6|cGq3K<sw4PCyb>)&Cio*mZ?qbTA_BQQW<L;?F&
zBsS7$3kQMn{j~Yci41m%Ml>T*;04`{jYd%Vb`u*?4`4^N`qUxFvjRWW`Bhbzqu!)M
ziWe#u3-#@QIEju1?FPOy%}RQ&pmt}`0hQj`=L%(m0yKjBxIkvh{1RyPtk8YUa<dSx
zpASp}5RsgJhA}F#s~hM|y>{`yB7Yq2*0~dWuQ$8chqUHG5QoLfZ&zT2Vg?3mK!bup
zb{cELU|Xe*TAIMaD&wT1_=;HSQa|!Dbeua<8}cDbpQ3%Qtg6+W!QRs{E##8A#rq~)
zP!-Cyp~5cwlt;tjyxY6yUo=N|z?t#=kq-<c;Ef>hIN_lO?cas67Hm58cQ~nLNfZSE
zWOz#X&mSbH(R+U1{w+1EPTOM=%sHZY8D+vsJiRS2(|YD#aSe@qN~BYaQN29!D5R&T
zp#IU61iyVH9lBwQy@`s#zEWg_csQ*KE$ExAaZDTx)o-C==bj?fwK=%?1X)m+le>Uo
zNPfPo+m6Jq(0vV(?_&wq@)|wh_YsbGBsdr~=cr-ChrImXikQWz%UR^g`6h;fJY`$2
z3=3f{GC%M&RYlEpM56}!n3baL5LAI#YD+kKx1uF1={j<lNk2STVuV@ni()=puKNW#
z^(&osx<UxZUz%8_a4~+T<6gf;xDWNy`|6F`T2?^@c>%PgbYC3mzVLcB)i1s&##OD(
z7TO;U+4)ObV#?^Gg+nVY9PNM*>zo499d%ZrTZm}(cxV?Bl)k`pm~t-eCoNg5lmWjA
z#Ry9Z<^4sKg;jRDs?JAW-nf0~%09K|Sx|$<5JX96d6lH@>bQ~?Ni90SC5C>u07^5f
zN!?zqzowQlR$l&8Ue@nWJUw@vBAIQfv4WUsw*{snd$bDW?X)LG3Q|s-qgWtwNQ;yX
z_-(uSrFzyNMZF&8d*rRsYioKcI@>vZFwT^34_$rEFfp2-=%FbI@L#FBi`Zh0vELNB
zgc-vEoogy7#@_)C4(pz|Y?d9$z1aB+zT|AR0WHbd5A<URm7|jJ<e*^}<fJBPcTruT
zxDf&55dhvEIe`CTJT5W6YBN>eF5Nw%3u>PC>{!)hQ&C*ct@U0_MZGqed)U}sHXm(1
z&=jwPrS%%=W?bd0lY9w}@F+4{jx_$h1MRpK)*j*HR5c!4&jj6VZ+hJPDTPvGB6nWy
z*MytwPZDfL#1yWf!fC(1DkQ6@$_kDF46-+I)QRg@qMsm$tQ=4B<d$~oWqF7Regwwm
z;hh%sr@cr*ZDTg8&(*EdpE;VTu!65UTAsD#%T4wBXUOMp{4-WwBA=nnd6m<^aKd93
zn7FD~3WTFz%M~uY)U3d?9Bk4mK?}_D7a6j0Yy;$5w88CGDwV0X;rDlMPsqf+w4><F
zSVl3dJe2hTC20{(P|?RgSqI^=X4*>RB5LY#>N|PNzj#q@c&~0n5v?^DC2~qZiZoC~
zU<6sKQiH5|h$qPv9`i@bo6)>QS9$np`}ue*1bs}OkEi0a?~3)_@i{1yTIjPed-cK{
z(HO$N5nz!}TI2%02x?dv^|)3z8kz+@%Achg@|xFwU3$Cq<RZmb!HxWYu;>9{xp1-&
z68snCgg5YMdt*(9mB2|~*}ls!f2P>CwX=PpsC)`d(`-;O%Lc3gg>{KgItaXbZD;{&
z)nBwlB@n43$UOE5$>fGcgasaI<qu2~Kt4)5E;WSeb0uU1`@UA~^mH9$1Z*^0t?OrJ
z!BP80vjW&4lXh_VN<p-S3Nz$?dRrcF6+0l{lOoBK-Xin#RZ>4duuV}{3d{0K^Q9)s
zd$V6NQv2SG#cK(Z_$~7QQLR|z4S%ijvI(*zDBStpa`3tIpI|9H+55x)fw&pQ8Zylu
z-UD<8$6XW@eV$}o?j(F;xASzhGMB^r?zJP#Fih1neq*Y_2JS`?C2ZE9#Rn@olIQ+J
zB<N_x6_x)35vQ~!py42W+axyI)SXEHn8V$$B!x$y$n`Ur(BlDRW;aK``g2;0(wr+y
zhOiYmdJIIQUNV8W63=E^nJWhxmnH)3^){f95gbn$dO+y@yY9tC&gMY6{Z!v@GHlga
z0>f&XiH*fn!b$B7ZQ}a5ZfmRV!~~4IkCs6uUp!H#`so6h6*M+h8dm!7KKrwlNS*0-
z5*i4NF=^b}QHt|Cb6VU_auW$oA_}hNH_8$y-54n=0qK3bdGJ`%5KhODmWh%c-<6q;
zWDa@zJ1_*;FPL58Hm0+FF9)QP<jm|YnPZci;lY`b$AD*@t6~wop2?Sn(V+_o0lT?H
z&4opl3O8b}1+evBVrh*-?6+>iYG@EPY?<q6ZI0r9q7w-gAe8My(TAxDfA&44mazLJ
z)(Za%X`*uF_J2qFdv}BIDDP*ylos>asbBNUYY^d8UGRO}<MU|Z=_2EzCU7{`(%u|_
z=4Um_8DDt>i+w#y#m$FdHl{gB)-vpU+@TW6U^gEDp!7NNq4ZDY3dzLZUzGq<HSgFq
zr~c`HBDQ;j!pl;5*-5V`1<7-W&!_a*Dz<XLaePEvVW<p42K96y%fYFs5vIlA9N|BL
za8V!Kg=TmhCI_6{GX7fc-9a!oDIbYRCd!<+G4Yfxzh6t7S?RLkCP{&Kt`0&hzXl#c
zWvGrQNauZf=(q_!b*s<*qTasQ^SK>}*xB}R|K8Y0S@h0`pCS#KW^R0ddm0&(62XV)
z)(<?p;1xzJrHW4x=_z#^PN%KVq{ky+Cw|nV4kr$4V2ubzWv^{8K8vKsrQt1yLT58N
zK##Xz=4TfVCp<uC-|E(DoQF=?<~nj&xUjRnK3l7C)O(J|Y(o*#99EkaMICZLAEr1E
zQmtzoE3XW9P#V6jE-B0Ulr}Z)kzAXT<6=2r7a(baC5Vx_?22m(o_ZmEMPoL)t>^J7
z9U%I87%t|0or#Hf67~vS&sCY%Eu6*0chqYKJ^<Dg^`6yGY#*DRF(LBEe4%#!q$yTF
zoO^gUb^WZ`QM^4Od8xL8?uOy{Q*cIhkLq{(4SU_+GSm?J&???4a5$RdXOdAyhVm|y
zMd{Bbjg_l{dt})^&IVT9_2y_bj_e5lfY@bcRKR7m`yUZW8A12`7`Z6^<Y0#=X%N5B
zScK&?_**rMD$;mqBB8P_{%A5PjmnB6!m~Ax!9t5lLE42x)gLsD!K_miT7>Ao3J#RM
zh4m|1hJ#za@i?e5Qv)egVh9eM7F6X1`?+c~E+rrj%+>3(RNF$iTtCUutxiA}aNPv8
zoa-r7$f7Oo8^vj=OQ;%CC&5V<N@;&xviWPA7&{)kFzNF-I(_U@ygsOpUV%53^iGl$
z(Y<N98EObD(5Svbx1D4RA-}@X;X1mI+SX}FVfGXLNt)9anTY=Br#^&Pl&LZw1H^Qk
zyQa`hc9Xh<QRa#XAMok^H27$%@1xxkBcrqfZ)N(`Uh>d;6IL~3bOI9+k9>0?hGy(H
zQxC>-FdmR{*It>Lvy2<#<;EZ--4eczJL@P8m6)7WnZFoXK+6L>!Dl!|f=~k3LaFbN
z;QaiN{FDz4OdIYJsg)%1>eQ18soN;Spsgu)?%94i-?Z$kw&F|euZU|{^^~9JzQ0}u
zpTSw_JiixdFFrf$)HbJaF4t3HD*(V2rWa!%Qb)TZ1;|+yje^B*RiETuf<00GYAlJa
zenARji|mgKKi&Dk25q7zE=Hewl+&4GKPrczG?-6Lm%xm+c|s-x#;cGyJ&L|ipTHiE
zXRk_D^2C)lw23Dbwq=p@QTH}uq2_`NXoJw}1pl;zfMyl{U`xk9FZHcLeol0q*;FrG
z7dqEv@AEjd>+OpA`B-k{+Hu<LN5^MpE47o1q@$ykArqdNhxK6bcVuuZRp$^|OasGM
zHrhQu(3Iw-$XhKxxkZiyPyLn)pt!7GNHgo)YWbnU%a%Po8VQ`z(iF?S`lY;|yUmOS
zbe^U0^@pvG7Q$AkEB|%;qM$`>hf|Z+`lT%GZLPFq7TuO$Ko7KS)AwdN*<AOmi0=hW
zc?i4uukQP5%QBJB2CZ?<D*Uti?upo<R%@TJAhLTp#aCM{2QXsXmo4V6h?*7`rX228
zNm`_xoXph$`TEy{+UVc^GHKlX#fVK?^th!O#k$!;iWQ)t3LktyjrPAAX+2Btb-x1G
z8syw5`TCU=Z3`{t3$fY^gdpr`P6gB{H9_f#P1J;L>f+M3C&iJB*<!&Pfq|7hytrnJ
zf(tHd8cCK$jDumn<d(5BYyKA3GQ?$Zujht8hc5zvT9G<kRhez4i1CX@!S%C6Yquh%
z4|uNm;qPjFw;qcc_gR}vMY@XL0-)xUJ4`O)ZZ*i-{*6!hZp!s)+GI~LQ{aC}-O579
ztU%x5bzF><%{K9j9|Vz&_EVl-fErm0-EKzJe-r2LV=ukndK~$sn(>PQ5eKvYK1MKg
zRTD*VClKACO^#l1Y2d8U8ZV9UcX8$n!Hb`sh=&ppiPdt@@OgZ`<oMit{Od`2rmD9r
zx-J)0s0p^iwch4Svd^=O2;a#m#HMGn+~kOd2btyxFrQ4`tyx;vEz93*_rttGus!k^
zl_ttXm6nw>S$n_~B_VK$l!6fiUxe)lDS|qr$s2@7)({k77<e^Pevt7vnp+VBGAaQ|
zWuU$Ieto-pku6#33#0o*9j6sGMd4{Eoe|7gd%b=h+hT1jo^-EGLAkcJ^AG!^cge}c
z(2nEV_k=L2|I@n`dz<@Azi~mna=t_6wtMPbdCB)U!d<qwf}QxQ<BiQlb!)sYu)JPX
zTCTn2B(7JjY06*gSkVzQ)<9d0m?^nndA?o1WP<@8(qf(B-`^2?GvYQZKhk0RaLZ`4
zkG%$a7H`&J(2jQ&IQK04An2R}1CI)4j@wThp^^EAM)9<ep244$k@RxygaesFgE9j&
zInRVD19~JB>4CZG34-Q%lW#WJH}FP~?8;_tr!{2Z#XfJ$y4FyI!S@bLfBH{P7ZFC4
z%Vb^{$8%Ex6Ug+jvvtc6REutul85!1%bPasrWoT=S>l2{&swJqaJRpwLO7rF`k5m|
zDIBl_wNts^9FiZ%{|I40OA(66;l^<FbA(f8_>tzDP+683iH11KU)&0YmleFD5fn|_
z^Df1fo#fBAX+(9ejz74-o+VMqnVRdxlw@!_Zo{KjdNX*J`gA^~y1*0vOUj(`_@O1@
z#TvfVu$#Z)2Tc=Pzq{|DoVLxK-M8nWAi-?%fX5LTrayanR$8$D(q-`Sx!tAsw`_$p
zpSCiC{*O{DrR=r=_d(GuF7rr;x6(+^4WsXvm8%*DxSrUA{IU)Zq^YdnD$*gO0gaY?
zQ0%oJ6$*)W_;6hh)|R}_JY4jcq3(eEVwZ+owci0TNDvKpU{0i8^kS%o)}*JqA@F)+
zrVNe?Vill<Y@dF=xAB((v2?94J{hUZ{qC;KJj%nj44v7t(^Gi*nQU={!ZQsakA-T6
z2cs~3bpnbHHuwp&0}h{@d!RggGZUR(V}PYPx=L5NKq{V6W&*$V*UGVEuLBe6W8g|&
z+7GQBcxe5ZW&idA6l-EfG?S0&_>L{9(_|VlF`ZVKvkTSY?|G(;T*P@A40YBJaIhJ8
z*8p7NjvA5XIE>1ZJQp)8*o(|9^FrMc#!1zuAeVvN2jvggS@%5?`n5ru>JdrIwFqUW
zfo^Sn^zcQci_$;Bc?g1&rUDG3!t@W#E1KIbKhAq6u7xz=s@?a(<hs&2Q8iP=SSt4U
zOzg)*hCkZ@-pUY^G)K$7@C%Zrdd=qQ6P{*R@<qOjK^rCO;&Rz2iXRYojvB7<$5Iqv
zu3J}1ky;^c2(dQOtzVsAjQc3!`gQe_oXGyD<T>?j(h}S<^=x&D0y|pxe5!v@_f)p{
zbo#g*d3paWKvU5d_;h}GcKJ8iQKSFMi$wJq5Q#x!A3QvLfyY8AkWI=_^WL;2^7ItT
zX9TtO?|Ze!lG!AXQrW8@us<H9dX%ZWyj(LL^L|lwA^uL<g26ac4r;8bmLrfZ19T6_
zTe?ahZ~Ns3Y~uiAa5DQXs(4rcxli*FChevdIX)WywJGPiYApQjMwL+qa5XqWe_y)G
zW@7j1;{l=BgC!TM`_s&RdSSS%yzmD*&HvsQL)!DMR6eu-Gu8+ZB{o7R+=zMlATw5o
zgspV5f{uFJQ^x<y5_w^lsOo@OQL6TcWl`x%WUGWndb3Vc=w0Z4Ywa`pGurkyzWh2!
zexzd4isf!7r7U;fe~L&m@J}z{1BjU;AR86o$9>D3bEFVh3`&%bI8bPFKm+qlN@$ZT
zMYYPrSM0UQBw1RN;{f{F=ygM;OKSFlF@JK5T}4ScHONSJCj*jaVd5Jv-gi@uPtdKU
zpMi|2foeQbvQ<1fB=q_>exVg8TJ@Yo%e5<mz$9{)v&!G-bi#nWBdYKLwp+@izrDwX
zg5~SU+XzW4Hq0O>fc*TEQlRdHsS#)X*&rE~SRa9@f;4JhOHay(SRMoNK<bb!Zp5D6
zUp2cuX#--FtJD(;DLgsL3XGCC-KHdLi+hkUz#?{F6DJTH%D2|Jl0%5dh+eN(hv^PH
zi=>iBaB-{nvv@uE3BJ$x>c!cQjKQK)JuQQ7Bb-7x+~N=_uP6n)QZkOM(UGv%Le^9I
z@DznNZ|1^!tOA}rQ7b{}h&gn-o@>G=dBmw#6@9nXZ?{TY#M)6!09^OKkHai1SJ{R+
zzy+yJLHqFWqgKNQn2`MOuwIl+9$#)Lq}{m@^PM-X!yUcYXWh|XJBP&^h}hMUcQz|;
zU}<1-E;p~nFr;ER7t-->;C{>%v|WkhyaTuD_nkLB+PHMpc3$OzlKdNA;zH^xZqe<=
zxglsT`YY&$0IU_d)n~hhZq3&mv|rJY(f!GH+kwf;&F-~bK0=Bo9c5HM@iN^_ndV?P
zEtI#s8II0xlyfJ`3Pk5|Q{ODJwXt;`&}K(oxyxyaKWO#x=kUt^j%#sWV(I<Vv**{e
z1i+d>y#u~a)h=3JM;fu&w#t&KW!}V^%wDp_Bcw5_4RMOb%jcb6YB4iK`Qt7q2igk<
zaq)PN?|)L-{KROwlN6aS@%YvPl_b%IW76;Opkz4fR`4i4c+#Y^6J{v;P2$hY=!VhI
zF7+3SD*ulOg_rIi1Gp78EqaUAI(3OB)OZ-sicLnpm2O!Wy#4_&J>-?rq>jbjfqc{x
zKD{nj1?zV8Mcfy1)3R0&rlvm1#}cGlaa2?mKu-LROWJ>8*m3k2!C`LyYV-$v(LLp(
zDFrLS_7Vq9>{HWdWQRbC$TAE1FVH(xWFxAKoAxFG0RbKo+5JBtBpma<5)#=2F3Pg!
zpt~p#(@R}UF~b!vi6a-j=K<m84LKBcV~$xu1ZnE4&Kct&UT&Lncz87o<<O;av;5qc
z)i_F{t`SYczpjI;c=gKNy<dgK3B8IRautQLxrGt7+>md^-x2&N=oc-^L#VbcW#01N
zTLd*TCgv0hM{$q;5Wbts{;O~ABD&YPxfy;h8h~bGqgk97Wz!3^$82CO6UKrT8*p8H
zt(2^&497>M+8Z^uIY_<7<)Q?B9i-BHCEK$oolj6cF5aUi@)ZHL>((`xm3x@yUAo{K
z(0)7g>sR~I?-Mxj%3n^1kIWGcOmg#R?$$(9aaN6N8le=-6JuwK*FdXF=1hhjb-ndT
zfEd(f`TH)mAev~G`wOke#d_*RT>cs6&qa_Y0h8QJ7)3KH{&|7G{S{~320izhb&RKO
z;|2?XPSOncZ{S}6ixj-aXpWCXZI4M8snwLIFVCaY@f(lnC;DPXctq~L-%oTU2Bt%M
z4Jmk~6IeRG;1cTa!rLwGgUw*=Beq?2pbf~z0?Os|A6ZF)->U4t^pw9WD<*;wEY53Z
zoMzC<N=}W|KQZkUPtNnKc@4uahrn*uH#eFYV&!dIluc;uoO5Y+P=0In_)s+M-0mT2
zSPty@84)6j>Ft%3IFSfT=CS?sCgie|_1qT|v2>boh{^qP3*Ou4ve@;-I#sf*Ij1U?
znF#rifC4z~G;})+crTG!h52Pw9+%n{wJ}bkIBxpp<*Z25p}`m%)P=_az9`tUP3`_X
z6IkC7n$u}nfr*y)^aw7AFCx9oO<rRwU-c9vvM+ze{cI7>$ld$8n}n!)ZgWV8^2*k|
z^1H;x8f|WCPqITGzM25hOVnq+YH0Uq+s~+ejj>mnzV><VeT|q4Hx->Pv@<BvbZc1=
z0&=4}fl)fZ&{&1sq{s8-msTkFc^WU0*a+PIe%FrMy;==cEXobWq$>Je|G{_2%C!s5
z2DCeKD?I}VoPQB<)XFHX0j+D`Q2RRVxqPRcR0qiQm=IfK^Be~GEp=j0d!|$*2KRu#
z)J2fkG`$nILVu%y{bkDiucBBuLfGRI`yYSI2~wUylQ&XpGlj==DvuTgjkK<X`LYU*
z9>F8cxnU_(@|=YiXv#7KN`mlp-S4tIHDleC3i&OC8}ig)J=BTrZ>h6>TJcFjfQ9c?
z4VG_7&q!t8=~Rq(Gb}lG1y{7I<CP&+d^)tmmc*+YKVr7}mzE;nAu)VH<$|p@XCN|z
zda=9RnQS~2scR_GID@$kEyiD&4&<L8bwR?Y^$v-Dxy>#23N{{RT<2{WdJO}n7T4`n
zvyMc(6Cg>oFek=HOi_zQRop}4giTBD5i&Pzqthm6M;*$l>G!<H_rpzPY3&E&1tG+A
zC6x2vOK7n<(5iAh)OCx;4+Y7}WyiD1#-pKeluVT8%f<^aa(Q>clM$&7=eh?QQ<cGl
zE0zdTetn53-D{Ry6*$fXx!6WA^~6JFws!2*d$}JZ&^cRsDw}y8V6*KS_Hh5fGQkRV
z!>NmehK&fIHSCOpjL0BH2Au7M4|)Y-a(tENYAfls-j(?cb9BQaI!+Il5E)n<B=D)~
z!zd&r;!HCk==yMKJHjCJU2|j?eb6V!A8(NDL2|j#ftHqwwFu+3`P*t3Jg)i|8(>)(
zZ_?SmG=k1Mmnm%p8%@!S;}gShWtW(yl<e*kB1yqyGbF)BZ!@SUONOqLHG5*drYhX?
zC6Z-OL7iykjDI@BqV$F@UA%tXMI?-Hyb!)6v}@S<{)Lz}K3iCZV}F2=3+VX5NZfu8
zp9nxRRiUDg#<T5>v@U`^j4z^KVI6Ff@_vzjU?FHxpX{yrJWfqJQA<@98_SQC!RDeN
zsbS#XCp{5L45c2wkNdj-6@p3ro!EY1MW?{7LmCN1@m0Ka5y5B3PThy!y@#n|A;7SN
zL{$kz@oV`x-Fw$s3<uGnyy;YJCAYTIqYN@b-da^nG;n;mdLr4@2^(Fdq-UYr1F+o^
z?Pe=R<^wK&+gEs>xqXegS4f+;%MlTTJxjmsnK7yOoT?VtJ2EOZyCSY^+zCrUlYSTm
z<4<fXrfI4ue$l{Zm5b^?pRW39uiEi;42N%|7F#KOV(l*N>9~*pQpCpjc_?mGc(~=>
zlGKgY^+wZIW4AVUQz2|~tlhRoXPmD@u0SaI%h}5c%3x&NkKB13<C;qO6ybxfMgpI^
zffkrapB#ZPzWgunNHevTo<S5r%#w6wOM7XU025<)f3iw?z*fAOmf}^tk_1f5N>SQk
zkv1Wwtt#60aZrF_ETk1K^U11j9ehm-svSe)!3}xEoxohMJ2B3Dho|^6obg8>G=}Ly
z!<e5`*#b$Z;kgfiqI}IZf6|5+qGld{Z*a)3&aDU=msx}B^FW+;lZcy=t`nDPPI2w$
zv(Zw3-T=45vDT;xBclw~A{dyz+IV<zxQ0=v<N_+`e19+=CON~b+q!sIj0OIh)^wS5
z;-Z|#eZ0$wyWl+tF)9O2+xFduhoeRASVU_}z(+|Z;$kD-XNn5`5d(kDi&4|R-)<LW
zgFW99;^*iHuT0-JPs)0h2Hus52Uv1=dUk>3?iT|wGwL3rf$tWzX!i+O$3GY6_|54K
zpWeo_n^RSEE)TavpL8!WR)iWwq@8yPPs_zeZj&U;h@P~hJVAiI!2MJ&ERc9@(ihYb
z`MyO`6kV)(NtKaCZ$xqLVp*7S)Z)=R_=zftQlD%|F;JzE)I@8D(`BBCi>FEw0+eO`
z<N)aFp_y=A59fDfz7<j7vr^pc0TZ7#RZchE309pqC%Bb^7rQAOG^g-7yCuNFxkMfR
zoSkxwR(q6}RQb{@l0VrfQ>AY>$k0V^4xjn*Huv%k*F^DvbvUkF1~7s~S6tl+kct(C
z<1IVX9EML$6dS+bi}^&Y&h3Y)!65fN;B(67&4?;RUu&BxlTTbM<%x@t0_rzOpmJ(!
zpfss56+PbH#5t(&FV&kq*tMJ$e+ZvQ`XU66BGW1(DcbRz7bQ)npCr9NYSjFmZK<+d
z8<jIEuc8K>?8je<a6-ZVStB+?rW&bLEizPmpdIdpxIUUjMt(s1*A1VptuyloaUy`r
zFbKIy@q!vVti#XQus{?Jjn+OpTxq|6R=gSTw|v!D66Q0rFggx_o8wibk0nH8AleAM
z<JJKKoW^08F*5`}Y+8N9Pf>C24=G0BVmMn^DckQ$p+gRe#js@K{@5?hf<fLj;noq0
zMzj@_xO=nV(XIC{0Ika@G#a{oG=!g1Q4le=pgdKP3#PDq#q6me**lib;(eI~HW0F1
zn&(%01v^A+NJ>$@@v<y!s;3i9m?C#vfiGLqV=k7kK3g#vWVo9osKaq_X?gv$N^*!f
zZ4Iu;kZbC2C5@|MqMYht5c&tv2bMC3cWNGE<EzJ|^xyfw?bbhHJRu1d!tmUA9gV3-
z&lbbV{m#6}>q2NsZ2lF;wUhySx;p^gwG~?QJZ@S+4?E6*t3U*}OjQzhOf7{a+FEVN
z94OW7)eF-x9Ph+PmYg3yuizwJ#i$HE;HM?L`pyQxR-7d^^od7rBf?wKzWf)dFas<*
z^o1Lh&e;-083czuToyNy^Co-KYR=;3sn~P8eWLAn7=D)jqvp|lJ4=i5XXE;LR8%^i
zw&-pSdRV48A%Z?F+j0-xe4h~O_mG%_Mx^BJpq_HCuwR%rBwGxfffn0-10uQF)Edlc
zpO@{C*Jc{+v186_C#sr9>kqZhbr%3Wip25L?K}6kc$RVFAZ~`6`gL~p8kY;gecJpT
zJXkWe$y9y(htR5V?6jlp@$B|wgTqVX>*$~2K>_U)Re+3w?D~Sg$ou_|lbO5WWmU$%
zREV{W6Os;;3@?f(#iY}`wlrL~ot4Pu$)P|O>np(K_aEh@yk)RXkm=4}E=zE*Rc%~e
z3K5xk9Bixl-hU^5P;}DfGaDO{gJDUu&D@hmrshC*hN^AgwXBOauTPGDE$ow7h=gV3
zaU`s&n$@vw2}<km8kFncXLe6}*n91MJ27=Zk0Q}rFmYCi_vl=LE6co!Ou;1?<{TQ+
z?p`_Udf)7Ej+=LYa!^q7UU@YbCZ+OQ{GjtV(MVh9NJmf?oa0UxoBAOpY}_f2Tj)^e
zf+<F?kPvRtNh|gvC3ei-Qr*gOnZ6c`K_Fi<VN{XwKWBA%kyiR2a@NHx#Ij7Kk)mnD
zzonNU<xTW8{FQjw!YasFs+y!^1Q*VtE@hHOF<8H34o5kmE)sI^_y~q`xIDB)+Duv&
zTqWQ9zpDP}Yvhc$g+>}bLRb!@V#kRRXsumA*Kk^-$(yAog)wIL$!J-^3XS7evqUas
zlZa8F?xV&dhS9gHurXPWXdGUqEySG>YWSSY3H`Kqx+#7Dl-AtWI3@Tl8v6#0aDa7B
zD=WB8U(3iw00P2RXDJFjqY`G9$l!(eI`U=;+bLAn5c)#Atki6q_Y}_J1j6uv%gPGZ
zi|b>G5ExknO~yH7SwtqWdvS~a9oB52n_y<!eqwpzzJulU#pQKPMF=fVQA?^jUs<${
zzoA)WP2_!$xdJiMX-eNSn^w8<poxdn{t{*kO@RU$eJlX;_tw)VUogGm?sSGz7@Md>
zvfs5185s@VvBE^CVf5}-@?9B`n!p`#mzc7OFGlcxq-VUy#B@uoPfWptI3p3iS?-uz
z?$Aty)cSXTVi2@BHj<s^t2lUP52KbD3b5nj66JVwhZQRn{b2Q*9zLd7?Hz9X;{Qb2
z<_U%jZD*gKMd<|R?=y;8y$4qMG0S6X{zs1h%Kw+PMplerCb<yKZ;LSr37}J4N!_*x
zIejrWmBScA<1sPQk21TTV)J%qAIhKr8*SqTU20%8!RrnYr|sQS1}ZLo>1-j|nv6J@
z;IoTka39pIg-gi|O^rk?pToobYolp4Gh8_)A`h`~6nC5jeqC@z$D|GBT$T`o#?f1$
zJ{;4Y#8$yRDU?THoX=jpWXRi)ZiL<poWZ-yAu>jU8X7hZM+J#$axb@}QCmfP7D*x<
z3^9KtOPDlrcjYwi7t!sjFO*qn%#zVN?8LyE)*PAT4|Y%Y73p7a4<hFaE&Crg8Pi7F
zfS|)o>7sWmC};#`Jq8y(p^V*EB;Ar3V`hl(X(eWhW7>)QQVfy<P-M-_BwRW)z1mz1
zA@n1+1yLJFcq?X6W@H4RaQ#vP)5yPCeUg1FkOf4ZkB=l`BaY*4U~vV27KSR~q#p;~
z6M5cRs5A&?)a15H@XRU%1OXFAwKzkqxp^)cWOr6@!f~TP^CuWItkvRud>WwKe|3UP
z2ue^Z#_NsklS)A7Kq!OjVO;6Y<K)ln4F=%+-D<&<|0%QM5rrs{N!zJLjY1RsE?~=p
zddJ*<9<;$(4(dSXUG0R6k;{ew*>pZm8}9BlyoRpZbmia6I>JrP2luwtlR}&~2tA=L
zKpjQ;eBzF#1{!Bu=^+lprcmYEmEmw_k4vBlJk-c^dQy-F{m7!@53SAxKfv&hP$osV
zWA{_evACmUZkI{8%C(V-{aLo~H0iHrKHcfs5vey^ytGN;vkuLWB7PBwqD+FL#<EFh
zrX_1$%S6oJV@0TL%g&RViZR&IxR12E6d{tr9Q(mY-pRO7a8IvR7eYw5P`vFPbi|8e
z5Z5MpfIFS;wj1E$IErF)T;(eld#`O*$n>s%%#M=*rcxAmU&&azMB=FH5=siMr1IFF
z?>ig$x!G{k&DH5Br)W*<8Y_A^dh=vbCC@3R&+P_1>K2~+fJ11!&-5rqa5pB<HKBhX
z3v{RGx_O>y(RCY$m{r2xeRy?XCV^CV+zPdlR1U>N!I7OIc~Y|M7n|F6@~#YLXL}+a
zQ|yeTMKI3<u$F3M`Cbsmr{2{{YAT18O5PVwJD76&{8$}(G0?lu!su}{N;rtLwvx7U
zG~ylqH^RX|@h(BsSC<u9PQ~#1s=8A6HR<APyG<{`az<W(ANoOg=5W$Y2~#PaoW824
z1V1IpKrDW^^6`Q%+zsPoZ8W<{Wu~ulkqx+nYzp8K8qhEH34lv59TR0fG+-g_PXR<s
zCc)Kh^R+q5p)5j=UNP}{K{tiZ?xCx*bm9etexZMOOP{A;@EGmP$b81L;Y$Sg%_XmN
zvKr{5TVqL9Ad2H#HGAxAl<gSk0f+TC?kHH)3r0j;zn_KaD?8RMLd@qQ=cK+n5Tx-*
z9_Q~|!KJqruY}dd%!m;2r04SyLJn#~jG%*YhSPrziK~_LJf?rPD@(w)DvKb=kMJNz
zlxCjlI-D6ZzyeLx_bC~X1h&7Z>S~0)5g42ASH~QZCn^{$52rYiv9()Q+LvbJMW7$%
zXA56#y~wDAcPL@Ec_1X%ujc{ITKUMYzp*y3bX1A7D*mS0@a>Be$Nv=^y8RnE&rX>_
zggrqa3?dc~q$)y%8Ku0)P65}yYWM)MFnZZ#e&Sr~?6leS@&2@ceKWL@p+JbHHE91B
zKU+AFu>8m=P%ZrszkE0uEEEswLKG3fY}D4Nz=rxBmJ<Z4_|m2}Ca(nz98maLN-Kxf
z=>!v94(zQaSBge)M>smjvGF{TFo*38lg59E7RZa6;q~MCk8qpL(QBfE(1Ncr!dCl*
zUtPc62`2L^(R`?(euJOf?rqt*JG>Z+^qlwJcd0rYb^ftmWH6d*(+;CgU&*jXk_9u^
zrjd-?sc_Lr@nPFp6<c+}!~G_3hO`MncPWcw)W&W&uvowv*;IxQP5Sa#2v>YATud`^
z;W1~2Kl`*pc2ni!{e8UO<*=pCgCB@$cm8c58!TK1w0tD=7IH?THcgjbKQR&Kcse$B
zULvRDCFp<tQn;Yzo=A<RO<J6RD3sliUxmN;`Om=)Z#~iPxdLQIwVUMvRK5bg%_^mR
zt^=UD)$jIZ=kP~Gd@Pp~Vcm4hQa5QC;qB9RJLdQFu$#Tv$-n?`fU>9R*8gwf7LNNn
zcNutW;w!voTldGIl4(Ufle1=TRhjyAVfT0BwWIVwX;G$L&@m?6&|Vv#V%*-)eIl?`
z5Rd!l#Y)XJ-S4xH6^F`S0zR)MrHLdM(@Qq~iY;d}_jY>WnVD;g>a3+4M)v4%!wm>L
zyMgwQk3MM~(2_sa|2F`GNUcT6zXhoe)u|(~BPY3aZ@l3Ag{S!iL_*GfJdyuY`uZ=X
zVQC)JL}LD4a}w*#FWeNQcUi;f;8_j}iqIQ8104xP$pS$7phEe#59mk3JFjBVRf=ba
zC#z5_3AuTCH#!N51Gh0u;8*=flbN1$PUc#o5o_s}f3h7nT>-tZ<Q+7EkKuM})2RGe
z$b<4bkV{zq<C0k%S%88WDotMA6~Wx3Q?7!F-H_adQ^W#d_BKy3Zu^5Lu74`?*$RWc
z3r@Zwf6i2Z2UEBA>wSI95_FBQFnlR4LCBcnPeCqZM8RpRb9`J3qdG2ZSi1ClfMhyU
zrg`TNZdt4UT@H^a?<4<@9ie!N0O*y1J7zxaX^*K}iLyX~OwNz>{*&|U{PMpEFZpxO
zOO}yHog6ESx25t!$J_1Qqawt&@PQjl+PhMmTzGXAdZ1y@w`>uJ(A3e7f_ENV#06c-
zR)4~cdlm8e?aP1L8ZWA#kia|SJ!<|WXhWG6VT@(V07yUun$R<zgT<P#h~z8mz9Hao
zS__(yVfVX@LMnS&JlMMrvY6eSD#KhklHyc?;Rw@=C?QDyc(IN-Ioh5r*w$`pQbbw}
z$bZGJ@0`9w`z+TX@jGh`2DX#-%fziU@m)0mSp$}TN9=OWNEMo1*>&9HT_0u-e6T|-
ze0?O~k4_|ZepC$v|Adnqv25(u9g34vy`;7R@%W9m@6pQQ+T+9h&Q|A9l8X+Er#j#8
zIf8MsVVsDY(=)A5G)6Fz<R<-{&gEIbplNrhiIRso$wQaCJL_<<2;-sQYWK*J46=`q
z4cqZLndoZkAWgsywtdO!gz;ECALTuDB4<LC*_AJPzDcD0t9%;y$;;HGFpcokAf-Mu
zpXB=o#XgDoY<lARP|DB(Wb0!^{wCyM{sTDcPnqS6nB57<zPV4{uI)?=e%1lnuY;@R
z&i?IcoKBWsID$9f;1@6J#q^ZUtZ(5uyl(E!{Fy1bRHng*2unK%<2^@DKWT`UaamUT
z6bI9jG>^B(oc}jssN}}D9mzd%)!vb1P`;b%N?w}JcBJ-t&HZM|scC@%x7O%4V5AP6
zX$K?(=I4w@|F1@y`EQqMvDW8@$4N&nCN{Zggjq*lF4kTy=?8k!;e<{@UpY<<gA?!Q
z%Sp$d!0X`(+cVXuE&l7{K+Q&1(pibiylMhq;K?R8MchT$%Bg6GL~&LP=Y5(b#&RNF
z_&}Q@J!Ol+6e%16J_A>kV}jvg1z|S;;WnU{ak|Uo>XNaolda`aqx$Kd;R0u_&ZOkX
zQ>u>4|B3D<qA}y2vA}7RQEJamXevte3TZ3nR2(fvJo7?qI>Xo#0s(v+>&8AoG*=!Z
z$!W*KF1s2JvliZF9nTw&JDnXubmIG>-wbts{j@;D&;_TZLzboD*f31>vXc`7;-l+P
zS!Cul-WdgEGlqWnUuv4U=5B@?otPK6xoIhTw(kRvpQ)!CFBv``ZM1JP<wPzqu1_;^
z-($S(N!HGSo=z!oaNqIoZ@}R_x=y=w5k(c@t=<{4^0UHGX^Z@k$7WPFsKT+nvW!5d
zjsCa`06~bMFy+|hlWFC%+*gLEjJ(eTrHUfiw6l!JiitWtGLpJGTW2NNasTf?;pw%o
zcsB6HJw_Nw-9{Ob?8rF;ufrtfl?1z)jqv+HARrJ+slkVfWdn7jk&xh|pw_#jgQ@&D
zFHlQ2dkZKt0iLj~={o$;l~QA-_A#mJG-hVB#YL#bJ$7}VOUl}cIyP|uK2DlFs>>^U
zHS6L|s)#fpfq#ZUzsW<*sql3X_03s&1WH)P<@Th?Xgvm?Mr!V1MADC3qV(7(@eW|H
zhW8TmP<}%a2wQh7LhHt_(`9I%e!OL=<n5w)?cU{QBv6;&_EnLd2U>KGwt9e+OkBQS
zrH3Yp;}OwBbcH7)y-#dXP%U3;VOwUvs~9=eJ`1J$C80n^G+1095O2Qg8kvcuoSjrL
zh+3<m8+r_vp`tX4k0KA)X{avYgu-zwjRYO)M-zgig=VHG=7A<7PGP@ndtX<=RiMpJ
zraYN&g`Kg5(*@ui+X#uOzgqJBl!-}m1jo1coQhJ05iN3sg8OG|xT<Uf@v=b#GfXBf
zrV|N;?|7X$73q9I*83h^@FXlAob<lK^hdX@OlvGtJOad*Tyj`WX}DWdvWiVp3*2!3
zIQ(fn1UaJwUzWp~;6<W4qzLI_fYyMl;B#^*3cp17`;%!vHeBI%iFwkk%HXw5j6yaH
zS?5XnXqU>8Yby&cIC9e06sjuNHcat3y*N7HLtctGL6~ggg)@ZuHdUyKGXP+VwK6-L
ziA@4d$|izxwC&>@%$1%(LJ54$d+JcbJ~@T{<I3UJU!`Cfku3q%+O(p_*`B&0$7$qJ
zY(kQ8OFw3(rm}9Bi0=J|_-ON+9}x~V(`VcVW_r`9nQN;GP-*a3DJCRY$r{YLChUXI
z*Im{pkz_8@uM^)dd(SJNyxtGQ<+is$ZcGB^*RX&Ym4Pq!zaMF<i`PkyQgi@Yg$eA1
z1mWGM-{z0c8Fa4jgW^;fO&1SeWm^+o(F3lj_`}-AD378}A>^#XN+jXyp+^h7F#GQ3
zEzxf`^hn;8h~?aiD4|C$KNiOiI<o$Gyo`Uq)vaHHX0YH-);DQ+HE;xIMn~bAuQ|Jd
zj<7-0ppQ!3k9&Zpc&a7*9qr1M=-_dco5k;~Wt1uMVU0Kq7_kVQioeMP$7kcjaSf~K
z{9d}Av$!>(ni?0`aBgP-jW*;L&e>K<rLAj%c0cOUuh?}O;<d+_7I<<4zYO;A9(km7
z<~r4Sfaa&-Xe+r^QSk)<sv*TK2vK}9xu@nS8RC84;u=-$NebicAJWy71{X*x;j-Ir
zRO%2RLbn8c%f!QfBy%V?!g#loSfkS%Hp`Ly&C|piD~uOGFcJBrd$cLqPwH%__-M?}
z;Sf038D~Buv;f)TY{%|w#6<>H-k?QWkhYIw_t>?XYZe=g;dhG>_UyoWZ<R6vG)jK*
z!)W4o%<BnRa$S{H^Hz_a=h+<WF2KrSz0Qy5-na<kh3k9xr&bI+<x5>RGH7|c<eO+K
z-K?-XYMw6AL4Ozhpq?vqQrSbpY&qEuzVO!d#Ug#o@(f}0q6!**;?EArCpN`0L_0Ku
zld3}V(CzC1hMtv{6AiZxl@1v>BdsySF2$8(mt8D0Lb?-38NG6XvvJZYemjNy5=P1^
zpbGg|&6IHG&EcBbbJRid<?Pnz{}}Ox%f+=@MQ`@=O#b%53t<f5A6e?7sSNp<psGM+
zX6*<~7Qj$81&{;hZ5=YBQGto7qmJMn82y)V9%M|Wiz)Napa9s!yaF`r^nGwpqVg;$
zI|sV&7-!)CT@Tc>5NZ-rn|s;{3&MKI#o5w&8eC*gGc&#4PACrgk%bQcd?mCFREmTs
z7)_2HLY0>n@xVayQs+?4_x+0MF9)O8xj^j|1DgZk@VMqdwIrWLhb+tCUb@q}q|M!k
zC;2Z0Q-WQ$OHY5*{{yr@OTV&OXii0>?tnyvXMZzBX$kv6w=RGRh<4wp89+HV(x##7
zAeE|GY^(k1yT)j#uiiw%q&pxQ*t%+22uxR{7C4kLkM$mX3qx%M<Oa$uLCOJqOo(6n
z0yGJz)cO%$c^LZ`l>AvYCop_pcKdqKDg&n*(8%kUZknl<DQ_ixO&*NVv%W7XP3{9_
zrckZgEu>HMeZO3bEiV_y3<)2VwoBj3pd;ZL+8k0wWeWC&6gtDM%){Q0GiMbq8sAS@
z9rA+3X%aGdHK|xFauM??5n1Zyu#0W%P3*?rOtvdz2LRX@w-A*@9~O<o61uk<c67q%
z{4>Y9b&NM+cSteP?oblgT@!b3e|b52mjA(5n}0ic8r!W=&;n^|cEB(Xsz_KDY6<Vx
z7z@Av$Kfn?<+t}~zeP)+p{kp$kk=RRCt3`nyz+jBp7T&sVBC|jhgj%|t&xFLOui5^
zq!~cIo#lSD)?U(q?Q4}qK70eOJcFt=owYHLYJbFg5d8aM37*?Vtn1DMU`-I@%BDJ3
zF&<?jp;TU7%b<7-j|b@~30>9J*GDM)1w7&d-`;B!uUwN_o_-Tgx|gJWI9-xae}_qj
z1<QTNz`RP=O<K~ONqg%J0B^FZ#F}pxtu*)Qn1!6UbVo62HQapb0|jXoYit^>)^POI
zH1g>nlg_uKcShsCDDP}K*ead}wjyV)V?RjzqGVwjN-G-YF)Mi1Fy8oeSO7)S2%}7F
zgRNpW*lMyBrG`Z%`^Y<*WMiu6twVIgHj-kbZFIHPu-B=qo<K)uzn0tjq1|HB`*pi!
z2#L~KrwW!75(IW~YlnLQwCkj$ajb_MMV5m!^0u^B_)41#6z(%HsZ#2ri4V-13hfw-
zCil9Hs6Yd4v#TE&b3p2`c266j+#`q)^PN=r+ov^ONjd!cO24Zmz}32AqbGjIXUFT;
zQ~${Y&I0eS$B1e87%?<7Me9y~69fF_XyOv0-SWCVIG`HSpqN4+QuZKqYPGK(hJuHK
z5tJ_~q=$#;1^~dV<PVG0hF3ddy=`xN2^2w;@w%9Tgp@eLc+Eqqkuw)j5j1t;vmi<Y
z;Close4eo?;9=C{c~u2&_;qX})nYeNZL;yAhIK$@Zd|J|r{h<|yLg}aQ;;xY(|~KF
z*d1*8cl)x_p=vksha5&9)5`OMyN^@=`q8`>*Iz%qJmhmAj2HR1(kVNh;8q-tk6q%S
z*(g`aqloqOH?F)Fl;{Q*?BFi8(3Xj>rNgm=`zkj?<I*;pTcR{dpygb}&KK*y>ow?n
zokFj!_uU@i;^IMiY4QfRk$)B2bqAiEfYxEd3KZ}OY^Yk@spsp^#RFGcwG=2Z0LYgN
zqhP982$(2&!&e~-x!$4K;{ibGMm|`5B`?Ga`4BptDE-W(;6T3d9mx9bd2iprjMoeG
zbGH+lZeaK`=3cFzGE~&}Nn_eckuxmSJR~AHb1agu&Z34Tb(FC<%o|olJY*s*icI8D
zQe<vSZEPbEV>c3UvZbPi9kEnnVpfULX&>m;G02FOBE_VEs<sRCGtRVBBN#<O8(h!z
zcK)a)SlwCA<1M8dfU&8=Y<jycTfVLByOHjJtYgvWG^yyb0aco)KiVa2Tb|mz@>K@f
zhG(;1;mCtU>#+@oImdNv{raQMs=o)!52B)M*us$D-@zi}RSj1le*hNHT3XS1kB=#R
zOIV>o0KD?vs~;b^au!#7tv;q<{K`xX3q6?gs-K2_&F~ERZ3u1+)x$8<)WdTSc8uBx
z4m&m-0vgYQfRZ!UO_OJFUa&&c&_!BEJ66}6<*CTSAS^@91GgQsA)v7v0y^1_Ie?Nb
zJ2obEmK~dh2BpPp!!^R%LJlHd*9P`IADkK82^YaOCYrX|?3VBsxK7C5jGHF#8mLqu
z2^t+6RXSq5m-Wn#TA-<^@rEM}n(>m*;#onl2fkf3`z3f(LOzvhovLnTSnju3wu_x@
z_pb3#PUQ;a$oB#qyq*3@^`OBtWxL%ehH@|+2af|$w{}V4fykHRum#fzo8ozdP2|iK
zkK(YY8&-z^S&YMsm4TnIrjl1OX(zZZ+zl&Y8;%>h;kc7+fuog?%N9^#e;#CBu7L%+
zqq)b(VMeS0DRzl9aBw*3Ks)s?-itr4UqX1a?t9H|O;l9}dPw4_w`YEpM=7jfZWRjB
zC_)wPHn+0xi*BI>7Hg@}h=J@)nsh35(jWMf9N1h{tSgYZkziy+>g#tgjJD{yy}r$f
z^#i&qI9-4In@>s)MD^u>s1W)C;DzXpq1>yj020cH_4mcLUE`7zNwk3vfQbfB)S?2I
zArws_J|AymD<mIMO8_g`uXEFO;LuT)=JIw`q{tbTW*#`2oSCPAA8?VeB#J8*C%lvn
zM^noyR9q#A;9*dWSQ;A~9se9~G&$^urJ=+wv^3L@(zMta7bcnq%#ieJtI;->nVJI|
zqpvf@gE9U}v-m++9};Zq2xnL}hB6=USyaF0_ngjQbs!tx9hwdm0_l5Eo(dq@fhgE}
z@(r4IG~AO+lac=Ip&e7<7U3S>TzmRK3G+d{ONaTG4qJ}r!IsIHtGr5@APAvRtIy&l
z%UBVnG0TG@DdVb61MaS^NNm`0@^fIz<gj-xE|nYCdQ`81JA<)5Z8%7Ax8b10s4N#L
zAusSIle@mRk{+MlzgLM5tnReaTj(MHAm2(9U3ujmh*L4?G`usF2GW)UfH5t0^w~-0
z99{aWK0&V1Cw1G`L>#|Am3Gl2Jo2|o{{18;>)Q*ylaph@1%*Sn)-JceD7hjjsrY8l
z=2Hu`b4`milP0qg$K@&8MfHHV0&9x@+DrXZ*P(NkIrM>%udWjZuUakvOTzFgZC64s
zU;h<IZI^&06F+ta9Ew;mZc2QGn&gl-)Pv6e=IV?zq=_<DXmFLI1<n}~?n*<6i#<&V
zW1tPnYU`JRDLn<=lHQ%F!dZKA|Ecc0E4~BnmU~#%P}QP=4TN<icZmy$MGB4E*JK_{
zoSZpL>J0fI1D~fX_KTR6X%?}fX`<XOsv;cWJ56kuc=B^#;^eTS_LXLnJF+!|ft`jM
zr(Xlqu#JPpN%^k>a*DFG$8Z9G7xl>+^c(cXwydYBxjN^aymc(@FRPi`0ml2u6n`O#
zx_gpp4wM(RRYS12MjdEaH<%%{u&=s;gvnubK^zjgLPQs9!LSDP8D;_6eN-GAttZRr
zQh)(dc-Frf17kvC*;lvNOH_qyx2>{@-u(j1D2$92<zB84E9oqW-qt@UgY)(F&ZOS-
zrv`NWM(&6X%p;c49h>l>f8G(UV9~9A*(qRzie?R_`E*oY1MrW-`BzYngP^vRkk9k<
zTJ4_`r-|Nw3P(3=yMBUe+bVb7i`!qXyO%0ejLtglP5FDMHs*l2z>hsXwD=9lyRzK0
zt%6iYKh;KcfRAv1*T4;~#y<KsOyM%Z@66cxgy`LQ%CcV!+$SZ@FzfSx`{c}(A5|iV
zQYNB0VX+7@RyJY6L|w>Bw}^AUcB3m28@QkR9N<1V?5J6%1XYVIj;f2`t5E|#4ZBZ@
zonIK_cz9HF$D?>Jq$PO?rth2B>~w<b)CPO&oJLjXmsa_YJ*Prk9nY!IQ%3;aK0MYe
zpc|nnRf281)$IWRyt(YbTT;j2Phjc>9K(^1TZ`iw=ej>o<Q2WG7Ir=4=~6?ro?rM5
zS(bjeLhIh{clz#O6Wwc?GYf)6nFs2H(${KI<P7^T4}ee3T%|$Gt5{kEQ8v=;gE~Q<
z2P}?+U!`Rte7|<v2OEH&{2Ty2Iqax?pad_s57RLA^b0`;khBSu7=TGn6}ZcD^ycH=
zUY=kl@LtHNUYdM6-iQ`!D3Sv|Vb{NgN};KH@8#g&1ci`VZ(+3w8$*Kg8`F?Yt8u;8
zSwKb4Z*iM9>T&u)M$lCKF`KO4=Hk4<BtMo6-spGJ`!#<X-VIzP$BpUp2%+4vnu_q*
zyER2s-V3ZFKvGc1K$?yH@|E|&EbZW)`)D8<s#zTpzu9?Rt71X<i9^&w`pgEMZ#IBQ
zw4i57SS#wQab8oWL*0{kP<L|XP}F4{KnH^+iCLUg72|mku%ybvDr~|)gzh#5i4Ap6
zeh$=~9Cp-RQG!&<P{LSE1HIE?q@AK4RO%6QqXT^Ne&v1r@TKo-s!!OZJhp+~#555m
zObYo%9z>6xKC_`}Cw2-!1u?De5WuaeNR+Y}0cnh2;c~SLbzABkoIU0X-a|2=f#IuB
zR4bi_(@)-CWCxBUST$c>_1*m*#rBKzt(I2?SFita^Wi<E+0+|y_#x9#;K@7`I5~5c
zC2^Vh2}?5I3ofgY<zW!9B&?#M&P5)M>9vglPks&xoE-MOV&^=iS2v@pxvuaUe=99M
z+<_^bo`wJ?#WZy(t=g1ef1vff7T_ih&u{gL)lDZ28}Es18=>yw9WakymvnISLSCL+
ziGT-PVw^yes6JT^hbsO>$kL&#sepldiTqbzN2WZJw%V)Kn-J%RZWj(BR`QvgNAGm_
zb21P9OwL>tWnQN8mJrH|0TgP~tc-o1)uP~W#FMzFM<T>F{5knK@Mm(^5fvSwg*{J2
zr@@~|u|Y*gP(tJgH;TQ75ABe9rB!s>80FkOwmLJ%s|rZLHK9I)RZm0?v7ntBN>@UU
zX{OeJBFwC!^Ezl|3tPIgc)aav0VrMB!df4MVG4g-1ANLHlYsrfVto9)iu2X=Yw1M;
z<YuM$$9L^(O*5;9dF4HSM{0blCCBYyiphFCM=#@*`JRs7v!4H9vFQU1`@=VZMX^Jr
zi2^2)CS?j4Eh%({NtuU4CT9+dJoH29$Om-*-h7rbE()JDP0U5f6F=r7(McPLoctUl
zGCAysNg1KWJ<p^}Ln4!6qo+QN_?7OgDYM?II{OXpy2o}~_hsGB4quz5oG=vhN(Y+6
z8cQGGhKyt;eP;lO|1Iv<a_;9e=~n|6Q7!6$iU_eb`?aPDQB4m7m%G4jAYjJ5LV0Xf
zrM#NeYQOFu5DduyU!txXvmV;aXz#!Qu}moU6slfQ=nUna2Q4ONuA7Mag%He-O6e~I
zMb7dx%9vF3fLBe@gt@z1DzTx($<Kinlf#ZEH_2FQ@@f4>BouoZsF)P9+qj{_@cGy4
z8~O9iDfYBCuGfiM|70D|v6iW}RqcLPN~fV7PGFT^BlMkoZl&6Cz&}Pb+Z6KHU%V=#
zGUf;G;)?WL<r;had?8-lzd8=%z3kHgrf29t#G}YBT0pG)zD58JW=mA%)Nm=Vjfbv3
zfKV#f9B4eEo0GOnp=>2nuZWo_tLd#`lF;^}Ep%oUQqEX<-#uuf<bF#WfRdfJk`K7p
zEG-*_Tmm~CbX@k)MylqC{Kn`s=ydRLG7o%A&YTu`5d=ld5<ioUhKPKYH_%~SG*wh3
zxnKD1R+5PgK2ClP_?R4a#1@fE$NGGxOwcs6F)23cThN%^DZT|J{RtyO&Gd)eD_A<+
zfRMP?RY8X{pz|OAUj`6_?$pw{SKcS*Dpx{Um0FbqaPLv@Zwjrv(tI}7XYm@+o1DIa
z2?_?JT>(OlEztk(<PZ>-0F;Bg-#qds6~EAAkYEfLq)iXkp>7(ct&(NiUU_fizqh81
zJ#uFVn6HDEQ@6krr(C4rnxZoy)|>15H670S0=^_Q2K#%vP*w_CqjiU4zN8G#6vAav
z=nUI454lXvoabSl)iGyzS>`NGW1sO_-gNw^NrEVeYu|TYa#9<)oc<i-GCAxAQQuQ#
z52R4<Gu$rZRhOuCAf?^*hZY-!T9Becbn(W9(yC`4vV48`zsASv`XHf2cBNmuPV{w}
z3{{=5r>zyaDoAlW@UEwl(HRr$&0tce{gReytpg11;IC@ISmm@8NX4_($So|mLW3k7
z8a)WY1G{Ha*p#c7z(megT+Jizh6>A9-dpugMc{t42;^pj`ly8hd~0YPkT$NrL-|%`
zp``Hz@AP{Reg8O|RP(4k3Vg#5=arw8moJ14zjAz^3;5!Oj>HNNENa7#x!Co@v7Ig#
z?Fk?IT7C1hcB23dXg=O0W+{61p(=#lG)O-AD?DWN05({Qe%iM1MIjfd^;qxtw#Fh6
z1L{_X!eV#n{=8C7^P@Zgkfmt58-n-x0SQ}8?qQd$CWXdrbvh3PP0s9#Jc***mwsXi
z9Xu-Ou!l{}k}8Xepvn_bxvNZ48wH*I927J;tkYIgLg(4)Y4~Sa%(B%w`T40`E~-=G
zym5^4zB$~UCV~w*j@nDw?yCVv+ZT(1ZpxdSB4pIX<Alv7f!Y7pX3w_S((siAIH_F4
z_p8-jVb;yB4Up!aY^lEv+<ZF@5M*5qqOij1T_Bk7%Az_|EWc3XE1wDZ3!pRxxAOoe
z(iER0mm9gGoECIC;5eNJI3{Q2jexcS5i62fT2NjU41#?uis~RQqfj)3yUaJW0mtdj
z0UVRVIxQ$A^d9d*BpQd58?l|F*tnldidGMz-YY^L<5Z|^qAzXI03tSi+gJZe1B#z`
zG8GE+v%VdDv35zUxd<N)Yb>Gs>m$%0^?xu06a5GR{trTOW(-SV*L^t!>fV8ggu)Ta
zK%RVjxMxEaK#m}dn(`L6s-ghQ1CW@*Exe}`d2UGF?-T<PR<mvPCWN3(A|6RKbsnf-
zLeJ#8MYLjX^YK(Ue4zJ@X5ht{YBNjSLQM!3wc+2@!}RAL{OaK8p^1ckJ*J<8rfCt{
zZug}gat3L3;W)vUu8RwmEU}@qS(Yc(VvPkyoivrz!VJCWY56DvIfe3^6gtB|&O=<2
zGdFo1Hx1A&abB^ws!~>FVacjIsLDJIlQ?vTB2yc2o&FreH94%)Kwd0#>kt~Tju(@c
zlM+&U5S7{9Z}~>r7}&E?&z_qmRkB>ke`Cu3pl(^)H{+J*K5dGINK<zc7L$ai4<_1-
z+S@**b*wjm2gSt3>KU^#a19(hCc>J4TdCU(>5>iKs^qC5w?tS1Kpr5|gC8j&oCqr2
ze|BhPXKVx5om1vPKaZi_Rh1)FdHDKC^JfBU=k{6Q7leGTGzH9ITb5I`W><Z>_~5Ts
z$2DmEUns*f1v*U%ond(9L8r-?!z7KGxX76R_bd(tXNAa0mLx%z=K=Rq9=Z*W4V_MZ
z4s@Cv)@gVsq0d4w#S^Ay8cdoNBTWw_F>ty)qjDQaScN83ffh>k)r>bgNC8@Y4_;gd
zGec6SW8(nrHQ`n9X`}oMGwhY7_vYK@h4^4q^vW#1#H3S~ZD-U}cWi`Fr1e~i{yx-u
zL5$(XelIsRW4a92>Mu8R2k7}_um=FPt6Tin-cT<IpnfdLY$o|0oXR{MFP+ZAOOrF_
ze%w?^0&SF`4kC|3Rs>bRvLKR|tfnXme?*yWymb0=@Y3Y4AKLqSlI@>fjP4sjX!A6H
zG%a>vh>8YU4?w09s0#B?7-G?-n1;tx@ns-`DWTP)-`k0akdUmixXiv|U<qjv<$F>$
zm6dLRreKLsLuuTKlkv7!!|>{G2jj2@dL{rbSQn%o;E2^`5ZeaQko$+7B7=kSP_QTJ
zVlc39_t%6<_rF!wlEE2~=A;5<ZEzd9Jpd_ocDP$!*_MWhO4=_WZz1ykho!EB*qQz)
zfGHokrr4b*ht4HBx-+oR!GId?{z8+DT$yVg-hpZrZO0H5f<KVj61aTjRZFNgQEMn-
z*G04T#jrD%-xYt-JyGE60QboI4u(<%1I<@uDpQV`R1OPXhVYenC`{P)_ExoMfN`sV
z!b{iGYS^wyEDuF1l+B$2fG35{u(|U9@Z`*~pNAp}Y8EApw7EPkSf2P9tD_(btEz~6
zp1N(W4S-L74gj7U)@^gi#kg(mG{ie8rXeJ!isyR>{FT=?FCZ*2J^Fc;7*q(I38*QD
zYsW_EEs`4b{z@m7%E&-yqg$Za0G%N$HL)n~$7=bn-G*1<-~Yw5Nck71`Nq}hus7K2
zoj`w4{D95^fJ8sE%+hwqZ{E9xwsX?+lE$yye!~gDRN|}j<hz6pd!Bkdhc*2>==-#@
zA5v+3-?iL&GY6d=R1)&UlN>=LpDbQqmE6$l$ANdM4<{gM7dtz=E-gS?_n0^Y+Z~|r
zcJ1-4&{X#KC))5#eG9<B`l-h@iviQf*q!0y>c0$W9tTE3!z=|kBz4#@_R1q{BCVzb
zs*aR6!ywLs?~^kZWg3@N;<GaKfjl5eSlMKpg?Sa{ep)wWJYo=S_<s6x;QQpTZi7fJ
z#%&O%;q_^;0}FW658-Tscn-$?l*uu^8W<4lLbuc=PxTh*5nu|=Wg95M2vQ6A+C$_`
z{Y>vCF4f$~8M?!qfp$jK=MTAs4}3|x4FFSZ0F<k%!qkT|7)Q?LDnS&+qiWRBgPY}A
zR&9;ShEe__#yZtAs#ewh2U8e~F9(W~V`FWZSKb{~3>+N+_+`8}GV-L2zZxt&1+yc+
z6sLDKz1$$3S8hPg+*EZGXMWD|4C3mdsTk)?%94!7S(Bw{9FHU(?Q(<k=ad_e!@7+T
z37UU@_wn_Y->*-B{BK=yZfoRZE_YTUlA@RUUf82o!ydHPrOCo=9+1v+y@R)o6}{0J
zMhH6NtX4e_tj)|ee9P}G+W;0&sn*A#O7R7(Me&gJLcedT2Z25ah+S(`f*#?siTb^O
z2YC6)vtJY3OW{pu8gh)JJ-?l)1p`;HF55hADRp#>hTiM)A_&pGd(DS{VRplTsro@E
z7UFteK`L+wVaZmp&2_qqIy5m>AM3#7kyEw%`-kHm49aHK>eYe~gd6RZyyFUVO#7UI
zgN2R!{+#A%dIdr{uL6ObxhYZ+gqdJPl7&z`%~=_R32U0X;G$^KGIn=RPwfhX^ygF{
zki)vo6In<wVxFcIAkbpt=83LdINuY}e2b@T)0j1)7Vv+dHM$z8hkA$=x;Hzx5$pcz
zx@}!;den9Q*M^<2VN)s@NTD-q*t|*xa^^Tl{HSblmPLr|3Vg<!qG3ssHI*onI7!`o
zhBLd8A^SO%4CJs*8%9cv*f3hoX~Rgd!^WJatr#tQq<Kg#c92<ATOYKj0uU4IUS5hV
zMo;>{$bFwnB<^ve5AFSKLLlA^n8+=dl$)2{PVkk%MpT-20Wts;V%d+9pfBWqpUSrV
zhRakf;rfqsFHa>&R}1}vmAo7tc4$APFaSz#hxSyaO(z8eARpVM#-z}=8fWuB?&Qot
zA*!q@GFByN1e~xn%frTJNnEF*3PO=3ZdW9;LGIbl0lAaI{w8*Cy`?porutT#MBhoI
zCMi0i%#_%t?c%%KjUN{4Z!UGF#C3PwPy15tVDCHB8>#`NKT_$WSN}vqwIRk$mnMFT
z1lgM{b`t>{qoLG?cerdhfl4CR)c2M&>U+e1;`Q_@How_XcesHOTr;;|LJNaD>RH9Q
z-n0vF5gt@eTx=S(G)M?uJ*dW(hMZE1t<~0$TTA_{Uen8?rj)8_z`?ug5tq$kD;^=4
zx7{ywy6%f6SG?0}8b*^&g`G#+=r8ABWCX+Gj96EGNQ(s_Gz<gjh4&dXJ(8IcbjAMS
zUq0Ijgxml_!*rs~V(!;V?2uq(Pc<XB=HrFD=W7M5P(U}{wTiWU$ipf=N)z&4?5vIs
z$IIvtE^3YKA>B_;kpbhGjt&QiIpy_X8y*tSLGDzV{*E>+<0g3?YMz`qtkOD4QqF=b
z2O^xLWIPTlCe3l4)m2^<BlLHfjhfGX4r-npcGM(Of@hfIY2bNM?ARoqf$Sj1`kN4&
zUa3yp8gF`S_daR7fTCXLuRs?20`B#{%S#ot``$WM^8Vwe-#>r7{_X3(T9ayeZl#O8
zMMZ;T)b`W1{n1C92jisS4Z4%CvMt90bqB^wH{|`X(1aI61RH#_NB(4D;XNv3-PUlc
zyIC$2<t=pQgcpSlETrXtB*~hPvIS)I0hLsvxAeFvn1>H1XHJr=j4F|^lEWn{EK-)&
zNyvCu$8lCxK^Ek0Q()u6v!8<xCx;z11(e_!reGRUoECeQQX}-AW*^7v)-}+{n%!;_
zL4DRaBSnE}GThRe`Jx*k>DYz*jc(;u6U{n|TSAxx8bS`G&bkMQ@l!h8ZcaNokSE6n
zfFEp?9s*D{<oeksjvH=cKu2@$7`##6-@Erq`*p$n?3+Oz^f+<^Lk%=vc3xk%e9~`I
z(f-(NK+wS9geOUEuDowxwQ&XJ{mW5)fAfa2Db&k#_!rZ$-`PCuH#u_?=klDY8WzVs
zv;oO$R@Al6g0xB^KNPi}yWygljs4Dk4)&WIcGRd)g1;MXsvAYLL>QK7IB-(zFoq*N
zj8E@B5~hV30&D-lBZqz!NDklAY<<4_@)d@}O1bU;`qQ7ygq;}u+6IdQ9y^y_`J=of
zES5Va)zMU;C|*6qp}pqFVrZ}cU}z8w&@TyB+pkMEZCVL#{C-=qj|3mA#Nvv1qj~!}
z!<YR5?w;QD2Ks*7wD)V(5Xl%}EBW33`|Wm7Uk%(4swB6=@5qjwD}aNp@LOV39-jnw
zKY@DZE!5D+Rf_&ns0~hEL2kY{)t#^weRI5%2EO-%6uxzN&@^BrfHQQ_t<;y@$nOI=
zdo-?|v~-J8=!Ejw&N^sJpq#y4Z{C<=;xpWbDHAybQ%@`VxRIQPsV8Ty$|%fYo-q-n
zHH*^*JTK{p#qw_ES9x8FT)2&-jj7Lm4yK+QcGO5xf@d1ZY4CblY_y7*6qP%^w}vL<
zqaA{St{^A({}8V^9z%5@Qc8iYh6Xws`*%WZ4S%239>VO7zWAf4lX7v)lSy3%=7r<H
znuC&AH_<b#P~;62>ugL9Vl96J6Gf9ZIy8{ks3JYF+UzXk<}vCNEX>d<84MJ{W*41W
z2DrRpy`ZByQy}BCYK)tdd602(W}c*JT}L&Gf>^Ma7cncMEN6iqR&iM8VHu5F=4{A#
z_H!WP<glYAg%UiBP7(%X8g_haPAjt0<0Jo+4|3I?WrVdMiQ^k**j*FN^mH-@Y44%i
z$8k*5_#l5SwmZmc=~r!jZPt2asipqN@CCm`YVp3=5asoaeMx<^c+u&oer<K~-Ivl3
zd3YN;y<~_*gU>S*+Z@2az16<MzC|j0T&t+L4gl#QKzK>U+==z~#kO6ms_Nn1`P-Mb
zudlznz4HFJ{e0CM%qtsMfWcyoBcsg96y9`NJ;u$-Jm57sa~P*pokt;S5@?3b8=n<b
z7PE>MB^RR1^VH2DklDcN?B@Wl$zey$3MF`!S(%2w9-GrLD_~6s8$vS0KTnE0%jpc3
zq;JQoqC%M2u@hPc28d94Y9$!a<#nxSo}Mjg2=82(q?$A`CQ8!BW-MPrHJ-&=#X%Fv
zzTlU!{t^Ki`dwQOlk#HB+wiqc1)7KqW4A)O8AoY7O`6Q$P2rWtRN&aNer-)K?X>uF
zL#=~S?l~!gLcM24bZ9zsI-3WbCTEVgpZmEGOz@1eIO8QN>q@X9^m)p`N67=XIkBPB
z+0TJalf#ah6H4$bb21G=JvQfg=7i*?zsQ`ZZrkzzMg2ou&mPG?<ar8Ot*#qD%Ck}}
zt+CGG{U<OJTjcJ+h9!id8TnR@y_FYo9SW0pJ+w)9_MvO|kjCGwAvUdj2UXPp4vFPC
zJWn?x@J~lKs7_RJ5B6FAJ`X=UyLx6y>!)Cn={Gg5_wz8x<jm4b@Dso!i@b_i9Eb9D
z;){j_jbB&X55u?_i3;18<m~5QlF4C5^`7KKKS%GUVUtNQbp=6%zxx5m;qJ3MS5HL@
z-nibRQstAX)mgfA6i~4BVaS{em;K`=@RmZLwh^jNuJZYSFL0Xoy;3hasK>W28b^MC
z%3Uia#y*&=*8a*i9V%|IYujZvG<-1?x=?C`s1^j19M52XYAfzlk_@7+CYH3*iD$?s
zoiXJAY(5wbh%)umOi#^rEj#*^oqdP8Tx*Yb)nZ%i7dw0o?TN{66FkH2!A^<~-ETGS
z2c~vzmaF3<q5tB|4gz|o=eq}iSBM}8;waLLpKV_xr{9Z?#M#NZp;3kDYC%}oDTry>
zQjA;Jd5CFp<{%HkNHj6y(vxCwA|jS&jbK?5CvlS|b&<JoJ-LmT&VLSKnjCh_!jggq
z*Ok)-mXviHSW?U~u%n0`au9H=$eY&SQT6GWV{G6lUBS3*e^ogdLLq#sk+1t`kmrk0
zH7e33f%TIHcdr^}t5p0WSIZqN$qAgzv-VX(To}0#Ab1YY9UbWUEc6HlKZMynMDu8j
zfwrugyTpbBuG(6`I~Scsg$`kR#IQoUJ;f4tASeHgY%h!Nlr14&BYj7sHDc6~<nut=
z<jhGD<XId?EX|XU#Z6hWqNq|<iO7$VBCB}juD!@@(02ZFK-=W7qn3n(P@iE*rlGcJ
zvC+&FDSD>;up<x(k7pV`eUrDHwY-1mrZIJGHLY`EfXF3%J*~dIho}?zU=rYVg$sFl
ze*06ZrwhXDHh6la6*R$xl6X}4UST1#ywIrgPBC~7Lkr7)l8z2Kf);XId+FLiqLh0I
zZ8p74$JKit0GOPaXOW1)8j3=JTc}8VRwkliVH1ZOAc0Nf4#DI$0670S0AO<1QS~O_
zxM!&MGz2g$Hm=?z%=R4hR`jAOF}zg4NtgcN4ebhDb(1gEWEHK#2tt%q{|4d`@NvQf
zP|N<yI!%YL=ZP8R_(wNKV80N`*;ifewSsT9P)vpW@E+h8?uP6S)?p!k_5lm6X3vIl
z5F7^ERvkUu(d1aAdC1V}T|@Q=mW~{CkER+0fx;_*=?qC{d{X>Ff6deWhsE5hOTl0a
zMVD>-q5&s>jeh&b0P4B#iyE&>luf!AhD<BgxIvl+LndbyzO*>N-XA4Z&f>C>{zjfA
zOw>U3(^P4ex--|g4MWa<4h)$bcGMtIg69~dX*gt3?4p|sHHhZHI&O{mJQ8zMVMUk{
z^6UE9p&f8n#@1}|KZY)INdH{**=9o-CY`IkWvA(e^b9J8AUdFY1OuX}9U+ONTqC>n
z-{C^E-Bxc~mw4C@XXwI?#Z2f)+B;}GyyRpYg#02LcbDnt<9r_an4G!H<0wg!lm&4l
zSRC+N-d)0wr9mCV(x7BX;HKuuZS-;ebI`}+u%otwWOqKpmP~^llVZIsA<PF&lzkYq
zSTq;d5F2$z*c0+AbJ&yr4O*`uX%*I@o`egk<QX4{xt|WOV}LY@;;;{p?zVEF7>qf}
zv5~1J^36F6z;tA7J`Y(-&g>^yU5C&BJPT76bDqlEP2sbk$%8r+kspU6w;LN-oBteS
zEjjF`p#uS_%Qp`B4{i0WY=00IU>dHL79(|^lF()5m<dqsL!U>`D<{gg%~qG1IFMjM
zJPvL}RGfkYcD9|(oOxwx6qSE2FH?Kyb@R}+iho%}0F@ayF}WsME}8B>1N@)0a*>{A
zB?hGIKvdsC3q)kRhvdsj*(Sq$ubN|=KpdZZal`UVV8ir4(wXN5$XK5dG;fEm1;Z)d
zg+lHB9YeJClI?4a>OKU|U}`)E-h8$AVL4E9-B}pkgF&xOec^p~wPz2iSYyBI3WvkT
z(y^r(4@B5TTH&aB)^vn$J`W*G&KzZBDoVd$NfOm8&hv)lJm;(`i?S)QNd96Zu4^NN
z^PhtdCWk%OG?MZ|WglT4r=f&tG15Gq!y2tB47nn!THLR7%SH%MtoAEU$88$3f7b&3
zPb!}}{gG5&sAk)Xt@rn~^cqvqL|98|QE*M#Y=Jmuv&5UpQgFCRn6E>%3+wDvtDG=|
zI8?Bt)iGB5JbrSG7QvKB9ISQ6yKmC2ygO>hGtl}Y=?DS>)ogGX)J9sxWe!2XDo6xo
zVvSDUK+R*?kQ@x%vu)Jdc4LKj4yrQxl(P2~IvgA{2x=eK_|2_r&su(8tRRi}Vui6O
z75w4f+Xb{y`;JUVKj2%0!m^<bm9j`v@WrIi8AfRyzL=ajX+#p{LBkrqDO7h6p5`IT
zOWp)|S?5vUCU(wkd~yDB@Wte?=Nctae$*&U!x)odn)aTyP3I6e*YcG~gRoOzIg^~h
z<ZEf!s{y4_NtZ>j>~*Th63rN2KBG}r#_YK}K-er21g-eqLC0T|t(@<V&gkTqPrr39
zEw-AjlAd6n`BJuxuduPNZC#DAGKL0YD%zq-C+Hfp%+e&S_p1^*iZ$L2=%FFurY3-S
zt!Y(u4(y2FHGEuK0N_oMAJuP3-Z;_fB3q&S(0;uYD&l3mIG`xpO4Gr?j9$V0b7-Oj
zoQ4($^rI*bzccB4?hu$LO)WHHfo~V9<aJ{aIxCMT>L>F=;O#;*U5Cq62ppb6b3k>r
z-9@JnAN+6-jDDLax;zOWKl%JEQudJMUZ*^?>FDTu9y*$wIV+PgNuUligJO#!^jRs2
zjEPcSW~(qsdE)K~p4;f?d;}f+wB{T6#pp{}Zwv_&NDbEW?{!vHGhqg)F;o{0!U9r4
zpT%;aS`ku4@Z#y-&_buXXWXe<>|4?5P9j7P268FR(|S6LH=hUNC1-AG9@JcftgZ^V
zOY1n7r*)OFA^;R`lU7MO0y48<y!i->_p%L24R*-}rN+1w-+$jwM>HigzCn*Az1P-8
zq=tQOx*^zn1!{p{u4}Pbwol$ib9Pu&Zl@mLont2F=A4dz%;zB>$(i#)BuQQtEXryC
zHe@j?gCJmGUDg@6lcC6*o3pSHki`fB@}kX24tBxjB*(ZV2xCcs(T({`(%zWVu%|8L
zuQ#`!?Vz51ZJWhLfP6<7OmgjXFq#w@-;u>UBpo?(S;V4Ag*?i$I+W&;%gaq3mMp01
zv<{mjF2lmTBW)yIF@mJKY)4XqU9uyoF~}WB^N)`0$YaTa9Z3xf$dCU3m-@4)_ciuy
z>i6AZt-<r1i8W%orSE*Pgj}k;9)cucGRYYo+jBY+teA%cBWKRiLPR_*SRnG8#Zk@~
zFQSyCX(ocG^8F+oF_<<ItQbLpUA8@`!7kaJ)EKVQoD>@0qQ{a4Ta*~~w9&j#jJIEq
z=}e=O<n8MA!w2sRMB7$<8_kX*CzAJev6FAM@9abD+KbUbq{JDUb{<-YoH;H7QN%H4
zaZ<ph%>*kmUb7T<P0J`v#_mXkjTS0K&_b7OT57OMHZ2Leacx>kXnfNiOCD@mYFI4o
zHbge)g?`!a?Ke;E3V}502V8sY(7;Q57&dF~5s=UI&anV`!%l~!6!Rb{<jfhbN)b!j
zS_<f&T-6!lO(<BNWoaHId6gt1PJj(bDMlbEmu*;*&F+E?>w*o~=P9vuX`IN|);*Ry
z*t*oP;1b*l)zi23Hc(ne?7b;eW2Dd-+ixBqf}A<ak}4IVU`d$+AflF6_BgJXh)O88
zFY_!Z-P_LwL=+={h|9JgNmq5j_M^rieNY;lFt*{2B@Z?nH7ss8lN<u*jshnmIPclL
zh}eo#D5^-IGq&Qq1T;A_52_~g<AN1_5Xr5W)U2pP%(A#HtFq41JamKe3OfN^j3l5h
z+ltg+muy99j594EB|g3}k0lQ_CN(T<Ohpfj9Q~iL${1np4usu1$AHe=I6d=N%*#BI
zGpD?)c*tW0K~1=v%Okn2q@Aqeyh^JKVw&#VXlEXak<8;|yOA2~lHEv+;dCS^q47O9
z(pUC$w4IcK&G~-aY<aia?yH?@+U0TY25L8f5papUcUpj2ZN)}#Rq>^QpN?23IiYj&
zPR|q-^D;%`%qG~*Am}NtLV3w}l+_sZ6hRO`%+tMj?MzYe&&(8&gI%(DsWHwprIT|;
z&m<2_DVfEwFFRYoMEB5_I<KGl_xEA3K3RbM&NZ}aUrtXD6*Ce<AI8NWcDqgYudiP(
z1>de;tqczERn@LubJ$a_F&!+Js^V_9Pp>sy16%aDdxoE6J=Mc&C{u$SNazanHcafF
zK{%GhO)3q2EOjNUd06CO3DH=$uGmSd!kx4NSI>LH@tMw5n14d%iX7ut>2Z3WbPXM4
z^(SYro=G043)$k+kQ%)CdJU}$7SN2Ndh$N$E^L-xY`;!IbEagkNTD+{XI}P-oSBzJ
zP()$HibgsiaUDpDp63CJvL+E}<yU3lq=Zg<D|-b${Bw6HJ>vPh)Um3gu=~k<N{f%}
z)8~@bKBb2RC*&WHK7ihyYdU{`uo(k_){n9nNg>d)k|_jQWOUb}==5Dn&nyx@O5&_y
z&@l$OJ%p?XqMY$8^!+BNc$GT+ki-w{UF*(pP1&{c(_HizI_ds?Xe>bN+o@?UTG9bw
zA%#xo8dN~cpa(RH1u<WrKlYw>*9UGN_T}pX$bsEff!OI2h!bd`GxqwdbQwK!A)260
zMb4rSeC|+0a<2y!%Y(cOxL;OD;4Cdl{LtR(?sVCdy*|R3;C*d3?XtaBh4Uj_kZ#7u
zBR2cg1R5>*=jom%q`>KoJ~-)6B_c142!m93#V=ynuy+a!X{odKc`tp@mGJ)j*ePOa
z)ow_$t`XavdJN}wpPXnz(K*|lEX$809^|}WRUJx)q^KHJW@W&#y3E5QNz%|w*(gs2
zd%L?6ZBw@UNJaj|+kIp_V!KaGz0r~+O)D)z?QLj{us1&-NyafHp?tmlhF1MX6#}<a
z89eS)?dA!v$0+@0&(Llw0-*=wVqJPLIe&+ubM%0knF|poX~bDm=MjseLYn=&3|Si1
zX<a2v61bz*i67f~;LhJo(F1D4w{Tz9MK9Q0maG`Kaf~wV-Av8kIo`$J{v;HDTxFw)
z;r=F`zGIh6%P&#f312>3!#?gmAh)=5>ctjHd1|%2xihfz);&LtaDDs6`_$hNU|Kn!
z_a{y`FuxcTt6PW<?H)AM=AgH|&?`$G+ZG#E%T819!P<v9%N?@eR7i8xK$*ENiX=3Y
zdKxOdPD`Ajp0o0s^vq!r7kQJ`(8MwVpdDvCj!IUgl?dvL^P(I%rV?8{$yD1DR6m@l
zk@NGK^cZIZbZFsmmAtgro0b@&JWKHdTWYIp6R{U3<Tz=eGq&Tb949?<l;>3>!i0(3
zhkhBgyb#w-#G0s1xd{BkFP)gW#82(*Naoru*^cvboAelGZO5sZO<I!Pj+8{d9iIni
zbh)~6W{{j%7fH!YOYBxxs+ZWSlQW<wI%ls^GuI;Gybc7DTQ+C0s0vo3Y09$5pg&_L
zG$iped#{qIwM+Ku{LCjk##wuHY6g^+r1vUWvu5@xxPuHMjY9_mq;HVteaG}Q^!D?>
zyg+Q%30Y5C=!^|JE9*(mtdO5^!ip-&q$>_NojMJqE3S~AMUaie$a8zcy0f0W<3;RL
zN_ud+iS0=V-uB6BuM}8f@7}3XlbntR|J$Eeo-?#aNxtDLIU$Gc$mj@nV%eyeA>1<i
zSNThK^k|ykq|;n(u$_BaBty@_dj?D(y1Y`n9h+^tGwp*)T(P2Wkr)1ZvMU$8euv$j
zoMc7OIch-7oYqmsBkAKNQBXmvzkuagz*(6Vb?(P;<HsXvP}pkVPH2v)0hxHb!SCZF
z4DZGvXJ`1SJ$&nsAK(4t^TO`GzB#qvHx99jE@)UJ{~&+2RDs7vJ}0uTg0ARB<Q%Pg
zACoy>wYcrsz(^)<RT2E5^g}rhhRMlO6rH0H)XZ7Q<2uTHmX!rGzXUjpUqvjea}gI+
z5agNr5*XOY)4-iP9nlC<dPE~gxid9_lpoay`gy513@Pzdw_3yk6%#f5CSRC}xo~u|
zb(Etvn_iLd-y60T?B3DIQ$TLr?Nk4kon~i{+rX0=0jyS!{7G8>{mvc;sR!;wdk=lH
zpHv`ofgPMwCxCjtH7a7QPgm23YAb-%>U^EU!^m>a2t^}bm`l+}p>ahE=H+|InS-n;
z^OT27lriMMcnrQ+%#yGyLLTxUk4F^E&i4lHeD9c|k;%~!MROJJoug=z)4BBX;?Xlg
z$xDmh?y*~sIZS$&NfXS<3q#L$eL#+6c0IO2L?)$QklYfQz~3v1ePL;@VR*p{39lJ)
zO=35V`fvf4C{TX_-tQMR-KU3sc&7$U&msr&vdHAjX%MG*SaFsLUpjA%RGy;oBL?Mb
zjntxoM<W_!XORPU7I{pA$W-OX6`K_N6{7IQTVJgA#uEXKW1VTL;M=BDYjX0Kei5Kr
zJrn=0`l@jK<+J?lzU;8XlHgx@;~4fY!v_zS4{yJbN7kSyZ3#?+SN-LN>yzaQK63^7
zSc&Zp+HlBYQ1v5KcbI{eQYl;AKCYK7SKM!ER2*;ZiFLJo+F(o4Wm{^leE8>}#kDXW
zF)c4lOLpvCdM|*lO~Iz&5Yt`X^)OfXaL9IRidJx$FoQf!+k@vlK7Q5a>#WynHJ9$s
z=1Z)Eem%;mRm&N(7gN&kq|h1mVqO}aoVgIvD)@ECqR>xSToo}ZW9XgQ_?bv~P)V=Y
zZ7=LJeBe&QkJ$@4|2$$ZD8ae*VsiGKei3*Se<5yxq}Y3_*VPc4@c2Ckk}o)r5!lR^
zp#3Wj+|lh`x{qQhR3|>|i)t72%IXRM7e|I4RJX~^etR$MNgBbSLIMd54;^kwH!kLS
zr$x@tjCqN9a^|pZ{5UBCR{2c|nZJk?yeOerRg)G)k>(>|kibsN2kylDm}ZdGqGOst
z3C`7w$ys^&MYuJC60^;?wUukDhoia{!W~Wi8rcrODFu?dMT_isg)fh_CBy`Qw)g3x
z8=9>?V`s+232{>547He-5GQA@%7zzd>B~D=T(DTA4J#0#>x-<AhehV+&bqcFuoL2e
zyWn?BEy%3ym|BqO@0n^bIWtbbh#_e1QV+5|c)*~XaCop|wz{j?P>{M6x-q>*ox`R#
zVGZe=Y3Y@6+oZdg_`bJ+=!twaif$9wEtNZJeA7d>RJ)t6yz3pHfOi_BVjQtEMCCCD
z(VI@8anNbqZd-XdeBXCiFuk4>aT%&8v^2q^@$8jS%6utjH!X37GS7n(kTZ)sO^P}Q
zSSEa6kdkVh$9W}hi%A^RB`?!4Wwzl2fxBdSOqoeA!k99X;DMRSJQ-I&zligcnG!$L
zP`HOx`z=u5E}sU{dg&zgN{Tl}xXtaLQNVDc0)6oS&<32_{hbir4FoHVCaCxgs)A95
zuJ2HyHFdGB`zB&P_rgUYFGzix4v7fnK_bYR<D?1`5f*S-Hh9Nkocl5Jo4iWns;nwM
zcI%rBi3r?9;bZznX6?uHjRZi<)VIml2>L~6pYqDPgGN^G_9YdFAt|(vZ$n3&b&%0O
zVM8&_5ALN7p6Is2rim6tL6$A_20JyVRMQq^<Q;C%^HKnFGq|j(q44RxK_^B8qInFU
zLNg&P&;nN1_E+VA`fqq@>b__4vbV-hd*2t_yZP|`%KOwlitU#NvBdl3C*YS~QhGWC
z3_=Q>p{n!1Amq$`6C`Qumn;gP9H$m3%M+flI+TZF*l@q7Be$yBV32@DQz(@%O|Lus
z#g71)$nh=!GC9`N=bH#kos126CTUknlEdEc4X?nOY?gez23@n7)%3*#eSrevpSyh{
zkE{j4U8M3nE^2uUHQ1+R06Sqmd=0I`7b{E|4g~8rpZ<_`48k7&gReIK21e|gw|m-{
zUKA!<p~>6(1`aTVNjeZ3ayd$b6gfjb=AlH$nX59Zd0sX0086Fo$b*FOxJX!9^CGLO
zh=*gTIvXVt(0Ge!`Z2%g-L<AM{g{j%AtnF(s1LI7G#)j?A169I+6}xhf47ycUL}tp
z^+701<J<mV(K&U(bA9KS+p)E$!##p|a1V0kG%Ld>$us6BK;0wFJ>ycxS;KQ4=Xq6&
z%I&3vHrykmffJLqHaXq}Tidawk*)2J9NF5WBvpS&3fu~8#csSwJQY-fkNvJ)nWD=+
z^V>o5t+j69C3m!{L+d;7EY{U>4;LpT497yJnNhK5rruZBkr^7lN-uV!ZbgfgYW&qN
z0tz`#D+T!+E{}*58dr;O9yo)XIZwl~ipq)waVc0_W(_N#Ub!yHs1#Kg=57M?B(%X9
zAq{hwrWXH%Qhag@tegAPd)I_&Oa^W|leE1ea#-CR0(Rqv-~WI1-n7YW9Z47dD~gHe
zId<HFiwn3-$J`rbm$$dQwd*YJ+;1QVR;iCl)QFPpI=}u!Vj-a=0ZHs-KD-e#eOy&a
zf}}DNiOeUTeDxQpl8@Vs&C-FctFwM@inrR+_m0(Ql0az(aHvoPU7a|uMQiG@^R?=8
zQwJUKV>L%eQt(^!YWU^giDVjh0$rJ=MI9GuPMSK)fXYW6&+|AXX-exx2K+op1CHMX
zPb4_n;4%%LPFjs$<1`Jw7(a0!xufCOWsQdabhG%*o_YeF8BnfTQGarDd^q{aqrniu
zKqE4s8<4IAbXBj?US7dZrd9CKmE)?Z^EfF<oa9nzBU;Nq94h!#%Azu&N#UOYkR@&f
zKfz1hmnrRZ(rVv5Dc=2~k?^foE~KuQq>pY8mr`gR4y@~-p!;u9zewqcAG*#AxKdpV
zy<W?KS(^-zZM$9DGq7SLd||I+i#Cf+TEP_nV$>e7Lp3C?1;AE?$1wmsXD2WKJ)JOu
z`}t-8=#HJi<p6BZsp_h!wIZf=Nv}RCbb_f(g9M-})1oTtI4en6r!h=_hE^d_lZ;ZD
z#c9TpBoG0)kbuN9!`yO~>9#h+v@rQs-Q#MzLHdJGsb4?N?w|@T)$%C4<*oOQLk5Mf
zir5k+V51%rt@B}8CM0&)d~H*(5AeHYw)0e=r{>KbS@o@F)f;>{_XxdRJ_xqhJUk5_
z8_v&<E2z?F`a#fKQ~Qu-7Y?)fEQ%Z~OT!ajYTv=d3=~dddDL^sk0O~^^kLA72`X`d
z$xVYBpew6UA#s$EyvR7Av8YIu)s$panHFtZFj4p`l!*&BNbvgnX(ors`%Mm$`gOkE
zz_Icp;}7%WRBpH4n+{nW3Ue?eNYwi9=Uf8R)AA=;KCf=}D8$C@NyDpjw<m{nQJ%pO
z^TU>P$Aj*yEVrcXMlSb<FtfN<>p9y9J*IfPr*3`Emh(SUyzx_i!YzI?-^`==W@gXi
zO+UvB4ZCeT>xGJ(U}@8^0O-oJDGSO9DmS-0Cp2ktBKNw800B*&YZeT@rMXyu1TUVS
zW@(tb-_kIt6D{rHia)+EW???w^e<8&Wn2W|)h~<9nyKQ0R!^zo%~qHAa5F+_4Rpo-
zz1_kfy{l`NcE!89+i}%fD0$fFKqg+7pS^qPH{wzKRp-Lg+0p!{3i)i!mK&i<GpZP~
z_xg9}vJ?Qvc3)N1i|S8^m7PzDfQp=8Wz!G<=*nf3B~4ihQdEr$A&a^oRh=Y+Wh^g5
z!Aj8tQVcEvAi+!Kr&$>$@3%5c>O?EMxXzC+j9FP=-t<S)O*<+tOimtj9=9+*@?r>1
z72C(qk=PI2yV{;@Q?Bhn9P2R(E8w&e>T&Pt=rv%zHGGGtG@eR!LwXO}p|Jb)*v{o8
z`D9v29$i@;x<p#?l(Y%V=8BV=lxdz4-nJqxsyeHxzz*e><P*GzeVXl{)oQQpU{WXA
z&c&5?RPyexADj**)RItIiB5r1>}c+v#p6oX%9Rlf^kWdY8T<-#53ck;1%Rmu0L2{3
z{Jiz73d_hlUOyRAVoIY-sv1`AAG-C1Y{dF;$fL-8W(lLn0r=T(21t(WqFTXcTIl?}
zn)Tn=%Klqk3<zd4yOg4=ZR!{5g~5aEUk%K7@7|!&w17G6fI_t(AluWZ&V54D=qa2~
zKT}mI$kYsk9hg;L!0L|+onY6~pakg3B5Ja#NP*><3qpaVyfob8d0TMGqtKq{LJ1PQ
z_<ovQWAc8xMho|++4aSU0aVg4X%FuND()k+8uE{ZxYjb2YoaUZ2A-5bnndJLb$aW4
z(FAgrmQ$4L_kLv!`O314O8e2QET&6-==abJ7f|4J?;R4LS3}yxvhxD;ZoP(lr=rG@
zPoud<4@A+u^%9Z`ROkdNoQ8TpR~A`JGg>wz(Om01*Ies$skzogocsHoQWpRjLFT^o
zkm5LjldKSx_gWz;b($4=ZaQFv_`=A3iVD2x*0UYv|EAk%#W-S)W+uBfM!CuCd<4nn
zzV+M!96^T@nY1)(<_FhR!#5SPl0Hky&99luU<@GXvsP1bNORk+8u&!h!Dfe<5qdX1
zGeU*JW|U4tNuVodtSGZ4Z;7aKPH2@gX+b4S=4|yyL|&GDGjdT9=<S_qMwq<cj4-Ja
z&FEqv1S+YZZ>TMyQs26{^!D4ONvk`_6I&bxogG>sjxO-lw}3kCnbr&FjaY2vE7en>
zE1T^Q%h{@%O-qh;vXg;)c4*#L2icRcpmB9*lUH`+<9s8AQsZ;P=FXloj*FaNann#6
zs9avNghxp%jjfXZ6H`X2Mn;n&D`>-c-Bg9Y0G_(2jTFZ?oMv&Dyx-!`;RL5y+{M5Q
zRPyH6I}<u$ZAz%<n<0%3-XD%!kX`HnG9WjJXYZcmp^5x@{pI0l4mGUnUq61A;o@_R
zEnUcO<?GL%cg<ouKv#Fv8nM>Eq<HrVrvIT=xN$%b%C{^7-{CHv4Ilg&1~q(Eorm*p
z@@9t^czn`_r+Pha)I-*`Axjn3bvq1n9qxnA2aqCXEB!sq(LfV@E|0Zd4p&L1!Bx<e
z6PDMUvxL-H3tVckAgoOr(o||PX2HwKKjtKL;VLN(@i@&|F?qkWqO%oFv(}4oDfq(J
z)`$r}j5oAZd{skC*tlmMVyJX1YK+oN@pE$##1>Izjwe%jIC>MB9tIL8LT;1F;(!ZE
zWlx6{kvqN8NmRJDJreF7=42$>uLRdscoS-4CU@?HcwFKHi<^d8L07JuqOPMjA#G7t
zgk~Zlm54J^id3+)suG^~)26A5T1h9OR#17r#i96-(=6^{;0nI5cWcDQT>uPB+TMR}
zyA4yPs@tzN|8Ie}(2nHLo%wn$-g?%0`7~OBvR=r~E(K7xL2}aEfzF)jyHagTYEwJ?
zrbbg`D%ysLq^k}RqI3DR3>GN&z<#r43Ub`odvY=S>rQdX+4d<wpTRPK*GFs<<wWrv
z7%xY-q|*>C=*l7&Nt9<bNm-H04Y8$!<uZ^JWtCQ}VKmRZ^Fy=LMYyCB5iY2_-#n)w
zTs$`&GEa12Y(qqeGBk`t9<CnbX$|!6wNA(D7Ty(G+XfOhXOEa9I_6^k;=1uyhmaq|
zhN(=Z#f2)P9S)bET5Hpw!s>3jnQd3Rdqj!|3LAYK#4?kPVWG3Ts+_-fPoqK0rJ3D(
z?JLlOY*s@Q+aGx;S2KB6^T+ugaQSB5ueT#fo9>&j=D)Kq4^yCUlRukt1C=<z-lySg
z(3SHht!a@ll5s$3^IDLqs%s*0+B9VqC8G3$NK+SQlTO6hpz;9fK#U!QmzYA^4d>nV
z_>A;h?;VGXJ+Lrh@hFmL#9KdhK%zF{$81I681UMhBF(ebYTLBTXzrmEaScA)59E8u
zI1SdW@$CP8y?bs)s>vICba;zZt<#QY*bUMZAMpWcw{C%!d+}VuxZM+};$4(xE+gvg
zf<fg)evNCz@H)_iYYfsp0i7LgGH^ZgdMegi(UCupr+N#Ibv66`Fy{|Y<f)a9lD|YA
zRYe^4@`4AqywB$Re=z@nQq1^5hRZ=j=`;`#y0SedlZMwZp>5HSs>mzCM3$E|OUs7(
zXU3&2h$x*1B0}XoE(9HBa+(Xd7(o<T7;zye+(&MN(yV5;noncV@!ws_k5gzFEjoeW
zPyE(*2Yo-kH|g!YyU-x<-OJA&#9}qHao~F}_`jWPTm|a@>yV!qxAcBkr?%WL1Dz1M
ziKAm_&`tbuC{j8NiiECQW+F-Av>|Y~CR84;Nhy!lq>`uWTpq6BZ0)x|7mAclgd(Bx
z9t%X_K&M&Y#W<wU!iWW8Ql=fm=?hdl+}=|F;8gKHt}*+<!CXdgX9;6J{b($j-?$da
z5(l$iJdItoPdhyxU{Cf>O5PG2YjCY$sT|T&BUdH#nPZlPJp^u9mxF=QX<#69Wt)*A
za4sfPo{R~TCu5S!gE5?o;aKdqEEf!vP6Pv?@*c|y0CGZ>bukhsv@l{>m=t1JK+%mE
z5jv~~XuXfxk3410m(5&L$Z7g-bxPcf1dUg-e#ut-LkCAw_~WBJCo7Y4_E>#!1)zi6
z(f9Qne)?w^9txsD4exUNPdW|%gRX3IO$1u5<heACNR`(Wks|U~+Ll$r{pV8Z;(zEw
z{0}PsR!C>e7RPN5l|rYE-Fj~|U~%U!_r@b+3~r~tY3O6zH$%fe((I2bGx#=NeH6Wc
z@XA9nYACxLI}5U9-#tP}cg8jwc{OE&nt)klgzS!}7E<*Z7>caUq9z-xEZfN<k5_cK
z^<etA38WFbM4!}m-b01Lrb(w^iqMs7N^6nIqaI6&me5jKWnINJ5pg8XdTo@l($BR;
zT}%<3h$%wl{icbI)A5<+#Ym#_mwV$8djGguXnd%G_>gT62+{54p<A1-LMJseHbt6l
zjvhv%YlwiEG6>mLGel=3J@z%xzxCXlyXsFpeuoz70OU#Jey!=y%?;^dixxuf>k67;
zy6<4A1}<R}Nsy}fHeZN)p*zCNgF`;e+y+>(OS*UP?)E2?V8=)FHK2PfDsh5APlGI>
zD<{06dCF^2*SsW@@r1BS)Pz?FqiMt9hWU?=)P*e3iI62!-fz(8kRG2wUkp@2CHIE!
zAeN0ukCy#j(<d#)-0lGJF(fl8v$NZT<?eN=M@uJuwo9wv(!?ISMzbf|go)Ys5Ht6q
zmk#f8*ps0I+ca~-A-iBtn#fXlAIR<0`}JUBa=Hr!IG7t73~RoRkq|^b0wlWE!}h%&
zDa#EWj9i+tj+qVblukJHtQ7znX-u|AzX83^ABh*#?E$|#)9mo@)}ReQeth0*+7Y&#
zueOV!Nx*p)%yD2Z7Iz$%qo?RJ^c1>s!g*Q7v>;I)6%eFzAdnUW#(rgG)6lF8I1U#*
zMJJ-CP<g-Oz@%;k<T4S*aWQ5Jl|<1So*PuegY~IA*C*72(6wGI1Y4{8ky`T@jlpI2
zv5#C7%Wv~_w^V&*+GGtQVsF_>p6t1Ki2B_E@Rdmx>sfz>8%i1Q(zJlr4uR+uwAy_K
zB5C<w?L3~wV|lL#eTUobEZove65PnpK-}X9N%Upn2uW1r1RI}**Fsk=5|Je$%}E?L
z4UrbjNyTVQfVfW3lw~FJ<C&?8*P;{gTBy9=#xW_cjbDt?I*@ef<<QHHd;fY|V1I)6
zK<v!c{9z7C41Ly!G2^5~BY%kt8g?(KkXVg+J(g#eNn7Px)mP)(;fvY8!ZNo{prKiE
z(<Ym4Apn~>dlW$9HSZs#g^rbM+W<Fw_bb?9*E%pU^&VXlm)Dl>03rz6T&}Zk?8o?-
zqqU<QbcpK}FssGhn#XD{hjGzqFfMduo}^X9X+w%SmpgM4NvqAWjO0n1)Ty9Zp89LD
z)P-@;i7+ly-fy*-)UEjT`Dnm;>%G;G)uNIwZ(e!Om8hH(%rD!u+ymEJWm~Y<yn;cp
z&)&0F8oK|Lt>(@C$NYT-__FNP{@_~$pISfwJCmntG2ki>w`L$OzH&ep3k^`7Z?@)A
zx~X=DXV`Yq!@o%{gZepak}u@rD67<G5NVF{-N#!C%|QqQCzb<j!eAz@X6iBY2nfZ3
zq0aZZWlHQ}M|Urb*)=+y%a?t-9I!>F0k+VUTalzi1H~vv!O@(jq-+W%PwaJ(6%nNs
z3s|-b*rF2wTd2I>vQgxV$`)xAK<xWsycQ~nTQ(-~MOul$`*(eB?sqhbdI!;H{;KHt
z5L5O~s_LLOuiv?jp~!az%o=u=9&nLrc7)3BIrekpc6Xb94xE9Sh~10bh3#M`2aV>?
z!5jr)$%UmSxtG2{bqWrcEX+_ZfkmN0Cm8B9SQNT4prP8L$w-k`j8Ku~gw+hJl`;$1
z@EfWNi=q=@QK<YU&0c^Qst;;pmFKP0H(*3Y4EADllyC93zab`zqQ7)k`my`A(XEO%
zw~r&IrUq-sohwnmKGje#{81SKl!R3gsr$Y}DEHrbZtCTe>6TYGjpebs3*Vgl`ZP#d
z&45t^XFKik4)>>ykEIQ6VGg6*wAYW)KKXpjw~yvSd)v11Gm2Zc)nWK>F{yEI2jH1h
z#ZO-LQBU{Qj1|L;n%i173%zg4V>8Uc0i-1`r^<c&`}koP$SpK)wg5L~asUbp%lN}g
z!OI|hsiw^7aR~hm9L$9G`$%s~I1h0Kdt5-CLi~W#;4q6pMMO|@KpoR1v!rml3p=K1
zXfbr<D&<9<lsQQYmdO)+EYAjYM2VnnTxK*a3z7L9lZzIk6VYO*yx%clQfD}(i$P<k
z<dFRLc_<VeXFQbJ^N)FgZ;8^=edcUK#eujUl(Gu)>dEZxFTdFMqE{iyV#b<p(z=)}
zo()+xu+w4qw(<+6D1UhN-Z|8ZV@L7*n0@wHK9oE}DDPxe85w&ZqS}l%EFHq$OR%_Y
zRT1nlS2|Kyfj{q8@?!%>!XeWE<^|55mxZf%*au9*wV^9>(Zos48xp073{KjtCS?m8
zJ5|ZDG!toB_<2F7i)*73ac!u)-v?k)+JxS$JNZT5cHObTXSd#)4%t5@sg^`meB+TD
zGH7F$$7a|kABTAav%Xtw?SWYymjAY08u}2`{TP1gxA;BGempMzLz)B^|M_pLwQ7DA
z|90>uo$}s5L4K4pz-fDS$^rAei~!qjs;GtOA=@s8VCBW^UH2V))0Nw*Ijm}0HC5=b
z7OG5FLs(JEt-ZB?xo4ZFl{q0L5y>NyZ0MisiJ2U9beujTLl3Tp#5x|!PI8uO861$x
zNPtqSj~=`#8;HPBP<qw-wa{PUv%3#B&-DywAOwVRio6LGGp)r!g@W>XhAubxLY(UX
zQA@uEZ$GG{9CX>dm?3WLY>*&sq+u^M4J3%JToodXd0vnvFF8!eVWdh}OyY`GS>EI@
z`p@gdG8ZJ6O#}&|@?I~7O5J|CJMOqV_Ze_pzO}AqKWm4hS!ma0z~4uCz}a994ZYrw
zAh9#h9BvU!v|tu9oVRQBVR;w!_s5+Vx}H2p?GzvOu0A%A+Qg_-H&e#9WGKMspr2Kl
zvmSPEG;|Tm#!Ra+*r6SE-A39YAH6pm9AUH@R5bt|V1>2g8FHBRoHI^+v(=A&I9%F9
zi*dku)=Bs@W4-2KvUljzLqZ+&b)!B4H-Vs!$fltc(UmPCkpRkx0M3c9y5^*0JgF*C
z1IWqmBV4p%HW96e%KLo;ItdQ-5f?)heQVjFpBQ~7Dm#`!z{cO~x&pm(!XLh@=iiv(
zLy|k-H?%zlUFPR*CLd2)4qRm5QPcJ|Rt|^qhsy;8%MW+~2Q;WFoeO<`fIT!3m@%r;
zK@WqmU4iS_o7*kDgc%&+dmC`$!-2(8#msh+NRaTcW01xxt<06y!<7svsmuFzzejbm
z93Fdc-OAq?PAaEpJJ57|x;w2FgMNXyW4RnPnN34YqAOcuBmoo@p=C@-73C2rc+5GA
z1c0FYj>SbyW)o49sJ!2?cn9$L^CzA=4!IZ<RERnjOal7UT{Bkb!FzMw=Zmc>G&tbr
z!!C4%_BB>ahGa)`yrJrC;8xU_d;i^xsbtqZ^{#&cGn1cEgpf5`=p2iQCye2mi=sRC
zCDR0P6$;zfG=L$xvhDOC&~rejNNc%oCk1KCx)N1fL(75R#$145HW6Tm%KL2$lY0FF
z4%+?K?l_Unt@nmQCU)VXZ+xP5M;ua*W@JR&ZS-*&a0AesY8bI~{!nUt_vrjm1-^Q>
zgB{Dgq2otb#16gV4RvJUUK_UEpL#eZbn6Y%DL{>HI=(989Op~kt${t?a8nEqe(a%-
zJ**vf%T;Hgp6opA;5$#QiZJtygO1ujOtI8ORfA1dyR3bW^8P>0!5eh#=4uRCOh3eK
zbYo>8U9eJd*aPd2uY`G&ONJ)m1{3xu)8LHg$~+PUPs)byD$QY<dO^x4sY%<?ET?tU
zRDq$onG0vkCc+s}dA~<Nfqh|*axth8m9*2_PVg+)B^;CWTgT3L!?paADxB)1zwQ9A
z2}Q7n8f(FL>$#Vo9jX_zER65iE*e|Jl%cZXquDKFszIq5_CJVipt`&ktWiwM8}_@<
zolWz0hf&6U9`=9fF)a7j%eP;k<6u3nx6nBZ?B>gMp@+v0&kkn|<;8~HgTpuAyuOjY
z60`G5c<gXB4%_)O03^CHOS6inMM^{gu;o0?Ntv>g<djuWA!;V5zrc~X0LW}201}n=
z+c`RbFl^@+!yr+~U%z~^T}@ZBS6#n3$>f8h8^^P2Ki>$l=?MIHCRYQTB(o|!<g|AD
zf<4%-gn*3?F?E#xF1b_djJuyDno|%bCjZcH$Y3*9!<lzzR&on6yOoXQQ3qy2e06Hq
z4$t0%dRTkX9*^OcEMT}vHKfk++~_0zIBNs~GT`DnEF`#hgPH!>e0I26hwXkEJQ7`5
zI@>Je^2E@HM95P)V}#XdMhYk+u(|^N0KeV4@W^Z;JQ9`n+dU@r0ZxQ3^@;Fka_rW7
z%OT76Eo)ar%p4W9b9=x#?quBEK-V1<@xh>XpGWWN7AZ95&z(65E|?!NcAS;ZEWWd-
z3xJT;cK6{1tQY1!R)5mzE_E`HAJk<$2Vk^wSb%mww$_<Ec+{7ymp6Z~6lQssKpt`3
z3LD=v$RoOPQIs?<n~cEN5kfN<+A6AC#@ab+%96s=5x?=dkjHEy<Pnwk8y`*xc7pL;
z40iM`YgfgGj-cYekmx3ofC`b@y;tu*Y_`XV*h0}+EKS?b5Rw0((7fYjWA;4Q3gw3p
zb42dzINadn(@>zZb^e`uw_r%*epO~2HcfT8WA_Vm&<Z+aE@V=0@4rB=GVG5pW;eZD
z6W&Tc!YDz)Adb|~pkWlcNq}hXXx+B}{~oU=FVlB?t}38vO@&>s?^oUHR=SgKLW3+#
z=3cEe4AC^egS~oz0(xTK&DAhR@PKt!B@)KG{~vm&%kFnMTXo&SLOyrC0Sr#yQC}=}
zxEvUnO#?=vE8Brc1ZKDp%A<sow5muPQ<gO;hY>D*_vHd3vx&e+RNn8taMraG+}FjB
zNbj<v`|_g+P*|l{SbE5{+>8|q^`_(9;%bK_7Z{({-`GOe@1SBXgI$$SQyxZ!(GbN$
zi{V3WYw5L$o>$T#ie6_XRfjWppWV&-oyG%v0TC?p!0!JyeO*h9X`lsa^@INBomFkA
za3^Wmc98GbZwwtv97DxYSL--*feDLkfb}h=!5aI3>Bgdyvx)q0)eYPBG{7UevK_rd
zVB(9kZO%wpXDtyd7Im98F!051+b-ZSn+SMB<^8seO8t6+S@gvqN8e(I{i5uI8rf`~
zZ5SY?AiBDl;2Au@bKM6hkI)Uk=LYcaPBWvj7l7LCAa)Uh#BN9#BnQH68)hhLa%i>3
ztOVTI&~|MNlCQViKmdneN&%GBz5nEF)=uNGbWQU{kNGs?FAQA?w}l8u%GW~P+c&YX
zJzQ35071(eGV7=Yt>Jy?9Hn%B-H^f9ZIcAS!*@9Vh`@c`uZM<A^}Luzz+NnlfyUJ-
z>=LG-2ho+wI*!Y-P6^K$AcMFdETa@UB1BvzO-iYs$1HczgZV`CAS&;538)mLl>GI3
z&kYA$gKtp}ItUfp>3nc+T!-v4J@$d<{{Z`s@K*G7_rXxB8^;6hr23BTc5gj*xr4Jg
z=`P1CUNi4a9$!iB74wHE-d6RmoWT?>8N^PJ&za-4lN*FwA<Xn~sS*@L(J&DMv1;_m
zeOU-xZG(25Pec5nD_2Por&V2&B#t9OlcpwhE*NR!SmbR<Q<3?z5V?!^%O@iKP<g*y
zqccy#c6~AQ&$lRI(wGE*VfH62{N<M+#6D_9%BFQkk<&cnbQce;#p=pBA!k(_F=p)k
z_Geqby@`EV6u3KUlB(Hy_3+dipfB9kqPst6yEYjCHsk}w!HW)JPVtaP(E+5dPy$YW
z((XPz@Rjv=X@9>ypuMR&?H_qvm<vE{(dPm#$L8hJuzBdpEiICyspR>c$1>WFc|)os
zZb?S#q^he%q?I4^o4eS&9D^tQcJoGtk%Irekp3O9#*0yMzEu%xL`ezv56~Y#b0Gkq
zJ#>1K8W4Z%jgJ|yt^dv*SAU+}eb^m?ifGXJV?j}o6ZB^q?hIX-*GXO{HLz;P-GgRL
zOv)sWNK^4#@R-t~@snQVF77Nxp-Ly{&&3ch->QiIU=m-9|5XkTaxRuD(M<iZVTQ_Z
z?)RsvG=v+Usgxt4J?B%Vp&}<}&oqn?x^kO0O;HsEiQ^<Cv`s5g)3PLO71KClG6IPL
z-p9ol<tS?A1ns#P?&Dh((H?x1=Fr{vN)eEJ)oOG5)pF=z!&4C@IiH~m6*)mkrU6vY
zl}jcX+SV<J%2Y<FWtoz)sv43c35zorycp=f&0T;>j@83YQId<XBB-R?S?<2^s~N5=
zD0@}wb~C8vsrP-iP_dQ64XNjO!Leq3ukxD^@yPAW4l8^;esuQi=I-_L*|!wYChSf;
z+H^VWA)f|&Kv!;9)JAD4NE4S4xSX6+j8Vd&9$T}RCIO&y?!q2&tiXGUHes@#2QF<y
znLLXkN)$vLm=+kt7YEw%cD{MHtyTB`W(|oiDL8xe{`%Fe4#{_UfyXF`%hNofK9`j4
zQK1tQXj<tWT{)MB<~Wa}##A!cp>@Pa-P8ri+J;GQMBAME2chR~=|0CwY^NyD#Wi%_
zs)z=mWy?W>4tOB|y=l3v;2@|WDNt~Ewo!bw{a#O~?xbp-V`nbx9y|`{^4e)Wt#*p8
z9Em7xGa(4gX-R03a#Gi2PKqS0Xc@`SrwHheTRY9sQrZdnb8!*Vw<@APn8ZslV~Rt(
zYe$qmnJ;C8v(pXTTaq<3P2`7I^LejR{eu)F^w#iahlLT!fbt3&O)Qm69qn$v+&TPA
zdK}Sm#uR*Um@RJsO1xX^!lz12z#L29cN;#2>FW99C#c8?x;m{Eh_1{do)l@_kSJme
zp>f4X)g~=zd6BerT*e~v6CmYoEigx`Oeg5-#pOBQs)(+hz&`T#iO<ik4xu6^D9N<y
z5V~^8+LF~GCx8~04y`OmomMHyIhDUoizpGbS4j%DI#giE>JyX%l?^HhDjAH=QOSRL
ze2(4;u1%;&SeuGzH3@X(x~bxXW}LJlO$ZfLNmx{7q^M+U6}7Z(g@1c2+?qsz-QFqM
zba8pWw<@AVn8ZIZA&K6DM}IC)XcyBG+UUw@U9c=~1j(W#f*322-iX79o+1}zROe0Z
zhp!ZFLc5rd&_-p$`g3+d8<qH{B_z>1@MzEF>Fi=!IvZU%ZHg!=Wx$iyTpjLGQZiN&
z!4sC&Syq&}KOtGT>Fi=cIvbS@YtPx~Y*ga!9q^zFd6eYxtaULhYmKfP^M)09*%FpS
zIiWObNSUORWO<vjTog%}`-k}yZq~Y(khMl-!%Bilh65gSEXO}R;5k3Njf$M0P1Dlb
z=*ndh$EDyI5l!9_%JY&`w1|nQqlQ%_i|at2b>XJBiwWs%R5p~5^eu`g5!ylb&r3+6
z_uxxNqCzJq(6o#;x^h92B5PSjDiM`ZfeJzDsLDw!H>|Xj;c^xQB4#(ET};Smqq1Rl
zbaqM`m3X63-!2-=AY>1)ro)V&m-5Rq{s+;OOOn^9&<VOSEqRTuoU?|ORH})P+Z3UN
z+_e}ja#FLTY#ZKYRpjS^EZpREF(G-4%7%62?Bq2naXai+b+<7=@S?M{Mhb`23^1f&
zOartqYCJZgESJ!qqe3Sr%d|{2y0XZ#MwB8ZX<KpWSY%jS<z+(hoYkBqIc)>jpu){m
z7ZWnosBBnS&dyY$5(lngw%%$das+m($g+U==6=!Dz!mN)&@fnQrttN^g|!79@mU8=
zD27_D>6Sl@v-p4lS03ZUdflxJN_A<wh0Wz&96GbT`ik7f<$XQsvdbP>-BywG8VWvz
z%X@T2%<N20*_nU#V)n)mfxi9)p7`J?ua4Z-z|9FPeC>9zu&jEJmIplk>n)5RHqD3X
zwO*UI>keaaTY2oEb-W+*=HZ@(TY(C|INZT3dObXx=<OsJ)fm}8U!ZfTw(B;l^?bQO
zlK!abcn$yZw0|)z?T@Y;S9L2Y=uU1TDh)s7q^jbIa2bpyO`OD8V9ashru~ZvX@68U
zZ1`uV{ZWZGKi|w84D*)-d#bzc7#{hZ=PF(uxIC+0Ov~z{D+BmDX=y<K9tv4~PRcsw
zq=9Lc8D&Wom}XhJS^aWCRv(oO>VR+6<2ry!?3cNnDz_c<cC641uC;5qJd(&WuOTzC
zv<QYwVSenf-+68YKi#4tVKpkJrSs916@ZvWf&iBop$)G{mE{>Jk|?PSm6%_R+;o09
zA)SxPhSliobUwb;c88c&=}B+<$06o~JpSz2zu#~E9M4pn-<NfF>??ccS;XgQP@xl4
zWLm}^U0E^7F?kXx>m(=A?-ZnN@`z+{%F>)xRTN04m2SqqoRG0cWy31sA!_yH(onI%
z-RL=gChhv$T1H(+0|$C3cT(W&ySl<Sfa1w=!a>Aonb(H7HdZl*30@G3KCHX#{ljXz
z8T-Yo;+i=)o#J6~$dhddg`Ai0TlXpQ<;8<?TJZo~xn@mT3f2(dRg#D6Mv$^88DYSy
zRKzfFGT`gn;z2o~c!0`=6&ann?pI`V^!nJ(H>ipUrx!>wGJ35$m_zic>mNJNEIroE
zYM8_3ZI2QoC(Ew(BT9G)Z6_*pf)Y+EPM|B7z}r<;Ede@Usf2Y(s#+wZj#*N)g<=Et
zE1_GQC?^yrP}#5&o(-u-C0;@Ay6Nt+bGu-SJyGlxx@W$ZkDwxZIJqw{|9Z*_-+;GX
zx0wzXRqbT`Kr{0ii0`&+aiyn$!-qC<lb3h%<4T^7`(E|Jz3jG%zUFSj7D83>Rg!zN
z?v8Tzz4P3kCtSR|7*b9vhM+4~t#qIzElH9Isl73cNX^rPBt=$=TnLCI{o3mmL&^!o
z5L7m-y*QI2xUSomK0k^QS?VDJHi4qEKO;I4(OI;@VYw2IO=U0x8^)=$DmT^J^pbJF
zw=Zp4y|*VCvVT|hQf&WXFJ`yMU#<>TF?Xh!TLzLx;An-?q8e%EVic}i<I`-<PRMfi
z;Rb-D-RwauR`P1U!|c4BR#upcvlhD(_<Gel4<|dDIy$^fON|F#4RCf0@8IUkdsVfX
z%dJRH+c<a`1I49+MN0u^3=dncpJtk=Qj_T({mRz!#R6+p#kIh<vt3^2DyP-C(3Kf2
z1Z`qL>bj`pIiamc-IfK(D<HQ|>LO_a=LEOTRZggLp|WA$fJs`q*kLf{Db51Bm~j?2
z!{j-Ab!=zz57i!3d^ed4M}^+dyY>TBl8W!xsI3Fll%`-Ahv8X4z-z;$mIEcL#$j8&
z8I!YC&F;Wk?ZT1v&&}OXr<TsjV7=XSdiiptd$K*~3zO*X^*bN(=!h9zQUXMUPB5bh
zCBP41@rTW3)&Ix!^+K@q^2MXY(7)i_qyF8sjE1%g(O-)ntA$*P)WFn9Z0&+TWo#qA
z1+sZs$xk81j6HuU&-J|GF^SW(Av9?V!e|{6meoy^w{6U-z((&DBFhPdNK`g#%;>ag
zW6ZeaVv=99w$Hw(X^cV3#V(^r5>y>(u20`G+GX-2WZ9U95*5@##E-cKlA1G>oosC`
zab<<zQp!-Jc{4LFQr@ApaI@8FbJR49#@^~DJ*3)h`2W2H4yl3U(N^a-f<5jpt+v5o
z65YUYy|d<8Kn!hJn)DDl{UqAwJhC5ZAo%z>GwV|P0B%VYSHO(8<>tW%m<i(hi<#08
zfFz}(T4R3VlIkxibb_ClQ2qT777zOgMH6_fW53ZW$Zv+ouR#VXm}|fundPER(>5nj
zl*uyykW*AJguBSIEH9EKkCVU&)-5}i6Uxr0Y}hrR?M@>td~kcmuJK9*esIpzSJS4X
zrX!L0lBfxY#`s2v%dm|jt|YuzAuapKu_Ca&G}`;6*=`RH3q$Q$xrf2DhCTXz4M*M~
z2!J4d`=|#uJb|UI8J328_Vt(kxrz<Yz~KPM?1n24I=q;@8cCuKLlb$QLKVhsB1x5e
z)ZAN>hf+=yjleId3!_3OxP%FH;SXW)(?bX4_65<yeh34VAnQ*4g~0br*78kb-T|ej
zq-hnGtR%dFf>Kq>z$BM}L&57Zp&8BNKz~T-)~3q|wP{o~>>bXoO`{Sf)KA7@l4U#w
zYW6=JPH=-ED^8${DD3%-X{g8v>N>52jjl}Nma$kgq%PWs02K`>dCdrAw2Cs3)phA_
z^{?C#b~T}djmid9#kcBlRY4_;s-$PB%C*Xw2Necg)aT()p|HwS)5_K8%0*LUdD~Q^
zC`+j*CCx}xS1sXDN~1~!A7$)6mQ-%Jx|&d~MrFe)b9T8JmGCw9*QQ@z=L(tPV7-=F
zqZP*L7@{ucx0<0MCn(Fb!Zo@wr47&8q$VtaR>dYt31gxpRm9Ua;Sr-e;9uOrbv2=I
zjmn0V<+8#xD)vVC4U^vlRGtFmUBP_utx6l|kYJo3EJLg0pmYb`=S~335K1QV&8+D}
z4{*p~;?U9=nEoha%m_G}5gZ5;eYE_1*@z!vC`FGrM!OiIp_kO8QK1ubbXrXsU70sg
zkw$X+i`o_%+KPfyOsZ_c;<jj-OeBGFVCB}Ns|ht}R5q-mm(`?Ev7ftH|Fq=t1hIta
zaXMwWM=(3+r;vfFSkHi_Q>)TitLJvrXg%X<L<Nk#I3nF?$*-^Peulih7F})o2Uk*E
z3O;<~3W#=IQmjUWPSDP2#cFirlvg<|%Y-n&E9pTgB~_ctu)dalRkU^8)c(oPm0PT?
zCKRht*|2t^^AR<7@kf;yS^E?fy8@_=K1Z8t&CJC#oqD%!^Z<90Qp1$xl0k*2&<V;i
ztu~CVTxLR4Qe#M)rCi2la=WcX788*R%2-;oE%n!bDz`RVO{fi{vSDRGC+yj}PcV0k
zUcw}UAlLELWPjM0{kaE5oo~W!tM9>=y-?0crCWRU2yTZP%5X@5%v6F#e#}hz7?M8y
zlCAoOZle>Y(o+F$UhcmCPY*fR`2zJ?=M%`GA}6Tfv@#^RasjinlcFS90WIPzk4Y&6
za1v%r)UDtd^LNEmZW*$gP=-Wh!)kbTyB#Vq91#E||4ypM%dY!fZF8>9c{j653Tvp)
z35qeTw+>x7iFq0|Nk-bXE(mRNM(Rq)|4F4%q)FKpW#Ly0x1?1~C~2XxVa2$(q!o~y
z{THNLzpT5*6}nGdQaC|{PSAsCZFA_#Maff|S0#z_8hR{qc`OvIAaPyQSyeS6YW$>G
zm0Q24Ce$xb*{~j<O>lSKkQ*&~SkTI=5wrqZ$?d#n{YC~fUv2BzvzM=Kzdj#^#h6ZA
zRpHQE+2@s5-n{p>>!SDJ*=a6Mw^!5Ju+Wu@EMj%SY7(VY13OJas;nspFRO$#bsQBT
zMRHT!)r3?xDjQZLOfu|H{F2(Cyn0}pw_kn+bpeh*Z;JAg#w=9m1g)5s)karNlZ>^w
z+-5j~5j=wCgvnz(Ns^RtQPy>wc(YD<<YcwshfB2rmknu!ch#fXfJ<l!2t`7ps!T8{
zO7LSw{?2n1j}G8MK^;({m+Jt&a#V1ZwQ)h(I0GF>8DVK&k)%v2QHV6oV=pCk9>uN>
zT%M-JWy3mfZkigG_$apyc@p`3*?nJ#=3Xc^Gy|y=KLA`p^k6_lE70^eGPVzwI6);Q
zC8P0`)4VKLB%MLQ;#QuHE5Q9XjL<YqXq(V7j=iarJW5=ZxI7t+%Z63rT;4NW;u2b7
zL_5wVHp4|uP>)G@V0>lP(m1DzyaAFY0tQaURYqz`c@gEMh$=7fM;@iFdR(3d#%06m
zaW1hLE&+KDRdLun0Q<snC|H@vVX9IJ+9Ctffms02kFz<=aFG-AV^Ss-U%AR^UPgiw
zXt*S_i78=4lMwm;RbIzU$?AZ9P**=L&&1-gVf{F_Z3vfmqe$(5@osGy@2(8H+1THx
z=@jQX9liI%5KA+Cc9*>ZP)hn2E7te$8@JKmemigQv2*y{dNl3gG_DezqG{O5oHIsS
zo{+Ywr6;0kLS)b?LzzP4^4KhB<FA_LQRZse<!M}8Hmqrw<bKZo4Gb{9?K)5TAHNtl
zDRqGvTmf|FNEu+=L2sp<lV~~17hMk+Tdj|XHl3Y~#YIlgrb*dYeC4EVS;NX45E?O|
zRhp8zEgBMWDm@w%SrvO}D)K0IwdwL~EG`??rgO8gxWoZn@SE*Y4e|VYvjyX~;8CB8
zbGAx!iuzzH(<Cih8p)HBV3CZKYe86)LwUS{Qd7xT;ceN@qrz36%X7B4Y*>BH<wL_I
zd{MKH=H%H@euE>glFt4EfLG6n-ps}NIif~q&-B1WPEeysDPMeLR+Uj1M-gdq3PXj8
zf-s)tBo;i9r}#E6GVg%oJStr^x;*8J%ZAnHT&6T!;_plwj4$L(+gzN`RiabW1Y0?)
z@~VkaK?LLSj2;0ud7KoaNO_itGy@t>znWC8np~dH#bv{4f=PymgK^1!HgPb1CmyGB
zaUxiWPSGY5-dwPVF(I8!srRm!R7DjNQKhsIA}uoNKeEMcA~>Fq2u5Xt+Js65wF#Ac
ztr-D-x>=}c#GjWxK{J{eEj2W~4RO&8oZ;5n<r0)n|2$~a7a1!Z*C2FtT!T=Num;7`
z(#Yt_agn4+DOIKg!VoGLBURMKB&|~_qv)y>{sL1TyJ_TjLK+#B4QmiOIm04qa23Kt
zzpy#%U9OIRvjNV5?)!4+7aqF|*H5#h#>1=y0WY=p5smxX)w%6*Av8DAlkPNvcpU(;
z-FCG&stNBrx9r;qQK1twZ(6n*U71EKO){R40=VI5C2~^cO-a<aDcbNPuKhb<>}IRu
z3E65?Hb8prT@=x`aI$(5>G_VnqP*w$ZFqI)@|1QwEv1dFT-P+ovxt)<lLvmv>xh&|
z!bqIPaaz`;$Xjo(MjpE<?RY{;8<h>}5K47*^Tp@5P(ZW>`w8e+)*$+uFEbfRZ8eJG
z+0CoFyXR`|q6G#j+7jI|$u^1*rB^~sD&2}G?xG<&SKH$sit`sPWUeEY4cT-=fIga)
z^u_d+J5b9R;J@nF-Y)f>J@p#_bi}}$vRx`2I$TYO42;1{=k0s22JoLPw2iW%{d>M#
zcHh*GF90E+dbW>~+UbU66)g^QcmQM^n46d4yRHV<{&;maMCVSN+efms=$GU*v&$<3
z@r262hp@P>=~JHR<`6#}P)6vEPp<Tl^lU{2UA+E3y>wYz{O2AgKjH(h*Fy6oYIs@5
zpcjT|a#4~}dIi#^A{SXx)J++PVBE4rJfUoX$_9M^CK&Jm=l~aGGXpo1Wn7W^3p%S0
zS}Lyxm5UGa<@Sft^55pmru*K%P@lRTJ~fcYNc(!TW{(2Q(^!7D5=)}LM!8wZ_oEK?
znwYy=XeR*nr`NpFBR3ZdP0BPdIl+3)DGxQL3sCI1&<W-=q5Sb7EN;!|e!h9w*2;?1
z7k3R-!iIN_m;?4$QsXlLv(fW}0%EKcq>7u0h`3-4&&sIqv#R8=TU&`I)K*a0a6pej
z<o))5iCIb&cEFHe5QhV6h}>hEt&X4^M$?UAAW*VOaTR5dx<U)~U^Y%6Hod;e*PlQC
z8Cz=ev@+~T^Ce$wVL#KIwel7WwSOZPLRqV7OETR@o#sinefjZjwqQ>}6@v@~!c4sv
zc|AqFfzWEc^SmIh0bO44iKkV3(3P9GX!AC$2uq8C(2^yjO5>Jff;FkAMVc}{_9=EN
zKJkQ#4=Nkh@emCduI8BJ&rt6h39k$@j@3J<g{s|KePvHtXVu9Q6nD_uowAQ<0f&>U
zqTyI9hImbJ*=^WTblV;Z0qsWRdK&}g#XR^0IDcFypn#t|qMXXZK^zxSZ=#yerfvum
zSwxDOXDyS;RmFkBr(5)iClq~9*{}wMfckfT{ot_4DcE+vfnry*VYF?oh3tmZE;x4D
zG)FBq--TGtb|z!@SF?J%u}p?PZDu+#vL~v}w%`i(n53oh$(R6`QfCkFd8u5#_hU>y
z-ps&2x0I@Q{6+?PN4Nz&AOzG|t=K6C3+rB~bBX$;J7lD`<cv$EARNjGxAH8b=4LMD
z@@ygBwaOU++oR1o&dllS-OZ<)*_|?++1K&1y7h{|ETI~j_+TY@Fu8-?d5eXYHw1mE
zaHVxucf4B}LQ8$mn}_+jAuG0q30E={S5wqmGyFuI;T&j*+BGo4Jii8qikz@7Oya8w
zil1~&(Uetsb_}uQZ!!{U0$g;V+#s<|jaX-ToUjIeBXyp|G)Xxrvn(MrX==hUnvsmx
zS;Qmx%Oc=y+}dC~p*D!hhP@3Y8E`4+&BE9tZB_cXa-`l2g&_Vg7t-W_eRYrI6^!|D
z+i!+O5z7WUxPW~NP!oOD8k;pRMw(x0pYVsSb3?0%T2WtdE~FzH_)nxel3^kjjk10_
zovBttTdM`*!Wl}Wyv{kdq4L1C7Gb!tdWbRAU|xtsfz%TAa?Fx1DU_l@C)n~NqN$+x
zSviN%WZ}yruDTHE6;=9Ss59%##F<G5>^(7-L}kMnDN5QBn)94gQA`QvRb25*nmqSo
zkYcy28&4?fqOxHN$0UFK^2vk`uYath&i7vdaON|5>`He6s19~61J=6~TxTa0gL=0l
z^3RX+UV8vNePaH|*1BJ;mtPdb4^PH#SnoWBx@OA<0@%L0QmI9GU|Yz~nEhK`RePS@
z=NbG+FE;A@C2v(e`#<mw5feVYHjRp$V89b<(;vd(J_FVkDD;=0P>k0yIwO73lW(gf
zVLj22oibkcWAgRSze(4;5-M|z7%TQpY8DkdiV7096;#cIJV-KWws{n%G_T7j4M24g
zw`!hDsG6g)L1RTFZ~pSDG*%xgif>gLQU5N_h2IoitYIiIVJ;WzjnpOhjNB5XqOZjU
z_Qo|x3=BIq=I*<J#JrIoeOhe{GpxyFd^Mj$>;Sz_v?&Lb2%AANt-y}1+$41xsWyu^
zhI|~%49|;%BxRk{G|nql_#qmJTVPKn6xdPOu(Dy2zkU)MbEx!o1>;xvBE<T@fgU<c
zdk$R6$WCtHCR!6e6lKMgI`SZ=EI2NWr?A_X`<GGyTyG*c@FzN)Q!K^@x6#Y9*-yRi
za+oS#QnW{fPSECQMSFDRC~M<5l8T&U5y01AP*=iYQs)I_@-QQsy76nXTeMFm6zx&j
zur_0oN{_>s5mf$tYZDA+<CoR}b@(^HhcaY4hFtSrE#^v-Y8&S1D_bmuu|`L(HlRw3
zFZ}}X$o5g;Y_HTWzjuK!1APwMy<Uz0NG2cvK7_^3Iwo*6uE)~Y>k7B2Q%WnACpDrN
zY{<ik6X)F4Unhp!x_u&YKT|x!1OTk^$r)lu*c)roG>hxDAbA2TlX(MWnxY|1%jG_i
z)_G0+WtzlAE+i9>3#e?^kj`$#LnS`xz<f9j?~M2r{9)NGx_jw=AG+<L0Z+Z{wV!rb
z+;#>*s2a_?8<hsc4B-5>J^TT}7BH<i9}>UtpnQ<q`uiM|(f3p&Ig|P=NR~yV42L3l
zP;N3xs<fqY|A=VBy<~)W;#TXE3DtU3HmvuUqz;F0?MG?i9strM!(p4cwZYJStnv(2
zcy7!9^64-bK^n>iB5?Tn7Hl<6RZy2SP#3`6>)-`0f!M?O&4sAQ3HC6px*ifgBMGcs
ze+wX@M^!)VrF-wCW3MfI#hrFOj6XTkBCt1=XL;O~v><6yXN0zGNvb4@NXD9!r!`G;
z76_@_f_*ZfV2{d%EdrleCf~I=9Q^vxXB)l_$eogihS=JJDr9yJQmdMk&Zzv0J#ns*
zLA{y(rHsYpj0L39nk|NJdBzu8bqM(N<B;qbuB?*S5cAEK-@4z0Y7v${{<K&Od0|iv
zJG=yBHQeS4;{uR&>*4a<(!KQTS?iu};09G<S$^Wz_g_?D>E*4iR`E`1w%i3@z&Zw4
zBTeTyw&|VU^NETCjQoQZ{hwH>K_4kfvQji@L|Q=;LQ~q3vZyPPm2Cy-qEbZuQcdDQ
z3z7-Y0#r6^jc9AAw^W0Q4ZU1y+Qr@s4Gk|frAKzp0O2)*<my6b2#n%|gi&}3HLAuE
z4agVlbIL5|JElF3&xGo0Kih8PE&L%A7zge_?rOgY2F4E-0Kd7rrs|OHI`3X(D`qz@
zp(G<ecXRjZZuY-s@_%i%*c4W~&KcMVBEN|msLG@+%I^)0D9`VRMMX~7K_`s|3yS~4
zOD_qrAkjma!?@JI8O@G-aLw~JW9+4uX%z8Vntze!HK9>Sp*=4rQPY$y{HtPt@YKbH
zBolBUsBGB$G0A}WV`6U%jKSK~0MKwMCd1dSa6-d`zhMHV+2!<HF@rO`vj4Eai8uDs
zuk@!Cg}Vi@+DoY`s7>_hU@z@<5fR#mH9X_}=R2UD+~_*a>~1?ZK=fbbIvZ)@@1>pG
zakdzTkqs*%wthZj0u?#I)~7)xLgJU&I#Wgn#}nmy30poj^_hV&_ENH(MoAmTgmW2)
z(}bslC2dZ44&c9%)mh=MsU|LJBAI}iKxM<Wh@vKJn$aH>qa2*NuxLgiSdHD;>0o30
z{xIhcp86!jwEcsfi)piy3f=@(uCwgBu+uBeE+W5Ipn`T5oXM>bN~~%~pc|s^0BHw2
zgF?kJGwy5F%%KSdz~;jw&JE+g_nMpugft+;fEGQE1Mn`yV9#a*#YIjq*lD<kkoZ47
za7K(+E&QkS=1<8R`F}^2m%sfRBY#`T|Joao|5Udk|9jcZz+&keeM5grZ%^|pC|09o
zBCiD}NnQY743oFR^NPeYs!PGkCQSmVR~M_1Ou%ZOvSGi1A}mg<VPNt<TVvNFF<_qO
znk{>#w$1CcXu8>=yVn%&?m*pP$e{5>F!OWK@!tn~mX74GjA3U4>YB#z5nIgAzn;53
zPF|Pw$Gw%EKD2j}%D+I|VnapDJ)DoaKt)b)57ST=A@K>VT7$cG;&c1EP!Nt-BKDdX
z&tod8jO0aL5L(L}zAhOhRh6Y#nl>yCv;e0r5F?!c#6V?(mWWFFqis~oqMOGmqS~Mh
z`WfuZM$Mr7<M|b~<dxhc;UKMc#g*WI)R-Ndt!6zJOSYbO(CMWCS*jj+5UjgXvTY~n
z0ibw)-Q8%x8n}&A_;wAuyu6@|Sq^V+H;U0MWC|jUK$`t`0JD2LMen%(e25=FzZu*Q
zpdw*EkWPS|d<cvG3*&n9rNnKK7I9ILQWQWr5d(8^#EHmQE_dTJsuDlpR_Y>R&__ST
z>MusbppqY?8+^$YK;gI!wOe?;^nP>198a>rXW$Z^A2S5g*)wB9S?RsJR@1C?4>h#!
z9GJ+=*e^WR%s!Vb!^+USS?HuRcE!cQB-A+UC@*H8moSLDpWiPbgkN$+nW+y9irGj0
zSv7vwcBz$<BDaZj(>?K<?y6IYxYORD4;i-01W?tcwE}*>d--Q~_G7zGc=wlIumn2#
zt$F;z<v^Zv0+8oJSp0t$yc)etR+M$xq%le30>-$u38`TWLY~Desanc;>+kVSUD#1N
z0d|DShFt~@w{cwt?k!Nx4&XNEZGGvDeETX3Cr!~IJu>B`53cqj`h7mxH7as~eow;%
zg~ZR&Z_rz!Uyl4WS$0dJ<cXnHy-208R}-_0#s!T@R;DSTZA}RisXUZ6Z9&sG&v+V$
zeO&-hIspKL%7#_?Yyc1{@lv#=1JH6TtC;jKI+VJwX8mTpRq>&&cS;HQH5m3TMSQBs
z1{L^NfxUpaS#BYZ5JY}|5T?dsmr_T>fe&RjRu&3d0X1Xy*U*iF?GNXpicpag>}MLP
zC?tL!uFe*^i3tbDBeZWV#m+Z)ru|^AhSP#`+NPw9qm0lj;iROQAXS}4MV*#e9sm-h
zE|4gl03<?X!}fzo8rXyiAH4};^a=)x`kgHmCz<N;2FutrpV{4qn|?&3?vz_?wCTo{
z1{^VrCcQe=*LJnj*w#OHJN1+?j!EEyuD)5fGCW1UeuN9{nd1JhRJ-2uA=Dgi6|>Fr
z5l*Pc3AQ<nJ{?`TlmSp)@svb`kg6|uOzO6U1d2$CT82Wc2y7iLVkn(}7(!*ksvkfM
zeSLZJDx~|^C2l)K#rHV>F?3bR;D0PJth<HicbY5r_3Xv$FG8$l`|3VZN;yDGwTe0h
z0QCob+4)-01Rm%wqL$}la!`>I)N%qV$A_@^zkbWWUJb8Bl-0E$Nd&{xXcft5j~1jT
zN}A9nj`PA#8<M)%o^%4X2bB%m&DlipsKkE_tPCa$Iv)P?0~qIMfTa484Uwfif3Mcv
zkNG3~Rl(L2iPZhN+pbW*d<icIDs+MgOhe9u#KS$0@~C`09F?z!_eF;HMTR6TqU6}a
zw@DJk5%7>lRBjFt%LywgMw)^*Jc?`Dl>Q-5sf%DqCm>i**|3shlK%Ywy;qCUwETmI
zQH9MKJ+dFreKT8bA8P=V03r>#Ae#=z%5;8N&uSlkWjXKndeY{tdzu+14MAg$*(g*?
z|K81<elO294{ITwn{h>o2Ws!uWZ<^|y;7GGa{B|IcspBl(9t;u9)pLcUa_wOzltUg
z(EvR8N-XBQ+X7{xZt`4p-*rY^tk+u|si|fo)--d&`eu9t%$QgT!|^6H8AjU7pt#rw
z{S??!K{D`rr(?*GH-^hMcP~wH0~{}Khy!8<G=qOWG6xko!Iw-!=7hxm_1h`-YO1`T
zqTsN9Rym<@8I!U~A`(?CrAd|1G*rEF@j2-Pd=4rb_B5EJdji8fj+fkIw-*rK6K8sF
zJxDu@y@6Mn^#jcPq9fVviR`)4M&$;<=pABac0Qg46*<AorVV63S7t&UplayPE})||
zDO*z3a=)ZJs|%6RqGWzDfYe2Uq!Z8}sBBn^y=V|W82~E#i>b$;YN2W~3TXZQ_QmY2
z*5#&CV2u?hv?c>M!s{~tJxqftqF?6&GEk8d^lRFP26W}DNm`cWoMbtJLq|zTS+;@{
zNs&@c%e)Tg7j-cXbOOc!l@00_DtVHZM5V2UnaZ4=mZw0!_Ph-^LPHdNa2B^^(W}Gs
zuc2y!D=9tz#DSqVhAS8<5>_xet<oP7{})#J(U($lmez43NYu9SEW!jQjK?xo;IwXH
z7V|i5{krc~`ssv9KPns6eN58mzV}Fi3WrcJ8t|gX(E!^6+xP8DXlHge?0xvVv4}qp
zxE=WDqXxjtrGb2#H&CM=vH0&~IIqG3%hF<THd{69qJ@_1VX!6E7}x6snCi3!Tb73#
z%-}9z!9ayhFu7^P^N{$z(&Vsv5)IAkDlJGAr$Qe8<C0W7Pe_?oDXXKj5Sf3pCUq<2
zbV8*Zl?|I5O3-l<XdV^Ul;)b*e@xXLsWB=|Mxydg|K*?xp-#6tDeT18gRS;JPylB9
zz`nV^HbB;0XbWOJmkjMdg-)=ZX+t~EmD@baML{zX@wO&3lX_Z4QAwgq2Hz}+d6foK
z)UABe36*bDHmstTP3=I%_89vOO}=WTk~(9x!!r2mwno#wcx^X`*I)0n;1axZxAc|S
zETqbrdi7N_vv+JWdkxv0)q39B4d&U`cdtKSXejiFyh?d_y_-&}cZbCPl`b8n%xLqH
zikg!uYvj2!$pop>q#~jylcp9;ltqCk%B^(M36*YCHf%5Ggo|LS0>0>Wsq!KYXTN19
zm;baq1bW6xGrPOHHR;>q^i0yP|FV!@F*N!9ZaXMm%x*R_sSAcz{qvndVLSf4J7iyS
zS??@+Z7rZR3J%OLhX4$80BF`g+J5)p2D7j8E7qvU3Dz}@lOrTPp)0{`lxLb0_9mjD
zs$!TCoo7`^Xj4U`qA)x<ld)1BWlhTbctYw{(CLH<Iw~7BDesVs6YL6;hq|EAaC`Vx
z8_qC{Nztqu&EGt&getEOWbOdOg-U{<iiAd>C%DLqnbbe?cla9&e)-ldwlJ1JfkSFV
zd<+-1e^$n}6B^0Wz8*q6P9C;_*Y4*m0QW!$zsG<EK*ARH8xVEPZa5bUGj2nB1NfV@
z-`<)%yaPoNVre{FK4+Dzm_w(qW*bz$l((+@j(rdFUZrW}-M~2Hfs;q!v3CS?sYhk$
zF&}U~JOC9r!3Ru(2ZY4Wt&KiN|4qI<YQo*^BkB8we2dR>1K7(bQr<AZIVqZg5?VGT
zVG)f;S<*Nca?7nsKQ||J0ReOZAOMvOy8$oR$L{n8+!q9?Kim-XFq}Ndz=2zEy@IWU
z?2sQ0U-FCDUFRHzh77|vPJC!D1kVEC9;eOF0vGlMC+KZ>eJuEOJ%zNrCxZ>b%<p_s
z4^-p?^P2`u2#Np0Y2uuw!9xm<aIYZx=CZhoXqgv;6)-NeWf7@q+mck|NtKi|Zvs5J
z)WtQ>3AhGSHf*b2W{wlKY)t-kz_uBNb90{DH>hWd48!TUy*d&K+uz;kzC(zIpDQZ?
zyQ{^nRYCwh@U7o<uvMxIM?Zg*A2QP?#b&#52(An|Th9!#Ek{@577KMDXkS!MviA(I
zud0ESy64z3aUqs_J`eyEIl*!#00BOER*o4@8mZ!hS9JkA7&)m~T#_WMV<uQp=2akH
z;?~*eggQGa`>H!C^4cS!R37Af`i|0HXoeYG4L6+6cN@0e5NSjzcdd_o($)7U7#O{}
zH+6A&1)EN*V52KnN!G+|$w?HqDWOdI$cmQo;Kb@SVsXow+|Oq~-3m6HP{BrJJ^F!`
zuH9VkNy>s<>AiM5(18dci92(~#{Fiokt+ZWJcA#!ErNG<w`0Oqp6*>5T6w788#T<S
z-vFsa&*$BCBr32&Po0{}3i1jnn6ZZ<0LQBopSvKS@a@m<Zg2NI`}eu@zf2>$)Xb+3
zH@2MWRD7T!W9ZEw0JB*V^|T8G>3V<t*$xw2ZS{~t`3E~t=W1X=TdL6)L%ziw+IeLz
zB^~u#L#5r9gxMhWrJ)?usKf~dIIYBwu3W?ok0Ra>npQC03Cb-Mtw;j1okY%~G?38F
z+!B8_p~R2M;s%I{oNa*Um2O~Uvr-NM=CL!1Wj7XormKzH^{VT|bEht;`$p7Nh?_;b
z`^zumnPN{lRnlT_zLGYD!3O6Wh$m#2D~}SUQ)aZs9?m4ce$*+B(F9%-t>IV0Swt-~
zraPVu8IyMwRe3v?F|d4}PtU=g<r9IJO%7UHw$rPm{VFuILW{=eaB1{)qo#vOgiR-#
zHXQ?9xhjjIO|z6FSrrp1%9@mE851Fc{j?QL9L4^<D{~P7*#v|DDtjlmJoaKCJu0Rf
zSnjqp5D8nTEN(kE%0Q|&q>EKY%uJrl#6oGjGrL^F2th-47L!4=9?WcDhI$;R{v86j
zLT>{Pm{E}vlxkXeJ|unyMb>!GwJ(S~-al@nrR(n=VUb0jy=_?B)G``tc$E>_&{7^-
zITYm^&Z0KwS?<p-XKocfn^1*EWdmxBiJgS_@<?lK{-U`b^d!9%yVu?y)LQ<(^q4A@
zq=FbVZ(;MK=WZz+*rMAuI~Z5#wBZl#P_Ae1RrXi4!83OEd>E9hrOiOE4(WhLZ{K$?
zK!r}QgK0hRA@Pf<F80NbZ0BQQM^|JH5a!#>17Vz7R=0JxK&%FPQ&jE&F)cD8(n<g@
zAcE_0(o{v2=6TJV08}z_fdSbBU;ru`uo_J4G^@d+-&^k_4+NjBy5C8?-fh^`M5n-R
zykv`~&7AkMSD@~i@>u<I_C*F65IkMYUK$2I$e(IP7X7)u%I|cu24Tzh`ij2NM+Gyd
z^VS@p?ruJQz+#h2PywjW2^KT~74XTka*;)>j#*8j6gmd0tdU1+>Bo6lB^9sZsAvLy
z+%3Il6H4!>Y(OJXF~2IJZRN*QaiHEN5NS8F@1jOD^Ub_l&j-Z<O6|A5ydTFa`!ou>
zBd<nXUJ1{pRl-B!e<z<@N}nv&T<&=U+N|yY^l3*{sPrjm?8##npn})|_P)|2V<Jm3
z`30vG;+dSVOe7?UQ^rM6*Krc?%x=9rn@}%DWdnBLEtcbUfQkL<>;StXuN_=Iz#;p4
zc6;NBoS&)4ExbTPiLr;RM4i!wHKZtWIBUk7R7J{2o7Qy{r7f=lj3Jp@?ad}sdr{ed
z5??mg0Tr`Ulk;QByr+=vfCc!JqKgBX^`$~Qnd~N_vzK&tqe3V6?r9~|kof;l-;Fnf
zS9y_(mPAs)q4lC6tWIL-z_To(JmO{Ir%}(`!f7_4aEi(X)ZSY)Rr79f-S-YPka}!c
zZb01?8@cqwwS4p*28pP{%#~{&pI*(bXMYjvTF5W``tHl8*Ka@1p7rVzN`9qh3`p<)
z_D){+{cI`jyUpA{4FvQt&-=&cvu3NtP|r90OqjyNZYosG@o}4{?H#L7{QrHCMU_0w
z&f%_hhw^fFT8la<z}p4tw|f|sVj4m<GyJ?)B@5F{YAXjyNUjtzYwX>6&HBRn>IW_Q
zPq54Cs9hejNIkuVz}bm(OT;X(=S|YMj2WXOE@045UQtrP>@OyYrf4W|z!iS8bgR1A
zgsLto8!$_6WjA1!nC$;=mebAhlCm}`bi!^st*ni%ob$5gbxVn&?4fy70XcX?Qc)F#
zvBytjlDTE=Y(iNZl?@n(w<{aB4YZEE6Q&KZ+2@<B)I4i2W0VFxdC*Y1GZF`?PuqUe
zJ?<V%;IqoA_O9{y7I^ioYs3@|yJ4@wU0%k`rj>Egm4W^#Yx0(`Dwly$l{2YuWk%w%
zrKRfDF8%aSxm(7~CzNqfS--;JVqS$q#f~0wp|E*e576uQ^Z*qK>p?!PCW)@h3R>_q
zi%8i}4m4r%oS3qfq*dC~oD~J90X=YQlKF(1Bq|%wgFwr2KpimY0Si3jf#K|E3p8?v
z{ignEJ&{G3Jaqj=6A*uWfA?B%n2+|WSwAWdbR~U^n7udQmM#9=8OYyG@)>bL=v{l2
z@ABGZKB0E`$+I#qY9_L}B@JsULW?{m70+_gR!LdKWfjSg(XV`N<uIR6IYeax%7=>i
zwGI;lb=lpkRD;Q|TN!rI`TfIYU^~?ubjM1J(8<wnpd+Mz0I!B=(<K!^ROke4n$~KI
zt}LjKTUU}3E;1@zS)G%*&TCS)EY9ktY>PlQc<xrz@(C3+R5qYZlPYScv}VWsX)T=m
z*2|y2j6iAdVNhVRv9?h=J3;|I|K55&h`->UrW|d(*0c9Fch9jAi7JAFgpOD`)w#eW
zbxCgUzGKj~c>r{jhFY6Y%??^M9u+1<0F|S<@tZp-xB)B^Q|vxZN4z+!WNPs}40LpF
z2i}6TqJCt1gT0{FC`&`rvW1hHnhm8cb+7<tc$X9oQK1tIZ(89HT{)|&B#r?4QI!#)
zEr)!Yw7x8%EMr+7@xbiD+$|jD6AFi@Y{2j?D;%O?M`KB8a)=sSQtd;9PEdnsOwH)Z
ztcWTu{|s|0<QX;=lvE<6BrlpOigQ-xZD2Qd>t^|cx)~}PP=f$Xb3hx=^4Sspd$(22
z><xnio0~Av9|7kwIva!kZ?vCLP6dX%$Pd1l{ib^@cirC=I4Fn|Skugw;`>ZI0vU+V
zBvZ%MA9}d$G+TL^ezFvzn&NqD(ox-ZsYn~fAa(Xxq3}S&L9uGt1F4TTRXI!Z47MIU
zGUpKCG4$3R>3)Mnfl%u^w7HU+@!xIUNIbInVi?PF^l33~d`Ynp6*|ETC$ye^@~j-i
zZ5-EyJi?U?aQtNuR2Mm+jo@*`>LwL|6P;W6%O_O+P}$F#vg~*d>uZmoZXMf2ekzUl
z(n-a6@>wT#NnucW;)i?=u)U8X*7U7r{)21JUE6WiM|A0uA|NVsf-X%f0*1uTD>e+2
zDx`-I)1+J9v*r8`^@U$kGGcj&!s-$i$-DDmMDelL1muEclmM{-z^h|g!2VMak)?8D
z;vA55e#LidfBA&kA1WJEe1Fg6iTG;tDmLc;1BvAk5<I;80$^g&j^|YrX9J&(inN`T
zRVe<gn>PayvW$S`7rC(nJ`PwL()tT&Sx0x=cb+@NA=s$M305+Vyf`EtZuVDzT*4YX
z_k*-+`F^2A_*(9j&C~UQskU+g6kFFCrby%l$gT&RwzQ5Nb3yuw(RXBlr3A2kgw`;P
zFp?(HR9TZzUI5h3Zz66TE}u|`LuG>|f>z>AwGQM0vmcL(|L9kYi~sz$m3-q+r24o2
z{Q-Jspkc+myqd}jzHPQ$&UFJB{HQ1aw(GI)z=`WLzp-NJbT0&~vQA&wOvsS#PF}C>
zeq0SLK39tMXNH*2`NYJi$O$GiZP0f}{6hZk9g{eZH3xkc7V$~|4oIlT5>nMHRd~QM
z6A7RJ{ifnp<njp>IaD@iDwv>Zay!*ru#3Fb9qj+T?KTVuXx6HRtn(~vtqQrjs_vXy
zX3xY6sp%Ujx^P<TfBh&8W-Z1c96MKdju^oC%*m+82?j82lyyivyoYGe)Y!SBHrw^}
zxapct>_k;2Q%2N)1k4h!mtrxmq%C+QgR3@@aa9bnm{P{ltV%+ds=_T5786Q^sBFj*
ze2X4edsG6(I{a1XJRmC+c;V~oyPwrh!(3K7(^`f~-{$iCJ%&ZvUd%je-Q7H7F<<Q_
z0ia*AmB)8Dy0Y~Xa%@F!6zz;eCBoWYOshhoD|10xRwwefnx@j(Hd#ej#wwCFag-(^
zN=5DGJ1N{MWHF%%iOL353==%Z*`gPD-#QTl1mH(lS+5RwyMF!nQ?F+hjpG%R$_^g4
zgT7+;sCMHIQZs8v)64UKbl0MJ0k;lARoKARY!c!l%a`kEpn-a3TZYG}C$GNzqVxHO
z)09k=0qdDZ-w5vAQIQk$ds?9rU76P{YvQ6NZ9*eLle#4=Zc5V9mU1ETJm&tKOyL$f
ziwT8JR5qyJo<$L5#v3DhJr6;D^9}_T)L{gJVU4{?{f&xhA_7%)fdbIdRcXV?qoU`V
zPj6;dYV^WPY&fP>=a2nGMNZJFX)TW-@d@Y7$GJ)en2-V3Ipu)^;GcjEwPfhTyxz0o
zYV>u9TqIE*7bMNgoKV(MQWaH9+OkSB)-bsP_>Z84Tcs@~RB2J!pebO2KkL!SI)k_l
za!8=p84jIxaER$`->`cXI4EKXfLh*nYm+P6X?WL7@G8#!kJ-!lV)1i#HM<3#{Ef1g
zXYv|DOXM%|2>bkM_S!jxKKn8dO8`@sBF4Ct_q6C%@OSy?pMm@J8T9hNzpiFCPKz@9
z=K1cgK7U`rr{rb-Civ!)R6it`M_-9Aaf%9^V4BkymP6wI_^y2P*{O)rGL~UFV6O>{
z86#C(P?F>oP208v=(XR@+@fqTp(u;W1}WrF$(M}(zFqlD3uO`(i<JdPYa*3h=9B?x
zI+oz{Vs@9pc9ip}i&2pi)OK3KW=Q-(-bAyDsMmFjE^)t${>)Sj`o0o4n8L9%SI1I$
zE+ud<CF*2q_8Y&dyM^asLg5*e4Xb*n_I%Pb2=prNcjhx5VFVv|g)|x1XBh>+Tu1ra
z+n32;9^<@5Q-^hYygI%18-;pUvQ_`k0X(f+%%0u+al_$P&*9{<VZRHv+@Scwj9hQz
zfWXVhXky}FR)D^*ao+a9p?Q#lEpY(o$U}+T(H~Sp0#mHZdxT+#QD0ILMuko=>uDun
zbmcTkSklTvM+%cDD9hyWBh53yD;P|abCx85<F#87E+&+OQQ2V3by+(oDrU|goB5+q
z^_JNq+sJ$G2cX)q(OLtK{RsKRH0OL8T~y=*y_rz{{p4AhCQVu-GJIeuD+tY+7G|&K
zB#w(z6!I)v1!k`oZbh}2P*Fu?!;Te`G>#Ql9h84oP5skT0mnJ(`-3Refz};hWu}nq
z4bIgg1nnrQ+pjNg^$-+n0Nl=~li`vFv#qR~Rv$YUn&ohYszlF^IpB*HPkIQ}_)G_P
zp(*Rg-TPa6DQr{<`u4o8^YYqmF|D>668{&DN<m)=PkF&=9+4u379J{()A9^0{}qY2
zjGH{m(m-C`E#?*zin*vP&cx^y@mVD<XW{@m<);zft~ZdVw7nU+ptS6|KZK!{11?kG
zZw8Bl+{h!$tukls?b6Gqi{1yGcE7ypT1@LYL|10Cikp^GQUNO=P2yC>%yB`4Xrqc&
zZAEi`TW;ajIEx82PE<A+7vSZ|6EK^ow27B3=Yz_1>s~_e!Sax(+^0Dw&UFtE^jhq8
zziL(b09c!cPP*h52fxu>i~TUT#}a>A<alp8JhY(U5gh>L?(9$px2_6LDphK4`6m};
z@M89UGh1yp2E?xE%Z34Q(iqf?lR@@M#zdT%9py=FFKh9wgD_qr@&Tv0d{VKLPV#S?
z`R4FZegYuA;!a0Q>XOz<ROke&n$}v0u3Q&UmdANX^0<PorZgceiz(qvT_;V(E1vmr
z(4|{1Ehp4VQQ44Hp@QDiCo1*JpuoSZ8c<J@Aq6#6kDy}}X+B$}dSlvut3I!fr_y;V
z4gxsML0g@j)d}RwW^kM~yIx*X?!;i7YjM8?X8sjK_W+nau6pR5`&17V3aef@Z9HyB
z{H$o@cOg~;j{XPf8KU2Qb6&iHz82cVs_U4*kZ5_DkU>kO#zdDiDqEpuMEmW+E%KHV
zioB?7&@Rv(Rqr<AS<eI=4nRQlim)C=KMZ%XOHT9wTr_7Z;bN7aePAEia}A5PM^yOL
z$p7hJ4q()@Sah&ez;?BIx&pFLC?V@ILc13IgWK4O*$wt!XcUA>oM1H57<5D86Xvz8
z#bdV-4zl@7i@|QGFtiZTSn8Tkkw=6zB_okT3*omIw`^QaC>x`)L5uNr$bRgWbE%m!
zO#ABxpZ#DL88;SlrLiG<>}8Z^UGvAoVN3&k`PGrhxOczYy>=$AD+as2ey}F-e3%jE
zBq1SDIW|6qZf%&raA$sHH%83dF6q=og-)=zX@%>M_@pv}`Az{Z{r4|5pzka;w7n#Q
z&H^grv8k*$C)}a!^;@J{y)GwIuTj~cMFzTzA;cT)(!Z~vBZXmFDa2{7e{96Ew|v)%
z(i$G?#qqywfzBE>FV+M2T{OeFXgKjebT~6#uAL+}d-m(c=T3*Py!NOaJ2QoKdJd`w
zYLKD{J~eF0cAUYGRcGkJqtFDw@_0134>#AxVQ_*X?1mfPE~OV(JdMVG@Q|2kW3LiV
z7^5O581}TXcS!s~7`L`uv3!6R-?$bo>|3;x*v>R(>`f(x^O)4o1worCBXveODICsY
zzd5@_@^V6v9F+~4GbVUiUmPZWyc=TNZ}o-sxlCJ~%_C@gliqr+>}M^Ya;JJ#cO*?(
zz}UOlan<Zm-H+!sf|2j?lQ3BguG2dcN}bx_N?(>WFfrB69ByHl@wa)mForLn?5`#h
zAy#-vD>f>0f*nq)<A=n3cBp=5uqSLS{V2Q|BG+2WcedVg0O67G1cJa%&}YvKi!#Yn
z(*$iOsme@{#9>kPTb5gsFDKOGQQ4qnp@m$rfpFtDRWY=i<gjJpriNV)tm>6MrKuRu
z#EV0VwOMaw7IY(8J4VOuQg$aD3gkK=w^y5z;p~gqXTXsy^dv9&nP%Rv7BKhFEH+-5
zfvKsfSK~2sC$h!1v`ebz_)8BP)3jN>A#rO=(oP;=&w<vjr~S<>yEf$q6_mPNl|;HR
z>FTb{JBN?R*G|l9haZ>omHLnV0*Ltni2DUx*Nm*L<1$STdRYgH#9m-#NH_@v7#L0R
zid1RalF}jJ^joA00w^bd08rVWMS4L1{@f%c`bEcjGOGM<8B(f=xhg2MmSm@a!!|Xv
zFbT^{v+FNazX#~(la3|b&#Mt}uq{6A4&ECljRX94Ho$K&qq?NC92GjjsHQ;+(3J~-
z{{r|o2k<X#OR0?+Yly=C8tkH98(nBYIRRRL%6=J70f;*OUAnc=t0<g+JmJ_rp`A91
zwK`#0C#~w7gCZR?Spce~g)iz4)vWCx=T!n;jhlmEbM|st1}wn&s62V;$wMaTf#~P?
z9o?wN3EDZW>K_ufF8^K{?6y`OUOoG@d=cQ!)eq!OeJj0k=f7;=t<UALX0sOJ8pw06
zZ@xh{0{LM4`Oo60CVuj~h}^Jsl9p9Dp<MnCYs!*j4qK<+Slmi~Iib>z$_8;bsN{)L
z+wqmR+Bts}{T#T6rT%_ZXAb9_Fmy!iCIT#H%yI)fXF>1&?3MK2TS%GT4tPito5_va
z!D#LbXMb)^L#D0u$Za&Doi8=LjiyGsX_)SrePcT{#@sz-cb5<$qe3TG-n2&WkoXzE
zd7U-*E*1+ioMS}eG`S$ghCMrtBi3*kXf-vJ#+J~Qu$)s8Wr8=N$at0rzp=TXh;jlb
z0+sdCSm9!7TT;1cu{i0(5@u)KJOIy=Mbv}N?jYz#wkNypkp3PLVy0v@@5etK%h_8P
zk2<WVgS`Cw>H%1LxMIiBx6<43cimQ-d~F+D7Tx`vADo9|@GVeIDD(w*t?F_}LOHFw
zJS2WrUQQlMmSp%0>CN{?#*pBGL>%^NN<-d5Ai*wAC^41cph!vOkoS0vu5vLG)db80
zDjPbSpn?HJ8!Bf?wd`KujLdlHg=q~_gSeGOE2cJ$Mpf|SHL#&M6eN~D&LEY>ug{dU
z9-*0Rm<kLOZYDK1gWb?Xk>&t2UrNUVEt@`Q9Qr^$qd|qjMpI1#Q-s9NG8zWc2>%dj
z^m9)%2Og=n&Ar&z%9I+Kerc%~eN9<WB~X4MoFxF&ZW&=P%dZtxlVwdrdFqGwS1!1s
zngFgqWrOD_RC3s<yhnUg9QGGrM_iL%KaP2=u|m|2i8OF?{ak_U+~f_W>1V?qP>B=N
zd|Gchx^hJ8Qe+|{ams5#>m(tp%@dNbQt+0yQJMx^uM0A$CV&i3+2G*<mE29u`cD|>
zMaHVfPGIk<kOI_89b*<nDcC~B`sRSq%zLJA_iHO^!I3u0bSy)Q=-ee3095D%wVQ?k
z2#HTX-I!7GXF5>qO+<w>f+kBz+Q1n*ZAwxWf{{Fp>!N5_CJ%gmGjJ>W)r87EDjRm7
zDDSw6{O$1+w*V9x@B=1HE3~p!XxlE^&KF`QG8aGO*<_=zn=*{Jmxr)kSI1>+G5<DS
zZxwTz^r*9OYPG!LBQOyz8X4X&71_8IczGRpxku>rQ<>S}6g}L<H~FP^Yn`!zVx>-#
zK`V=p7P%OjW&}KjD#pXx-|NINt%ZXY_4?!L4zD})$LoJzZ2sKOn}5IG{P|i2zi<P`
zpANCzOS;=pp%ZL(8sRs(GOO#HwJ<8AOkm1h8<R3^Ymz2a%i1OuBJ)oxs@$@9HKA;d
z%7$&_GR|*QY=D4`1)f>EmG&}dDd3ycX;mvKu>0-wo=XF2VUy6L9I8saqoB?RFu7wa
z<$-$^M@f|A(TvP)<rb-S7P;jZO&-_7)De3YJbbyl)Ll(u9Y<H@QBnYR2x)0Vf#;wi
zb(%ILt(rW^SWK(jk1DR*LUT2t(2UB4b<sPp_XNL<$?r8s8^yS>B;WSZJ2>K-yN}N`
zu0txX?YABejXIaQH6s`T)d2Lyybka35^y!G1RN4SCo9=J${!)<+s9N4M|1fH9m$*-
z!C<eaZCG2!ZAMZdgp6P^N?6G&(ulf@lS0%ykhrYe0&g{;z>CU;Ey2(H?L`TrvTsa~
zJru}ni=bsWV1v`vMFEBK)m0spcX<HP5XGM`XZK5}mK~2z9LxI6;89gAqK9L`lQga0
zzCJgAD2<nb<H9$#*s6HR84;yxZ+bDfQM-g~(y|_2x1i5{bHbL9giw_T<s<+0)vP&d
zw(79bs~i%v_4d8OAuGt1E(5Lv`(1T%=}l_BxpK-V^%|Z?9bv$0zy}n13z8oF9NlIv
zDOsaJCpdv=WauGrpA+~SBY#^N(yjf9goz=^oU#7e(H|m!GfEY%5QE2FMVj)gG2^pR
zLffbzb(2LTkK(9pxZp|1;N2Q}HKB%%$_A6B-V*w$2Y2iu|FaJ6=U2v2krRwyT4g*W
zeqJR(7l(+Vvlfr@UhRE5n<AX)?6Dq3df4}U=GKV4ucoZprYakfq(TOXHH`?X5+M&P
zO<kpVmW2pVDz|`MO(>wFvi_PLDt5D4z5VUfAsFaYV2AAWh~CCINWA;`=P%c4EK9GM
ze_Xzww`?Q6v!~g&L?8T}N;|v<ry{6k65AmfK<g-$u;F2ppXgnB_lwI*+10dCc1ZlZ
zE*HR18|pn`E8DdTBqZ&8E#LcMfz-9p7Xd(AATKAtUap({0f<W!x3gi;^4ox0*RCei
zwNcsNZh;Bje!4R-Tz`eY)9w%Mey^|Or+y|c486wo4@;m^nfGw`p1~MxsKc3{YB;qI
zgW|3fa~xFWr2fN&zz*Ci^|m(?+FYJ2$B?R2w9KK8fqiCSdp>p1ZsZ~Wd+L@8DK3B3
zfgAg-e%YFm-EcW&n~mmi1W}DUnRRM_vXp$`qLAg|$&gq+AuKTmW;{cT^iBTQL88lK
z{k}iIFU?~CUzmJS^K|MB?PoPi*>S#+uXph3x}LcfY9ChbYB5(S5y%Cu<t;0yfdHVu
z(@Ll&aiFQ0b7%rb!IJ3r?e!#=m+z}-<@=EMgk1S@fGJ&5V*do+k~)rR)CJ;Cu-DPD
zs!5}olejLWKM@orZ8j~*>nJX&w5%)PO#&8?Q?iF2F7+q4Y`~x3f{s7=Bs|4?{0b0y
zjzmhJ(Hc}K^|{f5rnWGZRpC3`0U*zMJN=^>30I*cFIEmGtJ+bApP&DK?7i!b+(?ox
z_$u5UOqT?tr+B|~qp(mZRVtw+l~$>$!kImbhLi5h<WyuZCK!>bY#i*fubW>;kH|1O
zBfRI#{8(V7TA3L}CmCk$cKPfxm4lYolGD^wa~uDo;R;69S&ac!CdVYwyKT^aTgylN
zYXI#tuwM5Fn1SiW)zDek_-gJVrN>{(jN#!zPQ#O;mm8i_{J+BR@Yg}(GArAnBvF{v
zBJ9gzQWvx$Ssk`%np8!a)boZH*@ky{sUMeh6>M=yX>_mOd~sVIUVCq->O#9)^)>K2
ziVFoB&bK;~BC##{<n0~--6AnzTdpzwTo~<E&BWUFRFVQ7bev6c=1A0on=IV)v8ho|
znPK8AF~rVy=nOgh0cUOKVtj!V^|7IUCcVPc6Z$9&i0CixtY8p-6=r4$0cu#1hA?$J
z0lFUArqGQ5)r5KbiEaD29Poh4y7HvBq_m$;zrLQc98C88&iJ;|$W1t}6lpBDsN%v0
zlbr4BhonakzcbkAKmSXVhksQ$5k$k!X5q(07U;JZkijW#^jo;m1Kmiqh7#TIDlU>J
zib6z5vFCv%EuiWqz|~Ds3V~X|QUYCCh8ARANfTR1FNY)GvQF;`6a4kJ*PrwzKU-|Y
zuK?cFuR7!q7qggc>`hmM5^MhLN^H;DJH=(JPXv7^%h*N8K(c(z`FLQ6?Fc|%M`wiE
z!4EcWMI1O~wE{`0BLQR9U|w^MD0a?olJHY5r&u`m62Li#GitvvO9OVnj8vSSZEf`$
zz{-Z~v+aRI4*0Ql;@5P`#v^E~cv!CmbJ;GyCg4H~%+ZU2z$xw?ieVT+zR|V)Z$fMF
z;t^}b9#>dq-4rY)O_Bn&Rm@4*Mob(jJZVZ!+oo|GDXDF(mjfbjS*NvPg31qb94Ssz
z#5BFgG#HzdfjmRtq#J@4VwK_Lc)}Pflj)7F9oZP+Q_^4C4=|xf{`gF0EB!wCIWV|!
z*bI!+QY?z&WhB1=&?5c@sSG`<d%9t>>|}lc^Z>7WfM4qlYq-{xF+`b4l8~hDhCsx5
zOqL0!-cayv#IY%@`=Ap@hh)drj#=ylWCgg;0*mz`D{zXR>mUNz#MmsoQ<GOn3vG<D
zm;l@7nY2In%LyCK>Zr{L<v_Jt#WgAGs34_q9@{LeqntVHJG1Tka*zow>$GnaRRNZL
znClS#6sIa;>ezMc^H{;#httv0umSE+Wu5JmTqQz~fa3@U<Hi`*i*-L9miml@k@Cd!
z%$Za2|NiCX%l`vbFSiig*+Bp39`+C8j-wlcHv64i7w&-UdLrXPtw0Bi-DZcn-`C(6
zXJK&H-HEVP+&9c^9fV4)#s2f&8q#+)CTpj7(C~2|#G%l5tCPRtpE7H6Bqn_eVUdzx
zNIDX=_|><Li5)`Daa0&FWN)|tcr&9S?!Cbac;gg5Yi|%=m+ZxrdN%G5V<rAvzzzOd
zTG}*W+2n-NDkEv0ia;`I7-?x(@vKNFt7qARiZHi#h06gqxa@3IaYoElO2I`x?`v_k
z1@Av=5--zc4kI`;>;_C^#K-7})2akuDt-1y1zco-LVJNooZ@FGv>pZCZ3ty-3!t6#
zog~6KA3cV@65U2#66nMuDfHr%(2ECbcR+Rrjd=6QT-eHdIhX{Obslk;;4FLu7n>;M
zCI1zuE~vHo4j{I=`4YefR0+&@a*`hB_6wrKXM;d+kp)WZ1p;x3pHDAkHseF|$LUHo
z{@}VFv?4&bNYaK;QWjZAfXNMr++dphysDPAs$P!fz-67PI<qLEr6>aAvG14$_=3N%
z5&_kbs&1*Q<Er)uQ#FzfhScC4RzSrUol)0|ff!QMM_vD!K#YIto{K^<(nc~35}+C+
zX;?5)C2>Z8IL*K{<`ucJ75Q>V1}^JVWRz@R99ZV4<Dhqa-;IS5)(iC=QMlkc%g)-V
zp2GNw-$@pLVPCKLPEY$#Ys>tBnu2`zDe0Q?KRRfDHXpb0ZT5h)>)`cn#~%O@JS|Tl
zzZg9BtNjB^s9mjsmUb&hF~Dtt&;QUXOw{`H`p8;{F<yXXz=al=qZgXNDZX^ny?9Sz
zM<dW_Hk|m?lmZxo#`BC5dqFTv5Jub+s27nmE@O!PIg!(AHG9>paYi=2A@aaCptAGc
zJu3F2Mv%=|B`P~XYRy%^9`4}aF}Y?Dk=GLQWMXPPj6@=l)?kpb^+{n1yS4gkGa`>P
zKIpCR4_^HSyjJEi;_Ke2;Q2+TuuV2csLAjN%io<IE{i|ZoB^RiZUc(^Pzf&aGrCa}
zw$lP5Ec3w7XJ;jq9P|W8=z$|g99&Ue5Fn`nj;f~0XPae<$c7+99uNdn)?pj-_yYy1
z#jOLAK8243Wrjh?_TNU^xrgynQ#MDV=}uin7E%WhREtvw0CC$vcAot4G!}cliA5At
zSA1x=2S|^ZnBG5Z0K^CEJUR(?VhNSIf?K`mhK(UNm1!tFI<wm{0@?6s@DOrTp)Y9G
z(k{m?M1I%>m$<Ps@Ic1uF6*1&)$K2zKmYvY>)+q}{ORl4PhVdR-K!+Y<0`ANFu%Uv
zJ**JR!j`HcnrA!>NzJPe<~}5(YKw%l31@X%vL=Zgr;ZIyh&;dvsI0@XFtH!E{d#xP
z%XSVZ{Vsy6<Cn7zBDin>S5~$L;B$jEm+(=A_|e5(8<&2nq$|6g^r58BDC=yJEb|A6
zTFe42plQH`7Fd8Ey1^xW{#j!~)=f_VcFbUpZSqb8B7UG}FJNwMPGHJ{p>Cfy1{(ws
zd4M2LS%)!TVzx1y(ZPXV@T(lF%pU1_2d#O1i=R28af}4hmIZyYN}x8?^O2FAI-!)U
zNn*CCab%*<2|o1A?;?`>cKUpi@b890Vb(Z&GH#R5*5iA?jP4Q)11hw@==?AYF7f}g
z&XKbMB=r55R2zXb21%Q;f>|gvfuRY8{(as$ZO}vH0eV1X9oC8SA5iuKT|wD?yTBX7
zE(1ptHE!9c@U0a$0a=J*I5avh?N9bb@IN-aDuy0JPuIcgwerXM5!|h3M0PucACMQ6
z#g$q=1QbT)pT_2M)eIut&w4KcD-jS(ch=C2Lhr&ZvFd(5-T2iXxrAn{5oVm1z!gxT
z1;*(IS8$2{H!)6h{sLu^N}B+eHc87UB2}D31Q_5Aws77!ZNx(4fmlFgogi0Kaxs7q
zy~6(wApEBT2+?;vYu}ec4kACuflK_K)AJF9<nV7T_%MVC9|kdK?1k_mVO$)nBySU-
zC60tIoW(ieB4CUo-Y~{yoBfN(1{*{kU;|XvaoVDY0o7~tp<Dm1S|;}!i}YqmF9>?+
zuT%G+<mwV%=I`>V(@15#dH~BSkP(D0t0yzoXtSa_H6Q{qFQ)x}I!D#<C@=Mcuzu^t
zb(VAmB&_NOfW`+Oz*9HGJMZ{9KKSd86h?JE8EV$;I5XPZ=i4>g^x`~`hD%pNuj(S>
zosXV`$@FL#<eE*>qOE&Ax?S`7r`5k6T~0a|vQQ$~X75kjnQreMUzWI|N4^@HU=Deq
z4|minv7>g)z4_K4nX5e^Jzhh$=qQNE=n*0N(FL?4xX^<A$PY2%62GW=InGSf{d`0z
zHK5)!*@9MyGrbO!k)+9zoF<$^HB{z#S&%AgD2X!8>a>WnsF??mL^g;d@&J*bvTm<q
zmXc%^6ora@1e>4u5%ic2@m;K-x++Y?!WN4I-x!dlEriiA0Cl$e!H+v{ZhrW9JIiH`
z-yB}cM@1G`gCF$7C4TmNfOaob8cacKnS@D-$l9FAHZ<^3i@@F#kS)N-GXgWuNLoiR
zDchnUz_ws2jPn*@V^ty#tO_dYIJPmd!yp;A36#y_&?eMwelVS8uv}MIEilVT)V^_e
zRqT5s!lwqN3_!bC@P&)-avi+5x&87InxSE~fSMi{ym$-71^@a{gvdLElzFMD_ggMv
zG(J*9t61FJ*I__?gxfdW2=b1fPZB=*w6^QXW-*h!fC&W`T41z(034UNn>p**K?X0K
zsFyBhqls8aUS$OQUjWBJUl6p~!7wxe)6htoig3Bgo034U9ZcZnd05Tcstw19Jm5H}
ztix6@F*voB&>5f?_#Zk_1XDYtyi)h02N1k?ef#dEYKXag7i{4xR2`&}XvE;~M<MNv
zn8~5=KBi8dB_~}V)*JNNN8~MXVd)yHW&}-iVAjSg?h=d*Dzw1j{4h2y@e7--4W!1r
zEF$0Vxkn-jtkFHz1aeehW(g@%9uXM%W`-2bnptcEYhn*z4Jzw&5>d$|R)#OTqK$-c
zwkNe;D*e=F4R#<r!ii->os=rxQ?sm9?;G@-fcH4S4`XXLVgcyQ;cg--;@1Dz4<h3d
zcVo;N7`R0!Q^|B|YShpOFMQke0}y?`;=}46$4Ij$*=1tq_)Z%F`g+WnLI6%f(u7x}
zDvDC#Y0SvCc|)*KG_ePY29<Ri!Yq&mHvvoxnCRfUc$jhmlRswWX4-YdD>VdqA~{x8
z0MHnK)jUB0r%}|#Y8S)w{u0OvDzrfJ{U9qY@#X!`=DZa9KQZa&e}UmoYnZ_f+?c`;
zfTt9+eSEECe69L$Ky)9wKZ6nzx?g4_jmj3t<O?EuQ1mdUdEK{hF0lvB1(kK{{wxUx
zuKV-+8=rpuYVmKtF0N{Yn$8#W->$~#h-W$*CjTfH#K(4{Lp9YIR0&`5b_YN7&`&7c
zsj;Xa2Nv=jWI?xFcDV3Pl^mx_SOcmti#ng)0~J|dPksOxm-v5=lLUJ`QQ4Gr9yO%Q
zGH|KFjMTX>-#E|HEaPdL9_#S2HQ7L!*aIko%EA;h#EfRAmMC9peuf%;329QQ|Nnq#
z@E(Sq9n27!CUO}f#us2oFOh+PW*n|zK|FB8rj+~G;|n8B<oR{b1zhunLP(_@J{a)}
zL)bcT_{j-k%8dgew_$*i-q^`}l#~ZyeP0lzsU{y`++RjkaCJ7C<_NeGolI26<w#3u
z7JzcXhHmxTxEWW}nZ!W9o0)Cka!5|>2gz}X|M%DiP()6iHDyuCJY!0P)pJtCtQ2Q#
zkyJ^ZR!QqPRBc2~?19KZW!;DBGEfe_6=3r3TWth~sYGd%AG-DakKk@E$7rjLC$JV}
z+gExb{5V8decG4`Sjhw5DT0veZu6L4@0!iuB^B$AK5T|SWgo$&Ld-_6o1U?e%aJj$
zA2P-zejYMrEK%K4m?tW2f>ZGT!Wf=deO}H1eJN=e)2d8!!m=n+oNp9}wHlU$p>Q~b
zWjJyUHXJ7QfWx4&^Qk>tY)Qfa6E>4EzP!JE`|9nR+r#Og=1?%FRW}?lBx>9y=y|;Y
zI@1Hdi?l35R4f5)iuhC?ITq`w_Cn1;1Dt;cEXVRUFNT+zt*2K571RRHl8P!E30{1<
zefRQ8mC_W^&cnlgZO*S=^Vh*FVdDX)u^gHtM3MNcr?VO{+)F?&sL%q_^#HwmnpwFl
zvN9{Gf@E11krd|O)pa4xu`1;}jj|$1=Ub{{8(k86pi5BM83%Hf#=<}vW-GVoCBE>-
zj(?NNaxknbsO4qt64kFC(cHrM)D@`60v+)HB7B-zxoxv3$!kU!417yjT+2pfB3z3k
z;Vo;^%&~{s#r@c$xR1)t=*T}|&<K7Jqa_DZMn+uiG;ZWd0|v)ZA<REVbOyx|%<U|f
z7wlt?g8iqNl^fbJ9#>*3327@F(}t0<XhIUUaaFNAX+vJlYmHq1k39<DsI05U9Thy(
z9b9cNd95}Q5M_;|(Z`_NZ*EmA`oYluk9=~N+MLhWfQl?o8jphUr<s+@m=$%&IAIBF
zH7N~AnS?b-N*;$oVPe|Mv!BLxB{ue`#G<lJrNIQ3oky6oRvA42%y8{atvo6=`Sqhd
zpMqfrG5j4mBLQD&cAvSt;u(8XJU`8>+>~)5!dyz?n!`-en36g#Q$nMLmz0;GIH6`$
zCb6rEiAPltm365MDma2PX9wWn^4311vrW$dtGc@Ke|<0+<v5ITL}$>2=5z)Xa_dau
zQ6>B|vvOReNu9HjL@bG*Q=%f2@q!d3&+9m6QI*f<OA@;Phu+>2oxx<CI)e!=+GbGc
z6B?sN8*-){YMA@9#P`L&v^ib5ysnmb)YU%CtX!8d&$F;4d66@cM!?lmrHr&qk~B0+
zc@xby)FgJnD)A^-p|Vb0nOPLk4@_bN(fzgspLc|^3WWfr_z2i<XdaUgy1kxZ$sfcQ
z4&zULA71<#AtW8>lDGqdia508(~M}67ER2W28IMcJ~d2988#WoV<3KwD9vNXabj0g
z5|4@sD(g(8&aH}k-)MU=WJV7ljnMmUD)X4>U($|?3N0{wuW{%2%5{}zQQWk`;ByFJ
zqJq>_4NQqq&gzK9)X__q*lG2|Bdw0gx^>~Aap$<$Ysm6JbqFGrw{*LD`VAOEg4bdj
z*p1_(;g3*E7P^8rj-hMJs>$W)@5C?t?Gj&376L5d{brDiAw?J#$sA({`oLAoine7b
zVKfp>Oa&~}Ng=i?1{6JMlSPqZr?OMqiAQQ1m33?9Y<3&hPE5?o+C3l8DiNtBa2gDJ
zLP3nwQ6(`JKfM0@k*nFSa(MEq+uPT#-n{;bY4IhQU{q*<7W=h7y2R0OCSe%HWl`l(
zg6JvsNMg&3(opQ8DYQeRWx@!hEGA_c#!bqTCX9-CJ+)KJiARbVm38YW+EZqdK#mB_
zm1ds8FMGncHLqAH=$khmZ!tZ*r0oqATHrxpqIulbZP=D1i<t1BDjpFk)P~e`#@d1=
zSzFHcf+cpkIPpjqqq6Sr`|@5eR8+cB$IwP>sFK22Km*u_wSXU9e0u-+{ik;?F&(%h
zcZ>=x*o*v{y<FnxUKB-PSjG9Pw}@(DPn2XuSTS0N;7x>aDQ~&Z$~Yu3uc9n1>LRHe
zs%ht>6OWuUD(hBF&!jXee_Zhzc6-+K!krV29qPhe(x`+AEl@bWyfeCT#jCnbo09M<
zN!3hK8YK<M+oCC&q~vuvKj$N{^UjG!-Wip3D+by-H1A6}7Mv8~p3@an_Td2reIUUf
z{{F`9a{K$oZr!QRU`lgI<{1@QpfrA&XLRK@qE$@mj8s`ziSRHhNSU`SsYA+ml1H_R
zY9+NZ&#6b|8I_&KmY`y@2OKK(UeO-|Uir6f&H8WZ@G_N&iFfSErarmSh+@TUBvEuW
zL}a)c*-9WG35m&HHcWCrPr%KFL$l^o4AD7DJ(OGbfgR(!g1x+sSfE=stGy)l8^I)s
z1{2d@^cBo$Fe>EM;MA{M#wEUhk$HTfuhd&3)7yUqRc|;tPMZ(<*ip&awrLX*r)5LZ
zFsTU5i-s`Xlsuu}COXW=PQs@iNqAJ&VLq3&z@TDZByW!b-;Y^%i8VG_`Sa~<AU&WF
zKn#E0a`D9hi4gQ33+YCDwu4!?$J#7S?OteG+x-DQNnoR<PY$|=2cf)@-MlfDV`%*(
z_lJdg#?0c9ls_u8z%2Y)X<XvQEOb-G=!5e0tA{6|fBWk9b^mR}*&UZNtX_?+lk$5a
zYyNGRN$#KzAC^@HJj|r1U@D6^X9#6=L&BUDG!2Efn$6F8PVK5g>QQw-WgW&b+aog{
zEu*qOPV7`u#5^4ktQ&woL)py~QS0rVvIpUr$htUWDVwI>uXm#%jkcz7{Rc|~Omc6T
z&uQ7~;O%<iF`$~A52lo<n(E1Qw=hm!q4hP<kZb@@%hbFDl~vDSAR!|Dzw3aAVD33E
zi^SgKhyK)d{eDJbfjN3~;(VG}IjYM#sZtI!{K7e>kmIb9gotRa&f<jAkj_VKsa=vu
zJxVgDtiu*iv3WDV#BQ{n|FQXd^T39CzFGm<#evedoC2+h{TWR!19Vo_2S=WZXZ{f&
zXC-}<THrm9Q_^4~_BGY1vh9Z7!RMOV`h^pPhKlIZ;PpLJWPvXFwS&0C(ab~=Mpax@
zSY`r!qKp<f4TVxSoQYV1^OjUJO$hXGRe28Gk@JmQsa<MHJxWcetV72!v60vfbbSJ}
z%)3a~#on%)?bBvwa`lJET(yY~6L;YroTBk_dipEZmjDmPOmls@4qh{%yW*F?sd!~3
zxzLde*)o`ZjAGzC_zJv>8!FqsB$3<O>H06e-n@PJ%#V_UbYNFv;XsZukw0<kERmlx
zKx4QG$@ix39PQvo-`b3YU0zK~{i<m$@qb#w74(*@{y~XRlabs4u~6)dG;N+SUUCv8
z5bXmoxrq2HXtk`H258A0og}GUZc9DNZK$lnLQyeel(;=&q6b`pwrN>pW~L^rKKn%z
zC<Y&80I7Njn-$EAY=S{wNINxpB8>2rz5_?i_;>6&_(6MZlR?P^wS5Hj6Hw34{c5M2
zLv~1=+B2BOEM=RX$(ClDS-?<BVGoCy-z9}WRA_+#`V|6Q;^*<8s+R+{C0>`bweuRd
z(Dy(iTDQDnB+FPx(zHnkO{+*wPOB3Z0pIw%+1b^@)T4Tc$~w#r6MOx)U*}8?6PxB=
z{Ea^azk-s>uH9X~)%GC1gzeaeyyZ-}Yo}iPPc!Sx92%FmsHA>enJ)3ObXH}sh<;mY
zc(~#P{GC6MM|iPk>M-_R8eY{bscRB8P!UZaWz6fC0CbRZ3UkKh;ijow5luZRqNuDx
zhtd9*A6~x^&fLBRUd4^(Wmz`S0==eU!#L{O|M2shzgcbTUq%|<4K(x*dl^c%dz(d2
zS_N(S-5!Xo>7Drc#YgvRy5HT4nED^$!p*%Lka-;#nltTZi6cv#P;yNmnUSia4N7sF
z^_mY?giK_xo?bX@LuYCus*6!Bq`7JI0FD=LRDWZz?N=PD<)ZIr_Bgq`mYe$3a$VwQ
znWi{>wJ93DWu0%{o@tRNJ7-++m<wZ!qaq<`UgXdgoRhqY>a<EEiT=Dr+J)fMqY#YB
zIxG^M3Ja&oLJLG|&@ee^=*Bo|I%vLix?NXNIKx=Wog$Ul?6-H5f{(r*Oihv$^J0sI
zW2j%-bC|$0RM%iZU;n%KEt)*Iq|S^AEieW@LQI$VfAKkmy_YzS6W;KWL_k-YCQ(UB
znxzEt)LEG%ZJj!NExQVydQ`ztS%+1i-Ba?MT4)w{1J|Iqna759T|3cr%B?tRR*;l^
z(iAWcBBqcyE=_bf1TRds?G^t+{o`dof*XJvK8V$VZxc)OXJbnvXHx)AA<qn%6M%5$
zr2hUi^9(ay-Q@-L)Q`;4C4L6y^AW-GRHP(oQYm~JXBrFkT6ogLtSwTKM0rL;TtW%0
zc}RfUFAgh~R^dGSHnXe$nMd^>m7O;hTufGIOj6*6x8Q}%L5lF3hc1wjiDBaYH`kOW
zz&JiYb2C`Q|EtLj1TrLDq(6~B6QU9$XHtOR>T${>zY@%Fk=6=H2>pTU;72w3M0#;j
z^ieF*16{?DTBuf*X?1lywJvg6q3;8?K2*eQeVHFPz$I?150a&tOJnzRY=zmY?S2h*
zD5+fRWD4omL^uquMghX~mruC<;>iQ!a>V*6*>4I-@~Wm}^D3#LIL^z{mWsYYniepw
zR-9-Ifbw}!l8VJGp;_K!Ib~^?&exAJ8)%Su01Z%Cho#N}4b<7T#7wcv-01P-hGtM!
z7<Krf&Kv3X{k!-D>BQIBJ#bUJ6b6Qv^&3dfVg`cU$&7(q4im`yU;-}jvz$3SB=hm%
zz>yn40}9A=-U)@inX=_YTqG%J(lRG$O=Chs){ro(B9qOY*Lxd7ka=JTP+5oGU&gbE
zis>w+P8hGpab5M3tb*R@@+ZVMhck~2j7H6J)75=7b;kg@4`_yjqj&r1%}Z$qH}7A+
z6F&;GdiTrwm%?0se52CZx1T?~efP8c42;dZMNH-F3O*{az*79UG+pBEnvQwZuk5iM
zucp*HF<7&Iv47XfgtOe5)HjM43JNetLKrm5NLEzhl*sd%&_-Ablypq~dEQWLfI;Q~
zFhFG;hJuOB=a^Bk8&y1k@O|9fwKL5E5p^o|qs_KkH{FJ=?81-u;u=*)m52bzK*>i!
zufvN-&q~Ko=uvS=FDWXtzy$n&11|CZ+Q=V$FD463ATdVLm@`6Q(p-`kIV8p)FE(!h
zHvAy-fFGc;4hum0Rp%{Wc7*Hm{MUvblnUj~R=gsARwEuUbw0mFkBTf%X1^M}OZ>lB
znNiM1oxmlK&mt)Y3iGIrh#E1G!4%YJUYYGmedbZAM`az#JlhrP&}dBdYj4s}YRI1g
z#RDmWy?x7lS<MVoMMT)>Vfv1Q(Acnk_@(*z1a<2Ed71Kh!r~l_q);B!(Z{cXp_kSB
zhy9?imvkj_W`O<YyZfH$frh4Q7wY)8w?D~ez|0SOJ2U2Yd4)dntI)f|FC6j$T*KNJ
z{p=4d+1E{#Cn*zgM+%H7yb_^y5)xjfY09Hq95v0n{n;h^%%fzF$~x?CmRIs*%@emr
zl-ANz2W5mU!Q;$C)y7a?z*;Zm2ZraPd52B^yW$QXZ$uVc9{WySsbkWAHX#bx@|EQA
z(N#~xLe9qnpdt$_#19YP62BxgKdd|IgKAsT=1l9rUW&;L6G%&uv?x<jrYs_A?n~T4
zR%+flY%oCP0R}*29oB(%RonA?rKx=S_4S--pa_7W2TcubKK`3JYs7Vg{%`vS8Jlk<
zTlX|7322CS{AwJwcWT1#l{wVZj9-2FX{LT@YvyXBd5tQ77|Qu$HBpfThT>P9cZo0P
z0JCOgzLG@HT+W8Eem%Tm5C0f5Tw>QD;^+T!N9*BxIOZwR1B1R5lba=w$Pz(Gk&voM
zfqn<3#IOePSo4-*7wI#PB0VbWuoP6x6jx>&Em83|hl7u%1T2h@5NG@9o1Bv=ek1=e
zYV<J@`Pt+=X<|aYYr1|vs2Yc`90r$B7NmMycK2IO(PBM%-+0RE@=AT?SE+Z28^e%B
zaAX+us=s@s@J3MifS0e|JrNt&ek@_A6Xn_1CBz!ASHYt=t!a`H*5)NiGZCWKjc~0b
zvJ8M_NuAAGgI%1@Jc{$Etiu{Gu_dJoOcpxAU}Cr&S{`irZ+r_VunA=HY)qJ=3W@17
zb_2LhUtUko{Oaj0@eAiPjODuN<q`mDJ+JJY=_z3^D&utw5J>{rDUv2xManX+h(vAy
za4Rq7$K>U9g+2GEu%oi`8jp)DnB9O18}A64llrV5W^|ks_=N8uP#%A2wc?M(j2c>o
zhrtxh&D0@#M8f^PJ{}$fB<Edo59m!j4?-cpBwkF$D%SOn2M_6K3#yMz53W4=%n$&S
zQ*5)GPcvB#BO<-+!Yy>_HL>YQH~U(=sPQczmX5x6+^<7L+@_xU74Kc*=YjbD5J%Y<
z0Zo(X&ogKAWt0W2;<QOgoHa2?99?Bp9L*9%f(LhZ0t+O#yDt{p-Q7I|cXx;2?ry=|
zU4y#@cgUOX{oONXr+d1)>UPzwx&`IbY<8k}O*(9r<MRwTf;~<hpMU*G+5wyyxBk-K
z*ogNPdr4D(Vg>PICX~gj#pnFR)}5NK!O_VJHN9h_x#H32OB^Pkq(0BVf&AGSCJNt(
z`@ZPA_+&DdfI0?R1G0eBQkl`)9{D3Ie`&<W&{?2okYL1MSFhc*NN0Fz2&)S<-Po7y
z2g&yL?7#b;!4n^~%fUH~r2|m6w}G&&1JmPzJ&Nm1-^JLQ!<BKM$|$ea;B5%?_tKZb
zH>|Y8k)wlLX=KH8EdRjwo0v*iSu|CbgDU!-5f$tLVVqEFA%Gn?rCIAIo6#{^Hxuc7
z!Ct(&@Qyl+7(K!270#^52@91-$Nu<J&|%)B7|v$SVEs|Zq+tWW)ppxEw3<!yv%&j^
zmPU@@OWKTMv8{^U?URy5Ziv8zjx9E}mVvF$6;$d|uuoNUX}pzU-^})Lpsj09e#>no
z$`5nZbrnlBb*c#?DcHG`BuDt-RCCAi{#M(=ME|yEz7hU7xYBdnu2Z&0RwEDd2B7tR
z`<@de{<py$mY%YQnO>J_```QpvTL}h^KJv_aNbIN1b%7l_Dz_eF5FFik-#{pixD6D
zgJG=;f!%Q|b%c-Jmff58mZqTQQ6rV#Yq#5WNPnW#WM-M<7U6xkp2O`FIGr6nHZFsV
zzjnk0m30ME>hn>YLuL=;kFB3P(qFsFHQVbevif%U-XBUVkJ|b8+*hx^Q}H>7F9w>>
z&Mxy=Z>EZVaS|l3b2-RL<_ot3Ctz%I!%SdF_h*P1W-eQ1wm7m2f@xcN5!&FmAc0Ud
z0?o7PN#SKk7oyLfhqDbiL0{=SgHZDaXd#O$Lf9$;_RtgseB55Y@^`D{@Sh6CI7ynL
z3)}vrh+5W0J=ZK0SPNB4FX*z8kMz&*kbKZ?mpUSE(ZB^=78P#*2#c+^m(9m<6iUnN
zu+9=GIWd0zOk2PeX{jd`^C=jaZG_(swzN{4d3Nc8(;0JCq3+STqOxY;6y#BzTKl?W
zmKoT0lnaX#R!bV^3-PZ0`UG8K&5z<aX9^C_qdOrmIIqnor~Mfb=<6ZSWZ<_Su<{F;
zeF{dKJ%2jY<)c6Z>2B2?4`@igE|GN9NT!M*Ar`dX<RF$GX5!f&(HgBWc2r`2;I<?1
zNc*Rt-tK3PCbr^1oBWS-HJr5;6p9s0Nn*Ygy1Ls(3<*2n)}Zw?=_{sgw_Xe(hHZJK
zRVt1@R4AXAqLA{%bhc0~jklS*!zlZQN~NM^i&pN&!e!bFxtEc9qTO0~H>TniH14Ys
zYffJDgk#sTg)>QK*Uu^e+Y-B=1iBP1%DW#k5sZk^l_3j|Cgc)juOtVngZAF?|Gw5J
z9{D6v%>s?(Wiz=Dz$7&I-~twMRS8xlGm6@Lxx~<5N=J)jf9F^pCeYbZce*NiQ@`~T
z1<lIHtvy=kFQS=Fj?*t4b^-1p{9UukEjRNM!RCv*H;A^E!>fQa)in>JCQTm{O5i^a
zdNztm(Y{?Clc+DYD_qUg9b_3lu*CkG%S2^FDGbfET2V=qRw<@*y=n~a-0`{)*yUd?
z+ArT?)XZ)~$*55kbR-V?2>;aCrt5|C1M!(Zu}y?Pe~39+3~ku5+mv`VbZu$sP9mjb
zpz%A$L3m(PQEf#;@c-kN<&%HPOBP|1A-)VdIq$5eW>7Y0t;2edGzp@%B@17$uu}mH
z9n=jnPYQ`KLxtwEZO$1EWNgT8O*5K2YaI9}<m^jJVo`e+J9m-bKUQi_(P=;(ku7Du
zQJy-(*ZoT@BzAiI(RmspTM?wSiSJmn=T_=FiWefL8&)A;#NgFA{8R+&Pqy0kXT0@L
zpdm)zbHc%u^?y^4<-&svv@Kd65?;KGik}uE*2}f8@9pmIK2Kch&FO?o{S{TWKf&RC
zogvIztR6p;3EonW24u=&5-aIM60S?h=%Pw0xG}$ag6E5E@No5>JKa_nGx`d&0>|2$
z&d$q{N(Y9^n0V&Q5plhcMOUavojVe2k#?bb%IV~}9di99!;ykdxg5Ajb)n_u!6+UI
znvl|TKXu#Sb>8k=4;VaVF09Ealp;&5>}AM<$x%&2p`gH45I)8l%5S|#3lBFUay!HO
zQPo)pZ~}}3Y3I5Q2^^mCW37dSVQaO~1SAJGU9<JI<HW&|ZP3ZCF`DVx*oxY+B25sV
zjJgAC<-Ol2_6aZL0`9v=-6HHmVD0S$$TJ+lF{D704Bv;_$K@dCi)PA95*sy|ld7k*
z1>*vxnJ1>HEzaO#C#(Jn_eUS)aO_w+XCtsDCxtp7%eY8}&pU1Qk4^qPQ<CBPOCD$F
z>kCH+pNl!s$FI+7+;$>fzI@mX)<CV;l7X3=$|?5TXSIcY{!lUU$9bmSpG|Hk1bKd)
z62|$mt6`$kdJiU!?+m9@Q)w)}_0($VlOMq)LGV;rsuEAzXHX+bp5x;L+MG-TZ#O}E
zZ8Pz2(nrNSB?Upld_xK0&>y{_Z+$)e0ofQZb?(mOnwPu*@#XMS!I&Gkj|iBby$^!3
z%K@M4e0@H(<$Rj(H&k3h6U>AF95C@PThZ#9#dx258t^)2;C1%qUnUg83Be7W2cX2!
zf2cdpvS2xcpNio!=xmqKNCQFETT)YvJC+-N>|b3UQR)0Frl`4H0dsQrbg(d+>?tfW
zqy+HCB5$iLFqDQ>h4ZC69z6dzOdWBDBl4E$dF(F$XYdd>gBB=jtT0E!e)uHZivJ4c
zkQ|^ebh9L|b`z*Lfz%=STf!ee>O$3A6+uixP7NVAj8LfrnbJ`uR2-kiGjlTW9?LDE
z<4Vd2Fm%B^RN2o^Ns~$Vm;K9}y>h4!Y6#(H1n3nP$NdtnoiPoB5@dn-q1FltOW#=|
zr>v$9Jg@q`p~h5aEn9BX2gS>#NDk<UNMGysiF;s&A0q}-cuv;cZU;+}5CMVhsZ~!0
z6(}Xymp=%0$br3+xMFZ$@x{Xt8D}873pv{B5puwD5}z~rrIiNxsF^47qB3ac&pd})
z8WY!wB$Wu0vnBsdg@LXA8450&#7h4Qa6pB5AKG@q&fJ%G#nzU^gWDJTlJYb38{yk^
z?aO#Azzurz#fWJfxcV6NYq-0lCZT<*%(fw3Mt->Y`NP3{**~Y6TmJWPH@G>5{-iY%
z9k0JyyQ)$c4<v*5i)(bx1$*H&+vWHkCBj$5!+Lj&UC{Gdx#o$7%hu`GJs38lG-!QO
zy88i;#vt0&_^=Bi6x9vZNHgZ|m+P!A*3X=eq<w)aWX1Z4Y%08-go7Qvrqqf8R!z)^
zfX*F}At{o>GJW>OQd%ntnJZZE8{>&0#nm=?3%j$V_pTUyw}ja039J<`-piE^<ltvt
zM2OHUryly_d$oHOsy%oHXVk|Os%-UPcbL9O#D<dg{Flu_CE}?y)1E4?o->C1=l0Dg
z%J3#_U{?3zS=%^%XHysci4L;&q^vw4+M-oWd|hU%9-40GsleGsygr<M$u$BrguVg8
z-xaI79y+R(3%#)Tdf{k1{^zJ&nu$22^e9eFPG@sAjaz#o%UAk$hsY$N*&3@U1fgIY
z8)+XoNgz3$nPAA57d0XhvdiOXLDvjzC}So!V41Q=HCeXeKUWX5jNqoz=$+?btY7Q3
zR9ZVIohu*;9^-K%la-bH3O8{*9A_&B-)K?Ox8%tP{*eSZ{y@z7OQoGW`<!0mk*Ob1
zK5YJe(*5cF``_S%9PNz!vGJLCSPvLqkDv6IVK*%dPZV~F{QoZav40#{dpbb6rnXLt
znpFE|5^{}sXhshuvr^^+{NS;GXj==Usy4tYB7^MWM@!kGMJ*mk6WKsf3(^}D-l(@J
z2(pW{bSSSBSg+CKkdGDB<2}J5hTf?O+{S%|`Hj;{OT170xO=$N5s#wq<#>^X>f{Ag
zay3_emKsJt#iAEye>waB!`)suqFVo6jremT`+`aNVcpr2f$}5eE5-xGSbN#J?2{-m
zT#OG*9|ZvoV_8If>0GCYr-0y0e&bnmk>qb6b9XM2mbRLjTXpRxcX)5+{JO%h5i|28
zAlq;riLx>;%*6&lEm_G{lZ`3I*W3XwE;YSUG-r334;6ng%yyFEq_rfLrkrUWq6FWp
zr@;FMyO|#i)Y=K<w-UXH@McUcx@E{Gv{)DF*VYB>I5{j&dMOR}T1$C7om~8D>WoxP
zoBUlu0`YTqP)F}zCZEy4tP~`_!f>aVF_BXs-);o~q;}=e;evwf=SQPV?Q2I?bxW39
znNFpeV{l;ego#zp_UDL%UN5FqHpo<>yQRt_&M-2k3ho_h*1&r$fxbLfIQ#y!-uSAk
zga{5$qXGRL<(q5xx5uFgGpQggK{xuZU1kkP0-A}kwfty5pvBW0_-yDCI9279#s)~z
zOrs!*+vUrPLATFCmvhyXsU*p+Dob^6`9@}2yrUznHqcpn|FHF^YmtWRMT2qCMk>I3
zBZvMvjziFiBp53p2TwZq`V<y}t|P>a-)_SzQRD}h&4TLw3>kdCsQbm}Th5CuKc=R^
zeY}2tDmrgZbCY5>Ilyc1BVB)aPg^xRO@B)ljsj&f(%x{{z8&@fJu@Do>E_lm4!C@C
zTn-1GW9ZxMg&4sMec}-NCDLzl*inK!_BlkrH&aqGCpqehfgZf3hETTKh(WG_A+9)K
zg&sVq-5Tvh%ddb6+-mz2x%@1r6m`JkvIHGzup>1uyq;*iz1(Ir?e~<VZX4MTw<Y)$
z#lvt6hDf7fqYy8=tmsNj(ewP6j)8CYNRF#jeP!~K!8a=lCbY16kjKZ$c;W7>)7O7|
zQ2&CT#47k@+0_as>KTf?;&bA^_Fi=V`^@LdJK9Ah=uYhI`5}h9F_HuJa&Jj)FcNEB
znC)==wy8xaXZ|WQoaYnE<fHv3t;smUllicCK!)I9l7B#vC6<!a3KV@ymJK5yr9QPe
z8dtTC!Gr)TE9<qft6TWD=xmg|!Y|-6zF&e8&l&5qhvG<Odukr=;IxQ$O0!+TWC!&8
zkb`S)NioX;4QW&?B+%K4AXA;FgqHQAgF{UoE}zlnABzypJ*Wz+#<{yAGm!IVtDv?W
z3PNPX(Gio_7z7BOsPoSw8;p#+a`UsMOTihLp8q^uc6QV{gdgan-9S5eY>$YOZ_lf&
z6$rmV$a+i~QSl@$kdK~`5fr5s`iNR2yZ9@G!3M6#RXZ;PGyIl|6<+C&iuk4%-9*3l
zP9%8YW&M6g#(Y0Ft%mzPsuRE_0vJ7dAC(m#u4d~9{{RabyX~~11<T|_aD8em+U25g
z+O^P?bj08(SK-(#yA$HetB=uz#ns+TF__y+$!~@4NimUtc|5L~3)|-);^>4d{xa^@
zn>64baoyS7{}(P?nGBAcA4dF!L)9Ud3)z(<)6j7OzVWrn3hL~BKD<HiA^!Kjw=|N?
zig&`Fdk$~ip1!x#9@l2#p@uNN@w^zbQn}yWNp_1<4aQwK)>=PNg&;E4nhG}Cr9LU)
z8kTc@H*Wk(;<neyJrPs~XK%3-;z<}^`Duot1R+oLPh8q{z_4NtdpKpbmGOc!Y7_zJ
z_4ZhwLL!P{5@!-tVsI-{oe?v7oiVqPe3j<+CqVQ{PTaks3pSQ$*IZ2d8)R{w2vXxB
zYFbG3L<A@rVoz(qQ)aHx2COMY7rtK4=>I#L1&($Uwm6xjhfQUv>}%S#h-+_VlW7V5
zjA_@$n@<{SN#=Gmtgqh12O?Wn&4+i(t94JZn<4oOH4_H_kA|LlS7ws?d2IS9rlr<J
z{z)XL7b05Icn9&w6X=P#a!uc<t}-=`K@WwDwX?xuCwWVcFTnnW-KS1+x!OzF<j0E&
zA$YDoAk3B`3JPR8Npg7Ta4jk8#NwP=(fYLJu2nLVnKn<SGE$|StWU|&&N7+7R?+{7
z$6w5auqA6jQ7^IHHiM@`Ts8Q1*4DJ30O<LI1v*<OOBY8+?xSLhK!YM186Sa4R>*}z
zH@GmsiH}+nqBFST_`H^6zU2P$xBaPPOlB**;=EmgRc=A&a163DHbz$Xua#QSSGYA5
zpN-|?F*zj(>ME9m$e)O4%XD-yOK5r_s@aE8ERvdS^*dja;r;+Lu5v6yE{7ZPynLQs
zFV;gCI0%FO5Gqc(k5C5bF_&GurQ-v%pS@~*k)Hs<jP13xmxOvT4AMATVIdtM`qPb)
z$7B>I73QUj;tdb-yp^7|4VuUSqzFJVU2}4qW(DOX5166&+8<YI%^Qt8#keV4Zi2hb
zLua{jD<<q{Q<o#?yDx!!I7>}_3XNB#41qd!o}*S=3TGuqGl5w^zo6=z!1h3~K-@GN
z6yW65&WR;^HyMUfMBlZ6Tr77leEt>lAj(Wblx_cwhZ0mTB>47{0pR#bQ%A++!VybR
zB`xtnyP!}8Hx#`T&B<FY0e7`k?5?qbzR<C$qbY^DXT##sw3uI5L>hIpe>Q!%w)s*8
zP=vx-Ve)gxgaa9D1@S5799go)IvimbHtq3}+R+wyd{bzFH#NO!rOhTMf+oeoR1;|f
z$+Fp*^Gs(G!cyh1W_c=!_Q#TS-^%zR1cBUI6BD!gJUQq|b6N_s&f^~$WE<=$svT0$
z*|*}pLzy3L7iWZGs#B!p;Xqs*yF16!#Z+%_w?<XCp2Hpsl~aK!LJCw|$=H|0iK1G^
z`jjjQOPcIjib!*)f-Q>%byKE7{SC9T+cV^+3Y&2IgD-TtU}<2a0!ezr)BHq2L-phV
z-Pu@84Zbe-o{09GmPfbhh(BLSq(&J7nBpx1WWQExM_e79&05XpGz1LRa?0#djC#`|
z?cJ>5f^!|^<7dmoV|n;$j_At@a<<{21-pTmJabQHmJG`fK+H0|9>*)7Z=s%!XxyRt
zD(Z-*DhEDIYoYqKmtWq`VzuTu*Eu$Yr%r-ztg>_h_Y26kNcSAxK+i-}t%_-(_}`Ud
z4r5qMkEEasC*+eUW7-z2^DV!{eC4TNPBo9B?~Y<_cS=k3%nHU2*MuoLprBR-{n=}k
zjo|rgnK0!Hotl@-976ha5l?3+kGXX_--P)q%IPiG?d(ljy{83g(t8_K#_l`1H2<l-
z%onY;UWhP1=dt~m?;zB!{ivI55&47o{8W0>E~m5w#jLuh1y5C^P?|C+-NwEO@EMCa
zTNS|C<<bm^ui{HB331fKb%y%N&D#x$`>I$^tuy*kc;3YoLT|N3VvQ49NJujLbwx$-
zK_kAry}H~N*-o%iBIz_>A84d1RMwf$|1`#4(m4X!Ib%XsEdpmHwqySTM>aEPB$!$9
zkDI86)K#gZehGEdY*EUVnGBctBPH&?+Y&GjonYOqhV0f{&Ub{8s3q!O010tZ%Z#uA
z=__T4kuQ$RHn#(q$q{<Xs2T<xQk(-%=`_A&P)b4uc=t7~dH3HOQ+8E$s-cnf>;c$V
z=fBG<6&L&K<e$qR^H|r-(28fqav0^938T4xtM>Z_6yzbtaBik-7(lg`MW}igo_?DN
zbA_{B#8U@4uMC#(_wRqu>TdVhY=axJxEd*&n)YtInZKSb#jKL6*|nHgJ0CUB{iJs)
z^&5M}7t5E4PJJ6sMYT!`v1#Z~W`L#`+P!JGB0ScY5ITCgX?UF&OgE)FEdZ~KS@zx5
zRx2qjKupS70DXcPcWjA^8NOR+@w^>PEESHkj<;6M`${AZ#P;z&Tk4}CIpRJgyDa``
zRIGmC<(i?2J~Z1!S}Jg<GE?(}gZvW!>rXxwR28YXyN!XwHcB5KRiiVcn5M2OBb`D+
z6^uV^N~lUj?~x(_2F28@?kJk3t!KD+QsAe$I`Zx%Al<`ZZ`r7Qck+I*Yat-__X@1X
z6g+zuMON5$8{@Xe3Y6{^&<*Lq&E5$AI`vg%cD$}i{<<Ng)lQ{2XGV@Q&IkG5nON!G
zG|8ai1_uSajU_qXBcQ+hBY7ccNpn-o6?19$@4iMLl6K&?Y5To;J7j^>M9kFM@|vYm
zaw&?DYnHxo9;H=FfnVpw{(@tp`$PW2^$55o?T&dci08>CL+aIMm2&l+GzbNZ6F1nB
zmV?}Mw*e`NcuVZgL`6ka0;%Thz%F{p$~+&UcG>2<Qk7v#e$OV5p}se^=3($Jgz!+m
zq=u=K$Nw}bJv{=;$nuqNVUx-CJm51IuvNo5S+<|XOhH-9TFX=w5LFuE1lpQ$VnlhK
zC|T6r%|mJ-$yH*h<~_hGfW8QbM5z$wADU2zH&9C|M~*6-#RRy8|BbYKC;4<pJw{8f
zo@Wvs+3*kvYj%vrluB-oi$1Zq=r(EA2(?~?@<z(Fpk97ah&q*9qx9+Z9#Y+fjObHW
zdxDO<8w0I5j!ba9%!@Pt00dY+HOX>9LT^EWKR7hPiETFc$TLDVH?shcU?&&(cC&jt
zrl?!rSx7f}3wwvevad1_252~C6z9$KKVzAh91T*&c5(p$Ot#^3kYmckgmTZIFIwmV
zrymYNC|vdR2AU8zO4-Eja__Ai;OBy`#w`ozOFRj27{KuM<b>%Whh<gL3Al0^*m6T-
zW}B=r=UHz1@$(X<8;Fi>@`TB?v*rn<r){y$3S@Z^+2HRPB3K7Dm8@Uug%scBmVmLX
zn3<9c6~YYVC1JyqMWiKw#@Dk#ZL>mSSjXhGB}pu;0rLo5kO0RUO5}vfdU?cwelCsK
z9o8uevFslpMejSuJKlf*pCV7r;{r)UfUA`&?sH=6azGIY%1P>*r;|YsYoMZ5{R&mV
zH%0HrbkJEzq-9dlLK%C<0pg9s?;AYy{Nlh(EL%1y!5$!ruXZ!|Ue1jpU>OsPTRU>n
z%lib?K;Y!L#&aX1T|m#tFiDkLIZ~l8u!i609?Y(yRZ%-yLBnu}L>8aj9K$!a1o#P2
z2a|@TQKD<o9j`!LxwGiJExhL#w)6ABl6CiQy)bH+n2+}vgsC11y6^RT6?AcIy~EYM
z)Ru7DICcH!P|_qi7XBH}2aU7I{an)pl~LgATB#r%CYm&Cc1tHMacX43jEUXZv5_fD
zNfK^bm8Cp06o)%V;g~t@)bhOkUrFWoUTG~H)G-uk84!yS$tF1pIj$L-8rcrzV<HDt
z1_W;4B|;$1W~i5D<$cg8l^8HY9UiG+ffrmSsPjn|xkz&@sqSgddyc8zc`9CV3SjYB
ztgIrKtL#eLK6tA!P#p3p|CtLT$b~L)sCmAbaNJMjmQXkIR8@lgdFiMbaaE2Er-_AF
z(>4{6Hd{D$%!k5Q&pI40d5D+nifwp=BfbC;Yz%D+UKW5+rj|6E5_sHtdU(jGQKKB>
za-ozd2g?e61p~6pNNfY&7^A9*B7O#7Yf1$<&qvtiBlt@fkRcz*rLkCSJAT@B)8e|3
zLIREna&H?G4z&r>b(t(RYQk^~?BC^!6ht_)t#hj6MInO(*3U*M#21`z*XBEKL~fPz
zAZmx&t;!dEBt6!0*z32}B2*n)F^6|lm&tATS5Aof-lfLfgchRNZW*U(z>~k<j`IU+
zPeD+jEd{GqMdXs6$P!SDGIh#h`yanLwrpjJf0(4rTxF@qw{)B3U35?o>Gz3gENZT)
z`1yx5rx2H0$9h9G>SoVp$1-lF^B??p5fdqWcckI#=H=w@v1hYQM~(2<PS%R&sp=By
zQ<*_S!7Cm4<!BumS)7Gd+R|g42Mm!K;>0s6D^v8tB%Y=Ks24v{a@@wiG)>x!gNS}O
ze6Qf-+`B?paWin?&&Nq6D^|>dvD!)11@vs|8>2IrfD8au|M}mjBz$ZE2ip9nj5-ea
ze9xxZhVeQ{H-J+4=zo+VmSp5cE<RqsEx~@>wYcWZ=K4u7M#gUj_yh-6<Fp0z%bpo3
zmdQPC!r+W1gt8lH4*}bp#iUy<h9mx8D^s+?B>2F{@`#R{%(-wfw$VZa{wOPc1rq>^
zi8c7m5?IXnP6Ne^I9l1DW;O~RP$U(NCw_|RSDh5M9Nx;Pi$cfqcs2=B;s}-os(f0m
zCoP`#t)I+^p=<{nO#H41hgoof{~lf*8tw##ARYBz<<Nrtl=odYW#8m6XppCgyaN+(
zw=X4QcA0;Kv4roma90?ne#tiOE@W-5=Zc=AvSvm1E%IwGK`v|HqF{)nKyNUwbm8uG
zo8x|v;wh*{LC(~~m}Qa`QL7!eoU>=AUl9&Hb)X2s&AFZ?Lmybq%V3~<Hz?!f=s}vz
zlVKSHz6$Zpe_zF1Q-jS?7elMDXofsR)RG?KA1G5g=+1CuB0)I0E?Y5%A9xtxk(s54
zxxgnfZGVMW3{xN~24{FivoPBf?~LI~&-+1I5Cx*AZd~#((e?XuC(1HLG@0_tk3wgy
zRNKEK-&AMXIit#c-a5ZllM2EAZOhjb7QryX+5N`S?li%5<UqEh3h&WJgF~*Kl~`<o
zkbCc`!R>9$+fDRiKNUz+cNrQrObEB8MQ`AFGz14MBQ4TYz2xbCm}A22JaQChrhWmG
z-V52=owVmT3{|BmaG<ri;KAvKRZrik`(7F3_a=7iSHWj1l$OzBJZwmq&b7VU0kwI=
zlfA5R7Ltiq3u#SzZML<H!t3{~?Bp-bV5R>|jIa+FFvR&07L#KcSTN^ueBlsZRM6LM
zQm!fFtp)UTqb~~G&f^z=6(?w<EqeEA@O)g);+gdS)qVY9AeBqLjj9)R_FJWZFV_S#
zoS^mVM~R`ua4v;dL9KS$YW&ylO2a;2K+~HGC9^S)d(@e>0NYdUv=!&lD{D4?-%~ra
zfx*+%=t~)9EEPNGOpI=-%1i5~*^<@bF^mvvKdEW|Zm$&RxZw+C_(Wa(tgZ8wa3Hpg
zG7{M5`c*g+UlE}NMD3Ff{69~)rx=}qKz>l6p9RBsN@A;pg^rqH=FqL3vXOcD?7DWo
zG%jVXBG~+uA4K<~0w6uNa<}ka>$jWMe-lMUg!x6{gBKcy!pr{TtZ~nK5KQWRZX8Yc
z)WYLD1>ED4M!$7Ok6ky)=hKu>9U>?&G^5kCaXpmN<gpbvDh}N`3=K@#e<67WEPa)%
zc}c5cIBJOIVbg}rwSB^kD0@hH$mf-cVzGIo<5jfbEvE8q<Ihix!=H!?9_J@)w<QUI
z3t8}6{r2%#<2Lg&VQGw*NU&B0h8AKAZzLtolAO};E!Bgmk$Ep>ECYZ7)bbiIcS;9T
zcsh<;nmW`uqlu+bsagSB!n2*aEukK>OR+~+Wsrraz|O|>v&4{Uj}N4&sfwRn6GY_}
zz<Vv_0HipGg}{P$D^8EAK{fpCya})pF^BsRSLb-A%u^H1W{#9&&K$mMfd6-WV*xJW
zV2O&-QM@Q$oOqlHD@UkcM$5T?MeJ$K0pgsx>^6BmmSrGG?W%xiS;f;jmfJ|O$8qD$
z^6J+9%hc}gs?AL62$cA>%=ZHN+fEye5kmAp=sE@D{=U6@YVq{YBvm$(roF7X`T1~3
zF9Lv$KK2<YR8)~^l=LJ}BhJoHBqE4nv%g0MFB6LY><oGkog{MNsZupYvgPv6`GL1C
zC{!8h25y$(9OY{J<R;5`H`Q4}y;@UtoX=W{7Av~YQYE21WOSjjiel$V&6Q>PQ{oEu
z(E#O9)L45myc{oYGJK+UvDgESaek4bK*y^Ik6>gJaBQ)=8GvJ(S=$=zAw58z6oFil
zD`p`j;lZ##Wp~3-edz2Lo-HoVS3d&GTzw`zKwh_3d8S_ax@4JtH1+!S<-3CGk&_!@
z;>URGYg4`;TI6S@K%E$;fWqiM{<5if4hxjP3B>u2QZMYIY2tEF46%ug6OZOJY&o9W
zmpo92aK?9_ipjCc=OIwnFcL0_1NeAAQ`t<xI?g!^(FcLGcT=E%rkDhV_{CBf%M~Hv
zzrXtG12%Fo%~+rtU(3SMT!nWn!z=R;L!i&-{OYl)=8_WIC3`{Tcp6V7VVZp!Al<$=
zK<zc+k!M_re6`Ad!~S{uLOYQr<WJ<&(G2+N))CT(=+wnQnD&kmF=T5sDgXehFf#8-
z!$4%F7bB+$J5P}sOLpM4FeqPaAcH4rH$n26uaB}xdALmS6hIR6cppkxh#aZB0%c^%
z82Eh*>`_-vs$xk<9rOz|64W>rDf%S%x^42Fb3+W6Bp9E}E4K?PjnN0qD|cZS*W;#R
zh#8c5W3#;W;}ut*z34zRbwu*^2-t9o84v`NlfOgUvszbphX-SrN%yEvUM$6;AzVhQ
zQy_Vd9f&oIGHw5@Fyo11e{MWzf9mC-{dsk7+;XwZ@(S@mq@$k#zFXXB=sS2FQm3D*
za(}a<r>C)6iE~YYF5CaO)Z3hFyt$a%3MgRpeJPkoa^(7m??ZaAyPAOl>ifR>a0AIt
z7O<r<!gr<^O!+xjDeF^O8n8wfEnD;rTSlmLvD*~i{YX0CuACjw;~5$<xG@r9394@N
z@>Fx!NKXic^uv8)cmh{u{uG_;M#6O_mSG%-WvQ4H9HfHoo-4QhgYXaZ5V`b7>H+gX
zEEt^3lyu*6jcKN(5@(7JZKVOboFsn%C3LC?0nq0Vqs{)MTHX*HJcdsaKoqHQ4$y6Q
za6U5JP~^rmFA?ivVQ}otr9EWpiwXg^;$Qm6kh*P*no3Pk35~Q)SJsqD?22Ob`6C%=
z^9&V7bm~eSA#q*{XaF<xp$!qf<yDJ45jyLqJnF1h-wbpLH(pK%vF}WxYY-+xkAh<@
zw29_ZHAfo0BKQsxSDy>-^7TCeQlv@QeK5%SrU^BzHb#$`62)7zw}NZt?=*coNzBjC
zmc)j9|Amkpq6z3~YH!D-CMUv8$oPpn3hLmA1=!p)b0(R#PY1C;uok<U1+m>pUK2zy
zkl>&<z@$M-&Bo{_&I|&CBQ&u&Zkvr#6_sLHfD)%#Y<1*=3L^(a$u}Fmu$#fVgzLf9
zQ;E<66S=(Z3KFx|db=m$I`mE@qfZB&+ktaY8VE}Z(J%xRKO37lh@N!#cY6-DcYL<{
zLiBoqs6OC=*LL&+GP~cV|COl)$-JK}$Nu_vPhI>cRbeR?@CWNPoq^R8w^7##p;VTJ
zR%*(uN(ZL0H(5)_(YK9NM24lhn_&JiUI0<F5gQ9_#EksmQfNncsx4@0z4)>I{9YL#
zEUtfUGvUqIFcuq%>sNY()>_u=4hobUo~&%&dgkinNOM5v>_xpM%)1~xXEuNn+K<O6
zuvf)YcitNJYeXILPz|o=_<=rRHxco!wz*NKfB&)_{iz0}V_eo5-%Kl2VFW;Qvg0)b
zA=NtKs-pcoG;*J86qv*-qvkSHz<q0#Ql9f%Q^*|zDPAi5z+zkK>L7|zv)7~*n&<V}
zb&$r)eF?kgs)mbVa>{8a3iLwek25Zs4#kwwqw7$_k&qn^<&n)L4#SrY4X<NeaUl%v
zgH2*^nGtv(CcLxt<9&<<A+pUwxx3&>kW=@Ce;2cS$swh!)p>j+hal0KkgauR!3@*U
zyOMcF^f?}LI1dy35?oeGfreg!l85y{J(XRWpQRd2S!0a*rW6}M3OZxLkX(niqfE=S
z46HnvVIN0HmHAra1>sd!^zZ5Zmj3!*ixT@zOZT-F{!+y{Cn@<H1hM(4R^Vmy{2mdk
z05h&1S7>R`P9U*NR7qUj7lAp1KC48{@FIbG-pEKz2GWrPth=MxMY5`*t*fTiuxh1r
zYtG%iD+jFXo8Yb@{J^%({q&b)zS(3}oMO2@RD}uHbdEi7N<>Ul7)LTxF}Pg1X2>)R
zGCApzqnH3m9ZzLKJ}6%;Q2LvcU(9dMk}7y#T#RA6wWmTgUNx`c>%BRV!L63D@HvL`
z!*=!1;Fv(2B!u~2=Gw{FSyIzbAV1}h6{wfWR>oWkJMEFT@`mHFp-75K3`d!ag`@@K
z0;;lxq-EwB(NxBj#np)dp2#sCn_l*11Gn>Upm)!2A}|izrBD5CLdl=%pzi>EHU-=>
zl7VDcOvPBC7EZI-ZKQ5Yd+S#hY@2Pn1x5c2_~N3YY3={aLz#XNu5P+2+tgSqnc}Ds
zyHxAv$TSmiJ;$6QRk0)Is&w6xNj}hTU}MW%&mzE)Hxqtma)uVdGooyM6k#SYI9$ng
zVHddDt<;}iOmxt%eJAXALPaB^)dMRh8WI22M%vQy5C`HQ^uc0e8tx9%p<)4B%ssz_
zQ!itndvuQP8VC_fojeFo>`kb32pmuD_szmf;%uF3qpgL4o@PIxR;d27jT_hWK)8j1
zDEXj;TO#_S$8?_gL*t>OMqhBe#l;nEwgL!$xxi_fyzkw!n^~k@MFI#;cCtn~s`~R{
z6ic`gx|1aS0tbtTu{=T&t1N;0<^m8@IaH(uFmCZ-ImS0m_BYrVS=)tLXB*`1_A4+4
z27#}QVSNf*<oJ1F)A2tPXBKB}ND*to#TU)Xu~sYLmOw?Ov_YM@(Ek!lc-<^)?JNsy
z5mZ%%=K)WsFdl*x+EC)iiG(>Vcpaa!J(KbPus@hPxTvo$nAvt!K%<k^KzQyY_}AUF
z8<)WR@Y^w$NBN{2m}J1BR;GJ)Y?V?5uchpS)XEsnsl1ZJ6&98A(9(1aFB2US=XQKD
z^)DI9tSadl<h~fY_;NSOz$+mtKL4gfH$S;`m^%$LG%E|KAG4Oxw_e#J3|Q_rYq!i8
zePm)?{JC~C7tFAB@w<2?rAWUZAu%Y(aCpf>USpPykQ~p28DNwr21am!R1n<cS@#t}
z1Pe~QedhU6i+TPGrdQkV=4~ah?Wk0tuT2le+k7t)EjDqdzp<^5DYsjCCWEqNSK9xH
zb~v}YF>my=*0(0UfC<;@z;qO}wxKt%zw~^G!!>h53K)h!y&8u`q_S29hW&$(pBf5I
z)J#$L^%1;>=X?4df7L{}jwPirDfUp0o&HOrwLZ9ZyD2IoY-2}g@7gF+?9%=qrXn4}
zKaR5BHdrdj^FV!}uE0#;d~`t`uJ>+5kT6K_n1`(=HDM}cK^4B*y_ZI}NtfN0n8r-U
z@bely36?U~E}GxzwcBBj<n6?rVpQJ>Kpyb^K(;%1iP5KggDiE*9Whif>h0PKl@wC9
z!%Id$fx<^g2&w%WhL$K4g+N{m&vX=ToE|MX!gmE<T4}r`EZI)_xz-UoeP+B<|CMB6
zC3#YKBU=xWy95<faGI!pCq)Az?`5YXa{Fs?6EZ*ydTbWSu4)_)g;%b!S9VHaQduGV
zClh;Mz4~PpC_=N$?R-Yymk>GtJa~L8;9L%B!+_kb&>D=CzOqPS5{3{CbZzTSQU7|=
zEJ`}u8o*dho09!Pf0dva_*rs!*;c9n9zKrOge23}>?f!5@9A|C_);h@$(^{`)2yM~
z2?jc2a5sW!)2r-6dinG!CXprOsUg7-t$cp$ox4;zpS$K@KX>QiEw3|>*pK)dDlVj6
zU7$g6fFN{`7s-nm@yh`U-UNc|mLk0bYQ%;?<j`LnfFu#I;lx?^tq}zZunz1hv&w%u
zK*P)52@&^yg}D_}H7CZ<4F(WvQch1$_x9@CPyWr_sQlO598vb}b#FoyJOo<j6#%DX
zlhl?73JRdT3y?|xb>uVlf_RYaPD$n%T;CzMzt3rjnYxZ*K;fAuVr4Dc6H3H+_WW1Q
z;?t24k~*pKOH<dTWuyJailEfOtArlH-PiUQbn)(Et$G|2ZoVPtc%G<}ZR(2=AV9!)
zS32pNrK#DfO7NL^w&&xUTwwE$wX5ydf1FR3dDhMEWFmFeJK?{fQms9T^yb`m`<<%e
zJ_iiW!m`C|!F?0!Y4E3k5zz5HU(#3auR&D3JL=fb@5ZfpD~dBFE|eNvU8}25#ABv#
z`Kp2ieiQVEg-9@Sl?II|L1{WCe#v6b{}Y0<PXZ`xyKROkFqa?&N%wJlrcTjr6a2-2
zrLvM?X2$t^&q9<_ZH4g(8M~V_Mv&gyedjLBUM-;Cq)qZoO&UqKPN%y|n?L*0^*HKQ
z`D%^6zo~A0LKG&2-kZzo{lfv*FRA=xgEZ_)N?%I7<z$7e>bB(#cu|GOZ$JDpZrHvN
zUvcv^CzxwYetEH(lp?c#XuK%+hAQZ*fZlR&L?RUw%SumA=nE<F@%~sM`^M`@+l>Y%
zh}88@;7Q&Fd#iW6+1HV}y8Yi?$M%8Dql82Ex^2j>!LyH#*A2Jn=|502M}8oPMs~Dg
zYcfl0j>0KciQLZyxn8&0e$k~P{Ak#~u|X0VlqJC2f}ZKPP^*l8ZVde$rqw9(#aVZo
ztLyoBoUxwSKz-o?!=QL;D3Xvj=!}>oQ@xyw;{c5u>a=A;w`8aX@5>wk?T3ijGgSdw
zZk61|kA^KfuO{vumTxtI>&W&duY_nW(yz(ZBj00X{HjESqyN>-!c#Fh@iQGhpQe@l
zLOlZfUs^k97PKzDU-=A?a4xUNt_oOFQ68eqs>kz|#;Bj$36%>DfFkh?tNM!JHLr{V
z)Cv&^#+djukM(SkE6`IKKWKdnEO_g}#zNg$eoQ|^(2uTs+7^Zz(QxNgMF~{4n_wUe
zWE$3JIB=PHQfXhGJ#-IS)dDp>z<XO!X`+&<e}6d_9^Pph^Rqy5CYxtLJKDiPYMWVR
zGKNbvW^_WW92`zh{&$<LTZGMdsM@_4q`BK@b7IByI?+!uuy6`bwIqI?R#aGREDynN
zQLB9mYa1xxggOHcjM+kVqV+fD?q`jL)hU5Hg43$lRD~}&MCCFlz9+IsIZZ*X?0Y2L
zxu|`M*slS*Mhk(HdWhOVg}YasusCmBAz0%{rdf#E7-1D~6(=wAy*BJ8(8ipfcu^NF
zhRn)*vRETD->5Cn0bau7Yo7Q_vYcnQ5Cw4vi%Q|4r#wWT1s>0#+@M6{J_+#5k|BsS
zX)sQ(yY0l@wdnPNQva{d+HxSB*Isj=?gH(@<aCSw)X)B2b|<P6N<<Re6rl;&-=^t@
zBo%oMXT7NPv&O7dFeSyc$hxI0vsquUT~Wzw!z^;wervh9JB2ao*mO>Z*kL&<f6?67
zL8O;&aX4LiCqX%_Vyb8M>_$HVrTPX>>M|5Du&vZQI;A;H{yi~<^L*|%rSegXT|w}<
zXy$#o`VwezG8jnPoqJevs#T1`xzkda5p3ttnSsVwA_G?*5vzGk-GdEG7yA`b9hh!W
zq>w5^2*3CzS{HbSV?3<{Px@wm`ZhQRfTEyrO|c#EX}Uue_xBunP**5ee!3B(PU9}x
z1N!*hmhW_(iRW7^{W+9b@5a?<UuHF5?D5h7OP|N}byB-6-=D9K)7{=rSC5aR`rSWX
zAAbSA9Q^I}@p`@Io#6ON{sZ71u7r@bLg}tz^~0-RNo6RYA6;`$3k@4fDIePQ!>aF-
zY$N{HrOiCnMT|NKBwR^-hs<;7MgR{p;1jm_%a`2wlR#$Fq9}&ZgccFF_ixK<vKSkJ
zZr8jERhpHa$f6%mtsp0O1=U`EVnKnH6sHnI-S-!SA5W4l!7))$jI1}p--84oLU!{M
zF%`_jnV(y+eNE~GBIKUY7Damm#guQgo<G{_Z9aucS3j_mJkr;7$bX>OX84S=b-jlO
zMz}*v?(PLa%F=%`<OU{VQAAn~p}Wdvi8=BUeZ(ieJOV^fhRP=9rblmUB7Eu305}*e
zZXo)c>`Y1dNLYV{P&&2plae9~TX*YXr>C2Tz=)T{p3GrswW-pxBf~=IGAzSK@3_Jh
z&S;glZV8(9w5+3zr=3{Vb~+R(mjWqi3H7UAwGBZLf=e96F*!BXVd)58+>rVdeHAk9
z2>&)zX=UP)yPc|-J#%<G?%^;{?)tzbS`1BS?XPF%cGTXf_3PDju7LiF=_(c9R2Y1)
z2wpMel=2cyp`3=iCzhEZ|F1{-b0_y5#Y-UUBF)rtYDq0b{WWXfO-ph{^~x3s+tFHT
zXIVd{dcs45E|Lp9LaC2KvDf=C3k#gYW|(#m42`C^vN+RMKoBw3&Te9+DkiGnWm`bb
z=^_~pui5hFVWkCf{{_w{WZxUz4pV>LcA1ju`dGx75TKt4$-RLBj>phz=8}r>C;S-1
zCPt8y8u%zYvlhT8^X(CyxTUr90l|{uXvwY>2wF01uD6`;OsQbuZ%kH`>w;wTQtG|x
zla!Qi$RlblXZ%!0)cU0VL`77{Ci9$bG5*!3a@EiG!){J8ypN9vGw8U4=b^tYHJ42C
z>$C<R;)0fSAzhSdgoEh^7OHwKgmdO<@giySP(O^PTfU<?xy^{TE1&o-A!qtPED7my
zVF{=}Os?14ZJqG!|Mp;_*z5_Mcn-r2IDR}x?&_<lAkb|qhA9xA3^x8H&eVvZaBB+U
z`zQxx@RU(VE_K%;nFLGve+JrkaB68e?}{kQ*8F}_^AEweJ3w@Chp`80W1{TCr41eG
z=&Q+k{*Z|9pvg(ld$P2^y;d_(woNRZ25P~*ODuPlsLD-!fE}?!hH^CB3z&#r_ApW_
z$E=21s@7_oMbc<p!X`fozrAcQrB6U_DL(D+csQe0X%s+~#>(S+&<^}<HDTPgF788Z
zzTiw)xvec1;H%1fwe7zA$Xi?7b~+TO3EaBuz-~$LlP2?<4MAqtRCT2a#~V(`%5gaT
z4AsS+97Bw(IogG%mr?D~G}g3xy)*n5JFPzV6n;Q$mwf@l27(&#_lYevPc`%|=CjS!
z2;o$%_Un>x1GJEvY;61rlloz(U0kwE9iuE~l|AaJ?$;VR93OUZmji|p$E;*-%X#V6
z9Z!OAjVR_mOK@Vo1zye3HCwQ*G6SDgL}}#@cVTOn7QiNyrmbjlNd9IqZg8jXbk3Vs
zU-JuyeO;_xuiW0K;E*rf!hiRNAbq+EzTpSMJe!S_3Czo*D}%>{nhT!i_IBJpF{R(T
zcQ`(6SoFDZ&+$czrCzvi<J?u5XkuIaK7c#);=h@)eRTSf*d(?AKQ;kB#I6tyiZS4h
zn62fGkeR!<{1ANDwMcD7d}7}qgv%~?w-S7*nkSPqmj4c6y<vSt+~7{cy<|Mh>4daj
zp4t|Ih_qr{@CV<34RNyuS&+nAYi`v0i_PlOgifH{@Heac#ibwQof{}_3ZB2<^fwQ;
z$NO#GZ^n#w)IG)2zuuNs@3oUFO1HtcIqxW&R0c)4iD+U<QcoY*ZdCK(kR(g0EZLrw
z?xWUhX<Xd2F7C+?E<$*hh&NQ9NRzF5J9q_rt?rdkGmqRc3)TM%r*NqEK_Ckm@gcp)
zWZTw>qyDtGJCi(5RnyNmDy1B`4LZ;iwjiMa)IHa(>MiqE99dSHTKfucLV?nkgL5Y$
z(6!zrjG4aQ#_)?8HAg~3w8NnK2(GuMc*RwPMIOB*lMG`NBF0eLQ^0y74cjCgxICy?
zJX1`Z@B6aK3U*arL4NR9d$&O&rF%*TD)y`5p(4-83rUigsYg4GWIWR;<HQfPMto3w
z&2RtZT2%+9E5TkQ(3e<5xQ~N;+D{#vi$zBIWN~SCd8j>#xL@Yn_oM;7?{R@_R88Pn
z-S)!LC3o%tX;g#r7&Lyi83<F+JUclRcL}k(kD%R2ZLT~#GD1a;AhEI9S*fm;+%v`0
zGwaYbfh(&2Yb7=bkdj}rC9+t*=yWtNN|PXe@vW>F3tnTm_O9dQvV~&FO5`jmP%gLI
z+xCt5!E^d9&#vQgHtcf`-@`f4i&QMn0^9m)ma&s1(0IT;X?-P4P3D+vv)s>l*HuY~
z8?h5TC3SLGdH=z_I|{FZ8EWZpzczQg!aG<$8C92i95bW77%hfI<ypEmm#a8PTvbDy
zd-B$Wgh_ElwX3gS3|Iih<8u%xi2REj(MnW+Q%n%K5<dC7ael>~f->Rqcc-~Xh2|H_
zS;v44G};{3QFAqR7u1aiyXZ|G*>#pE?uxW}@jXh}^h~|Y0zUto%$1$wYKWM%(J*yD
z{%}KqMYJ;N)B_TeoN%cqgOn<x=fNeyvf+Z{*ewaGcYn&jja&yM1dhutxy{NO5lyP%
z@2!7d3l{{h3*50jId$X*TCUxbntU=;_5GtY?-hF!0k_@2Ibr*~%NlPC$><PfCRX7o
zM6&yUAEHtWnxZb}{7uP^fz4^!@c`R_8u_Sdo#vz_zOPcf9-kZLtd!<x$TfA8wHC$I
zxTM5oI^=b{7Qz)Z0X-Y(n4R(o72>$hT!;e4)ZZ^y6$C;MWA1Q!-3YsMW1k$ZAdAdk
zME~`eeyBKYQLHO;(?khIaVIdFI!oje|Mv9kiXF`(c}f|otl?vYyH0s-_e9kD<L>_G
z5aaXw*5IA+P2bnY69$!5aML%i+tvDhr9Q1t@SD%DwjnHUHYJZ6ZM98EbK-Z4SLjI<
zVb;M0HCrW}?q9gCO^xr2@5QjQP>Gv?Otv1Wpo|6iPHqG}5PVm)GB{}6=eP1U*O}cQ
z)ZeZ@u-`VX1)lm=eI|25Wvmy*&$iib-g^i)&zEbtU8=k^ig3TwJ9w#M;Le{_w69H0
z!d*S1=x6Td9k*_l-dEc?UDmhw=~l!+>Tt9HP4Vat74O3+?Wi|hMAwwBcvT>_MmlA>
zKM-FKDj9b<Mw^Y_q@+)4It_=k4Ng;^Mc8E&KG0YHDGa*&^(`Vrgwo}%qGjv{(Nxm4
z!Ha<;#@fG1DGhT^TIgMQkznYq(T2@I!}yQ2KMKk^;a4I0%xkwZ@A)r$P-}nxyw0>C
ztwt|(6pe*65)!nT8^<18m|OFYSZgCj^}Pq>+-V6`!M`}))x|y{{n|1=I*{0o=OnsL
z-UjUj)7Xf#vGcEb8ijt$JT1Qi0qLLJ1fHF5HF~2s#b;%rO(&!afAwrjxnlLoR*665
zWV6j&!<WjxAl8xCG)1Wy_EO3xU{#hxL())WA*2lGq@mje{bRD{=in;5g9rs$gPw7B
z7!xJ8qQe~%FQ`0G>faL<brVPFC#BmVcff80<YJeD)UsjDEu?RxsL2!vIh-5z9ie$p
z8DJ=+dQ@(m!o*J?>z=l8+$#=6r*p4&u!Db&@8c$=ZrcB1Iv60~8mo_3QWdKYN)>uk
z#2DL4STJ3q0%tD=2cp(B#uFF8)dQ7z^hXorVNOOEf?+fE-3cZ<?q`>zD)%TpiFUD9
ze8+#K3D17EK<&@;;&8JWz1m*Zl#oXP)DyK<*7ctaiDO74Q-l^QepgD6p~ZZ(`DLl8
zXEL!)?{F<oPIAQ2nSTTq`;;lNNnS*{T&;IbQBC3ujAh+tAx~WwZz{oHtYU1iCP6|(
z3UhcS6{8YPi0wZ7xXmA-6MsS>(~b5>oE7uig3>fQt`EuXl-`cJ5keS<xefouHg!Z=
zq6fQHfp=@=eo~a0MqW2ImxtZk6hW6)xVGf(;BBLZi(KA3OkQR&$YI?0NHFLUTh$py
ztdP=Q7BtH>nX}~Fm;;^g3);mbMywOi%ahqBi2DRhwU9Ko{LkzPb`FJ{wJ{)FFT386
z*y!|W<PaVbj&zFHYHNUt8k+>>BuS{7iU=w?f`Q4sJA%L6DQD0W2U^pPU};y-56T4L
zi(z`PV|+uS*{!IoOox%am&&=KW=nFO?$DGLKgf!DKYAWArnyW%dZfX49O^Do))z+5
zVf4|AZVoT%yIe2oTV5!R0lK(yRn9B>1XKKmg_dP7M~o}8sg!}v>8VN+N`=gsWdT4w
zLx$d`p6A&fry?(7!#7ae;qAhxDA#WOb>Yy8m=$()RBg^AX(Y!<aknx`Lba1#_G5Wl
z3ZH27*)4lNHsSlvB!iyMCkabNz(tJixfg#X`HTi6ZTOX{z)*fJ1V;={QKUXh65BYO
zsr1=N%(5R}8kGwgbjCs5NVjS$4IsJt-+TP&@?qxTC7ZP5Myk@o1F`>R@Q+WlK#v~g
zy81+6UU$1`t&&)O6NU_dckDj*GR!1<>JB*Ke<{pm!lt)k5jn#Om@SQ(D`W^FWUuky
zn8?5L(*zF2pr|2E1H6oi&04pA8a|@5v^WZ(R+KqwcPi4CqmB4lS@Y9g{Qf`!t;H(p
z3sx*o$g;&)2g$p3b)iC2rWwMz6T)X`mD|z9^r(hG@@pYp+B1IZY0ngE>?8lydQT&V
z&AT$T&6v+^_gG3&SR0XO@0TB|k!QKppS(dV@7(zdd9|epCR@!t&>T5X#&t+)9dk)o
zE}S_bltxbFBH`MwV`(LxaOVjq*1)u$Um%5Nk}X#UJe3!z!Yz>-JEIn&uSUufB)~(7
zg|x&+A;_QT`2EOA&%Hz0L1u~!J2-sH5F0|$AO7~kWf$GIUv$Hgs0~+>$SOD}IMD3g
z6JHX!Fqe$$pht%(#$kQ=DnBUx2Ms~;zHG7K-~VYNt_z{-pEMp?K29K>XHt4=QQ;KX
z_cLOWM;{Qn2E_eeP5zp61)%{zUuGoKg-?7mF}MBj3RMCYsOb>#kE+&!nxDM*sTX@4
zAa;g*L+DT)RAPaVd0<68xW$*JHNXicQ*MJYU_^%vmB8MlsVIr+)4)<2*lQ>#ZKD|4
z2rGF^=UjM-1u%V7aaBfj)UbJ&bZG-uN)O-)D(kR#Ol*<GBf_Um@2wg*567*hq#yAt
zniBymZ(_gxK%W3OF>+vk{c!tIw>bUBUfAVuO3UA!dsjyrf^awK1DBtY@zg^HEgGE!
zK$@wTaPFxwSlaq!EfV<kqw7%qmDb{*mSG#$4?Re3Z$NLD=Xu~1Qsu)mzILqEs$J&P
zJ*hTJ)fyp>UUP3VH%0+@E>^Z*@`qcwtBFNVuA-M1tncbjT5f#+3wWBojR(qfSr#xR
zD`qVzH!ui-(VgiMrUF!G!RF+FK>6SnU%ol%(iNqQNHh<D7f2pjw0ea-GmG0St>cQw
zsYz)<b3#M0F_m!%WRH2CIa-@58~ajuU|&$#`JD(AGXr()`mgHX&~q`>jPmUP5hS{2
zq06ZGGU{O6_Wf>*X{8S$A!ITX6+X2%D1=LUdiTMue|q=%4X!QiUjb$igM_q_p4|a#
zTJjGp_#*C7J^L**w=y+z=5Jg^&4+!N>hcx^qq(wf-O?Aor-SZhQG4H@m}-oaZvC=^
z-|znXFL{<F$zO+wnU%ANhkOSME9i{8bJOx=PGLw;Kk~yDF7ZPB+FV(&uXnqVcHM$3
z0d^L?u-C6|WV(0_&wZ~Tz6KNWD2FY`jS1Aov|{R8#daiAPv&+cRLH#}RUVj-4{q_L
zrF31boW7mjc$TIb)bWAbK^(e<P!rjv&=(OUb=YQkPSQFO+f<dNgr-?V%B0}Ds94_Q
z^Ng024N<8)AS$S=W1GUn%r^D6U#-@%Uq3F~mCy%)4Pw&^L#$V7(*1${A58RAZI&hu
zFvUBG5Sxrbx)4WBkMsq^-gY(3Cb9SwOpZ_NA@Y)R6}-58EnEOYyZ-<2_AWeb<XD>M
zUlC?8Q#O#agYhJ1&{()^SJ}7hYOk}px_1|g3%(*#W2Ka<hpXJUKmPKNj1V)OhY<?y
zy_i9lGgDtMr1*4r_?_4Ne!W%ed;9zIOP-$_Wr9Ka9TKZT+g9)`zKRX3eMoho#y*p$
zE$PRHZyPG`&cU>E-*XjA#BRU-r-@4BBddFUvHwUzXzNY%?n2w?ICs*TH?R7P?|bM#
z`cbG`mmcx#_m79?SF4{++fZVA57nlRUbec1d|d1H9z)8IFZK_g)ZxYI$DvK=-Mn{v
z+}#*=31<PvH}lX=o}Ex1XE^vl?GN6v!#^fq7&&3z{1EAL2{@=#UD8Mf1<kOkc?n8W
z@QbrRG=avh>y5Dw?i^k}7m#A+6uW^+K--!|kq$<x)uv`dNZpWH>5liMVO^I#fATnI
ziD%?2q1Xv?il#a_4{w(3#GA?t$-v`>9%6tSVZUgw0%Cd4&jGCQSkN1}NLS;q>fS=g
z%^n*2>M?^aGz0dBwI2?V-TBTEe~SFB(UhF^D)$wI2;FG+4{CRR7F^d`ZQrV^uo&BG
zZy<wfWnSF8aQ6LlXK%($nZH^Yci~%mVNb>QH|K+}{q0d9+AaE7;lXnhGUNN4m(?`|
zpZ|RhEo6v<HtuAw&gZW*%+<iuB=r5Ws_9f?y`dInyVZ@c7Ne1jv_dmh*UD5f-M)v%
zNnSi7$qU6!e4Ek15$EsmIPG?#;WvIQpE|SI`LQmr=Z&Judixd9x^K>fb>SQIahN0v
z1+e!=mlA(xK$P*34wx%Dmh7LuIrg_#u(`P;adFc26yjb9kY7aqMYtakE0S&zbpB31
zSPqg}HYb?xHjJten{XeGdx<~1i5IKS-`{6=uPbqLvo|-s(qJuawz~tg`|zXU&OtO0
zGMIyb3|8tqGh_8^_=KF?<fJ&SHaV+ta8BRZlfo><k`WsyXok(m%deY)&plZ^JVkvY
z_UWZXXY?)0ib>Wrk_f7LQq#hop?FacsG+Qsft<Q@vqK)|)A5XaIutu$CNS88sQ~lG
zdZ5>PJsfAe$Naddems)x@t4wx5bJ|8HTNfJ{oThi<ee^bZm;<i+keLIZC-fFkA-uG
zr(2f}7jES|AIB%c9airlf6m?^*+a7lcSGZ3;q&_q6XU}84{6_!F+o*%%DOzh9Sa0W
z*Munx4<c48DbyDU354MazHV`hZtdJj;X$8(N1yNcHeIoiYo!Hplb^qbpDC6M`#?c6
z>`6uf--l`V|8Hjs>=S5&RH76$F<MYkYXMzV6(^0ZnQCRn=|mzSj}r-bMj|1KoiHyL
zY}RQakw@rl$$9jm6I?J?J_@J!wDT~&@xg2>w}-msdx-Tw?gmkl;e>84->>)P4||8_
zQ~f^7A%FZ;TlJ^CpV1Y@nhO{%0zsblpT5=)?=${QxM|q$U%!9zdG+k|MjQ^Vc+nXm
z@@5C=EUVA1H00(ve2IfkhJ1;aqz<B>8DHXz)WHwa@VQRGIV?Rmf#mMy?nnlQ7W?jE
zZ(J0nRdw4C#tjUHX4XllI!!8WodQZ}spW*c8fPx@jLbz8JDEV1S{3=uVu*9Q^xs~s
zK0`(D##IErvzyzGyWLY$f!-x9m*nE|Y(k!wO^B{sQC(A0wS-c|te@CHIeagPvM!^p
zD{i6bx(gm>6Y`8~LKHhq1`HY5@^lFXdWBRQ^>shHhx*U>5>H!cA8{LUdd@RbA4cqa
zw?pU|_x4@1m5hNr*iu{rirxNby*4M#hLk`UBdL8Jo=deI$F^Pn^0$Le`h!9bV#1it
zp)BLaT_~xxD-O+J$GKBp7xKwY$Aj7Qq3^_)@fS)$;L1oBar8+fq@v|XempP94_&#Z
zjZ~(jgqvEBx-gRPj&+3BWv$Dy?buWVD^Bv`8A*O9cKTa&@gx-#F-$iZ(orqnM)rBa
ztsIx{_wKjO-9PshL5PAamNdZ2Q`LB0TO)MkvXD)yn%4U0jWxgx<%IRDBwf|0hP6_b
zjHam)XNU2O>@XBNO_do5V(H9o^a`Ig!s|}Zmg3Ej<@|Z*C=sG>zKPJMko!HOV+gt)
zbozmc&?8JlfL!SByI8;kcGtkf9qxmHyb4v#hx5egkO}dywUO(OJ6h^zXCVwav;^J#
zXVBe42LeCE4^*>5)EvasM2uE7)JqSU*AEiGM3i0~r;30ea2yBFub_pC?+6YVSnl9{
zXa6_aLc+zr%h?u3m*M4_V1x(pa(EEolX{TBZZB{Lg+_LDBMxhStO%cNcqcA7&i*g#
zckX_Sevl*YHZqu0Is~A1E9JVAKZtritZqb%2u6d%ZnHe0jOVp9LRZ#`HiD{xbPx@w
zd2jcfLMWn?ZaQ9dtyIa~h8Iy<7yPi)gy7gI6M`e>nh^X7(81`(p{Mifq2J)E2R)4-
zdnj0ur#g~7X+-c9ucL&EkWgjMzmLjoeJK;9L59xRd#K#=Ll7fB$_LD$iPGqW!D$@?
zFYpXqpUoo(UqAT-EXbpWa@VWS;W`Y&K7TK6PHXKtbNUpjK{|7<o3MP*6oO~IS;5Ot
zZ}a@c$_Wd>0Qmo0tv=fGJ<KmXS2RXB6p+$C)&_^_7k5)}P!WFifrHT-jx66GPQtz4
z+G{@fEytfz!d1XQliza(UH(1CS8h#3Wou9BZ6~c)*>Gx)@b+uZ4J#Vm@J^-EH+ezh
z@A>k)C>%TeJx5ccrgb+Q?E8@T(>sLEBbp(USde3agJw`7YgiG!GFL{^R%oIrYf0S~
zf`}4kE^y98YftiBm(*c-QO1;5p4)+AlR7L83#oF~_7ST6`aalcoErFb4nCXd&9$|5
zPH+qv7uIsRIUrE=?OJ!7r*4dSaffJm_~X{6qB?H`Vb;aD4mf0jSHC8pRcY!n(sdZ<
zI)x;vp@pd{L77OFnen2EiLpFQ0LM-c1C5OTex2e0o)K{7!NFB5djHxdWjtzxXFbX<
z#@s(n6dubM&J(&Jxx;PDLn_@fADcfX1^)i=51`m}=tB71?((6vaEe6>;@>!E29Gdk
z*A#Y-DeWf13vGSNvLlif4PmTly0*9fuafB|yr^RyEsrDP*a;pbmP9Co_hWGsatFMx
zuYEHT&ztSoR@L##^|*2}#v=lGve<w8;Is4HT!)a-e)s{Q!o{6OaL5cIV9;@TVyDV@
zdZO!?TKleoX(BW+5tc{%aO?yT5=$aPKx2dv5&S$l#{ici1D0VR$H0g6Va&YtwLIgX
z-qo`YZ(e=6evUl)1pzM{G~?l8P^C)-t_Eo(?MSU9Bli1Wla`uN7*jP(m24Wxi#C4v
z%R@#ucH-e*8ZW{TuOWB&6%;>=#VGcl!y|vMKl#T!bl~<CC+5!VZ(LYuz&w+CBfgLu
zh>2p4e?g212hDi=7*ujyby_G=SJM7Zt2AM{<JQZRW!>6uKjRaRzl$IL@*ok8op}6c
zgvfiDI16y#*#!K0{SOlA%X}}|qq*@NdxuI#GYrdoKRA|S%~9F_TpSI-Av2yoI=rIN
zj2Xu5DWj95?x1IODH;OZVmrZ&Zqh^Dc){Z5zdW3QV<(<J8U=9~<P$C>IwakHw_U;5
z-A)@&Cx+bbAp3x@0wk~&BKUz{ukS(lL7w-5pau?_@x(ExFomf)Wr!)cHTaZDBCDn(
zN(do4E-7adk|K|v`0}U(j-7boXfVS)ar|MYa1RO|&)N0%%f3B&zs_y<H)s7G#5JhE
z8uEHv{VwwC7nC>Spc&5|g9^zguS!LDub>s9efFYb1*zJ;F|F*S<Y}3S#&R;vkdskt
z`q`tfIp6jq_yGYzJB}w$dFOoXu|5O-{DVFFeS!Sy-5=W@e0T<W90GYlN)_n5dpEk`
zsW<m7aew%hfI_B8f<kpuR88F}qUzcj2*XOksXZ8oj`l@Qm6)i}<TTbIX@(YwVkby~
zN|<Q_f#TjqU5#D8l`yamo_najaqd9mKl<JgE-@mM8zzEP_{xbVzfiIKH3984?+e{q
z=bvfo4D!yN0lDDBw4&pE*RoPI=_emcjx<AZM6sWe$pdc_$O+qk!QLMp%q4%?Bn+p-
zudcI)^A`?g<CTM<dVc8C;~WR&`m;lrbNkdodY8DN1SJ+1Ryk;fh>fnyO;2@W7y;3e
zfNW`P2~~tqCJRwW&@9u8inU6bp;e;TzmD}S2%%8v&F8uQ9lA+F`-$H_{Th`wz5NqX
zz7CK9n`pL(Up?5I_%aYjw2MTVM35_YTXGNiHwP1CA_GD1{N0Qlqkf3wjPN%^nnLd@
zLBHi1B?>jNqlKtCqNJjvE}F(3PqjUs@TwIs+(Pve7Ae*!X@*9LVkh~7Dt3?f;|vsZ
z47iv>6RM_IegD{<x)~=Ej*W0b9Axxzz?In|c5f&exeLYXkO4AO+M)gv6p9ciAbY^=
z^DQETTu|nb`0S@Ci9zkIXv(@Ttv}Q=YtmZlO_xnYO2JD}iq2@B4!_V?Eu|T1DT<w>
zB&s7$QW7WOgrYi^gt0Bl<)9@QDIL|~4I1Is5<wRKAgB3-LHn92>u?pMt^119tZ1N%
zWJ4+;8|$1Ev}`9#UM$Gc3_%vfPVx%_zWSW>!O(kkZ6KYQ@FNHY9d<~~g8^KwPpfN7
zMvJ2GFZV7w42BXnXO=y<5;Xt#^YaS+>{_Aj9x(8ky<>lld;WAeD}K|7jdHn;i$a^W
zl8;AdRuzoU6thNXavJNnG(*Qlu@i^32_1LV0Ux`Db>csbMRI4Q_TzbS`&fw+Ja&J;
z8>h6-Qv=Sg`sCB{pIKhId3lfeMfmJYqY-TweIE%<E!T!oXlqaXaOfv+>bJyFa2zx}
zaUOlhLP&Ee)`n?@HjH8?IED7Jy?|5LH6{q<tMK;*3N+y9pEbqDRKvOT>HSAfM1&@&
zdX3X$xuA?fRc-yDss$OjYDuj-N_bB@!rQ_aQ%Ek;UCTL*1!bBcD5Ka3nxHxEp{G}x
zAQ<|6A5L9Ursog_zdqQ}T=+@&Ia@1tBdhmshLrSkc=GH(g=U`~aQ*SOPcFH0ucNL|
zkNNd#C^=fa+qs#UZqAFlsqO9vs<z+dU#y-zX~o7dln6hU$lfSu217Au$3V&yjFhc}
z!LV&bL|<4#ri5y^*C>(<Eo0fc%#giNY?`5|C7)&`iueG|jMJcY{pyK;Hzc^k5pCB3
z1eL7OWpEROLZ%-u3T4{#%32;$Qf+-^s!PI)UXrfpgyBZWx=6=0%2={4GbC#iJMn-Q
zO4cauwQndI<Z2h-@Gec1&;SFU$ANyr_sTjq69_uy+LgTz7=#5&Qf^Vu3?5)mU6s7=
zI3qB^1-xKQL<2`DW&N1Ct{SS76<55B1?)0Iz(%nXJh*g#BaV3Q`i1z}y3j>r9ZGce
z=H|2!d#E#lqWsXY&$awqJqwTdxv$jmzx(z2AJ5}XfCvY$`$%$Nd3r1g<yx08p@+aU
z6;hYXx+9&Sq@k*jvNrX^xH(?Nl5?3MIiuJK4&ajT*&P8<2ImBJ1*q2a!`AlJP55Wr
zCUneN@w2DK>K4$0HanOI^6dAIKOCNqjV^bHAcN53ay=P^%peB_ZCI;h$tf|4T3=OA
zO<30&(p!(Urb20DCOm;yPcAd`WE49=j*D|%QG_)RZ^7dK9focUJ%Rf5#(w`@Bh%=Z
z67pOi8|pXY`7V)XQP7Mhj6tC)u9HgJ(?|z1lmukQ%Yqo8+t$!VSGrC=;aHw6Gvrwm
zJMn}unET$py1)PV?^mmz#uhL5b4PD|{6=G6;j!<MpI2+Q3Yb_Q&759`Zc{IY9_(-s
z@zgOo%w}}6eW8%++t773s^I+D%Wa{p`}lSs!d2NL%e{a(?uT$Y*p7p}!GuX!uGgYa
zQ3@@os)#NtyWg~;C#-A~5p`{7%bQ;7bh<<t>$PQuUW;NU2#2b*$#X9b1Leb|MEk~y
zPC$d?$w#`!dMn+~^?^+18jLZ9`5iCErexm-m4Ke(W`!{3a;+AH%wP;U=FJ|mYb7bs
zM%JVTai6KGCyLg_o>i)rR}&setksqoS}ls5U<^92YX}ofPzPVuDGNgY2O-YxbbQ2|
z?;_$)lLQq)9<j%rjGSZCL!H>+ey!HK6ZCN0_<yZLGM0pYKB>)cxq^#AOKvJ-R7ofU
zX^wS*u%hdTC}qQ8K$)o13T_!IxMhZdi()63hQZ#v*<FW}i-%G2bgxMKg4P>?YkIjJ
zy5&F}M+jFAs+;}i+dn_QgdB{pfk71^5O7EZMEI~I_ZJ1t-~$G&s=C*`b$?Y^)lfQE
z645p#>0oj&3=Xd4giaDmwPl7>i()7EfWamV4hHiFB0YAjIk!?A+k9H1aPZCRR?j}Y
z`ulU==E4n0dD56%4O+<+_{-s?d$)DHdp-V)5M_yCih^bk1%p<)G6kzE0;8j0nzSaO
zpb&}fOA4Kjs7dyi<yEYhRvC&ZicJ#*g*l?UF+EIwN#!%37YO~QU+J%qgs4})-MSe!
zZ_HpVo}GK54(qsW%ZaTk@kOj&UB7<*=y1L4RE^$biZ3W=nlC7nD<w5+IVsy#SeHiG
zji#%6A_V2Kuejz-+6k^=0TxX|oWqx80xSyir>?z9Q3b=E`;Wi+{MtS6YnOE391O@x
zFd)PEX*w5h;lW^%kgjFPce~wLZ+q>s79K46^hLrvt8XS6uZ#q8@U+kr&6exCD73Cs
zr<mQpxPsoay|qpD#SIarDQhXJTGwg$ri%65Dns8zu@f{)W+z|&w+|_rP4q$dWBObV
zVV}bZ4(#i(4NWxpRG*y7ZTUxBC;4Y?T-SO_Zs1%7{hGhTFNZD7-ty|VH*cT6SUvlC
z{p!~Te-86pU5hB!#2TX)_QtTeq&Q**x6tVejiDv2IFTAE;bcJx>+QdIWBS$<b!EzQ
zC1e%r##M%HjAAFag|=0InN&Ef&^vX5?}mpTJ=ih%3dRJP_%C0~w`gn$On&<6nwS3(
zkFi2XfZYa8g5~-!3KdmjPg9f;)0z_UjjgFE+m5ut)NRYDVJv-Ms$zY(%Fu^V>;wrg
zSlU5GVUJqqL$#}$@HdX!INfUqA{|cmZffggUd^ymJ+U{L&H4t|;;#7i`fr%+SfV?l
zpc%};+omgCmt{#RLm_RG7M3|xK^PUhrd>^&DdxnwbCsbxqu9v~PN`K9-puWzAnw86
z*{^{sZlibud(YnJ(-vBm!93jK?M{yc_Rl`QdjDoDu5`yQi~*O+z$j$K^T(i-={uo2
zMOs~Tq^>G!IU3awp`@|rCu!Ouoq$=zGH{h41EbjK=Z^}=!$89aQ&@3UVApxfil40C
z37vM1J2JGp8)lKZYWtN-NOC7`V~$}^1+ZrrO1L!!6MNB{Nbq90*o#78bW_3ligaaX
z?Lw^>;jI*;WJO8qh8MI>j%edmEcR9zVlRrF<^_gKw{1jWF%4iu!L9ge2KC>5_sw>9
zy18Bb@6+xmLOvX9BI7HEDV6r6H}+$4eHio;9b`j#8YssIMJ~^?MIkdNf<ZO&v-(Ka
zF({I&?Wu-Zr-L=B?FDZnZznv@Sf#BpR9X}}mGPfi6d?zmn;YdndJPU9_z`C6`Pk6g
z>wm0Wi1Gy5iZum0?FN#EqPGBYS^Ln7bFFSyclLqW%k@3fa6S=XM3Vc_n@oBa%Y|DM
z+USazrs@d@Eu_}0C8BIwm>?y}uI@o+NmC>iZmSI87R63d1eI>*?J0PY?i0pjoR=;3
zE>h$ua|=nX+S(KFTV40ja1w@vp($LL-+H$WP472GXxIMOmjrkN1uufW{M((z60^~J
zP10t$jEh1C=?(TB>y#+Qp{=MOv~P7&(FSyrByH+g#;r4CTon6y_ax+P0^*J`fJ@K?
z1&`%uH`Z)e%VH^Uo|QD_%f;RYE}@a|d$^Z4qZ>x<gdD1;34-2TiXbRxnjk225X}gv
zA9m}pM;9S=N2Dxh*>@7ek2FDI-L}rqZBcB3AW6-3iXbR>KZv$rWQR*;IfB?9&L&VJ
zc5lrBjF5H&^6h}ozK{q9up2-H4-_$j02p*owg@O6mH-_k!nB5zMMJx??LhcQ6ChSp
z>kLH|#ij+1)RM@P#}K2|0k%J6$cJ(+KS_^#SZ}|0G0Q)0Kb+gY=2tJoUx&7%$U|R}
zC5wV)Ja-H_h*<=53%fm(C1I5{0TrV~Q&t7Y7U}06tDSX*+KFN(TYaQfMIQY`w*^Q+
z8;V-am3{UfkOCi)Al-}vaW@zV5l;_-={L`?o`2}#_-O-$%y{w`RLhpqj+Uh5g*|N)
zvL-@Qnn1v}s36{3r$f7SEOFKu5+{nC_{JwCPDqTN5#B{F62iO57%uJ+c&+^Rk5idw
z=<-QBuw1r8p*53bTk4i5)$}l<rnCo(rXrk~R)^-0X*R^NWt|~gqSy&GB-3Sq4e8)5
zijRV~do`v29nJyVkObmHsZ2I3={<mgX0QQ+4nj2nHIvlBdV-?W73r#qwvFmQ%uKT(
z7BTA#5fjBu9Wzm2Isk&gf<1V19-9p(M?X7!%x=9bYXe;?u@Nj+CQ&G3eE~D0NvX8m
z2--?n-(M=iT2^wH0?X;dS3g!J>kMTQ#ZEr#d5NgWVj1)rZ`|Ynx8Hx*S=W9mHs6jg
zF#gqz*`~6TXMgRNq=}-S8BD;Swb8tQLBFMfi2}8%374%T9ivK$-pv$EGa(ir>kI)B
z#ZEE-1O6z~m(zVjgn4okdcEK&MoN?3sZ+>Kc9joNwz71Kk6IK=B^XG8`w%mTvqY9e
zK{JSh%94!hy6FVrWd|*!c}KXWloX{Bx)s7uI<a5GvSghhOQP5b?*Ucn9vF~04rMCE
zbkdttJIk82o81)UzT5L>ZiXQK22)g7E=8hH1MP;P*|3IY!?hBEK)Ye$`VEJ^v`MNo
zu@u>4NRcQuO%)V2gB&RKmG4;;jhKz80A&e)IKbR(FFd7~^fUv|wNng0LDLLCp$eJ~
zL(5?aEr;u>?Flz_mvLQ(L(|zb17fYQ$<P{6>;wandL#bu(K{6fpMvKF2FQXiU&ZF+
z+j)S><eP||g~ef%nk540Q}`a@ryk*vPxPK}7Zioepace0(3b-m3`46SXkA5#EP6^@
zkKxceG);+EeQYw+M-)3jiHp@o6al8du_44Dh8o<V3CrqPm}qn^)qXh)IdTzFH(=B?
zZFs&?Fl9cB0UW#&gbA1TnMENpn1E(qhJI3(3D9ebQAR`|3L>MaR%s^0dSsKKN21sX
zCR{8=qKHR1cdtMGvU>J<=pO9DOd66aeGP%jhjH^r*1gMzG2giqdm|3J?Xv^c!w$WZ
z<QB19n?#||cAR!~M>LF0u8Y=n9k++ms!^Ky&JJl7#M)$&p-rOLse=d#oLL)*;zLIl
zEe^MGC-%NdG0dV;yFJ!JEH0(Aw7R)HB8Lie;e;VrE=Z!#VS*ij!9=9y$`E@LrKHo6
zl}%H_T%t4uVnMRW5F}CTBn418ZzcsWe4v1R!0sd<Hf9eK>)^{i%)UL|T4&;Rx6%Ih
zV(jqcUYyLujpnjjd-LgUtAD#W{s$}m)!y#co7G2ix7&X^|IV2m_^B)Y6$yBt?<2ve
z<)S7EZ6&LXX*B8UPLsOSoG`|$r$Lo&G&M~vCKwfqnoWkNiDD-ig^r7w$*75h%#l8h
zC2?1|sGF|cUfe_XzQ$MzAPtNn?wWsvd05BWwM(85V?y{yNMD%kNr&*|a$OXK%-{<K
z<!!@F#aqG(15Ko0^o8OTY1*dKMJfA!qR6O;b<rk67e%p?e3{fmajHxtZ3d$QmLr;~
zc|M7R`1k6a5gW+N3@`TsbIvUV5e8hIkcmQOFaT|QTFXN7swSeU?H<&XEs>_<M7Oe0
zm8ja9PcR_XLz@ge6va+500a6$vmu`wrvZk4Jv?+|7a2k#zKzrYns3M5yTi(3yTOq+
z!;ol4rSlO8;mHyK6a~#-3I>&}kV041LI~YhH&rRZxuHa}wr#tr=~Oe}u*L#tlOcej
z*h!`=E2&3e@B5X80lUH5Tzxkm4fcm2$>QHv?+>f5pN;EAwmRP`7>t*2xEcNwI@7P-
z2OrjFVh!mSfqefJVGDMvXr>j4m_Zc`%G<71jnRZPlEH{~OO>vwtYs-B6=f&8E^SoW
zSO9G^1W*(^MHLh{+LQSK7W7(UKCgLL>Jfq{U>=|m9kA%vzy9W47s^W?zjW|Nh95y=
zHSTxnix*L#*$irA&^yF8BNQ^t8x$%ym4@~efq1PoF`_22RN4h>rIZT7wQ1hOvT2(k
zo1)lB-Xs=9*fBARYcM4+?;SF3H*2{U`*mpe4|VM>ch|LSaV)Z2aQ}6_X}`8!(0RlO
z^7xk&y`!KR1VEdb1|gKNs)S7L(h&P%N|Ya>)PqEpCO|BbwizNRik&0?s;&-(V+hmY
zjF_l?4?_C=?%?DOa~ON8hal`BZf<w*Q;~M3qf71E^$%>#i`Cn;%j{e~8j1tWr?wFC
zg-ZDQ-EKqR;xP5kuI{dhaA`@}CkmRuB@8-9se~&Hov^ti(t5RoM)FFUOR>z_X2`54
zc9KhInfr974ix)c3x&zbW%%Lto7}H;NCeXlQotc+EN=MmZ1@FQ@C@|^d-HW|{y^ju
z^yZT!TCUQfP&XI6ZYm-Sq>EG)C#+_YxI{w8BW&ozjufl3ZH7vVVkb$IsnVkOWkh;B
zr_I0eVb;;P_hGn4ge6NdOHt4amY{R8%BF%WQlbU7+g8<SB2-<$Fe9a@?zrITJmWSN
za@!0c7sXDpB$-=^lLLdj->S_?U&M|zOc-DLs<Y5)Au3lo+AYYzqpj+1{#EC4B!nkR
za!ygu44z=nVaz-ctcU7X$T>9~Bg&qwt4iupOcc(yu{_&m$g?PRk|*=z*_j6;>|*DH
zWPc4mtIEZK5b~UP_Fy>CnHu9@x1n9@5aXQcy^Fu&6nmD7wJ4Orn0lr;DTJ}7BU1u<
zOi5g>5u_R^k&YX;u~^$?h_xs-9XCc{a}&?d3oP4;0;85@8=-fTB*t<L7lne4(lnJI
zy<!!lCR$D~S(3;{nJ_D{hTCRnxF~kA?*fXPJ}ph8ulh65`LsNohnAm~mngC*XvTBL
zpuy|V1d3Nk-DyEYT}cvo9TU!JtjM+*iY$tqe(s4?k>`ye-nks*&1UuH^Vz1aq%qsL
zjfR`{aXultT6!1S3&pLj#zlf}3dPY5t&LiPl{nq+w*PhYKd(Q3eEENwqg~pFyO;mN
z?2o&bzZ>}Xix)5c7s8n(xv3~<24^s6V_FGWhy>CQA=#vcJ`2_vf!wsVa8vM-oatg|
zw#$%aQS2mVP-MDC3ko}X8`tpdADgPUyhQLNzVEj(_Mmj#dxB)*ukl`p>!(S8-av{3
zC}^4lD71$uhcM$1^fs6w)ey<5l4wXvgRC?*F*l}*b=EFJXGO8oB)C{;MG@}#`|J@{
z3mcyC{YF^(;bzSluaWKghjbXN%+*SK-FbNg=JOuK;mZMbmb;U>h5x4e0irjCtM4de
z1}iY=Ag~fp&R}2+BZ4bUO2(zptpwpL&5Brj?J~qy6g$ldH03mH8Za1810MN}*+FQ<
zXO8&P<kh`c?|t9}g1>f)(ZaGu59AnmWVT<|``s2lpQ5WL?ZR@&6on45C;{2aZVq)r
zxG;*a%KDU{d^XL1STgN0BvTYS&47!OQ&9vw{L((qzPFwO%#G6;y6>+J_W~MZNOSzd
zgdHMet6w=6!u%<qFzVk|w0PnE?<H-W-$8l#g0^h<)u7s+R|uCuXmWW`JqnpY5)3*V
zDf}q-+IpabYr%=DpH|lYwC-n`B(WsgWk{kZcA6x~y84Gx7JmKxRmyUp_rJEDXndvB
z&zqgJ*5k7gc2kJwj>Qw(AF%3vzrF*T;;QLJ3xf>M^?f`1f%UNR6X#+4HynfY4yMK5
z?p?FFZOAVerpdctvFrJQBo(0VF=?Nc>#QhrIMomk(nwv`kc`55r=&5{G0@S{)Qff2
zE<<NUvD4JUkdp^p6geJzeta1I`~Twbv-<ez$Lp7`cXxNcLmtA*kLGAsUaJ@D;Slt1
z|D|o3s``%?E95MMzK<lGmdmjybdX#LC~MZ?VKDhY80-I(oeD*KX*$JnY?mR&qS$FV
zC3^r&a|(lpif~VeM^WXtGfeP>tQ(YQ4sjoBlfuO`^hT1TSgx|7&_PM{C7ZPbFIdB5
zJ*e6Yb$w}4#42l-p|YabX;NUwX+BJJ2zZhY4^j)n_Uf#<hJ!KG=hz)+i`8SGt0o`*
zawQdoO4)S<RBM7vLh4>hB8)v9yMoP7!Iyscv69+lD5)rR`r#+jVeu!Qm=<*&t{e9$
z4oxCguBg+s#}DV@@by1G^)YQgev4u=pElwMRT!Apf!z?A%7`LnFap(BgC<5mGl5!e
zWxZW)h)Yv~ETy_kXOVQV#@c0QtSELWWS3eL;R1&E$@&OE<2aYyg8E^dk0C`~i~}>G
zm#pqimMPZhovP79m&Tv^a+MT?hB&PttglN_TkjGoxt0B&Ax<mOn*fVdQkJ2TqS&dY
zjsnwW0EJ<Xe()~O%|P5-m7$^BW~aV{89?T%J47qx<_*HZBaAV$bV)c54-Pg@lLozM
zlr$(}nlvahgl7x8WfY*EbP5ulIf=rv>C*{|RaKUus-oCQ(p)U6qKKc)C3!|aq>TT;
z?i+XOtv%pw9{Pv=w5!C%fLH0Oe38d~aa&OoG2^kLvT4U%V-EtIJxFc6L?W!42;E^M
zw12SfL^|1>#j+{OkWEqS<YT|Mv>!zz9{cDpxCYa%yPR))56^$+rm-K6!dGtkRQGga
z2lO8B$G==NMWG>{W(c(PAhq=qA@{2$E}ll6?~raQ%wo-yWoV`-cJlF~X{NKXcu+XT
zg)rzKG&0|tjrl5^`1xSZa4zIfni-@k*FPrI`T8NZ!(Sd`3x&EW`?kZxIi#`byTr}o
zBwDViqR<eJ(**M0t-sM2BC67EBIkHqI`qO~O_gP6swj4nM5v^i9La^k-Vg4?>h@&)
zj$r@-Oss`A09$bv^4{P6`58EIyW6k-DbAz0pb~Eb<+@Ih7l&`dnB!qCdpNAP7vG=u
zF!cT9>44D$yG@)X%k@tbYD%Seqiezx98Wt=iBzH>eXE+bVcaxL`gqD>{gY+rpD1>c
zCTN~1(BujE9cNCeo9THTo7+|3aC$J-nuPk?C-@SY5ZwzmnP({Nwa({Ott}J1JsKr@
zZ_Lm(=x&kteITsD-U805<uWJ=9a>F5HX-a_knP?pMxvl!x+NluWl)wOgQD0;RxRs<
zio)KQ-u~viBiY9dDS?&>!RT1;WewGuE}1kOW7gZ%d-2*6$y%&$Biwtjp-k8_#}#zG
z#Iq9**jRUHeiQl)fG*=Ezu1dyPj}KMC;)*s8?#yM#?K6Cg@e9(oPEpnRunoUC=$qK
zBQ<2vTX#y6D4Lj#IkQ-AWf^)aik)O%Vo`*6D8fyT^xa7uw?_Brp}b-r^sm?dAir56
z-gtq<<*A4j)Ku8*@wc_v6S}(bquZ}s3$?*T+QZrV)u;CdH|zoCzJ#lN4D-9;ZwO_u
z`^G7=T%|>!LvAAhnTDJb>c=QxC(`o=S*+5s43!qePB!#Mk-llcNgmXGeIJsGa2}!e
z?gyH}1k2E&02pv)lRIA%yE9$6)&<TP-?>Pz_nxE4xlbD+e{dTz7!L9Mj>*>-^zKC8
zNGbw=f@W|FgAVE*0X4^(Bj}(5>Gq}?LxK~Yc&zub480e{PIC)w5PR8dL;UV%v1`43
zK(3?sVjh>RM`P>28UY1EvkYl^aM~hMcyPIND#4*8IkqTh28S@{AodZEhDdE+Nu-dB
zL=nU^hj^?W^9=PE#ZGc4wd&JsK@r!M4Xzd=YI(7-yV3)<XmF^Y9jG5ZGVW#9Z{EBH
zkI4BxkjUc2!SQm#4648tNOORolppI2qH}P`>}dcz`IXw7AVKf!(IZ8u=o?D$2?b5_
z355<SA_1+5)R4U`A$vOtN~ZJtc`PjR3}G3?PV?zvWf?_`JtN_e_0^KbPi6j|WtJLG
z%s+h4PDSk1t#zQ)5scKc;8;U-$R27%Fk&oemw<w15CfH-d)i24Pi~YO>j;U$5YaG3
zIu4UH%d+iQ`sBuA>6vFp&nR}97#C~LC?cHN+_=N7T~!UH0*+cI7=HKX`tEc$jLRGo
zo}vWZkr$)Lh<L*2O(Z$6Tz^KPx-4YVs)lsZG}d8hC=o?(Pw%X1RKr>&CyKv#tUvP%
z{Tanhou5$PbPG2WdX^8PuAuu92su%ozlSc%<4p>NpM)1$=fmYc!0&oL$vNst8c+Ow
zHeT~N2mtr?O4x)n{C%f5v|N5hp;Rl{2&zcYHHOrN_k`6{5T%rEI$m|HOsDknSbpXi
z@-vE^OnX6*$%!cVy`CrEef;aM&XE=F91~>YU_<Or2WwL{;wZLecRE-PC2AG;`^UrT
znT4-Dz^k3XdH4DstN&RS#fq%Fn7!9mD_Xc;d=Ps$evkRM{|noHE^l9pLMB-Ai-#Wm
z@-G#->4BfVw)XZ3_=jou?eTbj`1hADp^NwS#obVa`$FyR{O?}g?KFIEUydIv5&v}m
zt4Ww80N+<)zk+{$dx<a~d;6;4otp`ybV;piRdj?~UyJmR09MOhS2`WM<*}m9GZb|c
zJI(yWstD^*#3R<j=ojl<L)mOFb--rVYT1YHw!q!7W1ac)2qTB_P4n_DxhP}?ahp8i
zPQa&$doPZ+hnHhsOw85;fzN8c6&vDbc#oXM7>s=mu3;KeJt-=|NL`ka$hxhFZ<r=j
z$$2_KjmPRe&rt7C?6ePvA%Fk$Ysz?Iu=jl+u~^wFjP(^^6w%%KCT#InE1~}r64RU;
z`0=;DS!4cB->`EJ%Esm!BAufvCwK1U>NyH^lgsK#6Bud*Js}hk(D1qLini~Rn`xDP
z`muV>Gt_ewJN@)8md{ZHWE?=u_d!L?FiB+irE3pAPBeSg6van*?<!{OE^~N(PHA(M
zGh?6+c752r{|++<{7mGK>NxDz2v?RQH>02#T*08GrFGjdO<;}{czGq^wBkgvl2Sj$
zYQj>)vN_L?%~9<1UYA%E;mSmN2$zF$HVL6+o^UFFYvT>i-MJU$Zhe3_@bI|ZVF3Da
zjxX~=uFfxbrg!cIL78%y($FH!oEOAgyd`=#3YtM03@S`PO>3a{85}Rmz9zgZt-UFk
zqOPrcna+geu^!Gd^l%hAO`2reUpOC3H;KmY99*U_7TX-{vtRwRhEwMHJVD*LMS9e}
z(bjlZV=k@Vy<A6E0b$<o!m;&Y9Jv$6qfocbR;~BezHMB$B*0*s*Akr^1<mlo_;Nq&
z*Tl+hngNH(Qv;D>p$Z~9RT8EZub_i{S)^pq(jK}-YPug5QZs>_pk@L&GICZnOyWYZ
znG<$9)8K&`{irn6$BBI{pzFUjB)SZ4s&6_vP&nB#D{(V8!xEq=hI!~>h9y>Z^AFlu
z5@?Z6>RMExu~KC^t=poZRVt&~UYW)WTP(aMu+t1f2f$s*u!%m!j$uDp`}D~kdw@y9
z9O<2xRG%c=xdQe70P8N7<rAP8tfP6X!*DQjffubI&~6_xVg!**rHJaZp_&OHWGcPE
zUb&1}w^-FrV5eEPqz^{|HlFAX$Gth)+tx!E?_n~rJIMJ_g7zif_w6}EU1-nIo=}$d
z)$Y<y_Zm&y875sMATy{{=1~h<x#?(Ab63p@y&E(G@1JW+Em>8eJAay5RZOkL!GZ*K
znpzh&_(&k;vI@v?{o&OxjSxcAo6YLZm_WEVjRB$0rM){6kQwx;^5}!DT&tS3vekr1
ztw>!ooCwu-q%npGS{0nJRQ|EOavjrWahxE5ou&`k&UofFh$gJhB$M3P?eW28sMdRR
zTAwEkZN2rfUc6)112N<FB%gHa6E~Ki*wUzghvrZWZKd3FT(_;YP~7sY?r2X$s{}+h
zId2+W)M{e$YhsEm7UUDyX^LUUxfDa2D(6$o4RZILXnZ4@;H6=tx>T`GKxU9CL$Uug
zv9hYU<_zjFD@{pVl?@SsmZX-gsddq^=J6dpCRH1gYOzM1z)q7Yu_{6%bjBQT-~g=-
z$7W^6-Nx*lW_2(}kVr%K7hgr?qndFO8FeeRH^Etd*feIG%!)DU(#dxT$P7lcd5pqV
z*2?gXSJK)gm`@|^zc@9Llt$6o7}1(0m33jS+{KJqth*<$(~P=McTXTbfUF5ewAHJx
zV!a8=uKvdk2D)2DcnMx?Hs9j$@6W~&io@tm_ljVVo>WE?_mJSvLNWap56$5Z+Ok<u
z-Bzq1J!@M?>C;4TSrbWNd}qfCCMP^87V~GZ7N5XQ^XEb>K7sf#%B~n2aT939ymn$0
zq};#(?(kyu+pU3IWBXe3r`fCZ!JpsG?Yr08)!vEt>*FbC`qq<zE3DuWu2%&(^zV1S
zfj4#V^1axuMBjVIEA%vioaI|LaM<VZxLoHOvm?;>aeNtO<}MfT6QCJHWqCwJ^WmGm
zZKz?Spk+;JW4(Q*nvS#$GZkwKZjwPGdu1LIb+P`Rz)lnO!UiY_#5wnL_1g07Kt6k}
zK+EYPR1V&JdpM+cY)OyM1Z`%GTeGD~yoctH1Z|gMbY*H@5Uq+9I>#EwL9pjSU6d8q
ztZC{ZNfH_>@iaq;N3oM6Nv--cNl?TG$o^Q}+BXL#WWT;~SzSZ-l);uEh6BAS&IlAT
z%?O&OoTDoXN{!v*EhA*zk-D{JgA36S+I4MhI#V~v20Hf2v2so`lyek2&4>$A))R;a
zjBr~K^iZ=q&e1VriV~OhhfY9dP$Ey(Mpy2+mQ44OP|9m4-E+OwG^uK>ThZFTmTB#g
z#<DiekhM|ln5ZnEb*nO)jX|<j(l>yx1MivQ8Wlh*O?%#gapT}<oWx%5EirteI@A(x
zT@UfqtM>>^E|;iL$PAj~Nz~}d0%pdxLKDX79-<!=;bm7@ADMNH6qNOJVlRm$YMLQY
zqu7gRf{)>|{=ya1+T!`i3Ha!U43V^ZafFyzC<KPft{|o9T=ueAe*x~Sl!28uj#bhe
zU8{0PTz47GmU&kz@K>yX+K8=kKSQ?!Xq}<Xt=+=tYlMiGi`^(>1`+ebZggc`SDZ4=
zAT^j-B1-Gjw33oeNmkZPZN1`&Ei4whX@=O1VlN`%<QPDlg!lwNcaD!LEJi)()n6^u
zAWOwHmPUATxnhk%X7D6Wu|`+6n;1-p6vU{m4AYl7K}qAMFPXYX7U0+`$BH%0P^?kx
zMLbD1Xc@^euR=X>x!10>lRb?a=wxBtqV4Xu?qRZuxN~(Cu3g|El>I{G%?b?Hx3NNN
zh=^EIH1>&--`qjo=lY)OL3cxwe&3JdYP_gD!kex8Y#=Grt#*D}zAwzqx$efg@d}zv
znZxaFqsI%tWzW4g%znSyA6CYG#Kx%ww1C?c;QF1Az%u#)CB6j96?U4Zu%j!t+?qve
zFNx6<^sEy0@3tp}D9V}&t+h#2BHAm*3OmhE*ir07UxLXghdALUpqA=iT#*IHrBPqZ
zL+Ci9*N6QnG*Zwf_Yx)Ug?jp!@-DGpf<Vg!b($xrqboB}cb(E89572DDiz^UQJ8hu
zwx(=!oh-z$SB?dBnjxs8*oz2+CVfv62!rmV@0sY0QE=!&V`f*;?1qTA-prO^)+h(t
z=9<Sq5sL5m@BTOzHoCLL=>8!LyF7zE0h+<FJkcFpSyaNPQq{ziFyN?_1>sezEae(Q
zJKh$?q_s>Mi|#Z-bVsolaSUxCGjXOsJAL<I9F4fy?hbwu^Ds2=+z%$Wcv0uyq1GmJ
z8yYvqFdqEV`)CZSYm?RQclJVd!}PDPZ+dIJMQiC`FL%M~_101ruIdlOzVLQ;I^OI;
zcVS;wdj+i>e47x<UZkmX;vFMxixP+#?9Ef+(Up6t`&y}z7z6YAbk`E5DoS+O^u3gI
zE2;@UGgjhhh7ylrFJkY-qCAR#hJWw3{azf7`;%|wAfVhwyWKN%8$S1)4|EGH{;sSk
z)aG$NbLbJcfk|JRFcU6xazpraxr&cMW)Lh-#Yb1JL|+y5FhfcXnk{FLCfG3|O4W$E
zRYo>-l3-=5;+GjJK8j7v7f!%})`Bt%1p>3qkwteIm=qYRAx>`j80H(icP&Pb-{SfV
zuz$Z8#Cbzk#+idcrkPXbsr~56b=4HQum@jVRxsDx{!4UCNmx^LqG_mVWU30$UO86#
z%M7(2#a?2XQa6AQ2+fWEDmEu@uiQAVb0y?Up)8Yy`Zn|vIDE5&xf{CpecA5**sgBu
zNfRb8LDi2r+O2MF_to2Q>RfN{PhnpiqtxnXe?I)-;^bpW2Am#Tm;-uOuA!ek?5IBt
zt#QL0;*o6hy(K8RJo-@PMIX?WYg6}>H8m+&r%Bx?O$04lqEt~)(KnLzsTLRZ%5n6e
z%!odq*oi{f^r{Fi5ya}xyUoA5F@}Hnm;2C*{a?;x^@mf-%ukT;3<dq?9^CiPNXPA%
z2wg6ZLZFZtbjgcCpewhGG2T=SF;!{zLdH8HD=JCb=@uI8@U~1>{*-YPqRfawpxBEn
z+Qm8ZDB`pEx;B3}yEAq+7(D&=a3(l9HAD0U6D-h6Cm6CkJW%F^2hf!vD!`=C1P0@h
zT1iG&ZS4z$1qMkt&5$@eP-cV&Q0%lpNvw*{0z<^Tx8gl7vKkL}Iw=l8ne~Fizlpp1
z{}@kpuvfx(5XfEj&iMK!_*&D&7U)eT2(~<~Q0B!I(3L6W6{}lIFy1LhG3A6AO)cL_
zO<CK6w3;SZ99Jka;tD8snqU{Urb!^)-$C__S;2v9`<>q;zm4(BAh1Fw4||fcM?xd+
zd}psj?I5~rO5#F6Gf0!C!=oz?S~~$fmDHVebEK>pX{l6|R21aYG-+ZTzRb|!QS3Bn
zFyvUV8jkKio>Gw~^fGS`$2Bx)TiL@ss9bPf)5hMAK6t(02x=1a8U40Z)_iSuC+}xV
zaa6bC6q|#&*_#`G2po->n`C1z_+kaENN%mY8Gq%Qa6h;vw2gxr4A)gIv@SWnT*R;S
zYX`L#=<IBvy_1uH3~KAd^~Rn65CIJRERytI9wjLAq6Fy5LnMHJlxsKLQW0*-npCYU
zs;X6><fiEzM+wS|C;^I{ruW5Z_bB2=YYA`f#QsaLd7#Li?tJj_L2KoapC)i$kBoQO
z&mQQ`jjtc~pm-#k$ze@zYIhs>&fJ>Ky=xXWwqt#?_pf{RXWwxbknzdlxAW`%wp|}%
zDGs6Y<uw2(WCoe@!V&1ojnty9s*=<_q*gOZ39l+jSSdwAyQXaUgx(g1Bg%|$1d5#|
z^Tjm)DB}GE6gjM(efsThaj&MRQIqiB24Y=E5?sh<zkT}nJmQtJwvchzgUJmR-I5>l
zzH=M{W}Ld}x#0yvNr1gtd@<Kv8h&r@X=n@yZ(|Pyc4#3K`avXZ^76PunHQHpSFVeK
z3DarP8E`pjOK9F|Mx<7K1MP`hnvP49aa^Lzh)bZ@X&PS~j6e~uZ+E+cw|{$UjRvt~
zn3UjucNB*&FIJz{>Wlw#$l42k+zV}XeGl1re?Sr5;oca1WjA}_s;YMV`Ir>KV(`82
zG2TDXJOT8M6Gn4+kfO{BQlKllLi3*6!*&N*#AOYwsM?OOR=0)Zt>Rs(w|-evagd_Q
z2vVTfNw%d{eVT13!j*Cgx4*-m{N%gy`i@r6`Wg=B<apW+IeH*4J1_FqSXS;szw-w#
z1EG2C4_!Kt_&)j0-X-ocWz$g5G|Q^IfCjoU)S6RX)P&h1IH<)Os?a4VIW1|^3QFrP
z&9XS4f!^L6mMtz{K#{Lrr&_R}urL9B9Ha0c!E+@bNOl-{Eh6l=a9(QyF@qX;fdmxS
zn2PsJO`&hABDLn7J&bfMkxI*|YYHJJl;J84BvcuJ1Qa_>4GcLiDIJBMo38H-q-uIi
z@79RT@z%YWu+KfpSr4h{c2R^kmxmNk$PD7-g%r@0?Fp4@(Q48(8U$kolZCV-wCHqG
zm5u1zw4PVRA%!X<q<~_liF0ur0Y!waVYlL|^Vzj^vEkh4=1RHzUvRQLfj--R4gS+m
zPl+()@{alm&<w8R1sBkj8zt)6)Gc9+DWR!zWzCJTKDDG}RWK!*K3#iI#leLtBe;NK
zF9|=TZUCVT-rvWCpM1#MAN|BQe({~lBHL}gtdFak(^`*RTK!-%>k1u=n_IOXQpDXq
zR2b^$^kjTWS>mpe^jaQTsPaM!=*m#3P;pDDPEcs-s#{AhnEYV<?y{*^XPR^{yoy5$
zRYqt5#ZH?dv`!)I-e9oc-i#AqT{z3S!h`es*u?=!3tkhvW$1T!=O=q2+*uM~KtVIO
zlNVt?SMGY+)TR>F>uI^=4uiR|ogo!%DXUu6i6X69RdIx&%7`$a*lF%y$RCCJa=Nz;
zP_j#5V&R+9MnJn9=`Q4K&))d1|K{8jz;(5B<73<&=zbJ&;}nl`Jqw3ltzpjD!DVH*
z*KdG}P~hhSU|}dtocQBp+aC_`y^Q^S_G3dtA4)m+QiL6h!tw=Nun3}Dq3=IQ<>k?Y
zDleLVuH0Gk*E3!bP+~#3stBw5(n+yxRZ$RP(^QV52~|ck0mV*J`Qm5-hIl$BXw2+5
z7?_ndmZ==qFhTEdyE|<(498JU_Hs>AZoMV}4HFUmTrS_EkQwaBlkd@$c_Vo%G^Bmh
z_8@2~NtmpxkH)%Iic<CElp&1e`zk}eN3rR2+0>E<buh&1jW`^jde56OXm$>RV0?w%
z)ymp6kf%b>@|;ln>9lv=Tp0El)#8CGX6~fX+VvuHqqyAs&|#P;6#PAY)w$lqt#c4}
zCcY2fxXj;a$lgWxd2zV_ikLyqJXs!Hne&2HqS2&MFdML|we|6&Cah(pXoXZ_N~efr
z`6@$}N3j$1yjYV*5pTC@|Ly+h**P|u{`~4^Pn7HHw=dtU4_^RmL6g4he(YX1rgi(2
z5xZgk_}~Bf3&NGlRdp0HgDiQfI=XV*YeBW_Nu{-Q>Ka{JvUG|tPPMX|WUHHW+DIL%
z>UD;yj$+efL1F3B016B0#BU$2eJ67_P14iGkqC;A_X14Ia4hhh%6*l{RkUHA=>}zc
zkQ+x{o!rcJ`}?1R#j}KaX6g9cnWzsRK0+|(&K@jMRtmj$oOvi@nt64e(vGg&aABH;
zNy010%dR;i+)zqrsip3uC}^239jIfaz0OeDQS1csP=Wr(SFcml!*CFT2CSP?>FP>W
zeni-6oLLl7F$UlL#p;#a({8p8=1{tlxWi%Se`jg9KZJ9|0qRGO!&T3Tn73waPX;@f
zUJ_n-?|ROJ;sJz)mzM{ikQp@0Q}xl6JIQO)w}uoo(6BVZ+CE+qm~hjYvS@0V7H8{N
z)vq&DeH1%E!;5PJP{diqcQ)<3DPFBCArCI`$8{vqK}EBN#@p>0QY4)Fzt(5BD;#d!
z%kMY#Y_YNy)9<aaKOOui637?!wJBRa$5EgBg`>f|?yTz)Ee^NBPv(LPJJ}ABn*2Q-
z_q&taK#zu<`_=tvf4@WKuO>c$)HxOf%^+`HWC2~7cP%%yXrToybgHq35TWd`wr$(a
z&`K4>)b1Te7V3=10*aj=FAm$<=V&%j<B>O}H(PB|74+!k{&rl$i1}behbs+9pRRgp
zFng~3`XSu4Yy2TXwH1_No$lkNH$Fk#>>cIq4D?1`AMV_jVeJY6d#H&%+^^NzrG5I&
zB~Xq9Etq_k(09VkYIyIC<3fK0F<XZ_3HLj6V;a&y5Sm|JZ-GK)kUTFWg09@vk{Vt&
zP_55_<Q<Ww6GXSF)fI$ZMY=&m9fw5fjF1S5ogg^|bC3JeZnIY3Qlv(kFddFU+Pl5=
z7IAN&0B2x^UR!1y><Q)`uD|vcT4+}^51mCIXUNa0+dJ*jg;HLu&Rc-{3Ro*{Li>n2
zbG+T@!`TxaCirZjdVhOk#%UNjoZ8phqwq~|#7VDRdK0wb?UT2A{*EA=UJ{8xK{HsL
z7l}bvR-HYRo7x&|H@&@9nsDBi#IUYwS=}<#Ot3nR#MBv)7!-R+pf7a;2(1ys(`w|I
zm%fVCIs<F7(cUoM*v;SCbM4yDpADo>CVd?W)2>}%8X`=hx1X?-%Of;(UW5i+S#VW$
znk(zZN(pUFG-0acmRO>!+rFw8Pb)ul9HFT*A~Yy=!cty5>HtNAb9`jyLJir*p2P<a
zH^e=B*8FG%&t1ZPe)H)wY}N1He|q)m3TlnU%17U#Wc?K?xuN#ao}NOl5(!oh{=7AC
z%o2M)Lt$`b<Kx+AOQZ6RvjIecFz8!OaCLbIrp^n&peu{6YgB6t0X5xn6=u4#x+cn0
zvXm7AF+I)II0RE?gkVtY1XnMPzo3Y>_Sgd_cNcyO!DKj!OGx1K^3vdsN+>`YlNYXh
zLx4M&X686<H&^R}>dkme^1Jxvo9}FLzjJ%8wdecw;R}oyJ?zx_ESx*Y*)M&&RrZct
zyRutz=Q<eshP4mx3BE-;1^n06%f7KIAmg(WA3<{WUOEyv0UhEr1k`d;SHilNl`>8)
zS4wIS%hU9WV>oq23<t$d(C^|H4vP52nEO?9_zq8ZNQZzjA#G16o87(JfL-H>aPoGs
z;?-Zbn{Teh%`#{6SOHjX<7)%>6b@s;9{RuC*?(yt&fZ#<Sz3><rxtyn3}7U~-e|%=
zE*+qpfSNEtnXtOF#A?c(@UEmpM-!CO6pQ09bw(Tp#ZFM{;y4V72qiu)K>XG2h`^l<
zJl?~29(WKp9E*Ege@{2~YT)DAdU}6`ye&7!%3a5oT@G2vS8g@sLey@}-8KLn%!dm%
z=a{8sqDzK{KR%@Im0#lqawfLE&!}GauHW9MqmK3uq2uLKmlL2Fgv6jU%uOa-n~K!j
zI*OpQlhV&kZko1CH`s3CSWlA?>p`(;LZUFQxX(LIqZj$jg_)z;UYI{?En|P$J95}Z
z4??CVW6Y6*@y+ed#5iZi55?+Uu(w+(uxa@7O4+lqG=u-R8Ma|4BZD?ThkK(SV(pYC
zdnFef7|!!glMQ`$DYBuUX|kcvQuYQ$C=*#|m?2+V+SSaGt*uP!M<}PQUlWISnvC!c
zik%?a#l4_V1Pr0Q*}|6RG?Pc^4PWgE1eyn*lNj8Vd*&E;*ZaG`$-Q^R4rcS!(rbJX
zj7M4zvB)tuNAwn{jc*j?vLc2PkLxBX;D~e>x*7Wr<_e00_tr&3_;q>E2ZhXF7X}qD
zDw*{y(b66q>WUd6bW;(fI%TNtU{rFNU2)W=$%xvZ*a>!_B^>GCA&PtD5}k+e;o!@|
z0Bv&^a_te~Ic;0*?#*|BK?n){a2S3)-G2qWy97IyM^&1<s0zAr)pWG3?LH}4(O7a>
z`z3nDi5`X}3!0WunmDS`WJFa^>;$<m*e4Jyj^@L9`z6J(#OR5BeFL(}y}yw4#`XPf
z9m=Ysz_hEN9>UE-=3t-^Y;ktCbcfxoIYM0r!lui^7bs)~oASaJ=*nf+caj@Us5JJZ
z*+Y!Z^cCTZmQvSkrR0REio+L8M)(57POu4s{r;;tUafwzCgBgU*`x@CkCAZcHLF0B
z^;UwAJJdG&AC7wg9f$`fDNH$WfwEy~2l(5Y&)$@|I((lY_$L&ZSw|l#KW;+0jpHk3
zzb@||g+gZRZs=eM#e|}q6C*(zqr$R9^MWX0N~IX1RX5?N$FYGXBQ}6yCn$4qGyp}M
zh5ukHz(t3j&m(DqT^Uu_*!G+gXn+uqU=_xYI`j^N3y6!Ij<>tLQzFjkGCsfF|9j}w
z4?U>h<alS#gK!fFjV_NSppY3fLPs<7ohp<Rq&JPVJhgSkh1NA`I>XD3g2p=Gg2&;2
zCL<hxVqfnL$JJl&kM=A3Pb}l@ZF+5lPZ$D{tbA*67aM><*}geGFvpdnT9Vie^5*1{
zS8ne2mPk*Xo8BcBNglSAYw=B<7LTsn^>wK_>qB=;LEK1`P@qZ)FF0*YE0|{KRJ<nE
z;+qUD9>q@B8&p{jWz8_b2ImTnK2KJE_36Dg1%u0T@Clys+mn_>I43EL(DovHINU!m
zQ)@6kA_UrpJd$%DYG^a<vq~U1bhUE*rH4s1e}(4MSMgYp(>Ahd-V7poDf<2s=4yFW
zMw3^Sfv!wxQ7WNY0=lc+G)-&$_qrseDf_xBDafvA632>ulcDIN*a;F}tmvbN$gkSL
zxo_+Dwa46hifOLP1L*}E4IjOJieA_*>nMJXG!6UsL~DKY%_WWN@^XwOuN(tid64=E
z$gczhSR%MKq~culx|5*3rg<5M0h)|30E(U9C8}RfPP9Rx-+OgYR-NCAALiy+`?vY_
zPcy!JI2E`Qx$T22JNuhEvH33L4#JskXkD0K80IUvp%KGX!{jm7l~E|jes&Qs`{cI=
zyO_I)!}<`HWR6kL^;S9SjL~^X6aWRy@Cq^Lp!5?^XsuV+w1mq-6IRuts+k0VHp#~}
zjsmn9Q2-R1=3{Efr)h{HUhlRLm^?p3m#7w8eq&h?&WuC2GtTRDtkfDDNXNkQ@g!X9
z4<o)nMv~9={Ce7Khnn8dkN*i<`NLtn&icVzlc!0AzOfXkP|!4~Q0SoOLv45s6GVD@
zVznm^T`>c~Ea<XnQpIY2o1ylj*h{k6Qa6B54DGozl+j)f(%1vn@F;F>LYYt)$$B?V
zOhTUd#l4hJ#Pp`v=2cywD-Rky0j<><q1tYWk`<(>G~+$vAho9X66^PEhJKG?FXGF^
zH5e%3F<-#9+MQrm^0_x)Om3{x_Rrzow!X==+HJr3d|G4!LRZ9jvs{{Q^Q3un<*qBL
z)-;B+vbHBxm{}y7q9RS*DO%N?RucseZ7j{V8PYt8y@)p#cU3|WZ^qee;NZCZC92>L
zre}1yqZpxaUJ=r}1YHh48lsRHtjUw$(UpsmiH`O?F%(j~Xrqa&`hw`jbX}?KS+Sa6
zO)SB;84^5-op5<@0X;q63Ijf!Wc`czHXP-iZFbPF<lzDEIi&kT1ChHssGo6_GSUq$
zbrcHeGyaXdSgl_5u%G$Af{FTKzJ<`DU*zh$30v>q*z4KL8y}H&@@%*vUw&{EW+4f0
z3Wpj4SAJvvb9cIPp{e!8+_)f>^~s@Qp-&PQTj<d;=)^CORB-gOPEdY%c|n_3UVyGl
zsZvcRYa(h18!Rn|tSe3$CYUNq#$~0`l#fFQZAJ(I#ZFKjgUyok@I@gY9_mwEg{>3N
zhAi1oGT;p-d>eijr_J%j>ebiX8ZycDny8%)C5K})JxbMZSBnFj-~0D&I-#%Ka%JHm
zxpuq-m;CYQ4#IuieWwB<6uvzEfI?<aIIo%kUAdJ_r+U?rrm0~tu%Y&J0f}o(B`U?*
zinr-DD{UOUXfwhWD0YIv7;J*O(@m!KJ10yyIr`80^?sl+kXxU({xg4|q8#j_&p|RS
z{TtMa`64lTR|!rnk94$okq&faCflaets=DP8_TJZ6W+M_I<4K$%Cgfs-CnVcBOPr<
zqyxpy42h-IMtFrGAS8BNfANzfpkn~k#zKaojwkB)ifi}tF1kA}hQZ-ue;C|eXq$(y
z=<-kl3Yo#8yifzWve3OLJ86h1c}MDkLQlM=BodCa9hU`T6Ps%sYG^Y;4JdZPGF=>M
zKoLLrijYt(8g|EXcg-kb0B+-M`<)Or1RmDg{~QXNk4K@tSohHNS0Q$5HLHW#ukW1(
z_v|0n*Uzt3k*jG<+d+lYB#}A+UtSl0LS~RJFP?y|T$i$F71R-QoRgYE^?%#f1d98H
zKyI3RaXg{Th$o=f3G!WBR*+ce2>lI*@;RURF>I2jdp&HD_il#Lpto+;axeDl(Cox#
z{)c9YkP@)l;wnCRCkYBIZ~D~cHGM)??wBfC(N#p0CA2@}4dJF0glScavaq&IRY?kU
zaR{Kx2mzqjOH>r}BJ&CYaQIj)|DgE}43Kf0v0Sp0Gy6N2=6^bvt8=lvJ8?c}L=0xq
z=NGxy5kfHZW^jU`kZFQ-dA*&`m0@3`)E+$Tt_U)nF)+15+S4b~rdKuZ%5*rOi^Bn3
zMmPY)&UCYq_!OzoCQoPQYN!{1-Z<bx9bAzIC?sR!VF*O7ziUT)cFdqY#d&84o6rZF
zh!3Hl8GOnM7oaQaO6iiyo`C*K>ee(wwz4Mn0AA^)s6hTr^C=D&bQ$3S6g!tsDSV1g
z81Bb-G~ogCF|b+p)^S?Pjk)^n<Oj2{6y(f8McXY*s`rW-lp@)~;|Yq0p&N~T1u)Wu
z&0Q80RMZ8>--Mxrz&wO_mlpz{kQubgi#DJu4-o|d0y3#P+FQm^MGS4UuKEJ><23E!
zXhW9~Z9uVeX@`zS7;-qK_=i^_xTZ+L+pnW_{9T){;7_^Kxscj%2(yIzjB(*}l0p}m
zsKRL&D(HU~FzR;aW2Y_`*Eax3n7t*#AW+Z@{^i9j(3OYS1OYXd)J-P|7quj`riHF6
z4q|Sae{tNR%ZOW`*tz_>cn$=L0K$pYo%qwK{XW^>_b^;-Pj?bVTJ^(dX*WyS5ol<X
z^<ubLZw(LbA7elEwQFc(j}JEx7lXNjKEcROx18v<h2C+Jb<0BsU0&z_U75D6($**v
z(OZ|TrZDk{aYjT_S$kJ?jCbh+W*3JJx{S~PioNJ`aB(dHiik##jJ`dLNn2}QE_X0T
zCs9~?cy0shJHV!zxxY&+ndHuL&A!Xi?9r7wszj#+BdQnB)x{n!S;K3>>sAYHH`7X_
zOAfkNv+puAdlY*ScP0l?<0L|-U~j}W4nVn7566_>T|K5#@$DZFqAV#nKtVHzk|)HY
zD_3RP%Cc+-1MR97v?aWhnrLkV6E*A9V+r{&QDPy!%MjvG>_tSmSdB*!zL59BhmU`~
zKRgst#p$@a8%8W|*1b{R)W$>!W3cnNsN>I0sEFc@n4`3$9S;hc!KOSx9$i`1%+0wc
zQc+-&ksxTb#4ycaV7MyjgrgJ-@?C}?k7DOKN*62hDB>-2*9E$Gha04Y^~NP)1Ra5_
zKE3+yKd-(XV0<w`kjo`=6f%Pzd6GH0vJkA`RjCLw%I-><N+P<hASI-dwbDqzCyY%j
znRgkIIf}i=*jy~2qll3sU{azn!{Ly17-y&rb|iFS{$p*=|3IZ-QnB~4AqbeTHcL|A
zQP2!J<;myh%BHQWRu&zpT5TQVrh&#zyd_0dRkhSTS1Rq~uvk848S*)by@XEaMW*XJ
zQ0Ty`tKsk;GG3gR`EZN!f#u$aqiaUuN-*Pwo>xQ9Mri9Klsefh(RGNr_1fvxs^6UK
zKkV=R?Z325Q&s=*H2v`RnV=sEnx-Gi6W7s|tC}(`TT04~me$8^3c{tVNhc~^35%=B
zv?|47ah+v|>nQdj`dyrBk0M5E<`@=bQaktBvg@=tM%_)${hGp24LXe7nWHsg2!oc$
z=_qKr+yaG`yzV%Ylr$Z)7O140h`Lq8$fmBVhE@%qut2dM&NB3H6nhZ`E>53E5g&HD
zFDr2zqb8BNBkblS-0rsCLR-1eZPgnTpKIzix3N(jq~{IsVM`h)0E00bt~sW+Q$dO}
z+Z(%_8C$}S^M%HFdI+DEj3GclGb~b`PL8fzc6D9yN)p+Y4D$0jBASL03aK!L^$ly%
znR+bN$ytU@j$$vO<HcF|C?e`M5R>HL+>G@dh)CWCJM*!3xe9~ih*_j1N;e9c!Js^)
z8(q0%(6`zs0^+0f(5-XDM9+z&H3jhzw8u1qVx^m9DBUPFoz#+A65$L!=ong^io45>
z^62G~Ojxcyvpn?~U3pNL2}p^g?zA96^@8xW6tv+rD2Zt%#OgE4P@hrkMYiN(^%+Av
zU9$1X%g<wp{~=63RKAqj&$06^_5*X`lL#PM2WIDB90H1@5q2%nr%})hcID~Q=*mV*
zN;}h%t`(MDeGBuiMNOD#1aJDXEGLSeS*%a941F5K&J>DLYa_(MR}9T||J!MI6tSK-
z%8v*uF3$-^Au~9UCq<(x>!x=JBt%tEXP_B0zOjCcD;YCXa@kB+oLGux8B#Qgy~yHB
z^}_k|{^Ql^!%pZQ#Rg8*_JE(Bm55#uyc@WX^^X0OR)^i@<SmZ#k72EF-ny~pGH}0L
zrL%jv>j4dDH=R{j%jPQZ{ZPfRWYOyeH;IjJiH41WX3#KC!$w!;+7!Cc9jU0Uq1>e+
zoKi&??PM={scM>T`o>}nn`LO&D0Xrtb!t_FTj<2yVJ6m3zr9+0Hixz2{I}IRO9*KX
zc?cPnG>t()GsuvqSfeY`UX?w>GK>+{CYjc{!c220fYK1mFfE(Vcw)txWhmAtcA5+q
z%hV{s#Z19+yn&{+uVIAh-uHcnK9Oj!6un+ze_Ad#vpl&OU0KMYg<(;o<}fKr@|Liw
zDlIEi&y=DtuRh5I9?Q)<LvBW~lUzux`ZO0%#HZkstbP*f4WueMV*L2}&F3dB^mF1u
z^u_8mOc(G6@2&Y`Xtl5^U#vc^Z``zj2X!T@wQC4jy;yxdZLP;F>^@gVuRR@(ySvr#
z+r81I_gh!^ojABA@y+?gdlRM&-LCHstM>edo6XJ-4f2`g-8kd*;Q(_V5%!m5=hy7E
zNBi+ae|-9zfqp0{JBfm(zZ*PH3rAPhqP6~fQIeKJ8bJ>Q&!W<#GJV%qv};wJ?jyou
zEu3d);V5?cyMZBpw5PMveZnzAkv_-7`dM%R=mKYnb>mwW9bw8rD3S>;z&LVwt9KMK
zgCTjT<LJt~leCdckdkt!brF(C*>q5kP?WVU%eI@ap0QNUGo*49JIxRb`4$T6-kszj
zMG_1Q-ut-$!>7|8lG}bbtlULca8)-6)&5uQ*V1R~DsM1{@^fcq!t9h_JP|Hk+<XQ_
z%%D=9%#E(x>avhct4PyAa$92$ij2#iFwIP(8rI4#eNg1F%*``oZWKFBrHi#~6cH*v
z198rMiXfD>hQ@t<xC9is7#L~h6orTL%Mh|G5w%g!48G)v+UUwmX+;~Mh$^}Us-Ud@
zPOE|l#u#rpZn}12bBaZ6o*`<Z*lE68tZSo)z?auB=*AcNzWR<Sv*@uz=|({_=#i&%
zqboDsnvNENbXs)QuLpWGttPbAm8!Yse4?m{$4WQPP`Xj<G(9esw^2l($17-<c#P5;
zXHjB_JdJ{8P$EyBMpu@Vrd8PpD9p7ML$y8Orm*L|#^{h4J7F<md75X)(<pYD5*G{8
zC?ZfI<h_E$m_>#qDbgrt1{v~nX>?^sftHnO35Y@VY@?_pgAt@PE!Qrw_3<4&CPS=C
z^9)@Y#ZHp}Lr$M<Fk~Qwzku5`{K*;U@#7qNEYXWm&<uLy>BZ>EgA7POA0l;U{R~la
zLmJ83qN+-ehtl+j^<ti(7o*r|dR(j*qlib|=+A?S;wbTHf)YzqV-z%l5_zgIy7Hg~
z5|BkmO}m1ymiJB<0a*l8ku)V@)tG0f#wd205*Mq+7~<)G`50ID`)>cGcU=S#QeZcN
zA6b`c$2?CvMpqs*Fak1&J+ew>T?>~jD5Q~12P#O45wwW3WB6eyBXH~#Ba*8=$p{?r
z$Vdz+J#&l%e$j-Hz(JFgaM0zHz*inbF9LFgJ$5uL96JQz4WpFH9@LC9C1^~E<&r6m
zou<U4Im0;O5hYxJ>4SX@n21@lSdbHpgJ#eoODDxw9t11`ss;4Og}kexBaJa!(y9Q_
zB29}jrp0od6vs}};?g`~95HyA4;bJgP1j0nU0U&Hb7S9wfsTvUi9sg#8cBvMmOmXd
zhauR?gJeZOxPWdL1%X;$(n-U4(`wKy(hR9$hAfvqaqKihE|ouV#2{xqh{`=C%zC@}
z*^Lf&wc?+4`y(<~7hfmIlEtE@gXXXVTX|5f2xu9kuF8f8QI@1pZC{(B1t}xVk~(I|
za?umVPP61v(Gy2}GJDs?<oZ0_e)YlnUcL}B3;}tt`Fs@j2tyX=o;YX*L$Y*FeC0vN
zA|P;B2c%Mj(_Rsm@B;ZRrsZjdG%-V#>z+7vnjxwF(#ggEICMOj_`;=dCHn~z7&~u<
z+1|n>_PQ+J@1l1IanKc!lMIfS!I~^-6kmBzya?zXkP*cQ7qTEOH3l+cBv1D6r$rmH
zX1O$qW2aejsWgfsMzT1Y@%G^QLBF>)=H?d3`AA#~rNLrR)IoD-fUP_zTLiQYyS-GD
z2rZyPQdg9a1k%f7sSz!@m<G#5Q5-u>gG-x5;0TD}zwv|K%^zZ~A)Cl)qOa{QH@lma
z(7pr!p#*kaoDz$LPzTMS1lo-`C|d-?4pO(OCW3d8xU>(*`lv-RXhI7XQ)0OgieslK
zaj6iBBY+a`-7KKp-lzQh^^dLD12Yg3peeX02^LGA4w^#(Y~?}BA|P*&x@<clTKg}T
zumSlR4NEq5rv;Bmuw44YvC|~DRQkjb<MuFY3GV1Rh~ig|PA!M4@BLG36S-6s#St^e
zlBJ5`D-SXk0nx)+4A~LMlyxm2TLY3cj7fW-G*(4vhAN6;C&`jp^=Y!8h@TBKWQSJS
z5PLtkJRM&S_B0333#ASsC}^4nG*1adR~}?70?LMUDZ3UL-L=GJWk6DfoT5RjgwhNp
z6va-{;9?~dMSR-t`ZXL&$?C>f2AuBhe3$fH@6R5PT#St+#4np9#c~~#=INm5%7c<c
zK*%69=MZ46G;w(ukd~p^WLTBbSO=vUIw*>rCPi|%;8a6&93CXE?~a|`1$A!5Fs^H8
zgpQEq(sWQ9F@q_2dMLW`pk}$Ab);s(`kkHKMO@NGDBwvmCDub}h8~Jyr<sBwXEJ3%
z9KAN1o*d4DEN3tSyCTkv<r*l>(?HRc2NjEeXhCXG86sg~hs)Op<veL-#2P5g&_Ge_
zG&3;dOlC}Efxa<cU4O$g8L*4sWLPeD(mc5nU3n0vpgov9nbbysv#E&7)Clz}X)?re
zC(V#MQS3AsFyyOWu2UqyVDEd^v3|V|LnG~FR)1e_HDqJJ@M|awKCIsD4#!VnvWqKh
zTEjWkb*h)p)esq4iZ6@PX1U%;^Yl)1Wg(lYp?ym#R@vPJ_8G1k107K+Nn0)JLZoRE
z>zy=1??ka7wjr=m^yI1tV=x4$8o#`K^J=xW)H(S8tQ#vu^nPvsd!`M-iHpTg6fuJn
zdEzI!vM5=hRo@U^z#Q8a=GZbrNd+wjrLJ3ErZsRHi=Q+@{6w*1r-G-R!`t+t2qn_m
z=l$OGZ+AmeoL?He4Gq=7yL)twI(}W85zDntnx}oDE0--}E{{jLzDY14Ks4NS-s)ZF
zE!Cv6HfXGU(hThr#ZGT77;<8BNeQ43RlWZ3ia>#*-D6;X*+H{EYc>!zT-@juhs>Zu
zh6?&Iv9cfj0tLu_`O6P?!!hl}dGqvNj+bGOtlFF)f#vYS>i=1pKabEu2nL|p=e0eq
z{<3;@_;Px2T${bU*e9{pKRmau)0P42tvasO`f7YJ!dmP$J37p@D3G}pe1f&HSW7d+
zS`<6YS`3*Uq=Ms|Ia?q0r+c4Ba?&?Y+dT{tzTfG`wR9TVsjl&!VE9_NiCZq#(mb&i
zU0KnRF-Q_<MbnX5^@{Miu1P};g~$(#15T2qjK$hAL##!ylVm}W$;LZ4?0p|5LJK$U
z-1ifJY_z@WjO$w#n9w)J{%33+=PG*L2<-KpwE&J@cc;zKO-WC+*}?AxH;^b~noMP$
z<cqFcsSf5wSELh7L+VmDL{RHh*9GNGQ?br8>63XGOTJ}><cng#ejqGbHj56&fyuFl
zDKPzeXe||W863y5emP0wM?3A@3`6C+VjO&riE|5G*L)744z@mOhET)|=H%(Z=*m4S
zm36iyVXCm_G10>G%*OtUH?0xEjm}InC)S0_3|$z-CYW<^Vl0aIo9h)QthunKb>H{h
z5y5QC(Y(}V<jB_k1tY}8@-K>*L5Mv07hSp5mF}gmt_v?~QZvXzX_+Ry?hD<Oech&K
zT+%X@f6EN{7sVzBf$F|VpBukRXq-GsIxyGG?J8uwg;AF<CQ0m%&Q*b3>*r5@gZ|s#
zmA?)yC_<DaNwFws23PU~VRU7?ue8=*5ky)mVT}iK*$F*?F}$^Gy28i_uEc_HnIQ<H
z*aTND&W1%1@6Y0m015czZ;&n>jv<aVzgnyDX}8;~u8)>6FRza~Bx?m-1Ggc|wc#>P
z8%9?yWmk%VNmAI8kM(VJOL)O60+A)rsJ`q>`XE%s+Hjen4Wrm(+hZK&?8v-O0eTJC
zYJ4uNzlM{Ff3g0^erxxdLo~N<V9;<NeNvEomsl!kPnL_rWrjHXF|qRh;dB1_u-zTE
zr_JWs{eE|E_R!krh0uDp^*I6X6FdhOt@-wRn8G>v$`@uU<i_Z~{N=bmnG4ke^v!c6
zYG!JfEN39qtAw#nh7l>P0WLZvnm!$OEn{W8%uvQr?8KMmVp%+~5X`KA)SY-nPrrvY
zbhoa1-EnV?>HS7*jn5eeKmBEx&I&Ht>fTygZ2Mi%NdX7V__}21<{uL)XM9~O&HvMQ
zzV6Mzm3jTV-<|HSw&KoQxzFw|@mJx-o`qol8omw>FX2EBuLGBGjg$T&_IvT||K6DG
z&GGh`yYh47`#NG)|8{fyj}?86e1ovhqwQ(KOl63uppjLnN+L~XNJ-m9Rn|KZeL9J{
zjN=GpMjQdfPJDwdjv}ClR~mZat+(!g>y)<W%K;y>o1hI%^VXoaY50<1fk$)^+$UKc
zQYiC63h2tB6SQa63E@&h!@RB|ob}ewDoWd~YgB0_4!Utjq09&=px6m=pz(yX*p`YX
ze6O=PXT<TvD`{7wVq%v;=&_*91P+?Pki1-LbmgXzbt`yHSWz&Tw%8HbnVQJDYh<gK
z)H0nSSH|*vnIYe!*a?PQoM??N1lb4?4IC}Lo;HwC>l9%$xdpvsk`2rC`7%$RM^|pR
z^}Zk!ZJ4lUn5yU2UO+x=%XHg{j<q@+l&)fZzRJ+&QEZwGsU@Fg1B!U#2i#d_Y<2LS
znb+T)E&?%|!|ECM0In;^%VCFk861wMw()m~)o|q<g-p|=%2VFam9^bGw5E)d67*A5
zTJs^f<%($Qwr3UNBH5dUR<ZJq-rgLVVAu(oV6a!e{GQlW@YP%x#(Nw_?L(~3pLc&T
z-&Vhi)8^=Xc5vliU&A0f|2hwKi7$JEGfT3uQP2$5<f-l`t}&JF8&(seAX2O$8@rON
zJ@9G!-=;9KOgAg3V%5FMP~B1N1Zyr<-ciID^t%ozE}!=HD80TH8^7zg1E04fFf+5a
z=Zsru*sGyiFTBVeQr0_gU^km@t7mRN$NxTwy?y=W8)kd3n@QN7<x+i>C)J}X%c9a+
zw3;+bLkO91!nBrz7M*UomJ8EPY*DdPUu8)3D0YHH7q_iI5pn9JuxB4IH6PCte+F)u
zqtYw0Rr_y=@=<h=q?K7N&sTZ!Ji4;!r06P9k)i>Iwr7QPZQGtSWv69TC}SpS%d1$P
zuQKF$6g$BWG+8?t&Ou=@Nz^bM${U~8kX;Z=iv8j4{$vkDA%_=X$;C=NikLx>Jf$98
z*(hdeQ<tQuYM9O=3nE$D5Kha=Fen<T(xPJ(EA>@|QjcOMD1yPP&uX^XB*r}B*w+ua
zF<i>=;q|DlA+%Vc#iO7Z%*adBMpstc@TTt#X*D#w5ws&rH9euUuuiS|f7yE*9=UNO
zP57_qUEE!jfnr%7)YmSIgU9Z6`_}IEx;#C1vsesBk*dmdW-2$8X?G0{_uF3vNhz6C
z8I&?PJ@4VgF0ehWsti$5K0!vr6CbSR=>#&|aC8<Bjz(oCkb#NWfnhi-e9782mKvG8
zLJtc7GFUPJ^@Pt&7z89|Png3+W<Vq?{*12tH>PWxc(aupU!x5>-!{vIdhPE8tk*Bj
zP25BuM2aLWHO!S42ZhtA!g`^cIOD}-;Kli|?goytfWR>-JAw6y;dnUKF~Rrioiu}c
z*j`!S3hOq3N_%dvU%!p6&E^Q^`KT0DNPP}7yf5fdj0??xen2$&qi5y6E%Z+ll}uRJ
zp9^#Brb~6uH)SPBSv3H2RuJeULTa7tRn(B|<%hW&0?z_M;Hc~b%+GEof=YZ?tQNbW
zb`x>{#cHv(S%Hve8eQMZ9dX@ELiA@aU|$jhM}=kpJ1hu}uFTR_rlr~dWm=VxKgvjz
z<v^rK(Uvu*Rpsw<m$^akEFcJu%1&Se6SG_4=RdrD<J%B1@#77#+uA9%hy4&Pj9}xE
zkT@zd0~=u>adc%V8(J4BOqAt9os|hEyewOi7BZIw&y?=?J7rQgBu)cD;;5`28>pB8
zh2N`0g~2Qwqu(ZGwUzyDyJ&X0pQ^gHrrFd^uKV6Oxjv`yg06&Hhp5OjT4-2g99>z^
zHp{aTDuVU=;Rfpa(sG<XEMous;e@)8aT*XAM`b6_f{9HTRjA;P3L2j}5xqCg!(;T?
zoIg&WYCk52sV(JCw)pcPpbP{FttpUG2wmB?)1X2#uoD&^M^_f99U5FZLxW?r@#H0^
zjPhh+XmCQ^_&5!SkE5~^*g;#B`1csRMTw~<Uw3N)R<`cM`%Om6?q0c{8Z}_M=pQFR
za!KQ6RA>fB!ouI^%B|W{+M<q0!ZT&g#-$((64#5iVyvuUk+F&6$PItffbcgeI{}i*
zvei+sw~HR~5;ahuT46a3uS0-vNt_!MngN7>IQK`-%D-P6LYO!D0bb^7`z|la`b6)Y
z$5qagHYHh-)P$C0LaL@_g!7itB&m{E`cvqs8>6QIF?v*X0>o#h(W4S?#tOfM6R7_m
z>f2I#9@#Bchm2_BxFN7UJ1~z*%)oS5U>;pLD;Vdo;G{{QFK|m6Qdd<>vNns`nx#T=
zKX*gjz&s5I%%idsxWL4$^)#`^c|!9iFarLUQg@+Cam>C4c9oaEL6^W`a(R@VhDGVo
zl^ZHbg^hxgFtL^9A|{N*Ica3oHf2)EB%d&p+$cQ_h|;676EMNVCh&oXogR+#v@g%l
zlLrpULtmalf${yvyVs}3C*k*tqvrC!Jq>HPg03u+B+Zy|%~+OYgi07Mp1{-`DYG`M
zv!-q*EGIYKO#|ZHsO$u4E{%7if?!}nlG}DHE_gx^voXpI?)y^iMyCt`$|aF*RA>fP
z!t$okm6Nti5>`@@6=kXnl$aA<nR#2Z5(SM#>F*{=-JmfI2pXfZlYI(MNu4_Vdb4@=
zCm&`o=`nNZ^}F|PZX(es_iU#}8R+_ReO+}FDRZ<R3>VB~xg>gw3e5mZSo9cOx#6N>
zP09$9ydjjSf7Mhlk_g^rqJffPf8if>qsKHLdW_0Wg9VeEIFT^1w+0qEu%phKpT2zg
z6n*aYIyU%P2=dGNM*nf3kzGRV=XdXa{-5eE_ggS$#-vHNp~2Q(im6L=>sth0*v)w&
zikHWqX+Zq>qi5y6eR-g_Ht=D$+q^!!Y5SeMh}21Orp%#Wuw~2sY~K-kA5f>jWGP4~
zDTk7loUo#)2ox#|>FZu?%iVZ<9uSX5WhZ;-`BpuxXsE=Gj%9bS>a^Y|cVMY|fh(1g
zJNP5oF$=xCZ!1QHrj;cR3%{c)mz*`C<TYtxn7PerL0B$QlIEh|O-{2~_|NU!4Zr6B
z;dfMaaw|q9Kd7(v4{Qmr@+Eko@<T5*=;9#QRymL#{t#WWKI%4`u2(48b^7m|^@}Fz
z))EP&q6^^rDk?GqDgn{<kDitP#{257TXx^&*4<dwM(Kt$o~85k-F@A^P|FVA#JM>=
z=tFVa>YmhfuI$!2Q9e#qQIhL1Zak}#EcN5xr4aG}3IUb%`#7lBuWAePfqpX4-tbFr
zetv)R)X6#YJ-XZTwY2j!hUOKB@ro|!-7zoc6Y?-V0bMywTP`c;Rl%w9g-h9zI!+R`
zV{)FbJkMF-AGnjdd_o?;C!n$uh{41@nIg{*i}lx=XbL{qMPSdg7m9vZi%qxCbzhsU
zRFK(9p$(&77u(&QEr(NfOo%)PK(396&V6F+F0y-zTikE97X)jUP!_1r46KEv=A$b&
zS(DXGU6F!wU4xvGDzBBJlu$kt2l=t)hW+z^us<q0eL9~V`9~$*JanBsk~y@_QF~Kl
z&x~lZ+ykjO)+Ha89gcgM`n@_TR*<MIu+th_-g8=C&J5%M%)m#_%D*4m_2iTue$?+@
zt))AloP9oHkHO-$NOCAO5K`HvdDW`(86r$|Q)Nk#q=HX4FD}862M`>n?6mWONlxvt
zo(A&Ij_7{z*P)(LpUIlk-3s-o<>PpMA2M-&Tdel0XuV%?b*gtQG+5Ooa=P&Yq8Hfh
zc=Y0ODkKl1LeQ1VmbFPLOA^;KBeX3tQc(q{RIs#eQl2yu1>3nxh2#NL2r4@bsIyz>
zpb{soJ-F{9oB%p>!FF^lWUEVavl!bx&o5d)MP|SxjQc=WR#sk4d0G?BU`%hu7~zSm
zNRw5vsk5ReN<a6JyWB?}z<r>y6ILE3W;PvvloAyl;bI$tkoTV=*UKIaH5064hn_LR
zwsZ|qPQVsKInD1*0qLFRCLn^Nvzu(!R^^Xx@7da>+QP&xb$%%yU7GpQ-ygcAyPTan
zy#OX>E5EblvcHYKJS=)G(vKF!A?q8iq8oauAG#aU0Ib`YjBmBO+E3^$l=abfxm-rq
zi)V`U;x<yR@91s4|D+@|K;c!5UX{7eo2XmE)%BgN)g4GF^zCr<V!yG)QfKkl#i8kf
zDSJ^5^IE-Qb^I$^hxOe$Qu4b8wgW00KB~SlCIp0vO$X%TFGJrCgC?ij2Kv32ZcWAo
z+^_W5Ze>s%T?1^c(Ln#cP*1Py{Cy*jwh-u=YVAZgZyXaoLZZ>=_m6U@sKktYB#akB
zS5C4fj`N}<RBa#1YN0t{G_Tb@Qf9K0qDYE~_=3xe<pI1HDm!h#pIuLZO5A~!qC;xd
z<2wK;+OqY%JThCZ7drs&eW&e~E?Vkp3>P{Ms<7ke{Lu!e$P5^TF=pt>G*gC3OiPlc
zFjGreDx^}T3K7L{P;r0hS?)4sc>rUE%1#_dXEz-}C7#ysYoiysF@t+&+&}~hXAcBG
zC1xNYthxeSIWKveCS^+s(Nu(13ItUmQ&LuWskW3_Z8!e*Q-#as6aj1wDm!VvqLO~A
z1QmNyuy50IKJEE((ZCKf_%*u443_AHUL8dTDlv_YB8<*KSEfAUJOg)`!faovHj7${
zgyc=t=4n;OS>X>D6)v4q1kgFC?BsFdTNMGuM2r7{8Miq*OKGMi{RSkCGS|2=@`26K
zrleD*tv_I0=9Qt<UF(fNaAh=n5KvuGX@LsOz*ShK1-dfNs<`5HOIXsh>imf*VIodQ
z#_BX{BrU1%2fYiICMg1F5>$2?S7$dPLM0BpnSXx$C3>g)oA2xqZ2xY*<K2EOz5q0|
zU91cgJ*~|kaJOY`yJ!%woIMx-m6(B)FnR=CxoLQwQK<~xq>#`MLXb+<8OgIu{UNFA
zxXS%Vap{pFfF40*r;&1Y!y!~c&oz2nvz0oD>~IL{qiW|*9Z1UBHTx0!)-A-rU4(;6
z{`SC>p^LU4LYMV!FPHNiMHtV4u3Sl3vjT_>4#yU_N_A5tgqDR&l9;IjZ(@6Kd5$80
z=Rjrs<}E7r^RKUc77aQlcCiHa=6KhzMZ|yo@lP++Wx<^v`se98JElBVK$P#GZ!ZF!
z^H~o3A*X>8#&V!5|J_&)cVkyeK_79`?o!y~t#cU<^pP^K-&mcHQZ}4WNujqpa375*
zMVrcsPq=!8%Xkz4j0Y+^p$ncR5jB`3I#{$Z*8J;F?;~kh;+wI6`gvSS2fUy=t&QTL
zYH&#(CRAvKB81IEKv(`7E5fO)$ISw0dbu^#$b({-oJGs{+j%z6k{{=bj=7HzWIf&R
z<n+acb_-Ix|MVFmN&Sm+H4?9$$*UyKYo&)uEolL*<CPghm=sk*X(Kc4kKq+AWmE)E
zMyTwBMxM<Vp%P%v49&m?5RE6%c?Zz>JP|4~L+`?xTcIll=$#Qg2ji!8ZSp8POZ`q&
ztwvLtgH{kVO(W{ECK)d{oM4R9JdX)9t{vKv`ZdR8(TV^T4V9hH9CUEP{0TqUHBJ|y
zx#`JioYZ<FOye}Qh5f)ny-_}8(~a3v`VOGQoHH99sY^qj$9vpePOB7QjkVB~|5NRL
z_Pm`&mTd}!dugryL(8ThOh`sp(L%3r!HZ(T2X{%QB7k&4Whd0mI~04S+F{rDL4N_t
zq;!U99jVe|)R`&7*GAD^>ID&g30=l>j9tzz6=9>Z(Ut!Wjp~rJF*{W2JWCCo%~6T6
zsp^yn!4uQ#qb`e@K#S{PaF!qVE=^Vh&}69W1n|98Wix^Ao3ZU+e$1R4j*nfZpwmFo
z0AOghWn`pT@tgk1v!F)>E+^KCFk%f|8Rn^_sj}@G<zhn&DkXIc#m{-03?rkw*eP9N
ztqdU6P+32Ad`q523MyfS{=lt54Ewv}PNmfKAKyd54S3=`vL~X~#Q}keOar0}<I>QT
zVLVvcq=Lv2ChaNz5GICI1m=ScW1{?kaJjTHfJ;MVCjf!Z?6?~e{NKLqe3UDC2_4r~
zvM{OC)J8d(L{HND5s+L$jiEv_U=mgqg|7VBrbzXpZK;pZ|8wD}y-Vlpt-cZY+s34(
zsgFBXG<jX`#j9Nh(X#cu8LxNyP5su?@4SEe;@B{jtIh85dJu#^{(A=<!;oinO$K|a
zy!>V`V1Jx3P0-lIZ$$@|@=kqDSzyjBAD;fy2VdNnn>~6>_E$$Q=kUAp@8;(Do3xj^
zU5FPiB0V?WeBy~cGjjpNr#Si1SFfTga2l?V@rNj0VXz%7%YsxbOzv)yMA=AXPGGX#
zFx$+(t+`Zg89?QtvJ>0d**q>P@idhPUOQVqn(BM?vVTJ?9`u4JQ;SN>*ti0i+K--<
z|8wK|&yDN<#*GWZYthhx*9la=#U-J%QudfA3X&yNCR0{5>BJnP(#<R=12PLx*@=zo
z?6d+@;?2{pLqk683dUZ6(ayv-$WjuKLAd=h)V}T4LsO8|*iaVP<}OJuK!s-PbYbZQ
z=*qIL@?6A}Ks_atj@5(}oRhRkAk&gTIi(*tZhAo(kY0ew{<4u~BEqRevL8HxAG`Hp
z*ZJBTprVH+d2Fe69;h-fDf?=Zh#G}s7?!3G1r)3D`+6x4V{M}M3V`<yyP=V_Evht+
zfVqX|ryQUnGr$zqauHp*DBF_NQjnZy388IPDYvlANL?i<Pic`gtv>;`bou!*fS*TY
zC&4t)bP<OV+HX;pjBVxpe#y4W$Dud1__pY~?J0-=)--46t>Z@5!|klgsrfRj;t*Xq
z%SxKVe6^-2VE0k~sacVeG-XXv%PKA==Bt%1eOw06$EfTiU@mLFh>F<|Jj4pve%Fx(
z44+mPibcv&V0gwGdPy7+my^b2SaBh`a>iI0=S2*Wr4kTP5iT=9inL;Fmh-fEdPh$Y
z;nJdI04<8jP9nlfjN*vE#C~GmAmnIw5U_EF;=BFke#?ZdZT@-)U#qXK2P5WquID(?
z^G5GF@;9dJQTgHqB9?pGJ79p_aOGCAo!YJtz@c}HA6l35rDa$d8oIJfs=CSRnus<Q
zgyyUywGhf6l9@7ssw&A!e*@UkWdzFrMi7;qMBLd`XsE;=bszkp&FhE7djFfL53z{Q
zdASYHAPRK4Akwtv15+D5NA$Gw;nN6i&gTVDkr}uNt2;wiF50r84M0Zb%GjX=<o&0V
z<WRa;CRxQRf9g}|5^7}tp@zy%;^yqiGgM-FlX7blO~nx)<>~O@?^1q!x<er-I-goY
zMP{HVj9NoiPN0cRUd51wpe&%YV1%={CQX~<rKsD2mj3DIl}oKv0n{2QJB1?OqNh=W
zN{qhyy>i?(8a_g9mffS<uv1fP1CoZCHsiIc&#(5&-9n*eqF*d}3#hS#N=$>N3ZvoB
zmE$B<_E1s~DPev`A`8N+DkU;cB`wlKh{E42wsL8>Du9MVWhcSoCE{=dVPa3BKVZ**
zbEQ*e*WbFY61=OYS(*q$@ZO0SL@uY`s<7%bbY)Q%W!j_#DT_FT$RM=IVw5B_PfO_5
zmgoNI7?n$DQ~{I*Dmw|0vq=q90x}3UOSWDs`$m4#xwudI_d%z==(VzdqqkdzRZFAS
z$B}V4$5Dk<qoFHji6|LkoRoP9_6w~E<LV&FGf^qmyB105kNj0`%(x1O8Kbh3$T&M{
zj7q#!a9DO5T`Yg!eS-!n>jv_<VN6tGGJsZ0Z6Ez!+q~+TbSAwvfj6eATY-v0f*jm*
zw;daZXk+K|yXcyIWzm)TrnXG|crwQSljja`vj!EJ0j{vHGP<%9aVr>1HcS!@X_h6a
zcp(WmRAtt3T4od5jvH340>a9u>?F9(ZqA2FfK%0|qo!M#{bdBh`w<L!{vm>hv#0T(
z5;Fi1R*i<P{5w{osW<xB<>I3Mr{A&duGb}jS0CT}<=px+^dZWOXDQ1Wfj~EOgqDQo
zJR?b)RZZ4r5a;%z+Kq2l0r72Ab`sT?;Do(}i8;Obm8HIwrlFOSN(s4euoLPS)&F|^
z@dHq6i&pm7Of_^VAG3xE%|LuuY#Uv9AUp^Jm<Vlhb-s!=CL(8LCIr+*O@PIXZC3%Y
zZB%v=EN2%-p%Pz|mhZ;u4PC2&eEnxfu~CT`-+fpV8(n#b8xjZ-Dch=v38ykwR(C-w
zky3~e`M-NNid_Xnu~FH{@7}X0^4((+|19Mu`fk7a!;T+q*sghqmSB0o4$(iZZ5{Um
zu&mBs5u}{m1Pzs#ft0Z5GrIB+DJ0;_t6f4Sq*mU%`cW2A`SRe(`;p>CpR0iAGb%fY
z6m;~?B>#?z-oc5#VmidL?CyJGFF}Pf{PY5>al@n9HKL)n@z_ioKImj|M18m1Biz|L
z&yD=LVA0zJyI(6vE}H00?x3Pwnf=Gj)_gF<E{((V@?dur7VJh>&Us!iK`TPzswGsG
zDXB9G1yluRX%&m6^_NXmZm_!w2zH~gZ@QBrKlqnJa5<;J8rVE*+t@$q*KE^2bf{5t
zc7HWgVg?ApV%6x%1r-UaXhCFJF+!nkwPslcY<-dCO_H-T@q(asW7Ty)tQwV_+N*qv
zo`wP{F-98ujrvBklW(##fx1{jFnY0)q?hVbdeHP(CUP1f=sGAuP>E@T)L{W>bmb;z
zIZyMHB$86)Ac4(Wi<D$_4RbbmQ3*enTDt-1Iv^m8%1$EWvVb%yHo^o#(KdnBpapQE
zwvy&+#P?fpPLX*^=%sOFTpow6!%9KWmH+mW$4=BJ9}N;?%|gBVwQQ7mpm}W5IAi|j
z4>QLu7*~zHh^EZ*yhvM;Dvv<92DzS=B1lzIR?><W#e~6Ey8-z+ARv#*PO1nxu4dBU
zn-V=rd>ivCwNr2+zw#OkKi$rGr+41v;wwy8>6F}q++(?x=sn;OR#aq$LWPCz(Ul7*
zSFc$~+A39c7_TH@RRhC|i;Sf?qjm02ovYpOeH{?KM`b5*bawb2mAKn=dSs|j|Ie0>
z!@P&lJO>xzEEIi_OL@O#?aLpQ3@raU$+pb{hN$yn_Nd4VL<Pj`KYCXF`)|?Rs@G*N
z6Fc+pv9Jvpr79S!L_--#X;vtQhG(QM>XIZmPs%*yQpyRN#ic6h0IC9&om8aDGvKF0
zqc@-asK1?+Ty@*WNcqr9J56BdRqqMr;aB&>a#5ifsu7mhj;=f;QxGt4)n+SG7!jI~
zq)dylsAXFe{!x&%8~CpS0{^J&Bu3D%`ZPw)8Md>sxcRSkbdK)jX(l8npV>b~2fs%j
zTrLm&*I}W5bmfH6D$7|zYMQ2mLgxe~tC;X4&EhIyIZgaYU9}tfuLDB=sO%(M&~|F-
z%T>GaO*G=>2S}v&Y0vwcVOZTC_Pq~I*rkUp=a)O!*uN_0NbWVQq|WWd8r^5!c`o_>
z<u3ybKU{UuN9<6-GgR^E0VMWg4sYK__fT25d)RinojQ6Tdq`dL#*7|my8Ti_OFeVC
zi}vfy7Dl@4bOJw@5A53l-j6y_ZFZwNBSBmCo8fWPr}WTB*(@1^loVt?tE(ZUwfKwk
zsmJB)NFBzGpexfPud+-sk};7H3VkGanPns?@+M;qm+?f+S?#hTbpShp%1){W&ONwu
zbw?fX_qs)|rZ9O(ueKd;TiyQ_esR?E_OSCFjpVhBl@+$`pda_9+hQR~^d`LMx|~s|
z!x$BGWpy~mwa9AH3PzPZSC)j)loF97MOo!d+A@Erx^@|rI)G6@Whc?)?eT@f2xU{$
z=B#!+u16vbJ6`l4*-`;W0nF4F>D1bBNTkl3^cA3?t9kKqIki!TQ5)#WrP_d`EDMqs
zH7AsnHDP%viIAeL6CS5&Ghy4g)J7dZZJ@G~csZNkKqU@^ufTIamWH<e^?0E}9tYTU
z{YEy}R&su7J}NQ;7-4h=x-!qHZpKNV8>a#WQ;uPsD#x&rsZ`cK82>(Cq_IPHzz>%K
z1DBluhIi4Ez`!MbP%qFOd#0?jZpSR!!B$dt>pYDI{Gy(%0vDP@gciLV5%|i3t4F}V
zCsdjEgeeoBKyS208Teq|`w@}2h`5~Iz-1>9f%eNXXN2zV=&|1M3;eLwsj<VH)$wA{
zgF=a1cl-MXgBdu4VD^WEks#*tU<+^1`RMqX=zfBW%s@|2Dn7pQ;Q0}-e-(PbD^wOR
z$&>*smHi9muOB_Bi=N9P|G4ZVdd^M7$0ZI2&4-0@Ai=VQg9hB6h5l)??YNzwsEk-!
z2c-LFBOp0DtdEP#07+0-A78npt%#viqhvfMv}hB;i-HkZ3(4vtr_A4<HjOhEB$tQv
zaoMREX5Lj1l=x=EfG=*F0qe>Py?2~8O7RPMPnwHk@mloqSUkS+-z65W-sPQsmp0OV
z=2QUu?(4XbMJ^<%WCDYv>xM8cC@JbxVVO59^^aOhW9owV@{l?%I}Kt?((8laVsCW*
zKg{^lfuG~LMcCwq9_EqnAUwAe0GF77?VwTseC59nw)<hDxD?#j?N?dSq*a-crl=LT
zd8Yiusw$P!SR|YYMr%HCjOQ-6FXsYq*=cZ}JBJ3B7<TBNV8RG|h0ExZ@(vF?T~l-=
zO}h>z=ESzGiESGbPi)(^ZQHi9W81bh!NmXm&c(Uvn_8=DRaJLYy^nBzv88CoX*xmI
zGD3eG3bW?pqx}O$^J2?b?no;~>E!IpX+)VIkh>^z(Ct@9eqcLV=(Ml3^WMcx${QVS
z75nKJPWc2Hh~O&DUV~lOKC!P>_1uYvak%MX(yu@331cvR%+)0iyRj_9)jfeS)VBzE
z@mXYD5}gM%el6W{gpIDamfBb^&}x);_}>RR{w30wc+<5^?Z+x&BC>$NXh0K@v3D8I
z3cq!EzAXX*(eQ|t{lvON8#KV^p<3eNzpDmE`=6;b1qxs*9C&`Ram-#0`T9|z<>0N3
zGscO^Gm_$BGUj^6!5oE3BXpS9rw*k5g8OtjFYG<?3Da`a!=gH0_Y7}0%^~WXUh<Pk
z;ttn@Q`h4+4bOTG<U@7`Fy4xlv7M#EA=Z#!n^pF;K0@sm_Yc;3F%Uq}S{>EZ9OzPb
zhK%7w;D1YBq|#n0pU^QF%SSC~Yb1@Nz?DxLy|-Vn<ukzE92$o48si?fq3-{pf4A*I
zKGFX)HxAtH8+;Gnr`?zA;H<0@6NwM3(K%IH8L|<IY*$v-D*YP%JrH3oW1gur3iIL^
zZK2a8*}+>09C*@Uo_jC}SPIB(q|_YYQP(~_aOqCsE%0V`?XIjbgSL4e6q2W^Wy5Qc
z=?-+n_96JCA0Z$2DOtSouu8usTJ0=ZSMw_~$iy<n*=;x3D?Z<44njYY{NsUD?Fbyz
zg*Y75tMMPNMK?6u*QfMkeCD|4Wwmb4*u0GJ`tT5NG|UL8WYGwM8n)$A6J(Q;S*jt_
zz;jgTL>tWPLTmhea6?|ZwIE7AWPan~A1=3iUIx(Ey@Bx7b@sIvKVLyY;1Sh7KNHgX
z*k3TTPw92)<W9j8kav}o-!<s=sr{t8_S!7~znfqiwYLRL_gT4Xlfs~Xx!F#laiVU!
zKZ?nr@V2Hf^#`zvOSX}!LoKf)a+;A%Sv;d6Pqdi2%3Jqeu$2P(D7kPV2+5C>9CbWd
zN5ixy7YZ#mtA`<ko_V#<J%ISF->b7(yZhleB2MYcrbusQMC%&3F9a$sd(N4@RvPZs
z?y&9JoR^cyD#yxaIMjJT3XYBtW6h^-h}bo%1d`WrBcbwTh;>HdoR<LFF5<Q&v6uWa
z(l!dU4?sWCjH5lfLuxP`*ZG*;);RTuUMdkSvjH8VBH2pTa-&o(i<!pIZow?GeM%0c
ze+xKD<<H9+XVtSX?nVzFw_&5xNrJL=wcJx^Kgz!yIyQxY{!U$s7}SB-*5q4(?b*jt
zft_Ugv}P_MRfP$2sKshG)(JFDDo11$oU__WD;;+{)De?OWT3n-z$!krtYh%hcAxj1
z5ah9DugiqnC(SYBbD?h;6h+;3<vVT<<x}UQL_L0xHyD#b(dDWiAINi^=O>45-^G$E
zjob7&3BiZBH?uhqwJQ&_M88Y9Y@M=LCo3*4@$Y4|B&4Acp9o%{I~DF=LgkO1R3HQW
z_yK$?jjZE`mILoJmHI!WEJc8OYgUjp>&N+`dhL=M;y+KAovB&Vjl3>5A;lNx+#!YB
ztUJSVM}AV6L)N(z73oE-hs0uw61o<6aie27k%vSTaSvtkrA+{poDQ(j9;@QI1)ZEa
z%ieF{N!VC8{hiq8flGlG#O!>q{^wzKaqcxKOC+Ot{jQdV7Jlzm6PS(Qw-)UijRzz+
zUCKM9h|j~kHN!H*SwhTB-<J{9`SgOH6ZYS&{tUOKZfsB$ozEDNIMYuy`Y!@VGU+2f
z06mWr9-Qod1);$oAxfay=imjym{HCq)YMPWt8fxA=8|Pz&x7x~$>cWC*viBbk9Vls
zEe=>vq(DdmCVW#T%7CEEk2y}#`%Ae;s1<LBQ+TLf6knv;6>96Q232NW9o7hR`%|B0
zuUMb3&!1|94lth?BP;3PA;98BNyEQ9S+<UOSuMLv0h_Ml7_M55FlwEjZEZF9**9N$
zpnov}4%Stm>=UpB;f+}4Qs5F&=q5SGn~DR}17RvAf`95Q6-H9q7;*1|cgc#Q^cw@0
zo8V9eJjBqd9sj#x_;@TQYls%RD+}U1n722cF#QOjk7A!Tj&F-e6git6K8KdvK_$}5
zT!tR#HG5{9<FlNu&7ZwJX>ICf*oDiJpFt-O<UfH!Vjr47c{V|=v16$|Tzu4`x>wC<
z;E<G{s+zbWm#BI?1k5j`lmhVpo}_|MDHVL5_EAvZAM%r0T{ERGwRoJw29C2Js|xJo
z;ykG#KR}D&@7VlZa|k5L7>cfDM(-JUsEAd0EE7lPr8o1gc)ZvwAZJ26TNCGdu5Q|_
z|K6G7pfEa@&j&jU`SRp1cL*4zJ;sOBU(N>f?G%PdfGrC##q}^To-mgACNf<>>2gtP
z>!H(;CoX2sB`Ya&V3T`HTqc*$RZz%oFO~Q%fLuVO<P7oBSg;${s|gH<zDvY`<*&MT
zt-i7WFnDs$aec&?*f)pOeZzFFi;hM>{aYRM04o|iCPHhF8wc!Q)7(^vQrpa>)y9F&
zm&ZoUfoCP0y#Y@3yt!~M?-15|D4?uwcl=C6!i#_80p--r$0P+}DeTc`EVh4;^T3>N
z&5D&wC8|JlS^aJ`ODGxA!ON+E_{5YuDFejGya(>pcE=O#KY-vKUMNlgHSDjADIt^5
z0P+rOIbBn?CES0}x%tOa7G2C4f8Iv$Vs%Niop)E~Amsgqbky|i@W)-6e75@c2h#AN
zS`;CXKmO*k#LJlSvxs&siPtS_`E&;<yBy!0UpV!6v~Aj&z%K8zaJ=oSzw6DC?quMR
zS*R<HO1eFEE5zX+o)V-ynY(Fxd-5jDC`rA0M(di`nn`mh(ce>_9yc4{s6z$U>d2G?
zGCL20d-}8gBF|2ht+3FU2qc#y@Pd<H{_dE-7W6A<T%3ql)aSp1Mfa*hNIm13ONDA<
zGJKinRPtAoh!O6RXHc(fHM|(oboMeS8Y{umnol2OH9FmjmWT(daYPIM%D*RI_Znk!
z!N67#3hT%!!ucb}n^z|c1SpxJ>x4DrLmrp|yp}DLo6(rOnof#qvs%k9JIg6}=a!DE
z7C?GoQ*uIyDY!sIWT&?C@wUPfUI`x9eht_?u<cW=ty7!&1Gr;}Zt-QkTMz_tO`N)Z
z=WHO%QuHfEU}M3P_5(fBb{aeP8X6ld<jU!^louO`Nm5N}S_fEaKU&Z#Wc*7&e*kg2
z7@=-Ob9qig^zTEhv6`D>hl{Nxh}V(cUcL|A49vz=uBT65@E(4)!4bLx+j#y7!C3Y^
z?~ROtjW&~!N^IF|qstL3`nLJYZTVVuo-AAL>{C|JWk|#sySgA=?t4Yswj7qT-OGHW
zt*_F{cL*#NPq6HjuxWMQ#jLL@o?*7rD-s%2!_br925(@Um*zo>42GKgF$PmQjHVJ5
z(<u{r#+|u@i(xVivfdkrGN0@<Nt#+9QutOQ{^8+xzgEvcnn+q|j__AX*<COHxv>ES
z=UvA8dlYs>72%Fov5J4=K0g8ZH})ShJe`;>P>-I5rq?qFx)ovit}q70zNQ54o8R_2
zhLG(5a|vgYOb!c%MVy%c_08enhV;btn#@4<ZVN-dPxFg~SPPKraNth@HxKUXQfZbA
zZ<p%$btzEy5o!b?Fm7)g$5$B&<cUu0P<MkkqdrYoz0DOh&9bg1MqXF-JXmU4$@N93
zB6P+SC)KsDHHXXKD?<*P$6*+<7HS`_1T#pm?5{swli56y-{L9gnBZ>Vr>jk8osV|?
z*>u<o$9&mM*VYc-SjjUCe+3|xp1GtwxJNX^^h^xPE20*!O-gSrJ&7(sQI9Gh){OjT
z#m4hus?aWNpI-Zw2~NLWVWXS!bxXT)zG0FMFAeufU;l}R2{`&Q!xCgA`)bJX2EB~0
zi(!CUE`**PJ8To6mq%2sSVZL4q%C8%SV|*b_1bgQ!bC|ac=E(Lr6`D}(CsfBb4WqJ
zZ#id^1k;ju7;<a{qUHpO;I!z3Ow8tR>Ke-ve95d*hN=w6`b;3gBRCIC?q+!g7=A9p
z@E@4xRIjkS|7D6$x7o_FWmdPaKt2rjIMv*fTv?BE!6m@3dG_uwFMP?%cem$p)>X>7
zd4H0RvnJIZ&xBg@Uq<}8y2;PkbKCBR(klwiP3@!B)+N|&Tt8keb43d4>p54?`jqFc
zZFUrNo!62!sQ3|{Mf0u~Xa`;*KKB>77IERt(6QUct0|m4hfkjXGowJpfQ+uwQAR~c
zy^)M50{v~lB)Ei{l#5ncvr!t>FKvp=MQV-BKUmC!(i!I1_WSNFrbx7j^kwbI`n1Bf
zqKb(A2YPX5PiS@SDmUAFw`HnqM{3NXf@G77%$2HOhV-kh0iI=-L6AVl#hpYGOaIH$
zY1}M^x~-_0>OePUYgnOP|5t6t@+zpbO>@K*z%n3*L68{<I_~>}y;&oGukpz)do}KC
zksOWj>!9=(P4t17#*AS`iX4Sh<)u7IZer&cj;@>X3U6K6g*;2z!890^p6W`SQu|uI
zjGYM_zkgX4hi?KQ+YnxpY5Uq*kX3Y}K)|}ivJmE5el`-lpCNV2EF<|Q%^$}z#MRsP
zn3yM#*7Y`GbhDPTI4RSi2Z>uy0a(QZi#<~VXNFG4%_El#_V{UfWe{80-{@w=)=rxC
z6WR%{DxIupGh%jji1zc(0ls^MhDoVtG?x3GCHF?zqqH%qf7qBM4Kai8eyqajN=YjG
zexx<Je=K#dEpmcJG+ugO#(@Uwp@JNg36}w$=->gs2SXgIil(3iH9Ce%NK!3bc#7G^
zSTWF>draqm1&)Y8X&nZu&~TAyNOYIs4bDDXhyKl`<wIgy>S<ZPI=O(ZZTCok6Q5vd
z*#PrLm-d-Ui_~9hlW;L%t@LpMtVtz1S+X;Z)<EmqkaM?LcB9ZV7%l11eyll!KkJ#f
zKlf<q)M-O>Og8b*_9znDUfN7u*3yN9FyIG`I7Y^qsf9(x&kFnx*oBiJbI^`eGAAuo
z=%P)56SE<D)JOvp?MSX_Ds6#6RZuPqBbGaaDjp`&WD3eg3q+>b%-ozr$>-?b{gp)Z
z=d=ZM&c{Qlhqo@f!Q5W>y(tXoojZSH?WW6g@aL~DCkv@c_~u{F5aSLo@Fjw;!Pr0h
zQ|TB(CIi;Afd8w8ZbKLFWkIHSUew~y1DKy2Vu(F%8%z4U2_4op82u|iEKf1FT5X6q
zCgR}zo2)!R=IfN$elAPKk_A|R%S0VnDWo-HDe@R$Sx^-dH`i4hbWcc9MUzWx^GICz
zQh&&pTrmZ;rU&+#D-F}Qu<)4;3wMICYXr?_)|qksLRrN2Y4+J7i)tj7!5-W|`OH=z
z*y6e8UR1lhQ-z~ld9&{e;Evs{5o594VE@4vXm};h*Y$l|Y>gp4QAm5LsXHz#NwUyP
zrWzi+RPi7hMIk4ux%w;1{35FZ*hX*y*nO;Ax*t9$5!q=>aeA&>4a@Q!Z6XD{3<F0d
zwW$w!LfAMKIs@#UB~Y^90El%^#q>hk_X!~F#ro8_XODOgdXxQXi*ms#ROe4pH*YQ`
zcbRw@DB<Ol&7(!drdDlN4j*ML;%ZNzdCZKfVlJEZi-g}hrN|q<3cx^VnuoBD)k!5&
zt=<AxBmSyew?E5#`az)%(qcBQpOC|`0}s4@_92})>iPpR8(1>UK_HC=TFs;m#;-*-
zqlFHorjY%DkD&jZ0h+<|i;R6*XOI()C>pqGb9%Cw#Ki=%PB`Wj^n1NKyCN{!9#(La
zm1jpID>*M#$^_%g85-w;@!jgT|JY~CC;DSpUX<!p;?@JL*`GaK{~*BDP?8FwjM`Q$
zRYUYao%uJU?m;TQANQ1&jEc#o)buiJEvlD!UKNa<%_P?qoUFZ;v;jL<0!>;mpAx{!
z3a)Qd!TZoS4y|CYXEm5)J<`9*<|K7N=U)tDJ12voXQ{(J+7g>d)<V%rUWz;W^izEt
z499p7f%Dx}iJ4XWaxpyndcNSG?FrHEdwqQxCDe<auE-@I45#t1vkU)sdDAuuC%%fL
z+qY;l;mkOBieq&1@gB64l)HcO>+i=gU|Z(1{`*I-;_f;P_O|GLfX^c3k!c?;=T(~k
zxW$U?vQ$U|@mhc*KXpvx)LageGLCLX^Yyyqrr@A!g*<xhufSp$yGfQA*bD{HCLLvN
zIHD5ZsBQ}lm%2b*+rxIODShWlxNpRC=>xMSHKm+=Ufym(0_Qc3RlqZ&Evf11<g|3^
zu5m;O?;gxJ0f?EEDqqR+beR1&G(N#PNG<i68khuG?+f!FK8Czw$KtzlmJNDm18ALE
z*f=3n#vB)#(J!_S;6D}h2jPo=s6YM)d=V{p1cev{v?89M9b55)xs+%Urh`@ki-k60
zb;Tt7B8Vwg$`b$w{oSC3E{F?T<_!Id)AX);#h~o0h9x%>A0E7~wa<^|!0V2SZcDxh
zNB83CvJDXO2F0hHCZZ5#hfkG?I6xv@s)M&3jmppR54-GVRBenM07!b)v%n&buB8jG
znG7M)#Dx=f8bgtWAdi@eB(uOdn>`w>l7U_X5ync%>8I7gsCN2epKRzz=nMq`&BBnJ
zRXsVn+Z3mm+M@Ny$1;DFbG!Z&y8%8F-P3R#-8bdzen!#BA*V?E>j0UrXTAvEb%hik
zMR?h!CTke764S*ndnVG!c6#F>ev}k+Z4Pe`N1oQkKb=71?yvA?>XZKareq%X8!&NU
zKVHj>{e^fs%dHFQ*o1C{T{7QRlu{|$CHX?UKNOb^hm$ZKpU_9Y7oQM4b1pxRudqL7
z{>NP2vgKrLa#9uVM&uGND#WbJ+1Zf>Xj*hBs4*Mxj|7&!_Cb%^b1nkv-v~-1Ppu72
zbly%e<aHy5rvG_AaZ_c=Y-sZv>=zS7V=;da*5%qm+2_vce8lp=U$%^5!*o+VmpMFm
zRGuP}3U7li^F|T;l)(FD9E~D4Fa?x?wt-}I=a+o=R+*@Cj^gjmmFruV0c_cU>nvNN
zvazdGk?%@A&L10~Zh!kt;K1I{k-l1cXikiZ^ea#OJF}lk4XQahS>^&FWU)X`f<Rt`
zE=p-6)iIk7#1MzV^m%kwvLNesfV?2r1H9IinL`S+!)!MljfTsda45bQ;|)Vr+=qDy
z=-<+=yM2&Exgbw)H9Dp6s<5(Q37gzC05?ioy3XE4aqJK0r$P5=SeLkY$A--cRu#%-
zafHouPwF!>g3oh<hNYZx8=trwT{~&-UIAyu7Lmn?oHy5ylPiumiUr#1%Q@zweF-1e
z4PW#*MA@o~0-u(vrSGkN$JxSN>$Xh>&ZClBFL$=057S%oN2{Kgo2Bu-;K=3UqTI{|
z_PTFm=EY{}_sSXFmS7f9j8J~%xC`I3=XlfS%J8?mJZk^QDaG%4Sy1QWfJHJv93kB{
zBAsGt>JUlu38TH}kBeJV*g1b$P*qpq&mOUDc_)J~;>-q^d;qb+^m6^`VmdR8aVMpC
z7P&SL7v-nsyyYW7a~{Xhn(x_-jZQ}te9SJtxJG`m2FG1r&MRSS*TU)EvdGKlM6Uhw
zok*ckW@^G+{4T}=&)K`{*$;HxOT~}#?O7Z4miW?yzt?b6lEb<4MWShx2y^wt|8-H7
zy#D~XJcp#ZgxVsXrr6Su$l*i!hyr2Gzxcl{Msz=Im!&|j;y->NjoetA;Zb1MT!T&)
z(lXf}+hv8+oU_YK#p57<a1|z{d1QJ*ehTHM>{v3JE?z2bG7%2sS^;#m%K_6_C+0=P
z3-~7FR8M}v&UmCQ^-cplo4(+oSR>dB>yT3~0q65&#r&DXf4-^QD0by`0T!2gl(Ruz
zIX#mqnC8DPz&alUT~P9Uq0tf4dJXBMV3&y$;S=wGf&n?*e9#Iw;F6*!7(V*zY{t^I
z7p}$3KhOG`bRuA9<Gd=`|GGsUuX07=UnXQNQq+lo{U*r23r08xuZPSxtxn08jLQ`p
zo59i*x@*^r{@8}}FeQo}{jq<gQ(NG8wue24n&_?+QMMI^nZEpfOgTe$?kzf%!?NI!
z*En`g(Y+dVH@dljf&gXYxfCez6cCqU`3C8XK>FyRkigXHpZ$2RF0*n%`JmL$z&_r1
zY}({`Maro+R0(*u1mMD%9b)3UY>KMhSBnOBovuQNb%u>a@wXF<4A5~m|EqcT#52Io
z)W=7ITKZAhYQ5`4&n^$gZBVemim2o-V|f5P%)lb2+WOb>&K3TUq&S9)h`!^U31=u7
zH;2JX(g)pg2FHoF^`DTZ@^71diDo)BrtkK8GcOy6D8H;V=N4!Vps3fb=za-7guU4M
zHD=B{OAn!0jjyK`U{l32gD7H{3yL(bO)l3Bd{H}G(FIW4ypsr`DQccr6~kd=MB=EK
zT9Mz6{_1e5{KV#82}E7(!&bd!5#o(BILQ{PtUxa0`^5vs|LuR%5y~BASv^(tDvf-)
z&Oe3P<GnB9QhKz-hXwv6o^rO_nd6zA?!iQ1p|s1b2o#Cj_&KML#(@!^Gyx$%*kalq
zv(r|ze6Vx;w}Jd7^tu>aN5D&iqipGNL=g#aZ=c_fnC9tlfRDQg*NEFIggU%!4=StK
zkal+e$fzKYZ*UHEHUVxT<G)0bOu@X*Ruw^@1~$y@UD(UvwutoL{|FAeI8?T;d7LDi
za%<PiIAi8Pjm_i9IV`#_YLN!=IwOGGHcu3!g{`e>HPVCTjy^FG4R^LJCS-(PE$4Z_
z)%xB0+ITWtVtn=Y1(wY~azI+@x8^h!INMS@x-Tji7QU?%E+9eEZc@wviqW@mWx5o&
zn{dF^H}UJI;THMY46NqN<(|hyBA-+a@7dq5{Z!@3&QB64C>j=!R$AC`pmD<x*8Mc>
z*Vea4lKu`5#vIjq^rMGS<4|n$?xydo=6E`b7R}#6ubQhGYZd*i|AF9q+$`G|sX;A;
zVm`Z8AG(w%g+kdFj~=3>*teS01%u-u7zpIi6wI3;L5h>he$!!8IH3~E)|cV@YA^I`
zVsX|-cltVK6%R;wf?6;=OKsQ1!pV3#B!;4oVMDiloWIDjxZ_+Q4(MjZ{@ncMfSLpX
z1@p#J>Gx10+;k32G>^yisOkMo2Gl(*7%YFEO*G4*DwUyIpl}xBBqT|<6&P7eTM{>Q
zKC5(gWZ5S`k?8;#>G98W5kP}r&b2t$snMM`f8nf15A)_<jAGaLy)>yBpjLp~YWV77
zy$(s-Rufv7q*8<o*nA&X4*N=*QG!3(M1P`>VONZxYNSH$cfXC00KIEMe2Cl8yqfT5
zS$_k+9(Y4}>EeLKe(2;1v<0rWbQ+4Y2EtYoDGDWDQXX`b(Qh)jP8@N>NMlBVCX|8#
zT=SR`-<lnuP-X<VB55sW0KI)^*)UvfYdilnk$-B@)DuCv{Ulhnz9=fUym2g*Aio9n
zhN)hVLrE%b1??6$oVmy(E?eIG7H~TvR%lK|HTcqNe=Cx3XYw6}8|Dla!Q<qJ|G5D7
zf6yr1>s%epXg%yd#<7GSk-*;pq}!Fnir_O5KuH@&jIQ(TC`Fvh@~E;Ep({kmCJKiK
z&T%S84zoPfby~s=WQ@`H&G_9UzIuRU067(BAQYzHFbZ$;`>+8F--l@m-{vSRdB3MM
zCTo@W8RHRps3*f_V?PmHz_L!Bq2_+e;AcBg563@O=YWdR&b?H4Ao_6ix3<nfv5BDS
z`jCp?4Rp*7WOcBJrD?qT&ZcU-kt1M3e=7bf(oEYtLkf$w^EuD+Te6)$CA{hVtu{~1
z@98)=z_4f>@t51SNI>{=-nMT=4#KwIUZqa)l}1{BfpZ#|_iA$iu&jn%K5vN6<ror@
z{UiF)iCc&tMzLq4zC_G{Y-?oh6hU?PDg{wK77b2MR{`{Oi{Q1&Y$Rs+Ij5G$JlNPx
z22=9uP%YbRaJS%>TN3Ppe=!(vyUO5`A+d~NC|-V^T&(+kMGjHu+v@qwGwx8_{Ji8K
zoZEgwX~hEy$P$=Z@pL<EtF+k2DK$sPWd~)TWhT{;f~rv&lGwBS!zWWuL9MxfDzt=g
z;qQ!js^pE8qH_bYP}7sWAL4etuihMq=40}F4%*;bo=y#y987J=AC0<Ov_?Qg+;^9c
zDZHb%K4j7oE(EsTAUt9H3JB)iCIT?FH)q5Wem8ToHRD!N6l@x<K0Pp<M>(7J5UUzr
z3fmmOZ(&9ACgIZGm2N)gz0@bxsOS-B82pKJ^tIswa;D`5!)=_8#alIjgv|Xw8Y3zz
zPJ`+SXsg7|)a+H5zh!2}3=KI@$eX~8CR0aGJ1(*pqR*+sx1z?*$UV!$3DJXDy$lc`
zfY>qr69AR|YJP3cnbjbj?AGgLuMsl!b?o-M#`E_{c9{p%Z8-hU9F&IOs_xh!{#6P9
z7>HgcfW$ry)NJgCyM;xy1JFY!_NPs!q>bY1JHX*W;GGeQV{|u1wiumZiy2JSSDpAB
zaC;muMppLX5_HTL=L>AAtH5z#gLhV9A7yw%kr{rp6;zdQSel>?ntT=t#EXCW|Dd|`
zVvETtzWG-i#&F3n9QNL5Q9g6o`3t{CPW3IG&u58t%axgPo{gq+m$ke!5rxlj)=m<5
z+**?wWce|d!m2cikVI{fSxLe+F0G7iBbC{{U!B4<wWvRx)`bn`As7lm!_$!Do+`?Y
zEPGHNaMr&(DaK<N2lp!tMr;vtUaT8({aDtQVB`pB(I-6Do%{<_J%Gxtn?x;fh|K1<
ziX=sV>fIs0<l!#}1tIWa5oRX!gD`yv#+$9oZQKL7qu3w+|CSac(EV&LIiFlaxV&7Y
zUW8K$C!s82idgbCL~@^HObjF_dg6^ZFiH-GH2q98+cCU-EdfP-`HlFk5UF=RD9n<4
zlU@?<Nz;3y1rg4uP=UKujL_!OjY$ny^>3S29x%k!CA{$ZZj%#O=d(3_yijv)!O^PN
z-FSDm_;zd0sZug+f&fzW)xMsj-P%I$rYS!$^e#{P-Z<KiY`fAJWih)?VN`pL(WiKk
zTW?n4Xv=e)cSs5y&JGVH*lAd5?8LD8fTj^gzmh!ke(IUc!N;uxAF~ikCBiaD&m0U1
z{OPiP-6rwh1y%(qlM51ARS_8hZCC_6ciu9ikI)F}+r+{*{&4js*PTDhiEVt`K9bBd
zkz5%lm7|zQ(19Ajl%u(jm<AGvH#SPe9Kj_eTO5^=rCUx6h6Jr2$Q9*RY_1Hq#j%mG
zYaUQSp#pv@%tvl_eSi~IQ7fRhxkgheN&7%#>UDVuc(ES}ZiqjdV42}cvyio1GdHKj
zs+d&vfMF{kk&0}b_+0YZZ;TfMfs2@sCq21hKS&=sclwmztVr>3V5?A3iLC*H8M?5|
z<~Nzx{WRyhCcMu3NrBsAmlqNa)Tt=`mI4<2HX6Il9|D<#Qj(;MTwKRl$W6p?foYK?
zDSel^`;G2mAW>lx@<wA#G=T-!iz%bjY_r6~f975uRC!-0XIpy4+Ott;2C0ahP3DI@
z@HyzI9f^SvVpHkdwYUrR3281`Xx$lWx;oP3(D}hY2-P@y8nytXmHsIQTjs|;!_j45
z@QqN2srRRWGg2pujLZfLk%xO#@0ZrmMS29aMPulS)b?GlLOLnKHc*(uSAO-l8YlJj
zHg6X3M;Qamx=tR}C6Vo-Wl+7~ec5i!kSBV{$A35CY&C9P7XZS_1h17N2^TK;M@{Rj
zvhMzP%k|^^Dad$o8*uoK84x0(bq~2_qg~fmzub3$Bjch@qmMyFXs;%xh*O!^#qR0L
zTz;VZRb8>OI$OdY>EW~n$j7EBAA(1KHgcRxk;yQYL!pK1p28JI)lA|(O+Io-NwLvp
z(UiCLXGl`{!32~MHADVM1Yo)JQOKr}XQuabq}$?9AI}IL`Mc%Nx367P!@0$u*Ae~{
zN7G%wcXV%lD2#jNX~8R|Y(x-cX?6WEJkRH{>D8+D;X*}})jMn#MgK^vL9;-0MN8hU
z4zvwV6SUhrRMnZ`Ml+}e?_@z&lhTxu8jcE_Q$-7=^pJfZGZ8aL?D{Bo(+nf=cM&ux
zQ;L&%n~#+e!XBeMYpvH0xP2WxwuLM9_+Azi8<4w_+ebyTNETw&Jh=_4(bXMz2m(a9
zx!ECA^@i|Q1Ga|sqb0ySM&dr@YajLH42mdtuH#^#NR3LH++6y?^y!-gaLgs_tY23+
zHcP}R(hIIH-&()wpbuv4^r9oD1ii810&8`KJ!mSW6B{vL3dk9yrWcc$%!+FX?-}Bh
zf80?4KaB%sDS-n@@l(XuSx`xC0k?j_Sl6pgQw@9sD&4vtq2UbDSEG$$McONS{&;`A
zv~6t>2yz68p0(el*$!-Q-@~^>itcmhcZn!m;Jkg#prWp~PSfBDNm%Xi#GmtN|I#IB
zE*lri6?Ca5Ix3rpiD$N^L=YHjzq{Qmkb6ylH2w#|GShgxFcN0#=rC5!TXpj_mxS5x
zV|Hwqmtzao5rW#jNT}5dYFfLBWZ;Auh*IXg=9sDd7T<n;o*&$JEZ)qZATl~GtmwjB
zoX~Fh$SnWt(O}dxGX*{JlGG0CB*%Z!p)1%|`_8cm^%Ehu@AIzbqDtWY$sV|S(N-EZ
zA<%(SzLewzPGUtZN1gix&-Mx_w`g%EyW7fNdPPOvlK<eC@92g_9Al34=IX7-Ov6@V
zWP&viR7+=+uxhe`EL7mh50r7MsR<{GC^nmjWVs(yQ|Shl!4tUyzdn2s+J_zQ+!~`K
z*;y+}Xu{79?agtK4MZqXiR&v<eM0Gz0=QW9SY`xVB{u7G4*USoyBxMCLG=Y+N;|}L
zX{(O+9h<(31!qncwn3yL>LB;LT$Upg=z0C+p517MCi=XvH|^HtCnfF-9X>fTl&8E%
zLo>uTEWMca>{c3pIjyrv1|?fr3K4Y)c|jw!WR5ZVz8ZJ*_fuLxGJ}m8<eWP2ixK~m
z=!@T9?C*qCZzE3bD&cWRsS2>pS7#=go%w_wibK}zw*}Qnoe$I~Cse&zcX63_*`)_v
zzQcB*!dnP%At?;~@-4DTzrw<VUr1AZ0g88s@JFf&XiuxF9hI6zSH!@Lurq|6#9(YT
zqRVvFf2Rm6_BeaAu=s0;n3NI6NP!jW@A^FN<ItBczFu#BZiK?(k77Qn=~kJQUSX9z
zuf{=J&O<bN<ukn75IZxsTrXL@$z^~Kt>M16{6TKR9^`?VA`o+|&8ym&W}SUOF7END
zCFBs%qEQUbn;zO7RjJYTec;8s5eJG<<_Jfi3u(bmSBK&m)K@PAU`&cJCJqujq{J5O
zmD0Yl8~$HwAug~{_Oi-jv@Tl?Lh*fwg|l=Gk{p4kghQ1TI{o*pOhPi_>*=^GY!qT>
zO#kcczKg{|FI_$$9`)&Ul5rGyJI+ZpmMGL5@l9v8?yh;8Dqk1d>`+%Hj_?Bvfy;OQ
z+x7&ik8{l;jMB&bXftFEX`HYobOTbVYuFQsOE1W!7~9o6P@uj<g1-0XG*@3ZB6<c;
zEE-MS={Vt!YC^rwrD#f*5ZsbMR5$}sli65d=_fG1U?MvSGJ=+pvy$C}t)dEM9nW#m
zW%q~ivl^9U&4AFZ6%HR1Cl1kyR`b|iBsHc7x)62k&Ck6#VJV5jf%S1DqL`aIbbOrx
z>{o60)_Dw!=s*k7wa``)_yhkaWcLc%P=4GtzjR6g3Tr%}I7Shzh%IScQgSnSoxz==
ztYyYgabkwCrf!)W_fJp9@dFlrI&q*H@|HA;G8Rtu@e?O=fr{^6oKKt42AJQwN4S~e
z`rzfxxZdd9=;wkgZ^wIdKfd-QQXG`3rCcD^s)2oc4>+n1i(3h8_M^DKcPXMJp!wI>
z$_3|{Yb(rFIf7AF$Tk)~&fD$<sYDJDcL~lT+zJ-W#xiKo`8auu-G7v5lo1-Bp^I>-
zLxNLcL!)Ats0<8kashc2cU8upW~vW0+>%L}G|*}m8lD=O^x|Fpk>W4&a&41v0jf!Y
z`nw<)#=&UXF_*Q8fk!vP_;Ans<tPQl+OT(cR`jFTbMv{J>%CHRb7#>#tDV|v3qV22
zweO-cEg2PTTO{&mg7QL1M7+hu%{U)^vJCxnD654#gu*-jGo{|dG*jzO21ble*FJ27
z#$joJc(vi8zn19}drAUVJqM#pz+Dr2#HNTAljN{@3VS>&k=iX+MtL<GRa23;l3U(H
z?agKOxOEc578f|zJ(Fc0g@twm`5W2*!{sL)ju1oW#8`s1>rd~o1T0t}R8nutSL}!9
zjVG$&<IK~3Vf@>Lqt@Z`bk>bAG=l#EQp3J+JxNA|+6Z@rR2u~a5C>X^kA`1*DR=nO
zW&$4%Yr9#-B8TPUSq5_8=+m=o1&7qDZ9XpaZFfDl4E)yot6G(?GQbn4E<}mm9gqD$
z_n;Xw^#iV_qYHH%JM8!a-#4Wv1MfP9e^;qqF8!5JafF|@>D>Ct;1RIXb7xF91iBvf
zRpI9O?>gGB%4tCF-KnU^rfL+_n0D#3E=KTnFI88qBE~$v=t#tAbh%O*wy{@B1r@&6
zgkLf8P{9qb+GcyC(XhCtalG``!p&Gc;AY|{NnM;=Am&(d7Qek8gIVMN*&;JJ^4^?x
zZw~l~{6y)QVFQxs^7%p8^Q1QqWd1C4Fd(`e6DFAy*zhYfTm=)<q$!RQk~Q9q!X3tY
z2_EQ$j!7Vu{$wDkuFAxU;}#);Vm3DnM}KjXag!X^0`;}gde5C{syA8`0Qfy$RPN2e
zAx?h%wdWm%;=1_FiszLH$jEw5sE(jJfV}2zzMq~+_a@pYu?>)m&%fgkg*}5lk368!
z&dP__=Bk(|fa3v8i)>#Gt;T?EFi}Dh@=)Gi0OmJ=<eU~!2bS&*Bnh3RrD+uwLeCX|
zVFK7(ski&C$+BIvl^PUxesXe^c4G3vKb6_Vn-m^eeP-Ich1r_nZqz^$PCDarXA7Pj
zaA*851nJbO`tCXd%^dQ-7&!j$LLUKoOdv6XgPmVYlt~#XV|G)(G+Q_Eb$xj5J>05+
zd;<+>E<q`{j4KW;{S{<ZEbWuY`PEH%)esM{k;WWjJaeA*jg04T)Ac;y8KXf@RBnD~
zzieN0*$#AVR#aI`uT2Osju?qB7LzWvQm<lJExw%$ogr#CXFXa=93m~I%B=YS#lwTa
z4ew_Y*~$#8wq2|9(&w;ssPe`rv~C44tm>~;kF;sqbzs1Tu3836z*!g|+Z92g%$Y2<
za5MDu-Kd?tikS7I`d5$LVXD=(g1HIr?2*n0QjsM7N48Zsc{~s6k9yC=Jr5q$tonG8
zSGd6BeW<Lzhq+1Q)@qD}t^p-thWaXnu)Vpy8OzmmP*yFrLfIFvx~s68qienJQ%E1&
zmq9mITrs5NXFhFNOg@Bj-(hzJw27SbZ+b3^i{yFPdeM3qi6J@Ca<Bzx;NJgBgy$Xc
zdA+&UAdT~E^L^RU&N2EnI}~!m=pQ7^Z+1lA?46rjIPUjt&gb`*#d4ozm@}?f@vt=l
zl<<dFC%D|*V|U*Mkvv|P-hQlw8bqRKU`{=YiuzAk`6g^J!)dP1evw(*ZT#O@LAIQE
zp$|c%zG{RvOwUT%KCZlxFjSA#DT3s1xCl&k{n-(eGwMEGw9n9e@m14^I~xY<Q8201
zm|35WvaBw-5GrO@!v`1M9=0Orshj?_*}|xu!Kq{n2Pjihp-dPuV7h0H+Y#1<n{LM^
z?5dz02*5)Fw^5><UvF20^K(<)sTiZZqNz)TNFIorHOI$(61VW$jI*PbFCYkhjYWUS
z1Fpz9AN84ddM3G@Dx^t`fwbzflycy~m3Myr)g<$hZu)b8xqZt@t+DtTi?1nyU*yUg
z+Lo|-iutjYXP@z{NV9BiayQXCw+)no|KtNf6IC!H<LY;hkN0ge3RonP#>N`0%_!}<
zjx7iM-IvtLsHgW;!qLiTt6Y*}q=-c7hZ*!(oA%SurVqG}3v-MBPZ@YhdcnN`7yj7<
zfLKoODJ3UcQJMCbvSi^?yn^4nSO0K3JC=qB*eqwoy}A4=Mq`$lIlok=W`T08CveBj
z#h7if=fn%I=^xj9@wH%;s<HFO9`~5uUKe_6Za1zR+_@}*Tie<8wXoZINbD^9)>uht
zqnq~1MS+xf+?AM8&{N_TJdl}j1aJgWVZ+>EKnW8RkI56IJtB&0LJ3aqMP=uwr^~?{
z|Kq@p6*a#D1^@A*+8mb?!Fh7mQ|Y`2KNbhsLfh3fZhp~DF1@s3^aEm(&_c0mp%|f+
zx#J$Hf9@68Da^isjd+H`Ihwy6-z|h4g56kWQ*hzQ#%y#GBNxi?Y>o<U=DzLJWhYH)
z&EyjuVx=*+SmK=*%kB+-a(n*i=|pw0+s%*3;Y?gG@IhAQFkbCgMuiN0G09B4p!Qm+
z_D$@C2%OzDVO+PY&{nB+d)WChaMzR7oV8Q&H?q`H11NLNrO@V*sSUF(phcr-u_e}L
zSNa`C$X=)#C(DaEY^egrI0ZcA)8z5*Pq`;V#V>~{y4p6~wkK+O*N_*}heIW!rh@jj
z$uOSn?4|b5)`qBGrH_RPnl4mHJ#Qd+8@e6BBFW$C*mj1yW26|ZD!wG5QaGhm!!AUA
z2wtIHpeD%`s3sADkBL`5fP*awXhfY$+2k}8qbH*_8hfH;mB#ugi)Wi%42{rwLmi~$
z;3<F|lLvY%T)QbTw|w@!Cn05^=0Jetl;-(A$7dUi+*W@+(8t_-y~aWFGg!<5J&5`x
zKs3J%v_617K#$-59*&h8uiu{M8Z~l+Puv(etY7B(*o4#%ia}5cra<lc^m2c{7M*68
zwZOMNH8SQvK#3r4Kvo68N{bhUv@?@}V8kyyPFRq6Z~ATT)~-u;6|ZWz&1uBh4D0un
zXmHG@fFXTc4&RrI&=Pls@+sw-d89N2GBFq>k|`svGzJe*%V{PRJK((|1#ifCmxH4a
zDr)xC78nvH8+<_-rM)A9t9}(voS&;dzk`T*X+45Ri32Jn%S4>T@^A`;7cGG{$0**9
z)!wNr{#ip|FM*W<RhPPLSG|+hPx)Ysk58WO6Ls<_$X{0-635X;^ma}t08wbH9*GNO
zY(A4*6Auaq%m{(`8rMbq3x8)Qpd;1}=Q=;qj{6`0<n|hMNf?MOZg3LV!%E+gq5k#k
zTQOxj8;fUq)4-o5U<h#i6uzCT`jK|}bIHI1n9TfZdVxd^tD><}71E{FI;B!tY9@<@
z(Vcp8;`V*TmOuzUUIGX}fxy!rX!Ksnv6(dFAAHN$Mb6SE6UZh5*kBHwaVUy*|NdH9
zv6|E}uxm=WKHz}hgP>1xtT^?yovsF?QH$lfz#PWHPW!8a9DV`k@P*ZB&WyjOsn7G*
z?pQ+KIl_>4(QOEeohv@_;N`p3=u893tw4{1?&FvKp<kCv4Y5zcW{A7t177V{Uy<K!
zzbf}(uT4qB=lywval*fgb>03Hjot7M8^FjY&nwRh=oP`6g+J>9+6)g4Lt*agNTpEW
z7r)E(e$#pM?8M<F!H?0pnGa!I^ZC}*DBtbtmG|R^jh(6e){$TOyq_D>+=NGOdKFEb
z#1P3jDH^6%lU11CnID@`w%5Kf>N~%p>J)UY`sm%hA8Dj5ij7QXS3S|u(QGB?^6~6a
z1EMbi&9iuIs}haX@K7_A)Ae*6NyK(2)QBf3#y@epvtE>;j(UJ_2`(>%>FLu3zTPO;
z?Q^$XYg7#V(=Q2--WMZ{)&T`06jD8!<be8XL}fphb_eT(GLZMISYd{hZk5o`+%b2b
z7qA0&tE7`(>>Z0LDCpkHqb@09zXeU7v?NfU912+v4crfr!@aw49_*5tSkRDs`d7h}
z&r=#3iLdqJ3U7aPeQye{_KLkI^JRBpwnP2%G(bEmV1p#7oUG+g4eIF<QG&&@zj(2|
zEa_$K$!*theY=iUp%8)^sYAfYS)be%w<Gf&ofMh)u3!Xo2=Lj@T$=*}upH8N8NaJt
zA#gDW4vg?ZcgF)5)}>kp>H1{EL4am-v8VpBIY^5KeT(-WO{W>ukLe+ZO(f&m(A%ZK
z0s9qMQ>`r1()$WD<=c1#+(Z)4DLHG2Kr1o3E}q@cpcz6Cbw;rB1P3La2zKJprMZ|5
zs<#H1vWz+Bt9=mk!?UpM-`&?^b36}$uMfN_+(Zh;faZT0fB3Bxj?(u=kz@GWvxa`j
z3RB2wItgzEC(@uNqVd`-u*sB%f7TRPa>$h;N+tm{gV>_GmC)JD5d(PaeEJ2Xh<l28
zMpI}G*BU>y&lhm97Wvt;!iGL?@k5to#OeNX*u#l8xCgFjx5ub@vk?-#Z!?mQ_nQtg
zXXAs;lcxc#HvJx6$5=ghU9V3<m0KgeXS-Lsmkk~MRg#e%;l$(al4@cb`s79oDH(T7
z`$TEYNxBoMjelmlOSYjh`0@Kdem`v$2f&2oEI<k=^p=`-vN)LcwmOvRlDvZ$=&faf
zFoy8TME}J@L;F0{*VkwX=%*rM`{na7sr;S?xD~oCJkqHF5KuB4l$OIuKO~<9t4lxq
z))uO>lmgbOc#FQi99y!CRiMb$fooEnkm5w~dBf;qsiN*+zRcHLBDsNjD<FYml!A8!
zvKFov+u4FWpG9ut$dQ#Ia+i^()|>r~OMi!pz^KnaKD9)1Xtw~iN2U%^KbJ)rsyNy^
z9pk%4PULEUJQ~w~9}F8FGoLQZ!l#kUvlnF6@ND~Lv?r@U8OpdC`0n=6A)T!(a5IXJ
zc{6`BMt}<UKdA6L?)X22AyM8?4-`?yl4i+v&g~~QkD#6?;WzI%U61PQ$`)(sKi6y0
zT8n2o;0rm^iW`7af<{Rc^WWs()^M%`nK8|Rlwub%P5ZMeXIMySqVmo4vm3wA#%77B
zKpD>i)f=Wb6tBbm6S5n34|!|od)4(C4d6VjHv@lW11O<D&ZJkJCwE%uR~@*Efa%e*
zc?kiLQ~r*>N2Zhi-6EJ=4d4plCQxJ#F|qlZn#fqf@Req%8?(e&$oC9yXkL+302Q9X
z*lAC>pzUkOLElgGu?9MCK2>n6UQJzt@h)ZJsE*ogRzdp>FY7TgZTM!+;+~&ppPNNC
zAE=^xa>_UH=WrVA=vFd5%Q-unT?S+sF`a!WpR2lU5w**IyZ_x%qJ#NiRgZzEr7uCz
zdv@^4Mk-taDucvbJ|~HxG&|V+mcP*@_+w9a<*gvT{$Xo8$5qn|n(Lv`h{^xXY%R`L
zZSEegVtYnh9y=IXj+}JTwqJ*->333TR^NjSfbl(dp8b`j*|k&GUQuC<sV$kMD;}>`
z=Y^9YYJZ%Z;Tz1*#<oPietmfoe`9N1rMXe$eCS(nS)e}A-Dr7{?8TEZyQt;$W<8)E
zG^#ilVrs4;h&UZ)ao<rkX;_ZqtX59BR|Uu-Ju!)m46Q(S#dTPyZ?r&7OyeR?E)BFF
zNhzAvR7$Ow%9_I6nK)QdtD0o>1op2*7|J^P-270Z(Sf0cqA2T6Wi#Ha2=&4;rHTPU
z5@`Vqc13N!hVV2QkZ>9g&f?1Nsm@PJs$4b(^OV~wa|7bBRtY&fIW5av_iEOfSVzS1
zF!FWK<KBYIakA^C|56vaHJ&B8y|;QuhY^MMciGQhU~`93dFy&f@5pyePw6Iq*2wSD
z_e$I^BNqvf=Moq(%{cFNU>uIOJxcqzx*5{Xe-}|<^PVzJ#Pt<5PUf(v&YgZyq8HJ~
zzKr`B6+5My^-rgc?C2>%W>@rHPP7s8a2XMXyKaP*;J8AMu%}r=qtqd`on^n@>eE%P
z<IL~=;Gb9)NBET-R)4yzg__1h#N<I>xsd>|i!!>Xq*e)w)gk*cOP^+Thu7lqI92=A
z&`xj!pUau)()}JLE2@U9#GDBAtBRchlz6TvT*LMG)lc&FvFK~+@;2yRN1bAlIu;Y!
zNZA5P^;Qx)Y;p%J@`xiBbxAvDuBiV+zkeZtWB!=`SL`HzIE|O7bRk_yE}^#fY-P4+
z90Z34&BLMZ_b!c9y?z6}b8##|J`9s&W`uudJRC3#T?YI9lh1M_hi@1h6KJH7FOT_e
zqQe?J7*_m%(+cKTO02R~sTCC+U5!UA$<dBj3InLEWhlFISXXeY!cEM(3H%C@aKz}H
zW5<rtdy!>o+TS<dS5~-Pd{w_|tpP`RRe@CJMnC@XcBOyYw(T2KaK1$W3zTOvK`4F@
z^3ie_@<sKk<at@lo_>{haJ_BA3$&Bz@py-EFJqu=%GS~!?Nu)NHDEln)h-L@;p@ua
zZ--T-3v>qwO!dVAW2=<ED*5j$8$!EBFZV{fxjl^j5LId~daeC?fm-=42K@(f2j$UI
zmWW7zNQf=V<#K6B`oSnuVS6;b*cbUViQxzqbG&k^K?_NrTz&W%<>A_rY>VRcDSQgu
zsnO0g!5EyE!+3r&PQT0RHI(#G?OA?FdD$0<BJzl@d%HHJk|<&IZlQ(O!91&}J{+?F
zs*R}9fIEn)gfidUI2{>{4)bCc6w-yDmx~uLDKEC|Fs`{tMBz=DmigzJ+o2hqrt0_F
z4NjQ62gB;4DRkf6r(p%_L-ju)MTxVg_qlN&kyWeFn$86PNkPp_rx29oKF4iLxlXoA
zftU!Qk@Ybz<3zf8;+T#>T<L^nc@{4vZ(869iB0C3Os1*BdEwoIF(~j<z?7T7=wCFK
zMsl}^RJY5|7o&jr_crz*0z9o^{v>;X53MsMXAytSfQrYB3Yvi#+z`|P6gV;8^s}{5
zaVKdKW`7siat@oW_3PyEY&E{0>ojn{@{awkO#0pn3HB~_^#q^q<mvN88GFEf_<)#8
z><8Z?+7UJG@v;~0u1%Urt)yCHQKRx`NXV%vo~h;~v7Fkdw`R-ST*t=`r&R5xQHt#~
zE|$SlaMd-UrwJH?etx`7rYC_&H8K_I<{(HM*Uq^CmNKkgWO!_{L})W@oS`1#wIc*Z
z6>{J2+U+nYY0c-6T}IUTi=1yXsb9){Cnny3U4y^9Use*&HZnl0)AoZ^*(s6<pcy_b
znctt)Orx`bpqCW#kVTni8JtutKWwOs%v=ef>N(cY)alA}@=*W5z%vg5g}H=azvKLA
zYx-|04aY%mGpnIsdaW4qZRIROGXJ*%_f~k%Nvy(Si_mprQxg?XjmV7=FLpoQ^dKft
zY9VS&8LsbXN}zv~&Fa*4wVgEcIujc!z1Y0ZE98DwFrE0<?4zIec^-LqRFB{4vb!Rs
zG>T;!+Qxw2sU-TaQg)H9MA-&*M>9+F;3S?5l#8tVD*2!&(5V?8-IuoDx@~i4h}q`p
z5bsIBXl_YWa{JHH-TvKSfl&DkGmU1SzmRm{<`qfF`kS?y>x1o?f5{8P+4xnfAU~QF
z@g~R{JpT(kdgcyvVm>k5zX>Td8FftR@ry#pzjC;a(MPhX4$H-IGM_?$L(^N5U@RPp
zntntC=vg76vRE_tEtCnm5`U}$i=en{oF8)EnsQmMifzw+sKgvWX3k|2?A3~lPR*Q~
z7R1J8#hj7O0c>#u0u&Rl`{6Fs1M9LU=uER65*Hgu*r;)p$??qdgJEdINJ0cms2rSd
z6aBX!fp;Z$R!3a>J%d4Rs=MP!N`J5q#%5=Xs2X}aF(!AjOc(KO6hjs8oyX*#v{sh2
z8l7oZp567&C@uzs(c(6LBGE%T;BYebgjp3a*|>k`b46emaal<zqtO>MEA3cjp$B7<
zXi&1K;O4f$sHC=6yP))I0bPO10Yjz*h_`+D7R0)#eg|7UA+jtv8Q*Nx#u7q8q+ebz
zp)EFmxPde82OOZ7yO8MtN0%$abg)qxMj<Paij#V@rh--(TC>?>`hYvHeply#8-}P3
zNFGNHiC-<hOZ&tLn=9bK=e*f#i;LB&%BDZF+-7v9sf%BE5EgRgmjd$9L6oqhVrsKj
z9B3*_iD953Lsz(*dC-a_sSi!IQgz(3n#>|(lqo^UegR1{h1l><-CO*R(yrP#h%`Ge
z_`I8Ii}fk+%KyT2N*in*RL(NInc(Ht4hYzEXOt<0YQFAMk`kN9O0vl;sG;RNgf8gR
z)P2+<vdgkLYVu5^bZQx4_TCiNVc0^Deai2KI!d22)#IwLy$5$5AAO&#x~MI(axRJ6
z=k)QsCB7ZPw$q@r(^%c5u!6#BWv$dTY$hVCo!5=j5;G~dsDGpU<-`!neLqZ&nA{@=
zg(m>|kJli-A)@CFV%)mg&Zhm3sIQJ|`uqOZj|HNjq983H2ndKE9ZKgAkY*rAjg%P8
zFz9Zir8YW8j!?R5bV{=g7%_6h_x1k$^ZWnxIInxoJ@?#`&wEq#uGyX<<yu|Om@zVl
zdf@Ap`>VX6-OH%(fp4Ea;yrxV1Cn0%-hRocYWBlag|vUdf3~U5H51Wvtij&<Bw0}9
ze@d)?nrI1dL7bJ&wph@L56)|{f+o;=iEnd*mbQgux;s-iNrD$m`W1;rk}oW}TNt~b
zvOlS|Dr=Uo`(mizQZWz|k=<fO_gb8>*`u7*Q?xhX_B;1(J*s>gxpuoJ;f=Z*)B`aV
z5tNe&z!M(K{oZYl-FlPRzWD<2$D@$YL75kQb0pcmqQ3|&`aEjWzYpsJv!bPnG`e6B
z()16zC*M7H?@PP7W5M+;W;fSXoFt{}gHX)}4OR@(i!y#|syA0^CKe{3LADQvOZ$ml
z;5=vDbv8%<n_!`#7Dr#zmuHsFntBj%Amhy|9&@+i7JylvQZP+#Vcs_CRJ<;IOgGu1
zcU>`~@;re3`mc}?S|IiFwU&)RSbU+86^?$iXj?+EV`DGvr>_%&2O?+}(B~6~Ph@2H
zQsG7E=db?<jxu_k>^@KCd(c5JJ)3jn*3-IavXrlUZ(BW0VQ1n2B^gv!R#KAqf!AT}
zw6~yYOK@-WWapL?m*B$-!HBT;dc1P+&(t&H^u68&)RwZ<Snwzd%&>6^no+{ISfGU=
zg5Sb`4!>`BgC`%v+0D9J|0t8Y3Ig5C%wcvOij*GOTd3rP%OnRz!qX~e1;#vLachiw
zCH>u0n$~qC*g|P&0}?4pX(Yk?xLHq7=K+92RrzM}CfMMt{WWDJ8-FfMwn4UU$}etd
zgOCK}nI7Zw;v}tPsM0O{{}L@<m`iT8z%v6Z?;7t+nNE$Uub&V5!ya=E{1PcIdo1#z
zFK}gg{1_Send^5{#CL5YTs;FeF)Gze$lfnMt-0;Iw(ZU>%u9(oKxZYwOyW+X3w^c1
zrxJE~@J1iWZ=OP%jF^OemT+9rP<<VlWm2PrJnbKCAUG0{CtJCAxbyX|_0@5qyEJ3B
z_yAtPiR=UgfX-Fi|I7<`xa9P-f?&pNcW0)<ZTtTv5B+xauNQcTTOcQ#qhiHf^@iSE
zt(dIxX_Psm-d%sQ&!oi2jg(!TZ?$2ayN5{q&t&VWEq@(*Yi!aq=((t>&im#+Bkr8<
z@q<mO-jDql;p1@NHh38quR`@~T#hPlMOn44zSJwd&JulY$D*CAt8&ZcCD6dPIeNBg
zO?cW~?!rm;ZHLmt@J2IPbc-qIZN3>BWuwbWgO^`EOe`}$%kxZn%ud6B9GYb*rUY>)
z!N*^wjNOPMP0aZAlwHUx;x}b|w1LV4dVlf8C(V=;al9PA#@_rO1*d2-7s*(#IT^u)
z5Jk*Qugu2;-|{BPgV(k1hN`{+CW9#fbHIii+%-r;%b^yu9h5*Hwj*F{TXBpR#vqpb
zn`~nMSoHNw^qMp=_JZd;_V<ldwG<5lt+-Db(v(ld;zI&Dav*UspDYc|;$5_o^VM$Y
zt9)`d|Jl~T9xe81glRxAs^uD$bH3H?#c<wFGb|XfFQ*4L=(jN0%riGou`!$qcvi#a
zoR<G^uuujQ;EaEp3AwQfv@rdl%z#SX(U9BA36ZiYyS#pf^e3GQ1Hjq*pU;Jr(WB+M
z)IQ~{h06GAYPXr26kYcSCcn+^>psd|vNS^9sC|~0@xB#kSUdjJaUGfMw{5aNa<$$B
zq3ue`;hutKBr5B~*9QLhA!Zpc^^jHhWzo~CEbFVGrj-6PtD8-nT)6J%TtYSNE4a&t
z?dJtGdmfSa+-U6FBh73`g_W5xN27~^UDBGm%mFe#z)D#itN&N17;8M<V6Ts>(-la@
z$pHhB`h2Tmnw82G=PG5HFQv0LFR$wiK8i5<zG+G)A8gzD_^He$&Ja0L+Mq=HTbAxl
zyND*ry3KA~suO~Z##-<)q~00HF4+F`l8Z}(RPNKq26gklyHgo&|3~*H;dt(*m?Y8t
zQ)bv-*O_dd;}Of|k%si_fwt!=ZtJx<%ElE5d0Gwpf|d_8#l1hsDa6YNl|F6ofXgN|
zJg}tt^D(C?euT6zUnX$)+i?5^8<Q>XuTNoQgYVV#F;5%cI$W7<?6&ketg2C8=`F`E
z*l&B!KRIt+mIS=D&Lj<cMedi2eP<L-37!%H=`jLT99dUx!hdLtSxs&P?`4YV6iz3N
z+?c5+C6wb~7%uH;nbR>5vm!xU^>%sz*-N`}I){k?AE)%yF)|lp<hK3z-rBTI6MCU@
z8}1N~u+i{D=IMLupI?3jQ;At`ll75hJQC}7F(CBiy9^1IJ?ipkH2o?vUPYB%GbxS}
zqlUX0c&GORv<v`RTYGHN%x)lWf?E0p8X7Phkt*Q6wH62pNwxIi_Fn(IJzIue8IJ^J
z88#yenyT7_z^}qThlAAlvdg=@xSL-%$@dQ_461E}b(3o7N}5>zlytaSGWhxvmeTu8
zLi#a0c@UnXS5}<EZMPnP3)B5oM#`ekDxdA9{WR9EHWLGXzR5}WA#sOCoGwOi`KuOr
zBGvU=1$r(mIAd{_TBZN(_M+ZkY`w)}R}l6al^C;mQa<@s;?$T&WE2-!S9hK1gU6aW
zP*&Oo$El2c2Z83^(#h5F?<O%~zb&oL?^|izlWsoS51+__sVjfGoZE3wxp77K;vw)%
z#_e2Zw=1k>zC2gBPb~jNQSruR)B6qBoX23dbQ6xc2_#-)yyV;X1Bm9u55CSXP3mD-
z;p1{Ac8SN|F+Kw@-xD5(jx2PV1|aO1e(ys}q7i!HuPEPSc3~i7RyToNXl0_&tpyY>
z->z2vw_ezkZ)*@?Y5hN!-g!>L)8O%Pq=plElvb+U8{05UDz+6Zuvg(P7XI6HLu6Ej
zLvEz1#oOC*3F{8dv(h){to8K`3M~q~E}WX2%bBR%fm1(xx7y-e{kuFfDI@B4p(-N<
zo#6_;avynJ(cEmKx1dvv3fBO-`uyrvyC=C2N*>!78NNT=q@yf{v1Uoo2sF3eP-!@n
zF2I(HH9`w~d(n_Azf|x8*U~4nkMJ+&?s|g}eo+6ATvt5D&Cw^hJ@tc-{cEhPCyk%L
zgAnt_`-H$Yn^;N~;6a&p%~g)Lz8Q80K1cJPGab_fZrY)JI*Ep=biR_3mfaD=g25kB
zwubKPEbP3>EI$%G#Y;8=RRdyC{vbsG9=Enj)5%e_a^nu8CP!P2utwz{6jBO548!63
zk)X7O0{4y3H@h}MWMZk18PPZD-~_oF+_4dY16_}T1D(@$jyKz_4*Wd-ef-h1{>9g4
zySgPfS!L0@z(03Q!Tz@AZ1J0%%mB2g<Op(vbQxK4FV&=>42(f@tyc+guIrS_JN75Z
zqwA}R8Ye*%^8BleHr2oHr6y%~rK=go-9`^Ygxw>Q%z`KI+LMbLe{W1t>s+8(FqM!-
z;+pM)931S%W<8;^c1aXTe8(4k34_jnCof|PoW(c1QOz$t91{$vkv*i$wIzsD6R+k;
zUBoD83?8Xh#2ezWps#ty2r^}>hr!%&9jHglzTPT?TUux7Q&PYD(52F(Mst*4rqRz`
z-nhUkX@9UXcji?S%}jNcq40B8TjSqG7I;p&Vr(ye0WRLc-Hi+79@A7sc92$9mG}cZ
zk}mc@W1r9#Hgo@sdYC2_6vc~b^8p8Yv+H(UqOCq$3-X8`ilo-Fg#xpidMFx0p_8A1
z2dO&?S7LW<7i&t?Sr=WhRBM(xp3gWq9sXozNVfI&n5m0EnWj;ADfcy^&hl|}!gN7z
zHop+5nL>+Qy;C9ClrnY(8UoD+Vsa{UbyT>fLl94Mfx3;{y6oehLr-nVXI3+<s(&L=
zk}?*&f|Dfj5kXWiuj&6?j?VVa;nD^zQ)kbv%#HM@i%oOt$khv-^A_yOJJs*EBIVp*
zx?pMFSiYd&%}cIq54mO+Tdph4yLaGcXJ2=rH4W1T&m|D}RKPmiO+Esnxw}p6b1m&1
zQi}AuyHNIW6?U8!`OUWX(PeWf&*@LVX?OglklVfwK*ou;7uWu0io)7vCEG>uwLBMt
zxGWbfbp!~v3}Zy$fgqA#OUZ6RUy)k1b05_He!fA#s1r-Ui$E?iT=T@=Wc1IVf%?tq
z*IS~%&MmrYFx~^HN=O8dM<+GTcGqh7`m8S)t+GOzZrOWdz>6mH_AYQ{sb5{<LkO7(
zuH~JT%wV>-A<PHhM<IEZl0AgJKGeq`g)mzOaWfg(_j7@ur*QifqPi|rR5GR~$|q*$
z2cw0dyI7n}r8KycqoczplFD}`Kd$g*v-ioa&omm2=d2%KHO8OB(s`#*(45txu7?RG
zDv_nK*EikYck4~<>i=%aJhj&zl_wiiOa@Pqsh8VNWw_V6w*?70EqXZkn!mF%%STu0
z<jeA-$sD?yN8CT~0lGp7-XtG}-#OH^Qhbt)X>ik7FWe)V(fuGOUQbNmYx!-@H{5N<
zrS-gGx@%`l=w&x?p?2CMqfa;jhN^aLz1N}ZY7VoyHgm7c?yt&E<YnyJqspeTd1t-7
zbFvsb^ycm?Odz+nVV>H0FU{Ije3v@s9%V@uJMlJ}3K!O47H&6hLD;jHHct%ZEd3@4
zeM3c`b!I<y=Q$t2O~R`t_II8}ggTW?j_(j?qul4M9jFNg=&HjHdut#&!xbqK6W<7|
zXvLPlL;3k&H!+kpn6pC`#U6A&G!{|bAs3$hh`GNp8<R+eNwq5dLd>tO1VC>tIb}(5
zkhAV8XCE6=j{EEBW_h=Q;Fg=LYrT@A$PT}NyyZfl(O}t#FfL`WZrP=s!=rvZCuRL~
zfq@i258os~8PVK!2I5O1eAuC`&EUv~b02T>$oPJr{+DK$j5e=b9r}X$efTRWgCc_C
zgc1FO0w3MlqTjr8oHiajHD9_YCowg*Go0J7TwauBd!#-wZ|`win!pv$?*c<qf+rzr
z<@C<1s->w3x*_~yeMqsd7RckrvSpm9jp?A!IcMOT5r|s<P<Kx}F%l9wE_i9}n_@9-
zTmzA>#SKD}$yL87QD`HG%>Ka&SVTF?69ElVSTL0+aK9eiL34XN=9xTIK(Y%dsn0eQ
zB#7lz?#WjssZR_vJ9hc~b^l=chDV%<zhrGH7Ew2)UBLYE?8(#e#%TYBA)2DAwM&ta
zI_VO}#(rFQ@Pc(~<h6&9G!x@{zicE+AJMEsBDB!e+XFBdIkpCP-e#AXQcGM;Obxc=
zO%a;ENQ=7sK}|_mW2MUm_}%V84H@w1%vpi?OaF5-uAEF{0cpeoNkJRObIcIFF}%jJ
zc>&SeyA;W?xwE5VNM(J5rZ}U~1v{*cqLvN1R<P-g=7w7V^@fw`YUT4Z;9lgp1G?xG
z#+_DE;Kvi_g!^4m11hy{H0@gGaQ`6853r?IvNkZ{ZWwh(6UzZW{U|c(NW9K<e}2>w
zy|gRkl36-d&_)4avGuJ7ZxrqoTlx4U--WD=Nq4SfDbSPFyL!h1oc+(y!0BzX%LKGb
z3>*rj8>{+f=^GPhNQy9=5^{IQPhEW25$O}Z@M94;&qDufdYh=lBZUpOQAcmOal;D>
z-AxRWTb+}9vWL4wYEJuIijc?8=1doOBh8$Gn^}lfRA<vmAk$VR)@y9qL>h6!xY538
z5sUEsOHj3`gB-=k%GE)BqETrS?Y7nw((y!@VTE;J;`7U3Gq+%V5T;ssAYP621pVYC
zs;PN>W255j);`niOCcm#eA2J$clDOdOMop(eOm(N#ui1k-d)nodD}=8X(u*wUc`mN
zbeGeez)*LZmyp|TcwwI7mG!y8tp9Nz+g1<XT0gg1?BAJCe-=G0AKeno<mXX0Ys{YG
z-pXze^CnCD<n-z4GSorK;l$1`%lg+&ZCLCm!v>#&maJg;r%9&8EGyR;{Jo~#Yw<ee
zx)Tk8KA9_}`d0TkHd`J<vS#VGPw4B;Fn$0ko2mx6ueNyB{pJJwA5x1(1?Br|Xt>ds
z>w{cr;_sF$*RzqV14w%ONM^%(Xj&JPfr=!OVmdnQ((0Rs-&FZU3gc8Rh0Do!^uG7X
z7qx)xvy@wPuU+4l&olmPRQZ^U_^=QuaL@6>#y5bvK_jn<ZP0+kH_S_6Jdy240|TGW
z=kNAYd+;EdqSiz`t5aOB^WK5tktnIIduZ!ox!duG#OZ6;#;`W)vilMrLrtr4-MdJn
zXO^P!_58vS#fl)Yc~`eiI1P5g&hKPmS-=n48Z&!|h(LhBrt>Y)rQ5?rZtDAo-NT1x
z6ibJzxp*(nC`2ocX+@`RS8vd)U+diV{I%}cCPeh_4j*yeM1}7M(hhQ^M&vaWC{J%?
zn)TU_ZY{bxn{cPT*4t_IKD+erszW2$sC<khBwxygr|+SSlH#)U9BV3z#v}JY-F1Oz
z02xPRbQ=C9gVRE^dbp4dVKM(B;Q`<$pmT|QYjvH1w@&H5!$2#$k3Nc~7n@0VL?C4k
zMX#uOG@@Xysj4R&B%l|Cf}+eK5!y2v7kAH@%))jr$Og$iJxDtxFIRRSBA}YCZ84ik
ziX@2gwAx=HuU+{^-bb|HV95JjvJMf^p8C|RN1~>Lb|-Qpvgo@@glG4Q%_6RZD4tlf
zqFh}}01vLU$x@Whdp*aIY)(kU4Z<Ua_U4eW%d<)334`;u2%*2Q&x>rXQ>``G%%qqy
zF8!6D*zhJEg(p|@NxMglGhMbn(p}1bCnPM~ZeMPO9rVnI@VI5Zv@N7JxX~ykHn}mE
zQq1tf^OjzJc)JJ2sHvg3-t%h1{hHaovdO&-rq8$hrVA!065FwhuIv0Q4+@#LOcC*3
zuMjFa%BF0wPg7bq46kxbEU?J;-7FqSMBBO6JF^e*^mL3?3B;;WdWu?jA;)S0?+(LX
zTJeo(pU8$~n~mr*cAUSV;veM21?@4L_3_5fN?g7)K_;ga6E4bDa<5_F;b|K?qDCC;
zmy_rPiIdzctqdyDGJGAGcdg3zC5Ho__42taRPlIaD%S@>yG!tk)@?^A`#EAhM9E%S
z(pm|);O6>Wf(U(3JvXtAIupcL)cv>EhNx1G(N8)$#HytAfvEeA=>l$KE<wm`HT%QT
zISqd<bWPN8L*-S@Og>^6yHwPV^T%J~_Vni+&{D4aueFsr@Age#FUuPHSeq63)9!-E
zE1zXmwo{%sLM2Zwtg>(|<=CxZmQMc(|ASHMfd%zo+z|nG=6<x7uml>U@|D~-V_&(v
zu!kEZ4d&@h{`IKE7&0f?X*tDGWg8l47Uwuy(r^h^b2igi3oQJwX9s)`yhdh$jOx7N
z=)^I0*Tn~A3P!xj^8GZNQT)SIvK167uW{<V5)fZHcUYa`Xdo1C(ts9A$k*`k5|)A@
z5Rd=bad08HI90W08+bFEh0r`bR%2BH&YfX{>N>ygP%u~G4y0`77BZ%V_c_s068Bf>
ze%+xJx4WK&jj!3%El9l#Azy`^BbLm#<a}SXdhTPFF(<DTE*8EXnVm!vvg4QzH*)9Z
z`>XME&n70ov`|8Su!HX6a<2c@Ib}?NRTgZ;zzfzk&ZGKkj2m^j>*SW-(WnD)gc!m(
zPGx#jxQel5c2nqK6=~3~^E;&4fS(74RFWW~C)7_aH?W(0y8bGniBok)u(Fi*8p7LT
z!fxOPhY&~iI<F>0k0a;mxsA^fj96F1WuE_663ppw8Hyr}P-Xhi^wpqF^P;2qG~z0#
z=^=Xg%Y)TBQ9u=$M8X6To8o!toMTgpD;q6+Y?mRldmQ;RAH=C*H`S+S;x0hvL39R<
z@%1PJg1Xrq_K;$f!@_N=@Qp@FP;vges^N#_Jtb8Kao_iGf4(H2s+tUzNzY`jas|#^
z29irIV`$DW6K|_$VH7dMj$z<Z@Ee}md(<4{Hm>@1BMsJ9NcBG+!E3>z{(}TUUn5t9
zah+ko+n0WQ9}$pBW|v~;M5wx+kpRQ|szknN3?k3c`bQe#2Gb8>@Q#l6gvOm?HTHco
zgG)cd(eulF;E6F1EE4%a$@kc=QO19%^BGf$zo$*&+UE5Y#n0WVy-OjJgFWm0z0;-2
z=8xd{b&XF)_$zo;P=hTBd3Q**wR`Woz+YZsQOI>ll`!P#{Wa^L)}iQ=S4bi(E~L|<
z-9fsH`*NFn&bCZQn7C`MejW;es$GGGG@{Nedo{h+Kc+lNt)+}41wGdh_H#-r5ywyU
zL2J_>(1`e4*aw${q>QtS3iA={mLdrw)k)fUa|ODY{(qYl<hy2a|MuJlDRyO1FTn8^
zVW-L4;wiyGN7=<Ze9xhD*E13=|3=E)^+|5Ub5SpJ@3QQW9IdRM6bJhi98@i5<(o7z
zE%~7unaIBuBn_jP7{>VgMVihQ3CY*a^%vp3X9Od^EUPa3Dz#J8J3|u<-<jT}o-+fr
z*4N?6<s}xtW5gw|#_syS_aJmg-m5Im6*`5)Kt2TZ=F#eFxM@r$Aa)pQ$@2?^Q>P!#
zIGEo~<n#NKt&X-BR5O|Qj-41JxRWfTFfHRkhu_d7Z*HDmRM9gvyP%6c!WZ8qQ?a~t
z0A?EM6!I$Py-rIf(6aWIBHf$RYo~yHuD9rX!E60XBoV6014(-9f3n&7myj<hH-xPg
zM(w^;kQIx1;G3PiYebOsF?VBhDJ*0Z_m1q<my|BvOtw4%azN@M0RCkFQuC)~sjBNK
z`hcQH;z3kK)P%F{FkcTAu(_2gbq|!6&x(vZAis`3{T_Qad!BT<{ItQ6cwi=|Ybz_P
z{XISE+SBLpbqUizi>MfWcdoGf%|H#U-?!1P6-dE(X~!>3CV7l4?J>K|>mFY*%i6Fp
zKbKjAkK{gPOT@`=CE$%|(!X3iP&>-cC|~E}7u8ug>#&ioV;R~d2V*m}SJsTZtGBaE
zWB%n@TDSSG#Icn@W=rrN!=0-!!ePGjbZjctLmpe^s>C${#hxh(B~w}4;i!6R7dG}^
zzZVKDzD3YE;h$7YHTP^*eQv)M)I#{8E)_DY)_W<UIsTkm+@KK2^Es7S-&WHLA&)_7
z{KSn-H)0;qZH{03NT&sirn$yY;ph_#gTD`tV=c=9G2lE6xi^0mj$GIx&ONm-m3SQ+
zFZ-prm=`tv&0<-&VPwADs;GTP)$8Trat-4xM*``J<x;mDcthPM+BcPt(T|?WWBX9e
zjVddpg6N#HWrl<+ae~e4eJdv3w)Cdy+Uk@#^lgC@7erP!s4eDgW|HS}<*x)a*8;8t
zQk_)el~(+ko>SR^YKPD&#AM9Zjl|QhuCC432WN-jWwT&Ol!V$3?@4>Utj+Izm)GIh
zKe1l3t!G#(ZSZy$!i#HV`3VbHCNHo<%CYfFdB>FYk{gy23VS=irxfHTZF=$1t09b0
zXYt4}Uf08SQG;~1TT6mNQ=Nk|sg}IVR-Od@h&^v+vd_*8`_BQ~Tah`_#~b15X!c<!
zGHG2?J$wMPh<JGzJYa`jFj*S5o|WD<%0#f3%&$)jeECYwkY6YZ$*_k>uwy3R=5bW1
z(Y+P+<V?*~m6psk)%%@vE36}1H3e8WmBZH$qSV)ZR(DWuhLQvCoV_)4XVK4W3ck;?
zUxeB^S00-vJBzt%v|yq`ysVvBJD$1`aEYyUuf7&-*(eiIzqlSevhg|Jg^OBYrzrI@
z9wZ$eYM2>Zg__KyKn;4Up4jOqkR%8>Y)y2W<nvk1eCnKihZbOJ6S;m$wU%Ww6Z$#3
zA@ejSZ15MKZm{A&xQDi%0A+H^tkaWs#S_Gx;|g7T``8L`P@T4SEH8NhocS#V{uzEe
zwrAg`%GOo4yAEIao*OzisLseBF0PUaE9fN=mv*I0vUJ=^1gBKeILyqRcG=SM6@hBo
z#5bF2TlfW7FWN<1DXA<RfxnaF7Ji?hqT%-T&4@`pi>z(kEt{2ve>L?RKm|Lw=3XA#
zem1lJwjOH8tz9xZ=)JI`<<Z?K^h|7x)m2s!Y|eLpJPTfR2d8ehwC>?@yOtl7RqiZB
z4UZCtB1oOtg_^?iiZWQ?3XS%Zy9u>qX=uyRg@B)DrQwmlDLUZ-NwhoqNC=;>Ih>M+
zWzIld_Z4Gv<`xL7w_U{EnLw&FRR4C;&A~>&>o4EzZW24-n;)BeUZra*Uh0>gHV!W@
zW_@jK-X1gD;Z#h6<uS2z;Rtk$pw{z}*D&ct^!}msez;)py+3{qgm6!3d*KR$^0K=9
z?u^E+4y>@f{3`VL+U1&*@iNjTjltk)kRpDZb?u@<S3hR@9M*E`yDqdJ{F>2<CdAt{
zRxAE&_+*%gs^C%KTcUGtcV>$;X#B?^ycSFsQ2IliY}`}R790**4`r(HaBtjv9T9JD
z_8~4ZDZ?{;v}t}h&};S$n|G#kex%5l3~e!P4$OEM!>BfO*|96}Kfhn$$?V%*SwlKg
zHT#GKCoQQ6rp5>-bZyqE+bE++Q3;JZC@ccVRJ2j&^|WO1!9w;-VQ1?Gz8wqmli;Xb
z)1tJEc0HzR&!cnc>&1)9Iq9WE2G^r#O4HH=D94mo$Vlm`kx1>nT!9g5x+8X4cVDO{
zrEX8;9yQh4KR^d6@*$}19SO!tLeW{L&-4?|M4lMM%dQidR9^3pk*6hdX?%JPx}DX8
zpnf9~ge*mO3A&;`e1{LCBZ9nx_HkZ{*4rYFl=)zOmj0BM$4%xnpHen(z<n|3#%r?u
zy+1D=4|Dy|(b4M}3gyZhWJSG76MIOP=ujvVlUOoGGZP`;W%hwRIw>Q>Gxfq}<!5So
zu%HY@X~roDXn1$7I9&i0y}t8kp0l8J%g5+^X4q@_=R83ypHwg%@8wrndNRx>gez;X
z<85?)MR0mBI`5S5*HC2Bep-$!V=v7hCYlKB<=B#%bgpK{-Lh$8zmTQ1plyf4RXHAH
zl>j_0|7)#1I?P7*6K;~MT*lyD2Gw#J=zFlU<D1t#567w~rRjAoT+|hHZ5`FSi!SSD
z5Y4EQV&cc0YA@-_idlz6|9a71Apv;NUNIndu?H6Nk1}cCvB*v>dW^~DR`cBsdn@HG
zPnXpQ_T7S8@4EFwxcZrWC<E9fNh!2^uU#3>RJ$#QnllsavZ`xn=@maVHtyKm)Japg
zf?G;$`kyihqtfQEELX>A6#E3?rtCg|&4OKE$IG*0xAu=V6gq}!D(TyIi@|kQU+mrS
zjixK&K+$B%xBgNzgJ5c2-}SNK@kFAC{S2p+NtlG7IzfQ}7|4S}*zy}|6HtF6JewNm
zbsM(sS&~1znzo|#?;ZbyZO%Lhg=DoBr;$~;kd*dk<E|ZR@Gf<`BQyuH$yANLG{cuL
z6bkTG?0##w<+p<BD)CG+OO;o(t{e1YG8`9F$%CSKdbO4l2Gq8im>8i!-k-0;^8>~m
z7S0=a^HLYrg(3ugn|-(oxLT(?RV+(R#mBgo6KEAWGC}(41)h48ZaM`OU*_a=zBY>O
z#I^cm{I4DlQJH%@f5feBLN9}hShBzPRM#pceSX;Ie>9=4gTJmPj)0BzfQO{ZP2m2e
z_*&w!DUn$}SK3qGF!J`1sFyCVJ-<zaFfk@GQ~5jhr$`~%AXRAMtA4Feg_;c9r)7J|
zW*=iw(6=PAC%=)eDQpcbs?^^)XBS`AGRY%pWg66XBB9WfTBYY>zi~|%Q0w?&t*ORV
zb+KS;9$u!|kj4xj9<%uD{4qQy7`SdST|Oufh-WJtZbOS-TnXhYlgAEM$)`VjZM>PH
zKcDY3J6Pz^a@)oWosi6id+%_Mo^{nU3N7lQ>3O;hW?Vk#CIJWHb7K*9&cn2XaaLL4
z7iQ7?vdXL7CZR6)>(y=y`noEMt!DQ?3>wX@`fxOhj#~6(tk|jWToY}aS_ZE-lo}6}
zPQ|RUTk9U2`$3$Vn*6=&pV5!K#%LPuoM(0m^Icszq|yup&y4a3o}opguZ?*7ugAEB
zTWqmI2{~or)J9|u+(j;>a@0*Hf9pqvN__RA4qMlMT=4OTKTgtEEQv_!kzM91S|FZc
z@x&X!R(~%kkE5@TuQryx=wCt)-{Jn|T4y~7JJhaSuS(!)c3H>53xW3<FBV8y=a3f~
z5fNjx?1C+%`RThiUv+cNxqRpYcqR$sa57O)ZPH&_E3^YUdGYJRrnyt0DlM5Js}?WP
zvpl(z2VdptIodWHmmaZX%lzuOuPLt^B2>h(qm!h@&p@(jq1W(YM!p|(yKQYH{@!3K
zaTve3WI|Y>$<-vK5T9CqttXuK*ZZC{lTe=YJJF`=?oLfs-^4EMEB<SB2{sM2A(O3W
z^`Ezk!Vi5Oxe6h(V$YiNyw6|An#yo6QfbWiPedb#UuaKVXs+`zXuD)^jt7XZu%I$y
zq0mT^v-j4quUOPNLJC+F<fwUaSmop7;QselZyPqe_^!|ox_GJ|3;AB51-a8g5_Nt3
zd0EF^WFc?Ls&#DIdLnpE?5gyNIEO!=?VI2o4k2{n@f0k7T|oE$GyeKXgDkmvQZa&q
zo*{fAHOj_`kZgLeu7l;+2m<q&W;3(zP6Nk(zKeb==JPT&?KugBK&}7z@&XEWFBP~T
zigv~h#wv6d&vV2GY4LAFIdHN-HI%*I%50QdSbZU><rB-h`hZY%Ud>MS<O1_>I|e%A
z!sd4j?5k?34KL6#{h$C+FysC(9=;OrtRJOzeFkP^u5uc)DGPqli~1`_4Uw7PE!D}a
zip>HqBFwbNcEorFQ^XR5Q5Pn26!JvaiJRDDuQP}|2w>({()#DEL^^|hc#TTW5Um-P
zjzVuuMu<i_e9JetZJ?`tUF4oNZ_nS6D$2ivwFX^e2gO`;E`Nj9La~JCJG?d<x$IwJ
zbFkuI?J$hiYNHZhNAmrD?2wJ!S{kOlj<hNn;j>X&z!>VvoIxMKdC}UXyK=NY$IHmT
zciv?@e%);l;_`v&2XMx^&{dDncv+Z%CsPY5DmzB3;@o5oyTTIrgm&fdO%-7VYsTj7
zE767cw{GT_y>ou`x2LgasQ2awQ25=gqQ3z|P^l7z>f`Dmkwxs1{~D3xF(na>tK!vI
zcG<qCx%BVPqg`dglJlA0c{SwT>`?V}^+{AD!RwhH)vB)c1$F-8Y&&gWm-$AW`tZ9k
z;Uaj-e*Z9*EE+lLAA<F+zQ$V3UF@G=(|p5DHC*COh4=qhU;AhT<?V;rr9R5r5BwVF
zG?rQsSr9fv3Q2$HU}wL@e$OmbCW`g+g8l}d_~XAC87ZBr5v-?{w0=t(ay{XVObn0q
zyjLvZnSI@ZeRvz$0<6O{0>55WZ%%2-5wn>JXv?=G1M-we!{^dK^i)4s@ir!;eX8I|
z=Gy0$*<+0orLR!74A<4JxX*6Z2*vxqWFp)5FIxOf+*#<YH(~qr7V^xz#J`&pyH<SU
z+Su#8<KrUJo+GiA+*SFj3PTF{q68ZTT>>$`k(iV9CoT!5H22uvzo9WiJs62?m%=kc
z6DQe-n;T+0-jfeIQ?c0a{o4tATD#dxzLZtEY5fU<v@!8U53j4w^&fr-C(p9JmbaI&
z&+$L_6-b!t^ZB1izJ^<a1Db8m8e_*`b%7{URBx2A=R&+Bad9tgcDQSNWGbB9<U^ow
zat9k)<e!Vavr=HPkoddf*&eVI+?z$1!NeK6^=f#-PcJmQ3r;srzTD}oQ2Nz#>jK3<
zyi<+0Z_<K@R4bi^tLIFHy+Fg}HT|I-rd3M>KK*F_zndJko-?7Qd)k!mnmSH{iJN7p
zUGWFI{$%^q4dPUwat@Fv%};A<TbI$7{Pmy1#!qWpq)qTwJIuUGri&q$6)gA3<c>Qj
z7#=_@tvDi%RBr2(ch2ftV{>?FQqrGU-WMS6IHZ(s+Ln6(GLE{<!V?RpC1=P8hLv2=
zT)w&EN(gD`?L!UR3dA`kCM7s|q)8l0MLtrGUJORBJtl9@T5LV+c6}PGNlb%z5hq$u
zW$uuek7EChtC(&jOvZ!#lDv)a;eH{>(bqlx@lynES2yN{DN0kHgKif9^@&>2H148r
zHYw7*k+Q|%3sMCkXMj0%(lIzKD-&a2cNK+KtlCIQC%5;5<ZvD9O311w!QEEg2AkPc
zKmu~(i?E#XM06d-M+05)>jWG&#ivVb8g;jy-gctM9USB5JU*}@;U7s$GbVgpoDT}w
zw0QVkU`(oMgw(m_)lPePx>db!q?5MRn+}^IE=>q75D8bKdt$Tz;{9WLUpT7x5G@4=
z##r4rs^b|Lfp<At;DUJldaxgiP3DqJ6iQxTYQfT>uItt9ED&et%2F>6$?ZY?9e)sj
zafxn4Cq=YwSlQKhpYfdx55lTUX6IQoh>J_$cNB9^*9kt2hSDtdp1K=@FHqL_tkQFh
zgDKB!>+;5M?5=>pQ+bn*_19@IN|g1IyD;Bas5DX5JGYA(OWY9>nnC*zD6&rG%5?RJ
zg4A5FE7ZkvQ1baP4%vefk^~orZye`{`F6rsE6t8}OTx_3->2EV^y?-FpP2G%6h`}h
zodLs_xBa?Uk8Dm%TbMSE?T<_`(nahK-?k{V$CsC*S1u^J*Ig0VZTDoaI~Aw){`zVX
zu(BpL(8bRk-YFknCjuoNFMUznYMfu%o3?xY#!NaoWyrNzh)BFShH~`8)zqQpGho+o
zKDFn>ukRP3JIt>RtX0Vv*VKiJuQDCR7VY?J?_r}r@e<A+JyZ%##+$L%U|Rjl=!@q+
z$k7wl4kyk{y<Jzu!}xB~rf7|lIkCFXgO88)d5x^DFRpBJLiMJ>;W(K3r%{fWo_1V>
z1sk7RTf3d++c?t(<KQX>UmmR~KSOG*FqN|!66g$r6@`X$)5YmBkS>Tz&hYdcy<B9h
zbv|PcY8x!x8P8$3kZAadQs>Suz4At>UhZCM99J~|3*ND`cWTDB;QUuvuNd8FdZhn6
zh^L;KGF=PgcR9V()4LvaXl9~Hf=Q-xT#vig1rL2UU7_IMS&ZccmwqzS&AO}~EH3H7
zpPbpAF1O6IC_8OB&<>nt7i-~oPfFHx1hr<$EX)51RQ(1tQnTq5Szo!Y((RD(DcUsm
zuJC{NnZC~p7M8z*)_@e9pDXU48GHn6Vwgef^EY@YA&#Io;=LjPOO8%XE+P4rnvOvR
zpS<v^PhXxj?=d@R?jvAlSC?jo5wh|7;Y5F<<{1b7W+F?g%p4Lo!kZ;7)$3Z)y%m+k
zI9wKHel%lxb>Y=IpzccwCxcVwnGE$~S1RZZ_i`MhbuUwS&UhMn?Ftcfpeyxp3ZiR%
zKKn`y@yJBTi*;nY<R8Dkf=V*A81n}8;OUB<R35n;cH|jc4OgscKr%5|iYtO*hclwi
zT<8xsHx0dJLVsn|)06Ja4A^F^4S&c;Htq4L$V&`6a62Z*vE6i5fF}U7UQk)8oF)1p
zELU@6jcq2|>ia@JDs!Gcya&e2S-I3E#IC9p8pm+vTY9}$1Mhmi-wR(`Zh(mR?>0yY
zK5?a!P#5bBQW_i!&X)0FC>|CXUhz5U>{DqzcRz&s2VEc=%67+EY{jHn*Gz>?Pc$ls
znF+5RO4&yG4-{_Y1a9Q2@*0`~nxq9T_AQm;M(ax08HD~Wc><lQ%}}K~I>msjMTgA$
z?ii>6{!wFQdS`k)$%C~XGF2Uv`_b+K_wymoX?<p?fGhXM;KL9uHvJ)G4<L-W-Jf$N
zf6?cVEMy;7V{;&LSXCgm<HwPJQ?n~Z)+`ZzKNKC}@4F+a@SoQ;G|WE+;7v18-J`9w
ziV~uUwxri(v6ZqvfiO3zFZISSYC{&9kgxlptt8-yy4F+*$n2PuRE;BJW84?ZPgCuW
z`UGD%-e}XoepE)VNj4F_Xap^saf&wB+@)-F`66bCEDjtmG_5NweKj=}KK2Ye^$d!t
z6&NmXHdo_SiWse;G*jGURWCK~3(t?~mrqla9q!U7fsM_<6?f)@{k^V^%l&(u>cA&2
zX3VI|1y!YnJ0eQ$pD1qTP1s~puGoy;eg#`sfa1DpO+;o=1t~$HRj+I{=}a+i9TxS~
zC}Lw)o05!UrgAJfR&3mBq#0EO<nc^k)8j0kBeOYaJ*^&z=>6lJIgfp__+zpncMCa+
z<}Qnf^epwb{wif)w%+dDYX1vc&Yy3XYa_UfXhxkDXPkcWGqA4O#~H_{17ywDdS}>l
zS5BYMl^=YOpU3;eP5ljzYF%=`UX7yj_h%a*gqKlo8fHyGn^+v;Jq~8BwZMoe8j0qW
zeaOr477tI~-BmKa{c=efpH1uZwW<ipW|u-khX}4fN8i~pE}<S(Q-j!Ay+Sf{=j53i
zqLd!^=tl%45X$(tAqs;*b3|wo0$~F(ZZUmP-{P?3aVhr=c50k?u~ZKB)t43FdC`QY
z`y4#MbdLOFqAXI1XE1^=)lxf{j5$l1l!`K@Cod`?R58iK*4g}N_Dc<dfX3Zrpi<rN
zU!~e!eb&BHD90{eB~7`8#YQI-IoH<+RL$VYwQpR~MS<D4d&q6MM`M==a=zY%p4`G<
zQ*^>SEH-qWY$>|$54DYSQEv0nZE>b)zE3sT&aNO+Ng&TM{~A|}(3`A9&jxGdU2&Pw
zZp!b-uuhh_6ve%T>Zx}R)|Z>`ZWSYdJqvQ=dMBOji}k+TZN6+TG)3n{deroW!#lPA
z%ZQcZP!rGz;g#;(?_H8hz2RwsRE1wO-9SLYfSb%y9^55dPs+_EY@F|z>Gu|@?8t}w
zbxDbzbn_hxF|TM(VEzBEy+H1%WWz~X((_vDfs8aSua^1M%N4Qca(@qSeyI(GQw_c3
zLVJ;z=tEaDhrO1Gl%=M5_)e|Qbl~nvROhH@#s*L_c1D(<(@oAspqyICiAou|Iks**
zv<9CtPQcj8)CkshyMlUTVuKI^Mn&ypaYn@p7C*bKgX0z8(e0(@AI>mncii9v&>>Mg
z-)&nrv$#v-b$`M}u+{z`LpFFX)Nt}dz1(-J>S^Im&YjXVxtBFmWu>KH)vWVm_)m-Z
zlTs>zAG(V2!&@DT6$knL=1{&2iixWV?<o|j7%Qfsh-#Y8gFZ!vWDYMjU(9WusV6Da
z!Po20AOD=dit!k_h{!TJ|2i0jG`6|-FswpM=bfD5mZDyd4PitOK+_n~@-Sc{EKBS+
zYRSkrA}FI{bGnl~B{c%b-=2*~b7^hr*(c@mWT)G^;*)v8#E$&byHD%;O?bAdfc-O1
zf0kmJ7nQ6|X}P<Jfqz^yUT{M#>>Q~x+8wvnK}`^4s^VVw^YyJNmf)8iSartp<i)CB
zPp89Qb;OB}V^QglnudKDs1CX7==vxU(syn~)7H)_xdIa?6bxh=<jZLdb@e_1dSPIc
z{p_;?&#s*=)GP45TexS1)qGMXew;;yDvxDKX^rw9CU8)<y|qo(_(*m@irnr1DorV=
ze}+_>8Oj5b6ui1UIh;K}RR1;q?j~8@+)AWqu4jSPb)uXS3fxu$wU=Q6s~D8@(EkeV
z7~C*)U)il@L3?De-_Sb2X-Kb4n#{HKm5=FuqCRUy3+%pydTuwe<J&T41K31{Fjs&W
zNuuP9P6nv1oqS(a0_*$ttne1-`I3PqwDf7;I|u%4cL|21)sCNrF`mCIIojfm|1f#`
zB39#{1t-#?)AS##?zk3^6U)|LdoyaAdT>TU{QaLh`zM;hMLS!-DJv&z?!(GVKw#Ig
zn^Wp-6@D$;#Y-FthMC2R-3%O+3hC?i?_Zr9t9YlU9&PYxwIk3lrXKi@`APb-F*vUq
zRJ&7p?qT^j_jAci+Sv94JOQY{50MLd1T(Op?RSfJd29G6Tr2cJnI`^kZH6_33*>#)
z2dMnbN5}<A(Z^K#sVH0jYLtT(o;utZhyf(gEKnfsbW9}}7J}CJogqr|hC_Qc={p~h
zeAjz{x|%bP<>84r02g{)PQ+i*xviBRuC${UAO5Q~U8H*o>|4`1lmA_DaP;K7IJC`a
zH8%&Vm&YMp-2GB-Sh1DSeHO31A|lz>dWH)}e)CK<bDNkiHR(20YF@ZfgFV<>`v}|&
zum}AvuLylE3k6Wt$gRdcQgmlbi7Xv72UV;2){R%KOb{|I5}acL`ZsT5!QrbSSml~W
zBLG=0J~cR>SX6pnb#Qo7dGkw?k80+ANk>}yHdc@G?@5&^14(hyv}0=3qgH8BZTFU`
z$`sijgo~$<hDkZudS%$QeCS3XCwk>66qrjf?ELC5nGMOC6v%x#E+U_6)3!YS!V>sd
zOqFXoZC=TRZ%kF3gpxsMd%WL~dQC%5wUTxR?DAlulG0DyndQv>UEbsK4~W)z1Ztvs
zf+FoC*pl>s>s343OxmtX>)5a^Br;<<Ar$JU(7oYs7p=BjwlmpY5qULSbSd?4yMp2#
zz7e*Iy=vd^ZgrvX-@h_X>&|_6Xm(jW5#CgERMeo<Z&Xf!n^;rx^Pk=Os%D%2PB^!f
zO?t-lzzi^I(zBLlZ@kxQU9`?+NcGAh-{5BRYL<+$Q8lJ^81NT3s)-=N1c&@@Yk-MI
za+wl_+@|jit~&A=*cb^Pj1aUupZ-^+N6F-HT&JdbJSBDI3J*LGM~H2Up)|CMP$$jw
zV@mK-aW8)#&7GiIN+Rg$L*Yj}Z<z+X4Hkh+G@%9wEeMFSd>K(_t2s3p{;yvqMVE6E
zvGm?My>68WKmXYZ5ab&T3(SGFC;x+)$SjN*g!jqcZR5ko11gKr7}gJJ!X&dE#TrFN
z6hs}VC9aG&h=;4vX$$b(u3P70?g7G(PbS{x2%1uer%QWs)+W;mai{XKwl(dQvrGYB
znzL+wgYL5$Xk<lMm{iS&u#b~=k7q|_y6)-`G5c@4(_7GjP&dZ{G=pd6BkVSPgEIpw
zs&SezE#Sm9XUo?@npbp^Q*uXmPC{elqhhex;pNkbG~Sc<guxV{E3P^ZjA}WyV;e_m
z)tcGJPdWGiNb-IK3uy<NhzdHeI!uHB#d6cgGBsAN`<j7|RB-)6s1&O%k!m=k3p4-q
zKOL$Ebm&o;AgM52S+uH5{XwCOsIh66KY{Fixry(S0uK32(G+Qb>XvcRS*{*=KF&84
zxi#0P*Z|)`LMXk^*scTzgP{TF#Ogp6oU`0DH$G#JbF_EJS;nm@=Wz6_o=uKJeCJWd
zV++pPc;P5%9+qKcVZgZr9@v^uAoSHZ=IhozNz@X0m}(OK)<NN^ee#B>UUur284(Nu
z!h)L*`R`Q8{kO>2k}Y33DPGdY%6cO>)&sNZ5w!V!I)VAWiVJU=pIrHNT5U0ORSp|S
zWwp@rJRJPec(YFkX^9QUjOuiLqJh2`Z>a16ohIm8Y>F^b8H}FkTfF2z-PF%!R#04^
z24?lbCd)NKCtVMM0JR-$v`>A~e89}WqUC{nBULNPt?k}6na_>XEfn?^Gwco(zck|5
z-6G9;Qo2pgA%~lRpfpt4;^TP>g5Cf~Oz*_g%zY(wPP89;!45!ts*9uCOfF0;M>Y3Z
z{g{7nPc>A(JF0<~O=3dmIq(FhjHcZG*c@A1@RiHVs3YdF$+3y<?1Pqw+Xwy*9@6E9
z8)!E68N|Au;wA@{P$kFEe2{Hwns=pTX3t<QpsjHDt7z92r|p4pdmlv!J+A|ek5Wp#
zd;!UElmft1NBy*({4Xx!c$D>Ep+blViSBW&`Uo)jxZyRKJm3_hQx_Tu{BOST_MS?D
zkdnb9ZoF8OCe|uF@NFxUDlBskkoj;d>p?J9-v>V-S2<&Ik+&v7i-9o7f4Ta))cs|w
zeLo>&4J!RO7CGW8mugwa=DjY<)Tktxyq}-(YVoPbbQ!l@VfeVSC`0V(r?|6HZDm4$
zMyQf|R7!}1xE(=RIYg;3a{LAzNsENVGFTf7&aaGdLY<@up0lWD?h32D`0F)P!Vjq7
zKjWl}Y&|K$FMt?LBrBQbS?!aS-9F^;7i?WR`H=HL_r+u{lXn~9_NK)_@V(8M&@2rV
znXf}^Fq5{PxbDiv21CEJt{LNehL?Iy2jshK?}wF7fE(}jR+SqCAXBt)9!$*)S(Q_i
z@TArmhb;8QcBPY#I5z@xF^vDw-Lhy5zPB|~m<iDRR)ucCxbJIv(WE6p-g~vO{yC{k
z$vP2{*#3LNiMYyic{J|u>;BMTwWO6nZ7|^3`SWUZTiM%VkqujokG%pMXg|+2U@mC}
zMdrT1aP}0E%i2F&-_9NG%GQXtz;=p5a}IBcRj1DHldBtI7uVV^_RQon1{3RBLVWR4
zBQqza`B}$@%8~IRa6OA4#7hv#iX|xvAo^~U(q#rj&hwF_4mC^kAN5;baW39gku)43
z15Oz)asX9(q`@9?g={T!jOrXO4vjnHmq=vFK{QiLjB*(HQ8U%!r7QMxFN_6AhKC=d
zSf(%oMEx6;!0G$%%JU0m`$8ph1Ob%hDRg+@FK4Tsi%H-MKsL)3RyJ=*hCvSieftrU
zA@nf2pNUIlE7^7m?mQ|=L8!v-80zc@IpJjiZA`wmcGk;O{rXH6&_ED%VYoo4rnQ{T
zx#1cxhWD|c5RTrkO26Q5g&qWF?s47}O}R*U&{ORyos|&q%>to*^K3zf_D_mXol5L!
zvT0c(I861)54QvAhkyUSxWDsiWx?O{d1*GBI(Z?jXaTTPf>@<h`VK&~_CKo3A}Kp5
z5B^riO9E6M<r$>3ho9}e9lBHqe!WH=J>PP@qRn18brOI09++3jZhTE42dveAy0BV6
zipP!*JJP{!Nn4n5*B0nMn@DqJ1O(yr0uV$1m*_o%E|E^W|KbL?rMHCQJbQ!HlS^Dq
zgXrKfv2LIac{>Knx<`&r^K3WxoEiT(2k?*wEouG}GZRY5FJn}AF_bF-wC0=&0baPG
zOmk0vT-6Fy2my{_C16|K?Z+tI(WPZ2(08*-?xZcaH!EK%nIE-;n|b+o(Y#w+U;khA
zQ1HW+C`GPT4$4>+V1l9uoWz*}gfaEu;}}jg19-M#<1?=dE83Qsddy8l_jFExJ{+LW
z87r2;>0RACEojlk%_GVbS7NbCo-=h}m9sWta1Bx4D37H>K(GpiACJT`{M#9;2=@s)
z8mj4!>iXl92z|jY&)9R>KvErKT(r}*#H6eK*Uw^(-O6l4BaYbrtYuxia$aw}q<FNP
z>QMKNS{w%KQAveyh}m$=qC#v(NPvciU(Q%I{AWOto0PzrZJz)%z}&o^T#4X!_u#8;
z>8ij&c|(DPI*X;KrbeKv(aOj*-}E6hZtn>I=jq7arYe4KL_#{=BH1zyaKIUMa(Zya
zzsi)q*~&5QiVl=ykq<hv1I;Ar$^Hlas3D_bf|>G<*o+lia>K2SttS+G9DVtirDAHP
z;=wx<a6QWP&GxUhVUHwtWF2h?qq^62J`?MMrS1#FreT>`yB5<g+)h-mX&tJ%%dLYj
z?9Qfz&O~n!bF4S4v4>ZcdX$?QoIN#qsCmY&Wr}%T2>sf|4Nm=7qKdILIbL;(%}+@|
zvnFPk^J*D1XtN$|kB@M?WY)q=VaDJms3y9xOKyd=z==aE3Y^))q|55jv9^Wsg|eBv
zqn|jGrYqF7W;VZd(aF(~Dd~-}bq{KEO~+7M?0O>2V}BZ{ZOO=4quP%!E-h;6_&P=2
z8r5#{ebAjc(yMt#xXNqEp%Yp&v%u5^d!}9Y{eo*~*mTD7449*Y+ayduxx;c)xJ{E2
zUrpKaOh)SA4DZg&V4j)oi1=GVina)*cQT#`9u|LI2VLr<XB403v0ZSnPs-3Ae>G{2
z_}fhFMEvD@bZmAreq5V~nVn*zN3=+jb{|&jxf>jZnHcEdK2Ct`L8oP)IbSbLoEF(s
z-uJUvYFn!_i1?6+LFy|pNqWrv?*hv`eHpY-*49Nfy+9@t$RjG=_Y=_ELLF6@$S(fi
z;Nhz}cWiC$q1fHUu3FVKt3;mjo$u_9bsb;c|Fl2i*-TQqXzTAS;&wC>?%{v#d!!jJ
zl3673q<a(bXS?d@^JbTYq_<a4)=99*Rq2Bqt{=}@1QR(Y;U>fOi8kGwZ&a(*{peej
z?J)RNG^>-l*rzj#Pt}w|@<-!beh9gvnci~X(w9wg)SSqlU^p+$JqY@{<h10JN}s}1
zOHBI&_L7bg!+-iZ9hnQF1Lc<m`WN$-U;7>H5?ecx{s0|&@h>|0e6FPYZps?21=NF+
zDE_PLuG{M9<#5fNUeuI6{m>wT{6F^IIxfp~Tlc5Ck&srpOS%O_TDrR%1nEXvK<RFz
zo0mqqqy(fJl$Mb0^E~Xm=h|oOb@rY+&-%qb<8w3a@3_V_#>0GHC+e%&M)ND8jfIr-
zZeDWpohSLu8;Kc?EcU?n%f|VB{0#8@Vt;l0exVL$aQAtr4cy|l5YqYb;<hvm`azTX
z`;_yv@R6y7(t4S_&d(7=eROh&RYe&kggB5bi?91Na!=cS&qK;t+X$2yn1{8Ka=D*{
zSvJ40qbAgot5n_ZOW}|zq|bN?IepKmBs-Kr2&ucZ{qC#$mIQKI*ZwZf_4f@qrh>Mq
zFz-^$4`7`|&C_Lj5V}AX2{c*ems<5N>D8odN+2m(pT?r%Orke)M$r{qyP8%_e=4Al
z)=nDN{ZNHX!oO}`?#L+P#hKbF99^vW{<Q6_4&L6&J%u`sCp(|^B(&6Cz32<BugF*G
zJ-ub*QOMv+E#T)Vu|lz~Tk9yj3EqAkHmTS2#q0hz9`fE*I%)WB@u0?OS&TUnnn&o1
z4x6~?>|w@N%lpl{9C*4v$AoN)st%S{KFjwyM_%M;E!yhTyyUq<QwhQY{)g|mn-)iu
z{v17P0i$tIqLs0_o@%bW4eNe$`TE9e+0t?T;mKWSMT_)K(ZeNq@y%`8h@|!}&zW))
zq#M?itNZ8z{T|=Q4TlMPF`lPSZ~RU}gIQOksZUP4@6NgHj6L0!?vCA-Dy=@sMjWmb
z{2H&f0v6~;(C&V-cinOx(=MxLYlSlTOY)37>uzsmZH2}D{%&P?<@ToCSI_reB$ND}
z#&_C#B2J;=K+%41(C?xpZ_C&Blz7zp*r7XVh3sZs-p%QFiA-3-cEj#O(Tw=eL{;OR
z(}VQXcHI3z+Ct>JdFY(GC0lfF&xAT}mX-)I12dA(7J9EU@82bQllQVxuH6XwIZa=2
ziTJS#`+0xWBW>%@GCCo+_$hF~Yd%p`Qdzomx$(0AGepGTmx!(36}{cgf?u8aos&R(
z>!R*i`}jDyT04fwLgeMQ#kR_gjdS8cgI&YlSt8`4o?SfBQhj^&^Uqj6&4~OeC4bmG
z`t=3X;4`hM%y3`Kt#w12FXZkggU{|Q;)<T$%JMCiU(@li??b5H{IB|!V{&!+mD@AP
zcW2JNhNmkG1-s-25w|fSo7b}seh=4Y?Io-m4^1}$RH2oZM?1n-L6=y!SYyqRW8+!<
z56dD~_awdz^FB@CPE|J*2~DG9<Vw-eZ=_;A_HJYO++y+Z_mGH4L}66-V~*#EFCL2z
zZ)5r0VhQk5k%;s}VbI5rulI9lkcc2yU$~!rb-Meyfmhat#}qSDMKn_-sNZX?+xy#{
zwA6`oXd|JlF9EoyA)2WX)E}|d9r^7pRO%#Dx^Y(4cUBfXQya)DtUu<dJGSdCwD%AB
z{>MDoOfCQa>Ea(Mt{*G*HqLBU1DskjM;bHFjy<_IJg58j=05Cckyl!9R#^D_i;Fpu
z#|!7ji;-i``VCKRprR}8%3Wx|Nhl4_>p!yvoRQAd^68Jc>W*#x^NX0r3nBe6d)=|b
zR;U~tW)Jw6%-X+k-dCCr+F-R4dtk38nN+^Kblo@O#h{ec54G2Yk8Z_WYD6LNc*gHO
z6i4K?@#bxQ-x6;kNwE{~DezL(i%~X<pMW%xTYlfOOdu;#;nYt=u|af^-*?y8Csgc&
z8AYSK;j5dH`Mr@`<1;PSL4U%IbkvQLndd*I-TfITxXAj%wxpv%orK`0H-k2*i;vkV
z3Pr62KkU(eB*NVAM9J^#Zp?%!K7LE$67b!f52IPsx|L+coq|h0+D7mr5o<q}e(Ync
zG3R~(=qGIuvHovSrG;?DU3z}Lx3N!lVwR;3;HO>LD~@AdG@x285af62iSB)&kUxN#
zzku&Xmx(y~3?+*P#|v*+LUD#+m;hhw&Q{9wdIVO-Oss_L2Lr0|g};XMo8pej*eYdc
zBkCY(hQtXRQrTTH>LK^=M6(Ww5f0;Ai>Dk)bsthJwGrf1ne%9x6Ae`YY^m2i!z{?a
zC=^r?1dNmIW@f7dI8qxG!feRED8heDc%O-q&WJ3G_gVwTm!YbH3Q8?oPa3JDqa~I?
zHNc(PsEA`Ww3}Z&`v6%IuTcZ%1H;EkDiSqA18LC`(e~JnssVn~V#P4fvR%sX2#Ii?
zQJyd%%j5BC;-oV~3R#xvpzdZusRe{kKP!R3lnqpcf1dch7-f|XSru<U38$DLJC90L
z%}`3ZtOP11)=({gjC#D}?X2G*KVHs3xCS1SGENl(Rz8)nn&@lkfs&4ovB_%C&#A>q
zVI*a8)!{$Hzb{82p%2%=6II4(WQb|&FOwy>iIHA{<)yAJg>jMz)PVmHFHwmyOpk1U
zm#u=+UIO(_5vmmCyAXC6OsC9CP5Ac-Jyj@ZjL61n9m`(I7ulN9gr)w~vApU5Ce#6C
zFat8rwcukD-q)beF@~GrX{zH4Gjx<urK)9XN%NNa*T%Z52Ut);m&1IMd9DqgoAAC4
z<uzlt6<4x4&Ub6ka;lQ4Y;9@H(f~+oqk51Ho>Mu(48yuMdWBjKgh;nE%!aE`9ec*w
zvHW?()T*|mZfPeZ;=dB?jV(&9HnUP4o|}+hFt^iUz}wBFR$+G@nkY_gF+)}xUapB}
z*mTfR#^Y>cDv#jP{U7x9Uq9{Niy}1mjA6lNi~v4kbnqDyIhNB@aII>~>)LccQX8lJ
zZMdAup=Yc?a0&ns332~TMz=H^6#MT4M-b39woSQB3Hxbl#kzT4rl1r1zIc^_P7=~=
zAs*_K&Ot2rfihw4$cUtL7y)a;(v15(VL#)4#*rqthiY&S#^4@$N`M)|)Bwd$h|Dh8
zU%tdD1@=dw4(v~~4BVe2SQiP_;e&NdKwVV7wwVfkwmP7osR}4m6#*rNO5n<K{|_bq
zr64|Nf*EYB4Yr0nwjR&zf#5UC=-PDVhBQtGN}@ZJ!$%UWYop?G0T)cxVK&U8Zqy(w
z{;x5b-?2c|XMay%?_4b~!q!;LU^Q=0qI^s*U!85>ex6oc{(%!2a~f47r`662ts*aO
zC47s?n&KMXtVH?5e;A%m9hg?E4BUt&xRGjbBgWuHdcci@O##zll>*aJ{4MaYx)TCc
z+kn+GV08spt!o2RH%<f9j^#l0sy4XP|2dEpY|Rh0eh0SR>i}B^fF5B%kBAkJ9tei6
zO}GsJ;(#DE2+D$BV&n9hvckW19bm%@>S+I)I{&x9?%=2}o29&jsMkwDl7Q!K_>W;W
zq!s=Wx_geuRO{NIHWbxn*^b!25fLBU2$MCi5zX(wMyiT{jTkC{8_5MW5&)LNMgk*;
zmfB#?@W1&CTxZLH*D>HVIe0AsZp62)2Qq5n^Qjr}Dfne7@STZ~ZVt%uj)03!1?ni+
zfI3lmur8FzshsgxAhwzHkAR4&1=Nw%^gzh+O~P%28oP03JY5i-%B9?}{?iA?P|Aw4
zRSYTJy-w2T#_1pd5~p%RH{Nw^%mYWD;o@2t*bsZh^S={h_VrZ0z!woJ_KMV?dWXsE
z2H45@c>uI#;g`|fbDC0G*M6{^Q&PTYJfL$b?+=y&)=(h`UhM!^F*Y&4Ms&U78>hw7
z76Gr8aRR^qDdd01)Gd-am4_y_0JDC3>juoFeE<wAzS$4LD}TUZ&|p>p%vJ>gtRXzO
z7nDDeSiwN@<D^p$<V%k>^*c;{;6(P8AKaS}xVLU_Zy{h3Z38e**arx)eW0vBf2@Jd
z2a>QqTu7Yk{L`cV$lCq{va?^YXAr6qfTSU#lrC|HdUPYVe>p%x>F}-3L)E|Sfk3-$
zQ~Yb!f2Cu|xIXV+|GWbI&m0UH6~U&NU{gV`sR!8fH_+7fXE^8%7j#Dpw*Qmh$H`-$
z`Yk^oDXP#9ln?B<1DbrKK)q-P*a%Gs*u(8dK=dOy*eQMo=tMUOpl?3^k^C(VqM85-
zRqYAX8=nDW&n`fQO#viUDL_)FgPLXk1a{nU01LHG7W>EK>K7uQhG!aBUX1HB#k&|C
z8>|_GMV+8V?$u53>MwGO#b8pM6iDg<AEN`?I1Ti0EC+h5YJ+n_z#cZBnHkVb1!(5a
zg4Cc`BB-Mi2udJ>)&HU7`exjJu=39}o)-lz!h#mj!A9Izfbak3C5-{|1^wWErr?P>
zj0+fpVj7%H6P)eOB-amOfl7N;X<eQ5`^O_2c*Fqq|1*!7MtW(3415&!9AK8^@yH1r
z|J4SzUh^;mM6(DG_++jsW@}VY8^g5k_}SAP^~KEo<pFl8I{rGa3nleXjR^HxcF=Fp
zZCmDHwuxp#An>z5femU0P%w?3J=0NN&g@?qV5h6&ZveZ{To2WOQ14*}9f)pwGY^AA
zJd02dPsm-xY>O&tYnV2RpFP`AU(M`a9bjjw<8K1H@U<Rl0HHp`4muXyR$u{!j(9et
z9$phDutV(t3g+>%=Q`>k%>K0j**s(jZUIFa_)znrv&5J|EuxE$ag`X8cqKS?fQQU{
zmCcnv6hd9?AUND<w9n#iBb&S8uIb-Bs|Pig*wbDEHJ=FAam<DsTHONG$c!AYVdO{<
z_85@@AJ2~wDd_S17?IvTp5L264=^JKKb{{WQpn@^F(QRNo*yGp*yH&zB85Mm!_A;S
zG9yQ97`<te=sjjD(|0B4sG)Xp5=1LW>fj|qn36Rm!3^4^ei0oic7{XT-<|D=9Bl@j
zG9SAQ+`0uEJ;uw&2*n3xkRBt}V<dcx6pxYaF|ujlQ>@1FKAuG%<Lk%x<}qqMM#INw
z`4}A^qx)m@*TOekiw%1`e|(I|k1_i(7CpwQ$JqE7J09b}WBjHiBkDA`&jj5|U0VzH
zBx!gQ=Z!9hfb8FE61x|4xOhQFCNjG2v@Z-5c_ZAr(eEJ`y@c%Vv{LGR+lUimasgwx
zc)>^}q5vTFP|-J;0Ad9om_Zjo?Ak=F<iq0=t9OPU6A=y(<LX|xix3tRbl!9_F*7e?
zhFDo0`?AT)MqUItX=?-M<iz@&VRj<^AtElM4nT_wdT%=A9#Lx$Rg(?92&&fR2hgdB
zwL8PAL<~R`;sT)M1>HBDw#=k}s?E-kFPk2S9zUWp6B~Di9f@RsYW*pIRu}Z&bbeqK
z0#Mr>K-Ek(2Joum38>D2=r<6Jt49M+h*`%?XBjgrfZ9C;RPBcR0k1j;0J^{djJ28w
z4X8GNXcLGIGt0J;qb=3++;jpTW710g;qkcmm|X_5KOVD>$Nk6b3Ya}DM*-NC5<uY=
zJff|FN4N?w`*=hHk7#RP_Q_-R@kmlZwTy}2L=DUk&KQ0Xq@*hi7+aSCmPn|9bBH+E
z7z-HdPXIayKB8|y^b=$7MbIZ*dI0?)11ynF1LY7=rAZk;hZ4GOI&~|a0IJRfz_=+O
zI{t`m$^e_;)gS^?n<fBsETQkF)4Sr^R_v8-&KUJc)5|Q`P3K_Yq~R?TAC{CcylY*K
zEXLC&Q(=v5`#}I)0>Bihv*828W*y+hrQv_O$!P&46hVp1L_k7_8IbVQ2Ed!5%(*+!
zzjbq32TE9h;*+2Y;ByK7w#0u9qy<ggCjh4I7{R$TII>EQitcCckYaXYmM~8%K^F#~
zi+0e3AL!yi=3mq>{w?qo2u6Y8M4&hqC~gCSGmnbnpkf}V_;&$bfAUKiJEMHy$l8;-
zHxr(TxgGMZ7;ldNJ>r2L8GvD~ta^duAef8;leCOLQb8S<FrzGajEi53J<G<W#u%8;
z6ad*p%7LV(Hjq561Cx){lVEirSgi<D+mTOkwva#K|DgMqX7_5~=1KvHYYkAM5|l6i
zbeHlx%`ag8*3Do0{VR##zxX|Q9O4ffQJLTnLjStozf}LNX+isoPhxgc7BPdsl^}o+
zI=B*Ia3wt8jP~C^C>z|J7^wF527(XWp6n{=YEkev>q(Qx4+FsC{S+|FU1`b~`n3jU
z7V&ANIWUaD2rx{0Dlm*67ck6&^`8Sfy=%Z~Q?Pmvtd0Y!|1oI=CMUsUAt<S614w30
z1HFaHf!?0lVDCDx`hObSeDvc6`Z)moEP;NSbpSsu4WJ);(D)KyJhuffE(wB>Aczlw
z%pj-(f(?)0_}?u!3~oG9cm^=;Qvn#i)&-28Hi5>SyS?qlw?cpk$IyWZvxq^E2L$bt
z0dSEG1daZGFb7<ZIJllra6K5{dPu?b2!QKx1NV6F4cz0O2U|czH&F3_8&F)b0~DJV
z0L8P%_s+lE2!S`A^I)$!u$L9sYZB~L2udgd5{3WpV*594LNh_}zmkX%9PvIN^8miF
za|)S32_3*iX8j|W0`}qndzpc~hQMBl{}Rlw1;FbW5Ud120}yNnK|fIOL3`7Ai)@M<
zcnA0!H=*|spx2$vzbWy52b2Qc$ABKmK#xM;m|ozR7mve?gJb4_WBzHd{}$Nh#kMK1
zr13$pIu5L+1=b#;0IZ!1+@=u!9MHz41^|<@z@(5JkOZHF7x*kL9-qZH_$>0khxS+1
zZN930`@Y%#x-0Nq;D8)_7Z3s81^mEwftdSu;GBEO;GFE>oF?F${eaW<XmC!_lcs*}
z8Zc=JB-yj}0n&3GB<sMW6-Z8kWFbIGDGC6RnXaJyUw_ZwgWqml9$rf{<%h0H<5MUn
zjdzL~coJW}+Ev`bp*+=j9xXM13*&n|@X1aSvApG}rF88D5!}j3Xy%vAlib3}tJduu
z8(~(@>(sF{F!dQs?Eoo<zn|2_<c#;S%LP{!&yvr`mb{z6iN}dAXjr%%FgyktJ^>70
z-~Opo>+qI*RuWjlk;UVq4=N0KFQ0m(0D7z^9+O*UfYkqcpd4U2VQ{)oGNzL&!B&fZ
z3c`moUOzm&mn$y@&MsRG4nIYDNraC%JH^l)d$1f}Qwxvv3gz}}H8o1bUkVajgyCdu
zt&=IOpXe@9%6Mn~Gq@sjMdaUE^6%3BuY|Q9okxOWT0VMaejKxRt0|K#v)fZpNHFxw
z-Sg6|9C2w07}doMK*t9GNRqYz*h0o4n0))+m23waJ=6n@?iPSXrw(AFKc6%M%ab5~
zqZ|{^3?j2V_COGtT|Ytdtm@r*dTJOs#<|^zpJnka2q?@()bY*~`{&^1NjBnwH`%FS
z+89uK;_)rWP8id(YGezbt^~I`xw8<3X8*?__oM79K{7#0;TS~B)Ul1upv{xVl)K2%
z=E>@v3t;wQ5-_@~*l;EIn9R26_a<`zUc`Y56YwGiaQ}ln3o%0wa32R;wq}u?cpUk9
z4sVIMftSFW1LBepaM=P@UI3K`0Pt-IsBZT9k3)}bzHI?2*WQ3i7TD?pXyqdev>F3i
zon8U0gvo(c|1L-xRN4WQXhEfXKq(VciUXA<03}7R-QO)V*6mgQxa2r+$rHem6~QG-
zgHK`ycoMYWlgJ02L?-woPC9|d{JyZ=yLE4GE7N_{vt!agc=_zixz~9bHuL`XaYbbo
zab_*q(P>hQo6nu@QTmzxKhoS|S}{Xpn<uUNM#5wN@?ea4;(_m#JXSl~?VZ^Ra7^cH
zSr*lySAvm3!&_Ql(I3bhfQ$f$Er`?tNE(35frvSv!VRkY6G8$YTU7uO3LtzSVgw)<
z0OAZb>IPK)3GrqH*h8>&8*uf70AMbFmRI^f)e30B3vlxnh!jkB0`#9bWPtD>0RNdo
z8({tm57-_U=V}=&1qbv3CiQjzJ%Y3U1p)@T5(Xh~#2a8%Z*mX<NAm#(!3355fD}RU
zufnNE@)(Z~z{_U=)stHQ@gGjPxB*&Aq=1$ipf&UO-StO`7L*?Z<XzqZR0at^{gJvm
zx-XLwX%*QM`y=%?sDCSU`wfs60VzySUL4T+|5j=&C~jnHt8;Mk<Yd+K<SHj_(%X0Y
z$BQg-e!h{dPz8lQQnyQ6EB78pNr(5>$4fC|ets7_{g@&Tzeg0uL|VW2)ZYJInDo0m
zz9Tni|Kff7ppo@(Dx$A%U~qre?{=8Aa(8ky>9FE+FXrd&;c<78=FooIyCTwlzqP@`
znk6jwaC?1l);%=lu;LAT#`5*fQs@j1aJ;xGyu9zO1k=7khay?mXFpG>v+mE2yBBz}
z9wJ4Y8T}p-ZqM6Uv+mD^Znm~&4(}1)$il)sfr5fUg0c}u(qdBOdc9K)1x34$2t^5G
z-ECRj9NyYETbh}<II|kOHM4bQef)x*#of-91^jxy&B}SBFOm6L<H?9)zYlf>e0XY0
zrGaGA*8^c}AB8Npec`3!FTAm$v2v)QU9bHauDfr3IUJI(IliHxPN;f!7*!=pg@nP_
zpWvl=<99FrqxDnCcN?vp+Db|N-NOf?r595owBZUfxvSSfB@)P$Olo>Z2$|ER`RhBd
z2H~c@zP@qayT>j=A8!0GL{9dT?5K@}m6($_@C;Pv@pEl4yd7&o6ib}7gm1g&SX=eO
z`+Unn#zx>PhcJWXYzn4ou0EDLU-PSjymqJ7>Xf}K-!$o0OewNatL0+lyj;X9Rb^43
zuX_j-DMj<Wi7_BnN)mhstram_c@V!V++Qaj#hIXkKv|~P@{5uafBCkuftdo)u7VHs
zldxaNRzf@EX|PY3J!<6=2`%QweV0wY`8}<xQ+wJwcuZW+OPW+MM`nCL#1?a>zC?8i
zj!jRgzmAiBW*57UDq6*v2X>%F>8uQ28}g1pvqC+`x79Z(*+Y$8%eqM$5pj2<1+H<X
z7&^Y;{Tu5~^$^?o!I$wn&8ufYu+gRT-XFfTB;N@nw{Mu_O&qqTJ(w<s`bk}M2mAey
zJY$V4Jk<IgXkoR4kLnIXe!0d|{#A=%_Z5usa@d;U#{!!}#A-9*<;|Sl^@E2xchkrP
z*Pl-}>}o@ZtA9BuRrDT~mr3?z+iCU@kCvn-Ia;Kmkfu&wyia|2|1Q$v*;ki)mVkn9
zCu}+D5bIJ3Mk+;A0?~QN6!?ITwC@maN=nu)I-YOORb*rh#9%E<h7C@B2@2y>`e{9c
zqB%v)B*1vthxO*St|R)7&|~x@K7#?0#NSxYW#nScLkc9@pj*q}{D}qOK4aSTD(g$u
zzwr2~75RC&Imi|XjoRF!%eQCEf_*&4gNTxvg&+o7!A;I~_{0@^v2>Z(XoAhhxihip
zl7ZkTTWhAo>f7~`nz~j+1o$7CJMml3;bH{6_+RmJD--K{7)Wwd;_0~65G5k_utZOd
z+tRXwlz1RWC2^R1#<lR$cuDw>WTeiC5DLYMx_SpCIAh5RVLeXgvmRL_Bi63pg!4$w
z8On$n;g-%o)A_oXW2B^DqooC#pZBDR$u!SGz|N{NBsCBx0GHb4j6Lmo`PSSz=(5)Y
z>AA;dT^Zh~#%I-$zRLF>m2#Ep<}O}M%cC+%(x*zPiLhyL!%R=mcw45atUJ{a&+*t_
zWc0no-JwlUS&yw-n443#ZW240#hPMoC!#)=X|dxh=F3DYafL>lvu_LIAUBw>7<VM2
zE6Z8b7qaVa%I{B^)P+3VNU4dp)H-=-7}KeUO<h^gHLjY2o84(pyOr%aGnZ}lQP09S
zk3neYeIla^LkB_EUCJFKNB#L&^V+xfX*u@uatw(uXwy*l+6d)DNpQs{glWI{I4jn2
z2Gq<pm?Q#xNCk;?m7n(<OMTAeIyGMn{oV(gxXD3t5GW`a4NnRq6V6T^&Gsp(2Npvm
zMpwg}kjLgU2tG$?y||w{i>r*C+w)aF*$NB&aTjji=Oz78ZD`1wCiCL5>0FGn^{EFV
z>uNc9{Cx~&8hK_F&6Oy#FUmy4)!Mm-yxmn$n&clKavi~|B+a=JtCkI4+Nez?>fYjF
zEVSnKkXkh`Gez?(BVE(s6DB9#TqYKj^-_+B3;v2AL!5FnWY$1>MO)0EqQsTT{2L!u
z@I4)=;livuy3Q(t@f+;?ym!rsQLl-;*F6<uIxr7`zbqxg)QKmQi9-G?gVXCW867J`
zbbKQR@fEYp5Sr_6gbO@Do%xeo^44czr-a*B#xz$Ys?DFQ$~b>UkR6i1z;K6DJl}3E
z(0#_^&x*sfm>o=>JpCSPi>o!a{}pETRIXL2<<=n=^=MNJ{qJ-~Av`yoLGvY+;g|<g
z-`1;(lR|^p!uE&s7gY_^@JVLta^Y*5K{hgSgLc-%$l721z4N0=8m2$1msV~nNhu5`
zJjLj0D@ChDJVDs5PHcFo5Hmnxl8J0!&hPO<mitJjS%O^CorrK%tnPFmvNQ0_>g#Oc
zZN7c?**kOZJX3@lsp^l^71E;e#{}*KZF6@wAxO}LQjXCu{kGVGYBu^Eml};B)i~tD
zoL-032)8;@({fX9sm1HgQpxW4=AoAH>hJ{}rg>A=5Y8JzYEkM?9o;O$y-^>KLYIDc
z#ovcJ`G%whk$LdXlQ`}NQ-3Uv|N2TE<^w}%Jep2Q<&IM!Eux4&2_?FD@HnM1wS!<S
zSBy|fYH__59q#}ICkwp&+cm-;#4?-JVHl^}B?u#x#|nYOp0}v{#Q|po^~5hQwh`RJ
z2JOBkOhe7X?T6SQ@SJW>K^xvAB`eZ|BQdw<Nae4yc_K1#l5I&co_tU%*AG3K$Wul<
za$TKJ=PB_|x?S|fT3GeYmr8ve`iqy#so#{0Wbm|TBCX@IRQS5#3<EiBdqESLQ9*wg
zhT+cwhK68kqe82b#o(7Co{{sNGvdWR0oobi!fMG!Hb$g30Kb3_sgp6q)^?!n*Uv_w
zt8+aphQjdGU(3(r4ijWEu(&;M^qb;|)6aWQbYeK$b_pcimcO8WewWR4Do)(<D#qB%
znEu<?X4kB0+ArPTqFe|kGYmG9VU*vPg_O<QV&snp#*d#7O{)tF5GFlGbaN+|WN<L)
zP>?L(NZ4)YyPj6vMa)U#ba3Fc`JVC)I!lY!qDBxl*D<7Tl5_8y$i_7qdVxjO{r!nn
zUHhdyL+%SP^5r%zk!#kJEeiuf#cxNlqxUq*FJkP*d=sO#Gw&wn+I{X1@6zsf_P5&a
zuH>dZx98lbRgB@UmrXstAq?chBaPUb7#8DFIz&o<5RsC9Va;*6PD&@BdhgCq<MQMf
zNwSNlxuIPZQiN61#13c65OO*aATQ~<-dDt_z2HwjynRtNjRkM#qpswn>ZZb;l_wfw
zUT0XgIt}TbosY6&D$sH@gFhU$HmqIa4QgrFeA!-B(3gR!_HpzFj$3yv*Gd@YN|d?H
zZRxMCwPT+dMbhuAJU&l7W#wFa(_r!KE|gnCFkxfYMtEJ3aATt{?8<*lfNK=y7Uo7_
zsr{_K60d%7g>CY7-@qBN%2#$FsON_Sp%O})vTSyd^{+y*W4ZfE@!kpssUMdPE-7<v
zSEsA3(4v$GhFFO2CzFff7zr0j=2;mwb3aM9xl#F0umXm%tmd6|QdWO1W%<F*Q{XKP
zemkYwRrxG#MJGkrow<WftjWvMwNzfs)%UW~q>q5jX6{JF6lqFG$maW=Nxnsbr_YBT
zbmh_0L$uFyX-eHaAL3Q0B_n0-=&aF)kl$F`e*Ce1zP^6n9EsI{I_zLKKF7{~wXDpQ
zd|_h3&-YMeAF)a#5ktub2W!z9{Go>blT60eY0<X>S0~N)RQyY)>**AX^L*F*?WKIX
zCUqkBq)b9$?^UWZ`}_MbOX$qLp40_j6wUjq63Sa`q@)sk-ckNu>v#Wf--K<DcIc<H
zGBS2|2Se7~cEq~;L2>cd(Ho7IrYm~BfuRIP4+LkLn-LZds!&dWeP564wUQM(VsyW9
zp!#TUe|K|Ih!JdK_i5#&eGOR*JQ^5U+c<Wq9$G^4n?le>>!KQ{kM4Mp(<s0jbcBRc
zPI>eybm_HA550PO?hO|GrYRIp@t`^?Ony%-nUR@V%)C=kkGPC`ABRnm-1V(=+z&{c
z(FUz`!CMH5gZZiZ^qwn=<gfc~s5Z9WWE0AMX3s>ndQD;Obu?w>F;PG1-qmZdxU{kO
zp%D;MSn|&AJV`Skf9m2PrWEubEz0@hH;u^P2&JE;_)x`gFN3bs{>aZusb{dA22wF^
z_kX^0wOf+9i0+v(9jDbtJf7H~SiwKksg0d{MNTc_WGGamHreFhu0HUV;_~DJ3e}U~
z{gJWI6Ww(TYvL#v<>%bw_r@H9*Lj)0@a|7zyJZegVEar`B1qu6urqP?N7b&sEv@$D
zGviOQ)3j3SVs4i=^<`ZJ@rvgmzk+BH=b-DV#QfA+N<=Ln8!a31!RmMYoVe|UNhD7*
zneR8{A6c<+Wvmn#RVVT+EJL^P8#cq3vl7qsT!1%0+~C)CzHh~vsPoDhdT{*=^Zbwi
z0g)^Nsx1wv58me`tR#kUX>k+-#b|W6J=ywlpD*q=#goXk!m*vnxI?I)Jj;$N&O-G3
zt~@!8o9NW0Pp2O`1gAj5?Yql+*8R4Wk^#}6wW;S4_^8@Vhlk^tEcQgN6CO>hpXBTN
ztkckM&uMiqE^P};n_lw&5N{m|<Q*7Kp8-C+<DTsB$mfTAM6?8}Wk7L1OTidlvmJ?-
zsl1HmW|9M3eCE<mVrU;5{F6A`Vg8_SNY@#xN%BZVl;SQo!F&&un=`w>4f!j9gEBAL
zGU=puuIk6lbN2>f{y&n3if@{}U6Jc4f4+dq$bI9?o}zu(pyx^(2annDc9MOK@zT=n
zfo%)A4j+?I@`~;ON&#0wTI95k|Jn4fu966i-Dj3E)YRU0o<-YyAC`R~&*((#U@6m2
zd@kQJUmc1Gp1vMi%h}!iEy&1lwmzcv`GKacqk~BtY67CHoxVoF?C!g%xMy+1Y>}M$
zmiyZx+Vf`?$sTVnM_v)+?yBg^(XjeFF;1kn+x66x*_FGu-Fk~PlYh1Q;C&v1jzGpP
z7uQE}y%tw2nTAn~8c>R#dV4n(B60U~>%qLeij`3GdaehCDv5kE+zC}iMFy&6$Kc^a
z(O_1QhsSLuiKk)ze6kSL^_`bj=fPHkNDX=W;_~vSgUG|_&q*^mmy2Fg>&Z_!Sw3(U
zfeX!Z6Hj09*R0uz#h(^MYCJm-w5J(e@CdxKC+j)W|G-Je_wy;rqHZyc2RCslT9D@8
zReEOcBuw!2q8hda!HqEowDm;P@99=crkvj*L~_IQ8e#(dX*RDP5OvwzpbWa9)W1WE
zm{|A_?xnbOW=ySL;H%T!9#KG2<ZiFtA+BY=#)%fPzzG{5r6@uadLl(E6s|z->5RS|
z*VX)*p10j8|1xcepBN9N);!seHh&(XIoDJ8>#6-#Q;%WMDrTXDH9Zx+B00%Gj0CYI
z`j%7ei%XJ<u)Og!S>6X*)cCYsVhfepkf2>_A9G~<bK*tUdVG&}^<`>K=k)SwI@}iR
zNcwP{tz46rFeKIDhN{Z*!3s83iKi^~$m(d2PrOYydC70hr(h(1LDbd<s3om7RW7Q;
zgy>AAncPZ8$iICQyH!<*%tVoML5MuSPof~6+i;NA?xXsYk<co7ZN?p(%!?dIG!)uv
z-R!)qosY>U_sWEY^M;J*=K{PouTkd|uieHvI<1P9@RT~G?Dm)-xu$i6Z)0l<-@{t8
z-r|y8O=-(m)-2{p7R%hPt*hJH>!G{eq%>Bg#MD8FBze}uQ;{-G`gv21amSRyG6^xN
z(=zr<L|%0GmK8)Nxn2v5voN}VRKX=yJ&tClQ9mA$2Jxq4xBFojg8TP3xEN-JlF5=R
z4_FVULztV_q-YNAM@j7uPxYG)5AKKDPO^kkLPg4rxb886&SA@?Ml+pfCG(85g6zyU
z@3jjY>Fb!2dlyLJ;+-`IpA)i4?)>C&<Nnh0>cjxL4c{WmNreA~u`&&3do8ATLWd$k
zZ2e|aX6S)o^#WQ?>Uaod*#d(0!9ZRos3(PP($j{2A8juh&KWNZmF{qaD=(*$SOqWR
z%rJ;;5Pn4TunN5bd+_VIHAh7Y)=LR#E|30U=mv4WPFozUz^9XDG&TBVpUXMQ-u&D}
zMl@39*qY6poRuyZ$Wv*dQ4x>+u_bKM^$x3#sEp|@Qw_p)uKz+DUJFwQ{m1KMF+&yX
z*jM>By1NTFzQ-6{oAXjd(ulAgQinn$t9xc&T!%FV18W&l#wsfh99VK+XII)6tg)jk
zbdj^#MY??BViBw>6MKl8BG)de)K3~nF<TvvA(=jU2n;46bEZ^3CE(4joEvkb(<O$d
zM1?<xtO|3Nr=D~=XDeOwD(7b1?``!Y5rvYLA2m2c#5-wndnvl|@c%+~y1yzUXSJ`W
zoW0u`yV&3DXBDYZ<T<h7Zf|^_H*t3tGc$9cMB8IUosC&P3jRv%2g+#g-YKI^&b!%?
zU?n4`2S+!q_NMl$fTg8}OWc;gV0i7-^VmB_FE1ybo5{10tFw0`2hw?=nH@gPSQo!W
zFtggz4OVIulL)eAr>>^pTiSWs&9j6bPP@<0Pp@MdvNjwQzwRm=9I}ddU#;y9^<wUC
z-i8t*#MsZ?QM)`$6^`*Four+l-JA?KDJ<e_CK}iV!Qdm<1}1ku6Z6=tMr!X?D{mkw
zIP}K&{EnaPk{NPK1jlDpKhw$Hay7S$z39uU$erp|;v~%L%=Z3})wlKX_U9(8tH;$&
zADZrY_tsUq-o5)fHw>Gz5k)s1b0oKx{j72$<ntyGw-B2}m|q&apV}3l+DFnE6yMz=
z6Yq)`Jt=6phrai{^ncLrd=N1boNbP~J2B!0{uO13WPQ4?l9;p~i(%N5xh=-unX}NS
z1o~>C^=r_ogk`-IXy-o+>4_0}Xt=e%$Gv^((ror>TQ-<ghcNYLP3|YJPEr5buxBRk
zHn)l7r0p7$j8u7x(r?BrC7M4e(>Xh!Z`B*N$Xmytjt)P|tATk=o(@@s_4d!m+#)bw
z5qWTVHzd5I*E#Cx=hlC~GRitvcv9N3z{;bcL69XZ`HRhgMaD<VV!u*v+q$uGId#XU
z@41<kv$+7x<;imD#|$v?05NPb&B5qt7VZ;M;m_)V62vvOBP#(YCp_D7>$fmSWR(o{
z@qDXZ@gvt-UAWH5HG{eDVUrZ~v73INrsRbi9VIiXh6#;G?@(Z}cRF0WW!<c%XJVDR
zk|XJ;c#U5|)<bx+ng9MH<&AyF;W!5U0;>b9td7+1N;M7&2DzgyDtDi1NFLsBo2$|M
zYTQVKB`?1ZR1MuEb2@B2-9$m0WCgx-r&)?>`d&a!gZYyD{^Xd*ZF7?-KOuj}D6$N_
z7jvFusn)Z)&17ql=8|~?b@QdO)=c2XMNQ<-2)FQzqn(v;hQ<&v#J&7r;HoDn)s6OL
z*Yfg>#T&MsBqWCN=?UPt^vy+jczvd7sg5zJATBck{+ZgD{#=7dL$2*BQ|;kO{`nxf
zo$+$EuLlgc22QXsNU-U+PuzT;cq|t_k0|T5EDP~O@@UK$YhE3oFqe7HRPVedK5__U
z-Deu`MKn#?wBUsdF`r?Ve#$7>tl%tC{OtS=Y2|e*Bj@~yu0(n+5{k6n&A38Ll8@K$
zDcxK{zg$d&kMnTcj;3OG3K{gxdGZP>>7HGx@N&P|oaw$8oT5tHjzJd6WV|>h%Wk@Z
zybn47F^$Zne6lu`tX3VoGZ}>9=we`Cm5zPVMqhkI+v%Ac#GrIOWr*L|0ZUMb2H$Dg
zF>l@=l8J^hOYX^yYE@9SaVJ8vEN9`>^4C_e6T|Xv>r0HxS&s3UasoHs>yN&sc5B#F
zKY53?l_~e)Mm0V!-PcVPi$rJwFSBLh(h5pOGt5XhMfBXsU%eAfxLBEJWN8pa$Z~JF
zZ8OS~{Fq#0ulEamSRz@&yg2FuXCxuBkTA}{Q_VuAv#)9CHq0JYAD=U2?ODV4Fh-li
z841pCXv84!3U61yb&i`Tdy$4i#Cj-8wJF9F^hFQdHbj2sUK5yXXc-PDRne`cXQN$=
zKV{r~X^s2#?8C8u)@t)C)0<>B#1hz@TEsqN+z6ut5(%2OFZABQ&Ru^kpNu}X4RZGQ
zcrtl{a&g?Lp3`6Xs%?dd$Le?EW=F=0ZrZVJch5R2@?4#s7uO$*I(=!BJ--h=3wBs7
z5ZGS5`Xa^-^Xn%iQD@}Vu%)Nz*G`BT4-WbhY)Bbrbv(74<ISl{cAT`UNP~g=c@4yJ
zKm<-ECH15Nc_%T7P7`+J>VqqVY=ds78<f$)TM5SM=WSomGv})UJhqmiI_tA7*5BG0
ziJN+7e_SX*kbXP1eNj9+Cw%t82W~~9;edSsO5K|XPAt`8N`7JnRVLH#`E$A(q0C&(
zdDOXN)-yBr#Fk66M$?_RAk_Z%M5B%2?8>J@DoGsQzYF4xez`{p4IfnP$zmV)^p5Sv
zj1`oC`g=8MnrOJSIBLU$GPqW}6Jxukw1P5rxB)$1lzRv7?)Ef4`^40dG1h}wlFS|q
z#2U162Ta`F)E5xla)~>%x7;aVSM)y1D%E+UWIfV}-e<fTuwow$7>IR+I7Z7omo7}2
z2!xzl+a9QNC{Y-D3qzhXdSc6x)!*WL7g@0pmJ%{DV|s(3O=41-uvqlUZ)FLg{Ntt_
zzN?-*P2&BBSKnyhj*5ewhJvhYPX?(bvjPaYn}*>$5tO<y4AW?lvY1F0L)+INKOzMe
zw;CUe_?jr(YknMwuIQ*6#uCWQd@(JgkcIJDJW45goj99szFDA_Uijl1AyTd{;^J7=
zURl)TQ^FPKtP{#q4Z_o}C$xpN;dI7$m<u|~x*zV~gPMafTU~CRQ~xI0cGR-3;)vRr
zuozz9nQ`$`N8ET;-)@{G0?VjHR_`abbu`ovCC4uRA_#MmoH)VvVd<9EeyY~D=I}kD
zo<OHb<5stWc7l21A!H0~FUT;FnCT{!i|ft(XbQe<i(AJw!nC?j82dgZhdO`VCVhla
zoBJnsL@EbOwHFbqy-#_OBBl|GqKmT)&E_%pF~nLA{pXQc8B60rU5!fkj3d&-9?*K?
z=)FlXh>NV1Ub7>izYeiPP!S9zwoY3vAZx0aC2#G5lBm;fd^WyBiiS&3<lR1V*aY`m
z-=XCjm*#iIce87r^Vi%dr+4&J1Msz-p*(~ko&zJU&v)HK@1SbwAgK9@3(bAKzjz?-
zHAAQ)Z+_FaPU1cp6j?rGjfhH>d-cHgdfe%PqwdhZ(`fW8ws2&19M`GjZk0vnvd<8<
z6|rlY%fG#^S(a6Qei_<k?>LRchy90}=puq%bZ_HXDxNpx*TQQdq#IJgp9n&Fc&rB&
zH4^2aJMfjRs&op6ON04Wm;q<lPBi1XF6^b_TufW}PcGfQS$=r}3;pfOWMDR(QxWMK
zO{=1ofTmJ@*L|g2xt6vmso4J99EoreqDxrOqfd0>to_ZXEImsh_y{@Ulmh*z_sK9n
zT6P63Gi;w^TFjyF89t?i;!VNv$%pxLiE^VI9gJfam6sptO6aJe^DHbKXX@$h*EyvY
z+oA77<}Fh7+CR!pMvJLsN`iacX;iZOyz=8M<v*w!hR*K(nnkEKV;3h1EIM!Mcuk3x
z(%&JjRgaxAkzcnb6_iubZ0V?EZ(1&M!dzo(jVB=){zQnYhx1d);^8pb_R}%)EBxqv
zF?v|#mq&`wrzLe8H96gD8JiQRB$sJT%nl^!D{=IF<PO1~H*4zV_O;U7$l&T1Si~$<
zluBpR&gG_dHQJ=#m9=iA?KMapVeZU46Hkz3xyiFklF^zfDXLmuLcuqT`+YwiEYQWs
zXlSj;L5M0)sm)1zlpH$f)x_4$GRp*KHRoG9OH?)(pttQZIL4!qE5dev6<B!N04HDr
zpAor3X2(_QXNwT#hx{=Y0X=3<PUhC8o%0>FMDxM9zJ}&ZUm)j2?w(dK2WAkzdC<_f
znaJi7wG+gVW3NHfdy3rv7ynD^SVJ<Iv*bv$&nJO<->%kU;}z~L`^hpZ`P=ZgTgyUi
zKL|y@%S=(x>7bqPb-!!36()-g!Q@8O`pmtWwbThK<lp$QKV6tbI(&y*z^Czg&K8O%
zERt+*{*Z%}hDwj!c4RtmYh)hb8vdCwhb?Ka<>cxw-zO3h;hLm+z9HP@UnoqbxbF?w
zdqfEP#7^TcRkB4ciYA7I*jD9bjOIG9*)j7zTTk$t-}9Pb=St*$=|p~rjo-X$&@z)A
zTspkSferPKQ)&x&&G#Uy{QR7Db&u)``!e5aXQYT(%+T$RO|FtlUV5Euf-<&S#2tA(
zF6V3LC2l+E1u%Kg!*7XtB*PC|r^5rYt8S6v)rR`{DQIGw7vP)5jrvOT6uP;Q;&Gfk
zaxV~mms>s%(w`u(D;u-j5N0fS?yF)L=SpZt8xsv!%yiMAoal~ybTet~2s8<~Z?q6^
zL}utAC#lp|oZF+*5&7_r&6nrlLl)6{negv|5F_45YO-Wrnzj*b=5rz_`LtI=D){c_
z+S5lETZz99IaxH8;N+*1;C^m|GEaUl=@mSKD5H~bT$S{c)0!nS<Gg?M5iW|CX`kMn
zjJ8qLuF3{l6N|v^d~##~U48kf=6q12Wi7czA?Z>+wZkmRB}saOBFyVF<TI!_Wk-{j
zS$t={?z7)HqBx>)<LyNzqTJ`)^2Sq_WD8M@3*<xfOQo!E^N*cuo(-V|^I3dZeidh9
zU_%)epPhe${CXr5{@KLmmo35qhaE3q6OUyOj>l<Uz?KxEP{7pQcga9G!RG60bBD!~
zwGZ~-Oe<t((T&=@^y^OwX|pk2ui=iG<D*Auu#ho<L-!0=jdRVCTF{}LwDwELLuQo<
z#oBZwS;2C&3>ON+Qnk2ff+w6zbGo(6-#t3(>myNcZla>=7yhk#J#hlO!*JWtL)QF+
zZzwph?qah^ZaO)ogN@D6%&nKY21}7PawUA4j~lVfnpxcMR<n)iV&tn%I*atQKlstZ
z#b+NhcgM~~)dX$YU`xii1S;<mYw<AKp27DkbA5B*&h34l#|M#L6`<iB)biW47f(66
zDEV1D-k$^q`R;Z-XCcWy&lc8OPppLXOi23&w(%+Zu##NokOYe%)<%M5iRc@3A^&0X
zT6m}NJkfrqGn(mbd&&XZ=c|(Eq(Tw3wV6K{e2#`p8cGn1#y2=OgyST~x%<vG2nM#-
zUWZQzHcguRWYrSjpiC|<Yeqv!(8E!sUrBNBm93>Mku!RU!swA4jq`*?WWp_VZyQ_s
z4Xbxj94|TF5zg|_fICzm$|`mSgpqIOAVA9e2;-E-!h}b_OE=At8CRyWyIeecINJ#u
z<HJP5Yl49Vx7K%9v+?bYZM(98)~g$m14o=9P@X@dS)}#G+|vd>FYvX6av-I%EX+MU
zBYS%KnRVWqEoiPN*crEo=8O77M%#y18jV~7la%Q<h26OlG0_V829X#n7r_IR&<c{V
zo|Y_yiVWMu!{s7Dsv|50Tzu&>A+H2Y70}cqR~?v%cm_r)OC%W>Ctq2jnVus=y(G<H
zT9FO>y()FWp5DoXt6lNczNz~uxrB7MwGexcb2Z0a9O+WG-dDYsKl(0+CFH_G+R%+<
z(0<Vwx5GC5VhGg1{{Cy34|)za1NhtQ{rnr8%Ee!OI_p#Pxu-<$aWqj}e6a-Ht)IPc
z9UfzT3T4l(ZbGX}P_O`eC^a?p++EM*t0+P!crP7?^FI2h1rk}caxIM>%(el#JzGBQ
z!-J|UJX@@57uyd=uD5l|>Pi{%;c=ur=D$eU=6ys<jg||^1*7DCJa;^SQ6E8zOkhDc
zM5}+Mw~(wSc)ixqJlz9B$KgEk^yTX}t6m>ICY3DWzc#Oiy-Qs7@B=>8k~7mJ#a$Dd
z4Q*MF+qz_DyPW30bVd>1mPTfub@$1Fy69~!EbT0Xs!ScLA!dCI`q~Du*r!9v<a4fZ
zZ?0byubQb?i8jh+sLs5)Vuwf^P`YTxPA~+-v)IMxt9c_;ZP_yXmRL^p{b$|1Fpcx1
z1`uY^gm~&Ww{$*89w~7NZNE&cu|y>|BI%Kh$wxmrpSJgl751*kjH-+or5Yw+MdF4R
zs(?&BIoO6|`I~JyM&o=HqY;y76j<C)sD_KWYjo_6K#!bvHD@)svy|I0f_x1&QQr){
z#|;`0i_t_+?UofkO}Z{SrQq-swDupC8d;O-`I_)?;%-^|#Wtl@4qpK__QXk2+@N23
z#jBr%<PXfsnZIMR87|lCUz~k0Wc~G=bmlF@oH7B^<QJ))m{`M6iFo=;JiLA=0%WS^
zNWm{mh)y?U=n|*8Pdu@RtlqxxuYaQdgqOcBIKJc}M-|E+nmnM_EL2oLlCJ&D+9w1L
zLnK!EaQjF%t<svo_!74WjARLX*-gQyhAY{Yt(1URS;y2^oD+<AV^Nzq?!hK$+83xL
zZpmFGJ#nK{nC*6}FI^M3fIoQP{ZmpFJ(S$$wRyCP6#Upleot4+huFm%W8LK=iUl7s
z35ghmpAi<eoz8W=-#0AA85c}*SH^;-cHU=<KBwFDCMS$t<~6GPibK<Ezsn7wbrakx
zE=b94){E~%@l1j<Yt2Y@2=zwZ`Yx5Zg>2C2cTAZ?mf*>3dYb$_=ac6u5mDR|b%mYt
z4+>>`NU3DKB{5<6UR9m)8xip^7dFx3jLOgFD^n+ZBxNLS-U&pJh0a0LQhN-x>nb<S
zdUaEbjQoM$bk=gTyl8(;U3u5{Z3jDRW5Xk5=f@}36utv?!NaEH6-}ckM&+)BfLg{C
zx|E#6fiBgf&M=N!c)e-1z7J>2*b)jc*g_uGJWTk})!ifv=A-p`D<-hXHMHCvOtUbj
z$&=&wN9!>PUx;W<y9(DtyF03vkSaK-lvtWEev-&M^rTM*{Su2&CAGt3e*3}9fIcB=
zo=TfxH6p&zt>@CfBz>~zCJ1S#x*{Mo(_=B^L2ZHQ+f~59xpL1>ay@L-bKe@&HYaSe
zuL^8z`q=T8!d8mQdPBAq(OSjFqt)0!CUA!MZ#DI?zr*|093u7_<lF>pZ&z0p641H}
zba9dg^}CC!bc=Clz~Obrz`Q$4{S?+wh5kIRzfzyWD$SM6ENFIzy_6QS7tvN_mWWQq
zzuXY5`0>w-+|R!>qeCh!1%5ylqtj;k!lhs+sXkpia{bA3xn`u@kL@oxnZC2FOw_$<
zq~88in^gB+B!_RM#0qA-C!!i~O5-PObHro<LGKKdq$DYJk$lsBTaXvPi90b_W)tr+
z#<^i}NK7qAwT<1H^a43#V77zHp#hm2N(kdJ7NH|UnWe!z!BRHu=CYrhNka*bsR9Y5
zL`0I_QFglxS<LY;obd~?!SkZ}dsDY|e<s{`-G@Ycx4`B-#j|}&;+XRcY*l>`(jT_o
ze7NXIMw9SjO6R!d_U-bNKjI=}^{}5<`JwQMGJlY$nfx5dUk|(;i{!W&xXU~%TJeQ(
z7mP>y%5Zf?G~$}-aD6A!ud3VpylCxy0(XItd-P`A+3O30gOd&0CktYOqM0D3mdF@*
zeZ<P&&|1Z{jN7t6j8eH?@~nvGK^2!*m{|4<Np@7^H^(tijDi+Vw`q)#t}zyw5dVyT
zrLIfR*p%zlc~BRpp0X?!jnIKBT?D?3m?Y+~o5WNu`?!f=X!D?e=*CS1SsMR)8=i_P
z&U-`CwX!!UQI;L7eM>mS^|cRh#QtO^C|f#&m2PEALD|E%V(-t{=yv%@fLCJu`y*TL
z_e-7d^oE3ZBo~@Gh{eQWPFKEr#8}g_k|Ei-w~SN;df4&tA}>%PxgAV{eczHqj;}5w
zvN|;vyjINp-Cp@xx+^OY0!Q_#^z>P>yqn}30<zI+O@S{jGc0H8*iw<B5zQ1;lX2;g
zfLC43kXg8hA5qR<S6??|Ay_M-2`jp&M^rl2I7n30?c#}5UqIi(Cz?BIM-&l6yT>rr
z{wi_8;F!x)Ung0)B*7bHRNno4(+ekwY+<FAI>sX@7vxT-l>2#;MuiI6e0knDMy;Zr
zMW>y>8z~@F4*p(?pZ^tNoe)Ld$<NT&Pcs;m1CLk?K6NXr4V{WzC|@WHuE^f+J@Hj=
z{Fy3u-G;qGH1!<#vH8ux>o$eND*jG?d2-M4>K;^ag50$Vq8RLtA<mzbcC9s6n9i}Z
zotP9&7$&JuM@xSE-aNm@*Vq#+mFum|9A~&;Y_k8R)-vzPr5pOoc<6Lh%bS^}tKlmt
zQyW32dP+orkg%}t_Os+ZfBG+hiYeglS|0JN$p?+BpQ3Yo>OOkyy!id8L8nZ18m!K8
z7&OJyV6TSl#XA)^`aM(YlYnRIr;<t{!*xoZ$z+{lyIk3=^DExqzJQrXw@acl`*C-P
zqR^d@PLC0NHFfoqnamd!cyWQjz?WtUpP);ynQh=aPAG^i(89tIQs?pS;Z&vIa$ZW8
z^8Z4ri55s$XsjDF(uxQlH?Glxp2<g}Vk>e#gg8{ToY?tMAuwY9QvT@NEU0hk6}w-o
z8%8|J`HHH#;DhF1l=bOFtGa8XwDZ&VvN5mD9KG}m3WHLsxj$Gk{Dv!=@-4bLMtEcJ
z1&`N0XeD0Pr?F9{FF|6J5k-?=R=fqv96Ee{j|NvQrq6?~ZX|oN_*y={Blr{iy1m7B
z%DXAvVU<rADr_+~)AsvkfrU;;J5TeK3#6JjMMvH`8*?S$Y`wzmxRpxFQpq(bu;x#S
zE4N4w;Y3A>C_60n$_}X<?tK&PsX0*|E9sJO${5(SS6T3dGo|ku*}48nlumrCHYDoE
zEQiB9t504}#<f7>ND@0<X2tAfg}a8^oIU+93?tmnF}G*N87zjCRUH+(jtLu#fi+uF
z+oegOiYL<~(G`I-B7rd5cY(^0c=kREut~FTehDGPX3va#bfE29*_ebas`>sFVqaHU
z(&e7f9GY^tdh{(L;yS%bDW7A+(4tZzdNeJcnf*<UQ)=@a$M+>{h!a-4IC;2|0At7$
zg=?X_i<*0R{J>j34LHa|Oqsl1K+TISY?}iwL*AnWqps#+%Pd#f%0Y5tE>?|dN>_%G
zlf~Mt!*c7!hmDQSs^nr3zgL}^a*}s&v+$uQIuQnlwAi-c%<H6KO?_(xaxvb>$_A@p
zcK-{(Kt8{&X6_oSNj|>XHHXP}4Nm0AM9yE<zt&}JoNx}U(;$Oii>{fduBOMWPN5xz
zK$6UOF6yvxfuKbCAWS3K4}s~^Jx^9iznV-X{bgg?Y{WRE$Aam8grks6+_<L4t&Vbz
z1y3K^YPR#-o@qB&s6k=GHqfuU&0s|<d8OAXVz^I5yH2JjmC8Id!H38-RUPa5olIo?
z6izav)o3oYmDH=e#ep6<qUo8L;!eSsw_S^llm&2JPbRhg;$gc%-AJHW9p4glOwV3V
zCc*w(Ry_>8wUi?c=R2TThkN!!0)0K1KKqN2de4PNIvXy_3KOw$Pqw9t_(HYKuZQ0p
zY@v7H(X%atKO}37=gUHM7w~q4!l7^wQL8P}l__@)AEr%kXB<(vCMfFO6BQFz+uOHh
zKJ*|Lz)Kik)xxm0AjYZ47{;pAB3p9{uU=<qXT4fVv}IKs_9tr<&<!_7NPGV1jd}uO
zRM~QVesg!j=I0mp7Z*&Fzn*`nvXFq#H9;l!eP0T6<I2|8?KpN27rof<0KE<(nu=c8
zioe5Qnz;}1K_c0&@XD_pzF)ib>Q^5dc=h2b!NsOG3H-{-%$}?8$rJDWRh7SX&H1Zy
z0e6OleirnLq^~CrJ3z0wVBYv^y@u5_)Y6lwyB}Ekd99L53`qRd8oMi$o6!w?_OBb2
z!<WP@;*-g_KbOJT9>y=!*7FUsM8n$GU-yB_GPVic0l70?oRx$v`?w3oz8nXcp6zVk
zOq$E3NVjPo3PrglsM_wL|LQcs5V^V(7@_fdi!q(JSNnnl-k%XfNZurN-Y1ZVGOf3j
zAts_pv$z3C&*+tjrNEhHOSxj{)16D5d6yZonYA$*l-C3m+z$@c1`dw3M3cb7hPj*|
zbUkfgvk8w^dL)b6@O_ah^r4LviOg}xkKdUK(ZOq$;V>K2VrtliIRZUn*9wjCB_?G$
z86up+si+$5Wr=V+_kBOZJQtql?mXe{5dgL9Y8!WBrVE<r-ydosf_m-WXtER3V}JGd
zpKF3L>j#2Cj8cNlOOF)>x+W-~9zcdR9O-Mz!y=AXVeS?HFetKmO;8;DG`KKoQ{z;Q
zgG<kT^-bZ@qgdZ`Fw^5%1+O1O1FRW0;+&UEV|t~+tm7aWf`n?=dCQs?0t3>MK9SzX
z-<g<>Tn6R3t_f<EkKLbTBP-tE&qmLK)LT{xxmqt&z4J7Ll%QOBU@r0sxIc$qrK5LG
zf^y~IG24lp*!Y~_GDA?9JiaF}SG^6U$X*kaAb)*~l(<i4O8LV?(9~^s?Ifroe%kI{
z@XE_Nh9@08D${k@5_O@B4<rYMhLv;yQG{EWpt^VbB<n2<R{uic!ysbfoF+JA2Q{O^
zLzXzV*$3;@s$#c$f`Z&fwtGwuKAD^nROCK!ffZb%%?>ZOMHOSdA}G^+%EmuV0_S;T
zRj_M{vfV@2-Iz5>Axs5@1+NLJc0c3ne}YSpqNMjpfZHmIDB^uhQQ|v#hI*e0gI~i-
z`A6L3e9t^-5Tq~?{SJaAPL=w-6=O|(S_piq`5{OP1^x<i#13L5&Xiuy3Pex}{MFCZ
z1m(fM@d8CkIs8$UnR?VF;aSv)kGk`La8}uJ=cyBnVQXGzkG!_k7T}VJxeB5u$DJ@b
zHhoCesqEd}S&hOtdRw5CZ_CDe@2n57Vkw6v!OS&TI0^Y+1CXOyhZ?|ESZ`DgpyAT2
z;%K}GVxz>WUVUiKs`XZzESN!zVX#Rk5wN%>$%M_Gw_&0uoQvqmlOGz|#<S)^U}x!C
zDI;fwMP`7BZ2c>&i?a@*Cda)Fp-yqf3PK@At%4m0TQCmhZXpgqq@XI^;Y1zP2VG?_
zF&|{|_doxXi(r9=YkD%_gHCb^dRX!_)f*Ny>L$|$KWWsh(Ol$I)yCU`ew0|yRul`7
zWg=sZ;Dwbw4)-NxHe`1>uO!EK6H=PJo=my>q@MJE)@>H69CtmL4EO7d(I7lZEM*rS
zuJ;LGVwj}J>}(Sz9T7TjB|`ez*YxzY5AJH7TpnCwoS3@7o`*&At|{nk_uJghU;g5Y
zWneZ#@};YJtdn0b()w>%!9P?wR2txVGBNH5Ha$?>)LGf>gvL(mg)dP0PzAM9ujwgv
z?{D$2y8$4$0LNtL)FMu)=9->5_dYZy&||@wf>pL+(|o?3Gd%UfSB69KCR6Qxd!&?E
zj6>@5qkNio?7lylJoj<)q+LqPA1pUEz{||%b^GG3(9n*6Sa_;Z<~*)jVM8n<wnKX2
z+Xv1}cBhEU_@gJUy?=7p@LXmQ7L>{Kv`^?AdwC&Bv6K<J93`Ie#2I~1Y0gHvga;ly
z4egh97D37Ekqc_QUDPs5MhiXc*IBr$$T5&eU^5e&qpC(0kxn&&LfYR9DkVx1@F+NO
zG<aSMw2^sv-hpVEuM@WBSe(GUab^;UO)@E_<8rHFW6v2&!Ldm-t5q(#B4UQEx+7Sy
z1>XU&ahI`bb7YOJYf_@yZea9r&wKsYy<&pY24y)GvdOX3ah>>!@FqWU+&J-G8tnCM
z1k{52A)u|sWcN|QwxdL+j!Y_)b?UAai>?8K*eKDfURUSx=DHspT{5+=5;(ZAdkrIN
zfUmR~1$xGf6l?=Zglunabj5ZCvmk|Gj#uHpwrY8u?OkxOt0Cl*DSSV%Gs;e2-^jY~
zff>{-4luVh?gP;GsQ%2eOyZXUcFmUpS_&urLag~l!sKu*Qga#3`<zSxe7CGH`<WM}
z=)k8xv46Ey-h;pW9aYiowdSC^dsS;|a5B>E(yq}a&=E#<>I#8gozHLXf`ve@Daw2A
zk82DoXjIa}p1CUVan@3Ty52D$gRsaEu-Ab#6#)y?>a8lXWx8WAmg`-#GS6TUh5Z&#
zRJGK|GkLaUqj{@=W*L%hW~$S4siZ6Ce1CpxocDoNnTlE+U2q+^0d&cOzU|4xxSus<
zof4=g7C~^7=#dvgu!SGY9q3d8Zd6naTjuJ~!DNdze=zxzOl)}GqWKhG{)m?S@6E>)
zIgVEr8l*RqNpr^rl}lFS<4Y)Oh!vUqTorS{(lu{pqZ!QDv!d*8CR6T?8}2AcWTYGo
z8;s3CyqQd=`#F;seQ(fHGe?Q7GI6u6Rl8bOZ78<rW-_Jjmtd6zT7JZE&<1h7CywNC
zE_j2>TZmHJOs1i|yLpcJ`~pC%QLZKl0wBtX4joyX71kV1hG@C1dXGDfiHz3FRo$|O
zP~G^0%k9k^18)K?Ldnz=K9EPLDcww_n*D0ylpX_mEdo&Ym6$@UFqwcgtyZATea1VA
zS&D4b4n~*FhVqlRVwu;2h^OL3SjJ$C7X$jSgA-TA&}QIa4{NhjuUlXR%-ECw1-Hi1
zAinp+g*u5TB)PI|(J-7z&7J2g${BP+Q1f~axYSm$5m+~qNn7s^%^W_gL~o^$y-x7g
zCqKJ@vVS-1{FAR6qS?>?{>hBj|0vDs<nGfSb6&2#4+Xm3kkY%ZTGLbhZ}7Lj3xeY&
z8%DuwRa-OTg|yPnd3biwGX}X;)BfpvgYnahApbeqY3TWPWgVOXH!hWMHH4C&vh-nL
zFf$sxP(EzrV?FX9OnL++D4>m(PSMW3nM_tXWNmi=9X2SzSlfNI8kQ^g2Y?jtXa##Y
z+OSNJ3p%&AtlRmq`|Y7}eszC!dmr2{C@N7OH`jHC%ip-n7q#FIEECT09Yjix*z}Ti
zK_W^~Q~Db$vqX(PT~UJW_-N<n=&0zW?R_MQ_QhC?T?ju>vrQ>rFnc%H#pNaTYoJZ0
zVnt6Ju?+Y;FW`-<mc!~>s*R1&f{O!Zfpz~m2MmsO_yiqu?xHA5{aQ}5o5|#;pE=4q
zPPkLt1h?OnHFORNY4xES%pc!uaK`Q3U2w2d)UP(J(kb@X&aRU|f$oN{`Z6xoqVk&#
zZ%71XtSy=1nX=?@C}hpEZ5JLt90k3W5nsTLypi@d1i{mGsAXNEDH5(#gu{iRmh}J-
zZ<{r)PEmp^H>5<XEtm(fWg8S1N?^$mHP4gNjy42!tX~XiDz-H6ow%K_kq?b}5aEGE
z&%`qbB{oI85?7`Ro<<u%2r5p)&&QgMwW!n}VA%E?tneE=b@a8#P?-wP)X3R%%1aEK
z8AQV{`)R>upkxcm#R_Irs#ZXDj40clqcQ{PzC@CahJz3`iYn9rM#?ZnNYC&fhBr!=
z_JF{@`U@sXx@k)o3vmuxigMMj7BxXpmpZDGgTQFBlcznC<GQr9Egx5e6EtrKs#A}x
z?I-w_2?|d;EE_m0!b#9UlBHQ)<R4BE0xRzFoVlB#oXP~Xr(=RjVgK}h^1OiUa%BB@
zW_&3{RqCS?w@bc6F|#h-kg0N^c#V^HXDY*ygdKTL1xLy?Zd_(p3bxWz{3~Qpkv{gl
zZ!>FCabw2WMaN-db|ZFnlZ&gHTTEFAGyo;$6)|O;A>TqBCimErkRfaslVhW^(H7y#
zW<6sHQB=czB5uwzGLyWjhWf!lpzng3bwImAh#MH9Tmf`}!{B2jH>!cnqgJb$7e*Bk
z;~!c>c-Gt+lXDT*EboHUb<I-uN{~ThQ?a^z*T9;8ZIsF%<RI<}3%0A)cr&3F%QojV
zTMCh3AWzT(Fqzyn+4$edM6&loWtFk{%fgHE$ujxdkDtE$`Nt1MNLBHMl(4n!KdBl9
z2>oBS<|weiH(dIX6YLKa7QVWnr(=BtTAw2?(K-Srs*EiGtqNzv-_Vn-J_6EuT(R;v
z(1)Pt%?&*b>u=C`lc`vr3K9X~J`n^&kMj%;^~1+*Ye2>i>m{mERF(4<x>s_!zveLA
zR(OOCwgWwq^OAOO$?m2FfDmDX8=9tNX=5(OZyu_V1>1?9A?zjXG+yI&W4$fU*pCVi
zHWEF%8No)PXOOFuZdSF>zvsy^7hmO~*Zqn0WYH7!jzKjW1+8F*uH|aYhO221I6dw*
z0B$vQJ#2qgJTz>_qaEWmyl7gGzEaTswg-%5!&zTDy~_D^q11yO95*V?F#riS1{-zM
z-NaBcju*djz_vxD@Lx9<A2OAG4Z@#_0Gi(383CeXh|&f%>%?MW9i|W#dP3lP5R#Qp
zgS|b7h#t{<DI$85ZImEci>0VhUTG8(Xk)U?W~&qapnbSRmre=Sg2?HSFhqhWJzgDd
zU4?{QZU{<zTh6m=OA`^VlkO3FXczGFMI+#$$bv4o$t1ipUezC@3YrJ$33L1SA=sbc
z$JQLbF|n1v*u$OfgeZ+uuvr?G5;Irm@sdE4=s+F`i?)h`d8vs0<lIzxdf#T<P)4Ct
z)w}W0rue60VnJy1tWOB-bQ>r=nQyzcqlq2{WFB1lD5`otG05=OWNjWc{Sg%P?vL#_
zNq|mm4_soFRdoplL7X(n#r{lkLK9fZk3HM&M@rOt;_ZQ+JooXo(5WbSEtTcaLg#;&
zKt8rYq@~eZGeiM-8@>?4PLB_n!vXd%14dn%P>&!AdSnMttg6;+=CZ`#rLeXbDe3G%
zcQm|iFvYksHSsE?!U4ae6tFFnev%}Wf_-6-7;K*#-+X`M2|=VNb?wfhPQx#%rzTUV
zeq|W%f~W*h(4!$;vPWw6-~p=0iU2nRWu;#M6g}GDr;XWkD%e3y1yeJ7W;_Ez!Iska
zJ^3ORS^sJfDovJf>}=yrCQ_?Biu;q1jK*PEi^f)&!IIWkvPZ(MW#gSqQ3|{-2#6++
z@FnNE$`av4ogRzulkA~@nbf4&KsG0U=9Zx9v#*9=>U>~yY>Rpf<IA{CXf!&;CN|y@
zRC5jr0(I^Qw>}0j(&HQ5`hS|T#4SbXW`N>ha2|>dy`?D1{9t`vn5SWn<1nRGPT3}i
zhbFmjxr0vIViBxja66eC^YfTP^n{^la6l7Lu6RH3Ss_<83xr`pNXkRz-rLE9m7|w}
zS*glij1@Dq<q9wKhOb<$WOy&8$t;FI(UOT#OSwv67lwsHwPi4S^_HTh@(wV&6yh54
z8!&b3JL6^Xyxoa^4Qs$;k$%rxidxD$=y8We^#EUC>_u?tl8{xc+Nz@>z7Tr!D5gnC
z4zVlKp;%GUoNP>7y;+4sb21T|OhwtolDXrkRLMY@i>++2xM3^^91&2G4UVf#TP4Q2
zo##w^mD-#hf-q^a8@y|%NycCVH{pD`TT<f57S2Z2O^Zi2Tb?w*H6};SBf6@!n06L>
zo}(zS3>{{;&VuJ?(yy7x59f98tUypqIc&J=F1USywWa*MMSt%C`ZEZb9@+7-m-xQX
zljuQ7P+VDjHByzhZlJ{hnJG>)v@h%@5SWe}zQap_RyLbCh@U3aId-;+E0%pbnapzV
zB=0DzOAsk#5D85R^Bg2Jtt;jbhzvSk1QF0=9M9<sdSt`zUW=`YLO_#D9NmAlF)#qZ
zZx_G}nXIr{oV^1Vc9U7y-ycLzlYMl#L9xp;Jw|~rO5XVMN(cc(&EUgJ!YtdC9PVdu
z$WrcTqLvI@xo9R3<=Uw-8ZH<a0(eVMN7!(BRJ>rqoG)2ZbNr?t6q=j?Wrl3(9YY;m
zRm(rn7ErO8m#biS(Je)3U_j-$y0g}WVbCNGxZJz7j+y8$8POv&S;VuT(4-MBJUkH8
z34RS!^eDrweJRV7#uyb>R3-WhPfGfC#}Wu|z6MzYMSWkBU1`kih0trp7b;l2`Ie$S
zui-yV<PVL^a<y&-d8Eu=aw2~~k3=2zEKn5d%{Ed4M)#Mkki}ulwFnwBDJt|Li-n$$
zOSGd42CG6$6y7aC*<CZ0ES+{<9p?an<qgG0!-I_`V=%{68;yrKzIDVnqsbQx5LsYQ
zN?WaJ9?TWFrKpTMOrIBDIZ9MApXrk<L{_Wx!T-ghger_9Clgh!w)j)R<B%SOu!r5E
zz$2_IH|inWbu`I>8H3m>m~O~rJ?k!HH4g`(P}G?PR7?JQ@Rt+h3^=G<7>T!}L~TBk
zslE1_3i{nMEc9!=>hKAIYXQRxUJJU^C)0F2+84-RVA;a3;dLs3+wiKfx@(2}3agjW
z(I$k+L|qSob4MTfhxv%aDSr&qP3*Ef2q;b*TQKp}@GhILYvsngaEP-L&CmaB{@whu
zzj|?Qt_0hMCd+WtJtmHcpt@_fv>UIxE_tQbDtL|}sO4%%Y^9p$e4kr_TCF1=g-H(%
zf*{BiqEEE3_7j4_tlt16L7p)JIaulsz%)W%e+0)XK`GW}x~K_?rFwg%t1f|F3{l9o
z=;~&}XPTc8PSU?6D0BM!U^s$uq{emjp!?dXYr*qo9YjKtLcCOf=a!(t=<DDjNHT0*
z(-Sp&-N~k1=(LtroW)1BN7WX)olGtCz&W$wdbGe-D(g=zgX_862&1%vN<3C`$5^LZ
z<0Dx_oK6Yqik?m=2}+3?5O9W8g(deVnLH>8iJsmmQ*jL}$MwPF5jVBM#qa}6F8GZ3
zd2(@{%rBG2wM^G+Q<$Q549<>io-xVNwNjWbViT&d*TS=hCgE^JY4k(ub))snFNTAH
zHF4|WWXhpW1arfx*RWMBGxyN`gcx%ML7CBE`tCy24YM0~j1!BXmZ%SVaawpHGp@#r
zts|<M-V)UVeU{ytpaAIJSqr5KHEZCrf?Y#Z1{8)`n>RH#vWsC9G?~IH2+rOTlmmV8
zG-8kUK~(fC7T-?%^Om6a=g0+as^2AMR5qgI@HOLtmWjEVZsSUi-@Ye(PpfsByF$0v
zsV<F-ad^qL33H9&0s&$sEj>E&DlL$sffb0g4o`4;6y~`tU{?T`_Bp=XS9P=JK#VnC
z)xuaSX6|j6aah2GEROCG6d|SCR`lo>*|s7mmuj?=d-I-0?+!{pTmfRk1f2P@LYAoD
zX})ph4pOCZL5|kBUp7EH!p%UB9KOzw87Oq`4V9BBQr}XPa;4Tp^cX9-CZb1k$u-gc
zI@I`^HPQb%-1*z@@B~@*(>r{Tauj?v?TA6hGVJ~*sI5zPK>Qzi9NSiR1jT{(3noN{
zY~2wQ01kA#>)(<2Fu}BY=xuakHGH)Si}KtNR0V!PFVZ8KF91W24!!^kCF15QCL{|{
zrt5;E-kiZ#q<X=))?&B?&v?P+3_U8U%(s{kPy^~tAu_y9(j#Oq=tp{t={T5KultPg
zl7-YJ2NLyL?JM^FAZB_5>IEH0kKy!wfx$zjRo<Ehn_|d^t+P3VlAxyWF=CI`b<zOv
zS{iZP!l|;dMVrBA>yL}{`|svInNNYg$7lh(^y>nt0X%3_`r$XN%75fV^)K)w^8Nm8
z!Pb3uWa%hN?u5sksPXVdJ?mdZbz^(SpbJq4dhKI6hVNvZe5neBmEKWQM7BER)|#y9
zEquxXql(t*ku?gZV2NgCy)9D=tVEjW^1*^&=@GO&u(isC?&~c<SHnl4_cp2$!rf$&
z$frOQ=yumWAH)?<!6-&%?nT_WT4^>)8wnz(#PKY0>`PO!y_>$S!bS9cNl+_!uRHg}
z+2i5S<8yoPP>T%LVe7Z*MryI-3|1s*1bxEOk{*dWx@S3CA69y+F>zPK$3ET>R8HRO
zP*h}-xflw~54P2$l0_F&7_x5O5foJp?I;yc1(aEK^kTUkSm%7X0dqzf_;5EUO9P(*
zgo8J%6wq|A6E6hQFaa=w1)my0HC1EWFQx!TmM*xXsLQ<Dgv++fIDQ4s_1>$tbc6Q1
z*`Mv|hKDkT?+B_lzY>+5Rkf(a@2%7lMRQR3m5)g(W6v}EPNoxW+GnTDeDV{HinSCQ
zM2E5kx#Ymm0TIXiC~TY5()ex~_Vr6b2@Q7?^`v*_Kn4eA*=2XdGXRQ8)31h&AbA@G
zj@Duca}<l94=?L(DknV4G!uXe>%^Nz2ts}jgsyU8g`=`9G4h3X6xFB?Z}(%*Ob{16
z+V*WsDmxX1!pg6A1a+^!P16`V^@)2iMN#bM(0$9?EXBoLy31*{mueBS+!K`5eiVyQ
zg{CF6$|KM7gfBClJn|(B9)(0j?d5`)LOPk`t5RvW0J~p<#ho-Vea)eTjgUWlgf_OC
zVB^p;y}hJyG;WE;Mg`5$pPw|2uTlhgKS7ai_z3B;V-kGTC#j-JU)MzD)*v`~l+NWf
z839FA`lkRb!-HKJcEVBA{~l@T;8^sFy&0Fi+GP+MLC$snn>|Z4IKyxxB4gbMs|sfi
z+w9`I`DgcVK0|N8;CA$&n781D7oj44M^Hr^n_yAPv`>EB&4S%q!<|DjWeqx@OY;kY
z$mx;6eTTDk1|_Q&0gqCE-EJO2Nl}Ts_e5K<;UQ0nJ#-ROCile_9y!_y>)q!AKTxd3
z*&Rhy@}L?{j(WtM#mFvQF%EBnqUFzz03j$_?o~Lfa8_b<@kg%6PPJ&5!lWaOyc9*v
zNBgS<Y)(#Czt&i@gP`aUB2T`P-&@=x8;+_S<wAvJ-R>x=oWB;mBdBE_6<cg%otaB+
z?{^3rJOGdE`uPd({c~J|07XIc@kCs~XQKd!KXp6nt5HLaU0^8+q#s;v>@ph-iyp5T
z8Pj({;rkIA1V)g`^hDJ0Y-bB7cvYbhD2VAjFcz<zcIXfh1W1p?JX<27k0|WoJm3WF
zy_l((4OU<D<Bm^TSuK~rJ&2&<I{Kx%;?m=1@oN%25;R(qhGRg>T%s2`S@84$Hdbrq
zwt#~;>Cq#L!h=ao0&9G~(W68|^XtBjQ9Lqw6lYK0YzQxehoE5lNH}^&Mmn~e2uif?
zbd!}6MG_t#??6zJ-FR@&fwRNUW|&ZwV?D3N7bmlOn@>;mj^aUOwjk>vDCGWJQqY;P
z;I|EP4y<utws+-qk`X9M#Sa{Wu2Ob4AJ`^TYUYlhUi_=9Uj&KIfsPt8RawID*G=6T
zax^nK!)j@Utt|x}L`{zd9rt0c;J^6(q(_Ke3mH8^qy>_6_lFIL-)t>cYjz4fA}AF9
zn&{}Uq~qwGD=&ISP*?sqN~0%f>TSAUSY`raD_*0!awXKN=G9uJUg10lo*rd74jwZO
z*FY$7<1pa}+y=_*HA)aQJ)UzMb*~%V)EvLuyEbhyrm8cHD?sbX?`TI0gQrJ{j)O=0
z0_&_L7&iosksC-DW*7!bi74sc^CT-c{*Pq{`e086udr<K5jWKD@v$qf2>)XOVgMpN
zR^%K=0C&&$;7Ua%g9298$CTsCyL#BJ9EEKd^QrKmvqBV@7Jz4}0$vSz7YPdJpHkp!
zX7ae;kZfWd1=rZPqtN+5Tbi7o+8hnTlY<^Nd$o}RzdU`&rEYe{PMpH}9YtY(DosO=
z6_RNhdQ_53)6gTDWSWK^8zs{;^tdXSrlG`ai8al;WW<YB+hT>NQ6kG0?HGF|8!V;5
zO~85QEMN1iHyrOYnEhHKT(|#5FR>Nmi3BSwOw^wH@5hRGR<5BOzo5hRY=YGoBHDF?
z(s-Xnk_)|d$GGjR7#W5P+Pl*{RG9gWU<HP6y~M$ZcV-6QNzqUQYcxbOl*Q@tXU5I5
z*C_qyaqpg=U(9E}x2lFS^F}ohaef4=G(2y%ZAvd-Id&c%nRuhtlldapPL!BBwvGP)
zXdaV+#kFwhXc!|07%_Ta@51wpX{3rUJPCgM2zDSWq292i%<+kABuYn_w?4BaC{gc-
zmMGLlbT61@(9Z<^zaO#2U1!itOTmp0NwB3T@oZyU_uVhb6~G_V1ozG45IPI8do~VJ
zu%S9OLMhk+l$dc`3y6|0V2Qw}3zH95!GX#U*nw3YTEX2OYye6W_UI}xm>k1Ymf@UP
zY#E*xR;FQoZ_W7#y-k4zxF=NxA!3<qL{Vjn?xmS?q8Q}%rD3a}bGcg=f=w|M3(Zuj
zLpcX~5pzDXqN){!YxjwxYbk2<LvCkIa)UANRbi+_31jDv7*>8iS#1TX?LmoH9&y8A
zv8ATw@Hk_ev}%Kxrs9i-#PCGPQjU5%DN6cU)n;G-rC7=)Byx98szgIH?ZMT_WbF+S
z^?K0-41)1R5E;*r=R9?^j5SQ$6RhdrTgc`1CtcJp3}kn0nBQ-cH*1ltdB{w4Pq64i
zCYGYikg8(LIL268eN_ybS0;DWsXRKp=May%Cs^d6AN`$ZnmOaa;tfN()EqU~VFWiO
zctkFpmY^Q&*yFJtY=fz|+|m8&i6-c_ryS@@Fx26GvWgIe$Yfjem=Fz+tUWwvx!^VO
zc9_YkG#hg#`K5+5%xdZQ&$5cZ1>Z6W9{@vQNZ-W$c{;yX^7{pj??4NYV{ciZ6Q1dD
zs8kRJJuBbyaL^-5&%;5<pcY(JmL`a@Y_QOiet=g@NF{z9Tk_v`s6!!VDSCbOCNo>3
zKA*{J;Dul%{=+rgIGDsn@l+I2o5Qz#U$8AHQ?$Ld+yLzWRt5yj)TGNYm*uh7ib2@)
z*j5O(ManW^WxvFMD8?Az^oUpdj=VovyoOIB(dM@1Xq6PTG&&o>rg&HU3{N1iV8|Tl
zw)5K9M%ZhW-P1><9!0I!A`j9vilrWoH;JzrG>lvIFP=OxC{}&wq05y!aT+_k-fxS+
zHh>YmySvBX*aMtF{YN({;!s1dvIBC6uGrb29rhccL<h#qu~}Qg)`L&s10w8^1dBU7
zb*7Vr7;6pe20y`u!WrIX(wl<lDG|t{hUrx0?qd_gr_9Dst{i*v?iqK_v;2AY6stEp
zF$^*>%z1aCet(I4{=Px6;=}7Lp5|@)E9XdbCCafwv3SH=ZLjZ&ceXGZT*Lz!J3Z|>
z&GtpHu*7NnviI~JVw(HQ1;*;ljQ)oIpkNzKMK~LguF>4kLMLx`+N!zk8;UJ*wMq_T
zQ0<06;4*-o9#|^uYU2tdnRZ`rRwb9`*VnjEKHVY&Yg3H$r^Hw2cFc=SMagTaj33yn
zpnL0PT7(q2?<p3W=;ny06p1OX2FS2lP9w_w1uzJcGHvW&=E`{N>tZ0Xe)QlFgiNWV
zmw>&0am<T3i`1RCCs^U(Krc3H)JivYqV$O_41%Rc>9SIr$}h-a;W6t4@Pc6I5w913
zp+}|afzsXJ@vgeS$DP9AfIGfM_&vqy4TDZZTV=j6Ssza*hy)ER1S>Tl%Fe)oV|5R5
zEZrkmpyAli-3<@f9lN`)4+gR!#*5J13zTb1>$X_zzSVGQBf1i7&#CCs<KyE87cawh
zt8)z;(>ycdrB~tebr;cprCq(uY=eZ#-s#=bAJ$C~+@c5;j4&Ak;%k+wTGYt{VjfnD
z@GrwjDRC)es?}_8If$8(3GNW)rOI=(8`)@}RIhnm1wqjxR%1|y^8Q?bIiK-3bI&{B
zAebGZ!ib`>@fk_M#h+kViPIax7Z)3ry784a!o?Zy309#vxebCC=~1{aMt_c&xdngx
z=al5adxG^Vo{j%B-~`#-$-vjDVQAvX7TeR%6D(tK0(un2hhK+vlewu|=aRcmYXW)(
zuW=J(Vxxkkg6;_xxOf%}>TD_!2BnMvCy@ydS3FO2&bv7BOz4M3RmtY!*YjZR0KxJS
zPusyCH<>&2?BKPO(3f6aq*?HoJXsBjqj9slUAQN45ri}q<B4+g?Dm*(`tY(;ZHX3R
zwi2bN;q{R@M=iY^?4GCR=JIBK6A}`?pR8oXH|%D5{AOGf#`brkT(rAQP-8BE)kyrp
zQ}g#^>;&st?APhA=}4-mTGaOCc^(6dTp0h0$LVBcEe=3hYFKULS7#?;RjrKR0#Z<8
zJ1EmCXcn5ROvN|sqNzyDH-t15r#T8~TylvogH)4Xl?Y!5-sp4Ke+O0IXJ#??&l?t}
z_jXUPE`(jXOVRMEvSK8O)hc()(%ao+S1+4YLPV4+yeC*HVt1}#Bqx>*Re2^#CX1LZ
zq{l^G0TsdW5WA=<IJsgnKQb>@65GXw!EZt{2{3BCg_X0gVN)<_MXAG<VS=?I_6QdG
zJ1_<cyVCKi2%9&-dJ(&w>Q)rz#<TcP-6M~vqIFNOB*be>MM`cf&m!H4#suNzIdhkT
zP^MxgE7`2ug+cJkTCl&nUisn<;=c%9B)b>?!|Kb}o$eQ<f{tQR6&nr@Ki^;W>oAq`
zaf1PehF_Y|IO}dHMOLF7UK*MHuDV|V=z}dmkJjwAL<3!J($hcv{YwxIed6MyBrYzn
zgx;z(M?9e0;Wd+-biyt)<e|K2VE9>yK(qISU`<v9;TyvuZzFjgEJAjYFf9Ii5D$4f
z$%%N#8%a*YL(W37$MCH$z;KVCg`c3H{%-#m=M*Z+phw%r@I|<>3CiK`^9aoGRX~5Y
zv$eupotXS)g1Yoi0Q>k~zkDdtUuE|FU#(F3^6M#B$uo>T0j)!Ylvmq~Uw0hf8fzSz
zD6<B>GlY6F1^8&xJ=TF3cZ3;_lw`Z-y*95FKC4iTaDTe4^TieSDwV@B6db+;#n(@q
zs-ybGMlmypnVuoVnx#9X7MJQVjCyuSO6@|YwX{;eUbn^Sy37uH;m0=xn}(7#CN^Ni
z&ypSJvvDSA5IVhBnb%m!KlaJRvs%~}8Q*(buyqJU)4ai|NROGl*)$*@Pt(tWO~F=S
zDPU4k=wnEcqObvk7w4qJ&JXumJQhj>?1gjhSiYNkIWFC;zxiOcTev~#Q#_Ok(VbRG
zT!{k!MkzafZ@=kmH(Cp=&9{URk+(!y*CiHuud@ontSZz*3OX+V+En!FP-m@j1qVVV
z%Vo`VQ@3_zcU|}qaAj~&f4>7ijFJ#dIudV%q4Bv&qu2ldnu-Ypw5MNmR0^XeM}kIM
zP%WIMI2&HpiNrif%)#barmgUP=8}cOkm=j8Z16;HnsedD1+O1OQ{_A;)O&G0ncVmR
zlvOP@5;K>98DV{dzIcL1{8yFBbemWmsmeU*tA2#BQX*12kri0OX#^`a3I<@&r!&W6
zx3sN+X9jTuRPv5C7jBLIsVLhUU?N9x#-XoXrObxF`W4lPFld+J5XMN~lyrQEddOjv
z^!##hUD-Bk=H#o~MIf-zeM`?Y^ey_9z6TGx5z$yC8%9Le3KX$z*c3UD^`qFEAHpjx
zK~e6f`*Mc${?NjLrfMYbT7^MUB0F!}z2u^ccD0PWUQu_x_BC~Sw2>9>0WCe>-QHl%
z3R$}HW}7~~I}DAU@9i+%!><UVp~Qg-Q6#c#+7hS%rZC~h^4w=~o@(SFs6c&SK~*~C
z12c8R)S}O9bi?arS5=NVyKxvGeNyuzK#cvHapU*WeKAFz=di*G_=840*h3y+D`lJ+
z`E8)UmF^4Z7U4FcPm>zH+KY1V=D_eMCnycQH+h}x-$rUx_Z7V&Ew-f8pif$OoyLc=
zk%WQLHw57?$l4qxrLBe9R#}vdYck#EQ;o43o=ZD0d%J8H9X+CBN|nNtb4AvdHH=i_
zneVnw<K`7Q|AQf$!=KbG!C1o<4ec>9Lx7%abhhu?aELjepwEG12?xk^gqd|RE$9<O
z68NfArXU;3)e43i&$kif*#H|kPu5d5x<Zu_C6de4$Gw^uVW{LiSS~%*J0pRf*Ac^W
zGQH=QIU}8gwGU?shd)fF#QZuNgM-STt4*}BFK2?>9d%p7X4lEYnBTsu$uXRzti>ao
zqLQjs%^(cvWb?peLd@~&5MK(`);Y_i4j-FI=_z;5*yYW2;>*b=UEO*3w^DH8NL0B{
zyw18_9GxwYt4UvfM!_dB7`S=%D1*u0&>ZAKd|q$l(zgHs#IIXlXU^Hp!?@@helVJD
z0s93E!6sC(007am(mX}$1|iLUeuin!WID(3%jg;gU&SN(i=bffJ~y>XsV&qv6B-CO
zY!7Qz@UOCH3nokF*D;k&&4E{H&u*}4ItKE@M1qo%J&xW_GEwDfYtm{qnPmO@x?6dP
zEU#`OT7a$-tIN=a&V2y%X}z_~H#&ZQG9Be-kM$#oa|2o0rpD3}8OwQFrV-Pf5@Yf~
zg^z3a3RsFChiWRuAzd4fUc|7aZ}ZV<EkwyuUNy#YU<px-HF+{^<!29D)vS>N`HKyF
zj~T3|#TZVepZucL_)#ndoqNLKM2R?kbF`C*DW6~w8xH9(p!dh4tSI&Yx?t*gp>-*Y
zni64(LXDN-P1Wl*lMPy|!|M=z@#T8K(=d#8$9_B;=y~iwPyzL`>j;<LWTMO`Yf~0W
z9!5in=ydzSAEH*4i8}ZBIDL)rO~g_{pXInr5i|5S97SrM=VNRMvz?0JUD1e>ja>xw
znxC?v=we}QnCTkpXy?N+>S3%?(Vk}{Uk1Uv1My}T9pQ)auo{6G(qW9`ln@UJryG=e
z;l905D7@`YCfXdYRfm=kZM0M(;E-oAxT@@p%rLHZKx>`{j6QL}s82NBFpVLcEXNNr
zd!SuZG$!MBn<j^IKQA-59)?cNk#!ms2m_=<c6<UXU`a*Q=pK|^T4p9}*QLh#zC|m$
z%9iP%1;VH)@fwfXn=IHU31-$y`E<r})&XClihRw)S1kM+x0w)%0P@K9_Wp6HOV-6y
z1kp_<`W!o)2dJD#PPoe^lYEW>WrGIrX<OIm`Z<N#P?CM_keP6%6sV1O{x~GWabn7T
z%?6UZ8h%e0ASJQ`pHlNq*`o_SP6~~s6jS5AaUI&I2N5$a=~14&BgA5!I*+R_mg3#Z
zv0>JvRHJPt?!?k*nM)j`DAHn*b;Q>S3*EpRoFNI|-7wBXE=`qW7f2BXPl@@AM{v@|
z__DR&d9xmb73!RyWY?HXX!?*{!_+&~qA{hJun^qtpf<Lu{gRk40D$=@E7>^@+dn2#
zoSqW&WP;O^f~G`{cBb)ePIuGdq~@Jn@&Nj*mU(#hC8bFHW}v6yRD;q{pKLH`gEb87
z-jr^EZfqAyJ!l;Biv-ap71wBYZ+%80>uzG7l`fS2^24v2ix0roLKU+BHzlg&BK{2q
zmMxOCT&+jds%Nl2g_#FIA?c?uxr&!ewGB|{2zZo;RT!Q*!l7R4V{L0#uc8ib1QnoP
zJ}@a+hITO-m1<ZzVbNi^*oa`|4ZuSwm}jq#tk9i1n4;?Df+ML<Q&>5hS(m=gme7s3
zRfOPP5EOat;i@u6r2=0A8ICltiJ(P342u%U*@cA%GL=CuIbaSHlNc6(60s4Xg%<<`
zm`C#tXl#o*lrO?aFQi%XDoNo3F-VeEy~a?q6#2zua?CHvM?~DOkf?q!nPT&C^p7IX
z``km38LXMGH7&5Zg_Sq<z{3#faT)js>2~$wmC4PmVRZC34E7feSFFjT_jwG%I`a`D
zlOB-~Un^KQbqy?9xDkoQ0W<{cp9vq~(8Y%DU{x(Qyb*Dw=Ai-TF`oyqWg8A;+tv2V
zlYQJ6a2R9PyO>O-IkE<XiJUZp+3YM=YhZa{Q1pn-fuNrKOTBn{6fM6XD9}7!cJ>D*
z_M+)iD?1TcfZ}2@eda?*f8*@8>PUT=o##5DiYTCa-|T0Bs%NmkGRJU@^smiY9QS^>
zA?OjI@qh-tQ=09j7ZM#gcOynJJtFk2<}7tmlr0Kvfibs}hB49OLt{+XSNmkof_&7=
z)Yj29b2I4NydbFL9HO-rscvBXK~0K5MN$~iKmZqLO+O{L<bt56^9a@W8C!Fs;-tIW
zwU1V>@%t0i4KE1mJa+-Z!>$hlnu;wwK0fZif#anpQ7Y6#+9cRb$<L1a{X23$_GwiM
zn=H(J{`XJjbn_q9@aOK+AECon-(Q4bQ=(20{m3wVDB5sDSjxFWm#VG|R2UCE2K1V}
zMV<Vh=nWRGGT~pTnSk-S&KCrAonI9mJ@PZnF@>OXb0jaqXg8<NC4)JP7X%fYr|ED~
zO3$Zsc)bQLVT_<?IAdI=nqhKBCON8`$`YA!gqe__0`!rCxjz7yjLtAFdgN%QW3k&d
z1%vN*7KV6i^r%tD($FQZ*o66Lq?9V2TI-<rTICAu*9TK@ebrO8*gB_EFhucUG9Bnf
zq-#7nwk519J7AmZq;8!>j8{WJ1C8~Bnzcx9r8Z@3w{Q-1S!F2-<{)_QFLm$NTNn=o
zv$YwpqC&EO<7_gAL--Bm4~CkEI{)&sxvE7WTL7vvwh15MCX<%_*0|{LsIcGLt3(9R
zO{OLtpZzf|72zpVm-<=j#!SmDCq|ZySk-YSS%MPNZwj9tW7>nSIoG&mTeC5`tOQ53
zS08L021$=TeFKnF@hD7w&>!Ge8+h~ci`(S<Ho2HvSNOPcpBE%Hn=HN#d^po7uY{%l
zUq4)*-?J1;$S-k+j*$PjASFlr%-$U&K96rei>ktEh~Z|SXS8~{8O&}RKfI}vrdnz-
zTzY3ip?^ENv1{?RFxaV>)FAuAV9dnENVly-^7E&^`kW6u4Vi&#Mkc^2a<<IXWAe8j
zKYjW0j~|M#&4!?0bzst(;cD$VT^!}8gs|x9mBx?i$uzBBwHe~!z5}u~hO65&6<RMj
zzNle-ThA=)V;hMY6nG@Gt)a?%dqPXl<6TE>mT;cPwh8Xkh!!I<hewUXm)c|S+gM)^
zG_wBt1wrlWCqnxk*D4o1YYC&HXWe>Dbo8j#@2zU!_-p^fyZlH=S!2RQ!Yhdnu&_mj
zMhkBQci7<NkBb^EtiOk@;%UrLpP;05*IhDwu=X@rqKq7HDf3cft*?v8RI3l!R$t$$
zN=l~sbQjlfi{PdFBhEH4nOgO6&^9BgCqjK1AMk=;-I)u5a@7YTzIm!kv?!gD@I_FR
z`jjC$ATH>9?L|q#!08c~6TGhRZuZHPtPd@*RV`BtOoI;=wFW-AVGZt@VHETzOO91Z
z*Q(VbJ`<6YBDIBKYZ<$VRGS}QOC49d!H_Ih!qZ>(wU51t(8X<iH~+kUhbdei-!}AU
z&UixRyx^A4<$2^*NYl0ER>{Qde$FA`u8mV{!vN_KoN=E40~heKOH)Z@Y4HV75mcrg
zby9++dw-b6$E>ev6$VF-%=m(<kGSH%8Z@Xz=7(kUDl(Z6^_~LH&!7H^z7z9={hZbk
zl_-&<{AYvPxkTNeS_mt~^Z&FQxA@O%k%luTCR3;W)(OD`<*9kLks8-Z`<FRA5Luut
z5p`&~H19AvdK^Zh^}7_g3q<Hj<Hb)mdV~hUe}?A*=$#xnrwI#6Tp^!^V|*ekHZm?m
zk(35?RC1^x)(pM{rFc%uts^Bp{fhCJlj%xNeb${!avFZSG^G~{BkG%d7<=44i1y;*
z1Da$$s4|0JP-ZrRNv&j<U6azBK9bGSk69R^X^yLtj~K8Q7}sHalgT8gUl^SUvsAUE
zPX$5Gv(r5B;0GeHOyCbSYK3reG;GPnXI|dUug#JaY9xZJ$V%1O_~Y@jj@jZ=Zfe!S
zuB6vWg$X<<S!;_k%ak5eHr#z4PbUa!TA#8)cU!Nj6s%!3A!Ha(5^ey3eCll*;QbLT
zr}lHgD1Tr4DvXB`uWD*IPb1$i6j~#7GIWRR)R=qZW%Aq%_Q{m2PYEyg0>^HsVzc;B
z>)XKW+tx#U%3+q2ruBgci2>quyI{If576(>;cR$Y80I^2kJ*49JHp5170rY;=1&Pk
zEz3}_Eau!WnVfah#P(6iCO}yfQVYFXOVh+}+7=mev1iYEdgSXZ#{)fj7AJj{iCnDE
z&86D~ybuOTkA_7p?p<<;c;tEhu~F&w-_3tASK+U}4iDj#55H+u{v$7{e_0&6Yk@;3
zt=nQTcuTnP=ux;ay%Aq4rESPQtRWaE3g=PyO|Wj*K;UR;PJ&Y0SY&=!`q_79!eMxv
zKvD^+avz7bgkHseqT$U6s&Kzj&&>%caW89CHknejeZ=tL34rL4u)Q-OJQ${t3<_HN
zbvg`_65Bcqlcy={qySN5tlxHeH8A65s71Es!98|PP?h^B=`#~?wE?~qKWyo-rQQDY
zhe4lqY@`2;lT$X#XpDwoPQ{f9(WNhz3Udx&<-5Md#Dvf<rcO{^q@*;TOji5(9WoWy
zc=j(QsB9e{JsL(wk3l@0wHZc4k3zgGD1A;!wEEk*yXKS0SHnc9y4ArbY5x4_ufP7=
zr@wsq^{@Z_>6f4W<8OaX(yQz?y}iBU%PW2*uCs+$EN-r^?y?&(&#snNiMYJDxX9*k
z`TF+a{Nn2V`r<rIanroISu8J?AJ$Ege?$StTzoG|_Mbn88-y;cIPUg#{@!kkyBam-
z#4T1bf*q5Rw${Jr-3MTydk1S!Nzhb&wWhaREqsVdr@?O%%YV<!1z?x3@7#PuR{8zl
zBK(i2Lk&ZZ&A5XPG}8XaurWx9(`FKx8wwV@c_X|p44Ocy{WHQmKW+YBRSNd+HY$t#
zB6P$8I2Ac^D)ikNC`y~R0Vh7=-G{xm(EhHzm?n&hd}~5^87yk>eq7>$C?^xbeqo5q
zD5}K?y|XT-qJ~C*seSJwS#Gbc!xMTkZR|ZZe0_dCzYHp)%_q~oK3wV**4_bW%<(;g
zG+e{AJR3QQiA<(-z1J@n_c!;qXu%BqVtOW)$Y>HHGV}-U4HLaYWf(O*g7g-sDe<Fc
zq3+0GtO(wmpd|LU$4t-VbV`I+Z)wDHVQC^iZID>u;!wgZK+iMf=zW4jLY2ub+Xu2&
zZ>uOn1wmEp{gQCeCUAn%)|RPt(gr^7wGXaO;57cw-Jq>cBgXMPC#Yk+-*<R}iHB(7
zb93hem8@&jyuqb2!(z-{h#jtW8mj&R999(Y_VCh5P}BO2m)6O&uAhi47fVrQPE*k|
zNAg>%(b>uxSqR_xV;AK3O)w1L@D0z*d5lN+v?i0orZW=gQL7`HY`?iOT<r=#l*389
zu_GZ)h-gkq1bbKla(@9Ihw_Dy(PK+Jrjcaq;K>QzPJ%+%$G4_MD|54S;Vlu^rlL=K
z;=uPP4m`iG;)?sH)6N7IRC1Y<lCHMKqP@ssgHW(dp+^zK9j_2rjsCeY#B)-**4;C9
zd2`)Sr+(Lke=8;7tNI)FUbD7)1s{MRBYE~1ku)-&O!)dOBo^lc)ve!{KoAtR9%|os
z9RN5Tyg&eFPEg<46+z+f#fJXYB9pMWn&(cv0@XP1Iu<A>BMwHB30sE@{7+)tjewcK
z*J!EH^%gOFDbc3qL-r&Yc!+9ClZwwyX$Fc)*WvNK5(+MN&bly4s%9$KkrEpWfI)$x
z7QeR=<7)KGQId9HbLDYG#|7G39CHjG3@={<^{nH7clJ9Y=?!Eg0xKoj71)w9ks6(H
z8?>i;vF?ViR>)MtXbIA*K+pD7@7=)y-R`DlS48L1<6A+vaQh=SV;Qd1wjOgB=v1`o
zRTPsy`fJ~Jtz$CK?8|U951VQT%3<$!wNp&Sz=I8Zld88as7uefmpT`NJ!E#a0sCod
z33C7sBoTIk$z-%oX_DS-;7ql%z79vZYbgmsro_)2<lUMS)~A&DdLz)2Y`l97;ssq?
z97@K!mMB%pc~IYXPEc<9ZMX|rRqo@!-AbP!1uvx5QAbRI3f%|RyK<p;-S=Tt%QBS}
zmdL6F8g%*oOSVdueIxGmys?tO;TECC<fd+s_s900Hy7Ro%|meo-*qQQ^UevXgYToW
zn;L`v%VySAtD0v5BVp~8Fvj=5-W<lEcyz?rd=Dhd_nxbaoQ^Ou*PYgLYTq2`KP4yx
zZZRU<!9#3}AQ-ax-!ZGqtXg9{;U)8cOMjjYZzBY?!AHjV#H=wI^+5p_&$lpwwOfiX
zl9HLKhp3JchDwiBc{;EbJa5*$&Bs2s$rPQNB1)NUPEaX)e<YiG`;(CK%-GslSYso+
z^itFff13$Qj}INSX}Yy|y<OBYbFH!y%z_?RHY!LG#hVC<kneZDms%KF`-U5>X}4J>
z8ZPsQ5&w>8l&6ZOTaCk}K<RuGIY6segNEJ+#P5M#!AWj|DDjixL;4Bol0SF+`aP`S
z5nVc&EcxT(;|}UfJ(ifToVW@2f$Qq)N11(peRGWom?0!oiPPyl*wnn#CZjXwTT%C+
zAQy8Z>8#QS>+EEL<u3|<aa$8^LY9PN-e_;5V(<lbVI*n{tM*csVsKa-z03;HtW}tj
z5)?4+!+#PRLmzfL5|k$&pm2HU%**hbkB-l0A*fFt1b6T%vqs1;V1m@j*)9NDy5=Pi
z3|O*KBYzp+kMDs#nG-FX0?~aG5u`;>Rs2BkI@dDAp_qy);$TNgS^S8XFB2P)t14Nm
z$40q%b-=W54QVsC{mfbC1t`ViNcIsn+&U~#J13|=9^><EQD_)iPd}WJ6-iNT{HVvr
z^|Y%Li3iyh{)Q(oL9Owa9yQ0io+hIC;uMz-DUI=`PqLjSf6K;ojKU!4k)qvfhMnh_
zLB&jI_XuMuSzYj_M{e)<fcdE&bE%zl&jM3`&C@V+N(8A(-&nxfx-K{>wmPjjEpns3
zgz{2*q65soK3mkVHMxb^i*(`b;dY?Js9vQVE}$K>jn-MUIj`BSWL3oAphwAiX)cd`
zPl{_dnbuW$_V=5By^&hitW$Hd!R9Aq77$b!KhQ$fCc<mn=nN|#<eV<H>S4(GL>&Ts
zNl<(I0B8dgh?)~{H0eJ%hh2T?nQAvo#-m}$e`k#GY=ei=y*H)2vdIY%fsL00rOXet
z)VAbss~sBfYaULi26ahL-TcrLSmO|9nea8;x<ZCwfK(aYcoj64M#2H``p(dHzR3f*
zknaAoaBI+`g0I}&^vK`=4GG-;E$&U5qiw>eB*R)Iv^I*{@iUkb2Yd<Qr7W}4gg7rr
zX{jHTW$g%Izi}r#f8<;3w{qC1;8D&uF}u>cpmjZ|9s1aJ7Bm-b->Il9N2aJ&qpPD)
zKy2WgWbIzK$HD5L+SU353(n<a67N$IJ%TFn&jB615E9glKY(}SoAdDpN5mZV4?E_{
zUV!ARkfkhO&B26nG&jV|34)^ZhmVH?Qy1erJ7GY)3+flQQo@g@jgoa&g&p_SKDQ^_
z81I7lMKy*Q?U=)cf!`=~4jV@WMB-7^nOD9U4;xbtX`r7RZY_E=@;M1!@l%B!iHute
zx|6}jz&iN|%i>z(`E0ixyGkB=!zSEnl<22xwS5&C)EF;qLF{y`Or)bJCk30X0Hi=$
zzmX{{s@7&ZTd(2FG^rU=u;An(TM1h@!?xtGpg_2RC~?&=Keu4r9~dDkT!i97K`$p0
z%YPNP-X0BWMrSY!LY_=H|1}^-FOQRn;=cw;Crjdr;V`~L2U`ORq$#El#{N!tVkVoD
zET5AJ>VIooREb_Eex<eDT(sphNcUiO3Iij^$zG+ysB*6tcNjr>^g6&O(VC+p(MMd5
zwJqYS6kigQx(^vthV(axkD%K9x9CPvGWf^Ii_uy#Cksr=$I9p#p5+o<p^S}suo3Qv
z4G*|Yr~k=}1rg>ii}4r`RLMWk=c;WMs)aL`ufomhHjh`#za*%be*mS=SL%B5h)X|{
z+BiO|c9F}}PXwT}Th-RMV8dZ0kF|;ul-VcKH1r78Fs1Eyqs;ayNuxz@=kBo4kD%^;
zKQuaPpQ|NyeBV1^nV?G0PTBx>ri856Mzft-<Ku-iVkrFY!SD#m^B;iO^<8`z2ti%`
zC#JGnz4z9&Fic9+?i<3SN7_1D+Y*CK@uTq+nYO@R3xPXt`mj)6Pk{I?7+aKkP8L;e
zU6d~WC^sHD_#*Qj*syXD;X5ED(f{(8ZdtI)L0x8^F&Eja<*LLA7Fw%aKc!pP!%anx
zxan=lD@5ysa=P|mC_B4W&=jr+y>Tw#kq%CNGZfGEf#7%@39d$iwXfwKZj7l|T%eY(
zn@+p!f)2G+;%xLdK2pijtaD1@D1aAyl)Q0yTlE$bF6BSZmiV2|ukOxof|Xe>Db@`b
z`Ypv*j%!F)hbQSrQ6(!o-<~rv2$H(DfK89&?XM20OtZvEPDQHlUJ@)1aA4W1%w|!U
z3IXN`b2+<ai?kW3SXg<XRJb<WCBb3=&s^%mQ0cM0<ML9{M3A^eepgqjYnag<@c*~>
zt<8<&$d*4w(f1pQWtX3Eqqn2BXJ%(3X70>R&)pCEWdb50iEWBt5u{wMU%#0NfDcg;
zK-pDF-`$ArvPC_t1AxHE*U9hz@Z*FB=Q@F*$l!~>+~Q!sB2Q;HAsF@wn4<jB=IIj^
zqz<&xM5AE8##6b29dQHm<7%lkTMZ}6vI9Q+gyTpqMYPs=vuT$E;4=YOIjM>wN39B&
zk{8-cv60*o%+S0{Dk%-H>(*!1ita_?^B?~7uie#$Os8MNkpJH#P7D?P>3CU5n+Z9W
zH}E4wKVlX+YW4pJ*!&pNRGDT1izHTKTHSqOsL;QCK~}IT)Ylw?Q%-F&nh`Km*guVE
zF=>59O;z&J^%jATGvlYR2VR&fFcj7g41`e)uzV|JhiaRYXlzRWtwjI~Bi+=x%)eRR
z1~s3dXRt4AeAl#348{0g+b#JMLka%3-KzM}r#bi*P7`g$BIQS%W&vKomSvNM?H=Yj
zWrcC`V_1jO;Ls&8)*#InnIeZga7mQDt0U`$7>f2!0XxlrLNznYbB3z?Z-tB>af)4}
z)TAnQY4T%J-vuT=t`xUU7gY-%Nb1H`?IH}7AN9emO5OP}ek7>%01EG<$b5HObP9(t
z@}ojyjCPe`XpVky0X!$sV&#g%Ao=m3G05>8#_z2BXph}sx-bOIS-#!2jcxaVcd4I4
zo3~>3qHX|Oaip;?4UYgn0(58uRJpM-S;LJ<E_EA5crp3>ScFb2<H!u6rFw>B+$V-w
z`##mtOKsa0FM!XScxupu%jajIWh3)&FY8YX_4N-e?%md48inoo8*{EQl)&GcK!e8G
zlMxMkR>VB<qeK%tK1tBxiauc&O5sOBTVT)-wjJ1!@QE-|enbd9B6p6=Wa`zNF^T->
z&twuu`0&h#N5_u@okSM~#E;XQGCQItilLVMWTHCrsaD8itnWM?AwSacrPYlz3A__~
z?a?D@4WuGuuRk%=s-Mi5YpG6OC2O&pkJ_o2DkO%I^o}PdnBA(&<P6%(QG$L93N!XG
z-&(h2(<vy0aq;6J9v3FRn32Z`^CKiI&f2*t!sz&MkK^b_m?#z)Kj!hq<~c+0cZbl1
zgi+j+<hFF}L&2^uPZ%0M9unhSa_~+`J-)`}bi+{B{b;&utz`C+6tc`P`x(uK#Kqkt
zJe3So4wsl9?TZ`pvPBLwI|t~7qmuhD^=V{L`6t4t_|c$eRTO<Ovcis*I}IP!w@njy
z3G2W#bsHtpal=r*eK=dgxcD$Nz-|Izbo_YHu>Nc<8}%$-4qYP$BKi~k9o*5uW-)vU
zGoU8vQQ>jn$EyyFi?_hU?m7&KADP<QgI20m=m#ENHi)}xDEF+ESfA+5aJ%Xk_PATs
z8Wo(i4(d$Yuu^TeBjGCPv5n(29VROcip=0&cEO<tjQsc)!07wjBPOqqf!0oeSw249
zCyb601#{VhUA<)D?@qsJ{f;%w(oBmMr#fhq-!RltS6?fbI8%c);Mo)Iw^%}aI2~0C
z-w{U4k20M=JiTcri2ZV}RFv-J4MTnO(Ewnru(<~7paQaCe7iIpj8~!NN4KyuI>0N?
z6s{BV)JEK{{Akq}#pn@sIt1cWXJ_Py-!N1vKLyn)WMH<_a*zV$jKA1K;v0@~<uP0;
z+kQ*RofMm3OT!z6+Tys=__KBJI~_O0i(9*4@7oP4Rq!b^a<J{0G-3w~(Z3?%rsTwr
z6t>doZp}5y#8vPqPJX0Or5tGSkRE(Qg5C`);qPM*Vb0)898G2Va$uKrttQ<zyeQRI
zOb$}vCYv{`l);Y-LzEA#+kAg%bo%p8*MFjqfu93!2Rwo&Km2ZVN&d>^i5D)>$CuXa
zb~$)gcsMzcuHkSFtYEml%fZ^Ezd{K{VOX44m4yWcZI1Lg*=h_=!r5e1Wt=tNmXtGP
zk}x(-Tx&RGxo$)TAK`w&p)0a_TB;WY$cbTn7l54D)PI3Jj1zNv!##{2YkNaB!-=q6
zg2yn_LVurkKP$EMx47?FDW<;}Yhk63KHQ{-!NtMvVyVLcVOHAaLs0PLyA_DPFWbDp
z{=hCL!bOr~;Zi}uK)F(~6SKD%g^H)US6+%?SWT>zUe~hPg!$XWbj!~YVlu~sn0_T0
zsz3bqST&{_hVtdTl-7iXFH9jL&S8Em>l7xJ@gQ{D$aRFbnxWwMDR{O|BJj%R+UAx=
z$sgP>R3Cr!!el5l-eV%Q2G~xK6&I+k8G(lrt(nZxuoAUbm3HaLi@tU*I%3aIU%ZE_
zOBDAK^EE<mSc!!1!@>rOI)hnqz#OPqMTs{IwY^989hzghHLt_S$pPi{{V{Uqeux2;
zJHx-mP;UE8;qjv^$Kg$UCc?B;rR%V9#ZgB4D9nzybV=l3UKmwLR4MLE3)q@sDGf)h
z?W5>>kvV&Kdiko!sDxqjV?D=V_uVD-vK5g_q*~WmUfO)WxH`KVh6>!r(c=Lm#`HnR
zf-qsj_XxC?qDXJ6XPoNwzsxQ*(PlJ50dARhw`hWYRpyCv6`4e4J6jZ0)p}cDAILS3
zN6K#drOJ1@F+amIu)l4$m>pQia@`_}PB*flctD|=xGj$#^Exmt)>Me|kcS~N@Fan$
zlgi%{oUS!YujQ2sM=z<Zp??aX0xBaTr;{HG8&0RGl!6`2dr6%I=+foflLNXv><=@z
z+>6tP$Acej8;-}9Qf}pws=JhRgXyn8)WlP%pQ*JyHCGDb<j32Nd5N9!U00@yv9Eni
zyz>bxL;dg948)P3DDYgnNsQhs263<OK=C7euNkO7+yVL0fzu;AO8m$n$5G<scN-;x
z>_tqw->gX3qD!H`R=Pl<!UrrXwes%_l@m3Li9dFbhsz#M4Ox7*mCwnk_jYMetTfC|
zt@2D|SgwkO60GTkEHHCjM0jIaiI$&2=yhnuTHO<#u#q)NXt)=<7)r!F&WSg^an3G7
zxpE_`B!v&eawrKms4iLyCRXL@hM`jVQ2`9!<HitfWr}Zjmp1s7#6T;7I-rt*LKr<i
zIyMo5K&%6u4`WMrJ@7C@PF(8Er63pznB#oma>WupGff<btWabqSN>xwi5Y5{zhzsO
z8-_CGqiRe9Viz-=EH@ijhU+gGYM9$&zElk|*j0`MV0x+3>WIvPVW?C--gc%76K9d;
z)KWdCv=~InO0oQRDSof^v?HAe$^K&_R`N?2-TP)ghvFA!^?$!%s7^j!&}fd)apN4f
zV4MKxRlaT`yA9ni6e|B-_bhi(lr6W$0u$~e4P)ZRhsKz2uBK$qf_yfsR5+75M!)=q
zp?-OY)>@>UD92d90tny|<L-FRmbPI}#4_f`kWPtoY$W*xdnxxLqLpFX{7BTRG|+D@
zrh)$a{JaMT%u7`oQY_Ocw)#-d$#0JP{RO$7_`I$asc0JU+h0DDb@MlyY3p8Re!=XB
zpRa<j--AT@*-HI44CT?M0`MC4p}4M-H}63n{S~vto%~d_{)&z3sB2bgWo$df8-~Z7
z@w^fqKk{=KGliqJdK@ppG*ertX!0zKlOOfD(1i2jLU9vbZ-7gX6BHe1LYmYFRT~%r
zS?G1wJ}f){+&xX5VeSn8iWr7)-7*wj-<w#Rw%u01-*+B{cx?QrQOMKKWpmIhE~1fM
ziZl_bgWf^)wJJ3FuL}*P*`9DZp2JvQWyJEu1)YL%-`k6csW&R!py}9_u&?ZEI@~68
z>pWtz5(AxWOji)iMkTmYZ?T$#Qu};5m$Be|ywttlyuf<cqWNA^hevG7Agbj0>iXjy
zhN414#GQZnySb{>Hg5r_$;2*b!rd}dRDT;>{CHG2?rl`s))D@OTZU5UGR1NlIQ?PA
zg}wC!)9Esae*$x~J%#c)DS2%gx-DTZ1_IT*3^Uim@cD739}1rzW17G>Sczm+ssJX2
ztdvA8d7ri)1j$fZ{X2lX6pva0MK>SdTNAwNk5~7}$NS{!+J?fdXc}!yaMHRK^!AX&
z=dnSLNoA!h{r~y_R-{N(-Q+7uEevOx-7-{BpFO(^AD&ZU`~vi-YHVT^9tM6+tJA|k
zr*Zu9=1!XG+^FH!yYSJQUDq7}rxsrp274(cH7t@tjG5Y{x+v6ICBJ?CyRQyKYls#y
ztxSNmEySwO&&faj`1uci{o{vi&}VbYQC|J@O-sww`gOWI%I?U;all_)I$r#$eh1_$
zJPh%0-vQYg!!>Q1Dq~g>pTwF-8<~Z3Y?mAO%V-kX(a>e_GGiq8@vd`Q>G@8k0=}CV
z^wnF}x(#O)-?CD952p4#Z#2-Ej<tl*@$+uIB|3i8%XNLWKcYi^x2)vTQClLBRi4;Z
z+$uw-g?EBGZ1D6i%Nj0he)gTa!yx%_sBXIQ^vU|u@-jsShH@RdZ3S5v+NBuNA>ZoT
zdsSKKr_T>@4UY&}MoO^WvQjyBDzml=Z%2fB-MpBV$+rvz&JSjM%hZ(UQJSH!cFR!T
ze9jUb5El%-Zh_h%l?&Hi+%nWPpAmJ94zu50Om_Ux7F*SMiiv6P!K%h8#hqyI)C{BG
zM_CG(pJt<5qoOMjZ&`_pTNrJXq4bv%1fws2C8S_1$p%xh)~<DcyDseOjdu~cyse+E
zf1SPpYv|*-94n3TLpNk0x6<;tqKG>RS*eltklZfm`kC3I#9bSg*oFb}BRJzZ0|u_(
zYnO&j5{oa4iXVd+O%gW1Fy5HQ-)E>h-7?e>cjZjt8Fw7mgZc#eZdu0fBA4Pb6Rp1A
zKK~tKC-gx4mezR%#siX+|7`F$&lQ&KD`jQ-{#PsUi2rq?(qQGpEkhOYHz^3dWhf;s
zvt4d*ue3jflV8iX=u1>XoyjmdejLW2_q$YuOGNOSNc`=_Q$4&H+66E>1#(VG3rfI(
zSYkUUiTR1J+2m0vink2q!~?~lM63n;6;ukHRa<w<P+9y<@-Z2ziT@Z|_hLHZ@ZIwU
zdDj-T5p?!p9C7=g+N-M%=#u%M%M89jnb`^^z0SkznxVY-q?)B)v#><d0(U2$F<>tU
zX@dGDw--|we`R(i+@-oLeJKb=o}K222M>RkzAHAwR`^9p*BC5EVoNqZ^V9wH?G=hH
z1O|zt5V`FQWAl&4k2+?Hw{lbK7EUFz(cxZRw+xlXvrHSGB!rIfy~pu%f}yVXoE^G5
zdUd5?53>a!!-SIX05IfJKXw4#AJKAZKQmVO`{Gw&Je+vdL<(;h4soZCpTTEYCTCW#
z-!fDUpQe|4&1|<+aajDS^<zNiwvABFF=jc6gby<$28cK9QkY6V!MwwSi{Z<{FyB#l
z%qINU6~08{uc|Rk3TGB?XmWq%K-97f1<PXW23Er0lN;M-B~ya3+UACu*$jjBHh<HO
z$e4?rd)G5m0RNHefge4KlRnE-q1G7YGVKzc2m|Fu!=g6#uDC=!%c9tCckQpA?sYwQ
z)me?MZ&}HGAEGzdF2dN9eb_@VQ55V^_)f5I*hJu1Y0g_#a^HTPEQhvuw-^!$%VP#f
zWu?*`g0_NL#eZhN<4E7$Xy*7)vsJCjCeymMzX|+x1|WVUY+@6_FQe8wc(^*^5!q7i
zmZA3cK1`XWaFW&}9^W53y&4#W8ETbnWcZ9_sLFjx`iwHJcEFdSmn}o#?fv=m#-J}d
zw%Pv_<jfmE8lz#Dm*PrW)s-)n8fy-(Kca8tQ}`QmCn&E{Qo6mEtoHd6aw)EH{x{}F
zAL6q|!|3=ih|^V@VMP2W#4D51S&3GE$8guh<g4LEsk+^Plr(?){P%zT`SX8#{@36C
z^7)^C`rAMLnxr?`eR_ZYNv>|>jk?X2YPr0-y?My))OB{Vx=GZhtE;Q*8ZHCh`G_ia
zS0B?96=!blma9*z51VFN{DK0Gh5A{Q;y-^24+vjcaXjqp;=SD(cU?Ql;#TWCf*rGx
zwl-gi?gId~hh@5+l%j9BjMdj&lOeCcZwt%66m$XDC7e5VzaXppd2kW_$Aat7!0=-;
z&hUXjnyw6+gOoUJCY8CRV8PQH;eBDy3`*_KNb~%>`#;!~@-H?kOZ-!rhz;;k<jASe
zcYB~JZQTY~d=%ZsPRho=s_)MVtD<<JR9*p_8oVF3xG>5~5vo_FxQwz|oY1@IYAUc5
zIo#ThK9l918Yzc{;!^Bu!iH}@e!Tt^Rz|y+_I0Q)9FoQY-!mw~C9dV!$SfvuF|F&#
zyj(rrJ>H|bWau07bFoBblaR>JH`zNTdWp&~YJLRiN1*1!kIq8fk;7;aJcg3k-ybu-
zkkgzDvEI{&c40}GpEgNs>+(>-Bfu{*<>-BaL_(LzKHCSfSHDzIjtYjV*wdD9(JpX?
z($<!#b<zgD?zK;@Prw>~>R#Zw#zqCc8R}S1=MG;$`4CNfZSEaICF>eBZ*c3(uyd~$
zVu!1phN`~+#)<~s9^6{*7;0Mo*sb;MVp`WHa?909m6_92q~S<@Zw&@pMU!uppZswM
za{MM(24H-{BeKV2IHq-XF*$5LD}f)iI&#SNhpWKdZVQMCu*4g?65@o2?pTRn4_iP^
zH}G*PUl<ubw$x)9NyZKy#78^t7z$w@Kbn?pUeMNsFNwf*Df%=K2Yy6x;Oi?Zt~j+$
zI~Q0`$>olfbhULBO)`rKp%S~T8D$W6yh33&`g3!L?^x+tcaOxUyW5UB^`|cUTj?DB
zRR6-sbJlmS;R7&bq{yBlibn1(CVc%PBo^-&s$2hH0>Mz&dZ>NlbpXIRc!dDY9Y=lZ
zimK5_3m49vRAE4BS+q)E*T-_86*D9JdUr8x>&V;HCC{1>{NXD`&p7=wtK%5P&W}P3
zO0|Z+ivh+kEPl-Cz}gipo;B2S7q8nMYteE?cMP?whaj_Du1jrz%17r3-!T-S9zt>o
zIla&Uv89Sqw%qINQG^9K&ob<mVJJ0y0IyL^TT#m?(!C3#;>Ul6sG?niti+_@Q)-!X
z`u<+(KG_<qbWOjsIrayW@Qq-~o>asE&q`tXu=c%JUZ+mHNu;f5^wv5&b1Hn>>4>9%
zmBh52#L?*v$2XjBNLj$<z}zY@KEA?-qFjhtP_7l(*!YSJjzda0bjj^u@SLd4cm*fD
z$dA}4Su`8?^p&a+wlIYp3aEr}UW&#XQi4Sf1DKl)b?3v4bAM4&0nN0VDlC9qUh9(h
z>vh=Oa4|LNi-Nus>A5IqPPAz6HqJDr|MfX?U7D!7e-EI~>bwa1ty!s9|1i)DsgsNJ
zFI%uJl`(Q{B?mnRw&yaIkx`sE!%#&SCnsuk3MWi^X($V{kS_qTb04V^z7s~-^D^JI
zTg+%SF%~yNo$SNNhgV@SFU&^Pz1ttv?qJE=#t9uM3!~@6#$wU?h3&8TZ6J)66a6}c
zcA#CThPl8Cm*+o<?Mw@R@zcVC!OzuncrZG5>EPLpnucLAbUht}2^R4VryD=bV-2HY
z=yM9*zd328G%7|=^zLFR+b68zDjz7M?mZN$u2H;MmKkaR$8W_9rMCBg0<#t>%bO09
z&3nKvLWVJAm#V@JgY{Fnd?=xIvS{tur0Y!8;nCnny!J-JAzRgQjgKQHm><X5g9JOR
zYCMN<)iz;R{0P+P8+4<eVR80VbMAaubcvdnkr0N>k2%G_#<)ga8f+*Nfsr3yI%{gf
zKsj-tE;C{Y1ZT6AD2C$7xQ!~Pv~dr1X9W3I?8|YDUk?`!h;dC`b5N3NF-)Bre1+T>
zrga%t;X&ub%y<vF9a@>~w-K%t#Tha(0kFUW;}E6KR1MDnKlT{4hsj_svb&4vn7<Ah
zcD8I(WM|wvhC1YXAhF_Fm01K7_I&T)d{s4OCN>=xwl`{ICNM(@@)*o6{x>VHg`wE^
z9@L47O&Aj=2FUyT^45PTDInt{Ij}8p>{zpBqP1%3m)P<jRx;-CcRm<KV9C?tb{Vm!
zb0T;#C=D#|LWxzOzUGv&xv6#26ftfpjw0nTR4O`&h@m`r<N>|QsU;(9ax1uKPzWYA
zAB>eM`9aWawXS7mQ>JMm7n3Vtl<$*!9pE7g0mPX?COMogMPbklX`hmXaAY(-{gJH*
z`Kg*>7YTw5niPWU(znNNfl7~Nu{WCbYIra>QMjS>%EU`OxzFRPj~NPz@4*|W8jqg|
zW8=i3c=Of$zB@DYAMaSHne!gzBbvamkq1`7>bytV`6UJ+=J4opVzj(R7qiRIUZ~n7
zn19`_5$T0xs5!q+zpR2HQVDx??$N_gZ$6?%5o2XtUjKgd*IgHbv9a|+m<7LZ9n<I5
z>oOFo-@^^Y6dsJGX|o(FZ@|#-$(CVs4C(Y3ot-^e-SDd_bY*iH)E4JE!eY3XLjCJZ
zsclPiXQ+|jL{Rdm)CPt!_h-TmL*>Mx4`*@YO->!C^s_V-E#_u}ais`woVe?;qo~hw
zjc>wp$52H-YK7Y47W>cX6!oRjyxOQbVkZATdy8dn`BprjN2RIrv_Yj^L0!9$FzXdY
zWGTHEtNO@y1Q%lNBu=D`_xSsCZkNU#lPk%pBLVNxg-!C#yGoC>{R)paCtf=8{f$dE
zeZAsXjRARlr-pBbAo+&k=x}Sdz|G6%Tzwr@4HCva(GGG~UrkO?N=Ytc3^q<wc8IMW
z2vTfwbjwkVM0CzPt1bq|Ce0T;bZX+RC|AIDOT*5ai#08nh0&55n+*_##EF|8-Gc^x
z1YeAZN=9wtLpQ?#sN=g}-(9S0!5K3;skU6WUkJUgp4Vj&0h<$#J+=!CexJ7!aUzMM
zIi;n#YD;QmZ<0)9WFBX9b}VG^EMHKGFNpABjSPO^UdyWW!E_eA3>mVXQJ1!8+nH6D
zgBbux$w}6kXu!A&6CQ?b4Th_9$YQ%B`@Rq|0v{*d^F8o!;yhD)eTBX;BcEd!7$@fQ
zX7&Zc_5&kSR&f^lF}(nn*><O)#Jy#)%8TeS3y!S`4$a?QammQl8V1RU%S=H!56C=4
z>wAXH2o8W6Xn%ChO49|Um(t|v-rR<PbK*27mh7JI@MWmP{?qlZ_^Dy6oaoJ|bHgdF
zbxj7S=z4zyFypami$dgEG{sgmyu<ROzBvJAM4F}!T3`1Jn-dI&X4q3r4D>By3V81s
zwjCJrSvXqUy=-;(aB=}z7#MFJ)ZM$gQZ;ij>+Tu$7Z?I_X+NlTQOc&vJ)MP+Hz(>5
zij|V&Twgf-As;`Bahu;?tl7ZqiNwo(B5fnxuFsYgq>lj0n;5;-oU&>)5VF3Od6{8v
z*@agPLvePe7#0DQH#rJGr4I{Z<V}k9LwcRyAFf$Uc?kpLO>G9Ok9rU-`U}4GuM@hA
zm`i?4=Rm8i(WT-1=Gf3CYtyI`lwtFLEYsA)8bd_zN&AnZ{jm28n*+=+RAf0aNxCd)
zHxgjNM4KfX+X?t2kQHVW;722Ghd)ow=ZFf@dxq@;Mv+b5sRS)ei48Bn(!vf#nc4w(
zOq=x@Fkz^?DN$#kRMc7??$)|3u>)Wb7{mSn+ZXetNV<|{#Hi|M&Ha0Zy#r1oT1<o-
zh`8rAJzwI-neo$@3KTv>Sv4Ps8VK7aV)L@B^Gv{*Y71p;-2-U_nU^x%)VlPFZ)D)m
zGbk;px;(M)*zn_01VeqT3SGmPJmG;fERyw4>$<^n3pVIhw?+&uhe0!BRU^<VT@?CR
z)z&APqF!*=8Oo|d!68)3)?iAdZFC6JMqTo(YLY*p7Va@EcocL16G&A^F3Seie~YOp
z5jQ+Pwl#kw{9QcKYIEMih(z1_i}f^k!$Amx<j1_iAiHheH8~jn@LW7{|K`WX&K`hy
z$XPWtI2ZXwH#XO0`7#$iKXx|*zQzuNTdKOmH+8KYW{v?rVmBUxxW-EN3>z7ohl4w>
zip9Z?Nx3*MH6=qYTdlI(B=)iEEjOx*2rHT0v+5!+%?&()b>Bo>ROtH$UKr6);GR`S
zf%75zruH&TbqlNz-!W?#__3yl^}SYlmTAkd{Xnn4_sXt6_Y7MO48R?2_0yxC+3e?@
zVON0xV4ra36AQ(-#Sbb<P=NMLTL0WLY)7y+7Rq<PIh^HHV7-3WPs6Z3!KpcSRYH56
z>q3ox;#E2C88$8$jEAqq=r6_h`nhM=uV4V}oCZJltU41+APr_|PE()zi%I{l^9H^x
zf%!~eR%AHZmapkc1t-l?>nDS)B$o*`6-+8A@lI=fQLyM<BtHM~&;Qz8eaLkBH4K>_
zT{=9GRjsx;oT-6;$~iF<hNAo<GPSMXTop|o;~r+Hy?=N<k@05rFflrejWtagU|Xq7
zSvOC776nJu{ZX8q!gz4JkCAq@n0<q4D>4=ad?^An*=*_GUqAm-eE#3R0lins?y!9d
zVi*fQ^0H6WtZZDZztV4=)&^Z!pcOi~DiD3dj>C`L{5b6VXwWe+l|-&GlRV3n7)bTH
zW^vIedkm%X2@Qft#zj;Mxzl-uX^Km*#>=$;yB)uQ*QTbti+(7=(D@OiqtG$04F#i&
z+`?U8n^2edJ1I)`Ld`G&FS@M-SbFO`V#nskla3C7FEeu`^Ketc3&isVGv78~w;9rT
z5a?F6=qXLC^bbh!H#i^+b@-1Ch*1S>hGMOCHX4)}B?Alv`A^;g0CS8r0wO;aHYnPm
z-}^XY+bq%kL&syOTq#x<AwR#<$w~B1HY|mhqlkIWP%}T*M4SCjv5{Z`EzYo5S!w2<
z!q&YKw%5GLNvmZAaB&fbQSxI~hf&(>P211|9*2SPqfy^u`uH)X!zd9Es(pnK@gqPo
z@A}4|Hbg0NjJ~C+YE0r3B5b#FwaC;e$0nRvmg67AQXRQcs0{^Y$Wm?OF4tJVvu<Ub
z)i5UEeduBW>iagl_>FpGndI~T6#pZxi_-nYRLvWeZm@i+g?s8{Z&sVzWF<`l#!C9s
z2U1)J*-miRDA|`}qjdw9$^A(|$PB|0$x@0cx%qf~_kd2p&|vT*J_nYzjg}`pZp<bZ
zZ6#y@)F5KL@*_VnD8sn;ah<opbt#?`xJ6}Ep#kZloXbM56O4goXhFgsQ*~A61{0QK
z_9902Zda~kgB4DDF}FACr^k=?w`hWdhUHSk=;*fV&<(KXG7aP4$AeBR+r4Oi7#%<U
zvz6%vIRL!^g#^GX-d2rR75drX6w9`FqUu1QcCu(OG>lLGf;OjZB)lz1y+2}|GUQ9c
zm<CMtwisXX(%1feRo6<S8`&&Icd@{fH2StE>#XprQlK_CBCHg`rz_rTpju)WUyjF0
zh&yy6V}cIM)xy!^0z0ZuPt|t4soHSn4l8x-Sg`pPTaK#Xx(x$;Pi)BpU1D);47a$L
z-u5K^INDlzwf-;yrtIjD0fYUlw)r<QRfcdSn439vYtpXar})z9MjB_7n#P+k_jlLm
zPzVhPKbO%d3w;YXBFyZIiEO{!Qsu{m-iis-@oMS!tdzAcHw>)gw?hXD?MF6G2~~U+
zL){nLw&?jV<V!K6=jZ1=z<@&G6eIcn9cDS99hf@8(1yKffgT9*GXV@~)nUQ_-xDi3
zRKGXr4iJXSk005l74AoT^4Y~SxTmYLfDbDT+NPOKO@d!P`OQf#{e`Id=XI^9V%&(|
z{_>fY?B7b-qTK7uFNG}EKVOAma|)wXEzOnx8UFI`g6g;%4kNjgYGM^Wuw+Js+icu3
z6ytV#r~T0v|HR*F44Kf;X~TLB>IT+T_27mHSHm#*F`dI&Shk3^OzRihad(~+_X9&I
z?vRL`mD-sjU-xh^-R+Pco;av486`hFxoOeNEHozlsd|g*#BiviV~aAfG4bt1bQAy=
zfHg9&Zys-msD(y@H`Up5;&sO6?-=H;m3$JJaw30WsQf4n)<b})ff3H|*MCoOv9mYZ
zhl@#TN8O%7bJE_UBh%5>pLKbNT|OK7ifn2PX>uDMB)j_b3H6{tgK{Z;bi(2y^hL3S
zH?CXMGb=S<r`@X94&n$lI_QEkxZvRvOpF=!z)`CE%|dDq7gOjybD{SgRY$CXj^VZS
zfA*>RrqAyX-kP%+9QO|o5$l~F<Fdm7YnR%X`po;G;9Vov-SfseS+G595G+GkZ%eCW
zrY(=`J1$ZdfE$bPI!L;qkxMw4ce(uzVf4JiZR3^~>xf{?14mu&0it<rY91Jhcz3PK
z5~tIh%rtZus&&5})1`RRAg<z0#3p}g^plEMTm0NUonf7!e@<8Sf&w#R7ws2$U?`q#
z6}8}#Ds6g@cJ5%K-=PhX^)4VU=7|M$sVp(SW{@-^;`F&5Sm|vSY7KW)s@ItPy;BDQ
znHli-6*6{oC4|8-<R}4l3fN3z7HF5@3v*>d(}?`5zd(7_O<Tfhh>PexFjVAzyVQyY
zhU(mL(;P;|o2Q(PT(;-}Bt=fNIBP5Vf;ksq*!&31*bhG=`uxC9A=`o3QMtNsm{1-X
zwwU~z8meRn_oAq<^8-WO?3f%>I7j`DqS#^+hoM8{%yiTThSJ%`Z(dB-%hBh9wU1qL
zqR{11%NlRsz1tb<y^p-70uytC=NBDL;bFQI6AL+6a-T2X51MtexK-oarQ-xMdmuYk
z%GJ#sMeRc)z=?xJ+%?X{Z?O)mf~;L+b*OWn&yC)Rt-=;+=B&HuU2wQA>fyN=4hLK`
zxtHb%pLz^cxKAPNEE2agRJjK1q<r>EmG5)|M@X&LwcKvW<1En!y|&q0<YX>X<hZ;G
zde@B$YEm{zZey71#Z<SaL4%F_+Gt%o<%0yR1bDb^DcA|~Shj_%#Y(9R^L@gxfs09T
zv&|QNxR|Q<G_zJyG$7v&H2(ha$IpNG>mNUCvoMZJ@jO%z!lo8VijR+vx6A9BkE;*Y
zA85{io1n|Is?3K{HM9y!cw7iv%p{5LH4A+pzw@^Ox)*q_>9V52BfyE=`ENZtr|^N5
ziuWsEaAHuefWe9Dco@!M@g!GIQe?V;dn*Wpm85nzAF3+!3-$h)>9}VlnC;<s7QPqj
zO?6SIxNgM{ti-PaxTL|_`yyYd^d&8V)npH>1g}Hb+D32VVtuT1tIyx*SZP!TW@lY!
zV`K~{j-0@Q!rTC~-oq$3Qi3B><AY&gP#g)u5m0D(QA-jV$HRo-l_X)&FiegF;@I4|
zpk)vgD~;*U>07`#Wi{hsc5_w|(;k|^f*33BCknY#g%PV-eQDvZ6fbZNKdB6?VC?4{
z!!cM1P4Ca1Ef2vyB4Hey`Gl8f3ZvjiAK+$@m^9xdv&F;VOe5k^aO4f1^~`|5lQ{VF
zeV-2+#=(;-?Bjp~G)mR#ft8N({!QW=HQB9LKbLAK1L<Dvg~Pp%JqVeVQu01zql%UH
zJzChV{=%XRgX2gVrt=w>f5uP&Sw0ymAbrluOg|g3se;mC4-93Ft@+S*%;<g-Pwf)E
zziMEXfXjumIxZ${oXM*Gkn6BFo}oZ7ts;ynDPf9;G3LYpdIa#-YKi$j6XR{8vbKmg
zO&N+0W8#JcBfBOIWz*Cz2QJO+k@>(-fB0yPh)Go`>s%X}WMztPl#nRa=)Eh6Wl#nb
z?iBb$7(6GA(Jx<<$^u(bJeQQL5`=Lvf#K6I)>SLEZPAbxZxbV?_HZ$^;lPA6vc@*;
zx)LRP^-AlA>}7^x!TpVrSk~6(e>kp+xdr_}8^*|xKsX-cgbO3*ij#xkH8}V&iUY@1
z7zRID(Kj$A`Q8DnXm378A>R{ZDJ@!xj^#!daa`hJTE3G!A()d|HHJhllt@i3vKo_V
zZ1OK^d=UOHBAx`Htum}j0E|=<E+cjZj+(k|hkM!@p_()s2+V}x@FNPosQ}IgWs0__
zSunng?7;{C9$)guP)IkZo#XdLnAZ{;jD<n+<q@;x7cM55dm4+!A!RsG@?x5~ry=;#
z1#92IZMAkj$S@#&grc7l7c#Gx;bs627ZbTXk3+=YH2mBUhzs2gg_ix@FShyGRz?Uc
zl1OFPmBdlbcDx@fN{U`O9aF4e&ezoHvGb-BI->RE14qT$J*2+lWuY;}8g>ueMl^MN
zxR@|)JTki>;zsg2@OGR%^5S|H?}9bMhAJ7A1ITa(-v^GewR`aKsKx?&-?i&?c=^&1
z>bcsH5+9F?U&uVk$swXeQ!3#wAw!3{>d{uDn)#gUVj8vt@q@EZb3N*;?fR7t16yD)
zpokgRuT5Je<Tfn|p}yvZY>6;Vo;(L%HR`twi@1qN0$?a@yUXjQMN`f;zE5zYDUkiZ
zdUV&Y9xK|u<0y3tQ%0<3DGPKK*MbVDWgWI07%JL!`wNC5DmeSm2)F*!h0NeU=r6eA
zLbPT6r3D()E+fiD9vQ0Jdbvn^-{?W~x_rEtn(cX(hP(B`uy|6Lp1oPJl9qWG3Qv}D
z78IVeglr;Ylf^O&fvwME{%r7M5x9vjUvwM<e#GJAIb_J>2DaNSfh38%!X9My73fi=
zt^ob(!|-{M3LkBb->rGliBdM6y$2yM6k$EGFD$Z`Qo`#6*c{psb-jYMXmtZrxp7*4
zM2p}@g<?zL0pLj_NEksVvbRK2OZ-b=EIio*YSN%90R22|v(a__4Xxu!)UsTM(>NX(
zO0gm=Ph6c3D*^{k8iBjM+wr<g<1iMUeBwMTJPE~XZ3%{ItZxE~A9>h!x@4I)n9Jch
zbi`Y=9JN)wgADL|4f6?(qNtc6X+6<fWi~=Cb+|+DBS-yHqC!p@F7YK~gIq6v$w|Wj
zQ&M%<>;A}55H;K720*%>VvURr(_B^1$@j=m=#(fe%!MstRsyz$sGPM&hB~KoJ6Uq=
zVjeC!0Gk}@Rz|Ehp4@>9Sev_s<vexFQsc=S2uZ%h<c+pk*D{=>|9COM(8#W~>Z?R?
zL*a`olBLROoj&=WUhV~!WG_h+u@w1{32Xjtw`kPn<xW3EOde0#K+6#41xtQpUN5=}
zSuMi}8;=~dI|0^8ehGhdhU@{?l}oqq?v=Ph=wgDJ{o#Va=?r_x+R!t6f|5qT3WMi@
zap%X2iDn+14J0$Ld10#UCe4B7$g05*G*GwvE9_y~#Jd$Prhj<|oil~<Z}bs~EBEbF
zZk=G<APF~dyn&LE;aye%-pZx>YGLO+y8ig*>z}TF^;fSx(v|Q4@#Gth$j7AoJhD>8
z+}q(PG;K;*nT-zHRjkA@2aLATO&`Jtqu|OLTm*w^G{Yzu@`h*|H`=MfN;mWSp=8K7
zMkoh6{sEk%7W^%|WLc?ezAlc<N=$R?$aI|wFvg*_dAse}Gs9=n*NCW=eq^Pp`P$U6
zM^@sRgV-7{$gTtBM#-YtgrV>x6R(!Vcx0ur`KG`a(hXY`bfPb;Gj!UeN$cE-W%z{f
zxRzCq7gOFmV0bptjQ06TXT1?KxQ?p$)RP`t#@g=m<hX7rg0hS;S6OLuo=q-U$#4!(
zfK{!xmg>)QgRm0aJbzj)#X7Ld(+4WYZEB5MA~lq_{&@W{x%!w~e@dP=dAbq1EwxJ%
zU`)0}CUTK(w8l~kTbPXV7I6phq#mx#iFs-b$xXlqF8r1_Xn_*BJF?R0v>??E8v(5A
zJafO=uMp+pU?tc&ErMO@x)Jsyj|y_J67C!)$T$sbl~FJ<6PuW}nUAa#JYVb5W+mTw
z#P-T^U>u@>&k9ctD{ap4YHN$8mV&^9VesS(#|XTY53@UY7#mOeaMU=l7JnEPKQ9K^
z#XFf7uA8j*rr~~CxNQ#>qL@4zoi2Pa+0Nr|pVW)kNmz=BZ53H0^E&Z7G8FopVw$u=
zp(b)sjwpsQpmXpoNX~eMYUU$DdC*yaS8#V~N*Biu>bP<kH$RGU;O3O+Q(M{irgIh-
z`65$PVl%J1=_5mh&?#UN9nY{bUd4wq7>b6z6*7JtCw7sNVH&wK8S0CE7nuC$Pux0P
zRBgRhgDmwhR8G{#%US~0DbvkX)~^33OsSzZyC{omV^*Curhh7olpi5-U??+CmmM}=
zgQUu=(s@kABSZ1hiRIg?SlQN3=_Jn3FXR5Tdewy~V+Cg(8H%3n&9rycH~~YCunRbZ
zA@U<d9wK&0Hly7Mugo|~`O%*Mv^c@ZM}~5!$AR_P9MKcUP#-l0U+nDhqdt3^N<kU(
zc9ZP()-W!9TxUFM`F7hjB%tTF$@mq?iQJq#^08}RUOQT&ur|CjtB4!|hN`K1_nbf4
zY=kz`Te#~)DYp?TlOL%$GJ8hO$mwG!r@GHhd_DiL=T;aOUrKUfx_)VN`twiMf1)?Q
zPxl)5jn*&xgcp4H-RN?$=SzRys8X~Bh1cK%!^6Xg*1+k|pn`)R5*M#FgQ+K3GHUpl
z2{1l`_!tVYj&~xWYJLg0{8gGf-{EH=+bnOo6O?pmBZM9w849%?S@<3r%%^ci*U(LZ
zu@YG<tn#Ih_%flsR=G39;+pO~G8Asz9}c+x&%nirC>_0l!KTbhOO;Tic22v*$BPNI
z_SkyW(iC&KXcJQ98XzgUS*t?6EVX{3Z1cQqb!$jP+PMn={th{m(3NowIm94&u~unb
z(IBCFO!$r+G7C4(d%T#OYh*3$pk<l&qPg&czx(m755wd{x=yU}Lak|&8b~g?!^&Mk
z=(36NrLYow{Xvj9akZn6{XyhTtr(WYPz!d?9<m1BDld8~kNovI#ezGVu&^+zhSd1B
zxuGh`E#M8+ufg}_PQgxte=4#2ARulruLFoE3T-=0I8sq}+%zU!4&R>>D?72oF%%A{
z;E3z};doo)X(v)$8{t<4sWQT-2w!aMBO&&)!Xv_;n2jNc=;loDeK@hRgW#+O1Qxtk
zk|!2E-wypZxvl<v8F=v$3l-A3-7W|33=bk-f0^At`UN4n;dJfQvKW2?--;iN8$*<(
zE?>5~wY4VxXzwCJ)?Ra#8j5B<!|s9kZ}xYm<vM&T?izAGh!!3vPCPKmsCA+^Q-d~)
zl@kFBxQVm2#B{2VF$dp+6U93T>g*&y_+EVJUNp!>_bJ`U;8W#-_!$cQM#W0cxJemG
z`tGGT*jg<hFO50zl-IOE#ckK3+9@f84=;vNz&6>+{cy~5w<V`ct+O^J2?=oVBX6%L
z+yFfMc+@l<$L%#1S7h`Gpz-5Rk<b>6+QMEVVe7>w!btfsAoz&f6*wHIg_tpk{0Prv
z5=Z!8<D7wxAM-hhE)0kv%gIsj)KQu7qxgwpC@Vafs8m)m#U)si)5awwMkC}$T5L&j
zf~`JwTU($^*(WMoE(&<~5s=A@IU%{k3vpzEs+J?b@na#cHv<`J4ZlI!8sOr`L*6Xe
z5YX}C9&eEY3&8j>k3$wr-*;w!Ge%+_5b|Rm4xue<Zq1-$i_6EiVk2Q_{CLQr$?FqF
zsbI##`^D}oKO;}s!k5VG-zIlDxg$CP<0C5e{lQ^jsA!y(CTUtsaDtN&9&{xoxW5)y
zgc<E(VkLS^`G~`O57!aPw}R;U+ivppW?T>+sk{q-`Ei_4qDQS(s#fSW8eTR@w*8ir
zJ1I6Y43QtxS=DexW?I*Kb?(%Wxj^;)#`hwih{hzEHt56<F~|H^(Sa__iMKPvE~JMH
zkoXazktpMyL}RoG#ZV;q6fQ44IaQ;GSe5+9(V<m266Jy2cvVZ&)Gcj83zGTLE6P)d
z>SYYD`7x$vwH);hU*$DGFN#F2;lCM+mmgz#D`*@Am=7%01J@`5g8>;#u_2upZ%>EU
zDnmi$p;Oq_%_^MW4sFEQ!BBts&6X)Ys<YQf?%c+5fQ=uEd9!Kb$7ZM=1OxeCCxT@~
zTZ`?VH`-+A%3`CR#pJ5M^z1MV;Hc#M!?5$CK*yK#Dl^HmTnVyW1R5`{(gNdE4V*3!
zc=>Ukqn4Q5=^W*ex68c5qti7o?$jGFN4Fn}Fm!(0=%f)!j8<;du!dFOdgx~#M}XR<
z+l1cW5HQq)J~{-Lz=S?ED@X5SuWb<|j7*K;=dySaNT*ynbB<}-{=vG|Z5196e)Q_-
zfEZO^5z$)fY&0m*vMm6YAMZMO3v4j0bhH4%5c%=1QZ}7=fWLPMBD!ss8VmvS7?&!p
z{1XuJV__#J(L2nV!pw7;F_fmBbvEyBXtq+4_G^6Q*sUQk=Q`M869$DJSvxuVusMlF
z+aE>5ob%&jr*|lLJL02{LA#z9YfKIzLnZ8^NNuo{7zwQ0Ff@Kl>oqrS(++OiAb5r%
z+9!?V1O6%;4ws^1+bGyx0t<g_sk0YMCaxlvIzvJ3*Q^J3H^6>Q;oiD+nbzTP;77mS
zU>ufuSo2Q95iu0}XxeLr!rN;ua7bgIn%HLMFdY0i-D`$JW|<(rFl`)QyN3thzZTb{
z1{pRfpxJ<}y3s{OVdQ>PA{GTds`r{PSu2f|*jSU~JUQVJ;Kv4EGXi*E=BpRlDcaJO
zpMU!%3LT}$4#UBZGM=IqcrZjO0|UDE#2SALabl=nesaQJ!<!i@ntxYMJVR;oQ*%2y
z&g0{143*92qg;$HXR48TgfD}Y)cNeYw?D2C^Q>kt0R27Dxpe|q;m@ZVuNoR>!!Q&<
zpE19$HCY&np3gv!7D|@Ob*T+jM*CeGU3o_C`eVxgJB!)O-xD*7v)|rwblw-Uo5bC)
zo2It#d+h{+YEfl`N)|&I_E#A(uN{u}#PcSL;cbFA47J@)je(=K(WH-|#JjKBe3oV6
z1$dqKc_udPa+tvw#>bD?^`RS=|KLSAo$?8w^Cc^*wj}E_yl*oUdq0$NYfLd?ZN4MY
z77vOa7dtdjK0G>Ow)pX?L%{Yk5IcVm<{&P%I<q+s_=oY-MB43KLg5kM$DP788Wa_e
z_JlB0az6;s+J>sGBa#gnYP27|BcE&3(x3^$Y%8$-L|cbh97ECd{s<h9*XW&wmD>6n
zma|<<V}0I2q+0O`1L=8u8%#j=J{XD<mPVoysXoU_7JXi|6VMr>)2E0+JXS*J7G$MO
zv#yo-QY5QFea)#26f8!#0pk}XKhhEbYcZ_urp)q5O?wzQKe94Fj;(Wg+)kyzh$Z&a
zahkW-;sJmztW37;7;VLEUFYl|o4LA}D7tH9fzUtO1Cf-L3{0IW(-+^#!ZxN!u%sZV
zq(r^m)@xIA?JkV?{D(jNYj^b_)9KeRWQJsCs9>PJ$}OEO&hSqpeE*jwPfb$gm2LDo
z6-*7o=Es3ZuVN)_&6E>&$7NmX;E{91P|^H{%pyaA^dn&NV@}hS)8{KSUoq4Z?^U_*
zU@;BcqIAC&c-B-ksm4WQg<LU|4?h5HdP#Ww<%s4`fRZ1JibL7yAW<`<Wt$h7s9LiL
zBj(4R4j}H}9qca=1j$fAJaX}l8^n0fd4?Cm-1v&2p7;*}&W|R=0SD5g%uqQ#E%Gp0
zek|$$+P>*W)fR>8+_C7Ieu#t5hq3dcQs*r3*;CGsO2xr;1sw29mg66k#jFO7fc#yM
zEZ2M02SCH9-YdWIqKm^%KaTRf@+;qbkjmlVASzX3<7{3r!1W|@*P}PDcfr06jE8w@
z!{``FpJ!^N$_%AJQC_joZMJvGL!H;$<BFjM`pBS16IR)PM*}-B{24%M;F=AdnuM;V
zFSZF|#MCn6S2&y4=GL}O>s!U5EA=HQBpf(S3oUU?V<kN06ocKU_`WqUQ_hfdy~Pj|
z`FhiAfQE$+Erz=5=MI5oUdy~7!Mr}juroO2x>i(dx^QpXlUNQ97DvWrMrE`PzUwWM
zxWpMHVLZ2ai90|2#f5!dl)CA1Ozh5?hARxO7|OoC&7y&Cq-vl;ScbX3SjM|;c#Igb
zL3U%rkV~=~BYymHjXrhc8p@^kM#s3X7;4ZTopHB?rtrsVS&&|E6+LaN<miuxBck1x
z7i#F08yqD`m2dlgu3^CZ=;Q?O3M1C|CuCtJ&sym>BYZb^7j%e8ySZX0RDbS9)~y8R
z+^cGZIj1=$SotQs!#4{d&SX;@#qIakgws&$`k=>ebo{7dRCfkH{fW#nBNPBDGdBuh
z%=~EK96{JHK7N#Lf{%g^$-J`Lt9PYr|J_T?t{AG}*8}nNy(F`KjOe97bQ}fo>8y4B
z_5^3nW;oQUvAGR)liH2C%8RR?u77pEUXz&f;N`FY>|5}d!ecKyEc^%?j={3d(<hVo
zu0Z}5N6aP#xLwa?cn#S5ac(e%viegK11GrA$(jUF#$_Xxv4vssBWb;_GHI&}Y3G1{
zM{^B^`uaYI@{IBbs@{L>@AWyFAXgl<_G#nt%^<zPcruto>Kf@^;IaaKH!(LQKQi?S
zyPu(6zOQSwI?;(NRE=Hlot!fAhpzN>=p{9=HX%dF{P8(!5fg>fPWU`b6&b4GA7T&I
zA|(!(0YlO+_!ooV80y>y%y^64sHUxi3lR1@D{w<ts_>iLb|}05ulDKiQ1GKeBl~qs
zd<Lk)$oR3H0S$08$Fch@m_RYLuvZM_>!+uMFP%9=;=%~|k({$*wSBm*^C)9ttlokx
zhXb}4+{7-WVL*4YI$uTXW&GF@)oA*Z{PClB7RXS@ezY+SSAnmg>iYhcS$w4hLrME_
z7vq$oTr*~lA0ZmLRi=$FXF%h}io9~oR>I;0Fv*;X%qxa!^lwqte#KByes7`#c6_wL
z@bTsqLxuPs+9>&op)UNn?4a`|z;_#F_E-aLF}Z^Mt56xnngXNH9ER`;Bp4BdpP`ie
zD_c!pF%*Y?n@x-%1^WK|m#^NHs{5=qqF3)sp?wy#OHm^<I#E1DN%8UV@pgHA^Ktdz
z`U9ae4F*X7p7{VPF9GhpDdBM;G9ZLxk9b9c&coso00vdmEe${t9068p?EYKNul!~u
zwEhYhoT$<(U~nQl9)?RQev+#vDKg!}?CPx4&b#^Oe8w{s%&%A}n0q+R@wSIWq`D|n
zoTld$E79@*E@@DayvSE7eMyUOV3?I8c?es4bqgzT@mK70oO~;R*;%6|hl~KlO5A%N
z6k4gPLWj8>D^2de)OcazFer`$;Rq;H@xc?<lGLG!Qy3;k0&#5aQdyQUu{~A_+o999
zfOD!#D+oj5NGyyhP3{vW<WdzztVp4_Y>F2+ho4j?NUu1GW3bZL-k&|Xxy(jJWLUD2
z)!xUE!;Gyr5k-EiG<97CR21FcUO<)<mXwfCiA8BxYUz>|k&<vxq?=tz1QrmLZb3>w
z)}@zj>6DU^PDMH-L`uF@|GvI*-fzyibI+YK&vWM9U(cC)rVL8WPm=g@s9Nviyz?81
z0kEOXJ#XsY@5jH@-uguHajuKzt4kveLjq%qTJNJXjtuUY%X%a(H$L>EaxeL~H+YwC
zp_kyA%~9fafUiUJ5`t8UmWVcr2CJo|U)iFs>5$*GG0xK|Yp;F>zqkjGZa$@E<SKb2
zU<^DAi7(vu!08OuA;rN(b>1QMNc@D%-__+PAEG)%4XpIbn4Seo1AWOT)#fN94{>7O
zo@qMf`N7gW=PAvbZKfR)0zHDB#ZsZ@$(GU`Kqj+`<-9AHDCS#)ANJegimdV}(L|2>
z`ZZ>BsBI-f!qNOVOr)G{xb=->741Ayb@Xjh>m&|~(ooH7^E7T1*lnC*RSYyU1DLy9
z_ZyB+=aS+n4;VKIQs|O`Mur9XR4s2>jR8jR!%|oZ*WzfyF2bPV8xINlPAbnxwAJx0
zPy+w}LV%qD;a!xw()UO_0HBK)0HDKO^|a^naB{VSTU%Hl;Cw$jL0(S>`*3|z_@oHv
z<OZEII+MHGHiiOXKJJnVR)v1IesyI><th*dC}yPZ=R=;}YHcFB6R3!6<t+-W#rw?Y
zkY;}oxsHl{XQ>)K=BsfhdGx(AbdU#pq+>heoK={kGs!R)L;w*?4eKZ^o0n$~t@b-e
zxL?gX2X$gq-<(b+@)=}O%Rov`6xvjc^UAGizDQv|zT}aaJJ6tVY4?SJGx@hMN@UGS
zgqHxHBHlaVf<%8ob>4pILQCfPn<qSG=HwGSUB-5&pCn#|a?{u91w6UTgpckJGVzbQ
zTf)Y0JQU08-Hu2Xx8GWEs=HQJ2dQ*MEy`pzN~q6p<|AV~D7W@L)4C_Ud7XpqDKGo}
z%He3<>f@7wriJij)KaR_^m<kHEMYu5)uWwDXNc}q)sw4*;yZ0q%NK<l#ctQOqlDs*
z_E_~ZQobBmFPE~i@@~%4hc#|UDrLgA1|JicrUhK>=mR1RIFSaIGX^<?m-dO4nc}cN
zKWqeZ>~eB(KN=eUI6VrOMpGe1Prve0gRdYP#Qpt{b^1oDYO<ZrWwaU_T=m?jr?0GU
zBu}9MrPUM#B=ex|gi7ME5*-z@xIUC85vX7Wj6xTi9?B%e$-|%bcY$8T63+9W)WKlR
zQ;BwpF^}*bB?MPGVVi-yguyEJh(wF%Yc;d!0w@W`D6!l;cvSPzp_3IWWLqQnY!c-2
zVYGHHorSn%EI*RE+7M4&TC_l<lg$FCwAZMNpP`Vo`XotDH(`2gnvQZs{S`00)oHHp
zy!;nx;}!)T`^bloN{wiLJ3t#-yc(G9W<?Na{<<>ZYG?Z^az;O9f4@L^gr@ac|LKP_
z=BCr}`n0N1rsSoJH)_o)(5+AzFD?*6d%;LGYb?o<1li^j?&mINb2qsY$!ImqyRt;D
zoZi8l`CLE@slJn<Cq14V)4+(#I-N-S%tQ+Xk%*TB58blScW>V(KP|zKQZ*R{_nu`%
z(zz9j+IqR@R(E^h$w2QnFYskPBU*%*ULoEbLFA^V$QP)Jqf+}X;A=+}?!VA7S0L!;
zr)c8Wbv7vOGLp<hh=5bQP%IDBhPtB~$0^J`C)J{NA$k@yRTl-9r$BmOn7%;CC|Z|~
zRjSInDs)2B@p=Y#tTtu0r{cKnQD~&oYe%0@6C=A^``&tkAqZvI+HI|PqmS<o-SF0p
z-h`)*9G||UG!VRaX$%(hbaHJ$=5Hew3Fz0Iy#N64Z~*`pe;F|x;bm_D|6#csMr)A^
zBA_#a%*R`cs+0!EVI_H~9I4bY;~W^CfZ2$buz+z@L%r`4NhDE!(bS4;Z7XyCi7#{i
zSi7ZR5l<WDM%c@WU>lvVJsR_I%+uRF24ZBPw``tL@!rkyx-59FCqX%SQ7nu&gZfU3
zh-UwDg_z}!_e&zs0yoOMYP7~wMBRGn$S>LG7~I7(9ocTbA69-46|twP(#6f0>qbXa
zqqkp?{}L_S3u#|5E9A=yamw}Aqs1Q`)Ypg+PAGpGP>tUs`LseG6~Lw*a@^KXU5fF1
z`CtRnZ}2*`DDUk;Vvi0(Dqhi&<`!_Fbg<pw?J{!+i9jJkLg<M{FTiw4wDKb59tD2b
z^PIU$yRo4lVv|{jkB6D}*YYm{upqA{t0Le-SYaLgyLHk|VJ;m8S_1b}M;VE!Xn!m3
zw58;FA;Qf|;K=Zb4^iEb0h8C_^w$Um_1ZiWgTm$|U+x6x#FRfP**SDbcB!*qcI5F+
ze}!r42vo#Hh)1{XF4||^TC@|q?aojmY79A4Kg^GdVryo+9FFLJE1G0epBVUkz{qPG
zkZ$>4Oj6+SEG3_eY~O3}w@BO)K7tq)$pT9o=J`4`ZsS?K@MqL~iP*i2uIwy^NvbJv
z#lp0=D2NhlD06!zbIOMo+g-Ct<EQBQl3flSgjPNPPi!Llbfd#*&_WQ;p^%f8*K;B7
z2X_3SE)iTlG_+^;bkh)3)4lR{yyyF)NmT^mgKs*TRyE}7S-uOvvAb(v11Va6qc0vS
znv)kHd~D`{XnwNt@RO7UpWSAy;)^p=G^t<jmjL^RUZrBalm5NW?kZO{+%D00z}=vk
z5-G;~6e{Hq|M?T+O)9$xLRnMq4)JU7+n<Xw?amhOe|;*N@A|>=%kX2Fv;`ir%X^J|
zzP9eO$J=RFhZC=)Fk3!<>QxEbz1Q&hl)1<Iw69NYt7{^j3_b%`LgN*gx78(~+-9@(
zWf1qq#Y-SGA*Zifh5EOhS$ONC&$#+FcW*7~cYI#;ca%~sjbvZyBeH~uG&bFe=$)5(
z#(tE|w8_pU<H_jj>Uo^#ve{tdzOJ%a?^hQv^qqExUTk9v`pSRkyXAgyiU|Ud!6Z2(
zKl$mouWMa@>tr#7q{rJ_vaH-vu$SP7gif9<#AS<ru;DqQ&BV7sL1U_SDms2a<D=hv
zlIK%mKD`1uD{zVB?ga@ITFqD<PxDs4fif#6ACdNAKlAJyaP)cL?YZf9(xX2iZjtZC
z@i;KGWzBywToWA&-P?Ax+#eVAJTk5=s1f0(kask@+tlcS`w*yqtnHb=npvWi{*~g3
z5_K~~Jx{WVPU&Q+xTBfAZKG~pI%NB*$(^tIL^mIuo^VEVN>t?O!<6b@6s#`EwEBB{
ziE<vg7VYHT*P%UZ6jtu!hUu8YvNrnw6xpaJNEJdk?kHe3YEL$wr5J`Y#m9bu9@wFT
zlTXuVq_&l9eRY<VHoa|^4#!lv(?yaT;pA2AEo+W@^nSOM#SHWijF9E_ch6aZ;-+7-
z*J=fdy-U51=U#nHv5D8i^WJj+3o+9ZBmhwSgiH)<rbt8yctHq}?RIGu3nXn4-U3~@
z5TY1`JFw;z^;+@^u$@HXYKI&li0F!Ji;HZu$`~1iiUJ5nDdI>ISzMV$U+dPF?Z+zq
zo#k&&Sb1|Tq!H@@X>kDn5^N81wXlct@%}ic#;7~u3XsZTC@o+bIjy(?`C~;2&q=C+
zmtMbYjW%!H`x-vh$ZAcYewLQTgCQ4AcfSmuMA^6Vx0;OWLka*Tc3fs@E}4ecA?mU`
z8NyNT_s2lopLf|id0HGlRBFIaRQHIZ*J|Kp79PaZ`#9eUTavD+DHx5rAcfS=dZ+q{
zhm%q<`RgZW$o89_-F?=m%$rKi+<Vbk8lmoS80oa>`m9})`GYdg+2ym{_u14^hYhLx
zsNlg-B_a-|qC@<@C#tV4gU-eQ0Ip+mH*)Mm|ChHtaB{NynXc(<*-i3;P7Nd}meC^-
z&=>5jPX|iM`74U!KAA@sz!8cvVF<^;@B6Wf5^%aOpO_iw=5#G*LF5Of>vrT_sy99w
z6q?0ko1$_s?ADtY2NI59hBaX{U|PCdGY~R0UNd9{?k!z6UzK%{x2tRYP%5|KSN3=f
zNy3Mtk|(DI7tS|{?DMV3s=%#>U&Qy0TlR3mf04CV(_l{#@%@$pd92l*VTSx8F2lMT
zX2HsV3@|xrZu8)Tubxg!^+pON4z^bD*T)`%?VBh*_zfh_EMLPsey9Z%Ze}L=>YL{C
zpsSl*Qn^e)uEgx{S(_kBwRhv&ELInIEWx$bJeZFserS>05*JyBh?nL!()*v05+yKg
ziYlnq_Q-glQfZ{4Ji`iGMB<7k2S>ZdjSOk<-mnwZGJ$}-vYcH^tnqzt6@fsu7EOhT
z+Z^Y{q0Gc?)9|vQY#>naEGA)D^LQmItln1w({W=nFs0-a8n!DBqznQKLHRI!jHYjs
zebRXJOMC5$wKyjh@rmJqhSO&`&aL|iyWFs+!%&nX-a*UbQj-)sCK<g$#=nJ{ch8l#
z3@glVtoAbe66!An{*jXZ7VS@EZi~?*4&(<ZV<=q#Hyu_ov-2FMX!$^hlcv@uJ#niW
zH)^yqLLIa6wlzDCnKfcKZQD|rvNtXV4=nrZj0@I60r5NxO8#zQJ)-6N%3m(~;AzFb
zwFNEk*ZI#1J$$kLGBfe=clk26>G*F&i`{dLu*U6*dNge`3LNJYb%*HnO#6jy3Vflv
zA$4k~{yY`pZ<V(n^M~{cUriGpd{g>a;cT(TH*I!7zoFI5)1=!i8ribdE&cagQS*$3
zELa6L!{#ki*tr@jI5{FL91$>GFJ}w5=?^7t)9u!3;Rl_>caC0nU-8GYeUxF6LEziS
zmfRi!+i_GsI<TiSBGNU=WpxRr*;?=M?AY1a2jP_V-Hi;ge!dW>V<<8w{0`IvN0D{e
zEX<ba-A*W&2{7teI>;qWYrLZ+^~{iGRC_HIwVw0QLAdGCRez;usffmVc_0a8J2g!c
z18<nmoh}&~HV-m7dyQ6lJjFMCYNRL@nuu^dZ<Q|HC<jEQ)dt-giM%K>TJ3wE#XbrS
zmvdzhFZQ{FwkFCNi~*ubUD;AiqdAxb!)9x{fWV~C5Yp)^Q1l&j=h_*87xmCcjSIm&
z@d{~dFTHn&GH%rctX3{a&L2cgT%po!5%lSS!KJ^<+CKd9N_j@!`s}FrAP+I|EfxnN
z$(={8t&W3BjrXUNQ|{1IiN~&FFSdcO?e~Git}+1d(8*le)yWyoci-9h$Kswx@7TPU
zBl&SBR`)1=L$N&)r{&*hb0=4e|AL2tY}Av0SoD=&;{45k#5u*1V!ac>+QPx&*ID4d
z2#SuG5}}*;fLRu{pM~f@1pb|b|G2k*m!<#7!mSHYSt$SjIM)dP*M3uAdnAtd0se0%
z`9GFlruB31lk2BponMyo_3>{`q`x@|c#iN-wS1oCe1iTD3l2EvC(EC7{XF!1MEe63
zECl{LzMTi2j}U)=jF^9({I^p%4?gdS{(!fOeuDoWzjU7Gyp{jqnJNbUm(6Rd<72hx
RNAM;Aj9^ufyY$EK{{X+Odx-!5

diff --git a/spreadsheet/macrofree/waf_checklist.en.xlsx b/spreadsheet/macrofree/waf_checklist.en.xlsx
index 4b9d773dbb8fdf50d4646a54d3c474e0172c3707..f16e9f398da5ce8870b96b674a97e45e9aa12913 100644
GIT binary patch
literal 201186
zcmY&;Wl)^a5+x+K2M8{~HMnbVcXubaySqDsTX1*x;4Z;ofWaX^aMzvpwqCOPV}_dI
ztLnaePoM5S{VB?Pgu;Y?fPjO@4o1=vACZ$x0soo;f6%}mQ+pFdCwm8HMk5CY1`k^s
zxfwacekLTCtzKof){H2kA{0^nsNAj@2G`IQ8rzVk^FL66cAlQ2_yr7+q?9e`VwVhi
zwyZ28$lsR8o&+Yw^P}?jyla>@0%Pj&P>YC(J`NPvE(e4%BXLdcwATGzU=aWAI+H5w
z-oT?oIk2P2##2v4T)9qwfOhCbArOrr!<|M4{T{6{@mVGJVBG%26uK9-16%R`JHqGR
z68`XzVBbGLKz#atk6>c&WcHskgeDqT2Qy&~^+r9^FxR`GSD^w|2GW@{jZExG+HK7a
zP^H5Dv>Lc9sq?IuOmpA6E3|#)1Xv^1s^i!7Kw}e{l@jcmV-R<7Vv>xYe#wv#5r%dy
ztu__l`$L2~+`B@AHrBwNw3T6)n-7_uo`Itv+4sHZv1J1ejX($%9pDaEilf&+RORB2
z5;L96*Wo6A>zjA?n2s3B^kkvGIeaBmnf*OVL{}q7#V*j(_T>AYFIK`j#dI#k8uL#E
zkfNBWivBEhku%fYZx?O8QPxSHvQ4>2hOlZa^=H){x$Cg5v41QSY&5@r(vVW8Oh*z`
zp4&N#@_<=TYttRcwx`^FYkHZk=C_(KSr+{N<5n+*e3}6R4jTys1O_;69yW|F7G}0)
z|M#2uKau;Rr4x_AiRo9n@NPKeo$k#L5s)O+Z;OrAsd#ym!-b16!_|<ZM;fBqr(!^>
zR-k4;ds~gFrdCAy`L<XP27Y0V_!nz3kjv395L(F<gNC)G*ZJi!dv`ZE!x{Um7>N*_
zgk~l))qA)eZOnMHbhXZMW9?k+7%K_kyYHljc;*s7@}&Q9MvymrrXr*WD$s{=W~U^D
znq9ye$P#8pKXbu6W@z(MEb24c(Cita50saRxp$mOvx+P$q8S%-^D^v5Jd8c=ns{1=
zOTMPO%GPN{%43#?F~B6RG3DKk@ty5lsILFs0XBEaCyXPs#uDi3`^R4b?WOdCb*fCW
zP1!pptA{hIG9)D}qp5pdL*E%Vv5(@rgyoS?Q-g%iU>28@dpYNOBTtq(7VTWiYazC{
z!qhrpa@ZLW4pz`D+^lCe%3Xal2GVYx@gLOF{n@*E`(g1P^cl5R>!30>!tfvJHZ0s-
zUbhhpHhwN=t5cO(K70T$WyW&M%4^;h4q2roKz>h)xe&*>vDzf)5ne5p%o_WC%;lK2
z)2Vv{q05Cwmr24-m<$;wMA;uh1Q+FY#1#02U^hnQ$c?Y`@ZloMKX|9+f<ZvWLCS0C
z^F(Y-Hhxn550k~FngI1mD9_8&)$4GDJi(XO$3lr2;y0c=Z<RCj=`gc)4ME@Q8B~LU
zUjOII#a;U;53S+em;K5#|CdLeTj|2vjpQ_iysn40lU_eRn}Aj*0qTK!OKI{B@wi#J
z-2M;97zrOQ-O!)mOERJ4AuJ)>)CwSL<(OHw*F-tDZ6UP=pt`u)D;+mv21S)VURWhr
z{nVS*%0k?AsyT2@Nn;%gI~W@(is_8J%(pzVnCjaY!|Bh<R27H+WwB|vWy?p7t3*w_
zOD2qD>`uLS+96}oM?p;O5?;VjBA$FY|IrMqLsaErVnGy5w|dq5p2N!7Tp2_X&V$|p
zZBCgIVrkwLL4{B%KFnoiwuhn~8M(KqI+)p4{6PT~ezy!rrJQM66J0KTPiu<P2y|a%
zTTB%Gl?dM+%*{x~>w`(bMTpNmPfugQIPocjTAZ_uC28vkWem6ln{DfQZ!5h3v^~*D
z2%LmWikA(sltHUGAECiFG*;e3FHhCe3BoHZ<j1wj?-qd@kZ4nY>u_BSIW)1O^rZ-_
za*9m1afUvr&unESg{QS52sSBS5O#}4dc+dwoNpdv9ny*#;+R?%_ZoHC2C$aQozN3m
zmII=E<};;q(`W=zm+;}2`f2TDoV(=3?pnN&OwW3Pkvy$&B~M3MrUc9f37DR75Rg<l
zpc5mt$U*X<D}&UWvz&j%k?*v-ljlxjhi0@_G5oR{4ue1QQ5hWD$k3cXPjjsM*H!)A
zl5z|FDdnWSn61wKK2l*0)EB5Wlef;8*FGp*WU0IwVi3HfX(}4=dSU$$^QWAKjJJV0
zh<q>550xicJm2tf&ocYxA0I1ZPRzD8iJ(fxGU+>XzA%~%<FNefN+M~t1N3of>&mkN
zq^zROF2NJmjiCW~w4YXssAek##8DjVC)G>p3b(1p(MyV{@FAgdyUEmYCCL}a<W_H&
zl5Nvc^%gjq3mePzbu#*a!3f(gkDfS_I6_B49{0|IQ+wE({EiCttR+1*Gj(0!4#v4l
zl7N0WDkX#gD3qkzGmJaeLL;~4??p<L{%{7stoA@NFGRw=+-ng<j9tfhyr0C>ZE_<&
z6b`fy8;zEljM+JFI!#mS6DoquSb{%`G~Sk~ehS2qBUzfTGhB_zI$6wCNYfp7yrKVI
z%bS4&L$0plr7nk)MZ+A|L&ar(0iUob^CWQ;AU7z76oz1JXZKSe#maI@;B)bozLw)x
zy{XoMJ9P7AF=l)!55EFH@*|S|I^%D^k`j}iL5eNQc3+)4dg)nK=u*-_>c^rM_GsTW
zk)FYE&PIgT_8KL3eShh$_dvx0bxxJ*sfCstLMlx(KuM)teOBvY*10EMl|;2(1#|S$
zaF)HF12$>z$CQ&08g6ezH&p3Mi_2W6RQRY(F}L>8S<%@NR}j38&|aw0P<i-<^cJjq
zF;UBlG#!#}D}IN3=^uWG!ZLE#fz@^XhuxWy>$DfK_u=R_7bUm6NKdQl0?HP|?H#e+
z6T)*b!2-kLXSLep3;aJ;#oMi3DL>|GH1L#~^?s`sYL_lY_InlH{}c{~=CXKHQv9<-
zr^XpYE3`P4rfjcj6?oVjq+Pj*tc`l$21`d@gQ$W{F!PT1uaf0}o0w_HEClt24-oD`
zpCEAlZzXfLcd~Z2Ff(&;X8iA;|CY1U?s#xDN}_zKy?7!Wz7y*k0tvd69OMG+?vG+O
zl63j`FWu}xFp@!P1eKy+rB-X=BA<c8=;Rd2p{8?y(>9O#di;3?Us)z077X|;k%K$|
z?ER5r{fM=PtGZS7cje6&2ZQBK|Ms4mB=5_gm1#rrHWaC!_dnL|=k0H}CYpJYZeotT
z3E7-j1KD0rlx;k6uz|+{AT>d@YB|fwwUnSz>CkYw`Gt=&t%5I)3dgN#mgHize%q)!
z2jMyoLrIGDwVaRYl67l>d>2=j67@6!pcli}+1Cq_-p<-Z)Mfv-`8ZIdj?%j=74%--
zvh9Tbn@Z*cimI}8A?E57YHgLjmQKqeTzRzL#L!{Iy?tQ^qrkiF!Eatq?^VHT*usO$
z>XnEhtnv=fx!9#c)<x_BC!4qb+lQP@Ho<<C_~;!nwsy&UTu;<RxTF4ke}TwlW3pPm
z&!Y^l-wX9F29&%LPTxCKuByG78uFNH2TzQz@A<0F_vQSVloKysO9bAq2>qTFecqxi
zh|}NaR9dB?<ci;xAJ%p4#yFCE)v!^k`S?zsK0R5!8}jYx+)jLapX0yHt+MTH5}CR3
z0gB+)uZf?we0r85`$Tin)G%Fcv)6O;VZL7c4CLBx3v^HbI;^LqTF1HOTlZUMUC3u8
zD7YJA_yI%Siy|+~3^NijW^JKt@%t?C0~N-@s%^^Jd#$~Nxb~IAZOMKmi<k7GOq>eP
zUXRHXhoTznB`eJ3ywFyiMK|U8B&9yG-0&@<QgtC$K66!58I;<DvBit9Zroe)KYlB$
zRV;ZHtu6%}EmP0?mMkUP+w@QT?qT*G&T2-rUvlq1kkaL3kZJGZ>^cBniIxwCbV6$E
zfS_NPTTvCA|LEHbKIl~J7Ub9T?vnHRsF0UQxkmRsr%Thh*m=cBrJ+A@hsv2475Lt?
zKhMk88m#gM)5DAtVU+RPTeiIsT4%Kk{Gsyo(~P~R+Pn7EULi@i<nH46vocQYx!9Fs
zvc_#*jkTvj+r^KAcscJ2qw%|zDHEtIc9<?p$a~C(a_BCVt*<aI>u$sNd~y=^Y_=Qo
zF5<Z*&K}0{&dF4SkDos3oBYIwJ>daA!?BO*b#&}?bmVmucQb3-gH3nj%Q&@FEpR`N
z3a5RKf;vR_9`p8gT%8!>%MtsM{MIAx=O6s?hH>=_RPUvlnP22rP`KyQ+qhoPYxk%a
z*y1K8T8q!^nDv~q+`H$TI)6)+C+mG*f3ZVVefzcSIz8_y@4mlNZWlcL7(V?dd6)nK
zJ^bhUJ*cVio1Z`E1x4Qr?j;CP21(QCr}jsrT>04!)AM~*#6}cU)u9b#4pCW~1v-od
z!`x1v#_eM92X+!4x^V@kD>X||5LyATs50Luyg~(~RVIudDV_&eMbV^t#Ep*fwL-z<
ziA3zt48UUQq`PLqKVLujxbBSNE8N(9D1rC2t-6KjyS=bF%Jw4%Xwy>keJx5n;%J5f
zw1I!pP3=1Kn~>tQbqGIp<ym}^`4?yMsH6zl10u;o$1L8@qz>ZAaCRp;X$JolOX%g0
zEdzbzP#8N>8wun0eaS5>jyFi}UAeNmID3`HwOIeJE&UH)1janur}@!rzq%LLq$<0d
z1){xK>ZIu&;={G~s`W!ur*tVre+4bk!uf9L_`&9Q(ckGwYDY=Gk>t##)Pw9q)gUd_
zuNC^Y#2Y?!0n*n0aCR|_ONelwpVMhFmha8Hx6jBxa;!G>fEKu|?KHX<+KU1=UvYwu
zX1x;+o?&xp`^f!htUmIorbeqCS~1CCA#Z6q^TCrKo_t^I)ioGk-RSWdO>QWQs`8^D
ze01IL$~Xxp-I!=~$cfr0@h}Z<9jGW;8G9de>RQnQ+VskaX)RunnN1a6;H^cw)KvU&
za9P`S|F~5?7nq@`k10+MZ<E*VhF-TKOK9HdxCNz8uv$`ltt{8r@<?v}Gk^l7ipj7V
z5@z~K<_=N;BG1QyYRB*2;0mV$5<Y&v(APSsjV1GFPMZnjj85*<)4JH(EQ`hfUGzNj
z=ukCyn7r^9uY59J32{0{*l>Qqea4}w9A3~A{jSMQ!fU?xA$NnFG5NU*OX_QH(MeCT
z>9aIImfvGvOpBp5?XFfmuGUqZz(}1SR;T_vU1<-R8PPVHby?~wmW1VC5dB!yY}4*f
zWS9Ru67v_8RX9rsmaJiw4CW)MCc9y>QiZ9q@If@KuK{Nu?5k%bvh$xkAmSdXU1xn6
zU=OzV5OGM8QTHW^J+M_@I=@$v-Q~{Os2<<!XBllYR>t>!z(qQ;v&YtQ*1*SJ`KW4w
zpp#>~nhGA3Gp+guQo(rL(MlJ}b=S*sWYkYniUbG~Q3Pr2O60LC7&M4tSWMHQhtNjm
zQRMTuj=-AXC?(TKQaVhnlZ1Q<on-pejv@+-Sd!%2WdMQQK*$!U%H^$I&CUrS<4H9&
zaxOWV(u7fZDJlzEmDOV*UPRW6%<usoa9O7@RGT#)&uS`tHDM{Hyul(dV@VdyKZPBH
zou{Rziw$hsG8@l~S3bgWep_>uFlk?E+xN1xKop!x&wEToDqz(?8SFQY+g~Xs<gRyc
zLA~$=)=WDw|8;GDEt!6~r)VENw%irv6=A_z8mm=bSrMfbUh^!R*r1zZ&s5H44`RYP
zc*5SQl3p{zwt?oZT#3yw=(MWis@M_nnpH#qVpmN~3exg{DdJ}2G;hMVw{n5K_4%Pr
zJRE6*!|GI2LD8i35RbQHyg<wxkC%kc{Pei>gs}F!(z<!ADD2QqdWz_bXfLMyHKu9X
zZJ8=|2)K)N-sWV{!k<RrmcX*y487|(xlg}_NIw(pL10-rW!uRUJ(55XRi$WJEfR)x
zF5BR7n1rRk#$k0CLT`5&vgOq2sT#}}^2>+u-CgHUiq*G<xS099n_95HK{I6?dk9AS
z${55DaXEEq-`3(~+4ZElR}M*M;a)Mc%h%bhXuXeOwI6a<mSWNwTa;o_L9cCEl7i9S
zl;VD3&hoH1%3GhV;YnKExoT+SiEv)+XL`&J?sSA=H*h)KCa{FCLQy96_;m2Rzl7hj
z-D&|m>eE(wY`^C&tq?A({EK~kXL8I&cTqh?Y%Dk`(fGV19!z(g=4fFaUAU$D-`)~5
zQt%>THOdLrT5U8C9<$24G=imwu_h5L<c!2~#}e`%4;>3ERO4Bu{h6G&*X#qh9;yEf
ztk`-4iQX|B!$kOPpB#QwFb*U83D9a9m6iAgr$Bg?RqDg$tx081spSQ9R|2|^*n(nT
zsSnBr2&Pri0pT&v`G)Fv4?V=AaDr~lE$0O-@gy>sTKS{e;YhZiEYs&r3fnvjn}s`g
zt@S&pKFX%$DxY2k(^kX5L;PJeRu$0aEWWYgKb4Mtm0jYiRjnx(rvOe1qNo+W@d;x@
ztazwPBCF+)>7$FYsb(wL6tU>ZCM#i&rwfMe-Bd!8$6YIUnK(wvg*pC(xo$_9dxB5m
z=A#*P10n7CSxnr{_gVxY<~R}=7wFx^-etumqv&Gl)D24{A~N?>S{?pUGE{i@%`U=N
ztuD%S^*82pl)F;M9DGQBMkeuK9?MJq6qd+QM`pGNE;li&VSQzpZ-U?cT~ckn<CIAs
zuH<q2Ie286h^400gt*zne?9K&e5~@a3r@UEczfh-!>F8`d8Ya(MxKOlZ{bEuWupm_
zR>3HO*b<Ma#Yi7HFA9U@h^R@So9yV0n=C>B*<Hn?;6A=1m9ojNuz*+gmcz=SXKcgq
zf(p;Bu}be<cO|T_9hINE7R$RvpXB|D)ND^XU~bKcewfSO7?HD}9^mnmO#UZdcu4p*
zW*70g2s&1`^Gim)y>ju-W%&kV`hH9AKJhj>_LxLu#Vvz%N+J?-9JQHfIAv@6NOCja
z9+1f&Mz3TVN@`8W!uBk+&T*2o$5BzQ)R-q@R|tiTJDJ$3(;Px+tB!&()}5F#6pS>z
zU6*r7$tYHEWMz-Q<!|A_r_<JR`N{I5%ZZ3a*ux;Fw?5~I&sA2+{3zcv=N4C#Z1r9r
zcduNZifNHVyRE9fxb9C~H~fmpex7iUIJ|;8<Otl`8#BXo?yLWFtL0_8GM#(D!ZQS5
zf<rWyb|v&Tk}<@=ICX#+3xZ)B(uWVYAHTu<xP_$7LKaJ<ZV*mvM!|gwkOF`m&;F0&
z#7t@P;_wVD&24mjy6nO4C2f^)3)sKuthfp%(T9fDn)08Yjk9F1FP$E!a5`R|GA}>@
zYEQ9DnSV$fKDyF;hlgQ|=7)kA%0WOQ!c+19(A08QZI^S@8YUC_eI4iRnew-X6Nyqq
z^bXdk@lpGAdPW07l)ZkIXjS=^lVt47rA+TnD~1fCVskqUx4)}|>NbcwMX{ehPG9A0
z;R#@xnmF;9zP&_l@b2Th<*)m2{Nc!BN@I9|#?C?E!j>H)nKH^!Z1G&%Ae7}UEP_&B
ziiH(LW%>ha7@;V)NThCVJyUD}xlDfq;wu~U{%QXIpgkZ0NcQl)qww@rH8JUlN)q$^
zOwo2U%wyRW_9Ed))iP$nIRqi>OY<P%*1FBKYvBf&BDj*WgAvh;)HrkH&2K|x7qw?n
zU)#JSsA}Qx<V=}2lRI%JqNcTSc=1TRea?#go9BL^C45xnwP1EXADe<6j)3Hlv^+an
zvnNKxW6PVb;e(N7h7ZU1o=D>V7`KH#a_qZ7(wGE0hZWFy)d#SZ)xRQ*u~PYwa|F5X
z*fA^O#$qz6@R?1K1`$_}4L`=JYdPm<x#>#(M3;r8_@X@d+zL8w37=cOu-RS&@wbcs
z)z%B@pScszqA6g<93W}7f9HPrd_fd94EhwTsU`yFQ2HItbz|-UA_(KiqXYv^&@}O*
zbK>BY<|!0bBZ*OPR=ZT@Z(oRUc+tO33K*hO&GwK}C0N-kz)tQ%DF^xYVgplu71m#B
zbZ(RYRW(zF(j;(JKR;{mL<`FsE@->wLHJ-MpycBQ6@|(Ol63b~<V+IC|LL3A`ihRL
zL){bTgnxl~{k6(`oX)Ml<kLwvlr%{ZkH8MaK@yyj8P**)xv=!ZiB!mI>)>FTHeke8
zVhQ@QSA3uof^CpWx>q@c?l!CDxT#$_5B*htOtFw*rxHQGbjgy*k8EMg|B=ZNGo>TK
z9~mcv@?mj)7?Nioqp-xXx5!u@Gm+i;xyg`px!aJ0k&PJgN%S1#DFSzzk1C1Cy$SY5
zRXMcTxaR~GD*qKhoK<lj%VpYIthhN?8aWAiABI3QHFKjpkuOCdrP>eMRYcar0?F?5
z?J<ydQ;+=BQiYR3S%xT4OmUv*9!QdXld)|tl=L%3$ny{pF!^pO{o)zH)D5DEpQEZ=
zM`w$um|_3Ou)vlN*OBo92&|?<*703m*2>O2X-wYk8Uy_ZII*v68&)fOUT?(Y(JPLF
zvpW%Y<%d)99t*p+S{E6+dlw!dZY4LRdEb$;Q0MSnzK8lf{!xRDj<G5%(3&@$%fQLI
zYS_G%EA5jpNgVSZ2pF7@SUoDCjX5Z5yF5q(2D^Es1u7$#mj*JBOj6(#RM4L~M}z?`
zGzgc7AFhHAak8HmpO68r78q3nU*vozS_y{<L1ql`vRIKJtlMFv^8DPMa80mLHUQTM
z(*M=B*J1Ldd|#<0lEoDZ>Tjb3J;4dq!hxLjQ98S6Zgpv?J({?k4Q0T6zm-!y0;-ii
zCb;hXpZVnalHv9dy|&BhEs00YuN=QD#iFCo_$r;`%5aJPC(Y1MXtv9@zfDN-@Z3sm
zLr60>!AIrq^VIKCq11(Qr@Ky)at4q=8x4xgH_t0}3R)Ioiu?tG#ZoeL*c}B;n5qf!
zAmyQ)OI5Rtux?z7_5kJJLcurIHDTh8`c7;@$?G1Fa1|>3P66&xZBfnujA^6e>bMU&
zu!%ZPZFoaK!AQKe)e>MSS<ZvLH?xmdFb)n_TbN#>0?WedqWEe6M;{Dk3tW3lU&byp
zmNP%2u>(guO^ZF2xF!0acCyH7z`xtyqpXMgBhvs0#;1gG)WR}iLUWkJXzSrgtMKp+
zi#$->({^y~IHYMr=mJ^DP4G0#2(#bfp*tg)xMbsX{yz4i+PL%x`P2Rf<qEPfhtqb^
zZ>q_mz9^p((BCRXwamJVTz}PMq+Ga+v<Y&Izc<3a8IbCNq;}JXq^L)h1`lGQxr`F0
z^r-gLX-k3HA`*}O|6H4;x_m#Cxq2@f7Dvue-W#Z1>an~tXk6Ol931}E?q~~JXPvum
zp!yT3(Bhq?aBaj1YANgMIH-`Vf6|QstiPCoGi0+cq_=t%eXvU;lXo|7_|TiA6Y|i-
z-Y%E$)<UH8#4V%nwb6@`V$bw9u~UQT-fy+*uuA;Ld3iu{OtpTC;MfU~fRG*0{uXNQ
zttrqTpD)yLUhm3@?)~(K+O;iV-=^)_qo((mAo2<(*LwNmZO+Q(;{6wf@7A~10xo8J
zoql&apelbszJMMU&SBPDLe9L)YT;bMb4V98+&w$%)f?w2<oCMrcMp@5K17<N1GOA`
zAPO-Q`}ry1?KCM}+}xL2O;dPW?qaFQ{>gF8;g7$q_(8YHq9=+<EEG}yYY1G*l1Bk|
z6k`BY6FQ{|FWRSdrCJ(C7u=u(Zy?a-s8+j~P1;q_s`V3<H`X70=t+Y$HcCD5U!CUH
z$~i@wn9QJT26=GL8ep$MXv})Ch~_7Ry&zzrY}0C(4$<_r0s}vxrY=E{^cVKHPf>2)
zD4PYt^{4;v&wx)+2-Uf36A&=<X&fEBs|7%{)Kg=(E#ePoILW2NB5RA4LJv!&JJjjH
zC7*0g3UO@QSV5X!xbCN)>p%ej|0Syop6m_>Pud=ba%}7&c~KGbjL;aN3c4GT6<pU^
z^JLiK`WuQHJuDp@-a?z^M{j(t#ryD$nQ?0Ev!<n%@QxeXtU2^nTeb-{Ghi7D;vs=K
z8O6)3PsvBKd|)bg`_`<!;d)xGhMHK~(H>}9nn+kb7-jY?p-2F+deX$sMkESqTU57`
zX8T8#_`hUbOxBE@rqGI2H5ojnpoq)7ZK4m2lD&ZdS^LhkhFND02h_}-@;41!tF?Ag
z*8=(+(wHD&Tz|vtj1XRA3FX^eaB@6~Fu*<^=34eBo-k}7@~98Ey`xRgWZj@m#mG0E
z!W!}nIW?sD1^w(qFOT{9;9z;!ZZ?i}D*&}GsvK`R7(Tf#3Qp~8XRbuR#r?|KX~&%_
zh5-9~2HU>(!@~5Q7i-;JgWH9c>!$-jAWP8WdBO7)9?ENM{@e3Q=nL1r3tWZ*vZx`Y
zSzE3rPcmMPq|!`3rjT*?hdHSS0cU<m;{8F&30;u830<tNhJ>uo`43sezsEn~q+%Az
zkzo-kAExe=iYW9;PVj~$s)n~jIg|Msry3Pj{su2b$;ssX!N0;?nVKTG<2@odQ)UcY
z^0^KbS!lM;cZ%Tp_cf}d%Q-9c>5p^Q&VQW8EhyCX_T%0{0qC4wYF)%s*Tz*lh<}Hr
zN9=r)pA?<kVVg)d8T&Gw7RT7q6upNc%`En}0jRM+A6jT99|Bm#IEk@pl>pX3YuPC&
zWoj^M-)l2-_LD^V3>*Z%LcW?>9^m>M>uCCoU3GRx%|8ic<tpv`z*Lczi&5H{q(}#s
zmuzRa62OJ~r3O^iO(%@nYv}bIP%$(ozTrJT%~oR}TnLM1!N4*c^|7_j%vPOab>3j2
z+aurAcW^-FgJ2}T9V-!HmR71H?o8W|EU?+rc-2Wd-`$t`GxpzBx1&c&RrfGSRkxzP
z{#8gimGpz+Ra77uRsD?guQME!g9y2}gv#JNjNxaETDruaF)h?8T&yZM##w;)&ZjLl
zPYj^#Lm_p>%SBA=135=9`{|p}`*$_g{xmtt{QFkH*PFQqHGROrOU)i?1q8RO^>sz(
zXS9bRn2eYH+c+$W1LYYLa<*)lDY5@vhcnG~ZB?Ob1JY8JSM-67Vy(ovwUS+ph=a3=
zQHee#7roR*NPD?0vt1ZTWA>Npki0gj5(5~K_V#~doG80<08Y>YaDwun)7De%OTs<2
z(zd(1e<;P(;5AUP%_}!~mBT{a<)-(GW+V`3sk}2~+VRwP$qprgwM<X6sSnawc>beq
zLt6;(*8hW$s~*Mr=+9QAJ2v%v+VO2fXZpnLf1P#k1v@Laz6@<z*bGSk*grv|H%R0u
zNqGti4g8vZGWH(nGhr;X6Uy?z(PUyich^}lmGK`Fq9tqgfRnaI)ua$5XdG6W8;&K<
z0-ApnYh04kr!^RbkmgCec^AGxs^&wm-*JFkqDy3u>K3VTw^5;sfwYcGKYQ9~bVY;1
zG|97aKj=m@FZe2wFh~K(d)eVjT3@8@!P;Dn2=7$-IO7Ty!Ym%=IF<NcgbwpZDxB&j
zDaeBR==Bi#4j<vszN@h<K&&)VSyVuiI`aJN-KgAHtGg}3g`H~Hx>E5@I{*8{U9*vx
zdc>(@zK@agP$G#JgBgyR`F6GlZV9+_eZ?5ua@LSrb6vY@Y=btiUmsOu@LhLW{drwV
zAmlm~O;rHvMnc0&jvsX_=6`AaV{{&b3N>U0S*jHmXqJ8E-NRFqrZ`lF`FyDuVFlUM
z$M>~37jECNuAz{@cgxj@@rUtE&V%ub!OR=zF!izbZF$09JMioK_4*TMp4j`F!ZS$r
zA^zIF<o28qlK|4@G5-aGJ)@69RVg3-%!Xiz?Hl2K{%r`WY}r_(8;et#Z@7EVyuwsQ
zXHDp&T1lDf@5S6KB};BkQ%G&Anm~moqDv5RkSvQEMUgq+c{gJ;&&;X7J#H64zoY;@
z5U@|yW{S)`9{gIlxH=n4@?cM2!Cg*`Z*u~O$kW8bm^n-BmC=GZ9-W)w#g_1q9{utC
zo$&GE;N0`}@*6X;u9s_3x;3Ax!3(PUEiv-MG75UBN#B?vbJs4{K(<#t%ECfm6c4=W
zf@3vX0*0BOVMUqz0VJ=mj>d!#?!iC6^C}pp^QM`mtHdgGCbHrl0CWYFa{ZF{BJw*)
zkF3114?b%^JIW*mTofuvfdXwr3tsG{MHZlE%=`=gLoh2Kz=g{lr)l3CZNK|6*;G~f
z7oYF8{IXo`*xz<+vxbZaST`%f%bQIB7qNePR{GT((FZq1sfQ9gd@3K6IeWifM7@QB
zhRj_Cw<UxYMjnb}edZurBX(c4=0BO}?REG|rZv*fuvQv>LU5ht0xs{hmBJO;5~E@R
zK3}O8H(9Wl<gA~2HY=QwU~jTEcasU;*?txDemKheZPIKc@f;WA1@+Jb%#op#NYQFL
zOc<ltwm+inAmVrZEV5UwtgiDtTIh-HH=}Tx<49x%sIsxx`7^^fsl;E%*BGNmuXmG2
zXIt6WK*lBw5kQl0{8B<%8dO;Bzb+g(I@*qvS;b-rQp;}T^~Au%JC&xHRj@X*xr*PB
z;!o%S1xE9Nt|2j>7ET{I3FN+QZx$S<UC}Lk_Wj(c6QxWXk3>BGb87M+tJC@M09@Gb
z33|9Ge5S{CTy*N)q|`p2Z5mR=boN*hpa}K40fP)D1C_tjBy-UttOGK-gABF9gXe1h
z3AY0oqP^hY_Lkt08Dj|JIdiMt8A!%Wd53z1{bpHIE#S^4C6v;~8#=6R0Et{&2t8%=
zO2U`F-rWhz9Ap2SUA3R9f$-3;7@#hIiZ7Dwy*2RyN?5L|DkK0toav%)R*d!YhY!fX
zE3mv2t)!)l56*m;uae8DeqC%<I-$gwO1<zrDhl!}cSyIU!diHB*0OjspEX}t)aD$w
z_(vj3{E@#-^^<<dvWshSlEi9plHAR!6J~9Bb94MW@Kj41QO+45A!M<bkRkHeFdwsL
zwV>P7&yCz;UL}~$;VAS`23WdE;>=aQ3S8{zS12|Mh~V+bN-TJ`&dX+L?@HkQQkAF=
zg>z>h!&5Wc&K-yVlg$3<2f4Nrbb5o{uOCMZ^K#oQ(duSnjj`^=A*?na$FKg?;4?$?
ziREtci8L!47dN5Nw^2GK<7$yFqVW<lKyg*}Zz*+3nXe?iqLAcUPV4GQ%3q5IBohSE
zRHJDd9cD-tmHQ8&emh>j+?GULS?C2x(1i?P%rt85ln^<;lAF~3_Mm5PPxdg!gL&%K
z!ruQ?@ITc=L?vgi(3Nqluow@YT}{|+QkANxoiMWkPa;cIY`FQ)z@)Zq_i<xK8+B|-
z$8|*Dba6enZ(4V@r~+JYvML5uKN*y_mo4ZXPuK~bwzs#x)J{x^b+Z{<aG}@Fd;rB|
z;Clsy28B;vaox|QXE|0F%zvX9{>KFF@&!1ZX+=0Hv9V9`w1gLxt=iy@i176Q*pQGn
zoAqHXV4_yK<@;%rT<%`M*Uy?hL018`E!FyW4qt!c9Pm7Hs1J#~U!Bxeo&Xv2kLPSI
zh437^Rm5pVRa?cguXNE_z#1EWc!(^#zZub`ex_S$lpIRds#j^uRlHu1KT^hkC;3+p
z@?H@FdN}JS!Sol`Hn@TXgq?5JkJRrte>)ECH}bc7Z>cxt#g(#sjE3}m72}ZtV{O>k
zmlZ~ayX#A&U)?LGJjAoBtuHrgF+Lwbjw@ySE$?$48sx;Wn5hyH_9{`LKkua7d6XB4
zt&i*SILdE{sV_6UxK^%?beCBF3-4R7ldOk<2a;|yJT^AK^<5SlG)4a}m^9JGBc}cE
z7*vggvklE-vw8rO=)bI%GeXW&<t@cS5BBW(iz)M=P-NhBLc^cmq$?ckKT;jE`pWxu
zqQ_Ut`vcvaUHORGj%~B}2sDI%5P>wx!<K#u&3ZcP@UG_~U)>ypr%Ga8PCm(-yC;sf
zlovA`LWDYbx#mN4s9<`*2F=-)!-g=_PZtBhP2RfmQ49F~i-B&wb8Vl3S}l2dk|Si9
z=pyz`2ck)_5LwL}Xz@_QN?VHE$*Aoy{syumQL0PsKB-F%tWt8aBsWQo5tb5XB8XKQ
zg%%u3ZPoJtXuVvyL@B-xc9LqiBn-#ixa)Sfe(bI<9F(uXE~}rRaQm<Ih#au>YORG^
zDU(yE=6NKMl+^$stB){a$eQGQDw*B*<Si#Kq?gUZamu`ZNh+}3JGm@plcGEaTqvco
z&__;ll5|{ChR;ZpRDap#+}$h07#nap3S-~8!>c|7*6KAwH^yq3%AF}1ow{GKhEidq
z1yw#tjPaxO7~oA*JJPu|EB?MBxE`;Q0|qCM?LN!-b{Xi9w3kOewIfSuTWR$KlGC%~
zmZR!2v*RXiLrpp#%X|DdQIe;?6h_fT&C>#%D=J`I^KR;<Qdf-k^M+GM!}~AxUz6la
zH^r{k$S7<~qj^@S+3?sIYqJd3$>N$kpnR|2MdVg<)HU!BG6$|Tk`PH_{G$-N@91(1
zo#b)=D;xUZAEruqBCcQL)Od<)l@{l+npTfh*_4Ftj6Qn;j0+z?Svxg60AW@3xlBzF
z;g0@@nUuPh-|0zR*eyq%+akWOck(w-&G+pta;hnz?kIZ6=x-&C;^3829|qghinMSR
zFK#2DjySgEuoez92V$Fp2vDkj^p~Bb2esV4`^I}A&n$75%A^Ftvk#+zPE&Y6swbZu
zmC99zgVR2hj2Ky8sD=S&zVAh)-uG0F6vg~C{N3*HfLLYdcdCg`j!1E9zXiqzymOt+
zC7FSM$LNP7o4XXev+L6%icDy<GIXjh>P)m-al%~JK=0R=0g<t6Rd=OcrnITZiiV46
zBWLA)*4+Se*bdJDue1OsUj889Z*n5kDJHW>;=W%j6K3n~=&4YAC~e;}`WGpcuN3X5
z{<c*v@X2jpw6ufKGWgq9I(xiWbS!ubWr9up&$m3mi>vxpdQYyDUwBXUl?JqJnfS;C
zkX*UU3Ib>Du=xsei@#&>DXf*Bc62f}bvr1*G{hTTBL$zQq-AO>Erx1l>jh;!e_1dH
zPtf-vrDWjB7Rzx&BXs6t;y0)t;D1tE|35)|B3}Xrafxyfr+L`H+)G`$M`os?g&Y-n
z7^Wm|&#WQ*0||?dpzbfC9-ad!YYuk*7cFr(SG|LJ=?0Y2CO6l&SqiO@D>7y6H$i0~
zYOaE~*bNpqpKYj7dA8aBx}cdpGGBFj)eSxEZF9yV4F0O*8xHaC@1r#+#R?7G*-K^4
z7h7HO9RT~RP@I+2KMmtMoX2@eyj;>#7#=eGfuCSG)3%TEku=T;!ssYo2nh(rU2oxP
ztUFt+SXa1>7*2CS>fCq4l+xtYy^j_}+H3x?f1lh=hgaHOhjOe^;$()U3C*KUJvV?c
z<j`>a?bbeAgz|N`7FMmyM4z2CNmC$n#uI^Ri-hdCo^_+8TKjpyn;pO)L&I<U$N6^y
zxPv(-=%5GNukxjJysK>d<VrlyDBmz*W?OHdrt=Q;xU+2aHD}{iX-XRf-U_yShc&Kv
zA<*Hm%}aQ81T|PuyjU}gm)3z-1!ioqWbTVe2AwePSp=iGg3pN>o>!;i9&S1lGg)cB
z8?jlFkYk-p%kSsyM6-}M>e3N)G?{ITD722@W>lXwwDY2!O#hNj{!Gqb;w{5iVlke#
zo@$5tWo8mt&YvdCt|)Dm(Z^m;1*tQs8F;~hWzes$v<c{<Qw!9(_$2{bmH8U()3dc#
zarec6w6o&Ahng|<7`j85E$uUSh5|!-2s}ek2=z*!8TIb03%~1cNCYZ9oP4-Lm^j=*
zV0}xlCo*6Y&>M}=ExJhIx4sf3sQs9>stetiI@MT9yDECi%4Eyvrk7>b6R{V=b**Ki
zg)2kK=s-5X`BiYfgBft~uf}YwkoVWROZ77@;v5gdanHpn4XS_n?OK`w>T4}15a-4v
z;9?l+mb;g7CgdV*6P-fooVl;K{T^-*C&t-XG_>f~N+<pMZNW?d6%NT|)|&^=C*z8F
z>*7q)1)ep|2@n`5UVQmBs-T9o6_!n01z6dB?SER9h^H!TINN*hP?<PK?WyvMn=txR
zn#yX|Jvoo9u>l(?+5a73d5rh9FhKG0gI|}5mh)kc_?#MuV57MyVc<5{4)m?IR=$zI
z{cG9xyR)r>_~tj1Wf0#5;|!{Q^X*$xZl1?^23^qT9XCeg?ij=pc1&mLR2N(Ghl$JG
zg=O`sE5#O$zf^GZlDx9ENwK=7YO+v4O(Ks15%QAN64b!sI`ngFVl44x5az765^H{r
zN=J}kE+2K-+XlcQXUWmP!j#4qOWSxcO(Lh#4>B?f*phf(9uIIcgGk~SCuwBK?S5MR
z&Z_=#3uYk`Vo2Bip+cZBJ3%JRDvN%yDg=JwyyDKH(%pmFnebl;U67h|Jx`i+tzfny
zOhu#8qa_if2eFUBxn*yICa9o(zyBETHp3Gf;cY$vNSCHjA7q&6>y(UP{wO#w2TG}|
z$eg<?-SHH^MSyZ948XIA$Kk~?SW?<@S3-YA`z2doyS>_<=w?p=@7&E~{>k0M+%uIz
zH{6?K`GD$95uNvMQ0lz>(IYo{$s=>DV(Pr5vm3mn^=+9%hD?6M*(Hzoar~ld7ItRr
zE$V#U=oxO6jfH(A4<z*~jS@rRA50<1%r*tTEmmu2tr;~G&#SMdz~PA^1k8^~(2fs5
zHme@MxvM#6D)ZY#8OW321AF;!h&BVBpw5{(;`m*0z!Q{Rq^*R~P6>Skzodm7CH)m&
z{G*%sNSp&dXqzW|yYR;OpWMbo`D^A?W^Sf@IHDb!;thC=U7h!3Fo4&M1&C)eDxG!a
z6ggDvVy-wMSxlobG#|hJgu<}viIH)wzy}KOp1qz7w?anpaWgjbXP74d>j!xQY^5PH
zQkLZ3Ijejnyyhv7_8RB$2uln*ZX4&}m+YBf@j;TallA&HCBiTFR6yum6@rRgJ3JV9
z%r^R%eZG-ql@-PdmIE!0dwxy?R)Z|{DGAS;f3)Z<xAW^cZSNO&JkE_q8{xwyfyuQ#
zYEq4YgKMi0V!O_+<U3lP^8e}GEcmUA^gY^x8gMC3!?BZp;Is+euDx+*yGuW0c~JxI
z&oH{&xdks@*$}moLVtQ6eu_3RVg+GD?!y?FifQvy#b0gyV=8!soo=w%Zk1Rg9X|j8
zw;ahHHm*Jy0pDxOxC;0AtnU2j6rm)N?J!dFfKNl#a!zq@j__+oT|D|0&1-!QpFhJZ
zA$ah~6Y(z%=^ZfrSls&z^~zt@PwtizFjQjC0z@Rk3d^0b`NX|0;{$SRdSvqfyv6-(
zW&il1zk=cPnqy^idW26Qv-W~{<}I;2U1>aTGm45u5O19v>>6F83TZQ|VLY-;-RXlv
z^?AN!sO4U!7fGhkCgVVhl5BZCws<<Niw(=wnM<GI20|NP0jD0@pxm9RYF{)I9HpYB
z*FPoRgHl%7@b&6A(RLeogh^wZj=VBFUa1eHJmWw<oIWA*U%Xw+{U<9t74<t5F6Kn$
z)gnLQnxdH6p~2Ee*=7kPF^zu0idtCoA_AoSI|Kg=xjy*q3Voi%6^~me>C78`%z@68
zgXX5OZIVv&YGFA;0FBJ<=3XzST{%4ej&D!7R?i=(SaBzkT@0@4f>t{~xV%-Q&b=-X
z54d9x3=fxw_lG^XQv}brv-KtwlYU5Xc}&X<CRjW@17F;+i_U`PskBeTacBR5r-O?5
z$Eys>kMd!-6M<w{xv_zypC`M4P17qR+DF7e>_m9qa*V9ep$69T^|m`$L>B?dYu`}v
zo*EOjrTzK069QE2Z>iri=KKba4_SWv7fwhP(ht0v{Fx*xRB!|O*^fq<qLcOfed|mP
zn%SWw6T(0zF>^%5#kpZ008`B0`>gguH(Kc>H%hmP(T3nl=9C>1<YxER{HzF!9dURE
zK<PG9Xk>{Eiu&_xN?7&)^vPiO(~iK??8OYp6S%hZ{dkWzeWWzN`Yk7Nt2bHlM4AK&
zJnsBf)^omgZcwSABkZ!cx4@_&61zW?a}zBf<B@pRYPsde-wuQ)_UNtlr{%5cP!i;`
zfBeZg3(?^0LTmZ5Ex(xHk-vdLDo}am!W_KoFxmVS_hVT8(3fH|Q<so=hqYf26rT$J
zHyaQ9GDMFAA0ZNa1U%$v@=q#POn9oEUk&L#ya8>Hr8F3+JfT(F`MDJerlZPO9i~*{
z@h^zU@q_(BzF7_dYRJe2b+wuQdy(qk;V!N4iynwgiMY>3j)e-NC#_DFoYI*rzEQCV
zKKkWnqa16aXGPvg{-pX}=CU|UPOpBW$f#B|0p#S3*%a?#PerQvah;9>cNUwCi<?J2
zu6=5!kp-{AF5(?bfAG=+f6W05lQEISg;9D>FbYtb@m8L|;{Tg2DIIvk5DXt(V?W8}
zcwR<%JZNqRn{*or5G?h<S|hl4iDy>qtyzkuyOnxD$Ws=KngcBJ=&y)7uhD7+pI>NU
zU;9qB{+<#yZ63EU;d}q#8#KBK=W23WkD3coB3|TQ+z|TyB{wAz@8x!PLw*%h@p?o;
zdFqPXD;?_hsvfT3gI2d){cU9PO0HNE*Ry%Uo`X!IcUHoKymghOn;ahZFo;zHE;>}|
zC$54m?jtmxOxs;RUA$A)UwR5WM5T1h3YKxo0wa4yAyOqbFKIamre^I$u{*TGF0H28
zm<W-~7jTe3^*$GivV%d7I2w>}kD(=0RMzr*EUy|ghXIO=Gyifv8^Y#W-%{a(O@nui
zkb8Hgx8a<U)2ZbU6aD0;=qfwiybwjUcX4u^QiIe}ejZriE36Zg^J{mzwS&58ckx2&
zZiMcb#$;EGDNQ1_q5*DtTM1m-DOmnI-LbI{k}539bkFW2;xh^Ea5x9g8YNmIVijlX
zKG&FZM&3=T1t^#QJyO1Zrf4w=gH&+|Uf~M{iTo3l^jpIAaspX%eW!ob54=v2+GkBd
zr_V<vX|x|~yM>dNvGKU*D<f1peyIMunq(&1)U-UzFZp<qC)bE_Fjoam);?}FYv~7I
zt)3g<JdR+>BJi$%@<td-A_G+{R|N}bG+r>;BrC{@K{byrI4=HA8XFdjj3v-biUmt!
zxPmFUSuAgszq|b>voJTDY|>KSTc`!Em2b~tkB(vZ-!K1UVKYT>9+u59<e4XPYn%01
z6H!-brRXKjH(Y*zg;Cx`zFCS_PA`{_(R|lMV6B)W<qGcyCjjh;MC2r-km+>DRP~B;
zdfpI?GlrmHJ+>2;m*tmI>XPg%i^y0=Y14mhEeS@Bg54SgyQTG>;bSh{V@Ax!53x!|
zfFQ!NcN04EbmB$}bY5#vTNMhl)r6tW%9tZUemrc*P*MZO!p0m-TsZvW<|uF+jpq{e
zww~D({jTXJP+)~ZFj!c?F5%J6)O@Y#6>{ACpHXqa$SJVVDe$ggnx~*hDvN5*z+J?x
zHz~eiaeg)k+7x#}UMjqlLIhZB(JfZUXC&R480f>G0A4M8${xS~tA4?9g?!rqTkyPE
zXpswS8MZw21fyi}Vx%(rfXype#_P5e%WEnqYK4Ca)7lMru7iVAF4H1TqF^98RcvO0
zzY30yC7eP-HUX@S<*ec@VoSz$?>A+S6?-81q8F<;d>?>=%$zR`ErzxcZkhxN48pz`
zC1HneXhHnI#Fi6N`aAyUcJ<7LSy_5Y|CXRHaaE$v)F4=Dl7D71FUf_$W`)6K&4xoB
z7?*3CmSiHDmvkcID!jSuq0GF9cUcq^gim}Biww*<U}m4J`{wB)zu8XKK+SL{v2*1T
zPBYj7hb!@vDO~&oSSt!v^@-X-?DpT=WV{j>lS~cNS;)7J)z5h=6+inJdq5UO`%v$u
zd&z=deCB=SPM6^nXV-!{oQ>@?&pVTZrAFrZV)2ti!G{PwS*!nW5;;e8x?81>fVaM2
z)J<e!d1)R|5s&F_2ikNi#kRGT#AXOy1d4<LPJvy3?Q`?O<~#ToPzjkHo#BD|w>uuq
z70ZoHH!?=h(iN#;m`(K8=ZV_hni~84_^IaZKkX&bQwm)bweJiSPnx!rpoJ;fSI<qG
z_s{!;Ah+=FwdClz1#92bKnMzKl^pTIW9RZA@GH<;1Xj!xFLEcgFp$T@)W#MvZ>EZf
zLTcCM>u!1_S7gFogFly^VF5T%f2-l^0J*V+gOo8fSPAj}Vk+_ak>pw1jFGj?v6W^=
z#48}U)?&h*NKbt6m?jZHp!$s@za`RcX_HrXeezBXS-}ux^x(&3viBHMp*pU#K3=V=
z1!Vn*-dO81G9$j+6(uAv8144Q60!{e(XoqLJMxYM*=Kym<?P_pPtwly3rzSfwYE)C
z@eW6MNKQnVb%j&uiZ)Qz(ia3WVarz<-RHuVwF`*28Pk)+-C%h)$l0P6aM60JPrcz9
zVPVd)9!ug$7JM3;Fq_DlyTYL&1^n_|$I2?Y6N-A{^WVwDt5(Woc`M0911#>Hi<ub_
zUh9XPI(lA?-mP9XY(~ws?Z31f)~pfsk3VED-#fWEI`E!9rh>*!T$#te_t;*Q{?rba
zu2cM+^-5BiH6A#Ng(n!M)IBSCj<1+Wzo=&;&yq$FZ3QM=qcL!Qu*Cc$Lq9yi{J!s+
zPjYVbiws#XUu;aL<*2GWn`ESUX%F}T8_B<=bPK0n%4YN;$wsoGo_XZkSR6NuG*$^e
z?Y>rLk79oVZn_OCjVI4x;&Rc4GSR8qdqr;OqdqyFltSmkVSVzUl1h>{x7UL-4%(ys
z+ynLS;8_WYk8vX&*ArjauJ-FoW7<?KG2}}OqTQa%*kGN1P<ox;@r<zeQ2UMu^E24=
zV@~h0f|bjD=Z6@ua(PRym&fq!^8CXr!`mQ>(B0z!@K}8TZCsrZUwKm6SDcgcYG5_G
zmX<*5cF<{_8bKs^)!_+<EIQh@-!|FmnGmLr-tMLE5pl)vua;0{4|XCkj&&B{;opXY
zoR(2#Ck);VeyR?D>hXt=m@g?mu*__AsS+6kj78>Sis&Ls=N8=v=}qY#lUIzB@`dwA
z!TbBZjd1){@6?!Yhv=?s*Ns}kttqKo$)8?oBA!@QD=EBDpl7|MPpqepBE_}xq=`1M
zWBIKun+V71u<`B0@c$Ffn84!M_J75*LX@xsLRTg*6j0oD%>BB<n<+kz*l;}NRERPl
z3lm~`LQkT8Chz_Pl=y6V>!Zk9+<zA(0_c?b9mSK^J_(i|#XL})8?Ent*T_p=Q1(`T
zFI%Kjv%lf*l5#-1_|QAYi{^`_gl?`+y&H=;Hwz^{+0S-~qmV=$%^k0oFUN;gu&(eI
z1xJKDXQlTnIL@eP<o@7wdk3tr+XDY=l|r|-W|!6m(MulzV}LR@O^PBTQ`$IKLxh{j
zcLIZr1B#?A6SVXzpygS*!ix+2;%Yl`;P-MCfjgI|!45V1JW_>EY5BxDIkFZ`6u>jz
z>@gJ=SYNG&j-s?l^Ovt&xRO0ew<$bJ!5j29a8PbJ0ae<ymhv5kI$|P~nA>I!E~l-j
zMo;$|y}GzvHTezqOcKH)D%|t~1dUh1>h!Jw#g-?7wSgF{YuOUv&t1oJ=O=o&<3`0^
z(H#x#Nb3I$RdBPlI>s#8%ddA845}NvSqdRVn&Kl_gee1JzwZ1bDgrOmysK;d5747=
zu1P}M;~phFV`s^HZ&e<dtpxyspJUB}R|s7;&nMB?64<^om8iYa_t_d(OSH&Br8mjP
zWXE$gK-%*@=425{3ZN{?lLk-uc(GSGYTg=l@By9<yM$<k3FFl<r{xLf2<e|WqLa;t
zYvL!Ewf@wZx82off7bWz@`cTX`$uy2is)zGbs`BRvboEwUw+E3kd;bD71c(MHzLR7
z;(jWb)>+2PuT{pg6p3%zW#DZ@7(Vh^m2q(E(sJW-`#equVz6s(`v7T?v~Rxc5#>z7
z;V}j}YUfkERC`ITh*kH|?fYKC**&(eSciY0;q%z7%lrt|aYq*ZY=czUFFnx9-JXiT
zrY&E?mo9AgpxM~T0I~d!6s{kl9djw@o%lv3gcH;A?{IV?8bE*3%*d2E@|8$G=~bSc
z!>=GTi757KnO%|PJAuq%%?NRY#m~OfN{)9Jn{5{w>lk2M)*Q%0*>PBn^~7^LOiHc$
z`;gtQ5hQA(++*lzCip}218~c>%^l(iZrSYaf9O6YY>mUFriH~Nvv4wr9C)>``6p9N
zMtxnD|1f`RYzzGpZGZglbRtriH<*ITIF?e1M;4QtK*a7vd+Xw-@j*;JN0^^^ZW;ee
zGsT}=##!AVZ0@Koh<Jx}J0$|1?oWj`F4C1lA5SGuB#QF}+R0s2^S~J<m4p7);udqY
zB@zV7ND7)n7c^&xw>>DSpV?#l<ox0P5Os~wb#_a*ZEV}tX>2x)8r!yQH@0otw(Z7F
z8a6f>-_!Pf?a#f=yVmUe%*->`IE!_=7kGv#8<Dd3+<)!4en*u1=S3{HOKHutp%0VG
zMSMB2Kjva1oxWVmp7vaInO%Q+vIE8^^9eM=eEBAkABXl>hrsB0fh)`jJYSH6OPBP+
z&4cQDy6YREYtD3*mE*V4hwez7b5?FipW|6AyX4Xvu+5NDO;3bvv(S~GUBMeQDZvWw
zAx5gB!k1zHFV15)eRo}z`INV#7F@TQG{}HEOUl4<sW)&crV7d(9}EuNY~$E$5ips*
z*LYwu925xKcV*v~GHfpqlJOo1m3YOIZGH~KLp!gRP)k09#k!5MaVn<g9WD!B959+C
zzm=u2hGRJcHS@A?aR@MDpfl_yd$q4Rs>6t$LsaDy3b|9z7B1ws54kI51THO?hs;BY
zYUXU9CMXcR!g-u>*(=y25_v_J7+IY@^8w0!qTfh&(2@h~N<bWP6R9Tiz$f<fuYKjb
zNE5FHC6TTIdp~#H;G3DT0hDGnN5FSdWUivfGtHJ7WN1l|27zbY*hY5AHY|!LqjH*b
z;^C!Dne=+>u`Yj4LD*xl+~^6UpbU5@kBwO#pVQWYfy<tFUzl6JCP@$w&lJ~x%e|Gq
zV!%Npru_H70eB&rWNw*AQhu3y1X7_;NK^_s*{XQyCC6qy6y2;CSv$)Li=e3(y|L@{
zSedqU)I9H7(2DgMZz*b*rttbc<=T#HE!Pm82xx+_bYl+NU{0c^e*Vo+1VgGgF|eT`
z_#=9lYU{y1UEk;2=yAG2L19I<;dn!SmVg-hG5?s{%Lv-&p>jgwOg&tke|&tnk;(K;
zbk_ufoH#z~-zg4BZ)85MR#Lt+vv9^2Cd!rFiZSxVy9#D;eZ}~O^y>BNj+N+u^%gBr
zUPq|%XHgNNz6KfrkL@&1`(Ctc+61j8mg)2fWimI#M(Z8|R-1)<nx9uQD$GM03TdSt
zi0NrmFqvy%`wHje-owW<Bvo%0n*yuQuf-b3xVwrskOeZ*>kuv>(KB4$(Urn?V&_IO
zkL<VQ!fWFiA2@(z4rkCOV8e!u&ClpN9&xHCEJgK9e<D(#vF$$iT8wV{9;0@$5^lj7
z9Jl2Keh$F$Usy6Cuc^-yudN3j2xPMdmraZHltUHv2JDt{p<W%gsSn@P;cV#$Q=+8F
zfvY1%>@(H?%bRHqi4#aeJrPzjWzeo=+m~-FJJG6z=cB{x7>p)S9{YodJE=-KMVXD`
zM*dg->gXIz$x%xj&DafKO|?9a1#2vZPCk$&WI<|o(h=9^z=XC>9S{)SDxb|tFqzia
zLh_a2o9%}qy(Ee+?2&fqR0Yv_+tV7Mz%6UwYPZ)|${6UF!z=`=T{9>{C9F6Awe9{b
zTIdW`Mex@iTyS!HwmYB3_9J9i|D7Xat`fD_IEb~-DrFdLpCr7AeJNHD3lgw|#7vCD
zI;;#|542uYYX}+UqdJpJ@;PcYd^2l0_T8ZnJ*`g+lCz`o6d?v)4%JXd5psa1N&+5*
zhP;hV?~0IgFFIFE>ry7j%uO*Q@m2p327vL;qBosk<aV6-I?y|keBP#{M^O{k`lw1j
zTJi6Sh7)gyI)-MfI`E1{Baie*BsNDvY$FthH1Ujnt^e6^FUqhmB|&8CeQ?j@USG~A
zAlLq<P5cF^Uqak-Z7lehx3Q1uLSYG;c>D`G(n-_s1TK+W4>2u8cqLXKpmwion|(X;
zJVkb}Aw`cQ{w45lK`>#5{PeMv^eMv3BK<{JGzy!1fN6C!Tj_GsVOb(|bA#<z{!}iG
zaaXtTo{NQYEV?PMN`23F^=e}0yu(vJd-CWMyI@$hG*5oK<%As=`5oZ7B9S}u74tNj
zgTMExn(DP?{-{+DRvn+HO}1r29v6T9hBQ;$r@*(AtHJ))@=WIAnr)`ZT5J^b{S~u%
z0`m+oG`DRMgs|@H5FDEQgi7($D}-_Z>_?4D`3|&D@bd;p83Mk*gWn5;A7_Q&kR^Mu
zk;bVv(Pq9$_N4dU{5tJ1F!M>3c!toPhb^S#F51JNvFsoF@=NI{2_+dQ$wov7cf}JA
zK@~0#LtQ#Ou}zfOb(OWP<-(FTZIdc<CY#NkD#mSBpM>JS=5fT84l6&`hl)9_F)Qh_
zv5hAky;V-!eJ{iAjnKC8R%+ZlIqy#+esCFfG-H0Ozcznyi9oI`7Wo>vXn&{zj5i0k
zoakiS2@_uB8{ayK7WTASU$Z7AUm{vHj@e{{7l51Wnn%e>M`6)mjTg!0Fe(&v$cZkx
zYX!o;Zbrle{8bt7+Jmr?gQze%u!h?tG$_#n7>J~T8D<E`jA_5*PDM|+DDP(xremx+
zDDOsZC>UCwFWMf`no2izGJADQ(d_Wg-3NrP@u9hv#-dr3X`FJEJ^Py>xDr?^90u+8
zw{P%dThNu}k<8w-SkV18@6|Bm*E>h8)=1MekREEkwW3UfkeFF|ol2CR>G>t&=x64J
z_VGFk&-AF;(Z3-3xL1#h)-yUT58#3>uOtT%1`q`WOtM7#T8Ez2wWh^pp(~oN3r-;w
z`yXO$TALB-$_MF6oo%og$}w0JEBn?-U@aO=^IwOj#J}SAz2rD+J2MY9KWw7NQ%j7-
z>8>5jVuxoXAL9A@?2z{DD|(^33b}g~K9G8Idc>?SF&8Oo!XY&7D$<D#6n}?7yG$hW
zevXRZe9t6#us=w@6)z$Cd0^{jjkCMfp%eOMOw|;e#3CHY<YyE}PgBfV_Fy?9Fx&6_
zjT1bTl054y<+g3?_5C?$@D&Z;LXI;8kL8mzzujiWxFn$Bs~e;chUYskfSJRQL0pL{
zmm&v#Hx<veo(jJW(}RnJ8=+dYuF78493zo%oq)Rps}*m;A@9C2x2iVNZ*zXQ%gY5J
zlhcyCitkgt?=q{E^q$-rHxSTYvcgvkUPNF25;RJ(10r@sl7)+ZOf{WC0y=tqoZUjw
zk0sGH7J*1PaSl3j@hsRa5Yq~9k|5IWq}P=-5&_hoEID~lAf;HDU3HqP9DB+X62Mp3
zm{bHvwNH^YX0@L9Zu|%@FVClEVI#$nDate#@M2M{h~$Hij^rc2?90o+AH60~>=x)~
zk>Jxv6M~pvF^E5L{`z`sakW-A(uZp}D^2#MEB|&mSnXHEl`PR&J-*Kk2YMo&25;}0
zTKz33!C}lvZm7Z4z;t9nvrnxkXolX_BtXFYqr>(Mxh%uHA%=sS@op+vfOpG_>iIEb
zi&3pQG*$_-NbtOvlX6vc+7c^8QWRCH7f!w>mqe&}C2RToa*zOjmUOLnu(zOVYW_;I
zce?m|e}k&SH;uR8S{8(FV9)wLFju1vr0`e=u3jCLJ!Q^sO#_8pHmgu4&I_~1s_0lQ
ze9TxBMMu80d^IN@Ib8`$*i9?VB%Konzbid=S0rgNWGso<ui;J5P8eYR*qX{1aYS8p
zI9HV5q|D|F7_B;E8}^W)0(&fhwl>%5L{fJ>jo^%pH=c4ozbqViSH4iuHspDI;*IP5
zRfO#)KTp^eT{g}0OaUMFt{g6R07g)i<3%0z6nca)2UaJ7-^|3dKHaO0@|)~Otdl0f
z2-5CnPJNSI@G^{K)%NBV29}*u$w9V+PjlWm1PV|zP2~#xQt`Fl0$bsG;dU>mC5((}
zhV~?Sp<Rm!6lBj>;6MH!Va8%9Vx6)vTK3}17?~7QVF<;~@Z^Ycccu+(RxEiR-<AX8
zl+Bz~Em$wKlN~g?&y+#W=AqXuUEsp)c3dF_uf#F*%q>=a+_rgWC3G@ggsk*kI<fMo
zhfLzy%KAD%OyJp0Wt&KAsC}y<&n`bfIVce$vH<io)*`HqT5Sh}yRR9V8Dp7Qx#c)P
zlmLwnL`IMG|HkLhO={N&G(O(%ux_kW;g9b=pM3{GwXIWDIG3R=#Y#{x)cW~hugS4!
z*f7KN9vSSmqRkZXE^hT}I!*{G%|oI3v<1vA-lV-n=+qK4nAjWn6Wc!0K61CMCpsSU
zB8dhi#gVc*Xgs3V2OdSJQj^a}lHiKWDaWf+VRB>oW=zZXYn0>B>u~YNkpkklYFppb
zU@~0%McZv0m%(^GOs_PH5c<nTeHv~kVwu}mS6?D<QC?#?BSMiu+0x=>Cau?2@ACw6
zIOmj(k80kT!Ps4e&eWLKSd<aYU#Ee7NV<!nGK#A08<7f6dC>@Dubj&D+fRL2rc#iV
z5;cAsVnzvu_%yOZ5gq7|2(=0&*8^A#Nilzb3M*&UNf!Y=PT_UL^G=LlD2MF-XmNLw
z!nXj?!vAV=>KBdD$iA5^^)*@~;~mi=qY}bq%;h@*8{kD1VS`i%Y*WKw4ytEI!+iH?
zv?fdRh0yV83D=LAxF>>PIX)=Rkyt-9204Du2>T~izWo4n8}A6XohN4{6Ix--(>BwX
zd7%>8jT0{o9F1Hjh-TM;wL0_W$VC4<Z21++2?6uRp2YVa{=>xJ(|ofb5{uAs`y3_d
z-OZ-`dKC7m$bpd=99pPtYJnDu)eEXQYi|Dsm%U8%*$oJ82HNz>&ln6jT;SVm8E8b1
z_Q_fk6eQLNamseRJ!9=(OQp79BrLDoK$x4UsjgLQ57oUDshsDnK@O5GBvRj_U29X~
zWzM;ddruVf?>quHO)B3w)6n>0SzGNbvmVexBxQJ?q4Kx1R2v~{DGj9d`&<>-baFBZ
z$D@$x?vPiTEG<K~D|IVc^5R|oKeOZ~Qnhv<w)<XMrE+rkP4`eCVh`PF=l3<Cf~oL{
z+foTSRIL*{JGxyZ_E@8^iv)XU&L4(l)>jO*+ll6YXBb6TotmihHs);)*RgG3DUmWy
z){^y;#RG<Je-YA<4LFXMn3(GdTeiVZpodsx;ylTY%kQ(}QeI~2a9;|L@9qxVzjW8&
zT0Rs4XJ-BB;ex%sH>Uv|`w`q6n{1<%k}T8A(qYdRSr`w5404YMVI(<o&WSrQ-BO8Z
z?kex(L{UBRFy1SrDJ+{&Ci)c&>U|(J93W%Hseh(oS;7@qO+!r7JBU4|CAxAr9NWQu
zbSZ$8Jye0Mk;Xqz*8XbdsV$$EILG&;V-C4er*rRd{I)k<C=;U=0QX@vV*A?y!P+tQ
z!UHj?+V(f-par#qehkT-V0DbWVEGDJbIN$`vq;FEEJ7x8_c<lWFTA&(6VLMDfzO5D
zJ|k<4ve7TgVC^?vl_7UWMkn&N7pE-{!b4FQ$v;MN<S+MI{GOcSmrVfJasRix;}r56
z%+Jz}$GtH7M)($~%?x4w=>^T)H@T#cxJV|m2M%!N6L=JcdH<itT2V}GMObWY$wIIq
zq!@0~9hAd~?r6GD6Wj-nlUE0@JGoVJofrN{zUVuQz?{}4w6tw0MWI6m%rv<L#ff9j
zwA+U~7k_~^vP6w5!Sx&hLN~^J2&3y(+216BfH<?cfsoyzC!Jl?y4<<93XhO{ei_`N
zM5vO?K?@^f<Zh)0QBo#}zRFU53&Jjq6`;gkzwnvDO9xwexs_5n#Vi8%4$5^6DOzKX
zb~R|_ON4l*<XKO5nm3;Lgmut<$7bot>C8z1h3sms=17pr%_7~r4{Z#wQB+(4Rmae{
z7po@Lyzw-@{X}N;>zz^5el?E|^K>WPFu#@xAW~<~hwJ@L;VI)-q}*(S=BiY*34yU(
z?l<J1KeI66ix4%{j29Jc5KiSGib{I{W!)=NZ`^JW>jM#wT_^v5I~Hp{WBEbE(e8nO
zq)J!*vt_9f&LvqC+v(X6p)!O&9F0N9bgyb`e4&0IZyH(1QQbjyOQ6??U}GIDUXi#O
zs3xN$NoI24ltH^SBbyX4x{%edoJjK8R!myUm-MJvGFg)l0UBI2^Bfd`Ea9YjTCt>j
zH4?at=pncaM2~ec0ajLSbeshRR{sKGuSFXQX_32~kmFa=JP@i@b@Z=fRK*AlreftM
z?6`x%<pjopaz|0BZx+I&rN78j?TxH<JJaxmon?l&IHnQf(e|Ka+{r-a96V*<bCNp1
zv13kBZnZ|D|IyZr6#Bn#sP{5k9J3%)5~E<Ae~WU}d@H|Rtl*j7(_>!5<?@l@4n#lE
zJIn}4#v<%xoyWkV*a`Q;*U|4;E}cG9AN01_pJHZ^c$`co_IYzxeld@aHZlL1DtIIl
z!AIW*OfsJ&BVv86@1*0m75=t-&?y9NG0)ypFdtt`Az_Sp|7ixCH{!uWGydUA18b+>
z7sx7w9K8-tc~gskdJwP0ianN(SZJi`NY1XkY-u7(^y793t@31(CuB=#>JJ@g>e&)n
zj-slm=;*8MlZGxAB_)J;&2~1~DFSlRiYgpKCb8&Jarth3?!L>Uq6)wAwOdfjzEqH5
zrLU`${6DW_DR1JIjAHgw#&10)Kd-_i)2&fnYlKmhH0nqI8C%%4mjL=tdT8N*y*1TJ
zxfNw*xh4#?#eh>VY>zAP!-_7Vh>~F5&86uj6?X>H2TrNOUm^mFdTb)fa72Ann&`)-
zM#PC2Y>hzrnTQ!Tvcpv2Q_gRqCJSsP+tz3&%1?m}TH80ZV4(TpxzE{%5YT72PqyY5
z@Iyo^5a6_<!TpbEkc(_D%fsw0ix&nz#t>gcs1PT7Z}f%!?&`>=XV|bZB3JYkKOgIp
zZ*6V#rjvZURtBw!a9^p(-RRz4l;lzEB&9A)d!pp9sRR6uVFD_bLw$dXvx4<txdZDx
z{BPH)K&{~N`s$!0R=sVp8gm^-uUlhS22ICUcq<V$vRw89I%p`eif=-HtDOD6S(%s=
z+%YSqd&(-|&aV_F$n}yaiG_43CoTx4M7`KnGEKTa=zIrsmBP2vBt%#l5UwftB5B7)
zz#6HWM~12Kj)PZKezn{rgP+6Mm1*<gmkZ6?D&t8b3^D`ySIYhpOF6?3{7mu=qMMsE
zMLo&;lybl(^j`L15MaA-%=hc65o(K8Io-qzOF5Ise^WZ>$1OtYI|)PX0|GS>Q+mv!
z7wLZxLp1}R1ShXKuk+I*i{k#JKPR_*PK6TgT3(Cl%1pm*o;T1Qz=dg8l@(qv%8BIO
zkEIvC|0M#0jBOUz)-Bl+ou}Mf#W<4P)*RAwGLAiR$EXp;5REX<@#ElWGSd`1_iB{J
zBJ(YWjYWEMz~}$6sN@~y?L<%6ZS?t-W)8W6CXsR554JQLKhje7R{O*x#)vo2?5Y*g
z>Y`uu()d1sm*wgwUq+Nh+0e1G-fWQq#ArMY(j<F6|4!!B`{d16*f~bYhh=LZXFfI4
zA1%MPe_=M@mXz3cwT*pHBK=%xEV{(b0UeO|CuVZiG??yEKIQIGmNwX`=Z)G%En&}x
z8Qp^pR{4#1nzTHvoBYHM?B(77;i*+k_R&PAL`kOrZds-+Yu7d9Vk*6u)l1H~K^V0J
z%oFz0Qj{zg#E_z$U_4tD7D}3(iji$4nozR>gNUZ7+5y}m@<*~qs7U-dUp@u8h$cy}
zom86MVFv5TZDq%RcrOL7BINB6(pJxR88~geU-f<lr?z3<Ux}{-=XH%?Gn#3^e}Gy3
z>Nb2tX`#iko``a>17dY7S#S^61NJB%@9dHGw$bwC;LGTk0++V8cxPCQXbVqTqR~!0
z^AkW#ZLxY1ZQGwAjWC=;6*Z85mtobffJuGwLvt4Rcz8>eAU_~?c((0xI(^_@)in2-
z`ZGM``ZEBrQT~!3MPM7?f54SM2J$=x?B9kVQ*QdH@_T2#cFRwLy$)}y{y<GjSBJL7
zRVi`G46^@eDsIX;$&ly9X4Fu}VN}c;2A^u)Kx@^&{xn9uq^)GonuF2`dzWqSF0LOC
z4&X?*_n-{`S@NAx|2X;j`EM#)?u7j`)=Bvk2BZ};Agz><31X!5G(}0GMM8t~KM*$F
z?%2$Vdc+9qDQ>3f`t!uLq+J(AOTg%1a$NN`yVBt!()71z#W(6Jv8Npe{0>S=E;%R8
zr%3Wk(Z(Z%OGU6+NtrLYJ2$jx+0L%fLRu<V_G^fx<g55$$Q<&bn(F?x<8j@y6e&%%
zZW#YU!^Z4^=AF=?rh@s-z9eK+3Y(&&rf^SFhAM)aJv-S((<5s-1UO~=+-^HJVt;Hd
zK=Cf5N;SPtRXhGne~>rr{?Akf&vpc8Cx>gHgq08n8!b6l!!(DbkJDsExE)ne1604;
z@O?pf!LN&8s+IX09n;bWhimCZhjZ0%nnoVN0b&kw<Y5L?u*WVv$4+D&!EZUq3vio9
z^p_i_*+(TCcQ%=51v|;76Gm!(c=dEkf(FM}Z5ecydh4@|yx=&nWm1`76z<-rV~R>9
zWwg3BrP1;0qknX9SIAIt62@2oqzg-H-q}!Oyt<CW<#rkv#e8;UvJ)p99kxC_IqSJN
zrd4BY<LoI!m;o#m1?fS611kv3Z{qxjYOLcJJ^2|5TnV+Ub5EU7Fv1V>=uH@~8$w5-
zgancJ!#~E)f_w)S@K5UJB8F<9)av4e;ChgFmo%nN*7<Q)Iq#QUNZ>=jSfd+M4Sy*7
zfYW&^HT0<;z$&%UbiIZQ6VOv`a@P_OGjOjjDM_<m%JtgNxY!y}uF}?snDVds4w=`Q
zi^^iaMCHb1flv+5fXPGVf<HORYh1EJojf5XI1j#^GIII@)ooUcVudKiYPzRMSAh9X
z^wzm=7uE|BhTqW+DF)a*Eg*RmC#;Vp8QGj9_Ms^ZG~izWNAqcOZJ6o2f87X9Gn^@c
zcV8o(SGYmA8B@$-d_bm_&vO~gaGgB?q~KAh5gfl@tciL$Gb5`!n2g%>*|_F`G+g9i
zU5O6vLj9qyuT!bbMR8TFF3Z3paL-h!_+z!)MLbV;>+0F3WY_NmLOW`W1BoLLvj*y4
zvDlw4Wb$Wh=A{wCZ3gmnPiZs6Uev;_P(+Nj`i2-TnCId?-=AhI$Fuy7^*2oMH*;W3
z0&b;o8dfLW@x?b~)|ykykw%cFN}IoKdM7f9xXes9XTp?O+if5P_uqe{0KQ6Gc>cZr
zZ+tuGpOzpQ<iH>sl&z4B3=~Vg(>m8LzR|bbt!=k#DO#5ug`nl5Th9B@)#3eKHki|M
z{lu_n#^UHMThaUaq~KD%$#VVq*^G|B0_9zYb(%YmNyxc;G5Cn{M2Q@vOlw8m!r`Zo
z@}m){)=)K8FzE#S__OkyX6tOb_H;s?FK;BxqpPeY>aH9Q=W3jkF`^iXB$<#D$1zhV
zQLZv!MV?5Li}sV-$Feip+K+`}P$R(i=ge~7Mf%Bq!1G03s*Ts!U-Fq+V-8nMPsTs4
ziO20A>80|a{M)l5Nfm~2pcRA4SIfgiN*IH)6^vtQd9f@qqJ;DA^slG=Bv{(xy@rKA
z-11|!-Ax8*aP!&{I-CIV)5hNF3&u{<y_t|;gFhyl6hgiOF4NgEDF5#ghUJXOuAT)Y
zwZjdi+;(e^Wt?rR>@kbcsoZKMZUf;l76V?2-vJU@PrR)rCFzmX{)OH^7CX6Iq-|Or
z5ii|0_%BB<-7!Pw+RH){&tn^|D!8%sH$v6GtT@$Fm2snqY)J9Jx+;<fPwYUgP_7SI
zc(J1VNn<Qu!$B>7ta48_*h5xoBBy%kwG!36ut)E>rq(P;>WDBfp|D+$tj-!++S*j&
z{Ug2W*=DCnp%y0v^Y{t*0ISvX5pM`4v|+Kq_}r#Gr@1=;RhtGZB9MClE2UP!3_qq_
zN}<7WS5|@lCr=M2Y7Lr^iB=z+hu=@}vQ@ng8Ml4S5V$y3d(0Rj1Ov4vf&vX9MdW$R
z@cKB@^WgkX4P??gn;aN>n?Mswlt7vtTp*^1FUKQSQ$nMz3uM_e&`>J)4py$3+x7x4
zRYuZ4z_7kt&-n-Gb@4(OF12%;Fn;Sc_LfPaVaHR|*5sZW?9hp^VVubK4|ZM|qlYZx
zmA8#yamW8?b~Qt|(w<hVGEXhfB56A%VwslcY0l|EIR19)XNWCDV}%`}^1bv53kGpx
zc-{W+M)=Z|#RBf{YGdWfu&#itbP%*W{&aVd5VKs2@ise$UOY(vj=?Iu;0Ge0!|G^U
z$KQxnW|t&;SRj-9%Pc5J{YJBGBK|+H*Jf4RCWTbpfMDCo3pO(BkQ=;t(KViu{%lC+
z*<@+64LhZHh~UpG)E3YDG(e!JTG0il8h=rYMRgy*LhNg$8svEc1^7gKne$0_fgf~?
z!G~_}Igf5FE}R$64~KA5EQun86q@4Mh-q@>p7Rk%hmnFI&DsyPPmzQX{N0QAVJDoh
zLNN)3ynqozzx8uYm6{ig%YqNln1B=Xi5{gS&P8jm8DT`JuUkL8h|1n&JOeN)w?)Vc
zW=!y}eBm|3e)`rz`4nvyA=W51@<w^;)iwKs`nmpxd@3)CCBL1JqtX7S+Nk;S(i3Gv
z?ze}&(}c?^0;>qVi=cIa2xkH-ZQMBKK}!@3H1)3riXL4h1wkc>jd$&g`Rv;;HXn%R
zQ2@??Olh9M)W0gu$gk0_)FR)mB1`q^l<(-YLCiPa`5|K|eiXy{N?P3-WI4GNK17ti
zoF3+yY|uENLFY5kA~=X!gF(+FDtOW_8x8r=qY7cn{cizUy4X9@EtESkW|r}B5>WbM
z_bA1Yl5}Tx(bY$v$o>7QPBHWB>hYzI4Q`FKLW!)uH#fblJ{5k@aU6zR#v9)0Nc|cF
z!h3baFA$v69TKVlF+?1=EGYD+m4WI4-3mX0^|6QOWTuu82`nZZAM|~k_ux1bci0eX
z)JOlqlkd2n|BHzxCiQ2`@Hy_X@I=5`Vp^^@cv?<xT|paLdZ_o?j7#LKZ(@HQ3+<6r
z(Q-qkVnr3^My=tVg76OK*XLOPwi5?6*Mck#`f&E=_I7tyLx7>dG|79-TYKKF149qK
zL{ddXyfz89HY0Q<2N6lhrk==rPWJa9U7X(ecjQk+)C!6%_g|FYt}?!R4Q5Cx;BGj4
zH(sj?4voLb|GJCoC9}vB!G;5D$B4Jkanr$J?sgf{CPf13ed8Y@PX%7pzj&A38qrEA
z2>#9O+LxJgbKPZgf#g-Q#2=#nYGL=<x!Ml?lJ;E@EB_HMv;&T2peem?^x(5r9*ir(
zo<>>HVAZ|d*)%B&XFfc&(2kj4l*v+Jne`$cB3lRwM9FK!L*R1%ACA3+ODYFhU4Z1<
zV<>Z+hK4-cVM?fs<7DIi2H6HD3f_ZYPxKr@^c*uS4e%pCdpcMLl_L2!x3zv|Y#`9s
zMDy5t<dBy!doW@*->H|B=DiLQsU9_S9KVD%3G#!-!Mm0?yjKpCFND3y<Z;qlC&gxP
zO_%y|$YFF<cj*5o>%B?>Jh;6+`iG&wYKH18g}>4IJ>QStGNuJI_F)-(4+LE^N+wi_
zLV^9)0x8Q9rgxwdqX)*F@=V0Hr?MuuxFXJ&Lc91M&cF-IL<Bl)o?l6Qs$+;&Ehl9S
z4KL~0rJ_S6H~c|0A2%gmYhYM5MyZ4?+o|HK4vv)Ck3`=9`u<bTmjxaMGFW+Q-Leuc
zE@m-xTrCM}VY~YFq@|U6${Xdb-J4jO3e;PsmAH!3I)u0(bT;@TxBlNq<jyS6NlGVx
zos`y8@x+t_E$sjlKmP<9eEHYzm88gK%=D=PWRF35F=S~K^qn<HL!GTp=!_JGDZzQe
zjohpENEm+CSpQas!4xrdpcOy$r9rp_^E0j^gTd%$(>ejZTvk@vGl_2f_VZ5D9ds!t
ztAYK3OJR;69~d8y1m`16HcBO!WP`=4yQ}-$X?S6o&gFXN<BC*5c<>@6xhZ2nYKmmV
zAL_!e5Bbn!xnJkMTsX2qoflypV?S+#&}gPju&ry8Ss;D^@Ed388&0~vwajX<LT0j3
zBeGv3gqkH}j8mAJw*#J_`b)&yx`mg3^{^{I$->~GIn-8HsK^f6((0Uh$_V$E02g&|
z$(Feix@Jf|>c>^NSD0qOmT+Q3_rZt6cygC+`ZUXsUzK{xg2%LPL(stJpg&)z$Q_gx
zs9qoY<_y`-#7xr?Xg*l6=T8|i!9qEB48=Sj3Pf=E<|vpPY&-wWLa%T3XX2UALn5%?
zV3mMGVdeI*PT5Z><<-tov+qmi?CrS7(U)NZEfY}EeekiOsVoE&PPm9jSN?>)b9Pip
zYYz#N>cQ}x1{=bM9W=dO)Y07HYnJ57AGDHeL}!emzII5i*2$uDfb@)>%&ZA`(Ynf0
za$irek|9=`Spi=~Q{=L+(nP2o;CrIjJq)VHH?7;ewFuVcW3qDhrrUT%f#3LqUCqDn
zAmql<e1`E#7>=V)^L8!0Lm<@2!n?nEV?<Khy40ulcrA5bT2*6fuYco^7**uTdE}i?
zdD>y`%4hO?Bp8MP?(xGf>+zm#QYrh_JN?LJp|}LET58)7ImsbY+L)I+s2QjML@c}x
zGc);FKjxjfmbnR-pSMTps{-%cY+Yc(1^W5kA$%k#L1e3~ny`EYKB4wAsO>Q-@b>d{
zM+XV;>QZZID4HLm(s+dYB=L|fVO%B5o+Iw!%;Jo#Ejs;Qy)*7g=)Z5nFnljx5rM$r
zPtUL`lfsJ-P%7movWKK_NS!SCSu(tJYxnGKPqPYDs1BsCR=<o9`(;;m;x&AwJE%sy
zA*Qhew8j?v$GMy*7LKvewe#;zv2%J0srS9PfOLAxG4i-3*M6x7x*roCtkerVt#5ou
zId-%H37mchL3c{qzYK^Vd2r2<Zgj0c4d))jpMDDh@~|nOR+Cml6kei(@h#rEAJ2d?
z-UtRHEfg;&$wPY+!%&?;IAaj4Alzbis3_QDRC@Tls`co@Xdqo&H%EemWu$TtHn#^!
z&}_ZuYsWxY7U5z}jY}Rfj$Y;m<9oRdyld1tsLtO6c1%Spdhwzr?NjF(6dfowi~p=2
ztsK-s)T9zGL?q9_NhlOVK#T-3xi9pW+PMdqS*zS-S?PdnogzYiC~1Dje4?{PkJmie
z`w^=NP<tBQ>j|Qr>QD-&CzU`rkeY>zxsP-ztppG1(0fm>eES;>BbNH&i_bLS$p?+N
zIq^1K4&F;SAD26(8zsKkt@7A!dwh8Zg*F7JO*I%<c)g9Iv86&B#R!u^Gu}_fvntyd
z-ThF3;p%SpvE!3ww-en?dwmyIBMygt8-1o;w8rTh+Jn%%7I$W*qiQJsmiUOBXtSs!
z7=RxGS}6WU&9EIE^8Ny!=3^C&JA5~!U$2aseo6n#Ahl*E!uIi}t)Hs=x|K}>_wN^7
z9z44nyr`+^?m_0Of^K^5m@gN-i}vN;@l<DFjC(%hVC?U2tI|84jF0xZg!0=lvn@Wp
z6|5I-JpdXz;{l6)Pc+@W$?UC9Sz*+LVr`D{vkC7$Z<jYlGBCgtuq28BEX!xc7Z#D~
zF6)r%G_1!Ojj)*-jnups6^|{NM6d^(2fGA9r+CrEZB#nsp7yt@3ufMn)Y%bw^SzYQ
z5I&l+$6zDJ@ttzTNmM~z(|q^*`k->gpSS@r=>Z5Y!X#b1@3FtC;Q`z;@14Kx1fR8K
z;j=o=y?5czk-C$6WL)zJKyyI)BIrd)g_DKszl5Somp1A(#Wt7@h+j~luBopPt4r#0
zOt*M0PX{cnUXA&fj<@4hzB3$Y5ODm!fZFjwJR5au^yU&I()PONp!Dq&)nOI9Y-l!G
z$D?g=%=gg>P$xbjJP7fQ4pw5(4x#C$*QU^1mwSM)rIS80t}@|<;5cg(dQRH_k+B-u
zMO~+p)##@hpXE3Y4u5t<uo+f}#z4sM4lAUu46?DgH}H3KF>^qI%8E+C^6EBcC##oI
zXX3HtgJlo1(FVH2v9kcrX;ELm<j4=ptQ9{gv_QO}8egcF8(SwH8#O=q)b#b$+2yqk
zoT&E7=1UxX>_qp(f+RmC1ehHv@R8fSi*oK0K*~~cKBgRq9D45iZ18h%*ug<qOs<Pt
z-z5yB2Cwo>IOYt<IPP)Z^lunXZSVbR{<EBk4Y)<0n#(%h8lV=>!3!C#t(u8@ik`17
zF8MXDYHof&`I)`0UD9@MVT$Y#tJyU(MMD3QI=?mLlgF6}*N^!*0t?cS5F8YbB9!ur
zehitbbEe8I$K$EhAR_gD+F)YShR7M5g3ht)_}KPPMyOEfsA~pO@tSR`5;Zq(D{<xc
zQ-6~HI`eSlgvV2)tfNt~fSjZEv8=X!Q)lo_7>_DQrHj+EfjY1&d*zwyHiS12o{Z0l
zE@U=m>~rIK6bgs{C3DaV+m8e-p@TD}dh$Xkgec?F_eVFU>sz0!bAp0)_@_RP@8`QV
zl;iK-Elmh?wnK8yINgLesM$*EL~9`&B7n6Z>W$CYX`jr9kEE0aT%!8zKFYPq!q0ZK
zmV~@tO@40?bS=ssgic&)Kx~ky)JyvLgb8hRQyQ~6U<O;9ERj{o^v<glzB(cct$NQ*
z-HXo?O=qk@i#qzz<o!Wgm*vC}0l|hhoCJZsQ(~CQ$j`}>-<Gbt^Y-SK5rJai0d5~|
zkf9)|cI+51HyhJ9AyinaprA!Pt5%>m|8*8Noa3`;L;<omP8l=Pt7EeMb9pk!;%e<>
z%3vU5ZCa+Os5mT+Dl;i=Rss?itZKx3d%Rhb@p6NJ)X)tv#(wN<#-R|VG{culDQ_t^
z+a-mQPPI``PV%2fp;yznr=Z~sgRp~`(`a6;-O^8?#HEVl273^_Ck!`><|n*Em?VD{
znWY`XFgO*;0952ty6Ll2Ln!%?QyEjllfYO`)corDR*fp$W%+2|$lRT~cS>SdA`S)y
z!Ph1R>)`>gs{Vn=dZO?`Oj2cIJ_<|r(cHtgwBXd&H13C|oG0rKu#ty-;)i4OJgr5a
znox=D#ffrD2V2fz>Q282j63=1KO+9;MJYX1c?dhk1qdx0iExw5TCD7|&1}u->d#HQ
zs|%$bt#&eJ2F~Z-{W!gHpJW|oYzpQX)Q5$FE6ya)drg3J*YKzu9iXl967y>Rtwd^8
zdd4`C0690LNS&zr29u#Zz7v*R!T@`i62)?rnx|AGb9j~#EwfyYE~J;e@?@DwFC6nf
zWjL5V?sE3iyDIfZA6rh}XzU2h+DDw`an?Q`Qq^s`@SIh-yfLQ2oZI_+KBt)c{(JQz
z=k^tEU6;T={zE_47Sje#FO)@WT6rq1G?`1vj22t?99S#WS6yiy%|X$FOZ*r5bL}A_
z@~KfGAoT8=AFU}C%bj1GK}6VVT3)q@_JVYEAb1Cd3Gb(uh9<iSf1^yW`3@7e_Bi9w
zw3TDAs7h_sReZ<~WDROzudi=KW1M`!;wm4SC+4SE)OXor$iu}36W|p%RmCAwgH3O7
zdV0veOh2&r-fyJtgCCG1Xr0O?Cs=S~K8=p>p+e3^**$u2mOT|gcV5SDV>Em)jq=2O
zHnm|xdH3CI{G}#m8?L!O<;m}tI~_g!*nK_9BL=uQ|D@dQHV=(iL^VM}Sc`h!?GN&9
z2LPKO7GM#pCMb#`7yG`$B<fgUAt96)3i$gc%8D8VJyZPzqq8pfcM_Rs?{?kPo%n(}
zKB8jptaP4Ur9~vT2U?J7qdu@B&Mf-$?<-v>(lfZg>GVc<&IK%fW!i%HO_eMc>HeGc
z-@BlMpOL{Y<!!~G4%Cpog{a4qrwscQqt|5Rn`%&q?caTD110hLOOb2dc-u+bG}}YB
zjVE4(47~0;YP5LG&LIM=07V43x4PH0g5eWu*a!+o<Ciqba|2&~KH5gIJT5=4-$6ZM
z!`XsrBTfgNPM4jVZ~oeXPfRGS->r4srKPx(6VWnW&=RrqlMh@SsJ+WynE+?JAfU`3
zpiB#n!b{)1<V0na$|qmch?3iLAo+IfvrE+2=6vLsOws#;ZZjqqe4HVaKq89|-8G?!
zpvGAIurgKcCvxKO)q3dXg(|ftyd=;#!@nYMo$*u?xoK1ffy-jAtjSy)jv77VD75TS
zHgpnyM5>s-JBndw9b{Fg0?X|Eig`cnQZ<T&;5YqCmBl~$`&#MTo4Z#$Cvx9Xd*)E}
zb)ozM6t#*|DTi-T<E^q>LbP%V-C|P*WMdUwHJfsHOznJY=>ICRvI8DQJQEFO2dK!8
zi!LJ#0J(*TKmqWHFbQXYkf#)%He%_(_lsroM0xA-800OFE&79~cU*)0&Dk}Z8AJ@2
zl0Yu=lD>otov!fbZ+d1=s$CfC2SBMKO~**1&sAKsa}KMe6wTDVc)IX8Slki|H)a1Z
zA+2`!b+Jse^=&tOF;bg}q(h5J7N1n<liN=!QHSB@yERC+J={M+%(_!YDQ=R^my&|{
zcov)$DBM06RB6GA(wqh5T18Qu&O*3yzSy#}7Fla+85JJS%oA?vfrh)YpQsyy!V1g7
z#+F%keRvOoRrI<&U%NGJQ3V11eAQ7N(!q@}bB}{0Bnv1dFY~_w!7Ag9e16xCPyZ9_
zKX*I1wZZ$DpaJI9K@~=I(|qHr^SGmhsKIXdeljLGP@1i)c=+hD*wU?N)0N8&i`zlD
zZ*LiPiNHBXY}K=fw<Ke|AM<QGS4FLxb4T;H1zLt5^B}}dXv6By=ezE*#h{ud9Bi>o
z-h4`bjDcJ!pD>d~n2dNaQ}D&2`A<Q#F9}*hDh0|6N{dfn$5EFUIPg~(ix+K`u(c&W
z<<X0ZZYEbfJKQZGTk>JI9m1bh@{yD?@J@Gj_lh)C!eI=0^h%h7z<xR1w4T5adKg^n
zfL>B;fM#X;ig=t#y=C&<9#4BIQckIFwNi<;>)q-!m2gUS{h(Y(L4;ze>Ir8&RR^@;
zBMkaeD`UR}`!_vhRN}L`WRI$(_#4c)<x^Rn;>?KbN2t6v?D?Y<1?|1OHhj;jB1v@~
zT<oHim!M?|+EKDMj#=s70KELrf76AeG9)C$T9nmr1tm}j3HDVA8I`7vX>imeW1O&`
z$}C|XKt%pawr`pcL<P$HU%Y#~wUsxM;2<8OOqVDqqDA7GETqR!YBxKy7_$z~I$IXS
z6WusI4m?O!A<#&~m43%rA9GbdZ?()7O9?+zFfCH*j>Z(<?$u(<XG#S9ojFCnXC>YD
zl?#L^?Hivmzz-9Q3U-rB5+)u?RVyAJE2A_u09o2VwdeoqsIabh81Y&IU@u?-UYduR
zthgp$3b(p%qxPJo%Mjuo+m57bS5#o`eZgzfU<LRzC~cg{9fiGgn1Si48lWG&??Q64
zn~l-39dMOjT*rwVGy0hbM{$<HFx{v$w4Jg^9k!3{uPlHQo=2P(*yb}>n5X8UDo_?f
z;u-^b8hY5rJBmlnR&&Pt8@38r;}#Y&k3i09CwJYsKp1^fSbJehonQGeHf$a%u)`w<
z-Y^ooW^I@pLa7vysW1a?_-QwyG>zN5w^`Pyk!7G5?l01Qnn5f1$~mmwJvtKJ={?Oh
z**(dD)<L9XG%fN&*N|1~$L}o_<yFH{C-G6|)j;J1#%FB^B1JwLr-J`>vl4pAIK5PI
zLz7f?t2Dw2>KO7`^q6r^*?C>+8=Zn$K&67*GE7cka-q+Ed74q_u}SI;b?QD{@{zd<
zHY=tH6?!3qdJK7unl|Q9Ul0ME^q~ooaV-N&<4FuTQu?cWMT1$lom1A62W_EbotuYA
zu}r{vT=LLX?og(~zU^<M-57f^`^zOps~L6i$+YGbdZP}%W|x2v)zzbQj+$*IB_#dO
zxks*J{EIZVD;`ap*1+g9n6ww%$3Acno{^*w?zEM%r$-xU914+JzNn))OPy2@Ka3U0
z8H@5_>ozs%m$<GvE?5+L4ZxD_Bq;3fC?BNzfqVc|Vib{{8sV9FN*<}nL6Uj`CuYEu
zxRy0qGR-Zd)TfXBJ;;CbGOoLbM1QCVI<9SlIlEcg*Q}G>SNT;NpgJm10?LzoI;FWx
z>Z^PpGbzEiIgQ1pS*no`w4=Hb)keqnbH-FcLVS$X*bHp&7sV|yp0I?+X^16a70!@{
zQBxhQ<xvMd5~RF(6VI79a+j!Anf27d?U4Rmbh{ItR4gx(RPSxm35#;FzxmGv4d;&G
zpHG)AE*|WX$0#YeLaVb22H?*UWFis+aXUG#<x@ITK_ket`DA4rab&;Uxgu~RmcLdt
zf=GNtV!%{^2FV~ZlYQTjy!2B8@rW;TRr`3Ax_jswY8=^rf;H7XwnYL)GE)FskNQqu
zmTaPzn**7vUo;oG$~^7W8dhA4Y@Jo8s43geYc1KLo&sZCXJ?hx&nK-Q)L)z)rZK#B
za@8)>_rp`Vf0fHOtKVt{to;lwR|^b!Bw_(jdUWXgapFAn1u?^UYm0X<v!mArm_Dek
zSc4LON$ug3bDY%OXx#re>N<_asF#Jb>xJ}OvF=gv4F5@OmE5*Lt96~=u1xwRYT{L_
zN#N>B8nK%khYW>NlWwtpnCXb+qzu%r>R1^#Che0E9sES5rSibP)}JeOB}TW>tD#_8
zrfemfKo${xMPF|}f)yzCS9r@QXE9KCvH$V8F;BXKX!@zWC@a1RTOpBVljr@lcppw$
z*ynYC?D}!nMcK7d)x@~bmppu@peej-$I`vClBI!%s6I3H5S&o4Z_^r?U8C3Ds-8bD
zBi195DYrgr+2t|Ge)!F9!0`yZY%GJIXhFW1eyR8-^Gbwnba3hXTks64cp80Z9(7F{
z63SoAOsu)!$;R?9$@bn3wN9f^ZDDsZvF4S%<06w*@K8dqdOBS`NtOsF=Nmb#jIz0%
z0?~wFOv%2l?{m$^zJcS2Qu53|IK}VphQc_Ag~*6O`Ca7T_YaE(#>9p5OWk~^x{M=5
zj!5y|mlR}k{2VisX>t2TOjo-}I!tf(;jd5lEfP^IGm%hec$Y(Hrl3@Axp);FRLvdM
z0=O&A@ClTL`gT;=>e`^~$=5{s@_fcq7=3;xLR1nd2FZ*g?4$WmsnoJ5!`o_6Mx9wu
zSP%{0@-&I_Sif8&x<Jd5|7V92+>UsLz||T8SL-&4#<YbU=?w9ROjbL6J)~F$!Ju22
zi;zbCc6%MADN4M&r^pQad)Fbgl+Dx7j1!rZT-Z2D4G;0Y6sE90V7ny?jnIe1G62L-
zOZ&^Nz5xHl2^kSWVI&`|w4%LO^fQ*B4i{J*<zMOL&Uj%!>0v<WmPO4olp1}n3*A~s
z1g?bGDMm@ok5Ade`TJ)aill6dlG1cTwE<=4#a6(|HA>MtX>wA*2$Om1!_%eC6Y*PL
zz5NZ&zC>-+wglri5CWzV%t=xh54sU51VNMl;?Uzy1{GOh?25L#K{1))EB3X(PyQ0{
ze$z2~+(`-tN@ds8AzjnDO=U6E>cy7sz3LQxRM536o7VZ+P{-lc+UsTKjPR^@J(6%v
z-bLI@m%&ggBW#9^>_<48$)!KO(8pu!SjlVL6^*bO$9{77b~pd?;5?bfTOe>NG2BP}
z`Kw%ZK#Pf?TFCGiitL^)nE@I_gZ8|Z;S1{~0-m~M#1=Z`@5W3@MU|g=t#P1w^Q($_
z+to*nJ}Alx48MA?l_}{7E6RkOj1;%FB41>Mww)-h`AgcuwV`T$5O^y3(_W!w16$*j
zKa4oQaLV|F^_rnxTyek>lOh2UXE~IzfWx9PemGXasPl)SBFKJqveREEj5?1^l1@@g
zF)H~MJSw|k7OOYWc}g^C&fqClf*&ZSju0M}n~&KQIxXRk49pD2q~kAh==?O#i+S&s
zKh5um#brxZhxenxV*H2&%b>#iZT;x|sN;mofMFSW)%?Zi+ET&v*}d!0?hIAx&pbtv
zvD{*ehCy6R5<Q>(-%xNc?Rn;eCigai4m^%p?a|%gN8iPsfuF<>@pIV!hGJ+?pCf@x
zzpy8wff@F61E#+>*$nfGheY(@@YKUuzM$)CiY0~^mem%9>JjmbZiylqD~ZGt10c5n
z<?1EeWi@u;ZU4z)W?FD;7JnUYhFK&q2Pkg@n5&$$`BUZ+RNT}GownMY&Em;(+8*Gt
zceH+Mh-uSR;Y#_;5<!K*#zQ>EyMFlIUfUadq2B@)<1LmYWBJc|fn$lt<>Yi-{by?P
zSP5ZbQ8PwTSw_Yv!D0n`p_rlwbH0cv2AqEZFm<tp;en}+0qE>3n#-7#Tbs9}R|u`8
zMM?H^BWy)z{8?W!CmE)DJrTL@$1+^ee-|6@z1-rFu8HYes=4{MGvu%VW`_WtT$FCs
zDZ$tUt;_}6xcNKHINWQ%UvI;8z?+KYW10eb8|QF>@fNn!d2g!4oOb1R+HZ`egtfB^
z@rNJ+Xn{)2Ce;(^F=)TVu=Wj$MaCqg^DB8&Mb!1f2p%`I1gA2ixnh5b84^vStb#*E
z7$;(={YPC!i$pXJOe8cK-fORrI0*Gvv(f0r>wO;H+y}-k&ficvPrc?-`EK)+ljsdO
z=RNE)*G(}Ewmzt(qH^W|e#g^}K-omxJOGDZZGKHw8U5^W1E8#avG>cas9Xr?7dswx
z357(ED&2Unzx|iRN&(d?V`0_iS9I%*nx0R23~)~o!&a1BUMmZu-=|m1>~77oieD%k
z3nQZE!?bU^Jk6ca$rYO+6Vvx3N`J>tN8s2_qI4IwM2=0?qOz_~^elujf@-!v8R>n7
zyJPI4mRV3g@PogWW53{-FZMc~552fqTc^Q+R;hbl?rEJVPtb2ub2}hS@VcYEa!IdB
zD;+hj1;<55F)HbB_U)i@ZvTOD)k)p_p#lH>`NRPPd0evg)(0)dT&CVXBpQsVJHpT#
z%LEyQK^j6}>{Hx3h#_0}7Q<#rb|kp(Mc$znc!yKPA*}K@m||UW`jdGZ`3D?ZF9%mX
zLoZgd>A9|X<&ISdytwH%I<;|??Z~4i^qB1XuZ}Y`70tieoEazL*%gWi^B{hB)6ESC
zvmf!E6#VT)%5PhO)Eq{Vc7ZISGn5jB(IJFz^=}3;VPf+U#RcJcoG|q!d}osk=KnPA
zy;wsIv|n-!@3B{VFv;e?^G1re>spU;rxmq6i>ru{7eh8ABjIL*J}%<Pe#qZhB8;w{
zL9_+BUT_Tg2-C8RtuNu2AnLpu_MyAnu3|cP1njlSN>#&tGUh*O$~g{>c}@vIs^klF
zGwSmp-@dAq=_s^(a=it8bi7v?>mxY&xg~Y#)K`EXhu*<!MewbWcaXoCGBJ?S7#H++
zg4jh552QnH2KL~hp<?m~o*WFL3jAENsL|8>T&2>x+(6`0p9s%zzyFl%uvOLF1`WZ`
zbr=4s_oRM@K>&Y&v3d~_$XwSct=>X?cPe|-u%z$F>L@9#a4gkvloe^`S#isGR=dzW
z3Yaos+dDnGSSsIOzUsleddh28UT+q8(T<16kFgPnvXsu_4f8ZpxvQzxm6WIG+y0fx
zF`X=3CI#XZ(7|!V0n%u6(Um{q>HnyB6-gx{zNYd{HY=qr-C+(dw;#>X57VvruR_JT
zqaN>nUa7;rE2}NN*!tAR2q$h??>EvV!hsKedbD^N!b-!JPLOu0d#j}0P?!36Ezv;L
z0CCuyJs+u5SQ@M~lVad`P_KjDQ*fG&ggiSp?Sx2#MXJ2Y?{5%q(Ws9Yn-6aoeKajw
zm2|_7McOdDsuT(^RYZA`q&<bg3yiF2^n--@|2~Y9G7;(iV&=S)wqjin0>nyW*)mh2
z=gAOX>)K<Z%gY@e-c(A51oqxa#x3KTbKNVQ<X$@20J9@ATD};tldlj>jYXDLf>}x$
zp0`ldArqzJl?_o(imnR4k#*O?R+O9t&#`6$ep~(D;!}>OOMfjsHT2Nh)Y~5cT<s`T
z`qXUbaC%$=imiT_x#yAjM>%W9x>_`eu7FByB8{l;@8nP|niMFi0W&sVESEm&Dmsvw
zDz_O<D0A0MbCKMZECITGytNXCvr!Eumh{g)4wJd2P;9ccyOKG>%SZJwB$Adh`K-#}
z8;Uh;Qzpom>Mg+XI2v)!ul}MLa2y^xVFW9PJWOi&Oo`fwVOBMtnTb@WOBg#ob|qLf
zspd{KpQB$kK`7|^r<Go}tcV!$&|uuKto(`8gZ`V51v+{i$<@SED5IKLkt375{J5?A
z1~NvA+S}c}fN7>fu<h;GmhPUrL!HLR^<jyB-bj*N(b1-|H=>a!R#>Z@szWG!dUBpz
zS)C5u%VBtKa$)4FKjkQ4%OgrIWuCz`g<tN0s{!huC4d-9wv$*jj2hl!nzWN(UUAL9
zqzN>aQsw_!dK1sCXrX#ur>ZXxXq3<dus0O5-@e7W8F1k~)s|qmW=SXJ1qigM$%iRk
zh~eC1i%8eG>!q`G*qAvJ8ptetNy0rC&Hnz&z#V~O;gS7Mfxx3IbQO8jD2$d&r`_a4
z<1>qIiSw?BkD1EqFnsWM>UfY?sDC!8Qb1-yCNeRYb)VE5Q%FpDS#ho6X9ntLU2n&t
z2oBB*mfe`SLsk}trVtAA*<TVk?~EPep{^<Ki%uWr&Dd%9xHBag$}8y?ys8e$HSqan
z_vWs1cu!g*lH8tbMD|1^?h%4!P0Mi9d*W3uk_sKl&-Jl6)sXe5fI1WnE&%E<7B&%?
zS&S;RN~uLex%>FjZhU&<WNI`cJ{29rDlMXT&)-sh#6oZ6$N!kR%CIV*r>%lWr<8Q3
za46|c=|;M{yFt3UTe?F^;LzRDDJ3N>-S9r*|A+5a*z4>*Gqbbz+%vOlC^Pqv_<pB9
zvkIYb)=|2I2UY(%N1}JxQ1kJkH(}2RMeAlX#*hI4&-0CHBEQ`^o`EVL5zatEQ>OVq
zDSVhV7|L_m-4I%Fwfm?a-zV9EeX(dUh=zQhqXXybZs+fCWmWg@Z%0v7ba5tR=cFjo
zrt7ou5>BHj?bWy>9<TXKP2Csqra#Jng5U+?+dOfn_LqH0;c!+bgeDUVo-A~iPOKXE
zI!*Y2*sa#G)G}04@!V8c&!!JaaPuYga;C^igRq<cDqVX05#z5WB%H68<G^>uy-L7I
zyVL{a_oIh})cHQUL|46gn0WC(?w-gQJRP>O?D2R|@~$F#!opt7@{adLqU3bQLD^3e
z%1#$VC&K1(J^BOY&oLnC4nVej0J6CQknN-X>a^T@v=~xIy@HQqC0{}V@M{fHi}T7E
z&8arB_0w9O54?HvYR#Y8uai7n*e<;Hq{EhPnjpz7Za-o<CEafZxyp))C+fgrO47Sd
z&Ok>fXAQ*As|2-V5~9xKm!J17)wfPUsF&Agoi%(Ict54h;!=0Rixg$#_7OYBk-pTs
zB=_*)cMv}55qQz1R9r?$g&;~?s<L5Mbx$tsIv4+wcKL(VeZ)aAT!BnRH3?D~Px^Vf
z5<a+i&-u27V^=gUe@~g7?A8V`3Tz~a%6ssYlYIyA4xCecG*kJg@BYx2>xDO6#W=S=
z)ant}(8b)!Bnk1y8J%nT>b@iBV&-`>$(#ZUkrDzL@~dbs3vU*`(n?d5ORM#1@jo5=
z`ZVlsh%gT(O>UN`AU3M-O!Cm|MX%?+rMn(NI*pgAVM^1|m??lQD84ncs^i_KgF{YP
znjJ`9Ie3YnlGtk{sh1yU^rG!do^_VJ)vHOudWGbKA-#)xHTGl18txNlC-1R|j9SCZ
z^08kisUVh_A&z2{5n?nIQu-Ft-#m<@$8mLb(47X1_>ZAAB1fPgZwYO0oXOKpnhLP|
zo*Hkey{}T(7ZlVLvp<P_w7EM(vH#7t7suzs02TwN3HO+fy15iTysh?<u}bpn)LgjB
zpFncUY@LR<u4gPbkcjqFMcA3%O#&ZGevRmAw{qq(3T&`8A2=QzMt<TQ`t*(Z`-Y>x
zg9I)2Bog}Lt@dt-&6LPadM}03r=;H1dZAI7_uc{ycAbF<@~?xn_h7cYQ_>l$i+pT~
z6|-=kIabL_Vc6`e{dh@}1vNWff+<LsJf-(G_;!Qrk}a3-36C!M$q^Fd^6~h+s<X@p
z6soLO5>7g3;Zu~GgPkYUP28=kN&0+@n#=c$w11$<{IEv{(rWIl6;~*WnT|+7Lud0;
ztsay$j6d*rGPQR3qpMZJ6{gi5M@yBm-xNmGx@fjs|1P*a*wIR?CyaR~6XC@=9eY-I
z)|aW-=<;f$v}?_oxn37J*t7bzGl$>*))m4}NZ`lE1Mw>VE9Nx+uaIsyeP5&^#4n`F
zTvD%8XG4tXMYtU-94VlD{+Dbxlq5fF4!vlc$&fTI<78J1wx<Ytm!T4cgxP~<5;=Fi
zuq3^I>3eY4fsAxHAaQ6L=<>v(HoXz#;t6!|fckl?gl;I6F4y}*?U(7750NUaIWW|f
zriycJELe-6?tdW-H(GFC8|=@<8E#-AceYo-_DGWt;1*RSgu@*pKgi2|TMwKhbw$1X
z<5uwYZRN=W5c4clF}z71+0~`E)N$$LL&U@_Vm4Y}Z-P5zdr&!M<Jq$H7+$}EkBTdd
zIof+ErU;|CgK+*LVLQH*YUrnOeGKer`yt)%`hU=k*?!i)@3``(ZG|J|B=#O1;?~-a
zp4vjkSpz>`Nj-R@-^cnb31D4{z)@N0rNW)!<wl9?MsDn)3LdKw{Ltf#(rIghK|~4=
zCw_tCswg*X1+NEI6NGYiIN~L#gnkB7{?o3Vj!2%sCQZY^7B4h4pRZr=l8R3KN;hUT
z{4PeQZUqQb4K25!JtTMjt!mwW;<z%$!OPP+w%D6(AAe-%F=Jvc@ji#4EpSHH@8;ZZ
zDMAvAAM1X4xD=#h-;m^%I+t|5SiByFAA|Fa^PA>QW#;a+WHB7rf{A;mY1X_!#`8i8
zya=l65)RFNWo-0DL?L_v)9PA=_8uhufrNoi8mov>R+reLjr@eOREWGqeCq2_F=f0L
z`N77wD4*vIOc(K1@^ktsHQ{z8PRO3~xR`}(yO;*JI7WKWzD=EBnd8TVs&<x9FDdGs
zW^vGbLRX<4rDl%Ijhm3ltId!|_peK{V9_|f-kW<*@B*HR#uR~%rOP!4^TS4_z3v!X
z`VKzeSi~_%1a^Yts<Dpcs}DU5T=87oa8D_%C8OmLSz7#uezHla-M209w84X#{uxs+
zngc~csFN*-Sagl{T?`y7c8n=&Pb+VWl6&0xWP^3(uDvnOy8ONObi+j2f=wC6*~s$P
z&!~kSNKXR%%k4>4CqdorfH2HRb04PFSGiOo14a~*m5|9=Fj#K+a@p|_l|pK7+%yy%
zrCC!^<??NJh2`iBjihjaL|q+Pfy)2(j#KIwO@~r@kY5HHvf;S2hHSsIB-nL4ZdnwH
zGhfcEYHqdUz@|&<0+YPgT%r_{x7A(2tBO1(E5O#2(D{zkrdI~oOO*4p{`0XfYRF!8
zB~D3w5hcyXR6?H~G%u0-^_3Der1Dj<B355^tvYlK*|RsHW!9DOEuBMs1LrA~i1~ri
zfT$p2-o|_Khk|Z^)!Xd437zyDD$dDdhM)$-RE~<N77nkxch350nA36tD?NP~Tp6E3
zK;s=f4F<%<IS{=Hz>zP6H46=@Kmj#~B(Ul(^s5Q!=0Ec1A5@c%1PqrFil2$aZ?*$t
zK0o7{9GD6ejR14D<X`3|jaB?aXbcAh>tjHWtA3_IqH4^UPRV+2d$LUWz$s5Ppf^`C
zmOEBxnTtakDS)-R`m<}2%{UJNu*=vHo@8L=N)%AD2<`{ff@%$BFSQU#1e%!Fj2Mg`
zm8k8fyAwRK=-Zp2o)a>+k}eUe)LLB~Jlb)E0SK`3L8g~cR*KixN7l<u!m29hOPE+y
z`U`4>#O0p%Sr6H~o?mFTbl_g1VQA1w=tnT=zFhyKag1;oNUSVqEDr%{nE=yre^@(i
z-P3z<MO|E3G6>at*UfFhj8C7B0haB5xqYLQRkRMJD}O)LR&rBVoVSc{LDta{!vO^L
za}H`5hfwWWQB1e?-#B#=IX#657WQ)GiQ>KP`GK3(hb?gC<~v@TqHCB)EZc6;Jn6mJ
zZ!P3S7urh*nSSciQ_vUxuPo?}Q_C@?TOlBzlt9r^X>$e@O0ZA)NXO-s_)`JTRt5|g
zipFahHkWO4#%w_9M>fBEe{cpJ4);GqceQ?aAKbJ;c%8PC{h*l^PS@!<skFq9ABt{S
zl%}uyevFE~JZT@X>+|c&7cRuxlAqd5LglKj;nvY!_ENlp$}-WT56`W|aD2P-^`oIr
z|NUoF#Ow0eo4PVI&<9<QSI^W+8~K%x4LZ--Dt)B?r!!2<w<nmB720pcEsyAG=67A@
z&YdNs&)0N6K}vnVYbq_>3LOw827&ECNF4!z8S9dQPt&r$$wl-tut)UcsFhlFlfnrh
zH8(@qG$k(4*z%?G*|1DC;I|CYg9zvN=O;%Y9igrKIc)A3>jJJDqFs}ndWu)Nc<_}x
zq4X!Jy6!{j5t`~IJ{~mH<oZDFmlZY%E4)AF-Eeg*H1=_l(cSe4!*U-?ar^v-78k=p
zz+1Ek>Ijw?=)5hSvDQm~Atr@nKy?Ey3W~W_-TYWd%-3nf2`}>B^bV$An^z+KtglEK
zyiz(}T6}7E)Bt<+-yD8_!wp<%EU6M-+`dz}DHAuDhwsL=AMo&=+jXB2ihBg+)~;xa
zEip2wH3e7bJoVn>f)O~tY<&bz14i>80LV)=^cgCjKxE)&8BkiJqm*!y39lfhQb$ir
zA1OS;{1y1l{<4yZraB}OB67TEz{_qfz~RqIjMw1BZp>bdr~%exY`B?#4|K(Hy6jig
z_XXom;3R3)wl4U6{jH!4b(e`6zdv#m=@_z>6B*kLJBaGOc2$Uc@Sz9t_2qlo{gC#U
za8_y~N`YZnzCYd=J3*K7Oi|&r9L|}lt`vI)A)+whDIXN0l9ZJ(gdi~JxzuadKO5S*
zTh`{@PQ)>fvcbuFyl7JHx4CCY1m!FJzMbxwLw<N&8>EH}eq-pruEr0m6Pm#vg%Mc<
z=eka7$CWr_A)1c1FQ+8#lYe#SdCAzRA0&JtR_C*?+3JAtM_GpMT)o-k`W38ebKsRL
zG(gTD*<lB+(eI?wGK<1;KSUA~d2yfCy6w7D>6}J`)Ys*AcV#dcmRY;fdV9J(-N(~`
zzgeID>8d9!i`RiOd1Zk<TO-iRlxwT_H|{j{B48D{1~quSAD{+|IH4AU<ElbaInZMy
z&v)rdQDcI#-$u~4{E#t-71H_DHTTaIElO2I{1%ymnmzjIL<V>SyvYi-^1)nuTc^;8
zj!5QSQiyG*BI;S|N{7W1av$3A(+W;bmz(kv8?HT{-vJkln<t<zcV}z@hfYDfiu&8U
z0>j=mNTHs;hQ0r8PUKSpqAgy5z(=t=!d#M9{Kk-q*U2Avm1u@%B)y$`4h4t3pH*?X
z=Klz&!rSJa?shEZadm-#JU(jVq6|;?l5~JU=FPIbyB@E6hmyV)xDG_$*%Mj5DH--O
zjVjzEF;RiAKp;jjNlOD9m7oO{IkB0%_C|SDDA#e(315PWt>rh20^w)#Q#BU|^JmQw
zZtzMf-xLe8IS8#^iQRzWpvIDJb7t6P=F80sg;bAgIG|MN0YB)8pLWCXmZNZXf3^O-
zc27@cn9PmK>AcW3$0|75IL(Vlp?{iD2L5sp)cSyj5Lu~AU#3sKB(aFU_9es=<FHg+
zjfG?K4-*`3vE0in5p0?movk_%9yxDF?wbdDcE$n|V8P98F;g9RdT7#hXen9qPbe4u
zMljYwHGoju7h{ap7VgEuKG^p=o2Xz!W*tUL@q0R|eU=x1&$qE%B^tvP2a;xh9l!+s
z`IA3<d@M^z`FTIZt2UV8eI-J>%5tIIeECgr<rw3jR$#>QG&KW|;xN{b`M@-b-6-N~
z3oQq+)#rSn{OwJKKQ=PM>Id19NWVx7OsaCh3mSQk0WT%IW2yZLhK8WlNS5e|V9Eig
zULfQr2`_?=9TA1knegXdE^s9;Nwo?!R3b5ubWg0)0?S#7wtbx~fn~_~N41Kg36V9U
z<aC~c_en%~0?bv?YnkvP-!Mh~a?VK{@!ZV4xoU{(TQasRt+9QFAUpvtOz&3XVNSU5
zV9e`zb!2VYYf_MH_a@N*OJePnrd=#k^52z^N@f5n`H1T{!OZ{mb)&3O356AZ0j6Q`
znehIst&%XcnWy{2J+cDDf2c&0gDO>)VmzV<tzt!(;w%443flw9p?HnyPz*)z0dJPL
zoRpQXslHMP*yW=+g*a6cXa82M+wtD5we(6wWYjJ9`vAn%sS&f1p>{gSo*sA#*BB<N
zCv2uiMF{{`3<-b{D8HjEE+xDSD7hCBny?m1Bp0uB-BT!ED^R|ull8Yndp@fZQ&-8y
zBW!@R7)r2rl522svw4cz*RK?{@5s95EFGTB>7#~Ae}KI;H*k<S#RN-$4mtw9g3g3S
zYu^B&Bw3ma=m14`fke+FiWzCLwgg8mfQoD-As(jW#6MOlmXg=1lf3#CauWZ)&mZw%
z%;wI)8OPUX8{)Aw;BIhgi&%$#$2RQBsEKJ_-%Ye<nsIZwX0yBHM&9vG>et2Yof+-A
zz&Szq^i6fHTlU!)(ZKZfgCK3fav&<k3exMJXCO@cv}r#s`HOlU+}nLnCkXlyVby0C
z`}LENGEs`~6Nmc>!NU?m%qx1~g_1*`{{Y35_xm<rFowowZP+d{U(hh4i10t}T5Jbj
zUm;cjeqh%k>_Yoi9sH^q$}1WdS-|5-wKp0h0dejw9F}(F9;<El7T#Hqq}&C3J+CC8
zjJ@L?WjILe!h*h(oU<Fn`a{^0rEP+s0P1{*0V_DRE_8PgGopkT1;r&{T9?L*S6*CM
zH#X>E^OHXV@;{xV=@5=bfRF*546*AG-UT_Cy1P@NU>*K;$z(qayM1|K{W{ZQM8o(4
z(FjLX{ziUbkYx)uSEkm=9!t(Ot3n_0NeoJ_U<195>C7&CFp#8?t7d--L5u<=L=1%t
zV<)_G2(f1D5So!MZ=jV5i>+vj-=joA!bym#%Ln-kUj!*Wi#d?+`R_T;XGea9o|UdV
zTyEj?`1OTq&_c#^(M{f!En?>JW+{uetssn3kZNsGUzi84!g|rtZybrPglv(mi{Qx>
z)pz_B^<Rq$_TlXWnWcTW6vp#M$-hVNm;A|>XB)jCx1l6w$a@_Mx_kLd(|tg@B56Xo
z>o^Bn;D}!Nna>_DNt^L-F%aI{f)IEX6t{@9<E_1JXWFl!;JzZM(Fd(pCe`{(JnoK5
zzJEM+x~l;)V?C?*1_P#}lu%D*ItdCz(S1vzCmUV`laM5w4Ly;EA}3_5pDFX!8|SJq
zG_R5x42=1=1XHxPz!E}%CG0bcz6F+`V(2>Qkz>9-vYW)o;V>h^6fRG{Y+dZTm7Pye
zZziLD$6UI<i#M>cxjPc{ZDq9nX6fRJp}&K>Cw3%V4)IR}_aRL;o}`mfwEGLLtEP%n
z;s&u8YO#u0UFMqtIhwq)(-MSJ@~Dn2Xc6{jOPsgxwF4}X9k4{ptzbKw0~5ZzOEhmU
z^Wl>Y4O<3tiYAEMUsyNm{EsG&m>yFkv6!r~b+$(rK}$X*bCp^eUPUcvEk=2kli%HX
z*_GSs1VfUdTutSi#Yyc7g#JcVp;R$I2~K>rP)?Ebp5%A-Q#JWbHE!IkY<!sfP`{#B
z-6^3}LPQ1P=M7BD0gT0wBL+4whGU*kgVVj?1n-qS)GJJxD2LBgWV<CX#>JTS=g0Oc
zU-Mm=IT;qfKbu=rN-@C)M-EqnJQE)%&<h_tZ}ylW?yIf=8XkPq>RIP@ywjDIMQ5-;
z$c?SsC|B<BBg2P<!Kss*o!Se7orwaJ44i7M-NOTf^Bw~r3e~c^b|iZ_mU#WT6OWj>
zo0XGKbs;A?vac`R_MjL^|0lqvGea(2>7O_Z6dG+|tp<LtS~nI_;0kix$w#q{QZgz1
z1{AL~J$bk{TW|S2wLFQ}%O1W|;3F1JDo5EUV`@U#uMyKpZ{*BjGx>A?2c9iTycZT(
zSQs7I(2fSyHvg`%02%d{GIF<cxL8F}dEt+-x70)XI57<WuUe?l#5bjzwNnyMq2@+#
zip{|?K0JiSzHxZ`fI9tVYDFsKv3e8|0#USJOnX~>CeBt$VoLskC2#DKWYmi175(im
zbbY%3_v(NU!+pt$r_HR26i35AuA&#H5n`Aj%8wi@dmT^GaansVAY;%vOu`#+hxKR3
zv&PC;iBx{##L#H8X(UL0pxbC|`*bMGGnRVPK-QN6v%;Awh_7_oU`?v&)~K=#7GzSc
zaydRt`?-`1F~9Hjia@v7KMW<)v2WDn5A{rz76#Hn)o&&>`W-7<S8Oq%Mk<vo@1xHB
zxyO;(K(m;#ggU|HBK{3Suf%^^NCjk&1js<5!AljB9hF=I+!)rHw1|g(%1Lnc=oEi1
zv@^eCReG<#t5P-`AZZW!GL;fKi_iIO+&=~p_Coxn(FS9@1VJMs$yX+(r=xC*WH|f@
z05DA$sBRcqQce&~=gKJ>6U$Ij`3}R~QI2x+RwwC3F);mq1Yktkio(=+K6KNMg0r?D
z<tc=oag_H_!<dqmd#>ny?Rb4@*Bc+ncwW1xpmF6Y&5<`@s_jP3JEMSEvc~Nj_W;_G
z*sbbxZN#-}!-^zn=#qZ&?P}%=_u-VACs=%nRluVs>Ddi`K5pQOQ$&kynkr{EQ-so3
ziK(utK~X-uPA#*qj=@mC^DG!w3jxn=)*K!nSStHu@u^==5?tJKgJxbma!vW|Hqznl
zu*=&T;p?54sF|A(2Q$5?;vQPfMTDeV>Evz{*wXV`)2#QNqqC)iYU2C$uiS9T;p`}f
zREdeoqv_C3es3H^fvPV}YQz@P0K<eHRQ~0Z1%*YG*dY3s_f#GHL{a`a3m6#lPf8|e
z(twmG04ZUQ#JpWwQ0-%6mxS0H{~Xn8?i`<&JKlwT;4~JTe}i{-b1I?0y09AOe!y5h
zer8vg_kg+3!3tB`bR6SlTKVwl00}{C08L-b-#wYEjeU~%=``@_suc@21zrvi4$L)6
zW!)A2l(9)XWKMPW!Sv@?)K1y(A**EAGhRGh^v4LX77DYuZ=LqeIFPm{6>f0Subz%_
zE1JknahkkWc$c~6cJ8niAd@cqXzvzm%9y2g7&MgYWUVXY59d9gJ{tU25Z^$=sQN;r
zM#wR1;i_XkNtw(y+0jaIp(Q7GU!-U_j;h_^NdEb_W)^;-pEyK-kDF7Ebb($xWLqT?
zHMGl0Ej2L~sJ_AD8}z*S@+S9yS82PYqJ9<a-WEaE5xY0vGZ}hqCy@zg%=&{;@rJDc
zBjtn#Go(YnacoU2fAl0$$`M-a@p?x}m0>sE;x~`*eCjW!RN)*)%pp{)Y)-xxb@DT3
z&9oYCF8@w5O+m+P#XC@g%4>Dm=DgjOVTxEgwd=iIh?q`HY_6WGiq}iiu$m}>Z`}Fn
ziKF69uEHWsbI0n`V|zq*kk2o4;wP+@jpEnca<@fxbC5N3Mk1&E&jgzsWEhEPV{uS0
z0Pg@p@qtc<uwp6iVLm$XHx*jd1Ex5^bRhv@SjNUZNawu!%Y2W<{b`j7Js<Y@5HcNZ
zxA2>9x2VSTul`U}J-o6vy79CRjq$XLo=QJ&iwS~BFNyiTDfq|hk_4As3cT7Q;S|i$
zssG23c#~TQ+mY1!?m63@>G}z5>F)Jl1$v>x_nBu$n%|sr+lR4t_(Ni@biRmZLqmNs
zAgE4%Azzpfe<ISHGT7KJAB8mg%7gVR$v!4%oJf*M{h{UNE{D)0#h#6bY0N)b%t}ZM
z2s&{3QKD8Cq<&rLb1#Q+aig5v_t4q<-a68CdO%`s#D=BAz&xGQn7RVQ9sWX{$fyt!
zq|gb-F&6SfapZ4Jv2H$U6bgyYY5K$b<Gbimkx>UCpkXSsjhNCA;I4yTlMeHpS<&zw
zB2f%VO5Ogr-1V4x<jC8&l5no3<2|0BufP@hIn4hQQ#QV~M+OKUxGsJJ)x7{lGa*@4
zw~0jmx@aY(FxmlMu0*AbTb<z!T*zly@0%oB@P-I3<ShL*hA6zR`K2`XK4R90+g4v!
z-*j5b56_uQ_VQ&9#oK%b=GjP=Wb0J{^>^m!FmIl|>{6$bsKZ~d6B#ka%&sy<99%g1
zi<uJDH9?Vh<gO{UT-=Ngg)G_TAE}TDvljg$*ajdKeyoeJ*&N*9`3<C)+ZPes)-sVN
zEs!E0Ojme#V96NPaqz*x!I3QMBwMWJXfq}=&A)i!4?&V2NRutZ*s6(!(kP|#`~7M$
z<dO@Ctv!H8y5FY>iErNOFa`}kJ#Pf4v}lBZh<+$wBap?A%(mC%lA(aJWeIBg>T6Zm
zq+U9jv|W&U`JzD49g^v@lfXY&MQ<mxpf5_GKR;GH?8($6&A7iUVUC(O_mPCX+_me>
zALei@5=4rn`}|=>WiXx5KcID2Z!|w7lJvIMGu1{n`trMSo3=22MKS!4i&2<hk$O1i
zI1u1;sUzkCXEne*8vW|YtGa{oqIJZGbO{4Etj)O*m2$+HWRN62(%9v1djfQ1Nk|JQ
zQXUM9dhrZtxzWUk8d37v0X&H>D(ho@na1UKxddh+YAVU&8CcR+5e$n|sq?0^AMPi^
zofeHVmgNjVG&**uWEf%)3)2>H+My;lX+~Rvr++dVSJ*B%KZDb^5cE@u@DheTU(8|^
z$EPt9W^Zy59VZ-ms@fHiy5OD>02hl7W-Lwz9Dvy}?ffz4oNlng3*7>(#BO<}qSRa1
z91S`ZA_8Vh*F=R9_LOG7mY$s+lq^%t8?v~oMb6**`#{m@>{A%0zkH&iWw49^2b0y{
zkK(zebU;Bpn0lQOop~mt)Yn>=BYT5AH{Znu@t?gWd5Kf73A&M_`v9pC86Y(xqXC{*
zy8L$J{i(&p+{|Pr%dyH-@FP)Ep5c}NA$pR!rMf+lEbsy$2em85zIHla%JGm3U3zyw
z6KF*uV;t%!7edefhkbL|k*~H86f!+1l%r1NkQUk?TaYLw*h$gWVD(Z#?BC6Qn~U%)
zf@WrZoC%z41dX;~9s(Q;JG3OW92$Yy{z*;8=svndduO3iZaX2vutKWhIy~Oxj01NU
zs@``E{i~pO4nYJ^DgZxcI%EYyvjgLO-rdBIV>${>HZ?2fh*N9lNhQ3t#U*R4wr0-5
zGW%y?88B1P%g|=P)+t*LX0bVN+xu0>pl)MV7`d&$+VG2CPUgs|^fW_DYzfav>e8M)
z@$HAU=489gH5l}%b@glQQtx}0hs)vHq@+^TES`$x(%Y`%)5-6{AW?7e7Vod8u2do<
z4R3m+9iT{n)&<J>^x%%*w|*#85F(^X7*y!2IS~^gLi}-Iv_ogqLzQU_$4a;#SB3tO
zwaoTEA;ZP2Aw>XIQrZEM1c36o(<Yqj6{gqLdf`ndVFf<Dv`d3#k}S%_84viASK7+*
zNIuT$_R}9DuVY0>oL{3iS&tqvg)7=b`FL)HEB+<p;7QN{)5P{u-1wMY3X&1pqAIB=
z3F21W&JK=avuyrirXJ1D)Fbx#KMP^Xl8O#J6A^n2cr+%_JYREGy$z$hT;mBkvu^|h
zQD&j-7p(7<A7$-CcSvruS6JhNoQ7>6$-|RNR&%;8Y>lX&K7QXXCG;&5I#rh<soW-u
zD;5m4h+AheR7jCxY8ZL(PmXw9)XjFD<l=wo$%0XcSq?4+)U&_duLuBhM5C7qtuNR1
z#LF_Lmf<z*l8L;4>--0rc(@L~%bdHn-sW9wdvhuG`pSUAoxF96eBr!JS-Y@HJ|6?I
zfjw3rwLH919=xI)S#_*bQ4raDH!<v<+D7Ava2(mk*g#vgJ{?w|O!V0zaX<J_PvG#Q
zYqX_z;eLg!&>XLLmyaLF4bxP*%)3~KghYNFnmLWY`sKk=DP1|sOSxd`c$Z4=U9r~W
z%o^c+-l&j9S*TZGF1VWWN5XDfZQJ}opd8$x>R7^$sg#<}e*%`%cU!db!>W1k#xWG8
zihU(0sv0}vw4-&i6QC(UHQ8%Mu~O#Ox!7CJa3IyyvQssW^(QSrm{+pLVrYOFSi+iy
zn`RY0Gh@gJ+t~e(+0!0AI>#Q}ZsRCx2;@a=${zl{y8;$up!Rzs$~>%Z6ZP3Re3TjL
zDOBhKMa1a6BQZ3APq|GvS(HT{uIOXJ4xui>5v);BQbHTDy2L7A_z#Pu0&rMAk2Qw@
zm^_O81WN<FtlzboucB@|m|MN5Eb2-c1<w*AC4!+~KI$UJIe4dC6Etphxmfe==ypNM
z{}_(0H{Udy>GR*b6$!i!fWAcFKQr)Q5W_);TfU`?p=hPw9sW)&Q}1A7@eKtE^gQ#t
z$t#^a)>j~4W*m0nKQoJP&!5?_rPR<&TMkaPPeJUH)JaEK4k9uuYE5fI@z!E?{V1Jw
zR*%!yD-#@>-OdgzbMM?NM(poet3sP<JPhVpIx}S@++t}cRA>Cc^!4wW_#`cWHGPKv
z${>qPT$#ovq^cEC@{xK?W^`~Ls=ND{Fi(OSChrz;BGL2POJX3z!2l7?9)|towCH(x
z)3vm{+hBRK*fAo^LE0q7^}gm@@9HJ3BA@9{<W^WsR+J`BXTZzGLUoYNR=Dd^yoiM?
z&I`b^&q)(W9Z>Scpin^~bj@wpE)4@YWf*&!EV|9UR!`y--C>Al_U9!<vZxcuFfcvS
z7m}@xI(sG^Z=(;V%bS+s3o}Pv53RSBU@+)SXF%%)oiQp<BN`5rLnT8FfM8-7NX78G
ziSnzFBZklK7$tFt_9)*fWlTk^<TVZ-T<bDQ`aUBwpwa+xz)Hv$@IQxkr2Gv|J*~^!
zAG`;&+}Py3t-$^@o|c&(n?`CfSyQ*-t~b3M+s@;qC#{&nU2SB(8ZaA={mqn^V4d}Y
ze#J0+5k)4`$}5Z#FnYhKSqP6sJt7431j3h+M}H9!3*<+7h8QAgpYi7-_>d~JM@=HX
zyqP_uij$l_K$l-0Zh496^F5Px{%H16fBIKWQdff^79I5rTm0}lw93VZKz1Y`yb9lv
zbbAskHbNY}p8?Z5LAR@7al@I7&bUFe7}$OjYUC{=GR?BGe7vvUK|B9QB@?s>5-`dR
zKq>{#)$kLgY4*9^^~~#83-y^NU_<dX*d*O;gnK>x^fgQ_0k#M)Bh>wuO%>cA`C3Pe
z2}^Iw{4&^XgX`B&bm3mlQaqi6yzjU2_X4CS>^j#FonJ9jIBv<zbFhe%7G80Cf!)jA
z5S*y79&Z2i%Z*U$xWJznp|*b|DMfsF>q9J#LuK$*S+Bb66&M3+``JNmrNWHHEJ1It
z-WY1G_uJbXJm|`Q-*+l?=H->@Q%;b-HBF&Tts5vDaaW-2CT#J<cZ^f1%6Sh@t*fKP
zTCzMLc7A0u_h@<E#&dV~aPD1F^I$@Dr2VM9>%!Cgpfujr=61g8y_gX+fOuG(n7$3~
z{IooFq%J({Ku$)e!(b)(@dR&v=Z77}PeSM}XR%?23=~??15;jliMkE{Z1t4f2C&rz
zz*ZeINtQb5+|^7yzwn!s-5ABb7~|L-^0hHmS~)-hcZn)wedR^myP?dh4LDw+4VS=d
zq?qhaKSuZ;=Jz1!x)SMK#R0Op4g=a_FKdJE$T5^KpmMSoha6nlPnp1Bpw@rd6h`v^
zwAtEmKGf77v$DE?jp>-wD%pF!OohZ*9K;~r&?>(~b&}n}Jk2)OqA?&7bcnnkLl-|V
zc|?&)zRWx0eCCZgw4@#AyhBHB7c62pD*5KgX?_DuGKhV!W{~V_w}j?U$B4-zec`$k
zOgKa{O^S~9ez7GW1@YOGms3G_^AX9271}fEk+N@QBb$XYuZs{N5uI4unjDx*-!yVN
zeIl|wb1Rt>vjiL2%$f+*J=SvLU%0U1DPU{3NOZ+9CH!?xM3RPpa}v<NkH~CBcHk(Z
zaFwIAD>jP>(8WKaT0Fq$RQ%_kFa{|UMZ8F;0io9*<6u@H&qmU|HBqlE*AhMW9{=`0
zOd@a6FK<vWf#WgzW=AV)dnaF2wwRa9@bT_j!Vz$z&|_UzvQl!^o60*<953coC7G--
zXML7M!&*$Eb$rN3<whp&m$^U?t;h0|)F=g#8l~Fz<XK;G^-wlbP+dvvb*Txa<isd?
zluI|0+n$Zqs1C+EW+k`{Fxv7hXdNI4x_IbRdi3By=zZ_uG9^*+IEP2gt#@CRmpO2*
zgmOE@e9OK0=~gI6Rso3z_uD0NWC|pBy~yaX;HLA_QsC_XE@_ss=zT|R#0u^OvlG4)
z(Qi+0uyB;WajM?CyXE+T8g0`7hQSU`7&v{s!*IL5egQofmtBP24r&wY0{t}}OBiM7
zFFMtk)S4~HeC!P7#fVV3e;O3Y_=0;KA^S&zMUk{`X03kM-QAL*d4yT^P2aM5KmNWs
zSbKO-X~I0cY2nzDS)Qq^@48rTdm#9T8?@HerZ(?PWFPKsgVbaoV*KN;Lk!2d>}NQP
zVQT36>;TOXIb+^jmMvs0PJiuNdw6=cFcNJ0&leh{ui{@v*Z{t8COoqF&1^;G+8DcO
z?=Kni>GL6;mY?cHL}z12AuL>et?=6uQiqbFhr<qk9SIB*9uT^sbveNQ5J^JhEHUZJ
zi%9@sf4yyPb7Ivk__ssT$R$O+NDBV!&^VHrjyiR_$sQKWM(=BXw=<mUc#xb7&L!cv
zdgL(zT^ZRP+d9ruOgGbUB@%fYk>0^tLM_ET7$CK+M{HIqE;ilWnb&nVdAm^Vcl?h(
znMqm2xsLda0DK2W<Q3Fx1tDRsOu24F?3ky-&veR^7gAS}gBHH*f#r7(^H~;5%lgGU
zGJM^36yM{w5z6X7%N@eu6K^&~E#AQYAvyCwi!u83B-?Y54{ue+h_Dk(i-eaq#FN8P
z9b}kb_f<OWhMk^0aLtteLBDmk6Hs$ONe{#pZzm7kTLgBI>N4fKCT)|n+z?dr4f-(T
z>-P$^RhM|p+LS_vK4<9j`Gq04^`(sdg=&ZeOm>pS8}J$93cuwIEZ+tfePp7ZmEH4(
zf7=Yn#4c(4Jl*N2|7gFpkTKx!mu>x-8l3t$ySBO&Z0QybaNs<T5YLau+vqj@nQ!k|
zEJgRf*Y2q}r{Uh1t9}yD+^1g94DtaS?w7rEQ$#FDAS*Gen@ZBhEIK-d%Z+-pQ=BE*
zXJ{(bXl2L1|FdI;u;5=ZqR~pgeuFg!NJg;FvUlQYfRC~muS&KiT$TvVNPl~QSC-8=
zHTPK@a4zb8P%UKtiXB@V@pDC>V>7`w)_{Qe0};5eW`W4jl}&?WMCv6SKYD{ue2`DH
zs|0XIWRAR`o2}t@j0Am+e}>~q-T-(RjXy9XiliJc9MJcMKn~;--9g{VhwWn>>H>=$
z$m=SO48tTk@DOp`r;ooFV<pfS_yy3|A#k2@2IQUXy@d0U-7j#s<4YmYf1=9a<~w|6
zLxmbVAF(T`OM`~M`45q6CR3heenz;tR8I~*aGn?P_~eB4^&mP#t70lTTnbhHt3p<u
z&wD!HEk;f~vEU_whg5l2Pi41-*Ibc<JuE{!UyHnUr$vbiFC2I*>{s?t3J&$N5F5VN
z+S?Hz7GUMmF9iVwEISgHBYE_G2fE85vLC2gc0&`Qfmb+vWk8h)Y`7ft4M-CIyJ0Hj
z_Acbss>`Md07v$MY;#UMRYht`+`H4WyD?TQyD_FK$!1jUt}DjzKy^*lfTDBI`bAbo
zrI$+9NT<Xh<xn$!(Z<f{AZ=@}|6JE-_Vs2^-+I?to)&NB=kJ689XxN&QfPdAo`_1O
zU>!g?#u}OlUn));LWGnjjoedjb4v0l7V;wF*oKsF)mayVBFlOFprQWPt76>IZTyWN
zH0Q;h)rf*+!I^{VEt{p1C0QZMberpW9yj5qk|nzQv!az_(~oPS$y|(I8~@v_TdC(F
zf;Wl&bVP;>yJc&`_cC4sar1d@=ry<t?Cdw118}&1OcF`p1PHhBH&89l&clAq@QyH3
z*(<6W>j^+nI065A^(>+{T_JC*1+@SX;X6Rk&p90_mU^Es`%QUeOWZ9;++!6cnW_&)
zT2>pKxd$!Ymqc50QtZAwIh|`>Jo|OJ;5@?wQ>(r1@rr^lS>DT234<eU(emgUbM_MN
zvdR+oJ2!}ZC$n!H;o2E>RV(|P4Yl;A=X|$KIrwaUl2I1{MSYa>`$J#w1;t<Tvla;p
z6&Ig1eMLcAm=nJMivJJb<dFW?hT)kT;%V*Y1}yW!k%W8BsV(O9Ev#N|_Il3oiHX$W
zW+Bq!d#`b)hdI286bVxxLA!jGevwqp0qcD($9ga5<z*_)g#_0{f``*g1$T14Q)a+)
zHnTay{%*vIt3R{~2`XY6Hgr`7$n#<&`4Z<EFyTXl!mGkS;*EzCDk_n1rw@)<aY2Xb
zJXa%WaWO1g@}bnPoD_RxF1cELfnFSCvz9PzN^6aWbKM&7-ooPhMYSoRu-;>_fD3QG
za!{R)uik?HV}g3}VcLN+w`(MIQs1#8YB9*_1^&d@C-sGL=$B|09~tTmQ#qPY7|DTv
z7%0a8NN|xr2JF$!*LX`iy3xC@<aub&Bd<VnUwy)1690F_8xt!z8tZZ(gYK>2(l4l#
zs)Gvqbs)U%t+~@2kx)Ei(QjgqcXq)l1u2!}PwyC1ai^5dvs~apD$H%Go}|;H`Tn69
zx7hm&02{W4Ph(8?hvPU#i^($1iB%#ek7oFdYoPGl^5jaF;d1!F0(OypkDZk*!19vc
zeQ+Z*?XBX%&ir~0vCSu*U4pT2d$4z^y_d`7;rsH(Veu%s5=V+{edkiO!{V@ITL+Y&
z-$SPtTIE{EvlH}u1kT0_SE|!s(WbNe+Ls0+kKFEM5-J?V#0*k+nlSSTa@CEf)ii)S
z$hs=vMfZIpk%fg)JgEownbwlZQ)+=0unPZu*#B*-g!%4-Z@MaTUaBfh9W)l;ZxHW9
zIMcFf&m|exCX=+LWw7ya7KBp@_*y7k$)nDfF3NV9Jca3RMz99;ob%G1+O?1^bp^Gn
zlW3Nn#9~A*_6-n=7Vgr-jjd8CUzD9V{cT>Me|U{#p6gp7DP&SpsCo&arGG6lTG!oL
z-?G(#6}UI9y|(~+wZ#wTUvT)kVbz<&ogOzgC3#yN5gdUJ1}7)a$3DJ_9oJm9<(lL6
z@qokGjE&Pk!NmQO>!#rEHjKBB)<aGr|6RgXtRJIHJtI*+hdE)+gkq$t(Wfe}av@X<
zRBZwSUq4;DwlneZ0n+x^+P?ufMmdv!(m|kzx=`@qwy^d`pD0Ir+FRQ;jgArHv<3ez
z`rW$Z#%e)c^G&B&`s1l(-1(t5zG`QZibw(Uy*zFC_F-?9;;M0epP<me_j51#zVtL6
z1p2!F1i?=^3aI9I3(n*^0*N*Zt#>pi#m(rd8xnG}j%bCh$>a$v3Ik(bM?U{|ER4Xj
zWoz8w$k74Rp%N<(-3A|>0!(>klN<ffEN@B%ifLwfpTZ51<l|0WP;Ca+PzwiF=9!+Q
zJp9A#W#Kg3lE*p8eLeQk!|_F%$|KE5bHXRbvEi?-jVIivegvB_((t`gB#(<cA!iI{
zo!sby$Oi8?ZV(mdTi)ihu1qG5E6cp4#e1Y!ygBsnV!L15o8=^nx>dOpEI3y=Uu(Uc
z-@6qQtQ?+Q_eLRlG<}$dKE-oxj~TOW<K=Cu@BZC&WmE6`LU47;HWSJbEu;y?qebmZ
zK4xz-*JS6$T(M4S?vw68w*DUH3p6&_zc(&AxBIsrTMMn)+*cpH5QPjfXZ3#btC89g
zEZckH^^4ScPqdlWVQMEcoeN`7**kOk0n)gNXUnLey(%K31N(3Dvys~A2e0UD@Z{bx
z<Lnfef?xZ@mfl$)m1^{t&8o5F=@tBlz8SQ!BTcic5izW<xS||tXhmREnIG4;<vKi$
z`Wx&?uD{D+;*~MMe-vRxnx+57Ww<WjWwd~9d1TahQ+H=N3@XS95!t#u=<_<fvm;A;
zOskkp?b*52evpVdepK8lTNk6C1b=sm?-e~8ytFWpP|yQzoB3l0mg3>2?|8c})=&$l
z8tHSZ#{G0iim{~M8;E>MmZvwJT&ScmZE<1%>e!JAO#fHMevvZ9{19RC4nUYZk!%RF
zk%yYd4W2P6l`@9x53=APTzDs>N8*d-%W1!X=0an=LhCH6?NoRV5^r$@v($Hw7a~YS
zNXFcnhs86tj26zgMkWn~s&?s2B0xg~;K10z$FHz*kFmo=$h_jaRY_7QrA<-Z1^)ob
z91MMq+<{yPB>X3=+~>C5tp*s8^%dycwHrf<FOgUXvxndT&w|3W;>w}-Bc_7xTt9Fw
zlYys-S2Ceb@Fn$~JiOE%PtMG(!KDrB^vx!STbMWYLUA1dW-z6NNRXwn!^1XFbq3tV
zMo$77aZ64)W?))p8V*;?tV9(S_BDn0U_uh}#s~k_x9ozZ&FW`+s=D5<IWz9zVZNu!
zOGnCBb&c+D7??EL%Fc09uq!fDZyk~HXYCj0OOL+Q-Zvc}y)?azpK%`P?+2cjpzrg4
zyR?7m@r|ViZsT`Y1lQ1^Q=dOk!gfvB(J*Br_il`%@gSEx4(Pg@3*oX%!pmXH^r@+a
zj*`J{U4Nt3I2s3Cl(C;Gt(JH}eI~PLf&*DqVOux7+jMmv>C!X&$1`BA*@tWd9Lo>D
zq7xm3tQwpq$K`h$4F%I6OHww|4hawGgv+ToxikXbIiZH*iK@^i@@51$m~uF4^g8z%
zK24g6h{nQ0ZsrkLWV%Qxog?ldg&#^8tE)ZEplCWts<j_9V*vuZ*`#g`)ZZF(qb3-+
z^_AcvKs{31VpBE;1qHWSQF{4YD>02t2=WS(F$EdQNIaXN4{juSRe|olWF#DZEI{BB
ztq~DCpT=K}9iwaANjhjxFP8%pmoO^GE82bv<FJfhF_0e|^xEv~+y8g>5{dL2&ZEda
z!YsYHkmyCAIV*6X@~Eg|#nG=sg+33htsanjDn;F-g7`g+_DrSwAg!kwH@~H4{iuvv
zr#ssMUa$`?or6dETKGCZ;RB781msRo16#a-b0G@6k#=#Ssp4tO*p`zU5f|F%feEnG
z+P?D?<WB#wr%h+tAR;GU928D~%6^<{`25)5G<y?eakkdS8ZWjLSM2-y&9qRXO3Ama
zv&evHlO!JvtcWm_ckgX_t^VA(#Qx6m*PLE0e>K*D{LKkdF2`UjwW*LYOI>g?8)mhY
z0t!vSN8Ym&+M4YiXi&<(_7)Q~Mv4ZMl&<rkcOx;wYYUp@wYy)8b1+Xw-Q3FvLKb%9
z<<lU-tZ4e!j(%#aAAYSqs)0;yT_f(hurILwGjZbrQei#}=q(yZRuaF^HICFReW>nD
z?v!<aq}j(WW|@7q>%w)Onb<m%P|wWhJ-Mu;4GCr7UQ%5a$=j|vcc|MXIos@t-zqAX
zrP{Qwx^$%j!_aX?Q{sT~L!c3sE!~g2eM-Dtmc}uj)m22*sSCK30IOR-oEKRxp{VFM
zmbRW}`%kak8mR8o|Lz6-;jac`B~%WWYoL9ea)VRB+u4x8sHg<>??D+Hsq5f4j>!~v
z?N6l=(sK+&lQ$aY89%)DomJ@eY%Ldg(CB~TldH{DWnZTM@5YPeu6~KnF-f2KwNlkK
zP4Si897@l1RCc_FJe5NDroHmwB^52&0#S4}{@n|4N!~AEgMM;yQN=4!K337$SB_7?
zQ^`|wb1ZgRLI%N@f#f;2)F*s#VGO=)Fymja7jo;QSX`bw%)5#EAij^^bb?lZCp9^l
zrYU=F3|`6rpI)iZ9K_qQG;%xA^smi=t?Dle(gYXpT^q{Vc#}EyZiYaj5ofSpu^-((
znCx2_JCV2VOVT$s;jFW~>@|M{RT-mXRk04&6h)uYTM2D)DwO=L6I@Qy?gxcc`OhUD
z!f2ss1k5%xrR{jkFKHO`FVX5SF?<_1;WTg({BHK`%8`Hs=;fcE64+f!lUbasPm>#i
zDouIKOIDFWiuVB5;qe{HuY7NK88W$LhfHNpkBg$+MY?^JJ^niFa6gPZG&p=HI2?|V
zNMQvB_3dJL*zt20n9)qeDtm{LOJu2I%4kygkZ@qxkSC?owyE7M&HV_o!t&w#&Az2u
z(H`^!=1nENQt-puIsOlaeqPw6@p2r>3OP>aKSz+-yf_VgI6Q)?ojsTv3%ykCkBzbl
z1nC8uxCo}V+Yn;zN4h`WcIcNiElzhG9<M70EiD;b-A{ficw95(9m#aUTKTvK<y?X?
zHhAOVR_6x0bfWzb@UYc(V8@W=n+-+JIEK>WAiu>#X2{AGu^M}mcDKEPD0<K9db7Al
z0Oyvnv=>#sm3WtVZ+2YTkIe}Sa(e55?(|k?pR#>Uu3bk|3af`7e}-5Jnp3<}v7hZi
z7;jc9kNEp{{oD6nU+9ZILnbX@w0+73SWY`nbX!wr3~gZzgI`MBzM|*Hr(N?^zqdZ#
zoW-2ydcFTqy8h`@whev1l5n=tqCZyF9A^@;v)fk9g(BRzeF<l8diN+xCBkec|DxJk
z=`+s`HwzD8i<jgMt%BB?WKEKnLe&u4dvX~MMgm5SX6)9u9qVw`y<s1F@8gyzGw9FD
zkxR2BD}E7~qB{irONvVa-*=&x1rKSJSBLdpC-=a%hW5aM!q9avXmmc&R+=?86hmY$
zkQcbQg!HHOV@e^rYiWv_qWdht4(sv%7d^S7Nqs6?rN$UKm+E$Cy(9lgEND$!fJYYL
zy@FE;GDII;q%#)sZeSq`H=bYHL`-MZK2GsV`G%S0np4R)ZY6l#u-HOJAmdz`_4u%L
zPy#NU*Ay>uCLh^8lP_HAlEiYMTZ6aN^xDYx0~$f!an!S832FeTo2-ukv{b?sV)h)1
z(xtK+N@&nKL+w*b3XR6jpumRzd~qtf%PZU0D*PH1h(;XRP9RKdJ5Z89@e0BZJhKwf
z>!P5gdsoVc3H-oDe{5m`C%Z~Frup(A53F*eCM35>*^ySX1CYF43QuXF)+)0mSKter
zKm&#Tqr=|~<|dm0LuqR-tcB?z>R9X}wGrEB6eL1u>8U@`<S$<VMJ~=Jz47x-ZD0X?
zA0}p}>zE|3M`{y`Uvpc|@DZBg7;b8=)Wc^6Vb#Aw`!8wa0vt#(Y(`oYzbqYLz4QBD
z!`#lq(Hi7CxJut%-1||-)?dya7+0O^mj-ALR;EPXk*GXU9}zsX+)jc%;UhU5iQ&Xa
z8pcX`a1B-z9CX($%5<fD7FqVfeUPk!Na}T>YdSvbx^V-sm^58c#H8kitto&HhQ9Gu
zW*WT+%8yrDsUhND2^xi8+!WQi;<=*^1dgGfxBS&t5AxOR3#uhQ)mS=_VpFB@1!4w1
zU?{Clf6O#y4A~Ds6&$X5wuaMte_gmry*Ulf?+&f|?sSYB?gdM~%I<X^uOEJk)r~rV
z^E>Vq@Hd5{Dhc}Ss}_&utuSYL$IzSCLG>73==B(S7Vo>~)cSSIso`t5WD@WV%(*8D
z5T@ZR(TL*sZoKd}8Q4J34E0dYr6jg!7Vn#3)$JW|C$Fp58~UTylb!r{BX`$qa%zLK
zdWvWK<W8Bbc426K<4-!X&Ss3vr1^0iw6P<7qrAzU82&M$dbc~0<}4$)Npnwq^`q}M
zWDr`HLCzs+VA?tqH(Ju|_jt6sD6rrB2ORuWX-B-dh(p++fYB<AVBN;wr8<qsU3Nr)
zn*vaY5@-I6h=zm<<YONyUy)VQp8M0^6CzUQr((dDVI}^jQd6T-7+OrN*F%j9>3~<>
z0=)8;#mEN*|JIdPtm=|>jy$N@3zBFEi=JMZ+uG@^=Uy|XKg5?TP1Pj9W?7WEB@3)b
zLFE^B$!p%wMk|{kHEGic6>u3lO~{juL_gOb&?JE5=17P}eNmOX<D5_qLar=QLmmAI
z$W#cu&oX*&N@Wmn)*mb5c|BX*FdUf6s2S_P{>UNW=&J(@Z7<*5Ex!PTwkLTdn}bPv
z<M<~J#VeYBc(F#NcVVNr+TJy+A$v9GdR(U%&6e!!8ivD1J|HpRGoE+tb-gAqxR-A=
z*4Ipx=FGJx64~yo6xbFB9}U3DfWvm6i`UxtCPnF+ewD^mDuiK>Qq;*2V=G@u9l3wl
z`wREE2*O!rtnqi^FWlMdYB1h7dxhrrS{C(dTW>Z~`V3`oS6|curxQ}mcN;Bk9@*u{
zuU#*#jv`~vzTAvVPTh0rY09je-5Rdkxr`BT-AO(+J=A1M4=ov^CG8jV)+I*8EA#Cv
zU&?Uqdd^LT@7zQQeV5J5gyS(1E0RY0yspc7*nXMRdt>nC>=4_$*Xlb(o%zA`#E+!v
zvuYdQT?_cV0PWX%0a!C|3}u*%Ra)e^w55*(7t8gHwzwas?rFjsx62NoyU1GOYUFHl
zn=}r`og5{oXC+sbxN*=3VHOr*g~}-#7tkn1t$D>hf8l#a)t_h1yM)BFbnrHgFkh1N
zGX)cz2%&u(q*mgP!h2SITMai9IBeAT^(uVo)U_OTIyEd|ZsY6@w}&YIbBjS4&M=><
z%!8(=h!$E_RmZv7?8;Qtp1kr`Ti=HwsK_52dgBI8_v`7axxlX`m+`N7PaiDP{7UZE
zD>%5gE}#?9-SudUIkso+=3icA)=6QdOR!zs96T5o8rmNva$aQIhSFTc>1om_LNX_P
zQwhlC4PNxib^ENW&EkFc<L$_bD#3NUA6EF-HJiY8l)x_!-0V|Z|Iu%R4w>qZR%-zU
zi~}yr3?Wnl@{~HLk}lzE`EhJ4g$}oD0zsih4JMIc7$S1t`AwiR9!XF*(oQB3^#}!w
z!H8eu6&BZw&6v|3s=GZ<;<-_Nh>y>G?V(>%6}1}_doyXsBb{`e`-_pFaL6N_?)1Hb
zs+P+~SYu_mEjyC;)&8WqSke77+=HKx1I6;`fkCq4@R%dE<DHbd*u^4A*SxWGHB`Ko
zc@R5{i;gdx#}K6BR~}DP29oNTs;oFiH*t3-@n?RsGlg2?eAf8Iic(*I(70BtKtGfr
zJ-@G$S>`@jF%tQ6AYLzS<R_P^%GpV#Vdj<B?i<npuHfdd;4v=RkH6fCF;5KLLo(df
zxUl~zE^XR{@lo`|;KOF2r4yly5x7FNV5K^?^2;?^hwtS&gA!EY%r#Y7;CEg;<vVM}
zOV5y62+pGsr@(B(eZJ|oM-H1w&5oT<<*!@^l8ZAqS!OW7N81s{qa3~86L!MxRW(@0
ze%j^?69~ss^^k}4g;ZDcR~<;h@zR+{zsjPo@e8K+i}mfBWFBcIOoil+C9YwXj?d1)
zrb}JV36PtryW%4m^d<NhKOdh}>$2C69QI9fHeIgxu)YV*onhf9MQwUsNef*H>c&~k
z{1VlK@=VOkX~EsdbwB&njK@&s6;7(<S~JeY*p-FlGDQu-VYdYyd_iXu>%m+FD)wlX
z>^OaSzfQ8|_)rHF|1ZWQH^`HoE5-C1|K1pxiT)@eZTN|v@IdVUW9k~C>sqvR<Hoja
z+t{(wG`4NqHX1i<Y&W)TG>xss#@oH;jg#|tk2R9XZ+flGVayMS_07juZ%UBp0VM|S
zM091+hR}P^mvTx=(kgGK=8Q;>d2D4S#)$~UG+{*~c&DOUnPK{!x7D<UM=bg-nm5uk
z<i)q~p=GJA&876)-TYvW-COscpODXNF-NVORQ;M^DZ;Rj*Tx`|Nf21bcZ@#|Q&o-Y
zRAA|fW;vkkGsr$al4Z2;`A@<w-J4^B7Fjf@;9&s7Shd-P#9#|b%*t`-FtQ+`Ui-TW
zO%WHZlSyeaR;t3DmkwX;Dwj4?>=$=VWBbf!D)ECv%?MgK@YPdj3<X}tb3E_oI|F%7
z?B(SwgCgjh`IO0Vu;L-P63{nARrN{h%#q1@$cUo{2%rr+u?mIp5~4k&fUEs!hE2h!
z8YSkTQTsp54bX0_rAX@n>%-~F>0{_rP21KjWy}J;FvS@!baHPdq>JZg&BO|O)XBZk
zQJ}2=qQ_zjmBt5y)ky1O4w9MSDT<~qWxtu1FmEZU_ybe|Aj%At)N6uU`WclwTgU1H
zhvFh6^21HJZ}W3SRoy@kR6fjvl>)vDW-_p>V$gWTkey=eR@KP!Oqr`KC@UD;qdWX1
ztUgo>yP{R}YywJ2zuroJg6bGo;)XLHx0vTNPgnihwg1nQhzBu<d6r~|U@^^}yLirV
z*EVU}`C)KTWHpXsTV46k4jNE7w_42?jfUJX!)um+&u?|g3kMKHEdmvHG9*xEd`#g|
z&2cgbh%IA;sZ7~m^9=r>!TBxydRq~Ce0z-s>hS71yw88U@!}owaIhG}21F0$KrE>^
zu+rTt|70|`8QFx^9lnuSeLq)s*faofGa0&MvlHO;JzMHd;JS$rbnnZJ%IvfvjEyS^
znBRm^mt1Nst1G(`iu^NSf&&))-dg|GB+otA!-vC@U5Wzl63rEdvB{^YzcsVQMysJ2
z3=V_jG<0}CCigpecYdP1_jWBl!(#5!!ORB~af`=Dz*hYH))1D1;8Gv!Dj-nz@+-2s
zc0#}rF6b_DCJq0`o~Qaj2251AYX0=7A!#3iN|k6eHK=b*X^Y(xvtQlswMV0lC#Q}=
zZm)MrDp$Du=i)(=6FUujwMGI-TyVX(lbtq)qQZ-Qs5k9=U8`FkQrJR&1th`{qhtPg
zAM5#sp@oYGJr&F|+i%}aYcLU-sB;4SzN#jpdHiPlmZ^IaW3&!k<88Mb>cxa*3v2(A
z9t)y*rK+i!`Jn#VVBpxT8xEy1(<4c9OwZicI5yLDf1hC=M1Br}BZHyHL}(}Zr%7UB
zw*qTt3XCC&1RoQe;}U$q^69aC1_Jto{R|!^eRO_y`J8#{rYzm5w;E??uGfJ1c-8sM
zt*PC0#Jgnx`(7UEJAGwKsuF?R*<(P|V{1XCrnQ-O=ohJ>nEA2loIll~o1ar1puT2~
zKPKI-2&kUi8Wb4*h(7BAC|O!kU6POrHb&(80dQMQw;zpBYpb5QU%@$x=NFKIs`6fn
zuw;LW46q1HVh6kT)<;gqoj9#!M&OwZ8qMJz(Dr*@@h?69W(gBnYsBf!Q2GpYVnj`A
zJHB@XGDynz^ATI@khZh5NK>EnCn{+HAItlsU8P@b&Yy(u%UcinOjv|)_TEfbA&9G0
z0vixA-BF5~NCE@rmY{Yi6*7?zT6pqsboPd6ZPB3y;(_6gez;`hBPgSi+WmCHfn4Jx
z#$d2vs7n8atw$|*dAN#~O{>>4ETT*F0_JBe-06p}^xvLWE>+aEUPQoSWt2#v%s1hK
z9y3TF0_okDy<BQVG0%;MHoL<!z7Mm17Fd&E!G6=^(t8jx!LE6h7&QZd#sfUgn*7#E
zm-&5Fqnb>jVww38R#_qPGQ3pqrQoKZkx%lAnlQ^kmD8oOpAup7gaNHEI>A~WzR8v&
z^X|eGZj#C?&wwlsBd&JdT8e+XJ9V%6mTDvS-k`%9O(%t9dFb6JBT8N7v==3QDV0Xu
zDI5x{Q5aZukA636H^`Je+NMR@>bZEc^SgRi(yc|QE_RUyO1u#^*VU(I9^B<wF>l(*
zWJru6wvnp}I1lj5`p+~Nb-~jSdWmfE+ic;9B$4s2vRTw({{r%X7JCs}jbTppZKV;{
ztXlNosTTbbEL3ylPsS0|)29$&w+F^_rI~V8Dy@9N7;W&cjDbS6S^EM{tu|4h_~G-8
zs<)|ov5HiMv<Hd6etn9F6)l@NVGB?8CxR#ufZ@?#cWt^^@Z2BB6_vyBPeV00cR^w+
zN2aLtF%^RL8f~QI9U1~(Yv-OC*3J-LMi%oIyz9?OHSfz(f2TO}rR1xv*w{oVDxK!1
zf8Oi7B)wl*Yb#Hex`I<gxYO(`F;mG<W$YxDQME!;1-XQ!IWf()NIbGo5;CF=_Z0((
zoi)C|T-Qh*&J~f?>k%S=Km`$Rp3AlQ`k;YZw>`aFsC&5f`aLO(q3;NS?#<?m)V>jI
zPdjY>r1j+P<%)<j|58LYIu{P!AeoEhDoi1KZsMC!ER~#&&x3$h@NWv>bckb*r=GsK
z#B;+Oe@QED<a(HLVnCSko_yRf_vW}es<J;K(r@A#T6~-RIZo_>hUFzz>8KIrCM)rT
z7?JnWa3qJBS~efM{C@so**>;uYzxLIgWNNE{>x-70R`UXaK4B(p?lF@(WYJgC(2(%
z;A8V5uGjWEFG~UV5A)5{O=Ea3hCai`-py;H{)?xLp%{a3kVfObwOoA`siIe0ZyyDs
zUTbwOwS>RVn8?p_AI#XC<ut?nk{<{-sv3?bL2fZXqku3lNQ=*v^-1&uVY9o_S-Opk
zX1tytfCV0x{_9bm6^dX*0NS}1={OTL_g<q8LpJd^leSK&I7RYLM7<XGHz}EvC1@A+
zbSSgS@6~eXpO`N3t#|P0+dSg~5D<s&#u_ajN#DFj7S1246QJ0Jg7lF$==PMxo4AR$
zYZoW82u-{)QqN0ySqO%!5Y`x*$hlh7KzkbJ!~<<O$o#^Ov}L?Qr+#zk=?bXHH+#)+
zZf+S25%ik|s`i1%`ZWt+Xu0RNk<U}i7ljOh5S|3`q}~$y1+%v=L!m#<I^sIh8}h0~
zJ!rYjiz`@o=}>OB*)wshcUTOmapVVd&br>VoZOw`yry5+J?&Z~c@hPAokr>+M5I&=
zZKEJ$NE1vyCi%BXRByhgUWHFiL=CexHzGP%<A30?*L=<Gv~)_>B7dy#f*vzYy;p<w
zyAplc9;o-PatjLB9I0!cBd`7<U_ZjTHf*&*=COF(KFTEeAiK-zcFce^sf^fxvKS+Y
zY18CPmUC_IG9eM4jS>UQOKGB#8V>BOi>?L3WtserNw)K5&;Oy&KD1A5kc8w6Z;%&z
zqRT{ayLQH*PofZiP0f&3g@A)S!R(J5AyjKHxg$hr8}E#TG}#<+ZQ<Fy{iqQ_=sf^$
z9Z>>3s8Q#2qk%+q%FHph$@eH(OesSdg^X^Kb{o8m&x_#l(L2pJ{p1n#+QBFM044Xs
z=yNq0gv~4ApEaR)ik46RT77QHi53(MDE}5~zdS|f{=9sc*yX6_*p<nO!&h1RG~UA_
z>q*$UXc!HJzV)2XkH*xQJ4zf(Qudql1@l#Y4x@eYsxze-X2EqjHH@6!1tESTpZHmX
zB08)M9i3qwT<t_I-olXez9;^&oLD+TXox+qJ1sj)2=l1gT0z^|w2nlYD*7y8qP$!s
zz`4k4C~iqCw1{}ZuVjVSZ?FZ8n@4UyT5P}_A)OiweJ#~pqF{c!*H5cH&c_Mk^kY&Y
zoYML~%&BYkio2`!4*oVsifVZjRn3=6iedHpEr}FnQn}J*7*qHs1u^b<Cy2i{5FxM|
z-G4OyyG-LzV^Zqg!@1xT+9GHdf4{`m2woF&KCkxH=2rw~HekMLIpR(u5nk*Vobolc
z`#Omw?MJ_nGw8|_A6L34_N95olShUkPNv%^fbSdFhgGFpl;Uk^0AHq^zB23_yA%V?
z%o-It75$F4wR{=029tOc`aVeNTT8QA%aI9EH18ThMmvSy9G789aBDy>yp5_Q;U4L4
zQ}MF}ULHwEf>k9yZ$FgsbFh1$khv66t_6$K+DI^(Qujn<bly7v3psT!$()6{fJ^j_
z`2rl|D_ftKlXe4Br00GS`R8CW^a}p5HM)$7{kyURqJ7hunb58I$6-KWhIhh<7~cij
zA&gi2H(N&nv<OjBb*E|?O(G{u@$?N~4N8N6FWXVDlTI_E=+rCI8p;(+ph<MY6f<kM
z&Dv|Oo2ZZC9#2e|v^>=p|7d`hA{ieJIQ+=l$EAX%`|71zvrXhN<W!wJ7bKCK>JHOV
z<Yy=zM%SU{S~X{Mqe85NPlQJ|uMCP0@nR$&onK0v9=G1+zFqHTp1}hm|5N}5D64z?
zS$Q&m>1QKHyMSdl>2Mx|FoGdZUh?G#Z9;9n%q*7+w9IR+{&-wpcQjELS77u<(Y?wB
z&dpaYaICRtI%C|}q!t5S%VFi^kYM3?X>j{pU}@6YiP(vhtdRT(yFzuScn?FhSt#x0
zk5Rc^rz@)#mU!m6Mp&5Evi==9{>0aaP)#h|HMV}?`DxJn*4hIvXwFg=DVgP)T(a-U
z4415e!=qes>c|=Na8ODg5Uh~~nIDS5c8-qmmxP+XBrrwAa_fkgmt@8t=C@Rf?H7uO
z;^MpxKDK&cP*RilKz)&XB21_-ULr%xRGIs6qJcMXYTyO&`Q^Aqhq$HqcYxc3BUd{X
zLMZ0U|B4#}ik}ACLI!HaX-^dM_q}VR4gv;bk{Y6kC6bco1HKq&EeEEOxe;I?AIgDK
z27~FVKeo;`NyCt<SN72q>~tgw*I9*eY-%HuyPc+_!WgDMIoNw+43pix5at=dVQ?0Z
z-|%Vw#za8B(id<J)55<}YgM9c-oy?EeA`g$b#f(q==ndzR^?VB;M=gVRnuyo#-`X7
z8Ko{3rlO9i2+CAJ|E<oFLS3*}VT-6ic!B-D1i9GI&no^L?nU&eAmETmsF?3pGs{+A
zy;&{lUy2(u_u*i#y#4L-y7?0FYe7NfwsOUhZwE5Rlk-qL`D~q%js_>%H1DsW3PpX1
zgvTfpg^W6m)Lox*a`FR>p&v!T(MnFRwBAakI{-1mrrhs)|6E-BQKD!hiz|q!uAAqI
zY20YiA1~~%XeEnHD6qY|F7v#@B+YuORW=W=s0Sl6yDe&Ev1IiGBmA!%V#jL-H49c|
zO$f<|NLoY8XCt;v7GCHcrcC}8{Zk_&#6q(Mx{e^q-V*Wy8n(>mWsUb_A#o;$GqS1)
zQ&;S*3;7p7Sm(iXZ4vC%Ap;25JOXB^Ukoxq4O0bu+Fu<POrO|=YKN_ogvk)CI0=g=
zqg=(Y79Gs+samm7;6r7nXZ{wrms{k#q*<RL=)fiM<jwbIqGex_hXUAWBylj9N0R0X
z#P;P4#~<uL!9Pg3v;dbh-a>}N-H;^Mz1?BK&8fsF;jr@Y{_&i1px4v+NmpzsEXPx`
zO`NS=-Ha{mLTKnO6qyF25+KXFi(>Tl-HT|7^F54NAjSJbAm<TZhaWtCt<5oI?S)4C
zKq1o~$OH)?tXS6Kq#kiVWm=1Kup4@bWU)lSSPHqa7;SVZ@ayR8VCzmZ<BVJ7{ts?;
zdOTu2AFz|aRx?Kg0Gy4!v=U>*DL~&AB)dnX)}=k#?q+C#igQ&5e0aJ$n=WY`3IbS+
z8Cl2WlS6vUP^jF+;bh)qv)rxEKqM5!r+y0BkXI1&&$&Mc-osY1>~;HGjVeS9*svCb
zp#Cz}6x@e{j9?{-q23plm?r;lgR0z2CJahlr6DY}`K+txDZJgf|JDY4<Rk3Vlfy5D
zPl}M;IL)E{I^-}>1*?PK=Ys2Zt^lJV&qkym<rpP=Bq>Y^d5W{_3okQnck8UL(5g@<
zZ>2ktVNKZHxH)Cc#EZ3FhK$Zw(>Dae9|xjL2A;gNC|51AMtIEleVR<^Smng66p|cY
zA{jX;LC)f4Rtp^8lC>jO?SI(cWiuq@iAv&H+7%bUUF=bpo6P_8Wk97vZ@K8_#`SyH
z4%McUNdoTSIN19P#&qd@ow-~`U?_AM%abOPO1gRgc72xME#zEd!&b;xe$NHuKL*Z$
zw;pcqPFmNEOE>Jz8Ao-QHg(XP?=023q((O3BMmqnh%ggqj<k3GPw=a?xDa>7U~#Cb
zjoIa_2&%=&6zkDX?vzsEPTBXp+O&Qg5e%4dgPLRK7~{IE?CIfx{2#cpv*QgZk|dRC
z*u&wl#)-8^1fq$IBtiyL=!%O>(Nk!go2~ap&q#2^{)g##HasBHfm}=TbfXnTrnu1y
z^K>vpG~cH^jGY_(oE_D*NI-~Um6vUuEH!bWmH)9VtsVy$a+Z}yh+_K=E@KcmsVuRY
z<x%1U7Dmb8v`jRqjL`WtZ|+_Pn14;UwF$+FOU#=4+V5NCa`KAx01sAX<ucSXLtFn{
zOT|8X7STy%PD5+ts!ojf0x&r(vEC6b&T(f_2#7T;69to#rshaXM!}XXqh&cY4rX(?
zMnWiz443e<7$ohGlDZ;ds7n?L85`#li@rwt7ZGn|rFW>e>oZESt-g>F!<^_>P?#v$
zXZh+1q^>t!MxRAsQPNo#bi-RP>HY8D0N|kyXbrQf!|A;tq7vKFYO<zT4nmWKzsoZ+
zNM(tlYW{HkV!Y4AF!=bvm}lsZOY}<(eEBK%9|?*fE=;O`Iv1WoD_^%(t+xW|$LG(5
z(KKfCt}C3cbv-NtGQcn2w$}Y7aIGV8nnA)crR@`j`Gr&~*X_<E5r6<>6%Ye=KxLR!
z5KfOLrs~cX(VGQ)tuvYMCI#78?y#{^5yPIc#(t_PX&?80Xb>-QK)ckqrJZE2OSlLI
z(m+~I<!)eHG}tQxD73Ao-U9Ay5<LX7V-@|A3IW{|jTu3?A0sXQ2DaK+L&!ZI^8%W-
zC|FBTGHqyLc&uPnW`ap9y6-=-w3Z42$};k6mX!=C^j}#v87ocy5PB<>3wTi$gg}w=
z`(X%a74>KY9nUPUy$tDQ*hWGitNo9`!1hH%VNo&|!a5`jX$)76lP57rODSRyNXcxF
zK9WU&rtBy2v0;kDI&6b}fNO|FznHhGPNWmPHJPaae)K|bg?~teMTOv$qw=3TCz;>=
z7=E?3PXk=$2Ke33v^e9M|NJxBUX3U$GkQZ<D`8?<W;#-oFe!w+e%M5o)I^fW0y<Nv
z^e;{t#lR>26TT7#HT&&GG?$Y#D$VJv43u*#!jC1CCMGv9;%_LMELKz4;vurQF8wM~
zy+T-hriY`byLPvbCxcu<yv%3Jn*_63YY<+8U*RDc|B2tPTbp9hL724=?ZZ30W(Mgf
z$3<&zC>xYg@}%1s9vluG!7aL$O@essLjSfT%=~cNk-Ny<4U|nAyJ|N><N``&?CNqz
z13<ij49ksz3o~pG516d`#5s8(0a%CnMbd2Z7xte?2Z^JXK@E&Su4Sq}Ki0vyqD7@8
zkX=hBhKY?DW+bDU%Fo9+eEtu(Y*`?Qzoa0A%B_sx3@s+8R{~+K;(QrWj%=^buEg{)
z)&O+@o96j-L33c5uR@6d=G$>a{vo>Sj(KV${8DKN>~yZmK%H8J^xfO$6GZTWxgAZf
zpIJG&hV7kfaxG1UGs{`|FTwM&zP<viiOb3R<}R*|_$Ml~gCMwkE2nFiU%0()E|5E9
zz)Jo5AXSzqH3v659_0}**I>N_%P8&~jxZn_*695ndV=hS(#8h2MrA*dZps{+^bs<g
zaB$>Ny2#}Xm0edYqD`c%VY++$Y<S@08(m{P8dt($`WI%@#~F5`ai{C;fS=#y+K6ZV
zITQOW0kPpA&!%m=XISPwMaPREq@8Mj!fP-gwQAUSN}xc1K0MV60$P2%z>X6}>U@sR
z$V7<MbTHcp&qMfMHCatXgtn8}MYJy`e{V25k+i<ER`v%6(G%R@<^FY+7Xp&QJMp>x
zb|jdFN%~dg_G_PpH1DT+_|@~ERehGUgroI3qo5HgadB#n<y;hO>l#{?tYor~oRs)=
z)FI>wf1SkrDw$p`1Sf@tI>cy>w9RO^j}Zs%JXZQHJvMe`-5duOMtm)`d1MXGty72D
ziRPX5!DY2M#~0SlGW2wJO$Cm6?p1;->sw8&aT8^tl%ah++TzW(yu@1rtER$y9_ube
zli!Hhjh?kEY<ADwK~_kOrZUCqDTXBLZk`q}Iz!_8lVCZc6VT{xi$j97$|-Q-{wR1L
z(&EHI(6OJ$xj>WEk#fT^gi&Nsdez~`RbTw4i4dg3fB&G%rGM_%{>ssVO!P1Kd-{q1
z{1cl+{jEpkpCf8t;^ca4$Vb)6Oj=pAXOa?d&&mQ(4hQPqOkELGoh5X1?@y-6FpT-+
z*ZJ)XsOd*<T_mO-;2yLoXst$7N%Nzy-3U|N)>2jo(agIAd7J&-^xkFGk-xr9Rd-Fk
zAD|m9^=W~V2bC6p7sn<l%_{{eOF+xxlVco*iy8Ewa1i^Zn<@@e6Imp?lSP`RC^N#0
z&bK3{Zq6fr$hmE?q+pl6loTjuSAGocI%*`D^_ae6{t4BwCndf6$vuu`d5ma*3v8!)
zJC2EQRolMIR!e=gicAhVGdCKJDLQ~AeOKvOCt~wtLTHzZ@0EaKl$~<>Q=89TY*qSU
z?Xa1z(g~|yMSrOFUc<ACW1H>!&x!@zO@wohf)hq+0q6CoYx$SFRr>dtwOFO$0P(f4
zi!zQ8eI(i*;R<84@Nb($s)0f35fJ^-zuAhD#z|XFTF5>t52ii{i+|Z*9A!dK&n7hh
zLooap#W*qIgnw%%4>tk2Oh<HKjWvv|*c8-CN<7c=@4WM~yiEKN56wIVyDni-CrX0-
zKW+<_3&F6VxOy^}B;V!c;*|$5UScl&>@1<in$QiQYjkYIxWOfdbbFz_8tINrv1)1_
z<*kr|guc@<y{%IvYeb?EE>b~a$;EoewIrc@ugbH-*=7#q(3OTXGJ%f$MqW@;2R<~4
zf=4Sur;aU3%m)emIZl`a<$@?!5$1ic4~es|Lel9P!!OXt<RhNHgoJ)0w~P3;lKlM+
z(<q%KGw@dtxr6wLiLdH7vq&DD?3c^*xAT)1{P&FxCgq2dKXgg*`@dg@^bFoXPCJfL
zwXHhT@AK&ZmB*AldvJFwn}QAap&VRFoqNkx*ypa!%rB~IM7VCCFb`+=!cRhKDy?N9
z2PI9`ec#wF;%2`)4P4m2D2HFyw9~G6z!e>#WEIJX&p1QN&yjP<rK+2^)}(>Aq&}0O
zvmwUuO7`v`Y+u#%?I}Tl<C`7?%sGGXkrgIBM{XxI2js(*z(|QFGmv!>N<~47)lk2!
z=TAOIe^c2B`9pHht1ly57yhT_8w=`GEE#Nes*WWctb8ZQygMd60&!_GeXb60veX$+
z2WWto0eKKe7dX^QqLRN}Aeb*S!UH)*w?ZYeWP&NgO>aKg7_9UQ9h~}pt#x1vINrs_
zZ1Mnwt((z9rhBUBv_S?-=6(fj9I^b{=RRu8Q_Fej@$>F{?N+c-$Cje$%=Q&eYo`W*
zGA-U|fx7iS+120aqop7bmhF*@@K;r7vEd*nxX{v~13^*oU}Wv7m}-Rr#H2fzE)BOS
zLL>t7H?Qx>?j*4!sEw48ThX|q`tyW7Fk-MwIABCeB!I)DIK~Bd7Td*}v&Mt{1Z4|v
zwO>&Ng>2(j<^HoRuiT8Fhm`f_9)@5~RZo$&z_77#cuf?!&$3X#Ro2u`uR}EkBwZW4
zr5Xh)&<h;#&z0AAaHBBxPQJ`^VWY!>2Py4A0C-4#;0Oo)jV|9DS9TX(Y5ZOJjH*I)
z;a+o19xQgj%KsQ#fvM0f>|j3Z1=;pFwOa3BTSv#um2Xe4iMBNiu(&U1XNyE=<PlKZ
zL<XfC{5#XNW1K2dk($E;JBtL^K3zu@3hQ?ROKh|KybO>8UOa)!3V(OZ=zx<)&i}WU
zc+G+%mex)#W)AeovFO6jXKsHy(ibaqw@fSUH$fg%=Xnl!F?+askotRqT~FQ-6lSd@
zBePV0=UD6FS(UiJII|g-qc~vnl{=CLArAoi`;&%f`6XzXSrD;Qu417(N*G?XgvM(M
z!7uMrXeLy3iJ#7MW926%K_$>WIx9R;Ujb-y&7x>Fqw+kkz-TtvTcq#0Y_<@9yBvBp
zkY`YT>lU0G>-8e8V9?exG)O|bD{dJQuXZAfEtvDB;v;=v*H!D|WlJ5a_${#2!vX#$
z*;>DzU6*$EWZx1#z08HwnbF16>D~x9qLc6QuP}}h^9&XSw^QDG>X%iDTHR}!P2PDZ
z2Foq+iMQT67Ws!LXD0a-U;&`_qrhIeaCwt4d3cktl>{J?cM|bi9Q0R=B1;F61{M_f
z9g#k4?^H=kxJ=|u@`q~yAws#xE<$<re-Pmyof$aDRYJN6u`hdISY}(9nR)qCV?pBd
znWJ+~M+p{e-J#FLT<IdcS^SRD#_fH{G<}u{cF3UN{$OV$8@G7Y4Zjya<wqLa<@0d-
zB7479lLO*s&KDG_Yi=tX$J0%Gsy^xN-1E)mNd7zuhB}}VCBLSfsG;cEYA>We9m-8C
zK8`$hYDX&EJiyS`#gWJcDynRa6?x)x8N#|8#>W0S(1!TfQUw2vAVZD5k1|DY7QSD5
zdn@*)gr|_3XB0qx=eC<&wxjLq&x(CkV%DZ503z(jw`F1L;Z1CaOg$C5)pNeZevK?}
zC5D@{5t!|NcZIt)GXd7dtb*HF|0Y_~KI6<3nz4;#$pZtBbAV$XV4j~3%-e@R*J=j8
zvz1~3dC&L~*WHACii0j@DvvGY0EhmOfcq^l&EL>7e+7oYHy654OJ%0t(Qrc*6Hq2x
zO>7%b5raH@X)n8&o$9~nO-N6yf&itt--~b1&Is+Yex-=o+5ViH|Gb2dmq90@TT)L{
zo4GL01}agIIJGw_cg46W#e$LnfA%E}VP9K0%Slecp^AF4rHJbwLz8Ps>NLW}81#9V
z%svmTg-{Xn@khLTMty&Kyo|%-e+b-}=32U;=T-v}7;8j#V5v-`%<K1V4`s%>7n|uZ
zWj}G=oA1(Do;wl)AfyTg$LTG^8}8Jwpq{$q<&^JO3y#dqD3MMw4^Tt3j!@cAU5FjR
z@0zu%xqNmc9wfZH!Lc?!>T+gs$k^_;;ECjtbJ%7Zh?tuf$r8yC9fqQeM?x@R1K1u4
zkj9(CcofmyO*C36XK{TD8O;uH95On|9V~$!K0Sm|tO|joE)yDs+eSuTe?Y$%MMFkb
zvvAC-nZd@G7M3ZCT8M?AQcm*@$)WpogA<2X)kbydSlYIE7V&l`?Aj1AZA1?e-jtSb
zG@>Yodj{=5bWSPDJklwjdNQI2Lw-I+B!OI>NG=N;+es<~O(5W_s!O*~lVcX@e+b&c
zp#%~{`In&4A;<i?w(Aks7L6)ItAzQE%7=Dp4(v7DB&Rnv`GQY84fjR)wgx@n5D1LA
zX$XV#%6QGP5?d+Mv06nKMTv}JI08*38(Hta8#Go0?b5H`-nlSOOghVt%hon77RGqh
zi{}6A%5-iLn);olukr0{AvfT9|IxN}Tfks>)bP1JalCd>d6yHpf4`}DKe&IPZQEW#
zm*HaGxm>CHY0JpLw_$by=$2yKtw)tKrxZ?uAS)CT+ALA~ev#Gzfe`v19L2!F0y2g5
zmnp4i2!IWY{wxI7w(j_#>Ak+vrBY>mn^+c2?U~zrC5MR9=)3N{;F#JG-`YW!M8YMp
zJ^Y)R1AABeM%5}`MRpAL@pj)m37`L5rX0OxK>5<K_S@du$t(I#>hxJiYHB`klzU{q
zt(hTq&Q_DRWwKvO@`HZp>_QIo)(k?|ri^0!^w?G;=_wqkLF``bd2|*$Y2<PaDQx%y
ziA7v88Jhk|M=K0HjU9e=j@FnY@ol?3hFk4^f3)qPJV5kP-omV^ZZC#HoLo%Y{NkQp
zo3byfPhOv2&%1Sx9_SRniWlQ^6^H;i;74SX8fX~cv6U)iF)No_540bt>rnAl^^w+g
zH870gZ>Ya46m8z`l?@Ltk31><QSoi(>h(vT9a>5Cs^@Gtv?&Aew|iP&7vUzHUX6*b
zA|G|+BMO9%vuyTOj||FkZM<17nzerhVci}p3lxT_47_a$``wgCfNbmJva@EV!7%zL
zR4u;M(9hpr{7cI}2n;RswbrKF<HFj$%CMbxdn0ta`AGkTW8m_aGn#Ma_Jd92PID<l
zS4cAN@DpYH9V5%RWa1Zbq67KD#kB7bu^S&sb;7{$&Fm!iwE`+tBYMEj2Bwq1wFVc&
zegsEe7d8bS+`!Zo8N)`;Q<{gse9De|$}e@hp_OY`9&S`lC{PQYvSF;FUz=#vLgCA|
zIK?g5PNN1}l=DMhg=@PSJ>@U9!yVQ<E+$GnLwnbq?%E4tEtk{{YuAc&l6VA|XEkRS
zV`JSqefp+NUSm~OSOeoU0~Aa8AVz*KUliWTY!}pSODzt13W^e|j+X`nQiha%!UwP#
zp%@zo)r}j0fARfV6tMDrD~s_%Ep9~)okv=Zoj|qxUQwT1DiV6*$kHMZwEl{m6jy$%
z$o1n{;)HnGAJ>9sA@L%y>hUV}S!e~_=6$$hv9ojA7b-UXIMqAq+6GK(WQetpw1H$6
zYLByE8O4{q%g3o!{oVi!lo3`|Uh5M?g^X^vd-GPB9S_#^*?PmthPXkebnQqN@E0}X
zWqI3aWYD30vhadrW4g%C#(1S=eWrQ=MxFnLP#148CT_#di$8Yzv=yWBk1)@Ybe+9r
zLg^Q0r|TAz&ct{YTA$bgpzz*4VVOCinsrvCoVIpUo`25~RS7)1j736r(3{q$v>Yk|
z5lpfAsfmsX<!INaDe#G&B)PF*;z+fLQa#f5F4th-5P_tuf=39cX-B@0KV$tWEdrWa
zw*5tQmXteeB2VCA%H%XbfPQPf#S1sVsDBr9^6{5ra~R@#(cw;{V0iQ+i)sE>Gz}+N
zw&}^e%zU{e378dcCWZ*nf~7iN!k<ehsR&n^9ht|vG7+I3m8zFA)eDijo|V~$d;I9l
zBAerx;7QBmijd!h@SRn(R(2bc4TF|?|E=>68nq{^I*6^URa{rCVuE8TVV*`N);Ldf
zGxAq7G`_|u*w{i|&%=qQw}s0xK^%uZKS7B9GPJH^&yg)`1zwjZ+|O0#ya~LY98CG;
zygh9lDEQ^Pp3S9py`MEJ=rJNSGyVKp{?j>EO9)$o9OoEAQM?H~eJwB~K_wYB0N{x7
zzy_RwfCM-K@w9%0J~x_<;oqg+=1mLREqH8=^13-&12R%8mF_c`JLR93!s)p_VD|t_
z(t28~3i%MR4w_i+$T0k6*Rduy^cNpDb!gR`%zJ>c9(L_w4}|(aAy_3kgfejQ(U`Aq
zNz0;9UiryNIV89{8yvc~f2Tb52azHFtYW#Tl~~VL?SDt2i^o=rPoer{Dk~ON_|Qd~
z=xmK}IS({lNbE{mr;FAl2Nqu%5!y_k<DSGK07A<d`Y%T{+fEk_Jwn&*tLSn?SM*-n
z)lj2Ewr=qZ(YG|U2<ORp2oN$}oM$-4STzkQ)+}Gq=*}YGyujrig+a}T!Q}yx8LiaF
zw{n^7g7ta%`qUqi0Kl^Wd;m4`Wv2~!vEVY5FrP@ctw%aZ^d)TgW1dzuW+wVT40o++
zldG>R$uZ|_Dh-TyHZ<IVvC%S!=517zn1SW{W(%~{&L*edrki%qS;nCAZ(KCP5wIC0
zhb<vq@fjuH0DFjvXEjpR)fym?DeVt#8H8MdAa0&uDvF1}_Gn`I_n{BzxZ+v5dSmdw
z$hqVexz=C5Ah+@Wc#2mtBtHG9#*JIaqQ?<9j$a6wUn&|0c+zN3yFTo=wJ`mv`R=U4
z&x;5p@M!zh!|>-$^)cG`$Uu7k<)U?xU{&cdHtKH$eVjqUn@OHPW!686(+zHORRggg
za$3OcU9l6-JJHZ2zNt9aeaQYPqC(Pp?ZkoPM7F3va};nX=@@jcWW$1i{0EBvU*D}?
zmaJc{znECkIQ<-c?XttHRe|4=j6v%bp-Z8eYEuRTYlUiWheRP1bPhu5T_Zb0Y`w!f
z)Zx@dRvX8Mk=U6R<VjT9RqL1?EL^TqOPD~%jqW!jQRVw47ONkL@Up9~b+^DHxRia1
zpA-q34A@0hZ>fMY`=v&V74mp1gw;$oW@yEcElyyNOb#F_{%M~pC@d@w^a2IN_<Hp8
zmxxL#^G$SzUc*ETTUk(?=U`6)a^e_6bAfRfR)i`v+*fF6vF-ogaQ8#8dfTO=xpH|k
z2FHDDy-a(J5CbTe7ib13SWtM>KJkAB*gPRfnK>m?o5P#AXma|q>*-g=mvlRxY%IHN
zwg-IL9JFe0Mj>d6@_o2EiTb6-oBssv2BzoxbaAQaN{!*#HDwn}AVi<uZ*04|$`6m&
zsC@Qqle`@-l*_cA01pAwyx1UPB~^XBzx2?UieshCVktAahXSY=yFkMv{+ThaC)E9+
zmZ|X6K?dlxaZ-!jgJ5Qkh&ei0)ScMrYU$dU%-m(N|JTelMZ~_`WG{u@ft+}E(qD_o
zRA*!R+{0Y;XOk1u-PS&{^Lsjf_@1kcA88-_<5$MX=gghACq+Blz>>-b%E)!P6NJK;
zGblJ?+<_3VGfWd)pnJdOTN}}`tW<}f(p@vfbhK~6!j|xynxcv%MJQ~u7%O2In;0-4
z1Lb;#xd-m>|Lc~oMH#Qz1JIq5z7o@ce+luODtKTBroMcPIa>*_Mye}g=@+M`=>l~a
zUqCLES4l5hviV*i9q+aMgKsKT@kNVh=;}J8o!#(TP&%K(kx-jxIv>!NQmK-bfWBm5
zaMc?@2<b3cJWpi0##InbrYj<KDo;_E$;wHC^!M3+U8>df$Wk`j3&Z%1rmdlr&my%N
zCvJwp2InhS&JtFUSn>6c=k0-~jMLqlf>vjSX&dET@y?yd#2=7rGP+5VF~V9<cLzUn
zGI<X)xSeUHEGuH`j2NCV3{$JPAqcdg21)Jowsi>X)xe6SweUxh%|qlWeBhqhTyo!z
zvfJFBFhAZUM?o@7^{n1?F?>DEzWH;kj_|X+oC}h3eeo)<xmZjG31&y>+MXz?gq|p8
zvCzYI=cssc=1cWqGq-&w#_fG>=p?#a;r-C_e!TB(T%`ZGXNWS7&ho+_z2{+M2~GA|
za39z0*GxrqAdzTe_d@w)gnxTG&mMK&1n$N=Lnt`+1A~5V(Qt5i-~6BzQ7Ls)AOM$M
zRk7I?+SjQ@-wTE<*bNHRjzPY?r68OWlX6`<%iW2-Uu$!YDbGTlk5S5_WD_%(vEAs4
z>=hMU5b)}O^>Tl^ANM0iAzcdRyr<hfa}gH^_4-SVxb2BjY$y!yTh5ga?{S!#5-fN_
zPEb4U46!>c1@?THLzmjXALzNVr(TF|N)@iiuB76{yC=knFC(ek`dFMh*jU<7@P_`=
zYLaHdo8pHZ^7>AT4Yt=|$!Dr&I5XW3YvTxm=7#z>WM;Fz(lF(A8W9omwl2FqA5`%A
zOS_MotN~rc3?xkR{QBD%z8gY(&kLDGo+^B_I+jOc(q8r6#)K(<4TbS0g802Q-ft&~
zJTHdW^A@hw1I_7<X$4da^k}qfOn?z{>JMEGVx{vIv8*EMnDODbr~<Elv!2^%O~CzH
z{dC6?_AQqGAC(<u+(t0~uhDh-713B(&N6^YZDk;m-~QRBLN$bH#|fmPHJr}AYbWUf
za{OFmF$t`*>31tv_U{pb+%cD58eg$18Y~`e8m%FI<cC@nOBI}ON8*}w1{!|0cU}>N
z#gyp4wEtv}q!n!?&gmj?H?`KWcUt&Ii4$Tv?|y$b7rguvw1@XRCSr730eO4Gm-Wu-
z7(uFg6K-(aauu%z>Py-)CS;9aI1|+0J=XbA^%3V(95VweqL^l=I<T2o-vSWXP^rNf
zDTT9`5-GUdzOvncD1DwqiV(2pK>n!j3uc!^@6T35Ge_rQfhRQPa~HsoW9q<S)%QL4
zHl>LnF>*A@^oB;o)_oIKlVUqFjdi?KwlKM*(s6!VxHEi0@nZC+u^KTCF0OaF!)%e+
z%OVB?Kk#9&rV+O(ty;x|7|BiRx{eW-%p1zV2C$7h7kjAOo>OwjJ8n!&gc}qt#G}}4
zVx6ooX9t4W#*6rFDs&H_2u=fndz2Oh7RH!}6Voa}PwaRoQ^tVn_zz9B2M+>T?WO>$
zU$gH}3Opn;LpNH8?P0%+focR_U71&1gq2%ShMDoD2+_tC{<;EdUSfYA)0F*_O6d1|
zaZ+5)0q7#sO!FDz4w~1hnmxDqJ~mXgZg-fW6ClG{;l2CNCCH-00YM;)6bBsYbfLz*
zOx2iuQLB?W$;jleE*6Nuvh-S}b-lW4mJa|y4G##$0~koUF~J>eGyUL&33YbBnjJ8Z
zTml7v<|mVR+kD*@9{mm-$IBwf7=B=Cf~W8j9x@C9jR5#hu|t6acht!bXQAw|njRfW
zY=a}fxFkbRAvmiegUWk*WdOL(eY|?>dqr<9v6EG$NbC&FybWdVu&C*6UBn$zKRE2}
z4C>pIH*5r-SNu9th|ty1-lkfuWL*%Mww+MfWT>9+dw)gfxX_@rxY0fD^d{=~Yfj^`
z5y5b;k6Fx(spxP!EuR-g+1WvMW`J32DUcd;v>&F6s9WWeazau+qT!ca1GY;PoVLPR
z*1Rv)4NiE<qW`}i=UQbDdH%~NlH*(PnKxSz(1fJ=VZXPFl(=r}Vo0lAwu=oM;ihAv
z3lW|CN()8y*1Ia~jeVv3N)#xsMuZ8KGfO&;gG4`awl88$&y=j&zhYCav2&Bp8>#y>
zQqI&y7_HVb`p>Or^u*Fz)noDM_TVTB!^wm}<7_!A$17^=z(e)wXmnX6@srZ$DF(&|
z#-7(UH;1!fziY;-CvyDnN$mKQjDaoQE~w(v$YPa2OjnX$f+0rIaa%P;w@Kh8<l)TN
zKboQ3%rOhj8`%rMD09{?UZ24MACKj;n=L5p<!t6zzKz=0vkDGl`p2Y?Qt50+HHh2?
z1w8>gGeA`SwvmnVA$-+>{h4~q-(HYCZU1z=?xa|JCJR`2DQvNssTtR4*UaP-`EpbL
z+!ML`rUu?`;=9}GK`@Bz2p%+-^{;We&@auI%l|pEkk1@VN_j53#G+p++F~v62EKVr
zzr_$S|8OJu?f62&prb;}1+1WDbv{xDa#-1Od6+*`XJOtIld^EB4yu)lZDttefpy&E
zDocc1|GLNKYA=NmGh<OFKA;r7W@S3Kof>jb-fhZq%$S}7e;J_$?%@ylJ8fmx0%xqc
zZbV+=bKwxRMwMREmE!V9*=vE*a<}hcQK>I|9s4RvjW>~;GE!|6hz!wn{@~rBJe_5G
zkF(i*5q@>PDC0|S7w}E?nh8B7&SH#Eu<oXtfz21norY58pcWa>QmkF!bxf0EYu;Gf
zTZa@M!6!8@FLV7@K_<|UbOz0x=Zb`vo8X@Q2(E$6c1v@)qJIX@N)(U;jf7>)Xi;B}
zVFRIi9L&xP-Fac%w~-wq8ZS>rj5UC>mn3#-%jBt)gT@mM=Wfn_R~XP4G`YV2MQal#
zLXo6wPMyuqxiA+STbxqK&_Ggl!H2*DH|isC`-uVIE~4_HE18FZ%LcNo3qDG}$Q?Is
z;*r)zkvhrD+pSv4RX$U$T!X@Z#Hh(w${1?s3IH4_+cEhZZ{3t~Mhe{8Kh5_YDNl*y
zfEpaLq@w5#eV#TVn@9?Ous|czKm+A5y;J7$iTv2MQn0uwy}!FDmD{rrWX}+2v|z$Z
zyIX-e4`(|D1Y?GVh@+Bd2eRYPJxjY|sk}owm;wA3z52`_6WcXby8U#tM+(qwy{0BD
zTQ;tVWQ?=iq~$lbx&#?OOn#U5F39;Au3YXs8{NuVU!_>*2=-<~Fdj8em7UgmOMr?g
zy;BEP7V`b^-L(^Que>#A)B|O1GeLhJVqZIl5Cz-=k6D89vBPi(<eqwpjN;u}I4AiL
z(H}8E8o4%kcS!ksQHT0WLAGb@_%wI!w}el>T)Dk?+}gE3pP3h|o+3cGY61b?IgCsA
zB!<MCKP&f^F6|WeOfo`t)aw%UHH4ot#(CqKF>k#uFR+u><cVrg*G2<OsB!%~hjAiR
z>1O=}q(63PfYz<bno+j44_sXorKW^PW6Oh#0fzIU4mvk{Ukdaf^22fEP;k^vJNVVC
zl|4KYu_n-evE5i=NriNk-JN~ADnh>(T7a>9wrSYSeqx`FvmvVqyA%Ef_Mpwr<}SZC
zOcrpp((;KBUaNM^Xv}ZA<5b7}Qr)M^Jim*ANpx}^;(TaRX{#*=TK_-@<p%71Nv4NA
z{a|=7mB#!^bDp(DB&7v#WMaqEak_O=#~G=6XYaYvcVsdp!bmHU{s~_)cNII&WHSNJ
z5{vv1d{e0Yr2EL^W9n4}C`j#SE>5+fQD}>uxv7&2YC_=nCHsp*)tF$^rv_I2xlXWY
ztmsqosih5rrm+wBP)SA3p*m{`dZ*EeiPozq-jLdJ(?-Xzz2)G#IuBoO%(co5i)Gbr
zRggl?8k7K_DyjYWCpfS#_Z!uJ35_Ou#^(1thi!p4avA8!&G;Ql+n4AbJXYX!?)$v$
zihk>I-;tpmn$GE#b8Xn%Kz0a&DmXKUe>}Jt0n)J?)@80Y@>fPjRx-$*Bf}3SVnqw0
zfJ{UIncz*FajumE;08I@@U>Xo^tMi9_i~8WS1o#4Z4qUpn6%PI>5#9~maMFUG7?#)
zZeY2<=;ZewN6|B^5J<LQ*YcCcLGR{21qd%(^RsbqyCkgj6*$5n9X1%Lq~p@IdLelk
zIM1C86!E7?CcAg4S3XP-4Q%uN?h%IA4iCk2zJ&xECqQ8GD)?lI2nGBOr2ZY<r~1HT
z=<YDSe5nV+lHGO5d4sEK&}Be9X)lQBe^`(NOY3NcO8d(~{>-O(IlxKy&rPlRu8rl|
zHTqdKkZ?*KA6V~#@?!j#VKD3IC?d$^{7P$e&;w_Mh30c{Z-A7AFIYSHyk?NRMV(V`
zEH$E$W*z%w?8+N`^;z;OqG>FD7WbVv^AN!#o)?$X=}Ov8C@sY&@<e}hfsx(_1<?*l
z!SDbnwqJsi|2eX$_lx1aThHchD&@0zFGx4agft=|aYb$bJi!VGkKtL*OdAh1sdS)G
znv+O<ai&3|2CX0(iy0*2b%atRD8-(bI#pt#x}SXFD~5AoB8!eS11^}sqlN|Z<DuNq
z#n*raKyUJp*#iWapZ9{%h@*_EKl?8-<5D0%f86=7%EF`EtrMX9B_XYV*dR01$O5$r
zJbG4N#fGq3Z~1yd)aOR#t(eCQw^d8krM|eU2p7i7$5C174$~5bw%jR$wjNtEl#3o~
zmszjt0uv{fl2gXq56Q7IcMrMO&rNqVhL!%;gDzot(@4Ilr;Y6r3p|5fd#zOxVrz<I
zP$XIG;f&J4w=KCb6&N!4i$(}0Kn$ocKQmgu9VF@W-zB0&DsWBU5>X|%n<fU8`c@FQ
zKQRjUd9ZOnP9jsD6aso4%MbtZFhI}0LH0H)1rox`4iVzl*KAkKf;|0`vzByzc6==Y
zVyRZ0y6b5l4RpC>-S{CIsCw46@2tZ+@CCe}H_@HAAYz35k8sw6X!1^Rm|n0?w*6>#
zus?$y<y#0p-63*tm#*IU_x0)wq~eiqd-}~-2T5AyYWRl_1@mqUV_cU>;A&6xn?{w~
zelpu`<Il2Y7@&s78w*lHB|_)L@HwphX`8iiA%Px0D{UMTakkdzUQ=d0nb7UQQT)E~
z7-zWg130nc^-58rfr7!oe-cflUBz1?Y$}h8T;!A?W1PE_+tRgRV*1@-vQ!=eTJ+5@
zNv#if>;&w0b}Zi}(Orh0$n&A>vQbhOM9XSp)ROr-rVJB6BglRz`_{4(Quf&nQ5Gnf
z8_U0icDV+7_=Mc?MG1^<`0h<GxdFp?k&>w~zzrH3KjL$6CUs?;F&tgGD;y|h1pRC)
zd_Zn#%qOP8VoN?`wZhb~z>{A_Rtqqir%B-*I?EQN-`Q_mr(D-2O<t`+$<0=?5Bpok
z2*;V->{glY#M!2ozZnMA(kApQx8<ka!x>J|e_<qUfhCsJ4JLEYkOVz0WTQ{ZDKZV7
z9#S&<aNfbHyves;1(U$sA;yR8*m}-h+s%RXk8L>3nDteD+*$FY4AYZw8>cu|-)DV-
z1K6a6yiFN2m^0G*{NFD{%m<i8fs*D+cSEZn=fq1sHOJeuqkh9xt~4D<1o%VDEvN?(
zHg=cEyjZem&s<8UaU_vGSyXop`OD2n11893x?e7^HxT<MCT7N@dmp+WSAIyobZbv7
z4n_P2BF}|LBVU^-Bmd%j(2QuUSWqED(((<ONxEpoxEu`0pOd1J8)hv{q^1~Bi(bp)
zWSO*)iP+vd?NQ2Z6woHX9dF6b)o>RJb3xR@yLz|qTJ4(|^T8O{EPWh}{#soOT5_B9
z5`txvs43=!N<g=#i4tb6-J_?aa@2#wZM`jQUjt&rx_Bnjzz(H@IBgBj100HpdiJxE
z$+6~3{ZHFmg`Qe%LNKd$2+Y^nNLhqF)kY3U7RD>=h)5EW9x`Vs5uZ0Zi!b70;;@3u
zm=2c?t!N)*WZ(4Rm-n-yFTgSq!H7-Avg7sl(qoQEm4Tg-Z*7@lE6Of_zFeu#>{nAl
zpee>-DNC^_>8CqEY}&6W^~+XFUhrenWS+#yfoD-RpG?jaWN5+)IIJ6I%IK3|HLR|-
z6$uZIMV#A|)2u5kHKCDq2Op2pp6S27yHeiic6ztIul__yNUSmXP9D3-*^uhE^MWp|
za*Bwnr1XrlDD)!6(z^53pXvVASkR%2{JUX*N$ic%ShW=1tObld<Dk^W<PETL`M#ec
zaCc=p*Q$?IW>&JI0dJ!F+B04r$6EbHwZAZwu1094>jQf&9W_05%|$s*pDRXL82n@)
zyGA5wks>S7#nk+A>#+Zy$uwXtP3`?GUG1+-Y}l?XJ38#m^`0qu;Il`9(g$6$9#4Ir
z-V+uQ!#)!V_=?B6`oJ}{*CXuCXBaZQMEnn?>0!bIeem9H=r7DPDJ&9(urFVu6S@l+
z@^rNmxnwksO~>hd`t$7{P(KtQW^qyces@s}%qXL9;Qch&`BY@M)34JdtUI|0&GgQ-
zU`DOEn#?S96^&vVzj{16s4cLkpQRvr`&@|8UlJQcDqO3{>1YX@h-`5d8`sTer4gck
zdHZg{RK6s4f(zUZ+#WWpE|U-`A1f=%{3a&16#eze_xN)`Y2pgfB~y*n0j`mjL(h<<
znjd%f_YBaca$6r5<3gr}&I&=SsT&8rIl>ULC$8+H9rq%;9#$vSCyQ-QGFs5i(2MJ6
z#SF^eecOyWIvE{Hd9F(bzW?x5K7Aqkes(Df6lRqnTeiiVJ?t-Ut2c?-rqr>gj_`E$
z!TicixJ$<#(yflso@K#vta}E>Z-@!>swKNgK4ecFc{M%9ygpTN_qN9X)Mc!MC~R|i
z9U)q4$zLkW@0Zt(^+MhR+fRS28(SUD<D};$;!*`2Ip_B`6o<!u0g@Hav_MOlQz2*r
zrhcMm*yfMYFBSW24?dRs#%hzeJFO{H54MPws{am3fH4`wvAXaFW|1b)Ae^OD%h$|f
zQToKhhfF(zJ(Vg1%;kZY{98ndaJ&Y+_YaOLiVa0C9nKd-C~Pka?782Be#(D-O}h+x
za4Ax?^kFqYvo@?&38s19I$SLfigiA5Js$7umfI2Qy^?(2P4*z0N(u(AB1|HqF-lap
zicX<(1p9#+5tmf`5$Cka#XFzu6gq*O64%Ot5w*<F0xNV%sy`_vCrZxOb4nZ)^FeXf
zWlc(1n)7h`D*v29ac{Mk0e|caQIm@#`D~Pel1nZbZwxJ^?IzNmwU1l?rw?5Ze1_(u
zc5|9_S9w44Pyy;^pDjZTSjnU*+h&_j)ltFe{<Z34G5ApGfBv}G7E>WgI^8I!GEKv0
znw~Z?sxOGWZ_z(JkUbe-10<QW&=8bA8YA^o@I^Np1VzAt+(xOuKspL?Y^H#RY?<Jp
zjK?mr(za~k8YeR5HV#3wqLhIf1Huw#747?a+UuR?GIrq}gf}FCh%e?uRo@hEtB<n)
z@EX`5X_-6KXl!cODt5u-?N#J!P(XcHi#u%{-uQr@|0r<MUS-_Ync70-0#FJ+X<RD#
zRwHJ(mk0hsFwOsONgpYW91kq%(KVQc2$fb__1H_^8xg9njJz_aWT|2Mf{jZNV<3Z)
zr{i1tT{=i;x1;5?r~Z$rYmBbz`PxmBG)<F+jcwa**yJ|0ZQHif*hypCwr$(C_1?Dc
zul=uezTCCWJ$q(*@0oe#n9IuWpE8%;K{FaMIJy{4<z7N<t$F5u)3^Uwh8{KHwa8eF
zonMmswq0{yckdNUKVu48E+j)Q&$u4Dzf-W`ak$cqm@(h$$L^;|OBVF|SVXF~w5jDM
zfNr2fBYxMaZd^IE@}?BJQ~Ni6Fk@vn?31BfMRm>9WN1rignwSb&nR2>{5CsVEN7-u
zs4I&3bBW&zw94b#tsv&*8}yqjVllh8$99`j2ihRC52C#vue-zS#JW8bDx1K!UuS&m
z{Rjd;!ZAM}Z~qYMq|{mU&89U1*W(pI@1xro^7?7HLMqP3-~~LujrUJOnkIjAt)E2l
zCj*Mq!g67#(1$bLuzb&5xiaOlOulwSEq%cxQ8%I5nGb(nJa%4V(ze0G(F9vgz2TLh
ztnuj(!2WZVh7EHO%F>Xg{Hu$)NEazA0bd9%p6leg7C{IX!V@nxp_EWd_i`^?dj{9P
z<bXJj*QH~L--S6=J{n`>WP#C;#K4SeJsw$>wpBnqQDPqydbF`>^*ILbvwzQ@&HH#8
z<%*tN+Fszu6qh0i;+IhZS{=ea&cPMfMQoxB1X1(Uzv!{iJ8YDr{+l8Hq-MqXi54Aj
zhInDSJ*Mc~kmlVD0nUqcnO=<x%9e1$_5m`p^r&F`eZQDE>+Pcn0^<#i3>WHbB`MwB
zRvD%8UD=m&HyMoZ?h4m#iqnQc7u?TB^Pe#n3xaldSG5;OWbzJaz$od^=mVSRo(t6G
z-!zjxn3u%A$-z$8+GdbB)GXVw!Jcdj#F(xP^ls;BT#zh{L_$}shOC?x=IM1D!uUzr
z3lSCCd`0H~OUZox21NTPGHN%LaQy<<KFf$+k9=Uwjl<egJVEMrM`362c9*>+J$^^@
zZAbsKtKQ4xskS^cT9Z}?c^y@W_7g#s+DrYK#Su@NOP#iDT?5<c(C&=#>&Z$Z`MYix
z2&S?Dg#0h<J5IV#sqal%Cvlx>BG;hR;2UUOM``0U76TZan4#*BWt1DSLqy^}ELX+C
zZw<}W<ElqG8*S>Ft0zeKfTpPY&kDi<qd6682qMQ=RoKRiDasP((hok5!UZzBB>U(R
zP?M!F>$OX}Z!9%G`+24eunmg(EUDYvTjNj0lSOCHm3m;%RL)xFV6MNSq!;Rybhsr?
z5(kr81nZly8vH25Z%)Y<`!pi6k{mR=F>nvq=zUOTa@$BGKvc!eQRJFQnozbUHU)T9
z@64fF7^6o6=G4gf6v9rr+w-fm)*?PD_Y}Rl(loQQ6<kn{P#K?K9H~>Oa(+>A;&vx7
zQ7+#NPd1lOJjmAycz@O2^_}Vi(D}TB81<HFPdquiN-a0l6eOhz6t=)WcOGcW4(#i(
zs%`hKLQ+TjkQg7u3TWuNF%sDK<yi0jZkYBc^`&>Wx$9lu!oNc-PO6^`phi3UMz891
zXqlIKm?KPFpd&?aLDSXbPL`&q;K`_$7LCl}1**<C-B7B|zKFJ+t4sF!YMpMQvnnb%
zIrn+Y@<{?=KNNRXgH2cPC2T!5w6K2kKwvjZkwQWEMQ1<isH+z#&8S2TX1s3+y;YYD
z@+<OmU$LW3JAFHN3+f!dduuq22|-Sill|$3F?1-Yy^UWXA{!Sq0e9TaU2$pxL82;)
zk>f<uxs~(L=!xmlJf&^$mH@{b#N$KHiugCNFRjt$a)c_>9Q-}c2bP<(sG^u3SglY)
z@nOsqmR=6xPH~PLu5mgOvD=yeB{2OJ)c8)GVy&N3KnTQ<1293Mw)Y<wvZ1pA!4jdM
zZr_ow_>qY`CseRfWpdKb)j?VI|Igw_^bBs_I%WPjCke*~^J+Cyo65K$zdR24bk`|u
zpt=YM_p04I%us14)l9Of)lPEKrMNTf25rp6?+A534S8YmW;9<oW_}5qtrJTY2*;V_
zV6yTkU^$9WGU_V>ZN3q*#WhcVwHR7?ZPyqnWAxaTkmQK>c&ce_v_DN^PR4IJX?&yG
zOOyEe{I<|4GFk@4IoDkF2+VC8(Bd=N3lD;TfY{q-*Kye|9~}CSK#*))R9@s<bgkUp
z4Cb!|c45mFuXl<LJ;f2a@D?>`1(sTj9HLOcCx93-Jp1xfU`A80P)t0W(K_HDy7ui}
zD?r2xDZUrdY%Ou^Bz~$JTs%e!K2m(-yqvx$Rv~6COHGu&0b=#|CrDF=lIO8gRTrw{
zoPC9vJ!=-a5si*qX`9{_Yv9sw>r7^y3ch5BQJI|XM?wk$Sjh*7$%7<!JFyI&1{O;x
zleC+jP=>kpJF`mIZEzdDp0Q?oEK(2Ul1`07VjVd3@8TC`VN@zeYOUu-y229rU`+Ne
z@t<0UMh_!YD;P;$X!_hx7W77stNbf#J2Yp1ZNln9?^*nXkE25uB!k#bHyo6d8ZHjS
z`pq;Nxy)n{2~FDmnRb*PyH$wJL7BI|ehRwESD;!r3b#KoJrRE4-8bET&BDhbNq*g~
zD#z)n=UA~B5f8nl`OUK8_@S)@xtsHM;es*7@=H-eBZx(JLjm?)gX;Eu!w2>>=tX5{
zrY3{4Fsc~W{2#nqXH!7lj+g`pD{IU1%?P<6<DdD4EM%YaCb(K}m-d&dOJe4|rI)`A
zOmH&suKJ&}DKuHMWGn+gJi=?8v;(*~kAFfi$~vh`28i`&$We>B*2PhPNCn!}Oul$*
zx!1gA#2<16nW<D%P&t_SaTE(qyFZ7Il#bupi~Cw^X!h0v*PR)lztQ#97LBQGIm}&+
z`Fhlmz!pq{qCIOUTw4pH$=Zc?g-Wu}h^&j>8*`_M21@vJjw!)G2<l&Z;K9)TEBUWH
z(AzQ71fkOR-g;vkYt&4yJoaWCVog{+E@}#v4x$gNZcG|JNl@C~>Gs9|nv7QhoB2$e
zm_z9Er%dh5d<xrdd!x8G#Bx9@ZbW80!@)K6KKm~w^1X3zi+Ab_JV!F`WIahxF{Iye
zDD(L(h4LWljO6AF=-mc%(fD3rld@A7PapK%iVIy?DAi~Id`O!-I5*3>2j!?;lNGD(
z;v%}fPzh6T(-goE<NHlF_tv~1h_elJv^(DAs*$jLLaqA+<k2fPW^kE^%*vImB+i8n
zCod@s$O$EMN{cH07{xibIZZX}sS((9@Gq9S=6=WvFo;~=dl;s(vou3la?RbjoHYm@
z4DOT*3==m6HY$iiP8w>h?b|qOD8HNCM)AWvtZ5m9u4Sv9&O30AZkZ>MGb}iei95{)
ziLt$YxjYcK+AiESPV+uBylKl1UgT7KVr_ZZRCQOKXjJzSU{$rI2+?sXfGPKEdv7q~
zJEL#FgjoX%k#&m~z8H`t>9RDlCuIBWgGkSv?o0V9VvRPh>lg8>0OX`}am5%2DdDIu
zpY8%6BhH`eaoy4R--ijmV|pS@+5Pr!zgiY!5)UU-D$m%ru<U!YxuxZpol9nnlhY%J
zes+ygdEh=G4v!7^A>h&fkz)f(<2Cy>8D_SG#c#j!5#}J7Cp__!0A%Ae2R$C(DQ&hG
zzF>x^ae4wa4MZfb^hOb5YGJg^Y3_d+kIzK@%Q>aME2j^d$k9@19a<=mg__)kN{ORw
za+X591SeQ7a4ICU6tyPkRq&~;kxrFy&;FZ^cL7+YItt0yZ+OW|rt=PaQySIvnLT{C
zt#C*u87;Gbw6GBe(-Eqx#fBZ^PY|V*uRUD4cjIas%Rt~oIvbfioM)w=Vp}D~F_*1p
z*%Q4p8}~k@B^gL=7NVQ&+#0ZyJ0_J_ZL&(8OI-2lGw-NmzN!P2hAMZ8eQtYJ)&{)p
zXpBy&fzNnp%W#_mpEHOWGHkmj4br|#BTFKPDhf@q28nz!Do#V`f$RkMI$DGNn{Zwx
z5sR-y{IaHuo*nttC5CByS1BDTK*v|pu>=h;WaBGk^G#AXK66f;wh09~v8^h6cN&um
zb>k0*cYPJSKU-yTSHs<`63UPj;-zQtvk-|SehoHG2oQ<UQ{PM)fh0Nn=cf{*g{A{6
zzD+O5DvcOn%33tJwq{;xZWze3)eR-_VSn&Q!(?9k;&sV;E0J(TMEWe#v8~-<R7*Of
zma*(&uUL9JKKA4#mo4eATEM~5lUcTtYrqhoe&qqL+mtQEcwNarJYluVny7)jHc@jW
zm5T8Oz1J&tWLX;^$A}p|y_xOOz}8<%zu3Jrows@#XEN9~x3Q}w2irh_#VeC*PvgL-
ziCD9V9oT;hPrl`##zjXpXc)utZT(x0q=ntpGUNMLjXsVWyZp*U*JE&vSWeSzv_`|+
zuCr0YmKY4UktVY=fo+8IH<TJ(EzV-Y#7qd0*)yD?u2%3KauN?;wIG<(S*J7Muk_XH
zCaei<uvV|!m_2J0J;boVh?f~*KgL#mG(PxtTTWtS6KxYurEIfp6F*tS><EALM!fuI
z=$!dN{Xi!61DVLR&nmoX&o(`B5BW@JI_kDe)ic=n@H4}v(p+duAlV~jgWoI&B$YkB
zGhogAU_nQQ>T{GnjLU?b$zHMM!#gwc>R5lm$Kb=KT(!LXTa9x2LV3$(Xc9aJ1jhhO
z8D&s$8Tm`yy^DHbuMixVq0ADynd?(F#>nKJi#^+-xZrqM=f;w2TLqTzc`vi)^yj{s
zD+)Dp0lki2%WviisWBA74rUym`bna>H4MDh+jcG-o7AT<+t^DG?EHt@qBxG~?8qfC
zLwkU|QahWha>tzc?OjWu77AylvA_p&<R0*#&Cs%@&S@f%!4~zwC=p;+B84F6E8b}S
zKWA@agPw)mij`#!RAHMfTDzs4I{fM%PidLrFCuQ~&X0{Dg&Ve(tO+nezr8|j)OxKq
zViORC(<PUUVmS~w+cG*3Y{wVj5S%*0C~1;3Ll2W6FOjt(<lnNUJfk)XXUO~vv3UMj
z#TT1Si%Z?~fDHYq3d6J-$Cw3c%J{XD`>6JYlETzqKTL9<)n#Ekht)|#q59%oD+}x#
z-yD~Y>`$BTq0<*N_E8FC=P}Gvdhp_LmZ^>`XorTJa7Y>8iF7liu-1_q-*dBdI^`~e
z(+S;-KCb5-JJJGSf_|-XoS>FT6bTS>)cz>m(dEmk)+9{pUJlpc!Ts_|qs@!z%tj^c
zZyLT%_;2gH8b>%|6cc+$DyDWH^9TtZ_)&SS%AUci$(y*?+?sOP8=*b6FIiWdYZXH#
zmtNMg)1@ZPq@n1Fi*4wD{S#vEm(TjtzndIC=@v@4?|jwu3UD+S$dYiPAAtD76Zz7U
zpM`J5n@)V5tp(W*PD&poW@*4rn&$w1Ytw5mEajb^H+?&Pz$0%@(ZDSXs?V<*Fs~<t
zMTfRhMoTt+892mv*|P?we5&zCzH!q;zzYiuPo1L&x<!Y-vC{p|vhtW=x1lXE9ee*+
zD2T8biif|y3(o`+rN;<}kC@NIRA6q!B4n20Ih3b#Yrv@42%eK~hmXT7Ug{;ckCxDH
zfYC#@^TWDGKYZ6%4^QUpMCYA+14oaBGWi*Y+9p}`4Zwa;vc=Wrpy@?i<cDF{p<?I(
zFl9kr3yV&LanA9NZamjYkx0}`Dx9Mn|I^8F408w_-Nb@WdPaSou)jb<wg4qn30b>=
zMq@r=$#mg`Fb8YHUH8U<eRwDf9OH=(2wMm3Fw1A>euFC@0|>h55%&^=PBm4*JjZCD
z4u8)4jd9ZE8NVN9nNL&s)y-(#C2~(X>fT7yn{*q`J<5@A_>wTRG9fmoL0;RJ-|e4E
zfR^%k%&hv^%Ij}<WZ^LhXVz8ecOQ53CMTLl!~ck`{iu^>+)-O}m>7f{bAz{4#am^*
zN8GqlVf_H{h2@z>QLoFLV}&a)1-#K})hV|ZXf~in%IlT@T69s!Kf{8mR(;u;1xFqq
z=R9lk@OUi*;!P2Fz)g9VLEIvJ-AIOLnG?0?v3;$uk-R#Keyg8|hvgd>soXDt4_|z%
zyGlnYrc$RnC7#HA7;|r)eEzZ4h6-+|&I5nj7grl$@SObmZbXzxVb+t=?>0OJ;dOW}
z45>lYe5!=|DD^^V7OS?g{N->Pr#@3pNuBygtY!^UzGz6Fwoj|(uKCd8<dQpmVb{wA
zlp7b=`DU5BvRi8kDe`c5+bUe#*T^bhiR4}2DY<=nUcGpKPMYh|;*j}sEw8^avl?lb
z`pQz8nC>Eaz!yyYNAz?ALuYWgZFFEy14dFF6K2c5gGMYRM*C*A$j%&w%2kHkTqO(s
zddahtb8Ep5gH8{&i{VIcHnw$Z=ZS}PZEpDy27}89ua0py=9R$#Ntv-vJ1<Bnj24Qk
zm<(47Wo!bwRwf-h;<)TgySG7!2;5|itrX#V588c6q8B5e2)T>u(ei9!^j|rMD?juw
zQ0g&{fNn+fe*+_Uc<I7=hD>uw#JT6BI!~9A`>vXcrt?(W4L$nSYUJ^0IXWnU>ndMU
zZXoGvp$M0vQR-P-Wh-4tY$L`V!O}ThY22ISkn@y6W|+j6B_s7)M9dHe#=4R+gSL0F
zR3VoITYk{Wf>#;m93}U|?fZ)<=VmT7dETKN)0Vz6T@$3n^Y%9pQ1q6>Y?ZVFt}obv
z>hO`BpTB#Oa`9;qMH1`D#tdI=b-FTRZ-~<WOEN5q=msW~L@#kIIC5Vb?G%|UTt561
zO<h_#ROj*+Jq4wyj)#%?Vv)b(40GjfUSliQcxKdG*!>EB7br7ai<eG+*71emPq*xB
z!mpoW*Ufg%cg_0S1DJI`NWOq6CPWSa6scNcbWB5z#3k#9uw)~MNV9h&DU{9F)ymI=
zgy=+k%ow4+X{EsyIw@8vH~_ZtB67LfPM4XXPW7##B>yv{pxr2mt$DhboT=PGQmNpI
zJa#Z8OZf`a5#uY)a|b*|Z~Y9%k)!y+xn?*r)))|zXYqWWeU?AZ5Gpw2<n0Y-=wW?~
z#^F8tcXl^6C)HHuHq6-t=z8nz!|6-9S9xZfgScHdgx4t_MeJ5<a6>1QQXGA~uQt-T
z;CBj<Dp8c-^qX{X^d3<S>gK0h$Qz3P!$Xf8Eg%mSFL6DXqNHoXhj+^;=ZXY>8kOM5
zeA3W2N^<-1A$3)$&vNkFXMfE<ed!42ti|!NJ1OMw+rB4KczpnmfCI<l^Ihz`zO)B~
z#a4ZpEpuEzl0Y;kAj{KN9XSej13Ms2L<k`rJW+u#11DSGz^ChfSD3>-KzuXk=<rDi
z6TCVA|FNSDb!yo3tT=m?FWf6wo{o2TKqJ_oomcVxg26?%s6-i$4Yr6pi=txc`c!?1
zq_9pl>-k2P$W+XizrVJRb*Jb9fB(MYFUSuCrP9|96Z{mLQy@$uwDDAv6*3~v)lWHx
zk5qn2qK2KpxK|{@62mDrzBZ%(oZhhdR!SC5FWVAhIx{d$syeZjl2ptDB&~#KoBRLp
zQSs>8WRi(5x9L-$WJwyu*t3cCKpX%h7|UHs&m>2a#s9d;FQDUqPO-0T@sxqlp*{Jt
zmjJ7G|5Ha6<_8#A2jFI}-T3j`k*y*)9^gJ;hE`Imtr%UcBxKX~Mgkwryg+CEj>Zm4
zs2F7C0v5E;EXgbcVd+K#12kF;Z8*Fu7j)Av4V#PAP}@r#?wxzqV3FKPwHTZM!(>px
z=O&KeaIK{efx9GqJ`E<nu>}ohYl}RJm5Tc46YPLxucj0Hw%?w<ZWJLk<a0eCS%|gy
zy52^WC4w)nDdQ39Ui|-L*EPK~eLSHWwMN`%5cAZpV0qE{-)mLbsIVpg;-hsK#Dz!&
z=s>7k5_#pyIJD0*dJ#FQJuRsRW_u;W8(@nAxZny*WgsJ!1v3CcB(fQ^4B;80ow%8`
z+nL#h=kvOyqPMwYWJ|)u+iJz5Sw~vfu;1W5EuG0o4rWinQMJQGtz~$cAl)qMv1(2D
zT`}nwvG2YkEKHDV3JT}%#S(t<&K$m^y&xtoK2^w>-^Z|=L__)mO#kp9%r@Ku^}uw>
zb&*ApO>de-vGn<qlv8qQJzFtD{+)7dj;x>;lT^QYT$YmgeT0N9@gyzc%wB0?T(!Qu
z^@dd(!G`%JukEakN$ag4XI#qJwtxJr$k1W?4^2>rLbJ1jZgPBVXxTrgg?*R1eu_8o
z-!-GH9ge|Q9x=PS);~I!^461>i*GgCil7F7K)x@-MH``y(q#<RiSTQ%;64bn^2PYu
zPf81zfIGbpz*}Y>$>R#$(H^4qJ-OVC;dczOhvJoYnzkpZ$7x776X=0`T}OdQUzzvQ
zZMc8G<q&7LI+SWH<?{Ghnx@v0u}&qpG`pdYjs|MkW(C}bUCf%x#}NYaww4RK^$S|4
zb5_<bki|7m6yGq2j(K5(xPEi8`?<$dy`(!y#E?aSNh^bgqWiGY1sCDIM)Ox%s#Tg0
zlZUgrHJCHG#@U)Ki2ITdA(pm_hWm2^IE^BFy*roJsd1iVL(|~Um3^Eh<hB+>oDUU0
z<1h@BLIt|QIkp^WvRQ`SKeeY^irltzM>Qb?ksMLl%26wXwjs3cZdqKPZDQ_Ar+t`t
z{$y_?>2@MoinXaxvlu>o_av`F!gN}BHMy$M|H|9r$LZSm#bU3;yjVeD1%+zu=SBa(
zEko8YR1~9#$gTvwQUtM|F$OpkLd3&Pc1l8G6Dmo{KTURW3$q03!^SUtI8vdmb#hyh
z2~v-HR*0oy=@U<T5zEohfnTDw42>*sn9W$ncBUl>`L%k)&&8;&#?mV?JI_}sj$if>
zF`Z`mQ@YBGFU@pi)Cb*7qSB$t>4<~}T;MzM|JGCFb0Ui`U<s7Wk|b1OceIn`Qk9Gp
z#*h7uS@4X}Ws~C}nl)AN4-4&w0(N%&%X$u(R`w!XKi??MxF}hOT@S+L7{1e9EBlGM
z3|br5=_J3@Z$*G9T9x@*dIa4jm%XgU=qi#^KVp}s@d3n$ZN6#ikRpRAWyaq4koThT
zF2bNasNcl?O&=}8KdF}onyJPpExj1$Wx}~-1coYpjd`UI8%^y52QPb2aSF<m#(PVz
zYU@)0_T)1dw|V)b5V>+LzI*^;eyvp|MyAh&j4kais8U-;w7L2Bg1bGtl&`@ar)r3o
zvuE2bC}nCd0peOgM9{9h_(TYkF1q4`+ki_?=LWKQ967SrtIVvBZ(ZN0q;Ut))64Rt
z@S;Q-yv~uvKUlX@f8*Kpv(hZz-Q-7{5~lFTzR~EmaDm}5>u+Q1sEp`~$e)47VQ0B|
ztI&4EZOQXEdyc@;6&mP~bW<!V*axF=z&5yCcqp-cS4~qUkQ-CF(HN}<{#N29GS`Bq
z(dH;XpxK9WSn2R~7fx}J7v6e07^Jb#aA!0+di#{Bi+2+(GD_k{Pr#e9LueC{@Wp8W
zz;kH?1pfQp%R2q9X0y;A|G9b}z}vz+GJ9pCa-umjtVsbfEdM^fs4$a(!w~DU*4|N1
zW}gv9DKC|Jq~f${=}m!e2`zT(&YD2DwA|pi_>xwGr}LJIJNQ!j2PpdV_3HAI193Ay
z*j&Hg@pV7OJAOD!hcmoNvO){BCmL7F*Kb(})B+)r5tcv7ulQqU=g?IUT11EyIr2Zp
zQDZD?`rMVTn5=Jt$pRBvqXu(S(B}GRxdgjCjKp)73d$f@30XA#p55@0QatamH%O6S
zv};i)Ldd~KOYx6DgCWg>kuh(my3#tNR+_{W=e}JxX-%|gpl)V{yxreHT^v1jz8<w7
zz9_uDLwU2>dDggHEfKNC7@B;cFn1fyC9LudMmc9TyZHggkxhwOJOIeuT{l;IfuU|h
zW1mjAi;xZN_TjuE<lGmfT!a5O#-`J^n*oTdNJ&nHuLxWU`0UdCcp#;Lj@}{Kk=(Ws
zGO%LfZ!yeywq5ap^<`55ce9!%ihBlhR`gDKFr|uI292V!RwAU;Ozx;GL0J<Y74V&s
zNm1D;XMw_k4-7>k>|-u|H1Lnkjn!yK8%7-MZOtzy&<9B;KL7!<E5RWu3C=zIi9szJ
zVy1UFGak{(51OScOY7%X&FOkJ58ea_J<&oP*T5}Y_R{+pFmvSglb=6fxk;^_KMPIj
z<nA2Y7d;@o>}dOp>o)JYN8ifqyV=7JHmhaEpO9y!)shQLeow1Pse=#Eqft~Lly=A*
zq%U)f9qQER&TX%zjfqn<F0Z}>#M4Au^FhUHgdykRBkD~T3<aGc+BG;uHW!;dHsC&v
z5}6;SB@Y-fY^Ny*$CHG>IUi>FWQ^!_qMV^0Dy=u=LJI|JG1o-DUt^*!-&5PlPQK0c
zM}O#Y=C^b>r0@UUDAPBhwFsH?%%*ys>F-@i(=^Um%>kl`ztuXuGaPXTF8uOIKtoS0
zXU(xvSi0ART2byWLsyAVB*`*IBm6Zh2QVzhZxodC;X6ecqYH?5{o!Si)r_p}A-J%r
zc+0z>ArHxx*U{?TD_vYe&AcIob6>VW@xn9YwI-eCVV?BxVh`F<mVmCrD~Fxa3qy$x
zrWI-zffvVoUpKkc#2g;H9cR}7Zn;Vj3n5WC8CWO1$vo%}MOxf7(R^!R_2afdPJ2=7
zsauuOnS+RN@=kg}U+pOg6^V7xV$~*ZmU#qKv{%volX{{7NwdwvjH3bh<qVSTq4r=!
z_fGCm<`Sm;GTqd5f;!ZG{=Ar^GV@j{*@Y<!m2#iM?KBa`978HGf(qN(f@2yCdi>@K
za!(-rjcolD0yJrtsWFKk`WFRPYC39FgnG-&N#W{DJv5r*f@>^_tyxRziXW;2iXw0R
zz6e{LlFHfz9g~9;Bhc&}enVycP%@Ea7}s|7v~~@tQ7<QTy^6ihcRq<WYG-}qX6;2d
z;t~2)o!WJD6r`i^CwqA&0gd6XaZsyipi4p3LtA@ZEOfY{T;nyn45;w_57XkG>_~)s
zhrTpLx3g~ve@qKX>v39T808o(<Q`E<9umFt^)vta0znXidgMEa@cna~yt>iuDCDe?
zJ5zCVu<J@{Sr>c35CpO#Y2@L-nY#h=_52~oRS&F#{M9P9f+>s-H@4s%eApJ<iHKfc
za;N4ZqP`3V*|cfGEhXKF5<<0sbZxA(Ugu&qMM7<=rkO%4Wjy&=6+l4lLvMV-?O&4m
zwU8%3l8e7cnwDj86%2WBm{rWA!C=rw80`9qx$N~Omxf;`mfb__45loOKuJI))|NHC
z>P&=$kqtI;6rZ%J9dJiH2k}ZCW|Z^z@Jc3#on%XTXv0-^;~I*1{uDtXsyt>#uJeD`
zkkcOpkEWEUHw?+AQBHh%0se=Ss$yExXeU<xHO2GijshreLI2##1N*0#Mpsj4HI~X1
zk*45VR^<|f&S^bM6`fGn79s3f6p$>f+vq_U3@X%D-vuD2nb7@thA=V0$m5i%@x>j7
zHnV?(l9-JaGKwfF$I+Wa*Pb}@6v$|o!u(ad31U^XhnaeI;JMnY7MQ{;Y7*zv#)iWl
zBOA`K80=P+XZy0&=iB+x1^Kd-gebX{(~XYdeD#x1ZS`;frVDLCoX;=1H@LYw0MVgX
zFseQZsaUs3`k4i7YrPI~Yy(OZt7)Og;i}=bMHOx3e{>;8s#PCm4B3EmVOwEhv#9ep
z=MQ<7McCZ-8ajf6F!v)Tyy7Bim>FMYSKyUkyR2ke=bbxjF@Jfq{2N-VJ;L;xkH!?c
zet|LrO88M}7xWvVx{q&<#lw}%-xq^@+=+8*e^z%(`{cwbBq>?&nZ;^^EoS0t)U6&J
zvP#D{sd-?yj5n{jUkP@eA-6T2rC{fP(|1cI&7>4oJ#e}!EXvq*f0JR!u<^S%IbhCv
zQ8yc5`|7e1RuiCx$$pXVDM7a-$hBN^FrhgJwfjro3KA}@qs9ur5Qv}_21-j535x&`
zA8!;&;HVJQB9S7a3iI2qNrf{18&jjLF%xfQVVS>xRAd=@Y-55Y`Gc%9_3a0l#bTV<
zuFS5}LEVEg6r38a$u6fGJ`8KB8wGtSZ7qsy%m8PoTMU1C7L<i7%07N7e;-OA%9VAH
zUC-eb^SBy0d*oxzQXEeon)Kt&j%j`kD@&wd@eWsG5^(l;@LSe-5o`zzfW~T7$t59R
zD6}V4HndM~tWYt6Q*b~qMnP}VCqv&a5&N$`!lco1%_!(N=l9QHJ+o&9)Vp5vb?vrc
zV+-cJUP?r`*hxM~9H#ePWu4kZOx6Z0%3&O=^fEE_7$_WB<sbNqw_e${FxOK>YN=VI
z7N1_btarHDUY{rToZXpB1>($Me7|>9RvD9MT<Em?+9>h!mGyMSXOiYa@=kfq1ubU1
zfk9sHicZ&rEys(>BTx!L;Tx6V`wmcVQ13wnrpvY$q3}_0y?=QbH(pK8{LXh$g6{+x
zjwhRk5RiKsp+=w7D*!=hL<NVN-6?EDFYl!MK=A+0jV2KCtE?N7XJD}F3-|@QXJBJ<
zZ4<SbfpZf>uZyi?$NV`ARO({6gRw&$O2nN%g{1*LbnJ9Z=VMJlwDCrU7Wv`k<B9o@
z|G2U5)14)cfnNjOq1HG|B{?dF_W*E6HAKDs<e{JCz?fs=a)kA=6$u>&9g|RsgBN{s
zq>1?o#PtR>EDAg4;r@%L3@YN~8HYt${Ic6ewXRsq0;?)6dMh5asV7snTeFyg=Ob_T
zIBV3^b^dwPGi+%oEH%du&ng})Zuxq46F7G@i+gdis|TC={o<x?x)Q!jcQ_{J?-+E(
z10Ug4P4s<u2@)iLK8Z(XJiqg&l%S`O6d}7(aPW>?<bgZunNmSAQ(QH<L{?$(<g7=U
zjvp_<UrxEFc?!)afQA9J;N^J`v9jQ(Ey3azi}G@YIE?}tS1PD0XpbEAtM_jwg!kbG
zxi`JD6z@3XM|+m%!~MaZu<7%Pnl_a_R?BAkcf{gv7ahf?VieWQXznM6th!7=7dTU>
zZ*(CSEAIE5$FP^ClEEV|IU((jR%1k^Z(C0*R>h{Qy~#++t_)#}R9*}#AUC+L_qzu=
zwa}xBZ4-fyNJMT0gNil9vQ9>WuRF!2TWLsA8Z}b0C~9XkPYPOa(EmBSg(1uL-f|kB
z!Lsl*JkVM%-<cdfN=|~cFqGkuAn7;dGhP(YB%J)7hue)-ZBeJGf?&B?4nj^a;am$$
z4)Bm386u!swC=$zP2Oq<WJyk|7V5umC+-lND%{M>Qv;paPz&&i#luH5*PxW_5@MQ-
zL7MvEtF%27zBnZPw*2i1c%KED-vNR^`?jd_7)V6J`@7OEy`It<)XHrvmdO>Twpv~$
zU&Q?o^k*>IC-5AiICRRA=E>ne#M`1r<6{)0hemh}Cjh<OOY9Y>Ywk4`;k#$Q25NGW
z<1)=ssNXSABjKp<qvO#V^2=MB;G2cyb^0TNi63@;wpB+|H92bha?D#iU5M^nPXlF0
z=Cy@l0WHDD|L7d6acO}SmGyp<jx1{{DyYtPV6uC$dj+x0d>wm_M{6z2^-=>luelHR
z%llQUwU1{+yS`ArXWurWk(Jjg{$kYWC@m+t9jh&sPK-5HU(1+a(>{*(SJ7!Ces&!e
z@df}DT|IX)v)T3K5f|ZoSk$XWuz==a<l~O2iyW9t1a11FNJiNwQ7-m@yF%RjzQ8_m
zgi2jOj3Wg>bt~e`+VQu%DA5966sa>0In6`(|0EHjAc)K*6|s9%c2$T=py47nZlvZR
z_har2r%zy*K215=6}4Sp{>a-kD7ql^%kGfPI*prC9Pru^(Z|a)Ik_A`Rr%sGF|t^4
z_~H`wj!o&fpa+d)=P@^XFRs?^ze&oF<K|FV4}DZ**;5oC<dVql3WE>6{Oq+YGCYCn
zJg3A5Pr$|KXBD3Bezv3m|Hli;hZM2Y#bF9~1GVAG?7h%DtDZt(7fz}oQTfC}fio<_
zrgnAUd+`6C10Cyb9+!dR0YA@?3<$BlWf)9wt04M#+xphFjKSy<^L^|?db26b=W9yB
zFR5P+m4r#th|&!p`RL9z0k^xZH=L)?8S_SCLKWumTeZeAXhcB{cwOMP&d3PCfAV*R
zv0TJ4cPhTfP}de^(p1zP<wIvO6l<!}S`IGvlTeV8?aGS<Uf0Hag5c)n1+T6LeU`Rs
zC0aH^AWbwv2p~-cVHhCIv5(f}G)|a1_*y}QU$%nw6HYU>MRPev<>n|7bKKK;t>M1^
ze|3{McHeEF5rRobAj9n<7fJuvkY-V}Fq=wo>ircrag@oy58sRRm&i}Oh1ZoX8$!NL
zIOc&xR0bj;jiI6BavJ1V&kBhwBOAr*L+(5Aefj+N!%dYzO|8hmLPELAH|(fk&96S}
z>5Hx<vGn#FS&<>I`UCn!%<XDF*a)f`c1tA>q4$2pY_%Wk9N)Pe;HQ;hx7p4v126b;
zx(W{TFzSk9l;pRSN-rnBr#7^!JMbPt|G!L1T{lb11XCj;$sAe=b5Wfhx>eI^4+PV^
z?@<%GnI!z)>;4{on)kZ}rAw#acm0608>O;TS-T)?vmJ1QOkw&syTam3`Vd)!2QF|B
zddmOOzBF>;v`6K4XlRL-(?@Xhmya|NMqfYAy^-xP4PzfnwsZv8E`A4Hfx2KM@oPlc
zG%^_2Q%4{RmYpGH8<HbLQ&1Zi4DF)?Oi~96&{QE8YkkfB_?I^>LqRTW$kGBp-aN7A
z2R5$`+o4-96Y#Qf6^xF06>>~C9YckJKVZ{Gn)H6!ak2bW!i0f8q*ZM*Aa~qdTV*sd
zPGX6w@4x2SBOqp;D5Bg|Dm4F4gGdtWztjA$z+#YRqMM!Dbm{M(i-%M1y8{}Vp~Ca^
z+L&ei7Faw(uCd_V1h%fr{O5$w*WJAya}(vpQkjT8nlXV26TdY38%yK5!~0%szC+lH
z^Zev*P4)LQIPQE^R6mOGaE_8h_y^Eae#Ne6zRF$72T{Nb;#MKmRkNnsLQSZHbY*Z+
z3XxkZN(ouNk~b5m@a%uXvNf7?<eTl*2rJIO*I**EqoYI5rhe-wZp9jo788eMhi0y(
zutD(*^-!Oxj@xaPY@4EHsJBE<#I#q&93E`{oi&XBv!)Rd>^!w!S<{b#V*&=sVu8VW
z^S6ZkYn~}?ib~<!MA_BoNHxv$ssGZuBsR0oK_J;!AX$e+3MI6|M~^w3#;%vs>PV=X
zliPGVC<pEhHx@Gl6lA{@pE!zM-%qh1i?X^j(6)%XGMfq)WOTbS+QWI>VCndm%@NK@
zmDz|X7lcy9F>ZrEydNht5<wD#wq)A$_y0NUVKGE*qE}<rPr$&CtUiz@IVZ7fTiJi#
zR&cvX=7Cw~2ZExd@7u^=FGWlDz6$8}4)H}pyAx1@Ahii&OZpjBE+}NE?UJ)!2q(p9
zBcUR%t>lqQ>T+YDj_u%yg?|32PN<XM2rd)|gn)T~+BHDkxAArE;<|AN^x`?Z;~K&)
z-sGiT^AYrSLd=lx8c6p7k9hqp+ib$YY&5f$q3T61V<q~!_$Ziqq>x&K(9ntY1?2De
z84w={UX8CIkP;JU2obYX`Bg1;q58=Ahf~GZPV8|;rZaBG4S^RtK<36S9;K~xh|fo0
zwfZ<p>R614t8<<@q(1oG^<BEh&E<f1!AG*9!h8Kn3u|zN1hhi~yTR}$Yn|j`*bJ<O
zKJSw{>+jJP<{w=GJ`ypU+2f+joA8DPe*IGgQ?l|3Y?k>4N=BBksFZ;T<RA4J3rZmR
zLN%Zql_>E<1C!ARjEovB(wft0H2&FM7tGoOiL%vW7<p-rVpw~X2_N>eon)9{Y=@?>
zwM0~!j5Kfu5}yr(-{D?EyPmMuQbe?!$SqyJU?CU9z-_2rlBnpBS|@W@AZdsZrQi+>
z2W9@~J9Pa2kH?kG>-%Qehj_`zg4_!`!La_LH8jn&ch3P?<~P&s7RpR3U&B9d@jhKv
znM2z}K~w=+UIU`|hYW95PUei49)w`d4DMPOQ6mu+%~2qHh-njn{`Ix<r${JobizBa
z#>#ao95nMGQRi;G!f(bUwJOR5`J|Jzre1BdhX0gH196=2)%YhQ(t~r;9bgzJ_!iX&
z{+cU&79aQHnGGonb*j_YAGr&aP+FViv#pC~;<bVd=?oqYPXQZy8L#`NCn5tSuTG>)
z#RH$g>5dHo)C<-^5->Bc*Ogfq6EOdXih%f=wrF@a7~5pL5~0&-6?ZiFmYHgKTs#({
zAevFuB`Gh%Bk<k-0<eA`BpZSUleKT~a(>H8@@*Z)+5Rx;H-x!145uF<;B+g~C)g23
z5HgN8=2a#=`WH>cW1yV{L=jEj>>0UdR=(?FboS+uI5RZ5R3V=@XKAqO^Dm#;I<(!7
zO*KC4Yu{<NEbvxoqx(76n&^MdmD2p>7e|7PzK}c&1I9@o{T6d7uo<l3Z$gu?to3I5
zD3OgKZQ<iv!1Q|<KmAQ~s>BUr?u#Z!WpyWu%fO`bk51BNTjmdEtu5?h-DmAFMww8Y
z>*qU+P=<pg9h&tsH08m5n-5<Cl2z0g9~ecHZ0?})%+W;(S<FHX8bvg{z6g?@U}TP-
z)Wcm%PXf|^>^PX@8}LOEX+@{t6Kq|4A)La0=2v^0o^K#7MuOn-oEmdz<G>U<U~F)q
z#jGUDHFU{<%^R^YbD~^%Cmzg<-rX%LHpR=lHy~T~L>=8|i4%K<bVt<j{BbzXUi#;g
zs%FGf%C^;7&bF0CWW3x$kLY!xb~7Uqnrwk$cagXQtImY{tD6<%?zg`#u)(4;f>0w2
z=a&myqj-Qnd~|R&tgVwF4uQpSSGUa#HMB^Rr1BRGgixW^%Hs&FMZNx*SpNbdo%&|P
z9-^PWA4g2xfVh&r{3Lqi9=DN$)D@CN*l`Z|Ye4x(bgogF_k?)s(ZvczX*Fy^0GY-X
zNokfKwXsT8iJJskDuQ?Egs9yAamPr%2huglmFeCW*xv~*^OeXy68km@fuD?QL1B7w
z({(U$OFvTgDprGIzo^|c9GuwpV55Dvcigzr%OdgQ9@hapL=&!BH3$9(y+t-qbRGk?
zMF!a`gYaJBKyXxrn&^8KwHD_lIHKAtUD`nF$q;i?NgZE4)bR~kugw4ZPVVG&GDu#<
z=jJ9Ahh2%w^8Hh}JF6;g%$HhxuOC;sK5I&2;@uXM2>uK6Iae+#J=JmyV;82dQzge-
zHyl)v%Sk0Rhn9-ZC>Q7VV<E6SG$+sd&KAi6nzW%+k|Lc*O@yfWUcc%uJ5+xq1n4S4
zu;Hj$zkcfiMPwrQEj9_oWP7TkLVN|i>0Nq=Q~-3<*Z)Gd%{-XC$Vbo32N;6)kuWay
z`0fGl@hn}nl2r>T0r0y{rZkqMu||6ccF}IAw`0#bb#k>F4YArwZnY!v_t`v~y96T;
zo^7;6d^v$HNTP-9zj}|4P|@U&#BvDUvLbr$f_fB6=2{iZ03|Yk0onM#>XFLKVZSwv
z1lhmh*)4-Ch=N1yzIqV^!+*Is7I=Qer}n5@!k(3m$n4%+ad%)X*MQJ@IX~L8WMnEh
z^EcPd<0z{YD&gpcnE&WQBuhLm)S(IayFC;}s~DwOPKehYRUe(%Ka>_kIEXg)!Xr;i
z21GX6!&eZL-gOse1HS#&NHN6PqkMg_(o6{O;f%5jNH*)>t$;V)W^=_EaBlM6JsftK
z>x2jup5)!Q*D<*@WmHxr8mO)<c%MCH<yPHmb+@kaxY=HeEWw_&skvT`Ftw%c*c?=~
zXO$oOd2x4nid>Sn6Lxrtc!Nayz7riJ4F5i(Cpyq<&^+{A{sLbg09zv<7hEsaux5Zt
z`;Q}4keX3&xLsFnw~d`dV`E(w42RY^Z!kTn6dlh#kJZx>*)P{qkN0yjCQyr5cL2@=
zD3r59p0+2gpZo%4r{dZ)0U+~Jq$O846F~DB$m!_Jh$KWs|Kn*<{e=*q!wA6`rO&hb
zog*s%f;qK{8HyNkY$0|Iv{Wug29X|E>>cAD|FS4V>}TY*(s<x)->q58y_}me#ai?1
zoo-51m#x9k3r^~y={vpqQ$eza7a_2FtGb1KoF1A(QtX@jqlr;NMS_!?eB*a@!-<BC
zutx6;&eT@NPOT4!@IjUp!4a`&lYt>gyi*_`+EpAs5Jn3|f7tKzQ=BS`d=5Y<_Dcb_
zUaa73aQ(54hg&2VBG%u2bqXUMdz1k@)|e#%{2r0GGcUlM1Ri8`i<0H;l{EZY&007E
zibe8cyq{6OZQcbVC9B0OPFNQ5N_n_`%PhIg#7>a5g}!KivL7qfnHW*CRqa~ZXkAki
ze{;XyVf-y&+NULk1mxc~RYQ_1n6h0(qNGGvvRO&4M1r_79$R9*f61&bI2Q*w=7<c+
zPTx`emtFC<q9oPAkCe*3wIoP;;J2<K0Cg8>kX|fy*rt=m`YI0V(LCffwZlGJCjRFt
z?Dz>9Oo0_tcGAzp+?v0ZM6kBsyI^h;M)*(@0pWmk2diXhXOJML>;Z~$A8iN&hMTBm
zI04T?8f3)WfBh|+A)jmZ7(RE}1}^^Scg$<=m}i(w%Lpx!u=)I#iPN-&)9~ATEH3ma
zjHzSl+OAE@!&5OVkqWg0|C6esGNQ(<$LPeYIkB0{st(&M{oV7D?4^oGMr`EC<ESM^
z^s{7}@s>szl_!P?81<#5ngH`QY}TlV!zwJw;2s}#;HRRmg50P*AvrKZ4P=;~fR`Md
zc}d^Owy;*_8KAo#Z|}v+45vu)@II4&Bo_ZQNj?qm1Xd9`t0;tS5%mLonYujD0oFOL
z<?d_et29A;fFosg%%DasTTl02L#<Ni@MRTA7fj*YlKa~2G*Gk-PWGSyK265NPf@7x
z9%shhiah}`c|b_Mu1~HM_GxNsd?A+PDN>v>c$CNQ$=!bGyNTcIR}mjP#NXMNiB>;h
z&kqs6SK^#?!3hz)+fzf69<x63Dn%5?*gf(A!uVG)J2HRKzdTkld7qd)R_JvJZNhaI
znqr`M1ROw#AlQ5jvNI+|xz!KWI4w#0zLdq};}2(8tCYRB<MOVwe#8;{Y!C#EtEaRf
zHrUdSEddvZ<U15o8Ai08@2`HP;@r?bvr)f_K)w^q=Cc#&O9TKLg{wlv^biU)oHABY
zJCV|_u`ORfN&l+;G7E_0q=B4_lmAni3dauGsS8l~@8CfWGnzZ6q}T(l;L8G{7bpzs
zvcd`aSaP+yX!jUm04U~b?G1Hoo4H~w_dB8j$;P7}tkA^co9@XDKTO(&FRfgtdk8-{
zaqd5CSS>3yabTU<?<SiEoOEEqmaKiuJu5D8yKX#qIc}g?5!>W)cV_skuc1i~6lF=+
zLj0F18nTYo>yl%qIU-TA6AS8)lvp)%hD2SrwOURTGSpV>Tk!uHG>J7N$KM}|$*IQ5
zZ*3w@ocwDvenhP;3cT|Xo<lK6Y3hP8CHmM@%ft3;=X!6o@)~9i$XN`<siMZd?My;U
zyEATow`_<cil=4i55RIT_vt|UEl*f&OX8k&QGh2y!Tyx+KnxKQ4Qkn7T&$H8eWY#T
zx>MfbaNEyxZOadT#{ogIF8Wv;OgVOr>(o3N>jp_9(s{;??`gF%b-{Hu!q>NXvUBLC
zhW(&dtSq057&}5ZvE2<i<@ze-g-6h<n?GG%<W2X7xPq1_aZiFMK$D(x1RqT<$b3**
z##P>fD40@9FAf=hXp`FH<)%+Mbl_j$odJs$NtX-QK`V8pCb|lZI{|7Fmk^TH10gfX
zP|`|~QH?)Oh`7oc<`;VT&m69^Y0jw7B*<MG`@qtoc9}0Yix%Sk*&TQz@7$ABrfrKG
zXBd}+N|;_<ogY}w?RgU!L<{Q_yS{Q?rBjy{QAqEtk_V%q*8yb&S|=hvdU#V3HbM<k
zbn|z>ZbXe{B_p<y_U_&YzOzcSii`2n<vb!pw2G=K4VhHDR>HVTUF%8c{uiG%A%mh<
z1G_UeC2w%lqXO0%=Rhf69p|6ty0Z4CHC_*-9B@X4$9T9NoDvjgc4zD#tC{WCM<93j
zdyveAD<lpbz7SjI2XuyiBDVhR4zT=!Fi9RT1>xA7l;UDfN9kgT8|#$h!A+*>^_=jo
zGUb$FNnTfA$cU}~nj@Pr-*z?&zI8q;jS-5*_iafK|31`DVTp-SP-+nj^fif1Y>Pdg
zCMc@0y&BLCSLX#fmZ5*A2tl+gTZHLBAI*E$>Gg_+<1!SJ^G&|XTdx4n)O+DU+!3|R
z|LVwh#0yB4E{pCFNvnMQ10pBKRDN(&i3r9~sj1PO?30FL>9o4Ga46WW);SxruP@Sy
zoW*r{S?DBUvkqJJ5zELfiHCj=1$my>+a24Ve^LJlp{5xDk-B}cp0mAR@kPOCz~-c*
za39rTDmWI<yBHM|I@HWEbgB+(ExP(wSFYB5n>SeSE%I5jAv8jkBtZ@XzO5X|Krz(S
zzi30xxpQx2Y>_`}y}(wX(;kP@uB~!qs$rfPu(a9AIc|Kx4z2jr%<y~sq(h0RLz&X9
zh*{V<oXN4}hizR$MWcjWr?zNcp=5LS1bpGIlW}G0P`nSLMJ9(iD4MIJkoCL^*m~?>
zG&Cj{{*<0*8Ur9942T*(G?bsL?KN5wuX9*hF-ib2>ZxdQumjebc6AC4UC_G?H!jO%
z4*I1xO+67!FPrLhJbM<OF+gdwxs83Gs>Jhsl9dn`R4%Wr=w6O3&+?{F{d;8$tS3F5
zAV62IjoTnXJTP^breTkg7JNF;e=lHE>6H5eA4JVCAA<y?tvRfPY@JvD>-Q^Wz*IBC
z_h)zD3xCCzxIm)$xeZ>CzXxyRRXNH3(|L<I`x#F6>(;z*68O_p*Siq$rZfp;`K=?~
zG>uQS=slJhsn@O!4f}6BQCdf*Y}F%8VNNB>MI%{U0%{I<bCXl)>UZ+Y)g5pS?0Z*B
zQ+uziYB+gAKivCt5&|BBHpFdc2SI-~SR6txErHMbodIPs$0Xv=yTzU6P#yUkqv649
zBqdc{5%q^TbT%QUzxw>(=6!jNk-;g8IeAvL<B<RE21?ad(RJ$i_O7cAF?7!;pbb?W
zRWw3%fz|qDw{ADyf@HSJthPXPKG}b1rtQuA!olScc$1vyLsx3Uvns9!r?JSl<PT3T
z?vzetHt3DFpw8JYS1T=1uXc#x71)O)b|reS#4f)p+tly@Y~UmQgNrj5knw5YlV0P6
zs!Qvj-hlGLjnb?=dBlq@Y@aUd-;6L%q95CxpfVtspZ%qV6&7iI<;C1VGP={WOFQsl
zd+IKH^ZcSoPzNxj;<OyX7VLsIQ+hTAA&!Y18)aczraUh#?cDB`){efwadn7Fy2Jz5
zHA=V3&xK&_>_dn1+nw`k4+rQB2OuUykPD{V$_)%=(tmv)UktePj%^susvT@9G<@;z
zPWU$@esNkHcY<NykkBt{vVlV?+l;Qvae*Ba?z-@j5K-DQf}$E8rsqhjHHXUWfIAMn
zRX5s7LR_OV=XgozfS>KMO~7<}b-b}!8>?)o#=F3sQ|{HI|M<Hg4@`jG1U_JB*@fgG
zMS)fHR1I36$ce9o<B8-_x|OIm6Hwd<wCO+o4K45_x^QjqXaYSMhq5h%ux;=`?|7g|
zj~d2bdQNx!Xen2<ic3EVMI`iQoQ7#yVMA}V>;Brb0nx>Z*~OaTX+<9^@7AkB+*qok
zDi4lm6j@apZKkXnX$ZpJP8SOLw{6CXh#Ii=u{UG$N3RoAC_i}q*pGJgM7N<X{M{CW
z<gJ#H0w#ML190wMc5JbikTtP{?hJ%ZtWHe?2>o9@aPfq0V4p!8ENDu|h)9rHNk4-4
zXfQaIua+|WQ(}$?@gpXsrZxh^-&v&+6T$$e0<@-+YvpI4HMzUc!k_k#aAe@mcqoUj
z^GI-TQ8HvvFo4oK9xJ@WVl*^dX1OzH;RgWrl<TMy2L2Qvi2ByRd>XN1TQ_xG^&%xU
z5paD^E@H=#1DLI~iW1Tzsa(|<^4B5$OZYp79wISG6MQs(j}yrJZB$J2Xy*G+%_UD=
zSef`OG@+xD%`$tO4Rhd4?yAeFvy(8bly+D5^>iF5!_@=MMJm(^c3tjTkN%_H0U3O;
zb6)WcYOFs1Pr;y7n)ndE1U&9VUEb#<e#v?+eF<IMh%Z8M(!|%DX#aC~L<%lA5uG)N
z%~@2>U6G?p0Oqd^K!^vX9197+AO#qY|B8Y30-jcyc9IdD=DBsD%NNyl(Fj)^u}V`6
z>1YOYvjKk2wD9fpZvKgw<W(l4pY*N&Se{>E3N!;7TF3Smw-l?`Ph6{m6eq>>T6{>s
zIab*5M(W7;mo!UyK-T@&`PwapjE-Ij8~_S^)R`)ppTyE(F|frvZFoQ<ukRvZVS|(4
zMmA~nSepLGz<6JI(L){cjaGFoQI747YK72#Q?pKLe#|12Uks}kB->{1yC^fmLf^xb
zR#J#6PIm{gKBl*aJ(D>M|4Q=4M<^As(dF(o<#;WafJYED21nWe&|f*LvE}fFZbH|<
zN0_{EF?|hrG6tw?{TgaLqBF!MzVtjJ)7ib34}F;bc;zF(3gi_gkXMZNCTy7ao*wB_
zP87YoL2eEn)EIi<>D-hscTH15)XHWaP1AKXs3Yb5=No%<uVxZxA2jj}e50w9Xzzcw
zu8nD-TXj)g2R@$X3@(zROde0IV@>@ZQ(plT*Vc3!2<~pd9fAz*5Zv80IKka5!QEYh
zI|O%kC%6;b-Th6t|3_ZcR80+asNUAyYp<4LX*xW_I+N2~HJ};o;OV0w2iNxQJ(=dg
zJO-`6+T?7@t*X4mQM{ayK~^n$)^#Nq5a6?U*cB0B1A(vZ!)S73mb4>beyI7>&T)Lq
zUZvc6Z=Q;#!tDFydV<>2j2PkS(D&}!7}D~R8Fl~z-x%MuQqa)quCB~-`j%dfgJAyV
ztarOV!<4`??!<v023*aXPIF>?q{W8NU<CbER7@!&Os>92HRjTphp$~16YrWFq*ast
zp#%~5z`GydZ~?6`WCPVGWCtc)Xr%Z9wTvCd8E`iEv(T7sXRe+PUgzO#{W;THjeu7s
za-z2DSHIwGSo`bk_S%zE7dK2iniaCIE83e8<<r9_>*kgaIiqYzBu=m#SD^ZAuSGHE
zMa`+AQhDTH&77F*ohcgNiuNzqpK?aI5blCTJ?6;QiXoB(8fK2z{`}M_)4bQ7;>ngW
zq%jglx(YkR+Q{+g@wn1!DpkDTYA`IHFlPaNa5dv(ggWcxMb;p;==d(2^{~D!{PBMG
zD;(*K&7zLw4&bK%5AKZ-AmhIngk)HOA(reQ6gOFk-%wSRk+PYD&RMZxe24)CMOD1;
z=WO<K%<@6t)9>~!5tW;)8976sxAA0nu8K<OL$}E5!}F4JJ}O5Va>cXB4fBHiWPaq{
zj%u4`%M4Fn^YJh31KW01RDrtr^>tke^=tpdoX2kVTYG?!VkF(cRNIz&?JE6Eb2z8>
z*>8L^CXBLkcQjwXw6A_7L@eNqo51fSl?o6~3M14DsoN+XM-Oc{|Ca4%#aiN5YfE7t
zFNAIVEP0DfuJ^uyt_}iShHS)ozzyVi(0~J)Nx#l{*7Ks_d*dt~_g_mXM@4dWT3@(}
zPrRC0n?D_)jcV|QKlX8GJf8Q5?_GUew>@gCd)}W|SkEp30OG<IPwJ$awK4)aV(rn7
z<H}Y@Y#T6d?hroBm#Y=8<62#AdpVo2<!`)Nv8O!NcrW8cH8Ug$J_nUc_e11xyamx;
z`o2ZPdc2TNq!kZ*?iC&@R!g?Gom99DFNxcB)hT2@&W5@UXGr<ySJqIOf#x<v5V+2#
zb9Nj`-`fcsQ*R>+P%+$VS==-GTF2{JQq2kSc&u$lX7Tfh`s{4-RhIW{-O|S7<^_+-
z&hf84^IOaXLOx2UEoDcvQiXcBXgQlVKf1ER_e_T}_3OYdrM0Q~t9t-ct@^|91iToT
zeQ}wvFC8g#8%J?~7|tf>!F4^K8<<S<m)5N1><a+849*|$=q=&Oy-bRuEsQGkY9%n8
zhO66*ELtUJ1hi3l7VrL7vSb(4g0dZ%Rj9Yo>^hNjy_OUG&+|Iv;^>17UrmC$5w#9S
z`#|l@Fuw&xWOF!`g;g0fFjd1!<^b@RHk*LIxU{V<iRD@Ea)3XN>1(w<<FeP`%ei{G
zwQd^c*)m5yvw2!ZW!~0WJzU^4UW;20H@B376|sa&(O9QhHJf@VK`VB<Kf3Ptusy!j
zwLcwsC{djO`BCEUX8h1`{=uW;9MgZ8IGK2R1oOK#<gl+rIT>HWIYwDI6QGPCtaH(F
z#MnM(4@b%WKbrRP0ZeYl8jMojR_8lZ8!1`)Wd-CJeFLw$bK!XL<D_|Qv|y-L!Q)sH
z31PkQ^3!w`!cyT{c<%-8yuRy8?Hul<<n(42IV)m*;@fr0GH^c+cS@3jpFX%)5=Pz8
z?dNjc&J)t$5M4#htx(q`uk`RxyIrh-8}z&HKPJCY@FH;w4zX_y_M~kR0>?5*p(xu{
zo3qMsFmc2cjQl<!=eV_;z?*J%JB2t}k^kvwuF3WBCY<WTkxq>x?L*az;ShUjO#I`D
zF*i&ui)BG{{m_VGaO-nNCwxMIz2Po~s{;RC5%%?z1V?^+VJ38)J)i{aFP1hl8KK@z
zQXYa<5l0iA-IieJR{F*TJ18{Baj3LNZmEHj+hq-W<bAQKFa4B<tb3^CZOfPLYk#7k
z|7qn`-<rtwASpM`57Vr6bX6m<>t3IY1L5kvv<~puM~rN4T`@Ivt8{~+VcTsi&T4MC
z=f=goXsAxtTv48{KqR=vLkQHa_v)fJB9rajxLuMlF&tlLRz=MBUPYv+|GHzS!`wX9
zLY#}gwYJY?!TZtOKq2G-Tl<h4vRVO<`9R~T_xm*<uRWbC(;XUVs8eR-3@xlcAkt$>
zM*U~@p@yjqOuIV+)W1ZZR#YVFc4R1FpaQPW`N#nkkm|Z2Ns2IX$EKx?YKv@!qIQ92
zQRf%WoNgLV-TaAu<BCU}|3l3=>!te9wG+;gmIqG3WRFw*^V84vn2+i$GvqVY{+C8=
zsX8N8A0zeALLS8bkh3TG1Jw(dP9O)zxsBy81U(@RjowSGTDlc{W0Y`JN*$9lNKMr|
zPs3o;k%i^p^A15Kp!ed|pd7L{w4C?M`6;M7)P4@zwPZRZ&Zt=%EZefnK5G36-JR6B
z>G*cJU!6YZR`bx`U_QzmE0~sbm0#j~*0)+#O<LKyYsIDWjs8<q?<gu;QMg5D6xR9V
zvvq*`GWLTv7p@lVTq{o)@P$GiR-VsReWV!Iip{ed5Y=jbSM>fVjK2ieSA_#aqnCP<
zxCpEyR|31@>dX9hTpB7P)jak5$KvR<ajcququz!77QY5n10413r8)m+>JDoR*o^6}
znHQb|kp{lwvgjJ=k)~7K<)TakGj^!UK_OWd39X_-5Rl*LUpKia=s7EEn?VCQ&-xsb
zq&vCofBs&VcMJg3Nh)#1^hz(I)vqOC^=9M0rZD*G(Im-wCV2Gq<SIvqm!uJv#nh>4
z)f<+E8x}QpX=%nKE+)Aa+fiLohVl!Bihq9hzI|y?D)-@HpMl=jpe>;$8}zBTX=P>B
zLFSlxBy8t3w`tRg&*;W-_YT-ax6SYspy9?B#))WlDc*eflm*OXU8%t1a9u4Uar4Ym
z>JHX(Lj9ilTvea}%cN}_(ClmVW7wanp?S_gubqd%U-%ixhMqmC>+J-X$b_kFV^t18
z_ekV&R1EQ&RG}-RRx3#j&=_f}I#4J0BXxbHqwfzwe@DOeGDsy)BEaOF-6oE&p=!|}
z7E}<B0!<4UzIC~EeQE%3_Sr7Xl@oc-AM7{{=dzHumKVD5!?^U8!nu)_=x}_Ue<MX>
zr}}q;;=H@aXNoE447*M3iwW}i=><z7zZ218wSVWEmY^W}ZsWl5z3aC9Dwr405b^<a
zo9ndp3>A3uv|6e-l|pJR)Q|WvKh(eCMzhNe5^1?@9EjRnR+Q5y6{vWteN1|;f+syl
z+};mx6e0`Z!H~jx8-N>}qNvP;YuL|-m~8q*31u29<q;R_4}voVrPQ0b@!Yb_7&TT&
zoc}vR`;!K}ew@@+LU=&=ZbxL|E<7UOE_@dC>S3$u)|!GC4LC#Hd=c&|veUjbwrFf{
z>j7M^g{ft0qm2hUKJBk(hZ8#sF?-z!Q+!f0Je8HgVJCgZY_nZ20Vj+ru&4^Mpwen!
zn_mE_4>Yb1k#Y}9>KE+5#_LxE%?b{-$_z6p%0p`3><6j!)8)kH;*HWUUepsot9jo^
z8(daB&yY`*yh>?@2=25ig5WNou6?upQk_ZOp_h|A^9t$FKTOSUYPS3C29H#kYCD%*
zkGQHK^yNCH&b{jELvdt3Sp*bQb<ah*Uk`5S%1|;@7a}&xvQo9fGT;gE&^qY>@PH<H
zJZ9V<>zNAhpop|5yNanjUF&mAJ#~yb-iY5TK2{~5EROt1t%I*uLHFwY4wno|u_tRw
zaupbIY30m*01#baefnrw>v5ZH@#I7bnxt(R`BC14{by^{e0W)xGgfi8S>$tRpdCds
z`p$`Mh38%>iw9rxOrCU?IT(89GW_32ux@5$$FlT~##Em_Rv{S_+Va#Yap|3VLiz{2
zeWfAA?5d5FM*C}68oDR{7@<V+WocWIlK`L}6LzO{2GV&9oLs8+bwz;?eek0Q-E>Dc
z)%C3?PJnuMrF^gX4+~+Ep!wiTQPOOt82uvBVLeSt`4>GK&-(RwL$*^P>zk`IQWBxS
zSP1xGg0*89o8U@C76`W`h2{1{!vp3OELh`{*voet60ET0H?Gy~lOl(3NUO9Qhb=By
z`ktLJ#;c>X@^&e$YnM{ORg0K@_08!mYyLl;)74#I8;va+$aBuMK5I}1!T_)lPeyun
zoc83#j`x{zczV8Hca3<C@yc=_Ia(iU{sB5pyl*St5PJ!p`g%zbuCL}&wskSy?zz)V
zSaVc>az&(u2tm6f^<5L=yv$$;>I4<#x#4V<;U}*{eXV~x=19>XV@skH7-GNDRMG2L
z_~9!8GX)oK;LGuLoBWE474NHHI^W5T>(R~VaW8`0b2?<@y*^i=p0;qaeCX)OiB-dB
zHfp5kB`IAo%kzZj#3_VgSLcQ21HHTZ1Y5N@?rfmx@i-H4^Qu#wDWph$6vB0Nlkt_V
z7;vbWWNTm01v$Y39AH2vZ3z*W<i6t<8grB^id8Xg6K@-tCw*uSWyt-9SbI^$3L21e
z|033nIRQ?k@6OF-St^;_y3U#rvFsA5W@$o>G)E4@bu6`U#!}|+Pt5DgeGl5fk;dcm
zzoH+fOsgGho#zDQA!SLP3c5KWtb%U@Zs8of9;lu(dOQ%Wx8}I9M|L|r4yv~<Nq6jF
zMt0G_GB>es6|XhwOO+R@CF*<zYm@@O0hHg@Vw1-I-PQ-8GZmME#<MnBbenf16)w20
z)IqK;J#0!MF>@Ak8k#>1N7WADax!Dcc2$=pC1)w{3p0o68bXl&O|7jCDM|rVWC7=&
zVYdrN7WP^hv0YKO91b!nqA6)B9l>c|Q%EX)mt|Z8tqhb^43yQQP+??|f%#`p!C0+<
zE7@xEm;Dg4s<T_mJ!0aS3U^Xp#gZi-yb<IVL}Ys=C5Z`*&UrYgzvUIR09GJ5UJGTB
zPnpfEnyl|Stl1YYrJgEGHSF@cmx|sH(hLF}EA^kuGH6!CWvJA@GBqmvzZHJqEA3rz
zat3gvT@j8tU69u<_d^_UXEEvt#^WvANAfkc?B`Vos3#LA#lJ;YSul)^(*7nJ4he}<
zg*2Qdhm7*}vd5N6KL!m-p$ikcmMZAdj12wnHt%3sYS%Rs$EI&o$gUb_42;;AlM#P!
zm+4=dHen0CA2l{X;B8EMc$!6<VW5cS=1yAFu9HY~O617xnKxf<W#*oB4((l9y~2W=
zsj(rL*^S1*v$`-=Kz(^uL4?4(M&!&usDO}ILIE)l5RA@b3tc;%GY)b3Caz6Jp!p#A
zy1Ra*d*5^|vZ6j|wX~4)Es&E$-yFf+_FI?piy3huUqk2|$hG8;3SY*g#kc8s;5Bq)
z%>9VvuJDx{tXG<JRR3*9?qc5b%eF@&LxtwE@B*2*dTr4uhqvty&x()lNT9+OdR}oA
z>L_bN%Nwr+<A~_g3hAtpJ)tbZ91~A_`+FtUxDDoI%$=(3B5u28%X5up>T|gJU{gA-
zxn9Qo`CvK1Crg+LFAn;gkA;<K8D-8q7`W^Oy0^h2j98a$clz7YrxsG6@_hJ5N4h9b
zZ*1TK76vr~jgrDIxm0xRwQZVV7b^^Y19F9GBSuN##dueZ?H48u2{_n)zW4?VgW4Jl
z_OCB~tPMj#|Fa)d{XAB#qSmn<*?+y7ysY+>_c||g*~rW&Rm5?AB+sG~sXF)E;^=3O
z9CAFXlNLbX4d5TJhoQw|QBgzZ7Ft}=M7#EHl#bVI#)K#*TS-dBAC{}epea0zkI*tG
zfW1=zwy3#<EyxN&y{`Bfw=ot^vm~Hc+@}pMF3X;{2*^xECpX4SmHX_er+78KeN)!Q
z?ar}rfx<#e6g7Me=k*-NQ`XEQw{qh8IpCK(Z})tWZV%bu`;3@B?tVwg3N;}`xzt#Z
z`u1@q3BP8g`Y@C~#gpyT=(qhdkH5)1WL-(xfabB))SY%s5d6-zP>3bL7tj5tY=ML<
z0FOz3#j;(E)S+hF?U7HLXLnQHf#7;z8h@<I;Z~UzVa4nD+Z;vv{V4&j$D=U=_Vxk9
z#YDJfGgwA5EkmCm59y5wpy$6}f-Ky59M%REbWk9LWt?;VfQ-Cym}>r&`>MUMgd*q3
z>?!bp|7i&G<u2F;l{MHokneiDtVKffyv^b0n??7=t@CME-P@OMTHVWGHzR1;ei&_9
z34M0srZ=JtWy(l4C%j$3U}PpU{#K||IqU<C^F|>h>J8-gL`jQ(VHI8wZlqKokLgLX
z(=;koXw=O+Y7iq{5pXJ6Gs3ERw+K5`(1yU1TlLrC1#gi7gPNk?>~r$%E}Scd@G_GK
zQzA-_kebIk4szBRL%){PC#N(P&DgptVVXSg>h#nz;O7wx7?tYgojRlbi`N|kL>2WT
z@=4iorgp<NS&f_eO;yO__47{btE8McmDkRT#h!4bgE?^Cm8UM%hIu=j9fx|1Nz}DM
z7-*Edy>Vt5QxtX@h?rcs<^|-82fGng`ap+T5q_~}NHNq8I`<=I73moT`g@h=wFF39
z!bGb;pt8QPC&t}=(!tQFF@zR|i-V+A?#3=3`t0K?S*<zD<E4x+@*p73QsGfq-$B?2
zE0M*}CuCNoG?SF$S{r!uKkiG)%q+&!>n?zjANjTJ(+0JU&GOc5NmbLdOot;GUW&Zu
zI?x>D1SuL;?qst0I#nFEqTXHeGXj5{1e2)N*k$@Dk9F-;4J6w?Gb9W0AX<I!{f+y!
zJF@!B{o=f`DBmKwt&{knvFJB+mKaWwLYSzgco|85ti@uD{@a*A=oH|_jAm_cPsLW`
z*%f{u2q0<fnfQZun_Vq>9d5wdTy3}9VvB{ty^>i2X@l@s**E1z?zlFh=Vf-u?q%JQ
z-@FFzQB3;*kVfpYBtCK_Cu?7p4wvut#$@vZ7vWRfbBm`pv&3+Xl<qQRpwpIsS*wq1
zie1z&4&Qsp>KDH&kEE;$YH>jm@(hsC&!G4k6FwKK^kGxH(gn#|jnueMk10*0c|HSQ
zg9nMZRz^DUQg?CSx4{W%^XW1wT=-t6SEXiQmZ{cKbuFvDw@F9S%KnMhyphq^loo3L
zy7rEzp435fIaW2yj``oAfrjscx`*wPMl#To$r>c@riX?21?xm2H{Ot-8YweI=QSlu
zg;r5NDQ2PXn7`9_*!Ep>N^BeE!1!`fuB*6&moo}5!u)HMbG&|!^>|7H0UaIj;M?3M
zhmr>e!Y3PyCu1I(uXp(lYvWcPru4)G<~J|_T5l_J>`#;kBS?o1(uihD0YfD*d)<|m
z5eubajBbKHo>%C=#)AG5!j2xG^)7qC9JEo1%|{C;yK>Gv8k71<HS!YGu<@<F8sc*a
zt+81&ChZ-qUo!eZ+Z+v=RM}g6R|87%GkU%XwU35)EVp$msX?B4_9pR|dVEccc##m5
zi@Jl3-#R8R-I++L?0@Ob%vmbMpX5I)r6sEE)$YMycVNK0014ZK$iQJTM_bMlsRfHA
zH_O@9177D(EDM<5+!7Mbp9WvPkjE8xm#XMF`43&Bto!VvzlCPI_1yBht|WvfKGV`)
zHXJL=I#n{HnT<ASk10`oj)s{btNi;vZvPTN*2%9V97){#LoP=u7tI+ks5{(wtT?en
z;irg=dv#kYKauxsgVcRneR-4(l?@cWTv~g^@A80lbY}mk4t`1YX0{Q!JjDI)V?zE&
z`cdXkOLM9e%iKN~E;GubAxn-#bhap$6@H2JzejmD4hSh{WHaG+DAZ$;DW!9h<VxSG
z!=<{fGAZ;R#QUT+E!F|{?3Upp8$a;PpWAqyZu>0DIA6-IoC6w>y0tf0VPnaaQsx#*
zb!Y#})wNAxDFT=)AeROYxu(?1cTQ^6g_$IC2$v11$K_L58+~=e!!psE1$!sbHpxrH
z9Z6>WLM~DITN7BaK-v3SZ7&};U+|hcJQu)mDR*^(b9nrFXUWs?pPu{hv@9ZIP_>;W
zwPoC4mY#oQycqwsmU)1EZhgIY-BM4;e?4L&H<m9fXfz(t#R2~t&6-Y15-9?ND<CsV
z3~egZxsJpT%V3RH2Ps<)s}oI9qswFG1$#4;cm02v$_Btp<pU9B81!ATJ`dU$0dRIU
z|5?9SA2cTvp-*Qu95M(tuADHIX=cojc)W!<Rv^#h-DoiJ3oNnVij;rp7}o=0{(Wm8
zl|%^2AWp5LWb~=Jl+tl3p$8q6`!vanX>5u{rW%IX5{u!VJ^Bf)udo8e@E1DrS8PiG
zq2s9&0p^B_aV>ccLlzhC%_uZ;n)d8_E``q%hVYuRmi-qV%Y_SL2VabjITR_*<Zs1~
zL6!t1*~?8zj?>%Ht5^`EB_9r#G6USYX8U#u$=mT5yaaf5ShyfQ0tX4qGql8qkW1UL
zrvdp%3cf2IUspOBJ9%V6n>0|B)N8yON&Q$l^2DY28Sdx1Gqpbg`%+{D_EXMQXJdX&
zfl}$aIPFtWWJGcES~)zOaS1GMl2M&r(4FDJ>Is+4;q1@RZXxKmbwMS26G`4J6ddb8
zo-?LI4Xf^0Y+wwYYFpIrmAChKwvU_j^Sm+0k~O1L-2VhR=v8sM5lf8B)dR4xcNg(9
zFv-@d(Xs!iDsBr02PR7GkNe1s3alcg_UhmmV*D+O0aT}b^fpbXzRFWKjxljFB;`m_
zk2G$H@(C`-EFD5cHbG|_{>@w6(1BmA`#(CFNs^mk*pd>FaqLnv7c+0Ge(d_g3yS3E
zch|Jg--t%?BZDb*jf?}8$tld$WSHTTzeGEJ#pj=MQo8$7X&kc=ZhaZ(Z!_+YLjZfL
zrTQNAkwcRABMNR%j3q86wTUoY4ag(+90XcgJT<EFEQR<6J^L}JJ3JHz(tn*Ul0jmF
zL9DxfMA>H4=HCDrfK`&IdHkBuo6s3kXSAuA{Y(A2HTI|%LhE2)3Znmyx*tb@u>zJK
z7b2^-s^L4m21@HSzo{jr;P6*5?-J}Y#FrrzZq%7EO<3{Ye0;BcvYZUIwCeVXvelWi
zYK?g&{FoFyJ<dghSvH>pegC}iYbh<jX;4PB#q!{5-$FN+t&%Zok4jJ-0bAL8pOz&~
zsm$KZIEGjKHCjf90|G3#a|0xF782vLIlLMrn$KJ6o)DCO8d)YPG-YlKbxbmi8jhq@
zv149o$Yw;m?eCjxYc70u#CeAwtulUcQ2$rL8SJqk<YQ3i+)n%AW>%3B1!bFF?s=Pr
z_7p%;{-~Zz`_0*`(&bUSl+6Gp^tEy+#TV}3H>JKoh#rC<y}i^RTfe*g<Ul8~`r(+D
zK8@pJ*_uieDp73Ds3s+a&l_1zJrE2WQxT<1Zm3a40`j5c3elG3=j6hXlizAo$F<bd
zn)IgIpzhM(9LWE-8AVmWMTG_~8G6*jV5ZcZ;O#|0hi$5`=gk}=x^sN-$wr6A5A12}
zGv)=!WtnbJ*Qt1N$>YU*(`}lOCNDhb1=`k_?j!`W{Zj)GxX!FTD?DZgr1Mn5mzzy|
zwSie`c|W2Y+Y6YSKhYdTKuihN>*<<&##kxBb4NRTzBgFacdLeMyRrh<>(j$K&>PC6
zp&jT9qyeYk4!uJ<`oJBkJebY?TRQsyR>euZ^P*JAG+8u$s51$HkwWc%%`28uWtSz9
z;Kyz0k$oKK(|y)juLk+M@1$u~7bLXW5g;DcRqazUS<hA`c8_k%m(FNMl6mu&pqpZm
zV2PMIk9C0i`FHIOaNqXR9*VLDH}R(nIs*{#@;{)PyXyRs5)s!JWE^JSlM<i=dp}|J
zA;I=gQtKRJL;_J`S&C;|ft(_u!Ou>%6$FdStdG|#>5jjB=QC=gwMrmUu%Mix>U&wC
zdpT|XX24p44*osO(EMIO>?%zr<(88dKId9&fOsVE&`{#tVmWTqRkt#_UvuP9PaXgD
zGFZq>oA>L0%rHO&ZWJnTqogT249rlMV$DaFn|_I6Kn+nuH4vVLdZG+z{&~y92fM%k
z+GJFp`n}H!302nWxT;Mg38J*95)uh^RQA#4EaxZ+KoJyC_5Ua0J~!pgk7im=wrIjz
z-5MUoeUwg!bdrvKsOJ=yxW~0_13VVp3zI+BX9T2~60NY~t>^$5jCw3)To_D_$PItD
zMM^EBAf4kkwTY#cQIknuGx3lly7H=m3Q&$PQsIAcnjGZ0L8$dX;a%E73&r9>brOQ-
zgq4EYmr`tiJ@Ad2Cw6}KRa#*mTq05+e^T7vjVmZCLOxqq!_r>e?-Ef$nGmrBn1TG=
zvu`Ar^9Cdot`-hduH-}2b)QLQD$`V*PBBfgqoAi=OD<Rw^1eN@hA^1@t2PrsohBy7
zxcjP0QWXZSmxE~p%=t&&5aoi@C5O7P^7%6=U`BDwyJVjcaOU)J$gSCh-7?~ayU=#u
zl(L^)3ArBfM+qO|E5o%yzcqJAcc+I5C{KE*(+5HQJ0CY(ivis$(6<Y96!0bD3~tD%
zd%|<josV>Strm{WeN%q%mYToX<T%DZ_vW?3Rl**zkc!a%Uztci+D}Y|QEKkFs4aDR
zKccU3!D~@MP*dg44Rf{_d`D8h*Pl1)TlXFv>+gCQvD`JmJ)9XInMFILL#&-39oZvR
zuee~Ru$6S?)jJ&^-jW@w0qMvFoFwFXVY#RNXhvgAl;PMFlX114MC#MFD^Pav%C_6i
z82L=^(38Vlz@!HZX5t8;zq$3{*MqCW%*F~3|5?pKuI<mP#h#0K^KcQg*9Q%clT;9}
z9Uv;6PUAC_-gs5$`uH@B$8Tq|C;j|>|F;$emYh;wO0EZtKiWh*natG)fr0s0&U~z1
z7ClsAES5O2CH|*D5H!p?GP6oXLSv}xdeyIQK`C(Y;`OTMPAonfQG_${&E!)?Hn8%M
z_{hfHxeWF;vv>d-@K40#4Z)OS&E<2J5pu}@fWmNb70sxrak4~AcIk&Pd;=@cci<II
zzAPj~)6hOIQQ=3Kkr}xr(X(yxSsSkQCO_?l-JAjGaIO7uUA5gC(EMfPQNsXjgzgPj
zb3#?aG8kj(hiC^awd`H^)HWsdxnQW4h7HBVbH}QyJ6LMmCno5R(EZPcGuu!2X$NI0
zr)?as@oM2Aw#MiX#@;PKwtuBO$f_qhpq(`E(8J$co7FUpDCPBq32ir1WZnENw%Zuu
zODnyWqA&Myc>v7byh4ed8|PXZKc{fl{uvDzLTZOG3St;SGKeE0mxK6yz)EpqpO8>w
z6~aiSK4UawAt<%Po=6+%;a&<PlUhZ(C_l#i*ET>5HIB$jg#mg<Oejj^*wWRhCpT7{
zkVM|31b2GF`qbOS95X>ivl)IZW3PY9tL#-$myclwyO2w;1Z)%Tt!7ZAlU*>(HXx}B
zJBBevJF}AdAdU*0L|wBuDKDQ>@w2NAS>qZtmdW@3MF@@Kp~sL=%`eBRVUV|4V!LlC
z?jy!PIQ$#N*ta3izZJ~I@z@MZmUMfC`cLOC9N~{bP`1khCcdm-;gBVneE-`(g9T;>
z8%PYobTW~;0-GZQtC`o=rFNqTsVqDox0Vt7Hu9q3?&JRW9+1kBatXLo@5Q0aX+bd}
zjQt|xDv|}owDttdA{qhkHANa{7@C+7?%(vDB8E}R)pu{c>MDV}=_w(WvJHxaTarA7
zmzR?F{ct8eF30PNV!M+I>NBwQKUMSSzV3nKv*~#|#z7=7&&3kqcG??xX>)@<)Ea?6
zb`5XNtiqQ?pZ4{t>?LhFXZN~}i*EK}^u9Y|_byqgE@<VR9GQJB7c`;w4D5fyO-zs`
zKNAw5x#k<LQbHQ4GDPX9ns%(S)g-u~Xy)=de->XY%F+H^t4xLO+-=pZw=#Ef5uXpW
zj-y)G(6Z^DRb(jVn+V2)`geDJcmaD8csa!sbT-FvOV-#bBv>w1Y8irWYOhs>*pF4I
z^%BQZjVrtoQg@EL4}j@bDk*qNy_S&jwgn}TFxF)^RqOFbOF8Rq%VLUts3?yaqa(;D
z-0FHmJvwV(_wb5EL+XS*q-}Bz%GK9-UoTU4WSI7500=)BZ0ay+()aIgc^a7HgeX#9
zNWnm&orE(~T!&zyjlw7x4T#6CkZ3|mXe5UPj9%gkz)+Fi*^(m`BElGxc=w-2*I`4b
zUSH*%Maw3c<RB|+R}xzn>iNk05DHFKm0+G+%w}w8R>v~(m$7dbV#!CHGhnP26#!oJ
zdOJTPkm{5=2R^<r*ztgiDBUe0qNu<&sirz5+Rx2m06IJSrbcz&;wmj@y-3zuO=#fj
zO#X)*N}2ibV@#C2f0hb?b*f~aM3i2I#h?bt>=_H6co9(l()2D2=Pc%vbgUaw`P@N~
z<oxpl!4n0J>n*$M0jwJVIsgv^)aegnyyxdD%0fnW1IcQY)Wn$Usz}4=EACqYffG=7
zPai!<%C{zO$+G0X1TRVzxhONaH$Nb^%N911WFpNyr&7_l>u4|r7A(GCX<CnhZ0(?N
zRPrtAMed(IPd}~1IkO_(Tj5$imig{OP-lHEsTK#UeRu<*_#<qjN!DUeZTz<bBV%@*
z8Y^jgD)}@u?uO${l$b4}Az~l_+?^i(H04(6E?`SN&{6J$$Vc~9&RO&%OG2ERmN>W<
z@n9;`o2g}=9o=Z<ioVI!)Tw!Nqg(#d{y0HIvuL{kVEhXi$fs1@BoOky_e?r0V==%;
z6cRvi5+gWhC_$Jz0_)Upthi7jIpjjYP&*TCi0?iD`1HFC)+PrC+QBCMfU&DZph*U)
zg0oHEPl8`y<Kk(+4xxLJMl`$8Tw&spk^y&OwPUJYjo-Mf{-nc6arYeo*iOS0&=J)F
zqbmmdLW=7O-<_NbJU(gQv1DBXmVie}I3rE3a}jM@Egd;OyBWL~dG$u#usxM=>7_qy
zIU5uewLfh)@D(MFPAKyE6r;8%EvK~?qx8l0q*)jImw74-%siFlCc~P3w_`UkN#Ah>
zX}`cz4_qe-5$5r)P2*zODJ2$|FW`s?*5(}BRxC~ThtC&hEte&q++D6$zf^nv5^U<t
zv2x(wMPtHM(wWo2>coQl8?M}g{b+y--D%dc;hz=$!Z-70zLoPx=27OkW-T3m&7#-W
z&A^-1JGl++Wcucto7joJ4R)7~19rdPo>Rf`IlX>6X6CCwPMvfAqqW7Bb?2u;kI{|x
zWxQ8c<j0VOXQ>yZ3traRbTrf=j!}+%l-Xi|O46}vx|tP+-|mP`Ha}WVk)(e8AMvwF
zgz7`q2;M0G-uQw5y`?&En5&h<r^2OZrg}|Y0eN|=+xAMxYxXgDhR0Ng=|faY%gpvC
z5+q}BA3cmDspH&<Iq(4Ww5`K5R6r=D&~joEn@+7lq>-!qui_&|*yUbZ9W?bsN&xWM
zg7NO&Gm<-K25EIMs0SR!!D48p9i2cnLRom0gzFJ-RE}5EFiD<ZgMjtwjm%PK3*<MG
zU&eLY$XwCaHb5V_eI;$RfGrr9hBY!mL#i1=B<w-$I~N6PXD^7&FUu{AmL7S0P2V{l
zI-XdWZ!uRG%+Tmt#U=xA9s2C9ioU>}2zo0Q`!&B?bM-8};Ab)EK7LK|YuZJR%>@=a
zzLh$Q152I7)3z7}^R^ho^ZKnJh*k1}uw)-4*l7Gu61MY3?B(McuQq$A0z}>cQ?emw
zcy9f7kwU^bX#t}TI2Z>_Kweer+Q!NjtIz2pw*DL*+*e064}+$M8;4lFX8gs>ep~<c
zD~FI|Bx<|?zm9gBMV=&R@vpspxxg<5)EE@0py_mas?8X(GWCHIl$H6K_`0Y8*VRN*
zb?DQ^QXq~7KL6vtD?y`4mtStZt^iQ_3hID=6kF}UG$25J#fua@aQ8m-q2(<?6zGb?
z#B*`t%aQDOw`^0ivb3=_lc|s6Cvm9p84b?wzw!{Mk3>`u0t%o|gGxXmWJ}5s;wfIa
zQ)qFg^f>p$8l#By9P@_^1Jb{2Oi@%q(pGRJ;2Ao}`9kT}bTUHgh2>ny{CHib$rmy@
zVg4zkZ=Sp#mtggDX5A~xlhpBJEh~ZBw09#HM@HybI8W0SpR9fbU;8~A4i#Lq+`@(k
zbrSJ^Q9;anF$JmUTrlBDk)k-_M4Hce>psIF@d|IL>FBOxN(fCZz-Qm_Mme-_%&HG@
zmX8*jDxtW5Hrq-zO>PbR6uoSLA;)l$fk`p4)8lyLA3()zwWf9oIWB>??>X`tZMmfD
zLE3vKCh>=)_?vKaNSttTGVk7SP`vzVH4T+vsz|y5`Y-stf3@uk#y*j`^&O(XCAUNk
zijtd?ww!8Yf(cMLNGICwuM>UUT>m}I{>l0E(bJa*g&Lk&HXTBc^bJM<>kh<2h+^Wt
ziz%s6m%DUj$EAKOUks`>%BZB4QBYP<r&D}=un8f0Kgq`V$zMqKX$et)N;3r}KsxPs
zN*8|NdoVNmG?lceWrsA<q^ITAbXZ$QhK2cGc0F{T@Feb%Uk7EAgtGeD=LAXY)Eus(
zEH<9dO-kAl86`_l3m=Ampqn*W7j2&w00R_|3Z{<+#2}<szXaN`a8Q`ATLBgoMKv{t
zJRgbLO#zJj+uubQIy?S@-$npHv=@(V*YIa<5R}dM-L;7UagRC6*#|ZaN&EKh2mi<9
zqJDWs8JNQ}AvQm5YgEh27X29jUsB3FfBPuI{)hKS-VW*{Q7icV7w|@_%P*5Zn#x!4
zXI8#TrbpcN?QCW+aFN{I93zHW2RKcRSf{N)ZVErx>+XOGA}R^Y;SA}XfV@$j*GcX+
zldt%5kChTcqW$d?>p}<qCx=eLMQZX+ee1*~d1Cr13uP9rMs-#9coB_o?^X#R(*}E=
zwgC<}|3FAP>}f~73Lur?zh_~@R(-C>TUx)VB3HfSc0QWUS+y@kW^lvQv4}PPld;kG
zSeN_1ZYRLsHZc{5Qt5FqSJYGvv4t^JfaXH*&r>76zDwK)&s<bpB@#$8WV~NM^BnKM
z#{blJFclK2mI)evC>7LpUSL1DIrJV`?EBj8{Wx|QGdzGvmu2PFOU9iv{&t;m2!=hf
z4UXleYmDR87MnSzmgStyE1P~EXfU#rzoHpb&c9%tIi-7TgvGtYen&T2jO$Eyw0D1}
zmk4$NoSt#6%MN`&@2^%)+}p#GZ=4Z*Bp9&MD^XmRiOdU?o3{wYOod8+zDGk=W54n1
zW1SWd{T2`f^Kh#L>KYC-GOl9{M^b}5xw_dwk2<|&VT|67T@0!3a~t76W%XV28U5*_
z<t#&(%CBuQ25aVICy#jfITO=5P-oF_|IlIeB0n|N`_o}4ul7&($D8D5PnL*#IO<yS
zGC4pd$Q!C58!@o~etgEGf<p|+VU4M4k`>OWN;bsUB!D6GPEEz1qo=@U-tSzOlYYP@
z{R3RmxmL6R6S=u(c9pu-le&=+*`xmIYS!lF>l<B9!#?ht%s5McGry7TC~M~y_*+8>
zOMq)9gKH=BMfO~oOr|Pw=o0g!V447<-jM5-CzX)A2qXH>%YZ@H_d`>c9EJIWu?3F4
z)dZw*V1X8Y7Sg>TXK+QSb|EPlw0Z&lY80T&zp|gg;<FF)W@XHEn|x5AdgoHd61(XS
zO)lNtxL#5OZnzX>Cq#^9`#ifQ*~_u$Lz3dP$<&r^()w+&MTfo$`WZm|iyZh;AVIZ*
zgZ;I)f4)Eg?d?jV@rIj^?-SdzXx<XPlNKMhvLF^Y$a7!c9c286E<P8)3rOr=Udt@Z
z+XnaneHF9+T^DVkUeMa<GR|e6E7vp08~z|cs!;1?9AfbF@&ChVcaZJiFZ@8AO#JfX
z+caj4$&_61bz)Mb1P6zo38@)E$`;O7j^j%|SS;b2X^ZG2h3Y4TDiA}WgSCuJLswp6
z$`}lSMm8!{G+INq&DwwqD+NIRa~=$+D1K``U_gWIEJX+{pjCgjsdxGHczN~fi#TGc
z)T!|E6lNey<46CIkGy!)S4!izCy9vGm|g^Wynb%PdpWw?U~d>y6bo@3{07-y16axw
zl5IdNt=OkLoE(J8v!_6P97}y%j1N}}q>A3HjVS80&l+eg@Oa+J6Pf{!r!nP-Oy6@O
z#Aw(8x=BaZNR;*TIrsQ38$tk0p;CExuMZLI+XkNM4s?n0o+2R$E@Rr#z>H0{h+Pp<
zn5k>lk)eu@NG4y3VZ5LQaRgw!BLi0xP=+(jFK|jo#Wvi@U{#2=E3O}Bmog8WtugHC
z=MUNkx?AU$y5_722)rNIR;-y!1e!n)u?}>7ehjUrSo=Ujya`^@_30GnT|)vBoEuVb
z2-X#-#oH9{R<@;5qgmpOPp4W0wvirS=zKS*dDd0Xolz@3x<7s7+K6I5v}Kh)>H$Ku
z#U^FX=GMH-G1^aLoGfq3;w&0H4TME+Wcb^??~7g%U(4g0Te0EO*`Q_3hfn+E1OgW=
z+b=m!7<*y+<rliqS7?&_-)?zVsjx@qsj)A&=;|#Rdgm`L9v+WZlDMz9ZQ6VIL$DRD
z)XnpuqwD^cQPZ-$alep@qe|skSgtb}$uG(c^8>;^udjQ~7-D^V_ue<f$-0CKv;ZV(
zD9114$zX0XzzY#OHWV*B=y7Vnp+n&8Po;;v><AH|f>a}{*Pkced9GtVAV`0g2Z%%=
zzA(alHw62jP?H@itXWAX!MMV$8WSu<PBUn@>Vz%(dH;0Q80*8kxSeF^4>2pCAF_O+
zM(qhd3TW>ld|)QK%$pzXUCM0#>Oq1Ky0W=>^7GhkS-llK(6N5rGTwWXv%3&79>hxD
zmml#h^ggaTK|=B^;uBkC|BCT#^P=q1{PCH-eX7OC(y4nTgZ27zU}S;ywdD%^y+4;#
zp{Thqk??P76=0_SkP3qdF)hcip)&k#WkK-TCD#Af3*{cV5I8m^pkAay5Ho!V@U|j~
zUPoSimV7qmMZR)CnF>^FX329IK`Y@x=-?|J1=I)_Ig~BH1*p8mn!kczX$%5tVvr{!
zVy?=lrLSKTM8hzPO_b64n}D%gHA8jsi&<+TxUzS{Sv>)!F=z!+CdXf{Nr|M9RnBB-
z%!GmC*&ZL+TuTdj+n~D0>P~k2W#{YM<EFTUmh)wc_Vqq!HMX(ZuDRdcFRV}BP0P-*
z;Ljf6V*yGJb59sjUH<_};BV}HFA}6!y5q^>5{ZQRGTOb=UyLPSp$4l>O=@24dOiP)
z+ZuV0xD#xTAB=#L;zugfgC^(O=9PIxVC!8L;H#Cxp3{3bcMN|H+2^edPloLp%Xoiv
zw#S#M1&8LW#1hE5=uV&4g#mw~bL5i*2BD_64l9kS$4VXxo@Wl+7h+j;7A?u}MT9)@
zP4Z<zl-vqa;#*JZQfiZmKTokopf33A<Bg2IuZcUPR73I+#xfkbU)n0PkV)a82hUvh
z13`IH?s2h(hXeg}0c+;?%3{IurgtfU3}Wc<e%4I-incYva9#Ylg`Vdt7l;9?QrlfR
z(#XPF+GiUoz$8|0jGTl$H5=12t<XmpT^9TFGA>?=izb@5s3|v`OKz9FI}QGS1QAo9
zG<)h1MjAZ2pMx5qnV|MA-lx@)lTClmFjI^4&0aQz>pCxUoF5qI-7HFU^E{mnZ}sJc
z?f~sry(V&!JsckL5tme@(r51l_h!0!+s~)BC1<Y2MvFQHx}m3r#@B;(^~VwU%_Kuk
z6rb(wF~oe7!<4g$C5%+Rrj2|30ujjmW?_jg!EvcIB0X8&{y~8LHN2jH)rD3K&2CKM
zt6?b&ll-<`3~5n%d9ZC0L_9`=(x1smYUyRBZ1WBC2^J-?-Ce&32YBTZ-Sl+`7*_h0
zuOgpq0{7EbkGJ~GHKoR{LF>djP0ntv*N_yoKRgtYh;{QUx28p`UR>L_X}y$0lQ76e
zw9FpZem!ZLxy!N<Qh8|w*ZB6i?QEvld)u?g++8`B53V_q3hyU|BWC53sB=z*)S(k+
zy6;gyplV@T!tE+%rG_j0qP4*2uxiE=k}PkvE0HASW+$YRTKwd3%Xt&abh$=d0xeRu
z$|%)#|6|8eJf|8XH*Qt^VX5H7XiIcv4er1YG{|XlEyeKZ$sNLXEtjIF4Hxb1i0UCW
zmU{^$clPD+ma;!7$ezuyIs!{;-Ji_1OE+^7l9F)AZ@+5XpVViss&0@LcKMHY_rO4q
z=j^weEKPgKzQ6$38Jr+WWinlGcr(G(l0z)lQ6WoZ$Y6ERRjSp~a%p1Z6%h_{lFli|
zjP9faqeD2)Q4N)GAWP*;e@KGU(Uwh;dPICExx@L6t_;o5>kL*}Xh)z&Sy7iA5MPxO
z+(P?xEhM(`In)WVul0EPPurym_2|evD~TwPEgEEHVcmu=stFvd<><0l`AHW84avf?
zu&$asrRZffr4heex2K(JFC#~WiKBi1Z643CMwo$GVNFLKXkvoO{<QWWRJTO=4?X$#
zG`zGZ+ApQT@u@rYDyTar!y2@q``b(<f-;9Zwoun%rH|rijZ`%Z_9PrQJxUe~LD4i2
z9Pw?Q#%T%Ce+u9w52y{~$y=lEiFHje3aUO18SNUjLw)XCCsNY*qwqsgvV@so0198C
z90XB5Ue5k&6>^ejkX@|dY<FX{{@3zFm?q+CiQIB}{xL%`b}k_v{OeFAc0X2QD^k_=
zKY!$Wd<CIF5QL4?5{OFsL@KW&N!{bMrg=k4N`rlAGW~-+Maerm|A{&uhQbAkLI8^D
zW&w)&O7|h~?%~5Of{BF6B$*BTgX;IdEu{)WGRP1yX+hCJ_Zip##|3xkn+OvxxH>F^
zSn}pMn~fl|hh+GPo@5SzB__6*k`<dBN@$yA`4O3<(JDr3tlJWih&5y6&Fc{pqH*6}
zDDpTnPJakHlkwhXT)7mqAYR^iBo`m$WZ&adXxEO1!tlI3N^wfjhWho6gr>mZQG4Nd
z?wZ0TOv5bd65l3aqHo#Kb*iS$1NxL4k>?ueH-1gK9l6s)-$?kD8DZMIxQ#vqQBZm@
z^(Fv?D)dR{3+sJ~5iz1VZh*qsrAI=q)5rB51ZrBFqK>>g<rJ)MLPw-?gieJLVjnpK
zxRf{m6HEOp?TOtSZ9ZB|#w<#-OhfY8^<|Eyy#!5lymV4sd$Jy_n~(Ud*A$(mxW(GL
zoFpbVke1`Xv!&Bzng&*2i{jHa=r`aBdM6ESz^7I*T+(AAp8~a(Y0H;Pl#VR3`EwF9
z5k^ZxBQH2ngjvQ89w)GP>q*~-Bt$UYeXU&A^|;0z+ivpZ<;A+<^<s|gSDaP3hY~!u
zk=@A;fz{6KYbU04EQA?W2W>jrKAVZzztbke?G}HL?X>Chg}pCqEmiv(sEN2+krA{d
zXHDaWO*rnE5K?Ry9mJ@T@L^ZUQG@NrfP|qkLuWMZ`$j;6k&sd}Lc|Cv+wmf?U$84R
zb|+BWvbrU2Ni*E`bkwinR-Jh@m*m$i{W&?;LqvuJV|N#<J=Ur?kXrkBocw8!1?|t3
zv;ZNiDgt<2PHHN~yiw)Mf}ZrZ2}pWKxQG7rs>6NgvEfjB1e>mt%4b$+cO!C^ro!D`
z$a(UEue=Q8(Str4Baxe0BE;B9*`#P;!<{^v*<;0&#X@R}x5%it`T}|2bm$E=H4?E&
z%sxpm=3k_MM%N&Qq*Ex~SN`RTE^ZY7SA;|s$M4S;$_#`D(uNdWR@vWyUHsWn5cnfL
z9>m?Wr>JEW$+~5;BMvf<Ffd7?4;fEbR9ws{Ymbp24xNKFcEOmz(4eujjARjs$KK^H
z0jouAV`>^tUTNTGLpJxNp-^J1A3@YFl+r|&nUz-&f8<H)TDFr0D!^j=3(xbw_MZY^
zDmWGAy=+4%f(U!wht-n0U3@Of-=<MSt6PmA5lrj8btYD%a{ymdUXh1PfIayLQl>oF
zB>8u43x2v+3W*ZGa}Arm*!;n+Qo8N5UVLMlY3O%v(=`I+2((3<KwE^!6p@Cie3Jg4
zJRm-Gjvq5MalYqx;AMO2k3dr~<6g@oRe;D9PFN17xG@6wZymh;z{N(td^&9u9HT2b
zy$H5P-WcssPghaL|J6k2nZCp;8>=-YZ1_7wG&v~h8ab`$eZ>nzWJRZy-QW*GinmIC
z4`L9C6byB08E&0-+X^#r&pTc~eg*M^YkyivsQ%a##CE%~RY{Rhpy8*%>zH5lc0#|o
zDpvMhh*TXhr%5EF2dIJZ6BeAs4@k_LLaFikg5}$8QiKzj5ZCC5wx@(xLcB{x1$JUD
zy~0t#P#$#s$U&^G#NnUh;_ZH^b8PO7yiHj$6}q-#Qx1}V>+U|6v;n}l)?KC;W5!ra
zX^htL^qEqlk}=2w3-A5$vB)PSSPAS`FCNo<L0Dc(u*=Xh`S7txq(WNXKVg|+-+;oH
z{|d`w&sJ07sI7gjd))J67EcrDS0Q($JW}aYr#@IP*~uzmlJx((ld9E!Xp|*BC=vwZ
z@ILG57xl%xo}%{0+0EY}5(WC~Y)!~6S+zI*c!afPjndkEJg>P>DRqvr>nG)p+dd^o
zx@-C^TDmnX%5rcie);gI4f#lSxP*CtUV*>$)e%4Qekrk_THm&Pfu{`s&i^C|Ij2Z;
z>d5VdFTzwoa5Zjzw>zjAm!m!0JRQ4H?+7`ymF|(AwjY+_;c;7s+1Bzqoaa6%fG^#H
zy}zBOm4$81D@M?<V)0>HQg&=)<TJVNBP_vp8cMaV56`!&&cF1}(#v8W{hwxbj7D>q
zrPXG^kheI_xBZC1)zP8w`;FqxmStx0*>?ip)xy@p?>=v?<LR$j*oyW=QnT^ogR~>G
zc};WJZ(DDCW+dvM;ynn)>P_TS^!R45BVq@?!rq&RQn>o+ck&9o@(LMXwV|4-B(Jc;
zyOo=gM-#%x0ag*~=kJ9P^4&x^YChH^mt8mHU0#+uSW^Dn2dN^7u|O-)ra0=`%`0kn
z`=D!`D`&HZp+iXaMLGAyAYVA_q8szrk*61%^Kzbv%{Z!=HhW<Ez9F<XJ6(xiAf=eb
zC=ETNw55(aR~^KE!8ULa$CMFA220I%wwWe)!q%K+Glcf8cyKJ)Qd8z~`ATG=@P=a$
zYKvA>qGNH?&Mj2o6^70r;`k1IVAu<-5}YmmhXSYI0OQu%Y|O65-&Y%}T8rm5Rwm`X
z1SswM&Oc}{*Qcpw6g(OSk~xJn|N6{Yn*-)>TXW=P;}}+|apBPo#w+z{KkQ9C)GF>v
zU&f%AUuH*v+KOpQLjSXWsOI4fqgOb~<jT-Sw4!#g)VDc9`!(qGkLYXV_@nTr*Mdvk
zWb$ho5G@5r#r9O<inw#RIDTV-Y3kB{!AT<ylnKie7#k7@c7PsEFA<`;GT8*%;On3(
zN;To1_{>m?gslNx#6URt|ADWbFC+tiRtQ5eWdZB~WTxC9c=x*rm$o&>QlERNoC^+D
zJJ62bz5-Mc=nCUPJR4Hz+2KIDJ43>*oRr@n3YA2+#hu<e2zNuOa3<C#fjmnC&A94k
zi>)+!dtXvCe}IgeFZc$wOgEyDr4n^M=I2mnac=}o$#1`m5a>Qy?HTDZT3`4dv(;<r
zAi8q#5jYQQN7e?KMp;+`i6G_y{F{wT_qKTLv4eAwYpIRTiKy1+7Z6UbH-a*{211JV
zBzH1ic22Mx6L|Lt6F)MT>;milq9(+Rf%Iq#d{Qx{brV<gU5=7e_0jC40-6eQjy#mC
zG!dg@g8Z9Qd&M+n!S|&{j1a57!pX%}hTi5EoeiUg<nqnD-HBQLx_JFkBBRfUC7kYF
z_Tfvkj#AO_mA2)t0FVlUW1e=NmPIRyv@batflGtQUj*MaKHUa%RE(7inOk)-S6S&t
ztPstvv^=OfmQPS`R3_bZcj?HHiKIf>?z?#^a2gWfR&|2U2rc&eg}MOIBcsI8B>9Qr
z=hT8v$Cu|^$w%UzT~lvkmN`>jnGxYSbSBlE5w|zn|640xKeRE-kYTRq>X^y1VV!8q
zxI<u=LpjPu<wAX|xG!>w(>jJyx@>32W)}AS*pIO2w^o_|(orIdYs59BFJ9Jzey&?_
z{Ip%HVWG0JdDkY}>w)c?%&hHpuGRM9)xKCeDYZ-gXVeA|W=6saIh@uAcsp@!FuPrh
zX|TgkbQU|~Tg=0<Nl5Eq!fj$|$wnZkwuITFXNR1XYi+6PT3GME%*Cw7-)QbnSD^%@
zEJuu<QsZD9S_`z=oT7=v9O8-z2(0_mWsK9*pCGImsA=Xg53I!`pv{-|z0_0xo*M8S
zs8!;=)M9EWBcStx{=)$-Jx`Pf3JtfPBP{Qey;#sSrF{k2f!y!kOPmywk4=^N7k1z@
zO>r4;i*a%9mrC#4XbYq_`0+3@w4xwY*Ilh|s`_1<x5ZAT;R@^uA$|tf=G*;;IkD1)
z1_hP@U=K(Sjzb*u>No`e+7P=wNsg${Zq8xhggGy>wW3j*E0Fhfg<}#Rs51YF2o$J?
zyAD~rthpbfTrZF9Z`};p;G(PD$>E`MtTgG4m14WFaOGax^+(y6THaT~W`573V$z%p
z*Ta`>!V)p~b_VyLTXq%pCE0y#FmpX&*jpnw#W~g~LnFck_ReB3IpWLPQQNiQB<|i1
z3d<%rP*=RH(fe_lXcNF}q@D}~QQ~GgA19APoQ@_V`VW}yiZ}>4!E^c)`(31w;PJ=%
z#<xmD%r&{Me8S^q<a6oy7&2;wmge{~BlJdktnlO8(tG;kAYgYgJ;9<{4ALKVC$U_;
zsJ3q|X;+{WdfpyJzK)|Rn#o&}!4CueFqm|F>+nDF`F~7ZbyQT{*G9TiknWOhhL(^H
z>FyZml1}OFW&kPamXPl55b5rcZv004z4-k%v({bfp1aT4@jN?DqCFm48$u18mB>4e
z!`9vj<d<;t^b&rgzx=b=hr|!9&SLC^4z^8(2zu@NeQLY(e&T(SYwZLVQ5NTiC$`>?
zFohj;7>}r_4Qnc}GfC{@2HVJH&mrl|F(4&&%|Kk-7cWT9sPeoghb~EUqA|6KciUWJ
zHs%ST3Jull-$#3i8;Coju=p1TR7X>!2q)fCcAX!`RKCv#Ry9HHuoOys5%|I${P`Ji
z$*dBJ2RY*6br`02>A^OsJ2<P2XyApW+$v(4I-z%LCoW+Ef<M3btt4D~+&NAFaxvy0
zW)vZ;>M@XvYdN_CqYopZeywSLR2$smdl&y?FJNNd0@d!EH;)pa{948T0~C+w>u0yg
ziH@p>J77i%nZv@@gse7YnnmuJgoH5&zC^@C6C!*M3~JC}UUUcdBebH)tS>ECcfg?L
zwaWKsmdv&tiy`xwr7QOwnD6py`pkw-qHQhuO-@Y*b(!BobWm6Dt6=U#TJ1hHbR9I!
z5Wj~m+J30rT3$$6DbJT%7`&%-jtQy1zS+A3rZ}y{qrH3FlQjhio=#_t<*>>2aQUpO
z^!~9e8*K8fM5YXBrYPZJ_?7$-q*ZE4XQb&fs>TWhiQo<TZ;iZ{K*1cgGs_QnDpW#)
z`gt>{n^PD-rLA5#Gs9l!4FSNXy-Um1y%Sy&=}%fmQY-HTFwVt~kyXF^aV--BU~|SD
zVRG7AWU|+kGryymz=B}{dLQ$HZO0J)i#uj-BFTAsy*ou;HsZe{)eB$TU-3%yLn6A@
zn>pBFvSbnLNAV~08H+|iPvqSR{KC*Hy-K})^`m(>d)Z23Zd7^s4=BQs8?y4xFP#AZ
zcw#p;#pGkKREIa%LZG(8X^k*~0|S~-HBxp|RSHbwW}F?k`UVhQUdcKd0_v|2mIt5W
zUVBQKLI=2wcjv+JXY)d<gmXJ8SuGB2fvWS`P3m?Ae(qfR*gykF>)}5@vg30o=nHvy
zbFYoUxz_B`e4c@8Pl=j$nWf@@aHCPSQ{C;5z7Qo>;gOWiSjChwi9}+rJqQ{FX;89~
zHVi8%S#hMAW8FL<QOZvi(UA~S_&@&@f5YM@c4qmGT!l)-(=I@)(7~*nTM*j~5K)?>
z$PgT>-@f@lSD;Nf<5%$`18G$_gA2`7f5#>voK&HBPSgB%b}7F<u5(t>FP@S|K5i3Q
zD(>CW2B@HP0Fvi3J$r|%+6ZoPt}1ai|Df^x_d!A$sTT&PTa_Y?vJF;BL{;SbU@T?!
zpx0uDEwo=X@?A;aN>5SS^!`x%@TF8~_fZme#Y!1~A=&e_r}h$=c-JXL@lwMC=oI4{
z=bz{WrBA}a599WC+tBf`N1}A-Zqdk4=8UkiFY=D2?t2i7VoD_~qi7P1+u%dP#T0-x
z5WOFQ7|!HnA(ROb5UCINzR0Qw*wTcr@QOiuUwjz6mD@5r>{qNwS{}=FYugU6pmZG#
zhGTA-Mh9Y|`>sbFfhw@i!6WM{3DYy&6HkPTZbEnimg~ff3V00!x1mQ4$w|sLa&eo^
zeXF|&{~hx*fLTE1=IlEKuqyTea%jM?+RG+5UBR~bzT>?QM2%IW)>0xO#|3f7$cWwG
zhz&6zf3}vxDF5gx!h9y!pN;tY)9|2XZbG}RpVJ~4>s9e1LgEOIIxtn^(La)cOa-GU
zR=nLA`#P}x9l9}i{(*{DnczdWZ4a$b=<u~k(=&jq4|tO0QKb%_OjufX;OK>{c=~YJ
z**^aDxbFIf6)I^!=VmaSd)t)4z46+HEPeghX5q-$;UhGSw@C)~88f4XTU&8U;%Y5#
zPvf#x{$+8-pp8-(-_yAB0s-zRiiG+WE-HDqxAAg<C-y@&&P-SrSH!n9IL&m%`(=+i
zQT`1NU?X+kUfP4^C%LF8P9FK$O=w-LTYH=!znYj?vT#y3kJKQt^Y{itH`Oq_xO}F*
zJ^Yt1It9;n8mJJS{o@Q=@+=D-CLQ|{5V|t@BOA%^p6ndx&#JhO<T9_g+a3&<D3X_N
zZ<4vQOlX>V>KN@egDkdqjCqu~KYD=C2PcmF64;C~_%+6MjcMuy^H^FC58P^}u@S>y
zlz0hA)ifaD+pNrt+3)|Ocq2G-Y`}Jk8|<vB2#W}c7yG>Ch6KxBkF%x<jy7R=QZZ67
z7ED<eQLII32CMF9kC_zmd2JW@hiro!W7yw3<9&6wHJyl9D^&7^6qPG+kvxR(_+}Ff
z1;^eEl}fE?x#Q#-(!!Wq!qJ`=Z-fPxUqkT*>i44+Tx=r91$_y&$-m#B54sp)p#9aW
zTJ&m*6YvmY_*b&~cVL9<HM)ss+y_3WKg3jpY1&r*@E#+~!C`HeL&A4In6U;XH@agR
zcN070DkhovP27m{hR4K6_a}p$(9`v0dvMxTUpOiKhgkjc_Q9CM58n31ru_~ln-x%Z
zDWbshF|Ya!D7vnbz(xX`Dg?yd7=<1_9M$OwT3P~QO7+|?R>Q*8c!37S!$ze3@6m7q
zS%Lh~kg(jfs^sY%X~9e2$NXjfqf^8Y#Kpfu5{Rma;PpgCk`1+Jm-sIh-|t?s$mwgi
z(=3tySbDmW_W+|quO9WzgDbvAcMbLr&}mB&v>c*bh$l8WMR?7BtU)7uz8PxV$a`pE
zBQ+R21~SPv9btz3mN;s{jFT(@*w9VkAN-(`|6}WQUPtMCg7FI|4RDAh5Ee<|Lml%r
zC+Wt=K{arNEdiF@&6+JFins`Q*5bz*cHF+|=A)$%;er8QMNH#Y{|7Rhd;#?fSGxtT
zilr460b?>~woHd}@=i5VDM6vlIQ$ChAq%$ST-e$z{to2-%MdhUMK(La$On|>jnDCs
zt^_af+kAo7Jgz4@J+Uikl<v)S$3N)yQCceE2HDChz9(Ax+({(v-~@;0LYVhktwGdV
zj$~$*;|l?ER`<u46S6E-@=(hTwzXgei?guP>L`skxXBUI9{+ClrHrDV7RCt^e~D{z
zqYYP+4SE)Q6RNz(B~p~?#b`Qzsr&nw-5ri>icg-uTB8bZ4wuErP|i-_Kb8&h;1f`B
zL~L4EC5!_kf4B4=%RxAQ;yR_S9<T6YK+#CtoSZXFVb3&uyJ5ec+`O%*NA9nkK-KY|
zW5EK_PyqEmQ<2e=WgNlA$85>MJ?_{nJfXIIOH}`KS(p{HfG``p;o%I-g+{o&acrrh
z7xt_F!=E_jLJtU6N17w}<*hA_4T)DaM{T9x*a&VIVplDW(H|!ZA1y@hr-qd!2_s<s
zkBv)`l1TavDJ-HUqScE+Mm9tgMR>}Y$Dh>Uv>>9VHuL+kI=)#^d!(uST+P#ieig*?
zklU6#CEE14P=)%#h;zGG>o<ou&0^~VJ|2<;pA|wOcur0to0;7fZ~Y~=${#h~v92A?
znw50IGTY9IG3ir2gwGR{<0PssyKd=aDELf|#b$J>{UQ@jXgBlF<~dn9;I&{?BGY-7
zYg6xuVm^DM&euw_!XP-{^j?NKnjZyzOjrgLdjS$MEJ-%cHVe;j4Nh@D6L$tBe4W9}
zR8`#}PWy);7=<;8C21;t`*&O+MYs^*)!)hVOZWS(_9n$_ZAZGG3B@mEM8Ka~aS?z9
zgBe?X=p4SnSu<^l`vEajT5xMY_GQ`$Dc538)hO9>vUJKO`6Dau7w16PU(fV7>uWY1
zNv?2=7^xJ~np8=^hS7G-$6lx;?tD;SSjreChJ=*CNTdl}ofdMS?Ee^Y4F(d;L&O*a
zO$2jR?!f>C7k(0<RceD|-JKTy<}o4b1+CxeJ}D8Mh`j>tZ3~-j1<Up_O*w-+?r=Ra
z5u5u&ubIKGJVAGrA_f|AT4E**v+?vGZTZ+|CY0JJH8_!G-R38Ha{SSmb*jHQli}V+
zvPSj9`3n;qFY}pDpr3r$B2~C6j`yBBp0)fX2jo)nWli!LEzIS)lBCORr1|}6rQDt*
zL-4*^LZya<<aYEY!XHRN=mq|gn|?_gk__n;!J06jw-OM$B#sUko7K%Q^xZ%TKg{e0
zM`YH*Jt;|_{7Zn)EkSYE-3IFnj#TdYWBIZNBWrNwU~TTaT41R4<qDq`FLPVr1yoqv
zHjBI#F>4DQqOLj&U;ox*35)Kc6-3RwfsRmmPcHk&ViK7}#mh(X#)+xV-Wv~Aj@+!j
zIu!iOf5|0tqb!Vwb$uxDY&x=|4awXOTL$^34d|?(SYfNr8&uQE<1<hzc+A4j7>?Pl
zxtj(z4tR)dRktJ*ptrvgg#}uH;B(2nvTY?f!EJZ5mi%FcYClAGOwv6Y$-7%7|BGT^
zTG(Ue(spb1L5lk#<MvMV_(D;1bz<eZsVpLsS%tmTcxCTvv!73E^QnCLe#T1P7eN64
zUS<;8CrX}0ZOmlBp^Yylb{x&aLx7=DAe9doH;cl_uYUQPu0kN9fb467{Vb{~5`-!N
z9ZYwvM<Z+;?=(!1D2t9G+;W?9Q&?o)qGHh*zV9C`ad@HE%YvMAvVl>#|8!aDfOJrB
zH2UeRrQEH#0WpzCI-T$E3+&~`S_8VJ930h_rpGc|s?NgqU8V?^DDRRK9q$2zH&~Cl
z_0<Iq>7E<~+2e^gXBp;X&rxBJ2ngrQUaP<0W40!hh>%Un37j30UR)(Z3Kc_i+7}BE
z;u-dXIUVJynH>OQfb?@tv3rL?tG^AFQ4GA#i?KL4gP+Gvh`Hk#BfV#>*PJ)xyGmAX
zSJavqO=e+&T`V9ixzVDq6y=12XGa+@o)K@0e~p-TfJgAVPo2$S)p?k9{vusDnwb4_
z=0xm5^g|6rQ~c#eCH#U>yDx4%)I~fb$_GU(xH#Y<iXule$zykZ{+^*5*1f<R&THJR
z*%SA1sZg(2y(rzHbpyhqi}HuZ>GpN>yfL=}^}YS=P~^4o?21dZKX%h#T7dZ^NZFF7
zK<AI!2!s-Ns_`WzfpdSrb$Ro7U{elX!hEZSL)x;TT<l6#syFrFy@a984{tpROCbQY
z{|h!f#y4bp;$*=q#+=lRN<mh&NpRe1NrUzxj0##IO!kXVvFd4g`0T%+*M&H)zg+Tp
zqd~@B*O9O9$!0P^8TfsQqm^CmZ;%6A<A{u&;t&*`f>wOJnIo%-ZsK6`=If-Uy=oPJ
zk%BnUdt2g1xUX!F8u&>Ry60pL7BKQ7{%?E^6jg*h28pyFI_?3piz|r2=GzKy6DCP}
za{W($q&zd#YM+helO?UOVeea(O<hH-@;2v^$CjIH)zA;#i9Js@+{?$C@aJAlM=nD9
z(~{ap!`9d1R}NN19`XY72~M_ThS}w93&r+3KB*GB-xj|zJ_adJ2Y!IB;&#u)xK+%k
zsb?qn`w<=+RuR!Ptb!fACWgd7{t}Itb^(1;To%3Fw<T$Gq3g7#T`3Dkku|LUwD<&r
zU<0cXR%dpVadUHLnX>!-R9+=Zz3dVvn1rc#%;q$lG=t1PZs|}A#n$krrc+5`;WWYA
zaduaN8edCF;L?$E`crg;eg*VOxqjp<_ldrvYtfTF7o~+8<DFiq3#0yJg`vq%RJ6e_
zc-Z76^4Qa*yorJ+%H=U03Eo_e=fKv9QgPmMf4?Tfb3ff$djS60o!-D)lcdYT+HG(w
zcza<OJc5fqdWd0-bEx`bZ;osL1DaBMe+>uI_bkrOoK6Mc(7^^YDEya(H9E#f+=w?A
z!W!`s_HuUA4}g1YFB!X!Tv`x=!Tz>DuL^U<4gWo!j<wXgli^ca(&Np(qA6KCG12HT
z)Z2wmN;TS8eV+=qK{a35i~b7Lay>69*2<e)GJ|#$=$+DCipt)vO2SoLQ!1@C^!+Q(
zN7HL8`TZ9yQ5J%sP@*9%j4Qa?i@PiJ&Ov;-R4)lHG_viHKAd*N!ZheoWxnS;xi7cC
z)?hh2xLgi5gfm%EJM&pU@y(5ymX+R38`-N-SQO(th)9P7>OJRYqioo)wHHk&!_(#S
zZL?Cv<VGJsHPrp|I9v83XNA%liN*2wHPl6iz-TDY><eVZ;*NC9@NG`o4Yg_fBG{D9
z1Q|SfA%77+l8tgwcVIE6P&O?s`_@@MK*PhU$=@^;Q9LX<Sc-I5G?;iqr~A{&6^knW
z_T^^!$Y36zW&t(WvrsLoCWC$FuV5C|KnlK&g0DJmDcuGRShgZ&St;jBm3jm9YdECh
zI3lL#!b<0c!5Ra85bb{&vk(c$@@<~p4XtYeFX)H~GHP_>CIr8^;<`krI6!vg_eo?X
zU&!xApAr|Sx#3SqTD6SXKU~}^7Ty_+w0IgI(a;`$)()I7<~ZN4Gw;SJRQdT%{f)xm
zG$Yf}Rn6#a_l4JC@T|3|dZSua7H=6xswZmHvXv<ScjlEunscS-WI1t5nB~qnv!}=K
zBiTY-V7%VA>$b4qN}tWiOvYiR3tKy3*mC>y56~`zj_!=LynAW4b3rI{trSJp^i?Gr
z1Ki|g<oI_FXBQo+&De_L;PrJ4-0iv#*5K=B!W{y>&>c2;yh0jH^t?y!BVAK?JIy1n
z+Hy^v^(frJdYZUmtG2#H55DU!+&WmHYr*=qQT@PgpYdCaj!v(TB;Rl|{ph4Z*3|EX
zY#6M-nVBCo5}F{qT<@)&oKkkqpy%8xtxUq#wnXV5DCg$wq{Jgc`QxIt>xvnEIn!3t
zUyPNl`&>V2hqKU5CU9mDpy{P@*>IeCjWT;2Sg3N{iG!%HUR}GzB$@k_ZomNi{$+?2
zy#fqiOvtlo#4nNd!4qb}H7aWqGYUKMRyUT-+FAmAVaeR420oAH3hKH8yf<26gpC=+
z82!_>v+3~KOu8GBMHv%Ebb>z5M>NEQBB2T^G79Wi1CbG*Nrz=>X#!iH+q132Lu}`J
zC0c!-&)TcMFMd7VjSaP_`~2S9dCavgI^PlPvJRrsC|+a^TnWG%5~Bz<blC1<ORT0U
zmF5wX-x!t%G6cx{TXPUmmCCCQ2!XlEH{gL{42tO5GG8(af;27QUr|J?9oF+E6f+^P
zlv}CVTnM?>YI(3+WAPU!r_FLOwkIyV!M#C_r@)1|Gy__tP_Z`o*rSHKqwPE#L>Ofs
z{mK8diS6xNjc6GF(YT*HT|Kyxv8L5K*WQ&%;*RB{y(cf%#G~dsKj80Y%eps>EVW;q
ze)GbbG<b@6!Km2e7BoKi-5oN~Afh5CE$#0NkxwzOXC~{GHKLd>W@wQ-E}#U#QmpI-
z-VIW^7hi6!#|b}uSUGT*Nqjs|T?pB)(h5DT(1=FXaFWaqiCD8QjJW$X+JgWrM1Gd4
zy&vu4A|ShB*4W{=Z~ijFGn_Br;O6!hv2}-^?@x;c^7MNinROl5aF%F1+x>)m;iP0u
z`0LGivO0+1pD*DerA7p4oiAx=CLse;;TSPPh~LkcRZmtA&`qKbPNtU4DmWiEM6A06
z;BZwfD8D(VfI?+w@c8){o@+UM&$FWs{Dktnnx~$LS_p|*NJ!lhpq+Q7I<mVV&VYBy
zRyB!P?O{;hVPG~^-93WD?8}S06(~M2k~+Q>m{0(3-!+yZ`Z<=ORg*s2Ks0H69j`*0
z)<F3uT^D_K^Ry?wC&z|bJ@NB>d9{@`;;^<>4~BZ{5tD)u=_(w#CgW-XY|Hkor*GIJ
z*A8D>u=O`3e+l!ex!jL^*lUy8kXAm#)n`9d-MVZtMZ1<2c9v!CN5M{)&TpIhCHqyR
z)A<|D&(1T_PplSmlf$Q535E~UhF`zDp)vjTp<biZg<kuvz-5z$*8n<Nuc92nCirqi
zAI5~{Mp1ALryTC_y%%a4k<zW{noC|%z`ewR){Mv5_Z`R>cAYn?cDlb98kpMG8X<xY
zAR)`c9hufC>G9Cm=dvZ-dL1yJhtUqI<%b-$;UWbf*6fI0&JXk#44pSRc;!ubf*ug$
zh(@n=!5b1RxQJIcJ2ySrVb(SU5p}&i*7gW-HIt60-2jEYs<l=YkxxjTWHs}2U}<Tm
zIGN?#eAu?K96A#uwERSNgYi`3d3d)bv{H1szl*l*S>ZH(XLD8rLgiSDZE44w6J7X|
z%^hQ3+yMYx=)CTSzYQC+%0QnRulhlDXlCxb@<)Ql#2Ajlm123b3i`Ly8_(`J81?N#
zrlPT9#~jk_b0kcIf%5uoMCA{H6^0*{f89IJ;E$GT4lwyhvTze7dsZEb&+U=pkc5$1
z9swLAYEMD6pjf_d0$?^oE1cG=<9OQ;&*maa)?3cwlEh)$3G`)QXBjZ>LZ`_<sNUM2
zo06yqs-Z<vR^xgLBrl8OWys~ITZ#J!#(cOE_aC0CqIhfV03!FD^toQi)4*C5RrD$r
z)kAKl{1#k|YqZ{ONB_a6iF@d!tC$wmC2qRl*>Qz~bnLY)i*IGV&_9=LoA8hCuM9B+
zFNn9$YTG6XG+(Pv)Yn@&J+8a&bTp2?s`g!0U4mqwXIg%Eq(R%YnP{tq4VbET!bC50
z@uVgV7@a2lLw*uM`4#<~oW&n7npPfQ%aU4STcrh>zQyGET5j2UPHjLgGsO`eR~mIB
zj$&_t{*qja;LU;UqF43@FP)oC5uKgRsbb0f@*`&Gu3U{Ft=FzA`1XK>B_GKZFAJY{
zb<HA#ce%tqqnxATB+rbiuD_@c8R}yo^hIBMb+PM*YRMo`oLi>>=>`yM^Z{+jB;AnL
z{iH*PsLx9PxSob_@kS5t4t(00EJOTKENRs$KV#!-L?|NlSZUB6i=Xr#zb0JFA$A*m
zJGzSV{F)5Ef_p^!7&^*##l;ut-=dUZ!?_v4;v?*d%}S%r7;uCkEV-QvR!Om6&NRRj
zS}9N+w&>46NeF*e96h9e7?e$1qQ<+>i@ph=3du(W+aS$c+giTajDkLjWH|JcMSmbN
zoVEI}aV;IoeCy)fc8gX^o2!pB&Zz(0mXA&{rmWjvqvZ!u$9Rn4cP*CXE)A8X&}$m6
zUk4rrM<-kQ`|O*ZA&&af!5&N;07w1jND~Fc^{xb6qD};Ij!mWx`G*I1gc$<;+MpB$
zJn^<0#E`(%xG#nFi)=9Q#rxG<O-&Bs?hdm%Q08*Nyc+%AW?uWG&S)r%PC2u{mo>J4
zdRkUp?v;wyR)mK2JDC_)I_IRAGalD|kvGNLL55pQ^3d>LY5WazF*A|ryQ>OgI&*^F
zEA~!_p-QB~<H&k-R5J{(DbWMMj9f6I-e<qinepNpDz2ss`{38hgAIW^d6tWNZP2%w
zzUazTd$iJ0^>B|}%X&|j0`W2jzuD4;4uV7C&OORv)*b#$S(?9&Ow@I-1ic_o#1E&q
zxO#Mo-+-mwI2N?T$^>+Y7#h%}*l}j5t?_^_2>fT7MJcpso7osYNqIS=@qBH`85ABh
zb4>5GBU<bb-cPfO*U)H0j_G`J4VM5<?MKJCA0w}d@)VS_-AG$idm<bFkPxfA0ZoB;
z$e;C^7iA|z1Vn*|5LI|4(^kCUdrKar(d`d9ZN`zkQk{{_Q;nIq;=>gMQM?ojU=>6H
za()dGPEcLWWjHG`m9xVo79n~c5sSmca_b`1#eVhhz33RGgc-kWlfdeG<Fn=Nf^Pph
z(<#hq98ZGBpY^Y_Un}16^4N%gst^!*sl%i(k_3Um^Ck>*j=Qg9I##XZmWD+#VVwJ!
zyYUEK=z7+jkSc_V;h#E6SxX=>VM!s?LFPI4qxJ=)Ob@oahlbcTho8|?+9#g1exfY?
zoFlAr>dUO>zK3EG*L&@w8GC}U8QdU;>@@e$Z=(rF&)OmvuFND}%@g@Wr<hkMcuGUl
z)L~Lhn45NUoc-GE^$&-i12F3xAcucJdqE^^@~^>!p}$|xRdjvt6j*lLLUjO0xJtPe
zZYQfL)~<lj+GvuBEC{j(s*3=fVV=EkkQ-N%ALC}`g;%Z*ORM?4&{5<5y%6+?D)!m$
zSm``+{hNIf0SCbmPX;apte-Nf;3AQH_M~AYp3sYuu+vn@6cQ?XwOK_F!u{K6^gg|p
z6H!!<i*bdii|6q@Pq3t*$S>J7t=RZ*kAw_6aCES0pAHaf!Fg$(Nb~h;rgQIfEW3~2
zpIB8wSvh|!RqOHSGU(*^&hR>T*5M184~2H?L7l%8p0Ch-hQT%$k%_D2a!${eg30<w
zWF?{DA=y!ZN6q$}#!^itz+yXD9Cf$|1_iuZzy{NcS{jXG9D`Tm0$xp%Ftc>rd)$P=
zjqWeJtWYb*?pF(TL)R`OSC$oX&ezN0sLorq`+OC6VRr5E`sN`=NIuOI=GLngM7P0>
z_tkn%%{ZJolA~*N8QT5vi#GfXsur|rr<WrD#>mENgz^#dSsD&)5441Z%CC7rE58Rw
zZtURuz7@2^8lToRPPy_yrxHbcpD`7>)<r1->US(?on9Uht5ty08mkC)+V{n?)4DAc
zLA4Bz&cR5_3iAyMh_}~#sBa3R3D`!F%}CZH090aLiaSQ>>{J2I@%>Nngs;X6zam=%
zK{6&?WtXy4ZRpyR32VqoVl0x1_|SHT86ECvAfaj2Ay14Fm|C_97>0s5QM^&o7qcNn
zOTa2Qk%*TkvtJWj9gZ1|ksVQJOgQL`W0b32iZ&tKTUa(CbV7}t)i{|U83qcaeAd&(
zGrXd_UW%wLypFDRzonJs6Ak9#M>S`}5KjBux8z@FYQjd&Sfn&w7rYwst2UH-O{2(D
za?Vl>j1IHg{a5B$%Hx-rLoccT_F(nf@5iwW<#M9hgyR|wjel4%qFiqh#a%}>o@Qt%
zHL356$*gq*B45_2@-VJ8Fn${Avv^G;^l-^CN(8JYs5bn@x4X6_DQ4BsSXH6qBC@N@
zPQXL^OYhg^?pOT=6m%PED45Js<I{AnG6C>~;ros}Zv;U_RL>t1ga*<Iv$J?hUYO4^
zTEc<=BXhv}S>_%x>HNdfn=xP!?RR)~zS`Go)0i(V%GE=R@xA)jq(3g|DBK2(vRO`d
zojW0Dt%5geq-Ehs7&&wO&Ln*KDG-Xb9&*uZ<8m_mK!Qhg_j;Rypcxi~cp;E%m_1*V
z^Hq<NF4>7()Dq;Hv)sY+h8IiWuRS7@=YJ14eT~tLMY&K`{0&xvC4PAWbjl*1N+Q9-
z>?nkKFnlZma{Xrp-$aEJ><)HMfenGK>x4i+08$a}am#nOgDTOdq?4OBr~-N(%&qtF
znO47*@#TO{M{Cr3YK$ENbGJav?nT0%WiIO_X<UvceLj2_1H45#OTuA#dm~Twx^8yH
z972=}fdxdiD>F4W1PaZKUR!%fo^fdImujUq8%RD}=`9zZl5~qyO4P1?S9oJKaep`s
zKQX|ilgO^ub!k$%MQ!syIDmO4a~;zrUH4nj>GW4&mUoOmqgDOk_uJz6iUzlEs^Cra
zrI-pRHBQ)hFdj#2miT~bt4MX1=+p4#I>ufEim8&mVx?Ko`+D%6;K5(rj@TQ9W{;bI
zYzL=rwy1G!<MqNlF)?``$}e{w&pF|SDQ<&)p-<YE--lR3<>5R(K9mF!o`h5+{!HQM
z+;?po9HaWZ0@_Lz!V}0TzSa(eCWQS^(cFf{><f(aeqC%G6QtSdpYe2|YI0QPAR@p(
z6jl8BGD1Rh^zy8%c#{y)0ph{2!d9L5$kUzK;*?ZqIoNptW%qgrs>hpt<Gxh|3*pid
zNHU`({rm10huQ#*6}MHc?UZrao9bY9!r@#i2c~I0f49GJ#w8%-&6<Ipn6H~#{FYN<
z67o1SPGJ6+YYZ0yy`y2Z_q?b8>h?d4EhPEuHj&uT{6}Nmb5=d}A~UY*M9+TdsWcz2
z4l<lfc_YbwjxySAJZ(DGlee|$(Ftyu2&3GjTiHuEh}6S#tC?FYMBW~Z^}*WmaW?&3
zcSM%*;8rN{KI>??bhem&tlkJNdRvbry!nmKp0BHK^8s@USrWGHtF9*0DAi>I)cCix
z2f33OqMC{n#sCmho?xnDuk$v<#MPeyeJc=DgdHjiIp7@>56e%^MD`+DQ%yD*%`J88
z!?ez?MN2;ca3L?0Y%j6B??fU`JNR1&(rG2}?&H?|tAsw?XRr~QT&|$tRo&S9io$=_
zPNMI2q6JgqA9zi$C&BL5%=3_}Zq-x~&23StI(tT?ty+J0rV1UCnJm2e?aF}bT#v!q
zyU5l&CYQ>UR0U!o{Ms|WFT|nwtAxoV)T}yc;o56tg-?i3*l$S*6u;xMMK5<gPTe&^
z^6V<73$d^WlfN2eRwCK@F1b3)obw0bb7HQBwvZF@M!@fmf5AYm18OED;|+QG^!hcH
zVs#Mw%&3)sB;<W5T#c7x@k7m}7Yzm*wrFUv4o7pZy<mLj5B6<?cXS6_5zFd!M4^Mb
zNG(N6TmWH7fjf{j2tnl87|p}dz(<<Ypa`RXCBG=4EYplrMG42utc<u99LnXF-=|bK
z7|f)h??e!J2}7zzLP#UZWzqG(VF;IvTXp|Vk?72Rl-bWB?sz56o#0JAixJ4L9ewe%
z`&?OXj_7#`y*7HhcOR#p44C4QGJXUJ4MtVNn{w~^Son++tr@Bt(2s&}`K%9%9v9uZ
z`%@*vo)I7TqIP=l%1B<_pT3(G)`Bg)stI@>Ii`uz{fhpe5l5;wm*G9vs{K#2{{TwH
zJTq~J_i3VG8+d!?qv>4BXLCs0I|oXd0&eQA1id{y99FBxW%yW99;|B@&ITakW|RuX
z1gl=pl(Hv<WthMFBM=^~K^3d2gjj|o-aj2ijK#Dv4{@qwgq;^aP@*}VModUyl$%D_
z;AnRrAoE|nb`t)Y+iBwIA0^QaqjmkE^g3yl=tOrdk#}ch#dTvUsf&tvMt8O=(xFW6
zO>ibE(-;2*60SQg?sA~t3=w6+zG+`Q-*KtBi=S<fXr>*iwMM&U7cqp2`O2>-`>;rN
z{T=>2*{Z)$bG&PL3GU9Ykso^rIfj^_5}Qzf^>Jf_=JL(kq4-pEBefrLRwvs=AohRN
zwF*&ynwvq;9N1V3NWFf5pKbNVmDirnkWw_8OtlsCZs0*h2%a+B&{F`$T3*f{1{<B;
zbrl5SOW5?-3p=~iA6?bE#1w08d0%LGFh%3`O%?WL)}*s%KJ$L+O=}1>Mj)ba1m{vj
zG36eoLCm%&(psJNv$;|e(}Xh?v|EO>IfP4GVBbsB)@?)K%+Sil=M0YHn=oL;oIfWg
z3VibMxwue$<&trn-mXxQkLPpuOA*{-x9ee3d(kuyFORZ``mtx!_b<*v34qdK1^<Ws
zq8cnrobT2vy)veeFo1v`?baP9onZg^eHF83(`UPP|Eg}0IUv8S(?e<f0kARJT5oew
z9+Q0Qi<OO*yJC3WEp5zl2AhM27hsO_6%WjjC@2V)HgPIn)5yqlYQ{2qLK*kQw<@#}
zA0N$3w>Q|_6N#{nS}T%_@;LH3YCl_6PMT5c9zZ=d)}k8mwBc(Q9;6Z#RBC?)L$^U=
zoO@NBQF08<Rxfs;-tUYr$^?$-7s4urt#$vz^wTij(cs#=*yTv~!q)kw#o2lhnul?T
zE0uK{uY-o~j|AmU$CnXfc^R|2NsUks7(cWH!<%eWOAdI_PX!LndiJX!3Q>ca;mnZ)
z>up<l0J@?rMUFwAzFLky+e%5$pB_tU>fJN|VvP!Trfw}sC2f&KQs66~oDQs9;-*^=
z<$m=4@4`gp0e4~2PjUW{7^UK`QnJwMlU5OVl?-nE3A($=_B~P+60X7nwJe`$=IPlF
zwJ8~PUjxCYl8=X-@mVCbSfk&%0aKXDvN8;vEF%uE9*zvfap3wnwJPd0sdg`ty6r>f
z&QzQic~nh>n1@yjfBS=R<i$E_oXJTVm#v#-#xwQ^7%Xl*%BM5zNs`-K)8z-Za_iUJ
zUzvJ(10zD)<IIo>f}xFA2(h#A-9`;Y3*n#f4N6chIcro{H#D8mRW06O>%c1$t?JUG
z^X9zM?<C!?tXk*(Jn=7juf(9k)W^gA6TNrPs%(NfLaOf&Ia?;mj_p)j`_m((t55B_
z>a(JA-*2(nH=B#c>hg{FzQRH^NCIIWI|<bXVyy3D*b~U7d|(vZ;R1F-KVu)8E(9!a
zZ=^UnwHZNrM=zm&8BcFXrAeaD2Du!};n3Vt5Ek{z8rJJD3^DanS^lhHA;b^3Brc#b
z)^mJaqT3W($9I~#KVUKO4J>kw<oHUsR_i9OitN|j(f~#g&K*!9$Q<L@tZN|@ypJ%c
z!4wWpIkJSkH)jaz46qkM)>KNiU%Yv1RWMf;F!l1;d(+YbAvjXyvf*H<&q%9uII86g
z;yC!afTzSV&ws#PRCHeH%+I%@-s|Zj@$o1UkF>iYVB(#k5&K^Md5B&XWk2Ap?_|uc
ze1b3AQx+@jo3hTITZlvFGhF94v1pV|wj;2xfc?*+h?38f)=z^Fp>jvJ`qV7u{ILWl
zDe~w$$uM8_&4Wtyr_`<_fPW-E4^)I@5{-A6^V#}bX@D1h$ru));Xe?X6^)*>ISBs;
zgnAu2XXC3PS2GY*=lg{(T*_P3d)!7D4BthUt0a>k-m(Gm;VYDe(z|LcO-n|tJ6UEl
zTGZfh&|LKTeM;z&`|3#?w(O{<JM8;Yt(dk|7=1IsEf$LNmC+{Qg&pV^2v<FkE=R`#
zp@6M_VeH!KoMxI%*DLukN@xM&x<foGnL!(&5j<wEEK^N971n42^+|9mp8LNtx6Y1`
zOt5Unz_Jw}Y*>0Nfql=?N`lJ9E7`RW863|v%|41ZmikHf+3B6yO;UA8B?pk|4x91&
z%L$uD(i-rWDkVW{Vt(Zh5)f|Uw3~$a&*90HvXbk@(Z@6W!85Rm=ryn~-`i2|^nFyP
zy0xP1XP0oCk5*U4p_aS&7Q+xxk4gsemUsZ`BAja=M-axF=Yzr<O#4`IP;KW+O$LEq
zgEnSh8}q&>1n*7lm|tEo(6HUma{O3^@XJ5h>qkMPZ4N?={E_`0?D&Ts`EriH)3*dl
zA++JkE)Gfa*4U<HlK}~kHzPM_)S>-aD6H6iOKuZ~XwGBnn@BUwj+su>`p*VwUo+>T
zZL|iU9*?dQIads<d^M26GJ>nH<x_P2*^ZxO?F#D~!syIP_A(SGp(E#DTD}eDoHCu7
zUPXB?yZ3Fa)OEdc^oo0e+)fh3H{7+etU4wmi=IdNyhX8RehNP&A0LREU4=y$osI80
zT082B{FjZCN$}3G3_ff*i#I)s)m}cSyGN|cML$@FmKQ+>z#<t`*1m1hmLwR2>X@Dr
z0cica>G#6`7ihfjUrrL>Co$RUE3Zj?dP!giiLM3V8=jKcSQHQ7@O0efMAB@VqO*R|
zHI=+&k~ndM-QEo_+ENKR;rB@#BEJ4yUy_|@kq@MI^^%njLQb})4YnA|+Ujq&F$7Y=
zJvUV2^u~gqB^)pz2SOi$z+7ReY&u?P`!qv|^e8#;R*gotY3iK901Y7SU&X-_J{b>!
zR1M%ZyfE=%7E9ao`i<hiYQ-<9C-+BFB)B5l<TVr2nPNxXeD>78Y0|7U6M4UQ9t7d-
zJSSorxr`bP|NGKvS~Is)?$Wft2?hm!-gBTc_^E%5y*E~3+mw`28=LGoYLh?(tHdRs
z7*$()Hew2WD;~jq+h$=69HP803U(^W(yZM#sitAvsbf}9U$$1jwaF+4>T?SrQP30s
z%sWMVvCk<iU#F(U%L=q}8(}a3g-2|G+ZOyRdMPMZWc;Q8|IA_~Mr3@<MMQj8h?Z2a
zK$WU<u;O)J(deF9{G469%*gD_M&vcU{((tZ*Js4`Ev<fxmGZ4hOt$n61u))UNbHiJ
zxbIX0w&?oQ6FB1srm0(0%1;whemt;%@J6NaAcG2GS}C_Y#g^A^pDw(%dGFG+mEKgx
zhE~Ie-{)7Tu&PtB7XkA(0Gk5fm{6t{6cKFfYvPY?wtxD;As9Z$5jdwmuvuCub-;@w
zY$H^bvZ{gpAAsk*{KVVor-Zp-f6AdszqMCTH@I(J9H)>0$CG_hx1?q2sI<fQEd!Nd
zxnoRZM-=+*owltcsBUF?K3Q~ML}Tl=?o)w`x9jz3{PowAgPe3PA8w|iV!t=q7L|>+
z7buwxsqQDhMG$Z9`)9BFsix@Xx*3J$q9>iE^L+__Xf=a@j>`AL?A(woImm0;A#ZJP
zlS=ZH>Ce}}KL28}5sDicDnlX~Zmilk8*ihMLz`A#q)FH10!G`_?OOerY>7nQulujv
zMrT6Qw~8eQ1E+YV&&PNMQ%C<AuiRgU>~BZM@}Py{dqg%T)k;IVq({MbZq~o98WSTY
zAMN^PPR_@bzW#vxpIp)a7Tsfclqc((v|$$6gqPiFb42e|&Y&s;MUPjU7*}2ss;O)!
zA63~dUlH>5sAsm$R~@zJW$e$Yb4f!LFASTS7M~EF9=b<E+i4}bi>_pU3pDO=_<5ft
z0O5Ruc<^MG6YOred%@wf?e@2yTNSh;WuHky<(m2J^%H|6J5E6&;ow;}FcqC_=qx3?
z8bfvXhyd^H==ncISC!ybaGx+Wwlz$-K0Yv`61q4Fw4tJ-Ub?#onnRJ9cGQ4%zjmUj
zV^MyDKB%}05j-@gI}iX7C{pNVk5P6FcwJ%;+S01BG%eYSL3#5L)|ECMsV!A~i&fS}
z9Z=+}!0;t1DySfx19cM7HN0^K?CW&RR~D`9v>@}?RSe_cRN8FCLrkf@_FlS5FHg3$
z?N_ETj{E=|v6=qn-jKK@-zoshouA_WBdPwv`z%Sktu-rQ6Bo%&<gFJ@Hn>c$2NFak
z{Wd71fHV2k=dJIDrMZjIxM(#YJx-Ygs(9PpAAuoCAhH);CticaC}c96iN-M$My$t#
z!PUL%u*$a(j=J6jqTRpVrv2zc@^yG4n?ENJWnlctcP**(j^Ak9YsExwny!fiCk!=Z
zbPuPkgPLLcfafEwC&3={URlBBSjYqcZf+<@a~Wy=3Ir=8bx|peI05Q0l|!59(}~`*
zB>uxKKkaY&=x<feFUtS{$d8i*6)OiYye(f{Hi|q__6bxQmYoT_P8X#b6DCANtTV0V
z5w3Y_yX>_dLzXuI^MtS}UBycyQUe=&2@}YO{bL*Q;yWApT67nC)y#Lv<GUNmdT!@t
z7h_#Jyo+DJ5cd~ryRMo=pb_^c9Bn5Rb#L2)40qdKN!&TTX<sq5D;o7u(7c)X(h|X3
zZ1VejF@7%hkC_6*#$SFaNIOLI0lbm~!v)!~7uH!vgY%(DaA^49*BK1u62KTlOmM?V
zm%W3XCsevbE8(il|MgDSi;__iN8eOl<XG<Otg|Yz;zegIvv}}R@5i2Mh<9b+V=bLI
zm$e@l3T3YyNegcET9H3ksQosmgU*IigNs~Q)rk8Dtuu60h<uq(AR^hJ%`*4>(kHp1
z<52P9J`$fbO8)79JMXJ~mj|SWi-)6mc!W*$UbQNXuua2>RMh%(QQ7CLsrsdkK*ziG
z8T>PZcle;XonO7S&8qjBBk#5X99^!*S_nmo;o-PD+jCI)gR+Q+*Mldi;Rhs_j<0l9
zOq8QHzKt?5aTRZ%TP7lW4>%-4@1YZLO%fu%mBj9L&(`;X8v8B3q?3RBF@QLixQ!{p
z1Bt1Oz#ZL57yE+mj;rHTy@BTzF%~{l*iGo|0ISG)p8g%f<d_Qh(pErFGA1r@9uc#D
zwUKu>%&^|pPtJ07HE_Df3Ht`m0ZuN=*!9I5V3JAT>Pc4`9%G!PQf7*F9b&{;1+$_P
zZtynt>ewNKi_lQ8+a2PYmAfxOrk8z?j6XNHwaIr;hL(K?CpxcS`V~+UEDc`4gbg4u
z8Em{|?CF?$ikcI0&N}lzREERFY+;&|>j|eOIMpm6u2j{<XHX{Z{FL2Z7GPA5k(i7b
zlhU-5iLlMXF>J$~llguBv#c$&*K$AAIDLoQRY{`89E$&jOW{R)93l9J(_YQ5#@BrZ
zN`w_M2+gBobmr(nrZuFoLFPGer?hLxsJPtbSa;?IW1zHk*ME6zT(f}LeCX3Hn-n0X
zGb&0AK~Nza`j@V^zfbp~*G%#Wxyv^zJ#`T>bi^Y4?z_G`MM@L4%Rh~Ibg1j!7>_kx
z4#^}Lgy0k#UP^JYJZ_h?5*&+OwDR$vG^rEc1#RXT&j=J-CKYkR`JWhCLst6|IpS)1
zqXc97zp8fajCmva+gmBlShB;d^Fot9yXYs5l3nI6m1+h=6aET64sd%f3<KRzz}97{
zkrZK{6grh@$YLpIouBN*!UrT^D5PNar+P@bQ7i3^vv^2;_oe&BgC2^nY<rNpvF&Fr
zG=b`|`hniJ*u2Y+dNz{hwr$FY+hMSIDw)0hAlT-T6mE6*5T`CrMUf2nc=k4!r)sbn
zvLyJ7*?m+8<+222yG$=vWp?C8pJm|Y3Timr9i%3E%I(d$EgReAzFJOK&K`QeXde->
z!h@7llsz1fcnZiG{nbc&u_Luld7us#@2s#~iDyWjtc0{XgLJj@>Rj`fhF>aYk=Vs<
z8{@xVJEJ$ls+->onsA5Er7*0hVPl-daxr`VbAuzkP3vN<!-Wt-?#z70{<ro@Vs70W
z!u83lt!Q1{0d+w=7Vqpdm`ozo2f26q3-``F^}T0eR)jqXj<2>FxE)<7`n=-gYwac3
zIV0r@IG1)4IxCfU2`wj+l}m`Mh@!uuvCx-TW^aH;F4Q@ZTA>i|rdxZA)d$B_G~beC
zV>8saKMF*ge9BW6i;S4>^enk1Y#q`=9r<#H(@E-?PgigtZbi_K0O?{gHoE~c)rx7^
z&+e9sqZ|}NzmHRQ8ExotmNZOJG7*&ZKs8`ij58zp!_OH-h(fX&NUX1k#nP7bU?NX$
zw>?~xlQ<f=iThcuCkft)QU+Quks&+-rGfw>kD-hV&lD$#VMDcl{mUjl^AsRsPQn{+
zv?%AlXjuxH*uEI=m2#uRDln%Qe267hk&X>O;sy;BD!LdD@mwLm#Ge-LP!FN8Shu(;
zPL2cTJ76|pkjDEg9i|b-4DUD2P<-|o3xzifoANF3LomCp%JD-k&x~;n_9r~-XP1{d
zRu4t9ZHw=JnS(pjm%qBZUBhtTrA?=+<BtDwzvZ6jho~ZO*8Q5RQcKl>y&_ERa(_>V
z##Tb{%5=3rJosd7-tnZzyDVot$w%?%LlMl0>A1gwN<{+7x%rfG>o@(aFKnn$TJ$6k
z>Y*(+QlHLTbWUb#BN~?Nkmh6>=;xmpJ7}8cDzJIxcDYM@h?2a@$n=H=gLW**_m39z
z@6y2oUH3MbE3if1a9se+PDs3ya=i0>wph?U2xNI8jnwhAtGF9Nw6<-iC6!9RUM%Ha
z<Nahz{Gsu5i}fJARRBF=q7B&kq$T|rrs{7wVK*mJMAY!4D0rq9DmmtxJpndkRls()
zgG0?`r=as6c%#}tXj`H!5U_^dz$p;{C(&)Bx>{CK0~R6LEiP;l)!qzX8~H+t3v`9l
zkHS05wg6qJ9ge^nI`(e*yq<Bz)wZY0DEIrw+GLnT!@1v(dBp?0RqUSEc6pt?ja;2e
zE$^z3p8At0>H*kj0YdSO;icxAZBc?b%nd8VgQCqm8?nbp2qhw@zZDteEO-72gVKOt
z%|1{IIbt2YqoLxNCkEEn0IL>M_Gq@he~u1UEwRyOzu7;Wvt}bi9D}Fj-@awQZZ$B3
zKFvcgg0+l_K~?Q<@1*DX@vRSw5K-d44w-mYHowjqAMDris<OTD^ulW@0=8R#LmY!Q
zr=)62;si~BU3eCbUJaEPvT#TizD*GjxbW<KrXH6vKwn;qYl|dp82`x8aH|#FF&4r*
z0j9@1N(sJ=8>cIVhcr65h1=GWYlo2AwBO~`BYW7$0!7D_vW|H2&Oqq7qdxo5p+%rQ
zEgQ~OO@uv$N$GG79r93K!Z}w{wtY3hf2KnYS%AC=yuvv-RayKyX%lYMF|<z0E4nQR
zP{$n+HKqgc`TG&T=9es=AE->%M~G3{po@Ahs{6D3<3tw#9h=ZVGVFnzj(n;`%XYqk
zHlYjD(Q&V`T+Spo6#2xBdTuu6=T<bC+;oqwH@9T`wt!#OHvf=#F4>t8cq}kAOGoD2
zH?S5#8eGF>E2i^)IP3ks<axvvKa$3WK=9zG8a!uX%b@tK7uU9ajll!L=->Ce`N+(1
z%WiL2{J_TpTPOE@IgV;=bF)}`g-w!|uCE(Smy?0a2dDZT%*nmGQ)9dd-|uzHuTsC<
zY1JK25b1^S+FGjEzTP7e%+{ZG2wyVJG=$josNMp~3j#;q(fx(tQBXyAsCj14F<ME&
zxaxZmJ)H`s66qYJubsMFdvobZR>jK)ZTJZ#-~YGWSR0YP(-EtjSs$B$N`)%7+_uZ^
zLeN6<WfDt)hy@rkuIh}UC^n6{>|UIChkWX6W+kW0AmbkkxT``nz27~y<o3sbqzA^4
zh|!;&%Chw?V>U(yzv<N$!ae!G04pv<FC0v|$g)GUys)-Yb_`#Q*;o_WPzj~7|8Ne{
z|C@5MCiEV$yWyl*opl9cbY4oLd`O#6ISm{WP`)=s)0FfLf<vfjP*=r^K#h(t9?}%8
zcBe|^rqu|!Zx4Tb4ViWP@pV$8Q~IKX=3ZczDgV85Qq3nj@1Fb9BmKkU4k`8hwVlNc
z+0N&5(2M{8A$^U~N<5}A8-4?@iBVF`5fH^{)SQ5WxSw~nL4D=F=&eN2C8hDgquP&!
z1dPBVpNAg1Q9ns13LOyV9A>GWopqUWT(%OA6zR=5wtUnNRp)m2>Arx9Te|-PRXLXc
zTzGBsS<F|j<gjtfEV$IioSUH6q?KmjPUgDjm;?Ck^>Y`seAg>QiaC(@s~p43P_ZbU
z1JVT1as1<b1eq)<)zw+^(Q~#c{oiS8zO*k<0KghL#0<LrMyx;}9x;FLx7^rK3%Bi&
z8HM2oKoI;joRuMlFk^eW_>FneraY9$nJT@;_@$mz-MZctTP4K<UR1Qt9;!Kw_U<gl
zs%vgYAr9BxOl+}zVw-5DMt8JptK|L>=->e~C-s;8#01iSQ%95?^3*l7gASQh)QA>1
z`KbnO;8_BLQ<cb&#P(J~FhH7@K`cd7=NNpcSja0=3{o@VnsIar8gX<_bx`~#cGcHD
zZrc$#Jm2`+xvW=CM)D3TQ-lT)K8tb{FalU{XByaHhcYGr&$%P~VeoXi6!3I9K5*{n
ztE8LSECz55*=ACzBqmWflWm3Bp9O)AEWpc$qHhB5vQ?}<;Uk9-4);T0J*d$n5(|*U
zU#mk6Pn|=L9~F_&@VVrW^}Wlu-ee!U?ZqSfI}gs*&W^UPBO3$}JlPy^UW!v%WYo}0
zU8sSl%8B&gkYrZFVs7M-(@O{!`~p0>xhd>uX<U<O?zU6Ep{o+F(0q|@Ejm~OM1p>{
z93AtZ19)Xv#(!S(euk+ya0XT<9&Bz@LRRk=v%6Sq;=-P1TFvk%gByPTW;(Dlm00`s
zQbAvUacp$yyrp=hxSbY;J#4pavMN&RaCpHmqD@8rp9PiW%mF$;GP&gxWrhxa*cwX-
zlhvUe{yBONZy7L-)beQHf*@b>A)03g6FC2uX=Un&N7)9%#bHT?X|e$gH->l=k=2c$
z$&Eh4W35ya1L%*2Uh_od{R8SU;*!$x`Yi4%m$p6)<5XjtADFBomuSV-uCta2x$=r7
zDl|?dG=9_&z`%(X_JP>L*a6SAK<c@xnyU_=t$u_g3dHw>9M!+!{j{Pc{A8VJ^7X5D
zQ9Usv`1`*<u9`;G5dPEY1dO5Bsd{(89@;Szp8vgQFHts^AoW6uB>oWvQ*Gb>-8+wV
z(lX0po3_Ak>Q8s#?2QCbKS^DJw*l?Kwb&y;8GIWAA1%S{)0g;Bwwr*~Sgady#!iqr
zd&eYQzlMrB&(H>?nK=v6;MdS~O1dMxu2YnkQ*$~GztTT|#F4dG3tT5iuIoMK++Vw&
zh<qDd0?T)l*@YMU=C^m#J=%%~xQMW)uIABZMUL2MpWH=_+{KLQFaJsbO6<2+Bd5^_
z)yxRSK%<ybhCzrI&=?%#O|ANg=9VJnCMXl*1OrNZ_hNlXA~ixm&9vuIg6?L{l``7K
z*BFX7<G>>5yhH!}?B=$P_n-UyUctPJ_;Gp>=>G^fVAp?Jj<`z;AcTg-t{}OY&qJG`
zS!oKcOWs<8o>;0|SXs8dYQo6y>^I;i)R>(8L=uNAOjKV|{tf6uv(k>Iz=uW1BX74k
zMh<WQt@hjdQP99g#mySR4%BW`7OxIkc2x6jM4YolC<}!-L|sGzI{pm@$t1=g<mtfV
zpO_k>1pL{eDY3Qs>Y0VQ#q{QH``xIxkm8xn%2=G<0eM@Ea>3`Ly;iv+z?#ECuAbvI
z6liB5%rU_o3E=3)MRtL=C(e!`UEM9l4nKIj=Eg~%Va689&>8-NMi2w@`*!IpIP>_V
z@9&t%hV4h8UL5}eV4dIL3~`L+_B0jLmtR(OA4}&sD_rd9g)ebgPk$1wQI^t(B~{2I
zOH>xPm3Uu{L!Wox)#*q~%G};6RHQXQ(HGEoLfq|Mzf(fcpZrDtTYRp`+}8^3Wr=<e
z6!HL?-IYe&=|)sVfOJHeJS~_?y!&ws%t^c%p2EZ6@!Bj(&k77l3A488#fVkjTL5lH
z9%|Rn8VfVzr9Xb`9sED0zB#%M=XpD7(5Nw*q_NE#+fHNKX>2#PZ5xek+qN3pX_EK0
zpWnBA&&hwe=iZ&2*=L@?&QijuMh~Qj`TLlatd9c-zyFUC%B-c2M+QUxdbnGYS`cY^
z+F4jylS0R%ZF&ckPaWpZ*Gmk5fpm^H8)kHlfKtQhTP^>TZb<5#2NfioPzkbFR&1o^
zT_w=)wpNZ>s<RrDdWjp+cC|*@KS(QrqnRZ`xRCDEcv?bJu{}6|U}?n)!uLdWWiEVw
z9R2(x!sED+p=xDlwTU-^NsEH{lhVrl!*Dlc>Tt`Q6;n_G6N1i^SCb9DC!}>~GfzAL
z6glP1W8;?r!~?zr30@-D!~CMqx9!z4qP9;GX9P?scT}qlWeMEf_^%p#gPf(sU;Wd$
z9B>FC_Rt9s(Y!wsAkH)**%5laNZ}O_mU?!NFpjICva(a9Q5%WV{!+t?H=9yjM3n-D
zJRy?*yJL?u^F>(fT40V$c<3hs4@Tnv9zjTtpudNG6SL4Jr5WyAbb_>}ryEop&$H(7
zv)=0#V0&9MtW;1D(PRE3-D7Z7N{Sy4`9aAn7k6#k=&{)8K)*$Pf+P7feWp2%MRX`A
z-xn4uM}>+cGAr-fd^{03=<tHGz~-Ty6d6n3H)1D%y-aDb!6_d*8By~9LhkK;P*qUb
zMDj1NmCzK}x+u|V=cvz5l#)bVJZ+pB@r1#p^dmQvRUQXHdgHm-;#g4<SyxTvCgQV?
zT#b>tQvD0$0mw@Kcc(sAkv>#mkEB*MRAG{+l=fQ$w**o^5RrN2ulI(s5^`b1Lgd}<
zxpBj$&)2E&6N|AenPMUkS4v*G=5;JM;p~Miev9kL0&)o-B^cvN;;C9PNK@erN(>TP
zDlqk7iGMOT7TDOo+%dSPHP4%oJ-*&fo2T20Wep-qWAWNk>6V((YAPT(yO42oY}{1Y
z**NmLWqfPpXltotDJRWp+*pVIuu@M+@0l#_+!AQu?*4LSyQgALOWLAu9v753(Dzf<
z-0(=UR`e+6odIm*BI4-eDVjc*(FSFhQB_h1D^R+}xK>rh<b+GtHJXH4dIuox$8iOI
zvJ+pjgbgVViSXa>P;pE+QN3uNmP|~@tidj=HEefGV%XmD4~e0Ht({8AOAa&s<yuS$
zCAQGi^l~Y1gQwlsJEDb*PTY|@5JE{dtWUf2F3(OKoZ%yZ7CeaEyYxFP^R72z(ZHUn
z7k4z2#i&nV4LGajZdcolZw1&#IlX+2O)iWGT+115EFE4?tG=Xr>`LNX;~$#|g&ama
z+q)`TU@Vc3q;N}fBl!^v5F+-lZz~fGB)?4PC2)XEI1JD@l41JkfUb^QfQERJuLEMJ
z@x@UOyat$*=Rsok3UGo*?J$#-jnIW`;~&9(e<Jv=DPPfH_w#<Ae|ap-*2k0Y-JzGP
z3F2x2y*G817pVNwuU;@13mN3BkBt4W5yr;r_3KfgV3j3Drh@1Q1V2dc!Mp<|pb4kn
zGMOj(sbJMh+fma9O|HPOJQfZ9ZioPJ)lsUrFH`W?P$@<AMB_AY{Bm121zYcIvBijz
z=v&oShqJ|z)J>jo;#=Hvtp#`6cAT}6z5#d$elN_*`V+?o`n~S=m+E4p&A=~OgU(A`
z)<J@$Mo=mcFd2+b^qEQ(zT%jt7&vLx<DURer2|XwPc)ff-ztmAH+~Oz$y;Tz3m@i@
zh>Tcl+#GXoG%cG$Ou6&uMd008^qv`3>kJBKe7HU-lh1nfaG7nW7X48wPG43=ZA2Jl
zxKt)IP(v=JiV`Z+=cvA*W{K!dUKaXy*YxP{0=U6a+wf13SmgAgzWH#UYB>yE=y`Wh
z`-qSBXkc%?k_3@-4l#_X7@cnCZ&KZrHU_ESD&HH5xpwY9fDz7oI&FzittH^JX{^96
zc)3sBR2k%kW`9nx5o!<mJa{+IrN;)ENw$D^)}T>lOn?N@uQQCerwL*ELHFu+CkHlv
z@C@nqwGoDi4n<!<&)q5ldYrG+t3)6YQ!@G1U#O(<!nmr`kcC*nT!>W97uiv~MouUv
zj42x40+8#P{%-=a88T?BJOsYaBrIXqP4Tj%x-KH95PR)fe`m@nd=d=Kg5922?#2mK
zhiLw~%y_Ee@^&T!CKx|FyuXj03-K0yLg{{QQNOot)C%{vz`GYGt%`ek^XamK8W{an
zU=yPRnX<qKa+XFEnl(RNWWBc6?Zv2#P~IM$2ICb-2Jjy7f<!L*8MAAKi~%^4B^5Ns
za4hmu3*yCO-<}SrVPjXY`-;~(@l<*fE~&5RM!+L`$VQFch9FGQ6Ri;!kqR7JA*!eI
zzp)jvqKRZKQ?S(UTwM>b=u0%R@h=c%9fM~@wyE8sMq2gAWnP(4L8yUIBYjYaX&SP(
zhamd?+HeY^<Yn`Efw>K{&K@)^o`|1s;H9b~ofGkK0jVYt9@am{4keCu&QiYQTc6%$
zHQnCu16$?!Y|4tq{4a`TbZTRT9o3j<cd#T!DZe!_>z!*{Jkg_RWCRj6{U4sDCq|@;
z$QRblW(KWm&w#bg2HP1EdWwC{qZ8j<eXg$32wle@ScrpVxZ6(w*SubrF@k$7B%h)*
ze{~e-lw=wqV8r*>z-`km@Z*>`j*4JEjjEdOw`>SZC#IQyfcSF$`AG36>}0z<6-qBW
zo+y41aG*eHnFn5}-#3V$+nx4Cb6(hs-D`{hDNvuhbE1263u{&Hr<=6Swkw|FQE!oD
zr@8*DW99Of8m*h{5sC|gRzJU0j__f~l2#aeT1O)l$24Dt8LN%;`qfk`fTkRT{V`qj
z+e$IN-&7fZs9Y?9Jen_HyXRs!3o?+i^n0Y<$AF}WJq}}h37tBHoQJGiBjm9z`BP}o
z9|naEvz+v^R0I~a<N)p%YACGOrKs=K`f4~()E|#yuK=NHnh96ssl&X5VyMF1W}5$-
z+#QnpL>`LlarQy}*0uVUgr-_lo-zf<5D<M0hnyHUbf%%q^iG;uECRwAH;G4PTNjTP
zboy}?7{TDAb_kB8rK{quEsCFfF5$fA^e&w}eK4H*=TICYjyv+fj}5LF7Ad!YljNJ#
zt|Y?GRpfo|DaNN3ZO#|BD&s~4a*WLNA>)zYenxKvklqq?#@OdktEhjr{ymX;JB<7_
zKVV_n6X9CJWOoxQjyqW0o`veFT|3fqWrS)ZN|tyukQ32ZP0KdXSiUzmUqY4VhDced
zIZNe7xLpE^qz};N%*lD-{O5CKvk#&kZL@szkFrJP`99Rcs_Vj=8?v*f#M)Om>##90
z-+tKwvk#WBkUyd!b5zgMU`m*+T}1lk@mj@UMc^$<PwauSv(w1Nk9V%(U3=X6xn8F(
z(UyNdR7H?ctt_&9H*gJS*O1Q1yjhs_uBu<>Er6yjuy_{nidaZKi;kn?Iz!Lw_qYdk
zNb=I#W{?7+@TpBa%~cZZ(HM>szf5k+h42TdsB0w~>`o~!>odR8T2_HG19iU`*TF<x
z2g>Eh(1{syR>_pjJtn|g2GfL*s)Vr@CW#R%>~0r!xChR>$o~R}I9+Cede84Q?f977
zD3cx8AMSO9cowB#c*8_5_>n^C8CAkK%`=rl&SW^iwTYkrGYcA^&O#%$(bTp8JuA`(
zPiFw8{Ad!-Hz)9L0QH;~rglgZp7fzu2NLm3Bjrz1w{*MvEMfMvP?}M}j;Pg0-Kdjn
zI1?|t+L@qubuJ4`*%_Y?YFP0xS$kad+B^o74J!yHQS$$dEMNN8hxY<8<m!8tIs92?
z3as@^Y);j(^N6wYjBs3kLVZGMZ^$m$JGcrbFqh4I9ZZeVmnCXfVPy47p;8HjIPaKv
zHW6TB+`L(-Wxe}u#iUg5^w;~3hjZC)yAmBgJ9CpmQVa&sH9dT)*cn>o&qUc8tt9Q5
z&)RE$Fo4GDqD3j?iXg7ed%qHbekW8D%lTNE>F(Wx^pI(`r~<+-ks<~1#W1&oxB~I8
zkE_?&*kSr=Pu;HGlsUnWE`@sK`?Q<<*-Iw<0sgg+;srlmg3nWaFv>{i(5{kRIeQ)_
zt2%S!^zVdxqKKLPG<f(zqg-fI^&!*rvS@gh<#YpavZKzH_=mPHPjBY6DeV>@hcmE^
zuZhS0HBE9t-a+j;rq{3v6qs(aMG&_dj?+f(n`|Cb_P+#MXSZ2WJ7(PS4#O5w2!)~I
zEQaT)C$q)ANWDwCCTf2nQApQ;(t;ryVkMjiqzhX6Cc&sWw5$b*Yp=73f`lyIkQ^WV
zs=u17jO~4q6*O$LG&D;e{wr5T46eV#R1?%EMlrus5($m3Ld6`C-Xon$xPYCO1~@uA
zo|M*rFZ0<XuBZX8oVFK<yT1OVm~`j$c*6$VXmWJbvDMuA94es{LF>bvfix%&j~O{q
z_-5sv41)e6z`*P?El-sbDfRU9?>+qWlbBl8QkHA9Co765spCVl)c0hV)&t_uHbsb6
zZK)c{Tw+)Y;IrmYZUrgK54L;A2?xKuXn}m{(hErQ?W72;6}RfydQ5X&y`P^|l|93U
zg_j79$E<+^x{lz**U^bfJrvA|O_;^%AT_pM=gOA$Ty12nr_fecI$G5TTFKlX6Jjgh
zKpsFQ{E0bIH6<(YwqpGEh@5EWB|9KZ-(+G9Ij;yeLsVRHN-P>^tosd;=4)Si2V`$R
zfzuo{vPS`-uN(z1FlB^<b(I834L@UomGrRCnZvOdrMq$@6;pTrQ~M4$<Wzw-tAp7|
z_c1t5j-&=B2&PCISleWjCS>_E?-GP!kpbtd7mJzph|#N75}hzd08gaq=GYcjS7OEU
z7b6{*x6vT4<&F!rZ;d_Fg=*f`oxb>Na_<f5cbv(W8Ve@AITZrE80C95pNv<XH!Fj*
zCbj2!9bqxE*T4d>jh_S*zI3+9lZ!8Z6hyrmr)rXc@`V-j4)JFKw3)q-+L#=Kf6L7q
zb|2;odqOY0@kTb--jyo0))Q#QmvBXM%RgYoXU=C4k0T_KS2wAqh_;&?Q+))W0AFzg
zdW)GEa%rv^ADFvIV*#KtxMPV>%q<?&tsjTu3gd3dj_Ean#D9E-3}P~_wrJY<xSvR&
zj2{=vwM!a@cMHLG&wf;p8dJo1kPWV2$;Nrw|LJWHnKFnWSoeU+WDB;Npi8Hcu0%5o
zr^C$|L!ssQgX+ht=CYH;#oBiR(l-@rKc`Qss|Yn4{Bc!n$?axNJ)t8Sa8K8^tn>Hb
zwmQ2~g+RIL_pkwK>hJqwLVUL|4MA3TGF>f1Qd;=;*^^}bx`4D3jioi_+qRldcyuAV
z-{t5E@-O|8U6c|QE_JX35A*<OVgCf(@EHdRYX4i%OrkUki-*cQsd}oTr)ALBsdpQa
zg^i-1WBUO|+enGInT*iZsrQ`b1?T74s`;Xvs<)wxbBTNW-r_K*X+=&*<%CUzTT7nK
zK!|(ye#5a!L}_P*$FQae?WTH7%tyyz<-t?hSG4hScrtY>L{w+%2_dRKCVGCx9<1!=
zZZLDv1*hFn1g){D(mz}11DNATg!_4}fBd2TBCZD2UI9CvK#w0cjxn&7oq{U2Z_N7%
zF!xVoYm*@6cawqYKuOl4h~~^K7O&)JHoIpcStsOi!1X4hRtwv>eU-W)zB!lO3?7Y>
zz^wQQe%0vT?X|_Y-n^9bAEWexoe<grH%ykIXGxEWjC{FEF5zk&Y!RaL`#$42(85jC
zISdYAj$RB{KL<>Qtor&v8gKf8mo*ecypWn`qTxzclBjIn;xrwrG4c2548y)ly4=xq
zb6&l}C1H5KLJ_?$1;3X;5x#vz5dNjp*xl9N<803Nj@;oI58IEl^23nN)M8-wdlGRl
zO4d|($W@}Ph{rJ+1>GzqTyzE#PR?Jv8lYvy#INgKhOVf9N`v+6gAS*iTR5+EvY@OY
zGi+b2xr-cDJ+vDwb80ZRHm+Zx;VoP`omFzw#$ep7Sh?1?X!alVXxgm2kt!K~cq4LK
z)Ou~ka<iYNTTOXo48K>vOT~d#a8q~`xE<?1g&ssS-h;N9gmd)wWkL^&BwdWnBdV+C
zA>x;K7x_HKbhl|4C!RMsjo7_qKM>pfGyaFHD|!qd1VsRrTr-nV0$AVAqc2z0OkNxY
zOOO960x6FP-w32hTn!L%c?M(R>+5HO$fNwD!aG_76SvfFPZ3XFn{FYl7DR;jsv$`Q
zGvVoci!y+!O+J(82&9CM))B@<jxL|_6aPuCR4t=+x3#u&+p;Ss_ri=Dm>5LkZ<8yC
z8_k2W0T5CO(byB0+S}VZLgG`HR5rd&-}tigY{R;AKfhf$iG?5{`rFamWyF9zRb^xy
zYp}9&z^0upiYGscizsBy`P*e7p}Uc6BZUbUqq(W+mg5z0vT|^wOaCS!G!Zj>)9_1s
zTb8WL3x4y{>@~v;PG45mH@58Y_D!{YHr>r??rAOh!td$?JAA<IG!kME6a=|0!D}bP
z+k@7eI;+w0m)FekB&2A|5>^EJ+%zj%KD;AqKUNvvu;lA)u&`Mq`&UY;Q7TBgc9;3l
z#hTrI^eh?I75#eQ?nE}-S$fJcV=5xLKhLa|wG_0Qy3XME_|o)(vG{DT%h~q!ifGu$
z)D>dBx){pIZ<2}q$3n?mL?(9M@9on-Wn7@pd(ueEkd$*|1$eKZ3mo}Efsd@<JW&ss
zt0&g88)*BWY!ovO{-2<92+$W>mOZOLLFqV<H-Lgd)|>Vj%Kg&ZJMgjL=m{tu%SbrD
z+dw>9vm6HaT78E8Har2%`sa)%{z`{tRV9~~Rr-}uzRD7F7V>CFBVdlP+pl)g)uaAG
zo$DpwiCmy3W~wFE<DwdyU5bMJY^xYJbP8`$A#WB5jF{E23qr0CR8O`n7gm5vaKTlx
z&}h|hS>GQ$iqtADneP>kd?c}6{?^GoWEKe)Ed+Z-1!izD);c;xBg-*j0E)50L@3te
z*E|)au^|untYBwbH2H-q^V$~15v-5p7Zb4^A0Y_NRs%Qqnl%7??a<VYrujMICq$FG
zVT3~rVY6R6fd$X=an=EwjWK66{VIv{NbCYZi6<Q)^GAu;nc%o`==OZ*S#pu&GZ2%8
ze{0^vq+jh`9&4z8D%-R%Y_K|OG0@^&a-%C-<tOF31TkPEC|iIx&w}eF<+jG2h~=RC
zn&k9-R|oNHr)Ica=czVA+;VYC=4;@ZUmsho)9gOo`?a3)RoA}MJ2BHr+bNm!U=AS<
zwCIr4B+3K-1T_1f{pKk?S+Xf*>asoS`fgD~I2KjQNUYrx@N_dnCal$aO@|mO0P%}O
zv<DJrQRFWTI^gZ9_p7zF(m+(caqg?PI@_qLt$%!7XW@NWlhh~mUb{+6AQquWE-bt^
zzvuj!wmi3EGDG{~r!gV{#RJmNtJFB|wD6|N%dA&xw8K?*rffUvaFFvKF&g{HSNJ}1
z2x3wM4$G;9z7`hxJ+5n%Qo!sW1Pf7GEH<AxJK<t5ggxt<PwnhKo8yLCI@+>y`mJzo
zK+SA}(|exm?6UCl0krob%H#mM&)ABS>gWoN8<K6Ul{c$%_DCKw<1mjR-HL9NA&yML
zdS8eltS?h$cqG|kY}rwkFBww?*n5r6MeFGo<|E+W!}i!fgh7w*2b4;`t{d)2q6E?Y
z)=dKjJ@Emtgm|T+rw<h~OO|T@((u1NGu+(=2Fk>s2MApQXTdP5D|baX4p^B%{B_#r
zi+AvgL9JlbT7YAal=xEgkE+G%lf8wpLK$yyw2IurM>BK1!XMR|L~R{-)p1dWh@;}V
zxxA?9?i)2G=JDWlMunc@azb1uK1vBV4H~sG9U9M$JX=IBU*CH{9X%Vx>Lu{2WSoAA
z63Ws$Gmjk=l25ybx-dWghG?!&IICD)YThD&pP_@w+7viqQF9(d-{Ux}#4o1BjnYcB
z)c-VHN-@jeYDbZ|7GXo`F6IDd!4zGJvZ^!iWU@;40Wl-}$;5%VIZ^ZVr~UP$xA39=
z*C~Ue?WtNo4i^Q1@`%2`>l~RGx=Y`vxr85eE<xbz7AiC4xGnGz3dua?t4i>X9Dua%
z4R^YCm651*6<QZsz{#3;H)D#Yx4Qec$^1VB_S-%z9@MQcYFoOpi?uMMujLR4X?~2P
zS;a#<S4jV1^yk;LBm%4Aw)oCf8BZhZMn=J|mr0^uDa9;e(Fv7vjTDKw^2JBS%!t8p
zhW@&ffdw1{pS4R%{KW;o@zgI2V0kR7E3ebrD8;^F@dBBvW1DTMuchTJ<|It5ptH(m
z#PCn;?i&q~rbcyjSC1lz#-BON&2pG9{_}4IN0IP}g(Q9j5hT4wIh4g}s7b`3Sk&zK
z@%d)s;>g4VG-lWs!36<;z<>0E+R7&<(8Qn^XcUPD!8t1{W|Aj9xh+~1D_^d4bF|g`
z!MU{Rr=ZFrQx95Pnu?YSDuXf&S;cRtX!@E4ofl$u0}rJ1{%|{U)Avz@<mW_br*Ap*
zVX*-L7q&a|jzZ+SBzgsOg!{4R36sBO5G`smc2P<HZvKxO&;YDVX}uM<>Xl}q05c1d
z-dZ$Q8Y%-2Lxky*G#&hhReJ4=OtSN__X}=5gfH!1iJgerx*rO`BClPVp4b@dlcs;j
z9GClAUx{E?nGfke8FdhghwP^=m%!4eBqHD}CLs<{8VB!2H2iebM`Ln;#Q766-qCp@
zZ9T%heJH{bgdHEE!p2Zbjvhl~&&kY+Ee{8e4OAQYNGIijn)(VW!<0LN1Dx|)$1H*J
z&X|qWTWcl)M4I;<F{YK3lAU%YwT73bWmAyc{At3Q3uOvKIk0Bqq6QWyrlSp-GkjYT
zmvW7J&&QwVZEMMOtehXyGwaqLDMYu&WOH|cl=zrjfNN)Px_|0B?Sd`pjlW1A)yelM
zv1E&5SBfh_hH+zG9b*Fh5<pAv--Ar;=tCQ5k{9+{XUD;`D=X3xj?Q;KjI@#U1XffX
zj=m+JmPmRzlnDAYW>qTnva}_w-cdM+eQ}xkP}o<*du4wAd3AE52l>r-_0+-iYG>Bk
zdXvZmO(0#dZvC3#v!gNEe}VOMC+YI3ecPC=1Vf!%s5ov>JO;^dZYUDAP&%q!G*V_h
zztZJM7?)v<&)3j@&?gK>-hXK+F%5)1VSqyD!U^7j-K)D?u}0E1+ItCN>E@4mmv-ga
zlM}Y}#C&$Oc9*jEAIQ8?L&5h}P8Ay?RmLhWDUTnVKluM#yk0xmI@{nG6Xq?4%(J*f
z!(oi*vcpIH0_8oIg-(^tadr1X)t9j~m2-BrMTIyqMexUmOzg2=FQi6wIA6`razP_-
z1fow(OV*54#fA3CCnBpG;SHM}hS>;8eblEb6)@&mL*2<H`fHF^_~26vT%R54fM|dp
znVnaG8!eSVbJ8z}C0>`R8k_K)^YiAWbrS@^i(8+~8xp{$QWbS?z9~pXd)%MIk;8Q7
zf&FEp5<$*PGj=S1+7JfULailX8dcXB)P&L}RbkZ$IaLlN{OYH}vA82PtbS6JoQa;3
zQliI)vb3{?8~1E8+4@-ogiK$lg0i@EgcJLb{sqXIk`i^!>nQ!hncm}{Q>S|ad6*HH
zy9|PjT#%gR*?jQLN|7#{ID2)T2~CamknDdP*PWAzPdaJpiE`V{&;zGZ%B78{Q){Tl
zL)PA<jRR9%cAB`Va(EJnc&R^fsxpNh-kn&g0`CD~;)sI%hssZ)Z2x#b@8|5a?d8Kl
zAP?xZ7h<zId#-Ejg_-Lep7OIozVsAaEJ6yDH_Cd0dNOxfM^I*cPMFSo<0vEsdw?l_
z!e@y&5GVUEp`=*PBE24XE(b_{K~NI)fSU+k$;3N1NDq<!gPopZI&o9?SM_|5A%S>>
zRrLoLA8pr|>$VDGvRs)XP<oJ~P}G^CQ0pqihj#H{6|hyr#JfHXO8;A>Aof<__Ht7R
zaFv2~ebPV<a2q7i0@l9XGCAki7X73Hg*8kIXAgL7v`EN>Cbgq0-~~badimqsH^o4Q
z_OT^kNR)Q$JeBi`V1L@l!+Qy?=GmD{R}DUnJ)>!N2a^G`5;P@pFGK1av?pJAqkL?r
za1=4w6II4&1&{nZFTF(SKQR<T>27xT_Eg<mq_YzEN#HW#)nfS6my%J(WW_(B^XyWK
z@4~4a^!tkaO-bm#gX1%DeGaa>yKG@$^>|H|OoQJ{L{v6PQeM+n8NP9wY;d=0x87$h
zQ*T1De!z7iwD*Ykk)lfLZC){-!Xh;II|`7qS&)+?75q^hsP;+8D<iS*<|JB<R67Mr
znq9BFnEPO{Jal}RS1_GL=zpYXAW#6RoPaxxrS8rLdxVJAiWya-RkPg_KLtf-%N(6|
zqJNo28E@9Chfw65ac()WvT75D?ensmqIy)-Rug#K0Az@{v(YSGWHXoZ*>N^9-<@e6
zq_VKlX(a~7mP5l@6qfd<NZ%9h_xpqKy}P$OBs#sq3H2^%?at1b;6;!z5S!dGL(m)e
z_5rF3ClW-py(IhW>}}P-gX*L*T!HAHcnc(BxGlLD(VRxr>SK$WX;!W0<}sy}eXA|<
zP)b3F!>8T@I_pF4OC3t(ndFWGbkp6yJeC7bi-F(GbZqxiI7x4fuTDayin4#88ve!%
zpOhgpk*|syQj{c}5UT-2q|QH7|H;%vceMOiPyw~}1h7kLa8l8qsf6?MvG~N#L@cEe
z^X#(nDgY`UbXK^2l?3h}L1Go%9=-iGcz5BAlY~ebNP(gEVz8sdO@9RG_C9+`kd2Nq
z>(qKNqln`<jga`I!$VH8LG;F3GTu?=b`;@SU~qpG<MrdE^>g@Qn#h=XKx>OPOo!AO
z67%dT$4ZoAB&0_Y*Cgd+<&(46k^qC(O~%~|-+CaER44*4iY;5cv~BdAO`j96H#Um}
zUb2qGAMp@yRsVz}`QjhO?yY(=^59`VCSaS2@;67<6ahLeK3T|K!F_pM-EVv!)zr4^
zsJhaQ#v4v^YCpmAYIo=6w5aSs0<YbF=VvdYoBcsCaW06spIDt%>%?B}l4sGIDa$__
zAYk^Hj031h5RyMg%X)_cQb3ttqd7Axo4B^Vb`}t%*okKE$`xuKJJ%z=fOb<RAjMqD
z7zSNoDuIckF(!oH)y6@ax75ZUVJq`5hp2k)6PIsdAG?4jqh3iwY-UkJ<D65|&nT{H
zxfJ0x?FSR~PNyAd=f^j2Tr>0X=A~@C%IOGUFppO{?JIcY1<Bv>v%ma9Xj$9P{y>2g
z+3?bxByNv$g|Nqu#47FD{$1+)vp1Qs*Agb!kUxBSoY#a_yq&nJ^M}Fm#;#p^4=Emw
z70;<P43(tTu;FUu7#`S9rjmfk{GEjJSz<!2F~DUCo@O<%Qlg<A4u(-c`cN()E99>~
z=IZmA%s0770WRMSS`;w5K)XnX$S{~?G24O8$|VC<WZuAUHNv8?evxL!<_=$2@lko?
zJ)K7A6wdy8*fO0~4$cy&;#2AT&%_;*rcD6@t(J2Z&kEyrbC&I6=|)OB&%14IWV>C(
z!ZU4IS6CBD6kJ(g#>Sfes`&FDVF`R#IG6HcIleaZQA$lQAr{)jIpg^Ea%vB{l4xhP
zNa25WK8m9ob8AUGv(hU*>R?D{brznuyck15pH*qh>*9-f+*-KK+MdDhxuo+x)Qw*O
z8E7BcK#;{qZ=!(o=NG|WsKok%s&*CIBA*&iZIOM`>Dg>7E8Llwn%l)F+vyn&3dZS-
z(oOQwGa29r2lDWdc{8E~mhe!}uY4f9h9ojk1HRz@{=i=pA}!?I!a7>!%Bv5GE4+XP
z5~^2OCQqD|TKK2<BTfVNLzio9#<{$r$rMeb#*@boC#~K_{RT6f<veslx?N!*D&-jB
z2tA~6I`KsR@Hsts7j4xftk|%Woguux9{tA=XpQKk$bC6?dYzf5_T++0(x$mo1NV<f
zy>^$!_;OlslK91IDS<{m6IQ+SklKjLco@#FwudgjIJ%=fD=zfK+TDGZ8mGS6#xc5I
ze9U48CM_@?3QbRVD@?@&)wS++gqc1`tPlVj^w%P&J-d3QYt;Z2h-5VDNdC3;ar?^w
z^T&Nhx@$E{)h<XFJM6)m3sN+lnsDvigNwDJ%NHIRHdm7EZQ8&$;7>g6^~rb%R;?B5
z9j=bw@6>P8CKrAcuCw7%jS{Hn*0#E{mm%Q%lBnGrcL~A{XM4=9mH#flt<R3~?yW7X
z%}S*LA6~jD=chi>dwgvd^acIn){{Vea+>ivT14mJM_x8g7y<{iF=kl&&mmN5>6i%P
z%Xn`TWC!8nIlI8*Gis1(aEr;cT*|ayiU&%YmU4QR8=TpqF;qaW8!)UogUHEx4wv5{
z116&<$cK+PNW#gK6y(V%;*xPu5l(Xcl4U3spS#25>P(<+5k`=fYU^J%5sodP0(L_i
zg1krg*>^+#?6HU%pt6`GuB>`1)HVg(Nd7A!O8@NAX!f^iQGrYntxOktY_rhae*|+$
zNeEn%f#b7E-M!6-64%bPh>D&Cn|8=y5&2D-AHC2SZ)6<WP%OmLnm+~0YG_ydzIG35
z(0WJvXF8QGlY+RETLy1%rGdMXaZB%Ay{OYkCsDFfIy=()so&M4I^Ojk-EVb<)tx^K
zw~lv-BTAb{sl)m;3ByvVJDCZ+)Mph*rKQGMunE(b1pntuN$=V4?{jNIxPkgUn~Yhh
zt!Ju)09!C-g~buA)jEt<1E84wku~*$OujH623;+fIdLi<jwmW0jV8xIT)ZZFo_MUM
zlw2(~9+d$$UF_dC8#Ca~0Kb_T_|4-zF=Dm#Cy1T*s{_?Fh0AD2L0(CvUi@YgzZ%xh
zlp<zjpYAl!lsAsPtlZ0VB-8el1x;RmBQ0o7J~`i8G_AsRW!nY;vP>DQ9HySYKR}2C
z*@U!Xqh{zkI+Cx;MQN_^gM)}U#4|QQUg{WlH<Wjri=m(SGXX-<KdlnsbQw)A+oS-s
zDsl*&w7deG(nQ3OBAgd>)Z*qnK7Q6w#ak=^o}$Yvrt)J|a3yS=rtS38ZjTzns*NmG
z5);*bzihkhdPA5#8cMB+UZe@(!Y?I(Cw~=4rLTZ$%O9HhBrjj!_}#E6+=dqRuNT8y
z^cfAEIH&<0WM*1X+R+7>`LkcEiHNKLUQcZRyu3h_&${YvIk`-oH1Ab{wMr+L&0YjO
zmhf-2;DEc)Q(-U1SG#J{nX0=X*d7l=R;EX{E*G^HMO~G51s<8J`$iiFA>6)mQm5L<
z#)z@<GVQwDI5b7<IPlIEbod9GDZk<PUk`yvoSG$hD*b~4y}m{GZNulP$xs6R85~}V
z`>4EKj2JjCa$zcnv_1fQ9Nt>bf+Cz~Ca?bl2JgA5g&v$Fg!Mu<QrmLpi!dn>HPz~Y
zOuQ73=Tqy;U7|v{p;h+ZHTf4wfx=(b9$Nky1L8H*UU1g(3YJM`4|qxin8|?UBD)dV
z#26+=Ca_kf?3*+fVZ%sO6Rk#lRl^ub0rTpQa%?Zbh^K%|rgZScAi0Yj;%dwIZ!1;%
zea1p3NNay%;zv=&(S?ay^$wmP=QU19PODyN=sP5rpE#TRT9y71?OuDW#$+3+JAPHh
zI!Yb&R~lDf8ycU)YD-fqo}#ci{rVO)(MIUCIww_2DnA6AD?hYAXHyQjA2ztG^r{>0
zam$#Q*t<Hwrozd1l{O%%drrA0*3w7f6PgJ>Xn^x<{9I%r4*DJ@ARqlD`ZyA`{8!<F
z{v)o1vdyLjmO%13x~upuPTCnP&wgY&JF5d1Fw3)!B+~u5AxY|N=sUvIdH+gSBA%=)
z*G&1H!UY*c{c2`XRXzYm4XQVX@h{2ViG-9>b6{08KGCZjnM|I&Zuc4k8ABMJiF77w
zdz59cv0?iXX~O8O6i}wF7c@Sl1t(*gIu2zrWZBDZ#4`bh^=F?CZpz`*vNY09{YUrn
z*EgyiZ;F1&Ybw}rQA_UW0pGi)<b1A<84I>?psvX_kb9@R0~^wWC9CjE<#UNa!V4fg
zCzk{y7&VyS;Ql+`_gs8~xwX>_8i=g!PX2?IXSY4IE?;|lu-cmXt&RH2u3(kW^N;Me
zMqTf=7KzC=HdhOespdkTDj&zs9A{p;yRGo?m3!PV!AlzBt|C2s_m!u1mtvTL1AbRL
z%E$nI^9tg~`{F7+rOLqj4rn@X#3F5|KfXG8H|sOPlKEZ}CLK%RAb}#ao=#fABGTKz
z99V`v!z8cye3+VnqJv2XC91o`(#x~~S3*}pqCo+G89RXkvIG8ly0tElsn7|?I!o@Q
zH6Nl}BQv%a*T(0@^}vK*o9|{sUIZYtue0w@c-IAdv9a4!IE7Hxo=lwOpA+a|-YA$l
z@EQgUVf|b~N;#;g_Tf3de@yb@l3=1OBwozz%zbs8E^=&+W`8y@*75x+-|*A_<)aDd
z$3N8o9X+!%RbMy57ugZps*AZj6w8p^7NRT&gdn7mJRidku=_{V%sZgz@Jufd>3stK
zL+Sw@0=#I|t7YQE3aBtymp+hip6-S7iV^8&ogk-4{I9>1d*aL^(yd6k0S!O9cY01g
zc$18|(xp~H4u9?R_@vF>1l?Q(pQ0$r-Nvl`<dRH8)wm97zW;;C_0NXqC9JBi5`j5N
z>?Owu4`{BA8l291>N6uAHi!;=Ed7)=uC-ayy*3!DXW!0wAby-b*5{CY-zU`-<-Z*i
z9w3jd8ziQW^Xu<wNe_5HI(KTj>44T@?<~}5dBziV=tW_LD`zfF<?ZJFs`e&XS#&hd
zzVsCX^!*|59TVbVMD~;ze73;+)OkZYN`;&NRD)Z?URA|l)%_+_J-pVafwNm7qklpd
zizE3rbVT_XF(4%NqgR*j)fo%Rp<oB@&}ax_=^>4ZsXl3A+R*I<ut&Lu`x*U%rBg^<
zH4j!*<CAV<r%2P33N3BK9fM@i&&Pt=T*c+r`@Ne^3dh)^AT3x6;-&;&2|X0sJFNrE
z(5oA13-5Ng$IDbc&2REUY$gqzIsJ%oR1LHag>`W~Ar3z2)#^4fTUiX_og@9_$8W(5
zGVFuByOeqsvt8wAVhaC9@!*3w^_W2m`k(8R=gP0+zR!W)LBofp(sxRTOIxVh;SGA3
zX){FGn!^9{8;>CBVUvLiKof;qL(%}c&>mAOc)wIqka(L0UOqm!G$qm9vmS$xD3IYA
zyi`{eH@=CaDxQust+6-ov4{)Fz8RaqaaO0bnRFP|KVd%2S-7Q1B1wI#2yKkh6;u2=
zQ5p@7tN%@OOFG+8M^e#Pz5z}}n3bv47&zTM3i5!N6nPoNaO@bFV`>0WS+dJrn#!U+
zPQ^bIpw;zR=r_r8Y{0Xm?Lw*qE)io!5%}IX#d_^$EV@yMVVnHR!gVKi#=Nlt%CwSn
z<@eRoB;)$$HSMttKJn-FTWC6=FP;c>ybI%R`~9b9x<+UHxw6q7pyKn^0Ot1zl`}|(
ztD{Ld&+8BQ-+bR&lC|Kk>3VduBj1_de+0^ge0%R6eHGOs8(PCHTC|)z?VHd(m8t@=
zL12E;BQr1mjQvQ-AU!6GCLCwqEBRSp8G)=6<_?P}B})#u4-5W;BLIBfSoS-U-9Iad
zgTriov=o_G@T)kUCKAzgB59Z@_o$zS%2EQmwH>&58`?txe-234MEH#BjL!guFsCN!
zKL9-e!2J_i8b7B~EJX&c^nbW!Poqqg{+i2U)yzG>-?;?#{Gs|Bvh3RrO~*Vg;_7pe
zy&eq={$%OTP_J@-3vOnJe4US$Q<K0XWF4*=uLfuTvtvw0$%KQ>4Ii3WO4ug{l8wEc
zDr+woHw>E`^utKht*v$%j2$O;@#V^8W9QW#iWDanciX$4N-*ATFczQO?;{W&-i@@9
zD%UG5paPUySWBTT8$+v42IixFZa?d6BJ`wZMgdD)r24fQDN??}9~<KYXpIL0@|+uf
zdQ$e-h+O>PmyTKhH;mmwEld6j0XkiNtvO<;Vw+FYr7*C&!SQPQOuV#epYW*y0B-++
z37kHV_OMBj3!wcPBSju&RA@CuS6iPq^>G+GTk33FYk6BjT6QQI__aGJVM$|z@n%X2
z!@&eyT7vfyftWxb{y8>G5;jadA&pA{ZPVEw<M@Oofw{>Xd8N4AN`svj@u4`5Y%Dfw
zi$TCu;9qDTGv#aRH$kxmrkO9)MEAxQ&ZS%5G*tNVsUBc2>h=14y+SHA{NkoGnmPC=
z)Ez_9-VHy!YK>7Yr$Fy~v`tt}lkIGaK`+uV_mtH-=}3NR8tq`6HjR?@w(OShBGVq$
zSl5-?m81RnZs~KSvp#8FT<OqO1eGUOkT~S{CgOaDd<6*zG;wb$(k`38$NS@f-?rdB
zUG#--B}UXTAvbhXg%$<80$kY=;a0)*QmS)r#dZWc&{7A8#|5r*@E*Q)hUSqAHLTlS
zBm4z}raVwrj4bJmWj8*meD0kYV_w5{T?{m9M2q1u#a}P`c&u9vZ_vU+<*WCy8%q4&
zL&N0EF+Jd@zizU4-<O33-IatE?M{c&tT4(s@UEvM2>xmJO27K0r_Q(>7oZM&`lPHS
zpV;qNkNHxN!S5cW$MwvJxr_-r?JN8Mp#JafMx0S#$yp39&!tvCNyh&Q2F0uxS*T1C
zJ~{2Tqthq=_iMDat<p|k|EQLCUC&1tY|F!IqyTJh@3iV4eVq5}EbcRCJ?CDtKDirg
zcIJ5XH(yfXIhFN%s4`r-=EWmTGK^TepA~#tjgIkT8GWc7*W1jXR_S+eh$l22pO+zJ
zo3o<po69!TqPC?252JbC=-Jc8jSKo}cjC@oAeZ(SRJzRDmeARK<f3-IcBnp}Gdxtk
z)KP)bEwD3o_y-pbfeqh~7r7*U&RCL&RcgfAs4un>`n-N{%zAvPdtVilg^?8HQxamH
zn7@4&{Qq#F6%N07&r%GC3*)T-0lNk#?_0>%!9p;5rNK=@A?+Ucl47l<I6vn8-NZM3
zFKwEgkfau=2v`g4XynpW{=@>m{ZszdoQ%V-{)t-^4ZjYm^)<Ga?yCbm{E`V}#+SdH
z#Zz$j+5Z=9<rdt<?c7_ZTSJ$Z^Qab+9b1%TqBfHOnv+zAxYeH+)d)+zry^m8Tylr0
z37bl^*B!tROESNJrLX;i<_=xHa}tv{cOW!(bj7UI>NJFPLVYTiQtx&em!azeEoLgM
zyTsd=Az8iL9$v<{ScbY+$dFtNbG$4vAn65Fq0$^rtWpm~$Jbw8)8Shd%!WW?lCyp~
zcS;UIutfv-n6%nk3Pb~LoDX$>7w$uT7Q1suhgOQev^q^f{j|(FAhvm?`!VG$o;0cY
z7?g`2KZvKNG!o1<WMb)r40!zq6X|_EZ;}&*??9MH_a}Nav2cdN<f%Im`CP+1VL(`+
zJa(Qy-uS?G<{bUfvx8Bq!SIAnG;#kNb<+4clUwtCvhQy7K&SUZUfZMk1JtU+V7W#^
z&hSwjSO4a#I22c~Y`47NsvifM7oa!r&+fJ){G_hn_yE)L1srG7(<vFhJEXS{_~e0B
zf)aAKp4UiTbiSHeteu?E{Hc@8&ZmDTFay*!Ib9kDSn_Me72TOyIG+VgMCiZWIh*9x
zxp25MQq#pc|Cyl1$!BW>&9{Ug6Mj>wvvG()tE<3t;`P1uoDAT8wck6+f6qPraK%<`
z!tCb;>jTNh!?Q7-GIs=-(O^>lJ+GUQpEg~uX}8qhqL#;PaN9WIaok>s2OH8$6_%{A
zh4;AuiY>&27FhD)ws3f1vOPfkuWX_**-gR2C0UMxqO;k<rVNjZxfqodJcxLHYPRvQ
z2pa`<9@8PgL>!bI$}~YZKiE_}mVaNZwy~!~<X^B+0jX$U$2xC%(tS{YlOrO@X@Bo)
zuvh03F7RN!FT{@7ehqA-bMa)IQL<$JB*xgdTx`@Bz1-YD>+~I>ON%j2j}hlu(8I1_
z*Zt6>h=-&(3>3Uxe!b=x{a#Iy1-yJ&M%8h)lH<!D=(K+*?ZMs$7#YnKyqgla;gsh8
z$^rZ7-I^nvj+)G?q0aDJUkPdJ(GcC;$+u78*eB}7O&z}9#DxT8g|}cg5XXvtG!+(4
z6iJ8h!)`Dp1ODfq3lD*N9Nx3^ngJfw5Wr4cgVPqBcG*5MyX?^cvu90rlm}wW?P*zl
zVMDK461|$<z=LOTPHzsLo?;piihz(*v-bFbjhjI|81`qLuPm+Oq3e?i>-~}3Og4m{
z_7E5RL~7}XX}h09R>9f#Nz<Q1{tNE<h{_H>BHF<Ef*WQvXNizc8#N};lF9VKDGRwc
zZNJjB(!uf&cF@gu>Re7b*2cVxdfMl|91LBiwNhg)Yd)J{rZOeJZt&v8RsG0LmRFgI
zlmmG1`vHj5R2PYHQR|pquyOkT<sUnYee_99@{)g_?g6C!x_XV`r;ucr*Q8`fe&!rf
z#ueKkCM?{e`6A(Mj;~LTuO#*qKEvx}Pm`B7)da-5X)n9Lwt0=a4?##KuX;j#L0hIp
zXCksspG=zmOVWP%-kSk~;7p3%#N>;TXw$(Mc#}{k6QCzjPIw(`<m@tHnG9I_mq~`R
z2XQ7f>CI@sLm$LyTV}-FmeJsZF{x3&7{@Z9Um8(DdX-5mR<agDyv6`g(dwN%lTDeh
zu>sLIziW`w)t!Hvq6@8rck$^4zIC%=*@<A$AdAybw@%w}zZI_jUzI*1N{GhVzlam{
zI)L`eN`cGw%jd**{Ke~&wc*BxFYb>m*d48F*6f}B$eBqho7>D>uAA*0y!N|@j}LFG
z(g@w(RR*-UITdQDN$XJGdrO%~rn56MmI=08Nd9JAZK1*27}-Bp0c)sv?ZBpnTES|q
zhivWMtj9`U<jNie-eIHf-E$qXWsKT|b7tL(?!`9xo>84HG#hhJOYxqwU;2+paS5ya
z{T9!Z@!C7kXH^-3YtWor-fJ|v4r6n%0_Cq-)XLxvO36o*`V|N2ojC-%ZJjZ%=mEdX
z+`WnjK}_EMZ})F-nvq-YAdkLzUCxKzN+Pyl8wSv~qNOw9N<!ZEKBy{%Qiv$YZ7YMR
zqo60nyCBg~WeORgCT|pcaTpY7{QkA@_ig6_dF<8%2fma-ldpxq6u**@OW%G3PyfQX
zYMG%oY{AD{U(4#@Y0y)H?(Y`O+aoHk8|Iz3)BIn?&&g9*{aH|GRj~F}avy&kpx0C<
z)pYq`e=N8Cw%R*x<t|5CG3832d?x*sM|J2^oK9o{3np)1%wjcn4vIFB;{nH?I{Ynm
z!-DJz+H(0)>TMQ5>v<U2VDaVfD*p2Tyo?bwH;&s1i2+%)yJYdjR|eN@f?>$vr3e|4
z{%wVSh@=Q<W9G)HX@1gOQ+gQ;n!FxbpcUl&<8w$6c!gFlg-8--Ay^f@m1?4j{NUo=
z_5@8lJ=UJq0*eku*Xv{J33LqS5bNw3KV08}dvWW`S=1PQ$B{AL`i^id`Z-#Sat1(+
zv7_QgnvIFfSCa$OKg9yJtMoAnl(>->UiKKo#Ntr4e1IaGM-@L}wB{A#>nADN-kxj`
zadePzehKt0y@gbygWB(NTxGe%*QQvhlm0~jzkf|Cngc%k(v!w=R@_SqoOnQknyjw#
z+X5|Rvl>o999$11@{s@1$hM_aXR*f+zdZubp9A2Ue?}GwDx7d2{}bn;N0^vM+43;e
z0}DAc3V2t+k9umK)FD9i9C4z93);#@S6~JAGQw_B{-K`_q=&H^YZkCoyn*L37%3V4
zaN6g<RGp`ez;#6(6KfW#0-zC+;?~F|$HGa9Xk_j9)zeGj0y3EuVO%6=H?Cn7a7XGm
zK=xlNMeEN#vO&drnTi^&Goui}n34~nx5#=&N~p2b-|M@oCB##0M0Td=V)ONpsK(?B
zLj`00Eo1>o&d`k&6}XV+8i#yf*=FO7S|vyVZ(XslthR7|JT%I9=@%ItqPwe&B*Y+_
z2I(6umLL)X+h*DsKRQ1W-K1JaAWtjIJFcRvx)PzO38VHGyYSpE)9bkTg0b!aujV?u
zp%*(UE8phvz-;8qcflArY_{E%J<p*L8VO=V9wA9#C|XV>UnjkacxXjkmL;yPbyQwD
zFH(<ntna-$QSIe1eV)$8v_FcHSm|_8(Cx!X{@2-3a2eZ2fk0Y_P9K9NJa$}8tcD%$
zpI9$DQ%x&|X~<GWm32eT>JEn^^$(Bn3_wT=P5eTDF$Z36j8t9yNt85BbBvnjr}I2E
zb-)P)#&-O=z<RE{h{(3Ac`$+^g5EHA<Y_(o0yny>*?K5u-vbz3a648?I}(2k9EDK%
zG}ir<Td?DfX3m-Mbk{l-rO+S3&V1D}L=pK?fWB6B`yJw%EH2dzl`+RSAG$ZxUkwck
z>BbB_O;)E6aQ=^9N!k0n6qxLK0hd;IH1x8(A|3nD>A<!i?9<6v!!*Na*$E;YnkcoD
z>Q4%;%BYeEzM&-D%{p0I`bpO7uh#q~^oW1X#aDOY<cDOM`eT`2D5R2K0~>WZP``iN
z%R=wkUD7h|K0gkf56}@M-b)Vy;mP$cFcP8E&i9JG%oTE4SHNlg$4gmxyUu57e{cd@
zk<y&^&MnV29GQ+YSEfti9B366I*aGu+PUCMf{~iDy<m^xj1uPq*ULe-8G;VMd9Uj^
zy~uv};+Dg#!HQnr&5oWo`Eo>nSb%RXALAFn=}NA0E?D0<V)*$UOCILaJXcgQGEH<K
z5Iz{plMK^@XuLg_v>udm3?+nQtl{`TShr?yRZ$=ck+YihF0-X93x6OTf79pVLe*#@
zYSsqjLFU1q6zR&nt?U+nO(&}Jv@O!iWD*VjQ-B!d%#*p{#e5npq#|bsfNFWdFvDEc
zLhy3&Uu2mZ(@rX^uiAY1%+kyT+lCovq$n&b?Vkn<Q_&uZs<aogbkp8K>58R$4j+W^
zuM@=mb642W@?~xX)aqLnQLCxNL+6|V@dWY8H*h25uO_5Of8t?DZ{oPerVMXk-%n~S
ziJL5(SQFtpII6ePun9Yyq|ae)>UDm3VZd_NtD>2*ikf;1{+@o|SGlNa>MdfpQbO2W
z@}6t%qW`}uYpokZOKMUCqk=o#FdU~@Sc4PV(Qp_sIR{4t)a&J!tF0@%Q`^^&ji94-
zZzK0NzxBxuD03uxJ~pp*H@5tEzQiKTw90!_9l^ctbLO9;98clauDa*2zWhh&aJfuM
z_8}*Vos67=3t_^xONbTNG_C?Fl#LVRHVcO*Xs8L&Rs2&&AVMk2!V_$?V}{JjwdA3J
z-FDOje;sqfjb#_Iu}Q6e10HqNt0-KT=~07Ivzx1|9px`8Husw=?3rFOJ^1GAG~9Be
zP|U0fUzp<q(AOP82xvzCrf4G_A7tc21YF;KME8}WHHGM%ZEcgVBy#?7$mXi;AC(Rh
zlpj9f&YFGyX}U-?t@%r1oMj2|X|Sa?==nS!qf~L4!nCyb0IThFk9vRp^0Kgrn;{Iv
z89K={yIeYH=dJb81a=i=U3)xA<I%ubLk?PS&CJ>P8b%sJhZCZ7Ic#vX(;Q8sexI>4
zcG7%)C_!VXdpVRqaw-nI(6w`$vFgj-(l?2r)gas!Z0{4IEVCE>^vjeKCaym<|GY_H
z^S=R|^ZM*fQoJclhjz1ezOGu{&p9@W%XEX`YP`N0%G=P`M`21XvZ4<Z$EBpU+fU-?
zg~9{lt4vr3Qva&xlk6a*wY9$Dz?|&l5wz6GO1J+}@);hr3T_XwlSVh*@bkgc>9=`T
zdY<y2MiiNBQ*Uk4APDadaIw~q0oR7%bMG$&D+CFi^>T$GB-Puzl9dPs%zpN}ek4Zi
z<Exe?XHj>jqoN(}FL2i)U3aM$U1oStz$V&&0zbN@3O=Vmy~vC5$+LJr+X31?zQvJ#
zGDM3f$*=or<cHzXJNyiJMO^%&w&EvsQBVrx#F*ksbBSK+96dcJdVuyns);iOQZ+U)
zKn3)vht<FfaHo3Z)CR+fsVQkn8hiwldY!fKKUcposMyVF5zl)-*{Nq%FI}IXvSCcX
zJesK$`3>7~=fyJ)I&t**>cVpHW|C#Jph9+Dt}|FwS5mt90k#_BR&icFj-mkesnUIA
z{*Zgme*3}~u7k#BTAU9@9d~3j^M(N7R5fx1bdegVFTNa}{%${HYd+QZ*QWM}J1iBm
zzQCjt{%w{e_0s2yF*f;{4<zfKzeZvDF3YN}?7MR_os4XiunVh<B9f|p>D0U<<<SaB
zaOLdZyltNLel_8}f2&+D8NUzr%Wa6sEvrpoA`Sgh9AV)_MnS6`#9b95g7h(V#v;zS
zcqv4S+<ci%m6`!_7cfRI4wcNNrp<vvSBwos78}ovyH1rx4&wfYHR1@mlc$zTvkQJ!
z-?oO_fVQx<CD}-Sd3U^v?|px%L`nL~;%!%;&7qO4G~W0j^MX*Yxd(rxi}p12h6k9+
z`UsF@aJ?yexIT0&r@X^qgD_^aZRB!hcquJ}?6EyO<U<2_A+QJ?9xV~jfpXomAR~<G
z716<NnzC|VIuXRvN{Q)qwQs7aBvWpbtAO~3c-sH}n7YcaD4(w_El5a-2-4D$0!u4M
zmw?hKCEe}P-QA_6(%lU%xk$$XOZU>f#Jl?YtM8}zvU@!<XHLwVbDw*%XX|!Q!o664
zhZ-@M7+~OBTZHPH0Pc(bfG-e!TA6~m%Sk2=?~1d-c1)HYKGSnqz`Ha}AC+a_Fs^UN
zDnUdR=%^Wawfdp2eS=K~G<B1tb9_+p{~bqIaD2x0ta2t0w?Y>F<GeZ-;hKUHoCx*8
zu<_y)E)JgurhJ~%enAU^B33`yB+43io%L5Aio7T!4}M;*_sv`6Q+1*$$rb-0oA#Z4
zFgiW`*X%N0WoYD3CuVO@Ti4EaJ8JLU1^<jQr)1&lG*UVf?Rq<b+QCE&pzfz~TJ`!D
zkh}VYy^Wvm3F;89-}wQwd&I^PBUSXBiWyX=gBlpfKi2|T3g_dw;bFfcjHd^fW<!^L
zQUsQH`Jluq{+S9{|AK{EzYu4?TM%tSDq826tRAt~bHX2AoD823(Y?G0$oqJwDy6p!
zB3>D?LnZl}xByfm`K4z@E+G;Z{M=H=(^EE2^}ZPm2%g0KutDJgCES0D7SwwCijD*7
z3oy%F0EIh4Kq9(*v^R4}Tdx2DTUXxqZYSIKDDCu_#;!G)w^sYOuB}Qi2SY1dPj}s?
zNVD~C*;bs|Pn9FpVg9ywXhWMcwl3rI6<_gJ7wsA;p=E)=!@H|1dlK#9E;==%#5z*p
z5-~g_5PQOVrsNogVdEmk&tXHK*jBs5ZnmXVF)14?_S0GgL=Dcp08v)(XG-p(X5^&5
z4<QE^<bbMkuNBXv(4IBCnhRgy%8U2d{N0>uLqXKlRi|TI^cg1jUpUWXHj;_Ir6wOS
zVrqU!8Ba6=1pVtLxLJH44hH{-K?FQxM+$rQ>gnprkzg@Ymg>)=#4<mbklH_QnHx7$
zQ;_XX1)?_(hoG%Gm0C+*rbTgU{|2lV-)41AiBv$ty7^wG;TV3XMSJK0q<w@Vbo=m4
z5O-Z_U?oiDE+5qa_84o{MWwF}rB@|K4J&Vs6T$|b`R9-!&pGO5XCn|zW!gh4eKT`&
z&%@aU1yBr14f=PcQNpQhMTVD9!dOSE@l#9S*YUG9_9|1nPv>niWi)?Rb71G#DpMIh
z^xJJfAtj`N<Mk$0ijR)xUNjCoOkkv`DS0Xr-$(n79M!`Ay=Fj*ru`c6UzO0<eBeF|
zmefNy(UNg|kJ{Si>qXuVt~q!#%ft{Xdio|4f=8-mYdjg$;%4TJo(Z5XQZ-1C9k(;R
z#_x0!&-f;tM)t{BSapd}e@E4r$`cs%yV~G)?BArHpyT^?k*7KGka2*k{w|gl1>8bA
zh;<LlLelmGSa(E|`t<vh!rB&jg=5~;b}7P9TsdwNWx!GMV!i4&k{f07&%=1sA)NBy
zH1-La!jvbXmkAlVC)qf3mE)9@dp;rFy4Jkat{=&p)vFQP0qtCFUtK5NyBun(FZNF{
zx&NeAtT~)UT;kuwVL0bC&1~Ui-6rDjGJZN$sQk-xrHJfjEw*%ltLL8)h57lLsM=cK
zNFGB~zz9Q3jEULhxP4|7f{x6OWXJaY3rU(Zo-Nge*IW0#hjyd^=;jaP5;9Qr_I9z5
z=-KlGdEKaW{<i4`-uRLTBtNRXu>0tDmok_R{F!T6)4m&}?sEoxE%fC=0MgwSW89*L
zN<_Kke#X;4nF<omtTmt7sWurYbS1jd#;?`$3S>rZB0C~mD4uL1iKJNy&hI@f2tRa$
zC!4zZa%E06i>$Nhq$>WJxz0kbBS)r%*cV(GoOfW5Jma+>w>$Eq4$XXdH7)vg7No~c
z;ch+Agvc+Da%f(s_WnrFZ!*edc#Wj^r|<R+$06z_a>h9V0f@}!F+K-&;>E?jU}2Zs
z-0%>!A8b46RPl6e>zRlQsCMC|zk^~&g;=?A0Xs(E6eX9`Y+s|cL-AlXNO${n&#0C~
z$t``YmKShCmkBJ4kb<rYX06|ka;>{gEOy@2&8ngD8o`a)G#>knWlu36-VbdU%f9>t
zR`W=d8q0p1aNeUanbbVEEBYk-s&M4~%H!_n1QMOi?mBGp^v9bgCb1;#O$*S{AwASy
zL54U(%`P+ho^MiES?=%ph3Pai1M+a)KTMc^2tp!I%5h_0``ac%v)mD$5$-zY3D}mH
zpHZ}Iej`+Ay__NQ2s5A~vLjUs7^0R%tO{@gh2TU(()u`36LZ5~HoY@?{ISnrAQwlh
zr$L!$!o#RA0z!=5`x~{~kWFj0#c2FAt7p=zB=!@Mi6mk^XI~)?s48$VokIvY{X>k9
zC&!#4KUQbv4l(|nN~NPf#ff98vL^y<H6Qu3whlhjc0^j-R((d{uu{WA!EmYuRVR7g
z5JZV$VWF|<xFRgC9Oyt()c`umx#v{9*aK>NrGI!VOI6xSmx3~w&p_uuEJ2}@9))y7
z&$wz1{9M=)%CZ_7{j2qg&mAnbrNqB|pSO-hgq10c2P${veOQu3pjALBQ(Z;%?p#Nm
zhqw7T5mxUXi~+q3!?T7=$1m>?^IM1_Be1Z>SVkMK4qPnQ?Hof}Tlo;^Q==(ILW@^<
zlAW%G^gb6Y0%3f$Y4kO>+wYI?H5RPS!@egxmlb=1%JSOS2B{!UB|B0nb1u31>&nlP
zoYQlA;}?)3TKA=g>cf1FY;i7Js@sYmKB^KEt<;EsRPPXRtLL|T?}Zq8u9B}P6IL^%
zgDQeQREaSAB7X}gXj7`9I>mesm;!woy2Drp*#9k?-iKn`ZR$jg&-t&P&KV(!wr`>t
zGw<3*2832MQ~L=i;hbjVs=UspMvPJ4UZ{(nX8`Cu0MLs*jbiGk7l|Q8!%>gWI2p#e
zkxuAJ8bV^Fb%Ngoj*^_zGKOGYXp&#HlzbmZ;ZSz9a?)W8`9&x8t2c607CmZL=kfSr
zcYjAePESo8{PPf)mgQ+k_6(n<{@G9V8P+CjvV-(9zTWum9&faLj6>M0Y47>>7{QX&
z9pg~Yp_BwqRk3~mw_uXpBwUV#v7z7&DcIHQz!3Kvx6=K<bf+{BBr8o>JXm3URooAN
zmK7_oEN+b9RZf<DfN$RR!5_RUCv!FPc<btc=?2*7x1*+=FywBz-js3WqE8^(sj8YU
zH8j@!+HhwWiVxf@7Gdga*jc|sv!~X3tl(bU&NG9)i>%>p$?Uhl*iwgQJiJeAVp7_k
zrn*0wnDn2jx84!gl#~HpH=(|ItBH~kv8AHw(w<+47S8xuFqUFbLPOGUNKEkt`LS>o
zJzco0<V}b=nu1>+d*p-C{h2LCWuGVi>p;p*$NjwD_@J~F!?I#a@~0LA_<+P!p7oo~
zqZ>c9*W{QZ8~_r=E*=<r(;Sb!$le-fuc1eyIdcGC`{xFc4=FBOJ(X92H1$<qa*uNR
zN|SUV@3GgWG=`c)9zH@JBq@KQ(vK`27*!M$tVjO*!N8Ux9m*TZBdSAjN!hH|y+Wc?
z=9vkoWA7~vf9ySYCrOh0hXn%QW3}`EY~lnH&cJS(f2eEO9C}tfUE|h^#}Ec$LcHXx
zcP+ur-Z}eGm{ZkK**5KEiL?HoJVUjT&dudiHHmGRXluZp#XExZgY^<vueKfSq5gr|
zO9%`7Wq#L1U5h}->$fEB?=6iybXL*I`nNv<O|_yf)!fj#+Nw<_U!<jZHJunp9RvUv
zh+fr+&J$LKvRFj?wqH*H6dpCrW6HOTht~LK)<}IQkCXQDMU!rf4;$Kn@#<ARpqTZ*
z&_*g5=CsGM;@QUbsRYs|V!2<JDw9)N39u+u|KM4T%GdBZjP9)tXXd(@%1=WE$y(z|
z7w)%`Y&r@fROgF3oz|=Lb#(8qRn{3A?wsoavoi+9=u}5{#JhpHY^?iHeS;r8K|NT}
zn0lrw9?ko6@uzLaT@DU~ii)mGG-tKLWhOUICChrx0~8ycKvU@@f7$S8?TnUSf&KVl
zh1bAaFCL|Ehf`s)n|=*0svg}bUgYrAB_**qmHl{*vs=c8Kn*g!YeGt?kbf5xQBta&
zyV-}8h-ApCO?+C8W+I5QdPxE(#v=Ed+#^wX8<boU?ldDVE#mv4by89$XLoffvIj$6
zE{D+~>f|5y0XSA<!UDrbnVJT_&q|TE*iSTiQP#f;zYq9eQ64{`&DoD6-aeoB@w(A^
z?s)=#>ss?<_Baaa#qrI(on@ER8GubFi2_$&3JbNtP)s~4mQ_Xt6Bp!_@qpK=&V!uf
zUl*^MXh+~}wY?!Cp;hck7i0~~*+IVv+m9+v0)?Vky-~R7*he<S>=p<ZI7C82kGP~r
zN|E~jeAjCASQUh?3yD!`oz2A8{e91jyp2FDU7fcOh#@#|{mO@RuPJ10*iRfQ5f=ax
zw|~iTcn7Dty%=r18QzF;Y;6nNon&|r&{&B7#Y;>43pAh)8!3j0>TGB!GTO2A-^FJh
zL#N!EciM8d(_%mBQ+a8oEack$&ON4%cyThUd3#{L6Nb~DWK+BH6p38?ZdUQL6?6nY
z%5ygCGJf){S$j>)h!ptob)+SLpkl>yCT-3k)!T;;3(D_8ZNE(TLWaRr(1j*S(~uiV
ziuzw~e_#d@@_l{pBLK&qwvVCc%W;}>xj0GuA%d0=qDnjSH{|1tD>Vg@v{yNZ&i=>b
zPyclG`(pbT-dh>WOm**0%^aQ?v00y!C%KF{7QGG2W#+1f*_2xxZ6hzcg08!DV>3yX
zI3@&o{Fwp~Nca(P^#;;m<|s%jkhxNO^h<=iWd9E=JuVIGZBzDUaU_nxHhe>c+5OWD
z)G+lum)D?E%yD|MuAdELBqilV5s$ipfji*|-;1Oumx5xQ1O=HN@5te9Kk86B59(Bm
zHPJKCHaoL_KYPBuya*<J|KBPhnVAvi?VXV2j4IpJgw-PX`1dx~?`Sf}7&PDI(|E{s
zu|}9bnUZb@a2)uz7Z4nP$-R{#g1mr7$Kh?FHSD;F`{JlA%1IOvD3&+(HXeY!XeWL~
zzVSQ$_%R8UucQSxrS-bT1#1a!|59%~0XS*ZHm(kLILWTcnaNtPcHyoiMqTU{Z$ZMv
zh3sQppo3>Pe&di9mozJvDNq|t-Znfizs(30BsBHbCsxuX>D4rZc44Wq8)(WJsYrO`
zG3#<jSLmyK*$kD5KSb(lVgzI5{&5|IlpF>K-PSZjptuon@QtCipsx3=s@LuLF>H5t
zx$Z#XzHIu9bagsW=Qb{ruQCZs(GZWAUq0DrE!z4h`iJh~a5{9fmL~p$D9Rjx!6J??
zH-q5|gKX)}#ouj<9|_H@D-S-XCZR0%2D*Q-BTfvt-ruj7GL(T3!yc1tqX>SuX_ezF
zj?*cRrcRlaTh^$6jb>|Y*#GeRoj^KM)delrtU^8e*BDu?Y|`GECm3Ufe(htZ2@_Kx
z3JtO58sI<6rOW&A-Ue~%&Fz@gK~V7iVw)lF{X@dCq)IErHa)dZc)xf^Ii}~;eC_7^
zDn;zLP+Vkf5W`BC2t&v^8Kl1nMlf6cV)rqPTQc=qO=v?aEZObDTm4G&LDN4KHE<{q
zL7VYBsHM!}8TElGdEvjhfGJl86T&&jYU4Ge0vr<RT;}ATaT4B5B>IYGRW(~q54SB0
zbTjQ}DBv-NKBAHIH;S$6%<yOi_{aW-1W^b}$HAqJ$`77q)zm$rA}lA2p8P1HrADV9
z8|~&CWAcG~ib84F)L%U0pN?6fKmO{?8-OU|$C(}Cqi~Q#=j)mY9oM|EWdgot)EAt#
zKs?1%rn{g{@g@QTbZ+I}2?c<EQv6<ELHu%of4qZH|Kk+24=Q=Y3?Clak`D;Q1?j!%
zO2EkCNcTzn(e()-&h4c<as)>>g3aki0U@?@<C2vM0vglnM8WwWcY9{exqus5<<JX{
z^9RX4u`u5l3}(|whn-hwc={6yWb4=(1M0qHxb32X-#z;Ukcuim&|IZNC1DqECt=%W
zzIr%LXH3WFCi97uL#2o5#SpvufZI-}&+sP!B;3G%nEr9n*M^<5?@|!7EZYDs!#WrL
zdd2$2<3lTh;80fRE^wve#Hh!?u5FMvPBm#&-t9L4$bw(Qh996otkLnED%TKSo$09f
zXRr_osUfkFblh>n!<B)Nk0(=aeEdKB6R88b!3R5D4HE=(ls`%*u{5*O0T+I*m_?!r
zQZa-2gIKXq0gNVO-Aw8B==s0#a<!=s>Pa&cu~?l{V$p@7TGD!Cbnth?+0G)=^4Pj7
zjPcj=Z50Rcmz)UxX1Oa<kur%g6c}bbDrO^SGmI^#Dc!G|0(t!ILh?BXI1=#eP{~vd
z`cRZC^cBB~1vhI>?zO@6J|7Kh2BBmSRz+fF?x2D*9t)(kBvZ_E+(*i_U&QqbvF<5I
z$8!}85LlFTC)G&F>?GocqA-eWaX-P3<_N0h`?p9T^gRVTUQZ)L;gIYWQ8<KkCza#X
zrAc9&Q^^(laE_hEz>S<?bKN;xj)=_p1+l!o&S?NH)kqrT@>Bti{i~j^M?OvJy9prD
zL<%gwX<+{RgoCbF)o1+Kzi)`3*GSs&mKq{r5oJ_OQ0W4(RSB{gTK!>?wfcoVb@=I?
zY>UKu;zvt5Z&0t_r{JayGj=RvL8ufpBf0f_e<#K!g$T+k7-E9L`e3FE)zS=E$pH*i
z(ii{%e2t%>C1r6<WsKia*f(C25`l3DkEXs;NeI8Bg-YpZ00eyhVg#`rd=yd5atRSd
zG4yR|rI|S#UP(~!`*i^%^0$-W_JWZq#qkWx4e{jH?CRloaS3w{OL(Tq)6?q7<>ex@
zLE$Ipb)8vUI%bOxe&?mSfyU3O1Q*j`O@UQYS(|9)alLKdzMmf4`Y05b`x5trj}~UR
zsjEm^y&12diTHpdqsq?6geNzmG*l4UjrC7FuP`da?08EI5aLOT8uBa6<Q-nET0n5A
zcbZz6g_Y}jH%PMLVvtxF0Zi<{TgU=gEy?oLEE#eS?bxU*>@e-$k<_Xe(jBvKHV-r?
zrBn#15Gj9PV2#+B$k<@&Xhi*6SpSHR!bS~9m#a84sC_6U)H$UHE-R3tI;(uZU5nS4
z>ES?mceG;E)+c&*O~6S^u3mw&pYRQ^iuKzmwPmoDjwZ(+cxKs+Cfg1l(33kql?!r?
zVmzt}dy&T$ANEeq(J;VQ3OVZvUm=Wc=&@XnGRD78hoVeS1IV0zefq7`ROgh<z&PwY
z_`7-Unu7dl1tu9T_e`0~Kuv}{`tLK5!XprAjWHMABXG=73FD_!f~>&zDHtywo^;3c
zIIGZ`q#XODb@k#QT$1||0Ofx!X#*eEF6huIqZ5(r6+#r=bKQlGo21|k>sDxV{PV+Q
zk7iz9j!bud*1Ny@qRF?zZA$h`-_=;WjykjA%g<EH*T0XjK?tBA*;rg>(2qDIu`|sl
z6*M%OYbF6tl*Psx%4C)+!-6aI4KSC)Gb~^Ky+ZT8T6)%1-H2|9SBUG3=<zZ|sj3<L
zu&xb&-PLNU!|;fE&2hIh);2z-WZZrgj4t~w-^U%)P5Z1lTqIk->ay#{0cE;u(!Fq2
z@Js%@ZNaZn3t1d*6PQz*OS-xF<#`4B5btZHIX4RQ9c$bg;(lPjtNxTxUm={U`UEzl
z{o5!lM$OD73~%}Dzfth<ds!#@FpEonjF1&4-+K7+b#S(tv+fi%<|i$Joj_7UdzHAb
zWF|aPc|81NUzF$n^w0#`C+g5DryJ41le`?_I5P)~>m_<$7e=ucQ#e&i4K6P?b08R}
zl)!Kw>{Y^L7JOZ$Fxo_vP3+h=iGq@}xUTl}-NH?PcfWtG?$x}eqbtLZ^3*X~ZS_x+
zYGd@1&MWsG!X=_m*p!kxvRN4FZxd2F>~j*-y^i;~>z__`y~u;_uGc%mje3j8IOT|-
zizeA3N?x7D!`^#`!;z1JKZrdlS;^O2V`!6#i$Dtqv-7L?&KOFfj+vX4@=Y>umU5{A
z>#t)y!a&h@Aw;HDd2TmG3HZuf=W-B*rV=Gr1bUcb;Sz(Y;~u(7V0j^8HktXb_k}68
zXPn6_#T0ze`ZOzlFqpHcrzCD&|8%pduH4ji8bs7v!V>U8Wa9Y;K0Q|!p)oy^#;q{%
zz8=yYF0}H_p$XttJbLM;vDZ<{su#YOlo=hB!aEnG+pX|otIe&?b`KbYSd^7QxCN-e
zTLDibLF{8RLyQa&ppOn<gL>6hG=>R8%8wm3I8Ww2Ab#|3OIWa<W*%Bef)HC$zVvWw
zX0CO6=x%dEbg<dNbx@r}dRO=uiN`F)-s>{8%=p23W75wRBU`ryA`cj9P0)y(eaQz_
zDrY5I(%*NbTUW!;9V3kN^f}Et)WBlokE<5g27UyB-4L+@amXpS>MP;GOUe@;8S!Hk
zM~vhzv0i>s?ukor?~0PsGYN3ei;ozMdHti9HHsRT#Si-sk}L6Vq9qugl-+o>jA6@p
znt~1zbuPBk>*rq8)6!j+5%nI1`%(F0xR3WQvbDK2BO+aOU+;kjA+<w1rxq?BFuRGo
z0|;zBdX!JS(9oB3UBa33l0ja)&Hge33F;@(tok_yF}i0LX?KSocVfSJ5`kPu&BnU%
zbPQ5rh_w2YuWw|Vc9-L!X7o2Q{-i3t9vLQxQSU-9H^YBjMQ{Ku&TxF3${V$`$?S+N
zsCsr2WY5bkhPlS)y~%SaVkQ0~agDM7tp$k$;~3|1M!BMi$h90y`xvahiSveRBx&L-
z92HGOHqncmiCMc@*}VD-11S;Nm|gDmUSU}lWY1rxTV;EFfEWTxbEw-D*jYKtWR9jU
zK=StI56NnJUvAp&L>QNQA49S?-&xWSEP%XMF<0!a#KR^(tEK=fpG&fS5$}#W{&3fi
zab}o$5gpWQrF1mG6~w(5_&Wf$yH7F4?|k!P!5=|D02oY~u<YqsYd8#t%p``Z!`>>d
z<I4`laHL()u{>&j$U=$bnBIyF4)}L!V&^vK>Z(rVKpg5@BWNF+T3$%mMzo*6XGtn7
zQ=1*2Hi9HnULp_?vdtuQi#o&W{+3J~YpbHNZ7VS|dhGvD`9QEmphdT@Q*>&_fP(t>
zJ+gKN=rWmm+U&}b)+eNC*(~A@8bm!TNIH)U)#FK!e8(L!xSvR-UgepG_*?$d6)TJ-
zEjQi<Q-rR}3aD7txiEjZpkp|IU+qFMn9N1b)^+(}N?cuI27zaW8a?uJ0>xLuNIRm{
zWJeGpO5u`OLvM&px~K$b{iQbaaG^MrO=Myi@9iG77>>IFBMz1KbY}WH;^4V5@J^5|
zCf&x%`baE;w?2?h25<7K;z@Rxv1({EK3(qjS|+a9)LE;OQ}6yzGT*bA?{E5<S|a{C
z8M!PJSK^t_jen%RY2bvkWHasve<kW~<c@$?*o{-IB9XAsAI8W01cXxKo64^Yu@{Bh
zY4*n8ydxj{hk5Zb^;r)zGjd0u@UBUv=trh(Dy`f3nhW&T0qB^bX>8p2tUfySeLL)t
z-i|Yi<iicw-}iji{5?)qUSd$cZJuHwKFsEbRR+GVuDcArWT~?WCG@WI<Tp76_fY=s
zFQE69oa}5D`O%TuU3qFZ|K@Q(%No<smun`R+k`yUuRTgdl=+4lBt)stmWKWxtO6)t
zfV(|A^rbdfweB8~7_x>=?UU50o<+b>YoDk5v{%x`=P5D3J8T=A@MhS!IwqG<m$BpX
z{Nl>ZcBOPi$!=zRj*jcH5L!I!Mb5&)UemqB5;F9Ql|ifRZoP_*mGf!jA#6=iQnAw|
zeyhe`043rV%Nu_as`f6!giIEZgov2Z8hR1p!n`Fz@djGcNgI(L+`VB)`rcVgW($P>
z#iZ{cOM_HSmd26^@vzXztYR2p!awby#eOL3!TZJ>p*>P|bd1)pHZk-l5yw-ETNFZc
z-EO+K>$`5vWxS;oo|$qU59IX7%~;>X=lVax@g(~CO-Lu#RntJNOY_CxXAXQlX<O7s
z*$WtY!;7_C4Kakcv!~4s(vP-l8QS#{CD+`XC$pQ%_}89_CRV!Izf_XWG?e|FS85%k
zHI$v{+ldQ0I4IPkZ<?o=S~4@vx?LV%H=lkR5S|P~QE_g6*43<!-B=937o|3WP-4xt
z{(}4lrBb3+GRbWp+@f%~(>zM){}e~ZL~JO7Ryedu_d=6+B0$2Pw729d6Avv35eE0a
z+!(_%pVU(;j&VdJP+EIvIycvf?-)oXBk2-+>LauBgz$YI)h5IJV{fX+%Vi!{omIuI
zV5+QLp1nzGkp~z|*5bWDA8yIe-%tWPK(58IzfACa*V-C<;ZxVBcp_Gqw^ocVchW?c
zMgfnKA6;Hvp1J&|PUNnZ?{s<zR~||eR&xNOe|QXe&kl{TYEn6bH&KAZRw9sZb)`+E
zAfALBt%IDIrB>ry8v#bFB#QI;;W`?!x&<g+pM_>~v3Ab8_RhP{2Sqc1DOoz+pKn#t
z?$U2|)Q^;odc1CFz1=zCr~9>YRIR^>1$4YN>PNCkrcDogjH2qAdpV?bBKW`h|7!Ch
z2bW0|wdW3AQ|*z{h}G>}Fd;?%WMI2<zpU4?(Us*Z^TINP`ot$qNNNS?sU?|6e5E5i
zxC5{~WC`?t@I>suI1PxRsP(r{NeJbjdbvHDmyhTZZ|jV$sj2nM?L*O!--9kMtktFg
zS1-PA{4j--44QVUiCc)>tjYH3$h=ZfJ6#37$h2p02>bcc#Q+HjtTbn{(j!3UOwafq
zkn);)=lFJgH->1F<6B_&1Uwa$m-Zo!n}o&^16@S?Q(jsF_AaYaK=41oMtF4?j#cx^
zBLo|{7~5S_3l~o!_NqXtT&As&zVob@qPlNg=VN^T);?gAmqsYhRr2ZY+H5U!vn20g
z?>yW;Vgi|K2PlS2h85tz=(A5Ef+;3?ruo)Tw9~2`(D#p*YtQuo*I4x%NyL|6)A+`S
zFU{}ZAYIMDq6Ecv7MJ0gZEovFK~a2ud{<gM-f@K#6f;4hJKki>b`%r@3guA-b<C!p
zOZ?c(Fyo{3hg?dH$qsM@owveD*Y?peb~fOUy18MsVZKGP?<fOD*VlaRcp=rDn39my
z?#xK;_K@G2SnaOpRk=5&VW*i<?<j2MPDcJIk2j~1u^Ny^%)}J<c}0kp6-&5FRhH?(
z2wyJ2)Ycy*@}DPwVEagV@c#US@C5btsL!lndX_oTY$yZ%Es1*9<2GApd#r5<lr!5Z
zMxc1|W(BxHBEfV|Tu;*MMO~~gPhv*Hjs#lOI!h|F9VLJ0Jla3Dj;sp?C5?D1^^2wG
zE}Jl7Zwe1oq(b6k^+-)*_}rd3POC_|6+_0r)8{8$K3#sI(hWc+m$}H$wZjSyApW<D
zR^G2A#;U(bBV=n0jSZ`*9dvz}va&ZEeE;rC7l>WGtD_#4slzrukhb9LJ@IVkWdEwS
z#C!A;kzw(%OuOwAl+8(=CSbA^SC8l*CnI#f^n&tMX>t$K&UDnpvw^{m{>gv+AE;)J
z!*wl^tlc3GDADg@@)IR$80R~eMw$nA_D8(3-&`8e+}(P^G%Mk*4-ZoKRsGw{;#n$u
z!aWFMI$V&yydj7y$%`S$Li?tkSdnhvf(B^#ryn|<4|MX({KFC9s|i`kZggtD)(!tv
zqI@uiDe;U4G{nH+3?+r;GW;fb(X9}J(Yf?MklxG1a?zb|w2dkKyh3%}$Buy5DK{ff
zw!5Nz!68UFVs$h+(`Wt1PaG7p0Q~3j2wE7*L+JqJId~5SQStePiv7-O!jAeWp!r+C
zm3TB-(N+#TDdaARZ8#`eH5>tZ)7rwQF`$0&;dx<zWDAW16Ft&#18PRn!|*<<OF-@4
zsYl|7K6@8FIy><d5#oY=g*Y7O6s}6m;Q=}Gqrq`h(aR@MLgbo8S8aT7bXt&c-O>?<
z<P$40YSYeGZu=12U+lYR5G_%rEZcovmfol59V18D)OO6v)MTf5PxVF7{ejUhy2CR`
zkTM)-Dqg<+^wfk-!9SwU2+K~ETJd8pPzvDxcQOilh&RO~&A3Ala-6HD_5Wm9X!QBH
z3ts($B^aDaT%7Wb<w@#+VQty{D%H4=5++ehmUaDj#FtCzX=l|gvR2{wB5}O>;IDW%
zO{VYKTbOK@b&~8jERU+y3Mtk|F&pzZw!Ft&>XymJ_KRyc5AjA_j#C$~am_<Xs1FGE
zgi_qLNNBOYC`W%2Slr%t7lJV<iq=!QT#^e5e`CfF%f0)bA?gd#+OKsxPKin+jIqCW
zf<F1YB-8e&@Chgm$y!$9$<MerDrOY1+Y)-#BH_4R6P2;FaYhahJ-*`0|K~$_a-QT?
zf0IBcJusQJ76D}~TR1<LvQU%7;~t9odBEIaIcM!iy+P{mLS<Nvxvz1G2xIw1?PW2A
zl@G3xnGd_x8(b}W{xe5mWEB>Cic&hR*38yqG@Lj@2(LDw?b=~sH&yrFZ6zduBjFzR
zP8YkfI|nu;vQ`3x0<V3o+mCKddn^1-@uSq{vKXGp@W&_qZc_8eFnhs5onW!!`L${=
zgb_>aH9d&$I`{eQiFcZKm*!w!m)6)2dn!A*iiUFZ&m5w*B3W9M*LO{<gI|ZZbBXc6
z|1V4gzcP54Tdnyk>^+a8wKTW9XoP{yEZ#YwN>dQ3dA|$vy>5;3!ty#LS+|DlH-Hbi
z$QmDZnL_FUZ>Axw6^#TdywVSI#}#nz?qnNCGGAV}Nxx+%iUTS(i%qG~kpHL=jv_Qx
zTN^U^50b6|UgA`e2Mg4XCi}$|a#H2_CWCRc?cC!mJC%p~{47kJQ%8&XLP*dmNV+ZJ
z&?zpH0azCMXwK$~;h}c#{~x1P64G~4O}kE|6{$vlW8C5IvAv-K<6b}J7QS!q^rh(z
z8wDA;@FpeMCKkr_TK3+cKQ?H{G~zs+UIF#2x35d+rQVk;M=mrJ0^1|UdsTFas<vb$
zy5|pH_UNTsqj-If1^p<aaH3&H$5m+KGK*{gH<d2wFwcxAzBR0!5Bs^PRvr}SexDoo
zVr73o5Pg<~$d`BUg8OLc;F*uKOPKY+cjOM(J*Y%@Z~X^B-f2MUCe~Eh8dH;pS~yEb
z{?Zdf>f^(=-u1l?ZWJLMl9RrWronc!dcRBQ482-l_~omSR9%VRE?a!1*OxYfJd$;-
z=<t;}Q4i^t36`FFBAtfp7(({^SJEqCPl#9i?Hq{y-s~=Okoccz`hW_rsVrTeP@bkN
zrvPK}*LS^&)zflP#9%!N9Y4Mf<kw4n#wC9pnBx&gf#9^tq*J0FMkdT$IBIrbp;x83
zGt6A3nCkjcGF?G4o?2Zo-rQ{g4I#1J{Af(xOJrBTn`AOgQ{aaUgt%1uq5`vd!mBJ?
zZ?81nud@#L>4-jvQ!J(rwN%E(5|v1ImZ<b8XutW`!2{W|fwT&dPM3r}Yu>Ac+$1%2
zJd;@{jxbn#?-vr@d87qNc4EeMM7R16SIdRJZ*14XQ?*novCZ(!j*jl5p8ThN0-AX_
zX_{=f=7+$pNn=w6|JBle@v|TMaH>y>_tISP$6RJ_zmO@wl)=axv*WtF<prqd<3~=1
zWX)8D72AZfQ182MRj7D036vi{_L}ke-}UBNP|40xP8$r-hl&@~X$zRdfuAz}cPk-X
zr4QxKi48<rmmokje;gNZg(y{$;;X$=`~)i$!5I&b>hq*Dd;RZdD}(#=XP*|^r8&Jh
z4E!-Jnlx&b&iehQ`^98IL1-<~bHw|K=chW$PS{ihIPHqh_#W3m?Wta;FJxNLN**d?
zsoswIJs({7B-c(-eS3>OfQsn}wN4qzrGi+NVHXf=6o+qpY4lw}R{N}Oq4Hvr<!x=;
z70~s2mIr2akSD%WNY>f&Zl|Jf)9dBF5<&mc5*xVX_0rphZd1{jR;`lR*IgVTCOxeA
zDvuYVtx+5)o(qRuO+P0@3TjCU<1m(cF0tK)(QNjyuWMwRSGvWQu&$00#I(6FH1nSg
z&mX2u;^Q_-KIu!$H+h__`KHS!R7T<bgC&{`fabsr$BJP}9^!A}W&if25r=BJ&rg-P
zIL`ePTB)*8xg+~iOU>cstyb%NJjlewJ;`R#QG@*P8&LCzx;ROjMkV~Kbvw=zJ=SRt
z!N#eX2G(wXi4J(?zy0`;xbh>=DA%ap$%F2snu8IORbR{@)vw~!nM}$Af?%+mmCNxs
z^dU&{--g)ZRE+ldF$s_**Gkv)He?C0RoiPe`9Aipa%eE;{XFTk>%Gvd)jHdRCfBX<
zWp>66Fu}|E*&dvV`=1?79L7y)aiyl=OhmMBe0?V$KNj#V3!UzyJE4N^uw{+}>8%xb
z{qb_nKW1ItTDJ!lKb~a$oSd+_os)-cuX3fO<)_b%G*7mNeri~|zf($onJgH5PX{}|
zxfg-<H5`*@wo1Oi$QBtozp<%~+ub{M+ALr3#_cuXBcCi9p`%6C$i<J6;^7j50JGgz
zd+$YU4;I$|4lk~}5_J|@Y5Pm4@DF@8>`Te0B&@>4bF>j;#`hiSAJVE2;utL*D{Oxl
z^I#<>O0X(*!Lp9GxQr6h&;A&78CR-j5?{$p#3Z`Rs{5`(mh4>GTs$-Z?gWbWmX0cD
z%@F$G;v86EE$)3l3f;Rgt%QKu?sDGxog_TA=KRj_{lhDBaR#N-p*3ikO?T=lxNdnw
zguNB#%J7tT9{VcK#tf#{n3)?2YL2h>a;p<7bDD#}r{OmIb%Rlm+qy)O%<p`(iZ8%G
z&#4IYO@igC1mUJSQs8_9fGTAO6*XFU=CYu_<(B#ryJ+=oKO|oeDu*XX*khl8$^g_3
zM#Vs-p8NRT@O|;8u?WT29H}xvx(gAGWMU&ctG}i}y2)#X4m49&_J-Z(I%;40*n2Bo
zpMONoJdlOFd@jNxN-+ZYdA~q^ca9gm`f{y(w&7G=;rj(+)X}gP*;uYR!`0I72}z;M
z=K{Eshm1GURyo7sD~=Q~2tAZjYDH5_N!(=Yq;cVwL~!3WRu4aJ$3J4(R%Sr_Bd@e<
ze-t5>^Q~X=kut+o&0-rN0lMCdm3~;(bIM9)x>{z3&Zv>;8FV|Ie<QK%pa4IgfsT&0
z4;{ZW8-2c+{?S<#2W!&nvLSA)AyQkEgq&h7>Hhfm8+Q(62Idb<6_d~Rv$t)mIi}^<
zHW!<oi>vV;&XcNJ+ktH`Abc!U3AV`$HRpk6zT4w#6v$0piqJbQi_r5nu&(N0YA~ip
zBk55#RqXGC@C3V5N#jLMzg-4H7~r|y(&_XNUrMJ8KmSkR%7MzIU;B-h^OoWoB~IFA
zbd{mJqAlD=d>40ebW>R|BAi1l-mgp#qV5}NV;fFP%RRhT^QQJ<VzVcUtF;b44^Zer
zm;l9zOC@St@sn7Qv%w&$^C;8G!>=2U-Da1GJPHqEUP*c5v%7p-MEnkI^hqvOu9if+
zqJ5QCzmCU-nbUxvqn6`AHY_3a0x$Dx0P6^6$O)RcE9mr?5gSXC4iNpy_1Vu43T2A4
zoz+a9PS#}0uT=cTrTgWdZQEg|Z!A%^)}=@2TCty0(aE&DI_<vwh|gf2CpsFt^oroE
zb_8>T1+l_hpA78_$I#^LQON^&n&DROx=7PS(HdoYJ*g|xG|$H}zANx_LtBg1c)N&C
zF7Nu4#wIywep?Rg1v#y(T?AulDE<|QH7t$syb737Cwq|M(Ja1FFUvk3C^K*D^&N^W
zZx`|K>q|*u$=Wdb*0r9HxKy8BW1vK9=wj;gG*40Z>BsYh;tfZ{JGu+_)#Iuopyu%g
zv_-o;s0eg#k480Gsno8emNad1`j#PmM^rQ#=q0ZzM15jd1y~4{<C@hh|2Vy{c=_`n
z_GDCqvCNeo+%W`vb3^9pjEtV8Fq>-$Ctxrj$ncRdCE)0%mQSzvplrW&0Fmn*x{%-D
zTV(6UHN}@Glt8^k{EX_4VI?af)4QvV85giaQ(aO$@8$K|&K7JrslA$7o13pD?jQ?S
zxPdq;5LTV(zWU8|S~jJtQ}k^JTu;bv+}ckt&+$$5iu~|=y{Txfx|zj)2Bm9XP#~q%
z3^ukH(<OW^R(&{@soUPlDOj$#C(aH?F-m{|p?MuBovF`4>YjdhI?0??Qyl+IW-&oG
z)qL7@!)#+wbi9oFpsqN52HI#7>UT%q4TXqj-HsHfI*H$$j3sU6lZl=`YMIH`$dvx1
zq-V1qr2rq_1%;=NEYLd)D-9=~gHFzRh2LGgTLi6kg9<l}#*<Hg(I?L^7sf$+!PAA?
zj!xr=-@L&kKW~!+lOYDo9iiEc_$I2Ilc|)y_dFBJZlh3Y?mb8R)zSDkm`-8oxoa#A
z*{j&rx~LYwjL93qS8bsk?|ryM|K}0t3jHSfZ}MyhrVhUu>_2r>?VN{Sz2~^tUzrrq
z5xGIfOYU6wF{<ChlXiV3L63KyrG3;}cD*RfbpauPyUn|wt#`Yl<=e|{d!4v~9O=vX
z-SBvy-(M};)nx8xb&PE9EO#xh?!vx!vc9vn<VXElx+xi4<Lu!a^e{_lHkSp`Bw8^x
zC9E>1MYHZVA5B2GN5;<2HuvaQ6*4+&j_(0Km%W{+bD0Y8&@Kdsqy90$Iv1|D+v!yT
z+}5|?mY?%*v$^Y++C6h*VQMvtEh2U8lSbTGt}gc+AuAil@z<Sg1)lT6nv1LA(=KK(
z$id0ayPvK&K)1{7Hf@w|o)6muEnHjRUQ(gwJBF?o71h;mSg`l*$<4yLE4}->cf)lb
zj@^y9(n5u`EnWSA!2KlVEw5JgM@720Cx-J+yVw}4AzuX*;FvJy9{<a>@!hCFE^F|>
zG1z9hTcUp?HIxl;=Of!3Pfd-tORy-bu~KXjkVP9Q+#9WRB#2VU2goLZ-+rqy5<FqW
z^(8@HFly9XgMF<rH!GCzkbmY)$$knlRw2*#`{VI4*4};_<C91--N<wOQGif7Zie9&
zc!qDo)i=3qytX-olgi4Grbcan8H}@_{7gJhv(ZJD-b0<T`vtUB_VC0xhJ$AM&!2(U
zZcd_WPF78c12E=D6`0Rm59jyBa?F=4r#p{{h0?2}rd=3tmGc2_6TtyRe%<Eyy@F5(
zyJG0DM1bCuu^{{4c_H1P7C$a)3sG><U&G8)3}FVUYM2)YLP=B75QgcBFihA;>bPRC
zJ!N1xyMaWLuE=VY-^`#1<|9bfEP~Rly*le!6`p&$ZYJYYA86(!cr@_QQJ+8}X{?x5
z?$G#`pH2f*C9L$R2oP${9VjX!?L8@FjOJn&pl4v;r5M*FA1}Ebl_!z(b`$B1eeu^g
z3kWr3p$UX(=EJV0iNB09jr-uPoHL?G$7yc8L=T)cuYf{95w+RNcnw;#>ORX#(;e8j
z*&o@I+dPjG)??jMy;^|69SaX3Q8wVXoM{Y|XF6<G_jV`4;lQcQbpq8r_8{ot)VbNB
zR`AHChA9JiRu)B8lXDZBrMZxZkf`f6YkIJd5?-_th_YGEpD&v!McS^&vW(7-rcq!N
zO{oB(0fd-}PWgb*L@-@b6n$v5|AFVWJ-*xMmrNCT<MTz4P}=(nOBc*EX}hnF{<vtu
z(D*G`C{b=&s`Mi1Izq%lZ;z*3U90^km*LY4%^`~m$zHu7UihKGqx=;XckAc<wI@xz
z^lZDUky$>OIVE!UhBHD{kevRy<qC~0&FTYmspa##pI&>#kx{ozeq@{A4N08y>&Z%P
zH!j2h4CYKOC}+RNni-lYaU>EF{l>JMKr!>jd73G{dwBdT!>Ct1l%1w^+I|oF&kS4l
zd%$CSCatC(x0&wMjTa-Q*F(+4-%$6boEnYw_H>1JA7^DpJaw^hJ@<w28dQ-r=%@uW
zT6zcF+vPs5$)u#97}0JLOr~sJEiAZ=^%5vga=&8|Ew}$%LB>uF7VKk@stG@EcEy<E
z|LWcCuPZb{{1Ar3Uef%&;=o*gk@*I`KglP$$jf)7KY+)VxZt)CtORNXzb|T9=<7iB
zU3GF4A0}@sUUm9?1`w250_cXVI&I5m*w`Ph_OSJkUZ2aXc5@!d&*v>t&p=-Irc1ay
zJmW_OZU517E-8S0lM^o%AM1t#xNxVsM-au?@!%e^5lnfC`EesM+1V$3Iyra*c5vaP
zVL!0QXls*w&9oeUTi-nl<>eFAu=hUkzcutm5Nj;TJIcJh`2vEUNIr7ujhcolfj0Kn
z$CLXlG+<7n1CcIKTiD%Y!EDLM3l^QhcppK5)pDb<0p)lujofy1#Lc!BCAR%lX}7Y6
z%*#7VdSU*a+s%HSOt|~`fQDo+>cv<t<^HY2-V5^<(SzZP-sZk=Zo+~>)j4w2oQHOH
zcz?Ex+lO#o&P?3ZHVtW!bRpgI9?I)+Khk17lXmpEbew(h$nNCIt!1wX;L<ohX{=MV
zV@oESA#$-SS2)<aS>L`_&JGK{8?QSxf^0=A)ko?osb|f0kApVu&a*T3FJUKSil@am
zbl%fh*9UKkM>2$5F3S~f`=b+D@5(0hy$wpI?RS)DB=E`QpYfQlrRv7HDcec6WKyyV
z!QGtVGP1)aJf9cd{Sp7zuHp`Rrovw9w`pi9Jl#`t=Zvo;ezKf%wywu}p;d^-<>f$o
zwsxL%b@%SoF&XdaJbI-Wcg~(S7*<7N<~-`Xk0(mBYDNMx%eJMiQQv@6`~Pe^4`v@>
z2aP-zPRCeSg(lzcy}C2mt!49`5vISbmou^jM*`!s)dyN`kK&$_6NGA>2k+fa!f)r+
zTgHlWfycBa?d>dc)07&!uH>-zt=*AV;Q+u>$J4RBB~RrhxmGI@R6RmI84r0fN1+E8
z52WD#Ta5I1v;9|~DR0t6l2^7U*1<*Ng}+y}CuDuo*|C2)8t3$S9@=CH$345AA025g
z^0#YXjR5vP62;rTKe-tTzJ>=J4kF$QgkE7O{;Y4d_ntj%#6!yvmON;|0Gaf9Id^}V
z+|%r4<3(H>)}+GNcn@Tc&oI=Q8l+@N<WA4b_O+}j(tul;enU0tTb*ETLjn)@`1V%e
zEE|~XRvofLNBQR<+B73`oH|RinBH`msoB<ek;|6lu6^`#*3>2OF@n_p?DDG8^7|kK
z>1`L)`LiZ{H?MY4k+xUK5EH>>@h{gEdk*K-uwY@KS>t=d6rsH?rcBpQqW4$h-Q(dG
z4xg`uSc{=|bBmBj9r$y0wkbnO?$0&ljaCzPH>xKy_qNTcnzzY=JC7E=`vxyi+IRtM
zJ)OCQ(=x^AH%(#f=X`C=^iPKdL^S64kw7*qZ8qW-@Sg5?XYQ=1P2g~;$^-6!GZ`UA
zXM&L>x-56~-$SR25O;i!ARDfIQjp7+k=xPmy`83wssbAa*^5yxq%v%5#g#WTy+vI`
zYNN)A_Hk~eyb>1${Og&TEr`YQo7j{qRwZ?taOM<xDRg+9&7VBOgAtwPr=zp^BA*?&
z@_Qm*`MX|lutk{i4Y}7ctq#&1FPqLcUUXN)*N}+`h?36KwYW`;lp)_3av;Ii@nEpf
zLI(I-KbQkN6a1(Mc&6s0V1FBDzOhr2-Dxg*QucfBANMk)hq*@FGDZz`J_5_#?#G{~
zv<o`w?Obdzc+8C~)%@Ks(+3PNGt+pFUnZS;fv}P^B-2IH3$iD>A1Nu`DoUq51&bym
zn}4~DC1$U@Ksik{*mzsQ#98Fn-2TI4?rLZ2-1W99*5e}0hBDF%-adX6E74p#z1rEf
za%kXvtSqkIepb{dK>Nu~@@EUn?_nt-C$<0K4+V=Aafjn5&8my9tmboiys;!OrDe96
zTCA?8tzYaVAOG<=I51<>VXL+S1)N)O!qPlkS$qVIyjgcEOYeZ)wV9l+9LhdbH}rT$
zS=5yOo-=cYk~fL;d`J*_BdRZ)!CnkssPF)JS*aO<@Ar38H@ekb7TrdUx~B=dgTou|
zyR9J?P<@w)tJcNK>HR|UGR0HUj4kd1+1~?T)XbCs*k6Wu9^PRqC}MdZP08aTI^60S
zF}_s+J;2rcE~;u|_w}!Pv_7D_9<q9NpkRFumWLvy3PJcro_R=>sF#|ncJ6|WjHNfN
zcm3TMv)O^IcZmqFv9`YM{<3~p2{s8o7;$fEcByH*-&Nzy<9U`4G-ejg7x<#ro-H=h
z@LmqGT>6X@yzbil=-z^a9_oU*455UmQUvs00!4wd!V45l<xRWY;V#$JgU{v{+vl7r
znp={9gNF@=ZSF$TyHE5k^qYw?8wChI+0i3*;`gv5kJt%RbcHI&L3#(Im!Ww-*!wh1
z)$I^h^D_cRu#hef)$CZ3r}|^urjHm1Kbf9<MzrB9reb9vbmiq@1*z%c-NFIPcJpH4
z2h#9mbE|g~EaGO_Z<z*%ZQLJ`|MTV#5n&n1=&jdh<3pQN<rkf>Txc=!?EHDwru!nN
zIg{fv8vu&8*^G5Q)2dGO!Hb18i!vJSs8Iy%R<gZobiR2#2GYqq;|A=SEhhdR?50MB
zjBj0no$9qOeO+Z;Q%QP3fyvKrXShL!GXa`U_E797k<4!Y1_HR^)W{8uX8Tp{(CMAk
zl+wX%YJFnz@Q&>r{A@XY`<2TP&|B2TRmeH|!SihWd1nAP854SQ*t)pMoqY*Qu6*7c
z+Oyc+AUc;QQG!@b^oelbNux8|*|q)1R<zc>4Pe`|Fki2ZjCZcqX)VZuJ^tEL=J4j&
z*cJtw4-ITds$0f87anZWPbgS9Gg5*75zYy#MN6S7gZ7Q-WTL+U;Cxz4{5{w``#F?{
z6y49ML3adxl>W-R98WQJny$1Akj6TcCXQ(K_&S0Qz<K!RhQr?_gOa9ChXe3VNabH?
zdbKnUx!WagvOGI4RO^6HXk^(YWm2NL)wFsjUxJ_W03A}UipoV+ZXS1<xG${Ajq~4$
z>P+D#KxXIKR|-dxEw2~4cLx!@;&;p34WnjCPf_n}=9qT&KeOjOqEG;vXK2ku+g!`V
zdQpM3#e{H=S2Rh}@c3Yw3tnxvg~B(>=U3a#I_7KVju(M!gs~0sq;;Qt<41<Jx{BkA
zt3!_o*N0BZtUe<0HyfR^Z$pVFS0C?xePz?)W~+`mdl03U1an#B48_HWf9aPyI-SM`
zNdLRgR8T)XVxj537Mi-LuuF4i*A`u<B*rb(Cn_wY(}kN&xfe%e^q`>~2apnO1{syP
z)DyWhoz_)2-TmBv9xS5WN-bdCDq}nUvF1JxdYgUVeF<#OS8dNeU!Thlmp<KfmE)Xz
zX?Hm(kYBi8C-3>iq1l_iIAyeTYl_>#EKBXAWs&E+V0-s=P_<qFQX#g(|ASxmeZGE*
z_l(=kRm*zhLi0`blJ@PaS1BH!D6nb4yXwNsb)jbVj`s5V!upJppo6n}-#wnZ`80dk
zr!qx@0ldWOxn_ctTi;qu90raTDg@IcO1*-6u5BclWB$qcG8;S~0B1A(t6*tp%D@sT
z{r`-xU-P9SLCP$9Tt|i|R`w*~!XjEcO!1}l-6zkR0)S|<+eO8FGu&-mdrEkRPz`2j
zy}QdjyXP(>3iWE4r%lTkyh38UqUOtva*ZAlry<n)HWR9;v*)xj@MB_5J%U7Jq<eF(
z1kD(2`fv@<Fp&xu+frd@7Wl~|sw|H++l-uf>zgR^MQR|ADwbd{D*DY*Fvf@gmtKwb
zWfp(!Jxh3W_}Ug|Dn^+h5F10_PlA(+3E&IfBf)e6Q<|8nxQ!#nI;o`acdc&^+Ppa(
z6dyjv%DKnC+Zgk|62EwA1aB^_zZojTwk4r-GT+{;^d2c@*^gRS;~0{1)wj8p$Z^r{
zp-rso^_*yJ*Vj9`x%pvYUDRpwTs@>p8|-JAeZ^ccTdt^O3NTM?Wid}(&NB&$Pnwk<
zt8!Hnwk&lUr3r1Nw^Cs@SB$MyE2;j<C#a|;_P+?8H=CJfavo0iax<E1e9u<PJ(d?f
zg#Wr4GAa8;e}w!{yBYj#Zfv+!S7rUYrC`8acmiziMyf7%ZFlk+DkS3VQNbG=nC&@|
zpN^KX8++2(+)?BF*4v}0_WsP<kS*m=<=4igogtGT?&R5Ku4GcMjw!$~b=a8A6JxR(
zPuFvFQQu9oYEVcN7mr>rb+2MtI11a0?XMI`0I7p}B>g(Sq{!wrE)czGmU#BfVB<mZ
zx7R`^LM4?PnN(mAL#TRL%Yg%!F6+p#E%@%re_deSa&j+l<L+v?dN^_Z6+1g@v}ty^
zMbdcF^E?@E0mGTk97f-i*=pYi9~<Te>!u%tfGu9Rh{M9kk-2}IHG=ncbj*SrGiRF}
zGD*SCrhw_x;WYtQ<r={tL8ztQ>6%1ACc8^&`$^Ot&8y&X8mox57*E9S|D=;sUuEc+
zorkXpAf(D|-onJ+Pam0zl8{Y#09N8~`X+a9HY?J7czwLRyj_Lvx9T7Dh+ikG`m@MB
zd}6}Hk=rwSwQ8ihL2vaiBv9nbO~k<^#O!kx5Pff=4GO<>(vv%P(AtEQZSr+i!wo2P
zftUSY>SS`wgETGuV-Tcy6|{Oado(y*|Kxc6)gJjOYF8UY=Qh_xUrK|6bKl+$t9ej$
z-fVMK9w|7^6d;#2Y%Jq{OD)@V3x>eXe}tz2mw0CFH(}K|p<Uvul+XT;y|<34a%=a7
z36%x`1q20YkQNb<Qk0SgC8fKhL1KX*AuS~h0@B^x-Q6wSxu`{a_X6E#Z(u)XzvDUM
z`Nlim^Uo#BdtP(S>o>1naxWF(DO&2^0WkreQYh?%M6L&jEW#{C9*Q~1TJtb7Z>8){
zk8SJ&^H|AU@w5sNXXgg8?36~!A1)FuaM?y=?t?P($ARlGRzl0My2&7ea8$OFz;FyM
zMh|9q`oQ$rm=aD>seVPCnWM$qwI4c$ZR1Z;Ohe&2d^1LZ$T7-e*)l=JM(b-ck4tCf
zJcq(X#A<^&-md2j@>mY&E(GUp78|&j>`6z5_jdEGpyR6Va-c5=k<9g^uydBGeK1op
z8uW<-*=K+b*LJp62`4AHDkjjx2H7TWwrR*@fI<}`&DxDSSZrlFSZdh@Q5W9l7Dueu
z8+j4MPmsv{kk(yW8wuv`T=&2ZuO;?C3u!j)xcfU-V-5{4Yq$4{SUHx^(#i?l$307C
z&}ZGRFoDzeHO^gTR$mxevM$K_u9tZ?j6UM@*m$3GS4Nv_HFJ&ko1z0`f>7^c)qI&e
zFMIQQoHV>x!w&+JQFWRQ!Y0MrecnK`mUiu3=eRyA=)J#wZF_)F7w}QR*yQ8`mww~@
z!`k+>R&#Kt<$MusZhb>t)WK$iSafK9bLbAd<9Og<?<>}=p@I9pyC2zldX0ay0&hW%
zdqG4QItiK9#}KUCk^a8Wcq4+P!Zm5iVZ^p4F>x=PyL^4^7Lm%g(#PH5ijj-$#<8rn
zGO?_+?h~k#Ho2j%jT}VghnF&fT<vEy*PIvP*X#<764}{DmvZlm?*4Wu8sE&Y$^m!1
z7|GqzM$5W$`T>;6U6{TtwZj|k<S|S-Waq)2X+B6t)X85qJXvlTgTaqxAIY`k+^H$Q
zb*r$EkUtuG(wJu)zv4Ke#907$)Iz&m+iIlDfO&+osz`smL}Rj5%1n=e5OO$cD*mH4
z17lfB2El^)eqZ~<-M)5Xan{<G;|3H-qoeh}7wVKP;;nP^-bl83T)G-^$i9NUl<xbv
z<hP;ff+&;1Pe@*l1L~Z2+6Fn>F`8UN<KC(GdCYj~5Ea~vM;MY%9Wc6+Qc$UnadHgV
zAvsAuem+DcU#aCbR-d~9f-r`EERZ&Wg!V35-X9x<QFf5hu`;+BgWXHOfWLZZA$By1
z;(EHRF?s5&fKY_Z0>nA?{(jKs$>)O%9k+gPKeZ}!+mR;<PDG{e(Vw)B@Gc#*(~BBq
z*6mztoM~;<jGQ`E90wUf684<wqs=CY@`&=qFfy&y6xO4NTu(4(15o$8m3<d?vJdUF
z8F~!x4`y!ePT~r`W3EMse%6-J0dDaP#O^OOEeFD`JMw}Jxg<qO<OV@*E`cvlfRIDt
z2J0jsm1<{;+SSBfReLq}I>3KiWUQ%a`SAPAt%1{);qb@(D*=&7^gI0`r%Od=kn!}A
zg2BREx5&t1tqBLVd!W5A>y50_uI0?hF>~xKMOMtr(TXunj$_4W+s%ft+*bnjKQlXg
zYIdL>_$*AV>iFh$gpP(l@-Rdpdts*^4X{d=Waih}h<Cy^KMo;Ouu(k3jGkVl`sH}s
zJGO8=nK(vH8Z*1tcN!ygqYmM}u3OiJkETwoQzl@eThsg)RThNYZ;c%1mFY~RO?0y$
z&^aaTX6QVOlwrBe7GtV1nBVnrG1FE@Lz%TZkoqunoJ24jWa}L<{D9t4?q?_?>Z*qf
zW$q+IbuqQ|Cn~@6$d@cS)w`<s9SP~PrRh%!JErr~cPsA9AH#m6X)ix)<{IpO(^3t*
zrVnhWl;m61LDYFxD{^Yiq3k&#R2S{~&|=dqygj`fl|wY+u931&bhJ?o_n6(8jnRIz
z4uc-)LVmhvfvu8*H3y+jVyl+?f`fik^jeAR*1^xjneoG%gWk279g)XQzLreFw#j<I
z%XSrlXU1k7j)l+5I6cZR&DhfJDXZ_qL2wcDa5Ie#P@F1j7WS3cJ*#dkRAof*s<@hI
zEYm&?_{s6aeIwDcN+?IlcFkslSE<(-fq^5cM`|&#nQO#R?nc8iq){wsOz9Pa=bks#
zX&)C#|IE*Ag8Yo!L72*I8Vg^;Fzubxv9-_U+}|>2u6*LK@qTCBkIvNB?1(rZdV!`e
zoU3wYq`}Fg$x(4!mhm>*<NWM-62GMmU#o;IIBxwiDm{aPhoYPTTAmM|-+1XC8?7DU
zPG%q^%PX6ntE=wvLA_mbG{Z1$Uz2<Rql#b!E%lW>xZNINXU_%EIw@JP4~!Z;b2u|E
zEv*ahsI1&`Ema&%hV++IrXARv(%m{iunLUg7Bk*hJZ{h*#khrnU}*uV)|qbV+Y3j+
zrEpWp_6#V;rSw+BZa9c)wxsO5-^Mi2NHHA09L8Ad2j2U<#Z&XBMlVuil)-e=h+@^k
z0#eRk@yr2c!k*bkiE}7$d^6|>0mCRP@gz}!;4qtjDPn^IBQ+`d!DM5r1<O(T=WzN;
z)uds~+5F+>rf=q|GCr{4WfFvrd|-xU&*cWb<$l-}!aL&8J;Stv&;9<RHxq?t?`jCe
z;$tj|Rm5M&k9^1;{lM)0BXx8Q)LeQ9ziA14r$)AZ;h2_LCnm(GLNAZi0(Wfw0FAV@
zWM!lbmo45@MaBx(%g$SPEhDrmxY=KQnE{`H^GP!9nt@e)bM;Q#t0Lc=SKpQt?xFJ!
zl%h0LAf_UwT0C9Ls9Vb@PB+M0%h->vp2w&v)t_$<UO$>Y94_b@Ujs}#r;@!QJ#MO^
z$_P(nKw?nKvxzzgzO*DxrA$XdkH4Mn9v<N_;}?QVB&WT7z37Ot)uJrh8$=jxwb@K)
zd7LUWe^||fpppkH!A!*kaTCEDVcakqNujLD&r>Gh(-hJ+(8`@-nNnH3NLS+ZYoE^s
zwg9>##F)waI6rv)>Bu;dPpNVA$GwUu+{iuqQK7~LAs<0YMz^+!0r>J8r0mXyNEgzO
z&+PRGBmP`gvQZAyK7}a@)|#+eif=Vj*n6|FIzF0lv`44tVtOCgh-xK8KY;vVqj!w&
zA3x4d)%r<(;%(eHv9J@H*Doy+_@Mk_Fu5n-2MoEo-Z3ik41LS;$dcFY&1f0RIC>{Z
z0r;Jblod0I9iu2bJco6o&lV5fwVU5*3olcBBFC>7{){;BE&A%Rk5f#5U-AQ%LfzH5
zgd*(?Yiqw~dX4~%#Px*W@&!#JYeyfaV(gj%=XcKi&%@0FH?+i#m8oqXTa69-gt5b{
z0WeJ-&+LpxM-hdeY)v}s9Q4tR+8?)vEF4W@h&gcQKiId6+YjU@SxqkPbtNoy0Kwgi
z5@XBKCrIJW8xZI0#eb8N$z4#%y*g~G2>d5rVVcC_w3A3Z%SOeB5d}q?SBGSdaKpc3
zb2Y`LI?W7x5z4-9_o|%I@$vqAvsfR-32Cy?q5HPPt}58In~YoH6s(K-5vtqkRQ?T{
zg7~%3g6g}huAH`z7EenPHSdasR<#+(@VdqZ@Hew0x~NURq_YeRZ`gE*f6_2!vcSH~
zsq0nDD)u}DMesBp<bC33BPHYauwnH}PDTlr2dr4~{h@wE-dH>?ceMj%39nQ8OzjQH
zd|dm1y-@~91}?(fNFw@Gkw;zc$UI<wpFhJi4(~McPJIY)ewlJg52pS3iSM`3%#|{F
z=v`H!7Y|Plx<B+7;tCzWW|A<UBnf_2EO+faEFXM|hoo?@fue9gW-uL)<-(0!u(+{l
zv&R>N8-H4(-}7oFzEu4iU`P{*aA<rrIA4EhoFOBt!SvZ1RnOv?4%Q*t8XPmD^^H@H
z*XwzcA2y6m4b)o}9?++_B?ix<Ke^{F+lJ1lpR+=Wvw5!I8f0qI0bhW<vKNhZZT2RD
z#)rA~!YB~SK1N5x&X8mmX1oaS`*Kr5;ld$>w|UDRR7%#VtrzWx>_vU4Uk&#av)l-g
z)*9!YtQb4h2^vtApSH8ocBrBkI{re_C=!<*lNVv%_oI5kFK07TOs-1m5#S9!`vtm)
zN#dLex5QR%tPB&#ryn5iE6qpmDeb3)f!?l#BoTA~PJ+Pe2kpaivjT+F1capiC8Q)E
zBw^Z%Vxrcy^8Js4s|@T#91eOV76v6EuPX2nx;~IOG1*FXJul;OfbC2KF0q_%8<(qD
z`GEP*^RyyM+sJH~|AlujOR38sXSWuS&Zy=x90TBbl}Ha!n$BIXZF{>iAn7So((=8i
z<NC31H>DN(q;H)JPxqAyxDAN7mr6eiW3Vm77W;lyGzV?NK{Y<L^a~k-oqyS;wm<F(
zNTqXPM2`XK)ucYU$WIF~^I?P%(NaWnOhKg=1>|WYX#>M~o@28vXEfvt^FHj8yc>c_
zZRNvU>XH$I)*PpO91m7&0~BFMjn1~#r)NaWo@FY-J@>f5Fwcc=)dx;S`N(yl{w0f{
zBNEKXo~K+{+8c($yqqMN%{`HWoGqHsvmW?gQFaBF;c|W@4iDxM=mFcdV6qxJ^sy0J
zR$Ff`h-<Nhd>N?iJ)~}06SLe8E69F<;g?iD<~B`O!liuyAm?jS98M`)9SZI4$s_RU
zI4uLRf1kepo`XfF`fy{m+RSG{5;m0IMz$+HHBalLOsx%UGfW6|Au+|Q7=xB4;P=}3
z`>+WZ*x{RpwSzvlir@l?Xl)Jmeu!t@9OP#N{(A>}X~E#pEB*2T=JY`_$dNiEye6u=
zvHw(QP0~nvFFh>>Lw#5~+lPNj?gp9DA4aESMv7ORd8Zm`beZLpPJq#I6K(j8KfY&a
z;kmG|PTjBof)u*Qf2pI_;{W>0p&Fcxa^XEluu2gHR!KtK6?a)3Ic-T>J$-b4vQP+>
zt;f(n+WOHgG2IpabX!Bbn>6+G7q{iE*j914G;OYLXudH&lWq8YuroTG5&}~(4%@d(
zQ|i-($q6F*+Eu^$F(;~o%lyKfaPsot!Xhc&V2%Ma5pX98))L=_$!tGvmNaIpO36TO
z%nrh1m3;c0jEEJ-cuvV6E4Dqbsz{u`E(x*SnTy&SRL)?geg3Y0!++;MWgpd*TaL_>
z$qMTrW#g#qCPy?7iT81u6>g9jVYbcE9gUVpm21xNCb*YT7-k-oG-lDK(l||!SpRWd
zd*8wf5$)s4>H(i<yTWPhS<I?zv*I>0-dws`z1g5d((F-;QD1HjO1n^UTlcz0a9F8`
zT55MsA{9F){I_E%IBZHmQ?}!^GQli3FB$w~|L_^M&ED^BR7$3uTheZnEMQ3t<!|ph
zjB#}oU^I)gfzUrhue`zrKH>!eE*IGo%&%Rq8L`6_jRtHyKdf~x78TyAn^=j;E1{)F
z9C34|c=$U(;rgIM5;A&waj3ob4E*ughQw!_^=R%MyV~P4sqFRlhnq5`6!&yuSP>}4
z4B1XQYs*DWBI()Z%ty0XE&a|wg<>5WN~>IIYiBFb)st44&o*Ms4$2E!j!kVI1)xW;
ziInxI7=ymSMTrAut?*TY8qPl+Q7h+;=L`u)ePbLhx!+doLjwh4Z7c?~8rsL6QuB$6
zdcd?l&gb;u8*sk#`8B$OiQT$R_Mk(Y2)41pwVNu1gA=v7f$t~QPS#ot3&mbnlJ=Vw
zayyStH+&F3_MPcH-8(Gvt~*$<w{_Uj*xFfZT`4Na;H<I!+*=@4nx-l-Jf0e*+!1aW
zu@8JDx2|a7%xU~6TUS9jC>6AII=!@XaC~6wkhPTT+la7{T@1okavh1(;F@=J&Vzts
zFh24?GeRq@BSe8k(hwxjDlX(9niYakwhp?Ih74}IXmvCDTJKcej<<uCde=JH?jKfW
zY4wVzT9|KII}c*3PRPCSc77BzZ){yzEo>Gr3i?sD(b+C-$4x)2&#f_p*7_k|eLsc=
zw}1@ku@(J~&J16tDr~6pkM^Sy=<MSPcXx7bZ+=p$ZmStiXtmavB3P~%;-ZvO=*#N1
zMDomuO5jE8!{0$}jhPi0t8Es~o-ewb^>}MXRI{Q}3tc8^ES+RcuZ(qWr&e)4z^3eM
zYj0_KV!{-n!g{h^;8#W~KUuLG-q;vUL_g7HYPZzBQE{kx2ni?3UkLx!iyijlXIryB
zUm2GeoLCYNCA<Z;$vCA5Oen;1*fs2L*V}HGuND+Gc@5GEug1&uz4nyKV}H;MrfUxP
z?Gb)pzG4-_>TteK?{E?{zPwU=!kOiee=_+{zZD3_1#@Gt^ddS8_rQD+>{S^2r5QR_
z<cAu}<g5<X2Omo}!d820cRWvGeJ#l$is}s7MD&nU^zimmp`F7mWh488)`Ie}<Bh?+
zlHLN61G>OO5(VS+CnhMagN?#dNI(i)a1-)MpKgdb{U*6o2AkE(9286MK@GRPLPoBG
zC?tOutERnXlMQ|e8yME6S6IxBznuz72~&VE1(}HjN(HOdW2;YqVvZZlSJN-pnhjbg
z?L0HswXfJMGq5?bvwu7vjj?aJ@uha<Bqn<_&Vm5=5{s`OSiKki5~1vZJ)Z_C-<}_(
z1XhrToD3<*m?FmX4Z7PCA*s&&&t0CPs`G0k>Sa>%qhM6wJM?+uCagf1y+wv}_ae*^
zbcrN6GrN1F5^R<u1r@`$u}-zY+Us`X`j54Y6@TR_<;uUf8W5i(4Y6RlGjsCY-uoEc
zx>nmb6z@M8y17I(=X}P!@p7h7!px&9gASPU`)=|&$NJtp!%i<M>6{3c4`r{ii*A1~
zbyl#5B3Prjt|3UOL}cPf3C)lB$S{MyzJ6a5`lU5SE@A}tLHTDRoIM1FtsKB-f&xQo
zGq&PhOy074mNW5%>?fSud6`IBf*EW~5o}^X+Hv0s@{xn#XX=UF?9N8?Ms0DGyB#6K
z)NO+6jWI+G!=O;i#yUsgU7=A~b1U~euT|vXScDIea(H5`+zp>MCTGSl5KmV!TxP2<
z+M0VxMBa|)Svw(FcgWY*>NTM{!dO2lqG?AGT30<tOL=G3&`bL~#oQ83=)6RcJVIT_
z@Zo<apM>UdOvK3Yc0#hEvM-1Hv+k<u*R=S7-ht0}hpb4Y&PZ;Lq6%kHH|xJRFR$gL
zSTiwW+4m>0zF|w>E+8}D9SX}b)zA|Ww0lUl1>5u#zE}SZ9L(4Ax?rFW4aRwKZ?({Q
z&iSr09g+fO0Y%#VP<bg+-)Cg|Ux?3FE^bA+fJbD!w2Zjq?g5=Do9azfp&DuDbR-)7
zgn_^@-&KI8?tJNWDxP2G*!NNUvi=D4*K;SckQWx%Bn;fiZm-%6^ADH0I7r_UQzKE{
z#i#X`P9iPUR6!65(5LWH`pCZ_2`jN;Cz-W#xU%$~?dw&m3lUMxFVs<g8GjMeRIZYo
zmNM<3f#8rw7K`d!Q(qWXDl3UJgGRXH5(~K&oyK_!hQ*?N1o58b73kdchnVvdz8Kz0
z7z{kH{|z1ZghT`8s(AEoU%#iiID;M8?=u_;U~c(6Y(=6$RKO}AF%Xdj`WFdx{2pI?
zZwzax*oe6M-uQ*FA`vwS7na5)gb&X7&#wbm=RAK-PhKJAt>bsPEY}79xm>_HzvKe_
z_;Mid_0lE(Bn1nnQ*Zf^{3Lz(J9$mW@V$dcgp?DJ<&;IPN>el797HOm|Hke|6mWA~
zlCJ@gepOw4Pb@({LN2fRcNfMbDGach)*#n>b52K8z?Swo-&zg2^}P@!Dd68<YBR|1
z0Y&4_%6`5zl>c1A{){Tqb*L@_%J`GC9>C_ecN76orMM1NDE}2yp`2Gyh4NoP^@{v|
z?99wq4qUL)MM(ff75h3=q5KzWCGdw@`9VRsWW4UaeSii63Ijm%UsmuppaSL<cpz{t
z+C|GvvbPTGhjn>Xc@bjB2MvG%0Hjm@t_Ss(j|7meL-ozIx=MT<s!;wbsFGiYYO=N-
zp!<Qh0c?I%Gb|RMAI_Jx3W_R}-{3N;=bTq`70Q1F)hqJ<u`|>YVF4#N@56+Za7pr9
zr>ao?E2;_w<*KT70`7%~8Vb#?BKvPay-?M2(Joq*f+A9b{BJHBfG&&6YN;PU0RZw7
zerHfn4-kJHs?_Ay=_;TTS3Llf|0=3bG_Ig};Q`(N*!=PU1ASmW$;(=Gjw+P@3aU`f
zD-Hn4e-+is@}D~ZDE}1)0JyKKZWW5(RksQS<%(P7Ja=wTXnyrx{ub0<stOhDLRBeP
zSTcMyE-S#_U)8<qpn~#WIchW19xmfg_UbzMU9Y>;3%8C6wZaPrAP*?j<Lfl#e5cDd
z<$tYFLwCAjRM0)HL^bG6S9IzMP|!O)-|4bbJs0$fqFgw&^Fv&;WuX^!Eu<Ho^866L
zZHjr2zvZ7_l;(9vQIlS0Q(o7>59Plif8f7}s(gR7smIqT$~ph#o05cbUV#eAf5oP*
z$bW8AQ2r}6b?>@Mh4Nof)N@e&#-^aq{K=-S1@)IrL7};@DGiYmml@LGvllG&e~G|>
zVZh%(H31ZmOIoV!4+mtW?*SrfyM(}=-z^})ga~l<o<BWr{^{cvvD9;6Y5n!Ez$75A
z^Z@;cS~`Dvku9N(hp7=E<^I(Gfk}?Zz$D4e-Sejx!GiCDNVc!@r3g^Z)l=06OiI?a
zIe&UyTZpI^CJgb{{6#A0BwZCfU{W7*IrQnTY{6YYYL!&=QVNjm`vma)L;TC3O3<el
z*-~#`I`y6(<0TUu;>Qn>2PT1mx&V0kD_u1C$5@3G|3j=OSip)z&6JlNYyX{`4ZZ|`
zwgWiu{3*4Zy)FqNi@wgY*j;A?=lqwAz+db-Be?JvTz~a}+t&q_bN(wv0Oh;{YaKt7
z|B4Y@l^>dZo$m}S%z$<N$kz|A^DO85SDYXel)uT>q0szypkCzb=c4_QuN#AYe7d~q
z-{<Quu0s{>I@f}H*|na#7AXG}RAH|}^&$zn3H6%4KCgx5>klt$6%<t{|CP)V%6ZAI
zfb<K>e;L)Q@<TJr^PMkemUpg;!RP!}f*=%>OUC*;Uxz~T=Y0KIP%l*VT(sZ$dKcJ_
z=klt5pRW^Nhbr=Qx=KxU9jZ|NE2z3$hw6pHzVly6Py#ex|9V-gpr}ImuSCIf&c8ZV
zptgkaUqSVX{Lswuod2=|kQBI1RiXS>q97EMOWqo&YA^D2C^Ub{*RKWjLRHU2`<+{m
z0tM@31Ni$SkoP)N&nx~bx_WKJ4&}d!>c7Y>{#3C;^L3KTT6K;pl>Z8<P|iz{^;fUp
zO2K|v{&NQa<-g(p{@pgnMZOM&=1;lBwV?h|)&I&ZC|JC&YXkgku=;l^_H+I#s9xI!
zxl*x16Lyblb@iXOL7@Csg4KVp4RTS1s6ox}*C(TY+XlHPEuo_Q5v)wEX#@Oyu=;l^
zb}0W9UA?vqa;0L|g$Ao@E2e+m207=y;sE}0ZIFwS>CL5JbuFkDs(LQk?_hOZ8{qGQ
z6*M8bl32aDR#&gB*rEJaf>r!=ZuLsVejcp;-8RU1ui(5B{HK=Pf3OX55v-ul{3%#n
z3+jccLZSJUR|$%EUsE&x{Z(DtT!7ZxSK{iw+gvzz>*t04AEh1G??2aEIB%6)PS&q&
zF8uR;&94mnQWx-ANU!v3BzxPyeplK6e}7T`Zp9AezhYCG|H7vJE2^H`)W6#XIqwx*
zwy7)fpSKpTO;!HgHpqodK|4HuvZ-r9y|5`LG#56-EZ3_teIT&MEiS_J7q1qd5CUR-
z3{W7k?Z1=zySokk=e>nn|Gc;G>Yw)({Qh}wVdx+C7Ic3?`z;}t>eW?JG~k1UJwKa-
zLFm(qPaL0E{Npx+-q=6x!)X0etOP|sgXd-ZU#ft=&)5H1#oobkGP9F7vlXwS6bAg|
z={$H&)xs9|)9MoI=TRd+6C6@{cT5P^F$x(9G4|WXm#3G^cD7Az&$i|dD@%jv+M~an
zOx7(y21{q!TZ0>CD$leW%1UXX9n5wP%psfRknQ-BV@p~>LSM1=)>pPljc4|T>-J`5
z2aU-b#}K154zB!0`*Pr$jagF%OMBPG$G0}a9U$swzGuKYZMwC&$=^?jxsQt-cDe<J
z69I1sNF1f%ZgPMOT6gXvZ8kdpgdA^$r}_~6oIzOMD)eo%1;d{vor2nqhYkF>`<r)-
z=DSXb?MFF^6LE)$zP46QayZx=EE%<r>qC0ht>$)TYUd)OjTjuZJGfcSijKh(oOupC
zL{@9}v)|Nk<oV(cqZi!=mru?T>?F$Tf12SYjP~j5Tq~{H-*W2)M|Pi#pX~te*5*E)
zTc1-to11B^v^?8_468YbA-ammR*4<78}-%3!DhYcM?W@%oE5GfYMpJ`oSB~9!UBKZ
z*4|0vhIn=%uNP?5_tvU!ZT6OP#;p^zKpF>wMQqpG8)r6sTN4xADEEoNOH19NE6VlP
z&pvQ3Z^v(Zh*oaMoI7i*v~sxJc{bx<58?jIoqtAouOiqXdF!L4@=5KE!|`b1UXqwq
z;l6{_*}nBH+EF6UMDFnd_`|n^$LqdYM;>j~yx%KoPQRlwAc2DqI)q40$Q^h5WgP?;
z%gDNwvDg>{!NGMMLSCo-b=HCjm1GwDA7U!`yfV1TD%dM3xT+l4t17r^9NB9sxau6)
z>ngY!9N8NxxSAZ<n<}_k9NAkcxY``q+bXy^9N9Y@|DXr#1C4Cvjci^2nD(8|{DWd)
zyK;5-v3JD$1L}7^=MS3A-U0la9TEyQ@fkPq+5MOFV$N?WI%eVnHu**C#J+QNxU+X;
z{|$9NAOC|Uvv&YL|AiI}0P<TjvUOjf{pTaU>2T3Z#PW>6n29LZ<mvje#G_{fRuNL5
z2=Ah#-o{H034met4n8978J}EWU9-mF#hHlW8G~Jujxm#`N6)m^p8->tts=a+Izo$V
zfNS_YC1MFWF#^{5r;nNI4G;FNdta$gtbQ;*l*CyV*M5;eJC@z?NnEbzb0lnXjxj$w
zyqYF)AM#fklw_GtDsqVRIWYd3#7|n`P)okLjE5v;VwGsZx+;FD{qVL=25Bt^2A+XT
zjg@{m)!AO|Qw%OoHUTd9o!Y9OY(x?-<DMh~T=k+*JtA2g0}JVG?~1qHFP<JrvcgR-
z3e6$@h-1hnz3p4^*7pV15fAs#ix)>cFOOdE969zatE{?s>^gewy7=rme%*EP-*pV!
zb@{gI7_#dUw(A(N>k_r=_<h$UcGvO8u1mtMW74im%C2MDu1m(QW7aO|QsAd-+>suH
zpFOzCJqX)9xJNw*aJ{(5y$D#nxcI#YB)zzgdJ!J?;y&+1;OWJE(~BV4i!0xYpw^44
z*Nb4<>l-h2vq6bUlt@5SSx1!Ui>PvvC{dHB@}ejaqL?z37?FUOvW^(h7cu1|F`_0h
z<wY?fL~&&*aUub6WgT&%FXG&O^u&0!F|R-mUxQ*^gC6pNVt7Fh`9LvzpojdR7=F-0
z0Z@zp=%FAeMiBJy4JhUf=%ElOMhNs!7!)H6dMI-8)+P@C;W^lm1MI>Dc6<SL;Q>3o
z2D|Wq9R<KHZ@`YiU>8xaqd3?_672XE>>>?zlm)xUgB{<4U6jC%DqwH(rs^S-_GS3)
zWt9G9_+j8(8O!j~%P4cp@Jq`mYs>Ik%P8Pw_`_wClVy0=6_lGR@JK5tXe;oTD=2qY
z;P0)VJXnDzUO^#Wfu~+Up<97xT0vo1foEGm;aq`#Nr3or1)i4xk#_}NkN{C|1zv;z
zQDg;Pf&fus1^yiY;=2`iIRZqv6?jDgL`4Fa{|VXzF?%uSYWmhO18pt|PLZHx1JT^@
z*`d!A-}o%MlY&LXvCouNWY;=uSANVTTEg}y&-T*?U*t8yDuN$stKD>x)*HCvWI<LA
z-G)8QC(4X_+vtoX?;dTy#)Zdk(=(PRKHAuV?onC>?77Xw0IVrK2VMD3RF#Y$&Z}I!
z=Y05o>Hj1Ge&?uOONqPkf$@JuQPBadLu$tb?(Y{Re*pdY&ot;BbmS^M!Gn(fiQY7Q
z3z*TL2LAl;>d)?_CD5aF`2tjeivO-x`T382!pOjxn$sAO;ac+;J>bN)YgAS>)$r;a
zHMQ_=In@uv31qdQ#ffJLqsPf+wV}tUWOc<7d)z{y!-t;df9d}r0vEVlr9yPb=7zNS
zR9*SmU9p(|g4+4qT^y0s=|=oNqGMZLpEA5%)V%*qTK}LEy7A)3|2*Zoivl1J?a7N#
z-a@I~t)96(EW10kGP@)T_`pNi-OW@x9vrUIM-7CWFf`HryuMW}3mV<8vUmph7MWyY
z^hv+#tN#t1c^$=x2RSEi?MZBoWw|iW8kCZXp+Zn){kL?eX$wx>X!fIHHZC$PT**_M
zf1i##g06E;G5;l%Ym&I>`%}p9rnw<W{@t#8_de+tgA|equ!`XV|IJ{RG!roY|26vF
z1-Q@G8Lw^tfXR>mDEsMS0$>SClftPp43a_zXt02RCKmTk86vYOuK_qs6-mD9W1Dm`
z-YR*D*}}+&!hxiT7e^jd$61R<w@tQwuR$l2GUl;*URQv4D3koMU{V_%-5zw@xR{b@
zPp6tPMpiv<Hb6WLiuiw$7HQ+bD~1D!%pVl_{O5n4w#*qhW{9|CcweC+0B$ZB|4aWV
z0&^avF9s7#+ZDg-OBFBEcjYI)x58Z<d7DuNIK1a_wzyv9??LASmB7FwnW>v4PlNO~
z;S|G>6~kf9>Gygs0P!x<2A)9*otJ={!_NDW-Ib3d-v_wj8+7`#=7vr<PjO0~z7!%r
zQ4FuD_XYy@ocI6GEwKQ*z8J&@cKxpJ4eZ*L&j;+fC{Jo`2xp#-S@IONWB?I*RDEYP
z02CIU?DOfe(COl7(CJhI(CPaI(24b7e@vA0gadeRL>vJg&jjceyi(9DVyOWho$fmT
zPo54ku!a1Sn*b+W*#B?SliGm8U^fGCfMHi1dZHsH=!s53peM2yh6=!aE&$QF0KQNG
z78{`g{D-H{($fPt7W<+A2Uwp4uE)=|7{Gh>!})MDFszjmhk|EYoOnKC89D<}0=<#{
zMhcIo>wwU_3j2W2vF*0N^zJ=QKxiF!q8K8nJQv?CU+R%MeyGqR!k6fWdC~?#!vz2f
zkEgrms~kaB5dqbKy6+gSkiOOOc)ExAh?!Rbf*2GU+YWMW0aoYY(F7pXx}c_J;@|a|
zV;%$WGMgv^>hKgBsuWKH<e~fNNkAX+qIKnmcE#QT26QCg%?&BuCcpyo9`yo7gcPLv
zDWl!l{t0wNZv5~1x#B*!cn~PDjUhT`^o24m@<SPS<DiU3-B898oxd_N|AXmu<--59
z|Ni64=gLchE-&8)U7k)4x;zdG^jx06xvml8|Ay(N!O$xx?gSFp&@o-;ovgC}87+ks
z0rZj}-hel2e!%aT(N1CO<CGm->H{4BK?g3$KC+-qT$l8c;Dpv0pG7Az+U0B9Ekkhb
zZJWOD<@Pu{U-9#XJ9(%iKU+fN5C!$REV)r)1kpw|w25CQza%)Nb$-O6(+Dud-!eSR
zy<O7xoznq_Cj>ul31E`?Y<VJwsH-={RlpODUlx#_1UJ?yog@Wsm3w!)uj<6Wg^R_Q
zUx8YDI;uc2rbf}w<#qd1LBUUZ-CO(lcO{>`A{eE2{?^{rQGi0M#hjPF#xus;-ZcUI
zX2YCUyvCC>fx7mg^mY#Gt5IO$dVAL?@W_riuX>G#Y7%wLxb$`pYpK8_H+rV+sjq{r
z0T<!f8DWRYP1T3DVk>i25o9sDdu_Itla;g7M$iUC1QHQXY@{^H+dmVdnzd?v80O0`
z3(<Mu0T~}4@r~F0VjnbUjr&5$8+i_4m@i7}b~RDS<aAV)&TaLSCY5CB6g*mHwXRia
z8zpL9hPWdAyM-b$b9a0Z94bT?3KS;F>!ZwwYv$m^h2U@8fq{WRgo*r&D%XnpEH|1L
z2F8{P9)=Vc{b;~oWn`*vrlYB8ZpNT&s%c=xaQ+Ju{YOIsdg$-tAl(3hX1_UQKcs{c
z9ATX0*$(58B062|HhFgWd@b%aTsfF~FtIeuq@jN9YFmSuw)d^4wqLySGj0*qlb(K5
z_AFYt^9*d1@-_Ww(D>rW>AH~I+r60$RzroePTJg7??>?<ZM}EZ%rw1$IWEfK7SgSA
zaqm+NPESu12fVmv_Rsb*XF89^C!_U)w%xVzdxXIJxvOv9<s)!C8?B;bamgTbI4iAe
z)k>E?%f{g<6wgVX2(lT*)0bW=ji+Wl%-4TgKr0-K5*m)rEs%yUmqOXgQKQ{@%toUT
zw4z5>5%xy2ILAg22}w*-QzlP7FU5aT^V{ZK^9=km&DU{LJJSmDr~3yMr)s7zjuIKt
z^&ZI`pIV*yIUIv_hz|QV9D+}<ecV^&rAmx=rlQZxelqOZ^nMW5zUz2)6n(4GworC4
zwki=KhSS<nBQNg#b%l@mI3;(pV8^lrt<+CX81_><@NSIO_#EjfiLRQs(BTxV)P8K(
zrEd?&iVeWh?(b{I@)E2q@eH;4bM(z2w0a?@$n#dW5S03t`*(C=RZ)dy@}+fTF|Ctn
z3>7%;Oz(^(ez7D~kf6rP82I9XwI^8ksq4gpMmU5IMnm1>H1`W^*$nrmRP+JXQzW^e
za_#yOCPlQBTTjJPohNznb>-_mVjXfi%x2v)^(K1cnZ+%+Uk~qKY+P+<j6ge1Njeap
zq9Bp+V+c=nuqZ0IAL7W}R?@AYn8acrSvfO}N~L*ow&P@6KKSE&`Y!&22vg*~*Hlg7
zlgFN4bM7}GN66#IP}27GS=iM3mah>_A$MZayphuV2-C4{pItKe(+fw-uyz_-i4S&x
ze>5o^1&7w|ZN444Hm1v0A|`ex;}`>)<y+A=-`}CNr`0>tN!PDZuPBQ4Fs?b`r!qfA
zyjz_xEtY%>T@J-ShZ-g5U5ny_7w&rSz<>MK51PSLNY0W=CZ6JV|3ZvtS*vkZ+xR)g
zSatbBRMZh16N99fsYbu;G1>RcbR863u91_x%jLCSAF{N1^Wk+cO49UK$)R{z?q;=b
zZ|h4NIuZ*aKjhZ?QPBre4X13BSov@g9$rhg50~*{RZ@O}K1@lXU^{A*RM7iR$%vjM
zIrvI&Mzt1YpUBhSl2b&xLdG)>3`L%cJ(Eb$!6ro{lT2ymva&hUQ5epH7rHYeb3;KJ
zXDxauK<18}{jPp$c)@38nh5FAN`-9yXl)@mr14R^SZQQkIfs^7HW+<A54y7E;T~hw
zj4{`m{(RBRWF`%5b<<GYp<62=`jAn2uCF#Q9rtpW-HfgFwMo^RD{CxKN)7TVQ9f4_
zBP%Wsoc4vyHIkwrMcM3!v-GcSPGYiWHiBol1Mvl2oi`C42-?pEJoAQ|{Rks*aKI$A
zEJ{CzwaSf*%N>TuS}9vQw@DVw{16p+1Ad=@%aQ(G*)uF{Z=!d0?wp_OwP7bk7V#%S
zXI@jPEHsi-671>Q_iaK{7aCE<*XuvxZiX)`eu6LgJSrEYa;ngHXh}OR7bm|fggzyR
z(8<ER9xU_J(+%gCcFM4WLfl$DX(o(l_>}-6c?}Pi#P??ZCgse-Z2BJ4WR+5z?~#+0
zSu}<57PnG8o#EV#G<hKpGY>K2$H_gGP;~STVJLKs6?fwJP;?{RsE@<T7!Uno6v=d6
z!h_u`1XZW`K~a4?UXdd-<1o!M9>N)>E2jY*630dDCdT>)%8#-L?Ca*dKW(X#2eKc1
zAqs|T@pW2N`tTy@NY*GrI)_Fc)^euC{9P0dQJJd1n~HV=C6AOei_#?=^hrv$4Y5~g
zt1`GWwmrVjA-k;(o|X7R;qt@7Jx^F%+=w6_-Bq8UBkd)?-;5*@VOy_8dWnUM#a&@~
z-`{yBejLoe$M1X63?b%T*Wm3K5ZlX+b9E%@4@LdVJoCBGM3=UH?8AXy_)IRcU0(-<
z?;R~c{QSaWoem*fdY3?=jYB1bbvkZ}C!reLnKX=Pdcz;67?1Hfhr|eLl0&|s3sW|x
zji!K^`ZlqUiC#swAx<u8XLqlNY|$1<;)ck+fSqal=tIPkvgNLF+7|P5i}XnVN656w
zQo46_G5doX2fgz2<}bBBj-LtyYBxQ<8?Q%Do(C6V`|6gIQ7Cqpw>1|15~WtYmp^Nd
zq>fRj*?r}>&)9B06Ymv@$lvxhGS*>-X!o|oPrX1hX%3~?t=dOV+?qxA_R&bGo8c#U
zlPFb9_2c+UPc{nG?V4^<>3p3GHnVsIae>gC*rk!iQEBJafd^d>eFq%>kXr6q)fYI7
zTcqzY36PK(xcx2cSQ(_*Zo0AM+pH0bRxdPG`bcV7J+7th?{{>(pR1jX?^@Fy;j~5)
zK32LSx`3Au&$z9wf;kY7*1$~}ifnbfC{4uo2KC|ijyew}PxKGDILcEt7Bb6D->p^R
zmUoIF+TBkh>%D?vu;iZ_@|u>|+6yNtTc&ohH9YnlNQ`c*ja@>1Ol98bTd<q;p68v6
zN02}DR=Tad*DO_FXoo({<{PWZM3KAP9;Wz2E^fpN-z5`EIM|q1qlohH(7k}KSAT{U
z=|*D}UwenlURZ4-kO5rc$JITeta^u{!8{hhEmTr0T-%S}ZfhxIA;O9enW+++D-_u$
zDDw`b-2p5fVwAf|QpzpP?7k;lo8%8e;(qqOq(b$g=JT`;#P_MO4>K()p?cxf?2;ir
zCx)#396qFOv8UGeHS-7@ubsgfNcK(+k-Lh@qe(0Z1GHBEAEFq?NeyIWKPsAX=*8Jy
zyvymP@bvLD$x++YqrGFtnQw+B4qp}Gr4nZ8GlzMT&D-v<(HJx*pFyLpP);_z8Am9F
ze0x_&YL01a$xft2OPj6)<5-}9uzEje`1Da%3=YYic-I#UH~opWzJM_fDo%0V&E>=X
zNS<#+u-9;Y<m9c-!XqMDeYRO{-QsACT=?XT&=jSOwCRN948L&FK}y@ssr+aFkP&E-
zP(!MGOI9-mik>SJ6XMLLiJf51EKuhiFSez=;c0yHBW}FRQq2>o4h+w2nad7=Pnoi?
z#3B9wAEV&+gQ>~)__eqgRzEj^LwE*q)vWoVq?oe(lSMRV8pJM{jYEG@uNGdR*G(;y
z&C)*v27yaoBv0&lMp&FW{gi!oRuxU7h1C=s#ZX;ybBbZ{^|A>#DmqacmEyUJj5l?C
zf&!vKIDZf=_kI*nE`D6Nz+*77Fd0=vpe`#N%=qMp2QO*rT!Ww}B${IQcGjDA?37Vy
zwOu9CI|mZU&3&TFEXH$u&BY}QaAd^Wn*5Z+9iMP%dMM4oQA7;S^L?VlpDV^Wm*8ih
z$`&AU2z;(uB6H-Qjr5$K!OkFany&_qFOkfWQ-$0c$n!?9gp8Tnbr+fOxT%|_YBP>L
z6Q<U^<n<1tLRE7GHM#gZ-^};&&xq1)!s}=80Ph7c>y{%Ie#a4)^AbL3=k4I!-B)N!
zGHs;XTxR!$18Ltk#ec$}&(A+dj1Wk&rJ%N&_K4xzrJ?wWE!O>RVt62Vy|y>2woC42
zG<&7JzXA)!w|HIy<g`khn^lnn7;W5a_8e_LR_Ng!qBQhT@5Xd4k@k^BKLZPNMSK+E
z2G0zm<$igrO>@vq)=5dDxv=xSy`l9P7v5m*Eqy5=T7Tlqd#=kJQg_vNr5n&?JIt1(
zT(%hehYloSUJY%E>%H|9krbYTFH-<Z(ctdI$*g0`IE0+tw~y%TqT{q-d$UwjIAz}u
zDdvMrDVlG^5QLTWHYM}WoG8*xgsD%?-XyLxN)Y)V$Ns*`>GbCno*D7>lIQ%D!;3Dx
zgzmE{Tcn!71Zk6garM3(Ypx$H?TLb2D2*P9a%^}#b7WvMb7vezEHG-l!F@Q>NB#bU
zJbNFDJA<{H!w#f)KnZeU%PxjV-B80vK4qSCfPJd3sGiU4;vR#X>vFGVqHOWijrY@o
z6#~%(g!fWtHWYj%RM`})@DjtvhRI&o&#sP+bH$M&nLVO_C*S7F6rgVvkFriF;5?)|
ze5OX#UG}xLF$4YVOFR!}ojJ$xvwmHcG0NhaCK}rDv8tAchEc_^!LQ7ttzt!@NT#WE
zxl8!p324G4W6bNts}5N{tG}D0$u)j<gyHrQt~E_kLpCY~aW~EeM<GzReIUi@Gi|ZX
zkw*;jt_fr8_>%-f6nPuq)?s$JGMH_pw$+6)UF&>l%ki<eZFcnpj;Y#GiMQeyAYawC
zCC*UYJ&4?`!LPUC2s2%GNjKe?iA~fn5oVaa7&Gn*a2yZ4db6+{Md`9Y6@vQin^}HM
zUwT9MsLtU2$<QnFBAF1_-iG3Sf9;@{zHQi|j8E#@MH~Bi)01$Xp_@0!-rCd7ZnjB_
zwplW4MAtRC`v<19m1!rvXO+{T#tia%o|;o3Y^=lj5^k1X{3vokk>(zfBN2ghE+Pw!
z?%ZeGsFegoAz>|hQPXY4JEH5@`_hYcRxbK3?cZPq0*$}k(K;+*RQ3nip}q_7btT}k
z8sTmHR-`iiK0|;dpT;$|8FMO@(evwLrsd*Z?e(?3!y<My;&dgC$U^Z~RpJ<-Uqpp#
zhm8ph->K^11{$A$`;O$ih-i1;&_xHkgt;7qx75e>@`|n-yCS#b45+<_d3N|NDdDA@
zqTHNIY6l|7OCaL7sS{na?U{7(2U`KIHg9DO*U-igT#8R?#S)t}X-vGrhML{h(S^FE
zN5U#pF=fnnuz0H|GU38v4BUEopAmgb`<FBAzZuBHG4aK!HGLEPAgbK@CDo!PMGNF;
zguJ9e<rm>3KVV@h`0y3WEUpNxdjNLnbNOvd<_~N1%M&H;nFq-%t-gQ-4VPn_MV1i~
z9uVcEooSjJv7nUA1dGVfPvIU^SyjqOwSP;|1tY%-4yY@r5G5X-Zhcb_x*r1Z3u1f9
zFro5;^@b08|6chsj$vAj_@0sXN=$bmMW0uak&ipni`zZFDYs}AM22QvFK%yxKuVGO
z>D_Bm)y{474xAwimM9lLn8wHH&IS82s6ok64-pDgkP=IAxRm{0w?yHuTW}E*oBRZo
zF=Qltk`ly)@mMm<5q+SycbqF>xDz28(JW5Kt~vOb?#8!LNV!5+A{(WAFkFvKeE++c
z3Z1k;;m%&Qq|nIM-%AE$S93&uLYQ>#43z1wjNzupR)5YY<qtEMy8Ehm?LnJj`3H@R
z_n1-P4Z{<pWKBc?CJ(+7F=LM4)vmx=Pxq*uNafsibfjn{Vtl)84?kTz+@X@t+@0NX
zDjl@A%4D@WK`4fvV)7O?I+lRkNi3Q;#zalDOmI0vZ&TnT^uDI3m(M;GQ8&AY7h{$r
z-vVb>H3pNvf5NTcAX@f~>Uyql9kRZ0INFNSCIPde$8TLH;}t>g3_k9*DY(V(9e1O;
zQt5cEB=a>|droRGR1py3#>KphicC#UUR%xTqhS+XJ!Hib|42Sk(8^+2ertu~=`nFN
z6Ir*EvHkj34<Th@UP|3?Li-KZk!|XEsbRJ-X5^{iubnAUlDK$!ZI!oK+yk+#xFUYU
zD0nycFpBjId>}6*@FMIUdd4)MZq;=QJuH(roWB3t3>AKK4#x?Lr=XLTE;7xxl8GeO
zutqkT{Erh6BEdglIjIcevLjpgR29tC{m8@b-cmF}O|HE+eXNa4_^_}$A}Eh@V|t&V
z*~PMUtcUHZnKaKq83HbPQ|TfuCk4$5bXM-Cdis<Ka5@H=`y@ELZq1l)-o>f8g=k0Q
zq~T%pnsin&I#@c{AA2-2FT9>!K#f0{CN=*8=j(t&`i1O~z1MD4&D{smKEng<6i)F=
z>5X-2k!-KhPnjCrMTI24YIcZ6Ie0atI)e2Chd9u0SD~bN==YZ1>4Ebwb45Nzn6jZR
z?Q7bMh`~C;dmG!%SQ&EbOujJu!*oS?0K)Fs$zktged5`^{y@!x;2=pEiT8dTydlhQ
zrzTU6EbR*#>_RQGEqtFj4wv%>jC^mGTLL?1FCJ61%l(v&v7>ln=VyG_jfZe6Tch-m
zmO`9a;Eci|GDgBs1M}<62WWVFPOm$Bm+$lX^yBJiD#+E~Fn;{%j_hE$zE2#520!&<
zOgL^Z>_=8w80>A*+i|Z6$UQAT6W}X7jC!h4TvY|*x4*`gRUD77(L$MW;OXh*KU3|?
z_uzr=!_%y%6wzMpiv&CVI)~Xw0V_n}qA~u6a``tAB|CGxX$McnWH`bz6!94KDNY6i
zK1ICOLXyHek*0gD*&Byo=86WR5+?u5WqRPHm1BT{aX*hsHV&jg)zrud*D>bH8LS2b
zBeM6Uc85eeH<E@|Co-;|<vVcf`l{=VHs7}oV8-HB?mqc>YWKEtH)@tY8cSw9Z_21K
zSd>A_{>KtzYM$Q*D0mY>1_J0%M4aXtz0p4f1tmub^;Wy|-sNoy2}Ao(@VQf}>z>DE
zr3NUPZ5mbcs8`(0M`u$wLm@hLV}Wh!!#vewB?iZv=v!{jke2y1-)a8{>A3f1o$|xm
zO0M#oD6Ha}O(QazP966i?IohQfmU^lkDCTyPa2k9VNyRGGav}CqIOa=lh!+$!4Flh
z?sp-E_epyVZVZ_!Z6xhKS*5){H{anRr`|8qbf473R87R)jJ0-u=o9chDGh}}_E+$C
z6h(62>f}Q$NLSFTvmXa8__7$Fs5q0~Pd4>_R1L4pp@HDfc!-%;%UBMRperxYq}`87
z&70!1;cW4#q(@T*xo<#3b`{m-1OuLk8#&chixmrOSVPAlh$a%$7tU+|`{J{2>T|Ad
zdWVk<(2em{o8Tm8KB*=t*Yu7jzhUznQtXN8vN(8RN_&u<R;!+^&QzpLFhxoANoWKE
zwG{O}A6o&gq&KPS$*slmRQ+tH{?st%GBoLN1PaZ84~6L^EljH6VD6jUj!K!6X%WkK
z<pjl88La#*DJ(CM^H(u9XyhaUvEvT1=9w@?o-@CZQLJI9Pl>F4tN49A9rc}|h5Dm?
znFu+7*q^U+Md`NQ&#nJ#A9sps{wWB&9}*7fD|XQHn~WZQVmDK)j??@U8*t%UpD6M?
zhD$xYWq+qi#aNf`1^G5QqSWeC7CSvzo{&UBxmQz=zPJ$!4kdlGYA6?jmvx?~*El8r
zfFudis?9X`l$UXB#bIcz=TzMmOwZcNKxSZn|IIR2-1FMXN8qkQ>3N0K%`kO6LAgSe
zyKo2+K1RoHSJHLY_&?qfKFg`=V;=gs0wj3e1|T=txrzsDw8uk(j;cr};TU5)ko~*v
z2a@Ind8czc^m9h{L<jIG20iE7oh+kTLp;S`CCy=)@|tJsD)%UR2j0-Jo{SUpZbk<4
zJ5$!SseLsj>v?SdtUSv}HP>a!*e*kZn&@3GCD#yYDo(gGhxB~1_~8i6S^(oPR=UZO
zl+mh(Zh7w)@A~ZmRCd*U&i2vhGRA?%ojZ8*X(P1vXQIoe9k-=3++TZut5bAqm{#KY
zimW4NDEseLrC8KtQ+r0;S5&RWHJA;#fjns_$R{WVmUxETEt3X;e0g2xF8hGfo-dYh
z>zMajUw(HM-V70)Iu<A8>Fc%y!gpaVME5_Isb!Dg><kF@y;qcP93xt|&l4fgSD3Xa
z$8z)FX(DavIt;`NkNuc<@LsEb;-i>0Ig4A*;G=2$zKPJwYwA*>wr0TAVm)9UtRQc>
z-4`=$qQ*W6Lr9sBi(w?doMjpNfcNLmI;)A6Se4`&Zn$^sXY}8*JF8S$PH_T1rnO0z
z2&{f#)~4=qP}#H0nW5ChB;ylB)gn^gREX}c0d+`zalq)MvPvF|z~2@CHFhnv`4_P<
zg<`K*6x!7`s@i?p!q|!4k`hdc5NJ<EA^k`T@#+zzQ@sykZdmddK{0kMUvKIGF>QXZ
znUD{v5lP?EgwJ3@)`mPaGTeYJRg(^BUv5*`BB>g#J%5a6`7mB}_2DPG5KD#RJyf<`
zHX+Uv*un1!kLeA$P#zjlJb}4GLmr6&!jYtmJ5}{CiwH_NY1XZCn|Z>uRDeMgkAjkg
z_3ccHx#i7t<l{n|k`@UxEu4VJY&dSR=e+{fQY3K65JoH#qepoJxhph<Ce^WTncRI@
zW9~_CN_`u`ECjx<?o*NKP5am=%vZ_gDUx~|r3-;?nEHe}&D0||b4(E}9mMtubMEko
zJr&VlVd6RBX<)pqlJ^6j1XZ)wc5C9U7RnSq&@hp36J$fcb9X1ci_cG=PW`-4wmK&;
z2?r%1NbGDB&T`fCHi21yfHii^1VyrD=@{ZrvIxRA8Nun2({AS;^~cLm9#4=0iFS}=
zA3I3wb*T{xJQA$bB1c@0sZUUicOL(;GtVsl{<%Cc-O;vX_#WDkT&;fl^4RK(zK`j6
zuk{|6f7DYi)9e%8*Cez2o+LbNT&|qRVsI5a)g%r4lF2nJuO57W3k_a<Xac;auF(XI
zeqdHty~zM;ioD|iw@0p76p)kS`8J-uC0E^=VeVz?)f~>J-^Ipg>YHnl06{iICX+fN
zffXcbg7P!(#9P{em=xD%PjE7y7)f}){vfDxoYdx5ocp-=u!rRp()xq9{CDr(+Bx75
zanW}j87<|YoxKTz8;~yC>R6<elpUG%!b)M)c~E8Y{#e$`H@4nBxXc!>_*eSJFHFs!
zVLmWVQrn4nMgrR2X58YU`q_G4*D+Avm1MN{^Povj5e(0r0TD%mdA0z>jL|5%rY9yp
z^<DKw_@zOwU2_tvb2w!4)8AXW2z5v)>pfU)CyOix9*>sB!P=e~$fl7M_<m5z3U@3o
z<>jK9B!ervV}$?R<vE|><H08bk=$|HeHDDH?C)FMe1yuvU8=ccGjJ!1T-4&el~}4f
zqjwFZVU$87gW3mCHH&=*zTco!)uF#{W$)Cr#X{r0jxAIso&nO89iLHngiH@-in~F9
zX%?$GiNHkZYI(<`%(2EIs45-L!+b*)G~r=^RNo!A#$Jd#+W+yeV>KoH=5e~D!V}U@
z@l~?{L&eycy+hd)#aJ*!wa0;xs~W4eR(!78EHqo|*ee7UCOnPbCi;C9@H5#MX$WY3
zh8g>r8MtGUwH@6SlWZ*0cZHj56wcu~(HrI%qz-5oueL=Pt#*ZHVC2AfVm<D#RZX8c
zi)U&TjMl39b<H_fJ#{DV6m1aIr7{r_0c;ad^)Y_GBHpA1B8=l=?G#WOG*%M**>(3I
zoqkY@^{D_lHsxNhM!hA=?X%-gH-&iSUPBOxih@(Vx3jvYOz{I@qAH!;8&7b%Mg0D;
zfmiOS)DgQXxrHMG$#m|5wHtgD!_ar2h~Qs7dhae$n3dV<SD_XEpu%l!?bQR+xoZB8
z2u4<UKQKo7jfg2g?czLk+Eg|YbG7fRZti7~hTeEpy(z^^_*UMsWL;9Sr<T&cw%S+L
z+m*CM6%~U#m0y{;4~2->)=^`Z<yHR%W^DKUNMdXdh{<oGuz&7&H_<^XaJEb<=@|48
ze}yjyf4zsR)GTh0fJx%1$;3o6DU}+3^z%0Aw{k+l%iS+X1gO&P_3AtwZ23}lZ*=9(
z6KTE4#P8{E@9>Crtf-Rrf|8D5RjT-5Zic|Dz03Of(uD$T`vn#Q_lQ{ze>SC=Ujrm8
zUD0;lYodNIZMPgk@^uLRhY=s=oup3S%R&!CR5j>va$d;rFrUzY)VE355>>!GN(;(P
z_v4E(Xq$BuAp92jdOr-qKP;h%J$cvG;_}I$FzJr21Jm0H^rKSF?YkjzVmVZgi(Sv+
zGvC|)m{0$@HS^3(dfBnD3s)^`7|E4B@u=mFj_c!*cFf3W#Bcv!WA7Mb$+oo%SC?(G
z%eHOXc2!rGZQHi(>auOywr%69y-&R7oOgfsM%)#VEB~zVtjsyb9LPEH8J$dOp})FL
zFpUe{KZ=Z(mns~pwwz|4ZBw*W)5{kE#orjXb=L_Q=Wn;%m6};vi5$GRj@tN-L_MOa
zj+CwHNLvsmH4uJR1|%#fQAe1oXsiUB5I2b&k$u(JNITQvLw51&9*2|5_KC#|ztHE!
zixeBy)GF=OlKPhGr?_JSES2^jiN+FkN3-ML_?9f8BNyun(i)&ZKuhIU%!#3i<q6oK
zQ_v~hBs&_4Exenn5UlsRJWn1QSW59=#NVHKskp5}oO%13a>SpIBHS8k6aL_OvcKwJ
z(Qf10;uZ;~OjP6PlZ$xUM;6&arwGs7!!s-y^<2zscTajzKyp^tqb!zz4u!B_$FMde
zJMgr-+|d$vQGSx;pJL-hb$Ye&Ya--&qW?X}nU)r_*CV(8MkbdXzaIilrHP2a>-CT(
zz2=lpEopExR3U>o0Op~{hFL=BlfR8!8c5@4ZgNu-I3nM-uxNUgk*o4-t|GV$X%qJb
z3ypIsPL}3Cp8)IaudkM3+meF?<3{uxTelP;R6i~7dm6^qOz}an3ZpEv>lc$zR`{R^
zd{1s{%<n!qyZ452e#qq5Su0E>eOfy-5?s(g9mIF=P4ggNMlO#{<@>c5pzdg(&R+o6
zMf2q*&JqrZv>R`)%E%<8C;iNVF!zcHfK>tbX?%WfvCX^RO<s9X{XJmRf0e|2QgdHI
z7tYE~obO}GMrG0?OY-9FTfEv-YLuETfe7L}Fgjh@NE7bYz4B`_&MWf<V&^2uEU*oa
z5T{Z@gDgy?Y^Z9GLlZAe0Yr<8lprZ^Rn1tM95^*sSxCeem<QFKRW&Sc+Sqte@id`n
zmfL|L&A<s4R~{(|hlkN6ICv*++?LHW>k|WeKPtF{%T2%thCV9_!arLOEVSuYAbt^*
zQ%N9$(ywEiqYS!+5^;GsSb<LmoCm3yVUG@ob{M>-K_imzUOJJ5qpq<M(~jeXlo1>5
z4t2vyD?<AeO`-6zID#)(>F8g*_l)<do7!d1_;{mROBSs5d<nt=@D2(sX*QQQ=WXo;
z<ubhU2W+A%NedRiZ_+6R@U~-RZ##jDL#Bv;9A+J3#<kMV`{Px1BIrwV8=;4Fck#=w
z!U&=~3zk=(hp8-~lMXecKwl1R6Z1PEoro*E+`<TUJk6I8|D<1}!W%Jb#ZoD|u<iO&
zv*8}eFl1w@&w`W!w!o((R8mD+b3;gFXaUK*S;TCtH+zxn>lTi`7&=Mu07CVq61yR1
zjZV=NeN9_k#}@-A)MDQ6uBB$7DrKiM;-n#F_u88rBDP64?}7L9rHHaTTV$7g^%|w%
zq88fG6zPyifI)XR`D9W7b%*T`0@?wHh|Ehs<XB~xzN4Fn+47>WKz;scqIOhBrVljS
z5XM85dW88!#xj~n3Bn0DCX8xE*tDwmw(bZf$`=p6+uD*+@>WR|^^C$oEOTD`1^>l4
zk!??3`lv$9TH?5@Y@>BfGrwj55{y)_bg-9`fWq<max$>~qhqt)Y26zL*NK32l4?xe
zg+fzI-h}n)$QiCAMj!%2(5|7Ya^~1dnx#7{@Jt%D4F9ggO6{bv*q=!MhEUZS@JyjS
zY&lDevU-)~_u7x8VYzLZAxy?+!?IE=%fvavs3*zgCeJE8TG0dIJF^Sc(}&=vrzU45
z<M)Yy`ju$h<{#_etw~BETQGvc4@l-tqC>HOLvjk-4kIX+D8v4zpcUyV6_9txdSSw<
zT&<1k0^iU5a#6x%zXAqhRI{j|w5t5H3ZNgRNz0V!7L4gV$yi*Y+?6L1)vSy-)6eyM
zJ&D(w{>T~Ob(JaZ5P}6{cbT@Y&#)*|ih|en?85^KHr(x{qa$hS75(x>L^CUglp0~#
za8q<H0Q1jXXOC1)CcCW~3{UERA+#+BvG*O(gh<#mSUqwl$ck4qJ{Fb*)Ef<jO{FTb
zaxCrQ*fWYy;jj+x#Tp_N37^U|Erby%vCQAG^JWz_1~m|RcFmT-*snxGFfGxN+I;`B
zNG{lM+e83BD2vAq`PI&JoFTtG;aS8Q#u?U5iH#*Ykx|Te)eeuEp?2wtcvI*yGdDNq
z^+Xkj6yfp3nzA>Z*}>MQ6YM$ngA#tS7?`X84S?|GLrjZ|9DtADa3~DbX3fd*nUp=m
zjUMCfqfos&SQ*`I%&x8;!|UyQDW>8v-0&!SG1AVlU*-LEjI>GTtIn=i(IxYvG-ly-
z4<$5BF{JWxU24F4<myupKBIc2x~$uHxYg^3XR0>G8I9LOj*a<)R}d(9-f~bb?)|wy
zUlrCD?W@@mQ_J1x5Kz$ew$t$nl5pdBrnWj&Gcq67#RP?MgKnN^YC%GoT}w~KrkzgP
zYa5@QgqBFGsE2Nf(@>J`$kO>zjfoP<f7ZK<yoT(@rQN;$&OOIR+jq-?ceansl8h~n
z=9VwMO*Clc?<e|aZhN<^rBG7bF36qS&ZG5rge)meK!YG6bR*VZgu<OVUgHdouK@sy
z!yfl<_68J#paLD}`n2Z3Uie#m&YI+E<Mhx@ju)5~NQQRgDh|E<cH7~3LI_tfz26;f
zd@f<j@~}amJf3NR^=umYNSBe@!t*;{(m^I@iVQz{l{f8s$y05Xu2wlYf+NH^3#>wZ
zcfRaLyaj{V)i5dvKIP9kZ@{*;t^E8*Xt3Mh#fyVdtldUG&39)Yw%;4sEBm1nYK)r-
zbrYPMQt4NLhtcAL<y!vX{Ill{wj{F5PamuT36KUma8A@mWCIha8Bvh@Ui5*gv4k_Z
zCpI5b-RLNl1)6wL7v@C4!W5Ykf>pm9PxG$iIB;NUU~X-O-ECLu0*^1X&$1RNAh(3g
z!&7nZL<@^k@17Bi^d0q2l!wjJewj!*CVRT}C?t}J$O>JrHzqT5MSVY1Ll8~_llf21
zWg&fDxzsihalY9ZTRsEBVJUDC$Y~36liwjbPz|@fCcvM>JlnMe@+}l-rav@;UU#jN
znS10kxh&(v_1afPPKJ$wCwWvW{ZW6lrtQNBwp^DseMBrX2-;rz7@xV#g#d`FUOLR^
zE;QGag40SsQZOcf$%<3pgm$0_Lo6Nizuok{D+KxN4zbb{ZJXX->9zUuY{{jV=^Oc{
zJDX7ED|N>{&Fd*xUGLg8A+k#(@9HLq3J<M6>5sR|5?7>dqh%IFzJ#+qOIP|F=C^L1
z{Lm|5^0FHP7VQk?pt-zBiXpT}iQlWMn?aK=Yn+jM^P}#U^Lkg>)G{(+!@SN}sEKEA
z-Jn-O;{~Z_73l4iTfofWgc-~>>tLqV!i`jCt)<E|QO~P#y@;>RU~G{y?Yk9>Y4uW*
zt1MNnmC7kcLxSIegR$68UQF4QkG`#B*xoF%pOH!#D5EqYRFODH85R@)peX{LWchkB
znB9IWtsQ)McMSE-5e~{+sqOkWnZx_KEp|4R>D?Z>the1*-|I3U6y6-4yu|bDlbd;?
ztLLAQ%XbE*D$}X}pnh!=i+T6Z4(5LiG0$HV!?Qy~6BNE|%H|5<SP$kW_}NY>#`n%P
zHC%%Cg<T11^lqbLa5UKpJJWkDmHRY>t>1<z{o4-vIW}V{q7Q)@P5UKd>?D0atlA%&
z)GMlbDPrzEVhzdNmdlWrG6S2)%Zo9{zkdo}6>F^$%a|8!rA$uuKJQu|Zh;7`l|kuQ
zhL1U&=+AaQD~r(HTmtZ9bX%kk*hVD)=W1AR(uG5V;U?(&knvH>ePV7<lSe(x+^4u|
zi)*ccqM{pA6Ldq9b7AspcE4ehPgRu$2ya=&ZN!$2loDsM<DCrFs9BeBN%%z)Jmzt=
zC!|}z%MBSYfcKx+i!7OrZfk!EUF4fCV=_l>tyLGbl}1;d>zM9MsvQ8yVXao<5^qnY
zQkt@QP1b=?R9$U4)ruR9@{G%%@Si*QzOpgPFZ77OzmgH#f(*`@;;gW3#^h13<SNc&
z*qBx4iOiAiiLKbnH1{0pYxz4Q6~iGrT`i$g?`_BA2Hlp4a-I9O`QbXSr+GQotB{4F
zY8QRqfpL-xQVqy-KM2s@UHW~`!i0LFrS2iTC5sJM1W>Z^`ELvni_vFmk26}T{*cF^
z_YVk_J@r!25k>-1!bt)qs%cQ)iu9Ep*^^WQ%=VD}xG4b9&NL)J<8v@(WZ0409)Z5L
zaHskscfo*{xEc5RdB(q_B&=?S;2dYsK^jlwyEb!MMmnm~xa3g^6=g^f!E<c+BC~f`
z;)h!+(^Q2_+d;`2v>X96c`5ka#Xv%uEMZ8C&Spkm5<@OWQh#5x2s9%i*Y$*-l0e5n
zNxO$1JCQZI7Y$fIAPwk}Ch;zOp-wQaNQzQpLcv@}{`&1bS&Fhx5t>6U1zg7<80ZiL
zi`dVr-EauHVxWO$6cHZCx&TddSlBsbBhdGY0j7jG-+@aFiFZ&boTJGXGeT=PKtMyB
zlXYR2ZF{l%_mm+TxAxo`KyoK?7Z|M|gYnpa3aq&WZj{hSOhr|C(bxmR^U?3-1DgHn
zEHtb`nF3|p=^@%u;w$(bXyfvhu#bY6AeG%heClB5U2_YmcTuQ;a=P`7i$D<Zq-{N_
z(yO?=kX9!d>zYBQBQ=cQ6_nwe+Zc*Jk9-Hvar@>Ml-#58tr(=1>!Y>KFNOSe#BJAS
z5Z#AzM=mysDh*q(alxMgjwwD``m}0<g`LRSI#OzHL#2X$X8K>HzsGfwxgus7HVQ90
z5m96T|H`qzA1RwfMvP(@p%v<lk6<GN$1tk-iBSCzoxzR9)dG~Y8Ez6E;De{l=K7^(
zq6gG-f!ZArP+7C*=MBOkqwREg?S{xLOEGh_M2tI!7LUmTlOJcfe?|o8m9ahi%?O%J
zsctYe2B?i6m6nb|C8VodSSBsUVyi_)@A;XOe@|zpQGtmxx}utAN%TpK2q`=1Q`pMm
zshoqFXnL<&A80-^Y$jc7Vv~RYsuWueYK;QpPwLve$CKgMYdm!vfUz?|paUF88tGDa
z(=EUH1S5Bo58d{e$i<3k&*VpETMIKLzsKs<3owZmC#)sanLO-re|e~|5*Y&}=*0Iu
zH2XBl0`LJ0waci^37yOiqmBX?rk)1Y?5F34nwCEdpH(Yj2lOY)2r^yKkQRy6sKx_y
za`Dt5*ihnXr`aHPc2#a2IE0u5005#`k+1R5umpQFO-OQEPU~i>e-?|YnQ*=M0p&?b
zjUJym5}s(eN98r_;cB0TpS4pO6bd!Uxf&)#-{>+COPv5>bdGU*p}67P=EH9;Q%f@G
zJ2o&!-_PF=L0Q4<R_M({%}-Q#|FkB`46&sbUz;mYxn+Erz_0_=Qo@fUa8sD2$(F3~
z+fnFgt}{<M$RE9ikk9}bgUTWl9IbHp&20|^3N(aTG+~v5*&JD+S*0y^N^9eWk$x_q
zM=XRTh4-=GDTF%e5PZKfjyIMcuu4@8lB^4Tb-S?AX~e7Y0?Iq{{?Rq{Mfb(d<Mz$0
zArJ*8n}kr}E`bXtin8ib-&Ruh$H<a3s6L;qY?2`Kk2EJRxfs0Gia>~b^Q{CTuwY}1
z#Z1wwEc)r77f=ke>mcy{aS1PgB4El<)xDeXak7hgNLns~`MoM=ph|>6iGs87mOCuZ
zoM&VJfl1VE8LbTH9$C)o@%)dVPr<)7(gX>1#PM~g4Q=TM=By*b@kg#5xk+DjK*owR
zmyPo~nuW*DWoD1MI#TjZz8e!JI@xtEk>FJ%&FlqkQjoR;%u48ZjJOtaq7kYSsTD(m
z$W4(ZKo`p3fLG^ApNxE{)4&Cl6&=Zr4iHJn&wgf>=UZa=2k&q$Yh7d9J*_OfS$Jh~
zTi)9dHWr#g<99oqhiUz;Sx5JOK<vyxH;G*5hDMRH&GW0S^E}UcOv@bTvmtuTaH3&A
zW>&U2Z7|q4=6XNw5(wk;&t*Dk_HfisQ+bBsA`Tgl<6|o7cz$D3ZGmDwG>D(ZI8Mr4
zJPQ9<geGQxviPF~GzCxXfy&Ly6$(hxQ285+92*r8M7GE#qSif<);l16+9fV1e=&sh
z3PQ;l8-!^Fax;D}I}iv?CD*0Y=5b?yh#5(6yV76iP{p{M0>b;(Dl&<EG)?y0>eB{2
z@-a~wELyHQvW!_0rLH%C><c}DzMKF7K!@oSI)z8)2srYw9*BYE3Cv`4Z@UBVI|RU5
zXLoV%B={z5zt){&enyi4>Sj>w7BN>0=}ZS_lv`d20!Onx!7JZyUp;_+6|(Ka?^0={
zGJ9`ZRB&r!0fscVUKMIBxO=*5Llx^fqYOx$jo$@RZITBSmzvJdj*=@d2)q=-Rw2*w
zqn?Ee{b~m|g3=55cQ`V#2?G{%xx$5Sz?W=cm2T`r-WVx|E6Nln0+AqMBFSPZXSGcY
z;($GJnT~K*knV%q+22GK?u%zL%Rgrju}M1>sY5@qgLxj$y2D{7PDPkc?Th~mO8urf
zN;G)?h2K9WhAcX=ynzynWnsu_HkRTxctaS1^j0HJnW8)&hsSI2HZo<DrI`z$ni$Og
z6aS9T-+fJYG542go=$?ofWwgdFDEn|L&%iAQt#mYfoM<e(g7huQxJe`BY7jc#I<wr
z%56FzD3Ha2ELQVh+WD4sjmtXr)$dd^XJHl?o<nkpjTjHjt0%jR(DGsXcQ~T#tKxC!
zlbWDS!N3;OljsC}ccz?{Sl$o8FH<{1FVOD4qIIJ3TrR0yc!?9DHtCfb2k_OH+}MS<
zoCNXO#&|edlK^#q9zElx!gC2OJCzaAhO0P%xkBH7vqbXtMJGU;jOID<Y%i6<dgNGH
zRhD^2P(PjO-rkzOGXjYqp)e_5ifVA`&Yw)U?-L{zVqVCn2fug(AJ$XccIt>3b)l)T
zBL)1yDzkZ%EzjW^LPdUxs&9;Zoc`e449Ux!TqXVvC4_>-{G0f2Zm`UF$St4?Z6V6J
ziBt_9(!uGwccefBz|WAqZb>IeJuY<L=k~>}3Hg!S9VMJaa>VuC*(Q%4;r2=3UlAj4
zeZDsgf>xVJU#)QTtiEfo<_`yYmhlOe+@l1sQ0UI|LVo4LV5dbykXdaWqj*N#?1>#y
zox79EdP^30VGFwqnasMts8vrXgN)&}&GoHB{Q3<nwYx8xz!e5Q$O<Bv&FaPU`&@8k
z3SB~UFdFK@7%^*R<25Sx{jxyFyjYLYF%8}9=29wNc3l)V8COBCWa@0a`Z#c7$E0$D
z-*=SVGU3Oqv*vhLs5G1irWnzge#z;Zg2MD0>~>qEy;Hj|%bI(C1Mf<I$Uf2YV)^47
zc6NTrwHI8d7jFnP@u|&_9NDw<ByCXtQMZtEYFVY;%Ua_JHhWr27;c^27)$Ao9vs1%
zoju<Y=6708o)?6?CV|0dc=bRc?sr0we(T1Wvq-jJ-0!r&OVZ(8ZPwO-R%YL%MAQS@
zxatqyopit$cd4;IeO?2@naCnmM?^yak&9Qt37gBC7Bwp$+0CvEz1~UwhP%H&-r<ma
zR6Z`ny<d!b1gZXKFJg&fRFBqumWK#0CQKF{F$XN}2UOlu(sR&atxXJFT_EUKG+9ex
zdFMQco@uQplgnUi&+~U%co{HJ)y$I$bZ#kwL(%x66xAZK@pv;2cmq?`+EQ`3cl250
z`Mf%v1$-$?9YK8Q`Lw*gE@r5%r=!G5J7vSC-_?7F#_yNt6tvmA@bvVi8H@1w74?^&
zID#FAbwfV=!_giy==sWYP@%zd-jiY1bjY4w^q+S=clky~KwBw`<tEfwQ$kbGX_>yb
zd$yyY^ugEz@Y5XD;Liy4C-D1b=EwE$K>~BMem$Ae#J$`7*;;?*<wO+vM0d8vB+fY0
zy)T)}h$Nmx^!B(YRwFu6uJ17d3Bq4$Rhb{n6l*48#L@*+PUpQKohd{-BHB<=^x=M)
z`-dwrqd%(Tb}{3oJ%?%K;$lWfXgp<cs_ZVz9dJ%oL7MstUPMsuW0a*hqs`?wnLB}z
zgxTjta2$rSV|h3Wze!YSX`b9pzOBh9Yi^{B#=f!>k2^ZkFPusmbRv(n5dD&=|78Mo
zg?iI~WA(c^qIZ)UfXCW_|M0CgZt7Dfg;qFav30`%3hW_Xmd6H}i$v$gn2Qej-EZ3-
zS_a_kg;|3hGc+g#;V*)lx|+fo?|0p=Wu1<(iCZX$bflhB5MBVkVYC&UV-rv`Bx$zi
znli;0KSlAB%0vf~Y0e<Pwc_aqnZDw|BMFiLXY^5vE+=IM<Tc!%>@%=zO!8{wa%;f)
z)Iniu`51O9M?K<a9+*(3+7bvEsTU<hHX!jK&cLBb+3qHM=4F74S0oUvH2Xr|RS1?&
z^0^?t>{9Z5D1&C0rhmjck0B?|4*)kIJ!wV6b$}A^@<t~*qB4~44Dr~-WWkThS-kxg
zFtS)M!Lcw7uj<ehgMOg1QY~tcM5nOlEzLvUXHvS%iJIjRG<ENn#&1utczTK<&?{Mr
ztP3<pv1hs9ala`9B%<-U7xpaO>92=@KS~M2HjjL?>?W<Q?SIB0xUa2Blpt?1EIIus
z$r?}r?3!FGQ;4Lh^;}kyNZsw(BfIOMg$k!!(I#ib%5fqh@wy)*6;dt}?#N0Mkx%~!
z4yq&&m&(Y6e7^5r(M@Cvwh|%rgcr}rD4DcYcvrca?+(c6zPwVI{!qF?9}UXxbA=5|
z#yMKabpOtDXR=SsK$8?(+<zUz@Ib^Xjy-4PZa%ZFR6Ri#4m$hLNSxV*+W5!CJlEuq
z6J?Zo1|8A!tSl(#E#}$1#X;(9GAh9qmsEgZzHNnOQWREd=S*QgnHMIRrYC+^Dl3OH
z#LCPVlf8e8EbV!6$@bi4<w8H3pZZ?W79D-u-`D$tj*Ba+Bhxv1F5AS_>H_V&fk0$G
zBNHe7d45Qioy>ZXz1oGUs^jf(sN&U$En!C}3Q+H_-I<5{;~uoT>b{)>8kJ)#@wm<{
zh=1OcP8rm@%vn%LuUoC0DtW5$+J2dJ5O>^sm$8()C+bS0pR&$~+$&=wn9_TwS*#}g
z0NiO(qV1V_ayaBOThz7!5NNY0a~}&~nygYX*b6R}@M9jO)^HZzWlHY;H3SEj-CLrr
z%00+niE}P2zL8pV13fPHhEOO$H&?aa#-2?Q#ErbnfedQq?T4U>dm|0>vH@otg3Ffy
z(^A-geF&wzdhipPV!hRZoqv&mYENvfe?!Ma8Vy^Q5qFY0fd3psi;;^+vfA-Gw3A86
z*8r#ttb0Uo(9@cU8cd-zX=FIIaf?vqMAhMy_98L8z`DBX`iNt`#KsSq^l)m^I{Ji4
zFC?}1Wh9)1Mza-Wh)s|nzlGwrKA~M?mSYLlMn}!sD$5z=@<nk+-6!n8iY`JoFD_HK
zj>P4tw#p87^n3*gEBO%o0-1R9m)N4FAs6z;0AuJ!91qiAtIy9<9(V6-?Fr8utV;=G
z@E*pIC;OhdQQgXCE{dX+!iq$bciqj6&M&%|to%?=-mbY7d(JaX*U%HFX-6|3M~f19
zy^>^4H{^BdjMhdBGd)@Mz%wE?4hIu@fxY>&joHD_f#g^<+JS5lV{BN1%0@{=J+RjE
zC0Xyt0j%F&&C2IV#5ojDH5B8Dk4?OuuY0<m_mxCAOwi1=p)hBQWzM_zrLlsvEa;%`
z^!v-iv?q8zb~E`g5szRwYKrxZ_S}yuh}l97w0N$8P!{F#%qW(8yy!&~S#w~1cx$gL
z3Z?sebOlC3cMn-CMRGvu_&qmwMjiNUUIAzJCK`0kAG{;{+$xxBY8<g68hdcp56V$A
zVaI2%)7vN6s4!gBFW^YT$q-50f;|^rwbkKi_L(P;%xOOSEyc4Muj{%}4sS6?4-*^3
zym1AOzGREfRxyd6Y5U(VZTR7|Qs3X3l=K5}@Ie4>G9vfzq;ydyHws+IyDcpKrPKC{
zM`|CiYT9;ldG0|9%O*m~@&3nXa|1jM&5Myb2CWz#bd77kZAyAyfUnR8qDqh{nNEfr
z<qGByR~Qo7vK)pimr(oKKN1QDt>QeB>z<phtD0so&}VBt>AqaQP%2+UZl|vaS?4Cy
zh85fpRguM2e~L<5@Xb4u_iM^ZrM*j28i{+n|DJFd^l_kkUR2&f2gxGgzuBXXCwCLZ
z8*~rKTWI@Z5p4AAB~60&GueRNJ&wK0>y>g)be(p0$vEHK!W(jaze}TifcX@dS;F-p
z<7-X4eZ_mTgjgM@M=s%&derp_<5XeHqntV`?o$^*h|3{VMvys4m9*!^kOtLrJ&{5n
zj-QJ+t_f4{<hRrrh9)2#E6A->@@2g5L^S}-tb`PMfV~K*F%E-LG)WjIPO=kqPuanp
z`hhKUV%`=(UtBKiy)(TfZ4m&Bu6C1Hqr^ND-AkLP*hS`PW#wk>+d*b&`)FO2AcMIy
zqFGSdq`NYCpI_iZ3zZU!5zsSOKz#zq$j5+Ewr;951n0bia>Yq^v)wd#=&~q9rN9oF
zW1gQLIY-n!BTd!SQIjeeuvi3wAdN#FmbFn`bL85fgAL9~Bt4Od2{AiPLY=*#;VoQi
zm$R3w3Br5G47-WF_d(if_ssz%=U^!TvX_d&d~)~K-c0$=srdGOS`y(81{LAno&KU#
z&~cN3=R*Fb{E0#QXq$`v7xy^j$KKt$@KUMlcuL%Z;69E4`A|s~Sl_lP&-WMTy~M=L
zd*A(Fgl*|2_(qm!x-+^BgLekR12|-WyHGAKSJ^fGwu$ri49sKoto&v*zfv3e(vt#d
zocIXs&Kima#|_LO1lR1?6ELIEZk^V>7x~JoX3Xc<TBg)mEflj0H~+$V{!SAztxSiC
zCuM@l=xf<O>R#`C?^BoZ&#XMKyuFN9UUfyU|0)<iSBBE!8!Mtj%WsM?9Ext1R)=YH
zspt8?orIJ600u(tM9RS6sbQ7pz01m#dR(hd_%_Tbp4cmphsa;?QBj1Z?&+?3qQfeY
zrK{^HgI`3~L*Fkslq_W-fb&M2@q19BO|j0p5pOZh4{QpPCrdW-|HvI3u-Ss1)uu_A
zF7Y5dX-mZO<seo(L@aIWj*DBO;*F~3OrLoT7w+SU-4dpEq|AUN3%oVxT`oL@f~WLX
z_P={lZE8xf6!6f$tlw826-A40_quV=3e#_YhPoq!IXTH8V)JU>aabUR2*I;;(e`7f
z<Ug@Sn{G|1XR?TE<weg}J*dk5e2w=0y7%V!*sJRDczw(My0i8kNn(BZxc&UpsI=OT
zY@I+et7&fQa2>vy=ju}5FgkrbJ*CL*>uY*ay{fX}S=Z^%rI9B*JhZB5)#+HPH@-m{
zr9wT;FYEXIkca})Ww7Nc!Rc-J0EDA9%<%lP=y3M}rcyiiXg}i(&>dAGvhl99rF>;X
zIZi;5eLwr$N%C&Lg9{)6fi}4zJ50nIg&XjdAAvzn^Ufw!?VuO&xD+@=J?fVbH`*s~
zy}W_7<4N=jRQQ%wZ2i6d!&;I2CS0}=(OWf%;|-UlNFQf@=WS0`xf1}0iVLkZn6s(=
zMp=+mQVnUKPI3apCadS|#(|JuCrqS+!PPjf3K4l(SQlre8@;>n6W(6w(%R}|!h?LW
zVaUgNt1DYqk>D2`+FT*e`fn7O4FpB1YwmmkjiG7+2zGxTE-k5GH*1wjo^?+f81xX@
z@u|$X6w+NG-_Fq<DEecuxSW@nJZre`XF3n5Iqo7UB`Qzda+R;?f`@2I9Hdv~HspEu
zYAsqa*{{k$&`5Rw&jVS2`BO2xDHLnO&)wH)M;txWH{EhIZe5I;dHHX?x##u8CLKil
zRGK)52aI%`cyDNGcuis<X1sLsDVy2s9=?)}zvC&*@zBepSieaOf`3I>#^eidaIKbS
z41#rY(eo{w2tEW8i(5OE+!9K)Xp~aGjRspW)oyWw*C@@LDh!ln2cZ{R`w0Uyvb-Nc
z(}|1x!KEQlo-oF-QOe`-Xn{>G>-Mh%<^w_B{G$sd-pdbH0bDkujs6sUY3hax5rHR)
z`BR!nTeOQvlo1a-ObM?m9yOC@y)=+EH&;81>B98Mi|=CdB{7+Ay-CE~8jZN~wp&7F
zl{4rOF%XB3xUn#k2>8iCKp*NEtq7R6dN$+I8)?b8iCZ7jO7q#;lIgv4C(wP$6|Tb<
zuG=Vvz&o#;_xt)JK5zoy@z5z`y>&Oc<s959RFEj2dw#mK7)<~PUYtxP3iaYSB{a#m
z1W7J@;0lq-2?F5_HU2=cgw&RDNVD6^4ronZWANuSY#7+a>~La_Elehi>PJ5gKA}(*
zrk%t9@yejkx2;O_4Suu1hPYKYH=|W+HzRIM)jOs8)I_^=)gRA~Ts>_aHABwT$(?uj
zsr3=wU(EaYg11)g+@kJ<k6=%r3s$N9Al!??X!9l2yW|Z@IP|NbQrR~Z(8RgjU5|`B
zGRkX*xj(yZ+Z&n$Ff@qW@m0irI9kyYY`!9)B$}P@v26?AU1lc~TDWA)WL!oA<uqI*
z>iF(YoIf_&T$UGk&WaZ<okn}BU4-uL(8`_gGA??V64IWYayT>0RJh1dZ-7A5^l%T(
z;$w@36($mMd52*)xBp~@!)%Y-_-n(baFE@iwVT8Zq4ZIAdW*2zB;<i;@?>wD-y9@f
z*if?SVzDYcua2Xh;cJE(+5$MJe69(9FA8|Uf~%PyydcVXQ>Z*6@}L)?-utn_DI|5Z
z3bmy+Lqh8(D%lHtLA@|XIj2+>4%4bw!8`br%niR>G8p7<S*`_ESDnYyK9_Qdjp_J_
z=%0bFwQ?3n$dwZAGF8#R;iX2|@>alHJ2PRZJmFcyUhO7uQB%@mfx(F$w%7SAp~Jua
zP?*n&Z96{$f0ut2n}Yh*TWrP1WC;W@thg((`GSf5;$ZXYKO|y9gyV&@FMDTkO?$RY
z>M#xaxC*dNKJsK90eF#5oJOu1%$s7k?=hc0l37V=pY{TeJd=B5zlT)NeD-Hz@mk*#
zGc$0j&di5?K#m^^j>bPoL6hy>9pWLNil|x*O=UEKc%wo<#O58e#m=B)lkFRjlY5OB
z$t#1wG-yHZlZqX7(JMj60eGDjG@0>VX~3H6j{&NfC@eEIdS4#OE&aP*6k&`VhoF^E
zJyFJu;W!9n6;X2R<84HKM^xw5j0h^$P)0PrsrG?b9K@|UpE4bID6}~sN3E(eJ~!bs
z-XjXLfZ)9|yMZW4I9SH>_VI{@c%vlIEI~2@o7<wU{XI=tlbj_^$c5a?pI9Nqv#P-5
zYp3tR!0XQI!Rm7o$|lDi3EjzZOS#OE00QM*XS=6-BP&8(T>gZxj5nedpF?zDgv(Y%
zVfIEcJF~k-;_Kyrj4d_;Enkm#4qM)(DcL2VT$J2yZq{xNu7W83Z3Ug9D>Ip^TLP6m
z4?@cb3{oy3@0uSD6P2`;zdH^!(=kw|^x!Uz1x5{mKyg}NJP7tzHKL%`3&zk0wZQm9
zE8XHKuoQMGUw?owQ+aPprLYReV1Iu>SakI)4GEn-U}br*O}j&emvnA>iqnncFRK$x
zy4Vypg%HDJs~=DCw2(4vgR~@;9+0U6ojaYesQ{X)C@K{hNL^;(Ce2=W$}}00yn*Uk
zQc&#1mmX#3B5@aVxN77?SH078x@RyrfqI1j>;69MWaDn%TXQ0Psa!<<+ry{?3*w?Z
z@ihH_+a=#7WqSnPNx!=zbr#|Uh_Y~J17^2Al1T+)2g4$ZVqrX}?Bn`0#|Js{VxHr@
zTSCwUtwwpEELqvU#D7^NZhS5{+!Q36HQmhI%q@#8*3WjKmW2;;o3QuqP2_V`oY-f!
znm}vcXrx&5y}n<klJjhhD|vM(wL1+K4h#6{+&V!uYcf^|V9u@i>-T}QrW8-Uf1c?Y
z(V@XmxjGjjOV@R6)tiVYWX2DNF?$+g$o}L~sKdN?%WwoVLhw{8kn#k{HRP2$J2Jt}
zi@ojwNFh%d$4`A%PFYo`5N8}@h|R%yqgK!Id)3wXB+lO;pitu>LgF?ltG;wYpge!T
z6Ghh1v%Fb<;r(xZ7gw+=;RqlAfFVc#0QCPKzsujuE)0J$yF{vJ+pkf;e^5qbxf2eF
zuSeH#A(2YYaa?r7M?YdnQig*1LYA{#R$cj7EW|@O;ad3iv)jP7LCqzyL^p!+J+6xx
z*A<9Z@D`L#nE!6(o~0&xRWO^gDX1(}Si{^71Y>5vi57{k-w`0LEA@WL)^DNN#<Kn?
zdAXiW?>UPjk?X^=T4~y>KE;2koP<rfhSro<Hq#|$GMA)k1NJ<P=+k-<<jO)V1T+fy
zC&iaRax$8iiUfB@)B~-$mecZZpSr=zA#+MNDPo<1Umz;VZ*C8QhHsQA6)E!LK>Uc?
zkYoD0t^K{~CW6LhoM!X%Z7^B&WSlbuWzK$Pzh*~kP-GFKY>K(*2e0OXf3zrsrr!YN
z4Ac~7c<TzCd=~<R<lz1O)aME6Li{tamfe0`=?vwsb(=h=NP83VhZFt^0rs`4>1h*w
zzKo3?By`_1(=ef<&B7N@4qjm4s7x3DT37&DHi1Iv-;-lN)0$*GKBK<!LWj``YWGQX
z!E5ON8$&=2$sdPw$Yl6FT^v4L!R;y<rxJX_A+liGtXj%A15V)X9~4jI?G{!-XMk+|
zw+9V?ixtR-=*0HqSwKSJsuCxr7OJ1oB!$!1yY^iDM{EKv(j$nFqqbd9^1zSMg!Ty9
zkYoZkDCv_Z9FmEX*9-E*)t5<`Ao1pbIoD)M(r%w^j4_xldG%i=Av|a0+O2bNf%+DU
zU}0JnzQoz-Dp*Ew4E_Xedij3S_zIQ+6BK2mR_DK<L+=A+lOyW9l)Y_pUBdqCbfPwj
z)~0C|4R;g!7{oymBS#Qw3WnGq5CS)t?8yd2@`iSI3E;Pq)IX4Voo$KOd^OUNUOEmP
zwp5kI(alc2&C2RP1_arfJJJmA_qIg&bK*l8tn<F$Ldk$Z$rz3lsN#PV>wL9=AD6`^
zxHF(XF4d&!SafbZTfVmAn?R!386g#C&sLmAoL#*d>!OqR)gY#S$zRc*TA0tjTU6O4
z-+_8L_67`O3&SCenz!;Hua}=F@v{eN#M?=5W<x;c{L~&}&KwMa&C)0E(=XYkF^F$y
z7CkYN<G7L78cHZS!uO5m9=vW$Bsh{R8+EY6GMa9|FO%z}GBBc*E!E*`wSTf%s;^pC
z5>O|}B}$q>FfKo-;_i%WeW128EiJ8OUel3I7Ne^aWmh(f6g;~6s4`Dw@l&~aqLkDc
zVbap`M!~$StmFOPE7%wfrhgk40Dzht008D+E7;z_)xy~RuVs6op&q@<2LDMZzv*np
zk5~m@iUn~Y)|MaJs=B(w2d#F7ot~nTqT9tI0GlJgCcv2g!x5=X>%o&I8E!Pft}*}F
zF_M0+5h3!frt=ro#{%8$0H!GaC%L%oIPn-!IN)IT%INSMG?+e30)g3b(FvwJpMfVs
z80!p`K}(|;3q96ZQ6)zF3`1x+g?ULi<|bQ6^&{?d4G#=is)<koEP;S?*=7=RcmPT2
zAREs3gR%0bG;?)W-nPbam{^8U?V=oAlTT{#G)q}Ryo<1H*E6g0BT5xw#mB>oSv{ju
zgDQ5ct3V$O0NAF3^-msJi}l6u$J}Q4y)xUDVecjA=>bnHCjNJxJRgJ_<aYxv%%1`8
zzN~Z|J=0DX=6i-Uu(cUgdd$O}TCR)<E0{6j8Kg|Z(dQf&UJlKKo=Z;JON`tm$6K^=
zxLB5v_{n(eO`>GfPjCh0VIyQP=zZ#3dmx2G=F!FjcWX2UF6C6q>W^|)l|4iL0e}w7
ziT!m89u-sj<{ZjSX05E6%rBBJ6)`bv{hHWOj?OmLOmiOe!5{g|hdn?(r$~K=NPTxy
zH@6=9Tw#7sWIx~Re!lb+FK~?rWF#VuEj}s7BMeBA+%wi{jDaN;Ad>1+h4w3o`6(lU
znH^p%V4mLUu`jM@;6kH4G`rUfXwoBFKJnow8yOCi=7U;m#9fu-X#n9+<2ECqrOc}8
z-&`4=hzGB2&@elqeqxXMAWNpY>@Nnsg=-iWk)c;7IVP&Wj8&SWP`YNeo{DwAIZ2XA
zrN~HZB0bjbbcP$hY)SWCFG16es3bLw-L>N^d&CquJYf-+v-RGt2|4$VkS(8?o)Hml
zv865B3jv(2a!#VFhcHB=Xur`y&9b%|7uGe76(7FcAY0pRSA#h{D%QPi20vlvu0rnI
zR}0LK!@V+JJ(_Qx^|Y^Dot{7OsIL|E`LTAdyZ~6N&{zF3-Ef|D!)vWP$5~N>9C(r6
zO~v6_4-U89_l~;Teo3|~Kd^b=YsxBI8A`H0g7~!n+x;mU^{{i%i|9EI@q`$M=K;;j
z+3s1v_OwN<DMRGU%d69Kat;0hodG+QIn{k~UHz&i1LR<rkHa%3qIneJW!FB{yJiP}
z-m04jQObZu%%~WdprKwK>K<J4DZDN=x0;;v5+o<GdrCQ;J9yQGY?9FbHSc3C@hM(N
zn_=5<ySR2GJA$$?Lbk5L&Lo?BKta12=UXw`Vtl$P1P<ddb{ibEM>yA%7CQ3rGj!Ap
zKHXFzbTd()T3?(UbtxD7pt^ki{sv^|WZ!|*FmnG1#wqHG--?wbUHWReFFYmmi|bL1
zuDF@qy4frwxhJT$Nr7##{D{|9j3rjP@s;Axe5TCpQ;=vqyp0`$61$?=ECp3~vPoo}
zN=IQ&uHbSK0HLHXz()+6pDG5lr0|}v0<T7wXPuT97~{2An5W{PPebCW;5WtAPt=@&
zB{^UR4E!Nm?dgtzgG+=+@?*gz6mK8?nB3_fHNdNdS=JCfN!9E~SleVxK`_e)N$?<T
z>$|S_fF5KH@PL2-{fHdfIX(!)VgPCc^8nOC2z$^Bz{RfN;P`Sxe#jv@OM%!2VXSmI
z+eCKQ0RXY^fK1q6$e|Ex1c0XC1UbX<T@ZAzkBo+0Qy2?yM5JH;AggN<JqzppHi4*s
z002<m=YP@D{Y^@j87FB4NDs|dg=nlRRoV|oU$I;*7y{KCdX%5qA8Xiu{}{R4{qr}1
z<X2V}brl>_juW>1TA{@tUBA|f3iBU;T61!}EZaOa3T8<@>RhIn>4#-_s>3_tVd_4s
z#U?5Hckz43*t1sqdShou<cA;6m3?W15`r2lwmyuKUlZ$7kn?GoRTby&#mv`5<981~
zWAa3WZK&>J3#7uG5~_HzHaZLL3JneFUAB(D?xstSxnH_6=?X(<mxLimtgBx@{<qDy
zJ5Dky{s90$@g2Fr{mbV6#mZ-3ZEgN{u%@tPwMGa1fg%e&UAz$L41w4W8ic9|1>M#l
zh6}ZlM@Z0$j;LMy@ha|=$&M~}FV0oq;^I;uZL*PD{}_Yaz~FUZM-rOmnD#2+clbHW
zq9^dDQN|u}`a)52Nv)^hj|NQ8tOd_k28Ue6G$w7$jfI{&RI)X;%?>euDYKkuR1iwK
z{0eQdl1evRCBDfM;>TrScU=8)zh3zCi#H4cN%V1zP~d$+9gj*kVk9UtkN@yW2C>fS
z<sgSgV^DKzd4@8DNqBBGh^X2}a%Z@}mFvmdxNWe=GL6X<n)*)<j$rL*Co-`^D$NPr
zEIU>ocX8j{IR+gfozKw2gLA<EW)9hp937G>a6J5RY&pqCN(w;d35ZViHJ0Cx9ckMl
z95wk*4qQlcYtF>E9Ax*%O%NxV^cEt%=DYElhGfl}^wlyLjam)cq!%lc7b`!_ln8P}
zfCxJG+1+-$*eLR8@np_!;@<d*Ej)s4b*}mH;PvuucX#V&2HIAVSM0doxHYY2A)IZ4
zde`|>26$1Tygn8Tvi|s;{ZUZGf12}X(#n9w;Z?pt``>d~u46}2|2>zH-^z>muQ~mf
z{{HvO{;kUcang|fbnqfoh;{&?mM3{7<yPycwD1n^J^caW38xp7t#Y~HRt4qP(!+1K
zQgNha1DQA_7ucaQ$G!?H3~ihMiPV_FzK(3;tPKw$H`ty)GKn2#@Vj*FzFUk&N$06~
zDcGL^^^O~f&(#NG+ugd|*NvUUsIi4)3Dz-+5c!*fz+(s?jOt<S5`|OcVvx^G@*Z?y
zQ%nR|OtVFGhk{=R<6c=?yDDA%jxJhbj<G&{S7SW?`(6uou+;Fr^;hpZZbACKS4}}{
zD+gmM2VEss8)JLzzjSy&X-uY%4*orHc!|R4#23iSEmtcS%&VIyeK1V-)=KjA$pTRW
zLP?|Sr)?<8)%m!~(CzI5{Exax_2|IgA-nzxYAoAKqwqcUg|H*0yIb|j^2vWT{WQjp
zp30!Jx)o)(gVm^)<jyh+&rA0#nR?I&e1&7Vqq=p<;W<RiC8V`f-E}<`M|e?)oMF)|
zr1~*{go-95pbPO(q9SSC#YU83EFJPpF3^iO%41+r<#Z0&_88_H$a5hNCT+v}Q}|Su
z0b=Uxh%&WfNpKk=w%SHOLDRy+pf?KOV-+QB+BWHvIys}IfJ4U<1+$1!-ESdsW!wEu
zn|8T&o?=$<k(BxvJjZqId2Y7MjBc_;HU)lvz4ktpJFGs(|6t~#Du<Jk`~ipz^e>*y
zjBlP!ks)cZ#P5-u_&(sjkN^4je2+2!fRVMKoSn6eJ*~ct&0mB2Pid4BQE!O9e)+9?
z2>&DcefIg$_utZn)^^7KC-E9#nDbQ7Z)yC0P3Qk0`22YL2K}ZCb@**;Y5cG6zj;Fc
z`~Ux98J+x*4yjTL2;j_*@OKvaZvfu`@V^26i*xipY@`1~`6pNDzfpe3w*mgYFqi%l
z@Sn-?zX5&ee*pah@IR^YKT-Y}p#K}?#~twBDE|r9|0()UhxQ-QPY9s@c5nX_{HKHX
zkKhsHzpwm%+{HhI|7nT-Bisi4xA6bPF8vedpR4>oIK?nP|ED!CCkgVcMSuBjD1e1;
MReXZ|_HO|HALN6}r~m)}

literal 176673
zcmY&;1yq|`ux?9ncPTCIP>Ms*;_eCV?(SOL-Q6v?ySo=J?(Rj3^U`zg;k>)nAF{&Q
z$?UOjzL~w{BtJl6zI*o$_MN#Ptg6VMv{(Z8(>VBr3Vs<_>&w|$+t`2AwXvahv9yq$
zlt$=bK!o1tRB&oc2_?u!7UBubY@4Ka3}~RX^nW-%h2*nxbsfUbr4J#YXh;^mq~Eb*
zW*S8LK2Q3<J35jRnzQ3x!MN%ZUi}dzpOD}~Z?5ISj{rtQj<K!As>4}&5o5>6L;>d-
zPI-#nEfp5dYD&V=l~3@f`)=gCVHlF%l4zk`!xTrc6f^fmte*^^I$>IH<o=HeCJ>WE
z2=Bprhj{l6?f+Ln-`dXbuMPn*qh`GfsKVa;F4o7JWUM`xxnDHnKf<%tIZ)<{>zVOH
z1Ja*7u@-F66{t+|+|ScfbZK-`7?8Cxsy75+co$2x+$l~tR|9nL1hh`R+hz^=NA3-9
z^b0<<e5uj!xcovCdI?VrtMR*Q3N3jtC0Ry{+9?0o=@~W}f*%Fm;UahkGNbl=`fqRS
z@QL)5M=Kem-e{Em<S-1h>#4T3h+gB2TOafHrkdj2{vQa!OS2+^@<V3K6mt;TQ<q-h
ziQ<0w2lxdzy4kIT1r6R(ms1y#^^)a{CYGsG8-)G78fpRYeMpE|Eqsh>8nVID4wDo)
z$NfSdO!-~2fAnT0$O!!mW#M>bDbLCC<N@aYTCQ3c=_CajY&ha~?=ZlYbFuj9U}9)#
z_&<Lc|Jv?URXqxW9n-6F_El%xJ=vW;_(!aGk0lOjtK8*51_vI-Bu7n#CW$|wTTz<^
zm<!aVxhY2h0`p0*ZVLFI;bx}^r<miGIc#-&pyVAfsF@o&?Vs+`x3}X`>~YQt5I>_6
zQ%|NQx(`&N4(qKIEmoPXE}a99uw&tkJ;z)`Qs?8vj(hGW`M826LH_xWJ{}a4TZIW!
zti0ySOo3K(lNXG`Iu>2Rp;#>aKhF?6Al(#=+#?n16{VOF3^}0c7hpbo#Mt>(5k+Hj
z$z7LK+Bor*;)v;PIDU*vkK%Sq@78iUK*M`y59eC~8pZ)?Z6VavpZh7^<|4YjDgeXJ
zy7Vpm#r?@eN#eqWp~M}xeq(xeoP($~0U1P;L|=YX=(%}?PWGA3kmLE5IV;DK%6A(a
zfxuSi4A!skd%w_4oXmf&mN<GS_a<FG;@>GHd$YE6_Q2rZX?;~&tb$Bk4aC2zS~YQY
zc;1B9UhP^)SE4L7y@QBnNR43oDWh_e*Kd{-{oXh!{6Ylx+HCDphrnWiSlY1h5r=Kk
zR;$MKI}MJHw5i0bpX1&~@>BGL6TpT#9WeM1ecBF}JaFPJ+P}L<^Y+`SxS;2iv=Mik
z#~O{ONXL(@&eor+tN5W*3h8=zvUn9Fo5lC^e4i&eN%+E<<*s;!J`rfxtjy<mHHo5~
z+v)vyIk#;+?xH%-`LtV_<o$Hdc_Wc`vl^Eqo7Hyra@^_VW$~jCl9#IYkEsM%i%8^8
z>C7GoB#h_}mrm%9aD}OmGVe^^IRSIuS4uN7Z!QV3Z(6=r?S*XPXfCx~mFyFe|8QXz
zYu2SXp_+!UZC9~ppOC~n9Jn{!pC8^Da+za#W-{KrI*i+sl?o7nn=)C`*|6j$!;_~X
z+$I%3)N`hqJ86;B?<OatatO+0D-?-4nfYLd-6EuTF*+-Rs!_gZ^oPyN-bi7cIEWLy
z0m_IX!Qa%VEtnF%NMwM+&~OJ?DI{cP4bYd`T>v4A0=HefOsSA+P!U!l@`uI%w|3ci
zk!3DMU@8W#+3(v|QZ5fna*ogV-)88j^}mjy`BRCoH!;O-JRlD*Z@{EmI{vYgm|eC!
zR*&`>dmkGm<!>s9T5&!|jjyApu!dfesHyJzF)xn?&n%~15VlveNfx%nanXNY--^PM
z+^5VgB-z3q>bN?!k(mUJ#_W@ye#xwWQxxJoHgD@peIIkbYG^;(_=1Srki%v?bK&$c
z9f4^{e5l7vs<=iHHE-fPKHPi{jkTnGn~d;ngFB+ZS%)8@t2v(7$za1cuTkG8hDTg@
zM8y`Um=IO6b(w%)eN^l}*-uB1Zq?f3rcWaJC)E})ywYp-{jj(xwT~<$sgI#1*jBu&
z$__Wgo&37Q?bPPdl~`W~K}O43yyb>6<|#93dwFwArN8^>`7WvJ@(10Xn6txAOQ=b?
zYN&k4c6_{0IKxD8bnbUd)4NVR%#heIo0>#@OTQLN+@f;_Qm^U-=A@SrNU-dok5HMH
zp5-E@<+rx+9Xqb}_sXDlna!aX{>mi`Wn(=qpI4H-NjwUhmrI26518JLqmnL+yFel{
zd$|;Anh>ux!Bv@EU8t^-)bjCz-+a1v#T~=tKj3%yW6w9fgR{nCD{IYM*kLhQ)h1%2
zmpLyM-y=;a58n%k9D8$yaqF0;>r`)?FJI~ntG%4o>|^ML@VPtlN>C1C+jiz-7a>)X
z^kBB^o+?7E?tGmdEBke;L1J|@$j^|;4@<E2rU-!MgDXuuKWe437@BrGmoA&6(R+VQ
zXI#mZf(T8fr0%99jhjZz7}-I|VSND?y(ak}dhkQKPZ}{0-rUNni#Nf{betEfU_(pQ
z_KW6tW9}`wQN1uDKBbFSZhYK5qSngS!}xi522Je*OQy~4DrfYfv$TNu*uBIL`3<aL
zo=t)seIx9(@Da@w^3Gb`5^b+Oa=A+EidW;a4H=&)RZ!y#ORcKY8t2l^T|btImTQ6-
z!{!Ilti5b-NIE|x9Q#v$bC+{Mk+?Lu%(P2{3tba-YA*UI^s~@$9ZsEpCqTZxBxqG)
z14gERpy5e^7SXd2zeT3#l;>SuF_~lU;tJ2*_GIBz(v$G(K-i0eyi-<)tJzg9MFYa-
zmT>3s=W}7cT%CePVCBLE{;65PW}{m|_DqHHNBMfqLqMKd(LzX%Ti%~8fgmUjlY4o&
z(|KATdngV6+;EbDHNebgzus4^bPY)jWzPwQmaYOp5$Dt7E5iS+WV`{0jjx&z?}Q3a
z-r@dFC3Cj6Gq*P}G<2~4`p?@x<*csVJ!zS(;q(#c@)+5^9j^P!<45J$+G_75sV+?<
zl``kzpLE-ocj8qNlr+^11Wq8nXQ(dG5E`j3frc5iqD%9bUBYT{F3(jLf4+|2{#h-L
zci)d{y)pW;aO(ZM>(tr#dVIXl`deu&WVLip%PL-peVMCT*?V=Z&FaVvIN~hr+7y@e
zY`*T8x1ipP{RpgGT&*~B_BJ(7Q&>3jq7^n2Xi{$ku7=F*eSN)ay{B8}G*leU>d$zp
z?9@1x<tAqhdUmUiky!bBcGh>h$<=Jt@wA}b)_G0np|-kmHV#wydilrQmb7yBMf(rv
z$HVb)#h&+5yIKkUuae@7^0L?Cuhwmy^gQe42q|BmTVl1HM7^Dy8po5)8%vKU9bFy0
z&$QFqsVa8W65Ul(j-Oji&nhIVl`bjHrnJ51+1su7W@Xz=Qr8_5R0~Sw7Z?%_RQw;Z
zCV!V}lv;O&%zb&5#n*gF8a!|u-sbzm@5K<Mv}#Q3^xLxb#S(aGJtzFS1*pLex_P;*
zb+|iGyxN6X<f%FUn$Rn<9cSEEUKKpI6dh5aw0hbvBrKq~zh<A$yoT8~E+xyJ^$|WR
z^3fbWRz8tk_Y9%vl4~i4tOK|BO327Zp*0sb>MTaI1FG>|j4RgHA<vICiX0)I5(Zc8
z8-FUJIRX8PfW<{z)uF|uByI}AziDn)Sb`5Zw<;p<>LNKvMkzEG`|Lc=f^3;~<qI{*
z591^XU+rD2Ui0j-p7N#xg0y$yvdFTYWH)a*#m<Lir|q@Lb%*i{dO8CaUOCz+J7s`K
zrcpVmFMkes?tKcqNs?bEk9eLVUQ%=(vP%B!u(NFv7QIH?Grt%<Z)&r_$KHy!S!t{8
zvEIp?^z*%RSaxuzYpMY&UN71!L=$$8{2mB9LvQ%cUb4=gIy)=CE}gW*T4nb(=`682
zK1kzB_qeJDc{c^aOLg*j-dqRnv$X*p->uzQzB|In=GC%vAa!bAr*SPHS%2O3`*rHQ
z82Z~;lr?4|&6}`c+SQ$QbbX<8_2s<s&r#|_m|*gH{mmg^A;@}$SL92Za8IkuMp4hB
z46JMbir8I8Yl_V^%ZKHeYfD*Xjw=?w%@C+l;mnmGXEB#Bf9Lltj$|I|K&*(f=;bqp
zs#Rh>`=GYxc9+Yk^8(AZ@yX|Fn0#}TprD?~*KjZQt8VJaXN#rZvS)w3+&z81d*Zo!
z62w`L+aI=^WUk|pwQ|pFur`v_$K~1I%<;rY{R%B>_0i*{;+fmcZf4`^e0lO&erR2|
zAq~Nj-T2YymZf28T)1~!cw?_?|D43ee&dSpI}hI7lm26~mt<5xR!r4*fk^)XVO*Y!
zCU^3n%0kXDe1hUb=h7Ous$YwZO!7+0S6=m6VdVuE>bV#7D_%-|l^F#GT)797s%*|?
zU5Y6_sRh1&grLrMDpo4a_zzJGcCvPz>b<KlpEGG%a31|m6TP!vQpS*$Ut*YYcLqi3
z+e@WaRYqRK;(^k4X0=NzDxq4A!isX&kL69Bj)^eM^*lvc#nZ1NYpS817GY5IPf653
z*<OVU<J^tq0ka=ajyyaB4e_HTcBQTE=H2A-7eVaX0(lEU)AfB*rOclj^F8^py)PR|
zZz(3zqx49v@?WODW$hTVGBvgn1utR$v0IiY{H28opmM#Py0s$;HGG&#t?D0$SuQ{F
zUJI2j=y2LzVLt}mZv?m3b|y@Ww@~*jsnT*)T7He03W#)v5`rW&tmj-=TthDIn;c)8
zI*)fFr(GU>FC1GhurYq=rF<AiaSp<mR@^L#xwtk1rrT9+`SuF~m<cFYCH111J7tdY
z9eM$P6{DjDwRO+wJ`!CY|4(p|VGO@zIQzK{m2Z&cmtD{0a^9Vz_ODqxJz)2_m0RmC
zJQ$KYAF%@}P!bf<Up3BO3yXHNUiZgetRpSTZ%2%>Fc*VhA(mmDFQ^`~#cHncZpC9f
z6%4Yj+dNl#zN~V<t7^h9Zu7_2%zmN49_m4nz;h2s`*jjW@<{Zr{F<oDncU~R&KoQw
zA)xabzX3y+0HE3XG(WEKbS$X6Y3fgv{cQv(FMH|8;)r{Ro`U6+%*wE+AFxJ==L<#|
z>4;_R@;B$88?S;TCVk<w?tz$3T;ZW;>SKaDC?om|$z_Ur&1IFhCF5?pC6faqGYFwo
zJGz_DbV#AWww;M(7rDOVj;h!(!85ZrmLkVT^&Chv2*o>cs!Q?J%WdLTR~;40!AG!-
z^4&y@XuCB_t|rKla?W<0*!VmuQ%0@kY<8Uwjk8<xxCaF_nH{V%SC54=(rpuGHs0$N
zf7XlDZc7#LWF}Ry?HZlW8r|SVdBr^WkSz`PNDi291u2M6gM5cM4GW*SP54ljCb_IT
znZ(+J@`=L$f`c4U-y~x}228dyzM=`mB)aukFsDKBPyoAPI?It?UN2;i_u30yLXQ5=
z#X8Z?!FK2DxpIN7jp*$7to~XFT>ENgj*mu5-1k9jiM3Wsoehmo)$&N1`e{sVd>t!8
z3PMDD#e>$Y@q7z%RPkksMjuCl0)OY^c;xbg(Xww==ol*44H%*`$PdQ`6u@o^VXy3#
z%*pYxU@BnC4d>L<QR@pr#UWyOXbPgup#|pp@&}TPI0m}edslJ>T3*FlIz7mrNYy$N
zd21xBgw3fbO{|4?-p*4u{MnX_7!!iDE%X$iWzEl!V^A#`t5bY;ius)jYX3A|s6;u8
zNS8Z4;fSD+8iO}V^~)%YG>E9oK(`*e$p1}!8IRbEyM=lT`OmtPG`I$oxhu;?ij`JN
z-;kPt1PWf$pS!r`RKD#hAvH-<JJkgMW(--;f+$Gnk<`g}7X<!MSS?r(!PbP>YfV5`
zMcGROlP*$dxJishDV~1}AV?NRMrQ!%Q~J9ipDsIA(9l$I02`iCmFlSln*_vMiht`^
z)M!98^j)agO2o#S_I6d@rlQi@PQsAlMiBTVekG+lNudG6kDgW$=S)tRuFV>|fAaCP
z38o03meXO9XflryNj2AGW;_Cz*z8aME_&Ub528hW66-_$j62~-1W$e(pMs2-^Fi>S
z>!R(0U%aT5Jk}V(jfMyCL5j?FoI52xlM<d?x;!pKvz-lw#PEH>CmP8#CMO-1VV|i5
zM<V%ERTzaFA{g{taG6iq)spRIcXo5rr+wWgaz4$^O)2osX(JuG4tkouuUT4mBJj{x
z7x3ikSR0ZRBKs*jrNNgYS0j^hSOoh(?dugf@hD!{fm38U*2AgrMJ-*44sJV`y#6bQ
z(}`4d=^2xskNDpW+$wSp%U&+rV1PHkC!a&ahqinD^fZ`|sb_uEe&toW4o~TBY;=GE
z%2_&*F5Ua&WLLV-F6Dfgp+#Z^K$#y-JJnKA4jWwfd><NoFlIxWc}#~XHBZf)fhB0%
z|5NqS)i^*wH5A7;p@bGscGesH=2azoK+O~|ZzaDRq|WGo{T86c(p&Uxl?YmLa~Y2F
zQWw57f1GIR?fage8=BWEuCuHg#y8jM0ET(#^JNhkyp>L+di6@1-=r;h<;g*U&5bDC
zL_z#e4g)Io;)u9Xdptq?2c`A62-CRwyN6K6LV=85$*(Y!9pBF|=>~i?$0qkm$F|x^
zaMWSN-eJtH`5}RvP#}$mZ;l?n>8VNM2Z~G{Odd9r+jYph$)NI1N;BJ^9WgSJo9D1=
zSMU@#Wnq2bw4lj3lU_HQ@=|V{81wE5UXQBewp*}}`S3y}?#!>y>y8YXQZ~26@n;<f
z4VVv(9YR@+z6a6(YO(ASf6po!A#C+H3U_V)JfaUa|NgH(*7h0U7B4#KYxu$FstHC{
zO~AKP`gX=zJGDSfu2Cryj#OqVwu${SeP)E|3H?vkvjIm0w~#^O>f6Tz?qQ*@?xR@<
zCS5vAuit)%XrC%t-;5|)M_`3D`u1G)(ijNGW1CfB<(CDUvu<q(qXT`5_;vh@`5sVz
z{uqIv`36X2Gdw95{}K4=_#O$=A`7ZUwQL+Ut4Q&O2A&DlI<9%TnKCSww}e%6Ql8JE
ztSnZ}CXYy|0)Bg~a@W<(%IMDlC;3l1S!6nY*C((;$4pD=nm*7-zxFo297fE!M^9u!
z@NTy^J3u2+TxAIw-$hSc5NB*+IEWAjg!cj>`alw{UoS|NW{>!|E8?2qU53Jjj(Eh3
z->h@HM#kCu+Ts8W{Jh(q;sV}O24lkB>Vm?_txT;v(t=Sv`_)I$2K20cv(^6nCw0$K
z$7HiZr8I?zBM0>&k3v!N^5e2dzYA!rJ-os3es&#(l-Exly+L<@D3?fCUF@@6WxsQS
zYe%lhW<qOoB_I+5D~jh{ZIjfiT?x1F<y60u2aQY@hJR*<TL=57gC8jR&5ELvKLLM!
zH2($bv@W2Jp9iJA#ZbgB$lZAP(=8}@PB3~gn?9Uke{)T3nm_v2MV6q&9r%s7dQ-7a
zWLH_33?tFMz^sJ(t1ij4WT9G(*u_%ROxGEan8lmcPCv=?z*_hH)jB(62pVX$v9Emk
zT?zoAJeURf=tVrVBP-&+K3vDCa?%UCF3WeiA?L^MwLW0Xg=w6ZsVjPjIm%6Cn1c4~
zJ~Jebc_S}u3Rd(6X#~mIeCCdhQO{5B7cNN!eZP|m1{u}RYiJ4kY=k&YgIB-+{w*JQ
z(p#KQm7|Vwb7*k{%)`ha4bchf{5@Fw@q;6;t#UW)$k0K9h9xTIl+~ElBsU7%Mo|3g
zn)kf(V{gtuLy+pCAfW(0K!uOB!T7G7FKO{djKPb2G7=#ZKCc0rhwq}8$7IBGosoF|
zhk@Q{WAW1hx^Tmx_8+BMx|WVO25fH`+G>toyXmcI<OibneqvNVWyM$~8eLtlBn0r;
zET8;2);+gfDE$02&=T1>peEs?8j?<smdTp<4LL39uHX;9&_k(hR-DZr-C*gc$e=2j
z!Nx~$t7)dvy4u!qoOGp~Fur>1nN+uNqpA3L-tNys2f0adllG}f?bPe&Szy+@`RGlh
z2W;paB-PfvmV6Tbh#4AAc&lk&C<|3GRZsDC==7H|l;3$M{Ak7h)**^a$k01&9LyY0
zo)mW+R?f)h&0aIqq9XFv%)*o$hgpuZzMj%?t4hC>Z`xLdqmgC!@<=mOw}ud6k#d(A
zjMo}=kkE1Wlf<GPVv%>zpDy9-@~L__Ve@>U5{mJn9IaUrV#(#{&?g<ka%=vG5PyS6
z_?LB<#SNjo9><ab9OLJVdPo7yRv<gd1=dzeC%2Xzk&|7VOP#j-^Pelmb3?0p_;d1D
zS&p2(PW)Ze3*!@X!RCWEq(VrdOF`bzR5`ia`c2J3aR20O{Pmm~B1}kZwccU29qTQI
zaCZ;DI-MR7GNq4Bu6>3|!Zluu7V=Oq7xImpZBn3-zbueT6dx74CZ>qN0c9p@xm81F
zYF|Ew6<8L`JRaR5{DRFTovokzWkSyh;WzxWpH1pnkB!goU{I#g5?n6@@(q$|(i&?D
z{2Ujn9B#jk5|>>T;84!ydjR`yly2uI#{G=hIL-xY>>n{?@*|?yZn02$w!0-!42g5+
zp<qBzq&C@YqVr~%v12_E?YLujDaB$TVXc5oEmpBYqjbPVkyj;xBl7ZBFyQ)EFas2x
zp%AVVHg^#7VX3ECpO&jxU$q{iUJO8<gd;3hVObV~l4O@InrSz^b);~<{_LF{#T!UO
zaD*_!b<i6N07da^DU1aY9%US1IuFWC%y0{j?~L|MIHo5sVWN?9=>6swH!4%F5ex)<
z_p6BC8wf%S1wumN_v9@_loILG%+t<kR5s0-_T)A>%rqgE=GRSFLPjI`ya9HSxP{n-
z<02}EbL1;C_-*BKLS~g-RYZ%FN)q?UtY}LJZXE*lhg|h{#qoYV9V*p}Pfw&j?nK{R
zM*ZmG<8DNb8@f?Fou}RgeyU};g_7(oj?7noj4?k&f<}FPs|yw&@jKBA$4e9tryjOn
zICM%VRS^vEG{fT;+Y$5{E9kgkiKG5reSxVyggcTeB8s>60bYO@z+v3tY+sG~*NQL*
za75VX-|5JRs-iir74XQ+(i6x6?3B7xKMF&IJy8LlJH#kTR#j0E{?n~YTm`IKH7cmZ
zo@;bSF1kF}ZgodzSt_M&6Z)gl0Qy8_>FG;$pd8<5duD}=))VOEx_nMF`XRf*dqC8_
z1mz#^J-`y(pnX3gB`S`p*~(c=#}h3Xb@_BO7GjmtyfOPFug*cARtxL<(TBHqjiQhz
z>|Q9~Ek2rfFrm2OPdN6dJ1na?7C2}$?YO&tc(lH0^B+!a;=()%TjlPTF&<iM?5Yx9
z-#cj($jU6-SpYe<GJi>HSBF(arCDKaNDK4p(y7__#v%63Hu~Kb(R&}iCNE4^-K|=Z
zV(tNqo2<G}1SJuY8}!XYlB%<HL?Yz>ve+rkCVJy|iwNLoY{?!6l{4blFxpr;=~lY;
zDDAjj)>7AXW7eLuJa|ITUOx6vefXuqX+q=~w9KoAU|ymm%WCJ;$j|8?`a67iZ<?4P
zna&0I^E8;3;P0?O_$~+Q5%l%QCKEo6SoVBXB_0h;5b$r4@*r2kiTf~Q`CkcICbJ^F
zYgvH?uBtYU`?D3>ohxz02{Q6wnj7YKXx|O&q}8ZF|Hhdu*l6q5cz_6ug__Ly3L&Nq
z8QlR3`;Z$tEd=1?YtJGJzfy37<x#GxgVpau=l=+QOfmj$8s{x(keEX{U_0nN!R#j!
zio%aSk$5EK%0%hL?<%;zzLn`}FKk6?edMNPeLxT0D6Kc{M9bF%3ad9|&zN5Az2C6!
zel`{uG}!s;^vYB?-9gVKTR#oWz5`45iX3hhsTpYt=rpws0amvqj=@U*DK|q_M{?I<
z0tNiMS(st~1w4!S$nxAcNxNx~=0-b<dn9)>_F3vAnHTW^=xol}IV%v+Iq+@&GjrLr
zJ%RPYc#ho~peJ3WFe;%b&N8j=_*LA3X4U>l+s(PiYIpvj@D#3LFemEd8~!5f9tr+G
z9;g8`!)i()wt-MXcrvk`-1)FR)AAP#N;FCCj9LjL;qFle<fe9K*cha@GE(FqBfxgI
zAj}4i$>lgi=wER(Nwn&$6uoH^B0p!rd61F$y={#U1l(=|4p>Bxzy5L#0v*FWs@*H6
z){@Q2jph3ZUfpcJi<A}#2$UY!-@;``4(EdzJOCqG4H(&Ks`c=E6MQc8=YG4ImMwkf
zqfu2`@Fkc3Qu?!0L06Wii#YQATV*kbvq5}uv_%AQ_82gmB7#=7sXa883meTk#<e;<
zi;{ZBo^q|akLn#;7u=EW5s!L|=~$9}g3IpHH-G4$e;!KM2%?>O<rW{a3~p^!CHbLP
zIY61iYBCNG_~>I?k4nb!R`k_P&~v&w>2ttQVTJ972!&@d!n$1B36L~wV8;Kw#c^|M
zJD^~LN*^Qzjn#!mI$pq}!+__FoX}1D&jUx37wi)Ko8{+tv<`RKheVN*k5O~-DzMa^
z?A4Kj9QjOdg78hz6TpHJz=Gz*m}A1l7d%!lr^^ZXCIP5J*}mWOLCxR6+;w~MJrf7y
zKhJxEJCab^D3~$(54&a4K+jf=3)T20@sB0)Kuf;OSV5xyFr|dzJ>JtX1Rgk#rCBkC
zvPT@Ru-C(7_1F>AoJ*f2uKXsp8rc_`o5y(t_LKJ3E;ZU|)k2@oF1vW*1_cR)&ON3$
zawpPe2!7=6Uq0TLI3Q94slYhm7_V^P9RFik6&Ub8zz<~=@*L?7ze-RzLPhOfa4c5N
zc{R;%ZY^xxgkSqC9DST``nKAl&x7@y|Eq5Vb2Tz3JqH<BI%m;J`bG4cuXEz?bD<M<
zi~lzG)`A6K)MSq%d@{08R_z(u6`5v&*(+_-9^7fXe9H6_{O7^o7R7C`9S-vkX_ARw
z2Z?P5XFez@6pEiTTbc3{MhRyAXN+}<%TG_ozdwPE@yr&tpFMJ;PI;4Awz_t|TV(!>
z&&nJCy&Rop_h@4+<2uh*W!Y#^7)Ni_Z`8QdY4;#}v{%JWNmyS*WXY!RRUz!uZ!MtN
zdc<gTB0awJQQeaupyZ`v@l**^mGHU|{hECS|HbI4`5Fe1e0ws7k0bw|hu`}yAzr~*
zB5Zb!D@`)1fb-Zi1>hqyOu9PDYYlOT@|JjO=|bKYm6G1z#`I=S>cNl3xvkuga<rTR
zSG#VweVJ};UF)um3E32##=)eknFa12DdHUY|2+J0vmwQPG`nM^9vN(uPO3e5YR{B6
z(;U~$giAqz(G+i$&Z0}41@5(l1rCg`A0`aMi|tx$E!<NRYC+dRBOQ}FE*>4R5AJ!j
z`A#p(BN<2Tw;}cppo^T8+Ehe63V@68L$*C52CmdVmR|~(o>@RM##QSrqQ|-A7RUPb
zS6l5HY#e$TQDfAX(c(R}MJp913y%Fq&&DZqDV~nOzXL8YY#2;ABc^GdF~WTEdYs8O
zX0)BbH%qRU%V{X<oWh+xiq1k&vhgn+%WJMJjN?ZvV&QUVJ$n}PUm*mC@9bS-I@H1@
ziM}!^(LIZ=e{rQI!501)8J_2h<%PyH7aqb9Bd<v||H0<lj__L)-qWS`h55(1#2i0b
z{y|vDV8jFBR7<DQcwzdFTY108ob4(Z<1n~hNBt2$cEw!v;xRGra7c|f;xc2BbUhh8
z1+@XCHK~=efRfJfCPjHK+TUKa?HPDvGiFuhww~0jfH&hfa~5m$X=~{MH+mUq<?(}$
zBETT0QVq|%)FtH!=XvWgCrbuRqnLUpfBSajRn=-s_xf{o_hw*YaZn>I>&i)wDe|$|
zke-)@eyjg<#ZlvaWQTg&i&y>YX7-vSIk%nJQ(2TY^=v1ERa<Yf2O=T`LRRnK^&GEf
z$@R!g(uhj+1tXB;gEkqRm_jFyAHb$jCsSP%sxoh>G3yXtfEW5-;&CZyh)#$hv!zeb
z0mw`$^{0_(2fSQoaPLJ~Xcj?d7kmRwrL!8|hObu+4sIlWTh7z^&ZRqRP5KeU2p3GV
zN_kfhw^T8Cd$TR$c<iqLEC1=}cB09VKJ<g%aL;}=2eFW?K=777WT+yJVYjAyO*|$2
zHVH^Yem<StYU@5n3;w2zMIHRDx7fGJ@Za)}lS>b=^3*EC1aa&t<+?Q3It4vG8kKs^
za$Xc%UEj92=IOR({z}1cBtS9oSiJdgmjBDac!Xz3%c0rmCcc`t^Sk4wGRRaLYoL8K
zL`630*md{GuGLNBCS__?y&Pqe_((OQ`bEP97CJ6q(kDm&79{|c03ObzxPph66z$mZ
zH^Fv2or;<(0YY9)=<`x(QyqmJ3Nbh2TQz!!+sLs&=VqCDnB<xWqLESc7Er^nmrJxe
z9=LR{=W=nHg<XDZMa9Xja32t{w<QLXLS7ggcw%}?0SziLo17N<?e8<Cj`9ac7ZsE6
z1hY~A`RG0~k5iFbY|JfzH*#Xh0*3=nxha5QdELhBS-ce=LA6#W`T6oXa_qo%b>&10
zWF%jditAQg@GwD3sW?6tL9oGTU9n!b&YO9spfxLdQ~mRN50%I<!Ro$_Cq)BeUwGyT
zS&eH5E#^;vC1(<;Z@0mwJx4C8oe=R(uz)XVs9;i(*GA0{l7KYxLEf=H^yKysjv-$2
zZCteA5E}o#Goyw>vPi1*J~Zh%YIz((#ZZ0{3keb__k9~a&fnji36~|7+k;mTYvx2y
zQU1pQmqh<q00o|y08@aQitK_&7Mr`IN60wqOUe;34NP;uC{3qLsRVSr`jR?VFwB3F
zrpUOd(*0qi>(IcGNa4SbSO{TycQTSzu8CNR%Igd2nOp`Er|@bX+bmd}Kg-%Wzp}G>
zm5m9Q?ygk!53K3%&j!IGeX7BlAotWEQ@#5%P3fO63oD)#P2@S9?4D^BtAciz(dJ`T
zGYu$Gl8CLsW=-NhQn!Q_CwvP@wltv!|2VO%5H`}ITniC-0sryfEjJ4%mb9Ezy>z3l
zYs+TzW3MHVuiYn0VI^7{9n!tcOL$h5D-~n@VT}8<`|PI^iLwkcq<h6}_;d916_t-i
zCz<}&D2{~2YMsqbDE}nytAF$>9Puj#`jad$DYqg4g_e)4Jgd?o1wgk|pgiXjENlve
zAu#m%Mj{(_$zCYa`(B?OrpTB&t>$57NZR7eTx!4V|1`GwZXnjFrEV#XdCbwqe!iy3
z1+=FGpww{PSbb^y$_a0sOr}|HZ0Okb({F<37e&fp(_+NOea|z6V>L?{S0Wl2A!>hn
zQzBf6d0JVID^fs(TmKdn#0{LsuqU3-*p);?8YPsZzj_tZwZ`y=P4b@5v>?=*x5{!-
zEM6?j0e5qM73l{3TQCsvlQ1Ti)2vnfc_CZib2x3g(J%5$MsW!5q~9+F%-h?Wq?RKx
z&lW1~J42*D{^-?HFTlhp3_M(PIL=2{QO}WA5fZZst?s56+0e5?`VE8kA_fa}6WSjG
ziHR9x6`R;ms>Y^l9DAvs!6=P%70VC~E_vFf=WYU2u>Znb3~8RYoE!^W!Tn5RK8R;u
zjESt3v_x;P?0&z|P9NR%BfgbEv$dwl3Ft)`Ij>uv4|(v}qn0uFfqzjoZf{(-cHL9o
zex9RH-&lSsH<3OyY@$mJ%wdmci#5RWPVERR$#r>X0YIjK?O|!6Ok&BJ3RX1<vVPJP
zAh<7epT}1N@!yewzP9w1UamOHaMmBJ{-*RREG+a3Ecugblh_G4Xxq6{rStkVtx_-c
z&VvSX#MYv89KLq<IBoTrZc$W=oUL9<01J+VPqzV@o}!ok2oSO)AvjxUWJK9A9`K=3
zAWK>q3r?{d!#IZ0lh_b7(5K1`PJ#9fPuf{R)IuoaX}#AZC&kFXj%gFZWWKtw261^R
z2`pC}TmsIs%SP1yBrAzwkhUlv4skWNPYsSE8ERpwQ+pY+n^!L{u0pD!(eyA|rH+Pz
z8%)?u0zQFV8ebwYp&vxTYEZW15(9n$&!SmONdVgsA+<Yh1xv-)rBz6N)VF-HN`>?l
ziu)eTcV1|05JxNsVMP-9xlxKw`<49|SK>4W*eRsxcszq2_uZy6%6aU;6={y%Qws>{
zYIcI#A^|v51+n8``{Wp)ZSnjyL8Xd^P&ARQ9C?V8f|9Fkx63C?x=Z09A<R*g{2F+K
z;}ac7@&APLrV4?Di-Cpb8IwhWh4YexKL2cB&gyW#YT#j<qrSEZ$aI`%zIuS1JB!Xb
zi{#TjmcE$34}`732ap-7Wi_9G`FI$r*CjYBNMMbGAd`vnY5khwr5;L-MqRbKLy4|$
zVxV(_XL=-0zm0)cyd|vDI2i+JDx}eq>jF3F6apT)4N^dWNo%sFsL_<!{)v@)n|3{S
znkQF+PN2|g2(Me993eq&T*LaPLJ<eEJ))8fqwfwh)-ODaadPk+S=E0dj4;Ozi=U2^
zqzX}<OzYzvCzfSNlrew;-FB;n2qcJy<tU#&ua8U;Z1}bZwka|?(o}!LCszy}Qg`qk
z7|@^s(o>5~7cx(rf60a&^D90geetff8d*<Rz8+|^Ui#oVrrN78Ihf{XM1EkX&r?{V
zhLnpBxT}g{Pg?x}_Cn9se*&>PJop_m=qHi@K~mX{M!gc#rRvc=r+Tb%YrS$PQ%$21
z>ezpiojP$H5f-?yyDJfQ5gKeJGMzfp6qReQ>swupWusL~+r@-&Pd+)$)EtvPv#A;M
zc@9QO2>jE&@Q7+A^v3T6he`Y;o?sJ7VFfVJ-pkJd)mnk$s__8wZPQQHBv{ll?()-|
zk?5Uuu}$Eces8P~+|&u7X+q~_gUBN>De@rbNkR=<t>8Uc6Ltye6rLgPjd=!tMix2Q
ztyb{g%<4X}7;;t71Uy9j;%Wr>nXuyQP#3%8H1GY!WB{Ls?(s{3`~Fw{9dO_OOF-2f
zNQF_jh){TlFz4?|F4>lE6QFK#-E+hjtnp_1+jX)Xk`_ceexUmc(FZ0foleuA{f~TS
zKv|nV;?}wILD?^<uO4+YbDNmsfhE=@UWRFB2i2{=KBt(?JKr$Pv5O+8Wf*B62Vg>B
zu{msN1cHYiH=zX~eu%=ADs&<Ym^HyX%8-n-Vbl66NP>v~;E>QqArk7)rm|D%PX_<l
zL6t7EPp&UXm#WxoQav1T#EKE5vM%e8+0ye9^Eo}c;a7BJ<p+qM%@hJZ%kRf`&0NG!
zGL*o@<a6X8++Lro3ExqNk1H`Zgo1VVjvhsWUIm%&Grx!IPve0P)0Hzhv1ydsf6rFy
z_d~CUPVd*R7qqh$J>2PbdBi;Q;8d3>&<5cOa{kws=~GVOT^b%Bg4BAdukH{*zp@-o
zY+LU%dTB(N*6)5dO`5Zk_Hh+2bLkH>yTE``k9h5ULMiUnXGS0A*%jJ3lb?oYl^@y*
zI1PmH0_aeMi$x+U_C@FSm;+t@J4|4f>EYTM-S`Zs_s83RPXMT1caSiNTOF+GI@PO#
z=G3C8#m%xx<#qLWDBN$cdc1L>*z;Om2}=|0j5JdiaDN@7+%Fu(DYkbaaJ}zOlU+D%
z+i#q2XJ8Z(D0UZEU2vgC1@|I)u>Rk7X#&5CNxdW1#l&o*(H{^l6A2bat7d_PEal!T
z)FR6bUd9&$FZ-8BfkT3btOF5M0O)QN8;1zj6h)PIn(k4$lwCi2Zv`{4O;vsX;)AP9
z3p1tUmk!k6!A@_uzPKxITRa2K+zF(p?GrL4zg(IHs#K<Zt*MD6-%i8Bv!hT&pCp$A
zk6kNO5aEVnwW@Jri6luTWv}5s%t#_WtQhhb(wH0V*|vOPQ4$oW`L8P@ri>xKG#o+)
zE!765izdqT!?K48)-TbTA0nkMaYoS|6!G>C%o_K8#8Kyg7RRKqJE(5{1dm7_MjQkI
z_K6)8V|Pxx2GY9^84&ESBm<?t^i5Cu=^`{dj|5_{bxm(@cjVr((cJ<)2wgi+FbBkQ
zT<!V^9!OW(8X^TcoDoeuK96Y0gU-Z!U<phZ7Hq_lxvf|xROAsDiP|2*E;@nN@O~m+
zpms>JG*^67^qeXBY42s?G;nS%-@tE~dX~?(s?lMmrJ^q1E^AdUJWjP^Pz>X2WbiF1
z4qP`GcMP)aumoi&C^%9$rjBn(biDv~AY*(eso4rMF-iGA(^e)u)^Ffd{~pn%d7x8b
zXa~lDH){UdH60OnLdjFb92Ovbs^Wxpz+*YM47r26P0!e;Sxlvq$ARMvE=}MMf2FLD
zQ`jWs$2yiQ3GBH8vt>VAsUFQkg{`U#0YZISl`7~0n-Jc3L8nxYCOAgv0rkeuOeoGd
zq3xFTV~)jPIb%yXYg116yD2$oB`J*5PVP?Y?76EW?J`En!yVysGN_(8zT7kK#sjp$
zRRM7mr&yyO)hh(<t^oe2E^@{nt6;4;5fcj|C-abQ?oKAl;Se}a+NKBF`4)w2vt)PV
z9f(ihD4dtO8o~joG$>*>ud@{z%3Dj4r+uDNcePguJAL54H@BuM!l%^zScH>d-od(K
z|7US>;q|%vOe&QCq_P}jiRzNm!>wP^JcNKqaf}sKKr}f`i!CY7EeX6&f258RE_-nB
z%7wP7zEC+x(3Q6tHlK9c_>Sm`{l*OvQ~PTBk~USr(4=NYFfM>K(_G`PD8X}}R{8Sm
zBCs$u!LnN=(7+{db0@JcrOBSV^zEzH^WFHFy0QB&i))*b_odEC&iv5<p}4oNd%kpF
zs8*(1^Cgn3RB03bL8ptJ5Rm02m8jL%bU~BY7h~Y4=Kesp2a3PFM2A#;bGa*R3S<pg
z()+*La1BEoKKlYnHmg`WK3lPV5c~CV7vWZ~R30;&?Z(pn%hG%XU(CCD(a@trzg3QZ
zV}L4UGzQF!zynU)f5>5PIMyhn;Kx2&d8IN~y$mCj0}rKu(fs0EF*jW-@P(^nNISAO
zh6Wx-lZw;##>mZOvW{_w`qSJl|E$R_1Rrx9pPJ7}^iF~XDPNncoh;dZ?u5;FwnwaV
zenhUH3ev%ybcCq~b<cW^^5dYa3e!<;-t4=09H9JEMAEJ*Pj|1L8$M{UDf>JKsYfyU
zoLBfI1tA4YVIc)5<eDXj3}R8ELoS4YE{0t+d~&M;VzYFYy|Hi;1vmw|n!x!CZa9Cb
zH|uaYq8r3&Kr{W#+*#LPI8~{ysVPsKBl5?419Te4@i3H<My1kIpTZB-)Oicj@NEt#
zk(ISY-xabw{Cuu+LxG@}{mg$p4kZOfD2VqM#Tw+O4C1g|LZJ%3Yc5pC5hj|9T4R}t
zRS#{ch0%mebw1aC7yQ>;v=cDEY4`7sIpg*CgKo?2_s}S=$(IrPKfi}7TljQKx#nKO
z)BPg0fxZ;-I<``PM>o&ObA09ntVr!WyUF+{mdclcL5LRqtz$Sw(U{ODZp=^?oHyY3
zfM1N$s&+}xk$nOjX}t1Yp|{g#_W6=qePZ6k(H-f{MPC`oB#Y+xZzpr&C*pQ^w|{p5
z+^?ntFtS2={HbWR>ZZ$>*DlIAzB};pRDZsFCd|@0MiP2v9BUQKL0Ud%XncTCAO}bp
zKQSlKf*}cRM<UxU;d=!caZ@bOh9j_ufcE*vG2$REhWtS-$8}!3ed9)eBit7s4Y)V3
zc$M0ch#j>d{|gq(QM5Us^)qpzl-k@|<f{<1R*~_oW1l;Q)}L<67x8t1G2EGNYqUk(
zON!K6Dy^g&uYwwT*UJ<A;$a-|jp^8veuIa(aQWPSH!(s=Ocj+4pPzQ|<K7m)IB`Rg
zc6=xeS$|#-iy(`wG|E5nU*+DVkS7>6q(T8#i^MchSGoQcL9;bL)=kIl$o;O;SN&4;
z!{u@uLgj~_Q-$+{^LBYjuns}BJTMYZ^y%yi)}1`6G|9Ch(ceY<TY|u&UC9t|)<7zd
z{EbKQSk!niwM5|rA?m9<vEogQl9ph`$`n*BwOM|(f*em8DDb*}FGoDHg`kVm3x<Gm
z=4P2&!k?xvt;y=+?-}*&RP)-of$+*}txqL54b~rTruJlULEDU??)nLS*6iag&8jKw
zoOxkOwDQ{$Jj)N+oO!*&-AWKlKJVZiUya*1alZd`52V~*%e*5eeup_R+9U;VX897p
zd!x)6ZJNC#LM)htL$ZO@SaCp(`u+b8jdv1uc<%zhp`pD0o(fQHm3EBdmLZ@R+v=zF
zL&dbF6x}@s+GF=Nho`HMGuag1P_IFIReZnS?WR?$O^4mh36OR1{CK(GxPR?-A9pp{
z`ez+n)I2)8uCB!9uRvUaV#<GSWUrmci`B{fL6QlQ+}omKhy|k^bN~k!?GPn4=)|db
z))5qx0GweKn{IR^b6L}J^Dz#tM4sksdyrdnZw5r-gfkYW_pAL2ItSe80W?Mp9ms5)
zHA7V&oQh^DKGAlL2CeGTchcT(c+4Z)bsT`s(pIesmbgnZh<XHsLrz$dbbMkA+V!e2
z$W+|=^(cLH(D;)ds*@P-#I=j`<iBJQ_S2!qipn1ilU2)V3;064wdEPp;*gSVc)nmm
zrDqI9pE%`$%O0X@+bL%pr+f3qGvH~;$5b?~73I{%lPJX}d;N|M1hYejk((ot$BEgy
zmj~_nTZ>Q6)$dCldpsu`=rO@_NAN{Xm>jz~T3H?rB|6L$D#f!$UWELjt8Xq9zjZch
z`Y@>f=$!>Pp%kKq{^zi6aXBeBJgPuYBFC@zaQI&rvYB3_XE#kYt<&?&p54wZ?#&5v
zx{7e^_j@vD)@f!OgWLT@?2E0$tF<Y#_4x3yv;cpT8}1Cr3NWf-#?peLn7BC>eMf@m
zSOs7^oJ$jYv)Kg_M;J{GsfkX<2?*CPcMJTx?%yarWeL#`|0-A^H>co~3R5Z9FLQd$
zUpD{ntJgE{#kw4$L2T|)y)r&#jG7>Fk;ZHuD}UwK&%3ew)InRJlG!4^Zkvj_Prev8
zCueVqiXomZfCC;-p%9#x4;iUI4(A-lsZ&i@dK;1iCz&U}z-Q|j6;yI;dz^C%{?Z$=
z<C`gT#9cG7zyrS+7Q23j2cG<rdr&!1*G0d?o0eqdvzz&3WtH*zjm3TH^nQM|XEV)k
zVHBX<E|0R99<TTfd_r42qrSsCtRU;fd#zr@x~<2GPbN`(m$SI{o9v%bY~;r+Ua2xB
zazO@+o$rv+!yXKg;Txq*bTj*&=x+!JW1*WK;_QqO$o!9#E>c{Q9U8iTN$J&a`%w0e
zg<!owt>eV5dhc8H>ZLlB-N)lsEj*cr?4-R}40BLYOUALnq*H)YVnxQ)t`l&L)A=EU
zGq=J~z!YK6LV7Pj03ra4H@%h3kno5UlEgk>=8B0<Ma`e>4~!mSC{EET(r=R>p?DH|
zE}{z{yi)r*qxu;J4)cwoM5YO4=O+=%6`R2gj_b=6>&?$gU-Jl6vql#%u9i>GDU?9V
z$VMEnNjV|B+wGOKziZ%UWgoGUnBkeM$2>xDd*8M5-dtVkxgg?c%OZ6oQ;sU&6TBm>
zaX5RDAQ*0_!5rBxK>(SYoFm@rRNa|+?t8hELSlY_j@D<O?nZ#y__!JOP|knkZH)|>
zyd5z}0Qji%TvMKyHkd8fALvlS4!Tr0O{<w()kn|qg1NigK>Vs(duH#6Fjx{SQGM80
zuO<z>i9vJ6Op%6=1x8-X9?HKl>k*57A>L^+e%+IDB<uDbLl~<z*M_Gv5~1D7h!xLY
z_AOS@EYLk-wV-)(KminKFqzT)4LmM22^6iRi};NTv&!t&#kH+#rF*6~){CiCJOP(6
zv?=dw3s4brwmy^^9BR-&io_N~!~2W?;Y*_9vjrXk3=5M+<3seK;PAxvT61t7<;#>u
z%P4#SZ<lTKF{E<^rbp$7!9`Dbcu$@fP_3IF<$Tz3t)gi*e|l8=OY(Nc?8?10d!?ml
zs<--#i?7ilF|b34{NRG$#t;5fN}UBfvgrN`RA>h5V4x!PT|K~wPtm$mXy;uw7SC2I
zAi7-niK5ZIVOS4d@uust33_XcR^aO2$w3229)wJ)Q$ysM_3FO5hm>2{OLnb}V+nfQ
zg40%obq^=!)R+h7s}<YtfM>Y}TS!vc@iDI0i2}BN`mu1xk_d1=7Lv^dBKh6+>q<4g
zCH+vENh&y7FZI~@L&S|eZFiP{*;|o~iQ#reZ_w><dQTg3lW87%kbNRUGU|x?s;WeY
zlB(u)v=FuLteypFdqTm)yTX)`Tl*<sdl>q#q^Qb)RZLdXkwkSsLVQ!y3#+;Y(R@JA
zkReC5SsVio_;*%knBjg-+i(Xji9oljqNY}WVJ+RmIJQ8)Rc>rRo#Q94Ml$l5_;K0p
z*I=`I-)-x&u~EUDE3}^wG~UiPKk%8i4fi6^A|iBmIDZXZ_;+Tv)DTk<KU?{JDIs9j
z7STm+RXA&|E<3IPb5&iJLS#V!kdyHj+4o+LQxa(Rc{nx)l_5Q{Jl)hvXIk4@QzuT#
z#!T7HxX1Db{VbcENec?D=B-~6%({q*Hia=nk&I$&r2Its(H0^k(cxqztKTm|?+pt$
zf5^)*$zzgB=Jv@7%Ey<$sL>1==$QHxe3Fzbb<oQf*9p8|5)K!dmBce8Naas-r#xR6
z_rs%qo?YRvX48AlKB==`TNxT}=H^yZrxMeQ&dD&(*^9;D$h3&I81TL5Ct3^_-oVjN
zDp7|k2?tWR>4w(U1;b-gYN-aRi4<fw9?>>@M1a6m8L6(Tlb{?(h15;1)a+B4>|r>l
zimop7!4;+L0V)!-Kyp(|t;h=ycsd<ydZ{ognN2FC<M~gm`9VVCJ%2kNH)Qz7nr$$Q
zU~9TYK`_SFZRygf91W6h^M9<Z`^~-gP*6-loWJk0Moh-|X3)zuvQK{vy5=q-fyzm>
z(*`HbKja!wBY&%Yct5($tt$OImJUhT9l^t%*1;fb?1uas$IsyE6Bz^a@ZLAy?&xV*
z{YhFCEPvkZ0#pzwUQyY_bUwQ9R)J4K_W^B#8?wT`s%54L>HSsBesTy-049K2G=Uj1
ze$g#gvEZnBF{anSh(l9vKNw_&6FG@DYefgE5#61^Jg>0>F&KvwJFXJlf=iZG4SSX=
zb*xaY1x35n2aHe!)B-?}2AY^9WdiK5t`_XrkYC?4W1J^@=mBds;3o1Lg_FvFE_cOR
zZ@~!0B&qTG?907s8OrH5W4B=yRY~JDyzH>@Hb&}C3B%WV%x8Q`Mh8JQ_i;l5fuz0z
z7$o+ah@Yg{#MoN-dBNf1L<$?BK&U~1k#$)6{ieH(fOcg`zkn(a#M6X${h2t|rvNI^
zj_ynObjT`&?Z-WHoa$v}@LfJC19nh)3ygjvGRX<X<)6XVZ(p6h1Yf#5^_v&Hiuv7|
z`8Qfd89vNYFDTTdY!d`|IhFGN@I%B^x1{g#$s2|qHewyJL5v+YgY2KmDlRQ6lwFo?
z^M_MzDx(sdOyEY<g4iP<9{5lA97Xk~zrvT8nQVXZ6PKdx%EZF7J-h6-xtM2$Ka@e)
z(q>raNn;ta0gh%MGJuwBfDy{=rgF?yqbogQKJ^!}%<AD_xk*Q&{jJacL^GS8{~*z#
zg-FJi-tFly*D(-NIIc6PVePMN5G`I}!b0YeK_i|&_rDJKxIC5y?dF05!BgxOk|M@L
zr^5o$aGua1cWM+SZLl;ta{{U@8iyg5^U4rbq=N`@Jriv`?qe#8hjg}g$3?hxSQd#?
zHJ}Pg`D>cY=v4Q(mTsvH4GSJaOsQ4Tun59RNiKV%MKkLron3G*e@sJ2eoIVLI_v|^
zprV`$1j7Ko?t)UHVSp9(2`%`{;#Bi?t?TvDv1SrLZ`;!o>$&XH236(LeLW7nC69ZH
zqqIlS4u$&A`_A;&w#C;kwy)a-S9@0xSMqDD%Rz&aQrpF^*sZU+{U2q|j4Y;8nz^L9
zQz-hAgM%2+s5HUxnGZ>Ujs=&*RHib%9ctStp&CnOCbXXbRB>h6fk?*GCy`Urp&p!`
zrpZWl_(-v(35$_)R3OEPfdRf87iQx}8gUsZ8@j-tv^;U>Rd6ZK6^cLIgJoAvVEgGM
zh!oK4+RF4e(ic5#cH!b~Ao93#g5CE6&Jq8YZ|!>w+`qAjpx4#c`y)j39fc`oA(I$s
zVv_=4U+G6l`NH=Ic?=aAoyF$v1hXA_rBIAI5dRBq-KIZ6oQb>qK}j_mQeFNu><o{E
zp0j`Q5tS;fkkwtKaGf93(+Trcju8o07uXYI7`XEbAb8})lI5m!jmIgZ{(5LJJpe9F
ztL9r6kratm6Y!%A1w@5gb~RzOzyNh=E(zTSG$C%Ni5`Erc<ld$xQSGeWEUI~sbV*3
z<8d;nVmoVhLLXj(DE@~1tFxT}7U$e^J1ytM5+PN#pz)VWjiNtUyGF0QISgkW=`i)`
zD5MmCJLCVy)K>t-)ihlv!QI_mg1fuB6C4(IcMa}@;1=B7T>=Ex;O_43@Ne>d5BaOM
zYPRZbF*7~qbf50IGmxvcErdcvQs9uLJum<^4SIV?5aWoEgNi=QB!^KO@lZ-97W_6;
zMHW@W4YbEvq)_FFOcr?e>K*2xz=`()C(g7cGZ09fG$Tj0<IT^S!wlzicl+?TN;;*u
z((4nqsFz{2=k-cDinKUp*xTamSx&+3d0^T+_Z$}Ij6!$9cjUvZbvN;9?n(?UU*!3b
zyI8h4g{^lwETkCaFDimToxh7Q(hF-;lhUZ*U=|Do+aneQPtfyh^o!yKupuf_yu)JN
z4%>NCCzJ~a3oDK|?(8ABLDy}L9e}vfA-W8KQ03_T)h5POI~~~Tf%?;=&YL=1jl`A4
zgJ<h}A%be)31NY9kye+^#DW!cBstJ3FAQm$25i4b=22rkg02t!4y-{-&`{ISd^A$L
zK}8kgJutqm_$14IedmqO)I92$kQKBly>VxX6SQhYt=`&paqNoj-k3&Zc=^1=)AgQx
z8V%1bjj*AzG22zA33a}%wVEfV)po-ZOb?|><lbXStvxEHJP?f`2Dra^IKsu(DR~{b
zzjw_&lzR>S9=Q6F;wHHfu34F|gcod&N=aK4Z)k3wAcxBaCw@T}n5%H31fK?#r?A5n
z;tV<OUCV6gP@|(bF{;t%tUphmWxIq6P&^><k(CN8z-NuFOuzdar*FhDlf(TcnF-xC
ziGy~1!E`5EYtrJN8r#uQJasB7Q>ozUI+j-ZfcAG-wg8{}B&$`@`-C5g2Id+Mkrd`X
z!>Os0UF*Qj?#Or5v;LDA7rQJzzgiJHg=VDP9m#(RC3re4qqye;y$+uUSL>**;GbK>
z(@Wc8@bhh)h`xQ~ffS}_T1th0n0;Zm7Ft>1v>gl9)&C=I+QPDvbZgw>{B*sDjJtaL
zpo$yUzyybof1r-!8Bb_n2_am|FkXN9FJ#Q8y|V28>O{N-cI*}h3*#0?%|4#CqPZSM
z+mB;-lPdD`(0{w6wiUI7gB1h)5_$2wpbh(n1rZlnK)Hs#6-7228A$-nH40TKQo>ax
zsLiN&>4#>lqNa;hNL+7%3RD|d2vYyawJq5#z%z_Jqe^@Hg^2^BO0$)61;R|G!w-wz
zZGuv^T6<T(v?AAB`(bG6ra0cLZ~dBw%$&s?VX$sdE63i?g?X6241{33-84M@MNx&3
zDNd*UqDcN-v+#9pLD49^swPwf5jBDS7-H@kO^Y|Q8iVqGLJ>i(NB0@VfF9U0geibt
zrMVwe#GN~>n7Q5t_8E%iet*`cI@@vsJfQtpiyNf%;7aU?c{N!1!!dsEG>kLG9uG&F
z=hq7(pb{b6)%6-_zX!eB{KbSWnZTqjkz{{hi6E7kB3t7TV?}kGh68;5&i&1w=F1Vj
zM5jR|cgMTnOqAPQ=F`KO$38Cj8O_2jxKr~MSIXu0wSt&`0aI##Sde6;Mk0X8I}Ot#
zP}L&yDdSYInTE>Cg=HFK6c60s9WvF6EQo!bh>*fF(zx`Z{XxrYv~yD2Xpc?%6Y>FL
zI!@<|%R-_~V+yq!=zssTutC$We!B?yF4`5u3ILZX*_J(7^19&9=wQ3sK@@@>+IP=@
zX@R}GsRwD3eMkn!8fTL|^rFv%UOqS0Dj)O0UHHwx(F;566g<2?0mAW9G*Llo?gts4
zVWIK7{Vfie1F6K%D;;>JX`}oZZ{9BlTSo*tx;mQSt#fbEHg}^(dik$crRtThF)Q)O
zj@hS&=~Sk<bPRvAYe8>OM2sRvrhtwR78=(c$dn|(^)7G4c#2XFce@s^!;47oZGr$n
zF5UY$lO3=Rf#Y-rj#HL1&N+LCH~O%`d5SgN)2v2dpK)o51nI7(ZG{C`<;7K9q`j(l
zHWHfecJoE<o7cZW0UF)lf0hX_NdDE&0JIEEy_P4}FvyhUX{4v>Ksf2SM*dyV5$$1E
z(mY(S0s6cDfMtU-xu6HFRk-;Mo+eqVuoL-nQPyKu|Ld5@on<yQzjuWn$x_f&0sfP<
z8L=MMrsEXdDc&`>K=qS%;Zufd$ferbnRo5df#cChUr!_q8mG~~^FkoZUq5=nu(4^_
z{fh!J=?B2TgEPZEyH+62_}4Qjtq~fU2kVLrw@lMJxB#u@fk1F|2bCn%t;qBSQ5RYl
zo;Z=<!09z`-z?IIjkSNV)?!gU(^v2wm!cF`Yrg=G85-T2X;@g#|1eUdu#sUoZNg0b
z*Z!y7ky7*v%c2a_ydmA!{!NFhm*4V*5^13Pr_Z9Ps#;-~soyQ%WQm=-sTZmUwEPMy
ziW2Z;NY{rUM(6TAtF-p9uEv?3>Xr5hh-Ng0H&K_Demci_X=b-LU&xHC+sf#@4yL!a
zdW;mL%%sQ4Hp&D3L(aPX&rUP*-l6WOhhla(>}g_OCxJ|JBq~t!7~B=|7dt2<O3}qL
z<&h<o{v6BXh$t}#(#~Py3Vi+_8?aj$lErdCF>(}vQ6A&F{YMO?9Um<qW`Voa^*4O1
z5UgHLJ}amt8Be4^huAI<Q7%|fY&aPcXSKT8+zop#F3yEo{BigmW-ur6CEOYnI<)gC
z^;a3Ssu;7Dh^n=dv=xs>qvf>+4Y<X(j+IYkCR+iV+mjvRW?qFP5XuM}GSb*1;97q?
zum%t89|h^=Mx!BdY_l78Fyq|EIp_KIeUYY;f=TXrvt_2|Be>Ro1LwLpXQ?7<LYxOW
zU=KI)1)&5Sa?ws4lDVX0OlQ81httQKrQOq0^>&Se8}Vj!b=`zYwHMF>-`7q>Oz@v;
zx}3M}zd!WQPe=W@I<UG2>-&?s6k_^7F+3w9o=YP%F|>cG?2D7kuZ5OkZM)v88CJ5s
zqYBph*Zl#@J+S*{VE2zs<S#-AN6{?ivMx2;oA*WoHlf90Nv80dEoa!jk?C3?lI^mI
zc}?s7K=qFhnq=5O*6$`G`~y|<tF|j4`DK+HeexO4r20i0mj557b>@N6c7I{YvM4hU
zMD03emfJ24xVl90I#45W+LW6?Sn(_K-?EI+VI?quGU=iD3(1OZ25I^QZP6|oQKbF~
zxyy>VC(OzSe<+Qhk!|<0@5)O$LH{2swOQdzpy>XxvLY1<$V#TDLML<ekyre7XEhK5
zuC%~Y!Bp*YZ0mzLq83kIr|GKZA~z0y&a3+Qqdb3o?GOVDYCt?cak6X+u(~8z(+n3!
z_mN!ZQ@GOs`dEtY^HgDCJWaXM;K&cH_MOD1TUsyR(|1GKFR}av8u9>W$Zx-mz6@B2
zG$UBB%+k*C;)i4<T}(4njw_RE@+lYE`#y&|7XHZk(MY7!3W2Gf4G3sR9WD9W<pOjq
z^+yxcPyVV0w*-)h)61r9;V9l7lEtr6XZ(m+mZ2JG?@q{yHA)qVuD1jzVj5DzN)&d!
zl|OQR@9#Og_A){+;5sUJUNI`1_0${%h!&fQvU&2-Ycx309#*GgRYdLbo&@*0!8of=
ze5+kR$CLpoC}BVYS(lZxKo#wZ38?xFnNB+_W)hdE(oi%TiQk~~NW(v;Ghl87T+Ifc
z(_z|{sSBdM+hBaFE9?7V^_Jt2;95F*D935dvNKu177w7k5s~yf_g_&@*3I@0=tzaD
z{5#JF=$_9XgVjGl>xL;icHvD?EHnN9=R+|s=Z@9Q9zRk7;q-j1{?POJ-QnC@V7DP_
zL+S#>suydVPWDj7#SDY4B}-w>IOO-SH(YGTh6yS9RQ53&`bC~|Yu%dKe)}jAtfvS_
z<VQ=k4&Y%qVD*3=xUuqmR1dV{H{<yCgMd>^1otx6I7gFY({b1pi`Gttj(1%Y)>*Le
z`Df5MT8ZwE9`gZO3GU^bwD@hxTOhgI>}4&({$LS>xrykb%-M=ZBWHdMcbMR~vJHfB
zongbUcj@V3^JM6P7=74MR9Gzf;b|75DGDt^@}B}tuLuy)k&=kCc%O9`GcskO&V>d=
z)=MjPNIqK^vVq9d{byztHu6ldx^oyLT9x)d#=$B-#$pEzem_SW1dF^q+-q>vnIG2F
zjujJP%g&rbt8W*QPbUov6|XCrr>+nB;O>BOc{PTzlzCnblPq>4kFz~C;MF?_OHU>g
zdIT;mFwp^c8sAzFj0E{`B!DH{0HbQc_zLhrz|U$UbDWnNnV#_4yy?$i_J`FusC1>d
zOp)EB2?l0*RO^@${}jCclpm@O5g`x<z;q5D7<>lD{%p9g9azb_D$zq9=UH5~)S}Sz
z9gRh{1K+>sJBra6Xe^a&R!X$N8T}|`skPj%A|dZmUK)XGXzk(&Kn-dUHyd97zMt_Y
zq2Of<=>~qF;Pd%GWeU9~bks8<%IHvBKy}4|zl8^T7nPoJTMG9<9H_vh`oYYITC&Wo
zQ7Vt$nl~iH6%kOQF~?Lwv>{dK&5otovM@T+H`u#0n^&UYjTzqPNWY>1U;bIv<bIAL
zyB8jE7j^XXnYewnNq42(3Bld5>GR^K?Bh<A?r{ASY|NNX0eSy1%#B-Ct!V)L-{l<Z
zTZidihoR_7;wuE5dfLXC8yuU)tOtlQG<wT}0iXO!LVtjFoWp$mqd#j+9f10Ct&Y1D
z<uTGd<l~{+paSQ?-qD*$CuQMUT|}@6O17Pojo^&rt1(&Qh@*|lB>m<_K4(QcL7>e|
zYJVEfRAu0bZg@#$x$IyaYwAi|a(cE6tcL>|8*ncPh;zxvQ6SFaK-s1W^YuLrVtL8=
zan_H&fV#*7tia#RCNI}xavxNMRkHegu`Sg~WeQ+c;WQjd7~|J-4#79)=GB}kGhmnz
z_coUkW^xpdS~!`IyFG@l$M&qa4xN29TWntPX`MP%I37AV?67WlI+mOL?veyp4sMxZ
z_QJ`OUG8!NI#Db%6n0z`_H;s<#~t5-BvRF_;+XAetlvfq6AQOtB++3w?+z`JE2?P&
zgV?6XLo#<v#HPq$DzarU(yIldb9f3xt7R%-F;P`@9#%XBt!9>FBbVI6lx;m}J{of>
z`*bfI&oqwfZ_IG%&4cgHgQt+l@VUr5NRa7kXE6w(M0V-51K|cJLA+0&TaLu}K1c$u
zME7?zvm#!}a(zvjq>P&r^@66exH!m|Pf-cqgwFiTZZ(SM%jt?1?<`BMRC{$*5LobG
zx{{R>S_an5DP>gEsk-ZL_iU<6n<~#QXE)Drz=X!b@@<PJp0}E}9}~g3e-D;BZToNP
zz)VB#&H?-gUS6wwoRZFsJPK3@l7n;(3|VrlwU@d4kNQr4d2>>PPQ*c=w8wTK9}-UR
zTw-?eIK8QL$d?Ri_p~r{PWsvKJC3to!$VvgI^5d5b#d6Cl3+5zMoywoX88~_yvrT)
zI$MZ;uWg|W;cu+IVmRtyJnEsEExhf{iSMw$$;Spjt1}^yLq#Z`UJc#la(qN-Nxu0<
zZuhA#1U^KwAtgypt1|N;)N`Zz7Hfl1;aSHx+`Mp}^W3hRF*7S06&VUEyr<W^QgY0g
zwuFdXr0@maMU>+yR&3`Wz_R|J2@~uy5R68k=gJQ@NMgnVn?k`BZkQf2P0ro^q>#f5
zVMCv`FLyBS|MhG%<p=C}9oTcKRtD6w!VZ43e`~+j)lz_NvWm{+X>Hu(rum)fL+x7*
z_Fam%%44l&+3bp)k_~J=;VJ88Zc9VSM{maIhjQTI3UyY=by?Ww|0U%q1pk+m?-u?^
z%99BysoNFY$Q-v6nCPZb$(B*dXojgHrwF5=J<)NZQwaV;X5T7oAtV1rP%=S@u7xEr
z76t=_>X^(*9R-QE_OlhaSzvP`{OkcX-%VqN1>_uno~?%Sc)F`f4^uJv<z{QlJv*G6
z|G+j)?J}hC?c~|^v<2Q#Gtf+{-HB(;>pX7$a3`9GcJ!_KP6~JgQbuwGO@;<-%*0Qh
zMT7pQ2sXjZ$c&UTJq_BML}JIv*_o@a_lpPZFPE#s3Vxw=)rIBy%=QjT>K8U|-scF0
z3)`!;@D$VKO?8=e%r`eT>#z-rCeGm_0~(D)(H@rD;qcm;OI}tcXT!vjZ0gb*ITPJ!
zRfPqOd&Db=_h8$GUvMF@5#&Z%qI-G6fFhAIl+l5&vZp@&y07xA6HsbhX>(CwKDZLa
z_F%W){%lCk&OJ{C&nPMa7L3P-L*hSa)Xp-uA!5F`aR=~i_2fOS;%>N!J_u=B31vko
zFl0$4_<~m}OZ1a1MYuDr#>9pYxzD>(A1vn6EdC>{6u<1rQi1RYo8Wu(?8e+m*^Q_n
ztRx8=I?kS`6lJHTg}KGfXVe$pVYb-w_sPS`VZl*kr<2Hy?~R-}Gve$0aHq=n`r2=r
zX{(#d@yDO==s}n?IYQi1{qUx>qJR7Zjknd`f|-VjQU=ovC<672lbR3#jw(~^ez|cq
z&W!y*LQs{h8x*4!=zq16u-bxZ(T$*aVxY^=VBR1uNngFlX}(v)9-zxVJkMtOp>b|y
z`zpHMLJ;8@x2x!U;<CnPQ^$6I4-u?>H|ebR)W}|f)v;Fk>M9P7&~Dj^#i%H<GRnz3
z799S!bTbl~ougZm66+Ukw0%J-L#=kfFbkranXmh;hWLVa{6<<)G%KY?0qH%an52WF
z1!4Gy7kLcgpU4!2Qs2Fr#Vr`-nk15suFA>|+NN<E(lDEScP-5@+4tm62`kLR=;ZM^
zv2HE(xbKcAVbt576_<4(@V;;KY9qwF0QiTtlsi_W%Od{#<GP!XQACKyfro4ek$>M9
zk=_)qdW6qca!Pya)hGKXc?7AeW!uWrAp`s&-<_(u97$+543daSd){YLWDynM<g9F^
zqVN(D(h)xM3bq}hv)_PL;!CT6Fy?XR&la9L3`qQTF}-X2?5H2I-}xo1-Ry1#*S-nR
ziLp~|uBEOugI@`(EVaPyj{;gkTjm_qGGsA;gVRmrcKh`~DfDCBw-4Wp27)pVwfB{J
zu5+9;kdpYMOPJugDI>k-#+U;!1^nL&j-yi_^3H`mAgj_J?4|&l)21l2l3LA!W@wEJ
zBWYW#2eybBPKvg*>{)p;%tH8JeqT!a&<!H$MMs}>IE25w9*K`&1SQi$Q*{(oxMN=U
zH>+YZjEPR*6<`lEl@POEfATEILc9`vXVSerwjQc(D1FW$*$YP;ea;Zx(?x*AlS6gq
zOowHm-Kc#@3xQ?*o?*e&o+qlI*fd`H)xOmTWMACPZ|xWWGF30BlEgO&!QQFqDALb?
ze3`7V{%8gYHB1$G>SRKp-5m>Ly`;$Rc)-sPBM!nKjs*tLm@(4WB8Q&qBb&~Ir%N?k
zUd!eMdjKl)QA?cVjJT?vy9eL4q3(6YmBgE~h9Q3`zEf>|8p@WW%Dx+|30pd7?x2Tx
z1uJ9cv^1L~^0N|VX||q4P1aGIPl?DldVWHU2@+_~HH^I9Da~%udkRzyEMii%A$E$)
zNNYNhcZnpVS;(GL9c8ZWlL}{!4ie~HBMG`Hxm573t^n=``@R)nRzsKyOE9FCCGC13
zI!d(zi)%lrF1}MJBB|0)m3+5nmr0>KN)A#Y?}k}skvtAl6dIxW&n>Xr>a#>Chtu^^
zDc&gIlWu*&&l{4x(Vr};I4L60s%Y2|WR|fOa;{zcJw}P89F1;lgAnB1Vv4&ukfO3Z
zkuqt84kZROvyAC2npXOPG`eYYe&L)<4@Y^9M16E|4Mj|QYFH5}_O0v`Lz%YjB6kIn
zSm66i?RQy3C|eMTfivZDBqtV0c!C~lo9VZ!FWjpS*>eU_UKf>tQ>+Hij}-*}@#CX6
z#AEWP2Ei1>m_NQ3s;2IXObG5U;@=aYbYEf76Ayl7ml8Vi_BjUbUm`K{DEx10RyV!x
zTm%E)23$`1F(bDkhh3i56$^TTaphHZ%VyT$@7&FE$%3w2I%!a~J8m%u&7W<5?G~hM
zV-Z+1mb4m8b|ogC5%mN&q|4rQnE@$dDGmEU6!Swk<cA_^W9&k~?8ROs*4Us&<-<Y$
zhnnlAc;fHb-XJo89|`{pd~#Nta38|SKML5Ujp|a0%G)fLsT^IdYY$&m&EVBLu98xp
z9aZ7Pg&&_#v@#Yu*2m+q(!!isIT!B9?+|!&^x0H~sdH59-!FqP%YS|=Qa|#JAZ&Ap
z4-1YxvY3ljd#Y@lDLa*6m0fvlA0Mnzlx-eUzrKyr5Sp>YSmNFQ!D3;1wfaukO{z#S
z%E}iUMGT803Tj0fK255l&vo=^D?#1ta@<(Z>ce9T%?D*1gZY1sXiGjIDo3(vQhN&}
zA(NdC4U35{3<vLFl{Dwn5iG~EzSVcpxHnt#WVF}-FZ|lQUaS5Ekr&LWWhO>4D*6)e
z7N*bl?Wex_IC(6w46*ZXZFR#hRNYldB3)8kw(VmhUDRW&Ldj-<6Y|NSyp7}8)~>9<
z3IEV>!}5hH74-9{Gppi*ySj2Lk-9R*%ofOs)~o89nJhs|dm|k|mIa{}^j*-S@e#=i
z|C7sROv?m)kD@OZZ51a6@F?-_;hb&EU=g~>?*lCxnW36B<3_8c9dpIpRJKX!i}P{5
z8sAioo5&l)(vsO`Jpvmw>SGs#!L!Ux)|)%mr-yBuC*7~Ji*#T4o^#N5eC~$aVOK8c
z--LJ{Y?quicFS}@w6H*>`|IL%Q-$`b=HW1to(u2q_|wWC`KzDymNJ=MezYnlHIOsC
z2=Hk>C#J#~h+=k!{{Z{jFa)9@A*!LB1MAG+f5iq@<q(<>!}6*H=MR&)wzJgPu0${d
zg8dgY2emA)1JPvtt9Co`i{fQW*OXL@_Gv`{Uv_Rcd~6%AlerHZ5*lJ8Y(khtXJC3>
zT~eP09<?#^9hy#Ek~v&VbuoGtU7naccf9V_RcdC>T9a0^K&OlK40_-W+2c5k#?o<W
z=DdH{*wn~|k42xlnbQ5XbwA7;ykHMLi8di>A2yf}oq@>GOFuDGtsIcL>6nH9c$ZcD
z3Rw16pY~#+O_ePWO_quHA^NvrNI^$3O4U-a`I5jF=ZtnJOh%HZvTT?@&|;%;*|e^2
z0vc!j?%mt+3S!NHM;Wb8rNfJ!pQXdYVcYXU9Ucb)Vlwua9CZhLW=y~j)OMq(PU33e
zdKWvQ`F2v<$JKK!Pp?V7d6<y!m(5jP^_<Q=T(6`x%C$B&tXwHp$jU8j$u_xoq8O~>
z4_M{Vc1vho)BJ4$V;e#R7Ow@Xxm1}Wl-o@RFg{9044HPLba1vQ6;!M&W10uNN4w>z
zZw+S1zuD%NMRxW^WkrKWWaE!0$mV2=$31zA`aEjSVn9mLIv@bpvrqN&17oHx>L?gf
zAknu%w$$F|J96?)ha*Bd&>F0Ol0`RIggN%@U6zrh-KvUf1&NrX#~E?)PKxcJYZV`J
zpQK$g#uqmIpb6p1(+oR`yGB`7Bj?6W=v`u`Nvl8`ufdDbbqz=zz3LNHKctpwBch4?
z&jBLNlTK`AeY}<WqFHe;W)=0^wo|XvU66S1;jGf%98!k`Dm(3onvk0RjXH~1xbjoU
z@|X-s8&zYAvGc3)^2%HJi`H7N4Nm)(w7c5VXdZI&LijDm0f}%W-yJ>Fimq$<T>zio
zl~s&isLhwm>JHA4W@+nZ@z~T~39lt5G>1#_V}_mCoJlq(AXvygWFzE{eMz{T$Uj7{
zZ_t)>p_2D;q|w)T!;HTSg}eKx9M;GBk>$W^Y_uB37leg2@!psOhVlL9E&D11-LNMy
z<cS|mI*^No#ygM)2D(0frDjjInX<w^O%32fvuo#@154J-#hkf+)LlYSd-_^-JHo;9
z1MVV<o{P!wnI^Qdavsp9Ta#>0qv2u&F8IBmT1D2ecyX`kx9R095=tyR5B-igWFiXy
z_Ts-t=mh99N7Uni+Dx+)%elNV$s-mvAsxDzT^M>YDMYd6tI{b>tval(SLM~$m(DqD
zxbph_Qi<KX<W+mdUhD){h6Rn;*X4e-yJ86PB-Kua--3z%(KE_ArD!Sr)<jUm`Q+EG
zU}5>2!&34>>npg8vDViYJO&KBNYmT^Mlpyj)9gQuVI+JXC>Lfiz8e-~=1fB6>W3hD
zjqkm5SAlyWK19Z<OKDq}xdH#E^RXa1;DXf2?i9xlNF5wMAay<tOu;!TW&3<z9dUv(
z?VO>sbxuEDe1%R{dx*>L89OZ5(jHh!I5j;QY#-<Hu3T2R8<lE@55A&$)MvBy5NwUv
zs|mianq}xKGl(?%Nl*>kpJa<uO6m0%N)-I1fp;#zI+fr5o3P{yQgA&%#C+WEF_d4J
zq=D~@$(s`BzW+{0r260<HwFq->|prqe6%no_#rm+<^a3DMHcw3!t^4XG+u9$2EvJT
zXIH*8mv%)6%p=~$mSyT-Z3!==NmukVe{Yr0EbGu63F*+I0^hglA4i$v;82FJ$bI9V
z{x+DTkx<_l5b5p?sr7wIVslxjzHCxJefDQUHc%NN-genC{D%0hsJG-npthv_166kR
zqWDor^M;%Q_3Dw?(@YAj8XRXwN26*IR#vxpk28AO$Htgc=4}zp=6<RuKaXyGS#J;a
zcU^Oua#?$xE`qtsEUql=EPZYM!k^qEvNT7R&^CiboLAy~#j&>*<efgP_o50S%%wO5
z33cfBdSuhnpn+fsy5iDKXB*^03unqydCT2gadLDrEzEg`pAtpahp7{p8T7YdY{5j?
z2N1h`k54f2;HKU3QEZTQ&?VYxx+TGqni%fiCw?dOS*-a!z)R98w&eNQ(}=u90$AJ7
zFt4Xd?J?PxzB{QlKYYT!moJSfk9+ay&Zs}S?up$#=}vQbc@ccEb@y1XNwD^9wT5SJ
zq?j1f^hva&7*3e<b+`rx=fox2Y@4uj;n(v$gGIawnNjmmtc<n25$9dKl3lYMS{lBC
z8d^&pK60Ip;(M?uwCSvaL*V<?=ykfnh(j64sDQ~2^S3d~Vj%YuS}Sc*e;{&P5xNmv
z{!&FeV{Xw@>Ot;v*jMZg;}iK+=s(iSt>R7j0bwHmgw2C%zf9IQY6ux8n{FRK)NNyT
ziC867#&Ta4m#V4#X2Q+a$nA7r(^?lslao!;>OT!&WbqfMrMjBW_d~G8qVss)Qep#1
zOb7IbdiuO=1IU`LU&;0Ve0t~9m)865Wq3e@zKt236gi}tBBi}$wl`Ya;EE$Vzd;+G
za$2efZXmA>rW7?P>Qo$FoE)O7Rva|9da{uVAlJD|A=l?^TgY3buldA&5R7F}`X)K&
z(?Z}<I7~$@D3v1dLEdCj<#mPLH;&MT-S%#Ds6{3V^U?q$bE=Rz8Jv(EZSh-sAzbrD
zF-hwI*jD$TlTPTA^9D@|UGG5)V&Rbxh>p5Z>``BZc+T`!1wI7G(P#hr1{CfN3~?|Q
zqmU`*BD1gvWbL}&;bOa9_&OM`5-nqS&vl&gc}FsH^;)0U%hpSsUqz~#UhPIi{EfX_
zhL$(3VnSHo(#lj7h*vJgJZl3Cu90)HzHIyAH>p-`m{lr%29aDYh7)0(HQfW*i@J!j
zkIekMg7H+_WRt_(_0VF6u2+b9l>TvS4o);R;A3j5fgJN@vzO!<n3oRP4v#>g{h`~>
z?yDTklqLHPcr;pjMgIsj&B+0*^!~XZ{_mB{RQxBf<d@C`M~fhAGrU~BCQ=?#eDbAS
zZo?&Q<(TIgZ0(*<!RU|v^`;+5B6!&#J_&ak#5}{%y4pn}Xt{eui#Hq<G_Jx@Fgx_5
z!H;6wwugoL9EfnGu_n}Ad8I8(6MZZ0r#PP{V}aF1hOmK5@%UC$*r<W)CoC$h9lxHF
zpvF?Su+Q^>?lJa5y5xgo8f!FcwZ@b)Vhn+cksi|Ixp!lMry1sNZ4Jwoc7DGZ-H*pL
zl{FSCE^Xxp!9S(G*pBZlE7sj?-&qEdvD8$1O@2mS!hz^~;O*Q3mr-XgD4oo@4z|KZ
z^B^aXEjS8p#7(Y7HXp%6d-)y4V#0%JKGHOrPxhe>d3;aV*5WFZXV`i!I|zZNbT*O%
zH{;(JnYOMbn)hj(PAOi&8d`fjJTo*-#+-PUI|a{t4clIo!5~!Cym7@KYGz=Or`&0l
z8_=m$A$=ZG_@hr3o?Q5_LL33qk>pqA`))P~W`IDP4KK~WEA!Ye`P^m<_lQsibgo{Q
zhwdZ~0|BK&5z!xLK9MO{V};o{WOPz?lTx3tQx@F4G@Z~hO;~DEf{tb8a7K@5tYA$t
z>lPaem6`gbr)x{F;wzR+<N?^<X>Xd2zkCq4HFeA9nsSp{STOQ|#Tze2maS*TWsI=v
zrC}m8p*eR%XH07n9Z~<Tk$UCF;vj)I!ICStjy530)Q!ZfQr9aAMW<;lO2W;Jz!)(m
zG!p4zG6AS#?zs`;_B>Gjaw90G^Ql2!<Ta-LD;Qzfxd`i=r(%t>ndb>5FcG`H&e1C6
zI?hhiPPl+<jb%l<gdVUhB8P(MPCp?UPn&TjyNfVVD}q$fa-JJ6oKO@DZCKDHd9^~T
z(-!6jO=$u1EmjQx75r`kf8;H>omK7$E_iyHjVf8<e5=sy2CoqONz*lameMzX!sj+#
zJ=LJz&cpDe^U7X8D8k}KBU~tLwjU&Z)he6oLUXObw$VgKta;y!ymW7thW}jO-?Mqk
zZIL|_zw`F9fGN%6072W%{V&-y7leNCX<|=1Fq*}*j*^^`TY;ssn;Bk`$lxcVXX}j1
zl(+*PC!R(rmKoDcC*8m)_t>vvwOe)i_NORCE~DNBX|Ws)hTj#rogJ2{y-WHXNYcmt
z;pZ}CZ_+&$i7&3;aw^+=?szr?BGFsx>ZWbgdyME(mjS!|j71y4(n99}b20`4yV}aQ
z3V37Q_2+)S2&*NbeV;u7S@y=)`Leg=W3#^17bt4W0OPmfo86bjvav<3y=fd!y{Ef=
zSL+q@Zb^cB$1v!wnY(hD5Rg+LFVyI@I|aHr)hWE59ts~-xZ{v|r{6ug_p1#O@UMy*
zp(@)O{OT2+lXHnab3f194a7f98cox8D|VWpADXs28g#C)`uaS%jGDE#uNF0WjDi?E
zG&Xu|@|9^^p+ib3*(_R!1vWg4JqMYHbEFLf%r&M~KmX><8-q!m@BW644`&F#P?X_e
zmwVV8fsw>KxBES8wS*wlj?udy^bcnAZunZ58Bl{6XJC8hf%KSBt1v%0bk9QhE(ur!
znt9eY`D@`^1%?)i%f-+6^ekJfduIntixQld$J?JDA5Nnn**BO@)37u0eOdUHLM&=I
ztyGN?YF=E6{Nz}Jyo}n4*sLDcCK7Fu-S`$bZ1+>-_<!C|Im3xm;1n%VgHJhK*GHBx
zgMZDoYa!O(ex!NwAnH%K482`^gpSSe8XxVTV=j7JE&6DM8AMpaIm@)=q8oq5fWNVP
zGfw%*<U+PSfpqC-1}4_d#j~r=(JRK&1N;Kw4|rv<ID;X`5UN}ahWvxWtM*!>MaX>4
zjau6kM7LTaWrbd}ts)a60oIohlj%F<O|bY@06nz?wxU=!kCE<SkPkLtnlVR7Sa@O+
z<xkPi<!0OA<HD>YB(e`m>O2tRUO&yQE9L`T`PA|+WmxrQot<Swnl!?tB>ZG;u|_UY
zsW`2hB33sdSUb;ISOZ9COYZ2^3Eg}tkZkTPZM-)?5}emh@hLM2NmJldZHG<jrjuHB
zBx{TGOQ#z+Nx3!V9>3Dt<%=BvaNMW!EBv+VJ?t({UUN84S9?|isim4jxQD1800T#t
zIB{qM5YFb{^f+yK%X@wTEvP>$&zss0b{A`2$vemgfZJ_5<2Bn$e(i~TYATsj5COgZ
zYX?o1ELg5lcFU}(L9MA3Y@YLYEBq|B#u|o;^p{g~qyyFPgv}vQIkZ*;BsLfnRwN(>
zIQbgD>q|~YzkHaX(Gc11rj@`IGdKoQ#0MQ%rIMS^d3To0D_4+91CT#ErccJQE%boo
zT4L3v_gbsiv?152Ej4Z66IeA;8!7_di5m#!U+jeJ`4JQi@E%*aQ=Myucr-1(sXpu-
z@y=6_nwurNt5e5wn^T?M_ud}8h`jt_f~(}wi0vfLuaWM<KEU=%-+=>stLlyhI;9b(
zK!@k`$8gKa+G^U4Fj{L%jBz{vImOb%arSb9R$0kly~l!1^SI#}NCMBi^9b56$wf}3
zQ$>C|*D<`#)H>40kE(%{+Yug0Xi-nUl#GzBR|8bL_ydLtGW-{zAy~$<X|a1pa>C5c
z>Yt&N>jsjJM^!wM`0>J`$w?-WqD91OznM+V>_N;79iY5U`O?fqzCp$}`V#kliVv;q
zzc?E3(+g4j1`$C_E{G1%o9hm`Gviou&P3t7MHB6>a&~0@jQvj^%w>k?iHiw6=6CqO
zJG}T$?t8ayc+6kzbk>;II`dOEqb6bvAr>CIY@4@J_*)=dhl36o(s<@~3zx2Y40yxo
zYp)th4}(<AzG<_x*My}?k{tvM<lBIVs3>vGN(DKRY7m4UffTCRIKGlQoOkLlHH<79
z&E3t-`r^-j9S?u9P&Zj;N)ui*a&C?@s9Md&>Hx*XNrQDpu;p|zt<ACl&a;*Iw%=yd
z7L3(wII?JKHdlO!{{*waIbv%|IF>w#wCbfR#-ZDbpI8^EmDGjD%<*)w;bhw!pBUl`
z2Ve9*N{x*5^plWmyeOHnL16g;DK$1?=ba{=bI2s1J$*uuxFk-wX6H+D_`4-oZ|OIz
z{tK%W7JgJmOVS1s!q)AMm~%d|Z^yQU<*V?H!Nf(8rif@h57J^iges3v=?$kzL81F;
zb1=!)#@S<+j*0q@1a2BcZ4I60d9t+2kS19Vs=f1O%cJ3|y`g;@`c#$WwYg*6W4UW+
zOF#7@_I_y0m^!*_4rALsGw-WvlQQQ8+!}~^R7B4T0D`tnvyF(z05($nop;k}m|Vzy
z?jYjJd4VuHSLsCA!J#Ajr{IWJitf&XsSsU`UVc<w0%TgNkRY&hS2P}2Ck*_%bh)uN
zy^$>e?qQJrNl!W4P4Rb4cAb9Vj_7N(eXO_7ISMWBHii)?cEl+==d1A9t~qBdih6GF
z(&cweW-D2>pc~Vh&hcCWjLs_+Z;B!2R&$_0B{82>x)Lkt>D%-nD!4Y=>`9`hFrSi=
zaHS1nl_~4fq7WYgD=OGr&e(EqLFm{h9|2+~YV`MeC9U3S5bZ80^IO^=?9B3LOTH3(
zO@**>E%)7-zS3NFZ(K7d%Ts8kT+2yVSyEDBq~e1+yY7^}IAyG0c07(LHI~Vg)QVSI
zO+e}1)ctJs{sW}pkU!xV<puHX1(^%zub+4!O<pCDzo%W6gYYRsFGisM#h^70T@z8O
zGMs0nHLgO$3mCE7yYk>8?ltOe;SIUo3aXCKlMKCx!~D@`V`Ij11DW%D);f+k3I!~&
zAesq-OhwS}n(K*+Dm*`Gj_*m;Clfbceq|@B#+2M*Wq-ms{<umWvufA-(plFNvVYcd
zGKz6@*^|mPicQ+h8kc4v+<Y$W><1UXt`j0YQY<@88%D902y4sbWKruNEu)@^Lxhh-
zRqsWZ_B8sVC;@46`20EnIK3{WLyU;5sxSh^B)7<xz&<&#^z@*SY7l<m@XB7dM`&uz
z%^XmS^17T@dTx4eGQQ8=J5vT}VOTFBCWVr5Q02Z05{P;xWqWNV<tRlPs<;HlAJsw;
zxhlSnqFV=*u*paf6@iu}iejAc(WAwI@Jsi4ZxquOFy^$HUu^fHJF)zcLjxDRiJ0<M
zVQ^uzKeohz8biZ+_CFnxo_{kz%InRxKQ^%!F)v!Hin-`T|7UC%9{OtFaLBf4VA4~T
zFKc26(ak0<QZDqUaU(mDmgJa>uh#C7g=lImW_Mh=M3!lrjl6$usi|rK@;R+Yxua~A
zf4OxBnwK?^$;l-Nh&z^wDAOXzCxu=(h0TAX6WlUGT8ID}1c}iCAPLnX@e{HQqyGdb
zf@W8)F^63^LH!$uG!MNFF<)u&g+`*;gi&2DMigkZNI*1QMd2(2z9;K;#7OsMY?*+=
ze0!Np`~{`7k<rgbADv0ulnaL4*EoC9!cR+soFD$``jY&O9Unv7!5BD+4gv`K4m&IZ
zmd~M$=eR|(h~Fnhy)v79_Aw-;!$=<f<%x+d_}>XKRZs6|q?yf_G#4Yp{J*3M_FEh5
z=)Bfh)!8qpSaKci*^_+`m1w0ovlPX<kw}Z_kI_szJLBu9#@A`50{GofY$;q&*)p9*
zMenMG6<`zVa<lh+J)Zwy<VmEXFmxY}F}OZOZjZSX_^Tp`c{jMD5TeEqcR=i&?M%H_
ze#iG^i_NB3If8MMh<Yr@y@+sJd_y9u5qC#t*TvO|OE4)S#6MXkc?{e6_-NTX3Jlk`
zJ7Y2`AGj24y)ZqW203_^@5$r3_RW9^PRYeakgXx^a1`8^3Oud~6no3hIZb};7*d;}
z1}N;#?RAh_p*tO`_jWWG|02%)SdYV2E%e$CV=r)7u`SO@3B)bteF-zDYLm4Vk-d3u
z5@anjh9$t$-0a+=BrZr8Dy2jZmaoY7TwzOIt2yh4W(xc0x{xIJV(1xzMlmH%L)eUG
zBd-GG*dwEOl>a3_8f`7sky{DXA1klXr=6cihzuI^dm}UiatLE2b^~n=cTx-sCAP!2
z68<d^n<u_57S5L@jQKLbsY{imO$2&eNI(rZUjJxnL(MUXO2oF<on!Oc5fK{I_ix{8
zzrvIwG}`hnOR&VEAHND5Y1?GM%iv3?AC4jlzw%-AyAQ!qkc9pZFIZwtSeyFm3fIp+
z%nv!gb`FGYg>b5XXnq^8r>xdla>-=@2xeC*Vr}UY{v$Hh4+!u+@YF+L=T2Htx-U3Y
z8J@_N6PD=`dOURP2H4Y1!4C&Vo=26-+dd^FwkHMqSnT&4Ek7sb3j!=Ij1=JhT7s3W
zjj#;)Aab<pJEzMoUDi)2MS*|>Vg)$0Wq)HHf7))y4LrL<*!R`xnos|wL6dSnkHEl|
zs~b=)i<vYwA8Fx}v(VTx_Nbmb^u1;A_}bKmgx5QbY4uYhmHh!}T6aH?mQz+G%FoLM
zT$7Gz*kMlQTq#Fj_9DlGK{c^or71sSR!?!<Y;l;vye!I7&Ca9Jz56TKj9-XhF)xT|
zsp^%^-A&hQ#?((GW7FA@PR+oJs0l@)Cqf`g*3Uz%hkJEiuQzsw)9CtZf@(y?vLmJ3
z)7!j#Jxj8V%vgkn)8}opwK*o~6t~5~3Kq#U$LdiIj(>Oc1itzgz{?JHN4e`u2Bi1;
z;D4tH$4f1|CGI^&-Z8M7M8+U%GRsGcI=-aA7xOv}ncv~zG64?6#k>S%DeZ`lXX0gi
zP@RGIgWqKRet+z2wzn+ZHZ@&_nE~Zl4$vFH?&xsEj&;MfMI7DNLAtS|D2|ihUwsnt
z-bL)UFWxl0K@Yy9YkDsjp}U};5%b*&(^%oZFd1ljz%UmBh0CVCP8(5{VM@c?PJe7g
zwvH^_Efuf}b;@>N7bnp9>cB24V6TUWK@+FoB@LeR)#=El;Q*T=aw9^!i(kvF1By{C
z|NPGG|LQ&!V>#-*{XU^OqlOyfk<zy6<e`Bf5$N?D)}?2biEGRs?He8hju9xyKklGE
zyzSG%<*P@siw&uVACaeGg;!8csxS*rCdlP6GlR5jf-6d3c>RVh)<LBAkKbk~>~+-X
z|BOptV{Kh%k^jZggtEo||H@$|z)Pfw`Ak+_&j`@AOh1Sji!Cw1?Q+2OmPCS38UaAR
z#Le&cuG<=YV|^aC7!ECoYH#eQ1)fK)R`1tRqcP3V6kf8IvW=qb0^l-OL@7U@c`^J6
zJ=lsq`6vfvlU<d06+Ko`);6IH(rx-1-zcdu?eC2s#gBsa<~=M$9?-Pk3mTR@5qd}j
zp1hXnAyvr`hIL{Ap9UV)(eex$w{6DX_;G7LzS5N93hGhai>nJ3FASH6j$&iG7BM~J
ze9X)T)ECNrdE>wynSi9gs7FbXs}n{wR?I1O3C*F&kT4Aaj}LM$wlw`n2JiS#mW;s`
zcCQ)Tn<8B-pTXczw`VU^JqxcG5B49h7>==)G~x%E``8dP7!mr+tiZwIn9&xuvka^6
z#39B;2y}R)4Oo)1tFijR&J^Ux6wW7?sV7yGg`whs3&0BURY-WZiqJ6>L->QHLd?W~
zWZ2pK1M%qcw1!zNYCNF4I2#oDzxt8pG;@9Jezc?PXx50CMZr%@;Foo^9XCyc$cj4z
zHSo_$q--LLNL$u&veL?oNM3&n9cl_Pc_;@~zx=}H<@T9l`bcF!zT_BxTS?vNH64k*
zq>T11IT5WuwX_ENCGsD@)HZ*Vr>lnUYip%I`28_3+SZ2_w3PXhB+>PcQAWA>s+CnH
zXB8f~LiUJTZs!N4)Uf_Bf5KKODs+GoafT$8KH^+qb;g4oTOtI{?+9i516t_s?gl^l
zXa=kcf&_u{lFVj+{J(jn#<z2%##^tW=^81K8<WQ|!S?~bfb}2jJviRrMEt0BWNe%1
z`X-Yr05|wU#xE<kSv4mtI1kklRx*qwm<825QARL+2PP3o(`fmd66N$^AQ)7xzTj0d
z-K7da{{qKH|MyJ6NTU4(>Zy#pZ4djmOhXR`W-d`m>cwxkPVVwy-v-u9f~;#5W9#14
zXBTaD&E4)nk5Oxwt~6m<X@@;p$ec!|^gRYRq$PqniY?rI{Xao6c7r1%Y74jF<DP_L
zh}hT6Skdjr-mBx#JgRu)(TMp1FKX!(AzLGkv9JHeU?ev_Fjj)=P!T%{${HEKh@B$%
zlbK}drh|?(fAOXuFc+ub>pIG;ksS!$=%0!o8SZkGy<HERA5KsjchD$LcK}a}{1+m!
zWq+@3TpKYtbX2)A2zD#nWr24wP(#*eDs4LRfpad=gcz&uC#LmaR+cQ}i*gd;W1+ne
zWh$)HFW6aUM}gmh;v|@hb54OhKO*h2wt$u`Mh_;zWsA0(2M;8HQO?v#kwy1GM5!FW
zL&m5Ot`Ws{qZva_sibu+N42Dd73Wa+KcCdy_9G}mb!kf*CJo9I69^dwl0>3m<-5$n
zWj4?K!>KyAKE0?kAGT=VL%Z&9aun?Ug-^7Nz~Cqp?1rxsS>HkrFg`-PPzK~&aE7JG
zO5&RcV%HRf7B^%iDwWj}r%wp{Up@2lrKj3;DrT@`%4GO10FxYSDBSFgvSj69=_A(L
zK!f#KYGS7!3dL)tY_mGz^b>x({V;vAuiw>rM>nt2?er1>yb)%IPxmW1GuHnG@v<Qk
z9L0>)@O5yYd)e3r3B{s+`IUH%Oi>I3u&2>dl@YoiSJud%KKTDxxHHStw-QP>IUei8
zmd?#UiExp2|9DSAziTyX{xI2~*kh@O6LzX<ax{7n5u7Voi!9Z`jU&)t3o+Q*k3lJ>
zIVkSQO9Pxc+<ibIo(pX7na6}EDjaNTmRupcJ~%`ev*>^2A|p3m$Q~bA$ez4ol@0SN
ziAXh5g%4`3#{m@Ka9y@V1{$MPVTZ5@Ti~7<fPMTqY78>K6K1X%x~ugKouw9^V3<#l
z>qL&KJ7>uu*;13;%cpLO`bM<p&f1&Q_$6MHn~qDi((=2R6N1A-yEj5H$F{4LQTkcR
zJU-}O4}<~xnoA+Q_rd2n8G{^QQCp<9z&qai?2&Q$C9Oc@kel&G0qWap44cL@n{qua
zp{<bChn_C$3y*>9z+Wi5N8fZY1d3`s6beQv?h}^X8d7pF{f*8BT5?;@7oJ*+R<!!e
z(%kBOodGQNEYr1aKt9LXH^!#f=!97LI@2CId(R({ZLqeSb$c2E5lUsXrnv4{;ZC>5
zOozYIIa1<KVuE-c8$dFR=th;)+*ph~h!^`}G5+NSo~K0gx0b~8<i>?3?sR7WB|p%Q
zdi-k|SfzIp>i**y9)Sz@MnY(q#&4=oDm@xf>>ql;3z?YqZD*|lI7ke~0Y>qF47kn6
z5rsTXsxSw3IzlQ+SdcFtmq^E~((VoRP2qDpGCe$Sda<zHI~B%p@`#MQN{x(^T#&?J
ziS9KDAP2Lq*DQ6nxV4%JEs#Te3x{Wb+bY$J?VPi$EMyhm68=%%G51_&_4(j({@K!a
zXPIB6=9^8Ai%R??UebwG-%rQNstVZA*5K83Y!SuP?xA5JncgSCewFN_`7eVld&<px
z*_&|}7xKsPoN-858?q2S-6=sIsD5GdXNzF-Gotc#nhH45U!o%!&;$}QREQU0Jd)<S
zsBD{W^ut)+=;VLdqxiRC&mssP9duDXG67eNV)v4t9E?4oXude{V8~9?Q`V;L2zqE>
z&-hCA3_o%|x}^<EeM^;g%Pn1-|3sgPb_fw(eBu%IUYj~1Y>1pb=Lpx8ASttnww9lA
z!q2zC=JmPrHK~oH=rL2zSN3%er?-OQ&KemQhb_~&9846&;pOl+Ih?mKi%8J#IV0x%
zn?%!voV(L|1-HKuW|@m+bbSWAh@}T8i~ke&E-Sgw>2rC}GDC7pH`?0+c>*-<jp&xQ
zEILV}!oDkM1J+fViQ|0dSdOj0E6T3bY`W8eE%eo`k`-x8U8&i|VTCo5)}~$7o^XyN
zde*-1a}qTDa;4JUTIt9sz#;blT&CzvGmPR>R}-mgtoURsS1j?zM=ipXZQwJsTzubr
zS#SSh`-`BY<=NDeTa1Vo+n#>v^FBwMAPodWb-D&&VnDzbcz6IOIO6Aqtw=hh5Tgb|
zl<^oWy-iQ5FdcUK=LtiN;6ONz(4hAyv90Stn0S>+m?*hme#ey5%|z9NG|FgHDPeJP
zB+R@hJjeb0s!phV!=57QR*q+6ZEnV6B^V|ZM^6%iI74<xK=l{;bJWF~jV1B$D?R|K
z>a%N((x*JbB)e|i1otU;5OlURa}oezQ88E_KXwq4bnIr2=C2RAgN(M6u1Y!PoK9uJ
zJbk?#YMb3*ub=vd(lx%M1Q;5_M<;NCm%-*B;s>|^FTVJA;f5$g8T7Vk5Q?Xq*q`DP
zvG%i?>7527zLPye>2tk9z-4)gXqHKl{3*L6#Fa0bl7Z$pqCjbxsNz-dcFpQO{B|an
zO!a(oMw1}7d$JOuXYls%xc$U-<r;hYR8%8aOjXB!80*-$i{FDAR>v;KYq*-7ZTVy$
za9`de*l-GpdcLIPfBjXh(P;&8T=8T+@w52`K|c3Z_{PS4A>y8an|jk#vdk1GhwR=+
z&H-+EfumjO7~_PKPY1Ac>L^KLhL7+1Ewmr6ch?|fG#4I{>v{~N@ZcXE(#2y69ChOg
zn1OWQ+0Ahx2Qy7aC=u)N=<RX}=!{rIY%MXDI;VoTdijCn!~VhMpfN}r5YJ?x;87XO
z(7XOk=){1JKQewyz|jLrf-aYH6PcV14h2Kb35sKVZ{*W6F7CObUDr6{2Oo<l!Ap+O
zY;#O9^F-y%f{uQrkbIaCvUNX#f61ft{zsoN%TGQ)kEYYD-7=m>$XPZ=3|pwJz+RNF
zzw%YE*$G0)xH)@*p<~74*rATENK0$Nzjk3xUVRq6j}!#LiX*gI&WeegF5Rq*19gAI
z{}UcAw38j>1f#%LcNsi>2O)rXvv3>F-qjtkQz!vAqoE+;l8P_-!Mei#m%~=yW(n-E
zW(&mCO!aYLK(nl6$lC<KzJN3a!`05tw1+nEtMe?c{JuenS&zk9wu{KrpVQZhzhlC}
zB0g@*yVEj5%DljGMab9$>t4d?M>|Fd|IqdoNr>bpZ$Qnb<@8Lr;T)#R@g}l4yP}_2
zPtW%4KQl#9tpmc^$ig4^XQI13bi8eQPdvJ+J>V2F){zRXH_pp;zwvfizdhbq60gq8
z==UqX8UuHpIgG5|+`XgjlLxIQd-GA+VdapxYAJ;v3L){*iJf3kiTvPWEj>wVtqH0i
zG8IA;Kjj5*?M!=Or4x(13#v;d-tY-`+3<<H<GQ32X{6LMzDuSIjrOil%(I^$ml;LQ
z3@&v3j{ZcU0b#4<Z`?eRtwdA~noqArPsd+`%ayajNVG6QYZ=;tmB#=~IUH>V6B;8z
zs0o0K+AgGD*%FRCLqZfz?eR}gnQ#2iqF9%8gnrybxytRp$D;oTWjZO0nlUGWDmx^{
z9nl<`Bl+{PO1>0?y^3}zLb%7}=nRqy@9zHQNB2CdoTgFGvP3yzjYS;w*4|WSiM;vC
zE6$SZUg9RCDwWwH#+<)&x9s!D?l9Ofk5{?5qM!UBet@qDy*#;F^3~GWS!-5~HJirl
zG4~zS^CDYy$DV4JYY~DrOLr9UE5PB6)BZrj_v=>t7)`no)$9WdZXs?s3sg`8i3<*t
z6}wROO?sZsKGJ-EA1x$%{v$CRe6;ev-JM66#t`L}$}r{B_>60ezS!jFAW1<>+-c-<
z;6<A#jKKe6G&<_$INuP<35v63p26PjXKB-fKI+JK#WwJocX0Z)NT;l6vcVB~`s&4V
zpnRm#S0U^Mxnmo6-gu{1o_X*C=N4rhq1<#o8-urTB8IDrXqv{5r)7P}r7rO)M@T9Q
zC#Z;%9<qFCTgsite)p#i(zYSg{*~MRqw1}~;>x<NQ4#_q5ZpaTkl<c8K?A|v-QA^d
zcMI+sG`PD{xVyW%JEzj`_cwj+>SEWk*IqJZ%rVD8AqE!hX{F))n7z&Zb|Wsx#M0zt
zp^yb{nO=o2s9{miwJPvfWN_DA3DfAG_>*fXnm{3+SwzIexcenyNv`J4;H@>;B<I2W
z^fn0+DF`+FCLV-Ij1hftghg<KpvgqI4yjema8GlEI+pI~%d)&uWu{THF4ddyF`n%}
zvR69L3GYtH2_v8g&FrZd#pLNwI`_Pc9bK*N!;NKd9mFe+Twr@G@)6FqOOX_|jm>BD
zf3cmuwi|l+TNVa+@M(N;pbapUwQfqoj7YjFw*E7<3KQH5&6W7Hh1sfH{Bu6@QEXHC
zn=#-Ux6m!f>@bgHd=Ynso29cxpnxniYWINp$B|(TOL+Tu!IoWvZOqfpQ*fmxIZ5+#
zV_g_d-Mr0OYB6W1orBHDbPv1IY<mMOzlb>r>YNB!I{fcGjYyO}a)0}YFrf$k)KI(9
zHy<6518Qh2>u&%rxg(w(yHd>iq=oz2+l)2yyn=?L$j?frw4YUD8hu{aFk14FP_B?@
zxA|_4#eTX(wApPQC8S6r%i}6sleV-M!`F5fSQQoR*nrBeaLu21w1Un>xEi3DxKS+k
zVuIx`$t9Onx(h>5^Jyhh8=*JQfQ<Y+0B=8Qiky8r0Viy4LAgFAgRJ5*g~N?*$~U{3
zbsHpi%MvUHp27g01OUr7uXa^N^`*J5CP_TU6k75`MBasptK$>7E*)G;hRGB?<prur
z^K9kk%@3`|$hy;x&$*>rj#STM01p72p;ywA%UEXJMPX_IC-_nw8_B7(p5R6R`N2kN
zf!UhiaXY5U#)paS-~`5$T$vM;9|j6ATtF%iyUg2Zr#iLCJ~6Y+1{?YkH(GMjR?ZCb
zL5l`<b3xhL(v8c!IsNi7hmreDuJHGJdo66}4sdY7)YiarekVrD{f+wHoN#saHcJyM
z^l@&K6BiZukA}}mi-snz)p|2cuX-Bh1Aj`Bi{`X0rw7%P^O&u+f3~g>8hRcjEpctG
zBij?Z8EKpxn8GAI{b_iqS@O_eYx}wPqIGiX=>lr2WP56C_CsYN$cVdFaH`n3=fNd>
zF9{^dNaN$@Jb#)ZVHoCqFVb@0Cvr+-O^^1rPt~s4rEgg}q`{NCqDzZqDhm-q+m7s{
z%R18p;~Ro#n#N7NAs=kfmSb6ioGkNlYxtznDz>}M^U56(hUjf}))rEH@BidDedF<*
zJ1m1q*owOTE_KBmR|ZbKMe*>W%t`BX#Vh3(rA5@QPJu5rgy)z9?&>x<R8@hj^Q{%K
zFU7_XA&1&_?~?0WDTysbRdD<5s~hnCtZYgch%Wb27lu~lo>0e6^{B|sLWGHpI({lW
zUgk{GYeMo~`ih8Qceu=X=)>6ucUSq~S-+u*=&7!3wUW5J+U3z^7XNezytULKoP)#9
zST|Xl!a=$Eq`!wsr>Rd0|CHKZQ6p9}&dG!4DfF*bv328qns%3Xng)B7&6Lo#WVELi
z_1z=@**soy%RnTi2v#}&L-~_!{%rtsiv<hBnZ#<78pST8Y9R7NoS;esj9~e?%=ET9
zC4z0^^n^fySl2PkP!L_QEi`2{?93wmfyP&E;-#J88izW)B=G-QaQr7xZjmxhEZ-p@
zNMqfAN}+Z;syZ4%Zcc(cQ$ki7W6squK~~EucO{{lb+i$yjnGdRvL{~-Gx!$T`szt!
z#Ie0oIpb7woG<_$p>MG&HSn(FG5M|p9IF~JV79SP-T@1A*xs-Gf=_MUq2~VBDSk>E
zCZQQ922Ef*YV~#0^QVn!8lgTp^fuX-juLOw1zS1>%pk|c82N1yc|go`7^_7m{_?5G
z4g8H6>;Sw=tVDk45Y=71+lo<SaU(??k3WVhL5NFq&t^8xqGgh*%VgTnP$Pipa75Qo
zBQ?nZUi&Cg>!4q2I{cxCr}mi3c}jlF;c{XQbOwN}BeFIWZ=SmSk<1asHxN0%Jl4dN
zdikF<G2$MXb(a{K1+NKb%HVx6THk7bL)T_t$v52#9SwZj(9f^NTpyCHbJ8ViNSkwU
zTbnm|q#cD8d9BN8tX8bsAVq!*+qL#Q)cTifZ6-}1t0M3FUZlvFe`-r!ZEaEh^H~1Q
zI{}I;pUUg~%vU<W=0*FV*|e~G1S^g!t15aea3Z#9J>*0&VNPDR_t9HVcf<d?xGctp
z4~!A=(>g6>?F?FP7D8*h%WZkK+YKBKJccwRmWg^ZuBU9LO{eek114%9j3E&LPw(g@
zPsv7r8u;@Lc5>kB;e(4lG;QJ&5pT3+_DD`eNWgi-;?}F8qr%u)wa}h=V;~PSjvLyO
zFQUd~XK))UGpPy)#wo&l>@+=*Z_L@pk4#F8>g*o0`pW&wVU8df@>P9+U{CK;{z%ti
z5FQB`ruEFJK}#UwYu?^w2yal>y=-2NJerD~IP+fGV4YA(X#`s3i?%vSaL{Zr0&Y``
z&gQyApr#py`5&~yW()*eM4{2s!g}=gMl0QFeyrY%dmj!mix&ofW&T~g|N4>u&B4Qt
z-W9XXUNQsnmUtUdvN8i%dP&Qj)+`Up5LF`sS#I8%2K*sCPAr2HV#W@%0^E}nBP@%+
zivAfl#<+uxQ$o+irss!q!v0kr&lk{f*{SEtUF7yDVcXN@?JAE)%UBcCWK4!N+={-i
zqw}P<+L<9krC3ET4MlV>&1WH;x-nVW4+#C>`#Hj-6`el}6c*c#s@AQohf%+|6SX~t
z$`v!lO0e}_?o=0^$@N-9Kgze>^kw}1h;b4~D-2YkS4o2n6;{BzM?>T+UyeWC`*!E*
zt_-J`k#g&<riEQGvk#@*(yv_<=v%l#O+Ve$A&&?n#|@cSR1}3Y7xN{Zklk$>d0X(0
zh^ncARS6(5<liHyU&2j4?J7b4*Rs@%K*>qKE~o}Xy2WLLCKp&c7PC!VG8d`_c2)X`
zJZE<keKEJ7e{oj6WWTG|&QwvHc1bC8>ms;6^kxid!kO?N*Zi8-k;XXHuU#1E`+J4D
ze5$KM77^wrH>7gW03r$ij>sB^e`78pxWH;*=XoC<9p<OZzu?d38kl%s*{680+h?6>
z&@L2x$4457Kd<!RsGvB1{C|{CzA(41@fQk;CEL1<#VmiMb~$$==zaN7{ql;xecKtX
z#pYsLUjf_=pWfrMX*V@8XoN%iD__XlPo;!K00A5a!~7!Lc=*@W_ESt*ITl~}-q&<|
zl!qZ<j+7%tfLnNCY{B2$qj*~x{M#{^Q)+v(<O4p5W5?ZlNPC9>d&w4-(RV+zm<d|g
zahcur1Qao4wGtQ+_Y1AR&#p(VZu47p8BRDn>n{`DZ8a%u2d_u870J<4p&Frp)T%6Q
z%CmHh#O-;#O|U%2q<WE4lU>Mt^9T@<fmM8Rh%ge|h;_=4tx24giA;+mmavrgNqRBN
zxv||QYfx~bp}Iw7bDQgTWN$<4xjB<KrFOeCz~F@0a2t2N!Y~u2|J^g7k-Zx{Bb4yX
ze|2XQPAio(O3;582KIigNnil8ar47PWrgJ;o`)<`GIzU6r$a)C4W1qxxq`)a=@Z;J
zLLXzC6-C2v`ATomI<4Ay{2R~&7tJgw%F@>^`<_=@W9pMeR^p})w!`0DQ^?5PePe%e
zEC)t1qHkT1`KA&e*n+=B5)p=-oA8!AFFP|mCJ-4;G<A{a+;|V=01$h}{4wjEeh?XN
zsjKkEn~CzA$RTd2D(FkNj{(c#h4$v$l0(B=lth@q^ZZWR>N&Xm^10@ilQeBus5TEi
zb^5yTo%!8+*Kly7w%TiNE95Tx2M9LJ<CeIyIgP951g(tamjRS%@_O96i^)esrOKZb
z<&W-;G*=L&{iI}e%hM+&E(NMJN<Il^Zde<M$gb9akD0y!CO|D+XVm=cnEtukK)sk1
zYV(P%3Q<H588;;BK5ZhdAuWj{-a>bkTwu3%3UcopahM!$L^UUW+qWK7D<8d>{{v&U
zB!F|dP8h8Bj8=>=>3^4Hr8_fA=wpP<GejG5yItsF*s=KO_s?~Q54a|lefdC}l~saU
zwm`#K6hVz1UYV;rbLd#sT0;6biz~9KaDow5VAY&3q7iNjQk@ngxw5_o9*4>ZCWf@b
zoFt~7FkFJ4|ESN@&rm!{<dgN(|K#4!H-PV_)RJcgH=KbOf5&m-O3>p(Bpy6!Wj;!)
z?;GV1N6cy}eUBcbR~qrdp=dz9YX3lA!Dk7Td|O44|J=$OZ*X+?VkSsI(&(bOUwj2j
zIciGn*`n;>XzEUC29r{_pZyPAb$avV>GYQXzFvZof}+NB82)Jt;Cl|ik8r&$aMKZk
z%Zf_W{NRx-Leg#a`QGtF=69AemuQ{z8I$J<mDh&(@vxT1$%wK%mFK<}`z1}|J8tcC
zzn%v3dlE&6(G$e*Zpug>9X#&OyJ8;~4RaLdJIt5Q>%BIV=}?q*R!)6BTYP85wd{67
zw!ZqPgwfR6W;wWiUf6Ve+trpv)j;^`6SbtyX?6sig|=zkm8L!i$*zRq7MM!}j8+Lt
zmHl%`3?N}cGs(W}9C63+@7CeTSWX&j2}(2Qj+BiA79KCck#c~r+5i0_0lJM_EcRDw
z;S(Xv?%a!9OqX%zYVfajY0Ht0#n+_0AdUmvLNm-|jZY_**}NWk5;WhoXLJYVZj5)`
z3A1VA+~3!=D1TpWB)Plp@Y$yvLt4oYZ-%#Gr?>UQIL|{f3sVnf7UlsXviZBRyxBIw
zc;q221#3Hgbj<?4=qlT9TiPk{xX*VsyK&zPLiBAA+bi|Pv4Jp8psOo*#f2>oWFi7!
z$*6cs?p`A?IYb!oL6_v4&O8yD_f^(hgrIXbJkTXPAbn7M)T!`iC53e`CQSP<G>^^2
zm#XK^x-`I86AB*ajoxhgl^buA7Y^i_M3n@&-D1oIRMH(A>xI*>g++5hy$2attRz*F
zv$*Q(=6Ev4)LpOb-LWcJBYd(DnpSDgihgtxQnA~Gz#fYHg?=#A9^@abR734a^IFPw
zSja;3+`pF|ndACGZ9fVc=Oz@nb%Si&ZL;b1NsV5z;Wwr>jF}U~B<;iFMBD`Ac@x~9
z+t?$%B@G3xd+DASjkk<B>5ylCN0!5Cyk}_6BS)aG;^2n3Zf<~S<~VwMo29y&9X1Me
zbwFI%?mkSuPLsIo|A!pL&7#i1hN~%tn{QBJRz)8BPqoS2Rh&6gZgv1wu|y6odx#m8
ziU7k0K%;q%e`wAM8~_3kMAHkOvuOC`5zfg9+x5hCO5&Y8Rtq~jMaMTjegeYl9`4PP
z0zWpHzQxFzbC~T`YF}-=mXiq9uO8E!;({2Aa`S?oj46AY=GnZV5?3~?<DhxL)pjyy
z|K0b)g0Q3gL72i}-7>xS=<phRXw7pX*@&qUZ*Y^XJU8pOr#tI-?nQM@@-SI4vs*O!
zia|vURdKW7Y|(vvfuF8WXeq|PSo2ls(be(i!IaHkJLMKkaScYkSuNXLSk?TV1ho{1
zFuNJ-%W^+BR#>5qA|YJbYgL}BQQ^?%gFcLqHKnLKh<fUZv)n~!!Z<<TTxsf>X4rXx
zecmQlE^lbyl?}lJ$mPdsyTJRLSR;b3BR=d)KlN!v(*UHkX$z&NxqJkBEgwb%-e4V<
zU;@PbHXcM1S(k;MLpwwgI4>jc-fB^*7=6UC2_km>yv+@jjLyA!pQ@jf8)-PLU6;?=
z%)75V?$_&X+dSMR4fY}h;99KMjiR38i|w7&4llAyZ`2xftlEE@DDv1otr8|uq`Z&(
z5(FyCI9&-5d4W4hVvaMPXk5>OUo4Cy4p_jy2}x_dw~*H6gVFs$1d_*^$oMSq0QkH=
z>O<s?7jR{RHNn;%<wYTctc8o7glT8gxfwAvY`ZaMf*b(HrrrAD)eX}5kNYy3@FjYl
z4J4BICdC;uPoFE=wQDPPq5bSVgD+vuvi%%?^8Ipq`LT&@DZ7<HCF#clj^&Kn%uU{R
zxWi;iYQ3}^$VUVOU(R5MPX$>8**|GKTwQK8TZAjZzv+g+)UE{U1V1cq^KKUv(xzBx
zA7FbDHyoRk+^fP=T<j-i^J2?g*@%y4_)|Ur!0~iqwpBaYI|JQ@6x6kEUWI)>wtz(a
zOuWhfWcXwL)ub^H!+)Sc&QqO`mqWb}vbg+XH`YAkiL*M|w6zvMRk@|0&_R($CGBF{
zs(pNE?Kjn!$;CR8zEi8%M!kemAD$3h;tgd~8;;?)KX@MrWm3?9i)pYF4>9kA2w~8k
zRlKqzAwzf&C?25sqTd~D?Xug13Q2MiqF|;jk+9l9E{-tribpU1#FKv8&Xr39nR{(K
zna1FKVQT~#LI$6KZE>?PRjOX)DnoY||6+Qq+(L;PjrFHa%2yRR6LQ0|EpFXKqsAb*
zho~#goRInk*ER6hnNh(AW!;_p2{GXkE0vR5o<-9N--WD|*Rdu<E*?F-qbhIVbgyvt
z;hz9hi94tMSFseU;hL|+s0`JX#p{XhzUIHAaY<E7n7(S`*OteXTfl)}#~O+=`(P$!
zCNbe4f(W9VwK+8RrFy9X!QKP?bJUZk^*CMHk6p&kN2E~_>F_I^;rIH4;~yDQiBa+`
z335FW(XlHdgQ{ZwO-+Ppb3l?0WuubG^68G)Rr8`T&^n8Z-a#T`);N8zfC{AiK<jpE
zy7hOo&BnXBE^HID!ToGEQ#S|O8Q&ct^4jB1X@;@1J*D!5YQG{3dk-+wC%7b{HJ;~5
zS*&N}Y?|oD-Dy65cP4<thu&_@X@p52;>s$*rOB1<{rF&HP4_--Ao<S%gNn*}`EahC
zIAZzWms<A6;N?GFaNVINN;wz;<4r_em|=meG5bU7G=Y-F7-@xQhfipdMhM{EGnG|1
zb3?iJb5QTje7aT8kk}BKDd62QX|FtB^O^pQ>EWN{$8wl_XY-lBr{bXyGhE~_UmS<o
z2!2yf;3NnLlSka_6(@v?sy;BYJt}@5ZcSOF7_#Dt4V{0h<&?axl7M+E3;p77E^H}a
ztLIudv+XgO^DR1!onjPd@%)_i;mE8kq`9_*%fR936meRuf=IU9{RSeGG}JYPT!C1j
z70t%H_=PgNST-G=`>c+5X=<l@C4n#DSh?qQ7uNFjs6FZA)**@C=RV6@BqpNlxRglq
zq{acHC-AaEWQE^K%EN#D6>n7kLz!^fd0*J756qw6-ST%iH*MprVL2s=C5KGUhSIZ`
z;)aTWb$Ioy+89+}Kvq2i#YBDeFU=2@j07SdDH4iZ)DA?XlfIZ9L+d3m-q;FZr1<X?
zg{x~ts=#YzsIU}r9X}W{6_df|WMjy#mlb7L{Z<!VjCZTcTO>GMZr(zhV@9c9%DoWa
zRk}TPu`m!dt#+=YZAaHo?|4<b@Z8g6t!i{GXa(cO61XQ{0;zpowa*I9mc0{-Y5GE%
zc3)j65gM=4+pcj!vKvr7omgFkvQ5Tpl<G0&;H-t2(uc~xTMM(aV^6oY7ktwXhoI%p
ze1gyN-;MelqAEE5-Wa*%upL|B-`Iy_c3e;1ch*QAys}LZ^I=7z0#*+BbxEa>nLmW0
zn>aDcv-LcW25O0m&FzZHbamW5{46$4y`P|`AW*B4nE%}sdYNRp%EE`y=gN6AGqH|b
zT2hwXAmsYh37?B^i|6dqnv=`4jSfr`&oxPuGn&}in8qYV(-A)ja%9K)E$ZT+JuU;Z
zyY^lG-5vRjmruXCxtCo<2Q@8gd&3;Wt}Y}bW^okbd%;iV7egddD)bwC+;9{|I{807
z``A^yoxzA)P!Dw3XwTm>NLtmP91}nbjctu%OShHeaLDa%5(d;ryJqeDUd?U(P)mIy
zrVkhDI0@bCMPcY#GEHe8oa{QvYN_A$aoeyvFLdcCo(kj&ZD4&Xz5g;LWNQ>Mz`&O|
z8Lp7kY^J&zicipp&$_$Mo%qElgLcNugGt-6Z4#$;6<I|8K-#ktSz<>MGSwB{(5CF&
zNDDOJ76+?dNvH%lQ^r{k^}I*Aqa~VRXx)&#odPK0XIJ*0Zzuq@fWM*T?>7imH7Lad
zj3C=|)H%*J*61~SozQ~%l5PwO1{~En@1kAj95KFsmOkNB=^&8IASkx#IyR8mFj`}4
z|H*fbZ=6Q*(_~iM1#9_NNx0M14R1@Q5q**|ymdB9qEIz7U>s*n&`kS_D!Q?-mn;#%
zpvJEUxP+khUrI6G=VsS=rW(J2W0kK2<2cPc<ECIk{$hk$LI%IUCwN4B6_HMN_kkwn
zLeT#)`M4+#ZI_?eOt`ufWr$)>wBh)>>CzTo78k`ta>h!IHuDbo=4C45P`^C|NBUn{
zOd<duXU*PNJ5vB1TNr|$DE;^{c%BA>^i~CnqXFh~$O^p;$A1uHdRKenvj_VE(QT8i
zREfZ3W<0y)1{8X+a0Q3(EDs&2wospjgeNJ9-r8!~;yeq;rYtpBS9e=E8P-%|DvP47
zAT}Tq^XGF`qo_H@>mjYHa;63qevogJnZKs)rzh95iPDnA?9kIky<>~Yf}~cqy4$hI
zK_japv0dNNt?w-%q!E0>GSj%jDe=W<Urg>7-v3C92_KRuLs=zE3u}Z19N>UODIoD2
z;H{@v=rc=ULrA<jkVdO8Nw1d@?~ub8DUg2=qd&jLb9kFpTUG8U7H9XVX>hnVnH=7T
zV>LQ_R6(=;3ZY`R{3|W+#2~It$5oP`=<|@|spH6+NnO~?hs3BC%MbeRLNBrBc=}3i
z2u5!(9-5Hr)aIX`IJZ3@f>`Iaa!n^8L+q!}wQPgT8=i%l;E6{&7omcj#p^F?j@bVs
z-?U$go7V<yX#ws^Zre}eHe#Vi(mRSjaRuR5d4Z@(%?{a~WT1dm7$zTdIh{xd{(yz1
zNUhV4k#C(|a^~u&+rZZ)lDqu2&CDFnj;vOnys>{MS5uO|;-`of#GhpIcdhBivi8zz
z@1Xt+XlGc10C_<|LLd3n;{J{nFn3)?qRYV!#x~H`sqzvcm|_#S`C<JT>n-XpzNTMW
zyJpai8JN_xV1+iH`ohXq*pu_kndlb}YP?@#x!p%?8B29x5#slvLMdkmuU=o}hQC-x
z(-Tx9SqXgEv;9)ezh9^-)va)SnBRWATv2lX|LsP!dxiF>nt28~`8kiJ&Q1j>PG_DY
zkDR0CBw2hH48k(s7{^y^LX?4t)yoiPz%0Gp3e@PK03@<Oca-@dasmfkoZX>tJ#H+_
zH3+)5{H)>@VrA|6ohEp&y*#*UEGB@`rurmAHo-W9+F)Cd2kGwbVK?Sw+)YQF5A>0j
z{{0V8mtSH1J#<~iJ)Mgm;vzvGqNSHv#0%fuMji4fJDj6$^BSb&B$sJtPGWO&MCd(2
zrv74S>5)6pW+dkXmyhv>HuS;eW6pN=`M>FUD3^E|#V%9pp&j`e3_@^f^_Q^M`~=#I
zzUwO}1jy8wx6Nh`qZ1heuayx4c1`;Tn#=?xob<-@Xa`6s>DiKjL2(VD-?!YS6|v)3
z=i60`Rt%<!%9B-vJ~1`S$Y5psy#Jug-|pDg8qoa$^AZ<~t<n7o3e&U!?a=9tB*5fy
z5-7CS8)zXHc+QmIPhkY>@7x#hl@~J(5(4B}(-&BYUu57Vo5bENLl)PK|9*FVCz?7A
z`v-w1Cz4To^toZ8rs7FOoozV(^C{qrQY=>#f?uf3o;bV<D}))QNHdnhd+<lp?z?l0
zRte&Ri`S4G;y$_Lrf8mG-tK+bHzyW2p7XP7Hvi|}pgnBfzVQ4eqm|4v9@{=g=)R|M
zU{5s)F`QZoHskmqC|DiGJN=uTDcgJP*O&_R?URre=$2Xf&l1^~{FHO8bI{T=FUqp)
zcr`kUxFrjW4N*NHT5w!eN+<Y8;@{6&)E5l#y|g4Ff^vxe+A5=aWiTPqNlQ(Mxc)I2
zJ|5t+y4MnGc4#GSX5cv&f>Nwh4()@mQ@!)jtpYfSn|947Zrm@*3H~G8hbfCYVhf{c
zFDJV=@DwO}>3Jzdn9}6fFGl})T2S)zPab30y8aGJchami#wE_ikXaB@S(dlU?}k%D
zl|*F2-La~0S$+*((%Rh~=5UPGltWj(0KnxNAiOmO95TCm7%B#v%|O-^7nT)GKy{g3
z%o_CQR)@G5r($Ju)3axP;}%ipBVtB$&N7lO4KFr~t*!*JWB~8@`Crm<Xy^JUQXsDY
z<P$cgOsbKNm^zz5w_Slm0V)QmxE{tLWfdG|1qI&Ae**skf+y@&o~OSFVYXpchA@1j
z0wp=Pj2|@2cGz_>s3G!wA0Biiehg<?QW5=)j(197GRi<><?^}%v!=VvHPf2lA&<ts
z&q$--gFd?W3<1hz4*x(~6`J97-m$;-wgFKD^-WPK))h~2QJ#hhvwhc(uc!GD^b3_H
zG{}gMO_i+-wWyeG1qVBW?@p!^!R^__v|p(F3k^iO`kf7fHj~z=xtO}ohmb%_0+8uR
z6`kQEi$o?T=PZ6Hzx^htiJ7Z56MuuH9o;)c!4JPV=hEyzqkytVqrc7>z3N;%CIEMC
zXYq_Tq^3oE=2U2CNsqemS2_~iE*Hv5F<#iSz;L}&bg^5IdBp`T;V{YmD(=Mf?CQRp
zU9*!KeQbMgkopi`-2@((Q0-F`avzzIkOH-Fi8SkJba-9k;3S{T18jcsZpxy44d6Fi
zA;@;io<sQ&-e9gK(uS;JnSDewJNwvObDia+cSNus(<4^#@sNS+*b&xQ8GyKOQ|ggY
zC5il5U`k=>oO7^BaUpg%+S+7RJ-Zza%`iX_N&G6x>q=*x#C6m365h4!Q1vD?9s~ka
zuXRMW(LfZN2<R*mQlS0P`Ml_tq&mowD&86ZxW^eG))Gi{gSWY0VU8-ZB%os)!24w&
zBgnM~FN%gn)Q_Pe28S_6Ae+q7-LLd^GG`Y^w7O==wf=^eGxJ-;qFv)PA*iu+2IDTV
zt@qb5tbfwK2VEBB$)u`IiSH=<Z{OK<x=bVODhNQ9;cPeT22zvp{Y0V@BSD$J@d02D
zzZb@CM*)JL`A-yUcW_>`et1~~PJV|?Sj$W&G8yv4dB@WYWU!j=`T<dL7%bR%f`40E
z<Y-_6DFyKIKEu=h<`2zeE|+NLa{O{66`Z!+s>eha^r1y)o&M{aofo>+9yq(!5d+(K
z3>MrxW@CCh?jix7W$&`0Dv#l@O>gfY`e~TRYs-aJ==)5eh5A7hM@ARRm@CV&_1)wX
zf<KX-M>9)EriT~GqGxTYeD42L<DF)Dgjp2ZEJZGBpS4&DLQj%4;LTCnk6t~9R5`nX
z1&CLAT+cCRUm)dA4k2Ahnpn9<`Ak$D`PD}^?@b@8y&v>ioPq`W<QhQMjJH@DOL~A%
z*UvU54BZW&v371~5Amc^5z=rC<CU!*zlR~Rf0}6X>~%PSFn)HCZ`&H70K^?oHp-nW
z@1b)jJ5$2%HfDY`o}0zATl%v-XA*g;(^9BIw-#n4tK{pqWE?Tz`P3P2ge6bv7W`%>
zjX9%v&_B&<s#plP-~P7El<UL`Q~R?D#6lx{3E=UrMDl|fsvHm6BwBO@m<PQTt8}>M
z=-u4s#&Rc&b*fwhz@cuZM}Wq;=Ogh*zh}U!LRB0`w8vVTi}!)(k5@kpozx}rO=Ih(
zWbxyyzs&%Jj{b74V!2gRkToC-k7P!p@4AWA&BXbn2whQUK?{QxoF7TF5YGbuHG%)W
z(^yF+av@YRV}YrVd44)HAh(9f7ux;m>C=V|!Ne_WW6dAU4hvYxtx})`P+7vmf-Qo#
zM%P`M3vaM}O&k%ZTZ1DJurT)5EDFZRg|Lw23*yA!hA@jVLS6d~fkkCnf}B@;0>i28
zf9wI1Frg^7ajMBM*O&f-==NXN*X><5u*Hbw^bZTKisJwSrP_+(mh9jLu(hm8uLGBm
zd)eF>SDs>tBz8*vd6m3Cr%Un2-4bF*t2iS#UQK<dPfw}HbQ^G`&d5fjKkazK(!Ts)
zdR{_bZ$^LHvP9R;#e3H-RNxm84GWiw<18r7IgO3H2s8hlR)ZUnO**k2P$jDZ>uUb(
zXsB7ER`9EmkM{nZExCt|_OYmXZ3bnRC-NSHpnqv7^ce8-Sia3C#5x}KEmBhjQY+YF
zG+oKqpWGc1SsV*leYL~-HrccM(SEW${QRQrTA=!6-&2jDXbC|kcxBy};#gzQu&hz*
zTx4=MnzUp*ba{GOFR9AVI!f!a@K;!MJ~F_E)NCK&Yj-L**`U&kGZ~8Ct#q@81gthg
zBOD_YElOW-iLS=su5xCa#<;W@BL=Sb{2bY)t}Jv!amV#hs5(Xe7-Iw*{Qspdcr2BS
zriEXQkMjn+4P4<2azsCA!yxT)Rr(9Nz-yUA{aF~W3MdU;()TFF9;90qIN(Zo_Y6z<
zx8a&Jocm-x#Or+9ED@DFG7V5E$2oWnQ-mDh@uu(MQcLiFp60KbwmZM`MJq2<BHco)
zq&YHso%*OF#4<EcVz<3rJb9+h&7XDjefNuahI48OL02PK`$Dod(ISQ$S0A0zz&z)6
zMR`m~(XA+Y`{71IF|puh^YCKHdf4~gz%$$IW^%$@11&mz9Pt4qSa1_%(Q(ZnbrQ*Y
zm4<^t)-cve0}VBaoMP=6pxknze6LyI7bTWjRLGo}c=uhWleU9Vr%u<)6w}j*mF#_Y
zy{=;a&_Ir_QlL|P0lS%%XixLBTT4njmLq9x0%u@Nr!iv{`udO}bLc#yhI=b&d|EhI
z`2rc6|AQvoJQ~`0JpdU4JE(k#(v8kR7X_N(ww@OLqlPsM9y{`|F5AZ^>5N9qbwRAR
zjR-nM))`m%Fylhtgz(9*ac;{-B9chk4f}3Nq2^SwPB2&5aU0Zl;{sfDd7uTZQkFZf
zw`8Jx>{{wa&&;iKwj1`G;g3?&x>Md>8A#jnB9UtGT-U*GZ-60amMQoHT@#r5pl7O<
zuM$W7YalDADeNX4UDdxB;!6n(=IY7o_A9L0s>AEV=Wn!5;iI?KdMetYVd`7Z!5iX?
zI6nAuBCKx5Ykrre#ms}X`@cV$fDCp@OWOJo2*!}|kwXG4Y!)b*<1H1osN#LIbYJW_
zsxc)3Ziw*~LJhyW<`oaW*o)jE4y!##t&2ylYW!A&*-}=GTIwQO#TfBICJ(jqiS|aV
zUbdIH`_9)q6#&%))3foEC}`QIjJ5k6WAA6T5P<y6B5vusrfS<`BsitVq;<h0)3UOw
zbZvJ|;==)2O<VdbjfqJ&OCO%zN7GS18K;##6=YyZwqZYapB-L?q^<dH^F=(#&j7h(
zhJVj)6|)87@h(|8c0U`mh31GKad_abmDFXkSlnK<C0xI>YYmq%yRJ!%DJQhOE`Z^A
zo|<P&p@6yRJG~kF46nOaqes@Z78Fv|$JS)C!~A?l^<<pijpQpzw<v~(w?%kP0-U8E
z3lbNb-WRoqV9Z8(23S<7znm4NsnwPu?2$60351i`6(Emf30DE+|0-K7n<jtJfYvJA
z2_&}_?-VhFNp%VTJXHL1xjo-Qm_PYDyDc3t^RRnC7kaOMS2n#ME4TH|8_&_$agU*F
zTqSJZrK$^WX4<~O#1W8_xl6GxSK4N9$`Z7A)jFN&q-;=zIjLFLhg2>te3Ipipr2bq
zv$~+_Vr#XQz3(z(#3VTZ7t3kn^2G0l`u?msWmWLJUHx}s{9-DvH3DrFRa=c=q`5`K
z;iDNtBtGjHg%In91e!X+dR-IA=Qg}s4gDO}meFL`QsJ16>5ni<IVx*KU}+d`j2Lr9
zZ|0V;g8BWuYA?HPRudaRR>m)t(T9Oaqg}IKwj>8Hv7M4VaH73-WVT$e?c}(Lao2<X
z!x?EiAgUZ!;W}`68OS`SZevt8zfj5>+&({QY;1!85f|YXTlCvL_9eT!tkOu&UqZ)V
zFCPnmj^TYRB<AtG&3s!MymHvMjoM#<P{_g5qf`Ts!BU-H+r~C<(O;*UK$sr5zA279
z(45jCj}+|5AlAOc%IDjn7gn5sn(OU*<3;k?y=Qm$7N0C>RngNrbWepO`g0(O();ZA
zec<x#Ysuqr&04eksi^s4NVr9V8P$>wN%qaAQ&>HJ*CIQ5tAt?~7&zzXQVFX7Ygf$P
zbzMK9uCE^N3w*=VCJ0GKr1bCX%gR78HG(=ng3=lWg+kdBCNyDR^3zFOzaYXSzQLzY
zT8P>aBia6=m!5V-x!?nE-)8qScc2FMgGD*9Qk=Jbj)_V2COJlvE93JI16l`5K~17s
zjYT2sSdN*dT2X&_5k1k2KeftUa}T+ud?1{n%CPTx%lvTcJd&My{YT!l=!qaHn#rIW
z7Mjc-<^zPG6^@g#yNsZ&b<9o|#3>7OgOvx+jiOkUl}U|(m~Vl)C)Y*-_ri8(T{w$~
z)jdFbyr*j8@|Wp*;!65xmXj;SvT=QFH|NQ$m{h2+l+u?|)y)m-2k9#}KOPCD1L?@}
zRDMlz1JZ%Y#JdJegYP)Kju8+ZfYdh)lRc(Qf>eSGA)kzGCW#`+2l2@s=nRv_=F6mP
zK$bPSZVsxN>WySf&yBj08&G{+MbU8vDB6`6B|tfcy~##7knFy@$#s%fC>E}lpo<=;
zYCdqDA0<WpfT#qebh!sFviKVMO>Ee=2C<G!>(3yf*#fg!)W^V|miq36bkpxJ&aB#1
zYIJI5RFYbKP)EL{hb<slaab#!Q%|kfUpF8xM}L<+=bm4(x)Cf<zTy$%j_(zL7sB~t
z+u<_==Z4ZF{kRh8?6(`hZnKGmVl4Q+U`C_|FdX@Bw6&E3WcGB!;P6b3Ocp&)DP?P*
z?Aq2~UC1vxCGu}lFPmp|t$Z0EiO(oHNLd+On`+(n$TzoTtci@+1$UJ$kV+m?MUQBI
zo@zB4jCbp<Whx*;%OlMe5@T#78{lTE%~95xWB|(^zU3Ld`!bK`DnU;!&`dEiY#LUK
zSY6v`9nGf(2CA=$9oX2B)n<-#wUXM3M>EVo5)OBgXMLJ`_@46<L>6;BrA6ddqQ@@t
zd8floEms?%Kz}|rqL5C3z@i#1+@Gek>+voI%hquIkV-1z8wi!I#%XF!ZBG(IOH&Wz
zo{GewLOaKonrgfXuJb&pt2SLX@;;*$3LFh4H1BrZyJq~AL#D(Dx`PpvrE6r3XWXeW
z!d77$Bk`pqErZUt0-P0X1;WVLx}9wW%zs!?nDY)N>cu3w#5%*p{{n>ZqX^&>Z+_76
zD@S2SU-EjJV0mCa{Q2QmwnTaCw1MU)=*jJJv(Et&I7C>QMgbES)H+j3$XgS?ugvK7
zmf-@1JQ*W)rtrA2*G2wGf`&iQ<>71!x|@GFNE0fOm3QY6d2|%dCiX#7;JwWGB9YcN
zlY%NamGiGWQ<7X{L8Mk>0b3zs@+4QmioHu^-i7wMk)jHlfdCPrFRv6du0;r+3!NGg
zsoN*m*J5qkinS@V*!5Cr25#=yL+<MCRwMNO=`=Hk-P)ClxTP!e-7%^cLLc)4W--JT
zyf9H_3wFt!1dx-xfxGl>FK<_a&7ynCu?{+XAW1l2pSBKWKJho(dF|J9Cx?bCH#bO2
z0>$g7CPt*{IL%vI5lB`UsuS;^qxMWj54LHNLm}*vi<^&61!!XNmKh70$rp#t#jOYm
zNy(AiyT!jAOSl9upN;R9u`R?J-i@~|-iQj)zI%Pm#-j=g+{Tx)r|W-s7I2tz%2YNm
zKrE+X$ee^e#sBmpZ$><v{PLDzWEE6(=L%+Sez)Q0VMV@3I+o*9i$aoYY^nEJ(oc@2
z_Fd9v`#kaa(+_KYg14~Q_vYjM-StP8m~S~SX)ygMw1JJ-yxtjp!wrZIl!_QLj|3d#
zhlbUX)z2ABZUvMK+S1=-@6J-_NL<a~I=@d0>CoXQP0!%OBaTt#)lEbRYH7N!Iv%1;
ze}|iqoW_YrSSQ_z`LIF+ie>ehM2q8^cLC7Ku5CODBstZTF5IvMvf45MUcyeMWY2$z
zN!7)qpMZ;{j@oLk<gdE}4{`BoGI>^Z%BO?Nz$ja&{Zb7Xk9+-z-P@!ucXeC@r!%44
zpfbr~!8D@hvaOi&MGkZd$=(e;ywFG^opZ5@k>T|)pt<%G<j#T#(hliIxz>{ly%a%)
zTOdOyhQ|p=CxG;Q4<P5w0B-F7!+=k~utw3i@!{dFDT##DpfUav*AUrL@@sdzeO%h2
zyvdGpeGaVu$$+3Yi&=!BHdT1fg)_x3z8e;`6nS?Z0`+z3+?*fGA^9#CN<Woh*bAt5
z<0<P?aqF`2gw7pHq)M;mpxJd=UFc^7W&tM|j5QsdV^?fHCwLa!|7ve6EK;>%4;Xa)
z{W)C$!D~pffDsOq;8tn!aQ1RutF*l2a*oYY)3&FTE2~r1V6zh_?okdd-_s8cx)4$@
zA%D%yp2c0maEEfU^}7^r!Pg5rAm8-OsNC!yqW)jS1LRyWi$$)Y2idPmjlmpbC)_F2
zcMP!S=3jq>8oG2R&v6-w8b(gle*<kRHwpT2GI}H>D>vD-i*1yf(yp0aYdrHC53Ryx
zJ<&K3J7aZzwk~7ua~l*d0qwO3Wv#@qHt+hKALV+PlN$a9b%gK7CH{>2?cp{|YUL^3
zx8CgihpV{L5$;#Z@$!wPM??0&O=;;1+u)62l2$)7%h&CQ2aU3m8;8qdYj~>9%AV?)
z1u<EkTpXB6Gd-)To<6TYCi!WT39ebAO}qQnLlK_bnSAr_<|*5L7*k|$AUk72&d?ry
zsUZ-6;Xgp65wP3X4TFKBe{|^G4+%`qfOH4maTaRNXs-^x%mc3Qy`}|D9W*$PchUp5
z^z}3-zcy>EBm_9N-O0Mb{+FWOb`-CE8!x_t+1pAhQi=cuI3+xqYPcI+|Gt2=@@vg|
zW~E!%qgnaeW$h7-!K1=g_tiL3;tn<$2B-D#fp&0mDGwM5auNC0T|kC9VT!CEzdVAJ
zn`JI3L)kRVtDSQKa(ZS-1OkSEd$1XZ>%wPn?`aEM`bIs4++G^E%%KQBS_({`-{=33
zkolI(rmE}4+}Nr`kAQazw=p5=@s9AXTIVHP+QzO&7AiO5xd`#F?6O^2dj)0i5`a{5
z?GlMM1aBi>WedinFXV?Bl?>$!7V(>O3ef_$02karihd9i$5cw714lQT=4+WQhdaRp
z8`31<rMz9Onv#^by^T2nWd{6$11H<K#&F05B8BB$M)^R%vm>}PnF`fdv%=B1;zTF{
ziL1J%FD9+dG5%ggOgcDEHFN!du!eRoeb3<XrO9cx40evNQ(};?+hSxE@)0)k?D*Nh
zN@q;dCdCa4Z|doBgSYf?5GHG@aY)3>FX!g9^2G_tEEF@WNut{1l|4dff$*ZqC<kIV
zMWpj(Zv5oD+VhZ?k5lgJ08Ui?UJJ=@Ki*3PGa=T56#L>)4kNdC_`nj{qgIZ4n9>63
zkip7%#m8fvmR55ZJ3K|FQMS!8jg?)d#T7fNc9?EYipLvZ>xrxD`OfO`tFxTNqn4hl
zyC=R&q09~4;j`8XxDSFr$f?XpajnDpqH;cAkx4ODIJ7TxNDEEo$C7cym-I~oQpc{?
z@+G<>3T++3#|IO5AuF4I8OnJq`D`U={wtEnGoO>Cq|EYklJZ!(uGw^3E7N&3tU$0q
z?5d}AZg~&Kx3|OR;z_uZgi@6&5~}CYa`pmk&90E-!)oz0pdq&#GsI|@rR2*<)F8>4
z26x>&KdF%3{g6$U#sZZT%GMT<PWef*0|m*L&(gz!Gnvi-vWAmOOfNxhg7m-I+Fn0+
z`s~tHL1yGby;POr1P@m09j(MCcHFPlElYX3GM-nE6QKX0QbGN3?E*t(QP~)K9d42{
zrJ+VR7awV(@ghfa=%6KP1;&OYA1evhmEAHM4hdSGpfXKWVx{oua>p!^5dBw8hK-<w
z*%th)HjBB@^~HY&h_K;9W7`$zY)<pi_VFccMgOQuj-2>nec`oLs|6vrj|58<4EW~L
ztQ~>7vruL8TlvsJh79}v<WHJQ7B6d!82V$HkHa1gcXX1PkFmWNYb-5`IIpo78xWhv
zG&#g&nzQx~*hx2+O!tc(TJx`qP##5=NW>U$1KkFi^JRzb{=uDGMrj3k=udMv$)Dm`
zwo&_tATv=aY|vr}g6&;kLKElxe^$~<1}n`G1gEA(f4OD?*;vqN8OJ1nwM4>mGMWER
zOJu%&w(7i!Z(o#^Co+XKa!7wC;E>lIy@n{Op#RQq<hZINq~x30WO%{ifIze@++s_)
z<mT%dV#FMMZ;1zE#BMCS)VA^YKh+N0bPW*j0L_BWrsDbaRS!V;bbl||t}QyNB}t%^
ze@qt$&kDJsZ0lfphviANh-fdu^zqZ{wk9>AR{eYCX1K-c$<7>X%8k^=;&$2}IM9?f
zSfNQxKP<>6ZwTZ<YF=P_e*HfkXRUi~PX~;6u70iIoY-L!rhBTcYg6O`HM73h&Rvyc
zAff;F{ERR?z;;d^fBFArD-!s7VT|rp20G#f^hkkhD8?&zn9TF6M^l?Lwc4?$d;^yj
zzMh5AK@7LiPSP6l&>dP2$`XqG)n}l2uoZm@tXP@Pw5ESEH&vg2BRkXp=U-J|iK7MQ
zbCacU=lhC3t1{7Hq1wCxQ<HQ;4Z6iO@6VZBwGY!&iBxV6zx_6=n7q0vt&^HMGLF1B
zC8yFcBSzzA<>{r=VnOHc{U@+=pFTqAshSa_09Qh|39+W~>bjUoEf4sLEeTa&tD?q&
zwlxpH{A&|-Be2%c4aIKQ|I->Gycv2Cu^AB_&L8%`*fwugM?;G*kR3e{VqlZ#>nQQm
zKIfK8D8Fo1id{?}F*~%2b4TqLOEguukeyD6p-hOno|DUQ!lF1fcYBwQ*DJq({f|9%
zz^bD9FlviMA<YdQPNEuL3Tt2)|5E!`&EC80ZUntw4>qY)P`SuN)ljhVoBu|;>|q7F
z^d4x^7E|Wxu~?<A3pk1916}|GUj#6X6Zp{a9TzUl2jUDD+`*7iYvBV(iI)7pU>@7d
zihwjIg@Gx_Y!=(3m|bZ2+_-f8bC{!Zc%hxns3BoHBJGzD+I+WNmrpl!U%fYG!{C$u
zu4~rH9~lp9%ztIR|7@nKyi$0~7u?(9Y3D}XR~Odlcg5BDe^u@8zjquItRYtDsz7tl
z{rwe8kj-j5s)#MFuXAu^a;Ex}%BMz|yH>QrlBvR4qY76-{JW6~t&pQ+seEU#bwMTJ
z)U(ay((`cneTX1#28PM<x6+h7bZG+B;5_i%SyU$r*U_XJNwY7l0bWo@t6qwZ_`%F_
z9s^46sYCQds3Ny{vLfW7+AlANhoAaX_R1Tz;&e-__(YBVPZazL-Z9d?))Q;re8O#l
zEs?g@-FJVW3@OfOK6tT<%pX`Lq$H+*ri|);WWb(mJLu__%_M`!B;$UvU{W|cBu2|M
zVoSOtu@pK2H1C=vC;|PtOj|lTaF}4^pm#54aKnZy(*;VAD<a?MXX5-56xvhg6>Dh*
z)x6q%GMAkJX^y3hj=N%A$KoI|p_#A}9)|^}=%Dgmac{UtO3EhZk&2lh1t459DS1xl
zY<^^W11baeiI#2<1?nY|rChPPdIB^)PHrDl2A-iTWBB~Jm|Kin^VlLT6zV~IS;NH0
zSf2COZ@7EEc}k7noFFwIbiB{@qh+pRTwNoiG&iY;fevoTZkgSeL&BEZ*BJ)yhLxM3
z5v_teXXSr7dscjKosQW`qMa!7H0-acZB^B~+*94ztkDnkRZj{}!fZ$Qxq2Ekp7q14
zarbdgr%hIYPTw>R2R0y|SOs$ySDlG@p0K->ihj&5r@t~k5L&X-3iXyg5;mc<wV)D0
zS7gSk8LNcl2I3?3o=g5H8^n9$<G&|;l+^7P2=0z~q_$UxHS5*-q;+}D_JC-EU{5LK
zi{k;+G*!@AiJ^pHvueK(F?HJ{x%q|V#P)1rMWgTK`@KJxTO*p)uEwhJYBP4L@jY~n
zh-6*{wm}4DkBqpi6LKGrnL&QBFA0-<hz6sFe{^Xcupai7tX{kNRXuloG>X}o)LgZ$
z=s!$J7rUz5YAdQ<BH(n1V2g_g7ZPu3XBE!#U_^kr9gAUC`JYUsK+d!SXEbd*W7MC}
z_WtL-ZMd4HZN-{3xSHxr0u?~CMHRCnWFBu{jm@t&%&@NrNLu{d^+OT-Iz@x}Iei5q
z#RYU`SK3F3pk(OjoBMZkSP4OmMUBmLb+c|XGv<3du4`rmfkpF!K(lP6016>Uq(=|<
zp0$$-A+(XIWZ?+hb^T=Yf5e$s_^ZjR$S1I~-mzS(bV$%->Q`99?R_GMF6g@}>K!DB
z9JNo%vC1q!GYdx&k&yX6v80c#1%=OD(sD67Tl&v?h`omrj>h#*dB=*^?R&si2qJ}n
z1x;;NWW0pq2&!D*k4x0M`d%@$LgS<mWqirZ<lbP5poN%oIs1R~)Aq&~OVd8`7R;sh
zXq}I?SO~1_l(?O4)D(MOQBqg<dDH#K732p-4h8$EixNmDET%ropl@VgLTYf~@R&xw
zmzlY9<1T@X79W83EAy(2f^=kmWT2~t^ku;$OimQ$xQDcO`R1|s>8YCNRTgHD2ah*f
zQN(R;Y3LP{eC{2V{*rdhYuXp~D>Q4Td|rC|ljaE*?RM3rngN8dRx5IntUJ7tFE!Pj
z)9KGf9QgZ#c@ooioG;P|Igf2s=E1!1SMW-bPXiq-Qg)7ctEa@*g}5|~Jd|jZ=bg+X
zg=vALqp*tg-ajGL7FEG210$aSQ=uXMyPSbZ0P&#46Kl$B!kmK_jPN95i+}Z+S6#DJ
zh(k0C)D#hzy9d_pRWwGJNrx(tV$>wuKFD_}Vj-?pS`mvBe$#iJUDRpt0&a48KrMDc
z!!c&8RhRGYOIr9#<@x_pcAlbyqDfi|wzo<34!M5*qV9}LGPKKjz#i(=opc&AWz?{{
zD;ZC7<(wKW_aExv%tDUtF`;lzGBfUGy^HpreOqNI@C}=fDK=m7%kCNo@e(P2Nhll8
zW%`nhZrGcerv|ZXaQ!j4GPY;K4iJL*TalJPF6mng_E5IJ#gSQF{I1L<d=;oO-lk=|
zksbPacMErZ_|W-s*`EBY^a6qTdftmdGlR(Ku`dr_4u#mZ-mzoJ)=4$Dd&~`%$YyYZ
znsN*sqf~FzzIKU4fg%WY--#KMf@7nei2c0~QV15a+g=x>|MtHN3L2UTkj-D|iRW_X
zu`;nr*%DZpOaOV1Pd6`SF#G%*q?<)9$_({TQ&jN=WTtBpf_J|zR!I|<I<BLj19`!H
z9mW9&BlOa4lg5lKq5l+ufq-g78*-pOzsTqSt|LKkSyFu9Gv-~$3OtG*@Q~$NB1B5(
z#XJ+Xd2qu(MJO*nT;Kq$0W+%oCua8uoY=%zzY7w&(D$RB?*s>-b8`Ti|CkVQV0HO(
zm$44`OdCvvC!}=dGXd5U;v`OCvz1KOq;K(9b9DN-OQX^WKkye6hDOj>Sm(}NQP-Cx
zg`wsAQ#5WR>vRuCK1f57=*PLgXx6a>u*hHhvNmnAeE2SXx=SCFt^a*CLE|H02?xYg
zw=*@%()~CmUzZYJ=-jC8$@#^YO|X)4Y&Wu&m~hr+eFUi9ZmKq3HlzjtX}9SA9rSlM
z^`?)3Hq&IoWH83{OIr}|39IEkufMe}8|sig%$dwVM)FfNrD~}07P5Mrjp_|Pz$<ez
z2l~D=xzsF%($*t624h@X$bDM>cDlY7x#KebFsAnvx0`80zGk0D%HlyBy7+$-iPa#C
z<P*V02|~zIa}kCdn>8?XTUYsAa1GK|p5Yv!Say|lBDLyQLRYKDt@`la_b*f-4akd*
zf*r${XBOlS0uAbpc8dfuw6{Ye9!U_N=;hSJC`ITDlt3@%m=K@7_H^dN1j`>U*H;iW
zYQ#l;Bq+KdTJZqDT#iVq>K1lP3{YtRS(DC2`js}*3ggR8GUYH)BYxAe31BSmmTyKR
zm4d=l+xdD3d?qTBPQ`<bT#d&$TB{Tij#R<+@rU{Llm4a)yYW)Ut?Cuy6<nyS6ch}d
zD1GMVoWe9TW9iv)P^RPs)|KqTMS8Fp$#_V-L36pnKBr=D$-25OQNyo_UoViKKK1%%
zRd>t!{*F^h#<ur?BiDk*%u{W(9GhM5oZ5C2y{TKp(Zjx6MKm0CXd$esepluJ;7;y>
z4PEX%$^>ZDW@MD&UvTg!(>l9a&e7&-#Am>)bbHZX^C>lsl42nToKH!@I*<$d#b7nX
zv~z6!_?RA?-s7^uG{QMj#51gtGAJJD=YPW2;*YG}rRk*m2UQF{UQyFzXXMjNk{ipP
z7}NVkPOU%(*#t!Dvnb+erj_RryuFHf$ek3zQpL-acq-PO%t(=O_YaqMA12e~{r*3u
zt^z8`t!s<YDGd?|(m8Z@NjK8nDczuSBR#Zq=g=wLAe{r!-6{Ex-0yP#wPr0BGspFw
zv(Jua@BN(jG|(dF^BJ(##tDxES&TuxLJ;z#Fwvq`r6`qc^0Qb(m~l}Za40(CFA-HS
zdHiGIXCY5TUp1v~v6*0Mn))ka;ByWiWG_+=oogta|JW7K*DWYlk(|4k>dalZ+P3YU
z;YI%m^HpFNDdKB6sfn@ZE8Z8tX`KV+4mWo#WI%4QI`7ZKgU%yHyko(G4jhN9{*n?_
z2ou?l0vbL=MUix<+{oSv_+Hl}p8;s>-YKRf>ODTVbS#hTCu|X#2P;im!Fs+84K3UD
z4qmF(3!GVzBUm)lH~I_Z<6?SEvw3vRv<JD2F03nS@69i(ja4^vz&lfcqMgcdzg2lW
z*~46g9D^H{)j4yO>fvl``%Wz!%0OdY3rDrxsNg&kY7o1{V)=C(H^SE5kC$Dy>6|9l
zi!8~3?0U_tkn_}LccHTD=T=UesO^M_F4yptqv<38;ybp*{aS*!>f%K{ULf{#iNE6T
zkm5HZG}uW8K+1w-7IAltwx2~~z>iHg^5SZF&3x`unQ}Vyp7n@L(x?ThSog#~uAZ1O
zLqadh{2h=e-S&=N0<uj13X#piA!@X`TU^&zxfOTYFWKmD9>z{THjT<qMjD)5MQ6Ic
z5Mndd=>mx0{;IbnpG+S)R~@mCO;5{Pdm1ij(Fqn^inLIfC%w!BjTuu(EqlOd_Y_Wi
zqPk^e&6yO-zHDLHMv0=9%Ft}tbrWyY)aKFDN-s{z^`c#y<PCW3^L5;0PK{s?o)Rdf
zm^*cBT|Td@_#=Nx3qrbdgk1^b#x&1bHs`Nb9(Y#aI)vP(g<s{F*2VaiYB$IA2a$S}
zd8ns~fM-&O2P&^aV*?M2XVvIpRrAaOZsp6~(qrnxV8_H37ydk>63>1SJeRYdD7hX=
zXtrkC(bO!I;)b$h;~asE1;|GoEfuwyHaxFg*J~>36WTTy$)>+{3UV?I11XhclXF9>
zQUDO&*w~*~O&G3;97rcl2mTF}FSw=aI<!E;gXBUyi`L%(Ov@&|P4V}ir^b_q=mngS
z%b+Ab9HxxC)}~~9B7Qhe5nl9AhH6!Ydsu8ZRmEVggtF}Lh2X#2<9HIVE7|sLQUtO+
z9TguvLWXdCd95G!R~4Q17@sa0KEu^M<vv=JzIU#Wh_4fvDqr|?%v7F5%ipXyCNctW
zI*TjVukEl2L*Dn;H+C*qd4sl<lM}o`=hLp2DtF(otlqgjx!~c$Jd6|cX2R(8WuJWo
zal8-H92KNf5uEiqLnr;6d^AeluFI|7?zLwvKBThDo4rDR&j^qFR`H2!R`+ekEA)s0
z7o{Df*Kb7S&RRdff2B&&NpaQa%vMM1a9^QSqaFv5sp_NwQ<Nvr-jd^e@SDJp{_9<K
z&tPKYUS(gDK#8gheb#$B)zgjS*VIy1z;LMV(ah58>EzZicZy1ozEJ6E=~|B)eH}#m
zg$+GOW>3@LVPQkE_T*P3mb3kXOTCH6q-DU}^$G8`NjL6jE-`HS2WkH*5<Hp1TtTg-
zAig@M*uKQ1iKJ_pA*EbqB{~dV6W$RdH8Gn`C2Gtpl>+9?F^&X7Yj`PXIyQAp_q=3!
z$~lGG=}MB~&HXwrB6iVbEl(4$Z=L_)<kk92Jn7Ar?|rl#?t)gA^1=b3{AjA?mG;w&
zfXsUb4V{QS@7Alvf?C%mDx&$&!%S;2b;l<rI5YqYY-C}@Zz&EWK8ZVgfAQTC!5l1q
zacbB|rPr)sq~ilhDs&ZLGSOY`V^X?3bQY=^;;I^XW$hV8VL~5Ye4|gsSMlA?Zz2m5
zEAIXzU{@FIx2xM-VdMO<L>i-p{a*NUwbSt(@`ny{OUl5Mw{JdC3*om?k?cT2HxoSW
z?hOAx%bWx1J39E;^V*n>QOG@=bsQYYvedNTKh96vhgeSZ`pPWcL~9VN90m&j&xJDH
zNL6uVIgMBPEIEelKi&Aa60#6P9gbkwwk6lG%6?<vgS!0ic(b)@#Evq$;QK4&mQw0g
zDWS?zqv&iR_hCq5zL$?SyUjAEl(A_!^NO+O1Kz)`0F<-}4K3aN4qm+0>%rt^@b%2p
zWmYbNhncR3oYJt1qQTl{J-{N&UoUgJ*Jb@VY`#2Rzgdc03R|*Vf=EiMTvnMP-W<PT
z0&-Va!{*mRDW*l3Jo3bMbY(3Q!w#5rv=5fnxYK9OL#@?7R_6!gHc`0=wYa1&o4DFr
ze}>PINQSULdMYP#Asq*}5&14kh3HIo35Hj+<a3N2d327+)uqRQM|Xo!weG}K<;sd#
zX7?sR6t95~|7x#=X*a@Mf)CqOI3zZr>uHcDH$6%{yvn5Z4ut;N4wx0|33$LBc7EQ8
zTO>yvYACyhmE5N%j@>7e*hl4d)3RTf39Jn2v1%~uv8fkN%%(91O`J(4it&$cXsJ!1
zU*JG%31x)-?KGYcL>Z4QY3TNJWOaPgeP8((KII68V0{dpn$*+!iV}oszzYetcQD9A
z`FPwi2s_^kS`{=Bs+4jO)+JS$Vm^n7d8at>t}jgJk3fk8{|kLaT6n*qPFBDYDbed)
zGh^dyZtl;*#k@67ym*o)Bkh^`cp2?@sERJb*XagPsWuwGCD3q>iM+5cq>l!p+E|QW
z|Ff8`Jw<liucv}onW6w(#baMp{XO)5O=-TwP?#@YFVZ7dv+c3?M`yM!cK78I95Xte
z8N^PR(L3lqBL9^>Bh%0hStcVwVpVZ*O~_E#WvgVK61iWkDy6#iAT!gGm9j5*8w(Wi
zGH)*~1N_N~Ugp2^CWp*hdT)y(fb{p=gD)-7Hxkjk=7yPdSdkDw1|%qs_P))I^BT=B
zW<Qte*1!eP?Q*SKXjjop5X%qI#Hm8w4euYy9`yEKkvBQ9X9|Ygmk5PG{8GAXkQirb
z)3PTSd{o<$03U(VA1d68yo|FjGj~81{5nKGcQha%4<vWycBORowM$2PV0r5E*!t+(
zu=FcytbHFY+Y<H!#n>ATW=;yMf1i=!?jlTeRv}KMM2|TyJn)lhR%uqc@w=6MJ$Uzz
zl^L=*Zc^kJ>e{3jvEs(&2rBmWI*>4Tt!WFS@9_3H%$WfRHy|HquDK-MD2JFzQPr?h
zQ74&b1qX`DgvLD&a?sQ<iwx?2aArP$a6>PWFjq6*>#B*&WW$kf#T1mo^LZ)on;=aZ
z<Wdvy*UuUR4vZ1Z(04_rdUqWETM?%!dyQ+oGk3dGWpsfmbdmIMg6=e$mrH#7C4e?s
z`DLG01Z6AID<64~M~Le@38j~?>+R=7fJe<Y*8JzI=ZjIk;F^vWnwK}y0=fO4!6<J2
zC@172l&&h7an2Bp$Ed=sBFnhgV3IdnO*-a~kmR!$VYG+*uO1~gQ%vDMSx(_kGjEp9
zZeryyWCDjKIa>Rb@!se7HEb2>e?@+li!$Dab;t)=Q0=UA%;PY(So*@6mXQ-vEVimt
z*#tX5BR97Hm>T)}e*kC-`op>&%7+}yeBMi`fQY8YA!d}q^;>~_-8X$--d)zrE)hf&
zbo^ESCfs!k-mW9^nCwrgHnAXWu~_@*gwkQR;cT+Q>`xcWRu7(dgdZW-)BlrJj4bg8
zh24A>2`fybzHY;y$u8%xO7Be_`Sezfc6y#o!I_df+WT7-U_}JRVMM*d3+-<lErk5t
z#kA6e&{hzQG@TbitbZmP%~2Z%d~4I!)R5G=7I?t@i{7ve?nN?H6kcdgmR@MnXP5K=
zpU?QFE(I2d1Rm~Kuw2uAJM^lQ?eH%M*9C*W4(z=5(LJckFWBe4bi1#n2m{kzT$BVW
zH>>t>;9x5Gh6GE1`4&cceE*zaYT9%dqg<-b%Dj`A`T2M4DOhoAgmG+XAFRke+azzp
z><^Wjw8X`#YH!l*mb9453XftO;OkezzD!G!(ir8*(ijEegX1u8l|e#lXL`d&iygf4
zxgNg^Dzm`J&998__fzugSucgZO#-MyU|oAGI!ckBr7#JgT_?+&gjdV|UUcx0g}zjD
zu;J(lxO1U5$xmDTDL+}|aj>5d#QY-bG<E}%o6kljkjTh$m{5xB{LsG71zz=WUFZ*l
zTyQ<s6wLG4ZAG@ZJ5bEvx^TNQ01+FCSEbwk57skY=P=;!k>uw<_X_Jj=if6Kh?V=&
z8z)+&bVV&aLAPa+hL!&5-nP>V@!#;3WIIUVC3Q7@gH^m)VoTaZx+JP2U_UuPy8e{E
z5MFR^&x^C=I&N}~%aDD9tP>A|`SCA2|Hj~e;;Fqs79Gw&j<!jz6=UY{`*Xhb9>3(B
zWNx}XDK6>mdMTZzuUrW-=Es+%X|s}uS67HfDA4P<j?=oM@7?P4?KvmGoZd%uT);Ue
z(XKbp0Uy8qHLFYHd;w+|Ut{P8bPKHuom5ca;jpEzhWRxa-+oiJG^kh_WB1q{GU5eb
zo(~5+_P4!z5UQ0a#f|-@SWW_Y=|!MXBFR?qq-!%+0_0T4$Evw^X70C}cjaO1T8VVE
z{`L3+@f7C*C>%HXPRERY^+9uaY^|wApOZ8e<|FB|%f;yq`4og66Co(Nz+Mr?yiI4@
z2t_0|cJNLd+gV2!A<KA605#q~6#7M7U?@XAT}{75heSE>3@sF7kxW|Sldo5Wk9s_;
zuEsVLQjY9D*09Uu&7^Z1^)I+ZccGu}PN#x9r1qjOJBVpL6t+QLlcDqLw)LkxnCs+I
zpx>*;0PWX*0mPm(a*{C~!vK6k?(wC>FjFh%zE*D_jmESqKBfu9gm!-8rw42=X5^&*
zq_PRkFwpi+Tew!nIkG~=QdH+@^wk~gZvjH*ih?W8$&y`EhXXvcg``YpvqFDfpw8Z<
zKs=#`xZ{y+yV~L?hohT7^Ko8B$oF6N&2)II-#Y&84KA!KGjfVCwE08=O!Qs<7cJBA
zj||Fu%2u`D2`MqLm^u@r`#>Sg7qIu3@|9x#^BY-+N?&_cbjuX(uMAyss`9*dVcF@^
zB_gg}onF&LuxO%hMyEivIxKlOGWKLW=Q{VS_r+^NyOeOXqb0Auy;HE9izC1=oEt;U
zQEJC!;u7ZjS!-Yp;ClTxc3DcuL>U7K2jCrY89|@UTFksDka`yz^ywLSD8iU0#5WaR
zt6i|jM7>A`v>reRkqnn`?NVXuL;BS<!SPN%l?29YJAwQ6a1<u+^dWKdK3tsJr7g&+
z$Mm$>atyPxh&;Mk!iAN8x=Y%Wr?ans(u1YR6NGc<k)y}GCAf6t<l25SHraHyvjEv`
zkiTgUE8?Z~?C?98oPT@|_9PX4z9O@q_&DPfL*!*zOn9N$QrdS~5Wi{Fr|{hHh68c{
zZNB15NJ@4V&N0@D6wlJ67`c`D5ZJVwVF3;=JEFhdQrR`Lsn05J{59Ew%FwK@7SOcL
zh6DrppVoGkehSiviO?5|9W>S`@!-p331x0(H8N4^r7OxVrK+x>qj_qqM+T9;7$+U8
zfmn4#Zy3Zl-}@*TC_a*u`|cfR<IaTnXZ+mVZeAgZqHs=G;=@CoCsVG;`4v35)lkQq
zc=U==k^sffusVNNoPE1TrTq>dAl&0Q;@xo%|Lg!Ef3J~c-og8jQJ+=QGy_BVl_QcU
zKKj#Ohr3PhLYdJm4Ei!Kblt=M>ycQlWp82*N=`pQa%=Fllutm@V|qr);bH8+T32u;
zZo1^hg;YwFa0AS>j(nN9U8o#cSUzEjBd@P2+wCbG*~v6bWuekXqS2Js{F5!2Vr~{a
zCmU260Iz@4L<~8TbHGgOHUEG|!j?uVsFby65sBP6Y3`CP{9I)WVUqdviDb~~i}Es*
z0p)+k-IsJwLNHX>ryw!)n5Jc9GVc%7yQg)XTe<>i#D`Rq_d6>pcLoLY?4_l^%Txi%
zE3eV=MH{dEnqxC`ZS_b*)H2tt4mZTV2=T|5b{BCb*T6bRdI0p3)M43yS|i07VI7?j
zxKkZ<DsyF{R~KXbfG_MAQShRy=kw6=0|=dK+hA}LOM7fEglW+foqD;tQ;&@hkcLZe
zKkDJ~!N({DFx+dKzOqk}Ka%2ZI~D~1k1kI(Okxa_ad8)*2KV@)qeVZp+?<?Glt-6e
z*GWUec5xzMlPy&Z`5WLohmT+bAbB4^TJ9&Eg;oe%QkaP%gyMJ}P-`(;T~6bmDsIEz
z`1FIh4}kQtTfwsWiD|E>GL8Y+BohW>sNKhawKG#r97|NsebWGUVje_7C6k3(QLxGT
zpmUa|IhzC`IorHBmrR>$a{k@uhRaXqP`??6ixo%=ePQBgo{K+^ow-s`k_l-aRFyPD
z73ZZAwbV-^mDCUwnWxD~Z9t_|j;q(W6sj*~^2bWJcmo>t)XNtgCFb$3D16bA+81rm
ztcuJO4Nq;`c?jn!{HuI!ob5SN(xzOy09BLzpHp*Yuuq}bJM|H;5$Y5H>d!9L@*{HM
z1|Ho2LM7QzF4bAJ8EL3P@8wN&g5;n^;&o%cYD|1%rt&D0`s<e@O&qh5jM5-@dm+R;
zq-GrS=5#Tnq2&m7B5@O6ns<ju&wI|sdg4><L(TGWovAg4u?zct#6C~ziH`3SGLAsR
z-0WRJG((&F-ReVqxO`jf)-}kD!5c>tkroYBM*nZ=(K`q#j_?fy7ZfmFk}#=w2pH==
z=9ZLHx+XRppJ5qVjAftd&^`vx|8GiWm_NxV1%tNl4xB@!Gu{WUm`-g<JrRfTB>DY;
zyR<0E{B*ZlaCur$FhfzpbClo)z-3sT_Vu~$5)2N}1*doGqGDDSXlQOTj-UJB4CHlm
zX2tO0z5DhzGS}h-i8~-iZa}jto#gg=#8gR%<<+TYsS~Jjg<pOF(0gK=#rVGG?)&wh
zL5Iu!h`HDJ6>`;gWz%}2>a9t;(lm2z%wrb3+c9$|z+F54YVZUcE_`+uY5uzpY?{*^
zrZ=U?yQeXmqcdJ9zOb(`{mM2u#oPng;+5I4&hpri!!9}Lt0fH>OrmFfk?RzdhzgBL
z`@kJQJq$$R!=h_EDwRs8rlD5i8=?s>#kQaCd%P#*qTqf}87>Q9r;RaE?u=Ek?DQng
zT^N!->7uM(GRzuluO;kxiyvIH8{HPC+UaB@^5G&247%JwkLHB6J3-#8`?YGx;S984
zt;tLzb~tNJEgZ=wz0*Eg>2|KJ!EP~x=cH502A;5!q|bA^>aO_|Wf7D1LyQcP;Fn6x
z42VMLv?V-EEs+}IwI-b`89iU4hMDO9+q?`+O)_5``ZHutjKh}h3`Y0?JNfKyrval~
zw$1!U2cc<>(`)t84?qSpc=gMl!*I?<2S4=J-iZG#8VUh#zQm3RL7$Su%eW^Z<~NZV
zEXX00AR0(H^tbFY_vAoZ`x>mhc|j}w6x|Y!bZhJQsH6+-q5isWV^@T*j+oMN(Ftk=
z7A9F1!Q+Vw;~*waz(|H64;^a3(eg$N)?(o99Dnn@W;Rc`Kr)*LSe2f85qLB;{H`s*
zNq{}Jw@W+)>_AX*+Q!Av^x4(YsvYz2cWtYd=g!ssH^`lR{EGwG>b!;P%NtBwpAQ^S
zfTqEnZtTX6#5?+<#8f6Fdp$8_85TEHahZB;_bCi|Fj>2DXZmZ<e^+>+`ZW}j@{cYI
zw0-R7rp2iTYGvlpOLz{ZoaGj?m=FwNB<j4g0-I4L`xk+3miz#|rR)KPVBV?<)}H%)
z?vNHfYeOuA^}+X0e89LVtP7v)pqrCHt!`o|ckrIeBo6K<=bevsT2pj-BwxA)E$XU=
zhrw%>zz03s<Lk1`cUS5|lEhXzQW<RW9pTw=gK6OLnXttuRZ|cH2F;jitR%xj@E#&^
z@{0!t%|J6#XC%DY#Gmo7jZ8CB--l>inHX!O75xRLi~c&9y-e4SgHWzoj&YP_o)(RW
zhpdqseGFORU?)^@ryQ^W_BL<cg(uoNrAq(jM3Hd)S1`|MqBou(HQ=k#+gD+q0{3F0
zSQ1X+Pg^3@O%OlV@+#XaZpJ7*rnkO+L-i8pmpGsl!puyR-GlBjQh7G<k35Aw`COx;
zOo?~|7ASECJBH474WuQ2`V{+;*9qdP4Ajr@mGY2WZGZDF5ZX`X>)tz1WXrOf`8Oa>
zZ!)xrfrU~!?3;O(_t7i_q60JD6ZiSoHcy_~n)&R=%@NDEn?HyHjLd8fb7p0a&BnZU
zZ845dCsV}$cdz~b!Zw@XHY}hwHT+ecoyk};gMpNVucO9B>A?hWfNcM+ZWDrNCud)S
z7+>aJ%4eVlnZJd5P;I7G-8TM=4`lvUm?(InO>KqtM`1*BGH+e%e3kB<y>9GR9wU#W
z@)jcAgBXZMJ5vzHJlXVL+1Bmp3DW>LMFOMX>N|cTKUdA*m^hX7zvO@TnXGbQk!w5{
z8-^S4*<@(2fhze^lgvqrvdz}YFGc|8n-{n5kNG9vO-($}%<Vf}h2y4nr?lTmbCmhd
zhNB{{F;CEVm78ayr$N1h4?ZYyIzPKwgDgdb7XaQ~!2&WH$^;>zG}GY4ef!(eamMa7
zMvNH1f~M%2q>EKd*eR!D8!)@f6pbM-9i9+2)>twr6L?bp#)SU@smoLJnR`HImAqZ5
zV|m6I<Dk|LWbJ*0WOSL`TgDn7PqvYn6SHxP{ZwHRqnXMsv%{j`jxUBxSQ3z^ShI<v
zL>Nf@`~2=fGg|w&FL2`W>XbE#*M>b2yi9?Cwb*q`L3FVuvkx>O8rnkXk-~{2f;hil
zuUXWIKL%h+Ar7x8phfEt%B=nTTb^ygi{pf$ut)UkUJbjpPqt5thqQ?H$uR9>LFM5S
z>K7UW*Xb)g!0vDVE0<erts#UeFNJhxEo7Yuw2+~;J6CX2-mDv(>!C$wEBpQ_kl^!T
zr4@L(*w{8OP)+^3xI4M9vCE1*7#u;n09*%79aG6{D4+!rVaseh&wv{dlM9Bz0nx92
zV5qvZn$?I#_QD)gia3*RKXfL%C00^RBY$5&gebG|Vvdee0sYjrq8kc_ExCGL^f4lA
z0N&p3=EJ2CnmZoaF-0Q_BjdJeA-Y))@WUet*S!>oTc*#kST>+B`L!bpOvebGcD{82
z7c-U>rnAj}RJkX0*AOS^Pdn1#k(Z~ij0dDr+jfsA9DWB+SQ+3Kf2;DywU0_cWuWvP
z+x&j!b??07hBw-pG5KmQsdLSsm5*q;!MwVSVB346YHmn@kq=L58LMLh<$o&b4k;zT
zA)HY}mDFrBUg@hkMbumLNRb=a42brcET`JIw!<;G|9=fV%Wpt;7pWETIH_$wnHGFF
zDU|TGG?>Au*Bf447&GH_S_%{>eKK%)6Eumw)z>WH6t@0wu$5GfD4(VTZAAB+0k?JH
zg~xfdkpggnivghBQMarDZJQzK#6Fv(Ivwk)r3c7>7dV*IMnj1w?fx+$&@%XJT6*o|
zHq7$(!)k*MfGA}F9@J%qLy$KCH9$gM!<~{|Q)a(VH~9c|aeb#IsA+$2q?57OBLqI2
z23PvIA3YFX@26{6J=mVE+qO5%K8*d5=<4_x&i=l(BXFK_Dl%0S1EhI&VbAn%@a4F`
z5?N%s=p)ze%7Z_Yok#78|493g-A3oZRFZSgfeAqU&EF)^+yzqLJdisBJ}8|H!%DaX
zCG+|4eV64{D+&Oy+U2m0@PK-b**rr#-n|%_Y35h9&B&kciisu;D)KA}VcTYPwjccG
zd<l6ZK?c4ac>3eJzs?6bExq{q&!sy|bMP2y!ZVH;I3C*Pn61Hl!ENsKOce>9weB@y
zQ<q;n==s)no$X9S2#^ouX1#noZ<ki;_t%{WCXU^Z&lOhi2w9UlsL-DGdxdFG*)YC<
zOd+E*!LPug)2%{hbcoYbHKn&yMl+^IEO8^jx1y?>3hf1px63PJoQYGRO{4B!&z|w9
zytzcuc2f76yuZ5cs>h7j-VJES)5Vh+)1K#aeAuerO0uJz0eROAXwRiaEpE0y*`B&;
zJ&eT&Qar4VYWv827f95cD3c|)d+?EQuP}NSboIs~SK=Jp8vE!ShhfAw#o=6LhDPD3
z|F>YD9yO4G5ywX^bag^S6G%fw8;{@Xc=(4ViQLL$)=Xoui1!NeD~0EO2+UjfDxQPX
zv(V*JK|9WN);l-X_C=y8GN#2!d_&$p7oZ$YuY22Z;M9d0@t9%Mn(n9C{X55w(5@V%
zvq)l9q*N&>`Gzqh^^cxrx<qeG?%)jPq$B<)L<cl4>kq>{qoMD3=hRGF${4_C8nLu1
z)q%lmX2I7<rBY{p35~-!b%V{t<_|&L!2bj&A_vGk69+;BXwg3#%dhgr7dtav7VN1Y
z{%#PCAI2oTfW8JmJ9OZ-(DV@qD^kg_;F%X`MboCW<Z{d8|FJZ96To$Qf4aBcmMP|G
zA+jb^ei_kW{PsB!MrXoTF=Q?z>;Ists-Z2GmT;RBL|q8{#iEm_Vvk|g7-FP*6B#n_
z;YIbt)4mIBM)rRwCZdu5Yf1z$=D&lXO!z39+Bv~3Z-aUuuhqfsI6$A|oN7g<(}m=6
z03f7E(Axo_Xd9%(ezj*#Q1k9JqG&2N(pH1Pw1@%K#o1^Y$CyKLD;VPaS9i6i0LZz2
z#0$0zW*xOMAT0iNi;QrPz*Wy{ZMaNZ#kIVcrn!D%pZMEoczt}T{RSK$Nl5d7_X9G8
z{j*0r43JF2h~p#|TB}jil#G#1oS!h((Wp}DPwY`70kIB<X5MiCq-EA#ydr2apqtuG
zbPeJaT|DT0MA%MzJOT7e;qop*V#QB2gdM&aE*_eurk_n=j8En&Zsl#awkD!)M*>0#
zA@%*PCVdLHXXqmb9H3^3Q^t^yn?V@G9@9uJ5*@3ERk>C!Hnt(4v`}#&-G6AbmKy%g
z>qDMAKyBCk*XzHs_LThOV}_0rp}+Xm7)?6K2qovz<@B>>)R+1{4g3s8a#j|UdWlW$
zUQ0ksIn#OL)@i<^p(cYT{obHazhDxPgq3f=zO2r+t)Kd&|IFtbu-`s*>>G59k<#zn
zgex7AH5nd-t$eHiLkc)KL#gPZVKl2GVE=z{@Fzly@^VOj)&dDn%`67wzT)-ny&uGZ
zd@^?Ujq4WsIOJP#w4eerewK2>QZ%GXeNDl|3*bN&Y4cX;zcSDO4nUr%0UZZ<M`^Dr
z&4m|jMGa^$06~>1vDaNY-(4dF-g?o1;$^d?%~UZd3YyU4AVGm^pWNOpT@3Dv>q1ED
zQHIQB#pJrWsY{_*Zidois<M>nlMIT8^xbUu8CsWf`h0?;z=Vz=CF&Jk;KO|{=hTJ)
zp&<8XJwpfJ0RLzv>ZJO{?FUqLruAPpW=ZQ?fQ?psDfKyPhb@XnaMO_8YUl4MT&JGj
zs(|2sT=5r(EB*~36x}PG;c2@jdu!wkTmMQ0H^nEk$RD73XXIDSXI{T+=_Evbac}<e
zoN0UFgs2efJehUi6n*pPD7T%12S<Jde&Di+rxx&5Cp>a3h}5oGcyuYTvtmjyh+FL%
zvwP^vph0d^7=y>vD%L-Nd3Fu@cwR+-8zuDL(h0Sy47pqd9X$DW6Nw2n#b&`KG4-Uo
zx6l_quwnIH+!em{>oygR*LsC6<;2y#l5c%n(NS6!L%KS04GFnLwK$dKk%FDV?Qoi0
zS+yKKvfetqYv(#V<gHe1{bQ3#rp6j4c=?OQ!hsa^V&DJ9+!FrCrVhCa_<lRnLrT=-
z*b#v3N@+i*)<iOKy3@YW3AD&+gR8kyfO$jzY}BZ|g3^KC62o3;7Sn_&$4Dl+gt6#;
zDKbkcGd9tsAjP$z{COl2_zma9d7x&zqMwfZic_4vkLp7|A`CGysz@HZ8)F3(5YGAj
zVkRu3_sz-Um_RAo`vP*OGC<ntuaE1;Pu_nx+S38i!Z3lJ-TK7;$Vwh4Q3QxqLgz(1
z&I>VF1gQ)T#_w+|$cyz2(j=x6M{Y5nXPy@VqF*wuVR=mAye9N$;aW$qd_|yQA#87J
z@QTl)ev;0G-AEgOtO>oT62@`hZt7A><ijbjeRsrI;nr9@?)!LJkg=V-t7($L(|tkJ
z(3H!)c<QCrV&B94IU_8FC#Ow?izA*w7BT7_GoJi2c)ld>Ri=q3P=U^fRTVbTn6IW`
zqh@qdt(NLx3dfuu%*IwsyTP1QfsB5^pF;>4N?>^TtcAv-q1kF`l{Z0=kC%7#$HN~S
z3ehVb%tl$~xh*Cooc3u~=$H4<*TF8F43`ahsW2p|2Pa=D!%J_4562%2wC}ipHAND$
zdy|bDp0&%2SIv>!z9-{2wfJ!}H+*42czZ%s68@5S&xN&ULyY`RG8wV&05L85>FqGF
zB{x<@Vb@gE&V`1!Myc$G`p2?6#5ll9p2N#cVo*#F15n|a<-65H4zm1>;9upvHu?R0
zMA-96Kbmd6SixaQkhl2Ar<uKg-~eMplYiu{mre8Tv@de!!fw@`u(9r8_t*Sx_5c8o
z8@X^)C)2E*5fnt}jC~ke#`n>_0k_U8*k<lXy*LZC{?EFPt0f1;`jaiyi1&iP5o$je
zZ#b(h+iIw)!yNTFfVDHFC>yXAkp4<5?x*b$8!c8(ZsN2k>g!b<JmY0lNpn#Q=<UTD
z`A^Qr2r0^7_>sSIKAv@e_%~mHJ^thO^4K^K@{?I+FKCRtHFf`eURgb-xK+4C2oq7-
z0Jf_~TH+)=hG$_b+p@n8dC1}IiM}3!Rq9j~heZrp^uDc)ya3v?piCR5@|7j$)<qA)
z@S1<40}t`R+q1YV{0+PTyo!>qo2XVdBT*eBdv~2W?f`b^zugl{=Li&4Jc43)>%!kQ
zr8F7I)>{cx9vzyh@D%3^Nkyxgf$cSdfmI|gHl&uRFESkoVb7%RtNGGXiL#wMe!)64
z^=^3YG1SV8Uy-J_p?SCYfjztr+)Kt@uZBHgipi0{J<L^5n-_fL;yHsMzCxc71b5Z*
z!_$oohsaH#?=GE}cceP{dLh^2v6anYq~6u#ZYrZOaXt3T!xKxSk;pz4atoeSE7$Rq
z-<Ql~LZ1R7!O+{La_9YyuNcp}Fw68~gDi6vL9mEcbe5)^=UmOi!xAj1rt00PqJiZ;
za9%z16*30;B~RVQ6f9~&{~=m?{#x{e98%`;ZH0OY+K+P%zAyElYgHrQy4Z2`I4FgC
z?O?SvBG0$~CE^wgq&xPPO@zDBWoj4YV>mMO-z9%m<3$6H0ZINv^o!WSrrhtU1(bs}
zR(rvp)Lh*2S}8Fyt}Qgx^tWLrrT<l9ow+Cp`HR>;=k(SRb&h4>-imMeb7D{;Xh-6f
z9fqyy6+J4sN3$dZ&HK3>j-)e-7alG|&P(uNpK5KF+q{ipJ<~DOP_YGPGG*SG#Z^1B
zFGl1EYEHVob1xazOqyFnBV00eZxVMoilM|0$Y@ezEMxUNDM}wWhMu3-#WOY|gisg(
zJedTK6QgFk(mZ2i(dpr&`wn?P1DcxjK;!I<G-n!{ICgpzrBx8fYR<@v?qBkzOBAI`
z8%l|2og;X(0y?1|c6lgH43&P6W39<_pn**yDVUFxgUD9)T_p?elj$em<4MEfVqBsr
zR!PB62S?qKcR@p`V<M~H`_hS)_Od#Cyl)DRzi=KjU1IVZFuJGUw6C~ulWLhA>+%6l
z-33%^+am^A%w5vm#Xj*3v`@OudBI*mZrA=pv}#b@%KGc~_XKWfJ@t!rgIznbfo<K_
z0S=XzEW9x5MZZ{9YLsybcbe4RrF9<b!V4R`Fz)P_?T>8)sjAcWkG#p@#n?|c@`!Qc
zU^d1Hqh>imTXJu6*_$PJ5bK;#dZ&%T4;c~{N6b<S<q7Oq^m=sd3T#rt<=2%`=8ozz
z-(O^I2;$h)N?vNMdL<v{<CZM`%y}C~+K#XU6I`vpnQ}|_hY(Sy0JPyq1;tIBm94%R
zmcTpSHXNIwDu%(LL2iPZN}rF+iRCA!{x7G1Fh!2ggWy-F^>&kp9s)N+ClH$G`tBsr
zG$JqAdx?V2tH)rP-Q-40ki=8vGY?y4K+^)f%2xTQgbVmec1>Pzb_ZZ?X^chBqq_CL
zt7<5XC0_fug?@H~P;^G{lW9X=de&3D$f{-Ikqy)6x$Sx5^<^`Dtola1OIaU^N!1tL
zOO3NX_<m{-ahkoZ2~+JAQ$kRaOkmdC4XuRYQdb%*mjclZ#q}SX!E3(A^qeL0<`4T1
z?D<h=fp&}<Qi7Wi!;U!ZhJ|(sFv4{~D_d+`==?QN1kdH95K15*Q|2N*r#r8S`0ZQ1
z8@5r$vusQ)Pa1t7vfa|xd9q;^m`K#<VwQj^aP|bf#!@%E{aqx2BHh_(1wIQ_Z|CWh
z*?^hMC(U&7OeTa08Vk=JP#TCm7D5Jgv{BTxG}<Z}%p1<3gC(LTE315=-?F6QowMiu
zouN@%?B5xxIyX0$;ioO=0P#njB%S-fK7$8~9j9?(BOU{f1~nHxKxg8qtvJXPJR&Rf
zKFxYO4rgAP5*N2pML}T(S8u;+Jyfff1!^#`OoD~#e{Ob?ErItND_1hUcapY4^CF_=
zReoWG$TAs|6e3GAxz|+~7NaHAW69QmQ(JV{n9R}|v)JijCL{qT`9qE<o+Ak8wEtr#
za-D~A+4-x-9BOlH)1uQhL8XRueEV)&yZwW{sEmn11}dudM6BLZMejottnK||#{-b2
zlsWu#LhYM-=t1DOI=_>+IN@1Wl6$8_uhEac3s`9lM=#xK>2qXw<gX*M8EGk+vt=jM
z$VsnkXB&cANBvJQ|HrFy@9B20|CZVBQqFUnaDqAivl(2cw~{P=kRL|<rYa%2`4Twl
z{+f7kcm$QwMM7D^F&V0WxOqWrt&BS*Ud$(2XfFgA%abmiyYp}T?h-FIYBYAt2--Ow
z%X?g{*wDVju-EeqUNOIkDn4b|hWkS84_E&w^u&MJ!_f(t(cmC%(#6K3s?SOi#&3>;
z*V)6zdG>9r`d=rBxZe!fSM-H?#IldB1yL`3*?#X_f7x7AV#{!Iht>|k#<HROgj^3@
z#$Zf>)b1TyULPZRWNvPF=oooFS-h|}tLA&44FUn-nQe$!idXVy(~9AK##Szy&x;6T
zPbwvyK}c}Y(de~+Qq%dc@Bb1g45qsc>J7aA3gsZd32pu-W<SdnzbQiRy-r#^MQ_Gl
z1hR}LsNf?<ul!a^$^gpNUe)n1aflF<eBT{-+18Sms1m<AAKBMusYIRvRyk|9G@Ji`
zfBwfkLx9uUKQ(iKSx#@G^7*CtafL4+Gt>U`L%?0nNpTi&rbOo2k$2kzhmvauQI%ZG
zS|6&i`}O$yf1NRd4xaq4%p36?wCT}i@M>Wy*IwJ|`<=qgW?ZrL+K<y;xu&l;-#Q1q
zS)dIE&(V1Wlkk*Y&5e1`xK>LT91&kH1h=VnU4yiA<^saj1~rWdhrxf_@i0;NI$gw!
zkXCG-^ngh5HScbiQdRZ=vN$D193#7_s!C7epcu9EaR=n=!`Mqi8);!(wOu2y=TPDK
z>{*ipy;}da2aJrDu2bT*I3)tNo^Kkwisf=Qzo>`6lf1}B6DMH()w-7+YSJISKR?we
z+^B#;+z?Ep>~47KQ`M)m>1N(@VsD2-k=rA2Iq&B@RNoZIA+lVN^@i7m(tGn)<1NR9
z5i(do@9hEfy8Z_2bMmqX91LYjz{FIMBb1P&Y)VTW@#WK0<+75_03?v}F~-gvJlwTL
z77@N6ndJ-xuG7duLI{#s_MuOJR6CQ=j)pt8T<{b|4|iE|=na2*7|igSWfl;I1l3>B
zpFl4*Le(7A1aF}EtQ%qkd)!)q9RT6anVY3f#C|v4Y$$?u9|_m+!8r?Pa!iyQTe_rp
z-()<+#;4txsr<hhWD}+~WgB|A2qY6|s_1cs)X&n)<>b6j*B6HzbDGYVydHzOeV5A4
z=hjmf!!du{Qlc52_t-0RHHEq4;G}}V;4i6Sl*G|nlG-IR7hQNl?F2H2a6{L-D+h-{
zE5oq%>hJR#1;#=SJQnB6iSUR-xTjp5M|L{CLm(@^bVevm{G&^v7X!ryBDgic8<?F?
z%S2FdBpIzTgOYAt5W-0_o(T89SY<?;_nXrife<$Ya_ih{ehRky4Ysu^oTfyZn@n6M
zjhe`RhpR}0#KTu@BTJu`JgNCcfSxnb=Apb>!qL>4v;SeYX1-~ud7q@nzX0=ba&;-{
zDD+A=8rjL~mii&1+Y9w_W0n_xc>AXt#5~W*wj2$Ix4WS;*YODBE;X-9Rp&ucb$$ai
zDnT#+s;?_?z_I_3^Z-I8=1Ry|)`I(^{RnR0hU*UK-LJ9pjzfOkVaw>XBU>4f85(6L
zbD0e2&ss*q!wOkn$x^PG1l#qEDSTwtvK_nlr45QHC<@<6i~>Ld70q1ba3wbQRdfj^
z(@6>Q>(^R{%4{!kpkvFjTq96qQ{iE(nzF)A-DW#6re>jEN*}JY=j1YJD&gT<xerEi
zqa~Kvo;|F~461pf9}v=rPeW#2rf&@k`?nFPiI*D6#EywMC!;88QO?|RmRKJ_n_SHv
zu9SG19j>g~KbpzX&vsCY(`)+UpW`w!Df%p@k(Kzx=}GGQwQo_Tf1>?mkrE9fQ1VHF
z{97a$uB+bgFc!+pDVUhKET2(=Qgv@>;uAvsHSnLYsgZ#i1*9}8Q^~BT6h?aFnQ!PQ
z$23Z2HOX(ttSlDuiMRv{59$9g?IPF=Ox6e>SEcjJ7MNC;n1sOIyK_J0^EZnP+p+T~
z-)uPSo@>Ra^r?`#y8#-TtrHmz8I*Io=d5^JS$St%!+RE&Bk<s+FTT8=-i~=kWP4^B
zi~0DVCJ&2yiPppiZh1##BMlt^g(B&*{CrG-d?Aa{IoZp4kMSWhc+!7!e}=%>OtRU=
zOnMyEUA%h+%hTSx({<UJ6vTLR=KNOb@F(rgEL6UWIQ50|*A8Mx(-RJQ4zo`u37g)`
zuig}%K%#WhqNiFZUMDtQHT5>*9Cx<z`tL}pXY&92zW(d0ZjRTG0&96YsxH#icUKPh
z8zAA3X<uz>6ocbWV1!vixVz+i3FK%FB+>O*C>#0H+iDD!i)sXn-QR4e1l!mkR`@hB
z<Pazrar31fd&qEpLG8%EOcn$5UY_)f7Ol(!p|jhF4-WJ(;GZ4SJRXii?ASaO-IS@=
ztSi?Lb4IG{FJR~tVe+t2jEhNzT4TL<xYgXgH8PUWKPT3>d6It$4@BxilB|+ZAIZ16
zX38kM37m_^2eyGQgpY38$LRx+mz$I7w*xv9pX+v2g1fW_DUg}8-i`I5G8i>Oj`6TN
zX=6lS{UxZwaF4Pb*r&zuMm5K`wV2IsX^@^r^=M>T^pRtiFoTm4X=X(#$f$EKW`><n
z?g-&tLZ3ZmE>$DC5+q0B<vk`JzbTVo)jw%jzg@S#wx=RBome^?F)(EL!Y;sL4i`CX
zcevsj_dQrv6hu)Y(D0|e=xUea-IizJhpKVEKg7?vm}AgJ+2JKGe8MMuMMJIGqoRZz
zAyGxWnM_{F7G5PbEpD>=zJ>yL{9@v!H3%zlOCiUQWO=!^HSsv>-Hm;}C|kZik;D&q
z)jUdIRC3i(ot`xY_kvmLLncG!`6*RXw1=r>I0(S!r5Y|$uP3nZFktt17mT*jrXge6
z*yPXav_8)8ZPpeu;#2`G^Z_6F^toMjiz&j35afpOdTmvbU^88^T3H2qJwfsz<2o&Q
zDn6?D@(wcK#TndleRGQ?5aNYc$-^Jbkl?nv@%Sp|f%m~VA8c7YJmPIxZ>gddf^D09
zK(^P0?Zo?e$QJg!DUGlWD>ft|ar!|)h}g|^z#so~I`M<7F_7oUppBK|b>hQGO-LnW
z5*BHU5(Z&tP5Q(zc8RN{9~ip6qrBAol4L)mZis(JnI1)|`=pBzyW*(wW}9~pSH7UR
zv_o>iU?Bu@kq`)+hPpSR{LZCW%0p8+_0W{6<j39YDqiB|{MSPOg@{<V4KDJ)^Wqm!
z9a#~!%rX3On2bg_ZH@9J(oD^isMYqED2Fb7C|?p)gmsUNlL2%7+nHtr3CPamK%DOu
z-El2E#4)X8nmRKS#8Yz^Q`o_!!Vg-z&lN2K1si8k=%Og&hHcI!?ZwR<)aNa-RxI%<
zvN~IYbICgbP@ePmd4NHjekTP9JVCMxbLe6QKJnL6ZIjXwtx-*K<z%s<4yb$6u7Ljp
z0Fs4=2p|9=0G5#}%?3yv$dgBfmCJN$)eX@6Ex+D#%CXkDS<$Xdy?Tm|Wq&x?CyxJA
z7lG^OeTufNC%HU@UUku3j)1{|CCL}h55u{3gh@v6E|rZXRe383z~QV6IM=U#D?EP>
zFHkb2#ObqAlKdhJUIF-H0Cc-s>x`C|u+5b6y^TM;ZioE-Uu2KNWTk9GPZ6m-myvHv
z9E2z=AbtZwB-j=5u871vf^F+7<4rfWb%2wb2d@Rv7u4;lUQ52X7Q1|4<^pe&071p>
zk?WgGOUzfus-j;6LX(O2EXptAAh)YNi;0qHI!?cslBAGW;s^lB9CK5vDaB|pVT%4Z
zFga+wea9DCMEnA8GSU?I1|kcIi_^_K&T8GzroW!%s`G{j&|$D_Kmy7*LtR0znmn{@
zxiZTJFOc8i0$5^vo$l!ec_-AIzyXfs&b!&Vx*73<V`TMu9xxcKpj3u$<nq$N4b;FG
zDakv*W(0fA_S_8Z?e>a{^XkpLN#Q*<Rw0wQ@QCWKeV<HK5*tc44K~({SA|LxX43ml
zN<hpuibixjh?HW*Qf4RERo-+NsoSN`YB^<IS<nYZguyx2+@Umm_NIXsnDSdG4L(F#
zi9NcTk7PU)>vkH^?f8!LERR;e282f03g4d>!lU>}vAP^L-$Ra6Jy|tPl{YDSqH9X!
zhGmTm&*5LS-JQ_gg?5m%gKmU0JAUdiA`DnD7JoDSSf`vglF?I1eET_dc#4!!^F(u}
z`V<LC@w(M8ixsH(O!2Du4k?9@P`cAOQG2_Ou@0QGOERma&~r1arKw8NCdW&~`z48O
zi{bg$qukN`S7;K(v?OmuuNAI6$3SYu(IFwI4E6JU{FAh~zUm;YlNQAj$G&)_o9bNA
zGzJ!z9fe7W$ur^gt=8)gIJ+2|RvIo>P}F772DJV|)Z~<@$OY<3B6#F&nh@9P3@$LR
z2SHMp`k`bR6LO`jCbBEY|B<P9=_;`-1?WoJiB>2a^4gVO#hTyi=1ffOxK9pnTB_qP
z@xbm!@&TA^(JIBxuU33Dy}0R8RvwS8-)>14Hg{q7vjQ3aaZr#il!lXXq4h{b@l`D*
zs+62PrYP4FL$gEF4dsxx$}GiTn&^iABUn5B3SgA9>rVPhBpC9bw-ILhQWvued^{%`
zCK~`+Xwws_p%%2p%=7+oEL)lFJ6diiQ|((xcpRw2F>H`tGBcP6Ks?vX#2!w0W(aem
zf+(m>WtIHc6uIQj*=f{Mh7wQdSX8Hq)5I)N&eX0{Xa8(#Kt{auCAe%mQ*t>BWeZ(&
z*BWN4DOBE!+S@JNKDznz*?!SOg@PMw{JdsfQaQJjJK4Enr@d;Z%q{B#mPF&S!LGYA
z5O^5LUP-%ne=+tr^b}{Nk@5&y0RqLcGPY8f{4KDa&w3gez9a8pm6G~JMI9|Yzr`dS
z#%aJiMyggzZx;BeL`Bpjp5k$&0c-L<l2HU#mf{4#I28mzGHqGKU=@FJ{A@1EDf!6&
zSEvR`K6O3!>yR>ajeXHL7Ppsz1o+LZY!EdTO|=yTQoe%z-_p#6nBT+-B&imHHjGti
zDI8=s)ll3krw^s2a9d`YHr3W6EYN^yVvhj6D1hTHXeLR!03c*1x`iq>Wgz^n<wJf3
z$i)(tvZhADXoP`88s+u*oIC1MK0DPxANO7K-5EG6qd?r>H9SW*5WJ?0l(h6ccM$p>
ztZQ2*>y_F2vUVkXz3(Q!%g-&$#ao^&qOVg<8R>$I0AHVVbYa`z6?xAqDXCXfk{#|!
zdGuE2xvbk7NEFp{rd3>jat8TnS)K-Fu>K$WijW6NVS)hauVCyCtf(P^kz}|pijFF7
zUMWXmFa;s;18wRI!fuS`mos?2+|B$L>k>u4o@a}L!6binKonh~l3}5-@gJmOt0DDQ
zZc~>^{3MT~&tYwbHp50Be;fA72gn$NmjD_k8xngVE{ZTcI?ck%h|p<AoBd5sHW8Pc
zShp@Wni_4-XLcAv#{D0DI*c;0+*xwq4_?B7j$t3x^*}5cr&fK{j1bO}hWV(gRLJiy
zz+jj;i+6%Rkr=X+-56bI_qQlF%5-dRw(RA^1#-oh64-29O}-m}SS{3~8MyOSBfc8Y
z%5FO=Tp`BQEZ7MSe^ZF|9{Jiq_zz1QiU|(l-k=arMF-fUkP<+oxC>vsGpybqj!Gqj
z((K2PK_L_<4}bf2vz;si`Bw#RB01j{r*9t?wUWK7xZVNO!P$Tw44oH<dYoKuTapji
zMopS=d$Vj2I40ZxcTj(O0Okacwj;aT+1!@W8DYhMhi5>LbI|}gnY8lLr?DdIAVKVU
z)zm+C^ilI@FVUqgx$^zJ_yHUQg4~uR1#Dc8vP>l2w_rMqhec|9UtvUT9<kU-I&kP&
z%zre|=4-)}Fi{h+4l=*9pA5Gdp3d*u3pjeRUUN;AU!|7Zu2lR2C-I$7ghb`$GdF-3
zIq)C5M;9T1e3$lBn5Kv{dB88PYJ)=S^I$ROkvcxE4dZRydR6;Riav$^NVSx5Ki<lH
zLB2ey@6nS#RK>)Q)h@7F;iH6ZUk%y!QQLxFNY|uW_QBX6!RuV}g`Af9E+p_y%vy$d
z*kI3OFy70tg(E>6HL73J^$OFdc+u{mt}_iDo9t-Wj|=@7!YUic1sKT%D5rhG9pa_`
zIFsZd*uSX8te8BRQ>C<ErK(crGZAJa_ut8vB8oKlg25BsE)`MC+@hVg_xYsdce?c5
z$N9jHa$hNyp_#=?`@;5VtAga5Ob^7%)O3a9v0{O#Hmzv3r;OOi^7`=B7_@!J^@<Wv
zJd1vOe3oZqbL3*@&fv_2uJ5H2g8d##lgZ5}I4*e|7gILCx%mh&SIa))9uMC~pg=Nl
z-!Q_Zj`lu=e=_E?+qyQ~3NYFVz#NuLxpc=Vi50WYZWf)!Ej_6A+tetUV2-9qxZ8Fj
zWTAXf=_MWmIZh!~-o94I3Osk;-XG=B!l9gVRJob4*gtUN?F8$|vI*GyZZ;U6Kb);w
z*8-;So6aEw#o-}kk#;=j0<iu$rbCDv_yzKLjmWf#fmK0D(M-khsoju%3@LGdN|IK?
z6d%rC5;^c+WoC68g+^S3&OagCek=QZG)v@!CzvKDr`xBwVHVAXJN4oAXtZfZ$Xb4Z
zqI~v^4l*oH;i6$Gw9!A@XZDT_xV{ZI%6>HTKB?&8T3Jn9K*m05K1Q~_z2b&8c9>ab
zW<`S0*?*j0SqjMTlW*H|0p@-+2t<A>6j;BRYD0+zYE5l)=3-&|&JZXV3hxXvq0e!i
zDa`yGEiip8FqCfLZLv1gcZogrd2ojAQ_NYp#?(p7xQ%L<0wg_5c2F<r6eZ@eUtB1+
zbpql;>gCLj%Gm?q8qtMKv6!255mtNMGPe%Hz!fpPq92Ao84zJ<o@pdH0pAd#z9GuJ
z!p`2d9~}zVbYDmgQ{%E)r<wf7vW%^$TU>ZnP`!p%`1Pfan~k8*fx!A3hJiE-wo{BT
ztoxWWJG6Z<?TcsXgK6`xt?}L}Tl}+gw1kkzq6^2t$(arK8)WW}$XW_Q`UEgJ|16HZ
zvoJ8ui=9*<oW`n|S&3-K-DJ$io&qr$@X$_UXQUB^GY6l8^P(cwtU~mhRUJ>S31Teh
z;0ao(Fxn$SD12(HUYUN=KgNMyrptAiI0BWOv$EQu{V1&uhn$l!-xrG1k{99bB?)h!
zhc18Qz3<zQCh|R@LWMhzL%48~TYy3iT}9fnuO#swM|w6s5yOj4Nq!NG9kE%2jync}
zR%_?>-pPOj8?DMV1+FpL9`a8j!%QA8BF`g%ygV>wytI=AMY2{D|I8%D4Mmd8;I{Vt
zbyIo|8c&>)Tl)>fkNAM;eX5XqmrbEo(ucW56u*S8rGkZsqH;J|N1Iyy1cC}1et@d=
zxu4nOzck7XqCsgJ_A_}KLSOE5KPhgNhED)bX=F7Pabv}ZX45}>*1-O(Yi0r*{cl%F
z5z=GOsRThhgvVEVU3=T(s^PBJ#di%F@4co=+9?-5K3pES-7k|e2#mG(EENjKv?*&D
zsvkb+c0j{8XVNZ;X#j+v{<8J<aAXvWfj|1;{Yb}RnWfJLv6xsN6s-0Z3&O<6w;@cU
zWvQp1fG%j5msnRX10NPKx9VG^r5mcuD?r??l_9O_HbWg$(=n!3+z;Ro3jD^Cp>O;8
zxmY0uOoe<EgT5q+wXHL|&o5CZgNIjSqN<UYpQ4c;n@dIe6=ViXeOZ}l9s*=E!4YHK
z1T9I}cHeqEhW(#;DO}~UR>=asa!us!+v{VWo9W~C!wd@7Z8P{VAf)G*joNu295f#o
zVTilN&e+tVUq+nA^srE&j-NnH>rMfx-dU(Qv!gcw>byK^>jy&fcRpIKp2c?W2JZJB
z<gJ3Rr}bz)?Fv&OcFI#)xqUaCyuIyZ^%L=>{QijH?Uu^yMi#l}nmrx)`F66*R0<XR
zU371-XUBL}u5aR68Ge1jGwIh2WHyHU0~q{{PUUazoQZkOB|W6#DwZ5uy2or1MUwx2
zOkH(YR?X8^y1To(L%KVpyBk5eq`N`7yW^ojy1PN8LAo31=6l57i{D>xxDMCu&fIfP
z?Cu=vjL{^C4%XRD;BJX{4;5&_-!24_s0qX#YAnzrlA@$v7nd%NLZv7J1jX|#%kZW*
zY)^e$KXW9>X?wt}s$Cj8bk4qzS7*arz)ff7s`}eQ{ApgHP-c)p+{-B<z78jaJzP1d
zf$ls~;2&E~uR5j_pIMs7TNU@q7Cn;njS=fcz|4oT650K0M;z-kZoSD@e=rjjBh6tK
zKN1lfpQqJ=htRciXEbU^TBnVl{J`@)#{~z4pZ=Pw=<oJ-#C(G+;$B`6@iRCny`*MY
z5@1WP<01|JA)0i7yv94yma*s{^Az(pftw{jPXYz532K_4o(E@wG(<fqiDo#PF7Wu6
zguNpX{bMZtNEU%?x%2kPPZ9jU#r2smlIFFbfCH8fgWXLEM@us}8GXR$b2k-0y4&f2
zGlyWCCxA%FY}&|$FY8?@K>s`^{AABoocqyU{t35+kKwuYcIWK(<+6RnbxVzS`F3{4
zOm@8cb=!)|V82!em(TnKo<MvzMopP5ir+m2dNo}z<y+9N=>j5e(x>)vLH8hS;|~X-
zd5vA&hj`fgY$89%*dZ{?<NS@M<pXX1rVXbx=h4HWa>q|HVx3Jm^yDvXY;4GIM`!-2
z(65>iFgELv>OhD#plIQw9{q5v!BFe}yYf_{pUYgc+$eS=!JIlp)X)s%?Z$`)#hB=I
zxeii-hhCUWj8NMJedUv&o_acW)raEw4aLbcSv|oz|1X>;*1_YsuFcx;UtrxUk&>ws
zb9{OUE@hS?6mFM;prL3qe(6G>BK^H0(*qV5?|DrE75a_#{M(4KS}2_{Z!9*deNnN2
zqK>Ji76uI{k9>;nf7$}(ws(QPLt*20<_i&)eI{AJQ^svPdx<57vQ=aaF1NKDyVu2m
z-`A&?(`Ee#<tuPTHjaUx37=@1R7+zMaFcGcQ0{hZcf#%uN-lY)D4z&PiumV{m7f~$
zQgb=*Qgb5kQnRHVg|0RrDN&aU3$wY@#^yQ)K&LJ||8qx=b{os>znNG7IpI7;fc62@
zlspgFiu~YYNP1F|%YHBLL~ZNjh8VQ<DrB)F|GrMe{Lrc%#M9pm^5En<Wp_0w+@E@j
zJkwE(@jNl50VIR+LZk4cKaJyu1~%YXVQNjr2T2U6Nk@f1-oa|nH-gKSH3)gsROO+{
z=FRsFU8S5}j+GBRd>$uD;<Kes-6(b89hlWt_Wh+2i~5kCd7bimMSgtsqr3S<%;~^g
z!zy=*O%6y)El)b+1^g>BopgJOMBN2vtl?gUj%Cncmd`AQotTaYw@O@>M>upZm4~7k
z3^|T*ycwqBWT5R(wrY8R1L6-T7ewbTTLd(TeNz;18jm^rPj?)>=}|I@vmambT9eHh
zm+1KM>SLcD*PA>pc_1#}RFJCcpo6gun1IKHkNpjU@p|F7-m{Wf$A*?zY4&Y~{+8P*
z4+kWaQZb6nUP<LXMgaT2W4~d3!4!mbtI-#`M7(mxkDOF6iMWy#w2t`RteBER<Y!Rl
zzSOvPnS@!0l&XO_X(P+wGPSor>w2MM53JKx_dC$nDvBFZR}5-G&)2!1b0NnkO?=iL
zR(VgpL`x$gO|SD1Z`&*#eR*;>el~j!BRuXrYpm?yz8gLrPyt>_7`69NV${wp?(heo
zwyFG@)>j3#BQZKyDvhhR&L~j)5mtVKD$fPM{x;oqGKw5=Z&-x@%dLAEl9-=4ww5r#
zcr&KX^y#1$LoVO=PMovvn~=5H3tHJn@qPF`XFD4ZU8Eabr!yI_GK_))!Vec=NwGG4
ze*<@zy$lT^NhvkHs<$zH`|(nYgV(AavTU(hntk0mwV7Vws$hF0Fsfg~7{F7{mxdhY
zL9Fw^kg>&TknP8@+|s6gpEo1_%b>XRY1GZ?d{QU4ZTSUz#EZk1$6c`_8M7PKyNWF@
zD+eBG3MJ)nu6>kQfN%}jL><FSuhWkQSe~sEga4{Z7S{-=NOX7fP#A#N!_yc+@1Qoh
zk)S)%dfGx4b=z}yrcT72UBr$24>1eN@jL9G?}qVu=~U3{><HlMx(xm_USVJwi!)9k
zr!>G&3~ge(`qXAwm^FHyXP~-pNYE6q*+x~%plHyK)=T#maq+VHX`X9$(W#Km@u5oA
zD$FgwhcaGY9w9Arf10oNa9oKzvnA@tUf%u5v|j)5+@Ry{#VFPk+hN!vY=4U3+N9mQ
zjq=F6pDG3n8roD7T6!kdD~T0W9-Zb)AOD?MWJOIQ>jeKO%<izvssd)fn$cF;eMosy
zZFA?exTpBDnxj+v0X79I_rz_Sto!@lv{j0U4Vbn{L46`CyL=oM>;s@7Z(8W@M-_hW
zt!+ziV+dzS_Riq^|92tdWr24gF}_313^~UuAm>B{HJyay29{+_&?EHzvLO;V>Ihgb
zLx`{)Q&?5wxU0j>eR9iCzg3pkU%B`xkSi-mFc$dgc3L1=iRI3lLkxrq2t1{*lj$tR
z#a)v3CW<P)1&K~vbjXfM-yYWPq(J|ty8WMg{ejTbHr;^=Uv-=jvESPvx+zD<!aHKk
z97`zKyJmHkPDc2k7mwR(Kr)Y#p7N)Rl=toi%N#FYyp%qVdgwQW!W>F7s(^tK|Dg^)
zejr(T0?9I(fn1)kKxx68+#JBVR#gr|@$-YZHRY90on(EO0JM{zAJSVU&7by;xS!q^
z2?!p3m_Xr@!--!TA-~aN>hx_}ukz>N@*9XPB99$p@6Nod5N=?PNlST3>hHeiKaVdD
z*D&;OG&l|WWcBI!cwa26N}*$s<mLrssvyh8zDgtwR+$XEND{`M#3Els8h8#p@uyw4
zX}>hJHiksdSa=%>%?;vj7}?l2E@PbwB%!tuiUrDpL!C%USeJt@kFMYw{uHCUYHh~$
zbPekQRO{2Ogu>Y2(~(+o5%i!$xPd3wz@P2S4_JiMO#Dhnx1lsziUlO5ie^cO_bf)H
z2{&{yFbhSB#VX)d0l$&oR^E`hM%qt*h74SJ1GK1Q$zf5$zRp+w++=ri$@`kqA3kob
zY+MrqQ!n1D2BCp4pcTrP-AK@{PQrpoRLLN;fQSfXCNZ2gtD0)Ns7n>MreTa#tzQZ-
zLNjW5uu90lB>E4@Y^b3HP2i$`kj&<X1ns=sDwF@1<6h71!@k2=jCWbpf{ulmd*WVU
z3q2tAdU?az-#*sgI2{Q~Oudxm(4*gh+E}@z7o&Y&6HmfI(>c!))c`e8@lA4d!(jPT
zHhzjg$u&w5i3{nPD+?p?Tt?)QGDrM??Y&Num1$jJMLti5AVpPybHzY~lYLc@76d42
z{~RbqTU!q*5wo7#GbRpK*lEkS)=R|f&tIq2-s^5=2lfe(@jcwUKk$hsmqeF%t2Efl
z5sS>czS}y=a{rsbU7!<{jS%;r8MqPc3+k%dMjzO870L~I7+?GzOVLI4e7Fwj=MWLF
znB|x_4fsv+#8vI!mkUXg^BLci>E_*Qg5f^KhX(e`PJ8a5Mw(b+u=D%6=w1-Pp^I3l
zhN8>BI*ECqq><V}zLlG4RP7ypR5RS0J`u9*u>0wo;DGu>K-^*}IrP>OD36Byu`p({
zvsUb>VLO<gv-9n0Bb~?DWGYd5;K<y!o;gcM%wc@7+ZE!~7XhCY4S4g3&fsD%X{eo&
zOX6yoic7$0r^c#%rLV<i&TB7=3F(=#-g3M#ZdBg<Ch#mFpkBFEz=pW{oRc$wccY#M
z%WWV3oL_!q==Owgp8CuHy~FydR$c!)ILbR6;WKP$=eCjfC}#`WD^3<0O>Hzj8HdEu
zwvSh>qxxTRyF4M@B8+6&+sF+JPY57CC4-$~Pdl3xx$ZCqk5{*I<J}yde1eD?AjN>4
z?v3HONN3}!*}Oq8V=YlQ3uI0i_x*Dg${F~avE_)+Z+6B%{xi?me#CLW)Le;z0vuKB
z*A0!0X@cJ~cpdhC?5@jQoKcOvO+OEmWZ48U>AQ*CO4cj?v`n4p-usc={w2eN4-5C)
znbB?gCp)VHk9qQ#dp|n7%w9B(&z~{n@`PJ|!X^S&{YRoX$-vGE|2xjJStu&T5)aOb
zy(kN~O;EKj;3+Ks)Vx+9^?m0`DeUf_BK6YFfWzPZQKTNs7AsJZc&ysCU$o6;DX)!>
z%g0Y_+W9mHQ@Ns_Xiag)bQKhJ>OL~Lz2>KuxUzZ)DQ#5H=XrDOa@p$05ld`8l{17{
z41c<9c~OfhinE|UcWZ|Y!@j|$AvFebn|=uPl?KQdfum^<TG>mWwhmj?G1G$YRHyq`
zsTsBSw@k5r2Ae{EjnQVioW!Jv(DZG&^buY(1k!zq8#e`%huq8$pchNV7MtWXa0byg
z#gOZ2%fLP_WnFMGY)alah9+Qv{73y3J8RHjN-H2Bxj4-yYl2XLEho!d<{R$*0goI{
zGKCL9E;<6drXpAv@1F(+ZXwa%^$3g@Jc7QS<CwvEp<;ekM7fnni)i?2GRl1nKj5*F
z8Yhe_^T2jM8!I_;pIVBtN%)^a$B$UL1xB>j2!ZbU7$ww4VeanO2;<@sR%_8pRfO^r
zh0&aEDM~Mq3fy<*ZZfD>hBIb@Rx&~<D3C;AfVGa#Kv!L2%^D7cMm7aDx>`lI&)t9<
zD`$fK$8XH2C<Sfc(0}-i*^dm$et9E0WZb9zvxm<eC7(4*KIWCYJ{r0Mc+eOqKRUYm
z$gaoDXh<V$XEYO`Fdy=zA``*u-Qxq&$dCl=YvdrUKKr=vJY$lN$^)vSsiCNR`${y&
z@ifN(0@->d%YXJKfjXVn25$Ms{v`ZLz@0NSbD1cyZ+7w6Sk2Tk-ow@jcPI{CaA&V_
zV%6pdH-Er{4W@gw!}b8;2$sPWVxr(C#tjX$j6%2AJt?{A+6F5binx?ymfcvoNAyq`
zIOaEgyO;noqOyI@tngJKY;%|>#w+x20<wDLS*6pXE~d3#?M0m6q<@8?!~5a(cB*sV
zKD`urpMuu_5C9E96a2XYngZ)}V6On^U=&n1av>(C3Occ5C<>J&W`@gb8V2wP)1~5C
zRw<7sY*ZOprhns(2O3b>3Na~sjp=|6!~y~oE7FJ~?h^I!s&O@~zp6EUIo*qvT-#<<
z<40_}^7m7HZ@|lT=jUx3TQiYek)Ekv=MOd1x#^46ofkX^Q%EY8b`p(nX2h>0zNcVK
zD9Wc(nOax&-i@c<x3|~(g!Yflw=TI7RE%vq)W=4QA3~BVMNn45r3^_`h&6LvKc5Sj
z%5Lcn%Oc<=_w>F1y0P9W;C1TbV4&2tettk1fwK$~eJ=}cIvE@mJ+nahw92bn4EYVB
z@Fyd>GaCuO#>FjuG#T9f<@2&5)4SKboBNioccJl~%dGEx(JJ;#eyEj4#L0e{Of(^h
zhn8VUZPXo@lJ+;GhY<WPpl`X9Wq&US(0)gxLaK5j3-O*;M0XeFU0TAO($V(D@#HFF
z2XaXN$#45F-(9#)%2&dBTeOcFMmo*C+|ps^6p*_Z8eky!{>TA@ZxiR*bwKJRy=8vW
zrtU%axY+B+#kHnc<ipPK4Y2ud<JoiX;8f#%!wKPC5T#9t#Ah*Lu^%*Qs;OBcYRu*&
z^jxDRs_<9yQ+<bbFab1grpGJrUKOD2OQS-np6oXS6|<h5E@|Q#_~k{ZGnEmHPu1w&
z&a#mLJzCSqdHdaC-6D(#t%|66%Qy|z-+f;%aDz{UJ>R9p1ZkyyHUiidUbG3A^-8i-
z74Z&j>a2}pO;d-oJA;_M{WC>j)K7&i;NSk3qOjk080XA=)^z3{dk+<!zbdRzng-i{
zHZ0IuP_n$VtPsi@Z3d_BZUW>nQ+k<t`SnTrLi*?5%Q^-jdik!}rUd5pbnY}7pg_C^
zSit8}lp_uh=KY@x6)gZ0x246v4rtms>1xiMiqVMe8(eYO|5TH9XYHS&(kLifB0gkj
zNn|RldvoI5h${i8C{@mHt?1`m(d4y}g8=ZF-?z(-yPoV^PF^wXcAIF&7$8LuqtWp5
zhQb549sjgi!4INN2p9a=L7@Esx2>gf(MQXRQQKm(uvcxvP;`3N-t4?UvalGSxo~J$
zwh&R;!t!;KGq%FVt+?kG+<!i_?n_r-dZ|tKI1relJSIqc_<}mSxXlE!FLn#$#|kqW
z`5vVL^>>~Gv;3KaFUC)H?iyC|h!q4!C+^C0OJ)OgVOLM5V37+7zc;=JGns?_*|)lv
z>&o~T#FZYtW)-e?X`cs!p~`F8HmR)Ua9k}KUT_fi;Y2WN6UOnw8yN6DtXl!J?LMfG
z7W9HB;vR6H{yNihCS*J^mNmY>W9*0pG~Q`XL0y($RpuIXpFkIVeiguSz<wIc6g#@m
z+#Z+Vz*2!xMNIf_6{y((fQhaapi=sRm+{f*W6=J;8`3AK-`QvA_i%td&9O(YCAj6p
zDzgRzyez$cG9JC@;?idR7){<(TW9j>>jDKkKWntWBV5V>c1|>(Kilj&|K9#y=6qD~
z;MJ--ABy%~?A+|i$<4#EnY*&1sM?FC^{3qSdtIv!A*UFf%T<WialLNyPYFM}zZrc-
zKI}YNfg_)C86?gOI0+t<pYKq^!{{s<H~T$)AE7?pxJrMS?D{)%=4(d}&ZMW|u4*aq
z1V_a3>^B?Ir30vhxDOd>KJD3k?#75oksKTgOCjYV_l7G6wpxfLSAl|fE=xfj&#sJ7
z5JT*QGcR_+(si3w7azx;rL1^+rp;Hr6paljEL&&@^YEoWY8`40is70WIb{8M>6n%8
zR6n0CjYtMi-}1_pk9C=_Jn7$lsP`fBfkn#D00&h=hbRZAzyI@t22Mj2%^=Z5F<~2g
z^S+`K@`~5k-#pRV3!{`KVQdqxT-vw`=D*_G!l5IGhHB%xav;#Dy@?FObZ@%hwvW}O
zo0P6i^7{3xPN)0lpVO~?VBOf5L*BIZ4-}=QE}Csnoe}gCVW86zWPllKyq4Tfda%@j
zn9IYvs$K72YHw_GZ8m2+PSw{}KASZ1$#r8$oh7l~n>2ate*!kkURWL;a_0gi>!ul?
zQA94REhD@(7f2x@R%9zGf+;L-C!Ce}S=sqcIQgaTI0TwKE&F#MxDfcwuqnCBj4QAu
zG<E~pHQi_ID8t;JAju9oT3Ur+t>Rc}F7R*>fUU>1zS!=(k&hSJhtQ4>rWMKk_uH(k
zB6fD+?qrKkoQ}$$jCaHx*r6sqVh@`kfe?hp<sm#4nAxiqMHY|XmNJ4S6)5I$=g2zC
zT}M>2;1LKHf-`J4efuVj8W6dbdxUd_qzcV-;~W@L;t+2#+uI!Lsb8Lk(n3-vT~Ng+
zG+~m-zd6m=x2f3486fgH)D<iO0`~9@CJ5e!m<Aeg`M|m4T~L`Gd3@qz9!o_&(YTpm
z<k8UD8WIh?9ra*gp(^)p88#k&k+apwYgkQaW}SRo!y8ylxz)xd{;uZU)VM?kXq|v(
z^fhAk8CnfuUy`3w-xbgGp8O4UuRAC`23Z9lwBbUe;>SP7Uw>^E|A4>xZbmHgD7eww
zhK!>XpXPbi26A7!^&=T<9coeCw;@Z4$6B?`Mr`xEv^zR9O{Ana%C=e%$ReYNWjhN$
z87>C;il2Qp&qFrq1};O=lC8~#JSNSn2w^GD=R4}B5;gJqeWY~7-yU>-oXpKstzorK
z=j`yU(JkOQHljN(&!3aGW%FK6i->x}JWD4#vLQ(yVGYj+Qq?%dSV544X4cZ>#f%2p
z3nayS>@X@F6UGS2MR}x4FN|FVz7rq=t21J6VUb7y0V5940#YNQCX6!#zeqgl=eNRF
z+24*c5r)2%#$1-`o~rouV9|Q!MsFk68nD?z7Wuq2$5V4!t?fgBD8L@a`ZYg-+a0>l
zK62}TJYj%K@&h9>n;eZPg;AF+4Aw)pyRO;*|E3h3mk-6GYp|0z)z^Px>%mCqwSasT
zQFE|i_Op3!Mwa(0#0-4&bMf+MO#Jl?qL0T@a%YEMp_AiwzRenSydxsoIRZmfV>)!d
z-B5$!p+iefexd^0pk$?*Fmp!0r4L>&HX_4x{xx9ZnfsR|r_U7|S%{}G@z^`DojTDZ
zVBh27a;kR|)MW(#&{T|TRWaoncBC9hgugh97wnSoTZ55A&>X%KTpQSo*+$UL>RGxR
zC9^$mriARc+KCCeS<+>1UxxS+jpz}oK_s|<TWh`RuBv_yVLSOtvNHEwp)JBsA4RHa
z{N-P4T@0hv+4!@8!Ov^kzCxY&46RvNYi(_N>+dL!2$pQ)tJTev@<%PRd;+cWPPS2v
zQBvusq@SopRLGS4!Ul6qgyBz8V^p;q^hT<yPe{|kE102!QvM=2t*_t{T72a@=GerH
zXek>oR80i&J5WFSp&mP|ue=sW{&6xUxMxD4w9SEyW;SGVLjiFzko)>bZufce_RV~Y
zF}<mj;6&OaGSQ*<D*gqvbY*nI8XA4zkw##n;hzT9EUg_ys`*@UpfDN!XFF+qQLbn_
zmA-a=M#Q&)!c?8e`efx<#G7)LdXnw0i3GQh<>&5BJH1xSmvK3)eI?&ijv&q%1h!IE
zyF-xvZI5k;vsmG$7=ACD^exsf`&drkq|p5-lOx3#Qnn&>Jhv~el~B=h2&L(mC^<N)
zy>79g7P@_8xmaEa>f0OwQ%%s!Dt)<ub3kOZ$w1XSX@6ENk(&BV5I6Px_g?+IxBaOY
zp@!b!jiqS{1tQN^qA0j{hCM6+h2UYy%HN=-DF{Dbx;;)}>SXR)JvVd$U0D^i$W7D0
z%K<Q*lh)bf_C-4+_8Gt?9&x0Hq*Ts9Z&o5MFCpFu;w+}-u(D?}jjoBXLqZx&7)6`5
z-d(9GaEn4@a=U%n;E(@ZtgZQ!GMcZR_Xo+Z^GX$rm9*wq9r|b`O~~PfDM1BI3$g$r
z1?5|%BJd+NFuHUhkg1aE&BbUX?8WMQec66B&|DRa|Is3-DJiI~-v|jUmn{(oSp;1%
zGU}<VE&ra^F=H*3sk8g<CA<mtt~lcmr>|6zV*FS)VYFX^{-|3$JBMvnsP--}rv}W9
z$W(zjb?99~6KT<NLapeu4p~pt)R_DAkc!n6w6yWMQk0BLnbQHPkErq8Tux1i^u&Fj
z)%y)pK*q|V_nh}Re=3<=zA<e)FPd6e2LD<g&2-)5n248o5{xwv@=<2Y=-OjOWMjy{
zbH@D3hDN1>2`>*}#?tIok0B}|LXHl5gVwF9zq+1+IB+E^FP>br+-T=`B%6)nhydp|
zh_c?xmlEaEqY~`byYV|SH?0`gy0eXpm$Z6(C7su9o;#;{Srg&gPi8l_J!oLR3F&p@
zgWBeP-@0Lqw|VdR==BQ7ujJtzYps|HP<yM_Gkshsohwb9C>b97V(YO!n%+@ENjP;@
z9FMqr+gRMVv$G`cP;#QG-0rzwnwsj?Z(`@O4jKavekjxVvhskS2G>#N>>v=|xmaET
zCLfnl=-fp-8CFFBC)GD17*0jwO2<O0`kAJo-(E#)?NxAWVVk65lbsMd5~>dTQ9LZ(
zD$V=M@VCyPSH{__>Q59Mi<Dsea=#Vj`>6O=Q#V9#Svlf9?+sA%XA53E^EkbH*?aC}
zazgD~Y}&Gqy^D#rOk$c)W(TX<ND1=B84)ZnMbeHpPYJKc#f6kre05@JfhWiY2l}8)
zg*04*E%^INfL}}dsyI7HhwVovmzSz4h<4v{&)rE8SWF5Qt3I+^JoNUrUJFJm7pXi<
zz)xjTD}Up2ByApW&tSQ-ADO14Qcf*YR2k<C*s_h;rZy&FfWb)cUXw`m{blPSvYtTw
zpYu$^vJ_3dpUaUgmBzpw%7Cx_wyYGDL9Ke?s+^`#dIA#1dx?#zVsazBeFjkp+n(H&
z;=B?eCw*G6-{0O`yLr4kp#v#E=6$#t<kdVhSgH&t+;fOMmCeknNW~qV(c*MI2x+Q^
zvSF1w5H+baQbfLwoHHB|)d-=JdCGxu#Y?KcsxB*?x1`Tl5-r3_PExZlsz7es*AG}K
zpvf)Ymb6jYUOC8+({^js4?8~i0Suw}*zk2wt}0BsJaBTk<Kvvpr<Ea_mnBO^xp1J&
z*`Lg7()cGV@9{X0-eU(F_T(!BmeU#UrBA<@kVI)9h5np0;f`Q6sSXhdF8S8=zY%kg
zP4@IbS%4$LZG~bhZ3pvterlUP)l%#6ESkN`;AMZ0v?oMNI0#c}o=0F`1oLBH?CaJ6
zat6&M=`T_+SxlJNu{>7@4-{xuGSeV9S`5h2lHL+1>BEP|exNl%Ax!1|1=a5%sG^Ii
z_fv|A3Iz6j`y~!O7>Lzg9G5IisT_Ab*Xc_YCBbc(+0i^(2ZM{<Y?Aej7Q{R_CWs!u
zFPhB*7|gF+^F1i;R7=7dJ>5WCeIAG@tC{mko0E)+`MFxb?f0TQW%dLov71G-fp9E?
zwBMSDwns!MNWGjYkF1SUy(%~2MS&g#NPjFfDJfF4I0y;5+R;(2nF-*u2$udEw*-*>
z9P5Oz5LXp;`yR`lKhiz1w%guJcC%~N{<28Pj2)Rb*`D++hl=rF+T}^tx;prMmGO9c
z6JOh+4P}O4zE;T6aH`<n@iXl}#^vpJka^X0D9IVSrC5|MC<sI_f_>|t&Zo$|Q!q-O
ztiqx%bpGj~7<qDAKVUbHCiiGd(n)c9kHI>_w{j8#4B~)7cM+3XK>mTXwb^bq!iv_C
z!F(3hdK~DScX~7#Nf*Y%s`dDPogo#n8syGo(1e21_R$%e9!p3i&M?cP{P`!?M2x0{
z&7VJMK8~>)wLgBY)>9!*XvVW(1pG3Deri~#$2|r}+o&CH-gd~3dtwKqvgtl;G`l}N
zdDnkVNS)B@;;|SiE&WyNB(`T8bB#6;bT_%tBisK$eqCq2^zxY1{8{#6-D8Rr_5{|A
z=~y@$d`cw9@Mc#PVBY<qvUL7{Is;bZ6>s~~%H5%`u$A3Giit>BBul=o;WQizN&Xz~
z58dx0kMDDz=nM^Q-SvK2rcF_1rUYApnWc55BEE7=zJ+W*#uV1DQJV7plDV2x2AC;Q
z9a$E5bv$e`JoJPo0XX!p2XwK9N7>GlaO)zWw^)2Ck|<*h2MIwH+7w3uE`$bB;`sw@
zjb52Wyyy3jAWF=wZdKQn^!5Y$73(0rF9%!H#liLk4j|?<kk(^BAqRJtW^@h0i{v2Y
z>XQqH`jabyOp#<UE0*}_ps86<OqHLbKFC@7<|F=7W(x8>k`Aa>4$!DJp#&7RSE!TA
z7r#zWc`osH^@ARwOsq#Z6vwahewQtoC|Wv1hp1|s3d6bd?=70V0ko-gb#u6a9$&|}
z>QCnKKkv08We444-ecPY-4`d8xCvP7mTreO`c5Q)m~(@?;vlPcKlEKODM)x!iJ3Eb
zTpD<Xei!!7z(O%P?D7M0L)|knQEuvtD8V<8On%)9UBht#Q-$8<lHm5Ifu!{)#Hp&k
z@v?O~8+u$rMx^@Cs%SUs=gzRm!Ih8jH#dQf;syhoJY$rtF6=0eHlF?dK)5Vt^(9j-
z=X#mZ_N9}uXgY628U@3Uh@{*1hcD~`Ic*+^i8p?csYZzJr+Kfh`PgqF+Bif`L)HNu
z2a3q^IMfU%qWWHxw!oR_ilZth9DLFsP}}c32jg{}op;;jIS}buE<7e1!OGYw+7p5S
zeyk~e4ZsXVy>-(-+&2LG{d+Sk_pt5>%uUmR;5=16V^y-aY5>s_su3aH*uO<TM0Q24
z;TS*waX=`+6hL!R1~b_z(u0wi)qet$(VIiyckMfY2eFv)C%o}<#Cktr2nH5nc<qLL
zq*uD2$z=?ljC|oXHbt{m?Pl5tHes0amQs?7<B8kBBLn~fYXeC`gc2X5M!w#d+V$Ck
zZCdwLwq2+(eF=Cj@X$fj)H!`ujbG{lx{d}uLo_Wofdu|K9(<q(+Is{=FfdU=7Z>dE
zqB4H5d%AcQm6wDX*{OFJQ^ycJ#4v9jn)y3a9#rLfMTJBK2!}wb5{GO9ULVHGq$xoA
z@qHM^7I%<Od*IC1=i{fJmFc>zS7TyZmbYr7^xrWLg7SOu_2w$CsYoQ*cdNdht*~#n
zR9G!0tWY)wh_+=?%2f&UmOuD;zB`aNry=bsja<`I5%*QbelKSV29}77u1H6d#lkQ1
zdB7B<nr<sbgO))wW&%*#P&@@=M+5rCGml((EdHMruvN%yXBdB;$Vw0d&~WfG!Lm|d
zop$HSRB1<i{4!^xOp*b}$qIGv#Rdre2_wol>`HnhKiDEEh>g+e7x0>~NP=(1%(9>w
zLgl#Qi5C)vbv1f`hR`Uy<(jypB_vG{DnhElSGrLO;HoFp?|)fOBPv!E-GoHH=hFgZ
z|M5#^R_Y3%dqETp?Q%5GJq!&XF0s!ThW^G3j2UnsDJdgOSP_Ke5@JKciC|I~xy*IC
zgoV|>>Bef~)TNM%6Eid5?HoY<TUjO!C0;D*I{Oeb0Huf11Q%&jVH;t<ZwHZb+vCO8
zQ6*d1`#SsyL(RgrLXXR<D@?t_+*l7f)9-aSE_a|){2d<q95Fk8Y@t^M&`n2!s}fx(
zsdA>5VV9hvbIP`UKA%GjgQxL8nY%c=oE}u9P(<q&8u#~?8E`|ZD_=vGL1jS6!my8&
zg%QC+c_X>_TPA<ep3j0LD&#7jc7dWL4rY}c{OE3+k>$yXbRn_&U0VwJe4SI7XMj68
z;+hDWFO)Y!-CIbIQYGSft&1f~`;z|gWb1X3aY&R>!Wm@H&~aqJkAta_8krE5AnFBi
zVc#;CbH&R@Lcu0U9-2phZ~aq(Drp>98-$dws&Mm2ELrY|*J8IVn13zIec9mZc4_D3
z!D#&0RhiB((8ud{>O*TV+>!M+w24FpZ<4CC+UIj^l79O9r_O>C6&(mhdal1}+IW*G
zS15Wpy<<9gkV7pf9{P=@+2B2*@jyI@iDm}*STu}4n7^>J1z}eRCsBa(e~Evt3D{8J
z+&hyJ=@Nwvs3C=IS;(gkFCSlAPPV;Ty)Lg?&1N1~vavoLf*PA;p9XVMitrPx@*rj^
zV*d>w!SE8HMcOXNzoR-5`F8(OckW;@0N<j&i6@fVke#*9Sild+r~JoZDah_9dZ2u{
zG`V=2p;<s2+%)6c@VEayfy8`zKUQl&>!nWf{ksRz2aaB9j#f9jvp~yXt_#ip%1<7D
zmWzmx70Bs|g0dFI=!zqrXM&9gGC*wJ9J3#Z?u|5|q%ZobF<TGT{tWCt?0p<#1(EOh
z>`Mvs-fno^z<g%k1|!>G==Z|IuHFfIPa#Cv_`MFHhzhSyI}_8l($;-m`!Qcr7R-+G
zoqD&0(5#a-?V+Nk)}@BlOdOo<FhbSculF*bYAaPVw&Y@k@->wl+NSLe#dYau=W@Jk
z$JY?zp1nU**@FY1YF1M?3iZH!N=%wjs^RmkZWU+DMmui&o{=VRS5hmX?OP~3F?3Nk
zoIZw5u@ei;*$GJZD!^cb)0p5nRAWkEu?R$sC?o`B5NjR?XH>qy7IigxFYOG+2_EQ(
zJS19zX^MHj$fh#=3e!2njax^gY$PG{n3~wK@VU4^++lIp&Xo6YyC^#_X&h=W4JGAJ
zp`FAYO>Gfc`okSHb_W!FrRgy_Hq&R0Nvehe2hw)zJ~Aj2u3ehj5B725rV6kRmENJs
z9B&#lDo1uk)eC3=YA|wJa#>-U|2RVK%04JCYWUKAB@>O-l-jhJe>sUC1$cE#!>i*;
zHn;_7@cc33T)RZ(3=n_P#Y%*p<`kq|BVqptDHU5XQ<OTY377$~IA&z>IMrGJYiA0$
zP}tb69RtLh8u8dRjCwxXF$2{YfVYnY_{Ho;BgkSWD99LCp7vn&g;)4pe2WdKOu=Ng
zBKE=W+q4o^+JJ^XS#alCd1S1WH?c-4$;N%2Is`{MO=oC~sb&n5K%!qc4B@QMk$1Ny
z_M4;lJsO$_UDZ7TbQIq9CZ;70r!!Tc_bDRg7n5GCsGu~YCxsoj7&Xuc0}Aqdb2XfG
z%zvQ?GckZQY=-9ll{vx>4ucO1k+fTM02G3wK9MD}J1u0HiWB$E>g2xmNLayjLg0$1
z3S$LXff}I!em&Il4^^~AR}vOoVJ59mHx4<scD5h3gNig(qS5ZxKj^-=Yp{L?OPi4>
zmgoPCJVW)Zb$wzQZV^~nz|%FMX=oaf#K6pyUge)EhhfnWR$%Z)?^RHtqYIFxFodFo
zQp2>*Ao>R)%&$-=-thi`fIx>>QX%0)9)wA68-gty3<LvLh%)o9&vRx=7`3O~eU|KG
zz5W-Vp<nFe0xe-q@Xh7GUgM{gZZ6~~N0N*+QA<5_)}e{`P!c2FN-wp(8UvQHf}xF2
z*ewWa;0tfS*~mnu?5XMwQ%KzMx<(kfG31CQr4mkju$Fw}`30zq|Gk$r!2f%fb5V$I
zf9y7rrx*WKuFjAMU(Q}|*ATAQy?*LX`P#I3;^YgphghkNa019=3JF>C%*j#3`ZY7a
zN5;jd{pY=x@dvTt-_%+2JM_oeoB>;jv?MN%Fpf%dBX@w*#Y4>AE?X|Cljm7SR58ZU
z$^bF^!EdZj<C)O#e|;P-B^#%o;o}@uE9?9D9}9iyk|LdOKgkSCGpNlm4F^QiC}c%z
z^h2f3$^{`BIc5Cc_;iAxhU^iC4q6p@-%27Skj9*QPoQyW=gVzjMO#~i_!HYNxh8(R
z)jA$rO39MJ?8Ev@Xp~nbO#}XcQ!d8NpQtqGtS&E!u8f4eC@6hWRKp?ZPLukPq{MTp
zgkTUF<=@iALW$Prh$Mka1GX|IQ)%vvC9Mfg7^G>k!5ta}Jao!A$8orqxy?1KNL$&G
zXRwC&INeyff8sz&903C?AfyZ>i+^N+ZMXI+-U&E3P2YsfEiUS<z{#9D9_2xtb^q|?
zT<>F+dYa7sZdD%LHVnmd?RjvSm}(-2Ud`O@6yd{eiJT#AKN2a7L0x-A+Re!WHw~8(
zv5sKAO`{RK#oVzvk2ldO9sjVixD01h(wTWKIiAFy-|Rr>!vZfs^`J1$0cO0?q-qJO
zr4-F#=otOw<uDH{w1YqXEfN}v^jn}lD19ysF{nSOws2zl+zQ{LtjiY~64AN^D?0#I
z!zGSm4Wx!B+PJhPC|zCFPFawzk}7;8AW^+k*CEQ0LM7tI`+8Or{||rYAYwfRdXN}Z
zPLRSdZNiKNLv|>2@>Uj%t_+qPHZeA(Unvpss5zDsA@yIR+Akgh-3eg=^wnBpu`IbG
z_>+T(P0;hEbMB|arx(#nMF%fsJhI}3;F|=Ut6w(*p=Z#hc_v(;U!&CafK76|K^acJ
zWD`Z4q&jZ1-*l?VZ3<7xNcP<TZa;0v+Eo4dVTq_s^8arsdOcNs$qI=vEB0G5B@Qu^
zUNbbERyT+2w?*u@)LmF*{N~d?@I1&e6_=HLT5M;{Jp&ynRq7N7xr{0QCLYL9nOMU+
zq#!)h`Kg5J7Q-V=V^}wvp@pe2baKL)lLsx=tObZYHK=c3`uzinXML_q4hSYfE(c1L
zW_yhM;jRiF{ZrrJIaGi^<8ldO4<dR7|M@h3RG3y1Yvf;fKCCf?$68(IqSV`AQ+Q+5
zF3NB6^JK@U77f^YBSSdTna|fkBjmpcQ~5!Z6pOqCA`&Rgg%B$+BSHXPIU4~cNiZvm
zi*|;Zvk~k8_1=NdR%CL{pOVlIOyEWdW8@{{Jng*IlFyKLsSl5woj2&wudgeeciwHr
z?{@2nHPgBJDgaGBG5Q?$IgR|?(PYYy$Er*1%K8^oULvdMRr<SfgzR7hPhO2nfW13m
zj!m9x-PHv3v&m$R6$|C|i*&T<Vo1u~c;TQZ&HxXYydHB+G&H!VU`$Qq!qThqEyf}v
z?Y+0GDE>P$iCx}jBu*7_lRZ08yAlV&d$LbfwNY;Q@z6aaB^>%&+3uDt`ZVn8VmIA`
zq%Kc-159vgr<=&t2Paq64zP#C;}cHjy80Kc_UJS`2_L@93&G$2aPL-W7Gngse|ga6
zk`7cH)+#}{$MvPl-?_HuJfm!FbqOkPh_KTNy`Mf)*pr3L{UaWBw2f~Hfm6cBVzA@V
z*!PO#o&vtwXB#Pn-E?NyRROgK;8kYVb<N0fu>bb*CMCWpIKgX$0s=3aN$EusL9<u+
zY$&vGmMfQgjt8s}tNeF;w2vENbTRQ(4xr1Ic{$}o*}-x3Bqr#P{|D(hQAJ;m5J9J&
z@+}J;=_a9EGfxaiOBXG%G5H7*Kp9yC%>#{mASw6%hjbpQF6a-S6}NAO?!{~qEEb*f
z%QX9~lr9Movf(ijiu-W1Bp)~(6iFX}b*(UkUFo&mJt?2o;IhX*eS5qc@K|!WsW>p$
zuKY%67;cvqV!5Bn_cDaN_cxGfwacM|vHyacBCAG;EH9l+&Re?Hf-=L}UuqCG>4t@#
zn5}wUpA9u=@-G6{C6%RUfuI0-;FeM3_}r1N4watY<8$PDf1IUnD#gT}SG1`M*x4<8
z)_8wE3dv`O_r;?6v(4`Os(hNm0o|803Wp+#@7I4SdvqB^VRmU0B%jiJFNosBdi;r0
z9b1_cC&EYK#H6~x86T&2uOoa(GX7tE#r*51v^^X)U<|iUCy^FR!!c}jdGfBL?QYV>
zghA3iPtS=nslZ$n;Dfqydfbwo`t)c&)S5@B<72J<;BhCCkDB|K7yk6yHgBO6c_+kd
z>3HS3G`69gweeVFs<g&*)$uz2qv{O?3dZ$Sqc-2kqx?lEKYgQxOe1o<6fv6c(bv^a
zqFySyN5^9WImdr0uPdCmsOwg;qSee6DPpCPG8lb!lj_J2vS^AuBQ23`eZ~Tjfy=;`
z-a;6PYl0eP<oBPuoZ(l5KYE{h6mDz$Qv29uS>DL`Xs77q5}^;a4~Ly_WJYP}3fVhR
zt6O1Gx;o^7h+kB@xZh8AWYf6h<m36|PTueGWZBl?_M+7#^YCISl9x1Bd${F37pi)L
zBi?Xy3k4BvV7EYzg1st_<8>f;1ML3KDjo1z%aA}R951dESQ;+wSolyFZdcWal9cpd
z>{>-Hf4BeLGrbv_M#4lfb|BBlV#GYMn8idh=AC#Jg(C6eH-w{79@31Fe*uwWbV)`i
zn0D5u6WD{g^am2&JxE3G72Bf~3L2{1WxZTlg-)TNOqCJCD^#=Ghx&s-^=NL`)bl+%
z7edK}7S*)nG|nOs_T3EjOey?Vf3Af}=}eL_9R{ToBC#-rxEZQy2-AGftL2<z+D*eg
z#|Bw(<lQ5M|BryDLV+&>wuZf1a`;=bL;Zc8`cFvm=6Raqc=%QV!RGB|M!o4<D(P|I
zG2kBDGjELM-)nLd-mjX0u2GS(E2DIn1@v;O)J-%Gr_TMgigY`@LCFss$Zc|ChqAY+
z2F@{wk>-m1EPBAUOP5k#HSv?L>jsf04&T^0EM2@!PE=3kQj|kiA$$2Frk}{Jd$A0o
z2Fi-{k{TdeYd<kX_@qO!`MSjna+HNU5{(csUN9vDfiJB&biZTY0N^@yNc|x_QOe$|
z5g*}Bp@QF>$9w|vHRx~X<su|qu#&Ljw^s|Lkp)9l1q=Hy8VJ3wP8YVx37ucC^($+f
zu7`{8Kan_Dwz~G+^?~)Bt1Rg%WzV>%2)PePOs{#h>pv+{n%qD8*xWY<JZ8UCd2_^!
zmrp8{HIiT6%k9?VN|raPBU-J2_4C=4F}ZKCR#_fs+4xBZ!8>{V?vq>H_-P|>!<DV!
zL-?@ntUZ%hd9_<CPy3M~J0PD!8y!L1xhu8^|0ss7Ori>{{h}YUhHvLt!Fs7jit!Wg
z1yS~?aqA60&3Tds-2g$%*1+<!oYT9?%EJ$od}<D@hhbptQu$faPSq^s5I<+W9y#6|
zodn7a<?AiO_ixuQjala|3L~Uq%s>gL&)46eU}VT#T@yzM^<)blIA*lCpNf5W2=F#O
zFKb#Y-x^gv_=<<IgpeKFxD@VOJO_TI{fVf#DcmQ<CB;oWqcEGl_@Pk*mI9`1q{94b
zZLvUKJeADT$fW4Pd@7E}pA^qHp-_5iRl2n2J&&H_Xt)_T<;~@4>zsR55$h_;Ery1A
z1MZ>Lj(o_?r?7+KIC21GTc}B5tz<zgj%;a3R*+%036Uo<nHUP`p(}Hg!J8A2QXwSP
zU{00X3sZdZzdurZBEdMaQlYeDqP`7mT(Gqz&JmJa`DRIUIiJnIhu8UAuOz1?sa8p-
zVmDVBy;G&HMO}nGb6h9LZzQtm2sIfiB&Q@P>!N`bBIwnyZBYxqHg<a6ol9TAw0aTO
zS9NyLpZU1odOz)Mua0)U+)h3JXqdj6%3c4^i$bTmgZZ<nH=(drt(S@Y!mw0s0VOF2
zhlEn`U@63qc|z%J)?tPcbgHsUg7P1Zz^@kIWza-tQHFN+4U-6jyP%9YA1V+F4`e_h
zX>l`gpQ7~&=Lp80z@qO9ci5dl?MxrQA^3Z@pu~kT7qD^7q{dG4GkWt@dbwV>^EF;G
zl`BTY`(`gk#_GBdTp#W>zVuP(16m9_BDDe8f;J-^adg_ACL`}eaEk-j&XS|gc+7HM
z|7JESF|97U{lOhD%2)#YURK^(m%&1XcLyEIILoHn%*?@(;Ot20%#Y4vgHKH7A3GKF
z(?sP}1)7^oVg#mdS~Tj#Zro?4Ydz`I9Uf^<Bp}Lp3zS3$&Nx-Xy<B%U0$Ejp|HyTY
zQz*gPCS$K^&e-x~FzqVSJ%T6j@OJ-<z`EPtcb=w+MEe#yB3~9ff+-@Uq%4qJC=J~L
z>Sk+^xB)9<{>^ogX+#n=q!5*7;n6XaOcKzA`p?I#c`|!s+=_W7W$D=<%>bPcf$l0N
zn`^zi?(aE$2s|^5>*@zgiMf&+$BE8~J)FfXV8Qq)BL6dURAoO{i`w|wV;dFrWlv<8
zcZw;1&@AyFxbPq-7q#I5T4L^P;68a$CwdA;YQ7)xnA7GrsESAzsESst`iR5PM2!vn
z@|{|xl}@_#`rM{zC;rclP4#+W7w2-StL+5gogE%@4IleeipOD^lbq{}0l0~uySAUd
zC0^ZF7PTkpPfMN&@h5$Gm{i#Bq~4@aK1$JGy;I%2YBfc?kri<%*N?%a`H)ECQ@5Tf
z8xnZ@iN4xzTWHVdvbHdFvy8g;_G6E1u6~Bf58+j#nw1Kx{p^+a>^)y(UiZunkS6R|
zAD`Hm%(V*l9(o<b`?_a5cNfXs<e=49J(Lpy>(8o$L%Uh9f)jSSk-g5p>(*MZLJp1a
zDkGqq7)AmkH@+E=$f|}+)Fqg*K&23>i6x@-k0Dxmyz5!#{*Nlzpan^r7&=&VzDRjp
zzY|641NnYubdBKE#9FOyKE(r>{!|HR*T&)Vd<<D_+gVy2#PjZbW#Y<+#t5-dsoHU8
zM*{>V{gVY{_{qa@rjB*r<}smv<5_mU@e=&YonExMgb&lMM@7KwO}zZJQ_gzSQUAmc
z!K)IzqRczP?I##0I9m&bNVp=%FG$z?L8vv7Oy38<LK$I?Z9qveVQyyNzwIF3diE{!
ztM42!lun*F<`L~&z@iwGRyLyGD1Ya#GEmTqcrcs6nyAz(W$=+?;=oJxtg(?;*yoHu
z5R0jI!E4T6be+(e7{Y%Yy+SOZ!{EzBH5|vid{IYH`!gc@9=F{0V@F%O;|S<)jA7FH
zX1qq=(JTW~Oon2aP!#bjl|BBH$PO|_k@;S4;i=I&@*<`__Hk<ge{0b4cYeUU?Y*=I
zSM>?u*RWlP#HailTBjwEYc;Rc5*$4df#ub5D8{*bYk0D*YwsyFyVXX-h_l?A67Q1b
zk3MN)j_A6Mt+R8Cm0t+TVeyGz_jIr5y8s)H<EuWGz9&h`v>t+8r9ubz*|1O((?qZ9
z00ohQ#~C(L@yDS<ZGuZNFQ+moADC9{7gd9lEs}~W;FT+bVy2OU&wJZGQIwcA@HDkN
zi@QG(Cx<Z-FFdK&t|ItI66-x>g(XeMy>j|8cYLy%c<OEK-PO=$w-@dH$Ti0);`6tv
z0*~+nJT!*`a*t}Sm_$N_rM@0x-$|qKKAF`_v44t%dTLA}Dan2h@xKCGW(x(jkk4>p
zZl}ya9kA#a+7wK4T@;LtqY?Q7w%<yF%0}XJ=pbRrT|PsY?>tf&#oP||^<;<~@MK7a
z5m|(?9J$Pk(yg<S7<52C?tm(lxo{wLnQM|b3zWg}z(E2SWa&RUrzVY|X=aghmhy5b
z)&W!U(t5VyfV<LY|G6+7OaxhiGEdFbrTV0Fc&IeK^lrTksp06kxt5{t5qd(vy9)g(
z?uGn><E0YQ^nMP+iB|1oDGCS0g!Ya|z3L&z;L}jG4t?sL0UhA9??Kt;?9jvD_;f}e
zz`Et>@2Ec=;=#bi>8SrIC3tw(`!X<z1{9D57MTXPSr4q_x)gM~?E<(0s5&~|Z32%^
zU9t54Y!IH*gtnQb7C7ze?`y$Uiv8a00n}MHFDWw`^5au3Oi=Vo?P>k(NM9a=OV?Kg
zCiHt4D&~6@q!?45*3U><<Ly8qEPrxQa-sfpD9$KZaJ1buC4oJ8!D5QQJG<}_pAle-
zI!r8Z%<M|h@x*F)pa=8*Nll8B4k$H@KT@Ma24|*>o#biP5?MHyqSQERf>fI=+v2;d
z*RE-u%2#9WE>rJWgLgq(cS4y-aU^gkivOF-5c6)U`cDZ%3&AFuDw;}RFr_RpSDJm1
zEm^=vwRBJ~YsQy7J|gI`Abwl*@9&`)(v`BXzzA(wB+8-+SgxpB_*KNL1Np@+ri0=a
z8HO4IXu(<k(|dCNupGIs+y%-r0iC%e%?#2u#~w(~6Ud76{JU)CQBbc@qFgUm9@uUu
zia#mMQx9Vql|e@&=O)Qe$`H-4ioWWEi4uf`X=ea)Hy6p<4D1&}Nu?{tkpIlU0&{zV
z+fgAEu$Fvn=!E1p^}ztwv;|U<a7<Rom;dGF)5h&aRo*JTC|;0xCJC<7fZ~J!+^Y%V
z1F1wVDjm$+3dO%>y)DLY9TtPkdBinV2vI{4!u&J99V48rTErWAV*X#e%q0=|(ZO_J
z2WW*mZA4Ehxg92l^`NH=t|!AW=TqWOBZdN%tL~U(=y?9v<rY!H9p_Q0kSdhiE%J~q
zC$cvdt8OxOBSDr2TvOc246m4Dr<ZFc<J^uzN|4dC_u~ADZVI5VCU*)@g6Ct^KdV;i
zl_N$jUQd91qf<_6(PlE>$Grd0>9>elDX;k|87t>ge9gh!Z-Z^oC<v*E$L{n$a8~6l
zdD$a*TH`qDX#b8hR=0p|MSN3miu)80_HpXTVlHX*h4?n7OyMP3B@gYYNBw0l=E4Fx
zs+|n%S}Dom;KF2JLo<&e)?1T>IiC5#4X;qOKVM~0K9_>?`d<Y!i@=a^II$)fNE9Av
zRIahbVcY{*-ms-q_vLtH4S}eoF3Ova&{y9ai(Gc(Ur}dinRm&heAwB(61uF*ar7K2
z4bL`hYeMUC?7~D1dS>1kKlZCA0N&RA*S5-iL#)t7h-NIHxmW-et13L)RH+LdkEK$X
zU<68N2o>+kzmzT@$}V|pq-m5K80)z!#?kfUh~iU19HX*^9#<N7!Z&*Q+}L+sA6R>w
zT2C9OKNWRc9OQ<+JGxXwtnosQ=J3+OZPJo>%C+n)SFb2B0mqDkZL;3QI49%4MYKu8
z2~RZgVwIE0KlSqe?3i{1JwE#jbo)a&_5S*ePbefaUJvu}zRk2o8}+Gs8@~S-!oaWl
z+U$o0|LMA_HS3DLdl$qq^=0v-Gq9!#ubHc9-Fn85`ts*v1kASVZ}yFe2d7^^7!(LO
zOfs<Hu-7*ekgmisBdjM9kY2%RjH{RyW!=kheQ(DQ3*R`)n)xVf6RQx+Dp?$7T9gI$
z9?!$PI;&_0QMFG=U))`&Vu%KM)Z+Tj3;#L2eYS)`QV8mHmH;OyuUQ3g^fs~tMdwJ7
z1$iZ#d-OvQCk1B9&li&qQvH;b1zBzbiKVQufq$Y%33a7HMtpm`2`B;xjHBmk??G<O
zlSY7Ywf0mSeFVFFp)IbNT8$>g0Q06IN;MmmrP>A6PJj7`u+1bv;>LH>H{@zKg7Foq
z2WJ71Ycn2^L)nuiitiIZ=G;3_zMzG3GR#AEitD_|(_Y|GHJOe1GXNGFV4d%%)n%`}
zmlZwpiQD`3&@h8%!iK}7_mj)_-m=)xUr=7g`lY9Vd-CH}(>Yxp#IyP7-s>L(n^NJ>
zTnCmOIUck;!j)yFcO4i!IhAGpk~|@2eZt1HlC*-1VM3xIo^+CmDqQk4I2~&4J!9-R
ziY63xk&7jDe<}GJ;rzZ1)sn7~rT;@XOPI?9lCJ43eYRBaz4~7K+OCb`0eHOR_wn>k
z*Nk|A&53I#xK+w}Is$-F;YN<)g*Emym7LQc7}#w&O!lh-#b&@1|2H}NjWBn}U7bBy
z-rU!EOc3YqgpEFBX(ag=t46wb7=vyVH+d+E9x6lcK2}8&Z#1>iW#Bu3Z~G1mc*yem
ziDAV+t7|>W^MHcJRC501;fOeE9P&uN8pa6X-nOIXeN*gR`y_Arjlb+OB!?7-JG9*R
zgg_a|&Q6z0d%XVDH%(XDm;YnxD}(B4nr?APa0~A4K@T3>A-F>zxVs++4#6P=cXxMp
zcXtTx!5!`i&-W&`iXW$_soHx_+v=WPJtq@Xw~{+WSc+G)HqMbpQ+{~ay(Ei_yeF=Y
z)&imJ=i9~0YP#z&db57It+90HcU|eD#!RjJ!)1y?D%lUOY63&6cm;R8F3boj*%Qlk
ztvUyuLF=vl*AN-GJOg^UORojZuC6nY0tJLRwOZFJ1}dj&T`j#rpDv1>2j;<xaUrdA
z4&<TN$f$$r3(%j71XhMU1^|<gj1_e2?e{Ntt8`~JzmXNX-0m<_a@H+#lC<#k@{a-|
zm8{QrT!V2rJC0_58^LatwSx;kXRaQO>x4@_ICcc}wQClfM?7f`g-eo^MBW}fX&=6h
zYIt489*8T?dKE{1>jpcFyS?3n{#`N|DO8U*#a!%CaU=jF&{!@_`iv|clx_ZnZ)-Bj
zA=SN@n=8m4AMADIww^B1nZNZzoabkvGvR70*sI4KAA@$4bD-XSi2qA%wY)n+t_RQ+
zmu?ol4zKROX8J21lOggoAVGX_Tf4vo=JL(`;U3yCGxc`1`~bVG;vOwxp~2384+{zy
z7m1poXJ9d_@>&w+L)!hDD@qm+`M4d#b+&*+9ps+10lO2PdRr!X@mp89#e8#!{%rmk
zE5Vold*V^w*^&o)Yh&Cc|8ck~If>eRnS7(}EghK+M>1Y&r#8=pP1Rjw-ToRo0aUC2
z^7a0H^=k69CUECo^>kyh>%H-c$9X(fFzi6{%M_l0#@a4(i^Zn;PAUd-;#4y~_bS(q
zI82tnZmv&<v0NsWCP*l60lcq|s{>;XOvx9LEeg_4M~OZ57rgYAMwe7Oz5YA~hwKSx
z!Kc5b^zkMbQl@+aTo+_Y3nGF;3-K64Vb7JTXEo=<#jn-_!4%GZE>~a>FLy&8>!t|=
z^eyYu0!gUbqnqt5p37dqmdUTBMT$&|hfON+<z(M3THZnA*TPmO-Wr@w55N3`Vb}D9
z6@sp4b!Ae0##RWQe?Zl^CVrrUy|R55NCkWcNkBu4r%;K@61mp(JpJqhZ9b9D>HX!4
zuLwknUJn0|Lv%-?p2(j<iUoNGx<@X+F#&BNQ;-bXa-1a%lSUfo-RE0WU_fKOkXkDa
z0lHZ1f9+zi63o6x({#c?@iQioP$HcUX263WT<6aY?Mn~bM;u{mYPJL+WBc!03s*S+
zf)acWDOM@)LT`n`B^W9=r4(Wrcwgq|OuatI-d{B(IFX_wikpx0TN)T@c0ZMK`Q%l<
zqx=8Qm75tPqY5VICK9)R@)xU>3&ZH~>7b%(g3$^k8_HbwG2}s)t0ZU{zep;DD=U7c
zBsKHTkA0y}6OWbmo!aE3+@;~J$^=G)Mb;CqwfC84aLCONT5h{N>fbMeXC4720w#p0
zZ=${FE-#m{TVSI2B7izTEAjoCiWe@c?xSz6AVx)25iL%>Z+-|6lD}79;IDiu*WqrY
z%Ml*`xJoaP&gxdI`w4V8-E|7`y13he>E>9-c(?W%NWZ~#)#lO!dg4Wffa!0bBBsVr
zBFx*q7w0OjC<4-4Xn~I-Qa^dapMB#<@Vl-|d@&_SHBh8=MM>!m%}jnN;g1XdZ|~8i
z!+*D24Y{s?0zZQ&2CoIpyJ3sS+p=KA^vg5rmUFY=&6xO$vXc$5#yq_bL1{>g8Gg$|
z9M4wPS?TaUU7|LMlnB;O8>)5JBr9={+`71G^ubLKJ-|LwRBeVUS<XCi?@5|`M||6o
zv>pc?P$DJi%SzXX;EMfW1X(}1nU?hDtXEf+D`hT-98Ey7ia(b4*Ls!YjmgI7n^{bp
zC4s8)iqHa`wdF)X(?3;B6xqMAu6sVXI^d%r<#+eB>ZXg99n2dG?1s)0dF$-kZL1P~
zFm!QQcJ}swElhGc6)&&cy8u{ChO8F!rB!O}hULG7j!El3)S@uM%H=}CN-g3emLfE)
zN6erZd+=f7YF|uVRDG=PIO&V<*9a#4|8fUwGH1|B@qk{+xfvCD+{x#|Pd-O)@2iJm
zh|{Gu8wi0`RpY1gEvi}lxT+)n*{L%sd2aS7o{TsyNX`GyBnpzL5g;QD^&5yLha+G0
z1G6oiC9McPDHzJcjwUqNf$)B+9uE$-=HD|vk$s|TX36-IuRu2D#*uzsw1Icc=b_l;
zLr8?Y;`6csCj2DeVT5nZPD^<{zuN9@(qRR9S5=XxVBV8*FdOq8JkA_#uC1lvV$WN(
z3sZMDG8}eunaG(~zonjKyFHDi2zzxbzRN?twA;J`>gtr{%s4q8htW_g2bi)A`Y6hQ
zkH%hs4qE>VX$-YKPA74>31moIh3}sT=MAPwTJf$YUd+!7^j3%XH^sdT<*80jZ3sB)
zy}M`Ebp*Cp&GtMTrPsk<;Eov5cXXPIuC7zA@6w#E4S*V8%CN#~el^hP%k^t4DP@^!
zGhD*l)9nB47`fcMAwVY<)ls&mn=M*l&~OJftly}2iW#LO;(G?;7QJ+|$TN=I{J(UA
zMBGu<*{JDHx)DhJE{&aB;pSOwAY^H8biPK)TYbY3Wr>KRpeRq^b)mhYJ+P?r*q@a_
zId*JuFwyM4BY{-gJc{nbpJ4`?q&R_+Ngo%IzqW*-tM-@;9;)~F{01&0RWHMvX#NwD
z99bSkGt0C+NJu;&#aIgQ+;^|HQWJKWTmPa^xb9GR7WP>4w76U&#Yos1zW?EK-=0ff
z0vx>=hpoE=DNMHlXokuj!fx32|IV4d0BB=23naucNR9Q9J5Q5wKT$$U)3J|-TIk&g
zVsz{#uYy+m%Ozm&GD#QX6rw?)4lhhdbPOkqdRZ@X&c^YG2cMnr!Z<tD(sL>JWN*t<
z!9#}7CTY@ezRaZK8$2wt^ys@=pg?^9>aRmoJ3P6B&!8le!=wx9&1$W?;bRe~WLSKe
zKQ1pIaO`4Rj($`Kgr<8=jFKeP*Bd+KNMZh$N7RSI#U2m&4}#pusu%|E5yxTXv-Yu9
z`w}~zQ8Rk_L0U<SQ?>O&?5;W54RM`p^O-v}bS0Wx=;u)`(3Bm`{~oE@WfqN)FUsPJ
z^>KL~;bt0pPk+RpD3HGFJ9W`BRNeG3XaVX!w>cGzHCQGSstt0RQWy;OV^SiE+K9hT
zMNCdb@rrzThEDMsYB0vgTko!J>f_yK;7r;#v#MYG3x0Fhx&;&prZYo-#zkwZft>Nw
zJi$vyDP*iT63+@ow;S+x=iE!#M@aln93dhH(&(S|MUZ2{BjO8?tY$l^D*0~x+{8K3
z(cwZD(M&3$^NqhL^j0mDU&-mRC1X}Zn%r_lRQyxPad9|lXCwa|kV^8qG=C1Kh0*wl
zw5ZtGJL*nVzuf9B&TRZFuC+gmoa>I0qUf)7urs>3RGT%q$DyBKUZQ&d85+dHG}C^K
z8Mw8K9N-Lyeb@kO%W!;fIK=806K%A*nks}f^C#xQ#6q%d3vl1t>+)e;_kF8o+x|YL
zmo3`_%Qumu81|j0FdF}&rRel1*(U;ul(L~2VNgLjk{*DLgTKvPj%Y}~7NgUAUfYZT
z4F&vK0OI#c-QXI>TX$Z7f&B~w8`ia)tjhBNla0P<(bTY@H%{jkh|}pT;u+Oe+b2?G
z#dno_j=%vO$L`u8qE1PVGzE|mf%5R>ut@mMFxT-n1X<jXS!l;QHWu(Vvj_Vouu~5}
zJ5Rhmgr-q~aEQyQwf;QP3nJeJUrTo>{pLhln#@wFA1R|D`WRO~rd{V-bDl%+)N2vr
z(eDV$HgYiBYUJ@RHc{syVlo3mCW6|k)yyar?54LA?<O|>)&!aSqM6FyPiQNrug1%P
zA!;0NODSQeSCIq+*X;v~jSEjymFBo*B}jbM!(P6`1eaW+D3L9c_M3QDcwkZJ4eX{~
zmeAe%{`qLNakSi5r!>*Vq>wAC<PlXqKSYVXZgL}1h1cA1*sk*qb#?g(5El`&0{8zI
zq-luaX|0TE4xppoaqd+xm(I&Mp3Ijz0+^(u*sBlB_4re8!a-VtPO$K9SGsWYL^Sfl
z;t9@4^oGv39#h|y=DD{%HWg%BDDd`4l$B9P2~5@s-{@WsvRn_8?mI67;g=PHofIHU
zNP)}De$dPdOUkPZIf$4(h7Xn`_zWe$Bj0EcFG%M{N9X^sbaeQu7$rwmy4L(2aJ*w|
z9akQyHy`wdIz&o|RBSOtA<f!O_`M8@kIV8JQoPbxnZ>Et=<-=TO%{t~t{afEG!RQ?
z==ii~ioV*j7&e3naT$8Nl!(DNzi%exa{beKTg&`?8=pM69gaNcu@<GRL_K<jRo$mh
zT@%aKuCrQ$JUdIGG=E#RSJgZ7f7DWRZ&5PuXtvPU_Fzp(Z@x+uXK&OvgqL^e+vW3m
zb+%F8?Qx`bqe{8wRhnYBT>mt@UW5JtddN5&3sqqiby;y31<i^{+(odFsA{!6)`iAT
zD3!zUV}9X5eC_{H(atq^FK{HM0QX@9aaW7zT1K}x3WMXe1rWR6ZTbQq<k=68zxl>~
z5tcO;zGcU^I@B=^GrPqe+KOW6@?cTJg|+#^l0gzSOYt*wz!u!H)s0giz>pacYG^UW
zVj(dcs?xxj6XZf)Njn2IW;<a^ZT%kw&Q6`h9$Ru8zy*4);{xcpF4#`qDW@sc9xQm)
z_Juu7o-OBIs7L%7N46OdwxIh)dN?iEOZ-QSe@`Dt-z>*<i)TM{<&C>HzgTk~vq|xl
zA9r$VxJ6}@mV(`Jr5pz!U<2=sbq33AA0YC?QeEhlmrEB`*mK<yRwt>kM7$vO+-241
z;ob<iX=0TbeukH9PG7azrMnVw6UGjgOj;z+5}q+-M&BLf6p`W>&P{*MGbqkipojZE
zihKTabiQO*|KPMpX-<Cn0&R1Ch?JKV-vB(Y-fEsZIhNmMa`~X+7r_(#qi66ZqN_PP
zwEPoJm9t?ICz6s2PpzgCX)n*$1GO_*{<Bc)o7L5ZoU(VimW7?C#uyBw>yKQV%~_&v
zLUnTZ-i#CAO&McU-#%iHmIsbrHKL3>$~An5eX5}PTvrmBMH^+Lj`7m@*PU>hka5OV
zM8qbCXi9PlfE0&QuLJtpb*)@Wp?lP#eP1||8(enL{6c#lwR}t^67Vk9VPG%a;Rju+
z-<vs$XD*r`#f&OI3B-yi8V{+KM06>R(#|H-M@5et(l?^$E6%Tc9|ak7gwQ?Ce+Df_
zuoHQQlfJE^jW0SY#dTO%TE+dnXdBcO5xCNRB-Kg-C@JXAZ|!e$TXxvT&~tm9jR4Jy
ze^B=JHp*tnXdBg5$$K0_9bY?(29qmRvbl1hw%Sy$#JzbDhyA8gE!5OLeUqLL=Welo
zHRH1DHZce4q%l=ds_ZQit5UyKuA&FSoJxn59Lma37S=$0q>p1UG{b_|n5hc$2a<L7
zyAl42m50H5=b-6{#{>wMYu>9RGeK>w6Qv@(Ia=v!%+2~C?nuL*&e~76v5bq_yB;jO
zMTnf4ldlQK!uO-gj>pNn2Z7J1_%_tD%+0HIB9LA@_;vKlC#vg}H3~{v;DZWU<v+g>
z9ORc1FQ)VnNHu(L1{`X4E>#q6=C{7%vMnFM!m6;IjRl*Y#qgSSOs-S1u^CXxHwd3G
z8MVHuac_v*k!$6H;ml3&oBLURrGN2Lti6q>b{qS>t<a!1Rwk%%w-+LX<bozpf;{ds
zxQ|idVTs$W17+8b>Vl!F9Qv*i<P(JGNLG=*5Ebpc7(%r7<c=X@<+p-_Flc$31U@X3
z>yGUkBrw<CbBGNDhZkORYQ_~!0XepZeDQQftaq=Ql-jLZ2Dfe9RNV9y2cfA;qfzr4
zcb1hnXU}jpv+H~MOHkb~X1cnaLe9l|8`FI*L8WAQ<<O`U<i{-cl#f#FM-hU%x~EW2
zTX7FXy$`B{LSnB|c;(Bt?;W3$*2448^oy(=H_ex=A42!!rgFou&}c6Wr{x;v3vnW*
zZzA_)BC<#IKe3lAt)~3oZ4<^E&G`1fd#dcnuUnKWtfzM)dW(h&^c<qI(T#j@yVDNB
ztI=10;D>1#mMZ^z95`lB9C=uDX4N`<hPZYirm8;eXmF&mEP2^^rXpU=@;Y%_wf`fy
zUkrJ)y8kNz#-oCC#5s2U_>;+`38-<8x9^@geWN=|9ZK*=U&-!b*m=UEjIv5^j>IfE
zEe)N<LOqga3i99VG1is$SNBtBS)oHnzeukkua|rG@p(dlc<)zCL>G4%N4lh1nDU@!
ze@!;J>mPX4A-_X4p8Xcl{0Y?w*u4C{N>=@}WmwMUn2C3WBWX14Fx;Da)oFvN7N0!f
zbngLh-><im@P*^8p)WMACQEB6J1WVlm2$(|cLU|kG4kcD5TCTYmkG21^F$4r!u;S8
ze$$Q+Yj@%G=KM!E1xdE2r!S3a!V(0V8)De%Gd}&n(|#JiJ}*I$U=}8?>Rxd!DsKT+
zO+Liqt=bLLj`?eUx<LsxFcNT86(GHqAn4&<Y=3}BdrfU?ELzWwe#XAObGmM<-<WF3
zgq@sM5p17crv$vb<D}9fK_mG{eb&F=Lis!)wI^mD9%V{e;%68d1r-Qu)*qTdoj4xg
zzgUdhET%G4B;%h&3n@^$F8GzUPD}#7`#<8M85)T=cA9*J{weB3B6*r{_c3aWWza_y
z{4MULK5bk0P$4QZR@-A-<Fe-lXb!E+&+=n_JIgBV$)x%a+}Km@v<_2s)4Aj_4<K<m
zcNg-$YAB~gD!K8??c8I;edz0@M<P?j;srHUz@wkj8|rt6(o9!fK^lJYRdV}lEC%(c
zaeL@d3C*i%@Vi`WBi5W*X^p2oGB!}awE>C=x=z`f;yCR^M87SUf~)MG_@Ez7FV(-f
ziTaN`@yjpaTgK$2jZg&itBF+u3*9=QBBA{t`<xVmywKEH^Fi)1u=AW-`M(JofjFB^
z{DPj1c)N-Isi2PyBsm0!+P59@_I&sX&?xK+r(>tri?5Pr%o6Wh)&Kk|Muqf+>UFOb
zrI_hg<=2yk9SUh?k@wdX4>`CAUZE=UNVg>J>jY`Ht8~afVe_d<bE0eZ;hAK=&f5wO
zaE*=#t}y!c!0zvzU>dyo1EHDT0_KAsb2fN0U+L2(`rU+x_TYiORAGwIae^_GCEMVC
zCeD>4#nDG(Q6sr(``;wT$@b1g`Cj@L{Ks+?8VaVmg5MtD%i%?*aWqZf%hCRXxr84q
z5?)yUn7Fm;YbG#><gqb9_pQmS+c$3?&*8#5zt?)^hugf~*h&e}(ySlux9n=Ig_tSP
z+@$N`eEi)W?#p*2ghlOF4!iaRdN#~9kL*&wRZFK9Rf*@5ih?OUVhb47bgu_l(LA|z
zDMxiS0^f=I2EWaaKc8~CF_QgCzdPBVC{AQT2=sLe`}O&Ek<1J|k57p&ii_{3ilK4i
zM50i@ZXzFOE!p2wg`QN@%YAg)6ps}*%A5TOW{(w;L!Sl*T<f+KcJnI%`fQa}ziTre
zeLm|Z5w4zGfnuWOwwQ9)7Q-hY@I)6XOmFn4rrkD;kkU$CR6OyIJKCSPPDk<A2JF&v
zX07n2WMs3a&15-&Qu^vN1QG1l@k&Po$NYq{L|;@@=c^*W2JkM<`Bbo5?pxN4wk{A#
zfp|ng{;CxthfcT5ZAWCOl;+AaKX<iSKm68lHaCTt<wSwmq?_f^;k4HhmP2W9@Mt4s
zN^s8A7ET+)YfWJB*VbUKDD_5Yj;%K&)QI4CnqiV;SE?_-t-@lnxWf^Q;k&$>O8R!+
zy-nqS>yyf*QZohWtRZ6_E5sed@`0CQFBMf8Cf1jP9;BYG_)<tMj0GKlq7f}Jh=6my
znL_(_*F-i@^AFLPb3LHED2on3y9U*^fz)RP75FH1jS0?d=I5$9WQ9E7llp};Z*|w{
zq;-a;;akfW@CR4f2;EICOK)EN?sV7p?h~#H)@DbzSv?i4#jpmc4+%R>o>#gn?Da0p
zfX9Se&RO7-)A<F=TAr8NBQzUk(pB<2_QY@ZYfg<~uu42<oxE)2R*KfRbwN^>$47i*
zmSHk*qmBF~<n`{_y|vJ1P4V8+yR79*rT1&a8L;W5?TQ>D`Lgo&Q(kd?V*r48sXLf9
z#mz7A#iDh)T0J$|U+&!uhD@7frjPYd>A#KJ=e7-3+ZSKv^%v)Hf7KRQx_Zfrw0hh+
zxUfDiaFjmmu-or<1-^_NKX;ESs+K?Kag9Jaj_0olwOS!FtF$wNt*_hBNzZ0OJe*EG
zA{_sevnY9aqI;5>&4(H_)B@}{YD&F+ck-jtct0zBK+tfiz;~e=Dlz^ob5fwslswl1
zCZ+x+y;m#wyA>bgm{z*fPp5mCV8@@(CA3O|uF)#=4B!0&L{UN|dP3+?g3<R%75+!s
zG#f_=b3OV-?2_sMQ)EzNVr!aEYm#wzzpQH6;&P#1dC)kzIrZJX;Zmr;to(t_GWz;)
z#LB33CCU2C+^NI6rS2{Wcg|_L!xoLb4<)9`Z5|uRY^qBx5`k#+&XF!t01$yKYdYO2
z(jKsh30nbXAhcX|Tqgk3qN+nqS+x42Q}|Z$ab5;#cy|rzjpnzQe&u6nt9>mv(!5-8
z^bSDKIoW|UmVGdl6Us+*2Y<%`MQALAqRKq>G$;T@#NR`zb3>>A*jHNWl%j+%DmCA(
zLie>oy9I_0#tXr+C0Uze7$lSZ(d*4FF=hh#0`OB7h%dw=`0*##OsU|93(fT=jZVx9
zS8mZK%}3yY!rmRZARuLGg5Qpm7NDn;YsRx)KdX!QQ7?4esjkrrIy+stUOlf7jH(&Z
z_xL888XYwKhx!N2)*`);5DX2SqHdr*>IX@4`AgIdL(ad3fbA~g40^??<e~(&tGEH{
zqBNo$wKJz7aDd-6j|}+??`~+CU4dZx-3m{`0w*27+HPvyIrngQxLIv&vtZzfTo1Q|
z6Q13u=z+cbrKZ=8bK=yR7X&n(3n;{0wwP^x(<j8!0vnr=H{(|Mu*`?LA4-3$l08n9
z%#O5veXf-XUbnLc5D#pE21nt<rQEZYMY4^nQ%-$@HX1<J9W@>ZF9oG7pf%WW|4rsv
z7vHx1L|lBincX_EJ>C;gcyTt1y}+^KF8<R$Hn!LqI81y{fQv3rvs2;!q)~L*JmUg!
zU2op0=g7%8MCdW=eVP>aK(4I4U*7WA`^4YcO?Bm<WEt%-LN&_cROxXz*nuM<`c{t^
zwj*Zm@R|7rrWi^Jm(7w`De(|;Xu6ezSyhxM0nIdxX1z^&(%0>y{1=&jT!WK9gwwqY
z>GPlrkc#uZ+)cd|{yk^ScgUy=2ruYwcE>TdojysrRue92bI3KQBYf@R+V#SNd@`8>
zxRkd@5<KG!9I9vcef^?iQJ^NU-B8U^s>XEa^Qzamc=ST@Y;VXwoEfYOjNMJx(+3~7
zw!*ij5J+U5a}Ly-{L`9mZiVlKXnV&_yfJTzC8kXjvm4^CW$^VU42Tw>SA1IY!^^V0
zXG+<!mIJ9h>%XBJl{au+h}0ZcW^<J0!;#6J&K62NM_d+4X7u_L4{J)#gpTn;q&&kK
z+<^99t-#w4%^tQ>aqf3qw}9A+x3aDivRoGo03Hv8+>*MR`W>{1QIh|}M|;Y5MwuDk
zr3H$}1O|?&*dbE<MgL}Zw_y?s-#VDn_tQ*%l`G#@pJrA84!3uLrcED!d`U{JMSJd(
zEivWRGZoi$ILzv+r386moS=^EHHZ+fR@KS6^id>@+bL@f-YxRkx%6cw=X@^6tT!Hz
z6E0FP41gH-^EcCkTo%=@W3+IyC^f##?p<9bb~tw`F(D<vrSt6|BqP@iuJC_IMh*`=
z3%rwof6{C`N2u_^`)KcGE!oAnI+~dpU)cW<vaTXH<HMIPWKV3;_REk$hbnaH6W6+y
zbr-tVEEQx=I1!QFX2@n#c>DA29p_@`3W%0dM`S8nwBA9ymBB>kp3yVQT=Vx_)v<5;
zRZBi52Ls^2K{+<$-Qpb;88RnS4x=hG)X*GLCyl9qgXn~=OZTmg{fFrWQ9-K_*3lX6
zWxmAF%4@_>zm!4qp4nF2db{q1WpUN;c5ukfpN!@lS0o4w!TShv<TC)+u_qfGU>wA@
z{_8kl#t&zW8T|r<ONAb-iur*)rBjw$5~qrE0B!eC6s1p)CRgN!)0PeCfBkQ=2pmFN
z5D?AoS)FNv-3mK2eyF|IV3$|C;Eo>d1A}9!rhwAB8P3xXTu2k!|2mo4Iy*_o7CnW(
z2}`PqXlP2R#-nO~MgLK<VblxJo<MOxA9gg5R`9W-^KUPe<6*Kb6jA`x*#+DB=URof
z%%QDEDCI#;6?Xi51@vZ@lU6W@{Bbk{wi{r2hmf*LHS6Ng<MvhsM3wn4tBZLG|3i<m
za`9LKtz)14+h>~6f)Z+Fv8sea<*Kloce*nw>L1lV`p<U7<Q{q_(r+ywD}uidR8<N9
z@ckop<l#=Tl7PqaPAZR!7#Cca$cR!h{xG)O1NyQH?FXy@Ynq|*H46Gu970%6-U_j5
z@f(9M!uXQ#@Z`PpiPaT1vnkZRbRQuGHHf<xZiiW<-aoR429weJmEf-!)EKm>4`FNd
ztIb4=j)SaRKcuz3a=ufz>n^uJ!c*MIjxPrdy*pYA_w^&0`8tNvi-Z5)@rA-~dRvk)
zdw;0mPGKDA+Cu@~48^ZC#44+joAD*zA@szwp+L94wIJC2{5Mx2jKzRU=s|TnAA2W}
zzCX9L5-)(7w>8Ghkxa>Zs^8Gt&p+;2kT`?yOVr$)QS*A2C_3;#jI{|bVu9EtC=k#g
zSc^FtNWi^?_r|!t#*MJ?2ehH0-HB0j%lu#+jA4<$DIW?mQoyeyPk<KH0X4e>tXcrt
zeEvo~UA#>^5;vdS*p?d^&#kGsg;p^>Pl2Y7JGQf5mYer%`!;)Dn^vEj&szQCetRx2
zdDVkvhjBYa^U$GkSEIcd$u;Vjls|wD6|JNP)JVf9ROVhpY+M8@t*+3^iglj}_chI^
zdZDch<yQ&R-$-_6+9Tz^Et)8QG09r(r?Z6H92wjd#4k-nY((UQyz`96_)Y{1ff~%9
zCSqO>un=C&9~!q?^ew`-TkzB8kVC-|*@uajZI8zZ$0FVo;-=-g$K~cxFV3u3WSp=d
zNa<(x)gW@=&;2Jw49AP>gPgW~(_>KL!RYv#)o>9gQ~;rr4LEq;Y!sCQA^Q_*dg+D>
z&8iwHX!I<&?4CVdbcuD)(tjFpfZB-~6K~HyI6Y1dV6+Nfofg@2DVkl*TS#uHdFVmH
zh7e10Rzhd@^3B-+CL`^ohA)aGj~g#4*nD60#)CWdB2NR3MUJJ2gAN)us{xTHd%Qv^
zmvHc7WY^ghQq@Vh8qi+!LO(HCz63D&=E!}QA&o}~1nm72k{7-mA&FbSUhLDI%-A0x
zJxgG=S&*oBdE<(M`aI4;wM!G)&?OHUWr#`xcH$oEV(4;?fL#uR#7rG+JcXLmWc~h4
zXGGiX^&g7y2I42$P4mSDi)8g|TI8d+V6kI}HjXRJxAIffB~!7r(m#W|_jT#&xCq^O
zVm>P=+OJ@VJ9-iF9@J<QaS<U1)Isyv`aE7ELGrj{ApciU92k0uEag7Mu9}%sV|>(q
zM^l`UDA7@1AJX=BO-M=O>-tWOvwqulKIiKP<jHI592nAr{a#L$wj(eHd+(>Nb>kL$
zvSaJi5fywnyQ#^s%1}J+JTSMOI7`N1wfu4VC8tVljYp*MewRjg_yIlWHg7ZB{a9)r
z;Nak!v>GP-*&EG`E${W}67O2f%c_;9aj9Ubjqk@tZA#`bl_f{q7(W%ZSf`_9V<b8g
zh_;Mp+fCmWgthI<m(PK?8T%t!>t5Ib36Lt>&tbF^RD82nkqg#Dn*pEAkrM|?^cL$h
zN~54a<Ht5fT>BHxxq$m-{+?J{po)U1M9Mi=TpKWNBV;>{Nkf4gXG=e|GD{8}%Va7&
zKrkALy(;e;EB{|z0+k)Y<Rx^2A9CRCW%~9&q9h|%a1D;KL5dH&s+S`5OA4*BApip1
zVU@hE8uyQauKl+B#qk-6kQMlXRp$4$dDe^#-gVj07Zgz~b*>5pMB1A$=Hcy>_zjNH
zr1EGu_<Kt5*=CYnndkPNJ6x3}nL|;KEI!EHa5mvjOCna{g%F&kDD97MrSe~~IrD}(
zWJ&3H-MKd$h7~ep&?Gi~dUS>IxNT4<uVVX^-`!jdBCQv^bNd;malk5oK-cHTt?&DR
zA6-FV^jFi3XkgfuZPvU0MWIwN8h+9uK<5)LgOoz8g2Lg{oO(8fiYp*%xA4_w>3guE
zvJv-3LYY;Wz-E&2#f>N3sd@CmVB+>7WSPjiK);Xu$}Yc~@RZ<+rUWGeSW@kCZSq5m
zyVVa9a;@ot79a+>My+VNR=j{CYsS`2OOkd1z#76m{HeVVVWqzD6{!T;r1$ZTJp^l#
zM0#hvYU~Y7M6G2u&HOD*W$x;-d^WAkc<<OObiO<=$DTSO_TStLoY>8%IZ#sCo5-A8
zWm0{N7I?3eEv1*lS48wcM3(WertZy`&WDi1X$bEJ>RhbA8YV?JN*FbcP8w6y=%^wN
z*FY0jNP$v0hP~;fiD0$;CuA6L1bnKDGOEB%6Bb*L<`cpUb}?J{<YsMx&gLmON?AxO
z=44FF@gd$LC{uQS^r&dLiw^m&6PXPFpQK2UeE}e(wWXdRWmjz`jSK$<gf&<{wzwHf
zz+O%~w?>2<i3f{n`B<^H-rZ^4Dn?#S=x6Y2^Wwm!9m}=i>a{<ed_uoSIV4Xr4$wv?
z1r9xX`RKTy50J+^1dl`WnH)xK&5(FwIZ4E|c@i%Wjp^s|LySFyX+6j>!?Z)xsjNey
zz1lWKqdR`>?H-XA9U6M~DW>G})`U7DWNeiLB;ol&yu?%Yf!JRl9pX&}T3)i2&&h>(
z8H|e+q!GinJ&9N$-W-Z%-x_C;N+^wkzZN2Cy5h#P*7AIHkSkYjA(W~sehB#uH*odn
zo)QDi9HUzQ*=L05<mR#nle_pEW3EA5k!gWAqT525ks{R%z9QAp&~{UMuk``~5z@~C
z)H$!!dKr_RlLri)$J)BxdU;lOV30@rV{3yP;;Ey-7Ormw0AW7qx(SGVvGEF2pQ*Cx
zjx5{avE1P7CYj9&pz}3MXSruin=SQ`#6JFjpKLRZGGM3t;{j`2l+#2R<LxAV@&t#g
zPnjsUukUEt#<&S+N_UN%=w#51B=BqA`!KfJ3mM1gbaq}XlmGGHcb=7gq=CxT7u7hk
zF2g>R1v;Z4MZ%sEBqRE4TACuZsvy1;mA|Muwt~|@g$rC(7v&}xx1d6tvxD%4v1#kJ
zLf{Kl#}A`ThVZi&#qOB&*@T^9jvL#lvpBEW=I&x7IuF_$&xP+E@Tg{R&L?7Ji%|p(
zt3RWrfF2`f%l&+CT+ghV!S1k}5x01dL90-%Y1#s8%g&|A0U{{)-nsly4yZji-`+AN
z3n&t)WH|fcKER_8EYfp$dtisHOr>Qc7(j3s-d8n|H%3FX60m`}1se8nSsW%QfU1I%
zTMec0`U@Z!`WHQ*ei50lhq!AYhTx4&YR!PYLHYE9by(+Da^tFPVuwD1csO|x(7X3G
zxMul4BbJe8B^FGWxF9nSg&84|96x8O))Q25Ia|nfj!f2nZqtY_<_pt&P;r=rYFw?;
zV$Y4GD}?-!wmb-PD##qdy!QNin97ENaFa=k)ygjcd^2Z8nvnXS$8I710cyM#!DQjX
zo7g@=1_8N{9_=A+N}qBfj+noa%AoZrp;pjeSzt*j1XM-oQy&kCfmZw@tn7$aFj2Wq
zyr+Ma>A3a9T40d>@rbDkj9ixAV)Kh!YI3JgedQ%Wra>U84M8U4s874fh73l1Hi*&{
z(<nt^#b`}!L$_Ew<ylB5*Y|a5sfIe}IOnyP@!&BLGm!$l)e|xBYyN9TZaV0k%M8j_
z>w+|{EuGqX^j%+ZmVuBM>rV_L<@ZKiBlYW-opw+k{^wF<Q#gcdxkMAE<UA;yJp|t$
z%aIKwhFp<Y$#_d9EvN<oSKkP)Y1+YydTCr86zeCBeG@j{Axg96^{B3zS+a3SA-ncg
zJCB^W3${vL781H&?lkpAj4cKvr>0)gHoAdirKg^ojhyaA1`VBCaN8Jx@fz<_$Aw)c
zYB8d8L37SVO%6Z=my&22Fxx9&&zivr;t><*$|TTeg8Y|@bcH$s;CX%<=24sJoI!*A
z(BsVU#)dOdpR(W8DilimQWnGVXb1MS)!Hii@^>pJ?axpShfEbOnn!|u$7*(B>d}M>
z#6IuF6~v#}KCeXcbPvCwSOQj*Tqe!J{oC}1Ve$l@>;=>agMOKVJeMzdYC?0ycD70A
z8;+>r{K%k8K>>rAP#GE>HBwy}YqBJzP=Hbbqqo!SpL5D011<MFfmXOmthj<^s1R46
zO<YUWM)olraAsN4J3yZ5nzM78m%ub?ll(D%rhBC2&F-LH2*=DE5>&v+4ov^i9+ZR(
zH~zbyAK_(<Xd^)9<8x1&7*KBt{QBd40v*9`xwD&<5)m5l+v5FCk3WpB=50^sH_Bp%
zg))uY4PbttBJ4$N1W;XNw?#W-)0=4Gz3J#?DD`trz}zGd=}^mLYaK_4FId-so$g$x
z9sjW=PA!FK4@!Vhgju>+v4VVueajA~+H%)H^=D#wT=aMQTs~>A{`-FeUg6Ejyi(9V
zA43bCB#zvHJ`$F_C?!dzuyOve91jz>Dbm)5OC-OR{*i$SsF|(9nmS#5M7DDGpa)zM
zdQSTyaR=z>wXyN#T`7Mto~`9{Z#OOd<vWI19%NWF$6pnJXYUXeo4RtagEc$TzUzJe
zp>BdOi<$Qx^8WtU7M+PY?%T{A@bA<>#!uI%VmIrA+RGGr#nIeHz7c$ub25%4L_0?t
zY+i{EYe}%PCRRCX{WY*;__O?Rmg1r&l3d9YBjwdN_^)FLD75swtOB4hvtwP<6@Qk9
z{jUrW`-M%YmP>F^7bPq$#6)ib!h@MK-6GFFeJA@i16~w6@u-)8Po8eaIX?xwTmcf_
z=&016hjbPo5eG=A;E3%j<HHXtn2{#pYz7y@$1)c{Di_g?q;kwzgZp`(%%e2+R*+!l
zOB<b(;8;dIw!_5O90A=*e;1`Fox_f9hgLz%;OqNnM~U{h!-{Vb`M362c#?(cfsaZ|
zWyMnjGvxfCro)`4NSkrzCYkYanQ@AKw`5jZG@L%@KIn<|3$=UpJVR72nmXuSo!pj3
zea*PE7{~4uC~n`a)smlDxyc0D<-k1d=2Urs0CXNDqKQN|vF(xltUpcnlarv%$?R}L
zyQ{YWoeC$9tVX-UNrei}2p0uVT_&O_whAJw8kjdcCZzb;e*+D=cqH>ua0UjG?G@|f
z;(N_6E^Kj7)%@DOXOLZANnLC>@XmxGKgDY_@L3khQHLg{?Gshp;t6{R(n3pH?f&?7
zpmIs__*xdNmAXYVluDp0j@@wY<C(24j>n~x^R{WVJFL`GHhHhP{L(fNXxAz0U^<1w
z)Ewq1h<ZrP%Rek@qNZDsV0PQQ49z8S77bK|ZbGfTYMDJ9{B~Oqf)Py%)ZhN#)Me0+
z^1UAu3|q3ds7W~+qTwiR89WS*O8)OglN*K&Oz$sl)2Kk=u;5QB6|Lw!gxu*n*|hjn
z#qO*&>D1OoW+xZjbR!=2^FVJOND7C4dAbi@8x#zSWc{h^FzM#BEu)@Q`e&ZR{X9AS
zxTU<d(I!(@^l<Pe##mykq4^lmNqQB(7mblB+F$hVEy~2;So!Hra@_pM;{PJMU$?0C
zIDB}GIp)OArvuuGI~!k?mm8BHlApy`@6sbi^`2CmZkb@Wx+$4c+Lbc(VXLk0R!e(!
zU0vnXxKNf3+XFkfmGwbEmQ1o0oEHLs9`ok$!ofbE#e6u{zDa$09ba4KXbh*jPtyzd
zh|by{!O(E`#7t$(IV2Bku&O7IUtZ(E!=w6yR`RP-Y9=`5<WRm{;#-CUmSTZ#k;!gv
zc*Cts^9ux=;*cT49Z5Be>5E*HA%S<a%M+$9^<mQKkk-qB==Jet#rd=+7?O?{%sxwm
zLAhMFKa>h;bVV6SeBDt@u&N*qhCYgtVbV9@w{NFlEUlRufep(T-nZPJn(>>2RTqlS
za|UCUafNnGCu&4c&-Si>r<U)($$K`RYrz<P&`D<!1q6^pEUW-*3BQQXcSqV6K)vp4
zRagpK(bs9|V@+GO)vtd-!7K3AC=Vi#xnn4<?wC-`+LYF00l-z`HQ8`(m8E{Tc3p*l
zp|1Os8K}{QG1Grkk48bGWgX1h<_0}~Kw@jX&lGJ76T~UI4s|+GGAZlGc28_(S~>8^
z>4ozn7V4P47!2jib@mSxA8B)}2Xch2q#ViUXzEhd1q_MAViS7O6!<@u!eD2X8)r;t
z*5fZ`!kU>!7)Cf41J7RTk<IbcBRRczui}PX)}OPF7|@M_bc|b;DAFkU9djUue5@fP
z2Ntq394O~nX#DFSf@}X9#!*Ul8uBJGWrjUAB(iZE%eyude2Ax=2Nn#A=q)uH7m}Rf
z`3}Y3<2pL+jm|H~L9gXYFefAxbp%GOew2C|n=Mw{)}lKMfu5p(WOMhvhVn{ErOC-{
zsVc-2gwj_><1VU0iREq%WU4REsCoP-9us@92Fxj=;Ru%2xDD1Cwvq8Yc7j5jh?1N4
zAMJ{1OE=qDzK?X<a{R#*H9fg;s!47ws33;L=x&lbvpcUe$NbDGP(G1XjpcVW*@OPw
z=DQN01Ty<}*wGe#VnMC|rc36FuwCidZ2tOyys%z(G|z0@zM#Lt2jr|m=XWJi?Gy)#
zo_2`v$G0(qwq?k&-imkc+sD$HYg6#<oFwP_j~Tl$uTK%FG-Z)7Tx{k<=(v-#CF@R4
zxPn!~J+iybIuLYQ^5Irj)Ox4$z5!-%aWdwpk#yQ`colzo%Hcj3eJarF&k5VKl#>dj
zp1jmUMXLRS+I}|FOi8icvifRfS7)j!A&cF9g|AIoy5?0L=2l-)=;I3cN_>28xBR1?
zs)9D5!>OLuJ7q~5ErSoh)~LeEhwno2g4ixHP{Pub(G5vN+%4i;c<$+FzhcuN)4RyG
zM5Ty>`Gb&U?!@d~7N0n(`qSXSO@D~o3KBls#3LoXIy;}$3a7?a(Y~oY#o|NWUWdwf
z5<KaPl=hvTZ?X6J`sHhWBk${x0QG(U&sRNml$Ue^>ZjKwL>NY_mUzgA_>GfnZR&^#
zF-rfsJbFfT$tS?MM1lhU8p~MlhbB<URrAi%a1TM;^pE$G*48x3O?*#4QZu;-2fEWG
z`+cp5sq6_qT|MQcyU<)S!K$Njk5D|1YVBB4tDSkHmX}N=S5EO^E2CkbR{c(Wr-NPm
zy=}YBPGU^*S-1F1S@V+v>&<S9-qOJ{OW2Jfeo_j8qO0Pa(98(5oj(A}!ri!mtftT4
zP3fHcO}<nHLeX^NS+R{Pd$Y<?Uh~6J8Rf_H?ft0yP(@E_hekzCpJD4JB^+a<fC4Qj
zx&@&@)h($30$@{U@v53;yAEPGmW~`W7Kfet4)l^5N<2=%7ZP{D`^5r=@MWT-FCA-<
z(())aR&G#G7GFrW7pu@*HTOCX1E=FGAysgR+rRUY6RT&!#*Wz)eTl0&>}>44cgoMq
zxG<wdU_j=9+jI@0B?bao%z|mr>w{wx1_lSG$-d>Jl@4rkwF~rIZ(3Fy6nE>Sv*U+F
zP^!h09`TStU!?O2^e%1}UfE9Qrb30p8<HDI$_ni&2tn49(`S7|u7%*dyq?V_O_BYB
zKi<4UUIZgy<>2|EWmO?;Y_>-aTusE-%<0$V6L$VRg@|3~yViJai?eDmfMW*11qDXI
z`e2x26z(q{B3pN=YjFGJ);tS|>P97AjC5^Pi^ibf>jvH1_b(JJzxB965p(oUladi-
zggA4lF=_H!HfB3Ngs`~>G|f2IWEbA>J;v_q8QtLOv&Cj#*e8|99e3M}z9euz0hgXb
zEv_pM2y|Z`c&gU9o=+*|Ca!9;<e2Mr3*W@&=$kk9nmuM!l%H`Psw9aHMhR-;_7R6*
zvXjJ~<EP1@C9&I95Gd}hD!InFG)VdV_j8TC>_lAqP0-gs&d_Tz<~K*}BcMpMo67HL
zkCX$pVS1BM#Q3xX<My|{<(|8AAH3!CCtK+{v5L2+)^6{KRCEf3cosd48%|pXo66r&
zSr95NV>69u%2UXG7S5iK7K#)xLy4+j6cW<-jMiQh%l!LS0m4;vJ+{f)x$=KXe;%QJ
zbZ0rY1PVB=3>p?n&GRLvmpfPejN3DZo8&>SF)lUBXGjJ~WZ>j$zOUaq7CbIbSsg=T
zBYvrOK))g&qn&<XyxRJC{lll}hx!W61+09&r_85RFuU+qgb@5FI55}-*>SL2yg4w=
zH?QQi#RYx}u0aOOkvJtb8VHnad&s{>Oj(RT9C5~>G{Tt!FXZDS)!&XMM<f%gBDIYr
zmB_}{ult&^`2TI(*B;A$6V~NF8`mAP$WeO~>GYhD+*)7_oA|o}QfAe^K$Eiw$O4l*
z(_+ReeOM@?vIHOD%_sA0|8eknsuiEAI@*aZ2(b}1#3sdgd5`J!qO#d_!+zHr4aZ6s
zDK>BGGb)ik*>>Ju$Rn|ZKR$tM8MzkGj7tgEEY4Pgvt>uE65(#Y1`Z0R{>qcaL3CD`
z{(bztWGCcH5{W)!ghlpW?|DhIxpcnRPzQ1;_gcS}@|<n7OuD_jT}H=AZqd>QiCkJl
zDMBRQ<uw+z+ItyU9*r=pp*nNnuf(WwUw~JDu8Og8mV5kqIpKf(Gvsn2Ppg+<Iw?p@
zJeF>7jwKy3@r5-TG9@(v@z_y=nUnUNm?vkk1hz3F=sqWS$r!e)?xD+HBI)v+eT#pR
zwg2-Kgkr~zo*X<@AYVa9zi6h^{K}qla7+dS`mZDQR68RPSJe@4WN`#(imaS2rH>L6
z{3`I5s6w6%ty`eO35u2Fv?HArvJ9un-WrTEw0JPt7*x*fXvd#>WDJ6p4FvrG0j+jh
z3AUCU{ub*leDh9{JAqHDXHy9i<k>k=Lq(3Qq$N}8HY)(iFi?p@^VgIV-DsGHKYYK*
z*DjDi`>aCXla~<lGnH}Df&^<cPt~pwIfI%ZDs%vcV2MA9u->T;td4irp^2nE#L_DB
z4IfO+Y>B>8Xb`t|6wt)P2qurL?&S5NXS%89>DwkmTn-kwug*Mo8^e_ma_kprW!*Pk
z{{CPQwRmyU=I8iKI#@B1K_~D0TRdy5;)Z<?bkB^{qu({Viwi8*M^rOfQx$d~MbsLT
zJ>JTv9d?CVKfKL6!z$vOqO_1z%;R5AraM0l5_lW8<xc~7V)@9q18Z?4W<!pd`T?(&
z54jtevFxw^`NUUGxtIHKxK!JB+#H`LG*bNOX-HIu4A9&Q#ivGGLXv0o_e~VAi2<@<
zN)vye@PBZyIf8os&hp(K>ulCkoX7)lA^9%YTt~JB77jXx4nF#g1&p}8FB>(lHELS8
zu>axsmA6q?Jh%Y^UyFl}a3xp$>+oCrZ2AGEN7d=GvH-PR6%_})T`f)g7?(ar&fr>t
z@lzqXf>=heNS+L5>k}jB^vEnkny!?sdKWbcFCB3k1YtC*DWWXQZ#^RAGhj$Rzq7Mu
z^?n?>7u9r{eP`_aK96Bq!u-Mmxy34dLdwPr@WBF?+uCeSoBqw-fByXSGw^GHlB9!s
z!G#5GFGYyKJ82{{iK!Z6^7B|?`ffHxX6f#ae|iS~Q&3|wG6Z&hJYn|hFEwn^2(vSC
z8k)!$vnTGWFDS6@XNO4fHx7ye_|=`1+2(t@`9}Gj_^!ySBuUHJQo7i}@j2Nn-l4x4
ztned|w0@D+++w3o7rhiNM%r+&);uaa4IMlKA0bV=zJl8fU2DeNGMAkGU$~>hBQJ(w
zY|jy3cGzjS7m4jNHzs=`<61{vE^37EZG^-f_=s!Y9=<hu@Ahl$>6II7`}ZV|qygs&
zo~I4%26bdm@@t>TDJi$AWGd$G(e?cnS;YIJjFEU^no4cf)D|#Ivx5#h;C*n3fgI6L
zPjf=re2B_O53a39Kggt~+7mQiZ|^@i4dcGD#1SGTspxAP3JS3>eIa*j{b6Wy9LqKU
zq1hnVmG$XJ4=u&`57+cRSp8xo!b)i}9R{+Wm);m-(8Y+o9s~+?j}40j;935Yq?c!^
zw8)<!Dvhb?*~M88IvJdz8qj#>7@qlG9K3a{r8JKSpylL~te<{lSL{+vo`ayU69ysf
zITfLGA&g^XM0Ns&zQ{@yqXf2{gRBlGg>_H<;>_(3{U>@%@elt1RBpsX@3y7mBuHBo
z874)Qnl%bf+xY7Sq`PD#a6)NU8DdGV2O}9(On;wF*IG9C+}byD1t1kdA{TXFyk1eM
za(QQa>=Dp!+PKK(3x$42f4Mn@v{xnRloXw2NUu_`P(>w>2YF(=XNQ<k{{CV7d<=BR
z+=LlB+^Q^c4P^zi2UIfA4HJKgLOsk9doncv4GCK*)W4X#F&H&BAw`x3q|i-p(o&PI
ztKDKH-jVN|idkBo1ZD-Vd73uM=Z6~Gyq0Yw4`XL9>mSZ6Ub_9mOxIH^?p3{Zv`+|L
z-k-jQV=C)yoS$571tx@gX(Niw?$co#;`;1-qUJ|>F$FNFescPCgsc|K)0rtey(Oqd
zh-R^m@}`j{7x-=#*W&AscZX(#P_P8(ko)_T8oRTSqQ9u6CDn}>2fI49Heu2+daRY9
zmAxBiIt9i5+QqJ*SjJa-j(t;*;})bB6j$OQPIT8&4GkiVF~zJTr-i=dXlq|*0T)8L
z4&HnsvjqcIQV$f{A*Z(3H&9%2n?Bthc-qXv7O*i&><VF2`A5XjuM8Q!o6zY<e3y~8
zU6=ZeavSRF16Q28Vp^Z?!VcYxhHcqUOsT$8_3E`3GTTle_s+%!POx$l?czxTf4;h<
z6>)M>NiEsSKoBEui93=k6$jzH=^b_?PE+s41xZMF^WakZp5;yA{Db12)>QU^kT-Bx
z&jYzVGpSwwgel&(J~-qb#53iDd4I|`xVgD+Z19OQHlu`^PC7<eQlhIy3f@ULKF4go
zH>_V#qo}+iZeySFuY+=MC39ru!dqp#{^IERb3d<eHR{Hh*T)@z<6a>P(Pne}fYHTV
zc+C1ltj9HfVrukN9fx4Q{HqkHZF)yiq#`;^nxpE5wwMaf>WtMfQlnqvnSxVK|Heqc
z!NDefUlO+HTbS*C;)1s#(tB_C!*pN&LG!CuCRD#HI;1tOTOwYbosj7-7PPq;3Q_fW
z@-LO?_h#5?5|SOD75|Jv7<V&oaIv8f1ObGrdSqo!){ugv9w1tuo5ok1T2Suw#Bl~0
z*&G1Z^%jX)aFq5;0RmviN)?5#K8ahO8Sk0`2E^${oJR>>qpnN|mWk@JOJ1Jg)it{f
z<tR=Y0Ae!VEI#Ft*-=${d}A)e<fLP%D!hPnCkjwX%!B>@NNqv;pED%F+!}5Hpd?~{
zlZgE3)r*+=LnHc==0XC-jC2SQ2B8s~<Q9U)Zm*BTUwt!vB_n3x!V6}*{+&0=;dz-L
zeT2CF16kEL{^yE;-r%LXyo-l@t4%LQv3A3z%`Fm7bmB%%=D|h&oMx$pup@6{j3pwp
z2_kw5y9`2!{;qhOT0VtcD>pI8PWcGE3{GZEfzIJ<&G+j;0nn0vt}Kwn05P^&Ls$v9
zAyZu_FweQs^YIf4RdB}+y;o9bwO$Et-n74H*rriI6@!jmJD)Yj)M!o(p;osYENvJf
z+N`tDG+{&|Z?iKn3O)md&ES1;7OAt^djeZ-t>gYMCb<5N+4k3)o0H?~m+Va@ecEx&
z4q09A2F2icxDhbhta3x}OT^kfx>IKcB#rI(_Zb<R>istrABqXIQT7NqC`Je#vOYxd
z7}aQwaIAx_2|2Kc9xA(AZi<Fg=|_e?7XWyhJ*ZZ?XN9nPg&_UOg)TeKr6~?lBEj2b
zT8bQ3t4Q^u?w=SCdql8|dt9VB4eSnJ7L4g5^!|n*);-oPrr7FpY0wT_R&F!Oo|N6?
z=-|SD&v*D4OC&IoT_4mu20&#YHCruL#*;ZpQCgw2MxDR(UzfKN#UmRB(qQQaef<UG
zW8Q>;d7VBc$=F4ocCJ60R>lV^zz!qp@efffXWzGzO*JtE8o}CSZe5&&>O<ez9EQy=
z2aantHaB_0w}q{vvMDWd4@F)_z<9<3#%agO++5Tbe5Z5r&LExe=9p=?6F@ZvYqIWD
z7&!+y3fYkuN=X6{@bl~uG7{<cF))SV*y)$B?8UtE!Uk9=yMG0oXH7;hnR2kmmR||0
zO6a^W@`4&a--M*p?D7;;=?9eCn?5S$9MjRNtYvn^nU5Uf^6|m?tf5E{vmI+%=~y}@
z*!igaEbEPCz?~2xnb;R1m!M?v4egJ6l}=`<^%5%d--=0dui8G{wI1ioc`Dr>-YVpo
zRzFpqnoz^MF7lOUD`E+iP!FKVw6*-W<pbt))DULy+-LgTA?6?KvKLP={C`YcQ+S=x
z5{=Q=cGB27abu$~8mmErHnwd$joGlVZQHh;hW9kRx4ln!IQjmqnb~V**35R{pfo$)
z$lcKtiph5v{F=z3MTg<nld#&4#h1kN`uem(#Q`Hy%0Sa{c9!lkw>m(EeRQiJi->=D
z#|pE_H)cw&@M%YsfrCMmTT-fAw-~wAdSoj!-09|!p3sy;_Ri7ZG*h!WYTpSM-B^73
zwi}}?eR+t-lW@YvFeh!f*)g%(^^!1Nr5rEgaH4reV#EK9hOap`s%^4`DHsNh1<EZS
z4vS7Qo<ak;PgH}1vPv;+?C&0%5E^uw=9^w6_Y%svz(@n8rWw>2k@)*`sis<YIe2Bk
zC@pFQzYHR1ubrh<eOvW18}f<Y6iBCtOxKsQ*=Rn6+i6GqKCDJBP`4@2^^AyHGHGw!
z$@%q`Q4OtZ^|pj`PK`)lU-%TgfJOGsWl&39Dfw*~E^tKQjY{~TGP3GM+moF+khb6w
zV{xJw141vS3{%5ngPq@E-#I&OsgwV;;nl+^n8_L8qPVUAv*ZMs+@kbZmO$<*h~269
zD_@MDtXAtqZPt05>A>fmJAC-b&w7A@&$yS=;MMOj-cSmAg@CWJ+da43ucM?BDMCt=
ze%No|eX|dotQbq7xr%UTN;;aaioMRg)9tKK9wHjs;!g!=e#o_beqzIvtytqR6rvly
z`lWI9aQ+$WgGi^|Ys-v@`7X(+IzJrQlb0nKqQF}jVSeL>*?B_l47Vt@oBgRhnX;fI
z`zMj6vJI_?CANs;JSZbZLs4|qpQMtwU8E^$F?6t0MZVcKE8iJd$+5nLkh%U7uzc};
z9T$!&Q=ov!YF)bII}|^u=2V{~yGI=LbQOr$<4|QaqnM&T5b(CZZpoyX`4z~_r-TUq
zMv1p4&uPlbo(oHOrW=ajaB7blY2Bso8S2a=oE1<s?+HEq#iQ{OtdbudPzR_-JAe0`
z_!G&KCaSbKSfER*42(^%g6&LR48A;GHdooSW3u{anbZ~p_kw?KJrq5}h-GMfzJ#|o
z`78e9U9V?R;@r^M>T{Kij@>3&_Oq(0^j`UkZkcmiL$yBVN$Y`z22=xB>gj2o5&`yo
zyvZ6@sW?JDp4<2WxnLG<Wm52~KshPrw?TXGoI}p(?+KUnjm`5Lf&O4ltqSzJ`3u*g
zTZ|8#W3rUQe*B@y2B0Ej9u&T4U0GaHT>?AZrIlQEyuXMKHly~2m4jRhWsb7!T47fi
zEX4Hq0)FDP_;%{IOoJT#@=kP#3+R>>%Jj3vj43Ts64FqlP=TQ^M*aOCe1Gq>-S1)*
zz<n?Mz3;wN5VtZXFLl1$OM)Bq*#{e$UlnHSNx3tCX6++p1Z_T`ED6`9r(Pzss!*5|
zwI{GLRd7Ww5rR(of%oEpZIU{I_MgpGWA4P5s<st1M55I8r>OdD&Z!-Yolg~70?sM2
zBM=db(H{fxYq_49y(y$UZbzq`BhYGXRW^}!y}EN?_(8qdpJwauCSaZ@;wbraKkiur
z&GnCAAd)+#mNfN*GC(qC5>fetmeS+K5Zx2Eq>GEf_@hgiTvq0W9ak}J{&(@(A6MX(
zlk|47I+zbQlasNSMb?_BG6=BQd`>ugaaQg9I1P0)v$s#DK+5F;KaB}R8vb5i5h_}G
zl7=qJPExYUYnHs<r<lqtCXU1a6A&HnKPO#wgcJ|OY+*qpr7}>-<RWOuVx)803h=~j
ziPtrlVxZ=P|DauX2$=`CTB=<d!Y#<WJaS|yZB`QaxsvY0tbMMA^zG8)eO`Ui5%A$)
zqjJqxtCR?L1Hb$wZhgOG_RfF^O0}3gl;Q|>u|o226uG>>Il5S%s=`7^(W5Xw$>ZqK
zFat$Xj}&LK-An5HSr}G)hJT9|1NaP8Rd28W7acy1%D`F!ev~X`M;h9TJau#Pl9Iag
ztl+7T05#e1IjSssNq8~z6jR3`$abSN$*jI0Y$yfeO|xd}&zqfbMvaZ37()HSpq)Hq
zq%i%T5Y)PJsWyGk*>AG5rH&v5Y?3!VVg5B>tYs*P@#!PRI6wpTDdAH>QF`gpuS5d8
zFYj7jnt2Ix0@U#IG|jWJIok*x$Aqh6kFXnDNIESMUaFx1GegIs9`?^)e|}~uy$OQr
zbVK4`oj2)r!fA}tn>$woz8891XJaQq*nLXrFuJ!SW;7emsJS|TOA{XKt*d<%;0o9m
z6qR~$9T_4ho1Q9pGMw6IS6W}q<-y$bM$U@uJ9|jmgjV16F(mqWao7Qg4DGjNnqPh$
z2VT`XHvZ=0eE@hQY}{*@w2x)eUGZTRUeMV~swY->_p~T%2eM^<JWdGqz@qKCVEv~-
zUSjte4jdjPKn((~>K>Ch`N=AO>V2*1&1#r`lvef5!UX=!Nh@iWJ~RO&$K&+VrPOQS
z^pU_e`$dl%k_@OL#{i00=0eSI=Ol(hV>SL6MH(?9RR@k_W8kM%)MGUA9UA8@Zv>mS
zR+Z+>@T`UUBiniQ?hy~aQ7B*DkO6yEc^Y0IwSH|KbhDVM+k|YcBaX^f*|D5Q3S1G~
zw0I9^yk90@R2nzuBjkAGssf>a3G9BU#e1Sp#&Stm@N-lMf5qp0PHbk?iLWZrOhz7B
zH;M>3{h3EWM_=HROUkx_%}1(tm*9#k(LM=l(>m}?IU~5Iu9QMBD=VaoW@(13?i~fo
z(d>P1g8PG~ld4`9T5>M}ULpBtCPR&!9d_~^jhZMEq`U#DYUwqLrZVVMxvw!m`L9Ba
zEKk7D42=d1%J9({{lanAY~_r^@meLpS*(2V!+IQmMm*i!x{%prtg=xVI;p^E3Y~zJ
zZTYnhpKJyw8173U`6IM$8Sx}|Ux5MHrcYvvD+nuWo<T%C#u5>M#=!u1>0WVTN}|~q
z9Gr*<V<<cLL*2YGq-2YY+#0O+$T~)TqM(sHgQ#-G2PZh<Z_R-I1cmt`$19I5?S`j)
z2Quh4n3Z^H&WG2gD{P<`tzNV=s?8sSFd)qW@b3+D_#W7UgYWKYivr%&xU~*>eshht
z^R%<Ug9&24BV7D&xMJC?q^p<OMpq40IsQAvb^~Erp~)hd4LFecJR{{==J*uq-5r$3
z>ri~kIHzp1L9U>)t(Xx^#!H-?*p>X{6!blVV5Tf{7wC^+kk3WFi4db+(G}-ZSqzTg
zDwrxC)!*Ad$ecmheE9ub=bzkLgEz|e_;iHN$u3L{pwc2k<D<Wv>t5=tq@{1qUVrYi
zA%i5o9K1e({8A*A9Jt3ooC3dSwM9%7doSbT84^|=xWc^9`B{gwWHdy|c`M?3=MGh5
zOxJzfcFLXFPXWe&pA1-};%zy17yt}o7rFZK3X|+V3&RMQO~5FmtbNVJzr&F;For^v
zCiq2e0|@h@yOdNN|B!|#O}5*$z|<n&E=l)Kq0q$0fl?oAeAuy#MyEjs1i~zw2cCqB
zeEu>QJfQM}>|YzvAhxD6#6#gm;ci1xuQE8bBV!6Ye)YG2IieWo;;|ITxi}ToeNAg&
zSpl`$ncc>C3%sdXef|;wvrQdsD2Ivi?Svt+QtdT(fcN_vA&EtyP*@TVqK7QS$gYd$
zaO|{X^2Nc2lgnf;EZZ(5DunFeKE!Avz`g(fZ2!oxJA{X^sjqH6q0FvTut)Nu`|iZE
z)I9h1X&=>>>(hto`$TnlrIK$I1*70EX9$nX?@seF_aVTi3e52xR##=zs7OGyPAsuY
zOD0zMs`3M>jq`ar6w{4o^>E(&2-QemW2wpHbWl244fUzca!G86CweVWoGg?P2?b}X
zbyiM2fBs140AJ(3=A!!;^$sSX!!y&=0SI$bR}7)Pv+@`=H52yqF-6W!2R1t?XzUF2
zwb=<B;)Q}V;><~YCQ%}FQ*LduZZN~Fs2eS~dEy%>Rzsdy6NC_m>pyX<jI>wpwGM%E
zaxNhcO6}6_5HVZi99r9X|Kux3%l07?)c*EU@9h^iqj?K$wx29EZfp%P$MA0Z_gUUZ
zlfvMclDOcE=9<oug60BtlKWWfSvv7C+@)PHm4I8RlaPi(b;I@gzmeVcmT2!xxF0yK
zOgQxfwI-HxffIwcV(hXYRQh(FUS8N7B@w+#fqh^^pfSd*99ON^UP+9)&$p`$HZS1A
z;V07FlL`SN0EgvCOIVKI6S1T}39~c}pr~mQql>=1U<KBcEfL^5`&~s9r*R&%B~lLO
z1_ow*1AYIK!K4+>6&7}r?LEm4;TVc!@k2H^Qq7MqhjV3RMG-X&AfiYA4FP`xed&ix
z3!Mc{vH^srestbST_V=|A}ZHT-dd!Y4wbwsx-->b?rcDYC2`O)-$3)(di2Po<z-n1
zV4X$&tmEW|)f`Czy?B;t@_O0n%&Dp2T8WQJuKPjp1`leat=hf`GTrlmRXNiQv`A~c
zjUlb%<BRD1(9l69rU1t|_3DX$dc$k@Qn14*zbli{oS|%aaDKulblzN?(UDt5PVNcL
zfl46Hlrt(g85Rqp1Rp<bAleN1H5Em2qF;ApHB;dcI->FsAM9ZN#$OaHj~d21&=8hZ
z2`xO6(--#POiCtCW5J~ak$(tce=2ORD|&zo>N+K14N(ijk(e3m-E^|JUoT88fPnvZ
zQr+Ysje0&JV6hK!lk12kWke~P->d=H;E{WZ!^?xew5g+5i%xY#2oqV|k<4J@M<nre
zez=dvzhnQ|6>XLY_W<0{lv;u#Q%g#XHvY-EnPft9!hTYEI6|MYU#V%YHzyXJHlSEv
zy-y`TBUYCTNXnMr1|5X!R=&U$7%kRZZ5~FJpuSwA&Jy2V<KdmXhBh*|H<ejK`>Q-~
zRKZxbg^b^9;r3qHJX?Q;)*o%}^Zd1cK7XuAuJk>-^Q1H?bk#O%KmEcvGla=<g2(N5
zs74zrWECN1R1kZ-sr{x%7mFP>CW;3Jcg7FOR%EdBvJfkA`mTo7zu54H?}rJV|E6v5
zMcBR~?`1po63SG=@LZ41m+4B(b2`fC5sVV7B-WMUMT~fj)P1$Am}8*LDKfa|`&JZ0
zl7*aMtLFrv7rMTY^E-nihGHc~b-@wKM)Fe^GI%V<6nEUu@1sg=cA4R(vt)bBA`)x<
z%B(7Z#Rv?=>VE~3HOI+FY!B7CmoV&1gJ*kW{`5=JFKOKmxr}#kXEnAx-ul61y1r=R
zS`GXks5PBKQlE2?pS1z;`(e<wkZmDXw^K)Totx9rU-pZv`OsN29k{07ryN%nMbeuM
zoZizq7vP4O<A>}#Wg;-W9Jv+*97^@Mx-h-dFc1E;XRV^fh+^$!;MCjadRSu)x4H2<
z5q5->!D_Z>D`q2Iuz&;mMz!elh-*%jOgZuXF7x?gBl!jKnp9FR`3TsHF2j{#c}Nb`
zxK&e0M9nD-#o7P#O?;rAAYFPD$F-d%mv48{MZl<8j|k%o5wBxd`S@{%kYio>1xB*p
za`6^vR!z_+Bvip1+YO#hX^q_zz9b}YBsip?dP0VNkx9WwK>KGkn`vCUQp^vooL^l~
zlBV)d=HUU!YBR<XEQLgv4?69p<2pjvB`b8phjd{zMNleznyx}c?EgL6V`_qhsfOv4
zN@%4xOYt8#OE=Y@<6G2^jfd>?&Tr{YcYv`t5(}eNObH0)kv&S;LvZ4YI(ko>HkWg(
zWT(=jwXUw(RhzUXr2|T%uGY&9n?qM8imrs$3#JBQi|*P?+)Lfwuwz=vHJ+ueRsju$
z(1SuM|FM)3IdV?rFO2uo-*esRY#G5q2_9EFw{-|(1C_p}x-#cQrQQb?F9<Zpx3wQQ
zeLVeirl}w_cK;>)9i}A?-<u@2NQby$p~s|3B9&{L_w(Lv#&zpJ;d}<m9Pfvd)WGo9
z6*X2BTb!x~in6013D<v@+bqp-$*?E%6)4K9J%}-^wU6#h`)hR=NhQ25?@2FFtt7-w
zmecY5s0r(?kv6ZsqC~b$i<*B@zw(Jwct)(EBA_!t8bq*fmM7Hosavc}?MgYVH(ct%
zy+kkwp<*{}u2IVW3^)2FDi$FDv+^NJZOpY46;%&<SsDH1KU_4oBVt@xC99(poJloE
zi=I+qm^L?DF{eWO%=YuyrHM7NSFyft6EgfSJ9h)Q8nk>h`u<La58JJS4C?z0<nGYz
z#T^W=Ehg>fIXiO_#1H9`dHzV}2@D4b;qs%c_a6i%6E8nCYL@y65YXa8)N7uaJ6Ns=
z{RBZ7x_to~Bm|?NO7?c?Yh1D=<ZdZRT3zi{Njk+(MRuBfBKUntCwO#DFVavqlAfF`
z^5LadyT`;TIF{O?DjjSj#qwt|-yw+#3Sl<+sZvv%Qe{@oN;(0a1OFn3wC<pntI_;d
z8NQ@6KZ<8lb4Pe={@PSAoGPYKL((4!W2bpkwRax~9HIg{H?c<PGu@(KO<kWKZ<_SY
zJ}$oA9Qsy0CRWT-G4L<?_<m_LoTZ-{@4l8y+dO;C1taV(STD>v5KM;=;I)`Xese(T
zF4OW<_J{>v4ZXIS#t_k*2u~g0yR+uhG$>H;cab#Equ6Mr6(fpE4_6T7@c+5;b*!X_
zE!Dt!7o_)fhLZRxi|*X*lO&ls&5sSHsd6g1n2-q@9y$j#;OJ@rAbt)u25Bl?m%SA>
zps~0Gudv+D^5f1IJ6l5^Z~0d5E;vg~*m7Lpyr4et^UsbYZy!L#*P6Bj<aCe<GNkF(
z8&>&QRCBrXU6>%ej<9O*<3f4N+fdfE3Ov+8a|Syxq$#uUS=c>JRqvv|u|96J#yY6^
zd8O$H(3X}vIaR|6u$3Y+&-;*0kIh!!72xuL&+OmDn@WOmL3h%GN}%{tNQ%Xq-u(XQ
zUwo?$_hb0#f^rU!WK&n=hl_A>y#O5%J%!5hZe=JQ?LcpOu)vP~>1F{&t<vxVaqzN9
zY{IjU$=Tw=JS-~6-9T9HfK5Nri)4YJ>wZCOChBrekoV%Cm6<)<V`*L*=<Lre)s>$|
zt9{HL*s`)iIh;F=lVu1Z?B8{DSDP@r1?}v)Oqmilt@*HI9iOzp$KuYVPwu-`38Vl#
z!V#=r_;61)o^nmsDRWu_=z~RKd@9~aCWwXI=it`5Q2JcGl>z@rjt7U`OP*PJ0J)L_
z!Rni_`3~!htNlBu%<>0&Y{FF?Yx9JpW_u;y^BuM{usAiWdhdh_vpTat_2W{>ScUw6
zoshZU04<d|;Nb|FMJZNI`FErFZS$3;@8lqSo+ezzjc)zBDFADqU5E>o{n*!neg`Oi
zq&gX4XrF>wk=S@0v)*07P&6LjP4;w~rFDeZjE%Ou8owHMh~M9dKAge5G?>+HzV=&3
zT(9Bdcz#QSq*#(>L;!P#s@4tc%ei8QLT5dMTZ~3V)b;a7i>52Ih>3W&c;Jo@Ven5F
zby<a&TdF_G0EJQ4FxVhvk$&gNZ_Mu{R^FF5B?=8^2hg1ymT`?cnavbm<o57_+JN4^
zeY*2x`s6&1jCwKhY)c__L;vX06*OvtjdDQ(STt*#P~z{#J$=hK&jzmB6a;pqXMmo{
ztou=<m4|J(8LJm8Gm&Yc*mhS5@aA#K;Gh1BD+h4-@U&EK$SENWZNckUCnwkx6s3Ey
zniYlY%CKS|cNYh_P{K`{Gvz}6g7YdV+t|AelrRNwd(q#zXi+g$Sa}v=iLOEMw(sYB
zp|^BU51d(|MAS;L!qRoE5TpOYYZ?{LPT*XgB6xQpgoShxBOvJH9_kroabfSUdGh>7
z*jg4~pZG{%n5fWsb$Q5>7C=e#Fn4E~{|x%dy_`Qvf_*+%Uv4UHp3*~3_v>|>Mplxo
z*tEbA2A~uC*A(G*!jxZ+_R`AoC4D{<2SPw(nK{1xxpT@{c7@J(twYL68K#s)Br}!#
zp*R})dlMuKxv;YfEbIH!2awb%>%biK=UiXt1e^25mEfGYIXB!P=#RC_h-bRDaM<pO
zY$HrGs+@Sq9iK2o8;T2u>u+_8sQ{;lWQ0(G0<vRg$`E=Zp4o4h!7zhN&7f_SczFb=
zRwq{fz*{A!6xpTDM=3wUn+1U{QI#UoKv}eZC4^|!uh&>&IVc`OI-BLv{%kT5czbDe
zP%A0_;m<4&2C>|X=F5chr4<gICk-9BhXgYdn8zPmXDNGgM<H-<ae2AZsoT(Vd|Ggs
z*CMDTbJ@>1h={QgR%hNYh!-rSzZ?U;*#+lH{f@Uks~vZ*jBk0l7W!cFT|Ab-$|~EA
zuRlEhFJlP}-vz@Y7X;Tbv@eFYxPZBX^d9>ZO#w4Cqo#a37PkPqXDs=Mj~i2Uf;RPb
zG<^6ji<E|x6|T}kV{pH={UOQmC=BO#Fz^}v5rXB6Arf6oyYhgJWy!k)o1!A^NXH30
z?*i~2+UL|_nLPPm<;0fiaca?hbKM)G1aV9_JKC!3x-RX{_f1Ez(LDVeQ_F(zBAl*;
zO_OJl0OYl6*6$t{*$Xyz?=(u}(&&;`XQyT7Sqt_V7mwfD>`wE9a<SKV#H4<AQ*?fX
zCfn>l)wl>i4?GMw!Pp0lVb=*@1yWV2k&})1$MJJ>`SDGDP-hX+ON>;}gwSx(fj=kP
zAek!swWUQv=i>0io*cgBhaEpxFM?1$y9X2zKp-i!n2EQ#@t$(vZ-hS7w}6&sm!b42
z^wMs*<YeeL8cgSt=-U-q%LZoq0->YXM6uzBPgV>Y6k9x@&J;puoG2Zsjshk*om=KO
z_pPLelIpDS36%Fs`q7r#zw|fjca+S7%n?%{o#6)(uK|P$xC`5NuH=NsFA{0ByJBK9
zg0y0DZuzT>NXoL}Jz2-;=EbA(MJpgHy;-aKHg1!4c$BNTt?c~4Z+2~kkCLA&uZpK(
z@G>_suTehz2i|uH&W!{eQBYVKbvXFqxLnvAa>Qm*NgCV<AtccU0Qx_LvUG<KeJ~Y{
z2GUO$rKM>mr%zYLzPcB7Pso}z(pYG&lr9(rjCfRCR$xKbIoY^X=RBSHFmI!LyJ}e=
z5J5qIxwN}PxL%OIKl|=7*|;glgK_bYWVro&etJqw5HnAUulgA9(QU77(t+|0*~>Qu
z4=ZZI+jgy*@T)jeJ%Tq|CnuA%#Du9Xt_P6YUyr?EOxr!=seSgk$Uf7ydi?4#u$RpQ
z^1O1;0&GN+((0w8Gl-k;$NWiWQ3L~ncFgd4r1T+4vl^0B!0t-wvxJhqjl|xWGe66C
zd$ZNgm~EK;u}GZ5P?GjD5#Il1cEd}vOaMdR9JbqHX%FoyeR@A_W|inVC7b*kMPtLl
zmNTc33HtFneW26kExwhy4rfm0?=T1LJ(LkOA=<89ewXk==bhb0cy!|H=C&;xx2yiV
zZiRsHCKMJapS8CICzJC*?`X9Jyq^Yg5m%5|vP^Ped_o{JFdk8EI_YLJTd!@Gf4|W5
zC-9ZL3v+ih*82>EgtAjHcdRw36d1=NTT&P#s!LyD4HMMnh;*eQl2R)Mm7G2i#o~EK
zF?KYYoo(r5m~9uV`poJ9b6Y?cH~&_G>5N&+e1_naQYK*+{;a}n01~HPfZnUGl4s3p
zWd`F1TzP~<JN6c+8#-!A0#1>7w2Mb)2<n3UmF@BGh8cgRv+xAd1f0$(a5`UBW13iN
zT-U}5q0Pnf<P;ke4$iX^9`82Ua>>QIeIDp@<uNr>@m#7w{ltl~BcJ-`UhdP|p}5u2
z>h~hHj|vi>ZNZ&!L1&>_r)~sgaM}|b9PQ?Jj~JoART32>wWhVSO-$@sBS`NIXDB-8
zFSK4BirVs(2)YMFC^?{sJGAD4uTnNY_!-64hIybRYa8iJ9y5w{3s?H`pdMkYlWl-+
zT0+oCIU-<cuH$DNg!1fMmU0QbQ5dvWaqLrG1qTFb-35cWc*n=uB!tZzxgIu9ROb{}
zU6l@JTRjM@l=oKQ&kc~{K4M_7Z&)!9>z}CR7Lq1*m+j4}3`h}uvj#K={k?vcmtb_R
z#{#fq`LJ(a37J7!99e%p64jswvj*oceMlBrOOX_Lqn=D=vOXKidn12rOju!0hcSI`
zi%9oS=r8p`fOaFwN59xHA-d+pplYV7rlE-<pyw8#<j0VeJSMTOCW_hp(Qn7~*4FNy
z;5PW8H121HGXPVqJ=lDkmoBDypP{oNsD6R6#%<BGukm~8=;-(oII>JU0$Ls!?Z!OD
zUH6(8v6#i}w&qIi45eU=Y(pv!EaWQ@L>MG~a1ixD%huT*_E?7_{khE$GpeV*f}1Ko
zR`G~T`1RZ?qZXwSymro7@Ja7)(Pdfd!EQ8@PAk7xP}VRh^}7lYQ8qjY71}?+H--Ic
zP?OUm)rDRy6UL`~4{EF>(NY$7E_e8bip~>9ogbIja|4w+p}q=o5|pA`VrN=;!5;2`
zc5RYEz>xaYBOB{_p>8H15_tDSx*jT9QA=Fdlvnk@#eL7uS)MyrpQAC2hX{%|VC(qy
zGnL(X^p$=O_d4+2aAiwa*s&8%rD`9YEnc}A+**KH+L@iddB8eyZ1bL=lLD8@VydA2
zb@X+i^H!uy?P?42Wqu74y>s1haV_0R=&EOq(A)g>=>oA_b3pYZDX6%+T9eaY2h+jE
z!L1+c+Q`dn)jGNV2%4)l74`B~Kd>x+?P1z<u`9Nfo%fIN9dna&`r4S-gtPx^D2fWU
zRi{#iTwkMQuiJZ|C|3j6iWs9_RI-_LCnMG$lKQatz3qmJBxbH?Z`276e$qd5mhlZj
z=D`#^7I>FtOra*R)%e0rF)#6{m+|`boYea8#f*$(9a!x+GjWs!&e>8b0HfJ)!ai+a
zPy@9&Le8XOxG&F&r%@rTnp8?;X!8}B6tRKKDH9DB6ERhbyKh9~Ew^9cC$EPeR$=OO
zt_T1lTkU7WEfqHBkgVwa8GLC)zLk9p?iR<WZw?srRoeW{H!f`a@-(TGXI+8tNp8vD
zJuyhwqkc+JAy!ljD}n&Q1V6znU}w00=uDPChN+X*xB5Z~h<Uk>QOL$!u$7vSzDOFU
zB&XVIeITK+Y8y?c)NV_ntv}$8F>eLuqL))YR`<M3wcUew`dK(7DB6%ADV1!<gR%Lc
z0y3RwEOu1;oxiS=qYPeYamXq$;{D1o2W4yLHH6%KNIUNSAMT}ElBU*f-NPsW<U!jF
zCH+hx-pqY)QSJqrAo<`mO5v2a5a+D~=7$6u%|IJe0*>Mu57KsO#eZRZN-=aZ8xGOm
zK!Eus2xb4-FH5^sjkUTJJ|j)(y5>pG=VmFfq@#O}wvyDE@->y4^P&9pxaU-N=b>~p
z!&YIMP0`LCvj(S{eJkm+4d#1u^B<+jV}v}77-H}svW^E=`56UT8~66uKSs$BDkzOi
zyo>801~+4(I(?)R{UH>q3v-)YV!QR_|4zvyhHRb{fOiYz$0gzM8i2Tjvi<aJ=t%U?
zUq70$&UsqcQlrj1x1NuLdzoBW=~qm7c5RJ>?|BDq4c=6N*Bij()keEc*K<6=xHc3!
zS6Mp!Z5i1{WYfy_wDT8D0o1Z>;r<6qkVg{pkl>*KAzf(O?UJqNKK&8~girfre8)2+
zk*&l1`^{XRG-l9Bv<g+h{Go53#_ZG(yn8C*`CaH9V8y+@W#%((DI@ETxc{*s4x<t=
z)SMnFA*)1otS{C=a4+EpEvSfbP*C6FT)$__&}7C5!mxw8iA^q+IDK#TVKM&6AWg2&
z?)`r!5ij-ucoGW0lh}@@b5>Mp0@aM2h3YL)>?u-_LBak2GR4K{G(O&f-wCy&*d1b_
zgv1`Pu4FK1yRUvD^>QVcnx51cH0JHNQ2ENs#>Bkwd|eY9U?qYm2W$$4p{mvZ_iJb!
z*mR(v?Ra7i5Eb`js`Fr)UybnEKC3xGeFf9<QI~sfcU&2)mMg!-2awt))EO_UsC!*P
z`E4$so)X`U-JP~zIhOq~<PCVax{Q+Uy1$<xIU#rjDYcBnRm2NkF?Sl^Wgc+yBCGcX
z?XZ_t#n2%@8~kpkzl%jq-|Uy`_M#+iwb6sIIc)P*$NuNO<*G*U!AlEY2O<+LR%x)g
zX)Ao40mH#`56PS*p%LZ-&%><<%nbzCVMpT81)94HgDJ#Hd7?|3wpub8got-8FKcUS
z9uKeW<*<|sL|+O7Qk%L~)|DPVVJ~&*e8Lj@a7&L83V3F8SKLzhwZ0?_dezWxZ<T_l
z$>z4K_5OBi3E{57+5J;m3${alL?}nG&yi6jOjW=QkJXbv59(!UG7Lt8JPOW;=qL4a
zf#=UOr{HrV+SQ4B(ATR-ebKVIThwQ!;bd=B1xL>r;Nq&Qk)C6u(Mk8-i2OFhw;3TM
z(0~B^Bqk%x1S`#6zX>{0eS8=4tHF@z=@Iofh@Ujq2ZP}F!v9w#V(mu)ZEDyL%no^T
zMb<a39wpE333vEnPy*Wxqbf_aGZI1L;+$Hx2RzzmO<1uSbO5w1fNv(`8;;CozlEmT
zOe<=Tj_VB05u!|_KdYR8_^d7m34zNC2qCYBebLjie2nv?_Wr~}?q|tEZM5WVK&?Ov
zsd%#g1<Ta(-<5U}fxWbD**iP!OKnnVWGQ<RA(|+f4qBmFVf5?ByC<qH6aU_eTzcA4
zg#4)WCAUs1Esh-ls!q#75%Y~T+{EV_H&bw-R=z|{S|YvyhVP63-*1t*O+%)T9pq;$
zDw!g};Jrz#fR{T+x;+v?R{l3dHq0&FZ(+l62~-86^n~$}qLmq7ruG5c9T~R#z=4N#
zf&fE3iI=Q=9Ug@nZfM1jSJjKPH2>p<iMedWpB=~_ldRz1JHjy407o0bP00R?<Xy~1
zZWkM3<V}P^HJk-dYXRM&qy0yRSVtMcO&h5K${<b!#gMuA9k5}YmtXOY12=xX??Ji5
zSBGs(npzW1Qb%J)Dh?T|J_Tlr)~L`lH_a!Y4myl@a71;>xx4)Y?|ikdS>ZnW1!z<o
zo$(kuT|ZyDxI}kwOFKJxXg6IDNV!=oGOG@-SHONRvvj5@IbwZ1Ctj9!#|?lqcZn;=
z-<d_HdV{kbd+_g+U1GiaH~BL^2qnl}6>M?uROnrkGx~kY0>&;8x`#uBFcrW)LBT#x
z2U17@i)e0@{Xtr=IvW)J+R|Nru}`0Y1)k=|8`}^oG4I%GcnEV`*NDnNj@rDPgih>h
z1KmmbooZnE1(?nc@oWT0BLjIYrYyHjhrH#_s4pFP&0C({sX!=mK5;fCmbf$GO14Kz
zhZf0Vo$lQ--kgG&a?3ip4{EEkroXXs8bkN=xOe=72xD-w(jrq8)<O1^C)2ZXvL{)*
z6^Eh<Qv1ks(vYcOK`=lE>1GR_-r0De{RQ4GJ~j|G0jA(-K*@LZ5&xuf1S@l5XS&sH
z(^h5h)ynD|t?rr!kG|$^Pugw;22k>i>eUkwA7#Ow)V+P|5w!HagON1y-~!3M4#e|L
z3nA*9D5B;=?YT#w$T!%AN)Tc9B|9yRpE3^w4UQFUUmP&JN9H$@7*YLXh^D$rk}}p|
z%TYC_GJmf_!v#ahVn>CTiXf=6n7(P~Xf1K5r(n#}v-<wzs%ed1*I~pMx!VKNI2y05
zab@jCjgH7laBrv##YmN(_*RfV1GW0D5XGIBkv(b@x1P$!0u`M52Pe|*3%P$MBP!-(
z>cp}7o2!XcX~ZLYB6iVT=Kt+IJvlNMCzz@E42h<#s?6p(9~lR~RS8*_h-w6X?Y?mM
z#~_kHYIzPAl&#*63RB_fELIlS=x@Mf%OfH!D>h2s4OK0@a#kGfFyGF>N>6MC3dGx9
zqEI;P97hBntuUd?9Q_CgUd8@tdU|Bi#JQ!(G>|#SQ%5caEFhh-9?qI^Y+MkQORMeO
z^6NMZJj^DWJ2w=O4L@=lZ4P88j*=5WzXK3n3z!@_@c-Q5EbvhPGaI4ofLCW=CqXHp
z+FW0BgAd~Dz>%NY;@Occ#gTvWOIilLVG4N;O1>7*srdoWadE#Z)Km-V-NgABr$n>S
z!hso&si+vXEOli4pAb8UDSUR~KnDtO?oy?Qkn9O@^LO)Frg=L)%|@?J%~i-zEEXFE
z-6RgT-<G7j%&WXE1{)Up&4hT;<aUU>XMnH#6-iBG5u-a*fQjrP>d}xOEZlDwxiiz!
zAdcWlSrdt?PX6GHfsU|QahuvBH8W+6e^I93Q0X9%oBGDP<5@}~_cr(Ev2Q|Yo++;#
zT%+Udwqid~Z$84JOHk+^I+I_4M}F`(v=0+I^R$WhC(*w$QTlK)Mr?s*C0z$t7<$dH
zkCHd_dZ&@R$4iU03CKSf0_^ma+RFU-{`|Mir2P%IF$$$00e}Q$-iR3<2K;V#1mgG7
zJ|P#_!QJ*CD%gDdx}i@=Op(2<eS^it*RW{9_}%}obc6+jL4c`m5>SPp<PwO1#RYqY
z4ul^&yk5IogCB|m^*c-!Oy}>%En6is@ZY~!*a&!8^DMEi3<;f9M3lr(5Oxva%mkI`
zd^2^R+bF(GoK>)qeE~;2<0jHWEMk#=?c{h7ahI2tASxNGIGHb50IYo}{xY<-+le$`
zKR5V%rN1o<QaBs_$jaBuQv<<Ecx721g>qOyp!<AP%7cOyf?)qq<5ZQkivQ#CdBuHD
zYxPZ3oSx>**9V{ab;h9lW|cKuOWzyN(t38B4l4>B9*8QJyO8RteBBZ1J9F8gKWIzm
z6<$+S1)ta*443o=sGQh!5%uHR<dlyn{&xffkS_{if->M@&0xrU3Gc~6rKFmJR78{R
zqty;U7m=a=uWovb0QBd^0tm2f+OXoY<Tx;60)gcyLr1L*_vADC0pE6vi5siGi+zXj
zVUb;z-(fRp6VS5Ei_y6>M^rA4nU7$*J<H}2w*&VhTFdS?lOg<-D`qMpRAUa>szdMB
z(~J<!N4-J?l$rbS&^+*VoR#tReW3)YH8?724KR!=-ppKkMN|o;qISF%;IG>MECYyG
zn3WSpj>YkY(YUeXe#+uVscvijFIo@YkGyh~{Oy;M7B$TfrlB+4GG(GIUmPlC-RW7<
z0h!pZ7hlq_tjh&j{Ep2PP*YEON>6%tY{<@a&*tb?q~G7?b>BIZa-V+?!Dx%KFf{)(
z1zEOmU|?^e8FruG3MJGwWwJt<lH%ETrzd{q2cX1f<KSOLs|;p05Bmf8xWU;IG%krm
zsLsEj{Q3gg500F$ZwyFyvO5QKcWjM=5DF(?4et4n7j^pi>90rAF(`qV>2wxSsUMrT
zl>7Pi{k!04!`rvcEzjqH7N^`Om>_lWx!mIb%59LXrv+a|m*KHz=7y2c*u&>YH;v$F
z+bH3EbciYeE+OuXzOAQ-4*C+$dsQcy^Ud=k`{x>97or~jo^82|v{NOKVhge|$bw*5
z`TaPH%KYFzc^i7u@ovh=dTJ+iK4a3>6iP8JfDmsy8;oscO?dkz;6BzXm*h$!%0*`z
zny@td=ovNw`ClolCyP)}S2c=(5>l^O1cj(&^Jz-LCbr@ac6<GezV0u2*KT6pWW;E<
zh#GjwNb~s5-Wh>=EyzQ^Vt?%+*^QWL&!5<u!neT0e#1nD0=|$57atm|kTA01mygJA
zBILiek25yK$O|~iE(s=2NzeXxO(G($$J%@C(?WA8>9gGcmZIO&C=$0L#4_pO48)LQ
ztlJ#-!0L7V{!#z0)R^B)z+gp;_WA>}1EnuO_fxZ_h(LM8OLt<$cIFaL=|x|dOtjCS
zm%vmeOoc$Cpw}LBrXSo8Hv_#hBxZd$Wh*PQ!nTcOecO*aA^MxIJvlG?gD6u=7E<x)
zS#DZvL*S}lgua0^TLQJtovI8Hir<aM=$`)}v2AvF=EP#y9Z2&BwFmP`b;XSym$sm~
zPDPF;0YQbxEhB6WwkiA9Vj}r5=qP-2*990x8d*U-VXuib)AH1EBh35a?^v^K^-$$%
z<7!xyr~3mS2GSR`c5vT!+l9YTpGY4p@KJW!c}0kyh*=n$qijQ>J>^8-!n{x91$0)z
zZExPc-CsVQJbm?KI(Xj1KfF{>?@cSU`*DcRJyn{&Tj}h5fN!rzOfW-nrI5^lF@d!b
z2}x>V6Nu=dGSDY558uu?R6qJ)qlX=z@YX^CnguK%r`lUz3CUU$_+)Wp!_U=k*o&}Z
zBxuxf#r?~*D>}2AN|2pr5jTO4q&$r6`u+An&`R$<YC~lN7Td5UtKiqU1}YoWH4CF8
z%fy6Zl;&1oPmbv{3WG8YwQlIkE;yLWf%VWfBJL-V=r39dW8>a!`P^V6+j>7%$O}g+
z;@lL1FEhn>n2JLQ2@jCigU%1GD$Y~04423pm7+w@q_*-dFKPG=zE#S)G*!n=ykI%;
zq$x$nq<zJYH;W08&5W|y>y_A5qmImoA%@#zf-@)o)X8Q1S7>%m#L~XnaTHh{c3?AT
zWDn*$IIpBW+UbhdXCjU4o=-J!wcGBizRv_{BW}UYr0779E(bSZ6!?(_cJIqmo5*FX
z%f58BQR3e4+(boHTj01f8m%R`&iAPsZ+*Supv=ZvFB~D~w@Y$_kb!|m_#sM5svZt`
zc8scx)#~<6<s#R90>;#z44f9fk$+^8>AlLfXw@X7Kg6RkMm<9&n=R3IU94~$RqVeI
z@s}40Eq?mQJ3LoF&Ddqo&=G-GR(f&U3w4`^<FC_^8>gi^1E;wX;@krhQJV*0DZS|)
zT$*pPQF<F<%3lO+e+tf?ACd)s1TFVK%-e)69A%-Fp?bN@c3m*7wlco?;_MCG#QPPe
z-T7h(Xnz>V%Sh2auB{Mo(9oGZW)nP-3hPmZw%t*i7{?rqFhfkaQscvM@I5FE@y@C<
z{Q>R8XMiNfrz7G6e1Go|*;uOZ7&?-V=+5M&*<R?PorbA&Ms(NN<S;iy%cN-||I$ej
z2Hm@2rqvDkgy%)k6p6s1<zRQ~c_e*C&!&fy!_Q3q>+*eW{fUwDF2F}HQWzrJMt@w$
zy@~e-dFKd3A2k`coW@)<R=22VaTOHn1za?3__-H1jJo!WzF)JvZ5ry|EleJODF_?w
zrIzJeH!&Fan6gOCYIZMkucQn0;xu?#w!-%4K#5q;Z^#Z_*v%M(jSwN40`=|i!~j9;
z?eewYV7B4__+jG^cgM_PT(Q1z+nSB+<rs@j=Gp~oJ!+`-2%c0aTLb^)U*ve$1cF4&
zR5&P~5Z)Pz2pBoOz+SxRC6mL0Phf%Y+pPIUkF~^KxHu!cgVOC}V>!l#{S<D9aFX@r
z%yPq8aRaEaa3mV0%VS7?U>AWoZTU@8n5|=yOC+Ctt-dfTVhqFF$i@HX%%!7HW2MUu
z0*SQA5frqh=5wi|2I52Pcv6UjtQ!4!$&5sgHX{eO73!|OnB18<*5-g)1x+J_ysWL?
z#4c`X;DG2H@od)V(@2x#-@6&rB|9eza)YL#6v~aLjf;lBIa&_Z6|nz*Ky=J>1phw+
zqM4X;x*T1n(jtvP-6r)P`Yux5YBP$_LGLxmkZ~Dv&H7=z$x1@(MuM-e3ec5ff2M;E
zsh0{?gCyL>>4*8DE))~j<4>ffgGr_Z4N(6}XO*R=B=lCfSkQ|vg7)13hQ>69m}{og
zNA=fMgRcxO)r+rIJcm2muZ7T3nZq~yM!ILeqyHW%fg^`|c0MeIje|9wZRtzV*k=C^
z$+T_^Sib(e41bKGAz~^s^s33Jf}J2+ZrHz)vM?MZ7c!O~3#7hS_M*zM)Zj(%y03KL
zcGz^s;K5=KiUWKQiX6MWDH|9m6|%b0mDpG6PJ6KAGmQbgTqILT<3)0oBe1|zgg)>_
zcv`E!2CBtySNkf2zT$(5hR}%pe2jx|Orx=g0Z|CDOI&X&KX$0?E!5xflly{Ng2zm(
zf#W;m5HW)R3zsi%I#jQ=+X;;Zl<OHTAKJ4}rhv~>@t0Pjydh{^B7Q3(zz>wv&*5|t
zylthwq{#v(SQtq}RX=RdGM2rId_W&KMBn-e_4nwiBT;^!WXf73xiBpTQvA?2cZ9?%
zY1inWZ_a7D0X|Vmdh+R_4p{aMnnoM+A@l2$U^Pw;;FCUXH+4y6FYQ}3LQRVJCdMwr
zqykFAiUVn=-Dabt4e(D`4q7E>djBC!(Gd+f#?3uGm2YQ*VCR}9Ms6X}Q2$jF7G{Lp
z_rLs3U;Hezi-mnZV7aZJ<|JCaLr(a_0f|bb90>Hs8G}y+$lshVMW7sgggxDBo~R^>
z2*6+38=6~N8{NL$;4ptm<77g(joZ+?f_n4AaZkynqE;$9EIH}pY8<rZ<YVb>?NstS
z37|?@Wx-3^b;ES_FCC3xg6TWi3Ssi%<tL|ahN2+zjwoEFy7eLdUJxcJWa=dRc&bb{
zdTg@NCLPmq$-A}-R<8I1pIK`;dpNE6b;vLSec|$%)2aX#cAy0E{1S}|7^4*3fJ9`x
zdcXPd(8V80sLmLf+Q!3Vaax4bA%(?gxFYt&@>l3vpTPc|Ll8<La^?sH@EkP#C^GcS
zDNWR_$f6F_y)qU9m*v14kY1fGv|5KfA9pAWXaHq;xXaW^mAx2mC*aP-#}YZ^n;5&-
zV71$qcy@jE9^XC)p->o^!b)|*Z`xQfI%*~iFY637(^v=ny(p?t5XEL8_`kusQ4Wza
z!?}MCo=tJ2XU@5I(D<BXuF3DbH3hKj4CsQ-FG**iw@3pn5Ln1R)oB}m-G^fUJ{nb7
zO4Z3iK?f&fMW`=Wh!sa(7Ry5I8;6m_@ad_Ldo~3+g7y1<`$G_tr2)6n^!HXGNoQ<C
z&+#qx(dSqY4{TU9^6P<boLTq&YJPdCTwuFo4MN!X<ZC8TVA-Ey@!>Zbn+>oj6O`n}
zW3fS~5ogWBL>VCEB+~~za~6J-g3j<m9oZE!0ffJ|0qWn;36qtP@TXcZ-P#-~^pP=?
za}o<TeNt`ppE}h|m7RHs`k1!q6(MTH&^xfe_;9sfHRuO01n_51Xv6=S*6+gN@bFwy
z&3-z&;I$kemR&>PJG}EF$&MRX7A447&}Z2re%QeJ%(3%8JZOjz$YqqyJDhF1+Ibx&
zr}2~B+WXC65Y0^g7>Kymo#(c^eP5#uRt!%P%umzf9RY;2>N=V;_8QRLNK-L>R#7Op
zloUnk$yHvR*T}Xwfbrk$&EF^@vf5%SVB9g)-iU@s1)q9>%dp4EcgPfBhD`op0K(H<
zWN#c4dSoFkV-S$DPke^`Iv{8aEm1q5mH1TchS=bt*WTH*{1v=7HS?U&*5)T;<`J8t
z<1)S|{h1;coC=4u5ff2*=A5g~!Lux{_ra{ZlTUXFso)#_MN878l^-t<z}d~T{O0T^
z|Inu6vGh}5wzP4hTIA(K8}Z<(8%u`cSUk|$s!(g{-WRwk8><vioy`XFfkJs9LOEnj
z3<}#VnyjoL)8da=H_)(%CI1xOlgURVrdl5ZSo`(tO;K!Me)pnIyi@Pz5(ZM7?@PWu
zDUF|~{&>gr<J5_Yfyr<_mTu^_Vgbp@@SM(_KWu;^O)AdwW9HFP>(|vU5!4}Ox-g-h
zg#yK8EvFH#xh=zAC$IvMgITwY->Ld04?HSRB51DWdgFH$oPq<Zy}b=xrinCHT<@?Z
zMkjx*gUEeV&CY-@wL?vtkc1D5P|FpK@()wMyc*#0Um2x?kwB&p-G&ZpRBm&KUk^k4
zt2kHh$iyhQQYV;!ZHQ^r!MK5af?TU#8=hUA)$HpmTLONrq7f;uzQft;%RG>V`XHJx
z0Ua2&inI%Eqo}3)AsVYci;mE~_GyJ2ZS^?i6mOV0!rA>-E~pllw9SWpyCy2UMD;Df
zH+Y+}OIAI|s~&^+iSeo$UL!`%<|h^NcTp5sgTt>p3>xv#QI#o1Z16Bf&4ZiRlY0kK
zIurm+zyC?m$gqnaCWUE^C@?INQbVC;WPWF*bb4Cn>Q62+<}`$5;z$?o;AP`^zZ?)^
zU|D(wX5gs0Y9&&Zr8cV4gAn_QB2|BJ(DEtqyD-j5H0S3)3RtH*&j1!{EgD6mU?J(V
zi08KZr`wewXjX`iOz+a5+L$s8VXUjYA;S!piTMj6O1p?f`0_or)dyE0DDz|@F&v3z
z)6oBPyW0w5W0RMXg48gZ^;F3A&=o$kYI*DsEbazTjJL;Ep)>A=(`!IAx5xSzBRJcV
zO_!y}8RPrDLy+dLrtf-)5vzRVkoaAI_E?!)D0A{YZ=^TFNZC@NBmA;D^TEYxRJ<~P
zVrnSfV$ojqz|LLVy?J%u^0OQ6IaZQyVUhIBp!15nM8u2mrwT`CIa?%qh<*K*#H$Q*
z&7`UyDGxfe^h;9YSNH`es*oQmQiYolA{>)5Hj9kmEt=upETZRCsml8uB}lc-%xW8Y
z`9Zt*bs2R7z0N}M&=g~g;Os#PeRU|mfMoHis`HTVm*1J{R)^MQ{voI<7P9wrT&b|E
zKtUQ(2h-1YXhZ6~r)_d<_0kSqj(>ERYXW(>T0mF;IF`m#Bdo~pt{j^y3D?M)#;UXG
z|B;Y`Z>qF$c!;^4!w{-g4~oWX^L)P$*ZQZ1F`?&B!RuA4N(+6miLGGQH9?wEO3z`_
z5)8v8i3hJKWzq0I{j13|;Q^bAsqSD0>gC96j3#SMENqJ@m$Lxf>Jzt=<f9qYS);#E
z%Zeb~-Ate@3akFnPZLh)!dDsVd+S)w>x!(v=PykbFY5$}b#~vn8r33b_@~E^oQ^w$
z5o~3t5QshIT2iAh0vB6H4--yc$am=-!{POuyq2i+1oNxVunuY8{p3~utbVr{F7tKo
zc#&PWzY&7+NCxR#`IDaP>>ENovdPF1%Ki%AeK{luqXAjAb~(-1HMOB*WY%*o%4E*8
z#oBU}{Ll#qCP6Wg*&L?rr1Pp0d_Wk7=)3&=Jo=wfxl9~==Ya+F3}98YM{mpkYmL_F
z;+gCmd<lLZ@rL-6X+An+6fKm-v;T!PQd4RU4w6zlUzD4Ibw=9`vEOG-^E|K@wD&Ak
zk%MNTp66`_M+txn)5b)l_tvsce_-^bsWQRSl_7i@mkj)H*4ZN{t%ekDp$9IMj+7#<
zKd|PRQOfr_gOHKA7i-|Zz|gJuu>Mz$Z=Zppe4+&wnD0<-MtOvT1Z(cfl(m=Pz-zAF
zMY!&sS@aq)cGbfb(;B0<*R0TllXzV46qyJlCv|p|@p!QB^;K3~DsqKo`2<}Z+|1xz
zJYWsQRCIr5?{uu@N#=&^lHHs_wD3ZCi^(MFeSY@i9;nXl7vB$F2Du@B_l|FbY#m}p
z*#%&U8Rwxw39JDHkm}<o2*K^57E<muX<(R?y;z$1pvC>0I9V9X;I^gDBru{CsVAub
z3?}-+;|uTZM;=1=A~Xg_1`W?$SSfwcvbv*5yoO0=28^nIe=m;2ZhlMUq-0w!c2d<|
z>Ng=3_v<@vGx917CjTQ+^Viin(t2bx#EEO3HVL?c8q+qNWU*~0`-RMA2Gp<XfV>0m
zjny99{6DmtCSKHhzwlCiv-=m1Q{(KR6@73IvF!z-@+Tn7cB*&cVk1_0Eg>m=?TKm%
zL3u%&tbHblUK#R<IWdlMZY4UZihJSaB~GVg@k(afwtivT20p%5FuX-hp|LaPCuWP&
z^Yh&lvLJ&E)4%w(OST<^NxrG??}iP|*}pS3!7?YSmkpia#AJ`cF74zup|C7Q$XBtR
z=K@gyujeT|`8JfN!pLJcP`8KI{CeCO!AML97&o9r>|$?ScJh#zYCI-$g)Q}2E}yMf
zHn6`-!S)DH_bc4}U_JqIO1>6qY*GqJ3^IjFsw-qF)X@av8D}h_&7?SluqOOFjGy9R
z#x5L&zjG^QS}Y0q4$rkJZ8!DairT4&AqcB*9EbUV*?I^1o=e9xRe4R%&q1Y_HBAqY
z?|$LokKW0JXrCVp+*n)dyqoe&)qU=K9mt$#Y};dGOp`xb>qnS8+Oa<K&<GlPI=R~0
zsafS&Ps%y4VjgC$>BXPu_}zmF(R7YXd2Pbjecb^Og+v?aG0sc85Dn{<_eG1omcbt{
zQ2?^Vx?OUpD3^pDoRfB_iu7a5g`+1vmS4iMAP8KR1ItY-C?);B42?B*bi%<xZXQru
zTRUQYvemfK4uGr6;ID2xZ`XWnt#sA+X4quGVO*Ve#LV8|`8Cg|3<8&$=AkkxX7nc-
zv*<n+PlXo<u-t{y)_{Pe<~`M0V6^6e_3-lf;3$fER6idIQR&1Kbv}$ZYm7$7osmQ^
zt-AsT)D^`gr;khK?_FbZO@_$Im)gY!G}Qa_Trx^cYoZz((0IsN9D<?UZQ>RPn`=A{
zzCxnZ5lks!eu3AsFl2A{-0fpp{B_2Phiw!yyH}WbW>k9s7%UF@hr4%?_rNX)Z1401
z1g+Zu{r{o{$BqyzK-mfd%GP2zMgM2>y9O0Ju+5q!BFBK~maV&Lr;Cs+1U_pB>q~^l
zR|t7N{t5(7<=0u|bzWZb6di&NOO4@sbx7@DR1=~$n?}`&aK}J7!p3ZiN>|W=#)X&K
zAKa!ZZid47+~4ub%U|E0g4%KbIzGF&)mK;UVom%m`nBg68(>Uu$Ax<jti3ARqqFt}
z4=;lKOgBh}*clS15A&;AL+mqpy<eU_HVfl!rAW~o2Vnf)3Yte?KFf?j;R5N+*Bl8S
za*9^)Akl-3KiEdqDN1_|BD8p=_attDr_-=I@D5CTS+cH*t0zr>sFi7}3*Rp)>h4yd
zr->ra3VnLvqspuE#1CUzLAH9G)g%A2qpxXtMr|Gd(fEh&hHB%NX0?$@(M8@N%C1om
zwa^m%BVoDvJ1C61vb1dhE1)eWTmND1&BLK=-~aJeQc5C{P}XG2lAU?9SVEqXY)NFv
zzGi1CWep+gSXx9P`#zTJ#1KQ4u?vlDFm}d#?|bB_rs?=SpX2>G-oMX3HOJ|?ujO^V
zUgve5*L}}DH-CD636A=BOoA%m{UsZbH<MEJ2J-I)w4g%pXD&S*EWd5HcQD`Cu-KN%
z+^MVjy2ZOzxG8<h-0SOStFDcQZvl6Y^xj23IW*;dyi{>OPLie*H3acVd_O=l)chK~
zY^!!xm6vcIeu|>yG~GrAFMOe3H}H!5Ggo=A_e0^{ZHe%v$=MKt#77(Vs_;1Ij9D8_
z>WTBs#MCpjm9-ta_}{DkwFgDPz8L<{$oPQkaB5<S1_hkLP4l65;17`>fA+C<(b5)t
z--+g33jWyMvSES8$;Z$~lhgO~Pct&BWI%VR?}Jj~1y5i$cfEbT<f*XMYF+JSQ-u-(
zUbZCJc-WTfx|~?Mc7q7z28!v;iQ4E9+BfLB&xiL~JfUV%0pFcDr}*T0_eL{0?bP!4
z4g1NzXg(Hxfto#$TC0Azzv0_Ue5BucB>$36h<ae^BORjz7CMmwN*eXt6l}LbUw;kX
zWp{heHRXL*lEggXbbj2U^MSmkL*}M}FWopi7^VX}??%fvE#>{GYDA=xs=%9#O5uxE
zDQ2l$u1W9=-7_}dWa`&+ma3;-dxNJ_m9288-n*0+qcS+|iSL5c+dTc4`o!1rGt$r_
zP7Zirjb4h!LwxM=UEPOI<X(h|ED5s)bARN1D(=6u93<@b1HEzuN<%kMZ*Zga)D`ke
zb~;z5X|UpQXxBhFm5>PKaD`E55A&@lA4sr}%#jy=?MC;MTod%!^u67sN@26OY|BO^
z)5jceM&uhz4!4k8`qV+YuhMe0RVTsis406*Sk*hcwytT@iKPB0vwK4<r8CpQ@q2yq
zRs)|e`2((z?g*sz`P@){lL_PKes<OSWWt`2FScLW7HfxcX)L~MZ_E`=@*@qt6Y0=}
zv&LHQzE$w8ehl}Zzs7fs<8beb&&^a#&sVRb!#_8fU&QrtXy4{E*2+D<5Zb*jh3=og
znTq)&-(lz^nh&h=1;(vrEWf-7c&9a-aXO?UkCxdaj>(`~!(}iJKK{5>xaMk7T-43y
z4j;IW^sRl+)sgAm#gy2xOFz%&RNkij!i3wtq%YFaI){whCOnSrKO80(XOjDtrfQOh
zCoZjRX#g9D+eN-MGS#^e_5NbN&Wmo@go`*u=fQ3-c(Rt<I{Ff<=oAuL!<yP0n|_%b
zyu&gYtpl+#roEV&T+Sr~rwn<0cfXO7$35|0L1{df1p5-Z$Pu%1=mL|nFt@%l`!&9W
zeHJJdc;D_v`@Dj`Dd()i()}wwxj$`tXM(hvrY*mKIf$=OqYjXRSZ`os4!(%n6;}VG
zlf~HJr9q}q^kWv>6<1UNllq#T78{-1yIc$1251?|0mgI2+WX1*bNyexVKR%{ulLx8
z_+GyG_*~mWDUXqrv0JM;)X?P=S3`PpZ2k6Q=x^gH?<GXXEm_|?yPxCQy}uOq3dA4L
zwRH`%sJxCyU7SnEDQT{H*WkyvmPLQbB5a+1HA;NJVtoBU>R@1_?ad!~L~$hb`xpk>
zO0`Xe9yuXjlYYOE%VTDcd(+naiw}&JGR6g~+oTvTH95B<{YLUVy!IYA-`A3TVx4j8
zp5e&g2y5md^wylb*o+y(a&$5KCd*UajT>#}#XQKfyPUcnCYsk|XQz?J`vpF_M3bqK
zGThaZcRWsc{|4HH_EzAB0}rg1%x_1pKy<WNXEXb*H{3ZxAp(5AbF*^r!md!qFe^;j
zo{uwlUnKLg;XR5QZdJ_=hb=TmX!T|~fah1Zi=LXO&l;KA3A&FZkh5kfJs2vO#oAPU
zI4yfDMN@T<RT9yZ-lIV{tCwNFb4t9rv90;9V0*Q2dEnbq=N%7iLH3W%a^0;_t^TYw
za*p?04f*ibvp*_qIW~I{;awqWOLBFyl(OFdAT~~4Y7(oym3dxH_UYuR>c_g*&2J0k
zJdT|D>*-6kNM<#+LlNw1!1r}&9?W*@!AHZnnem?oY^fM${}yG`3PmGgQ0RVxGMm-F
zLT5qN;Md2*!x@`iTQIB3`IPIy`!7B&Zw<JjUD$8ybt|si)SZmt%GmSz6;2@=N7k^%
z$GM|5?2FBK6e){dp=JyE1H<hQJ`LG{cQz0<p@-6`JIb05h^lh<6#-ArUhq^(0e;!)
zBORea<f0k6MpmyYymvt7#hoyFg^R3{b?m%m7mM5}6u$}zq`iL#k5$1K*_Iyv=loY9
zhI$~Dp@|HFXgmQI7LTc?RKOTf^6l2bKh6JoLZg{iep*NwdwDY`Pj;&nViY-a{mFv2
zT6(mD@MI$7J=yCQIJ?90HeupV%uC*?bD9Oc+P;AicE&nPd~YnniN9~LmnW|8R(eMt
z`k9CAV&L=8tmPX5l<iNhG`O>v{`F4~iBSqZ@wr)xf7OiBY`W!cSO`P#0K4kVZ*v3m
zQc{BvyO}hFE0;TN4?9wROgUW9d{XRa!Jy#jzhJZ1@`l+~Ia^Y<?pFraTIanQJY)*3
zcq$~<Hvs25?n-;vy*8rq=0)fOW*HH&qqjc>V05m%ukm==aErCVhHEM{>bynKgxx-j
zcE6yC@A`d{6TuB7!o8m+3oFK{f_<er*5oi_h6uW2K61R(rrZ%v=Dem)Mq}T7d(>Jn
zdzR{aO{dY5Gdl0jUR{#ul^MM>?sY9+Zsc%W)&-pSH3>0`x^2Hq_;jVW*fv}c{wqU-
z4_DND@Yw1LHS^bdcG1h$H{O`sPkrby`<0Qyr|f^+tZK2^S8PHScS9$l;SD|^k~Ks_
z|M8csFpF<p-^LQ8`OBJw9kGupM|M$34nWIK!so_f2k5Oftn%gzi@v~n@{{X~6YmS>
z*4-lHpcgVui1D9dL{N60<r5M(v>EnsfrCAY`+%x?$UY^e>>|e|RwP$qgRLd)KfGY*
zIsmkfew}Z}5O|sK*;M0bJ7d%<#sl-FJiaKCrZ1`$TU`}tW3UhUSslE`CxZ_AUQ(^D
zqMt}d|4opg>R|!1_~Dl(CVMWhiTPbTo6O)tL7_bv-hAlBMVi3}79r$Evt^?$`FO|v
z*e*Ndf%ZcbA5;;aGut}ARi?(z)`2f*5o10aH9d$ogWofpm`i+uD>ELX*QM4hr|Yy}
zcbr4N$u)IG<!hPJr$|AE@eXJCH-;PJFL5$3f1C_DIw7UH;yD>)8sxG~O&@M+A8|E_
z2$2oP^yT-_Z>8gmsEsra6fwAQD3#^Sz0-XWngTf+IxNlcPk<1vrdEq#SQWDn7Fo0q
zspbk%w(&`Ux50+%AE_OS$nR`ceeG|l7haLir1EtkwAfS9^0H(>`AESz-JVwUr8+-#
z|71AC_}Q1++iwu7iyp4?+xu8u344ul@8nw%HsdkuoG_2Y4fdxBVeb`jX9El?zC=A}
zu>I@kKmIszZ<2Yp+$siAeIf{V@>!eVZOMBgPToCCM%N+lpnjcn`%k3Fpp*6Yg~8kZ
zZXb^HGR>jHiJjj1<mBFWacfV};$F7So^O^7_ZTk>9yWjTIyE9_1iTYx`sPwSm6hXj
z=H72A?JCp^hu(<4Ov-2n5}P{xXtUw)?#z+*&n6qN`DSez^(Pr?|9O{~=wy&($6vbI
zsCTdQ-vr6J-gaZW;27S8TYIhFQ`Vp%ctp}THVk;x?OpR~@?8nu>H=B2bd?U>l#*PB
zxvoTC_w&jaD0hymraaE?)tuzWJDThv*J&SKF*q2o|C`g-yYk!`!82o%&WV2=X7x^f
z;XY6wu8}nc<dF6#cu!z0mzN$wrc7*r<}oh7DY9jc@gnfr58lu1pS_bD=*SMXgjDf<
z7!9DsLu^(CP~u_9hqlsAkay2mpYFML=dwRsi?_su!9G_a;N2v8e+#rk0(sw5GDJW_
z9gEhK<9__AVa2tILz6E{9EGe%;@v>MeCI3Bh}bI1)tVJ+Ol~M_%;;lk$Jytm7L1UW
zcpBK5?oJsx&#j`9bk{W0RVuJs73+0D?TROAYuJ;<wr!@BEqnZMqm)m>vV-7;?P{jG
z@G)n%?zGbK;iOxeYVxwTGUGd|Fs50KGglww>I5f69E<7vq?xAY)j-!cygD2~3-gS;
zxdE3hZdw@|e?Gu(U8wB(_M<kRiiOI-a5`=+?&885hDhNGgSVwN*LX@i9p7FqaOSyk
zB1bw%F7Ak8ig5CTvcbo>OLMvW^z9La8!*vQdxlCgcI7U9Hu0dZiaPS4W=Xg+gO<za
zGZGoe5yd@sB5oRMb2dpMoC^yB?X~?h9lPo2qNwBKtCG%}g+4aE>C$vobbf&`vTcJi
z^fgK$>bjA8;j>tz=L?&vV&6ceN8|O3E0*T29F>BvS6L!F*!863pA5F%Mfc|KtM@yl
zWWg;Y|AP7b>u%b>q~5WnQL(aWp`O{M#Z^^-!SOLe^|#9NMlS(i`6>ljx7VnA$cFC<
z8Smo_o=<__JaaF#&Ge|*yw-Jw3DmQc398k^m8;3HFwc%F3>9~6A+d-reMXZg<b2?0
zS<EX}uYONabzI6+wpx_go!e)yXNn~HeX&M4&J_VOj&7sgp7JeR4zG$zg@!3r7U^pe
z?Ygdg9C8-cDsj@QqBx<@Uh+)k<BJWC;>M7{*L1EWQq1RWndRst!;ExqZH&5|owYuc
z#Xr1{GWi1MQ>8%K^rm**D4SRj|MaF6Rruw?ko2ZPYh2{9k*Ez{Us!8Bes<W=r;2g}
zrd?!qW-!s3#jgBQJzbKG{tA86kP21h17z{t?5dd9Z#D>7`ONs#N&+?Pp9)_HP8vHI
zld5ekRx7LD&)M{$7`kDSuPRyymu_56yL5e~-7$Y3(}B3u%Dg&)pT<fSBd1^{nygJr
zo><|w8MdYiIr+tK|Ft-n_4T`ILYq^oVJTY<!k%v&MiVEDT}vK}a=ClcJMi4HVek0V
zgs3)f*!-qSUnr)Z?Au`F)wAigIp^UyuYbSfECx9|k3^26CiK-NWUj3!MrX*D_f*I}
z?P`1KoV>;7{uG_tC)Gy=-y=RxgA2^jtIQXMtl}smGy0EzjA2n|&p0iF4d=%cq}hja
z_*xnG92R{lQNSN|rQk!3YJrmG{%)|@cY=2xPcPN0gqc{d!XK|7Rsck&53=ftWsZ;7
zuP{s>@lGLEz)SYOX&lgJFUnfUqt$QL8%$9i-&!=}50UEkbcL39x0fo%$YKk9ktzcw
ziPEv?Re_KVZ*BAzBk;pVy-eaBZe@dNQTsnNooqRJ1uto-tuJ+Ho3F-)O#!|(NeW%M
znS7=AlM^gSx{sNv0TawqQUXVW_s=WhW{dLDRF6bnh&xmD9d~0r*QRyVT***lT)FG3
zZ_B{{kqR}jGy&tvQ;4a;QPZW;6KZNs_@Q!In--Q-mgb5WerK#TX5K)@DFsu$EJ0OI
zwQeSdVS%nm_U|<-IpF2iiC!x2<+^$*gt>q!L^oGV+)MC0-flpBnrb;wy1YD^Q7%?(
z9W4OS)3rz-+gO+Ge}8v<QFidJnN1;<aq>&iC?%M&V3{hGCb*tDgucSYrO&Qh73OT}
ziZSb&efhO;+P?*wfLsYeqWq`Bht6t<=oF}xIK4PnkyzQDzrikkbxg6B>xz8p`)a#Z
z2Y73kG>pILLx7PkuULH<a%SOg>-PSUTcs*><yl2)kKf#krsd>oACu)?l22_H3*w#k
zyfJ;ja3iUE*&~q_wJx&P4%;O17UPx=L!<;1e?dT#yo>*C?eBGkx`?abKYLM&v*0(x
zo<RoFJ8ru|_^NC&)e?_vQ58#BCQC)Y;3B|X!qBdXF^qk-?7a%k^ttvl-*-cB241~l
z$(cik(vV?Uk^)N6f!%}sbb(f})7F@)!t|kBoyonN8u@UZwD;#UUsfs4A3dJ*U9s0}
z{LXnIvu+qYD0jGfuD}!c|H0H~eN188GS-2%rR?Ean6-7HUAcF6(;6L}iR-Px`j8cJ
zWGaLSk_W}9>bK!Injuo^A{-r8ph_Y+FYd_X>>F$b!rfbcg~%JyIWOepBb`uiRSj#K
z5dBYq=eUoI>D^F`LiaI8cFtdNaD^WeNGKHG<yV!?*{5XC&bnV2$*6sGP=t$CI~EhC
z5n#ol9UJ-q@4zfidqfg3lYZygU?a}#BW`rqQTU*H4@}#(KwY>nN5Tp>=J?G++DN}|
zAU16w1z!eH8=MQ_adTL|dbfh*w$}x5mIeIMxQ)QLPGS@``nAjnuj=Ib5Lb03*~B`b
z6oDgZY9VS!&ytpv_SNOpO=(rr7}o~m>@W&BJc0f^guu{FE6)9`$$PAbt=R4Lq4F4j
z98$-m+agB%Gem^i9%w}bnkObVF4)32YPX7%wU4Li<?zs7DH*gb;OGq<^5<9F-m<zw
zU1;>su)24wQen=)_O%5e(~1KnOL@-c2dkYk)y6s9s49A;<hx;t(k+NbYod62{MRm5
zB!aVLr5+}=JJ(x?4@bT-*MQ!wYQj(gdzw(5YoqtZ7XJXcnVo6kI8BACiXSP??bbh>
zv6NQdG6Vyt0sk`JtsPL`(%#Umo!xC5c<ENmn<sFzlv7SmA6?^2zquwIe8$>Yx50ub
zBwkME-i_!y#Y&x(x|Vh^gxi%b>rxX4LzKc7HzSMVUi%Yf(e??hf~HF<mt0DOs${bJ
z-H%K!?&8Gmio!A(FbA_#L(4+%EEYjsHl5s(;LfYrG9Ck`AW4bWoSURQUnI`jm5Nc_
z=}t^IEl~Qpcx}MZX{ab9i%~ijHnFCEG+4l;0R4BRrNib#z0InA3e*#e#f>L#ZOjeJ
z$B?&fF0Rd;k2q-Vc9Nl6Zpf~rJ26(o9^E<WI7bMu3V?|=1o<}9t^@^lydKMFH=bJD
z?gBj<-f5VtvfR_scg)2>cgDe$<xxHQ^anvg;=(c<gnZj}UEEnX3hD8_G|FY-FFnf*
zXfOoFjycWBn1I<^>gwsbX}`HSP%L#VhGq=5!39@dwcLW^5RiIUVsq36@DKS$_(uO&
zEiLSF4P<d{Y4PQLhx*{I%tR`fZ&YgqnRB(|EPt@RSn!5l>iM`YpV$7rTcSI+Rb5L1
z968m_^Hi+}ILQjzzCWHaIIHc&u1t@M7`k57>Fv(V+^0Nvp(tvkvW%8$_HAfo+1MF`
zGkS)VJ1Vdr-P7D@sLLK`9wC64jf7Pn^I-ev?f(1=7=vzPk<XE>w14~D4_n@aIn^I%
zg>Sun2Oo;)d&8hsFS$I<6e6a7#22ehKcV5Zb~Ah}QUiZ#Y<RJo%BD=iYaSbtIGqV(
z80&*3N>C~OMH{shMh8fLlk@WGq8WB+t0D!%1a<SOX2i|z4ui^;FI7Bz>ovCbZpz`z
z+fy!+0-jwR`T;3hH>8)M<de4oaOT>UkymnhBaLquZ3y)w2cl|jGwVgBq_K|W2d8Z9
z_~L`RI@HY35Tj~=i+6x#&$Q`4t37k3WjI5WM<6VB5=6)EyueHHg^miLDiV%V3<E#&
zd3yOK8Rhb5U*D~-i!)VQeTiP?<B9#Jpv!35s`&;FPxGU}_~jJ+MExWBoH7yQ$g#l*
zyu*4h)N8R<1S+n_iEG7HF{>TgNS5vA#%@hur(ePp)8ALz!ox}jGE3vT@`fX(m_nA{
zVouH|&)?S%P}pd1xIZ}Q6gs1sb}1))+3W^yVN+7CiFS^*<)<-&Vr{17m%Bf{@!avk
zKv`S4h-BnS^3qnzaC!Ig{W1knDQIc%gv6%n?lM`Fx^w*l@~(AQGIKw@FE%I}m`<zp
zIzA7YeF^7uadoVXc|@)3vDi1M_#y~ovFFJCILW%Ni<H4wrj1(iBM;h~gEZ$m!#$!P
z3--q=EW%pLv+@Gw*#|j1@xq1mnDI69C@yF1d`ae4rYNI`DAyb~Tq>!_9RBXyTxt;4
z+79r?-NQZ191mht(^lhiJpka(1zUcRzLp<Ttn7!bz}u}ZSn1rHFg5CC^p3uF-+gqg
ze|B!h*g;mW;DXv&T7gKbHxSfjRy~(+PldA-mBZ+ZR4EY%ehoW{R9>)mSs$@ZgKp;G
z%$dKMC%V{W9GQt87Q@=KP?<xwjIoF<Q|x(R+zPgzJ{e9nTL>*%Loarx!R9)f`Pp4;
zlDDM1>eTA@Wu)hM*Q(RlMl;un$vp49JwIpE`z)mzT|7Px+tdB#HpHL2>#j%QW3Ksj
zXVsA&`p9K&mt&Z)C)kID8&~q15ka!fzDehuyY%8Qsk#Gv&b702ObkOx(%XR<ZJ!wC
z8t$U)7%<DX@nSV?&hx6JdzPBNRo(2EZ8^i|@G`EKW$v?RW~zF<&zVT;A?d$QZ($09
z${(!@y1K;KJTqaA#+oNTYn2M662peOLyEYRHZCcq@azpy-Ws_9aiAZf%Gj4z2oXu)
zN=RrvPGJ%O8$>(q&BuuDucyt{_nF?Ela_+xhkmPNKJDI>m*{C=Ky_ECd++VAEOM=+
z+Sgh$;nR+3gL<wdofxMFz&~gB#>^@x)i!nlHuFc=a?|T@H=EwQr49oE1v0&RFN+Gd
zGL{z!EN{&lUQ_HAjFUav3V%B4J6#JAoY?zSM(%4+^o=S{DY4crag0;B`vYvTm)G<4
zMVsV_``z{U{&;?Ek&xx}0x`TH{=V!&+vD=}wl~ORP5%4RY|&*F^5?6CA2TFSH?s;q
z4n)}JcSkulzB=cubUgw#s&nVKQZ~G)uxEMouwi}}y+{J}lkYj={u#spleV>TF}`ok
z*C^@=6b?y>4vEV=okcHAtyxBOjrUB{#&V33In}Tr>!8hx9|mQ#>STm5jth9lMO(@A
z0=4R#AY7@Iz^63`v?66~PA^_8(P48A7d%{D+=oYR70p7WA=f7a7OE;1Tw{?wn*8q4
zZBb<wuLY`UJQ)(cHL=oojyZ+TSm!Pljiim@!|52Y(g;0!E#5$!bz#4z@>*;xrP|^S
zusJK7>p9;<24ImmDbsaB)Ei@#o^*$af@a^uwE?RDC#<3lmSJsTt7}wj;%g#4Sr+eR
zbIl5mg4F8=D`21!2&Bv@ybfgRo@eoC)wa{TXI*XPlMNaJyCg!Uizf7Ak9%#3jtn#<
z_Cq#(iv`!*Vvm;N*H$C@>BHAnaGO)hXfFuvy{=U0eJAL60ojVaKEg2z>du$z55MhF
zxaRa}ikW#u-<_vqdNSrCW$Qi@Oe{t7oXTAv(>=KjDt8OG3*r5o$_0T^4uc_!&n;&c
zJaaPXHVlDBGHykz8tvYw8X4Hry6+-k(;ujUQ8d5Cdf4>pmO7j}4{%7gbl4zzX&$;F
zh3#1zT^xFd*eot{FG&pWaQ<k!Wo|nlvpUi5G(jJ_axm0+zB+Rv{PBpcgkFb5Z)x@X
zLj#?SasJ&%^u85`$_<>YWZK<3D5w2Vg9{=0ya^RdPALXwHYg#k^Yyc%<eZ*4X{I<K
z=_$ZdUj(Xiy%-XfnpktaP&j*dnQHD=>*5b#hIU1&?=O`o-tyhdYD_zaGG1_fLfN{$
z<Eh>i6I{-q@fU%ubD{Yx@k`-dUPigYn_25H{L=brPE7edF-R}g4prUnNbz}it+s-y
z9({h;27)`AiEU8Z9PV<JxF&VXVQXZnvQN9FV|il5PBO*T%?61rNoidztjKqT+PNKF
z8K0V09BPX@R|J_o*=IfEqBys?V03M7QTUz|cZT>7(O_~aB%fMyaP20g@I_0n=K1bD
z)2B1Mo{#0BBQ_359|ojz@_aS&AwvRLGb{3;@51x`$Uv(wo5->G)u9YU(Xn~=S_6%-
zPLm4mPdP7Es9jDTZ9f@am2~CcGWCGS-DSAS-a37boRA{xljjS1pb0*+!GnbmmWq$C
z3!f9NMaJ{*TQ&JIxyD%TEU!8saoMZG88YHXUAeYg;v0qNSj9V*I}eSGS|acPiRE!2
z=)#ap0kO<Mrx5**{<2t~%ArAo9sQE6B)!mK=KUD6f&5d@#X9DIZb%I}^ypw;SD@*z
z8g_VmHDk7-4`1lIhQnczQywXy8v;lH#{p`+Q^`dN<sakKrd{8B`}TFRr-rhX6CkB(
z^PDB{?LnH{21~=@*1}r*Y$ZA=2ZiVT%g=9iI>AnTGOW<oDC{xd7_^YB&h_8fKPTo*
zXmSUQMFjz$%Cy2}16Pq~>4Z|6fYOV&wfTAJ>AA7CzGFtry9!cv>lM4aXDXu@#8Q>_
zTvMP~mSyp(JcIc#a9+}^q|wN$<{eH6x|ImoTBP4l<l2y)!Dcs!uo_?nJ=cuQODcz*
zSGdby*P2dI-JEq6NU;%ga2M=v{Z=#~;Wgpv*&Q98oT;y$kPOc)mP$&f6R(E7?`Fip
z$wMHC%&zwm^tJ|v3fG;n7M?|GV_4j5t^@=g?*yyIAKQG79M)PDx1V2rju-2Gs|R(c
zot~s<rc}ENpz^VKZl8${*ZJIreaSO7!*JFx&f0$a#G6eyS4DlV6!%&$be2D7QHdC)
zP}!*<(p+hxdoV(e7@!dicV<+pgB>&J+@Fp<s<I0j6iKn5XJK~6F9>9MG<k+hKk1ww
zjD1VBY?Qq+zv+QTdjy|#5lA`ok{{ZDn5eEUG!+Y_2)WrDyf$*zblu*#t|J(4C_Crs
z1TnQZcN+V&Nlzm9$OG1jqtYG4ZZEM5Tz6(^2QGXz)7R?d9(vTGe5@{q-j`Py>uGp0
zCaHTMxp8uKHSvAzaDjBvA@zm^sr}NQDa?Whb)D3Ho0q~HdSsHLna6s#OVMPZjwwf7
zpJF?skcZn^=`X<8fVXCB7Gh7Pv!pbg2uVaOgoSL<7OvG&NeZARTyY7r8AUQGQsjjY
zx7DS(fqmv1Q?(osCjPpy1%-v0(s~tk<zg?=bSI=P$0)Qsu4P`+7&5GIYhM87%)jic
zs?$p!Nhg(%SDJ)@CR^R2QUAbRYgMc$x@Hpd0tT<T$&;)dN)P<~`zFOt?>?)lGhWe@
zWW1@dY8V3i*wu8l=B~j0z7IF=bY;_TR`yNYyxk7V9FIJ=lH&e8Zq`@w!Vv*%f0%5a
zG_>EteQWc+`4Mk@%L$>G{iUO!$UwEd$Yg5V7<yn+AG%q7dU@)Nr<~VP^VpbLX*c~>
zOl)zU0Ppl6UW$#!%IjOEy<`^z>Gim3`O8$_+v{?mSqC%U!!_~;8<`Y>P5IA!FJ1J9
z5VwIjHUo2H-FPh4KQZt4A*Ynbuk@p<rmY<!7hZp{$Xk5riId)%J|;!NR48Fy*NbXx
z0{*Ep-Xdc1DWYqlUce;ds|j|&-Xq@(V_Tx|wZpx)+80f(%4LSQ<e1_%>alFxJK<t#
zHLkfhD}Rsqo#&S1zU32Ltq-c6G7Xvy6}N2aImAmOOf}EnHf4^P>Z7Y&er|&_3g^Rw
z89wOKw@h<{ooYvU<X6BEVmxc|vq00GL?GTrtSbi3?+`z)=|3$pAR^J|bTX9wM7f8%
zxL)OXRXxtk*71`*T~VzeY7_3KU1Yv_u=!#iM7H|I$Hz)S`kLb=#32&~<@#^nH5Uh7
zZTbw(tF^9r_A+F_N0%E@Qjldvtu|ARy-Ru29?mSyZ_`35qCFd2gPRMIlcP4*wua}>
zwk1xRn^UlZYn!6YvUQ9HHns##42(0=(qu!(q-BfUB1P(Rlh)uSN)FP>v7_4U(n89y
zGs{<EFa?cHa9xgClPC_@WR|LvMgjK%j<et9t060J!A|H(n>SIy4jM;_0HI3{0juNh
z$>3brgUv8mT^L((<WA+|=sPj)NYj8#9d4S+$L)QLwx3n6Ut90Y$R9PwFBC!g54RUQ
zo_Mp@wE~;0zq+w9c|^b2vB3)pEtl)B9`710|0wd_B;~$&vz7RJ`vLMee!UCMk$or|
zkra3RSy6q&m=LOZjb4xome3b^ZS}!~3$M|#WIe749oV{d{X~lOlB<LB`8N+X90c9g
zrQ(kGKe?2Ko{5nfx4yQ5x&W1O!1c{14nkP2&CGXg*kn@8PD)~&cf05CU_4{=WhP=r
zCAt9TXGkPCAm-yNm|+h6Gq=+6v^WdLX4*ZFy)o|k%*U`d<7&+-1n79OxT+m8c97x1
zj^755X}JIfb#0@KamZIxZ*2k0`EI>t5qi40+iZF<ukifK;QE6wGjSl!51V#m)_HY9
zg2}bVw@~^B<>Et@*PPSDXN_9K(rw>ZZ9Ok{rJ0zxcjr`wv?>%h?SzXc$WUb>XGf)r
z$AK^JlK0P`@40(9ZyAoY$U=*Xp%j=c*FJ|ho7~zh&ha4ll*e>)dQ6;z-cj)xA*gGd
zleCFhOXlLt=2f-Xh?c0C^{73b2Ti;xO7u~x>+#I{-AYtG!t0|Lk8e^rTw9+-ufiZ@
zv(0;DKi--B<Ug=E=|6BvZE+kE`wcOF*(R9F4cl-zQ-)Kyd3JWS^E_YJWKp$pWIe8b
zwg@ilF6AoV%jLGCX@LpVML^S+Z2(QX7dI>;aUZsDMK^&X=yNlVW54l4uhBv)gqR9F
zB+Et+v%?QguFsVp_JVi{dCp5<ZXN4dj_wLw@waiggp~1EbC2b`oSdx(&0L$th_;3>
z#Pi?nvt~|iERRY-^v@5q&8oEs1eB-fLEgdiW!}L?<@z`Eyh|jQI}r0Pt(h4*@*mh4
zPQFSK|B5ooZ;Wj0H`ir)?`Y9`#uYs(r}uq7(pn#QX}txfoCI@{MK%<^9)jl-SZ#1Z
zpba<i;{BY}dgm>YRc6(k^Ksbuw~2WB5+(fnRM)_>*FEk|w`FS`fF#kdAke~M%$UVh
z7fD0zZ1S)*fwq@9SpPtoVA<Ns%F+t-Rj9+qyHsjU^&z&%U26K~Erp!%<quRVDicdb
z=`p*LAU4diKp^&v%M=oaF7+}&;~1Qa*GgSw%fm<AH`eAB?90`%`pqRXtwbfuUtwD%
zWQsbrI%Of{vZuscUA!Dy6^cs3fM<+w`ipB>YYTUev^R^)r3iNq(oX~5dYHKHwRGDi
zc)|_qj940X$q=h|D04N+aL!jncA8r-OP6qmz3yWQL%bH>O1a{um}Z$sKQvzjgu18S
zYaXTuu`XCW84CuH5+}j^=1yXB@MLL4Nh*ZJ3GY@!kC|Dzv}pXsJ)>cHLW~Vl#)>N0
zpn8B`MIrLoyrP|IaCUmuEG&2qjQgB-@f+yH1#0Nh^jQyx_gf3iBMD51`RV)2F-)o$
zr=I><7Zs?u<yGwG%yT^%%NjY2R2zDc8Amvx{aWXz&+Z)ip0aTg33*0#2W~$gp>h(H
zkP+8iP``HwjWk|w`J1KU5)0%sf`gZ8e0Ryh{i}?nlVk1vn}2PFIxKl`c!&X`(jQ64
z%wy+^Yw#E|ao6P+gO3{688e$_fB0k+F%eVT*x7GhsEn14z&r^bUAwx&6!8HMV`g~D
zaKxdB_`OltGw3RRs|_RmAxST1N8^{;S0Eih9#$69W9=0K9csQv!4wJF&Dz5%rqD75
z3}SfTj5ud0RKmlxyb<q)9i7s|#`%v{S`6b*qbmkj%PIW|re$9^_EPROeE;}bPaob~
z5I>qyU5%bw!Qu)hVD>(0<H=Fu&pZ0Uuxlo3T`*+n%KXOiyavBoQJlWh1w5lLSBd-l
z-?EBjTRzcio%dp+AdB{i^BIDw8&&PHdqd3bw68!MD!7r3t}qVc2hP&sWhlBvlW<J<
zrfp$q6VkYtr(gkWcX9g+HEQEo6(f?Db<{<3R@hL05oKCaV7l?_Tfum>)4kS2nTlwR
zWpqbgh2_?Th+$-e)^x|%SZmShw;-I$YMbtDnc)M2h`Z=d#zy*DTJn)kj2)G#o{ZYV
z_zTih!`^msat8#(aA@&{cjlBJ0z4xll-J%AexwQBiLuX0De758-#Cp4xlJ_Ovve<c
zHeefAkMa5dkxAswDM#xUBDq?y^Y{w)lEDPi7uQ%a#?y<7<&cY^i%TA;FG%tarM+|N
zukK-v#cy$EBv3xFF#+z=8dirt+Mhtl%NqV@OcvhH|4A?Btk}2@f0~H41`2MJug^pW
zuYKRgKgL)>>msyMx6r}F7_=_S=Vj<wVon`@W~D~2YlNC@qpT|)tiQwKlIz;*SuUn7
zIo?B&5?(u7H<1#yj9NRu;1N7r&#r*~wE8fs$c^quIe14V@K9^jaTmG_zvikBP8)h9
z-P2+HGYhL63%2jVRAUD@VV&k0e36|7+Mmdu>`!>={at{yV~DEbp{cJd=)0tRM-5TP
z+T&%Yk-Q>vVQKf+M|hNT(<Gk-1;j^uU4g>_J!!_f>P4p9mBAq$q%mZc&MFj?|Nc|8
zP+32F6V4=tRyQ}2ZcJ7w(6gN9y{E<_Q%X9QlZU?7XkWs_f;4KF`Q68K+$LOZ0l-JH
zq7u5=2NMzzk6nu@q^7<4Wljy`dCjT2y@4v`cx5DD9}#YJu2(w9?oYsSvpUG4JQBxy
z48tvRrdPG|cram;wie8t?%kLbUxfMIPyTya*Z%r`PQN}s?h(-atUh9DBHkMUXlmWx
z()|u(dG~E({K5zidC*(OdB_=U3C)nkk1ODf-LWCTm^~qlw4s7AW7g2_ak!8m7cy+b
zI*M7d#UT8JZ%%LKa)d+_XXYts&b{B0cb<C2aBfyM@~(_H=N3dwK?)C7&W!6=oIt2h
zy=BUJU-~PSfh?cTHJ9n}_rfkXF6|>H#HOyJ2}5V+_9;-u3}sEk(m34V<BqJyT!y`t
zWDm5`7#Mdoxt7*waX`&>XE7%iIK=}XCXd;cbJ{K}22%ug7sw&zFw3RLJTF>(h)Xcr
zx-a|G#H7TLZTGN9*Iyr!2xb+kH&Bz{8b76eBdG~xq;bm`sl@3J+!$vV)<u;t`tUmk
zmPQeFw9w{L3e(1KrY4viPK8?8Y)v&)<L5W6a-}x)@uMiD;|jJKA6@@?Yp^~A+RxP0
zg$*iwJSVO&EmIx2F==*W)dZjgKZ`WNKuJe7)a;1+@&&<($S}ifJ*En>x1ICC_j6?|
z>6IPKmF~#8#P0phiO3K!#Pv-<<f-haApS&W6^ELF!?IppIbC+;W25A%#{d_xudNol
z<?JSKe2QF6R4eR@no&+=f|F`9`gKw_|5f#Jt1$EIt4MQq(-yi$u*rASqNYrTRYiHX
zq8oj>o9e!(S-KZ^8KTIhOiyxdZp;rxQzeR}ziNuA(7MzH;k<JxFs=UN&<1$N&}aJ4
zA&Z8vEFXUKMxt43GUs^u=lP>8H|^jk;~eo*@2z47W5X|woYWc0Cff<&mj<+|M?x4Z
z{K_mH50~9bKU47G12unS6M8FXe0JCPu_zX*#Afw0ME_nd)<O;Kq130}1|xV=(#Yuv
zW5VO+hN|{Z@$<5JA6nitGrUI0Q7crYD%ynO)V8M5$UnO>Ui!QgXtd}1PQ}Y*V{0&9
zPsv|%N3<kvK(Od2>Pv!d*@>HnHM?+KFsN8HJcV5PU42Rv!n-tSuIS>TjdEm1=jcJg
z9U;9NF1HOH)gPw|wcGE067W<&^WJ`XAY>ai8fp$4_eHhGoePViW!BuG2*+3u4}hfI
z)9xnus1B*R<F8T73C-R&g7rhnWe0)t4$Ja0INa)mmElSc@pz1>gB_)~brK_4ex+K;
z?Q30Xyu29+S`W7$Td1NrbVxco%TI;3JNLc6#3RSe_7|A2b7d$F<bLgOxAaTg5RC_q
zxafAy;3ZsX4h2F?49@`MA6pFef7)G;kpTDTXux%SMOB+Pdx<w<ClHQ-k!aTwgE;E1
zwNL9AUfWP~xCW+~GHl=I%bDY?-qR|?%bH8MoNi%wjVC7Uq^44S&j2U#xbFDl4^|w5
zxkisn8Fq#=cFm;(hKvM<j93cR_USILHdbZ1ID-w0!2$R3bP{E~>u>YUoxZf_`|5(j
z6760OVPN;~qD(N<8shf3ViZuBV657lnlxIem%s_bC95R!L^khNc1B&iBkU5ednY75
z6RXWyy_b9f*aY>2G0}#8Ru&oW?_VqAlHSa5?S)zFPBHLVU)7hD_A2R_Rx9j(-bKZ1
z=!d&o1O&&s4+$I3dL<3zA?Zp0&hy>5>HZQ?MzeC)*<t3zs>#X`%@J2?<r5NhhbaCb
zDr8_EK-8GKAW?Cp_Z|a8)rM4SI#9HaBGIwsO9JE6JoU!xnJ1(Rj&5AHt-URiyNht+
z`nb0#9i5Ab0d<Ua7S}Brhvl=}IrcG@pGKjv8Dc_FjC{8i97gC}Om-G`>zP<Cus9Ps
zaB+f|Xl*~Mso?hM(4L!4sJ28Zxd$to!y5y;Pc;qO`Fzv8$TKx*M@EPu8NAXhca?Os
zL+!}iKLOl)5uA7h5T4#lu)c3|t^Byoo9f*nhg{<R87NY$1sJG~0USshbHdcmY6Ih&
z>5JYvJYI09wH0~6wG}>!kNfzzl8v$r!fZC0!ECV2#aO@+nRJ1M!5}L|i^gH(EccNn
zp`P^jLNWa3gt}<0+Q0_ei9`EXEO!~T&q4@;0RWvP5bRAYI7?=bqy1&vIpHuh-%)#4
z+=4OIi2t}4Rh-CRVDpU1ks-<XCi)63xi$#L9l5d2y_5v?-IiN^`t-Pwl9pT)d%T@Y
zyoPGC>+7U<=Y$dQm~eCstAj>c#tYLTW$BN*cJ`SD#=B?n(Yt{_Ca?KfitL0TDxtN=
z3lCGxuUfQfkbOLcdgFSUZ&m!<{OZMNzL%qg3zI$jx6x#mhW|a%^HfL(epd|$Wwh6C
zq>En3(Pj=AOm2GCQaBy1c`QM1N9Pe=5&SQp&C?fwt$+v3lzS-Ks+9)~B#V0X<?(pb
zts@CH{BVjz_8H9Ax9Rt(lI<V|^YycAYzLQ1fw;Asqm~oGj?#<dMAlxJa9?iZArCpb
zvyFY4m#6&%F}X~T6*ia}Q1V0s@|4#dXdoY*wD-{sZrkkJG7q=;R{NOz=vC>5f6J2{
zolgDy)v3h6*seP!_HLAl=COF2TU-Kk(hqm=39M!O>+HRdU<noYFn+TDB7@jBFe0;j
zv2AP~HsF`q>{AboM%`&VG>*7*U<=8(H8H9w%;fCs_43nV$81nB{id~B+^0nS=F#L}
zd}5i7hZrspS$%668fq;+K!*8hUv_1Hz0^U^b?Nq=?KJ;Xg7Vq<+ZP#Pl#68g#+?JJ
z&v1V-jG)!_x^0Wnh~dpGJ$I|nS)*iM{R0>N9iGy~iADWgmteRszJH}f>B-=-{Od#f
z3+9khRAb5HSuz6%{fMxQ%oTwZWcA+ZdjSb4zGTt$3DGHEwz`JRobeuR1s^xFJ%NWc
z8t1UMrYR4$TiAmsDR-DP$3()r&SDkcOhh5WPhF$>y5*Kz440a|lU&~zbH!Tp0^Vh1
zb<xpfYkBp7&3LdZ6LYu?aIb!)_2Wn#7C6y4aHmg`>hF()r`zmCcLyA!`uj!b?tuOo
ze%*1Dr@cG8hwEvvnDK+Cehz22u~VU{CfXqTIlUP3%N^F#&K&;xMcYJB=>xk82cwa~
zve0iM!KFG@iGn%BsfagE!dTRl)7I?D`_tAKW*;ezoAHcazdUsGxSB@I0L2{*%@B?4
z(KUv%1CE7gya>$>@Ng*XwWO-Q*D+?`zS(e_FWl<Rm{PHD)cAN4YWg(L#wC5v_b7TR
zLhROcd9u9&<?jb16z5R`ijEpr?pPIJ6A#~??Q;{BhRCY0MEPby1|c$D7gCC3qf?~S
zS`SMPmTj)8;g@Gn2(<~axAAy1A`!o=z7YjWd^_dRJA}K<4{y+|ZJM3zp<J~Fvl}UC
z*!7W~XF@`-?0!wNTf9z<{RVFD<nphI7N%XvNe@u9bJw)Q92rtP-fFT#`5df?@TZ23
zk89AGPtwikwIa9}UN|5B=3d}jd@e)wOsjIsDO_U{e-2KK+(GjbI(n|L*|cvHH;=?w
z>)c3W0Z3`H2K@M^2V9UmIb@>Vw8YeZ3j-4v+-ij-Zk5Y2i*IFijZ!CRy9_xTQM0TW
zV83Il8DhDOXXS9{VdeJ6fzK?b3$%+71u!G^nUF+>K+o9poCVPyP545Va-d;xlo}+;
z#b_rd18ACaT|W6phMq0vRF9t(i=J(pX+T_p`_}mnxd^e9j#;GK*ENdB))Wi5t&RCK
zSHq86OH*F=5*}QT>HLDRZHDY>I^61BGr)SsT2sw^dnU!hW>m`U_JJzy!1u~=IXe8|
zB8Y{gqNX$>-Sk_HdJ(Za7|knQJTfDWz;Q3XnDoqU@Nis@zwoWtO!l*9XKxqx0nuI8
zI(z0`6JG%ivuQlDP_LK%zFX>1nz`%Jz5}2vc{C${yTcmV$8L3kxA`?;)#XK~0gl47
zO;L%A6lraZPT9sB%W(bxgx>Ci=Ik1p(>pcc`%;SM#zwb>do`9?D4usOw`m+lZQ&;b
zER?1Bj=86~^yta(?*WU>USr?-E0Hd@jTji{du*&R*4WMG)5y*bYv*~w&2zcK^sZ+t
zqf~W_h9nTm()@eAhwr8qMtW^|GNueYr_d-ps8pQw+Br}0jyA-bG=9-?J6FE>war3?
zlnSU|rUkPfcEKp&v`61uGV|64>twdN2}J)ea%$WRy1pO^twzbrj+sLE=btG}tA<^#
zAM3owxt-G4xilO3*Q-Q^3Wf{mCY!ms-!_aWrm0(Y3b$MVw$CDzO>m+^tsVtgUZhL&
zz8&qviJ9bF&OHRV`(E%uw2lf>GBa}M8~g>HMTLb)3BUI*5uIafHPuwl!6#>qz7pHa
zx@=kv{dn`9`T6{4Nfnvo%23)fvJ4e9T%%`#B5MxJqa78&Cy@O<OU0L8o{;{n=~zik
z%I)o@O6ogJ%}OqFb$b!_T2WXtv2vQwD}&@t(@TYyxh#Hbs+m_a5wP8~hk2(dD);gd
zo+{d0<!~~cx^HT|h<F%ljVTMS5;f~dK7Z;FEcy3UId9$dKR3p5zBBry3SaUO^$;^#
z_A7pjR?0V?_{l39J}C<K0Uw^_XS?khzj$yd>KCvS{f@RPC|rE<Tpnotoli$!X+F&O
zn|^t3@=0~?)Y=Y%Nx{RxNeAqX7glMUN@@!`afTmx8hps=^u<gS-B<Qw<SG}E$$+mj
zR(ISxc}j_T#M<;JoJsKwhv3D&mcPI|&~i`iNaa?|P$vD_q0~L4fTM-NJV2}MviDEz
z2-kuGTbu3-9Irj>M0O)6wX(x-^88XXnZk`HMFd;>eWhnWr{BTpYDu@1+M8O}ao1e%
zLA0BSHybxFDbQw?$1d-OV)zcXh3T!L_(#7I!<t|tP-upd9efh{^0$1#Y=2^#BDjJ`
z0G;gxZa;tdFWWgX7>wl$9|soov+ph+K)+!-a}mIg`{MWd%<r>>={W!;;&H)CL5A5$
z?IqleqjsB7c?zuQS9drigU}Pfmr4Q_Er4O$9c(|<_+J|KCV)IK%EX{t@k7NN1iVTh
zbo?X2)8GfnwpT`yRA2|&_tOBD#{Y}eqFJjZovclpp=8vCKjHjs<A9*2<D%!2XnEy}
zPolRU!aHg(dF23#;aA#MIn@Et#L|@4pSsG4jBsP0wYl_wft2^J^y_W`l>B7o86c1D
zmb=^XD5eK4{8hm~{{W}6;<MT1!J!CYDQgb6kn&eq8c2--94rt9XaEegO#}XaIqchi
zH>@rC->vqxE4Xs?UqqP|Z^sT^4FsaB_{wd+@d$t`{|RKm0)P->07Qgmz*-1TTN^(~
z?P^IPQsvPzNg=^c4geuI>A?4UE1-Xs00sPtav$MRVp?$%X$_<m?eDbWto>800z3FY
ztN+5V;Ui9D#379s6j~rI-T=Y_VP9|}3j?1iVO{JctnAnQ17IB(|G*BupPm6C`Zud>
zIv|`G-$)cQfFQ-fL_vM=B%c!X_rq~8f`^lc%;2TO5m$&rL}MTk(R_Z7Xmw%Wn!yf!
zY#jfEVL7XR52VDPfcP4bh-l!-eh%{h^%#IXw}^o1_e=|n-~VE@QPkrA%A>#Tf509t
zD|w9diHHsmU4C+I{qIx;FD2&GS0bT-_}Y`;)G0tMBsm3k@LwHPB^clZQIbIn3ISgr
zHV{(}T-mSj=ldp3fM)xtEKouJVzvBiyroXbAAdy|h)|x6?3WJ!<6b%NlXD;aPG!QS
zM4K}=k<dU+(URcQ{y%XF?BKsTY|NhDqbM;bV3MRh^gH#yl@VuNK$<(Ujp~n#>R+r@
zPrhibH-@<3A2KRB661n4;!Wca39^7T;&4km>^}<E1{eK<R3zFFrc9K{HG_~6NsVA5
z%7IKskcwa<(nc;3M+rGAXd@yYI9uYxIvc1cP=rbT*!=!YyQTxmnep62oAV#G4Rv6r
zBOVvLlvul0Nw|Z9#J1u8yVkb14X}eB+s1!k*yNhuQ6>fjl=ur0<O5ema@!z4v;7br
zxNZE4)kabCmpPdbH3YWr^>1Jmcps?6ej+J}abrlJ+<c4#NkJPiNr{F9<-P5VNMO-F
z_6_3cf$a!3Vlsn}5+(k*Bw*GiK`PKjy#4VKaTIh1Xd@;cI9rmjiZIC^Wz)ZChZd@e
z_`N*+gE&Z4&;Q$1F`@ix2CJ;^RnDv5rw8Klzg<0p^*?beB~|~CsCEgnC5n;TDK24>
z|H$Ltw9}K<a{aA*{*ydFl!(S9RNh21RVR@Or;<p8Nfq~mLj|ydpH%r@7?uRe|BW*R
zqSco8oi8hkpNc`_cbz$w=6|6^$B-#Iq5C{)Mf=!>IBLc07-Kwz>oHv#^_o0OgXGji
zZeB~j&YF{keA&TTYL?Ne&9ro4x&AR#lXWq1+`Kk^+=e;@=aJ2=w4&lQ=7xu}BefLL
zxkQ^eO%B51dTLY*qDEC(XbU82Xa)Inqs?Yb5ArY>UdZ;*Qch?4Lc?f6BmA_p#nLc2
ztIv+p^xzbeVL)^wUvu7^@KYwL>{zW!=^S6Er~D6tBW9S23aWQ6i-!w8^`sKKqS8cX
zQUbJlOWbY&Y^Q|>+wDKP-A-pcri#u_OEvw>mt#|YOEo^=%os&r(cIJCag8xm@_x~*
z$;O9-^?-Id#O-9jcD#OIyMUc`YcW*`#O?IKc9ze;b}irAeb`hnu)Cbj`Q@mE|AQJg
z!)kD)e*w?-)80~S`Kn^ze_4eZnX^A8*(>Bl7&C>=PZLa1dF2_W`iT~J-$pZSZ|wH`
zmfVwGEGmBf1?Q`71e?66eR7h*<77Xxo+=d_GdG9KvAkdK3){A}0d7Nwz9hI!y+Yxt
zQpmm!zsxU5A&1lCd#7Kv-IhAY_7>>-7LA2pevPD|Ott}la67>!Dj6;e3?)Kv$K;A4
z*!M4V0p<(Zf`H`$L#YDGeHybabK|NT`~6>Nz_D$6BP;>*EVs?R-%+UnIsuUaP-y{?
zAh7BW)6=E_W=0suVw+VRn9v(Q-#@V)a2Pr?-9P3#HWvtNF^XN2xgr1S{KAEvF58K6
ztKWYkEU13}M}I;j`U7o@@r^*I6tM(W0bYAX!fT+7*lTRRd#y1RoFv%kjwk_GLVqO-
z0T#eU42v-duYopVuQ8DD8fYW-8WAc4fI%Cv*GNpyNVOSo7})6t{~hvuQv4J7Ky0?j
z_uOoDMNxuiet<0MdjN$5wbZD*`l&w>Wc~!$tQ<K_LBbJY3%~+<5?%vs#9oX0-D~U?
zhJefnovMP`C6M{ruVf*>0@{dS2`Aw-z((w~F%n(_ZNy$9Mg;^Iv=Mua#Pq^0fC2_P
zE#UkoWN`h7d>}U4<daK&I>>gMXnue!SWE$hh)M#{{6~MOr+@E{U?U1a=SZ*sv=Mvl
zAPKJ#v`gr8Te~Je2-;6X77!NDMhuG_39o@RBCp+i{=3&e8?o1jQ2_x4ZNy$9HN7vO
zfC-)c2=tHtL_PvG1oG{V;ooF7BU;CwLKPj6*TDJlk%0L>X-5dT?cmIR>>S`2#5;@*
z3H<&qwcFkSK~Mb%F5sMh-k?F3Z3neOKgr|mAX@|x(0`H#I|+G!Hez{@2x{j@1huPw
zln2=94|#BqkOycZmWL7vd4M)zc@X6-1SXT%p@~re=?B_~<w0tC+wuTA{UMLAKgt8d
zW=9@4W;3F7{7D{>L|!Avg9Oa~NxN-%fHVI|9wgkWLjpg(|3mGz<pFx?CwY+I!L~e<
zf074Jg@O)Ia`2}__c#fj@&H{CZ_@usI|8xtSbxz6I0kWwc#8y4|1Y&8Y=dT30CoOI
zO~E-6XYAVq4ETqD&&|eG6o~=+Lvr<=L>vcg#M|^a68M2OV!wg2ASz_GlPf}}KawkO
zRm7D7Xd{k8M6@ErArdLE1_@X|8*v;WMg`0wKpSzGBr(11<O=Ncr(_5u8Bsm9o!Nuf
zY$sPyG0BB@LX5VkUT_!u)RZE|a6=sSoV%bc2KdAGKpwjuGr~-v`%}SKqhc5G6{r<g
z6u*20K0etlwM@K#ua{T-%7Z>O2^!&AnXn5I>V0em+oe`<BKK@))-RPC&=Zhe+X0(g
z3-GafyMP}y4RB|-{KX$YPe4)B$EF<)bb3s5r!WUT|GWx+V7`qp(ZDF_jo{Q_gwlu)
z2Tt|Z^q@$=p3?*v#ljw(`gV32^)Hvf0|A%xt9)le;|PPt#(_)RKCk%H3NGmv`T--F
z8UiEca1xdX)(Q<GBnochgEOO+H<E$U%`o|=IR2IduRt3yul|Dqd7D>Yr$2c0pVawa
z?N6-U8zj^V+KAN)sDW6$|MnPSoAzL*KNYlp+&w_Nws)D+$Yu<o4*uD_FSzqUa+P8(
zGRFJIT>Pm&643xGnu(KkV-j8iZNy#!>(*by0j!^}c@R4Nk(K-hbv`#(`xE7UpGd@9
z&_?VvArf8#ZNy$9F}?2vE!gRgm`kG0-zFc3%{KWSt2k5;>foQn3&=vYh12*TFh7%n
zKlMkV0=@CSTp$y+HbSRAwm^Fluz)sVSV+|QNuZ7RbcRHM%njOzy+$Hc`?tps+lNtL
zr#~`wQg!||`M|@2ZSo26Z88%V+<+{AjRR0f8xVJY>Tf>@GJ`hat&OO#Bphq}%K~{j
z^8-8mks+QVL1xfKOy+|myaw8cy+)!yP6BO2UL!^YJnj3p#}M0z?yvRiaS|b8n|vTP
z+vIC-99~g8M6`}SgsMCe$0UTBo+!cjPugvVT)Kb63!V@YpBsSgC6w+&`2AmMw;hBC
zrxyPNE5e+A*~x*UKEf#-;gn%V9ysPyqJsNR@&M}^;#d#bh~+_4SQ6y%FAL;td4Qe%
zBo7i%<KNc#S4qf&M1h<H+KAjsj0!;>|MD1OTOPmGvk`xk2Z+s%JkTqO%KuUxL|y~u
zN2uwE<?$c1+m;7d+5bqah|diO@*siV|D|@{<pHL3KjcAz2jAuK<3L47Z%wA1xFGvO
zqWghF7zb<me^RS#d}bcp!g{JG=lrH7t?Ic84#Feo{xbM0t&FR4)Gu$J+O5>tCrr(e
zt8$2Pf9*9d&zDqt%Fg4g)i}foY96Q@wW!{c;Q8=Pzc@V3tU|%Ol9?jc^*P^TO9rE~
z)4Jq6<8g;gPfmyGWGPflufGTaKc7dD^;pO0wd4)5<=+i?(j(nKCs#n3qw)NMx1~di
zkMQATMYSH=<Vxn${qF3|cgTB08=OX`?UR9+02;>S3J&BLKmYL9lF10>AR1?uwLR*T
zx@ZFMxyq8!2yW*jf%FRLcr0_w1bbR{Uyo43ExCdtIS2{H7Lo4lQJ1(GTY=981&4F~
zcjwLrbn4{!sSaF6w3WA|SPQ>tFNT1CC9_fBX<f3Oa}8hQ3M5RcW60c-QY^)hcekgS
z>HYsbcNt^CRdfK1?o39g)2N`_z?hbGnRZ@aSW&8+E6@47Esq;bokqpwwy6ki%*F+o
z1oQxlZK2KWlKZjP*grr?uxF_CxB&Q5<XSzSsp}b2*&x~du!{G#oy2NQ{=kEToPVxb
zmTV}HD_}H@5}sL6%>4rq2=?Dy_5aiC39I^@XCj9HPb0i7sg0UW>+bK7Y!ICwICb#_
zf%}B3{tfnSp9th9tQl}1s1mdaQln5|eUUMi+mwjO%`b8>Ej@RW<Ma}9+EgTV*w7Sn
z4X5H7QuCXv#$?(77Q9#i#O0D)sxY#{wT@Q67DqgN^#Qhcz*nvzi-2f9xwE%?_f@_Z
z;aXxMFEFEl#eM?mEDc<0w?nj9!nMSb<;H|w0~B7W;0DNKOy-y=fyYfTk^iI4Q&$Mr
z62Stl5YQAb2^r(jm<4A49THnWz=;t_1YDsb06PE<5I%r;iSGobrT<aqrvDSn1(Co#
zaMj-x0xH#c!cs)N84#dta&*~|oF4+D1r!e>?_q6-lq)!x^WeEv3n50D9R#=sFkl`K
z<1rHgjsn7-^TQh`RQ1TXEp|psjD>2WvmZCSJl``qgBrD+YSP0kcrIfG`~DwwUl|-%
z)MO{J7%XN+i<w!nn3<WGnbBef3oXfFX~fKo7BiE@%&d&QB%9sMCR>%QP1XMCdbiKH
z-F@!N)O+*Z%x(Ph`wRPX^_L++d&Kazhl?EF$CHD;)U&_WM@(1uafBE4x%ltz4ll<~
z`gRu=9E3Rn-X86%0vq`6e(i6@m@nb0Lz#W=kIw7wz|AM#Zp`id{MtNkj-MzAy7>Gq
z;vP6Q`SpF<{k`4&{a^N<I2dv|AOA!#Y`$UI4*(w3r2J_<>I8USR?l|VSKIur!iqjV
z)}P$Z<##ffS_ByU9vFQ6cQ10EFFu~P@82#V_23B!yDqC+?$da>e8$_k_`mx5-z<H2
zJk6pGFIEY>T)w>ncSdjd@Zi0@xfxyUI_r8*6WH+e9d_4meR?`6c<}T0k?4B4xtjcu
zvbx6aJ9jwy0jl41(&a7hx2Sh6_5r^3{(9;0vfX#pmH5Jvy^`JP_HiTd-mLR>%<&Mu
z`M$rt-IVKpqu<3T(;Vv38cNe1dN3KjnFIT%GGFu9w%ZlA9B%Hv?C<0M=!C@TMg14)
z>@VTU!3iI}c%#Rf0PVd%$Hy(W?|bk5Ti;OM-IaKkr@Qy_&h?e!$CCfm{=47D?8Sxs
z#>eGRYUjqmOB+)7O-Dwj@7>eY<+gg)`&-rQ*sj2<OH)x5DgTGV#{nE+=iC0vuDfr0
zm-mOr#|eW!h+XU?dK|+=EFZt!hD<IYOPct2E9uPT5BbUBVi6mk;W_-oq43}5@yz`F
zts*`?66c7eyCPEV61apr>%?_e#0~c6RzA`7JOKCOm+ZkW#hqK0YYxY_IfLlMojaCm
zj>kMXgXG1XdzNcX$J#lAY{i}XmTS((-g3J+%A3wO4_SMTyywf$IkU~?C!fyB3$7UN
z#?AxQf5T}GY$f75$^MDht~sX)Fb?t^bON1OFQ4Oc??%VTmW$<o<($~fao%($_$1vl
zAIv;t4e?<<B>^`(JMsoX(w~sd^FKjpod>+<Ew_AWj*}Y?I$M+G-)g#9e${JiaVeZ@
z1)2-B*ni1^x|`@>F--6lpA3ELE19axQvsO_-%#JW3^{xw9m#V{EB3Tldl^a;+1=nc
zpK5-H;bA@Z-9?NU+XaFbxb7D1_c1&jU`M!BQyyny6;mE5>azdi=pV!XWs+cjT`dS4
zQnPOSrnG3k<74xhrmSMfyIOdd0|Nic2pr<D@}Cg8AmHTQ#c){oEO2c6y3*YA2p%-|
z-DUY4^A{{GUuO_};*+1yBm6%Ow;JwMfya6_`au8I{C^+V{bO)<pVHpk6{NnVetrE8
ztLLmg0{2QY6Qcy{<4m633bw5SQw;d!j(p<sWdKgAn8reHjaygfPI&PMwiUBO?$;<;
zKz4VEBs@<7ZAy)WbSSM$RWi9gwV7o4s3vn!P-=4NZ*p^LE6I#et=ghqjQXD;ji??h
zFm{w*&81q!h*qT^eoc_|XLn~y#`6U7CNa8$c~b<QLp;j}ufx3lglI#BW`%L5WVArJ
zl>0SBwwK+V_w58FoSkNdPlFZ4hjPjS<ymfPn(Q%K@VDe6PoQKHhzD2-1@R>Wy=>4H
zj7dgF59$(Y#5Tp0C3UNCK}V_!lCW&=HcWH|L_aDOTLdnpgB1#=9LPMGQ<h+vqzWgf
zYErcWSUH8`HiU*Opj`4$&x8|HJ;}O!s$<CkteT={8^TC7zYk_OBP1L(oh<^1QqUUZ
zMfTT%N};NOby@3m==s18)NVFa+Z4Cf8R{uE7*xt?YZOYkfJGo<%G&Ds2V^IO&;f*>
zZ2klcNM=YjDl|KrZnMY(*dz>mrf3c-5jzYYrGgELw_NuU*<)6BjpQvCs7cbLGuQ~l
z)d57ZEZ7tbZKmiiR0DPxA<8Kmlwi5;WisgO?m9^{ZcvLPMi;Q@3{DrYnG8V}u-Oa=
z7qGbu1sAaS3@tPbYb!;E%82i%%?thcFgn&o(+~i*8Vj(+3=P&mYgyWi?gk1B*)1*9
zD2o3$O};M3T2{V(MsqGoxpJx_$EJ{_)T<SJvQX;5g<Vy?W#&nR??}pA<*uG4TX`O}
z%0*3;Hsi3p>_4HDe<^IlavUfd*%~PO2OCg!|EFxDPuVq}vNeFKBU%Am9g>CromR~H
zxpoaebY}&KI@$t*G_wPP=wt$e06v2(eg?7r|3=gN%&ch&4fsPX;$W-xC(ydi3Q;Fh
z)p=`$7L3Kg79$Y5nLVl-UMKUr0VLoL2_yKT8FD(11w9U&2VwRfq8ZTuqxovnG_#-J
zYWFle?NkC^>CP5(oy@zl%B__OdxtMTJn9qA)ahx^+}wu+{CO5r2bQJ%SypBA1`}-~
zv)5$x(&(XXpAk*L1Hz}13+VK@sCJRRAOI3O{55P$ZxM}ZQl`Cs45$HB{3CBo3Q)z;
zC{TrsDNsct^FKueiv2G^!}ydCmBqs9V4L6^1__{ZnwaWt_&$M+)7&`BB?7*Pk&p)@
z4F4<VTR(Yo;}2#89c|H{|8i1^Mo+`{{*3=rGl6a9V2ix?|751)9D=N){C=S7Xx|!V
zZLK(63CSJm35>!3=$;Mb9BilKoImkjpEzmu)=EC%F~lN<qb=m8DUu(Gv}W<;SJTNn
zLap6dk;zR!Uo?A8u4rbTJun$)z!vyMvp#EX3Ov%$?*A`fPIgw{0j{6wTASH}t#x%W
zdm88gf3~zRfvZ~?WzEvO@Tuir(-<fq{tvS-K4-yw&ie8>3+$5y3Jl&D01U3(4Gd2A
z8T|hT&1*p|&l}kqnEgisFnhmNcLPBE59s3afT{DZe+E?bfCF4Rpplvv?x=aUv=+xM
zf$XZjPv=*lb08n6#Aq6*q{admOQRl$(gI`AV|*%!0xCKAl5<F{@PDO5eg9mOe>c)U
zXy1Q+F5M6q;I7D5=t1@+=zJjVe|TK4jDaOQ)&NU*)c}^@M++=L;BzqvKjZ&TTIJ{L
z|5xM1r{!Ra4h;IwjH*D8b@?;0j`n=q)=HTl#G=|&L9liC<8)7h>g(aw3bmihC!M>w
zF_I8pM|&U+5tv>a>OX~+h3N{+W%`+m8JO$)PhhTm8DK8OB49~Wv%r#)kANkO0!vD{
z$p@lFia@lc1c++P0a4mxAd2xBBnlYh_=`T!SM>-BsPq~Eo)zZDT7X*hCed}Y?}7k8
zwdyWk7S%d_)BMM^P5e{Qe|0`<{Wq$K{QkLo|8CKrwAFqf&Gu6p`=_?d&uFrr+9*D?
zp?+$M_`lJL{P|%2JqpH`MfL`&PZm)Ae{D13ISmW2C0Y0v#!0U}$U3vR@&91nb;*It
z38>W9ec5qY3b*g_YzBTS_Pu#LKYt51e`vBts>;!Sdnj)6c{qP5)+fA2%Jp|`zwqB6
zM0_F4^?P_b`;)mkB;UoO_UhIpkmYx?Gsf{gd$zsXSNFENe)iIL(8YT(e-jSusdlx0
ze)+oG_vfnkadut6PM;6hD`Ar`?s@3lW9e;Y`+Qbkf^)2nl%%s$!Ru=F{VIIY|KhOe
z142O>90Cml1OytyS_E42DYU|vg&PE<r3?&&6zKJ^VQ{y1vUavGHFa@j(04Mmac20(
zfQjD2)`tFbeCBJNwA-5SSKm=%`zg#!`tEq+XAW-1;{6KpeeB|59pQZxI0-RKlSGhg
zd>P>VE;9m3vV%IW>{xA~Uv#NS6-~MjJfM4Iam4?njoP$W)|R8Srt3*7rQz*%Rd$i>
zgLKTMQ!%CfLZ-mV!`yU5%I(s)Z35@#=2*ih#>M8Q+1V|N-^;}Z``h^D>u!zWw_FP~
zn(Xq;%=Rjkb^NC-8}Qt@)Yi_AGy8Yq)rRBOA+5(XrIAKI^`mySg^E`9mQv=YN_$lb
zTsmsaK6h8bwwD40TWhVF1Xs}9HjJ2Wu7H#n|E;Q`fQ$F=s%$H3&G&l_e|rA6#y4js
zU{K}-s!A}6&~r#Z0aqtWfo;s6cWM!ZAs;0(aYE)08y9xIXjU|18@~94E5Z%^3bf5g
z-vb(~{^Ix-72QYj<c!Xh&2GNJFLzqXtRklaT8vk`fqU|TE|39~-J3vwZJp05R2Ob-
z0iu=*bG#evlH;|OA%IFf`{7Wp7Ya}U8S236SY)a4>(2Rg<3<(N&QcR^!hl^nSi*u+
z{{2T>l8q~6^K1Do?bqoyg7-FO0i8!oO}39#pXVIYa+8E6--ZyvE%41ZD_OoV)m2MD
zS{}AH*jB_{-ztIuwR`dgO`pdLWO+PC0YL57+6#6E(pWyb(aPtU6E$?OK{2%2r2KED
z2=4nWwR6UA3DcLkHTEMx`7#%qWYu_P1Oz3n*3V%kp{JJHC=zXDa468;O71Rz42(`B
zo1lcV=L6IyWFv1JChrw@G{?M*8Qw@(H&=w!37mJ5FUfqEYama^PBgCH(pp0*vxNI2
zj;{EtE3BFV)aO7PqQngRHaSSrWOpR$inA(@SB4CRl?*tU#%?JIXbG#Q)+gT**M_(p
zThO90Qr$}X%T)C5Q1o0f7hLeY%&30bC$ryW*R;^0|26T<+=D^ft8AQ*&l^S8smHJ0
zVf$JJCCQfycW+W=zfegVu&@~Fki^N;ENtkL$$J8Qk`6;O+?{mg2coCtLjBxi@(t_^
zZTmH^vGR)u^M1+RmjAWLjM;30le@-J@{JnD1{Y@Rs*-wZU0p}bt$JzRmgu4iotO9M
zrq87hT;2EA<G`Tdh%WpuO;!lw>W1AJo4(<~gAoi@W<}cTZhWU`4aWpB-V845-<G6#
zR(@$Z>^QbVaUq^xa%8KMGKE!d^^<$XIbZVBdqn{XzLhB(k41D`6RZkrN2ChPGV~1N
z-baxw9;5qXAlwW7%^rR~_Jo>17nsOOD`E(tjV=}~S5t#EhwqFmGc88|6hY$e;rnF<
zZ`n4}Q;-Iqwkl}PE@|df=oR$gzZ0$LKiW&jpm;AJh@ldMHJ-rPiXt+KLOp8BJ~LHe
zDIMtA`0cN?hNYFU#!Lz+pii(_;_5h(^dC_u&+~Y(L`-X9;*UyaCnk00kQ4_M1vnXv
z57jZa6i;^}?+dLA((T#>Gm)U+Q090YUoLkO?6OGPls&l(L}2FBu)kfc)I*kpeybdI
zty84qiu(97r}Q%e&<}N+?ov5n=)Xyo*U3Ie!p2S$U5<gp9RAkhIfkY~l$&QQ2NC;l
z_@WJ)w@&5mBDKp#c|PoIW9Zx-BR2)r(Eq!VdEc+XrJTS-@~Yn24{t80N2>}s`j3<H
zLD^A-Mk*hL0F^3Kw_kM|Mr^lhZ@!U)_^M9<Pm24aNIG8|xS!Y11kXYLa@Et7$|E#B
zSjX(5QBXYCKwLP1W<!1z9OnoRuliKu?Y)ssJDR8;ybEm2l#?#*>Jcwny3?OHcR5f{
z+&%?lnRThE1l(>yCAu{ORh{&W(0B~C_WdETxL*xrCz*R&7i^Rho<F`#%Qd&4xoe-;
z%`&W~eVlf-zg$e_eh~A2Z0gq{PBc~|woU}mBuub1Z}%tn=B2iU<bVx}Z~VNUewov{
zneV_Ej%Z`<`|jbOO60~|oI_~+q&WP9{8M?HC8@mE49SU{!f{Li0vuN!3NA}@EUulC
z7W#_}*lN%Cc7NXyN0N2{9H&58A;3`{%qnt|DC}_kNB|MyOBP`d7YrWFx2dwm+Mqjo
z2P9OsPB*)ICL@GLLfK8&+2e*HixUKaXJ;o6BPxpmlV#gW!!X?bK1dsMEX=KQMwGv#
zui{@$0T}tQ0?k{LY<RE3vm@Ieb(oEUHS9%8*eC`n-;G(%Ogp!SvU7A^L7XtZ!Ne0L
zl$m1wtn|honH#@dp9vri9&c9j7@mG=Y06qNhC#*hRl#r7pACj+dVR!{QG$A5z~eZ?
ztH!_ls{WviV+~p_y;SH6+4Ooik8BX0CQ4f`A<@?PSN!)3;~+?d1M-1s)tE4A$GU>Y
zlVT~U2b6=SJ&$sa_SJH`dfeX4a2zW+{pxyc2VWXjOX8DaAt6{MA-PoWdWKUIBP|14
zXbK@IcaZ8rkza)j5~ZwuDlxhhyVqQ7r#$h2cuG!PGq4j9kKgMzg!-~<Vu%a0)|+n+
zeyOt)du<#-B|&<Ex8BO>8`Npsq_(%`l}@GAoE-zO;_?n1E10J48yzr3t|qLfzVb%9
z;x(`hN?7J_mNrEU_w?U?VI)0iE8lts!MF@XsK}n^%6*Yf3yY-Ma3qmYmbjeXH9OYh
z$rNk(>1;Ts(TUF7OO>A0th6)!=hEE<gxcYzCfl3Y`L>TYzsmvV8q?Zzq0)wZFK{%D
zZ$PV_e5xCkUAbl9jvH5Uhp8`4@F|c`mpiuB+SInD|9kSaVuLXtzHFPvkSiD9I<F2!
zu|7ld1}@O*g7<JsO?&opT|%W0ruagx)x7L-9m=mha*!a+r9IW+$Zt!$D%LoAiPs7T
z1wK@wxrzs$${e(<j|;6lHdhSci-4W057m7%#Dg7N{clw^OJ<)f@!HtntPJRg{V6E9
zcIvy9`529!8CAOMq^m%hk!$&tvMT(ShUH6Y3CR8cq<zr>DXb?lr$Wst#AMWPsqG~2
zEs?8lk>*Cx1Q@*gY})3WN5KAI#c^4WivV^(7A%aijpK#6^D0gr;Kw*Zhp(X%PPG}l
z$)VhnVhrl(2R0NMzZ}HzHy;DUdJSUmv1u^F>xRdd_Zx|CyMF}fWaZ6qeD?Y)UWo!?
zwywhigwXh=e$(zfTp+=Po+^nR5sf*{OICDFYZ#;p^y2vH;5ggYnOdguZ`UNCEE^Dx
znGHCg$~-^kx@E5V+Z|lMCixdC+!)I#A;HXGzpIvp=ZDE)Xu~kTjpLMNAdU<EA{d>H
z&c*3q%YK8n2q@H7O;?1BduVl!>lJfLw_Hdb_2scrd2|Gj7VIb|){zcPZVP<}?L>pg
zr1fh_Zh2+vE7j_o^NMKGRA_bfbhx4eiM;QW$&iw(IB}r1El}yio>)s)zR=+&X~*72
z?+ZY6OgZ|yhZ7N(RkFNo;Ztf#exb@^!nOoYgS0BQwz!|CGO%*8iAr^Fv3y-_2{UW3
z9=YCH2m=%K-D;U*JT&A6r|GrzWh6?|ms_6C@I8l4By(z_XGKt!dU1)kXD_|$Kx(3h
zUA*vW*)=vtbl3kqhj5cStM;&Unl06?Cm7F}XS?mM3YE)yPEz<WnW(<YxjZQfGNqEM
z)5}lj*8Vq4Y^BZbQAUyewb7EdS;MGIxlp{87<!zS9=%4>v=jwNB`vKra$I~9%ORYO
zB^L(Elbg=@-#5+EOv!irIm1Emz$S`dcS^M=oYi38&9|HfCTi(Ki)oL1f7T^G5T+d_
zw;;+&4^kl_#G$S}AzpGaWs7(iO9eLYtjLqm%lRBM(88uBKA|eaIG=*yyg&oDaFY{?
zSRJ(~9P0<LIj1^3i<{XqJo!?>1oaO`^xzr66P&CI)1aVI&N!jWlF3_6#o*L^Pn$XR
zu{Zm+MvHzISF!kZ3{MzvWjL@&2kfIsp65iuCXbKRW5{I^dyWP(2r4*PRBk+lzM@x-
z;YZqEfT(0WlCUis(z<Y4-FY^cE+><$kJ3swv21lHjtFNi<q_Kv1};YjLh5*BCeY{H
zR;lV97WtG_2>brS8cqCXDsAqUcn(w?(8!d;iBNvHh(yIc#sRJgshIZ>%l<J(96}ck
z(YVCFVEYwl+g+Q{*Ax<M`wL2oUyj?xjm%h57s4ydP`*if-kSVA@00k^UOMGBZbvmX
z_$5lKkBomK#7y{3M%8d~WxH1k)UogQnKd+@OC-;^jKqq&%{*E354KbeW@wEZk0uwy
zivZ<|wkB*QWhO=K29t1@(*WaFgZke%B=D}2P%s<lW^h~Lq^kA`I+9#aSP>D#=ow=4
zmEXLZG<s^2OP*niQsiG(!Q4(2ziOK&NqC~>^-x%vq}fC8mf9kvs(;_z5%onO%QMC}
z4#Z&nlAHqY@Ob4-9Vbi%uh)1^keSgO@$$B)SyU(Aw(R%3!KS0ftxU%7^?ZrB7t^h{
z(yQa<IP;iLboF-6>4-D=g^)yM<Nq}Q`e{1<$5+(2ZR}7EQ2kN^<lPjLvTg;1Ou>Cs
zE(x7iswqpIf+#l66)fgV2#*Nop}3vXGs?n|i`{$9(=swzKOZyq2^ZD7Y`C|61ZGbz
zr+ilVoZHW9ZT5I<avg*hDMhfxo2U^RN&)*Ti5rZ0(dN{U!MM?^bRL?dRmwluR#q3z
ziC;;f^hkJqrXzJLF!C7I-e(Smcvqvs({EU!rmr)$rQr|aWU%=WadBr2!*gTSWXs_t
z5GS~2c@Pp^Hu%*u4rk>>-=9<LJ!<NJ5R)7g(X$t3jdV_}J2;K9f^Kk$Je{JJ^OK19
zP8yivS8A&P=DNwtN~>ZJ8`Tpl*0S=v?%yrC>-_m?<!%r6`rz2f7&V)Q#s8#<2BeWl
zlGZCs7t8Lq=C;0>D;04imzfQXtxQFPk4s{mp6z*!$?||TQZL5flDa?+?mI6Prj}h~
zv&=2=YsMktndM2^`COx-`5sh|HRfvU6gqWq_8sTsC@C6!jc;3Gh)738cwzd%#Z;g4
zV;2T3wj9E4K*7;_66_iyTN)5!wm$VkWvR2L&)rO2mvqZsb;anGKm%5WKO&pw$_s~Q
z;a~v_<RQJhCao0MCT?P6!L)Glt^ZlfG<_=3#KC))G-fDkSl0Tx4k~?QG@X8s&*Il}
z2`dN=^O7~+Q8HYmgzNhn$qXC0tW&DSg3;$mM&7u3I==QNi%lgb_^0Q=*L^1Xa76&h
zeQYKD3=aA@HmuJD30~ofBiL>Nzo>uF$R>+s>OQC&qPpL)9@PBaQB`Yu(i<l>mrT}@
zej@rRhu~`zDF!V}3hEi@YmZ)IAp0iPXi#pqOG!xMIhzsL2#rY1MIF;bm^}7GNXi`f
zhG?((<V`G;NbVKzGTV`$^kkom{cWaGM!<7I3i}mgRdRk0`PQ>_#90kx8_Gl6-o5^J
z-0FN4aRIM+$=6N}wBTQtSFrUcxD5$1L3yH&$}9wE()U`UO3b6Xl!<*kaT>B=q*5Z$
zX^DkN2k@>vl*2j1>A<P)d_t^03s_VV4=`u1{B%7>C;cCl^O^r<<&`{KS=wl+T5?K<
z%M8Wn+4skehTq(u>j(*Pcr6;r<&}vU1w}!k2niehNvEi5Q4>Quo71DrtDz7_wV*+t
z4@h#>(XjL+r1=7Zb%`tp>K1?)so+>3oCN7f6q=U8+%)uJLaHafPZINRC;f6ij*Z}T
zP$AkL9`s`g!`Pyk7sHxCLiF`f*3yJHwN_MJxa~#xI(S6tM`jq?uuir=w4O}*OFKEX
zt+l`EV!7H1;LO?HBfr#0jUK|}#k5l5B`S~6eJUS6zN&lNE8g_y2-_=z@84@uwyMx*
z!Xd6kr8pfC{U1GcgjlU>^EebjH^u^IFn`ve*|(>*#J%;*W9T&`jk~NQuY*$B?@r`!
z1Q6>ktejoT87=kQA28ib!)ouL)I+WDq=gTLoc*v|{Q3`Wz4Xx8z2j-NE6@Y?r6e?E
z=R-BBmHtr3Fto6>3Vw?&wB`$jQG7%Q%U752#1Rh?orpu`vvlFcprK)-14U`Z8EhE>
zb>QRi@k8SRdrhAmLH@B4D&&hzaA;aV5*TQi;_9^xCaEHUD8d%R{a$T{P)gKgP}nRR
z9e(kJeqj)e$2d{vsMCPFE4%ugBfY4O<qb_(?Rb@7TNHkxgP?t}=pyy7ZOFp0a%R*V
zqhhZKwTSU~P{H&B{$nX959C49{Q6yQUs`reF2?<wn~98~8eOH`wnw4iWuztC7p72R
zU4Wc#_f=zQHWT%gyVsd8*sQ&v)FpN(C@=Cs@)tkl2r{xpBN?;b>oGZ!?V>z^CJK*$
z+1+nNpMH+ef<U%APS}YAtz#*7H;gJe*+8$NMoFE6*XDU?H4zUq1ImYWXs<an1=b@Y
zD#CZzzG~K4Cm{};JqboMH2)C^Q8>B~$n~!!^s3S>JqpgR<ORf0!u9;Y(Ci4@(`G#i
zny-cBLa=EGGr-2#WDIba6a-MAdMK~Z8`5DAEWAD&s<*50;N5ZHohBfczvs%uo1||W
z7}j6zWs@mNLHmO8ww{!e!Qw)gG6aLXrFE{tFUiAt59Q?^;D(t+bZ;+?9L=fX-{;29
z@peaQSi)8g4}!DK^ypP6+0I%GN`CqcCh-u=LO)e(NWg_z9m^9#m82*?BFtDxn!$<S
z-?5lIgsQ=cnBK8;7br3x!J<7_yR2%q;7`(I&M;c^C`7&$Vyx02POR=YL)A32Ixr%?
zX}BCeGtB=k84k*ee~CIx#f%-)HgboO-c}W6t8m#qB8K*1PdR2n3yzCCLaLp}7d8AE
zMpvz7n2{#YyDNS$2qHUd_oHwyPseA5!?a|C$nbjCZm8CxCPneO*GEK!4jWYf(#<Br
z2!z!a@K{r7+<bon3w3~GhA}~{{1^@S+UKD~GLQI9=mhe}MA5p@`@KW?jR1aNGmhkT
z@RyY~cW8Xx<;zv^6{uWz{O<ru6@&ALPV!P*k*kNR!_2P>bFyK13okTig>+cQ?S$H)
zs`_rNJ)B&C0TT!N;53M3+253sf5+g$ye>*rr3H;DMlMFITEEcD-#@lj*4%jpGY>gf
z7_y_LL)}TJh?Z1Q)?AU&D%-%aZMa#FcK_y~1;4`(sX)!1Kc>;R&nDpsrpKaglD}lA
zsS}I`6K%2X_tw&|(U);j8o95J-#d?)L{89Qob$=O?^R}7nkjP2z3_5K^x#y?2c!U$
z$iU4uUi3m`EeV1Vr%TiYgLcG2eiOLZu)LNlk#bC`&i2fHK%caup!0$_Rpui}V}uS0
zM9LcfmFhta{7WL;kf3c_opRb5PWMX|#!**h&Q~8p{1ps|T<-KhAnGG!f3hWA#k=?#
z!3zJL%?9%Y?v6scXCLB(t&1?FR@j|Kpd+2<*J9>`+>3p;DW%iycr93Hacv=*tlOKP
z;|u5!Jrf4}$ozJzSV0@hGPE~FEQe-U>O_H2;c5<IV#q+8P6up-^cD5am8e$WyqnM}
zVzXEnnERK7^d3TG+gYpftW*bH{a$CD+dp?sDtgRS)9*qZ&yVlt`>AEo`Z_Y1Z+l_5
z-Lk)|CCzS`R8;(p{+u6iCT?*u5hBsMM5CW0?g`1lEyz-;6?#H54%9MS=tf!PHP)U^
zM-DXk3mXs9OsbIs)P)$7!e}kaw7w|ornIFQ_3b`Zl!c-^iMiEfQ)(FK!#vnpqb(0r
z9jiQ+fErTe^6Q>k;C@>qg;+Llf)2`Cc{&QmLe(`WG7CgWvnrR88DW3(n!WuE6`Z%m
z6{D(7bzM~ymD>N5%Bj@f(!W;;A?3()b_0$)nXPMjIwl8ZFd7m2leXx{rLc=@*CbMn
z+dirnb%;_dilO7^H-cEnS^l<@`-z;Ak?5mmZVvOXE(6JoLQ8u4Q+cJbAN*khba(%(
zcx<n~E{@9}6{8BXfNy?t<#1bX&DGqvCwJ5aoMBJw-wjG+{YXqcUS2%6NhQvn;RpXv
zu8FmcD3(*#B@Vu7ux%fy0AVjsMwCtM9brjO5ELc>wfd0RM*CiY5uv%Lk#s`(KPdba
zgHzgS>1$?>XLb6*wJZ8~JRj|LDdnV%J84}$ZYOsFR!uyiFQ@W_6^pt1WL9#-twruE
z=pW==FPTJ~+lGB*U}?lB&)F}$V~KvPk6gjMfTIs=+-5QXGx(>;5y?IP9vITQ<ti)Z
z{qXpgu$?`TlMQsS)~f<jOO_@aO1{ep8Z)C3NxhPkGC0oetSt}A=bd44CUOQciJ~6H
zNgiWq#sgdTa}8D+>EIdvvdU^I&<Uqo!|hw{w>EL6tXIyrjS?Ll|Mt!oi5yILwy|7?
zMTEh>RZ3~;UJeXC-sj1d2jVu2XOPiw(FTc|?{wcgb2|R$$wcxVO=o4qy+5rnp&Nte
z2}L`^H;8n_Uu?HkqSNkUL1yaf=JkRyQKT7tmrvI~^wCtK+F6%g^0fw^S{GAQOEL&V
z`UnMq2e>^#WE#0U&T;rR{8}Dx8P9DQg_3KQrdYdbyN{h<GM<So#U;tG=jYlz?}PHH
zx!Kk9QwamC3b}LO7UtH<0m2_doD79A*3d<KUF3^Q40%0u8oFs}#z~!t-x<-`%878r
z#OSw0H>^JJB`({+t&++NJir!Qy8lKNI6Om4{njS^lLEk!%G)d#ulc^-0^f)?Kg!HA
zR^MVo<@jzSk!B>Fv?R$1!{fX8)B8IEtsi|(Pb~cusyU87s3~Gosa!lwSpLrCoosNM
zv+?PV=}ElPOYM5@$mw<E5=dLCJsb8kHi`+ETEmbJRwpdZry!|@FiL6;Ya*T{(QQTr
z&1Nx4!I^1CK_lZ~8E7%sDI0ThiyzxDT2I|9U>`UP&9s&(0BTXC?)%8R&c||7SskW1
z4EanG6fAqUYZsGRar0c7MIqoWWwO_ic{-1PCO*DKp8*9tUW4V<4OSAtnTA!}TMjl`
z8|q%!Z$f`*!mhWzNfx5kJk(ZfHLqRy@iKJXM&|u`Jc7bhzGQuNuU_wox2KZnV67bp
zcfU{+D-A&HnhlU_=?NaomfEAzjr3O}K*x999AdiRPpLKw(s$vo9VhJXv1jh;>=0RG
zV*<%aSMMc7#d{(+u5TXF7LKhpl#8955YrbeY*jnB=Zc%kG_Vt~AZ2F8Luj^eJ^d|1
z;0`}OkPF6*MQmtT;)O7k4Y?~Hvyp*_7`ITNt*JUuM?1aPelMvt@l&U)-p~{Ew;dKn
zvh{It1<K*^07O5M2srLj14~i+Vp4lKd~?&0E-R{8&AIe)WQx)kifaYrfbytsfzE$E
zI$G0N9}UYY9Qplq4T&s%8k#qrUid%0zI45B>#D{xKGyKq>To<fRxL>=*4Nd&i0d<{
z-0~yZs<6%-;)6z&eWekMdZ$Mr6VP9DjOX83DPx-n4;mbZ6ZQ=s*&Pav4HgyjkW&c2
zva*wpem**JU?tiOe?#GMXP5nf5#}!C+k61M%3&d#wA&rG*KUF*XVG%Fa-ehmUYic>
z7Qfp+iF}{vxU#;B*sq5-$vF;72^EpM8NE$(<vh$b=ysyE%wXC`J+IzD>$@b<P#OwQ
zhez*3RruqUsOBK7i<^IBCk1vev`*0-Y^NT8Z#!T-=H}jDyaD+-WO@*Po01pS)ZRot
z`!2K?>RD|xtKbEv4&Tu9P?#2`zSF7SyQrQWlvYN>w~L87Pj52YIU82Lf_-e%Mjism
z&C5^D)eE0eg$(lApymd}eFxTsQ09}+pPM&#=V7sHX4-atHB27Zq1g+Wn%L5>@bPS-
zq^n}tWEYu2*VSSG(Acd}<5@?*6zY`)+a#*FF(!i^-$!W+GdgLCw8L{4P(;U7sL0gg
zWK*9bJ3+Z62XK~Y@4C3ue(#W;{ejczX$+rz+oLe(<s%_{5jGu6;KlXJ-;Gya@&~-7
z2$6u$5V>v9BbP@GcyON8UBYgpXiuCBJdA&fGE?TS$cy-2k4zE8SW0^L6KjhL$&&Cp
zMkMo4h8XDyYJn-?<bhIqYEk*~)hAC`Fth<Kmy&|KmO`6o=_6mh>MlpiECCyEg0HQf
z)6l4-VJ6LJqaX-)eMMJwWY-Dl7|H;wj}2p2fUJ#-OvBITjO6b$)8yM@w{;|8J=KP@
zl+OY<kNLrqp+%&adwrM+_luGHbr|d?45fc6;7jjpi<1sw!w@{WNmA$OIjZRS1#$i6
zXT)nr1;uE^(y>qZA)?}i?}cTkq)9JXj4a;rcfHa;4Ln0=3Z|U*7Kb4^7S$$RFlPW0
z)j$p^(vc?GCz&E#8H*ipcF_g$b$~T_HgMovOX?L?2LE8<$%@n-2@Fgb|ETvnu=$U~
z?Q8lFzZY*_4cIrgZyv}xon$8K8J*ZA5;k+`?U9~JiN>d+vLzwP{hI9b97AWqWjvWb
zbY&!$iG47~6>VehMKT}&-J*h;P^Vq996xVjQwtUJ8(bH_VUj4@dfMDp2zp`9QJkEx
z%P5B?su^|Z&jY+=BC?<`jGMzs%S-R^#Me#ItJnFRYT8g?!YBtEwWUw-!zr5FGh1W-
zI<<eDfSF!=mX2#N8p}9UaC2oc{Y%M=ALN4gzA=Gx6qQIh&1I?`G88L1kklQWOh=|U
zpCQ_tl*tPPBhS1OO=J@PH&M7-vFOp$*^%kV(Ca~uKZ6Y7^{_YTAkGz%{p*?^%(%oM
zBoF-~&y?eFt@F@}<SlP$f4qKLv#h?1)uSa=!zqbACGzDi1Z880=9R`6thZk3A*|!v
zT7?1ea~ZX&eNb)0u5jtm4PIe*!mQDJy23;!iZ0C+LxO^b6C~~Y-BCGMLy1gzS03Hk
z548nrZoc4xamHVfI&2>07FfI^;C2s&RjBmdVzVs03N(+)3LY~*FmaIZ3VroK(FI1U
zFZ92`8Z(KLLZecyR^zex6;Q%&`H*Y&5A1nIM2lb80g~6DTUbq?>dT`f&y~m_gs4cP
zY#k|&w2g~(D3cQwDDNW+ChThFF&M-A2XHj;_A97oe!4Rm>IMz;${eCUC!_@E5`Tk>
zDfmjyFO?$~ULpn!(tRHW#y@A&W=7?4GET;-?#qsYu~)yx-L_AqhZ}eZo5cKVwl2lI
z_?}T<aaJ#$_6%%f9;xvyflhTg<CXtCswkvXhp5lJWvEKHO2iMX7q?9{l%fLAw4am1
zonz8dDU^jyyOPkFjer@cmKcGxh?!LHi!(3fN8H6FG7%6({aaB~UTSpP*_VlH^-7_q
zxz0NEZ^7s#jFi@wF}RHa;nBqk7YjaTa7ge~jG{kwP6%sa?AeR-CAaEJ9nrF`#5#2-
z`3OaE@B92DaHg%s&o=u_e<g)&F_wbH7{WHM=a)N81k|1&1*Ui2axs9<;qj^_Hrr_C
z9v#q127VLDucKaj0JzGg1}oRUXWP=@wlO8+yZ%vh#gMcyZe@}X3fdaQ5RUFmQBNeo
zstq-XVxRVR`lG;c&l6xW%;F{}*Z54zNFLz%DpsW)<`-ceT2h5gT_@&ms$eld6;|e=
zkI-?j#j?KmD=MpsE3%xQ1N$_iAmF$|84BwK$u^m`4Iv_gGSs6qdf;vVO}>kRK8&ny
z@s4-;fm#E2zi7Ymeg}i8jz=>0<Jl;(Nc?nMZY3L`lWD-BK?acKRi3qnB1PkQMShTd
zt{ZLg(;%A}O^`2FfjODmm8d(6J%#eYyoDF5EQ8-ziGF}hVdg!%yx>eLICGoFqj`%3
z<D%~A#l|s(&&H(_d3BU6?5hFKy(w}1Fvp-lM+gJepk_fXK~4xMG|%b_zg5+;<{CU@
z{-os#iHM@|mo`1hg-ZHf=?`?JHEj4o$>P7|(z9;8gj?T)Xv4trna&1sheD}!N@~7l
zhD-=9!Z+~eo;8_Kjd&VZqvLpl9d6YfmTpU;Ih5X+E=p}z$5VMQhbkwpTl+lGWrYkT
zv1ZkawR_6v?;O-Ps9gr)ebCx?RKpH9ht^dwP?Y|}0&~YFV{W46QI&pVX_GZ%c4zaK
zvEFq5qwp)qf?FrdOp&uxGtcJ@wEgdpXowI@1PBZgok-}UI(8rmeuZEK-BW<`9GLGu
z^dmk9!3)YJ0S~DM&sXO^i<M3rk(!Te$!~xy;RLY<&f|!DvBSf#h(qwaFF~MRdGZ1>
zF;f7Fr4w%hnndjlFe4WH(Aw?}yi<MMahe?yiH_7BvgHZ<7Yr$Nt@gSsb9AO0qOT=H
zZNxj`-;h$&l#Ns1*;M5x+?V(iG3o|FFkHjr0}2ky(nPMq11$-43lr(*RRT<$ewf4n
zAhk2ezQWIIB3%Ni&Eel+G*^P%I|yPBQ0RIbcX;L#mp)FWh79pNrt>ss%hY_28s^hs
zV*a)($@ptRU-6<0C^EbGe@BB{U6Ng4rZ{)ROp21NC)92T()>>MbY#jS<3|zI3;U({
zm;@dS<|iRGug9w?s#U7nT$EB-I)H0*{JhUv7RI^xWRuwO%2*%Cs->W&9xMQ<mX@W3
z+UA}}z4~WhDA>t$cP3jMV7gIL+op<3%MT;XRkks@)2u{lRnAN2%=HR8oa+1aQ$_*a
znOq{)gf?VxID`%U1Qto(n`PT7yWe};z~uH{qcFZY%BBLUoELQ7TofsB;Ad!c=PRvt
zb{ult+tko|ZCorsr<>1Ulk%w@i+YDZ3q3F5wN<>E$1%5iRwDVeWce^P+Uo#yB3p_H
z>v(?<_62IWXVdP%KgZ2QUTh>@BH^0?IY!<9uJCS;zHKk~NSrX==D2xD4z4nTPov3x
zR9<L-qQzzR70d53*|$9QY3Mzw@;2vAukKime2d~bH%Wz8tZAm1Ejk79*TD>V6kGve
zQH?X=7L@W$(I23(-qc@(HHt4sFF13rHoBghMiREfgWOK%bz50LWkK80b?j!22!~~f
zZqc#$Kq7p|u&s9ar`=DWok>Bj3)m+S2V;?2dYtiAN&+;YL|8L<yYohdLv}DK^%7RG
zM2>V_Fc3SE-TkGC{P4be6noFOAZS!isv?XLw9WQyM4MSa$n5NiC-X)^4|05w&gJl9
zwKx{x8po0nAB=;;H$lmnUVqNWdp(znSkUWHyJo#2W$~WfLw!gXDhx-%I=<oNp!G6*
zc>HPYu8{8}hiMw{x{PsSZ!{Ym0f{o=g;n;<pN0nC3I1p|n}u(m@COmld{3E)m9PfW
ziBR^&I&?rq?Xx6e<U!D%isouSh4zZ`f+@beMT*)mrs9e)w&`YjF+4r4dYhi2-6)9w
z4Zw~>$VC*b-1a}Z8HxMafx+w-GE7Z&v`xrF>{s`BXPWEwM_%itb^h*9qFjNu8;O7j
z-_9%*l<ix(J&De_B&l{Za%GBUQ|<C0?*dBV){|n<?ADoawtaxYPS3Vc_l$TO5@e|8
zpSXi8F+R1!FT@X6^1ZL2cqOiZJvz5JK0*RG2swo0+z143a7LG@k6{b7F7b?Yp^#&7
zR4pmxo$TZWmUZ5&9z_W~kL;&9a!}%n9Y>YvIuuMd1(I#)>P57Ff~|bNk~HBivy)Nz
z!CPX^)i&wP6U*Qbh!D%pWz-IJvB3!-y`%u(<_#V!s&|!4U$Lkeas|FJF<E9Td@ZP`
zKYwQv>DaFu3g{n>^O?pfP-TRR2ygqyLfvjLq<Vg}c|8C<5FeR<>SW4RpVZ>diO3;j
z;{oRz+)YL`M&ybl{^h#y^^(-0O+=xjl6Y3w4hvRR01ncfJq0=#)!(T>$rxJ_oG{d%
zp}gY6<gIYAB!OxhH!#MzN`mEn->7%i94(R-^XZq>>3oq<CUF91XqHA?Zf{2<GU4ty
zgxON?^2!d0DqUEI>Y;s1CdGy#)tpGMqU6bjbDvbZm;004O}X&OmIm<lf@c`@{+|KX
zlJ$)B;D{X^s)E=jqY21O{prq`@+q~}_M7c`<vX>eBDdduLNLzjIx-E<iRlajPV^B!
zQ7f0dLmr|YTL}m)IHP;(ydiw1j}u29It<Bk-wGJ@BN;1Qn~u^DkIi#^wx~R0+QCw<
znpyWZc7pWHp!uzT4+PEgWBiWXrnsuBNvY}j$o*KG*hHuJkm}tRt%mGD3LuI!b^H4K
zv!_QC1u@KMMP3M2j@<BBZYEpE9t+k+Ak@wQhrga*oteDTxlh6DrLa6PZ|NR-B*Lw`
zD56)ZaAl@fivu3LiIQcnb}~3=;fXbMrZt&liKR_ab{m!gc@i3hPT*nU$HE-B*~S^!
zVQV~UL?mj%vUn&)`Zt4EFaVa=tRR%k^uag!(kS3R)%cy6r0!9EyuR|Pv1<-jgr$k>
z5pfaUh5?g~gbXj0O>!@drfx!Z#bccqt||ZAr#CDafBQA+lsu~t8q6*E0$+HB%n=b!
z7;LF89k~^jr^hjY0Z<)Zt`9#QNP|^q=CpG0w>225r~7)49*SojgJ|0gRbAVE%OQGb
zx=EFyVCUYaF#n>*7g-76mtCn^sikQaUR{&SJP<sjxc{PnfuUZ@qXgg(Jd==lJ&ck6
zQKlO1#YYp9&mNvO2q2M^$;yL$Jdbs5rglVJk3PQ@A`5iN=kAiavaVAHM-2jd5zrQT
zQ0_3K!u3Nu;KI;z%QE*rA936g_jglgsm@x-W-+$E%x2{3h<=*Ry|`_6Di$87ttCi<
zrlk53k(c#IPnK0G5_Z7EzobgfXsy_CkO;5Gtb$lvQUQhYvKi4qUD&CeKZ%#SsP$J8
ziALn?vKY38edb$hbZD2rlUKX^!8eT!#$-@`NxsWJ1Gnvj1O)d}0bHe4QDFN3BwRVA
zdubvcf1zGVesM`t8o#G8bMwj9aQCavn{$loC-TlHY?Qspj8PiwSz39neF{1+AUbvi
zaHC1J2UxI%T{}9C#k^F>k(Hx5O6un~tx&1b`MVR&dLglSk9XhUQNx6nB5a_QmwZmp
z%1d*)Ip7=08Ccd|u@qKZns9%8omh?FXC}6_3$>z)4iLo_)FtI9!ViM~UM0V@op4jk
z`qFAh<<`Mb$!WQ2H4{UOjRQQpJfTB=hvx{dQ~8yaFEv#AwS$n+q`~}TCV;My5<BpK
zLCm>QgFmbp<)^C$)Atj(zqqXEFF1|Kd==}m3->)w<e8=8U|3ml!{mK@t-Znr;?+DN
zZw%}XPD{qTtgoHEA@d4PZZplpimB49%SN3Z{!ufAzz&Dzx>u5RTB=6`4lBYol9@4i
zE_dbKJ3~2#C5@_{n-m_HSg>jW>x2|2#g_p97i*pe3B(4v*7G^;%JZm#_&X%g$v8^<
zUri{hjvO)WNX9BsBXqD#A#;`}qyjUy&sYotIn~iUoxu!eQ*;}X7qt)W%RbxS>kex9
zg3#xZow;!5s_za14~k5G_G=Y$uKa!7Z{Bxf@9`vAIm--kd7A3-lG2tsKy`~DHHO0Q
zzW5=Q6^r*|_l{U+@~ApxLr`X((~4PSd39*7aMpO>hTa*~E+sJ|Le(g&t|c!8(!cz@
z*)+O>ToJHCZ!?7{DO0MDx`}^#1ODXuV^N^JTmlL~B*tbZ(A9dL$1!YfxCRp!9=sEt
z%dJ#8BQO4*MT{8x4EL8tn}zL#*J&kLXM~kL|1~Vsl3IZk^-6#rql_+p5fX$z<DKts
zrIA1bi4i&ApR;XbO2ul0gLV%_yuLfULNBImxEP#2`zHo_Rj@YJxR4~p3}Rm1sRq(V
z9-bghZJp(&(&;Su1Vtoz2ANJOIC!Vip62iCn74|>P#7qjSJtQUb6}#b^Y4rLx;`9f
zC(iMs3}oaW)Gll$@*=~lR*N)+2EIq9cnCsK33cO!kt~VdG@062-x6diHVi00zhvEU
zsdj;@rLEN;hUKB%V=K<@5j_vM)Wq2WWXqjpID(M|-7*c*U{Cc0FY;c0NWs+2+RE6g
zI?)k}l%8Zyq*uOxeb)ywwXDwEoBB(uhxzV@n;l4uf8rjMi*(`eha)jOjId?d7fV`G
zQhsNY`3QQiBm&__7=5V6aYQzSe;ax&8NXk>nfqXX3(e!g-4xcB4GN*FT{<4++aUgE
z4*2io58BJIBbR*{GV6l$MM}OzKX1kkx(t2#--!H1wAT$@lz&ltEN_1UC{mWFj+P(1
z=IZT?yx)lZH9>$7Q9M@vc3@f}O&3+!*ew0*|NZOL6goG;yoz2n#86y|#;xOG8N4K<
z<A;R*+~YKs%*jtJFh&mYYnin3q`*Jb5cD&WGF&0PVw9%%%qnpdkv#ZmZgf4zuUA>u
z&Dvp7(^c_?o?{A7&*JHgO_<67VO0PgGHrA#ob;V_JBhRG<AWRbLqAV*tE%hMllXBh
z<&fvpyrLT+)zM}HL*M<v(Loy!e<2BJ%fvN3nY*XZr_{@kjLuj#d@OZDZgS)o(E(Me
z*L*pZue9HX5_|^#&ady7#h&{ZMPoVTQMO)*u}8%@E@lwKlD090?VL7MkQE0zxf$BX
zybC=%Y)qEY?xf~z+;Vx}IP7H%cHjS{;VCL5A@d8PJr3XT_r9ebz9D0{ijq_mh*M2)
z;H)VHe7V8?=4U!}W>IH3Op3?j_)cJw%~$pKdT&HMd$1QN{<K{!=cuxi7$dSZVNK{S
z$DwDhc_d3H>6Z?&aVu?z>x@)~I7?U5lt8tq05VQ_{rI<I6>)`cd}6XRFbDlhWE6Qi
zEM`)MoL7l)V$B$bT1q28dzY2uf`$1l;FP)gfdA^1Y7t2X;Z;I2Lq;=Cs==+JM`?v<
zlNk*lx3UmUjl3xSSUj<p>(}&H&<6W4cyfud;rUR`cGopr_O$r7v@Nwc;JUFYHA$a%
zD3;K1)s$^%XZrcpdr5%t4i#SEQLftjv42DKZCpEydAVv<3HWLl-CLT_q$|J5b92Z3
zK6BlVAtcsrC_0BV*7}gz8gt=&Em;gihGr<bBkD|vI>5E;NVEsu4ZSEx_C%zlB2o#(
zn#@#e9s7c+rD{Xw*~qLi?k80=POfAdNKRg*>4#_O&t7nc85QPB(iLTNEXRqjfbzEx
zOQ|pntbfH|erxCLbx`uxSN(JzI?ssf>9YZ{s$3p?%-IsZd(3@toS9i6NrzXDzFE~Y
zG9thJ?e8%AO%)J@UHXD2Ml&;)@vMD=TXXdOz&_Ca??*Qu@2`_xZ-0SXNIVkye^{sL
zW4b@Buczqfj#;}Z)6P42dON@6HLFJLc)4bmmOuIE(QaM;S$}<dect`^>YGy_Hhy>J
z<l5lXbX0atnXE}WPpKO90lZE|>NMGLQQ!%24*x=+HOTp*Re7|3(^O$ne3s_)2oiv=
zDBJqf(pkPSqLyJQ!;k&@%2)O=ZAKSF3<hfAOn#V5K$gDuW4cZv8cqNal@=eXpwD&N
zIjWYZ@ONbOS6;V=s7r6O{iqR*E?UQ%oBNNSS`l53CNx(_rXw8}MmP&X_<l?8Drazv
z-M!9v-ki=fxEDBWn!OoRgt}IMfH!zQLU#_7y+VsQxFmJAYt<mIHmovIEi7=43V}hq
zl(rMxYs1cTyE{<uPR|cN$L|s8>v}S2&mIM;ORkhMHT|1E(Wbe>&?SetAoh&7=b-AC
zKRjNp5K$Q-7{({F6VoYoL<2iVrs0^5B@%xDe^EvVl7UL&g>e{&Oi?z!&YWESz7fCK
z9Cml8Bq~zv){@14R}PC!u?KP)#rH)lm)M`twNd^uaJwN+Hc~q%&*%>LtU*PbLuA=f
zeiBkLNTZRPV$|HgXA_A-gRn^=!ir@soj;4Ky{C}dWhAAc30}2G8?CfQwyv9fSdkbX
zfJj|@1(r?;S;E~>+Nqg%tCdMD(5nJ`-WT=D=TMCFrJ)H+8a*4JlJ&g)b@!a1hXh0$
z*Ut$u{da*HW>T419pWQ$8EW{6M+xlOAvK6f(DwS1YdjgA%b3(Jua(d%hm#H2Nz%Zp
zT?x|P__B*5NJrB$VI=d#lfO-?q?@d_=~(Nf6N<pkHsVUw+tR&Z`bDf=F5MJ&Xn=2r
z!Vcp@BE=<86(jBC?2xTMIVu~_kF{h2wT#(5`JLl?Ga{K?OSli)=r94c4Ufy5hbi1g
z5E;mCQQ;xSaZwRUz?MV(+F_%!0;wE~XxTYs^Zl@XjL<m@n$BYi-rO$a376sce{EIs
zwiR3jpr&Ewrn*m-*nbtt=0!!wDcikL=A9ojj&DtB*fKSX0d&=<=O)GRBABL-W)}gG
zdRZ*6ubisAJ9;$WY2gldFxN__$3z<K$7HQP4UQS#SCg+DEyp`zR*qXIaM1Gf^5$HK
zboyj>ZZ19^C(mAW4X>-njO6xChHJ_@r8ten&T}OnpW_VnmMW%WsF{?vPGjAh;K>W8
zry1JA9*r?x<9bAirWuRnHZ2jK9Lop;GYAv7UBvL*x<u}?dQq_>71ZO>v+IG+aANSL
z546dlxaf=c-gE@(`gjfMJzUSQy87el4x*~pnN><D27Ag7t#Js_D(ORDLh<qvf>$d(
zzuan}vXyrjcXtF&WVy`rD2zWBzJCvMTBvG~W=gK-huRpYn{ig70{-F~V*~wE&EuP$
zzMf{T-oUHJd;-+$L4RwB7~>BqJ~$MBAW<c~5^4xmnL(FabVeTIJq_rtc$$*BMMQ&@
z<w+v&(awY5NE~q?-Hhg}@%3rRv>3@>agX~*q@Y$_1;LkoZIPq{pJBW~W!2-<92-A~
zZ*ys(Mw!1HRF|E-e1YdR@|S2Q(k++=HJ3}xTiUB#J}3ttJ1t_~in-w6JPJ3GTFv6J
z!FrTO{7xaTzeAQQibQlgtiNZA;|WW-(tGhes!fZ6cg1aTAjG#?{#zqg9TnBuy$4W`
zp;M$mO1et~92z8*kWxx&s2NhiAp{1bI|U?!8A?(>a%cnu>28q{q!IXyy6*K}e&4s&
zch)-Z`R6>(%z5|T@80js+0POO>|FlDVNrNSfV^2cIe+|8<JjG6RzD6unn4#=eV3a1
z6bWKzK>zrau=N&eYg^sMION?xxqkFyD?@Ji?h-w_4q05_mItlXTMvQvKF3r#kzTv#
zH$69Rx3(S^%?Lm{xXoU(qN}q`ag9Le^)-0y@ot0#TX>O}O(=yqP)LD!DKgvK74Sul
z=z{{$vpI(cG;)MxqR^4(E-Ih`Lz<+CuJ0OYdHOI@&fOT@^<4HqM}sV$^2+H;X$j6B
zU258zmQ29Db(;e{_ePdNc_MdLtGIb_k|bhsn$I4B@jAZIQQCozf?g9<B+8o}e)-I<
z`C?mVsMxSj?>(x!+bWG>qy{;wS{}pFs<unR9n-q$&Dwqz#o&|}zHx-`2=_3BVP&K>
zm(iS+=w*<pyj@r$6*Jw+>`qP~Pms<zZDXOy@pzQpL)K)$%1YO?{~njt1G)eDbyNUZ
zx0f_fBc3hin<JkKpZ<{!dH$P~{2c=oHlhjvcfY$_Uh|O&+z@%P+AezXEDo#nKzd<r
z4c9;zE05%c>Ia<@3ym~v<h7VPHcZdtu!Xh_;7l^!Q5LNJ5BfgV36J(%dqA5aiwaT@
zMhr!lDCkLcpinGfQPbr^ylnhtm?el1=LXkQw06m|GL6PZ<834Um}GIC(1#(8xNC8I
zK#lPZJ~oFR<bvV8ZN9gKFse&9iwz{${bmxPoPW$BK;lV$z>3;rN=VQ2$)kw~mMOF8
zavkN_kZiNYQ5s2Liz==c00XL(dSI}X@+w%!OBuT*hDW|AE;4}KB=mZ-HWxgoC5~yc
z4F(m;Bip0n%3C<cLD|ySA_ZITjZ1wl%81ZCTiDKmk!Nh}OD;bkM{?>1B2(q)P@=Jx
zncKYi6h5=yqGH=FuexMve%&f0K{V!Z=(k^g9*5{Eu}Eux7rf_}<XQ5M%Tk_4Qg@0P
z9a26NZAgqL@wTie=;c40>Q>*I&)nvy@m_+a_RN%1FmzA`nzaRN7|o<ko>L^bspTx9
zz#2#rFdlq}x+w7=`Eo5+jueck_Z3w@T%@u8u`#kEhFawbEeyW+5*+@xxUm&JQW*3h
zoy_+6nKuS||KW4=XzC79=nV-9=yVtvlXeDS`vvB@h_*kwJio;Hch9L8&W^$>EC8Sr
z2mnz1zn;@y-KK&+yG<kXOrTSo#OGYEGQDqis!T_fOOdgw4@+)+h>JSBrN#xv_6H)w
zw@Y^dz$0;Z?(|@Pl!P;3J>GDFXjC<}?BTSsRYk5MSSGjdqrFY-y&)csQysfu=iHJ)
zohj=1mpCGVbWw_Nl?x!&iozF1ug%``&eJ$Cs%=lF3HT1tsb<5ZCrfN=9}nFBs+&m5
zK6SGur|46Yvh{GHzBA78AStYFJ=jZ>M;@yOSe)!HsMa4P!_7v&pyYG2?A=|5)n%S4
zKi7-_g~V6WocBSIkpaU?xV*AG+$m%c=PN2}_bem_H>+#*^=C;8XJd_O2lqla%KBqH
zaJjOUGf+k!>VhNkg*21xZO>(l4g#Z;aE$`mxjx|y+zqdr;MZ;<;Z*C`UmmzvryPkp
zW;KQ^R}_BYdN%Ex;~oLEzH_jC9|@9}+8G?QzAu|T(?Uk&zhN6Dzc!n9f-Na?O(8Oa
z0Ki8G;1dVssoV7TVhtK`w7`1&wdGf%bPV<rD?+By05hFfu1V*s{Nx-=uqH`ZQ%Hjz
z`u$7Uu24;!c`;*Mx_0*)-shZ0cN)Ns@*9}qsJ)dc%uyscDHSX9P9~OoxW4MTEm;2|
ziY;%Db`dItS`!C(s&|tDdt90#wXYqj--eQy069Rr6lwhwl4=S4-$t}q%eE6UuE*KG
z%=*SLrvCh*UMQN{GpF*>I#hZCVNy3t^wJDGiW6px^k;pYrblBLD;UW9{OOy3K_(ps
z&_~Xq9>>jR`0)Lgnn|xJ{B&QqWP64cFEmnCE4@oK%I|7sg_*|!S;=4BHj)c<Cb@mB
z%6dsNI6?;A+yr8(W2-!1_uH6LbiS<SW8Ze`Tzy|!7|TD@e>S9P3JeN%v3KL`T5f$G
z8F-fo&wN_ugdR@=2T#MIJ6E6SyukFb{>GQ0xOi_ts>8AJ6jN~H+_A%H1CurICd87g
z;Pnu4^VP=AsnruIwt#Zdv`g(Bfv;fu&p*JWkfiU}er~Nn?XMMx$a?JSWXY!y>yPeB
zyflo1sNQ{z3(R6P=@rT72qw%lV-7HTJI`w#S5>RDZmA`?t2);ipTEZBA9t_gTXh2S
znp#nhs{@VY;CrSbtwwHhOFqp)Q`tJ`k@Hw(>GUJeW43IT#7`tvi1pHYjS+PRJP_N$
z!gnH5rs_$`{3S{fx^@wAYdhzq_9>zPdOJs4YR28d#!p{RP;Zx1$oxBkt!@&a=C1(&
zJa+&9g5MDgb@c*UL4Strmf_>5MRDQ_F6~(l$bHgMfGrK~mU8`@m^%H*F<E?r4cfG1
z)8r>j(jdYtkT^)_4Tc+8z43uBZxT_@D@gU5W48!_;cAkI@8ylpxX(xU_u8qI?qA$d
zap`02WeLaZ2%qTb8pg*l<Beyw8_!>-)|NH*6$}&m#BKh*T3J+pW+T7kR@^5+ID*su
zErNPhJhbePez07cfFs3PzKW0;<WV%6C=wpTmeL_k*LPs0d!a5;7M3$_I3A{)ZuxFh
zi@yezQZOi56d&iQ;L>y~=5a_-N{T!`II*h~a<9^-jqw7t@d9vWU7Z-E`M}eo;fL9^
z#7jjk@4H@%;SaX^(g@%GA)NywDJTD7?nliS^uu3_|3k~5`<DHZMLFTS^wOsyU5&<G
zLh%#S(JJZe!d+3Dl3RYRwYPo8+)c)W?pc4C<I|$2afo0_Vvwj&;@~+V%0+~Aa}ZFq
zJ(gO!p2uPzW!3(Dig(2m!9D)?P-~~8r86)H(^Vt^RWag&99XuO)OEM36EhMyQ9D6K
zM~kD3Xd~S`oSlS+eFQ?z--xWXV8OnUwXKr1edpfY^I4V(3pnCnJcBTvv=od;b%W9q
z$a+VQbmK_c)!6oh-Wm4dB<7N`n{mTY50wLSNpb8}w??SH?md+loiL=wzj;vWUEXda
zK<;oPOQ&mT(O&ol+sQC?=WUK5799_LE!oZFA$_ym9jkSfkf|A75jV;U+8!9WT8iiL
z=*zQkL#uoas<K441U-V@5_<|RuZ+5{${&c_)z}{-YpBkW9ll#=47WO&Q*Zq?hR@fn
zmsr#Ly@77rCpzEth=vs*-nus>?}6&(7~innV7Wafo;nVd2Yj8p+fVg4R4|Id<ctq*
zNUXssucErQVD)U5+{tCW49ETOVa3^O$PsP!ByeHB4D`8==u~9q(0+EKrD1C4>*kU4
z<Ei|%0I}wY699NZp!AvTjK|P(hPskXx(Ned`-%2q3Z2w+NVwDTi^%WuCrJ>*it~YN
zO=jLiXCibB_t^+x^Mz*Q!NOK6sqbgpBhpv~AAFg+4ZcY6qd6WU4Hgd>8Pk^aZ#Pcx
z(+LMM2AbEum7N-BV7Wrx&`A#~8m)!;K^g{Hry#_ebx#s-3k7eo3O$U7H++nMdxw-?
zC`>C4PbMXv1ZycSe&y=R?%1g(w~j|$eumkrUZ~{prMpz^jZW=oc2mrBb4=?=2x}&-
zaPm#Y`Xh(lTYa6Bzd_*ByB89<bbGia72bW$2=B2YPP0{o&nAG%%v2;O$FgZx$`GIT
zcdvJ@FT1i^L@XZ>xJT~XcN7y%Q{NeE3r~h$N*x;T7t~5P)!Kz7wFJMb(Ged-tjV}2
zi^iB#pK`9+e=2%@A;&TuUN3QrixydHmrSY9U!yq9ZK|`RmAl;!AbFb?1XI3opF0}+
zZQi~tlA-*G^fVvqwOgkJ3ew1xHbd2&TpP|gM#`-AF|BK^x0pIzOa?!+uWXY<-1#Cm
zM)3l6KRSC5qx{-rUZxW+EU`?2jAovrCYWG+C6V}g{q&+26Q&P`D={V}07WV}p9Ldf
zRR$O^e+KY$k}Tm1UMuhlzrm!%5<nhmI`)!wB}|Opbe;u58w7|U#uTQ-A&28mF=N`^
zV9x5&Zo=g!JQT8M8n`t=#KL~Hn5j|P2x~?!fs~j403Q1KTQcL9P)0_qnj@wFzHBL}
z)sqK>C`<w5c$r)%UM+m>O$sW;0=0h_G2YB*L!x$>naNX1B%I|=3!TaXckrW(C-g*$
z0q^YZJk4~;G2j$YljX@4jvhQ1C+1%L&f3M(<~UmO0Qy5^9~iSy2d%X70FobI9GA4E
zqMLLKCtP4cYL_3U2Y{bbGfI)0KMF*?<@bF*V2sXDQgG(pkI8)y?jBz%ojKE(`#sOX
zywY>-%jNgMx8(OunlkwF;6q~yxNJ^kC)fYI=0m<D+7(~`0G#N`jp+B9|5GW%+{wxQ
zSFxru<v7KUe@>x!W3XTZ?tx2+!Vac1!o#nxQl`h7$hpm2M@4E<aDJ-do*_Y{wXY(T
z>*?v4t8P7$U3nNyTP5hX1!04yx}~0~2CQBTi9Q7tS8G6lgIf=c#?S&`#fAjILtyF4
zbV;rBL2AD8UGP(Hyd)=D=LJ@Pt%#OwWH3dV_5@$jBfVy#5+>^-((~=S=Ge+{)YI_6
zlNSUeY*Amz<zMc{S4itMlSW{RNC$RJq_dh%Zg)ufR0r4AA<}g@t;4g+t}7XwCpCtH
zcD&Zl`dmU3$9b)HZa!x8kqj}3a_3N9<u>{#lL--nd8_y@4hx#Hm|nnFS2pE>L?kuO
zvrO4aZ!j?R(Q2t3a&cmMe8g>(m=d)){E#}YC|UmI$W@ALc*=t{Tasg+yaspONC2$p
zZ@(C4WWiBuBv7VttJ=6~o_%YAYiokh?h$jAA{KMwvc&TRKXJ}Cd<+^JyRm1o1z?{L
z7t?RDImAzM_7)c_Keg9SBuzl>o!v8X9K!W*32vR1)oYibi1a%jG0!Xx*eKS~XF3}8
zsWDE+r<2j$z4>pOB1|E?m1tW=pq-ccw@rWh?>{a3%a_|@)q#Qh#EPY)5P*`ydd^#f
z<1{57vFnc(R8U|1*DbC(t?Y2eT*No^t~2@vvFvv38FX*AXyKo}`0Gpv*53sr@K7uG
zyNUOSRUIhq()wa)Bz&+VUgU4^pA)i7+)T+yro8}Fy3HgUm#y^9H$Q3qR^3=Y8I#8m
z?-czI_swj_wO*3zLXX25RPzQ9%E03qZ6E%y0b%A$;i3GBRk_QRKEKSlMZG4Jo2PNF
zTMVpir&s#l&ziSDW59s+->2xhg$(_yMsiM$u2zn&Pab(WTR}~J`f&TBUX3<>;vWfJ
zW1Q~m{#bU;vyHQH{F+(PI>MgpIjWr=fk_Q<9~l-gy1*%RHv2p~_x28mF)I2WN4>NO
zT@2JQ5S<t9A#Q=@5q8@y&Q<DaCl${I81}6l72#(#Kh(GvV!$(|wULpxS-9jN+;WrI
zUm@mRWV0!PSW?kmRoz(M`-$(vZW#&|4?-&N1Jo@n`TTxW{5%GV$Ot}f<?ct(4z4-Y
zTU7ayh-gAeEz?!;CBe^Ccd~&i{Vw6CWLf=jKy(F!CBr0!jb8B8Tzxk-c4~MS{!A`$
z%tJNj`dNX*#=B7uuEF~f<T6=Oy!UXkH5&rH)+|ab97Rtukv(b?^zC~BmEN7Rv)p~H
zI1945JZ(KfxK19&VTed^BZ#!rFfhrn{%8j&cB(5Upl9+U`Xol5e;qLNECT?RP8M1a
zCub<1nX~iH$-RoU!5m=3`*|nY_elPNqOUNFwtu26oFG>J30|&1u$h95Ml=03=U)sk
zjB_+8TE@uL#>&C!_xMY@=<4T7zr?S(G{FSO=Mnwdh5k+8-+AMz4$>b5q^m4f^^^W)
z!T9kE^M6rOx=MI;bNn}<zjO9g!arN(t1MRw^uJj!1oM8e{3+M3La!#YKhS$<ji`U5
zx2wRb3E~fs4e|Fk|0`Ww1z%l>{(w)Bzrg=xUAoG1HOl|+tQKSbr<m7LyN>pvpSc?k
NFoJeP(NgpP_&*%L-XH(~

diff --git a/spreadsheet/macrofree/waf_checklist.es.xlsx b/spreadsheet/macrofree/waf_checklist.es.xlsx
index 7455b1500027ffd8233bb145c211bf4d1be8f16a..24948fa3061882b53837a74aab0f3f18e91b42a3 100644
GIT binary patch
delta 162912
zcmY(qby$_n_dSf#NOyxEN`vH~8>G7%1f;v;CIxAvyE~=3I}R<~-6dT=9{qmweg9fq
z7c<wrXJ+laXZBv_y7A5U{u?AYNk}M62nYx`h*UqsD5Q4y7f=tVe76G^^^*jU>|(_1
zX&c;iPkOH{2Cq$`<bnFe7qX`=a?!G98$~>4p^m*&yDn?h5X^DyEL$I2A%zRe09Lcf
zgl^+3lyQH5$j0$i53g5;P{205*FSuF8Pp@>(Fj?q<#7(Fmt;gxLTWPr*$0U_mzW^+
ziOM+V(QXMY^0g2wg2QP-4wNoX^(y5YKn?|`aNjz~TzaNo-6n*D!FgGy>Gqu$O!L~%
zkrvWWCD^q4*<MDURhSuQT2gytt4`jLyxOFu*I%>HPu5DQdw9~nPMBiJhBAU0HxOf^
zWteSzz*P&mrIEv%J6?DWGLMN38uR%isj`U9;N2J;e^8Gy@@_FTe&rU^GGhLG_LBYo
zw@Fn9ulrz7{@bQk75nd!Q(r^OAfd%~48O*$x`8t{1nO+x&0RcF`}(wKLxYNYOziL<
zvl<6kH<*>l3ya;s>&Nsk;!Il#5wvcf1}3ev7Dv69&wa=W5uv5`4n3>X4io90b3cD~
zf+A-I&|VpN2<--7`lmIW$p>{66;!w9QqY&COsrykL{>p6M<`avMk|L~U+AVWkP@=;
z{N#!r1I$g1^KO!52#MBJ4d`(5D%WJmq#=*p^#3gQ5~b)_ku~bObvXr=I7z5h-4P>+
zofpjV9@?kLy1W)jVam079=<o=GztdqEK4Y^;DC(q*JDgS$>n*0mG7BgTuBj`1aNW0
z2b64K3P$Ae8WyT;2Qg!@>#MtSV-@ieu0Vq<Kr^+GM3`s-+nHr&b)mU6v69bdUlFFJ
zc3jmmw{<P*v?=l{#_|#JY7Ac|qM~DxcEmtWW#>67%@sv;eIA<H2X#k;BigZysL0wN
z86N>g_p<pn0~O_#TP;-j<f1_R*HM;z%3YL8ZS6P3kNFQbwvao>gIHw55FZo^^BsC2
z0Vy%X@!LgB(<0dRaV44tZU~>e`F9L3MyhHFb`eGgv_?g=kV-~Dikn;E*@b_1v>h^3
zNU^Ipt8nUzKP+jhv<t+(j8vLvrW%XpE>6*wv-v}(grzFa^{A5@Hj<C`6+$1RX0da#
zKUi|04uMpW*N|@OD3Ogjh!xlnrgH2vDRJeL|FeswcpoH6H!F>cf{hakmemo_ht(2{
z&?Ku|`<1L%b5w8|nto{oVdVbL5`~qdY+GSd2j#37{G(=8#T8!bk*T^9eC5{jh%D9G
z`-Bi>Vsn=vTz5V2ekzZPVpC~3Us&3uJacy`LsB?-7I4u}Hz9mb1<6%1DuH}(AQ@gF
z6WuTXq38Q~KXePN8lHaeHLCS$e9BLpH4qs!osH=?Nt%3?idI{YfrBz(6n<C*@A`uO
zCEChUh|W|I`<@1U(DO)L#d^T?en+13;KF^2tkZ$LbW1;-W<nF^1#8f_bd;rLmx|&_
zlfKv)7|7dS^(*Zl#}1GFHl+wMT$>yacHq5MNitglCE~7qHV}^d7RUQJGPOgHVO6e3
ziqSjLM_}9N7(5ti!-V#iOKLYDrjL!(iJ!tm)j%&)>J-cPmTjLUyH7QX+>n>7tZCDh
zj*}_Dr78y5as)fi&?iz;{rno8i5=j&oe!*%y-{%Y3)0_!B6qwnL3HQr2>Q)vB!UmP
z<SBZgaK7V`60t1p5JsQ%JA~rCQ5vgPUwQJa@-sF5H$>jlM^aKtgCo~RKY|=LyBIz6
zg%$c3EAJ7LZ?434BQ4Q0a<x$=5<^{CdG05yoi5yzu>vDBO(HQIz5pq6vOCfAA^XX^
zrpkNrjag_0{h&{umJacR(qz!H{yQBdp<eM$xDW8;zVE8*KSEac1eh~?|B6_?M+)|x
z8ud1}Az*qLIq^C^uD;q%0#b-r3|&-}0={q@PUwBBG%k}erCd!fUNeTQ9N8@s?*N)o
zVF3Q}<TFI=+TnX8z`x6Vie)rm)xiZNb+jcmFNqZSL<H1~gLaz6gJEpb*e%HSO%31V
z&V`CSwr%NsP?!7vs5j9L)z{%ZuDr%$#?lGJ;CtO~ZtcB*MNOpsMed~VD`HAs*q4Cq
z&9@t(j!AxpoYQy#DABf8SWqpVuW>b?EF}6{161gN>lW}2o1llWCEKsF>LiRrO+We*
zEu73^M2TqZr{i-6bB8FA<xCt*6kg%qA`VkUrzAHnE;(H!^SZ}veCw@E`N*$WUNn)g
zD5NteTOip!tap7cuS>$V_iGb%$8RHaieWeOA`#5|XD4_3E<(}3%%V`EUq(xCEdr|K
zfHE-N==YRDJM+B3f`!{vZt}kzx8dDz>D?{jCTGQ8^PpeHE3{5`Xy#sUyvvxm0B-Mc
z?SD<tX?d^rX$z05@R6f!!sTNZ-g6pOO%{s$VQ>|w2Dhhv1l?P`KLivJEeNw`w?tGn
zgC{AHRN;|!nu98y77z5dav&#U{yn{9BG?2GRp{Y@akyj(cLB*J+Xb4l5yOC}54Ybf
zM#G6H#4J5^Vb4A`J%2%eGd;7vY$B^knCeg}T!LlNThPR5SUQ>b@z3W=LCn}|!)n5e
zhHu~93I;PAhWw~NrP{EY9+|3K$ib*DeVHK#{N-*<xM6QrF_Ym7cWcmBo+y7BsFKCr
z6f)EWYPm=g%r3@_^C)zDf~{*3Dw8;wZTND}gAI->hJnZmVV-8bV?J8=aJkTq?v}O3
zkHeYjP9x1KOSoJ4eTW-A!yGw=jd4EHpjv1*lUj9Cif#buWRLCT--5Z&06m?p=~fKP
zHV5)<a2bMwd^Xy)xW|37E4r@L2*ynW-HK`6g@3+NT&ci_0$s}x!q4KCeKx~TOxT+K
z6?n6pNe(&(&i}$i4k+J<B0dT|MFsVudq;op=Rr;6$(Rke@}1Od%FZ}9vLEH(((N%C
z*!1sady<Fs0k#@v${ciN)fb`?p7$kD3c9?lLNwDZOBUGL7WtNsjZTku8umw{%_e1=
z*09VoE}XLgGB4Q<V`LinkWrO}W4MMPRfkzzkWWL>9!mt7L50^u>(uwm8%G=!Q^Y4G
zKghP?&EGJUZ~&^HX{DYOdC7PO)ztP=GeBcUSr;c(y3rebCkVO%C|eJsW&3cYp>W&5
zV2}EO8tK52vAzG&Q_WhWa;T8X$5-mN`iVWRj3z%mYz}=yH0W)~(les{dBMVv_0GW>
zwg>b%K;n&-#`?q{6;g>M;b$yetja7=@)Ao8bG7rVPwI;@VN(;z7s@!9yhoorTY>bc
zp|h=qxaWt8Qe+B)JP@<U5_&5drmRWc*zdHMx<0HF%B=XYM@qyL6)uWVrx*Io29tNQ
zUc*Faus==%oKW~I6<F%;rb2QN^-1-p8s)t(m@Ah*gPG2v;KVDEnL$d|NzC?+4fBXS
z!W;R-&S)Qs5{VcdFhxkoqe4^cDWp8tU(Mr84Hn$7x6Uoh3s#i>C?nDXg+-CY8Y8X2
zOafN!d?%y69S9xL3=+>G!{)ZPM(6=y{adY+BOw-+Zfx+&YNcXJzJE=vkXzB}96Y5_
z5{r}7n`uhbOb$G8Q7=-U^9E4{N#x^OI6ZR${ShZquL^lw1rX6pvJ2qTKX&g~U~;Da
zM_}QUuwYv@>i4sh3{e85IPWcp#F%R7cJPKSI!z83k!QR}J$x)4x<Lg0Y(TUnBzUnQ
z?8OGesGBQ1p?9qu6R5W(t8J-DG|S-NBT;>+a(0mv%&a_*Ud;SxL15S8xRhlY(^i49
zS3EO;G(ciyBk?4jmfGcY0+~tSs3ErS!Mp30n)vdiejqej@L%x7?28gSQx<>w5_~ZW
zt%n#R`QYk4qOTks9~P*l7TLg*b1vZt_ZBW$ef@er?un1a+_gr0o|%=*F*!&4$7PH_
z3mCwLg{)Ks&n-8q(Qdw-Cmi<^cid2qaBqewX0K@)Ru89*>UpSbE$m+ktIdIGKeSRW
z2)$%lyvrkd6;Y2mb0ZgdO25sZR7%Sk{e@7u#MMG*jWQJ?d#BcgI3Hh@20wW=3gaK3
zRiP(exsX)wb;jg>c`c;pHVwetaX0WiIm-&Y5G=!*1gTY_hVv-2sa4%JpH8xlqVqaG
zj(hxo<f6mgahLnQyT`1phpdNkYao7DQIE9eGq;eWCqY7UoF$zsshZ+eRe{9ij21~T
z2VVcNe)e~T>CwhQ%cjd-h{`+#=lF!w7J+%4B{Q7}_Sd54USojurjWfi44*aZ+>hzG
zlB=h%Ya}n~kC?I_zW(vMj*affSS=V?RH0>Vx@_0DkH@YQZ@L%_TobpYTzDgdu>;Z~
zaJgj=|2cpki5OxJRH~isBh&rRTR!uxZd74l4UO3*nZ0M4pGQpIW755@y^p<7S?ody
zIASvv9Xl4h-0>rkAZJylJ7+Dy&a_q<lp&uN3<sCxmT_h|``uoa+EAlo%8L2^F$!z_
z(~D6mpGXCoPX|Gtb}UkRKfbwW{>(ij6z47|EO*X3vZQYRF&yfzRh~3by>A8JU!{gt
z2%5olB8UyQn+8l>djV)our=jo23q#v=Pt7gikPvH8Z%g{hXl9Zm1-2W+B9w+wFCVE
zA2rVi9I6$5b%?fdS!NHeygAEBHvLvx7}hAW)X@ELREDT)7l)5~NnvNw>ASv(2OR?C
z66a(<4rg%at}C4v<dJ|9O3fAQfeen}f&7$C+&$eAV8`>!&jToVv{5G_zs>x84~5l-
zbppZBa1aXX+A;c#bB1$ARW|Gd(qfu71kq>t_sCQGvZR@iIkn|s5DLCzkN-;^$OeS|
zF{mlSxUd3<0vvE|FjlYv9w&YSc9yPg_r`44@VOVaI`||cv0sYZwh{L)(<cG~;MbG`
zb?Y2~^<i{JvE2o(L@;gUZ&q$}C+0$##G(7DBZ%MyF(y}4CJfcFUqcObf%N4$uKh}+
zvME!V!Z1wY<o@PP+i=5|3E_B#Dcz_swiC=Y1Rth}nOBOhuLr2>3hi!Hm3IMN6>3|L
z56^DO69rUvSu1CjU)}DJy?{-whIJ90V342i2o`(O9vu3g<jF-SAYlVV^%nJAg8>%w
zXztvWerKmzD+V(dW1B*pFj&|h&3VR9(gq6tuV*GKfnFwjivMUVhA5Co!~<D3CofIk
zm!!?m$>Yf`QS8C#AlGs6^_$weaD4eXAI(jN3Aj`M{Bq~hcqfBT0Wyt2%^ByUxv19K
z8NSHal;j@8!!a80t)Mj|mYjB0C6%$6fcyI~wN20jC7uZWqmsZI!2-K=gfW0jEHm``
z4X0MC0K;?CL#x^Qj5isWv05jwM1&QEIjjRN4&`BGvjPmW6AocDRbOKd5<b|n0|^o<
zSMMi91{@mUe&0XwNn~&+K-w{=4)Vi8j7U3F7-VPa2~cl0<bpvvUXAo2jxi%kpM-oT
zMgE1to8EDe0m{Z87G49)!JDA+=w308wo>0I*&c9lOW6oRy!ZC0$kF9_%lr|Ql4ROC
z#7M?`v~tVnK`j?RNRjp4rS~{5Tlh~TKDLRW?2ym$=l>>57)ypl{N|^6M<*GBI(9y9
zh+!JeVnmnYcHSL2A;mxXIk6*CNQh<%=PaRR%Q=a8q*gc0EJG0n2d#YWZcuG%icnS`
z0af=FB|N1YUKAOMR0Ueb79Y*U|9ld@0IaUoGVqUCs9CGIF>9;e#xQYmJDTAfQ&Se!
zVg!6yRZ^;ZuiE4P)(hHnlImxM8R9}n8<*$SAO|JlifdkW1)>MieO8^nEL-*+c_Fu5
zJ&w-vL4{8P@qRR&p^eh$xf3VF^zw+?Woo$dIB)IGy**CMw&f+xW0b*h<(henbRbqa
z-yqp6<O9nu=%!VKGVXp^`wiiH5%NohIH3HwFD4`E*#x!)+wAe(pdX^Y5+1w5vD@Hw
z#A<DH#R9mPsn5ah!&G&k(`g+f@E#T<H$y&i7uw>p;{R|en(&6S7%xR9TWU4bBt5+R
zw~H%{hHsd|hnG`8wQd{TYJ3Kapa@*wvg9#jB#HJS9B+B;-Rg8lNjnqj3jKBOG*80T
zxX{iSukU~rvrt6pl6gIxE&+SIJt_ff=bre|VQ+Q)5`0-S3T$=l8Al$~JcLe@Edl9V
zz>gC*3C%tQw_ifGTBe0kTYml06w<M8IWh+BDWJklf@)@q0E%QzQz*ch$+2&kFN&FO
zgCwuZ4jy@k0;l6QfN0}UE3~MdH6+#oX!~2#?qF98T{}63&OxC&`U%F1o@VK*6@-7^
z45ug?dJUg3Y1!xbP_xmV^ry7Icd!QjRj`gohXQ0qucb(E>~Y1UH^Wo<`)Z2~7<Pd3
zTE1Tv4ASai-;2x-#&Z`L+>z!p+C8&rHVf^VbH8}Qd+*wRxH>UT*WcbOEo?1|tU7N(
zR1${8W=Zh`tfXsdklLGiq&PkIe(m_6sI1Zd%3)D{u-ck&;Lw+TMYDTz?M1<KDdhg9
zrOC0WwoplrDHY*Rx9Vh$KI`>SJN+o|Rnf<D;71g}ozeGTe<KR-dv18#Yfms4@dvWC
zLdqy=M0gqKe~-&iwr~U~(P=b-qdEE_ayBb^6CMIq-)ebFGCQO~UuaEUf|0PqL}eYw
zhmP&F3`uiI_JXW$$%ff;VTN5rvq=n+2mD#@40_W?!P1Q}VV2&|fF&;}IO-bunM!q^
zNlJd$KV|3E)EDROc8KnwTw}RQ==L`Mn#2mWM%3EGK(`rEPH5%l@$3~o^|z+<G7pWF
zo1w(yFX_eK#(Mb_ns%)Y_!ChYv{yFSk_H^GtAO#=lcu1aYRD!J60pG)1*{n>j(`G`
z@2&d!4>|fvHSD2WARW~p?Xzo4E=A>jm%5aa#_9xmyoyZW$^C>at+7PAbNPkm)R!I4
zmHLL1m%rfNI~H1B_0^!O)M3_W=5vu-XN%PQpi#9Uqc=MgCJe6b+>Q}#r1_HiSZYRE
zt=L{LM^p`K+oB^}=9wk?EA&SYWh%1XRr%Zn!k!339?|R?fK{@2ir_hbhK3~{cOya-
z@0yFEqYrlBL{X~@7fuPhZA8=prgRV6>C3(U-s_t?K@iMD%FtHTs`Uj3i!Y{KB5WXZ
zrcQCS3RDqTSEp{DzpD3<*#GW)j>Uk`y1;_)fh$_f^ryzrm3wKq+i<W_F$V}{F_{~=
z8|eMud?S_bmqLYXmxtr?8$kVu=%gkrC|QhDo0@!58BFGcRa3GYlFhdsM_8R9lHL8b
zkr;n70q!j*^2HbrtLi9SB@e4bEigXE$4;?vk7T_an@~T^+go$67qIwL==%MvGlE^V
zg0LXHXJjrl_Z&2^oCgf5>~<A=l-a8n&uOAgWHBQ`D{%j4Iqns`vY=8IiCMeV_0#mc
zt0C0smzT_v_J=f4il11vj#6e<rfgg_SMvvuy&V*5BoSDIDa0F?(JTlN>nhf)g+I|E
zALj({mPZzsE$s$c9XJ`1*PAWe(0)VkMI}|o5R7?wXa*FJz(9uA8N~0#PFaeV>)PM7
z7{dLoj;qI2{eM(2U0v!utK2L2?wQ@PAVP89JF->cOfH&0*l7VP(|NQLR16Sn!wIs4
zd*|sM>j$0r&d75VGCbh^LVOVCigQw`AW=YCTb-mL-gy7+bCSeE-sHCx%nx3ZAwmBE
zpqO$a4ZqHg=n`{YqSu;kY$L2wNgIK#0uBKMch2hGTisCgeAE4BjAAcZ+a74$xkR?1
zpmz1Yqo?YI!ytd394b*CbAj{BmpS>|I%dkGnJQyate8?N!(i|mY->3wX7~A_^f6Dp
zu}ldo7(;}5FF*!>7aopIbvQR)$dVPZN%6l@Rx&}KO8&;|{tv6;tiiC2ZM&Z%XyhQF
z52l9`pNqYwH{!7ITQH<zQ~k5Jz)Tu_V>u(A1&fTAz(pQSu5wa^57kte%zkE?gIE&I
zr<D5$$g#uH4F;K-vFaA;*_r!S1XI>9Vc~h%z#3Kf*L<AJ-vGi-L;vD}`MEGivO{7;
zR!uFAc<8|cyxw^|_-=@axaod84}>57*9{hXK`h)vV#*PY1USlxgzWKER(`l^TC`ct
zU)Y25VS;Cl2<hv+!$D>vcl<8dwAXpqMGe)CWSVCXnbMAAo6SCvLO4L`k~JyZJ}s<t
z#v~71An|gt*uv66ec=2}%!3NrSRa;_W7*(J(;RAx{~M2)@TVoIX^Qn)z40y?4*%m1
zUUJB1>JOQ%ZeWfgbvz~s>B}3*h5+&X=sTj&=l;y00=H1=7+QbCrKzX%FJLW*8@pDT
zZWWHzqdg9f5cap`!-asd@Z=t@Q?TLep2%;Y3fIqv`bt#Z1tBL<i~Q&tAWp3ohdmK;
z{tkkgYMAWZP3K38e{2xx)1Tc_{%G;?2n^8))mJ2cpv{4wNp`!6*Y#5OYDq0b&6%C5
zd%R5f#UOibKe0T~@HX{hh{OH-#bmur4ZLs-;EOe_?ZJ>gYvJ^vH20=K{d(yrihEc2
zqgA-N7e3#_@T9Re<S&QfayUnPM{%l8RBmH7H<HPOIS57b3_>sw&5h@nv->t?BU28X
zFlp<!E^cVQA=q%0%Et#1RUP}S$&(iUx+Pl0;wbvIYXgq37xHT40^b@g=)bH9{4OV-
z%5E^8{wl%+y_DM0>3iD;&}uD9a=E7trAN=#Ostic6l2rIJG}y7?8Zo0WhW<)KK~Fv
zA-o-BCwaPh8d}oCuug@KSxgH}vypr(NOfcmd!jYAcA6&75I!$jDKdWkso-A^a4s8G
znNl6iF{HP7l@kx6oEnl25db6N)T&mHqFa+nQ?Sp<N|D)G1iSZLeQg5kDO47h^RVZp
z-H;uGQw~W@z(}iKW6*XjWD_B#jQw@)r1|TbggiUEM*2=E&X>FJmVi9d%Fv8B6N&-a
zTUY=z684v=gj1j-t`_PM=`c}HL5Qi9ng6IA6-*i&wiR%{pKg%v>wgKu*4E+cpp{kC
zdqq(3P=3<ZYN^P?VoU2alW08neaR{?L6k2%x{a`g(ASS=auteuT|Yk`4kNm1j2P7z
zZZ%uSeSbGkTks;@ujmsz{h@sB${;9jIcQtp$be^$F^`_Tu|ciw7t1=`d&sdp2Z+X(
z+}KnP=MB6pXAv5i|C*xDjRwVD9)<#v5J9fMH&-B`qB3Z`A^p5tv#E(K2L$nVHJ3{w
zY{=f=G6a6b>{Mr*m(T##mLq>Cx+o1#6GXWsW{c`R%$}Di+K-<jxVVV0j<_wGk4?!Y
zE-VI)ISQ{&_=>VCmn=row^kbFZ2?oX9Z{|yy?Z^Yo6`L*!qrWR@270=d2ZEypuSBG
zXTL6=tGYcTYo0?stZ=2_uxMrA_{qr6E-F`K&cmRNE3hB0`*j#Y;LueBjiSLlpR?=C
z_^)^9U2L3g9~QYVv*PPt;B1Uc!40`xG|vf6e-ov!69~TFmQObUEG^mc2L_sV%IMpi
zf6?Xw-Yps}+Xcm?R`6yr*;XbfmurPd%3axZ(=dXq&uc^|3ndkJ`c7)$iAU5bd(zdV
z-zEqNhWKL<twK_!Dv-FMZKGC4ni9jJ8f8l2L(RGnC!vJeKWb1&%ej4kOLU5zmz>*U
zar+{4L0LZW_{~%bD9OTcUKQZs=RWPv+nB)%*EPZAe<Z2@HKStZitAen)5-X&y#XpQ
zlv*K8P{MSulACgaTO!zTZMkQ}rWXHi7IsOnwQzJ&u1&%ZJ7vVFn%;!dOvPaEbDIso
zJU}AMUE~ifzmixZEpjF`co4MD_840eAm=*0-2ld8j&HL%?^KT>QKKDCE}t4VnB5xt
zN=7$yiU(&8FPrhOlv_TX{7N9fP%ZXhz>b`rc546OE@BsaVw}ChxxvM=V0qadD`eF+
z8%L$kXQP#yA!twc=*sbfr@rA*f5vuN)*DU99BwLSBdRTG#lhj{<<xr~OB<}u)`?G5
zo$Em5-mueG=7l+t-+%|UFoCK<Ld^ZZ4ff_YXea$q^2reUvu(n*EfmD}1@rY`wtsi+
zq>Y55!=hofm!QGQU|d^>CYsJrsGanaAe>i3!8Te;ULdUA6M%=6EN5pRlH}R=v`l7o
z^{~{ibhz`wnaSPWkavb2xO1_;P>JW58zDwvIR7S4%CeO;)mrOe=Qiur`qVTxGeWyk
z@Y<{~CdosvXs$Uj;z~F0Cp09jslweBWXbvCS_2bnPP&87$i~T9tr)3;7hh^61fz88
zq<&4Ii^<h0K@Er3Ce=;r@@Akkfs2!n$s^g=HQ7><LoSJu<5FW6K+ipo-KputJ$?WQ
zcYfUx$2X6^eCS$5gS@b85)Ke`-O07w>Xms=Q>ROdZ7~zZj?xSM1{)<_ayi$bZ%i4T
zYLx5Ww{lOaa%fw|Mt2|r8nijW2ebdS6jXVUV@Jz^2Nko?${q}q((rvsuyYyCM7W5n
z&X54BL6__OS$u`W^~tys3#ucYlDrR$C{rn!Z$CQ^c@|SEvgPq_|7iD4D)E(<HtA0e
zPj7BWT_W@>c#41O3kxN&o}YhY54N_>Hn|N^k#SPtM_tTPTrzMs(M1-M^4FnQM5g4>
zR7Du92d!A9@ABbJB};!;XHE$kr6>CjfKeMVUh*K9kaDJsD%_YxLl2_667NcR(~q#A
zp`#HSGU9&}ud)^Pa8f2qd!e{74#wFgoG}MqZ*4Gh+6iulV70?!Ql>980L&wvU;Nry
zq{u3udNzBr616e<x!p(+HCO00W;LqYi~^=I(lTl%ebai}(8J^%kkSWhzbIRMyuWm4
zwLl`_*4pQ1b_gBX%|4mb3YucIpqFSXHsj;Fu$<PsEG`-vv0y;BA+hS@nGIE%i)@<n
zYZh?EIh5VJ;H+8#rGiIoIQg1_enZ#ZLukeY9oHbls)4?`f9Sn^heyE^R8M*{A$-3L
zC&{060WXd4`U+bIFDGTrbo?+IeVobLDY%{2mBb_>O-K!bPEGF&5Dc}@OIjn?P-J#@
z-^_odv1zp_u*7OwC&l?<yhiUiRyDU4&3<ilrH+Mi0>jnMN{}pAAyf-p{4`o>em`bM
z<m7rsiph3Dyzv>TW^}GevIZ1a6)(9b_M|YK2mH*x=UDWGWqO-K&7wO96dU4(*LMsk
zgRAyjJil&S&WZd6yzm(lC>?7wWtfD7&`pH~dTmMFf<bL)5%`#d1*CNsp1)pc<F|2o
z_Y!n@Uc3^9q4%H=4cs751)C#d8Cr9_sN6)91KBze+Xsk^K&-$x&;f&-IOfCRej3**
zj}A#1+%(<}E-puQg8b_T25zfrX~joX1|!uAZaqJ#Yfo4kq}<q2BSvj_d7FZML)Yz1
z=;{WY!5{>!;TUb~);PCb(Uc16`}WudB1CZCKPP}?4v!cu8|-^=0_1H2-ZXsu&ndZV
z@%+F~nykvBeKjlMqPaWL@L$&z34)pl0yVAU(yFO70}G4s@q1!@xHFI6JWx##JvmLn
z|8$0lc7{tgnH+qX>ue|?lR^V@-jRRP<1sOM_r04z$a`S%Yq<UPzXH`*pY8UXGKc-k
zHEoPxd-!EfjL8WmIStb+0gV2(;P|$SE+;;B$hp3-yZP<@tho)AmX(r-U*SAu651}!
zg-&tT7R!xDiCNn;^}br4;N1r>+U&nb8Pan_FLNJaw{loO+SIg&TqI0)WJdzrc~S9+
zXSa0BL`D3B6X+CWkJgVVvcy$$$b4;v`J|~&r#y!;urk&}ZA>+%0M~c&XU_gz%MevU
zif77k?O%HZp3h015w2)v*04^lQiL@plHtq(em|KqHq>z4?BfCjdb48kp<|{7ql!B5
z!sq|)F;B$as95IJzM<+x!sZtfp6&jIl(U3QIOmah!hmV$>et>eTAH)>;<((I)O4g7
z*Zjdn%bLKlWa*H^RjC~suk+^R(QR7U$?77~`kkB2;*FS*B19k!B~MslO0UHYUK8Cf
zdF$L{e1y7*;9xp$#F4y52gu<B8L|>$==$V^j;q*h<yEReH*ZD;o=fK{F5HKK!v{?F
z>C1L9yS&{WomBfR^AvtiJ%bg*MUj4pyq3t91+hSxl^^q6$K|KiQs1ykTROfwWzRt~
zGrXj5uh-Nfo9&*5^LLmP4bI)MmzbPLucRGWb@)!*4wmoppR3W@id#V=C&*=UmrW{3
z+s+F<vX53Ysdr004sOzXXTB`5p4+bW=>g|0qf8yp$?jy>rf|>-sqQ*XdVwoFf680H
zOYhUmS*g+QZWinDm|_o^e8=wRi2`}b)l_uvG_+=oPi!iWRh?h1Juw1wRHA^DGTB7!
zB%MjSRiS7Flh<NG+z(Dt4|YurgLzI#qfJzEWw&R7O3cl8SPJQ;-Rj4@LH}JAL7rJ&
zjjBGOv(klr*!|ZA$e+#1eDAiEP<*!mYPA>Xi@+qF#=w?9ki%ETvlgZcMHLs+1}vj)
z1zBO*O|RZ61t|4xDEp&!85G|<=061z(^Ub{T;_rZ?QuV??_fr|mqHNS$4*y9XF438
z{jEhusw-OS!0J`S8y~R$F&Fexl2R|1+5S#6frD_4Z&jG@*f3F$r)T49fc-invib>W
z_jAdWw~T7;o=0O>yI|n%{8WqFtF%zc>%|G|!O|L{MhiE;1q$iXld@KhX^PB-*D6W-
z-^a9kRO}kwk*Vrwzi&v7V~T+%+Y8E?H7QIlPmFxV+rD5z5;UPR=Bk+dZ^r-0j_Pyd
z8(zPV)ImIc6Co5x8B&jD3CQDXyG5ocT}=7DHyx<K_DNBxr$)xCq*&r~zMDYVlIW`4
zMg1}xz2%pjt%$Zqw0`KM-bufhfu}-~++@`FvA*Jl<Ojzy8Rc&z#v~1*1>uk9X&EGX
z)5JTDy&ReIZ%dWJ3kd2Ca<QjW=`HuY=fcdVuGDg8b|W=_#yvio$4}In-Co%j0wiX)
z5L<(&?WJS)nfTkGWSKZ;vtH|MZ>_AD#Q5rsS4Q;TJpii{x|#!9U2vax;U*U&AUoD8
zL)AeM+;QjpPpWZc8%#S!k(`p#vp%W3hyk0ne|l!8`q`wemp^FkDkMp7qwF~jx(W_}
zJEPkVKx(L`K{C7LJlWLO`QUA1HRso@bTj<HNvfLMV&V==olC|?+{fA0t_y`SllOF#
zUoRRq_@@u&<wV!Y`iNYHBnmZ~8d%}-p(`w4!yA1!<-c%nHodZQ0^~*o&T<~-3G(Bg
z7xK%QXzy>24;Xrr2id!AOJ}ql@SBS+<n-^$fVG37WfHxUp{W$r4}|y9rP@WIc<i#h
z#e=FYHpRv~52=NIiC)Ue+5v5tsa?^_gU#+>NW~54#oFcZszURuM@6}?LRpmfRr<wc
z2eQ8MR?u{E7GYa#9!wZz---l%prp-1bEt3DCxrLS=$t(EU>8)1;Wu5OJA2#+5+*3_
zzzaFnvIzP9*GY25>?`MW5(#vN@8f$RH4(j|=a$V0cpeEvZfJDE=Mm?1X-l5^A*B%<
z7gB!xOmvolyZ87lWhyat{_{Cu`hN-<d?Jaoy6;1~aOd2b`ReNLINtbbRgCQrZ+KN2
zi>G}X9tx;KM$Hx)u-AGiHUj@u8%^~bvit2{jt75<V)OPTY_f71K<(~jILoCKmFj$I
z_lb3L^iq33+%b-5o+~&qnf2QOD`@;OlBsmCEc>OCit*}8DgE`fkTxrl=2UXvhz##+
z9_Lg*bB{Hlil%iFMf_Wfy*LlKo`+v?mEsBGSdetonNIFcbaquefE7(x9D(C(o`#3z
zt#xqaAs-@EB2UqBer!toY)kTh+Cc(66h>RXq_8&2FCk@iK9bt?S)xa^o=-JR<I`c0
zSkv9F5B5V8m(V1<UsMWQg7Bv=E=leS!O+dwuP|!jiZ__6BDWcOL1xr^S}C>Zx@~Jh
zpH4Kp7cTdj@I|o%{3ls*j&bk+vwpO;W9i({3U-Yq_h9iX)+jlbFJ*MF<xwVSZbHhr
zqv2K#E24nl8ZA0=vBt>d*pzjImh|7A#d%$7<tQd|da>8DV0i*|`ay40#z#Rqlsgqt
zUu$<8qLuLJ*%X_t?lJoMN=e%%t6$D|MzpkO*ko!{w%iD)%XJX=_-Xxs{)FYrv{)zg
z(O#{`=w;*12!@_YZ9Xnwu3!*(qEJ<Jf8u6veyvEHv!F8I9RSW}3u(IYI}*@y2BX3x
zW$NmYk3B)=WuW=<_OTToo-1uVwR0KMT-EM&+oq+$E-im`dk67}@?0vnny(|Bz$0Nt
zx`t=Bz8U}oE^$oc6Je1HWsSwabLWU>_ZV+xiWy`s?<o^rbP!%7&=)V>ehtsaM_J|C
z5ilA|Cat~;4KKOj*ct2^bx{-4GPab~k9_#+Wqic{$<S70xxAi}e(`YNuU#|bo(!Oc
zd#$Kw@4AGQkuxzsrv5CgFFBS)O%Lxp-2|G!C1>xuPH%q85bEV{TVu6)McPkI)xXM<
zF~O9ey_w`TD%=@KWFX&Bvw2kzweT{AIR1YcPF&TWAIr?qPd2~!+iFWRN0X<pmQ4n&
zPxYc!b;51QZia#rrav3t|MrU{ED5O>zbJt-n4fSR>uopGPrR)Fqy`dIW1>#J!QBwl
zsb_Yx(Ep#raEhJA+KYweq)3g0b>6iK|E1kyEE39}`uRXraY45`MUi`tJiy}(W-1T#
zkCTr?DA&~6NR79G-#`4U$KYstPvVbQmM(H89nkLF#%D=$inw2&vt)Q{Ka$=$vOKlD
zGIIEw_;^pS2y8xWi4S`{*j_Dd<P~gbd}#q@cE#>mZgpK(ruFNrTg}@bJDLlw3C15H
zPHvnu9|@jF<6vFhovgiOU3p}{wbLc>FPuvw!SDYra?)H?)#bc&?#)&847otFt>0v5
zasF2SV=a3s%du|NPI+_4Cqu4^E?xD3weq`(J=P7%4S+0IA<pDgH3SlKFZtTX(TkyG
zDLdY4kNmcCn+e>%Z=aiDuvZy7!kXvvFP8fvJ2-F?jX{MhfmH!^T^pJHsuOmZ=g){u
zh}A@7O;5cM^W8$4;70-WV8Xo6#8SD2ZN5W^vPz^)zUKm`_b6{<{E!9!D97R2U6}#^
zWvdy@67~{70Y~XO*I`dgUYPS_Y0%m-_Z4H@6^3gYrQW)<nEUu|4bs5+m-4{u7Gj^P
zZ65}1u#rQQ;3n~?XI!4SGEUIF>2|4*bEfD^K>ci6jT8GvjTn8&^`0v@k;uHVTQ6on
z!Tzmu9Pa8&OS4<1PwmpSdOOh3QHdRq+_iBCZTHRMQn2AX0C3{XlNEHXN;=62JD5t>
z?$XsOmWuTu!fb|Vy^K2XvDtbNCkG1Tr1ukaY<OC8PW=(ihM@&&@DQ3^!WAg{yS^x%
zO<LhTkLi~2#09gMsH52s+wzHfn%IlHn1^dyfc1ao83Kr$y`W%hBJ<D}`#!$d7Zyd>
z-aBAp2X`Xa6>`1om#3>HKh2~T=exgoma)%y;AxB}Jmk#K-N7WI{Bu6(R~3Wm>ro$O
zG!Mp>)=Ozx^+WebdC5Qe8V^v|-Wp4u*jNHLT5Hgomy2L&UneUHp6p}FK&%tTXb9=`
z4)EzTcrxMNOW~$7{4A`Kun(W)Bd(Fhl-8#Wa+vzSY<$KHfwxj!U+bU)rxOz|WUs7j
z!djux;`uI~lE5>6I;$9+x11<D2i(5p7Z2~y-;Sz%ABtDQ#eB7)E?@Zxj)88HHY5cg
zd}$@g{5MkRk3<ZRqTEjyqqMOsfk*R`e=j@|!1C6>d*klpfm3QB))dnQ5!JEx1K(6v
zu;>Sr0ZR{%iP$p7-Ca`n+#j{XLf1zwl)gjm*Hv%G(p*K9DkFuM1QNHHoKniw(cT-S
zeXIW^yk5&gSoN=+TZ`jtVU5|w_VX&JgA!QC-WHrE{s?h?hi~+4j6Az)h-qSx(dq!h
zv#Ov$y08C_;H6;=H!;xgGqF$9HxS)m10}95&cxz56RVOr{-|r>nQJ2XI9YhqU$qOQ
z{ej-+Wl9J0l7^R6ZHvCFihcj?L0%_q2F6*zb3`NM@P`|A<3xuIFjIBN2f<sMF~LE*
zGB2C3-_srx{FVJ4|05q_`mHdSXr(qq=HicD>7vV&7$x78+jo0FGCki`slv5rp3R+V
z=mHKQxtuv-NL8P>-aN?#G~)NS@H<>Cbm5W>m-J&>3{f<ZgcWDvq2M4riR9e?Ue1D5
z%xpT~v|??U%Xa?wm7HhuDD$LlPZ;Ho0)#PT_s934cDO7PqL`<7jJMHIhLkJT@Fo)_
zWbZvpHNDWvABV%l-9h93zJ^#L^vfliGU*45D55AH?#tKO3tnwjO4&oT6U|m%CzpQ}
zQXz`iOy8HzmyM!87_5EU50KsqARBOweXDJZzmdj-b<8OnbQ566?~t6ZOab8vFU=)}
z#qH^#{#L}*$PgmFNIE&;84Et0f6^%E+m=uHVWWLVs|m|Xv+YV4T#|qj#bv+P)j|5d
zB5a{`suwKcxmX8?yfhj=v_i&?KE_c2(u0S)V<uV0=@clNE4Ke-jB8X&`&4|zbZ@_#
zh|9{e*!{3a`{wsISw6l*%<hs+#viSlAY{1niqM}QC9|p{-^az$`Yl%*DRjG%O*r=2
z=YP8e4f+1vc&U=E%A1+b>IEH?7)>!onJ_kqvseD&uH!X$X*uGFBN(7)u7cO;#{l|K
zdrJW|?TB$(;S`_dy+;uWnRD8$X~@^8&3LD(du_<XY^#i(J|FD;yiwd^hb-tnDiwN}
z>KoAbI)<=hRE$s1PrMDC_ektWuj8<}jdj#F?MGz;0{N?WWvVm&mf^aNQ0bmnzhRp(
z4%#qKXcWBivZOY21LjjWIqY-Go_8zX5mmDF?mFTh13slqNZ9#01<4|Hb`N`FZ+;V^
zMwQU*%yzfuLq<F|X2(1Oc|)sz>J$?i?Z_i5O%{`%vExC5jjG*+?Jo4+v@vTA>vmQS
z-y-LiYO**`7`ZJm%{IAxr+UUT8F1lP<y|WY2$BbD9HKcz6KfG3oHz9aLZZ7P)lgd6
z-YNQdu^)s_mJ_})p{b!(c}HSm6v9vwvNlQZorI$-Re990z~w5#&RB1!s7-dUT)#Ti
z^YLcp$*_3J?Ov^^X>aI}!Y5ho128jN8^=d<erDU>*9P|+`reYHdwXQievTT51u7qM
z^z`2<>{)Q9Ltk`n$nW-K;xwcpA>aPnIg?2rj|X!>-YGr*s)m@eOc+ov%noNP{~F1c
z3@Fx`@b{Ze{N#6E6~p8g<GIQZ7Jqsv{5-U~NY{WEPDiG^1!ZjNLj8sf@9(k@5_TU+
zUD_qLal8fuqxyjw9~`j~IG3mp$A0^@yd_UUxqrf*?Uh$C59Y5WUOs%QJNQ8!(wjBQ
z2jX+SAUMI4@^NUV+)6YxC6`zp1Vd;wJmBobMb!O1-&gX<!DgVZgW{R&H;}-_d%V`t
z$Tx~Cl>~Rb`=;M={G;TQ8=FF0>Bd(KkUyp$Ufozl|64$-7(lMy)Wy)sf+4p!SFrj<
z$e-`PsyRZ<dOi)u+Gb%7Q=rtS2q;_{niwt7nXlI>tXHPzYY)Z1PZ-(X<oR@8iPFD`
zYuw$gZB%X<Tg8=3;9shR+23q0T)G~l#|s*@bZSHnrOJ4)tEEU9%m=KI$7ps6Tfjn|
zjHRwA0V0;rOz*5?-M*V#A?8nN@ygiW;*9?W(8v}Bi|SuZRxUY0hPXQVj}-U4#^D)x
zHfQ$wQ`@9}Qs<it<dH4i=<Szfc#P#T;;^=_%zLTSdb`bR2b6{=TP1a3zIVD$0X_z_
z=!F`htqSmGB$1@4+_>%i%sm;Eiv9LFehP-Ev5D-4%tp#OPLB3~{p_Z?^oiyECja@C
zkFP6tEAsg$o?+<u3j4=xVQSJed;UCkc;qe4+t0i&0218BfJ+R@R>&~``#Q!|RrE{7
z^%Rb-C+t99Z`h>1y$=ToewBCw{GU|XqSY_*c1F0rpaU+sErv83=B8#m6;Ej}m2sM~
z5vz8MDBW7*2gf;WA93E%!Q>HKkogLgv%;wpd#9t#n9iHV=RKI>o6plv`X;?&pvxbX
zISYO2JAA-7->0@Qnt`+agLRfuxm={&#UpSwvHx6t^=fK!$?k9opb)JrM!_^ZyRaP=
zR%o>E^0gva-)+S~T%G&9U<&rx)F`NQPfh1J%QN2*EzShiiGz-C=s+@mX1KXz^<vQ^
z02a$9OR8e(jeQ)nKtuR<xu>!ye(1jQf7-;!eLdGF)*swvjGd<15?k_+_0in;+6uF2
z{MA%MO#q)3Lq^k?>Yj5N&Li`;=!5yr_&k+uTl8MM!lERPd<p-nd;EGuRo>v8o@iUk
z7VSwK&;E%k1uVJHnnq>N8gt5`xBZcnR_cBMS^0{KbKHcO_yI3EF~gA<%X_0>f3_vO
zBsRUire_t_d)p(k{x)O>1{2Qs**4=99_?<5dB8{e7=8!+{yRCm^j8I@NQ6Yh90TmZ
zPr<gx&lHAK3>#U)2%9d@JLrFv39ar3oLUAp()3aIht2L}`GO4}%)BF(Dh<Fkrg6!3
z-RFTaD=bgwzOBAxxy62QvTd|&@z2l2S0ejj&s66Tf@L8(t<QIBA)((gn#Jn?7LB^$
zcr%%m>aeuwy`z(4SS(&52f}=OvDwf@nH{)2$<NKzALpDb35^XU0<WX(Z$+@|1B0g;
znZpZJN(9h%GcVR8+cNAm7s7Tf^M1mMTduf`H&rk2L;*wz?g)9zsgLGYi;6aAlcumv
z^&e<B78P|lTa1;!U7ZZC<EU5wDHsLXSRc%b&xBh8j0jnj`R)iddH>Wk_4&w?cv{hW
zIWXjllewQhu(tb8u9Sk~1GbZ`UI#QAIkzdaWZjcxXTr*ZkEb237`mZQWyxB4X2Q;8
z-JV~bd`^nRuni8fslS{muin~~ekBq}=je>f9#GEOFAcrH0xFqVwpH`U^IwIhz~H?7
z4In#w)c!(k*B?wnlGrdDCa&^!*qic{cDkGP!{w{}RDVO&DGkvkOZ|I02_(^*SjlgS
zX5LLJYy3uXtT1tq6(nRww*Ghxo^Phz)Ny<{3!sC;-H4$M7iU}a3by9Axx6A3*9mq3
z^wX+eZ_g_k>X`iJlA%YoeIWUn42ptc6;beN&i69Ry#0zgM1I37<RTcT0uAHE2n9ZU
z9gRC$T1h;fVT^PU@f3KpzQn#I*y)!c|Fmi}C*DOJtOCj}#2;jURxW&X>@@23p=x5c
zuJY|8=d>rYGA~vRz?>$2{j9|^ynJ$VB~qpy>Fw*!c-f0!;XQ?LSCke`P&?s9A|+xl
zYf}otT+eC_^}~I+-}<CjAys6qilXoknpX76Qgx*x=5k-WEb5A2_AKftb9<q7E60-(
zKh_!skEPLT)585Qa=PzGS*CDgocQ+B$j|TL-w&;!IBl1Z0WY>$0jK^xWYoGU=Mz*0
zu?M?Tx@|p9GJ@403mdfG;7wln%BTPJ*Jv1>euU8wh{12T*U%>IYqR!tb;(_5{~x8&
zHs{MEY2i5hP#gPrvdSrlgk&0#KK}e0*7Zh`P(|jY_>zzVyr*x@li^}qRb|h6(!kX-
z4h~G8D*vmwBbQlwHr!Y5kS(a2iU<O>6;Mt>R}#V7FrZ`tt?u8jYGK7+(cr!OP9Q-t
z9%JCSD>Fwju^g|0{i<a7$k~Ps=kLwqCKdT*R`f_N4EX~%*Mgpvzs~j=TY@aM>T9yq
z$0FrWp87%pXK^@S|22u!!YR1S%H8Mc`(v%+v|;NU61eEsob!pvY0r){(n$S+L~|X{
z{;}HHn8%IL)j?mnewQm()j@d;@=v><k$u0VN88xQO4SL&OXNE~OS3cU)}_wdC-KMd
zvV8n*UQ~sjOg9`su+Ed6vYV4U8$Nl_{jX%mU~!`U0{|BEjS%%6Q%Yf%45MGE9yW}?
zz&Ry6p2bl+SSHfmS-ueBL)72c;{&@N+26q`{`rMdklGStijWWLtg`;W3WLYT@z@0%
zaaB>ZPP0Vtcn5s=)5;1!P7IqGA<pM(g)-;PR371xFQ&<=^TI+r%=YjHsGGta&B_4K
z=QLPKzF;?D(o!J5HCXX8aoC`4>zw_z?z#<;Pd)7PQ;?8?k76Aw6Swm8RXwWgSf7|o
z)hsa^tFXAjl9iNB%@eq{`omF;*3abIYr7w?utqTXm0U;E5z#Zr2prN~UWG+wY9|Gw
z$2BX1u6)5unbibGM-;|+$|g%H-*ADauR2yuTw8U0;Z?!2UYO7;0wFuw^=Uof7}IY=
zWRY&b*Gt&thREc~OYcLfJ7F?hO6FI5Ur{1nWz6S2$)C=t-e|hu<u!M%C_fH6;%Lq2
zz7>pD0It3$xHA$_qS$0`*TemWcAs-^h{2HW#UlVr(=%;KSMj?IUcW~`XqK0DXfgE*
z_9{Qe-@xJ$>)?I9n#9k+ihD-gfJvDTV*^!Xmde4KKtaC>XT0zx6va4m(Wzyxx%4o{
z_Sd;nsP6X@_`&DqXw?eof=ulIh%aloO*O8=k^(!XXb3e~PKwnGLT0aR#T5xiVJBU$
zA$FGhLR?+|Sb|J(MuA)QOuO07@$Ha@e#5hCjpm;sz{&l&3x`bP=M3oNpW;kQA<!A6
zY@kWe4~>3LVL27Qy&dJe<}v+*uOn#`L|!>X#(G*=c7;!R6UN?KRajcRJW+co1F2Mb
zkYj9)L7$eft2e+|a`+;-U|t!LZL7Ap2l6#^+^&8U?a!10Tg(E4keBWPL|qPf%`a*r
z!}=hqx)-$(Bsk_jwb6E3`JgUi0r09OhI|kAbqA?D@%g3*dc9;KEJ*R6jf6shR4+Eh
zyx17NrjVC{zj}<P^7;LGc}5$Rn%@GJ6g7VFxVg)WJ?oR`(KO(PGgue<;O&dcnQS+$
zB0{S7y(*C|<1F~pNGs@EFp$zJkTG^0IZtu%C65txieT0e&2FLE1UJ3>>TNQFTp86*
zKm-wcyVKBB0|v43*U?_a!rN6$_Wzyalrx-u;5u@-xUHgJsx#cC5@jGil1)C&NyTxU
zCZ61(I)GK-!h)p69%07S<Gyo#=&ai6KZj<Q4*%W6WJ>Ea^}vR6cCqcts6kgq`%5FI
z%b?U>CCAfkVp&#Cy7qa+D%ujy-je}GChJy*&t<oa&MQ7Dd44TgKOuD9m=C;6=x*6|
zUpe<!Y59cA!8(2X>^A#+n*DIp61zgfZZofO2$&?F*FIKmJn=@ezmj`}d8H>e=NBMP
zTp1ew7P6>44T95CGKhTkUxB910rl`S366~wcTJOCq@wVZ($7-2F36mV=_Br4`pK`D
zySx}RI1p<vtC4*)v#C4Q71>C3*IZ%q70Xk}D^oJe9{RltC!SvpEIw7u*`xxf&WrlW
z=}!o+`n|3~v=&%om0RM4aL#X!b&ai`&M)K3tw-{#*$GOS8Vt|-n7SL3qnTL65Kme*
zM%R7Jos@cvY}k#v)OtV_<HJX_qD|ft7f$!>g@{g|)DC1@7_R1^-|&v#{OEAmyYBu>
zEWZ5S>V5Y3Tryy_`TPi+_02g?n0T=l@2g+K*4a&Uove&3x90M!*F8QJsvp)e@IBR+
zqpZiaM%EKR5M{K(`5}<g4sSybZ4`Xw=bV+|tYhf@Vf(-5zUk^4u2~lsX^Ry6(9?i;
zgN-SO^bu3phB?PKuI)aNN9ND^XUyy5-+tt}5=)s_Cw~PPhNq=m9N7wd50=3?QuFH9
zo5)@^-J&#I-|!C!wJ=twW<JNOTi0@ai#tKqwA%aNXJe_<nA$kI@Y3N`HWlA0STu__
zDR*_F;GrwD?{|_vuGqjn+Dll#l7XJ?+RJbY^4nh%`3-N8ivpnvkO%7Iy8Q*PFk;<@
zCPLo;FmrWm(BLCg8#$tX$txDQfLI4ZDgPyT4d!NWvbKwj?_O~?1~s_stFsecA1~d$
zpK4G4F<x>}={W9SPg>)lDAwPXecGzH=1RxnOiGs$Pf+v0qonRL5}uyrkuWl~Y%K+I
z?ttZ{Tw5~P;ra7X!-LiZvUEBRkY<)>;?GB>9NkS=D)jX%TVOmXUnqayECJlAJc0BU
zY-}d7Wy48Nyk76(g7zCeF|IvdN{*(lIlt!(emFg?nB!SI(gOqnEX-RibqHM0>J0Vi
zVfud24rfPhH89|A?#<DX)cJLzIsZE)Qm!C(7wPU)d?3^&GM?;s3Ih0e`{-vzZZ3V=
zA3J;4Rm&Lz>_3Ncejsq22FE&BAAp}?)r(twx|lLG{3PlqACaH^*sZtTT}R?@Z^pWy
za5U)_VX&>nVa`_<XJ|qz`TDJ>8V(63Be(aJ+B+y%wm^Am6kvo4d)A_3TvCE9UP^n@
zLWHU)07K_*wAJEyXX7Y&#t2e1(MLC-#jzbGeKV$#=zNb#s4DjNry#sJe#L<^-P45~
za3pqAWim*s=WiD#RhX#_+l2lfU2hqd)%Uaw6G})o(%s$Np&%vQ4bt7QDd|SKLAs^8
zyQI6jm2Tck{r~iSKD?i1A6FcE*6dj`vu3UH+z{T6YF_NL6%4A>f+6XR5gvuwEH<vA
z*23rxJT?Urcx<B9Zi2n30-<X(V76cZY)?2CGpazbL5)Y%3g0I>=w&GQOQ-P-Z)yBo
z{+ac6+w&M=E}=%-4~zH71n8CiG8JVs<`(iqTU+K=8PF6f9Q13)h@;>F57xG$eK`<N
ziD!JXnvEQ#R>z;JX#KGkFzTf4%+T!Chw<4qYgpD!xZ!<G3{hOTlgp3_s;`L0W`nS*
zu80AU<kBQWwQMC1$NmmQmqtn8?~MzOV?AH|XzdbGef2N$Xgkl}|46aq2SpwRM&qL*
z@Iq8r$`v}O{A1^c9`P5rLsIz*Hjjt-;Qmqf12+u7XA?SqCCR~KOo91wSMbdH-u-2G
zMKGb=`}r~If${9c^Cqfy4LI|D?q7Rxz8OZ?bfHkaMlA53Cq^^~!t(tsxPtLfiRxY_
zVGAM9!Mk=gs0G3Ec+HPNTDSZA|DT|E<|qUTibTJHq6@?8sv>Z2%;M#*W2wwfV9K(C
zvW{Wv%`3x6RdB-aRyq7wsmt$%6E<YbG+p>D0jDJbHOoPa<*D!csn-7AH=K~sGPMSH
z(-1j=xaRS6Ui}uEdJgY=M(esz{mXDMC5jla^vwpR&qw6Pt<m~B|IdNXP5esk7K-@~
z2og!Rd3vnuKFt)?X9G{_6}rn_<&sfrgw>ksv*np>Ke1MI;5EPw4eEis;`CHP9Br_N
zyUKWGU#nR2!CwDDnJq!9eV$_~y}bp??|cA8?<VY$J@M&gc(xpL`~%hr?!9={H~e|y
zeXhdgL_AG~d_OvWQ97u8HM-%J@S@Op3b#2c(0Ac~+mZ0CkTgMaui`;|E832(ln-@_
zfmpMl?Oh5?Lppi(oNjagiplStYAZs`ONy(DQ?6|(5cC^aL|n9E6;$ajk8afCtmG$0
zkBd5XJM&i%?Bqs{A^E2ttD0lhQ|OP~fAFK*^o)4Yc;U$wL_N$MYu<@pR)O@};qn6M
zr(*r4ilwl4Agi2Y%Q%76$-wZOW<@1(svqQAz;A|_k84A@h+cRRIZ^E*m{<O_KNf;)
za&9S&6nL%Dan4)H+Ra5|4GSc&3D$>@?{}+(RbOT9ER$V1N?RnA$yb+|V%@nz|Lik+
z-1dUcaYhTYakgg$xF`rLcRZb&<~1lq1jl3;!JUJ&M(@J-_r8o74m%Ni5h&qKubTp3
z<*WPFt|lCF8i9!ntY8L`l#>obMm_Q%tbOT7QjNRBk8c=_gc0Ar|9n=(w~=P-hSzt&
z^nvxXTm*9?jp@HSgY5?dzAP6`FKqi5oR%0INMCD4q1?7T&6OBq#7jF0<``ak62jgO
zXiakRie5;1i?Zyy2ZEPRP(U$#vxOty!APN2y0XxjO?vq&MvrQXPZpnBQoRHeUp8DV
zaH5vL!4yv%Phk1quMikAai*)zFjB276nlE|V7H8O2(8uLDec0DTXNbi{b=@)=1ARo
zDk5CGyRn`*>C8VLm~bTE?sD7SC;2S~y794<(ReP0$uMAtr5FKyVmXLDugvP;{*ZUB
zG*V;}#9bRY{{nRfkF5>cn^UiJ$Yz+IUNZs9h~YS$$tXp|V}%V8jL#kwk6Vin#VCX1
z0S5j^5hk0~1hj8$3gx?JI11(okUV0dgK}cW#}E>D>$b!c;4m75ChH%^wJQwoKq#xV
zySrh4{*kffQ~_ycFLM=WNDuMK?oTZ5sez;A^pJj$3Mz@3pLu1OiKr|KG0Lx;%5sZe
zi?q<Ao10m&I1R44R;Ss^87CMM_4HwcBb_(W_LQqB__ye4+zMWg^lyZTB|#n;M~(Wd
zb6QP@_=X}NiBg@w*z906GsO1v*Y+mxhYP5o1<?gBVlz^A@0=kgN|&9uewb9kcG9Vz
zU5=1#Np)R#>|V4Ui<H=WX%)HIKEC_F!E5nU-GSDMT$SoVg<Z~`PJFu6G0I2=*v%;>
z_Qmk`8Enky9CL)>>LOm>C;2U?I_NXO%;&_vkb5f(ea89HcXQ6Y1sw2!N^(>?g54uj
zGar-<A^N{ARr!c0j~fADu4{USrC(c-61{X@U|U;hXNZZ|pLv$u;4xayxrljT72oV)
zS|q({6;*qobRcppWyOM0>gA(bcBOp6DOIbgRhWP^`O=ZVU@#iDF#CyT31`F7!V%@S
z2&e|iP&(@*E{NX5iL`Zhi@i$)A&Kv)O+z>{D_TWd?Lv}R$LjvIG#pMV%O<GcFPwHg
zQ8w<2VH-!2v9qT}&r&eGo{Ov32<rj!jO~Y){#44~?ITk=2WP^<V-9@FEN$lPt9{5N
zW<`GMz5UZeNh%q{@>5ZVulXUs{YmLUgAZbQTA7Q^;pxXSwysKsppwYELqfeA^Shck
zRzfY*=bvhW59XW!iv&M@U|V11%V!h3Cl{rDXFV}7)ttN(CL<x6doW-YKw2;%{#&3#
zrb)cA$0==PK{f00L>bHydo>y6Cf=FDhUAvy5yL5&K+0tw`YSpDzlkbZ)S$T|B!~+t
zE)1}I3x1h842ARqqEu6P$H`zYEwF3a6+;Z>fs=vfoGzEPjqe;1#}V)r)ZC&wiPWp;
z`g-a}&^w48rGShIrqIsf$jyomI!gPAtqJD0=*pf5_L1oJk)$4fv-@C1v6Y!+q)tFy
znucYE4t%a^zh3$NDL^#$U#4|%%$oRw&UVi;ZimA2%gp@H%w3hKKQZ|F?r5Jg=l1})
zW7g!5h<w&6l(8NOEau;W3k?_LgC&t4(;L^0P&P!hq+X$xew2&hh95aj+jr{6*LqxN
zVSh6MpIT5zgak8CRdJz*6;t(V%>E#Nl_8<Fqav=N2lBEXM=qyci1b>K0EDI_jAJ;X
zrMv-hW*pqwABfd^KD<L~e5H!l9aiz(ae*&X=E}U&%U@`-8b6Z~oJ`<N*?GVma{32y
zO{p(Fvp*nik|fL`9@`^xNiTsi7N2lJXajob<rDBKCE1<s;(|L2ZjCmMZrJrW|Cl5#
zPyBDig_zSlDUqwTIL93v7QCn`GjKu_j55}X>F%M_mV#8QLWw$|WebikKHYzwIV53Y
zo?Yy(=~9J(gj}vfDKdtuXee>>hMgGU2R()TK?Z}UWYTEvLAZ6Rkd>BXIZuHjprRQ+
z)GE3h+uStba<acRsw4-ApCJ@GF1z4$gC<DTena>C9RqIsR*0Qe6r-q!03fYrdhfN3
zutQ`L<!L%LVxy#`2J<#-g(`7Atr2Yc^;R>)w+v;9$w4<~X;|W;&Z2krZ20d%$1l$4
z7)4@1kXO?X(m@bfHsvP|JQ$Y|aP*x~E$OSDu^DkXxg3O#dl#KZ4mI9;iT@06KgM!O
zH2Cu>#>jl&V(eTQ&7McvJRs956;=5Y+B<Z!x4rpoCyd=$ed#o2?9zL60|W*hvWZe3
zwz|YOtHyYidvEMRo2694UFW~#Ya<XuIq@I<+$Z4SWh+(>)B17%a7-7cJ3`M;b6D)-
z+r+Z1Yos(R96>QOi6*D~kk%}K!?WXkrL^T|eYuVr?Sy}a<-?uh%7d}eZZeM2i={9D
zI!a3VEw&rwid?eTuxsiY4EM!eS7Kx#jM}Lw>_y8m9El+GWZyxsL0ahFAwfkJii-Eo
z7335V!vd0y%os9}l~#t7JE0~v?i7fE9wl$$3ylIW19%6hvPzAXt0#WgDlT01m|X96
zudM=&9!t(jB8G(Z!#R}8X2)cZZ~wxrDmniLw}NnP5d00dYBVk+d1-ZL66}Zqud!wm
zDD<q00FOsf^u>F`A~WcOWCyq|``Zx?J6d*qJ#l^tF{!ep+eF&6akmBk7JYZSN$aWL
z`_hVyK3Z7%6xuQH;pbUY$!9x9WXaG~!OH~}%wwE?k03*;PH&`c9bJr0M+eY0CE4Ul
z+_tz)FKtZ*9hU&1>F!SzoY9|ckEik{aV+*XxIHeefTy{7D+WJAh@P{QuiesJic|YR
zCX;GT8(8a3PX4Apyv{StLz$Sl;ZBYgn>r6M9hVI-+gYFOsj^GaZ;K`4-QLXPaO6xJ
ztjY1P6iM&9s?)$M9!nc8q)uC{^N#-nC7?dy^;=K^0txIOA43QTsAah?!h>KW5I%)^
zX2<|VDP4~1X#wBQ*;9%kW<>CRV`=~H>$7zv+5sAiZUZ(1g`_RH?BS!?Lv9?p`7JV=
zkAkz?Y3rFY%AV=A4o7RMlR;4xTFZ<VX{e1>(<{YOxki?Q8IE2PfQcQyBOAR=xMp#0
zqG-E0j#fBL!6wTleaY&>>tJB(0L(5NvgfDxZ^0}KYgp?K9M2+JU+SLR>;ic}1!A+8
ze?0OkTXVPbQW;rk%hSfs`GH+4O>s5$Ag&t)x20;%wZV3jGs0(=de$f1P8XY?ogmY_
zBP2y65m);n%-*+(D}-HC*XkM)<g@`;Zf+E@ETPK+sQr1MzAEs)BWqE|>ytmP?99yH
zbxG=kODmElMW*#vzQ+%Hn_K#zj^<)s@KwgDzV)-+NNm&Xo=%5^j(UB*+Qr@*p3if|
zy^%C$)GHaG*EpsP&>cR}(lv&v&eiw!58Q__x!%@1>iAnmPM#>gMR?o{v#<(WRzdDJ
zqfU1nKx#PXQNA5MnbL3mB9uhR{-#P3^pk(N;G7rqSFdj=II)$FVT0!80miLvtCqdp
z`G=0pigy8;sdHA}s?YAQ>fIC_zQ{tzW?VW;Yg;KhX?X;A^Li8_$$bwUQdo6{meJbo
z-}nyG;<q3!pi(U#R=+AXGX@6_EaNTN9(ZTgmbK5}eQn=3&jg{zwAq~b)fwqm7+QL&
zpYSf17mvSU`LS=8r(9{kw5PFQa7-j>j1fy$4T3rH;rm3|f${Vq@4j^8wb#WC$00ki
zB9CN4%aRRj^U&^4ZzmSe4g0f<<$hJeI%O@wE=c{?&89r~4vhZ1IxqoQJx=QbXB?@e
z6Mi@dd)PG*s%Enea|>0+IX#G!mT{w^-v`OYIkbdF;FxTG`}mWub^hG6cHV7=;m2KL
zld4|(kP`v_lA-?9)?JL${OM^UUWs}ObehnJ08M39F{qU_GA`H_KV~pacwva@!EW31
zU8R^wV!7r4*!Y7aqnU$suUk6ooF(VfwdDOy<?d4g???qzD#%D#2My#8l@ro_2H#dH
zBR-EMka(8x#>K?;Yc8A_x!HxcvE{Zj=8oTqET~>)9<%Sqs`@RshVjwpIDaf={NREl
ziv>p?{6-R?9^I>-(vN~1V=Wj`z5MGT1HTC}JLH_zPH*q&IN8ZIC>c!}e?iHjO6bjg
z0GQZ#F4)$Zj^`iQ<<BHIy7Q)=`WI3YQM|Y5H;oIJwln)zXO2f*b{$SgB01MuXFf+b
zSNC^^dAiHT)U3;;G;&-?dnog)j<#8w+(D%X)yR++<9iAXNIq7G9(noB)d2{sH17rl
z`Bd{)9;O19>@D0S>iJEIFFbfSR=^7G2V8g@y%XeO>Y>vkcpi9B^*nWL&b#vw7@9Y#
zyrK6!d<8JhOp13()9z#HSXT6$tW3iwF1@49Z|Ghsp3^JxYS@L2FHBVN>iqkNuPcnz
zUSvqWIU6Kl6^uY%ZBDseV*`5&TVbx(*n10x5E|{1&qQn1B>?b5fknHc+dJ%WJIYo~
zXlhSQ{9@vaw9+avCs|cqnQEdceBb-L6Y*ey*IL&CUi)&pVsV2K0&Vi%8;Xq)PF(9-
z%cWPsmpl-S1D>AFO*2Bl<6o!iY%UYM10|owBH|F2rC#8RAUlLQnVjxs*mcM5JlbQe
z+lteo8@29b%?_{Tnmdvvv?39Q!I+iu%2+n7<EDZY3r%a{r#F@Ru!JsDM+-80d3FxG
z&D?GBm+hB=)<$?<hBVHCDx5THh1%kLM@<jsPmp2037#h^X#5WeeBXfnxx?gl*^*pK
z#qO;iRmXt(C(8Q@Xs44YR+Rg><L2uy78DTK!d#>&$t9@gzGw*v^@ZNQD<ix@G!sLf
zpOJnSY@sO~J0s*D8$+5JB^q&?Hw6U9d3qSe#E2xBaNin^6mf0+h>YPA3*#)?p@x6H
zDHtVsP}d#PrjANsv4rMR*2Je2xh(*ows*2C<Cr<CF|6D<FN@+gOo=bsN~wx*mI+^_
zJC|ga%f`+$cQ%KhHzWRms7c>9N$!WxN?LN9Cw~&F2VvBXGo|F<n)9w$*Hl`c5N8|;
zlTXC6-SLw@VO?t~7vEW56J_d#Fx&KO@l@yX@S|jbpuZJOR45&Y$LGp`D~XV<y=4>5
zd?tACaMw4Ow>Nu!ck<VW#j9@IsJ0s+VE=`}k87&r>0&<H_aR`@(R*GqB^2A2%D<p$
z<pg^}re9v}?pG076clfrmgn)0pa6%O`#MNEyo7;;l;ZT)HB79{L6a+dsoEdh9L`KC
zgT5mfxwj#<O#;^j%fzV}$}fAfUS6Nv_?sbu1gzLO`UYXlU#eXI^C!kV`sXD6^Tgsh
zgpPE%b<CD<Sa@Zm{*TX^=@fSLCAr?b4JFd~1vr<Ciw;hM;zdxPim0SIwtEIt5kWP+
zr_=+xAF8B_w-~OybSWOwmH*Ol$D^(7SAg^9e9`ao=c;q>+256CnhPPkZ)gfrL?{Gd
z)_AI8@(?q_wQsaOHWwJD(l_z1+`V0YNG=ywuBgrxU{<i0E6yBM3p0KFfF!r1eVV@@
zGy`9V{)S<@aZ!L)Lyfmk^%#rP!)2OrJ)AZ<gC=^t2m+)Y1ni$n*mxSfNpS2+ppy>W
zxa0g20h6*J6AYS=|4R8QISirys!yo$uW>ZdT7t?xII*_mSOst7NyEcara6!Y+{qQM
zo6F0P41%sq1QKc{@V~lIM~p8BWseGZzO7nyB<v=`R(|<~TKnM6vlI0jwI+j8@Q9Xn
zE(bHT7W)YA!-44@1B4^`U8TjxyhCk=_ce7$Ws|-8SAoQx%0CZYQ3Ig#@Rc$D5d>RP
zabc2h>_c9f9R@HMfxVy;?`x<OJhnp%T<v%$or&ufxij!1R!Oc;E1f1)?lawppS2*8
zx?6Y4mW)E0@3cBGwjtilOJ}%Ze<DW^76HN60KVhdCT@gRQgy%aYlBp;K%38TVXofN
z(vpP88a0(+7SbAmyKx1c(p!A>IE05tYoafXbeFR~aTQDINT<&${NV@cT(6AIZBUoS
zW%CPI$Xsbe?G<Q5{Xm!Cr#P?;YX&XwF#MQ-t7$v>(N$DCX5g=1JAB1-_v?NttO5Q<
zk=()Vy#Bm>Zz~9z#5jzB4@D@aDYe`|evoF_#q<2Iknfc8#L+J?#T8~e;8Kfvl?L0C
z8H)EKTdZ&NWafI`TF%&dv2*P_<XY*oXkG5VAK4}|=^mfwPmOYCT~bPK{LBHP2}YeF
z^KbxV%buRA&Hu)hvL5Hlfek=kiz{EeS(Ku=Crpi0XuZ91jL0x=5y6X=FwZK!gt4h`
zHsczNrt|h$EWSG?CXZfGAG4J5;fC_)-AZ`L1yvBQ)f4ohKV1DA$Jv5{$9=gg--4p`
z;{1YD_gcsMTJJ@Q7e@;Td4;MB2)q|TW!~P({hYWK@AWH{cKWN&F<n5}HX;9^M?rxq
znX9|Fy@I>A-=9m7uc`yeTG6{j<9s%!)$(ok>J$xn4styt2-(PN-^@N2sQx>kx3=`Y
z0yKYggc07~u7*v~4xq@!$ssip=$DKZA6rT`r_-k!D^PtMg|{#Hm{ymLsRJ4Nfq~0{
zD`BYv=u<ZCZg;89Bd;$zV&kq{)J|!Ex!V!G+hypoYA>>9Je1-Qj)w>L$IiTVrD}6(
z4g=>7NZV21^frOz<>w{otR{^O8|tQXg%J0nlqVB|5Kp?*Nxq||<qMt)WicqCB*C;7
z+)}6ZqjT`@gv}80{ks776sPnhX#~6>UV|PvErV=UmIN0PRK?DsY^!JUST~-tlXHuQ
zm%vP8`xw@lrXV20v5n7uadCjov#-FsAVI9V3)RzBo+5jipWJ59e(x|xt#jg*%y2Yw
zSHmOE8(VKbqdAkGgj}EeWBDWEkXP*qxRt=?r7Pt2O4f2ycUcj?Ju)(^9e|9?_0P4K
zY**6<dqH|*TU4=_!I$d`cC>TBZcm+j;r(*P%yn+q{{r!3$CaZ!YV6S-nY<`!`QB#Q
zD}#VJtn(?_qGdd-1Lc4>FL@J1BmtE8B<|!?S*ks<SlRMBb?#MxIueDSvKiV2*L%z|
zT(%9X5DT?kfdg05o64e}#?ei#1zO`s)lpgwQvKFxa`K;Z&E*z&w%~EyMZoIfNmW9r
zXND=LNOc!4UsdPM7SfkXRdf-HJ52#P_c2O!2>no6OGFb&GJC@1I{GWnElT@OKA)9(
z{2xMI0vl=%qP_h@?_mQMUZ5GCYU8y8!iuQ~^BW1F0l!}3x7D@;Zge}oj}>&<{l;U%
zL{4)LQns^r|Mufb5iK&bGT93P$vkI!OS#>iK&QH1Koque$3OB%eF8qZYfdb~!>M%C
z@6bqe?wNb+QiaH3HZBFkIB=mx3nbjylh5tb%)N>BJmr#OpW@I{pgOR-Sr(Bx<N$1}
z5eUr&3(Cy$6jY<*-e^adath_0A{{1Esa5NCY+arM50}bNdV*_SPra@Rch38>q&y77
z2y@eJ9hK~JKb(}$kSYOV4fDe8kf;3FawVw1RLU)xr$)l%Vs#_{IQ)>OYp8LP$SA(I
zoLfJ3N-)te?FwFR6`S|r<ARQr4v_3TTs-`AFoC=ryc8k(dNb}o$P<LW<#b0u{)NBQ
zzzaT;MjWX53t{X3e;{l_(<f$jME?gPzleyOsYMtJvJ~G*uMnS`*N)lQm<Eh1LA)J}
z$uImGA_%|MN|6@%Kl~bCmyFH&8^G2(=NO3lhXNXF%vN*ISm#xDdf8MdU2NKGVFtB*
zhbTKi^=h(lvE7|6P3T~^4fub%{G1gv-L?gDrVT~J<Ee9?%7Bg0{MEi(ZoQDZq|jl+
zEojph&x!xsB=<U4IW(_%1k)`!E@|tMz7WL!{C{C<2I+%5{z~$VuI@`^97q%I>V*Pm
z+>39#WD-KkOU*Z4*J@wb#H4!JYI-y-7gjUf-nwf(<--vnj(2ar`B1A;zTMIz8!ydg
zGT+f-vjHZbsPHU5Gddnr)+BsoeKyPCZZ1vGm?*hzgXd9EFcot6%<ch1Qnm&c)<N>(
zMaAPq7JyDQR3je|N%Lp!7*oy32*<FFg?;(iHOvyT2RdLDVofcp^e;X3PZ1YS9ih#D
z7U)}zNrj+h!zYc?TCJ^I4gP%yk75}S7Y|9NShr#vWq+``NSDgk1FLYhpvR(eqDPxZ
zeB19ssxI5WE5S^imX-PhG-X94NjZp*;!>?*7PuTO19^dt=_W<?OM*x?<4qWuMH(Xe
z!;V2L4~*vNMgqCs-tP3RY_Xh3mXP07T3@I3W!!tJ<fShsoHgnUw)nPM?UPaPlp(LB
z;Gr44GLLkIell`jbIqQL9L*_v((}-oOLwDQ1i{t-hj9>YP4B1A)K%#-WZCf>rJb2V
z5^w_>3l+SAWw-Ma{36p=c>WOGN+h>vk29S?ZmUX5qBkP5Y%_#9@kbH0(1?6N3ziNX
zR${B*iY2=RQwq1}k{eTD^1p;4-e);jbb<dr<QlSBGmx-J#rL=6?h5TFe|vdP#m7$e
z6R`pNbAiNu3*-lK|C0|fio4=^oCincRfiF0xo09RykmKa)m>OF2aXK*zrA)5Yb>vT
zD=`CA%UvTu|4VQ<IBZWBo1FTgo5Sv~5D%sn7|eDZW1958&E)HujY(kY$l(C=0KK$F
z@)Sw&PKGfd?IcmJUoWR<cONZf;13ZJIR^^&W)3W*S5+TGv;M(Bu;SUv+6{1%6PdzI
z32$LVeKy|hW}z_EQIKe(B=PyQ>>MaM_AgwI@kBegdkrLmS_su)#HI$X4qs_<>hcgA
zIUc3~CnKw`EfJCwv1jDSQ(mHNz`s;ih~kUgNL?cEB#J^%%r;?j_fTYphY$RMv%MY$
z!Py4M{piD2Pe&dbcjeYhY#7S8^V=QhsILXv6v;chW08#9d?d3ie7tVj^#;7Wkn<%~
zy+0B8W3*n3c_Xjs%dMsf5>MPJX>p}T!W95q3~4$6a0MWN`r!v4J{O`7+qhBT;XcTD
zXuV0b^#`7IX@&Uz!qe)vdSOlf?NYh&27pG`m5g&f6^P5wf8xd{kv52;f%ICtj6+VD
zvVHgwLEvFgkuP+un4`*B)jAw-Rp`GdE+_W}XkGk6F1PSvBm3}r93`;RfANv>z@(wb
z+DUMcV{eeii6f?ab4Pg*`IACj0ZCd?`x0rB7|mq}rU8G~l)kl2*c+Gk;Y{pg##UIO
zUE44#u6jQ*o><d-AJ+sSD}I{ZX0FO6u`yR;+&@4yz{WK@jIA=EUZL?z1JkSd{#E;q
zzet!@ZJ9WFJLkWE8TRrGIc$upLowFbYTGA}zwg>MC#B<Ol${(H-7et5{@2AnE`#jL
zpMy3mBBu6eP6{WNu&tm?$QM{8f`)R=Cw8$0<V*YnAWL-ZqJpf&`D;Jx&S9i|<>-+d
zvw9|#hJ$Z>1jGdDSsx&#P~`uRws&xmr)+-tBqg8ooFZw5(i@(rKh$N*0I3{vO9$IU
z@?k6Op{QBdDO54%pMUxAe);6?CG`a-mSsJRS;0IYYKZJXJkb$xP^aAGl~rm%;9SCl
zODcZgz8A@!d*5+BssA6Y(_>pB;JXw<HEDF`w<O7h7PV?Fn%8iOjYK26>Ybr2;jtr8
zTP;GXsa!0<f6Jzka)0>zIY}tch^w2E-hP$1m2Q@#AnJCStD-C9V}xF9DubqkD3Z>o
z$~X`s`ZHY!(qL+0husH?%ilNbc7X3%nDMK>9lUiQ_(lRyb&U*%E)T~j6Ue^$yV2!!
zG{_^S$ML2^lP_fD!NZVGHZHrb@u3x2Q#)E;fA~A^%R9jqb1B)QY^d8Nx9{s(V@Dce
z#@`L!KW~M3dI{5q6+D^T*d8l-zUZ*)7CR&K$8tZ+ovLHI>CS&+NR@5-ja?Ii1ikeF
zfFF@UgglZ)gp|(Zi*Os9WYg+CqSi~!d_^}hMK+WTTfP_hhBeLeAAAjJmU!)(Le>Hd
zBx#>pgm0^Xlr>~?R#IVk?vI|E+5=H=O2OK(dX(leEjXIu%ct{axHJUiC4X?uu*0g9
zLDNfNp@MWPU|dm0GSPis9LO0r&@3|Gs;^A*Pf=cyu?|BJnOvivoY^y;HT$?x=KxQ6
zFD9rnJytL!^T$ia?3$>%5AwsaQiqrZTG*u374E6OWBKjaomPDvP!tUB8bCWe-+wF1
z`40`pd-h#sfhy@!Kswr1OW&9-GkJYF8st2a<M&=bZx$~DY{l~aHLtR9yLR;+liNy<
z-A2ogmGv&Kqa5ouwdDtvXnz1m3~5$Fwsq8`^Arq2LRXCF;+vvNs+q<i;Tp<t-6W_R
zc=`-1X;%N>GqW@LsoxZ+CSZ<8K$dd)WvQc_Q0rL;#D|TYPd;bb#=N9}*)8tsr#iK_
zmvEmC!4BDBJB!_A4h1Sc^^?24O|`;OMrv1F?_qO1h0hB0NP-i3K+Tpmya^|45+tNO
z83L}HgRGq}2D=S)juzvh@)<vth2|H=?BqG8Ai1HtH<@P+d`+eqH?X&9Z7fr}k?8}o
z7WC`Z+^#^nBAr_J_2vKo#3LbT>rC6dP!_INzxkmpY9}luWHQVc{!~<ppkg6y{OS9a
zu{ue(QDC*^zbO~xIA3OoPQ%_6C9h1ZyCJCqGAUv9I`ahwX5DKFbdAzyYUjR^q}`)p
z2zf8pL$+XxVX+kNV=Yw(CIsOX%phO>%za#OdTSoQG~n0k1Qh8J_rkv+*K<KEzIRI^
z6Q|DIV2a1w+j%{F-W7*Qxv6%m@HQc4Y18)8|6yX+f?gbyAZ8(@i^Sez$Gi!pZlsUI
z){8009a%jZrPGT5F_&pug?vn(%`17p6Rcc4o~FIM^_yYTx?)~3QGHwcen*KK$X+q7
zSQ4@O9@NC>iNuvEd!O}-iCYP+_kAWjr5B6e<pwy`XWf7gx8FZAjqTCFZHj1ElC_Y9
z?TIuDFBx$i{6imps1dz4%56wNp^yr{z(Mos{jy9U6;C?No;8F3FlAX*uc0ez>bG$Z
z2&yX*N}auMcqn940Bhy<IK>9t1-u%SE_u6;-fn^qT`rHpLJ2yonyJ&r>Sxp?(kV&W
zh{ds&(*Zk)IM2A~qJckj5-TRb8)>jEUX6n7036Hc^-Z5ubfa+#rEi4;0|GyD$~v^*
z@-?)15M@wnEYPHmk^h0Kp7}Vue>+BQ{3@|#Y}iQ+T>wB6X$r3VV32_6+b<=kQE|Z+
z?&d?+YRB-8SKBoRG4V@8j*o;Zv_aaOYmn-P!4v$#P3IRvhqJ|PuE<ieXN(1AUPI+N
z-w!$+OEqO>#-=997Ca^5%1T!Y3pPZs62%(C5=XJx3hmzOV8Su*4SWzE&qn6w4@x}&
zf8@gOIXjPaYggi{;cBdC{{tn9!*{$^T6uj+bb-?KdM4egh;h4ijHe@~b3fv`$(q~O
z5HQRmc{KSR8+9$Z3G2E{vK*Q*3Ze%XVbiT2MBjaKNl-a=qD3Ue;0jPeM*c{*$mK($
zXfB&7?AH{!qo2TvG83|HMqkq7HCWdH5R)lsY<vunwkTk8ID!$O(fRz?(p4tLn`lGU
znulfWkBacfqtxe=w%P$+{y7*kQ$KB5QtBOjqMh~0hDaMu-imkkPtx;rh4#BC$=`Rr
z!j&adAKc;e6WFvvWfMjz+F(-2HGGu_UQK4;hH6UkzKcg#N*t5RD?o}?iw3YWJNaVb
zjXNRPTcVb!dK>X+k3M$`w`rS$a3;~lz@qNc&hfWFkMx!+Ci@&5r1**LE%_$pr*RvO
ziR3|n$$e=TqK@Jjtxv2WfqEmy^;Jk-gNGA%^{3bJ*dOs$>BpAa7^XhC6pp}Xnn!O1
zmEF%(=hf%A`%iHjG}t`Lwg&=5bAu#%Npnx?)HS@)w0G|Krg^2?=RBQKc7sbya$I5O
zrTTnDxD;Jf#!mP>*`MNQELXnj`&NG}tm(=_O`MfA+q~l9s{Z(6Pt!Hsa&NCXTMG(M
z6x4z$z_B&F%Ph#4SmkIQ+#(a-N;UP7@1(BGXy>86SC{J}$X!GIndA+8A2$S{rc}-^
z=D+`tjzXA}jv6KF2bam%6Gx@|&=-@^zAN5W%vGwE!fvKA`1KvBsk`e^Ww&9&f4ASQ
zvfZv)TK{OoTR|wdHcei?5)8G@K4zGoMu%pq*9-G;Ib$k5bBe9eEmR#TpX1_d{H1>z
zho~7j?cE}LUOWIbXw2%T0`ZQz!l-+aMv0?@SQTEC6jxp<q1JW@^aES7&(fehlJv<D
zlZgS7`t0}t=Yi~FDX|dCb+j+eC}5Y_akGPT%4JZL)SM3wbWcSi)!>Bp)P=hg(^BVO
zZPZ0O!OYe{l;;=YQ&6F}yqwl1PZ>Ouaki64_dKZNX+Y`r(Yr6UIAn>WuwB&fVO)Df
z_C_%?;i`6>_6q?+Sqf;oW^e(1OEFX%0n#9U`Ry)|;gXRp2peK`qCDqPr65fxg`BTG
z)nQ1oLPR0VCw^p87MAGc$d_e%C|Y@|;?r~A+`Z+7=hTe2<Et}awSBB8cwoVc4)ZOx
z;slT<`V_5IN9sca_r$c0jy*n|QeNyjHd$G`Rg4I(XuE{?+V7tUoIQ=2m%xOLc)y;M
zfAtxF5(u^OTD<P<_%h)fp>LaaAGX!^B|M!%Yw?D4tkp9~*gJoJ4)$6VF;%;@J~`05
zRmKoCjNt0+&TuFCry!XE%BnK}^Sb!vhpIU`e<*JpX4NcYty24D%44c0GJJy^BSCqO
zjl74<9I_uvSd%Y7`F{Vs!(LBIuZAkvBG3D-g*n~`ydF+~*xuD&#uWg0Q3M{<JlnhS
z0byg(!wqt%+kg}iNqHOgO*+{UqR1(neOQ-mp-u{||7Ls`9xzB{zYJwbvP4YUAJ2xi
z0Jfcr>A{^kbG_h=RM5{Xzwh`+wO(j;v8!;IUBH-?o8m(^ehyYt0ox?<bfwz3hRX@3
zxV1}0JF&O87Phsk3DmE@mL<-Ri<r0Zt*wmjFo6T7GV?+nGhCcHZOINlv1^ou9%)-M
z+y60A`jzl90>GoPF(zLd@I6=Y-wwrlWfQLyv2KUQyjtwqdBJ2Pju#{ktw5%qAZE6~
zms^X#OA0-t`M+=#hIatcJ+S_d?$H<v9j!m7j#{d3%O7{<&KS{D45uN4XpIU!K<EBE
zd~DVo%4`!{6Ty+w`!G3Jyu>L=^FB*34Zu$9%yW5|QV7a16Ln|sbA0F3vQwGmGhc_<
ztdZj7htg~&TjG5;<A%rn@U1|<r~XT^_atXzmQg~y=N62V2|_GwB(f1ElAqQ<seW=m
zEu1P!-n-N^WtkO<_sYX;j<M=>`lfiogLMCMT{|+|-k7Cmbt7IQyhhZ15&-wMW#y4V
zqL)dDNx|B@Ngp=rk*e302z~}<9Xw3sO4(fE1_**$cXYFtYrqt(<UYILzlq22uAUTr
z`LdKx6(bJF?SDFxG1^#B*BG43ql#gF$B>9BmM|iYT`xX%UJ51>z*!pnvC!-LS7GI^
zPBF^Xi8*4J3}v=OJ$bc?DL^9|VdEu-80G@v!6a=m-8WxdM+z})t_Nl-%B%GvlRbMX
zWS(^EGt5m+u#$~((X(Cu!tK=rc>ECE6XO>sdx<liIf^#smZb!$2JyDJ&l6Lr%UuuE
zHL(?p3icM!T5V(l^y=vE)n29T*p2z_QYFckIAdbyqf->Yh-Nf;g#fXd|3cZY!S?V{
zw5AbnVw`wu5w5i+Dgxb#;-rm1yPF*`kf)<ODjkJC(vM($m6h0GEtl<szCe9k?Bo4?
z?jseEF}bdEw$C(CBb_+d$B^(ajtycoCv8#VfbbA5X?0~z<ur2NLMB(p*I)n6=jo3d
z08I27n^*4?PLLDar8(0Qa&WNeUdM@PQ#=>KdMA;eHk;R2y_%Bj<~S_-WVake7p#Rw
zlPJi2!f`UwW4(=Q$U6KzGhU<_G~j|2%WlMG^+EmmqRVsE5+Vki7!JDkS!(v_Saeu2
zy<J2Wv0PGOsZCMgqG|CWc^C}w4K>bE0BduETG0=QQuG-_<9drbs&Bsjo=p2t9l`GY
zl5*@viqLqr?MbYp*vB<|jNU3QbL9w5IR(!F4faU9nWoxF?qU1*0{rk#u+%kzp!Agj
zNBLDGE&2_t2u;!Jz1RXeIis%$RtlvO?8()|Z%EncOT;I6F1Qy0(|5aIsg-Cz{JWs^
zyNiSJaU%kTx;UNFC)nm7cIgvYS>BY`r@*$g&-f9>L()hEZS%Q0)=!2G0qunN1N)f|
zVfP{#P6`Iv&*xwZ7S|Nq-uz#5W)~>>?o5s$epd41&qy|Dhl(mrmuTA-39^5_HZ>#H
zP28MT3RYAk7M2m_DQu8m9T7{S0unij?9E8tZu^JEa*coGHEXk)KlqrIBJwA>?oOhx
zW2^?J<Sb?fc35On7yC|xPo0{JkWf|&=Ew<C-dJ<+Dvs2)cbsZXUOCm1)zC>a(=%!~
zXrfRS6}mL)i3723PR1vt+EjYp7b8;^iTHgTT4dT_!89LC#2gBB>j45r$ilkWMz+|-
z#nuI8;O%1H#H%zYZB8yykCt+g6m{XoC@JxN!Kip$R0!oA*z?J~>bfSm0MR>;XVGL?
zk%QN&ch&V;YflqR()<<sAjM^tX))CiP34l?K~kH0T<dp}Nb<v}up#U?kxld9nGbz&
z?{6z@rgQg>oL6!_e>4Jun4P#Ag$u|$f?5msGT3stJ;vP_9r;h80w1<?B9Y;rB8#tb
zJ$)iprt(sDsu=+sl@{ib?}XJNzb2WDS|@V}a(}4^MD@`0!0N8}h);@-=vdNDO9UH7
zOrIUh_W<6~^&||M|EBxrcoY+iRhVj!J-dc#zhF!NJ`ZCnSnu9d-%&hB;pBQ+h7FYl
zBhk!ayDY&8HD%FTau(Tn+sNreJ}r!Fih9L@SabJnzB4^;ta2RHkwr4b=)P$>*^Xk&
z{vCc|xZ2P+Z$G|UmlpqsQS@oO54i%=6QWH}t<reA_ZGdeXbA>)-_8^EuZi&h?ykfx
z+zn|ZUM$5AEk#(?qNoU-N^!<lVK9bwZjSs|ik6otUQ4D}f?eau7I2kw9<qW88P`qg
z!S83jj+odtoIF?#T<MH9p5SQGr|6zKp7c&UO?k0!RjbUs-scGFPfYi>GP|J2MSp9Z
zyXAv&rJdc+oh_&v;QY%YbGHCbh2RTu;!Z3KapXP{Gc_&gG1ora+J<tRgaS9Rj|wvo
z++(nIZ7_c|4j0%A>%#phuEZNKQIQu`2qj>>_%y$Df8I$LZ9f>EE(qLCEF<jG4zH~N
z-Y;ejw?WUtf-mDUx(^=jPE&ZRqcRtVuwdRi`4auEH-W`B(0(F#FmGUqV5E2hWoEuL
zm`#gtn>Bn>R;g}*N!5^Xo}#eR<$hyF^iKy%b_l;NTySBK4rS%Nz5`G?;l@l~p3ir5
zNGr|bwZa4<?ka8hua|mw8}zfp*l)dXG2ATWCL?q1QM6mPdih-M^ldA#5q)=yhJfDp
zXehfOi53fIU-sJT{hzkXIOQ0xcHr#A!W1R8=RUiy5VHJ^ZxwTP0|QbF6==~4x>YR(
z;_%dlt})djfyB7VbT0Wp-w=3PBSj?&|4f}00l)ArTww{2hI19h;e}8>NiTQfgaX%C
zR)Lr1_kj^UQa9RXSA%1~<gLRRy#O8u5-%(A5qe%U*o0qG(DTo!4YF%oev~y)gTB!*
zpUx*!u5!Z8z_{mT?@)g9A1q;BudGtqeoPN!G-euH-aKPS^iAadps5+;IA&pq<d7ln
z=TK6%UC57pjTeshKD+OT#6Ve%vnbpzKo!QqH&^Cw^$wVWsLMFSIYm+nof&ZN=v!@Z
zlFjuT$EFM5%3ZDp>M~!7XHHKQ@XV{~UCeoni%mQec#qjraSpD`;4J37Aw6pZ;-R1D
z@PtDIdse^Qul1;4J?<|~WzX&gJ<(mgf6z7^@)3$Pp@tW$JxiI|uU5`lxK0F*N}ULT
z5MQ3dodP(af;J5di7eKX53gc8Jg3gAQPB!3FxFBdAHnH<#dJ5Q*GrY8RBD4L==rgR
zzG-=%w@Hk}sj_!f(@K&(QL5QwSl{+JArrCQ!9Z8a|5vTkQH6t*?n{7S&LE<om+w>*
zLg_hjMtH`SEwkGLW9ah!)hC5-LL2n~N+o!O1aCXO{FRDlMgB`Fi)<6vC~aMuPbw_O
zjf`H?dup?dnh%STb)G0``Yu6~>c9yY%fW}X-9`ATEz+{Kbq2PoxFvmstOr4cdzZGK
zq+>QjZ6Pa!`#Y;J(ES4dmSqm|orB@;rC|gt7boV%vYME!;oAxk^&hW_DFJk3G?qdL
zMzy$EGc-sj`m`%q%kHrx9|yz#d6Gd_Fm9N2PXs7KGjC`pg`2Ne+lS!Lz7%dmo;q_)
zVLp-Trq7#d$vCLwx$}q?%9%rDL0MGCc<qmmjc+GUoLnt4!%bnSO(ah_vBWLx?avzu
z?zYT<IRu;PTks!~0c0=-i5O9pib#W|a?NHFHHwh0RmUDvLmYC|F7vTmpwZH7a-aDb
zMwlM&IDV&C3D75Dwr%tzw{<*dPUMX#s!A;SX>$m)p&SM*<KNi!%ycN<v31^Y{9RXv
zQINLLH=(Ra)LuZnxuVy$4@wwDXprlY%%6(~kdUs5Zd&B41ILbMMxh+zvc;agSFbej
zK;>3(qh$3&%aCNc$VEc~RvDi_Gg1dBo)c+1oMZ3}<;wR{y0UExsWith+evzocbp2-
z3bW|!TMEj;tzQFooHVFRLxT&f@b*4GXwh}O=lrV<>rSv^n6+3F$fBZ;Ky4Q8Oh;6p
zG^<%dpJ*liqw~u1&oo;}Qk^jwF!l&lnVXs5dz?(c7d3B<eV!aZJ%LbQIh{Vlbi&88
z{=wQp_2;4g5i9AOa$L5{7af@Vr~Iu-3G6yd$=v5?Y$J}eqwbpvUfuOsk~B@ym-O%0
z8&PGyQw68Q`n*Pfp#^~ATNXkmeW)Y_RTCbHlA}+umo~#vo<lPRo?zDxgQqF_U!_!y
z&D=GcgR5_$#48rwkf4!^bGw|T$3TC{(JVZuuO{F)v)TjWWvbg`?Gx^x9yNCH<)*o{
zF}8G=G$j2I0W3-X6cO4N+4Tctbebq7#nM1Gq*@~{BH$6W`5jcDtmvz$c`i9_Ielin
z-0UtN@62s<pJKAax2{WthSA(JgYIc4KXre6-oYj61gG3DJiF<tStZOCeW=F!iuL^b
zi?CnVUOjVtiw?5iCsUsf6Sibi!`vsoyaejU+xjaz5C{9;vO;ikD+l+d9Vj+lfk59|
zpt|B4+)fDl-qKHKSbqya<;+L2tW6L0G#e)dxwzi5mCZSUivsSMplawXfxQjzX)4Y+
z&0WF=zOTsaNTKO6mv@Dx;6bD1f@@4f&$m9EE1W%xT&$AMkXc)8f~-N#rrhrsOt*xz
z0wC>Bz<b^k`^)FY?(lu|md#1PPzTVz<p-bh1mt$Svg1JP$)0?ZD5a&ro0nWIDWv5{
zN)%}xWP4pJgm?E7SB>(FY*}1^^=1oQ1OQLU2s)E4dN4Pheaex8pQbV;*sY%)Q6XaD
zzMop9AF^(bZtpD3X;vI%@7`S!s*XxYwfXsW)3jv#k$1j3^<YZg-c;bW<_N$<(k8!Y
zGC&|hw&ZA%sy<ya`oY=b%S*N1LwGf#i+%PKBUmFiENn0SI&Ck^HiMDGwN0KvOYF0r
zIH_S@SdK}@btRR}A&G1(Sp<ZOQiq$sUq26fLz=<ZgfcE!D=PNc!cCyqmr?U>6f-+H
z|CM0p$%$xz%hn7!pc_%QRCY(Y4XP@`dXJiH_Cjtv*;EaG3|PhWi0u^@pJ5Vq7Wx-g
zdu49Bxd<g026V$d-q&ygKSa6|vO}=xw;uu*hA#IZkSXeO?aHI>7a6z~36FpI1zBRQ
zo%y&FgCyFtj#6zbCAF#Y_ib~i@%VbTa=i3D7ONDtcOrmMT7MD$U!5H;gBL+_^8_?E
zBij-dK|Zc7GAhp1HI=BPh4oRd@`2(gSEu`iQ}z;PVUyjY;vIee_=cXPg;!gCxEB-0
zl#7xM*UQT0#RiuKPRA8{gRhR&NH3OG)lQZR4DO9it}I)XHeYD&dBpd`#U_5b)fK?H
zZ$sdmSCaDN*_LoIeTS%VBs|VT#XdQi=teB<oWw?PRw+lpWQ-h52DQ3r%=|4!GICcs
zz}hwVPib}sK9ZYF+!zlf-o(+z1Rbu?4;<guc;~RollMc*zUASaIVCR^Gu5xPUf!=?
zn5Jgmv#39OBM^G2X3_ylV&)H84=g^kNVXC0w$5i}i~d?n?MXCR&Fjn2avyWY>v)@_
z84>T9Uu*3M=NuP7X-(|Dwm2*e-I9_ZaU{&|<q{40)k*x_8M?+}cKjKE%~Ooul`+TS
zs02yq@k8ct;TydVAAiQIqy|SxZL13p_--QM*!+X_$gB;}@6zqU|1D>?!{fkxZM^za
z)@nbjEL+y?GlHEZecKz&Fp%i0s!i&c%_$u%7Qv(|H5zb*qbjj9RN2;7V&{uE8seAg
z<Ejh%s{;p~zQxaoN_LPAfpZ2HMvzZbMIQ>izDn>l+fH{UwEE^_1vg!CSqcaq1)Kry
zggCPa`B;LM*XO$Cc_q`jf=`~%amG~IbA;#!(%SDFubJ93DFD^DX?zi%UM_HnHk?Cg
z01W<Q%sv`VQBmpsh^X;{<ah0yF>!p%*Krtls6irkWz-NVaBpXvGJ@=OSGhy&n&AFM
zpAVcl&6~Ir+MwujQ2x3JD1_=ePFNMNpXE>yRc>ETvn6<fDd_L<KK7U&IgJl_7C2}e
zWYqQcJHlTXwlMVSBW33mC|a-v#&L(bts{4v77cGk?HS~=?4z`fBAMZjpzq<t(+}l7
zgQ7fQ>~Im+Iq0p-im=<XR@FR(w4EBsg&Q#iTJ$8iW3eAF6)+)y@r_lKP`mAa3a0Uh
zv~A)N>nib<Q0m1$CppL+s?M_OczP<fFRzm0RPI$>kY)1B)bi=h?e~vTzGKgS%ed3Q
zI8;p8@agJDjcS{h;{yz3L1Ej5W=WMG&+nz@S`k&GY%doN2HL*T?0Mms{ouD2sFsgn
z(X#-Lk+^(7(FgI>?Ni<<=1AFp5pYgoU&)iyG1NQ=8>2$JU;rxZ4n?p1LbUN%vdbF>
zmV88?3(u6|;CjBH0P4Lz$8lijJCh&m?{7IUgHv=mK6VrP#BTLv1Tov+HWRF~%~iou
zy0x9Gz;H>fgxYxB3tr(A^d5Et2e(({a%a5o-=5}Mk0iP)Q!9h*TtgoNC+uc3(|;G<
zHm)5%i?RDl3?M4rbQ67i`AQ9mBPx?(JXD+}`GG=VxSHw}b~iqOZOgxvYgac+MW{`H
zDkzL>Y-qHET4w1MMQXV-Q7l{IOn+;VEzUSf$(ne;An65$3BCEOqEb~l%FjyRL*;5S
zAKW;MJ}wY8Ju@gdP%y2`_H9rfE;TY;K1?Zo`qg5*;y?t^P3U2u`NV%N#Ad>PFMLB0
zD)Fs>>acE*Mu=v4wGW*3Z#=uWhN%p-d8GzYWVH>m64YIx58k^t?6-!VgEuy%XKM${
z=)aUWm9O7fE5BUW*B265`Kj|7a^?{d2mOS4-dfpY<iQ$JNC`E6is&ckbLTm1UOZ2&
zc~Cb=F3*ADo9YiuKj?GL#he2(9mXfa6r?0sJvQezj8?Q<#7DPv4ZYW3eDxY|1@!>z
zqqX2H@G?T}TxlrQso~x+>oH7s@w^Ar6<#9@8!{MVsQPF%;74^U{#_dE-lFhftifdD
zEE3}Z^nBv%S#g2>76o&`y4#YKGb6rs(Y$VWHhAst0<!#k%QfNSZF{aW3nE?-b+aTM
zaz50&)-!yiFKbPAIRSC1CA9i#UXyob-Gw&Ai@V?TjDun9ox<AKYhdf1^&`lx{@W~|
zPt*sEwfthf;h}$hP!)BGsW1IR)0x7R*r5uhv+?U6|D4lKG92Wb5~1dM2%K?iljQYb
zAy91%Xi35oVy(M@)1O5d^r}ZPO4~a-<O!8^LviTS825J4ug%Tr)>y)-1j~P~f7jGm
z09iKBP5J#keVaywbQXz7)*6j1;nRD+ye*!J<s;ir7KHY1v1HCKK$3DB5ljJU6seto
z3R#UP^L4oGMgfGW?M_z;msXqw4kXIP>b#P+!Iis&wQ|MllKL)0D_eEfmn_T~0J$&q
z+RT8jxVi9WgJ8*T6#%)dg+Tm1(1C4N#lb4p^w)MYXoHiXs^P;FCd#NibQ|jUeS8+?
zWNTRc>g0djigh(ud6Uy1zR-Eqpv9t-9F*EY1sn!Wv@I#Y{gPu)ZYP<}@lylzU>j2}
zctV8kXb##6?j~23SQ|^-$?y|6`JcTWB<L>y7b2A%g#4QvEhGIUmbYEni%e!}81>*5
zsL93(-J)+vSG&Rg-S=V@Mt+kM;tOc4$cVl+30J?uz_~8#?NH&M<Wec~l~skX)FU5H
z47fZ`H!Q)j-mq++E0E~M`LSZ~6Bczfg2j?lrUZl9@}(;>@;R9I`xxy6kUxb5J|@m6
z0Lk^5(?O3)rDQU972)GJe7$?K-C;TFu3Z67aa5;cLS*i7wcY!b<O2R<QvT#~&JHQ-
ztR9)QkNFkXhvAx#->)jMcndqP#?t44wn{PX#=`@#f!Q}FW1!v_F;ssQSEQjGME{%a
zCfRSHtevz;szKl-u3D930G1oRxSK*R1Kg7lu5%zZUjP3(Z<q!WT$t@Bk>a(Y0ZA5i
zpvLgC2G}v-0(l```jYH7i!`_X_MyGrwO%t1&-&X(t6YVF{Iy^lg2S6y0w0KjKwKz~
zrQ2aRU|j_*H)T{b=$I=x;Gu3`OLtn<x_5XLu{t8Vdania{`2HoUaoaltfwb~&Q8L!
zKM~Ki1C}WgO)rh4qnNB@iO2YTmm-%lVsh|Cn+<AM!`M{AyA|aME?J+y^FiGf8%6I?
z;uSV%xr<l6(+aAoPe+*J9-qu0DFw}mR@M9$weZ|ytngNJnJ0}4x5M7)JGXS0M_mI0
zL)!;$ebXz1gt#JuW7eP##Q_meas`=9rw5if63rlusOOwUCWoR-J*g(-+(4<4L;=!?
zVM>BS;R}02GY4-!Ec0K#yx0sz-r^+b0r{nrVOyTAwF@eO5XI@%E@A&E;Wt4f7QFni
z7KE@LxvuEn=YGiTh4TXU1(NSin>Nah5!GMNO!&NyN36Vd{2<#dez?uf714Ti(w&01
zu6}pd;<=J~?U=&Q^b$U4yfuzDVxeK_^GB8vrbH>xtKgw6CK``9U_~_fYm{VKNj=ab
zOaeW^@aQ=|_3eHef&kL=^mK%Ad%3XgfYKC#LEw=3C#dB^)`u>ct<wI~n!PuHaKk%;
zV+q{cF|8L6m-Gp*Dfq3Nky_Sy-Mp->0TmRh_U&iaxt9MQQ&$;O*V1egg1cLA4-(uh
zxCD0%5+t|<mmS>Q-5r9v2lo)%-Q6ADx#WJ__k*Hp*RHc?rf0fWcdzc@{T*&1pQ4A<
zZef8pMAG(UV(v)`b1pSE)~z(uP91N%lB2`$v;g)GE|a#QNQcu~a{51U%zfX@Y%J<(
zY(D<a-UFa8EALw6O=vwW2rtb|+p2>w+vwy68Ls?=+r7ww@O*+*C%?ABHbJgplSoIy
zVN*p5_K4(PGZVC$+%5Kqr1o`H=o4}-ix!{oyhz%>Cw@G^qrZ#-A>gY5UT+SEr-Y$1
zehx`+VgN~j*B7#qh(cXZsU8Z1=|bt(y0?Ih)PH6Zp5s@}O(+8>4qlhSqdh1kkKl%<
z>ifglyzM-DD%!}__0RjBm1+bzOfHnm^BwvtuEB+pk%hI1dwJ(`OJZ|<T;7K{Suo2n
z55YDJgdtWYwY3GbTa3&vm%V8(&icM`N(iWbaxpj##P~8piC`W@8(=L-OFlSx5l?RV
zL^Gd+rM^Lt%^@TDpA1#S4A9$9a71d(w<dRMoX{uRdp+n(gJ=?!ERiMd+`mj#jr^3D
zBvGW){MjXN<(PV)6S%B9I<qifPiK<uQlLh!u^86n`C$*k8a47B?XL;1A(N2;X?+Q=
z1XEzGG4NNB;U{Z`v;iMwlWukL<a!A&>^F#Y<Tm=RD<e&p7!pvpA=-sLIig8-8|T4E
zC&6mH{B|4Q=}=JA!8!Pj;nykZrF<#BFL2eMQFmt9ss}fHNgV4+cU8XQ3t2l57Ro_5
zv9}QHI-9aL+}hRxBy8yT{`z?iB!@Y`4J_z$yw{Qq$qbj#k=1cnGdm0J5}oTx@BN!t
zDYfWC)YR<P+b`VUC_hZ3fwYERSD&F4^Jk6L`@>@M{>}TfYJ0D9wO7k+w2u-VyAaTu
z1-dw(w9L1%0Fq)h=gv20aT*81WVf_HdudvAqRvgmJ&KK=c|)-B`^~+#Q{v!QiF>-N
zb-!-J^&{Jv^Sjxw#V{1mrA&$PLo^+X^n2Xx{(D{N=P!ZxvV5Bnnhwq~pXkOJeBghc
zJrD0%bJTmAFG}22R~I!KSd;AqSy@c>>G3n4<c!L09p9u3X}K8tjf*uLi*B<s@TGrF
zK&*AEV>mWF;|vqiT(_)}ZQ<W0`hnvK3+ErrG_a-h2Ew|?=zH+$gZ%QrV_Q#4YV1l5
z#$~CNbpyZYze$z#0zla-TLs2fBiCdRT)j)USfxiRF*&fgFHu~d)u>nfi@_1XCb(GX
zYiw|6lXQZ*0mT%wr~DpE>c00|SZBR;3iTeYDxsghd`Cq_eSFnu)-FG@Ceb$=ic0<U
z*_)|&OMsX@ht9Nwuo6njl6~zP+9fR3!p<mL=A$|sDDfD|F(0#Ht|%D2I*Sc-hxu|h
zDSK7@ha9$gQ08M60xUoh34UJ&ky-#bP&!k%EU69SG$a6axgaFH9e5FetNu8v$5%IO
zZ5p^Y50QNP_45njticJRBj>1%L7q{-%QeY0!l3o9QvCQU219<bJTH<2i)VBX66eC&
z{C{Z$kWMjY`xO`UUJsO3u&S7?=|Y|Tl-{#N&TzUpC|jJL7WM`VSu*g-RR+mag%kIz
zHrPecDinpi$4<`jxBf2|_(zo8)opd8e7=jHt?@VBl7De8F(NfNM?nm7hC=r_OUYh>
zvOP3k3<h3ap465!u|DxWm2g}FM*)b{0{rWY^5J<(_J@8V2cac;#xjw3P_6(#(`0rD
zt@Whvr++g6mkO@Ga{=hY5I${(2dhkPst1VN4whM_ul`29)!#WP;b-}qrbu4>E$1a9
z1oIXFCK5^nZ<02?CP|r1uUj|{g4T<s8pP$0C+fsUMEF;00HE;Au;_0&Thea<rrUI#
zi#6aVv+<Fgx{MAVBlEQ>9HCB=t7Co{yg@UKK?|RR91&(2hk7_P_ntiDPQl1>an*A>
z_xJt%^iOz^2M<%yT8)ZWmpJi^qtq*;+eDEujZ7}DQd}Lmm$59Vw!qAQ)4x;jzq8kj
zVn`da0FC*Ns84_T`u4S^ggUZw9XLU{<;NQ3LnN}!X&LW9gjKe6I53PWCG%A99^x_%
zYj_yj##wE$Yx~PQZ=)%da!Gk)9kpIz`#g<0xX!Vhg>%<M+e8JpJi^Ibi3NfN7p=WO
z0dTH#$&<XAU%NACa!E@cRQbc^?*3^7VFR5Wp@I<_8xD)`TAz#H#dtf|ym*YFo^DN%
zwm0rEY?0kLAL@v0A_823;ruS3{`pm?{>VS@u}@s$AL~$J<djZI`idjS)qnO3Q_&`@
zm<$`lS`$!an!dqdw~++pV}QSzLg~f0FsjT8(HP{(k@pK%aUVGsMOjZywJMz(;U}=u
zd}x2A;y|wUjcV0S75ZO(s|Psu5-Z<dN?^G^Ql|+VQ;QSom1`D4Lb&(l?iF|M-R(PM
zEFKVSSd#inj-JSy5>0>W7$x*L_}p}rOOl$F+IrGeHR0&#%619l`@D#WGhogSzqU52
zb4n4UCPU5(0%%ln<q@xIm?@&j42ZQPqMegB0`IpRf)xLsr1nwBW0nF?{}EJa8H7&(
zr1@-ET4I@_!?e9+IjA@7yJrDQ!TgH%b`G3)_w(9XbqF@){(JWj@9(^M{~k<$81X8H
zV<s9^S2o62T7EF8W0rqCR3m*Wi%t#W40+^fb!XW^2=74Pe?eU4_hId67oxgIlOvnl
z23EVi^Uml!AZpN7q2@u;a-&|g%cg`#&{w93{4XaV{1o0VdE?QQ1S!z751##M=zbkA
zyzA<u2?d%RK`f|%o`N+;hNCNFufc!XjhR%6q6LLQsOCH_b6-Qs?^}E7+fqDa98UUO
zqu})rXQhH<yQHrrBORZOF;HDfcn-H7N^S+_v01`$P(Rz`_}#UB<d`Nb6nJ4V*xBSz
zbVnw|d@?mq^wpzKjLQ||tdmyU)ap?Gh$at^S)hxEf4N5&GyU)T4Wv1s?<;`5KgHZr
zcQI(8ljS+)h1z_+HnSXgso{7#fgh=)^#Sougq1fwZQc_e!V6w$@wH?5Ffx_{E;de9
z+FH@Qhpk}4$~obu_?bJEP{~hOp1iLhz>ekhply|+hyl?{0oj>z&VvO`bYeoRx>(=+
zEnT_7?G&Wh>XJ>Z6s`AMHMWyvO$+AVqiP-1nhLW9@?823A#I*fYF_lSRe~DvSWoWH
zKFA|<-aS-~GBFukx=(%Z%*3+nUF$=*OvCaM0yZFD66kT=k;&*{mI`1EA8>J4B%&)g
z%t75#MuXK+{8$G&OH4&HCwacBa>>|iK)%MBXt@O~|EOltT}P~4>Yc9c?plx434i6+
zT1)4T3J-T#t=&sr?l!9OWey1~eKeT%e%$?fPIA1Nx@hCM_p#Ayymp`d%S5tdYr)e+
zH7I+=Y52QIr103tvI(l(0l`ru%o;eZqVH!x_y04fRPaQS!DY}U&9aw^pW98CPsdRj
zd5oz8eoC5GC!`)CQpL$*&s}d|dhUD7woKMMwVnB0G&{Q3Z3%z#i@P(F$+E5}R3o2L
z-`TCr?bABtqi7aiZ$DDH$}y-z!?Ueztji70JyvQD&9UJ3LjES7e>Uc_6X09*`NPP^
zT=1qCwuTVWNFl#$ak}PUKNtcfTKKtYg{oUN>V*K^psLTWV#6#GJy5u#mfNX04f+-m
zq^k6XjQR`8D6mVP6F}TFGg!xc!QSE+>_X3)Reh5ex4gz61wLYS&~G_?9?WH5`(d)@
z30zFv+Yy)zR(S;a)+j5`kZjv_F!>Lf7Hv)o_pgo?Xg-Ya$y>R1)IS}d&833?d1!Ez
zEa+J-_<c?uDh879Fl-uBNN}~D@?w#_V}!pvY9I^Tq9K?<iu)@sg?T+}CjUY?W6Uh{
zGm9uryi*Fx$8MfOc<&2q0^ogWkvQF3Yq)TrXS7BA!^7CFgvh&y=(E*``PFjgncd~9
zOr}dJsdjsLwH~XY@v0z5mk_p({D^^G!<BCde8P8%{S%yj+|Dg^?9k^e^b}JfUKi1r
z4*ZtdhCkx)j8>kAcO#a$iB^75GNEW3>W1X1DMWps5^!HBk)9w9XdJ6m#7}5`wDJ=B
z6u}xbl95Lw=O1KLUQx4p3U;LOZZSjNbPr4xBee{2c(jd|)6?|3kV;<5w-oTBqEni-
zRc`kqkqd`3coA7#_8qEEKhQyo6+N~_0o(*LE4>PAuh_gx&aezD?#nJs5#uk_iS?MW
zzHO+Xn@!CQ*zZ)y_UuYcv-=h&+ouBKP2CEiUy$A~E&&W5pz#CM?n-}DkRE?b(dytZ
zsd~fTnWFtTnYY&=R`aK<%SycRard(<t+YE~eJ(TL@xoI{i>pQ8252qF{d4pG42}*(
z{g{@=D`yEHp7$WAB0+%}jHV40*3K8$f@Eh(N&in;pTlno50uOQn9)hIh^i+!rBq+g
zpwURD)G3dTX_$NJrO4RXbHzQ8@>@13R^7<sZMJn)&8u^uirDXaRXs#fy<|4I;KZ_+
z@B#+_Xfo;;jL~E=<BAwoMP?bpq6}CyG-ZMDzIp`HYu&_Ear9S038$Hluwj{3<d=Qg
zEXDzKbQKZKV5cYgyq_tpPC;}1E&e&z`S$8{ox3*GYzOQinJfz`KjfwJ7!9;KSE-Bk
zzcEe^rI-HY7u;IcQg_Z4h3EpsK_UK`xJ_!YwFv7Kxbv_z;07XTl%?MqLQv-TJ7=k1
z4L<X7K<U622&R@PH{q`_w*^5qF}DHR0ITzJwe*N9d5@*GAvG<*kMci;iv*hl)YTnI
z70)aDj@mjyCi+tK30z=4`)SmE2pNuWtT9)8K%1T&6k)CrP;f^z=r*<YL|{XMs3d>v
zqE~VORrD7Rsp1t3SZ7d^{wT^T6`7|7*yQti2gGMtt<(ng%T2yU!jQf5@O!8Hx_gYK
zQRHG<V72b#KHjgtoAGSkQ9~`+3q%6XA-PxlsBQ2-dDgM{%@tF|HNEk0R>fTcOM3}G
z50kqiPh%j^<S}o8{V*M~ijFav4HtISTktZ7eJZ@{0qYRzY=)we6}?V~!3pR-r>HvG
zQNfWcHmh?kaoDl?<8A{EQQy~`L>R7~(rj@;E;~n1NuDT2&>qqr)m{hIZT>3H`iwv&
zFT#f~d?Un9lb@{|F0X)#63C%(%hToBUVee1yX)t})f-CIsJ&yb<Zo*yXp>`bqUZkU
zf7gQr&tt&)<^$;pWlc`8H?6eVd{1JMNgf1^SCM>iD|L`rqObCb9}E+o$A6nOJ9H)g
zK)L<*`w-DBe3B5+ODI;{)0HxcOt~g3q&Xr#pgX<MObfw+K7GUH>mP~Yz>RD+ou*j}
zQL^WYU1rA&uH9O~ku$l)HeG%o4(i1^U3IFb!5cd>d2OOd3`bK3sH3QUSeK_!$H>DN
zoNxT85Q!o3gZ9EY4(io59kA;=SE^R<Sd|lw5t#57@fSQ&A%DwObwXVLa`+bC*!4zV
z!Qx@M&ExruST*qD%1-86)ZK*NdobpW!zcFoEsj2yD~md6(_Mee0qFHQ>dk&j&f$#g
z$kBiAh<FM?d{Mjzfy`W>X9nQeioMPW!6bTxxX2(Pl(F;Dgw&RRyuiRLg*|!M4T!bE
zLN>CK@t20r3~U69^?&K!Y3_&+cFiF!e9G`6BRII`(b=$apmeZgThlXsy0>0Jh;8%c
zmM#^rODa%t-FkmlIByZQxOB*s;zX>2)x;8g`;PvFb-{{{*sRuX$OYzvqK>w~gIqFV
zHc~(Il>%42DhE>{ZZHU{**X~!>dPyF(Hr_sx<c-XadHMZ9y!?$Jud$!AT7qT!?Ng4
z*<$6a^r%kj=s(;!y{^~z=sZ!}xE_J6*ENXO?LZTOE-=0%<-R4|Ztw&S|JU~Tp)sh~
z;)D|Eo>fC@q6p=o%oglM%kJO<4w8!5o1|bA0LI&Mmu&e%c~R1PZ=6sUYb82W^VO``
zhVLDEkj?N$xP&P6`N89|sn|hoXyz*ekEdw=gm0biK+AR#9gF9YBuUTDEHOthPy}nK
zFdY(1VxWv~EETHCG#V|L7t0OxC2XDY^+0arqj*HM!SXu;-sx068~RVkmFxw{1yHHU
zF^w5%XDZJ$E@}(QfakseRDEC(rs;|5UcN=QS8D5AAt<H&H{v;;KA+ggm-NP8f2ziu
zOz9#@Q?YhmYiZ8Nb1Jb_%7my+)+Wi<O?e{!i2?2f+qnmI(sCkJZGaD<V(}mp<>~8z
z^#U-`_>7UpbZ~}W{4)!@z#5oh*BRhm73=MH@T!e6FZHFB@#3?Gh!z2NNglPM%;tMI
zhI0n$YM5yPpAjw-T}-F#V_jp><FLI6`(?9&+-FI?1_Zx%G#i7Nkmpb;e>oxycxwGN
zy5y8UFw}+hRM2rgYlvq+0FJ0{I}DuP2j&fXDNO}*SnEQ(9u9amFqJdaw=`A^*bu2&
zY}k|UCv?e*^#^`g;!Zw4u`5ur-<T*KHwjG>yw#fx&a{PoP%GV6lsN-SlyoLHPct7L
zrM3!sZ1wKOOG#?d_V=b#>OH;GIzmdzc>IT@?7-m^wGOOE$o!xTRPtDl)wM?vuOA~)
z|M^51JgNUve4njA<J#q8ZwK0|rmtFr=IOVBPm?=DsXgzODS+bNb8SJoA4fZ2V5{WY
z?ay6&f?Dg+YJ0BboY{B1%Jb~!`C(`<Y;)$bHv#eaHk$IU!-6i8w!z^Xg|;D)3=ER3
z*BHnX6cp;qZ<hoa4F2I6Ao^gYR%aPU)7$_5zB~~C`mz-0%aNL7ts5|x8N+i`Ac*={
zRq#yg7|M&VY)Qc0)LL@3WBw`KGyQloDQ9y}B9Guu7PVaQ1jJu2;L|xt;rH?S>&vVn
zONI$iaYAGQInG6KYcRn{f(3fC-e+MV1+>`4%E$o;q;*cVc!K}AOrxPhF%Lb+u#*J4
zoI23HE^?!UZGokbq<XP6`viKbf26SPL!(Y*dD7aAvk_21$#{IJs9>Y2_y|g<`I0U@
zw4!7z^DU(0ze{h#VIH+!E+NxS0SIXM%KsrNk<2W&!Ne*V(5O*ZS59N|!eWfNX6)7b
ze+w`R%?4WfWYE%M!Sx+we9VT`PNd<?q9@LeR!9xm^fy4~Mu^4hTCIn=(<v}nV^;?z
zRZ-x}9;)NRlgG1bcZ0js9_fgM+&i?YxzkCdszy?X=Eo&~qxXwA<KOK@RP)PDFuJwn
zX`jX|zT(Mew)(@dU5P3EwJ)Ft{Wiknl*qA?u!-cp8po`1f;3?YDm8o0CndvG6k9N5
z3+(5%c=G?P*ZXkf*oU3~(0Unu)e-b{v933NV+<{qj_4rguu{NxyuRQhP7=Qhs5hRi
zKgJ`~ii@AazFVt?y@bSq-w7}NyG}nie(ICQzlG5fDTPU9kmfYI_+ImkqZrryoCmq|
z?wM!hXb^@o40LVa|M)U*#p)$JzH0fJhBIZ*mkRRj@LY}C+kG$U9hWbKA1+O&j4s{O
zz4jM%MnT~)yjxY&1mqtD!;v3m(O+^=jj+awB^$OF-FYnXin&b2&I-jHwD5KmQ3Xb(
z<)0y}vP%L`R9DSmU-d&{5q8Cg?$BBEBHmxh296A>@<^Z-u+g)*nr#=Za?w3cGO1G|
z%#%966VtM$JoBI4acmOTy{oOp)CL<%tSI*Z07E>4YOf5^g)trKJ-a>7px1;E?m|&q
zR+;?S^=MvboIP1B&c(!yjP~Ic>xGEuG6hn&C9!yEsUU?L-OGef<W*JTg-cWskbo>b
zXrKwvEb+C&?z%_X^PK)aeLIWttgw&(WX@%?S@u0;<mI*}59?E!IRi6z#Ltl$^&hGT
zHf~)S&Jv^_p(F+;-sJMsn%$L%fgstn+wX?qNd-A+ZasOft~X9==j=B|Pqsx1uAC5v
z)pERIXu{}EpZ;ptQ2%#ypoi$-zoW$TA}~b;&-{8rDDAt>*l5+F`hEQ6Bsd-Op=qr%
zUX>g$9KsH!5%m5YosuhmI*_>7b1tIM2W5QwoYcPpGtXV5+3W1pex6BWzMa5%KuU(g
z-roj=3kfNcP<52jwv%q$l6*JPw5Pm^)cAMHICYKdg!krm0>HBeO}EGO(bylv<GrKP
zM;m%2@de&y;2<eF=*Mw7i{E#HH4{5PcM<U^o)@vr?-(EdX8*+KqbnMRG`6p@W-o-9
zhzcVC`iJ5S$((|yYQ$o$f}ExxanJStynmx(6dA<@?EK6*(!)cz2|1)N4hyF1DEaH)
zvPF+`f2R7Rtt6>ddRjh7hy^Uy!#Y<#5)#Y0bvJ}d0<49j(dmpw;2%wV$f2XS;wCL{
z!m13h>Gmh6JM<gQsIG^mc>fs-nlm=I@+8r@W=h$Ahl?=mCTXq54FRN#gmixSxmZ_E
zo5G&siN-p&hw3zSMw=f5LY2JNqwi~e{<*(hm-nWRbJLOTy5<hld}j9>d2k7%4UxZ#
zKODgY0A>3Z%?jZ4eXu6VC;E|+QVfw-Kplr}Ez<hun@L)Q+OXYt^@_>I#cw8_?>PV4
zQXMD}pt<*fw$zocn={^C2OrYh#fgnLSAkfmjh~jPGJajQ^@88t9|*DAb+#AHZ;u`}
zkIrGKh+Ho{GtgY<^h+2(HVS#ikTl(_mr^_{K`>n!apa{65jOwdk<J#am$v!3;Aa|c
z8$)j)#QTloO$~LVrbWEEazayge+7maP1_K?47S%i;+I+s?FUJO05q?WPf%4t;@TIM
zG+~WKglkGEGobvBm*Qg}{$C#pgVF&uW#$94K0sM=MllRwY@*@K@41Kq;h)kBvCSjL
z=RkOg#Zlq?3f*P!QMkK91M!P^2MSxe5HDBg&kyAdYxwF=(etaEN3}wMG*-SEgh{;v
zvWgQZgTIL;T)c=6)}Qi--r%Iw3QTn|M$@H?+HokF2dCt!<D;vmvN(qV2Wcxm;9vDg
zgAsTiIy<C6!4=i?4H(mg_mNq{FZsTTNP4)RBXRanA2MjW^z43Ue%`?$lIe_C6dB$^
z>dbh_OPX`Qe<hEfg~q0UpCgm?4yX~(WLPr5p{W!vCy|&}g0zT%>@z_1*Lww+L*}H|
zc|biQyikppW#r8th6!(XFoAQv?KPl1{F0@RAnPD%SRMAl&_uAV-<r*DZ__t0gCFm2
zG%$YEIwV%>Bk4*4EessawrPLdcC4-Xka}bu#^>y6Ip!{<Er>NHys+0jixz*n0^i%7
zZneu)*%FNPxU)n=KuV|uaPhoz+X{&D^X5HCnl&@WTxN3>N2<6vItHS9kF_0=-1lZ=
z4E*J|cPSqae6B(99)4~FgtqE&qL%7$DVN(s`%W}>L$=SsKTc^q!BYev@a$10Oyr>w
zqgksExDWoTR&;<Bb7-Wi6RZ`R>5tYRCd513yN)-e1VZxekgR_@0!`1Su1&=Nhw|R>
z!KN>7%+k^U0h`>()$e$8W@G#4#s-~Ooo?4lHGXKW?Jy8Q&3#AHK%9SfUkLqcMN}D*
ze28I$79SZy9FgQWLqDlXH-gfJH!7vHN(C2&NJ4N1X2p4BDX6Fh^m@m?MKzt@Hah14
zeOd!oA0%F4%(IUE-K1e&?c&|#V`Fo}wp)kRi6zV0-j+^dHrHU@sVTIP)SsFyoB-qk
zN=jH*0HJ)NuUj^p$3>pz$v;VgeKD5ML868SacfGGo^>f<&frS%TX|vDVuQtUjR2o%
z=N#c}=Q_|3#A3MrH-ug%V54{5mJ&1sLf%5Ovkuv_lbX@4LS9JD-ibY#geI@ywf=)5
zr5|Yxsoqf}-}582ksmY4Y~<v+BwKp~1R@1&ar}$k#9%gj%dixT*$z3^7$)!hRGuYS
zS%6{_3B5h3F<(B;K}F^DZ}lpNn?cIF7m0x@IJERNR1IP*@D{QM=d$UW1FpUNHGYl<
z0o}|BK}Y72RazLNAAu#9v`pW?k&Z3!tZbP|?rHRxz%>;AZcO%01Ag;U$%YwY%sU*i
z_-<%KGC6O>X!5s;aMdcI()Mr2J(*NKt3x$=UU-aXyMxA{PX+bAG3fXAf$sMD)ORHw
z?Cb>)ZFt889$ceAAQLVR9i|EawIv?OS71{{`FBo#n$N%16@)f{m=o7BZ8ri6A}ARR
zvS;&qFi+sY?7Y|mr7q`u6|>g)DtMb7Wl|5xi@QG0jJ}5aENc?RWlwta1e<M*kNgX9
zq5|k=G!42YR>%;?|I|T&9>jo%%1LkJfjth{B21ZDI4Zlu%@2b@eMS_?MQip^-FS(X
zSwyg}6@uzq`097HM6k02CML3|zHa3UG~PuzVkgrk;-85D{(;3?#7KuGg{M}|cE7F1
z(;SaoEW##H#6&VbTF+G0RnC2%+s^SG_gKBD?!tSwRn*6vvU|DuE=i#ENN6=mz_ua$
z$LBv>nDTjkW95AlKX7wdY35YQc`OX0eWZyOoXN~PWv(-=Vg8oOF<%>!f-WTcNIXxv
zxGfPMffQD&bJua?eEJf!o%z6-f_Zpl;50x``u!d%SE_HcZH3Tk2>fO0PXdh50=BpQ
z?NVz#b$a+fm+26wBF-llW)N+xoC})i3#;_|?#y|9DkHDgO5>+~v8M()BhcA3k8@I>
zD040!t?^LfDOxsYd9KGdtV^Zcr+`^qZL70ZI@TBg(%jD`6om6XstvrS=y=H=<jN%&
zL}<m4=tfa*+H?eCi;{LY{pl$YhpPd4%*Jz26+{KXN>1exz~ldyM5a{^p|#gc@G%cB
zkD-)23kqlLogFVpoHJM)miDV8GhnAr7)mDp`|JI3aiCwPAXSSJ&rwG^OYjvaNl}3^
z9f<En`Fu`9uTTSPwn(mH(FtmwLi_IuDn|Q~#*sBMf^Pn;ahx?UuwsaoN4nxBqBoO#
zGH3s^C!f^XJ8X0Q`|Gpbn_inHm-C!ck4z7>2jVXTX~}qXC;5|rdp-TLkTi|*pzM8g
z$(!y2w4a|~(A@*wi6;!u=n%PG(*xxTRl7rR?-Z$DY%fa@h|8-)!x_RAi^rXYvu*Q-
zA_NW*z=;$dE+T_fkM<)jE6(YUJd8xnSNhLJ6p%`iH#6o6)`($G#w%nJbfL-v9Qdnw
z*Ijx3PdAxtw@cc+NbSL(D@?_C6@Ds_>R^pEt++*7Iv`9QiliuIE^T>XJxXA_SX~zs
zN@c+mB^Ve5atW`JE#(p6sV!h2SQ_??QNdHpv`Ct-fE@Q{r8&RUFI^HCpt8t+sv^JO
zMN+SZN??Ehc5rJB?Bz;d@Sf^fGdriGrRIJEh1yO${dGiQ)l#+VSFsz`d43sZ<H526
z#N@BnmNtAYgagcYO^wX4t=~U$6&l;`)S`aExmlb{jF(!CNps~CuK=9(5R*-57QcNC
z$fnzH^vD10|77qN%svK3(-F(m`hd@(vMNX>9IJ@Dsq5Phz=&X}8%f4S{m`FbZ8hb?
zG3)gT5}xoQ=~hGgF+pQ(Yc+toCDJH7CfaXtm~f;&9|fM<@@19}Eb=~Hc7GEDLLgu0
zO~A))#w6t4Z-QXiCU#>z(jDqE!V%Y0aB3stDv#+Tw3TFQ@@rp`{5VAa!y+H?^;lLz
z8F4|M$!$eOxYPw=`;<@=(-DJ*^eE=xB?SD>^q_{nJ2bX)ZB#B3hI9-~+sug9?8LP2
z`g@KYa^Mwba=Gj2?}tzRi$85SRM6Jcq{Vev)lq_q`f1_}85jmQe2QHm&`QnUCyF#j
zS%PzSRp9;?2UvhEhOr8n1UaK|=f0)|P@$W(!46gN&#0Q(-U1g55SM3XI+Yr3*E)nA
zHy)MGdyQS}G_z0H97UMv+t+UvuR2k%&xXg|j-~@Y1pZ-~m)%=~QFOs1L=fp_Q587T
zDa7TqhZ>o57Zpe*;O+>=4OW-h8oxCGDROs?x89O}TOqiE!d5xIgSYQ5<CiRh!*vWF
z!%K0=7J8bf;oxrT1K&0BTfS2m4W}vDxp(`NP@{Rv&8N272YcJH>K)5p`8N^(G_CYW
z29VMadzN%Lf9YkCOc?V1VKY{stTo;vC5@{{+(`tpa5)7!yr36hsb8vvnVUi)Vk1cC
zmUQEb6*42jqa8BS2oJzq<J1hJJ-Bm@u1p2;eMI4%0|~~^I*=*V`@Up)NAUM~Is8-X
zsJcq@Il!Bi_-!Q%6J{0+K(4r@;2lu{H#0A#j_GfM4=#~pV~n8=nyE5JpVz-LRVIxf
z&(RHLuMhebWII_Lkp%ZMD~+&0l5^A0(!{;vCyEf=1@SrU#O6NIL7}OBBZ@O)XJ<*a
zB9cos{SIjv194cZk7_1;tzJBg&4nR#%fk>dlM75*c~%&}-19ZDqDVq0PSge?KM>Rh
z%H5l)YYgjE)Xb~U?l3Ue>(P}ubXd7}5KDLy^ixLH<qUX%&GmRqMYYJcH<kAgMVPdF
zvDcPDQDj4yL8(;f?bRm|r5Wvd?kXg9le(3X^SFb&JIV01sMXAG)0e1kw@u#lA`V2A
z143ZN(09Uwm}bHE^fYy>HoAT;@7<g(whjM6XsML=im1UvaC${m`65h1uRyT9Lvrc9
zGb#i%#ficap^+*`&bv-$oY(Q%8?mezl6bYAe5aVCU6tCi8AzNsCnr079>z;t$Mhi{
zkAY_*UGLn$%qT_DPTm7_8G@CUgea<Hm}Oi!8A&g}3UEjPikHKgW>k&9J@k#-A16O*
z-G|5`sicny(@%cL369m=IjyP|+BqR0rPp&`cZ+hqd@$tIGcxKyK|@2i@h!s%H2T1-
z5U57Qj5-P&IQUDGUb`$6U0>fr=%z!%`~(Ziwgu8p5;CsH6~B-r{Ji!{8lQ$-JnCY^
z*$cIHyi;U)i5%Ng%Jd6!kfWi*NPRTuoG&sIAb^Tc=Q47ZXQ2%uL7~v9=CMm(7U3ZO
zPeUBx$upsJsN6J0e~YuFj7{^krR?4_r+`uOk!T0|xPR4TNz4XCWvc&28gLBm9rnJ{
zMzi)~XujWGtQ&5f->r&0=34-sJWhx0!!DesVhh*Z8shrW&Hf(Mb?cwxzZ&8KRy1%?
zss->qPx&~%S=SqYCFUr0PGXORo>bf5YYn#k`Rd~j<FT)4kT6XKrmqJW6*jp|oaby(
zJ$#+%W7HG`9$Q*1PuI7g4;yvm?KY3qNsZ4sw0iIt6ORKe8RyY)r5!=cIULMA@{`n*
zK0^J!d;oHr0P<hNaREQn{!qbnvd9t85*4arK&!AS_e9mAn8I&ZXf(-JLHn!yXUL*R
z1IV*7qLIief+cG{HHIH~&fAy$vI6*i_5UK+`3ccH;9keuA#fuQszrEw+@=~W&r5lz
zk!&@`1L+i`fnF3*<sWo(H_NA(nC3cSnw-Ez#kIWxIWT`EHP-~;7VsG2eRoi$%wD8}
z<XSOFn49K3acYW5<NGuCJ~;_PsFgBx<xXDOKJy)yjb9a9eyU9($GSDwcOJmr^=3=D
zB3rV6*j@MQ{Gr6KzzEC_$EKrs&ZuV17|O!yDyf}4`sAHZ8jkW^0iqii%1KMAR-0`{
z%3JAZ$1}&|>h~@=FmtQ-wor6<@3K6gK7!K$@X#;$7=d7?J864_&12b5GE8rEXp3tQ
zW(0UDyldL;pSORfUe!FbA=pP@xc7@cw`5xZ_+Mf<-r@u6AIZ(%JBUiB2>p+Q%qoVb
zAZ#P_eWIBubCkwqB`m3oq@aDGGgU@akXCi%iBHsH_CThMCjEKZX!`pzSMxaVEK#)F
zW87kJ^Sh2irsJ#72B=F(vg8U^v%M<@9ujkk2@jkC%?FGOZZskLb}mPAz*v&T(q7oz
zM;q|PAIcsQ6oVosTUuE_yFAnmV1HWqn?helIIRw4M@n9wR?O`TdAf8$(i4V%4moo2
zj8;SukSUCa5TDT$C#BLR*XR!_|BwLBJT@UgU~m+&1M2_L+}{6BuZ4d=#i_oqj0pJK
ziy$W(e1^*)#QIK%(}hum9U2Y_Utm8tm1joX$>+X!AR7VCqoZ^pn&3uyh+%t*zPK~-
zj7$H1G@9w=cb8q8dM01@!IgbpKk27#3fKusj5j_K`;Hn94}*KM!SrSObE{-^x^WuP
zAy?VnUWZw(dx{~2vq?UvBitAYQls`HrmTdnsKK(p)2_!@%g~R!);VtNCZJ)eVgTRP
z+9~7?s~*|*VU_U(Jo(|_5d>R1(UPoGPz=qXBf<-(2+VS$RFEKQ#)*%0RYuv+Mhr{f
z5&T!F8Nle(O9E!;BGOeKhT|#%wSeO7^pk~sM9*E<e11FLgQ@rJHuwH0;`H8R(BtA_
zIs*ML%F+QIpv{^O*3QY<{5v-}9G{kxVn4cb>$IBpO7%I%>EIZiAWepp@ET`$MGh>H
zeWd{RGFOYCg1^}B3RK}pZ+^pXy<6tJVN3Nks{=w4$1m|iPdjn?&j^Y3$|4z!%ppym
zzEuLmtXGaeqL3JohH!>#ne~qS!z>NgiUUA(nxcMt-JU4Hxwu@*92>IortDgh^a^x4
zlA%dOd|StG1~+yAxA?8))>eKeO%iim;9WXH6Jph@VE*vDIU?&r_=w=Raag=*%_+p*
zs31#XZoAyz(#RL+n5MD)-6Jb8<*=Tz456X^1!j*rs!Xfxo3TDUc9H9YpUZVN?_7aS
zX@twdEWWu9LmgyXi!h2)XtpUufnBMy2XA9g*xD!Yb~>+g)^5wy4kzwA%cgYr9u7O#
zo^VKJ){Hq9PMqp~{AqTHE^sZGkTR@vX!KXc&q0@`<6EY?^551jott-5&Tp+U#;{vm
zngVmcc*<=B<E@Lj*Epin`bNo3I$;7V@HFQ9f)U)SL*a)xgMuFWr@)xIg*eS)5^*G&
z!-KauzUiI$f>OS>>AJP9sT+4u?B&+YkRR(uMGCohQ43Y>&sKL!E!dr_-GvvGy~;^G
zJV9o0loDM|6G~EKJbDt^<O28wZ9@_5p`F36HVd;}>_lH!&*S?F&>E)b2HGv2$z*p@
z0f$x{?r6!S{a;R+Z=OdEx@uj2m>~N=SMZK}eqQ=OsJh}(rOGtH!5jas7DZ8KoQ?hK
zUFr&>6NJuM)w+LP#lzyS7+w{Wa{fP+(@+=Re?E74A5r<JVo+MR_@2rjl@OSj&>Z3q
zc}aIGzONwwM<?+d1eUVjZ>c)q_eAk69N!tPtZ$uA!E-=1km=gYl`%vX1au}(@L&4E
zWb?NKzVLs_#d#j{LJ#dO?i-zN2D)~pQ)*IY*Zp|AEhv+`XP-RgW!OieWpd+>iNSLi
zOCSbqmzdI~KG1kYR5gD5l_jHeA*=whud+e^!gwGiuY-x;G>7r+$3GoWrk>DoWjjBZ
z)f7fk(WaB<L>;j1&yU}LaP5(d5yH2#Ax$2m`APjI<nh}zGpgEE0~_(FJpCa7UWn+W
zP^Y>Z>on=BXnu@~jin(tz3oETZr&rp2cnU=$;bCa1?(=}ZSlbU^Jz_rjn$njbD--)
z8?Fe~`;bRY^_S$TAMf7oXT8xbI+Lf0>yz-ur|%I5$oMmL`S@s1kenSdvRoUXK*;Wz
zme?&BIeMp^AIE)97&3b--g!I><Xb#|QD!&mf4LF$fcNr^jIkzRh&I!28$fg7?m`*e
zH6)gD()F9{xSh^p41~D2n>(;bWUeW_p|DuMp)_yd&R^U0OJ|CHk3mhbDmYr5#wA{r
zy$0eaPvVcbK4>y}9_gUyMBI2rH&3XZ89Vk|5OSLSQSCxX*$6EoaR$DE{@X;cQ;087
z6s-}_qN?~3<CSgFp_yP-P?co``I`_|&K>HeY>2!v6QRPzmlE{9m_X@39kyn@vxGt$
zb!X$2cK~1`lJ$zsm^NB_J_n=z&RNb$;&*iHbO>A5-<>)N*_Y01!kP@eulc?4U^x@@
zXHaa$d^sGr8oS$E(A4mh0YwE3m#I9*dncyD%6{qt57;jT5|jWA|BA;S2J^rnKF0vB
z<P#9}snigxz6LiiLfNE8Bo-W%W&mUThVeB(>l=vTfv0G4vcn)y{mB=m@!b)F0B@aV
zC}Ho^9Ru%kG7s3V=T0MT^LK>-UUC4>BhSj1x!f^ZIJH)R#1GpP8B-X3;8RkZ3wQ5I
z#O4=1OPO$&*5BW^6T$RV@uc&<5E4#2_8a`oMa6=Qw=41G^iOYPPrZ#<m7?Po$|r|2
zs<er-H&5y_)A>n(cDMzd_W_A+mWRw{2BmtgD#z@m9St@X+fVj4d|Hu!Pf-R=uY_6+
z&gX0`hBUVJa{~mkIgQ~@Yt*In$=iW8rns-kW|IDZq_DEQyh6+Z@iiFf=urvgAN%eG
zth$7TE&H{L-Y^i4zAf=k{8gp$t_hPm<{;kqYU+~vV$f{D@;Q%S{IQ+67-<C<rB@+V
z7d!HUr!Hs`0L^VrkS16MmQ1K+r4{bFkF^x?FZCE$3>dP{QADbsKSPmdYn3iKRmIRB
zP<<^y*p#4l!vA)<qZJH+UcE6DOfdBfLQea^aJjI3xVC;aKHBN>#FP1abZkm}^7u`?
za{q3!ePqIaIzpz{%RedcfNiVM=d95uCbRsLXvDX1D-FbYAxOka1*;H$cpwk!Z!Ok(
ztkf}$OvW%zmT##Ruh;?sw)w#Udu)p`(bc6YtMQM@pPghI7Spi$cxYiT@dhw&sQ^%u
zK};6W1Zy`|3aOe;5D2nT2`-2UF)*(Bnau>h<n4YC53W6MOi7`9X~SW-&&YNvVRI-R
zw-#T!1<x7VIlqsN2h!NAuiTdO$27AkL^$CS{HQ87%T4j8M~c(fzn^xhaNcN6FJI<(
zET!~c=fYqvHy*O54!C`9efPe($^%F;!_L(};0pp0svhbtY)%))o$AC(pMDfSb-GP0
z$CJy615e)_TMJbjsiSy~_Z)xIU0(OzEnfE>Ao!;iE|c=0-&c)*918D^cCxQv-cQTI
zcU>I9_-M%X$m9*?Yd>nD#H6GhHR6nwJEEHDR>~>k#h+ra{R{pT2$1@RHZ6>3@5VGB
z2_%vHG-TGx1+wk|+Tpx3n$S0VPW=vLkw%$d8IT521v3_Vtyi8imQ9Yqqfo4j<5)y#
zo4)Bj$}5Nr9nLvZO`><WJ`@zs<&NC;DtRriKaGlh>p&|<cRxpg3C>nEB;BVa9~#|+
zBLP#$BmVc{*TK(bK<3kNQ#XC~Cl9EUEK}p}Iwj9ePB(1^H8(k}=r$#jNJIkA{xya4
zgh+x<C2TKzk8SU+@n?q%3jHgJy+PwIAB88AK814kdU)Js4YNzr*=X=me7od9^lDVd
zWcaK|r4nhU;wwMkmDjI%qevWaNhMR9{i-~v0KBoi)5&VCNiYmpUK9Jhh7X^<&9uZ%
z58i28;KkvL`>Yo#@xvTAgy)~~D)Dl9(dch^l_Vy;?Jo`NdD`1g<$Ll_G?P3etX-&U
z2r~Pbm^r#DJIUPIgoV~-iA&xqUKf}!IQb|@`MdZscfmDaeDCu^Q;^z8yMk}ry~ePe
z4ls-1Sl|8DdXEqrsqX0w$IA>m59!`mi`8RrAs%g<>bUe7=wB}=S!tTA!`~>`YV}Dw
zBiHEl?P<_GIxF=`30n;8p<6C)W=S%!PhqdabNr{&I#J#c=nVf*q?23y9sM>xjoH{X
zqHj=ZHGQP%u0O#qBU6wIs64RmbZh)lGDFxs;{JyNgd%ZgbP{lMB3i~1?R<Y$86zR}
zX#0%r<fnXcMS{Cf7gptcH`7?f4y0c`t&SU+fh{y!C951s_n<H~KkpJb5a@uRE?Gw<
zKR^j}CiC}&{u3QpK5>AHxGz$sM?JfMdNzJo<<BOZcy@GazMBV@!S4?x9?K2`?y`@9
z?sVEl+Wouv6A&MbA9j`HvHb`0quzbA@|B`duc8_j?19U?)69o}bC%mgEy5S=W28om
ze-)+)`W9(@iVi}&A|0~)4F<losNP-!{khzX4%OKEtz~ngCn)jciA(1c2PpaL{T<_(
zd>%Yj;Bs*$dfItRsF!zOF>B6&!Y&qeLX1i|dp!#Wt<lc1fU)xQ=QDSw)%Qo>@<8;t
zj@#YtkIb_Rhx^&A3%BE45B^<kSl#|DgQ_Lng~I9up&sh@LV%EE#}){|`$s9I3B<eH
z1y#%K=}7Hl+E+`}0b-@ysi(spFkv@rv3S5~sf^IaV4qy|Bmw;C1m%X65~?VUz;)4_
zSl8#sbpy^<X?EA4sE?FU41zTI&6Y%*;%Myl{lX*ffrn+iNl!PyW;y!NI9oBH0*cIN
z*NCQT#MGu%l`uh?fyFODGe>-F-M%$9&+Xx2^P6!2!T6++FF`y~F2-SE8T2~#ehD5=
zILxb$8G{3R;HZwlgLXF8u9t~Wt9!LDHL4DU{Cvsjh%NSyBaA(dP-l)1;WbZvye~WT
zE8XeEbL(Z3d;9?6TU=l((ne1Bh*}Ph^65W?Ul|qvc(9(z)_f9CkzGr7ISN+e3EH;g
z2Rm9KSXv?&YxTB%;3W|Gu7a;7yg&G6*oa=Np)qdr&E8J9hi0?-h0R%Tk`nC`ZLPlQ
zzA^P<OcImj@CVM*%#muma=H?u`nID3(<MBQ;s_cbGxbC^b%e)>0UE4%-9a%?ODFWe
zIGf8pp4T+phy<@?1Egy1<XXnrJPs%lg;w&=eX2V-TV~0&Ven=f_#c|?+n!*bH&rN0
ziSiHe+8_lUKdwd2KVyQw%$1ZKG*@}YAx;l^Z?tPB;W$+rG=EyesvkB>q9u|^A-NI&
zRaVxf{bFNPq3y#L$XCfhoR77@dtA1_7eP=bxGoK5q}^LbAW;YxfMQka!y`1{We)TB
zthQgJ@Ol9aH`X?NcU)syihAv^<uoGhz{Z8=tG@%#_86Q;Tlu20iz4>OI&aUNmu|dA
zsd?$Z*V9ubVZD|l3{asG81WcL5C}bH2Qd?`Cy7WWpK?e=bBRv1-LS&E2Gf|Yc9Ou`
z?vlVK!3@nu%}^)o2oGXR-ONj>3hG?nUWUqSv2?cdG%*KC=_tKT`4Y~CRma{2)BYS5
zLF7S+<&Qw*g6g4Qei#d@y689q%HclW9!{i>Hm?9aexU*h<Ga<Y^d7K@iYwRjeO8E}
zY){wpFHyhu7M9M>zeb43_qR(A<R^5LgQIu5=d%zzHoeePKbodZvigI~>qRi639}A5
zlc>vg3#fEEd&O3++{D7Yjy;$yn+EG)j|NK#PO18|*;athSh~zE)ly0YLLNxpXkE5o
zzNQniu0)isQe#=TOJQ(zaOc$i@JsbF)%$yEQw+P=$fDcwHfppc#-tR5SSm5xnO!RX
zVhz+4zAc3-dl$2qL=Sg~%KG&=#M+Kw<c*&WX694r$;}p^4*mi%PD`z3Z0u6jv6wk*
z7)e!wqpAzOVj3`cW~~zg#dDao7ltv)rp|vP4M@CohCcld0ayKIYE0-TYfTWS`Q(c^
z8jLexw-<jb|0Hj<IW$9Rpue12#(}*9maf#S`H-_u%M%d%&G#O+8~<|XVsD4}a{XMB
zEW(MvbZrNzdp&@gWW^D)pbR@4`pFUV@6w`J+LW#W%be>S$L!W?9zxpvM1|D-SsCB3
zw?#6hJb1pU$DIeT>m`t2&~kdTy?w=pzy9oaylcDjcn30oaXiQDa-)wHDMij+TWhVn
z^xsCN(N27aZ}WYFel&TsVJc7(PKfax$hzy_c^BUDY2>9A-F76yQny(V(9_1BGy#wk
zSf0jNt55L=FYJ@|yg%#BiOdZXuRDA8?w^8r`Kt2iPKL^fxl_=a*54sM+JW6!Wm7?W
z6X{B~Pgav7e?U_wR*RmL#`nRnI-9^JwB8|n9qC#p^xd|q&@)KxZYMrZh1-1Q_X^Hf
z)9>VdVOEYM(9MYT0V2z?SQA#Ui7nsdntyV~`}r$rWVfN+aR3?*Mb8n3!66#{!}TRc
zoUG0L$==dRWEHaO*SO0a_#?-jTD*my%6G9G;+KbLkvpum;_}T6EnISrC3i*;m2EI}
zx?9IohvxXgAM=imzAJaOz@}YN`F^X~!2^(B@+>qWn|!gifj|C%d1<1SwA!^8+_UjW
zdvG)!X&%I~5qQJqQJ4JJXWV1UZ-(Ccdx5iReL%Y}6<x1&ZzScst5aN@6O@gp57RNt
z06Z%sGM{rHUz`QMOU*B)H;z)Ur^N`0yN1)jEbC0gdYEcCA^y&NXC$y{a@8qfBEP=E
zb9I)nW&8pD<;$u6Ce*fAQPr`?(8%y=-JXQpYY3;TFymqtL&Mto)_66YoM(ZikFXW;
z6W?BlF+*Mhi)HR}cqxkk>0xttUfq}jTjAO_;-76`;nyO+a6AG%@A5l36Q9Zd9aI(A
z^5w772T;Lqe7x2aMvn3@k&b>$9c>vfaS=H!5!;_&++a;9y2X(e{=XbrUL+aL>TUm|
z6W=5lio}<(x5i|dY0TudF89sOk@<lc_nVY(`Sd@oj<ZqP(_&|)sriVT#v*RNrRZz-
z;^!0QTQQ!JUV0S}q5-Y=FILq96vKZ2#qbG1G5kOJXf-4fW^p+HSgot=$XRnNZE$76
zG><GzS2#>q^eaF}BoyOtwq=!(srhs}hDMp6c0Z|WI}qI|^2<Ak^lC8fe5Fv8YCD9P
zK0#d7lEC%$e$(@wbNEz_zK55A0^8!@-K|kQ%Hyi>i)e69pVe+=TPtZ0kx%TDgX>}6
z^?L!e(%4v)Mp=lHT5Vg(XhG$O>r?np);Bo+ZQ^!l51F5S=^!J{u>!-dII7*uTVWqx
zeXnZ?5`Ux)9*#6(#mDWzJ2Wk1#`!nYVF||fj2=~HY^G~V)9;&?3q%Pg6Q18lOb*w2
z?QVITD!232xl|Q5sfrd$@F@WXgU~Pv9NVAW4{s>!){yS9{$T{OOFkxlT7ED5A!Sb*
zx=59cr!<J;s|fbz9&ZL?kyKII@L)A1fs}qS2QknauP%EP6>FADbaCMqkkOKKR%n^9
z`+U!x9d|fzgH`8X54wG_fwAG*?C5|54kop1e+`Di9QOk7eeiRGS(BehMjG8tvOl^<
z80T&kpXuoMy64)A?C{Y4^>55G6<a5F<+qjKr#6eE9Hw;`xV>8ay<YM`Zz5v>)Xma>
zUyT7M%j>`CUoGgZ2lyj}s!*E}T+A_Vrp{i&Q@v9{sJX)cFdu1{hC+y-EDc|ol@2i5
z)7{?=x-$FUKAb;xe}Hw+{$3zlc#QBso7}C_Wpj!Xrj>S;?43IAc73kH2MAcgkaLWE
zcBjKKKM22gS*+=v=d_r;x&+=81}nk#X7%JPEfrRpC{YFi@+f5+C5FUJdBuJTaWI2W
z@6P7`!fYa<3|6+Rz|dz9$U%`!h<7=%(;;~X$-Zhr_V<Xd;0&!LiA_H~=HJbz@_xW+
zq-c;HIV}nI!&g>o>@L&1tcn0XCk(#-T8D+CK#9+m16Tgb+HAQ6suEk(+C_b&+x*w3
z8PD#Kf|PR8hdRr)nc`(zSIhg7uZd6lNRX<2jt|MXvB&oi05WQnHFW%4*r_%a0R7h|
zM%l&0nP1%HMchh%ve1Ku0?@!75Gu2v=S%cV6gEQGMcQEr{7p5o<Csh$SSqY_q@}D+
zuwM7;uiwxQ(mx>q(0*mufO%3Fb^k+Ar&-tuZzzuPeaD3wER2<1mJO+wY<IL?E(hR5
z_Z*MVVR>@>i2oB!!+avVi12R8g08yaeH>LS7L@ygOAm(>hBbG3<u*B&?P6iirJnWT
z;Wa9SaA^5{<}I_k;MY{0zNPXM%Xh_&a|5eUxgTvZtfY2M3<r){#cMANvQ}B>DqvFA
zi0oCa&O=A#6MU`4@<d!X9qq{MxrTr$&cgID)iWKw7L4d_B2*QdsKmR}j?N<f{*V_x
zq}&Cf|3Dw5EhtrYnLzy+X%x}l&mC?VUERiklXzy6_UC)z{Uk%_9-PtSl)xWQw4=@m
zlC0-6wvNLi;KuR)AJWcjZkReGf;{Guv;(Hgh2H7djU`yX{PRvXBSx2w*bP2;0*B5K
zC}t)dw`>B-%KGTa(Q$CxeE3k=kFwxI084bQS@+&Ivy-ZLA!nv1l>nkPwPh>Jf~LjI
zqRQr{RjPRex-g84yy7#N)5@8D!ArFGef<+J&b*G!g;@;jk)ekJ(>pCMv>6xyT}nNa
z6Q1FOJ^-xWi3UvNwAQdfDw|}$d5$PH5G|!$^c93qv6GZX7sHr?&h&sY>db^)I#L`g
zn~}e@Z7Z|Ghn}6aAM3O>%ey{N*|af^VXUQ(P4{JB0s3m7e)W+ieQ6cRP-XGt0|;d;
zzS`E4k*(mBvqVrkNXyOK1rUc*wEn;|maEnB23uIktp~;;a|Pu=fY)a?N@M*i;hMv%
zo$vEmT8raNuIoME;$F(O#loRfvD%Nj^r%Es5rU}75!(kXDEFfwO$2YjKNvE-eTcX{
z!`(V5Ta-tvl<oA%6KX_VU3dP23{70q*|IL)jN}c${MJTK@!YclE1rU>=?fn4z4lSY
zdU_v`E4x#js(<n_?*^BD1RE*$+{^`3vv<@co`?aHBO5Lu&=PYauqrPa%`y_f>XE`I
znoIt1v%Z>1lC&<5v1hD1q@vWn4uSSlqIMFgj=7oRyI8z>JL=rAWxkFO3x`2}8=^XY
zBg)5a{A-Sd<lpX&G0h^fkw|3#do}K$9L3bcqNm1p9yn0@QUt^a>V5+@%nY{k?1AF(
zsG$}vBH~RO0nEG*ISmj5oU9HSzWqsxS0M7g5eQWUvSzTgVi(k0GU&05*4K}jn;-f?
zs0n{;(L>y|e5)aaJ0Uo({C`AUWmr{B*A|eHl9uj98flPj1ZnB+R5~`@E#2MS-QC^Y
zEg@asQNNex|GCbdnbr5b)(p@pU(2p_>tXQACbqd$PgO~Usi_k{**IDGl(f}-%33T*
zKpBo8(mmQy{;kII>mdo@tt-0`NBP6~)5*$h6<XL=ImM1}OY*obgAfm^W2C#Rq^W@d
z8b#}dr7s@Ph&0b#!cMCX4@YV?{p)bUSa+zDbJaz6h-vdhQ{^k&zg*QeCAd;(T3Zji
zpUoJJ;}=<t0~jBH7=+}U6X<|gAbdr~=m$F-8OOcEOhtz>^}srff0T|}f6?GwbFtV5
zeO@F+58T1dklRaJ{EGTyXc&?ATjk8uA8n}ma$@AL?<5fH!|44|EO?~uBt*v-+{F`k
z^|;5<ad?Mf6{jF?DMB!GgAK0_H|jZxiL87d8IX38=7Ly&<F7{^FGnc8L1Y9g%MUR`
z%OY&vSz?0vQ7?k#@KX2QkzXLc10K`ox|S2jVh~7@O*Q%MMmoeBNPsR5^-BNo(~QX|
zbgSZ$m+a1NkFi#ue#LT(xYc5s;*564+_GnpclsG*^p6M88)`Y;i8Bm2OLGyU)nl+r
z19p1L2Tu^kGMs`b>R%-rRYZSjt>p)?Q~^0ZI!RjKO-bk;?L?|?!aqrP1v9j(BU?3?
z<g!~&-|K0i@NM&Jm?TXW%Y^}UIi420xtfc|M~WZF`&e^qP0ToDZmB-_>>hqi(T3M|
z{z-K!(FJ@3PMaTot8Bt>S*}c+(VR?`t5jI^L|R+{U#eO*_N%TC%Xb3jQ(Q&<uB62c
z=|WXWi?amoGC;~)C(^&kAHq{W*@YdjP+tnQY3HbYGioQ?Qn-%VP&iDCqNF21ncOt$
zxGk_}r!G>FfDmBQjujJIAH6j>NEurE4I+6f7|h5FX-es&pKWOos~Fq9(($dpuhHjW
z01z<!UZj|%*t4>5ZL?xPSyDaLF*>)8Vyk24LVK^wg8tHEBEhTbOjdj5bh+R)xiqJ~
z)wbI=6?6zCKz-gg$I0aKE?KFT2i;Yi+&(X6;+!^m`;fZTC{@1(kF>3)3pJ8v!n=?k
zg`HFKz?yp*^;>LV?qcggJRY2kY#)XfC$KH&g-MRA!{6(Xp4tT|`PD!iquWMKsh?x)
z0|f~243y-cD+!tGuP}aV=gP=$aiX(W!45uMYrohLxU@tze@J-Zsq$k7%AI=Kttuxe
zudC7A$ck;GA}Xh&htG%uY4XVM#hUdYgJzM9CRLk2&#f*dP3@duQwJ&3!0o(l15mSA
zyWho2Gf*^R6l`d@yJbch*ixxJF{F6(<-!OJGs+-U29P&1xJN-(Xwz{dPIYEMCO}8n
z(g#yV`99`o<tC)X__BSW-p&dCK9FDCor4>vBx0hUgdK;gHB6@F5??DVO1m&Ss+**x
z3I+$En>ez~bV^}=D_wr7OyT_$3495iOKExPO>(`pJEvvtlG9qMrx+eixf1UCqmv0w
zG%9PCbGCz8L*`ngYIGMAKwTd6m0#|T&J&EjzdC^vHoh7|Te1x?d+qxUPXalNJ7g;3
z_X5)dsMw5Yx0;_NW6^x~Na&4{Vg7TN(CNq>=RHE@HU1{hz&gy^rNyUTc5m3DO>u5~
zAguGgf`sUNa4db7CULK<=I|(RRJy^%sP;)FyBC9)RZkf0VvSOK@`KVrbCkaLXK_5V
z9#{Nn1HWmc02^ZTSGA*6Bl)@&9H;<NyVw($?8U_a-4thxmC^P)DXinFBpWls!iCyf
zb3kuZ$JZ-O&2K%CG0bccid$#$w3(bU)i+9g?O^Ta+#|h9-d41sc?OFaU+~ZP8U0ZU
z+{t_eAB@&Mtz$VBq#>t-`-FuH8wu3^zO0qSvK34v{pZWSU`!Slcghi=p=dF-*Xi0<
z(+qWmp>BN_VqXMKy9Y3z0k1Yr4%kyj-j)=NF?ZbuuX6(0mpzN;gD3x;;~5B=1Eu6I
zyL8$^r-`;DCEITGJ8`OS7zbRuBz7PCUR353Nh&{FyrkKP+9uC54{)HD5#-?Od$=(l
zSwZHWd3%eFcZleQzidf^UQ>vS2x}*>u&`A-x($j=F=Y(0lk6GL0>l?9V*;@h$oni8
zZ1=%*SZ0LWE;j0ze|yBzTXsS;>iyhz#AwlfXG$xy<6vu*Fwv5Lt2V^7%m5C@lf97G
zf`e#=m~**w4ncoKi4Yj)!wb7bORB1o=Tn(2QTU#^g3R!jUsvL*Vs5Xns4%yFn618M
zI9b7Ul2!wC+i$Hr*EzE#Th_SQpstRjSpL;KGgtqq5(%a|EVvcyI1@PxJ24^gD27y{
zY_Wsnx3rRtL8QB;5R5W)nUg4Sw(8%oax&7ySsGaz;w@{g84iq6ZQQcbDr%;bMCyAI
zN~G}T*S~&G6#Zxw=Kt{XJEwHPezE2dEL!ppUZD6UDsVDRt$y;8T4Xwbl6v<Q;^Px#
zGdg>Hkfl*&|II=1$ORscENjXUz0s$&4QZs|xod9gOX+1#$v^R$BeCpoUb|I-DgKu%
zQ}RK;PnN>X#Bti)pXs!@%dS%ajwX1y#9ij5bmY<N?PRafDxnNYog5P)ZWh4L9hr-4
zsIF0q|K8wWM)(ez1qT-KVxg2%hxC+`;IATvzNNTBN#2&EB_)vV%!be85HBkC2~r~)
z0RQ%r5UwyYTl}kEK;$|p!Ry~+1&UmdVg7WT#m^1xj@+)Q;llg&tFEsnk(ZQYg)Ka!
z;Dfv;cQGE`Cl7$D&1w-3U{++(INa+wd7!Jdcqa~a0~!*Ks|UuZKEs%W<2)~__aCfL
z%2#pXWc*quvHFw@Rm}sU-R=6o{`y<fYF^7~_WU@N&n-+;l)*uX3e}@x@!j|XgOucU
zyLkz5hTnNPKH+>sJk0o?v?3==(=}}w^Nj$ILp8?Z=TU3g7$~ZmY$eY3kww0~Xe8b5
zl3$WltREtph(TeKbEgRA^M53i{_v|LnnT2*f>F1eJ=(|x92M#aaVKNzPv)k5j+P0F
z*iMG=Cd@a)KiOSM0>k(5qgr=1<)#-J>s4l^#L-)EyyW#axc?nfF%-~Fh6!N}Iwyo#
zWRI#^wJsYDi{9%l`i8_Z)|LBUp^Z1*5O6D10RCKrBEPHQ#K)vjZ9~`>TH(fw(`~|}
zmT$|;t+UDjqs-&URuK5tQd@_#ac|;F!{7TrN8m$|*A(L!#UVQx5z@?=^SBob70@5C
zYw=pDMq1K$A+qf5zXK|`14+QlALh{`P)Ec0_}q88Djslo@V9Sk^pvvpMQ~3!c1}07
zM&+Vo6<`;3-lf@)2GDdl@h@5Fb;dMYdV#D{!qyIyOvJA@YwK=6X3<`@a3mx3PjbK>
zq1dB0@C83ch_D3h8R)Klld{%)|LUdG6MEsuF)slx(B3r?Na&5tjM5apuNl@N<6c*3
z{OA-}*5Uh`kS>b(EWw0LlVN0skzW>vY(>1)>=fIth|s5n5l>cFSPnM9o)dEoBe8om
za(xo)uW{-j)2g88gDjdox+v3n3OVPF=1=IJT^_z5)0X+*19Nt&S{JdI4sf|iG{KVr
zKUifRZWQej>)H}pEc8p-tKv>$^6fM__^}z;>X)jx*lD{6@leq!40I1I@okhBg%noM
zw<6@796JVU&ada~MP1b_%=1`m8LD&Gcjn?8CmvYXp7O7M8u8<fgjM;q#fnbh+Ud7P
zBqP!lm`Zl2=74ZTDHi1kz;aL0oFSZ==k%r+*@O`B;q+H|{n}maMi;*>Sh7j=lQsEc
zGS^hV-$2agj~vN&6*VxX`lhQv*+nyQnpBJ?Kkq{arx41|a^0M`iOhE&DjfqL{9eyu
zdyl1^q2U8V^;LOvLrXi|aOx;BV|C3>s0K`(`fS!&Abc|R0Xx_)tBv^@K?zB?x1P>t
zE*#u}8K%l+<41-?F>3FQ3})tE4X<yd(U^||wV#T!g|IwuHSUz5#&2r)Z+luEq;O-n
z)>(ydP2$6y`+D%+mLoTbTjw)WeD;+MWlVX9put6aa?t^olNM1yJG0KC-C#*uShUH1
z9|OFmX&T<|eg<a<s39qtIds3XIN5&pWZai1io1OJt4Z4<cEmCZ5$?BvpYtXDj&ihQ
zV0h+P^KdszM?WU=`w7#JdQc5$4Se{<S{m)^^24j(6zAqQLF6!E%lzDblKKYDU^o??
zgohd*VZu&mI_cKc%U`G$Et;3WhZ5(;)p3g+ymxorz|P!7Ia!8!<7pL)H3j1t_AY6~
zA#6OiFXXtqkuxkV9jVTSoWS0)yn?ENuuekzf<RSXI~eHV^Z%v8XxQm->hSvu&gIVU
zM1{sCEw4{>F8Az3C9mgzCH_xSPb3d@FYY9>)AdE~xe$$bGnN1cg(@N_E9&@P+;%U^
zT_L_pu2a{l{J-y_TiZ<zHTA#6sE+D4nqEWZ@{Zu}M$Rh<Um|>kM;5dGK{kmyGK>$I
zw`M+uazlA~hQpZ*N*Z{Aa;}0qk%R>*GyEOpoKWoY$j5XfDHl@M$*rj)eP}PlmBv5g
zN=lLJc4Y`v?X?4uT(8Ujja%TioP$Z?P>XM#x`jo;;Ebr&gv3ockKbKOO6!YDpl~YC
zpXzFkSiMA<?$S|~s3b}KDe+75<nYtGMxHZwA@zzFm*^e8lsppog?^~J937I+Uu!n?
zr~3z*Ki!9Hd_;2fJ26S;C9$J89p3;Y%KOabK*@<*0Qc;VK`GK)vWKIo-`Nk{+Rl@B
zWQ0jqUH97d_=m9wqk5EB<pHPFOa(ugwyL6?M=2;ZyH~_Mo4hyRwLhfl@#K5mf-OGw
zS)3;PBS-?ANTS<gv!_O!5K;uQ=RQU6+g)Dj#(r4=ax>qn(W-S(z#U6@%YX<;>`csr
zCb#AuDh%wNL^Dj_vsRMfZ0Sa!no=dkEYpaj57j8<q9w94T72V{@4hw2-(A75YsPOn
z>X>%GNn*@apP8XRfdOgCaw5h;%qR-0+-D2i+P)3yLP1-;uZE}}g{>K{8G^a!T%MRs
zqHSzZw>#0ez5odGGIX70Q2I#;*K94QR_GPef=|YUpeiV5HL5(pwUpsyv@G^~z+WI3
z<X@hmpw<lr-zB8Jb!2uan}^696_LFDEQE(Z%4bkjdh_)dx4qOyhu79l!jdxv3cZk_
zaL|P5)G_IWnua}zK;@S+WhGDKW_<QZQ+F1!g9HlRr~n{d+6tXVDxVxBWf83}H#I2v
z?(4%wvX8qQ>Y*Z4K^G@2R<K?f%P*O1cCtVTN%cV+6N6}xR?#fdsbDH`kg=|9^@}eq
zuEcBftt&p04p{~|fqzym=b5ioaY~TCEt`wOx=>6s@}?a@w-7x-U`umvPJE)bY*}tb
zBGb)b#{o=Q%%&w)CdB?)>9+&OyLTUH;*iX2;_H)`&>nHfns}0F{q*{n8m^(panA5+
z=~aWoYz&!e7?T(;_bTEd2xat8COJt}qnxs3st7aDcaTG!kePcDr2o?i0_>^;&0%xU
z$u}a2noiBilqgI1t(WhP^5a(lN3jH=zEp%F>uq&ShGX6-$O_~5K1H7J`Q?n9(GNfR
z%1pJ1pw~ruv~#=%6(f}I@AJ8{;Hfs66h{_{s!S1Bky1;ABJ-YF7tGhYDswMs?tsl7
zzm;Y(K9Cu?eVpZYFms=BQB2l-Oej)qwQ4QDI15BVR()!p5L?3Z_%)vkoEnq<O|mo=
zZt@ub@z`B7Xa;#W4=g5nF&=v22q;e<{2bEDsEAt|3@E!40gSg*TAg50ubaD&#P&$g
zgx3abPGQ}p_sy{7fYSEk0Zi}W4xzSgU6*=O247?`L3R}W5%jlb_hq6AXhhR*eSW?8
zr^)0Xj{!ufBV4<X8*nF>V_F43n-^Ab$izNYx<#N-h{?n8A9kUT(`xtXf-&oZd6G#H
z&oVUicbjjs^9Q}^f=DTH_Ce3vf)ePYNG{^+S$i`J5gp3l1%F(@p*XVISZ<&Ba#d!R
z8*hM>t9En5ZS2~mL2xq7Z$2=tfqfSsnq`Fi$=b9sso}DQYglIaTu-&prs;sroCMvt
zw>vH17FYTn4s|E@6!gfeWrZFZ*%{TBxvArHWof=L8^kK=`YikP;q52TBMmUzOIo>V
z@=T@A`ONrl@^OFZyD>ihGE!V&dXU7ut#%thMGoUS3;Y{N{R1J=s1RLqF@SaE_=oAT
z;KaA${VOP;rUKsV#0E-E)4`I55B;`uh_0^*ex%x@$JlS(^{H8JJDF`5*TqF5N$M3-
zP}%JtBWgK#WC0sr!)-wRZX#%FvkIyg!OjEhi2Vs`<Wux!bDmwkG3{oUOXgpUuNq~!
z+PaacW;`ZC3xEt9BXPza_wkWa{Fzy*x9KF_9<_+XY)DS<HMvyie-InV)a3r)Z{5bp
zS?`n3Uogsxi{}JsDmdDXJSSlGRHGhz0U-uEB8jBY=5aNpF7rBYIPV{0nhdHO(g4T4
z5}6lkt%8asu^ZFmV|Uqe3zdP($E|TU8A;1cpsmU>PjOAp_bJ8-q#<^{jR#gl^l-zk
zr8Gn7&nU+_m+4kpM3P~`JQrJI0x_$(po9J%AiXUZG$&(LLtfW#rH^G=;ikb92JR!S
zgx|-wbSY!GQSnXwL9%CRaubX*U?d^VSrJzlOh9{mo#Hk5<zPg3l%fZq_&|u+biHeD
z&j{kMvp6^B-g7=Tc)~(nXhD1}9o48BfhtkOxjYp|1$(2Oe~q8bJAzIKgfoIK%qmwv
zgg9+u;qs(%5FDbCDp|SCH4^)@Ns|d~pS3^d#GeRrh<_I1C&9Fk2U(V_v#V%_6$Kx}
z=GTfDF?@s4slqeX2^5cZ&L?xQ_MA(++En$JR2NNE@VSH<Qtj;%C=Oy5)U05yLoEt8
z%X4f&RYeAhEKPZB_+gJ(h*wrFVeF$a2f#DWdY9OaZ0udFJZ-dc)E<v4XjL!2XDH-_
z=wg@P2!*#d72Y#)oGmy@&Mz$@h>5`$A`6_aD+b`~r$0%Ex)k_>gUu)n>of`&>Q;DI
zCV`lzqJ^K_+DkLBD^-2D$LvZ8iArc)IXIDv-VgQAcF8*`B}jO-B12O|^#ys_*ZN&$
z!1{oB8$9>qz_P0R-_o#=2?S)uPz|gP`c2-k2J7SZXeLL^4-rBut)pT)5m6Ooo)rQ4
z!-M^<y}VsIUtafbYk+;6paJjl$6+#w&QHyr&MB$>F5|*?u3Qiegp-8u_Z9Z2^SSFN
zxIK)fg+m!N?<Oy)W<fZ6Z^2a#r^;vE?W31jem#}Vyq(p!B(EaA^UQC3#B^e|r%z)k
z6>qaOoqwV#{h^NQQ&1T22VmN&t#+Sa*>&i(-wqs87`@i$mwU7<#FW-&N>&@8T{cy5
zB6g!Kcub69*sMyR%|(ZuvQC|)_5597_{-~i(QAm^)?l$@ZHiZ`xzfI(3tKLHYGkOO
zBwBdDb0A=Nv%#G><v2|>OF)@613$F?C{?GZHko1zNSx)SwcIDTXP2!Fx7!@ln9<Da
zlEgfV2FqU`t9*_I2b;D0_zX;$_e|$G=soZ=$#grcPv@P8r^_b~r`!wu#Ve0)@pC}^
z?KIOB(f+&b)m0btmpJU-6IJ7<vWKw7G(_YgB6_|H6h%ih#4@iQvsv$=y_P}1qhD{b
zAtrNPEq<|kS0qPG4VN$(fs+*2?#HPeQ;z59j+^UxZ{t=)f9d^a8M=@&0^N>K84f>X
zYUQgKo%8GKxuqLj8%GH9#rKfFByQK?-kh66>OqQv6HFVQ_|l<XSqK~SmUlyTe?%7_
zt$lQpF}#f^`>Lr+J8DJ<*IE$p58?aGb7T{a^%MGzti9v$*Jy%1`*xx#p>i3`h%|Bk
zHgY8;p@~v#_O!(Jq$hO5hW~tG+a%%Kv2Op&toMu-hd^nq{Vz}-=FyZ@d$LJ9<n5BD
zh1wH+uWF?2TPs80h24dI$(mmFI{_FH^hHKTLW;Yp2%y%T!Tb)EEMIEK*A}Pj`T6{c
z{fe?U;&*&N#d?@+<vqgV(-scC1(xNF3?47W5W7FrMZ9@qg68{2$ig5=q?WzjDqcJ`
zUQx~LxHUE=xT?qgyPwnGJh!ecw5gQGPDDr3SYeZkt%g6CxxZ7G{BsH{ZP4N_sji=$
zg=>M9JhkVV{neiZYcv~e%4a$B-(%Pvl2q%}+KQrO-iaBYD5(ksQPPTMDoU_5NhCMD
zvK}PL1vYgHJ<BB}&_zW*-dcS;85Wn8IoCuK1xss87Rj603@Vsequ40bhkT1A86)~E
z@+;UAp=qH@M<5bRJeAf%5JJPp9vEyiyl{&7t)5;utdVt6wK@{m!|3*&BKFJ2SQFKi
z?mOQgyx-A*E(Zk;8ZyG}-(70Fo_dq{$+`}7moV9o?;Eyy{+8fZx|r)dn^r42ZyNVD
zaDaVi;#4}o0DmJIh6GO%GC^V39ahwr8IBs)4suzX6eY(;QLK_hw|fqFSD*BR680|Z
z6&cZ*l-)SiRhS2fl%Auqv(|paIVv$~KrFy*3Q6VW4dXDfVcUeDQyIpfXw`U?tdZbd
z6S6%Vmp?=2_cR$7t0(fAHws@5*5j(Yn&N5LPo|G&GlMq0`}evVm#dAGm#Pk{3qQr%
z6K^1oZY<(&06s=Gd)EJ8bJbK;t5mK~7Z|Ou#|)m(t?YegVA*nJIWkq{EcT3j-+Ih(
zyV{eb{tUUX1csK*d>{33&%Ooqg#!2@<Zkk1+jAlokYo_FD1(!*pVP#Cy9*!2cNN~Z
zol4tpJ*{X)MuhwI-4i>Bs_Y!;Okqvp3Tha97Vx@nm&pjwzV-j?n}>tAtJXe^=t+=+
zv5VHE?K)ejvGF)^)3<LLCp<M*>f2;qP#D`IX=KQ+F$C;7rf1KTyD-0qs#-cil!jew
zMzH+*MU1ES6!Dqx&~X+>=ABp#KZpJyB_iw%$s60YhD33w?1Tt?S%4lpKHe-<-C2N=
zP;$hn3{B!kTnZ3v`#;>jlhu}^DPFzy>g=wXTBp`p^vA-iOtdpi2a0r{rf;OW9ZdQU
z2$XA_=3fcij}Uz@-vpI@{@j6+Ef8RCe<b?aYyXqMzHT+Gk#--`xiOvdvu}2!r&X8k
z2D_rUi}tN)2*9Nfg80V=LjdFou64Z21aQde0eSW#1Vlb4n|%Ex{d2QHVglK_e8s9R
zBUya*PoL+Oj*|Lbde)@2_voT;eX%Uo^PWFR^Y(zF^l6+ceVw8u*BN;6S2B?xE^#bc
z$Xh35e2w{cXb7aEbWnj7JSsAR+<I>e;{aWgyx1IJ8;%NXVxzYg5xQ1w3eh>J@7E3}
zCx0jQGwTH@6T=%P6>Y#u#<wYW+y|n3mD)*ePFw-6zfI_Sw=9*W>A>&HiDZH+*W#y+
zNX!~S+hHd!7ultMoi(VFx$!0dsdK<!2{ko<X?eonFQCMk@hdXCR_zP&^FGZIU@q2H
z-3eM?$ilC6kKeLP)_kkUN@QtBio*R*VFa^2y#`{t$TT#uLI&H+Rcjq!Ca+=gjBDcY
ztyotZ{Uz5melGP5_uf5uot{NrjO*GDEDQ-AK~`MR#10*@duY7PN!y?5ZWjuzyBMFE
zYo*o*<zq~QN>X*2&VeBK@mX()rZ2W&7`3|(I%h{`;U02>m#BkN7W!ol>YmhmE(sWx
zB(pYZ6`9;BC35~X(qV?b*MErWx#i|(A%9%KMc@Uo1<SahHCMscsrERHWKTw7OHUYL
zJ@!ev;>X)<)>Q><=im8QqDK8w?R!4Kn2-M)zZBrj(*+x-)&+3L`La1b-4dz4f*69S
zyZ&@JNhLfgO46y!;8hfr)h=xZ@-m9watnCvKJt)F#YIN+)6`&IF>+C#)uSuA%*>7s
z;Qcnjm2vw01-&<WYQjiZ7whIAsO~*7hFOj6DpJIG)L^D&9$wKCJUErbX)fOAH>*2V
z;V7PNU@ASj>MB9n5!+}Gi(pJZyfk&!<?Cqlm~+~*_FH^g$@I!a&&W-cl?v}p&(F5m
zm=FHi7n~S}91=_f@dRJL5{#zLMaza`WE-lY3(s)VLg+a|&s0ntrB5^eKRsTyWv03J
z^>AU)+kkA3gM`5aPqInNp!5SOOIFEr0KkKzZ==Xb;s%iqSuKED8X+e>hot*NnP-m2
z)k_uZSK1qHJ1Akx>dwMtL7!kgBJggki`W1;H~=#m5*BWaqB_hCWg<GpPIb)tjZ;@v
zHUr)N2;qfq=?jZF*&vqb06lCEzTMn(?2Rw7{Lixcjv%k<B521c%Y`#3;AiYoi6l9d
zU~KDcO*Y3jLg@Q$xha?0c}A}ZX@rrfm?iX&8Yieb_A%S0X=^{1@KQ<E<;GLnytS^M
zg-w<t_0M2oZ(tPBBGSDS$I>Ol6B#5n+i9Y*Gm$@ru#_Io@1x3MWBy|(BEP_}rdd;k
znw@mqKig&5l$@*rGyq#4g;)(#Q)s6|jSsADLm}6YtDjE(ci$3;+HtaCjF#~dSB*>P
zO1~G*;yav&`PPJwwU1s$E%P_#g)LGRU!3wDK&+q&<c0=MvS--^T8GVd?fcmRcNHfV
zkqxIr0q63dFXo?!wdbo!W8s!nm(VU`!CmbXF8W-3PN-s*34s>rxC5E^acn6uch{CQ
z4K{(s=bMoY`jf`{o2D+U(mVB}aGyo|poPnf<B}`Mlrz`SvyXoiUY$oPK$M(vpEGK-
zOgxx4*G?&l_DT{ZwnlU^olb1sh_!?!yn^zR3lZ9np4Tdh9?e8^|Lge7qW273gJ<ci
zy*!ZT&FKm^E(h~DyX$>Xc*{T<ttLL17Yb+RwdnI34Afc#wmXZoidcWDrYzF&Y4S3$
zEluL<HvHl_OB|Esv+b4!zMHMPkm1!X*BzOAl&OfO<0!)-Q60r2!R|bg(PC=eKd4+N
zZ)Yfej+iJY4IgSq`)ug))&KH+rG!y74B!>?Ru%mL`Kpul6TYJo9?qZN{eMdVmRm8_
zQw~}|4Rp~&lN_kBp4~27X}Zo;qoOscV~W7TwP|g5nl}no%rhFDMRCbOrSouTt=YoJ
zI!BV8h&e_3s9}Me!v#{DV9-PAX;m`|c$K;jj9jG`gLUc=mr-#eqO$hDchVH3wo+pa
zM>`?#-VbTvLPQxR36VkQ1$z|5lp{?Ug?d@?pBJS6ANY|Wnn>=<InD(wN#0tI4WvTB
z!(xxZ3j`vkI<^()ghtpYtXg&fdm?MhzRAKUPoB*Erk9%s{YD>f`hP2w9IVtLTWvjc
zE9hNc?(Yw$dWHjDmujKQ%@Gxk8A~hdd{R$`yLDq_Js5PqqSkzmrPL^#vXktl?6qN;
zXcMR;3`!K83IIb2iQgG;<}&q3h~;OD!-ZR#v;#j>^&Q2gPs-0q=e%Uigo!oqS@4Kd
z>pp~s1b$L}44g4LSEv!>KAWe)-So`UDtGIvG52G}?JfZ_lMAo<7&nwsI22v~^uIJJ
zN*+<w-TOw-H<hlAf51H;Pt=z-acR+WIWJm_4Jl7t+r>8iR0SuzF(3JZcbbqgi<;WB
zQ^VwQr?X~cX3#Eas>@{~wd#Q$9h$G6&1)R@%}s=BK?|$7)?Vqi^VTald46da4X!K!
zW*>Uyl_th#sM5`gqSRA5nHOgFCh);AIp171E>-#4(PS3!&tKWO)hiFRKblcIoSFfu
zXTHScBnOY~g)Buyv?T!q47?;Xog5hnV`A&d!Wi9hKHH1RcsM-JLGAworg0N?Ip~D7
zPk5xVj4j_5*J!Ms9~7&#Mq~p=39v6GaatEgYN|Ve^!w+Y`18v5EH1x^6wzX90I7PO
z(6Psh@Mrr=J!M4XckaWdJ(de#+RWV!=~9JPsT9QTjL6ad`t8vz7lr~iOHB5Unl@};
zsxWAo-}d(|#75d;%YIZbf)_qnBsP0N%K8en>Y(?MhQ`w~-*ysd0mSdp9E81xHNhYi
zUQcVB#t}RHPy;?6RDt%Oj(zZ)pjTNcA)<D?Ik2A%IBXw*IF8RJr9#)d`Vjj~NB6gE
z`}v|JifwH>XV#M^o)bDbRprNU{x?PnCh*&Kb{B%XRar|5T@}s#1_Y}wt-E~LN>KDG
z*$1=>rD6cVBa4*K@+TZQjs_~MkbPuR?4g=$`Mkndvow+9LPGzs2%#zjG|Sbsf%U*I
z5BT=3<agiavSW|h-3~vTwEu8fUh80h+@Dm$+`rivB=I%Uafb?Z)W5*8LMU1&ab7&D
z@@%q%PEw9wixxH05YXc#*g;4abV@#uBZb{9jsF6e&NYdoMs0@us^|DjZCJ&I|C|i9
zI)5$M)l#vCc>0%knZQ~4rd6)Dmh#;X$wx?B?Vd1hLcf(c>x&Yb+1Y^LK)IAi6?Hr&
z*?Ca(gFXgEc79P}ch9n9CE-UV!&Qb$YZc7ba?`aE>c|<hs}WRf@-86H*3<y<LTySp
zLaCg`p>^N_fD1I&)MmQAR#gnY2$o9Mx4QNA-=-xV)0J}4$_*1`FFSU7dEXAkgbZn}
zOY|3shUFXBFLj#-*XHmIOdY7d(*Mvrq3_i5p7Jzkr<qVC@o0Tcudy$4!DsDkY;#<&
z#xyPv;d8DOyxEp|a6YZ3=S&4a-f?B>Cflto&ZV<pHA8=X>}HCx<Y%<wWj>(}-d(ns
zu}G$_roT=EnT~Ay3aZT2f5oTEWWMGv-NLz9Z(kNy5cIh^Fo_t3!fg%R-a0Nn$T`yK
zR4x~!$M2Ao>(Mp!?T`v<njcIk;Y&4y+lQBg??;%w5gnX>&zEUAv5O(!B-vQmw@3E!
zUGig}d>8Q0mI~3ot5#|ZiI`r~vWtU~Wz^IjJTj5LT`5L)sZ`-#7B27`)QGrx3Heup
zWAnI^wXSI&nGlHOLSjF&enT163)csW)=Rg82_$?&&ftQcto2_9N?GRl&}z?PWeGH}
zw7SkLqHRwTYoFHbic%YoWc&%rGUMzL1xF$4ZNg#*x@+VGVy{r*7dOZw3G#YuU6EZb
zN4`ey47l=T+{U1jhOWVXoWz?kpBRGqq}WrR4J#b{Y|RJpb*EGli@iMeYI5dU!oG+Y
zSn57hO1v)u?<B>=(NV;PvZE4`fRPWPVgHpIA*|c;O&>UFue4K|*opgU?aTSDZbmVH
zraMxt?%cTY<q{OT(DbvZ>wbI_7uKdN`bP;`xBfGJjBp>ehV=)+XDvygTeNop7I&8X
zSf9=nw~12P7amfU+VZ`|Lxp{4BD5|nrbeV1t%ahSxUC)LuYivt<9nL(UA5S4l7VnR
ztocvp=>o*h<USdn4HkLPBH0Q<1t#G(WpmgyoxWj|O>;;|!Z3reJF)ASKOj<oV>onv
z!26Rmo*sJrZnZ_yH2Cx)QFq@4`!O+#(LxGfCbu%=k89YY9?ZTF$MTV_?J*)PX$gWR
zqotG=IjR)$0#I-@{*#MUZU#s$`yja#v3(bcvpC76?5$Cn(=PY7|JHWm6{(!|?0)Hd
z9NL}ugXVA#R^O&ESVD2Z+k3PsE#r84druV8jC1e%y}GDG8is;4?al9j$uden^zOao
zCvRwL?VZ@QaSew}LAO@#x6}Pbv8QFX0O2WTULE?<a!cP*vW#~K>hHkcsCm)snP87>
zZ4t|M(I($}5kJ@@v1eL5R7llJJBZ-?-LK`PmuqLP6TW`lsl4L_(wkDDL+MM!ukTz=
zCA5^7Gu!Nb{;Wygyo^%xRqpd)qP$4DgA|9OC!$J&n4M@o+k9tJ$xa;x!tjBAgpQ1o
zU{6c1oDGQ3p*RW%T3S5V*enQxs9a~h)>~(%tm6_6`~{^M@a0$m8)yG%`dG2)G<mH+
zMw(zg)VqPML5U>F%;tO^UkB6b8hE)sy?p6%qp824;V7D>;rOwXyEcpTgpx40TiQ9(
zxFvbDQ`KR6S8mJ6?X?S#1~!H7R&kxO1Yc#KZynhyXH;^!3UJ)+zSE#N>KrH?&M$1`
zZRwqB(5?`MJDA)r<~WXgZYsoD!Aip-^(T-%Jg9B9+7?Q7dE3pn)!upn{b?h9#nbIy
zrMLSF?3kv{6`&Og>$abJT%|urbDWCvy2nR6bonHk7Q4d@eAMeS#)xD<<cV@J5H{r;
zQ;B|CO&wB0rO+o52f9fo|6dcKdL`7M3#Rw|EIzqvg^~K&am2@y?XSsDDCP>%DV{U$
zN{fQ)FqQ!^(&G7mpVnxQqCX}HQpc?{QmDF*ZPJ(Rac(n{xW0t_t+b2UJSh08oS%cX
z*DzGke!-L!@|dZKl_Ay`Yr3=abv4+I#UY7;5di<+SQOb~rrzMdsBC%Ef$hU#yHjgF
z<^Ka+L?~v0hONB63C3VbS*W&Z`$v|j8e3i3NNl*^R&7$p$2C0ce{G#RT5m#=;F|L1
z9wRW=zNa46N?luIv^C)ZSf0e7%baN>CP@=f^FKpE<`>cmtnRZvh5n;<01(f2T{5w@
z+Vi^(WDjm!7i%DRk6_L=;hqv{4ff(ZQexBQks9;-9&xaM<$fUiO6Mb=yA1MzIlfcF
zmU-QYyEUqVXwzTB&2)1O_2fB~-U0UlUjnM1i&j{X1KeOojQtCB6r{UQ`tVQi_L1Ij
z!PQqR*Z2`=g>rhp6kG+7(Y-Gr$R9%2W>0tPee=~$xhxtXs<?&xyTcxyxA!Y#;j(e;
z^J1m7%QTX1wFd0W8ou|mg85M*g$&NRsR_!re7K{quU|MZ<SXszT`IYtG^?3{O44}%
z5jV16+%YP8u~|DP$LO|tmY@2d+Xr^AIT?Ne<MIIAL=aY=FGA;jn%|h+dYXASuGaUn
z6%(Vs*g7Yrn%M*Xw=u-Ym9S~ENTJ`yU-GVW8f5AWPb8OP8r{5`uqF1`-ZRs`Q~eCf
zz)$*Ho*>o_>wK>wFR1IoN=*3W*y~oeOIe;5+TwxQYlepVvyh{tl$cQWQ%OMkc|Jw<
zP#H%joWE2C5kppu8p+wX2h$KP!0LAFM8X2e#)zyFM@2A3QLEaA|6)E#y>q8cfs$ky
z?{d8CvX!U&DChHAO`9^k;(!Lvl3Gv;kt_Mt;<3E7(89GoxoZ$tX2@UgH|>Jwy#Ys!
z2~kD03^|{fY1ZlRHXSWDU>h^()L!XBD*g_ALjZrp(MBMB6)xI^s%k!YXS~lz{}l+a
z#l#Lj)*2=Ob$i-lhOt+cq#Q&aP93u;!H<?*mu5@OWqcyqHmu<GHaHB7g>ERO`jm_l
zAm7S!zQ)Z~Sj(tS@jO^ogqRTswVW`}7_A{qU124C6$nHv&oQY#O3;O0;IEY|X(;Po
z!hZTT&G=ZE6mFxeT*(s)zS1{gu+)`u#(uib^p`~C8D*Z>aj9Ln+Si?lKDjz6b7}=$
zfyB2;$M<ycJVifua?c5)%NJZ}jNjJ4$8A204`uYz4K69!i6u;hodR-bmoy~EL*EW1
zf>T=&kjqoVx)uBERrOzA>$VQdCy=P5L83a*!5z?7<AM?MGn#KY(;p*=T4>4zEAr7h
z>BNIS#0Wv^zR}K%9Xn3`ay-EI(foioTK=~{&u^$}HUFiO0HpQ>gQb%%w{ILAvHtpV
z-gOuKZ}>uZ_X$q;D5b()2vq=AJC@N}CwtM;d+^{w(qhMbes6YiVO2T4z}@m(Q+sIk
zt&mp|_Vlw}@>4L@pC;$i_DJj6nx+GZoMiNB|7{GF`H4M_sbmpMdt9|FK}KPc!4BMc
zyr0WSL{5E43rINaaU-zYLYS`oN4hNpBbnMdee28b{k^t;o?2-34cX;$-G9C`8t!Z}
zc+$4n*x>D6q#Im#vArow@qSdf6myiJ0e`d8S7A?r4zJRM%XMz1SHRB+KUDOZemAm&
zN6H0X6dQzHroi!88XYRz#<oL~6WV^OJURSS)0dIrU@40K3C62!c%H3cCaWZ|IRW^n
z(>n?O#SH?R9MuHo^KqIeZ!&nS#I;*kcS5ux8D&MUt@aYvpug*KP`;Qs&5(6o8=T5k
z%Tib3cQy;AhSJ<3%RDc#p<-xgCyOzsPW}e(=6?{Z>>BF!Qyd3n^3K&qTB~jVLpC?*
zbBZNOZmK8~-<jB<Tw$1B0v;MLdhuVX={>2U`Jx*ON;OZ=_WtB+a<TR=d$)5hqG7-t
zJDnLQ7g<i@q6_|OP&YR`HmWSBeryziC4RT@3f#P(9=LF$uRf;JN_qvI&j)wgy}5GZ
z;YHsLg}F37b}23{983<I>El;@HK_{+Y=H7e3x4pMOFUvfF2AZ;le%O!<a{!G{xv$<
zCU49wuk@L1zfspp&)AWLa!67vnFBbnJ4%APqNWHZWj<AW5(1CxU4o^KD&3nR4{>#m
zvB!5YVlRbj!b_iR8SV&vrE8Cj{dSnmTY71)eg6Cu8LRHxm{=irXL#*Sav{RDX9A4q
z+u~acI(l#$Tp*i6Co~u>X4^IA8S>7YXO~!+)v+~J5g6Y+*f?P4XKanU=VwoO^d}W}
zI~^F6RI~hTBi+`{2Aas;D$j>e&vZFB<NH06_<)_a>|53`LqIfZxmc5mUuIT1H8n0y
z5SY}$B_q7#UWK~4f*1TR$94c-l(i=geI@KC@nKbTmZAi+q7H(z`r*Qh?%1hL)Wi<b
zL%ialLL4C@qG_eYFk+$|k&A*D&PmExeoperNc=}=49$s|yy$*iob_hywj<54II)a4
zuA}bEB3oi$jGNh1*XvY6U)1gSlA&eCUH?F-WY{ufc5&(tgx3Z1wVRk8A?W4j{F0IX
zH=m=U{#ibJD5d}NFBpRlgpaG$*(g0b@6g{K?t$LHh6>X{BI`O23b<><l>J)ywy?^X
zSNtfOG(uB(L&h-Ab8GHDr_aLjxY+ig4dhAiC^$RkYVGTX*prrF>0F8)!qRYf`<?(#
z%k+2Mnm43R>eXM-C%P9#9CSr>?T3J{$ICRV7aL2XvegxL_a`VA^1`$j<<+g3HO?{?
z_Vt>6qpMuxt9dQ&?^AE2OD-zE$tt`j-=4=K=$kuzr^c=jGMA3W-Z;X)-L%ZQ^eiPI
z`qf&CedpY|e)-x>x?Ak@2ghGu3TUiC{%D{Tw#A_8aN_<Nu!cLXv}7nLME}(B99Ok_
zcrBee+L<W0N->z%O<K_D<D;`4NlPaW9+=jdPpQH^Hk^uRH1b+mj88#go8hYuCxU{+
z?;m6JtrJrVi#xiD6p!PnD;C)VO-lp@?gvVt2j)wgGb1PdbKHQ(-H(TiA#0k^<zEIH
zN-+vJw_hgEHm@%6(;{zA&;()oh$bB_CC4a3B4zybY&%O0tMjBFb%S#V0v50k(w5q>
z7VxP~L%<!PaQ}GNu+je6MMk%5@IJ_&6};S$O>W<pTWDv$-k6_#798*hcUT~XH5c)K
zekX>_6#lkgPZ)4t@6hy_fPiG@{gWvF%aifNy866>&p~-|E$kx54_x!d+HXlk89<ml
zdiRS6Bl!g?)HTxWeO>(46dSS>;k~WUZMn41m^hf}8Ow&XIy}y(a*CP~m(hCz-{vv3
z-XY9VUsChrBi>*VhQ0x@Hek`ulNRIorQXu18=xwr{w#cIHf#C(A&uDyg@d7<?Z7@1
zaTnY4a90|!6Fj7d!RHN!Os9td=nf-=^sNd^iZ@|NcyAFy{?mQ$agXzLUF~HMsm0Gu
zyj5%8pvi$xIp|J31&KU~dA63IV!oED$kBw7!%9B16cnEqLo`_LWl;AtUk1>#fulY3
z5(v+Ab+>AIbS>8|rNWRd>sbB^2O)45vPe^$yyF+CY<|{W?MZKz`_j^Hhhr7h(e~hk
z1BI<oRxmqA;GYA((xDEibR9EUgL9X^Uq8f!b-*$a5}+^1NOThr8if~2h#VbRSM)$#
z|Iav>Sire~`uI0>SK4-1Ves`OD|tB>@}F7L1)>Fvg~VCK44GNZPN-VPFQt$k#R!b|
z(_;CdJrK+qKEqdGm9$3=meBKbAMa+2WB9^(%3HU+HQ>iqQRN&D`!b*EFsTCL^+vSU
z;tO23)N-KBzxL2XxPbGQ%Ko<$LlAJPr#S}Sx&ck`NlLGRA#P&fVZ1bgJ{`1*azsgH
znfL3U8&3WQ@;6|G(jw834_WXuTP#AbM&eneeYdIduK>+kH`=XLb14mMl@>0l_Eg*X
zdk%S`U7t|-Khao|mO;be?>3Bz(2E$R9dciZzcgM_85g!sz!!Kt21c1u;zTNE13VW-
z@N#jBhf)0=gKysmMN>%=qmh_`6?3A$LB64wgfR~P6@4fqX-;@Sp=6}eezq+=wEl8E
zmPl&pSBi6<%}!(WptznojTiH;4xngZN4)_&DSE{3+C>KY<PyjW=FQ+>9g;)z-D56p
zKf+cLB37k~fPYGk7X1U51Am7LzZ6DZbo695mq44f@AeO>EtNb(6Lul6$R$W|G((|O
zzR87EQwRr#H1!<ibZ?4+%?;<ykHUfz#sEJE!&li8X&he8?10x!xjJQZ{Z8rdvMw(w
zW`AF9W;dStlC%Dk-`aP1WE9!T)BC74skg<KtL|ToWOc3qG+d<~H01d-!EE4t*tzLl
z>6BM&HqZFrKLY_*j6dp@n4=?A*dMGvK=e*ga*#TH?5;ZO0Y?AN4_>`azo>D!vo&L}
z<%y1S(IB#7U5yL9E@r*}dr`#5?J4Vvlg-2P{nOGCjbM2enci-N$2PMfIx{i`WtPz%
zKsKy!`-56@X+j`Exj@pmQclr)ZP-0Sjbj7Xm#%VkQ!tBB%z1m}CcR8j5?_9pQ3vhb
zbjDclWF~J3smvuR@?mJI^1jQ4D<CMoc(-?}{wZUEyxs^swikYfSwO6+sGG=PsgAGW
z!!BY&*5CeW&{c!bTVcQ<+0UxVh+V)0B}Xobj5LTi+y}((WQsXH#`uQ#YDT}!;PBM*
z___O^xfHWZa@WVR)Lk*Kvi|5Ewm9Lf>a$ytwo6YvY{&>R1X6aMPIjk4lP9&+7GrA+
zlbLD}u)>9wiS+(8T`GI2VIp2ZVdU49lF$bP2PqgJ%<f<U#2myM-+c+S?G*iyQQob~
z(!XlGY8({kaU{W(TKwGNp~$_OnxhiQT%MhmiMH{3y@Jln^_H6i|L}-6n}-UGqTfEW
zaq0@OJDTAvbaM@+H2)p1DMHVwN8gA(lI3hO6h8{O!vek0Z8BoCY9KtBo&3}3#7Gq#
zfWAu3F{J6FQhv>fDv3jF5$JN&EqLZHLU{Gw8p>Bzb0ti!R1|eEHR0hXvcfohF-tlO
z^^HfC`MxOP+ZMd6BlB;Ma(-&aGO~zdg4uh@;*m-r3SiB_0-O{k4D@0VOu*>J{=A$9
zA43n+=+{#PjD<5qWc@Hvqd^s@(r-`&TGBr&19u~|$sV6i_13m7*QjGHD%_R?=~ti$
zMw*|_d8&FrV%WW37miAz#r7>6%@0xZzl{yXriFUm1ylptrh)@!of1!k(%=%0UNNM!
zZW2N42(VWYv0r0Ho%W4bYTk=NzUnT}Kh2`R(EI_t`bwLX74-hqY$<cil;*@8<F^W4
z+opR}y!^90&5#d>VHXR%j5_S6wEw1c5c;|hphfou-~{%JbY!~~C7P+v2p2>}jC)X`
zvT5la>n|$jn_EyeVenq%i52EI?u$wC1B43uZ3T=kET&+ME&-Rys66<I(9S9^V5s?`
zFHtc8@AFp8Nm3X-IvgVWEn0GSwsL*53^O2EX}+fQOf-|*peU36PFE4cP|BwBPS2L>
zml#VHpy-xkeib3pM+8<ldXW)x9u?^!WY(%0X1t!I-+4h~V&q{N_=IvoapX`8Rjf&F
zxBx-#gE#o-L~J>2n-S8{R@d>&8qasbi}%p2=6WJ|Dj8g7zKBK>l154wY4yM5=@a1l
z!Q~)zzTPXUqF^x3zohw-ro<r!x>3>`$zeZ;$@&X|-f;cjeBx(pA#_c6IZ&Ip#S<S$
zksvCohjvPz4Eyb@WCm>g^TZ?B0L0Pb`BJ{~UK@Y=@jqjo_r0(--W{q5<Gq9WHrsaw
zBWuizv`bE~RF&WoV9qv*j?;N!leO=S3}jzfA8i&T^5*!M3XlXph${8Yo<iAY@5D~H
zG_G+!K{f0eu|2wdmo<p-430crg<!)QfEv^w?{>8g==qcg3tZadsr>!0DeqXe$}z_t
zQgO4DeTf)%+VGw@L!={bH*CzfK)$|R%(NYPRFJc4Vhn%eZ^DgVRqv=ZeGImp`itNx
zKo2PVua$&}Re-EHUKX^N8Yxkc9(RqJ^wO5WPqzu+_41t4qH0}8%Z<iymG9lBAE0^9
z?|}{SmwrSh1gsx6ZZ0n0pRRW?yK8L@JMH;UYfoe}(*L@w+O&jkXP#HFEf)1g&8cI1
z?uq&pnDHf;qMrodDm%0?HQD!m&Aex7^D&V{mY_+?K3Jv~#EAY*&!|QpW}g1qdvj&l
zFXG5psdLm}+7h<x_tdyQ$^@vKKeN#4IOehTu8OU-_QYSjH)1yLN@NglV28jP%Z!t%
zVoh#_vAH0wj=-$Y!n|sh5#LsHt&L?2m$eMZrpzpqF@8T&z>)GT;3wvPk|)J>Le`Yh
zoOdqA4kU5cF*8anIVj*h3&9-&z3O)$klf&MWfDox>*ffAs^B2n%%56yE-n)x{!MyX
zFKA09lvDRc_7VuR+SuC8t>5TVV#R7^>ZdBQ5ZNUtkm|E;*&mMujxmMf$VI-z(j8`h
z<Mo<6_7;N?ZuGnf0HJA&T;PP)N7rg|Xu07(`iWQZ!<Ik1N9_VbT2iEt8csR;+*bvF
z#$N+BeEg%N40VaPnPSm}RdRg{`1?mlX<@FsqPp$Ak{d)+60<;N5h(VFFn7QrDg4b*
z{R~k|d_;dRZh%hHko*sMCUrcQlNsU9t~-skXam9ik?=e9jmQ+V_nFp<V-eGK$9W9k
zs%|w$#tlx|G;B=>kyROr%vK2Wr|f{1Asdw?R}h9El0)h(hd>6=c{DMcCoEKHoEljk
zfD+YfCmqC5qVnDaQpuUPQx)+)JEsoa37|9NDCUt$-F51{8X-3@tBZB|fOv~>X?0{V
z<Lb*ijN<+E0IBrsH%#TMA;ph7XQL&(j-_Lngj2_*x~B<1ciZ*TM;)|G1#7L)%ryc6
z*RNcG#e4Cnzox5XWN!6==<^^o@dl34FISK{n+0^H1M-*~@WCfI@zx(s;o<()FnGN^
zcll_m<K|`IP46ZH_{KlBphEYTf}sHFRb{=#?43jj{h$jdOcdt~@ZR%DNurE;hm5mR
ziT4afLjq`qwE?1?M4$`(|Hq<=VUwb2zz?Xn#9xbr1%#AnV8Y$R;9d81VULy%71FuR
z>a+Jj+%z_~v?TJ#*(@VIyEsG(gV{$|IO}&;`EN}XFH6qem(yh|3uUQ3#_S8Dldc6R
zFe^xk)T{>WZ+;fdfn3^Rpn1DVYfasE4Oo*W`*Ov2|AiEc&WF_%PHgJTuKnFjhim7M
zzGOcfUHw|xJ@Qj@a0QoCvtP-pL_;;MG|*CW?V{-1Nb3iG8J?oOK(UgE3b`lU21CeD
zl#6mwCu2#z6#t<RuK|Vl@}K<;jjyNe>)!S)c2y5q3jv_p8$_dkCUe?6J00{N3dM?w
zZ?`ixNs?9Zp$Kemj3PKh)U<coL?b<yBOZkxrfVZ>pzkG{6B3vc1mnB;oPFT&yyAR^
z9d}x|0|UZgPj?l-Mc3*wO}!U(l#-tA!(0{-Hmj`%2d=LkKerL`4yD)%{B5Hh>*UXe
zfzBX?gV{khK?d}RNTPd)V5!V;jrc!%QBo1}Y5$NJDY8LE6!>qBlX>EE{=V+}LD0&X
zZMxIVPgbvTyA0RtUnmI*uTw2PSsC(mMRBC1;;LY>SNoUlM;JbQ3vShi&DM_skd5T<
zJy?Xui8Oj&CVDZ@2t8!3&1P3wm*EB=UqXRGOM&p2#4k0CS$boMW$W>=CwJ+?y4x})
z8GpO@6G5);z+8hj-X$T;puf@82URoD_bkX5Wr~B%?X-m%g-PjWh##0|w5=+xAco|3
z%?22X=Ks7gs<DqU$Vd%9^QWln7aAaF-ASsV^k$_q(|KSJ^H^vX@MtyUz_s1|wF*H~
z7hxiqa{QKJ+^z{SE6>>spIV_<EzqRL#AILiJ44<~To$)jI)Yr7FxrGqHDUSf-C>-=
zFRgI6^e&Gc(X{S1VUAQ$CrsJvD&O*L6A=UHmZ$QIAgZ68>0T+CCc^Ltk{fs%#Yrbg
z9c~d^hkk!q3IgB<e`hXcj)V83bP^wBK_hCY+bmFp)TLVA-`N>shpR|y&<&^UR!1xO
zRY)AFfibu;+Z}~yA(1%QSMasrh9I}XdZLFm88m87uq)QNu!!I`pN_jd@O6xu6Cb<g
z9W@2wx6<b^DZ{r(ZfHgJE(v)7miUy97+kb@!151#a}7}Q2CAA(<)$mfwc#~lX~C|-
zBvlH>`-6mgTsd??2UnCXo}n0896~tUVAW|sc~}z6qM;o1vVvJ|<0z9<sOhzWYt*hZ
zl+7mV*s<$SDcX(tD%XE7pypbQ)LHE^-wEP++-(=S`=K!GE-~(#5ZX6{SH^Nx#Q?FK
z!ie~XSg;J8-N<6vX5#$jcG1c~A@(-`uO6LF65>r(FxY1h>`FI;{C`YcQ+QolyKb8{
zR%0iPZL_i2n2oJQ4QCs(vF*lKv28SJY}?jZ?f!T6xmq`4K6A{^eAhFm`d&pq=>gR}
z=`odn17ET1Ar#)==GbhsffLdL{l=f3rF7Q9{$`Y&l6TF{^!e`&oJG|#=&ooX^~0G)
z?Z*C{-Eyq`Ln>dS_zhsAYtqG;fu-@PJIYuT9qnCW{3}Yx^3EaH^foS;9!i9)A&*I}
zj@P0u_KDd5K_QeL5)E8z#jPMoGixnOQ*M}HeZXJVDA7&T!r?-KaqiVOH{;9CnRB8_
z=8G}Ivu>!;31U%CU7d)4ybA2X-s4Nju+fxw<*NG`JemDk!75DN`L{79GOu~}w3lwn
zqht)0dAOaKqYI80Qk-&@0cm=hd2Qu7ghh=32wUi<nu4qBvzAXpROdFAqwGkI(T1GV
zKf9wGe9<u;akgupRz@%n8_TQaWtLip$W{|J6}Sm)_DqLN7jSQNQ6d=S3?#I1qdCum
z83DMABkanGP{X(v=e-fdI>g+71^TnSABFcpTB{NFh^YZ#3AFNtUC(zFNhZnqH{&R0
z;?s9NyLck%po1R@o+@Qhbj?u`7Y!K6^c}(o(paZzlp>VbLT_YGMSYnTFWbx$Q{Rrb
z&DnT$NY;VU{*et7%or2kaT<z|)0#VGr1$XNt1Z8f>NMlP5$h|Jq&XT2157g|f_DRS
zqz1HH@=KXGvo?@zj<qF${SO8J-5(5q+VX1m*3_w9hfnA-5{($Y3&&+^)e8HlX+_(Z
z{ba%zRK*5J!i^^FbJZ5F5X}yfAGY@eMkj+Iiz}T0u4CDXZq(vWj=9<b&vxfmIVUG;
zRgea0_wdIqD?C==Z&L5OjznnwtbO9?1e9FD!On&k{!V9P`vR4cMCo-!Jep}Ux55S9
z{V3N^xKl~>B|TXS^fmqnLpPK1@lgawQ_*MVAQbpvpM&u-AHo~pKiPvxQVm|p2KWL<
zlq@Y>9OiBpNBIj0XAba-Zp$EuP~KDEHLiz5%swTj!Fnak>MG0PVQ?BOzxuS8ZoT-E
zF4YSze~_lkT04kD>tuT!e{nE|;FV_^p46zSoyDn%b7M<3KGLB0D+tcWy2JMdDdIg1
zEE8GoGjT^^oLKnj<|Va#AL3R?@Bwa$X^YYd9=?#j_GtS;#tq{O&Nm(|o9Tf3is<0d
z>t4D#D#dc2qb_AtPW*AJ{?#;{YXpg@#~tYBWu4At{*6q79Gk128a=XIPaTEIMnvY(
zYr{`bE9rMoMqi9DP~!b1qjElkdr|jgBU4cIQ@4_{1`kr^sU(0yDDoaaQu{@-z8K*I
z;p)k(fvfS(Mn6bPOBQ)*R;P`<d9fJ`6BH^-vwBpg5}!v6-HAfzZjB#_Y9bI?BA!u9
zZS`GHPvJPJEOB{{Fc$<h{^p{0esIAxX~QmEr3@tDNIvy);lpvrl`U4Dq&-w~GeTo|
zY|;;;(2@Xl9upX54wbu1iaDHF-kKzN7(d_aB|Yq0U<+n%Nyq|=n)T5Sw2~71gKvme
z`tp8nYZ=!S%^yF=6U1Diyn{j-#tt0?bjap8DuqT0=E7icRstJHrRQdg=H+d9xHlKq
zwjiEupAPsR8oqk6-9M~r5ezPDr7r=1`hfhypUE&SP;%R>^1N)emBqnG-ajjBvfA2T
zR9wGX^4FG#L~1qcUK@X>Q-rd6%6Trq(5f~X&W8IO@;guOQvT68xyctH9AQgCBMv<%
zDpVZOUK?5Si`r|Vpt*WBcNo0z{}w73GFK~3yT2BLodv^cAkaHE*W4)qAIX7=xNWmT
zQtL>^`K@|PEFHFBBiZ1)s4rUT{x2f<rwL_%&o!Rnb#tcLFAL|(Ti#uB{kK6(c4)t^
zXir3^W>WqBsW@EMWen}KdML8>1c9kMS(vK##+`}uLPPZDF&SxKG}e{DXPTY^Uc0RS
zX#)Vp4oV3S1FHk-A9Y9#AW^imytbqXX)3GLK`<oQc@3rE&t+bk<2q>k{+6(OV5}fe
zXZ>q|b;8X;J3fQx-;hQF7<J27UM#lnW3Bm^XK@|VmInh<k4iB~!@CBhyEjJZ%ZCcm
zSdXB3$;A_^ArpHrh4cO*bIiSGuC5+j^<1+4u0SMo330PHf43`QiJ*5uJnXC{xS*hS
z6XW^u5zb8Ul~lJY*Xv<v46hCGrIbJqm>{9w$V=uGk=0aUgz>t$G}9V_7IcFC{C$sD
z_3Tm{<;D{TGBJpL(jRg9G_sG*udZwZ1v(-X=g+$zBYBvD5lw+V$Uhf+L1UHD^Bp3w
zXCpj18xeNCtTi8UL=(FO)gzhVGjU!GLWg;C>6>Hu4~4j*DJ9{f{D^olhmpeL$m2H#
zzLVhKO!$k4g!SRsgwp0MqRqr+**;#}5Hm3bE!>=vh9Tb56YQ0`-nB98>L?%F?``79
z`Lae}>ze)&+8u44A6C>S=XGp?G0TkLY@ideV3qXRTUBB3lE1i$HAlERoQpC#c#~PO
zbZN~!t8j5(I|6z?E5TE6Fy0k5<x?14O5t1tS^2DB2PuLijw-?F8fh4HtA8^hcz2&m
z<weEM&~Wl`^o9z+Dt?9bBc-qeSd?{%ap|mLUg5n{7hrrkpJVKfLqhxkKmNJHEl);z
zp1{ahjKKKhYS`IxuKjS?FtxYudSBe_bA;lq3!m<rKH&<|d|`$!^%wAIhbd7zV+SI3
zKPT_B6)4t5V*b&hAnmpoXUU+?`FCvt5Dx*A!lN~etG}KWbk&f63m}<B%bDn*^?Chc
z$W>WHo^KLr#7}p2*Y|Lmh0ek-2bmGS<ljWaewg&m@B-V286hV3_jq*wPn)tbb5Fa?
z3jS!*T3{SlnKl_B*+`F(XG|vwaj016rm!E@T9lsNH}Dk`?ub3Om($D<;t}9ar^<EC
z3u80^@-vyUg~;o{jp+7~6cVg&_(NMycL-<f7gqTYQ~frtPG!+tYS8{teq=4ts=yAO
z#8lBLsc}E}kbM~S1apo<a?ZrzKoA!DyQ3azdd-P#U@J%IFu|K%NieY5=EQlYH{^$c
zJx((HE^4J14^3jk{x<ByjKHBkClt+r|J5yi36tW;C25C7gE@17{HJpyJTn(WhN6Cl
zC%meh_ioQ}w1x#z^)w(5J1=!$aE2K)h1APe?lw=CshVDAnE7`)uF6eoA9I-Hu2Yht
zSjwx!pb-r*Hw9IlA<6w`@8=U3;eKSc@{WLWySFu>5?CVGlAi=ffVCJ{Jf)y$@CZE$
z9@>9&P0#qA)!&`*6HM3i73ko(xm}0w5BcCU^xSs?clEgzS%iycDCuYeZ%EvT`ZvCH
zH#sG(uF%^oGejEz;Uvxdj+56BO13dRE}<{R(^>U|^jmf(OH}`R`F@BT$Zn~EJtKJ<
z3HcmMU|1h1B5DJU5B=y@DP(`_<i<YQ!cX$@X7^tF`75G5W-w#|%h%O3bh;g3N-kca
z-Q9-8wiUVBx@dZ}ynso94{IOn*{AN_8Aku?N|pV`90fEHf%b1DpKW=?_Tmk0Kz@#7
zC*Lt$1yh*ur63PzGZP8pKAdKcQ)I?Z`2u&BDMt2*G5W(DeH`LqFmj3iDK_RL<-~@;
zz#qlNbj*>lKJ@R$9sRAD#K#H03Snkjpq9TFPdNR6sz$6a#@KG~Zl7v@jdFA?7VXFW
zCE?r;q;rX5MtVQu6m*%?uklDLz)X$LUhTek4R*eN+NP(9MpytUA&^SuGdbORSgd<I
zt41B&fpBy~Lt|3r)p&b)`6};IHwVYT#s>fR<MBcH{4W$quwQ>DKD2Dl=5g`D_$!nx
z`;BKH<fW2*3gQX+(>}yF53y~pI~Ku5juYl-f7I$Azn=&!WjO>c)`I9Gk~{GWMJnbZ
zuo9Gs#u_oh!*zhPH){2Nq30ZH7JGfdPq4c^oWl#!)Z$r1^mkQv$5RDEK3UfeZczFp
ztsaew+gt^hEZd4uiH{#-e443NrT23W7B&TV-$svZ67n+QNoq3l5PYqe=ud+ZeEg!;
zKTw?`Y`j!UaLD5{o<{$zjv%GKnvWf?NO}Rt)c#v^x=Vx0SO`iq-qzc2DMP&fh*oWG
zHf2B~!*C|ZS(dE+b+MQp#7ND|9PTl*lEo(Z$i<n(d1lFey+7X69=p;+|KeG0iNdC3
zX^Xe#w|)TVSxXE)WYgFi1*Uq|Uj5_y;g)kHdkOdxa8SlqN^x>ezqx>)?M4IXhno+Q
zBIG(>AWq&v)ih@_lRT9Z)Fm*P%&M^8+rpk4eoTuNo)0WRn|ObHovn|E?{6tJ*M;Bt
zkGQqA!39uozD-sqn)wBxM1b)v8s{vT3|(^2J1W9|me)X0F=vZg6$Y{WKgklcK(;c-
zWW}c&2gZwriS;-sL86-6Oqxa~WmOV=bg#_dY*IO8EgO@Art5j+{+YKp54Ah*(*ND{
z21Krc(d`r)Nh+K9WQP@5+-IRQ;$xRa<`wI<^{EU75%k}CTrC(a4ZdUG4^Mz!!~5qo
zu5)%W_B+i@@kQtWt5#wTU})q)eH4H`leuYOGCebd7$8=XEut5E^o#OO$gN#M-&2A}
z!Hx=7f$gt?J>@01!}|?l`}~{2fKt@(V8#}zDNbCU^m_{S|3bDsRs)ubHsFV<>F$(?
z69Zn%>>h1u=rqi2l~XgiBUuW`_jRI=9=d`U3Ki<Tz_#cYNSdvNP0cj3%liIHo|4MQ
zfwx1Av>SV$@8y4%kE=z`v6ov8Qp|Z5f19lm^BXnO`ypp6zXYOh%t#@!rQvsplU%<%
zdS_AyY1f<7IB^8emVY8?M?QIVLcY{~q(J$%MArOTcZs*XV5m#TIBtp;W{a0QZMs^#
zgIE%f5UY1MDNv(OL1!XdEkH>b_z#W1HbXHn$ZyTz0y0k5dTGVahuIxMnxdYUp_1<U
zA@&}M6tp{13?Y0=IsQ2nUM~$v!<ObMYyd$uQAR!1Zvk#A%6b~*iGU*jy{eS^T($*y
zwsvXxiTGaKR_o_<69;->%E6=+u*z9(?oNb?aU^H;PY&7fX`#d3;0tA{9t$OiQ|42;
zf~v`bC!s$ns*!Sg_A6CPQ5B*C2sxSmxa?=yWn@5xluEk*=5og$F8gV5W9PhnHkP-1
z;yDaKJlF^Vndk{xOQ^GNi#c(sN~|5PR{J||rf{+V_5ry6z>BGUjdUbSJQ(P}&U<f&
z%|WjuF4%8c#`}X_ed9d_C}NzbVE<Q27g;-(@JlpNRiwNQ{|Rnk%S5e4m(KZeToC(k
z;CB#p7UI5WR>CM}_ZvK;j4ZD))$q^qJ)8tR$=E6TTO~6YYmlV&Hys4d$^5jyk#0?2
ztg*6Q1x_%?l14ANoia_t+0NceI~GQtIL=@9cHU_iQsDvsPq$&~beu3DXnP;RWU=f|
z;(PpEOV1Wpz{lnFj)Eu9r^NmZg54T^BqdW+I#W;TA&|s|lSmScL1&{Ov5+%LUW@tg
zVkTVQhB3>~F-`+-MovqR<VP>w#w}T;wT(aUeWo%wudRAeQAOZkZ4J5IHvBX$l*Tp(
zEt1E5blC)_(~j^uHKwZRIHREjinEclkaS{VS#CS-H?BQiW-bL9vdQee0SHoCmGhN7
zKMH{_JlOfpT2*s~nl{=$h^946eEpkzvuPo5XyJuO19a-ziZ_DF<PIoI3?K9{rXNIg
zr+o8RX(uWTjLnv6W$kGZU-H%=)y_2~xZVpPQ1yigi<XvBN3siu@S)bEv$~os4jB@o
zWC^cT!dG?*1rp>PZ`SKpmH$u)8}e@6*2VD?OdLcMi^3^I>^KgM#?Z6Va_c}5Bml%C
z71_cB=j2+93<W?cHu5tDO*wH8iBH<o+ikpOFS)WMeO8-L!pqxQ65Vi%GA(#LVNfD5
zNOx|L{0N2EHJkSA`)o(C_P2wxC*ZLFtQ=@q=#OT(BKxg{5t4`c8skMz%2P=;x#_x-
zov#g~<kNM}{?{lw0|;^4<1|0#VBR4~+oofO8<4%Rbta0tibm`jzcP&sU&%lLkE>xN
zB1SjV5T6E}pp<7-o3{iCIJaNUyGW3RMeEjlke!L)+4cKdK~C<F_Q~gzj@48z{Ps=}
z?N>w$m2yP?TEs7J+&I1NT+FG+ZPP8$A~e&2|J5h~FzRR?YaDg;2{%Jk!5|j3*12SK
zW!0mfc#nH^)qK8C{C6wD=@H!^ftdZr*wZN}+p;T8%IaCDb~O-^tV6B78i?>#tIRBE
zSufcdIUwKa`kVJs0S_;@X$Q_MP`g$O&;s(6;CRvBX$%+;K&g4Pb*=@wlET4;cjX?d
zNQwa<Vs=b>Df_RmFI<*U@Bu#&b1sD11fNvNrk2=jvy@o!D=zFrIqRc}?K(*2vCji2
zl(oJXA6^ZOi>k)lFh}?*kTlndGCR=rd$#lL#*VG1>+09;L8*s|ML$g0itUu9QOq}W
z^mb8XP)`BPyl~>z>V{8hU`Yg|zEoSLG)UR+QCBOdo$|s@gy!WSKEj@zFh=EWrjWA2
zz%J*12txtstWTo9XwPi5m`*On-nO5!C$_b*r47hZ`W$$U#&ic(TcutrpHLay1H)cN
zr@<2_6)EI#?v#xEdL7+j8^{MJR;gEkP^`JdWs@13QA&6~Qze3X$Js(Z&EGIUlR!>4
zm(w*?vyUe3S5={qlsDJ9ptTZY&I!o(tL`dPg&uRyP?KSBwAxF|V&sYgK98J?skvm_
z6<bn2d`3HLtW84^BJz~(;Ux4^T7D&F*3nL;-+2*c!oD}=pJpRBXI{)&f|3Q$9urj@
zScz765u?~6+sh#NJ`Vk~*&r?FoT!xK+{7~2Q0l)oapUC0XwJl9CXE<>jVihA`W>9R
zDa$rfn*#0(lw01fJ1>5*n)+DE5oWz|F7HPCI^Cpq%@HF(D88KEXBGz$epZY}-}0yp
z`L9c|Mu75<F#;;t;26;`^%d0wML+AKVz5a^ojsEkhZ>H`Qx#h#{W<hsHT^g1XUggm
zT866X!H*xb&SA9N3GlmoniwJuB}@!>1qidR5UV_-v%YXxn!C>!iup|l)#%G&#q!Yk
z{#B0b4)YIWiJ=2Ra0OwnP$qTXY4j@rQMa_D{BQ=NG=r3M5mRU>7()M+wS}_>ST!j@
z?>}@zwq`@Y?mK#Dp30n8URpAh#Ul-xfk(FP&gsjGTyoI&gFi9b2w$`<YgY~WQr99i
zHXsT-eIW@u(dhgtfYZ}<U`5h3Oz$B6<uC2coWX+vv*1AiXW`ukAgQXaiFRd-7;nUX
zFZf-i`CcT^>T5&okwIdX-Z1PR8~?R$X3Zt!Oa{xq@b2;LTnvP9vj@dFKRmj}N=9Nk
zD|^yZ6k4RQacHR!<)YhccyiFTY643*lIW20EsL*1nd}pJw0-{SBt+M05`2IqGn{s3
z!=gQ)BnXXNIZ2U-nd3|Tgy-CAj-AZW%Ys)b_%9hqASPFmhI(@9a8`^Hh6e+T+1qw)
zOqL1Q0UMVpBjB+XpONui{K|HKdby%^vlRb($s1quUeeH+q#0`>&&j;`w7S~|#S(dE
zQFJKOUZnlb$BMcm8)4mkt8&f}1HfGjwM@n(<=x*=1B{S$TI?SnBa9R>LtddUR}Y*U
zTJHh<*R|^5qpzE*PIj6oNk%=0X*=yPUYu~HI)Z7x)vKVQZq2)Djf0Q?<C>XWn;{H$
z#L7!3R=R>}%yIS)ej^9x@1yuw>=({k%w396xOQ)FF`_K@c>u4#g0+~?!&RAtLLRbz
z+Hjw`sS@GyjhNxcIy=6(Q4LFI-10UI4<w;Uu14liD+vT=&6Ih9z>mSd7=*+^F)*4s
zWA~IY!@999KP{+WuA#jos`Ybt^Y`G;lH#IRhsp}~ng9z0Ta(t0a$@gKmmC@i@#(RF
z%_=smqFGh@q#kE2)SA5?6aTc_Rqa#AJMEK(yeAZTIw%n-3yN5Y^dnBEEi`XPuZplx
zm_^cT`SGGwIT2p&Fk9$9VN??wSz6<Ut$u!{pJ+V=JJW~u4N#ypcnsp>8=!WhRwJ4p
zvKb(mAN24^M^kYqIs|-witVv(Lja~Bv{#3x8X%SXpR14jNdm$bk4NI)#%kS8Tdi4m
zLV00g*a*lRe+9#(?ZuwSh0jl5gsaBYCGwd|-mR_-t8QibRf7;xLM*QyD*YSp$J|^f
zYvSwI`LKUn8)2^g{o!1S);J*$fCW|kpi%k-OXL%bf&&S>qgs!0RS_~*C1QI0<N7~o
zPaiu;8%k>Z$u|_oLlAVPR~0Bt_q2)qIMzH{J97rN+b=n6(>>m~O)%}_7~6Ph;=ALB
zjW1@d(9crHwOh|prZL|Uhl$pJX?!qf0@{^gI|#@99pA*kgPj5)l#3+vrCJd0qM!Z^
z;AvHozqfR7wNPz+T)LSewS~r}2I{vnp#(7svxWq-=Albw?x-YmSm6ch`iUlqybFJ_
zTyDZnUL8Vyp?o5!2j2L1mjnarw&_JcBB;b7hq3bS*tBVl$$mBAtCoF}DNny+denhg
zm<pTQB7Wxj5A%ucVDK7XrEOO*M`!I=n$o{lughe;OOizSjtGpF)TNkpKpaEash9;X
z9>feMg(fz;0Jj#XEI1&61<95vsu4jQ_DSH!Z7bE8cb6jZfBHa)KsG?DJQzZ^hyAFJ
zVQhYP9d5!?c`A;}e^rtIIY<k+Ru?EG+7;$qgHTHYyc*@fd9=7PKfMAYdFaG6_LZ3&
zD6}vcZgzfvKZK0thwh)Uv7@DIgoabXPd<R`_4bc?4F|g)>V}=(cBdiPL0c$+5ywOo
zJv1oAUA8{1%}3f<LG<5ca1r1JimBXn%{WGPkU+T7pYD@)W~Z>gVEddM^*;at;8vva
zTlN^UFjjh~b0PxdyP%$OWIRKg=?DA1DiZ(c1TbP`{PC}WiFo(K`i*aS7r09UzfhQV
zeIm5!-kSzhhNu%yRrI6S$C*)L(=z$g>vT{!t8|gHSIR(dI`Bkw*{8f!RPxt1sS!yb
zd$H^g(xKZFanMhXe00F6#$zJg*xV#{H|X;7QpEenwMg`0X^F)Hq~1d+h(3Hjp#gao
zx8;NDfzPYas~+Un7FRO<vAoP+s1^N20S*^XGTkDty_RM5xhjBBa9?$<=KecY0=@XK
ztLu|`&8^!&*9X%#&n!spMe7AQ>*>a@N=NSO;}5U9R)mogv5kPpo3Of*xYk~t<8#u=
z{9jN%3*Nf{=E@a!r9;2c>oHOCE8+MZL>v6SlobmE{w56kereb69nbHZjUcnZ6Yox*
zFEP8FVhPD7bh6q0*8{UfUGEoPb3_(NIxSL=1n>r(*k#B;KV09k?dFxWzok-H9oola
zcaI%5eLj?;4Rn$OvUOV%BWIQMb)KxPv?9&KCa3)zF~I%lyR<Ih=;51;z5||8ycBwR
z@=m~e0B<dTUr9pcC=Az|WMWK5fZh{1DtW)xU5B!N_)<%2o{$I00BJ*T;|jG~{-(C+
z`z7R!ySt~asD6T+YSt^*Ri@*Sz@w+h<@MVl6H;tlHc53rq*zK)WCGe53pMJUpkRVL
z-yVf1ig=F>+*HM?ijVZaBiUs*^6pdW86}vl7HMOISB0(^EF8Cm6_-S#&;!Jc!&_*s
zFqobPaf|x<Wqb#s{)wNqwxaI=GS8m4##vQ26%9(cY9$Tx8W5B^$HtNsp2U}eqqUYE
z&PM=evH#cEKk`KQZZ~Gb;&!wc`}T5wnnQm0)Q&cx{I2XmVd=SdU9T3<dK^6iyl!@H
zj5IwT3kd7_Q|MTAx6p@*d}4Bn{i|^FCC9U1CGlcJ1qVr`_zX9Ga<eC~NUg8_^EV32
zrg|)<aO0N-4qjqF0+&`&(lmb>U@wY}UAUmS=z6cJP)42YZku|D-n3pjobLLHNKJNW
z$Yy$N;?6YKkVdHH({NAZ@RdHQF9P*4h^u-keV9DV`)l2WphPKoSd=puzhoCqii&^R
znEqXshpizoqt~A8sL>6^PlmjhVLlAhB!6@m4dqDUK$<m`#PmFZ%iw`J;A=KFI}ShW
z<-eDF_{ib`M|5S-34kxTIxj_bHqG(uHT?Tn=va36)dtOt2VKDEFt_gOJ(iy-1P>IW
z)`hcrPVmh$9+T&Kiu|LM&rMpc0n^=iRCD_X=^AnJoBq44H~2Z(UTYJ6*3B(Gb&!d#
zGbD)qh)&VOM<7uE4BHz9XF<f@YkpD|H@edIeJS$tDs7qcfG*L?2)vkVc7})1Q+}q7
zrNlsDAEVMnC+hoKMF>S;IGFX-z%S^Nq90*t5XSKTgVS*Rp>U4(`;9ll1s>Sqoa4pi
zsrNB19@O`hQEIe)fA<3;4(np=vP0~CjV{|Mp%R!45&7^*(r>6IjM?`uDSN_%yuqZj
zK|?tpi>}ZhYPUEVevFEHyEIL@VQUq2%E4Z61DAYy&DK;p+~Y6gUH39>XccK<^?U9c
z18WV~3t%VbQkhuAnH<2;ghSOYK{^dOLnRy$;1I3S(KZiA7y#%g=+%$ZK(g+#06Onm
z3SM@Kck`8Qo<!ep&Tc-tUlY2kKF8V=@!bz}4v1eVFA)L(a?f3K56{NOhwcmPl}^iL
zSuD8jy**A`Ydl;&pI0hU2@dUv2U3R)9G<u+qq=KQs%Nq>De$!yM!hW2CD|mWvvXrM
z+qv2xA)}oI3Y8Q~@^yh~AkKM2u&+d+buT>W%dS_`boDQ!LoYowdp+~T1Ci^r4oAvH
z0VRRg`5*Fgniridakb1IBfXJy?kW!EOMbKCe3qq9+#)Dxw$y);G8Q-Z)w9o9paKx~
zd)QI%`p}=UFXs6je417$OrfVtTBwoFXf51F+?gRP*0Nic)8sf>1X9LCwD+^(wcR-a
z$<s)+j(akK6v<W4^8F$N3-eL*<AP;wTTZ+Se@0~`xO-V2FA^mM=90yIp)DyM&v6NX
zYMyr*>k8QuZpQtDc4@O6GMkUWs%F*$MU>w+iG<)M$t;dg_H?(d*LM_NxgMAfzx8W<
zHx3_ooSWmq-W`R~01jGbJr$CnZogh1KUv;Ye6_k-47VNja6N(BLt(dMH231UHR_2*
zm*B$bpBjnyazLiW(`jcy(Qjf3DJv69t8}go0|sy%P*XC}*a{ghQ!ajR#Y6us66M*g
z$|KDBUYaXTRn^>J+vxN5epV3XRKURyny9nMvc0rxCMB+46EL0a#Pd6|qE1+=D8KLf
zaOaM4-O|pku)v<cJR&<nHCFJ>1^wp<!pdOv2BxT@Zla<Y=~4_sDLuOZx48%02g(b=
zeKW6LAW(klt9xQX=1A0jgUz28${1o<&{R#DIHXxWQK^)bdQ=pAB}v<_h>VCUs=AbZ
z<i@HbsdM40-vSLX8={vVXn2?+ttu4h>#h%fX%A!28OnTpTk+lvr!jg{(CK`pnd^R@
za&C<!L1g;`KkWyh3pw|sy|i%yNz>I+6o;ird+{>*%tS%PtWv^;-xSSv6Bou<#|tSA
zH5&%zUzD@~9*Mi=b9Np6M>$-6O_s;+@UMrZ-R0lx%F+UhSpC%$-!DuU>aR#6mUt!E
z16VFh68kC@^vQ#Ty4{X+RD?{b8I+SqC2@Mp(O(A$yP--;({8G3YUBoWg1&c_N!#iw
z6Mo_RgvOOZ<veed)V_MxU$l6;Y+l?vfk7sBko;W7^B_5Y7I3L&(qV%dsA{m=BT>r!
z-OQMwe(o)h6$|DiDr8BFy<%L<GiULoBl|_65Zd=EDGU{TO>*NT*Uz=MS+VMx22{P{
z1Jq&GYY4xjjt9&($u3_f+lhXctuwHld|I6;6~5=Zmc8aRw3w|4u&(aE!53%$J{}f{
zXZ^-f=OQXw_AZ!?eU~gmwkOJ%m5P$*YYg<<_<MZ-EnjGW2wf#1H}cGLZmeRit5Y2-
zCQf~zqN-8~H5tB~@pwRehV1e~vbL|^V(HTCVn>U8c=W+^3EYm7tEi-iv3Q6zdHKvV
z+2I8%W_H#+U{ie03gqGDE@O$dZU}5VcBT)d$=++SNH5f-2jjd^vYHgHzD=qLL(2QG
zXj2EEd}-BNwl3&;8ol4DqnYC9!d>29R;DYnIEH16hs?z#sds*tAbrjsBE3&j<Ma-T
z>KrSlc)1R}3ZGPnEnIX}v_PRHN-*xW3fBnygc9V7a?)TC885{~R!Z*)>wL#m>Opsx
z)~C24uT=s9i>5yZ(68^BCp%vO*T*K$qX&r(cC;6O&-1O<smJeZ10FuITo5vjTJ&ve
zGR+&$SZ5M_9C#@Xu`g^WdF@T3S?zbh)?yujalIcj7vl;dB#ZOYoFwK8(ooECj4Go(
z=p0qx!jNbx{Eug{p{yUPnrKKg<0k_`yU;|%43^)ge{-%v#|JC`lEtMO%5GhOofh^A
z<sswud=V<-3cFih#ie;b6U-?;e_LA0MAt^wgn^9-)o5yrcQw6R|C9nF_nc%UcJPPz
zfy$qir04JG_C$WhI|=O>r$)G`sO^j5m+T(+cWj`%uu>SIkL-A0V;sy%Vf)OXCud6+
zv`?kdKzB(1N<CA+p$SXV;_fepG3UW^+gkbfq5+eV-a@G)Php+2IsqLt8jeM(XF<iM
zcGL8wjlG~fd>#MAvc`m4lk19ttNeyq&&_<3*-;kWAr8Sm;vLuJ5q+)U5gl+#j&v?d
z(8&?2yBe#q0Vgk-37wk`lc*xK^S(5tDCYv07)Y{cESs^A1V8y#!ewc>R+5`&&Sk;W
zqIFeVVetq^DOut1!N7Il-Hg9sP3+1G8T*w&kA4yH(dG2ie2U6+^oicQOT^#1{;Ay2
zkW@`rKd0xOHpidFGgd-4e`~&}{}-3O`p=A$oRes7bp6ON2@OiYYrjG_g1$+h78F2`
z=aBKQQTpoear>)Uo&$XWl4~@T)G9RGqv_LZ4czILw+lZD(qcN#(gY$Mm3UJH>-WY(
zzE|g>$%oUyYe>%V3C4is&E_mk-yH`Ox6T6Mz3&*&(zs)G`>a>tw*FhFKjKp@AZFJz
zDrCnSy7CpP{S@nMK2R*=;3SV`TsR#{7M3q1@600aFPKZwp!9mw0Q}6qmc|qc`iBd6
zB|7RZ!jvHx@#@fCE9<b6!wO%yA*_+e<ao-w|EKIvFTdHh6xBaGzt>}rrY3*?D=C=i
z!^0VeD`TIzZUQ2Z_8-%cWN(LC@0XLPF91O@O<;_{<932zq3@jW%Q{n^tVUh|Cb`4=
zQPgJc%K@dn`d~lIp7+KuVM@lW!Tb6fkS{lKg6a!%G2Yk$-^eL33sWP$VBKg@Agy%n
zFm25tuJYlRocpD3{Q>>%+;Hd^I^|+lxdvteb~eqDX(o;Ku7e4C>;0V|0Y7li2+Gb+
zXb&)%PW*&S=g3Q$iC{fq_lp-Rn%Qu7LhLRG(@3;%`sdODroM_Y@u$k)&&u|x{@;UN
z<sRuP{dXNEsGLw2W2HaWVPXh&=)sB}Y~{rIq<852MOvd$`~&6F*Wf<uENh#2$1IaK
z_fzvv-150s<fP#LE*IQ`McgZj2XPeo?OntxGPvp`Oxhlz)oLzdD+i2xlwq}e6ty;^
zsfF7Y=23erys5qH9Gul6-a(jQfjv3*-dgGntCy=vT`WpZN=+-9=+Cuh)yde^Snymv
zbH;g2SCZbk8-ruf<LGKGT~qhkQU74EWj{ebUn@Ixpf>_|9q{`jNda<OS&X^IGXg&=
zA9F0C*`h|ivRk;j<Yb8GoE-0|m%5}wnsIw-M(5**`nX$IG*(7zR#+TQI%ehun?PW^
zP0;fmmxXWk64VR2B|8S)kd?A7t1WTdl@;)`O@vugs6e5@^@*S;^88{m;I^REsDVaV
z&j0q>`|1?9_>vtgvZokDv}-D=N;TI5atTZL;XRJ>PvEe?b_c;d(8`SOB<Y!9xe=^8
z&i2I#zOm<c<LZ~~5dM$OB@ubG-{g!bQ$Fk0Sgy!Y92Lii;_aH4%^N#{r5Cy9u@gGI
z6ICJ$%Zr3vy5Xdam#bqoT~8IXVtCT&?8VD80Hy|VFL5Y}UXGVy2zTgOd4ie-@?7Va
z+l1DaOBi&$1~&B)TN`rtjk-c^XnF#zEc%@FZ0zzb`Xw<D&V7i&D1a6$$P>#?4!kJl
z%Z}Un^PQz*1K$}R9WIk2Q*^73N7^oGot6(qm-pFLMcEse9Y{V;K)UC=5eN8|!EM9K
zjGEY8K9f-bD7MS8r3v$PO?iZ&#{E0JZGpM#Cr=sOzeep5p1kZ~l(@`8M)x+M=?wdf
zI<S&C5P~eKa6I)J<~?!r_a{k{a}ji<cLk|UXH2f|UVITMR)pG9Y=05h7p1m|?y@Gz
zeJfZ`P16b|2YMW{Z8-CRO7+_8B{2kR{N_}}IG1``)49dP<TFZ+XWr7OA2zEyPpi6e
z;iZk14V9{7CCnQ{O6@sxxaV6}L3QEg^pxNrW-29N>r5bI>x^l5(=ch!)Qlc>SUXNq
z6wj!Tjw&}oFb0|dmPJYm|DB2j2Sr}}zXlITN^tn-aI2PA54L!T=UGFEp<IdFPwUG~
zL-!LU1gATtR<4{!MvXa(Lr-=Y4i)tCJosMEtD{wE@s7raKX@g{7YSnte5tk$?Mdzv
z-m`KR>1pjmWf@@AA{|Y%JaMeA(YuzqO0sb2ESJ@i`*J^q{1_)_WUqQ1GrS}?C8Gu`
zxAtA?U->LNKb(cl_4S%AdGG^r{b->INxM&jvtis#a{@Mlrg~#TYVsb(Nn19CS)aTv
zA2tv0OYW~5?lZ)v__|saNp7-XJcN+s#P4-vLeJ`$kX+9(?`UD`<8@j(kcLO_o=a-U
znP%3Db*~HhAk#Zd&c=8V`_kOO5&=-Y(syBrR7hK$5?TDUbwO2A@&39u>aIyY=ty27
zQgcoe`Laybg~&}Ez)LaN!<NFGZ3r>=*x1-rKkyXJ{dFrIL`ZdfQ<jUP9TRt0s)$RN
z#9wzwG^6CQB}}-Kah$&*eHY#UaNW1;u8F(ob?B&--qT-=3Q8mIEvhuKO#)sNSC0bX
z*;1hU{99br;UnYl2Ny!2`a^b)3toAoSCxCGD+J1KDLO!=B|3pmi%x`wqM78EGL91u
zx3{}{ZK?fhR;mg;Icus)gV%b~%^ITh&qOXrLal?3cV8LIW|V4dRt~#5)&-$aBU*S~
z!~BT__lbOABnVL>_=P{308U9N#!AozJR(?VX%SvZAys|Kgs{K)q4nRO{A=s`iCBq<
z9%)b`z#bX$1AXp+oXZu60|9!`L-AB9{wdo&Dk#+`VKtxzqAuIa5{c&x8sUb&e_Fmq
zmPe!YCkIFSg*;D7fia%@c}!2c$K?x3!=XDQl?T&L2g}94^~HWG`}LmSQsUD|IZvUD
ze4`R!^04@n%O^M3{ZV1q56#x%t%nU3X{e-e9JfRwUM^EA@xRx%#AkJ1+saRvkxNMu
z!--bVw0odM$18wy6ic;l{nF2%K54?}cz$vQPyeO^b7aBo5w{8~a^kS<Aj;;-90yZw
z=NgxH2~ECWWafV?-8edYpY-#<1~{(HEd4g9KIr%^9?iDVdr?uIl+v|(k!oGc6x;X<
z2#2)@uADpda|`2szs~vox_RcT%PTkXui_5VH4(1S&JFB`R9=dHuFFgLa|`FQpd;oI
zR#3?{tJb`i)wbbY|HT%()U!oni|qxj&9IduFiItmWQA${q_+35!BG%NcIx^AS*l!O
z3%JiIZ%-_z!OD*NIFg~)_KGUTCUj$t;q$l2XWDO7Wi!7SKJQJK{v0J>d+&Ha*HJ7X
zy65V!swRp~qcKrX+pO0%N%3#+7wx70(eq9%kDs9c=@L$6%;9_HZEbgQRX(08;OThn
z47y~^vPj>17Vz_d+~&n<@df7%+9f`#U^1>q6L!Y)`!je#w#X>2#M&zbanf17?_tI$
zxZsWS(?C<Rk5kU&drAynm8PVth%q!bjwSz%-4_28yE+KAcE9aIfS%TMs^K{2wr@IS
z@x^HB-Ju@CE#W_SH*jl)DW-w2ImW%wp@9bN;~}hh)$IL{rq9lxC%A5gC?6Pmf*qy_
zU-Qh0vjy{z`mYT6Dc}?&0mkpo^$vp*6`nx}zgi5Eb(rjSS=w?hR5mI67^oS-MAhAu
za=bP|vI?ou^O<E(d74%XS6-w!NC&Dd7cgEq1BVJai9nXAIQNw`L!*(q`~8-=p0!qW
za%sM0wQFN~j%k{J4I)onwDC2D7;EOA$kJ9{Wa61t1XMP&MK>h#gG?G3TE*Y|06hzS
zr?7-0K1%|H>_Od6h15qV_R1Za--JB#C9bq=letqfAqR87H3SaTc|=QQw)POQ1~{M}
zM$!IiMb##c@@AI#gR`L#5A<H*7JkXOS=qx^TOp*S#N?_*cDhVjD5~zcPkqgE2<Pzc
z_llsT-;j`!B{uWakbW;9RCtpB{SViIf<8Wj0^7i3VPgVu#L-^E3*`!&)*<VDwECzb
zLR{1=Vsxra#l}#`{ic(^<O=xL5#VUCU@^M4$0jyQ??L?D2wqYO9lkCkHQO4qP$>0J
zQMD<vS#IUzk!Ph<#Kbt6(2p2NW(Qs0p6y=?(9VOZ@D;f`X-A_y(_|+CpsN=>TzSl|
z`kephWA@?ak`Uc5RXTbV-OkNM6^rVXGb3tF*eXGR&D1%-NAH%tt#ctXePSQlh;uue
zR#D{7LP-Cbo}fcWUtK$6p<^(!4imDr#YC>G$8N60Q44Eyc++~C^6x=9Ua*JPCeG(i
zS5(t!ivn0SKHyNObq(_ds?)mNwB7o(|NI;H+IR2^s_(oo$Tg^8N2Ns*_MDPKjVRZY
z&;dm(|HypaMu2hQC3Wl)fT*LZV_tBU^z0L`(eF+$xYB-aJM{CScUIiIV?@9n&u6tz
zFFEyWE5XdD;a8x+E{Cz1*X&GG=(Q<iOu4c998YB2`wHx4>v)D{GQ5MtqBld0e<KL5
z?k24hjV7&cuC=euZC-aa8UtSFzM1Jk88R2F6Y_?UWXvd$YGU2I%KC@1iay{oFFE7`
z_sXI-&AAQO20sjtC3q|h1n^-U*VQgkF-Of2BFs)X2E3E6Wtb0S&}q98ALyGjtvf!P
z*{psh9TJAqlLQr8;g__=kuUg2QdQW(K8nW9Z|OR>gZ~-fv!u&=mngY6gr<$vbIaB4
zpu@7j;<++`H?Tx)ACdnUojoP^x9`&5y?uuT4a<m(#`sYI4bnU-OX=spxhPhAtOSH!
zFgNu>Lnw&$oh!i`__u=QLAiL+G)1iTyRV>OOX1(@C=q_4`gBn&omgoL<et=7h;(11
zS#gaaN<ILr;SMhPpK9)N(v9dWEu*Izn%{;9RlLP2|5LosF7bPvyaIZa{0f5oHKf%W
z#PT3zWKwhT9d!j?<CH*RIcddS=BwQ8v4V_6%|DO)&zKvOy#9=;ja^<3ju`3kb~G$2
zZ0B_naNr#d7eg8sD{`A`)s8O!>T}~Mz>E6`!PTHfaVWJQO>~xhkvF=7e<u<?j|PS@
z?#-X_Lj#N<RlBJ^)$1OmH=((2;p4{B)8V+QCnoxHkj-;3z3mSrN5eh1t3Zw5gD>n_
zU~N<KrZJ=fvumMCpK5!dE9S8%$GX2WAG%d?Jv-Gf<lU7N1C9V-mb{y}w~ZZ{RpqSx
z>0-3^gKr^1zFH*t&V`lRyKGsqs>N$bq3_3x6MrvrhsZ+LZpuXW+C=lsP}N)biE%<-
zIPNi2$2<xnY_zP4EhVy`EC{~Fzvur~rtETo$Rn#`p7;V5XBU|<P|NyKT%0lCX6f*b
zS}ibb*#JkFZ*R2$D)fAO>+`y$-45n2({bVB-=@Ede~U#A!>EnIXeSBu(e2d9`syRY
z?Y{dSSVSCb!H_w@-e}9H{pR05w~GU!j<k+h`_HR5@U*{-a2(9zz;4v#X0uMw71dn2
zxd?C~xI5q9^=`}eUo~9gZUH^G8|ZUCY<u?iE)!~}gct7wRV(LpGDW`PXD}x@{a9X!
z)s5f-qm#s9N&l4youG=C6;L@EIJt=Al<7hs+wkEUVO@QquGW~?E#iX~e->dMW%(ry
zxY6$v%a`3`Nf}kBC3d!$@iXlF96fS{Z~pkNc%DAIasyyW;hVLU2+x|dr1(nJ<5|zo
z?CPu|LQ`{Cylw8kxHJJo%2v<f4it_Q^VXQk`Sq#Ghq3&|{rpd)E|5<-Px{k-6O7ml
zjVqce5GWQ>4YW=kdnuH>(8Ce)c}Y8lTY?Q@xMoh*F+(tyWC_`Szu+EaXzVQ*$iObQ
zRa+16rb?|an&sPzcqO=<=Jpg}B!rPhF<x~tDB<sTV16vkm<#bQb?X>lpkm~{8cTu8
z03Y=_(BFB&s2xnn_dc$oa?YzCqbWf+!m7gkShh71{F4!kd6)kdW#G~*FPmZRKOzf}
z?1?(O$l|-kbe#Dqi*hFfX-sS&08BY(VUKBKPmz8wvG~^)BqbQNP5P>tSp3Nee5rzE
zI?%L!1)8_^{L<ke(9Ch^qk_5E@$ab_1DzcWL=o`FuTUZ+bL#2@D&qc4MO3k>VFci+
zSEYc8NV+Z}`Mz(wkE^X2Ao2I))F?_SX(#KINl-00+2W1n08`(~_jOf4L{Ky__c?&2
zr^<#1New>S%Cv{Iv)7z3t`JUPzQ^spZYezK1m*Gk^OYUXfeA~9$uqyZ2NR1+A>#g_
zJ(f>KYPV7-52}+13*0scsJ+J{;r`=-ibk2TP`xm+I%A){@b|t_=zH~%kDq9VNZD5q
zh=NVrNgqO&Z1{jJeJ{F(4Ds<rhduaTee0ls_z2cvkE6Jj2%0OoJqG=HE<}6_)r1Ml
z=R%|<K`sGvSxbxx>#uwCkssQ3^CKjGGd-SG9jfd)9}I~OKAxf_jM!MnTzvdf70c@p
zk-yOpK~lSONookWY+71^0UqOc7J0y{RfJNnO%2T`jWRORbden?i^T0<d1ySzhODI;
zWHj8bJWG*<g<o!#!uQQzh~71G)-RXU=NNsnxMn^PZUq##h=9<Ti;qhAWz&YLZU)tJ
zsaIoB%h~@T{8`<$Xe-_`Ugfmg+{a>GmkK-asjLAQZ~?+fv1F>4h`ZSC7{-$}E_%=$
zotPm5J4W9G3c(}$VG+S%f0MvaM0Rze^=6GA4pk<rWLC;Lp|n%eMqkC7frk)zxs(<A
ztH6#B6qGOQhSaXlj?w)`ET!-JOl9i%ojR76T3n57)T>=dXxaCPnQ^zKULB&HLcU!D
zpqa3`*r46}@NvC|H7=rx0vOrR46G=P%0KMppBEOBL=H=nb#NAnL{iJYbrPHX*2#I^
zPKsvuA1!!U+x&(6YwL%EWyl8Edno%ju99ruo*{oK<q2~oA#C`%Qf<?1vPj35{zf8c
z9i4?F>oUiNk`XD-y)N$aIZy`@DCYvlCu~S2fY8vBFZ}&_uQ`s|lQx>Ywvy6!p+3rU
z-*|MV!f|eDl6&+Y$RL524<2Iq40MDr-`H=hD%~)h^Ohp?@yOH@-qYNJ^700;JPoX1
z!RV>6f(RF%9qx}}7iki9^tGBQ5UV-zGK$m~kHI2&44@h;Q5a>U>GA(E-tS!Zx!X!E
z^M|WE6dZq3a~L`~ZEaB*{Cf=QalXvt`B>($Fn>6fYjLr7^NR7_<jU&#{B%>l#JQnT
zyR@h*ZGT#2|53244GH9QxprYN=+I<{oBUN}r+^4!sp()LxxXA)cW1bWu`i1i;;8%W
z-`X(nx6Xf!2%Qrl=tA$n@CjyH7yKQ~GW8?P+3srO)HSPc1Y$f4Xo0N-CgCRN9LD!@
z^`>dgmIq$F#mLjDyzC9pB7X^Z=^p&}LnFQ7V%I$`Ej>?EAy{232zsyqO#{o{`v-}!
z!aIGmZ{64?o-bCW&a&+e@WnJ<TVLqTT{B$hu3o)#Z)~g!<g}b?A<8kyKiWYt6poA%
zNNT&ucQj{p^g_Ar=<2AmT%3w>%b!f!xA}A~XFc!ejc+~Qx@5x>I#rH@6rka<1IZ3X
zY$>hjY`1jlH{n4Hp^E10Tl@HHw*~r<8f84>V!-CeSaEX6xN05|Fl73dpJCRR2;~WZ
zK2r1*_-g%$(QmIF+rRb1-rL)Hmuvh$yihi)Jw!2h@}Na)FHNnbEX$oWJ~(1Rtkl83
z7Kg~!(qXe1>Qm9?S^bPr@4)((B#tWJm{+CQ$bL$_5^pNkOCzTc*_<n$IEG0F6nr7C
zfks0GOccJIT_+wId+|#4Q{S?K=%r?R>Id-C^p^?igQ>0!<4KNM3K}?Nv%g~Axl2lz
ziWd|PCuKb!x8#LIk7$yQ7A*>6g{*4&@ogXuw{6jaI|Ra<{Ib3kae?ic9n?Sfg!V*L
zw<bgj+EAJ0XcW~ho1`ANLp|^N&;b47cQ3(q0HnIKqhb%si0~0D-2GFZ@PgKr{o3Y4
z!3-Q<O9IS_?31B8OJpc($~))i#!J=O_#@OB$wdz9o6cq!gR#T9nMFT+w9@9~f&m=X
zy`C7yYD^QAtWg6MaJS^DgH^KY7pa>`ervN-uu!<DTc8xGby*>RvB?{!|DMc2<(0dB
z(%YA-G()mVIx3DZkLVsj!+@`%t9_7IEh#yZ>V@A+j=lXoiEl*afptJb;_1GnKzWHZ
zdA7vnVs(FB`1~^ms{hBj->aDe`0u~}H7W6Szv7|Kao_jaq6IN*n}68K<j5~xtmxa)
zAesbt<&2eodu1K)_`KiZcoEI7=54kj(<>ZxQZ`eI_E5F-Gvq`(Oq&g1?N=~oVr97m
z^RtV~7vtu&Dgj=GYjWe8!l)B|#5V-y=QmUt+h21k8)4URv`I$c6_1)At-vrc+SY!q
zVS(S7OFiC}FWDw{Ue(R=X4B}f0<LQJ@s)*1)-9HMZ10vMF9HBY;Ch>d&puJ-Y#`o3
znxn1Iwk1<UyY=|<_j~9{CI5o)Y&)E>DU)TSi;Q9=MYJ@+p=c$sYCaT0-+Hu{9DK3&
zn{-fVd#+t9<6;0wY)5O+5gyve*1RKT3XB9(LQN3D=e$ajf*Al3m0gQL@A%S1VsXCa
z&63<4(-Ch1dD<@Tf*|@#nkYlPGXa)z5EjlR3pbLr8(${#(bS@g!$Rzy$uu6JuGMC<
z+iAwO%)PBYerM{@wK@5e3*tJpOr|}bvgj;cZGi2?f(-xDaoF4vK0hxDn*dbvbivSp
zz!4&l<XZFX;24;ZCo65HRQZm=9Fce=FQtbT{N>$Odu2$sJO)emz({Bo?tk@D_AdH$
zHmZ)#*ebRD9jdrc0Nr%1U$*UmzL*+!T2{~nKBVX#2VXZ)YIaoqH;t<&h-_}{=#!Ww
z{HecUV0ryrF%>$S`@PRzpNN}N;r5A!qGSU=pAtx0a=D}Jrkg^lxJy&+6QYR!LPY|c
z4DK;D1^iN!9^oH3h-#%2qIA8HC5BhMk2j8|qVAdo0#6=1uALRG2{kF$9*e8^e@WH=
z)ybpiz1W$-tf=f;F(ec@vRwe3D<u;7Gs56pTvR(xRAt8STpTO*`#A8wjAbqDH8rXZ
zL@fB*7CPBpr))ZGE*(kNPj&X|TcFHE(EYe)_g?5-7aRTQHuI|FD-%R#^;)Ry!UwFs
zFT8^kW^6V(M}TM-Nz}c0|EWZY3sYag)NNAo0*_v<h%-(SN6oo`y8{{i-;xmOGCWbj
z4h}K^uLiS@TMA<~sXx%X`>{g*$FaXzEEvW4-l;eF(7c|rM^9|9$MkKqk_-;ZVk5%^
z@!J0B!}0#ATr{8PL|v}od_6N`Bo72cGH8cPZCW2PFW#!u5Gz4ybcZ_Fa}U!|Q}51g
zftuNx4?Dm<71Ep>wQ-*j;w9vp0h~_1eGe*YZ?lU{alxN|yTV<wz<K3t+R#kx5=@&P
zP<*xelt*9+#P<$og8#y_fz+t9$5!*GIE=K(I(1GZ6Y%nEEXT24sEZt{b6!8CbKW-i
z?2ZBMK2)_BgiN^guT@nTVJ|ByOex~Ps-Otz7zafNz7NSNz5uf8sXg40fnF?!7Y`tt
z!oFg#W@*QyO%^(VH->ekqt)|i{($O>A;9-@TVJe~h{2>X$9<;?jpbV3#c{M+yH;@S
zf}<Y)ZPBN-VAJdamVm`O-QDVB_PqWtwk|~e7Bi!-5u7S`l>Z?Qguzep9tGK<k8It%
zKdG_Rh^1(Ntl|lo92FI4+cafG6jP<{D;Sf|Oq>@9gv9&EcFLB41D3#VKeQ3<OV>lT
z=5!ZzKUhOwiRHj-f(IYX(ll%~#OHPu0xI2@Xr?a_57B!Pa#!cRny5RNn*XK79`(?8
zS3+(OcAOZQpUfNVKv$7@d?#+qU0$G6bb~_W{g8An^9uOT|Mx<<V782d?MLaCF7p|e
z)P`W$`&oY@v$+t2#lYW)-=O6}nB+UzkZf9dk9ZNRM!+`i(bqKz>ztLTbK)nnN+zr)
z6OxeBp~jGCWKU!tuYiI%Mz_jm0pxHd`4|3o0rC)O<Smf$ohltS{gL^r1F5nE@>j0e
z7S&S>J007IZ_;L(eG0HksZ1eBTr41K{y6rn_DLB$gL6h!$;1NMLQAr>!ZQ)dW|16Y
zWw_B~D09_;;*;;LjI#e_rMwVHq%DxL9V#6Oy^-Xr15S)MVbqV*`{wLw!2dCIm0?*n
zO<M%%Zlt@VL%O9qq`RcMgiGn}?(XjHPNlnBLZth<)%U^gCl_$+?(EDtv**st)=6LN
zx>6$SnQI3v@cM3`TuH3c45i`!^&EbT+^E2N=iXpzo+=XUq0bGgielabIBx3JW+R^z
zzTY3ub(}kMU313TFfxT-U)tjI`&C#Gnvz(!Fo7@j)h-bT6TYCACI1(`O$z}+kZv90
zXCam2^&PdP&;fJo6n1ECpIw_G*co)&+*v%FD+btO;0#H}$gdR6^fSP&WEc^<*{((l
z5668vuRyN7PO6hfd{lsN?ilrms<^cIWZh*k!`wZ)V8l3@CMuVFLAReIuAP$EVTW;i
ze>iL9DN*eoG4c#nfvW4H27;NR)4>wk9bmQW^d4DSn>q9yzO9RA!pX!$`bv?HS%W;1
zdskBijJ^)|Ls$?-Ih*Ojv25v|@n_Z&KL#;Xp|bP_Us#BKXZQOx<!jv`6$Od%HKw>Y
zrWAT=IvtUzzZdoeYo6f)<8I#e!h)cNupDNPU-~`IXZDs$o0#wCz@x5C8#@-CPFoc>
z6br2u_c-T3n)=t{-$wxl#+pef_C3bYU`6A^J}>Iw%uJDN9pYfJB0s_s@xC|YR&Yn-
zU8DcT*@I66jWhat9J~)EezbFC9Nhax{F$<MbhGZLO{=SAW9uUDdFjQ=Wht|w?o4-%
z62P!Eg>-gh1O!(42^s7kEpGFbh}Eff3nEqM<_h%AMb|;@Cn=Q-t~sC-qR`Q%tti|@
z!S-VedQq==si7|-66J!~APBog1wj~jxz=jGr`Ui^LDGt?Lx6QRhl&e#gU1y|4Zzxx
z!4Xz!0(U;yvvrj81Ui5Bg#z=JQItn99d=S5%C`t!Bk2cm$G=_z!Rd#kOAJlRIVsGg
zF!GS&&ukUhG$`nsa`KV<QEm>r*`g9C!<CuPfa((YZ*Js2>Z=7TK3WT03bezPdx3ej
zJFE4q3CkJl73^BN4YYUL$yQTh_c1&Ak5z8LowBn)j?-*@(-dv_+5u~5hV3!m7OTq>
z#2+)0?Rk*!zK!wSko&}&KV!#^rGqkh$xK`1n~Tk0mnNB%drlL1HDus@i}r$6vbaAf
zhuCh=Kxkzi{s5zP61E7K#f-^yMw5#6EL)t$dCJN;BB$$B`+8inc-c`(=>fmN`VdPx
zo(!Jv*N!X+=(Q*7vW}dNsglWMx|Nn?y}k6z!~%tlnRaNN2-HNfbny}C;OxSlZ|90O
z<wspcsPLUHm{oQ8>Wf4<7|4|{);mM!HQHC)-=s1~tNNk9vCK!|)uh!tPp@%R%?A_C
zUbBl`A8%U?r~)p=I;bwYZ~mMZWCup2yps}q^>w^IV)nJth!j1NbaT;(#^*brOn0@8
z=js-9k4KUxy8V-O7T9^TmX8}q+H~84t+qR|n8{pbdPFOL8bxUBvg1<3UQ!i=1A~@B
zC9qtDHJ=I!sP3Q)8DRQ#P!T;~N<@GZ3QP&rX_C<5rbv5&AjLeVB-fx{B$fU>^Kk#q
zekv2T-_FDRwx172e$*WImtN-|7QL0%9=^V={Q(nx=VPctUz6(r``+_<<+vniMK>{M
zg8=P*BrWJKkaaMk#fZ%7;^}U>c@f1Z4iZ6&6b8$SPs{-poO#}h6W+`vUBd|H<S%IT
zz_u<GZSj*FgjOARx2WZ*3&}jza(02TL8*jPG3V(%>C~y+HrllZQzzuqwf7wg0Vp;G
z9Ju{5jrAGo*G*d#mAs%swG-$=G<Hi^*ZWqkGoB=0l5ZoJZJEhf+2SF};%jhIG>E{S
zO7y~tza8R>4q4-_;|;OdB9^04;J#jhG~x&+QNK=4YHL<+^%B&KsLhUVVb|L$2?$65
zklUMDsI2w8)e+0dO-HxJ?f>EvPvVX^<46=E-3N8$B05j%TpCFf$wwtjRYg}71t=AX
zv)tniPP9?`---kLA*z`szU+vXciG#<+3wo;zHhX@yZ^xbYuDd7<5K}|?&?W+z*G9Q
zE^tFkc)Z?F6sF1UZfIRJsmFT%WODWhg!LB`+^;oWNhtd#IBOcn`#xHJTX5bS5Bhr&
zi%Ud1$OE)lCu*{IsB_Ls3YLGI;;z8ioTg7C;{%9?<_zcPYc=sHkEbgH#(WsT-ef9@
zK_Y%{-k^o}hK?x9W9Ra1hqMWI2fhSvF^J}02Fd0Gj2a~yduuF7<s*7yQ&Jh3X}|GJ
z@``#fU2{nCin1qg9JN7H7&SVl;ViG9;QS5dNwK32$d}f~iI^pbM`);-0fq5LaikM<
zawFy2?ug<>svO2a8b+4>e}fq^<bjJ&v_X=9Tr~WNCGMBFMte^qzT*P5(<f%7d*K$;
z6;=0nFZRae+9ZsXw@%vZS2fpX9$~3H?1W(*Mcmu3e}{%2wk|L<L#L#kv(K)-StjdF
zTXVj$nb}AHOs*Y(f}p~@j=`|y_)jkP=Vwh`nv#22&&?eij}+Hte$q5a=#ob2xe2{V
zSg<&`S%JlLQo|&Jt(^^T`THUfUyNi6i74&jZ6u=F&@BR0J<Q;BLSHzjcgE#)2%Pl-
zl48tpgeZ4>GW|MVke?@y3{zAO8)`&B5x^Y<{u^uOtijOUQ&ZS0`VXExHp^2Rmr`{%
zL8GaJSf04K^U%Y}i7Ak6bz9R)Z~udvnJ<G96@uHp;l`fKzR{i^bZ^&Vw<JnE6|dNV
z_>B$ir?VVH;H0X?kBm!2=yoscu_Bqz>>v(P;UWK>i=H}7a~%WF^2$P6=SKbA4t-u~
z(KPE*%t}V$tIhPQQ2rGdqQAjC8k#^+#N$vVo3T8kdQu+AJ6JTYMJ)4Ji48aX?*U3R
z_h>n6{|xuNfW@RmCYu)d^5?mzvW?-kl~RD&?)%A%+?aLqo(Mt7sOt@S{9>w$v*S$-
zFVH52HEFT>iP7ErmJ!l=e!%Bk-(~$TfzsdIDKjk3ri)mXGU{^=9PW&|m#mHChTpca
z=<Vunw}!U`Zmug!GI-|H&a&un5eyHr{^XgcfW2o|3`QY-F=*|sS16JdU!m>dY?s7A
z%BtI$C2@?GxV*ZT;?4xb@PAhebr1AuO<=|J01oSun$0UDd<rQ?f*F_W=}qrE#2*C>
zA$(R9&#bslR!g*}2v47y+imV}DOh03#Ls+=wV_PH=H<Yh@lQ%o{`l_}#L>5TiENTM
zvs6XK$G0>n=XCHQ9|yjQ3tNeFM0=^;`Kfs`u27qV{XXpje^QaL?K<D)&FO_TN`55e
zniSJ|zhrQ+x-Frcz*)q^m&|)l#j&d=I1zkFB$yy_VdL{2JC(_*myg0Rk=qL5&%q}^
zf03%MR$=&?n7hhbKfjD1p@|R?Y;kH>xx8$6MHLf4yn&!Jc1b2Hi2um^UVZRIsy0Z#
zs#m4ER1)8u6m-}Cc<E8<999w7A!WiR>(b}>R!G#hSKL+V2Pj3}I`!x#%!rStTcvar
z&Zj@Vu3<uWxDYT!_gPy;T~ZuZj!s@lTTZ5WEw)TJBZkykJzwThBdjzew>V88dTLtd
z)vLR0QUkpAXqiLv;_bxx!PnXNt^yLUwQayQo13*tE*QXSZh2q(om}SCHdf5rQ45)f
z3rict?r^TUJqFXeQvsxJplZs?kcSxl{wV?;w$C?R*SNL}Cif;&-{7dvp`4;)&*M$1
zk;a_0EtLaI4tHyr$`-i=95L$eKeq6nk1YHWNEqI+d0f-(m^7*oqJP}3S>ad$*vsVH
zmXC{MF4R7M?{ioqT(VB)dz8>Fz~u9!mHBjiS?=lD1HV7a{>W_i?NZ8tfN6Q55)5pu
zT9-R8EdPW^Ggz?xqDG(|-N%v|azPQ%2yXb6Cm0Ro@JX{mxm$dYaoF)gIs}b^%2A)*
z9D$GJi=A-&0vn9i0SAn>Xg2B@@C4b*ms9Fa+^&pB?B`{zPm=}r9=E3i9}W&a?JVRY
zSo>PC*J18|XL>!r$DPX8gl7AP;B&&KSXY$p%!3ERf^?T*Mnc=T$1wgfDj9XC5>&Y9
zWuP+e1D2oo#pl1^Y_k~*EJ4TT%NC7(zFhb#y!&#1YV`iej4|JdW%0wbVcQBbw%nG+
z7bqGR9)v$3Nqm>92Ezhf52J>H;&gk$G)eievTu>I)FHJlnR)Df7R^*oBCoM_Fb@5T
zy~X1&Y8<d()0d+<%bX6H+3i>=EVs}KxDQs9vM-_(WZoW_+l(5)y`DSkN5BS_g3NL2
zW4QC*{Ly1>ed&?}OJ@VdvP$S+lFYV4#z|+`OUBruVKjxL*{BSYb0WwARqUyk+&s$y
z%P;1}bDgz~l8J7FOOWdn<;xK!FnkhGP6owGTKpY{eT4W>NNVGL%hw9UfI=VVN2hyt
zVYx%LWiyBMN-w}nEJU#cd?1YAeWVA$XZzG9aNR$lL#-Z&JM{+T3#@;vex)SHB^OeP
zIZ1253zHfkr0O6C!F=wc=qK@UVJI9PT<K+3={R5IS6jSN(jo^{^afFvYhfi-c>12|
zJ~FmML0yJ?wnW3=7!dxB*D!+=fwXcW)dCbV>)#=+7)SvwOUK9(V+|g#Q;J&P8-?*r
zJ&J$!xDMSvj~QOd7@kfgUKHJz1|<uNcDPJFNZI&nptk^=PW;%^pfxqT)XS}R)%2_Q
z;c_r35Z=Yx=jJuqr{!&Xc{Ut>DE-uCHD+JY5$7?oD`rt1QE)Tr0*w8P|5m^qUx4tj
zWsUK%x9({adsmjf>-Rx##x~JwnDH@|=|ZVknZmF;4K`V9lE6T<KOH*equZ*M`x#!S
zexldQUKlijJ;rMLcx}?W?}+MR2fGb3E@uz8itXVesT+d#y1ydS1)i_f93chnucjP_
zw0le)Ujb)7?qscw+q;j@?j6klMhDXjJqJ)o{)u*!&-l5ZQm&^d$g3o$d_K2dRmG+0
z#Km5I+2>7dWo!~9stP8FvOZ0)cVJ<)WbvY!IhZpC%c$Us91hSS@synr5Q9s6576<b
zsjjp$PWpdf<bRDSqx)6znQ1xKT;~F)Dg>hIYlOH&KXWSD`+^lN6U12`@j{BFH-6w`
zL2Y4?`=brV%#7!;OnOssE$~Z^D*>1EqW24J*$zKF*ZgW5Y#c~lBOW?w9#hV_GBCI|
z_t84V9JzfwiW}P60MA2~pCJJl8eBd-Ke$|JTP7A$U1n2F@y4HYc5})L0f#C+k;RfD
zjC3mU^Ao}>q2d4L-vYV+(HX%p6g2-9ye_74Ex^MLuV(8Yzpp?E+ho=|i}4C&y|fP>
z*5^0PY=PyQRT)a$!IuN~DddTuWvK<<`RTmHokX*C24^bBwyJTsy0n@MO%Mf(^*D-z
zHoHmQui_4XU%Qfpn6i7(V6G@I`~+>Ea1carp?u&9r#6jnO1O4a9Px6hoFXbs<G-$6
z$a#u5?MOV9b4WYM&rOHLznHV+Z&fBSpEW}AOdvMf*Ssp481-BxruZB4@n9PaV=EqX
zaHqQ*nJO3OUQt75W*j`j#V})51B!}+jpb8BWx<?~_Zf-1FUmA|25(k=^p+J%4QA?$
zvs+86sbkTg0qt~wC)CU7P!_UnNGUmEp{CyScJVW+vj%NXE#|$gt<ILLMc429hdPh0
zTGf6c^=I$p=ygeroM-ol4hM`L9_d(Bi6oQu!s2d=DNZAaRNz2G8qYKjUJ1h+AA2<6
zpYWj|KdU<<wEq@96y7a!xt0sOK^hzU=T)6MK2)Pwe`SxwkUZqfmR&T*sZ}gJ_%Kg_
zd8|f5vp+U_49Dm{D^(AU1Su><x^wT9NoDOM2t@$OG(vacC~j-K%2s|;zkk1Wi2-P)
z`7yCl{jKMzfyCBuMt~11@wJO5_3e-Qk?OQO{&aS@G%JuH220Ago77~W_(Qa_J<P?P
z6{Q?^@e)Fqrhj6-;48cRz{Fp>Aq~yAj2;t%_o9HYr+$<y6uEWOAcT1=Q6{TKG$v`|
z8auikU=GdrZ=nEdwE{EHJ+Z$xQIDcIq>g(gQ@IpKKew<yma^;Yyd)X{dXgGXl)TH_
zpW>9!5$=B1_N#?t^TL}35EEwY{9fguNLv>5SFcB%O*r@A*E@`oq_8KT!-2h+GL`?p
z4I*tk@zC0N>};b?b+rTw2|f29WyAeaRt}HKQHjt~DFNtsrkbums%5g#;VZNQ=q{v<
z6g(ZwM!P0fSk8kJ2rq4HG>^y5&+Ii<`0)rbF5gHz6lJAaud4^JoLaj-I9(qfKD~Dr
z;gzfBF>YD(Qevxp;`<g`ynvYeaB)$O#Rq(6cfMe9>UitPDc5oTSmt(iK)IlDZLiG>
z@R8!xcmRDy>b4uWU(#TINOgdo1;els{cMc8w_3HfSXyY5NLD3o!Jm7>k*@QJEQ-pL
zJf{%aFiBl-v)w>SF8sexDwpyalJ^#aN~|6=pVGw#`_@HNO<kIKV|Q*q3D2|{%USL|
zOI6nHm)I8KN|X}o8|{0CLF%h$3jpzb9}sh~_IL}rae2nN+#79Rf7jDE$OEg#E+>MW
z?{1>gR|Vb5D&H<G#b4hqdq7)%wTGP5_qTlQV(%%FzvH#gh-&x6o;3u$<_Q~CZA^X4
z>5d6$zy`#%=OKl~C(By}Yaqvh-2Zhmzja1=%>G)f{|Rk%1VUtyamL=L(Hf9c)c2e0
z`mz2hX))&FV9}LCT{fbIHMrP~imI0A4bq5jXo%2F-kyg7=)LL8m9LRSeJ{~Or`~!e
zEn}S}`3RIGxmA0iGg7lcon;f>T&8o%@;-{#iRpd*e4U;2iRQKp60GqxL(Faw*%Q0?
zlOtn?mx++ECE_RGsyPFB6mxOjg%B}KB}M4^>8^p|hNzFgGGnTljm`Y$JP>|VM!o-u
ze{l6Gy5y0_!z0@A%5Z;%vj{DzNK!;}J*W~<k=Ta|S^e<VkFX!~h8)A&YYfd}r~{S%
zRmnYee|;<$sHl#symHu5Td=S2INiTK?Pm;@Ga|VF9259;R0!uhyfG#|7M&lxp`?nz
z413&3gq}usyu^Y~@fe!XMONmOU<a6djgiUp(FX-$jiq~1o;sxaqkej-yC+HR*+Ehy
zMppK|$fd$;y@D1w-jckuV;NhjJ~d7;Gi}Y}hTDyYb!A`7Fgb~P@>9v<YPyslKVaTD
zFB|U0FC(bNEx2Eupmhw9H4<Y~gVysFQt@!E*MUnyVo<h-N?AT=Ud|X_#7~!o)?!}G
zvJTA%q3UnCt8*}vbMtG9LDlZXp)hu%k;lw>mt&a_Z9|f=?@zcZXeS2EQ>%eP$3^t{
z9Yyz9Kl~ZL7*~4an<ia5Qf>k08R45|g&EV2J^5MU=T-z{T(4(NbDF95+pm8dv`sX>
zZN?@EefR)FnKlkVYW<sK*M^7bk1=v!0zaW<7#pS<5mA|-MG<30QCB%2&xF0GW{_zk
zsxlckp{;Mm_V)N+B_9?gIF>HhvLUU$_L2Wd)y`cA6hGm?s|z3&+CwkPt7E$tsYBBy
zq9fVNQae$qnYhlX**3yGY+kn~TYM7Nye8*eZF>RlYP&%T8u8HpfcGtEypr(Gbkd;p
zJ3!MR@fq)PQuHTJk{5Nq#p*|o>p>C~=|V<h5D%Gl2P>?YKNJZZ*Z*7Lm70i{>iWhp
zyv)}L$j0Rvi1#q`POoROWO%D`y(oMfnIAU&MhxHfY3nk>Gj)ZQtDp*@+F4j=GyGXO
zlQ=Did-*qw_7)Y@1ynjI?%#M$)g~D`9%MB4LzF*0JMvsQwhoJ2MRh<wdL98Lh@0-e
zyk!4TNdMN?b_1&2Zzsc=3`f$qqdx-I3aC3|vMLU+NF3N)lnr+mmDf>-W!G4_`{}jz
zNACyrZ9&NzdqnATQswDBuB#H&ZsA?$yQ^9ixNRS)Fh)i9i$0>8AHreW(u8_e6dPFh
zpR^nN{`-KxDUesG9G&N_7VDrl5mNW&#a>O=?aUhrJpQ=6GE@quj4=ir<Z8yIF4>b)
z7i}grc-gII1`V}*vIclu@{xWY0Ky4CWsk0<33LRwQW@>0alJvhcU9t>O>$7jv7FNW
z-EgG*S*d`6vIg(2zAfy__4xqgdaMhAEhzN5OeE#%i%Z$2`c|$$7&o+hT^Xe*`c6OE
ztbT+Wt*#hYEGm1DkYWFrJmvlUgkx08E^NTd!L<C3Gdl$R>_%{f3tkVQ6DLj$7bOBi
zf7C5KC?rRllPSp(XA+k%A2GuVU;o01oGrbwJSzvQw~edxauCsMw6}p)SZ2f3=u<$3
zLNnK#1T;Hh1Na1%wS||mA<7&_cmW3{$&;(%H51|n)JM^;N<l#GC9!rgYYWr$n=$IR
zss<RYhbK^`OYDMhOEdMH%9OwRgCt;g+0xokg{o>piNsz{eXX9glfEb0@t1DPPxLxt
zeB89VkYcN#O`7h$ZuKr_q$Hs?AUDHeg*haVe$7Z{aQ9!*1CSRa19cJNf^g?o;#*fl
z`q&Lh_*e@!TiQ(@pKzkR8k@DOS2p3y+5T3VgBhB`_^q1_3F-5R0Nfv{0pIT{W<-{1
zyB_2FN2t&Iy~?J~KGg{LR~@BDgeJP4*LT2k`%k;095O+a8|G+laXge^=^zrC*Bdi}
z8jwx`MB!}!ROhP~4l9O0@722N+$-Bg$$5fKl+KM|&ou%%#m|jrIL1mxDPdf-8w2Lh
zv$}l8v~{Nj5>FFqYi%|6_~7hXhKvG-O=#?YVr4cS3QHd8c~^M-DWy-|vY;1T#N6{W
zXB-qnnPG~9y%WK}^}AmR=YXKEkiKCq2;KfAzHE`C`aN;??ffK1hHwXjz_+&gvir~6
zMOK!GYFhmc1IB-q0wHw76+7V!TPvSm8q0CKK<(>}7J62&FIK<4#w{`a`9j-QJDiu(
z=qmO)^D3JyPC4o<Zg?ZS+6k!DI%6Y+4AUIpOnz7xaAwE*+E6;br@ysYdjny#cCIE`
zyT*z#7k&LkOD1I@zy#@Y02tN@apmbU*#G!*MDTY6kXk&Dwg(a8Z}92&nIzmulxV&^
zD_2P>WyoS4wfB7a$DOYsyuvzt`vt_E|KR@6=|_9*d|%bq)2v+R;wUjFy#XlS`*`v;
z*kC!zRoH+-@n>8H$#+c2^02n3vsj$hvZrkAi+4K{n@_(&Q*$l2V6`{xNE-GcLBH8D
zT>8mJf4KhB4&6m+)oKYi9Xly~>p}oe^+dmfzRb|L#ZJ&~)jH8_#S^;ZirsLAy-Y!q
z{ZUn)rrS*;M4r5T&^yv#t`G3Lm~vB@oegyI?3?uh+hUjhQ+W-l*!Z&KI@f8{D5=9y
z3*F!X6P}Bpb`sOFHGt@?Y2&0>?>T8e?r|dXUB;;80~1P5-D{8jw7|b)zbPZiloa~}
zqlh$~YPxjKM=Jg}l3eVXB>30Of+$c52cnbLN9kQ6f9T}D`Ck+8f!L>SML@X#-0@tf
zOj=D21?M}mLn}wtE}zZ%8_f~|Qa8_(Eb)<BJ}r%gw{XX7ELpRLcG;Hoi#ZJF{SACU
zKVL+TnZZLUi80eW3}U6j3ZqCaiVxA~La3|yt0?xG8y8gbhIYMR1$#1orylTNp~ncq
z#_u3(%(2@UH(>Oca&Z{u2-lc-8)`jron*JYa<B&#S!Okv8P(QUFXVB10s;Tq`0$Qr
z)GVvi7#>3qDUJkFONtk+h~;z+ZPK4e_T7SYOtJUdWmxQPf3ygY#PN!p-}WG!Y*EEf
z1sil=dZEyu_$$y=laz`8$-c}mQzYSCT=N6dNdJ+^G4G589&hF{y+DTet}p6tV|ayt
za38L@VP!Xi4s2{Udgt|X%~t96txK=`v`P!5nIY@6(hi^N!=HlqT{2#TX#7Xuq_LeY
zlwN;iv)G}xIWW*0F@em_)W<VnL~=MiM>|ZSB9y-aXo>U6#CwtT&{eOoUNN2hyBW6t
z-yG<GJOi=r?qg9m`Xg2+#zpm?t~hgkVAR&;hOKOvOzt}1U;8W;wt&X=DtY|;F`>cz
zPTT9%Ne>ayGu5Ey2@%pClv)W8B*@5edb-T<aOmJr7*7;z0~SofcJPYHi~)_fEOamI
zUJ~hG0VBJ3Xa<^AvR`m{v7T=0hRQJi`4fp}W`Vc|i%dx^a?9t<KpMN9yQ)@g2t4jc
zwQ-$2{=;`4o^2~mQdTs=%Y7F-AmPdE!aBcrpUQ$dKKwolT6Bs;6Rv+vBK~|wOXiI^
z@2;oXPDQ2gHQ~k%Ks7B6-x{^XlfHRT45slfKhG)zZ$M6@-;V5aqkSxiJwpaF_3tC^
zlmRT>;*sQA13>W#eiTW@xbtSKP3Obun5TrR+rq#;(%dl1xcvv<Z`uQ0=+h1M;~CDy
zK#cxdk!p1H{d<yJkvEEY4hpVbjB>m<en9$Tb#BCW!WX<6f1Anw#P*F4gjed}`$%f#
zgwYgLP8YTLeAXpir^Bi8^~89WM|qZLo=2BFVk;x@7W}3B?7YS<Ci4aw=d$CgUY<+%
z4(Xl+yeoCHeEcUDR9w&|bFHc0nWD-@_tV+R3g)hV_#AZ){%G(Nj6w$99?~@*UYt*k
z)otNxW9D7wENIkl8++&~xo%3vS@3pvd>2)kUvZhMHg!*S>sTFD(!TS2TIhez4r*O*
zEzlIjy?Axs{=QYM+P#)w)1GiK$$B8I_!pDP4uGk$V^};qpd2?Luabq8CzzQFZG;gR
ziOP*Gfeg(MJ}eOLm+S*X#_{DBzvR6+a)TEScR;H2sdPJYhbv>K$$G@fhF>I>Kguhq
z-h|IKY=0$0yfRu3$kDMqcwY5-J`6~jradWx`6-%nSK<O3bSHfiv^D0<@ZvUKb`5lq
zaW<1|c1MU&elm?x=A$V3EUkD8FOg?Da$X9{tf0m`4U~+Np)g+vE4b;T<|-V_P0C8&
zB<8-b5Sw*i5<9v+xtlclZM))%c01M)_g-J<a<AlZsm+#ZtIpE1@y)gzDJ(hKM&}p(
zfV2~jw4k0H(x*Mm`aIL+opI8?OqzD$hhIz)+blea*-#95(H}+ZR0HKHk|Gs=Y>~WT
zuJhog(*!+pP-D;+Jve#$Q~Zg|l?<c@+Trr3YSze~-Q<GM=K>7#9xphTYU8IIM%f*q
zlVpzxFC6WRxHZ}qznnJ2xDen5d0;o*{}`wG!-LFxNK`l^Pl>=5D+&~fIo6PGwm2rm
z38Xtm+sGSMQ`rDO&3RWqfAep}Ibb>4x;_e^6?<+EQdR9VoALDQ6AkQs+snp75R0Yr
zSlN<v{DD@=&g9Wsw>v7njY#-+je^*GppksAZwl9-F=`7)yNRNOOtKiL?v08j-&-Bb
z<NI!q{<pk-L|Dk53bqJ0pk^4p4#-Q;>qPa-IxBTbtdb-^Fb@&6t6-BRk|G!3tm9x4
z|KaK3;*kn=!R0OuxhT)gx1-sP@6;L%X@U;jFyv-zD~)laQ&mV`#L7C;#Q$V*=j?&H
zjimn|583OVEI3`TiGp4H_ANc<cuGK(gz8a}Tu|U1M|I*&;`rB>`peBGurxF+pYaVE
zw~G3i=9TywkMXGSjp4c=YK}CEViQxiLI=Ux##avPT4+Dz-*hZs%|rUIcbR?#6$V+o
z_Rqgfz`Oj>v1%ouuH5YNu-9?go9^LnsZ-2Z94j7&6<9egNgP6hZnry7MJIVMaAo8N
zM&S)od*JV3{>DQ9;>{e9H|PQg;6@eHYI>kf9%Oy|@;I#O(X1z?2&WWrCH)%y&X(R6
z+h!f{?r*61h<yR`B=^cQ935xV;b?+K<gII721Ps7mh@5wG&AuOD++UPn~*B=C@f>E
zq29l44v$csvbG3%0icKz=pe1^iThy)x3TePp1k}O(t|gN9cB7jl5a(&riDP5N2_NX
z{_X@B>2DHg1abN+VIDB>vuQ<lbp_fe6$LUO$&Zvi%;-r8ag($U!{80yUc;aLgVL#2
zn=s{IXCNpwvG;Xtw3kaT40ng2IVDF(S<R4Tq6AE<6&JZx&JF6df9S4`JSHQOoj5Pb
zeR^nt%A2d#c57)!>~H0cdQ}kXdVGImI+=Rr!eLWCJ@0WlFW+81wa4yJyTf<@t=mI?
zWLkW}{skkdCnB~morYn?zx&njBOI(sKH=TGf6mF8>@~ZFPKuo9<6UOLO2I)NsfuUE
zDgiK8pk|Y6&MumKsvg!}QC$sjw1)YvYXv6%6`FLHDT*{0MdE8|#y9X?=n^}(`oyBh
zs&&vgtf->uaYDb}tLkelg}tv=`vODppK4RA41dvsEf-|8i>q7-Chh8tYtcrNs+q#?
z*0`o$qU5(=00je|Imy>9?lo8103He*>y(aJ=U+wlG?M%!YLHi}Pyynb1W*%uEBXX~
z5;nMydw9V7-CjfP!c02ysa2sXj`5<5=P^__f1@?V7;-DkX1qEkj(!b){vvm~^;f$f
zxu1jNj_By?)@Z+H-B#~0(dTa3>BFa2hq*c#!QnpbF8KzKQL=DLd{?)TjHAS(<x@4V
zO#F9HcX-e~`@6n|+#JegrP_0%+jJ{d%La8A7;Z#XNs~YHvpm6Y)_d29{1UXFMIaER
zufIh`0)@Iv9|8kt6RsP2Qm!1$^^h-P(%JbRclGBilaKLt<kU17Kg;yDxmzu40*9@i
zt_e&&H$ru-I(+#2H^S!)y@9|!gTd}C2;J4u%FCnLVn)lt`am+4i)x2j=&mzYm+<ur
zft2rsv~J}P`0Q;##HU4GdX0xdSiVeY7cehjc;9G)o_EAm_~~lSWQ|gB@7kN`s)r5T
zV+8;HZ=~A52wZ_eRU4*xIh<mmGjD-uowp78Pr1d+yk9SZJ1Y#?KBNd?-@l~WY?gst
zp=p8NgVJr<b^;%5cSaE{8VrS|`s8ff;Tsf={JRp7mOeGEY{=gJwNS>yUk7;%wyxO)
zXzpJ6<9yCNL`MwuzjWGM&63BSQZ`Tk*cG?@N>GOnGwr^|50^iDn&@OI#K6`hJQhIJ
z>DT<v-`FpXd!X{3kL(RMTaexg**uOtRZgY-V3`W7=vA{)(wXGX=tvAp;WCu9N|cMR
zR-^PgQQ8beZ4mLJtR7^5(5`q_O(HopOu$UuNre7ifVss-j`u}=gG~USDn~7s)5it7
zLoZ)02#Rh-G~qsw)k$nT3o-WMj=>c|Ae?X(%{W4Dpq-nNwRibxxVr_#*1{i8INBB)
zJPDVa(3;3ADQtYXq{7NSXR{K@o}h_1GM&vm@NOrwXxC1RTG-{$`izL#FT2Ea7=kz*
z{}j$D8S`+B4GMj*Hi8=v#hqF)W`l4F<3Cft8hJudz`|`7*8any9~s;S(`#EYsPB>)
z4%y4IF{rGI*8Swkh{ox!5`T1~tFF8n;fmB}Ygh|HV4D8d?cy0*KzoBN^IbV={j;ra
zbECam1Mv(`C@FZucm2Dij5`j(*=8GT&W2;T=6AsMhvsQ9DO=X>NKEH_b;z<8!Y<oz
zf380By9d?w^_A=vrmLByw-gl=gEV~4=jTH9X;5`E&=s`F)s+`GDutvK|KrkGnP$G^
z!d3_>f-FDZo~#JOKJb^DOXG=5ot~uBCA57=QI2SvYyPe|33@bb8hq_&p=1rPMjDfq
zW6|ALxjH^v30e4I0>}xMaK$nl+r<ins@aY8XNvBRtNrz`pAsuzJuTV%HHHt#U}GlH
zBodWl$3-J_?Px?d{q&JB;u2J@9*dEcq+Sf8lsz-P+d^InWEeAeMdann)EdJLCScAU
zk&YPdj`Ir^z^&{`MZ~qc*WKa0%^1evz5j0WN?D4-F~Ds;Ft0lPptwKI@OO08L|s^>
z4s_;+XhMIl{9utAui}I_!E7sxxV*q<l34wXJRP%%XmkUwm#{sk4DvzI6~QYA<Y?kZ
zJ9^`A-w<b8!D>XbfjXNs_$+-tQ3B9iOA_=<T3l&OJJ>YcnoU;3c-^j_X6bgGRxQJ?
z4;d^TdzV^HlO-R|2<<&@>K8m)R*#V?WTZ*8ffT0;{W*CuEbSB=UCQ$r_VFOMit6t*
zv%fM;8%?_1-RGV!pRUYhxUE>|HI0c~?m9GUsAhf`7bBEn+hLQRIPgtzGy=lne=qoO
z8GX?Wps9_Ba#;tnmGkp{8V+ZwLbOMU#s*fu+hT+@WC*kb%jy8JVOI#)Lf-%5;1R$<
zUFM*L?(SVW#2+&>AKUo%ZGIhvWxoPdGsA@=Woxw>eef{tsyjT*tXUskVAygp&vqUY
zOaCRJf?%Bbo%AP=!qMQ%Ty{#xJ}mHcX}mT=Ykewjb~+$Y$3H%Cw`M8XilzmhDYBOj
zX1UW2DjI~3lm}@1kCgFG&e4{tTV|xXe(kUZ8*aulLTz5?MX6ZXp{-4@;0Jk=1h&Mz
zwJ84?JX#5YS<X+A#lfymTFM#cs#_X<rTuX}s=!hOl10yI{T}X0oZVJU0hOQ}mYZzi
zx_O)=6Ry7kz8TiOE76urd2s|uKDxclAs5d1g1e@5IQrb+-4Op=pHz+hQbMH%Hn`mK
z2S*ceC(3lt$p=J>8ica=VVlC@q*4d%nycP9L>W7@iR1|&`Ef*uB#SAa&fNjziBg8C
zz&~XPg5p$iMH%1LGkB-<%?-_=Oo(E4SY77fjBSN?&B+?Un?Fk3d{?sJjRq-hj~Al=
zLt1<--o|uRf0PN!71B->Lcf)K7-?GBKH(CPf&DX7%NgTwFCQiz&x$$ad}^OW^(|tK
zG_hC`sPME{naFsDIx4oE0N_zc3Ze@)R3KAeM(U9so+kLp)k}r;BDOUI`TU<Gu|r)h
zc*c&aE?Om#r;YYhW)L{Xa~sHW9#!Ys86L-Gfjz=X?6}S6`59SBydKxPDqe6`2288H
zb(f=5yW<=n`;m<vlfl*j#m6a}u0_8tsq$%1u+U#;(*TND0~PYU>A&(61<~K=%>-<a
zzXTH2Z#$(nM1My6q$IlIaM+azSsM(uO|>&^!Qt#)=D%01ph}}c;A!*3RFPGZM0-^)
z1v8_Ao0FDV&<)YPTx8W0Ut`)QJCxCvmLBR&N55qf#=C>JPv!U_^UoITQjc<6MgwC?
z@U2QlDv`?7==$>e&mkj{xfpL|MyRCP2y!OjU158;{{xdSUJQiww0#oSy=#x)lIzxj
zc~vmEs-05O>Fb7P@^+TmMO){_S<IHDOSk%^tb?5F*yS90G!65|;;}|veq~VBVl~E+
z8S81tauJ9~1MNp6tRw(%OJJ&nk&loMWlAc=nPmTp7V?#l51dYjinPl{O)8>!oj^t!
zTKg}snR#U%^iD_vPpgmohU=83TxC#2y6O3bgW>$ivE*WMDEC#_TZivWMX?0QtIs<#
zKb-aJ_>)=5-5(AK9=49bt8#&QTu3x}Esvj^=uM>b0Lc15w+HaMDkP&NBJdR?Gg@yX
zihO^uz@F}4WJ8na#wrez48bx;9S7{A?5eyRR5?vLOGL2FXb{8o4~_A9>R{jdQ-44K
zCxDL0rRUp<l*AaeBs`>U`NY8K9AIMNcOl+dbmW55yk0@?S=>?cr8bnYxSQ=~s2{Mb
z04j3=2}2#)feK|;p2S}`O7zh9t8Q><zK2p=eWdhc6Z9sRqMZVksL5U>>1fuAD5}1F
z5e|B{DUV0jOH8sy-&+T(9!Skm9hn}9gH`vSmND#ewO2Orc~P41X!$v7p4FXMJmnZL
z!&1>k)n?w2`@nT+9rGEe)gL=Z?$*E$#Xa8b5rDgo>V(PQo&e=ca!RnD>VM2juv|6N
zi=#<~g7_N541f7EPf^z>J>wI&`(^8uq<X*JO?TzL1o%?~y|{gnk9}PpcpvOnJwVoS
z-Dp2+Jl&Ovzk5-f1zs3X;Oat#H+?1h7O0PJVVDg7-kGngF3+tcY4%XWHZfgwk<Gug
z@|sWcKSRC}%$!<2K>njD?-6ncQN;L3ARh}$O4HSxs5Wb9L=(xYsF;&rFh<BqVmL3Q
zJlw;ebN<ykq_PX}XEXSE*<RY`VlTbhX3Jl;wX0K0VaH9=Pvdw*4e9Pq&M5^h2M91~
z09gEz8J?Yu{S!9)mTxsX`C%K<O5bw`@a}m%Dn)vTpzqBEwwip1{)8pH)g+_AB8eD5
z*s5eob!wtC7!YC5-C`G1`*9?flLqhh-Y}6m+Zd?+D<<TCDiy!*`-oDm^G=crG!+>R
zja~?w9JC5PTwr`jm+%7a>J+zmcy9D59gy4Wjmsi063!YE_OTjuFE*@@4Jy7!bgNJ^
zoV>ATx$p6;nE~G`cku+Zaq8KHRw6jc5%g&mCIC$>#t0XOX&Xg<kko((Nrh}x3o?i*
zBzjXwG)laL29+7kAPG}caaPZ$HxlXv-+*fbqKJJsK?1F|(tA86r25nu&pXORA4?Y^
zN?A9qudBFPceRSk>D65Igo?NX1uZ%E6I&Y3TU+ifob^%a$Am@=18&2^mfY6_P7r={
z0H&i0zKZ!ZE2MZM($Q#sIJY3ElmMhkN`~HK-4GJJ$YkzbB@dNXmy*@8myvH10Fv_@
zfg9%YJO(rsW9J9vZU~r{xhWw*NAJU-kb$OFgpY$-zkDgZ5>cpD^UKz|%!~JEn)i6f
znSWs{7!2dYhtp8iMc_@nsa>?CN#7SqhK14LS2RxhaqjqBSau(wNTm1BaoNH}h(g3G
z)c4W}eNeE$X?_D6@Vlw0%qZ6@<!lCsLfgw~6DJYn-<kXS+mv^{(d01}%}T#k&IG!G
z@@A$rm7>`dcUJ6BEoXA{O7btJq;F$_Wv+(U{VYbBEIF!`k2&wXC<+{YnEKGU_urq|
zWOURnVX`nDeSp~;JAnq##+zgdS|KQjI@L|_f_mAURNX+aG*wEjPF=nzT{Tf;_OET8
za|4_KVr&DZ*DqA;eBIfruR$HiuX|=ZyiVh-Fn-dhSvO`}IC6`(aIPJEx5_zDX4AxO
z-1*6AQH1T@H>KU~>@c^yo<pw=`-&9UtCErx{9Z@gLeOb>_36wpRhWN}{#fKVW2qs%
zACP-*Pj%l#9MFHl2`Zx6BvZ$O&Fe@b3lSceEGP@(<<E;j7yLlIm`{FuTda{dmVe?M
zJ(I=MZ~hMn9luQV>OvQ6fN=0IaLRUP-zesaL<XM1L8>qt$A;TA>1%k^rx8@1q!e54
zAkXtYmkyf+97DW-N4(69WxyQokAdSLPH{5j+Zp)xQwxhKtORz!7@(*IeLx{Wi|RY)
zD^B4>kqb4)dvT5axZgO>u(ItM-En%}PjVi$Bo{tA5<a(9eG|DdcXH1z=dX8AZ*B&f
z<&~YV&eyD|6Q?$1CgQFXrcD~w9wU(?**#euG`%m=0L8_%Uk&~7WIu&#_ys&VQh9NA
zI4i@OulQb_i!6T#RjaAumV@}M!u7JCFHE~Z2L6<iirzRzG!KnGFIzbgeM|S;r)Pj#
zDvJsCqqJAMK`)YVd<~vX^(4fDqQ)=<!}&`@tI5Tp=H2x9ydl;Pl;sXaOJplLATIBd
z?yX}-w>7Tx>nbGh09hAQX!hS~T;4?{&#<7?6DeSxcc>VV*nM3r;H$F}VyS~gl0>O!
zEQz_XEW6Q{2=R})O9q2M2Z&JvOA_qDNMU;8Jjw>L)IFD-!Ij`VkQxb_2v^mZw-)qt
zxH@|g6z34zf4qwV;?s|<=dN?0IkZKcQ}p2jJ%U+sVz{CHESWt+ACambPkz)^KxN(3
zDLOBk>VR2KLs>|y_EKY*{b#b;0%_7fBKW@<)PO;OW`GEq!C4aN8_*0|POXWY3}xF^
z(<uVc<6S<K{|FbNQV>WmO%sQJ9g;Exl(2fQ&8PC0BxkmkuRazo)QoFQP#bOTi%zt6
zJTfqn_Cg?Ei<t84g}?e6ML8s%1~ILnIeeB=Nh-7y!U#%7QPirZi%Jh{Wu^(1_p3`-
z<PEqbc+r$}+@HK>SeqUoO__K<$*a{w$jyE-I@S>_mLG0=oB(*o*5<$!d1`dT*@H;#
z(z_kMhoU6j`+Jv(dsJ=LlP<^uQEq1J6McRZ&N9aUkKY0KkO?pRbuacw5Kbed<W}`h
z7P-R75K&MPK(0ioNZO3f{!ldy#>Y_o#(#|4C8Vv~gWozqxlX@(xEYe#iKF-#t9ovn
zI?%S7NL<9GXu;h4BmyerGuwY25_ZhEhO)K(a)47VV+u*<;tnc1{G$*T(xC@QiCL!6
zbmGz3r6MR~Q97X#usW)ve$gs;v<$`GG_@^|Q!M`lY%*FbnWmczA``Zk%;k1Qrj7Qe
zrKAWv;TCdhpp+~3gZeZT3jnRZCXI7=!8_ku)5#T-osHumlVI-2NotgQLj0EG5k~R&
zbqybnC6ysY+f*1&q3-rpi0qwe#|(pgO%hvelKtn!>1iAF?rEN_0z%D%dw~ttz3@p8
z`2h-eo3Qf^$Wt6}V#V&NX<C_);|TYQOz144?i8qvuxS{^vzuQF0(FL=|F7!v<W(LB
z=p=h)MmXnCazVudF;hzI16Lw#+&GCMzj(%I1I{4Elw;XXha}oOO^Kw5%Fa4RYr|~n
zpVML#q(>_=a99htnLyR9AeZA{U;rux-ZcuuA(z64_oJjy@g*VarKk7Nh}9{KrSs;5
z>*PWP&|bt9HkJe*n6wRt!lKo-H#Srcn;1iTeG>Erzj_&z-3C=2^&ZNiy?~a;V_~&q
z5eafO+@c0h4)bAX0Wqaq<Q7LJ)ljNMFbHAOgvo8W5Q^8$g6Q$JZBmfk))D*(Q3XvA
z@Dp)pE`xtIlP=$Xa!oe6ZyEqKnVr2$f{mr|+{km>&7e@sJtsq%WXPrq4VLtG9;E1s
zMEHLWktk&wPLN%zEwl)q7`I%jrTg>J+A|@+B$`sQ1tM$3@$nNnWoEPq+VAYWD|Gpm
zdFmctaMVkS=F^#$*>*Y^M(rNnL7bANEw(>#Z_Qhv-vTvsjtpK04MJagCW%s#ADTM9
zp1}z3mL%wb6RyV%1@nrf8)EBUfk!EOr$sb_?;J>}R2_OPKxHQ<OVjAFIp*m5?v+Bv
zh*Lp<I0WE)Bf5`UO|u8$IRmEY;}p(UUw?`M(l_4D-X@-)kYPbrH{;3Jg?JaxY&7NB
z5^`z(>$~6eewOmSjrZNq^rn$NXNC98=#7IG<`PWxa5T=jYLoVxRJuYphuPJ90og{|
z&IU5wKpT+z(b^wuu-$oDM6lfg{jWxt7#Aq}?O=H|QE|d-$Hu+;=BR~ltitO-!;03b
zpn0KAc{F4J5M0Ij!Tu>bD1Iu|w=GE^x58SN-^S|x!1t;~mcKuO`>NQX9rUzpF{mUo
zl`KV#Nd?3gRxm5esK$%N^(Xz@`gn+8T0~hO@ez)?t+ddmbeQDcS>C(oUj?-ezC7Cy
zR`w?l099})vT414%haMheO(bYWqtWe2{>+!MfIFbSfRe1TyI=kFp<M;Y!;qpPuVSB
z3R!HJ%URNBAw%DqUHB10Pi?`TEQe+`jClFYa;{HoA<7%VkY{<oxqtoy8^q6pVvEo)
zrgYFZ7@sp={iN8UbXe283z3gMqB!9$i0D+d1N`8-X=*bpD6qHwqcj0?gCns1n9sza
z0VN4c^`!kh@jYO|@Aw<upVawXKl6K>c5ksq@7#J}WSy>3;|^BddO7xdY_yt-ttZGH
zR^fFh_-+O<q^I#NFHu-xA<nPQ>k60BTkuViouiS7xicg-eE#AUKPh_dFTx4kREOA(
z8m^CWb>^d4h2z#5gxqKV{dOga%k^8uH_sXUw^*NC{UiBR&Ep!aYCOIvoDg6U&aKgV
zxj%30l=Oul<z#%mxlyGz=eAoD5})IpW|e&kYs7`}FLVjmrIy`07cz5*_t|FV7>CQ_
zWQav=mB)nR|Jjoo$L1^ejyJ<N>_LejgaSneJ-8EJi>J?xSXpBOQ2Z)oQNYU7&<B^N
zw&_>s4&yMf?N?|&YqihYQ1&LF%3W#Y<3eE9rRGy6l4WVejLnYbS>p{Hzco?_uWKWV
zn#^5kq^65b0eXOU;qKN`GSZu@F?Gb~5nWF7*iCtPNdZBg&~u_o77A1pfnLJ*p^y^8
zsPD4LhCHK;2jl4xfj3!`unDkQ8r&e@qobl~Lq!*vk-D*<Ko^PgaG_v3w1b|qb77z?
z5&QZ`rXyGxp=2rH<T%x!>vys?L-TDL=i})n^#$Da=DAnb>Da=zfCzq4L(*{yg^JzL
zQ5U`x-+I&c;_uEkEfs@nB&fS6`dWu`h@d}GeTK%|^q6eT0tT2f_M$Sxyh4+(Ok?ED
z{iNQ!D@&W~ZN*H9)d`ZxK74fV@$hI|;YO1s8PQjxEc-_6;*JLMdgzcl{L)U%A+B+k
zwdvS2qcz^d7v<b9*l$%gf^}+%aP8e1>AM~#l3yr{io|IVD1U`w#3^P(mM{bzN`)>n
z{G--D0w2hygB5-+)UPt^suD~^BNgR(GEYDqj`B|`Lv*1asfdB3l4MEoK_tG1xzfDZ
z<~&o5vPCxMD8QMP>zIM|bc~uxoZsMhC$QOOyR^>ds4FC`aQpuIN3bK*2qmBECr1yY
z0^dPO;Wmy8RH2j_JhFsqTggH3cfcu1tbCerR012Zl#eo^twLNC5A}OEW`>_RoYxOj
zcEA7aMJn?iNun^uYT3RZH93tM6Kees@8FJ<&2AwsSJ3xWs_*!#<~;{jac33F7eQ_s
zx`G1SHo7AQ(w=5T_a-D!E6y%}-}=gv(+RpKXX`71DHk`!PvFzUb-*|d@lntAhS)e+
z1}>;GIpL+??->TLC>$&a+H*S4HKitTd>vGz2p|ZY!keMH-f3nEDaqY%)7lO4(52{6
zAOtD$Up=<V_q#Jv6Y?x{FXD7EYGJfc-1%0CPk&T;^hxxWz^v6lq>PgW)z!z>bc;_;
z4mGaZKyl`cQ%!)YiYm|h`+|)RClR(k?7MI|(+)7f%YJ-WSs~tMPKC}+$JB*4IS(SL
z<sA{Ue~(J(4f;3?O+r=PBi*atvz{3v>J-mNK=zAYrO$`;(|YREv3M%9P#(rRjK*4L
zNwg0dBJ$4UB!R^Vj@!}{fppisQIqo7O5od`z!EOpFYBJc0v}F$8QP=iX{B(FUp7J!
zS?->VGx|2QO8WEYEeD<EY5qqWUH1o8{CqAUD+)Zd$W{enCz(c^#3H<BIBMgRzTd9s
zpoVrNQ;~;lg{VlOiG?vcw^hmsO6W}0b?kOIB=7^g-~(c<)i!;RY07MiI`it3k{c&U
z0N-j_6d~od(`^Q37p70A`xN^Axx?=R#Ca#XF!oVNYSTB7KBBKeQxzMHEO{}^+&VuM
zlJIr!7hYRlB6Wdleyv|#?Fk}0+!%MY;XCvBV{NA!y%AAbtE7R14mT6)$O_{MkCA89
zvg+#YUf*)bQ;D0~0?_yiYrFGaC(Ht}=9|1BH$&wj5Av7k=d04o0W=)T&U`}E5o5CK
zuliZp2r*W`E37WW)Jxj<2j8sQO!8OaK}@7o-!yve?T)kH)n~m8Bfv5_SI4b=5851c
zSW_$J)Vd+)*?znx7EX@XcuCKGQIe1AeO_<LsPS-{>HTWh|2Md-xdA{OQa4oIy9gSb
z{~ej8UsEvEHQIIx?!>bg<kyc84@C1WDJu-WOs5wf6%b{Q1>X%jR-VCPJEq}oZwoX;
z*_Qi#+Dqy(=bQKbvvkT0Jt==5dK|F&#2zQe09SiwYzR8I9Yze3b}XnYC{tH!&|kp4
zYyjsF@LIE)_A9+|n=&d_wRU2H33+ohD&OI^wa0}ovI@&x#9!y>@7m&8#-3!KCTxyn
zBTW3kdDAvB?673(BI!T4Q0^(w|3!V!2P4jzXcT2BZHo4cJ1{AG1_N8%U^{|Ycxww+
zVy)T0<!ff<)K7vhTIry!ECo1|7yA__VCS1C(ks8;YlEjmI2_fV@-aTtI$fqmNS$)#
zMl@9@gyLdJA2U_>qh!YKQ$>etG090k#!}JxkQJh-s@U~pe@u=LjxXXtlhEFEN}L`1
z`f5Bo^99*==rGA!P(y@fq&`}Mo^^@)0p61Inb`nnegwEzTU?h^<WBLjYwM3E+L#LG
zkuX<sLRcE!*vb33cd}rn$`xlG|Mn=}oJ9s?32$H&`-pVmBQY?~xQuy<gya3QGI~{D
zdxMuizxS4;)uORAKaQoqtQC(tlFWrwVQ_oRh^CS?+|<uYyBU^D{A(!<^BQ@<tHTu!
zx=Qv5NcYkYOt$ms_ezG#Fgo8r`=dk)FadI*+tp}b8Aj?`emuqM@-z0RNxm3c#_Cmc
zL*6{Q#&P$9f&M*|FN$PYu<R}Oi?)kWxh*zr(3#jddzc>Tlf~yQwPyb{STxMTmMiBo
z=YfWZNx5OZXB6;-#sktV1vx(e$>{cTBZSq2eI(wvaGnj+&_-+3Huj)Mng<)!q?-yP
zr76nDNUo9jt{S<Gh$8X4T6hon%cz??aPNjHAQI#+qsLQV5+Zj}JxJX>g!f-{vjew<
zPvr`c-@6vt@>Atp&<^XluJCrfh{d#a7nWe>70*VbL(VCu0l4>ui?<Iji|IQ=O~1dq
zAJ5oE2cmbJ&<j#`1U0ItMwQ~{+9z5C*!efKZrVMrlC~aTUKBWSb`!MfGtjE{u)Y|T
zFpfl{m}}T~<Z>j^UMx8ihq-mEqz3NoY2(`CB7cx69N;$Wye<4Y7<^z3#rtp|c^l#r
ziAZEYyKXgCC^)7{>d5V<<eJHen&gC}i~#FtvH=CO7kFpN^h@4W6OsY>AMo*9nL_)X
zAdZeWTE22QX!k=4%IyrP@_<QDC!$~~Eo&9LK8IZ=LgxrvHs@)}FJu`=k$?3_fl~ma
zM>)`6a)(nSfpC3t+NsePVU5X3twA?4rTC`8|0C)uquT14E)~2;aZhn~_X5SexH}Xm
z65NBk7AtP0xI=@xdvSMnclpvj-%EdGtt4yRxpU^s?7ioR5o37H#32>IhksK=Tmwqd
zi`?74Fwu5GCeWXTlS_*4<WMn6g~{VG&o+nFfxyn(=Dv1OM_ynVS-;YYS-w)^ok37Z
z(#{uzd*}tpNPEf+#P%!0v)cvuxm1X&Q-kdxu1?zky><R9L?jdg{qF2WIKe6-UU$7J
zR86wv9F8PbI+gdI1(cc#5DSj}Sg<B@<WDort0*8;6CdcKGw@pq`2YsFa@^J0y?U(v
zQ(noPVVv96+uX)qXFpXAtwD|RG9Z|~)U@><2)AMi`$MoQqg#+-VZu+K+y??GkW+rd
zj3w04L}4*A^Xjhc;a63yI1ZuO@Y-5}83HOm$E(&VuZ+!6%NCpY(A>s<#4OZpcVlJ7
zEF{1sUR%6gX3)*gq;(2qz0r{UyvMZY*(vNeq-}D)VDrJhqxDxlpv4lFZZQ1^1hZ^#
zwF>i(Clzda_(K1Qc<s^-5PSjwrMjK3ehlkCzkE*Iq)KXeuk?@o&w}4#M{5f`(?o|3
zc~bTN`C(e)t+W@pFC=FzyiV&YSJ+%~G~~l<+~$2Xz_v+hUt9XRdZ+VhN`BcHpPRR7
z`aZUl>t3(i#8-rNBQ{55-oq5yY8dilijJgs0y9-RkgvwBcv-3n`ykD^R5=T^XTp>T
zRwpp-=JhOdTN38K$V=)f-cU1C&3BWG9r~e~ZznI)4Mw$YmfxcWVWYSu<?%T;((*c*
zsyTM(@O1q8Znxffy60sv3-6iX(JFJw<j=T-DaiP=dv%gGsP)jo8O95ohTQ*-1d6*n
zw!jEz`FU1$6iv5I3Aj&iOUk#|_G9>))z9dW>v8%vwO%_&_S2z}lxm>ovWNNdm}w;R
zk!R^m0uRHu)`D$-qyGlU!_tQVGDz5kx?^BgA?!*5w_9yIO+pw8kvUa%PNn-*1>`g)
z=*25(e%iN`1pOe+vuO=EiA}iV?v>i7ggafrPdgqMJvz&z`9i<q&($#BXM+Z;mDXzC
z-FD_vZ?CibS8T{52XOjKq+TcX#d2XAq?Zq(N6TtO<~R0>U{L}!-Gye^Byg4pdQ4uR
zV{crNbGymP$TSnV2BU#gy^gig*yiZRMv$okU#`ciX?Fa&bV5L53cy4AU`_<!^|dkJ
zPSL6>xQo-*1|>tAA*FiU3HK2$ctE+$m7xOy4}at_bU@POZovS>H=~^}sj}gY;8Uh=
zN>gkS>eOSYlajb<#3->;&h>-J2e!BjFOX*ttnEa|7Fe9<Fw4glNC&zu<&0F9869SY
z9~{iOJrarvj1E^0lKl+6k=x>_CTzhB`}KSu1X}>IryJ_!UQ%>SK{3&W0BL6v<-WQj
z5!^%}yE@1>FnyZ>zCdbp-7}szQv5O_tN@j+Gwqw=;csM;9b6@b+oj<JGrIzDz_vfA
z2LgJUTkVz|aj-#^x?`T_RM?dZJxDl`T`+$1zjK7!uBN)B=Rdj(jq@oCQy&ZV0Up=a
z97vl`hHp=Dym9Icvxs1H-~D(`@N@|ayb+&&tW-bR7`StoNtyV<vAM+;`JJzG#;^0-
zfOAx(tq$uGHN;2_)Le*>CPKb;eX(qXhKf~m44Y6m+n_ODbDVxfCMr*&A128pZ$3!X
zt-O?NXpsTm=`8JDH%Y|db?qHH?5=eO@ln1ZHfEyxp!iT&d1X$ifmV5;!7JE?R8vd+
z)GgbMTAziVKLh8FsIGcZLs{4_8icmXs$%dO|6sFOY*7n{4SKH&R_pW-THtXPN<q=2
zR8i`<$~E=6iU}sriL?t>qA_^d|HJbYHpa8pJQ7G6jONR(3P?K0I^+o{b`3rRS#Hmm
zEG)Yp(=M4ph37~y4Q=P2?iH8)V6{+S*zh4|Sk(!%eBo$7;!qO}!9AlM9#k<SWp#0f
z&|^Ei(7|`#2F%~G7?tBBfC66m0}$U1pf8)LY?<Zu;B&P&^CF3w+P*MB^NP*t{SU0h
zO+UuBgjgN8!Q;v}@Lau#VNDSNUjf;z^4p2M^r4STAEe%JhzH-nHb%G)de+=L*WxL`
zDr<>@H1a?CjujMsmvrQ+7W;LZZetmIg80Szft%ZSDZ>s#!|ewzx70T?W^dG;|IMC0
zBAd%^qmnIj4PxWi+fXB0`~)?})@(XP4Gl{2^O85x;9Nxv*u?+kWV$r<gl6PWktu0S
zH==Nn#Cu<DGi*xr+4+@7yUccYtc(j&Mfh|<a+cJEH88_N3(nK~ff>Uy%=U769`{)~
zZ_wrJ>9Ff}ZdZCEwGmNINKBWCDP}-o8c);{64Ms1FX3xZ4KRYj5o-@|0=WmWi;Zbg
zVLpuqdm2lHXA9K+hvFgeyf<NY>8JpJg!AON0-$~&UYno5@#yCj;j)I;!Sm%k*3bT7
zzNJ_*94%Yx6Fe2WQfNigFVWf{tWQFjkm!tt@;Uo}Oss%Z<jSz!Z=lJlD@sgT^rP^R
zXUO#^9NUD(NfQ;?=l^+&I#U&$3n6N7aboofA8IfictK@;{mG*?KdfY0+$<JxN^T?o
zNnzvNG4D|Blz4m4&TG}Z_Kf4rYIW3856UQRC+bs};aUfdD?c#kk35i=Ju~v5PFqS}
zP$<qNCiRjfojuzA_1b(en~_S=2@~DEcLOVPQfL~3Xa(T^@g>6$eWEVxJ@G!d4iCyb
z@xUWrC_4i27U0s~zN%<Wjscz6^LkSf<em|!B*CTab{?1IS#5-n3SY(L`lEt0B#(c+
zcXkkEDIEmC0t6u}f{?f*YkRmUkZ@Jq9$arXih*m5A<^F>V$l{Utv$C6h9nP(xZD3v
z9tRT3hF%Y}%!0~IX2*e}CBhF92@PYNj^*c(wQ&d43$>G^1BxjATEiJAP+5PlbBA62
z#o-5TI?e<FSSq^;oE~B`+4uldQ;~WQJ?$G)daOmi%&0dXUvQ-%HzL$o*;^>Z%XIk=
zF;2wuh2l}Je*1Do-oCD)5ox)Unh{>6Q($e7#TBmEP>}n7<dcrz2=ZMI<x092k~(X!
zYJYb1R=Bu9Uom^8JD|H~mFT6K0u!LGZ`6F<^W8wyW<$pA`F3wI&qHVhRCL_^&x1rP
zk8q;$LX}lNvP=8>`_<%gT>cd7n`t-QGrJ8sl?)R)a9aBn4>%RX20h-aUza^6a`jRm
zcwOHue{%k!_bl3)0XfL;k`pWhJPUHWV}(hJdioFfWpdrEukS?3X9`wGNWnF=eYk=F
zE%=9jm`>7$7dH0pL}W>?muK@Nc>D)9{4{r>K;#!eg^4UXGG`EOs`=!(AW`&4RjB%e
zAdsw$t|f7#aX4q?UWCGUBPtLu-bcO-xa=bnY{|w4+Z|NY5!<kU1Ty|3#!;&tkulmt
zq&KPEmL710ZBPJxP>fzr@nF06B<gD@5-4M@tt*`2?SI6nhfbiU1ua8lQrh(^MY>4*
zJ?_ec6x|V+0I<38EytnXh6Zwtjv{xYM^Uu8H3?XQbaUn_C*rLf@?8+}S=y_x9%sDf
z*!^}9MEFlyCX$#|`eC)GX3o88enNIn9uBZp!=OJ{sPi`=K-}5m^&+zivfmpJ77(s3
zMvWb@vJu1abGvKHygygH-wU&%s2(MJmfAs9VKiw^+CWx0+HM*arr7qM^YQ#pp!GWv
z&Go28&HLBxgjCt<8-i@}!9fjv^Vu2Is#{!;fZ%_Q&|7^7k2+@+Xd40Hhy}LAG^BnM
zV;-o>SH}u;9i=R{y+_zKdw~v}YFL8ndLbEEd$}I$=owl4Np1Ar+BJ<V7x+-~rYd0b
zPkAWI8z5e0gbk-0qd5;O=j-{aD8yy=+^6H3jNbV44A`;<GS+7%?=97cpG4qu+wK4l
z!X0l808l6e^hXLiwe9Tcd5@j(QG0Nh%+JpWYcomTb;$l_WxKK>-1dR>`fBh$&W<x8
zto=Ys%m5*Jr>1BO%G|v8W`H}}(~<dK8(OzajdyQ39!~a~2;#2<fA#p`w3GDr<<`q&
zaj?oqE)Yrw`@flm83`B$zh31_7Zdjay@B1=($I0{!%<gR-22>ff{1K}g@PwBDemi}
zUpKDup1r$%JzGw<cV?&x2yr08e-7kbuMLk{XA$rj_<pDWLwQCQN>YoO#J(pXfNl;0
zdu9#!{oM;mo0)Ald7xco`9n?3##of=7?-FWnKnk|@pU{v&sQS=y%x*kqo?+$`HubL
zE+3m*X+5h!qTRL0*R!NuxVU?DBkJ}7r2jqGaxFYOMth132e+e*i7Po#x~DksON4MK
znP2rDseeOB2rJ9KEFv2gb6VEft8n>wDmA26VKXq59b0c}bUIXpMv+~FU2t)^5agdV
z6<)1}!DBr(QSsX}hjFLu2wJS;H#TWqcwi2rm>q7!N4<AT*+vKA<Ojbe8jWcNy#QPb
zR%`^GFO$?L2O8@RO&i`bYmYo!j02GwPX$>T*)eH%Ft?zqL%g{`Q6p!LSHe06D>U&(
zPdb~eF=OFjZIkcqcf>gmg!ghE1V}AIlBBLtpFtUmEI(W=N{|<wMgKRTVvkJM!f}od
z?;+;O_kSTUGtjQ>OKb2a1e#0@AtAuu^^mFlB~!^^Bk5NL!t1+&><nS3NaWH*KtrD7
z+*j$e*LLbcp~P-E>5fY_w?6xp@_VB7YL2glTR;jUelSyTTkDK}fwdh$WXoHwCp3i{
zX^`*m3LNTKk1}1EecJ@NVXX)O^wB`TtH_pr>0zDjfxH&&38Jg~o`k5K1MfEl4wSh*
zH3P;NXC<j8J`bl(EYe}PsrCacgFBWridu;4Q|iV~e$aqhY&`-j_>Rgzw-*S13F$+?
zIPELBvbS%W#`JVo=q$6nMIDocG?S#BdbD*{j^K^F$7x?ic8xJi7ryjU8ANw@N)9Pg
z*lh0An@lRd&of-iR*qqsTm8{IpAy|^JIDa?PRT*K5kU(0)!z9nx#btW;QmZOr)6sz
zPlnGQl@~;os04)RmSD(3dnW@bXp3c)Ly3eRN641m9IT&MSz3B$3j_1QKvON4ncCuU
za3JKSfRz}hP&?}gLw3mAfKi*r!G6x%M`Nc~+SzliW{8lC67yav*_zpVo>vt7u7Gg?
zrsEc?@UpgT>-_)qGMr)XTdrjgnu3RPa?ua}ca><BR48w{&tbMwyx<F_HtI(RJLp?)
zv0jQ6^Y<?BTeUSU2nF;TdaIpphy5-99egP*5G;#uO;iv2Tb#)XMcaqo;%yvagT**y
zmrK3iItQLyqk_B-zLmg<FUKFOk+a$=?fr)F)vLyf)@uD|P;s;<Fs{AnDwtY-PHmv6
z8xq+rFOiL&qtPmDOTGeOyKHkZYXLNz?8&SnnN~F^(1O@npzU;9Cqr7IYQ&7x^Z^up
z&(>X$`8>hf3tdL_hhOxf;B{WEq_R!eezE$9@HcD|TI~^hfXu(zdSVRFo1*nqvNs6o
ziyKXYDe8nQ1Cddi3r=s}Zb-iqde$rC(SKnUL+?#di}n#xh45S{ghb-2hA*8Cb>P8R
z`tDWeyj>FWefz|iDO;+MsB1$Ui$Qvz2|*W>3TYJlCZD-4BzbdRu`L2-V3)wL_RG$P
zO;5a?5wZ4j>*hOCfE|#`7>8?d1$78zw=6fn??2<Hf$u0<nZJ9t>VHyDan%;5D_RLB
z8S+$BT`-dU+$EX1NfH^uia_A^&reF4I5M{6?*buy+LS>Kq?y)}xKrh0zz8(76WV18
zCj4NQ=B*zXWu`N$r#qJ91N)^UPf7MjksAyu>Eb7g8H2^UUT3!mLbZ(|Ege2oBnZyZ
zg*y6u%lGc@+~5m6XA-k>jaxC0!Q%{;e#NQ}S2d-KTNQlVd8n8g^v{eaO+JVjL=ZDB
zc4R&T(p>AZr4Sxi`#LLgaQ5gHu+56KWlVV$%+M!1EcT^NMGp0XoSl32Vv}EAV;cI<
z2l8G^%pgjHBACVAHQMLptvF{}Vx!`pwmN>;xVpeo83zj^xAo41opVk|cX;vxTK;oa
z8Snuzf%MRCBH$g{R;C2PJ~*Xl?@SH8?q5{neofHwVxN&-5SACZE_}<MQYs6%RF_=?
zWNqnvSPI)U6p~}9F+a|!ufbpZbaJXUE5CO{GU$EpsS!_hl#kXk8O>lu+XK8Aw?6-{
z-TD+kkZ~DzZB<c?U0m6!N?1T(a~VOuZ?@v+Fu~!h-*svqsV&v?dLnn#BNPHMAlfE_
z=wEGftm2}&hT<!XUx&O?=pu*h8i*PtjR6T53i~q0wJj9+R^zFN3YP%#v*L>kX(6Wy
zn*!EYu(t(n`{sF-1)9;r6)oHO$P)VA_itI(v4*L{6T@{<J{!SE9KSh^I^)zDiVE>p
z4^<F6Dzdg;j>@I+3<{BTyygB9j4m`$)JEKBD}eT2U+{hnB%u&YDn#t_7MISaEhL}7
zn0SQdtsDAk>$e8yG+_exe?6RgO$h}TaxzE{r}|iiESTn6PTnim#^x3m(dJcqQPiX)
z5P!C=fzA>mjYQv(gC{L>WjP9e#+-$>cl+DvyF9@TkIW_IjN0VB4BlIK;9Rg9qgf*_
z0K_Rg{|ACN0~e?|fjQBw5%2O_SIXl>z0xbbCE`|{ICM5}S^K}BucaE>oD-?q_bQCL
zi%F1=BVO+A*&@;JzmtJZE$_>n7f3zwCd=$LO694j)v`JoYjr$4o}U(}QCR3yH&F)q
zDi3*aLgs;kukMvpu+KhtfwUTD@@)r7n$B}$*AB5zv`xqhe%)1F!xHl%IBR;J;^W}E
zIFY5>3IzP;u{Y}&-(s|3D5%KZ2s3eYn!N99q9Hzthi+}?_#MC%@Xt_~UsOL%q%hD_
z7|mCbARk9*b?US9M7i`(&-)XDnD#X@vZXpw#~|hGSnIt-XqQroXBSG?89##0o1w0!
zujRgNz?BTg%ypHD9t4s~PUNIk%zIG4|5Xj0I+A{%ntc-vm9%)ME&lWYR)RROZ~;BM
zN27a;4<VZe?i-uE4Mq@G>_2Oqs=h<4k@;f{I0^Dmx=iJzJpDMi2@*#-ZHqjJW;~l7
z(&6Pudms-`;6pWNO}<FRAE0292Usk?5Gx=EbcT@a;SS$?75Mg_A2L=YJ_nOZ68n%%
z`lxkFVpdgSRA?)83#{wLRwyJCuhA7qk$C|j|M*ukSrH`>%KXU`FTde~S!2iwQ$<-E
z)<914;&kaSGsj31l;zxlM-d7_aCEjb6u%IWa2^XQpl`3mrrL&ND}DUD9qh$xC4K>@
zavs;Z@=cAEJ1a={WK)6r9!GG0-D2HUmxH<;DeTL8w%;FBr^n0~0Uh>fshsYNyQr`*
za-2^lc8su=va^o#rKACiKwX3ZYHN}CZXuT6jjNcdK5zbV3);S)MB#ko7<I`rWs|s~
z1gKkYu7<-j)+{d&f<1+6(^l$5TntoTYx<%l1s=B+TNs}3T$g;)#(IUAGExGL3qU2D
z?(ySjXwp|1EqV)1cCOS<fjHRWu{&Vjw+jf{Ig${pBPI+EXtCi1eaygD>v|5Od)&3H
zU4A~j+%H*KJeo}F`*kA4fN;^$)NHw*^YEmbax6b=1yXu0!EI5ih*?QYU35Myiz*|u
zx^Z&hQUeI<e^yD&6H*Z`E_|cMVB8e9X=gHkS35@-FH1OOJtx@7O#SlGyCQTlG>vE!
zqLb2>#2{8`>dMr`px(OjCAPaCb9ST8$Z7p6n$%KCjGbk$-uUuuQ;V|#-5CPEm}i*=
zyU%yYtGT5~hiaG=lYdocuYu-Th(<Bz8{A=R8s<;w*Hy@`?%P&_Gk`xV=(tt;qg(ik
z@U{Z@j1*Dhio?G}?>-zhBAhLFD)M#4(EPCo^mqBiX;px7fSPb&zFS}Xnaqz+nromD
zN8H71QT0w)N9QA>sG#w(738|oN7FVz0CBWmsu$pfFeu~ld15c*dF?*KYwDGP6Kb|R
zv8HvV`9f*Mq!}y*!Zy0>mp_76vc>wR*ck0!*{=~)>PB+P6a0*Zh!a)2TwtcxKZ6*}
z$NI~pj+%?m*FK^Dk22uR(^Llk+>!c(4q<t;l{&#C5W$<V3&|&Ab6NVy6%Bb@dqDB|
z=Vy~$&NGsPobBsP{)5f_$mYeC#s{9duipHzs;#R+&Ed=4;yll1SFkq#ZdzwN$A=%J
zIiDF{aayneEdHjwAVtvM9zTvFT^+;ZE#v|Q_M#lF0Cr%jo#3EG5_I!1^cgPN^$qr_
z!i#OmIFr7~*|b8k%1xaf316|c#%FPBi;3m)DwNpJ{I$!vCN$?&ZSbDU?e<mu1F<2k
zTU^Ur#-=NP(L?R55R2oH?xq-5<|qDbT-ssSIM9DBO;G}cP}`5xBv9lGe0pTBD}Q#F
z+KqmqLwU{Z52LY}=%v!*!~0Xp|BckkbT$-4R0u77OQm@ESv9qfQgL%>mecHR^%xfD
z;tp!LabsNwUAOa|-)Xb*MK*|AxqXGMS~V{qA5y4b!(0?ovBh6KG5tlU4b=GL;jgHg
zFv+LXvY(sx`>Hf)md$>|kCZ?=TXzOmegrlVVqpZE{Sf}@S0(={+4pT6AzW)h$fxVj
zt<Q~T>Pf1v2KH!B*2(1Fj6{fi;+p@L^nQV7AY=IT&luh(eL>eiZpcP%f^zADK8;!%
zm>z@0TtH+3oxVMMH!6PzXJyeOI#!QjMVcy_oxT-Lxm_gzi5{`!eMthfP+M*4Y}?$Q
zA!}qbNow1~VI)LXuI3^!Q;ut0UOULi7^}5t{|lXDm$CNvY}!>R2sxrO8<R5T&ZBJE
zx)*6f$&kzA=;*ew+N%AbL2sY2^SInr$psqu#D9Q0Fua}g_cf<0xy~?FdzC(YkT*cv
ztV@JbwUcm3fgkSYDprr5YA<6QcHM1GLtpLv7Y^!E!s*$x#PX2mnV6x;E7$!NI0~*k
z%o{vP;q=tMp)@FEl&Gqk3`x*m2|%o&JW^Qf90yVm`R8k0>(s%4D06z9{nIW#owrf_
zo!IPj!*ZfryqNC~lvD43aYY}_qs0n_^~b5pat$D-REjFx5hPu&9bmk?FV2)<UN&uo
z66E;?X4y*0b!IrKZu?f`u$rD>53r6|Do?AB`=nmI(w&n_L9g}DAUsjKQXv4710O;>
z5c5Ig+vD<o(qXctBtbMJ25Cs33i3lMf5=!Q#5;D8Fb?CECC7CM8!w<V@eM36>yr>f
z|HCBGn%>F|<R3!|6Dv1lK8Di3CM*cn<oIHLD0#mn?xogFpD3$FILQwF?SJjhl{8KW
zr!oQ#v#3oq%6LoM@QG{rQ#0t@MAG>!#ot$Vq##P8Zm-A*ZjC(S8rmm|@iSpK#Le~U
zaQO^ei9ClaoMkMGo~4f@{I@uXmHvRL9?c1|IEmYy!s%0dLntfe>$<Axa-N8+e#77!
zRM@y)adA&BfC6OE5!;wHz_b<xsQrbG`=o`c?EIbK7f?{mNH$Y2?zUHJHp_d(LvoFS
zjrL|vOkU66b>aN~`i>r7R)v4Z+Y%S*_6M<=6BjOUJ|v{D=a5PvYAacS?PlQ?MjX1}
zvS3&Fst<*No+P$_ijs-eD;Yfd1Sa1o6cV&QvXG<Kz*kTrW5(FLt=abY31>AtCSiXV
zVk8a{vzv`=jog#kFegf|(=Og%(&!i5Y^KuqKqH9eOG)Ci+!JDZ0QWz18gYoLHKQoA
zCUj}a=vkYni`F3Z#NdTC$v8jswBkUnLb%!=rn!DWu5yOY9|(`$WT0k=C?)bVb#zyv
zx`^Er>zAU=W(8INT=zeYP`J&q-GUIm9@Yv#Ie|8B3Vmt&0JJ<nF!z#Br?C0fQS<yk
zS5emp6i)xhZ}H+UI?2?fnwc~_HP(wYHOSqj<ST)ILnW`{<M}ktpG6sPeE~NXr>_jl
z4+C*<betOjuoC=3gO|fqA>d-o>kIVB*$T&or>B`?t${+V+T#Jo&xC~ch9Kn&tTmGp
zE4}BmTFZur$H;}ng&VNJ#E@bO)fZ0e5z0zPuQ-CODuor3x1O7nyS}dC;)3<heQqE6
zG%#FqALQY2dqvtB=|X+k3P|fboSp2Mk*!_=M3U1?NQ)Vld2gV;Zo5JgyQX__=so#z
zk~HmJzNCYDFBQn_4*77Bc;dzsEcosbVeGOgNU|k)7;4+#3rbPgTt;M$(@&A#6iq%|
z!5lY`6RDRSLY)O#{b7zozuwAS7!ci4;nbtEVpGu6dF+m~`|m{=AHrUui)iW6BhX%>
z@Kso=P^$5{wRqAZ=ZUufn=l@S_ETb*xEo^GcRB6rOLIXN&2Ri;FPi%5rZXB210#1&
zF;JX&{Q*0S(fr(XB6kd_206{1519<<Bjpe&9nai)JHW`AIkK+n?Ut&lSK$@5(Ghuc
zGNVc5Jc7mnqF~v+f|J1!w`RDJ^-HN3bJh5+CDT1{S2?`z>M$=_0(92>)R%EhF%&Wn
zVwB$!0cSTIR!ie!4xzcdajeRA_eO3zs#=Jx&2wzW5R>Da(|I&5<$B}_cF4S9$RcGs
zPblF%a0plWI$_DZzITg(KbM{xvsI6mH)EJ;7)BjhBIEY~Q8>X)&@@J`D?BkqUvb^c
z3&XS^IEETtuHt2ELW<}^=|L2v=AKDK5Q$W00uNji@-2s2l5&E+aol39AmAGHTCT^P
z6FrU<=4e{63~O0Op-vlv(4e^VMvlSlE)xzVMaOaBbyXo2OGnorqQIk=tb$Xtg!6ny
z3Hh<{VIjl4Kp2geIVln^nV`_lfKlk;xX;-T<>gn@A>!80vhN~dltA@PcVDL*tl^$5
zr}EZmIpt#)qob6rF$9AgQ{D8YR`(5y{8$bhmujtZp2y@<<c9FlAH^P5M$3)^%v+Dl
ziEH&>!CMuGPRz*6pIgSw>NjptN&mXTsgJ7@XC2i@=3_Wtk?)UwX)GA+Qnd9-QxkIR
z2=3I)ZjyK7?~=ZNR#8b`Qn^DPRws_$TV^kp=mbp<d%6)Tc_kH3j7sTFccbi!(YHUO
zDMFtYf|#wu=XrQ6gVLB&i~Lv1m#Zd$fdS3cVDoyfO%6KmA4pofoy75{F<;i!rW+0c
z*VlGu*IOvpo(PSCe6G(<^1hsVli7j<^8gk28IYhaWm5%3a3$&NfDi)1mN5UxJ0|7@
zyMtU0o6^+f);Ux=++c%^+RV5;wbj_W(r-7_<7y`st1fAJvCCX|eEjM1w%uH9xPoCT
zKcw`CI^J;Le#d;12`bArI`f>iov=fAz0!OSSnvHJ^C5?NI|2|K7hjiLKp|ZEX*?O)
zkqESrRByK#`3-x$m+GG%qOn-;^!&qhr-VM&Zrvh(ld6++h~5q(ZHh|%vQt}T3k%%g
zIeY*^MZ<pqZw=j<?NCZ%wx~TbL^Q<~bs-x<JzgyKB$AHeuQdWTFNRDmP|h`<2pxh>
z$~+UuW0kDFPp9i9&cgf6E~$b<e;%?jg)DZ6b#29=56jl=-bJF{(ci)$KF7lXc~@(8
zzS7grd?od?cG`7$zB_t*Fnl?iK6sCNC&zt%$YJ-3dV6XsE=N#r*J!&a?>nFWqQ_1C
zlk`qtn)E&OMIyP=mZJVI0f>Oppn~L=!CrB-`DS0pM4VINeSmGa`_(i^OwBDP`<-*;
zc_D|XJ`RWCeP-yDjRYVRXX$6vX*rtrF%&+VX^&d?woxZ@<olkH_TYlC#3;OSTW?#Y
zMpN<KO#b_xt&@;Nb^=@yTM2H851Tw+*7E%wb|sN#$6ecNDaFI-dR^j!B+>GY_D`9S
zsdN6<UhhLS5b6h=ibkKAh`fb{%K(t%8&`Cq3Sp_$72PE{w3y5S4|kUbKe;&n*1mZV
zC(ik;nwx*fu<LIvBdkTp_xYL*wdXQ!R0le5LL8j8@TRgdqQ3dWXr9PHGb1X)g>nyU
z(fu|FN(Hok@Li8y-~h#m;Y}KzXau7>KXTeu-6R(VMd~?7zs5`1nNf2Ft#mTdKXl_2
zAU8vZkV9*}H}81k0$9kuha<IUy+t8+;lgNir?EExImW!{DR}ivEMp7xbI2S%@hIu@
z%{KVBeAwBkcF;wDiD<pm<$+E=mB!P&kpVr}@+NyOa<M><?`LdHzg{+fL%a>qH!`)?
zyD>m9ehM6rqaa-qg&Z1IeDgufIh7$_sC_~}0V-6VYDh|J7*LGxf0b9(%{WXkiqUX_
zaX*Gy;K3tGChn)3F`C@8InhNH5YVGfYfUh$TJWJdV^XsAZqnCv$7QqRXG!;LG=pKU
z6BnDx(3?r2QQu=naeIMOUpc5Zk8ua$lhmM#Dd5=U+PW4uKEZRac}_gV<z|6sUUl)_
z&t0H%e=Y*+C~R{;^Ai74DyX72Sy+xI=$hgxhtuqgbv}e7s3tIZ>Nv2ooJRpVobqtZ
z{JkX!(mqU0ji(#!6`GjS08eH3ZDG(SHFw(SNot*3WbTTabhQkQlUT;5v&VrHpaDoj
z!+s$t)A~$0z#A*pd*^IK9crdW)O}}S>Dv?0#>{1tD@+ADcdl8J$Rui&*#?e#G1zcQ
zk)Lce9D&6xr+$k6mgwGvf96E&`{m#X$MckE_;P)4hU303jpyy0VKBM-vK0}B7LeA0
zwUYmelu)KW8i>@g`W~H=Pnd{;ISNFZa8_s>6U@>*z+<YYlIMyZOeY&NMD-8|`;rdA
zEvJy8ZnE)-5+f`p4nxn^@f4Hsri0f!m#n@^w?DV1|Ew88a$;|hE^o4*Q~7wr^sQ`&
zj&4xqv3t%;&Gp-ccz>kq(6DH(VCk!3`{jhR@_PF;mA+KM-r=i7kat9A5HV)~H=fn?
z)!fPgN(%8t#mLSNRv2dl(fugKed29qW3-?!BXKT1W%u2TO*Vu1B|7Vd^`<(VUxG_k
z7Bj{56@eO%13Ttz{SI>KKo<&iazri7E3~aR6StfO-5K0R_!*Aqfi#}35X~okSsIoY
z>nbI5*Fb6bD(L7GbmGETZsqncJf!Y6*Gv~aPLrVYKo-Afgn=kws$@#H>X;y^NZvjM
zVeH+<3onwm<j9xBx)8>CdwY!$3DF+@WmdG@g7lciuj3+*hDA_8{9L2n?@_62K{E@H
zd7>Q&=S9#frgyR)%SRlrE6SLH-Nz^v4YzXkZ$agN5-8|%cnb!X>GUV-OODU@kF0`I
z3ROpBlN=qdRH^GTy!$2!fKlt;me01Z)lf50AYH~%Gx_xDh&@%6^m=heYYV9&GBVUG
z;GMo*_m`jb!wLJyo<|KkEq-Zxj`a<vYE*fnVBSaP+sA%j&~pC>F4or|EQ*oHcQmFk
z6`(ZaEXIjx^QOqvxJ;eaY3-14?mA6inwM3~lc$r%mdle);b~AL?~U1FZnl(OJ(zW=
z$JN+FEkn?)i_s#29QG}NsYyaN`MTF+dG9qzxBZ9_anxQpnj+rhk$*a~mm=c-CUC_4
zMQ43}yu!6A!|`}Q;qdjYvU#>VC@-{yR9JCuK*Sv#a|I)mkfM#o&U@)sOp7}ECj{>K
z^|p6*p#CAIxe$eevU){ScMy#M{a235Nq(73PfLF~()8a=S!cRF0nSi&eF*@4nnoo_
z|GeemCGj9n+8VIe9)4n1ZC#Xw8Um37G@+aCG5xBGEhX~fMv6z-mN5=QzsW#t`9=Be
z9@_~IBb|W0;kHfl$+Ds7f@m75w^6gPCK#_~oh0wTV&3{9-fE=g;etgU-!w<wXa)Qw
z=s;7UCDo-TZLo!q<7rf}Cyj642}k8l@XK^NUq%i9AT6(jb6&ajD(ZWF-AHyaVuFgw
z@ET8l;SU*mKwU_}3g>SH(ErvM{Q!Wiv&pdoP+E!sl!YXBz-+e3sBzBUqh21pB6%#d
zT1^bET~ZG_E=z5eF$?R`4`8)CftNlu?01I8O0{6o;BDab?6Cs@Sj_82@WzQ&@Yb{!
z4e7(ck*WaMu}!mP^uUz^G}dt?mUauEY5i;#14nRI<gF4&xw*mWT29evy5UM+HglPN
z`MK8RRBkxxdTiF6AFllRkZ}0`3-wBb<Boiaf4CWxFxUcuye#ngrug1Wd6#j7nXKjF
zYDUF(adC<8d%J`&Y{*6E4JNo^<3kyL4CGGDD!L$vBOt|goq=W*Q{uVi^0i;RLxv*7
z4JIc<0Q>*_N4uCMwAOv1F$;|Qm>JGZ5j1j+VH18-U!kmH;J7^I2rnDWYPWJ2bA`(;
z$DNNC2r<24!|zU5AxSy*oz)10%RPoHlS!YX7{dc&=`Qwru?^ZiTKYG}nCLaSQ@*L#
z#jA@O9GTVe!s+-flZm{nfIn9UarS)+Tg%cjP2XN5$q7~3$|5pmLiu{Ee@egc>A6~%
zl{4ecQps98?OFYL6vZJ{Q_fbD6IXj2Uj0(-2)iN2Tboioj|<SOXvVO|S2q&*+J&jJ
zHI_9zYWeBwk<lXE(!TmpIqPNHFj67Pqqq;BoKM4D3G-#QF1^<pQ@pnTXiLs}Mm{g|
zefj&J3Cgze?acy~KXqd9)$)coRKV_2A3cj^%*9!r8B~0ibEVQ96KUFxKa=0+6#Can
zPu>7ELR!u0g1N%@6f60LJ|~C^DZ>hVGlg@ETX8OUSwQhasq*MEdCRg6O(9L8lG~CA
zP2tUmd&H3zL;Moxz{-Lt^4G+|$a{|IAb(4@qC8>72+A3xl(Ih6G~B)I<r|^-Kg?Zi
zm3bch;kBHwb}M`%i(Da>L1W~m0^pu|Aem0z97he95N8ry$4W$g15NNEwF2WEUs2vZ
zGOQ@5D3-b{ArTb1WVLsM4|_7y9Y79l;rnO=I<ob6w6f>-Z=jc`KIi3Pic{$qtzI(l
zCZ#6i*jE+uzl6?OqbzA=#vh7gL;Ktqp8@9msQxvxQvYqYA5#752{s2_DHB|kJC7|Y
zs^f`d1Y^)DKmeC1Izqd3;d0vWYG)g18mw|gIW7OrxkjsY)hhe6)#UNYz{tnq@aX6Z
z=-8AhQ$#0f_c-Zzo?hGcR`w82Bcq{4K$y~TTg#DI+zWE;OLx`B=6>+W!0%>;6}8+h
zn{5%s<=zA<S-R}J<-44@J(|^`#hRaOR~}X~<DYL|tyHW`es$t!E7axj_f-azgIhk>
zci&<-I?DHLZJ|hP={-oEgbDUlF+6<_1?l*~da+Yxm2N3}4L<f8QKJ$oF7@^$_0X!S
zIHqnHB*$U0kav`Ay;PpQ6$70iNw1b7Ze^8;mD9!sZsSwRIumgw%gOuu%vR)%Fe(=h
z6oY}Q8QZM-*T0{m+-pB*Ug-k2d5T^^SyCAOp6J2;bg3|syB?Kq>1P3&*MLntEV!b~
z!k-6vSHJQupK``KsNu~Wl0%6q!#dHt4&~kmb(poWzMQ~r4{_+}w|?>mA0N-X1MAb;
zW1Mu6-kBSFX3bw}qO39M(d%<IAD3J{FMOPNkJ&lr|9w1e=^~^gGf8ALK^%J*)-RSv
z(WMgaNCxiyiRt1(19A<u%hh3q@zY_(+m^>zzWuAHf|<!T>uNx>H5xe*;TD;(WO8$A
z>@MI@6<s2s9Rmwv={jFY^gs-}7v{f~p_~3bjojJ2PFGf8w%f|~VpmpZ3xGo0ZRu*l
zNvCC<UUvIP^3)%BA}E7-<e>rjudZoH#Fr!Ddk%VnZ@b@)&wuovF21Vr7met_P1J*3
zcTGPhTbE5Hq1@&=j(TanZB@8D`)B@av9#fwTswSxOoxjXQ~9K^z2;O~BC^E3a~`;B
zwL-79?<;@!q&x9Y6)MP-JoNRl)wPI%wJ~AcJmagvqE6-XNJ-jq@1S$NEJy<$w5H+#
zwsU`P)YC$d0i!25C_el9kKi&Lifb)Ozyy$vM9*W{1b#-ua`)-UCPPriRV6PvV~Y{d
zNSc`0VnF`>LMK8n>09}T-)~5l+%(c5CxSbyM6+Ff*T9}83F-)i^Qnaylq>-_XVqGD
zPUis?RkYyylT@S$(3_Q`lo8yVA&9h5`sW)lySk{4J{>%ljm2?Qy_IJg%5KC1TqED}
zUlSz&Q%ys7r>%W+T3@t{gXRfgA0^+<jWeFgqW<>`HbLW_%BNLiCvwpJ2esPotQqEw
z347YuocZgu4n;In`UJu2O|S9@dxnT+W86q4K#{v1ZWw>$IM%~2G)^<WC6IX|$;CYa
z3b)L^vD<MVtk&h!nrfhm(a9zIQ<5N6b~fcp1GCZphbm+bzPwMP7V6Tm?%6iMtZgK;
z=KajJ3-gN?W+viV5k{YV`fv_<`2b8qN_lWr9o8^p1>0NqP%CiwQ+xV|h(ia|;5QbA
zZ6oOAQs-g|+10~j-aliAArPkdRlp~h!_53g9aabFN*)){cQhA$tQ#+i!tWtG=IYAi
zxC1#8X4w}O$iFoPnC!IP^}JF1Un%c2#De@?e|{5-ltweHG`x=A2`I8a)bJg7f>-Fc
zt7DHS`}6bpR_5#U!c>sniqPeK;c(Ity<UquN{}g&MiVBFdVZe@aK2tX-~hK6vaiWR
zg8yyv<G10wcfbGi0;c`AOunzh8AvGvnq&L`b{HifGR6|gK+`ty88oNb1!|B!%-H9^
zQp@3H|Bq{iz|!|KH3hRg+|?E-!?dt!B`V8Ka9xWcfrP>(CV*`egQ$30(i}P~FlWEN
zHc5;d@-k3&mwCzx3h=xh?%DmT0Zw~z$tA9F=}4_OD1P9_a^*&Rd##R<;0t7=)@VKF
zE8aluRl2?$!RXn2sXU#YSaONF{^L3u&D*~n^rlcdJ(UTufz9$ZMv)rJU5J@<pulQ6
zk^FXI;ovQuxkPK&wFAOgj|rdi-@N}x(jOw1a=F|R(RR{O&D@fXU5n*Nc3UZAabeL$
zu;UY5bYp*1@aBt!<~YAZ<l0BXCTT|DV+OmG^WFwVOSrX<*^$r1?u<Ah7wos6%uI97
zlPIeBAw4`t@?kbmF4uS*nv7B^rR!mUFFdlrdp@p^6Ti4z1I!+haD)CmC&-`vNoKV4
zKdGC7&Fg#PM?{jFi;0723%q-teYBWxXwTRmf9#xa0(2mYG9dLbXLUy^G>4Yjr}Pu`
zH5azs&A`Rm2{YH^dzlRbWyJSCfg1vz@<0dBznvT5rdhPRqC5SfV(vtBXC_EO;bM~&
z*x)+~js?iUod_Qr1i!;o;qevC3##8f!w5H|1riGzh1O?VXcoy1fUU#U{NLSr<cn^<
z`Ljm@(oaw%h?WF?q#%dF6+~+P5S#wBQaduh*FM2LVx*lVyq{u-Rk6n!6t?F5Z>6C6
z#B1Zvp<T5L*(0RJe_l^CghyaOGDUJbe|Km6WH@191!GC-(Vu)>B?eW0jz)Ye$mt%c
z%}>VT*;DW9bM*qXGvbkbZBV6U&2kWtNL#ht)<Z$d$F?F>o|bOYW-ecmrUF*h<=c12
z|4EjFW+2<}4Ljbpl}|({ezgednyw$u!~9Jo(<*2rI#>#eS{Y-K7>8G0s$a-FJq%?N
zRqwi}HKhd!ifD5_dGKNZ4+A%@`7ufgFQ$^mRbB9*7Wh37FUT#BRV+1X9kTQnlG@$_
z33?<LNI%Ei_ESk1mKh4APSF)gMVWwvT9W{G0&fq|CD-dBg4elT;^=GVU^|c{^lmg}
z=6KR3`E1R-VzIaE5_syz^^kMuHG5#4*8RicXSihivnB&HO4zm4JU722=J7a<YBujh
zOO|^);vj+%O4i$MYBB@1BVPa2@gQE#oCB3md_bY@!>S}rsbHfoh^?__nWm;>-l|h~
z{?6f4H0oLV*XPAf>-#X*hO4&9hecG#nF45ew>>t-#$J0St6L*m9fE%=n7NlyMaP4f
z-FFZj|0AR`?ecBfH&-{goC=AwdsQ$bc#SJsJ_+%<;7ee~|90C#HoSTvKJ_smY;z1e
zjD#ME{Q^ldFgzy#It6cX=I@nVw-Ijh4T<v=;4W_p?ngBFYJWWn$_QA0EuIzXsl4q)
z`8#ZQ`_2eFrgjr)y39rQdUVc>72%nIG6$89Yaqs_Q+TH*;)T1lp_DGQJk^7XvIEO~
zBb!U?hG(gSSf!GYY#us}8iW{nP~ZU3Q-mhSO=z0ts_d$TK(8+sy)mmRtW1E2OS`Z1
z`3cp-vFc_|Z^;V@<i=fUk>7W!y&N-w*<+B}6|G)|L3Hk^$hu^k;VOi2(vQM7VxRHJ
zgbOL)rC57Lii((ELrbSjZlkiJdm_V&pSqozH3xL+^oIMnu@p|f&xw{00l^SLG5tzG
zqafq|Stgeeh<JS@056`I@07k9yG5$-*U|Hot8mI<wsLwCmR~oo^{(^;m-HH4fnUIf
zf}gJ2FEANZJnx&!Zu%W{p9yEjB>aI&9L(pnaO!dKuLj1Y<V4q)!bKDlYmS#*_1coW
z@L}1zS7E*VAcogjrk8KXh#Y?bK1k_}qA1939l+|NTcg2ZC7hQJ>Km%z6Cm!tyYgLE
zbJCr0ccDq6d`rbWi6mI<xr+>&zRHAsnQ6xJ?UoJuKiQj%Ybbt|O-*c6+Z6*was{HM
zx%Ow1B^1HzVqhhzU{RXTBo8_U-Znut6lkYz34{KBJCb(TRzHJpzA1NNev&N%yy^QQ
znED3?(egy;*M!rL4yB8EnhOBw;3!i&?GV%RI+fC;g}ry~CE5*wH0XY`daw+|j~zc0
zjqZmcvlE8I>;7xzdVSj6FQJFS8|0UEIo~>q54gF6YASw+h!(6Z-b`K_JyP)o9b!+d
zWiwXLEhPohSajT$EiLQLN~5au70L2zn59}gFNclL7t1$iE_%-SJ(Z2mMwGffZ%NW-
zZZ*JCcr|TztaCpPc|qw;SDM_vCO9p!NIj=6b~dJo8S%(TyC`CGEVMqaYJ(P}?H=NQ
z4l0v-_ACA}&c?`buj4*L2%g6Vc^W}_3IgYw7nai*=V>#GL;^y78;t!~jEvKfWi4*E
zYR@)|lN!q>>{pwIH9LsnCePLU54%Go!B|$?55=5eWWHMyDUSwK4PR8GxU#JaXDln@
z0+O~XsDfz{g3S9q5psGZ1XrIe=8fPEi@((4zVD`|F|(rTYoKE0i2Nj+@q8ymBRoYf
z^S~0~?Lzx`X=GKwhs_cm!6mSrsRsDX^DB7C3r&^eeaMw+s!;4<k6U>eq1XUDn!s;G
zIHH%)?+m`#i#~@Xm$h%VGTdx&)|Q?Gn>ijv^*HrT#3O@tq}Ftc+(7YZ{!$%3zeV-E
zdc<m<DOg~7J_B7@-oW0D2FW@?#`DNizsVp&uN0XkGId;NJP11zo!46H@nfYk8k5NK
zE}ejL%41sU0^nK&TnA8Fk-9}zgqkc0MAcajua7)-boo}YPI`CzUZ1#Ycn?*_{kOSk
z6HluS!({L(W?|zH4RxUQj|K42h2cb^o#_+{z;VcS0>ti)wI>zdyi^PgYtH)mM?@uy
zq%V&_4S*9>gF~NSirjUI%#qZWsbmrSot5B+=>MpD?9u#d^Qy3$NsUEL(VFz*<^m_h
zMNY*hGq`TGB=ywGwa5D_(zpG7H&yq|q`Wd!Un5?%^ricy`B}nEaB3S?xNS<30e--C
zgM_sAeh*)~IhWM_iwO>4gU9q{P!0n1q$mU{{legS_C8?#U~M&64)^xNUmgfp_Aiz?
z|0Ws%sG!S-mhP`b@Ewh^7)etk=`hfH;k~=>=w>(@f-BM{arsc5$nnK4VLrK5*(y&9
zbTzL*O~`-askUH&eiZGx2WkJ#`!TQm2CiI#p3?PhPBTmcAJ(P7DZS##!x#Inv{51(
z*Sv%(|FL!EwCkA|ng98AcdGMCgn5~b{D8@=*4q|E!)o4ByR5{4&Zs_crF-7%JR&0O
zXNRJxBE4F&T<;wwhLm8n;y%mS2y(BEehh{ogqW~V+Q&@0SPfhd@~0ODA<1d_>i4WD
z!CA5OfvY#$EK?yqX+MhPXE$ilZAv|~@UIVj>jIV>L8(LA(SLy`c!WesuWW=wVQc?d
zqowVu^0jp1{>}O_*a9&4z<VKp_>9O4Sj%ecEc(V5qD~OU9L6&H=9Gd~11mKD-5wos
z&cY(-cEy9^MQL^rz{*I|`6N2B=MkJ70*#4j7vn7)vL<-kh2E?r`+b52{z$f<6y}%g
zMSw>wp2t8#*SfDDk<Z);rLlXp7Bs#=nIMBT*s4Gdqz@aE*yyLMjJlMf^}7LS#z&^n
zHZaAlku`0`BM|?uUwJE*sU1Q0gY1}*AyK(`Na*Ie_vT5J<?mi&oqn(4!=zqM%FkiB
z`1HMwQNfgpBJzKgrTbCH+F<Q=k_lM2b^iEDC3y#>w`XooT3OZRWG6Lvry6puwl`(U
zR6YJ^@6EV?sGONx#)ZY{wiRsy{Pm!?=ZEr*&7b&`Y-+saHH#p>y8D>Zs;Im7do?SM
z5&{5N@jr6QpqD?5=b~39UqTK5S6Ut)i$f^=)<?U`U$Qq_s#i23W2-p)yb+7Y_`Piv
zDYsnezcCave7}7=8Eju@YN#lJ`CPCb@vs?C41U0R)soMn??n773_OJtD;I=Xalo6d
z77pTxqKt*TZQ-4qtyV#_{hmH{l~wPc=H~*Soa(cIYw%1Pft~t~k>0g1mOtfA^>pY*
zLcCS9mtXj%#aK7tmJVS&aFe9Km~wO?E4Ya&@-z4nc!K{z(28w*mTxCpZ6F3A2yG4q
zo-2cw3q}^HjL&NY_Z~p}7RE=X(%gsJ@efK3D@L&pM8VtKqVX{PyuSUEVVrR)X`=C&
zI6`0K+Wp+JUO`riZaHd6Gb?gcg+<%3!J}x8H(%N3aczt7G3MUA;(2p)iBY%lao|4j
zd3;f6g@F6=2DFtClWr&=7WtRX@k1*nA5kC8-BIywPg4+s67(N9FPGh_LD^LBKU!Kv
zoVMP6fUE>DAg&BQr5e^C+xvd{;fp$&sH2i95X<GLyp9_=_@B2y2CpEI00k^G&4z5t
z@Lzv~R;(Pgzq?bnnkX4h69{WUPfn~83@ruB<JURdz%C05cSk(+KvwWUFQ;bW$KuF>
zbX2&|36Q3EXfBQA&$t-A+d!@C(ifUCjvw`wf4sJW)k)Swji_&vTc{b`XnvmWn71~7
z-Gn2iyYSQyS3nqNCSk=RP|DN2PnsO`kRkjpuxYX{a+Q)_ssD1%<M$g<xlI7ec=Fz7
zp@_KA5rmJxGcBFdrmIGbtg%I^gD{}kX<aoci#H^bVMt1auR~-b{Z3y%@R*T?zK0h(
zQ+i?2PDOrZK_>;g;({TZNg~UEML3642@=LDSD@u&&STcjhn%_5mItBd@=&%aen-3U
zABxYYn`@&>yS%K?WOV}MQ7qidj##?0QSGpY6Pi-0=4I8<UT;C$hka$(I=DkUhkv6C
zjNe9@w^ilsvN4xhZ>&6Utm9>_DsI#~f3Ny9AQm2Ne`ymXc*1)M!!Wvd@myZK{B;li
zaXYGoVEH?u6DQ(qt6sMY58X6JP>=BAiSvi$-eq20YthHkR+RRq)n+kZwDk7;Bkg^U
z^$O?Z0*YTTsP~kJK#jg)^jML1iRyClXSdhK$mgI({D{CP%!uH5KDYU=zl597>fXlN
zTpaJ^?*|B+%)LRoYFE4*YH!deKiO264`~FkPH@!^-WXntEqPoDJzvs#HeU%hrE%(+
zV|Ps7O%5ckW0x#vo-0S(v9FT^SMm*L;0jk__Cj<q5KpV-Cyfv7-IjcuKfkZXalhok
zcc@q<>3R_?c@`8fa5O&|nLna-3G#haK8S0udowQd7#EAgKBJaF&`3<kMkJc((ewqD
zKZ8!}5BXd`#zV<YSwFCmD{s+7n*d_<lN%CBDY@E(sB`cc>PFu-Q=K!tKg!u7Fav@9
z$rj33_bGZ2kGU2UGNJ(+<T9dJEpDv13~<$+fo4PdZCjQ7TPGVIAiJ!kwW}9lj%4VX
zW5db?I2|%RtU;Z=DRLssGp>=NE-8ObLl&7pDtLVz4Nc(ZWlwNN-a<Q(b)Ka6AEl=v
z^5pFCSxAMlGx{w70#Ky7>dutsU$7>y$7>UaI%4%HmLo_x_eK%G+WoUF3oANB52-iT
z;z?01frDovcRmMWRN5s@ij4ls(^$vT6|{V0@!Ra%Qqh+NPdvC9)`t+mLRz-DbWfLq
z`6HLIDXGVnDfw5JodH}K((L%lwP{h?*$~kSWL}DR3e~{<Dnj-0h=fS?X<^^Xs}Y2>
z?Dyb!Ft^@x8z!4uaEa_eyNA60q<)pCzG_#L>S?pV*ji?l^K>_v&%o^{Fqs_yf>}Lt
zyQ7&n)Z4|W)1Eur=-lh70-V#Db?Ez0r2JeXM!KVHeil19TvhsAL*6U*{bqbueDJdr
zh(qV@3G_AKYwyPHGTl?qLy$adlieKP_{ar(D@*6p)9~4W_VM5>r|_zlx6!4J3ea;b
zzeuABp3k)LY0=Uf8~V}5DNpnpo}fR-jrsP06H%`uwEHq5QKNEWr)tDLXyUj`t($MK
zQ7RHmwlBN7SbcYzx~NEu%>Z&~v9lQhs2{k4`;w~z5fI&m%V7AG*p)n>R8n!MgV$91
zOYd{I+orW{r<NLs1P@k4^t#yYpXJ2@yXuswR46|TVmtvKgIb*k9<rUp75m@!*7Hyt
z<uZ2Ks&xWMC;8b{aX2p1hYu!4ddmNThX3R3y923g-}oh?NH*CS*(odAk;o=1vdIXA
zvNE5@mSh#Om6>E^Q)YHT$R>O5&F^`R-s0qazkT2D@AvzoC+9x*H9yyN-S>4r=RC*$
zZv8?QQ>BRyiUoPC6fh+op-1!FIPg5-J)LTHmfMOF_bF7u#%nOG$$75-wcEq*(JZ*{
z%H12D77;})jLn<mSIIm#`37eq8ryO}pt6Z{$&&X1dF!>oj#i!R$7Q|MtF}uGGrlKl
z+D8UCYd4+QzePcxkirkdz4t1;i5v(d8JTVkz3)h200@q5O{+cS>r?}_r`6UMuwfXR
zPC2k0I;z3+@=^~G8uZN**%Q5_gRDrdk0pv5uVGs1RdzexUH|UAfl)wp#q_hs16%S2
zk{i#(SOdiyzZBf9$YqjIEUH`_<24NUYs+xGRBtZ&y!pnmt>e|~vE>k|Y+e%lz&ArS
zi@>mVKCHX5_`L*gQTpmFT?UKQlG|D1pEWkxCUR`YA2JB%M?X!>wEU<M5)+v1s+P%P
z8s9hFI)IsN{u-lsdUXLhEY9pCV|M*EjrC<7=k&BxZe#q5;I^iY#Rb|pCClr?xo=kW
zodiRd(9Kts)v0*WFdWI}{Vi;R6ka9^-T|f<^`%rC8#Bq8>$y@!wOAU01?xljZLjlj
z5DM_0`}rV-Nj>NE$Av^La$jXpwiy~?V~vBV<DIB!c8kX}l5uu5SMi<HnLb)F4TdfS
z2AW)3?@Z`D!x-Y*W6AcgJLA55C4CFm+%sd2Z)t<QXHOgD25{wHTUtEp`wDnvB3qf3
zxI;QWwe}Qtd)z{+?nPte*`87%CsJ4Jvj$wdU#@zTzd0|MYY{%dN)qc4ke}FFO1DV3
zKp&W{W#?~8>cMJ8)4U|hCX>T;s^UCeHoC3q4%ppx%Ou3{A3T07M2F*@W1YF%lwp(M
zC8^M4N2!Djr`Ef6X3=-f0b}f2r@3B?>|D(myJ?r8hS`;*c*_P=D^58&@%6yU$0|cL
zYv9>(F14{n;{J_$TjX6IGUuNT4@p^sUCdqJoY9&*Q)Z^IQE*4*RLoZ)U&pHH08zz!
zNd<q7x$i93))T=8DrjHCC?qqrQ1h>mrh1jUt%yH4X|i>T?O_ZGYhwsNe$&8AuI5(b
zbYnwWoEgpdm0VDF)VLYGAG))h&n<dno;7aRWD<d#&DC)Nr&>P}g_AanfeejHBySWY
z$<rrb?sPEI@Nmoavr(5Nx=(bx?zq?ORfwI<3sCYU6w6-jWq<Dee7A(m68hBZMZfFR
zRCF)IPj~U-#Mc5cI@!F^oJ5<Z)g0w0YqjIHbY{Bk&C}FL2Fc=zU8FxA%_vUWkkIL#
zQ5SjIUl{W}z5jZb0)tn93w@XgFsfX1W^bH!xHEr!HgUqz@JtOkn%=3?c1|kxT!y<Z
zd*otgb8dFZ6p}t$$LJO!pWd^sS**4ZzEM@ls3|85tVP_nyP_444;{7BUmu#f`XC}4
z$-pIWnQ;tjIpmeTqKY`HWratW6h#9G?+e-t&ePzt5KIjSe5wylE)0gdI2Q9Bsb?Ek
zRJ9-*)C~`uW0d44iBKtbcZxz^B%xU@daLh-Pi^sJVx4=_t@5m(fnaFF>+%ye3sFst
z!vOro$NUXryJuQuwBg<7S*)qEAB9~F1D`F@T+iI1uH^s9*LrT0J-bRg;?~b}SkyMy
zoYQDzy~R0HY{H(ia@$3CuBAv`;r8nhuQQt7^35-W^OFhL2OV8dzse<PJRyoo<oqTP
zVA^X@6cfpN=7jwaGsD1~YC<cpd;K0W&DrY_8e8#-=q<)(i}1TY9~qSeB-zmMW$&GT
z0odMDZM@|6+;8dJmx&J6(=<9sIw8+(hwU!cw-5h3;D4;#@Uhdt3`7VW=AUxGADfop
zu98%UDtfDFg+6vji?Hi#>8yC3rVT+~sT99e<cBpYwoC^AxVB~EfJ^qgZ%*u%=9ZIa
zAK%NoYWM-ReZrgB^M$=q)fRFxbLfh7J4o4P=tdPwmrtpO8`)~18QtQRkEv6cv0?CI
zAO7+5MHAz~WsP&RpjVnr6rUI_THfvIoB2GKaq*jzq_6Fx^g;n!RpJ4auldTK_`kUd
zdOl<Z0{xXxWgmZLcD!;%piP36clWz#&D+;yu=czhCb1Iet2VY5rK!QkzvZELo*NZx
ziHtK$P`Y|HCv-H3D#v46XVSqIulCa-uQc^9Uzl4r<aH+CfWGJy_P<K!-;=Ibo8?FA
z@3F(=v!eJOy`qBFIC+1uKV!-g7*%}z+F7f2@go1K_<gZ0%xm}f$t0@a9(b9+JAA(I
zuC(3**U$&BH?%|xar%lxVoz$9U~*B__es!=D5;fo2|_CWTBdHl+#;eM*To7+G!wQ|
zPUF&7PUD@~v0z|`udKN!hO8=)^r<_=JcH$4`bB1w)>`4)D&+vP?N@3Tuu(^W($y7C
z+vnPuuW&K(soqfY1g=3r`a@CYPP?6_>!Tg6VXPm4YYCgO{nekA+s!NN{dPCGD4{by
z<H&xMnaia?<VoNMPGC9m(`j$(qa18w8dl%#DAzgEJq)V>AJD5{I@iy%cHai;=VC8w
z8E?J^bbRJcGp<-^IobKCwkT|@t*-z5%i<=w3l)#M-iOg>Zbk%rpZCe$edFNB_$p!H
z%sRSCfv7DL`B^i<srPNNp6~ZA&OG_}q_~ASkthGUJ^qU4*R)x~%m<dwXLt9y^=apN
zNk)Wa`&$b*&+80CH0ueU_I?kgdh`kTicR5u5&*~JW(0#9u`&B{y2iUtEu_!4ALKRV
z_&7<$pkig0tlby=bzsVW(*N^P=Jh*@-1yNSmp51wHhz4*wgk^|&k8$rq!@h>o%`am
z_x$}~&!U1Yv0YB-FD%`3l65Q}Fn`|Wk$5?EsO4>mt&30<*sy(@{_sUh5J<5~dJxqq
zB$ZB&LpyD$TH|!9R^Pg_f1+3tdzdGrvdsgdSDyuI^O4<UF}b9LqFB2W@0*>p+W|r$
z6uBA2@!Q|>UpqT?ef8!l!~{PAJF|^cw$oA3w>oHeZdE&W(s3+A|KJQ690?B$(HFkz
zb-|X9UX}cE%L|#ODW(8Q1FEGuj$b|Y`4+8N`by`hGe19`67sf|rgA4eNMEH%taDkA
z<H^nfmY5f=6Ou~pSFevw1-OE*E*BEc&Q2zuk6g@BQ0>0^-urFzo=4%w-WKr~ox2{|
zr~2nt{C88?8HMLZKAc;9*LAU`Hx~OzJiO>x-`8ub1>D$Uk!mVfNAzb;k1aA9Du%ye
zU9W%SX-i>6&5Vm_vcRpJ)mF%R*-QH1xwwTym&bIm&Lx`BM{Nu0Jz?HEAz%63(m0l5
zOI=<vxRl(W!>a7zqUHV?9uZ!B{1<n8?CC7KDVey&W<^&1wI03cHX2bi6YTCax)UNw
z6r{C4P~y!<Dx?QxobhQ_=4xmtPRhqC&M!5F3&)CHgHA$vV@@Q0c8(HVK8?||{7}_I
z&_pVx<^dlrH>>}HSk%{&qL*5h-r3MU;U*MtLW>f;cCadZ;Z!Gx1h_E*z`m6v#V%SQ
zSMvG33(p?KEkD;}d?c#c&QEF{(MTK1z#=!iE8%8+nz@ORxF*i-kilD$zvZ9sc)4Hb
zop4Qtt-`u|^;~<W&1|_df%h)sTx(Op<5*nuKIZhN<vq4LE=slO^7|*)3ivF#Hm#~H
zRI;3VsmXT-_IoL}1`}LdLc;TT?Bwk9n6@znDE3#YCu>!#QUkV=$X5wb<>&zp-B4D1
zDYSSV{O4h=l}ed)GM6mAq}})G=OPpkkSC`V`(e<1jdSq;_mgL!LA>BuCk2Dz-u_w7
z?^AkxyBE%423w-dUK+1-hu`_@(H(vl7g*^od;-(h-J~L&mM;VMOR~{94z`DN34(Wn
zFRwS8azk|?ClY&22>f_LZLG$-IDlInWWT`F!B(HF;=nWSZx}3GyJVIa_)L$5_k&hi
zXKmrtrPdpX&EseXCqgN_JQE|maSB$C1=FTkQ?C*6V7)kLb~B4ZO7Ny?g-qqQ27|j7
z+^rw~JWeoB@h4l!tie*^#=rjhn>a}rBLGNY1X;gz36?}zB$M9>Qt;WjC%otlKdN!9
z^o7yx+CK=~m!G>|`knH7<}L7vRE#UiL>}Nh4Sshns=StxqO_e?&0n~z2U3^rI}-dX
zZd(@ql&hK713^hHJRNLl^GWqBVk*ye6ZVJSV4O`?nqO=jTXNPQ1mGto-shrjatE7B
zOMFgK?6SfgX9s^_{T<^c>zWX)%bBMiGyBnY3!HbN<IV8<Ye!$xC#u()_OauRDtHLk
zhuqDUpn1L?Ms<@fVlO*-Y~SnVmhhdOrYBqHr(|lk<Mf0D{h_iK;qolCs}-H3t`$At
zLhT8)@0dVfCy9)V?%Gu;O7^+1)SbXn2Gs71tE47W1cM8#KMw;|t`Z57X<@~Hz4_Mp
zG;I|sF_$fX&+Nj7TWVAKie?wW1B;+;*7U9I{dVpTik*){w3h|3m0=CH+C;(=1qa_W
zvNZ3!X-3}I=aB9DTCJ$|*HJaVmG#!M2u<ypc53A5X{FhOH!`97<&QFWlL_}XH^Pui
zlu}<f8b6F}d6h5=^0%OJ<4ir#{0a>vg!DS!`bfRWeei3N7`suUF*6q{SOcd8pXX%M
zlrG~8$};~_9+xPDR4YIVQvMXA{Qav172~}=#b<OkffjoKwhyg0r^2EqPmJYc92Cow
zgLlmz<z$@r_?|v2wo{IRGiHPET}If<2|?Xv;vJ4lmESOt*9#TFDL+H&%SrXS=2qPA
z!_p!!ZpprXGIcU#DY;L={`0V7rKSDWJd()@+1Y%F{*Grf2_0?wrICHQUl<A~0AJ46
z?I)w|e|JtIfQJGFIB=pl6b(iBn_<xW1wlQxPpJOLI_x@~r_(DxDTsCW@Sp8_S{0%6
zmj}7-zp4&JQ@bsl8Yv|qeCa*)rd}r(9ib1?2Pwt0J`-nNDnfCnkZDm3r`*9A5vIeb
zPQepgG6;O_5c<vsxE4OBMfYX}xm>oA`N>H`izl>xKW!SmhN*bwtrw#bcZjev{VU0^
zeZA(&suuxPm}TeAeXEw>-Re6{XXX0nv6sqpbJsm#Qy=)+YF8;$iNt_)(w!?5_DoE5
zIE#^x+JCqgou<I>7DcTo9s^BX?<@UBAzq-MANT(Zc>KA}yuD5eO0sj((GyME5Vy#w
z?9;X2Ajf+}YFlHt%yboge}tPv{xllzg>yKedPLQ7y^`jms^>c&N|Cb1pt1Y21dZwt
zIngZi(pNHF{plZe@S)*oYKbVIe?o*p@L$yfie99hU2D2Rs!baJYJkAW;lAj}Gh?(*
z4!|cFJe3%v6@9`t+JWZMV~-0J>9^?8o*3Q#&Uxt+OUsBH#fwiTaGys1{7{CJiJrd6
z$BuWLX~x-{59uFX58E$<y;Qw=wI_qmDOLVu@yJfR$<`SpZF3##DjVK*@w~++lVjJk
z;nDzee)1`f;07C%_KuCz6j23vi$s-X+t&@}#*M0(%Tvj4U)!ou(_TJn`%_-lq$uVT
zMkboAB6lq8K6Q_{`cvk8?x-wbAvwYi0;%ja$ycnTb#^NV>d$BjSa}p%=FhsT4ey<|
zYa>v^u__PUQ>I;SV<*E|w4fID2a31vIVH+lSc0EukI|WLn*RLQeD=!1M%Hz-q?mI&
zR=lx3;5VhYzQ~?@=|_QfCAjj#ZLod(8pN1GCv_`C^@4v|k+B0E9ub#A@N*nAUTdmw
z4_@3~H^I@~`=l(Gi4mxB>JN^4;?q%?XP)!y+QvU0F-TIaCUUa}pyV$h)RQq%<Gp(E
zwRW;t2-ghwO*|`niJ9z-ZXAY}DK}#m2c2`l2QPrFqmWOc9QD&Ho+#f!zv}lrd}q<*
z@QH@cj6<ic+)FO1Mu(y%&nl@H{PHF=@yC}p1@FYm4Rw5`2RE6ITf|<bEX|8Eb%wu8
zvPODL>WK#4|5t7p;1CL}4<cA3c#0f^?bc_4IUXW%@DUcKC=`tQc#L$C=VRysI@?Jw
znJKdvPoXqS(HmYpx2-saZd!dZ|Fsp~&+li-u^I)540TAJ2gND1(7B~7)hqdR?8-$>
z6=;UD_+TVW<|L<{9*2qfK0NJh_UUUPpcC2B9tSU-FRYU2t0E$w>6uj&eV1Z2@xFDg
z<H5t=x5N6?BnrIPq_E~MUnnlIRYj2g4DChm7fd|VZkwe<p1vd$k`iCP-<7;KbA3{*
zFXm$w@sx6N<K)=wOYlH5Cna|}eShWx-8*81t%THi4+kSu3H)0C^DI8so3t;?PnMZa
znHeHgWD)=5&K}@d>Y-MtlM<QQCz)*&de3Lcm?zt;NB7FJnIiDZp@ZZ%F7Ufwe6pQ5
zan`Jw&Q4QjRV0P|<;avz{d<<R#N60z+W9LN7v{jbw%P)+gx-yw>)M*WF0lk%vl`^V
z@svwX%*TOi9B}of!I9JVCF$wTM`X(`ammn(y}%tzEYUZ!rdv;AuHz%NohhRt8h-Zc
zvqA-5-3=?!uX3m~Roz&Z74u@YL>GA@kTnw95#v(|b7&`fsmXBaZ6CvaQNh4c^k;c=
zs<fWh&*rS}XL8=L=hjjsnR;*Gmj<B5+DvPou6oqIhVGI~@$_uR^<=-OuKAQAtbp6R
z-^s+1-!3ze!?$Rwobp2+yq@@Y1oCYj_fM@0?G`ZIsuHhRO7bIVF`%Tk4PW>i{fV`T
z>DT9v7jwjiJk%1cQX=aVHzIJ$!RX_s4jun~*|E5LGEt<}_A(&iXMv4A{pG`Bh52u#
zMVx4~85@Lb_s(?VHcARGkG-clJ8`2)eEzQ2^5%gSc~s5g9=x&mc+T=+uY(32eklLQ
z_9WKxL94nnk5}Qs7cSNuyex3eua7M4vI;Ylkb=+flRcB%^2$18iE2s?rt+<mrh|D&
z5x}zkqE$jrzG^B!9NpExx2V(X8%9FbegAGp0h5Gq*7Q?vS0Waf2Egqyn|Aely<Gaq
zyI1bnn^25aQolND^d_-lLdn>5#*R(C?M92EF}+}H(!uAor-!)$zz4NmxD!e5U&=2{
z`nAfoKH-bPEfOQb5z{d#WeJ@}(Ncq4K-0c%Pak*P{iyB}dn{a~L+>u#Nl4?!Ny`hS
zY22|&8hT*zwqlK2@(kTW>a)a1YSX)`F(=ejH<S9U2M4_@>`;X(Bd*4nB9GhHa=#Kt
z@=HzS60|8!H+^2--NB{1)wsW~l3$$vE^qS^V4~}|;5sz0Uamz>`&MaprNDV-as+7O
zS<9>+S<1ACSbE_-U%oX`Tst2-HJL0iuszMQx)b|Im+j-`O8#6+OLw`zew0huyZOFx
zr>Et+%az-iuFm`&_PRm??}s{Iz@EU0cOw4&5+UHY$FkbSu(RB<JDVV^&AKp&z0)$_
zv-hD^ZN+&q>eI>nPTkg%<*^SwXSx7`BP@<*zff-I79@<PPVT&uRUqstaa<fDTi)TQ
zZz_u@i_p0^y;F&~ywzmB0C5m0x}6ptDZS)oS;XSlI56WEbIE1wlF&l=MzqV2+x}}{
zA8_5+5pmr}j*X>!K2W~DQ#<XD-=kn(wmVs{I2%Y6L#a!Z#{@g8D=C;#2CN7TqK9p+
zs&#*uPbObsp;D=3xJjvk&V<b@1?+N<_biuUTUy5WjW5sM1=MGFdP?L58uN+mv}dz3
zcy`5~q3If(oP3&UV8)Dvoi@izw#-vpKPD3!u`j;iKhXJtQb~7XJrgEV3u7+_R);2Q
zS2y_!88+LLw|Ax%H^Ike0vqG=1HiW!9hh)SO?e69Qf%y=p)+NS7sF-PK=eY}#qYYi
z9cgc1T#MB_x?82syvH)jH_%*Rqj9?1pR0%m&N(jzY*tkBEKj}fS*u)WO6OS{BFh24
z5A|K&X=BW@aCc$FzHhQ)ooClJ2u;`dr>;$N!;r4v%~_e)O-$@2U<Bg7zME{W3KUwD
zI0awV!rQA{#&U!0Z@6wuVFMfUu~Y%`R66@Rl|AdR10_QRmj;rtfwJf0tIGpcvGX!3
z4VPRui>H=LukW{{TeA=muTEgAI?J`ZaJBp%zcqbn%56Y_Z=zFJWl>xRO}G7anU!Lo
z%QEnece`}E#-e4u|DAA&>(=s$H_t#<-9-gk+isml{*GtLQqaFpC|9?ukW!}gi3^Qc
z+9|fY5MCyxOxv&VcPv|(2lo6^w>aLml&-vZaYJa}%a(7T(&k9ILjF@&jD~}&TgM1?
zV9Wk80CV2=u1%Kc2mehiGp}Z>h2VJ4%K*a2z^s5oq%Lp)XUDGoYWdm;pG*{v4e9gC
zo-A(tB@f1&mbX@U{CD;DYDz9o^JKcdgE`-xndTWN?=Axtx14r~%FuLAqx=;EALgXb
zKW1auJR4F=a9LdTv~rD#{8oDCK3UQW22&W4&)VbmQ;W7t&zO^vzToKFYXg2)JI^_L
z*WJblr%Cc)y3NdBiaRVrex|JI#243Rq|{}SCzK%LX=d1zE>D<_&R=$rJ)v9`df7;J
zl<uPF&YSliTfj$)V=K{Cwa8q9662aj-|`nUA?{5I`amW<zi_;yC#g}d#C>8(xHlpc
zCAY7dd2AHQNfIh6oBF(S0xa6%l2ghmzq6yt;wo2!vWJD_o?7HIL^s8yIpBK#>JP5g
zT4+Mu3y55&c_saES|L?k-y=h+2IGF4>&Ea;nmwZG1yRXM3Q9B{xm2&jPyKKfu3b+7
zAdWv_A1;{mh{-@YoFnN$FcGzm-bEcf>RI$u++i%jAI4u%@lVP+!tkPKN#m`O#;b58
zdq`hFl~1heo;gtf%Ygn;IC7E?lYV`8y_AN>!ydlBRMas!uPQ6|n!3UwI_qJy8)!6e
z$ZG!Ei~J`|VUhtjnVdfW%5PRLX%;!k4o(W%aowkr<cAwIO;|zJN02FjQ^K{IKJ!Dn
z3{E1D^ATeK9XKi6T3fUq)_x`N2U$}pe;{DLAWNdmC*==n1R^qQTQh8n_9Go=X8vSa
zFm91W^!)={|1vf76m_YflrIh#U_=1*k5xmgD}(baqINna<e*)M%6b2;97G8ZZT^$+
zT8L{m{iJgG4Be3k?2LE}#uop`0{>rS2-glcZXO9F0SZ)5Zxwd#Ft1a^wlzbxXu-d7
z>I+R3obuJ~d2Ue<q8~8|XMQx9;FR!OI)wgDj{rYo9!`pgKJV}7L&1~@chy|@K^EsX
z|L1AJPpoFYMi3r#Fdp?Q-~|H{uIM-HFEk!DwSU=aT>ZQ2AW{SmH~Re!1k3MuAxZ@^
z%;YTOKZqWXw3j_71)3%|e>e8lF&XjZXf#2P=0ITy)qq1ThDZ^Rfb2p541m)j01Gz^
z0srHC0uLv+?1L2oOo@Lq_P|!D>jk#cja~=71O7@eFdZ5~z|5Eh^Gx($ivd<r{+!>#
z4o-@w-7&$Abqr!Zr2Zw;9|!o6*v24(LzzehIufCr+y&i^Saq)aj#xLCU5HT(ksdAZ
zaJwMHfWweMw1|*FdLiW4aXz^U*4b!?{%39f>Ed6;{$?v3El>ht0eR|BRRq)GxU3la
z&3T!eJfH&*Yb-Q|P_YX^6cOVS8Vjxkey-B+jDVW~pZzPMj=`e$7$-wx2+o6Rj1VaZ
zRsitY{y&@XudDz+&g%noMnLxUv4iX41>B*P;cD&{=PlGzLE#KUKH>(x>hw3+wx?Nr
zOG{=l+vwiMCViKhk$;0{UK9`^?~-Koj(W@&)gVZn=DBZJL%Zydm32fUQ<Q~#8>i<8
zR+jXe$t%YE>k$>G-iO#Jb9%}&8<{0pHSo!`00eLOs+hBqdcr5am|!qa7{sWbC-S{u
z5TRZu+e9EQ@FF#$;{G_7kTUN)PI^_O#qFe|76J>wD#0ufRy>(1j;sfuz+Oi-kg0i#
zsbiAWJoQaq?!Fq?d$CO9E<O$hZt8T;eT)o7Ik=U1_q39XF~(!tR%C~e#14!AiiDL5
zka3r*kh3INaT}`YA;qwYK-qIwlP4o8#C_B+e6=Ct)ZUgIVijw|$E>2s5@W?@f%I~i
zfSBS$CxMF77=)>}-D|X&=JXW6WmjOu@vp+ml6?aSTu*>JV_*{*!_@o4N7X<spS?{J
z)b1&y9dJm!^V;BShF6e!K5+H0BII|Uas^SGj{F5i8;9rG630d5JKLsaNuTEqd}mrt
zD`zO-egum;IOR82P;7Tl+<{nEiO5e+QJM}}0Yn5-n9>N~<?ez$&ZfP3;N#z<Dsx^C
z_@Zx?WC&+4`y&F@1ipyb(cL)=S?G);J}7P$^j$E;X$`pVX6;}3&PaYf0$FzuJt(b5
z0cZm`<K@C5<=Z@*_6TO#aKpg3Gm!=*!F`-N0H-|y*@0g7U~(;>0-xdWbi7Y&!XrU<
zK(dSRAzOjlNq=N4Rzx#6FXWG)XgUT8kn%Su>Od%fLs&pi&>sWEQK^TZ02v&DLiTqk
zIFErM;s_J~m_FS>#&9f-LIKetKmi$s2n9rn2nDDYA{58?1P%oNmwkW*9E$&JELH^D
z?$g|7e+0$F-=Tmge?b92+2|^vfshsu6x6>%fgtr46cGI(C`5mU0`nLsJZB^U#Iztf
z1`3E40Sd@4L?|Fq1SlZA5TQ8Y696jPbx#k{0%GtBia#(GD<aZWg5#)<b7kX8OJo}e
zKp#gk<q8}u0$^%;9f>=5*q!MP0uW0D-L>C+2a&FUWf6?44EWNsCJ+pw!*#gKO544v
zge);Ug2XY?-~zV6r2<s@rY``k726bbN5csM79vHgiV*X|)e{U8i1JrB9Yhm?NB&X^
z5eO2{-2eh${IX481%nL!RobC>|6$s*)LDBvnWLTqA!uj-(U?t6jS&3>t07c&epVd-
zT*yEpz*>!HMD|fw;YJ*j*th;px#vf0IA$6o;5~p)*;#)Nb%?Y_;b?J!m?Nww5GBI0
zgXj^+wGic@SONkfz+eKGpyPuHH27Cq|G_k@h$2^s2S+{kcM0(nvH>`}kLeB~KgI}&
zqp(6oK%|F^fZIU(H#U4fnh*%n0Ap}ng(UpUh#v`Ybk_k-2#^#pAt2_zg6SZZKuW||
zLhuL_OAsZP5WtZIoA2*}2{QOsLj1wBXOm#bVL2L1;HK%)C2;=))=guKAFu)-{9mB0
z1;Qo<B1MR%S78ufNAbFOOl%@Z<p#G^6iJ|);q<?Z$bd%)aA@~j_cZsIJk&UnuW%Qe
zLR%(;4I4yyXqyOMnjpInaD_+@hdP8mTrq@jI?gBFP^o~+{#Digz}RP#U*{#s{ssy#
z|9@fuL2><eC?HZqC<1<m;>s~lAV~cM1w;>r0_X_`H;VU;W-Jt+xyOX@x8I}P^q8c8
zND-lc>_UVBN<{!+4TBUzgyI;V96$ld{sqN<Hn!*4WX3>{#bIN?_5bhc6VLC-Sagh2
zpfN;ikF(+!$j&Nr0$^Y96AU;OeZM<-@)+;I#}JYh(im~2_zzY9e>Fz`n;Cy(#bqe|
zAoC7tPn~QsaUbw>Wd}2q>B^xnF!Y-pHIh#1T5HRd&Fb?#P%yQHU|zE8NcHItl2_)e
z2HP^nq=ym}2VL*DuyP5l{*leXLkWJlCXm>BGGdtGwB|uKyCu8$)B`Hqz|VGem|~KP
z8>FU4GV!ygy9;l%+E*Z&m%qACxInP+1ewahHG;QVsk5LSc!zB;_OpN0)(#4>36Ejw
z4|)eTLb(&p`7me%z`P{5JppB37J@WCXg|$kA(|sQ-V)mAB#3F{3Z(hLF3`dSGW<x>
z3kn2xo&7;)+aQhJ!`n*7>3`4;_^BRsTk3C(rAE?c9i1d23~-@pBKQ`4a1`)Q?d;KA
z3e*W7vEuh`7HB-aojuqGLJa<jfZuy}s2cxa>khT)h~)<)<x&6+om7A;0o11>mY;v$
z;)D4OCI&=re{ekVyR86prhsTHbz9*8ye~Wy$bSdL(RTK~?q(79pU1Sb2iigH@F6IU
zS(N{<b%)yYUr+$>_5*7B53kD5q6`^^2*tl@@!>u>fC8fb1qEd5@%_gyW2xI-4+J4J
zmVXBY*v=yEk046Kii~+UD*)(VE}Qlb+t~vsAO^pn_#aw#uuTUJVQ~P(F^wf;7$OvZ
z-r^(r<NykY9)tpbP7T4dKydM|toUUtwQ}2UUG#IN+!rrQBSd=?zynY_hJ!`mziDTI
z-?s06*3TXs7=R7@AtX2sZ!8YZ6`+RsxVHCaVgt~Dt0DXh0r5BkVvbNfNsbAp<Ifck
zcZ|m!D?pnl;Glv3S=#?@-r;E+dAm=KcF_<7P7V<u8oS^cdML&IV>=6gC*)wK^6&du
z_)ZYszyGoU;UM6cw)bb(i?IKMcg(-4)4|!u@0|tI2_rTj2p;*vV+8=(Yaav?<f~t4
z4V?}gS=xV}My=dA4{wDJZHxXcA%5Sa2E%vmz|mvxf8Wm@*Z}qKzijyXw)bb(3qbA1
zG5st=ikJ`(bA*I|C=u%`{9NH^oBH?13c#<sE#SGrK`=p^{9nOz%<%)_G!E@;cwcyU
z2{Xa~cd_6~u?B7f<A1pXv73e8e>f(Z{$)E0Eu8RUKzJwp(}=%s-4X6T9MjH1eL5l%
zH$k`mEMW%~3^EL{(jBz;|JdOJ@YCntcN3HFW&vXGtEwaR?#CI+(YHkb^`w6Q1-zR@
zy#D}CilaI4-?X!b+L&M39f_w`NBh8o`wv%+3FBkh*?Y%80g)m=0U3q}1w@KaPT(Cr
zfN+28m=^y43W&iWC=gtHoUt6Gs|UU9Kb5B+=g<F_y4infX5n}5;0^q*v>@vSek&<Z
zgNo?A|93q(aB$1jP~uOI7LGULH!BWK+@KhO*B+jT$(@9rpcuf7qxw)7gvtV0;LVCU
zf*#k%=S=T^oTc!u{!!OE+53Atdt5gw^H1F@@T;AT{IlLY@6Wp4sh=(WKX&+l&7bw|
zZ5e-d0Acw@+8OeLsR8dRfnT@#|K@%L*Y8U=ob=ExMc8C()*B`y=zJzqxNK|JQg?S}
zk-gMqeQ{`4ZJw%M(6e|iDI*rvG7^|M;Oe}+F_LaSxwspv>$0-}tkuF?SBGMSUDSJB
z@dIOhdG;5Ui@h_2_Xc7qUDsE!vFH24uyujew(b1D`2p9Ras}P}Nmfe0@!|f|$Vl7z
z>Vg8S+;M$XEpvZV&SAGWGj@9MWpc~za<N+ZKL75{TvLzzJf#k>+hZ9BZ1h;dfVE4m
zVWX&f%<uP^_eX%m5w-oDg}vFA`Q=NPa{K$`(LlqzNsX>CZh5TbenaNg4(8sD_5S8O
zOlT*?)y=XaHt^C;*UTJGQvi%JGu9QS+-bFJf30zu>U{ama;EUk<l?3M>5k&qSmBkn
zSQg8@&BYhMa*HLf88pAwnhtD^Ca?F6v<0qEl>=LrV!#7`-56c7m7P-?qd9w;0K>k~
zwp<$}688R5+qO40Rm|SS#qEgZw&<d^-N5}lDuXTi{h_|v@_lSzXJb9qbuqT=9Q_8y
z@+P6qhs=f5&Z%Sx^aW=X1@!&3$$eP2cc$yZoz2?7SO7iv>9x(w9?QMy**2$sm^e{C
zY>$9)A6Ob$=2@Af3Z(+JHb?eWGQdxuS8igDY_A8-Zvz`seZ{rq&g*j>f%_XfVXm7(
z<xbl}Bdf)cuKUFbFl?&5z5$nY`(?|Ry+8p#v+WYD?m(~Z?qlro{n^+U;puIAOJJvV
z4*>SC^&GZxhIcLdg`-Ed!6(J6aB{j<Wo-KZw|0HTVG1qSw^pztim=(Yyc_$x)pxHw
zpSu>dN1e3&Om!cp$K_KJ;4>}!Jqh^qEw&eP_jc9fRIR}3xWFX3;5xeCB!l2OgW#lu
z;JSq1q>13ViQuHS;JUZqWU}CTvfyN`;Cij#<hbDaxZw0(SO3`CyHPLpqD+8;|Nh`g
z44?D!8nA)w<=UJC8yAO}w8btb#O6%4IJCBOuZ)*WjNjd|)>*N>vdedAi|^%LQ~)&5
zBoUg@4ZgW;ePxSJb5YlLH|ib$G+&3A^u*?Xq-*1MSFGRf@{vK~KZZNt!>iD+=5CZW
z(0mhS(ixir4*SB8SFP=S8(tm13m+DM&z6VJZfkLvZRwsIFIgL(S+UmHwzk{i%N(93
z1+Ty^A2_pfFDlx#*&Jw=hmGgK##N7AGvFh?U*&dQgYyx_<=`VfubM#fOV{T7y(pgD
zD9c?w%PqcvE$jXj>$27HlF4yrd;oCz+OqjIb~!0_8RT>@*D@|<W!(81>TB2pSqkH&
zt&lRe;H3oE6j=(>rLCMYw*>IT3|R{ErLDFyx9la+T*4b_I-kmrF&Z#i)pZ`#FNxYb
zCm#GPesRZ!eoDf(e+ikqn9(~{UVN9aRa@uLV`9R^w!##u3tJ7CfYnL@qboo0YGPG)
zVm5ECxYb(rCHD&6x|&nWBXk0^i~%8c1LCg8XY;rZ^VW@>N*kdorezEaxf>WKES~_A
zj}wtkxGEnfDxWhmH8>;gA0-kHB^DSZ5)>sC5+xEACH5jpBqB=eWt2#Clvr$(NPLu7
zVwA}1D6!-yk<=)$bRbG3BT6hYN+c`liI((-Zhs3tw+DQ_c6@G*e7>%HZti@(UVLtT
ze7;Zl+=BUhpYypz^7+Q_xh3%VCh@tY@%g^xbIa!Qeb47s#CNMu*)4}Sz#2Ks8ZX)!
z`L#7(hBb1YHD0MTa<w&HlQnXOHC~@J@~Ac5tTh-rc)QlfsDKR~mJKqY4IYIJ@&%g*
z4=$jXTymU1@tdHFoIpvNpevd{sh^<xHi0rVLAN!5f-y-)I*GzONyk5lB0Wi`F^OU}
zN#{6;;x|bbIf;@snOh$~6jgdB89yaCWFi@#F(u?q3VupT$V3W0V`|8qRQ#0Gkcm`$
z#<Y+-Y4|B=Arn9vK4W^wopk(^^pJ^ke8x9z^u!OW))I2$<8tK_^5o;*%O~W^#}&vY
z6w1dH$tM)c$Cbz@l*-4I$tS#&kNY5>5G@~9A)gQ{A6F%x5HBBBBcG5cANNU~#~}^G
zLm^ruB3ev2S|mDJTs2xGK3ZHYS|l-A{8qHc>u7P@Xb~VeS{y%GBsE%`Fj^!%8hl`G
zp51e8f|YN#Y+6bFZ(W6OnTsZ##9$C=+juE>`Q=C`c>A&OCo+hM69dt$$_Yz_vMb=T
zv+vULZVzqBTCFXS$gQ-eILqUM3J9m4cARC6?L;ZHd){)_T}Pl{{L0nL=+T^)ah=Tx
z{>}g675Lv-{1FEuxT1%y@-fUsXRb#9%oBMzcOp3d<8>ksnghQs(<=~0l^z;682&G=
z5BIFmO6`a)TB896|NYq&7bGaPJ92ID1r1|^yWnrH+5YZ2#h=(P9A{~YCXkO_f!~Mz
z>ydB0Ak*wm^OV}I%;hw^POTq^KARICTpf%UC-VGDu7D9Ou0sK-kcll$yj#yA)@oF~
zM5+kb3}u!`6KHR-Wa4`g@B2xh7wxF!CZTF0v1+urvz;KyFuh8A!vAY-T*D)Aa}AM9
zZLvSNMhU8dIgEV~a?Nko;le^xP#aJPcm)pr`*&ACp8Q8T#Xc5!|NaX6FT}rS&BgLT
z-*6{rf+mx;W`O<=n7D~Kk$2rD9d$*6wx|QyF$1^H>_q8TxVFEh1K|8kB{6XR%uVpm
z?hKGiwx*koxnVwX>DNydsE!#yeHb8%VnUFc9m|o437RBuL1>VOFgSA~kbc-f_#`N<
zWf^++AzI5L9rG&AhtMScSa1^SlFG+!f0KnXAVWdmu?eI%j1*!N2+fIk$q6d5*c%1$
zdu|H7YXrS}Cjxx;_V-lx9O8>@AWN|ZF3466ERapEEGRH2QvwB4S&hzJ$K0!v&OPTv
zrZhCrc>x^w&Vqk6lY1%87qWK>ve(&##?dVuaQ38e^i2numwr;sm3^!;#tbSj;rTYf
zpL9h@tyLV$IV+vlY2^X*r{l-;i3GIL@2WP6kbwtk0B|*^AT?GbpyAzCP`jHBI)gK6
z4muOBYlce@EZj<jOxwEy4FiWPKRo{bZa5F_><qZGS+)R37e7dsqvQWDTwmM`8Ym9g
zt<ehEeG_gsA>8hN9PXyNnwggk1K}_NKxFFoPB{V@ARRaWCL+l0esl^dsLpd!a9)Cu
z#%J@4I}t=H8Y~(~|1fOAbP?3SMiJ97gHXF2;zgVXsV0s%+yIH7g=+T!*R4d<QUEd@
zk_LmMO$0*Hpz+^_%}2q|d$C>s`m4UU7xciWiv{Sl%4mxZ-3?BC&_EwFu;j`EigBnV
z1NoJVL+<Hc1ta%|4dWaKTKQXy(G{hL=L6Pw+U*Hs{Jv~vtrw%ki1Q|r<P-cgY&01_
z{fn|fCK8DHzez<26%|5%_Vr8sft`P2{;|Wr-+BviIzHsvX;8zsPJXy=<>9LQcf%n(
zYM^gHW3Oh~f@Xd;2cki<Rx}ujAm9&;|G_Z$GYXCwA>dvKqCN>xPl-TW`9GV3)Mx)}
z82HcAV~A}blhr9E^5nU0qB~~b2XwgUOjj+#WjJO)qIISr(VcM7d64Ko9R?=;tLY`N
zET9(st%RV6`ANurdt1<PSnIZ^CYR=Cpn-KeaG<WZ7zFG4t~TiBrL&ok{^pSWD;kjg
zrC;O8i2Ze@KWF#@;+eJ+W7VMQHroc^oFca@P@}#I^%V_o3j<cijBEMqM5SLpl9Bl5
zNaS;Xe}blqWx_pjgySC#r$g3$Q-!pcWrkd22M|IWi~S%6YJ<AOb-snWQ4Ox|@AD5&
zAKmr>7v6tG`co3{+5D)eZ-kJ7|6i^)>4Yo5w|l&*R!&Y1X>pwvOY5f`XX$~!pMMr@
zgF7brLs#SPQjhWpar#_POYQLg@frft1=%DNgV_Jm6<q)S>FxjV-KE`IBAI>P1#&^0
z>ela^D76cj{{n6n=?9X*&6ix6GA0=RJqtP)2WLi$p<Ptnx;cDO7c}XR-T&~nUw?sw
z%{pPJZQ#Tli{mn7YoFT6nh<FC1eUXyy>6@KhR<A?yN(mwU26x7<UoRzZ!bXtz?qZk
z{@TPWd@9)%I5i=E1-H*d+;WPxXxp#<E1Y*0oVPg@#CuE_;yvpE^1hl`T9?0zQu-U$
zi98-~>SuFHxc~bPruxp6xxv*q2`4~voCVbYu;6--!6|s)6qa$FAjN=4X6dmM|48t>
z5E60G`ml&Y1m<uFofhRQ-z;0Ow->etfW4KeK<w@Gb-;Oh#5=QJsAO}aI8%3LeEhM)
zb}fuze|uy^A$G5`jn8#|V{v38Hc)qWa;Rh4d%dOHaf`!}k_r}6zOlB<uvb}G8w+er
zE$;SsQ^8yvvBw8ocH2g_1Lt*1cQ;nmV5N>*Y<ml9x>Vq)YMa!~<YeOB>f)qeWxr=^
zzi|1bwWi))$6ns~o^rvm{aS4Be05`EdmsIV%t;giBqXF$NYRha+)`xfntdaLgoHki
zj6{os^rEx}nGWc4F%2Q(3m(-qHP>k3@sS?8F#9A)_GVjYn{l5&skYFzep#*??s?yO
z9}z~JAf~C#Oo6Ao5Bb6)q>H}2k&ZY+S%-f9(Rk-Fu>F$RFkQ}wr|5n8wgyqy?#i}Y
z&)0o(;r#CFVPDEP^U?+*!c3*RD=LkJGL6>Gcbb(w+~2bR`k%l?*7x@;M_P9J2J-Wy
zH^p)^CS`ZM>xz_AXWg)4EC)j(Mb*F~$-V)joSPZ@>X@;bjNK~p($U;Ck*eEloTFN<
z)1=%j7;U4XV@WmGc<I-lPt|c@FLZMZG-KWxEz<C}Oj26bx>fqt!y|djNG(?*H!XO<
zh+_kTUoBuC;7Cwh*j%`1z0d0!T^>&UY;VXsJyMzoloz|CP;R*ws=K>qzYJ8c2Wgv2
zugjg<@dxC0JasI;1x&u7S<u~Y8?>J%lF=sEu-UJpnPz>1+HtDTBD5ltAJbA`UcOMD
zM=5{_>0K^{7fVBE9`bv4qPNXWiDr~}jx^`{vLDj{IX7X<LFVBvzjA4Mw>D?g7hTWS
zRIFT4yIjuMwUBl*^L?VP7yD)H4vlzy@$awS=H9!n>;e8-5Y4xMyW+3)3N&b+OLsB!
zA&ai#sD)n+K>Aceuxo;Q@?kB2q(<?^atA;Aol}dS?d>AcuUNez8F+g{X>x5eH6fqo
zH)*|JQg;Fy@!6-=C8k^!-C(@DgI6A+8_tE`nkP-&3}s=ug7%gBt%=#H>v!xNi<LyS
zc2Wx^pth3oMm@%-=<VV>w)-ubliVdQ4fy9tKB|UIu<l@zwF@G@92dEzH=kW_UB58t
z?N=68atnY=tsq@pF;cn`wd>>dg=roCWsUGWEX^Aa0TR?GDu=}8OX}|z6jk423E+7?
zqY@Huw@SUsGKCh4szt!+s$~W|&M^OQyR2xy?_J9l3jx1tuHRt$LbA$9%?woe&^pm3
zmeI2~=db6v_2At!4;#6znQE1zbnQdnIoxYFZ@lZ6V=CtaFP~a>zkK<QepObymphem
zz4h(;7xH<5mm-vQl>Y73-qdnt*#XzjH47@SbbQdkEU~lcZeCvMDRD%Jp<{Zqb1HaC
z<0J~^o6=}uk+0~+vc~Odmz_T3<|UaU6*0&(orzHn({lfK%D*U^R0r9z(ze9oLdK&&
zSz)Ys`|@Eb^DmwizUtx)=dPX)Qfk_fNzOs<sZXLPNC3{2)2IvP+(DI#ElC($PSg!7
zG8O2`sj$e~?(z%U;b<_tU}L%ItHJcjXqOFp8|e)R6XlRxbAngS{ZR`>E$wNP7Sd~W
zSLk0@W95HzZ2PvC>rbr2^8pq7B?z3k{@vxEy6?LB#jl%4XIm=ttb9aY6y?G4>9=hR
zsXr>uyXGVTkraCZ2IH#*F+1K$v~|yL_Tp&k0-f=S6(5oFoX4Po8B0aiy>9%lmuR(^
z=xep)&rN<-;eh~pMcjg*6>RaeP2=FlAYSvGlws?c6X0*AY*>hPE;N%f@ShNX5p5cG
zWo{}~=2tcc5*HN{C+d8#eBXKk-3Hy#MAd!Ml486k3$QT>Fl)WU_lSW)uydzCSEt*d
zH+Rtfgr)TrxB50@%Fdlnl%k@HxJ1D|$a2rc_8gl6ZG)c6pysEef7{$9o~y6@!vDCV
z`kGr+es+S(v(6o#FLQX+bZA_8&gVk73f^uiCce&Xt|V}!za;Bwc!&73#%GaTeQhQ6
z4aHc7Jc8Rm@|rY{$daD{n_8jmKAi#q%)*+ymvm1C)vhwIpak!->l=>;5>$&LN+O$z
z&-yB{PN`B&H+4wciL-pL(29Ip-!}Z1=ZsX{dPI|qVpyI9Pv4iJ?U{vLeV?%1DFY*g
zt*b4t{Y{`s7pwQBM)xh_$jFMyKo`N<%cR~YPHk@PKyzRc`TC&8`O~PrRJwd;r7HHm
z%xw`TCf4rF>^_UNdq8V4&9MDhvGPOUl&sgsh{caR;UqHb`DCu&$2Q&|Q|0B<g;f~7
zQgmtv922x3Qj*+UjLH9IWx2^7Uq`p?pzWrw+F*ChZK(EPjq4JQeD!x5J$}Bi{+k(r
z@m?=(Y@7qO46kooFZU17vGmJu4lVjng^Y0yR%7j)t{9+zvg~x$^9faa#P^S9$Yd<<
zooViyJpUo~>w{EG{>te!i3GuGUsD-XdnOt&^yaWgWJ`_Y?_3#^DtHwe-oYW=FDVmW
zYSet+`Sn?Oa(+kadqbf&<ftlf6!c=`IA6G*<gU74@)qblIUq1o6T->GADk*0Naf2I
zEsvV`Y>8I7_H3NUDG9YVX02M*W77Gro^gzex8(&UXPolR=!skJ++(F<_ok{e7J1IT
zNUM5@>@>zDSg`Gmh0fat7-y}`R=>zaxwixY6t5dCOuV$y(ode`Gj1{9KI8e454A`9
z3ZH#vbThjwAfx}i_5;luhFbxE0teyTMr(%flhAV_MdP&|G#<iIIoB0-u5i=YwFEBC
zP}i$!hiBY**=$f#e*^pC%l9;VeL}FLwoAnwFUW64h)=h*j2O4tppp<2jZ0`cs<XwX
zu~bXfg>HNmf?a<=P%k^4NBHnnajmIxbznkNjl_`tCq5vhJ(W$N`AqS+#6>SG+PMHC
zyKCb^_1cq{!FUMi>KT<OwRokFyC!kY)0aJZ;-h|2dz&%KgG2)d`~9fpW=U!y`w9l-
zkMEZPhCQfUk<i?oXwIdjT~%P^4xrk=!)a7pB&8-mt073N7L>-))Q8FOk!us2ulX*j
zma!z@$r%ltkTtNGtPB+6{D%D6`R=TXIzcv-ubv*WE*k!OFC!_XWbB=k8oH8KW%b!?
zH~2(Uvs;ZRDX2yat0y|tnKvBG#?Qr}Jz^*M$TdseK#TE!baN?iXrn$)OReTTKkd*$
zBBcTb&WeokD0}auvs`_1i-rx=X3!HM_j#6_UB$R-z(p}eX)HG#3_92_?ljec%kD|l
z(YzC{QpXx3Tn#;#-2=?IMdjo_?r(e*9Q`2ZsZ9F%!UDb!3*Wrmh=gp)Mq1<Yo_bG6
z&j$u08m8?}fkiWKzZURo7E%(8y;0c39T{iJ-I-|gmlmyce3e-2FiS^_?=vmoI%90V
zhOY8)dIn$>Ey41z5D)%x9=3#kRY<BG>E4cM5i?RqTf9u4%Vukw8qVAEBD$sHGEXlv
z6JNxoW{IWK45HDV2QzGZMtbDo_qSd>GoM4e!=5n>eClv2L%}3|1dGE@t?h7fjfr6o
zpCHiTP9k_|!F2Z?rAqcruaj$|*%J$zx^|Y!L2(;^Qc_<ok_}+a@;u;8b^w0NTDe>{
zwO&{xLwi9+)kNuc#)U+skksgQ^TGOnU~5}l6iLzV4Nv7oqfT79`AT78N(iQ7V@3gs
ze^hjx+LoJ~<lSA|htJU5`lOHpKM4>w)iP*Fp)@_t>|ah)GB<Q1Ok(m34YrXoc0DtR
zs<#o82oOISlF-&c^1`?E9UF2!EwG&wDxxY>#*y<5rjCjBRnN20kclWEM>;&MD<S*p
z$&_W4&QZc^Sd+w!v@l_7a@kN;t$NuH=r6u$>?q6AwF`xW7F$){pxr{n|KyuI!90I=
zT4jC6w4n0yE!5cJ0@vU`Gh9{~|1JV`;3CE&0iG9)k;s|=_1yv{?zC!prlh44{SvFz
zEHBnV)aLNjU>99am$Mm9Jf|!re{IvNx!_tO5KB%dA7wVL#e6|8RYiAsQkZ`;+#n@q
zXU5K6D1>0aXqWfHP9=J$XH9&ht?g6SoL0=_XuP_Q!xHsuJnH4N68==tJy?q~f|M^j
z83sh69`=*m2at6ijN$2z(RP(x#NQdqS5CHCeNojfvs2K&vaqmfJ0!7%Vr^i3;^sgD
z7r{=8%RXwst!dKqXeQY+s^J$KaqK3<sb~f<u(xSkzBwAEye+X5y6!o;Syai}_q~z+
z#1gH^!2AlyJ*jYIb`r)Q9!K#9x4f1bmGfrn62H&-#ESvTO2*jQ6s|t9@stMql&(=z
zxukO;TKeA!pIcby8Oe{#vNf51ikKZ`&`L(xOsV>6gY`KeOfL0Ckpbi2PVmR9w570H
zyyUyymFL}zZZdJOw%kD3x_Ymgwm!GHGtE7KweZfCUp&Uj{mTh`TuJvZH5`Zh;*nN_
z-*P%BFWr{81b9^ivX-91gE_7kNbWE;`cp3^UfO<Uu%x(u#@CO^*I`j?F_H3;*9z@|
zHz)Od16=eGb|0(D>ym;yUDu??mtq(^#~H)Vs6MyOt7y-tdD(NPbA7k#noWUP_=&cf
z!j52*u=w_+69sP{-G0!w?v%HX^TB}L`NZikDoj4XoG^SKr>|j~Vex(f-D~FYeomFQ
zFCFeM;f4kAr;oWr41Tt7NBI;Ow_+b-pV26FYNzW{x_HVhDHbZh1udRg4FitlD|L01
zH+TybdNt#h`v~6>+JO)GQ?9tK6h5PGT1LOUaW0LX3X8{iGS~m9QGs5c)>}#LJQlBn
zI^4nR%MH&s*nz3SHj}y8_RRuL1E!4Ts%Fg;YP}S1SuuvBp}Spyl&bn>#GzKZtL=^~
zHN=>uO5Imj+F7dxRM?(JvprZkYmyT8M$W%*V==i)GKeR~*Ng4?y*qbyHk$SCJTB(@
z?ii238&@shhEnId5{2xWnL~r}*qW3W_I4S38W<HB{~0{sg#MWTlqz53R16=xM;&KM
zX==*-UsIb>u#66~({IdWA${DPyW%{G{H6KI+Il4GO8%>J!Yr%9RfRp>s%uq6wioK(
z-m!JA)`+mBHCOsR=NGoN*s2j0&V1J?xU1)O>aDgjgu#Ie1KKVWOFJfvVdUln*9_iZ
zt$r!s$`RH0{vIgSICYYW5<GXOdFt25(f0Zb8jK^Cv!(y+ypSla-oPa<u}^`g<*+Cu
z@E)i#&V(ST1>aNga%@21&`r2DJS+h`9dWnqk}fc5Yx6!=&zAf_CQ3m5&BUOqdrVw`
z&{{F`X@C6F{9GnQti@j&)IG5{9QYn2a1B(pRo^gk7<cstBqFVE`t^od)%r?5|DJ8g
zSmbOt_sESQQ__p0u{i3LIZsmSfM}kn(#vHQFN4O@A*<Hr*$S|WdlUUguuAhmp8SVH
z3?+komS0tJOer5d{KjjJwH!ZmvaWSV%y>}!&Up4$@W&BiLMp2S93+c_QhN8}BrAjB
zbC+%KAMCKQJpvS&o!Y5$IJ-xSW)<W~3<1eO=kDg_w7^e#SMI&bb{1D8K>6^k@z$NE
zEZRw7TN=}PPOm3XFNeDIQ(zUWw|H0kQc{#UeDtbHQ!aTzLDriTjj^CaXZq;97gn-n
zSsR)$Gxm01+Sf;)cqq~^3$;m?A6-qjsTMssqpnW!So~8I;Nb>41$*iH?6h;dY^TMO
z%Ma;yFj=oBeCiUq7B-of@%V8iE6UPHbfCSUZ!mrbe^wP{p51ncZr_M9v(}UoWsnbF
z>%07`jlS^|;^Yc(R$3RVSiCCQ1&E&IPuwgz*T_%&i6?@|W7bU2*~G5nD{U5~9uuFo
zTjh=LE%F)cFb5zF1!?Y`5@r_z5v3<TJp(50DN`jz@36b8zN-OQWJstcJ%ejCnxuhz
zK@l~61@u}==**j*xgUgkgObXtZ{%-<OMR7@Hfg%TG#eDJwR-lwFki#+vtG{mWvmt;
z$Y?iHX1H3WF|IE1t=7|isi)Ms1K|ULUZdx?TE(#VqrHa!IvlohX?hB{_4O(}cy+Au
zdV*iJCtB1+O~wfBh~H_Mam_3?8ge(O)YN_))W=K0CmYo@z<Wwqzo?WZ<DBmMuBwy)
z5mEM;Ua4J)RQENL@&?y$bs4nYp7`QXXBr+oOtI<GbIZvO#f!T?>|XnYGU3hIDK=k!
zd}6^XMzl<`L_i+ln=Zy%NLk+V*Nw?8s-HHe@|<WE93ng=DHi3^(>iN%_l^XcNj<4%
z%R|R2H871DI!Afdfbf=5t;Aa!)ov1<Pn2;|F-W-?_MQjZ+cwiz`Krkox34=*rLh{T
zkKeg>BBJ8j$x}5UVt&%NwWutUGxIqO*?8^!v6VVkF$<ajItf8`j6%KFSuSY8Q4LyG
z3h#XUKyP}MWpQ@*0>ANFm!Yf)2R5ug{GQFT3%u;nE)Pq?=-*rvONzXi*=r{~JX~e3
z(~zKdA=3pZRE@jx**wuX+3r|(y!^0;Wd-^R{H*7g?@&dRYTHkdylqEi`8eb9BtC9~
z)yNB#<@HQrxECOI!Cd9(G6SZ-wf=x^%Q74*{v0|BdD*cl#{dhZ*&F#iS@YA$)t5F>
z=~U!jjkUYsJ{a0sX(PGP-9>@aZkS%2fKw#a)4)x<Jab1<vl;`N^&!247Z0u(S=-00
z_hh%fWohV&=B>HM>#c=WRz%><jX21%i0aX?_0J@iTiQDTS|J4wb7JE}0%$nG?ryJr
z97p=z<bn3c;I-E9qiD~;6KEI7qA&2(^7+Y7#au5TPi`Gon7Oh<pS6^9Et4zp40lT4
zOHG;C&?mF9stZEzGHvxy%}!pR9+mSw^=htC(x)W#vqj_E*~`>wL>3=0ZkgjzS&DKd
zII@xHUC}yK^q>^LWA_cED(5?|$6d%3qur%T7Glp7d;!zzOPhnmjHHdx`u*(kuz0H#
zk|f_Z^w%W^Uh<zoId?JD>(sTniOO%%3**s&5jWL!E~`9^5o60>;?GzAm>sI;!KJ4`
z$X2+5`|hRV1g0d-sGNu6%U3mP?8tNNNhcfp-*9QZ!wcPeS^=PAdU3R6(mB7=W8`sR
zA9{>>Eq<z#P+0wPdxk3o^m2Bp69;@r@Xl2nddWVmhA*uCE;!GX8+vIwt%e7_tCH)g
z3cbWSc-j8OwQ%91dzjMdRTUkkbC{MGh2lzIrUlo>?x(V7+Zow#2ZwKFhZ6e;0j%dR
zG?sClK#o<ewpre&5)L!@I8N$2ylLH*=hxopv1aWegTpM{GxOlfg77tN0DO6Eai)_P
zBvNW|#hiSM%A!3BuR*0TU6t-(U)Os4gjm&0AL!nk(f=r&|I!T_wOgP5KV4mAP#j&e
z-Yo9!vcWaDLm)wdTd<Iziv<ntu)!90S%L;9xVt+9cXxMpxxDXJ_p7>h{>;o%{q#9g
zH8a(xyPug?^!Be)<tve65&>dTj?@E&tfX{N60<--<={rrAc%LHFI|Rxrk6j~qP)iF
zHkr}gDTTsAIMa0Mr!ZPKlOn3LFuO@=hBTC5412;bjUHvhpXqjf_F%jA<>~iZ9hvQN
z`?Jmjwh!a&xYv5bVcNDGeIhfr(wuo}CHNKyfMnf*aL-9Z?)NjPR_BQH>7pGFHmP-A
zX~e*_%H&pkpCE&X*&VUqmm`OrKPTRtROgx|WKHiH<!TpF1+9PVu+)8QC+??wv=d|=
zJ(~yxzHx8<b%{l2JEy&JY&%^3)vYBiGi{{_=`Wl_Vb_;anr}$cSBPJvEVtnfe`&bR
zqiQoYn4SA(M7g2L;1Y^?Uow}mLAnEi7SyJB<s#q<iIifm7OO8iQj7wYoDM#H+xmW@
zsc^g?T0FJ%N7YaIf$Zvj<Kf|(;|^|?JrkdkV<*Pyr_t&`8RAFeiD2GFwH-O%4e3B}
z@jTnoHd1a5^}h`SEF6<Sh4RA?B-lr`$t+f(ONaFdu`G$U*zAh7E9PCP0Z0^Gcor_l
zlnG}u{zddga{-~8G1=TOy-V2#qWp)N{QbPsLW_6<I9-KO5$k$s3f2+Coj-S+<ncX`
z%U!2q0&0~Xg3+x0vdk+QHC*K$%P_#RG@q##HAq6@NZG&Q?nHJ)QxDT=D$}ZjgrbC;
zP^PJgip42L0TS&qCFs$v2O(@%{AMX(V{$uoDz5AJr$7#)7RTIpKH`j;aOmHsRJ0^)
znvRi1$APylhTP*S^@$v}g~e*#uPqSBA7a_!`c=*!aI@Ny9~6}FYYE(H-}cCuZGa6H
z%NH-;*AGI2UB%wNKSFXRP~td$S}};&u{m+#b+aj4c5FlSzhHWUx(AVm%6f|75`6^|
zS|NWkv>-H<J`rq}?RxwYt;LKf_E~Mdl$}1Sxs?a)whWa!Zl}Kgki7NjaR%G`rP638
zeJ0$V#9s69erLp{`B`hrIqy{H!GWsqDvt%1H?QpLQvI(GvHp{13G5WxO2fUUX~%Ho
zp_@70?5cBK7Qv%0;1h_m;)@Yup-jsV@p*by>@+d^WL^)Bx4?D2!7ML}?4jB?vJG#<
zIPdVdVUuZ2#Oo*1*4a|CjP1QR1FQxXMEl=4EIaQ+NL5yFoMHi(R8ujB?Jo`2E;CWS
zT1&mQ2w!?++1p*5Z9mhv>6ML-(=RzS+ubEkBIJI3kDM->#&raF48pi(1Z)6l5;tpK
zqN(*qmQC5|lTsZmBZj0Q5G94~_ZsMux@+r_tx?MSPQGD$(Dss&QdQX);#m3eOg#Do
zIDLG&Cc7osSuYm2(WOrsaajgFST6wp^b+S=_++q)UEG>?@$b2-?#;UN`T-=mWb-XL
z%2vyh-6BKK#U5ncS!M})%=4n3<OU=<8k!0kInSynMBoMy@K)O|iT!AnrlUHzNy><-
zWl-bdPZPnUQ)KG`LBS2E+fRLcbSZt2^AIFd5$W!eF$~cuLA{ALFw2O~%QPR%_G0w8
z@ehuZ)d&4#HXcPLpcw<#p;Wpd@4~?hYqVBZ5|)(s&AMf`^{$_$k|GN@oQmQ)#HZC6
zkR_I^ZtuVNF67V8zR5}#oLvKr?e`(MD3@4N{fVxeQ_xHl;2wbDJWuo)u5O}rxDNpp
zig=?ap7Jr_nH>Votv`&9*?j;T^(i33JoAC15Y$;chsg!+;-X;72(AU$SOwt5kdl%#
zy|CkT{Wkc!A>VhS2S-#~UNKVctD3ytgi?|a3nbP^0~S(zWBVw_EoY)9>(AT_9icJ4
z1LzvnYB6$ak6~gVnUZ_U<u@B{cR4fYCbf|(btSa;Pr|lI=y%W#b$J@HCN~!wlcIc4
ztn)Ndg#ipo9j2+986ve)80Zg>9MbRE1+WF{q0}naZhGWztW*9#5$u2p3W^GodEw-A
zn37xz){bJeFW!%SGBy?<wH@2n;WZZ}h(KLs_<8+F<_j@Rd`7zE)Az3eBBYfz#@a$7
z6_WZF^9<&KX7(8|(17@#0`FP#87G*v=|`tRnV=_uh<xXkmI`OTrQNg`$sh(oL__}C
zMGfM7;2iacU=d^ZRdCFj&IP2DJ(sK{o!K&FL?2eN?HV!v=c4s#?E><+g>^EJ;@=**
zG&fI_FkO9gA|a3~tWzte(QyM|)qUF_^<Y$NenKws=T!EYrRLf$sCT!wG*N`+b%9iE
zNhjVINm3BZFa5PQ@@-81EyS(}4owRkf8pxBJ-zduj`Ms&&L}LaOd<1noL8FU3@5W4
z6PdavYkmAw2o(2?LE~QEA&zh*&{88b=TO(uie5J0!7{>rokr!4DiAup_Wd=0nVSd{
z=f$8O?j-yyu%|r9p(t=i91?u8D)|l}fU6TH=0;<U$nJghYm`Ue4Z(kO$3QJHik;*U
zWFmGLQZex~;{cWsU^~Hll&HZnR=GiPYCh(>-Kbgqpx1@CnV^?LhbAh^gwsz4K55&`
z!F$gzf5f2~^s5dv6`JzkaSmEZ@3?JkJo)uaNk`oK?4#eymarO@K>@G#Is(6Y>u!?#
z?87P*c#HK6*}_O6kbuN;`ui?)i$QIam<!5_RivBG6*NwBqlWY@$M{;!Dnu2Z&4<`Z
z*y$6WJD%iYY;Ys&cToC#EiM~4DXdj1afQW#aCGAf2Fz&>wU^uH3dn9n%ZNS!J)xqj
zyetG4j(y8S_6fqF86|g^;}{%NRG=I-+)9)${qYx~b(yrzkgcqk3{=5br+t;mo%C>v
zWb3biF_zHJ+e|L+HHZF4-_(7JX%v)DyqI`fjF*pBDDE{i8-<O>G+!fwOvM#PsZ6c%
zr$hqUu@Q_^ITGSiT=Jz|Dl~i%&#MhxqsxT@Y08!;#dbnqp;6rTk&|TR%{?dHhlFo=
zktn@#s$VVz?jd=`R6sbz2p5jYw|Ol2;(OdyL)uwhN2(&uUaOup+==FQ=|xooy08wT
z<K1Qtk^0M@8E@|}8#IgzdhGr7aAVD6zNaMO{fHrLoYN}kc5k+m=Ch9z<P=)YBA2dx
zNgf`GCN-=}M1F|mA8p6NLEZ1okHBPOp#1A$tBQ*r?hhHQqG#LZ31pEryrY;$$o)uS
z5A_Ndbj!n(2*1lRne&>_iL;RIbqifFWp5)Z2^|}~t$NG4pB%sz&xoznad1&(yb)?X
z&A<-N@%vP!${J?5QLrqzV3;I$w9u4z>B%J^=3-+W*r1VK_**W;dR}2QUoPE1G(I&;
zFbj}|!3<FmqI2@e(0Srkjg=9!+v$`gZI~*_DsYRbab~GsGPn%t=?N~U6!wEU|KgiV
z*vRKfuMm0SBuftd8olS9MQTr}jWTqxZPkDe8ujz#RVgk^R@1jM(k*UB^(#?wN4`eh
z5xdZ>?qA!H+;YWwiRe%h$K33`yn!^e2Vk7D-9w}#RK@XQaaoq~8MLGPkHAYnrAaZH
zBN%u&(0DZcPtvB2Ar$<Q_h#rCJX-Ro9r!$^_iS^1$*)GYDE;Wl%!w&l>s6`CCnW8q
zbh3X#pE85G+@Uy|$V{K#z-)IDW+}PE?rr~FAbPIcrIEujHDI1vx0sU>#gzGw*)B}y
z3X*HpM~qci0_?@Uukox)luiX>6*;CGZlF3C$Br;x5ft|0r_yy76t+dH%EY9dJd_?&
z(r5V=O+3})v3n|&9wmo5vHms^cS3h>zmmof_J3eenopGM4wmy!x2CBsd|+2xHoR%F
z?ebVTE+|Z~D9u6j`9aJ_TUL=~hKg1V4|$yD7gi{NZ>azB!<Xoe7^kM9o8N9eL&kTf
zcPdR?6}=;m*+s=qAAgvM#Bqwo2A4|goUa6Or88(o9EK9u$}4O8NK7(JSTfbow|LAT
zLC-lv1`S7V>yd6ZhEd`s&`ht@E8I1APL1`Q34<Stu9HY<y_Jj)5<hHLK1{E0K&-4e
zn0j60aBS!rX|_z^pxgm_;8gT{opiZs88c1Nk*6nl341IkTc2>OVWjU~L}e?p9p+M)
z`}9k8;iAac2SL@;mF(MMOk0<6d1uhK@)&&?TQR;JLE|-nVFy#c;^fdP0U6z)FOaR_
zUr{re=Xz;xnRq-M$|Dedc(>Z;LB#JWsy_NLru?R*^=AE!iehGwzUCID>>Q8M82v>F
z*+GF0V~OLC?}Mr~7LR*0e2W6Bi4S@{PTPG#t^;ms%bCo;&_E=S;s-@gaJb`^xrD-%
zS-QsKUejef8T1KhJ%iLA&qpAK$Z<)h=&6makz$$SP|en!Ff~f1AU4Rb7vlTgmLx%w
zE`Y^`ZMt|>aXUnK>krulfhB#-Zr6Z#6n}*dE`>|l1()L^<A@YG9+UzTcMjVk=a!>z
zDz2;pqZ1L4=$8$&8FM_haSjk*yR38>jbhHtqHbgePn&SJk2=SBgl#;FyB0)2DcEX>
zF4wUx9qgP-z;IM98NRrx43UBML}IIY2Z(O853R8h?B?Xhz&VX#<+n@+eB^gBY$Nnb
zM(1N%;7fJUn`yZ#A^2+@#1d_|6w1r@_A)h@O`z4dd1AV(qv>z{6?qcGW2MHj-FMbV
zgr{l6#*jDedoh3Ff#LpW(v8L0^KsgKfU84!F5=E|zf+dn(i^4Z*Sy=fsnKk~s)oUt
zk+P$@aIRa->a899Vf0P@>gW$0vtOxvyU_yOR(MOZ(@Qbs(g!3275wC6$W2u4-Xi8$
z&GC!{C*x-Tx=%TA{;~Yk%Lm)wA;e|ejhtD$>&EhvRe52@&>O9ri<_H^!T>DC2YA(5
zhIW)tUfQ2Cppsh=Tgd97X@zFm8N|!w;dvt)JA{@L{Q)E8eQo7Okmo(nF_pB4k6PL%
z-EaSru})3E&DtSPPHDueYHt|qzs*TM&=}kei~hpio&L%C19_Lud(&LT$*)6@*T{Sp
z75)fR8?sa(X;RQp>nUfAZQogj^v15Up?W`6z{|oIGI_k43ZZA;1O2og%Zds~FkAov
zi;q(DI^@=436HHoZbt!)&|!>R=9)dY_DE|S#kJ7UL9AHT-s$cpB2V8FzLIzH<Iv`{
zS=KezmgR{aK<HjSDoR8;!vR728I4ZMk>+hQ`J~a*E+7<AE{6wc52<{uyp7FJ{BEBR
zV<)RCyYs(?)mH#Pi1wK+4G(d!l?ouOqAfM#n`w>s365swnz&-(YZmWur)UI6w|#Yg
z^mjtnP-IOCj)o#;roKY`%jou3exXiB?puQ?gVeRG?`KuCA5UqR5o)UD5{C;mzly^?
zR|4rE&nzmW0>9cg@sHD&!va`y80@5?9pNj+k3iS~Pj<&j&E^Z4<^in1k)YyV!^BZG
z2rCWt^NTE4k?`G-wF<e&Xm{2;OJ_Hi&<uX`ob#;TTX;5nWl!k+r%y==OCQ*BBU)$d
z?`B3I-M2v=Z@rzE=UT!qA+@d{mH`Mia(8-=!I#=t*NT@4RT6Euc9pj;8Ut>EA*(x)
z^XqJTkdRSy4cIP^<W*FQWHNkjWc`;*JFNm_SwyeS!_9Bupz!vpv~oItgWo&eMJHjT
z<o4?Ms6>0@hcKl9A!9n(boIr(x~iY8nFUrJnr`G0=JzvwWyW;!FVNhhZvXYQ!UIA`
zzviAK{e{a!)V%PNu5Po$&0k@)ty7GG#Tlw!)$}O5EUMQu8cdzO0aw2W>NvZt0FaL|
z@)j{V3U8kR?h<SRlS)E(DTuWqbcNuYZ#$10J1qS>*bD5ka9d)7u1H`rH=zqGO+SJ;
z!F>Uah4+r@ds%5i>(+~WxqcgcHepl{L1Br23lV-k`j_7i9y@kip$7SK-owj_p!!_C
zGOxRV2)hF0;B=}`ceO_`%4XDakv;jxUa$r&xssKIa-|LVIdZR3N-Kl*P`b9~uu7Y!
zn3jk-SlR_OLQbc`4tde-Xk)~TxRhLDxVImRrtLp<MuTa?hVEMv+5r$F1h9?g_IR$B
zS*^vN_~d^P!e4peVDa0`En*#vk_%)pKWk1Fq9<weG}5prJXDfgHZ#6|^NXv@Z27Ec
zvu(wb_msxOoXe!1InGkmu#ryW<NBs_OH9pGi(Hp%@kz)<&p}?in{=sr0xP>j>IqY!
z-4mhb{rf{u;ynr?qbI{GgxeGRqrjV<W$w664zuuhgpM`B(R4trBw4)1SFjuMx=f<A
zF6I1DTSQy_o@<61{~I)-F_3;^O}hCy?8B{z4%Ry6R2%;|>C-aTWcRXE@H+&wqI0c!
z;^E|v4Sx~vNaKIdI@K(5sSk?Mscqx_q4c4nE7kTUH+SKSbQJ4mgyh-;OuV5})eE7D
zFJS*rgszFfwyeLj3?>yl3#gxnfiZ%X^c2qT=O*l!pl65dgONPhd48W)i3gO^OB!h3
zoY7#i%W<@t&@nzO0l(G~#U?<Lvyb@^^PKMvc3Ph|#Kd0GM_z6Z(#2k0CB9d+t%H@x
zkD`sOtqFx>Zdo=Lkesh<CpJGsH(e~ESBh-5_wV=jnf2SY7GApswfI46Jp){mLG|_D
zN=md&_^h=b!?;2N?z5TCR$5~=+F=UhSQde{Hmz+>14P3unwAY)%kNm`%&l+;#Q+A<
z>dusC9}z;P5g5K1CUD+m!+LIb*Yrb1^%dHD9B#O|`jxXnA*W&%DtH?mk)81JNIl;n
zy0?p&vpwIo45?fXkHb$zak>4d@62dzyuBYmhcwq_=~i^lC9KUix*@m-PPg6<YVquC
z0JM>S<F&ze)}9(ariKj_@xQ^6SPaDcZZ?iT`8MH)yBnSl(CX7MmW8$mW%_XbT(~zH
zRIPWJO3ag9hkzTVJkW2ipB}n->A=n&oVpeTOQc-gz!h%hOeb`fm?#J2zHZ0-8`G`*
zjip`>$6Xx##B^agPUY8nm{+VH5qLD3_TxpC)DJ)s9*aBSZW<1K!PF90T;cO^)Ez?n
zaQ_3TPRMs;O*Ys>o_9P|r$0HsyF9OLcc%}ez`H_ceA{-KWSzR6V37Z%dF9u;sj(py
z=lO|By_mNN#hAh84je6@dm?|O78KQ^Z&1>S2kt<2+dr7r_9jQ~UW+e?QWmxoT{auq
z>N0_a%>(95fbHNn1xhvr=vTQb&T7qxm{-A)cCev3;5$eJc}Zsmvuzg38<jUumxGy)
zF}9=cSbX;Fh<cuiJ(AL-fg8Qih%$JJGh=?2-{~cy_czSOD<%RKs!!=?t3sJnPRwt-
zC6AW7<6$2bYd?AXAfjur|0}0?FVpLeq!Qdau7vCBA(T;u@W`#^`$OAY=_a!4YROtT
z5jsKmTpSL8it#qto(P^~@Sna(ME|_0?0D6C)GhgE<pc6rLdN;!!Z{)|bHb=P=}S8n
zV*3T1rH!D4GK)^vTJIMva1HGEW9Eh=R1ZWU_Q{caDGgE1YE&U}Q#vdn%kfvN6X#|-
zwQNN}LLwqSopK}O>XX?=#@MF!B+T+4q#v~!HRc8oqWf(;s-L_ajm5KM__(|b&Qcka
zTvR`O)<BVL0_wf}VdnO_vM`3r95}x~#F1ca)m6^MkB-&C+Nv8fZ5(|aAH|>SNLd*W
z5z@!|+}OQ9CaXI+-4<hq@_FUo68wL_t3CY2J=XKax6mTeV<pnY7Qxj<!u#TWlj)3L
z90`qs2(_Bza3AH_iu)RBcYN(01pmHItc6c`Vew={wPu9e2sIMwM|X}p*LzZZOX(U8
zey<2S@r>%hAw#&?L=^SPA(eb*Mb$e%L#v<!p8P)9sX5so>Qr}iSn^#ftYSqKKleqo
zb8j<dkSIF<!Wq0T4{pJqYItj^$viDwYiq;7P-@dBdQi#U+3W%ET;BD)#Hoy_^=27_
zWomc`#<LjooT&`dv~ktI-ZlaWbzaVTAtHLse-*FeB?p7QQJgCMDXnnS{Ajy8=)*^}
zplRl;cR;GNjw;yqD?H-|$pBdRTVL(`+^|HVsOz{aPfFj^!Vne1*DL4zJHf(hBj<-k
zcA;NtGPDwQhj6f%Mj!*6<2^R4xe>_vCK9&)x`TMgn>38YNOVQ6m6K6>S4A&jpKT;c
zWV;`$iNsFCkXXcnQcub}OoxxzIW*(+FgsM5JWI!zi-x7cy#g*WLXR0q8mDu13Cd)f
z9%VKumkAn}PL=yQjsuB28`XU%uos9K<mHWx^R1s3-&^hG9**ytI%RQ?=BtXeA&PC^
z4k?KT?L_B?_GhQ#*v>nh<{aChZw<MuD{wY&wOApI<PJI<EU<4GV$1YB_N^`-MY_i_
zZftlTR4*<P;8KcF*CLJ3)usLVGpN$@SQWDx3)^mbedHvD#<I}_4T2V^I-mAb!wXTn
zrj$eVJ4!=ILNdekFegq{e0S93zNEx6->>@V^UcPRD4k)xPkdtci8x|=*xem~Z_4c=
zPlHb<lCZw?D(rAMPAcW3__LGQuDIq(8W59(=zfxra(&_mp^XP~sJ~yaMyk7Todht|
z-$%zc-9c_j3{4nypFO$LGw|Jtkg%9ODdG3t>tOJ>uHNp+_w+uiB!7qJ!lz45E2S*k
z2ru(;w}idMRX7yX7$bZ6?tfK4B7Zb~YFKN9V#ASNtH1RxQ+h}nVe{Ewe>S(Ly^a1I
z+}tohPE{Yf{7!=DY-|tIr}*}gj`%&}o|Hj@5hH}U1)>1Z_>1oxAl$Yn^Ybx(sM4=o
zLbBwB+;5Hx-+Aa0zis|6km_R77>fm2qY<OBx12jq^oK>xNviZi*$rN7yiMOAD@INk
zxtw~Vd}+#TTR38U&t%abkKadU11nZmgeXYF*s2)z-99NUFLg`yr{`U!izq(!4G#05
zgrY(^`!-@EP+ickh61OlgpV0n)tRynOfhzgFm?IwAITuh+u$O}k85U(KF>OzM;|a(
z8^ax(o22*_8rNxE_&BKrQChCN#AG5My(;!zhg-eJ`pWjF>_NQ<!9k!ixA3O}FzLaL
z;$++(rN;ZAqQCK9>P?a-$B!a1V(t%kyc*sZ!BAU)Y>?oi&pM1Srwb*rg6yMXu=_?A
zZb52K>bpLimPCbHbHMUK8PQv!TWb~j;B2&_%`T$|he<riND^|s1vr>W9hjVq!S0*}
z2W9-DK(~@m-<DUTv0sWip$+aWd~hn&1i)Zf$oHtx{)&Yb)qC)bYSF=PVen<e4K22}
zWV@m?3#7bQ($Ye;oxe1kiY4Tj7}YQRRP~{E_!Gsj7B02KJa%8?(!6Gdz^4I)vx@`~
zG(<5<yVbf(6^^*W<tc;L|DZB&uW-g~i*`qWbK`4rWx&`(YP-vY(}5)B>XrdBd;>*2
z09@zN0<w#sEqd8tUl;VLy7vq&^`8M_CQS0~Y7m3`0*afOz;V<m(|Q>jCEH$Aax$+E
zhI~3Im7R}%dnTLcgx#&NOQ`5lWmrKOpah{nZKtm=+D|QqRPH-QoB)&n2EQPV>_J)h
z$38e}<OZ_#6bHA~7RJC12Tq)WI1&`YFjFSk5ptF-izLD9WsaiDe55bs%DegaDuK=|
zKuD+tx2#aOK!}2Jt*`c$FTrWI#9bKL-#rW46ns-fP2nX@{FG&ckbMTmhQs-}^&Z29
zkfOa-BSzY0w4zcOf>>|b=vt(^m*_ANR&y;P@oUiQ&B)OlN~!#v*heQ&y@IHHOI}=O
zvoVjF^PR98!9_N0;H-wqRS_8h>R0<#G{~Q8D{5!XD|7Z>;z8B8#Ca^DNH{G6YMwIF
z9kxif<EAVrs!1*D)T<Be#`)agv7x0&@EV2)wT>a@6cTUt5=-z=UAMgwP*{6xkHV<a
zgrUr10)`WZ=#FDM6;##;n#`lZ-{dFRq+=Hv70tK;V-4!Chf&5f?&V=gN$o16q>uoX
zQ4;@?WDyztIFaCC&IM}4&AW*BzKgCHjJP4SxT0}d+_c3_K^fN=95Z+-Kh^|VV9j&1
z!;Wvf@44fRo{b_d(A#ls^Ula?xiG(xj)Nw{5?}hd^h597wByk36|H-kI`yX*wOaEC
z`(8j+jP>RLEzmn<wJ(9=Z*9E)3<QmXOX2snDFWJ<5Vy7l8SPKERq^0d?_+@w3YxsB
z9Gd|9YmLJ*aq+c&66503rAW5alBL8?5Q%SfgyBWgj_!yO0bogjdJFvPw}z**SanO%
zZh^CY0sbAaQX)vG67{QE9F)XzfL26i?>NJm)|j0ha0FsPLc<2r7}SKZ4YJ_T@mYQ9
zn0R2LAx!$jhAn;xxt@ojACcH%R!M`)(L@zxF=D)Soldo&#_ke%>Z43HdcXK{{=0$X
z+w@s~ow^haDWMBui!mWWVT%EbM)A*tq|)`;P4ObBn5yB}0A#6*OYlZNaZ3Gu<yhI<
zyo?zV39nhoAT~~>tiqY_Y>2~=U`S2cp>u`0n^8sJts49l!IwxsCG2`k!GU@qqgvK6
z|EZ}gx8HdY4BEDq*k%Z!&e=AmPXSFCCT1rB`xU@~_(ySX2WZNgq1JaU)$$#1!=KI!
zU%Q<}W6lEf^xxSUWlgJsT-k%lqy!}BR^Jl&8vA){$+T;UbrBnKTOl3CCRP<_KJgvq
z9A20FH#iq6xx(2a!$y#qHMzK`wnwllY=-ZQ)U14f|2CNL<i+7^Vjbpswcp$*9)YEt
zfRpbbM~NjJK2cZQm|t0JY|Rg?$|4R)62kqK?2P<5>TO*`0Ctw`Ry-{-)QV~@Q}HUD
zW0LU+^DW7F7)sxmCIkY=wbZ%|*DFPT!W}_V<yNO#QX?rO)7UR@3^4uve!Bmu{zO17
zTvV7OEURhPPYsC}zMy%Y(`Pd+BY)Sj@5>_hB(4{Q4!SHNQy3*{vW<D=Cl9;O#JMBj
z4E|X2PCkk|TXlmO<L%xD0Vh#qhY`-_6B1N!QKQdn-Jpa3ZAhyFL5{VN?Kf8~rpK`E
zhr6kVyLI>Hs<F9GA{~aINfriDPEu@DeSAFzTR+*0yS1~L$ZycEMC~$P%e)B0*BPPB
z)@6~AD})^myITs2RJUVjSGzgnPL$qP`c&;@t!9k(f^3^QNx6zAL9Qbz9o+OkZ)2IX
z>d_juz(%ai(+~k>3(*Nbj}aAlhmrlh>VV>sfRW5RD1&NS&NP8FO+cr3=4wBFM6_0^
z^H!}bE~)akZ5+%)0w&o#fmUAXCW=NzStMS5V+F=MeCqb+zVZLD*xKs(+<5!=;+<L>
z{@KAwTM%S1CByjmy;E?BMVF|lxv=DgqPd@AllTXGDkQ^sM|+6f&n8vFI(bxJJ1rx7
zM-|2G?z>|IRclU3*)-2)g><QJB{DSnZS;i^KSTFLs#OiEhSdk1wG$=Os&o%>fR>06
zsUn)@B6r-qh!9Y<zQcp<3<@O*$_uyWy2Wrl%nvDUiyiQj#z5BYMp6>`Nsi?`xxefB
zMWaoW5i;Gg8Ow=NFkqRr2cPQ!9mr&u5&NAYo`Z94q?cvEeB*&WJESnfrl_@ct*OCW
z1)_a(?y#Ja(!r=VMtGef3c4Y`lJVNb98}S-oMoKN*nTemv9@i_trMsnuklHlo?#ea
z!NN@K_x_bBn03%%aIm~Mv(x*gC{8gwQUFoJ4}u-;(JPqM7U@IBdVGODb;6z-C|7UL
zZb~k_c{7jmp7FfLgfU#G1Ch4A;(L9lxQ#SwGZ>%?Ol522%3Y0hy&KEMS#DwDDKMA|
zw^CtX5gE4>a1pkW=B}q)Aw2A^N^13ho)-#B_%N%^jVgI!N1XS^1RV59b!<v!D-F3u
z!HF!`!I*nrlU;Ixp|?22I2FOU%0Y-RK?3Ck?<KPY$E&}z52&M1guPB|t6|4jxB4@B
zv67_#IH5=6OPB$Bb8B@1?g<xd`>}G+v()+p==lN^sdZu>>qUoiK_eTO$7$Mr1zn=l
zN4NjxaqMD`oT!#x0liSKN-7bpGh;;YaOI2M+71_EMvIn^WgdG-%RoLfgw6K?r646p
zTWz^}KZX*MgbOFNiY_#Hn-R{8glHcB4uhTjoamGr_OaRB+jKFdS9raa%*l!V+uA6K
z=*=f#Y3T~D-10D#w6AZh{c>>Lg$A3=<g;wB7j!2QjCi~yKtzNSPAS}1<<GTGFI5#x
z@9311sp+=Rifes`K@Yfrye6d$Nci}0@fohGPQD9IPK?uiAHLTeDvIJC-!m>UHfd%5
ztVC`R=2-P73<4^9c)x%Z#Gt|bSd_TyW{}lcx9#&Tnw(lm$Et!@uS&uWY?zmD8zmTw
z=1w2VP~Xk*4kZfjNC<&L=-E&T%pMkXCZxBlospGp#~}A%WhDg}k^~CS5{|gFD~&aj
zKcNjjwp&>+=U1{-5{S)mJoYg?eu}=7iT}I89XFbae{vLeo<rJ%?&PH09%4Gmogz=p
z>xjkLFMHoGI#uu{chvD0)~*3EU^iAiP7bI1^|es%Au{s=<0Yq5M`?1$DcUYmtXFG4
z!<m86z~2hwK*Uf2!Ek@=B$9mKS-F8%6KH-v>o4Jl*Xg#zI}o{g*cU9SrFWT@VQ|8t
zNGkob%s=3^!+8FnIeLeae)8*hM1|rueEf-I0JYVwK}_P~dT8zgcig+@h`ncYlW={(
zrSy#Xvx9#y(Py?-EIxWfDAwhMt9ralxjvOtU(g9G0}1;cMg8{%T`EC&`2C@LBK@&<
z)Vq{pk`Si!<&@PU<Ponh`N$tl6jHz^pIcbLB2Jhje8RinFi@*|zv6;(*0+SN;YjUN
zo)E0tTw5N}tDH_%+X!{`V(!qH1p1XsfKh7Q@SR;DtO#n$(x$}Lm`R`*Xn!6;ulvZ8
zt#3q}fJuLy(eq>blOH9D_vRrTta<>*qecaTm-ux6Lq{=HdT@t!CHUQ-(^cqm0bD=t
zPfZ`;>Rze*%9Hbapa(a~+VkAvbgRVyBmJq8KKMRF*R3a?(m{O}8S)+wjDKY?-`rf*
zamO8t!bJW8sUf(1VjOWuVgcm8JJLt^s9f0lt?t@Xm><LDyne->`(&iulB|v~_WvUe
z=?L&{{ZyM8AKB?<;u9OaaEk<G-e9ku)w8qpW)-a^`X)hVzA<)_j$q{LgcwqA``D(k
z|0w1B7fpIY8tmdBzs4)h3nG>)NGJ7eGsF9{j06SmLsaqaWi>BmHzy7je_OcJlJC&P
zoZgPrQ+>dzAj|Yu&gUTs35JrQqtZ*yUBPKrO%wK`#b%t}k1eo~;E5qRe@_Afc)Ut(
z%l}B!IbWc9>|mJ^4$H+pgdsk5x_+ge!h8nV18zC#8<snyn(>|}K>{K5Ao1Psk5fFx
zsB1_O5V>QdlO6^E3h@|VuBuNxLjyG1hA7rXS@8aoKd)QtTCciZ2ICQ&wDmPy;V7@S
zt@VuEyIfzR{1$K9neX`bsL^S({Xj1R#>%v>)$p`ENryf~xewUzQ#(dc*DEh#|5wdh
zK(*3X00#g(p#lKJuNq%htJ=On-~b%ltJJqPeiVp|@XrzK_Y`pZUnqDQIQHgWNOu;v
z_b((n2UPwKlspd<MtL>Y4yd5rL58i&1NlJzoR&*r9R5NC0Dx2g0N(2$|GWKsa}VQL
z08;;J^rmc|HaQgtn8CpLcP9Te^67#(EdUwb{^RNYiI4x+2JrJud@ihM0m%99)J_+G
zWI*3d7{(%yUi2TD2@yuuDm(!2jtKz3_%8|YN(1i#U$2?n!O_ji#DUG#+Db+K4G<sh
zzj9}o-Que+>myjiB9P=?=LP=&n#Zu-MIZ&$Kh6vF?AfYborVJe0Mh^CocR<8vz`T#
d!QL(b(f=j0FTIip&tM8mKsrRz^H&Doe*gk@g%|(;

delta 156792
zcmY&<by(KT^EC)amvnb`-?Sj1bax{l9TJis>F)0CkZwV`ySux);YFX{SFiW4b6>DG
zv$H#AW_R{5whw>P2#+Wy2?2=?1_lNLX7K?g67d)8E2vxIjw8TFP7?v<-puG-twFbC
zpC%pOl^`$7b|f$-lvmV6EY`AK_>*^BFEBYwtMFiNQtYHWG~L+ISy9hm>XdToxkEGZ
z^y+Z;4^b|=T2l*$od~hU`}x3at7!JQ-OdxRh5!`=83-F3QLBl1X_;uuENm=k5ndx7
zFDxHWi9ue3<kTl9pJ0K;&-`k8&-B=-+|D*jDY$+l1m`SRl%%`a&dzxLvOHUSiumh|
z?^5jG2hBAF&7tMd@{}8eRb4o0UNGK^WWrvFLnPlGHt!&ZA1P{?fXHAeKh>J`C2iAb
z#H3SAXFb1((Xd}Q7Bq-lWo^ccXK%_@w-x1s*r(MhGa2TJwgIrT%D$S1&!5j;A^(5t
zR0aK}=PmN@mD)`sA|v&G1IC?#Qndu*Z3y&OQuN(C(t3HiF1)2(T4$RJy=b?LZ{o15
zD=<t?)IQWki27Vq!bV$>6jdZkK!06jEhZpG9-FBrpR~jk+;(X@r7J~Q7}T4uEAk$9
z1;va6DszX?4Sl_wmX^VmrYAR65f=e<LvQLdubg%Ymqi3c741W3g4g1G#JPonu`D3|
z5E1+x4ri&K68h{`i7SZ5nMZhyEIB(%ROYHJNB}<WMv<59r{TCx8j-t_8Cu{Q#^RHJ
z?G<F({uq}>_>C_6e)OY}b_vBE_!L$|+kSR(YQ@&oA~zgw5X##~;*j7R16po~P2+;`
zcFTE?QILeBR==(3R?OQx{xDWVYY8Axp%gVwT1z^C)8S;uTjKOiP1T@y!j3a}X9&~S
zA?X9yp!o&NmQRM3fByqCbH|w+mv-&K_KlLt>|j3wpb{(03(rnXp2Lt8t%ow0R(vjO
zH$M}1zN}P^nk~5a%j9~Wde_OJbl7+5nOe|e{#S#)y>9^YuRf)H2JKU@i7`N_S`eO2
z`U(t`WJVDWO+2cEx7kH}1P8BpTw#%#E0t^Xy#&EF2;mr%^l$EjdiY7W%jnX%8f1K6
zwj68V1yn4yxVZ*n7FoKzaVtY-@N_lWPm6*Jd+O{`kkzUnf?1898x;0h5*5l|iRU=x
zG}cTpYeFSBR1!cTRg2!xM4-Z-Y19~}P}f8aBo)#pDQB6Pu)r`I>c@%F4{ehuR!pI2
zXk#8vekGBK$r^tbZ>Ocfo!i18z7a6Kn<qjuHE(2|SJq-NG&yzS8ryPyQyE|TfF7)z
zYWHn``}$YPR02PC;nMWXiP*?}0pa>ImUIv5*fV_zz&>_w(SdYO71eQnA4OI)A!5Y}
zmOz}qV<-w~<TX$P*@<^ck$)u$3JdtVb<<o(;vrT+WUo6nEv_Z4Mr3=na+#$Pnq%HT
z{EW5I9)#6Bm5q236MmzaemK38<Pxb_!|dd~#+s0wOuoSBUz*qA)Dg6vDm~Q(4QP6c
z)8kX271r6bwdY3%egQC5lFZgXiP&qO4MZXW;{-mVq_zn&twt0{F@KNn6xvo^3+oTD
zVMUFNtB=_j@25eecf(J_UW$>*(IBHwsZT0DMg6kAo3LBu23IRwR%kp$xp>keS}-|$
z)%X779_=W8B1>Z)fCW!XPQ|}o0}jy`&4^G~EK>Ax2%o+5WvQ@#FAMurxvdvVJ8X9V
zG4{_K1tACoIWf#QzR!sP263Y1D>o2G<k<_aL;lSI!4<#lbryQBvp`6$Phz%M-<Opm
zS%7>m*+l5WhI280b0`^pX#7nX$6r>{1O?50kvBV?5gO2ryFzv!FKW-W7bEM8u#Jdt
znT7Y`OC=Y1s45><`q2HU9fk^)%!|Cbo&}=Z)7P9S$`7H#9>qjx-{coZJt7Vjth{NU
zBsXJe%J{E{o=BfD=}*E%9PJT-#jqdp-a!?OgS=VJ5GbO&&(uRQ;20)P)1JX+{eqL_
zP?1jLmzn`RuZcDOKf%W#gufhY^NopgmEV<eaMeE0*W+CU`|#zNf<7zIB#q*KBlp)5
zWKWyxnDiR|t0l-EUN^n2*54N}Xz|s*$ek2=!lbzKW@98p`v>4Dn<8Z$C>fy(Aarw2
zGVdLs{gNZqQxv*nh_O?@r0r=Z0nR@-_26s|-+$jz3KhNnT%}lgI90)_>Y%<a+!%5W
z<1FSxiLS@A;>m3k<*r!Qv|{BkWinF9Ur|S4f-pKcP{dAo9ie)TwvRc=Hv8l;dE+n5
zv&7wbw+bS=g3`7Tm~a;R<D7#4XaswW&rswv<a#iuO$7wMwV!fEPXi=K)EQTXG^QdC
zv;C!&=LJp=n;6#?PT@4n&R2|)kJ|1kXXge}d)Yc8FGmYA!()nEw%|cTPN<^EPaz@^
zWGNasX$M|IGWnSQ1&^_<8B36DG6h&wM7%93Rc=bofP+)LjtM=6X?u`!d$a<%s65HT
zHb~D8_{%CzUL@vVE4T#tQdCaKX|FiPjat?9enr1XD(;W9COu&>*_^FEyl)d21QLG<
zJE%`Q96ASPR~5wu)T|F;UnyagIPkFfU7P6V7ETAT8KMq{h(fYq3P&*c+_tx1!%If8
zGO8{~F*HeoJQp-<jS>EjJ^&43i32_x=28q!wgy>AZ2f(-TCle7=k<I>E98dL6wdMn
z29ukQZ^`%@mI&ZuU3#uX7fxtw{j@m1P_%V=)5cCrR|E>JA>eld^B}apIQ?dC8fesr
zBHsDk`x$&{OTFq3U0?j=J}8&<CTc|CEl*g!{@VAi*T6P6(r%Cyoc*iY+n==D=lBAH
zH7_8a4F{Z(_V_jmQ%%j~s+1&8iu|t3n3{&L$-0CX&UuAG?RoNj9e+D37W7p^#SVw2
z%@m47){QXF;-?Ngx1ZnFI12st?dE`OTWk^ewJ@h}8yWcjWsIv(cETRhF0QTWf@y#e
zkH+Cjlq{D~AT+avw%Lj^xU6=96VPt*a4&7Rc3oyuJzr=W<VZtu%v@4eGtFw4_aoRg
zqwsII&b@G@{In}>Zd#T_ucx>5wHt~F2l-nfq>y^tN0%UM=%#;k(dzNkK9g=^e5H$4
zzENT}<AIDL!F1s*eKG)31@T3QGGHR2VHLkGj$k7O<IYarJQ+#-kGZ0nwFu>q4=OC+
z>Ua9FU82k;6;zw6*l$@jbkr+pF%O(IV&va7)_EJ?R|@A+FmBaX+etu}<3X!;aru@M
zOv9KbtKh~p(?ns`MU&OoZMjW-Dj1<t&@H37vcu(@IqwMv7VgzZjDy$|C&||EgwE`Z
z;r>+fBXpBIgOtP|8e>`s@Am;dXS9s!*s9>2Py?~XN|ep?BG`7FGPcHW|65YTLwkHS
zjFp(gEDf^5m^Yq`G3A+MPt>kDNsWhLo0msQ)w+CdXqyLO3(+#zzmfaU*d*nNNMYn>
z0lo2_$@})S|CyD3{fR+JP!KGwgoyda<Z5GqlwzMxDV2lBl9<l6Q6fh4-?o?0gKTO4
z8J2Ru$9Ody^lDftb}-5>wOmehyPWm$?Ofy*-s~0O&T#h{?_0^(A}ADSDEU1(@1f&#
z@w>BB9^x7*rT`LP-2#1T4c-rw8Y=u>#_gOdz&6P?@CrSD$6a{U?o+z)aoDohxjQK9
za*ijYqlO4Zml#iwWmqipe^uC%B+M{-J-Jd|$=rwJovJRg$a;UIU#|(p%N4!mnWKso
z7o4HXPnz`{l&LNFJWwk7f0h(GKV@PARK5mY=tXYfCM~)Z1)H#XK`FTc;p!-*(d{?W
zIu(v&FDx=}|18mjk@>DCM+v`LqES#CFeL_1tPIJ^j*brtGG&ZF-kCD0ZzC@ztvEh(
zJniy?1|+W8Am1sB4W;Z^AkU}z#^!0@3}1JG7SPZvWLc0!Fz$guEuuH!g5g_sERkPF
z+2J;-d;9GO>e-yTK?~l0S*pSrb`)sce=S#vsv@TC-q#;s-lXD3<;(gpY&Ni8g`l<z
zCKfhLGh@qaip6ASo)Zz>r;i}CvXD8r3!La2UYNm=XT|#uT`_|%_*sT;Iw4m!L~(X<
zwE((2+j3(PeAgV02IC9oy?paD3b*6?>^n0&M-BSnn+%08NxFRY@>yFqSvSQNf3wj3
zE@^EbF*CR9E#(g*&0;o~>Cboc2NF*lT=^C<Z!2AA3o?|hnykJoSp8)AUeY(YL}6@V
z9a*XBlr*#93eMmROp~440zPj9Pu`AITmfAL*U#QJh#s^o=(1FPqsPB%|EjG)uLPqv
zRRD=~n#vg80QOCDkgq;=MV16SC11KYX|V8!I07M+-#>z{_Mm=X5z43EKdEXZ2o6?}
zVHcXjA{>LLb5_(s-295Zh5XYA-tAE*et%YQsws32HKs}K>TWfD9QY`$6pZgTMS58Z
zH#Zl|8JS&WR!A4V`;-B=)1?GKc1=VQSM$D}P-}$oVJo8s;9$uE;&m{f_fkqHK*sv=
zN+Bkqy>PMtFbd20zPx6P-I2sf8tZ=+ZL+TYGyc06l+ivIx|}595*rcZ6qS$KH`<4U
zlPyJw8%bYddNzQzw5)>flX->UCM&%{3R@Dff;FcP4@l6+4|VIR1z&P^y+iSNEi?O9
zB+hbzO#^ESLK|f#8oFqPWe7TUJ&BgBayLwQ+sfHmFe!4ZQujm@2t<c>oyk0)j)W$W
zL$9F^WH1a5<R^9FTw{(~8`6Lb9oiP%SSkOA(cj0cF+gb6j{vD%0ttF79)D1;I*d#<
z$Kv>o1injyF>8QY-!>+QICLj5V5!62>%+%_>dsvJcoiAbRpM@;kFafhA+{(YXffUy
zuB(nHoeo6OG3Emk3z2hb<T=AT(57x~N*RSkiEO<yfDBfgG29Q@$Hr1LlehvZVeymC
zJXJo9CctY6=?-L*gdL`*fUH6fqD9f?G*RY`&*r*;q-zK1%X8d#mq=t&r!<AWe(~Ri
zgL+sbVTF1^SY)zb`$2nz^`X(U;p+I4x9+w5OEbQY#k5!9;WcphD}Ajx80=<IExRl&
zp>ozetKu!ubUL5qI&sL0e$>xN1L6_?#oVC{BuyJ?j?epu%^>BN<_Kd|A6R%pZc5`6
zszJ#p5PBdC+3|2s+$zkwzxTR?B@iSH$;WsWV{vw&M1m!Vx;c4K#-1c?Yd=>3PKjbS
z9!I&h0lz>s@-STaa8J!m`*E0~;n%ww!#k?bcPZ==Fymi<RAo_(QuuA>h;xcGtdQU$
z10gkKmhjyDCN>l*kg3n#6oAPc#x5ZiDFzf~LXv#uwv`@z5v~=+p|Is%^ax*mMsxm2
zOPPU|5mTdeqD+8qqbq41bus46*=Pq{qerL6F@24zQf9c^`IJHDzK|@1MKQ5Q`uku8
zNOK6JFiO}oQj_dvC8+A-4l7cMtXDC^3U`xW*tR{{YsVf?CpSg<LFNblTm9SaG0{Hi
z#sGGKER6o!fPqgNWM$S>#8)3Gg6}iFUJOuVaJ$L7{(Q`Ebd^w!%I6biDY*Wud~(rv
zgd`qVfTUC2v`39PpZ=N;fq8<kcN8Fr7!>NrfNY7JcEdIvI(0QnjDht@6WhVys0Z8n
z;YB4~uWXUO!Kdf6A(!<TT|#7@U<}U4sdFo5>E|`cs+`Cptw{=WP1A##>Q%@G(~_jU
zmy{sYRMsSZivwZHk(TOfs_PRIqVS^CVI5yTm7eiDP9H!?tS4XQxLq5OX38-O-4%o}
zmD{Jxs-Mv6RlP@UF30V6G_;bA+)#-O*Wr}5M@<i*+tISiuvRrx;2}vHhM(rk^}=VB
z@uO$kVgMU|s>&@zMxy4XO2;FALb3Wsse=m-au?H$Q`nBTy}d*Bb*G8)Qr~P||2iz9
zdmCfD7ab6OKCuWI^BDj5)O9Yn|B`^tehxUwnP-k!XYuq0Mo4V<U28kdJ)$l;ym4Ic
znA%RTI`z9g$|QI^`jy^?iZtmk5Gr7}(!oU{*o?aUw%6=!{tPu*{pwu)hWVen-2R-c
z8$;V!jnA){<`T8wk{~@YCZG08iq8|hYJET3fggM;!Jx{$unqIS>$^JFvu55$?RLa;
zK4NLSTM_JvsJdppac>7}kgWj{EKL5%LSg0Pb+Fn2UTWzUMia#OeP+2HF`}e>)`>rM
z$dHErzJjl`S}EsT9-T5eFDL?kbn^-QO+H(vn8j3-bSk@7EAK&L_D*_Vnl5mPJfYtJ
z>Aw|KtoIw<;m1kBsFg(l46&!enCLq6Pu?dLq-!ZgqWIkx%u;N}0yVNWYDj<2J&zqA
zHAWn$fzWGY5py2^dn!Ko+4IZVy3i8gHE|?6cwSgAcStsmovh=gqNZ{M)>r2lYZu3e
zyb_bBBC~_OT!8*u$CLA;P3sKKxf0K^#Gxnb_qiPz{N<6B_alAciVoT&##>z6@~8xA
zqc+!1Ek_5X3}DOB#^Z&O`GUx9<w?iF(h|{KCo(#D6R_rRYC=7&S8S1my7S_@{G|&u
z(z$P<_muQr(%eTJF)+U1IXZKuz#U44g)WZ%h*Bb_F9yICcRu~9KlzGz2113E74`kB
z|IvmP<*$Ey3m{r%oLF&-YLh0~@Y(tntxF3f_;InCz+R4=B>LIQxi1!jgC*zJzlbad
z!+2_H?Y+%7&$gAmIBv|A)7EVpm=g5T2kxH52fIfz8X3at2_+&Y?DXz<0sXO!DS6a@
zvGDbU9akIt)8iG=b8+0wse;GzfPc7?w^p_jn=SPUL_sEzxf87`Vq)i#wQ5T#(c@P8
zhw785!O`wkg{EDri}#7h4caT4tVw<Lm{q_;%SlsES2bdj8_}@AH3hU82bPe+TdzCy
z^$I!0D>cl4+;kL!w9le3xfqrE9qLlR-)ec|z6Zi&qgZX4xf3X=8ECQA(q(-81clZ(
z$@MUy0Xv`>G+#QA8W}#8H9wnb4noC3bR<Rkq@n*+f^3N+X82kDMBgm`yL=Vz7vy!9
zngFc_k@P)6L$)k?p6_$5CL?q?s^AH=`u?irQ5|%b6g?pYA(fp>0A0givD+!!*X{}D
zUr`R^>!kG4%B%O;&#&hnXQ=;8j{OvF18mS<3A27oXRV0d=9LR$bRm*3PH`u<h`39)
zVhg4uy5I2%a;%)0{J+VcFB$)^sf4$UF)p35YUR2w%P;s?ljLpq%R6x6y@i{d?}$B5
zZ{j+!i3<ks2ZOv*Xu$2nE{Nfx6~gZI-z2JUB;<PZtFI63nEyc6(IOEG^G^B8Prc2J
z_rvx|=M7_G9?Itpw(bpIHbvmmJD+<XdHoIX7yFr3zFseET+2RCaqHgh4WZFPCz+gW
zuMaCY?0>daG@`rIpTy3$pC=zzjs>K!Ytm2)OjwM@JYr`o4|rkV7S8qe*zeYahaE3H
zWG1w!(ncgo=+^fWCJ!ep9L<g#MxjHzHQSNHIq*}`wrME8pzCy{E}JRjk`domd9yaB
zH~d`KjB($y*Wv7Pp1Y*|1L!+OieB-E(>fSJaLl?Qc5q~G_LhiijAH;y5@dL$^N88w
z*CGEpDNUgpMicTh4`Qx$#R}J<2LqxfV%5yfa8(2#*t&GG<7Xp#QkV)SsW10?gnrme
z-v}_G@7rag(>w)D7skWju0QOP;JYn%O*F$MvPx5UOzd@92cfm@DgOZ)na4cHGrYHa
z63!|B>xwKJi1de=iU@4+wh_Ll{^1XIuE&`5PNu(g{x-(8)0!vjmf%3Kte*i?#)Rb#
zH`d;X6OAZFq1C^Y{PLoh|8kQj6Fs+Y&!d^TZsFj9@dtvcrfAw!ph;n}zeATuZG87t
z$7j{)M7=1kzsz#jyi-4P{0e|HL;u!zD=U1>)G)*1p2mh^R<5vDuerplS5tUC8OBp;
z-c%9RRgdnb>d_vNlP}rkjqylJ&wr#OH=kZAVXRGt?uzM`O-AQo>#fbz%Cv_L&njG#
z>*I?tXSB~J4Q4QBS6cG$zBeA78?$HU>l!<~r2PW`x_F1;8^mxgdJJ0%wXFwO_~L%U
zMBPDkt$Ur=&+6TVPW<z)L;mfIWypt)30tKrwK`knxW3oe+vN<vWE>K`L^={Xn|y!P
znA(BCHOdwyRwcmvQ$Fq?54EVi+JRK_3`{ZkUW)pbFb|(+?@%8iI%C*wRLUM`gkF>D
zaJ~3a?230Yik+^oNb}~t+N+q!=+0FTFDu^0Td=zHML+NSoo#aYu6{ng@C_QEf^??-
zSjPBs6JPlU0#0tD%e}&JM)ZA-2lSDkT>)#6PIi(+oUqK&<a7G0Zaw(vmYZr&sok%I
zi?6qs*22>Xid6x56D)`5J>?TXG4pR!#P5)SMc~!(2hWJHAh@T1k5($DXUN6c`UIw=
zkRaN-3ExxxZw-ROI?5-K4Q5|&fmlCrJMuJc)jy(HaSk0?ue9#092=X#DOe>nJ-f)<
z$5Y*Ln_BNJMhqv2Ho6~eS!p%QLuP5T1?|&3Q#aMG90J1<l4p`XkDC_IoJR)?ngvDg
zOdmh8$tF8Mj83GskZqby(&Q57><V?PF<II~NEDbc`N0r6J8jXFPpwU+6z<t0@O81g
z?&cpr@A;+p1_GM6lJ>*!W5f4f3#@v+=@f$(a7+P@Z+?-~0qra{|8kn_2J<O!nTHLU
z!d*)*>;Bb;S$m`<>0B_kkhaxvvRv4lPs^9>`xNFHAmlyDCoOqG5`<{B+Do+J@z~@4
z<K|@0?Vw$x@2GDVsctfSUY%=c_r~DbQC0Ab1o_E*_A=43dJxKuY`)2&wT6W2_0vF|
zU=h}Z$t_33mg~?bT2(8mkp6t2P@U+pxP(Nkfo1fjNA~6WFYf5s{TimtivTPy?t(pb
zr`OsE?SL_4iRZ{oow9u_xpM<)#v;ANYOn2=XfJ1nsSIh<<@Q63s*f)~)Cd1@jh*W+
zaX|&P>`pF<Ny%oRHgc*Hi%Rgin+gbgsPv0SS3qED5_t(1P=1GqnX^N|V|G{$KJaqA
zw$Q{${sFCLor}OUkACjRF~I6_$M$?cet-lt%LXO$i;U2zF?f_^4*m!{(;rM=za~Fz
zsao>Ovz^jw56qXp=v0$C+?3PcCBv~I?UFsOkh8H~jq8eioq-Z!bk82F@wGxW)x&+S
zMQmDxLVAA#Q1rMI!@$c!VL;%+$rVK93MG^mg{(KEpLc3D6?5i*!2YI(`(si(==UaE
zP#J~Oj7`C>)Z1h%!1Ne9Q=yX0OnwAQ{%COh$&zYnXyCB)?kV3X|C{QO1fzWT<WlQp
z%A`MX`lS4vRqgi3`H9w1eRaTv4sXTJ2_U$wFFE1@b?jIsvCwZ~w{Ip$8ntro+t-&g
z{^XIe_GHTrq~yA&j_rpiLqrIBL&(C$>5Cv=R3DE!<z7D2&NS6Hd4+nXA~t+$vA+$l
zWFmhq6Rxi0*Y<64E3S2(MsM=ag)zK3)irGdyznAd_&uMwc{aDS)V3GURP?w!@iXQb
z{Mzg)DZ8+)k-UIAv@w~Vy(iyA1v$K583%^@xdR({p`;u~-%(8_^2n@g{NPJ6nh`)t
z524OlFKsvei}O%wI2dxJHGPg-VJ7g(Oa6$x1HBE!CPYONEoK=uPpV1dDEH7Fn?EMg
zImT)4xf`8Qr3&k&)7u5`yzL}Q4%0OOd8F!tUA3-_uW0sd>BH3G!gP#6?7aJIrxJON
zE-axKharT4C9hB>dBbSsS2gvw7_aJgS4_=G&zZgU7CW?tRH7Ly9Hg34COa5&)T~#j
zw-5)<rgUiVMXr!ULUd<a<pp+cGa?CYANRgU%(%%<0Qag#5h$q+Cs)sv8*GhD`2`~r
zI>kY=hf~cs9K|k?%X<|dsIqAYU3%i8;?nPiH$k7VRz}2b9J-wv>lW@k>HHUUX7gwi
zdTg|OGlXp!o}A|@AnF^gY-enzWWS?MnkN)|>LF{5)V(?^IVhC=HowZ)yUhAz;yW~u
z$F_ho3|N?`vb>^&38*R+b&!)eChZgi@g@-5yR(utR6U|gU!xNh?4#9>K(>W{K6CW2
zEX+wKTE6;ht}|qz$Pgl+tI)(=%7yP9l(Q{uCkn;Aj`T!<Pychd#h(7ki_F=-er`Z^
z$FWMcTcGdo2=Ai7ajfUYdU+3Er)rwpI1_DQ>5a|Pig|rIw3gvo2%iB2A8HdZ@M7Of
z=PN{8f5b?}I-h#Jm~GViP9goV)y>nv79=o3>3<n5Q|^3Ec<cfxyz{V^1NGhNJT*-v
zImF2r+2aRik1QXQAbaw9y(v}NQehP#%w^TbI!f(5@mTG;y>j^QTAx!OE?wsG9?a{p
zW#(K}vm=?`+HuQv;bCy^hhYLy(G1aGtgPr()n0*{U-tQ&@*ltn>o<X<wdR(8tAq_N
zs#TG7?jENUi*?_HpTS&5*CX%zH^bU&ZOGjn<`wY0CfNQTVq1lny%zHKn7TC^EO;xc
zc_B_eWPx0gSQ-J#yWzZXfnR1WZ!X?n;lK$y)-Bf2vTZGs_wrF-%cUwa7ZoDh<!w-{
zEDkNFxD`BqdN~yvCR(X(cvzus`I*W;z@))Frw$vvikZ4kxzGdxr7)wq#M*FWY+C5h
zeB4;aUl5o8m<za)WjakjsOj3Ge_&0-O$<Oe!_+l;Z^H7?q34$8QXSSbd)yAmCT<~l
zO@!}nBK=lnE8^y;NSbCAdTOkScJ>+Gm|L*BwjVz2gx%YBZajG!0Ym9-VZs<CJ>Pmq
z236GI4lDUK%mSdK(&B`a=OKSDB$?^NAga!_il{$tq`GLA2&AQ7TpGv#4}sI#Khu}2
zAEZBx+<a5={rNreR$pQwz9-LfNOaFh`FO{qrPQ_9Bi6xLkT>AnbH|W9GAEfb`=-@3
zG0~_t)C1dH3!?>>O#TI1%J4{8)*rCp5hUAn8wg_st5;KtCE0k^VkW8-6gsE+@t*QC
zC^h`=iHi}iz)wwIiW$z=Ak&(ivKN?Y&xKVF56@ci(;{ioemCaJ!U(IfLX`|nWq%H3
z*@gkq1#xl)Ydgolvsc-~3+&Dvp7!~>3O-~-`8!eZ_VV9w`sn#vz)wG|XwF<$Z1EhP
zUkXuMEH8Dd!<(g7-NcyL(z`OnkB2|zT1l13-natw5XhhNB523lC;*inW_(-k=&BTx
ziL-lzo`b65)8D{`|6>HEd6~2bftiInT5_w=p20m+!U-b=L(ag8D`4a5A1~kbtX<7X
zpSis95>Y2~Mv+0w&f6IIW9mG%`AI{uBkxDqTUu587yc;-H@wjr>VriKz*+`(va#;i
ze}a8o9XzL_!#p1C%{yJH35cF^E$eg)^Sq^Lx>}VA_aA+x<5hcZZhjYMbIN}JXSl}%
zlE@lW@vR<?w?Sb^z&5yIVXYT4c-i2Qo{a$E-#aY+AV@%<iH1nFMhuiteD|%$H}ZnM
zrU9~22UQucRPHgmkQ<p6x6Nwx??a#OL@2rpWo+CZlwR&`X_gY?>8?K>*$l4N+nwP4
z`rkXLeF|G$)W9h0@M3!=!WULdm&lY)kO$nwq><zv7;mJuIbR2e|1Cxzh<XxDxV8pg
zi_wSHB({8wdhAdOsRJ+PT2bN`MnLB|m8i~tPBTDYxp;t+3Ui1sfA7iIJ;$lYR(Y>;
z<H5zmdE|+=jzn?N4bdqAo<`r=dD|(>RWV`UI%fvC$=4cb0Zhx1Xsp@T;goulD4b@~
z$i>ZhKuT6wk8u1QMcI?}Q`(45)f`f5vtd4Qs>cQYp^R+GGItAW%_(mr8Sui_KevE6
z0+M)^&uZG8kbijQe;~Y|om}QTJWl|bt;FM-c)cw(df!vQe7Ri$;~gSOBP;o_P?=cW
zmkqz>ubcegdn4kR*ZYQC7YU!uvG})pTeMCSKEvNU)NsR@OHf0Bku-2t+(a{f6V_IL
z|Ng`?#^GyubG!x+uY4$eMCx|j_pormpSsf4fY*8Tv|4|5Gw%n6q$<~l_o|4QJ7sg!
z+>KtA;NnI<&cTS)1jD&bzMgQ^>$XSHf1>`iw1`;ygZ;-F>rYz{J|25zt?5f2He`)=
z^7#sipfMxaK80h*jNwl*;y_YQ`(4Qe;%{zFbjyWn?CrAxpln^O@XZC<Sv8`W^Jv|v
z{1VFe%)(tNVnq?~#h$VuS@2|6DlK)VOhuH@&#D_k5Z1NFKY@E$ytAhLc2f^0n~}1W
znsN5l1x~kPC(XUZ6QrCA*ZV-M9MOHYk>m&Zm<@peNGyxvK(!na@{bP3&U1bQ9$4}J
z6E6Ud#|1XfR~2~oOXlqaV%J+)E4dn=AB9w*#qhOe5XC&Mi&oH*J$x~6q->#!h3|7L
z^EHOQFDdxyZ9Uo=N_6kTu05z*1)3hv$3}K&6;D5`pyU!W5$3QTWlda5V8D*i__$O%
zR2zr)oQu~*Aa6o-;`dIfK{;$GA$xVxs+j^s&_W$J8hu+r0XBZjXFq8#6jfZ9ztR;4
z<fa9v^*)7|#KKe#!fwy|r4m9Sn*92|_PdanFIz$Q(x|r<+Awn^6Ba+rSi2Fk69bl~
znayz{x@%nB2Z>Xf$M@pGH>qy`Y3dFBsjGoDL>I9fN)tS&%tR^_|7|xYt27~i#PkVz
zv`y^@Jat%N;?CaR(-&?mw9hq@@|&HQ^J-kJoK<P*s8I*rBBQC9htuo4<9)i})J%&c
zg$<!zryUib=IIcN?xE3FD24J#9KB0G^2uPx=g~xMu$UbtwIRW>L+1B4R{wiPviX#4
z05#cTwHs9yh=Dy99}F;>!bt<p7X&IAzT6ZO#mF@l5qSks=BZn1s)?&LfhWqf4zmy&
z%1i07ySe^Js_a|H+@ZF(hx~UEC9-B%W-i9nuCwg7<DZtAqm|c3s${jul=5AiW#y2|
zt->#Oj#A{0P*i9&Cw&*L6yVS4R5|T`9d;j0U8|MO?4oEi?g6cIPZDOyogUd6LPWTC
zZ?^hTewB_seB}?p5zW)-G=G49!La=r&3)g-|6qkgw)TP;|GX^0NF?_DTqpt410M!c
zRe7-8d9xx0`dnANF|622RcK#I*$~h1o*6x==l`~=Lrm!Wm716OGw;vI9_+^a<!@dd
z`Cp=ux&eWzAuh{V(oMhlpr>U0W!QR+GEa1lAGP0PqIN}mnug|`7sUn7Yok;1ZWyTj
zE*du8E1%34hO}$T@}9=UDuiEe4-=<g{;I?PCE<FBXKwBuB1TmCXS*N=Q623pgIb>i
z1%T*@%Jh>~cdlinFqHfn9j7tV)1qNX-=ijeU0`Nt4aQZMa;KSR4P=3Pq_CA@d-1us
z2*2H%cj{oxDG$l`UR~J%^I5_kN!Eq#;+PxRJ~aMx)<t~8uPpFdRtO_cKv2so-^O(!
z5Wlt2rie?F+k@`4$D4)!+FHYBY&*N4h3jXfNj#-3xE$o(5Q<@DLSWO$xu7mc;W)JH
z0A&1w?H>P6NrZn)9j5Dk=!bNJ8wPyVW#rM?f9_vf)~&{~5$o<3aC;<u+TRf4kp(%V
zZVgxmzaXBaVDCL89!~nk&VN3~Kl!bL3q_(B(d;v_hjdOWohYG=_JR^3QQQ3*ZY!u>
zmD4M-jnS?N9Wa);$<6pjo(H_@^RSnw&$V97ia8-V3%rskH0%qw8P6_3OukDo);k-$
zT)*M)f%LV-!^jgZvj?1Oy#}^eO!wp}YHd6^cex!AFpc7cpHH)s5B!>($^Jt!Ewk?K
z77}*>f}oPxWd}vZj_Taxb0Lb03C(^=Juwr6>H?qnqq}(OLCmHhfL+6KQa_pYtY)i~
zw!iX)b#m}feoCO!sI~L>Nou%8W=(kXj29$5`RRk;^w9IphDu6Nc6udtp&b`b6KZ8v
zQi7hgHfV|<6S6)wuaPVU%$g#emlWnyp~Rd1%1uQnQ_Bp>s13xV*e%I4AR_;n(5d@;
z&M);ChT_*Bbt0gMTc4e?@zpBOIl2^8U`Jyx*<vlaP;<&4Hr&iNGy0(LadpX(SXp<i
zaJg9PP5DI$T=)&A{B_TIVWECtx!{!V`zp<)Xo5#Oj|<0zrYh|c#l!<y*Z{l2OVY9-
zt!Gj!%5fmccS!qX^C!QuY6kUq%v_CpG3^D;)x(ABoFzb$Du>{8+c?0BsBslpuHo9q
zAZYXR*!cl6A-0sJdnGXfdsCyx$?-+oNy<ZTO1{w&13_*7n^{%8x!^1zq~im^#QTX$
zcnipRq6~Okq1~?*Rr8Fp%7@4yESk3EpQvP>4x4wcStjYg-wQ{Y(B?eBJ}<6zG|$c~
zWT(YnTNeP&>-4l2zeq0o4tu#J(?~o3gLM~&HKo>YuRE2b{Tq4a)>ti%bg&C=+T?hx
z+Y<VT7+;-;a&{f6l9YHT-QZdHrL91V4w>KM|1XLkJ?76I>T*u{reRtE26x$7oAU?G
z1K}QXdxA(D1bel*^~%OpAvYelj_9XGpu9U7p=0CeRoYTyo5}1(*ANo?eQlx$E?eX?
zf*KiSo@l?qNHUx5aEf6YREC(<hOquOt^a#qW@j!dG1RIfUw*Z;(HQrQO0)ip)(%_H
zSG*5{aAYxp(fo~iD$#+a&A%0v9CR@WRuu8-sGZfh7a1X*J?*p?`iTkv^N$kJ6*SaS
zE~_fxK-2&I=}9g+YY$eslRP!{S7l=r?o7O-v1s-C)XxW*g{4de!!&7^k-`;FLBnZY
zv$j$r{;oI|Z>QWydeP_>15<RPnS^D^(naq+NPC_DuJhBYIFq)YntIM>`~;s8ep(KW
zJj}gtJj@_}>+Jvrq7$AjCk~OrlPe?5Gq2X3bXvy+lV19F%EFsEo{^6@m=m#v^vSMY
zdWdcvHDBPLiO<QJqmWOdu7O*@%)Sp_(J4(_Z5Kbp(BE&SrV_Lq<UubcJ`v68urMv~
z_fYD-<LtT4i|&4My?%^!!Z5YKbG)Ua<9<}u<!Lp+H_`$`<oko@zrV}S@BT*4x9#kq
ztn{gEC+*}?l~4vZ`>(>Jb^mb3B^zZKSyr~nn$~Z%vWXP;p?S^E%=Urq-CHZywRw{#
z5l*nQz4|HW>1NNQ#w<R3hs<96-h?^0So7zNvUS?|_s_SkKiO>6Y;Y|;KBE;F)`~g_
zy8{KQu45{4KS=C_pc*=Kq>TE%oiyRFEGG95c8_~drei@#HSc|4`lB65q7S=v0nHzv
zez8WqZQsxuW>iRM==qwSyQi@QweFGRd@!0?FvfYvu8w~s`d{VItMuskEY4D8C>{4D
zgjKzWDW~rp;-g)J6BEa1?E)V>2mtlsoz-&-4C@fb^%^t9(COY*T(G#mYfR>Fqq5ZU
ze?Gi^gsSaV!krarH(%8xx&wz%4YLS!!4|nsbVG4#Ig$3)_)l|(ZCfzak*N~?T|-n2
zQU~YjcJO<d`{J4&g-A?#I*4JiW2(Xv`m)z2FkCXEnymkh1I*n(hG9tdm$8cOkL+SN
zWK&q<*nMvg`EX>A^y%4~zggq6U$yr)Mn)Ua6i5&v)BdPhHi?V=!hPM&r#7q@TT@H<
zbT|<E>+324B$53OYj-q7%!g(B$#;KV*+Y@@S@=`BFJW+_soJq@_p0Q=T<EnfBF-k6
z60}TJFR~EefG|Kx#}*gu?^Pv)=@5H`deFAy3^i1~Tl~uR^@ZCL3V-T5IO02fT+U``
zP|5IM3Q&3D?Rv=&Q2*q6X3nGQ|3~#l>2u*gI6UJFsk?LciCj3XA}7LI4Lb&WLtVY%
zBMejNIDK#mfUo;{9ztus<5Bugg-r>dJ4k&&ujich3FxLq%eog%LK*vI`sCzHkayIN
z4hND(ap<HH<m?C$GhynpbOV`)3vlzeN%tK7r&_qS8656l;SK+F=oMh1gQHBpi6SLu
z<eS1fJX3-YUDPY0<xFb3Ko~anPr`K6MX-R^^&_-~KZ~XR8YpOqs1;}bj-Z=Ok81YW
z-cemF39sAIJ&y>Jqizoy=fA+i3yX9HiEX1|Ck9MZCIv^GInWH17ASnE$vaC?#YtC%
zV%6+qVg1|pV6H<F+YS}3>rTQO!#1)~(*5`~`*?(C>&V&AhDv#+q^pncz$BB60KthL
zD1L@tt-@tZ?Km%e^6Aq-2q~Doc*+zSMD8#Vh<5L(W5}Q2`%l*B0UFv^V-FV}<rCey
zU=NevlvSQHW-<~*6*9PR*tX?H$ModQ5A>hl`+FbO^B_p-!4n+~;ShZF_3_o!ZSkd-
z#Yf_g!^BID*`3d|yg*A$;(YHJqPR<M&xfA6J(2%pTDaIUmuh`RdXQsPNVLFFU_@V{
zA$3ok51Xk9Dq2f5Lu<&4$98uPf6A`V--{;10Sf;zb&zq1=WFb|6?=^x<|6P0`U!k+
z8)(kMry;HmlHwrobJ;8De3?iJxT0F(UgCQ|h|_>}G?23?{#H3g+##oI+(n2Xzm0g0
zQwAR)EA6mdY`~rw=8q<@6b;(DWV2G{4FYX6X%yyug)_Pdy_TxLz_jN`zcZ>oDcz3I
zW*GjB4KvLD;`yp{;^e!~Gc~qJj)Oud>hz~;-%6PxPwO74dbgEeq~#-IU?1OIFvX~r
z{<-*?^}&5N5qpY%vGZ|{9{#sHgEA?>a#r6!#V$cj*A5>VQdCX!Ab~<&LjrApHcrTL
zo|a~V6m^eh!*`<7Eyd{HQlK4_(?2t)V-~UWca|Bc7rfP?tmQXU(6P7jqcT-6zJMIw
z45Mw!=N07zY?x@_2Ry#cPVV<i3#2E#Dt$~m=Cd*>oX4zcXOBqiCK0P|L8HR_mrxz4
zGSwM>3gz0mNN_kBgMd(V%qNV1FR3iYM&mXU#CoQEhTF<UEH{rz-(c7eHbmh6Hn6a*
z{J)%8f2x)XmG^UH7!&3=9cbaq%O5HP(AZS>9>W<W#}%i4vbYfVJ*?;*Sb299V(sgX
zmEr?DmtKE#bJsy1m;{i1-a=j~_>ihSD3i~`mq%+*c;))G8XGAY$(2~~V;xIby$;Fv
zTQq(;W?;R<jlxgO8g-{0!kLySS+QA`0a#3IsUTe}_%FrehoZn-07SdhcxbSqj)&8O
z&3l8BOw3#c8Nh1v#AM0wKGAT^B3HgIX!D@N@;uj(#qIg^0+C-+Rn&llGeW2|h;XQN
zbrbl&9a39mo&LNGSk`D*r`tK5JlFxBRw*a@PH-2d&+|VB2q4|vstWx9(B=kO1agiq
zJzIl9TsnYGPcKTF8oE=Zm-dYh?kDJyw63a+gy=7qZ8!;fds-<rKX8bFlFf05iaaM4
zR~2&KeSCy~iXqOQ?(<nh`XaJqQ^Xwf;Fz!MxiCL6{;Gg_Rz&-LHvvvT1Re8O4E7t`
z@a4{7-+y9!3yJ)#>v8;t8uhyd&QoALAQqenz5>aaWU;y_975tBd7la1_q9@Fh;WD{
zywte8n*viK<3atts}z9429?_i+-)0A_UY_n`ewJSb*JE8EF2Saa${(n=X*;EATi#l
zdj0`W{U+M#I8UjUg|;mw<tKy#hj63ZoeJttS>srIL2yoh!CNBe_<zbKO5W8dK+-1A
zETp{8yn&(;oM60W#Z1MN$zQDZ&M27eecpKLeY6=NFWrHa23lS0ySgXVBOOZV2$|##
zE>{?fl>sB6vS=%-172l##IOpV#DazK_o>*Rng^W)3W&3YA(<Ud7T6eF#yAnhv&#oE
zV6xxY?Brq;U)q$=#6UjT6CqGDcX`v7zhjR*K72y!S@{nL$b7wn9KyJumFjTr_xb3y
z7x0E!Ax@-ZRj08m$RTEE35wAzW&585nP@Vz;Zbv3OUcj&xe;?a3-?xBbEKbA?qt5X
z+_|D?sD(W+a7n;K$^c;cvJnIMjhRHQ3weai?Wg_4_>F7cxQM5u85L_|Bk3)vjg<A*
zk8xMU-`wV>fh70)iI;m_-PP&JzL&En^Jl?j5>CMyg{nroqM;3#L;yp0`xU~;J_~q8
z1cHi0Xt(LrOrYQgvJBKy?&-sv<?RHKW^gJ`0?0o9*=gXnno#e8z-O?PLRgGLZ1%AR
z5@+fcldE>3knbXFbZAzxK3?~&0bT!4pb7UBv!%am9U1Yl`;Wy>eG5x4Gi^eyOa;&R
z@FnZ1$`Agjgdf%>d*-98(v4Gr=dKs(Ct)Uv9y06xi$H$~OX@8v2f{1TL4jPTlTAy}
ze3P2}5`c#`aw5c=VY!~GL5ko6#gR?wD4CHacq9-dU$prOUdEg!Zl=|A#Z=pOYtBzw
z2EOO~e*BJ~jfw8A`BZ&RNGyXIjsB|L%ScGBG@CqTg@aYTt%C0#do&2>M_MW3#9!G{
zYF@}!1nv~kqmz$bONC<jvFF%n1^}}cd}e&=zsLe8Z5?%!Z^t+L`5f9oWU<Q8CrUx1
z9@-F2yZuyW&2Fq^rFG`_S;*@18bxoSDyE&_sNDRb@odUc!-^FNVmGg#Pp%d2sZE!t
z+Bb5a0=jdgqDI~8{PPfI_x6CvhmLwXj!j+Y#(1_=$-|YZleDt+ca|NDz>Uw>K=(dW
zAIf|MJ5mf*?#Li@Y7>Q!ueb3jlFm3-$||HibfEaZ|9o_ROtWhf*v8NxQdBW;9C!$~
zl~(Xpz+obYJ72P@J%=o=)&4&3tPbUpz@AZ?-}LUa%aQ%~Vm*&lsQctkEdblV=yJDF
z7p}XN0yCa$ub2%uOt=-UUp~~1R`L9Nvb@O1lNIL=SM(*b5Yf)J^SPw3YpG@#b3Ec3
z9Ht>ymc8C;lGsMVDReNxk1kd7CYSrLvoYf#yu(?C$CM<U4G}fpc$MX3Ugt{s!oz%n
zE@i^=aC6v@ze<}o!FgySt72E5-(v4EQjp}ItNWH-@k;`b^07imCMSVvM?Nh@tc|{Z
zFYQgrp2**#elw}h<E_b>`bs3%M$Ek&+ytBZrm3?^IkySvjEL~VGSwngd)+OIT_L3^
z-~Hh=-(9fvPdRnBweruOPKZ*E$E?h*h~tk7qnBl-1w_iG%E@-&#b+xy8YGlzVo_U#
z0TsXQ$A0@w_Fs_`tF(UrOk4)y4R;M4lZugOS9`{42{qlY7b%?RTChRb9R@zP=-<h;
zjtj|nYm(-_PENNW4wQ>q|AL65^j6(aj~ncPWSmeuA#$NkE;rtRv>;m}V^@8|`+F*0
z6Ba^)*21@*@JdNH2xZ`nN1TAj^7WRCj6RaFP?hs4SVYJ!t-;o$q*$pNPXX>~hM5h<
zANcNF1P)%Lf^(BSDVq?lA^=}3F-*7}IFdy^>=UptxN+>g4+gFLPbJaM`}$Q$x!BiK
zdTuVHT;%z%RJGh!!f{_}@ew({(JC(}-^&K*hF^Qu-S?mKCs=9e<$!0+BqoviS@8ys
zIMl0UKYzlnw0apjIue^x>p%$kco0|UFpcYc|ATg66}4+Ed93&MuHMYjecs(l9sWL!
zaeWA0fpI~0w}rTrY9`U_^9Lcw&|xC(g*4jFSGKMgie`q@;w=hQH901quJJr2w4A(w
z6-37fg7d;RolA#LuAKv@x=1Zu_)_AZA@Cy+%Y^@cjR+?(iux~`@n7)jd(NouxluP-
zRuMq>t}@4tUqPh7e_xZV%Dj8u)`@&B?1tfTVjz{|_}<VUVUJ)Rq)T@EFb3jKbnk1d
zPg_fO<~sUT&315~u44kc2-@n~xIv*uEQR^=n|PzXU;UL=TihuBh4Jc~@iukO!s>ff
zL!0s+03Y6d3z-bREB(&L*Pc7_kqC)KyU1YZ`_BrKE2~!Ts)oPCbJdB*!pcUHGu|xZ
zly|1GK?!21eM$3UpwiIwqEfJYuEAlObd^)SPX=IhIu?U?a=2g1^~HLQNmEr2GkIyX
zL?Ye&#seBlz#5mjd&zkH=YgD4K7#*t2UC@<z!L)A@Is<CP<r*b^m~K)*Xkz0GIWJ&
zna0v(p_d(LvgfWkP0)(qz{=Q_l6M2L6b&Bt9d{74(^&h+=EBca&%Eefa2Zl))yUrf
zK!XDDQOH?S3Oi(&y-W2l-wJgFQN!X`9Q_)Wk+X49C<LR5{1;OY4j(sH<H%X3u-81x
zC?X5rJ{JX135(GfIR!7i;mEh=9G?zrLL)JJ>d{e-og^yEL5$0XniK9HlBv)3FCg5i
z{g#W!KFQBkSB@m)h(4$}1vptWE%H<{P`OVBn<<we;1TrEJ8Ckv_5p6U0*{~h+sR0f
zK1ruE=0>iS7FG7-e)HlHs7&6vt~b?-BcD3z?o>W7=gi|X{jpiOJgD2-MTj4RlhS`&
zT?~?0wlLddM|@CFo-SXOPhT=`jehb#Z!$FEnqSZylqwv~8+ym`2>9t7H}Y;d<p)&-
z&3d3ytOy0}Jel$b6Hpa_i#j3R4kItU`(cPgro2oUT;2XQ<6FssbsHG^TUR+FMS$t<
z5bu$p8R3J@+DVb~b|YNb!4H&7$wEO__5%I{q!?(B9HAD}A6R|w{2pw}sB3Cl(0d8M
z9M-4qs~^#OK>=!!i;HZalb}FyVSnTJ!zXBJWGmPh#Zc4_eKqg7r@kAq7EdQ`P*rsz
z;z!S2zkU4_VbwHeFGjauivP12ZzFyaBy^X4bB<IC!x2-A0>;p6U&kqHOY=pLK{!)o
z(kkfM=%Y08>k|U_rXJ4;;cBz14aOe;zF!=Jw>6ER>82_%gNpPrp|2RcBG_R3{lDBQ
z<n-R-?kxS=eF}$fH>+{Yysx_-RkpQM_!i-j*#GF|_7rE@ts5t@5VO$lB2VDU_f^#v
zt~6=O+^e|SQYYMuC~YbZ&E&mxoFJsQlKj}zNq%4p`fe{i&hlju=+zt%m~yzdzxv@u
z6=0arf;Gt^WzzpzHF*7s6YLhs2Uu36oPRfq*6wJZpu8WkA|$z^!bngM-fWS`=#YEz
z#yWpz+xka5Y#u3R8_B#Bvk)7E8P+W&h?|jeQZ}|{-2G%Pj(Y93oSX{WpMDi-#n)VB
zKM0!vxr)*)X!Op}xtQWQv$t<3xs&H0aepMVgd}G*k1C?qeMpe7g`S`}eti~1TB8kG
z;5@X00d+0K51;IHMM?y;5tF@zhhM88Eq(J={{Gs2^a#Z!2=DLxk3e`fv%W)9VNuC2
zp5V<KMn8!h;^ILUZ^^@v%3E?*6<C0tP#S!CD0^P!Y`KZ=;VINw-_d8$#A|a7X9~-0
zhbIMz^Tv9<YW9@2e2(+5T#YUh$22{y`UXuc^5~^W^Rwn~!!tFOjKPce(|TrO?XC3i
z;v`afieI1l!eRd0f@0~>jV@Qy$--0X2Px^F59!GMf-mH)Kb_7S%^>nixAcM9!sGd1
zf{`0vH<<5m#1+uqgM{=UK@mpHa5!>M*N~%on!@;P|D;7L<3i;fnxwO@CC|D6vn>x-
zPQK2}2m0eq@`CfIavmbhs5_Mz6IdSJ_YY~udQNG;uQ1NuCG%^u4wnfF4`tpVo3@a;
z8Fz~di;q=vHUubu)4aZN`tw_~h>pW1t%bw%{cYl8#;phb=E3FXqlFvmlfgV|F5FVi
z3d8dmyP&W6JVth5*vqax>0J;rhXqOTZ4(KIh8#Vfp~hBq9P>~y$8`(PGDhVcdkBsJ
zY_n_1e}DvB!`$Qsvw2BYu)%GK$k>jP$Mr!M@2*u4cw&F>zDxuXriMx$f_dlm&*}sR
zmw#sSuZMT6nYJ!k>U!MojpBFFxs#l+gYmrgLVb%Prj{@ysnRLm_1(Ta(%wopz;NSV
z{K50ie)}eA@fv@pzB2|JN)Wn(rm{724rtE5JR?fYUu^H#*2w~EbDasLjjZwf0H(pE
z!OQ*i9JpgwE>{+Plci|h+b&qVQba1V@~<}1Zuwf#+QvVZ_K7uGc&!?8(-GQh<kuYc
zjZc<Gj+OH$FtY9PwbOp?+@;#r<qVU|i#BwGX;$YOTB(9Cl#uhi_eqe7{8c^w0H}cQ
zT?P;2itszMx9U<#hYXTzi~zRC$~+3FPPa|S;qR&Wl#W1-znP*yhC}Q&)?CP;$Wzwf
z$H2ud`SyCD$&$^Yt4&X`93s%BQ8hfUEjrQVIe9KkK$0HT{vhLv6*{`;S#6_ZIhl4!
zvl7Me`Fl+b8g~(BE^aV}vMy5k$vCQf;Dy)buHng*-R&B%FEUz2eGXERdH1y%3AH=?
zt>}Uv0k67hhy8VSoE3~Mry?7z|Ag%sN>5iuvCVJz;060~qU-XEu#$L79<<TXVSHoL
z>iq=8VWfF+^jw3+v~Ej3*tMFF<|~R`nRN=~4dTb!+Hi~jt^dogNR{68{&gaYg+Mn9
zv@^rH496)K+KON=XXP|xxK`khfYpKFRsQoy!Pm-2r=!JBGquNux`{RWnjm_#BK89N
z;PI2wmAmKE!%gsYFaPFuCnP4pTB+sWbvdJX+K5xM#Ax_#x~|ET^GaX>mZ{mPW)~E@
z6T$>G<VnGa2?eUQ`U93cWrXYXF2Fa8KNzs_|CqYUsH&Q_4bm;$-Q93#kWfOpyQDh>
zghM0U-5}lF-K}(YcQ^PQ^?CLCwb$BbuQN0E%v^WQHHV}=C0ZdtT}`|Qu>hlhuSU=c
z-drQCOF`?6yno{;_fg2@M5}0O1$g9N2J0GmXS_#(tR|$#3ctP}!`&Y!y^NK%Hf!fS
zQ@HGMo#wd=wQdNsz$uI#w4U_87UDXLJkhRRD?DpLctenUE1D}TYzInF<_dg0*%dM3
zS?9{iwuM2S&^q8*RDy^QtJmo{mW>X3{;n=G<@d&=@}N#d(i#cg_=|RKznlJ~^^eQ3
z(?+3g(>0XSriMcAt{uLL8`*Lsd_LFO`S`BTV|cBA=UN|tojpuAU}DtO6;3p3LA_T;
z*5s(?z{>M$&CQ02l_wDNBpsg(g4D8wBZsa9N7xG<$XbQ=^Tp?)?^x2=v=aC`_Qnxp
zE#lRfGSJwUcj~MJX29afHcC_aI^$N#qZ<!^qF#{2nI^WxmKU`e%mNjgDDuyparlll
z6Fh8z?GKSp9bdG*bo`unPGr`5b-cLg(L4L;_y9b+6Z*N=@pJ3-3BUJDX8f2?7N$y+
zpclE~&F_c(TRsY5D+Cr+Z#;FJ^BDUoWL)LP%6OP%FBq7rf12^kN%;6YfrJaB8C}bv
zs*0e!u;^C4MWnLcfT_p~$vVZZx2%jL)k}+TSetk-ak()wYRTHtX*C}K4N69CI}N4F
z*E0eoI?k|Q30GlQFNT6!dk*v+zxs`BsQiAAB69^n&RelFu+BFd7{om~peCrwFis%e
z9CO(dSp9=%^fT|V4aP2$V%F~73aHc~=w%*zkN2k&?k}6=jsnduUa2dP4K6R&ejVqx
zCh~9OsevtJ%BRbljdO67nUPvN)Rp3jj7^_0!fBrikU%MJsd+ape2$4Vv8FHG_1a$x
zew6`<?7V(_3iQG(1m$vYd6DVvC<hWkhe$@&--dRvVvVpd8_|*1!>u~wgMRy$!O3<N
z-Z@Xm0$Gj*`*Xg-$`Bo$K3ritzycY8sDby#L=n$wn90-ALCvKNbbKYl<|w9<ER1Rr
z`{UAVhvj)hUYVQ=(6lR~8Sqv_R*NfdT?a-5zl-(|x8TE-uXdNi2nk<GjE)ve4s19*
zHUcNw<MqUemjZQEBc=vChYWV8Q0e_jLl7_N*mOTZDN%D#l}}pl06fE_fdBEaJgO2o
z?{Ar5c(%qVb)$qzL(A4V{?wwar!!*V$iKT!w>*oiIE<NEEP`$y!faq`_T>(LBM_L(
z(H;VkC~<x7G=EHVZIcnQ^fT+wVXj4h0G!vl9e6g5eU<FRG}@VSP|5Nul23*AE1s*b
z>VWerp1Yf`5Dn~aH8jU7*GLNS{^a#$FRKWAlHZj?-=DnkuS(I^Cxqn23s{d}VaZ9K
z!<naV-sWP#%M~9Pj1Tv=2L&F1354(B3&*kbOz8~w=BeboS1$UFjkwDa1mxv42#JDV
zDkcm|#%bu|+l8O6Xj&BZ)8ISH1<v^>emqG7x%Cp4##te6*k9Zg_%daCbAFxjFHYYQ
zv)bNpkzLPI!5MV6OQ^2CR5ITS&==SK%s?ADjgrf98D-dj8j<*qGa}vfd=hjPg|~Zr
zD6Dhq<QY@PVTtF5cdU!uc0C`Z*uwEG%qmv&Yo*iby_elqyYt5YhTMZFAmyK9+1SV$
z5&&ad)Tlh|5NHDoJ1Qv}TwG(p5wz2)!HUi5FfqX0N{cKivc|s#ot;TW%rK03x|<7S
zS}Q8c)trW`b;KZu@kvd-Aoy+RYJD%CrOd=f9|I>(k%Xkqm@#lEAd11G;-n4Ut?=){
z2|=HB#|E}|gw5`soXA2P(kz+u1?18KF7OD5Pa++%RxeGpw#Jl0t=00s*DYLBnO!&C
z<O-hpe!$immRz+cfbb*^I4w6zQEG+%j8$Gk<L0=Jca6^?*+AUo-8XSP7xWl?@J#W0
zc#o)QnPG31Bi}L@rVU-FBTvgHzxC9+XJL*6&RLD`dF@{m7mFR=k^@5j26~{qzV(nv
z<f`|gdihH^Kfw!KhA=g~zy^q={Ak2Ca4GyLeH^By;MRnf?oh&$!RB?BwEM<F#X-jd
zRW@>2%lXc4{F*VsU4D8qKi1<<{>C2AguSt?D;DKJ3t5#IpN14vR0{xB&}gW}Wz+&t
z2f8DRD;=<DL+u<;{%5};F_ep*iszElpklqJbn^`8Ys-<g2_?r<$I|C{*%)Kc58o(q
zs-T0zbehNbTA}|e=&9d^i^VYwQT{k@)V4%mkwp4|Z{-k-3iHRb&TTUzMsAH@>_kB3
zwb+z7>+fPhAg4kaR;ZmO1DP2sk)6Whr$PT`S#=z2#{?*QT1GB3-IzW{(q(D^RN2sf
zDYRf0vnn$TMy_r#Nkz-n;C4`_(DSnD!kJ`QKRlKDQr>Z{m(acWK-jVWvi2fUAlBbd
zAK@YGmv&~BPDizepp=Gy>~&Y;Y&0o$2VAXg&P%Ql<wR1kddtheyjT)ToO&~yf1{i<
zpc_Q*JUK8-WU2h|s%H{Ey*i_L1p->ZlWL7NMVmck-02TRg==SWIjm_jneTxn_6#qB
zbS50Bj+i<ntMo{xQ9N<k9F%eqY*ZdM=<~ms3D<oVogXy$mj155EHth5ZoXE~5YB`-
z&PP^_xplb-*hC0NdKBU(ViRU5Ii1EXm7vyiN%R}AUES|WdSd5S&IUBcYiC4GXm6X!
zhUdOAaxWY&zaK^I7xm27L*re^h%o(+J!A8;s{fV-s*fqu7s63-Oco&obSx9|E=6WZ
z+`EylLH4x3%ByAAftr5-cul^~svPhWcm`!^(Ha#80ZYQc(6TpNgazDo-j)!8rgwC7
zP!VzGbg^{y^}HCqW%PCI>E!rRI0@IuUMAD4`AUj^R+}w=5=4U1h8m}gBX(tx@!$YJ
z+}__G0bWpCYT!Y^MUqv7!MkGm0bvWi{cC)cH%^%&BnHpGR++9(Ei9s9KW6EEur}gL
zNrPFyD(<QZKB3Ib0JV3*ZChtu8wbZl;m7krH2Y_ZTyz=pM!eZtt}NvsWkThsmxQwu
zu3KFw#_Qe2Pb<O>++T%XNYuVh<UD6<6uSgTMOHSw;SsdmX#kqm@FF}w4vctTy{vOy
zTYJ*cV}3Nv`;*<BwO1XMV$z~kFOv7SWDb9~TOirjU08~9_nZ{J!+(CyOV{drQ16@;
z|2OdOsTIjrs{DmqHN;|XFII#H>6!Dz4iE67^SEK)B=dGMuvgADgJi|xieZ(eL<ree
z5qM*BIV)r6Okud>`gN{!14G@^$YoKzgIWNeJQJ;^>N79XZ=RQ6E)#s0`J{LPuGvHa
z7!LCk6NR^|sP_)9DJF3AZz}Zd75gMfa~N({P{mjyr2nn7aA&)sdx=JjnQ{95sW}ir
z+K55Wd3Mtl7Bt8Zcw-U*KiFG#6BrEg$6L9|X&I%dl4T-u)*RHL{YgCI%F_1%$}rGt
z(S)VUN$Ie#GdOChKWN|$M<dZtj%YTHAr{2{o4!%rTE#Eqn!y%91jFUxaiG9796$m*
z3njhw)}*MMSKcAQLiUp`$Gv`jR!C|T{m_<(IB>hOOk8UVjxN%Q1SQ>Li>e=v`Z7HW
ziznUgUCS>9sL)=x0vzfzLtnegR)!Bf>YBz0aSRN;VR<>1-+Uh96Z<VmFqW}`(PjVX
z%V@%G+IG|pu{u%B?K*YznNBrfml?DA9T<T(u1NAmtyH!@eS{n;#pDtZ1%VoyD;jPN
z0Hg(>jDCfNnGOE8E7r%y>>0?A*}rq03md}nVGts$;E)>oLEr_Q-D2ejA!ITd$C#hw
z<B0U(ZEAXa{!&hGu(Tk*#aM%d%~>QJJJp2$YOzkfmM~DZN>cPK`-E<69sU6U7A{CK
zZ;{A{pC_DPh6AX=Y?>DS8AsTQ(-@qOzySEEV<A5L2gc61A=?%Kq^j~o(ZaL^+LKp8
zgG&8q#Ws!mx~sLXM%L|4W+T~8cWy;-u5l)&`-*2-HSD+^L4wJ{(n>J3q^j3x9ziQq
ziPP%UX31`xy_7<3V3(r|OzLmei5bUreWftJkF4NaK#k9Eba$}m#PrWmQ1+}SzKxLX
z-6uSDm2iJ`0RMX!s}NgAE`^h*j4jQSV9=PvB2vC+6=;+NE3Od}w+LrXZSo<%mrdo4
zTyD%LgO?7V;-XUl6&dAql8UPh>ivBCF}F;Ex{t+;Uiph<59!5WQK<z=!8-Fm2scnm
zpV5iLlU*D3nA;9}kM+dfby2?mwh_QKGvGsi*&<r-IORtFn*rp80AP!`)v6+MuBxDL
z!2<gQt30m*R%yaW<LzgL8w4UZ$?bvUr!cO5P&5Cl&^jj|T%~JAwH2=ub&s$lr3dBS
z7c=@7#*eLEUlLst;Yxr^7T{T!)k^tk3a-wtw;r!IE41)Md_G0Wn>#r+bnN1v*RY`Z
zdKx*H+AJerc0wMJike_2N!>g~3`7*WtcP6lzCS?{x+rC;dj9P5B*5I#$GQ>FPV$kV
zuK6SC$aQ1YuviUN5tD!`w_$O`DzVN*$~Yp*(2_Vzm8J+_P7X%Z9#xHD+UQ>pfe@M`
zt=Ytn)==jAM%;uokb~E__6|3FiYL~IYBHr*DPGq+(zgMo`^@z5O{i*DZ#(hNC9bR~
zQrAs?=~dp;DZ#bSaU>?Mx|nkDQ!b^nK~Q}e@1h)a^&e1^vL~bO4=zn2sTLb<(+8&K
zF??hr5$g{5bV-)bufoq<-8hQoid2q6UHxxkOYw=Rejz6dwFs)6v`l6w_Bnf-o&_z-
zo`2$x$B(c&@^vZQ=FH?-4XlK8woCmg1G^fN2R*1do$w+E>9!(ke5TyRdehR+HI)+C
zMq$F);5tp#=Fj#5>TGT&#A~}qMro0akTItQF(6I8HH!$dZ?Z7;f^I4^Jax-%VGs$6
z)%v%;6A2yY+fkdu>#p34uBw{GE;ThnEx;rV??zL{G=yIj1&h-Xi7b*LQ%9pM;EwBQ
z38Hd%0|McDr@(1{FC<RT8xWPuH&|ghG@wX*ApcY=gEW?^M)&8a-cp(pvJW{t%q*WF
zVE!s5#kFrS$RzR0uu-6WEpy1ZVwZw3BTQ{;M6Nva;74|EkT5?jZn^}UA4zpbW+i?l
zI>jnNAw#40#W_W*LruVuJQF8XgKA3SPxBnyOO-v#rQ0kGpi~%e!jQ-qGm;)l98;LU
zykAilb2OD&1>+u7Z{U=C3(_?2-y|&amMS~^(kwx24VDiy)jl<gXE2;I43V66ohGaW
z?^))}-I8Aze$JI6spL>QzSC|DN`Df;eyj(b4bCK@nu4SKb9{p-ElSGn9UUobQQ@`$
zkfu8+FZz6^dJJW|kV;WiSTev(^U~~Od@pX@ALFm@jiVM6C1oS_LE)tJjo6ouiOYc!
zlbY6q)GY{0xFg>f1qg12Wy$e>*70<n@xibiIs#*vx5YnE&duDX@dT;V2ivscwg@lV
zM#?|+TIT^c#03_i=+k9CX1@S`c^mPY)5^X|N^l|{MR*HIV(XLbm}68m`zEExyGV%R
zh@s5M$hc!N*QfvWN8LOq1=OF93McZS>vi8jvtinA?#f9T9lJ`bP>|Kum^xODCRfRm
z12La2%{y=8lg9F$?d-Tdt!|e~JndUf#*QzoEOpWMSKu$cBMkc(x-Q9Lf0Ck@I_v<l
zb%!Br(@6}aO#5h9tj|@6(Do_kO;5_~U6OQvfrX_HSu%e4>$jZ6Y?%wqs1S?J*<G5W
zf-x57^Uzu*_ESlAJ{z}OYt@Akco+JQRp#kd?~vS42+(*6uean`T_E5BmqaHLb%%kJ
zo(u{^nSpL|vfSR?wc76o1P}aCK2kCZ1T4+S*DLcyB{Uz4f0rEUuf!kTl4MQs+atK`
zR_2QBdC5j4gcKFXr6afl!*6*%rEo`T>T9Gredo|sCNog_2Yt%clT<)2;e0eG9gOt~
zG&;RgyhX>o^EMXM=EVpgiG+dZHVvQ;{%)>yRo)~O2l7$SDs!NpQ&bg$I8AC{j*2q5
zVyLIe+@vK=rE8;6>-9LWtaV-jBT<QXTc5fOSeqr|PpU~?fKfsc(>+Hq!+E_J<2vG!
zB+w(%gKs|JAk_PxGQY@!97sfaqc@yG7U~9tDhf0h+K$qztcBek27KJ~ecD+ZfOaR)
z`-g?0$LrEV;pdda=_9mMx>E=ZB8rr++r}ENq}}RXcsg?NS9EnIYbnQ@F!yQ5THbA|
zN{_+M^PLDu_F99Ydv=yGT-(*rjy5g*38A}J>E(gM%b8q5>(`ou%{Pr8oey+HuFt!P
zby75LL?VO<D|8JY+M}3yAo~LpPHD_icI`Bz_c;uy9^jF5SaD>=2571d_BzT8;YyhU
ztu#CiX|d~HQ2%Wd_aJ5|n_g_tv4=n}MjbKEbNd>bW-hPkK5sfcp`Q;udd^nf&jbX!
zU!Gik4#=efUw}n=uRB1!*OgvU(mXMA0$4I)BtoGA2$4T_v?}0j+`6#*J1~)r=1pCd
zQVn?(hin3sY>tv|#^$>!d1=S}D%;3BQg$SNtIm){iy<H>x!?E}y1>>nW5JN&1Mo-m
zX<lA;v?|J7Y&R_EH&02r*IP+WALoGyJ&K8ihlHkA>wQ79zHT0{95O27ks)8dtEE+Z
zT9Zlzn!-E{Y}q8~9*$sdf5j>Y8=MPRd~_Q8!=z+Q7!(GoiF1C#7Q)7qL&K<!B|MzO
zBCSEiANjYGR~99HJ?fu?=G|e~q--E@K@zI>VgwqAaf0<ePXHgze?TtQ9?U5FBQZ-?
zRfLz_xg<2-c?vyMuJIpV3zsU!y?Y~uaCkblGw>44jn9c{OTxNkQqZOEi1Pj()e2Cw
zmQ3rS)j2Xd=!DM}!4=Jn&bfVHhW^`(#RI+282U5_xfq9`K{H#WfAtn|0b4s_E_nh7
zUr}nfF_Bv-td2ln{dd`UipuhtDY=u^23zb^lXm1|%ZldX?WeIPJ9X`h6D_1XRA`@^
z5<RqUhldxHWy^TpF*K}Ls-9*sMQW+{q#&J-KPn&3)Y(Dy0r$c`-DEzfVm=qn$<NhK
zIzlum)s#5nzWp%Ca6cZ`0W6J3_mF;H!`bB>^l>j=7<I`vxj3tyk!cpHI;A-(GP3vL
zW=&^;TD}5vEmgJvLj5<X&^`u;v$jB=GDvA(Is(c8&6I4Lb%Y<Bv%^<;e7nZG&pr*7
znP$(?7_?)-u>P)1Kmf9L{3>iGNQtF&*F9s-fQ6j`o1^6n8C~MdWRu@WRa)^C`{s}z
zH(rxYew&CGh`Sjf-Vu+?*>*@cS5H+G@ryBF&cBWxsw#D8NLhSe{{=P8VD5=p;k6K)
zt;o53R}tlAg`9Ea!S;KvtksgZ&mpj3e~orCC^N%bNR-fqp^>|<i}li@iwge0$p-Ov
zkucEn&3JeofI9(gSse{4W3U^xnA&(99ZmJCe+?be79AL3O3P9DHvo6w-|VPhc29U7
z_hvt6b!XZ!(n)aIF_(!&#CIgV&26!ssBMC~R0;NMp5fq*Qh-b)jeE}n5#?9Ms8BI6
zF1MXLYyH_KF@P0HRe9Gbe$?0wNW9~5Y%S}7#1iy*qkgtWR@nD#P3dR<boUQ}9?LhO
z`GoW|jSib@wV6lvIcfrpOUdhB@NYb|lMH0`mi}OD>iQS0kSlB2u7-FxW(3q>H*r!j
ztiVrw)mA6$(NvOYf%cjbU%9&;xc(}Sb1K4i#x~S7iMlHwJp2u(jzder2vVb5H=jfW
z9r5W%Zj~F8DN@~P2|nUJuW0c7N$n9gpB0#Dykn$A?&tVOx`17S+wh9MjXqDXjLky)
z2d3|&Uc3i^zbhprf@5uHWt;OL5Bh5+<%&y<v-L3KnTrg~aZM-Lnuz<4NItONHK~Wh
z+WZ22;BPuP{W!u&P=^jA>O>JQ=6r3GA%HX5DY88?guW;14JD}qO5KD3pLw{!w>fmV
ztcy{T@iK*ea{lB{au)kpKPdF2kuRAdLmc9Ah3jUvd~+v!1f5(ByDhsRRu?w^rFpAT
z!mI&{FV`y-$CxFpq~~sm9aO-kn5ISEK@FUKFEcRv$1;7tKCc;KWJ&8&c0mz5tPTrZ
z8+MJ_YRHcysv44Y9!dhG-hV=FXNC0FGx;J0qa|(YUj~8_!A(tzaEtYJ-fr!b5^I<6
zn4ZekicpCsSj-w`ZB&vK?b-Aze)A{iT+tX6H;Q)jjyGUa<0~5={z!sI8?YG1!d_$i
zDj=9rIm*c@+1lKto=Tf7Hr7OHb4&SmXo06ncAn1|Y8Ci_Wj$jqS70_r94BDJYKe7S
zXA_xV_Q(K{_ibwkQ;!F*go~Nt^yv$Ce~1h|Jwg(j;sT(b5fLDWs>o;p-k1$n7lLKl
zrwWb_{C3iTzi6y|4qWdWuO+?^%pe;)&RyDrl7=VmnoLuAPVU>hyJlo&JTf7bTcdj(
zRCg|?HJ(=|yjYWkZi)oc1k8>ciHL;59SB$1T2G`?-zn=2x^n&4%T0kg=H_#3&lY(;
z1@~*Q{c657O7H-cwe{*`f_yTb6R({R4q;D=44Qw)x73YE9%NVyNS@{s(H$lln;xaZ
z&$ZX<G%W8J@L@Lp*`L*X!rJcSBoP)tmB*GofXiEab?P(7-kibYr)-q$Oz`}IjVHy!
zc11i(cJ^Q&I`iZwgSeDccu1=ED<>}u6{*Shm?oGv=~m?y+-sUCZBxs3p>pUzAuZ=!
zy&j@f;j@+)KF_VK@(h9L05j!2ybmPm*2?iFGaakz6~Pb<N}a(%hckLOX9eUy5C)cQ
zU%~?>5;ytvq|U!&e0_Inn)WFkRz2wxB}9GDgSm={2!?o-kgEq&+Mej&daa7@8xNEC
z7hjb5{M8y0_Hyy=tAUsk^{^j>DDP2o8t&>A!xNRh@GROiJZ478wJ<SaRUEdbQ?2&=
z(2nRLv^=7u;#E-rsU+CI#bUapJB2hCm_|W~dEzeJOs)d_2}lA=i^!_LFKaAX2gEvH
z-P`qMX-B!bOHiR1$hRPOr#5CJ$KGN>iYb(;P@qFSlqEz|6*yX=Jiab!zGOhh$crqd
zt#ZMC8D&pYaQjd0IegQ)?&KDcAi3{b76}ylWI|1A`;+ryZg0YW@aa0$h=ZvM<VK~o
z2)DYxYg400+@f~<&S~k~PKD%AF(%Vjn5OaiwD9u!T?0?}9#1R_8=vq#=Z)4a=>Htf
zfSko*=t~RaLLXW-=nBhh^e;~9O$biO*LZl%Gm-B=VMI``lk6Qpy*8p66d>v~NGLZ_
z#cYk~PlN9-q0#@89M@ffHr~Yd(<CI;<9}vkk?p8P(DI0l*r~#aHrMXlb+`GbF$C4A
zwn3wN&Pc-~gScyj^qguy(+lu)c~*-LScO~699y?{12$@E(3(JAHFf(K`J+bQ5{`8V
z#FOFl+Z1Y4u)%jpDu^f8T>w>I;EDxf2Rhtpf4lmSQb1t$z&oa{LM8qdqkAvoiG{HT
zm-jE)vP>Y0Ca!$V&RrxOz0wSfuvpIpU-M64TzWJ3vIR7E{`RRxbE$EPh^6D+u6xy0
zr`~HR9BB>LSbW?Ef5UzCNyPQZ1c0eEl5b@B$0Q2`)F*7rYf9)_dR5DY$QX~(`ww(;
zW|bNeRx;c?=fH1eF)ZgA2O9lj^wSR{v|?;Qtq0+2(nj4p-hwwSWgaRWUko`gLkCc7
zFd~sv1eHT4fSfwPOt;ap7!+8SciQ)>mWxuYS@C6OYQmL8BXH7rH>*(R@Lf(#kd0OH
z{YP0vS6J|b4M>~^vqBwNm`)IiY7Vh-isyBJj_2>gHistCGPf}p<#>x4MoN2>RP)d`
zosY16Y$LHhBlrYZ`AtF%{CydL#9VeuHU1AB(8l<ogW#lq<g~z8=eb>K%@9Oavwmz(
zWa6)6l!N<3#O2q>X0s_N_tER&60@7{@T!tE_Ts~MM5IH#<z{O(|M6~C&kX2r$w-s1
z&oDIH(Krj@5&O$K1?hCzfIn+V(SCbGib<L>s^W8c+*LJj-HMTnhd<Ds20L11Fh|VT
zYZH88V-<DSZu>7^H4;Oe-<MC^@7fDp668ARUIe!@wlhmDTkr3Sy_&2O%{ns%kYm3T
zE6;6WlpFMqQGejf$6+@2(fd|JMEd=3qbS<tX}_L4EiLCU(6-EE>c<~HI6Y)@UpWw%
ztAy(#OL_F28N@h6!3bWlE%>eOR-J32RlS$LOwo1JDKJ;*f6Llj-;&UYt_77B6ix~Y
znafc!h8TZ_tz3H`)k}*0E<>K}&x07WGD_j>7w+K@HEq^YUiS4Hj9$9Gt&vZm7gz!T
zGI-oE*X?9P^vM}wXHicT2Q|<w<hC4;mTU7+Bl(k>cnhHA1t9WTPQGqGA+hW~)mgy}
zT=5qV>`~grml#+$IL7#G&^E&mR1Dj-(vhFjfzH@p(ud=I$8nfsFjW1PJt4MT(bIbe
z)^FDW`slAg3vu_otE3u#Lj^R&9*tNPWcV!fGZFEpz&cbLZcK~nV%g%9BZ~rqV@&?O
zhalp}r5=+pgE`kYpG~C`Z1#yj8M?7{t}6MN;7+GhE@U|c+r94ZLg^WQn4FjT!AlTf
zO4;62R=>rB$oB<T>H4e+hh?nMR37st3ckU5%Nz5r6*}(%Q#ot{ss79U_hba>i*tV0
zc#E<(6M2K&jVNyY(G16YEKj9GyQ^n~?#ity6*G!Uq$0iQ!@>JOgH{mX?!;?8$N};%
zFEk+|LJGTalCN6a)R=!^Xp>3Qg(zojH!NtWS{dx)>|8K}3GR~%{>t5=IEEueoa({{
zMUauBdjwU$LinrWW|VW?c)*|nHiC>{*w4dn6cLjUnkpj<6ELqr@<ayxSQx>Y?6mli
z<^Dy}`&`$HjwQ}9KzjOOu3JeNg3cVEZY>mc&miPmW`Z2%Hy<qOx^>Th>gxnuY{RPD
zy|Dx&;(p_eIHEn=alD1)9ggh35US3y`o@rn#P-c`86i-*(v|+ulV{-b8JBiibk6EH
z=$y^?hd<iF&RznPf9Rpap&bzsX$JBrn;xWmQt8sb{PyM^zLS1AFqB>K-`Z>>lmM+w
za!^<-WN`aesJ~APLT?#vG|MbU(^2%Wn+v;A*W_+?O}|r~SOrSl8EZW8>JoVCF~eP2
z^a-oxpz%-4e>}!MXGn@^iu@~;G$X4%^>z~Ou!ckQxCVx@dA%&VF!geN5c<deHCtrr
z-t{cT(bZvV;BL&f_3=za$03<$p%Z)1(bKA6sBGh4`NqL`iJzcvJfYkjt3@eptvq2@
z&8CTPkwm@GEeaTVxW<gXnkA>xL*5dKo6&5Sva#_i1)Z`{hm?u0OP`LvD(rA9Lw!Yp
z6|HZNip7AT(ivh#R7oQv#S9x;?6mh(jl_qD@|REoapDMP)mojh8k8zujbBGw=uC89
zD~IR&(71s@m0|<@p47Xr8tD<m5kPxeY4r@u#!jDK{hp--V&#RUDMBb%B!Z{WFfTsI
z_Ew~CvWf(Y+w~eow{0`&_EXnnE>=e^-75_di@8_X4+g6ez>x3$Yg{Z{@zuNH3kO^6
zZN9ruX|qdR+JRmkvTZLSnBlZSFAAISuoUn_?go`>I$Pbm!x+C!=jF7R1A3pC*2qPj
zm&Y35n`@STFnGdtahhg473M1wE762{lNO@83;}?O=3&7YQ8^GffgZA4EL?3)Z9ejM
zTONuiHe!j-+ai(SV#?;dn(h>wjAa5slx{;yEhi<QVJ?=i+0+ToiT1e4`yI8hS4^yz
z?6)KZm&Sv50zySJ=;=Q?16gSzW~7*~Mc37TQ;GS91woCLwDHh)lNc!sPfgxUmBMOM
zUC(eGJAu9o`0t{PK1f1rM|^@%s~|g8wM}&=2r34!+sI=yWv6j#j|EQI)~&U^k>j-o
zdymgTEx=V8jA}M~g%fcTy(4g%sOE4MGpnsVaG-wK;(MS<Y7pLn{UqF-^$#AUX<4fW
zH`}EJiKPW4UDE5(#S;SgR?FU}zO)|WR)n)(+|B6_Qr@5|VtC{s)ln&Tn!_|O0$2(7
zJi=h!p5a6B(@X&d4NYh0mnx@tvLJE(yAWXStxH;uH7rXtVK<NVkViDqv-Xh@)y2}(
z?oXh>nNBMHK$X)<M^4h$g=pM?!ELD4j{}0#+Q}L-i}5Ns!zwFJ$F?MJi^U1zkxUCa
zk2f#~Bor~-lhvem87~_$GEO`%A#Z7pbb5EXG%K%iiF)ZR<x@jN<*LJTpU5Se5##wo
zF--apN^i{?N@X%Kz~?2&Nn!;f+xC;SrS*XON8)jBYho&}72X}wG_`(sYv>kFr4T#I
zAhRgu#!9CiT?pgMG$p~M5XTu_!_{Ive*pTvCl4(#LDqb;&v?DBfwXtfMOV_Oy;#r2
z6%9$4>h$H1`013mdJTn*Ab-3SDfYbWGsgG1bLN6DzQ-9q3fGm3@?&_7pYT`wUdO;u
zbI%=L!uHGaPm^<1^a5QBp4k=j3M?a1?d4)!rMcS<l;9@8`SA*>l2o~5M*OhZ7*1$a
z@Uz7=Iq;VRxPrO*SWJv|MZI}>N-2$OgpHThoeb54n{aNFN#Y$Zhq{2tg@qsI6nC}r
z;e*8&38h46LPT5xy-9}5)5i@$+}A*Uz=l_@rr*w)ATe|+UbV&XH7=$4%W99|Qp-;_
z*E?OL)*Y86YnTQ1EaI&kzyK#$L!AOk=<8<%OAkkl&#t?wmvvmjp9m=v>)@C|->XE;
zMjg=6!}lZ5xJB2eiR5dATDFvhJ7_f4cK(r>;fa<0NyA3<pbM;}-q0stG}0Gdl>)$i
znnOYE`<zu`cmFM1FC`&i-V*z0*H2>>DrIU>sonF_GFp6XAPSB{8zb66qXXv#a0S?q
z*SGQz?(Fivd%;N(A_?jRIGhaK$Po#q#;6#E2<A1JL4XX@NNP$bjr_z4uM7U$zHfHs
zKGKv-jOmlT-VdGLKwCe_=#y5Hy#pze5Ucg6N;=3eqo;Uc&P)!!B|lvj=z=ou>hHmY
znJ^vmhYXIfypA=ZXYY5$Qj;r#&9ArS+R^PoZwVjs%=F8ngD8gueh{M`s@NXGosBO`
zwd;xx73OYV(uqiPopU3WL=|;0AEQYRIdDFI3dZ|6T)!)h1>_l`0d1BN8r*>YdR5Zb
zSz;?H0qT^yi#sKeIM;bmW@yT$6jeOFSd3S?+D&PVqax?f^iTqQRqTrf^%MOCUny>?
zQd2qYi4qFtkz~nIG!2XR>KiGtLwZlfU^FGr6j4aYfP_N{XILD3L<L`x0N&O0nGRhw
z4-;q_Z?#DUX9xyZP7n*G)z(~B43?HI;HWnSkmPrBljRq>=vofVU5}Vc7W=dy1Ae}M
z=chal>KA}`LsijAiyJgut0!if6S$|Kv;gHOMaz~|0g}udm8vdQz2>>9d%DZRyYdzF
zF9$CxG(YJuT+%a~YNh3OF?xp9-SrVYoq&(-UuwwpVu>kkzahQ2G1T%o(z`7#f=aFH
z;tA@Bq$7})GMWs*f><&F${d{3*>R~pqBnq7lFDiY0U`sW5VYy+%@5+J>WR+PH}Egi
zmH8^_Z|dZ+W;$t7m4%{fk9hsa7~3%GMxGu+9^)pm<t9ytnxYs8y*kkMnh3_0?^qwe
zf)FDv>-8iA8A+B*8@7Vme2+(Ib}=`Tuy1hJBM-l4UcGw)@oiNU*pJiq@>E2{!rl=A
zu^N>(Cnsq?@(ZlDc5`pGf~0hEU^&EG>?0yB{^?MVxymPNRP%}$43J!P-On#eyi<>V
zyw-X3pxk|JHiE+LSV5J!b#89CY&~1lP(T35LMCru;3_Ynkq(~)COd;D%bK=&m@4pd
zt}(IZU0Q99U_1iT-TSiducKw#M-BwQI(YkOx^MC&9A&8_p-E;lqe=9R?9tdf=#r%w
z3-$@v$sQs+y$YZ_?0?f~{{U78zXn^Ev*_06K5Gf8U<3RBTkap<)tC)Bd4!>%pgXH?
zw(L}x-;^9&4M(Fh`kBsFvMWN${Eg9~l(`yT#)f;-4BZ(4dwG9?EBgg8S!-x69I%A3
zX{Gcbmgyb`*c%bR-VzT&M~O606!#B0_Jc2Bw4*MG)m`Cn>mu+fAjMf$DXdB9z<nMR
zd2_QY`mw<0nw7Kqalt^aVa(1V_;3j-^}$Hm4EPIFa3dH40QDGX^NIv{=6MpB3_)#5
zOx<yq3Nw}Y(PY^C6Nk`l`y2D1+X#N49}on8^H$!B0k-~(pd4Ah$sC%rF@z^xs-ynq
z(Of2$oB$y>BuO0F$z0m$OrgU$=+wiZN*kAiHtvK-lSnAsk?B6l2b2yOcff77?TvtE
zUImK1JZ&qyGCb(fE0Pxl7EhN^V4yNkS}b~=U8>K{`H9UI9u-03Jt<pXuLvcG#``}>
zUu=LWgCwmClJpJ6m8KIYT|dHI#U)qK#rECo3d-9(J64#0?}fPL^7iM8!R%o(KRYWu
z@MY|TodA!_7EvetCJ1y32xyuuK`-F#&1fjHNJ%fVzUHRvRIBC=Q<WwSR(p%v`E!*S
zQ^IfC2Z@Rnf}j=nTjGW_;2a={bATkCGO$tyiMo*J)1%MkLKj`2L&eQ^(NY`Ny$?<`
ztt88@N<WYOLx%XgAr?xt;ml6;>)}bjUaAm-|E;MFrQX&?rTo{PcckD5LvaJ<n8pmU
zsUa5>K5X&g!@htBx0zaT9r7t20<3p=P)zZSwN6q%^erU)?DKGa(qfR^cc!WS^>}3H
zGq>MZglVU%rn#zSltS*9bH0r}^AoxiAG=K55c*P2KI&HK4mXwQgQnM%^ZvC^W|qZ_
z&2>n#$383U%Y=)kI_KpCenYH%%-7}@1lim7!GD&&F##ngdprawg>l7VTg+jsfF%(Y
z+y00GTv+c_Ap1KJ_LpFkpoyRaO+<KXMc&uJc0}TA-iqGS%GD*bNz)SM0t}fw%;La4
zEpZ`m&p58=zCzjtQv0Z{&7lZ^*D${ti=1?mV%L7WplMo`kbkGpRYO+sF2T6T-A2No
z3sTOKs>J^a0Jrr`I3pE6=`RKR4~+V4LZRd2uO;H%f{K2YZ&R3fRwOvj50tCj_>rb@
zGW;33)7=oe6Eb<M%9K!!3N~(^i%f@YreSohZ$$Y0R#l<|yY(9s1u(906N@XbN{%X)
zU`{L?nYroRO0N-Z^N6<b81Hv(gW78?_2?!K7A}w?`K3Lv8cl)ZKq(MY!m?BbiUKIZ
zJ*(<4@6Nzum2OXjY2R1OF}%_0(k~X{&)`pP&So3SZ=bmwVJ8I}|34_R63Ft;;m+{~
zL7CB!B{*p@xK@3x>F!auj&nMmm3l)@Con4YyZLedu?|tg%L!fiQXpVn^ybAE>7|RP
zR>+Ya_^|jE#)FLDI2g8)dblRP@Y9(7S>}brn4IGetWtP4SdX8TH)r*v$hTROZxW@n
zHF@)bkzn-Yt|jzQX2y5ejek|UxncBQWd_YCaWA=axDFJ|Ah^<z5yWP%-uRk6v*P}0
z=D{6$z!>x{7*?h~hXv7PA9n(;OKb&R75FV0HrBTXx^0OaK;`#WHDuuGv;Dv~U<0WJ
zHz%FYp|?nl>{;>e#Ux~<n-?|#qC}X7y9D_-C084HHSlmRrTkX;&!ukJ)`)oT6@$eA
zilUyn*l9<R(^)USK(7g)h`#aRqZkQibx}7<EbWM5cG^;Ykwf`9128d|CWb47%vIL|
zq|rei`bqt<Gnyd2QMr?U3$)m)^9ZXrNL*?cgYbi+{Jdwiv=)7%>H6^fBwAS;6?rns
z)z6wi;*|htF}*4NOIv^=2kQ6_G068*6lH={eTO)T_MAM^fl5kz>BP!`DhiZ?N~n8g
z^8d4EfW2A}5uk=5Kn-!q^;z=Z6@&9-FFAwC{duTo^c~xZ>$#u`1Ph#tAHESeYl-@f
zjA;red?b_eB)O_j`)M31xFAt)GJ+Q2E|5w*W2AnjcdH>0q2Zb7ETz96uv7(b5M9{|
z7|0fK@cRuCBb$RC{mHpeeU>r85mUYm0o4h(2&(t`N@06ab_`VOa>^`-c<Bk30@D-v
zqVbjgDCz`467C<N-xK&gT(}Fhc)Bm@Tr>Wdze~K|liS|$(`_t!JoKnqurfd~`eZ4z
z@SxxEG@rK9)>=i+B)=lAW~b@;(iQ5iGE{RYC%072lcosmnH2wMwcFeRV+owIQ#D4}
z6MTx18Q7F}Pl2D&gH#SWP7H=_tCcgq*fT(qwcHL`P!nnGy}nh)GMX)Qkz0XAPG0=7
zkvhW-*Ko6=&YSyVNTuEC)}chOHNDoAB^yG=_RHwygZb;ll&R<Y9KpV!rHRl;q0(ER
zK%<nvm*i*hfs5gWx9RPZ+`7PxV?`&-77WnCzeXChiz)9T)7FRWs0|uL^s^iTUl>dT
zKd!QAv-WU!ZZe#W<Ns6_NOSd;fVW_@!D6_Zx02!IZeqrB1c#{g-sn9+&~7H_96z7B
zyhxsnm99#K(~Pwj9W=}n!n`TqxizahdMK4mx0b4_66nO51pa90un{lOWqXpe>TO#d
zZ(g`tvZ=}RJZ&!HyOZ*-k(<`hV<{JU`VZnakCj00P`d<+vc>u!6l#3;z_-Y()m0iS
zRtdKa;>5_t-nk}w!<uIPU0}V95Vy4MsAkuSTWBD5AWA0caA{UK{2r2(%#4n3S)j_d
ze6Yp<n2Cw9WZLJ20}*kEsMyO5)`lJ%=Z+t1w?>~1MUuR?a#+IkRDw(~k*?Vn8@~W$
zFs$;C>_}V1^#ppuAVvpn!82YBN3B~wuiF(g=L8~-eI8wpKnG}udk$i6`U`0U{91c!
z0H0VDRfj$}-%^Vu`9Wpl(yx9|nip8(U>pX6F|{_;g(@`|2Mlbs_%8i$X{G-eBxuyo
z#wyojVF!8kzGh(|=)F6}X(Z)8tzqOAh#J7q1F6Z6D4QhPJ@;alPw0OYEjf3oy?SFT
zW;P|FfrC>4udq!E{|aMX?ZP`dL=Tdo?YkQ2FkVIB2(4c995L(GRf{j~ewEeiSk>Z~
zDzl#u3U`X&=<eZxGs@eol`=_@{SUp9%utAgZjJ_f@ENgO2<Pl!3o{j}Dky@*$zGIR
z?_*9PZQYH{53f2I37@W%ew#zJwbt`M19N&F27!d}HFoJYy6^2fCrJXWp4>)5#3&f#
zsyWb{)1i~`m%rM3!T-f{27&d0P3$fy<~j}#5s~?(!{j8hOeu%MswUEV%PQzVd;Zax
z1NFy-=h{=`v16F3#Ge=wHl`aNFlNdS#xLLJ{86|J1i>Np6m&qUs6u&Fe%qL|KE+v?
za6o*KFP;8JWvGwjTU>=JC?h!UbN))FR|A5A&I>i{TG13l1~i^iNjI#~djsTj-ns4q
zMHx;xDcS_fMnKmgMfx=vbm$}IZOpz2vtSD+o!}%W&uNapatwc2p!?+vJfxtQmKdg$
zg}?#piw8gB6q{m~Ox7Flt4`Fv`v|TPy(dYp$z<ez8);wvZ``BY`X!s#J~GUl#Gr8t
z78??L65M=TlUWtAj-ApBuF_IVh7aW<DRt6lc;6HNZ_T27ymsGGeiX_R9tH=a1mkVD
zqSRLjc5RSPlqYbx#yr2=sZ|6-EnXdFJF9DK5nT>}P?>Ji{jB;3q4LLErAJoo1IS~d
z3#&}c=2*uIrP54I41ZYQv{fHIsx&u>hNFP+3WHGjWvl%$)#kwEF*{(jn;G|BZox~1
zb)6XCRBw7=-Y7=D(C#s@y|TM)e5vF|XlavMc{DC*{}##ww1wBAdBKpwi5xqf(+P;P
z46zRhIs5_j{=rE3cPE@NA{6=n5|~OjDyrv|8@`_o;RZj)G%!rO8_(ggz2f}<|D$oD
zuNNTk&u@yr(^tL-P0CXPgp}q>074E?4rva%Yo4bnGpo)>7BT`cf{@wqvkvpsQr&@`
zpH)#tdrWTEW}iBQiytF@o_PJlzM+`OgyQ<%yFp!?iygL$B9#4GPnrRqF}BW?WIE+6
zq|{(EQY!1i**Pa=5L6*ma!ou{Fy`10N;;9ydjZe>e>JrPey7|;sCTv+PWULF7*6;h
ziUr4J_nOSRY!~{|IuRgZsF2HCCElW{;LywPw^&t(q4(D9E_E76A6_qJs85BRC#{9j
zcCwp+U0$yYD4=Z{|K%j8hM#r(vKMlMJSK%&<!udFxnh5=YBik<eL{n?P97P32w3v|
z1_R0;H{zEUVcU7x%WUYTYao;(FzKZXlz&nn`7SkaP62F`Y-<7Ey@ff!oM*VNUxZ6v
zb7<ktC`LK5xwUnDF_tO7WlJPf6Z$!(io4=ex7-}{TILV8l`leXJ^;uSUHJ|r`pC}v
zd!{%k#`k*xx#;L&vV?mEOd<YxhdzUV3Bbrzz6l#j2)yDrR}sBipIp5`0ja$NO#E+S
z2^dTY6DIpiCb5SZNU=zcBzXhFNnvl$vFn!5v5-FBq!IiS{&06%i%0hp%r!;R&xBiH
z>~@s;TB$+fq@`@h8F2A#mC417>J~=#kAuNW@VP2x#0m18teR@jjYK_tF3mo9K!&5*
zM3OOvArTYh^9C0oa_j%BHN(8%1L#iaXR`Gj%zW~aSk(O7N57Pa#_#6MOVn*PO=>U6
zW85t>FFjt|y06Pe8Y{0!I0l^~$9?XMQ5Ygyt6`qIA3J+rArXJiOn4wV3+Ud|a1#B?
zT39Vq(R|c}!i~g8XmCQHlax{J1vq$*o>*t=vYE0++>gOmeTiHq0_71*OMsaRola#c
z81s8}qz2gKp1zBg2t@H!xZCy3*L%2Mh7<pbF^J@FND5gfJn!mGCZ;~Py4W{%nsX}$
zRzqa~S80Mic~6pZYB(Jta_b)M@5JAmduN_wZ%|hN&(Q;-v`2~G-9kH~J7+saD`HP8
ztsZvdv@EQwr~zc_{bCC(a-cgDE9x;3xE{?4UWL8lCTco@dz#l8*quE&z>)h(Ef+o%
z?o-a?Tg?@<){VU>WA{v+6t>CS<UnvMDU^FL!1|4Cj~GE30OT6GHzvUd8PF<9RV+Ry
z{=oc*q`{hm0Je%Ad1VnFg5*uWsPErRB1qWD@GQ<ULjT2GC4;z{yHG9|VT3WxRS1IJ
z)$d)Z-Lc4iX)LsfkB1iwJ-fTJazVLAMRvj~`NJ_64svM}cM#qvvARghuZTvMoqoVp
zCp@(`riPe-Dh95!=7%gOQ#2rWm$4guaQ>LD^6Xd8H&B1o2_hGm>V2qpyc$lJuPhUO
z*ddYyON<KZCj+(cL*UQw=^-R9&6y>exjGMF_4-Y99!Oo)qsO@1R^fa_UARzc%PY;D
zk5wx!EXjU4jtxh4=l+KP!OX4Kb-3Rv!aB&0ngB))00hsVP<#ki^PLeV*%0$HZh92L
zDjCv_p0$>*JAEJ+=tBSN<5jJI@o(57X2_qQ)?f9>79t28IJVs_^`Musa8(QLcjf84
z!ff^ubo{JeT-frs{pK^o@BPVm2jKS3`Or7-c?kWtL!k*zEeDXzu=C|NcT6^J1tu^I
zLvSiH9Hyy6TWO@c$EEm$bTm8WV4ub>@;`qUT^eZ+{k4A^Zic8yY*RWz9(%D=;AjYU
z?o8|jrOEu*=HC6Laq;?7Jd6i~JIb>Y(;Nk(ni`w4c}J}GiLWEUyX?m=U5>AB;eU@@
zAV`#kAV?knmHo}FI3KtP7n<^}a6lb;hcHxLgJry!<Spxa*$X>@cmLX-KqA3-?SBhD
zLv+BS2OH2VA4%L1Tn9~VkWhC(WS}yMi2W20vq4XUvR>2mCK!*0$c1W1yk=2qFxHPz
zb+Zy~W(<MrD(K^H1rLfeaDm8=yW!?3zLu~^0aN@{Xfe3PH+@w!N=z(Tho>aY$s{fX
z9SFGowV#Tl4;nw{e~9cWy^oO(*^0l%^Td!pqB-!=&UC52CWRU1X2+z@pEL;nMBtQp
zraFT0#OOL7meYD@<mI<W&7kZ*l!L=PMCi|1F()=ibKV78$Ut^j+8<8>=BFyP^LqMM
z(Ab0+-k#auZ+(To;nA+F63X%Y?RflpF@TCGOF|cq!6psQxn`N=uS$?tYBBTkymYKa
zLZIODj$rbDz1Y8%YsD|De2-5~2Lh9DPdLoO?kxj|c~S32r%K;y@b@=v#0CALXiZ^v
zlkvo7!1mQeGSV>w#II9y(}dbASwiK1+J)F`42jo<rm(~0q_*nj*eU(dGn2DXYH>Yu
zC0u*>)2(wQ2pten@;|)H3kHX2ga;aF2UtY1Wigk%)7@XbopN?`Djw+39YY)|%A}4h
z`(!#71nq{33i$NAYow*{@~+`6@Oc5_H##)Kn<|xVJ7D(Zb0{d~v6;FlmIP_w?8;Cm
zjDfCK!E6n$CX>((sG<F9R2&x@cji;rj^=~*LpfQCUsFi)Id^*csO-vP(OMfG$F1pM
ztqWe!>+Q(g!D0wrv>;L7+XbZt&ViHBU`M{_W2JIoLoo%Q5YB#ID>1|J^vg!zjVAwL
zbgAI54f08o97_0^m9fTQ{spzc=0wMDhj^+6bfuhW+4lLdIxkR;XoRB>e!Lpq!n>Eu
z@Er$ZtTpC2RXEhd3IaFWc*j4%n8G|uU-myE%n;StiQd9+GD5AEn&4}UtXQBtL;|OK
zKPEd<%MFag4_F-vebCG&k{>oo&7W|0VplSn@JL_M{s=WwiB6R_fCHxX<pDZ#R1YQI
zgOR$+2dj9`%=c?AvDqJhyRgfm?D9$Q2h+TyL7dDn(^x%Ey7(5Mz8VN6&6a%rmX3Ds
z6vGD&x%OYrE}(^hpsooc%&amOFxM=7ZvTMbwn6bzkKO%q_hrQ4tXB%jc`YsM2#*Qk
z6Rc$a$ICNvBnT8)oEn=ny=&&!)o{-}og2Cf7@a>`i+}Sl=;hV?j+j`eJa67ckY96g
zLv%&JYuPpcJ~;I$GE&D;9`$@Hwm<4thQG|Ebg2^v1l<Q?dH>^w4{@aHZZ)^hl)r*{
zowIhOsxju4NOU!Pu~-P5<WXg@pHy?nR|<gazfi|5(K^Qv{uYO_$G0|5AH2hE@Pd!K
zx@?Cox8JSRfOLK(2IWKB9wrwebnET&mL1EE3}l-wAgWaPJNvGa*DpxF!Ds~-am5KY
zK1Ttmr=%i3PF<$H{59bMvA-c8jzNw+I!Hub1&OV_?*Z>G3SVq^S4gfVRb(%cd+tlm
z%VQ(YYJN1xSjl2TX}ri@5*X?~{oL7#I_o?7V%zNX#S-2-P0?%4L91lqlXnWTN%bHB
zI*dc1N8`E(kObyr0tm{S5cT?`LBcqoy%`*8O3@D~Hk1T^zfB*Wu!|cy1K|FMkg+=%
zo<IeN`ZsnW0x+H-d<Y(8kLl(p=15VU`8^SQTS1~&<imnl7SZyO;)o>$fQ_j0fp6}!
zJ^pXt=Y=1zMk8pDgk7ex`n0OdZ$Jji-VYAM8M9nv8K2pwh&)pL;M!FJIbi+Iu~C3n
zrgAe{4z!4Lh-0=E)iDEraneUyS|>`XB&9BNRbg1tcgTR&gYS}Hs}+6oeY`tK1S~HE
zp$r$P^N*Ig`J)uiuS)iYLCrG=vNzN&e>^PZw0TK8Lu%5m>6OE&Ko0D*JaeR1NSF5*
z1P+&2X;;Dz^KCPk>%GW-jTL~i@G*t0%(485g6s{YOCbU<ohg#8<fbV;3y?nMv1{=>
z^6jF^x)9ljFF06;1a$W`D5^WR?k(dB!3GCDcwUQCO%;)BWdO|R$uQK~W*9rn8a(_q
zWNCZ@2?I3#H(E{zVbExWe~mVrnM71~Uoe55Ab<ehP1nwut!zmW{1d5531OP%yE`y@
zyuf273oalI^vSQ>mr0KS4(M)4iB1-S?^JGhVx>rnz86#@>e1r9n39Y6Y-YI}!qBk*
z#D6nrg5Sw9gx|vgRQA|L3uZ<FO(FGLjyp%XSD0sYx!A+^ap~1O(mol9R8FagrbdOj
zx;U_pJ*<CRA6(=C^`RZMHxWZIl~MNP`BrYaw26IbnC6;Q98w6J?_@sdk}&mb;QU>*
zE*iYvMw8ruMuoRb#Mk5=er{pScBkiv=gB|_O+2pKPD_)rs$@?sYf^#U<CQh9gr_@M
zzVJ0?W9nkj#&kuX4b<;Ys|%?5;n<imD7}C3!DALl?mBvbf$>d$4J4W!G^X9OxO{;)
zp|Q;@Lthi--=?dkytO3PlC(hk<#=1V476WVZ=QN;$R(6sAPBBcfqN~)t4k^`E7^)2
zH9^?*^6nmWO?o0-OFDXrqsKGhhr5C_9U+m2)vu)cM11*xzIQ7_P{fZ$48J9DLmE-_
z4bUHhh9mtp&pc@xwPX{T?ouQ;ma0TOJ%nsjTt0N(bDpb@73*(*Kq(6&$u%4!P=CJc
zBUAz9u_IjOtWFO!k$%1c4Ct3;8m6*uUFueC2?c8ww2tfRiR^5gRt{$l1lGgW?+?D-
zqZVit@-?r&2R8o}O1oF@RO2^*YYf`5WXc5q9pwKrD0*QijL~Uumtv7^I1|zSXj@C)
zT>gK?w|!^&H`~#4kmB+JUg!O?<VIFRGlP{p5FH|l7SdTvp;8xOHB^eg1RVKbsKp0m
zjY>$0glItIw7=37>scQ{{K#m*LpaQ%L!l3;#N5UK6*KB=h>-Nf6rp&i*ui$hWgqS3
zA^)1PVeDYylibkag|{?sQ;tzA2<adY`Aw%?f0S|n4|7iOKfLfKRd(_C>a^(yoFE~3
z^22c~lG3*Thfh}gv|FU#<N;vbIbU?w3}r%y{7w({*&$Q(@kD{nioCh8v#6%fxA2`U
zHdP`NmdpzKKccQODyyz((;?l`DIhJ~-O}A1(%r(Lq@=q;x=XrSTDql??vS|QyC3~t
z{Rb@8S+i$m&%UPTROTTa$U1U-)P)9k(EswicF`XitOw9wzBBG21uEg`P}dnMVgte-
zKe82jxPyMwJ#gB=j*X+<Jm-4-9J1FS^x!CeJPqo+$SR1S5O&GgZ5qIOf=S>4u_W5K
z{q!}d-%iu1O<AdAy*P6(#CkS;HTr{dOUAPL*^i!NSE%hoXf=6I1pAP(#mEXk|062!
z9}=<Ql~tg`OSkz;brzSHa)B}P<YERi@{BawvWNv4To<$E@F3d1Aj9MUGAzFHU6^Qt
zl+JRBcpei&(@5^&5yCSs(TvJBp<8DcUa^9;s>H5J_nKU<CZQ5$(6Q>mH&g0x)8y`n
z^z%fw-ly}gqS34c+<Kxn&w-Cmo0z|?aVuKrdle!k833`Fs?rq0{O}zCZkl(lq}6yt
zBMyV2?h=);DgsrEctqcuzr<{HLh6Bu(E}6HI+?<h$3(=?b&b~cbE)`#NHNE_(99#X
z;V5YHt<Tr#6Vgo9ydN)tz|*@wu>S#mNKS=_O$Kp{O2LzGUZf&h+qi(l*b3;q6lbqM
z4UE*3pOJLhzeS5q`-cwzxKx>k!BjBrt<~CkpVq$7E4c7re_PTy><w}f_-4<SJ|BhI
z+t;;Fqkfh?0i?BGEvkqYGii;GQvcDDLdVp8aQ!6)i%imG^M(YnB4v-~^k9WF6339u
zOaZ2fqzDi_cHx-%PgNN>{AIv~N~Yu%;r;y=s_T{XlVhiOIlH>karuyXDm5<V)Ulj5
zf4)BKm<;}U0tSN&)pP}-*H|x^hC(?s$Ij?hSfN)eUTONL2I=7iY)hHHCVtUu$^Xsp
zkJLAL%Wbx-bzG^#Knc<#PV7~BeAgmutaohDnNx$|+T9}Xy4!uV$UwlV-LM4jv(Ui(
zUdyl(k`UvwpO5Bq27yLda!w<>He|#Sja~pI?F0IwTuBeL0g?MhA<BG}rU*igt75g^
zubq_|I6GAWp26bAz@x#>HnCkG{~C{ol_ES{T?V_38U+wD(3DA_9HqopDE-HHW%xwd
z+rdPz!(*&wDEp}u{k^!a&tjj<S)9BF=vK_`vZJk$)E{rf<0bY%rbQ`=f9wld&jHoi
z&g-(3&)lV=YvZuY4+(UCY$Sz3nHhI!JVt?RJdE~ud1iRUcoJR)HpG|`C~*Oh$o?dv
z)b?J@g1hve-)%q?OSeRr0QMk)@qA^#9z+1%oaW_MP9AA{-J@D+t^I{+kJz+&g9cqw
zsbA@Kq(klXyPBMBbDfVYe0CkAqin}*t!zo1uJ3tEEgO#JF@^DeogR+8FLIQf>^Lq+
z6>w`)Z%DTP`lfFRz`d;R<J@Nh>R^Arq|XDx$;dRitbw-S1aIF&dX!W6tM0h<zmiVZ
z{V9(eo@l1jjAz4|Y5UJPdqMq{d>l25TPD!k)oF(0MXpooKyy^-KHGNnbanRf`S9AD
zTT<)??V$<~`RBD}8hDqEJoJGTD&NW_1?M#+I-rPwtBrX<>!c{pMwI{W(<!Jd>Bmv;
z2*95%>_kU#GX@gBsbQ#|p(c!NOE>aR!wMv$tymS+&%n-;r-0loku3zH*JR6NijPmc
zKC-kDhnjMz6*D8-f@%r=_}-{P)~rP3!w41B^rFffUITT=B$2GBo4~$7k2w8`qy<KG
z0b$RCV+Gt_)6KxuZC%GTXbrv(qxYg5v!4c?kF?vCM}UZisvfe3)j)6WdqwT>A0W`}
z<6ZuZ<^p-A%<wH~zd^$<egXLXM$+i+SdVDI^C!gDf7~oI8Y9+B|6v3u>WIMf1qySk
zSF0a@WQ~f5vfxtqtZ&X~jq0aNWLcXq$ba!yvx9KA8MgPu$EK&{6}#I5k@**`^3dQF
z&joYiJSHwD;kzL_;ll^xPdL8WXbAQ0j4$1!8r*fFe)hlmMo6{)TvmNYvp0QlNs+=D
zTm03g_;2L)M7o<l%raD2nHB+XQKhlQu`tpdH^@>Ne{X9)6SUczeCf}ci@U9Aw6nVf
z`Xxs(?g1R{E9zvrh*UguIr3CRDWko@Nv4Q<kZH8P8RVgn1F?S;sj62b85v%i70S%Y
zj6obrwrH%7M6`~{$d1iin`qDtoyux(P2G%*$P6rQ;7?v3OA|#nIWmyZV3Y34+YxnU
zQER5=h*rN1y4}R9)#(R+eah&D?=fkXc}#{~#)|4#Gg040@ks`WiG98k`VK!$;r$kJ
zI=Yl$#SSZZKxc65)cf;b9JkDOB%_h)@&tA45#`+S;usdESmOB6o&T;ofC#_;Ub6dj
zP7=tPhkg#vvq9CcVs6jRf*aGziPv4<j{NY_>yBQHG1ZspY&C>RCY1x5PgyX)crzhg
zB%tr1LVT~J=R<NMXL8#D4ZiK050+4Z9cq_3p*XgDwC{UgAs&<O6Z@uCjGuNgt<Luc
z;2+wb59JFn|3S)@TR?kclHLTBXIg873ddV4Icy~dW-HNTDXZ@EFAC<w&e<H_=1C_;
z{}Nowb_L0tfOY+;n61<T(NZNvb)uk(nLPaE%wm+NiHx6BewYlrSBf+X>g!FOjVdv+
zWbKI0H=}v0K__M@ivoKH4%5@g{@gWij(H{$>{0{xl{+lkTF%Gl1@Z|v+Jn6;5%>;y
zA&iqQ^Wcr)SaDa}j&@^D;6P^@#@~xE#%*Nc4AphcK{>@>E=h-hWG=b&ptxqyWWA#i
zqkHq<Cj@znMc$(<T&sDCMFKtBX*QxAc;IbQ!sBcE{X_wrW<N#nC>DD29}j>xh8|mq
za?z@+JR-w8qMYrOI=DMd5NU;`$#@cdUuZFndnHEM?w<9*|MBlNo`8IlfMxrsnlIeq
zt%u5iHm!$B#e{XDzeFkw!$zHb+ku5iL(ms$>NQs`AHB8mvvhxf;O!1z>7%Y)ThtF-
zFAtx)UC?oc4e0?eT0n0)bnndABDC-a<PB}=y^nTb<mqW(r}z-Wom_!<1(6;4mOgl+
zV$bS_8pV$C#*fZXr>cKJA0n;|9cR|L@SN>1i_-d!vo{61v`^d3v8Ktv4=%oI$Dwm1
z%Wgei_P(vxOHS-`@I>-)v#n#Tnbgs;zXncQiNo0#X5}~Nd0K?}{{(>EZ=t`B7GvOn
ztSwN+4YA7Q*AiB#r$eu>E{l9)M>)$D+hlbjIqpnk^3PtrM<q+n3{<dxZ-SF#9pFm3
z2HkXI5WM~|FzXZJcYU_zq&9nB|ETjUZ)e}uHlJ#^d~dns2F~@bKnwCYHpg2va!Vwf
zwVMXtB36Oh%vsKNZc45bJvfO?Cuv{N*gUZwN%(Gl(3DrHb)7buRDx@(;7hmXXf<Bx
z<K201(1m<d<n6i1CpZ*^cilp^#6u<AW_9Y_blvwnY&;*%Fp)}9in*pFT&Y5{Ms}8k
zXkT(&SBTr`tKgUJ0J6<RHGxHOX1$&ec{HdV`b@R9yk8+%>qI+T@;`=!Y^Uw_<ETHx
z<fQO@*nEwCL)?u1_30hi@9Pf7xOJ#G$B_u|L-Gv6e5|RM=QQHG=y#uoB7Mox_gI|2
z>^h>Ne~68H?#Oo#B5_#8;Xp(UFIN6O>osWB<1%O?y*!zcMFNQk1SMilIH4l`)$lKS
z{$e9<?ZcweHL0(?M9@~1uOwh_QXf2vW|GiHlj^%-;tVx2`bbB90)}?!r#WqC4|h3*
z51fKWZ~N@lw^(3fP~y;>+c=WC-8_#P>9|j+xn~@)3oKOVggvN34*lH@7r_`qL+>c;
z0ipaAA@Eu%Ej$`kR=T~Xh30Uk4c+0XhvxSY2MM>V2^~%~A4A0o`y!vcKL)c<L<5o@
z?cKwrnPkOk($Z8Fj0G5pRhX4#5{uY!A!#2DsnA%dD7~W-!0jymp9I8YhTBn7Ko@2X
z!&`t<W#0Ga(?eeXQG5~%G*tl)a@hfTMtUhT4b@5PjINLr3Q4Ym*87p`9efRlClVJh
zj$Zg_gGe(xPx0ty+fwH`C)iuyOBTfg9&(}lS*$>)^@e`>Pv*Bb=K3qdI|O4Y<pERf
zHOe*FZi>DU?>KZ4lzP4LMI#Pc6vQhBO%+XU@7r=tE!Mo?*l(tO>@SZuM5_a*u|a*N
zvxXa@-!4LjeuFncXGc$lq0QP%|Dkji8`VV?bSF6TGx7ciZd+{%39M1s!CGNl8YfTW
zzcQm3gdiD3Y(9X+*ygo3h9!2CLf&ef&g2fg52&@vF?<-dh0mO*5aQD-x1_&qYZJgX
zNM~#x7HqXvfCc<jojvp3bDi;}I!Er&w9RcBcbvsM%Umqx;I9f0!wH_UrS}xUu-bPk
za~z7b7?}VXC?}Iov{_5%z{Yfp)bOqnlz0$yBP%kSYGi<zpgwtmzqxwWSJAX4gt&15
zB5|?5@%&I!;jfv(IR+cwkABtTxpto@ZSk@JS7!li3C^uTc9wMbJ#YqRNs_k3k1iwA
zCiFmPf(X}n?kU-B8-50<JM)K$OzJ~JV+~^J{7(uQ;EbE~ub2tZ8O!Jt>&6S5!%0#0
zw1RG>nI97*2#FazCkLn1@aoYaO}S!YJ(+CJEcAH}#lNP$ZCgj2F3ES<Z^PY2({RiJ
zZ4urMp)7m}`>vF7+KS(t%HS}$ENbDEB()$kO><Xnga)p_TVhHcL#yWv9e~cPH32c0
z3=l;O4Zq-6E_<~B)gcKzhYJ39)~S&O{96gN&y!sBC#PPj<+qLcbET8V+5>vrO&me$
zpMbI$;h4&u#$;V2yycz=2sZ-G7==>6F);RlbBj;p8G`(GNm3|R{~WVUj~C`+=$cf^
zQcthE+hQrFJ6}<@gAYf&!AZ`NQ}k#e;w-d`{ZivghM%kAprfY~L)KlhY(lJ*)A%J-
z`0JSTi11(<hSGAX66l*zWW-hO_OQR%tpFbg<~{5^DfrVP?g2c&wVSwE=F4R8;xqOt
zSFKLQG3;dhi<=3}{F(rA5Se(`ji1iLo#cHp)Ivr>ylK>oDvuH2yPJ1*F04g{h$MlU
z=j4KX2JF$hq!vZTwGsZH<YWQC+)x(~->It<d3zbR)eJqdrnk|p)_Ywm2TN*Oy6oi=
zH|AV)M50@gOqMR7?&zH1pbu1(11DJJ9@Fb@8v7oKx)_9v6&}IeE(0oMMt%)CkpFEF
zLL|UOkI^>g%X;78b3k~{LS{pj_I3!zfE!JEmiDvXnk?5uLUiHPBRbUd>-j))9tV8I
zqeL8$Z`%5J#>zBw-V~)~&Y3h4|I^5ABW+~Bb2<<L@4!f=K^SHftd#f+rAG?kNAh-*
zZ4sbdH2-RkE?0Oqcy_NnMw0qd>)Pz_3(t!;*egz!7pWEU1F2c9ui!f9FO1!N2;^^r
zgmA8R<|C1ecS{uq1dd7D(JfC7pHbCk30Jq)M{-`cek8M<M!m4-H%o!$zE2r#P7Vuw
z`45k<9V=@ZzVe~Am$@4H(M$TcZA`Pov|Q_;NJ#CD>>Nm(?fQ+dGxA_d&*z@%4R)VP
z2)EBrG&)x@(RPXv6(kV=t8nn;e+7RsVT4Mput`?Ys7?!zE&o}(evE|!D{^E{qu{xo
z=Y_I&;jq_F%N2HM0u2qnsO?tqsck!W3bziTt675xap)vBMPt5Z^Ges}Zv~Cl&z&gP
zJlVVpJT*i&jQtgm&^{}5nZ;-Nfc7A|{@<?y>QoK^KtemL!X+-u@QS!PQLsdB8B6d<
zL%TV}I0f#my4nQ`qqs&Jab!aKU#q;e0XeLzG)8~2ag@9EpD8ffYGt-~Gg74p>FlC+
zNFd;BxK*f)_+k1?B`T*aW7|1;+vs4qD)LC8D5L&x0HpWfE8w9QKRqL*WxI|#4@^BA
ztlH=VC>*<Cn6J|Y%nZ#AMNd|}0-j#~7eVYah8l`NA`)Ukc;c2`W<gd94vQBaH;3YG
zAPA3Dw;Gg4g2AL8QQ!FW?yvI^91iKHr(|`$&m!_w_!D9)^eKyoepBEl(xK@GC(q~l
zRp{OqkhQNKoC*ePo+t3&)Sa)L`=f$Hy;&&;VwXE>7So_hEIrwqXJ{jKS3|H0HO9OB
zyK8YAl!+#he33mVQ1X~C{NcaW4mWzIoAP<l!_cZA?EvGQC7rU#4w`39XXfnLYlvrt
z<IPfwtwcEMyLTqkIl7Ny1ll%>*>fvN>5f%;qb))tLTH*)c>vvqK_^TNyTNH%yvSmd
zbAIi<^hOQJ*k)P!(><?Ondy@MQ~3mG*4(1c<)v0-uypaBqBA>g)BN2xymj72XXYIT
z^J^W5u%LjBtEime>5{dvLo`m?Sr5;AO~VC~%ds;rlDyG7p5**EtpKc^S(Gg#glA#!
z%-5DA;G^k)E>sVmd(;oJwXfZXn}KA(^|Uy2n9|8qB2`6HA|nyhn-yWYRUrhBXt6Fh
zunGwIf7LbkHG1#BTrkTV6b?B*r14=Z^AR|-^wTi<>VC%md2M}GX#-@WQ+M#N)IB&G
zx)7^S9vDiHW~;H+9DLatoS4TV5-agxraB$9Squ*KM#UpC6d5SO`|Z|~Z-0_ILvqg@
z=l=4kP)|To@9Z_hv8`s3fI3;@O%MT_u=c_>*^b-Lt5-x=Ob99MG?26axaSCy9WK?;
ziGy0MK^PWAQ7*L=H8l~#$0V<vq*vM0-!ysPz`X*WqW$ALqf1Gj3$4mymEz6V{wql7
z{GP`<KIRuMt)3rOR^bxNQR(0zcirsbag3qrN6qf(H|<|OH`(lNIOqfO3Emw`31{!I
z#yZ`O9C(xNjR1IDPZ|)wKExu+LHH5-g~jK-`e6HbZN{-ddi>eH{CTE*VSVq7lJvT7
zCr_4IIUkNpHrEaOe)0pT^ZA?vzhkq8?M9$itXAkK(%sT8kto$n#OV8rM1f*}*eooh
zGQ4v9C^f1Uy;r~Im~OJAdQW^iqftFgiu7|5RA`Cv|ChJ|(^T20WQSYUVd>TZ5yjc)
z9Bym010z)9MI`hn5Q5Fa?&Wb7c~H4<W^yHq6^EU-0b12<X!Xo|94s^NWZAo)G<z8w
zp;I^5RgTmteUU}65`g9UEMEE<4OmS!wSBbUvYxH=LVu-O+vq*N9g7zHXQ#)k5J&qn
z!L{+{>a+)79j)FFKHv$CTVifvqh0Ie*70K9oa3=V5WBW|4k?x_xNmtjGzOj=&>;LR
z<86_xLx9H{>zxng%~SeScu6`|$<K*SQp4<q`?9<@3gvh(mDxigN}6=o7FMqY=$t3Y
zSY)-ovwI;4;XtLuY<&e!9{>O5uHatCO29x*zFd`2DerrNMsXD(ba2QTpOC?Pwe@z*
zSS&RWYT<*3QIi)x@?_p&4+aqi8@$>0cVuaMdG=c=Lx=0zyK)^>YoK<wb6i=^WemAP
zp{tzaVl5Npsnscwh+>V}WCG8FElaq1KGgY)Orad@!hz1D2i65g=hT{G!q-@H71+du
z?=BT$A+ZNRI{uEGgse0{bQ5oC>~lBAJpzYP)L0omi@ew52ravZ;<ttEM}kVg(?b@l
z4=3|^Ehwy2HHsY%nef!(TWSZPEW7_F*J&yu)Ys=*)^M5D0k1-{k-__omlA@+4fYUT
zJXhz?2H9ayaHiv|ssX~inH!S<cV^DhtU-(;=)Ugf?y+<K<EV*Dde<z0HZPWAigqcX
z9hl`uZjl^u*Eu%-N<N><JMC&x!OD5+Zu!SX>)m-XB8;I&q2vC+Z870qLIvjpfQ7yN
zK4|r~#Y1s$fOIzGIFb;}_S*(x99{$-3_xAmCvy$}-Z5}Tb7Q!Iag%=<@lb7OxiP*4
zUjO+l@ci_JHnMNmbQm(FNwg@bLOam{e7TiCl{0~#_)DA-=TIrl2ysG3{~nk2)zt<}
zO5fyygmK-cQRQE6h#e)2FI%f;lom;8r;zs6Z7rUCq%&r3yfQiYl<%(gEwzeQPdILX
zwZ*Ijt0}P|o{{ki9S>@kq*t>(wCefWU%aSYi&vGz%(lf|`1%}NL0#VN`7bAuIhkMk
zx=0jAJDLn8h}WG$e^hRtdJB#v=_2u|ao<xS2Ql5>^#oRRerMj_`tPY{-jCNbjKh@$
z4FvmrMJ+nG^_bOL#aWLg?e+SYAsr3;(kLcRk?5Uf7|)Hi87tFs)WDX>?02G^9%*?7
zZ#M1c`rAJi?yyPLssBDXfl=vVJcfa$nqKi|%cIL8Xwh*F`Ln>twpz2|N`*lIMJ7pj
zR`M-b<!Grz_^QD0a`315D&E%a*rfxA$#To3^BD!vl=KObh}9@>OX<d3W>UA1R6p-1
z{PQ1&b#=S}{o}`%TC2W>zI!6vt#+a(N&1IPlSOS})tOz2o#@+IM``@JhWmsz$~!+~
zJ8P4hAG&Ox{n}H=86gRP!8j)+@d-MmMq^7eiE!ZmTgl=$2*l@Y!oks3y1EC9mmN35
zfn#NUj}=JAyNC1Jhp=1J-U}c8i2Vv)mhkyd$n-f4RA;yGQOc71^#`{Li}|79YHOu;
zj|vq7Me_@44|E)6dKvo8Tk=^}JVx4DQI5dM;!^w4lLk4UDayBL$eZQmXo(KfJakjW
z+R{m|6eH<&$ka9`I3dp6JPbBBH$~pXc2A2@tfAd9ZxO88RK4q!C$JXlT)OVt+DL&Q
zpk+>({&ekj7|))lMIfQ(2+5a{%llQYY-e0X^TSI4+uo334-UA#1D|5Fyg6J9H&nZu
z+ksN!jXW?oO@*yIb=hj4wWMa(H(?Z=J^DY#bZlFMrR!D?ZV3u!3^ZXLyRde;(}9RV
z_u**Vv;Oi`Pr1H_Pt@vbtf31-3$#7@`C_L*lfaeT{R70-gp$z?Ma7N()M;VY!OI(J
zb(9X&uiRykVc&OsBiB)<?(x&q_Byp65O<E87Vqtg3}qNLEdkV=sLk~1ORU&PLakJW
zzCGayPzSvKUw_}=9<-^Uk6fT_0Bhs=JH*RYUA_VWd%`1z!xIf*-~6DZamUFEdpU}k
zdOH8@?Ww(u+d~h?U+W~8{SG^}O;F;Bz4QaiB&CjXzM-%ULC=$Cp?(0c7m3Bogxs5|
zP+ZC5gTq=RJZbnnhls$gebVqZ`CQBGyZ1<ZA&C{FO?6VrLM6CTeV-R32(P~li1VI#
zkJq>EDH-u0V-6;iSnw!P(U)<5E8|v-Rlx--)K`%hz5nkB3+EgrTh{a00TUm==_kds
ze^hbcRyC6Z4407|2Cd$f+wHaQLMY7VSz&&TE*6v;%g!>4wv0Ge?r@2n;7Yl)kZ;Mj
z^JRM1qM<x)<~)mEM<%pzu%>TgbQUYHlwr#6l4#c6W6jZ-qks<2^|_zxx(4CCsdqc$
z&KRTpzXIyPrq0c)gl(x|9G$Qr{Fd~@0tw=JvIIl`n;1=duCb<oIln?>CP9M&8voh|
z?r%47aI!19PL)8aNTcv4+^!(}9k;{LJKC3u1!t3ENY>gD1t}tA*8ns+!7;ySH{8<!
ziLbrBky|0H79U-&)4cDmu@R}VL({n*<S)RBKM?lQU@s{LDFg4)V1E-O8QcVL&!1Nl
zUF7~Gq>eZ3R~;rRr5pZ|`{DIZiQGLuepBt_t1vF()K+?}<&Z36M1ghxKMk@}4CX;K
zt|#|!;0wxdpXESS{pgii<`ulR)hQtVL175%Jbe6MPE?{>zRLiqG{NJL@vJFS@EvGk
z_9Lm>4C<WgwmfW-kVXt1Q1pIZ8~QRxm~CpG-ZvlKd$C)#b80)H53W}u`QB4c3$zH-
zJX+p<h0DgrHH+aJIQ``>`hs=P?qY`xYm5$4f!IvY2t#2`K@Ve7*IF7>vn8M1x()pb
zwEY)8e*6Z1v8l741C~6R-*+LewUbunBo8M+h&Q(6gg}&bpl`6=HONuKw|s2BFlftd
zt(2X=V4C1bVgKaG>7x8ue%=zl!M)sAdrj5aGl2`9uteG<Yw(QoM-TqQop2S28kyD&
zR@<nD1$Ed4m&=H1V;!f!wB;LD%NTVh3pA6JeM$?voFPAT53bg-O%2#d?^w~VX>QT$
zVu4l}8o-VPbx6y#ac*g79R2&0$^psS-Jplw2*W|rZ&*}PY@f|QM-xI=AjIzG3$57P
z5K42Cw)qdMt%@F0@BrUjCC4>P_|bk|2;RqlT9LfFJh<P24Y_IJpFOXBjr~Q6kb2r{
z;WPU-Yq>GDRzYN_*SAZGS6WJ6Go>VYO_6y4u^7&czpVPs3@7rkoR4CLr1t%eZ&}#j
z?tqL_-g5B6R_|;1g=g=%8awfdp46#^FZQ%>?6OCJlDY@Ai6IOHS@ToZtjmMc>O^w=
zH&Po;UDDiQXzyYH0{%=dQj_lgDqS78>Ce@fu_tq+qkX-G&Gkie=8!Mn0Fqv#m$E3N
zURi2skzUD2mL_H^HEi*@o`QdJAKTKHsOL}T*8Dlv0bx{NUzIIhX(0`hr^6S#Yi~yU
z``T0erx{D($Ga&6qe)p?8=Rcjxewnyvdh(0ZAZ_<Y`49>k82f~jmZ;QkN&SrK~ZQq
zgxK$Ed|!;|u+xXya6l)nfaARi<fs6TrPmMHWC`sto9tqots(TG;lEI!KL$FJzny@l
zSSR;sKRiKo0c63#vkRWw-J3-~c{`Il)2BMAq=0WZkt(fePvZ0I@nat-aqpKF^B~9w
z`Q7p_pUVkH%7?zm-{6L0>!tR*zQbITh-~9$8G!4A0~Zf#m%+khHZD$FR_ixjPK|9$
zJXpzxx^d3-7kTyvKt2%}pa_A1r&BkUUr|+?r?<%ola+^!LTqzm++<^<WQJDCl{p9&
zH7wN}0!M1B0mSClV5MQb@neCoUAI({bdK$XB)%-e9Cl{><XEJer^&mav<<+MELRp(
zGaE)gRN?;l-uL(yh08wL!xs?v<=~P9eHLEl3RB^pBg9mzw)ND(aT<(ZNsfd!o`~R$
z(jvjDEeYgKkU5S9|HtRQ;Ui^h;hPXm)ebczwZzK;@6w~aTfThoBJp2%Dei8K&<ri_
zT5fG7jw!GZv#O7PEmUp>g6mID(f64B`8718*@_%Tt3L?`EkDN91O*Mv{`4e2{*^HF
zJ7tW*_fGJAPu_a0zuyYGjQJoI?yTK_=a;b@c#(-fsu5j`Pi`2LokMwsf2%t#KoAco
z)ggYRxU}m&qFu9YAomL=_PS--mrD3#FUgOtK!vqQERJthsm)T1p<w#Eu@u8oCRF8`
z?Jq;Ji4UvY%ynrX^<zszqtRWfw&kVT@ixQfhh2JSS=#<^gG196BU7LN?{^4+^Le2_
z4fs3-jd~RVGnUa{HDRt^PhkbKtxTbfBL$nFO~R368%QO*$IU(Vk6D1S8N^kHW?ws)
zTi6%DUZqE!*Kc|ixvjfi)gEc$XY?7pRk^=EJ*`LOCH$6?XA{4&Lp14av#9*3Fay-6
zQT>T3^(A!;+*;6_!h29duJ4Z%qWXBs5xZ0qIOD~GSC0T~3{TA$<lI|!vEFuKTi&_r
zzJ9Ac#0omn4WjQ8cm`~(cH8`*f`h4udJ6?jKh6!1_DcM|uHxRGBTr7RN%*dc0sYs#
zJ?pU$Ku`s3FQ<)GIyTR?JVs66P#(d2NvRwGl{~|$6qXp#)8D{Z0t-6?&{y7L2#z8k
zdj*0SpVKgWqH^dI>@0`z^~jqJs*yuekrQnQpgowZQ7Tx%4p@sd<aqX>Bd)^IshE8~
z_qo%}2FcDgS`~ZcbJh<(0b`<~SIxwVOCU_*7JIdAZ?@*sMqNbcFOrM*->=gJ^J*uU
z%@nnwQv&7$Dt9kp3z?j973KEN%|}kN-{^X?PB~^KF9s{rCh*cf9`yet8|y9pFhh|Q
z1FR9rWVz4SDjae=NI&1t*??2<6vj9-X{Be#BpM(Yi$5OL9KEy!-sfLroPoYRW+2k+
z6L*wH+)lc>tz&2Dno(^%F41|8(ey~RY%U%wNHneN^7n-V_c$%}7R7dp_}WhH_<y=b
zWXy<bMmOh<S;3(UZGk28!&X3%nSQtfcQO9^5+_c-q0}#8s#I>`(`l)G`Q&w{R~#Hq
zZ9?7qXJ3y${@8)A=NEWI_Nd#0ADp*FR=!%YI2h&ks)EmFj96ELx67{Hu}U$kA{JYm
zTtQhCz~pzl7n}X#PwBm+N1iY<KX6FHdSvHhjX~gT!MIDKFUn{EF#L*a)OEtFKO+3q
z+wHU&W=g`GvpG*k`oZ`qu@BMq|64|t?S+j(HL(`|yVO@yHDEP8X27u>L*3kQwK!IZ
zoEm@()!zDX5F8)GkjNFyQwdsI3xfFa+M@A{oRzrV(zdAQs9n5evtgm;RTb}aiZCbA
z4g_fPvj@P(k*A+=aDHTy+NY=pKQnAfK+R4(9YrFTO@k6ZzO&(Y=1S#91ZQIbHTX%t
zoR`{AKm8lAx6}8uhwP2K1yWbZ-^#i_e!<}f&S$^>d4?asYpwQV;-+jKD<}XShv<Sk
zpiW!x?eeSe{4b}$*MCzYz03aZP^$rp$WmNEw;G6DRIBWd@7&fH)tr@jN;!+Vd_wS7
zjuqTYCr@wJ62kHB=(b8eP&9&+FNwV)K0f)GE}-kT)D)ef&HlEP3!L0aHg8hw5ON#C
z;;C(~(qWAW*_dXVb2nPdMAhubdNtTf+14BE7Oe=0N+kZYpV?-7fB<GCHK7~Sknn7;
z0=YbvLt5?i{3U))6aI`n#ml`Z=wV`CBbxL`r=P$RG+OdWe^c$Sn25tUR^?8?-{G<L
z;AnhDFkg5l8ihjLKk=hhry)e;5R2?rJD(*_O$_Mq=;whAEKwn5V_=S!p&lxiDa=Px
zV2pGvTR~xMF>n;*2L*iGsM!)SNYtzZ?mdgq@Sjj!BySLB>8BPxhHBcLSS|W(d2}*5
zv2kaWzkEzVd#H9THnv{K6N|iPvc+a7WhT>j&XRhrVf)?lV_Imph(TYu6P9E;Tq}sp
z>4rXwvh9RXN)8t*2Ft94Ju5;n!yASXN!Dv@`Tr&wC}s~&f?nilC2%j&X~w1(5V3q<
zlz)gk;1{cyV^~p>U)aduWQ=5NU1}TZ^X>|4$JraOrd{u7DlpE`f!{LBp;cqPM?Ue>
z!|xSnB_Wm|piDS~?|A3<jzrFcZV`l`GIZ1;p-2`*QL(@9C7KTj5A(T1(Uwu}b((Jr
z&-gtV(1_YdX4~Smw&KC7UGd7CI-O*)4Am&|j?RB2DEAz`WMFUdS=q$&%l2E7zD2pQ
z-X%)hQAdN!hro^6u^c?9-`dB3bfFajy@CO0i|3Wx;DlLE`&M+&+@O|!LX7&e|4^lE
zFPUr1BL&gozbLB~Cq!d@d4L_*!(DV1#S1Vve?E1TyjcDzvmXGxuO@w9(e=^eu{4L3
zSkXG0J7iO93xdxcG<BZQQ*K;q(l#U2coJjZwYksc1;2PHzN09Z|J&Dda1as9IDB91
zX3Rk`qpNj%@$592`+W{~!jNylos!5g8lk(zPJB_#nqpyAqSv#}1)$zob<2}vqWCbw
zE3;-R91K12F9v@Ixk03l!kxgV=iWfGE~o#~k>l8`6eFxz=&|A9)zWxn)=4GfDHGSa
zhHuEU#X0ZdeR}&RZLKw;vTaJ8{TF?YhIEFG8QoupmrHtKZFjP&>w6BxICC7xrPtej
z-(&eyHogL^H>DfzS>uE%BX9rfDOS2j_KH7okG-cq%}LV^CjpnacTZ`{hW3HeIjxNx
zbB$}u#9EGlyc7u5Rg#G0lbF=oqEI5l-GuWMZ|f)&X3FeiU9vG0l>SAJjquTDr{-Wd
zmU?%)w-A+77f?_YR@WH2%k#g&drtxC_)luz9^EPDCm+>2GJJJBLI)G!7KA2bIiwxh
zPPWI7+d4n2S9pi`M$Ul-+wDs`!yXy+Y!5#JTRCu#^G!K(4CUGf_#<m4iiUA<{LvDs
zTt4Imzf7lo1C}T}BGQp<J!f&JVHvVAB{haH@?C>C_KJ<eJj0(7YP0IE0W*}#??WwS
z{}9Wb|NH2wz4&2VCZ8Fs_eE8d?chSHo?icKi}&@BkM*lB`t_$=G<|;6MT6x(901Lf
zr}LF33C=!c!?JZe+r7y@*loe$<<<P%Q*CDXP~GZ$c^2jz4bX+-^B9bK<9CDd4YgkI
zl3%cK!w=xz7Izd!?{P{*NE1ga7aud8&0&rE7A9fLV4bF}{+b-kG85sS+Cs391?HEB
z8-XKcklk1aMOBa0C=lF<vNw;S5a-1zQ~!<YSW37Av<?ix*dgiEe$!#gol~Je5++XP
z8{Ot1-$)(*C-v4E3kh7L`9XCY7{EyvPa5QpK%?>xZ7)GnaI~gNztL?zwpAocYMsD7
zBC?n|L8-DB*_iYj6sS4qUU_K9@(IOx<!4V7Xd}s8CFAxhun^=W|2qpPII|wV@U(s_
zH}rNqESG(yM7mzBkwJ+hl${O*OC7rm-X|WW9rci(ZgpY^cq{*x^-j<J(~(t0>|oaO
ztz%6WRM8s~qas(}?QAf0pG~rLP(VNR+U9qX-#zSn_U>NK3=EEd5(3hFGeNXXNos~#
zH{1I6S1F{p^&T;GxP-of+MoQR+RqN>jNY7u^4)N{kWs6@R~r7fQp$W(cHoLDcC()L
z3ZM$rE@$E?-U^i}mBKd?8jEg%QvEg6L;1nTu4d@vo*eO&K2-tDIgM_{h>d_@Z9=h5
zr1#pi^CeeE<7!$zGG~Hmmn~1U|M!eNQQyl8LrWsaaG}*t2>UVe;CG4i%|dPn8QnT<
zJI=)U-YZ+axeXmwt$pLQLE<$>Ef<EYbwB|-)Qc9z(s+<^a3-++i=7L#*}NG_sH|-o
zU+ZQK^<M`>ya}=bUmwLLo>4E_KD(XTZS940?fHE^p+b`i(2O)So?|cZ2zK+%exVlY
zR_;Ww!K|gvd#P(OTDDRlDh36rw;*USe6FaL-m2n6-*lz_{|^JI1Vd?_!cBvkGnHmY
zc-v!0Ki2UrOOD{^DMy^_Q_`RbWe*juN(N4hUmRa46u(VMZJ=ih2uzrGoSSD+?%TyJ
zJZ_Cr_>M-;^Z>d&yf4YefoYbswJ7>_cTh3DRlkVDm&MnawbHqrL9&$c!0-4t_}u;G
zzZM(*6C3a@sRck5^)dR*P+BzmXacoe8m$TkBArU!aRv>;m~QqFa(zo%DtPlz%3qsk
zvJUBpZ-}A?W<z5&jf;#vm&Z@%vjt%W)O}7w)Jx?v?;fgWD$?IgJo14FAKxil4!{i4
zux8IWVb-*7a;UAAX=8j&9*|g7Yxq`|P6<%=$O!(`z<0y`JD;nm@4w+PW%MWP<X7<#
z>j>G$9C7$cOSYbL%2*Ah;_k$?4I4u@UxnJ=6=cgr$)r4tKApZ7`g%eq21yF;=jL*H
z<Su|P*7DIRAKF`$d!bHCKUoUfL>0U=>$4I*RBblW0f^9lyDUZEK<La?u7RAtx0?oH
zni`{xxGqa}AvygamAM_pu0$$cKsr&I{O2I=f9GF@EWtBGIgDe}<E*49k<#Z9^m5Z!
z)<mN-E<y0|^2NNqD77o0Tm2ck|318pwku(Kl3Yj{t4OC@K3dt@Hu5!Y=w*rGMxZe$
zkN>~R3fvRmDv}dyL+HstIL5!{*ojop7!58jwoR%llcm>appYx0c3`7&bBu&`{71wh
zBm|g<?*E9Wpn;GwXbRkR4#HpY=t_3)oWD6@hWiAKj7rp+1WvSxXuyKfy}E39gVNqS
zX&t$WfrdqRe7L$ge1!DKc_#s3mrj)C^$|!-sdm_I*CC9+Xb9@w?gEX|q9t?JANb!!
zICSMn4=oPqeI_(-R@4es(v9JH_rM(*{700K&R3PpWW_-_4^OjvXK0|Keq)CRA#Mu}
z{I&f)f#OyD!x)$Eg>URc-RpaQ9wTCoI2y!0*y|yfKev<p)(|m#U;=57oB1_XyO9dE
z^6Tz<e+snM4mOM6oH#>xv$S|ToZH?Hok%AG^uM@ObjcqtvU(2|Y^6e36%ArrqqEh^
z7x!)vP#={Yyn860YyN1TK>P+tPh4xN@S!*^wp+S0ZfKere_|#M>mI{+It7AiTrnf7
z;1Cc8o)P`OsafA3N<UXi9)h*cryr}7vYIW%XS{**nmp_b_Sp24N$5)qBF4s2{jx|z
z(DQZaK3n3`(gL@DV0HRTJE-qi)zTU^Tfo)9wekoKb$Y+02c+?%&ln%^AT>9va#q#D
zBj$0My7jQ?G&F6b4|={L>I}8*83;SG|K6lZz_Y(BnsdpQ?1|ra(0NVMmc##f#>_p{
z?XZ?VZEukhI(o<TJh`zEJ5!z4;+8#pk6`NT;{nQ^OySUphC44xzu(FW3GUtFBImPX
zY%RnDyNY2ZlG8+vmH2-)$sw~Z>>FuJJpBZQzcG5Fv6eaG=PS6wx70PLKwM!YR~;&n
zGDodAE}B#KKR$1*La;<u!y%XA;!-!^{puw?;KvX<<Td?PNfJV+V|p|0d9P(U<#g>q
z{o+3-mi4ZRv==P~>W&Sesl~B1_V5VS<$mVVZxq0>kTLyfC?4Hb^K*mQ+O2`@>^4l1
zCn=8)HlY*X5DmNT(AI~wLQDsOhxENRp>fCBRx*|o{-hN34vpd)4r=JLSawfIkr8Y7
zoMUm-CVS4x3Aft6Y8`u0;ZGNHO5}4;2kwd$v8@vo-xb{}=EB78pYuqO!&-fGR{EfZ
zSjD7#6ff!13;P{f&)bLl5rX2@Z~Ud%0eUtImiKWheFjA3NZck7d^#IcByQCo0{s_B
z`^A2v+nVOUIkpx<8!Z@<vhBgk6Ah36`TCI*honumP}M+@GUO*v>GKZhxbb`H#OsSx
z31Qf9<yl9X@P-_JdKGm4Y=N244M*~Ab=p(}wSo^31u~vlJxih<1>KMWYC6FG;`7+h
z!pxln-}80IC_mABk<#OO+;#$yw$Uh$zC1f9#*Vu_%0I8X_?9oss+D}_L$!RDx9;(^
zo*Yq;F7=H6PRQPP@C*O?Nwl^|$W`ekRB^dimergY58FZ6?itI?fnZ5^e^F_x5ZM5F
z5R4QT@A%Xhv9jYs)C0h95w?ZamG>Wd=K6xJ*=7C9SVo#B8oioM(d29vho>Ys9u#g0
zSB#0DBGVrs+y9_tlKl+<^-U`!eDrGG|01VOI~&kD(S}j0%8W{J+pq$TlBkERq_eR`
z^$RQUHQ3IcUt5sKeJ=A>KKtbh+j4Xr>M&aEm<e9k14eg*AKa^#!6EOcrTmJ8OMc?C
zaY@b*W)womkg_?Nd}@)s4mOKO2QO^45=H1J{MDT1-(s;G%dIMsBHz=RdCL};oop+V
zT|@(-mz+s>riIk4CeifqIIn3sMj$aA4v@GmPSVbp`;=bzH6T4VIQ$i5ExMD6_+lwd
zG&BJGwW^r>aNVR`1i!!{2nwaSl+wRbAA^_)b>k<dV?XzMT4Odm^=p`OfqVPmh6?6<
zb+f&f!D?Sa?)3Hmx7gsrtW6c@7xc1@NB!EXA8wR3EkO-(cbMcu_o9cmQ{n-uq|D;K
zwMo4DLNt2&Q)V}k&9JVr1i-lMRFVBtUWFwtEO0>nb$=YPiFV7Vgd-8N`2R{$u->Dd
zi~4aGNH+-UOk=T7RqK{cweBss39<~G<}rmZxHfDrY1f)oFhETw<I^k_QM=Vfqg|Vx
zg!Sa>-)&|*&A^4hUoc!RehK6WBmVd?)wlLI;HzamichW-F+fZulvLk&qjN^oT@`F9
z=<FhE@BJ2qPR;mh(#%-%w(5OG>BjMMcXXZ<*$NiX5LIc{8$p7LVydbC#sd=iILgLv
zCsGyD4wvD`r>a*(d3JlMHOK|aPw4!()EQw%vAH{i8G0-8*T#kmK+DD(%FC!Q#?}rc
zBoqKuZEm5_Q~6IziEGnWF#c6WJ~b=GyXFdgFUG!U?+iJ@Y-0;sFxrN_`%Wg;*T<ey
zoU7~ZIwkcY>f?6w^O<g>D1TFOG);ergGrwfL+_i~oWrVi$UKtW=venUnmA);*(TMt
zd)@Iay$~UqEhE!}QxzZ9Dz%n-Ty;<a7}bu$A-B1rP!Ok_4IAtT8+Nk5`uo=O4*4(b
zXtHIfA({O;FW@XaI`%F!M!2QNAsTzv=6CO;k_t75aQNuHZZ~IS359cf%R4I!r?&W-
zcy!2h=uF3mTxvs-(zsA8RXx_D??%~05?`hFt~|Zo!*Y&5hr_dVN&?7kT(R#6!OKXW
zI2!}55B8%f#oozGJQ!3530BU^JJ>lz9N5@f>^45?&p+m<<HgOP5k(a|L;Q+nyaONo
zzfqioBR{_MK5=NL^Pn0zLv`=4MqaVVy)F<j;>QleF&@-T#O1eNA*v&5-o`{V`d0*}
zM*xxfWDP(hSO=7J-vy#J_hG8<Jl#WBoVcJ%cdTqytvT|?@$*ZYQ_OpOc^=wC#P`|A
zrC#E4J>HzO`dyQ^P~(u6cwx5W*PbV2q?t8tRkyQn66BakwhJRd(1S_MU{vG{nJ}6P
z{&B`874)s&&N-9pZ-^8t0S!UL58x1yZ4gdd#Ug)Gt&3uT9bK0?L_V~5U(`P@ib6i`
zJU=c7;H{0J@_}~zVpl4c$a%6uJg3oIe8<G9O|7YI+?y~I+d}Pyd^{e1+M&F7uWODS
zlMHAqS;61vKZr7@q-1#4+z34mL=V%7$a_5`TRa-iU0)IWWGN5iTaF4$16p!6P3WN}
zN!E)DRh_Gz7uiT4N{CM7ec#<&eJ-<a*?xoiQ3cpTq9g(~uzrI^NGy0k9@LM{P`@IB
zq{Z##>bSS*7{Uw8DHO0Y@Z@QGzv3zfGyL4@rupkS1Q$Y{4_Ctpmg0WniK97}(GO)P
zy)KVKTf@~L0g{q5GYD90Tt?*ZzRV2`SQ1|o9zsCRJ3Vlu+l6hn(=4gGGHk{8{9(8b
zzCB}R)eemQa6a_}1;-b>+HbEF)05ThGU`~yOwt-Km<uvKZgA^||4l~B6MRp4vTlvH
z4)EUc=}npi=TD0l;HV4~eS-B5**0PTUQ_K3&g9_ulcM<>4EM!uxM1%c`<>$}=5=3<
zD#FfRTBWr>!t<18?Y;6qlhd2Ys}!-T!jhzc7xKrf`Arh~<LakcZ)|zRn0Y!|*NJCj
z!32*Pu3r`ty{qFwT~dJv(E%zz5)#@602TW;`;>QHp<ee!?ukUQjk4By0rq7J^16=a
zE(|=4dRx3$>frSm!HMtr6}1ie4~vCEycP>&Fezc+Q2qXCE;^xq&Xe_dg7v0o)F@ti
z3!i_SLwL-DI)53Oum#D?AiHx7Q|Y8GshN4rh3Z?L4(<o4yK>0EQqwSk55iBL**#@1
z`7$O`n!B8}DnQrfhom_OLU3ADENfPNn>$2kHvGRt+4{M^B|CWSNe+y`TTcv5yK!yE
z0YdO#$cnJuNSP%#Smx!x;?uEGq9OXfj{9QHFhsRn)gXN-Zpp<XlJ^GtTd%cO8*sHj
z*F_eCD2?yJB|VB^`x+dxS6I!=yBHni#&Q9+u~>NB@$|k0@XVs;Jig<d(E4>`XEEXG
zX#Cej`H8BNM#UOjej%1wuO<%;Tl@0sr~?<NFjlgT;rZMN3yV9BL!qF{qO$w0KaE|R
z1T4C?9nd>iOz!#H8S1*zce%Mu)~3&XZGBy(bu>#tHz=^Y%@AtQa2Cg=oP*k<|9}mw
z#@RmoB$Z%2%m|2a#RTSmODQ{VjPn@5T*EoIuGaNATOF6mDs_(m1?gJ=j+7h~xuu(`
zx^lv-L{{_UA`SQPKW)pih47))?8^q*OWLbofzl(t6>X`P+k%j6=i7vyPf<O_#uyun
zc0$}Z>zVQ9BE4x1z>fkB1wsgthh>su(RnmJfz4(mt;c&47PXGn^;cRl>K7s|N7N@a
zq-KQX)MKmM9J0O|cw;9qQGcS&tNnA;>4Q&VBQ&=a7Ic=6OvkxhT;L2ME8;{YHB8e;
zhEj2ix%}*_K`f4pw<=RC*;ix^=5Pn5Yg4d4HU1ME@OwHYRV#Ay+>W(9xH~42DSMR;
z)X7p?Lca9a@rv|2Br$)hDscRE{wz3sE^>7LBTj~e=4Tqh#0?oCpF8y@svkhA$OgfD
zmEAFi5F!=;x1CtYuf`%9069M+`{J=?cRl;_^<ZPZS*G-Hcd6oGf^ac+xX{fXCHoFs
z;1<>utJ5FXCJxy%!&~ke;&D0dv6H9HR7~Pmi%P1$W18^~r^aJ=y%Xs%gp$eg*M256
zzcW%uC{I%@gJre%WG$X`D^?y>w3dUs<vehP=XpNvxm(*rl)U2eSroTD8}AK!pwJj`
z<z#8EZz*#i`rPEvwdOnZ8R)Yyni-`1bw$R)(A6nawA0d_V2!#-syKZb;_Hyf1rG{p
zDVT`OH>mJPe4KiX8SU7f^x)5oZ2okw@uvwTzo}wKz+8@GoD>puuZzbrek0aKRJh96
zFg@c<>~PR1m4%n`LIp|Up8F6zk@G+DJvsdK63PK`O)&iiUZPdAZid$*75qi({ya0>
zNav(JElViCb|%h}@VW7AQ;vn<7zf>}uXK{#q0sl=H^wHMv@L4FC@r8cWf2mRk#;$M
zfKH0<W@htiM4kJ^Ghsb!V~KxsulqgZO6o?hbToy=+^|k`2JurL`4!;}0Rd%O)S?ba
zUVujN_TbNNpTjR#Cd`aEnR#BQ;GqRPL8nRrNQ+mZ^QBlsg@w;!`xc&CiqpT1FxQ7p
zSQ($}kKN)DEnet^H<tL4idJ3Ka=wP-$(>AUTdQ`Wj!nvjZ?n{6M}oP)rQX2{41{X3
z9-*?CZU0WM#Is?aP~M^ofKRXH9oW?Gc3MDPd|`kn1)1}hDOo(XCAmDeZb@7v2MfcN
zT!wZS?#BSfX>WlPis%MM<x&TMigHc)Rdt?2bIe9=2WrmZG~G6bxG&Ryh|qnj|8i-d
zPDF#t*Do*b(Rif4GJICiS3$zfMYk;w)RQIhrsu%q5Y5AQ|7Q$<m;XD}9ibn9ceH*J
z3fZrLvOXKyY56dt9y11=i5XX6SxS}=!N;^&;wYNiD`VK5^@dmZ6}Xz=QoQbiQui8h
zilf@UtkTvr1dc+L<R|c3*Ss_QN_FApNXA{(LQ?cHW)t#=QW)7Kcxip0)2{|;H$i)U
zNeQrIoUO-jM|$*U>2b+X^l=!HFT*G?o9SV;NP6{-%W=8XN9TYpB8E37;n-y+yJJOz
zvsk@h>MIsL$tDrg4TeD&!!r@n?_dJuDALh*dF};7UrNx!_w3^Bf}QQ#nx(~-eD2x}
zzM?^qNBB}n1smxgBxa0^ke;nx9sWKcfUBGaM0(|GvKMnZMpC#~+J!l$<UvZ`lPwtH
zMbyT|{p|VVska#}9FowfL%;1P9WG_n6VYs^Em$&th^olV8u|CB-L&#YrqQJA0~<fj
zOYsn}@e8;{yZMA~!5D3$=w4VpNm5GcIW2h6Z#BX${V*GL5RyY44_ts+rUv-fo&&P(
zvqM<w8~ua}T*lqJp}rH@=n}Pg2E3JZbWD5bW`dyvobi9ZpgjmQDOj0$3JA_TLD18V
z{JfvGr`pGp`mm;0d_`M@D)-&F6`20U|HJ#>cbuI$TI3qeN3GO*PaG9p(^?f$yvuvS
ztHi690V*y5s1LpV0U*gqA1l<C?stJ%l;y+2;K@4H-;r5>!^Bz;mE4c&#$syvi#G0#
zJOSZP1#tmgaGQ>qbVY(JA2|j|>3-)Rt9uL)aMr7D(L!a>n68U&m3@O*62HF~dGH#p
zD8x{?T0etiPX)`Sa-M$CYGlMTtv{!Dv(^IDAf+wMgX`{?p%vEwY$z&)$F0f=9ElOn
z%4aEduZeh(3k?ss9ubp&9>iPdSnd`Asv;dS1+n&A=+jtHJ<F6rHz%GBBNGdlz1Xd(
zF42_28T9o7+UZ@6IK1e$KMst$tJ?5$YJ%_ILzm<*k-xE<7|vKC_W#@kl+*^+9b7&7
zDH%_S@%qeGk)`y#4E=cI;<Bd%bvj7gEiJF5wGL`M$y?Aj?2gG1*->L~C~)4)ma6KK
zA$qgNNmSB$4VGSQF%yu{#)=}b?g+Rk&fQyjY*j-Bd~KbA5ZuQtH8w-6%7};{qE0wd
zN5w*c7ygK@z_jw?Je;-<Al8>0VpEMT$MO#U_;t-M;#|sb(OTl65=X--+;q$j9=;$n
zKH%}9=qug5cL|;7smD_dH9M0SYm}CDEfpPQP8tXmRXTr~D8*S%=XGJ;dN_wLZ|CdS
z##_fa=Sln=2UosEcb(xo^%Ud0SvIvkw*o{xjW57=awbN!;W-BqU}RynCtxA{0N$*O
zHL7He&6ev&9OSaMlGUAzeRuEFM<L{Ao+r(2+FcOh?tw<#f=`ujQck5DQWNH5bLFBk
z$?<&2=(3~~+eas8DN~=~=KS!r9urr7wl_Sy1iD9-Sps$%uJRA-<aT%ZWH>7o=`>F9
zFROjjHydz5?1|B#K(_k;Cj!y;gzs0Pokb>)!(UAZC55oJUD@cyo!$-=eo`j5Cy%m^
zW-iLG6IgVYpLiXxgr&XQVR-Yln2vEqEvGe^B>rGjT6!mGIpQIe7^m6rb6LmXho2j$
z4}7Sh{12h8Os5a_%PDH39$g1?!w^0<=<uAufAf?vSFY|0p99>X{*S4z4637Rx()7b
zfgr&h5-d2u-QC@t;1CY(&cQ9XySo$I-GT>q*L#w@AJ6?o)v2Lo_jK>>wb$yN@d4I5
zPcxX(&p$B>$MW<}uLEn2)6>sbPJqmu8OgC)Jfo5dW55dc%ojaK9S6xD)k~2v2D+;?
z>D@kG9rAEyB|o_lAY9{<C!>s@P#2-NOjt@3iXte~l!j(o;3fEQv<ZeQju*20%)?K_
z7BSy;VmaVwPjaun)>|IrFa$uFR2Z7ymW*H-`kK_H<Jp_|S(Qte<`TWD^HvES#$uw`
zf8Z}A`VF);6y?}iNLLgI`V%eZTZ`s~X_%4pxo0eN3fNV_uKeoJm1o}t4i_lVq}A0E
zuUTNDaS15{<jo^NpX;FypBk8BQDARR!UWxSaf99PorxkB1g3}-Kw9S7j{wSC73I@(
z`Qn*OT*7jhBn7o#Li=4^E{DcPn1^2Zf^n-!OUTb-$4eQvz1v4)$JtxS)Pu9Uy0Oay
zYozP)6A9y8<Ea39yf5_=jnn=f{xtAna$V)7a(QIZ@5$}gvBVW7gRxEUzVw@GDWz;F
zL`ov$uw205MSRee0&Fe0SB`Z=vXqytK342lyh0Yut=Gz{6(xM)w^DU-Nsju2=u}au
zJc!-wKbwuyoG{G_AeOwVSdATDc)S@ks^2AQTnYU)p1(9Sa|3i~K90=^(MDaH?LoVv
zu|+#l<;o{YKS+!hHN?y)pw5LUx$8C|2M?q_v}o##tCJ>X1dw-TMoPRSMOE_T#(v0c
z*k@XW!_e@B8`Racp`4G1E`P0FdM?ve0W|%3K2E8qyB8}w&P(DU8e3a>DWv4i<nj!Q
zG|eYd9mm;>fkSTY$DWAC7M40JB~w30B%`y8%H`LN?i{z!P$e{!x4IEv-wT!arZr@5
zt`8K^5rfd)0)+9aYNDtxZo@V&Eu}XT%xq|SM+&?nAqZUfekA>(cYZ;G2An{v=evNZ
zOs=$P9ISW@uj7_lJR<kWM|Km&yG5^h-O=lCUKQI4{BkP&Ttp;GX>>t2M|(S!m=w5T
zoXDcdgIuztL(-0KZ>l`GF#_DSxI(kJVi(5Kq?&R#08mCRX3T7`_?J%MQv3cO;aBPN
z5^DPtHj0yBm_{O;$MNUuNuMN0bLOe0?hHa_=KN;&2&fe_xhx%KZOYsBo#BTE(-Dne
zRMTuvybfymikF#1Jwn<h;cz;+bTfT4d)ZgbJ!&y9D!Eoe{yr#8?zj`~--R_TMt${$
z&RT$-c-y9r^W@{2QR_!0R{CEKL+1iiMalHS&#%QW(Nhv|i_~J=y}CouIgldkoiXBf
z8-ZI>-Bb~2zWp}+I5nyDgrzcFF{`z89*j(+=ONV{;VV7cn^a%RSvW1*4^YSBy-eUa
z!pI&VT%u<;`ld4~KB+|S7immAI+2=e9ftt&`nP-b4n`7uqI@4UBe+|mtDefaR@vL7
zo)2~#qAL2(7*1pP0*<7XDcy2QjHjLT;F#!=sU?idl--K>Dj~=pCZO10R-|Fn?%q?(
zdePP!HPbP1lO4#Yxz0=S7uJ!)FrcK|M3-uYi}nkZ(7yB^<hhnCkrTQeV=|m~E;9la
z>bEphda#f;RqSPEZ+6%>R8~2Z|K!i6W@X7kMVo78^2{&VZCRh$r|4M*W2bK1d+Ike
z>lkqLSpg&D6ILcTp*>YqP?1Q!OvTyR6f5!2WTgdI)Wv2Jn?+yBN@C-AcLnU(vEQDX
zRw4Ayew>~v&~t-ninIfimaV=fKen<jTX^UIts_<!RUFwtH|GpsUYxr$L-9d4_I6vf
zTI{LDnw<T3^iaL>U17QNX<Vj$HS^i63n#J@IdAKC(Nt-9buEck=Ur$iY=OTCFR70%
zmO82^T7o5CKbqQqn;stz{DW?Ir-lc6L^cO{WxX@N?Po!a&7(kUxhTa`4`avnyi4^^
zkj}(b!pQ>81B=@gu`*^t9YCs)C*t(!LihQ2_puzG1oJ7$6TQHg%X<{{mk)DMy(ur6
zd?Rzwo~wz3gA*ZRSME)d_IkZ*-zuaLv0Si4)~{hw*4G-(tde+KIprwx3wZ3WSPb`p
z%J1U<EC%f(>j;USAyl4gSV&ABQ226hQ7>2#ZRTy^@cD<uVHdV++Gp?_-O74R0j0B(
z-!0;##SmXm><qGFbCq0Y4Hql|0wx8)<}F)<2PUBp{cmubw+lXr$CSAtg0tsH7=Gka
zrQ|c><!a90J{p#-Jnnh?HTM)YGXz-A(_|qaU&h+^%M1(&UN#}8q5MMbhsGlyZP=9P
zxTiGha6BEXh_!u&6>C=S+daDMfy;ev{HrIhf{f2m+M)?%r66*WL8{^Lm<LhOn?c*j
z=LNrfMbQ;!*JUDDmEza=Qf2CDaRZX>2iF5<J69+-LATmDa+cjg`L%bPp!W<V6AH)b
zorK<JJ2#nc(^H?^-INgI8nAh6ZOogmM_B)2S@}SDvd-|Q65_X2m0d$o-mLPN-UUQc
znM)IGv!#r<m|P7W=p*sEQQ_7PnyEldXOro~IAo4=`(ipN$2BIoi(}^s_m9Asz#$)I
z{~u0?k)6|9-8N902Y?a^C0BQIy>sZ^d@*o9GpOxc<?CL>>4uSp7VyZjo@syz!b5Es
z8$U^>3@ciLt$3dX<>5NB_2fy3_BnaLs;@mks>R=p3deLUT=o8OsZHuwM))9LtmIkR
z)yj^u63LaE(-LxGUbl8G!)Z82WZ@Pk4#~x*-r@>QWZugb@O__hC64R(UlzZ;img4B
zY@$p%Adm>W^yG_};uH`05&@4s7b6?$Z$d_s@AMv89UVGgk!M4R@eQFgQAQj{GvvEl
z^QejSFhlFz$Rs%1#jpEty}L;!RG2fz9`lP(&_Za|Wrfnpm{X7){DBPramX{9V6O*o
zH=m~2@x!HY7$W7Bs&2+&Mx(i?i`=$dWL2Q<Xnf@4$AZRj(s1mt2Ae{SX_vUcG6L6z
z`ilHth}GntkSOKmIgoHWunNEU2^#JqqmCzj{mH>#Bhef+#Gn?kcrw-w&w~u%2R=lZ
zpco|BC!fWV^(UscmAe73B6MXKb`wG1Y7BZD1g^@|mY(V6;_P}`1#3RrAp}$;vj4y%
zADB@oT@M4ge4?20JfKxmW$KzmWoF{*dYr^S)b`%ln9x4zB~bZ?O<>qDRJ`<THJZ@^
zJ8WE|-H$1Ke!Jzjr4v0)ri?83;tQ%!6ynSNaO8%gwju|RD~o-kkCQO5VKc<%5P7RN
z%yZFO+XmYUbAC?8o5A?YOI`Ofd|aAO$GfH+XsHzXZW`nVc>Eg$*BLxhHx>@#lur^?
z-v`e4v7`Kxwa&hyzA}=Nc)~*UR(UpLAqL&iTtv&Pn|b}dVJ!aWXo$7}zn$p0>_`jx
zP$E9s4ui`If%Eq;w5ukZdb`s8OodHf0~CvvUq#Wu<Nlv83#FEWNG|y6<i*_iwTdz4
zX;GFp<C}xb;q+zR$-v3HUw#Rs1jlyieortiC0>4V;Ct16fv985_9`&{&;duE(#Bye
z<(o4c0;Rp1Q9>0rL}`pFu!x-*Q+q>02n1CAkisn+Mu(HIbHsg1(yhsX43s!I!=NO+
zHiD*IU&kf<nW3&3+K;)m=fxT)y!GKe^Gn6gHL)Y{hHS5luh_CK@<lWrc9U)wU_&zL
zPtTJ<tm&5=PdcI!L~KfWbeVf`dAjm1kr%`(rO=FeKZjTWKORr|gC3p%$mnvUnQF})
zn|_U_X=@tz-);$Qof?stWF{!5WbqX?gQ3rUJ^5`H<w&J6J9h>z_o7)ZC+_$!JDS!`
zo`cZD0UP50rIp5Se&++;0LoXW&Umpli*_*y{bB8WW=jz=cA5+|xpVWu;_ebd0bI=c
z(I?;BfW&BE1=yjPhO0dwfL$FQOZ3g}lqFf4gMEdKWiTaiPC|Xw$5(deazDWq&u||<
z+u;M3)3bZOKrr^=IMYNRU3r<^6l*(=oyryDqa5{jX(eivpbgeFHrn3Wg?_mw>S%ww
z<7={oy7eMgjdv#xI$5|nyvX`RqPV!C+^FH=S=9cW4Y0sKq#_ffI)P7iel_XnFrIEw
zwNhu`xw=oIq!RQ?4!ONa;C86lu9}v)xVR#7ZR=305;QCAXzn<5R4?|bJsW-!ISvUL
zr@+2;)b_I27D)4e?ESpe*?x@R-2J%);_+Wi8es%GqW$?~t{aRWa-4tP_G^jnEPov8
z8UuhoBWv}8mwwn>qu+m$jzk~do$PWbbjC5IiVDt5ImuFyjJ+`G4Kp&RLtMv&@qf2O
zp;WJ8=KXaPO@F+tk_L@lswAE6GYel{64qd{0sy`EMJ*)N4iie$af)bd!d5$-y7$Qb
z$I8w7yZlrx*+}F+khP@4o01Q|+MQSUq61sq2DYr2-cnPn0=dpC1Hekz)pXIDsACL9
z1o+?4GN#W`%gy1ls?A{+o<E1fPQ7yh<33GzFinoCjb4Ha+E8&tu$AfHzC={L%?WP`
zJyB4<HHx2RI~U8p+YNWT!~25cEI<7ejs4|Y#zB?TjdfN>3qAnXhs2YNj#grdECs#r
zD-={=F`a;kW7^CAk^umOJ|E}yPPYvnmO;g$o#5V9v*k8QvPrrvG4T}g{!WbioIPVm
zxV7EKfhNN1(y&Q$NS7}^*orMm>V$pS+JkVVcXiU{FRDqolgwUa<Y?N8zLjJ8x~5NE
zJcLF?E81<Y5JPuH3T~W%`Ob#T3;*IR4+(C`0$2yQ+TLG)&P~iO%p!U$UYaeb&v@B3
zZYQ+|3?mn)1n68gkEuD20@l&x3vEkmJ~htP8vyd#vYkP!NBH;It)FN#Z>^D}uMM{O
zYF0;0nD4!)k=IUuqUyzQZ0v~3HmUUf@asjrgf;l|iR-1&AHLNr@x7B_xSjAxe)1!9
z0EDQFurpYpioCLTRzSQOdF<R}2p-6A<@`B>P4X{lERRpPJ4f5F<?4izWsCB09-$0>
zZzi|Q+$x{h`mi!9$LZyr<R(7=F5wMFl9l;T$vP6u7r~>9-@jL`kOp`&mDDBge0;y}
zsirO{t_8)^vwcy0aqo9KBw+V;6)DfF0d4I4_Q|#$L|xuRc94pvK9k>FAYiq8<{Z^U
zg{0MoM@ju!Sn@qtMcW{~){AriQ}-$>%Ja9i1}<kFoZwE{6Q^*j&#HDaH>c0B6}dX8
z-{B*vme)q$GB+cs{+cpd&<dGNm&is>mM}NCU6a6eFer7>-AxKmrA~*YlN5{1l|y6L
zo{Yeuggj{b+LXu?HmZ)Sm?rxF8IW~8u;0gBT^BTc(v2osU&p+v@IB?JKeX$4b}im<
zpL2%TpPMehrBaG#(t)ypwa@1pg#FMw<xBc+ky*CDqh8&+-^G$<*<dav)eOd}aS~~o
zir=#UWaD*+L|)_#qHa;A3CH=g)%TDv^aprei)B9>OK2CdL2m=z+^as`$v9&_*<<=g
z8H^?GT~O99UF{jn0*|j(E8KWr?}j_p#sDun&*L3h4WO@s20zmcWt%_kPM_!--+W?E
zP19J|9?7xq?WU$yV<XpBf+Q=6^PT}K0fcgv4Rwlwqo+y#XDUig)!=@g)gMy{`(vc)
z>-@ZpT!Y#WWb3&}l3OkDDkU1{7*@J|*mT_qc%o2P+>b=w_hvjzcPB6ia0oFf(b=xI
zI=QZd-n~oHuIG7yBU(ph{O1LjR-ybI{+X;_$-jv=6v!4n0a_r^>}BY~YdBGeD~lw$
zLxTuef(;dbSl4l8@E*k`F5b*z|FIj$Ed3m9N%kQ6X^DUxeXQR3i*^w($M+_B1ss9v
zf!j1?dapb3yQL#lzL^k55<!b;tOqmMsVnon4b)vVhfmO+FN&KwT|<sCrq$8=v=5td
zc7WD}8*o{6OqbSw1r~V+y!9@-7JqyRx65sNrW^DT5Ik_MW-_|z@LY9uRNE9K`E}9C
zEXx~i_Nef;#F-(w6*C>?W@L#{z!OCpVP#ox5^y??aZS%5u?~TN+C-=B;*`4dJTb=A
zK+5<5vg;ScQ3?0Kq_gxIKx((rz&x;_9SkWhgaz{B%_$F&445YQGOy^S&`>ctaKUh~
z>Y8UqaIHdEi7YbSxN({f>gasUR)4%nlPy_Gby~SWu`AYi*3YlC{?@abzsaxlUr~@_
zgu8h8iH|vUk&m75Wm6Y{YFhe-%ojMtanfWWSF&p=W!0V$WB|OW+kY$$zd4<)`{!ZH
z!!GBr%W$+LZD8K&Yun59YuuqOb>#382#c&_axwf5&fdm0(xt%lq{e2c2zpA<5E7+6
z6Ce-eW6LFw^Y^(P32$<GKeQ9-!i#uGC5amTGBj3J-gPXcMjrYPsCNLSzb;-G$jvSF
z?0b)(0qg39>x4ACM+dzvH2H~71Vc`Hz!`%)*;ceY)yi88R%+>*Fi_9q2Chmjn5Ovo
zrMp&2_acXW?XxB9Kv%*i^}?LR>t><v>s}X_(TX8cylxR-mfn8_n0{}5)~vsQIk>Ie
zo|>NZKOXuLcS{@drI`aDV@VNrX(riEuuUCTp~o{Y!ZV3ow#CePSr$oY4bb#xos9b~
zI{fQ4wdX4mK}8^J_r@+CnfSpsS!bQ4iyu*v54bN(E0)~IVWFL(j&aDZ{JLdL74}2g
zcj#Krga*g?+6VjR&AXgDNa<HGjf*W?O0~ya9^EZ1hLeBY1h_tVg`?AuE;J%Nj`7B-
zr(a~HNiM$&<i2dy2#uR63IHMxQ3acK2CKdkADr?xk{1ubsVauW;Jc7urcU3?WqAYJ
zO`Z`z8Aggc&@n+!OH^TL?gV<!tAvDGqZ$jtQk{N`m7-NSi(cgk^FevuuSK_SsMN&`
z6o21urwKMc+odc$biTJpZl0dmv-@+*eUCFSv*kd^G_fp*3k}<$N?#;o-y{I#^T0zR
zTHv!aFF0t|Mq<!@3Iznx`5csH$WC!m!{yE^H^wcRuivr0t%?H)sY8abzoLvMEfRxZ
z!%~xL#TcLd1TwL0?)%T6zzTqUM-FWvc-1VAcn5Zwk}!+C%Vj!yOw!7E1?lT^R5*ZR
zK2G)Ygty%b0up2Pbcpu!{2*wI7Ky=i^g_JNLWt*Petm`It71uODH|r1KOBei&-wGZ
zf^IfstSweEm`IyCjC+PJqs<+0Q!$t;I2jkN>{>RD9_hg`EBg*0A_M?pLRt~_9MnU%
zsT6!4U2{=?ar`Ko8%+t;c?f$RHyxebO65)uU=3=O1u}++D+Iv7^>mV|Yvn_t^99Ju
zSGuMo^AL=s{6~=&471E}w<NJP+}KS`r=Q=8$eLOvh8bs`32Hib#CjchwItr>X|m?$
z7>22SacKZlxV^i)T(wTzP+4jEHPl^3Q^a<bnN8h$_>(6i=I$6(5bh`Ol*?sQhTMBn
z9)ie0s1}V$LME(W(gd%MCZ;T&wh*R99(j$-Lo4Ec>;Vzuq?(pLuVUcwaisbkZiP-7
zM!hau)g*apx*(9qA$Zq}!^rI3gAr1FG#}tb&jn=Q-21?oqKTjYH}2Tq+~)QXiD;am
z|0n3+hHYjV-g)Flcif*$HVl1p2NM$!N{EP1WaFY;o>$xEOpn_@3^SM&yxKfz$PzCM
zL2t|CnUrN%$xYeJFuY=J_ZJ#H1R$8%;aUMpOmxwB&my=3S1y!s@B9xF0HSHx#o$WY
z?Iy<uQRh5ylra!~9&sl#W~Sv?`GjlRAL%+9;RRu%x5yCHM5@Wep*RUW?7`O?7x~va
z|648xEYkaN2IziJ>=XEtGTB%r9>#C^WFI9mX`>Q<2Yby38NIodkFTMX*Vr<0(?q+h
zWfH<wtvre(0z5wNh<In~-k0pTv)h*^ZhUGuu9AgBKl$|KZ>=ThhjJ?nGAAH1yASyi
zXy@B0_3mU#R?gF8l!hVnF(A8_ggxX0rHd5t<wM>IMM72JqVYPUs|j)EED!n#(^Rm(
zj)oxXqknK3ZZs2VdP-LbA|>dZF#pGz8=C<jU7bIJfl%)O6F#n;W=rO84Joi$Z+Ln5
zEHv`jkIADGo%2C=0^`g)XQbbMWWClSa=x=t8$vQr8#RN9RI>TLPfYOzC7_;K3pUO7
zk(>%)s&i~A(%G~7p)sys0M&?{$;Ly|)o4>DJg4Umtv;#sHT=~!Ov<jByC!-^M+1;A
zd=yU>L88_yMXJ!da(-`*FM@_}Sjn;li7S)v7S=JTlLHq=2B2Y=p5^>id5p#Ln>3U!
z9`7Yva&k2@Q=EHf+*Xy9xk{4iPe0jlM0dCIY*zxHBDb&gdU{&t)c5-ajwI6yc=vT(
z_@Jb**fof;qWR<%kc>$I7ooKtFOkFt3ZmNRxN^zwyn~tY#QhC~=)IMLz&~!@3*mts
zUlS;#n}r|=z4RWyBD`N~HOB?bpOgx3TI@BW$%fWk)Z0Rxh_A}K{S7tusW4{ySKG5(
zcIwPUv3qu!X)-KRYvPT_xR{X&1;P$;e(c_rkXf<Lz_^P-7Qp`rC*rIMye&z<hHE{f
z1$=ck%NFBIbR$=93Ys|Tp!u%?*qtmJ!3Xj`zS2*qKURPkimMD5WhTR{0fCRJlMsh1
zVu{I`EJ^Q5YgV`eZJl>^bv^fC2W5!Z%8-{XGci3s!<I+4EK+aM+u5z&Of)vw{hs^F
zmLCA<b%2_u$r-XhI~?Lx2vDbDqo!+d=x=Mxtx9(jpV^)w*&3E`aV)nOIu4;M3vqR*
zX=>d$dm<kz&;^`t`}H0cNoAZNa2Awid5ax{X04Cc!WN*4QDtbhKeeas@{OIW>2?4-
zT#R9zYmG*@v7<fniw!8c!Hoe|M~(i;@R`VcmRuUJ7c@?A(kjKF$Ekyij`TQbITONj
znx1AX(Be_84}@3W%?AxbSt-H=ewE=76t+FwpWHafGC2U;7E}NW6)^H>akDF~_zkP9
zOW?PK-BU?f+@$_2EfV++4bRuIR)I}|Cx2_+b-eb^uEs4QkHPIy09~$IijX<b2reXh
zfK(p~DwhhK5MWGfn1w^mZzi*zw2{m4W+ex01j{%B#i%t;ng$-H!EU`X(c)J1aRR5D
z?Dc}2Xi3M|g;(SKy$FMOC8_nW4zmpIa$vY9$w~BQ&NPtJRz}-Zh7jb=j4-1)AA{2?
zEL>a-4LH0&h{2CJs}n%2Y%cDBg@dvy#Cc;%N+tc=Yr?X0G*Jplhhu)%)g6{e=JV{l
zPRg1+*D2}Ce>(lXy+KOm-N*?%iNWsYBlt{$-&z-O)Qi6(v-VHN3RPGMwHtDxA^@0(
zABNuJW&-nTcWF<nNz4^w25WBsAR*7seMq4OYXeC8W~h3MNRtVUVtGBGm7B;P-V8{0
zjGXV-acWU1b<!`Qj3ltuvzDJyh05G*F0)*C)-*t{EA&^o!!mBf+JM}VV-j-ripMnX
z6T|A%!knTO_cQ1B1>P&#@bl7-lCv<U{Sf*`ih$0)5VWEBFuv$7-;=S_Ju1~EIY>XL
z$JC``pM><<SIQ~EZkvcl`F3y+?MUdXVGPr?Blc|aG$}eU9ehBNZD2VZn1qw8b!2As
z{G%!)Yy3K|D!QJkDvBWM@sEGtPk{v9LD7n<JpeK7@z4+A>GJ5(FDAx~EQ$^NiZ-V3
z0soZcm?F27BJEIk4Ufu{ln*p!*7M0r8>M@9cx4MjO`4u^I5ba1IHZAo*`9OuX`k>-
z6Hti$&|!gF8-ac#j->l{%+GX)p^XwDs!)Vvj{~q}Y67vqz5pUs9qbQLs!Bgadic>e
z|EG)vZdnF?qZTkd?y_LF0l=o$t;TG$@?@m!dChZAtX`m~edT$;IT8vFWM-jPJ&>+-
zWTgkXgH%!T`$qGu!bLHrG_8EzupD#gO|o*aJ^rddx>7N1XnygW==hA!0g(p_W*Sr$
zf&bG*Yr#ir8H7hmdDNtbkyvZ$nYH^guNy+i#VE?NPCm*D0TL;oKh=<@KC!fi-@-tp
z<<RSEdJPjMJO&Mx0NndWwsU-tB1X{e(2=yQ5uw`M_Xi|id?fj9Vh6qHP?b?B@^s_L
z^*{SvzM6|ond8PR1XWiP=2b;OI#CG)NdBJ|2#sk0?MN+TeB9-51sH=Jfi^Nv99Dds
zjXu-?5X9~v+s2VFBM%*^@xAtjZy_G9|2g|R^~2fw@vA4t7$w<PvtK+_?_NqFE<5W8
zgqC_Mc<X3k5ndN@n5TlQ{X|9U_djd(NJjM-jEzCoBK1eaSJk)pV3@lZU1iv)%69OV
z-wz^X+Bz4PGTD8OUG-ScCtdvN1{m^BLV>SR6aCihnMRHMH;7WklQF}1em_OVXQoKg
zqK{Kfo1?FX{C@oTSv@~MZt#Gn=#YjC>-vs~){kVLzx#I$JdKXO@wVH5QXo1_<NrzF
zM#)ts$%*JRbA+V{`~8J!=S>!Z+Nnb-cj@4+3Y;^dqCF@p&1QhaYSi|bWtjG}hZBm|
zkYgh}roGLFlat+t<59+7>ztW@Yd4vNdS)k|s6VXMGB0!8I>aHp$Ew}9D^I%2Gs~a>
z<0nnVP^)mV=~fNb4d8eQv5^<t^bZoC3a|Kdk!~OzRe_E{y$<GL=Nk=qD9v)%hPhaI
zqgMye`C_vbJ}xYq&=uMcqz~7_b@cg0<l%<C8yLmwVdh_syDlWDN-DGwuESI|CwGyZ
zC?#S*%xKWTaA2MuJ5X|GL2pQywentEUPw88;$yL*At&o>)ufo*1^EAVR!nY6jFyCs
znnxvG$OkWdYg3)F{UYwOaD3CX?FL5x@ySZtgImJ5SNrz}wGZ(2YMH10bsU2DcYoBb
z^b5MON$T;-{OOUXieIUw+?elh#RJO{sgg~wq{Xx;u;A238wnm2H)}@1x^u;R5kH$?
zzUz9k({PN%upRSV)r}sj$(MKA;p4|q<<xXU`_aO!%g0ThKT-sO0|@72dGrm&{9$<i
zbVEoZl5@Kc8c|?(lNzea`x{HBVf(L0b^FROQi*F(8Y@6k(+VhldWZvs9R<~f&%dyn
zkm8OwJ7b{Ww&GbB*$zj0Kid1!q=b2asv4dm&|>qh0m?{bXU*(E5B23x*H$@@yRrSE
zA~WI87_Oodkfv?I673_u*dP2M{`Z)}kH5TEq0&$29EI4f!oXOtjcc>rX%Z6L*Mr!~
zVD#92C+Se?GBs2WC<S)`Co3kJH~Eo?CSvD|!GxofC#`w(+t}|^>7h9r>dQ|@XQaEo
z5)O;+!CjKbq4TDQv^Mt9jLJr3_Aahv0CSJN4U70ptLOE$k0pHr&sG}UR6<4T?Rdff
zUfw(DV~XkwLz$5x(RBQ?!55k>tcF;JI$gp8gzj#|?|b{)PC4`3j_=11!+wud{$2a5
zzE)b4#0JvngL_BO$A~)!?P(8tpCi1F=Re6G4Z;I?@MF*EqQetaoV4e_&U*m0WE(64
zun}>wN~KcjU-gZ{T*>fb`QKa!YB6A1>x&NmLj?_@#Z=WD8f>&z_c(WGb`v<O&jwVa
zAl|yJtN(U!QH`UdDPQga*xpoAbwXE5M}@myR02|fnu8jr3FN?3GnTLp^tM9ZZOa&o
zK#Re`1WPpSqdm}oj9v?oNx;`MD4CrFoiRAm4Vj&PhN!0{hZV2dvW+^=Ge#^vJZywG
z^0mEuU-eY4I>=zuGaoL0R7x-alb$=03?sU8Wq;aIU(Ym85!Tt17LS$B^ymITTuURt
z6j9<IsMsDH312hZxk2>iEeBk@r!8$nz^j@E`!N&#B#~yzM*KFzhhcqPH7EisOJyuD
zw<1>*mxQ3MAns>eqsU3Nr2AWWqmN(60Fz#ps{>0A&!Vl#NzBQDp!d8vq2O{tG9o0O
z56NCoknmEtrU=5}Kd*!qLzpCrTGtPIoS3TyPj^#OE@%GcdcZwbKLKL=#Uz05*vJBI
z?65oPU#Tj@!agG4X3-&wi*2m4BY>j|iKE?v<tSRLMO@mU!oQ)Cv=C?kHyl5?IYJpO
z3{k|Pxf5+$POA&2%ZiIE3%;t^gVAjWtK`d_!AK_`!Ir~NWb^upx;@E+uM!mZ81^_j
zU}AzsXj8^dL<Cm+05I@9qZXs%?>%kND`&bz2NaIF^!ExSEu7AC?odB#txjQ#v3Xo1
z5D3OV^>)tF#3C=}`@P<Qu~!1|;{~CNs~dJVZML{n!OB(B?U>krnluw0G^E0iu|1+X
zU4+{XsPxKuW9StAYpdY)5pi|H!O#J%+yh*+eR%E!z!OECa9zKwrW9A2rYCEJyl0uv
zLvG4@d!p79D5ZH|Ldot^zRdcbXIAr4F3Vt5MvB%(QjjslkK?HQXh#^_I@p0OJD4ID
z%4c+3wWHPJ)m`fy0W_W0wfK`JaLWxS3uerx2`iaFp)@zMj7(dR#6*oqv#=kp(mN52
zxt22z;Jf0Fgi93?R3-Ayu~`!?Of9<(%X9I2k}lz+Dr)`^@qG?ZgVLkUKHl9O?}V>R
zXWWaR2WX&^R1gw}Zu%Tno$H03T*F!v8NrKax*_+!p0ZC70hbIW8=y>ZqaR6@R<=43
zgfzrYNOxVBy;UyX^21@{$Iij)fRRWgU{Kaz-iG!Pb8;3U;M5>!2Us%ZM?bt9`r5Ct
zQp&Cq(3aflH?Cw!vk#2K55AK69$5$<&D9>fk+CC@fD{cC*++AbRpcKNwz{KmGOr{_
z$TG+x3vqBN_ZYHa3wN%~K5Y6JmbTDsZ+buRS5Rx!sg*iwUg5QNUQfIm#sYX9aKP<8
z6tFbWA-ogg(U_qt5yMngL=QCnYL?_iMvG7ZOT&0Js%{K&WMTk>_x~KJl>q(D9S6c2
z<j58}(Wmjb6V+#l^Qa^93)yB}C!w|rW~ShcUpe%LoA1w**FQ9mG@6w3ZSXDsI1BDc
ze-``;RVUkxu2lhUoPygeHiL;fCyJ{5=Poxwgd4V(+@$?r!sFmn33Rl@Kd1(3A-{h1
z#xPO2gFMk^5-~?L-Ypp;M5g+WMntpp&UX3y!|ZsY7L98&<VJQjP6DSSaQr-d_F%Rt
zFXj?7DoB(NIQLDWSTV7BQ6Qv$GD~tfp51R1fZL8}z8)^NlC{>2bdVna8T}KgUKsyf
z-`t&nsk$>*SDcFHanI9nRCcdeOORwvYR@P4%3O3T(tB_j4<HheTn%>6D5^l4?~vug
zIG#TczkNK*(t(0}lEU<kA`N)OKtgU^mbsI9hu(N8yvzWC@o^2~-^AHXI6&=*sSmh-
zOWa$L_C!ds@VNKr^ZjIFtt2Dhg&u+UbX!T}Z|8v~GNhU-hJHHG@y=O1GCHqp73uc<
zD%h#K9as=!_ZbYusEVYTDZUioCt;%`YP=AeM`3%hYF>hlIGMY4s36WpRv>x!9VR^5
zP+{~}MNe#fsav=8+7TIWQvi=O3ZPrOu_ogmYmANqG<hC}`NVF`35@)C{OHx0SWJEX
z<H+&7E48>eCORWr8x@joGi;19tW4^g1F{;<SeIrxlGy4%te0jQi1o77x4iY@DZ2fc
zPm>hwOkJv+mugd?6r;Ql>TM05jHi1P4)h=#EIb5AR5Wi9Of0D0kI(;-nu&xys&?i$
zm9FZ;I8t=X)8g}TxxD#tcD7jwW1#bhnCY_4WmN&L{djjGMEfUy;%f($T{FWkMitKy
zePVS$NlT&fx}h7-B3xSM2%I{vRF`{DPWLA}+YI(M{t8FG0Q~wa1V~ZVXJggnyRpy3
zjtBf-#}{`{;LHOKY2BaHge;mnH+QmYchQpml-sTs=Tf@+3)x#tD6R6eoKe8!vBI6^
zPT#~sp4DD$J@`A6l#_>}V@{;w18EvVMXR$NdAU_r)a|V!t)lz8D=<qc9?h<-zSP0h
ziwtLOIwCN{^{<=t9>Mm6xQ8cFfUuJdwdM~SdXAoXby}o}YJnAwdujM3O`(D1V{iqg
z&tZG&nwC4D4{m@p#yz_?dEjvs?YXz;`lX^naqWrF83#-gkER^)Rvos36*V&wY`nIZ
z-yI1O(uf?GSXw;_$F9vok*6Mh1ht#6k;A=I0r)9IO^EHylgPyJF7^t10o?HRv9YBW
zmI67A;RYH3=4KT7o@u>rO-iJq`7w<zePrbz01!D6(_2^P@l)mLTk=QQ{^j=+z|xY!
zDix>Q*D6~Vqk4)CI-*{*>MooM+s$qIG#e5xFiK-<zn{;(TvTCyMd1!R{>izV>qz!%
z<Lz_(%DMe2z#_W9-0$P4J9gniO{%3@laNeEV(K0i3Vr_X0tL$A`SQC(hDJ3_TbT53
zyCJznWby$=u@>a2)D}`<OG_BaAAa8!1c|#?OI<-j&jWEV#%)4fUE1Fuw=Qi}2kRqB
zqrVk8=lDW5W-|=NI$s=|{B9sfzp!!sHVk-8?PyunHLa+iAnE`N8z#3r{l0DZcK?Cz
z=|a-W)ER?4)xyIJD1E)UsPva!Y7PmLET>_#8=bF@r*e=~eQu(wBtHNj%e=~*-7HL?
zb8`f<nw+{S13hZ1xWvkhsxB7V;c623*z<vpkq82kCp7QK<S83W7=5;?K*AQ_e|@{;
zEZlP)@1sEbXGxNMv#Q?t^b@+^_Nf1G6YawQy*2`}o^9=9q5#c({(>GFvG8wB7Fa(3
z>#Quw+K%{F+dWD%)|Lm)jH}AezP<0+;VnII?(&OI$GZP<5FT1`CRcpzMF(3#Wwyi?
zvxAI2HSf_MN=asJ0qE$x;)tf7?Jy0U3EAbt-XyItK~jt7un-N9q?H~-DsO3dYe^f{
z$~do$WJtOPhNB+HVP2l=Hf)V{PgFTPSrn|j<yvH&bhp$+z$pATy{mT^@l4=+vBYP(
zrjIV-<RP~+6A(D*g}a82y7NhNXMx`s>9v{zup9l?vuaYtpa0SqT?C3XlVjNArKO!u
znJ%IqF@xov!M(m{@)4MoZ3r<=S-D{KB3%cdEW*rmcw<BTP+CdEm}oWH5cS#~^%+Qv
zrZPg>NXMpCPc^tYoGNkL;iMHSBOjQ6aU&$X71@W6v}*PVnaVmti-vZX0u=skZFvMc
z7iDL%@aSmdbD$LYN6ba(#J;C*sil`vqCRb%7Dk2>75n}{Km(|b?~g^@gIWw$89qUk
zgq{$nKhT;aN}RVyya7x77NQ(vNW|BSB4U3Mwpb)=QJJ>aLNPaQmv!@#Q+iLVx=3%J
zF~25_WjLT`T(=AN@UUHq_^Hvf>p_d`;?8OMX)TXXKWcM9G|McS<p+9+6*MIkZ50Yh
zu(Nntr%mvp=6YfA@rJ$aMr3jJUs_kQm8^K_*b_OVk|A^vyVf(Kpp!%SS9eh{ggST-
z0h!cPbgupm8l%iq;e{pp;U^FHG{t{g9Pp?8RyNDN_@ytc81&pTx?>dU>RR^8FUpft
zpwmQ&hGF_UbZGMzF1q?+`0=C`#)0PM%ju;f138Fm?dpsul#S2ab8g|DEuOht(75ql
z^IPQJ+?bLMjaMWMl2Pl6W7HvpqcV^|5@n}QP9!H%)PG@b`T&%ac_I*222ku$y3z#*
zX1cOMLO?$LdF*t3CJJb*HsR`ieLUsTsQo37f^H%6H9KQ*TbRzQh!ct2E>J*#4^B)a
zP!7TOVZWAU1Geu-*sd1y4Ij4#2PQn=<mCNH<!GX{Gjk{OnL-KCt%7=)(j^wTQngB^
zXAzGA_Z1V@Hh}xDs++(36enLc&-R*6_E}najJh8EF;eQ_KbJRZq7hv{hJc2`&T*q&
ze6)WO@NP}0s}U0M3E7)U{)-d3F(b(U!}lCv2D2-=s#Y}?8QvWeFR{7SDvyM@(P(0~
zrklgqFF2c*{dJ3i>+Jh-Oh=yXUTPB`$&?8S$ie|?!lAK@lD*`(jieZuF@G-kFN)lQ
zzxIgxh1n~B8gh7gLE{!zsP)bUVUYE_Kjqlt&3zu0YL5MVl%I$V0;gqm+^mup4}!J`
z)!L3@<VsLhs^tD8EDnvfvg?{T+~=KK2o>_z(#=LphCF->wQ&uP!g;+j0G!|;Dr;qT
z(4!q>q_Eg~AzX1qKGMwucrAsHxP?6oaD2@FYC+}?pX{!_ABCVe;q5}htgD-zClr+V
zrj@x1H~6Ld)s`aIp+1#mb(BLbYCx&<!&0cA+(N5Atk5L>$_w5)Ps5eH>ppUdb6kSj
z0PwrB${Cq=4xooCb`T9^5F!`4Pon6+NRn1eHWz19A0;|=o0$jmWP%qdmbR#Gp14t7
zdfoLlgRA~pX2uwpEJpEZgAj{;Pmqd(`{Vw8wRYD!a#UjsgKB=zj1KW8u|3=D157`*
zeBlSq9>Gm33p=z_3(M!$)E8a1@EO~_GZ%z?iFKTe9RQU5kRugtWsSdyms((NltiY#
zjta)Xykcyhu|gm#0_iV&Tqt(q|8kU$T#l4q7_}lOFSh+4HMX$)BDLmPJ3nRBr4LK=
z)kCt4Gp*gTW4ptiJQfQHgHEL~vzqSaf<Z@oqgm%w^6=c4aG#(*PtL!_HxJ|V0u1nk
zqUj>{?0!F>vNbai*IGeSa&EV&N;&xP`Wl3v5;boEhH~xvC||lm2TOk0v;%m&_m$2^
zvAEcqGWTv=>X%E+LUO6$?7Ze~OuKTpT)eRV9@N?oh40m2PZO>&V$2g=jbJo+b3FK-
z(|^1$o^j6yV$}Hr6e2NK<Py37togBI#P<?cN|eoo;Kittjn#qDqm7c@7<K=(T`aL=
zvo$6a{wYp%9O!lR&fNrvmz6i{r4FB0*K868<)K-7rt>lz7f(~H0jPQS;x#@p8#5YB
zm?zZE>Cfk=QX+|fvraoQ^T8w6^*-b;9)ytB!`kGuiLuClc(-5fwWkx}9(V70uh*r@
zkLxznwAYb${#CA9t#>;aYU<7}!Y{|O#zeu{DoAA-Rzdsfys*EWAP_22XN|E%ghldW
zP++ubDT?@@L@`CZM)SS2Q&1Yg)8_vRU83CcW}kp-&*ha%zJS8pVZC7|aJPd+96+jW
z_0_|3taA&e$<M11{^T}bUK|l846B;deO#FqU&uhNq|Li_y`OWpN+!KTa}YSR{d6ru
z6aW=(TbK)c{3QweyrlBR4kDy)d!Muvr=U;XGyKhP&rmw-+?~V=o#0)8gwYq3U}-ba
zzvzm@G_ZmGEF<}7VWA|f^HuNwJJ|oa=jjyu^dJ!O_RV4vbgZ%OL93yknhKdD@q5h`
z7O(;Ps%dxFYp$_8ot8AVYOnFPjX%ZIKa~=>1{ynwwWyk^yd<2=9R50}C)h|>CC&lQ
zf12*RWQO^dJCa=z)?0oYQS?)XK&ag_%Sg}xSnvM1&**fZVW{Nk4rP<(xoAy-IHyQ|
z!KT-O4}nIxiF3s0k)7ELr-Y+|W6;0qXyNqP#)-WOS1ow-Q|VCQ4T3-cm==2`w7)_^
ztd#~dt1kO=r4WU1+QR=-22hPDnGPQ91b^kwNY7JEo#pu^XHrt*$g~Ea+#a6W(U^$0
zi-Iiodw1>zrT(?ggg_T(5UW(}FhSBSXZAP6d}i&C2o1)k)9UCJzvGUqZV6p!i`C8|
zdR;SwYH*clJS^U<?;M=*JZ{6yN4^d|t>t%1>J$<4EjUR<c%3|!CnyEXGilwFoyl^`
z!(5+XS_HHH2~p6l0JqC`1xyeK@#-qmWJwo$t{U@%aA9P`xI1HA1v=?U%DtZc1@Lw>
z|BZ&U`iK}qV~37Ueo%9-bMrF=5$8yB>Dw3W1I;TJ)VC;NCey3xFo75Hxm}#^+gpjM
zwN#I2<6%mfk}GKtny^O5H5tjDcx;fl%(R_$Qvse7)wXRNkHR-qS`Bg)Zk9AkZq<r4
z0b8B<#{p@Tb}j}Oe;a?XGd8g!G2#S4N{1g)SP#oJoUw8L@5fJM$scpz385;Rsfxk%
ziR=u}-@HtxMM?od>$YdK@h6yG{shy?)Zj;?J4Q{7%Tse*M?F&8G*-YeyoF$QJ;#^g
z)ph}N01BU_nd(>wGlWYc+TZ&+2jGaS#txR#rRn2+PO#r1al!<8UJq^U`3e*2e@382
zifu+771sh!V}5hBU<*9!*r(b~Ya3_d!&w8>aRT6Exm9{0$w8$qS?GPZB3-92G|d4{
z*){Bq9w2;6zcsnD&1NkWiN@wDdeHche$7G8rcJdlue!)JR!J6nOZ{aXUihZC5e&}l
zPvvA(3Ip@K`0;W{Ht+0L`!BDHd+31`=IiKIwy4_bK_}~^f6s+Hz6T5IXh5SgSi!-{
zOyy6u2b9zyv9Uj=SZ>6I)V@y9WtSGJ<H~;nkSwDXApWPwlbQkb&3u|n?4oR&JUFK@
z)ZA;_z$Gtlz4MYre@$Jes<T?nKQYW@MoEh!xXqi9qb6H)%w94$LVbaBRG7L@gqgkO
z>0Bk3Cr>8ya&By>)e1R;rRVwKT{)zKT|&NI-3=D}7;{EqG_fK$3Zg{x0o==eTNrM8
zGFw@HnCDq5o)s&5I)++3d*KZj`D7{a-d2Bqb*;;g)?zqmbG3ZqzM%<En-806_-|M<
zxh$|R06TI&*~D^x)TF*X*Z<2Y#jktY(LhT}OFCjiI*qm^Kmu%PF*%|MRGisQ_u8PR
zYWOgyW!o=~$^f_oh*)O1bJF-JJX-aU*XyFpp%UoK;h@<DNZ~1kI+I;Nzd~)Iq~3#O
zm}t@icAUlw*dUeVFR`yB=F|*|-%d#!cm`W$yv?gra(5Ek>PBB6U^cBzU;SV0C^!Ex
zPJEs#fb}DFGyU;wbJPHXeiRImZl*}_g90F#4iBKLE!NH6cx)Pb^9c9Nq<fSI9t8SN
zQ_Rmnc@0tFqE+ZVU${^uALEdFr*8ZPL@O2HKs{{XQbFR{nlX1mu5b&J8myUpC@t#`
z$6REw{o;(v(J~7_uKj?&Q(>vyl72z#l2{sQ#okczm=n=JYNhDG&FBf=4~da6VDJFx
z5>(S7xwp2Ae3k^7+B44a+M?n2G@6%j6vpO{2vOk;7M2aN0Spj}yyfYw=zLU(%d}fF
zFg2<zM8KsZzx9$q>*<w>h1qQn-a{<u%SX!^q|GznF|OPMmt#=D#NXjKUv_S+%`+u4
zpMva<lIkN{>q986YFdELQAYe5F^yMkG@u!m-dz$IVr1E@w`mqQi$DM2kYVnd$gfzx
zOH(sH%2k84RE<U`fmwK9?HOOBn|x|pSLCPDyhJdmP<`XuS_XERQ}j$5Q-)}j&O>*L
z0%|wKM<F;l87fkclyQaPD@h>9f$S}YW$;a6mC*()>I{Vx&89aC{QNWisl7F$9IU9C
z70?`7pr2&ILhiJu8XXiALq}ggmL)EC$BSeROghFZDF5$?m9rku)XMRV*B%a=(Q1B6
z)z(aT-I3KfdX50lLdkU{MjyX2-%o5|1<@NcNzpaP>BY)+_epG{9-&(ij0FQ=Sn^6M
zW`69%3gEX^BR%@>G{vd@&Cqq+X|3?~7c{les&rZA$^k$~#eTn~Ttu-AQ@HciZWMzK
zqwr+6pQw}-|E=YM1$6yKw(;85;ov`O*-=j!Zd75w4te6^a1tn#L|F$eI@(DM-ZW84
z{UlHX*$e;~y}zEM5Ns%s1*IraO){iVIHf3p`-Px`Oju2&_cqi#R>rR}awMpXIFkB5
z$LyOWDVXW2W|(s(Ziv_KQbwxK(c2bxHSOfCP6kOY>oy$L8<s#jw3%B$=mMr7;O<x!
zae`VpF`NCLaYyFt^aj|LFzR=a5dr`9KIj)QaSF|vcY^k4*iKkVkZf%FiZx`^ue#ks
z>^D!q?)Lme&^54cDc(vNB2WNf{6b2z1rf8Fl~3RD_ar~}z$4;fq!C5`*5l`cqp!ma
zWHc@{3H2@XCQ9t|Mjz(javTZ*{_ac*&=0v}aq{W_Gh!#yuf9tqA8FMkm@)%;P5F=9
zjB)dzs#ATZ1>SI=nNo}hf-oD25c`FTqo{snBqQw@3!`QS_NDtvWq7^Gael`sc!9fz
zMpZdG`4*dyi|1~(HieR#=fbSh-Am#JbAMB$t!K0M5H&Rss9#zJ2nPB8#9PiHpePc_
zq=3wC5h-tLJXd(v7%U2V!+}jnl@3-~F$xk6<^7g}26i%sO}HHy%$xNiGJ*~ynxN^6
znij+{x0lKh6H{`hZA{U5PF3V(JWUn;dj?~($~^W)Y4C#MXoaL@lKNj}^<UG<t9Y6F
zdxcNzkp2QSB-9{)B?*3c2%R0$q0CQlC}N`lg-j!zX!MjjMRtM$V=G?#D7!}JxBDW>
z`B{>Dh}*RAPSj@`CrVg+C+os||4{jmzd8~7{ZaRWo?d;_Q3p`D-7xA>nhRVL3U)eD
z{JlL(l{)`Jp|T6N{pC4j9p56BGCm!?ZDNb;BVe=H1Myzm#IMgDdzp*#vvKnl-M{cx
z!#54FOCzsdr^DSsvl!W$?leVHLPlupbN58r%L@=K5XN=e{h*H)S@Yv9UG!P7OBz9l
zY0=M3Rg4;B^3c`vWt{X|RsH;^3E-cO)$pLO#!%Rk;yoc=WX721;bT1p1S*qI5@hNV
zH`RM>1|`wR4E|B#6rBo;{>4c#J2}P%P|7IFNbS8GV;(LwZKi00x_TT5HFvC%@PVj2
z=3|{Ln{wL!ryDBHQY8;S=QpMt7`KjG1{t#{Ykp}|zJPQ7^`UTJVW?Sy1LnhHZ@nB6
zNUXvE3=C3{tjVsNh$c#ka9AVtThuG3<yY~{!D%}EH2=4T5_TDk4R&dxE^{hFeM}hO
zj51#Ir-8fL6l~s*XPQ8N#F*cyj6p)|GJbCqR(<gXOH7$TZb_LA^c*)p%|x>foQ(-;
zod`2b4PYc2RUMi!gf*ZNmkMwguV?zTJ|0@!1o{@25~)+_rO)^xN!a%mKFc}_BG!@9
zoNH#GU#IOb@4uJfylQ@lTOEk|s=g&J08`euo~1*5>e#`He{N<Rk~$cdkW0j{R%%SB
zvB0I-)z)Y-%r|%D_)8PiVRb{|(n{HVp0P*r_Ydq(4-$m6Em8dhz?{7>yat$&oV-BK
zkB`P$OcfGTqwr)Do#%vadgTQ(-WrDbB~D$-pl1)M{7VG3eNkUW+9c6x%J(q(j_8cE
znIjcC9?v6t9x>G>^>UG5nZ!wbAas11{HXYNy4&ayc4X_1i8d-jUA7Ws)nfe?-KzHO
zw#C79d{h9<D*WIqwEYBSGwfAW9k24ONzG2V^>+aMyb@DEVN;5<KeJ#=0B*LrQtsz6
zF?ivMZcLRexhopFDKZ+@E8WN4o&{Lb!2eQk8mkFaHHC<KK1b#xk;zznaZL9>d(O`3
zW5i-gS?2S*Gwp`r6IxG~WVuM2V5en(?sdi>#Nyb>^7nH{92pmqWAseMtoMYO!K3{l
zaUz9|v}CGVz4F<6BtWWe`D|Fx5E29lOp(PIgw0?j{vomV(5zX)>d`b2ihPmx9n?(x
zn^b6TSVA2bh%Ss>yt9byBmzhhR!@1kq^u!WyvxBNdeorvGscFn2WSiBk!*_aF9$AT
zdH*Je@M67pySb4dDbogW4OdWDskVPM-02}kJcf?53D~yy!j6rp?GIHHDedfM$S*kP
z4He)d(iYCB_gqS*kF89GFq{Mw-!&#rpR+eFCq&;+Lw#G!VniU6@Enk5yf&5jq35W7
zYK9jhT^kS)Q!yOMvvPQMo54ti(1=IR?0?>8mbj=V7j1@!(8apzJg6Ha#buDxZ$$FB
z%`-?PqkUy)gq({d@7I}pU_!8XgMdSwP#SqCgF%SWPYTIi_3SL8%3j1dXE@yjWwa>B
zVJ2c=#jzOrPkWH4j2oD|h;E<oR!5Kk^q=R{vKP9mx#!Wx_fe{ZG!-Aw$EW=6zlsQj
zdZ<(~5IfbZ9?u6Me!Rtmr{<I1D==wMhDPYXm7%;SH5oQi8zk-V^}?=y%xcP9DcwH^
zS=K07ZFmsLJ()hywN_UpQLe0~#Lnoh9?dL}!gruJBf6|?SR#_(^deP^cKB5Th}}i`
z2u<WWF!C|1x1txO;+}iWEt4{aCxG{>bi~A?W=`m=i*aE4hK|_E5X0RN);``)TlEWx
z27nm)re`1C0Ta9#YB2cz@ka@I=t5_Z1wnE#)u4>C+?Wn|<Q_v~h?aEmAule+wzz*H
zgp<H}M-*RN`2(I*v;x*itCvX}Ky}ga;x}y-@f>-C`?HAvMFITbMMr-#R)~qvcWp7#
zNo%^|jyPBIYFr}B<kt1Eu8p2PgF9KdWI@kKQTU>vviq-gW}Fc7Q4%0OI6j+IfM~a7
zFHOrw%isJ*k=(&6UfFkWue23<9bjH-I;Z-I?-SzUsk{YTM_N8-xA5Hn#?6u}0%P@y
z#k)xilqE<~MC`hgqUm7ayFCx&`KV*rnKCtc+4+LrGMi#V|9Bs^+2Nw%DDJbq;;8z_
z%3x9doL?&`RoD?*iQqQ5)>Zqmb5Kr)a|0Hx3375O%E@c|6|UupiRQktaTfcmgmIp_
zETP`7Xpb8EkAT6v=CDV+%M056&s<8)Sg|ELTOYMO(ZozG%jjN*6B%tYQl4#eKj~lV
z?v+1X-Tt(l=c9XRc{*Jtx|PjeohN$qNgY`f*fQ4XYULCYAF>cDK}#T`FOKfzSI4ZC
z%AR5Ve@tCvR8?EomX?-oknWI{5Rs7X?(UM5+$tT?ozmUSp;I~zjfix2_jlyJm;3!-
z?6b$%jJ4K`XFhYT`WXHOlHojusJGUfdN#sM>9!;0XMsu8KrVgNrQxF}4nff`wMFk+
zHHC79Y)|{NeVn1=-3=nr7e94lcw#`gSGM<VA>NE1>O_WnqlPaGvHVaOma5;@PVtz<
z^a=|+^;~i_2hwv(b8GKy6Bf8EFMDGOHlIDRQIjj&0@l1(SwUQ^<N(OJC6y?OAjTEd
zq>Mb$b0B1(*&T8&Fxj)8612jf_u#(Yn+pISps~ClMSZfJ^5{K0efZ%pO$+KL{ncmI
z!17@}J*XXyf>hEw#!=g%IXxGY7GAH(Q+>tOkt(1?``T}&r-*)j7e`++UVc4fd+7=_
zC);Ob(BGw{Ij{j<6Y7t|>nG#|EdLDYdtsbHI$a3<18B8=qvZFHkKdKQBVV@ZKcl{_
z1jJ)DE7$_!`Z^;$2!gXqpzY`>YRWL9uPoJapcDekz6kXai2N5ThzX7HwUJ-G13N(i
z#Kv1D*~-Xe=W3@YeZ?vtI3i+Zn>SlMyZ+xVdbGuF*-WbeoZt^~)Hv)!JR`5NCQ2i9
zz7qw)u7<wuzz>8qCdLe7jx^vp&-0O#hCby&ybhCPe`g#MB0n28I>V-$@*Oo0_P_jj
zmQ#YQZW`VzuQCmS{5J7<iItkkm7^uU4%d8$CYcxZ3>rb!U;OGT&KM|zy%~5JtZv1)
zftH6em7`awN3*HeHp4sX;V-OyuKJ$eFV&Yk#FrH_-*$Ele7sQcnSVq}dkEI%txqM%
zwC-#@QAe$HCL{aIdW7D%G~-gjSDM1S{VwKZVAVbR9V}tMnV2VNUoA=7;`(KO;D|SK
z=`X9exfj;F!I+m8!(}}u>J0ptFx+~5VnFGnH`VcqhX4%AG52B~oNBK14;8rt?C)jk
zSV!eMRWN+>X`he}ZpXI*eh-t#ih8C&GIh|hg;7{`a3!2<82dmLFY`-OB~mFr2!GzV
z?M5!jk_s`}xvrgqd`0nWRqi~fvSIr8vI6-+Lm<s$qu=|^98PplmB0rMffw5x%Jzg3
zF;wA%c0O0<{A`!B^PjpAV4RLVdzsvp&xmhQ<+L4IjQfD@yVZzpoFB~}neVDUTg@M2
z9EvrU+`rK2v<ikDKKy8JhF|h0)_70uZC1+&<UE#<&wSPRAF+&)lM}HuyYt>q>cPH_
z8>Q>78luhBuS~oK^D+QK{#3@qvd<M9N~h_u?koTCZl{~Bp}7fc4)a~wvP>3imFyqr
zUUl(KB;0sz7S=95iDzx#^E=N&0@1Cef!b+q)JFX1f=6r<Fqt`y;<lPZ8BIWS$gx;S
zR_QrGe#!kt#)W(*WWCifI%yh-EA&vPS88w=vy2HQ5Jx)L8H7!qqb}|1hwbtKQF@>O
zDTFPUu1YY7BkDQ-Fc~1kB4}g7a+d=V=|OLz>dbt#9LUxub!5$=-@pq%&%Pw>wX<wA
z)+JsDscysZWq$Wn(iyk4r|bA$%_MNXJX6-qkM@w&J;n@EX0q%(a{f0XX+ssf_;LU?
zd0)<XVw_R8go%~Cok_-}Rpv8clAOj^+AHNTPj^;}C2sqnbl7~Jr&0a=u^PH1J5^~}
z)w?|mVZ{$rHB1_bQCS9WB3g<=#!4;_rDLchyLd|}x;sC4{8u|<(#hso#mnP?1lei_
zY2~3#=HY{6)og&I?6Ph??eW}cUyw)fPj~D6;QfL9FD5|KhlkvZqhnm^3EGnWSeSZY
zXch8tCn1Kbp;33aq%_b;7XZZ50;#AiMX$x$ZK*?x*qCG3hXqXPi9SNk4*lOolQ9`g
z)KVEe{8EVJb<5buVsKP)dG^f@>y?S9rr+iPp6TSZHuGKF$^A!I2xi~@hA~d8ni<IY
zieXU~8#XLzf*}(+0<#$CBHxdQUztfT9s6YIP?ePYH3{D=1(J|tCsFa@20Vu+vn)fy
zeq>|AO$fO6Yii6cuK3Prm5`M<M7z?LzF>({R}hVLt(mog4b@Gk0E1J3?;&-MdIXo2
z4`@76Z8%7eacyIP!%N-i-|uuWsLOuIi@`xjs_jLUmKiR5riGu_58(K);OgEMfV;o6
zVAjSwSKm$~bd;eIt<D94PL&qP)h2Ijg8YzXS($*)A@whmronLZ%0%_Bb-ofm^WM-m
z(@_tZbN*x}bM+l6d+`w%_>a2cSV(A|bV|&<y*DgtN2Rak@<g|!)l$@!Bw0D(nk_5-
zJZ}${d$<O#J*G8hWn92LKK^MF8qt%-W~f^yr%&~7Z%&qZWGZ`Ez%m@*2R3-(t|Fb5
z6>AiPGLYq>RK(*_HbH9jrcxG|r(@M<hWt~;RDi5+m>Q?wprDyZCkFE~jI&drj!Ws`
zkMlv`B9ck=jYyRbg%9-nxSGRVKkD{@ToyJnFjj}#sM2kU@h(c0LUG#)K$qsP1ZN=>
zolhi!*X}KBM0`6X3%k=|KRjX9kE1;cL^&2}T*pGDPzGuCjP|T>KQB$-Bc1*<#(=sD
zm;Pi&@`#NBZ=>I{GU0Qhr2CO$q#?>Ah-HqOi*Pdwt*Y6T`gB_8SJrI^nng+AClSDn
z(@q!qO~RrcHyk~xii2|-(7fKd&l(a}d=Lxt{do9OyqcmDQt-Rebk=oleFzT}Av<;9
zU9P%$Uoo@^5Fn25Wd032vY4AG(V<s)u$w8EsrFJ#Udr1zdYWSIjy15OBX0;YHG5uW
zEDz92O9_<@<<?=P+JAUnsTwnRmAB@9od>}znUj)kbJ~N*1->iEA3dFXXy?@7p^_y{
z#Hg}B;d^1|#h$*dq8K^7`<TwKU;=DCU>7~^FR@qPRf^H^o1E2ZlgZ13&3D2?PQwa-
zLq>|g6e?84#3dMtg`;%PFDS}~lJ(~BO#I`F_6+TFc@ThRmDx-MlbNN&=S7BB`~fzW
zWI?YEN3PbeK3RC~e2&nzK;&BSmxO6xJcJ5jozKx_|0y)9Ym~PGOdqAhs7GGQyE-&A
zOnY}4U?y-b8aQ%i>`?Q5^Zo0MTmW&0B+CZ}Ovu9lmbUUWuPIJQv1bmQa;q7W;X6}-
z*<k@fcpP+RdJ!Akj}HHtvl$mGt-B%YX6gf5iXbEZ?B%UXuq|0@^#xR^>2Emp>z_B&
zlsv$P3!HMA#6Q1Kp6CdRgB?v{P)cR3>k=BNO#D3Xs!6jBSmIi*2QJ$1bdMfC@+~7h
z_V8qAuZin@qvQ#OYos6KJnuA-TCwa@&)3t$<THJ9+{ycmAyaW+Nc|HQapQjriosKn
zDQo^wDSy>8GjYZQu00zEQVw|TRYCjYLgtc#^6Y!-P)>8Y6I?_b;blLb=m^0__2|$s
z9PM4@UM3&cmQ0Ymt(&X!Pl9Iay0lN2Km0HF#T$e}If$9idL@%GodqO>j=z;iToX>E
z+)$N-gqVa)-wA2z<QukA_$kRdDE+@$jxwcbG#)@>I<k$<F;sn$s)+(t0~Aw~?d!Cg
z0vP6ev9XuV2pYxehHIH<8K7s|TGeOV8Ky&GCu308N%m&-mt=mwL7X~frPM#s3!boN
z?=FqMgr54!@hWOK8Bipe9oV0^X&;Hx!g;Lx)tuCf@J;WFpf9YD`YX>v^%cHxkCXOy
zJlX(hc~^gKg+;^rY>i)P-*p0xAAjgz&P0@nHnRkI{_bhLo2>l6Hgqq=vM?h%Rbx-n
z=32gtwR$M2gB@@}vL6t4B0H63MU{G7GJE5LE*adkwlvkMV;6zNd2Vlgrs8Yk5STd-
z2giIF*Q^ZAjb}*4se0XhP5l&9%Db;~fi()B{^|JxMl!;OnKiVEHbvQK8(K%GU>ORV
z&<63;a6+j7=5O7X<c2T4dJDAvDxiq=P@oFB(Tq|>sXHDj!^qEmwzx5_JVKJVRyGnB
zIUvZohD)%IYyM_TcU9iGMVZJ6)N&yExuFU>csY!l_b%)!>R-A^4A{QfcgdsrNK{k%
zjz@3%knh3}(Y*nfjfx+oT3A2mw+Y&*L<!)H4M)hk7?8y6euJ3ZO<SlxnS++i%ao^z
z>$g#(LqDSbUw%Pub*FmMc{c?C@qo{`fax1iYfFhn*8DVjk~HTI&T?wYz5P=u`9HMM
zP6AMtOMvsH;qGGH@&Fp!z4Co%60uM5{z&^(eXZ?0_|iknBMRqG=GRM&ev^nXgVEKr
z^(G^tx-!4Z#Ac5P52d!nPRowyK=>7~`=kA-{;=mGy`0_?nBAku>E+@@sYBj#dEMi*
zeipwT7<i3_FIg1A55;;RDGu|%nk<W@rU2mPn4K{6^fNv~zauoEJ4A@?5FsXF@fN4%
z^&o28T(ukT3LBvC?3^V&7#J;vHw_UoFnb7oWjL&fi*j|l%=-nNYP*!K^VjD6B_uF*
zJnrHqn=oDCrwTvCjuX~fg-K?I)~%en@!@ZLB&3yd%EcSkp@%#G-r+bc3l@oCop?z&
zVv_;cXr&LnbmV&2W(u)<NJW!2sl3Df&jF#ga9n2_8Laa+AZ%*JaWMB<Zm+TeC+vsz
zZeG2<psIDdwp>R^Q1aaj+DK26)uF@Hy*?0lF5u5-eQ6M5kh7nDEQ#;<`#@b~J?u+=
zl6M?1Ms3pbYPxJO-}{!<ut)b;=a_ML%eh6jObp58ij`N&bEo$;7F}qIZxKOxYunhm
z-3hWS0Gx)GZh;x?`O;bgjF3Lii8VZ$IS#t=?1P)U&eemw-2ZqkaYA<ar=66SFUh=X
zZ)#gVfFX_Z3{pG5@S?=bX!q?J_esFY{#6cii~ROMIL!LNyuX9vV^z0uW#5SF-;qvp
zt`tWB{@rDDW|huawfR+$Q(NNw?4k^8?8mm`p9u43_KF+gHkZ^_0xe>fw0<(oju@~H
zwcBW-Zi659Ib%N3u~)k!^t^C&`|6at6Hz31n$lmc;C5%-UlTf^azNOBH+HlVuT_-`
z91J1orElDlUt>OI*V)qu@#sEm9Y{Cq&$}#%ofB8ULLH8*O-J6z)$9l%R7+Lg*IyB-
z4PSi!@Bm6sC<CFAk!~I%eo;e0SNlQXNFm@(Jq)+CWP3@-D8bcFIj(woIdebt)l;!Y
zv*d?gR5U*lrG2@zX-STa(D;79k-WPGa6tA_Mtf)t{&$4TXI{i*Sd$&dimSib1K;15
z5Uj{T|1U#3oW%n<uiITC+2{m5+~?3(M!ktcnihb3LG>I4Wj_!?CAG3aK`8nxl?fv~
zXnn-zq)b?eCu6F4rL+xF6>y|QH2X|R(k^JCy<h{S@M{c5Mi2<3i)z&$oFLXEt*^9K
z{rbB<L$7e{1~}3b$KSOtx%#MFa~RKjcNMtt)po1pC=j%t?&3L*<7uN7A=5}t+Ia(h
zr6f_lzE`iOHf;T+`-EmjY0XVt*WLP^{W~Rh$f;;~!c<6N6v*(6j8UJlX<46GeAx?H
zR&eOgLC8CxoZ2kIyq23K{4$mQw8tnhk~5tq=WGCTByD+iZV$=f<iBZkov-40d8{&e
z>0mO*m2WuK%w>O4HzsgwE(IdLtl(UF_k15QNh}y<7%O4v*x_w&#@y|<Jv}efw_reM
zr|j?y(lw<#CTG_n@(f`ud6iMT7fW>M44f2!WTeGv&Iz+>&$Gk&W;?ce2(TZ=J+8-&
z&~-vBg8O14vgZ9u9+A*;81ZT>8P-Llc+)Uj%T4#m<wf<yjB8gi!mi+mA=h6(Jo^Un
zLzWd<LbZ>k?Td0oq5q9a0peF<drUJiDW%aA%r=Ii#BoBomSG>L{C7_&0`PQ%E33t%
z`Az5KCImEnIwsCkj4W>ZR#IxbzYD}I>e|&^a4^&>KeT!CS*)cZ1pXt#Jm0Q_ZLuTM
zkgf!JH2pl>D|W-L>b;U;D>WsO_~68x$x{hjGew;qO{KVvJ9Ee<&nw2Gwk?iKZ#s|G
zA+6;BtMQLR55e9^%yv+Opw|f{ks4w{Ub4kil)GMCO>dj*sK5nnn2fuQjW|vvdjXet
z?j38c*CcDKSz7N?5xhpQEwv2F1YG7RSbl@wm>Y7dry@Q{0&=mdUmo6@%p&8M#+7zc
zD=5gt4Gco`UP|tkGM)3;ROgf#*s7|Pyg;sDa^kW-HUi6Y#`IH%>kqrP;hz%-adN8V
z6nqQT6uM}Zu5)ucM7y=xm9lHPn6Ywd%;=^Z)mH~GH^rFNF%yrA{*^zZ&~A~3N1hC6
z)pmJkO@W>2tAS}^ub%M0i?VqSWvLJ<!|n)84KYqS4a?TR$dw@~;MsrX;(KNCSchaF
z)@7z$$7z^vGdOY4@~b0nF<0{o@?|u%0K-d@BEQ+;C`Zh-s13oAQ-gA^$Ja{eze7`M
zv^C=+<FzE;xFgL~mFk(lRM3B?35_qD`E&1HFB&!r@WX5me*YBoEmuShJTNc{Aeki1
z$Q~*{-6iN7dCWtK*NyxIwIC$Oq&6XvDV@DHPfYdW&ze9E&*vQ6A~~sd&y;m&FAYp)
zlw6nR7HND+$q1F~&Q4fR8c3{W$Kys;F4r6Uje2JSnpED`;df24*U;t+8IUwsUBj%v
z=MlF#{%*8Lk^X}$kN)q706{i>6#!Cl%%02q3pf_8kd47}^!)~|B9Om##e)S>5__uT
zRG4Ry+-bNuFR=(spwa@APno}=(4IY$j-Pv+A6PvNKO91|Rb9;~$VI6ogq!l%icx5_
zzEYWSigsxZy21YSJEecW4<u45SbhJ;f#`|r`ZzQ&gMgQIgOF#}a@`Pgz3SHtf64gh
z&Qm4KJg-G@O2X&{6EW-n!?ib~HbT6={>ySNvO8?&kh^Rlad0j|TkDN9hf`^gn~~a$
z*@=YM{54EprmVV^?exqr#@x@(*-$-M+@`NvZDhoHr;?zsZ8R@EX(!nzxqTz{cYs{!
z&JLYMhAwxWC-t<fG;6zJ9L6s<YX_X#CHcDz-Z8us5uy}MI${IM8%I-fQbehX_i&mR
z?k6ewqHHeyCkQ>R-^`wdzxN@6@T|p2^wI*$h7P&aMJ%$jQB5Df%}qH6!UZlQu&+ud
zRNNynuoog-4iE#Nri+i3q*PvFJyl9toR3-|&gfY=q6^q}p;9x$F#FNpr3`{WL7qso
zU*%)=qiZi6?bRM${w#964pMkQfCl@-c1p1kzEy>O`GJD)jh*=A0MmN~Y<SDgtmuk?
zQ%U>;97&jrXg-F!rm$)zu^j;u-dF!+m})=~l<*ufj4(u!nuWRBl8m)A-j6sFt5r}q
z*)~d!StQY)b^01X6_V@kwiTz?=ZH$<PcWI{L#Vr;i2kwX<u9_X7zQzrM*s|W5^6=T
z#w#jI@jn`oex|9B6mrr^eViACn;nHe=4u?;|D*ph(l9nvc<_MDU;5814UWk(y`Mek
zjO8Bg2jN{VwB$4&;*woGs;&$U>{~7&orv0G2k|S1h-vcZrXpIBUC9K*Gxj?$!98V<
zvb^!px_-GPkjJuylv#(;<n`OH%KW5qG;orPt*^qYBRqW8x-!$|lK=k4zxz%~B)gP=
zD!g7LNEfPUh~gawl9_CQ9~I1v{Nh()1Y~w^^K=Y&yvDDBQwTDOd@^3pBU$%Rn>>0=
zkgM1^c;V1T%gOhuvzgFmx)g`_QMd+jFhA8CKwU}kdlY%pkOzvn7CSOH3#}6|bqj+R
zOj(11q~xJI5bf9THGS^DArB6C?#-T@u~rqHnbzOV@I&O`YJRJs5idAVTC$}+xXZQZ
zAK^nvG^<Gs0Dc{>U46T#|7ojZIeL$xfvRgc8YNJg9a$#}tr3y9K8g*+=tIlv*Pm2H
z75Awf=FRGeh*|#21VQ6}qWAolqn&O5$V?b~LTVM!ZXXhoNn1cR=QMNi^tt2hkF<c6
zCePd5U6IO`gVVG5&sw^f=SOA&hv}n`;6BC7Q<JrLfP~$-`yx(w^6lLhqSn`*E6i_-
zyDPDu>_T-#L&_B+-pJb9js`92lP^XSMqd)eqJEE>G_N-o?XrTrNtHYD8IUD6ikNzS
zjH9m-#dN{&X%<g5ACCAu$(A%w??2bt;M$`0G~8PMn@YPe7Mfd6;|vQ3LGI9quFQ21
zAG6iByF@2?-!pIDoi@fCx4@#2vEu4eukKM0-SQ|?5B&i9Sg}8085EMB>sVSOjAW(M
zz*H;5ODlm64PaCe7yW!kLz+WW^F^&b&`2(kwc{<}(-0s(lJ_XWd#7)NHl-b;%;^YR
zBlxJkv^Ua5kVS`$b)HHj<N6SczX}%|ZiUTve(r92LN^#D7v|ANQr}SxFw-}(wYs35
zHsi^-+&_3Zf}1y!KlwiOTR-f_jQkYfH49_{co_Cr&s@rpqoZ|o^))CV{JRNNk{s(=
zqtMqbaXYF^c?$&^stYi$gaxemcN$7X5~48Jgnz9#tQ#D*W}1{-ebW`z4JjC7N>>vM
zC2m-wEY=z?ipKh%iTyy};haW|7yvO!dmZd`C?;}`d%0v|pbaC5*#drRR%&!s*;MM)
zRW%Rt!#4L=Nnz8_Ck0&qw0Q)TjD{#(vA{~7DHp02(#Ht1Y%yU{oqtbyXV=o_m`{Ln
zAK5|Y(4vj(n@7o*lN+-97P0E8QN<!$I&^-~V1pp``Rl`6kl-&gkfv-_e+I3*I@YIr
zt9qTob7ENb5Wt_<jbeAm3R8|2;9htevi0Y0)nT7l%o$QY-;AGre9Qk4>PM8b0F6KT
zE8dsXhLJgbG<W(dAymI2!wQcnDk0m^H|bvZ{qGcn5t!i-ecTs(#X>_PX#;p#Dc(Qs
zq&3Pen*2j>Hm>G{l>7OAY|xfi_E4zh<sTpsKm)12^JUmaw&m~Z)O-3WaqyTIyfYF<
zY$oZ(eWm|af2?A+6r+n3wY7x61t6W#!E?c7vc~n_pFn|k3MiE}*o1_VeK5*r&|gI~
z-}#EnYwmDR*eQ3K4$N~LI6=0i#()1H^1p-4nfND}7Sx&*_BuZ#bwr?8sih3h#RKi;
zk{}{Nvlv&#9~QQ52>m^1XN?2Z^MtMeS3-bxS@DMSf~sos4o|`KiBy047VzhReu=x;
zm}*QMgM9Z#TXru+etlMEF?IHfsAwH#0=OW^9)2_2FG0A9uiRZ^zH$Db3eym)VmHb;
zdi_aV2WJ`k4F~q?&gaq{z!A#H!C(A3b9jg;%}d~y3Hw5l?W@Ez&H2I!M4?u|jnYn|
zzX=1LW0##Bc|-NZe&lg)s<ZJ~p$JhG%FB9kbDNiBf43)d`x%L}m{gG?bBo?PYsI;U
zR$2B-;D5xSSK5gBG4g}Z0pI)`reD_VE0%w6f0$D!nTzxX>feqAFr^KdhAZa$p4Gm6
z%|-;NaLO6~9+yo(Z{En(U<T!Gl7G$N)x*HRD51T6kFhGeO}Z=Lu=>diIC@&xCqQ=#
zmZn*)tPt`^&HJ=2FNx7djg3S1@;iIPXHCU?rqXP7cD-c<5~A-2rhvmg+k^?^vj|2t
zaqet@USq~(^Wak(<93_Ai34>PQ($7!fj|VOHvqfESru{ei#)d*ncYy`H%!3`jPfw$
z{Zfl9D@M9Qh{tFPyJzTiqO1(kHrTXy&R5vC-50mM);^?TGRWmHnyKQ{gxlRBdEC~g
zef&FRR?&!=4=SeCg{%;j)2nSeT-uAb83gzTx2tY;tsgw6suquNuI#Ex%5L<z1^N(n
z4Y10Q1aZ5&Q{vOk%{ZBY@I1f_C{=XBuXe={sh*v%>bFX@9&(dY`neWgrDnM;O5(ZJ
zyvsCygBx{~5pt^m$E^ET(K}f#cg*63Hw!Z}>2LR@6Zc6>{Y#8{HpR_>=zsKgk-l;f
zUiI$paW2xM@?Z)&NttXvKU3XkCKM6qz9`OuZ)`}BJp=<cf1YQOT}+c*(o};-&2;OO
zyl{7`zAx{8tah1WUtu!5g^o;ShV0o5Lp71|!45vYb+lx2c>wlWtRsGj$CurzpPcn3
z#eYS5>kiQ78`>05&ka}ZQR%u~?#<24zKrg0Y^sjta#z%TaPYYe?$M4`X>QDMP&0mq
zVm20kt|rQow`=+<U1K-98PAp_EO11Zq>v~6;@3q=GP>1L9M+!Y!t&;Dov#M!<B>yR
zZGfEv@Am7tc{G}G0_vE3NZBgv11qASaQ<zlTQTrnf_97%R2u^;?3OTY!ynXRVCkES
zBHgH%yfBhv@CFSb&MRcUL9Q&7sv-j&p0jLGzK<I*WqIqpyg%A)>+6lBQGbfr+DqK2
zS{pZlThFi<EA`FQMt|`4vSb7fCmcLl;vr(saQJ{2wCLR8fN<0@LMq?ljp*e97S}-v
zHGd#zuok-&Wjk5*$73vPW;A=5l+$@brg2R1kD3mpfZShn%sO1l7OC<KbG?lNr0Ir2
zWQ`$~m&*E-2bG040<zU!csG~Pkt69!svu_5M<FjsBHEVPdA@QpbVH_qP$bWvq{&~G
zb9_y9$rCfoVr58;DsbCQikc!lqT(8y6$bz(Ka^FeN!6AziuwzY83FdU_|{)1;H3%T
z9kXkW#$c^Ky(?TH*d+Ii_rLdABR`-F6gWO{WN^*zOK^q0lD$xN<A@65OoO|K0qyJc
zNnav@vJOBj_sf;CM&pMKiHrV**et&fRZL|F&t(@Tru7n4Kl$JlvpYk$U!Ej!01YtC
z0a7S0&7nKf$O$aqowz8nQY;hM#uKhlgR6ji@+^ftu1v{P`6A8Uxj|BLh!o~R2L-Eb
zr7<t^^*0+OH(Y+Gk*V1}a29DwJlwVxs!Vf&rdrT$&erb>-PuzRMPBPTe=ex{C~EN6
z6g&`VydkEL!0VF@1nD$}BUfIeajEX3iB-u7WKJ70`Bu47n*JtmW^04WMU7`?S{Jum
z&P8ln{`GC?4_~7?`X<b;CIgZ8u153cM81nyCg1g>y|>KVmUeQ%hUIcyz1_Y!gMqek
zcmsbt^M+TYKa5^Wn7ZQhay7gzM^U_Jh7Y49q0-hi)ax?*0fZ5eLD@vyZqx`Jy0UIb
z;mQ7<I?gRAGRq)I_K@y(qq+|StR6u?<pfs3RQ}zXbZtJ7!IZkbB6-;;zs8@|Z#l6(
zC1-TR2+p;0E`ow|#TwZDs~)=rvBI`P-Mr2=Ufu>Qa8gg&{Om2$fW3*UgEWJ9dQ*|3
zbR|E<iU9Z*UvuBXnL{gS$$*AY$K*^Ga*YyX8WugSPYQs*$!tr;Kl>En*Mq)@#{+|1
zq$*#JA;xrj(*7f)YmBaKbv;wIoK~gO^L!WdmQ3n=IP<O0;{JMeljnp}-l{qnugllx
z5G-T$`Rx$Mf@t_QlVxC|S;#wg)9j?{ak22e3)tSovmMp{Qa>|mcFu~PFH}mb{NciF
zuO4$+?iHgv;&#7io4k}dc8C=muc3m6M;@!SaY$6A@#-xs2cN<~MJ!Qn&#g)47H_?Q
zbAw#sWiWMSSKaPl=eYfzrI<P&%baKc9=z#}{StPJW4Kf}V)f7=df1Kw`7(WrU=d80
zB!JL=asE}21R<Lb&3EUg1fNUE=8>eLWD^T<Fjd+4mJXjBzL@YfLxpdsA_<*sMXVt`
zj}$VxtOCg<ZUNd1;wrhcQlK?YWLCiH&yhEMr=NV9KF_4ZCq@V@vAlDzBc+LF^eq=`
zhFO(F=${tE|NV(#j}$%*@mnXl=}PG5mT<tIRh244;yN}(h^~{JrKmG81=yP1A`KgO
zPv50v7mIt4^n-nbS%IJot5;Cx<sYUD>&pv`ffiCZIq8_O0Gm(mTnW~GXSjKYbG5@;
z^n?=NvxG3VRt6dv2tW+|23~~C*W?5hrUN!u?+Qb?)Tj}+Rh`yjGWd*`C9Ie&RuLdp
zGi#dfc!d(nt??vHe|wr&VNS>|19tt6QSqP&T@qdGJrr!TRzc)i>q4Uot96^h;Wav`
ztE|<gtH|FZ>1k#87d@HIC{_lq?+ypI<zgyD!4wmX`!)plSJF3#WnCy?ryzXDv6L~p
zY%m-N?;eJvMz<ISymxS&we*_+k6#R!wt@sVh9sV!C@8BT-@yFqa|e8Go$U?v1_luL
z1%;zRHH6#pjJ7PM925-rQVedB7kf6?PX$itue-Yu?gWJ=_{|p|gTncD*%1%<^DlI_
zgxXr=zl*0J@Nf{~@sKX*ctVb;{0qZi2n@>+QTc*5q74BrWj$4dN>&xgmo9OlA3Vh9
zLaHVnQKpL=zDp7ZhRe$N{tJc<^M0Y9>^piK(%9sxMU7|W_wnUztED%3mp#VXyN1Gr
z57er1Jhy7Ftq;3Mx6-W}_oHjJm)7iFmGpMvu$oPo%LVRdPgwKV4%H2`%zec#GHgTO
zoCF##6i`wA;sK0NL2r-3_rdpEJ@ds31Zt2qQduRdqTQ;hFU?6*g|TUr{5KHuLNf`U
ztq?};2jL~I0_qH+@q6jAfcwd7F(=z{pYlj<SOm%mKgSX(jui8F{_AvCzRALp1GV+K
zcRyM_;8k<#gsBH`dB*>h1`u6Z%qG2R6yIyAL5PFHev(5w4Q1;#d92mFTY>wPNY%fd
zB~I!K<eO);EEge4um1j)yUb^(V;T&u$Y^rL(Y~mb?jLi;Bf7yTC3=C8x?z+afQ)X}
z3c3*ZXLLe_>AgJy-v^I4i^Af{z0^wtGo(CmtrdZ8!`GO7=PIeNhU-b_-MT~I_y3E(
zT342x;D-7?mJM?FLYgO>I-ug7)&6((Dy0`U2sdYqF@CgWhXz&w$m;_JCi27WpC^Q?
zxX|;=bjVTyGbIN^sfBeJG1THHy|zUuSbVj3N9IFglxX~shkPwDpG9~I$XH-r;&LKF
zWJoHV>}NgGWx-j5Qd}}<Q?`@1wRkODmzw{H+U(+0z{gqIuf<fJuCRYYd8t1e|H?Zu
zej`yHmJ*32c7B^nl_-Pv;(GD?^HoxeH_fXT9QOH65hCaC+0(~mq%8Lp4z>GTqEw44
zc^^TEW(&q!Fj7QJrW(M&_leF6tgWsVxU&wI&e`9XH-F|8M}7zPINHwO+EGNvvtEvG
ztQV`>tFe-v&rVNw&h}qm-j-aSr9oZDvY~atd77%!ZbI&ahPZnxCL8(+`&gf?KB5`6
zs@nbTACCP|Kho`OM}i(H(NB^W37J8;yFocEj`%dr>ti;+5QP8yEACmKvlt?7RfxE6
zwNDsyKyC|t<Z#ORDA}wCzx0=KZ%>Qy(08bsm?vZO97xqa)Cj@ceGkTANoIVgqgDF{
zZiuiLS!mRB0yLuRO6eBz6zqt{_uc4?SYJCRsk+2s`w$ZilB1Cj-TMaP(3xud9XcR{
zWz^FGSJ~;(c@>BZbscCK7&y97ac}#^<Kbviy?g<gto(Oknr{*gOE}|5rTIS%@gZ<9
z`kFYRb(PSm-bil6XPqH2Q0-u61!ZY9WFo0(D2#KD?hy}_JP(f7yt4#?Bx;bsZECPH
z>VSM&=0s@w5M2OvmCEUupZgDn3utoP3Oj`ZU3J?!Ie6I#(n@9=hM4}|R1HTpw2J@Z
z4KZ{OIK}*!bybV^S&^Q26y0AxF4i3U-7hS)Nli|%6ow7S5EJf6vyjpKlK$-{dTb}0
z<&dUxiAe-~ggL{qd-5)Owf>VC&*HDllp|SSYH4IY<9>L@et7v1B(7Fmb3YCaoI<`2
z_3kHlbjD|wPoxD-CCtlKNukjV(*@(9|3;DtSCKyW1=Q#cSEqghe)ZDgA0e>0S6H!Y
z@>C;Q5f;KKR}-vsT^Zx9q`gYd49bS5L#bKYfL@0-Y@ewTyKHeGd?Om@!+6-4I6ntv
z;mz!&uq<RS$uC?EQ^W9UMoephHiXL?-hnOgg_c)ZS2#T%VE^K0DVPmdF?{GYzKYR`
zuyjc*@mKzA-7*xyKu+H$t<k3>e%y4D<6gC8_yGH_AUZ9v9=btr07T2Y!_h*^^DT;f
z86cxm<O*O-W{xdl-g8|6j78$-naH&K?mk3+uOAa%o=>9Ar^6(;?+@ju8>XUdgtPTM
z$-SG0Y8{Vs1UJuYBQ4$ZCk5VGMuEOeXqqU>751nsI;$nO)LBhNCw2mK7&e7@gMVUZ
zUHS{Q-^?%YAu)71{sqd+!FgoHX<2Czo3SB4!yoNb=X7p=Q!kg}dAxct-o4eT>$Uf5
zr*0_Je6+dU0Rk&7d}ewAL(QL2PFMV^=%!W4rS|cbXM7;5gY}ThFQ#267Nu~^0*1PV
zke{QdKh0368}f$#u3u#&^=W4<5p#|6Soiyzd)->gob|FLpXQM;_e9TSptIwlvQO{H
zylxPTSxI~K1kgN>izQNMuoaaiJJE}3BOOVClzLnU-bOh>R|Is;{?`aVGYe^C57NkS
z1ocH{jrRRb!>#)KHx>Q+ub4Hvh~YQBrn;rBl5Uc3?~fMmi{s|>6N8sYv2F*`ga1hi
zSb?GL&rlb5eF?nbyZr^&6Q=^p#hrK)pUw&8=*wNP%4Mu79J{;_pU2fk;}z_N-0BBu
zGJ#sZv(~zvX7u(A`nbl=>tKerWN){UCg|^`%~MF-SS2$TAJh1TKVwzTvDtO@_?Rx5
zN2EN#v<p$MZ1XG7_l~!z0G}f<!F4Axr8;ZDv_IVn1@45)T?5j+3l6ney<zG<Ao&+4
zY_U?iKyV`vj8qXZFn;g4N*BHVCuyqKeqzS0=3Ii&%6$vdwbjGpX2agkp7b5P{f|IR
zG?r+_jY{*kPvDe{P)$r~_EsQZoi3CiK9|v7MU3975O|Eeio=#uozzoRdS~gxCx>25
z{A@QHNfpGunKjVLuto&p*$`&r9v{ZTy*x!c>1x3wN{8s1V29CLR-uQ)Vb>$jL@x<Z
zi?w~>gh9>CL(17LknvqU;dZIvQcNu%!A#po!SCK~Y_86HH25EzqTUdN-_8IMhEJ^+
z<cqfMc9cBt1I63?FVXc&l40a_EbW~74>boDkDcm2CfWN}y_UpLrBLz_?(c>s?_$S|
zg}0QrHu51i6ovoS%U1k3g-x2ZU$g7b>MUz=zdRE+nrD{7Pr})X+)ih2tGVQn5)`vz
zwNG54NQ_)wX<~0!paj_2(w!r1^eOS92&lk+MqaZkk`FR4U@Dd^zDGZhq&87#>_jc9
zpo3YGW?<v!4SME@jR|*%6st?nQ4ksc@5T*pKwY*NnIwO^Jp~dfpFEx{6}^ljt<#rb
z;n`OcYZG6L|9-va{h-OQS+SgbJX0U2^Vj4x2?6u1S%XyJ8`|$}`DQbBA|!b*M|x=w
z<HQf|epymjZI3$AUgq-sdc42$f6!pq%zWJSvAdQ%7)K&dWoL+$h<?u+jMaxX5$cVh
zB8eI2pTL`L&Dk13{vTCem48k0h#QGE(|?Xi#|^u7D?dmA7VOwP1j{#=3ef|yt^#<A
z8uNBg=weJmtA!E4#4Hj5={FamXn(V`g&AlXM=zPRE0n0!CYMa3A`QhW>*bF{xc&2=
z&OU2lhogLZAK*WymiY5IX|9;^`+00HyawTkbyZZ34X#4lNgH7IC3AXkyi%LoSS|PR
ze$>lXxurEzz_c_#esv1Ak<(qSp1R%tdct#F3p1!RUg|wZtFgP=S<X&>ShyyW8-JZK
z^w16a>as@t&QktG$6u~<PD}H}3-2~Y*jlRmESf!7Oat5Y#!|gon8JVcswYxzcuziT
z`Z)kzIenYHs()|YAlGnRMy=gd>j_$TnAi{lJXP8_1J~2B+)J$bx}>#sE}E<JyYz{-
z&7CP*HcDx-X%o?n{{(mo@RHRb*ge4%Au<flJCP{?GOhYV1oX$E1dfH4hmtzyq0Nym
zNr6$je9q7VzRL71XQ(S$qhGc^)6pA`ej=`C7+R2cC+_zgj`ZNLM1Qsca1`Axowk&f
z!av-g0%=^F3><G2?04*_flU239wMo0**TT7*UD|flk%Pm>_Hw?B`>R)>m73e^lk64
znh&ABl}^2RAh!>Ta1b9pG<n+u5YaG7l}cRu4ws`15mqk2d%4V3i?gNvwQ-U}u9G*`
zYaAttDueT%RH>$e4-tVjG(n8p`5-&$#T;kkd|1mS?;%3re>oBUr%uA_dV}u`avGFc
z6XH7jV576j(wKsGJ(9A!*;ApHjx(f8Tbh-mR9n$O58C#q@a8f^l@W*}X7WTGPmu#Z
z@4J@_(KU)~j(YA_{f1z=vu25_^w=y16(%WGHPaQq-w;2^l9CK8{){?kDP!Uf%odbo
zSZ1nLl0=mm^VhpoqLU-;JahOq*0FZy-4~9bRKqvtMSJ1$L7Y2*ZLLL7IxVw2F^ZM^
zw{T|0(05nw&EtLBTBz&tlMAW10udVRt6$cv9GAFy{E6!^^wda8hLq)$-LSoNfT<gd
zM{+mN>fqEucKXpSRO>7nVy}xQ*H_=$p7-^22Ll4$4dC(=<pkX-*)Lx8TbcKB7vIlT
zX5;<RS|(dRH%>f~Y(d?WH+_FM{O%^=)0}U9d%pf%1(aJoA2%q#Cz1gela99fJt1>Z
zIA<T4wlgk6B9{Oz0>Ox?8{U@J0*|A2j<s*ca~-c2j+S&EO|)B(#BRpjJZ&y?H8W1U
zc$H+%^pDF%H+=-$$}Mj$@Vvic==m@%OdKqTTplrV{NP_e9qjHe*00;d0H>j1y*lE$
zwMM8^Tp~3&ee-kUktK4t?{!LqFn0#bT(e^fTBpR-&3&mlgU{<6GO8OfQox--Np;K5
zV20G!=2-)*Cx|~cmY_{m`IhTgnS{B^7E?-nPKo<P*D8E}330|GT=wM0+<^zD1|X}b
zf4!Wuv1C3H?|VsnyXSCYBH#Xx=1FM&c*(S1qd;wXddOB?P%by&sD6==!q`;}F6cBg
zQcaA3x=H*3{Fh%Y`h7XI7jFNQ#s;R9ei44J61#E#+3roAEyu#gN#m9|c6|9&iguVd
z!F2epztsfDI}ufkDZV&kP{_PXmX@C?0kY7vT`<Xd2pt-QpbE7IK1V{y>6>i0e-moM
zB*g6XrElXae1<b;@nN_#Be6hFOB-}fAaR#fHqj@f<cx4nW82!-4kY%Z?Z4z?Y-Z&y
z5^<l>Q+`7k>qr?_BR1x?qma(*7Av7K*OPO$*n$BJVS<^jM6}kduzhOy;BWuSmpSW|
z**a>zX&Y$i&<-_6e1~cXw!Tyb!Rp8UBuv^Vn;tFqIR4nz0f6J2$RkAJcYp$;^pd9A
z>-h9Z>xQ|FcFWtzA>3SXgc0BLw~?NtUXH}GF#3OE6%#Y0tX1*nH31WE0!n)<Uim6T
zp}+HhmOS)KYvj~CM!Jknxr)!4x>*%vdpq_sae<?4S8+f#2-)?k{z3hwr*@a))FtBR
z9w;VLU-}ty6L>d<!(ca(pY`^zm`q6E9K^a<R3r;_+riVmajRcIi^6W5Q%;Ouf%ePR
zGC-GpQgJPIKrS?jG#m<(YP{H=YX;0#EQX>|g<uWp^p^ti$a2votL--QDALbxqG1Is
z4Ojmqw?U3qT60242lQJBIBD>nMW<A&U34>ZpKOc!*tH>UUUq5hvk_?KA-%OqGWZE*
zdXGm&=+n49LD$|k?GrB!=sHvWvYr1WGs7qslK}HTWsEcW;#Ca0vmcrNz^Ca6#2EvW
zt~0FX!7tOCDLWwF1n;ihh{F>>pAZe|?8`0E2fB*_J0S#j7w1c@cMs*|TPR;H_7m2l
zZ`;+KUmWjV2=5QKcJ5)_I$Hp273LXF=s%BCE#Cp)Tv+n)jFY)clho%{s!r*b-O8Ya
zc(O&{#<PDC%^CP`H4q`D_zFW+O;HuZz|wwT_T??zze#s!LZ_cEl3j-|#L`&-IBBGi
z`^mw@&n=xch9;DucMQ_`DV)QLk)bzumVAsk%H8=KI3E+g3@j>ckKFaP|HQg{sV;8h
zxq<jM7ujco;gE-d;a<FoGi++Rt!c@(5eigyM)M)oBVXKK2n+fW<FV*+JI?i6-k$IG
zN*o`R6A7-9`H9y}lGMurhG8Ed@)p76ZiQn>*Cx5>wd=Rn<MvGV(5E8uh=uB?ABq@Q
zyxUat4Bw%nvhl(H>qf^1$v=!cn8)6fVQnm$B8Gq34_F92O(jW4!6lP7Ow>dU=$!rd
zr5e|h4&`sHV4v}&h#{1S&waSM!pxb|o}JHr#c9T<2Ub#5X&I21@G>E^m}!t97;_oN
zP#8=~A5EcwtlD5zaAfNfY`};1%<ib!GgrT9k9~splXQ1<xbb|F)1oO%`edcP;2x)>
z^=4U`$+_@jm&>7A-={M0QtYI1X3PT@zZ`3vL^4;B@)F!j!kc989Y!ZI&!B&V7m6SP
z$UuoO++T)nlH8KSF%;=aL2uFA0Cxo_{w1;4>?OOip~Vy^9S^j5jsFF10jy-k2DsrK
zm(J$TOol9Fi~2H+3&EE*>1F^|s~nAejC4}QROrF*iRrCuqGjm|u-0Bzhx>QIQn<gk
zb#ea9vh<5^)dONJbw?afBmOvZdz4g+zhU^TA!LB}lb9-woO&;LaHnXwQ70RHE*T@)
zUb{gn%Cj5<*_H>tX&;$F<lxyJ&AK{&-uJp!v#Wb^G53%|*i2Wdc2JKg_k|!QS!T+H
z8&vPuEP~%5v?mJclQKXrj4gak_>K(NYIqgOb^(u&6E!^NKg%H|vYKwb^N7~8L2>2-
zt&fXimE)TDBEJ93!K89^j6tx>0+KsdGm&$a=^mDx`kdFR>$}0<@G9efeZxA>NK>l^
zOAPX&-Q@0a5dozeNc3D0+;WbIUtAG9At;gIolT?+x6u)YWTf=A+6S?LT<{I>eyc4+
zjLKSHe4=o*+Y4Z7zase8Z5zLLBKqL|h89}oYqX=}hBcrp)3wj$u}{98^3D(}GVNbu
zV(gD&7de$rZ1lf%Xl_T{SA6pqAL3mJ__$|HBO_^j6#6#2e(;P{7}=U<KQ5V%h@bnN
z;t59l04LRf?9qm=fo(fhvZ+NZYRem|COz*lECi`VPLrj{eX=Fw^Ia_4p?aZr+sB_-
z&Sa=cTlu*5J4U-gFKG2zX8_M7OZ(PD*7~Vc@OD>dCV6lhrwSNVVApwLQ9hz=4*=Z&
zX@Xhlv_$Du+O}<lgjzs`h1Ap@ExCUB?=xThUoIUZt$7bXxtadR`r$jFWKcv~e=8_q
zVJDPT&CmEks8R#hYX#v;8q#Wn&-v6&L=DdIM=<YY_<gBth}4ZDc1VM(_W-cEl`D=N
zG@;7=5=kgFn1BlHP0!0`Kc&e~2wP^R6NmVztR3Q;s*DiGW!61@Df&WT?y1{)vy}UR
zK=Rw3S56^1D3Qu2`)|eY<semuL#HA70F<z+rNh%lpNvO5uMCd1TEp!?u@wdAY8NUm
zp=pj&1{D9z?sP{}ou<sUZc;%QTF>Zqc@3M1YX5c2F^%oeN%~v7^<}d3yyQZEgkyaS
z*!f#urgKasXPp=8W!rddbUXm<A#lh#BYC#u96-v)9)X%zxSqZ_V6v26=>K=7g`d|T
zkGosO_9t5{L$L1;t=n%($Vw*_qCYF>{IvPXu&AQhk&{V+lAhZ~MvzOKKf;w^p6TBR
zmXfS*D=<UXQmWMfWlsNaP5HHrAx^5^m&fbuE<?({CW{UrnLgUvCgn$8X|vvd3-5RF
zY>UDcB}?_tvA(GmeZN0CEv&av-l}hVSm3^Xy-vE94sPbcF}jGqM;n_~u^9c``IqL_
zl9}0ypf5yZs&^HHn`ALyV5d{w&4>D*S;<pXuHu%Fd6?R^S`Zs~;QZ^wojzC|T+MJT
zz<^8V{AjfP`g{v%bGA?$Sr?s<VoGLy+ud=IN1GsK$>$!a7IUF>SnBQ^20SLc+gabD
zCpLfYFFZBY_h9r=dNlN|Jtm!QFfxGWUMLs^X1S@#855_x3s#2hjUnQ{#;{zDXh`t;
zTg4im;k{|UhU0!%EcE^zHvn#n*;EEc*m367I(^i#b!n?tmmUkmZ(1|za;*wvF?^aj
zMifaf{IcI&5s)4`&i8W0IT|x6%}9~195a(>a2^?{Ud3#ht-FN$U&r-NqbV``j65B=
z>sK2?ZTqwKR&k%KDFrt$Z<zDrt-Z5+!|1l0C#9{eye;tNKE)%o$qoqyA0C9~5q~Y=
z#@>799Q#q^K8rNN71cEPaOd?nM!^H|l)P|+uYTWX>yFiyQ5aj5K6R?|JXY9~Fm%HZ
zd)c~K%-RLlyCn&zf(v$BsPEp3Qxr0^z^bI{UG!A0if!!7lEYs<qqvR$)Mcmk7r;}8
zwj`8!T(E4>;rP#?Io}HsWJ7r-&b@@NyCcy4!<}`?_fmN$NuHbw*^C3la*RN0jaW$!
zT3Of0?{yJ1ef-Wgt`q_Hv*j>+<D?h9PczM;D7XF?t`xo_{w^vv)JY0(9@m?Jv2k7J
zV(<H3QTBy~&U!)7b#D>>6&LV#2G1Xhc1!0ovUB*ZpGy|CKwqsVm_~5lan@&|z+;kh
zCxFv7=iQqfztfEJ$D!3d#qqb_EhD*zFtH%hgwUv#^1q(g7#9@{<k~$GiGT*Df@Y~#
z<-sO1yJ9@CS&_S<v9(yDs!D-A*h#3t!TkSvDzb=N5C}NJ?IxK)w3d+G2)B0ImoVZt
zk&F!$P#sPrwPSZ?u{+;3JQO6+A`{9Ly%ZQ|+_b6g^1t{@`UL2sh647HGU>)g&9&9j
zyW+IiQtsBv{0!J)#GnswWhWvtg+*gJnf%?KN&hvB#?36mbi76AQAlPX&<77C&<E5S
zM?jtH+g~20IKE3_O8J;<8$PpO;b_$=X?->;P?Xfy@Fla4!ZQ#3Z}iITgG^nKLZ+_z
zHYWNqG{p?p;_c|N9QG%K`Ek%<S{?4%zZY!izls%)5W`RXmx<RL&BCUJ*g?sCN~<8P
z7R_&P4JCw|=h|tpV!RXt_Sf{Hq!THU7f;HDwNyza^&YZtiI|2P3^;F5In;HIX6-MA
zaGr+SX1KxNSh0j((c@GkA*C5a7i3|$N&5lULyO?EYH9&*Vd_t>5>ms8=kj-_Jyr#E
z6WlDM>U%ScX$z_Pl8YXX?OEV_lq8;)S%`j^gY172Kt)_3C7j2lw#d~#sKv`(TP_H&
z#dTyH*N^3myZWd_Hj&%!%Ck}V<87|h{vr*@!*a@0sHQ3U{!ZR6HQ9un<A@tPbzlH}
z2_LbzJ`^EkA@;Ux%#pP!U;iJviVbGP$kV3?_bHrqq0ZK72v;7%*^uZKD}deqCa$Lo
zTty)Sh{?1)7fNQGKeUO~|Imk|{3%)!tU92K@Wr4yd(!PYosXYvF80l&r_jt*h?8AZ
z26&NRm~}pX{!@*h_0$$0<Q+q#RKS@1?LFC1Abnob4Nx#YwtW?`zr8s{*5-K+2yu85
zU(!XXe=bAGd5!t;iXDKQse&ZWTZ@;Vw~rBI>;q%)0^whbTtQ`na>&wt!K*{NN7Rnl
zzC7=}M8c#5xo3;ORGBy>jn8Gf&+_GTo7cSh&g^FNoql<%r}+gxyiJ1v+k3(}Ebgb$
z9%=+)%1bP643Sxs*yJC|V#^6%)3?>mwN$=_H5X+8RA%k(6DyvpS8QW`6~T7Gvkqw$
z@Ksbc4X#V*AN@q^$nX2e&b1fLZoEKSwsvURIy6;%rcZ<RfLUe7=ryH)Par@8!=;^W
zs~SKy@RUO@UuBZ1m&x~enb{lYJeMdtiLi8Nn&4QvTsl3vFcX&N0q=Zs4CXRP<)MAg
z+FeKE=B1JL#JUMX@PkQxXG-FBfjM=c*^;aTeaCTax@&Pp3gr<AyiP-4duuhqQweeI
z1`UP<173#$-hm)|1dfDx>y6}F3dI5NW6=kkK9)45MDIW-yl0<Zl6{e|h5H40262~P
zy4~LzxO9DN?drNwDnNIZEJ*7tJV4(#|5d3yrt8xxO?=m5Mdx>u=DJe&wj^0qJ->D?
z&HN)~9<pThi}~hGgxvfngwtV_3!=<!vO`dNU{yg(SD)r@=Ie^X2gqXPks`>l38<bn
zGm(x%IL}`+oei>QAcvHftK1m9wiNL7h#{|IfjBZ`fMljqJqmK$QvNR&L-NJXx^cB{
zjdlG#5&hfi(92HP`e3`S3l3?`b`}_RKGYh~+&Z9$gYXQ`mv*3;%Dup>9x1e6DOo8$
z%_58_0z#oZd((sdDe)7?bfZM~bD&^g-NaEE3t<m@&po2=v!M`-uv75U0~GkaI+IkJ
zvtj%<zng@JfwlN82vXSXQ<A0#fWV@2s{oz5h9L2X{4g=z{%)l5JD-747)SN}l&R~Z
zF|{jhB2;5Goyl2?3w)F(tjIP*F^iNDH)cy@j}%^pFLQ`JMAn}Wmr`o%l#ZS#&!Pxp
z<cK3NM1cqXHTGW?$FRP^_Fp?3(j3H%eP4*L&g=FV(BvQP(=Q2FtD3VlF$<~mMxn1}
zWGK|uxxeS|{8ahDv*!Z#sX=K^R1%^+E{Vq+UqmO&%_6G{k%5?m8y@*biY@mLJ@c9|
zZ*{X3FwiPbrIe)1sW0^FPir_k(zn-uv-L7=D`qR19|irLRCg3Br4UQ!s}f&hnfqr*
zXjY<`l=nj33EcJb&ec#7(gEF`V%>ium94+VlWvDh!8v?=>~WvkI=*R`kmGgE-7#sC
zn{M-s*g31_^G&&XL*p}xAWkQ2BY*c)`S)%!SfTChmLGa0M7|CP$eU2@%uX>5P^f+A
zUDuKjl#RE0eNV-<#2NnP_&=T0A|7KceY=9_q{U3~u43OcqDsZH_NF3h7pJBs=lkNe
z*~Gym-@(UPWpo5h;9BkWx`z4i{0wwQ(17mye@tC<R8`&6RuKe2K)R8<bV~?`ba#n#
zcc;{mPU-IM?nX%|=?0PR?*5MWd-418u65Vid(X_C{mjfWbGU9Y-<(f-aXny#c|YEi
zxODrw%S@MJCo`ZjiP7uoK)2PDW?hDia=G9n+scg|&0WEX7%ozTop({dLzN=Czt0OR
zQ|vK6wjT>ufVS{V5zHek(8uJVOj=;|H41*KfAM*B%l<6VeRYF}tDt+W4E*Y+_8J=$
zOhnxqhBV|^RMEe+hF5VSf!tgS%-(}mK7hc`GgYMiUUX=5Dl1~P;5LDA?YOwFUT}o}
z89)581Z?UBhBp%UO5=&Q`I!on5r-bhiC$XR<K=cnu~%_Kv2@&J^rOe6CKNy~4~9D9
zyP55axApZg3ITN#rR;qKw-2PHZJOY_4y@Y%?33<r_Z?`k6L!C$4ant#mg_W?WiP1>
z!N<M`xvbC&9{#tsq2v&__6E52HjVfRNc2Gv4VruB{7F9be7wwYJVnNV67O^;d*`Ja
z-YJ(5cW;O(kNE-{l)j_>lupKHh_YpC(|#yNsryLy-Y3)4R3vA#WYS7gjgpPHA7cg%
zg9#JB=xq0{=$Y}#Y4<N#a&KP^3^&KC&zoyAmmYLMBkRLv#T>!oziOjW>f~0H2KV=_
z%wGC+-+ek0lV&EYb>TS6=2_=y<m%qt({y1=o9lrxzjj+la+j&N(&Fk^ZK<Lz#dj&7
z>QYd=Y0N9Yl2>E|zdh+&aFqP!jEl?%LM?p(C`_gMb4mZ<R#ni9;bavBGb%pj3lC@F
zWfTu-^QcNt&#HAr6|Hxxgf~}2LN{lS-YWX+8@uu2Uu<eg!??fOhK{{kzdbK?R}*bs
z`c(_pVx$0mUU|^%9qK#SlHm1GOU&;Beoosue&yVv&<|WF)3~faMp1NtnKU|uwluO=
zTtHn^v-Dl2h{(dJ;3_*fXD(Y+oSE^pZp6#~Ttu5GY6Mjav?!Q(a2|-rTAG<p4Q+p-
zBC?xKCqLA(X|t?efp4^YLcYV=JX2mRecv#5-VotOEp#(DX_lotr$0#YP&l#2TnpFf
zC+S28Mce!ii04zF@y4OG#mW-vAydlc7f2=P>^6{nOwb{Kdt6u@m4LDZIuxu_H1wf}
zEzL+q&=cl|EuGnwRHeQza!6i1!K)O<=gX1rhH$GVO@}CzlK;NmU5Z>6S|WhiyPIJa
zd$@XT-q_i^Oqc%JQGwqq3)SJN9E$-rQtoh43(};I^#xRTGh2+;u+0B1+WQ0su|rxc
zvJ%t@;h12Q*^<F7<^e<-3n_lu-f1m?&Wc*75`o(H-%U^}h1FP;g@|1)VE?4WioF<I
zSwzTRFdht-y{0mf7QWDU<0Ij!EOXie8vD!$BPVRT@WXWmK#tiOq8RystPT8y|F*X+
zGVXIL<k`JEf(A+)^l(CEBoQ$U8G@R~h@ZK%_%;NCSC00xdx}+3xc!P^y-o+Vwo`XP
zxkk4RFavOyQE9_=#}tM+x`a=@ehT0YfBq-mGhz#J6$U}Bg01c5@*rM~2(-D8(cth|
zK7@KP+5*TX9?ZN&$XrK}Sbuc5P8NLYq_t_bbyDs!*Cw;(eev9eqU%<>4Q)}4zuqd^
zGLVg3dYf6pt(ny!AIL;cdHqE?=3cys-s#47l)|@Ht-stv6&0?$Zs_0dcci%Z>Zunn
z<VE>MFT=G;i4g_$Vrnn>rqhUR0={cHK5*ook8#lrH<4$ADl#t^7PZm_yeUz4=pnD5
z;n8ZT7*D3FBFXp27j_|sgK?{aCF)9?@_PT*r-t&TuCzYeu+8a5ZtcG7=kG|7Z?Iko
zWRj@5g{Obb6hcDeHAJaLcANF2ofF34aj_j9;Hg7|>Jv_IwOd*be6WP73X8NKYixsr
zgLkUeFp%c1aAc!Au;YwyXyu`feX>hL@Q?tm=|-0JBuer2a5AAx&dQ4xDR_hY9=#}1
zV>75jRBRK?V)Y9+^1|2YaixA152py#4_x3v@iasPCG)E`{VMdlt3YO!_UPqkoUIKR
zb#}A-TgSp%rTf)PE{n|%ON(i@S!=*~*2zqbrR5n0YJX$+b1d;C`&3)Cp0nWA*3Xr>
zT7;{9zFYQR7iPD-@_j|6FKXu6th2Y=p+3Imxbb*7F29~VBa8Flb5o{*{#E**`n#>g
z<&#;VzS%QX+1B@)`sV<9^Th{s9*gt!-HTDqX<y0swHHddPRiIS&(2zD)jVfWCE&>8
zA{GQ0$l|ob7`{g_JePkHy?o_^mZCY{hP3nnO<(b4G+MMW+I9t4VblQs{CH*!YE)0k
zdg$-qwQW(Nfg>-Ozm55r;N?zacG{>999Ew3m1zK_x$;NzWv$~2eY!`h4yUG)kkl)6
z!BxZ4-fuT&-zg*Ny1yTPc8PoOC;TdgV(gF9ii2ot5zvQBnxcylf%S&FPYuNR@Xc~c
z9%_D62mF&s#FXC|kp7GKe4ro<(l+pMAa<}%BkOOkZgkkLo^_$C@x$Q4LQygW7HMw}
zak)*@#dt@@KBdHno7Wk1p&?;1oW*f>fc#Xj&ZCR9B+Aec$$%`4(xFjb!vDHNw;AR1
zBsB{GUUvL-w1&upls3#73c}&P`(yU(khJ!T6BxsUs_=2CHJa7o|FX*!NA=3nJgK@o
zVw3hWnA{=Eb8nadycSIv_r_J*F_iZeE6*90+qq%SQn;7?F71MKD9W%D$>1-IU6foF
zC@$-(PwWao5J(asYx^O8+E8K&dAf`%<oYP`CN^Hz2-P?5K{Gq2c}-X{FZ|hWN>ul}
z&Jrzp=Uu+ZY3v$1n%w%iC*xT=bYQc7C~*6LiB2)P++liFXko4?-Btxd)&ph&+UW*T
z6%;cdVN#3r_IVRV^02x*j|k*ff)-B?Z5bix7*%7YkS0s!wRasQj2bQuB||q^1E(3V
zj<qv=XYtRXkRI@8yH>AZSjysofHdUfCWHH$T_Un<;SWz4a4|`kKP=pQ{c`?uPL*l9
zpwWEiGRS6@cTq`j$02it?CRUPR&w9ncGC^jO7l?PrmFAF-0Veu*vM>smx6e;dX@2N
zIdmyhoq~Q-v$aljfM1<4m$koExVA8puT}meEpIZDchR5J3Z8eeFenRlsg5aELX-ja
zzc&^zK9dTVz(fwbyJ=jYG=ubW`XII4NNLZysZrzu-*+%eBO6&QT^oA#lx>9b7X1oK
zGeR8#8>6@DBIgKis*VpMKXIq@rOvugqDNzz0V@`#yfq3FW$J>*wztCrX14XqWiuKl
zedY8VQx3=4f@J(i?G}fm%sv@~h6R#*P4566j2RaEF~CTQB78H<F_1Oqy3gdv)+g8H
zQDvHY!q-hYv%U_cAMwDvs6**g`EsacdFIJsk{%H@V!=fAQBoR4$g&(`I|EvIBckBa
zq=kyhNa;iuXE}ej@A-?E|8a^tuiN9Bcr2dSmnWC)BXQ;hna7^u$_<QiF<Sw#_y%>i
z`S)w<#qMkpNwdw;SIR%6?ef3I{MO27h1Ip7>N7Dh=U0{IT`>(alY|a0m1T+#EX;|C
za>t7a3=|t{)ATFR5K#88TFQXkq7w7$t@C(mXU2j~n*TqpwtPLR{QQ?J9ZqdYePOxs
z-Cr#WBXR6KISUJH+jK6#AZz}61dVNBOHr4uQxzoFLd;V4MxM7XxCfd>3wN$>=I6KU
zZC$g{6_a~oyST)Hrq-l%+kDdm!Da@Nuu>dS)k5ADlPC!#-Ms9qkY_wp_^&Tz1y|Kh
zF3`K=1VZ**cx5?6_2)`)-m!jqB`5wrj`es`z_`T+T2LH-Qe|e$l!I<fROu}A)UD`<
z;>NW0dYb-=(>iXRt;@~A{Z@-o86H-a$z98NwV->Di(g-Cc9~t1U0nR8l|`hc#`9)`
zBHpa?K)htXF@TDAv7uZ;$vM16Q6`4i|E1=Y4=QI%x!4F;%}@%{Z2McyFk6*2vxjmI
z*!8XkqVZchY7)taGR$9o3T?g$-JbnEZ*<Q1vT0Jh%%RbVUb*$H3x`JKUPVgN^<s;9
z?=2Vu6OO0WUIm;ZExe7snr!Xa-P~R~I6brCYPPV&*}Q8k$dvZ;Wvbu!HFIdssJVNT
zRF$g8>OAo&<piNNxhy30ijZecbE2v*&Ul&%fd4#nKUW(h*Q}BA>s#RK99f;#b?SW>
zQ&_le(BtklKIIe1)N^KIK$hDf<E2@at0PjBq2^NlLF_M}5}QtVk-iL_<2|$hhJOpM
zkoo?1z+bPvugo8aB9CacUi*#R*G;ybLv9nBoHHrDcaKj(cfXLO)u_n4)c-CBoGKqw
z{GN%YUq02(Kpc<?vCk;*rTV$?`eGo_g)hD)RGM>~&*S=66`}g?(c+pDMB@dfst&W(
zMz=;u{Th<z5f=~-T=t0%D2NdJ?9iJN%a2zMpfxNTktko59Pur(>(jV4yQ7t>VP+sC
zRUdJ0c8tVXX>Uv!y%oXL2HA-KNby&KhbUc>&irUIQBz9YR$9*BQ(B(kEyS<QHShc7
zu#S5heK=tlOT!x*#6?2RULr?n*v?W2wfihtTCb^7@l>TNijQEnMM$@0YOilT{s;%V
z^^)H1xMIEx|5F?{f(PV`x`8R{6RI?Oid~chxi9-DMZ84+ZwcA5kjN20J&06gn~aLg
znIg&l%@R9oM%l!@re{4%M||0T4M-Ark`gzf?2$eJ^>)0IlKp}{68+W82^Y7f4KD5*
z^IM+*;>wZ!XbX5dA&Xbnw(ut-#-iP?>F{UXRm=z9@_*iou&&MPivOu}LfA;Eb9C{d
z^6<@W2M-1wSFtew0bPq2`2ug0ag;=hu1t>DXE~)16xq$K@AA<BB5e$4f@m9?>8T>v
zxXdz0__%H_WXVC=^dCl`<6(zmsyCC$MM!3F$#qE3%gYc`zX+kQVfSQ2YcEWfg;&*+
zKWVL<OnME39e<rLvlL?P|7z;p`>sLLkvR3SG+1ZC6%`19;FCorzG-3+BWJTdkXzl7
zl~5$6p@0@p?BEO4Y=OmJ70YgVbMUPIsZIRje}qyCF>;G5Qm39aNr~3r#Jaq&#5jlj
zD$AKeAB1D)$)rMM1*s^Ql<)72qlcp^B%jR2dT*6{9hMr(X7r#(GSReH-4e8xIoe<1
zl?H?c6hC2T4{+-zZseI8Z&Uhz_!`k8A7+U|7MY9Xlq*6-U!X_nS~_%(8WZhLEmjaK
z6Yb0`)CqTh=I!{Oh6cD-C4S?tNB&M8JV%?{x0f!LeJWkP8%#2Getu8aVrpEyxnosG
zduD~TW#-5~>LN&1Z>UOMHFBkx2v`Gdc?rU-mFT!E3FjPVWANa6N#<3UcCt%>t@bt+
zA(ph6Dnv2Kzc=9JqOb;$jxr3NZ+M_yM!`2%QJama6{^QLU0E^=V?8nq176u0x}~Hs
zFzDr<PBr@bcF`oBdFp066Y(!fk}kvb`B4N3?ia^}lk;s`PJl&U)W%^UaBzMu-4Sso
zU8&75+}7#UP1H?b3`XsldNv4aig^8n><FdA<DWju=6l<qitVqWWgI+Hj*{yo7JCT^
z81UObTvL3+Ab8A+ib>K-iZpobCw=T-4;+WDu`o7N3T$K+ZOa5vG?hZ5TVC!?LF4Z!
z!UUk2It!^Iu~$1bUHWcjIQPmCBP<3{NU`oo>Bk=giVs_;Kwgu<>rZD#@FNbI66LBz
z6O}yAp)x1J?lfKWu}^EupbPByp$!@*tv3hS|9I_usED1Hq==nue0an*^L%OwKlmgX
z<9$xNi|l2)fmhjFM!>I&{$&H;N^kuRsk3A_l6S`Jp1(G4D`+Ev65trkcT`@<6gQQc
zM61~vYZx|rk5E;n372#*eM|#}98nU#+RJ+1#5Z++qf#t8gMEgYy}!LE-dQ4o$2I|D
zw`IQ@Re|vRz(*VXQ9b*TTIlPMTIlfm)_6Vk`_{5V`_{X`KwqAGkV93j@+<rg-0Da3
z;Z}0jFQ%_5E9Z2}xlaYRLw4P6`CUxwB=vvcT#sQ)C78R%CHo#CpYf)R?rb81^-?kN
zT<w$g?;C#YX@vICW7`F1f>_Gg2ayzLg2brleAs06Xy9m2no>qPGdmn1p0vLmRJoEv
zNbB)KNI;2Z2%7FPpN8&?B&M=(^>)E<b<wfKM;+NuQ)d*W*X|!W`xp2IP2R@7!@F(H
zu}yWZnX~6eGNy8#@LDc2M2a!Odam92%81Ja`Jpj`EM`?pspET*e|s5mKtVE<O!*rl
z0c6$;VcuM{a#T#ydOCk>Mi<md;{QQOAPVDGQW^12=5k`SR*4w9_jD_goS(8Je+fY}
z_}?bgf<X!)``yrxVvE7)<c`ZbNXe&95gHU#pQm(i3q7{j3(94p3782_O(bes=8EqQ
zrgl!hea2E-a0|RFoBkg4;@W5^?JVrYpG!6R!=DK01wR2I)aN{6n~9Mi0hOpI0Fw$<
zKuysjEC92&jv}K1hJ?hI>(P|w*gUwB3_ZE(+*Qt1bO_8iGp|oljgTs4J=EA&ZJxQA
zS#Mfr*AW)JbI_EFCCF{fyiQ#&zKcDdZQq>JH+Tz#-x92UjGngJ<92zCR&mpq*0`M~
zUYX1Iq0LQOnbm#=4g~<iNilMHUC$1%MXVi})Y-jIt<~XFtRmzz3@3)z8cMp3$vT^w
zM3KzkX5{<xe?;(n$n$_>iRW;W^rj}_zTW1JobpH{TLVR0$y$Y)(l1U$Tq<r;`wcq3
zygV0FV=UxO0~;5Fd-RkL^1y6#5ki{WwN(COx+(Dbsv2_RBv~)p{=umN_9Vf6w~h$p
zQ=~onuW+k90hhMKg__oO+LthnA`4cL2r42&PvFqS$tO>8SNx6xB2dLM^Uux2XGEfr
z)&(mR{UVBMis_kGL*H2xN;{CLasJeAjm+NankH1T;iz?I%+Hu~zW2MP*GMoA0<f{p
z3cZgFT%Ln1x*-ug)mR?bq>-lB&&gq%+e&-=3q-dRP1U@K54k9*giBB%QQ8|`L>MHG
zy#;F}_7K?MYYA9{$^Fx2RaUCsDkbxFJexM0B8}{v8^h+g1Paw+s&%U;+T*f}C#bQF
zuJdaaE?%KEdX!ItZ~6h<*x-l^Q~oo{FAkN;LCe;Nx4e7CkgW@!&)dd#QOtf7ns_#O
zrlF%?m?X=@jwZGc67fA9%%m9ccYoa^6&#WctT7gKX(_<iHIN5*dp2Y+msuXeB*f(3
zEPKq0ENZR6{Iu3MCHTo^BN}>%Uir;r3d6y*xJ@&FM@YFzH;P)nB>VTa7L}{{by`mK
z;N`LfD3&DduV54i>Wp1txh}5D8XG6~1YO^r1g0C_M^g|{-#=IYrNpnuqKl7<zgwtX
z8|TH}K2wG{?=I`qfUd<WeFQ_%<+9WngWKHei^;D(<Q1{wn<DD1`)d_;_CS-2!YL+j
zys$?ZFMnn5Tg;Efr0{y*y`P*mktne~|JxNW<*wzWsxB4Eg{>_YuS=_1bKE#PLrBA#
z<CC?3x>BrC19g`aFy9ptu}SvjGco3|09`w(AmeugCJc*@b<P@i&U_Q5+*@1sM!X}*
zr*WFk;vkPTQ71SFC*t#XCxEy_bB#=^2i1D_m-(!HdP;Z7wOZ)!JHbAf;VwCqf;|ZR
zIdy-{cT(hQ2CI!KhzD5oqKH@X5>4Y}s`n-GSP~o0CSdg0R!BKW?nUoupcAMH$r6jA
zxv7qCvt@*P{+|^uCcwe1yhnxWIPI(Jig>;>(>$>}RPcTuxc12RYKF{(a!Kt|S1(WN
zX}tU1p_)~K>ssqZM9V!pZ%Jr~ZE+RS&)SZKe2%6p1aU!pIC76+9Fz^?ixnn3nbmqx
ze6n&1u?7Sz%;>PE=FKq`;!SG`T@q`cUQ)FYVgKsoVA>nXCN%(R=}O<#K=dhiV1jF0
zK;$+~-tv6;dHBc?!4LaeSy=R!8{0*w0Uszo8=GxKUTCnIUll8G|J)t)`P95Ia0;C*
zk#sv0w7-9k-w(_9w1ayXeQ=uO1DM&5l1OQH4Gp>^h+TFmC>ZD^S9raNO|+^nPQ2;=
zjnXUQAX<~NeA+f{|FPJ3Fy{^IgQl_%nhKYp=(*Ld`_^<FHQT)yPP}uQ{l}Mb!y)gp
z&+6Q%R~OTDRZc@Ok75l@mr57h7^^l$ZKYX7c#MT%+PQbwp5;cLS^Ww1$s$h~=9YEp
zy7hmjyg}@1lf+9GgP^t8QN0#UN3oaVY$53@P|#xZT_pJXFalsV@3!P`g7f&_1SOhX
z&M`(vlNMZAbrKlH`bw6LyJ2J4`OMhrK!yvR7|TiP3Q@!0H3>W0w-W@+(degrDJg$J
z%BvhhHHpDG1a4F^4K#FpvX}HPPjn>Yjw*C$ql(&OICxhTTc+Q}r92+pYQQ@MJb4NL
z9$ihh=cm=~FKl5PC%nnzmVC|BlM(aQf*Nz2L5n2{WlBlt^Q{w`QwO&51dGv2E5RQu
z^ZaH3C-7M_5Cb>o8QD&%t1QbE(OZ7^y6x=JQ{h|wJ%>VHR{5W?l9IRK;HS(hov!Nb
z>*>)#9M35Jv}2M*+A@kUi;%A~Q2<}<^cC5&Aykv2@&hsx#139^A`8k=anJ3cBTO2x
zvj1&(?|HU$DqJ?W-y~DG5pcgftCS0Vdjico*dO(d@YbV8T|IXdqFDEPM7`XU-$=eG
zKK#~S)o1B&)89iuZZNfvkT9AO2i7Dr^_U>!1|U^K$~R6Hs8DcMVb75Bp?Bq*TN)`8
z+`JI$X@f^aDuQBUd@O%iNLljrI}Hl-Tit4~L2%I-Ad`FZKG4Y(bHesJFeULE5Yv`E
z^svmGJw<#7l<8n~d}~2hTkP$gN#i>*Q#>V`CrXswzCv56iJ4i?<U-%Q5fh)8CxbGs
zT?ZEW`bX!Keb;+axb?s;ZQ&j*6ACv@F&O#5?9fbm)KyBwhPHssex8sl|4CWWEY;@$
zglN$x17TnNh#u>+@bc1caQEZi;DQ!378CYrvP4z81%K~e8fi0tlA8sRFp22Ux&oJ{
z*9dpACTYt<K1PRFpx^d1;ED{GKgUrs)rfJ9D_JC12^`-!#Cdp;3$>fN+MT|3|9+dY
zKB<_@o?*wGYGcyK=j%b8@$D7rf+nWB_Ir{O28~A<X;;H(EOVo3w4e5U96%{uoVm5z
z5tEnsnxm4j-Se`VM*>1@;EZrV>~dO5UnM1s1NGjPBat15d(qao7<Ulj;HkuKP>WR9
z+C*?au*271Yc=T9>2u}^AN<E&;29T|v|BoLFEC1v#@?NAFA8asxu!}XPa>*M=cz+v
zTkN9h1rq!&F&^P2rql(-e*6UnC=#C-SNO?2`r9XL(r=|R$IY@L_g7PX?yAafVHX28
zlG0e3u53}4<Dr^`ZrQsEY<?ku^{UA$y5+kS<TcYa2@z$rtgkl<uO~I_YHpqQt{bIz
z)<QYY3+$UI22%<i?%xqrjtQ7PRP-$n?XAdLVt8$VCDyz|bGpKEWJ;7BiB=t}Agc8X
z@rXh3QCy4TaEhR~07Xz<PU8^;i!;Oi)B72B2MzW!%^L0n{F-t)c~>@ALG+R#*Tv=z
z)8EGFz1=EJ39g#+bRD@HwyWv+7(;)~rS6DKJ7j)N`XFzgmkSO=cjyg9bHZ9)Y^kB{
zs_AwDThA!sgTFEoAn9@ucpYB2V@H>#yo6-id24Qmvmc%SZ)g;MU-_Ke^s=RzI%6$A
z-ZzG`=gWsFaLeF*3pNipEZene3zO!l<shu~2{pXsoF&_)tUa}&m{DXa{^>`g`op-8
zAoZO{^bLT$u36R2oP85tWdUDne!kyG<4CA<e%Ux4YWd6k(B^b$cL%bt&}tG}_2P6)
z1`wMhIc1^0do}mfgJ`eO%RZ3XMFaK$3eCk~9x>3bFgD5HQFPlk380~8^U_U(_?zD5
zlFEP?*_K>2TN`VnW4=eYv6gbc_lx<E4}=@_w4aGe=2uuxWTlD)W6Pc8=OqhXM{YYF
zxjAYvUrz6-UMjhLyj4sA9COFRxm>YI5>6C}9M>A82z)*34$511(%(G97JxRzk9L``
z?hm{p@F;9HI_Z3?a$SVn!42A^eEByF5_ss{T74M&ypMahOZdS1i<y@f+(Ro(`kRvZ
zZR%{<LEVH9ur#NFk2WJ6K}L36w-RF(YH@WjI|kfd7f7;vhMu@yp*(@NI=rllkZzwI
zn!Qf_HswD}x>s1wbX;v1`Jl%BplMR1N>PG#a_9;P*GYSyTs$$1rK0N3&DH++@fT7n
zoKKnP4I&@Wdq1akWRsyzWSx8Kuijq-2IrsJM9nzu>}?|6t(4CSWC&Eu;{)AWO{IFO
zb!$xZyN0P1BL-Qoj|CIqn_CGuBrE}^=$5B+?O3m`Vf_^jb{L5tL=veTY!oIzuFF6y
zJsw_^A?F>93Ab>30*f6L9;Tn}+Df5N$GU!Yz##MpKC~;~gjTpwg+TBT-ycDuGn@X>
z41d1XZ6R3-AV9?LbvJR?8oD%<J70@H%OWffaTeg7aGr2Z+xlMEOm%ubstsKw&PD&~
z*Y)TQw**|dG)%LhG#p5}lV$phB+mzSL=*7CDO&H8F3+Hb<8D6vNv|93?Sp2~<bcm3
zG7&<U(CkM^^q*s}-M>T?`vH)P`ESP_65s+D2L!V}H@JIe=6IdeRqz@V=8{(Q?sNL6
ztllGh;bk^0%FUg%P?^#c%CXNrvq=qf{{8&^xQY90bBywpbS#n?*XVRDTxrOW(>p9?
z?`Czbx&HVaTN1;ov%Cj5;KiK&CzFxH5i9Xi!bG_<+&?4kh~+w31h3g5*o&zM&__WN
zHTo5M$hh^-HT1)6E%Tsmfu3PCAB;^WR%X6e;lJ7~+9`}#NiUe4A(}m^kl87J{;BHr
z`s`1}{ndEsEXitN!b)V~9n0;H(Rd5>5<SUWX1{TfZ5%B}+n4VMQF-S^mpaodrJsXE
zXjvu>6ja{#<esj8FYHSydL<8K_;(v<?&yAe4e58O6;T!|lXgFi9Z3IQVG@sn$n(aK
z*b|Heg+DRznl*;v<-f{C+<kI6cG8v6Fw1geFN&uxOuaLkpG$Cl(wc99ush+`NVhAw
zu7JZj?#^K)CB+|d^85CrhA<VW@K&YSl44d0fZj{Hh(lgVxd^1*g(G@+dz5wfesp_>
z4I=YFseFi3Zg!>t$54n;`pEk!{^od!FPESm0Qaa*cx5SAqWgGQqLPKlD@>IHtm;Wu
zkso1doXg15U+wIm8`2PpV{f2PUs}STMZY`BSrC8g&Urs$;F>jDK3lm9xcd`0MHuyg
zhIM0w<k;zQ)`9f!;+!)af(T`wv18Ecf_?*8c2E{y`bS2ffNT+dZOF@a{46d=sQ<4X
zl!(l8$NZW{t#z`=FyPv1w`=yNA=O#={Pq(g3Dfn=tpg1u`IDS#rDMAh_-_kUfDwmC
zN~6LdBXIq*KlvJ~X3^8P+oy%w^l!vN**|j;SAB>*VZd&KX=jl~i_XDUAOq)!&mN8|
zWM^hngJxj<c+F|vYMb8}>X_HLml9%D$Py_t?z(3=+a6yo^uLMPmQ9Irs-3@Azn5@v
z04BWTZAXGC=%$@S5uBBASC&2imEjDNZJnR>ttwuqK6sfV@9!9d;0IKoY7qRkJrNI2
zc82T)cQ&<qgOcrkJDa|1XXb?SqJ8vtQVCyZ@0dMk)mqhFzhk9aAuHrlj`R#w-`c-3
zOQV)`P2+!7t$FG~9Xh+5dDm?@(1JSvgLq=&3v{Z-nP`&$evOf53J*!Y$a;qHCEbEf
z!@QURSbT_$+G}!C%^`CNqHJZjhT`(GjS64Ome@tzf`0^0HPnJmfV{wGI~F^KCLg0D
z`B1|*9Omsr+2;3(GqwF0+E@L?iTHjhXnP(d!G>ovFCSF9$`G`qi_vNL5silqm>VkQ
zla1k}z4?$REf<|ns-&$*8jY#=`@@q;ipN97B$iR!F_%+-PJNX|7Og}*b;>*sk{J>^
z+j`s_r0jRJ%;^_4k#cp+j-`Mv97M3V)NjU%P+*1R)aiMa^><Zh#(X9ba(Je!-Y>3j
zd`jN*g(5%7jsSs`&r(=XuU}Ie!0X8UJDDe{9C$K0@MPRi%LEkb9CEBJBMx(tiF*Cq
zAOw_^x7MfHq#cM?=O@haWBpJG*F6~T4|f+)A3QXt_J!V`Ub)|q>?M;aC)A5E(J2DH
z8kBmnQN)P4Y;bzA<cL_q46a~~1Nb{$$|6_mS?cq_=c!h=HV!(=&m5L!vPr7nw*D?u
zCm|dQ!`M<kE_1GqZA6-pE_S=ahMML&i9f8%ZG%$LLW%`@>cP|i(nD(CvuzJUSU#1C
zvYhdHG-GnoB{5|ipFp`hMun0#Tv_RpcCtsI{!IKv_8nmUPNvpcbWF2|0)EfIGHdpi
zjQX=hO5ig6_8bv99zTiOKI(YYf^R%(J*AziWGuL^$yxO&EjswU**KoXmN4p^>UHS{
zyOjvKjC^todD@-YA-eh^94!Dhy6rqdgfx2Dzq+s;DO({#H^mJmj^`i3+4bgu15yHb
z7O$FHp6F%r#ppASu<W>tS~AFQ)y|9I9vjy-BM-Lj&xB2X!Fsz$upjtzR~GfbMM3F|
zk$%e){gy^9Rxi53?vvN_4c(nGJEc@8fFg;sMDI0cfT57&v*3isnmCq~XTtMA?*yw`
zCYY)$$vTJSfLhlfYT*5JGV;mTq{b!>W(BU8p-`l`(4x-dnrxGS#<BJ}S6+Q)(bI@;
z1aJPvd1x>qAkL(Kc|#f5FsA#FD3C&9n~1hZFyn-)iY`z<@%s$?&5s=lgs{hT*-f5>
zfr<?S*A1!A6RC5^%p7y6=XBIXf2Da#IS1^#OwRf=)A-)<JROosD8x{It@FOXfH4O@
zrC-2MeroWy)U*ENGEL-}Ah@0Szvcze*(3cnC;H6_LN@+dp`1D|gkEvlL7=<@U$&R2
zsNtQbmQ6rC>VFR|JVdH4@^^e4Du~1bV&>o`OB^%YJ#BJd@i)d)Mgw@$U-4LI*Xy^3
zdwa+leiqOhWE;}S^u|Uu80%N^q!8Bjr9O?Wgpw#ITY#-f;m&*ZkP_lXD0q&g0EZ=`
zpBGYGEF4{_3&F6Voy?$sGAwqLepmh(m*rd9%SRH#DS4XMfkfKNNqSvwaS0#OZUcX(
z+xgl;Omko)+BksuYC0rqXT<It8-CVw&AfVWIYy2>*i8I-Ids6^M-r01Hp}%C=3|{<
z1Jh|0<l}?6srkXhJVB*-%3rn-ufHkaPFlbO>(h!@y-nOb899_zlvEO!Fl`^F^=NKZ
z^WIu;DFIp_psxKui;V#yL$3sB06KL=W0<M<bl9ry7rD{q%UNmntIe|U%F$d4U?j@$
zp1DSXp{ngY2j0w1Jo^9emjT(gez9*1)VCYa{uLQ2`f^mV-aaH51^)AI4)}#V@KOKY
z<e50LwxZ{Q9Yt2R737s!N_7r|@e+F!^RAj>^7nKp4S>GJcKxxgwb9^CZ@W{hg_f$X
z!*Sc;?(Nu8TEq1Ui9z5fa*I>)ZPit*-)QR6>DGO-D)%35<!;{x$-5SO!A(t)+tRft
znqx@nb<8zWy5%k}=EF7@bcXc9BwF-8#FqKHWqXQ^xhude6r;TEF4q7*5`(S~^3oN~
zH3;DSf81!P53#@FKVX(<PSnPv!OtRUyr1;7K!W1rmnwcYC$a0t&uuq?W;aQHN>0hX
zDbq61`qP=OKzNAaP4{W-Sm-XVfO6<k)BXbN?wi?-OVh;H8TT;*IURKf*BwJqXLWyw
zx@3`*jCA0;F3(gafdUh76amO|m<o<po%&Ptb)fQM35?IsZsBAtzG9$zgku)HR-S#{
zgWi3hZ_LqKewL#*`(2=^eZz_JlCPw&)|s1=$BEGWpxtC4>FPxHn0D;ifm*2eE@Nfy
zq;gpQnB9<0m+)ylO_i|jpWGd`8cepOaL@0GdOfVG8y!HMEQLO6eVfvB#WzDnmbjn{
zR!rJCJvB}pLx<%bZCxLgh1`{##dkZ_KAsE*oSra`D_o3Wv>yG;pgsNa&W#O6j&X#}
zT+StEU#CRgHVnyR{N(=bta;+zhR!$Kwk6YqmC!(~4$|Jpl+L~UkP2UU-(Tk)2Ux>l
zcV)xs6H!ZtnpM2?-jB`}L0R>uLTqO^^2|f%Z)74eP<w<Lb8OmbZH78(5A^^!I*^D=
zi=994N=P+h9Rr$Eid7>aVZ>Bp&BIyh@}%-^7*JQY$U5)gSh!E4@GJRLjl{2s5d9kO
z{>;VxO4#<|nreO<px<5}wWj#WnmyOw{hFvtt!~|mZHV8c7y2Ov^o+BCV_ZdHiV{Z=
za>vdS>)=g)@$JnpMlhFjsHerE2pd%fEW(#Ko5x#L_S@SAE;Yagyk)dTJ@sX~?<om$
zIlR{Na{`=p_SwweJLNR0sK9&{)p6jGoV7OtUVR;n2*ImWn6=wjT(nXWX7JX@@x8V9
zeKSsw|Bx)IpcevTdp%8<{O|yIirlm3^Cd$hc_)I4F^VqD85DsLbjoqNLE-<#qFqac
zB^<<u;eck`5+n0!7O?~+$h>@3?(2}neKZx5eZadyYqabNVe`Q6>c>Fp`W^w-v@^@^
zG7sBdNR#Wzrw*-xwu%z{R?^n`B_^T$53ei7D-vcRAp<^`c<eH)*DiF~gtpNleBH10
zcRD&hP1w0xI^YNyJgO;)mDixnkk0^AQ?3dhvl(aQ=nM;rU05lm%j{m6TmQ4xBu!6M
zv~KGUV*pIiVAN@-6Yg=`wasa(9%oKSo<r=d{x~_xn3Q=U2=Kd&?E0l`lx2N2`Jhe)
zH;Iln<>Y&kBp5nK5zp<_%d5BpAJSHO#=%S8Se<a#Xola+1>}@U4wkc!1<^6u;_*Hv
z(0-N0dwdVXrDc*1;$`qa`HaK>42ZLP%qGchHXhN-XmiH+Q%lbaQyT{|Jh=c$y}G(i
zp8A7(of~n5a{WAIk@lK*60rk;A5)vT;*gm6gRiU>rqGpVGv7a?e@nXZr2S=6!+71)
z@}t&Yq=W@pa5`%c>+sMCBuaTz7(YjhL(v_3Y;S2BM;(IzuH<8W;H|1A+iI_IAy*C+
zPQK1|TX&4%IRUQK`Q`O(@%NE!Kg=zwm#1;VK7Xho@gh9)!Fv7@8=1lyDimehUyR(j
zWJfSMEPFp71EH@sKSO|g%~h5N#^X^TH0)13+6<q0fC_>C<oQ9Z(N1&kXZQAI#(QAe
z+0B8qS&Q4wcJV0%Q_i{igxogsqP&BL=w@4L%1PBn>r2=5P!31R<5z0d`P^p@!d{UJ
zz6Hxz*$8LLSBo=~l^R6L2_{l9?zrfk88m#Gp9NRNWCAEVrvA|Y#UWGD7ZM;-jec8B
ze8<o9e3WLAB0KIL7?NbKy{_Qc&?k=GzdOljZI)gqBSoNVzK%=3Wf-8eq8(Ve3117*
zOF0W9*^MWBKtIAdYldMGA$oCy5V`Q+LV=>}Pw<-cD<Z3bX9P^@{B+ru79#%fk1Tdu
zVIkBth%@<`-}d>{JTh3L60VtNmQ)kw+>ZyudxZK1GE-DST;7<~{~&nc`KRb!h8NWW
zvH(`WIkis&=`p;%MP|_HhK`sS)pq(&lLrYNzroUe0{cjhwn2SD;Y|JnjOZx?x_o`O
z45M*!Pw~vh=u8eB*2!WAW)>W^P_*m(;I9KKcNYIJSjET<wd){lR?<MnH||@UGL)!d
zg$r3SpOa=jiHR?3ZgH^f-2Z@T!Z+?==I`8Utx1(M(;#;hcH@Rd^?h~onaDa)u0fqH
zS1Of_;?r3bVsyMBh5F)}ThXo%R(W6;h)b<P@SoS<X1OA{Ti*f}?hoc;?{lQy36K%C
z-XPhtztsfp6o*qaTU;-JewfY`r1KMH1e4IahdYmrmdW#42q1>Jg##zbZN1{HXWJmp
zlCJ)FA{NF3<!#Cq6MiYc+_v#g$-Iya=@SXCTY%nBM*Ilu7EryLx2zs_m(kAzpm`9g
z$sH8tD(Bc5*U~wg!cte{-z7@`*-iUW<g2IX^I&&jcai)rfiu@XlZVJ6yBSi!hccAW
zRjRoJU#x%#mJqo`9y-IHTUjCM*%ziK9a3gzSZlVAHqOPmXq#cUWLxLX5vsDp0XD9|
zO3{vQ8AA>!gk$ll<=stfU1Fo6muVbnQK<d;%_GBYENU8o=sPK?d8FhMM<JS&Imd%!
z4a^iAsy8!LF=myocD}$fHnzLJg^dW>8ODD=6{tFPkhTq}jx<iF6q1c^nimmr7Nq)Q
zbL^A~=oogtELn+!93QtN!OrWLVaVqQZVB~M1m~Y#I(2j=ZpaSa6a@T?*+5a)I#7Q6
za+uZ6AzK;6Rce~W%v4D@E_Knfg{f}(nEAo0w6xtwcwff*FB-xK2@QoerhK^a5Xqtv
z-1!_Zi&@5S{qmUk(NbCx4w#3T51BzrDWy5YE}3Vjt5+ygih;Tn`gT@UFgvj|gx|7x
z&z+}2T-!*OJ3zk$92!sFZ1<|Pn%(b<L&m7NA=aAjw7G6NVH2dC@vay-k(lXrCZE1w
zaq0N`B06DN2QVz5F#7kEF;i}&sb7c|3CQ&bR4HnUEo9m{R30)c{VQEJ!7ZV1qb`A^
zYwW=YtHl|~LhG}9B;|#j1irnK_8&)v6~N*wSnkQQyGiFr9gD+|m8P5RL)$f2>kPlP
z<&C$>oB3Tmb{Q$aPDq!T*_7#Zn!LAX_5M|viA!N2x38w?yGo~pr}^{Yzgf!XRtrQp
zyF8onz;3*{{jFYhlhD2gJD$dV?9i*>hfe+hzi__Er>9mcd{iE&1H21kn+5;yC_;yn
z-%P{Ii%g&hlWC1X5gP7C;b0vt)Uq{P?Tx4Ix4O=Ay}wgTam=M}m50=i(z(^+pNS~b
zD{F<KF*D8CYL@44ll*;=B>R7WPBH<3gxQM0Gi2>_gt3G|HFJbol#S{dVbQ=;M+im?
z_%j6a51T6iRfyb~TnI#1l{sX@?bW!Z6Rt=4A$y;!RmG~3(-C>*7Yee{9k7gf=<VmY
z#_ETQhGTyaxIKhrOgKWCAVgq+al<}{q3dqZ93qe;gCEYB-beLI{OUXW2ytyQJ5f)_
z+{sVCxSkOQ7lQ!@m_$VPyJ8uA6`P~9zrT7{Qj9asC1;)JkbWV$TE71D=T2v5$S(S<
zF5MqvL^$&tsRiBRq#Dyyp?}6(vbkJ-p2bN)qO5{v!)tT<l^(de=(_#?(g+%;{or!_
z;Bu9*WNU5J+c|NTsu&3yQFO-=qteiDw}4q?s@$^>DD_4j!uNC|tkq*=MBSvKjQW;4
z2FcQ#pCjh0bI*cUO1E_STdfA6P)$3|F8*d~mKp9)bZ^Mk4r1?~s}H??6CFw^C`Tq%
z73;r=SiYY?kJ*I<Ji;=ox#vJYDjZmCT-`8XrPJfcnV)q_M3f}}x{t(1GthSBEZFlK
zRjW5t(z}Zpk?yrCu5c?GUpeBu-|F3=4=%O(t_w_$Qa><{?%Gbof;Xe%(v`3J;N?21
z_g}UK>QGV3Z{1_l(Tf~=Gj^T)i~L&2PsDB{PQb`-n_k@2$Mjs~j;b_kzLkZuD3BFZ
zh#5#3BMjje(|Knw$@9i9^VJo<;8zEeA7uKiHHkdibNT&~Uy@A*zdf)YIMA8FX~s5G
z?cYvfaVDI*>T`74^0Id10^-z67%VNj;ynJHcgx!&AQc>Pc%`3g0;Z~WE6${bN0Lx?
z1Wo)b=s9Uw;FCXZmeV)Z0B%`JSz8}XMvH~4Toy)XbvNNFzcVbf35LEh7_5C*78~K1
zmT^s0C&V%!qJ|<pt-!lY8YG}*<y_{-%jCap-eX?33SwONck9dG7EpLl7r<MO(~kn)
zdbc*2IxE%ImCU&;yZyxjjZ<ui#7ML6F%Hki;DJV)S<KE0C!ouWMWV?{+T*JM(x0J|
zvP{^opy(N4G<0B`Ha(2V@;;^?K=EX_?6w$r80V_*jT>ZY|NduZMyS6*JNpgV+1muN
z!?tQwoPm#qRwmVr(M>U`fMtpm!I)I@zS_m`X8qkz-wU<(RhJhKo|Z{*00S_3X+PD+
zo!qZ{1!W&*K%)D__d2F5eD^8NgTn`ZlXpFl?0>?-9jy*0wv~e!>VYz1d%AMMr=J)w
zga!4FZ6cKNgyoR=DabY{3a5p`0n0yXmJ3`McBURRY~WyirjgO5Q-#3dWu>1{OXemG
z;7p03Ti`e9Djm0Z<Eya-5}V##i}4cV>yGQur8#N8wft+xUfkUEs`b91dAGEB5!GN0
zti6D8%3VgRhpox$Adq)qN%U(m^wRc`=DEI(wG(<x7D6Fbk7552MjIJI1^W#fx=ZWd
zd&KcwYss)p3xt94pKKV^8t?dkk=m{Hf=(IVPcrH_9Z*DuF9drKc+|kpKzz<GMBw5x
z<xYM#MlfzWE5<GRI)CrOvT=(L_mgLP?ZJi2E@)7UbC_SaO$OT^H1-+o_|LR$iuQH{
z{W%JH=z%Yk1E18pbogBTz^+_^f6-(nDgn7WIRWVFPJui!WH6k}+}cfXVC&&Df6Lac
zk<U6^<HG~F&NgWkTip)gfN-)hFFdgPDXkWW#LO6f)xR*N&!eD9mULK8zP5OImxnkI
zXhV{s7Ykco@A}nzgEQMti{VV?&i8txtaSGf_d#5mx;J1?Zi~S|BGI@{n(B31?wq+Z
zkggg4Cu7ml`&#$raf5S{J<nT3Q^1M$SF5fAUC^!rHM6h2ou$9%^g|UMt*FVh`~k9y
zuWoN!g9v9EgIJ*U&h=-Bt=DU;)C5;;9GvlTd3I~T@4HOZk1pG?t-3{Lk3tt(l$nMq
z{6w1nTHG@@^uk_cwm$%UeGuTVr94Of5KDfB_P1Um{!p(`dl&mY#6cvHXyZU$&8GJD
zey7<jbeTP7?OHLoB`9CwO?38oEH)Zl!41=dQa!D`!=T!Z*3eL5rrK_quDP&-zIJ))
zZA27>eBg1Ilwju`0s~-YZ*a%QvWn_QOvuf(<F+Kb7_O3_1z;ixs0K3y+n{`{P_RBE
zwOm<ZtiH~j-ORL$k*Ye3E4i*pRiDnS85xyL$|;DmOKEfqS%QWGzTNg4c0uk!Y|47#
zP_lgq(v)7ba8)jtG4inD`IF&o4aROY0b42AOBaYLiCcH)X>bnD<6Cgd+Qf5IJ+*)l
z0@=+VT3)ys;5iwLcvuzL$D6MdE<cWJl|HA}c5OGWRBc6Ri6j5FwGrj==VX?8a7@*v
z5(@z_Z$|Bp9gg~r&eDgn4m=VMw$`_VHU!AW^(S;}F%YNDSQ^g0c-~(&t&2q}gxUKY
zo>&4`mmiu--RU|cG|tx`-z`W+&og@FHyucTsnjZAg*}}{S<hXefbSNhUteMX(<YZv
zD60ChT`@Y+FY1GKg^<k|dl`B~S$fqwEuxyj=YNcqFgikJzDi8qcBEKunS>7-t=gVd
zSk^hrsa#kTYKDh*?|l%hdAYmZnLC}^spHQ1BA#Ap8mY3UBEj)S)D>p}PliVkfhaW*
zSTNW>%a}V7Rcx8zKMbiH^kI+AdRLX|R?ljdmKF+)<qp;UJVh-462Hgic`NE7K*r!e
zBq~5w_T7i{D>4QUV0ziKr`WTtK?&p3fT!-MF7n@A#k4woz`ervfP3|TG=xb^4y<<d
z9`C@5!&}^Q2E|kNZmqG;01iDixh6kp5*v1w&gLdAm6N8S&Uy**%{sYUx)(^xAyrPH
zb_w{>Z|2L$dhDnZ>=O4xANG-rdqzq&6&V%BCCUk*DD2Wl`r%8f2;W#9_$GwbA$@zY
z1XqZW77a2L`Ft276CpE6Ak$8sOSA{~bA-e$&Zv0?q{mJjf(8JuXKy>#x+gli(Wmd4
zerTSD=4y|WYszT^`YB_{kT=_OSI`WMM&l@dMIM4q)e?@_Bw+c>Iv?@;I`YiFm)T5I
ztc;A3@neL^B%N2;%c4B9XEiwpc!gz-<*S_<GSJo^qto22J!wV%6H701X9Oq~GEgkC
zb;(A6D3f|FJND0k_VmJ!Ty$j%WHOFlzTVZdmAyP_dsf?*&|dTw>vm=aV`{;%=qukI
z>9!m4O<lcVOZd)6V=!H%qgTv#`PZ`{5)0nss=3!852igG=q3zzhEE2w5H7DQCBq)A
zFU+fZDOpjevp`u?P_Xr7;4Y&q3;vvR$`N>!j+vsXa1ZWf2q>KzZJb7*h;h65bVVoD
zSswQdy|i>WW+xE`%lAXmy|<h=DXOuz%g5=Q$a_<0yI&5Zj6-U>-q#F_p5ELi-X>bk
zGH*Ks<I%4jYp+c$X>Q*NCK>l2#q7MlXL4b$T-86`e`8(#w&$k!i>E5kV`qx8BSjVN
zr?)t;*<U=!S+IC-(R8)GeY$xRy5R0&6nK2NoXKUrNTP~Xb$_<IobPUMc&*eGI$#c<
z-WL}yiH->^wXRHzUY=~nS_ZtonOeYm>x*S3rx+$+p?IyN*odh5V<tShEV{UQS+()j
zM%m@<?wNF%<jV|NA#5RlBS1*kUnf%R*AH@ilSvj|2|H2jQu%IVR!j@Q%v3?mlHJy0
z-t56oFe-9`37VyIb57JXQmJQ*Hz(RSxSYNtP7N+_4v=Ug6CB(U)?7x_rF+-Qn%a`Q
zdYAHxTDSKYFADPt)@(MJ@m82?6kfe9ms?w}?H>PG(M(+9I!Rj$j399ra<?|;&5@?F
z1wy9ep#QU0S0x(79$b|IP#?;@sI-bX+wXU?)5cm{^eL}Qd93eai(K@0_6S$ZZrh74
zR^u^kv_|($4?iBH+TU%CN!=JG^4w?Bez930yYdzcVr6-C{Z`_%2ihlMGlcw)&lyv|
z<xC*W07iNhWb(w4+RjbRtcu{>W0dsK85amJrx)o8k_u=xn%}`Wu<%xOQnXV*hTjzH
zT(21|0q#LnOf{w=)V8e~RZJS^Hu7qk7xA~vG$6UAJ!;mbqctG2V#abs{aZ>(;!%KU
zy;&NM`mcr7<RtqK$)fP>i_vb_t*<mUZ??|?VCBBsU{xU_WKTg-VLA2*s-hYPt*kZZ
zpqnKWg57t9`vmZbOyrZ7{dm<>s|f{MC3ijrER!i=H-_jo?hx=DT|#ilQP4C0=n_<A
zz!pWo6>AQ;ZsXNuQN1dKG$i#~HrLUN?v6KZK&)D6qO}RWRI$-bH|;?5%UAnTgMhzd
zkz(U!^)*&}=rswCMDrWv`piV^oFxUXh&me+Dn2i{&^!fim}~;sd?N-5^sl=t+U?Sk
z>pB&U$Hg7?(<EbGsdMcL-dXh|P*rF%p{Mi0{dG19cF_v1xLy(E>he@l#}Mq&#6nKP
zhVBKz#O-rw>B{kz1$5=I7jr<1Tiw?p{vTv{fY#CYPC93<0LzqE|5DFK%w*$yQ(1dx
z%v1Wo8_K>C^IM7Jt#PSL#c_#1gB32PlVSv0=K^a{HIBEr>DHnd#-_how5fK}YmL4A
zAy&UJE!wub+2(FE6>1cPqD?#Pqn*I?eu?BK61{f48GcLDzXAh{_bH9<S$}~N%c)8=
zFlW;AtI0c-{j!dtzeG3|TdG2!;Hvqh2$Glb<W?uxD6%11L~2ERRyNj;gJV31v?M7Z
zawv#&cr3}=0TdC3aRv3RgFEt7w*F**;idbc{rZTrq{3u6K0AR5izuta8fg`^c9eEh
zq)}94OGKolE}#rrQg4s31=+E^o>WO--&^Vuo`qjCCvBFr>vdgviV@dqzwYtnFs|Z*
z*$PFcd)&$AQWY}tDdB0QxijP@v_2p4@rdq}mG^oQI^nYUD8gvyE6UEZ+pD1oithak
ze--)XpIG`>tE4#DW@%YFvmaA}cN63s5|(?M=09`;`0N&ql+4Y?In)UE8U3gD-DU(c
zUNIM5v6gwwmx!HGO*KC|)^qZuS2XH}U%g_UIKlUD<X&pahlBqriy|rcaU*%_b#xib
zz5+6bN2)*Z@eNk?yR{5?xk_(Z?ozY45z22(n9jKjGdh1yU6vkEX1SaU9$IY5c!F{n
zurC$)7^AwNyu&-YM|__-HPm}|AgUDm8(KqZot2}WKJ{()t@4%<-aE4N+nyWRZ&67*
z?rrm;WC;loLvO}OsK{QyP_`Z|mm!!^({1-2?Y=1wG{IEi9qsU0o)*Q6e5(bjTa3>O
z?XS8iu_-ApSz#zaZAT>;gfVFV-SS6AO!z*ZJqS&`kIJ2BF6m-#>zy%X=U`BOC3cFo
z%r9nd1+^D#v90G>dVUdmek-{~4`r~X2cYgrQ4NpvdymIE3+U&3cZhl}E9Xb#@{yc|
z`}W7Qir`1|ImaYYUYS{UXoK1z2k-y<T7PhKzbo!+ICwD(q$&Y?>{6G=el(09nGL??
zp^Rv`Se{(oFl5KY?OaJ_GJj9%$M}=q2or~>?QR`nk8+GNqp|z3WgSKdoEowktGztw
zfb}Aa-i!p7{1|!0hv6?$Y8U8fuPukio_)Kz$Wj}2*kFGs^W!avY_^Z3JSYBCMfkOQ
z7qyTE;2hS9#BDF+w-?<XtI}CvH+a8U)Fh0JkNTq|>99RYZ=5_VWk^BqPDsmH>I`jh
zFAG$<v=Jw$^c0v`S@pM~QBGtobV@snDiu6rQu3cH<T>0&(X>&+uB}1IJM+!HevrKH
z<|aiANw*PF!8vA(A7+gBK)Ft95Dy#p{RzbDzUY22d0XG2rb0G7jf4`l+QBj*B}?`R
z^OqIgH@kK_SrZO436*}T%(KZqnGdZAH-VV(zAnF3D`UT_Cna|k>xC309qu%oY@yfd
z!Ww@*cyPJd)XG9=2rR<zpK<I`D@`eFQ<g~0DOzJ}Pb}wK1eH_1usSB(4Y>hYxROJ*
zIOoqozNz>V{vT~`9T!#CzKfe6NJuxMV$j|BAfZT!wB&$vNjF<Sx-7Z`mF|Wiq@`ns
zfgz-8VCarBp!oPc5AXM!-}#*1Kl?L(teLs?wXW-4_qx~GYa2;xdoRNVzwss}Ci-4~
zZpE>o;vBIRA%WEPNOp3}LgWB0D|TiBn*qojreQJr;b9VQX^>M@@ML%K2~04d({)QA
z*{^)Us$MsW<0$zXxHEd?yVt2$dD~lj1Hf{3^`a<}BNNHcEGf&tdVAGc1*r4?53kwe
z<|AM`qqJG>C2kM>_|RiZZvXNNXFFXAQ?nY|;*xLqpmXucBDPRFSx#J=EW@O-qHXmm
z!OS$QXVz55)D5WAJg~lw<$hCmfdopnvhmgu*TBDGMEfz-%<J9<3+UCPCIp8I4evc1
zi9O~R61!L3@%$!Xc7Opjgr0Qy_5&UnCG)-Bs+(pFP7N<=0u$#C)~zGxj80YsEM4sl
z84^^iL^ucG*}$jjkKF6aolk`MTwgL3kGESuB7Tfs`ab?eXFA$-)U{M!gw?&gzg}o_
z2E79NCCk`|XZ}rBm`qPI%VOLDH8<=uczKhQl=H!6XGzU10fQOwM><%T0@IH-B#0?W
z1Q}kDKTJ0Z!v=3scGPn7_?P^QUD(=z9UW`~ZTl6qOZF=z5En6AZC{2Hn|IA|-FxeL
z!kgW3)SVU)E8<+z!sPz(sF|JHU(cEuUGR4bWQBde&=6?82b(G-K$&ZIyGUC2R;zQH
zC!>H+1+W8Fk$1@FgKC-QiKL4w7Lr3?ln6ar8Rimpn^D+SR@$p8ZH^h==%3c)AI77e
zWhQwndnx4}tP$<p&si#(=ArrT2L=tcmfFo6w|qNI>%+b2TFUVttCpDok#ueo_Q+uu
zq>Wdy)DKIlE$eM4RY;*k4+o%v+71XXxl|<INZe^&-1{b!sdooz)m}LT74gSteFs9l
z&8a=xz}hf7sHE?RadO>NfUZgmK@j7x5w*Hf?6W@e(0=T8A+9G&e@r!p`BO*o@mTiw
zrM8pSt%X-@9c}fN!KI3h%*S52Qw=*`E8XI$hLdF?w@1o0s*j|3EGq0XYj$vfN%RBj
zqu%d0lseiCJA-Rl8@k@3^CXVE_vE?R_@T1FXRP?WG}p7s3+Q2sA`L3Dsi&u7>SBV?
zv(cJmX2Fu#CXhDXO&iIiGDUd-cxPE9DiaYa(9^S9VP|6&Df}3dohThIXkogjSnn$?
zh)NV!AeVe!*3SS7tw2-)T7jIash^9U(;XbFIhU@aY>ttl*zIkIZK=%?$zP1v@}>b|
z^#Nfi%$*+Yf`?Nx0jPZk2la}M*Tz8FZYPURyacwa2dXF`f<X*r9u3G%Z+6j_S6h69
zzU($>j^Wgx3$qCl&Pxw{XPN`;4!=z_=-!kM70AJ#qCfd!nFesW4KrN>88r-+vrAGE
z$&--CQRU`&L!HCDp>|tGT!Llab?LY+RUnJ`G!O?ldzld$c$aLD0Pvyjl1W~$q(r{$
z$b*7b@ph$p-)!;E!!}C|vU>S5fm!cSc^Uc>b26W^%+dI@665Dit%#ljv?m|56h;1u
z2_50Ydb{5S)Xvj9Ah#G*twzrW@%L|7m3wAQ99bS2jtbd*_?qE_f6|G6@LeUyNc-x1
zmx#NI2&>BmKeEewU-JIG&5JHzvi{D=;L6AQ&M7ZMa;x06o?}cER(Yq%z~jI5QHmfX
zEabQ+Mj{Vvd0wqs2aVRX?-_4Y#2=cO$eZ!4al#7)fk=9-9(VUJY}L66Xu|XkG%VhH
z+jXpP=s~PTTPfw}L3oZsby-l4Y})7?sQ>!J2t(weR#B~K=(@_Tc~uP&dr7kXp^-th
zyF>l5*o^VY+gF6^gJr`yu_ZmY$*rr=*xLQt!lW*E#S9r~$G&!7{r5_x91?P`Ibn5+
z>6^Ms0M;{osc0p50=Wfvu{qTz>9r&{m6S3H8eNRu%md>)gNfPAT9>KuU|$fVGOfjs
zn}_c~k<<?kH#hGVVa5uv>G3dUG~BGeom|>10Q-V<Zpz1R^qxDcu+xq2__LC|*$TS>
z1?T%dezRs{?V!x_VdY+%ZO`ncmCapL*fe9#I-y<V<oBmB?b^Y51e*3Nu~_@=@N&Xl
z(+a&JX!7H7CLBI=H7magR=t`ET^Ocb+E|#I9O)YmA|nvNcotkb{q4}Yq*AlL5Nr6e
zLc_*Pudtux#)zpJ=7*X&(QFTVR~9)<{2ZUVcj%p0!%UH)mF6lhr!{0OK@az70Bx~=
z(GH(10--+kro{VRN2s%~w`uk}C`Q@*4rvvXZ%ojvCwlC9grbe7&#*U!E28U|lR9b}
zkn(7`TU9Zu`)A_zEtm@h>Ih~EWrZK%Yh|HtcWj8g&qNFU4*R@9D!3S`It;mu#Z+Sl
z^N-uDR^AoWYt-)J9J#0AQ*^bf7NE9253wQN10Ro;w|({)_cvenTYCJmzCQ(T$XL!Q
z%-L9n+|eEjrvv?NVWYw=3*jK1iAmL<E-^m_D>jSp=#H?Ud3gZ@gnrg@QldMntmtY;
zb=)J@OIV;(7%%<UBalCj7E;)~%h0<X^v+!=RLUJ#>RDD($%k$Ndrkt<;az`;ke~|>
zK)XOkBsT{L&3lIcs}6(Jj+Tw+e($>n#lBGkpaX9({1MTivrSA@rFis{4SVmmC065s
z6>q@xHX7=Zz7-<#i^*~J_5wKtOnhu`!u~GT;}6JVgN@_*RlNb&${uY{MgFICFXGQ$
z^N6mrONhv!1s7sq_&EjoHe&d@t1-^H%!1T-(!76Pu)k5*diHmFC8PJZGrh2?drJC)
z)?5*bTc4U^@2GQyl`cS-DJz%iocnWbLi=}enf6~4$j=?k9VIy%o9?|l=oMPn{emSp
zxQc_@oL67ZP{~T`)fyO>QFPc8mYtk+wJmp%cBovIQsS>*piV&We6ZitRCI9SbzEL8
zLzWv3Yb60WWI5bIgIJM{bCw(B_fCKu6MA+YdDT5g!%Tc^#-(jm@*3{)ytf=%xPhI_
zol<(B7Bp@)0jrGdDTk2(XTI<`NwQA3V)!)VDmSdt6>hvyE)uI$O)jL>SM0gsH$yWm
z?Fb|*y6UZ}tMyb2M%n|jY$8%|R+O%@EVw=q$2VgiP|AS}ap&e9mO~Khhh@3tYFnbt
z?HR&@Ik=$Lp^_)_#mQrWIV(3VuYZyo$KW_@pMdRV#IvSkB0&_fI_jF8l?`<UI_k^%
zA3C-VCf4?6(nZ;Y#%wvnSq?~CMU}3b2Ld2TbEi#jUyz|<lZslOHR3>dDtuGY8XZ~g
zX&j{Bt00%$^F0kwZoM*WYdikkI3qL@M24*zD=9f;7~9!5PWh&GqK@MkIgL}&w>J9|
z);Qv=_Z!V*rLo214YPJ5I_2`pyUl^AnQvo38lcOApM69{J-niB3MW_ss*)5<Xuyf4
z;9%v9!&^f3`taQ6!`5E%DVFgE?3L@ydOJKBH@bUwvk&{6<+V3EII{w67pwhuQr1na
zZ(!th^H#HQ>wi?#Dwtb-ExZMp*Ly|yxpU8&^bxm@2X6^rv}Vv1Kk4Z%SECC_*qx5%
z6_sFS$C-LOFMuaEvot@BA7?1ot_;|^$}_8Img;D*R?BC1QPwLghF+#deznmqj%>Bt
zsv7Qm*1V@j)coRPk;tl#{BGSfM56)a^{>jj{hjMn@Y2AB5~kc$vs}}|@3}2kg$(Ma
zqe6L1Mb9Q%yeW`YNv6RftC?fA(Y}u!GCW!qq)^$&F6^(g@D4E&b)p|CKw!MQm&D9#
zl@f4`8dol1GS%8H*1C;AEclc74P-7%;TG&fX}vg)aH~;RW@S6uv#|YDSkb3~TTOM3
zEjRUrYSz<N6)5ithMH%7wjF(Hyi}Uc*5NyPbXSSaLo9i|`{sdms}3%8tQpT9w@2=J
z2WzewP`De<?+4!T8KuT#0koN*$F(s>OABhn<f>M0_jnJqt@~~?`p6FXnDg8i5*^%t
zN7fodxgT)*o)A-cnu7Od8m^WKxI4mD#n7*o9%PJyQ!-C*(}~xQ{jJ^nwYOPmTQgqW
z95-F8%Rj6z&MM2mXGl9L!)&9q{wBvsf)w{YmlbagLfjTW(t|w4c`c1wSwm3;tdObM
zc;i=;$gU)UhYSp#nOU8Tn^#q~mVF<w4eC$*NFOcRFXt^9AW=^JWPn$H)UCf=nLSma
z4?5nNe5IRsm?UyPhC)3Q7x5s-axPQPhHs?g+vFWHm7;O^%(BC~ETm%#Mv3wYK~wb$
zj~;Prg5*^JgDXPvBtT46Y~kLTkHPj=_Zw<KQ2l(7PNyN<frTAor?|?K_W0@(^WCKS
zi8bYeE*Vweh)j%eK6TEvUo8wbOjR281a=8SQlhfa!vDrx@#vdy5SmKd>eCg`_Stf6
zB@OMm+2YWtGJC0-&vt9XzccEPz*b_O9U$lF%1%gNE_}?eVuX`1#!?)Hw#)q9x5kZM
zxO5}IBUT<l7asNkI5v^PRdRY5y-?4!$LIc#3?Yx2{2n$4v}jg-Xy-!Q+lU)>Bxfn2
zObs0BWu?z9gN3U!sst1x@5{w?OU$DhVVx(2EuRthY>^p$9y;rlmLx#*f{o&Ol;szB
zYG&l8ePZ)uKqILoUVgNMj{ox}NLpmS93sW|5Oc!vy@PD8Zofr&B2^-V$3ROPU8fDx
zSh@cWY8iocgu31AM?P6oD(K|yj=p;o)9{NG&FB{yM&2bXN9aC+mOc=E6B##s)QpgM
zSIH}kEezXl)GpA`>m~r!lWN?NN`o8C6qyxGEj}m-C|OYVrpuVO@Dp%n2@l$NUY<KF
zJu_LQ#5^WFL%#idIqp*y`C$J0CKkqV%cl$hli#1Z4d!a`1nd3aw^`GsKOau9pSEh#
z@9e;(4NO}(X{#(b!WY(SG+!)LzyHd}1K|wk4pki5_W%;g%f>)u15bsBMmSfJskj;R
zb2-EI7X&<Xf#(4!hD13-E0fr~IpC|IW|5+5*OQd{F1z-j%jq>jV8wS?(!6*XrFl~1
z1#Q;QD9``dAiUsm^U)FakEj@SgZ?FlA5qL*;?7aEu8FSP0%4AzofNhTN}W=8rTZHw
zKxaHZCx7U3$Lu{*vWAam&3n@}L!lc4VE4!Ay9&7?Pm-c}CB16Vx1F0ASb{pV)DJO&
zgRpyNR~<9BG-0>DxC|fMcIvMsVX8)gP7XhmW54VoW(^xHiMn}M>2XlPdl;}E;E}r>
zfLx8}ciJ^Pg3eXxDG5-45|z2cNckJKfhfzwy&1b7vAP}v8SmE1(PwCe#YTg?VNvzM
z6AFY=(VovdP>XbO<A#T-GjAN{HWWOXT^!yP`)f-c1--3!N<BO!<)9XyyA>0`3wk|H
zd}6xY+{sB_ZKsX--0hnL_FK2+z23#A@+~O|pdWJMyHk@PA}g8P$KQR^{m{o^rhu4|
zS*6n@0t<-|yh+qbCtqPuYeojYKRyd)8>URl>cDSWg#<rl^Q|CDxtjYvE=;UdRPi;n
z>BKP!uokLldFc4$i|tFiaXzeTi_q$xdW3adb_dv;s_QQFS&c7EC4W^PlcmPlIVF(c
z;(uVe6y|T?{m8*Gs10z)*(Ui)Azy#Rr0Vh`_3`2+ZTn}#Ab9gsGug=tmO5Lt8>wvu
zC*5-H&V27SY`;1H)1}Dm;Z2Ax!yf&Q%*6T9hf9zWo$(UfwH=U=W(ZPpY5PQYwSXqs
zznGD2uwt{xF^jMR5me%q6z6d`ac_*aQVl!N0OMfAV1Bu9{xaaSz5;UGUjdOIkF9lz
z4<2*NgnV;i2sMKR5^yId`YKrXD6|kaicYFo*P%^+30VGw^FHlLER9wr5&F5KY4Qq)
zP<ktwMCmQ$TP{3Ezrw9YK6Ka_-c}^w7|0{d?{cpZoj*!g^MfFChxps^X$^_mE!jKh
z=orYUMJ6iAF29km=$E5>aoowA<>gaP|Nb6bT^URQ&&f9Q==gl;=qYt05=pKJ6^W<b
z?nfM?rUoS`#iZX+TpSt2<+l%Z#jdcee?hkU%-_DYE458gk)+0d|El*;dy@MrVgD8x
zg~B-#N7yGA<V#MX{NkRZO||WqBM=+zR27(5V#j<Jx!dZ*<8+^Gv=s;P;VCB<k$zkt
zOjlUEfg+Wi-Yd^C>zji`8?O5xeN{$L#y!lT&skVz_g3`0`Oa5KpDVCMK_qXkSEcV(
zC{nH<(c=Ss+X^=ph7X@tYKmgn<XG+(yX;g*jb4%Kw>t3})9M-W1G>yvM=y0&F9_?y
z;!&lMA-^v3xBjid-bAoW8hEHQcMu~3YKsiKa5C9HJH_T^E|wQ9&O)JsmicwxUjrF<
z+c}U3#!*Iy>=afM^F=^vKrgqWnFskj!;+uPmg@%99=YFL%EL(+S+e#p-gwKUOk5M^
zJA5fRwB8aI=<Tt4%t}?Yu%dAK{{aiM6c2h8?%t*H^H0lt)-OTWB*0BEGgE%_sYGvZ
zBm4G<j|5EIlCn35A6J0?&UsZgH1IQ&qik|TzIia7{uLlHZ^v0KwWGN*-(e}CYVbOD
zwzC<U1=GQq6qn0ck24HA@Z%_rD-2r-9R*%44NuJ-?b%JMc8$58nCy9MNAoLN@-4Qq
zHp*<PN9jSS{PP4*g&9RG)o(j_Lfss&tNMf1lPQ>4DL9T1DBFeazSHOWszp-CZ?>>!
z7YKH}{kuP8^3h$;^x;QzhQ`LIxA#fT!A7Z)P%l7o)Xluc6w?KNs2vXMC+?^!tSZIr
zHQGKqtPb3f+1P~ddDU=EedzZ~VIrpQ%5dWCvGVC7V~qEL85mb!FxEIhwS3RYBDS|6
zSV9Q)O)Td6?~b2!Rj;Y^!r0ns)AFARU@-Z~@>Mwv@_Nc@;0hwx-~8$<1sr;2F(h;3
z#NwV>0Kp+A(EBz0KGb$4lm7~SPj?g5T^SwnSu=5x>Z^O|PgxjE-c3&4IT>zsJ6Ofw
z9hE~r6Xro)d}qA_f0u6RhE{}rb-bFTA}j(K9-<5bo0LnucOr7VMvPZ=1Vy#^JtQRR
zrEaVgKu5#fb8VsST95zQjvg*+n>zq(cxJno1YDc7h>!9a-P7x;A3a%e<f}^MxaEor
z9`z&R9d-HnuUGT8I_n1nx^%1bH)I4H%;6bgi3UHI1GBsY*5XnM#NcB-3V)IGujXyx
zoCgN7G&N);B+Jp!;Kx#&qs}1STTfr^<Ikon-^Gg9$KDyL@Q(se)Iu`KYz+CSE%gZx
zx_+2ozGqFh$jy)Oij>IPi@nhtlJz~)>(km5VS}%Q_^vVMlckU0fvGK!HmIGdN_A)N
zrajeVbrX80L*SX0sP?<?J-LY~s|x$;XDgG*;H5ynY=(r|ipj@5T7=lHhmFhE`tsk?
zT4y}~)($I7Drr|2N|DqhIe-0H=%ei+TncoIw4cclca685SweMAM_<!dXJbdbjU(+t
zvc?bx;4P7%#+17IzPHV>4zgP~r0rI1OtO-)tU+=5G*f&s?2dk=NK`TuoBgMJ2`OF*
zn!jDcLL+-<BgA9KR~|&L&4`-+)ICMS>pOp)i-gby#PWYqM78^Ui^+kaO&rc_EAl;q
zd@rkWXl_ejTQGvuWAfYapgoZ@@!^b9Rukc$6T88c$@o_iO9~z?%t0qOSg7wU9q3fF
zF|*`C;zzwU;*er|3Bzv4$5`ML1CF^w2sWXFy<W7==V+D^;73$7T}QiP1v>in=_+oC
zK5nSEQVE41Z?%?_<+E}XrJ<3I@i!`z1NqA3?^O5gXZY_&?djp-oSUpbYwd@VBaw3@
z100))OefGyS^lqz*x|Cdj_(T#6#yYu<HH&fg^dU~aYPf_sP_ZBRJiq7YV+W3$<z~Z
z;C^yCyUqdxtg9M9AznPA`qiQ_M?)=ij<?cShhW8=A1|Nke4z0Sm}hXH9G~7dX2=%_
z80UN!6f~P>1U_Ov(6>E0SU4;_TJw~VQEW?T;MA(oldfGdx8{#;iR087qsmm{nlsy>
zaKSV3q%%M`(|Jzdy+1S=!M*_;rS7;|qNS>0j602QB5+wkC->_gdtf0qtis>gcOA_3
zrfgYENgo`tsIfH4Arwp5kWTwqUk>$kd?cy}*!TR#zu(@I)ghMi04ny*DAZeT^9`7e
z^nY@E$7L^C0M1<Z#WL%A=%cnU!EyRspsoq`O5~_PZ?~0%yZNyva2^-d8D>EzIX0Fb
z-k&J<qmC`qL*)j{IUVCcEOslgIS*C8cO?^h(fT~YMOGYS4H-S%)(I81j8gj$6uJjx
z5;+S;1WS(e{13X)AnuJSqepr@TTO1>W={r~A??S52&9PZOk$))qWjJ$B36SXbU7DM
z+S)7(6nR#;)#vCdX6wW(^1}y{#kminy+T&U1HO`gUc|OFw~Z%=6nrH(@ijzN@7Xc!
zMj-Zc6GyFt+pG5mk*bICNI%&vCcK@k4{Oz4-)>I624$&om(1|WS`b0%^34YwgIcXE
z;3?zcdob+ZOZ#k(t;O~niKJsWX93a|+`)X3wn_?J9<(@zKbTpkSVyBx`b^O7zuPCU
zE4w_E$Fle4OW{ILsr-?ztBXt>F|DEqmwvC^O~SJ|2pfjRCpYh|g-pqit3kk!4=9Xe
zyb6+llUl<w=V+7V#4-%A({JSIJJ?SQ7TTg<frUf96$CXEAC}o=-^+jjO7~VPznLu-
zI2d35)*Q-s9xy|$2GX?EwB6t`p=2HYTr~B1Vo{*!GBp0()FqM$NqgNrn*<h)tXVZ_
z0b+72W?9ctM5Q8^pmp3smS;9*u_xUVLRvT@&4$d-5L2}G3zp1h>mFAz9BlVs9WxXo
zngPi2q$NUP4IuJy1PIN%|5kGj(MM&<HwJwOy+x{7Np2ZKW(V7!^Z1YDfw3qo;#_pL
z*i01cgU0RbS>)}5VXD_iO70miRg90BIX-66PLS3H$tGC$BerYe#8r@>VS;Tr^W|fS
zdu&~;R$8qC)s*(8Q63*M)Apd*nrDK6cD(|&;Mq)AmaHxjtD}xPxs0eS9&R5EYVZ)~
z(3otxoYWxNydybvO*_>uLz*f|cwQSdLnp@yT3-H=!YfNX{8Iz_CoxAhlS?0R=N%mp
zqNo)FM2f}U`e=~$Y6M6`qa#-y^@`u=nslCLeOyaJ_ov9#GUq9sNm?E6QGj<2lRAJe
zI#f-v7Hx_4$lW1Bn1wSKRIv?G6FV4P89lZU)C%kJtB2%plv-{j?s-sdZ`*p9hT;w;
zqE2;YK~;kjvZ-p0W{+z4PL8!JmzL^bTDdtA<9H!Q^%MK@;~koS1OJD_tx?8JXUD~(
znF^7yVtTHZ;#HYfTuB~Bkibi3Ab^L#eQl)|vQ&sTUi0MEq;cT`7zpFMjBFG$8McWm
zxG(3DLiU1N5Gr%TE(FCIOkL0KPb^2x?-1avW?)adQlvT#)?OgIb&TtATMD9L(6Y4@
z2~WSIM+`aMNGx<r9J`5YaL1Ie{|J2JGl%LhfVZK1%%^#M{G<seWpJxat#HU~4%J;W
zWd@#5O=<@@00!P~cztClg`247aVvx4c`0UfYIN2BT^{#Q)h@s7Ydbl4+PNEr{i4dR
zckC*cj!3$x5l+0tJPnemzFpm6%XGqF2W>R5BO*E(8^<QFOZL+OxmRebO|_HFoRXRG
z29M=%8XntOPa6VvCgLrm?X+TSm(+7}+*l&##ZQO=ZDSjgNX_4^+a-sQa9o$*FpIXd
z-^%ar2g3XN?Y7_@FY?|E@Q|7um0^jM;$#nFI8+v7nGv~Zy>EczjdA6W^lvg7f+$SR
z^FvNI2FVvE%qNRqCg9Vi{kY>P9?`y5^;^J1Bd|-a9#ojXM4T#L`HVVO#B~9!U}^Vb
zc2cd?7rr#3S6e>&`?8F!X@VKkS0#1L8@NVe3@M{l8hnmWtE&7sq&df})<0k;&tD*D
zy4+~$Z0!xMVWGhgOBC(Z0?l&dMsw=QA3sLa*t#(|EHz=aeX`N&S~H6kR;X(>)H(G!
zaJn%98!d2Xu%=C4z=YK)es2)Q1~t|#(`Ke@Ea{qkPBijNguid%-UCIq%Cx|hta*46
zT*B<HA9`G|)5Y)sIojfU&%r)<SyOq()w;8(jYWOG)s8<;)a#z5pc4zHg}pA8uK~5>
zidy4i5p9T4{}V~BtM-#eSz62#9zd`=LvuN8oC|6c^Fz<qK5D(6-g0aC`b;May;)?R
zIqA*#cx6d9s5$grh*4yyMo%Xrh$8tnvB7k{#wX06^)FzAJ(`JrvrK)|#J-2DsdjDN
zUdtdM4TZ=0tM(X#*mml{TkvT?AynNrbKJ6>T`hXtqkTW53y_3cr}HKTu>e9hsAP@>
zK<<W}syM>Fu?1of%n#kAS4y!MMGR@4<p)VKY?Ig6E%B}%zM*!@6QMXy^1Q<)yS9-w
z67uA3SWFbeN-6Jy&=k`qP_>R2l4ChGFn;E}YOAMMT$<b_JkuN5wYZJW+XgCb&a*io
zlZHb8b(*r~je~6{V&WBjBOH|TgV4Zw_OZg+`k2r2Dh+ahZw)tH%VbMa$r@5z%g$~A
zN3RCjvrI6k1bZMX&LS`%F10Lf@Y4C~(hCnfLKS?jcghX2%aIAAPHa`4z0KU#=OH~5
z-BXVMcdY$^rK!3IbyN;_FnSXl;4g|z``Gj2CLf+j80u|!*D7yi!@-}5gKH=iVRp0I
zQXnG{N;&hWPe#I%SIZ+SM-u(eV{TqAK|LtyLP<7upi9Z-&g4Xikpizh1@|D7CM9#+
zf%09cL@<rmW`X`#r>tJHK_)57CS#2$EV(HFKNIWy7fW-Gz)Q<i7<p3w<vEX2{*$~Y
zbk>%pLwRXzTE}y?`T8}LhkfwL%cM0j7OO)Nwo&f62v)w*`{ExrsX7_Zyqkkst{$9x
zCN-Dq4~VTFrn6AZ$fPp;Yem1gg6)y<jy>yW-p{G*7NAqVKbRuSjGC;n2&nXXC`05-
zhO7~4)d0zI))x#0?i&cxTnuxORT}=S{I%bGo1RNr<ITh25&ME$=8lY!;l@t7U3ILm
zBMW0}SLEFGA@$nJ6-1=@u#OT!K2@Df#wPz{NljC@{dnTU8h<Vk7PVH$YasQJbJA-?
z@;Ihbe9&+~Z#COslB<#zOBKN^;=c{#Os0LawBBGDW!RCh-Ggs!a=Pvu)i92o)NDTS
zbe~RvpCs*G4<>|KOrPb^k1^}}XWvb(DTx%;?rAvRR?#P_2{;+JdL&+U@0*jSv;!KN
zcbRH|j|4%p$^?4A43E7oQ4XZ=(Ri+-0Z~JaY-9&^p6K74`v7{kP^8~Rk<O|e6^hY3
z<ulQm6%QTk>eoi_3zZ=CK(PZX8=E6>5Tk=oCaPm?%3aUkgKf~kBb>m!S;LBV=$`|!
zF=Hl;-Lh#y6A*EN4QLxeJgate^oA@`6Hi<`6XcA9zXV+G(Ipk+341s;V|fT!wK`}Z
z`e>wGmpsY>NE3d2dzB`tM>n=&!E7+gFa_TCQ{_s&naKFwO<x0hy9zZ;O@s0ETKt~!
zO?^_*{5&>cR?;bpRQhDoIW<wj-3TP4See+sq|pFR@*VtI_~V*<j662#b7j#)=mn#0
zlGF-ylX}sCDdgh#^)rEfZ?WmBG61$)Pl+ynotT>(&=WrpbC`XYu{G5O8U_)E8{(9T
zTDlqcjmO$J2nm(A8t&d{*;-zub$(#zipfIpcn_Vb@kJn4dQQ<dUazC=rq#Oe9y^E-
zYBOt3ANZQ89QFgU$=VXW{FXFBYa>xbG;%U{D#1adJ4aqz5OA>GJej{2Y6W~c=spsA
z0hH#76amMZrE|z>Gzc!oKy3~7@`77=NsUKK1MW$~8v3@Y>PNqnV>_mtko|hCppI~+
zcn~wFA9U~yP_!3m&wmx_*ks*9(6}!&-|Xn+F)}!h4%;|!*~=;R#g#I{Q$3nb9X;;O
z%YDNnI>fWDx|Xq|bx^ld2QYz={wX5u2waXf*YQ#Z+c99Ulo!^%Yq|Q>eW#<~Xo+X}
zpxAK|zPA#~9ptQ5<9y<=D^WUrdrzff(@cdk2lUWdFPvJ$+$Zr<^y<{5rKYgaCisv*
zYzZA2%mC*+kwAYl$&Ts*1C-8IU$gdaatYqXiey2p&jZUJn{B#My_dB@uW{vMhG|!N
zUM5%V;qs_@^*UjN(f4%o5dU9OcPlP$AETimbEzuqZ@HQWsJSwxo0o_)I{H`*St594
zqn*HFH5oX0J0$0wF7?$3@aEY#j(Nd-4|S|f?wxd*fpHa?S&D0NqZnP;I$=R=lbn7e
z082ql(E+|u>P7-GI_ju_7(6=EJ$e~WRa+#Fe|hL*mSxyS;*t}64d3|@5RubF>T4RP
z)oa<BCbe3u_?11Mvz>TJW&4(|vCBPc-%@Z2MEHThLnWn!hrI#WPOABh?{u1lT`^TG
zr6Lb+<lXs=k1T`K1{GR>>6jPC1hI_E@aK_sp)puhzLZ>4_eM1<S}T@kkJ=X0ct)jq
zNfazf1<)SR){BtnG!Vyd3qjUlr>m0rDvQU(9wyH&tNS07r&#JwI8+FcoK5+OC$B&}
zYdK%^H$x7M5p&hcv(1rK&Xlm+slCm^dnd^iy$vpYk0lUbph_@u^nprsd3Z<l4ua&z
zAXM&fD^^s)e9_J9>-CfN+M{JVS^v=*Mtzvgg40WaOvl{n4y*5>YuCw_V$%HjHWGu{
zD(G+q6AL%er=vItPTUUg%0KF989ASf<6tj+pI@noJ>uEM714o*LudBZ@_CVfnPKx>
za{-?f+|>vKD90y+4LTx?W+Eqc9y$;Ojas;wPXMZ3o8Z0~To%iBoRkHzE<F2(NW)My
zB5XJXb0I9;yKCS8N4BQMfs9bwTopl=&%h)?&yZ=i_&p<2t8n8{?hUH_FP|>OCY<L9
zn`zHvx@u#i6J(iU4=<;*VasFI&$PbNlJ5f6u~Da+G7P&O96keqmQ`fZPimal+wC4F
zDb4vtM%RG`-ETxr?XoQHmD3FoJQ?C25X`SM-mkjb5URA_^Tq;}f|UB)FJB6-KTUny
zxf^$f2&c%BYb`0SfnOe2>vLU}c1Q$C#43sEhKnj5h%T#y%ffG7HRt(Ny#$gKh8Y~D
zesmz3QX)b)8V1QiWg|C~N7~fyI3gKqbl%Pwe%;6gq<LTAu4z&kFDJq~v?L($ht-=6
zX!_9QAJJ2G0NYu}K{RkB-*+jDo<g$eA3CraP+Iws%9S54Q|NVWb<~`|dE^g4$9;L@
zv29yj2(;?Got?_J-@^g-OAtHLn}=GLPOz!d+TC$QUe&6XTez(2-w>T}f_xu!Hn*qD
zBYQ@<uY%9%NrcMFf*cHnKHBk(U5d>*r<WJgH?W1@jpIXcI%)y7*{;0&0qXV1@TMRU
zj}s$%*TISCnu<)gqx;-!QoLh3^K~TC3G_!Hyml>r516sDT$(S1=!Q#mJsc3`Tf}zd
zCEW_P7R^xR9mU2zt@l~?eZVI8oFHB!c0Y@xpZ!1~P?o2(Yf!{Gv(M2R`$g;i>ZThL
zYO!!KwVRa3I53QNdvJM?ebfS<XeDP`jA2t6ZnLNb4u7XnSgu0p7m)bIUR;$AGyj16
zG*kemyT-2uPgdiMx4T=I4k;nV?W({r1{HC*EWS@q`ZSkRl22}XOxCGBJuLkQryBy*
z7)$RA%9bOuWeO~7Mt*$V_D%5hfqk|JrlEYB;#vfDL}i&cPjIN;1~V^UK=T%(eb(}Y
zg@|*Xt@wtxbqFF{%F+r`k9U3yW2NX=-~ki4khkM@@ch{<T|o?rR)tMklN+M>(q8o7
zdOfQ0gc;;v-BZ01#t@ppEzKG*4Q>A_YHl3*9+rmlb8`S~I%$7B4@U+nMG1ZHyCnPh
z%fz}wAsp1muiz5pHz2<<dv{EvNZWP>HJ9OFhWaboQB-@%VTEFzbQ2Niivg%-TRNco
zF(#00-2Q5TtFZ@zVO<?_Bu1H(PPo8CtFo(CZWOUcbo^6o!R5o`MFj<<57E{o$rlJ~
z9(Mz^FwE50k)PvrahZyXf7M)4t?NpIl;XW4GiRx&)o@gWhDhaEUp|$pW$}gy8Gpl=
z?Rh?meK~MP5OCu_mZuw3rGB$3Ho3&A*_kTkW_Yi&Wfqsyvfq#(iXa#EME>pc{f{S=
z4C-T42@Uf2lu>wSu1ZFYqWk#sl#R!h`guRhjVr1s&H`WHB>nUqZVf-Q!eY3Sg97na
zqFn{^Jvk-yd_@~%m|~xYqJXTd6)r~p&{_ANJ^w+M5tWUiPy<Ebm-(gkfs{4@cvtzt
z(ss*dK?qYKW83bD`<1=@Bj|!Obou){K_PHy<Gn6!mtGi}8E}$^lsm|3-0poO_?D%v
zz|}nm(nU5vV%Bx_I$v;Ae+qm+&?q%F^NgbhY}~4T!g6}vcLwr<>Tm<&XWjr4o$E)f
zrSIcOUKpsMo1<yxJ!Epf@x&iH|M#koUgIr_>gYQIeFb*{bd3DDw5lUgZb!7}K0kVg
zoT}umS#7QC<7P|<sI-)UF2pnz|G*S{B8Z6QlDs4=nCfbHCdgT;?RH-n2L-ucp{3>n
zSpta4g37x__Pjixl|CRl&$3SIEujPc>-)^x?T^lDz(~R_^IgLPb;UN{O4oR!0Vj<b
zL7gJ?K{<W(rmctOT3zO2n{5jvcV``{axNP@R2;=3j`Mab(s>cvRDV2D{vgM_R;xO^
zkXN%o^mAm@Eh14gefjLQ6fm0nPG8;WKI#r#L^^<-pUTbYWIEd5uvC`8m^y7qCxWrd
z=2A>l;h`Y8%}l@awiDIN=e$ga#*i?)+96n+5`j&2$p1KdVg0zJMS?!!Wq&bWDURRG
zL^sqs#1i{72~B%!Z9U%m;fy@Ui{~p%3$pavwAi@o!U!D-s48jVtwqG4wvdiW0jQ1i
z@h~$ANnQcjVvWxQuQY3lC?gXymLrnFopQ{atu;~aL5%1R-RAItHQhK*XAnx}!4t7V
zq_RvD1snFvlF%8megreoaM0Zz;We8495=HS1@r#KWE+S;BdjUiHDTR_UdQk&ZB&zV
zW>FzHM@FQ6a<d*nW|$4od9a$LLT;V)k|C4Bou}dk*|k3N4<+!CBfX~d3e&8iSq+X?
z7#JxbMa%qHS5{ppA-B#0@5kc6n`~|zB+2OpVguEk-o_Q0S|Rwk%KnP?VDf8EK{E@c
zPbNH#QV-UcH5$iTjjS1GB8T*?Un}aEKjuWkN?EW21n!=V9-NI1;sI%#T(D_M5qiqp
zZKl#!ju9Y8wemHD2;?@77yGNW26WWdKAdkK0mn!N$}+of#Kxr?xW~lgaDPc(u*o^3
zmb7~0IuW6Ig(z317NTI9-PT(otH2%Pu_70|sPgqC1!ChMQE>eVh3nqaQbl(N@Y$e&
zL9N<oGkWk9$<~{|sRd0z;?b=~xq7OEHA$wz^+>(98!5RM42?Z@Jk+NZ&xS9N*aT86
zc<(mFHrF|p(sC9vWEdfG_$6Zo0DVw$Q6N3$-B{Vg<TomTH0E08a20wP28!o9vdmDz
zkvid@idie6R$DLj1FERD!w!1h-AIhBPsi^ZctmsW<Yie&ELWHgW&pk5(eY)4oM+~k
zb1bGl{mU>H`r$s{M=NQfwPR{)(d2-x)gwq!F@O9}+WNi7<#-Q=QJ%2P0PD6MM@~vC
zES*F{)~J;?-e;v6Qr(A|(?4pz{phCu&|O@`n-`a1$v7SWII2wM^*i7l_)tB_hg@x2
zx*<?>zW%{UN{f>{-$D5Th1t7y=}_Ib&8SA0`gm<!NvXpTaGHGFoQQgY;1={sgi2S~
zeUZ2VUQGyoonR!cMQHvAvdEBI*2!|ZXLUH-5w2}CS;oadZNJ-FxyRTVT`=b+@IJ2L
znjY|WAKiLV$ZV<t5Og=*x$AD}@xjQc^||NcqF!B|G-5IHcshwuS%C)GpyhY*c@O2$
zh5F|_b}QnZI_zi;%r#GUiXV;5_7bf!33tvXp$pW@<PTs8LF2(c_f1nHu!8b97}<I2
z>nhgk=wC6x!O}QDsae(+I){iQuJ9>f-FDV=n2Z=~M0&oW;!E8~MqCxm(cV`8o_CJt
zXy2W1)h0_Rf91W%TD(^e8OIv|f!9&{-7Q5LGs#38A1kkH`z`Hp9%Gbym&XQGj=;Vv
z`zI^z$F^m2bPI#P^-&9k6U<G<6=1BhA!1gqUhNIG{<~V%*+y$%qTfM($OoxjO(LnH
z7nw8DU#!6?+kXvP%Z;hdm+gG4GRV;*4H|1_H8dT1Tb|1i9L=n=UJ6F=6bi8Kms9dd
zF(dF8sOJhDPo{v%xtkd8k{GW)<{J?<Yj$qYGUO+b);P$PUxMFFwvcmwnfc+G<vk1O
zsar;U1=GMB+WI7|wDR&or<dntNVm-R*V$;{Q6IF^RYCig-<XSTK)UaG-|Q#}$_Nc=
z!2Cd~+lB!cHF`{{Sq{BPh;Il`?L}{rg!%m5kN-~8I!VH6_7O+1IVl;cU`ttKTyeZZ
zbR3`<=#k2E39lrVtmf_}+U*!i9q*s<FAr8tOeScmqx?ZNz5bvZtyME_XRWZmzf5_1
zK{#+YewkZqizP8;$>7<}d_AHaNGUI=dOp0HIozc4*uqV)6!<|g;!ov(Gp@&D95rgG
z6MCF05|^W8-IG(L&;iFal{N*_+20)3Ut5B}!vZFsySk*t(TT4xTk56K0oi33`r0lW
zMU%Zl>hG$gp9;Vv`a_wk$iNhL&IN%c*C<I^6&=!z62uSAtv1eA<T)obQ;(9-)LbeX
z3`M7St~R$V7>b^4Aeg$(eNz&~NJ`f3Wv$o{qIF>Y0-7htB-BM8lU#Jz0Qb?J{3y(N
z+T<*n1E&uL3o5sJ^~6SBM}_nCzCISkgqWPvqv{{`OyVO;Wj8(VtI^@G_V-hO$3LwN
z=qAhUV4n?NvPuYw;5;i<_Fc4_H91px+gZA$46v(QIa%yj7MU630_&y%INeXL9iaUV
z*J*)PtS%hmpHSgCIcDGBsZu?#wL^I)xowyPJ>a!leW=J3Rh?Vx$}XyBPy>?{Z0%tW
zK((@_<L6pAF+rW8Q&^yzd8aFYaZvhhTduoD`{QLb2Q6hewL&mQ%8rr*ObGLQh|1Tn
z4wJN+rRGA(03v(D9x|G;^zen!YwgX%kxZ|Sj1;5-4YRx>ka<?Kb#Kru%@FVV*!e?c
zt4gcqniT5c?YS4#vG-K)9)uVm1xwejCWherMN@03d~OMxoB5L}A>-}Yrl@ivBk6$w
zDKXYy%~+O=^!~xe*%S6`JN<4}c5k-tgm!{xjnIz5(}+OOe0zwM4NXcsSX4~B^2d5S
z(8Rn53w-JqA_|_=@X?Y)h=fpZhAcha4yE+gGfy}l_j^dcL>W!-aCD)j^TDF1@_Ey3
zXzEF-ZFU1}$+SX!{zX8lhSu2_n!;RC(F9v0r^w2Ydhhg(;NgH}a~tJ-OK`Z9vYMP`
zGxLegf`r|oUM9ntya3d}1J70SE1Ikf?NL-c(Ne6DNjEDyKJl{fiBmaj-pFl$eK6gB
z&K0(^kf3z7ilu*T`%4q-1386YdO{+h+%rCvA1iKcJ8=z9&ADGVS>yLfeKXV$c;W1y
z|B&ds8lnGYQVPY@2UAoDN-}ESfShK9R&_Uq${N@iQazqp4h_mL?%xbIk$k-{rgHW#
zG?%tZnqY8pipp&8%)PA~oUFTc^eYzGup7Dp=G8wwN-gx4EcGHo^bi)mNxJdLNn?s<
zqXb1#I3xFVJ11IHPEC54UC*S8jvytx#@1HyA+Mky$y^Kw&)PKggoF(O)ELQp;=p%(
zD$Db!<@-Xy^RquE3lRFsw*9dQO@4uSn@WIDv(4gt)B0#~L0|=Hxnm<fFWo_w%E?Yr
zPoD1Fr0mbvJ~mm+(xFIf|328y%{d0sc<?3tmSS*xa*Bu9`l||M!tK))c51y$W6B?b
zoN9ze8FX%dKwdWOnphi)Q}mB77}>oJ@$BpLEU#)uNHqw5+r}?Yg3W^?2$kjNQ&;zX
zF|P1Hz4?MmXXi~UQQ?@Fz(Iq~5jDj#UXdnAF-0Wj0{5uNjk8S^qj^x)Cb@dp4^Ej8
z*3HcBlEbt$Mv*6!D>s<4%W%ACvFaWG!6vET;CSEP*)~t33299<6cuaOMzvL=y6yI~
zhEgIRH6kr}Qr&%YvhQUbF@7#{up{t;^QBq2%dY8*z^)5KypWnH;L;}DQ^70uBvO)%
zgIVkH<j6iGbHMnWQnwIB>K+<0iz>D?-E;ja-)(mUsK!4N6M`QXf|NN9y?nhrCm>KP
zG$_;0=Z?^?nu9<3lVb&!a6qJ<@)XrI<uKKx>oMTCH5X{*7A)(jqThECePdyC4xb#0
z5Uze`Si*t&huR<EO&riIU}3ByF!@uex7*J1(T359y`&g6ZwjrYWahtm!HPg+dRWYt
zSj$D!p$e#oV+ZTIj~8x-ra0Ic5Yt*XG(8Xo(~LBTRwgtsQ0~kb<ML2aC33o=uSoK%
z-?2Y1E68ZI#70-hFfEOjp~AouKIj(1ap=|zywCR_zJX(t_F7y)+OZ)914pF8F2hLM
z!mAh}<qbQF&?%Z^C!qG|{Y;{hO^utOZP2dsz+tbTFqIsrAr|hpv7snXRsB8pvwPWq
z-4$Fbv$x+;1e!47WE{n7Pm3)wx<jn*zTx9x2#T|a6mG||<J5m2Zd5keQ`XW57=IH1
zk*-UdHh8VS?<3_!g?eh^=MfsHV=3^$E2C*zQPU|;9aTWC+ew3DLg5Ain2eA~;HcB7
zl`meF@x#TImwuOXh;7=^YmYG2!+?lr=lEpNI3#k$>Kc7WAB>@lv$XihnKx|sqpq2v
zULLnZu`1HM+ENy?Ykf!&N>9J7YDFUMspTp<+TA?*5H|e#tOZJ?EZLS=^;j7ufWl@q
zeBc3eD=6iqS^Lq73@Mrh1E-@j(rjB}K=|p<2f}H>k}G6ZSC);WQv^J9Ppb<lgbr8k
z!!SOQ#{DHhx`NQ6(y&xU)xax4hz13^Y^uJk={JXD)O}UN6!1JxB|kn7B%pQXc=#4I
z@;t5T#dukv{pI88;&Bu3esPcYgT^hN=oA4VSsC7wv5&VS^U|AOu2IrZA+EDE2U`qR
zQ+!0a6jlOxE^`p8Zecxa!))70PhHtb8B7FLC=+<-|M`6mNu;hk_IWt4ky`7!XEmG7
zR&4(Lt17>#%-~77!2X6HuiVE@GILip_dr8Ap3&_qz?o4^@|N${mP9t_y5_5EBQn^F
z5CxOD4<`M;hCvE5=rbyBr)!p?;odfPJ%1)bp_jHKa=OEuB_%@E^h>@`N)ekTOaJ#p
zyM1^9$U#eFCG1e>6YspgG^u=7#~!_kOvl<YrT9Ba4=D2O#p6ognrO`)+6h4$$3Vl;
z3Tml%Dm{^Y`yq*Nyu7mQ0?zf6LgLt$GCb)m!wV0{&LX0EkSsd}cgsDr4>Ib$QiOih
zGarRZ!-xf>{b>TUl)=vlWvRLk>haCr|3)}K{~&t0LxvrdyoXh&zIZ7!n0fuylC3SH
z2VRVShP-fT-K;047f?FXe9Z64PuQH&VVB^i=SU~AV!Pd!@X0-APbIwC!XPzGZ8hKA
zov~d1b$(m%D6~_D3NuMjNe)4%%%7Bx-Moukm%e02f^#;Db8BLby9RlM?|sv#bmK}G
za>vd~%VbZ2K%*rGGwUu6CQDXT-s-$}J3gZB7fw|DQJ8@_Zn{I07gc|hpHNjfWY-cA
z;R*T9w@vB}1Hn~2JNDW^Z#(wtbg~Mst!!+r+2Of1?S3fP3%44cmw)_Lez?}aZXfI&
znhtr@Wyn67c=fbs$90q^^04+euHi>l`s8;<2kxC3YoewAp%P<8b#50a{m1WAo9;gm
zK>%I93EQVTM&UT*J0%RNT45`LI<w4uCrznTB2amnWGza+Mfqcg)o6Zvp{*_0cJgK{
zLD0*Qe9x)d39*QlLCUVKK}+Jc9K(~kwz9a)$^4PT;VZEa=$?Xec$dzjlCQz=4Ay03
z8xI*HW(R20iZTa5!b*xKa2EC|V6rrL;T32+9n3h0VO+-n<}{i%miX`VM`Z<pv?c1#
z4@!c@q;z?H%lo;iH54W96t?2Shujc&y)t}cghO$iJSWj{Hp)|4d3t7Hp_PA|;$0-m
z)0D$1IwM>^#g>TFy9b@6v6Etd8P(zyu58C2B>_OEjsAF2HeWSh-dRX<pn}VxU6Qmr
z(wW3!BRk?gNs#!w5Dk>rZ=+Dhc$<3H;_-Y#b0{@*=Zn<gLMZi_G6TY>gzyyttX^&A
zh0D$GnPVVGwmaANxLbK)d=ZLH?=*%ysxn0<^&g)fw1kZ>l5Z7CeLPnx<)#m``8M$E
z$RzGIEuGky5R~sFb}=%w*&aA8XO0H8mdY2bF0a+CFFlpoYwJNzmoh+Hm7%wuDf&`(
z%3Fkzdp*mCjK?e=Oy6jGq{OZc`?Z8J2|Dw^TW@B;La5qg5w`=cu!Q2<5PUI@dO{!k
z>tW{m;h*pIYm}P@GnoMo>t;QopSQj`T2|-x(2HpFIjXQpq@)ok?4Lt4oY)BpMHnRs
z^*>~$aE!exQuvUDBtepe6~6c;`HkD!BjprDf*7mdon)zwmRX9kgCWu}I(SeALqK(_
ztv|o*pkZjHcR-ze!<I|d+Yn-KAk~O^#f`#)>FOs#tkE&uZr;FI6;;8s;;CtM_+AsN
z;0~9LQ8k;k2#I!oCr?i07c#Xv2JKsAM_X0x!tVR&9Zj~1BB}?ru1?-rZ4W)-T%A!h
ziW&QWiW)mxWo@&~$mGF5^b~4-<)qYRC#x8xc=N^DGl^w%_d#jsm9bM2bO)Wl&wN#G
zZ9plKQvky*sHxF)x%vE=3=()zI%@xU3O(nR?$6UAG7{crSQ#v`m6$*2AB=Vh9xNqL
zw4qQ%y;P*++1mR7tTu_6{99kAW-^JYYZsN`cR?q`bRzL;vs&sYHp+_{i#%Yy#X;7q
z4-+WqnB!tzcVnPV>bUks?h~~FhViQ_%Yof2z)?j><tH1a@ok#SG_TfmZx_{-$=)34
zf;YM5Q8ItcU#mNNewX&L`~A!BvZv95XGxh@U+5Lp8HXqge<o2lMv@-EXckE>C54E;
zyphCm{paZ?x6q#6c-Q>nKbzCgzv-UrMqO`M+`B7wLlzVDXgh$~e&WNb^vGYE;pBA>
z<>%{?(!naE*=$c;#eHs7_pjg)J$l29|L)Ek<kz3$HzxSYn_E>ehnGL|N!|>OAkAid
zq5pB)AM=hI$MEl;9=G^;+y-Ht8pa(LiLI-Ww!y@tOl&W}MNPEJsNdZ6&3deK18?{V
zAntpsdg|9rz6rp8v{^9mFVw4AkHgY#-7R|Ok9EgQ!}ClsVAPw5EquJcEQ45M^ozb3
z2lQZm=8`lC^S||IQ~&geYK{4O3i~L{cnatJU%)rx(4H%w?@KZS50HKpN`B-I5UHUv
z<lQ<Y#Ggya|Lh<%RO2+9_e~!EY8=jo&S3kqZ86vHwq`i^s{d|VOcihrS;gq~*_jxa
zNy(kOYVn?bVgOD-^pl}ya{T<=ezNo5P2<2peepl;E$x<`eN*ismN-SgchpC;<g;V7
zZqY9Wd!xShr!r7Ip%!nQ$A7g)@-92-qvuZ*y$R%>(nWpm@2&&R`cB1&GOP2iGk*Uk
zus^Y)?&}wfUkArMO8YNZCGY-*@$(3<`dbw!1gFT)5ddfExp7BaWZNHgr9l1o?`-`P
z?VoLb2~EXF^CGZi|6ukfSdxo~W&WF3;HPR%Z|N7>d=zQF4lFxmHt0fTPaFM<+5a1?
zz~55rC;Q)l{Tpjj<3%dC5bLQ8eo^-G6e-$2c?JG(u!_;WGclgQ_~~}6q|`JH>c8pw
zpFMU#(=)BqUj)|gj9B3BXm+OAwF@;1{zEapRqzum?r8`A3QZ_~IbEoNvqq;D|I=P)
zw*~weJN|cI|L?I1UZmJltiYea;7@;@a`uP6{?!M6EB1`CbARolJfr_lw*I@l^nri2
zJr#@FMQC>~WEOOhzl8rOm_NY&!(KqxMgCg5&|m+$um1;F0gem7HZ@-)*$c7$^w$|>
zfB5S{tUncdM%gcWfq_qH9GCw|*MA$sE@*nn?1OI?fR%ZD5wRHmv=?w14G8{oO!ze<
zoS}`r^q>B^c99BxHu|T({&iayVFkoLqoVBpA=v+p^~yzxy$~ze+3<Bn*{Quw>yM}7
z*M(qzjtFO*o%_od#n!*#{D1Y=znh*)_R$|;f!~?I=_viLU=V%lB7dQN<KKzFFR=gV
zFPYPb_pihN<8ONbe`f~&d$9k{us&!wSL|v0InQD)2K&=rXPo`*uZyw%RO}gL=l=SV
z#)0=ww*Isi@Mn&ALEAIU)}5pM6YQIdm<{-+zs@B4--oYg;KqOYOZ-9=oHhEVzy5V!
z|2J5He`YZR7lOU}hh%@N;6kjw{B=s%AH&y$SWguTsKuXgcJ8kxl)wHJJO8`C{?+u<
zUwRjTZMcwFQs5$gvHepqr_BEJSHM5~6?~xz{`S`&_PP)&@c#wu|1s7FO&2NlBCJ6C
zPk)`k_`_cpg8k_)(!Ujp1x`-m!1yOyfBNe`?e(vwX~60Db<vbY#_J+xr7rT<hyP*t
zy7o8N)9Kf}f2sgD&3L2FTK&^s{|5X216JU4>a1dff01PW1@<gE|2cl0Quc?xF2wp%
zv1gS1w3qiS{u1{OMh!ZD-QqIO0pG;dFa=;w>j%gq#$at~rm!%cZT1-Qk_9q6d2G0;
zS_+u2qlwMFFX~aPWc@68Nq62?-)v6vZ16(JJ2s!Xj?-(eY}b6$qczETcI-A2?$Gqi
zCPI2%a_+%AA73Ue^RHktY-y|DU^*omOVqW`#znH3FoTag!bDB3&{{@_D+PGg+ml!B
z%fxA(4rajCFjI5Ue<_nxWP5rogL3evJR9rDlc~3f3DIB7Wb+{p^X=d=PXbG0YnZ@Z
z)b~=*=wlWqoL>7A5_;HtT*7<}$RnWUl+eFI=m_08f8FJ;n<OPuq&*%vy`F3ahtd(g
z=41q*d2xnQQNE@!Ntj>2w%8iRu;=wE<Rt@nn@!)N9&yc|UWL+(>|~PeegQ}O&TvvR
zb3WI{G`NEuYX*B%A3<Kyn^)}nl}ECPuvP5ziYYGiSs(NMUF<ea#?&F+lzei<Gy)Tt
zW<4=^Nnc*LZ}$Hp?yUo=>X!a-Km`>L2|+|arKGz{1?lc?L6DNpvy}#=y9K1X8>9sU
zM7l+~yX&_PJU%M&+}C^G`+L9tjEh-&&#d{(%vv++fQONyl9nz>g1QV!0or+NT<H{S
z{lCx_1<@WC_#JJyFHp46q@ZY{3Z9|um6|Xw;KRr7bk53K(jOrev}8$sMt0zO@-qK|
zL|T^LjDZbJ=NBUZ&^`kTLjDAT$DrSFrM-PFE1vmX*7B5l-j%6*XHp_TxO-*={LbLM
zQ1+SV<{t`r{_<qnk7Wa34F2$rx6kBr3&M{~AcAR~{`dYuFzt+cJ_14Qr^Z90<PPq&
zyt63zN%o(J2L3y;39+$3=uQ`3^gX&|ahp3qfX>G&Xc!>@)V#YO)&qdtcVDK@3uOIU
zzGOV_%QL*?FLWi8dyy*vsFdG*`46(se0i$jCtqH$>{B$rxVpfVQ0@;`0%yAk=*v?n
zzxnciBl}N8183Xd&ms7iFQM!F*_Y5@|3_b{Kz;eQE0gC1V*b#TfZ<&*ch-N)%QIh!
zU+7CH_X1y@3i-{I|0Md%mEr(Y!%x1vVBM#_)W6V|Q0@<3{*Cvkkl$Q+p=bcin*W0A
z(G&H-5yk-{HN88><X*(V5v<sZqtqJYMd@e`mmgy4UJ~qyqDLjl7fHuXyT!h@r7t!3
zp`2!+loJS!`cz-W7Qai?xP8PhfXp6HfM*DUQ$w7CZOGbINxCS2Vs3JsUCISla1ht<
z(vV~MXu+uegGGTab~&(ymm@#u=1ei{B;^oreu6%XYDK7Tor7$+vt-sKvm$T}{E@RC
zhRI1(gTCJ^!dhD2L~O&D%m{oqwSc`JzUTn3s?@I}AnNyjzol`h|0>h#HjP&OWl>Fj
zp&SB1Wt0t2cR&GDo?VySDQ}?$J_pqhF0v-1YdEsjCkXsTgd)7@F$_=>PXF@IR?^lf
zuh$t_gP{L1lQU&<DYGl?oaT3#<<3SL<tBZRz3fs>xPnRm3eziZ4fKAbqNwRn46FB-
zL3LX+C!j%sLm#ZhvY0ciPkHA+ff}};c?_;Ipy>5dm8yx-Z^qh7_xq!PIQ7;Yg6kwS
z`i>ox_X9iN6g;T?neKbwLInpwQ2q%MyRh#<mo@$kV?!gS?f6?ji+;kcB2viS9CQc(
znz1aJI8wuuGg7=Dx`0bs=R=r@fb)Sb=b9nBve>Ef-N0qpg#n;J@Bao5<SCuQ4(S5y
zpuBU~odpzBCKyn_UlB$33o56eJi7oCDDPaLKn*(|DCdkl4HT%W&IgJnKM-&(QlR#O
z@mUQ9^Ot{t$(OqCLah+~4wV1NSkTttf^K%H*FUfWpn*3cGZ@(gdPEt7hHUA^-w}1?
z*Ytrp|M~?H1?BySs8j52U4R{wcMdzyso#bEh$tB_rOttp`r&s_puF>e0vh&Pp!{U)
z_auY+5h%dl;6a(^A_Z#y`7FBt6TH*Rg}#5frJQEZg~tAB>r|3aB>_-)abBEHi&QW*
z&&NCF1<RxS-4{>|=L6ILjK))pf%AJ5bmpg!g6jBb2ZdUobb)WrSpkjBZs?|SE|7n>
z0<e1j-!S9fx8lrcm;h+s_X8tq)SvCw7#$T&tYmE~PX)K+oun^6LbSW)_t-=D5mbN2
z)Q#WKgKGF`t35k^EPo9GD14is#vB6Z#7`#%RL8j(#l0XQ&shOIdgd=Ur=V5<=TqoE
zGvhSo{}U^KUru?b^0OQ&oy#2cH~tlt?`OvO+?a#^9Tw(aVLn~o$nP7=8~}ay{DF(}
zdlH?M7f`7`j;jBS-tTGw(8RyP<pRCXHJ?8=ES!Je3!tx_Kk3iG_amyHLjTHf09s&N
zp!b};%=TT=se}GpCy18PMnCNb=F&zcV&=waV4|0&7Jc9Tq{qP8Yw(vN!H%B|thq-0
z!4nWVcXqPzI7$PR1o}Uf1;df^xN~6S+wnusdvNXy8}BXAEuZ(lgld}gd+-PZp9ZTS
zaPF+UVd!D*VF&U0se%M`-Y_=-p9aet=-gQ?r}BM;z>ga8!X*kjLRaxWuh3`#Tno6(
z{#4C@cDk2>I=_Gg7&td{R#?e@*L<cJfL5;;YBu>Zn}-Wht>44{y3brt=bk12<FEMy
z4G5t7qNDYKGZU)f{8@<nPk92J_-VJi;H19vSK9p&|L4qr9yWI_$m0vl_>Zjsz{2@I
zH{+}dgDU^4YBIhvk4yTixnRGs)TR%fB$;3|1pjoj!a#Q|;HOXpOFq~OP=@k;N;xPh
za2I4dl=n-@eea2&@1GrU&>rUcuQ32Xg8<`#O$N$4SA{_hJAa~|GxoGxe|13>2J+6A
zFHrlpfOEahDJZ{Ua#pWHh5l#&|G-$YE`^oTe()#keoqYGtl4=AhS|B=)C&aaeAxu$
z{jwK;*j-T9LwV=0J8J-;@Beh1gH0`P9+j&XoJUaJ&wJWmjqdq$gf_oF84C>*Xrp}o
zSb*~W4wTdVCx-xP|4&uP>27fWCT9&GRKSny{sUt}Bf%|B=vVCiI?Ms-^QSrK1+^8}
zDgRd2L%Zjnx7$B&p3edbDihZbxVSC;ce-MzVdn$ooUza(yZEL6_$^YP_Wzb;zhm-O
z1Nh@4|A(7`pN)muI?T|=F7=~%22O7t{;2`P{yn0gjq>@3`p=tZJK*$60V?1}L<Rkx
zK7ZI1Lk;^aP<|Nu_btnhn*!iR^>sn_47LA!mR*3!SuX*7|9b^gNpQhU!CChFuyraa
zaTGZ1sQ*sKDTbA#FQca&IrQnD_HD9X(+3(+&_?-uZ3yL^+j^jl^7(**@=nVs;Kwz~
zSwukv{B%hD=Uwri-4p->e|S{@wf}sUU4Y41+XR*QqfY<Z*b8h0{xX(|*=Paxe0%y&
zY4Pti*+05dsD@tx6o6g?BL2R=pQSBy;zvjo{vHB<)@1*S9vk@e78R=EJj#FH75ob`
z{$neE(_7RtuR)ccosOZAR$D&jn(Tk9qyFb6`=7c~Py_ILYFyA=ft8ypZYntOQwj2K
zG}*s2F5qSMPd)aJ`=|ev8UL{rzy)TU?NiW+vm9y_HQDkx-*o;{Za`b)bCp!t1t;3~
z-WmA$s{c=$_S4IBsMMeCD*sKr-_-)pPYwQ5@Asx1jMM){&kl_$0QVG$A4z`ECB->=
z2O`~)4fyvDsk=oBe}cMQv=F?kDorigqFG5A{C=E@{_6%7+JB$fg8XOw<|sq&ANJTX
zzjnG8H@X0L>2Ln8m-zPzDgSVV1({&K4`#%V4}R>yCLVWs6zs^sPjsMjXP;iE{^|Wg
z<)7Uvm~|zMo_4H1dF3Ck5YJ9v;Fk|NzIVlc1sJ4sj+y)Dc%(dZe5rM4>}YzagSw;Z
z0EHU-GOew-k)7-&qw0|%^<%CMZphB@)X|2o3Aac`?D6jQ)YOqLx5HLfHDoU*_rS{G
zFk<%@A2?oJP7ei6c9)CQPg=`S@Izv&faCdz<eiS#(dxs41>ci>%ntl9N4tad!~Kq}
zWpw~@Fussob+ED1YF&M_Z;l6??C%`!)eVg~avmLyAMD_BRU9lYj5%!VzNy}u4y`^=
zKa~6ycr0mllyDe36PkUzG?KhCR((Q!{HX2ZM0}=tW8>PsyXW-GM%&m?=<%^6aB{?R
zv{MZ@>?9mqa+o;Y-$kr8>|I|{%c|C`vOjX&-7(?rIkB1B0A3yL_f_xD?Q{V9)h67B
zhx>8r$L3Q9fc^0nu;IG`91*D>B^Cq6Tk<RJGkxk`xDPiLs`*8Tw%0cB8TStX*y>}|
zlXC9B>V>M2%9BerJ2SqqqesAI*TPB2-X25K0#nbzamUG;@5H7&urWSmax(26T79%m
zecY$ck+h3iyGFp#j1R&wQeA2HszZEhe|1Iu<V5~pE*-Ev-fId~hroy6`L3gk6rY$L
z<i%CQ818N!zO*^+@{K)tU3KU>)#S@vosoSqYXaC<A2zIYCC`Y1|1qb-!Fb(9?D28k
z5dO*P9{>K<%;ETvIQ2|N+TMss^`YJFT=wz)$_bmp!Tw3mL~_re-M0<=<&!-`?xSVq
zYT&3GvcG!V#NB<eL45*WQgN);kZdwmT{V$BRX*LC9lpRnoaTFVncv~KqicdE{^Y*s
z*8S!aKM6;HZEiw2d_d|DMX<-c;Mjd~o`>y(M`-Il^9j%3{#4ANFKzY$w~2JM$pp7)
z3Vz9&I!ib8@UHmXc@pD8<{Mi$%*O=o`~Em5!8}JT-Y1{pAk&S&j6}8h>KJSH%H2cj
z8`FKcC+)eAnXlF68Dp%wD|Z*HZyd8X?MFNRU;{t%6HfWFr;qQiM188(++B&9xAr+^
zPu`CPCsQFa;AGkuD>(Tpd-9aM2W5*Lv(M~D2cEPK9J1%1w3k9=z{#vJR&a9R$K-c5
zz<L1Xx1YWQKAs4fS*$is9Rt}apMcBzD=PEQ$<Y1ibCdJnH)}%KZ%*I&R&B0aZN4^E
znmJawyE5FnqH<_$+y?Zm{>oW^zEr%$Ui>!&PJgieCpul-y|*&lvogH@6FuX6rw-|3
zr5j^=a@FQwc4b0l+JPD6qxR^N_Tv3$_LFFn>1xh{mA@a_Xgi%|_9xk5ACr044WKxp
zd#=k=Z;JA^NFQ}G`;&@qDUb1{aP;^(qNjor+oJU?fvLCr$;FH0d2=|zwQSLv*L5PM
z1Ubr@YpG4XL4xK&NY)mKZ&X)!9Y`jr#?;qE@*b{JE%S#%Y|+F`o~*T&m*77eRcrW`
zh}keSq=r$`->-$y+~2Q@(b?Y*7+?(a_Zwr3_xGD&%=PzMVXXD{+hOeWhd~T^A2B7}
z!}0eM&B>%19hK1`pv$Ah9q{lo6cJ>4K!np3;O)`e*sVigmPgAu;PK8-M3U(NDNa|A
zw?|8(%rk<#JX+NOj~v4QRiXN!$Ra~t6{aLA@Gnxm=UVwL>uO)mNA(;C0~!r^b(oUq
zaQwr)=RWbd=xPh)qoxjo^&0XTG9@wL_(zHsu?O4OOGkMNv^O&75ya=y_6&F|8j4sm
zJ>bBRj`0@gXe`hp_?Az*HQ;e*C;~7&c!VSU&RgJfBg1oo2L+^7L>ML}Yz3(I2gA^e
zc)ggCp5mY;c&B#qO+MGQD*#X*4~9K3;tgO*62w7G^iKW4r=zc3R)DHG7)EEr8^M%0
z^1NXvlFf)WhABxL2Q|f;w40C6K>JQ1s{de^kP&YZQ<5|eYMM7`58rzOZKXog+`%v<
zBi<~gBzYXv3{gESv$gFcMI6*j@6=vCofq0=g{b3$VP;0WWlTw`IH*9jcWNKs<O}V=
z0#w+cFi=nJsh(V@9vwrdp8G??i|Jm)%+Z4$VMZdUOb_&&1$+1|8_{GAdc-3W%i;JJ
z)VMq+h+u-+*9{*S@0~KJp)8|gltW2Y#uSE$9RI>uzw_S3L*QcedG0)VT+&nLeVG(c
z5I45LsG1{NcfoUs*qe-$ce;~#muBdCNS;#1wqck6dk#r9_6OLaTd9%<tfHNTH4r&z
z3!|LaJ`7cyMLnjceeegRr)(>bO#@Kg;q8O(ihm4_|6dG&|7V)d6a#;oUorsLt!*<O
zh*OUq>jJ!B)O0z`4r;JbdSoFdWrD-!gJd3A-aiee>0g7eF<imq?c<Zy0EZ5FD?|{U
zFwz{**%5Gv@h=i6X*vr#F~h)@5k)MF3a${BF%80@tKt~F_RR7w`oP-<@F{D2e-1+d
zbdjj?Q}C4n**_UNJIaE~%#1%>n-_F#|HE*5#|L~Ybc~a1^mzS%AKZ?BvBzML4vz7p
zLAtV!RNv1R9}SN2r$HvNkD|dJjt9qt$$*V)Tl=jc09@J@&MPQYKBbYTbO=iSc**CV
z1^&>~^Y8t)UIW@@_Mo6~bznX1<J-Wlcv!|{wJi&7In!@Izvx$iKSy+IKn-+=p@w3N
zp8!6-PYVvG>1`xI|HsxqpG^G(KFK*Ce+xjWm(j&gjTCvt*IC&7KMjGiCl>La{_!i#
za!Ip;I;RUJ9*U2D5vbouSjH5NDSFYcMFix|H9;SMfJ5nm6{1nD!5uUclYLsxEYTzY
zKM)jlHvZoXPdGpnbxwFeYOzP}`E6+_RtU6cF;@7Likwo>Qz~{!#btmGJ;&F8r(66g
zqTIw=?x(crlp?4?Is8z%=dRi|l+L|uuuq%Hy?RR5K?+^^|7N*=O91{o;~}xn(V(s+
zK6UM%3_t0SLJ?MCfG+vz_hH-V&`^m1@XY#aOhykK(t%GHo(-Y)8A2D@c513&b%ggX
zjNyLyTW4<k>w%x1{b_gr#%R$I7@R{85O^bQFQ~kHP!d;Y_|rZ>S2|qL!iXuh^;7(d
zeEm*}GNwq(w*R{!@TcmI>{!879eJJ72#{_}rB8bl7ppV#gZ8Pjo>KNx%6Uq;Pw8Wj
zGEqkKV42f_H1w2WS)7hfDS%~p`ok&3vI56bp;mMz*;OTAT4hvKfb{=YNPvHhbx|19
z8E>GA_-nXV@f=fCStM7tv#<f<#ot2*HHJ4?lu0i@$7+=^{W{!6EcE)PIpE?~{)zhr
zD!#}AD($~B1pcei{(WJ<g?4Per~?t(PCum!r<A-N<b-CUl8=r;f)zmUA<?Ha@swts
z(n2V;Fp^X+>4(y?Q(AFKt4`^MQ(AjU>rW}r2>#=*{;|KJa$l<Pzl3V9g%PUiP(&7G
z{0rr-!lxESFQC8}iS}W37G~<FKPW3I%qBY{Kv6z7e`jIz5vy0$(qad=SM2BjKHuJm
zL|ReDzbGd;K>LO$$~_QzQ{7;&z#fzu4&}3VErU|^1}i<lmv$8YW*;mFe`kx7V}WAz
zcR*$IOQWE0k@Dix7c*xE+Y9W;|6&9G!2iEu13#_h|4Qf2DuIh(`PWN1s8r+av)V2{
zgCFXZft6hl==`w_s9UNRz}#G3cT}$*8d^C#<sY2#4?zCU%0b=0Pd-Vndg-gbBj>n)
z*R`CvKh2pmqP(?a4?Z-Hvm0h*(o?)j8$6I^@=cp8Uv{jq3F^dc-NDLRs`j9VTTG_4
z!M21QzpHR*;-CNzf4gf1vaz;=veH`|3$Zzw5Lb7!**R)8sfO&2#o|vNp;QBh9n?Sv
ze)XYvw#i9H2Q_sE;Bc5eR&9SUQZ62Q(zAfFakR0~x<*~KH)R5T)0!IOc(-RGd1nRU
zu(y8n7&zE!nh~dt9jyZP_S1b$)K5r{=Z=7igQdRg?45%?-+kYiK9mC*2ZxhA`>fF~
znFYSoEt_qzG2BPvt;KT3BLJL)Fy^Jp7%(s}S78i!t|}rl3G@nZz`*#nhGr(gkpfGO
z`hhsC0aNPwFO=GtJ%pxZ2eG|H<VGs#bw}tcr8y5Ys|sGD-t%nnc=YgQ4aU|&A1?o0
zjxRNzf@TMbbY)v~Rt30VU^%K|PFjJ~Cq;uYRtYZ-%CnzI4)|7&6&M{=Pn$;?$&fCw
zOQ&CtQ4CKCqU12_-B8j+G0U8Ov$F!MOt<aQLr$_!=#D>)9T~}|2Z=MJ2e)_Qi}VJk
z8TdM^I$VnF#wfGfJz6;?jx01dYEs%Ae$t#|CqJJ-+nX_H9Zov4uH2VmD;GwEMaRqt
z@l#;TlkrWmebo`NXRP*-tglDOfj&55re)reh>(Mkx;(xoUN+c;I<Q9mbEyGv7>erc
z)ZuOte$ceGaM&>UYSUL;xkn}ss*m$z_h5Q#BYo_|_!xzSIPZn%T-CMLz?!dT_2&iA
za@uIw%f}1A?Zf2}t<*PgvCG_wI?=9$@9y01^Oo9`)f+dO86jm}<V&Ny0uv%vWBM#S
zPws=<=h~jqfi&Ip9s=085L|#TywEP4H%rr4scZ2rAA2#`!kv+2UgR$In!|RDx^$(=
zL2u$ajUOyzU%0y6@((ThQq&-d%GKfM^_)5HR<P5!fwuygCcY)&)e#;Q%~}SydpOdY
zu}_h{;-0{&Smso%iGQrc;~?+#o-<HjHoa6Rw5y!LB>LudEH9)3pLG}sC~ZUuep<pU
zwelu*&)NBsv9tA~X)f$s-8AE;r2$&n8mbd^NpdR)$21FkCYEu%rh)tHc-ya}<Q^>#
zk7ZhV+K&olkB?w<*>+sbO5@cVSMPr}joQzF&;n;4+Q4|dmC>?LZEeETeW;{XwZZF)
z%pIx^H%6%yca);~YBP-boq*cbhhGmr;#fjz@?3q>@>Ki%AG#dQ4qS5)ex@wRyi4&l
zUSn-S${oj0^%CAj&yk#qW3PJL=d}dc%gJusiFf)9C{5!<Fb&j5tzW^=rXdf9<S3=z
zWgZlAjSRj62dVeC?WDmeBDZ$eYUcIh5-gY3j}ZxckQp%!!=z$x-jJ694Fi|gb9NNo
z$FL*mO9dJ+)S6EFE2YA3D}60YXtjz79h>gKv<Y|*vrZr|{{s0YMb5U>K8zxM7;U(u
zdd(tiS8qfX>}(7LBfX87tl2eq0*d(-1Dk6V$bD;QAq8+;bbAaHV@F<Nz3&lS(Q~~*
zXq_HCNQ~GE71Kj03KnHI1;GFH^J$KaZs+v~F59OyGyK&>W%}&>`L)J{C;eW*hjgtv
zL>4A{o=T+epB+)59Kd8?lNPNK>q*uPl$bGNWMx@8>3QF0#|dmLbsN&C)HebK8xT`*
zzB=7!H@~{Ga=iCZXFWS-<cqHNww@*p3vZn8$e?&;Ggpj)z-o8-SO$=)+jQd7Z_k-U
zauU}qKu73eVnMj)FRsOW-ERV(cYLCWB9*>02)iG^pn@=<ia~PS>c%CPryt$Mh(TB;
z;d<?Z&B21E=Z!Dx;KTW9R1bDcboS0@_yjMB#!S-#;P&<lNcU=!=1ddf$jBQ>>aWb@
zv#&0dITz=X)f^W4Y%BqaW%+!Cv!QoC1m1{w0U4&wUgR)VS}lK7%o_P<N*~tu1w;qs
z{{5h<h=RPYiG?2kmD5dS0<DQoLp_(44v!G6r-};NH7wU8?yY5JJjb78<c=?>=B4$7
z6{W;)Bt*^v)jucA+@NudZAJ{l#~$Q&!eo#D6hbjDA>A{Qlnp?CYULMXzl!*<R$1c_
z?q>7`-=Qe@Vz(2i*CVS0RN0r`;*-Y>caj{IU`RkPbWTh!J?Uw(GcOEK?Yy3Y6PlF1
zUa<QWnMZ2fQFlX1=2_;DXtBjE7rO&+SL<1InZiH<<nu-caE!kue`zO4&MG84DQR_8
z8^440ZR7o#QHyuLyNv|WWKNd*0#6=)Ymyh^3CIDztLM03b~ZP*0)Kr%&3MxA=s7-{
z!R=ki=w=!gdM+CrdTr8at2*D|s2JI=306#{Qekfy3{3Vqqh_d7u9I?)ZX_@bD?>z{
z(=|iX<TVs}@<t>yc4=dBV>w);X<2c@#C%GNWf!zl#)&Yv05`61)T+)Et%SZvEs|m>
ztT2T~uoF!-VkV4fYn~dAjyS(H0){}2Fiq{bOz)afcHGOmT}o7zkM(Rus)$<Xb)vnb
z3ccGiV5Ud?YPyxD!OK-VSK)n6MaqOp?*fcL<>|Xk^7CKo;}V$rFvYI*Y|<jFU7a3a
zFehb^;88J~23j~*E9;CoSa}i%!pSymgn8%YWN1Ju;w|Q3uDh68G^Am+G3sSm2wx{P
zS7T5;uo?6+?Jq;#H(ly@f@Z!;YY4A{jm|B#mFNF%b)7&ld1ZQvEcq)<vK;kDJ?ZY@
zZl7SwqLprcVi_BapY%3`T%ANoxO9%APN2E<$lTpJpa6ppf<#ek7u2)6LnuA&gFiA~
zC*TSD-X0?I@X2f-!;8)O6)7IAox|H5u<<HAt^=M$a}>H6NL!!t^vMIdMmDtBj`EZp
zn`uK73%HIrj4?&!{T|2JLkbezr_j>Mq%wj;JWar-2ub2TS*R($<}b64Vv;?4*wVH8
zkOPSoKnP~*nQ9IPzbG@MAxE>mva{BBmP4hK95?CSnl>6jxkGB7_oip>@zn$x+9Y&N
zmQO);!;8GeG88MzvF4-Lr1js#c6G@5<*Fp3R%e($JTeu(%p=P<>zSCerdM_OvbjtJ
z-&NPwv<=T`eZfDv?iZK7!H;#tgSPauZ2F<txCo#J6L?#7e~+^BZP6oAd}VulOxHz9
zR3wq9R*l-;916ktO?vJ$+H2IQ*?Ad=GB+fG4GY5go0?b@Y3&$8u2;njvcspqYKZXB
zh_W}WdpJe$RUK-xRGCrs1?OhA3$PrfG$p`YKKdeKi)78F9+<b0k2!(>A)I*i^`ONN
zz?cOj5K+CPc;1D=HT&As?;|*<pFEPaHG<Jk+gpE)j~(ZwF`?uw5h%UNefT`aOedz6
z)cXtCu4hbely&(U0kMpO?6fVAf&0<uYapF}kmFZ=)ou9~D$$uLD2V30$;TdR8yHFu
zi|MCCaoU_;I!7w30^VG!-@3$YmCt=}DebEzV1;>q6#hx^13`U1{5{Wicti%Tn2s4#
zZ@p@s`<%F3b@==<`BnLw@3KcXi1=>@zX|d13l<N^6!6d5ISl)3Zk70w!%V%-$ZD~9
zLg-_V$>cnzx|1v72mH^T-4pYi+~OU#MJ%po-;wqbEygHfLLpOxEOT<}GV(F|>&)K@
z6OaHLNV_0PFlE(+w_5q+1{$x4AB+(X+{_VbBQO}2)7n%s!`PKfZSEGEXEdGSYc4IL
zh9kVc{)}JzNfa!#+<Wm^P>I@RHyeZ(*3$dQya5ZH#=wKsd&qF*ftT_8t*Ih>#Y+ON
zMj)tH&hRJpeuN_zk-kn!G#Bvc@b(wP532+KKQ&C9Z&?Kl63IMTTiqU-)wU?<>ohxu
zXS$j|4kl7Y&GqnRDGFY_U>ez6o@dVR5;Lh;t>kWZzEFqpLmZ|V!X7G?1ckpsp(-rg
zO^y;su_q?A9`}ml+e9SxLl^Iq9UbURU9Rggb&t!x&Sm}b=wYz|DuwWyehdYG^7<?G
z&_}s&Dgdov2`OV*12JjRI_zlXes@da(QNQReUJDX_1f$=*ky_Q)cmBlJD3%*YwaZb
zuIR~ZETKZz6v%q|9LjvfxRP$qQ*f7$sCE!uaZu#GL36TNV;T1{MOQUCVa#x|RzI27
zEN9n0uNAp><zweJ{+Vqa4tw9GXXDMxH%Vfw`J#Xip;4v0VS87LOj<8j?=5wcsvHsJ
z?x1mJF>`V_II8aYbJaxktGw#jp+mlMVm=1I8uykp8t7d|=eebeNbiDc*Xe$>q_(a~
zAhrk(JB=J)$yZX-wrZJ1jF~lG@YUhRfgN^7K4r9N84-A)NpCfOm5?}&4H+Z*^@q0X
zS`Rycil6}=d3XE=(kbp?KJNI*c1p-Ql36tC*M*sxbLf)StU{+5CqHekqi0Dw4U^^4
zt6s9uekM&8ly&<$OSO(^Mw-Jj%p3eC<1_*q;j&&xt@IeLArkDlPs4lnlw@=KiLgY~
zX=Pq>A@dbPHWnB?7N%CA#dyV4Z>eh{1Tmaz0Q`3S6R~){@%ySFdE&d;(h@>8r*2A#
zaLvcwms}&DrH*+B>7Hot8-)W{(9uXRUozl1UqvwYt*`Utd~ZRuVk>3i<J2tij8&do
zWW=DN)Z5B&%$Jkb-QE?O#wbde(pC;zh!X$x!gUtnKF4Z#L~cY1-C8U^iM?FE33_E#
zT42bz0zktj5t2$XTju1MDhqcHL6gKz%{Legy>?@XSm4#+RUu%;wy!11<%6$xg_27|
zaKU=#r4GxkEFxn1m4GM?B-g-$`pR2uW2)mynlsq17>NuCU7PVjreEaw`o<ZoH=EXl
zij~hQxFPnoO?k;kmuo$YxC={#n2$t?o&dzKJ5G<PMf<W7gnXG7S*&!u1LtP<k=H`&
zPP^OD^YrV|<?mb;vXgt+X{!`wgIlZ=<8<#ICz<6gTKETAv+!JbW~B6~!I!&%&#NL_
zl)-}5fQM(I$=ZhpXSnTtAEN9BSjy3BgaTskXGr~a*~p*Juq3}+n_wH$T;I)&o4AJx
z+-&?T@F?n`U)rnZ2nubV$+Zs4748J|=1NiFX*;dpA>JHbF|L!Ry0>Jg4P-Yz0ffEA
z^QEZ8qRJ~(rygY}%f~Nz$u-Gm1S>M<5kFndQqaeb&5-p>tt}$)tmF)dU~H4Pzjyg$
zq_6LO2jC{voXbZ`*f=Ob?JZ1C{{E?PIgss2vpPOrs7v%M<s${XYKz7y0gwI0;?n9U
z0S4^$k(Pi9xY>1oeo1&=-nEwNnkmr$-?Nlrk$W3NY=l&h%^3zN1@}xBdnQgtkGMs%
z>lO8-6ZKv`%OtbcyoR)^(*tr?{NHJtC$;9isC+Bie=jhUfJA76lS36LF=S`C*ampd
zs+agt^qO^4ijE+auv>g9$@GoeHtSwG59=yA1k0?n?;KIeL=qRWR%<<MjG|GDRSI-G
z)L$dnf#1beyHs7;fXF?5Wd)L-6d}3+Q$NwD_#zAi8DGHX1_|AzrYG#7g+2sdcB1YQ
zk2doRdh<>lBRsw1gOnJZ9O*Zq_Y(FkAT^M1BRsm9s?P{8Yq@v812@xZwJqn!3!ks=
z96Uwt6@L$=SGWC%xyl?}W_O<w!VtMA^{Y6f&Ew}EDgiDEvCY}ZHbf>ux#(}t7W=<4
zEy=tJeIR(LfYFd;WIdXRM%otq4)Q{H-l{nX)sG`z!Vr+q3d`n2^qOj0Zc{v&CIpZU
zAMXx`xQKj3d<GipQbRwku0f0Tv~d|bO(fP3_wHTY`+oQ<4iyuEK~X8a=)x5eFN(SM
zdN{cfYZI$xP(8!Ykq>A+SZNCaJtnSU_@rMpZjcDG>wsIw91+5DR-A#`Bc^xFQT29T
z`II$iN7#Fbf+(5X^!9b>Sm&cSI$t0d<^!&r0qjA2ZGuG8q|SY~`=ZyUaso0TT8`R_
z@Q-Q+m`W<wLK?Njbdqu(WL*nAd@TgIPnm;a{eI4bwmXySS-{qpeZ_oXA$y&N@|EtH
z;_d4kggc)O9Khdt(NR3v2(Vd0qko>4L>`)89iaWOk9nHeSCiEP!XW7^HlxV`TysHm
zBkPxT$)oGZ;-!0oe%p7GYo9*kb2#f2CDcLs^05VD#geZBt8#rBI^1G>H_%D8nQu6W
zhZ$!JkT-@>GSSX6`$-_NTT7itroB6wv>x!aFSVS^F^%^K)Wp7t5_|)P!gM=C3XVZc
zWmRU7C#VOnhUn$XZ%)ZchJ=YD@j#K&EgT}md)uoc9}N?(kZUdl-W&-hseps^^gw^f
zUV8KvdFkVnh@$oaws=S5E`MtnZ--|h>V~b~3kJk$metvam)9T2K2DgfACp?oY9DZ6
zSxakvyAKgp4Q@bMxSL6NPuk`=OpQ&DfF$X+5)Gp0BS$MmIj2E)^M3N@uzlgcqz4J#
zeXI<IqK*&l=HacxSd_Q>3EMP@svJvrn?4m%b6|3IB#yt-VjqLWBS|v9nqB<GrO@@G
zOxJwykeHxK)NcC=MU0HeLf=>GX}Y)9M_`>v52Pi&715a=H^1j~zru56DIvdjMU1m9
zxJ-j6%+Z4u10y!^Q;tSrkRw`G4v?zj-SYBSM^o=(Iqg9k7Mz$~NPU}UGe@pkLZl3P
z_mc7A!M^?)B82Q(FnX%({D-ThrjGk_NRft%C@=<jJ*tvdRpXbYBHq|qF}%;zaz()8
z2qdVByjtizr{Or{O}nI!NgbzTUn4<d-=aA#a&2dgBk9(C8Z<1E?XI!n15O}IP^Dr(
zT;d%cYPe95<H1*Rn04JJmmY!p-^&l}PgY@^L%iDqq9*P(B>IXIsQGlwZjfx_*aj-t
zcE!m@NV<W)9?+JVXeHEWl|;6S*WXu`16TMuz;8W?_p;QECL!;r%yVwtKC3W4a>QZ{
z*9=BaU*<S$NzPDY8XT(2s-<dxXBcmb@7P_`oCuXW9aM|i-p%D0%>h?<=H@t<tq9BV
zPFM!US|nKZk-B*0&<WnJh~mP-y$zA!af#E}d}&0qyV2exLQX+_n~Y!lL1-^Vv~q@q
zq7coKJ2aWsLsiPIEGFUY!vzS~qQ{LAr{+4oeZ^il_hJ13c^f9umBhs54dC#zt)d|3
zX4+M%PiVLChJ*6`_NX^h?0u7R%o1sI6{oaPnat9WV^|i%m~06c2R3b9(lX9Vz`v^d
z$~NMm{!DQ~>F99f8(@D!9I_)!i(fLrWHV^3vAwcAT~HaF{oZJZPZ#Cb<1Xv<!_DpJ
zo~A89(}8dbW1yYZfKFXVvI8&~rCx^cbxLVb+|GMnXNjvcjg+I;?_QMdYJ$Y;G|BHL
z^(X+WpyK3TTarHD9gZ;tzsR0vH3vLCW7zfYPjZP(<r^2sQuUdU5bqcP6=m#<({TDg
zf*N200B<4;>r+&`Fr$Y}FO{HLP|~Bp^AKCuwJq-r37Q^$6gOm?1JqtuQQez-HsU3#
ziFZjPchL)>Nyl}tCBDu@$YCEHjY$1a5wk??N~r+0myWm%m58OH2=$iHvk5b`SFZW~
zONM3$h#BQC$1wBX+=9qv&fd^NbfX)bn8Mpw<G>Lya>>_733J>hcJplvkGLYF@{S|r
zg-=%|vn9W7RlZb*SObtIOyMLk@l^PmgYaF_Zz}P(LLZS*5ocEdHe!2+@09uBG+I1;
z!YNWll;=&_S+Em=t1L-lSgusSd<vtE)=xy{OEF3qHv@_vbw1VN-7WQuq5G(sNvxlu
zB4T;a(@V+?zo~Tj>suE`x7xwb+gC=1_3YwHGCz`FXui^Cx*_xx@R^DsK~?v{;^gAO
zlfxp9(wID`)_j9pyu&6bQ!H!3rg5cqF9^nUGY%1LO!?ar;UKl^g#jrDPJ)aGJ*0$M
zkc{VpWsJdj>LOAHruvwxnzvfC+ROt7SRn^{+4nJb^_tqbvvH<$6f<_WI$}rcjyhVF
z#KtYRrSGS2HIbt+0?A=YBc<V9+|A$}>s7Im0h-IR`;%;(EYx$4LTz#bdVS)!ieK#G
zI~!W88#Vf!L`4-e?z(6)QjxoB`+mVtG{tD*x)X1i{_;JlsTvmxPn;oHcI}QhD@npP
zEx7)mV#f#1zf~-?<G#^-ruh{gMoKG$B5G>3&MXyE!%2?4GZr{xIT}q-8FnZsJ$V#^
zg;baqYudNfIAzlB7B9K}*k&&;NPmXkFh}mrTg0~-0b|FMPpe|8+vqI!U0`}YI&ALD
z)XQ)@7ryrdfoBG5{SH4B?QkPaf6o@9ZUMTs8L8Z+i|5n_tf$vZRIJgg###&=iLh1f
zUO{x&rM|3TT3AN{^kbC2iQC^^xY9<IRDJYGma70QyyfWITKTq5`<-oCb-QQo-N>kI
z%&}1~Pc}Lxwe(Vkm-wGmV>daxe?QP-c~Y^37koK2^$HKENj$dd$4g-uPPW{1X4gp8
z<yzm@+qrp-P2e~vnG}j$Eurb&$GgOq%@q*LP>irqOFW6_W(EvXyIGJHF?dD01m^Uh
zWZFt>)_$A$hAnuxoGC&w2E8XxI{IElcTU1c#nTbJ#Vuomw~%QK_p$gM+WF9!^gBid
zlZH%zw}{){=4rZ|FqqwD*>jR0EP+9P;oWw-cwXQgoqRtxq5vD)jfaMJ8MCkPUH@$O
zLhrf9IAY=YYrV_Ip@tvet^<huc~T9KrHpHGaQ!nPbl2W8v)i)K4aDVlc;1b3ots2)
zWV_-Sf$tq|H`L)lX)aT^tx%*v?nHF^-dxKP)&3A~imVG3(Uo9DPq}20;MzTG0OP4A
z5wG@26a9uT_PlIt)ywD`wENay8L-!pT~kB&m~1wdM_L|EIDX?~3=0BqI7*}l$FQ)Z
ztCBd#*ruycw5J`(G}|s$&oUT&!mqC}F|#zc_AO_og^3E2ucbt1M`ur&_=ab4jkVT|
zm6eMf#}PHLHr~<xn9`z6Vs$^YqV(fOQ--hcJ*5T#4rF~9gz5V4DpAoe8&e9~l9fzE
z5#9NnRU=xz*oF}8NAz(4f~~B9h`~%0CQjX3bxuYiN<_jDS!(Jcx%)H>IsWR(+Fl5p
zE#*%#?Yc^z6Mxd`xs``Xo@gdA8TSCD4@)|8I^x9Mk=B2qPDXLU;keAg>&V<tjrAm(
z8**Hye!QFYN$~bze{`m!roQUXF_(*WS)FCN3{k}m)j7CM%0c`WfT-O}mZH7_zMv<v
z5$xjSqk=adX0au$o~B2?hn?f9(k0S4Dsb7l`oPl*zlkl+wBb>1^z_x^yS>z|{=r^b
z_ZuY@h;zp~7|A>5d3c?1Zx-<JH6)H(ay={-OWUm0P1JNm%aWxG$+OPP4JTB7t4<%3
zf#)pr7EL8TD5-ZM#t-Onf5M1N++K$%#nPs27!_{1p4*)g^OcwKifg420pUt|E%mno
z$Ea47TM&#xJ7goCCgN0mvplRlMq$l`W{t}l<oD*OE=BX!`}K>U1}DLFeQsrIs(MLC
z28o)Qi$pJyQV19GG@!_2TiBpQbJ5CH^it|d@$cu=zkU6Iu=fI>Cqm&Fh~7DOsh#Kk
zGZFX=S!*l&Ek7MhwcIge(|x-V)A!fD*1Yi9hKcgtM|)fS<dXu<9eO|Qc2A=<yp692
z9XpJ>I9rKeZScg}D_!kF?{!aage*k^8<Iu!0E<A=pjEL)m`b;@ak@G&8HHI_uJKvO
zrjaH4=jhq;>!lli1r9!_-M*GnE$H|$#N|^AJf7=aJE5qFb}iBc&c|i2#DtBUaRLHS
zHux*f<X+oyTx8g3e)NhYHyDMltu@c<%M2|#ISR***VA>a*kwdWEANyj2b8l4$E_wm
zQX-Kck#pTo%O$x%ELC9SfAfh>Dt64HcT%eENWrz}D7vw?E-3@5xn`<OGI=OraXPzr
z(^+cFbn;Xz<4G^AOkFSUF=6+i?$e?_3Q-l-Lv9k1RM=$MPX-J1OQJs3G#Kc~<S9?)
z=ndNx6C9T$IjkJNIutR73GT)AW$=DX=2YAn?nKzJF_^1i6y96ARwk>h(P%aiaqn$x
z+`C+<do!X^#bx>cdq1TXy3=N_NFP=gBVeC!m%sQVvc1j!j%G>N)q^3N*{|+buWV_{
zkRXJj`%ZC|<i6A$p{)6~Q2ds`ot$5Dk8|)!(qn8hH%He`;mJ3+w;l2*hIG>cyqS6n
z4^zfb#*106uDUH~F)(mZUVXE#TbgI5%KEwlO)WN=2uEEcAK<dR{|eTXKi;TZ1xJ3X
zx48R34J~1(v?*kH_{$B;bT0YF!7M`s;U6S}xoRB9*!j)*U^#GP-dPCE!|{~v>%}Me
znRO?Q34i&V$*0X9#;^aPIA92w&-b}u)a`{-`sdFnj025WeaJRQTf6Y{`*%O-B;`El
z+Tvr}<TwV}Lt20V3sT53PH0&f>sBFCZ_k|!KBLac6OkHMmmv@I;0ew{`|IM@SpBfN
z#sGU~M4U<0%{OlGE)R)`<jN#{^X^?6YACzHA$d}gukK}wAMhARG6*nt#r8VlMt*K}
z)7fgOV=(g0<74CXO=fALVg5rKGTIwl#g6&POl<s)Vk`5&4slf9_0by9{xCA)lrplH
zJ8${OGt>_!Kbt<t*Iu#G>}5kNd|IZY&4KnwreAhnEl8n~w7EB;FQe>w)RWnv^>Hn?
z=2po!SWhi($d`5GymV#FYt{?i_v+E{Y7fxrk^Nf#kWjFr+(3Y0Z-iTf?}}oA^Y}+k
zI>+(O375N~V!&PdJLq>JiqZ_yHQh~t20@&_6c$N+-!!B5R+cA;&Fo`JeYk6*#pUy4
z$%8MNpJ=!tU(3jt39o%Z30uA0cB6~@HC1oq*QZ>3E}4dFq8v*Sgf$xz2EJ(z;m4(e
z*;8t$ug?S_mCd6vd-~zq;`CM9QBBh$HM$U_j%_hEVZsA6$|Z7$1m^Z(Na2kP*i3XV
zIQUlrRqX^6d=%Vg=%!F^$nz64t$3{E556#v*u^elVZr#w(MBp@6Q$7YZ|0DUF)o+K
zE@jN5!4eq8@-qBomUyDldwO#3nd9-q`=tmxSd-DsIs7#iO{^-xEbhj9oC`p=tTCSc
zyQq|Q6RAT$4xz+;j_ANQQ=yrfu%x)n)<==WXCrDrV_{#5^M;f>eXn|{Iq_s+N<}D%
z03xz_hIS1~wR)*^oP*-vyT{;{B%+~lV=}n9&|7|7<!IzDZ*dtBpdfK!B@T4EZH4nL
zB?IA3r2w2daY)`H`0lG3j>286p6X*ZgyXu;`du~P0E2x2!}sLkI9h434svTv^j-3|
zxA8sP4Q`5E{$|1VxUXRlMI~=&oUxAUig<fGI+~y*8ttNjDGXKJm$U-YhK90Rhkm8s
z#BApq9U3A$aoKY7Zcchrgz`2;&r~4ca<`bH*12f9JM%KRD3Nk~GGHXl_>l9u=2=oC
z{w1NvWnJJBMy)M-CqMD~whRexS5!ZR>2z|PrUD*6O<@;wE1Su~EZT?H-ry4rM#@DM
z7<t|)t%>zR^2Wa(e|X)o(K)hCk?gauBoV@V3ciG6CZe<PeC;brcxG%vsUjn`m5MCK
z4OQ}x@|*Gx>dLTQ7(SY1XI3?ZG}~ooYP#BnN-nSh3@6)FMtx3Ka+_?P+f<L#7(DD$
zGNI|K>yBew>G^gv!r6nkwy!0M++G>Dz!zM0DT)b8`HQZ0f7;hu8Y47|bdUH8wIfKb
z`QYo-;@K)+afeK>wJsJu_N^z?jht;PS`K;3snn6;S2^DQ=qp0}OjF>E&&r<h`&76n
z5?V4sf&h!H^g^XERj=V!eys`&`&tO|Hm-xdyYbrbJmmNo0x4X5Z5(@Vew&a*GuQ3%
z>VDm=ScDr<Ln6H`^vBsN#$!Mj#uG{22{+B^*ZDJ6Ota47>aVh-oqPBuAFi59aB^N>
z#t>5*8cq%9GRHS6%fB5r(8z1coV!bhwvf2nl>#7pIESSh>3TiM>^bb~0K79FeLjAf
z-cKnklSJmwn%oV4pBc&i=1t}d<@8a{u4KM#{-u~v{rLdh{^GCL34U+4ktH%nm4;X=
zU4rXLD2Io*)&~)-k)v@$WEa06IN=XHh^WPi3&$r`^vQf<OTBw}%t%E!<UO)|U9Mv7
zoI@p3lQ%48SKuwQyWHZv<W3X(B@RQGs|1WG)^%x}u$U)W!NkW-xAa)c9>!<0KXOjy
zro<`9+4Bf}+X8nF!92dI=wQ<=G_M7YP<)m5xagCi>nK46Z=GudoxF)h(_O__f-<L?
zp18-9o{{)QtORKhcX+Ey!^}={+X{^>+~#ywYtm}i>N20N6%amNB_O*}R4@?Mp4P2Y
zixW!F3P%KtlS|xT3I9Ngu^c=4)|DcW<mFR;tIO+1F|J21m&GdehvM~JDO`Qy6pk$#
zUs;gv_6B!NtJ&HRK7>>}qkF3G(IjEcr#hJ#sZ#S{F#Z)v{FnK!m-GbOR{C`2;mv3*
z51m6=t0Bkajr_xx*3zY$w~gMPls8DLkW-Y%x9n&g1KiQ|fk&a<Eh%?AaNOYbvL)N?
z>m)C8j~Tove}6*ygkDB9zUyWW&pw(F2;j6<XOn8`148Ug<orMrMhF9ZmtA8B%qQfc
zZqvS{yN2+620U6V_ZR8eh!$4ef(ad^UM5d`fjjm}%Nt>xddZBGIH!KUZrv@I;s}Mo
zh?*D!1yENl7AO)Tp$o5$bn6~XU7nxEEmI#2Cv!KEn5w$boWUrVqUf0yn<9jbNs-Z!
z@xhx^_tGxn6D6U*$!RUPIqFZvF6`YFvKez9O3W6&VCU4~TaDdPBfx-2dgBDIM)PKL
zlvGry536YwQql4umHHXW#)@$`cIPWrcn>vNm;!ePylDyb^ioV?W*QqO@hyNAPBC3n
zB-!SUfye`bzHay;YV`qHv0L}o=yfEyF;0dO<R8b7IC@r7$~~>oB$9!=Q)Iqj>!MB4
zK9-O%-9gS(t@%&`5=M?kmYcwSg`bFOfaUUX#rE0^{abk-vYClVchs+EpPA7t(2QsS
zhjeIDIM-k8@#0ligg#&DLDuCSulUxsco=nORxu`_M8PTbgOJkU*CZdoMyfG|;6bu-
zEdL$saLA)1q{UKe4(^t%OY)bvr9z0ML(-p=V%{oJu0<ylgG`d^E3c&UMs@F3v6xgG
z7tpQD%69lqRcfYea6V(q8gmk_c0al#4RF`MxUO8bcN1R}?e3`1BpSk%Z+_WxRO-^;
z-!7uqY$^RwjwX3moQ=)r{gUN0xGkD<^5j07EwO)2hX?6i_;A%ly>aW_vIMdNL1yO)
zGLPz_V^F_T&Id9e_|13)_WN=bnmEZlz5qRPo`%I_ofee`J(vno>k(5;{@Z#Ryugn1
zTdjFH7F-Fmsl?k-srzvCEgC&vza8}~Q4T(@$C?%sR*QGAFsE%^m=SAgU`UHSa^3TH
z+q94X!*O)gqKD|32mVVNMJHDB$8#%KpUc7u7={Tgt7%yZTh+NwwpLEI_qe%Ej<SK{
z!(#5E8Q|zy%*f=<z|m2m$_V)DIY1<JkD0Bt{f0Rt8FQ~~UN<W%J1cAbib_>wwH;u&
zF}^+T7!t?#scpo}veK?tzx5k>3kBwULRvj=BIJXhPWO^61-G{J2yTa5o#j9&b1uZ5
zIYTEo_o>1m%qv{U0b7d8w;n2CMH#v(Hcker-5Kk10Z5+!w6F;6BP2Qj_y9lFIFM09
z(CCWqel6t2+s^T_)zYWA-o-6-PgeU!aK;@8b>W|`cL)q0Rvh6k5^U?m8WJ5RQIzhe
ziqx^C)a?w#ra8dEE7(w3py(OvPo&$WTitjO-(T9T0(*d6fp5)>HktUm8!=Fxc#rJy
zYt_vjROGj?!@c-gJ}s3SLFfR%OVW1B53j&KyHr<^exS>Y)s>hun0a5CVwE%Dfl^b>
zgKMnruT(_b_ci3QxP~1|_$leWA#Ru_6Ha@wNWL>MTYZAW7C`tMQZS3~YP#Ml=1Q5K
zOR9k-(o|YCyAI@WqWO9ieCUHaPQk5Ho2ly0KGMX&ze=zv)Y~+lL`jNR(Li_5uxZN@
zdnrsKlfkw4DP(?D_aXbzoFcX0%~m;g-aXdaV<<<6Pe{gsQkZzW=jy`iuu5dynJV)_
z;#w@6A262aYZb3ikiD<#QJZ2=gW0HuktJc4b+hZ@wvnFV4>Jpm{|rY7h~3Sqiz72l
zAcvKJb+caRdmLeUll=AkORUDaO#6r!ewgxS4<$JtMLaL_!6W3SH^KIjiRB6miKZIP
za;1)oQ}trNeZB*Ev^3ff9Quf(fY06pi>S)1RY-21x5*Ac!qZ5f<XR19v_wDLaX4vB
zaRx*30spuC<suT1I(@{GUVyJI_Kup(YShkWoLv|Zc+z$Lvi*r|t@v*4M_1QE;?_4&
zrjUz~o+dXLFy=bpBRS0o_YRwN$H<j<)cNLS)i2%~aprCEM5<(CbCc>y?!<lmt{%RP
zPzX{#%ODiWs))sdM-f1nZs4g8^Jt1TOTokf(}k{iC@?N>Q-9S;{uvMnZxv_4g$k!Y
zP%-4?{P@14xt2V}{C#w|+qaL`W}SE}qdtWZ_XS(nK2c|*v3b546?W?iUOo=5e0kt4
zMhG&JGsRuPZv5mLGcAc#QtzmpFFTU(5H+O?%(g0vJLS&=cll@vQOL%Zr}*QxEyo+o
z{IApy_*>GvPPC>rkbhJJFuw2Jqa=^k=XOO$Luy6qCDX;c)YDW!^z~4EoJaCG&t7@o
zK;f>}-H@WzDa3(qgjQmU`ehC?&I~^N4@*dxSLeuk?ipwzvdZDz*EB;*;7h<OitpV@
zt;^H{o|bC`)%nEJ94R9w2MW`v`(Yk85T;Rk?n%ik1cb5DW>hM(0L)?X%sR1K1EJ%i
zoN!zw7LWHlOca}yPab{>jh97W4JOxUT$5<A`aowTtc_=A`1pOgt#_r8T)#ijF3|y&
zX9utgUg*oOm<2i#p_+e_<FAmOPp62My&1)9{;sVdt0z3Vugop5<jD;)UF}(Ax4iy#
z%=JtwtBspUC@~gj$hahCTNBfM=$ZR3Q}$TXZ)jV&ms7KaOA8S4yj&y*)#-vGxvaDQ
znKIO;3yuO-JhUAA2S5;hR@NE7Q|~*Ti}L_d;6HM6Z6b{4z1^}jhjdqf3ARCSY}87Q
zy>9z5HH}=5$_=wtiHgH_on#s9nT=Jod!L_L2fbBYklMW7PpAeVT!&e?K7z4JqN9mY
zhghYW_Th$y(c3^GBDzt!ZYE$EkI6#XO5Y;CO!78zcM86SGrpwxq3-?q4T0_koi80%
zS(ey$rFK}{)~D@XCf!!WRxfhalb$Z!S_)mKxk{)5(OLbv&0i@PwDz)kOUZco`ZZsC
zfA&{1Xeu3_WON^D9~T6CO$aUM22)YHt@Ax1tA@wW{kkLl^hVh$-{zAWsK@&nke+t(
zQM=FWnAB{L5>d1Z-Ev&5p~hKkMoPAE$NO{~`lx9;)X~D?8JwE5)(vr|jyG{k`*E`4
z?AC34VLsjFonMnoIlOtBeIt;KoApn`cKD@8;dy#Cj;vnU`|>0ENu}e1E{_C&nLEA8
zZeON4m^ZM6{G04n{j?@|UuJalJaR_xiLKIcSVSrG<h#csxjwfy56eD!btt*mN>JkP
zb|>wZ)hM5|Vx+B_K&2}RJywNRX+LO+UwLwMp<rci5sl^eTWk`aQ(Vk$z1qkNAHQM2
zm5{ig-Pui)N#dK}%?@7B<^$R_K%2q6>9Rzjh^BlA!6)y_AAJWo*l)A*PTF<QhEeip
z_8D4Sa*x<UZD_-(d{9j5wmvB?=$nLg)s1a3kW;?`Udu`4rav+fynZSJ($+_33}cvy
zHzr*(-uTFO4kT_IC?^w4G`Zg3<?KjpE)RRSw-IzKojj-YWvaQ0kb(?}z!wlkA*JbN
z##eG*EKSIfNc78!WPF#;W-&6mVRD!n_9hqYif1hTf-M#4tRuqeNFyuz=z~aHm6rkR
zk+=P$E|2Y3;WISpJuKzgUf15q=4ai-s<(Rl;2Xb#+Orca0S6zE?x0k$^8L1q)?kIw
zXOZ1smO|nJ_7@l&%bq2M9G86zo#+LBJKJ?hD`KiNBhq@%kH`qC3x^~`Vu@kd@Ubrq
zx0(}7Me+E(M^vjr?<Ua%u@ss;o9@n}ka*zHvlv?OQ^lD!urP^zo8*6h_TJglE84=Z
z^#HFKo^^|2m~izP8aq!C?1u`=%R|;v^YQ}V@55e-SLlnDN1uDPB6#o6!zt27PD>f^
z?Cp+sGEu|fk;kCLfCp;%m+;wfELqeAJ&^Qy?r~e`DZ75VeT}|BqWwUTW_Qhlpy`&U
z6MlGqpT=DYBC_c*x}a%@*Zl?&awAdy`g>GKpB*JKQRu&<^j^<43R3ijC0taKW!8N&
zMXc}Xgw#{QNn%|p1=IPAwADrQH3|I(pmHg$;7Oq(RX`;Auo*@ZAHGBwGFJB@&54E`
zHmmc~wH2LWI3CnR0<GDm#CA=&=w2dEe`<S=(LDvEM~_OiA6j`!JU}8fM}y^Fe|6Pq
znU7{hWi*?*<^I}g0&3k`7aG3&pdh_vpI|e_wz~l)w;@yrF1HR`e1u>vpU;rzC;*Is
zL0z*x2_H8t$irl*6kydkf;viaqO#zd1T}kg3cGN5YUUi@r9hnGTeG4mjqfI<e~dV0
zcYE^X;KRO`4DB30nytOx34Zg(x&SN7`#LB7>~7b)4rbR}+)zJS3J}?&s#FoyKdrJS
zL+i?umZ#+@oReN8OR?+qzJ7(Wbj%fyv1dXp58E#Y<wcr)C?taG_NM7IISuL^g?#hS
zCJyV-&iI@2=|$~!_cYgan0M0zC2q-?3MW4tqs8#^`Twdq^KhuUHja<qWT~bn*|P7<
z7)wTxBFY|N?8#0=$TF0*Mq*I*NrNm6DI^KmOQe`-Y=dlL--$3ZV(1;->v^B&{rz#4
z&vl>soa;LO+-Lco--01N!hO^|<C80-zXLW|>sH8-z^T&Saq;9m1p%_Pa{=(7`n}FF
z>P+p2;XvsC)x(&h6ItvI1&x7mMSMY!0=!ub8pyu1^^x#!LzjS^&nlNE>*V~r8mDe5
zH+XSSU6%ki7M~y(=RBBpT_l-G`0KGNwYgpvcU}@X7p4%5Vx@e*sbQlcL>z+G>F+dt
zTJ?@_q^EQ#Ka$w7c|H~BUUzdNl;eUa{DcIdX!wji<LBRI1eNtWjJY!Lb2UnzsW)s!
zFER7-Nh1R)BBMRBGfIk&aePwu!?&1d1_^#iOzBxPuhu%Z1OF8)hF_hAlz;D7(Z`we
z`&`Ly#LL@1*0c6fx-gZ9*FxkyvR6J5hE!CApNLu3AgZ+p%Sm$O$W7WJgUPWc`Hw@S
zBAme7n#8i7PJ{qAgg)5FXk_h)$7dxp*ZA@U7nx$uAjpir!`J+vvpAwplznF6budKP
z`xTt8uDtM&kN$$)S}M$HST!_iQB=|#b6t$FDqNS|gQ|#~RB*RS=}^a9t4#con2Gva
znw%Pax7Eyt$5+bqmA0kCA&{0Ctad=vkeHVdHCx=N_c<~P<LD0AbO{r!Yk7f=XKVwf
zlHNB?!G^Z4S7Qr^0@w>Jx#ERyKZObgM$X@9OVSE<tCs7I>g)Ti-eu8>m8(&Xt%%fB
zGe29gr#0GDUJ)dC$Cjy&ab2VFoOZ`**{L%bF9!mG5F@=4$flYApK@L+j46@~zv{Ru
z$Y(waO?U)hsgl3)Y~(tBO+pFUE?xob(BtGnQ&Jg>{$x0DCS7Cu*-mT-tVf9KKKHJ1
z$xq7A!1+F+;hWd9;Dm~+GXiv-$Fx6HTesGX8bUWm9mHB=px@YfFGwZD<bS<I8FJ_y
zv@Wj_&>k{_=o$;fy)jlhBxAsCKd2RJR<mx%aY(x=*}MDYwkfaYll!d6Xh_J{L(?9w
zHG!V@vUI(-HkkWybJ2x-#i_!D@qG#KJ2rJ%rz?e*ruQg8f(3fH*^sYhjvGxyU<lCX
zxSX!jjMZwe{5qM4e>%T3?rNZ9;IiR77-;lNdFZiS3(4nXjdYxXzHwJY5w~`eDQj~P
zH6%0a=~^dpmCA=j$?TP(<w)DvuVJ?Z9u7Cx8&0^(jds2r?L65}ZB6J<aXlI%?^*nS
zyN|oJOMIC3VH)^jC69Z;21>DarzLKioWbKf5To#`s!2oRz8za99(Ve7j5BPnsLGLO
zHaB7Ohua(yhRMsF(&{L<HMEf!8w8P3cLQQIGf-*u&+QaczDk#%m2)VQw!-$9YniOp
z`la&TcjUu)E-0(V0SfO+Jp^O~c{rF&U-~_22z@Wx7>(@;PQ_pwC<1ko@Epfj?RKi|
zz^XI%BSr)g;CxCtD@2s>_|EPOb*yFX&(2cA?I)RT--y4Fuk|j~rkl)iat7(q4EvdX
zju$VX^?j5CxmD3<uE6_I(<QUGOVu64RmL8I0j)?f^+i+zg+JS^&9_LlMEO|lkM7sw
za*-~Q2GjI`cI@PD6BWCsa23(g)gUPIQ0IleB4l$A2`20%&all8)S*07G|hhU*s)XW
zNsJTeRe>J^X54BIplPg0{OskAj%Nje&I!{C`v_}g#S!<=$dUvC)J@zntzQo+sfe)T
zxrf>X6J;#<#WZJ?i(jG|TO&qDfy?ATZXaK(0<E1(9HN?Y?N|%mFS0|;IX!bziTT1s
z$44IUEqd_?Fst=aG=Irc)Nf;!6knGU+X&YStd9(Px?4P7+`Q>3NAe_*-n}to+j(cM
za!+HDcNK!xI<q1)7Y}H%JT0r~w6JWfPZx&IL^40~7fjLg(BF7IFMtzC;CBJ1+S^uA
zbj5-sq8$+t3J*+h4ty4?mmBCFWHw)?ll)d?KlD@zvE0H7%31Y7RrwkANxnyaxw^KC
zX#ei}fWMel=<Na3VAKD7ozQ$|THIw_!rZhyI9VMS4#52xW$b?Cb>@X(%HK#_=QPe`
zKPGv?-_?pWRxjX%*SpBHB98OCV@_ATZGIxuc^2?q%l_`yB9{<S#@pl=iuRJ18ogl<
zIg-o1`?zIJb8q;6;W<^}a_cL^&8AJv2$K^8WyiV_gknp#C@jZNEh{riHEP^phr_~E
zQf6ioG$HU5?aT1)og6&d4}V<g7@&*($U4*Za>2JfJyY#<uT2TnTDg`PVfj#K!s#wg
zg+PgH2-zwoxEs8JQr#|HSTdQaDcqNx>{V`IcX+o3A#dJHoKXM0a@MODoqA)p^BdH$
zriJIdZBN>_?)o<W>DIT3io638_EvTy>BM^<^=863jze=TANQ5Q(02S+Kr85@6AevD
z-rkZhlOGFR-FHh~6&Q78ZPsVniup?R5LRpn#QRP!vQ&F{7d$NZ{%APU!m32rO^a`C
z*&@2BZF({O?Gkq4=XA1a2CgF-JYptWnscsAYR^h4%xB06&;0edQu3ln<&sQ9_u6q;
zjxd*~`2Mx^jw3?5@nL4b_TDU7r;842`0n3=r2it66$GW~(Q1A!SBgMYC9*;~&Cb&d
zPSf@bhRkQyX%MME=$Ejtg76}iQ`!zAubg#H&+~OiCGywlKb@Am=P>Wt2eR;}Be4c5
z9s+F;qznsU2gXi6p<KvbV(3uFHVV*1YF(RZcW#gD=GA&mE=8@Xq+0Z2&VH5;$a7|S
z+L=GYB4x5hg}s~cO>q+qi~KiWUG-4twtYx<7$)+=Tjg7HRnl={NaGxAeJB4pRYGG7
zG4dw|e||OTGOf`aCQEng+5O3Pgu_W`AA7ISjP|h?y>4NT2I)(5Qr^cKYcvA}E{qTV
zp3%^VLl>oC?h%)Jw}?fY+O9eexokhW!^-K?l+PcdZcVPR4mL03;M3Q8o^dt^P1Gj&
zFRUe0=NmltjYSs`g_;a>oCj0ew$@(bD3!O**4?=LgPz`p)mu9;#+9g-|1nVYNJq+I
z!JV6HL*!{SF6R=?{&Si>o2h;5KFkAz8#a}B3j#<J$L<%8b1@rUkk8~6joz(xibt|U
zlcC@C3@&^UIAejw9ny@XrHVC?ZaH-(51>|a@H)SYSU{$RABJij@?HzWsaNBC$8@~U
zUQT4u%-iBB_$1*HE1f((%3(tn3y;H#(y%?dKsgDSwi6ag;WG@<#DS*(adc|i7)P94
zClj3h+nW<bBa?VA<`eFum7{OCFrky~5&HR({U`^%qbIj_`A6<r`@~R*05rea9|NB{
z^?tz7-*1#BS1tApKDBafey1}M(R3cHYaOoi<UBfMWWBjN*yzWKvrL0wAqM|q+d`Xt
z%NyS3274*2ix;_}oMfzl{?Ku(_-@cQe@Ah~;xStQI3rdsX1En)h{dOS6gDv;!6~2C
za*sFi<dd@kd7gyyEkv1H4;T3PLco_KW1-LQb8QCH(25m))|nLdGvgv(dpL^juKq~|
ze@a4hZ}KQCW-rplVYBxk__HilJzX+Uf@zeb(S#(w^HGw_SMmYd0Mo!@mq!$&M{-ab
z32a`A(w~uyyULHqs-6`hw$Y_)554LWy%2nq;c+S3{4Sf=4M}63SUf4zvyUU0*Q=bh
zE>nT6xU*Gsxp7YuY4k5`YIV{yFaicMRI1g!^8g$3ehC-449p%Nw-un9=>VNw1r`pF
z#2R4wUvy_3P&>RYZ@tY=h8)G!t^+C}`_*^4$9`n6fIxs42*k<I!2bP3Fzw?0q5|Rv
zM)Nr$65=rc=v)>%i1%*`Mjr8?6=zBXprZSp{?W|>Ac=n)F^MGOo>BqC!O)0QKmc4w
z0<aToTsS%vIB`JPHvj=3whJfE$Pa)Kqo9WE13*rw8{Pq@6!uf35fi`#{zs^bnt$r~
ziU|aQgF&F<|JPyocN~5L5IXSGwC@@@fE(QaU<csvCIhGs;-ohLDVF#lfYI_lWxE9N

diff --git a/spreadsheet/macrofree/waf_checklist.ja.xlsx b/spreadsheet/macrofree/waf_checklist.ja.xlsx
index f94dbef82dc28f29fdeb0782486591e741524a53..b1a92e00f023748f52443442903d466bf23537e3 100644
GIT binary patch
delta 69706
zcmYg%by!tv^R|@I-QC??(jeWN?(Xhdbc2K-UD74p-Q6IKbc3XXz{l~tKhF0L&vmh%
z4YOwMnYkxcbQgSX7y^Q#3<M<lyLa!P-(?2D$0KyXydIiFOTJVv@e9-dOEo4|Inv5v
zZwj-9p|L$lv#seKl2qtvqrS_68t<a<1kZ1Gg(eKHFV=A1)$po1ps)x`i|}{N(1_Z&
z&`Ac7h*M=mMWCFEDoh0UPYH1bIu{9%hif<zex@2^<$|T8q+%;bcAMwlH>^P;;|qU4
z{o)Q?gsodcSndKKMo(k_{4H+sH@?}o_bG5O%nufN>jRfkWf|s?qB`n<Ds};$w#VkD
z#8x8O1#~V2>a!2}U}EUWiU4a>#N>qc^RFh~Nb3ZY3=?jWe$4NddQ+f#o+`{Mtem;L
zwfYwnbtyH<6nHV^nXR)(kN0z+CY`|yd&<q{x<3;YAFW1>e+VkV|NqLVg#{mckMxgv
zRujQi5)Z)NdDCD9{e%wt2@Tfx6B^tU8z39BwS##{3at(&7pjZQ?$;94pl(RI9&mHl
z)-!huipmk#ZN?ct$ULn67WMP#bo7W;EuLOLPR+GGp<j<UoWr+8v;2E+*pBlAgv(2a
zpdNJFF1EU>a4oFV3}$7eW+`bHudtNLFP-tzs<8q=J^zq6;<}*RkMIO-acE4~B7kH=
zDKhJvmQEY81!Oc<PiJ~PEGPZ6xZF#z7bSQzn6Nlmbu6FMwL{~z5Cshmqr=w&zJ<yq
zpL9V&{U=S9xs&<HhPEK8X<@pS<||Ka-s-3(o5maglJmT>o1T`>cI_+oY<e2QI2S^b
z8lKwX!!WmQWw`~L3O|3)mABnvtpEn8)Nn&$rs*+1_O>E8u|6m1<Ynx`XU<$$NjNhG
z^ucIQ!iw-=FZWJ$!|?>$42dn3vQ8^nI|k!hK$7qLI)~RyiO=Cg)_-YsU|r!)OUSae
zk)s(bS&Lg2+kE&yLbR4D+An=_K$F|*k`8;kDrmIXyFTjBfBn0}89Z}jy#m0gygGTf
zwj?d7-u~7IZ~T3|TxsY}U^+s_!d?bnb?DLN1d*k|sbgO{uW`PnxHtS?`N`yd{!quW
zG%&11kZb+YSmJ4GL}-n6l|qa$LOV81!=>PmJp6vh!#`yFP1$TS*ga+qrByt0TC0+1
z7LfRs;GM@ZiNIs(c6lGymv*-rb?>3{y~5SD=23e=0{fA{nEP=U92|*(UmAH~@6ssS
zvyhRoey?l{{KkaGG1shjmsLXlzDCX9Zv1I&b(zAQVEe)QNs9)JU?StsrN?bBXbMGP
z1O8S=90B34%qO0X%^b`>G-nUO<m<n$d;3co&etOVp26&L6=yCWvN4MQY)py~hon6I
zN!aQAr27bTHQk^o#L!!2mtP{B@lK+y<LV&YFfF!nSA{e~rub0YfN=I}z6^3dxdN3M
z!xk3S>a2Nh^p9{ixevqCnv-xki6spN+6(SN>JJoJO;icFn>p;L3p)Ci=KUR&n64q`
zzu}L7tul*-?sYqky0{jRPJvIlR0N^x+@B`EFOlzZXHi)ncAvRioW+XjO__oYRWj0Z
z{w#mZfv+@5f4oF0V#xRrZ@oP6xdP#`vcOHD%@^;F%u?=^jA~QvdNZt}R#JF1ttgZ&
zHf=$Eel9;<ivHw~VJ08+seuKO=m(~qsj6IOV885WRkXr2cWz`4D>vx*&pwynohRRQ
z?^*p)@diY~oug^rQOT5M>~+~Rhdnf_x1dmI+UzmLDz7uA>iv`qe{w}j7u5%+$i#KF
ztYsFe^SY=9Z?a89+$$)Yva@;(2Iol8t;0qXg<1Rreet7zO+gM+&uI@9ak&qE0B$B{
z3r)WF&i;AP_S;92yRq~XQNg<`#$_&<rA!Rx%;R7(rb);zjT@5I`;}0v(X0O@p%>R4
zdAWOvFceX5Xj4pddt80qBTVaf{VvHzUi3pyGxJe~oEq+Zn#cVzUbwu4Ny<6XrNvpn
z$Z|<f${>>U+=NjPW2^A{bcFDw34pp~n<=Q-G_19l=Ts*>ObaKqcFSRj_HOD$>UQ48
zEEF`eY3_x{_B}7*y?5*Ul(Jdqal4~N`xwNL=>%*%hGz)%xHb&icO^a82rG^XERlTl
z*&c=TDleR1H|Dyq+#oC`i&;gcE71IC?m}L&glJ5c3-&^rm(SY%3ORj(3UK%!o%r!j
zv<D!#G|Y2sDx5l(e|)ye4O_^=7e)s4;Dl62DB01y$sYJ_B9+oqe%0xIW)U4z{1bl`
z8@2<6Bm3e?MQAeXPwB0LS(EmKGUQ0eINlx6XAd96X{%QG&ChaJC3%xD(0-n@gaP~y
z>4UA0+frIKl>TW+KReq>x&YVrFL@$4FP8muI<>ekW01<u?Xad9GIOeyrFsD(s9od{
zy)_1J>c)YA*JRcQVd7gc*x7PTLGz;q`*BBD?0ZQaK*oY~ae5z}K$d7ORLZ<hrVG$;
z?Y?;MXRG3$M!@s(3_>N?%)%Jil9J+UMc4b}F?xW985Rm;m+)M-M{=W|oT`b+9O5yy
z4HynnB1v+(#zkuMuC)8A<&;m58#V7}rWV%8KNarcC)))6pHm{*;v~p*l$x;3rQIKu
zH)7&)Q_DIl?N`POH@bi3ItO?J>~L=eR||xl5zn6&>WLkmoKsvF<MzGXWGiGqh|St&
z9l$TeL{&#ED<4EkL~@waqs>;notgG+Q?uQaZVrX*VFa~|(CjvzorcKEe?@%#O_md4
zqPEbsBqV0=9t|r0Byz81jEN{tg6lWJ_Jn+lEA`LYRRbt*_8%Ib;=TlN#O5w+8P&w8
zp^%qx$8QINB+wAtE5-r6vUEWb_ll3Qvk3e&D=q>UY<1m1y=KJK1#=Yyk1XdxUz<*)
zl+B8eFW6e*9W_*N{4V$6R%n-{s~WWt7$~?jw1=T&?ZAZ9q?IwU=dm#~Tdz}Q(RX1C
zp%crc=R7`1!pL$P3S+)GeOx-p&{i32jYvg*ymk%>kg_VWe~EZ{rMA9-HaU0FP;asE
zr|tY33qcpWY1w06?`*3)lwf<WU9+|JR~tE^Y69xiC>N}gg!CS}?`b|EnPwW*=pEb6
zlBO8_sDH7T0ITC2+nYy9h>QWE9~~t}k(7f&>x*O+)f^x%waDCIpVa8}KP0B71<xgb
zKLrdAeum&HvxtfNfRvPq>$#O-*ufK}55f||r9M&ff*)--Jvp^@EG2JZNzG~d8DZT(
zr^JuvD`pauG&#v<tCZn@H3v#g7Mg!$?G2d#ja{pSq2-DvLeopYY;5w7*F<7N{Y93P
zSPwb)vAE3;+v%1vdIDSinP`m0vH>}u8LQOq(LWMd9F9$lqQM0ImTbw54#e+Dz2aY!
zEjj9puRl3zE*AGo&rykJT|1U;?>gMJ*mrLCOyk~AOQWYoa{^hu06nIe174m*kHR#t
zkZiCJ`x_Z;0_8MhXSTV-72o=K2MuV{3ylz8t2<h7<f^Z)<};-Sn((tieWEdt%}h*3
z$_nj}6)YoEk#+NQOi*El*=__UC~mDwc<9I8{iCdZbY(Mu8p<qMPCEu&kC`-pVr2pV
z-YO4Kdi|MlKm41$#veIS$PY<z%n=H2QVP}&!}T=IB7M;~rk%uw*&^9-o(_vXofhKW
z;!o-voOz1c0|XY;>p5l%Q954nR=+3~a@R9d`70c(Res^?YqxKD78-9mItZx=fK)!A
zWj{e{^kMn&l7%ajlM;b>H_uOrY|SEghbxE@Zq<?~JZq&&DPcmITGfd~N8wAkTE`b_
zE;xi<)m%2`1K;s(QHb79h@4Flf?Os|A_7$Oqv+?vJNIE#e&+PrXKA-9LqM{L4J@TX
zD1nsFx*T%#YS)Ac@sMR+;f_8wY-k8fOtm<sl3+-K`{4d`USAfZBJCoO-4z)Uo=zwT
zg<eLD+4WC0{i4o1Mpu;~1i1s5G$y5ofxTIW8eUQaz8gav{*}kLK8@qoK<5>u0l)+H
zCe*J;5-Q}f5tvukxR8F8sSP#z;bZy4opppVJ+J*_w>0?<{p>_)&!5e)6o<xnL`&%9
z`aC<i$O8-qYDZ~+QMt;UB{<(5VsK5EfVsjXh4g3N6OKDmV2+y9>W9C{BQOx{H&jLw
z6L`d9@Kjs5X#_0bN`)*l*XfjH@P#v_Hf;|I!;hxJAMLlW#RpMuY+etNu$<^V-)gHZ
zzgOP~gk^V%%?TVtnv^m!hN~zdf{oRv*ACCgQ}-!ctKlZ#e7+G$ZZBVt3a0EkkY)S`
z;%Sj<%Y7+fek_U29_Q&e!N@mGid#a5G@l4NR~XB%PKpLR{{pdq5LN{#q=YJtW*xEE
z^|&n-Dw&oO71h+UM=@>h^xL3^(mhr>WCji5n|sU|n?y!|*!o2)`jr%3l{JUv$~oI#
z=uyURWBsgQweNJ?mlg4Ngxs=784zTeO*MHvzY1-OW`_Bh)0{cIaW~N`X=I*S4xoiP
z{7Iv_J#v|)E_+7*t)C4qLzVF2j^_QsGHv*hniS=Se{iO37L+&)l_ARrKD={OkY7$x
z&VaN&@qjJCL*vvZH4-s2*OY$uG4J)pe-e(Fktarh5{F+UWYK<=a12wR!#u2vZsnvg
zDTf@z%#oRPMi#&Z1{v`O6N+GGEX;iEB|F^fHzA5FHFM=pC&spKyLBHavnRY=Y>xt2
z`hC1UF{etgI9R#g3G_iKl;yhwwXa%P(DZlFtbxlPVg`IU%abpwGqYV4Q|=R^P|{0+
z*=nQ43#irFdoKS3R^;-=CK3CwY1WM9znm!o){f|C7CZR;!Jh@^n-1mbiwjbjccabV
z)0|dC5`#{+dF*C7&>8k4V!yS#+<Gb;!N{I6LoeQ>r#2gu4>7q0g>G}T`&uUM62Et8
zcxO~0v@ON*%j3`DsK2Yn)6LV`#b%+0)vh#(`a|HSs84G&K&bYC)TP)@UxwMKhU2PC
zz#4-a`=Knf`)rt8gGrM+pniWK<C*Yi71i5C#>N~od-&$IsP^MAYM}Xd*f7GSCT^oR
z6AB+iC2o*8lSgCEe)~ke?X%}2e0yewEESoQAdS~k8yQHtxZNXpOP+(2reQ1Z`MjZ3
zzKwFcoNmT!G9!yP^ah<d*6RVDUV+~VC<6^d-%-PQ;jxK~Yw+ufdyyI(Ml?zOJ^Tx(
zNQpn@%2Ar8If{9-wtfnR?Ga1L%O4U?EfCK%T_p<co<V!#CNMqlhY=beFH|cAMrb&8
zr`I2Z!1!95X7`GL4BPOU-MBTCjP=DK*vFNFDP(%(J03TrFkm&}5Vegn0{@!7<fYX8
ziR!3JKhvyzX(ohGgAwiG%LH)`XouCnz7bbTI=D(lqRR;fC2sU5y`l0)o#OFt%C*xq
zLae>$hK!fDnwGQ0f5f0iO@-ck7aE~CS_8z0X2lQ-4H1(;*7Nh?;(&_-($Du`W!P@k
zabg=#2s?sE>JTgOGOlKN$9F!utQ4(pcXA?+3uhwlzc2X+pIvdsjrwWPUc5BnKJV^C
zdp~O_y1tO}Q+eJv*x#Ts0Q<+QQ1=HFM}@@h>61!G>7SHGxt8nUyJBYIhfUk=16(f2
zm|q-52%FS&QjxS0R+{LZsZPL0ORy+EA>d6`ScK`%8ldZcWQBc|_1mkgF(EbGsRnh}
zCtvl|YPe3f>xpSXz0svp!q{W&Fw1S*aC?K)SU-(qKv%dMYj~e?7)8*gSs2nN_4V=w
zS*XXO2ehxfy2o@+0x81%9WybFw5c$3AtXjQ!z6VA_-=V#@oV-<oYBb#!I*TtUV5|S
zUhiBSdO?|Vq)3JMg<)|#n-8|Y^NX#|fn4-K;6ku#_U|%JveA%3=LGv~*$JDB#ZnlL
zLFGJc#SWo!;|-#yOj5#34>xJ`=_mhxBp~5C4E=bLPlCj^G<BU~s`tZF*&MntnFU@Q
zVFchQQA#qUu!SBL?`=Ez($hlpCWRrD=<meJ(npwj%t854SHaEgu%?`+^FJfyd*=p~
zGjvZg;VxtK+~!8<2Sap~ozC@1$b(81WIsCL#{9#MF{C^pk`9NMs=3`!@8w9P<RWfk
zKk27Ng$ILK$J6mtA)eCT{FXKZU_gD3Y(aVI@rwUyOS~7g^tB;V00sk6W6sSo;Rs@!
z0cW{UCQ1D&B3FD&+Mh8J{V*G>q9FqH7K_nsC5vZ36soxkyph^VsT?j->ss@Zhis9x
zcd2J>`jbtKA9*cO;Eg|prSGp@`2BfG|E{k=Vm9Y>-~tf1+_e|>ll1@eY1JhFb3N3=
zmqWVw@Nn;tS4NDeDX0=<cV(2>_-6{79iy32_ob?^KTAM&Q{9GuG4nDv3@tNnT92!(
z`n{?zrIrJq#na%)fz<B$IK@6;dN5Bsa_jAZ!7kYqu7$HB1}}wx_InK;G(m6werLn=
z6gKt>(kuYt9}Lgr()>Dhm>#aY*3d`)J%9T2nCoKqXs<d?WPdJL59QJhH$qcBB?AHb
zF@C|4@ffx`kTQH;HBU!QPLYy@W_hu){0U=NStIwun@YB`bEjm~K?fmPtrK@x+y_e+
zOcFEubEJ(?I|sr&oiL5v`5;ub@+ZK4^2>0HruD_V_&L|ydWrMc#t*e>XImqIU7b&}
zd797gMNhX5&gIijx|+v`ALl$n1a{oB^Ej^_Xrz)|jd7&dS{1gxjQA2JqdWA*M^d^z
zw%kS^VVcdPB&U_JBuHKH`!5<E6v?&(uPKouqDP-sLZGNb8FxZmS{a?8t0@Da`ccp<
zLM@RAs3*Ix70_UAk`>Y}(k|1{IQ3`wagsT;`{5O>)X&eE<LC?4g<$QJ-^GVV3PtMn
ztcZ;=>iN>)tLqp;x>WZ{01Cm7o3#J>Eyy@t<1V0fv*P+=c(L3-fsMz(9BV5+_jA&O
z^P;`TUa!QC_ort-&sBCOFdb{A@*Q+)mU6_7!nSRzCl#5JOTGtw{cS6~XuBOZ@4D-N
zkLfPjWirC6sD%JDGrx|{3iKKUJ2TeZIf0-uq5;1>9vb8vEQz)8%-p@wO7se%3_XdN
z)M>-9YZ#-+kU+*&kAPz4Pi&JFF~}%)pLjGtc$5)5wUq#9uKsUy<z0sIBj8(J^SSfT
zZgi&0FWb&VIv2#BrYYFpyMw_#G61v3MgDcW#T!a31!a^(uc$<ckF&*lMD+Rz(;J0@
zcMbLD(gk(lS)KBV>K5aoGtY@<-oHF(><)TeJw-GSaWXQ*SSK(H+dlg^tFOJ>0!{b#
zk1=M8<L+GU3ILJd;l6dzJD;)0)Dz#=O83DiBcqE-DppjO(hd){4r{dVCtVVrq#=g=
zoneZoWm&Q3-`35S8SqX-Ci0J&gzR(uACSJE0To2cKTZJrtE~%H{h!ah-?FC-+8uDG
z;C@SE1bR?F8;MAN0a*sZ7eoU3Oc_01hW`Z}c2TB`%2F)EdN%?IIFKJWHp9`_2LG2@
zGWYa7iSGAuiDQ^{DH0nH1a93kF2kGpU-7tzAHx{6`JH>_vwM)%@b`4Y13&!jc#YxQ
z-MFTrVcr*j#p{=>`?DINqA2ClVwU5oR@ID~+ax3ukOE|@`u!v!;(l+y>CFfoV$uce
zV7;nv42SywNjK(XJp0P{UIwAOchcH8zJESr*&FW)PKc!)l4>nq5QkRYh4nm&&Y`eM
zh|wo(e`<~voab+KT2RvUz1MjG>G%As?bBUpTc@?%Iv&N=wEbETq^!E(y)JGXuyJ$5
z7psNk+^0o!)po<eHRs-iNkZQV@qhIWekALT`(f#2tD^Of+~O|bNjnsY%#KR^6S%ZJ
zlz9Uc;ueFFaitTtNDnI}(%7h$=e4%YreyIkRDr-<`^^=eu+M7oo&SbbA}Q_?M75Ho
zII5Bywp=>J)|n6uz?wX%UP3u9K^#O$g+(K1+(parpE2M?3z92KmEm5EF#wH!O>Zog
z*)fdW%ju6Om&4^*O`@y%80nE=8@D72cHG$0=!mFNp0@%1H!BzV-)Q4rvWORxt9Eh+
zFB3yltL<dhlfE=)No&&=#IXGN=PN=M!2f7|I!%7=Mnc(9qez8r2#v^xkAvurMH{Dv
z4XKcrn()^28A~5C#c?|z(dBSsF-6V^6xfmXlF2YG^IdZSm%a0|{QA;SeB59BuJ#x^
zpIq8#h?u15POZ9hoWuv&2<NfpoFx{mfhpe&M~n1)!~PPwP(SVxWwZ@OV0wka#SQr=
z9;-I?Y6*mY>urcYw(0IOz)Y%+viw(Xo6LE5xA0`Rm+)kqJ4-+@otD#jj!s>@qUnfI
zmO4hBXZ$Rsb!pl|7zzyB=^OVk$7Tt3a{}e+7S~_oa;v~`%nhAiUD_)UJ$)0ITXI2w
zRO{JWY)1y-B`@dCDdm&0M2>9Dj*0wy%rRWDzTiQPw*21NN>(E%g|Y%~v|$Eg3!*r6
zRpxdYu~1SiINRB4=EYkZ2Jl|)*FK-?mA68Wko5mp2_Iza+0m`clY#hKG)M%wTB7zw
zV@?&!i!+XfBKLVL?S+4#6=U>>l+;{+VyLMr2cGr-)P;h8x0cd3oEG-xQbvZk<#VI_
z-dqWPf|(|^!*w0Q5Gz}5_FgJlJ1?K*I~%fZjO+&`2tx|iat^L)O$^k8A-(e9#hP))
z@PE*D<x$}uZ)r9&Q;DTo+99-EgZH&MAn6rZsDE5(PP(M`8Ekw!({~<5Rucon`K#G_
z+Cb<^|8mSo2Obufs3a4i@_g%pJYE^Le8Ow=5<$59Gt>#V1T1XiV`+_Y$hS0?ZxNof
zQ)*Q3+N8+Gwtyt<FJ?<ky{bs$eIHRVC4+P85<i?}e&4)f&c6fs`F5(~@E7c3X6^TZ
z0~|pDmO^vLLcn%%3iW<w;0f$<@BS?Fenn=yeY0lc!EXBd81cNE*6$)P94SGYp(i)E
z*H#@UrwD9K;O?+9$fHYF?VyM#YyV`<?|WN8#n_TJ7Nc&g#pK`!t<}}n)8?o&=p`DZ
z(>9TnwPW++Yk1*?``Kv+&4Gs%Y`rv=>k87IgeqtmJ%GGt2H`POK!cD1;<A_)i(?-Y
zxt!J+zH2p?$XyYq_*p~ys*&OTnCQX46aBw1?;FZ5T}k^HwtnGaVHs|BbVte2{P}Ee
zG0SnuEYFwsE2|y$uWOhv!3}==>`U!_gk7f6Q#;R8iiYz5YsLKe{N5q98{w(4gIk~`
ztl6xU<@>gxi@}|t5DFTyl4UYJmb-4c{if;TRn)NY;co8Px@^dFQ+Q=97WnqoPoZi>
zFmgjE#k-FwqV;9e{{QwHtTrFKP?PtE{P{oav*)@s1ZePWP%qzyw$O#7*=A7U`IUz3
z^1KCE(fUySPnEQjFu-eQDMi4)Ufpt@TXGLBz|!)ah2{4sjRBj_2wAqA@|zelH#Qqh
zWTfq1GgDW0DawRjN@`lYIg-j$aBYggfsXa}&61h;ZtiD}ht%rG>9C@%9UU4XwmImA
z$W}>8{%<fc3myfR*4QHxWzA-sFe%<66^-VCloD~CO9njb>Ds7jAX8A1@BQDLfDM<G
zsJV2EYHryzg~ee?u+#InsNcYxrijXjIM4Yd%`P3mdPMi0HkzmHXi9ga5$U&8;lp^l
zJQ~@z%BStYmGl}J!@HogrRU`1Vs{;ks-eR?5HyBNmSh!2`*dguqBbumzJgm@cdizQ
zsBTY0B)EbEe}4Du_5dd*rvG7~{uk^X-L(t@e{W{30`DAzbjyaTXw*=`1c8tSmL?#d
zP)<Y=+JY7vBIEA(^SKX=yWBj|!=M+F(Fub9ZE^IqA&$zWBQ4uQONOI}Gh9yZ8N)K-
ztX2}2+<@U?5t7!TNLJxx8S*Y1PYnn7&+{GeXvvyON2p&PI-JizF|O&G{L>3q-kQ&M
zDAsiMn>8ifQ0-p2a)P8L*PmD9CnUq`u%;q`1GMF5*@(GeMIxgTnO{VD*KJxL*H1@W
zG*Qg_2tZ`k`wSx&GhNu21|dYxJOLN9;Pih}<F0y>NNO;JGQdh4FO8QxBuie5E=D{s
z0=^5A99~oR1(Zf%x{JjxsX_W5&HrO1nZHwtTJq}bc!>cL&#J)kpA5mZ2U*t62>#sM
z7*j7<t|(&-?h~m|7N=9nTUGMRCgE_#bXU^PGh%a_U&vD!O~5p6(L2Ohrsrv$sQ&5v
z01Up5hRungKK6jnSsz*kXG)nR%eXd@BL~+6`LJT<0y-T1ywDEQ2!&xY+MEBiJ%z4H
zRnoe{)?@y@{eTP8_M{Y9Hri0%$}=C0e>>+Gd$8{k!8XWh)u1P-P^se+uBh7`@B&#R
zZsGg>Xx6DJm$gjh(7EQD>jIGCd+<S{k~2%fP)?(-R)8!;OC0U}U;5$#Yu&>Rnc4NZ
zeSZ0eRYC&Y$)@Ag=W+Yaxg&=`1)}30-?L-3+-*m1?~X1?Jm`t+1hVKQv!9HwSO5>z
zr!vmYHGE)+zxG0XlJh*evvH&NTyXW}lP)3G-tUHanPYFk9ipRg;CMXqVN#Iu#Sw6B
zyk8mDy?JP`i~X%I_+WUY^ZRM~<YMpUIA(gkb3WV8c4Jn(=tc0RUhp=CS8wG`rU;9P
z(~8#&Fd+n-9X}9e3-}BX**(`5SovOL&!J!36xzHz{^>8gL!T{rI3IkdT>euG_|CFV
z+7q5<+1Y1nBXoKI%~E>HgI+8;@4qzG%ERGnF`f$+!&v!Q{qY1+Hr5C`AJ!hX)$#uH
zTv7XB`K(`xL4kOr6q8wEHI#O#zkO+-VAl+-&ViSC!A5{XcxxJZM^C`#8a9+pG0$nu
zVG~&G{J|zT1K-Wa+#B^RO=u=uR%tyb_ARDFuLFJw)N@rg#Ewl0Y$xzK23*FhWzioP
zvh*S1zQ?0$B+bZV_}Ki;AmYZ5BT8csucj@84|Ji~cic&%faV-+>kiuj_pMge>~r<)
ztU*jQ%B0mF?DPuKl)qJ74~rVt363$xPHN3!9Mxd%5RVj(a0Lj$Y8+QluLy(pKB1uj
z$WNkgb4lqA<auLVxuT-XUn^)+;Oa3yg#}1}yI`LM9`J{*+}|DAj#|vnjIt9T)Z5nW
z88HtF_<pVyo+v#WO=W>jzfG1nYL9|Aw>n1-Xf16qqQ=Z^Y%RuSESXk7D$`^Y;>g|X
zeYC78n_yq~5u)PU)MZSYo(^1vMl`qlIbFLT*|6#4(dM)|I4-D-g2$W_=SO2pvBxkZ
z_;<oaL|;B?V5p0UykPl)Gsnw7M(G?~Lz#H6qrbfT74{Gbl1)S7zw&d;9QwEh6yo|i
z^GRWvlJvhP{i2+ZxdkuPl1BNIF31dzp^-9%szDY2q{7g$Eq#b>?}tQziJ=obR3Db3
zySt5s+1V@8o|?}<S!BTCO}91Z*BbK;H%|wlTmR(=Bb-%63_%#ynnKl-rR<h+aZ1)M
zL8>;B@nfi=@}XW8*?O9HWoaf=MhI_XsKo)ra?>)}h1c$OwOmg8yOloGJJb%q(m0&M
z2WPu7Wb{61p=2!*zA6l8z#5i*c*3LOA2&m50$1s)$m*sn3;$oDlQTe3d>`ds;}0##
zXOzn+-hMMbs@RQVCthVr7h%gb_hbVe<^M(l!{p#m6dOvRspqut(;;zTs-&V3EtS2r
zAN|M?N4Xn10NwzJq9P<p1uxF+IS2wXO5NusZB$E1clYBcuWP3EOt6gR*%f)1{V^MD
z>L32ri^E{0OY*e2M;onaz-d`k69n7BRSwLh*+hH0&3P#uV_S5t;i+QZF<Vfs`ZVId
z#9y>`ITwBb(G=`7Zs9}jLd-iB*{g>45;0nbW<c5MSXqy~SW@>g$r}O<EkyagRFo3D
zhPT0~R|LWnkm$FRgV*}Wpvz3L5Uws#mK@)|j7vdOagjWT`;MW>i6HW|j2bQMA0Z-e
zUM#nDHR?cz4Ub+G=I=*KNhpj4lP8VUw52Y87^9TaP(!~En<O3wnTWrd5_s(^rd5?w
z2bqd%3aJIp9+4Y=s_1~OW;LfSYZk(>U(SecOTxOBLQBT@FH>3K*5uiMH2)cw&A_vx
z5|1zHuY{sq-I-(z9Q|Henh1waKqqlof$sC%_=Gd_XZhRmtSI@S<LNQK5Po(kotLa>
zl^ErgRI0E<86au;FMo+PD3N_HV_M^{Dshahls+G!5!6ijjWgPsVTfXQIbU87r&}54
zO+zGPqO^$>v`MeMu}>1O8Ztq56=9^{0U0pK-nt}m2`iAD|7Mg!)fJ}6><)|z*X9or
zS3?Q@+l`}%>I#g5#|$<B6AqWB0Yq){pp3|OCHqHo3&p2@05`SJ^w3~$)gLAcB*{`~
zVBBlYqj!oYCeMS@WJ)~!v9cK<Pb7M+sbniVMKh&rn=>_Emb!?M*j+T{+Q1{1A?fvy
zQ5AjIxVkTDwj)aJC6dhjgdln5qSTvYv-+ulH*+urM*jL{iXJGq;<)QlE7B-iS=-Un
zkMfRdkMK)nbY7ZpQ7k-4Jv5o^g;f3!8YHkb0fF=Q{iT5*G?bQH<Odro!SP&OEu1Qa
z!0xo-n2P$q+HO%Fw0n8PcVjWu_hStr(-RP^P6{p4foP=#Ne=?~<`YzYE;BNy-`X3_
z?DHE{hm>h+h(rOKk2D{c-Bp93lu>+Gj8%2SsiFR6zi*`UUuNR$RpFrvT>KEM8v9Y`
zoB}TC8Kz1gW%bP_1ZjIjXx_|$gMpB%+EA)U`?_3H>=Ca>y9#B)EzW0ed0e&X`;(lG
z&&7a}<#&hhjMwC;@2@M)mktZSf$P-0Ne6i5<{^2ySo>XTqWW@qB>%X+v{PS5PopiK
z4Ea}%9jMU+_8qeC{(-@}1=M0%d4YSharSBO!&-&Kk~91a$92@S23G`Xac}Gq({tEF
zHLmVO?{iyVMSq-nRlEvi<>#irPRLr%dc<C=3%#>iAHU(5waH975Fn=3*VZ(V>HH*n
z8Qxqwz2j(gVsz>MPYKO>iH)0;F!)YxxHo`*XPURL-p}&X@4b;JgOZ*>pu9{>yWi?3
z!WKg$&#pJ(>S++fzc8l_sU1c3S%_?7PR>{T{@C@?wZQ<pH!^6cBjVeskEBHfIL+G1
z_>acl3iALeo=@`4ZX3)k70aMmdtV|nwQhJ*hanK5LPi(&fm(BFO8N2~1suc<*=K(f
z5=)M<3ZtY<^fK9L$z;Q5dAjKKgi!^;922n6|6BJM3c}v0E;J!o)WY|K#N|;S>?ZWl
zyR0IO8(z-NlyDl6yNDa-$2uuNog2?}Yy<Sv$q5v@ksbAoB+U_a!B_ubuL+37I@rWS
zhmc?3RCj2GQ^n+F=V*-#VMdgb^T?SzNL9a#z<oE(v0Iek&2a+zcR>m9P%+45L6z~J
zN6!=@+n1seY5Ju}mONd}t6{$T;xz&0iipxk5$e1!#ntt9Y_;$I5DErdI?4-e#1%&W
zl5mvQ#k8$Uq@w<Qg}Temq#`|9bG`EAD6~BT;t215D?<*5Y~1E@zM@t2+!LCrb>w%o
zwppDJV&Hadxz6Ta^N&Ph(X2aG3_^YS5W+nhe+)&3{Zoj~xZ{mQ6A^E;5|o!Jndard
zpf;&pKz;+?ZK4O1D2^!O#fMe)bOq)Syf<u_*$DrApo!M;7<cdSu{#56$8)zFl!LWc
zUbM_+JH(+N1Uc;>KkTV=Z|ixZg#?<zps-s|)#&?xfl<4p*u%4gM88t^*|4?zEX|f9
zM^W9q2rK1-HOG^CUvCj!I^#8~z=@}79LxUeD-~maju|b*uQIn_46-mADeiNs$l<<@
zveplp5jrJOO4?<uAVYGG)IC!rwq%HZuJpb^jSVI!bwO4TsR46PHbBD5>0(x;2|_6M
z_mnK;$jrjhx-DsZV%nLKhQ8d=w^{d=xNy|5uXbntG}|m#?(YN2<5>}ZzperT1(4u{
z(Xanl2%Kh{!(J=#{C&KeU`l~VUUU_zBmK;muXz(}2ELfGIAL!w5nKuZT$9a|{}o{Y
zuL!GU!&h0|)Tb@zU(U^<4ktKt;>xy?D{N&?)H8ASlJcD%eYm1vPUPR4m?Zwn!8*M8
zcRsGuC3^{W84t)1C*l`b^#p51;&#usl}NLyqEiURv}7XWa+Kt{YA`3_|A%aG+?^UT
zO3zp0JHfC!h3bHJ`us??udrX=SfX+fr|dG<Ih8;H_r~0x`;B+qWw+LOttG=~uxvZ_
zlqpPNoxj%ecODetZ`la3^DRzj*;d>E$U;#j(c816lNgRCZx;H(Whv|s6g5!x{S^!}
zkg}~I|E_9^lBB-=g~GM>+EK4xBs-s*BL?&zrO0Uy7dR{(M-@<P0}>YLrxb80lc|y+
zB78&F_I2eyD)6n9&4D7-f&1>d`EWS2+VvKR7TUiq)^Tmna`f(A4|ou2v5KE+QBG9t
z6Du>86N|i5l~c&)71cB`T~f4{B3-NcUGQNRWcYVw&ZP5tQBu9XtgtLpE6VFoG$zCQ
zu$Q2zM@I1MaX?EkQ}21H<9PJX7qi8$pMH0KF3IP3Jj#@*i`kpn=n#`ik8K^J>1!^-
zObxO3fK1&4&6sxsdjG8cjk)v^vd+eZjoAz}ily&*rgBKaE)y@<p~xt6QcFpbrt`~O
z_5F_ZeO;o6$9b#5;!@)UqSWQG5$YF|dRlJif<AntV~>2PuMa`f#kE+-n)QsC*t<XH
z-}4OWqprvDe;**2JhAIasow(qSOtB;h*}n^2Vnccw^GZ=O8egM*XIj6>hJv^i<#f>
zmEwB;8!@|A#!$sBGZ~27SL1Hw{sZ3Ua7??@Z@~0A4IQa)aAOIrjdCPz#ipv+l1k3S
z--cxw;HIV3%)w2}_<>`d@@^H@9P7WCcO&jnKX=^C{o2!GdJRL+V-pQfG75CAt@A%{
zAN}qQ9oWxJ^mw#nZQ=6Eik4(>iyD9*$m$hHfJNKzZDdQ%q^6=mYF!|gnuUC^TJ^IR
zEwu5_l^EeK!r6DDitZ<)lW=8F53OkFqwM?H@qBM1n2qaGj=M>P&7H`-r4&w_0%DEm
z{zuzi41UTQ!JDIQD^fbf1A98E99vfKpjjmeMd4BKBu!eYRP;R5r0jogy(L%@Y_de`
z56b-8Fq9c|xWdfS?H6dW(J%M+<K<#*9astBc3^4-1ZJ+!1iInO*c^!5b9Od&n5TJj
zj#)cxoyjc(-{$Vb@eBD*D5*keKFE{DdT^6cn<t4G0spRF;B&`g_eS(_$4SbT)p2N*
z#!*X0Ys4#(U$u?XQSvZwD^SEqMsJG!Cr~avSv>X!R)uXEs*E07VV+lkROFkGXed^p
zRmPZ&W5o=ht*L)R2&)|yYrtAoylBboeNI=YnX-H@kr=%4Xs9_8qUKU%4GXkCIg~o~
zaYTANs!MUa{~N6viR3v397<Ub^KrLpMpQ`fzLfE_rcM8XmAauPW5kV*;-yf2$A-&2
zkNs9$toxD8V}GdO-`;pOXt5YuAzH(GSs{wANxOk)I9T8<Y=~TbCyUkKtm1lqjR1dI
zUxsMEK9AJ7{sp+%TWQs|Cp<eBm~$T-zv4RY@U6a2dY_PLt2G_p|MOQNR@#SsPP+_f
zkUqb-Vr2bKd_%#IuI6qOF1|n!wPBdQA}hlNI0v$1phZLQbSD_lA18ckK}9e!O`jQ5
zjy@tSxs=^&%F!#LU90*k@-yRgoAK{9HM-Fb<TfCbWzHW0i6-&AdI5jUTX0v5LJUxO
zX?a{UJ$Zmluz7ZH{<E!OI3twiibi-2X?k^YJO5)NMgQFLll?bg&<5s&=*a`wSzd*C
z;MP7GH;CJ3-#mZoCrCNu-^q~rPgO(sBG_%AQio-&Zcfi*noP-lI?I?yax~~NO_(G=
zF2-}K0_nBGehHgF3or8T&X0Pusv&+7?W%q7Z*PtC?~`m}xc5D^54%(`;cbSczgx*T
zk8VVQa}%?S4`!G=TW;rWQH$x)@+0bVY79bAllTd|FR9Mr>%7ZC=IDkbsG>_-Z%^d2
zv)9i@J6e9hBBnw-gt_hc3tXnK0Pz~?8rtRZR(SrLFXrE`S5k`n-nUjJ(8X-(So$bc
zvWGesuw>B1Ks3)JwG4q`aPpwk&^i+gRP#M!Yeb4$f9$#J=>4#L)vWI87yhT&6RRER
z?P8rn&yyC3p6hbI`z6<f)KvQ|b2`|4CN>wCR7P&|TAKicy+U<hur8oRf6xdjZlyhw
zjT16+tk<Nnq}kH;K+WAT<Yi8vp`&~v&%3yE)FBpp0_(1PQv4d%U*(F#BQLX+=XikG
z`*0Q>H)EA6la34Cx4Pv3`)l%9;Ad-$^g}k@lne#baL<=U&C(TT!JA#D$Th^T411{^
zI{|fUxh1l#P*vo>F%vO?*x3^xZuRuhwLUELj`(JPeyBXpu&UJv=@iQn+oiW7mtcW;
z@pW|ofeb`@jBW}_pU5ae-woag-zTk@)mgwWAPO)<fOw0`@TZ}nV4p0p_Yh94p>fP^
zMg{A_S_3p`LkCxJUDQTh>@?5d679kqg;#`SfxGQ7BPV;hN^>Hw1mVsHqvXN<6j@`e
ztSKm=Vhp3j^J>1nJJIN0^;j^jyzX0U^Y@j~5t}6N<oe&UlPb-e?fw4v-Rp*Te%PGl
z=OTQ%d*sspY@AqBlb`NPbE46IYsi;K1ejUy5a@f)eBav`$lTD~*2Vd-G%5D(YrB;a
zAHZyHtk;Z#_8ZhE?e_I#`iZnU!ETYOrPqi8?{deQoI_4Vi!7l4n?(ot3yfA?OJyQE
zod+eI!5}6k-CIF=dms;AjT(VUH;%g|Dkl+h_6k*kwca)VgNYQSa=}0Y=R*gFJl25_
zHm&@w6kOiztHF=0pV(t5M5h5dj`P~VgyFjB)E@{-ooD++Tc#>ec(JD#qno@3)|M21
zP?r^=BwNNhj%@qT&{$4M%Am7PDmD5f8BqmZ*E;%&Nsw5U<II;;8YrelV5@6L8CWQ(
zzru)H_F5}d<&_i*x+iz_Q2iIkB}DJU@`4qv!X0C_z-k|WU8(^gxXu^5-;ahQ&Q~^-
z<(Es+CYWj?V`|=)9Y)g{1GcLZ=MF}$%3qgerz_OBtA#5{6lgC9k<wD4>BLqa@KoI;
z%IP0)82<G2hxwRbETIILe%c}Zdq5@=#QUE}j^lC5teog1H#~2N5KEcFDrb-*Fj~{o
z`Y#zQ0Vr><VNNIEBUKVd*kf72O+t8u&7@5L=7I@lYNnghS7vQllu$ziEiCj?<FdY)
zTm|+7ttw{ngLmEt%O{KTWvJ?WJmqT;rw4xsz1?|6m94F<n%W`~DJp&t?HwNFF1u{^
zpTou=T0dsFoiZR7=N$F#HuBBZ)&j@I>lNtj)HzqsU2Tfzu45MJ2lF+ltMH$Jp(KN}
zsIzj!tjeuF7e6L09YXB)&ONW`7M@PEX)kPjc=vO;B=g&Q3e7QpHR0~H;%pz$TJeFG
zoeqirJ)p}Q$VlpSgXq>D6cf_Qa75+io0cDJoHeU5Fpj`Jl%u|0fB^oF)n+)(E3U*B
zw-8(n%yUG#j~#slbYkMyp?JhAhX}sP(yQ^M_PeoNx$lTRp>&Bugeqi`oBcrejKH@i
z>)+(5!{OzseY&>r-c6a_r-Ad#)v<vg$0|ACxc*tp8UcY^QyfCd0D-(&^6wGA5l5aA
zV8Xu7ItfV6t@Cqq=V6S%X64b+gm`sAT88WYz4c}oc*xNA31S#3sa(kAN=l|`oqr&N
ztMIaYiJJ@vF&$Z7IFKH{dusg1en|^^qMPXLspB>#Y>0$T?IJaCivN3nN5x4A1<P9B
z*vw?)DZ@sh6R>>23M5mGKn1QOK5nG`Lh7u7{_l-}P<_#0*}PK7aXh~t)L!gm`p=tO
zi!pSzn(5oO%{HsGc56@AJ7cT7j=6w8qW(>n|IAhcGT*@M*{VNO<|;G8=~4C1;1n2{
zQ$5cHgP$tng}#FP>xu#+nX2>c@+~u$AFCW`%`vhQdZB3m(!?*l3ZKTlSYym{2Y|MB
zNdF#?YB7oaRvBg1`i=7H7$h`Cpb#aANXUqUpS0sO^jLm>FTG8(dhbK6GQ?nt_8p&b
zck};2?!6&S>%<U=rJEmc@ADpkqJ$Fd<0x2>e1QBCo~?d{k>FB)>6c@i_>X`O{8Dvf
zQ-^>3seT<3<yrZ<f*zNywqO0BBJ*e0n-Z;%DXjJuW$TD*gT1>335iOE@dheuCA<9n
zt6#p8o_ZlI^)0|_uch>BdIYT8$OMH(=JVO|kI&}kl@f={oQR22>pN-gE!q>!zW5cL
zF*e@?6(}{aAmF7YyQ{CRQ}ThD^wpbAeNNrxiNzIN<YQkV^F%L{l;3L$jixEJe9cc&
zIt%rI&04G`-r4d@bvI&eOvQME!?BDHUhc-ssm!ZuY=&^~3KBe_=(d^H&h2e1rA-9!
zZlzE6*AFf_b(nhkh_T=--4nEGn2-%M#8{e|$crO^U22%*2Bsvq654<;hZQyrii~Lt
zt7fSIm4YSRxDn0=%BHF$s5ksU@`WZrX>N>=&Y9>`Iaeo%7l#NwU(Y^g#)q&qL6i-J
z$gMXmAp63*N$|2K-dFa_XuX^c@oInkE^9`G(*7&VfDT7bM>%THnCyriEjvEZb~*iC
zTK}{E4!2J`@CPrT8xlz6RnNa#a*u+!F)llZF=jdb`XR@u?CHTi9m6)dB6QQ{hu$yn
zSQgV9jrOc0xY;10EZ<&|H9>E2t~-rEc$c!KNaRIOu+9#xh=Do^cxz;wf0-m5Q>An=
zS;Cwcf(wN>)Ua}}V*rK%W`*Ri;8b@d>Hok3w8gPa;Z%~E_`YtyB|1W^^;eSSVp2k^
zX=Z1QU)?@leMpW0=tk=<o7U;~WbZ$%{j5?eo4t)OYMktR-W>nE(Q!9cx|f<H)T6Kh
zs$|mJe#m;}pm8OBG%xV>3Y8H=u^(q)e>!Y+|32`6&;<*p0p(h8Yq5^L$#M<ZRNnao
zpg9-qG&QgRUEfmZ16M&(;4}i7(TW&h9=66`?e!HpK8!X$_1@yfl9*r&BDd1rR{6#o
zhreb>o8DLw&YfzlF<3@Z(6>U9RNRJn^7<Up5NO6U)sT?9Jt0#16YT$9C+Kb1#1>g_
zhlk<7;j+;`!A7;(Tw}Ty1$1rKznDJVHF>&UJu?b6*a`r@_jD(}rg7+Kdl-jUejASa
zWrrxWBK|RmuFBMv-43bLLR-EO>xoQ7mgYx92}zudiB@VcTa3W;REn+1h{wLA8NH+5
zGc?6wtjxMk+lgZtoEaO-?h<_IKDc|f%uzlY&vC*;WsT9qT*vs@DX<@Gh4;DdFuOf{
zOunoD-QA7Yqe?nz|DNL``4BB3s@qqaj?N)b5w4SM??us`Q2yh1D7vFawPFxvLun7H
z)QGZbk`B4p9*x}}D0`R_60rYUO<3|#KtO_N=?D`m9;WWdo@Zj(2y1n$zn}g!^O;lf
zRIfBL>9I802yptsnEd-xW30jRiPPgq-*16Yet2PfjP2OtqPE{~+~(H7A`*`s$NN3T
zw7LH6)jNUm5*};!YH|WUE3!bxmdMW`YZy@(hvEX5ubn_1YiOgNVGkG2hr;3(>41&j
zV}aTy9=`_-d%eze{>K~w<qn?{jZM(YMjQQk_F3%bNnp<YsFUcp)k<X@xbyH%+#ulk
z&h>u-I>4vtMMDtZ{%DX%aCLRf$K&DG?CJL8P4D*j(^}Lmw4C3ghP~6xm9svmsNM5f
zw*AxH_noCtx!+6=C;f1)*V0OR<GP-!tEx<c0v?sq?%i-o#>#U#brc+?LD*Q3!;$L6
zK>2)M)zDGh)+!&m(qcWtTSXO0+FKt~dA^Kd#cD_0vRF?x*Mm*_!PctTQuz9R)2e1>
z3#1szfOV#m&&GWG<Iuw?7)&eP!0FS`)=lm!nb&PSBkh<u*4Onu^O9<0N-p$m7jD<*
z^v<MYg<<{UFrfHEI{*-(bKd4);dm=9E(Y}s5V9MbC^ha8w3Q;;CP>HYA1_JMhC0YW
z4VVtk_GCj!85$$~N2LUN7lSJ8PhKUA{lmz43te9|-ud~bz=-P+PvU~lYN|d`O(weN
ze0k3giVP!xv(wuve*sI2p>Wyar;pSMzl?0Z$ZG*Lo#%H+Mi~blO=ZlJ*IBM+jJ$pH
zIec)34FW<%V6hYf5B+f2Yj>CF0+qQ4Y4uVaD<=sA@|;U?7=;MGTp;H7t0CRfcQh$`
z2VB)Yyc2ZclOe-Lf%nWc$3$uEoU}v;^^v)OT;yX)^ig(T`JPVfIs;DDa!__rD2qMF
zqSgqMuOV!lw@x>qeLTt#K8YukeDOp?tbm)}M4`v+w31M-hRdzeg${uie5Qhbvh?>6
zb?k!6zj;(7Q2$otMTVT%Y$G>IF#@X<5m;oZ@}P1}eFF8L(~DMbLW%tN4gQbQqwAkQ
zp;{SgynL={xf@%lz>As$!I=Y5piH&e(5s8!hfMp&dq=%$k%c5nVyji#^xDkDB9)L-
zp7)#kMt)dS9J($0TXLRl_x0;O&R2?Gk5KOGJlBC|xz=Wk+9#IEpD~{f>v7uDr;xPF
zv$uSPE$qE{c)jWk-V<^|>w8H(k%S>e;5&{XTV+Z#tlM>E>}L^@(li4C&CjXX`3SL0
z^8?KgFw@OmXAecrP}dI7`;=aYTiG;|a5a8h9PC|EgC5(d`f0<+ewjvQb7kDkii^V`
zdOJHJhE!Ove9cq-i899vfz}z{)Kp@%Ks+PTG>YEsCL|toG{2Fys}kYfvKjn#Xd;~M
z#xTX4$ttrSP@O1K3}qpF_PQ{2cpIqUQ)V9Fe191Nl8MpuoPEFV;dIhYPdMcL%s(B<
za`sZ@W#xl+;jj0R+WR@g-ErY=<aGqUAYMBFYFv#lZ=3s!;>J{Ir=U-7fj(S*?k+5R
zJj-f#*v|U>mRQ6wE413mT=0Y<BILLprm`SrwVG%O01Gy)3#F2Z*Zow23kqnTAD$DK
zK(@t&<KF*qjG9pQLv-=7y>G%=nVh7&042hehW&-G>W4nn7^m@=@ua+}Hx&t~R6)Ji
zlmHc#PG;-`_QJGL!vXIE&2%9Vvs|BEW|$xoeXegsXgt)!X~|&w;)1uYn-tBhz?9p=
z?4}eKaA~-vkJ8k!w$5|94nbN~TZrSV`($Vk2W8yT1;P)ZKA{$4azf9m`i6|K_`aep
zENf$Z{bhkd?z!Z7u1Kz99siu@GZL5k`S_E|hPr-N>&5TEhu*>MqW$OW-JjL-Fd4T8
z+2d>0NIJ}?1;JWZ2z^#cxp}0J1)vZdnuG;!pqB{0S3u^C%Aw)o3COtkW*59B<L--o
z0U1XI9{_OwhMQU-)SMUIr74w?qIduy$K{zZ4%bSh3!!qX##h5kJL(&HH&4_!kYdb0
ztz_b@b(mH+ML5ve6;x$mSRk|R*WvZG%{eDUq*sZPq40Fe5+=d4$VeHT3Ro`bZnZ3}
zaGKi*Tmf72tc||7<jo>a6w>#Oho|#hE}c#x>Do}4R4@`ynED-^8rg9gSJk-knD&0m
zIm#qNzc!`I0%L^%cExTw%BGRprd8Z<g#ou}ZDv8MxISM<){JKaPeO4C6F%8=hFAGc
z^xdKx+*^zldDjcLMOE6jVpy><LN+bB(XGZzHfgv_Q!Zn5gn}_i2z#fCWP&@y`d9dt
zQwu(yoljyQ^{sZ(=_KDh?xp&D5~R+JN7J%!+7={uADkGR?>c~goW<MB_yDV^p0}3#
z?Y0RmUZ#4-LtdiTTzguFdKS}3)rr$;Q63JJ$`K4B^@<zF(m!C`M#!A2|K&C5pnSn5
z^i^zkKy*|b%1|#WzPBb44I?D8_&{7<72Pc_uL=zVfm_M4k!Ft9l~^qaewVxi#Zm^g
z5hKJAj2^5@UiHn6Y|nV|sxH1%rLT6}e(9H2&Bbi-JstfN>DQNfN7dD9L_Pal>*_-e
zER!S(2~`UzST!Jko$JPj^Ft}Bu%0o2OKu5VwhY|61`{RjB1=wx<f~k{#}@dwiknJv
zmL=Dx`>W8d_&kCIoX@>~xQd;FjK(yHZb?v3(`_N6521JNen@XGUQ4(;GRQJz#|*x(
ztVvgC@ibCz$4%U@kq)+1ciMj?$*u17{XZZyO?DI(BL-JV!L-;?v;G$6xf|WB_3zuE
z|Ge;+(LLwTns?l)8<G}{C(Gp43R|DEuD<O$?>0V{c{DBq6`kv0w+RtuVWiFPiV!os
zxq{jO9VdN%$pOl4ICHLa8?t+MF~wQunS~88J4V7MPtGz<H=hT?xx<$^01u=djHWyg
zrH#JsUmz*`S*(uSO<1GwK4}_qlHxkS<1-k2?Sp7A-ZV%T-)sq$S5nh@h)kDEahY0L
z_iqyY^YL3g#NmS<rD*BcRW2TGs@^slEpXua6$iyJ96NJfQ)>aK%I3V93_Z!3`TvNz
z>aZvpCjP1*(o!NIph!q7NXLnQNO#8p64KqV3QC94aD>v`T?bOq-Enkx9B~}?o%+4L
z|M1+i&mOls@tfbw&diE9{czwindEmBnapkne1o1yGa^k5{XD|StuW4tm(?82;<>0M
z>bRPm@{7hRmXf9>`zYn^yz!gV28p)Szyt}u9Yr*Udq|oo9kJNH{nIwuQA!mR;H~z^
zUVJ1%DmV7s(||gh6^rO^A(Iv|EED-<NHx5MCx7cTyky*M_`yX70i>1yS4fEYS+8t|
z1N(K}&8gFkvsdMqNLgP#Y+XT2LfVfLzhg!FTaEBI6@GnO1mtpxST_wH*5zm~Mx5fq
zfA7PdJU(yf*_h|p!4=IB{i*unS+O$Nfb0QhbK<EI6<w!=*ic7Q1&nmXfeXhtDYD}w
zdo|35GHW#lx491xCnN^uS4Lq<#vJ!Q(|mGik9hK3AMvmYYM*B3I>||@izUJ*b|MnB
zL3XxL(z~hIcyyoa3sdI)m_<v69{<Oo#9~OhRN{i&sa0=@Z7!`@Sdce$bqGbmJQ*vm
z5qaWAbbY8SI6$~87~ez1)r<V$*!C!qYECfD8}4>fj$Swg$NM!PT>hbT<bOSOWx+;~
z9TPQOI6M^O5IyTivi$%teR1V|-_z&Wp(5g+iN#J+0|xx$13yZ1F>S1y=ZiF1e!3(3
z*(znSmg$({ysXs0CctV#BZpvr?6WbZ{TBu59#L+oi5mTQ(_!tXq|Zp)yQxQwP=ZdG
z)k6u>31Hmb>LI}=&fJZBxp>nJ>Cw3Yhh}uCIP}m-hTV9A{Doq2=?FOXevkVwMe&v0
zxXp+xj5tSs#{nA@fMopk1<5L8wj2ftd^0cG6|b|+j!ivOYa#Ywp?H=#O_<$E3(lWn
zqhCtAvKZ3Cg?xY6Yw|&MI_Y!(ah)p^O=%Z;0GK?mEeVk3W?a|qAd74*cHgDb6u#TA
z{9=kM5>xN!ZAcy)z1Tx0j501xWsMCU8GCli?zjEHfNm`M+`ni;a`Ld)-P%X95sfx4
z20Mz~zdv~79~rhaox8w=R~ya-kBHbz;3-YJU`S4V5rGjAiqirbBmSDN+X{GLk1~sL
z-67gtq8<Fv?I%F7zyCp(^7-Q81fo$+LUWNgA~roEsGJH>`jAaOLF7@2o8QWHrBQlB
z0mUpEuge5ccNI`Sw6JN@*YE(^IiPW*@UGNNhmd{EdCDNX6>iC9SkkHDR}l7AZP}GZ
zSL2bio>RMH)S9+>L16bm?+?Jx>%V^gCFeGS@FKgC2WUn+%2}-$y4lGVzapI^PP)<7
ziQ^=9$T!>6WRkm)lf++G#TEHxF^z#5dmh8fuxg8c7ch6@c)w1e9+F*=pE8hyuR8qw
zWf%>83Y!0K-_^dxC*WXm2XX>SCX~j8s|k9WJvUnC9qfS#{;TN`Eeet6vh^>en3ma7
zU%W3eX6!WNe&PBx@u7cz`$KES&f8|j^05yjG%T;g1P-i7zNCv)T`{pn$*9C3u-K>M
z@cu@$yX<XpVMTU~=sU0-s-Kc$n+wOhHYOtpWl*(=Zs*#0TpfGnXG$T<lbuAqk~&ci
z2R?LERutcEo{2-Pt|knn1cq_O3*+~4R8|nsHqckO``{-;rRt}g72b72CidK~(%eu&
z{KVcFuzN(fk%O$Mziltx+(D1A;sXubF>88Ti7$0^GB%9)*jnEiniB`}r+Yu8!K3<N
ze5takzT&-bl{nD=EPHob#joXShh;dq6EH;+;nD0I5lHlrplkGNTneQ~S=kV>WuVf#
zd`!^C07<0iPA`+Y|FU+qJ_P*0A6foz)%^@)w5fP!75ClkYQ>mtzk51QmDO*TeR@al
zlz$W3{YFjFKzXZVzsGR)zq&8>JG@z@>gGLFG&nzBH=fN=!aZ2HsYC$>5IE{7F1rQm
zLy=LZTK^sG$OUFx>~mr#`-lCcORYU=7<jH1<vp`VLmoV{fvdbh7R!ms?b)CWldJ-f
zK?iB9lotXv$WiXFT_5ET4&&$B^KY)6a})qV^TICHA)j_TRRe;Xu18aMBB8)ZRmutV
z(hFV!1E)_#qpcf(HTFQjkM%A)7!pHI&%$7CG1Q7}qrG|W6?5s9Ec4agzR{<R&U-%E
z7I0VU+;c0{Q4>wJEC3Yc7xHv#-5G-LcV!JxGn>O9LGXEQa~|kD;maP`dNyFvXQeMS
zraD{%S1LSF+=B%Qr}~sB#M{Y~8QRW`G5EpVr13d!!ee^{ya3}qK{MKmJ9#|URZ}cC
zI(YC&WAaO@7gONS)*BtR#gbUf<Tz8EbV^NTV~^B~<YQ8!&ho}D*g3JMT{@-E|Mp6>
z>jXd_=)%CP=pt32OBqxn_p@|iRgCUfX(_B}_QuYO+$0KT!VD8Yrj$*Qwt)uddNK{(
zi~)07x*IxLI2l0=Jnx=(kWEtmZjUy_oN@_lEf!*1tdHj5D(I<v74v|{n7->7lZF2X
zT>-b=Snc<JSX+vP{z6b2PQVU<F3g2#%;XWP-flg~et-ea4$a964ETnycN5|$<qRjS
zUrf!0u-8?v<aUoewyU!O9th}sWD}SMAnj2XL9T>+2X^~odppV1d`0SK{qqQNjarVq
zpy^_}f@Sav16&``2R_EH9v8SD54sq2HWibKca^2Qx@|shGDfyn6HM!g$-ey{_ppQ{
z_uhlI9G}7z!V?E*fh!A?km6<F*+bv3rdgqyzWYaVuA`IZgpnZ8`3WG>wO6A`<(=g)
zW|hX7$_oCLs^@Hu*}kjUMO9dkv}ReJQK>wB!_Vx1R$d;w>O7-ckfd_kG5uByGBT1N
z^zgBVflN&Nc6eSWU0WUOBo=+vUy*QMJ>=!F_JJg!Q8{C<gO`VBJ|VLs4W?v?8{p>L
zS?_i~x)PW@bQnFTx)#|xd{$6#c+@5K{%z4iSIV<{_O|{~iV4h2p6_~%IQet+&y3B$
z(*??N>jz@J#z|IDpUeeqh|}sQMq@F!rnA=u95!~%>W~j70@4w8X08WfiaNn1uTXR9
zQSEg!Bf;JQ+mZ?+(_6yX1>CMLp6zto>(Z@!HNXHeWg~{vH|`lZwXS=E!^oe033)CP
zk?8wC0~#-z*6MNYs=UzojGe+*&k8l;b*gD!^AeT&lVLaq)WqIYJXznXytA=ElG;#_
zPOca0&bXb%!87ABewe9R!m_ii8oraziZrI?LBKx`3TJ)G9+=;NAMl;Cl#3o~Y>XD|
z<u?G?u&Dj|&FzABevMD#X(TjOMzODMCvXDW&fI&p2bqsF_(j@iiLj(<5`x^xPS_h*
zT_wD~UdGu@krTD8>!Jsuh)T*c`>gzWRAkzp%YP-659!HdJI;QPfW00WWOTy*mmUTO
z;h(TqH(zR?5h&=w_@v05kAwOeXuG3Q8Skst(_eURmUj9_fD%!SO{e1?OMucJW=B~1
zBqqT7^#1ctQR-PVF@oYn#6&N&-_pNOxX*l|GUhRlLxep2hwAlz<W9uC?S4p!-92<t
z6GDS7#>)~e+3ImBAmcMI5yo1T_Z=FREk2ekcijHf-v@lI{6+;I@(U2IG!!3wXSw&n
zvcoz^ox&o12<KC;jEEMGU6r+g&SEL~e;NFc-%`hq$#Y|LRYMAw+^g(U!$&D>#dPk|
zD(R_bQe4?zsVNLYgtCe`%-o8?s*RF1+&=q_JM3tlIN=ZWsRwYYw?C0Sooh6adVYTp
z2>57jI5lzACVq27ZWReMCT=*DV4Y1`#BPp+RL<LV`c(iPt}OQvh*^X&N^Nc-M*s7a
zIckB|!`nR{oZ!X9zhzMHs!0lg9WnTps^FQ6myD-?HJzOn;*x4CuwLn^v}dL9@ptyj
z=S&iE370H!j~-R8E|P0I+D}FKV|nud8u>Za>SC^;ObwC8$HraXD~N=9tp*raxOke(
z$$FIrtiql%sw-znrW!8O78#Kf{naN$5k5Ilb93n1-0mYITP#X~unF>ppierRY1QCv
z;pHJ#3&Dz(iTIqvpe0#ug%27;$rhjXzI}C;dBsvu*-J@OJ<PU`^%Y<n%`yo1w8h+d
zi6!_GZ`q~~KVq>_osG5ScdN>YVJ{AWuEya9bbIj6`Y)z_$9i8Ta{V%@ohgZ3QhW2&
zXrH611p?Vw|7*B@h1ZMI+-xeD+s%KwZmOJa><6vyBRMc?Pihu5PGW%ij#Ahq7!ZCv
z+|At?IteJU*ME^g`MxHtEMOlp%|itLLp%iyuTv(HC=J2?=g%<BE$cfiMpXaMl-|lE
zF(BoUR+_j=RG8-&lVuS?|FrOjR%R5U$%^0l&OiSae+48Ar~WxSv-#(>d?!(B2k$>i
zwh1e>;HR1F!yidMi+O+^R{EuWp6|3x2K?jbunWyknLPi&cp47}C5zsV;Ct+{GaIx6
zGEa0MW9RtYem{cGHn~=+7mu}CpV?jatnQUZ2fZ<yvTA}L!?UbH6BSZ{ufb`yhIJf&
z%S=PzPbSxPdR@fjJBRx_9OspAVLQPmoypIVixf&bsTOqk>|H(Ea)Bg2EtdHT3YQx`
znkb{D@LCe5g$s3wcfXzQs<SQq1wm-1`>U54vDkxA<zjxCJjUgn&t%JqV<kIA!|o}^
zy!vn}wDYg@H^TWO-g)~BYoVQ-?*{$&xR%QOR9UvrM>07`AyA0^OaI%^b7)+tCF|Uv
zK*<_QKEVDv-ubW_jXwxf*A@OY(<9xJ)HrTQ7VgPj5mG?$>W7lFY}`^IoBb`ee_HbY
z!xIm7{P72oDpF0C7f0~yzDT}vH;CQ#ECjq0s0g9mUa>nT1RCnR4gjHd?QcEDWH6qm
zOlWu}R-~?{?E6v+Z_WlH8dlZ;2m*nHDtP3=)A=SW<TgJ`JfH6nYO6t`HpA(DaEpYN
zYG|#T|4D~W^TT+WptsL1w{hQrPx`*kPm9A2y7hI`=x&J?yFP67ImVRs47_L_bMv~(
zs2#D6rJu@hprNZ8m$;X>T;dS#whJOl7m8>nrqh3WbHcmKo*-Ud5ER=2Ed1)oayBX>
z4(yN-eym{`MNgiH<3B=A_ICbhz%d*pQPk<IvaYW24z%^d_`hWPiN1JYdxnHq=vz1Z
zew9)$T9EC{7up@zv7+w-e3UPLS#wH%iOI>nBFZYRXt`aa&x+f9A$15PD2`q)_^$XM
zY|<lE&Z@KqKyP94Nx1{PS#!U>xPXD1>WfYS8#uf0myU15&!-C_FOTB8G$UQ|Xv||G
z-Kf=(E7v_viy(Y+=i%y8{qyujE&@ce*Mx%ZC@t+iD#NuVmaimSEtHcM1wUQWzxm$u
z8nQ9CKz-7{0_5IYv3kHAPj(0G7OGL6Mto#b-w1$Y@{JhTR9rHH3G5%W#Yzjg@41x+
zl??KiIHW(|Tk>O5|K;`x18-k%D0eS}CfJ7Sohm(r&2NmapI_SeYEHarf9T?;Ar$G)
zZ<0ZqKlsz947c81(4##zt@UF;X0-qBzDukhTdR~hpR;Vo@2G5U+*!?;9E>~%YR;kK
zgo8YMP5f2oQ=m74-fP-WTzJfQ44-71@(7Eej@{dstSp>be)U#&eKIn5gN_q_!{3W4
z_mFxxy+_9q>WzKyNhe}CMd_*0LgKhzm7g#@TYcS&4~fH%WRa}{>{Xf>UWghAR~|Zg
z3Sv>0J=$u@l(P{%MSzf_0Z(a!LrJ3M;JCDWG6ZR`sa+iJxTkBWY}+nQu2^RrtLF3D
zM>6&1O9LIz(?pUpU%KprmFeyce9hDjNm#Uez|0`l_>6&EQipE@>ddsL=JOY&m-wHm
zgC(-sIhSjBxZwWtxP5d_eGdlcX!(3Zzt#O52UI5$O6ECV5Kvi0yc+605oPWI6HN%J
zFxK`Ws7{XO>U(uk)07*OrQQltVogb}3UUr>x9h4=%niO!iaVN3fQb6P)94QVvl}o1
z`})dKRk!Tf%GKG<MX*hp6Y@eWm(!M&Cre}jM57zY!F^Vb>TpG!A@!Y3Znl=j27ncC
z6o48@zLiFKd7SN-UH5JWHFe$PBP5bKe1PtYi%`6@LFG{Gy0U|sQ%}=vF560SZxCJH
z{2~YD>)5O6S)TA(AQu9GrU`C{;I2?^y%`gLs)22RKr$LjT_9e<yQaFK2;iTq-@h|H
zBtI$)^=NDWEr`r7h#m-WyIKMK>$vCDZe5qf&0fHD*4`ISr3mB!*fzDv6TZxec8F&)
zFKsh8)nTJk2ey&mriEv`jldzz&e@yid^V`-^tYSgxk*t>;c`T=(tZz(Y>rYYU%7Np
zu}P-HB_ObD`K@UG+V5T4r&eGI(=JZR+R10PD0dCsFA}%{Xn4a{u8tcJNUO;>sH4D?
zzEXL_FC=vAxSYTre8Upt5a%RQy9cu4KIJP?g`Kz+WriFMghy7d)favTxIS6!6dK{Q
zeI!fCgN&GYZiJsXSbcEw`NXwxdTPzc4W|JvF8e!^)x&+miz&Wvz`mP1!SgIqR&paq
zJNv2jR7U`bf(HYf24ZFr{!fgb>m)JX3G;gG@@&J__38{5MeNH?k1YtqjEEBKakmuR
zUIKhi9@zfqCr&x(Qv?_9i(ber56+P<O-0^mIQ9Ab*}}$ge(=VrhPb_btU}gzGCOtq
z#!@<)#6<{Eb9L_DvtbRI?b5Fy1SvMVsh&Gz>_dRM5TT_o7a`$V2;4S1TUA$2Bp3bz
zA$yD4f=YXOZMRFR)4?`LG@r=!!anYHt7Y}gxb!og(?|-aTWAEOf&#a9Z)49;&{yY9
z>-S_;F(1ZNmg%b0HYX<`_^mo@L_@|ewC{<rd}QgP%6voPckHUXq1Kw4H;!L?%@BrB
z*m3*6{+rUFA>-g@{iErn_Tel)TK7Ny_+iMzLFG`do?5jmBgFCY8P9N<5Do5&0ip^P
zLUA|_wGD96?_;+s%({3c^+mrc`y<3E-9_3s9(3P-+=6Iu7w@)#WY(WqPK-wvXL7fj
zsiywP6Bk{L><Y{|&b|NPv(XbE`QE)H%48FpqT6cO+8?$2DbUM4zdm!Hj_Wg0U*>%G
z*zn1tzcIbE^vNd@WxonZw#EP&4)pc_+(03*h947x&=EY<LG>ZWj=~vi-{hP+%Zn#s
z6Ib4akKJ@UnZ&C<QJ_-JXEhy4*Uq7z5)H+4FNg<>vehwc4DEnlt;}*C!C=mpc<-0L
z?S`O0U+%yIw^Zt?)-8%_B6@2SyAWMm(4wO8V{(Y?CGR1Ri~4@^0BC)!Us;|EmNubi
z&hhnbF=lq-do6=>#sX4Y+_`UbWSDd=DdR7hpEDz`UftTc^LH{c@H4*8x1f<FcH<=;
z6TjAd;IkJ0wbucQKd-2aLZ8KR)1MqIRBIfwk*A{!g?I75hXT%ZA(Z$3Y{%p}+}Rm6
zeWm2?Q-3{(Xt*lNXun>1f;yd?9gX{P)5y?_pW5y9F<M4KB}DFdyL2m2bjbDbn+I=4
zlE^ZnlDVMB^bhJ$f78P@uK*bpKq8Nb{Ahua4E{PCV^!V3obRh91#5xBS<;Woil$b-
z__z3NH%4N--<*>Kn}jay1@-n&sicQv5Imb(gRYZX<3d(hEl}=d*845tqyBEj%WZ~Q
z3Y15$`WMgCS2KUJsGc3Pcs=|GST!VHmFeVYe;%citbAN#N@ka0xebu6l^1J?MJLHX
zzv#7usQ(4-?{CG+Sc<c?@T(q4eT`>US^-3(RxaPaP`VOIwGp-^=HxkhZ>IV5OaS5R
zspt`8KVJ#TOTn<g5`+D-oEmLwoZFjuK5`mj4d{IA6R+W~;Kh8YN)q=~fK4^r{nY%+
zB@37Ouc!jBGn}-Pl*p}@5^G?@lvX~m85iX#(~P7vHZ5Ae<nLE%ttiZo4l!r`(uT)s
z^q(60@EHnglZbi89Or~VLq8P>Jx1qZAO|N6*CLr?36q^{6k5Hn?|j@jH951OV`EH|
z+i`LIQo0jcMA;c2MVbVsZvHT0m}lD#+__)PM_TaK`A=(l&qVCzKo%Fas`jgG9gV`m
zdmKu13~$1+@p~+lSyZf8bWSAjp?PUNhIy=iy+SGRi3^!#bbWwMM5yeYaBnX+@58+7
z=3strp(n1pT_f#R4VsE)v)eD_E1xWXW=6M%9LK%RBEK$+l^Q1lHnK;E4>vbm>jNNr
zd>eI~g7HrhjQG`35OuwInu=p9u!wV7zCqaabw6&!8%aL|aiCAXz~1*L$KJ#lY9nt3
z^4r+@1Wq+#N2o(pzQX4b?u#V(+<mXM4J5Vk;Ew2B*JIQdE(!IZIZYd)eN9v7tXjr3
zND&3r#_jsWm;izz$~Lkx>z^c{4+_6k#XK_?7B4L3@4>eCVpwPy5+%!%i@<&~f%kWe
zfcIlgfEj;Nk{SP)Bk9LL%8%H>-WPQi61Kji^8CYD+zpuOLTBSah7HMv(g8z`Nq6n!
zqZ0R~K!V8gCwV)KCE|ld%B|f&lZ+~!9W}JK0EKmhiCrI+1~a|B3-cE@jpH`&E-5Rz
ztEMFIXPexY>f5T3hi+*rALEK%7w&Inq)p_?@DO3TG}SxR9u7Uf!q%UT)kcnG(D4Ih
zV0o+iVUNQv7!sYy`uTq4Ee{9+zJt34-r0(JHx_}$+@zc^ye0Mq*4p%aLyuL16OEFA
z)5wr3Hj#{Ud=FQ8hr}FHe<DQz@vyHrWFE?owO8rnrTb;K2ixBo#R~jYcvwh4k8o2`
zk1*Q!av#2@FP)=7ojgfOt+H;qOsC!z^xO`^f=*pfXcOkRE;znD9^*o$?HCs=nO`Q%
zmVKMB>eoFC*bchovd_O&0qFCe$d6=SrHj5HO5Ajn<lb{AipFNjz<O?}Ey>r(h2GO>
zzL43DS)dCawTL9JQsa=-RNnf%_i!usA5D(YA(nMnc|?@vHZ`h<Bg`SA&LbD-wX*{)
z6e!wS%I5iA?T!*&241;XwVjru40W5D^9)>3zUMVLlQY>{Yi|ITL%ZtyCVj^S0pFRl
z=4*Xi=-il_hl8%>LBwSlFLbU(i#9Suju!e73U|y{|G3dS_k*d`ql6E1)~*z$i*)yS
zjb3B?jdS-TaAjpjLD}|cO8Hz&8H|swrmCJkvJ1;a66Gm_>$$*yC6W&w8x)a;&e3!7
z1vNj^p~6Iz1OgA(WeYbZB)yQkv-^YQ`Wz!CqvIY(Ym^cyfBCkHZd#MO5qNVS$CLZZ
z>qu>bnm%@JwIPYeJS3gZ+El*fn?;RPN+-3Kyp}O?5d2R;=K=g8O-cMBXa%{`zNde=
zAeEA0C!0NManA7Utc_gyQ(g6YL9s3N)m>oMB!g;U>^YB`v`gljP$mld7qy2X!4z*a
zzVi9~8q?c)ew*B1*65Zo<^9KuerkFncx55^nxH56EJ?}VKfMjxq02~zGtp+3{`23)
zVFMrW4+#eHA0Ao??2i+^B=$VZ7#N5KbI<3Fg;-IScx7&RV&2`s#8JKd4u}acF!{O=
zFxEU$|E|I3*#c`jGlL-1L96z;%h*$_vta-2mqMBiVc8SsX9Oh+xAr5%No1mnQG#kU
z=kmo_qc;<E1-vyy$}kRnNr8L69e(caWR0wmHkk6u*-^bR9;0IneWh4o3vqXLp;9YL
zw_1#96nfw~`A4}Z8tj4pukq#;pNKb*pCGra^Rii=3_Wu)Tr_+_5LS<qDjDhYh~La#
z36Xg>Vs%5HGWJq{mozCmAcnsezGR(kR5LU(jK>%($!9nWZ`V2aj5{@$+S<nT<Istu
ztUIxojuzwhE+9|8ou#Z>%DUR~lEE5d=LTmaZC#q^6q)Z}-0R97b*hXqlF?KkLBi`q
zJ(@*C$(puwt?uSzr|`L{BhL}*ryJY_>^$a=bhkc$DqndE`H(Qx2um`I??4)acq-g|
zk1Rw_TnqIRmGp(CCkZb&FIQ-HuHhHGH%ra$jY_7D;*VH8@x@&9iI#zeB6X?c3ZUuI
zZrdLWM9fFEu8al}UbgiE6Oe`+LP=!l&VWAkwi@ZpWvKj7ce5`Od2`qC()v5u`aM{u
zyyuql<=QG~Q$D?m%3#V0R0AVgk>g`i^EY1$YD6PH^XWAs=3t(j439T2rm=-``fW|-
z{GM!E(vr2?<To!!ADI4KpFQx<G6>)rEePfkXP08I3ZTRe4_7wdpr!hlwPt!p8JciV
z^L+wBKqBAtvZg{k(4=NXnohW=kLPgB0Q^Ff*-}D?LY8QT-B?Mwp&<z`^_~9)ME}4s
zir!A~c?)jSsURG=7mo4l!A!>Pw$P8#DBkP1zG)%@Nom~QgT-I(=xK7V0f+63-yW{%
zWnxG3<kzJezajou9_6HVSZ~}&XPS7iro>$M5cA(2@kc7Wq#0Y|q#57iCR3*Lvf08L
za72klXrVr%W(Ru0=0P$&iO&Ld@qdPfKah+s=FT1!qKXdXHS?)ccFGYe4SRVV(;?@t
z@ip?dXE7(Xj=u#)KYVcNzieIJ8f3M)S)u%A>Ld^<d?NQa6^Q_+`dEW5%5G4p+g&S)
z+ZgCWp%ao<xdh*Q>nlIIO4ay$E^7MmJ&<$OMtr3b`PDmjn>AZrhBCyYO`V?;Q=Fni
zK*nQusFFFP{*e5!oDn|zUxdJ;3<%(DN($fw#vJwN(Ga0WW3GYwhW<d>l_ELj^I09W
zl8R*Bd@<NKkKbh(S&N&iS*v&kt>3wBgQTtRxWcNS<$?tD&SzKy$<7SDRUZ5-`%utC
z?a<ePGM_Cb4=n@ABQ*)OjuJXn%-`l86<Cm#eamPgY#TfJwb31B&^)!9Vi&D0Al+is
z`>{i7whj<{upK(SrF%b1SH21Z(pO=FonjNWo|%{M%8v~DhkA4d9YbtLdlqS;=V1QW
z!DiYIE{(rzZAn$UGs!@{lM?N}{+h+<)PnDyJ&dfUd_}g$O5P=^>!D-vvZA>JvmDM_
z(4bFQsD;#KRpZ1RG6JY=F0jLv_SKy$|BMyR6R+=oi*gbBU?3_&a{y91r#;5yeYX2%
zU1GCqR*JirV|EY{muSiQ{6I#20Ab`cqTjWRbtj<B$!mNb^bNySY{8_lZ|t5*)+f4&
z(nqG{GGFDezkeFHEIs16ZnB*c`qpBMo}&9b0Cp$j2_v9T!pKNa<(+bi!G37y1F;KF
z*sUzt;k20+f`Z;32HBLO2Td$mGx9hyY?O~yC!O}%R-&R?ZF5$_Rs#0p4aQw-=CD>i
zk7@HxhLl(ckU%r0?XwDJ9+T$yM2Kdsyv!a&I2^p4jr{U@o7#ol@MopL5S(<xZ&&R2
zE`#iL`}Ze+w&Q*fR&Qim$<JgLxVp*D-;`PKxD_*kXI0mnFxS7VZ(EoIBX8)jRlJ-+
zD3idl2Lp+ARJl>hI#VIR-G5!f`b}Jbpq7C=^&?9G76GoYw;zmF1_<s=`*>MXPyck7
z`^Sw3Vd(3@v8p8^<<=F)E?*7DODmS<0BYFfQq&G9WX!OQM>En(y4T9CTLxAYF(WKk
zzHruS8PHT7G<NteVR6$P#}_<P{7qB8pwRQGH|Tj)l=XX0Ih9d*&g0t-aWd`pI&{II
zyyA~G$O>5XG=1GLuy<blN10K0)VYmG1TV)NAEETK?}Q5p9o#Gdil9BF62#W18_k;+
z@!&JT3XX>v;;LSGMii{XeOGd)tqG=#vT#{kg%|gdl-ej;`1>7tRhSyj15*l<4<+ND
zpaY^VM$@iynQ}UQX=FlwNofH0a%*HH_Zo|i!tc7#nzmLi^NYTUTS#h!<K&}8F|DAx
zFEqGfc+|eVRs)2esu$DAr!n-L*BfyT{<sqQzi|j#Z62(SpSpdITXBbTA@%2`<;{-Y
zEyPX)4R-hK-?;XGv-)ltWT#fNYr?x!Q*@RR>J4_iZ+mVHtdVJrkv9*&aF}ID7yUin
zxkjQj#$=?Nh8J`d#8zG(he4Jp_tiM=5t%6?@HN+R_>fJJYac8fQ<_Wow_0-1e*dhy
zAo%Jvd)HC7X?n9g?Q<<`yJZ7Gw%e(b2dUMtI}(x}=gX|GrN1*Y=aq~lXvsts!csvS
zq|4<`wcz=jgFV`s<ZsMN80jja$QZE*89totWMGqc!dMzbx6Qe=I?0<mURVRwAz_5S
zH;+!^#T`j&bu!)I5_PGPX6PkeN*{kx8kW)6%}Rf-H}s{&NIJ1EufM7He+i^nK$s%h
z>B%hxBKkR^H#$;M0-axLNHob&M5I<W53p>6rEvAn(8Ojk@29_TO@Axtc-2(nArTaT
zq3W2f#ExoWO9D<#unH@1VN(xpv?R^3eiMl6TRXe-{+CbHG&$HET?lbLN$Wg$gY%I~
z=3csrM&n~iW!@WW4{X_lzg71@5FU1PW6~#Pv}pl)j7A|sLWIEPIq%n;^TciKf!g;x
z@6sH?w`Mkh^-Y|hhGY!4Lp{`PuGOjZHz4zz`(e;1h`rME)w`BeMr7pLw<i>%dg=aa
zVoOZV12#3jVt)L+E@8N}{4sW~pUJBS?d8JJ_{>WBsrmHXq^5XI^p44-(kj>kNQz+M
zILyBf;s}N*${&01Xe;He@uxS)?UT5<F1(WVyl7Fqymlf<EqMoV>N5kl6O1{i{kGUO
z4idL9Pk7a(Bz!>a&PRQiRv&&us^K{mrQf>!8^PE8cwVWr^pOo^8^*0CXyAQKei<bF
zLup_f#iQqFV6S3=m$2MAL;4qzjX1<1bS2sH*j10Z^y0_eLO1=3(`-#}d%1BHCI@cm
z8Y=JzJ@g04GmEmy<W95INFf3ydxgiJMn7p+426ZDUC?Cx65XZhncmV@Fh4O|vaM+T
z)7-|x6R}kr)ul>Tm=Nr)V77~2oSyt=54Gi|SZ=P*c`qJw=Z)kS_Rxt-$C?JcI4hwW
z#Eps1qg>y~SKv0ZyC0YMcT)%f4<*1w;=z+BjTVt*qZ}_WT13+Y1I!6=0`K3It&(ml
z39M3{<_AkFSbmvYo^fN0$0Z)CXUE9CoY0QF<6V|$qW_hSNB`{bf&7T=nZjapd87<i
z;Y^Bq_)ii=R$i*=XK`euk4g?a1g?gfi@WQtOei#}B!mySFI>o6aDQcJK-@8Fq3!UO
zNbsHfP&$&L6kMs=Ld*72Yo&n1WzFtm36rRoL)(uF>;Jxh;gK(o8u_theyCEf!?kB(
z2;Kf}%Xq86wYja$j4B`N0&#ZINBS8F7mqoLS<s~Ep&lsg#!4~m#4@~9`V;=$px$k|
zur;B<6JwxB&2SEYC<`={w(Sonb&igiEe2yn?N2^85D@Tg+YpaP9dIcN+0NsqcDp|C
z6#pz|basxVIyHK3GSjivBp&+0)@b9VHZM+DAb8u}b9{E6DO34KjU-7(w3RaE-j9SA
zqDARqzjZTmggx=?{ZBqo%$Lv7S@NC<hy~Zb3gVFuF9!te?tga)RxeZ?j|KbF8R6sn
z%TY`s6%)UUbr)xgp)H6<^fM)PnBtP?!;);6LB!BNBeSexOrH4Sk`vEHO}Hs%(RlHi
zW%=wT4c~yCP;INZ(85o+j}P?d%t%iGI~d1DeQB<_ems5rdHN1Pp=WsU{e@Y=Fv&C`
zV9;qwokdr&{`N1||6G}eei)sNei&_mei*I7?4-lMBjfmnNc9~{Pn6$d9d-JWo$~c6
zXr}aCS<V04pBH~i#+7GF25m(%jdJy9E3%hy`N9|1cmUBlrj$|J=DBYKy;fRU>%QB(
zJIVX=Z6#y_1-G*yTU`Ps^-4}R?-hg2ux${}-Z#|b7vjH3*C{oQPr`VUZsho~sBiIJ
zV%yWt6z$^C1bn7e31c5ZWy{$1G`?sRZED}eHKQ}Ax%kGfEBXA+Z(6%cfNREuUYmi5
z!7UvXAKS-GUmo++MUj$zJlg-QGOkNCSH|bl3L&<HKRb?qU#~xL<-_2f9>?HD$C@dT
zv8G7cs!K@Pf_YkMbrhl`IS}w15WgGh{DV+aVnDn)<So{3ycWQFuw`<KVW9AK#GB#H
z^Z7Q~;?;{K%`tL`m)A$4$vDj}aQAiEgYA_Jb=JkT_3uappIuMW$|KE+aHyb-_vH{W
z!$tNOnBrNQDCxG;O4(PkzAk}6L2$CID|qtlV9x%yK4ZLW+OfdvgTbzn6dbO(3!C`Y
zH9;@S<7zp+6n?g5{f14CE_S}OD5qPJ*Wtavc~8L>_g~*`S^IriQ%w@t&pHuQvajcH
z!x<_R?F8elK^!lC8h%%~c+mCyiUoMh@H<4BI&0;|w7$+_d#o1a!m*QS%<`a!ESfYX
zy>S4yoonXa*;_Ka`z)rVO4xrRWI{XofF=nG`v1R+QaXPvN348m-Ml}-`C7Q(1D@&x
z%ILrr@<^(fO$-&AFjHpHZ7o1Iw?y!2+mf5i0K=L$=|g_aBw*cK_~L>ti@Bkkkz00t
z1`G`|{O54TVer;dF2~7EIofr}GZQX~TCw{ZL)7h5Tw6`AGMb`l4uTtzYJTTzMYIdL
z3JiAT=GdaWw&|0pGKZ;Iw-2;gG~jG|qbo1Yr5YSIPHr5PqiA{07wq@~+bkf{E4*&c
z7MDe2zqlscl>;(lhV$sBD%89yL}aZZy=U`G_O^;rWF}BI6_ar1`r6C-)w1a8eFvhJ
zGu6m0-CbX|8du-Cn*$5ZC}ALrkBw>+eBn+wcqL)$u>|d=p}Amd2sS|c=<;$8i47Oz
zl=&Q46D#6-ePJPjr$DiN1V!#GLDrgqi|s}fatq`PbRBSRZC{~KN1RY^)FmhM`n&*~
zx(F5pXzAZx#==q8EyuI#ZJ_JZAVs$^<iQ{`CiQv=%Qvh{kr{rJ$d;%g8hJo_c17*8
zP5Tg@*6e+AbF%i>=Q1`XPzWC-Zg01g<Mj|s(7nN##vyfz@@<^FE-7|PMtNUS<$#$9
zk$^j5IUIR*{a)4*>FeA680w2E00;ZSk)W|jl*eT+A!x6JCUW2$_1s$!d3HM5riEIX
zgvMcAd19QIG#p#GLZK465EDqRz~kA>uF9#o*>~mBG=zcev?px6XR{wj-9ZmCsk3j5
z=Bk`B67OQMHc$JOR!KGQ$^VjbQ!vnY(G|)`f@%)BI0y|obF*r++Y10A$-QaL7!i|;
z6?=@Hdkwq`P>n^TRY%WF)mZ8|lV+`abB$SaQu@@ckHd`h;KU=9cmsvnZ{qEU$;W%o
z@e|&}rgPhr0!0^Qh{*|>%WCeunNeM#(dLUTFW+n=!f|;g4S{epK7yf|f#eG}a8+_`
z%Ph7Xzf0p{%C>wp$q(~c`O_IUmd2D)^zqQxy-%|*1#Hf{yrbut;@w!lnGhsgwBZ`e
zw4#vHYu5@dgsLv>efn)rXmb)$FHI@EFq_4mME|r~epOBlT%qcU{-!zg;%e^KU(cKN
zSxmc&&&@_6M*zf{<kMg|WV32RzER$uZm+SfT>kKQ=UoLoC-25dThSqI1#FHy5Xsmb
zS?6&9I_Di7gt$W<|6iug3wYJo4`9}i#hIrt*9AQ<Ppgf7a+Ld(lq~?(zCMrbSgJ&!
zi@jkrv-5{PyjstWAl5bhgVn!&&!chPmJZkxhL+C{WOs-<1e&b$3Cw5mGV^x89Xo40
zmLfh2QNzuL5?A(I|9@}G!eHz8Jy${$%FZbj?6aynaI&KqnYLl)LA<LW;hZ=HJCHtw
zZi)n_!$J<}J$gC&`kA`Bun^nP^uE>e5+y>?1BBPt^a7(N(Iyf-sjK2Dz@tH_nrX!9
zVQJmIy@0fBbg!v{BY19h1%B+6l|r9`rJ)d&@XJxrf|cgNR)~UGI?ZoC1(zf)z#%e|
zKyp>|_I9-IMfGORWWL80e6wqE+p(w?K5YE3#ZG`6l(OXQp2$1?rE^BlSF>f$9H&-!
zCm`c6in~MCdhEwwHGr1HuY*>Mdvayv$~)d3{!>>?(+R2$Gnr<<)NZ5{RAA=iQBK>X
zv$F<BwIy8V->XUdfngqESEX!q_7&QnxLnYTy%n%=&8|SYjeH6nzr1DZTfY<tbYCv9
z^NKC~HmH+3a~M3)uD)8+-qAD)2<M$@NFneR$v6-4ZZmN>h9HWh_qn}l+nso9<p~Q@
zX&2Y2<nClEXKh{^`k%Db%y?H^{e-PwAG$zX3>^4vJvN|_n&^4tMXCLM&S;?FWpwr2
zdRB>Nt=M|Ni^f%T)B`Hh!`}{6Kw}$|DD5>~VjaUAcD~hW$7kVM4jCisZi@pN5c0mx
z947;594DjTGy4p@?EiafzM{V-vS#Ml?;ll1sl)zpUKy@E(!ZXCPAn0`Q4!q88tmAW
zMPq_y(a768v7``}SUGvsqYx+TV(!-5_#@O`nm2E7q+gWVc7-6PacbSxi%S<-Mc`I$
zIAcWlJe)<c#DyGaoPdri#Enbc@RppF%w8Ucv^{|>r2#P5F?;9mM1zMct`#}0=nEax
zjVS!0HYH1T&ToQCPw;%tYjv$H>-1<;1Y)8{^|>fTbk9pzO7Q&RY;q8>o};TQ9BKI3
zH#*$nW7lc#UFe|aRVCNe;Xd4nd(OnUEp&}xW4&g|`V)|5!#8X-*l%AkEH_i<;o|=j
zt~N&nJ<8d0h)yNAWOTDApQiMhvOV9(XwW3*kwfbRvUHc|k6z|>{hdx~W*(RS(#zbn
z3zdwm`$+uc;fnU*v92h)eSPCPr@7f)yKsqEiYAvFCu;5G$%UrfY|q7rV#_Hv#@v)W
z(5r~@<8Ifrwr=_DmFD+q%ZwQJ@XE@|mXb|!{O1jhwUhLhXVzj$rw<MYA>xjrsfre^
z!jD?Usph6WSOi+Myv!#}c~ZWJcT~j7TPS*LLmLRpcLq?UwmZ5USsRTwH*wkhAg+1&
zwivLL)+qrW*Osqu)eF1m>VZssbpSdH9HY__PeF)$ugl1fo{dxcyt4w}@`zAT+flG}
z8iu@5NM3H|8VqF3?P6t!=J$}1TjN5R7!aIZ2y@)28LfK9QJk<~sjc+V-Gj!v&GaOa
z5Po+<tk&8W9geY<$}bZuPZnot4l{EQa|mmv0m5_0slBjm$muHIy57YuaI<7Z?sOQ;
zr^g%l@6BMHEDB!~#r2n<Z)T%47E9aen?_n2Lq6%KLR?P#W+m4lu}&(WJbm_wjJ>lj
zoka5#2D2=>2xm%My~2d^M~L{0FdC$m2u-)}tk=k)Fqt4VT2>Li6|Kl?Uvw!q(`{y2
z<l$P`bpi*zKV^lxI(1LQhZeW30W%f7bMW``M=_gBRJ9Y2MhQkgSg0`zPLsBFuj>}^
zpdoKoffrmeaUH;PR36IVfyvE~T}v|4!x`zj#z<{ftm)G2Lh?nLqf9XwBUK{-OvBii
zr$4k;Tk7T6Eseop(!BJc81`!YNNizo^%nVa#ZzD=8cVN5INJ4COS`4<{H9Ta_9R?j
zcU0c8&mx+3(A7ymPC5x3;59{s{Pl%*e>|r<T8fy>P@#GH_BuM2ZmpJGooXo1SOF-M
z;CyH}SucKac6j4(_-0I$v@K8Kvaa(%xU=UIA??t?qup$sYpUdDt3<?1A!pbNfPMPg
z1rs7p?>IC(3oE1TJNX%-iUMg=ObS64qRB1(W%TT+dtFa$G8Y_P3fo2c+6@HvR(PFJ
zab;soD3Jae^n&TM+9BQ*l8wJORPZt@`C2g&2?wKG68MVeMXpO|GrVq#G%e(Kq2w&g
zt`2{4j=#OGp8&@L?pwR~Si5l2FOA(J+85Tp$kSE3tT{=eGq1L`U_(<Q#$ccqbb5i7
zMwEZBqL+0%nJ-Y>wX~T3q0<=bC;GGpBY%|S>2p`sJld|>*>&%033T5M{g$}x$O^b;
z^O`hbGaaa}L0ubA&vzUh`D;Kfta6Cda)#d|^#WE`#n%@{oCk`WGdqIw)Ex{S&WF{*
zs0h*NyIAMp2mD{;-15q%M|nDBf|4E()$RDSq&^@K(bf5;Hf*)=rqSBnXP;AmuerP2
z==a5Y*|zrvkThEJYisj*0|%jO=Ua?*inP3s_XZ(duGLdC1kF<iic&cX9VVWJXLCV7
zJihpEEZpccoVGvikHaq!IkuVP0N3HUBc-+6^b3tSp@`9AYL9{P6Dv_)dC*$oPP5;8
zlBH7}9P-wmk@l&3YLU7NR0qwpX-~m(7k%CP)8w7PHsF3*;F~FDo3m_A4z0cKs~J+}
zG^5L%{lU3T+8ssU;7oV=Ec&SdpzqVh*@ORaUtUAK&3qb7d!p$K)KeDK$Gdy-w@)sQ
zi9KtpRF?<NA<jS#U&rMlFJf-52&4n8Q2;S7tB?Pyf9V%m>M7n8>f=_C*ESpvq5C^H
zw%#L4-On%Hvn2MUZUuhbaagD2(sAGiKNL04!j%2ED9x#(Dgfv|>ld2Jpn{r>u52+O
z#&P?%l3%9irO}vE=$txr(a!6Gh-E{&X1`9ESf#<hlAypP^_3kb9ccf^ihpCP0A9%h
z#b(PYcR$TgCig1$@^YQ)FXk4G3!>II9`8${=WO9OH;ytD9TpH%xF{5B<9VabqyHO>
zU?65e2Y|L19q+xbb`7P7o^cr3h4NxNebZ95W_OD@O(3-v!6%jXybW?mnikV+d5maE
z_O17q5pkVNneht_o>zs*j9rHj!>TH=<aS%9lB}b2ITv>oMr$thOLW2;4D<~+G)iDZ
zYbNDYTh4cKm<6C0>A0L(%}ab+n8By=aVl-VZ)QM3ZXlDgm^Iejqq6O^U)?p9#%J!<
z$GhbdWwSqeT{>-k33rr{t-0%MmWDp-UzrE9YRRBwo;79_$yWSyeVOS>i6z*eIX?cY
zuOFg^Vay5u8PGZV)QN%x@f8&n$zzWurR8%VflYKLQXfj1G>>-%<N?KVd6^Kp2HQJj
zx*h}KxNjyoX4avokSBpyg9AG$sSDgRcTU%|?b6WunqiY}qpfj@Zzl>)q`q@Z(!N?~
z=a`Bo;ozybJezHZg9r_h`2+RZXQO@`HtYeuj$H+dlVBT8fjVe6i~Aq%_;rk=5l2*8
z8xxqJB_xamt{Bwp1|g?Q*-~{vOb`=0Zl|g2t`nl<xg!?$w?cp7>?%#6pJFrmrNC8E
zzO&H?&Eh!dR(B`U{HDpv1Lv=NQ#A&=-z$6@e7s%sZV)a|$D^@MGKJ(jo5wiFsz^=W
z5|lTm#~!r1$L<fl%yh9rNg9uZw6!m7fRI2tS(X8a&&{E{H`WesU3YXib9FqctNBUc
z(1BshVl3=maa)13F45wSg`pu%mrfr|wM({Qp=o;Ll0icB%@_U?IkM@O<9pT9qvwuS
zYfxBI#|XOvbxnVJp7|9=<W5KdhBuXpyS`Z)?ef-9JQU>P)_!^o>^i6Lz;g7V_-iv~
z^v%x<gsPTY*7>fBn-<65j5~cxzX@C(ehGKlTcN6=LT<k4wc7$9dI)klg_n@81xA{4
zT{)fIu|%vJjr92r^JZ?{>3j13BuG`abU^shY^U#6CZam4S<DSaAV4=4gOgOn`XJ86
zg&hR&L|u=y+FkkQsBdGAu8ks<;g7MSGg@nd6wV((<k=kYA4l~u#+uyS*RE8nT#@HI
zX#;!09U>)k9mpq9doJjAl~ecBXgavBA@HH*ocu*i-8lbOwN4xBBGZV16)WrF{H1eU
zXY)B#Jjfg0%T>^zc%EP*T(+^F^PmN|d{Fp7@et?#x@Pdu;cmroKk3(KLF1r&PSto$
zjiXM((!q|Gx1Clc+#Vmk($xl50Iw2<UhX4D*T9U$)-(!FB4ytL?+i}Q*Qv@$k7ahI
z$wp3(U}~iOv$0jrJ=$WUgaeji9NWSsK@l(Q%HPoZDi&y_%4B0{016Bw%sIr;G6m4{
zEgw%|+d`oP`Fi<^{+mSt$QbqD`Np-cSED9$(!tYkPwn=<6h+35=XgDv=Xm_4_ojH7
zw%NNe`Sp$a)ed45n2QBOsc(*#kQ<y=!6wLvVMQnn;kkw5qQvnsQ%;(q!43Do*P_cw
z7|8c&&lzBKXTvI}E>B+pW7xQCD@mqkQC>r@M4e_(`3m<TXEqpA%~{L%+^#%<M)Wt&
z{&HmO=}$fiiS0Oze-=$T@rXu4f(&w+Fb6KiJ~nw*A$xihxVO|i#Mkh!F@fga*!To1
zbgN%JbPIg++5nnyg3q~14iZ3qZiEBRfq5vZ6bhi0knzxYWMm{LMHCjyw?y8U7f{tV
zqd%G5keHR&N2uu1!wdEOY;K!9cdX{dxq;&&{o|^}pKb6Qb?se`060KL^EsnO@o5o=
zwB|YF_07g;8_|`whl~ErNg4-wmgu1Q+5@$=f5HhuT_26cH*9ptg2<MDsvW*-*Fw%g
zv|h}p{}gfj4wGE`Ckr95JUcnPWBN(dyj`b`6kk&vE0~EPpgDY}1`(z}Wb2MiXsgx4
zUt3oyHJhKSG((c*d^_W5;Y;>2xL!R~9qMUQ%Yp9u-gtXGx@<#m0yk?nwgV3p72kQp
z<h-7y2fC}~w3-Lm>aMpya5tl5t>$DcgIHm!vJEZ2BuLT4!RSg+7eQl`mrn?1oux-K
z+5F+OD@hYP=A))FRb%>WVc{l+!p7>R;$>%2^law331?1NAYoecwdl0n0U^gQ$c@)s
zlJDPaz2}~WGX$dH3|)>Xt6zo3sdfUPY017lwWf)#ynEd#2KJ-40ym$SJX_a4d%C*c
zEIFUDug8Pj&h32MQ)P-_T|~vi^=HTCp8I+H+AWGz>%B#rvp|j=V;VH6t$ZgyP_Xpa
z<Rp%7o7b-Vl=8R1q*@=2Soy~rKw`5dbH?_gy}{N5Qcl5dJC+*j2KS=@dDq54+UD_j
zNQD7}vhkGi-{3fnAzRWfFIxh3DA(5K@apYe?@&|#O&4;`%Wp)wr5*Q-BJ<_Hf<gQ2
z*~zCP*BNuFM_2sAG+!=mA~}T}Hfhl%_d4(mY?IflCfSfCvdzWmKr`ju!Ob2xHGj>N
zp|!GBTDP`%56HZ{n$6kFk!@T=1i+HWlR01}t$g0UiUlJ2%b2jcoEN;TxXtG|s@sk8
zb^~2=wko=M#r?-#6-Vovkyz+Fb7}u<l)>N-|6kYS@W+I$XJf)j`1Ol9UNx;bU;c7C
z4o#Z%`7JwO9(BC5M25Vk+nIpSvms1?Nhn0<0xOMjlNNP(&RNUgFFn##ZE<XF6~f6>
zv2)q^6(X{|5m_Z}AmXEVg}YPKMelW4cW`5K*(!3SouU7+MCeB=^mOL@n>h^mylJC5
zOH~&!#*-ZkKaZ*Kdcj`y+Wg$2|04uek^W9oF0>(A9dCHK(1MAnx$N5<mmmOWi=W2O
z5Ud~T3olI#g(qqHb|g_L;MaJ+ykxW*!8eGuZMKxJZ~gO8V<Hort+{Fr%*`D{#-FF{
z*1~pGy`TaYZOj5@2p<PRj>)4W=YOLnl1VGtR^tJy8!hUr7`b+{B`*aOXzL$%_v-dv
zoeaTrCmv*g0956&CMR?^l`l|^={kq+Lm=l)>W$vjZsvtmnE><kb1qS7{j}&5=#;78
zk*I;C?n*JMLcdF3{|V>eoAaN~4m);A&fI7l^N|6}u)`<qkV3P--{mZG{KlmD#qnJ;
zQy#?4mq$(gH4vwLBx4g4WXr)6;_Q@`tgxRzHVa%EKqKo~3#R||<BB(>N%Mt;cbeA<
z%j#n;;wn1P*E&ea3MhJYRn^rMXEsY*>`t>@cxpf8D-~&o-;k%8l8XZmKCwvcVTj-i
zof;fu>Qxz7d(AG)$+nSlh?_6xsUK=~LPta!`^N1x&>>ZC9K5x*)vz-tLK}Gq;9cg7
zcI8MKjiwjxjaIjk^X8sp*yh|e*8b*sei-US-CubuQ8<IVB7)gVdXXdHlCzY1r?Y&(
zt=W}^A8Rrsb1wT6Ld`wopM@`>YxTeh<Ic^Wm<{>I;2iW7&RAN$538?m>t=>ob7H-Z
zP92zL1l3xv==+w}!5%OHgb&&lT~PmW49Kg}eOO^(QuCU;Au?`-uMxWtM2JLxrX4J-
z^TmQiJ<6dks3{uc6&QrAlcX*iG~ldz-U(~ij&zIE&-SQyfspVO9d^L$g?h62_Dy53
zUN;}YmQxSc<u%&>(0g)W10wWg`GK{G(o!SfK+J>L{-aW#i@3AZ$~r}#YKN}9wVI`b
zhThz>U#AlOaVvW8A+HvZo#w<#*r6ZTD+pq6$R|vAh6%ligajgSpt|J~lhCEX&{vL^
zFQm3J8n}P<^w^E=q<9sB2?U|FdzC5-+_h)l4~~x?2azN2+q8kQSw8Iwf;7OCZ<rOl
zJ9>we6CNBx-ayZ=%+S463WYXK9nelBUiLP4mBGv*vUKNL%tBeVC7hIH?)`%QR+Nni
zCkkg{&jxE6r(nh&SNMbCKv~Jn3K+5Md+|WgW8>?1*B#c@8>rXO%Go|2-cA5H3R39w
z$3QuK8wci>0hfJOQ*^T}|H4Ms36fDdq&KSxwqOU(L9deBI@&zHNq=MancZN6;Q#Q_
zbm8x^56{k81>Ib4Ar%47soUp?sdpEQ9S}4A7=w}^>c$JE`sUI#tT#^YZtt@jR&4!`
zx37+is_Xt$FaSX$1VKs~NkKYBM7pF?5D<|LNr?l}A`T&4f~1lvAT1@OAky6>-3|Ag
z!2)^SpU>~U_x>}Van0Imuk~HA_gZHdUuNs4bj38!I|mpv3*F)jDGQY`yK2``U>&sR
zQVKA(tn5y=WNapHpPFdc>nob%Kvw{+JBvB&(m3l>X7U!>I&?V?jbt(1**4lpGjXs@
zao;>I&q~Rt5!)5-MDjd#fYxX;eRj*f#Z*RNbDnm3yNX?Fyt-^Z-SUw;vx#WUl-cZ!
zzP=Sn{GHhS4gLKV%l)Yh#W&KsVVXBL-$w(5ds7WlEn^|eo9~tkUS5u%l8x*C7zZ1$
zxKuyKseh4SGSjvUIyf;qD9T_?4!!PJJLH*}#HzduviW6C1$<D~^F|EP%P>bilS~^l
z;47N0Npm=VKy)?hdc{+f!_uU-`YqnDaT?>b&5z@rU7A|&YCa2;6w}f4ye*Rjn)Xc4
zc9-$|IGt~Np9;>`lqX|4wv;~67=RDxrqp!1r<anJZO~vF^lN~B8uf8~wr36%H#Q+N
z_k}Go`Ru7ru;AOFG$J(5$6}_E))N?9?AEj5)+Uy>EAN!;8}6sHqzv5RY#NPYrk(%z
zdOb%I<~&U!T%4i5tFlH#15|T%wIdzOhMw4K_*M6)&(!CIF7FNr^vz*L4O`i~6<^2n
zQ$0Un9c;erjWzEaYQLN4lb`!TTbk;-8h#~)6SWyM)%l$bZ`R0O(^PA4<fPAKmFTbb
zH*~~!r^s7a#WK5__rx1(JFu_KoI)0myd$%f<<LTA4DhwZF&A??Bxo`UXyh%=Xg$w&
zvT)oT7_xa+_i1$iGn9On*$OMG?A+k4$TTxNtoU4UoeRZ5AH(Fjep#(}pf+=clP4~C
zw{HHev`&5<HGkY3XZ1C4jz-dF5!^I2D~W)2SoOC5k0&E`Zg<N9OAIBOGUk!YbAY-B
zvx3S4r<LPQ(Y;V+lFBVxe?>p7GQia_jKMk$+mO^6Fn=R>=HTvGx_E}bkF&Nj1cP;A
z`N~@}pf`Gco;hpY$(Un3jo*9?^W25ELXSEhS%i3V*8Tt}YyPhL(-K3>`i!jk{LYJS
zL4dO6@%L{HwY531uK>9DQch7_8}8$@*aGmNMSK%a^A%giK4cwc%>2EGmU%$aw%Lbw
z#0KW<vY!G2Hu*ShzkSAg!!py|TaY3swLhHex!fUJou1#aDnl*AT1em8op03V;`?}h
zyKL{=T986#)J%>mVz!#XQe0Cp%#UZQ4;LQKn;Nnb<Jbe1`mJ_3URBKYQQJjuZdaC@
zv+eezGW6@6{BfVCc+8Ktmb|?;@CeP(uMf`{^UWi)qS^T{Qh_}yTswH{TR96gtc#Wp
zC6vs~b{D3?owvl}m|r$)7ukDPZUs8m8Lvy*@*E^Y2UGvl-9?$RMQ>WJaQCHbHjiBf
z9C?UI@CvlF@_M|Lu8q4m^2N?LIGzY2wNF9*QRTWZY<W6ELYkNzXG^PNy>rj1InRRA
zwIo)1)uE-%u6ym8cDJ=u24Fk$Qzgn~ym!=JPUnvo*1&Iv*}LxZHPZN%wK?eR8he_T
z;eGHM??`b5e{gJ@+HY*=?F=>WXx8Brb12wc!qXW-ncrL&XEI-jas&j-<Q)qx&_2<7
zL$}l$vp%t6y}A0eiNZdI@5f!11QoBLC(0}cn06Rt1c$Z!wci}>t%~z`1Wi7q8+({r
zv_R-A&bTC$JaySNjL@nOhe1GFN_5#9PFfk|8QwrOrX2lTnI2emfQ`wgf3%_F%F4*N
z@r76Gt@P4Dv7IDw5npZ}944|ZG6d`Iw$02^%S?!4TXb<>)qWMG>0VM-ihM9qn5)`8
zPyMwqhJO3}vx&+*r_yK!IJIN(8Md&81}?oDD*;4JwsEtVTXr;R#q%c)uD9Z`ye)SJ
z1Pk9V0lV;&k!|ngv59rk{x}z&o!Pk?=KgQiEI4EM%^%5pb9gvwt~G#KzdPpro)_4$
zw%eVmI=9uXG3ZiVeclnTNtU}ZrKPNFe{5i2M<Kb#MShI;S#m>3)^0Yg(<!^<Q#&gz
zoX+loI|AXpaVnWA4yhkwOOcJV)a)C)^TH;sWdM`KS{&y2%XE&LMxRoOUOevMZhC$5
zNh%4hc8!&Tv3)V7KYM@gUV-*TGWI<8M`PBJtoLzqal@mR&G4kVO_*U*`zQnZ`5opZ
z9BMrCDW#<+)wegy1)SMsHE)1Fsx@()aW(nI+?GA&fF0}Z(=GYF9)Lc!lzg(VZx9=g
z1a1Q?2rji;=G=JkXsaNWNg^~$*3qywFoj{!%ek`7+PUY(7PX_-AQ&i*#xAd}e5k*?
zdaM3&E~S1%0$TxFX=fs)A5P24-aEQyYwrr4ZZ9pZ)U52;-yTR+C^kU((R{u<zlNSf
z?<l6VC9;dR?QQl*X6y2*^uUAo65&$7sapIU&5h_$sZjpXjIIXy&8^3=?ZjEm^XyLB
zg+r&Tz2m+t39vg)j$#)qI2E$_H)Y8>MM+(bNuXjfmb7c-RS1CRmlw4u%+6#QY&2{S
z=`oe;uxXI)>`st!^UwNpcGF#x;jDbBvH~li_!M=mmY;gkGA2_a8UE%e(HAQ}z+#r`
zqaD?g0aWZqypoIOkS1JqBl}hsxn$<0mU#o0JK!r)X4MxbTkwlCACFnvShV=}W!5}=
zq&5_GvODSJzAclA=uQf{R^GB)pn^}&(~Z#dmb?;Uamxbg;{GN&EfibSep&4p&eOBt
zkM?bTe%URWw@m)baHRg-5@YuVax?&AY;3dpR@|_&=QPbCKIPVm^cw!b^XGG?i_2K5
zx6ieN?0T+yQ#LT;BVW!3-Uolsi8EyiL$MtRQjjNtuUQqm0In!MS;xQm{rtp7E8nZI
z)(>uwWXA2+^&XOL5-+>0x*64>floKJkfGhd=}d5@z(kN>dP=7SSXq2GWP-Mqds<Rz
zC2q6JUtXodU&ePevUX8gRJ+r+SF!e63Qw_(@ovWgRZ1aeSK;Y{!_vlnTKP%7SrWZQ
zzRY^pSbj~Xbe=2;9zfK4ABc<PnBuMrZXNHcbCdGOHxvA>SxVvEY30H<He*RCh54Pu
zHZ2do0<t#rz{9IZWr7@$X7)q|AsMJ<=k2C3yvprL%cyUcw3QKSm3V1<WL7cgAa$NH
zClTm<6h*OPF(Nm;Z0r_7eV-S0QNL%arHo+DBER2yzAGP9N^oMSeR2AMv))b}zmH}U
zd1cGx5AV)fJ<5uHJ(^M@o4^@q&R1U(TpE}&P6gO)V`sTJ6;7?Mu+_0g>1@({d`E<y
zA?i|^wHV2qQoK_btGT&bFst`?N})l6_eoYS4%&QlEQ6%@oSCx-eBbeMC^n|?{a6w%
z)RBJdin#WAK5$>_DLrS7K1S-o{Nkei_Pe}&NlvqK*WmdszzEwYhwqzjt!~;d!w6QM
zIpD)ck5W3j^fLKfeEztd5QRs(_*XOLzkX#VT3l;i<y;NZ<SMOOQ$DD5Lq7TW$@Y%M
zg>Oo1;z*yuaMv#zudPS5_Q6cdSF4k2*L`hhjNcO7yH{Lt@q6|aTA=6UCqFRm!VH&?
zx|mF;;GS09`gz5qe*bK;9h)IgcEV@Nw-sx+#4rHykR8Rn#E`C=e+4-iTfsB!W9wa`
zYc_0#6jf1S^2H9Q@~}Xjo5i~*U!lihggV)~w8BL+E*}(iU$L}>6G|~An^Bv3*e{Db
z;WWSTjYeM7Ctv#p;_(IrdY*RT1FYRcS|s{k0J4T;7YSX&c5i({S-k2b20ib7;8A{c
z2RB1|@1%lnT7{yX5le1(VZ=ME;jtDRLyB9ivWd?wFuQtPze}j}MC1~Kt4uR%Jt<2_
z_*E(P<TDC>X;I>ruV__s2XfrJg%Hal1&O8NzKNe+Y5l<M^Y1zUpA(;6_*xY49P8#c
zny(@#-%ovi7S;HXFQRd<yH~F%g&Rp>B;zS?26Nopse4@+R}8X(ronhUzpLP6`|XP;
z&mX+LL6vc|f(N`fkALt|kKQg=`iU;^9p1jiTiqyFt2k*CRkP@c(AQ<ISG<U^d>`X>
z7~A&<8UliRwjUm|{WxTMM*c8X2Q<iCy^TLy&`sdoLm)<#jHck9R^F=n?fzF0z^4a6
zgn+W-MMgYL_GfuuKxAe>b{J7J1nqA$j1aqg<$(M992)D)?9)ontiusC`w27|u;d-F
z0QW^a$EFmWbhrIDa@ZEoGmkifS#N?N(v9+CN&rc$`BNf-=0a}c0pj)@?{{n@AW*-B
zJ{WZQ2pS^n0oya*WBE&?J&4p{clS0*{bc|CB@~oDH3TE`K<lGu!;hj3f(_Ar0~^4F
z(B?Y^ZHRUh?Zso_0iyj84@WSBG`vr43c><$zpMO(4R8!NV3JiGz>D}QNDz?@-a9se
zBPtSHNwj05qwoN?_P_AG))4A^X}ougigloe)8fR4!KffZd^-ztpOhB@9N@QD^y!H}
z2h~CN<u|t+C-ES}SV4z<KUyfzyAg|zIvP^@D2fPmsuXozU1JXi)TR2Qy1~#7hEnK=
z1OHbN|D8Yp3`PXr2s{p+cRlbBJW%IIMjv<((*8%fgrA+2dUiO-<V8@X`lRYnuB?J$
zJ$`dF_Yns|Icn7lG#=DxP{={)1-CvXc&MRdJDOO>Nu>TN0=kh1bmOmlK`cI!`v|qc
zJOB<=9jjw9aP*k?{!bGBoj?HkVi}mz$4P|h6BrmE9KXdkq|VWjd=QP0@(0mahlMA|
zt1$RCbqoMA!R@dI5eOn3lL)xSY)yAuY8@xg7peitA3!%Ae7_4iUckiwa@zMy_z|}V
zy^kgWq|VXQI(<xPA=LRd0)g)r5=5E(TZwGo(caq#!SP#sLyM1|SO?JvDSr@+x*m15
zMXhY`ePr}NRq=FkWgNiRC%3AwI<_gOv#2^&HdqxF#VV`ItBaf?mv5ge&ZVH*d4b+n
zsme$fBPUcfKb%KFwU;5e5m%Y>?G&5m7)Fj;XQ~FD0!||?2UnGZ?!}x)RiSjMc1Dne
zgWE5S&GSy9$(EE(l#mG-$2YvDRxdWskn=e~s>12i?H7!FZ2*X;tx@-zluiL#lz@Wj
z{DsRt{)N?S(v=Yv&%6(mJkYT<q9W7anoV-{Y=m?i-Hf9TMwLk4a73X+a`ws<W$f2J
zZB>N2j5%fy%Z{2<3|%^Kzr_IU9NBkc1fuCo+<Zc+uIjSqc&SRJYk({!fIFUo0owM9
zu9b)i5ueT*CasLIhIoy*?Kh8D(=G&Qdb%01M)=l&HP<l>&>YEisdApEN~d3G$DT&W
zN~i`k{rG^xIXRn+oa4e}8$Sbe4>r$gtl!K=$odLe4d{4Yhs-9&g3K0Xldd44yTXtC
z?iWIShHRc|X4g!Uzif52M%?T{Fjli+I3{|mh<!N(`STSq)TzK1tDtMBKp6<vv}B7)
zh`~=~P%2}+_GPb9*X;v$6^B0$AVF1!MF{{3Unv9+5dQ~>!D*l{`J0a@AN+_4orBeg
z`1#?QpaZpCK&ul)A0JpvxQ0;YFyd2z*x-)S1}z2>ph#o@5oiBRiT^>MA*&6j9R!D|
z=ywkSGYEYShxk_t>Ey=mV9p}KEFmH?Ta*>F?DseWUDD5({23R-kw@V-bnYF4H-Z)i
z#x3ZdgShqL4+0$x{O)N8X^8mlD2!gmcpBjs1UK<P5`vySsv%@9L~CzKZUXK3az^*1
z*`ib>Ngd?<-}ApUBItk!hQ#j?K`8_}=}>%wUV~`6U>=BrI3lw8`b;1?XxC9kL$sr@
zcvM3GQZW+D#3_V`1GI-D4!}8z&DVQS=t59__uuDMkP!;?zepEK$zx2B1dg$V;TT&W
z+EH8H9Epctra;`knQ}x!gqtB6=w{$hx`ZC%XNa~1mZu;R)b4}w)JdTRrqI!lg=jz1
z>U$F016_19^AWV4kqAH~^iL2W6~ChmdHF}S%mf~X4YdN4%MiQ=72-j%VJAh>5pez?
zSpfKR(6ED8{H>OJN9PbYQ0g2FG5KSRK2G5G%s*@kv=}%FBc%7ybfG)Of$~uKI+_KL
z#D6CcK%9c$aRAoXzm<4UoFF)U#Ta7okwi_bgVGwI{6UGhu7JNL_UurM0Z;+!E~<VP
zadX-LJPChuHPJD6L$sr5V0FaPP#QqAqbSw|{^@8#08x@5_B@K8r^aCw!Mg-lyCB-p
zG~hl4Zisd?4MvYC$Ou}TG;p{gQyi`(h)jiOM+@?C8Xgp6i2GMTJ`S6MY6l?+x(@*F
zFbNS`*`iBFQ2d8{fsY=O(g@nml>VO4G{=|%(GHsetck@Q3Wx)=4{U+hf7x<WL&(n%
z?GHZ(|LNyCh<5aBkp(jdI1;mz5b<bQ@f{P15bbCr9;e{}+7S1zWC{9(4FFw25$ShO
z?jR_C94^<-IVL_m0?t1r3+pkVsDBJNbVni#KxDqiF-9LJ@gVaF4jCg4Ek1%GLhYm3
z0;%)+^#$@@JpiS~k<j_SllZp+4~i3TIA7|I$<*r+Jm8fC(*ApixF6}wFE4Z0>X!Rx
zvwgbVQt_*A!E5?&wS@ba*s=OmBY+17oep>dJtl1F{!ExPvEw8nj=;odFj#D>eq6E;
zi+{VAAUqAJ{d;%=P2lAT(&y;0F?L+={EFM3VT%CbcZvT_An<3EI7kEtj_zmQ8=_7M
zNS&j>bC6n)@&`?cFdJh9NgCN<iT~KWJVs;|@LR_SR{7J%WcAf!VnXqI`||r;HSs{=
zVS$K3CNBu0{;PXIEdJiT08sY}9g_&X57)*uggQsB9B99S=V$EvF7e+91i)kbZzUdF
zVjwtvJEft;M`P!pOh8y3)VxutVAC%Y{5zP}6-<7w6!)LZ0)4vmQaP({4cV%HBu%6T
zTQxs+-l52?=KpH)P0A8}JwiaCmqO>DVPqcyDISOKmmmw+4E2HyR1@yHSm!}5m~ugj
z4r|#<@fn;EtOH`fQ;6*jn$_#kbaR2(hasN}ysu#J#4)jMC1RKawFhwrPCExuC=VF}
zv49QoFo_|nbMkx9ii6w4w@PS{#-UynWZ|#@St6z4=m2oLgMRG(-&(V50f|4H44^RS
z7*KWU7KC00HAVQJ&HiaM0FF<tw^07sg>oo7n8yRF8d#iT=zcqeq3-oC<iDEvL)q|m
z(*fZ4@xVdNrTSHK4gRK?{|~J<VyJO6y-=qDfj_SF*vI4-Vp?&?hyP;Ua8R2eIDV_m
zKV~ez!5Hed8vwM|_re#MhU$2<1OCT@=C~dmq8&Yk2@WMJ0FBhXQb5F`w^qc+;K<nK
zz%LN@uQ||B4H4bg-}dML`Y{!k^_XH0(f+vU{Tw6wYTXc{g`+pUW2OiP%}E{b3+-62
zYdj3j0X7HK41)5&f6Y>+e|EtClrC?MF$JRiFa`K=TGt)Zh9YQ3Z8>I)@ZA=uL;rPR
zsvYw4fhiE}u$uuLIHDmx;%5Zy$hGX~paapI9M>rSn<>H{{qF(VkceN|avU}XhY<wj
z&s&+-K@0oa3G<K1^0Su*evV?N0_Fce2fURX;}%3md$gAPl=z##gUp8pU%zZQ(#u2h
z=YP?9C;b*WKO*Od#D6Cc_*;qJZ)JyL3|f5nAo?*(gRuN@E3?soAMJp_i*kvER21Di
zzy&-Ce}m_^CLKXLng*hW@85``1JRCNMWH_T@OeHJi0}&~#LWwQAI|@&A~fpz-lYHc
zdh|c02mn}gxR1$Hh;}$rkJs>^AVb{0735>E`CcNx5y;Q81=A61c7a2^+dt;ZaXmUj
zJ9@Y{9AgSZ`@@tUQv~3*X95SdK<vNS0`=p+Wi-Oi|HU310H4<U7sd!jH2jYC;TGmN
zY@`9ia0!C)$KmoeTl8ob`ZHUOB+Joe{$KU-`iN2j93IRcC-Hmc{|X)GpoCT*&3uH~
zM-Gkush0<S&XoUK691#XgO-u?SBL@7gRG-N7HHmg(6~XfjUPj0hd;Z}e;ShgeJ>9j
zQ=Y7jNtoj#9vp%7za~ciuJuOr$-s{Xp$Est(ec3lLgK#@2pl}r{qe*Lnr-}=lN}wh
zK*@iQT8P=k_n~qN`3$0k{k^~Yr|THhydLUa0I<p<y5}S3%dyS;-%bY(3fV<4MSk?O
zVD|zoK6((LeFgrkjsN>*{$KR+KgJD*pZ^@E<H02cnr-~L#2g*6K!xX^OhC#XoG{Xj
zttRdyQ$xUu2;JXZ!>V91kEd||3D{Uh(d7X@=DU=C+j*n@W#?`5KXl#)jW+;3eoFq^
z&il?^G}MT%BaniV1+mUU&&ELlI2i=z827fIsm1pPm*;@Lv?kK~FNY$G75{nQ@O|Ep
z5J8Q2=nWit_60tLam)_~lV=y4w#5IIh|uHrqh}n{(f)S+&+@bkIPEP@tt52=UHdJt
zIbd@s$6<d6{Ocz050f`pduQ_XY@MUwFyaBgVSh1Y*L!><1po#>w!IWspYvWE97t~j
zG-S(gCSc&-Z(FaAnZx2r_vb9O7UH*e`udvU`hlI5y@mm%{k<_&r=86e!~L<5F^8DF
z3Fd9gfj;8><zC{l{kbb7am?`D2Jc;%bH~oo(9T|^cgtcCu=9C^bbpbvLsWZLWd?7b
zo@qyAZ)^kzD=Lc>D1ns$W3cDFdm~PtoAef7deu$KQ3GY)78zZfa0K?|CR${_!4@vB
zuIr6;B(IkdJMZv5EZ!mC%ihNoC|Mc87@aB`aNb+4+26?D_10zrztrtKw$lNZ1(pW}
zV7v8a!9RnFlPxPD70_}?+P4O{MX&dVuIapPuA~PBr{v1kXf~bqdgL5WM(-_8$fh*K
zF$0o2e05IN!Gn`~-+*nszMZiBwV{Ujy&mwt2$)+0b{^S;4{Eb4mt}kISJ(}tVZzUU
zsEjWp+E@?UU)PPBKTis5PBpC31Y9S64jV1o6<XYgSq}?TiWAt=bl!o-k;Hx(0VZ9x
zHp2ks-LbU!ee1}5z1^vn8rdPB7uZ->gt=^F?@uvf?tg7*+JXL*zCku*r)3>ph8eft
z0PGHxMGk1~fqzM^TG!$eMzcNxbJ|M*c9zHFV9xgYE!q|P`>Urq@AT6P?5^#Oak+eZ
zRyQ&)wL|k{Q1;TQEMIY4BT)4XphVph177W8;p||g>|<Tt!OGeXyuLvZu_vmzAZoP>
z-x!4BZjshiP~^AmKjkXi8j`LUiJCmy>2a2;8J>*_w@4t>#UUBK1^Y<N_tDoSK-xY4
zXO}i=ftF@Vhhs=bW@W^rV#MU<Yt?*?OSGwdwEyp~!0-R~<9!B#^7B=}vf>N;At8yu
zYto79e2vPmMnn5(@Y9wBE{$ETlp)K!ElZio5tG%CXs;UXHi&gX5y7Oe%T=_%m9k}N
zJNzk~)BqnrXX0y21NXmUAN}j&AxoLnk(r8-nU%w@l?ckgYqiD;muP4E=$PYP-!5=F
z?s6FnJ8Qri)i%r>!1qH^B`(o#Et0ihjSgJrvPdU1cQm&w8>^d=NGAZkXwMG#Lz2dd
z=^AcKxNI`%1RtM3giG}D!p1$2sd8Xb3f3sR!5cSKQ-A`02!2k^*9d;@x4>nvWyw_K
z8Ta#j#Yprtg6TX{ROQe2nbG+}ZjI%+%N%@9xZgkO_wv4Wwxg+Mfopsa?GZh|6kpE1
z0{*wu78gq}F!fI|z04oVVfbLP!oe4QTI?$MD_q*w9%Xr_xrWIzaR+_;KFGULFp*21
zeD)rN5hSwaxl)jv#<!@|x9)nZ$5h#XM`TT)oi~`;aN@1-6}emCj9hc9RVL+bVb|`T
zdsd9js$nsy{~Tmxu8?{x|1vNKz#?+QdVn23go9;>9YBnOWrQ6-f`es@9YBhMWr7_*
zhJ$5_9dHE)%M3e!90$uBJAeWQ%K|%q5(mo?JAev@UWk`#jeMMvOqQB_l9Ei0n*19j
znF2NW3?-QoHTfJRnF=-e0wtLmHTe=HnFcla3MJVcYVtKoGHq(|4N5W{fLcbGda%=P
zA=veKgwIB>YjlLqiRZ3~5k4r-UDG3cE<AUA7vXd1xodHR57~3qst6z2=dPb3d{~~l
zwnq4HJ$LPmuvb%c(_<!=LwaLCep3$Vs{y&L9MX~j`C~aG><8ota!9O`Bl&k30kp&~
zHS<bnd$?R{T11Wkw@AyjsWt$G!A^tWPWS7P_uep_s?qW&Iz{=l#&Pm2fJU?}1+q!t
zU|qxski@~l!wHbW!NSK0kS3isySzhZG4s%JMo>Wd)`rxLo6@&-q;7~vTdB2!(2_qu
zvN9sS`2Z=%h+Ovp(i<c4#}AOc8j&YFKw2^)uXuojZA?D=0EyL@9LW$sk~bzNH$<{B
zCckNj6l5%4`-%wkh!jqM77ms)PJlKJmJCk7T^uY~oB$mhtlKyNy8dFRsI@t8UjE0h
z(*p4q1UXKMxBE~=xzZZndM<q<l%2eRn(PxH)_t6S`~G5YQGMQuRCS#iRijukK|;#F
za^pDZ+wOBK%2mwxR-*I`Aeo)Kg_^9D5X%TBz{p=L7u6?Mq^kSWs5*sJ#>s+qA5G&M
zne5~pgaO9>wYg{hio7Jm6JRX8a*dd4ZONTy#W!^)^}I9nRam-E+>?6v^x#CoaOX=|
zkug!*$+v*qW<2qhwW5oOw*cwIg7z1(V#1m1lWg*V#u&A^BBScaRvB0Y?XH@}w=&tu
zItc&UWZ?g$@V}4^1gb)IQYu4s`nExK>LTnsO15%PEYHDLYlS%Q5FEnL!h3Si!oMUd
zBe*XjxP>7h>VW_x<rw<^mK>snJE~5vKn)5V6+LH_adETxv8J)G%R6W@QpP{Xz(3Ic
zCo<E{se*P9NmzMKm>*0qGuLX929(Wo;&efKJ=F_vbpZ-)#$HInjpi-wf(y7ACqg9!
zn+flNDrlZ&c*d`OmSO3oFuj{F;PUPPV|FbZFXIf}W^=;o2XdHtfN=&$0L@r>35t8N
z^8l3p|B4L!rEmfKTnG|Y2*E@t2w1un2-tcAu*Z`Z3sNEd8H^zP{Sam)KxV!9jSL{@
zVi6EsJ{e+vZYY>3jc{19hC}fOvw#dft-CNE2$60@$fu@PAzU~Ro{d7F^PL@mkwO9d
z!rw6>!U0IzU;qt?I@q?_092$~@xEMuu|k9}qz9h#(N_`)!AzUs)MT;_9!o`q0OLC=
zY>)5AH8-KG2@At0Itlbg!M7s5#W9aHr*HMkfXw9PDIjxTKFAzX+e25ID>FI^Mk&pb
zEt(aOf#bjnnti}OI*)(o(?cKrlQ7CDNLaoSxZmhU32={IbyTYiKMob}D9BfVsAnW0
zsxC+kj$!~6vWlVtw=sJMhA_a5$ZG;_NQbA<kj^49&2uV&feP>TmF|t=&bnSC;1+hg
zD-4pER3S2^GDx2DxL89n>j`~Uqyv5C0(}M<SPK~la)3IqTA^8G;2f3>;X#4G1Hlgb
zOa8xRUvw~qHW%lC45LIiBM5TF@Nze(8Z(4_2EGF?0DkO;@Rcy+t5t-r9wB^Hg7B3V
z!dE}}f3lBdINtax_J(^X;7)a4+%%_!`)$cOK;gu-xmu&9XF;+W&<fG<Y#_QYM87A8
zp#T3NFLnW0$RGe!-ymCZz+<ySEd4wP5BBSSLpDEu$|@r)|145Ld&A{Zph07dk3oUW
z(vLsngyo|m$fqH421H)EF9=%eP(%jqRtw}p+gW8m+i6ZiT692K)aIV=n-U*Y_nup&
zw8{{&bHpxakKg9^)tvr99Cs_zW-?Y5WVG&}2{cB4sSbfw&<<gliNNx2$-uv3Kf-NF
z4QbAS1MM6IDt9CEGpHO{$9;qqYzXBdKwCz;rA9#&k6{N6_?I%lI{KHZ1ffk<5$ulw
zjKNL#YjeR(ND!M~A~rdT(8(R4(|=|M{w4o^n;rPS(*ECQ)Bh14M5w<OdL32&ffK+H
zoPYXE0Y@<B8R#|tjL140UP1dyUP3S&oB936{Jom*_`lS^c)3mJrw6Sv=R}8Ixu938
zjK4?vcy{23BMT6Y)I=!Agb)vgHRwoC8_<!$kl)A2J3zlbMELzbvyb6ty8aJK0nO2F
z^wI8r^}3&*StRaHj{cIiI3(corSdpOZI)-zJoRYm>6HH0+N>o!()(quyHP}|IWIK#
z^>zsf#`zeZ>k!e@c+WB1U6G5`ftTt3KJS8YRjwzXN|DJ}MQCYyr5)tS0eO7bhr3Hh
zUcKS}gIbXQuEYaZW<LN|3WEz7z=bdir7n^`s5;G{I6qLF>UD6-V;3S=fWP4R-?Qjd
zlZ>0EcU7KvrsNp@A;%1pf=hW$=S)pEKl+eri8me5G_bydUl}+XQHj+NDoA8$dPMJ>
zNK6L8>CF!bISJq!<1O&bEAWlw><7@K^MCVZJ8rn!4aABV0^;YJc;V_?A-^ZaX92v7
z_qKPN!FPZAX5m>bC`gq)li264-)uMK;%9Y`2mm}YW}#U{BcJ#7hGxtP`k9)5fl>#;
z`@qBPrQ!_liIkRS1MQ|7KxwpDSl{~ChBc4#=hZ^9EN{OuQm0&#vhxPhmSw%>P1hzG
zmMb6iJ}cU_b+PS?aj9<Gvn=3)F<LqnuD*}W>~rRxi9_mIb`cmKgD*3=WYv&j<~O`?
z-b21EiF^w8#EBCqCt}>u)f$vn&e8)nPMkP9AI9E{#00z#nbo#b9oqELO|p9Zh>f54
z;_O<KZ??fsZ|u5GDHj=b&=+xRlgFQuTy~4_&*3vV#D7Zv`q>v>$4<O8i01@KbWsfW
z6N?H-Gw;%7l{we!;7V#eq%LK%h2wyJ#OM51L2K@YiWphx(i(N=W5Hj)58RCDO*PqE
z9FcC9DH~Y__P3Z@=6CuA;s`^Q{O^~v7i_((+m>kSb7OAITaY$Qn=TsIpPPTvm)Zzq
zc+NA1m`r1aG-~L5F5C`?x*Dv#t*qY`yqoc<J?T;FYkAby-HvVd&+I+SY7^Q?E(=F;
z8Et~c7#XYW?b+>X?JR7s4fy#D>@zvaTHtAvbfGyg12%Ljg{^(T_FwvxJ8rgn25i{a
z?k%Y(&`Un8SSs;<taN9<XSU^4n<q;~>eibUa%O35pPRPwohdv6dCBeCeax2bquOrq
zMoJ3bdP{Dgf1)aKlUrXf)$PeL35|M`!D%5kS~4q@beHHJ#=6OsxmFyvnI~*-GDC7r
zrFwkj1x^ACua`=ztNCtbT4%g2#m**Y;D>iaH`kZ;L@EPH7W?C9bJ|5A8CSgw9w{`O
z7kC@44JTbbS9~oyk=-F>z=9OT{&9XXVdxvC1^M+AJsOp@vl|cVZBNx|%#j(qo$Ws<
z%j2AND_$eSF4<Xqqv5qySWM4bskC(0IKqDL$4IYT0^+zZMNacxe-ZP-?XyFMy3)jx
z533PunaOSI?|l~Odxw(5`S3}(kt3x7%&G|Sl8kIh;#p$+v`h!z&#RoT$3Lr&K?A&I
zxJ|CAE{j1#Pp>y;l6Up<)z^ucZu1hwWm|;{z)f^>Y;Bjle4tm`iB@V)?BsY&;(1x!
zmRAy$i{ijSeM{Qt>4)`->=s^6WROi?1Y{?R1sC+vQaovogNsF8s9dg9ZHY&HlY3Qh
zdQ<upe+_)FmSf=Cc^Mn0VGIJU`U$RW9y@@_&ry*E&9e&rxB>o6)zh^SmOT;5V?w&E
zfqwcKsf~k>#m+{9rG;aPYqqny2F94mV2$B3cWVK_gPQB|psYq>pK`f_o78!ZE@}Fx
zjK(3M%R3mjwl0}TBb}mlzDrs`gW}znanP>A_8t;hn=7#-7b*{vVsaSJ^H5mnb>HmZ
zTFuzXIQufVsu8|PR8tzX88dl#g587dtO?5{zpqzr@;<MshhG-wXZVV~|EhJ8tU;-z
z>ytp244{<oSPy^PPA)aqi(d-Q^CRr4q|TUndArxk9C;0gEa`J9oFyiHczFU=T#dr1
zwzEWwe(8g@xm{rZ{{H3mIrqfI_^|>M9F_#eow-+8I{b5=9@xcXB+U-yc_{I0@a^0>
z2P??tMuv6UW{WzIBB{PaV&Z*WU4VMdn*1I;T_iB`ZDeV@WmVLOb|Wwi+3%4t$z7mc
zq;(SAF5fCm{Za66O`1H5d@A@M=M5VNrnOtWk#7vsPXsgA(@MUr`y#FOVU2DOo|b2r
zTdk*nC#!4Qq^_{0$3@L0aCz4JYeN&Md6s!->kA7@It&fd4;+G-`ZDo@HNmlJ*}Sp#
zXqN#PiJ~}5`B0VJyz6CVV|4}g7}c=xD=%<gmloq((!B6ZE0iA_=Cmnl&9gIDntatV
z2hGZpbyP$F|CE%qQX_Ll;%PHg%=I+&tAXbF`Qd#fH$TMLmf@XOj$cUOF~7=AvQsSG
zl6zh=UI_3@aZPhT4nyCS5;ebz9$C)Eh=joew3S>HKD(w>*2TfEU!`42qmCQ@4b5!P
zk^N2%?x*#tr{tePW-JUSBB}~Dnze}T=f$U=sLTtRy(2<J&!T_R`zdaVb>Ua-7;e_n
z^ySeWIJodg?EVv84dx|Ni5Ma&vk7Tdj>sR;*vWRHC7ZeiF1{f1pM3q$G9h0*amT(%
zBL>*UX~JSh*?(BqgzEkwYVi{sJOA9~;1wPu{K7ePg%u_e&!`Z`7$heqj+KRlY-D^E
z`xKh!{jv&l1GA3m&DAcp9+FyDi#>`HSBRyS8eL@3AGB$lGHym~pDL^gkd9}JR($2j
z9!*hBh0g+G@;E<Tin^aD;-1x5?YP#VkE#tQYrNw>7u<smIIa1`2`(Cl)|Q#5CoPz(
zEjGlJy|3Pi%k2rT*q(tWrE|hGZx=j^erzT^KTfwNxw~Q~Xk6j%HT06ECI8CMB?Uz#
z@jkVV9U|B=S#y9<l)c{_wtM`dDd@qpr(@TJuo=yQEJBd#;B8e7_3hy~UfPV3Q3Xi=
zibt-qQSYX|t>=T@Yoce(vo@PUZ)Pan`B3gz6fZdsvk;e}JLef__`czx^wY|E>4h}j
zeEP`1B)9z&&(KIr2T?@rLL_~Wg5SDeSGvK2=lyHP+9qE2G>r<DN43vzji1q5Qb}u2
zdOaFLi)*#vAwD5$z=DPK3H9l1dDtF*HIS!OSl-WKv*2-|tx6O8HR(^+pVswfGqQ_N
z0LWk1Go@BeZr+OARxg)$=9cN#ASp#)?;_S%?HQYsMzr=Oeb7CML^90?xwel)NjccZ
z6+Z7tc8<wr<4n}u2Ym~AqULybMcnvukA|>GeFme2-s{<o@JD{WEn-lUj*d0U9%lzw
zZcpJ9eBI2UhtXymxeZL@;H6<G%<ak3a8^#Y7s<Nhj*44X!gU?csLqWLj1-<`-Mrgf
z^r?EjQtVU54G#3Dn&sk7S-a*hvX{?CTvRtR(mP4^H64Rkv0z9#j=I|Vx=`UzO~71h
z@cS_5F8%DDROQev@sFP{VBIScxAG^3!7rn4h;g0db?%7Z70!62;W8IpZo>3s;yxiD
z=tgH5_ige0n5g_<N7R}8v5%ct32~gA-Sf?jv?3ic@r2jo15>*++rzQg#2;eq^`y!T
zj;_<SotaDSHE|ujdvVr<?9GY1QW33ZW=Lp+LIO9lZ{N7jTXdu0+(2pwCOySmjeYrp
zF+MwI4Eif{B#sU6*Trf#s~F9htel?EX%=(WEeF<+^gYUR_w>WlpPo*+rtlc)GrX9H
zvG~P{1wF=-^(Dbn7fuFd_I*q!du7;_hGH&(N&pPwCP_45dp=~_QwY6C6wIbl(||1k
zTMXmrMiM*O6z1NIWDdwq3|noVbj@&@c}h3GLK$-vxzzL#ex?U^`nG(YZib>80nhWe
z{g#4Dmph#LWu36!`7h5*8<G1j=f{=pEHcA@R5YY&1DWXarAZ-b=#4KTWxWCB*9;ew
zBKF&jaU0z!&{Gy<0=GXIcrloYvPq?fIw+?mUzZicwg~W)eE1D;8XxUm!r_u^BW{xm
za9z)?LtE{9;fQRjqTR%-+kIkAKKvW4QJW5*`{PDm?av)^iMom=Aq+*P96pJt8ud6&
zGzH@Pt`?jwa%c4*;Kjf35ox?{Y=&cKcT_2S$FVPx5b#o!H~2j9FejPqrT{(_55+y1
zXIU{l`7HKNo;}Z=1{UvoDbV)jpUuY4V50NeV57<JuzUQejz8Im%kBOq(#xkE3n<78
zN$OQ!u+Lm^^$oZ;GEBjIb(JyDYFJ4j5hrVQWznavNMP61{_JE0jiZBGDzb5J#F_0?
zg3$|$3Hrg+U#>5bG*S21jAL7gD;8hsSftWQtq{k?Hxp#Ow@C)X-9F)ds<w`KmFPpb
zE#JC`beNsiw^RY*0fvVx`^KzX4;KT2JL=&`L`vP<4D<>sv_n`X$$ger;w`QClT7Z=
z3ssjg3oMb#Q&4ZrR%*G!V@A<UGMk%cIPa*P5wympVP1QF-L7>J>1hM!O_X_`NY9m%
zmA)#(sogfQd7pHUfgY`jxCnElh@wbX5*3Fg%kysPH!KYoq=jZbf1<BM>-0|oAH|&!
zMrz0mQr_?KC@5P*c}|O(&t5{+)=qHMrp)@(%_mIZvKvbapY>EO5YS8F59z(vQ?!T|
zd%}B%rFG@wy-U}U^+Z>$s8BEWpN^+Qr?ExLi5Z~7yAqbn5u*iox2lR(>C3PYcs(98
ze|wMmtG=V;SR%^UX(4?}TcIl7>#W4&GDNMI&1VRdXTPm#iczW2&ODBPve~?OzQ|y%
z*n#SaU?p54=DHV=RZZJW_nS$1>DPJG-eT>OMl&qJL;9(vrQUYRmrEz?2i_%{r`HZC
z&m~~ns_&zCb&oUm0hL}hgVRd*(ywpNYiML&zgb3gZ8!VEus-FJ`0HE!PdaUSQsykt
zlbY;?KVH-1DKV+B_hdk$#~pm-$AUt6&*h%Q{F>;xNlT>YI&G-Y7Cj}O%Plj^SYuyX
zb&R&^uF*#L$fMh@4e2sekw2VO3ysjk=Wq-#?)-#Kef?7B)A0uYemfO;lz;X0#O9^9
z@6(N0Q`R2G4{x^avOlzwj<nr+`{Yy&+<uddBk|!qE_1CM{nizW?Ur4>*L%a54RIBf
zV@PkG(3saGXU$RA3s5B%fDV+XxuTlOQ})*4$@=71B9c=)c||iXU((yXq3ukfD4($5
z;9gZoe-fZyR_;ZC4B%s!q1CjAJ>N;~nhgE4m3+z3u@Dv{aqZI8WbZ20MOSu%SAEU`
z(vM_C>H@?9<x!IA=CxjUT9n_W-5t9xAQZBEV??j<#XRQla@LnY!E0$7p=q#IYC<<6
zsxJl;ug^w1_&4314SKP0EkP);T;s*Fjm=K>Jz?z2u$#{*1%{)567Nfc?^ASh9sSfi
zU1}_+z>H)LrYMJ>`b_0JVMSj@tjE+y{XEusOEi#0c9Ndu(FyE6uMpCgT`+2|tyttw
z{-<i;-Njs&ctu9fG+hg4eA(TnYlX~vvWB3VQN4sZ|C$%i^dtk(SC;Xnpfpmuv6U%8
zALn;3iQdkWhf^{-1Le1goHH3?if$-x6)(ONR3NQ)L7un1xAXo>iCGZ|$Mf5dOx`N+
z%&{u6Gy5}CNrb*<&s#Q_YN>*Mnvn{Y#SkS4Bay$Gq&p|a&B^dc$8IBnp3mL9#?Q5}
z5C^9zFC4%LA=goMj}Yd4MIaGh_8b=-{N+y5mS|%0K*qJqyCeWby@>r9>|Ci%K;|ti
z!G}&>64MII`ycHLi095)%GMEq4pj&IcKzbtZ^ipYvMJrET*|-G!)x^}n@L4?HZ)^a
zC6`={K`3W+#4QzLhuK+R6DuMA=12I2I^JnQIljq47EEQ6%db`^PYbcHj0o%7?V`Dq
zR%kxuRl1!Zk8c3rNHX7RarxrKK)@aKg*(UN_Grb$;NTM*i`b_IOE4TyTDg^-F?JFw
z{BZkG?-&)bv)LUKqVrKH$YI&FdW4s0ESD&-L>-b&D`@6*t8!M?hib>5BwXq<*K)?-
zM0IkjY78(u!D3EazILZ*>mv4P*tjb#hcxLcxV8T`^F+Mr(}1X;Mf5Y7JmOGpjs!35
z{!2nCxYt^dfRCcHalDsp__W1+&<%yiVDVX&-BOFop~a^@c2#|l<;fJo-Kni23!3fw
zfTOs05gQjqy+|bVBtp46lGRr*T6)t__BHzbM5P!Tsws(4WxW%qw*1UoPpZqseIFC8
zmJ-w07091x)~5p+Jfz)d*gllZX1=*;<8bBUxHToA%gTpM*9w#OFYd!P&n`FA5~QE#
ztus6AmC$!@pyWM$MS8oH(%1D%+G`fNq$%gT2>Vc|DguIn42$okmiUAJP4pYi3C;d2
z=K3p(3oo%oo_er|6a^(3%$X2&FzcO9<3tylGV<_bI)k5cNfJ1@O8tI4N0mJ+vBl@*
z(uxzkYAcg!^QQ7dC*kQzt3ncDnxw8TZ8AhjDR!<2L})~}60R5E*h?$W45yNmAe*F$
zT`WUVuq&5aX%p!u*)l2IM3-3c%sN-_vUypLq-b){<6|B_PhwCB8k08mF!=!TMPI|N
zy4T?}RNPgWk0s23mRGmG$Zy;cv!TJsd0Qv#7}0X~nbAX9O+E}wH(%FXS+=m6Xzuw3
zYG|ve8E;9%!uh%|N{#UpJumiBCDOkA8XlWM?}-#^Qp@UAeJL|WzN%6};!$+AgRPhG
z7jliS%3M*p))noKo4t}18%Nj7T09vBDK9a5JiNJ*yO$v={TTomRxE3Cs;|44tx-D5
zEm88+nD||9UOT7!rio3G<8~fdoSHE<s;t=(HYH!358LAa!BBdn@}Q87CF613ItfjO
zQpc=VDQqMc>!GgYnyq4$<`w$8A~!i{9p(nyp0$8C^5FI0Ne6k~OX4!U$zkcw14J+7
z&X8-<U@eTC5(V-+gclVh?aNM3RGu<2YtO#mY(TDLF2s4a#&a<4Oara>4&RjfbTQ@g
zw^_G3Bz7bzabu%T^7h5|!I@$ZlL=vs_gER}ocA7m3<`-|^to!)Mmr-|F(^)AQ3PK)
zpOb`r+B3d>!7qLx5i5(0Bov*>bpYuitUh~Mn+{Fy8X$@+DGC0MYxgUe2+$VJ$7bUy
z<x&YbXof9L_I(a{qj5zgnWpQ65JpddgjXixRkt4TE#+d|txsrK=Wmkhi{U+SG?nYG
z+NbBJ9cD35l4~rc5@J-Z(XA;IJ6Uv70<SyhWiLa&M68T=stC#nkA&M+IhN0#3$vkq
zR*LiYI?c@plr&!YR(bx0wWm0N^IJoz2;;I*+HRhU`nTcO+mwE)bb%R)&5=7yd-RXD
z(9&z<XneH1cW6C0ZC|5FtKJ!i;(heZKInA*8B68t2cq9>uW8b%tJ~Vv$%S3KoiS!U
z%4|?eFlXyY-Gb{FYS1E0jCt`XFFrL~PJiPJRmS77(^*n-SH`GdhKl!CvQ2fmXE-`O
znBHsAu_l;|bn)nG=)8xIMDN*hcgrJLQH{2RxW(XYXQo3jHWejH*(HIoT<PMEYUxWD
zE(v2bfX1FqSlSqpD8PB5F2LZ^4Vk<xWELt{hb@UL6)zXxFwaziS3z@WPuVkGS!-jI
z$X*_(=83O$sFO2VNvgXm`D`h{PKNj{Zt9v*4JCFg?r<(Eo}`z0g1Nijl{zxdW_SIT
zER%jCW-~0dqC10;l!Zj>g0jiV=%-=CC@GB-hI8T{VM66i_)<6O3pOfWU5~=dOn7IE
zVRnwx$a5fPC;X1nr_ivjO63U+OH6M@qgQSh+rm7*kPi^Lhai`}!!z(-v0`c6uJYZ=
z$j=%_GCX<eHEtP47||pWH^5n-O<?qF?!+CX_7Uu%Q&d+L^#mV^aVc!0H|aTLPiuBE
zve?>b2MP0{Q;E@Cop$?Jo6|Y9`_+!VrDM(|!#M=A#A|agVWPXoBxyRBmpXZ864?zl
zn4wwTM2o#n>(V;Key2UuK!MHK-o8^1c|7qIqY*=alv;G+OxTT$y{CYOtW(#!`fBh$
z860cUj^<yEv+-qYfEr<zz9>>AvDRo5g$f2;w!G2jSG}I3I1XA-=oavv_Kx3~>iK+8
zh_RJez9Ui;-BchRhko68;7q7w!bsyoE$?TfW88i^6}Oey12Hh(u%wbnR*Z_;H?sBZ
zT)N$Dov(2bcl?Veb>e3r<A(Uk&4#Zg^4o(91h2A5aw;h%WYNyEDr)paC`Z5BHVSGE
zME57XlCXm&6eq{&?RV>iL8vPK=vhU$wBZ-&JA~QQwuF|$n;IX4=#^!!WZp{ljgi*Q
zRoKLnt}gXr)IV!%7nAF3;ZhgTc=b|rCcl}NqqQfum5c(zXpbHVCZG#n{Ian5Mg4(^
zX-LKgr_Z7I4RFo}b~qGOF*en_4z(@$p6_W)IlOo>%#r*^9TQ%5`+g1yMbA}p&vuE|
z$@09jidqzghrRE?Fnc4q0;8}!W44!(+nV@>PQA2xJE166$GlH0scg59IaTsJhrb=B
zo}z>}L)+|Km>K)*>Nr4)ygh!YsXCTrz1PK+boL7)Osn@ksrg&KBuwi{H8rojOBNMp
z9IgWIho?Ke`^Vp)@{5wfG=Uuk>U#EjZM#&WYF!EwwqN~q_s&?y5aKdXin_(Qf7_I^
zNU;DPw%nst;hn(E$TKROV$$^(C$ZDZe`l$?XiBMk#{UFy)y+O&BAKC0M8C{wlfHla
zb-L9WT%+1d4e8Y@-081;_kiuq2GaedW$!0eUo@?rXE^V9*%-I+T6(qC4y9J>eDJ<f
z!{i`dhFmWUzscHdcOz%~f$6;Za5`0~PoId>Xxr+CTUW5&o!q?}Ug#u2isE82ooa_I
z<ugoIi9=Yf8#LBh2-JEJN^h9zrZ=rf+tFt2P>JgIjch)`)Nq&1CRe*szPNm^gqX_<
zt+@09bNdPEGpkH$Q}Y#lt?}yY0yl^gknZ3%cM!iQZ-8a0zt7%1Ni8w{P9Lbd?Qa*(
z5HsM=5s{f=7=qy$$#l}AU%V-~*0I)it9`CT(kr1j<yKCzfjf}yE`#qIK}w}wx07iu
zvgNK%POq6p_qa67<g~NhQojDPuj&uVHasI)Rpxzah*aZn3LlrZk&)k0k<(;t-QvIU
zDw6P48DG@-h4|08hBnWp?k`kp^~`Ho+pEiyT|(Orr4`L(FHuU%^$0^(0!oY)Uwp<M
zyZ?bFi1@y`sZ*#8P%My2bk^XmSj|@DQp&E~i+T}OH@#E}zA^$yHE}F;1!`h9boR$s
za=2;_Q)0tWvp&<`6L;Eq@Y(63t2O;bTW$;59Y=dgT9;z|On>k5TMr6HMtqIfef>#2
zeNB}~EZ)k=Y%)_;Vj8nLAampUMQo^-aovWz{ZX_RXVDJ_$Xj~MzTY-Pm+6*blOeB0
zWfQYY+FCjr>(c!y`jy-JQ5uOI>apUm^c5e>{D98Lv&{tY^wxw4$z8V-q}}vrsZE+|
z?!0EDB&gb@*i_a_WqNAJuONA1Jo#4a)K_QLY=Z1XXPRqc7uE=3f^6*TZaaq4&RJ`!
zf6$h**|U~#=mn^Re1|z}vy1Q1s_)#9>UleLsZzFsI4A>+9YbnSheUq+#g?BR=A_H!
z-ETK_-lA!H-{ZJv;4SG@Sna4pH}cqXH6qL?VSSnz#gI-qsNt<Rei`ck_T253j+|uV
zk$S-tO5M0rq;sAy#Ssyz;*FG5g0QgshUs$*coZLfuHb(KI%DV(ahl>VOz_M{GTHfw
zL~V`5cDE(HhHH6CrnI_W&jrORF3~wITZ~42{IE7g&zqb^PU+&s@U3VV09LNnE+;ZC
zu2;Vj<BIN7^#1%JU|8i$-?L2T-3v=7H8Rm<XVnat=>^K}rG74sqbIqV^OE<pC>2u|
z*QvSUwZ#dXr+~^ciN=;uZ`484GVHu-b}Z8@eY#s5*kinCuA8?=%8Dm~p3mL4b&<hX
zNvFN7$xyC%H|b=Fok9(zUYL3MRnw3@-`ee`pU5a-dUu&iMmFU#=kp1<zDd&5J-_%$
z@$%DqT`s4Y1GqK=vl306Q?cbR-!K3(QhSx8p@5aj(11NaOj1El>XMthN2A8RU(B<X
zd6DTw@$BoiQHs&dMGCWr$}dSSD^`e}!(GFa+C7Dg>w+^wAdtf;2U`w`KeOhpE^Rum
zLw64wPn3sEpVr%%sEcqMcR%>qGYUh;D2EZz+V+gJqKfc#81@DWF(&L=uED7acSC+3
zUPa^q6yEE;KoCw1&r|tv?&ud8(>5%zoG-1z&QZU6)hV%MGA8;WHkj_Auj2ZLAo&gk
zA-S2puBYwV41{aGJ4{c~c!#WSh(Dju6$>FmyWpJFKUU*6ZOr$?m-JIiXtBuV<dR8H
z2XpMRhu5Cs@85MvyuwfX9Bj8a`Lu1sk%mQyw8HK-O56svdQQJ<q-Mn66lXI*mziA(
zV+M9>%A7ah%=;VD;1q0Ec7HR!?B1r5Wz;~wR{d&7v3y6hM20eFhf3U&%ef4h?J5z4
z#qZzKhFWZHtqqS<w@pm@!5y9vUQ^+Gy*jp4nfJP$RPKI`A}m#Xr-QlGp5=LXvU~TH
zXkG@3vL#R8ZC0B|i${3K%)8wTqS6z0MHM;xJYVRVpm>F}2nF}h`p+9z0Q5DP%lMoy
z^57jEE37>@J7v}Tg%OtWuWr}6webb=Y0t?^yh1rwu4hN;(G(a?fLm8aX1Uz33+Ndn
z!nW_xFWTwXmCTzEwhI!wbnYq6o@4n?@i5+z>mmJRV1QjUmmuADsV-?8t+Q!x`F&9!
zS(ETft%zdQ1{GAa8Qs)p4|LE6^Y(}yDw<_wPDO2MMjOLVY6Cly>ODARVK_;TE8phh
zB&!Y^Pz%3%rX!4Pg?5rV>ilYdx~5a<rjuU~XBFo7gpBwn9Lt0o+GCTRmux8MzMx-B
zEkk}FlMYM@zc?!ro~mqDcRO<{N@yHkk%wyD*qSckifWOjOx%`|CpwPRiH+)5q?b(r
zuyCFps*Mi|-6_=7jODj;9+k0aym}cGKl3idz@1W%L4z1)jE$vq-iuR}G+)fuh^;le
zKaShUUD9UqE4?wnE2(^1dG{!46CRn!I=aNlHo-CAy4H#1suM~noNacJLH!RD_(9d#
ze20xPzLC?C7B<(q%rbtI7fzwSnBqdB8x5e~o$Tyh_(X6w=$U$q^sC6vJcFXC&xkTd
z;;&k~e0}0Js+ZkFhhU_|1$wt{hWH<MGaO@MMUh5o0!75wq&w<@R~}Fc1%4Yb`1-0N
zsV8@V5xD;DVPG=<Y=2W~Us3S_w$FC^<lroMwTfz;gk#MYt%Pjk)GB9v1JrWlnA@F5
zdr5TV>DN=d4ThJ-ACXCo7@pfVed+~cFSVR!pO5EUI312IkB5ocMrweQw0Hidj|zH7
zN*TTRdtF){ex=vG7kBPnDAs&4{>`Mj#W9|GeIO1f-MQnmSym?XSVC`{7}XPJnLDAv
zuWK`WWt0RXB5ST5NuhZylUhIdPRZHkDf81Yq~?zVOt%Fyt0@^fFE4jyVqKp9VzJ5n
z;-kp~cf5A3<I6s;BCD!fCxptiFWgZy<0TP&e5=vd3aj=SZ$gi5$>~e0p5^{hts9*&
z>Xp4CCxG`_Sjlbgx+^aV$xXeaaQ$4hVBdXJ4QbuuGGYG-+*<`-tX`+%<JCBw#3ac;
zRjZ+4;tnIibXl36v{zNqZSMaVuFFA<yiYmr<W<qylnLD6_LiU+6@71n`tXeHj=Pf;
z{H1|ePDeUleChs^c+J(f3X`1QDl9*xdAnED`TAl2<AV}yo8T|vbYTT43?*BuY3Nzd
zccL#+Vbj9;ZK`rR-))iX%1!lPz_fD1OjV{-U7v@2Reyn3q?5hqMLb~KE>xKC>EU}{
zoHOpE)7=pU=1AwY{822vsFPzY>8W5{p$_j>i*8DararTs$z`MtgMZRkqhxZKnc&L2
zW)i|<3ZRc=C=4cjCKhU&j@hjmL-&}q>{Jq0-P!o;)M%}=8uM0i_)J7G5w~2Vf$Wy@
zZu|7)q{;*94%-Z|<;a(|t2-`!qUxCNS7}PpH%CPEpXsY4t*;m8rrs%O5Z^L8x3;6A
zjfbP_L&;EjYc!&+JA@c@UXUM4vlxdiu)4Q#i3teo-{Nz6WX%;A5uc`TgI7`fDbD<~
zYu=mF^h+{<XIO>0rZ=gt)7uhO8`QAu-(2&Y^9oj=esqRQLYGu)6^r0gGKO-ftn4D5
zkF31f-5UBq;jd#ksWl>Jd+6zGW}n1IuFXC8Py+BU$gE6Gem=)R$)c8DTT=zU<!bP{
zmh^=uke$H6q9EJ}D3+YOrIqrAZmgv~oLBM6oONGRzl?GEoo(W~G8NaE+!B-&Fl;si
z3(R^iaienlpRTStD30#S4h*heaG&6=L4yqLGPo1m-F+Y-1b2c%28ZAt+y_m92iM^4
z8kR4+TU)>FKf1e4-+uR1zpm=8d(Nr*j1v9Ij>Tdt3U++WrfZ6)47y-6Qj7K7*`!p<
z-;!?3)!&dHWv@8iV<zOFcF*{d;ya-D{^8;EcK^>fnm9&?U=>~qq1@BqHz@KJ`&+FW
z^0Bv!Z=BpUqaa^fYYwU;^v@Ix=eFTiiAle{;aBg}uFh=3hyX3{nu~TTJ`{agYA@Z=
zTGOK5r?Go})&3tJl~9`nRwjMNA}JQ%!ui&D;M`P{8i1Wfk*(Ms$mfU3^5iNKMduUK
zi$6G8zcD5R;q7WKP3DG7j-g$5^!sVL6nq^vS#Y}QU=o$N{dTlI1)43nm2EUDr~ML)
zVK&t@I^#t-XfZMprvB$`1aF*BA+lq)scJ=H5pwW8!ISr<<rbHlIW%;W-(PWUNA07%
z;h`n6ob+A{u)*E7@-u53*_uZ-(IL^txCpf2YQQ5kN8QPYM<{-)I&>GSIB!6i*Nbyh
zOj>dAy*I_16pU5U7yuSqHnvzvNgC+Yk_6Ju`+dZm$WJ1XQJ{f<Kif;0sCpR%KOwHo
z>?m~~W+(~l<Mx-)OS$!R=7=8lCjYscs3%roi%iDXRvKbikmyJ=YEW9<KKX=+O0u{T
zfP>dG(17T4j_*luK?=o~8{*!PKJtzK2GZY)9gln>-KhOopvCb|co3SFxnK;8#c%Qt
zeHp`{E*9aiW&(0ok`koYCSFus+V8D4F)!XV+sT?^XzJXW2?_csue^+;wHgpt@_N~!
zBV52yEDMPdP0H__vM@lhi-1liYO5W$YM1wG(br!XBSqgFH9kQzMV}qD=fvm-xk&Ac
zOO~!oF++bJ=iaco3xKmc@0BDB^p=b84m3pVb+1~TROV9AwP7~+#!&juePIjrHyQmm
zVs<GWU9GnShb|5+w(4vGDGLed^Hb%W^9^;Uggee;!~weU2`9;JlwUxY2$rN4wWq=2
zCI**+_i2{Qh(M@HoGiE2#}fKql55ya)+MmRxel<ml4FP&vG9kz>LiPv$QG3=yPKtn
zfE!=;TvjQeTT0KVsFitEI$qVWNCAcABjM~7;?1bk_aZ0iVv}^t+`X>+^Y=FbKYMUr
zMe&rB#^G=<QjG?<7F>&?IlyIdwp~TD^q_B#&O7LhoYSCf{`+Np@uG}q!a{c>w^Fwb
z*NE-wt?5|U=ZBKZS%VysR0nn#Ho6rJ&$t{&TwhM*8;sxC(i(Mo9R84eZy}$*v-Y_3
ztq2=e+m0;n>lc=6rv+uxU$n0W0?Ym7Jc{ixCD?RI3OTqO@lGYD=`>WA?p%|?j~hn6
z@#9YNJJb6>4P&S#ehG5VTG;$dhh&-54?%Xpc7FF3{Ke#ki3iqS4g9H|!8S_29b578
zetwv2e0yS4Rp+1|$2MQVy=!19PkD{D1HSMQ*gEydcW-}b#z*8JFlH=?L-$n`tsRw^
ze<*90ShN^h9!G$Y|LxUfsx^?GNW6}eh}*&ug(*N3s%RxNpskQbSZhDxiUr%3UX7?`
zGDJ1hz->bEZq4%gGC(ZVgy6l+Vrj@`e}$%0rRh0{_O%LIPS)(>?|pR~qdC!h*(`EE
zlZCJr0Z2Aud6^tDI1$I<D$uL<F_yDj*>ncc{21h74ggfG9?VW3SKChOGOD}fcgpp{
z`@DCcPeuow-<LtJzgp^F*{7@gYS3xYc9>x)VG{l3SW-_WaPQcp>&dBU*kwL5z5eSh
z6@MVsWthPMl5Mu&Il+SE1G=P#qVif&i(ul97hMW{-zSD7^&0$OL)F&8AG34obP+4w
z7y2r6G*xT|wq?N;D9CX$KHPYs17Q6@I{zvx=wWx@@mZ{l?^-u4x5VdovOYTdsu+h>
z1Qn{h8g%3O{dKOa2}%=4Y45iu3?Eyz7gn=&D3!){uEL);FxmL}-jR}Qa+|BEK)mWr
z{Rh0D_j45s{MjL#WIm=R29v~I<F!(KmXWF%2M`K6lw760&3^Ar1QAtb8_)`5hrJ>v
zjq?G~9Qwj`of;~XX3LLzpvpp~D3K~`f<PMp(@yWHw4$Gc3nm9dV(ar0Oo6d?OHB^U
z9tW9bqhWhPo|SuML5r2#lq4DMnwt~JCAQc`ZyYnYc4}OU!yW{qdkfKG`UkR}ux^fm
zDqHdKK2(!li==Om39qUw{>(;75Wpuxh-!47r2F9gYU`6ZgZO)o$4oQYFxnUA?Iy23
z@}NXDTP5o#Utbm4s%bOtBVr38^yLfu_}#nih(TX}%IC1rIH$u`Vq-_H-}`dKJI}E8
za~HdN3<_4$7hB2rA1!lzCLxOD+?+^Mg#JgzWgIFb51HBzAEZb{Yvttm_c!h^hudDm
zQGnHHQ=T$#xzCevXp6_IuY^zFgsFvte&e+TJpq)8!MrKI5>XOKy3i8=&^tHfecLKa
zoY~jtF(5M}lz*nGcwXa-@QL(6&pwv+q`!4}l;2cx1bQmBA)zmKGh$}%Bb`=cvIP2^
zKFV+SApMA^ZWR{Pd6q4qn2kZy)3*DXJ$75Q-eyZ^ovi$GiUSnBj2E?F?Y8qCjwrT$
z2xR-B5*5zn7#))Sk5d0fM`*tE1AXcUkK;%2Om4oVI;t|Ym>%Ja&bsfxUer@C+jQw4
z@jORW8p=Lsd-@6rxLAg-D+;|-OHN(x7q;Z0y<uNuu)P6nDtK66JWpj^_T+=!)@M33
z!oF}Ie8OoBx;J#Ip8hYzl?QR&r#&{tV+Qlo1q|(3#~>5iAK4#4d*X~TIyvwPK2=N~
zcO3=hMmIQmHXrHYtP!K0?r<kuM`IR>?h5Aw-CaPVyTTbZqL&&h_YMM*(x8K?nJ8GO
zQtw}+Yc&)%`(d}}k&z$|p*V$JhN+`g%7P0xmHMioBh{g?S{x8O`Gy?T<`*iXr8Aqt
z28rSTC{K5-*qa;LrjeQ5<W3sZ-{pCf1i9n>a?*6flaiXJQlB@^_e($au<3<jTC&-f
zz+IpHR#g^XTioc<Ze29miR*f<XS%w6&b%9(C`w+fADOTD5NjVan7-;OZ~It^O&=vx
z)}9wDnZ*|AH?EkHo%xenPFo8j`lu2>wmLbXqm#dh3UP*xe{lUKVZnTnu%4LiHmZpJ
z2#|iavl)i393ZZ;JS;P2{j#`HOYZ9!GN<*Mxgx?!1)nk~N^hhya(|H0!p;kn;oo81
z*o?a76JlhXPf=kb+0^4{;M~@WVvK-M=&PjMKJaF^xU+W!5`5L1Nxu7WclJ!!zmY>;
zWK3b!p&9Cq2L>~Er--#Zkv5fgqHArX2W90;4Jzh6cK4r1X61C%QevPdfrz79s4PW;
zvMmLcYLZ^x_=b~cntSerr;glG^d(Hre~A~<_j(9VEx&ywFA>q;5HKegTv7hnNjLfO
zI6SrH_WOw8vyN#+{bAss{}Q*sVUE<shMXyi5eM|Dyc*?701p%F>`pK$NgPY)+tjub
znLH3*A%dHL)SnOpQP2rW%$D}<gNOz$@onJPnW=d?SJTL(Ux&jWw=32lLpIoSjqnH)
z1S_@Yh7rS~oT^DJpNr*l1a7rZd@O;vA8p_Q;UW7w=3w7Gh)AFdhno%3sCMHntcWp*
z6H3^lMN};)`QB8SA4Or*EFVL#S6({CPIg*cXC*y%h&H)&1%F+fUf+08w#Zgzg)3!G
z3<vw-PmR<tiVnkgz95U2+6T3Lbsd#RM5OZ1mHhgi;mVri1tk_mYdd8*Qy~-xgAGWU
zZJ2Cdnf4;LMx_TW98;bc&$y;HgCPJjJ!npO#2I8KR0H-+`@GeHX`n;y#>eux<FuO7
z0UKtDM-RrpJ775V=u0le&vP8-B3Lcnx4q##o9YR68FV)-?sbc$A-s*v&CB*3Ju6_+
zLee1`aBV+g_F0SONzLOXSXnWyaSQc!e^WI+kU&dUT%GKC_bN-5FjbXajnU_F5V|K+
zoS+w8zSMRB?#1|HYeT(}^V*Y9gBQz%WZzRx3zta`o4;LHdyYQD{oK1OfJ@H!c+SBz
zq4chf4r@WCUV3POab|W)?C}plGp@7pl<V&*j-`#C(Vwn9E7+h*`5o^eo|bsBAefal
zh$7>Q4pagAo8F->rVFQ*+xqlDUYd$VITxSs4hbcGxt%Otu0ZgNbYRt~thlI5Zn}=Q
zp2w?E90!)~%$lF;yA#~jmd#Ip#}IM-EsNe}%|t~<eg0eSholieK&Js30gJlwIJiZi
zU*J=0{CYMNVin!}p&ji|70*|CqD>s!xrV`nSIQ*?JHVdoCYwr^>{M{az=pCC9_W5p
zmy0t&2!D~=B9o|2TiNb3yw3?TRQOU(^)A)$7pMXm)1g6<s18plRJ2OjSPaG_iCG$L
z31W~k+t(eV1&eu5C~JX@hK;(3br)J!;-xsh_J^T_*G*NYi>r#r%*n*Fub&#Ggb8Ck
zX`gnCj-vWif9|Pkh)@Z=nuEehTReV;-Z7TU^(nWC@t^J}Gz~(`?^AMRfae+S;t|Ic
zz5LVf_YTALrHdN)M0kfUh83Cad2OTjc;bjR{bx;`>?2cox48Qtto|I4F~=jnoJPNK
z1d(z7)orkNqLDi*R_@n4M3n`V-k3c78cu!ciGGfZ2D3piaMLiMp2}(~abzMdiWKl>
zj#?ZBqiUlMhc;f#v^^7!*SnlRW$qNmU^l~#Pz8+J+F%OPKkLz18k-RI`(p8~`K{QC
zs+cX)Gg_-1@`}~Of`Rz&M}xlJxoVh0$u6%|MNYy5L#q`$n7QYXnp|#>;vc>D!)pH|
zX_*E0K}h|BeQyz=?WbzzNN=VCsoIKBtU|_oJVLS>?eNGlR=HB#o4BNECM>@>Oj70H
z3_Lbm4MAXjtNt-8<MYLE!R5m-28453o7LmX3`d1@9d2?a^#=bJUwt^@508Q4`TEPF
z2#}fKzcfHEm`0bWAU*CAsKnny@kXMG`y4~5nX86p=M3tdcEDHs1BZsNYV&=&?#A#X
z`_I@$m2yM#(&xv_p4#&3D+57_zO=sAp;kJqJZwK8lJ}~jkpa^_<NW2}v1}cMnXs@+
zH?I7}rs4xdgY5NinD3=nRq|Vt6)vsVU_QEF%e|R|+lc~QsSP<Z6YNM((EKNY<oIx1
zd96qJv9D0ZDA1KJU*SzRNHwfKQidW1{<?Q!so<1r+ER5dLhQ8glngx?RKPS%rrB)Z
z;#^=1zVySLSeFPwQ6}HfQOeT}cH9IQ>GpBA9WTNSZkzj)7y^OlsUS=tk@`mb&gIbu
z#xu8ky3}%>6Vh^iCn5uN>6yZnaz`d&ibbu2m;aAfDeK=as#0UZy5nQp^}{k#F)n(5
zKfHFF=@{OC>4p4A6xnbi0~|a%+ZGxpt%XAP2p#EObVWMb-1Bfa#N^JlWxd&?ZC5W2
zb9Vf9rjCIHQxye5m0~>xGk&s(sMPj~YEHZ`t<L1W(P3a11!8bYc!cU$-+T>d`RgPv
z2b5|3{-SI=Io*Wq%HX$}Ul|egpJI&KeJ}k4A3>=ct6%A+aaO=Q_;m?=g_riIf>{UV
zpnTm`Kem+FZ)X0P$j*!#`w%C;V#XLw1JLoHYVt?NXqieXH$o<Zn+RCuIns0ar}+UI
zEWN{=s(}7B&LQ$5edCe~Fx&H1C(0iuI8+Sbl<oTM^WSQ@|8^{Ed)IkWwNA2H;^t7i
zPY>GQmWOH5O)FpHL-6aAO6oIL8nc=lI|9q^ESg_zEw+Xv(qPpc?t;T?`plf5N{)!(
z9B;u{RFs^|oe_xL9h$|wwk%A5E!dJxC-tM2EIEtO+0XAvc8RfvI@R%5)`8Vf{b)fJ
zo*yb|xP$CcZreG2*Uh`8eR3gEtpDIqgH8BLiaC&sN;P1&qDBghEY74Xg7`y$>d2AN
zpn|t?n10CF?0e{-W~`Yk%{BV(lwhLz`n)ekRLyWRU3xP&nm3=em36gO{mx)D5)7Pj
zswvy#w+zmt`$8v6E@$!{$MovZ5W7kT^$)eGf2&PnlzK+PtVyt{3mle{4PGZk#k;UV
zOIHXk_6SRjKzSz~2^iKP*Ni2T<Kw5d>ZJ0uD?D?kkYlA8D>Vn7Xt#>|bvr71K)V^E
z?2|cFB@wQnHm0YL<0<Cw#JaTS8q;C-#+;jUI78HCzc8~@TWaZBD72(B?9wp&e&Ql_
z&TX;<z<@rd&OXXv`EJ+Q6q6@nDxrHm`3vQnS2j~9qm#mj7V~d){^5}9)7?7{owg|W
z(2=1v6Fdq@_4najTLDuNF|K%CZX>smI?$f+T$8zGd9!qToE5)XK;h30zLFqMFQYjG
zm#+Y5R{2UoH+`(ejG;vBZN<%+l%`mAYx8U|7h!!oxg$>9xFcShgJ@DBy<I)#?P2G@
z6&|fxu?0*4L3F7Wp_MydxF(anoguisU#ZdUA^F|%lqQQ2nZb2JgwRCI$%k}&Dd8x=
zT=Df5#Wfu)uWFwPF_(cVFQLpjjwMHTO^ihW-&>BuRtJV89%#1)MxE-`b=#<E7yEVF
zg2*%?;6_gk=@5U^Lb5RypA#)iiy`c{i@u#5xV{s6sR4lTy=h`5zL}TG!&Ik9r=M?K
zg8<^fL064UolBQm`tm3j;L3FpsA4X88c7$<q)~P!rsNtCBDl;V7h=n&BL93?fnF$W
z{A|X$YTn6$Lt7~NxiU*rile!*=_G@<oZ=v}#lhtXV;e|=v_YrrDj!XVR2j9y`1}65
zK*dD?-oH0H97HKIGiTaT(W?yt_IC-I_9Q`sCOVrFfh|_0t3gOpXMq%WwC|GAV%)fA
z5#Vpk*u5fMXx8g@{5}D@Ia?%zY6at`wf!s-Z=k9JlZeP7>x*aRu74hSKP)GMb)8D)
z<Q?rM2O-N3;uiI_Si8XrG#hd=ia^F~#m~OFFOt6DTGsIWr5`;}ce$u|k_v^7debm^
zA!5~utJYMhlO^OP!+{FshT=d}9SlAxh2zcl1mw5x&PS|De>~|7-EzaESg#-@^2!a(
z-=J)t;uI5~Cooe%e3^6#xa=Za1A_01aItkZR$SU-?_Oo+b9rk#*FA_(l7WxUb&?0;
z`wj^mHnCBXuLW1%EfJPrw)yatLFd_7y-rTBazJN73dt-?Vscg-7#ytJF1?pYH?qWf
zEsgFoR8qL#)8E8Td~l<a-+CmOsFy9VsD;*POkqi`@Baz^21jtka1@&sj{|_WJw1_r
z_PxKWHl!bQjuyCNVX*A!ZaDqrH6xBkxWV=-2NtJhgem7Pa+_FQu=$FYoPUs@o?C$<
z<(n1L!_(pYYCb%G|LJ8tE53eSHhs0W2^)i7E{_0i@){Lr5zaSFeyEyV#(EWr4nx6%
z5c>zdw~5patoByNrCo|K$b^L+*)Xn~dXM;p^qjNjgrJR=*T@OnCDa3dmHR-(yGf~{
z5@GiyWmOD=mv>x(266PW^kDqEj_u;3`(bt^^Bs6aE?*SxZLuqF4IQdnkB~-C$(Bre
z6A$urYOTt~+Z}kNNj;hQGgG6i7gYF#j^GqgX(cK5?&{&H7~{Q|jYSc~dmNf~kfkxO
zrRLoY7ssZS^yj_h{x&xfCX8CM$ZM<rd-2&!ajk`{@Ynu0QBhIqa%P>Y*@hcrm%b-{
zt;1TLAA>w4EuHSwBmWlQbTgz{<I|^Pjq1E5j)^%j%<BVP0&=AhPb(&oKTwLIZdz)6
z<AcvIq`QneJSpT0o011Y%M4iEUGrtj8!b_&v$YM}*ZnXChI7C7n)qV$<9=bWF)`M_
zq*{vy+=7fcuW&YK6r%Ygv;}DF9rRVtpdNNKW2y`8J?xxRG^2+H^V|v?8GDXGMsidv
zN({phPZ`-#=C0gYt(Z`u(9SBIW-P)@H9ZU$ymB*o7ByUnwfZuxcvyZQfl*+B7txH^
z`zkH!rYHN%H2L05xt&3P%8+ve3jlU*KJ7)>sHTwq*s=&?GjJHa{CF2vYQVz~jCJ^v
zcK~2}Zp5vX4i0k=sCISzV`{yg&-3wzZ8tckgkIxl?U@=i1Z0s9JzzJQ7M?ljfzbbX
zE$M<)-c+QCMjF)z>LdplI1U~ZV@{RU?5V9LO~=BnAAB!W&>YSg`r^ylWz@-7nXfm$
z*6fd}3Xm|u8`H6lgHDsan0~mVtK3S3AqLpb;3beaoC~*R9y@9rO6Xz1g3cCY8P$Dc
z(#RHxWQ@5vU!|Kt`MqZ4BPB7OellD8Cf}aJ!B3liHl)nX<q*#p!~GB5taDv4vHD=5
z6fh;9UgUL8H|iIVuWFlirRPYG$F~W-nrggErIBz!)!s6YTF%HL*{_1e3t7rry|k_m
z#<J<M+K)!&72{5Em@AgTRescUEMi(17{1!eBT;Muh4cGEmAxv3j~49dSwaHMnO1^H
z3W)_BW>EYjB{nx+I&1fAoq5bqphSk~@N^Xb+z6aqjM5jb5HXJeEA>)4@UnEu{3m_i
zT(?hM&h|nog1iY(81r*rd7T#5QLf&)EdmO=k1cA#iG=AQMEDVOEWu0L-MxgO-s0{_
z>>OgD&kO?4xTk*g*r4}rL<XuFb&vh()<N&ljC*o28p0sI+DTSSwT-emC2S0`_weN?
zuYy{1yn^2BeojD2NsYP}E0t!PE~&RG0(;O1`ZXH$g03TfV~mB3fpI+=rwCJ!h9j$6
z#K@T;+ylY(qHJViR)`+VJtF4xA%EQa+uml}Mrz8^g;FoWhy}Kpo9taxlU|F~4i_^W
zb^QVVhx@j95C>?61bp$~HnZRZ(UAW=OXDK}ZvTa-NP!awf1z_S;ND+og&e5%-w+oi
zP#FDR121Skh!H)_lM=}PH?)!xNRIH3HcSbm0sVV<DH&lgc^457z)S=nd2#*z?-mj|
zkcL48WPJT^(2EK9e>}j50NVeJcsYh3#GR$7QvtdEMxhq-J#!!d03aN|{~Jn`CoP`}
z$nbXpqf|h0{W^Xiz}Jz}!_&{v%7eq#$q}N2fJgxRKihG$+(A_LO9moD008qpGIj_9
z0q@+c96dNW{@wq-8`HobAUR^ONSYA{NclHk;J<*sSXu@M$n<xbMeF2xAOrxw^ku5}
U|1q>RIBgvSq(^BI2fpC{1#dHY0RR91

delta 60517
zcmY&=WmFwo({w_B;O_43?gS0)?h+2}t`i`*yF+ky3+`^gJp>Q#ZXcKXKDq1r#ahET
z%%0x8tE;PP$PR)J?}UR_kp2LU_U_#~sCQN(P%-eG(62u<Z|uWHVPoc~0LeNRlrqHS
zg`Q-l<f`h%=#>VRiy*R|>t#mgIW-=vE%M#;hn5=$S{tf)483v=1MiOvJcD}N!($Y`
zJZ-6jBTs}_k^;ZM?5JrEdEGAIvxEcH_}}3+*<*jF7-VLnGBL9<XGZ%?NL*MyAQN%<
z5s*=xAW1?uf8p2Id#1z60Jz=lR?~3;iSf^wF)2v?<hr}#2Fdem^C{zPG^3<Dz>ZpK
z3tE0uL@iKl7FPFQuYW=RB$^F<_4z~E?P2RKV$_kcjwu%@G=-#E-51#lzlz}rR7*wR
zy%c@3^$nqY!f%#Vj3l;}Tupm1z7P8}Iu)kloN;!5PKBdo)YAFF6$0Y_7oJ)uumMQK
ze*(m=y4*`N2=;DVAKm{KRM0P|_l>`xz)Y}!&A|whkZ1Jl>OUo5GU`mX$Xl#1uu-eW
z82vVq3{kkrUEh(jw(-<W=0;Q&kGg(8T@NULi;(q|js(M99U9;+WVmd{Q1yRAWE^rl
zhG>4FAz&oRO`j?#Pqqmje(0X1XO!9c2_ie7QB1AJSIrL{fUQDC`R2k@7nCi62D1SH
z3_uO3vkM!Q=l8)%kQ%gp1#IUS7V5;3>K=`EGCtM4FUn=U@wpNHgG{jJD>voU+~xoC
zMyCaI5p=$Hd(Rk{4Lb3;-o_^p{&?^QqigM9Dnz7r+Y}ZD!hNDyyRvl`Ypx}uV<R9V
z9h&hnJfl%HJ>9^z5km{-nP^SVaF@OvScF^_<u*c9ZNsUY-x$&h8?ellpq7%8b7)Ph
zRigUD^?q4Y$n2wtCl-%r_Sb0qG%EdBiqQH*@j(evBI3<8M=!(3Pu3*uXD2KQ4Pt!c
zr1Q6#N<y$5#Gb(<hnQ7-&8&r?2@A|h!mfMF==Dn-D?Np^Nqdot6Scp=Ad|c`0M?cL
zL-9MOie$$P<0v@glV4?;gHNA|AoUOI7<4p5uIzRv*s5;04D-g5&DG8b{M%Nw%=Tpb
zy&gcU@K#pW*&_@IZETg8J7;>y117(aRuzQgmiVZDsNsKi`x-GuROg?~4~L(lz%<R(
z4{9%|#<rxlE)c?bZ;G?!X>5MZ1vu)|-x}@LD|^%r)Epe|k0sq~KdeQ%UQPEuZ9!mj
zhlH;;^~$|38x$8LHeeu#>d2U&PiCp8*-vKfQ)nF%-!tJvSQ+zf-pV%a_OV%^-FE17
z|IR3HD!%}cae6&wFrm8g^DW}TnG+0+kQN#A5k6Qt51^F~qA)EL-c*25-k#P)URt8U
zI8AqPSxAAb(6Exa!%RY72%3wo|4)R#YbK{)VSyN!0cUzOXI<lR?qX;8%yp_5qlizU
zq25s-%@t+rc&i_LSWOcAmJ?Ls7&szV$~j+J7@*>0t{|2#7v5{{aW?kzr^v$R&Pgmd
zdgsQWzqEVI1PGpB&yWLZXI5`9C3ZGkYZuq0Bn;%|qU?e^N4t%g#$dVITUU2*B`a*(
zrt)8uPN!AyK}DtVZ&^5QdfeQD+LhhNbU8IS`RZj>EQosYS;UJLx21jb8!l*+U9_rz
zBAqi;rED`#Ep!_nwRyu{F!!tX@!uW!)Dt<OTL$bq4rt*D7bnE&8wlQS>bE~SrZ-kI
zBJ_Za+YvQ3CU{Bp<nvXzYZ%8hFA9hpM?VhAIJ$HQyQz;C(h$0Y4M>+V>`{N<&RtAq
z&AekS#A*$@b~NqI;M;*kD_w8XkmV*Py13+oww=a{)$iMfzjm?A&L?}ZDs7CAKRJ$y
z+5rURgJN?LC(d6gx4rq;>XXo+Wxc63EWW#IJ82=$4GFkoGX@W*1xo0KNzF8cuy2S_
zLmZw#X5+&h8U8^E0F!g#`(>mW#W}acw4pxi82W@Y8X!4;STmJUc|oQB`NJeEPRiUv
zm;+msnn_x5x8{Jn=S&x<kiI2G-kgI7)B<e$k?Vjzj={&z*)bYi;+q}**%jGy;nG$3
ztY1{Q!^(OX+rPHQJ=z*7jdOT3CoG+UU2#KUa8vVXWyDWiN!>&Qi`Emi)=W}UT1>09
zEJ+C?yoN?Dt;!SoFUXip+cSo#u8wF}N^0k7kTT(KWX?<I-Q1a@U@R5`R^ItxtX>(P
zI{^DwNA@I$&EZ%ZHwRR%<ehZ9OlqbA{vV^hXlZzItWeS1)A^%eR!v6cRxoKfsCpCF
za6dx1|6LWf9l7JBdG)U)T__Q--p4KDJ0~x;NsA77<S1FprkqM_D4%;3{`WlhErkz3
zn?qWMFrQYXPP5k7f!_imUdr$HfXU#%hF0=e2gy;bN@6W2vE~A*QKTXj1TsmKDtfHH
z4+8=lz@SsBhcGVBKRP0b=wy9=-4_<@V#5GU`#bsFer=&DCDllck1k7<4s>q`tdA`m
zSIkj};ZoHyE?pz?v1%?|8<qKPQa3J?Ew*>hjsozQkt(uQnk>@w%Z9!#zJ0yh60E@r
zrnko2U!|LOGVACf^p6^Cw=}tvE?OD=hU5r@)gt)c-CuH`OEXd(p_ohMb(&j-74tzW
zXv(u}3>j*?k#{}u;SsRrxrl1g_CLlEc(h6OBO1->QML0Y$+|GM&@OS9vT5=F){7~M
z*Xz3Pc&YFPYaXW%1^Ke0kNtH(nf-7T?x}J%RhwwQ#ZL4x&A4(^qc$u(Ip=~q4Y-U=
z@Bnj?%1#+wFj_uEItINW{-$VshWpiitC?G?NBUR($o~$SP2_-L*}i?RmUP$<QzeOn
znmNS)tQt4vB-G6k@YvRT2Yb#`AC%_guNQCK%+S}1;6{}RM^+!->}mwe;V+;xl1kEe
z!yvyzE)Iep7Wb~Ta&I++Hln<x;}HC{8VqzCuF)XPd3UcVJ$b@$BZ0J9G|LEgc9RVY
z>)N(EJRO&z2nN)Vff=Gm5EWW<n(-h?DNaq*+|(evIRH+<d8qX()_ZaJ;qyk5jLUMN
z+1ld|!dzzDP8pNZ&+F^vWvtY4#$0r+M-Q=W+oV??$X(-(u?x2<s(JS*^w;ySUFg>3
zy%37aHZ;IITk3x*DfwDXKrg6}At@{NIBS}wkbyLlk@aR%&BoBpHPRBwW?DBp9gsNC
zeg6Sh;2(5-U(8iNQe9FEWl0~Q5-o0^)Ya~W%)AKIC;n-Zs?nc!H0_A|ahR2LSpLvR
z?>%Qt6P3#DXPWE`*2Lo3h_AvTU$%ZaMvp?7*M}|<ID;c=v4nJj&>o>Dh+|Yosov0E
ziUfuNd4X|5B*r93p+?CM^#V_;J1i2V50I9^VZhPjYzhf}kK+48^53qJMCyx{?PGRn
zNs}Uv-n@^M@YDZ&|FvE^XzNnXD&kTv9^^9M{s%7$L5B4N_&k?w#q=kFA|g9Z8E2xK
z<$E~m_wXa1MU|j%lO|6roJp58D^5HPKeARew@jSs(D&en+pl1P4GS;?nPy`d6ZgaE
zV&?2EMF#uL_JU8cQ|GIR(qxalpbAg^NYd);heKNG`biLopg3qsw}-{LRniYvR!@fg
zac=N={Ye*}(IdfyUF5^@aXr?JL5)@L7eD@FfdRTOhR=un=L(0soUrAc@qD=wano7$
z?lXiXlY=KsxT~bL3%S4t%el0bQJ1(88zouy5bGk&&!MLHHf`XHgO-+ve3edzkGyEr
z3Hr^&aUl}`1m8x_+Bo<|T<OB+PQBLy8+~ilgS=6z@a@)%Do4MxKGrz_)fyz-9Y7bt
z5|ucZcpzt|H783aeec?^j&=67<8K>&#;pd`RDup>3D8H}MvGS<6Y3EjrSnEDduyki
zcJ5LYc}$U!+kF`_t*Ct%qoB$&^<AVeSb?g&LQmJpwob<?H%CA`?mt;BLlB~#yz>I%
z#XuqOxJOZ_*wA?QmV|oQOqHE3U?B_8II24)%8J5a;wU!1V3b@~D03LNZO2N4oX+An
zp_c*ZPk-5!Iv%gD&aB+m`ow-(3DS8ta@~9Wqw!wL5Eh!Cl}u$CWV%|J4p8?UsRr}p
zdJ+CP(xs<ZPo|2EYbWt~{8I~E=dXOESbliEEQF=6=K0^KQ811t+&rMc>qG4b-wrD@
z492mv#t%m1b)U@I8XHwvnhSsoYGM>fAj!@9Q}mmjmX=~u%?ld#=0D2!9dEr|NA*Y4
zE9FyoT@)0|led>_ERME@;FF47Z|Q2RG{xruQ)a8M+P&XvHec?R_j4ux_+k0?ndH$7
z*adT5bwt|;j-4EEcT|dh+-s5=w1V+VxVXKL)O0M*N&X0UHoYF%eM6=zreqJKd^f@D
z2Janbnqrpf7!}bZY)Uc3>q-JlRn#@B*eWHwzh$6kKrwVgHDN=;(tO6B%^|`gwqnPj
zmYQFc;EEq;J*{6+TX2l=c81Y?B=c1sZVw*6yjp>>_GgvuO=BfbyE%$;Nus%=(p7;0
zYPwL>Hit*}ZIk&H#HCF+G*mKA@3A2pe$fOksv*bux2<TIQP*}EIY5UEk&{qx`p2Fz
z?0UPO`pgbcQ(u&jkuZuf)Tg-Cx<#73e&WBlE#fgZ>8Q#?zHX+~Yuu9IU!De`=M@^b
zGu8aIQ=G#5nKjM!9(e)hO|Aq!+35bdn<hywLXRFwx!ML{+M~JSlgKVz!C3iu@9`xz
zaO1$c!w>_GI3ojd&SyL&zd}{ARRhLXA}_^Um8abuYZD^TT-sn3ns{TctcS#aD>hs(
z9*m^ADp{hf+OHaglIZl8O1|&oinVDf$-{jGJELeoyh0J~`5}pb)3YeCj@@5*oEzIe
zKfUVbR{ZrD4(DPk8vpK)Z*JfVzO(!eJl!J`6xUT+v5uX~RuafRaFf&1YcFp53nX0R
zJ0)e`f;f_M4==%`uhwo)vpr8|XBGD|%LypQm#lj9F_(E8Fr0_7p`yQy>6H%`oO#Bt
zVDMysC-&*zr=Xn~8%=Ou=dG^vXa3oyv8P4)3)b4+SRGs7$5O2j5}&6!mZ!<|M(|K<
zLdcL9vPy<`|3Y`AXNK7F<3S|(B?4QDFUe3lwabeak!m6<a8dT%-%^x$zfWwl<KY<c
zEY(3(-MuoCyG<y4iQE9^DjcRvf^WY?bvzWfC4;%AFbPbpc5e^8678Nty`wt_`BqMe
z(vT_9>(R|qu96KgBnC7mNuz!nDj?ES9oE8BEv*m!XjpXx{x=`}m<BvZ)ax@1%JU%%
zU$@(j>GEctZ!8VHRo2{`p>Emxd?~EF-pRdlkb{E_JPhrbUk;J-sCOF!Xq83bzH<+~
z)g`>oN+W#UsN0{F=4>`-k?Gdv@rP2c9{KuD$3u<W?Sc)xY(i#~l+Cj_+^Ul|ub47x
zri+|UO{y|j1E_motENL4w!r-@vq;&-Nin5MCa+~S7|DDK2RWxhe&Vj6pwkx4`{S~;
zz1~Idwu13@fF+TNoiwo@tm?pB^J8epa)kf1q^Un0)G3%{R-7p<e`Fr?UL%U`kddO-
zb<ppWyYTt~&d(JaWAEQ!u3xyFpH+9>7NjY=e}kBXGZjC;l9@N6Cld~XJRS81R=lx}
z6clI+ec~YGl!2MI?p|6_QU;4$Nl9-wjrh-6fj3T|kZpV)Q=01Yy4a$B7K@(KabguO
zn*u#f4LNX>lrWVRd4?ku>K4V+#kXY-r&{H+F^fiU*^38(NK(g)+p}a^39YR%Bnqn?
zf}%HvE!q;A5A}w4As7v4npFKk!TCiBs+r1(aiKTc*d}T*v7F&-8T&A5!$3~)dk8u!
zYOw!tIxhh_JZZ)1lKfXP5Q11OUU5qN{O~e;%S027<u@0O2oSnnjMD{8?*{x5X!%id
z(LG1k`7trJC-9v0QQ-OFY=L@xR?@W42z?E4VYxg2qbAOpt6L5uv?>l!_Zg(yV4YH*
z`cuFJu2A-~R7_(YFxd>!%}lD<RCJ*+SbGb}TSThjHXo?fuAW{Ks(RXC4e|K_3-j`Y
zw}Ykhfj_zQP_Dy)1mBgBL1O{LaV~XmqGL<mYd?BFcytque(KbLLT#JFf_rB|u&XEP
zgBg>TFZ$AJTsE3868^z6hStO&V@Wf0t@JCs3N)~33Mp1;l>IMt3Js)Jfw0P^L4r-F
z_`zmdqbZ~=CiVkcMKqzF4R*hQrpQ35_J_=m*DwCZQzjz=N;GDL1L`>xR)$kFs|oRy
zOZ&OK#qAThrgbOg9R-#JOn=&8_eUXcG6t<ZJZH5(?k8XxQ5*&79sA1xYmIeWl5iD`
zyfes5jhTg$mnwjP4x(uT%tqdQlg#ANud)Mb!Ls*bq7{oj1ue|&^Co`YCTInXNC_M|
z8Ij{WdFSHV3fHR}!8gXuzm!F`7p=6okJlH5GBMKi8hSWYoyT}0S~=LG@|aZD!Bsg@
zcwfCs+qL_Z%*tMFl=;CEcx8-J#n5*gdQJ{h{2Um4-cQf#t13K=FSb*4glmG2bC^FP
zY^X4+L@GbwdDNJNDb>TTqmMw@rjX=orXrP_>0MRpuJ+T$qF0F^{)K}b!GUb`vi+Yu
zS}kLbL63iC?-={0FlR_^!nPJ9NqnFhv)xa~c4l@u+5jaAPLoP<HB4_l1y9S0YOi^Z
zzHw`m3+ZuqKKjJ%O1q`XDA$2RzLoj%qo2mw99tspFWOUvzkZNSdL)mW3qN@CFcx>;
z7)rk9O#NfV5@l;PQEamw+Fv%iG8&`PH2=OAL0M3h1IlHB!v4F#qaC4xd&&k^CYU=r
ztLuAS>NCJF#sHE^&0fjxpF+3CSEqE8eO~=M6drz$HG@auosd;inQ(_DxJYNv0rI_N
z7o)Y*bA>l7XF^5BY!zJG`i5yuPi|5|x50Y{aXA0CGx7@=JhQ|oy=SkUvtdOxgz#<;
zn-FTebUFS-5q!cJM=SRrdrfdz2+IfnkH@NlX}UXF^^0(@w5ayzwii-Lc{1eGoCfLW
z9gj|4Ov>>YSjO`Z`Y}iDHvKbpIjM;CoRr&)HsU`L0}=(+RNsf4RaWvb!hkPCOrF}A
zmNZ$=iY;TB*2TaL{h`{v1~cCh7venj@=ta$tsTsjWkT*X<z7$?i|b8Sou>hgwcgsQ
zjH77V!f_W@LV<SMhkEqt*|WhQSHj3Gvb`qWXGj_6D&NLWaILvbk*JB7v8Upyc_pku
zc#imC@~^+a{JZZ3JOiEDWfs5tUiV!kNYx*#pgE8BB`HeQ-HLN9!|cHxb!y68zJ{`C
zO#k>eEl59$0}%9StcGj3yFPxNUK<Cn=Pe80J(h(waXlofFkOSvS$y?_@e2K9y5*^U
zuF+-r*{axl|Ek-1JHiw+rDlKO_f{P8iP!o$V+Atw*jRc$MpY8}m=iu2UUx*9TwQ|b
z>|WNX$IYtre|&oE&Q&I-%!%P%SE9~IBO#4cCO-x+84Nm@{#Fg9)J;qVwJTWT^3}k}
zs$uzex#YTcNl{magR6y2wTAxaDc2FWHaRCD2tfvW4kPO?IyNg`52IEaoOZsI3a&G*
z;_c}4`F(toSw=&=9vViW(;i`Zx75>+6-;$vbkqVuAkrdLT92>7b=59}_jQ2YQZBTr
zq5qCf@-*`udTHuo)tpUF`e4+vdr?f=owR!yVBzb1>uyaaWzSxC{j2}!oq`Nw?qb!S
ziGom6|FMTfbS~Hhq9DO_ZnpYRA%r*ZH;1|7Xa_x={`B%#6KJa-JZ@=ml?!n@KR6|M
zKcc$eqfT_)0!(^SN@Vq=p9(~|FYYqCuDEt06I*qB_+L2y3w1bj?JK$FEvsKvKs(P>
zkAjM0Ses*vgpj=mwvbXL3Nk33r$V3<%Q@vlo=9sxn{M56Z9`+0zJ+S&SdVf<AS^cm
zKD^aR0i~)U1efAF1yL0yvg}fcj%hKsEI>l)CM54mZb`wooMzre`1_Wb{~7{jyd<sa
z5@~qLBaU$2$3Lq563t#o%mv2pa8o~#y4wpk=Uu~}fe#SXrhr}Bu1DD;D3@)l{fp!U
zU!SxwLYX1dP%Ktnk8!k+o9+30+fYYk;uNOzo^d#ra_2MsYf}gOUsngSecL!w@=RY=
zpT-1nojadQa&#WVI;to6JEpI0faJ&8v}PVM>UWJPs8*!w!`to;>jc~^#d3NdDN+D&
zoW0K;EPl3xzpUF^8P{H1T1&Gs$!YN|I{9`ZGb?Wo+YMr9b0#l8_U!t@S!1%4vAOom
zM17)hj%kzzBKL3tosf1Cl4^Z+PmVWE2Ld=Fej9uBv*oBUFZuqH-s@~exRElX7@;zx
z0%+WT8Lk@aWQ@{vy@D#SgeC{Pp^0jZoU81}#&ob>gv;N$#1z3L&RbtHiC}s3sH9UI
z5XycoZ}N0e7<Hyeyk`*z8J$tZy{G2@q!d4ft?7R$2}e^pNhk*%pUc&M-sP-NY0P<(
zB~{h!tI+>M`H=*PDgmm>YwLnZ%0i<LEE$bkX=PJ4=Dn-jeR;foXsn#$_f?4AJV^UC
z&p<rXqScoKdF}A3G=@VyOrZr}!=L5Xs}}DwOh98gS0We72J3|QZ8@*1l}(8OtNn2=
z)C)<F!n{~ZJwJ(IAi{TUr)Emp*~;qI3N?bN#lNCX)zM;$S6m9$3*e>3P|{etd-2>J
zlI9Y#VHLywEWDDmE2mlEM9Yfk5ehcbRM3EU4sl=v4>W$D!xUlZ;=>(B@R~=?NIQp+
z^pz57(WAQ>wUdCm=8t`{WWeqQB8$Fpx`-z?hLXa(9U4hw2Fe11+F0RHsRlI~bLZ?3
z_eofzXHDdbcr(py6S4QT6@Ft<f5ZGKG*VNt+(NDURi+TjLk>oZtN2o|vmDAp5msKO
zjs5HpQyOF1$9~3|!Pd2V`LlZa6lOQ0_N1TN^l>}f-dzm%Zsi%6L`8uc^>HvQsipDQ
zH7jiem*K%W3*(_1UP)xqLkDsz*ylFy2>}++FIF{3df&r+y9ZESeELz&#2`p=vRM2y
z=|19-=6FfX=gOPYK_IU>bCC2@AEpU)7hB|`YdF2S?0RsCAY^{QXxd{EdS$ERX5K&3
z7z!=jML`E#(V-?<b8%dCT~h@t<fbY$2(v-#Sw5rarE1Dg<`7S{8hMYcwQt#a?fV}o
z{(WqwEADHm`VxK^OY7g|^_;^=i@8%3k4LN39UIN+IZrOKEXQQOu_1y4fAJFtCY-=?
z&IqP71Ra@V-nk=ogNx0{@{I8%xg#Ai0L>jo>&J^WD-T@g_{r_TTt-N!2_{1qJ2uHX
z+Tx4P_n`Bp%X1Z1+k&1ytsyqEu!F5!Cf_ywyi=<B07dxGvB(AeBho)aGf|0NM_<0{
z8ZThMv8*8EvJ}4i;YxhAl5<qKc+_IEZXsBi-fH6gUtBA3KIFDg^#l;+maK~~?j|kM
zCM4AbkrG$UBIs%V#48`+DU2-^wZSb_l3y(Tu(<OImfEvhU`Jcs!xZr$udwU5&lxYg
zYl^^y%6$LAlccjY_}Ilv0KaMVySlOg8y+|0blwGlwZe$(UpxYR8v&zP*vVx|n?N#k
zn1U&W#?+Nl8J7a4lH5*cTTM$KlaU+lzW#6C@t&23gRs72?Bgr+jRrsdd7TST$c34i
zrWjBf4Q@w29h@&%Eh!TWt1Hs{)(u)$^SQV+P%F_F)JW0rxvmEuZ=Wj&$lw4r+GTxd
z+^bAi2tEgoIfic`<nm+-lx@|}%pV%yN=Q8I8-S)_^?+()3VfG2XrjCK8%N=sJW0m*
z3rqo+CF)p>THgvpKv_m5ALHTIa0@VsYl(TkUfR?=d1mg}2PW^!fm7=QrhT}f%;+=}
zRPKfiE3{KAy-j|Trs99BD;dGKU{m*+<T>evB`PT;wlWjbAJG1(3UsnI0co+C<%0(U
zxGvcL$x`;b45alXBT%nT-5c>pC9xuz^bEY8v}vz}Oc`6gem1k|@uXDO5Tu1Z395{<
z`$jgPLWN28=dgR}c@fFOgSO0?EgFqyZ;YX_Ge|i_2z`D3AUQ=dXeGyw0Y2RD1IF|D
z1a!DMv%wp#Qg?Kt4+CgcF-pN=C4bxs>P98#9VNLcX_Y`K$o*kj>;dEZ6gF-ORbnuI
z3C`_owM4Nhz0#}h@-a?=^kwC_;ja4eQXrA+;-D8cbxC7q08SNex_@0lONeCN&~V}l
zM>1|6-b@+hHI=mJhw=09ngF_Y%bBO2<56_Wja<Rr^q;9o#N`Y+G~B1)Rmm@Pe~Oq!
zjMT2Vd&ibEN_FBI%&-$wQbMTo;-$M>DF3HJQeizsuD$|~>nrf!K1q-c{*iak;Xl#v
z)KDJ#S%oRI6KpS=1Yt>62s&Whqpk~+N47BI3fBK^g1n>wb~WNqrI9k5f9Y-y<T$f4
zKg=Lj=~(kbbZ1t5bM+Qyst=`vdjrEgwCiu0P|aUY22?EdQ^cgqs|E_k0BfJ8Vs=5-
z$0Os1ow2amyVU{{Pmia|VviES6M;;n==R&nv4Qimq07p}M-SIW^Na2Q{f>oJ=jXPk
zC9mhRb-|_kANGQc)&ds-H^A<>NQ--I6X(l?e%g!MkCwGZFW0qJ_cfP+Ao+o7`-`dT
zr=g>>ow2lt>D{d5HJ`nKy@Tl&{wwFlBi;*7@69ZTHn)1_5#|^9;}hG=Ro_B+LV@@w
z*Ox`*`nJ2QQIxZ>g5#H)?NZq*ZK<rK4*cZ@&_&zRweEadt7r4eCGh+tUAeBFWnDAz
zxaPsW3aNBmDu<Y^RY53_3}NAJ@wk1<+VM)#H*QWM^{xJt4wl~1-?t~EK$i^jk!m>#
zxy{Clvi9Gjr0OWsU>DK|eC`n!`QIK5X64o!v(1#^z*o=3?wFOu95}N5f}j8wEKmAe
z9NR+3qtt>26nU3Wd@DE=sCSK7;!(`<CYRn9!zfx<!B-TLPb2pE$&_CWL)(34u@{E>
zE>R=PrPkr(h9aR6E{UcZ?d*C@1}%km;F=PmC!(4rZqc#qg~QF!s=FmsU|?Sr&hbrq
z=NecFBy}tcAd$u(3^l_mQQ8U^l*}sey&S@kSOhTOxwpxWreiruLZ`9=;T``%{HLHu
zL%B+e<Q^^QT#-EFZwO}$gTw=N9Rz|A9Ah<InxH+i5^H0AOy$_a>0Pd@!?MJ7KXm^~
zb6fK~0gyeC$WeyQRCY;4dZ^gKCIdyG_WmVnw?!uWPdc++HUV9idMRU1eQ-yh5Y{8H
zCLonFwWVbQ_#r5en07R;J|Zsb?R~s2+!NUR&D99<qTHzLUk<tBAK{F{F=yVZVR|tU
zEilcpUXmy3suiRBJSE^=taA2Ap{JkcfAOa>5E#%XRA-+vEYD{qoPz51f|jH1leZ5X
z4oaoi9L&NBl%xT4K|<FO1|Yv-nMmKwWFwL!Y-w6SY}X-OwNrd-)So+PpP6RTW7z00
zdD5&62DFA9B}~&)@htzHX>(K=%l1UFM{v!3QU2nM@@0y$nV6yhQ*<vpPFc83AWKiT
zuQb(cq53~|W3|aOcUcn2URKZ6AcP~d08r$2Cxz4FGS3B5_xGSN%)4qaPM1@C<KHN4
z6IH9(JkeP<=Sb^BPeviQg5%Ka0|$TWEv&%OzOq??O$9>_f_h2XMB64x3nj_9j%2Hx
zZ9|UG_w6}+Wk3Dh%1(+%Xo*S-uve@wMt$8%StTzC%=|{{Ur}^`K?+fMCHhYd_xt#*
zp$d?n$M@;sFF&J#$YUs)JT>&$HUR8t?9Sl~=A(GHicxu3bc)}pat>cD8ZZ+Sj&4LI
zI>t(?etclPzW5Gt4jQlZ{<S!(pyP%u((^0(+d8X%w)z>uzi9h<g&5v5h;0ME=9y^9
zl$0pFrl!&tn2i0^yvWNrQV>d+GgajZ^%rWfmd+6NRNF*ep%yNJ&5y~+&wI}uJ^6@=
znXYU6?03I>Y_r~T2RF;R7bK&VnL?6UGPEk=AM`s<t9;qivaPauNXrc0dbYNksnMG@
zbZVzL4E3mv^IMx_2$|B@47C-zaryn()PZXBf0t+8-9Q4r9Li=yn<M5}Qyuq9U(`+4
zAxE1y1VgtHo7&S;G5z&h$bUP<=mKNfsnVs;SIJHS)f}97Y{vEhnsVoC$Q|2qz|k%}
z28#?^7%LL_+@LkfTH@l>o|8_%k}EXVPW(|Kx^O>`yMWCqM$!#X21QTOsA2y*+az6}
z$u%qu7cXO(8<6l&rCi5H4-CI&s*o3|a99oF+57^oZSr4x6pmLKt~X2L|2mowmmr10
zCf8MvkQ72+Fb(AwIipCPrn+z14HZ?lld@buiaiZBts0~WM0&fC3GxC`j-g1fI2=H%
zrX=o>4YBS{92}DHF<*>*4v46QvV!`LDPh>d5qqeLK+S34gz=3a#r}lgU-~le<l>gi
z+K-e=QxXLY`BBRdl?v|4f?*1MS2?qWsdmhKJsz{LV^_zKci7l{5RYFJg!x7Dr+%-4
zX&6pLeE-v^THyf~ZI>h9DM%-+*%p|*u#aX5UzjEwRsVx>ISsFI&uP%b2GRudE2WEr
zpPtCtfa`AB8-K9r<$BF0FuNEgr0yzwCEOXb$PHc+n(4$A9!gSYk9Z%Cwi(%Y3Xc+#
z{sFX>{pa8--q8?~c5u3;Wxh8;U&4W8R>omsFLztRk*$#pHC;ZSVkB6waG!(MxuS{8
zAwhoH7p`fKo{RQIDaS*r6o-YYHIbR6G`->XqWYjKr6i?vRkl>XKy<8_S?GqjXnzx8
zG&E9Cs?s9<^^m2ZXPLxzw|vTwne3uEVx>a_pn8Yj<NqMpVYZDv?{5MSeE7!zx}~g|
zG$4{vhZsm_A%5CBa;>#ec^PQoeKOsRn@?>ZYYU}^ek;R6unpvzRN{KU{@;@7%f2Ya
zg(gr$pYX`4l)@;Ph-uDPE2_fV-6HTx{4Y0%qgqv5T%s>u+6dgU%k!f#mj)$6a7h_1
z)4r$9-!mB@pIltf>95tmO#qIJQ8XyDMglG4x^^!*=MwHULtFM1hl^Y9Z(hA3CR@zx
zUXlc;PLc%g(TJl2jJ2{D%LONhT5Zs&X;b5-)i(bSM#ThKa|shL{m*LjiC~5}iv0=0
z%+h?zm+jnnx&B7BRnJuz5kyx@shp6-d6w=%z^aw@Y53aZ0+@XWk{^p@yVZ%>Zgs@L
zWG*bxo00^tV<216=j-S#jzJ&%P)Da>M(zGJF#tL==A)73pvQ#8iN-eN01YQw4txGq
zT@M#e)5g|&EewOdqeMQ3AilXey6@%rF(0P}ozFjcp5BlnGJ-WNJY1NNQCdrVv)VD~
zYIpJj0&!A_<_|*iKJZ|nWJ<&Am96W1eVfTmz0ZI}MI*)UZR-4@xkav?chEd1O2<dq
z{2O9uSnA7^XmL(x0bCvYXUUIF44rQ>0u>SdPV{){I7D4N+msMalN=9pe?W(2ufw=T
z#GK|G;RN^h3F7tYJiBq6XUHE(uWp8I0Pp7-lMwT`&?CH9m*XV%xcNazl*@2<ytQUr
zY=U!_hVJ|sTYkej)$Z44$p7n*(|hp8HK*6UHYE0QhlM77*I!QD*6t)j>c>^%Z4oU&
zG)dQRwDO0!`}Q%KrD0y7zvoTbT!2hCLq)?~HdBod9|<)Poto=KO_v0erkW`ttXgDL
z>#5wF9%eZ3@Rz@{5d7=9>RP}UU(i#=j%rBcXowO2UY+4YuGVxcH>ix0+79`|mhFo8
ztD>)re%cF;;6D3z5<D0xV~{EjgM1R$T`|9GmRy`T2)krJ);WbyCvGY;a(eLQ0k)<j
z+_@AQa$>+V4}E(VDC}1=piuC!$<7}IAD*D3>X%7=)S>EMY9KNpwd^+Oxt}qJmr%qs
z(XCHUddKQ}?uhk&lXxlvian<3)N{wzV1tBlu!qRy<lR1g6+T&z0#`EEu6Jc5gUQ=N
z4!Rmk=T~cI{U%CRXtcMEK!q*e)Wiz)1%8NY<+W`D5>cS2u(Q5n`4YvRsX2Mao<wdv
zxic~5k?`!YBdcHp6q#sS7yuaY;XQwQGhZ|W-!f|K&)U+YNO>`|ls(ja_|H+Xb#9b1
zm<Su4&3t8r_hi%lqhHt-Ga$|BJT!qeaGD|I%ttr}O%X|if6i6@78uPCC6zb>5FDG1
z0qPQU7viBFZ7v>SD=y)o%y3WF9bak<xHc3b=Z5=h90_w6G?69eUedy8B8t!<#@tG?
zeK;>aT5a)s@v|8Ozm!sIaYO(E&@pFj(jGevS35S;v>Co1a%|s?e~)JW(rEXO^HGZU
z`=N`U5t`qiO<H;)4={mCvS0IOjEY>*of;ZdS8=;8R~7SWekm{)4Q$xP@L$i0La+<f
z7uiMn*INe=MYOU@`=9ILQpS)?S|{g`(+MUlqfw<yfNkcilWd11`Sx~nub=oA=%M+a
zs4mj<l_L5mG^E-YD_v{PN0)ZLCFA#x+a<5bco_`n)DLScCyUXn*W6TtYKTk>6Dfyv
zvP+zFUFo!92Vc|i^1BZDzv=k=y)aTIp@K%ePfHr-QiF6JlK+=4F5LY^ldT0z$@K56
z3|DVWfqd+}k+=uJewATu?}!v>E1a?74&#tmy~q|iWr<T2ewH3WH?WjR)velp2FQSx
z1gK#hDn*k@7$ktUoHJ{pc@Rl8#MAviYLqaKKUBk`u3H?&5*AT?V%5XU@}Dls;<#1o
zq<Tj;xAY16V6IXWxGb5ZdRqR4EazbUUDH%<o}VWzsUwPPB8^TwpyNFo_G2-OjcwI!
zjo3n=>~Fic1-8rKJ<?1-Y>!0JyezY@o(=1G+Fo#~>E2VuY18iH($$UjFjkv!L@?ix
zwv3_w<0qKLiW~;WH*B&AnC(MT!&Da4m0_I?ma$Y)T0$CcB2vwznVM=vE5}IRdDqyz
zZ}gW4|5p2~D}y|{+lY8_yx$IYJYDcyTn_jEH)z0S5g?4q(}C#U$14{%)E08_#jlQw
z4u_TeI(<AwCi(VyIivQdSJY?NaGp}KhK;zLi?HK{I4(1AB!#8Yy+2?L+Vo;DOtB}P
zc3M$)2bIL50?<9ebo9?E74L<HR70U`g@FdI4UNTmGu-@hMOi~qhMC-6HC~v59vJ{3
zu#YHa#)ZzJ7dsPcC#crM$fg?@kTd_St4QIwWCg*!tQiJ&<z`@AWH%IYOw@N1m4qM@
zi$Tw92X3oQDT|&mVqgG?L?#4>63>E@-Aj5rhs`b%#i%u@0l#qOww7zug$s>xBmM(y
z2&!Hr_^_tfs|5IuLJ9nHiJI>94$;Z%Vp(Rz#5E<<>#F_1G$VTI=}BcMISOB+le>lg
zi{*E`&k{1o+vYsmzftDEhb50?(;ZF)(C9Gbk~ade9qGW7HG00GL%QeZDpBXjKh1lx
zbgZTK3Kybdjj*g|1?^cul`q6sK;u4D&2X&~0OaA%s(JlyUIw0f!(!%u{C>0;oatt2
z*kT@~RQ49lS7RX61p_KEujX*WU;?-rTh+{ec0lnCQuc!2VOH<UT!+c{$*h&M+duNr
zuV%OI#2&o?6D_f{ccT~$u=&j!4&X+nM+H4;jYpe|uFfrYJx`3TQHVDH;nKtA&UTXR
z%c;c$tVr*uK>5O;(eNpVGqrHky1NMpB;XeM9nP`~XPqmcbLscDpo~w%rDlFz|G1Ch
zg$-nx0@%CICc#V7m1gJs>LL!IDm^6$8L7-m%c$#V%=>auO00SmVSL%Ui2k*FQ}s@Q
zD~s-?$PpJATw-_vV?%9G%5t$p_XpQWs{=ySxU>>Acbltc@>w)VkTCpoZaJ{=W9rNE
z`rb!AUU~SQ;gG7{+CLD^4x+xLHN-$jrOO)>Gd*vaO4$FQQ8IjEx7+9%G%|+8Ok#Q6
zVp%W^v=8Z1DJ-o@b$P>eWHV(_$@^L~HD=yO%XabV20-!a@aN6Rs%M|q%_d1>CBE~}
z(tKz+m}YqWe4KQB);N~6yjh7DCAhZQ5r!%oYUAphBjj_5i;9lNsW13WEugN&-sa0n
zOh)Olw507#Ph%S)YI#$bD9gM^!P?Vvy4R%&*oEsa4A$FeU-C;2tqJ#`ipr<sAG+j4
zc(V9_$kJRGNv5)sxjbf&c1%b&PA^fM<oBd6NqdHyd9cz&XNpWgPU<lVZzg5xy>1i>
z80jKvlI-J}viN3m$(SpX3z%9ox`!81?b`04gPKYDPt8@|aQ?PY67w+%(`3+BBvZN~
zauF^QWp&RQ1k3s(Ya4W-0MHCnRcDMb-t8O-zKqcI?1|0ociXTxr8Pf)l~|th-5!O$
zaqYL$6B~znYdd?e@2=$sHU|n{cCQX@tnb`j?mnh{KfAbJ?>TLpCmh+7m#@rPT5287
z;}dkA3a`947({%za1uiz<!g{f%py3rHh-0Q^Z|=8c0Ax=!RA*hu-M9Vv*Ck9Rhg0H
z&Dm-x&p3J`ARzGgS(}j4b<7lZ+VCP}YIM)`z5}o#jB-7i-jx>w?jPG9f39VZjbPeF
zZF?&VZ~#x_z}ezX->Xbo@KUMnqpU0)b8wH*#z35`kRxBJQ;(fpXDzXq5dUQdpT?4P
z)kL#yrOKLX*r^Jb!u|H<Fn>SIEoGaUcd6IwWLeZ+E#B@;l{WS&U5`BA3~t1^`0DY>
z<KpI79ZFxhZne*NQ)|p-*zKCy{ifNs`8Vl4X{=gjt7`1GxeL)e_<Vi5+}S=`f9k0`
z+LRuVt&}_BkEomsQ@8)s<v`jf<D^O{q1M2?UIGk<Fj%14L4*9x8j5jX(i^*s9RCN~
zgS#0k$Z5NhMi=C*{`Kj-yc(ojC!-dI@yiOfj{DsTU}Trv<PS^7-Wm6GlYMOosI{qG
zMNC9!IO$2_GN-eD%H}=$Jx^PgnPwQ)MW*IX4K5rq_+9Sk0+RZQJ_cOIJd<8g0i5gk
z(uFHt=<qymb`7P9S1#X#5n4v#{pXyM-Lz@cToP>>VqGa&HBX5fS+)FIS!jduWVhX`
zpK#zm;dX!<=aNs-zdd+!PGUFQ1yNIs!b?y`OyFu{&@Rq0ui`?jWo*#K^~evW%U833
z@Fs1Z`y}B5HohpZriGbJNIBR86%W#PJ9d}k;jo?VO*1s4ASxR%gm>u{$?9S*HLL#D
zo@^X#yJlscM(S|v_Vac}_P)E}X}P-1mg5yHF1oCZ6YB<o3O94H_Zc(lk8UH5o=bxs
zj*nLh2b6i`UlN}lc8_6hX9jm&WvfQ{8=wEt8~*@F1FZK?BdeQd%6C4GrdWpv^nz_o
zf5g_#gY+dH8l$$I+$TGlFcml=_7<m~tB;PKUG{Y@Y0^Ev;4;rYrrg=R@LSlGSwAfD
zt=E>XSwHmcO~M0A@T<<NBX3skr^1^P{m2Y%SIhe`^>t%HpWRm(d-bfaU1Ud$J96y>
zu)5f|3R8a(e|bvCmfdBJTyt#{))U8hczW2xwB-ndCnU)2xB`*7uVw5U@42~V)lmCI
z1Q(Qw%@zAGC767>NpWX8D3xQ+$(3plgP+kGH1z-Qw{*&^M0OF&OJ%j2ZRn9E@GS9L
zZOB#emBmNxPR&D%wc4*{I|H$DrqVOd85ixnGl+tR`t9D%DDZk@XQ@_*hKWKQ{e(Ja
zvyJ`N%1=AzL%a{0zratRa05pWoIlKg@1*lT-wiNw9+$wNbIO)BX*$!A(Ci<isn4q}
zQcq6FP--pVT8K2cIdDEU4TQQZJi>)nGb7X|1O*xG^*o#>F?RT-odUVb?k9Y|Pe*#F
zrWgWzcVo4_xFZcnvbQtFp$}a<KJu!~EG{8|*S|I&S*0d|glzpR*@s`Otd<09Mjahp
z?HRd@R}u6_9I%S8{g2RYAaX=*dcZ#nbLM8wet4ebQJ!;3?bDyl3$2ZoA}$PtM>o5g
z5p3Kjb$;#n^&%a~4FO-L0Frje6iL&vKsDyb?J9dZAkiM~;rd8Tq>7&Yvz57ys?tsb
z89X{ZGpoGZu#fWRQaKJ?O9DGo^^n~vdicLU+bukhm`I8KLjw(?Lh%snhyVkl0Bbgr
zd9y5KmpL33Un+pce&HS6;HN!FL1ouTMn1+QO~iKK`QC7JUXb>8#OG*{0nq$rGWlWX
zN24llhV_gLq0Z8UKb>#J{I4;#6J)<1Lg0h%h6Y|=eY!0czyUWfTqsT=m1~OxHRt1#
zI%m^%^A3j$rzH+b&A5+K*|MOUzJB22-^nW7A=lM;UMyjlh8z3=!4iLXz?mFSr2}WV
z&WB3C7(hqo03h=)nD{wd?>aAOw&6m3Y3tZEg0dVazwuI%{&BWe=Tv83WXHL{c;Po;
zO0lpMwARf%S{K@f_@+{%K;K;-35)cSLlx6L3yOZY9vCTiu$`D*wdJ>6dwmyxZ+81(
zZkZma$8NBViArg4cu~Ep2Fgw%LB+SnbpVfJ7@DIDi=uODnPg#F$pqFyOi48Q(6U-1
zU8$L#sXay@e%ybGW_P49i#&~aO>n?`l|s&Hj|SF@k5iH%8hWsm1cnbts>PF=Rk0`b
zVvtL>n?w9Da3Xs|^)UQjFM85oqwVLUVAAtzr#m1E@#bjyQ^@wF@!hiiT2|z@!!^&1
z<)107K{_fFwOSTKA%nC+KUlWZT}nto>syC$$+70`fB9Qy{<jv-$T3!V2OfrvHum98
zg9xJQlDg8CDs^t&(uU@h#TryHjPxWfCaJs_;bb?zRHD|pFiY%jrOMDH27)~R0ZVf5
zz0>~Xy|q+34sowtQ74Q(V$uf)j@_WHstmUEfYh#o(gn$X@ozrHcFoNffmhA3w|WVq
zIa^E>No|{ZJ)bIs;oeBI#M-T|Cb8J<{1(rp%<pfzD#jBz`v{6uE!$=b^~(If{&ZmK
z&`LnBN7;jI<p{9zVu08q+(7E2SKPZ!*D}~88C?luy+@|MBV~!!*&!AO$4$*$KF`gO
zw^s0_x10LkFh6{ymDLd6sgh-1pUo25DP2(ccXgw$t4kg=q_m3UGSp166mzVt;;h73
zceb3ntNWRUqQz-F2c`QC2ebeU`!^?nFUMSl7irvv)rr${cM_z6e2KcQ>bC8)CnK)W
z%Eo%QwU!lf;5OSsJC!My$y-L6wzEPU%Y$_>Ek;;j6I5kbypM2F{^iZkjPEi9sP+4D
zVBcuHN<)R1D?<Wx@-R}V<?3nkkhvI3KGk~JpJ1DZ`*P>`Dzz`5d-@F(NI+ZnKhN?o
zUa6%IYbouVgO*Mx8`!)=50I%Rn*@N6Jj=#IWweKWUyy-((8+eqydCUsKWlulLbrF$
zH&Nb$zUAdD<M3%}G_}N52*_^mL>ELz^|%n{fAaFW{o#JM9i`vlP&$)RY&e?Wkn>0#
zBt@K#x0%E$LkCd4z9kBi+=3YT;+o!U7-ZiKo5ftp^r6@j-IRG@<e#}V=ec!yvmhT^
z)~`nS%7e4IV)AVu^VxRO8V`8=>$r86aF|8s*%EYGXQA~{F|n|+Zp%<gJMN#!c4gIP
zg;ON?<$hP0{%sk~q0_lD4P96#nC2W%e2syKPVmT=M;&a%q9~)3!35NyfGKrKKYX?>
zkc|nd;14gB?W_8*FE;gEP4cH|3)GL#ve~<J#Yj{e)+p31o4n)i3b*8b?eo*QZ(D&L
zU74R-SFKGSQqRLYt0hw#K3{ZO7anPx3G+;zbCYU(xvsXQWjX43*q#rVvIG6;oMZwR
z@{%|71dqy~D)b+-_hkK`^J3b`d(_Un-U#pdmtb#RXMD$-_05NdiTi``ukv|<O<u1q
zo4A^a<-$Vq%<zfOYZ}tp97HiWGIL!F=g%Qj;FRgR@WsO=BqcN^id*GHnmQp}21(q1
z%i^n2JCeRSY7$wW&H>PpL=Y_>?dfOb>}f8~rLA4Xt$vah+2~rc-UzoURMu|{*Ua=N
zc#+mFXMdv0a{P!<=Tq*E`%7)ss8m)i=cs6LjE%QMSCmY?gOgTcErx(L>3x0_gDIlH
z91h5T+9f;daQWrw2bF!-apH^1eQgg8`t+yv3{Kik2JdUSq;|lXD;By}xRgwP|6b@<
zGV`;gHur_N>&?QmRy*)=*7dkuah1Mb*zt7zIw*Z8kng!%ybZFx*r~X)x;<$W1U!tV
z*}NN=@gEmm>u<DeTnE;!3lV|ko-FI7hZ>JHj#q+Q?JUUGus{$MD3c}NDtNuvU-qHW
z`$v#`;Kih^53nDyiFI>-w)4%$XZ{o6LQ>Q~A*X-t%4bN^CQD=B&+)IuokTu-!ZG}(
z14)ca2c(buDYkWtq_RN6kiat1wS~oz)dIj;|0loKV{f&Nlku79@uKg$n1_2audUu8
z;j+Grjsd|zn0n<SF8@kb5g4@R*l>fXO}=E`y%xH#@~i(iHqX3iSbNR{Utux6Yscw-
z?3XI}1mBUTC50Q`lH0odGfvmeLtbeZ{tz7H5wq_Um-p*S1UDF~G78sFn)<p{aMNkZ
z298=rg03;|=lgoHB!}5*LfeqvM2AA;9}EQk@WF7*L?9O1Z$_!7fhpNp+xW%Jv2g&M
zdVE6ys3sx|5!>q1fBwzv6D*{~F}Prj5pxkjb8y^yNp;N0c^v{3t%3T8dD6Md;_#}~
z?{@S|PrI<3dFd%68RDVVG?lB&XoUD1;oE9!T-G{21ol}!Msy1aU|^23)3#15qw0Br
z@jW7pV2uPmFDtAHayBIZ@(+kz%2!R+5nx_c=(|L3N8SNf=WA3~gFxWIz34JFWE}ZW
zO}l}o7`meFYIG=PXc|@Fc&QtS5#;jy{{;W+ugiGage@uMh?eeH99<PIKl~cVN$@Cj
z(m%uy_HZ%nF^F>TSJ?m7gztU~OXX71+5P!z2Qx1l3V`u~G$*W}fe(sE^aYt^x;vrT
z6sEWAAKlQ<e@rb{C+<8%=d&X1T}%5WBG(Y=jr11LJ?ILgK_q4E)fLJVwb5O@DA=CD
zdBiB!lTj{juiMMX=brkCbd38aPw(No>&s%Cxb~}|-=j4b$L;1X*FQ6!@478V%CINO
z;W`0APolPr>Ja4yJ`wV<w3Y|Y+8VdJ!x1m!BaIGL!)6yLeZh6X1bM(><Ypl2Ito!0
z@$*=uV1}U44U)_}Jn?hoP5GXL-IXoJ%gEz;;bxV|>E&Ke(D~W1;PTj0A)@NT58R5?
zN0q13z31EW*@FAA4xo_EOa5webs*E}0RVUr_iDe7Wa;V{%_Mwb*f%+Su!ZZ2$879e
z(`Q<{^m%CJhV}$%rQ&5w>Qe+-LQiu_B*oJF*qrBG0_UY9OK<UD(pdgh5Ca5fnUq6N
zflS#pSvAER6bC1TuCA92ctc{6tmr1lhY!A<-|5Hc4DAiqvXcZnWu`kIEJy2#=;dBf
z8P7)z66YmP9A2yn=|aQJwBXprOLJ&nl%TGdM#RAS9iitzIPe@90*;m7L)?y=3DqN~
z<rP25jjY!v3H#Qa$9&MiiidVH^yd-}h!*QtmDVyWO1^;zbfyO{7G1WR+;Yz7J5qpi
z3IC59Py@V?iY}}JRCDLeuxY#8($mMnqu(wI1-%waT{GK25-8g`T!D`t22Clo;{A1Y
z=?W1MC@}Fy`|A`PlZ2`w(0~!8M4{KW(f-wgMt@u6!7<xaGzn<5KDr;31Kr^7p6}P!
z^h7a`7@wck^t=vVPQ4#qd@Qme1(RXj&Q5^Jd%CI57aw*?rM3UaJ3SB|W}wUQKb8q{
zI5F@N43S2C&nu%nk3^n@MjfXe3c)BR3Mk@Hb5fmEI|KU$cm4D4qjcr1yO}MH@zuSa
z*ciSkC_MsGHCQ<^LgW^il=%D`SHbUJ0+oW4J4PMtwbq~R(0(4<W$gp-z|Gx+{xj2B
z<3qzs;=DbR^!#lPPc*H&W?G?s{^srkJA>8MKAwKRBtb(GMJqbA_F3tI)V~kAwZ2~n
z$Lum*lxe3(Wks?re>1RJxOvk?{yQScw{LOT{nn{$^kdp|A(7Ng>OM3_T2cc<i<WM@
z`@EebStW~bS_PSE48Tc&qAq2@I-W|BIhobPq4pR4ek%|358Hr@`?LtePlr|OstNo2
z&hlE`t4y}r+aH!D6y}4L9$MK4?+41(?Wwh@?@zR{Jv6@}JeZwvG6l4#pH045+NoV>
zlUo!i5B%P>JzqL`-TvhBqRO)Ww9d&wDJ<9y01lh`%`cwwtjY%vJ0itH?)ry}9)C0*
z{&d>89iKE0P@-)i$7f*FbFfM%Z-t*mCW)375S0u%CSJ_Ra8w6&)WUzJL|c%76Mp*#
z2?oOUqrHb9kWtz8vJBN=lo6`b)T$jtyig910_n1(oA}HztLa1N+*M<!__NfEYPb@Z
zUkcjI|I~FnVn2Qnc$Bm{ix9O^*b6IGWo?76pR_Hrfjw5hyFCkOSck=aAD)rK?7t>2
zYPw_}7(bj@r2WCa!AD52@O8Q&pU5deXC5FDr{QoM{&6|#jF`nV%Nre+<=;uJmz}RM
zY~S@FvMZBnGkyJN2sFG?hl#@yz(*ZIg_}_P|9JcEK&t=m|1^Y*WM!0!>```RlD$H9
zR`yO-h*w1sp&@%jy0Ws#4x#LoJ+jFjnV0)}z3we?^M1ekd_Ldz@1I-u-t#)=JkEMP
z&w0M?3xApbK9xuLto~2?e=;?ieebzm-&>|pD?KEYLg;1C`VJqf%h1&7P}kd~B8+H@
zfHL@P){%VIfSCYW?E=1T`$Y#GvwU~MZ{kN{5{-iE++Der9qrtT?&_;At9-I8z#lQ~
zOJN|`Q0yNTg;&b?z}J}?0F`v;9B@RW=av_Og?Lbex&U5ZWUQ(Al7z76npbNaov&K)
zmB?T`Tgq;pg=s9RmHRs(kAb)(e9eQCnxXwR1wyFtXt<MO^HK%1N2ea{YOCIW#L3D&
zkDSfAT>U3_@>{8oj8j5YgqfNXKC*CX-tN`H@)b>gatTPph^!T)*3>H7T+1R8pugE{
z{XsTdDezT@4x6J)HpV24$rAJQpxm8>)?v94-w+~XtLH+xa{D&U63bBOYfa7DN={xf
zU4#vm3J%q@iAFRI{XujsPu^TzZ{VRC)$9b0qGIEo=_$mi(l7+R<t2a9nDJ8C!UDgS
za6r@9SZK&TsH>vXb5Z@sDnbZr#p`sy!c~JeB%;b4rl!Ie_LB{xB%N*EA`?OHtw~g<
zkxS$vw$-=c^u$0K82IbV0&7);q#`ySgW%`abJVW#q)vOWak35xJf`CLzB{9e;e!c#
zaH>#))`}5qZ1Y~d|KR03z?K=J5OJ?#t1w~M+3RiSNz9V7K?l2s3hS61NrT72P6v*s
z8RKAg5wf^(2b+@IeS6ICOLACSw8r32^+k-%_afnT=8dWITg`kCWjw-g!i4lLCLUp=
zPmMV{tEvqssU@xMj@gX+Cs|%e?)UzXbH-Sm=jvEdif;;Yl0+5Ig`4}!?{Xt9@qju~
zLOMnWHAaUxITE&%DHHnh81uPiZu6%_a^lr+^(?=2QEEC%F--5vMQd7J+(@I0PpdIP
zkCU@9FfMLyw|&puY0Xo9Fi`cb6Y^l8hC015z&=zYz2LUEYPjh&!f-OYL6`H7O<WX!
zP-XwOi%Cg^@3o>UNa=n?Kf_mo>hh1aCI;nN3d4cpnxQT4*vhG$dQHA@MThB(M)Ibb
zL~_2%xFIkua_sIAm-kVJo#(X>@V8Tu^!G;%g*_kh4cA^7z;wV5z0!=xr{Xd)43~9C
z7s3J#srcBCXdg%V@Wd&rW57^4s}D`?nRl|O1x4qq-IJcj<HTJexf;xsoSE|M%14sN
zRJliXeb{^{_lyUp_HocY%|eZ{FTjYuEG@ovMtL1RCx0g+!1~?Ah(`TK`Bqpaff}#X
zEqLqP5(DHm1gjh->yEhHn^$Lgn6I{Q;68K+$!K48`V7EkFm|PgF^KHEF&@23n6p=M
z<O}6cL@W0BtLGPG?DZcXbyL~hWaU%Y;*^H*9sxr*KU#f&HI^XPqu@2EnmSLUO)7@=
z(?|=a3z&)V#i<urtK+XfDWJ&oP<1KStSVN0YqHp;8~ff(C`GR%n&FycaSzW1_ZImH
zV9`Y~y4eF$^K&aBp;H}g5j|%Ern+4N>Q|54<qhPzAKH96<-+3<BMMq*Ewkw&BM?b7
zndgjkLd{F8yRRHF^-Qnd{UPSt=8UlUh%UMG;MTVbF1gRLll|W5roz5v)`?R487Exx
zPL#I1P(a7VmB^6xCWo2@U?an7dqi{CW}T<=<)Ou!_DeibYt1a`G)0w}H#>`8ERReZ
zGQ~K}C=>-J6Dd;iL<BGdlcWm{3`{vKC%S9Du>W4kF>N7zXV7$hifNV<H40bn?7JCz
zvh>_LKbczLD8Dn=Hd^J0-+W-b^T|WTbU8HwX3oc*bdWbYqn<xd%Kz?|2WQ6-(5<Dy
zjpEOo9KX(frP{U+<k@-?L1ru6QUBDG=kd42_nbL^L2#Mn)~yX&`;8mUmU3ZN*Mbh%
zY3g{{uQyB;@%6J4oecc^_JK<0q=PBb@T4o}gg8EJPnvlN4%gk*0eb)FF9mnRzsp4`
z9Ni|c7c-Cs3}(g?;?olv6L0#|R^zfZ6p4F|6Unf?;CehZKK(9lK=IS-6Nz+O&K?hh
z7_hxA8hU6|dLBe>x0Z;eMKi8hd0Y`>$V?1N5m(@__r#hj2%gBDmTKq@57$UAk9dFd
zVZ~|UpIP-OCdO-6l#qAnl|Czdy`l!qCph4>T1FneuzdRx<#XQ2p{rp$hoiS`+Tk8I
zyT;os@|?K2sT^Vm8p<7RsYK5#U(KEC_Lff}7@r}oyM8hmhirvAh142GsO_x(#m&KU
zz8^3U+>pByvyh^ElVl19$}-Xx7&y_7AoXp6fj_{cQ%N$CZ-1UL^5hn0!igx=OMrp=
zix6w=yg2_5F2Z!jBRk_vv(}7vJ`tMgU?7<-xwOB`PWC+ig~67Ed@kbpVz|upZlU9o
z1Riha7b`JJC{}qEIh$>Cx2H;1RG%i;9xH4$q<O#4!fqxYA=*={Zfq?>Yk|k?ktnTC
z7fvb}@{;@@4X3cmdr`q`U;^vBc557F?+qE_$@B*wEyNoSTZKxWw3!sm(5Sp{2x;kQ
zd`c7WQ$imDy4soor8jiSWDi13TL_6fm7lApa;YbCC0~#1GpN}8^>2EiVJIOlXPrK4
zLWV$laUiwzVjf>{V~Jpd%q(@dH^Qmj^PW8aTJ1~VmCNzuPzTf<>lOMh0xn1LW#RDg
zi&GBZv5V+_UZ`L<V)2<6souQBw8j%(ZI4*U6%uyIIVjvCxDsO?D3%t<v;8f1q2rZ*
zBegeTBI~?(3wN`y-iwa({NBXQH9f@SAfH-1WzR7jT92{Z5mLijOQP-!h?PZnhKlH;
zLf}sK`Dwz@C<_v6<~Xgy4IH!QZ+)HOKk@4r$1#6n)5VbgV8Zw_ei%Y!sj`CJhiT$~
zEiqeJfp`7+EcUtEZ0n`HW@q$YpV;<MIq6RF`UJANa`0PSKas8^eMaK^m*Av&3Y(kF
z?H8mgPcrsop1YBy5U!pybWced_#kn9hrRxZ>bJBuCfC8DZ+Ifb?c@tuVxfq+!Y2{O
z)A-NW)jYrpQ@6j5sr%VM(TM-$hv@V071*`UOws3&%iWt3omsT{jn6L&%AU8SI8P~Y
zwc{lngA#XQe4Ug|o@QCN9Jbm0V{XB_)l`P6@j385%oH0er!wiY2G<_|h?`d01yTXB
z3U1F!1s)%Gq!Os&+c#i+!GnC;x>!mWSUB9JarbM*>C^DX@wjkRK|$2P`Md!^;N>U$
zS!xdxvNP)|DribhW?Q~(9q^c9t}ULF9e3y1Hs~q3n4COVI<O6&tZ!|M5vIP?S{4%n
z^z$)GmBw%72~Dd<ID>-{K9jaBcqYTvOM=yTb8>-qHx-30r7>=K6kUoH^Dmh=x-vSv
zFj@a1U%EO(xW$yhV{nA@wEf8l?M3i`KhDc(2{)G5y`L;8j#19kO0^~|S9%qPYYC)j
z4al+bPj&FJ>$&pI)cc9xBDnNs(^f_&f!QLL48RI7pWCe782ZADkRWirP?9OGo0Y^R
zt1WTtCf}<wMT6jDq+)3;zlGOGkUaEFz#vSg#@$I&I>KrKI-9Yh6<P`rS3xVj_%vO6
ztl}f!<AXSRE}*eJ-If&`)7qWR@dfaZn>SPI&QdykMEGU6Wuzlu%$$8D$>`ExetUdS
z!FkQ<#qeV`SY(}IUR##C6YlH)K)$!G^ifV^Rkp_J1z423ONiVi!KH=yeBjgL;!=c|
z0=zP7<m16yBD!nUPr@un1kR%N-PhBju6=O2a=#OsQ=uotikOkf!h|XD5@S}<1w=x<
zcn=VscV=pclf;UCclHuilR@Mg(S;3;giV-I+&bkRIt@{~4#nCcnurMC*gZ#xbSDlA
zEimzjA_H$!zLU-@_N47O9?_+Z^ao7x1@9CerY$|cUciQ}>R+>o(91a25Roo_e8*&W
zS~IXg0f#{Wz#XEg(^U~!?Cc&RD+I<1B0-h2t=n_zq!mtuUiW!vgmo)zP(SAsB<Pu8
zAs%-5XjA>3E%7ZQp-VNk>2;zg@+wmqKMB8FHUa%cs@$HPy^3(7Y_$!&tw|o}m?4*J
zH>^f_haoMdxMYqDV1#xfCj7-GfLRcDE_cVEMOyjY&3DK<+^;+b?<kaNxkC7SIo5|h
zA676)Au1z1)qg{s@_F4`Y(Mii%<V>F#lFwuz3Lrz9CZ14K)ynM-3{*?!H;sx>P+J7
zM`={ETitUe>{7-IzfZJk2vz%bHpdknP#he3HW*I{>$3h7d2zG@2aqzw>3sWe;Nc~?
z3}2;VsDqq?JQmWOZ_g9HRx_pZkqf@`S-bB<bO<+Ngv9elc1%45mXu{fau}33yQ$1b
z^*XpHOzD{AI*;5!k&M)x7+X=|X85zbp`)E}FFiPwheqY$BgkS7KM?WC2!H9&&5}V!
z?L|P&D8A{&3EdSEI!9*dm!sKC8rH$%3!}ka^}IXqJ`e<~OZ3;>^~||T>2U|9X}Ucl
z6}Ha%BFbthm#m>LZ|>B(ikuCnb6W)_Is9TB`S;|L#>itchqej{a%@WQu@OPd`9Vd&
z<b&e1SY+WV!G*qWC48>nbcF-sWYpi&l`wZ=L!#I)=ov3(jXvvuNt;O8!E4=pQjwLm
zBJBo8k9jPOKl!d2$$~sa;%_&g_w$NkIboN{z{cMkM)+<j@&wy4g_?6@SKCrs!cJ&L
zm@Z`C3ux|GNk2tEfz*YQ{#g5>b=3xE6#J5`Hy~1>*S;yBei1*#`Nf;j?%A8bO|Oo*
z!gk>z0XNm5v1zS>mi(SMniztRwMmD-=9^qNoF<B!3RH|A6XD-SJ(fa!hi+rThNXE@
zK2(%g=?hu9X^~U)zp>}E;wV2_OJ$>5X@&a9Kre2DfBe0Ca&8}^)OWX~jUu?c@^a1r
zGPh(hBfn^>Ir+aGio?XFyt<?Ay@*quK1E@ohe4<I!sW!U`^`BYDYBUL-)6qWVc37c
z{z)i3-nV$8^a_L=XF?iGlYBh-UM2ZK9v<2oTey!jDmxD#9gd4ZNl9yE_0%UL_O-Zn
zR$WTt9fM%YM<=8-)wmM@^9~1A_V5DCINr|A13Sk;xPvDtN9v#8fy12Y!A35guTgxG
zWMt*ElxcEwEbMPEP6<2fnzM!oo(oS9jSin23~~v=!k{d_m)4yb_Hyc0JzV&EY<sOp
z>DKW3;OxWIC3kWb7#d!<tPr*_D%T{=Gd|no0Qf)OSJ(nB5JYx$D!CB0T4bKVt{o%N
zts@tF?`w4$)#n}$u9wx|VJGamThUW9FDJ^cs_xYxFUDni{<8q9UlM!a+j~T|8axC$
ziVIGB8XK)QS^^ap^x=9ib2--if-H%36wC1OoSMs7X8A1Fd5)`{sbV=egtJ`|tOf`^
zGn%;e;k0gmKfQJT{0#}7^eVx@$;LAgs@Y?x<4T_N_TDQOGext<#4EztrdB^WeD={a
zjChsIgD{F>xY~Z9Ih#uXB-(vC(5I^A@Y)FTda%BI8Vl31FCtocz$Wq_gBf;9kzvVC
zlAUYv(_No$6Z!{hfJDs|7upL<b@H4x$^xdglJDIV?WGQrat!lwoxT6$hWH26eR3lh
z$3j_&X$Y=<xFOSJtn*q*Hzaai(DtzfzeJsN+>J1A?GTqpL46F)pQkJ%FC+)CLj5AJ
zLo<S3d^$99`pW6fRYZ$gbjDERhtCu)o>v{7$<qx07B@p|MQ8DBj%Lp1RVIvTw&bqi
z`IMK6omTp)c;P;Suj<tz<QgwU4Bn=xq``27SeV$3pG%eTp=Lcp6(y1J$r=Vto#)EI
z#{EjMzD&AjU*8ii+Nm6ui35D{-iP^+fm;lQXvUh#5<~(xAW^K!kw>KEi7LDT?23AN
zMVz<|2?9r4ENQ7a7VNNPO^IwYHke*%i1VWctHVUW4W#J~xtHU!!pI-!=tw_Tbp&p`
z!{Jn33TSgw;*6aVv>hUH!H_lGodn<IZ|NE`Y0*p>9dy)NzlB*$WhI#4poJ+~T0bLF
z|3#Fvx>c0<^=+WD^;WLJAsT=3)`+yzr#(t6O<i=XorpzMZ!Kkh9Vq+EbIV@6f$y?)
zFooKai<p@{ndi=39KoQhyh_&c;FB6xm4CX`NnqCgy&Xx{1>}-@n}&swO~32b{ZEgQ
zWxidJRxqn{JEYw8taUb};hWaCOe;#l#+%9?G7XU1J^*~C8N*izNuC?May(CRB1sDc
zRWP48KX@#fQeIbRJ1QV-nqgk&ZRmQV5x3;QhpT4Q&zT=A1m0qc{5HsDdvj&$DUIpe
znjCYX--C;<-BqL5CZ>(k8KbI>MN$+Ms1RSOc<#BWk}<C_;9;BpQb-{ny?}pETw0?k
zH7*HxD=VO^?4|nUNJ<jhaaG5Tu(NFmPH}O`SnS&34(i90nUpxXE@*NP(u-@T;_c)Z
z_^7TVzlg-7j9^=$3&L49M70uhI2;0CZ~LY*$cCrvV1Bs7-YWWca8jrkk4w4UhqYkJ
zyzmr~f@^iI3>gJth6lf3$q$%`q}ICC2Mjj%-J-4f&Ugy@HF;rO+KKTC8r%UQ30_>X
zl}r|Ps13#i4OZO`77GWJ{5r;nvTI#cq)Of7Nod}r;J&%oXChw4q>4d>nOwQ!{CgEt
zId|+hbNIl6Wc^jS@4PEpb}HXE8Us>IcyWy+9=_z$CS0R!!^VV%0v6{)#GU0HU$8Zo
zlClT)NLh=?%#yr@**b|EWt4dj)lxn&%6&CTUdL0iWP3ExayVJcpJ6b~iaZZHa=OOF
zsp*JpB2j-lIdh9@d>g7>+(-{9xc8>*$hkMOL7ynt1X>=$&J@KRNqnCqt@*a@8b#yn
zuXQCL0WwJd=;5%JZv+GtyblYau<Y`qf%(ULz2=Kq(SiG#uS`hgiod%^5Efp=cV&LO
zme!NkAC1Pd^eyW?o5Z?h{%*v$mupNuPK(SF&&ybNT=anwi&;cT>DRM`yn*tr33d&9
ztgqzLvYIJQwoS<vba{BgXTD4_Tz`A#kjDvu>X2cXdLWb{$vNtUfTA|;Z8<d|oPwKL
zPx$gHnC{%ou0Ok~dVL;+X*M0F<euvMk+=u8wXoT|w)!~!DXh5{rx}}-uE?s5I95fx
z!}xSc4SYE8j|awL<O?vZ4Vf_ANf~wgycK4#9^ddNp7Lq)h{FQWH0PwtL}*=R>%;{B
zpoZ7D_WHM$58q2(^j+)pemSuAy`FqCnV}SUQ-i~FMa|qnH4ieMMS%|Y9NNBT%HLnE
zS<v~^kettNko(9M%H$yEsf58?y5oKQX@Q!#A(I;0l+kPw#&#hqIhuh4Ploc^r+k~Q
z9C07Rnprb%rqnVv0t4V(%YBPO?^EXAR<|#nBvvPW`)H)fxUSeIV{2*EdIqaU#AG;y
zQPE8h?>wnux#&d+>+}Y}L7fOu>*R?#)J+%N`ce50Z?-*}s9P#O{3!_*KYdkp<M7(m
zyrlEw9XXo0EtxF~BeF+QIFIi9^xeYVVXU&=VGLZO+JF_gs7otbdA6mePQ1e#e<=2D
z&O`O0RmQ`(r_F)9u<l&Ulg?ij;GXpurEKL`4->~PG?@_kxGw0AZoJRofqUTQ^?JCI
zIOmg0j(Wf9I)f8t!H{5ESyr>^wQ7Z#ni_ZSDDv4KTAn2Hq`u7*arek{EN@QBoQU1v
zm=^B|?F3S1eO^6h<UEv&d+h^R`oYsbH)4zC@|SS#IC35l1n*NwjqMXNV;$VI3$%S;
zmKs>rFAUzrC8>AwqVZhbpx&T3kI=(N+U&F?&4Gv$nPws_1wK!w7h?Jt!l!F8Dvhqh
zj|_+fDxZkH=s}gJ*8B<iOuMr$J0H<pzX`-*y<EFyq+S|SG$bz;`qsXjQ}<~mDfeL9
zWRilarb^`$Ka&Q{?)rXx$ZSOQxy1I=qJ~Wg<J7Qc?9;g(z1eO(UcIfhc9GIjH~y-}
zhZ|1{m7I2uro%Y?dAgx;-DsOzK{nUcV{P#|p)ms`U*+*ug_$s{gBhXzKw_Nsyi2UN
z#^^_-1q@uj$ptq78oF!AK9i{MJ5zDf^@!gj$vGIWEP0Zq?y4_?{2ei7@F~PH8V13_
znGN4$s_WTsNLzOzzwENp$7LpIxl;Wz!{kv!n2VqWM>*Q-*hl*|GYi}RXSnrJ8g$cB
zRfLzR9FR1diyQ1%Z^AkJu+-yZo(czd(ERm$oxCSKeWvexWKYb0J2Sq$U8_>Ku4rEw
zQJuT)Fc7p_U0+=oXbpHr*G+H$9;W4Q66zNc7T>#UEH4aK4BOeelnz}#Y}rB7kAEW?
zw0H{YDS}7J!X1xTwv)tZ+SaR(6}^?NkUt5OX}=_r5Brv7V4^8Gl^MLyM+%bc<kGzd
zRP_ZiEh+4;&fGW@d08||fGpumd{|nKo)dLUO9%~6B(S}l*ez%IB!hBXtqN~6vc<rD
z_(tQCa76&oSEZv6=|{Aw^tqC4C7b2GlMTn*T&~dFE)3@Ug#<o&3r+E60QE@ZAPnXL
zl9UNGpE&KjQ`SbwShd=scltTR$hQVLRY_R0l1RBcW>fUVd4Fzih_5|*J)tJ;J9{MP
zzKo3ugQ3&-P|&k;t!ydu9r%0#Pb-L`^*=D3GWM>mn0)1%zur4mJ$EBIPD}`2{d^F`
zc4vuwAj=1pR7Ri|CkfGAGooUS@5E}eCU(ovJyVlYDNjq>6{VTcA=xw%mSQ!Z<$}?a
z_@uUYo7-7eTO1{m;^N}Xn7*hxhPaRo@TjIQ@80tLsp^?-GVSE|gPEeEnT$r9h4yxt
zWp4`a^7o(WU^XoIb|ZQ4y?T#hOYe6@S|DMlN#QF7_L4{gZNOSau8=)1f-?T1?Ag#(
z_mg$Sjpxei1A)_d!HqHpnQeTrI}8=V#}gDEx1MKNQ@CSk(lpBSz!o|5eIu(epQ>M$
zcjfSaanJ3un$iUl7t6zVGQyH>pIegP$(gA0(yp33L3(#5P%(7)AJ_sfY1ecwhrB(&
z{gBPnnN1-?iW7XO!iwzrq`OEQyJt!pEw*V4i*7{EdYRqPjhQ^X2C2_aRXn<_GuIx%
zI-hoZ;2o05tmXss^Wak%3LAAZsjV{YH&(~0mmbPaXdP1jnkg_1Z)v$S5x3$QwRCs#
zdR0}igo5FKUwUEg31*)@Aa(4roW0tuxoi?=O%ky)4VelGd>OB7$)kL^59@rh9m^*T
z-0XaHwf+<Hiu^(Dcq;jKankDPbUH$^FW%|P7d+se#A%L?NC2O^OsV|RKMe4N(VjOY
zNi^<jficMHU<~r7NbgkM2kX_%@yu6Kirm)>mJ$@d@J)UM5-6_EMRI)ky5$2tSpDSI
zV)oD|Jl&1MTcezs{$7bj-WFBqnM(EOOP__F;7VIe5Jlh=Y77ZI>}DbJ9O9y;;t4rY
z6iY=;fv>AqX-ci}C3-%H2>+~_QWh%ZEI(K{9ZBvYi8Eoh?3RLYv@kMarzJf)8TU0l
z&YC&=iYbufJAP3;J^a+qx{ISxp_IjZ^=M={#oHjhhurfXA2koH>snPAGf@Y%nPBVP
zc=GjZ$^xDhS-#*4Tq~DYO#DIL%@frwveUA{mt-$B-Vd)mX4-Fe?E2{4rnrl55}mJ8
z7+ul36+a~{C%;;GtFLwI7Wtyi<^|vKl()>30QgW+=W7XSoP`*6q;G9D$eizRsksa#
zI>jJ-h|YD(&#xTGl`t77Nj%VFu6E%W-BU+4?%`w+hP#V;DywN~&0EOZ#3pGEOl`9g
zM;t!hCqfiOoUKaB$?G$p%j}aRE*gK0RfVH9_3+0F>9f>3DCsaHSJRGvaR6#)?<G(v
zh8_lS(qq7@j|CHOuQf1B7C!f%%he5yOt27Ut7KIz!^OV9qX(2;nlT<T{KhkQKJ_U-
zWv|i`dROu-%0U7+_wDjzRpJHIH1ex~c+ta~hfXVfT*@_I?I1V*mXemKpsj4DdA!+Z
z%-SsILLk2|NF)dr69D-GyAgsrGYmuAapnpq=QW6=4++OoH)8}M?(}bxl<=kHM2ie6
zo;yBDZGVg0$aFq0#i+`=PDsqI$@~^)@^!}BcRI$uvCIt|woRuOq`I3vrOGvhRD`e7
zy5d=xP3$NA)!0ub0$Xy~m^nL>bxrB&r{C3Po-q+;bI}H}Zv@$aKQZE-+Uc1tbe^g&
zkXUYH^mNB_alIlk<augqVH|(9#5W<v<*+ruwFg^Um?A08igz@yJpqy^0pz$D-$P^k
zok3Kggu`r<4bv9~lGy7JO}Zu|j6MCO<q;CWEw5bes%up6JMT=JPr?HlbO3tk&jTKJ
ziwc1b?XS`AT0T$=Ii(OLu-oy6x{FtQSRr@<J4JLR?*Q|(QfHTW?&slrg6o7_gtRZI
zd7`}fdPiGfFG`DIS~$8krg*qx>WNYsw)^CtJ}R4~?h>mRq<>>FtD8qzSXX<DI+(3e
zrlO}l*iY`L3MM1)%pq4$uka-ha_mj*Ri*K)+*qNAv7pUTqUKeXi@Ilv2TD8bv|{xI
z9AbDn{kv(49U9!WS2X&0M-4e`GP}0e^{%))S3wMJcM69;TWUKOgLfjVd10AH5KwrJ
zr)RAPe9xho*mhmr0H0nce0n`oI9l*zgP)JZ(exe;SSc?4%^S7?y~AsQ0B(fPt=!0r
zFEI6s?#M&G$-B4_!dzAxO+J%iJW0kbiCCP}=S`Y;;zvxBVVd;J{h!%77M4iyB7}D)
zHTuF%a@72v)t~WGrwuNDpb#A&?ouDQXludR`O!symHw%$Qbn#l3x?8@ducJ!S4SRW
z#73IJ^79$KlK~Obr)%F8Ci4!wTpcZ3S#W$RxU{i;#fV2@Nn>dF6uo$7`-9R<dnr2-
z?PJLH^7%O{%jWb{ahlxVcS+3AFS(oP3eFZyi?cXZKd!ls@R8NL20pd8v;E*N?OLan
z!*hGum&6_Onfm^(;zMuV6y3^U{8qePU=M`IVBC%_|H|dfrhU?1=Q!@IU{|`W^DnAM
z{7siPdPhdMPO$2Ja$>u!1f%N3M>q{n6n*j@aE_Nkh&@<aV>z(tKR<ZUlvJbA7B%I{
zIxx-Kl0G0s<MI04Yh&ix2WG)a<%PND3Sxt>G<n7Qn;+#ZQ0P*uQ2v<H0zOyDSiY|L
zJ3N0w??|dqVdTaApy8ky{X476XYZR&yZN1)s(ftEZS}N_{cgjWZsi%&iPSJ9&nL6a
zGp`9f<vP9`Au<*#Na7gQHola|Hzn0|?6_ZeN7&&w!Ok;>cC0YmbMeyzErHCpHQfpl
zPwoc+bD)bP)BzPPF1EbI3-wlany6T?*+ZTi+-G%;Gwu3%Umtb}UN>2rXG-QDLT>AZ
za9Ev97;eorB$Lm*_TEni=5><VYpc?LOaVXPrW^<59P#!!@*13ns$XOXl)e@r){gOb
zm#ZykpiYt>mYqI^=f=V{l)-Sd%F<rehs(b9n!k)6pnUv1PFRQ|Yt}hkf0>HY$9B^5
z)rD%q*cXf23Cf)mHpfy3gUVY<5YVsn{X>K}N_cLU`|8u!XuXkmp}m@5XjRlAOD=zR
zx*Y!~yrF@-Fq!WZY5+T3u5c7j;1t)8!z=4bRT^RgYwgu@>YP?tx+E{uHCwZRlv;~3
z@Ox4CyXD8}RD!2OP~%e7EJgIu6hepTn*$=Y<jXiAt<myji)Esh-p*|TJ^Af<QPIx+
zkCO6-9K2k0Pk)H<?w~il%i8~;7AK+lV7l39pc`9Qw%AwWH1d{3m&2sB+6+}RJ{r1Y
zk;<ISFJzqX2I~$32eo*E%-&p8cPipeQ;(F?&w#2j>Q~S6J~Y7{($b46E=G7=g6&u}
zG-mW0;?lR+NG_@OyuY~N@@0scqYI~S+*&FEn{@1$8!vd+S0+#TJmM+Gk`#8Iatu6Z
z-2cn1LgKI7a`%r94A*le-RPI?3J`L(UR|+%N;$eQ3K%%O8~>y_6p6iwHy>i5fSc<(
zcK|ti%qLnorNK}Y<umtc@>}K<t|pI*op0Igim0Ts&pWawH8g`9i=3W6azFaha!;$H
z_ysocHxMNo%6A8NoQ3p+`-)2~=cWdDzUQ<tnAtN<hqWi1w2d2}GI@|DV^0_{J7@=R
z-iYFTrK0jxn5Hwo-A}frOC*<iR@hx*D~NGMhK4)9>iueOh4NP{wsmYNfq^a@%t1ko
zI~`L~svD^p8JKPHEOM8!xwq1N8_rraWIoPpd~>my<?UtuacPn`&l%A)D!(ua1s5|7
zwxwlz5ocv=q3U!xP8K`cr35UXob>@c5M??hgZL7K$cp{us5}2zQAqCIlPC{+mU<$a
z%VTtF*^12J#8S93-@hwNb6347n6$0bIA@kl8CqFBsVi{w^YBMJs_Q*d6rRuR*R#X?
zBJXAPVhcQ!Q|kGU_{>zX?H2Tma2_Q^JUxXrB8N*#N3UIlG2A|XI}v-X@^Pd(E4cr+
zeC*O|a;N5zy8Nk#x8Q>LnBvjTKTkww@lCGH$J=Q3YViYrAyskVF@Iv5xRq~Y8XvYG
z#_7+a;&$Qfq2!+{?&TI3rp$8lxt~AYggM*f5}oO-@L;3dJ|avaDR!7VM<U_!&;x1b
zxG=_dRJMn*zPz7d!F<HKG-$2^Sa{IAXjo+rjFgbPS~cz4Ojm(RvNinVLfFN3BcbnI
z^{jhu24>zyU__~SRnHoRzGR5Rp7`Pr+<)w#@M>%wn@FFe0H-|Xv!@l$bl-)N-4A%E
zQ&-+1aa8(o-=j@)ZxTV=Ga(A_89_<Oj<go?+*X~1m@Dri2w_G!xy1%A%0B{LV!{d6
zuuMq%4JQQ)oAB|uwrXBy(DX=uH1KCuTPHoKQH1CJY5vChID)q=1jp4<UfWw(J-m#u
zOr~XK{_4QSF?t44hBMpcNw9|;Wd{h2W29fP9lLquu*6~OL>mf|@`q-kEIqflt{vEV
z_~UOr9emh}O?>=CZSQ4+Bi;spR?N`-gNyZN9hHn6-><w^V0vVC-s*n4hGAA@jG5R4
z{IzbX$I|d{_7iX73X}?Oo>CjR)zTd1c21fy(=O>ysy24oAXSofMZpo|V->C+)ykt|
zkZ{x}j!wE@tJol=)S?SlI;N~vbiU}d?`@c`+5yXRO$A591b#eA1GrvIl_ZwJY@cXz
zWJwKF=DPRYR-429`qoB7r@bv-vN%7lctdv*)1ri3^IGcn9-HNFT2=B6JU2F65Mzk6
zneFfyzJ@7$fF#`R&CoGP)9uFK^QvK-ePQ?(nF&!zy<(&cvA9IISXBzb?gyT7w%Sf@
zu`*`b8xq~gZ77>`lma4iR-(INVtO}LFAX;Go}Q^%PryjF?GBj=9J-Oay)@2J`d(xe
z<_0X=95iiSUskUkxSnR45|i&;^Ih`g;CShQh7QqaKwVd5v5~qoaXW4uK{XnJn8?d*
zhnM!w)WQWW#PDtjm(p#9*WZS7UF`E7ocRRY)fraYTAZ#0x&VdQy9l_8B2i?c)^<K+
zW$8lrwIX|0`_iD1WRX?H<<SoIQHF(eZcY*4D=fv$85^;l!y!^?2w#7#$g42kcQeVY
zmO!Mh{p)Cv?0QUrTV05DDMA22w)iHo;9LHE#Ijs%SF_8ZG+XtBgkac|_y@7?<6(&M
zpzTH8>l>}==D@lL-_U3(P^I?`!7jqL?RKNT2IzKZ(cAE((d~DAw(2<?^S<c&cX;5;
zT43P7wsl9z_RPRag{_EQKfmzy%EeNff<gHXc}@qTqN10RpB*k3ha^!`Z4MokEXbaw
zggrDj#*uqwZYV>xrBs7>Ir&ArpZ7qs$8*ZFx)D_%F%Xi3<$dl-f$PMtv@V20m9k_m
zgePX`^9hGWCBZGDQ=;!JmUHpR^d$ybp=z)X#9=%zhi7DGb&Kr4R}@E&GNgE{gmYJ1
z3AcFVj<wbhhn{P#3SwJ4_pxJMZ$w-wJ7z?}C#~F+KQvQT)ytj`I9u$ojwZS`fqn5D
zZMWiWnvZ0cIZw%Ty<sYsBs^REWD$)pnQw=%!+--MJWpw$QiPusOV)X}BKtzB+<it4
zYq`mD^jG55$u1F|o1u3hJSP-}51UpdF<8KfdKA3@z#o|#XoVeAG3pL&5!dyC*I8CH
z7J-!cgp2kGQb^qCcV@F=6CBWhi@a`|=aiA!l(zALM;>n}3(`qC#}Z9sVRmDEFUz8t
z$REHzP2v8aYY%(WK^_k}2l(L~7s5sU)_HzU$Ugg!{cBXfpNO=7PIfkp6EBTZN)hJC
zSa@ArBL(^HSO1PUj?uDT(KV&eHGLWl#mi@jPSPp4S`c!1Hpdazr|gSw{35ZQ>FSJJ
z^#M_e`z#xQK>&bJP|4rA2&%E`FNlv8$Y<q6FP2M`C@NO|2P%cdb0dzhQAf-l`GMt!
zd<Qum*ztT(Lv~Ta8KmR+JyCJIOZKl(0e>PAjGs>^Q@)tguVGUq{LQdMpq(y#_Iuh9
z77WG}eJdD^nS@TD$rkn)_V+{pz)Z+!Z~&3B$}y|x`^r(O6nujC1b}?DXn8?TJVoWp
z|3LKuQg8B3l&C9|q+mARM81RS2(VK~(l}3n0S2WLs0=#UzeWZ8iAb<)fY}L}5*f0n
zh}~;gC}L4jHvBWnti0Sa8kYAO_VIDB04sQbD0RJ1xdb4SNeD!~H<@7Lj+o{mpZ%YL
zZupsU|1A|NF<pNqW}<JphAH%p6!wx4xF8PmXVgIkSR<IL(8>TRgQ|PGWd9l!@CPF6
zKx-8tP5HBS|7KVyVo^~B)(d2mou?eUmcn^xk6~}0yXxxrjOZ+glI&~?GM4}-nd(05
zsZvn1l7rC-tw1B7JAb6ye@%r-%=<qR6I>?R!=QK2+6<r;XDGlp_bLBB$^JDe;I|d$
zcaf;_51Dee{O>g^R9{h1hWRtfK1=X{hJ}{0zbpT;095`te=q+MARn~y|6fxf6Vn9p
zBx-vEmVf9Sa@_}hF8oCePkt}|J7oVF6@b3t>?0Cc{*k8KDgS7O-7Wvmenwd)p#o^w
zy;bV>@~;d)<zH@Zm4cG#F~|q4{QuWf$ixiWQ~sfM$ZaI>b03+;NdyKMTKV50``4&|
zKM;v5|Bxwn%Ric7cgnxX(9bBd^0LopsM~AU-^>4X0NP7&?x|8xGMSA1UjF}EDpX>c
z{7g(_`G?*?<^KY(Q~vAfelPz!Wd9l!fWG4FBNAEuAye*_e>B7Hl>e|_%KvK()6;)u
ze}bRZ*oEo&d;AOjjM?2_gf2v@QcGWdRF>V6fy!TqBXVPgtp7)UxE%P|AAtq5>~{yC
z0f2BqSE8kf3$$|V-9AGXqU~jo{CA5nR5M)W_u2pdRP7hdkUM*b<*o<zu?8|vApEF0
zE9X^TTPxIfcm0SLgB4*e&av{iba{<}nZPXKm2bHs3M!o*VK0D$^n`RVjg{1fY(~z?
zGKtP}RwSfe;sz1v4iOQI_`G@fVM7k~VKIyWyyf@?U3vVixpl;3R0e+Osv5^hA6l2U
zSlhtfkMxe2_-Z#8d%)h0VF`E{4}6m=<WPxp@M0}jGZ57v&c&967-idoJOczm*29L1
zXr_+`yC-u3GqrMd!-Tn5+7FKyD0R}Y^g)~&A*L%g#!P+P0#VvIFmP5jOYYS!Km=k6
zhqS}L{6o8pI%4%RXxd>yJl&cg?Xa*>+9iP6J%qFaeo;>l3Hd6d-c?$ZdQqTu;Gd$~
zqn%qbq}@p!P`ij{DD9S&OnfVzrHgkmv0(X?^B7F>@TyQfwXx@{#Gd33QK5R~b*enm
zRuv|nPs4pv@`|=sYWah71}maq8(@h;+|4l}gt6NrEP}CHrSmMyrkbhNtdxJ}vnEo5
z<n%KvI6Yo(dV1w51KNB}VOy8hHC~^VGV@NK){Zj&jh#IwiGVVV6K(buC^my877`2g
zTBu8RW1zks<dKjc=6ecABosLD|5YpmY^4?s;_-6Ass&2EgaxBi-ebKCq@jA)mq0)#
zy8p%~4&f1rozEyhtU?d}5$!Kvjk`gy%uWDp_AheTRkGFdT*BgJLh{4ne&Oc}8XnDh
zse53cP%wjr|AiYb=z$#2-RLNwOMki+_~Ba=46VH|{ynijBgz-}J)|I&e~D0JNI}TZ
zLuw!GkRg=_d2Bb3e?|K{SODoXRhUjbjpJUqf0Y<fzgX`ljK{yDK;wo)LH|1npbfef
z&9^8RM0;TT--_Ll3ZRNIG9e)myP1IsDM)3skb;n*htxjWp(2WZZ$$kD7Wh#I5_i!W
zcZUclv+tGrSBc^GyYY(mL4n2%N{sI)6u_SRhOYgY8GB;IbuWznS?rEf0IIe7h;4&J
zpw(JPW%R^=kfA5WKH8xoifm6rA*BL)OFYVHyJ%HmV)-<9d*%LBVtD>;Jg$9KjJ@0d
zaFHSrXgTvc4CJ-@C5HL&Juv<&u{%-$bnERW77~G$7)XuL5(7epo*4URhq5syDx!cN
z3*>%ckxu&stucSFKnuekB?i|%#qsq%C>Vgf?4Zo>-v<VC?Y@a2u_rP9SnQ5e;Ky#|
zkHsQIpd|*RF<N3E?Sz&X`)LQDj7+>Ir2YV{DoiDxMt-l{ze<c3zZ;M1=ZXQ=zn#4l
z8arfS(C(8MzZKCRHPrmX9u$8kc1J4k8;bu#EF=OwF(8f65(5H;o)|y01Ag6LqB4VS
zZ%F+CT4VkYffkm%a{pq*;6f{o0JIa$+6M+2J18;g_kjUjx^H5b>_velc1J3(vlB(G
zx9BMT1F=YCXo&%7jGh<}u-(J}klS-~tL$vg%}Mu!)E}T#g$3T0bcO2vFSWatc;<_>
zF3fDx*al{%Xz;Un5c(JZc<pI!n4IFh_i=_87_WOezMCi!XmCM(zp-nDI+x|WO9lbx
zn;)GafNBkWPfecPV;7`ZkeB`1kb*n?)B6O$FZ}*fcEF$V<AOo~0=Pm9wk@b&*~cvW
z$ekRd5UPFPX&rmh`Ait`fW!FLK;SS2o4yx}Jsv<<2xHHW&2o28*kZuPJ^rW>XaQYT
zL=!b;S|f0x2iXU82mcw_%ReClOuIw=gwB-z&y?f;Gv)YyDhKSg{rh3%|1;$_7&u2y
zJ^nS~>w}!*YkTEfB>C$bgPdt|p%F(-HluUA#NJQ_z^q8K0auP5c6&~7HyqS>p!O89
zQ$!0r3ec-F;B)|7+h>r&3)bJ**}!f}T0mK#H)hHN1~h82(u?d*_sl}TfJa6YzzxRp
z|4*?<U>;#HU@A3%104XI=-fuB{OgbdtOJmtHo=(*sNdfiMFH7aK_iEsbELmPy9+i+
zt_KubiB^A%eOJEmfGfuq2d~O6{IquK#n1dkHkrFHP$<BW!k+8_QK;>M0_snHx)y-u
zT%avbFrYSf7skIR_J>rh4B+>Wf>cH;wxFSY3#omyLxoh%-iZ1Y?eAa#<N&KCo7p*D
zVXxf3N(`t`{As-({P_1t3^Z;~Vtm^tF#zb=eKW&xFO2_Nu{%<MpTkMtQ^*z=Eu@et
zqa_A}3_UUS(GC?+Q2)LgQ9ELHqyj(cz%JS(xy{>>-_Sz&FA~G`cjF~OO(r@DG;Stf
zV(6k!0DJNqx)#m1C>T(iy9?ug7rP@BkOOP&K4Kve=(QG787(o8c0#MQ`)G$sjPH9R
z3Mm!%W!$|}26oZbI50TJi|&>C7m0yv6w!<aHJRur_HqNjS@KOuihVKzx^~~hz}o}k
zzZ1J76+mC9_7RH|ffiCojnNVVLWY(Y`)P-aC}jT*MihWNdgy(&k64t`cF`uuRo|AR
zKnvx+NDPVJjb{$^nCK`ff!~)5rF~#P*P{6r1p^uf>?Xz^i`|h5ppHDig#1IXkO=gU
zf-Xf%45XdV5@R3jCIRFw#D8x{{Q=q<2PWru>AiCQDlwq87|nQeKT&}5=bgP28apU4
z!uLrG=-Pb~Lw+xczZ1J775ELse;^jw@S}wkQe(8lfPkSV#t-d)ox`@D)u#n&;CDmn
z56~vbjo+3G|Fgs}K{Flz?q-oqCOQl>cF>ZcxepAeKSlE`DlwoocNYb^*d3|B&Q27$
zg+oX2ABcrSpeF{TF<N3ECF~{!03LkyKHEn<RQ0Lf8&ZFOwq{vrRtl{l1y7WU3+ii$
z!GUr;@eCvCXc254z*ZYTpI#t)UNmQ*xAV|=01|-?7i!)29fm+n?rxKTY_)%khyc`K
zC91VWUkjkie(hSJNio#(qQ&yB{QgsRz#sC98iPUs0vP?{r1$qJ$IjFQsSq;w>P@;!
zhy_~4^{&CJehCBxm{ppMJ%@1*J9z$T{L?ZK94h_KI`<gRMY5m{Y9(9YU@LhO)d%(b
z85wv0{s-Iuxy?VKlk@&Fvg$u01JA!v%Kb9`+YjsbPrBVP;eKS)#^8)1V^2|D3~&Gs
zwCAJ})}iqNG%`^Q<N5s{8u*LR6!-6;hkmXtV!Yu;y*)oxU;X`ibw}y?mnmwIl0e%5
z_q$7j$pp3~Tg0==wSrsAcKyI=VIK8B31aqp;o5eENa^<4!i;k%;+r>O9T+t**f!=X
zr7zj?rXDC>|2B-+-mXt8-LB@H>wiOCvi)t7z;*z*v$+6(fA%Y;VQ6dBR=8+;ZM!vQ
zsvZGf_+FS+y3tqa5#g~ql_t_LY%AhE4f5Hp?^vjI9w>2NovoiM+5W=bFaZC;?y)fe
zEM_^d!!;i*X2J7TsY^EiJ&@hj%8cIH<8bg#psnZK6=DU#8}15~u5Ff13_HUYdKQO8
zN`a-QO>B=r4*>qyHo_fle0pjwY`}d(0zUTLdoi#B*giHgJ^%s|DMExG7B>0<V@_|3
z&b_onbZo|epTJkfZP$nLbP-dH1I2Uwz((-)maWJZ@3{b=uf@HjZDOeuLj-68rqmZ#
zm)Nsb**`=8TiX>8)E;Zgr5t*S_E9z}k+Z-C0pj?O-d43UHDXp|dwY1meZ6u3{`tZn
zXLg6_owCOH?;W$=35VA1UXQ`wo=HF;K6|WvqaHx4^;O4|9F!f8g@>$%AVwFA#ny?t
zHU_s=r@#l`ug@+~Pt@AR&y^q+hPNjJw>MU8-wohW3l|}-ZI4Yk&-Ei}dFOP2RmB*Q
z)<(Uh!aR|?MWsn&yrtWVTk{oqTi<zszU{?U1bG^J^7^HrO@dX)(uE3JkMG`!)ZZ%#
z^9Ht5)*D5(j$UxzC>*L_2mcgMHNm8FeaKwc24NsDM3}ni(+I@q5=_Fqxhln65ofIz
zo|XYp>Vihg)GcHLVQ_EUN--0}S;K{=-iW7(g85{Ki(?L3!`3xR*6>3%wTEorL^icV
zHgFo7S{fTTr%f%V4P4BoR?G&jVpFSP12?p(HMD`-+tk|IZ2f$#U(Em-bX*#MROCN@
z@*0Jt+<7ftCwK%jxVtofpZw!%F_LEIRm`OU{J-ZqdlmpRpx*q=t0$6X=he`q0sKGe
z_4PV)lgN06;CR`7uZeKZ!0k(lV{_Js$b?0EfAIgtu-8C?O4#H?%+d{$iyPyBU_@H2
z$avRXo$X7F#-!kv_F<LKm(h(QXs;fPirbe&YUb8Ii;PRUG`s*B0v99c5s}oRm!L1|
z2t1&#?W5uL9zo-Ro8xeXMwds_5w-TwTgXo;6dTw_MH}a{mSkOgIpNE2<<rBsfQU$G
z&^TX(ViWtAq}dwzMr9-|oOnz5^yndvCmxKAix?u3r9s~7_h2`ZYCH>M)~z@15%D^X
zV$j>*)E-jky&ilt@;xIf0iT_=_ScWeLkA^ol53Ae=CiW1-<rrRDf*Dub8zX(`R41P
zWPHxrH+8>$wf1+p{~}L(>_|YrS{NC?=cZypVd0;e>VInm*2L9BMX6#=F%jU;$c>j>
zUDXzjxnXGND}M+t^WqoSef+M_+pU-VtmKN#UrF-7zH&9uQmWWdOgxu2l@*9APP~M-
z{JDxa3X{UvFiGK1ROUtFg!^h;p#`m%)2!qM&0lHqz!tfhSSeLpDa=Cr6NT`Wf!ZqK
z7)%Ni&d$$=8~TG{Fttn!zbPIP%DQ;u?R{8RC{Eku4l6lqi&xe>Fih?yUP=`&3bRQ6
z#4C6X4OKz0m|CWW->w}h&LW@DKVoXjq;#k+>*AZY_gA_?wc0KttmH0Qyt>Z=qu_25
zEiF3MzQte`tJkldc!xN0%dFva_(TY>>cM#Wh^a_emN!qgoD-W@7Vqf0`w|<Yr#C8J
zf1RecUulw|R3V|9c;nCLhsV`g)mDjFFd0(VLmK!XE2h3nOvGAl-Re~=56pw7NhzW$
zAO|$#1D+-oN|h^=W=Z~uv3L$&s)(C0yDbcp%nrHdTr|$UU)3GT-+kHCTJEeh@G6G~
z_ME3ln^HxF((GM*g~BMvAe5&`mr_NZaw5&2F#(UOv#PBXli$h^$KnucE;nAz{nMMH
zGJ!)%^SBQgGx4~(+PS(gldLS0tPbhqa_i*Y=jaLN=(!wWEgxb1sv#HFz|&-^-D*n7
zke$kyjmOp9&ee^{WNpc0eJCmy;Eu|@uiO)^+;chET0YtOReLV1ou|oCyVX*AA}4h+
zhjqETeYu;|)!Ne4`dD!;cX94R-JWpWo-1kA@@dww9l5ZMTr_fF>7&KDsnIactUSfG
zX3n^kM1EI=HepT4M&Is)sd*PA`<3Oox9&9o(UduWVs~@a>lJeWSC6*k?%?RNpnx~y
zQh&wzKh)%($$|d`=s&anNA3V*M?<6?Gmv)FfXr^50-2qw9WpzGC1iI09MJ3yE7u37
z<;jrLen@I@q?6(xYKLZsy1)#g*2#vP#MTWlM<<V(gvc9^<fa7xM9+z&4}<7u<RE${
z7{p$n6=J`a{!huBl)x*k!yqQq0uYnHQ=ri0YJ68~(+xu~J~+2BJav1*fbC9EP$)3{
z3KS~h^pEtvk#CkOPUPr(Z&BoP+Z+P_8|A)E4@xRIKnzOKJBU-9o5g<cjXI(`<bKN(
zFmp_FlH|k6n^(&e`k-QWNr3cAZmy@&LG_AHbS_s1=pM7$FqBNg<k`x2-Ek=5H*tTD
z=07I~{!8#<F3pfBwM-yWvSvZ14DNy~S&Ou!G18J8kmb$8Aj@ahLFCb7GmxGAkl%_!
z-vX0y(AN$~ZUtr#H=XSLxVa&bZ}|zazo!_fj3&E5a1-fAUZfvUhLVTexPo*eio6)<
z_I_PStm54L2?5JJl*j<FjfOz1z#tHA;4%#=m8S!`)3%Udxx3$?`84?70y6@TrB1fD
zZcl`8n^@YZy2O<x%cJ&5Ld)H;8x(^{Z@*c3O~oap5x#q3G1Gz7ArV&62a?GR%*J-$
z!)#YU;?_L32_VOFvIo4TY<cFi>x}+}6G5@l1@}U4U4c*}{q!o?Uw?_t>?bd-Nr)GF
zvX`zv=P_nb-b#ziM2?uF-TBDk;-VAKcj?e~vMjLx_~kj-i5$=3I^^fs;ODr=G?zpw
zN`qANnOnie7l)DPcL4XP`~+rwdCA#H3XN9qW1M#AV^8qoYG#A_uGXA%7|p5!cgo}^
zAsqrs{@W0oQ~3~_fL;jxUak{4fG0=^B6JvmRQ_lB|Ajm{Z3eQvG!jz08wlFG1%QML
z>h*xS$wRIQK)OZ}a!t-_q-UCuo-spuh70MLaHMB`Cogs+SnmE4@*Z4B5IKI6r6kar
zcN8h<5b{zC*BP^di37z>TsjW-bOplM_%DNsk)3)4()&U5t>Q@XIEdV#`F|$|_G9ld
z>kJ96LJBuT3eP|a*MNkZr$EBF+9BZ-Q;@Fyj{B0k*`EQ)i-nGZ<o#!`Kyq8c!^KW1
zHYX07+S(F<|IOwFa31IibZZ|GO*=JH{{V!!;v@>ev_!(pL0Y97lH@uANh)@FB_I^0
zE6`LNEths`!bTC+f$vaC50V!QznIK9)VK6`x%>X?hS5)QNHJXj$cSl3934m;yWD~1
z<vr~GiT;ntA#IksL2W?gQQB}6JAvFm<u9j2fy%$?Pym$&nk*shCvyIZzN@h1$}jYP
zOAh8P$R0%=3$YJCl1n1F(;&4WL~4Uo>;!59kpurB{r@#N02yajo&Rh0|HvJHj8p8-
z4jQNb6WLzlboCq*ON*NJzYp4SrTv40h+(UxWWno<$sC%#*3N#j&{>NceHNj!mR1d5
z@iMaI#VvNq<fVG_pLhX4x#6F2TOrNFgCvhYl7kT)+tGk@vMH$8L{1i{*m8H*ayRJY
zzbD^(#N1?wya@Qat3=bH<kO;FK|&Oe^z=v}L`WgnNFiVngF1mZ4C?gXkOTiN`+wvP
z{7>5dBl~~k4*Z2Jn*~-vbp@K;kgtU+op~*>t1}t4FtNE_!vO{F{=({#So~tQKzG?w
zu87l{F#a`s;jw8j9==dcedy}RYrn56(8JpSzV7Q7S4rwtOL|vDY5@929eOj7L(poO
zu!N_b=Djr^q34bO=TIvh)E<bHLh2IN)v=zy((R2=5kNRJuM|<S-bg(FAVy<^qqe~D
zAbf2*rcrNeuzm_0A<nO>#|YQw%?$uW9t(ak!t(&Iv`{@)>WUbgiI@}iaCzON2W)L^
z5>Sg2c_?o#Or@0oTa$_l0|VPJ;81I$b#iO4_4Rh+rXqn`9w>e(B29RsnlFmic%!nk
z2r;jy*KfGaiy*rud+0FnfddDy4p@m{X@1#^AJrB*a3HWY1h#OH4d8n|s%LJgS<g$$
zNvuBF&=&MYRedg7^SgqrdZR}uyY+Ew>9=RF=|roZm3s8q%{LL^i(h>s*xsH}s2ms2
zbm;Qe_3!Y3?RPR=<|;j@Hq+FnlQVNg;C4NZ^@vX#5w@!5XO6bMrO?%k$bEiF(3)41
zW=SAlscUh#IwB>?qna8(Yz@E$*1Z8iZl+Pnde>C@@ANNLUnUhE(u=enjObSGa0cKN
zB1VNuQ3$PL1KLbo?bJ+Bc~#+#t7myt=}N)7wUX#J-_*6gacxUh#!l{b`(lE*ZJ+i<
z3=S&|Kj<;i7#L+?skyyC05E#28E%FQ4Fv+9`iUYd)ogRG^veP|H80s5S7}c><bBC`
z>UfscBPyyC{-v$v#Ow6Cwy*V7J9uwyW?ML(m19mSna=(s+e#MqG>Uj7u^}%t@w@t}
zZ10(Mb^W(mUxN6Z*^eKx|7@e*CUiHVbA>r#6s9|ccZ1l)RzQXE<WbEEA#ERl?^n+h
z4n0Y+G`6N}b&3m8JOI=t71`Qd41CJ0GnJHfI0Z|#ahTgQJ991<_C=4Rw>1C3W`~V&
zvhQG6e_N(!Bg<IFa5em(EiQ|>eE%eG@6m(NUsDqwy-7J%)F!mm`T6A*#&%@pDU8Kn
zflpmlh0Y&dC=4(wO{k4Vna7ZBFD7*ukFT((Ffo5kc(fWgAcb26tVSMv{ooWulS0#n
zu_Cq9Bzy6%8z0HlTfe#8__#(gJKsVZ?H3q{Ax|g8dlS!3Ij5liT4;lK8qclXRpz6k
zS)Q4XUX-emG7z$)CSV4<e0kBCNBgD8OI78L56<WN_1tyVM9x0qecUL5s1})H7bd0y
z;twntDtpssn5(`ST%!f<j80x(d~nG)iGoi|JmEgiH7O01_|G?Nf(XT@8YOAveFj~O
zQYM=YcWIF%eTUP1i5`}`WfWoScr<}uc;OK))u?@>dsJcR^Gcy4qK8+8B+Eu69aFA+
z7^LpBmpzpmxW)SDV0B<Y(OEtZ_$c4|VwKCCC1t6P7MbUVxvE9^sevm*k$Ce7tSvUl
zUyCl&9gUcVy{uOopO3}c#>5d2>1eT=eqDIgg<X1{cE%t3NH{g(5`IA*(@7N_=7qqc
z5m_Wrg!vb(V=W^$)Z8b_CTKI3427#R(u_RlH>zB~2e)BR;#S2u_%z|4&sZFmP$ux>
zswidR=Kpm2ivv%VVy+7C^6l5ohwD1T7O4gVFT`UP0&A2t^3~FF2F+61)cP%3%fHC8
z_ryI+4WtUNCrr{2kc2Zazt^!|S!W*t%Ddg4wq42=Br`ZDk^OK$=R0>wbrku`yR4k-
zQ@z3IGDl;)W6TEW$#_h^O7`HdFwBV^u)O}k*ffWa*WkW_m(_Xk7l4lYjsCm9)-wtm
z52J4%;`+mncE)59a`RX8rQS#i?vG!yOCo+k%mjXkcTFeSPlzxNW<|mLf%e$xnieY#
z2NlwEcbqlDBx^0}h0dVL7omMw?Lk{71F!=cB{n0L7h9`)rXtRBGu*f#Q=vwgF8|ar
zOod@>A>Nd9I)Fa9yb1_Bs(M217T-djz}KqU@b>HS^zCn4uox<n*yj#ol6e(`7zchN
z(Ay@A!WVg;mMC*0<-v_u-2CRYBN#+FFPCJQ&F@pTSGXqy%ZzAuv6?ui9iLC=OMB?4
z$^cJnh>-C=Dq`E}ka|dcqG@1=QQxBf!+9~0)@I6+o+cL*{VsdT0*+}i&G(BtY;)xm
z$rnQA9+Qf{EqI^}*OgaiIkF^l@imtHd4b+8DLOkgk8CpUFlz?p59z5!ZXrsaapc09
z&eBwJMZH^AHw}<0les`Yc)0R4%!~Kl;NlzJsO++dY#lCD8`}>Wv6x;l_LG-33l9><
z6S_OHDJ-k`1yRqrB-;bP(4{!cLB#*->MNu22AXgwFU6(!i@Q4%w_?TJ-3k<Um*865
zy|}wWi@O$gcXzkT_uX?fKa$Oy**Tlt<m}j!(Y<o)CcZG`yUy!96&7#{jp_`lY@5UQ
z8zH`Fx~o?NksX1=&&PMt`5AHT5N`k7mboW&+1cL5`);%mhLt$u9rl|9O#Gj^b##!{
zEmoJ7lfQH88Osmlp9oZm7KTXs5_UtMN23vPdRlF}1xqG3${a7VUY#|&lYv<*>xu3i
zjvk`y*CR89mo3=Gec3XMHwHSN*WEhp@^{U)NSZ$rZyLiM*FB#Tj|XWE=5B1VwmN3y
z0qlCpm7ib%4_0qHv?vxa)x?=h=dp=PHWW0ZlE$#61$L1+N2g)tFr^K5LGsBhN;q|z
zm=_J%j3TQ@9LtB<+WJ)OaNwK9a#4Tg`cL)Hega3Qi@P);YnmCY+0Xbo&3LUhZ=mGf
zgjxk~YH%Chd@on|3RHHhV_PncChh~uM)AfZbd;TwdP@Q|GxsqS3;qMw<65YWo_A~O
zt0*DHAM>#&V;g2lAih<nL24~bm?T6##mUDB8XdJOqZ5|mc6(jf3OFvnJ3&&0k%v{3
z9Tfv?$7Om_PLP(BjK5xSLg;P}ixS1i=eJa0mhXTMTATm$Civ}#?C9tm;G_>5GL66s
zG#}O^lydm4oGO~IhrvEP=)u-*D23Qo!v)VF3A)^v8rGycq84B?Ui!g~a|iOeaIWPo
zBAPh4j1GU9)Vp@a2Ab9Z`AR3BlVKG2a;=Sf_i{0do`klJnW3?Z*4wlAb$WNS)r&lh
zEa9PUxBg}uKN*3PJ4VOLXJ)i(_824(nYta?y5&0_^~oO*)1ajEB@Kwsua+V(sy1%Z
zMUpH8V=*=lEcv{*<Yy-OE;uI~rHLjkaV(BK(Hwu#CQn<qfGKhTG`UW>b>}@f#j>NM
zY+f_wbcCCh)P8*h1F4lF4?dg6Sd53;!Y=C;7MH+-eWb=a&w94-$p+<OXxX3S797d!
zroA##I)U#T78qQQ-ck*IZ8V&CzqvHT+K58weJiSBlk?Jj{rh90ztCgEERHk&yXxk&
z*zFk(eP+?K`^i0_tKTCf5k9bXwM}cA^u>N8Jpw=52p-#3?#gSYM!YHO)L=7LZ1L&I
zd^F+rw`(#caRer6>K6@ZUx)J_aH8MxEt_f%sw}izXuH#ug!|VW!<7om!n#{<-f2eQ
zqlQw;woTyj)~}Pxo**SY$tT}DLD~Z66MegPAPDWp1svtILrET0Xs_iPMjbdujr#(t
zKCKc+HYaMq_xpV#E1hfij{W%G)){8{>geVf9q%uX^1$n(i0T(=0sAed3x<kOBRl9>
zFP;}qO%uQ3;TP#DMJ|*m=8SG$u`{-8aBV%o7;}x*o@P$k6yImbP9ZGDu@c}qEZ%ZN
zeuG}sRYhC~a;=AwZpJv^3~52vo4+H}9MmjrSejR?8ghvU&qL+IuHP0Pu2`d5d(yZ_
z97kzIBTwz{=)_pMgLQ&D{KfP{2LcBn#WlHZIq*JS-SFz%+0x<#$4D}hJ$t+_Z5;Md
zC*j~%3^#YXi_LoX1`Ur=cO@{8jw6?2w@%opSKpdXza^isqPGsqN_C%7x(SuGi|~t8
zuZIk=I>7=}L>e3jK`9&;84>-bc;-AT0lg}XG}FzxC|dkv?e-9+m-idCz~TskD1pZI
z_}7K13F44YY=(6D;KHzbH;%<hw&WP;+^xRmD5gtcOu4vbI|L7s5g6bx5E4xOP0pue
zAELj0yM@!D_0P4E`0e3?X==cuetcKzhsyCs%?D$ncxv2GGc{KnF4}<YGztMOGX9vx
z<X8)b_Rjk<7CRP~rOTG+4%h31+|0l+GRm~$aF`V~H=fJArYOH9FACd0ryW(;O?-wv
z9|bJ;=jhvP<#oLYG9IvShxRt=RW`gb`$EG|v+18R!x0;#8T=F1!q!v|N3GL_{xv0(
znHo*QC9(c#f^zhgH~L#xoSpWxwvu&bj?%rfIC1`g|6?E%$~vFR=h&KBCscu8-tV8W
z!}FV`Ka0rP$^@et^SFo-Ihe4X>wb~ywlgaFviz87gz8{!F?|R)OGG-0>g;`uH>8Gr
z<B&Eb)opB2kqcMQV^+a3;}p%1Ae$!H>J@tZVjW{RTd6k@q!Jg@%?K_{A<8_j_S_p!
zSI-51eJP%iG#(^z)fuZ~h+v$px3F{w{SjH&kF1QL7reCR>1Nij=^1q|Yx&e4j&HNe
zNNZSh8*NZ*{r2I^v(kWR*K?k%hrexa_$*C!qm4F=f<U78Jr^vMcU}>y+vI&jIH2(4
zMP-BEQ!qW^@=JX%w_5m9Wh-pJH{m^T=zAN$X@aA|-6`6rq_9J{ds}?xZlfjXXVI*J
zZiejH3s)sfLt4^QI6H(_j7jQ{vtb=fOYqpJfpCD|*v}}y#ZZ^Dc2Pq{1eZZDVx*PQ
z(Siv~n<c-h&*nOxZ(bx=CSmsynk;B6!XqAhy@#p&T^6NDaCM^Yh^bxs4TF#oJ4Kbx
zotMMgnW*cUhGcBlKSzZJxvO;cF*8W{k9hLl1@XU{RTClt-IjQ<E=B@4fvUQpl58W@
zK>BAS4tyM-`KO&SSJwC39r3a6O+V&1`xcg`Ut?9myA)XX$&<oh%DI(K&#uj<JXxiJ
zMZ*(>sbzicAsGS@f`t#6IInR^GhlFu9HG5|FWEp4G)lN+Uz5yh4#y<y4z-^EuRj0A
zsHGRQWinJ>G%5ip(i)_5@5DgmB~#qO18Oe$CF(kG!ru!qz>itBsy#}3!y6^7|6T^9
z;=}on|74WpOV*Y=13TJt<lN*>3x)@}3+ww$f?^Ih%3r`^Z!9b`_xJ`j<llT|_WHUO
zSV%eDqPnbbX3wzV@fP5?#;I*4kJwuxS!OiF%{F6#S%4&&*JipR`T1`rc?7#D-q>B_
z=7#`6@YaE&_2J6r+Nu3WBBZn@g*!aABC_p)pfl&?+v=RaDdY6aDf{G{Qg`zoBx<$2
z6*ZZH(%F<gKTOTiyezn`nr~tt=`bCmhg%FM5!!ktbT)Ckc=e#1<}y><8v9<-i!tEp
za7XEv6vq_cUkmaLE(khp)Avr?BCKj$KVJi2MUL*ecg+i=04Ito__S>{6|HQKN6vQM
zV>`i6PpQ3)k1z5``$QkHZx%&%CZpsCH>u-vX)QJ{$hig0vdPN2qZD(<2q(OP2u0L-
z130`MivIE!lhr3sVoh^CbW3PH$i3QVS)oFl30#^(#6;V6tbTEgxo5Oe;*XZt$_1or
zc#x#u1#tWr8e9w<52FYq#jZ@rfa;7+CWbh-UO<RJcwyJr7Mc1SJhjcpgmd6{EWBa2
zz(>#=C`LHFz!erx6vj17$B?pBJKNt%qt^IxB>JWAz~}nNvRQHif!rln2IT904Es?9
zceW~q`hf*Tw8s2N!8_kl1t4pn{xG`X{kNT*YEP?2Yf#x=uKK~PxuH2&4{QP!?<<SN
z+mBMhKP2!VAK|<sr%l7Nn|3Ie$0?zGrtHOXH^eESW3A4ivwnwH#r%F?3EKxNjn+@i
zB}gJ}Sq-myYMC&TRUDPmNve}J;esTpkKMZz>5=86Fm{UXPq|t~5+Oqwr2$P!D|o)t
zPiNMyiI}A$2rL{$WRn+pFyk;7rahn8Jx2vo^uLcAeBO|Ap<~84rF=f?(?vCHNGgkK
zA9$z@L4W4bWu7_sPK_FzkRY@DS>)7O^h;vgU+(=YA8$qEun?k1uo-zE%TgjazoXf7
zvk#7=#9u?OlsXx`6H9Ywp9TP5%-Qufy05f_Jo7t#V$r^KSFTG}_;?e~z#KI=Y5Mkn
zi)Jji(q)U9|1St*S7Cz~tzam#(=v?*Rs8mVz(7Q-^Z_ZQ6(K6OisS0;pV{=7nL;j;
zm+l}zWERo&f><=w*T&OHlEf2LyT`aM*pGz85;7xldVPE}LnJPkDjq<(T9AKI_qlK>
zZ)#|!tj*F$2DGC}y2$31`3AfU)CrK*!nZf-E<U1EEN-27`>lIt$mT+~?l*1u1|x}B
zYGVHlpDqo?#Sf7rIQo9O(*#mNHKnQTz_B_uodB%GxW?{9j6C#4tX~{o3mhn$T+<nU
ze4^@dBgsI|t-4JXU}p!mt->b<NCvQ`A6gdUZ^VY;5Af?4rbL&SG=>Bw=oh~&`g@sH
zNRsol3`xgakduwW3PWpF!a_-_ZH-i=Mo`e%?>?UW^<b5ReV7a~n;<&A))Skq^2LE$
z{k_uy!0^ar%dE?-$>;7%QW%kQ+o$W*DhU%B&eTSDWr}u2qvHdMXjpy944bczzYx)j
zTQqxwZ!*JF{vxgV5@7oSxb%7Cm)H3ymDh0!<Lzi4hAvaAf|~>MiBpJ+V5`%UjiuHr
zruF9c`r5UaLmX)}kAAY!LDjr!7`Ol`_s&y+Vcy;(DGZEY+8(Ch?)dM2#@#en6CivL
zR9>iiDuDv(Uwr^R5<P?SfN~mA+YjnaUbk)~mDwc3U3=aBJXcQjVVfYG)T|#MM0Trv
zTAbF#VkjG`L+wkY12(!pJg{L2B%0J`4Px%-?^O%L5j`2IV%*nBhz&mpA_$I2KcB$U
zX#SLra;S5obLSz*#U+9G5-vQ{*RQCAHAenb-J1g!Yo{K#;V~{o;f0vQq%^r1D@^=R
z`5Kq^^H?Q8h+pa?p5CZHv{6aS@~Z8j3igPunovBG*n{9I@5|ak1?^WuXK&lHgOY7Y
ztQFi|&8}R6lI1?ToS){4ixlFzYTp`?^au6FW7t+s;bjYH?&v29(|HJK!LE!lgn7dk
zNK#s#M-cR6@`Q(_eWr>B4GfmM>ldvn{gwv{dk$FtvA@E$CD#lwLaD(Qb=|<pmeeW~
z@)k~**63clQAkM`_^@~lTc*23)@khGy@-xPzt_CjB;!JZ#DQ~&IFgAJzYMEe7y~JY
z>zhQqD#TYbCIm$`6^d1597`?L!**PcY>xH_XW`iExV)JI>G-ZB{9Up044zJEh11!n
zkJpW+*V2UkV=hJ4p|M5cgy8dFMhf*8|IF&Gkea%*b+Su3aa;Ij$y9*heR#geWll`5
z#Qy?<{j-@;z9l$bhNzlz5b21S&*QFO3CzHE7(cSKJ)|%&)rC}yH*FCjYtN{F=t`Lo
za>Ux%q3K|}%o)aU4|ffU@59h<3z~>wK<1yI(lI*NlOth4+`zd*2kQ*}>ZjJy@&Sr&
zI4R++0sp-iyTUu1tbqrE`Ic&JgOjs%@(35ORE(0!94Io@xMupf;9RY+YV}p?nU=@{
z>3UmiqM>O~YM#nfM&@x61`_DhZt>4nBtKJpDW0}$EoYc0G<~|bs1AT0l~mQ9(Qrtu
z<&s>i^1FET2Lk22*6N4*EGiyulPAWr9w%CRlT0?f@5EEi#!#@yE#v}e46$l(v>l`{
zMf#@s?OIT4Rx<s26y9!5_ri0qj*v?%$H;;?vj2r8KDXO~Mkprj_qnS?20n7p`j`!=
z%hCpep*6uOF%*VZWPJOnHa>{d)~(AG@bHcYWav|SfZA_zj~o+ojuLOXBt%t>=!MPL
zYpTyMIHeV5GIVlF-t0pM62bk^Ule_Uawdw?d&Efpu}PN`UV%yn3cnr{G9oP)@kVl8
zzA$X$V3rkqQ74`59WSg}D)EXaG}7-$stssp8($LO>e!Jn!$g#uC*<tmZ|%nCE~3G@
zI%SE50cr-^em;2pWcb?HIIL#SZaNaNJAhZ;7KXYt-nx~^w{y5Gyb{lWCz3hG>DL#{
zKdE@yyC)?byi_iv(ebZ(zPs`%a8(*13=mFoA(q>O);*qcIZMKCMgGmaOUYmvnHPG@
zDLN5Nb(+(JHtm|;-xk6`TR@(4<Wf!4ly>Lg2qgG<JO0`?l27rp5$ue1IY=U6vZ;%1
zTI`#GY27TR7Xc8t3<LNQ1$8c+Peg1T7X!2MqKPU6ebCT%achs>;_}K*N*s9)zq0_K
zRyibi?6|zn38C8;>Skpwdux5xgtAP>a5ZiARVQo~VaMpU8to;nng<Rvx`6M#$VNG5
zfTMDfMP9AG;5(A-wW=ET^FW1B6a6Pu)o^EX!rK3B28wb2WaJ*6699Tz8;&x$L@ajf
zX116&dSZ-||KzWK+RYUw!8zsqt>IYT=*nO}ho;|aLnd%_<YAB-1H0tw!z`mKP=Ep@
z*yudN3r8t>nXm~LX}~h%V4(~A5Q(IG;b56Fdn)8jQ2%(I+OtcqzabS}lp3++F&hu=
zwQI=uBA@m2H?S=s&;vY@%WqsaZH^QwaEX2+EBY~p9~>k9+t?*iXV6)AgFvTnT&nH(
zQQXfflQe$*=U8Tbp?)}6ST-3#_&ncCd53>T)Z6m@kU~UpO*vO%x=sj~6Do@69gRk-
z_~A3pN%q>s8jD#ugCVpo-RR%W`?$<1Zq87z{~|1#TISkoj9fker`xq*@dY)vjG7V0
z;x+4wsw`5jewHlE!@s?ydY%C%wg;oCQ&%P)J_edEh(UmKLf%r^TIq~dw{&o6hhBr*
zKhrP=HUokoWVQ+pfe{`+k4PmdfQ>od*t_Y){GFh<HdbZ>d;~jT+pnai6!@X<h!cxM
z8i-<u&8?JBnRZ)V!)u}u32L!rvk<Ss`#7K03(pf0!i5vrrdn?21PG*^J-Fp+$r^2o
z8ycl2!mL;&D8C^LUG${MtbH5rGooytn?Rna%6<>NM7<Y%ISK?S{uqn_&TiqB8|J!Y
zDr%CtX76|nwrxe(jkHA;#Eg$&XdRN==M;4OTRjZqje9~)-w!^1R9<Y(k?>P_0~`*g
zePcggiYN(f|1Qx!3ob=4)|!|>^KGGtHEVUsMzn&q@>-Xa;STivUi5=Nk9CHSGMtwn
z8S6q_B~vg{iO>}oQpkNkVx?!o3C9A^r|+zI`Y)!PLw=MA%Yu}>QbJ|~ir==jK&|=$
zDXj_%<=yinsYr{9n{hcdmwKwh%?5_vdj)9+uTKcVT2k>lS5{MfRijOTyfZh><%gZk
z4*zJv7N|-)g*Q=Vn-$@h-psxGcXv;(o**OoLRpLkgT4YTX7Go-*JhyfzU5|1S(Jg;
zRa~X_x40axD>>WN<h#<3ojcKMc#RLgrI4lC`*AqRyc9Mpn<V0?@L`?kFZ>nXq4bM)
z4J{fn700Y08+HCeqEJ(wrM_SwUv~}q{<+ZH;z;-e6OIMj`F?na)X9NdmtvSS2eKb;
zmG{dd)HaZq7kB;j(Gb#Yxhl|llwg!crYWU8QuHwj(m)_~fa$!2yr3;LGg}$NPX~{I
zEzOLnVgBuWb%teVVHdAVO54Ph^h$t?4R&Y(ydZt<=96%|Tmc>RG$qMu5=1)-O{UqX
z--SRf=d(j+u1!=bIuk%YLc|;YezAHraYp-sR|WKlxb61X&dt1&mhI`Q53DtGe@<xf
zZb<VA#OL+twH~+l@YqN_{PgR7^DD_V@a?ws=kKAqqdYSESj<izg|d=Ue)=Gp?kx$k
zLd4zbXfo}dj4fbl(w^Mfmd*ABcCnS+Ssgt6Bo0YbxV<U<_wLs>H|7c$`w)u_Ji`!5
zMZjT8BSdkSF9f~b`7d(+wQ0hcLsy_0rnY2u#S84r2PTCv_J~kJ=_t*FI{Yth`s7oD
zSdT#Lx)_TyRR%J3*p&`qiIT{t-1FJC7dLzFNO6|SfR^dFd1@lvEZM84zG-{L;L9zd
z(de)FMFDXe50}CFWsH*FUP610(MC1lq=0vyPZf2N(mk?Mh<E|YZ7;Xi>u--l+3)lF
zz}so^#QVcF@b+4z>7%-`*VL5k;7w6A<6NUuHam7Zd*2tSg{6L6CZnsTqk|#c?B(rw
zdAW5oecLy{CmxwnmOlIB@M^fMx*JVhr%_6z!ti#iZovnZl9?7d{W4B~)vW*64J^)E
z<e3YPO1Uig(1b8SETATi8Icr&@%#;UZ~pCYNNqo-T`=t~IKOS}iT{Wblws_CuL%wW
zWBcG!YVa_Be?IQs$1?dSNsnnr;&yTtaKVkn7C`!lO>X1U{%(8n>n1|J5$#<eY2|sm
z(2!teGvri$wjBaQ&xhR_!q!xK3Fro>rgx=LXX{v0`o1CxM7QC=UFm#1N*toA^Gf{P
z$ryYTiq#Kcb1csyzI%6+)}A`i*K!BGxE+YDY~a82<W{8R;`8J+45#ohRT4c0tC5ow
zeTk_%R5%|S?kh@{Z=!Y=c`@)gOX%f8rGmdvjnWHM6pw=(Q}BDj^WEzW2lSvk3<AR}
zoRblEO99ux7k{au9q&j+v9C~;$s>o#9i=gb!pIOE3(5vJI9D*rW^GVJV7=#={ALO;
zt=hS(skE~bTSDgDja3YJs7aY|t`~Iw{ptnu@irEXqIEFt^fOzCtz8MSu7?SONa7)u
zn1$VRpzMGo8+VXXGf!~_(2rn{1^#_>Q}|>fIfZ9kYBrtYL#e1!p{fhDE5eDpX#2NM
zqx8V3U~6VV<kvMy7b%1`UKTe<W=gTFPExf_6XpeWHnzu^Pvx_X6D9<0*TvZjj|4ih
z5rqQ(X?Jsn^ThPEgux5f6s&pSA&+|;;n)vqCGQs*t=m?oHmvp_AlQX*s=jFT8Lq)I
z8Cwt1ejS(Kk8b`0Je{WbIe1AL!v!L-x$1<T#O*gaymn{DSBjLxy_*Xeoi!blKyyCp
z&5p>)i=uwcv%h=%H_+`6@j}B}BsovpR=G3l-(WApbFOYUcahW)#fpk7*lYZW5dD*-
z=X5e<Jw2FacHW++fqfu!;(dQ!Qo(%m4_S_#k$||08w)Q{eAY@H$@Q$RrUC8J+HC%4
zec3%R&#R}<{y=(`{IXAsC5t4&T|Zx=Wp6+4R~;YZVwPohxdZI0wVzF!mG~^EoeCG&
zqS%ScQ3J8Wv5vVqP!6L}2aOuGpT2t=+L58N3%C@`G2e4R0F~;2=Ij-Bc6|yePY19D
zY%F|PjZ#US{F}kSoDiQC8S7VQkAwPH^g9E@ErsVU!=%S41_Fp)d3Xrb5;f|ZSPD}j
zhdKp^c(ZeuZ|jbU6vlI=U>{K{wYoF>2;PaaSGEsQwNKdT<crTcjHuOLPcWV$TkY^2
zk2Z<z9gK_u0Pbcb=k^M6HJ890m1Y{<xjFC(Jco!^7}RjID}g-&M@73hpz`F>6Rmz~
zvaHI3MZ8;3k5$}f1Gf5OIB=hK8&gSrjc>CR*tIdx>aw?(?i-*^28myvBoX+speh;)
zSLlMZ??_V=*40iIl{Pm)cAdl@7D4pP9c78AT_A@Ch`1kPxS2Z+DBOCO3EFdm3_bB(
zRMD^meb}<ubXC3gPvV+|D4E3N680A3+g0^F2nb%`BhQv9G0pWHXDYMSZ7(H`Hx=0%
zN+o~36pz-Nl-|4vs3SI%xpGUcTX$u>AB`9ZBgO{yC5Q5{X|~mpZSogW`A4{tQq-m_
zYpziMQ`*@f^3ljttZZMM;eUqEhS_g<6Z}(aG!R>(nfhi*?a99$Xxb;2_izH<(;saA
zw`%7wEII)pE_u>ZCO{gnSl=~#bx5-Yc_~SYaN_p)k3=gU*6qT9fhR>lr7nxg^cn$D
z^SyjXUl<|5U-zzHD9U53$CQUy*b6JnM^OD2Ky3!vv=sI^x|Gv*@K}YTz)K6qF@&}^
zv(j^V**vnrvI8_KnbJ?8P;XJ1gDglrABjgs)wQ>7z(Oi(@=J$hW;JUUUdI2>_$~0b
z1ohnO&$eVjM)4e*G#_<d&@4ZHK{tgcBYFZ_m4>7pfY+M=UQ+D6gn}PXg>2d?&gO3d
zeE*1r9Qg!j?*Ay1wUI)#P{npxWv8aoGe2H>X{J{~<8|G-<-2QJ;+uhlxCgsrHI?@h
zTaxFW!LwtPt2Ae8uJ?yMwAdYP-1TeYMsvp+YwtHx>g;j#=ZU~?{7DM=!vY?5=umZ@
z!W0=gC9qms_bb&Q!QD@}KMdagv^eq#aCV5kUWMls-dkO#?98I%9cpD_8*)hoz6>to
z=akF7s*t4i!DZxIJ|9ff`x=mpO!0M&lQ4_-@Y_789{QVYi)ZGp+hqL0r<6NkvRnBs
z5BKs?qF^17S-ufUooVl@hFmf0(5DFUikkLc&HaapO7e*5E7&V`r|ZsWC(H>CWOm)u
zrGyopnJk7#m}~!wG7eVS<PAXe^$V)&+P}HEBJ<}B-Oy3c{mph6L#23`=QgpPp?wWO
z=ZJv|f7aOd&850EKzK~?FYhOI%8{cbBSBqUQbCWq+%O7zhg=IdO)=i$`?v^~lI53I
zyG;n=WzPwr?#2|g-?BdbQAPqHz$PyDUPdv&Im<m6-QODS8bJ}hM!SUJ&)wB1eo}}b
zEGiW8OC991fv@2?r0(#w8|n^l!#5{2RN>U}MMwVMyR&u)G8n3_a90q>K4n3dNDQ8s
zZwL*xdsfU}1do};Z$KGR%eMzO$sZ*9_e#ZP+;?GSnl?CLY74b|O_n`U0P6O$D~^_m
zdcl+;V>bzHgjOWgE34N&VrP41@p1r-1VUMxiji)q_-UzLQ^jE`YYy#=Rqk;Wxq`PD
zy#;0b!x~kj!<jmEw*RX&5;jBlZm<#_8k?uqEN8kJR{Pe9?6%Q4JlvHxYbEH$n8cUf
zm>z2lWl%bTQ2afPUd-S(Ff>UWTzXLtr49S1YwqN0!fWgOfK3<@^NEoe^Q)=@Jr`<I
ziNI+Vug5u|{J5hDHB3i<jn*WuXHZ~&822S*Nt<`b^s|vpjZ(}$|FC!(ImLJIIHmUc
z8#K=YiLl}x#_VL*Zm+RBip>lmtl?>M@icy=8Tzq&k#2ia;K->1pf1nv{7|zGWk^Lu
z1Oi}zF+E>S9qjlVp)B2E&*=rRL1TW|&6DuNyZ5dj2xtt#u*PEq>%bA$s8>x1J4DGF
z{ETegruxksTG?$!OqHNI*>pHWPpJG9dDZiu<0{r9p?yaQGoOQHA@xGjM2Ew8iR7mK
zWx8<B?+GpSSM1mT5tC%NcvSr!Cy2P{7SonkIPkAj4D!HezmqYY!>X0)N1o98zEw$v
ztooMc&2OiQao*&z6RjjNX%0)oRxGem2!HqEgx4w(_e(}G{`qEfOWzWbV{!~=s1zOY
zyekOlit<S;+8h+uGZq#p$M0RR=o|St#wu8B6rBEPST7n-(v-7ToiY(CPh-UwDdw5v
z+@c$v>q?plVDQU4GbQ+W*%xE&o7n=th!vs5-yL_1k;&3sYS|O3sA1URkpP-^jxL_u
zgZ4dLK*sC~Q8abE@Aucw@6q7b&twL+BWTez8hlfp2hzb1zQ^~i><!O!xVN*CDjCJ+
zsF#=3tL}i{d~22CJ<K4jrrKXzQ*@4sMC)0thG7~hdB)|#^8QGH^i#~$k(s$F4R&X)
z#;6b^A`pMh9M30Qswlo7jzu5;e;H`#&E$-7JJ$;dVnY`>VLvcV0@st`84v4jow?w0
zn^wKl(8EIMMtHPJiOPihjBj;+iOOHfC$WTO(Sd-EdSsqn#;Al`7ZNftyLtW0VQF;R
zX*S>D2dJ!s=gU2~MopbUurW&QY&yCLa1k^GB<LLqVAt5o2$4EQ7(Klkk&(<D!OM!o
z^QntMVFF#2YSwsio!F7Q)vgSO5v_X*Ifk{OMWfEt$Y`L6f=zoP-VP9-oQxUKn!-Lq
zd1mr&JdhF4wk!WoL9QZ~zt;jHD?UVqoU3a`v4>#RZ#x`OI)JyXaz@C$IQfau-tT3z
z+>p@XJXUSe?ewE{?xwo^bS?$?mrP5^<-w40J#-~bqfCmU2A6WTcZQgu64dvttudeA
z=eu^bRk*OOc|=b_8T-i0^Fr&Na*%`RaFGywTHJ@^LT#{DA}r{{UEDrn)u`RE=Dj2K
zxPKwHf2$|WCGMsfst2wcHWlE5njr!2LuVf|-bI)A^72F8yQRu;y+6d4*JMV#9=2^0
z6&fQ<5%_tZ0vM>%{%y0J-Bx4&j<Xm=@DmTxYx69XM(=MooqgL-_%45f8W-8>_9lGA
zI9SuwdA$2ock(i}pq{L|@!7R^{MlZNqQqX$@#N=)UPv4f5`{~?5P83?F!?vY2S1)C
zjV?8ST>^4j9PIb0x4sN9G{6CA;zHkx#DckS98YlS0c{zAV46`#nDb%?vWVvsUs)mi
zIzFFZ+yheAwQ=Yfa@1_cBuxl=9)z0e5-k;5yX6C;R?s3j`c3^vh+$J;ZlmT(%SMfF
zH1{(E!q50z62xUvV#;1Ldy;g3deTR-pcYY^B*s(*si|E22;KN%{7+SRoxbj%6E!a7
z<aM4*TN%bQfw0F%umIG91xsh1IZgAD-p=tjnX60vQ!#)5LOLF*CmM=iT6JWnwfanO
zNV%_iv(w%Q??Io3)dyp*BIa_NDk1$T)H7LhIQrKKp+hT<aaWL5o0ca~O{QL0714V@
zLf7!T?kX@Lrp3{^d`Aa!Q3ras21`88ex4${$s8AWzgpk2%?W!T<z&!&ddk|_&8~?r
z{M6GGLtJxBMnCYEhr~zNXlp<x$~dli$f?a{;NYc3eC8f29maD$e!DaJX0*Qx=dKGb
z6;C>jD_H4rU>~!&M0XUZOrR{P&<Q5JWYTRTSMfnSNVjf7G}$$qJ~4Aaa#15|V+ac-
zx=;1^C(`U(X?bK^ZhnearFmF;4$9!eT5xUlf^XITG0|_SmU}Sclc$x<vd2k?hAU_x
z5@sYvdv2EZk5bx5uMUl(h|+0P5i_yd$dk^uzsadSG4bHxQ-U^dO{`<{Ph*(xha0)+
zO05#4AjIVSBiAO>G@*jBs{?A?;>Y5CY0_yHMtwPHrkWU^IxwV!IpS9=+;{AkD1M=y
zu5qNc>lymcoum7uJ4ka_%_OdOql?b|lyt9M=?CWTUraQU#H16@bzL@r;nA1{Tb*B`
z^ePb0P#oiKmnwja-ihcif`SPfAh@E`77~-&biME(re=ytkomIhpXt7>Rfw?v&Oje&
zC5)y#5!E6RXF2&Ge-=r90$8`zuz*!yfH~iZ;~-C7ZMEI7fYt{}=?m#c$df&asI1gv
zd6xWdn;`{#d)?KXKKw7|q|6D8Xx{G;e;p-sUSLOkM+yMF+u7f5-;Fj0WTT8U4{~cD
zCtU9N>}wxl6Zb#G`GRXvXopIf;^GHwz@;J4ZQoZ&7*4{*PgV0_r`MP<;MbQ=j3X!#
za9zZ4K8NS9KD>z<%FXuNNn(8OL%ZB$->-=krne20Z}b1VOV@{D3l0xCAEP+?WzbTJ
z#b19TdQ||BrVMXkic5U?HPlaR&Ml+zNgNy&$}$#;J2;Ftjqd&fZPt?%znHwta=92|
zY#1+?b#)-eaE-`?da-jjUlT*T;LQ9&l7G0AM$z}%Z0#&%#CVLkh4GD3ImQcLgClMX
zS!YU;frYD|2_^-9tXJxw+poylcXGmDj};VnV#G2)8Iy(Zh);p`Ym=0oD`G+O{lQz*
zNeA}Ztw{w5hRjE#U&v?`%E!hH&3P-n0w;KDS%u&<i_(W@!FEgoc~pg~QZXO0WAZv4
z-Im)2BPhIcI2Rn%#J`K|rC4~y7TmquhQPu2PtK;lp#|&^*n8uQ#wciXU79;pvU9i-
zwZ;YT4`85;C?tBizKLse5uMVD{y`5s6AcgEL=wq73qAVuxvVSLwdkl7N<nUo(HUj0
zc;wXs2@#E5KPgbC?Pn6K=5zj1+DgcJ_SRijq&aTo%50D}zQ<+t8tWmwA@u~mF2q}c
z90f6AVq=j(Zqb6X??;NUA)aHA66UE5*uof)pB%f%gyyC~!_Z%<PiOaKw72dnO>}N|
zo|=1`q}PU2D{=pJyP_o{ARPrM$ibezr0EA!xk7C?kJuMLF53Qbpc#s=(I0+?!lF{+
zV?!YLTeR(ai3>X+PPG-PTMV|}sw8AIwFmaW0JhF2F-S~PYNx+KxEjW|%7dJeayf=T
zfzhi4^UL5QUFSs}V--YCSS#XbhFW!<EghW7>~@(0!gD}_fnlWDps<<|P4z%x$p{sO
z*w0VSu_rx0sAXQm-FF7eq5{H>Lg-Qv9=4>k=b!BlOcGQ6bt<?#VWJO)6&<u5)KK92
zM8w&J<aEHdyShITpU<*tBw^LiRKM{67?`e=e9Z4VHy$aH^8?Utd_!{|9;NK5x}V<!
zu8$ReYnI5NC<|t;GDj3AGzN!Ix(jH+iDg4uv*`9;8tF{nmdi5K#0B%2f-S@*C}Jmd
zaoVi8=L_V?`a2{(oW?=OhCQ++sst|jEDb2PYh^^dEwzGfmxA_}t5-!Ab}iq4ft#Jv
z;;wB0|9iHz$DLxkEfvpwC5lhd6~S8y_p?I-7$QS^*iEx|Dfzxc#{-}Ch}xTJ*pX**
zZQ*ayW!JdQhb54)1eILcyPiPYS}zAHHowgFAM1Vj9-+5-ujN9~AJV=iqs7Y_JiEwW
z4B8gSfsd;sG50tT6La=MLYO)Mgm-dzW|6V|8cPcW=s_<|m}bp%%AD9oBoP`j1U4u<
z*`zkg)5}AJQF-lXM9j4Nih<&(3~P^H(_`aSXvBgJch8vu@eFX&w5A}6aJ4E)#u0@L
z_sRu+&!l#OOEN3E)b(502k{+v6O8H0i*1z&=|h1*_V0Rzhgi^RdwgranZw`yn?<4g
zZfBjCdnvxu_Rp;~jgrpNh_~7LY+P!y?Rp3y#t#l)^6F6wvEW@CDT(zGD*NcC%Ej-q
z)v*Q1Dr^Zc0?6N;mgk&wB_r5Ym@%T)2Aq`!M(~15C#!;cqv`+Rq6vE3SV+83kCu^K
z<}p3T7+p<Xz=wqsg}L7XqL+DuRlzre4?STqTs5Hqmtaw@G*1k|;IvU1f=QSx3_UW#
zD`SixE#o7#<1y>{;}C&!5+1(d319Q=6^p~V;b?1o-(w3d(|PY_4TSe3jj2Fe;+!jE
zk`S{-m+mG{_jhsuxrBTr)jfWZ*}^ely71z(8SO-*U4P?rcr;=_(4Te1eXSub_RB*}
zEN6s5osyw|+eXXTN@VYky&`fd6p^r95_{XoaaZ*=wIzC(>O%j>{I8Fz!+ey_58z=s
zA|y_)!-j~c-DZPTol5fp_Ta5y)Q!@wWihNQhqG)y&Q50@o7s#gD#rW9#Ro|?#LYtw
zdigSto+tl)m>B*5TBTt25?|P1pHh|TTSBr0>XvQkmomNN&+Z{?Gn&DXaC;gY7w%So
zR=1XVLk7lNo53$~ZTXLBR?9L{&OAtWuYz7kGV|zu$i3aPIr*wN*r+jcgsSeB>l_U(
zrIEj=@<`F8@AmCmJ8TvI^X&geF>ThF=iTPf?4JF?miG>T^EIoPf9x16eVm_Vv(?#r
zP5iI7JRD!#=MTbnX3A_({Ga)XlGS@qjulc^2s&KAsZ1WRqgpDY7#^88ax0?uX=0D0
z>5zi^qF6ffLj5+krUA*PkE9||GC3IC1ixOl>jns=RTq!QP5PzPZUx^*-_EInsAm1R
z&<Dl3DL{ft!z7GXi5Ey3=CZ{JXB32?%i@JWrbMF=Tyy>@IgZZdg!IGe--XWalRRci
zb+MEg-}|H-kL%^H4u4IkmtNEcA6N=R=x$?-2+(}eM;sJfa6Cq1em_p8!D-^<L&Y44
zR`2B4k0?w(R?JZg`YV62c8$-u+-9_8H-F(8)dT*)+A^oq4?MnYRW?5*{4JB@k!nI@
z|J{M(<kP#KztXJWj>QHg+57^YP@I-t!_)l@GT$v97eZjBmTy5Tw<nj_c>zz>eJ?Vu
zsrA?HR55Ugz$M~+-~Nv;kP&^R-Xo7@eUL$%;>eiHca5SPe~nhtMf*?ACeoH+nFW3d
z7C_i`<U_7V_@@l5Y8#!3LOcpaP|4YePx!>mScU~JUU4n{BVWLpzwPbQE<SB!4AF5K
zb!ppxNN4ZO>M+E8_7Hn4#G`$cSrPM7zXI?I^}fI$;(R>6Q-*C3nb^Q$1{A@I<*NVv
z4N2aFh*_JR={Y)i{_8ztrmWS3I{Nix4}c;PcRREE_sjKbVwCL~tID7N{MS%dVpKm9
zY0~Y1Dm}+(m)D&niVu8*+5~PNjF&POZc3wX-Ufb&UX3$qRfWuD!kXxIQqIGjrJBf0
zjiTjftuw>Ozn$EBcAxxXq+mmnLVs;Zq!k++TBi<E^4uUS;Q$-hnJ=XI;sHeQo`7|W
z(Q(7G;q>p3HX9sx*A5qUiFM=FWq<otc9Wl^f{5@f<X~E#4pRw^;lTckNm~(Q2tnkB
zQd(6mn%k$LQ#5aH_4E)euh($NXx3c_6Kec7{DMw067G@nq@2<F)JHUtiVL%%XUrd|
zId%`{hxTUFG;b@T<58D83pgTu7r?X-<6iQ#R?RA_3Yy^NI6<^|pqJ9@27^fK<$erk
z2L5xa@R?rPVz&a{OW>k+L1MRp)eF>xZE23fh(cLLWalV@$mumY*6{Jo4;xMMf^2Qw
z{iGbPCphU%Sz&fWvH5H~|4uXI5<(I8+W`JnuT$Lv64pJ6xQmC$7M5@5wE&)xZb21C
z+D!5<b}+e&&&sI+Rz-u!RrimAWVscWp_B)fYLRIS(C<UXzGzv3?uK-AE-rw%&Q3A4
z+wAKGQUCN*6O+Rmkpsj73uWtCx7c6hS3<<yaTL;<{@)hbJV7xz!;hP7mpNjJ3Y@wr
z--EWuyrq>mgIjmDCpk&Vhk$fM!NMynF>}O%Zj_4dQYPM2gADw6Bi82oE@_=}ZeQq|
z-usZ>cJ>MHa^+f(XvVTW;_B0xvdCU}yatcROJ*I`&Ete>$+)}9X-WbWzgp_#`bc}M
zj>==vRB4}tYK+|CA6|+C->=`cL=3OQ(O5)q1NbGG5kur>^2%2jz`(CuneK^?D#7!n
zkv2NVxNZ7_^0|8hx*5ZRT2E53|9;~(z-x)Dry{x!bEb#{tL)+Z-W#yHE5M6Ju#CBQ
zKqa*1x#{c$`qaX6bu;v`#}(?Ind>Kwant-tAUP;?w`AgoA7it7h%dcU?oL{RFvuB$
zjn-@h-4S>Hq6CP3TL6CeLG?zjEc6GJWKt@g_>roaRP`3BmS(|1d_QH7wPirW>@X8I
zv?E=@c{=1Zt%5ak4f2c+9FKmkN7wWlGG_6U$lV&SMyA)9%u6ecx3a&4d*RgVyh_SZ
zdBE7Fug{oqeN4(xdccT1k70*`s_BIL(ur3dZaIzcnX*3>TndB|`5rH~iLIi=`PNRM
zuEQiA1#VFjosrKuzyS+XNp#HUtnYlIvr#-GaB=AResyh4Gzu(zJ{J7+xT7YJjx=3-
zMg>G~4!w#$)b?5q{SG&%<ZwO*JB8@2q!cZbc5zGk-}F+Z=hnZ!0iXU~L?KKe`#WQk
zAuC853iN?6Z0g_u!G8WvD|wg~wD(_99Uo}&(|<`J0-(eHk{ks=^8b_6_YK4g_aA8D
zy?w+eLNc5Xh=b@qw>4r&C#ld75RfDg5a=KH#s78qetJ#T69SPE|A&cPb-9;#5E5cs
z9}@!nzc@awzJ3F+@td%?$*n>lM3Vn-{vY5YBm~+2&H0I75;D2$5|TU_K^TPi-%;WU
zgYZBt$e`pLArM9~zzX_|q9FYV5(D(Vag@mhA1sgr=*iyyVf~Pwoc__^r3Ql_^c_sB
z9GMvZbN>H2X*wJvSrmPOfS?6IK%o3TV?f18z7z%#{8tjH$cN}%++;=(5cPivn*Sk8
R;w8I?fGD6z2tGPP{145;((eEO

diff --git a/spreadsheet/macrofree/waf_checklist.ko.xlsx b/spreadsheet/macrofree/waf_checklist.ko.xlsx
index 040d312d0bbbb6a98e49319f9f5511b12f2eb711..1b8df19e7f1682a80e0beeffc03030890e17fef4 100644
GIT binary patch
delta 146664
zcmY&<bx@p3^EF8zSb}S?;O<V41b2eFySvMi5Zv7Z!5xAxp5X58u(&M2efhY#zn5Fz
zUsE-;TQl9$=k)2Gd9I?~^bEau`&s4{EEWt53<AuLZ*OAX{z7~jG=+FD%n@T}NC25m
z7Od`e={@hXyyc!Zx+E$-XvqGrx*KAaY`eEnrScXVxXX1L*nanBI75yz9b^nsSy1%8
zSFH)Z667sW^QJna5(qHB@6jXt=$O?V5VbwR(=FoDBv7y8b0V;o5reIU2HN}zCJs3i
zm6gcD!kqAHc7u`pnhgiX=ON1;#th8E$lnOTzc!a9_GQm+su*lC>gyKA0;ZVlMLef0
zNI*C-YWY~QJZrx}`|}=>`*UjP82Wo#AgDS_Y8NF#27}E+&6yrQzg^Y@9W}35K#osi
zKD`>lywSsajoBIQ54P%g&PR0IkTUdPZzI26ghsN=7pnNovrZ)YiXfrkc5G*B)P?)G
zY1IGEOEpL@dtamc<EM%rokm{6FJV>&YE}`7rU6|SiiRqiaec%$Bf~>4!|Jc&x>%9m
zr<v3hB1q8J&-aMW4aUYMM<z8>UD;|%j()HC-Q`m#<>a+~dn0CH2Ko9G-(9sF;q}ED
zS!3hOikQ|Z)wCTpEepRj!E1c<Y37YF;$W2b9EPHMEE}d5;VYLNc#heAtZTD(@1>+K
z()NJu0d>7UiIJB!1p@Bw${dEEDaZPwCbmNHqrI}>Dxu3Luy!S@w@dWS;(o($R<*)a
zg{ZfV?-+ij;^DQ((z@43(py#2ApSU*cUr26q3(cnc0NZy37a=U4rw%9jeJd7vNW1j
zHC3-2MyyI#9W;7^Ind;mQDj59hz>K@jR&ah&3=U-XF=m;v0GgtYwvByQTsU&|IfkL
zLXW0u-D0kXq`S~6x9w_RnZT`XMpcFOiG(+|t#;>3=}zfa(WRf9{O5|A=6$vZbMfVL
z2VKqWbz>9R(F1(m2=8u*HO+G@l9Dau<MK4Ws$_8CQ(*P)moU+{B8||G^_dd94i*HS
z{*x_$LiEvs?Htp5S6^*r&z9L{mpQ@pwXb8+t>Glad^>%$n*UAjVg9Z6<)Z3O#e-4%
z)zw-@V>?|evvEUCQYvpkWh)cHnow5Pvt^d*>0TxI_)5L6mef$4t=y5ecJGPrt?jEz
zyLv4Po9(F#m~vLOYdL8Q*i=GrvQ$7(3;SACP#L*eqWi}3s+I+9>W|YAV*kD_@?#SQ
zI?>o}(ROiKbg7K^jIFrcSq7O2x{5Q7ul=x3KOaL0zT|O%$wo}gLrL}6^gk})s_B64
zot!P#__3y6ozLWH^YqaAVH-Kj(AgU=_GYEg@u$1rX{Q*yq=;Rnl9&)YBmfkY6*%~Q
zE*`t3lj2Pj|2Bh{waai%OH~pNm5W_W#+=T&hn(y*=iomQP=96{O*ggO36mm#-{bn!
z^iXM6dRMZmbSkv`a6cG6xyu|q%4|y+cXwzQZ$7HpIF5C;2rev?gYIdrM(*qkt6r`f
zyMLAA#28i@u6<#4n6)&@x(C4ST0i8~l-yz+LuZ6#q~KMvF408!h%YQ-Ycy(P#o4B(
zJ|$67$`!>Vl!TP}BgH02s^F_;{b&0gO|Xm4)&OqY2;8KW7r|Ma{1>X}a{0rqwB~cS
zR|jvJNq|5wCK8>zljB=fL&Ku}yt{gH<8tekWrBGTXJ_Djes4w$IikFb;ax?{$adRS
z_93`;hiZK$II_P&)!hBcEBkiI>}dY}4*YGqyyX7;vl(i)efnYcl1bKuMD;xc3fXG7
ze1$-i9kv+5P4*>9O?BztgZyWP*nhV#7gP?emQ{&Elg6jc*$&$jt_-pggG<z;^GNvZ
z0tC?6Ia&mZcoXt{8B2*O$_3>Uzugh$JLUAoAi8;XHXhr~{vb7bSVUcm@@rFtU@Zl*
z>vaa{9Y({#kus6yj7FmL7xDGM&dnxvXm}9$UP0d__74U+vh4_72Q>wL$rcRSZcjB+
zrQL6#x{VA;%XrMllTHj^O;V(-)}n9#<`Oo9b+8uJ|K$n%{V23#FVS?F;9IzZLT`dI
zl#7_!ALS0^sOAggg!2@=Hv<AJ;-|CM(z$J|58DOvo^#$;!<{?Lg}uRM3MW=)sqhRc
zUre+n)RZ9|tiByA(mRIl4tZV|VC!rVIIzF6Fx5?DUU(=EOqxKdIL!wQ0Lfk|ZKgQW
z=sVc7mhU*}LsE(uF!RtHwYKr6nW+imo_>NG=*IJZEYYoaqZB>lL|YDvrE=A{-xBGu
zM<Mx}pJ%(rl^^PHl|$feRP(mG>$)e;b)hj^=kwv~3^Z^vMt^RXZY7VQk$bb#!V9Ku
z&IV{9jzgHp?DSF&@E3EYYiZhH)^^1b&IIgor;d5N!kl~8r!?fAsnnt~rUkfUIZ?<O
z62gwdj7Ucg7SST`Xlb8=avSpv)3kRa*K}Qht46QeVY9kvikCG#aCG(F1o#-1oq6ak
zt|H`a#g1D^=G==f(7U;ydxX37;P-KAg75^PFQa^_uz{hAY0*M=-=PW@#EZ=G^MzS!
zF+f(7_ULZfkL8^ykrNiJ8@U;o3|l0XTezr3CMWg6+tH4M;PB9gN*#o)a(XK9e~w#e
zptHLR3l~#4It3J!!=Pp=h9TgM{%{T3pZ3_57!!xBSxgsj>cGnS-~KbnsR|5@fDOt7
zcSOyq25&DR<0w<Zkuv~rYq?9cwQGOSC*_!?Ust2CW!t;;u+V>BYQET)CPJXzJyD}l
z)n-pZ&#($zOeU#G*3WGBsR-kup8oSXW};=m;L{B>jK$5PB$Gr)fHS}TF_*T!ymEc3
zA$odyIDPnHEIin5%xCZZaCF%lxbi7)zdG4F0k}_Ynolpp-8BHJ$(ob&?NuQ)1!ni@
zGu%<&?z~&%GP_YEJ^f%Y`7nDZbD-VNY_^hn7Vx`kyO}I?RQ8qm<?6fB%0$~JYl;)k
zP)R0isTx-{LKB)|pgB&%LH@dim<dljn+WB|aTi7ybH*9AlS7uJCEx;JA|<-yJk?eH
z{eU{}t2{@fc>t%oRzyTyJ!P}l#1s~^2G#ya$~1DZdWy!Sqn;7&_D_bh2?=*DmiX$8
zp}%~fPRVVLG@@c}r$>C8Zu6ZxDPOPdNPr-zDQMr<XXmK62vl~a6-QHwhi*9%B8}Ag
z#yU#KLv@=naI}G@0vq^mQ?H$BJ2+(NTLQi^Wxu=R#Q62Gu$G05IW^7ImoKc!(z*Hg
zQr;==rcQO2f9ERq?GkOC%PUTz8RG_b=N%lIN@2E<c3}{@I`f@=5SpEidTYertuBR>
zCev2v6%b!kubkARj7Q|@P>OabacouM#d^jL06YpMd}6{|ATRu9nDzB3GEcHxoMNyw
z1w_p+3anC%JwEJF{n0#rdB>BGO(-4@dCM)KMRj7$4Qe+r!joxT%@)ecBFYGrq{{v3
z*W!=rvCsg@fow)a;DcY{TP%vtn7q-+ksXbrxoc}(S((Un3YxXDUkNy7C<XNOOM;!w
z?rCR9mXf>_ZceZ7PxIg*ku{ARt8<WcKcAvwKj`^X{n>rxc)Rbq-KRzIHV{4a-B9+$
z<J|pmuNmMa+%DvPu|A|<XgyT1wZmPb$H53(%a-U1nLTWMecaajsFu`ZK6+PJ(soyO
zMCgG%B2XQ<YwcGqwB!?Q1uV_hKQJI)+i*haAB-M%n}D&m%hMOb%V(Y7!Op_FJA%p7
zZ0!g8wlu*@h<jTpv7g^f{$7lqqTbMzzI{b|i{C}%`Kq2Jh6{1-O&dWt=*7F{Cg5g&
zI4E=&jCrkX&sAm7q`bmevh$-Tz+5!Jl{A-64nZL|1c3@E$0IHtC`sUy1JlvcWSj<W
zGy%^<oEk*5EOdcTH<}XEit#7La&A^&mE&+W8-CMrM|@_V(TtnUke9DGb|kyjTT5U#
zl5>=OoLHYkNGgraYnZ{j1#Xy6kcf-@@qAL@E`3pbIrDdkPsD*C4caudtK`s&$-ai=
zti(Dl8{mhsFIgxg{;Z)7(Py;wrF!}7@775<AT7-w@bY$@TE=d}J893jWqQ}%T>QGn
zM!344G(A=a)$XT;<2_T86J+~z!JIyw-tykU_KvG{^g3m-ac|C=2DI!Jr5-?yzqoXv
zpY>`P1ungQh)S10r@_kT3umQm)?;qvcOyt?Jdn_Zr4y1HIx{pS@he)omziZjO$aR;
z_a{Jjv`n%|+lr*d=8QzpyUfG!OXUk&2FYYfbkh8hVQK3r<fs5aPFA5lI!mqrcZsuG
z10zz?DDClM{_?AnsHiK_GW?&!`m?R<5U_`UUy^t4)zQTa7{qPy=Ed&;j%Z`Gp1izj
zDnQs7yFcyySLp*#8GTPY1_Sq#EX1V(aU%r&)mHr-T_>-{e-53?;84AYB7E%VdOC;>
ziabo}h1m7Ph!6R5(rjLo2D`>82`CZH!qrf!?Q6&~*mf+(g1@n$omFiK--v)evRD1X
zdOW`!!s#j$El7J7E#NOU-|XA~m!WU2#!$JPxJz0C#t0$2??k@f1c{gAa8irqIFVV=
zNe&Ezbu}{JfmISD^$fziqdq^Yh3ynDuMu(cfK%F8osVl6?(ao8)a9EG>>-Em7UqAJ
zw)My>=sy_jmqPlPCM=<l{S_*VCP6BzcsOe-j#4i!X?8*lD1f|~ej*liO|@oteG^oE
zAT9h)IuUL=@%665PHfFlR>*zSkM`P*KEvCg(b#%D5CmE*OzzzwYpxVG98phaf^6TU
zw9%vLo0HV!RQ=L>SbE(iA8vaCf!kuM6jO_7s!Q&zrSgoQ^H)tQ@kmfs6Mf&nwzL^2
z{DE)*JoX|0pjz5bY0=QA3#44~lFCYMNEftw`^PhIp=Z2|uf}7rnM?QW^>`UR-)MS6
zh3y@4k!|{VLFpHIWP@Q>IdzMx1{|${v`qWT-ZbLXncK2?ulo;XLz$V?t5C1ip!1`4
z?)!#p>WQqKoO7kz5LJc{8_b)$v{yBJ!%_qEu{CVdKr<mv^XtxG3!2)_f9n8YAPPS+
zFfl_z7)YiOT(|B5Go1K7JZXOWj0+;;u;%r?3MH>IRH-HEOJ`r2b>5fFLbZ3t+XP$^
zYjfuiNN!*#4f}Ydb?-FkIomWXiSKli^aPXB;})X})tHW1p%mNQO)9;eonz-|-s@gO
zpgooU8>_2+$9>NXXM6TvHR9^s)(Ux@z7FNvKABYwrL&Bq4%mr6kL`~r%9EB%Qp@l2
zR5_{rqKS4joBdn^AoD@_>eJdsW}WbmGj}SHA8#GT*85XEG9V5pFKM=S*SpatNrslG
zz4!j;TjUmR`%DwFreR$Jk>Nnxr~d1cvcVC(S&HoQ@#Y1Jcu0b_((7PMhpg|9)5wOi
zuD)*ndb;At(?b=Y#AwelpB6K^eA(k-&!q&;(sP`2s<2I^;_5KzVhoM$eg}GzXQA=4
z)OgFdRP)A%F{{4&lH+nxS#8!mP%0t(^O2=31CTw{#%E-8f#*}u`z6dKqrLWxwsO#u
z)FLtb<$OV{WO#6kFb=V2tW9WQIw0pyZ2I$(cnI7}FRhpmu}vYZEDft*l~V#5qfkq3
znJ6WsU5jXVa|Qm-Ev~$N{Pk%hqq9zP9b=Py+^Eb7F)#LXe~peJ^k*h(OadX;)vmlG
zxH2J2rZ{@*##FRIO*Z!{C}DEm@LY@T)b7V29m5Wni$bl<dzp_}e1SjxE=K`x&-?2E
z!!0O(3y^|oI>!^M>uq`RqpzJUDdQ25odzQC#-r`_<Si$f!E4=F?~s4NzJF7n^+||7
zDGO4%!;I|QrWAX)x(GZb<>Kx27WV2_!O-e`4e-<n<ey#KrIVAQ$|K96qwL2k4JC#(
z{f>JZ83sF)3o1o>PSYM!j@Z@HI)QCTogPz@edxp&cXLrz`eus@@*c)U{skj>{dJ4T
z`h{^iqCS(pPVaFYis6%}=jL8zl>X+Qvv(xA0Q2+$nT9N}9F~KR&OAIcr)hMU+YvO^
zZ`rFZP&;rkn#N$c{aA*S53T-`M4#Q9YvRW8PIxj%rr?fcrVVH(oK^H=<}`uo*bO9M
zyNG7$+;aYj-@PgDjoa?V1EjO}j;plo!zzFLw&dX+X*0E^qRQy#Ls`JkCs1mF=TIIx
zV>OUhL>n85CE6}S*<Zs?ZJF6E)j_A}u$f1~9iQ{R;O-~fOp%(mGE>qYG<1$BMAwg*
zJ##Iqj~IN_MpI~$LjyDWl1b?dm5b;;mhZ5mI>}K!h1a%E+)Px1!IXR>nE}5+0HtmO
z+~iCw_)fUZjjA_Evx0hKZnxCB0oY@YpnBupdaGX^BiYwfp<a8Zjm$`?+`@vYy(uH+
z6f!m3thBGbb*u^*v$YNC>y>zT5~Y1N^Uy_mArq1kZaJ>l*=>^gt@P$o*Q=eyc3&^!
zn#h)wT@<M8A%<-SyE}9H(IP4^`>T?BS|n*zed|c(QmK)Ii&2eP&N68SU|x!DUD+KT
zs6yp-uwLVU4%bshy>gz4=4QO@)(!PF$P#GfZ{H(KGtP6iYN{XWy@j+*G;H2%Nv)2z
z*Rw^Y%a@&$wJR>e$hEJCR&ocl?`sph`DuTPBay0WC(eB|e8Ih}U-`kdPtMzYMdvuH
zWYmjqI{M;vy7VLx0(oBsAe^+AX?Ba2D2X|(s6@nvVTetpBqT~|b{`Z)87RPY4re|y
zBbywbnL>Tq{NxjuIQA^NxaD5!E;GnhUKz*<#2X`_jVtKXZ*TGhO6xmMFf29yLSZ8{
zXv@EP!OdzStTF2r_!kD4!eI&sAXck4pQ@SE1`+^zGU*C<$1bb5+0^&wGPLDR-C(3x
z*YzHnXDNi=6~!7>ZWeJ`N5~Z-5PALDacufi^=oRvA6Gvlui?&qTp|zUHCQ1vt8+JY
z*y62C`LsPmSNVMnn`$6g8jT;Y_l+y`v?tR}8aWrL<3t?_O!evd_F|c-ihMdS8c?D;
z;%0h}&`G2YO{Nc6nsL?nmxLSFDN`6=W7B(4C`+}JH8NspHaO9F<)pN5y||eNYUiV{
z8G_?Y*p^V9Q(4bu577rK{b7_X>-o@<I#!LCC7(!-KE}g+@lCGn+Q<)ajhlAwoqGHp
zR@$R6+y+zDW$l;%l$3?R#VK5MTho3lC9?D4+!oeF{Kd$tb4D3t_6C>lJch{vZB^te
zh#nB=BwJg>8Pd^HqXgNrm+Q@+sK7s%kHPP=+o4OzW@nf8Tj0s%Q7;%l0l!;|$Blu9
z#bJ*#qXy5YOrb5Ram9ETDf_p_!~^@Yy-g1X7e$P%l>}PA-WMURj~*WiLb*f|wh>yB
z0gs|gE^c%EZO*wWDz6{SGuyI|6aDHPprraPS^rWY+Vj;n!7BZr=sDjuNRwI9qoe*_
zlxzibcpIoy)oZqWI4eXYsV-~=D!EXz1UIKAE1KONl)J%&!O7|MW9LPITxV0xCoWf2
zhLhXJBO-v8z~1S>Jf*)pimxJf{3=kBeU#+8w8HcHM?3HB5jY5C^^RbR4Q#2h>sd7t
zDtYR^St~24Ii)&moY~C*Pc0F3H~*}NOq^WqZG1R|(kr)0mAl;9dVJzd##Dp4zGy=@
z;Z46Ck@6WD9gJv7gsR@X|0&RYKz{H5yxCPV7HneYxfntp29FV*x#oXrO5knv_Cz=y
zWgC%~M=|H#+&thKvFtZ0_>~3fTBqnebUPN&GkRR7;2YPoDCk}Gzh`LpVT+fxcY<NN
z1P+U5lP8N+%Zp3ng9|sxL86snDpl%>!xn?R`@{nY6L~H|F<f;VeE?4NjLNN_L_MAr
zpr54#@#aP$c84K%h4w3L&4(yIlx-u(%0!Tk;!_>S>JFSU@pUCgWKM{EP?VA{=V4>f
zAl}Fxh%f624sKV*{$|O5KRNbGVE*P!KA#gV@Zh+hv6Vb=<>ceVJB=d!$HjI%zy`YB
zyZ`7@lBw@Ef$IP~*jJ{#$!ETWKUYt#AIq@g5^-{|o4NYq>Kw4G!_{JR$?qR=%4f()
zZOM31%^L})SRF?Z>p2|HH(E+q!O`t__FtxtX*Gs|OH&{J$@E5-9NU#XYu4+R!3{!@
zNnbhM&4d!&xI-;ut^@?4rU`41kkV`;OeujQCk20AiN&9)Cb?@9x~1+7{e<nDtu7ey
z5oQ=Ep^niyzc5eXGj5uQdH*uAsZk3K(G_S)UNTF7er$q$=P9n13zJC*vM<sVk>IJv
zPOkSTXGs_q6%1QGSd|$5-mPsxZ7Wrk>e*N7qQLPKwa_%DP|zq&ZY=g|@v2h<s2rrt
zqr6X_V<_O9P=Q!~IDW^v5t-JTF6{Q*Nx8$fiV=0i^J+NJ@rPC^^hL9IOZ8$Y4vhI1
z;h&v#f-M8pOCLNTad__cH>+uAWO}nF!GF0<l)-`Q(hGva5E`y9${bBH(2F{cpMB*>
zURV~Y56N0iv>6BPy_d&iIkk}7FPh}<jGV`HdrPR{dvLqJ9&G#{JcvK3(QDEO5G5dj
zMW@Kf=@>ENs3I(Jiq3~#aNf7t;$;vyERrMrZED2N|E>}^owkX7(gSAj3gm6`q`UhW
zm^1R!{DZf1%IjrjJ_?n-8<Kvam~Xh&>8<8cZ5B`^f!9o#cP5)hm3(~Bp38fdY#!Nh
zm-y#uDdGgS6TQ8;AX_2$s+7p(?08v{s3MAjkC2E!BaA5R_Yaj?l11*i$P|COdGfR#
zH)2sAFdKVQC6!f8>C8l<VW$tFi##92P1Fh$wSMN{^m*b#WJRB&zr;Bs)Q8g?$a%sl
zT7E_)I>|Jg?(%rxpTmgY!q{PI)_d<77QK4t)=~s<B1my5h^mPLXNHS+e^%q$;-4ey
zRnwsa<{AtlV|7ZUUX$^_j-^2F-TPztJ|_=dRHDC|a>CUkjs-_?K^$wV!Xz{^w?yqt
zm2#--{qs2N^V&G*#Z)IsfB@ZTLigJL1fx4|6jxhX?(mb2cK^O(f!y3g{;jP)brN-Y
zo4EmE7*n2t>6{Myw#z))8^=ID{@KR&b#aNwO=Vg&#7Kwoy=tUVvIw<qTX=f%w`xxs
zZ(9eR$aM(kqcv7FtoCec(BHV=2x^}7@SjZSbrc1188F#OL-m$tMMH$qRL@d29ceG9
zI3~kcK${%BL=w-*SJ*fT98$T>^OOa}jdysXIx6g17T?UnFeUWZ9cEP!t}E-Cmc|pi
z6k`;$IC0K-HYRX6Yp93j)4z4*6uLeR>_aE2+2=<$;aOjU&^*3E)#NTeh!SoF{%Ia|
z{9abX@ki(dM;TdGl+c+{n2QN>T$oTWt4MEDhgla_OG;6+1UBdX2NDND_oqxpv}Mg3
z;V|MXadS5oawuDD(O;<b+oEkgjb)<cw%>!5RRv@BI$!7`@uOYec#s?)IA(#rIXqpi
zkUDcb(M2Ywc5wx$BV|NA7?Ezz5LN)S)2@xfj!iZ}ss3U;pL%K4gft|RA4*j~rdA;K
z$zo*}6c|TQS`*hLYvPG9Ev47PBCrmndX@?W)a%#jT~<&k{lQP?o7P<-3Wn<3;ccVU
zE-){M&1Y-z$pm!g$5|in2#nLC@`!Afk^%nPGBMmfOfUiK2I8YL(i&n_1qtH6DYoM&
z#RdezWa5eZYNPFE9}tzNk&!0TAjW)%!C$x38pzo4RP3ZP{i-eSpJS*AOM^9r_t&2s
zLp@UC5ui)-#4kOy;6Q#iruvN{{e|?R%CX3)q<T|d^JY$OVt{tjps>Xs<shY>)hY}n
zt3wOa(D67E@N=eV1?gYLV_ecEb+8Zo<3S%VprTcip(3VjO)eLLp%TZFt4J(n%0OAh
zj|pmc`CJ%i44$ZkOt)Y^5rM`5zrEPp^spxVR@exb>~ZUS+TD6899_osl7V_q^ehpe
zFDz(wO`tc!2u)LXLxii?tNcnoa1tF-{ihv;)TOp!@Z~?wkl90U*F*@KjFos$5Q|gP
zL+W5t!;EG7#8&*MJg73DQ>}yOQA6o)A@p4Kjm73daZ8IIeHnwt$363bm$zfdQ?3-3
zV<lEqAe!s@p-1xXREGlqVK?eY4)nckUsQYw2)&LszC4Qas2b)#XbudubX?UGb^{>N
z;&%!WYF6x_zfT~&wbnEN*AB|x9<$*ynnGRW-u^93rF}rfpByr-`BA>G(S}#|VTVfR
zhoIdmcqVO8&|{>Es%laq3A$o}Uco%ODP+_UCIpx!gn9B)$T2_s$GK@aaJxwDoY&@J
zT|7Qmgp0+!h7&`OIKSZw*KiJ<3intzqbe>OiBqjM=|@6|y%4-etZ61B$BG=sG|=~b
z_R0eiB5H006T;{w`%&z>3DK2P%M|umDR=|>D|~JBCBHSmRD{M^_wL1CdQzgY6G8)C
z7Rp952&&(fZx>V4($JGxXkm&477VGFD3&Ry8NcAx!HND~uY@XLuWzH<s@mhJ3`+3K
zWLP=77_KCNJf7SbtEt#S*TKpcIs(2G&=*f4u+dJkcjD;x5=h-BM>R=fE5uPj<FowY
zrOUx}WjbVDUq&u1$WjA^3iuGx^!n0yGU5aMNG4q5$e_}nn33`;d(BpLZbKd;Zz;@V
z$jO_ihiFQ+I*87T(>n*6MRT(hgqbm&4<P#YWid;ysoa)e*GM!-yV@!cVg3e7C=vGy
zgeBPb{8V2+3?4d?;^znSAw>saMRcWzVAW3-Gv#H{bFl9nFkz5@|J|pcH5<P~D@}#*
zVGKsU^Q3|SNWSPOe%3vu->JpcpXjb97H)`C<6kG=#!qsoS+08Gk3G1t?0~`?Ligs$
z+*G5K(>z#?vlW<|mdQRn4HH+^&}K{oJ!ocKQMVlIi_zsQGx0KOvX6f+OCX(curImM
z5u!uC0EL!4gGFSDR6OIxq@;8M`0J+q)g^Rvn!j(LaCT%LpYs*OSr*oa6Z32377OIV
zs3@A7D|M+oeA=JFsC}B^QSvW#AoHgj@PZ_S9mf}+&7E{67MldeksG)fr016BEzL02
zoN$KLEW1y%RDAH-%MdQVX10l2YytGUoea+y{F7f`w76dgT*;4tNin|oB;(qlfp9y7
z-U+Ma9C(rbtL-8knFD^cqIG}+LvqS!CS}oEk77kXE5@tPNNecr;YtZPWEQdzfb|fb
z`Owg~7nxM;O!!(0#n@Q?O3<&iG1Y)i@aEK}pm24xfAj-2&?|rm#U<a&@X;NG{Tr4T
zn2^+;V`9<~yr$iLkQED{yb3idly-iLqU&}niDLiMun}l1*UOYht=6~COdC~U)~(Fo
zg6`L!%t{gH^Sc5TY$Y(Xx)$-1rc*!LmfEHc^dJ9R8(C4MUQ$uE=ruDo7WXY@u#!Ce
zJ1Dvi*y}r9n__5_=-RK9woHt#4Vx^eR*;>@n4t)@N|dOU4|`W}NbYcq^h_+WXi@HB
zW!t(ZPvzjJ>!zLb_wsEmC$J|#wk%;o{B@QFf^(%c^{2lFz1?#}f#aW)K>R^U%hVD(
zQJ9&6ei)B;hoZDPV^>1A*Gmu>fit2;2YrYAA1y@Ui}1N&G^Ty;nsq`m_GsQQjEIpB
z@ai(_#io9@6;(ZHaZG5!eBfn}LLL<vET49$JgmNm(4}$ocG?_uWQ@BlmAv|7bqA(8
z_P|T&@43a;*mT0oYaqN&XXSVtmQ65ymz>epG;)4Q!6-=#^rF*-(Mfw0n`4_i(m5*p
zXJ<?#SSq&EQ|Sp1v5}SDg4HKJLO(3dGdQ+gzB*5g$4#r7t7a#GYC3^qksfH%2+H4V
zL39VI5%D@CXjjjMwjy1?m3+R_tKpx#(~-xVIJ69*5mSzC%A=qQ_wO++xq+7-2i`j-
zqdog}h&)P0vSJ(KpHe&eAKywm`F33R)cyPZ<1n9UsCU{uv;8m9IGx$ae>>QitPsmM
zP@$9;znuT9CS@XpWe+~OENxtO37O)sW_B`Xn#ej{c9($Me>x^Js!*z8+wvbBli3CV
zZu-uyuc8rEqca#DDl{H+tB?Y}s4137FSTxw7?EPNS9l};<rG?CcYCR&R!RW~;{%hL
zqFMn(e{sRJ24b9;XU?NCtEQ@K`!%QR3CJ7ye<vwNv*KvqKfR>=#P2jKvjQaDcMm-6
zGHQ>Hbef4ERQk2XJIYePNtXoYZ`{X`Ksw_<s4`wY8q#~SsRdzEuJKn|RS}ydeF$=c
z37n5vXRuU4OTo|eKGo*V_0LT!L53$f-rPCJjJ}s|<G)VWb3fTX-k4VID#d6}yy+F|
z%W=^q!2Y|$DVtqx94J!S%SJ_~C}O}Lqu&bn1X~zZB+1U9kjRi&7FH(iUk{2zdN#ph
zzDluw+D7Hc1dsVA6PWKlyr5L(#c;kBC>;Q5%IGlMm2a~A5a22f3jTKPm5{oYRh}lL
zqSNV^is%lM;us3Vzy)+1aN;V=N|qH)dg2kJxA04H|7Qm9B7h2O7gW4yWk;t!coe=~
znz3_~8U6AVAG*5?llCW<0$+Y7vMnZs)=ge|Ru<T8+1lz-ecy>0tgGW|W&xA?%7fLv
zSerPBzH_I5ti}>Q%6~`lt->cSQ^H1PpqErjVx?{T;ix*LO3TX+b$mp5j<yJ(w;do?
zKRbS+CxXXJaeljj7(pGE>ru?`GPZq3=ZMEJ5%GtnZM=UY`vSz<BRp1gmBJ>fXgZ9K
zEp?um5K>0lRZx<$iJt4(fy{(oeezol|2fpy_KB2(bcPe2#F))gmgNA?!>ND4{t8!Z
zqb-Lb>U3*OiF+P^!{$K<RzrOBeS_b7phfu?u`d72Ab$eS87F>bh!R7W5T(GT_PP=y
za8{L{P}(=A1k=eImIic{V?3|LA7$K2hhAxx_@|DLBg!|@!|eEHDe`wGW<jssWr9e(
z$7N)^){~}{SAT6GY^^smIM+hJYXyuESojb%2eqO#RasiWQJ9~q1Ek2p=~NZza>K;d
zb|W2+U;O7Vy<Ts$%58zCHMqP+&xteqJSQ!{#}@~Wi_?|Sj+23p`N*WLu5!5lN+K`N
z9$5j;o@d~xV!jhjJSa?>tb~lR7%M?E0#`9%I)7-r<_~~}JCOUoJ}crLukeirXLid|
zlAHLTOmloJs=PRdb&1)D$k^u@)i#<jc73Q~uHqi;i0%GM3@+l(Rdwm_T71<{GZCdA
z<LI#F0x8u$lJ=iObKEJsXyO?Lk(I`p%IISg#J)0^J79DFXN`?SHxW=-uyI-EgYA^I
zf0Su&0`JnXJAd09pr?yhuEQ<}fF6v0Nq6>OesvvBM2F`B4+k-N^4AB5RtbznL>P31
z@nR$iBd2RZf)l7hEu{&ozVdZGJvhMg?qxf|^*`qWy`j!%aIma?j1BxV(==i7*ZEtF
zI%$O9iOo53IVLe6vCuIihL6#SEUcPBT7}iHE-b!<7Mj>0@q?8~?!U|V6{o!Z6RQc6
zC#<))>KTT{2<8=Nc_nM~?1r0<WA6y4TlP|V&GkT5eVvvvBVWI;r>==nB$Golt7+#A
zeBt0*@whL7XQ1oL^p^<OU@Ar<9ewQ%$AKLxO6G&2(3YYI%<N=33i@+>Pex4qM4cq;
zKzx|lo#!4n;wzrpB@a&Dil?)A&7+)ka4gEbqfmH1?)9y^^Bv47(ap}Sq}u@j<`0XY
zk@r8e_|6>>Eq<xqIe+XrkpB4h3dLm?j4_6n{H2E&(E_K}RVA6$Pz<07F(@Om)O79u
zP0@cGh$A!pGuBJ_<2kO`&WR8$TGC*ro_fAxLdq}SO(1q-)}$RPeW@o1uyb6|BsSln
zjYW^pR?o-p_oB<k#J{!)ckcPzn;!)&eS^P$AWih|+C^ZcUc6+!9^zth<}-#Quh1+f
z#eGdZ0QEKk7r%dl!I(4AGOjZeY^<{%@+^2omSg#PN~MUNiio!t?D<h`$B&Z=LPvLh
zM9z}6ukP8aF1H1@2)CB?NQjwNW&P~=iJ3_SB4!hb|GkLt=*kafWfF)GnCO&5ZEWf@
z#@G^bzE7p{GO13(5>s+0M(P2iP4>I<ga5Oam}t+iCGC9d$zG{1mELV9yXqTtg}!c`
z0u0#~2{valc)67ZduvcD+{Gb^GW2uNQO25i<D<<L5={B~H#G(4jO^k(hB+|8ZxO9C
zKtJRP#=OV9?jR=Itb|Lqk-p35R^*ddg|87D>r8&JBfSSoT&Lsyg{ulkYeE=J(Q_)!
zlem;35-z*Zf*(UuZowlvER0M|Q!No=L>CQgCH1WCNa-XP@hc0G&g%&49e9)(_l^VP
zrpW@0xNJZ25s!ry!^N;!GYM=s?q^i=#~gdPIaJ{ne<&J^^D0t^)A=4d?Ij!42aHQJ
zE24AdzG>J;1)pwk70U>}BB!jOSKU7E1erzWmm``B=xD$D^XpZ;%z>56zgKY=4z|UC
z?`O^|WDe3~R!nTNt4BinN)n2iVkl%xd%$tM_{l5>>kCTHJ2h+V8c(7swUqH?gl8OW
zSw8!j*^asU(!ypBuwUKjN`np~Gg)Lb)p8HJE)xX|$%ia{Lr;fY-27f`ULvq%)Y?&2
zrsUvl6`$GU_HH#FJsfuFBd{NDq8my751eqSLu~O3(2-v-usywX)65I~;W`yEnSM<t
z$J@W56OW{>nn1y?;G80cp#u(kjxB}_3!V6BfTN-<>D!F_3gkwkYc=#&M(#4=u1&nj
zh%|V7L4<A)PHNVSzGaR_XrkbcMbGCh*&ABA>%ROIh&5k#>U>^)zr_jbJQ^2z?xnu@
zmgH?x^L3RT?`JzKYF&onql)HfteIP`3J+{iNf31Ek>MqmbAQvV@?RRFq|gD<)_~i|
zu3VvVW&A|43Mt0HfRGF-3S7%i)fAB&s(TH{ya#d)546vei58bDB&Rl+b*t6(PKmkx
z158TH$W+#Co6s)r(sZASrO+bY-rL_XojG8tvw_7)at3N@S*gm!&k1sZMicFI0bm%p
zw|o#}F)3xbE@{YH0!uF7U|4AUMCRw~B}q2z+lobpdfEiL{X+;;QRq>f>02G_2JB!)
zaY62Es(E%hRXnx{&jZSipiVZy9|)YoY7>&~zm)nklfH(u+?6|4UR^!r?cItpn3EPl
z1(u+*mbNHp*AmSslL@$U2xNLT#UU$qOioQ1*uB+40k^SZH$mmk4NWMUHxqqL!YP9)
zl%(L@+i&3G^Wt6*uz38~h@1LCfX(uGHZkvCY=7*gEJkFKlH-q4DM+hEFQL+0P@$v)
zQP9fJ8kY1YGkd1d@X$;6%P1-S@4bY{55Bl56Hcj;r+&NcWa_-r!*>TZz+(|xvQIPh
zZ8Kl6;_|x!-IQ~9-EdfD36Z85msw<ExfE|TY9j<`>T$H4`8T*fX7S?R|1955QL_Bv
zD9Gv&$Z2I*--4{~ytc6Lr4a9<>4BB?zZe;Cu(kEKw#JOEPuhdenedM*OTvD-AVXKp
z#|{mkJ5LHXYxGx+qyRwmIL~UYXlQ)q2_@D~bf-9<x}ddsWpCf^9B_6!U040i&bfk*
z`VNAUD?}1c)noIG5(ke9ZH#m#QDJbgTFqpn)9Vb4Vw?!hQ#@;Kj_7l*HCO{A0AHi{
zqj=Iws<9U~`R;Z#2#rfi9rAx~*a8N9F?9e)y2oZ)b%h7RSxR4RF=M()zMc^_=Xmmv
zGX4pN@Maq#)0NnB5zOVZ+1796r2mu!ZCnbLX0INE)NhWAPa5`3@h0VTu4G=9`JJ=u
z@q|l&<7hrkYc>m8)`~%1q&nglvYHNocUKM8wG1Ae5qOid)RF(bPXqG#zgU08)IrYh
zsQu-N6Rwj$xn6A`s_+i6A4wC9bdaxdlAq2Qw4vf}{q^}I1K<f69X1q;{2s2)I+w$V
zuhSRlyy^Vr?=^heN}+8xx5*{fix10Z$U`sumaVP9_OI~|l<d3uWKJ*obpsGdDG;rf
z@`<ZLBPGm%<3Aw#*Of~8MUTCj{O3u6n0em=Kc)*S<g{<o&pO)dC(j{?5k<3jza#EL
z1QGMDHD1Fp_cwX{pOk>riOyK_+U&}ez^NT!D^Z8_RFe3P%))pY5h7b8sm3;{OtI^K
z5c}WGF$o2nHqgH@ZNj#9ox{rW09D~E)B#1gMDo|wo<KLn-3@>nw?-WYTLFjS@%aTo
zh-=-if71g72xm?hP3p-_QpF}Z$zc?hCB>xJaYZ`Qc_E+>m5zag4k>vI9ps2-hND=w
z_=*|r=0qxWjh#vz(-o@wBrPeT4?Nb#Y-!qH{WIBbzX0$x&5CH2Y$%#W<5B3@E+=|}
zvh{+Rvnp4i$8@c!gMKsKEu-_xzDcXgtF8C-H-li2i<W-i07>V7ab>%BV4wiwGC5iy
zy<KRzRpnNHVR(Rjh#s`SwKo5nL2yQO@h@0uE7z>Fkw3L;C@vx?;#8aQ_U9D9+TlCK
z)x`meMQfb&IkH%N8?V$CpVba)WnR<**F_O+@<~|bbiBvb6qA3;#_@Q|uOFcvD0$<|
zRN`=@ZKK43rdL<(wnzdV7hi0V_ExaHbXEmy=ES4HsKceVDi1za*MC}yFN9nkTtbl;
zYU*C_aaPWh(^h<VxiPW7E?Zo>4YXMD5WG|2#>B|L&Ob6?Qva4^RRG5Y{gVB0)*v};
z#)~L<e*b{qznJ7x7=chDdN*8)88lzHsR9e{Z<CmIgzL@cj6j$$0+BCRpa=}&y>eBR
z*@O^&sgMB<a8<;Nl;%Jft%h&hhLXW^I?U#gK+5nsPerC30V;3#zi!AMlF2&0=-BK}
z<v7f(KHSK}9llqY%qgvpsk@+-!;!DgRLvT7lUFv<DI&{@uwI*fvzOh}Rnv5(Ymth7
z>F6{=%oxj=*U8DtVQQU!dy>AG#btlB=;|d@If|?+_VJjAltaD#exZ0I0t;6d{!J(h
zpPo8G<Ue;2K)y=^a<;M#!gsHLv6j!b3rgbEC7->zX<-#zGpvke4#rAG&e(#j;qyRf
z@1BWjcMe^+khp(WnC}u<QQ-#|vl(I1F=p+qu&}J+ILr*a*gaUGkhQN1V;ng|o0Wy%
z%aPXp7ttHM)&ptJf92r$hSCaF@@WA;Olwb9D!oT4Yt@fTrqrrGL@y<Utxh)Rp)~ta
z-YkAYN$=Th_^nY1+!wo&xKVoTd=~-Z-bT3V;{+6%nYy-Pm!-4)ESx7ODUqoHZ9Rhs
zW2EOcNtzS8M)Hg-EMtgsCz1J>?vIP^b9(9JdO4u9ywQ*$vf!pLAPeyG^VxOz=;n)q
zO8<SHvBM5l)&T^|w?=se-!<V%IrcC5{+a5g94nT1`F%67Es27X&9eHHDJ!L=s$(2o
zs;Z|hHrt?qe<$VGvyv2ch=S#N8~1UwjlX_;iN&os;PNKV?{~ts<@&<BGv3<~wCMfL
z&%h6y!aGOvz%jjO@^MR~p<aF64^uE$d?>5muCafuAXin)>LEzkqHmf>aAVmvrG2oB
zT=7KX8L8moR8>i#%`pfYJV@H?Q(SZp*3`_cvow?lJr-dSH27X$anIYmHM*yHx`UN0
zR0z7~z39u5>4~q-@&A+2Bgzq&c}g)DG5~<7DoB+QfA@DQ>p=gb4vy`<tjYH`XO<jp
zh|6bE5B`>i2{?oU`>sKlB0gZD-~$wkAfu6wDS?V(upe9ZgvU~@gr<+iK(|Q90J(|#
z!UdlYq=cNvD)olPD_F-np>f&WoP>%qCW8WP53^_yGdv(NDcaX$ObrP6g30Kr9NZXb
z=$Z|6&N3t^j4;7fIj9-U2fx(tWkhTyaxd(vBoXqtKcA3~RI{`{-sNbS%`eIl942Mk
zLn&9JnAlW~$?;}kfHc2YU4g<$zWq(kEc}c8JCue`9X9K#1@%X2jOlHY|1B2oRG~TI
zzOv5etPTI$De|I9IC>zyRyu^vazX`To5GlZoGm<_u79Egi<iHB-QVju@={j`Kl#3+
zC=#;uYYvEmJ{{v(dOLxy8@1U?x`cZ3c9&Nl;k1I}?8wH<rh>%=!vy3vIP;VCOBp3h
zk})hktpVfgKz!srla~=aWc&{|t{1kZqRG7(6zbu?u|f^9#~t_z`T^aE+-o{!pN!uZ
ziqI*5Ne4YawQu)Zma8|bSR2A|bIQt^Oia<T$7V2?Albzb9on8+$;T(SGZQjo_ThYK
z7edd8*FG?LdcN!u+TLLcl$USJ4Z04XocZ=?<NoZ|njMbau!}lp;Fbt$=2co6j`dn1
z<Szj{l>UUVBz`8d7zqjU{8UmBhLI?fm?X(U=<fXEe|>>|icJvj#E&6Jp`38C<er~W
z`<hhWvCeL)Icq=J!V&4^X+=qCaJ5$&D<Z$L$1T78tge3aR2qz{jPjy7jp=;M+np<Q
z5vJPAui9b(1WdDXDSW<`UF}Uy=PH15F29p`Q}F81JCj*t?eW<|`6fAp4$EYR+`NM(
zMWv<4xXdkaDMxPUux3T2Xo7sEyp<3fQ{|W_&J3K`GTtp2E6wi4zJs{Vwi_(>+~+ML
z7V_F9Oc_gPbXfX<C147_PcWxU@-yDALs@%!^%~Y9hi7~dh$TA#i#_#O_O#mqMOXFo
zgCv)M{Wh=S3hfsb6#x>B3;a?kxOF$lc==rzt#eLtO4-lvf-CL(1YuEy;xt%`G>wde
z5U81g={8Q&MUQq4`@Ne}AN+Qe44&D9>sxlPV3g+}LuZ67-UjOu3wsbuuWwhrMf4w0
zB}=w&Fjb<WI7TagT4Jd<4ifcv!#(uh=A(IoQaNZmp_cq^p=CGJ7s%VJ3dqSjRf15^
zo|~cpah<&n(c=B>I+P?!$V}{Fn?z7hHBz?iHu%eF_fd4sr>!*x##E(TmY?Ns*sxgk
zobg;arkQ>Y%`Ei09~BV>!PX^-+6=^c%2OHwIL5w$kjsS0{6S+ec^GJh8+ZVbUAdSC
zI+mf)G4&fkRVY1E859&mf91ka&D9U8tfvW<vD2%Q;~saB0W8Uf3QS&_YsmTkav%3)
zOxTqVYh<~PAhLk%%@wBSWDp#m|HYoNnug8tt=xL}-IXK%x9_II)o(@E@$81*iF|Yc
zvJ3LdCIWs+?<ab6U%U|y_wVDtP3<dgQ=(}4qFwWRvFh<!If_%pbBPhzj72~G6Z@Rh
z!%Op@U+l_yY1T{6H%`_mCw0C3llKpF0;LY!@5w6Ud4HX|<YXEC;g!0|!EMT@$!xER
ze-O&7Zg8+iGJv)_>CojuTm69sRA?^_+H1vww4NSc!q`f_K@Ky5*L}0XFgH=8zi<cH
zQ_V`=-+nEo!nBf7VZu}r7h_28RcF_DUF0x{_gu}yR2sii{&YbuPrfRH6~$Am&vJ9y
ze3B*E_Ej5Mp%7Trx^Jty_O%`#u}l85R_rR^fpoQ2T*L2y1YE7rE`2NXA#MpfXkY~A
zNgB(a!(dSi8cS*5<EqTuex;lHR_K6A{JheTT@<_moadx``f|%<Rm}WRg5U2N?GV&I
z_s-JsUofW5>qKVJ3SuxqYSW2=GmD6Y1hA*Kp;gz5XWJ)+XEqQIHLU0?V!aq&iC>h$
zt};Lr!v#F2VV3z|-<vyYg$+Hicf;u^x@Xf4NGueAKa4RiBFHWhU?>Y5HrWdgJj%i*
zEiRSmsEy|4YTC7Qke|pU9%;_1%(_?wl&|#N^zX2qB)wIovac$v)om&!-Gf0k5Qouy
z8qx)qYnqcVVDuuM)vow|4?zH7Og1-$M7lmJk9YWY^l`8;C$ta#{XBWQA&A1~r8$<O
zh7`xugB?}g2nAB3(coT+vUqWnd0SbwOuwzEnU&Ve%EihfqqBj{J^W)#if`I`^I@#r
zy4$e)N_IAdjsCMMoNS<0jgNU)>AXMTgBY|IKhS?4n@pt5H9huiaA^P%U)x$5$qXI|
z^Z$%o2^ct%KMI+&8MnnJEJa>1b}zU0MLNQnn|HiW<WE1=E8yVWLDy5D-n2Gg&f!kv
zV$K}i=pb|Fa$ysy6V^O<Ot+E>W-~!_RhRB{6Z)!ovl=`m^Xt5+B3peuNY6Ft?+{4f
zmDoE*Fze54$E}16sG-H?VJli@7tS)QN1FbiHGos71ZDsC&0B$b?^r35{q6-PK38j|
z?e0b0Sl(Q_ZDXe^O)G?4a1j4^pkLf1wUk~ULHq@28%gQo*`B<<&f@Rc^k(J~X0EMe
z=Vsd5>+AE0+8lQg=601yB6R*ql6F)Lhd*%yzX8RM#|X-JZPwu=wGBvh$)0Ci3{gC9
z7mHH^aEDH}Y~Y)3T_G)SYIcs>m2Pm8&?KX6k{nW<{n~)#juitQCUWPkAZBVYyC_k5
zb;L$E73?zwk%M>D*miwt=J<aH5UIB3oB2rEat2Xx4HZ^_x7Zn*vXlW68BYDDJ?sFC
zf(VF|;8|G~koLxuGuiiDKAHRWyKUcP-B@)?rv;c0p1a^zgZ+rd7E_6_p*wjvEg}8U
zVz1|6Ke7(*@%919ir?dKY5&MB1{06Vx0j>7ehr87%J=hE1BMrt*&TkB3rQq|%cGtb
zzs4sY_nH@(k4jya!hLUna>xg+55M^y^4a5C;%jF$I#(ao^vW-$Sg-I7tX!(yUL3jn
zI>2C2FSo8x12t-WH~l-TZ(D7#s&lW@aWK*=;R^3HN*|{?=_Le=x6E{Y=}insG)LlA
zf9|XI>ujZzPHzoQw^4O&m()CsICiTmD>}TPXg~rj!|RHPWiiW~n}bsI^sm_OuFA51
znFU;VS4rVSv~61_L)WdaG&;%Bq29c5nj9*{M+L;`uXD-eeWyJ}qlavk#XEvbVzGY9
zzeMvWWv9HH_xc^vn9G+=vvdnCC$;u!z_iGc_J*VSDn=lG_)>=oB{70%Fs|Q(uqbVl
z6#`tL9BuJAXF>`veQjTiIlVnQrM&O4(rvHmc<9+@_&Xq75zt4kf=*UdDVe2=?JOf0
z;iMWRB{d}<x+WO1UEiLuLAd|xl<T?O_w1kg8SBRzw)oVq&aFlwi(3b=u54o2;>4ws
zmaz<ove+oMjWgRjtE_ebd61gq{hR!Um7V>)#$vMhzQCHF2Gb|>f!|d111=V}suYh6
zCo(9|f2W;NJ0fJ*E=_t+JD*sT+gAU{k4rN~W3h%C%1-{nUF!NUjC93aT66!;Kp!1C
zKkzw|`?2cgjyVyUn7k^emd<U@HA_-v3PnD%0xY4kNGcT<?m)@k573nP{jNQLWPui&
z6&pK9CW+wk>Z*^A*S&^7>yqlIz7NP7boXbkQ{ie9*zXxC-NxNNgf?336WK=j))wbE
zIhU_`+^V}hcuhWp>bHC41Fcg-ZdadMY#;-(A|zkD&%a-Zt0ZhCMqu|pz3(737N1Z`
z$}1|$Yb*icl%zd+el0IO*9~mOJa%@jp4<(U{Xg-+Hcum5DM>fZ_vJ&D&4BCe^)1>(
zo7G{Q4))jg`nQpAZC9t)4FgkGmWRv36rTmik(k=Q;qy;tN|3+26+$XzSe$)RIvT}0
zyzY;9t!>%CpogARbK~20gzz5X`gR!%2u6k8F^DwS;*r@cjR^$3r?ZwUrTwlWkzY_v
z^>prV+1Syvj7X`QA+ku^F3%B-n8+LSv`LYtO|sB^SR6aDHcYRx>`PPW7QhCT7LO;n
zUP`5WeTgI_{AqP$_5EA!lrZD7rf@I9erU6<j++YD*MclZ-k=s4pe+)lTB|T07IL{w
z_8c=X`0<I9U2f1OK24g6jQVz5cd<`{i^2CpL!jM<B#B%YNu048<AYZMZjsi=FNk6(
ziR6foAPzo-17I4=76BIFJd5)eA?%SV$O8OPapUPzOEH3}<3A>zo;$VDaM$*)f0a91
ze{s4j6EMzfxTbdS4gmG~5{_!5z};mz?mm64T|gfFq1n*@d0|LYM~ZBM!4@N?Ky<4m
z!Z{Vo^=n_4gFDy%GVwb(39@%f^TS!p{6wDVZ&IV=4{$k%Jhef-2jb?h;tZY&%bp|8
zV-4BG3zHU()}8_;?tPhbGTPzUPndH*^WF*sT`aTf0RC7@lh7zP)IUef1ZTlH<w9o=
zNHN{H$iq>h(EAl-hsDEK6X#s;GCjBcvJEX;RsV1|zsBV_ocoVR)l?f_E3J{=E$@%o
ziggJozZ=wjpF5mhcpKF`iJ!P!(?C^q7Rjcm+Sn>KVzVp1FQI+V-4Qzcg{f=TEp@#d
z=+Pj}1vGz-+%xGpVC#r}tkHm3y}r`5B|jK8iWh9ENeN6kYQ7EH!PG?^rfx!nol{QZ
z&dtHMl>L@h^%g@lk9A!RznwoR(i|;q*QWEAXt2otebhyTN#sh^6#ikoRW3-*WruIQ
zmGReaYzIqU=Pk8vq=H&?b;$2ZM!9%8?qopl$AJzP@LG1^5su5ugHPA&O5e-euA=hG
zoCdOPyVG{W`ny8UMv2KN=abeQN1j_ANR%a%g2)@1tlr5geO!B(EW))K`v0i9>aePw
zrw>SXw@7z4QqtYs-62RLa0Kb@4k>An?(Xhxke2R}_v-hjKJQ=L=Wy=b+1by;&d$tw
zq>B_q32e-tmcCs!iC?Ily7NH6Yr(LgVC9+3uQ`_}P3<v-|6#z%qI*#@Rd!%sIyKYE
zbCc|o4A4j%;0GSz)fH{$fiG+jJoo*0b)yegjS}D0QlV#Tz&Ii=Ftho+s#i3Pujt0;
zaW)biK9r#4^y&cq!$%oggFujX(^MX-+Bk4utFr+WET|>a0bx383Kb_1i9@_cPPb1G
zh)tXs4vF)&a`@!*&5O^Y%#CWox_W!7-8dcRdw}y-*8~MO6v5^Kw+RV@O$#83X*MW|
zseQG>V0dDE4peFbtDogswbyFIDfi0iN4Kb|qtrz#OKdy^7JU@{EprRKhzj?{->q6z
zIL~lZSb@VCCte*rFIRwwA;P+#z{-KRFgC~VGz?)(wB~SG8I_qDnKu!MbP&*`B4IL;
z+uL(bN9!)M1JqR4T<2=?<45S-f+JE`^z)kbkG$1>&2jkY0Db5wjfI#a4pi>Zx^{(d
zYh#g;&1Kz^^`aeiqswJK{60kl#{BD8BO2~Pv;xK^gLZA3IMqvp6O4|6M}7R%3)o%{
zf;+!3<(3+Tn(PC2X7IR_>LkF0DA!||6AH)vB9|8K$DXJ?6(3Em#ehqbDy(aT#u2IQ
zJ|u*p_HTai-5E4{TOqV9AZYRIQ5M7Q_l2g}(<}QNpIq5WmH10^+#whBT^rOU+zM`X
zgdsNe`OHIVIT+@!M_DCX`_mNJ%ZEfY`V{d`9ovZED*^2_zC_FGi)8|>Hxxt>QQ-nU
z+ybwy0-7w_d9CnN7{93{#jMVh*z=f}%h`Yl2(Ku?xAbhtRq`-3cw^p-aH=xBVKr=p
z`DRCEBd=+B2!p_o@oi!Tg&$H*Gjj%ov-OqLNWEx$05M(|ZC7fJp4=#7D%nSJ_Ul*3
z|0TWwsHw7=T`AufGaovaO&9!K><?kyBV^?6K?-N2G0Z0;FwPwf5Eb*xm?_WgyCp|x
zE)l8MVL=(S)dX3Y1ok3N%OCB|#)x#f>Iuj^zfEoGlL%7LdMSb_8AG~UOG??Tp6`}F
zb-A7EsCP{jyk61SWGoP`W$)wwJ1*e8RpYS$w$7<O!X~?`%iS;^Y`bsqP%VnAGqaz6
z86=`ajW(DicP5UAQ$LNLiv3=j>Af^$-9k-3#=!UM{|<i-R<>fsdYsNpQPwECDKnko
z_}z7Iqb9XD<^^zEG*`OJ+V0VM@Y!b0hea;Kvw#fwzUFGK)MF@ZpU*|Hz@lY-uC_~L
zT_C?`^cS-_wp7YXFia6kV{TgucJcxl$m8<9ucqz(xP4i8B%c;EM#Dj5CNGQ+hEH%I
zqVcBU89{)jpvm66n$mO(DU_D~faf@sn7U0$gTS4VZih?m%FYJyzoLKRsMp5r?&gs1
z<BWQI?9Kh7?H4}50((_VYjy@Z&SR6u_*!`7hf(PmWE)2|ThOzQ&{pz_DyhCY5fFs?
zZ&xEXV9_Z<T0KnVrQF%2!Pg2pt3L+AdGogZR9Lh!(to}MM|tbNuP(>&>30(x(V(yR
z`y|2pd_~Z<Z^5S)%7ecsR~UM{j!{;Z>XM#pC^yUzQ9;@O{s=DIBn9%M9^dSz`a$L#
zUar}9Ah}g<f2MhKe(@`Rr{qe&Bq{#g^+fYjc{=%l$!^5s@#JtHy!)KIXAE0&$(cQH
z%=2>uT@thcN;{m#H*c)hbhhGKuMmdLuZ;FoPQpGi@_U+zS0;wI(v56A^!5efm+L;3
zkMjc@$Z1gq!pxjgnbQU-POFnk1lpC&B`y^?KN`F@DBY=B1WW`kn-)!4`rL>|addgJ
z+Sf@29~gNM+EH+EN%{{<%=41396=68Tujb;+*E4}uj1?Pmfv>GrZk6weWcL_uR}uz
z*k!`LKIx8iO3&6AITVXIv2Xm>ZY0GTP_Za(b&rGwEsDx<BM-iClhCMV6M~wv5fpsj
z)v}P4=^W(<AEHG{YUr)FE=P$4TS+Wsz$%0#en3GjRBO9o&3fH;c`8m%^nA|Gm){YM
zb$zzDH($$nd6<1)I_WWXdO2E;z8w7MMaX8Vdu0B!HacM)Uh$wSv}#_qeK=DDP&2n;
zTJ#<1DYpiC`dn?x9m37CfZgQEka}>|^o9#(s(d8f(TN-_-dU^-o^6z|UV&33*Ym2m
zO*64UyBtCqpF~Xbaqw>uQ(BrYb(rg3eO=kS@2Y^PzsK$$)b=%*X;q4Y`_T97CwgLn
z12J9-c_yPjwio=D@Mt(-R+cgj<bP2;IkBc(A&FoJqz;-wi~?~K@dX}3!9>yF!K8G-
z#Z{rAHK8S{>^p5S(<JP1aQ{;rAiZ%nlyb(DIoR_{Zvgg`81E6LyKU|BC)D|lmOQz}
z1S&IXH?-b<rwS_jlHatTtY@1O8d;Ap*76+|UY1Ci042Zt<PaE&(U40qy%3_~LS9gm
zw!+8{?zu=^<-U;g;b?WUZx?a$<?g3E(T8PS<fSXG6OP7!%?OaqP-IeV`{?CG-t&|U
z6w$qScND_Hxs<1VHJR#Xd0kSyk30H(QUvw&M^=wu|4HT3Ybl|$XALFk*ePlB7?y;h
zsx4^}Xbbi@800_szxdNEF039C!xk539C)JrppaLd3BV<MIg+wE>~8`MpR&Z<t?XxC
z_mL`cnoZ&jV){`f<7xQ$3fWx`&?4vL!McL*ncO8czx5<851PJYui(c`o9y@mj^G<h
z4BnR>dcpn}^d|Mhxq0wI`BU5MOQBj0x|lu61K>l&1tyAh2k!Yen)50-E+}TV3+t(l
zj=0RsETIXTOx8E?#C60vsHJ@v(6nZo!dFaRA(j6^eNiaeIMBi4w<X2=H%4U|=@4r;
zF-+A7ngXXpdIn_oG(@rc+s3XAn(x$NrcoGMF)>@3Bb}vFYM$(GSr#b0T*ZNzOSi!b
zqjmQ;o7|U^A-B)_uRkl}W#ZBBRAT>NNB>UG=Q$l3hmiAVN;=iyRGQtbj%K@Ec=M?+
zYH{%j&6^03qa49Vujx5CeJ_jedGN~t3RO@}>q%-_I)Se1ZD7hWPbuC+(CW3Fy64dD
z?l-vkargV<zES|O+n$TxEHe-&IQXQBHUh0uIe@Rnr3TrnBBn^c*e$p{QO^%K+L;*+
zqnpPQ<{`FK6&?~yPGQw|ou#VXZ<d+B2UUW;7}&{!JMR8T_;>drQ)E|GBG3x*{hB^Z
zR>pb9eAn?~*3C<U)lUM<aXg7n<uGq23}nBNb9-9qH>+ADt*?axmEHm49<u9Wp_C%g
z<~qrfCT7zk#7Wrt>qy&d#KXc4A0*bd;o7^+eF!*fN&57vX|0J~EQengP*ONntJqAh
zzQV_D*^Qn5XgjB`S3b&;6;@HsCHQmmc>Wj@-mD9k|7VIBTv0?AJ-UxON_zUwyU}BX
zvsKGA4}}Y$+2j@xDD)UnL6T>p|Mqc8wcZgn5FsvtW>+uK^pGgJD)@ZYW~J0VMRN7F
zWjvhlj<ktRIwl!W%h_2)mh;#L%ILbxoZrx<>8?6R{&LYHbfn&+n({-rtB-y6$^+-(
zYj8y>BK^0zq>WH|T#Zn@aXJ&#u{w%;zdtG}d<ZLzZvm)d{ZwmYg9oa@O?4^#;j^oB
z1!?rZo*hCc*!%uH$t^*kYJ_U_`hWo1RF{NR$LZW@CzmpI^|j*lKCT|$7^J@64Ed18
z@_ci2njT_5gy?=Vh=F;E>9pLA;*Ly0(&iEe_2qYK0q~7M2<lAwPoA+*g>Ti&V!i|Z
zmo21zX7Q%<MN+XP(vvMY91^f#3fQ0ijt#j%j_@T(0ei!SH5_bA9vgKc!YE|TDnJ%%
zi-hC*xyo*Zo8X%LkJOtXska=(ZD3J4?b#2O=>-KjUs1RW1o;I7<5odssct9_crI4x
zTymM6%|TfPwRqKq?B3Okz@R`TBzA@Cjp##8BZHj%rPH!<mUyZ;&L`#5*3nJ5DI0LZ
zgygSdk&utVxeF}gBlGO~J<Gy}m%267$9~qIcg6MZKiA4!z(w5P8VCyTzuX<PdAiP@
z_uDM$f_GN>U@hX@!Op=zwtNJq>vkD^!sNP~t{(aIM`dM1f!`eXnN!>-O+)5EV@&EE
z6Gu;{9E+t|L_3Z(x=~{Rdh73wcd%z8`Tk&M^a&Khp$x1ZefnvCMN@7bXn%SjMJ^|7
zQnK6$Pcxq1;9c8f`Qa%_O4mET0Q_?kQmRtidF8DWDGZqR@*I@2G?-PuBcJWMT+0_M
zZ8vsX;A(FK+EA6<l&$s+_eJnShG(qiyiK$=*kh4Eu;Ue#0^f)P)73%+BG>5BFzM1g
zlqTZBfbBwdE0kT1yM-r5<6OW5S#8-9vel#AR!TB-4H5GJ@<mL%boHckB$cHgy64;D
zO6b*vY2;4BBfWwPdw*h;_rz!02J*h6%;IVD0P;;_ZmNWH1c%&}=Wa5$D;o?vhm43$
zOe4+<+vUmi=_LI7e(txYSIabArdXNgx3+fW-Ak_Dn>r&BcOOKJvyjs<U&6sUA5qbf
zHGh<)ZG7H>6WG^+6QIug{jrd$6NX7m)f9_NEat1|X+1`4pNnv4;Xrj$Xpzs!nK6K(
zaP|-9Vf>)iTfO{HKsXO;t;X>3cg|G+UW-W-NHMv9U(S#49@D>CRbs^<@~@~qE5-R)
zf)WB=o_76Tjgo|5=C$9J7E>YBk(f59cb{q~JN9eRDL#s#OmJAbD$??*V#ocC+&AN%
z|3(CI*9Sd?n6j?B=1mv&1$mFe-f=P3<F|kzZ0y|$r3oh!F_%0(ep<#5Mmc(W{a<Pi
zkwbw%Z^pyS_DuaQ-;}0!Fg2Eq-#eacF&exw(`{Ve18}#)zqo<p=a%>O^eAWpMM^xm
zmy1rVz!@6maO7;dvD96K(tzia1gU06StGR4qZA$F-GFvR#T7B#wzq3a<Ko2IE*~5H
ziP$<wwv5|J@UD-Mq$WqCz9kqt7;z<4mBdc{fO$XhHF37^u#GML%ftLpovG?&=&|6=
zt(%wz+u_4{Dy2cDfLg^$Mm3H3XM~adib4e@_L{V0-M5-c$xvAKfwllR)q5)@BQ8OG
zjQuAqg!;7U>L0sxMwW9I?n6wff_AFcw%YV|4>^oX_Pfogn#HBDtQ3t?1P)5@Vys$9
z!ZdW3tb=UNft?r(C(#mr@`U0-<{Ss6hk3ty%hi#Mi&~^Ot-&iaSn%$MG)+?kW7frA
z8|D$ILynMl)dC(2CT54eOP5y6s22JM<F?|GC%)Ei(urbd_(lyWcW+5>@H>=_Jiq<N
z`dkN;x_~bUwf&#<zFQ>}h>2Fwn@51!YkmCyGnsZm&w%iZ0>NX_%fIk9oW{42vfXK(
zbZhvS%4gM)H6!TI@z^|V^Jc{Fy}8aI7BIu<LeJXra<_eaG-}`jsX7g?zZ|;A-v>S2
zd5Vh&Y>Yhy@#)Mf|IV2T5Lx3yMD#!a7x6&^Pdkv@_2?zdNj=b;F%wsfB^N!d6qB+_
z&qJ4Q?r@O#*C`IsqhEQL@qN)XhsRR1;Ij6S6*v>6VdUhJZsD;xDCGy$M$LoE#ntWQ
zuF=zT7I|jvgq9NTboW}k-%RNNLNC+ga1@UJEzu*wdL8SC)UCjGyhkz@TRk%3->Jm0
z2q##k4I0rNEq<kArn&>krumW~K1f&UInuaN4b)ew18n^2h95dx{r<8<m@!f#T5pYR
z-{yiH_`tKwwr{ifu{nm{=H2^rLrH?<CGO=&*YwdmrL#|cPYkCbCpI0Q^yf1_|E^tq
zg<rqNypq|?cavTfoEI9J+EY~;EJ-J=ng_4^J>OgpyWhjN6x-qBzchbD%l^!6#`ojr
zp!t6iSpK?wDt|iQeE7gj0I9GC#4+-rJ7&ptAi?2=96gx+mw!*bC4d+BXqwzl6;~-b
zqqQA5Xv2@LMsp1>fS$Jzps0!kif5L+?e=E<J1183*I9^{!Mi}|Q1f2jM@Kh6gCDcq
zE_6GWx#tCq4_@Q}I;xF0X>>lNEm`jQuEt8o4<)8_iUX)SI&I*EWW)Ois?MS9a|!7h
z-I&5Zs4ns2;Q2QCf{*s0+AKNGp1r(7U(>FgXBJ*DO?g2aOUwAQOZCb9>ZV3c7JeuF
z&;;%tt#z%Eb->wFo`~0TWpC-llQ8N=?HOD@jca+ui{72>Xk}lGwP?_;FULnFVTzHq
zJJ9XeR1Kgiq~aQGalS&?o|s&2Z@7Iw@RLWXV~ya;F5QSgN>*7VJIlpYtgbcGO`P>?
zoCU{<hfX^Fh$<@jyXtf51vTUnDO~drk2hUb;Nag}yv6>@#*f)*BMp2EP43sgJSt$)
zDos7MDu0R7@Fd;AnlzF7M$RavPb#CmqTw$L{0-R^ZPOVO30)Ln6dA00b&29nak-Ns
zeV~w|%#XNaysfmdQiYzr;9z4y5w~g;QkBZ?FcPfj4ICvWI}rkAGTw!U)o@{6CnONg
zKGsaVvxxZSR46BBXLH2u;Uqgfl*e|Y*Tl&bVr)MN)$(J)bShOrVC*Upmlp_3Hn%zs
zXc8ANsnFzde9}kiC0+3znPugQK9x}9>QyWzRU7d}eOJsjT^3Wem{Gj(fvlVN<ReKX
zg`vSTzE{Z-$l+v;$da40wk5n=tQwE)e(N0-8W&S$k}mo@wBMJlfzP<>Zi<@TlIL4s
zJ|ccD;7{@Drs1gR-EXJ?&enZ;#E5Rb%uxvBOqQ{S2T23;p=t0)qm}U+qEn&8Ro@>r
zyM+}3o8SHO^Q~QViAT1vxm~Pp(op1+Q$gTT81;b}uylHLGK7t=;#Yh&Iu8XdzO4lT
z)>G;Bv=!-gT{FZ_@(A2s2@rn<mvwH~q}a$nAZ~I2keL2UFakXa*bKzkWoc3M$XU1R
zlZsW6f@B~c{Gf!UG)<`(ONr$Q8%3c1mk9rT!fu4iJ0f|Cx9t&IkU0nk1hURP)x+l#
z^YCeyX$sX5bV9c5XAlHokqQg>vL-6k!XKvBaar$j2Z{QXQUi76d|?SLoPhKdO`ImN
znzA{o`RwUKsHOw`bh}s*O}y<hi~>PSF5W7Y+L;uZuOI6u3-TRKzO@zZOS<om@V-yn
zt}e!T4l`0Qal^x3%}7L|SmuJ11h-*8>bg65e64Oe#f3j8VE-!UO@kYv9w<Lxf^q3_
zzt0U09%2jJebu!Y?%;M>gdJF(9crjQcBjZQ+760;$7iOha8W<DKIVuW$?1|HXG5%l
zpGauxu<LZ#=soRo$nZL&9rcVB@^%(V78blD+Qr-DH~X64JH1^HZ)aJeD$0wT2yker
z(#?3#Sec~sdqNA@b9L3zk2;|%gdGfC{|VoxmI@OZyhZ>nDxMD>+bu@%9=4wglA8O2
zMtNIl@9#U)ue*n1WRj0sG9ITHT42w;Pgk4evk}ZPmUXj3672NmNIWSUd9*57)5pH$
z2L;wln=33+HkYR`Ej>|_VKY<7QXcKurZ(j10A8Q_Y8>HAFm&b@Kt*%QBJb(|%!j%l
zV)--8PuxHWWQn^hHAAW>p_Tj;{g71lqXAszB)bSVcs<y^t^`!v*u>bTm0BHeNrmwT
z$Ao=wZKrth-_C=4^fg>NEfSd>Vh%Df1H1PG)S~22khR#~Z=~^@z0+_yN@%`2iZkh(
zp)aP~8EQHUG|S2~62Bi@O~AnJODTE-P%e`M<x+pEY{1moM5cNnz^dxgn&13QD5}=x
z4F!Ub=}sjRMTA4HWeXxLZHOX02~Pz1q>S}5vGp?m^+Ut7!5i++@omIlC@(0CYKrnU
zqtxpdIwqms30CXA?e_lYa5LW%Us572iEXO#c_hd2P&{<`1A&wq@X7q8p6Rgm%a6Wb
zvQGXC8J80-Ci(@45Q`^F@t$pf7eZaiOD_vlKWB#m-t$>_{RZ_Np9yTVm<Hdlw02CM
zp=W|Bmgh8PKg%FSim2R<AL2QW!;0v?BE6pN<U;poDJ$@E-5l=hdMDg-_qKVAaq^)#
zG{yEV2f*KB`<p>l?Xvvvaeg?d_E$Kkf!P^741-m#+mqv;H)^oph*%vOnxPIWggbyO
zxC|Qmk|T+D$EXrvHP<s6viGtGDw%t_g4p1davrTz`ZT4Ba9o$Hw2-lOWodCkJYl)&
zkmDZ4U(_-CZF_AAjpaavJA^1(t&IUj;T!jvM*gF9E4Qy+jvo6Jc9t)?S6_M2zFwr~
z8tU<*kQl4T*y%_>YX|%MCNg>LX|rhPr?^kscxILX$u{1t`2Bm&0eAg*&=EQaTNCbm
z5ekG{0*+DVG#V5NL#4!idk=z+O0hMvn1iZgsc~E}w5EL9eN=x^+W>aF@yPQK7`!m-
z@I4t!stZ?Sg7M7LXNO0o?~gx79v2t&YseVzl}%l;M;2q`nm68jJ#1s1bXb{^tFaO1
z<T<IlSigzpcx)n~t9b;SpNX^Ef7v2@GfDJHO+|{nOj%4i^}8rJ9~I3o`QTQbG^<(y
zI*X#?%DX=c1o%^uEwLz`6PHZ-p?QZ`i>!?qku6>FJMm<_7v#LJGnctFv9SV`p(SKN
z9&#l2w&E|Bwot7dH=e)v_p{kwpRHd-<9X_p!2AM;5Qra+4lDhg`~s1sp|qKpSVhTG
zboSCtu}*`MF=kqsh3UmLps$^5|E=o=;?95Eal1!v8+E$3iN@f*-}`p{gY8rDCQQ5q
z>kgXvJx|QrJbNDJY7Kc=_DY?sH2QeGDyhA~DOCXuWN7Mohr;mKZBNG+5m>zSqr+a1
zmkMe;zTSYFzHRJqg7(?ML;5<7F}N5Z-)+Xz%R&ktjcC3q^z!XEmaf~cS1^IUotM`m
zanoV)*9@53n3QljmU(Qwf^=2ellsPBHn&CH;v?0x^yiW>)m^t9ruK^;Qak5}(ECrC
zh!)H1!GWU+>mIN9g}~R8u(}q<Kqv{qgNw@?NHg+7qCqm|>^20aeiWU_4{yMf5`rhW
zg7_khrxc%`N@4jLn5`*#{fQpT0gdA?Mp6CAa(0Cl?{QFjD5PQBd4tgW4H~&F?~Q`q
zN8T>);&QMq&S`G;92Q)QjUF0e4iiurWlq9<<4hiAvxCo7%LQwoXWiI^j_zx!lKc${
z$yf7yA9ODV_*46vR9#f({CcdkP_y^IVoPL!7}_y(wIhj6c(^#|a*sc0LBbeQ4(w50
z6r;HndQ_@&nPHuIm5P`9FXvzTG`JvW)XCqgLnvJbY#7@*8d1!IsO2Eg)kU7o4&ND~
zB2zAW7MR>w+v~bWoGlB2L33y{>0m?n^4Vo4^0%!hjIBcw3HPNV?FWVS05!E~Wpx^>
zyqG*Ri9<7J21)5@zM-5JCGoCbul!5gXCV|LH;_U*u&GZQ2-3}AHlbG)eQ0y@c21_0
zA4)wc!5FgOTtu9z7)bc|T|p0H*qw?^60yl{Qq<&Zv_kIZ+}@ivf~_^h!;ZV@g2w=N
zu`pQ0*VRTz;5Kio$_7JsY#(?nJYcEEL-rfUzn)l<1Y7Za=%ZDzj6e6s^biUO&Lg+d
zl8&Vzvarge5{oF6bKn8>{`s#TH9lK}!}oAw3ZC4GRpPJbuE<8IW;nB~!p0b`aLwx>
z=AVgh*Ex0i&d-l|_xEd8`t69?3`df?z5qw;QdNP%Qz4C{CW{#eWZl7wA?IBwB1_Mj
zAI`0#w_yafxL?9>QD?D^XsLdqdxQIz^#Y3|5b3a{4WXm77O%>azqY1j3^tC%NTf-u
zq%V?&dX#}IPye@=kxub(#uPhw6|2mVI)&+ocjss!XyWEAb)-N7R7JCoMKw>_X0gJH
z3W`y+i(1xi;8x<5KVUW-s<^9W)qWAfvOo(FTg5DoFx~!=;BV0wKBV3LgQdk7qu~(a
zkM)sT7*X;LO;F8hbM0QR%|4ud+2%YNi_Xls?X7fA=f#Rk`U2<GVyBS2pJo8qwu|-S
zIYs~<HQ2KG4?}a?X6FlR#pERRZCX#7Sr2eI<-@jZ@um?R+)KtkQRO(Y!oK&GN&aTP
zR;L!w7vvVaptfN=|Ed3Y-96N$xBNH7lemnoSPctm?mgwKyN%Rg{=xKUa?i)f)MISQ
zQ}oL0V_TZUVXV48{?(wd?*hSkz0$@S2F)5IR3LL;#E$K(^w?jJ^h3bQ`!jviN>!!&
zD9WcZa|;JaP45@y+xwHYhelei<tk72#*g=Q(^gJ``|XXxBqk%ZBtOXl1*^+#8M?VN
z<a^oZuu~Br5f|m)zj^jCiwidh%)fl~kDh3H(EU#)VdwX>VMzg!C;<(@r5c_ls?o((
z^PC)>loIPH=yf@5h-7~U?|=1L(b2i%Sab(Y-p7G46T;pnRbfl-+uLzfoYPoE)YGrw
zN>^fos?#l=9gUKkQ1DI~yyjnIg##a(E<hDxAiEIA%eao!;HBaIy*Z#TIWq}=k})cT
z8bcaTmBYx{Dl9Ih*5HYSP};cA`(v5d@lGPWG)l?WuWJc7S8#^hyw@+~4`puU_O+T5
z9&heZu2I5~mmUbI9-a@Y`rx*QX6pw_O+`Z|qRJYLWpL=y>hi$t+h45O@ov;&CG_0Q
z)eX7<YuLJ%(e7atb5^?19t6v`D}cw@K0VyjuK5B4vese25Vh5h$knMMEZL+6{G}K9
zAkox0HIdv^klP^&dZN8yZMmr=LS>cvVMMuWEB$~$dqhfI!qY|7G(a^&9Q><{E>gtb
z$f@%|VRo;ywWUF`k#nOW((&UO8WT(DM?&SW@R43Q4#K!QARf5=V9rR?ue@OtY7_f>
z%WA4tT~3L2{If3T%daO;<x<#0av!wSU9xf5{3l~Egk;23Rrkn4VoR0P62o9Q8DMqe
z{-y1A&rFhsC9n^I1R(H0Sgz{yqoy&cL$KeJsfi-k)u4oo!NSukjjzZs6QA3f9u+Z6
ziUDn+A{2`>;$%pNh{_kKfRWiF>+s)lP71DTLJxX)W*IIsrkYV0&wfpx>R>I!x=4tQ
zr6qiw8(ovf47Y)A@^`^Vz$HxR)u(VDmypPO1Mp4OZ$r(?$5I;~`VfaTGC~Um(-)o}
zQR-hVhF0T(DHlB?pzQ(yrZjb1>Pf?Ah|5%-xT}5I69M8WQ%skPj6B3gaC^40)SaK)
zFq6(jpS}|ZErKTzKE5%6<t?S-0kyq9CJBD+z+V|a?0R+(G91ehU@NHt>1Vn7Rg?mc
zA{Lu<Tx@pc)2Bu7d5nM2I9_f~<I32~g?W2iUiujfCZLJhp))$wcjX?zLaZ~DJaP4G
zgVNcm&xSy);ePtIVnq^4U9k^4z={(((eJHbZW;Epd1}2?8t=AveTD-z3%FTU|E-xU
zR1)e_s0&p4Z#|#{&UjagDhfr^Ss}YkY7rV+{DlP#k3lN62dhX;4r(;CsxVrPpYiTj
zT^;bdcbf@qbmWFcIr$w3>!MI=V<f5@kNR<@`&3?oKjm(ogn#PtbHU(<Am7M4Er-K!
zgcispIJ7ps5yTYh@}8?+@Wkz`<ZJsjsd=-0_Q^`GoX!?>2gEUnA${(zQ=IS}7D&i_
zOoiAMYN@ffuX!qS<nrTW%4TMS8mfsv3+9GqV#7DAze=>Pip(~F4o(Lo=n*>sU2|eM
zW*YNri%S`EcJZxD`CZ$2R4^FK`{H2LVw#{JZftJ`AEKH{HixUB=RqBgH%D>(8^N`8
zEUm|ypUJJNz_`yxyDztH3J(>xw@#-q5#$$>)}5G(Qruj;h*(if083RY8cAg3ielB=
zcV0W%e0&Ccwky<BW1+1F^_Mi9Z|`D`4t4$mB!})gt)q9z)xHi}Vge5XHx1tW#{}*Y
zsUcG#RuWo#I;|v%^xxn6he!^Iby|(7`UemqYXd+(81>2zP6sRp2b7*R2vZCuCku?;
zI@CVp$@@n!MJ27G>#6M4a2^NxoHByp)jf_nLcz`KA<-B6SwYWdLGwj|rD|yap}!n$
z)X|Lxm5?Kad<j6?OpGElJ+^8H3N6A<fWci3p0=2F*rSx25Iv^hC+1(qTJ}w54JBL^
zfP~Z1JR4LFye$&01W@b1o;OTdNG_P#anj=3%#x`Xl;b@cxX$nO@mi?$rv(><#D_|)
zZj{eut~F?4!=A}N5OV3`=|#dHko#u*6duB1-RN<zg@3iRHUEi=!tl1C{0{4v{vd|#
z>8-%_!<``WF)Q9uQ)3pM7Dq~=#FNS;C&3%ex2C-`gTQVFq;;SE*(1dLV1pg$Es!}f
zLTpfc!gp4Bmi)Op|EAsc181__+`v7?tF$fw<ExWZlcUd*zyYJ^fFqVXod+)|ciJ2t
z48^5`A703??z5YqsbK}3({B`78g8>{fF9;c><%>+4r?nZGc%@odWM@mOvZ`62QJc7
z-!%>x2?h6<mH&(8eS4i!qARs~Xv1Y|$Q0iQ{nT*X<l;B-yezoRy)<7hro=D!{^!%(
zRsCKPXU)ao-I??CmyOpS?P`fDxCB>zhE2{0An|?!9z3t2$l{RsiXAz=f*LT0UpHCH
z{<lrxDDR7Jz*q4EW|CXJC+H`B=!$J17iNc#3g+BhPgPP230LR&^)<>r4pwTowL}Ds
zhO!9=O9ZnBv&mtM)|>=c-hp8i?dyqI)j`6S{R-`TYKviQSxjn^&RbvYh7qyNLS^z>
zjp^}&_aB?L4$ki@?b~!UP|PG?;uwaG=PSD80XK?rsB6JN)L2aog#VBwwV|yTVk49<
zflwSu%5+VEhTV^cCYC*a6;ddbsFX0Tn;=cvsiKSUZ`nYFo<cj)+KQlMBd=6MID9#8
zG-!YAvCF>GU!jn3PywOLytv^TYUk6iov;<jKrv@n^D{K)E^JZr3Q$U*1bj>0)l12t
z9tqA}F18XiS$2^h3u!MfQcta((m=9YOY6cDoRvd5Y&0or{^lMxYEl>IAsxT6CP`?X
z<n@gN79K^;TnR<*wJ=QyIfh4{7>!{-SWo`9zbo418;Pl2P96YKaDBcA`QJd?!>qje
z)(b=*6sina|HLpSraaedHy@AGa^qVY&@g689z~ZvU)UMryjzSwx*TMDJB9eQW)S|%
z@=WV}e*{H7NfVztl+J;C^9NRq3BYd{_r3Q*)GATi^3&BxTD0Bz2aC16<$6J9!NHa3
z^EGl<x2e__Z^cw9%7ie&%vZMC1nq<-0#`s7a2*lxAoJ<oLGK)NGYx1H=@lFXFhHJX
zOFX3wg|ZG|4Gw>W)gn@goqJG_R(H`A^V2|Nq@#WjyjiOqj38J>f2IrPnZ#1o?My)V
z{)(UFHjsXCl~9MW$hui!CFK5-mlR=Av9)Ak(`@@sQZ{h%=teGZO1j6Z3~opHnqxql
zJlM<7$i$=!N%tvCn1FC;YXaF{+{-c;hzsaxFL!;ubNG5U|GaHaDb&Bkk&p+Ge;sBL
zhCy<ArEpz8`~K<vr)d>!pRr%`qqdT{?mU|aE^~aGVOIx57ZKOoXXeBN*xXeE8(30A
zUD8tGU}i#eBO-*hv99zPtJk$0zG471Rz9AT2Lq`a_MAtgE#fA+5$4jy1a^=su_=bQ
zwWR-a0C`urYb$K`B9A|_x!#N*+q5ZigwHz^2~s(Erc>H8p_s()+{Z4M8Ryy=`0?0Z
z6H9sEK-Vm=ilmA=t1S#e`!qbxe&?)3SEJ&dRL6^;zxV-T?il|lcA@z_e^?sGnmnoC
zfONowf6gQMlxqw7jpZyh<erMu@pYXVbN4$3Rl;b#@3JGY?4Z71(vAmg@OBQCVIsV!
z_>S=;-tsuH0?kXUlWJzm7pBjhW&^xuW2;i(C4BG*3LoCurDv<Z*@uvQ7Ao5br%+z1
z*tuF9qOr7Sx(N2uc(X1I#L-^?Q}-+^&>b#aL{Wnb8!}0=aKG7Q45mw!zV&u<CL1I2
zh;my^J+>y4O?X>VltwBAO&^;hUreb0T=yMouS*woO=mU(^6@*%9<V@pZaqn=AJ(_5
z(8)zOuHFhr&aHJZL6}AG(cLyn2zDRQQg||Z&uZY43vDBlPejHc)&c8PH1e3dPm@-5
zOZS9gwwNlC5BT%0>2p!(Vr<MA8=i(y7AHbf!-u}V`7{Yv4kPc#?{GNrN~2LTeOFGl
ziW&nPiovOC$`6BuC`Yk{Sx8bPS>A!4`7fg;L$YDyai(5@7!@vWe(1NF@h+~hm@(A-
zx!b-FFz+lh?9v>rK$gA4ZHhID&zH<xU&9Eq^4*V$W@{*jI5mlze+sdueup;%83q8Y
zMbJ2Fo-HUus@0`u*vCJ$MNnrqx^$p~RJT#r)Ol=j-i}L_s8F%zU>O;u#_-Wh2Uh19
z(xgYrIc_rirAR4)q(u$~eXVKf7${JafC4P`m_r@CPJ^0(_3l9wwF$K1B=ci=D%#@U
zM^S2|S!{313VT(kMV8J&{<2P!ohu1wD@LahT0f<Bu~`VKob}hP?XNZ1X*|63W<HnZ
zIFx;R3^*Umr7yt(d5LqVJz@>&+`YA3MIv<Rs*d_pjw0GSsM%_n=tTKj05B9QfoG?^
zi8=y$3paq1yQVk$HEcw~zyy2&f>nUt@q^=}Ea(UOp<YSiMb$VHP?0v4g%k(tus#&m
zn%M_P7V!!2${u5Wd-`lzm`L_G896gND&i3;@kPE}9Xys+h2Wd+QgiHOt6(*!j^RN7
zT^fI80t^g8iS2LNfF7ZSDxThi(ISz>QvZ<SVmdP8onFZ?Y56Y7vRH0e?M-A*xBM!+
zzl3oQC~_7c(4^@d*Hx%vBjO<>e>SI0v(Sq-=@6z_KNpiNg<c)tH?SPzW*o5jQ4ze-
z;dATG=YfOK|0M5FhL|kja9%y$?Rq&-wPjKBXagV#@%e>ispvkXzwH^9UXjr54b#*J
zVA&K)h{-{XQ;)+c+ko0d(|rp6tDE?YgR`asdd5Mz$=&qpoyVG31k8p%<;cEhV##Y)
zi;s9C&NdCp>L2Xkt&m(Q4y)Deef2h2<!x!!8#c@&9KS)a_HuL(jSn*zNhQq!V87)p
z2SWE%`WF7iOg6ZB6X%q*79^G_$)<~T9JOQ@y>zwu5QGYNIk<Q>60)76C5$i`Ei-$^
zfiS+IMl+W_dSVK`;ce9IsgocQOj0sl4Un@Je1K-M@0?jz%ziIZwi=sdeR277(=FPs
zbcT+v)RCs7f9K=K*|4<MB=Af7Alc{+6%$)(^5&IFdy8w|!&pHDlSlRHzS%RHxG*UB
z`6-Bl(M;^m;JHS2l3LRNd8Os9@12F_+U#NYN-d<dRt4?f>=@@0o1Q1Kp9C1~Yx!#H
z3(V+BMX33k!xtIMvVBaFV8+PSYxFA1;ZVsBBWH5VF75}|E*B)V)C)nTzl<ap*&(~w
zkNB+vtXc^vQa63L<Pe1PQWv!UWdmuMk~ZHJeHpcFh`eJq?H^I9Iv{5AFJ2TDR?}$K
zuWqS!f_**GTu2~$`g1wxh`nguJ$=>Q{L#4V{MZMUXxh83bO7U*%y!&~XJ@fPhQB8O
zAh54I(DIcMVyk5Fg?rPa+~a%vcU-iwN<*vR*QiGwVyOO%g&*-=<a-JO`Gs@s5m%c<
zDDN}l;c<5QKttKP)ys)Xr}FI*Nt0L$|9&pUO=m&Ktn=1V|KFoc-1SkU<1ucI5TeUd
z%utpk#wqHX`4_0kR&gT((|IG>G*o<Tj&T2Ppf1oro6fZ#x2x~>e-LuE?dis+`pv?g
z_P3S3ON6;G&kBC{+<811CHO`8hd-8&`$n&Kt7rRO77<ZYfp_B;%Iu+x_uF8g6?nR`
zdO5SAuxDNnad+R2mA+*=gB`Cnqe!s4oyYeJ1h^QBMjWKfcB55yJurIG)yZk;&@u}g
zrQDU`$rUbxDO#wtf@Rkm^3eZEU|>B-(Fk^|YSYp+!5UkB{3YX|Sl4CN8^N+QfwRZ=
z#`{DXugnn3k+r}^ClCfiY;z&gzBuORJaRtDP7Kpx{nq0VhPp+C#Fmh}KzwLTxu)W|
zcK8PC`}#dlM=tGXdX!;5E*EXmoP9(M+MEgKpgQiFSJ{)WobjQH!qQ?I%|2xAUzHu#
z#76ZcZ1N+A-iX^4w^x33la1$2mmPe_%hW}b<@^!IhW}%#Q$spq6H_nn2w^p9F-RzJ
z7ANPIH(-paYmmJ8&^3||FpX$Y*mF?P4@r{}>5FS(1(F9#>*uG>8wLB{HMF7roi%RH
z1dchv0Rl)NGHhBLBJlfo*)RPVqTv4)*|7GF2sz&h;)wl6+mFiZ10DleqOT~r`1@_6
z0#}u#?5MxZg!jf&2VxSmIkJ_Zo&-HYx1XvbI+`}{fiV#kk4$XfA{57iTAw;uz`=_6
zFXASHNRU9Rh6b@ZH!5Z7UDTWUr<lGrLPd=}9?EN>I(}wY?>(n@tyd!p2JC^+0+(ZY
zBYfRr-Y2{}-C)C^4->znn+1&VaM(e~U>Ef|p_E3fM=_do_!Zi_JS3x9O+SELtn-i-
z&KM1@3-MFfgQDeU5go!M--%#wL?wf|=)&>Y@;9$WFt10O3(x)5bl-P85SH~!Kf+pB
zr*P54B?csawY|%nyI$F-CBGU#*q+$M!oQZEwBZKVxNUrsu3+q_<??3fxi*kkzGK!K
zul!_~@UX2akG<qFIL{~^W2hR4#uUPcjZL!ZJ)|r}H&ya2dHhEM2BHgyhNfRMP>p~t
zJOl`tj?f3SW15~mmp@o7;TRYR3wFm9y2!7h#nxN2WmAYtYm}m7%!Ga7M7m!xg!a8!
zbL8lughL>&_MH#HO@kSu4m>8Xbqeiob#of3ni8&g1Z<Fm(*0x*upk{nMYNOqmE>~Y
zVyB}g+6fh<pM8SKqwa;8Vc#{1v{m1j68_^EvTtF6-en+X0BM4L8n*m^lQ(XqZ^E5>
zYJMUVOV?QI;nRfBTaAj?9pk@lYI!`HE=d!@mF)!!VvyClmU&rfeU2QaNca)`gOU+=
zch%5H6c%R&75rNuC12qX)54M>1%WA*@((fR;uQ^%Q*22gObrOrCelc01(X((!Y?DT
z>V69TV~}j829Usw+oHiHXHO!=e+Gk;pq2Ym!<SF?U@j6uTU$BRi|>X}$b+iX`lc*O
z-Ng3=%u<T35oevDWBgWtWUH_f=a+a9XH*Us^4XW{DC(svxB;Y_h^mH8ZxnurP%o`>
z(qAhGX8-P&&UE;U1YR^OU~ZUKx+DfqXQP}aCRtTHkelZn%8}kQ;&@K_7rl<3N%Ti>
z(3wE!-40CI>h-{J$vr~bf7)pj$=_iqC{yYTrUX>O9ZpIP{rz;M3L&&a3>fT98N9vH
z<{nt$k@Z`be>OGUJ3mx-oCR^I50NS9)THqFizyqnv#PA`3lpEe(K>@^$N@ku>gxD<
zkaps%+;8#D!PezU*=`zK$xf3EOP_O5jtMl!%2w)?%-kcP>8g@0{w7Z?Q3y3JmoowU
zPrIPi;x-L>k*wyG=m}b<6s0+PSF{tdHL_q!<aX-?V)=ELC5*U!R>2v5ot6>=;dWd_
zBJ*>CN<Y^Kjtvo+pE|wY@?-oo`y#>)d4k6A$2FWzmG5t*YTCYxkoD(hp3L_J#Uv(p
z{-=A$bq`avmB&{|u1&4FfWzc`a+JgH;Ha<w#X;lPJSlZ3rAhXI6d4}IYtcU@mrR^B
zFY{hlSplT`!r4_058RYMSN<Kfm1+Rx_s<7xxFVn%lYC1(GbpTiq4}>~6I?1!aX5{1
zixA9zYC3HnpU_u-_1nT)T5jVjLJ5g1XM@XGp{de;1^oL}OHHb%Da0~Zl=H=u`}pK(
zL;^X>!T*{2Y&*+$mjUcwK>kkPjVw}Oe^k_s>NmbZa^LA~U!Yh+<SZMbcsowNdHm(9
z)`$D~zHy>6I3^^z?@-D9l|ofG{~K(Pj#orUwoUKDC6w6=)T=^%8GFl)?buO5Ajx(Y
zdC)xO!cU_zxzi&76+el>s1#W$p};D&S4y4IL7A<eBJJ-UgM9;O(7Y|$bb7XY{Zkgr
zqO-Sx{@8qT!MIEPP=^Yn-c&V3aOr7j`7n0g6zeK-_{}RN%98SfScFa}0xE#70IFUs
z(?BqE!{jB(v(}>+Wfj=Gk$CO4B2O&|JS06_)%SOwmRx^!cg<3e_-Mz%cs>I|PDD_~
z!+7A_{)#9+<-&|2<F}mdLnS%yHsrCnNxs!eon$Sdi=_$(rb4IO7i)nhEesBgme7hZ
zljQT2d8_nSrRpO}S+qsxfoOlzIuh^P)ONcJ1Eedrj9(<H+ai7ET{TAr1!s@=tgXZW
z<uAA@je5<1Gjh<F@<IxFLR~{lLG0KMyJC3nk}=a8uJS?o4SeO>kDJy0TIwSIxlbP)
zkgOtYB%Oi+<Ey_Fc2iQ8k*SHYr^k}gmW;(}V~Q=}D;o`Ua^(GGrzj5)7|3oQDRO8%
zAN9f9T2gO4jy24eT$2-$z<k0tK3ur^tDgT%(O9yyi))br8tPzoPy83%dg6>9ei5?e
z(Vc<$FpYTZ<uNNoy?xWBm$#%{9Z+9S3J$9wwbc#(BZ}F<*D4Z0)+wk%HAGU1NWxC*
zu#l1-Nkn<qNFTBVuo5$3Hrjwt`Kwz=5k(ABnaG)4YL6sv*+9ScCM#JrW6wlZL*j1o
z^Nm$+sy#IN89bd|i^0%$DNC9Ss^j*v7~^$4MY(Bx`_*)wDt%pVuoE*quQ$h7BqJUT
zU~_w`4o+)T5TM}AFKr)$U<lIonId2%qUHWTf|{u17`(Eom5{K=HwY&p#!r8dPd3H|
z`R!g9LK7r)>0Bycyhk~d2MK9May8<{z2zGedag}}^AS4Nlt>+YZzz4|_D#`s<atki
z_Uhghm&woZ5h<cn!M}~LyIf#JI<RwajL3-p#z9<!zCq(kT>8vz2k{Y(1+Z@`#l`vU
zAoy+?>p}@Z?xJpsx0Ls0M8Q=o8&f!rNXlROIa5F`!}}R$`obaNZ2$3yNYXlzN&3tX
zLLBvuJ<*auYTx%>Z>E7Ydd2ai6D11eaeBMm*vvOur0p;zNwsF7e$E)<mh9FLqpsBJ
z_lRI=UnT$re29gfz)$Qh@jZ4KO3IFuiJu(R(e$U1G0n8qjS^VKHkP^&lTQB(nvIr*
zd!bhs?KKZVaoR}yX%pa8h>cppl73TwE00YsE2Cyx5;-=!pR1Yu`YcRm&ZZSW=Lg-r
zDq8mmi`%S0aemwUWAs3kFz8qev>4=oAA$=W<BS<{w*8EBTW`98`&tcEYaNvQ5j~Yz
z%mp`NaWI+144ZD@zt|ADF{}&7<JSYN3OTDv;gOrta{r_E{qfWn6TbcRyM^GuAuDS>
zmq_WCV<%aiZOY&;g6C@vXlB8?ftwFnx6@Z7p=Q_Bzoj@B0+=6X)fF5jd{|^IVawDA
zhipNHEz3=$J`8s5japigpa@#+N1Px3H+?1C2d%njpSjs`d^)bZmHx3YBT<&U9BjF^
z7Rf;}hY=mPy+vu=$H+zUbM#rw#VTpgapSLv`qDXKLB{xtge>oJ^*nV*sq8xH$S9ow
zBKo2|1Mi6^A<KLI0WX$0zQLA+qP%3)9&$*E=kQih`TJ}4y%TbA?8sAwnhbBYr7Pt(
zgs0NE%Q8$&bfXSN<^3WTxG%%-PXD>rfNt`zgAt<>tdp5|4(ahEmA^R_ReB#33oE*V
zU)*LF=*H{+f?NPQ{!1Wp5(D{&OYO(SyDXZC>wSOkg~i9HJqRzojghw>CI-lncM0=j
z;^4VBWU=1wm)X0pYxjeFb(cqW5Fz<-60hXEV_rCnsKKWF9Mv54#{Mx1C4W1D5qa<3
zM7en!<8J(9CVBJf)$)mPFaD34=F_&vEasPuA-$-*?M^{pnAYt#$>%8LD`pKJl6c~q
zr82PX7R9FK^lWX?6}yIFW6QDAa0PhA4b>346Po`juO7j`4@nGpD<H!0UPe^Uns`Z|
zeW*o{U0VFE)(=Gsln1Ngk?`c|P4n6vZN^S#9tBxmQD;s5R1MS767VTQS*MgrFaV-B
z?i$;@%ipLMj2}-jN%-*127$kw-PsH32jwEIt3PfZ`exl2*yIW_%WN3yL`fWUq7R4K
z{U*5*lCjRLVIh&Hr%rCd-;P9lDs&$fsRWd(Kp0b8Rz8QVG2BgP4ySAT54-e6!FG$n
z#yT3!NtHdalV!~ShDst>t}mm{M3r}Ka}j*5x$=>i8Lg1)_B+RTf)WAaNX6K2JnArX
zI_OSmTBINeVv2$YZmL?D+65_#?S5_FRu^F?6TSVsV&+;NtkAL$hy3z>y3NF!YO{o<
z-xyzj);MI<EgB}2*30jsDD#R?TuZbwH51E8$8t%)2Fg5<%n5Xh{*h>FLJblxX^?m&
zRgTK`mN#Q)b6L;u9u3#m*<i?M7LVDP(?>FpG9Plw1QgMYNiDhb035>c%&<Swhsf!z
za-$Tkx2LzCf7USFKOZUr)>%Cm>u=Pb7B(f&;`vl{MJW<ORgh`ri{7-IfRq$qa2SL!
zg5FR!yRGEeLq2Q`I_m=MSt=pR?bJ|v(2?y*rYd69$tcws*-66ZDF(Nb#V+Etk|`YQ
z=>GbdmHydwW(Za~ddK>G=xiM2C-SmV??#RTBLxqC#x4c5QfCwsO|N1uQDA*gvuD6#
zE%PpoDe5|PZ8O2Q0p1l)l?!ee{M^64%uT(KWJzGYD}QWXW`2DWDuV5e^R@Abmz1ma
zed#C-lj9wqj=KGSR!zmBvB-~D-f=)~HW9%p!B`YAH1%63+f;_M-c$otXlJ_Lu-qTZ
zAKgnM#XKOl3>f&Sq#x^d(VWP4rEfj0p#Z>JV5Wb&zkg4q^<nzigv9(Rii1gT9kIDe
zW&BLEU^0lX@JV<vh03RkerRR6kuEI6S;z~k5z^JwP5boS2}@d#T1yNW6Z0V5Fu6%F
zd6aDbQuEYqXz_H*ZR>%YtRFqZhOo}c6%rDMrD_P=>zs&_PnJwo*7Ak5OU@{(9=QGc
zfElyL#GaW;pSm8|@Hz1s$kG4G7c3%ZWjXYj4E9WVsEleVbQLzghJi4SD`SbFqPk_a
zNr<lyAKD!?=ufcFotfR;0WZ6>dUe>{A=7ZK0OO{7W)zBY=%xCmP#x5o25@^kIUi11
zzq@=sxDoN*y1jk8Xnx*4e(wT|wmTE32qnrvw4bVP*w5_mF1K7lEG?DCP<X)1&RN55
zy;jvJAqjRPT++_Zq9}8XRLs;k_I=F(cSudQ)9A~5`ejL*@PEpTeJf*NBg3qwcFdJ&
zJHrEiIR(efWx(`%rc0<+O?29bZ$<M{u!2w3ICJg8!|nC-^L9NjTi?IeUA(b#I<8QX
z+mz$o{@&%gfpr4QR{zi3GY0p!KiWT_#U<WGjVmT@1x=RKYVAPzH|UYcRKe5s%%b+t
z7NTm1pq6m^H%QwqzhRRO<IK`M_j9I-7^;RfQWpwn;QkvPr>*Ry9fozx0HKuj60&jZ
z)Vp;X1(-7)EUi7;^@D&_hZ{=J)+<z<L~wxSt5Uiy9Y4OsT?{L>IR7OP5w@!QB_x)n
zyff8eF=j#^y)5ZWNNQ-{yN+l{R^f6kM1|Z<a}TxtvI2i`26u6|&;m3ZXVqSj1wYf+
z0K2KsLRJS({`4V9^zE2{q{JE}kd<AIG4uhah{@5ol-(I`gxY*VNI$O1HM}@K*zwMx
z;#n^LCQ&=rLHku7*^#fcqc>4wb*S0=K&-8wwIfJS;fi}fY@lRhD4%JLQ9qd?lGR67
zuS|6|%Uvo~VuvWnFANmo6siUB;dfklft+Q*6px|2dX)ghBCFX6zzuVU^_7T?8Vu?2
zY*@bFpjKl2icBVG3(`4opT=R1FTbodC<Y{ac}?k_o|~$X^|;A0hBMo;^(%~nzgM`c
zCNjb8W~ra=n-tfQjh3yJSPv7Ev<1ZbCXpS1gQ|f<{v0W7^Ktauv!-fTH2Z9OWzNlR
z_gh3=LID^U!E_GXh3qr^U`5)*-7&^r=;d_d34tQogH!H27+0L@oD?6y0LsIk{&U)r
zJ)?Dy_PZ?k%t6_qx>**-okn4_AAYZoBX02kh!IA}V&zxZFvhJIHHS&1wqbT`#_nM;
zuklr5!v0c1n21MM7fw3ASpFsm7**Nw{MjHve?-tst`wWnt>297Qv6-plR!A#v7j$a
zC~o?dGb2UB<tCN-?!*uNup~&a!u`4JzDLxdoE)8&U%rLEU#L9?BwDD9b6O>->2aV;
zOjs{U7+IIrbor+)VNnUYL@4^r3VdidD6G}3-$z^Qr12}n@n)j+V}R>3tXby5+-1K(
zu;Lk3q;e1F)&_ray$ooRg?il?I-Uy$XP<1cc44!`Jek0&5151WgLo-KBRGXmbK7kX
zXT3QW{}JKkJM^9d@;pGqhtB&mM^P*>rD{)v9Rr8-+jYZ*9VPr^CdGRO<Ufa3=TK~S
z#(4K-)qtL0TQXJi_0xG0{JSd>5mrYYLOgPqN_wj0J`#0%OrAQ#BRw1mu$?8!o%FBh
z>=`V`78MENK@2wDE9o`Jv}@Py9|Xc{3f*x|f1SmUWpC*r359=0J(Z3!7F!a2@vqDO
z=|LFMJGr3*X(v)_6dj{@&iG#tos%pe&>i5?m25e(o)3#j&k(^Kyl#E-^XH^&l>bFX
z$Nv#^m0?wFP57!H-QAMX-6`E&($Xc}xmCKmySq7XXz6b0ZUO0({Eqrv?_ZvM*lX=I
z^UlmWvt}p?U1=WoE%Q|f=`^r^R-d)tC-U$<FZPmY+gcrgi$@7TtV7fnGVzErmFhwq
zvSwO}!bCi)tGJtb>VD#q>W`h0Ul{770<`pODWk|G`#b3oEpTxK{t0thW(tJa^B;yc
zg_t@3lKVsco%?h82pjw*x7I{jTw1?@U;+<8TKW7FyJbqg^w<H#XRd5fUF!dgbh<ID
zX?K8sEhHxAHZOeVx+=ckMm#OK9tSlkJzZ(`!wUDS)qvuotO_5W7>U(0&yWDoq-f!6
z=#Xz|M+I+5nK*l7>|-;Z2QE;8t7Pj5dJ&Jch$NXl55?W{Aum@A$6u1Pvcjc9QBVz3
z-tZ^QrM|Jah&neLh-_0)FDqe#Hssnli#=mEl#c5<h*?OhtMlLL)J!d`y94S$kku7i
z6&AYAin|EFUxoylox8p7qp^!1bqQf>!kp^#Z+ZpHFgeq+R8UY}{v&aQ#6z_mMdor$
z!IQqR!cwQ;IyPRrn%be7vpHIg7o_QniZgIofjj$kuVHZv>pbq>xCZLZhjr1Z!lAT)
zRfy&&)(*OTQr74qSBL0FXV`G5-)~>yjI0tF*}=vByAn(pZCXA<ucU<+|2yUCP~1et
z2|%(E|Fs92CQRNR#n==VB_d?ZM|OoUdtq$qoyR0N2qJjq_4=P?46d&}`_qBaSrb1m
z{v1$aPK=y2H1EzcIDX1_D2Q57NqG}Xb*eU76L)lI!(|>gI)$s%nRyiCJgL6~LV18N
zB`9T$OQ0H=<CzRzc~|bU`)iE7DqxXMuA6dHFltm@a#$wy_kt(U7%eqW#UzoX>uB$!
z7n1@IVUR5LO#6(JBkiUCO8`&CkXj<+#IpZN02dH@3USCuvK5R#sK_YKov`raA(n!>
zgans%rxsY`hU>UQxp3^$WMz<b5+jU-1iBh6(vk%_V+deEL75mJy0gXhg>J54{qo1j
z0{#%{oQzkitnHpSxLgDOcWf%Zp}i0JYY=ip{gia9MleNgVQ5UNz;1RVNEt(+AqcF2
z|CcGZ7@Cj?La;1=Fy)iq<SOd#`)yJWB<)Rzd=BBmbblC2ynmcrBu<s2KNW_44IHz1
z%y`m;zW+#z97yXgSF~WvhnS|lwik!WxP9%e$}eT1MauP?K}PQiSSDrMMkW%mrF5pK
za1WV?-pOAVS3op)D<T4pCiuGmsR2~SAOyH3$O2*}<VYLu`y)O&#z(q{y3S16b5l^_
zv53%ftu8wFGG;&n(FnB_iN&#>x5ValIs_@cQ?z`)<IQt9T)DqF(Ri%2KvmF|rsvi)
zT^dN=zLcpj$6~nAq-3hw+yAT@SMzk3D-XLx+l&-F$IP~QZXY!_=ZBY+5cDU9E}=_I
zym@{)L5iXoDnB(;4{L+aievNHts4h{m@WtZbqZQi5b%GwGm;P`CT65Saf8TRINQ#~
zG0B{@FeP1ZuS`jp(dNjkdR{?ieSXdgZm@dKoX^g3lhgHq0+u=_Xwm!?w>jty{*X#!
z#n&xDS*<h_I=_bIjQ+V3Vv@-FQo-_DQPADc$&I>>*4Fz_!0Wc&)4LR<)dwq*?u@qw
z2(r5BK`F9pcI|h#@-C-S@AM-X8oyW7%UpEZpE>)vzkg<re!69Nb?Po+fq;|a)v7~W
z4=RTx`YjeV8)TQLI5|O#Xr35U;#!hqU&?55_>18b&(lr9CF(<S*@t5UWOV%_|K+MB
z>P>?ux&y?%L!iOJx)62+c-(q_ZjC=09>$)xOfFLKPJ=amGE`imaVx>PF+L$Mxw0a`
zN-lsjPM%x!`-iugt8)?HzDT2kpxra2YeZFqO|Xx*U`6|B$4Li2ptW++@k6mc;a1Gx
zsh=9Qf@k;V<!wO`MY5uOOmn~J&3c@v_`&a>=oSj6gbsESBM6Xc3;jYSJ?w8Ho)PWZ
z{)XSe5q-}=g~~%4`*hzEVlN;+<%R!~bQNR~JJ=8*bJ1+sDk0vDOCfW)iE2@tOZdS&
zBg+GwR>|KsKE?P=MX@zW36+BD!Lzc#S%a67grYQ?y=|K-{LoMAXH_50Q*%dkv1ZI}
z&RSphEiNGJAnbUeI%j-|!?CXI9);86cbhoV^`~Y<P#2-<P4F$D_H8w7w|@{NTx~v8
zy&2M=<$$zSVuJfiqkW}M0p;r5Z_YNf-7$Yx&V1YqLuBx-kH%h|IUc19fLJv#*omt)
zlr#fx3G&oWn#-K&CV8?oi$kxZJv)4uMF27#<?Dm-lP4mSX)(#SYquoqup0Sc?M5a0
zMbbJ2yoeOc?6ELxG78V*bA6+hl2*2k<zqWPcX~hA){;c`$`dn1*A4ihGnA!BwsdGH
zh0_=c@e?mnH+n$fKb?%(0fHHskw9x(Th-5vjTWYZo`aL2ex}DY+YWw>@tdo&2Eg0f
z;ySAbm+FCJ<ypgDNMPk;m{E;NF$gjms|EV*G_IZd(_0%@RDg1`jh0Skh!!4>;Y)b+
z8wKfU?D#x!)n2S0o{{#Cf`5a-v;3U3DD0_|U)3IO%@1z%)><OpLX)fvkV}ln4>Ky-
zF{0^VUB1Oa`XOFr{#F1GDLbnakM0BG!R~VCemFV%D&TIT^;rOdIA3<pQ@56E^}RNW
z#`~8ZlZx(}^&ZnqTq&;B6t6ZuuVLsXUY!-wppbIwUXk#qJ&O}@I_Ps!1bZm-9O_4l
z$a&?{hvtrW;IX`(s}HlE5&FACwDg?2C~TF-mc^?fpqK}8za;Ix-*iSwURK)$KhVsA
zU1syS;nB3f)7v<HIEzGPXss8%+52|5D(+F)_@@<9AroSk{Y*>$qZ1Qqo~ioDFNuDM
z9ZY>07x+fsex`>}Yrs-B#J*_L=reAD|DMf861`MfIpXk_?i~U$-K+nUvGqeSu$mX3
zb^_5xcf-PimBU<pO5xKScV2v9S)oV+f^KJ#7piqeRo%q?@UvVR2c{>gvLm6vA7fGJ
zdS(pPo{T8ggI)<bQaZGme4cyT7p=lR9U%dTbh;c8E3Wt{LGGXY5oAo=M&e%X9B$`B
z7yK#qK{}NXf>pD0vaYUVAcibT43jXSRVL=$tGSB2f3v-4Ik?SN7Njf9Wh=uPDr{GW
z#2H{n*Q6b6-MtJw?`+(ef~Tt-vs%bS)Z+<&lIz(FbM1Jv-vbw#3edevQzBI?+fJyc
zVum@kFv&_VxKi=ZT2s9&8GkhJ-5W16LsR*T5>MEM&q)Wg`^yPxYfwe~u0OzXNb&X`
z-X;%{%bXK_Uj%yZ(R=jT<eO4gu9TRbvVNfWdkv$bS9N5Jagu*iGaBqB=aV9=9>4gK
zO}VDlwcbaStW`mQ3g6|mxqgC1YL(+2L#p)SX@wUpP5!CaBm6C9hp|6-5#tY((PDsr
z6mwk*9@rqr1ei_i*M6=9F^=7n<u}Z@a9^DoI}yOe^UNZ~;EB~Oy^HJ`(|~KpVZ*1U
zEp~x!(JFhR2(=%0bNG#pw3=M3^L9<&g_eg)=_k-DsMH|Be(1IIw?6xqgqR54M`ZAY
z0K?kMv8f!FYTU_j&wBMf06WAhd(*e3Cf{kCI(8N`J-9VnVWd5OmbpH%jzmhR+i`q0
zAOLHw^~n2MCD4%>9ir?*ytZS(TuAaN+R@oYEIIN0{yXAgQ{b^uTBM%%7n<)NPw@RG
z?vbPpQP{EIUm9s|CbP1VahvoZSP&{j+BHuc*ot~^Up${SkHVd7T5{WsE>6m4)*U`R
zL-$acuhn*ikf+e21<bm~#2bz`1Eg+I;?!eb>ZzcsHXAMx--@Fr<&Tu|mOGAlyqNP0
zwr~3Ht;)%ehp}T@e!aEJY-n{Q1D9#^HPXJw81EqF6lwmHl*|%wDLQ~y`>vFKX^fda
zuiv^zg?RSlV?9Uoz3N&1CP!}I{o+7u1YLk$3Z<VkJkEeuD;05SfGPC(??aGP0SD>}
zqe}CzUv73%#=G?IP<_cSZ5`dOlZjSC>lY`&B9+8;1qTxU=a>vlOh_VFeuofM5-Mz<
z%VUKHKr%XB#otO~AGkQ)YrICEtb5~E$~s*Nw<!&yA8cmN)7<ZOot<L3^Zm~|*}z76
z!l<L%n1}V4bGrFhgJGo<>{7TJrg1U(l}^Nc!hH50QaiB@|7A%B3RC8l%KH&$W+5*X
zV;fT-W8XUN0i@{T8wxki&gFp-gGr^f&Nt~B)#J?2V(2THb(xLLqTLbD+uSx!<62n@
zZY!G<QH@=r(r2}-&cBain_`Cft2F#e?!myqj=`RY(kV56K{?bocQ5>|>DWeF5h}7h
z+HA^J!7v9G?!RK-5SxP>g`*Pm>p<enO1mLqpt+L|z~RUzY5>gu{q19aYSOci%-ddY
z^YT`}S$3J}%+8-pYq|&A;LdsWBUiXdYxSOAQ%r#2;Ue<<?TID)u`T7x-i*fKSDFxR
zY1{ovYqRIli5?O$<zKl%$YH(FZ{GLLBFJ`hCx`{EYU!-SaOYC9L58%Hg0(=D9PP(I
z@)w^31Nzj5OdV(Ulxhtfvp-N>?Wtf_O7*DdU7;8A*Yd{n3*;$R5F~jrV9$^B$t|<`
zL#z(CzwR_U&-7~R&oU*!J^X!?yEURl`UxDv?{$OiOE4!@NuMGDT!eF*5iRvD>J`>E
z5m*>m{zDIdmz4tY3(SX$ElAyt=l!L#ZbH`K`OW>~8Pr9Tj-L06XZIWULQ<51izelz
zu)3vEXg49d)>`gc<*&lnvR8$P{2_`52;aNW@RP%Z{o1KTWf31q-p9*bY`R_f=w&v)
zqz`&58h@KNIUd!oszZCQpD9!hznbWW9w(*QUf>Q0hPF8HSK8ht6+OK~xq9|pCE-=X
z(e0q@6W<|jT=X+d#7cl*IGqLK@OtwF?p#Jc@`{J93BPn%D#d1Ka56GE+EY9<jaK5U
zhf=<JD3k#BnDDQ>zweuXJRegbG~Aj$vD~4_JPbZ82!mB`HdWQqiM(D?Uughl-m%es
zW~2AIJAf{8AdraO;y)X@ZYWoKGwBeWqu+`*)-q+}FGjpE6M}jtOoiZ8igXrP*AUd-
zP`iB4-lE*<<2|}@7WO7y(Pm=t^sx=rEUK*INHI(E+1(peOkHyv1q-0=a0w{7)jUJf
z|8a6tWVZr?`qa6zM9kz5^GpxWtwHJ#H70bQI<Zz+Do-Pc;7`CqU*0g$#$ual3csP^
z+2bi04(=C^HSvHSjyBTWi1_QvJ{VKC8VB*tW&!#tQ%7rb$pAlm&W$shR`2|iuOA$*
zP#E60+>mLcbO9wJ8b;eQ^_(8-4ra|hF9PurxNrfI2n#;~OgTn>OAlXzgS=C?b*gbt
zArCzrBiTyeDYX<_fwcHJbs>dxni{=94_}!3qLJ?Of0c;FOB3w<$fTvu^S;t(bwJg6
z&5`PI>o|Jx^rG`B4ujA>|B{n)&(I1=)nadtp3iMF)8Pz?=tlosSyhcBb?&&7A{pT0
zx@yYF{M>egn?&oiEQdm@rBMo*OjVKH#Q#M$!C1GHkS~9z0-CdG*#DdQBC2*FkKrb1
zY%?tFm?JSZOMnMd677FRI|^52XFlik)gD?S{k)#rR0kI`;J#nEHfO+<(Vtmp8I7WL
zTJ*R-J|0j*Gwmo7TEzjZR@kkzaoyNAC$CE^<rkVOmKw!;7a<Sv8wr;R#|Rz88VE?^
zf{cE8oZzqjdRD9b;Wq^B!0IAE^nHCk2YSpRo)SqBw#-l0UQ8p7>;ny4FB#cb8n4{T
zc^dpJZOGK2KbbD}O;}L`LcX44H@n6%x4pqm2JqDz7{HC|gNA*H|Juq*+d;`jM)J;~
zsOD8u8?~O!6Nn1#%v^xJ<zyLghRr#_O5H-vW&w;%JX_Q94eE~Mh|lf9PLxNYwDkFs
zj6V%p;|OcPK;y+^#A2W=limDB7S}-=a!;WjSZgC~m}TMQ_7X&n7Q-eNUg#|#9Me^%
zvvN@S0#K@EFY$&5vE|0@4hei5s{YOTTOMH+E`3Q&$Km<v<yl%fS9s{2Tw!<IfR$5z
zp_qk_Db$9ZhY4R$;(#iQ@r7OuaPi|pLL6a21uVcR$n}=#QB)dR2Nd{uAH!<`2mJYH
z^5eLf?IgJWV?((GAtY=Qb~0z{Zyd*J<|Dd&0t}x|rRPq|pP!tci|O1GiRfa<0kTvy
zyXUN}t&5!U=cOEMhTs|H0FAC^X#;ll3|_UvBWukB4+$%lyB=rlJ&Gb_nN+aCVg67k
zZ4iQ2AJ~fMul^URih_vw#QKS+_hrAi-+X_~pK%v_%pv*Q3b;SrztaR(gaEZDfX`?;
z2BeV$^&-)kq;x_axgG|t-sahdLI1#R1rFKnY7(i81m!{Y@mF!iE+z^k=4I{L!8U<v
z4BFr{O<>*Imx)?r^l1X)j+@N=rm>$f)W4c}i?rSO^8>CQZdO-d_wY3Opvq(pyU(CT
zy1}KZkDhm@r?sV?za$A5-7)NM#6kfUvjl~3h#p<ZcN+@kHl)y!B^|WdkzO2U(aKu&
z(UPq;hAORo^AErxcS$}gl{<f9{9+^zOi%LfUKjXfkhBC{U<+3G53DwFmy0Cb-U+(+
zoNO6zQf*{#jNp>$>)=S35ykhY_4z)|_KxO%)8M;<u>(MbW`}-0<yp*HC=zF|-%o6V
zJo1gcf1C1LCt&zedxt-I9vpeLGykF`ybFdYKZP}Ac0$C+x<BfrP_EsiJ(bRzC{|Up
z_Nh&+6`$wFAU@SibW@KGV-xe-5%EIM>$q#hAFgRuMlQl1XtFuy7)ZnzQ`j2|(c82t
z8T3T&bSZ&Vug4lbNt=%KS-B0Ce^%I_^=1!0{nGywwg4;K0U;XLH=YD9zj+$Y=F5-3
zM%9H+q)Ynu8j8lIYC7nBa~Lsv#_DZD{@2~G5W5VV`^-zRODy&rTlqTb_^a5-u|F&W
z8xcq+?4e|9$;64yIBpwzt`r?dHD{zp9U#8uL8mh14Y44vu6yP1VVv^)Dy&eEn0_!?
zb=26a#%X$^>x)=2Mic4)V}sBoQg7ngw8=z}X!bAupSnC)M9300m#%0oXW)=|1WFnj
zI!9d@P5-TM8HWNsV{&*v^^d?!eVD%(kW1Hn_>KtO8Kv1%TGLO`?E}z!{vC?I^g%7X
zsJ2|x9qPawQNKD0Q#<9`W^ryYUN3hUEFYAvk9sDFZ*NqyNpMm?&ot_(gf;oq*{0uH
zIZBXfir-vY<PrI9A2gw4V;?;1cn0_R3J<8e`qVwAvD5wCwZFv}(<;j22$svUYhKU(
z1bYy_Sh@b)%JH58mkL0lVR!P}2PxlAgJEtqc>H<9WH-LM)jx-0qLMG;C#K-;Nb-)z
zC=a0z=21e<+?iN|P%3uyku1v72=VivAabhbVIk$uZ1k((`xr_mjp^lhki?XnL!;14
zS(M99YTNThuCng4B~hNX-k|=?8gK8r*T-=^YAOnHJG@*PCy~G+ILU`V6GpY5DCpJ9
zHXiQz)cA_}^ZH9JE)S(zohi{I4z8SE_W#&%@XV$PDe{Rq>uzKI*qT}umWG5x;XY{Z
zai0Kh>}Scfr0>TY0pxQVzwyf)a7`$0xVktkRVFo~G^0hpL@_Na&Uh4sX$+L<o2O*b
z8Wh`dkzXMc@T;6XZ@!;dLpg}0kNnz0S~5Y>ZGFD~5H{8@(pUKT3pR?Md>RAgqkiLS
z!mhq1{*nCmG*R1Q)u|zjk@n?@BbESnw7f>KMwqa30>XPOO7$!ujHwGrl{T9!GDVEc
z=Vy@ZSwu?v;oKl^@;5#!RtL-AZOJ+K^sEn~_sy)pvRH*7C7vnwqT+r`c;%JyKu9>I
zXhPYkXX@!g$kH`GxYyXBz1#-nH*oGL_BS%2!y-;^??IfZ9%uHL-I_W0`n1xUsMgq`
zO}%{FY;a68Z@7PYSYx?WS<7}kDLaE|*O%znS`$*bUT=+rYQ2<AiT?^oQvr1(a#EN1
zHh#02Bxh7lXP8WNfpS0n{;%)K^LG>+5*1X6WJs`5w0Sj^<=5lsjhQ6JUv7Ca-@^Im
zzbz#Q!y6pjMOg-`qRxAu%q_2Q3Zp-=9UlyNjBIREG1_lJ^=2dyzZx`#Ybd`!|Gk4E
zR0#CTlRgqE-JG1~_#^>#Sy3E35|Zav`=3wAY21I_U#N2VB$JRU20d!}mS!E?y(xU-
z-u%@k>)XaXy?b<maCA(yp|Dpg3VC{12su($a-leJ51cM`!e+bTUo}f*L|l98!VN1>
z7?#BD{cBf@glloT!)O_DRIfFW6%nbWwQAq=et1>_$Tt7sE5gH~ZMj&nTB4C_@hNTZ
z$VipL-nWp(8$*1{ax|@Ap;G<q|04$z7bfS2*0YzEL`ur#kDvMXl_QD$(kNmn6-}=k
ztDZV}j=iqj_qIC|_mW+-)*zE{Aq);H-LY2z_#}bXyGmWHM|c2T#ov(b&Wfno$cR!|
zUo0RQpvD`QNnWyF`>&k9A#KB}09i8+rm-!5V<wM}xzU4LujbQi9^r%g;r9pW8|*#G
zCW=Zy))A97cU^w0eDak9cJF~uf1DHN^uY>eo3`htX1Yu2LKH0PX@Qnn^1jHoo@G^1
zzU#gpqBO_If7X<fK!ztm?C?*l8{n1dGKw6L@A?}{ks8(#sdy-)9N~-@vQ1K&sqk|$
zxP#J9*4WC+DE~Qq4_3FIOS;hxI;)sGq+%ct=6eMWPqVc7<oi(pB}g}=heH+LzOb<U
z8i|TLD235Hf@of#d^>Jlcd(IQ*NX4Oq6EhxHez8ZMh}|nSt*d<Fe=@>gLB6VLwziH
z?e4~J^wson;I~UUtQ=`)5TDH;BqZ1{eApfe-Bi^vdowk5rId9W_ujm5Jki^iHsrSI
z-e<ww*p9rm>L6&k{ij4}^D;><iL}RjR?jBEV)%pf8cMJbk^a8SNQmL2iCAlS`b5JW
z0YY7<nmo-*U=}Qe0H20VeVp*$?UpC@)~QRYs`|2k;ajId^Tj-jxZBIkQChllHYYGW
z5lN7b>-6Qg&!>_d$+PfLHo8v<i|UlPcn93NXvrH5>QP=tF)F&V4ZkWivYYa6VjE`I
zHY1W261sfKIicbMf>ju)E2yNW5(CzS0h#v+N?n_Qp;9c_!f;6e+2AOwe{Fh1@z`n2
zRGCkCB{pMTbBeD<l)}8)O&V;ZzFzCOmrb93!_ofA-J@hi>tSuGRNLuw5=Zyd+SD~8
zrMKNlw4RHZZbYbrUh!;;Iw?NtGvYEo%rxOK{1tedn7y%_4)eDN0G4CZSO=u~hkoEf
z2I@r>q7I?ZcSqDB^&&s7e&#&1+R4T@Jd=`t9Y(xA5PT=L$DCRyjnBz5Dy54Bmm?pC
zferma+8ry&L3k^k+}dc_BJ|(r<YTTZVxFZVX!6@km$=y8BvJJD^fk5u5HW&ww>0LZ
ztEh`vXAg5JfUpWpTI?R%;SzW+cYV18ypO0dkIpK)%MPjaDqS7Oz_BS8@=6{#Xhh+a
z$XK~JOY|YByH*5T^4t=8Dn^6QzdWAn_4Z|capUR#zDVC@%P8X#p@#RMGJdFhBcJF#
ze_s341yrGo-J7**%Y0cg4br5A^D+*__c1!w<YGku9{XqP4v(D2e;nW6u==gq1=e^g
z{nM_M5cS2TLm>W(4M}Q9SB0Ww7}pL5;lfh)Q0h5<V4K&FY$B-fcR4k)A0_hMArOtL
zbA_AS_z`vhGA&PE)8Soes)T=EJ*kHVbL=*fb-@b{qOV3jpl(M0R`N}@n%<hl0cAdQ
zkmF5jG`lks;Emb-Y$Um3bA+UrfjK9aUCR1Win?;hM9%`sAq-UHY3eOh@f<cJIA8F3
z5jj--tAX_s2-3XYDCqWLg&`r$hWCr6$Y<`smU^3Sj2~8=vwZK{WIi{p0bV!9wpTz!
z&$GgJAN+sj&4t~t^U|D*{KKv$fZQx&J@BJ9OdxVBrgyvc(~f%MKT0d0o9|UFHJ%+p
z@R_tib3smX+*h#?GKb&sd=y6Opl%565s_~&>&n-D;|QCkdZir`qh(}pX*}oS7(29!
zx38xsfBH79&D1U>0=tWBPRQ5>cx>wpH3G||=}}0snwUjCY+gK+dIG?8)B#DU=b|q=
z{1@0_WNd&HDqVG3w80;9)AqsFO^9J<LC}6~J49l74s6uD%|E#KgJc?wlej%+GM%Q{
z=c<_CZ`EHArS6=<e;0XV)K*q_();OPaOat?Av*5R9<lbY)C)RnzDnpXwQk+jvOCr|
zFHdclSXlus+A)fUZ}uARs)f$BtQZEaDz|U0B9v+2ComQ@7AVHlp|)LKF?M`(C+lge
zAts+UCexiIfOI2;Xg0=%th@2&kZ3oyZ=ybTIyiRdPp1{Mj6)PukVwd3-WcPoT~Z!5
zwwB&XB#)Jf-%3TL(B^YqI?g6f7Y3GX)bDc3KmJF^P<20*=8~}<gD$7?XnlWkyLr+-
zZ7;4v(Fj6Dia{e)@HijNZCc;eG%87A>1l}b7O78-G31S@E*8&6Z@*^ef|&_$8kv3H
z#`E)YosU6Dfhr)XZrJv49<-xPmy7YhydamTU`~>K^}@5H37<ihLx+A{ZXfwYgd1Qp
z1JzjV84g5Q+G-*EF<J^vOooPSw1>fRJ}W5Cq`vn--zCqUzmA7>JTWOe&Bfgo9R%Ob
zRnl!{UGPpny?-!X%Mt21X)`lk)<^??1R+&T=Q2vin~~;(hdm|Ikdq>XwlZGOMt-Q!
z__Ad6mk+k!<opO41ZEl_qo|Wc``Bzil_wb)((=9}2jVb}BSASMX7E%^9L3spb8@aS
z<wPC6smciB>?DOLolI6^>3ZfW>hRf(Doy6EycXDIs_@x`7=r^$U)@X8-(lSa9OXRK
zLV8R4b`1nHpIjX|*HF<(awE@8>=5>ecNuIB>Y^zJ7~9z~0{0Pe#5j~f4s4bErx(eH
zNgP`cwT8HxChh@va}Mi%$s+DvzSomd_N5(7waKTge)mooK|)DMmQvP<(d@EpA_z6`
z^o|N}#zsoL4!zSa7m~UkoBoC)>?gQS%iC5!CB&5MW~4mn&fNqG6b$zHj=S_(T5eem
z0F3=U4HQ#WuzOw+X~IeeAD})hY6}o0@(~X4rO@^0!`ioRl2yNKs%G2>iyv;;4m7q_
z+|J}t^<l&4_5ilz=s>aX9toqkdxXw`O&9l%b+(5Qi{w3;molI7W<#300#X+Z&W{7{
zSih~BA!gyP;~PEK>%tPgT5oVbp}h=#0VIMVe)DU#i0il4z=u^Fw~DvObDr}i4%lYl
z+b*-H+Ck~3+|<$;r)uSVTc5<C`M0(zUH<d5&XDFj9YNMBGhL=^PjYk3<EHg>Pi4T%
z>Gn(xKk-=-i_C#L$q<!@R(`lw<^iqFTk9N)*ZvAv3rP<6yR>-#e|GsAlN}4^;LyN#
zbF}YO?Rz&5IUh|~rq!wSl^0}83|5{u)Cf5c_KiW_!@>%_6H;t9F_O>v72!1U{6&KA
zW|s2IUAng1npzg^opX1n5tXXUo<Gl=MmC@owr%mQez;QTB&XTe>agXG?dO<LS083Z
zKlxfV__jRB(&c6vsH%!!-jB6TF*u>?ETeKit(0`H`8Wgho8>`bB3ye)qQy&DcOgWV
zB!bD@5!dY{4e6$T6VHi86H7~OiGCi;QBO~B8$AeBwe{&=+b4k*q})&1)EwytId-zh
z6c<8%Uc()!`|LNGCd(~6#XjIqj8@b)J_VbWKpO{@SiD<b0%T~is(|nP0T)-ES_Mya
z7568qPFZUAWfqh!?FRpsf07@wvWZF-A;Fj{JrqxJ#Ka_0H$G&73+(rf$dVf%bacrI
z|LC{uBNkGz{E=`r@G|a1Nff22;eCdw@hq`0z1Ec3f74r%cp&uHGHXfztPKv&Gn<t;
z{qE1!lFRcBe@`VbV#+vAh9l0nuKD{AVzCy}!ZaD2-a0{f^88ya)9Tfy+abLzL3Wg<
z<m0%EQL0hKD4{kqW1PB6#bQtf=?z>tK4;P?gMM4**1p&2QSA%?<QgCrdy<_&t*7W=
z`x0Qql>n)|Ei(62Y(E9g>ntWiv6!}WT0i(9$+zfFmD5{d#8Dxllg*k_q9H)4TFH=W
z$;RR^Y38HXp$Y!GoM#vD1!-^wnn0I9x37^6f%8^3kj>|^R0p`b{j@f+$d#P#k|XYn
zLo=#RN81X<*mI;ib*^i^|5=fsDy*OqkIk8C%BqnGP<f<#QOvKRd(sE=zZRz|@Hv|4
zxI5}5cy2m;kgRALQc#d9oc{^^<wxUUrjdTGqeSh;9mL<#kzr)g{ccABTKLCtu}Vys
zxbM(VGL#m>d>f;v3cGw6Q*mB7>hNQsM6PA44D`Qgh}s1Kj#9OJP0bQ}kUd(97vKzI
z;ufW_PPoCbc=U#c*k42GwT@&l@7OoIm(~8_T&cxPnOPq{9ZcKeB79_VEYrBP-4S4`
zpcvHCaIbit3SdiBKFC$Hyd+>yLu)^YAjw*-1l_ERz6hE0C8amIbk|(&NoLeBc=5~G
zV+)zQI(q&-ucOEPb&M0LXH}et0uWb@qyB)E6Azug&Q5NVjW$V(IE^US&EIRy@}IQu
z5rA-~%B)#_2}_3gtPw<5DB@>Bvb5-~ZHtPH5!8{WHK=6zHvuvtJTXC{D+6~zgZ`8l
z5902CCgi&D4}!TZxRkfNKs_VmKFkJWpagi>y=WN!Y4RBOB^ei$%nvsUi{wD_Op9FO
zuiX1dM?IgC;!Q<d!%7Bk;?*mmA0%iR-4QpO>_@s7;-8bBU#dW>^`yU0gd4|wtFED8
zii%x7q?$Zqza{YRm&UJ2HEdO^;#`Gz5#cjt_$LCq4m>P~2{i>(j0LEpDJn27+;#du
zQCZh|Nd8!ev&nqakaGZL0&}93wukdIyNrqFU<7*(GMo@OeX<9&e~f%GED0mZ=8?=U
z9h-YZK`hvM8Qy3zoL8k#??9G8){Nv`ofMH@ilXS^Q{2yNnd52F&gj?5ithyVO<VWV
zaGQ87`^p_p9$`k7XfnuL3vv^*b)6Lf|7)I#iyfH=btwZMn4uGtG-RGv?MBNC0xzcH
zBalN#knK@M`m?z>UlxXLs(Kz}e_#EsS>vhR{3DfqKku-JmLb{U%|ZGLXTi$OzKFGg
z_f;G76=f1O&(UNq6@A46tP5abFRP}Kk18v|pSe5<hHllpe$JLQcp0ns6UA`61@1b_
z_}!U7{h@XXv?#yBE`rBalY}5j4R7~~pl`~Dp9}CR>T2~iYvL!EQ9?fCeS#`SJHeK<
z2nTzsw9dZz`?-51Br1X~542Gr?rd0u*{ml-NS<G_xUYuF*x{8`;~0n-)p_15m1OiB
z1l>Iwwn+KaN}tRE#gJ;9BK-&4@M$EcGNsLQq8QAoFY9M2o^r2-HH6>&%8e{rzL9Vf
zQ(0ciYJPa+s2I)_pkuZkuMIs9+zxo3F~v$#%Uh^5w&A3ty1W+k7lRQ$-ri4_Jw8H~
zW4xa7<eN1N*6HXtQ%>lht~2V_R7_J!Fm0U%oT9h%k%X>zoZzHP@zR4AU;ixAHK#e|
zzj0^bhqch!<N1TUsJ(EoT%JY9d2TA=NQzUj6f|~mPdt<!tKTTXYLgQ;eKB!gY)Jf<
z|08?T{XIk9=F$~pkN0Af-Lr*nQbN`7!}V^3ul2<HRdO;>4#96>;U|DgsT4vs*IFEW
zKFn>v(6dg5HTDvid8o6Zf*57Z&m<Al@Y^3@9DEqo)=^zvOyw=F5FgwkL$pF?mlvU~
zlI<E+qIZ|oRwG3jX14th*<Dfb*Zb&k2n2DoEiOVBVb(}Ui0<MuuB`u$o`n2xz3097
zPVW0z6Cg<)S_AO4?sXzJc#hU+t0mir=KKK>@X4Gpc$vEO^*-mo(9g<WjZ?SfZAa(}
z6=;T?_Ft)ctoMejP=7YbV5D|Kml&L|j0qUF0={0nI+nl0<tEnY9QMS3)DmK`yZOE!
zNV|P`@yb?Aj!2@XIoGmtGrXF)5)P>=y_z*b3Lvga#t}}RkwzRx0i&V)4SjcEx`UJT
zZN!{G_6rZp)4|^-Lx4y{35<?13iMZQ(nkUl(v0@aG@-|8C8PP7B9yAMMr!P7h+ZCM
z$d0_4L-HL`o_!hO&wYDhNP9-|shL%S3Jz%n{rBsgZNrQ7zn7Ne#m4^v_{2x38q{4Q
z9aleQA@Ze`CO8<;DmIKOq+aVHP|}cQ)gt-9K8XCUl*eRk*vnP9ayLUj<-v@XP;afy
zZz~FT+St=1IkdVm_tkzpwJ$}1uvaz5qJ}<*rO5V0!+VoIMJzrZ3HxPUsV?qKWM*6z
zA~f2W4mSJN0XsoaZgj?k_(<;)))DpG6}fryN^d?ErU$$}g!C@s!w}FXLJ8HLO$q)T
za$sJ?j`buVp*Se!BFXb*a9AoF=2Fm?aHF00%7=0r<&T{g(;mny+fn#@@<RXXY6p`d
zDH?f#-cCZCG(?{1xbMe3_Ee=0=ESrCfCkh+PxA&A#h29MRnd5!>t*>!UHSJ08}9S6
zWBrK5=ap7|=CM8Oezlf*JC+pphi$mLM<JFSRmTcZFi$1zJZb6T#<DbCaV`BSB#ljn
z7yb6oW27uw?c??-%+AxzZAs*v@r#pFSLvQRg%0?QBL?&EVoQb#rQ5|kq^)vYz&~8*
zo{&a#{^zw4kn8Y}Vv7tk{Y_X~u>N@su)vh|+WrEvQ!jjz@Bn#@7<NOR94v%j$Or=e
z5mWpEVU=D&M$P!mUGabYQ4_^iDTewZm7GkF1G2zB{f^9y1a3DE3s(PDvLO5LV*O6o
zCnYeEf4ND9SfRnPC>C&-=2FQ+cIt3@Y?TJ>@{bjes)R|HcILHD>KFbK@H0-;mdeKO
z2TJd3yEURg0D9&*_r=y@z~j{faqD#h{o(!HS7>!Ps&2!CYz3_7>9_1Q`aZQKhrKCv
zB6TPj+$6U7oeL<sw@Z1`=2xA&?BltEMWZz=3>_Ro$|g}>)?>icI^|7z8pEM7q*<HB
z#0bya)sgI@cGk~VZw)%4i+q!#w`#}?x@8OXTuQ#yTZ?`@pkt)dPof+w4M$Ja<k@(E
z6zm?=U5`D?nwYd+pSDq{_V1@)PjyAov~mT}%|K3l`dCi0blh|~9Feh4McT{ES^b}+
zVE5G?1YpQu%&dB3XTd$T>26yME8LxMBalJ%HF-2|B;#b5^c<e;#A>;1t%1!d2xCvu
zV;Kt<&m)s7@5ahWI<_yf!k7el#e$huT(`qwn7RK)lpy(t@k_1Q)Bi`v1FUbo6~}j7
zvrduH_m22)Bvx=N8XUj@anaD5gC_pw!hpO*_bZi&LQ;ne3Hl*RZPS5|ek}oiCD)>X
zWw~o%#@6sxjL6Bh(gnF&^&J(Pk$|4NGMlkaw-Bs372#}6+YN(sN8WkPKG};us{Tr>
zN>A@;HsxOO!oQB|ovq^I(J`CQH}#|`FCQn)B(6$_IG8$i<~W|I+<O24elP5LN!3J%
z_oSUg?{N6w#Iuo*tJ1>}6-gImRDVyO1Miw(cSZbryVkX;y-N6Y(tURrqt=U`Oz!q!
zh5fi!$yJFUi$5`=H&zbc7Nl+J2;uQSbdoZqR91ZXz+zmrs>&(zTV-AU*4-2^>FJnz
zU<>)bI|L>y7@3!27G{p6G!eS(547MjUzs(N`7{GJ^8N@mv_T{aVoDcrXrpE5+MecV
zyNT$1#ctO6ejs98I~+Y`PY3giaXlAXeDh)6!{2VU+vVn1Gost9DY7|HSS;<w^H?ZD
z42&Uhxqb_MjIl7Pb;Is5OhF#5?hKb-b^`d_I*Z*C$z0DBR5v#BW$k;$e(}Y=Z&otb
zc_{0!OdUIJ){8^X!hR*=)MK~{=g`WESCn%_)id-5jEtm#?sk4yBsCDyxWMb7d{nBi
z0+!Usn}ni(0VZTP<qU534k{O!ABvAZAHDcK5Q}@{tqxHus<(hl&s0u}x!fY~0ep+z
zxOUSl{x(nD%2A(;qeQ!e)gbIPj%n<}CHY1ko2*2NV_MVhpynll;aXxV7~M>k{L<R*
zKiYzoD(c(anH+!meYPh5K%H;QcOG$c&Hc~P6qDf`k<PT|5nTFdc!-X$K(gG*7~9!#
zt%lMcfMIc<vk24?W(&e%M*zxLVTVE|lEukZZLm%^)!!;By_U{M6b`2rW?P2;%VtWj
z6&ga1RyKTT);>*RG1q>#B2*cvfkT+^{wmHn;v`4AJVnKagF--CId1tFNkq%iOV@57
z40Wlg<!!7i{8sAWsg(83IH4aM)BMywAeiKgECqe5^ZOT+fEf8lmRlhuA@jmQ-}`@#
zG%iUJ-6j)BT2*Q$hmr|ua*aJ(1QEP;zFcd9R(yOShrftnC&HIFjBX_5A!?XB#w)YX
zn^$kLL=9H9fV9|XbxgqvbH?soa^%CQK7TAQzVxXjl-rUSawEfVU3o}cvKSl!T*bwg
zZ3p7mQ~;XY_CSW;+GHc3#pYk3oUp)WS#E%+osK5LW7r#vjLoc5cGhXr!>2Rp8nKqt
z0RpEdsaI&+u7L9Aa$X!YjOMGIOx}E4k_Y&an<M_~v-`#q4KBZ9PQz|`)B~Oyn6ob=
zL!Q0&<A6u`!F|H*^Z^2ZdKm6{VtEDZpWZ$=d)M&_;`E<a0|)i+b{av=nk-V@y(F}c
zToz9IL6f8PgWHq}6(fl*fq#6VlvaPX%aAO=G`_$C<!Gj?_Vj@o#w-*Y4}SMK6s}KZ
z$geC^&#Gxtlhr6?VJj>Y+;y;{LV}ZF<h7}2=#NJ1Us3<H=YVpe;Xk95oSz^En^&IF
zrx-<|NldQJpqgn@u9z=JHv23r_IU)}FMhODw%}l1Wk@}Jbc`28O1$Ynvsopp2fjp9
zm5a#@c`n_JlUmmKRy$}{?<b89Pc40UXwKM-vw8?}it2HuaTbL#bjHiFQGE+;QvKvN
z4)=xkC3pEvNdU<1&z^+aw`o#jh-<2#<Qo#cMM1i2=#OXxI_GK*DjtLjW(i{Ghei=g
z|Gc&5<zMY~4%Lxi3o1}+wKt^hgDx@FXiS{Se(a1@qsNf#uBWEUFH{TEk@<U^!3s#S
zmad?JZ!=#=GREp-n>%hc_AVCq+45EZbBDF|IsR|@k4rGV&qwu4QDttB%Z4*)$5AUC
zl?^u!6kRn;b{cC!B)v=|QDvJ;rKM5#iYSkJuA4{#M2k#^A8PJ-eS)e=TSf&3qnMl}
zmR45!M#u(&HE}YUOsY`0f}0JXNYHg>-~7pjP$X~3DlF$%ioV-rg>y$c2fjc#csU};
z(smUGuMMS(m(zE>DT}^Ea<lkLl%s9nB9H#C3Mwpv7V1jbA8`gw(7P;|uKORi4DF`7
z4GxX2iVWuVXf`4JGv>zFTUBzD<|J}Oa&N^IJ-mfqcOnHGzdh`JGmH=a$L$kNWX4qJ
zF4px|zRFn!NT6@+ONEGTrNz}+`HwmphQ5jFWfB*Vse4Ute1LBxTAaA_+@#)cL8r`L
zXR(<pq}h-rilGko&@vZClaOK#SVI2yGe?iwG#T=ZR5cJmWNDK#%J$Rp?$avZxa475
zcaq&}16f6<&Cl9C1_%lv$#14TS7sN40Ca89;MD7tSJJY22=BBxp?<vhCN4s!A49LW
zB=D)4f<BDLax)k93z!DaG2AUOt>Hfcq#kiv!xv;Z3^`QGQFiN}&OkN>%Qr*usLM1N
zEa$XVc>WzJ1@!ojTyb9d?`&eXY~S4ET^JUauDtsl=HWRswLdZecn&*Y7-~27PpQEL
zTH0I`sO&S?aFwu3xk~<eA-I{QO1o%&g9tZ}St$Q@s`0=h&VH~$iH01<dFuY-*?xOA
zic^uYq)?l>dFsST00k?5EG>4~?0oe5#*1Adtc=OYi1A967U$#O=CmA@JUy2WLx~-&
zEsrIFm>>YxqS0;1!1s1~cjisuMA29IAwJsBSTi3F*VU}!o+F(bM+pyBR~><(HP<7Z
zDLxv3kWd8JyDb|=#Mhe7PZ?mi3C6JIiFf)I<y@Xew1lEaNJ4`r3qdocsP`$zSsmZF
z#xtezc}vHb@a@VidgGVz6a(wdqAx~3;u?49jPO8}Lt3;K?!BDJ@S^|kc2xm$OdfIs
zg0d|3iC=b$@+?l<scd4?_yxblVcIGT5$)zvBVR;2$#jKFh=r5Oyr16opVLZE-{c7G
zM$F8&cS8RQE%GXXJTx7P>DyMFcCo3J3g`PzfP%_1kM!dn#f+i~m|#pG+y|g4F<r6$
zeIPB1T`TrH$AQB{w&41auv!ah>Cjy4Y4NX8F&CeDIEJ+y^u*|HF)s<-y8j-=q_ZJ-
z<GgIez7qSPFf7HEJL~w+KRh>bX7}h~zYeC38r`)({$rjtx@w7fY*3V(^{(P!Zi#=G
z^L<&a1CDuy7r+#k5wzI4_tusr+Gd8!+u-!Uor*1g+#NZEw|zXT)!sPvzTlj+$}~dy
z_abHW!7McW5z<ZF$(V&&nQE4z+_JJ{nG`tN32!Mz2v{gVd*60=<RDMM{f*@YhMB2$
zGzsE#8E#|d<cwn#ZxRx4<i9K6!Vy~mV2^Ge1n<Db+FhjI)|to(>_Of?O3>8Z+R2uh
z;D8?8nrl?7tbvYw5!gdt85(P@B^{F!n8x*25iE-Fb|W6FE&|J-J90RuTQ}}9Y5ER#
ze?}d)kbDEHvh5AMSF&tOT<)$x@EQVjdfcDh`H(!^B-mQyBBuih2;zD>@=Yzp_wUo5
z${epbb;Fg{dQfel68~|SC+b%unx;LOG_+BsKq*Vu3ICQW=aQ?#PkJF_`_iF<UNFDD
z91iMtB2}8ER~oL-d>h$IA_c2eAv92})zII}QtEw5e!ihHq~R-cx@vN~z1Qo%@(~kj
zI6eSWHJF37Pss~Xt`Vb7enRiLdPL$`zozeW$pIN&$69G;{-AWtbwCKXueqNXuEmD`
z{gDcA9-ztz8|k)@TSVloYr=z7RA%9@SQKMobEObe*!kr`Y3*3IZ#y85{72%o;kpJq
zShakC=&fgprRM4W)7{YuPzGAg)B<V6TpJ8mzP>uBT&wV~F)J&fbzUtJ3o`O6J9(}Z
zz<C$$_-4wHS?BD_3>p3p^vE*agJQ`5VY6~d#o1=&6XQ7rHJ0^<^x*`K*wLum4M>aN
zxB75StSqJKm%RZ?$=A9+nh)#-l~}qSn$9Gk?T;B!@egG+ibYa=08Za|XC4CiVTx9~
zGh~=O+!kbs27{iFkIqvIJ$Se15T$c)hzlC00G0Pb|NhW#X_hy0-&n*tzSl)Zdl54C
zmeeLdT_mk`hCC!iriYDxLmEFGk4&bEf$=X7!Y+-6o%CQ876y?JX{*BC-lBUWD~}LN
zTw7?sVeLg$OhY-=pHq~?@0P^31y_?&Lt|I7%F~2&ms7Eq(-^wQNvEpQ!>VQ$A=NJS
zAmRM`uLp=NN0@c1%aCv?v0EilCAq%F>`p(n?2S!5klR6XOGfQ1|4fb6gIpjFOGx#1
zQhfreB$j3ulxk9*W40pX_5y$cB1e1F?ipc7W$EhN#n@3WSBOfUZv&oLK6`i}OL#(h
zI_8PQak-$R5(9X0u|1B~tkzatXOOgm;_kBs%D^BQNqqT7tfE2ZqYrI5ant7gD7x5K
zhu0=mPP_zecjp9r&+QpLS<Z?HzLFV+1*{x_7UFP`-;1+*sjCIKQd@yWSDV@zDjhC3
zPq~JVT6XBa=q@vbhEl^1wd$zM3lQ_i<yQ^YO=c~Xt|{-;V4Jo$sv=U>jEKin3J$zU
z!?nfyT}So1jB0R}8NQ}0LZlM=F6QmH8mg?ldu@g#CIt9ULDw^1<wVr#vHCnc1vIrk
znldY3vRuJv0x@`jUM|aS<L2><hcm*z=|1JVTzw*+P=207$gtO_AjJp6=O{)Z7ui82
z{Rros>0mA0(L3g1Uo)_H5Dz`CWoMpltB1cU$7|745DPE43wqdk8~u_D8?((iHqqZ`
zI2Wlqx4W|8J4D&?B2uu4ZlYB2L_w55WjQ-3(pApKQdBn~oib*xzJ};h|59UNmoYz?
zyUd(wX)wQZQsgVWUQKOgzC?%VcNtTq@T3awmF-pNjZ^YFupxe_^Yj#gTp)O@d#eU4
zi(YH`Nc;yY12x}^+&K*lagr*!U(Ks(JFOcWT>q$95*;nGYlNh^(EX)>r?Xq7wd<>J
zSe%K9N*!vc2_x~_udIRh?~=P=at|zH8eSvkh!4P_Kw)Umm!NB#*}xGd!#R+^{)G{i
zoQ+q8n)mM@=*qGoM-sf{Rn`GCJ#U?bBwYdbOp2QVB`5}m&*#7^=X_~7`Vg->!|oT?
zwWn+#D6S(904h=2%&79+P!%#Gx<L9)D7=u3wezL$Y84pqEb7oPFf~xqoOf|qj5ewG
zkp_*_^zN=%8>CM;vi7copk;tZ?khN{^O5!r^|V(1^>1vV`~ay@3zZn|4>Ef$0r~0p
zdwLD>^dPz^F$ejH%%G9m2osAOQjnFeJ7~tdRRj)-EBaqSrk7^F`+K7)mxB=VhZRf!
z1gLT|_OtDu!SW(WJEq17>g@10I=V}Cs5f}S1RklfS@VbTAN<b066W+7M!$Q0-L|z*
zzhV_EaDRc~Y_asZ$VgvF60zrVI_hHH3;pip03AGj+iDm$25Zybyt3}Gqc^Zb#D5K<
z3q+q?vHEGxSDw1_wp_iA9Y5~=G3gPGlx11ElTZO(ojIIcYp`dt39hG^M-D2ZH@%-s
zp<70Wd0G1NU&5KfjGJbDMgd+E!Iy$_T6*Jbi+Q?rrBd=9K9tecesIhJ1|O0!m@~rq
zPWes{C3LO%!eE^qc=(AiD)eN3ll0UK6>a*VIOsdrwr|OOT_H%Y+u?_HLYEy?MQ__}
z8^e@*jo!=UgiYUEV#&~IQ$3pBGB%tFrVH4p#N4$ni080zN8|ACs|ju^^+(IJm)I=L
zC^~#oiEyiC8`z@q*IouUAZo(5EGBGPbw)J+X3Z+gLX~mGj<<M)mugo-+&GJNrrh|O
z=JRywd(<ix<pVC|4&m!ygLlA~H2fHP8V~2A0wAd9d@W3`mk&cCePwoKdtbJ|ME?B!
z-kF~cTw>iC!?%bmU?jvKUee6|e5AGPv2~{4>0dU?YxgG;=<cwG)SbaKveQZf;Ohry
z38x0X_LmSBb$`E;pM%73$SdECzL43Q!Syf9T8Om<UIgkLwK{;-C0p4txQK;T8JOgo
z5Bv$Nu;zn8;<nEIdEL-gzbW?dbLccyX&DJvN~2O;b^$LabZlp#vE$+Pb?X>A_I9We
z>hYL^5D^Ky_G|`ZplSt>-Gu4f`{HfnQ6kfQ<wT+`GtSkSSSGT~Ohp65T+-hC^wWO3
zo)uul2H;RaIV_<%Ed);SqLb5-JERu*p9i8R)<m=Ogkk7App}vFF@bGh|GGWk$!esU
zG8<8dYX){Gv>ABZy4I>F6RdhW7#sP1@Wi<#O&ALvh~LcZBi*v_V?erD8k9!-vDJF#
z3joha{ake92n!BYItmC?<FVJP>Bj_BYY>RmUvd8tfO~zSYkB!np6jvX(}C{s^~1uP
zogAs*w_TMM@1jyiGg3Ro)rBnfGf#a2nfJxA86b2ii<2TGwfns8a2bQzm)N2hrC_GM
zJ!ls|HZJk17gEg(DS5brQ~+$kK$X(@fmb)$b6jxu43nc9evsvm?)eAcQ7Y3)7)@{6
z%!nr+I@}=r#UF>ZjdnxL7CT*r%d)9VeDb_q^pT%zdfb&KS3m9rm;k_+H;(km1sLbu
zTKwp%wt8w>?tU#_P1FAv%}+K3m?DY%0ZSex4~>y`ysYp?t0k4+tO@c~h0YIPvzpvC
zh&gQaYIF9l#Eu#iT1w(v(|GG6rCTaQn|+Azs=C+%bdvs+?PzgTOXl}Ui$F(YVLF4Z
zh^pYqXN#eqZHbzz<(x+HPHVlPuDUl*_ZF}B2i`QAe>FG&rk9F}W}@!z7ab+_lAY8$
zfAk6`C4P`-BIB2ikdD6;S2d<eTCHU^NZRwhx+bw3Zh?6+QFnCNCBr$$Oi9Q6$U<7L
zUU0YKQ!rD5jB+zInAbuYhe((Cjk){0GCFU>sc5L7svbE-?)<&N^>MeWXMb~I0HXCo
z4<|n7ZqF_oP@YlaJU8HoK>%re^krB6WAlb(gQn>8zA@Ab?Ws4L%Bt)XW5vmW?o+75
zMQ}7)Sm(?P9+;n(K0*xi-PeC1GjE@qy)epplzR-@n-yPh<x>$-6uIBs577?0>3yL1
zd}Bx}y9~>*vNCNMrIwbKl09*TvUvGM(|`z|b(eIO$uJ}CVS+(G@&2~9<)FBXW&`Q3
z^NQr^hT7uzE6UmDs6|T&)aup<THypE(_!OGv{W@Dnp7%E!{lC<S+V$;>;`2HL}c%8
z3jc53Yq2ib_qAhIVe8{YE!ZKmqOS;}x_`%v+JH%;Ige#6$Wt{UhgPSGeR<^;*q3x>
zrYm=3YK$={jr@Me0!6kQE1x!lcTaR!cdvIM<ZFi=3UzRuoj^Xm_HGNN$`i^b-bO2n
z5&W?6Kc>Ditct(uS_SEDkdW>MX^`&j?(S|z=|&n!>F#dn?r!Ps?)RwA?f?D4`Eag_
zGc&&(Yp=a$ZG^!!F(UJ+K+oE3<L7|a)imsVAOQcZYxAsF;J9PK$gWT66aGN)dhs)x
zimUd1&ZVk;#v8_oGVKg+><D?!GLNsDE<lq=LTa(xW4!Oqs4~4f(bzZd`{CowH7MXt
z1wAoG?TS=TF}KTBx!1TijOnAn_bCjqQN@^QwI@xvAa}J~aTGrojTr`Z<t!iS|63iQ
zXlx}FKlf0YO1m8XY4sPSL;4!X0{L-Mm^t>QUbe7`WqTLvoWaBZa#r%}OyEW{&M4vB
zk;M`oo$9Fcv)|)`fz$Jw__&-T-dOI{In#8Rso8|3<A~L?YHF_RiMHBcHroM%Ft=&E
z?aK}J+A5F~)CKWDq{6tCkC3d#1d@;(LIz4cO-XVL3K<cVKsEyz4GgowT!b68I`KQG
zGd+eG1~It;S?Ir_*2n<Ayx)(qYf28yGtKU?OG<a=*PS(|XCh>a?b(mQ;J2JNlO8Vo
zaQd=}7H=c*=8BW!n)e02#D%;yKz;M=<=Opp|8oCw^Rn^=3VHXDbN4CfB46hDx&RKI
z+Hmc${^}^Y`vI!dXOr%m%GAx)C-tt&!I7Tx?9|{-;pl$a&yFGh1#AmDll)3~YTQfa
z*yldfMR19B7wJheHLD~?i?{$4<@^vfZ0*28nSRLJ99qFFNzZE|!dH7DiIL5Ro9tT&
zO!%Q~FUI-r<n<D*s@b{A-&_?fB##m(SY=<Yf_gIMQbU_SL-eDjBb5b~h#-v~e#c#<
zt2adO{EkIkpHz(iej=T@)Eq)f#E-$mojoXVamw;S$_iCXZzTna0y{X+Ye&}qDzhXj
zq8iGy&VJgp>adkbGfi>yDbGLF&FH48(DB|&OT<L3EUFw=%{}D7Fsw|&Y4G0Ym}fuy
zAg3kxHAAZqdI!SpjOuvRC_}Cc3gRS$%Vh3dC-e7Pd*Iwcy^de?5J$NJc}g=zK&z<A
z+Pl-Vk`&CM{L<~%YtLHV6Yo!Gm`vGR!pv3jDL*8?I6l8;m?-|XYx7GfkyKd@Sc7_Z
zLr_$~wHcu#-vuo_8B-Cbnu9LBEuB_t+S2h9`tWG?PX$(2(NDMh`WAHHn{)0j0B`xp
z>o7r);XnpjN8LiBD&HmI)4M_uRgx5f+rF6*GwP{OJnemq<rKJP-o*ueMSFmj!0lG@
z0BOD97G5U_$~8Sb7ez{+LNe1BZ0H8&v<*(}m1{@$p`q&0PocmS-TmuFWtKVPm)0bV
z>nZn^FT4Zag`b_=e!oRNR1;|nN((YN%Kmp3ZbcCXA&C<-2Rk45r+7^-(DXVgg!#?V
zApBK1$iLddFi2Gwq#*v2d^7vRY<8o;mQnqlFF9>@=kh*1uaGzA`RuNOj|YEiP|+q$
z$K_qb7L~NGijO*3_Pg&`k%r1tU*X@^=@f4Atj$v!_RD+S9<Bh0qdZMtXHH!BvcWB+
zsW~O-WIgAEXsg+wE?r3r2~IPb!JO%IFtu*kucD3AW9TqBvUh}{*jC6Lbf!~-U4M^(
zdiex!Oi;dmoos(^P1&EA;CION?!2`t6RU2<erd5mT=PTXthkheN<t2G6g8}9r&kmw
zn*INd0|-8K^gAtgrr-pf$D=!faK@>*?>@Dg`g?3raX8T$&1u$!p)RbmW!dEdnloDh
z9c+$Jx~Xwnq^tWqnTM;z;kHOi`#nLXBc-Q@R=%|x^TcW;+xOi?Oo3%-VHBm_kqli?
zMe(`9y@;LMe6BD22?qwv;g1s9VS^~w8BoJkfZS3ItECxN>&Hv9<mxY?y!Mw-4ktH+
z9b~z>+2=wLG5CJdqMMBc@+g0NC%-6>K|-e3<i=6{`RqGioU`$$`foXku1d#cKKw=O
zqbg{aTII-(Kg*{vXl*1hFs%nbi+KIfplQWbYt=B8{mCh&RYLwLk)fgi%wz?Y*72hl
zPh<t|E)sLM6&pQ!KEIsUh6^4tC2R*5Q`07&dTCUQ64IwiR$}LG&V6)!xcK6KHD;_I
zawe9;co!{5U}j{b%jn-+n#d(ga)*gJsH^|rK-?ye`yqzoo>w<+zhbN;mcz!?JeBm|
zbAy(Lz@CmPZ8ex8@F>#(h$2eER7uqtM0>(b@mMHayKQ@`kcA~Ho&T9xJ1J)<bOB=X
z+<cIV!$6`m!FPpVeCY^d+l9GLefbaLmu!1sbE*)?4PAE0H9g;!6#B(gVZN)xRd5%I
ztHP^ed<cNXWli1qKkgKym@C+2hofW7?p*sz_!s`l8)#tpn&%k88ndvt{X+4+apX&q
z@)_Db1ToJB`%@bQsZaFoL@IgN8LrT?Y-W$_3<1l~B7Xj5hYMC(JJ;@|9NXE19aGvC
z;A#t@AG3&8r{Joi`d#RIj%Y14&E9yE1nW!yaazHuY=RA=Hs`gk@t5abjZ0ro68B-)
z^(uVX-}>|KM^Z7h)>JNie>{y@$Gy<#q}gt6e|GS6^Kp|4p?tY=qL)SGLqR^t;GHx0
zY6sAhMcfcSWfIN2+&PW4*S_9^nl>*Jj_(_H4dUf|h;=P|&`vE<UN~1VQn^<G-Eq4h
z>7H|J5g8iikr*0ldQ=t_sB36z1+wFiG1%bui-1z2cq}4DwUN)PaMJ%DW7CM`GJR&j
zRRm&e28{FYKx%nBut!5@8ssES51)Os34X9Fq?+C0jYfMA%}Y8cXH6Z5^-5JOiaqlt
zCDS!ybs3l6s641EJ1?cuUr<!TxP+`>nY;B4!BI;9nP^hM_e#K(+br*LGf*<}TV9Oc
zu@SR=0VI6S5;XG3lKOp}^Sh}!nUB^E{ASSQVyaYf2}!=t@bwG-H6=2!KP{bEq?8uF
zH>_O<$YaPHshN9tavR^#u7$(pxpgSH1?^n@q<Uncv$-?bxgat-OFRiyD!^vyirjJ&
zUaAG5pa9Wt><09#Co6L~^yex|QqNR6%*5i<zmx=j;N;Q4ay8)8njQbGRsN%~WY2u>
zsfN$nhpy>Oji<g%5A0-M$_ntU`J^P)5Yzg_V{z?N_VK~ZlXLp|7_$v%@P530_4X<l
z7-L#~l7vU;lYL+!Byve&pOUdw%gtG*A+14s?JDLb2gH-uj)!p-8%k;|ut*G+yF&#2
z?q3LoM>Tb;4Vjwh93j0%;BEp#tqO`&I#@SC&bdL0LXyBlY;)wZX=Yzd+0q&ltuAj$
z6}Dy06o2JeOgw96;k(#5YSI-#%|0kKFN(p8-icu=1`+-`-X%kQ<=5*ejq#SJ*)qNw
zq=4RBa{7dMeydo&6bo#bgb14&S^3PpQr$Ataulu=+s-uOagl`bD|4sm^1{I_QFG_6
zaa!r0ih)bMrMnSeDqb1E28vHlLuBmc;^lF0(?8g~TJ4>UO)~saR<~0?R~m*#wuX|G
zl<>`=E9R6OBq>^Ne0%#pMP&fA*kf7m&a|ue8T1~;!<_WVrx2jiu~X``r0<r6+FR~)
z@}SIzJp^&J{fojRociTwye+HLK`R-im~SY_l&khs;$=ta`FqR6$~+2Fhx@X&ka=~^
zDv1LLp5IhSj!T<XV+*f`<38Hl73@V`mkd)9p5%jTi<}D=wfi@qPVoR1UOQim(~|z)
z5u}#A&xTOXh0_>8@CzKrV5M}?!~V;;W`1{zQXR^M%lNoH<j9n77!*5E>Cc#Ph8%xV
zXDPL`?zhxKD!S0J$PIXCf6LF;sMcFsmnD%|i1yGMnfTr^CWDwacbhWXD;M+PB5aky
z3*U`yR~D1s0pjDcTWXx7`|O*ArO!vO-`+qgn7z&Fc0W}aA-I)^*+l}UbjhA@OFxM~
z$Du_I#ARtwM>xRI-;Ym9r+{?Uo)g|NEybvzXD1ea(^~WB$finfEpYuJ7__3zf*W45
zU58@^=8DrJZ-KyQH$zV&j!7I*GKjrrp{H^@4a<C*0~F?YtCv+H7~#qDjH4=d)Gel5
z!v~0vy8No1k2EhztgQa>67K1McnS|Iy+TkEb(^kg1|tLHW)`kKrVA+686xVw4#+q1
zrAHQU+qrBMxE1kU#OC!&niUaI`3K}@3c69Xg^OMMk{=*azpF9{4k-D|Iz}Z?{3UK)
z=lqj@0FeK&CNL8>@RN$!)&Tsvxm)$wG;8N1H8G#O+kw5KY2CaTMd1t6$84l?36D?T
zwr%hC@zlG6WE?oa+mX&6$w~Eu^T&pqsW`jb(bIlisp2FbO#Va&!85x2h#(Ep!--Rr
zkq;hv7flq3RJ;i#pKwt{clgHeBZfa~{GT5N{`@jOoV2l9b>1Xvr*q*}$fCrYv$Yhv
znD44t)^5rL_JE~^;3_88#N;^{7$cVDH2ktQU(R88?$Fo+^x^RflnRN57dbxRY)hz+
z-2*ke^tI@%5(xtOPT$naN20>REDAMKEKa9Dej;u?VaCpQZkaCS&`E!0w9N{!7$8($
zW!^cEu!I>rlND~8p{7!Rn80igt}DekunhSrt006^Fe)VjdZf&F&t>NQ5{kGS#N={c
zdb}PFm;GUwdJyrs6FWsa+jMj>yxj$PYlWJb?vGw+_A~xtYYIinhraYh28x0CL;`Nr
zV`C3U0_>Uh$C|sAhj;K9LbL`-t$@m0oo0N7^_>}K*Elc#AyW#Gvq_sWLA8rTbaCOz
zW@y-^ug{8Ab0P+uu44kL`L{@GT#}7KFN+R(0vUkQrg*z=Dr3=wyNjgPo3AqQaR-B5
z7ymm=e)llq-qVs|yGMowwld;TJpT(dJx#@x9TGnEY0EpwKhH_qUC|97e-nlsG=9&c
zF5g`;DnZhgh!S0eARl`8Zk?i7T{|FkYQ7Do(?A4Cqe~7!@B=lA#(Q{1L$~Ur30B`V
zDt7tdJ$uI)mCWjUo9BHfm~38s63K|+ooSzMiJcFX;im`Ajg0fTxefF=8%bK3bH{eu
zm=`wmb!wBtJqadXA9&4xu8>8AmR8g&PNiBdel?f9b8ojC!JT+K-zi;lvm(@CJ#r}6
zcfT)i=%a)Yn3Gc2nChp&5xKAS0d^`q$i|s>5XbRP0%}N50+v{V`eud!fietC;9n<3
zd_T`Y>Bx*5;;4}CHI0T%9+n*QEK6UNBJ^qfnmwg_nhB~O)8PTqZZdl6YP7t}*h)nh
zJ9hE+6CPD$aoS40R-fG=uOKV3lw-iBzDNk7rUe`xSVC#fn4XvSq4I@04>l#<%D=HD
z+AIPO^l=ND!x7k>DyLS#)R#uyNhS8B<fox!Ryrqw&-TY8{dpg%mx~Qms!tJ=35p}`
zw1VasD<v$B5x;=lS~98;tvT#wwsI9RQ(qcpc+MmH@%SH#;&9q;ql!X*6g9#`Xv`MF
zq1$5;B|nOrBK%l`@3j`o50lBbuOox7$||m7D@(G#Ng9>W(wA`NnS=;aZEs_1IV~?T
zS=itKmI-p9?hh{mDwhbNi<-By(hN?|^f8j@>{z^@LF?y&zT>|pP8b(Hl4gcw1{K0g
z&J^J6SaT8-7stA7X#}#iM+k{0cFswK1tL@GUIyImk>r0su}r=p$T^<B^u01(Hhu?L
zvm#J{$&Rs=!!liM1#2GhGO69L)i%ULqj+_ufIoE6!X*6H;1cjubu|)RN5|I)G(E0|
z7+W;}V-V?Bxj7{2Q*awJR%L;<;oM4FuaIb{>#J|Qg~XXb1=376lP9i3GZZ@bAs{Ra
zh6brG2U36}HiHhVjs6$BYQR4%_V1Zk=UDpZBIb`8;@ptV+pn~b$-c7g<|CJgH~|Fs
z7Tsn#tVHb3@qu}q?VfdsUff41z@+#io(K2Y*pgv2EVh-b&ssX~{-yHyM7H0<Uinha
z&#az)LXDEilCr8A0puO<XkYMPV`NeGA{b<3XlAgcYS9WaWdB))xUTVDm<aA1LXB`6
z4B94<as4Ejl0}{^p~|eoruL^N$CnF1OS01JJ>TVyoMAJ1sjEsolwt}u;0#i{09W5}
z@~((}uj=k=+TH2V;fCZ^Y@>PCpsudBErfm5TJJYEZVDgM6Sg1rGZ48v?n)g6>H!D{
zji;2uVS4)Mk74J~Si9&uU;ntwSW6H?d9iOR7hX4C!o{JWM!ss2aG+c(Pq6L9dPmu0
zm|ncjmfZe;hhq*AqXa-1wMds(wTc__em9Ggl34@N#T2Ue>a!WVAP1av$#_3D4pr-(
zNqo8`c)Oi_mc*EI+ThQtqM+i)RV%KcbzV)|OJ}v&<xU!vmG?HbtKMdG1kRV7&C5T$
zu{ul+={3nkMR-RHK%&4_%sn+njo=T3@bJ#mb7m~l7De78O1A)-AFmt!ZRC+70}Fm`
z(VHEaT~FtAt4S3~oD9?C<Bsr)uRBfgW-FZ2P8SLjQJ?lds$>%Kk@T9=f3{tVn!s^i
z2-9r>A8(BGx|7#_{kb?2wg47Xv?JSo#B91D`bDInEq3?H@rXGadr|oDy^bM_g(oKJ
zHDb|bZAFODw_HD9-@p*RJ(nz(FU8{OK4O6<&q@hTIrlA|2JE*wJj*ZI!k)E^#r>2L
zeT<on<~2Uzw_>>+4$8L|>!{cx)T;0E+b74T`}fivW(Ys1qRYhrpT7mV965S!%-m#E
z_K8*qu{ww;Stcm6Q%Im;6b47JQ_9J!vWA9zlwwN7z^;!4>F=p!!Tc|FiJV6h%178F
z6f}vPg+-A`D6O!aj)6M`=V;|qQIu&hYMl=*XmOe$W(9ujsNR{Jwf-b8`oYd9&C<ud
zuBwf}cFszF2`rQ_G0}wIq>SUa>|#R~LH4<?TxiZyo*WHRtXVsI(rLO@`ThG){p%qv
zp9?o2%<l%@v<Bi)-T;gQnuVuS$R><>kNh}~gD#*DlkR+p6q6UCmIbLOL&wrpwE1v#
zPRG^GOjlVCyR^^sw6bWJI{WW4P~J{wTJ$WXs?hr6&~L0BH(4X2fCf?XIVTU93MGM1
z1H86o*#B2&ThUJk_5YHIG62_T<y5UT%i4K?Q<>7|bW|MXiPEGd8RtydTZRg`4~s&R
zQXO049KO@&7+ay449TGl-MgM}>T3Yth9e?QJwBLIy{p4)s(IAAJTrDmPAl+*Wt2fd
zXA9~|3v7L8-N!4p8J|e&WD}oRrN=&$Ln}i2oah`eQ<S1$cV6+R3#eTlo*TQ}t+}(d
z|AjBW=|WGfZSIvYyY5wg<59ZP$~htpOC+v<Az59YJdSa2AJZmf39|79q+r#LiV|`f
z^?H{zSl9^ue=c*2Be1z=l38g9-gU3_t3VnJG+qO^JD0w7SCY!BAHhlmGRPHIpD!$u
zIx2v~gW4Qiryj}UWaVq={>9^o>=pNpcluFlbDLj0b-ptE4OjHCU(ZZmMxsFqLzeY?
z(4y$1AO*U(6|fGbwSL0Ocx$XIc4DYG=TNBFK3Z|%Z%17}G$ogKkZ3O7|3fv1M*Uvd
zDaLIeRO0}H3i>=edOM>BP~-Qj!NK2bStlh1PROa`fTiZCw$e(&c1Lpxf9%UTKBm>j
zXs|wx?XhUa-Fv9lu8nsA){vr(Ah~|F(AAG}gmE>$J9d%pqPI?5>nSf^)gC2hKjc4P
zXTTf!@nhMa2yE|Oy9CbaMeoO*6g^uSj+@d(J*}2k0*~5Fkb|i(FxtDacSYHEM}9hH
z;fn?7m${X1VP5+7g{Y2PDI(O#{nyLeEA>e^S~gaKcht5k2wmj(8LIBEe;}}A^5%i$
zxtpZ&Olu8b%5|B6OnoDJ!+HLoZ$+IhI7zKipCwfU6`#Z)WY#UO5fmTX$U&z#dQb&!
zV52q(`^V`35MmIaPAA+4dEFJr>om{FBs_R*%7zs7W-*k~<s!j!>ywAwEx2?P#@-#9
zmZA5$JQYpRthngMy~MjMmky1QLtM69tlGRhoRG*tf-B@?>VSrNY?vBHb+WE=;pZ&k
z9dL4uMO@EEtaQii=J}B41{>9I79QN}^6ancEC4A;`}poX6r~4v5o;Cb4S~DfcNX=O
zkl{<j8SLYD<9&{SRL5(bQ+_=QHj=mM<h$sme!s)~0jIm5teWQPfzv#nQ^Zp@ffzPq
z5y4G+eaViW8dnd2PW*r`>xN*z0$tITGV&~=0XH4;K-Rll;iMl*4Ry&7!dR+5i(o9f
zfq!Oer`!`Lg1c6N>>BZ_w#Y-OtEs4|?1Qbf?{t+5^!U}crrp{TUZPa}lJ6a0$*@`}
zVyJ#KAFMH@ABpr=lnxG%O*ddSaW@up*IHiNX^{CHC0ZCh(X3#XJJVkQ8RaIMpcTYm
zEX#Mnm=gsIkJ>X8v(N5#AIE^CruR)L*T2$e!{h0p<N9Or7J3N$M3myaCzk+KGeP3i
z?p{mGTcW}BA}s@<#kGLY>kC;}94y@^A3AM5jWuvySx9C`VrScC{Tc#j=UB%K?|TQj
zK(t6n*ShMJ@UdD&Uzd<~&&2zVOy`(**6pt{5P6^NFJC4@W_nAC@5TXdI2HSP%}ceO
z^A=^)pZn!3EcWQG+TJr%FZ+dN8hLmGx9!gPudQa6ix$uinY4$uNLBVjgG^#WSoR6>
zBq8Y(utP92H2v(-48@^?O+JPV8t?w$ywWw1T5vDNTJSk2Ndm%{K9-}y`o60^{3hKH
zuGvJzure2Oz?QyjapkM#)Hl-^risl@s!MJU{7{S~Hm=+DD8C~0Y8xI^FW6<@9pB5G
zK&ganrc7^?6_-1RqVw7Cos8drNO#V&P5C;Q^4lQj0L?3~C9P;d)-n&)JTVs|exVy9
zabsD~xThp*pR^!GGqtbs=0C)=6$&@Q-Ug_%p5S!YQZvf4o;01z1l{_%8O15>ZA7c^
zp6z&}#?)-{iuN&<nnFY4Iq5U{Q)sv_7`9TtSyr#K`$iRiS51Nc<B4TE5Y{f2YfhCE
zc&kot$K>Ly=g<w*j3V%eEN5CN1r6pjJ}Rid<wC<FQ46SmvllbLbbqSo$MK&9{tr3f
zh7wlwvW1ms6W?*fg%DXrrFf!@eK4Jznq|!vvDIx>JW5EIOLufd=-RMOj?QdiAMdRw
zhRQ_K{7h@uT>n*h<fMLU(|Sjl^^bQH)i>rB-KT$rFR|^V^Jb=uRS;UIpbkTd{#f|!
zE{nn-RYc>_>Q=C#4IB7}-JZT>+V-*?rhu;CJ~QOOWX@S*Z8^gzO_+w0zUHVn$hib(
z2D;Ibb_Mm`iGu|fap2>Kcuu8fbCFuAev1c%vk3{=%fY$*`Lha^V13vJ9vM;nbOul9
ztBG|rG%Q61RC{grbn2Oko4yJ*JBz#$afxJ!kb%#@t9zHM(+Z`d=ldD2OQqw1+HZSL
zrnb6T>`&61>ZN7f6Xu4^+TNe(#qy7+5le8KKjg{=+Um?u{K*St+-wCROV>H5mlb`Y
zO13F3?xwGWd`(MyCj>X3Ri$n-oZyFIm4c!;m)}q#v16_rg@mL?WRKZHec7eDPbn96
zZvbbg*=XN!oInSxMYYTcPNO}s^AS#kIVhjTwh+*#bLr!w4!Ta`PKklm<Bv<z&t>I?
ziJ?I=hf<qzPQ(%Vv|*%n2h(-**2Vj-?_+B!{RGqE!OaYxPP<pnw#%Q~-r1U_qr+QF
z@mOMJh}|c2*eC7o$53h?YkHXpM2)O00<E+qc}{=_@2ZOqE9sw`@>udLpj_(ij7}6p
z&eb(|n;>Hl<Wwc0{>44vqqrhQWL)qU-f+~oNvbk+j6`*-)93*GeUg7Z$Dts|8Dg6t
z1B&I2IjE$uWrsAiGde7NeeD+p=O&(L1Pb>d1RiVEN0H@}WP`SVp1=bFzhBZs38i^9
zvlEc{xD<7ZVjXN25e|AO&BAWT&q+U%7kkj|a9=r%GYR5HWODN&ImzfK%X5=B3S;@W
z>1PPrBL^0%V(Yn9%li*WfL@7f+892rZwl-WZchR$k-Sv*u29Ka)#J_VU1hDmWi4od
zqn6JGVpN(HP`H@bmq_rEynA@d_j-K&09vHk`gp%>|A=B(8Ik|pE!mbgjhAoUn~A2d
z8$sL{qbkV(<%h57TcVnu6ve3F7Q@9^GQ|pB^e!22l2reKc|ZAw7zwZHoJm&S4B2#w
zLMQEf-=!`eSB;j1Q~2E_m8zQQ;w#bvc6WdSqjtFG<4nN|H1t+bvc2qmv(NbhB1RzJ
zgvO<P28W>UY5Q)F@%Izk?!K-O>LKvofL968HL9)Dk7BwcN&P&?T2Xoa<Vf$D%%y<s
z+MYc|R4Z7C2+f#1QeIw#M#Ai)Y{Stgf{N`wBa5zPo=&+lxz4i$=Q9P^<XiWf5L{et
zf=AtNrXM(~sm_%LuPzO+23OdL8z=mn<mu3Qv@f=*+?2V!IE#NwI!t{fV09ct`fww)
zQUDvWSd6FpqE6B$4y{sHj~M9ee<C~A2RT+u{P#);y!;~1@;G}{bG7x?*Fp7Udmhe5
zcZ6WE?<N!@gYN<Weg$aa+zYJnlM?-P!vCzuQqV2f76bpc70sds1o5(sEt+u5v6b$9
znxgt5WxwbAZ93mZ9}xr5U<S5PJBtjv*tdIApv;Dz!zKt$Vns8vTi`X{ST-u3U!Ze6
zIs39%DPMjDXX=`wv&pl7YGfLn0&9@*i&rN|f8YzLu^_rO#^!vI26-APAS+s;Qu;L-
zCb*gb_o-(@G9^#H4p(^1L7r5L<+9Y0HbpK?*ZlPhNo4XfhD55gvA%Am-usLtBQKQ#
zcXY2m7`91ZMX`fz3Fdv+UEnukt_~^@hJ;#U!SL=|+$@?-LJ7fMr%bHJ-(P<Q{)bxa
z0*C^Gqn2ql93%9sy4M|)@TV%u<jM|TwBdF(T7Lgs>(SexgkWYF?m*dJXIPdb`L2o&
z`8)cDNah?KJfii%gRyj5d`I~_;{#Nbg*@2PT5f<IID@QRPY(oq4{M~cVlp@*vMe!v
z6+4W(x^jGL5aCxK!2VxGsv*PaWOt}$7-jXHD;oio@T?Ppr^dw<^K|y5ALKs}5kJ1K
z@y4p%vB0(SnfF2VjOdYFTCtTpMbq{?&LFr6I0=0b*sUhPlX@Nc;9?M#F>l*)nDzp;
zCJc7vsWPb2Rw`@B<@9DLA+-{5>;lpyW`q~>2x!m?Lwq_j*1Xuobp4QKu`n?qbrOnB
zty|AE(N~Rm;VMF7Q0})X(?QaSBfKz^psMQ5nACVcTY#U?<@#i*@^W*vcRrW^obipi
zo~EaXD_`f<iTCwfAi7#X@VHUBdhVJMJhZMRdEMJyd)P_J&5@g?Y&$Pp`ZkNsGKRl!
z01CA+H+awx9;%mkcljDNn5_srD-8V&qG3i%<$LJAnI}cRa1NpJ3<83Nd5w&5!^2f%
zYDpjNtSKEfC~KZwXHw@Yt_orNvXg<_yM3%33Yr|Nh<xZlvjI6Vcja#+S^DO49Vlv$
zf8p+Lv>P3i=|{?Ts0T`P$Grggfu46>dukk&O^y}d^T?l8UAuH<q||1NrW+nQb_?@z
z`D~>s9~g5~1xtGODoe``O*3<SC%3%8!Bnn<`RDrZws;mPsB3MS+dWWpWIRM~?1VZE
z6N0QWZ*@!>V?tz5W^Yh}>Qw7sA_Ruz22j^Y!Wab1)8fQ#U}iW0$mUr8+SY$IutfrI
zP2Z@#bO-_^o}c8G4x7rHCHRijNqsLM>!|Pb-3c=U&2kJR7p-Rkc?1@nCQ}ekGg=oy
z%a5n6?C<o?)5GW;*p9fb*LqUmtG@cB@Ep1pS|=?Q#RVw>tHQ(MS^6yHS>BT)YTU^i
za3ciaKoRRzd-noJ+NTDgh~E636oQrL0Ws6E*T9?<B+ixfXylP$hpgs&{0Tp!-$Q4H
z^-qeT!(}Td`$J=mZ5~4E?-!WSXiG4;JmOi1>`SQVly{I-K%}s<%vX)P-4qXq2_+Hp
z${-xvU=pqxdz&fTvH7vO9J2!A0|<Kne~F`6SV2E&n_0bPPz6FyW>KL%*ZOeQRV~h6
z%QV>*TVs<EMrlLMP{i3z;A6J_Im1UjsF-QWgN@a{(!=&}Af<Ze>dyYSki)NjywvzY
zE5fCC?Pp~=t4f<n-Savm^8#y9_I+rkLHgX#+E}7P6vT!%Ue61dx(jzCQ2dFcB5%>!
zi1%=?CE4OHO{aRY5K@1-kV`rZzw6=o5Xy^xBO9e^!>dQgY7bqg97abHg6hE7K|#tb
z#11cr%o7m9rmrgn`u1P^q$Ladmb^@p;}Y>JG4ne`j>{S@)vL#VR!K{p3xOfVL{bfg
z+6vIjFaWG?!Bo~LWkxkwPqvJ-zF~t5`_ALz6V)=*Vqo&;YMdR}g1;{@G<ePPDF-V*
z_9eV^(aUIbvZs$CU90SJ0leIeqUi6>*E2TXq3EV4RCRKkbd$L~3O5KgxBFd>c4xZI
zzGaH(G!<ePlOyvD61k^o>k>LhKYl@&<?<T`{tx*?w=-XjZke=JgOU;`C!HQKKObgK
zIjUDNKV7Yr7AJ4gUYa2pcaWb*&dAj^(nyW+WYT&yXBmv)6^WpzaUGopxC!}OS_F0c
zt{`SeSI0}8=kX4hsrf>}jGuz=Z)k;YK-(6j?wTdOEUk#U^=l7&V7qghe+3L5)dT%E
z=m&4~%Ha`?Wsos&QG<S|VR|6RFy;pPn@4o3Q1eT}YpQpCf<LN4cn2H#Uyi55@ila)
z{xuKE@rtPw>@I7|v1rZH-JX{ptsCf7DaXsOTr@?kEIzue?#<w1cdF|iU(jJZ)&+(n
zZ^W7zFIn3gHj@KE_}Q5kIKcXt0zT|#H1(Q%8q(04!t|iP5RdvMaNLRKlxYPKWynCw
zy8DXo#m%AHU|=_1{x8a|Zs!+yrVj)38(Ho9OS@{M!q{o#B?^~MA<@t))x5IQgwo<-
zljGiCq9thh{SRYC7qe~6ZkaUJTKXHWodLPfKaa|MvX&P&cl2y#*oi)%sj@`kYp>YR
zRV+YwF>SJZ+w<mD7BwwPr}c&xD|sq8s2`VhJo9K~W^sSC>fgmRW+=IqLSNGfI`zQo
zW?|Mz)&kP^YpmM8HFAANL}~ry9lrH6vXAC?m`QE!#HQGOSb-gtEh{Hm;P3J9B@8$!
zO=G0-$4{Gfu^lI}T3eK+b@S-D584)Oa{6c>BSOI8NB-V*VW<Pf8!>3JvSqAz9P$t6
zxBUze@X~JO9`yb}u%Bo=%KST-xgar-Sji5qv3z`Jgtl)$Hfo?87#D}y55#}`-cU2)
zI5`{a)$iE5MFw-F4a_~)tnfT%*Lry8nY!KdYA9%%$;Lw;Czp%#F3#U~A=8>$*scq+
zG3M*a6vXhjEPgKe#4Y{tWB9L><4w$qkwUMhCG*Gc1hPk$oAUH;!+xSzKhbX(bY|H{
z+4gstk5c3Oxm=}uchw2EK84rrZ)b54v0F#5d{C!%wNzyQ*S&u{h$nDBK@yUpDPSxz
z6N|oc5$rzT6gCbJE+O`T*8(HYs8GQDU!4T6P0AX#ab=R*@SACm=mqsxRQH*mZ;KJv
zTAxm?A(_2b!@QbS#v3B8)wvWZzUCn~a*gV9A5|4e7Jf3mgJV@I0y7s(Hr9f4{mL_k
z3q-A46j%fadstiZQt8emu6+K?>O~W9gUBOg-fF2PIXC4ZLPI)L9Ci5CqIXEHg(Tnk
zUUV{E7h<D8#-ucKRj0Z7@bNym)HU2Yuq{L0=8%dh+Ia-q=gN<@&pI4Gh|Wm|{nPK5
zO;*O?p~sDX*N0HW{!D1Jz8Iz^{Dc7wWW@yrE1_kB7L2fGAdiZRp-LTj*HF*|K>Q=l
z@@>U3_eT`W=Abs8!dLcX;{=+^6mjEWTY0v@UbbhNRTZst$_S~>qDq9bA3m+W=x?1x
z2a<V5iDWqGj1d3H7s*agDJ&(7xB>}XLmDML_VSrUCAs3F!c!3dOvp1`Z%dhlz_C4U
z0BhjCL})Y_*!yj@gwZMDm+2%bYassI_gOD>)H{98jj&q->W{@^i=CO5L?)c!@_C$A
z`S$c5f{Z<RPgh&5#;BLT{-E>^QF<SONFAmLqp8)k&nZw3oqk#fg;oieD?m^bWYZKI
zXhCuVwM*<Y(O~~>_5&M<!<9)$s-^!YT<4m!%cQ`SUY@*iOyk410}FWr=8ZccJ~^TC
z%RO=Wgz=B)k2G_aFol0;lbJY1tHBD75YA~yb0tz?4SOa1MlDo~A83&8J1L{y>GvX2
zTQ*a69gzNGf0>L0TLB?k75YYzGv@7(1JXHXiQ~l_Kfv7+gXP2UhZykaT;`t-KL>;A
z&SX0xmxsmI4C*RmdY(DGRerfUQ~klZ7IomCG}Xuj@HnHHBJ7g&0<(M*gX53|g;P<w
zJ7e<0^S=hy9Gk!%3jNp8u!2v6YE>uS!08yX0^uK_)H!RPNu~=5s7>Z#Zu%W#E|R99
zcd(MQ%eLcv3cK+dU;gw}auwzk^aH@0DR7C-FEQ-nvno0>Y5Y<MRnEalDWk$D$~tN4
z2;M5Ht-tx_?FkkXxO*cokf3Thfm43{SJP<PhDAPGfp!tKQ@xe8@`n>ifF%XKYw^u(
z^L6FAd+po5x75XG)x|)V!3lLQjB}m@!5SLdAV3mlJ<F_++0@-&6nDl{qgt8AKuGXE
zr;M<g|F|`k0(}o6cR@;xgln5Sc*mO0Afz)iK(Sa)buxGCx82V7Nb1$r(m#o%gzj!>
zQ^4v+qht!i@c5-teEN~V1YczO{pT;2wPQ6x{G-i{IltkifdhNQr=LPj6$L%7t=hQv
z`a@A+YkcP`8~YTm7w13uY%_T2i;mChv%N5yZ@&!eoM0YS_oOFUA;<tT{H8arx(ru_
zkPBLVem^6`K}kfN2;Wis5(Y}bFNWwm8eJcS2}2b4{1E}Q;lG^5iUn@t!TfazG=mVd
zzRd{VY<bqeA=g;2?Zo<8Y_a+nhQuiSmaO763n5mB2Y=8|J|mIj?>t192aG1&@CeAq
zgn7cuvEpmh1`WS=BcLi735RYFg%=YUA%kfs$|a>h|93u?b^!DK$g<S$1LBHK*|)!p
zMDg=WH(;WGo>gE`hQ%+^R7(vwPtLr+<Kp&uR=zRQX+a4)98i07hHWgHp7%eX1-&nq
ze8uyyI_^#x{`d4I)6qm+U)NCS`Hl&qq)~s7K%sbLLRa|UrqtVwqgFRb95fLX7-Y`(
znmUJL0W#eNx&uDPpqC_}N-i0A{`C^!TZOI0Q8!ceL&}g_S_1l5N>)2fAIe{zsDL5a
zqG!(8K253<TTnBd&&%!l;<`A49`gBiJRdHn!3>6LM{4*GFMT=2602?RE8^wdn`K^_
z^hA`u)fz8o)%cBmhWl=Z%Ofhl*9PbNQKIJ&p>jrYA6m0z8mX#>MOf?|@)VN#PnDKO
z7)BLg3TeLr65K@oB(+v0xXb<jJV_GUtLe^!Hw^@u=vkv>cbiVG5A|8ef)4i)kslgz
ztl!<08!UD+q>OF~d%F3#FF1jo5T4Nh-k0$xJfmtANM$-8@*oT00BxdzN=T|hu-jkt
zvoL=#r+(6GVJj{Gr?~y!Z)w06X?Za#gNnn9TA7@|dnsUWl20joDEqx)+QZP2>8Z;7
z!3yFSreCh6IPQrW<vxOVD3-~h`;!y?4Ilj!!k<zl`|a4fd((-}SP=XeJ@oC>kN_Bi
zB)v<;6@#>Ii2-!cP>z8AoR(Vx#b@L(0f`u*4(wk#dI|XdaBU;#-(#)~Pl7u4yE<f5
zS6+E*6<55e=|#t@<1)@E37&G!21)w6=N{ZrZaRT@e}g~6a7CDYp!Sj8yfHU5j6z<p
zX%ZAO$$JArI(aRC+*n~F4zs%s(XAM=E}3w+0_^WJj!_^)7hT(T{asL$f+J@-(wY-T
zeOj_qMrn|5emOpNsi)mW#Va2|bxPG#rh-A8vA3EA_nsDTGM`<zsJBe=-92yPIr7kf
z!T)m&i>y)|VfrvSM?Zee5DpQk$i+>36wLVnEdgvci3tCsirlRDqM_Nx@E-ABNI6>k
z@vDbT@l1=D#v6PH#0D(YZZ-wZUuNB7k<SKB@w*rf9M};UUiTm_;nnjX(rRoWpPtSg
zmo2{f9OYIeFIb+;t@PYNpd2Q2TpjG!ye>D;8?t4_JMRvNu7sYq{6N7rMtxca)-JR{
zY3d}WOIWROYlWKpb>=WXo)y%sd;Q?=cA7=`)wBxck^vh_xl;FQ({Yzn@h^ck*4k*p
zddRz$C>s@Tm2vm|c)l-BrALyI@3CsTed$(;L6g~~g0-ur=&-7ng2+6i`-MZ0Mn*#E
zoM}60ARO-3w0<4gpF;(H&tq^n`;}s^4bOsd?d~*r6)R8KA#P^%WNLO$naq#i_u98s
zv(`ERuJYLECF#sZQswtx%Pv)u>7|Ead=|=UbMul;905v*{EMC5rhxlG#G(r2zUWdw
z7A--6uJ9>btp35ES+&)nZm}f?99h-Nc--^2wME}cT`~G}Jg~R7x=_$CPOGV&1bO&k
z;k|s?!makV@M%wHt%{P3ihArSloUT-85+}#eki90mW~17*NkXnj@+K{9BQt(Rwmx-
zGgL-xAH&KgmvL)9mTY|#2#NtU|KQ*%<l<12_xAA&DE=G8bVo8+c}xG%aHya5>dt`?
zCrwcFlW`+jnRV9&=w^xrzAo~0wKs1SkA+Gcpn0tE56VkT&N}xfte80EK$sbh`Su0A
z0*US%n!-A3B$f+v^EL<ltM>y=h3}FGST$svw~yL-e_qEDdU%IIXoDti77?f?HGH6G
zSH>l;zNzR-O|70CZ6G>~UAQt1PXaDnVCreCdp3HyOFPEqe|uYt5U7oYN&R?S!OQy5
z7)1W-!RJXIJ4x!PyRh_=(KfUlFc^N-fRj1=t0^Y343Qc)Q$m(O`41y4M95~&`PJ=7
z^S+T2#Ihp#=nO1=a@~7%W{piy&|lTRbKR7wJK=s0TBLdi5OND?Y7;8v_n#otsor^e
zUs;`gn@^`_^GtcM*^Iw=5ZI`CaC)rJFVH0Q?}|{$N?>^nZ0gDY_Fk5)-0H<h(?M!v
ze_9|XWA?0W<Kcb`VO4OPW`W<Y1oxgI<474%KNu=qPzm~9;uwePkvw7=+0!h|&Zl5?
zGsNQm*Z<JU@5qU=HJJnv0FG&>->=FJA$Vjsm)Z**mMDS`rrvx#G0l#p&8D!Qk9Phx
zv`?0e#o)n|V;wn;kpy|F|8Pk&`p{Q-r@{FBle)e+2P&lZR^yvht$KEvm3w;%%h$`4
zQzK1-)S@e~W*w|nVk<uAyDJ3rO$tQ-F=8e0)XGItQdzo2T3~;h8lTQk&xLjpT_Q;M
zWf6WnK=%Dnx2G}-JT>ET-a&QhaB=sWzXi}%puwc7@~_0&T!NPYx!i+MCt8=|A!M2v
zEP;eY3TG+mbO$s8cLvP_QmXD#GS34v<AE&yckwxfYDI7Vmx2R<A$bEa)|ixB98j7|
zAdWIuOC+9iK6W?Oy#aRuPus;k__=tvc3G!zzhUht<HWF{>MBwEaL^A2u3QKe?;E_C
z8LYXmqmBcP6svu9TLvz>yA~rvpU1ot>5HYiD)_~+y%oF;;WlyiyLY}ILEc6SAJ{Go
zEWy^VA1inVQ}>rZcB~~=%FPm6&oXxV!#T1X@X6^uzk<$CP!Wg5&<6FE{Y-2Jee(|l
z++f;idMHYV@>0cb<4xa!A?58g>1is0_w|t&+F<n`-5n56ndUA=%2oaXMagJD0xPeA
zq5riQN%ZsmGPugwm;Y736C1`9ZZRq7+#qWOFv>$<@Ih^sxrb;#`>8V>Uk3kV;A4Lc
z2emlY<aPOs#|&wqGZ|^P;IcKWl0xf<|Inzei|$)V=VjYz;w|Z&_=CUjwA@b1JHFgZ
zoN`hb_ijJ<_Z(9u8J$S`dHG)06G_=6UPZbYl=?f}baZq&7_>MAS$|TtXiQ`vW;=x4
z6fR78;)F|&2l-#3yGIa|jax1ucL0S%F0zA=Wwt~-bj=YR9JprI=#%*osG<a_ZSMIj
z-64~Gf4^h{9+PS~%|;eNsRRg-sf|ch0cAROA^HjE^|IUkX%mlM_bURAG5T0(I6Qhz
zxER9NFH_ZXvY-J?!104hZ{=tS(sy$Ej0G12&BSCRd)Il9pV7!aUut}wvzr_}u|6yF
z!}K7a$jS!#=(PO!tSlE<fGzFP9`elab2wQ_kCv<=cxW^BI+$n|-Tu!I)WP5{%8d&R
z?DR;jQgFyxW@WhEE@#+xC2u5gVJcV#-MV`;kOH7ZNMsCv1x0ERdkl;X&HNGrmrsW8
zsDJ*09A^9sXnF%9Fbtpo3EL_3KIw615^{p?T1LpdHuqq+{zw+1V<Rr@Yn^oEXd;xK
zYno7D&$_mOK;8aoLT4q`m@8J-feaEMHp4s3sH1h)RwnYaq56Pd5FNUu=?8HQmNKUq
z{D6$!LTcaG!8*%s{K(${t|=$2=k`yjfdQT&f(@9$$UCI6@@oFkQ2AYGx#1{iWF$G1
zz0Uk!O4(_a|Et?h&7p2%QUW|dCe^Ylw4VOBlkM}xWD@?6iCfK6G8JywEPP6*->}yt
z^CZX~qt@I%P{^K)GgJtegHvf}$g|BDz;a)Zk~)6g2He^{CrD+w@3`&oJwg{=-Dc>v
z@`l+gf!8srH=Fte_~Dl?6U#G{+adiyR6Hr07W88`{W2Mm^wd5yh)V*Z{;hHEz2h_z
z(yS1@(hU9L!$Jfb`|Yunodv#CAcu;DU>m$gM52Ykf3GfF1^m<*qWKyh_OI^Unupsq
zaHw_w&6j2vrW9yheSewEC9!%HEa#biyj^VwM<H@Bd{6-@!q{3cbW^fE%ZB%8T?KC6
zP0Pr7xy#_}OC+1ETrCVta(D{q5~h5ub5<U;wUcpaCO*%+y)QHg57+I#9*F7)Yq&V^
zlb8V>A_`KY+*0ev;!bMj&(XPd+6=VV?v0l^7lcne)}_RD@Fcsc#OnzkO4u(4$^OuL
z&OPUG(t|~b4iRpP*0Q>N)QH~hZi@r8`TM&g_yh!X#?3K5o)OY`&l6YP7bqk|b-x13
zwmlwKjT;541SNAXtD*6_7;rpo-QVxF00YhJdV*$5Bh55i6e+T0|1(sgjWVO$5q5ET
z6=7Bb7CQ4`s>Yz&a+wNn)PLAag<R10`!Y=j2(Z+1O2_GWEI(yIy>$9caiqR_aHfx2
z1o^BM;g(8!=r@rDAqgcy1YVK&h;LWBEjl%DvZ6pxsrv|1y-lEP(go_G9#d57p#Cp~
zDc0@9OPJjm<9gq7ixE2!^(ug`&E*;BOB-&Cv*fYLW`UzBh2BPqbr5y?774u_5s+4^
z_GDF?`Zs+mqBAniLdIr^17f(`YeSMnqEgscd26Z}E(_97G$FM&5F^ZvMh<2W$F??K
z&*o-;%h5+~x7&w>pq&)0mQC`3Z(1!jiFUP}yg;Sf>+>P+-P6z*-!8$!(536zb49{y
za)DqYS^PX#di7LM8KRzuVGp((%H_!q#4Hc@iu&g?yb?plR|tI0IwKvt4}Y*PCs*H$
z%}(i!G5sO=dcD!7uRKmiqys%O#!N4IFF<`0AxmZ{)O$oL*X2d4%f6FJ>$XwS+%A5V
z1ml2iTe8jub~+^LfUekX%@NzGM@}^f$p0lTk+#uqlca2t`&yupfu;}z&f5{%vWS{S
zKNCZ!rgyOji@`fq$O@v|XT*^=`dOsD#OC8R{*2JAgUHTJU=3(}>RAG+fF{Y;$%7Rp
zSU?n-dbRBCEj=#7NU_^r0!MVe(Ctyz@hAA<PT)6E#A0@JvGgfolyjI$3MnLvuSwkb
ziG5cte9(tG|6*3ZEKXD7mdQ#gs3ha#kZ0R<zNFq;rys4VqaWtUThs_W)=JXi>}eY)
z{Mkf)JM{oqvF^_B{0%&cjr_MP?TTM#WCi!UR+H!aw$53JTDF1%goBB2^9Zwr(sh>7
zU`l-6{f{jY%#Xo2$iFhVj<p1*&);B#FIKc)YcbBPahR+2_=dMk9BBbIB)R<2a&Aa+
zUHijE>X>Pv*`di#Humc}f4u~p@M8jiB=aIKL<(Z{2%78KE)kLY!^P8C$>m^?)98C!
zV_K4&2Y6O`_m5N$XY2GL1@p&i!cK*bQK9R(01ci)80In^QX$zvr$420g{X7MVY>ia
z`&b9e`uTp7YOs@zIPz};AS*)xjm&5eN+`={xNU0ZM!wo=5M3E+CIk~2aRB<1gEYN4
z0;GghX^dk?+3cUWN&U|lFyzh6wTTqe48i{$wxoY1qlE1&7Kp6UBqFm2UuK&l{lfL&
z>WZ?enlS17PU~5Klf1<3JH`P2?s>d>uLm&@jb9W-TqDY<9l(apKussW7eSbauTf1>
zzOPO|^Pz<-O$rKV=7hRo&R(y&T9$~p;6ki=lvOj?K5zE88*?{S`9mli@SRdtD+F-}
z^0tQ7Aik$Azf7y>wSZC=%M2w5*kWWQ5|@yZC_)M_$d)QDNXVadS%bDL`OhF+ad3*S
zOd{ez2C>E=Z@AsYkx2^{Lt<}W_K0360Z`KhK<)|d($RTc-T*h5r_H)L-zzE1s}oH-
ztWb~J<Ooecy;gm4x}m1mPYv@{8n9a2F1a!bGrwq4`~s6FIq6P#$qqkcHj{p-dE`@*
z+PYk7cwTEUAo^3nTmx*uAxh9!g7@a08{6V9Ltp2fe!4pF**@)V4jo+bHD?1SczlHC
zr>~D8=zX@v(7Gn{qbZ%qS<{)6lW4dkvNgydDB)Ex{dEg85`IN-kc%#mP?n+p-P~K8
z<g6<b>1fc+L9)v$ZZ(bSR9V>d$Lz&M)4*_&+hM$+^O(zaX7&DNuCs4XHASEhhKcGD
zc^1BYXE3p=<@pJixM$%qcq!l##r%<%5Sy1PEWL!bt9Iir*=knPJ;`qew`Y?-$#Xo4
zj)B+6#~Iai>7+C9$E@-=Rb?mSH^oFpYu)AnFZJ_2(8ezD7^CK?8)nbDG;x>lm-RwJ
zuDXt$#N+j=Zv5_aZMT&)y9Spin8R>|pwZwUWJ)YDprB|I4SA4SDb7H4)$BeujsSD|
zL|#AbKP2X^BxoA9TEhGriOG{6fb0&_hfHpuGwHwxUnRvt`<c9=5t>--gCzB?(dpV8
zWrqi0hU%`1#N|Q2UtX4SMUXznwPk563b9n6Alrlw|Ay%(mIj}aj?dH{(5;6JL>DR)
z<QH;B9w;Ib!`CPFH4mI*8I;TZlxT3t9&$_vtAh0Pf7ms8hzU(-e*}gIgo)@ZvwZu#
zFE9Ih<0;}anH^=_W<{6vJ{}Ab$yJ?hw1#i#E}hsf6k>4QHzyRi3hS18;ZI$rOMB8t
z9i%LP52Dw5J3#>398L=uj``L#K1Z7>ue=l5xSs77%_|$3VRz6=PgD2U@u{V*irnP{
zj`xt&?tScv20XQXd>qv<o$>8W_AhLs`9@0KSXg~4r+Ot3-iVV*m=2Y#(oy6PlJhsU
zI61>GUaU99SQzr|4Pa5-LoGy9e+*MQ&~}f<RR{JAATY=nH%@n@wby*<P?n^n36j8b
zC}7c77n1NL(hv#uSC3Frf}{u=${}IJTt}<m`m!ze53AHn<2V#tnQ+8`hU0TxvTz4Y
zAJ%MdgN`pc)%o@kgJ6Hn6pQU{Bw%P9s?!IT8JTOg{WLlu^X^bL{4jCG49DksjRLqz
z@<5~&g9<uFDRW8feTBPpE2!(p#Rtt0qe&7|TWFsQYmZl2t|yQ(Ct?Y=Y^8d=;iwLd
z;KV?Ac^hy;O^;FTL7I2hfbiscbM}kk+$ZQHkFrG3G3CdYh^<Z<&Yuie#^5?rIFPnl
z_Y%4&a9|Ki9($j?h@`y|eBuZ++r0ISw=5KF6sf8(%2fMeC;Uz*OQD2ESwfz0iP%_O
zr26Nmf{gw)&cD)t_H&>EZL50Y4yZ-{Hn~9SvY{+YJw9>qv@ZX7U18XB6~c@LO1?So
zQs{03ojCBQ-N!*&@xZ2bTG_5yJ^gwY-^%}|B)zAM+rzO*I1oNSy!!l|J7d_?<91}P
z1Bd4}|Adf7e0OH=Z&J!`=g)Q}%+61Bw~TL+^IKNqK2mq~N5C(0xU2A@ckaKfY8r;3
zWg;=)61Uf9mB{|=@th>WikQ^|PC-}U^&g#u+eWx1iFZ*rE7_(`UU!#1kbJ6(dD;k|
z$uuRrt*4Q6m;Bxe!&z>ii%^!H<L%twfyKOs?{M1odLOR=qhxv@^>`>p3KhR;!z`>_
zL;vm~K{+e=ymoZx#9eP9rElr_jQcWl^{>NS7JQ}Ereig#whr0~M^~r7h(i%4PDEFM
z>7HZ}VlSkO8u~%Q<caNzmXP`t_~%&GA7ZMf^XC@OmRyRn%PNkG$<6DnZ&Q_gYAmg0
zC#Y~r`>XQXZVHbwPu6LEVhzn$8TW-}rcf_(f|YJ!*>fuKYUc_ow<eW+?D)8Ne;7^w
z(ztfs^Ho)0y^V_&zdlNf_gY>p@@|Y^`&|ROw?Te@g+`m(bpT*ZpjPQUpWa6IlHagc
z_t}TdBVMrG5m8%<vz+cPXZkDy@rb7u|H+>Q7ZOKLA_hg-KRC%ZA9+w9l_(*&KMUi-
zFjHM3xR}23e>U=vHY}HGj9@*i^#7Q8%BU=xrV;7xl5XklknV2jZjo*-y1N@eO1h*w
zq(izpq$Q-|yOsCR?-%Fnxo&oLc4l^ZI=1kxX*wJq$;*BEnMXE>a)_QTZU#hc?ucTb
zeG;<(l;<s=bwhtPMk1y>l85cy(DUw6wN+Kcih+=DcK-m}tlU@Qbd3YZhq3X-i$91j
z7q9FJnn6b(`mhem=L7Ew5kCr=w)5K~A*%2Ry50>OQH!q&rRIpijX<4Q0X3Q{DbJOT
zPe?P5O*SGHQcOyO7hntMllYH^0gG)|gfpex84?SBs-H@b?w<Z2#9u?Cgj9Qiw<*@Q
z6aR##!C>sD6wHHFCFmzs#9V|T%#*4qmQkZ=E1#&p*(pz}oAgYt@K4xF^IHk(L?ezN
z`rZ>XLi_3uP^#Ey-3$=3>j)$=OhQcXD#^Ju;k}fUwAQNRVxjRRk^mWvPe*b6HTRGK
zBGO+LYeEqTNZ<}cOVAC~_O%a!Z}NzD!QNDdx0I6?mZ0Gq&~|eK=v*o(Sm?JxN{r_Q
zkv2WduZN>^lD~0(Zmva2xwDd5bfu^(t>B(G(#cL=aqQY8h_UPMaU7*xef1|cIF8ws
z4UaW$0wA3sY-LX1u&Qdj6^Ae<y^)H5=~KegpeXO_H?w;i*R_fJH(qzH6YNHLp_C(g
zrbC$J@W4MelThc$(9a}zUKtg;)^2N`nf%Ih>Q`!3z|GI8cY!}XXqm~tq}>u_Whe<}
zT4#nFer>;9<-K*>#jM;fcHh{^ig{H5fEkRFotZ7_nquvX@MitQbE!IoVJDBCsRXo<
z*SpYhkhzQVCgb48k%iQ9u?ScWAH0?<nnCk6yHAUCofuR&==J-q1(FZVf=w<C;#o9P
z5?AtNCSNbjB5IN*a+3?k*>r05W723+%tqxKg`(<wVqtLCq=+<yL^<n5BSCo&{8!e<
zi4dl^ixOVPa61!2H0@xhPrhuGK#K)C7wPk0ppUschiJ_iMXFLDdej@04tuIqan5+Z
z^;Ymm#>XZ&rly_^qtMbIollKjU>Ee?t5^oM8qPn$U(f`+hy;3+dHPP4%n_0v!=RhA
z9v*QnOlH&1_#@K5kP<4~9?Ca0A#mc%KvS;&=+a^v3jtStm$>4-2@;t(((Fp6zI=tC
z(G0xlbpt{%FJ(-Po@krqQ<w7OZcQyynbxBrk(&-uWV`3ZkjL^Y*pf#sPbl3D_MpZW
zB<-_~i0E9S25-&i^|JuC`KML~h(C|uS8uo_K%fkM0KeI{eo<IX2`dplE;W3ec!#9h
zSv^^d!vAo9p=;Pc7wj)#F0|)@K2J0fTym9p4fVZc<w}>;&t}bj<;|7b&w2Q(jE2B(
zyEFoquMP6oKHMk9z&d;PSJbH4eDysQuO-6!$v?lk&}w7%XM6T_91a5@RU?brZ6*$;
zc9RB95w*WSvo!&nIX#GaB%Ei*QclL|u>4XT*@oR9RRdA@r6SE2QO|kzQ}`WjRfe61
znCxjfs>uLD_%DUZv0~QIfHZeVG))i01$yMdHIG&#PF#wN6rY!Jk>r%l<UNDxr>C%p
zI0b#8+lIBL?*REOsHOhHz7V0@2bl_KPK}+OsWbAYLn7?wasTJ7Ue}qtWf|RIasuxb
zH<yRw{fwz(qFw{;C3V1y;i+PgP+>{e{k=^o_6m`9_7>HiNkSDVNk21Ofby+>WE^-9
zIRcG8Yr2^)qwm{>e^(2SFl4(cCgObS?+Kh+XR-Qw`E50O>3@|)*CpUqee5J%R1;JG
z8lp;hbyTeVeWy2BH)6e3Z^A5UYRx7lq^K}=cynA~M#9Gm#$NwgA*AnfDl+<-o%V+K
z`DmZu?9vLBQ3Sy0(VP2h{|rG$``k*d^P-IlGQnzy)F-V8b<_7y%faj9rG5t>;%XS;
zRKF49oyTs#p@;j~^2&DqD;l!qlx$4H?wBz>zBXCrF~7WPTUqp`uGdwp7?QBK^W-ZY
zp4W(*fW)LEH2y)*Rg+tfawF+(NQo^xL#!lMQVE0lHSAmarmyZPTWiqH_O>#!%qbap
zYVhHijGL&y#pK5>;7`8PMJJmM;sRexKybt`IhG)%IPB+mFAb$$;UQGm?nvcK%FM+A
zeq7m}zkt0SPk`V@)OflW&F<%x?C63DxS2aio8N-pbMD~BY+WYGP~oY{^gXy+w%T5@
zyIw4L)y^Hp+|sAVyA<l!d{7(U+Bjj3Br^jB^zRahGxlF13kasOvRFc;jSF`E4)>=6
zKcEDzkqMkmh{Qp~$A@e*5sBE;^sj?q(6jx;R3B8tjmI?KC-vf`{qUoIdKLU%1?Yo_
z#SJv$YU!|`TP)YgQx`k>fM6ppx@dUFgsQnMX?**qq{C@Dn-x)exQ`QBoW}sxV~X)-
z+i3iRDn=RG2BTP_!wW0^GB<S}I=<h9s_&TxVvdP3FnMpP^Sjk_tH5D36k<acg?l&a
zgq_u()zD@(q3bHnJq$`Q10FPADxk&H@p09U#Q2@Hs-bhg+xAtYy;DCjYx5wyDP{Zo
zp=tF9W<*XxTX8@*PHq~IR!F2)&<?aWUBk1gJ~}v{w(3N_)o-gw`z%55{+@uVV3gSL
zJ@3HVnF&>EXzl_~*wzKQNEPCk8IfBgNHeo9J&Uq?u@o;!Xhc#d!57>2Ye1$l&VR+?
zH7+)qE!etKrpF)f(nG$sn1O4x-0udwZcZ7Fu4Ww}bkhXxOwc-8y!$R5pK{yS)cPtW
z%hKfLXuJ{y8gsFCev~5+^bkk}fMDQ(ie)R#{Sy6(9ML6ql(|tdKn$&#m|pQ+H&|Rv
zxDu8L&Ka>hF8v|(#;gb=f7J}LZ@$p~&=Kv26TN|yFSJK26SF9HlJ+jT%YG%ss1}$%
z1I52x?oDPS%$}?0JM_?p^snB~uTcN+)cy*MN&~Kl(P`+c+#(kcDHwx&TsuELbQAFB
z^~`|61qdz~d776AUGJw(_BS>bwhW&Kkc;RAeR@i)I);(&J?@F0<$R1{MzOD2xp~iT
zhwW~nF_ByEu9l`Y!t|Yq54<3?1|^38F}?(4LK0H#1uT%8S1Hg4Q&L*ox>Q;d+2)rn
zaV_dgT}Iq#Uhrx2>)P+!p*g4N-)t@$oA@zrYGN1>i1J}%x4Z)K<t`Jc5`vd!$o8qn
z?%XIQ;WjQDM6nE|4v~K_p)Mq~jwND=su{woZs*HHa#*UikU{Ln2r!QI0H|ZqK;WN4
zNx)1J@mfGhP~*?9xgUl(HFOdo-52#^^IoNOxM3)ro@q}FdT+NRL<W8R{08Z}4jaA%
zlF~_zOOf5eMrZrevEQjcwgA7ixDS%s=1F?r`PRNd#LuP`PM%e1oe;L2RI*?#N_YqH
z;&oUFC7da=h)1H*uoZyQe?;Lgy_`o?Z@f9}d~ibA+<Q~REXe->sj)L_K5+0<xaCXG
zL!De(y6g$Z8(R8p-iQmQhK|+!bWG*sLOm{7uLdh(?CCuv{(7rg2ceBWQYFJrX9B6l
zb_QQZF}bQrz5uVW7>Bgxt3~oG>Cd-4O!8>&#qj|y*H=xSnEva5VKNzJIO)3X&jWqN
zx^IcEn3M5ZC!#%bldVK@=|nSi3}Db}^LbuoJ%n?R<j?M<dP+?afm8V1jspwcL6UdC
ztQzSXWdUTEmbfAw#9Puxs$xklp`aVch(_6nlHy}5coq)B|1$0ej8uAzfYZ)-&}q%9
zE7Inhv;{ajEUI_0gb1vL((wX#!fTct^mEoegb`;<8V3s`bJ1p?W&h3yr$;qW0dWBu
zfsJ%JCPm6QRdx*+s*btQv8<>8evuk}EqN4eDT*|*%~#P_IoSVIa-*^KfF?f{{@yJN
zBoeHP#zCWEfTFHhkMB7EIKA)~&dhkS_iaw$WJ+}zoH74t$}coo-c~15Ia}WPQ*i}e
zwj179oD88|Hn-Sb5Gz6<$K!xb{1XYym_m571WpA5Gd^Ec+z6F{#qbv$rG3^Wn{n96
zx)2%}!hekq@VqQyae6#sadZRRa9bTIeY=2`3eQJFQzo#T^QB{5ITnX;gUJz!&ytao
zvi);R>5H7^s!IFD7sHO#cy~YFLI<Dt+!NAzaxuO^{T+QkN7O~OVRk~)Lhy#sQg?|i
zO)rEvQ!dFXp%X&DW~LdEeqcm2L02x#4PkooH?t-RVa0$f_}YN18S0D`xD2xq1r?hy
zCoqJi>~NdNs8iA;u<LT=1|RVBgv1q~wpMR&fX7$h1+?y81PP33mYhVFi{>3K#*>>U
zs_M!nUO~eh_by^tD=l7zxX6%++j;!3;gd`lD<;iMVT1kSRv&|+lnZ9EWO0h6i~!TX
zjGz^rk`Aw#L?}>GBL+~F)HfT3aAJ;^LQyE?{zd0&nI#i8_$3o6gdQ?SMJMz7NBN}^
zCLd!Jug_SAin@G4bB0PDr!nDc$_43cjj4-y6ec`b^Mq4r_I+G(e2w%<$p4uBi(Ilv
z2!<slKR!vH=NrJ9;e=7ipnjPGD-hBl!=q610|MeN5UT7`Y5rwJaePpu=<!sf&<(g*
zxDhP@?fe+_oretvOGQ~pEU}>EDgR)B;0K+*tL4~|c6n5`tHt>>u~6_uJn>8N^R^+H
z2}}a92sCVb%3G>TQR>b>Vl=E*G?S@$bdgL7tauvp^5k%aXn$(9fIkf}(prW55l)5t
zoe($8&(Wn~2{~O8nN`)Fg6F(6&U(_$@K9ZsbSFQAGr4}}7t5J()jN4<<B(1|qKg1)
z6OJUWpLP~G%PwKB78F{=BxEUNjS>7xzE*jb2~rky_wt|n>MdSo`%l75fjMHILaw-}
zJ)pg5kD+bj{OjoJB^t!NxT}MxH7OSu)_uOh!|JoF6sbQsQ(w$rS@*kdQ=QaFwZ}76
zG<HLdE0zUV<UZXOdd;7&SgH-)6Ew`t$T$cfRd!Qbwn~y?IiX?4eWb7tuDL=08)gM-
zq4j(F@t+1LjR2?Ph76Z!4WI~Wu*8AywVupmnCf>M%-^`>&MCEd`*2(lM%hALJ}{1Z
zg+E3z1j5>$H0;*Sj>}lQ#0HAM(HDiGt&iK~`xsOVk{qZtcu@MM(W@z_6B0j@(-*up
zWR}*#$SeEegkoMZ>9^w78OZzBl5-%2+F)pf-WX#CLUUfHNj5sJJ&aJW!QP5#lbCAQ
z38ojp_o#mx9Z^eyF#3@VjrnFrU*LW~p_uQdG@ZWo)khuT-jeYpf^~I+*{uF8x5gxQ
zE!P)cHE2Z_ruIY_`Y>9IJqE3M@q${;WQH_YS(f5COT#%HlU%OcR`ge=dTo%FD{*2E
z@Vjls$gIIi(6zxz6Nn+T=VXa%oprAdMmHZpkw*?JfE3X^cF_6&i(c+5uj$*89CG18
z(^^Q({-{jt3o51pEM4$w(y{~0`rV~!xM-BZBBXm)4E@5%zbIii4sC(MBS#(=LQft2
z^BZ3xr0cpNr)T}f|5S!#?L{MZ^df%!?x;l}KCHjcS3i<h>WhbIS$JR0H{vbxhq@@G
z=aeq_&>@*l#~#hR&>%0)PhKp$*PX4rAl213!d1db)?PUeB>^X{B(V)T52Bj9%$g8O
z?VVpA_U_7G3e1HLMOf8!LSD_XMqxx=2Qp#TU+K&ZZuZKpB1ZbqGqXqA6j>j)SoAkf
zCyOqhF4P#$Ul$!&_1Wt7UJREJp1!`^xIotNy>~r>0nc;Cb^n9*AK;grSlFLPBH(d^
zv9M9jKIN(Tn{+vl%OroMLlBjHm*CH&Jm9gTj*Ze4$@h;6UO|xojLpzw<Lse1@Tmg>
z7mZ{2EiOx&$=@bTXTB|73kaECLpw}8Ry{YaxZ~azh`0d8A-MJ@`knprd#1fF4!Y`|
z$VM2mUNIzb9s1-Oo-uF?EH0Fc<9uORb<D`a#A<Rxnvo+^0D^V%ANuDJ#dVyJ#WSr@
z072uNfl$!KRi@S3R9VMJ(vO)0DGiQ#bx^R0jiCnh>GuUU^J}d(>@Oy(U}`xQH?`#j
z!HC+@XS(r=sdf|O%AvxeUVG^;gmdT^oA5N<Ji=TEtfKMcqLyjQsu=7fhN;1?8s>;1
z4U`G~8nR8W0jk(50jj_rUhlY^EcuN4@^XUewf<&+$PxjMt)OF0o)PvHu2}+D3*h&~
z{sj8`(>JjT<*k=X@93Ovgem+chGc~wt)&E^<|l1f5IUVNs+A4}GsjiTilx?CRclC=
ziuW&87;LS$mFKCrr4w+2dm?I;+3)-fH-(cGs9&iMX{4W)6Ly%TGpHHu#^<??xU61q
z=l-25iI;9w%M`-k&+QZ!AtF&CienWSUsjBotLBRXPfg?gK1C|^XDs-ekEtU6HsY}U
z_#@Br;}6hA3rC_zSzFD0f&zjMduMS;4@=K(d>?VYpFQ6YHIp@#?0TO973)N6K5nLk
z^Q}CWUbR&jTqFIUVSq&FIVmwOqK^{k;*1n7qcLI$D;U*GDh%fv4yqnXZ!ah9Q`i>I
z(8siy&iXgI^?wOGF6_;6{SU%r4v>hY6o^~eZEvcQSvgUm&x<<g<-=34{n%VvON=z?
z|AAgf_X)7`rx*UpphhJFA^3C3=+~|Tk~h?`G(^G=zSUR>a05NGmn2FL@KjOkzACDZ
zvD4i=up-GQfm`HgyoaCOiM`Jc6(jX2?e$lrNLxYgBxnCi-{%leQuNKxQlsplW}g`O
z?;x7ZA>1M6oCVAD^v!e3J=Dx^PXMrfZ=0V7XJ;Y$&@w)WY_4!DGcl@|-zK0wXGB<s
z%mib&w1jAVAQTJ^Ss5R8co8_iS5QYBBJk-NYKoQB#SxhG5<{8J6mY-bz?J5GQ+wNT
zHxGX;!8DBcH)4OZYS1KhZP3&N)iicORkOlZq5ZJ4mvaFW21k|XPNiNd!^)3iY!#{}
zQEJjpMt|@sL@kZSFxvVlY`go&`@F&?hx-Y~9O_(<+};3Qw{C{U_4*`arseswdn=b(
zdLA1A-*sBzk7Q$!RO%mRQcae^-&;k6UaWpSCM89Y=VmNO?0a-Co-D$?yQ?btG#jHw
zpJ%5<;6y+`{|NbG5%@j3_mqD+KYk@YoP8^%7JTAazA!9R5Z#sxYQ!+cpwXvh+1wTT
z9(<|4_;px@l3;0umY8G@#Vrd}#Qr#s&K+NI2+A5DgMH0JQWv7bu`|4wJyaqd%5?42
z>7(lGbFYnB)N_69$V4!?h5a*hau+BNdCBO^3D}Rts}ZwA;xSRKs*w&yND>kiOH5V^
z{Z1o{TE3Z=4`Gg3#S8lA?;~n)H2+Ct({qAEH$VrofZH4br_B>>6I%I_a^b?_?4U?6
zM{A9hY!h|%`_s&%B6Gf>_I4?(`qAB|4N)kL{j<E~YUu0~Am>l&Lm0;w==%Bm;3u)_
ze#_^o=PaU;b>n`8j#K0g%eNOj*=m3pvW>=hPsmz!cEl2)f{jMCh;u>3!Y>O*8Jc7a
zd{f*gltE#C9C_G0wPXrYzgiRt^&EdgABw*M=N2PCKkT%t5~SiJ-8+v#oKxs2{JdKM
z4uYLxKJ>Y<MSIXi%{o&AYu*yzQwg;6-BbE8k90dd%M%(x{ZKmDo;1LsY!3?xGsL0{
z)=Hi4>W<87UjK5mq8SSo7dS@^->n#kD~8G<{Wb!=MaEYv^)H&X(GWntgod9233-{+
zfo_oPctY)>-oX`yvBp9P^e*efh9adWv-1XBpyb=X7UfU*NFwJN%cZ`2@@))QAe2`)
zGCZr${k9Gl(q8-XqfNFh)mP6cmG|3`-e6P~Tq3+;eJ42v$tCx$7iS6=HL5R4pkNoB
z8h+Q)pwKg&eON7vjFJw9Tu&ZM0h=*3f>bU%*U}@p>@%q49`L`Od(S2lf@l0caw>!>
zmZ0SF{hFyZEb0w{$(ma&RS4Vo`#;FMEyW1R%L{$?!>C(iR~^gD<Na-zxXUDFu#yjh
zg(G=)akjHz@)sG~UGSq;1C}rSc3agK=_#@=#Q`6{C=-mJjhzH)?kxHXo_}rZZ@EyN
z%s6EMZ7!8NZa7%e_L8P=2f|gzeNNsVeck5vR4?R0=qaW-8hnp1rT?!!!5;Tg!wdPY
z)EcGIq}-7*w&&c#f9dM|u+nu3r5}2|kd|nIz~|c7O|7liAug>VO2a)ms2aOzEO9ff
zekWbT{R%p746uBXGQ9pT=GD7F$3QfS*$<D0S;FX#dch1Y`6|MxxuAS;1{Wr$g!CE1
zUUZDm7_c~=Z`7EyeBm@$rlzWa6cf>KJqWu0IFS}g1bZzY_Ym}$mCKs^xa03C|FE;{
zndzL)voy|bkBMoBjwCDfF#oZF8>*X0cWz7KXVta)e)Br;=aD&O(#7s^(mncgD6S+Y
zg=$)CfGGjN8XO*5RNVWPkrlt+-l*u%D7E5W5%JZB31`rKHG|BPb5`{I=97#Vp4y7@
zJ_YgQXJK)p8bEPKhb!dGp=e0BRD3jpO`U6YD%4dpW~&EpgX?LZh};2=0Kuto3ZUsa
zs8qCRiGv(HJXJ6B%bipH5ouAmXH4UZIadGMhX^`EBNbs|wZwsBD1DsU7Ev2SC_k<K
z)!DLRrH`=K<W8q?<x-4UZ!L0|_C2W%2AsZsh}2$!!_*&{y^>^5N}+Tceaz5zxmnF#
zG1T&Y8l7O$Xu7R+&xv)i>}8S+7zQF5Ph=J-SR`<Dq?Tf!I~EuE7gHTrrwT8cAHR@6
z_F7tvm8n2Ns8UHEDQ6W(-!HC;2+k$nmlDoda>^y0wBo+|I%;)ymR6~QeSpqkOYR-1
zps1hA+NjI3XM?>va*LLf`Juu5DvY~>);49Vx9&>+Gt*e4l~aN+Mc$-<b}K*t>W+%w
zYFC1n?iQ==o@R1az?NIVn|Z%FMZrt1?xtr5861RpL;2?q4wkw>N)>pD(7P=NRMZlZ
zTSrn#9~#tJid3prv<||LBS`SHf0Zn1GuA-N8^Uh5IpX0`2T&6OOu~c-%<$$Q+HaPp
zB^wtE5zv-8?}2GJa;L%WG1Sflyd0Ae)|Bxxd-^Tmh;E*~X8~vzpDNj&t#Xf}hutL0
zmpoH!KT|xMWJ`k(*?{%;fo|kNN~)%zqFP~-q;yJ{hx~?ycEY}fX;6RVo;#{Yq2DRV
z)JMe4hKmg9@t=)NK>xd$6P070#m`jtKvPoOmwgu^&N@hZfxd}Yehm1Nj|O^u;D1;F
zkEKj=B6c*Epw2rT!x@8;J-n1f%t(a>fqNTOT9o`PxW6m}{MVIO!$pC=8{*aoE%jf2
zI&Oi|@+h#On!H-!?5Lq%w@87?e)Vg7dRsd^wd*s|(8qR>gkQyCz!ArS`{4D9u2sWy
zt0%&d;2e7@<re`y+@pQgLL%G?o_R(iS|@9bSD;0_$<Q*`z3usz@z}JCVowM82d+VK
zD||hR6<l`C9If!AQj5;HLvWNc!e40pXi)GCg}vu-ErSCOd+AcnF--?avg@(4_-$#m
zlM)~c9>W_yX@9^L>D%Sa+R&3C@KcbmBP8RO_%0^iAC%`ke}Aq05ED%IWDcVhddG!0
zNm_~uKm5M;>6K6!oN%BP)<%59_?Mbm2Uyu@=>KxF$exW+ehu=6-hm*y5JZQ)7fASI
z&r$V#>=Ys#T4w5q587bq{<;W242Xt4KJ>Ug*y}?+>IKa8d8ujv9?bh9-Cq}T67Bfr
z+x>(C9}bybuWc=?R70hu_`RgN*CVn1gdORmLW1(q!oon$CPw?Fb46dSIK&#+TSVf^
zG~A19+Tfh(_pkP~{sYs`L4KSY5J0uR!eqTVsN%G*0gl+yXvBCWo!l7GjMMq}ZlbgX
zK2VV*-<Ge%m3px}1L@Xw_js}4Vsn4Sm1gH&LHSGRu~JVRs73W`SU`QYLw2?1`80f!
zU+f;37H&u=IWuyPZ;(A0-8z#k!CwU|a`97ng6G66$n!*Tn#t-HxiC6ByXFpPlrLv=
zoMbWF>|J-XdtDEI^2l>kStnBXp;fFR5w8e$$w|iKx3VSHRC{Zp2hRH<p&?Q`<)2zm
z=0|Z9mJg&59)jmKv64ze96%cAF9S_V5lyVTz!XT*%=}_%^76K__>yS1_h9Cz5R|ol
zOBUjISqF}`2>}xqke+;ELz=d-wJVzBCA+0LXVu*exl@{~<49z?DpnJbwElWZWm+?(
z2`BmF<EkY>YT1cTmVnYktBLa;1<%=oNh^yBXW!Muquxj^W(m2b<ZMGt>wHUzx2t|y
z`FE=f-u1cTDs%RX2gYM*4rXQw&jyQogQNXRO8}UEO3)~M;9v6I?%&h!&^K56fV!uW
z4x2-(Q*|@XZDgboic>im9~-~bJw`>swD+&%u(h)5mg;)_p#|#fq8*+4S%C9;Rv;Ty
zHu!R*AVJr~w3fHUE->uzB;*$?%pS$n%eDPp>FrwW=;EwT(c20+dIBbJ-|Ov=+CF+?
zA)W5hNa`h<CQ;yai|Gu6#^;uOdbKIm`^RT?EGz|1i~m=+4Yc6GK|3G^1z4j9o^pUn
zD;rN7#{H;aYB~1AMC))NmGZxI8K3ZU?gOKQ^*gH(-4#>YN{LNyD?%hx?}i%gB^!mC
z?yt|oh=4tc$^Z4_2@I?2?Mi-Zh<O;ijh4=yj<Z=rG2MKQ%a24Y<r1N*IK(JYL+$Ux
zeKkV;uQ-^<k|`WS)P10L&}&<ivigu`L2{#Ni^`{UHGzFMlTGWnJ@&lH!{CrypW}2;
zFVDZzOZPhB0`|x5&f)KU0gIAa|J&wXp`o@@v$=yN-}jiFXVyTQgZ{o7PP)3(TLBSO
zHL-aYgVA^{^!p*MF==sSdEYX^5vG4IR2nfwf?)Utf}wRtG`PBd)P8z*WwLnmz;aG_
zvB$T)ZIS<Tk@e6=`ef<;rYig|l0qJ|$MGeyEnEJ;?cmAW)>h;04%N#IZTa60;?-oS
z@!Sl)-BH3YWN2x{JTGGr)*^l*`kg28Ft!livE_~L?chHJ6AHnHr3qSa0i<BQNgYtQ
zYHHei)UBX>I;t#{A70p*)88rG(|y{X(^$(%d(e;Z>cY!kCBo{sFe1Sw0kpncHKLFa
znx?BEI6#0Sr<NW0Fc95mrIaE3@tt15CnSL~Y4oAB(xlW4aMePo_~PkE!+QZ~rEaTk
zG^|-mGe%S)gBq5<@_&($ePHO4(8P3(SnujE6V{-Ea4rho(kft@ZL=?f^S;o1t17W^
zR5hdH;ZwLc5OHc}e>dHp{hhvSmM8O|^ZiQY1X+>LUcuELvdH^-;731OLNY+UcCq!e
zuNV%RT&>Ke9sGPfL?1AZ`H&SM`TQyPexnNT@TxY>xs8y}8okwK6+4SNm9P0$d!k5M
z@%#XJ2Jj7Cl<kg3p~ff#&1;sG*eTp^?N_aMdjYc#eVqEez~h9GT{bc+-NVJ!{voS(
zF2r*?w*DgPy4L7%++t7b!=z8tfj)E$H3w^QkqtVXT}hj4Q)cg)?KQ9Q(Bst7)6d%o
zmzsdN{HLk)oy+IryM<ORAi=89u72iXFXFMnbMA9n#vY>YcH%FEjz^a>i8SxK&$e1m
zgTU>KnOL7>d@pr58L4%7u#sS@qN;eN()-v{Q<oX|Ag#T>_goi?Q|9P_JlkZA(h+1r
zy0pBt`xLGc|Moak=baN#bwzSr=$ix=Mo#j|RZ{i>rj+GJ6G9ya9>x^>KZOF=*r_t|
z1c7G&Bg3<v&eIzPhUiKT20%*3B)4ptfIKu-^+>sdOPouVIY#rncy-%HiXc;@f15Yr
zut0ktr-2y0qt7(2wafdW0*5|Mbh92sMM4hNMhm(M`(3RFljMlG9Dd6$v*MserovEl
zr=cl@e(tYoVcxa@6qtmJv&LI&mHFU*0Gi{_R2BjZr68RpY21>P-$OzSCWF;Px&&+L
zU{KTaQ0L<&5WG4<f=E{VTe%bWnwcE)k}w{mQ_)Y6Sl3=FL2<=~#lwLTznveY{L42=
zSa!4BWS6?1KL&|luDdwHh6G`xTQ!<d0B@ix>9KC#L(4|YoHRb(>`$}VM84P60!jz#
zig@0Z<^6QyJW-{}(hz&~hwcTy)Rhzw?!iKkNaPO!O<RTQI!Q>`<xzXs#kKIn#mIdo
zYwA;!bE}YE{e9uQd~-!UT~ClSf&}s_bZ3}s1x4=#!t0P)@}fh!vzo`2a^7jR4@pIz
zN@Tu%HP~-b()~IY1oT0k5Dl1D@>Vv2{lSX&D>{Zx5Lb{$>U`f|b5jjfldB`4d!L6j
zWtA|hSw`IOdU30AeYMX1-pn>Uf;wLtH0>&g{TWjS!mk_0ioIsxGO&Zc2HC4zeZ5Ac
zF`hZ`en=d{*sX3^i;BS=8#aDvO2HcF4jd(RoBjA?XZ$Vxoek{HzA@=2lNe+_X87mC
znN%#L!Q)F?xT%JJ_7?);9Y-6q_Y!C`T={&vmWq4ZcXFzHc@=OT9TqgNR{O**v@Rev
ziJoe4Bk-IN({(G3bXzABnvUS`hNSlb#)7gCs;%Wdm#_{ev%?SAy8%&FSQ2?*wPbfp
zDj!LlCbWJD02LfWJr29gjb8)oKe(DPZ7e?q-5xRSQe?hJNY((@J+|Piv;gzb9yVIb
z<lGV@8c}K)MRhfZBzy_e)It(@@D|np_t}3a8bQcrZ-X9R1VPQ3F;MHG+pwg8Z!1_E
z;{}{u-kf#PoW#NK-G`E3UVu7UO$m<G(av$zx!j*;xQ)*2gx%V)85lL(r<~ivU7)qR
z*w=46dq1Ri%6ADRL?7mp7hFPT28Y7zMQdWBikiN?ChxV3Tij{DD3toAZ>TU?OkNVQ
zS%TCJc|%e;P`{NA;pg)}UJK=rp|-|5OluZ6WE~=uu(bNOaPIs0?|yVh5raF{taJp$
zjHjg}y!3e#fZjE+9@urn&pcA(;4ic!Hr2z4qc$rx5DFgR$(Kr+VU|K`8TaE}_;+?k
z1bNVnQT@KL@w9<K7u{=n&qYDPQTElDK@}`O(o%uPdB(K_uFh<slgbINiX>*Ke;6@Z
zbYvy#gZ_+;yBZ+}qS}JC8uM=Y1Y}`w3!t5|J<>Y;@kRF`V`A44;o#i-6b!v7B~AD(
z)DfQ;?HmWw5|2clOn#HPtc2@p3u-DJ(tmmU!5_#uiZ{;qi#IBST9-osP!RIXS!0vl
zfJ9rDWV&cr#}^lO)q-|~`1*+Sj|3%=CX3A!x=4$>R1OrL-6wFtr-tir%asE?n7tS0
zV}I`AJ0>Uvq~e_jmIhPc*r^tUJzA1dWUsz>Jb;;-$l`CJlRgcp@Rq*3f;f2a|24XT
zLvXP3LIxZvK`M*}Q{3`ld(((`9jY*v(yxNTo>A%iX?^K!*sH<1W7pt?=?bl&YKm$q
zS{{X0qFm&|{_3r(Xtfrxp|8LM!BhhIS7SnmQd3A@-b^2`LYRJ%BWQd+S$uU^<Fa>Q
zA9uTvV-c!_ZP=(QCL@cqFezQ|)DSM1ge-vn`g|kf@QvIM^2vh8!^eOWdCL1D?yUWJ
zL+gH~#A?dOQ2(L&IXdK3;LV|+04HC-B}@srSxNho({vDe!^-+VF-+TsGLjL#!rkCq
zx{SrdO+6YpzYS~ETG}nIB8_SZZ))QSkrvNi0!1=Yij5JF>(&NCg>!c6Lx555g)+wr
zP0w{Ej^Y&Bd}A0g!<@#HvBC&4BpIG1r=~ZG-d2+KKlCTZ3FS5zdMVugUAKLU7f^${
z7ErSfa(m3l=G!#eeb72~9xNLpnon1P7p!fZrB92Cym1`9>iN*mbUe9r%V!kqZkh68
z?SWQUT!4?X=5%^(l{cO$u{Aeq(Nr#61OTXZlK$!D>epHYoyM_8A_O*<Q6kA8wpgGk
zJ|?K`VwwH>O+1<A;+4}*Hl@F&;5jdp99uiI+%$;L*U}`>K`|_#-QzyN-XKo{G%nq3
zqW#T5guDgEBCctw;?fCZoo3P+6CB{$HsqZ??E2c$9u(0aN@YKIYU5KSKWi;hdLeLA
zCTq4}t<Ti~>?K;8lFIxjZ@<hxsXF`8458_$)ughl;~C6S|5bjPpaR(O)&kfMKp0_{
zHHq?A#-CziYM-8kr*rE2ZclE+$(9Nl+~}(?!o<jk0TTFthzcU&ZqPR-MmCq9!tA<m
zQg;xf`3Q<aTw)}sF*;(RHB?8zP#41gB=7`+o`n~(UNMMlMKT89K_gI>RMwblIr-Y;
zG#)?ryId0#m>I6@5G}H>?+Sh9F~g}?7Z4f1cn4pMq)G70uMRho;mu;jF9(~vE5i5V
zK(4kEN3z*9JX7D~qw(!cko()@Ki6}BZ4hpXph9O1-KWf27|WM|0ndc2^o<+qdB`}s
zFpe+1?jADL=wH;@r|XmEx9d-uprHN*Jo?+@lZ@-Q<5c}mgW`x;UlyLG5T5sg4p>+N
zb6mTe?&VicT$iSv49GYD9E5XnfsXHKKCSlPss!Q&Wz@)NEZIuPvY71fTLsypsC+(z
zROnmFLRLKL%acQarHF~Ex>-As8NM`#-ldVxro&iv^+#JD7&*pvHeU-4&MNdn^0NQx
zm`3tG>+JXmJuKpVdQt1y*x){x$1IB#Wk(wEjY*3wcrdRzfKD17z^e_<4~4Ldf>9tP
zPo~tW<z>)Jgi_O5qIK?P(!%)rxG!f2VMUz^VL2n#9EJ1xYIT6p-QJyy%3=K~%OzLQ
zszDmdYd9SXGvOKz4xyOBUG2d|Hbz6PFIckJGu3`EaK3lj$RI96&UV#DN@3O{_J&Hl
z6%hrlNCt7fDNExSzYk6n%U!WBtpDe;#w`bZd)ieG@>ydi$eL(3+pVg3le~&<Ni>jA
zjKpC2QEz=8s5bV~2vOJZ2P>k-+!TYfFz=|atjIlD0G(ljXDZ?TnE>CBkDkZ>vJv=Y
zW2R$APY5mt;#uB{vI&y_R1m0?34U6bBpU-V$`oRm>Ml(h2vcN#>22Z!J%BK6Ie-wv
z<ijUftgnt%y&X~CQtv=WCACTPjKac-+h0`WC2oq846!|Ocg;KSBe-xa`E_~lg)SK+
zxJ$isWw8L+U=dwbKlGhYEbWk0)$X$x%x(~A8-U8|76QgTy}IxBU*(7&pY@Vp%8o_>
z1|qX&J&82M>hdTn49q~X>iZ}q^;oz9Si^3xa4sk`N?6(De*<HvOi?%!JW)77857)J
z!g}TAocDg^XJ_qj_3mA!MMT|ARdW+hJ4E?Xnwd=AK}{`KTB(s8{a~fRj-~?IT3jsp
zw6z^tcOn~rFAByh-hJq)WBX5oeAMcLtxocPq`<FGrYu&!{mig{G2G!NeOwvEEb)T*
z=6w9>Is_DSUTiESO6~row%4+I|A0C*nBWFEJh(wXxrc-~$<H|ptZtY;bqW${KAyKg
zQ%-pjaq%VsIZsP&;f5TuIPXi8mtK=;C6p31SAH*&2{eJw&%ly0xGTJezCNSBnB;sB
z(hZ%LqrF|<ALb;q@5lQKv+KwPKusJ}Y<5VCS(4Q$45`uJ2}z~=l(5WU;Ve<%SZTTT
zt`H5t(N+K6=zu34#LPA!gc|6nSp^(Pg=V}RKgAp!K2+MChZIZqm2g!>8{RqQp%T%3
zk5Z!)<z+&h+2US4DmT$1rTOE3@gPqPO*i0Lv`69nYKA#D5*6y=76`Y{!X%r=6~?O9
zZ*SHx_Z-uDeHyp)4Kx8t+R#_K`V}kcTWM0N0r2ekv1xg}f^gO}Z$`a!K)7S*M6PA2
zp(QJl5$k>-C0;T--z~f>p5_|-zW;=mGbW=iJ{%btIcE=Fa~@XM6Nkp|$9hoaFDn?{
z2=>6NT%pa`!=Uc5M!TPnYsQI*ikR8A>DZp!4Dw%iXWkyRuN+B_qCT6+Z*DsXva<N8
zWp1RP_q?7{v-h7`d;3F~5b#yYge=>n1E-PK36n@xL)_dn_qSMUtvb;3x00O<+@Se9
zuTS_H^c8VkNG@71lHS0^E0I2}vfNDs&{(tA*d<&&L;_0<wuskHD?fw?94qd6bJLRw
zzgUsSmLx+=GCDXA&_;#f=t4wye0aKWylz^mTPZ3+_AaV>62Jc50p!14+v{~=UpZ=D
zc$4pvciF`D?PuhBBiBrfzDz$pCu%{vXZfA4{W00t+TVs0GGoj|`jU;7lud=cWqefL
zK7TL^zxW2^*38D27Vs!M*Q=_5?M$F!=;l9Fn^5FQ<*9`3x5d&tZO}$A%d6XD+aheu
zJ>Nf0Dd^7lFh5fisRB<&-$p6>jfDzgANJ%%?0EfqDrr#|4E#P;OA_mJf^UFh!C=4g
zW9q||nW_-BoGA>wLZmw+l|vn?r7TZxmhtsLf}}%%%H>B$VsiQ^j1=+)e8ULQ@1sR5
z7gC2JG5!;j-P7&p8sNTfm@F_wE#o`zwVaLpgC^z?3xRfq5(QAwpsdp1e!Hd55pL!b
zdUJBh2oOG%mZ|42$<V>Qe$<Adqd@AI#er(7NW{r}k{3#0fuW;dFnDW^8jBXOrQf}j
z_}N%niCoXvk4Bo>ig^q^nSERH_Nxmd9mPMW0&tW!jS%13gP?+HQk2F&bM1PlF-mD#
z6$ch1If3I6ZPd;vLF+Hz$%K4rKj}`zz)l6`Vn%!9R&29RoJ(6qL(VEsPjWs)bIQ$J
zb9&<Q=mMxWKiy2Tr#gl<&Pz8Wh-!x_ON&91I8-JIO7YdFv8wXwVW_R(QSqE~<H)Mp
zrbE>sCDhcNijNn``kjR(UvGOEh|$9w8v@0FxdGS?>P@-D^s|c7!BAn^JJ>W<BEX!v
zZZP^{BgdD>74srgXB5(XO-fNJyJN@jrm_&8;3sF;2(un!+Fh3)&3RfM?|30~n;8th
zm-%}gvJj`2vo6l$mny~Amuse|g>z9sc9)UqYHtZp9qOl4SzrZTF{yS>bis2UP68;S
zSk|FtA_2YS!|-CY8^}dk(rQ*+(mIkkkK5TP&jjl29tl{rH=gs`Z#7(dG@&0V`%b^E
zMgFRI$jLd)DX}Ly;Y}9sDZ!&=e?4qMmi?|5$xAnlj_WbYpFwxON>*K{J&7=Oup|R>
zx=0sQt`<%$6HQcdk)1&1uB;R&=mA)?P!@X>VMU-BO)8zt222+4SQaLTm1z07&<zSg
z1ecKl%ae}Oir-LO>`PRL;lJDbFk~C=RmMQGLy%7SU}Incdz?FxRQCxx<I#;SIMmHy
zL(^ARBL!4(Q1l5NR~Yfg5C+m6r#pBz=gWzXV$L)=!uPfQe6@(l;5yy7LT^BRd>92`
zw%C7yFjyLg$BiU}1R;t>TjVnyo(W7;2tvn=Sg73KI109vst9o1b{W$C@Zj`3uiCKE
zLr1lz|Guh|b@M)$Q{P3`kLu;nprr&z)l481My7SwwZ}Rct#ohC@{91AAC+8+xowDM
zh>B=TtB~4?a-w7W9-y|OY83F(5v)uU@-GuX<4CL42cxmGN#aB66pKdPv?RQGh5s<#
z#<F|6oU)Qr0wW!FyZ+%?1)=OB(k;_a1F@xI4E+yxD1(+vp3$AMH|@679Z32i+971@
zMKpyJ6CAskorjeAH2q5G`kiOg6X)J#zB*(F&7VLPp+F#LjqPC$)=MbQo%=1;n6VGo
zdx!`RE1nM@dq#m@f&)uJ_0BE^;MUA!go>gD4!ZP|e@<(Ps2MQ`Y5)Rn!5pI&<nDch
zVpogsog<fY*N%EKl@qf<D&o}?U%*#TIQ)OoQ!64E3$#riXqyHs#%aJv+{=y9+7mmo
zxLz==Xrts*-^v@=;`1CSL3~xhhClr#i`~{90i==LnsIxp2Cd1m#1J08*@{CFrCPxN
znD=5n?_B$)jjYp1c+wY)G6vI<aO8=z(t{dv#|UJNXX6n?*-)F){JSMQW3VW@8N`Su
z_V))7ByFW^ST&u4pLT)xnu=<~YzBpV7VaAF1}|{d({b76lnqsv^dBL39sM_?lqs<u
z5Xvf));z^!j+dufa?7V=sW(j(C@EdSI`xvF!v-V_0YQy)#J!^>Na*i1s0)r!!$MMW
zn=Ri=pEb)J@>nh|=HQuCp<w@Iy9{5FUQ=rrdl1(Fw&2)s_B})=yRQ7B8)g2m3lZc}
z^)(mW-&)DzO|c&#H{|@I5MG6d)-05>$TK=bSFe}Nsy#(PRgk|q+a!xFn!^l#dCH>w
zg7Ofs!fSjL*-YuAnp=g{QVc{B!ijy#-kbquYVod*jDz}8$z8%q|1sS5$4C+Y0|bZ|
z2oU>`AmQ(!9ZSWT<1WgfrHYa*LAKfMkJ_%+mpwgl)((+V>qDU!S@-3oPG5|x@>w?_
zMazC2O7nE>pJF)ezYn3vLP&P1@y$;#r?ZVWj&`V4AWjc|R#S72S~ULNP_qqN@tF4!
zN`~hzz17YlN>OP8B9pjy<R8lQsrMsqS}dgYX6y0>)<y2!8u_3R335hW7ulp``L!KC
zn2@AAeB`5^3|u%ubsU4>dWGdH-dYSJ-&g?#vZFxnf&(}mm}wPQA|%8ox#aa$Q$(xt
zV6v`#T%*<lMZNqLW^Tfm)YtcdbYTDZj0y)FP^=FIV*@c7l@2u+BH(7zd)neZ$*Hgv
z;5PHMO}fRJ6KDgx?s`6ZYpUa&!I7%pJDV1)U%J9IJALh`QHH!#_k5?mIKe>QD<dp1
za$YUqHS<*`@S#zDkogpix*TCx`rm;U5w+fGi>Tv)&ihrLnidggOrQezZFi!YhW#+J
zQ58r@qg-`^{wGG9s=8H#G#Xz$U4DE9T(=-k0u~02#VV(~&-S05uFiNb2pcPxrcwsg
z`@DKlh=9YVUzXH2Q_t4LmO3%s-p@A&yJvGb{bB7-m$~=z{HhHiF<i!^j}pN3%_T8M
zuz3$#yRd$g$}Q0RESS?VKd-U^QIY*xp|TQ1b=p70VfA`+)GE?V+-f=nro=sqdG>CY
ziA56v{y+W8MsG71Cb^Qt9}y9)Po^sktQF(w=fM3NR+YEv4a?Q=4hM|#nc~4LRtMD6
zYo^-F5$;20eRQ~Uhzu+jNWG2Saa|*Py$)983xFJ(N%0QH<PXn?VHfl;9yv@0{G{+v
zI`5BFKADs7me3RH)mh$+1Vfl#&P;!~8pa2Gjp!I~*qT)0TejnK-$Pf>rb%-QZ+mO4
zLTS5NeSEdUdzh|p{RRViZF@V}mB%QmZM6<KnoY*3hUw8J?WoAd{Y@>{AHu8*#*>SQ
z0R?<35khy7NvF4C(J-JkOgTJ`y^`@{@-g|`g_ySJKo~BPO#0tD?70rkPpc%cL;?xP
zYi#NC&jQOmX>T0Gc5hV?$L?UUjbp06SjVQU_AQ$YmI2EG{FiNRgn&1nXZgK~EIyW&
z1Yh9K+ys3M6OcQv=#vaKFF;qbi=%h+>eylE%~?T4h23ipQMN%?qt;OrGv_RVC4cjB
z!Q&CbV-}FE@S-YUwdCsVT3e)mc$WSO{_F4tvLNpcpB*~aiU_VPc$BZ1dbp^J78-{*
zhistSnt<o6{%Q6JQE%5?pZLRgPYff++M1wGD}Zkd-bFNC4h;AgH6d-+UufGXpsu*>
z`hJ~4tz<3p-=3S15BQ@Z|6a=M96?nizc7ybp4V0UNo?sF9m`O7j7HT!daCRLv)$vM
zB@%7?KP2G?lcrVXO8!O?J~mB!&)WKEY|=c>uK-ecE-E<HW;i~LH=i|Hw(;Ea0A?yO
z#F-(@QKmSm`0twh+5C4~(Ymw`J8Ns8w)ct-nnDC;!eotG&2XUJ=pZF$h@i?py$8;U
zP*D;6tk6vZTQakTId3yGT630-n%3(5cf5#(<5RIQLrC_&7;EfNRJ>rvm<HJjja$Ny
z&dZ!!Ny~)j5RA`{t$=5V7Tgy_{C8^k@dL~8&FJGzNflh~oy-C7a;z+vpYa%x_K8>{
z@<p5LCHGS9m&S=&I+mBea=M<btv0OWJU@&d?Cy^~_GDy)^cS6;o)SVnp`86PZT``p
zLrP=WyynG9=y=p_CuGcfL#lJulF-fjYxxVEqEzv&`w|{e%^dJ}KY04wujk?*2|Q4m
zX^9_!%_S-P!TclvSh9knroiaybIauONVPH{(T7G4!8bx`S(wG#9NfoicIj$Qzds82
zPkAwiX4;<OlNR8IdE@{db#j)WyLrscB2roAp1g^fLbJmvCr3(CxkYI+)cDL9O@8um
z0Z*Hz%!rgCO-h2?g7YP*F_hfN&s`SL{12uqRwc?M<f~@w*54SP-HtfqPWLcWqqmdR
zcjr!qcb`=B87djGmem#1)@<%_J-rs4Tt|CSQ12c^T&bS60H1dEA6_9jbGb#$w{!hV
zg2+2S`~4IZv&Z#M?Q5#*6l1hCcjVbcK;;2>o-eG00e4MmSz>(Xv}|=W(RiYeEPNcZ
za=c{obsB_jve=2ShvWE10R2*3_c<7#IlI3J>$g<8Rd<gV%LqC{8M`a5yoBT{$m>{j
z^A<N83zeGCn|s}9hzzE`{R-ysS4dHjLJaV<o3T{k(Rja@NaBV6yu?X#x-`BCyn7fe
zS~@^l@p^Dt^2U%MR6Fj^Xvxrv_f7Xi^}JG5S;;H0Z0_&3<8!>tc#3b&;x^!+E;$I5
z()g5qt&1Jw9-^7EK|)WJxq-)7-qB1DA_x6f)mcbGoO%_*LeP6WvVk{)%IjzlJ2B>U
zH~#1uS}li6K^4VCxD52O#$&2vwHUVGE{$5r6Tm+15v}oOJZ)(rX**nXcIF#w0g6iJ
zKSQ&JolaG;$0cYg8Sk6NXbEb*o6kPO+sQXO`VM{DYbD;zCLcbwehsY_V;#^T&#^0U
z5UEu+LL4ipG5($aGm629%TZvs+-8?EOq26Dtfpk}x=2Lu5EF=@s{XzwozKuca%sG#
z0*SO{E@*afO$%S!)3N4QKeRKhcTI&qI!pT~Th7C_q*8F`i`{BLh@RD38+==_X&Zk~
zP5V9C+^a|___Ch%?Z~!-2IS8R)u;Em(bK!u<%Lo#-28TIN5~Pg#lGW})+w7+y5Wp9
zGC@x~0(2fnctXHIamo8jt%(P+yT{%A*LQAZzBn)(#%I2`r4;><vw@%6!Km{rlRnd+
zlEmE<Xhdl~xU1h##Ncxn`~64sR8TA<ntVf%nAop_N{=LZ-}wm%Gb_3w`HG@cY%mKN
zV_EXp(wT_{I6sCA1QR|s*_p^>8#GZw0g9o55Wq>T0w4jb*G}rO;HyX&nM7NBbjRFz
zGJJ9Zo-bV_D_ZXr`JIl3H`p#3PKN6`-mHAy-l7Z~7AE`LSc6Q%l2B+~zqFuk;9bq^
z66*@tB)H4`jl(>*J&k|#Ohch~Id!&_%a-6W<oR9s2lb2e8Uqw_42(2>G1-S4EFBnf
zHGs2)<-0;S^D7}|THGSy@cD3-HY2YT*7sBy#XqenExB95#@y?Fj4A-`w~t2&`t4q(
zLDe;)r;4x4yx5HQSV}UUesuFt?Rnp_Jqq>XA#&e1Kc?be8J~;!j7;c<1Vk&$OojB@
zl|18-BBlAd7iXWSN#m^4`CHg|%t3nq&w%#zM~xMB0+g^$EJea9-_1JtXsv9r_r|DU
zp*tZo)zu_t2hA1hwyWE|Ls0d;f6XK+G-kR_d_&-P*kOTfsi<+12C<6dXoliRrqziN
zuLKs!(@cKZnBXVPQDkON>4|(P6~RuZcBK@79ILGz4%#O+SISsy3el1VkU}aU*xZdH
z$6=elErc=|T*&;ob&-r&3eT~$Bbo`?-NL_dFRlEww`8RVTi)m)X>C&oYK#${2;3j7
z47)ORBI7-At8s2FDmYkm?xB)wH>WHY0cAxFmQ!2lzYZc1wS#jCFg_p}Kb>DKFmfU*
z<diOrE|uI8Q(oLW1U(o6Q91d%cHtCf#}QE%m7F44d!sEU`}QLh#XL@FG_(?AKDg?#
zh8bp=$wSy>ic~H*YVRt$1*1}X`Wk(YL!XaarvWl8SlXQY-X|25F>{oslJPaYSc@8>
z05O(kubd~u3DP;Ao3B2BDMc>O>5IZqUX@qyJcrO*s7kLT^mlH6H|KG$8?qgjuvc$M
zNk<N6!K(HwBvK=+zyd)mQeI#rd%3@{+mNwz;yqWgejb6qac}*OxGwMzaXz;HPN~3M
z-4v0gq)@!>a~Y#{4#{F2q+onBCgjKO&~tCV{xc}$Ei9+stSkM3+7uqHIuj(VLqI@-
zqwjG{-B|?aC!rW=p?oN6Xh+{UKPtJ3hd$wu<`KTGa|E-b;DXAs(}+uXS2)pE+o9#@
zOVb)YQ<lV1Q+3dHpz}TGKI`_euI~foa+)A7CUvQ>!doS79srxgdxcr@J_ivUd+O%m
z+fBp!+mZqv8Uuw|)drGl?Bu+@8!)Yky7%WgpV-6!Hq@3OcjL?ynx*0&0K%s%3?i~1
zRRZpF{nE$oFW0GBatq$Z2iCOavTYJy)}+_Vw%0W0iZ8k<wfB0mKetsglw6?R9o|HJ
zy`L-6K2s{LAhg3HkMQD?_q5hWftVcc<lnLxD6$z1ryS-Qg0F6vEJOG7RA)`ppf^tB
z(0%_JScPiTf%;EXsHs;=mfc~wdv2So$HS*F(?&#c@X(G*eO+v%=!BSbwv4xLoyG>6
zeQHbJSw%ERAUl=FIm{yPtKr&}Q{md&4N2Y>U;V&)zzJh3&6rP$)`QTM?6$#!)4|Gm
zVCrVAWUF!p;nZA3ayKW*gE9Q<GH)2jHk%x%7{6A0i)deiS9!eS+>3kiy%yO1KK`AH
zT%J?R%>DnE`pSSRm#%G5L1~e0rAxX)l$7r7?q-w1O?P*9Zo0d>yFt23K)SyD9N)wF
z{tw)<XI5Tot!spzqvvY=xSB*X@Q<4AE?wd7dE$z~6V;hGx5JG7jBj&$l*sor_Tw(y
zBVrZs)ooaKQ^Q9<50hAAFV8Zn(knCI;0Ng3Czgnf9NUK%!1YrU2ENMqnn*ee%1Y}6
z&I!+w?FtaNqmaGT>1?fcjD?Wk8fk3bKY@;N!`(VApcNdCDJx2z_%5_NJa^>4a*9<%
zMKZq0#98%Lq+QW(FBKFg^HAGhfm>*na&l#l7nv*f2-W@!o)uLu|4@95f=cri1{NBA
zoueSwY*&D4R5^!!OqkQC0C=yQ`_<^Og|4*%YP9iU$<aABTXjn4=1cXNJeT<EdztPI
zuB+F)L;|X9uUz(K(vN2<M5996RN91k+^3stt7h25IA;^&(*yM!zWj+xNX|cZH>x#Q
z_4akTVPC1-Yp(7kyj_}OXixNv3}fawOU4?gAT1mqv8}{r!eLd*!v`uX;T{=@4H+y>
zyL!$15JvN<IEpHq#@y+sd>CA0!bwrOpHhp|{OvVtIX^cgqK7EktoLb%+-K*aCtV?V
zt23#-J`|zcn>42UJqHX!`#rh0u2D)iQQ^8ADx!fbd{HclkSg-lDa<I%&KuY2FR!}g
z-?(~{mph>U1xx|S-vS|Plwb!1_1|c;MCd5o(2#SILh&uGw{JzT80U6Peg0;cuh&v{
zgfUZ=*X@&yv%*{&!LKgWhvHKHG_LPdue&)|^6Mu}kK&u+-?2BMY6I6zO1wPxPqi*T
z(MZng7gjD|`joB-i;|m0q^{G`El++SV=$-`7{jIO+cN_vi%sWjIA_UF&xw~}j7Yyt
zi7T?1E_l>d8bf|dXkixOrc_;9JsZ~W!B*)+m{}@n!!kjjMiuBM&MRZyL{o)8^FL>g
zedNr_V%-kVM>5*6%<qz<ibWfnGx;~eXb+d(24%aeR#R+m7>6^ESsc$;fjwJX(UeIM
z|H5s6QMhO*4;5Hcb(sL2wuD9b`ff&WK1crSRKc@@&sAY<Z1v&6_Wf+(7Jael4~pAH
zZlI8Jm<IQ9O;<z2&(m@`HJnv!teZPCKmnN9(EI&QW<KNH)5pA}7Uj92M`=lUGKr_N
zOfO&~L#&8zHZ7e}4Vi_v+0ly9K4ZXIgz(S&4}09A5izA1D45i+5o1(8+zTPa#-gbv
z@wS_oI|Z|%$H>`)?DW>+qZu3`1S16Gk)FnFSH|CkuUKhlVS+Bs>kf8m!B&<%FjcqL
z_f01@c6Q6$_NV@wNOfAQGx<_=Y!V8qcjCTf{NWvhN4Gm{sL8{Gt6RN1G7)D$j}Si2
z@Vf(;eFxuxk*2msVzS_j!^na)hLM=oJ``0PRU#Js^j+u2x!4UiP$sHv3<o9b9;Zc0
zeCtxqxzGoSsccK(^(E@xlj4$2(;3OTNN%Toc2eJYm_FyF!{Dl+?x}wJb-IJBq-4y&
zgJ3%n3SXR<mm$VRTW*--_Y+qM$S_<)F#=7Ygg6OP3q+R+HETm}#Ei#9G;6!lMc~Xg
z*?6){Y5&bUSxblK>lKR<G4KwWL(OE4s{<NBuBRTUzU0;Hu7>aMNH?c~`E!nQjgz~f
z1;+{&+K4?ZGW0b01=?L^K1%<+niX%043;gmYtJBYlESLyGN4SOCh@&8(=ZAbqgN2K
z8DrcWi_WiJYg6sh#&^_=9e;19_<mXWx=2AE4hi(DQA<9N@}VXvKY6uLLWSq+)$^%?
zW)*4Us|fr?#Am3X*Os?AR@nF~g{?|4-#?Hq)NNaU>NtM!n!E3v+`|wkXlaXc@8z*o
zxi9>5Z*Blw+ib{|msjzvegW<UcOUiL4FilvEI@{gUcu{&7n5aV??589fd``vj@;Ba
zKUp7Th5EE(PF#k^L?e?~GItHFzZNmkKck!Yw>=iq1qY85s6}3X3TW0A*c2c`CEJ)t
z;cj&HlIBl&)J4$We$2eXEUY3I-!2TWbqDM6O%eet^_8p#!4?KBU?X80`$NobyUim;
zvdHIr9tqez_ltP-ohscsY`5$uMZ^OwLomTSM_z4oci*Iqj;wHw)tnvns*7oC>+fk}
zB0oE8hxybNM1_@*bFa|HhTJ#ZJGkC>d8Qcl5AVDiPq#Mx1N!6<MBjN%a|rx`YYF_k
z8o&h1DIAJ(*j4M5k%IF6w71T~7r)*9mL@8VI7+olQn2Uy5JT9rPhE&J&0ON-<E3y2
z!*1spo1y(LYK-cNE_76*N?Nccz1yQ1OvMNN{6Oa>Fr~%p{%n0=KP6w69Iv-n5^g}_
zRw);$jo`WUY^T|eLH8Azw|~8?PX%b`+?c9%FoYX`V-{Du(CoIOq?Ma4Le9TXvyT5j
z>NZrN`MBj;E4S^pP!;+`Fte@IJQf5NZNN582#=%B1^U1YRMBh;zBR}XP#worYeM*P
z3Y~HZ=F?0eONVo|QiQRuMdN3w=i59zj<E+cG{V34Ii1h(u-sb{Mo+le>j2~1%=Pp<
zaNm@w&-ymx7t;!f)P=K?#V^acj`fF?qbxKs=cnlVSsdNV=cB!7S8m~*cHdFcag0AO
zUC{P`G^;7-4&VYw15h@JKCI!3RkCghZk9n6!d#s^Xm6ALU$HVZ9h>XfG&bIgKeg_H
z4&08$gjrMhk<0`}&KwZjF4Z!@NVu=FC}`|X?icY@+)@bEYyThgGKoI0h7OBSY@Kmy
zbe?BsqghkXLnHhrLB4<pEj!3gbGw)m13KgSExcm;zqyc+psk*u5PI<k&x4&6W38_Z
zWL>pqOtbpNhEpjX3fO6(jS+avPD0C{;*2c)6Tul%fKzPoYuXw|$;jToCTH{^Bzbzv
zGZPz`6F!9z83|T_<>4cugv9}2eGX4FweQ~eX19gV=W}g=&XpasxLu#-axludJ-ldh
zF_7fojTaq1r6Y&i*B>ZsA><cmVFXm@`Tv-Z_p$kz^R`|WO5&dW-zq>JhIzu3O-wom
z5T(lJohtaHBhj~jlsmcKFN=TKvQR#cdwITQ<Ke<>uYW(JgfXlUU=l+Z-Jj`~ZS2|#
z3|t$2dL8%8KtMkD$3_gaoDo%CWx@n3+<l~)J=)pQdtuI-#x%Wu@S-2WrrOB(l>Pj|
ztjy2DVY8H$=Wvm<JVc8GJqy`-EE|A?s)7osI}gd(B#NI!$4l;>N!*1Il5O5mVUNaY
znfhHgGZA{9!W`v^kVft&hW^lMKlkOe8fSLZ0{(~{Z}d06S~i9<mY;xU*<l}KMio*8
z6!+30^W?E*UyCdX3bS|S|A78Igq=wNO(A5Og1BDdfUHDhqeLhNfVpCXJ%T&{^-pP8
z=VKSKe>S&mh4@E@nUoF^$X63dbXhCq<V9m8XCEYRIsSxTApB6%?$5g*GlW4&z6EIr
z{Y9f;KRUs7Vtm3Yf2AX<k6*%0Wm=IvRV^aZlZ;`Y;jc2pK1TJ7PUQCml05udiShD-
zeh&z%c<9EjC6Q&U4SR|GUM@4#zuC?8FOgnu>?voAN>0%4$5DYs;0h(u<nP{b)yRi%
zul}#JcUwO7zDtrA&lbl3y-#A6NVTTn{igGm&YP_O9Mx);({l_*Utk-u;-%P7{Iko%
zCp$%`f*O!0ld(4Jhy|{cmVhJ-7u^M@H$xn@=`d=OecX)!GcFpg(0{*DQr_~q>k1C9
zT*;opY%#}78f1RwPW^>{BgahudMFyatuT29?+A$~iqLD7JpRvDD0XRjW*?zf6oDkX
z1tH&=!QpMcF$3Wgr(xhZh3_!==E}`|S5%~jLlZ|-1a9kkg;RduC8>T8!|~|5N22ZW
zTktPZLG;-&LY=QhIWz5IgS%<WL;Q<Al9ijh>B>XIqqms;QmCB9@<TumI}43Tey+tW
zo5xl?usuUE+?~}^0{7*Vbx^yiJ+sAeE6gkNEQr~wJ|(Bz&(!*fA_YMm{k#tW-aiDR
zMfJ4?I_sjSJ%MIg{@!L}=Yb|dk*m$O6<2XJ+irY8B8+_9Av!9OI72^9qFHj2bK><v
z;D4)L&X-1(e<e73x}_r6Uc$`^^1B6bcs&wR2$m%eVp>_Yp7Oaan{R*4{h3^QQsKEn
zzHQOGkfO5!fU;I@%PU7fmZ1|CT7TR@{~9@gGG=&Yk7lmQ^5PTaujB+Jg2-3RrBM*R
zc}SV15}}x+yFBW{yBHq{86z(fdeO=hVi$ARjlP%+vO>GXGcps#wx|zXqI@qqD-X#e
z>6Q`gRE|@T6T?bTi7+5C+}v8b53(e#0oYfd_<VmJGX<%lL}PqPemiO?`MuOyW1(h`
zYh+O9)occvW4M%?+N7|_?t_`q%2&5}X2QlDrPVs%_@`?!_N+8>+O&CbJ3@ID3Y{!7
z*wbzJ6*Z1Uza3ZnZ1qSO2NmP&d&9La8~CNtYJV=Nxg54)+aB2b&_n<4f&k5a9T@(J
zfH`?)KNzlX>^LeMVi;-ntdWzGvz<r(iZ7&240JtTr@VN}kZu%Bu@qdojK(LZgn8mv
z@7did+f9;0i5WRj7UmtT<BtA(j7~SwcGl|_3tvk-9K`*nHbyztel7%k>qPd+$~=hm
zxRO{HeaFj4If-aio}<$OkRwkhM?yW>#a90H{-wH-_SvsFvY65e0nq_t?5z>TMq&We
zPi`hT#;4~*ts^7jGqLU=Byz3+&}Gm+@)Dsn-A>>x6XCCA-XDFGqv1kg;Rh~m<1`6I
zsz}0<iLPm;rg9K(92}y1J4^k7;rMGIv;agZa%EUJ!=gldHTB+1aOa}huU0^hctPV|
zYWz<UWjonf2(Rcy3yfSR>}gL+%|$Tl{QUH0O9$_IdwIh1k1Ma!`tA&;j%6MS=1r9h
zrlF=t2SZn*ZZQ{g&1+8=aWv0ct@>{0U>(SG<`Y6c_gNC(!CU-lxm)^~Os_QXM+&H8
zB88tO?vhy&&qdiDS^iVjw|iXHzQ;1^r(`G~o2ss4E2=#}sY1d*TD}$29wqlNBBe4$
zG4#gZGv6fAM4p~5Q~TRo5znGuxe_)zs|b*_|0eUctZ(>jMQ3AD{9uBY5aL87x~j^*
zoF=anIT5hFM>1yHTE%>d05~r3(9euwbQg$<(oc1f;CZ9$WN)l=(-hv?XebqkX=l=^
zkW7=7OUJkKX?*-}5Ts|Ll&cW@gI`ski7zF}CN1-SZ7^Ju;FAZkZ?EA&FGUc3bwBC&
zV#;YmL=0hdG3drjDBAb9z|&c3B!Jmw4SKL|9O~_HbO%g>pBHVW&dvvVP=BJH+3MYF
zHJ)p|9s&l4Zs|O?+up`KM|nJ4_b<i}F2My-aGX|IVx7V0#h?q$MwAX#Cf(gaR{VFP
zQV6$nDsoS_I5c5Waf9w%ReRz3vZ1?p)oU27;Ex`1UyQ-YJqdPm`DWEfFzsh_kAVEg
z33N{?J5RSb4cAV!t`2hvbzhz(YhPM9RTb@!zVV_6!PsdAx!RP;9_2*NhA<bnL<8>J
zR~&9MZf@60BVCUgt2h)?tn%b0N<v`jgup-@tKMl?ojOTa<;`(K_q!ks$yI^JC-1p0
zTaBW&uc-$Hh)6j+W4GQaMn!u>aRX(lXKzHY4jR4QUrAAdyAOpxz6%v4;n-3SzNYVs
zN#6a7Cm@~SirQA@MR7AL<DJndMEDzJy0jYjV1iH5KM%~~d@%&Qg`uaDH#?KJhDATv
zB%Tlz8ja#BfBON{%S$|xY4p=#6N4hU5u`#9DJe*mSz|eEt$E)O3hX+d)8R(Pz^Z5P
z5A7`cChK{Ay4aaXf4+WxI%_TasJc><4BX#Z+**x6J*j7}Lp78-q_r<PSN`CV(mv+)
zthpe`NIg9-K30y;_|tDDklZN9ZS;2gcKnPbUl>W9ykpV%#SZ??&rBsZGu`F)?m63)
z9r@W!lR^v>%Z!3bT@2hft(Y_z0?L2*@>j~c*V7H$$|aS4rKNsnIGHEM=JYeWjN2xk
z?}@K<Rq`5p!%0W!bPf}5m$!6^fd<Y0I-M9kd4QloXlm&~G-p4E2x|z)5Dj~!F;S94
zqQ=Ir$Bn)RFLli~3X&G!n|svwLkhZQUs()LW_1V9-7cJk#sY7c#pkzBDw5Ubw!Uje
zzf;ja|5QHU-A;!5k>1&QIGL&t*0j5J71Q?kLszvBx5Sd3;&`cvhcO<jv&T#9$;Kc~
zpf3?EY+PQyqF>lR%nh&P1<LB{oc0=T7)xVYYbQQNSb=$T6}>q#PICwnFcS{61W*~;
z5>E%V6|R?_rZ&wvyD)#m;An@qqnGV8)2o?Xr;B?^_!KbC&vWHp5*D?w3&jn(tbo6l
z{>mt(L$s3aWqq?7Xzw1-f9HJu-JhT@<hj^!$NtV>n!E`9p*}?TbYPWTbCXF~)sK!m
z&GIB6e9R1Cb2X3X4&BEJzVz@T5l}7`Kw}GwGEXX?9sdEg-si3=jD264M3R#uYoov$
z41U(yDED@rscDANM=ck7|I)*;6tn)3$gI(a&%4J$PHg4-x{8zPw}i}Xny<`Es63b7
zm!#LcS0B{fiJ#gWH=|CWYo3n|lveVW?&(&W@1Kq%W*P3=lJYA6m4&P+Ehq%g2!2@D
zO0ePd&VE(xn(8+etyl1+V3G*gxzxRDE__fg8fVS2vJfTALg$ESXGQ9Ea~|UC%4+Wz
z>zF@P&Rm<fz)m?y@*%Insm?5CCx@*ECGD-;tM0`Us2O%iq&cqSeezFfJczM<pxnd;
zD&Op;*aEXcc!vz&H($uSXX&9()vodBx8P-CQ|(oxw@nk~#!rbV$>V;^lpEe+0x5|f
zP>slZdLm(iQRM*b^V4tTxQH)D!4<JCL~PbL0Xd4}Z(<t8>nb!K2C$7VXDTKQhOzLq
zy3sa=7BwFXBpHqpwJtW?4(z9j7OpP~U1+8KfWxJI8#~-^ry+u!gS(ypG8mnw*3zM|
zwCs`9V0Cv>Z9<@nmKXPYFI1lqzNXm{MdA={MnWyKdem4cx>WMhlb?qBORTkXI&FQM
zYu5O{=Ph{VXf5>l3296h1qj|#aNa7GeC@XJL#SE#?ze5?7;R2tA@W_zPXgc?qqVKg
z75sLREz%vhxcT$DCkM{IDCEi)Or2EBQM&m09Si#_U)q)DopAr&BoQJ_i-f7kLr(Z(
z4%L)6T3ZaTCr?V=C*=GENJglpiBb`a{=O>i(_$?V89J{r$uF4GM(*AEb2AFLd6gIc
zjwi{K;=7+T+BvQb*re1>t6<@*_1#}5$2-m($LA*-f^)YDF5#TR<7H>e<p?ly@eHO1
zushVPrczU^PaB(Nan9E-R;EV!EbUyMpKLDd+bYP`cN=bY%TrI>dJb@>ni|Ex$s6Os
z`gJY)G#1A$h@dV`(8Gz<=j{)L8v3%lq_GB*xp`8J`6YBf7BhR|H0{9+gTf5ch<?~}
ziR!6;+KRV&-=sV4h!*hFkn%{TsctKHjLr9K;??JrRKOH@4?jG`(6Z6sU~>`|x(ol*
z38E4~KTFXxU7IP18b-GJ(VfavZ&qAw(LvB}ANh{amnVYq$W#0cLBHl1-4lu+Vy{Zs
z^O&??Bitnr1>_=KTB()4`}iVHOL6O-;&Xq#{m*aL#<_grf75NQcD1NcuA$)OeU_Y0
zw|k_tp6}%1kYx0o>Uq-<ee8{0Fj?<u{oO2+^^!Gbpq}NV<@kmeF}AZ^1vJ<tOcK-7
zO;S!!C7|(*Y*R#><hDE_<vsg?+sac0prIQ&O1}?6%%?PGm%zl9l$*Cs>hzmp)@DCG
zh7uGttN5<J@vL;olC^Xf-~xC|w%<9z&RfI%8>*#fbke8fnc+x6jQa6MF~oeEDl98`
zY+To2U4<JJP1wAseECzCFW3y*5&4#ch&4^QT4#&J8O)M5koS*&v$X*aEv}XP*5A|U
zbX)tlS1l7$@<O)=%iJrk;8rHdC<;?%+-|LYLa&W@kX;M>+B7s=9kXF*ZgAdnFSE2-
z-|U8T)|yy`i{7(rHPw0xnQL;+-->(-(#l1Wjh`c;pc!7l4ZzG|O{I8F2g+cRBZ;q)
z4wE9~=0j3w8Hw}Du{i+Wk$#i*kmX>ldsp>otu3OYyf2W6=&YyCj5fL-hl8u(pCBt<
zG;F~PfyuTp51WHod0De+Is}ga{tHy(p+xa3Y_zFi1VJfL^^JO2l(wh<NuA5UC^^Pg
zbBL1nYapd0*VpP;G=DBzaAmt$KU)d-^FH4XrL*w@@={*5Z3z0NDoikWmmG{g?cIKz
z*l(N(v_)y`FZhQfsqgyU8krWizc#75$ILyQm>b3J(i;%|!lmn%H+ZKQeT6_h5M31d
zW$UU)bt@>9;$9ISxx`K;uE?B<>$D@JOcj5wc6YCD$E?>387J;-y<uM)&Ksi3^1{<E
z#?Z>&02S?rp{EKbo`felt}uL3VQ-Al-`Ja4L2_m2ENeEm5~t>5DhXvJ{f)23@@6dd
zpp1AW#2ehtA&r>X)r6;%J&DID{vTWW@s#GdzKiduz2^LyiUBU;XYA@j-S6AD0u}p%
zeul5k-QP-dUt!3&u(Vi~c%qfEM9_j+B06he0NMK4Z#V@k<JB`6r{7xI-vnxf2OK&H
zN&_Z~tBJK1$8@T(kY(Rq@U}VZ8kk8IGejSl;NZi!S)70b-@Ab)wp}D$c-7RiAMFi^
zb~spfJ?9$61XCsb+h!zGPinuIV*WTBx-OX<QcBpVvLamyF>2;XY7XDg_5zQL)BbmF
zWa^qr+(u}B7ou!#-<}2#1nSs~feyKItW*8%Wm5goN-rWhK?IZEQvGv2K?o}@`3MAT
z1Z83;;Vx(N?l&qV`aB-k)OVp?RM<6MX7{s3)hItC7HBauN%d!fi8yqo3e0|U0JQ#O
z((41b9g<DIS)Kr_eg5}N`6G`LKUtqb$+_`Y@S(VOhq51jCzhR@60TJZ@iw{WAvy1#
z5gs0QVJ7;s`pN}v?b|n}2B9G=d}i9uqP}>QPkM$E@_5`vdE6xAKlG=u2U)iM=6hqo
z&38CV-XH55?@TgozK0G-JK|pY*4?vKCuYo7^Sh-kwGLYV<fCcsLB7F+FJX+oZs^9l
z{iGgbh&z)xn%sDo3FX&glH)SngG^2i^j=s-$6+r^l`+UQw14H;+JFJeUHw=zs_wPQ
zBUai?_C;XcaSSu_Z@BG3CT?sR0S-Ttq<PO-U**q%uJX&Pcr~_;q;!k`IIjCCk1E1l
zU_qJ>?~<h(rGzWQbT+S`46)e9%N@xt_3=gL*0sA9(o6S`kP$KZI>b^RQK~-V$5N`5
z4cQNwQ-5Ao_PH_BO>@~4KXvB|d)7^>Die0R>H`AVP>|Vn_?{arEnLG`i)d`kiagzl
zKbGq&rGMoKJH5(uZGL_juLEo!0oFFiD-gRo`$PGb7c0+Aw+EXN7uL^CkhaIW>(Zy4
zvz<cMhrEV1u3yd1q7R!VT2d|3)eX-SNDQ&;r$6hQulCoU<gS0)Pw}`vUhSOhF7;_O
z`U~4MF0=x7S6pYa>A`JgRs@i`Q&Rqj#6910#qRwh*2BjZm_|D1FyJm}H^7iZu-TOI
zKyY02_3ke3yb{vC))nuG>F4%-QtSD+w#`G`v=RYMhNEUP)9Z!++mInYW=2;BJhKMs
zkl@Y42C~lbk>fkEG<P}1qmy0EY`I5hG{J*TEpYQ^#THzB1?vo&zFEpO<}qa~o9jPk
zr|$08=GNT-K)wrc+`$;~%*tl|y+1j_<IY9b$W;99(r@UTVYxlJP0+7|2K8&u_kHa>
z`d0xMBk$uxeCvupa;&nO#8Cr>h3T^nsf&B-vDl~xT5~y;V-vq>F%qX|+FLEC*8~XJ
z3XC3+E>|2|ANPwgi_fdHth%3{n@(A^0^LrEAZ=s4zymT}cR~8|<;>3Q#c$fH_5J;+
z&8L&AA;(o7o}VY9%Wbb$^OTIPW0z#K8u4Y)m<vX$FfPx{6>5gsfR0v|f0GOSQ?2RW
zGgB;Xmzf<|S7mD<eD_MjG;nSiX_ZB8(?cW+{fo}T{y*EE_fr!O5~|2!k^>AA<~me>
z>*xTuL%lY&9Gss1KcmeB=11sRi7XURoE6Bgf>=`L45P66AVUCAlwv$oZT4SRD8v~R
z9dlGzTVaXB3Y5E2=RfW$T=x}*$A@VR#XS68$5u2bDLuoAvBLtRaZDGjnljB4_vYNs
z<_V<aW^<jgV``eA+!M7}X1;L^n{E98V4`zMzj3`1gm#V+_#Z^udZ4HEi{SF|*gq>g
z;0(;~wjivKFw`_4T|W->UuKV;Jr1Q&HU1r9UL*`nGQAU2>ciYX7!jl<<kSXvi=v*s
zN{aXOC7*k^MdTFoDC(#Q4}7YN%<-u2DHrkgL}!eZss;<}H+M~ew!zp$hPvU9#?}n*
zhrGp<9Qz#m_|8z-i_PeMCnA;Ez2D~UW%8+Hv6URtSa02pqYNpN$rh#5B}16*i?j5{
zqDNLqFK*%s86V?!w>o)Cu|Bqy9;bKK0*(DwQaVe#h)(xq>CyLv_fF5#Ee8i<r>m>W
zEr6TSOx=n#EvF(-7jBeh$)_cp2uPQa2v(0$fXyZ|TU8Ult(&V(YqHQUW?;c7L>Ah9
zL>4-;V}ms<Hy4h`Ffz|Jae)%m?IYIX$Fj!kn|%;+)taOCa_8}E+x4l`nU)!=_OOb+
z1K{@kOgr^M5;bycU|`{7Em+pGL9f6>d4P-tfUn<5{PjHq=PbVkpCJyV0W&DUoio&@
zwNwpHn<|u>z>SgHBAQ&Q#<^2gLmFl*?iSoFZ(fBMtB^bOF#XsBkgH}_ziP2Gfr5+2
z$OsmNm#(jV<tqk1{>=o6^ijB__u~Z7Zo$bp-sR<_vS^W}?!FNSvf||?0p%5nFW=^9
zzI=c{7Blg281E6s&4^v6HfVy}E=`{;^G<MeN9A`0Om;-9Ln6Cx=C-{97?QqE-JBFQ
znicsw5I<c{`CDdxogKSnDC^i*k#lhvV{0Nr)s%#FQR;UZjL7+@veDK?Z&{b`#Z>w*
zSyYNgV8l4eFhYVtZHPh02yo)`$*-z=mx8<fzb>&O&>w!vX+reJb=*@A2d5SmQB{#l
zh1)+ZC9sv-!ktNLFi8XokJ%@<@Tw9D0S(Shcj_ya-BQQb_x@TX*-?Xg`z}|lKec0K
zuXFMp&725hY*nn>JE$--i6-rMyC0&?Z5zxJx^!zt4i!Z*tYhCc0tKS4eTzt>>qTE9
z%8N*szL`EWM3I0C0f*?u$fZ;;AG<6R14}+dBrpESXo(q2GR{&&0*L^YSmPB%-Xqd)
zq8B7>T~TdEZKmBkC)f^9!^-(fNSSD$=P$mi9Z`Dz`55oml&<wGd>c*(JcO?-#q%~l
zg+J1j0l;0j*3;A7ZW&RlufhVMyO&U{)gW=6t*EEd+ouv5N<@53b_R7fja??+)G_<W
zi^R@RBRH;fllI%<Blv>3Iie&*L~tXqpu);JvDuWS=HagC{4K(Z{Vruq8MBwzwKFbf
zFV#Hw8I}MYIhzwR5NtTm<KWGM?|=kQGhWk1&dCr8%d38^gR@UzK<3=>?AD4H4!S;%
zk>IFj=p$)@3pR*1;k(dKGtO7=vNIc2X{4}B!$?jVJ0AXI7kahxr?FNEZb@^WXo=d_
zq71FJWzyqV;d0}fn+yKsDW=V^Dl>_B4*9H<digQ>ONi2KFt53v1k}z!d`oxD^c4;h
zJS}dMP2zs8!>K|ns=~xDTF*##+WOb(%-iMzch@<{W8lSi-%u_prrrv|Y0#9Hw|Pg;
zDU>|#Si0Ve;nX;cTG2F>3m2z%%o-O;lpRv#mKVj)+Q!PxD~ReSQ6kohD)7oqQ_D%0
zNqkSy3-kNBR5_WE4s>WM{fAg$4O_=fvS{Q&R2<8^u!va~V-bO5Nat4VQ^+IwA6W4Z
zUGP$Gv#s1GeK`6$_O-xKv$Av>WYe8#UIBEu!SjryjgBNXzvF$pD+SUT`xp=A031c_
zgJx1G$HVR3vESaIk>2WaHzGQl<Qn=9Ipt^3oj|V?4x{^EUSh%Nu;1M;^8!=nP?#29
zn&s_$k@=gKc}u(`=8$ye!JCHX>6Mn{RQ>+<W8`ub!ObBuUN9P6;dde%_f>}b`J?4p
zG9t_Jgv)28+uNhVpB4;cR~@8g^8N3_(;@K7ujE2X{9|$S=S1`p^y&mo;TsbGg^{i`
z@Rk+@{=V^-*xxy}a-Gv$ub=Q-`a}9EBj;ejkO|_fVlfnQ!Ll^nNouc0-(ZR(<G23;
zgQK0Sc%jUL6Id1H#KR%*7+2U;f9Q_h3uDIfshHr<$5dhCN1ruXT^4KlfZLc-qPBpD
zyPs~j$F<(+s^A1*L@~r-Wi7HJP5I>4Xc<S3*==i+t4o0-S`=Zc_poh#VROLN?1)4C
z_YLXK%Bi+>LIkNzphb_Ni?hA@RDF4)`t{>$ql;x6Lmn56DuRE?R@)r&#rdBI$DmWJ
zzDRHwrex-kivLz$$>c0!ph`-Ld@|V>)l!e?9A$$zZ{Y9f+l9Iz`)Vb{u3Ew_-zLpw
zgPr02cEj2$*R#uz)k;ZxF_-tV4PQ0hn=3z6UdF_6{t54DDmWfc4d#4EAjSYW{9Be&
zpN32|WGO}%$t*>XJMAyZ<9(-|W`X{$>x<eQ43`~J?L4KAFA>1|n9}iol{w&_<`>g0
zlNdpcP$CRa$m-6ypj$7^V=(8@JiAup)-qzE=o@~S2XpEYKY&$1+?lb~9(RNTx8{A_
zBm$Eksvwwf=)!rvGS#%}(5#3?VjE$rLYVTQTeaFqmo%CDI`pZNouP|@&tM6vvjAlg
zOH-uqn1X@@2Zoz1EuD59VCUhzfKM8un|84pJpJ*d#!~;4kX1CZw{;t8FlU`V`2q2V
zna=4r9xM%1p}=hP*xOrN+x_Oi+X129*C2_%#m|^FooE?9ohKwL2V2@sI+Xa#(ql+l
zSPrk>j&O`TY-YXbQti;=10t@&OCHs=>Zd~<%y<L{{C4zFGJ*oq8N_&jK5;AkNTSS(
zyV9L~8=|iTe3|xDArg!uoAC;7Co?)eH!<^CCN&(%b37gMXECho#l=hrw<6eTHU~Oo
zFdW%xY`*_H6^A*`9@WtsNu!OY<0jIXhyIS|Yz3tU<n6Sg-9f97=15{@l6<=W%^Kzb
z{EMFYYand?z%alI)Q*2Y*8kdpLod$V0ahw}59b5pS+Op<!6j|L$%8@h4JP?!N{%!(
zDXC?`^YK8p%3H0JAI9G&^q$GHe*~j_o8<QH-nSwmF!VA0)Kpqa@K4c>5x%%&OxwZ@
zV|-T0WQHXtvw)ackhu)CdkSbq5r_sUm)lK(+$X-lm>s?pFuG{`YQF}{x(L&Y`4qcD
zRi!`<s7k<|l$pymSwuT3Tuf`Hqk~m(%B%Krf0lSzk_^A9z$^1}6l17uowM4C!f8|Z
z%F5K{mCqwNZK_3DxYx{6Y9}YtV@I>jukj2^u4}AeoOv`rK$9-y`MUWmiON2w6ocGs
zzJT{w?Q8*^#6FR{Sio!&J#TS;1o5qr!t4bT9SIA7dZrh=hZ3iuL<!+RgpAN6Vk!<A
zmCJsGr`Qe$x#mdlOV7dH<yu4%&*os&kZ=(kChaJ|=|5=aa=*kJ33JkeMlzze?{`8!
z00VT|znBd7jefPiYHHf#zl0!w4bBI`U;?%gx22w{*vo{Rgd<<{aEVz0eh-sXRZh@`
z{MwAxX<<kd8>Mqz<CGLh#GiYK?xIi*JWZtrq<=OQ_*SvhsN9wZo?>q5Ac0IHnW)pm
zv)i>e(g}p1kTXD)#D-5|JgB|R`5yRptS6vby3|N!@bW#83V*fxsQ$xG6r7CZg?*R0
zC9r1G!g%6!tRzp10(2;AnQNq{QvU}<E5nFU2&(WVM5S~t*5vQV$Tr+iHIs5)DzyG0
z^GK9pcZF`YR8Ol^_cK@^BcPiyzn~I<P38FXHm!rv;-A#vul_6X=cNh`R1?RU`S7`R
zv;q+QKV;|IPWkcpId6VAVlN0)E+_q7Qgmk}LT>a&NbHiDOYcl<EH_Evl`fdZ)Vyj_
zL@0;$h-@3G&a%fo%cMZ^Y~)YRG+!E+e}9OM@t3lUoAA5K7W=1MsfvX@+U<<lpAhJ>
ziKD_9SU^xf^P&8Fop^9KHws@DXoINZ;Gm(y`i~-!3MnU~c61)md>YQf=h3y<_~wKD
zB}-*03oaUuMIvhBAYtZa{w5Fw!|-JU#vcpv4{D?6xtK>CsH&s4p1KdNjU;-<fc$s!
z4~Lt_>4dxr64xt`B-q}KqxS@mdiGBwmpT3bLMKpINM6`RTMoIgj%49_rBbbrK4RCP
zzp1rS&dIgmEL?nY2(J1&?s(ugvjBHqa^k_MW<C}Y{P-3`iIR`j3ooBvFXTM2Be)Xi
z=63`CM!%dB_a)vaT9P(0qAslB-=slsjRRM0!eF6x6aqAnX@=Pe{%CSlGy4g-JJc6(
za=v`jzMn6}vA<xE$oPQz){StgyvmBWVE*YVp~jlUr|z%wdegY6X*qmQD(D>A17~UK
zm*5moFo#Qhn*~63HR`>jg=K5Y<M_MO`(gZ>0>@*!;=N7M#D<w6$QxL)H-aRK9{|{2
z5_?1*%IJ8uaMQj>C{K?oAqz8^e5a?;5_S$r<)NqG=ZAg*L*oq7Y|{yYNCuTh?nZ`y
zN1rd9flfC%odab>f&XmG*C!k1>O+_pw~rqG*L*T5>=Eeo-&x<QB{_68f}x)yFsdHr
z%?_J=qPvoe|J~izhcF;Ba8zkhz`r+;I3;&-_cx8<Ll(RXA`Rn#^zv(tD0DKly5ha<
z#w_!WLBV~5SW^Y6rbOKZiids0l@Lkdt@4j-8$5pKUv5FM_5W1DV_39FEs>~gE<8Re
z6<Wy9CGl4qtIE&CWa7<9sIt}14d1G~QQY{iU<$AxkXp7zePm;n#51EoU-mPK%$1jg
z$`gWibabqf_0j9geQNJ;lc&c|C^*223paI(RexJ_R-oICDuTrzOWOj!jJkk@is4~;
zMN3SNf4?W0*bSEWNhF1HN7cv{62$%qJAAh(FgzYgQApuif*5|F`62r697&dd9HMTD
z16;u6ogC}j7yrb((c|j;v*eVr81=EXg@Jg3udE|ymEfAXH=*eVIx6<v8^IZOhl5#v
zdkSW{D);c>1b3lSs-wPUYxYo36M%fOAQm0Pnz<!lLh7=d2Iocc<gNO%E@Jg3GHo^r
z+zanGbTLHTv!Xj;s|wmrfZV!7SxpzZ1T1E2dPH`zEXnX_E&imIfRIlHVtf^#T=HhL
zICE<oPW64xcXxk&IK)j8`i<=!w0MB7j&MM|#P(n9>f7+xJ`*Lc(~ISU1(PI;Ow`<5
z?i8>#$Flqa`YP2G61!Zk0=7{ind(c^@c;2gmaye%JpPwQ&fkEsv>6LhO|I{MC|F-t
ze4^hl2|^(T#jX<(b6f{!+A5E|U_mKgI>xIYlDxpb*=+$UW^kAZHJJW<cH}~WJ>~rP
zmXZp#p6W8sY*wP>b*S|!xBPr8jyvt@*CoHoiZLn1JN49tfW}sWXMKg47N^)&ni2c)
zsOppoK!69=nF2e;dgHTm`l~<1m%W>{`S}Bh7Fb$bZL-PLa}+q~T1s$#eT@iiT<2~%
z+E?Ts>xJx}6g4KYvJT}~<;U5^)cg)=ISf@+>^ZK)*6ozxkY6&ON!Fa-x1zE)<Lov$
zE%IjsX}%dksWl4kKwqq@T-HW_M%V#^{R({3*mt#K+mtm?+%a|wdr}U$_{J_rAIx0v
zw1!J-{H#+3Q%RL1vg93%jDwqERSHJxONB*yMDqB5F>sjA*3q}(#);r-kZC@?+iyRZ
z`V#FY^_8}Xe?$C_6%RD8YscMvz^a@;zq7_8&))!rP8mq=y1VDj0NPHKeW!?x0??Z=
z|4d@oL}3POTck~MTRF+xFTl^P{%2QP5FXuHqn^G(6vg$+%&PD(AL|KrY?WR)Ns;?O
zvhi-zQWXuNL2*M?4<kO$qFxn83sKav^&3@c62~NONsxYyKZD#bb^!{?4TN|$_bPGe
zk-)lw0Z6oBxa;G<+X-iWjDdFjpsT6HzSda!4(cB{k;ORr-minqNAUZTeTq>6Ia)=`
zgr@0`Oe`A<Q8OKCx)PQg;JS}@_30%$_OC=h=4*|5_ZedTXZdsxXdk9)rfol@g&GDE
z$tb>2FyR?H_85AKXQ+WO+NFD51bhw7QKXoTa7W9iqamz_kj_0b%(#Kwa`CUo{aaPE
z+kLH%Iy20OSzqX+V=*|u$+eQfG=-+$ek6A>{#V&A*5D^gFC&RY4z>HWs6iEvj3j;X
z%TfwmMn!XqO&J|Zk6QsoKD>+j?LJ1sMs+6D9yYZllfjH|>IrbNnZK0T+O?DE>T*-L
zph(E;)^t0rP$xy0gsgFKxVdwkoR6G*UCD5if3RQZTEDdX>w!}~!0FHkOBqafHcE`d
zJQsWLcT(5SGxrYeoI(5>Sc{y}s;F5|W%i0ss~4qc5obNexGF|}hT)yPW4S!xi)BF2
z1Abgy#OB;(+KlQY<PJXkHs5h$Hu$OmLi9zQMumTnZ(YH`1hg&n`d7jBSF_EGf3{hN
zNw<nCsu*j^-+kIJ5X8ePJ%oDo&%sT<a(#uimF?&8?vojnC|4439O$hKpDc=>J;IEe
z*^Up3g2SIVf-%Tg=D(p>Wg(DB&;6=Ll)z)0eMyiu?SFYs(D*9=|8%mX=zLu?Xrr(o
z(z#h0kq&VrZsOZojzj19LxOY2caAHk`-W3|fa;QdMSyg8RHVS#Ai`2*--z;T+=Z14
zRmv}E{=gCtYC*kUP{l)gQV_6~w$V^~^^f>(ePSv1_eR@V|AY&ilh7r3<*3t3$*hZ8
zODDr44RTJ${~%Wx45Gcb_ko|sc=e*nNQ~xCJ)*Ucts41~?}`sfaiDBmS^q+(u*5B1
zHQfFFvyNGJ8%0i2e=$^2N^A&etqC0Ls@Lj}mMlSTb^{%Bcn977KehzQ)OL5z*H`dp
zP;K7;n{MpmNjL?QQRq~9FL3FebdcR}H$M%yy9|p;yY1zqZ1=i<!=q8(Li25=2$PGs
zy;)x<I9OE0$?AG-Rfu+BD)`0REk6^9<D?~AdG5S5$eK$o%gVpzSC0*G$EE6)IeRpW
zw+b6fS)_^h8i}4$^uB$`@ak371OT|4Z^p*U$`mz1O(s&_j*uxF$@ep|3?btlk&FD0
zK$h-8I$b8yT-yhW$J*3vOAe~pt^Dk}5T$3JGd2q<-I|N)^$_v+1b>3i#^o`sWAv??
zG5FKvA?KUFKee!H)Z?`S3>uWtx6is=#G8}{ml-Wt6oMfH1E1cb^9lmXL*E~BkhtEw
zWM=#aeoPt41K1yMcDZG>4nDj`SSzEvIO&Vu0q2OofV=zTj!6W^WD}_M(Kym9h28ck
zk0Zr<jV7Itq*Kxnv?ZLn4`Fw!f)7nQ|GG--_N3phXMHfCB-qDH)08Z<O1)Trbi1(V
zf(E6(TmjyVL?e;kPzZ`)|7$hE#!C9FODf@HoMIvFIc!I^N$wdSyHk0H7M)9fF+KXL
zKJ~-SBGyctt0>j?vvITuoqZ%JimLZQeQySbMN;#=@DrJVM^)V2_p~}#RXJN~?vTP)
za?h6!u(HSMqIIUvw7f<>dm+oYkjEMTlk`e=X#tPJN5YH)HTa(HB%XKssES7ZfGCQW
z_eSG^`9GM5XnHwklgG@0;J4J3BC{zfGnqwuv_Q<IEO4P(x2+Jk8JrCF0T1o}k2n9A
z6jTMrPA@>b{+?YSCl_<O*3;aR6~Fh_sxYB;*eSY0$5TxJU@G@sakH-%#RK-wf8<H>
z)3C)oNYMfG3#<uk-h1=U4DOm9ps{r}bW}wRrE3VmB_!u^hMMKUEI(;@zn8XOQDUt|
zD6?3LH&LAHg&73H5Vj<Q*LKc&fw@Sby~6abrrSDojPqbp@25e$_gSaxik%ZizO3vt
z2Y^LtV%aORp%r2RO0}Qz`gEE>=fdZ7C3pSDdg@VeB`ZFC^_nrWbmd`u1%#{sY+wHj
zB5{8>I~LmJ%0o4wNp+HRyMxSjpQR3JJ6k>;c@AGTean_^-`GiTMBB+d3`+hh1#}%7
zJFhX=FrjShdW&d>ltTp`mWZg_xqtviEMoD+#xDn=ZyTOoA41bu{zn@{hrO|*OKM|h
zoWicDN@a?K_<KrA)145Iw=IHtWwM5<>qSDG%@C(5Yh1+~J^?^UUOMH0!72!Zt+7#~
zazs>%K*AI9j?I{i(ruXQ(-<q2Nx^h1cX#2&A0O+1HD9;y2XO!&+*c|oky@uXAA_y+
zRSN_$O(mhfNu<ihxJb<MkmmRO{lQ67Ckc)enLJ`qr5`<U$qRZVk{w9~jE^y$G0H>m
zUhFxI31n@o{uboUm2C@ua&reWg^TOK7mD`^9MI>R<qVhN86@IwqfKptoGjyYs-f3_
zR{1!pUuzhkey7e$Px)Wtp|SNbar~1z?fb1NSH5}2r`bnN7k*bM1*gPs8X2Hi&^6`6
zx$GvOAstPDGBe#3)Y!wQMrUkOF_;7LS+?_hy(Y*K(EcdBSKe;4lAsOkRh<3SCwGAv
zovPEy8Oa~Uwhlkwsn3bs>rv(s=M=Vpzpks&5B(PIJQDORlFnVRIa?u&{RHb{cz9qo
ztCURIuAu)EnMg)9YjOX7I;w&j^q@;B=nlD?N=<NgIPRK)<I&0DiH>U+#rKlfbv5Nb
z-7x}!=ZfH;^$oP|$fD0pA<s6yy8tgJ!*Q}piF3}}Eq-q>2gDtlKmTT|q~haH(2-+f
z)`JqsZRFb44BO|maQhD4;-bP*L@a<EEBS0~8SMs?iCwZfGS({H8B+1CxTEa0ywWbi
z2FM^yIpk;e4XKaZ58?>8pE}Km$;?|zp&&fh|0678F!zv-2oHP%6W}#lzsY=vtACLe
z2rus_=)2eq3@lZ%X)7kC2kN|e`>(Q8CMICRyswRdB4U<ALrrJGrbG2N`ix<%D_9Hm
z=)gL+Tn2P#l@7JicFN@{vPmPwD&!o6A|Q<c3R4j3!k}i`*o2IHeFwdQk`s3YS$mp%
z%J&{(elke|(sb6J^m!6>DjM4o91sWm1%?33#}kCT2pxG`&GqkUO-qGVIdtv*IYSZr
z12box3$Zha->l$l7D(vkmUu0L4~gBc*9($0=8Rwe&k(>jXd)i1yFfeF|AO#qEubmL
zIm&l0g5p1mCS%yRlN9LrIw>$4N$l*pz~D-}82GMBzX_ibeP-CuY`$LLSkSNz;`LYG
zN+Pc*p}PaX^)&9>szTq%{tzoC6wg)mGPisEzU5M1p!P4`WdLIWg2eNDwOl+YG`r&}
z#g4y4_d>Yx@JV+Qkne*;B2a&mWc(`+`uR7VuL&Z8*m8`Wy(tRK1THjJCb!gSu7k!O
z67oXsNogT}_aFXdl#5I7p*HFr3A3cSeBJatN}8|fcve|vO|IVj)$lj%bH9%u2;bn(
zU%4H<%}{UAWSur>vj(%M&NSfazqfM{oe9=I@g);##`2ClKb19|Zx21KqAfnH&*IBK
z!G(qD%%Jk{TGz5H842;1=MrsPf9!~ytC9Br{^3{&^Z9~~P%B^Vk()&oR6NjxbZKka
z5vdSNB}8f3SWN~RbYZDUC)N>z{#Qb5*(b~8%VTNKA)3x^TNq2k9sHY5QA8-!1$CGH
z&_RVp9u#Z8aWw!eCX0CFM-kOpL3+uhfcFy^G?c`%_J)=5Hi(n16TK#Y2>F7wY}M!y
zGze|uZklc8YedgmLnUp-`R$%SvP~Iv@I~{e#ezJZ`i_1mTHYTB=uC$lcPg&2idp?T
zs^r%X$)!IJTkvYiMD777!V`z8$`HTL%$z;;jOzE4_nEK?=7Dn1+sh@F1;XNx$!XE}
z-E@T+v;<%BI1G0$_stmimwl|*kJq<kOA0m=wXaz0k#b!{Tr)UEz(quXzoVnvEH}5E
z%YyzauYSyg)<Fmr=a5R%X3arX4qH;+AYvA~$<C^_3c||<jc<_t93V;kKIC*_%#<A;
z&G!hEp{ZXMSxV^^DXD+g(fQ0CPED1_-3_JU2=wL4+8@9X=X`?lNJ*z$%NP2AN@Iq!
zeu%4^0)-?gl6V8UqhQ;IrGAdh;8kj;JNgT3F<!W?q(gnHz_-~wu`k;u3h`yl&K^(_
zL$N8k)0;_Ht;#wTArGfsujC)W0-~AAne9#=Xg+1fN8J$kcF3XLBa_t6fNtWdEhg}R
z$v<nl<CJBen+Ue1avuyF+1r&ES<{)=ye@c$q>ssm2Y>DralMJu&G+iR82s%%a$O8S
zffam}R&Y>*q}&KUb}jFTG4#|$>6a%`>Ou*=ou6Z2@|;>V>8~Shmn4PZidAke^l1uF
z^ic|^(+Hy2MLbA-6;NKgzA={&xS9$8!XBxj|J9gL5b{5&4HTl`kXs5XAIJwK^mLQy
z@s?G{dOO$fP!aXPlC!F%C}0>fF|<!dt7}0+op=>y*Nah+!xtyh6j1r0jQC}I6k$|0
zHm_n&S{@|x1e^Db7B+hHty;S5`bKgRLci17ARY_h7|F?@9g~1l2I3RO_EP$_m*j8W
zp>}!9)kyra`96<w@}Q113XI<Zk$3Zf#(r6xCfHe&=;}WbwcELm&ud3e&t5+wym!s|
z&#ZX(kq4D*1;Rlj$U}@rW?jYOEY@veJI$HR(3Yt3gOAK@aEO8Rw2UKBjQGO$+@T+)
z{UdyU$%*}Oy(?$nA%=1SdvPx#zPLqKu0wIbv;44$d!zXF74p~}pYG6)qZ<s`AciKT
zm>D7ke$_5>s?B+s75(bhog@#4k0h{7c|`7VD1qLGjd}l5fGuK?`Hwx?VrcNnSzu<&
zwg$bh#YR(TkxC>5i@2;j$|R&ZK?Q{;Ax!|GR^Wxn#GeFF3{7p|BRURw7)iWp7Lnn)
z0W%YbJ)8Mj99t%mk2O<aj%<*Ij-R8i^`MaYIN%gtD^F+MXEeKmb=!!Oy>FK&IzC0U
z5KbyJ^QM^W=p$U)5SDFYso48}9MP}wF51t~w>Q*lA4RL4M&<DA%;ErjuQq`kC46jQ
z3%O|%RmYr8k04kF*#EZFh7kWjZGaRa5n*j{jXqv))Qz>3_9<s>l;aVoe|*OFOIi@p
zh*6!XOu)CxeKlB;XBZ<YLCN$qdBVg<(5vtpHb%7>9KY;7$$D0-6Qnc8(&O=u$=mRh
zV1PSE0i@c|_=EIhF2ab_9kC|#tfY>@C^t3`r0X_nSXe%=cjRIHt9JUR$ZX;aKS|}p
zjZ-K#IE)xIHv)0jMn?FrT|ur~zGBZ#m(e!#@O7wSwxCuSMA1~A)+3~n?sekNDiD$t
zXYwa#F{#I%Zk52TYVm{N&k9BYpL&IWARL@BOZk%@4B`0j4Mwv=4TJ6+7)rhX4~lwE
znb`p(vz?0Aefy3Nn2PWZFz>hXGE<(>9+gqL#t~G9MKX2vN&*v0bYV%t16k=^VTk{3
zcI!jr`urL-2P?!zpiIc>2{~b`_w)6@i(@uOOYR5qd)Q4icv%gY1C>|{(t3b)5`%w^
zJgbi#^-(1=^DmDtcz6Bn2)pc$v;Fh8!4Jy2YF0%aCDE0ul8kuBAdYGZB)=~68Ht9c
zEIA=@rG^OmsG<}tZum~W_yj_U1n4p|Cx|1QiU^0+VT1Qyq2XRL90(VTW(N6&X^?d?
zoZ<2-EXl^8<C8-JC%KDH`n-@eFGfJ;d)G*(l5LewZ{jFrqmHsrWv40Z>lwnwr(%`6
zeFl1uPg#UkC%=GFzv(biW!LBZbqGUAc4D(*D1LN^XTKPyh_)(EyuO|VL)M~I{qdUl
z(;1!qd@RbvAMZMchsIKbe=-`UKO5!L-d#W`0)e#wny_e+7pOp6;#9rp$7&Heahi3C
zqjQhy4xK~4j?xP~hwW_R`rsOM10&>61-ZpEurs0Jx-rxa!^Y_HVxeV*Qt>|vlKJdS
zFHg{ySUHqw_J8hsim>BcY<qb4qvP6XVCc`T_*QRWiS>Zn&@jDoM#JzNcw4ue6=G99
zhFcG^-0=(F0zc?}RAI3tKoHc>yAwfoQ1bzH7$zn_D;R(AWqBQb7%3fDL@dVg8#0NR
zt%CTE!Fu}f*-0{9jUjmVBUMTt??upA_5VYp<PrH{v<4zjAQ~hekHgqmm7ot3rarur
zYDCDp3VdD3(3|02;Wek~P;ooXH7pi#ql!Ct=I4|}sFBm)R2Pp;!D6o*!KSY@Mvoa#
zwN|fzbuxT~lsd3I@38P&PIyh>hB@u4j-z0=6eST^OKH>JpmUPkynU@4%KIGx)}X$p
z%gUF7*t&uZ3xC<sWIeU%mZMpz^m3>-K3Bm1F~R;Z!J@wrg$aSclz$qgJy6mFyMvHt
zcB;a{&Khb<Feb)=Q8x5x&UgPGZ{Hn=<<~x5q_UIMl0+ngknNF~tg=T|NXW>Z&s_>h
z2wB;ClPx<L*(+p+Y>&NpJiq&XH06DNpU?Y#-_Jj%r*mKD+Sj?xb<XYF3W5mA9tGC-
zFV__4pKlb&M9(A2ZCKv*T)~)>NHp}1I6i=>sS}VAt4n6Sg}3UwvdY*{>T_+!dPR|S
z_-h|xhgM~l%1H`4?iTkfoT8g20|*=GD1WTxm!c~^G;?b@P<7l{Ox_i@)MMNxTaHu-
zW}y6-f{ciP=ALq4#s^3=;j-7%vv0q={or!!99g~S6NhNln0we4H0hY`(Wh6*zMZqK
zf!DiJko|DyXr~W4@0Bf7p4E87?!*&#E-;Sc_M|`Jj3-oBbbSrfsbOitG9<R-2ZH+3
z1dC@~^si}%wDx~o_LjRJD26@fxNK1pqDSNM<jh!H>$GN0xdmCqOG&GQimQrng1Yy#
zFWBJ3bT{XUXmLQd#^1b2aQ%+?XOZ`qv^e^&CwZ$q3j=egN5H=#zpk&rOfqL(3HN&{
zP4a^|DuDZg$b02$cb?Vs7#*&?w0fu|Bt8-ubCip|oK63|_s~O4F3EwMqzm=wIA<Hh
z*G$~RFG<q|l&Qr(OnroOlY5M#ohrD26wPh=+MS1ko>|-FS!QX!ybXPPtp7+o>thGi
zjN=|jTv*+VH&lDC!Sza%$F_PfY>2=4Cjj1f%Y?^ySgTI@#2EuBb;i8YRrnXmMvCW#
z3qlk6l2%4?8NG}Nrm*DVW33vmk(|GSnrC^I7A_vFK|OeRv?|utS;dYLzQHPqEUI+e
zdw=7T&Ty%VlO+Fz66O~)O~q-#_R_{8#n(lx1LH2oiawQB%f)Yvc>1Bz5u7ad-hcSY
zXf15lqI`1Dy+*b0Q_z*A(WAkETcgQ(>k3HfAXABuzKE0D7Mz5NWD&|np#{moTC^tx
zUmZ3c{$NHoKDSV$W{0L+kM)*J^M=6H;}3?3D^oBieUd&nV{?Y(CCT_;8|7qNzA5=A
z2;=S{<KZ8N+|>XUUr6o(c<=mET$j-*J)!0|FU{)Qk1li{9g-0`h7#?}F$};heEYI-
z6l=(G8Ba%_C~YU94~Eg+U(9gX?V6P6$F&_f;lO_3JZgDT*UEL<8NmO}tF5&J`$C`u
zCSalozQ(B#I>4}864%Gfm4P4@`>2YGGevL9K{cIX+kYHzswdUBtWaas;he2pRl<?J
z`O5SCG+h>daeGbopu=)=3Ja&lbN#b}G;TLC3MA0?0%S`I5%LYuu(J=*ocl<}V)!O4
zi9Y4QKqUSn7o#^8ud`loj8rf4m^g<%JM%e5qT>4-1_u5WHMCjYvQ%6${j^!Fi6^)#
zhKc~@P_2}f0$En}#7xd(IC)AdX`0#ocosY35ket3f!C(D7=tV&wgbvpnj+%c?`CSK
zKdrOm9Y}Nu2prc^6EEs*i9c2_v(jYh7@+j%xm`<-I7W*}KUecKkIBxV`^wnwyLo10
zDI+^=;gQ!hGQR|Z7kSfaJT=9}(zw+f6)hwT2ow>VzA~Nmz+2k;+M>4u{{=C{US+?A
z_A4eT5ldlPQ)k!}en{Y+;c=sT=F}C?Qf;e3Ln2=f<#bLDchMgTWeuz^Z1~uHJA~_=
zZoLOEJTv|}dn54*E4#l*)r--Wa#S+-j?PhU?|q_g<@0<fC@x+#<3kmi%EJSELGQ@+
zJoYBQ-~34XWm4NZ!uPt_iDvJR3uh~dT0|axEGj{$3BAa#hG!q9p!jiv0afUy3!&EM
zDBeHHm+V(JXlic}dU80z6z*Jv$}46IG+<E+BQcV4qzu*{2(G3m;xc(dw?O^bA(Kuq
zcbtIrBPGfD>7p!FSzy=zzcu^B@_A~N(Ud?eJM<lwXQK3P2n%!_S0PJT`|KMtcU#=<
z$paS#q8Pm+ok&u>_cPB}zldO~k!gSbtAGz@K52VdGvdB~G$QocHPH3BYGb@;m+wce
z%m<{TcgJz%^(Whblv}(wC+)H}%Lhwm<O5U8@Tp{Ej{+LYQmYZI^;heT6pcN+7!xxg
zFyJqK`@RzCnLr(?P@FreUq@f7KV)o*E_zXXawzKKm3o0M2G?5oPb@1@2hXO=9o}PE
zFUnC+Sb!F{@Yv;K|B|U~4w5kH`qXoaJ2&qPJ-zcz11WX1=-5ww^+Mk3%@iJU83n3X
zdxX{n%^$NiurrI%GK+eOq@334lE}0#u*fg>tA5+X&8CrBn$%&D9s%e{E-gB7Fl=7d
zkFpfK@5fzTglGs*eM+&Rrf2hx2w=g)nk9k-oVr((@|Yq5+Il%job;&sl}|9nnROQq
z2~AS^l;g=KNa>8Kic5sjOdg1yBm&?Z$&tZ=Uc7ieUc{j1d~QhL<!By;I2ll@nzO>z
z#jVvrUUzx-rXi)7giDUM=~?QPQ!%;ZM^TeJTmCMZqEt`);2Q<G7dq;!)ozPTFikAa
z2EM#D*|18z%62sAsE?gH>&r)q99(?R)d~7|w^=f%D0Pn<8AYn%0i$QAADx`B*3obe
z=JJe|I#*MqD_l)5Mfx)JN$JbOI5ppHeLWS+a!Qxty`6cOYjT*Y%VO}9;o)bD=V06y
z6%lwEB9#6j?uP<t6^sjsuTxfz;Br#4t>>xJpP}ZMwfCmsY_U`7WKB(+=8is|#N^}9
zNflZL-f7~2^(hcwn3TJBIB)FC5|N~!`e1^zq`9+5=@Lm>NyF{%Zjw%o(0o<DwMuzd
z*5h7_Q{QfC|9S$K?YTaMi9N_oRrYQ5^KATA5G|^{^~O3=(p~&aA^99W*ZKS!#sl&C
z>`BGGx?Ihk${x78xPW*yQx|BfDje!_I`x!28PT(^K=$EKDU}v0iTi}jZC{1-lzNO#
z@E`RUwSO5`a*DrADTsz}zNsuUbWKyvz1H6OdXwnn^oPX`Me9}ceL}Ct1vN_DoY=`*
zI~fps)1rAdtKNyfH!r+F(cF8TpSCoiOV%<f<GkDV3-8%$@!zP6D^s2`plV|J)LAP9
zn32si&U{U3S5LepZD+w8VHUw)+x&S6DdMXzAV0v&9j<D@F~Oq|Jc6YYL3bm*^v!rb
z0p?TEb2qL_iP`$r_tnOg-WU@6l*xRqU89rpkSw%6{*GV;|G~#v>%&8jmySkho_$ee
zoJ^GYz>B3?LQ;NEQW$yn*w)d#U;x0I*PE<AFW`R(aKem!6!>U>J7>j0qiUs}bP)BB
zt?qns^~D^^h$~@-$o-XA?<QQlSP-?0E%$UQX-dHNt|5~(6<`crpfk>R>|;B=X3Hnr
zfS^FVm77L)oZR$f^M?(C8-|A6Jt6`GbjAzIE=avBrOX8mk=?1;v3e@vk(n9}pwB#A
zMZg<tPQ<(Li5Ln;M6tAlDxEXGZT*!a#)a}uHJ5O}=c?k1OsAN4)}Nm0YW{g7d>J3X
zrzycpdB&jlGCt7Eh!nB+&IRxi`qiDpQ`i$`m?-jmCMu53mASoq7!k=SAqfwron|BO
zIYnmTPAQEidsjIZ*t-bX9)rw8S0&dAGX{adso183$5H!&deJfY1o1ZW2)h}>)#d=h
zv2>Trqiah?7<-TI-Ig+pEu8D6e9{D5G<+nM?CgJk*n!t(wbkkKPCLG}dehUp5$e+z
ztJ_^zXD-u)SSMslU)XiU#f|#lbM5}Hrt%>)Wk8brD&ymtw};LgJJL#DxBLeDOqb@G
zFhdx%%rse^iE`GhXIs*^4;MgyAG_?h-6sS`1CF#tKO(!@ACEEFdI+|=VS}1_WMgfj
zaU(qK;m*^N=<*V|u-IGe*a0DPtN|`J-zNA^6Q>)!(9}+=cq_uQlb~xiR&>(P96(R_
z3~xowd^l-%?$yoi5r)wsi8}*dB9x1Yy63+p=`v-urx+h!Gf-h+^!<4>k$LK*VTqpz
z4|{VZUV|LM%FbaFtF7ySf+bHW-`5kz!S@`#9L=TI+Rda~q0*7x-62H1ajmW(l4W(m
ze3r>@bnjgvV=^)TQ&$D=CFZ>^Dfc|=9^v29pmy0H>rT4z;)riqznrG6b@daKLu8mg
zY;MqW=AL$m-zhGTu!?r_EiOKOpI%W-Wx}AQSp16BAO^`x3<{bSJ3;SKnk|;x^myyQ
zPsnt9!4%I*_2jtp`32QA*7U{e^ewZrQDm`Ur*VJ^xxwdjr-^XxD%YdG*&u0%6}WUy
zrQQ=$Zt!ZNp(Y*Ht>t_%_6G0gp0-c@*rg2z&f9k!dUsf*{>NqH=hRr^O6)Gtn>`3~
z&COP*KYONviwgWqRv5F(dcDmHK}xzLRcm-rrQ*b^Xq9T*nf?n6%6KhRC$Spz4S<Vk
zgt~mS<m1kGRJ!pG#-gT;wYB}jR=~A2;X8^KiYd#C7A}e(h9f2MxHXhH_RhcRu$Az2
zRXAQ^rVPKn*VV->RvM4r#wU3q)A+@UD`SQM;6^1fg&Z%{?Z-M(SjNrhRA$^60<WA`
zVSy=bA3Ee|=@wHJQ-Rwa+x?O+FP@!{RNQ0@ymdNj=c2qYX%0zWmo?|<ON{PeQ%XU;
zl%)0dWvH(_UX(wQhVrtzLPYXN1IY}YWxI{*kLygDomompJuVC~S2I@vuZEC1LU+Vc
zp{?YG2GhkB_7BN+1G}q)o{m45$=St!#H=aNfA);QFtDX{We#7~%#=leRorUxtvRt)
zvRQy~Fi%Naz!Aj4cw!LjRBeoXY;g!v2Zz8)II~#S$FCfzDN&cV)l|H$){wqQQW_O7
z%;8xuNu(XicvqQg9eG`OBd*bAC%)lXvhoFgb{-GDDI9|UDwDIxcJ_XpV?=U>hq)<v
zmFwnV(>VZ=4+r-pHC%&;&q3n}EBbgIKTrEfmWz|Z*%PPyW4a>}IZ`Yuw=6WVQnK-=
z`^g(8KeOtFl)oi+!>ajFM@6d%Yrj-Jc?z5gZstj1)ev>4`&{N2owBA>EENw_x4L90
zA7V~P<kdTp)e4hMwmn^LQ&uKTZ2SPQd{3HlQo5q|ZpqEi)T3){N79<|s0gLs#*9gK
zM`=2`JqRUvt|;zpB=snhe<t1l{^oJsyB}l|u<t#vth?3Q55Bz+>_-B=Ue|Cm`Y>7l
zSx0Mw4-qiGXBk?zw%N06vwCxK$c#4@MH!VWG@LJ^rM#O4zN>u?P<&;O)%%LBfPo__
ziTp8@S}tkI8}Qsj<_cqFttM(rBkf3+`;XVv46@E_-OlzCU}ta6=0}F9ZYeKL9j>U~
zc|=j*B@ceugZy)ZPBgN0Se74$L6my*sf4rU?b&!=`;%Q+q=vF<DwmFJn6nw^+J{z@
zWRy?yJ|Rs8hKFw9v1us#;_SUmi>(xQQpNWc#*0rG>8w|a&XL+*3Z4p{a0$8c0{oN=
zAMZ(_9cj7F3eEd2q{$cdJ|feocUi9P){9Tj8ypy~!LuBLgtyu@g&u>q=vv-BR#azB
zttku@{hU+{(<HSACNslZ3c9DxklNK*V<mk7&=)p_S7In&;NF%HeB67#HrfTlsJ*P;
zwt-~?Tj#;#Ovmt>?$al3RA4Cl*j!7K7k+$8>132!jq0fzjHFRVk6pGkGvK5>OG*@M
zs2Wc;Trb4AYkNU@Yt*^ZbXRUb$yS=PzK!i&TnGC)7KV=e+XDP#d-`;yD<gnxp)ym)
z_GB6Xw%T@#krY0SzP`NT(5iy!ab4!e$J6xjQ4j73dCVB8?wuoxzE@MiFjkciY^d+M
zYM7HRNN;L5<a<H%+~`q{rbGdy+M;N#MR}4m{hwc%5IwD?bn>?B+#E2tvuf$=2MR0I
z{MA&dMvaDh0r1=qxGw-F!0}W}4=@&C$;o~lcm~d<(dcIUVUpo)-lxPj#r(`?bK8uk
zERf8R(zTb;A4YO=ok9r}FDHyE-n-s{TshQmpL$SD<cOt4&)$c3;*Y6Zm(=cI#IC!4
zwtt*nvenl^_-OhJnPN#Mp=+_s+oQ57h@c{3mFu`dz_$--opWH(%b|&Kc^U2g_SF)e
z!||3{S;8mf9Rss3om{UVGUo}aamH+H1Z~{TEQO9UP2Q%R>d7j4SBgq^v@;bsCT39L
zFCCjN)^l0rbC?OO5O`y4jdHLNKYg#S?b&fGQ`+KB$tkz5^2$*7TTfsv(l5D&Ccm<m
zCgTJ|M*0=2lbt;AKFKszj*V}KpU;pvl<0i2x~t0jlY+)^MVwtcZptTlHAIp$7Zr*#
zy7s;TWx<-pLHo8V_(*Pzp-m%OKP$~(*zwLH-6tykq?cP%g0lIBH3;;awbNOD9GMk<
zZaw4wc#_S{^FvV^TOk)8C5+r1$ZOUX=FPfVs~@#Rb+gXBGq5^RY%QYidM4bDXy_&z
z_MNF%ZHwbd6JmU0&s(R9rtj|UafInuUwzW~jwY%ZQCw{Mnl8!2uf&$lHYvgWN%nOr
zdNb9)J72zHrCR=+bi?qiuVNo(*A28(8MUvmAZV#A52L09e9wx9F54{9H@2D_jjIr`
zNm}_79XeHQg=-kn&|FjTBL1P~Yy8h8I?*Oo>pm)oZqi=#=U&=735*|Mr&V7%%w+2N
zs9PaV1;N2|qN#ekDK$l~@UlfODMiy2fbBYl@uQzC^x`vJ#r}9)SIJSu!>-1N5M%-9
z{h;>cb2Wb$1=liV{MKXJ=V`}`7Z=2>J9oBr2-O$fUSuEP7h&9(xgvxPfGHPu(rBC|
zrj5rJS3dT=$*Vo1(<qu7LC29&lrKte(pOTCb!%tD5rYBzV&%7^y__%jqL)3|)ylxz
z$M^>Nhr;i!>lhB7p4m+^<lh3gFO=cTp_B(Gth-IV_C%wuyf9NTSgJ6N!AZj487Ngc
zt9a^@oVl!GSb*)Vivw!0zUNfuBI*(eFA)hMB~hgkhO_S5elL-_9SSBVM+T2ggw5G$
zhIO2m-CQi!iU=<sk7TBP3zJ!1<o{fixvEt%+M8EE=tIA{jelkdz9}0DASO0fbh_;A
znqp+lqSshb!!qyC)WeZ3Z&wv!2b2k}Qg3*-(S?l=U!^Xer-)r>kmYrr(LXZ8TI6qY
z+WxC|+u-NLjPi(#Mnu!9qM25|=D^)za^>;+Z)O_|OHdReuJF_EZC?r%Y1aq8xV3cc
zUMjB`!r!#rsb2qUR?CWF5a64+oxRfVaa5~ye(6;cCrl`({4Q$3Q{8!t1&)ebTS{i|
zDd(HX%jvFdiQ2v3%}4hL-(D!eM@x8i-jSMNXQ@MG$PT{;mSut8Bk|7drd&}i(kyNi
zx!&EGy3LZg#XFyADo}Q6*O~gAO?S6#GvQX|MY5rfI8!e4x>v4nbOW!Z#gw+=)I}n#
z@a=cjsxk}RoH~QBGN^op)VEPjnc7Cq3PqZa_`ui?0TuArNOLFQBqZU$38O{)XtJRb
zMwIWUtb*rotMf`ri%RY7Z9BEr$EQUNb^;2R-G{pf;DyC)KqUzK>T2+{gc!MHVoh*t
zq*dyeKfIE%JZlkPfLE4JH(<bqeSjOtiSivE{RKPjVfStZ9!f5L(>4b?-ca{~Ye);Z
zSDZFGtF;@l0CID}05({L+MWq2Xc_4%FNdS%5aokq$OWxP<iLyOs3D#F%mAeJ8Yjis
zyUsp+n?>Rpi2`)vQ|r%Eo%*JU36`<TnRm(x(kq!^2w){$nb@f>rMe)!SKL$`foxiB
zYC<6AaYrYb+nk;5#Li9IWFu4i)Mwl^0eKcrGj&(1_pez=1Ky-cSoftkx8q047QNwv
z6OJg~l`aDXQTDGD5MPzgkix7_r|S5C^|b?eNUO{_sl;()xn*&JE|C)d%kU-tiiUVp
zP<h!VP}@|FTAE#2E1y-yvI*yoP#ThkQ?gbW7th0d!M~Z?HqZQ^sy0p8$vlJ@u3P6(
zaZ;ZqF1r+Aj=kk<Ch4jL@10U-zOj+7;AtkA=hGk9Yp>g62Q<Aqo4Bp@z|_n%BVnd^
zuD<Lo(vuhFRgk$tSFh%zekBe!;bn5tr@JmGK%X4KU$bOIA}DHTY3>u~j1`wA7kL$j
zIbw>QOfNg%tUZe<uo>{V&(`47mW=%_|IQ;ISP3>nGlVEeoi88VaPM1zmAAJo(zp6(
zua+Sk^S0hJ#J=0jhixr3^zL3{h;+NVw)1#Yo`0u{cD}2F`N>9CADxq=Ky(MPtYEMb
z0Bx|69wg{AlU`jg2%4Z2k!hB8TJsG9YH4dNCDL@Db5hewnc1s=c}tmDdL6@x$7zP?
zJO3D|>SiGOxN8zY6}4J9O8pB-T3etM4hNOdIeVLLue*1r2F)KwwPeC_Z6msHO;$&@
zHmCS3x8MYw?(;35ZkPeZYUK@4Hbh%i#PxZ~L+z^@PX>n0tr^2rD>>Z+BKqYsNXqBE
zqW9uH0AuKs(V|!Mn(tX*t&&Nvvl&{NA@9qJrnSln%g%VcdpG^CyJxZ5Zf0(Uw~n!l
zm82a@zD7a8D1)RE93;U!zct!2uT_qm>T&+C>8i;HZ%_wBD7W=GyW_N2%GPAXQoE_8
zXF3YX`zSB<c882keYnS(l5u13Wj)8_F6id-uyR_2Hs$%atwIr4>I7|0Iq&3dS9_DE
z4q?Zt)l0z<+QOL`ch2@xoo7F-zx-(SC^mKOeR&Fbl6$7|Zb*4>{*0D5Ov7pVX+I^L
zcYecB1q`~OxHa<lZN6~Su#>MFvISno(r@Qn7C29td#r5@ht~@kwW|XY_>9^lsG1t)
zR@k0#CMeAt(aOCMSsv5tZlJO90nSG#i#?##Ha)C}<wMeE%RhBK;`t#;&i+Vehmzev
z|Di!5WE<+t)gfTlQQltd!-Vq1bX4UGvUVQDybFvttr+GkBx06pG;||xtdw&tGJTdU
ze8E4=+&r{S_Hbh?F}!S*S;h%Bzq&xXPu%o<8OnOA>rLoly|@3nY2?cEbV51&QK!bx
zJ91=rF`NJH>~&AG_io>Uw45td{VnJr4jak9quoGGUD#UPd8FrZDoU?&eQ9&8A9$L&
z`_4hBN4YG598UL9R{0f-j}LRk(_N`gax@3oyRm7udZ*MSjMLp|=j=ug$_cQvUEdnZ
zL5w4sWDDlYwFb)_x52x=*5^u>dMHub*5wKFE$_Fj$a~CeZhWu}fejbWV3X$#tzWg=
z6UD`C{#wDtRm<&<8soOinn2lPrkSRuG}6wwbEr^RnOSpiRhe=gRfuw&tr-A{XUN%|
zg1Eo?duvK@BZ9hs78t-n6qF3@WXY~gVj-~C!{>v%7l#GB$FqXPGnmpOo$M_?f0)nN
zHUT~J@?sDn>!|H`Muze>uiV{+%pG3_OQ3|X+JDY8^(s*3Q#LEOJwg+yWg4|Rh8hlO
z+%^{SU+09KFWp)~Tocf21a{1q*E*ZFl_!|H7ZL7#>+2pn7tecb4*(`z%*`9856f;y
z*jH9>t~-kzLgyogM>Q?SKT8yI!PZ_rE}k3j8rVp!)3jAa4%8OlJ9SzsKXu%!4=tWk
z1RN6qt*}Klj0+kp`ck6t<0E(ZsVfAgy0#NF!+-`lEI!a$rChLK#nkGxb_B7cbKdq!
zQA6jrMMlQT(t0&v$!>?ISrt%uM_@Q{eZ7>36257eXoj4s<{X)iL#_x|Q11>5NSe8a
zDl3D!?nkY7cZ1o<Y(4|bi2^Txp7Ig^WqcC_!3%#&(TN3_rd9KiR<+y2fCCttTB{w~
zpXnTD6W6h|UfNlfx!W!lWoTt1bg^E~53W`-#0e~le$LhU;7#?S%=Xl7=V&HucXfkt
zJ#wjOCWtfgJe#B$V2|t=64+UCpBC+Hrndw}1XsVbPS|2C6VAr~{gkrYLYdfoyRy}E
zsFh=H8ZX0Lxp(8ln~*z|fwCJ|qT`pZK9YUDu_$>LwJjif2rXer6(UmQT@@nk?g)+Z
z=FrLqYgGH^83tPu_tdhph)(u?JmvMFPtE-$PE&K`v7aRG`b5$l`j+y83a9Nckp8A0
zf$2+g1%OjZg>K|*n`D2-?)q}5ZF!l)S_>zoDeBSkd@mnOeS0G1r27QHxlC|@eQd&W
zdwwNS-Dw>~Ot6RzD=42IK<&+pElg$G<+Zk`b)SCZ&_LN_t?~yueKRvHxRXxQHf7I@
z4>O0h=G}4!YvcJ0t?BYND;smbO>(Kz^1z+s&3EZ@yP(EHk@A2kX!S#o)sgR<D;Wd}
z2pgOi8B3Sr)hP#S3LWN$-H}^c!^OL4G_mKj&pS_U7&GI`Zn#diIog+x)B2x>(SO1A
zAgs}(L>)$6T;3L--&0rV$1ikPD;pArk<_v{!A?Wg>*a^<mYUmUW^4i5X0EA*4xJj#
zPR9Agp~bshE}X=(i~c`c@}fLHeH73>ur6EraVM|^*KXFI-@(^@r!%kG@;Iy|Ig;{5
zISQ$vDR=&z#_F)~=I}r<VQ2dzDazUzeE7o?_p;9q^Nu=|>^=`yc$fAb7r%)6YeNC0
zlb$2eDZXT91EAhcSyv8!XsWzfb0fc2_L^PgdN(oLY|A-P?@;+pZbyM;`+`57!w${U
zU0=G>B}I<*mbSJ4zN7w5;!tQK@{);@_1IR>Kq{}}sF|i3($5VX_ubOD(-KGdi)uHI
zNwFn7roX4gk{;ZCqyFqyAqV)YHT=g9`Xs!76GJrk=%pZ$5~sxa<ah@qOH(jL!gIs-
zx%X}zGb9>u)N*v1XNWVQ;}CLMzY+(n8$?tFN_%7bqTm(mx;ViX6R<j7&{M>TKA*3g
zUer)|l^_1;_@cAID`>$-tOIVr_?Yf&9PW5Yul*vJOo}1F>J=GP*?e5>dbnUOU?WFe
zW$P^nEsv$2b%s;(JJ@af#;@A5jkc-q+~Y(hyval(wLw(SOhF4$8avM~wt<;&TE2pW
zl_^+BYU%=$(9Vf58MSB6(HuN|331@}(md(B-nmxY3o!5{8!RcJ4j04f*93AGpRMd%
zxFiJJ>;ngUTb&Z?tX`;pJif4B1sw1SV?MM7N)m;?aT*~Im9@B!QM;LQ3tiZTpjuC4
z27D7gPl@2c-OYW{58BwYUlhqj#EAjVyHDRdEq^E3<E@&((UNAtUwCZ4ST)o57<}F*
zWAw}}{0Vy5c|6tne#H!4+;3u+G~<EKA$)%q9q?b`1C?hNetLli^PA5RDebZRi^D+>
zJrbTLGTAUS4fbaGOQ)k#yH2}<q5;1E-g@>bf-+9zIH*9+6W^9j7t{9OegT8<Jvu<#
zb0GHLUDvv1*!pODzW*62@X?;z7@>#$bXx%O+wKt1zZQ8$e-q>7hd;H<1sbRq@>uZE
zULd5i5oEHxx-WHDzA9H+jWz!1cSL($!1mn>nxUclYzt8U_S~xZdjO!BFsvbA5tYJC
zAeHC23F!?Yfp%#g%x|GOa}am4kSJ)aLNn{0OC6w;`*ch~C1`%Ylm~!ucTGquo$dVZ
zV!S?1#SgpbaRSsH8P&Jthlt7_U}$L<c`)}&Yj=ROwV=|VSp<CaErxhT7XfhWK52Qu
zNyoZo6tvvl>KSqYAJA3yxxnH9F2Hwy3qXkWxd1fun+pKnrmk)@iG6{FX5zPLOVa=%
zfu4!1kIF%7`+vdRp2I^*-79>Fb@G}IP)Z|!4j_o3y%nq8Gu^!Amp}PKvnO(VYV!sd
z9r>V}Qtd63Xe*7vPeY2|r#$LE*$V+b=(*oR*+#x;1^6X04#I~v#(l`&_ew^{2Ot{z
z0u2qZ&$wtB`?M#vKY)P$V|@Pt9opp~wSKD$pji(R>NN0c_9$sahY(s}XtROIBc&?@
z`*;2QtI!}mKrNMj`aBynC;d<h03}0B1KRz10p&OdA6gEn-{pX4?8^oa#Qtmmk=Qo@
zH9qSG{>(1_6~4cOZcodQTCW1=Z6PQ+AfA8D%fC#^XoaDtf|Eqx9@Yfk@)V`u^Q!yz
zo~Y2|pHTOR?<i~Z`@GyyCguOxCfJWI3pYzDZL;frZ)Zs5d$-S0j3+#+$nG&@S-p8f
zf6i1!p3SwRNyj0<yo4&ygA^F(m68spzia-ysR|?O=0mFdlah(aA(fXV*g512$Ic}f
z;B=q67oyUZ-t?&}q*B8DcYI+s5Wdl72;U%t4@9@kBVV|9BGd!xp6_R&hnE5&2=x|2
zqXcsVw^R$s9DmidtQhsssoMrP;*`KWwk$!$lj_gYtJ)!u9d79+l4h9uR7mCF=PI;H
zR>o}B)(PfV7q1iJR$a_;{d|itJmEf0cT~qGsp0ch!4dR#pFP*VCt7e_UdsT-fNCGQ
z^E@Cr0uczE$2W8oGg8AcA`fZFo{QeY%>n{cAdopxNa*TG7Jm7{(?ktbFHB7m<iqLD
zdGAxp;VDopTvQaGTEuD4YN^XjwT<(hz1jMUJ#wX@`C-xxB)vAlZ|HNsnL};<CPj~L
z)Ng9`qX3erc~9mdK)Tt~H}>eRdVlhz!0!FcZauy{;PXC$4z^1mINH1i<1^&s05MtX
ziM!Z*Gsg@CnnZ}o1u_q&Dy4gn1bYzqpcud{8=41b^X3ksY5ZolOT2R8;PXDvydcIs
z^Zt8$e-|Afbud0e!u?w|XuV$Da~H!>v{b*j0SGbhNvdv7U#@6xxyG^Tt@qLUh{-qm
zLgobxvD^XL#Kb*0M5y@0cP*pAfM4L6UeDfi11*{VVFg5bgo&7;C@-Xo*N+NR`9AfX
zKEN8#&|jPYVk|fG4SkO<9%y!rJtysO5Wfa$@~0F4=*^(cg#XlX-K#&H0K#MfI<p@I
zwi-G%(rwX0e~TeKGzrMKzZwG?y3h9@3IOP%5g?CI=otEgJv4WFN`};h5Mul{N<rHU
z%@6rrXnX>d2l?wS%43p$&?4J$%@t(tJ`RWu_>ONM9OR>_2Pir4PbKStwld+BY5}d+
zik?|OSAmA^^W=6@BhZPne~XMdKj2R#GajI1Nzgv~lni0ouViTGekFsp+OK11=r<Pt
z_9isYQV@xKfmR2N-8T=|$b(Y=TB|?jl>?Nr=Xnr6d!9$zQ8wu7@Viz(GpqqS?4U{d
zbc_;Oe+Js>PyW8M7Z>qoV93e-sg>yijByaUy}0$K0I+-a0+%h_7ENPc1by=VQ+;R}
z`{I`WPow=MbO7k`{{_B1HA8y+Ij^8uKFDfleSHfJt0ddFC!k7!U*!E)X#?|5uQI&w
zXVzdpV8S?hKnVSY4uG<~AH`nU!2c~c&@_GtT__|Wi2Y6v(bykrf`2;m!RUbhQ+#__
z1JdhHXNFk*Ip6*=p`rB!d`lbFtKMJ#TH4qT24xK>|L@NlP+s4sJ?=lP0iehJ;sig_
z#<?HCdmVIAi$BGnIUqOJ9k6tO5be(z&`@YX1AZ*M^w1>s8y6b8e@25y?8_PlaJQE=
zAZ`7UHU3ZvkWIapHXw$+r;To2Kf2$ww?A!s&l>x{AQ!d&Q^_}>$!njEzwS*`z;9^-
z8oS?>(P?Apx5%i2CZ&B5&Ub*4511bzM8E17Xad(=(AfP-K49L1#_scE8i>UHtZ@K$
zdsze0*3YbgRtoU5iumby5I^73M%JLO*za0_(#Anq!|PA>;(Y%MjP{$~To3Je0JQ4Y
z6F+l6+BgUwI&H8+Y4K;)fN1P9E*fH=i=s*F%No=@z#pN3=J`Ly_m|M^WerHJ#lVl{
zD4OSePK7obT4CSQMv85m$M5p~tE@r%r&AeT{3B}s-s}g=7_<k(&_Vdn#fJ26v4N(s
zZ{C9-esy}t=OGecr~yBV#7n&GB7b`G-^BNK(E-quv6nU=z5Yxa5YPL9ZEr?H>kI9D
z{vkHqo!%>pl(!Q;|Kc#OrLw^4ua2b8COD8j|7S5iLV?})n|%j;3FHB`YTkBJhXgzE
z%DwUmEXD_Y-~Kimj8IImaLAW{Y#O|<rFr<h7(Wo-eso|lUP7(&+nfdx1ebeu;=R%>
zB=f+{&)=(Y2={MmTsv_dsV0*7o5fQhAT9Op#W=|7Z;E+g8~5Rp)FN2yL_n;6FUJ28
zItpM09Qo|mY7L?Y7HT8lnuH(X{YNqW7u53ii*ewWO%K1lO8Flx#)03e@m~uzsNnz2
zZvT^F9N3>d4%#f(iw|g#^D{o6Er#FR;6E$If#0g}ebe(lP>chAit&#Y<G{BKH$Mt=
zy}vJKUHg-}|KnmD_^lfMzO4G^igDnVeX4`X-T!ql4mhB<1onCIKUa(cKXys~)w1fK
z>iPe!7zfb%Y~QQ#Uzb$}teO7@#rPllPycW+4nWzo?t3-<OBVlE%c|e1=WoUHe^HDB
z2jN36tMI|t|G9^IaP|D>vg+ucS)={m7307!d%_UK{mZn!i|-e7f2kM;_n*HltDxPB
zf4&$8e&12ww~_y|B!cSTpL@6#f6mMQVKELEgBxGyvA-?7{;^^l^#9+^1^($`9Eb-G
za_YRlRpbABF%JCU@&9Zw4tzh$IbgcoD--{>#W?U=HU7^R;{bRDhdzP>chRW97~8i`
z^*=Ahf$xVjV&KI2a}W0)E5?D}PyYV#VjKVuc7Immf46#uisye*-2Vl1z#p5W|8X(?
zX2wW-YlHBz{I6B)t%T1JkqLS)zyqQNlD==7Mu_PjMduIyJFx0ZXa>7~t?i*Y*9tt;
z9rU&7088zY`RMR9`in)Z^Pjana8Pk?m4wFq+tge_4W5{RrS`xI#QWaaWYPbpxc^q$
zCuja^bil9pyse>qh~L)22Nm}n$$v>LdcB={$H%{9HnoIS&>Z?WpgEdIpmYyFC;Z^i
z&jE=SeG2|dLDUigM>PzYn!%oh5^@5Y9Zi{(gG`x2PKC~>StMe>xp3E~8rbEVA1re~
z4zCs$aGC|$&ZAbxKe%_B0S;>osNEHvM?1Rx<#cnqwV7t7k<J_Ik$@R$XP}{v)2y9&
zh<|$%30?}U1#GNuqjr(1CEJ^8$R>B&b**j$YIk+K$+krk*{9*KIx#QMHCnvgf}9Br
zEq5x|*&3f)4dpDzEZgo_-!9+jSdWBl$D&9by-*CoNUcrOptIfDdf$2`c;E0SkmR^U
zIRRUmVBLV}R!0I8+vV_%iGq#g(5+=Hc$stR?y)lEa@hIJ{GNVFPvdd}%>jUV*L=Bb
zcL}`b_X*$5wn6z0VgR<=-4v=d4_oONVz31-4P7YT>Fy>RTIwt>+AMINALN{$D~|^p
z9syn|Vd03{#52x2*mfIfs5V%gRxOMSaqP?55F8F{0}agUD2By}Den$MN(V9#H33wO
z!H~mE?x;2QNP(RKS=53SB|h;EdE=s1p&QC|zDyp*&-2(v+!|QOoJXM?x5s)Kz}Kdc
z3!AbR3}LT<^QeuMj>Pqnav#PLVBOMg-KT)EJW3XIu@t%4P1uJFf-iR<7MVx4*XIYj
zQNYr8Q>ZO!W4NiQ57^w$a@b%iw?{U(FUxi!$66xGz&F}uQJe0lhr4ztRN<&kC%=dj
z{E^m<r`GOLV)+2jwQi<ajttsD?K&NnS_hO%P@^;3mQInH){$ify*|MyJ}lGXPCMHx
z8z)kMo662NGlA#H0(z~mDkaL16~ZYXm2h#(9k0{<<(7Nlv@k7F*vZ+Vd#m<&N2gCg
zYD+-};pb1s`lsj~P7}|qP+wmqvfVlzy7iJ5`AXXPV>tNXFo7`{*nN3Q%f!f><d&Yv
ziHFmc*SEOOE;^@0=A@%LW}uF~tuQZmbH0E<?C;&c_x@CL|MbMe8O!`F?)4Fu=txVg
z$ehlWcbP3c(-ZyO6AxD{=k^}1a;qc5wztC4;myv@&85G$!swo-h1X^#_&!ba|J#;t
z5`cjCCcm|_)0XE~ENxb~3Aea;7nP&n%^3m{H^58CBA25gb5dLETU&ZMA#f1TW{bOc
zD=ZuWF#v@JxtyAqoq@VR&cJTXos8%My2}I%GSS^L5cC?b#qG1o?T8Gk-3kK*(RFUt
zgiT~YFw2+W$sH~BX)QgV2wfAitCr_yEYJVmMu7aTTK>zn%B*FJTXvP(2i?l<wNVkE
zz|k&plq*NB)LR42?ZlVqyI1eXMkU<sHsF5}W1&I0b|j_V+PRnbGDCMv`r{%Crfr<d
zjNLI=cc0c<F!3~Sa9Q2Kg@t=;-H9o<`&5^FY@s7LiSkkr_`vQC5iHyjd{BP(X)L+u
zV#ho1LG$^5>I5d2oFHc+k{X%oVz*E8_ME<9IICxTBoD~)FC`+WmANi{n}WB8;)eaK
zp5u|#EMjC9CRR2vel{j)Hd}V;(;RZ9Y)p=9V*YGQ(QIPrY)r*$VvTG}{cK{BY)tEH
zV&`m3*KA_1Y|Mac;_z(D_-x|zY|OlD;?iu)>g<^@IgDmas|JGC4Kle61fLpYRvHLM
z8fDlU2^4@v8LLKu*Nrl{jRc<>WmXyqNSb8Wn+Oz|WUQJ9UN_0)HW7SkGJVBM%H`O`
z#e18Zw~d?kHV<zb5ASVW-Zoy|+kCuje7v{$dE5ATZwv6Y3Gm*A@wUNuZwvCa3G&{)
z!P|C&_qGr(owAVmT8z6*)N`8{51XhLHZh(yQ7>&`056*;Z<`n&o2XYdF}^lYel{`w
zHc_u_VghWU0&QY~Y@&i~VnS@9-q>iG=6;zK<wXecBSc^b!5at>VT7P4LPQ)PD1i`>
zL<mYFL}U?ycMu}-2th@Jh%!P@6(ORI5Y#}3Xdwi35Mu9MfqD$j!;H@(PS3;4%Oft$
z!vw1Hh@0{-JM)MK@-WBph!J_1t9iu8JWQ;7V*Gqe(tKiye9TMv#7y~^9N_OfOws(%
zugNYs<otP<`uW7td6?E+&r^Dz2pK~JV>x2dY@*uFv?=kn8hRzAQe4gxTj?aoRinl+
zK4z5et3k4&MqQM2xU}o}RU^Snju=niOslciWX#e1{ePkR2H~?8SB+YQqhmbJY-lHO
zIj)!|ftdI&Tq#PrLFiFmd#&whOjB&gm)X!-w)Z^^;_Pk0u}iGdAVDVuVvrzZ_mNVd
z>!bMf8<`wSS?GQ%sQ)(x{{kbwi1W9hf&WnW|AywTB!TaS_}iTSisj!T8DUk#bVw)i
z>U^weETYR1)qSQ-1%EP6j9m%r21wEUqENpYx?c(1|7SN}4d^j>G2I}e>63Y6D{2g8
zrC6n1FEovBK;3FTx*gL0MmNClx4?fuw@H_SG_CqFK~@Gfz;4%q-4{9HoG6f=HbnVS
znT8eS+Y(Fi0Sw0Z0a4DwoVN4e1h_u$qG>!vQ3A?pPslu(r!)vu<2s}VtS>_S;ZT2@
zF%#Ioq6T)8mUe;NqM3RB!*1YziTp3%2L2m4*J83jvpcq_fGR6}kVdxBtI4i}>tMos
zCKanRpWLg{MYGSd#^^>SLR1&z<r{d93c3RUwdBCwKYz9L;!^~tanCgf*<Wc1SEITK
zmK1JeQoNDJk`?y{#9EDyZ5kXYwRwg9*#;Cif<0~jQM-x6azI?zvLXD@zOjOS|I)TL
z$YU8W?{!3y;(`w&$vq=hu0)>pj9BaCn<oXrN}a|T9Hvv9<`^87Qk~WqoVHTA6jzR@
zY~rb`kf^lzI<C;5TXv|0c>O<Zfxm$cjwWw>VC#M-f}Cp`Y8=}RhB$U$KLAPe%Ya2Y
z6GDe{Vno5Q(k_p+zNeZqBHN&ISjQkioAZDlA80iWe^AapnJ1GwbbdvRuGj1raNfrd
zIE7%Q^~hrHVeqLI3pUvDEFA(-QrI5?QF`-1FyiMym>6opsBVC#&G#6HbMhl5g!3IV
zs<;1Oco+f10wo&U2LfNIg}}E)A#mg)2>mV>gdR8tq5n(Zzz_IuEUS$}*qAIKY=PX+
z(*`s)eKhfF5b*~gXkHs3;^#9VabrBuPeswJ#XwK3+MuUJlMpfuD-c;-w;Bf6Dyu_n
zH`H=uCLC!7G|M7RIy|A<d~s{?Qp8u|E79ckewiuHG{+@C=}KGuCw(v-lIcLHSMJGb
zMqF`tN4Hq|LURHA^egoAujyg&)XY!0YE^zP3jE2b$5kFkZ1TS-*uMqWMC*YWtp{?n
z9z4<5MIr2~pxS__ZihBVZ>5uv-oC*XUj~2L+(Gvetf(;;C1I9!HFVE|iOuusG<qb@
z?+^deZU7?ugT#M|<v&LP{B?oOlUqZ|QlS8K!>)A9Asw9HpJ>ihkD~c^NC#EqsW}5F
zryH%DJV-2bcSASsQBZ%%cu?DoZk6%TzwrU|0|Kz+%%s3;)+}>iap2b7+<HHW<u%4|
zJT{1(th6hdoC9iu&@K6O^lzwrPtHkZ;G;RHvZ4mDQ`!ZxBbtfk(ir0MFLVQc4IFV9
z62yiCBEkCtl9B>V$Qv!IcpF46b`q4h_YOq#KyWY>f#43U#vnL2fyFu*pJ_D)zWrx1
z?>u@em_I;L$IzsnqDg_dOEh!;*#9$d;D3w$|BD^?Cxr#M8FL(ctjSw%3(jpeujhR*
z0Z`vVRL4Nwmx&WVMhQ9x83>QxVe~xI&O}J;lE3fqygt#^xBeV#&u%<FI^L$fA+^+U
zyczBXh#_a`+A8=a^ZXxZgC>+<XCWMF6b~bJ;H3n+9fZ-XB)XMHx9aFt7u_0D0uYcT
zWlu$G-}c9&M;#C}XHS8+9%@H*%Va+RovjYtSxgFc&MHBj>R_jbDTmAdO$+>2hy+%8
z=Y0sb$C!bw&GE!O#5htmb7*&Iwh1xd4g+kFC^%nmHw<ZlDu;oanH?x=z?*r{d1GNt
zYaQ6?Lo}uK0qc~gsa=@m`rLr~C}kOH#{(!qF3hyF43+}U+iM>Z*UfjAZDHk(s9|K&
z3?Z~fI=-8_vABwQhg`N@r&}!8_Su5X&%tJ;H#S#m*Q+D8>Nb(C%VntA;&s##dcSsO
z425x967vYjp+kp`ABuX4r|NIIBcdU2=+LqGpzR_I9;|?OyxgQgJjEDS020xeFZOeo
z6T5vwidWB?+$!!0Kn_d#2Ca?y%p@f58u)#-O2;uA3b_@q(A@sX_2C!&(py(T1nL8B
zjVmj!OYp;Md{Db)qXxSRJ|^+^A|3=vhNr;Z<T5GroU=2}cBAWjca;*@8K%tEOs;`-
zRa#nJnpx6_?&wv?c{muKa1;32ov$SECiFV-H8xU#n~cV)Np$kC${hWCX$#f+MRz?i
z6BHy8(li5vD%B<0#=XeAu3T~oAt`fdRzQ@$Od{o@EYly?velYkrp1gacQRDasNboj
z+zoTy$=bEFL5>pEm1~E7%x87oraiK|Sx&oqH?ym$H&=;h!)#Z7p;#91bZxeDDh9G|
zs^jY3=oHE@ieE@=uB>eir7xIOOS#T{C{XE!WqfkBQiWV=MQ7DRh0?ZZkH=QE1b$Ly
zOYdClXyx=uE+B}NPP^5o#;Jbi#(Gd|Ih)Ety%=*rthd{B7Ly*8XdMwf*Q<FZ=69Y=
zyi0t3pXuzKD-SYip1Yo0lK?m$x0Y5B(MmBL%4W4kF~%I8-{ky~?Yig%2#wp!Yh<NJ
ztG_RNg8k|8aN=$K>7%R>BD)oo+){2*qr&><$Hiw$>{=+#Jv28CJDluz?Vhw^=kt5?
z)x8ykHH%VSgM>ReN_m5mchj}~woVfo3sOm5u$`M%DyrZxOIBVmd@*$wV0B5o)uy&V
zPL>ph8K@_ys*T9z64NQH@$NE)pECtcD;K7y+zFQZfTi+&n`&mR8s5}Y?{?{Ozu4gk
z@xde{t{W3yid2D)Xv~SFSOf7BS6`cmD2^6C_H?QCkwh@RRm8GuBwtrQ-=zw;3f1~3
z5rv)EeVw9{oLAu?7m^yM0GMJPzNc_HIFLoH0gt>_&b96q$6?q#5%wEz&(p?oJ?XU9
zJ~8Lk%JM+R%0!q03zqO&zh>m7>08bxe6uBFS=$7{Zxj-Zy;#ER<G^c9^T_NFliAYQ
zBgS&3kLe_EF2G#k$`lU0$1pZaV1Bjw<h1{pRjkJIEGFrO#*gRf<oKTg>k9Pb+ANh(
zSJU0pzvyy#le5H;F8J1Un3ru6l_%dM$DzB|sakU!!{c>||B!mPK(AO=Qw3@DhPU=&
zBM-xat#J;lNJ?byWRamx6HaR9oH0Y-(z@yu$!Nz0S%q6vOf$;%D#x@NZ)QCq<n}zX
zRudn3o2y8PD1yUn_My~OVgSEGJJ0lCd7m};J@N`}VVm(2bIrSYde=629~QqgOh;;-
z!XxmV5#n4+tcj!a!K1O888GX5o$~<@pY8V<t%JQbl5l&r;FV7UTari<J8V&K=*|ZC
zbp#{Xt9m$Vl&+qX($B)R(zGq@{Q8a@e_DyGKvr?KvOYa4u9vwO`=SNNI@Y?)_@x+I
z<2@bQ?Bwy;9hI-PAK)K+&cI=_J9g2brKeUg;5mqM=7P57JgFFszzo-rcRX*Z;!}9t
zVZNy^?}lrU+3mCgF<9le8^Jl)3S{I9g~Q@&Cr%1YX;XQ8Y}51jn#sANLT>o(HH!v+
zYgda_a6o7!&(qFo;U`s`Kz5w-E6$zg?Q<upX^yhzIi2!nFErh_6YHAW{DA~6Mkoc>
zdq9q@)+&h9xhto#aVL^4?}TpRnq0Tw(h{F<Lt_yT!~24=fSbS+3ssF#JSKiu6Z;fQ
zN$6dy&&DJAsGZ9n=f;mdOYvE~Z$#f$LZr=kRZ9K-qs8~?ZgF4xR>pz&r21Q&Gd9Bu
z&K4W+)A#fvHPU7!VAEeaGEq#s_q9!p^bL}e8E^<;Ym4VTJUDl9R{9tY5A2Oa|5IWY
z8WI|~(-;>G_KalCjMnTq{x!OJ_nkujv)t<ZJ+*;GN8t(v?Rd>E2?uLFsl0eMutd#S
z>qxqh6fT|dmG+WXFE5-On0SX7BvkLS?v#nO?oCPj#wvTh`_d_;fQMZqr{FIQX6Xor
z6{KX2CHU*ine=R&GAeYftZk)ZtK{6$NLw`uHyab1K1YmuS$pSH%VNA(rvOo7CO647
z__O<d$JiJdOY>N{Y!kf>0cs7d%~N=p#RVevZfWv&k`lU-Nh|t|uK~dhwPCGkP5$N*
zFb$=K%l6b)UDv$1YZvLP-;TDng&N`(KTFv@<z|Pm{P4{?l5<H^SGg@~`4@6N81eN8
z^NL@yZXIPJitk9)CXs`SOnp8|a(sC5g(ChN<L0}D<Ro(AB@cMk9u<)4<XGdb?0$}P
zr5RrUZ-D-&E46d8vq8-TsBG}jqlj$s)E9fNBa^OK^jv;nb1^gabx(TZ+go{x+81hP
zRr&CRhwsb0xAB!;8&FJT!|RYcwaNOHpv#}Jwp=^}XMJZ<iBjwZ-Ua>zT_K8R0unhw
zvOCwW)2vnaEY4EZD+Gk5KbY>iS5t3(Uad=7!lLLHTq=>$reTQfr9Lq3B@3G;^DJtr
zi)zJ$^|pVoz*aP&3cOWQRd9ZT)i3t;eV){`3Z{Wl@0lxbk}-Ax975sd8}TxEs#f<u
zW5SGB8BY!LKG5N?I-k)<L6LA_QTL={s#COb-ik*T95<GQHG!C)tMRpinwjW*1>2Hh
zpvB%G?!>a=uz#|)>gFxrQRTYX<0oI<9Cu4eX(N`j9(61`0^X)vB6i&M32XHO79Y6}
za-VJGkE)YnJ!gH_svo;^Ygo$Q5b<dZ2UOq#G5^@tKItWdo<eJZ$B!l~#kcA(oC>6|
zc4+Z2lB$%P_GC;s7l5fiZ*1b%yvQn}G+S~87fVYP@eor1lZBQ#H~|PBUVI)lD^|9n
z`?>5IlX85Pmy870PExHu#t~$zf-3o(RT-_mf6mc?V{jT>pD)|~J#dEBVMY<I*Jm(F
zNp8ZcVtG-IBWJXduBGB#@Z!)CSfHl<MD^J;&E|Hj`~u9$EW#oxvhu1|`^gQFmRrrC
zraRBENwor0yUdIoEzWKL2`_2%DL3u}4Yc)oHH&4qJ>i~_2dXxlahPB{%Q4i^y8P{J
z4>h^#s*jIsJ)tb_K_Cw+F7WVro=AMs>h)ai%vW(Z&u!V09D>H>p;s*{zFJM*Q`UmB
zPm(@kINsW=>{Lf2HpU|<^0A$+E->z9Hz|yEB}~!qoKJtJc_@X$GVu1~wXw7B%0?vL
znjhN0=kas6tF^ei^76fv%&@)*PL?TorPBBv(S{a{MO`IbD`JTR%_km5s)Mc}60oAS
z)z!0-^g}Yj7jjW1e)xxDKk-G^n9z$wUQ&NT8Susm@wMcrcfX89#x&t!zZ09;vHm9v
zDm+Q2h>OZbYCUDVM(Id^+ufJrGTfLj-Iy>4+b_K3k@!NSIuo<G;l_LN#`2dL2DpNe
zE92WL_V`zFCz<OSeW*$g;lV6cFj#hy8gMJjW3GnV2QzBxYmuK!N~u+jBkMY5{J!E$
z+N%)8s=K*L*z)7*3fGekTa(QcmE2FFLb|}e)*5&}oua`dzec+7MF>#$1nNDW71_pE
zkY}7W5-E?u<X$AvxSwtkHZ4$s&xRMSxX{1Z<lmoU|CW*Ip1d}a<MN@oemm{my2aI2
z|BM>E9eclYR)uE*iEnQEIE{RwzF|4S<lOD!$hmT{K8$HtnRp;F?R9v|)9YsmN9XQw
zMsTQvs*O;cwg}Zpn&VRhSjEirm5(*pUv*Al*%du`7Iwwz_}Qzs@{Hczd_nL0*fth!
z^tBScQtv#nMYtUKA#?e3QM`CT>}&7s<IM(Pn|i6{BMOe&a#V*UlegF+=i1u(NQA@3
z41$VhLgF4X&-5MMqC9_h>`bUpm(uC2CNWMKhD&~4)jqE^GP2+oK;bFF`|uZMOU_f`
z`a}qZ*$tk4gaLeQyi`d;{ke>hcxOCFKGA$N=wq+sPT`={^1{SSrOyVzc-1&YT3MhW
z*FxmR7A}iwDvm6#eDJ9h7WGN0v{p|6kqT1HHTM<68Q<ulrLxt}^o(?=WTRI8{Gmra
z`h+<b4;bXq=*U#ZMT-DRGneZ0PuH`_cIMM%#spEjoovDl5y)5EpptWSc)n=2@hGLk
zs8H6z!&muKQOFZtZm)u3_Dm{+{GdqlfRkUvJiw())LF^1mO@i+q8~3yo~cb~k8G?Q
zpQI%4IufXw{P8WHFwvxV9_iWFhSEwY&s-U|T30xPNhe3OMRGEvfsU`aE0r9=hbNuy
z8gwOmtqs(~^Pp69V5NbtOjf_zxD!k+JR+{OMrB<mj^w4e0;d_Trl|IDC^^-x{)Ny$
zXr$^QL5=Q-VeL6zyNxXO;QBFsS)BPhET>Z#4U9aJ)$=$D+A`*6vfL-lGg&Ybyev~i
z*RKdCk71e*9QLlW);clYS=n-qkZl;BMgh+F)x0I>ODzToaGAc1o;pwI5|Z_ObpH|T
zSCluV3?gjPX=skXAAaq;_$e(efY8(~<BiQF))4!%V_$VHhxOCVF|}>Z5oC;AmpGh8
zuT51ay;aDf731uLr|9qFb{1}y=jk2KrLCcLRe~eW*e#}xqC(V^j7tBWf@NY$e;@b6
z=-PAFTpm(h%4p!t<LL9(h{A*2a&-86llm2|ULKyFN$ym7$vp0m+-~wFRrPs!vJ|6Q
zxWQLEgZL;s*<^i;iiVmjZab3Q(zv(R$gi!A!U7h&M0C%ShLgU(&0!yu<5|szuzR9a
z?KBdkRJi^SkN&<@)2$Odw!<Qp@ood`-CR;_wFLc%V#vFSfbp0GciPF5Pagyy!Fq0q
zxF<t}d{WiyaZ=iSp37P%U2ibWKRPV9=~4o9aVGJj?8$pEb*7DT70>h?1D;L#3YvTw
zAVS3P6WpXrwTLyAFCsOTk*oHkzod0?Iew$-607AsZC-h<r=<!(!owdl!<ZTeFu&xe
zbtKxUN-zL)jcGt`up;)^JD+`LqP-h8Y_nM6>S}L!*}udtbL@UPXDfa*KvL-uoGtS8
zB}*j7m2&q0T1&m5rUka^7x=-I`b%<?!O1!AfNQC0N^ytAIT$WY#7=xJ(mj&TdBIUj
zde#HSji*KY;iv|J$&ZcgwcT7ZvwNKV*<2Fy2MO<TAFR(!195oyOXiuXFESMM-n_Y<
zz{<s)L9mvy-nKe8LZGcB`9kDls}IK`mqI;i7C1@Q?I#Rvy9{o(+KyZUoP4UPJ*e&!
zwmM)nTZtJ_39C+?vU}uQd;6k;0sjr=M+JOqsaLQ)iLrS;85CXat&!|^#k%IeWf8+Z
zREgVsThhUx%vv3IV|(~0b=qqze#Xr^A=J*t@c7^&OA|CEIY&Qi7;||Lq<Uo2bl$s6
zNYSPW<Df-uxNk=GANyiZcnog&lpJ1(KM&7I2$QyaR@Kp~YCL(v<(Oak2am>z{8pOm
zb`8%J0^jJ-aH}*8$+YRkq?;dnqw!X)h%9!}&K{y(w@$qC05HgIvg()*yLQv%PQ~eI
zdCJqP6xaS=S8p8^N6>wX;_eWf0Kr{@OK^7vC&4Ya`=Em}xC9-7yE_DTx8P22cfWk!
zefPchyZujhRi8SmPIdR{I=l8>b)ZC2&J0|x#zpORS*cUy({E)~ye*jNzKfj2F{U@`
zSRrP=pA74d_)M17ZX~fC;o2TOZ?Kw2hI*k+Z5_}U1Ycy>K8xVZh<XfW)D9RTpe}Q6
zF(kYWhu)P=t*}1TaV3Kt9?A>}6h#sR9!Cse`$9CeD`VJQ>0Z$Bf6wLP=0K?Lrfavm
zjqwwFThqZ@*^<K%Hd%z*EqX1t!{D<^)=#Xrw^OoxnO2MUVq*~yGO5)M8bDj*rWP8Y
z!h@N@VVcEFB+ZR=crc%qps~X7I%~;XBPOIhpup_rPzcoXci#xeJg&h2<rpPa#24si
zlFypy<eI<{7&j2&{I7hsS|!>cdJT$xaRs4?SJ`^?pQMcqQ!B^T_Ehl|kvizvQ6`CJ
zBNOuLjw7+0EtO>qh8)Pt#@@zSv0}pUM7;#^^)vOqBm@N?=;PipxZ(dwlpF%LD`Ah!
zB(1;<GrJo#72Hqf)U+>*m1sn%wywQ?Z-`ojp9F!Q#*)c?gKcS*PuRkf?N86WYRBdY
z)&M+eZYTWb{1S3!vjG-AJM^Mdhx-wq;*Soi(Vvt|uXsj$rhq#+xO-7Hh*fd*>#R0e
zTRQg<Xd)$x$0qipu7(+$aWIqNYl8Nor(bb~3bzJ{>D&#mBE%m)5RRAhtT}6suWR1f
zvS2uW$;%}H9(&mkX(G+^Vtk`w_%}wDIMWi)S6j*?Xg*7NinmpKBy(-o*dszJKw>uS
z5TK&H>vn6I5oo4=xszH_V_KvYCUPJ^BjN*~M;_NbP;cA8yCAT9^HcjJ%_g`r0^g~@
z8E7#fzx47oELw0*d!E?k#v^P*_bJH*gmQ55E1dj~*<Z;Q!s9yg#r<-##fUeIGRq_9
zewS#!yKPU`B97g-wjSiPZ>27w7~yXZOZ1%ThhGGi9Dx(^rmslr!&^%o!DN+Yd7rWp
zz3`s$tLt!#flI^-VAyl6G(dy%uuO5xq8AqJEq8xBjGI};B~_*mmC3!T><RIpT7#cA
zPmN$aZ>Me8EIa2YJO29SwA2O?wVA(}qr=l^sW`z_s`Z+WM`*|(c<6L=GmZ4=g1IG+
zUjq7e6nLmRL4=YI20tmr-bJtK`d5AFzNGq|%0|OsSsWj$R9)=$WMxd?aQUG1u8?c$
zL)_Foog9f^+Gn0L83l=c>I7iV&0&VSAZANL%;?KSaH2Mt4zZLt2qVk>__KuZON8F4
zesEq+?LEfw+Pa?#m}qxLRLNf-Ekq;$H>~j#z#;XJQd~nGwi%GfU!xPuhInZTiM5;F
zd7k#oxF&Zw)fd9)pA4zvM5U=e3RTB4AvceG-?L`2u&r<iMPsjL)Hz&0+xt~|TILg~
zC|ORr$@~)Ox7ze&oR;(r{?tvK8c#vS<cyWMM9a{$PFGa&Yz*XFmc{KNcaW2Pxqhl0
z;9%(89M`~wtkBDYioF>vKIdRTO?GGGIjz5$MNvkGQh|cQ&us}5G`Gbp68w&8!I!ZJ
zlAhViFQsm6WVrW@Yx$N3^F|iau{I!>(@7fmj&rEa6+X*BeY3g_rnGiG>L-;T2g3Z(
zc<m|D9LVnT;wTs~J$rZa2UZ4uL^$~+&@1LPDmnN0GWHiIz_90{Noh^MnY)fv+vE^b
zVMkE#MVDD3`F<y`_|pr)M$QY;^iRqinQ*g$!S$O%1;`Qc9pr0yE~`YD2I+sp6XXk&
zM+zl|C!;=x?P1$?H=XOmt=4GP>KX}STy6biLv_7?39Dh5U-&VSt}n`_a6qGKii(S`
zYaK7e^B8$BcTa_ab66AaYQ=;je{!-je_q2;%_5tEh1=`0S*4Qf)9P^C!7?%F46XHP
z6)F<DGCtY!HPp(=LiFN}u86nUX9s5`6Nj&kTV2Kz9X=S@dzmq4C70S$lw8!Uw(FV6
z)k5by_bg1W{5R9nHx%<J{J_M&sV7jd-})KM$JuDT-g|BpEU0Unr16Do<IqV7SUS?;
z{J5oW4oef5<2Ws8RLD2<0WroYg>+r})J}EkMc^>f$l_?J4u<@4?nBHkYl4@G9}});
zPX`0P*eKV>Uc)3Ats15AY~Vs^Nt4r+g^O10-DTb9#N@ew4ts)K8{mZM%p12X>Tf~q
zJZ+fpN_SC9dM9$J+~tAhVyuXByBYeTvF$Hn)txL`dHp7K-KmNu7Aj@SHh@vZmaad?
z154|laCTSB3=j_n6`^zoa9tfmDJIv9qbqMBk<hsHiX$P^B3Uq`IJeT~zRz<r1_Z4&
zby)*9+9i!f1v#RuvcS6i*!7H^X)$;Z=ab-p^dPwKJZ_4QgKnL=VKnVv0xNpgU|8#4
z-+^b7^WWCj4OjcvMI_j=Bbas)fd@+QjzW&o-!Y>RgID$jN$nC;l=SOv!2%OoBh}kI
ztfxn~1HJPu9%TL}k5>OQ*;>vgZT2BJSM~wC1_Zwg#j;OP5rLu_a}j_~pkP>NH2PH>
zyIG56B)ZUbKnZm>2lcduW9Rwm)aTR(drh@Hj>kZ>D3-o76{%yZ2|nDJefidzX>OZ4
zGk*N95lOfnBANLRlGEMA@x=OMlHqaU-!j}h%F(xrpSi8<1}(>2%E4G%La#h44DtH$
zM>Z8Ut>o{bmcXbz+g7ae>EM|;0Xu_V#ZT%)QOrxs90x~9Rz@+7Z(KhTf^GekHDf)l
zJ%}E}F6h1>CIAAF)?-jncm4JWgj1{)czEe}1nzG3EZ}+Yzttiy@b)f7C;mFUhx2Gw
zn{nnYFV!HGDE{ETy%obV%N2hPD;;^Z9P(`pv@>c*a0Bu%%@Yth$9&<Ew%3_2;G01~
zEjJ^`->+%M$y;Y*j@_TW%<VnvBPQz<G;B8V-f@Y<U#(`e;kX5B`x$!!>|O2T@3mc*
z=0KAD5l`NlN-S=NH=#-k|0?n0_0QUKelDdboA#)~*V_|nr9WgBE!z_=<a#ba%1J<b
zU%qdtE&$Pc^RSDI+yti|%_;2(Q$io^1}8s^eLb@z^mx&t1lw^qK~f|bF>|ngpImd^
zC>#b^hXY5dm3zaRX+j6+E1VJa1gdWeyQ_11e#WTz!_kdKyLGbc$u6HAds@9TkN$Kc
z7R7LhO{tlcTx&a;QypH*F)j%_N5~?-<X1r92a@_Ulv;l=>-*>!9iNT&aLhE3KnniE
zQJ)Fq0ljrhaG(0KUXbJj7(0twfGjFG^l0}$;bkp!JWPn&DxkvpSXD5|1{!pW65IGK
zb!`hE=p^2YzHMERNiQGsq-5UtNj6V>OH-S$%4du7*U;UjOlfRm7=S;;S&t}DX<4!u
z$XOO$7(Bp>R)(8N`u>yInE%iphf;I_FjClrbaCHV46)7#g+2qX&#S|8=;2U^p1IYc
z3U25Gch7OXn7*6rA#*lJKC(5b?__Dvf$CXH!fbK<@lMS)OlyIrFPOFXd+5E4@I?f4
z4}3i?U@@-sX-xs8N09MW;O}n$hF1n4b7*gh<N)|bhuI9zsnv-3B2fwnpEVx&g_7~l
z+;Hf|AeVd)F4I~==x`&wmU@4T3n&!jJ123EW<WCOEw|(v0;NnX(L;QtwiPHeU6ZVT
zAy+?$oZm-I!4+Q*3B8q8)h|5G9^GH@jHZIJPI2xn8up(=!oHgWp_Y>8p;a8PXPCg~
zs>m>7m8lyoMjR8_AMTt+sa74~Y?4El`oV4pVRI1rhh`F*yL`uLD<F@BT;W<Xvg(JF
zeO~1B20QbFW2E|K3cDn(tfNB&lRrUcUv+!$@R>ifu7%FQmcI8Y5xx!Id|jfQkbwI@
zwQcVsh2`vMx=nteApsf_e<laeCCrYPG6x`a12P^D(-?xb3H*8}e)c_csi*p>m#E`e
zoGH|}B%G`3w_1XA3u8<_ar&C~X-M3j#bT9hbl(Yj?-LGN!{YZEr*-@spZTk9UbLT@
z29;@7=)FO>mS~~c$n)&ws!pZIFgY;=-e{-**IEvh+LH#jmnF7ji26E^k1hUVS~7tS
z{VQ&5itHz<O;ImH;uabLaw55hV3O2NyU(KR8(4s-fj)2`*-;@Y6!C`k%i<iRL7P`-
z$2B4ss%7Y~^j?s0lVmB`i>Mjwg{k6=7b?MR?5$6Axug>mgcrduh7bow)ZWFDM`T{d
zch-%dP%W^9ZuwWfJ(>bg5lw$1yn29@vs_-TeI3HBHBTH17B51NbndLgvgK}W>Q)f<
zgUY8<<Gki&KBnl)(u2V<ReF-mDKynV>}D)qC-D!TjxShh(YyW#ovNKyz~6V5ueD>R
zB7QlU7fpeJRED29SBy)SZ?-CdRk23h0x)V*F-uXah{LJXj{~H?aMv&Vxp>7<do*$=
z`%?cQ(Gbu3Cu0-)`*W%JX|`MUFYYcsPQ#HxUQVlv7s4s03wmtUC(fg;k(w#>Gm0%W
zc4B6_?|2YE2$GtktxA44+z6Noo*CK3;a6?gg4~8Qxw^5=zERa;tLRBI8pC)&gFSS%
zO%Epa-q!azJVRjF5cgL*MN{@&jamP@pMb)YscvOp59~=h!i}uOPzg-W2LQk>!*LT|
zV$e-7z%=cS*82nx$C<ODuw?>>3g`(P0pR?zZMPe*MiWD8AL=xf4J|yD!*I9wf3ir*
z;q;qy*2qSui0d^NB4JW~wO@&Xe#JndJbT$63T;5@QTdJPnKn_rjaHWNwg?%^8ab<%
z;<5P7I!?Wndl01j1%r|IW{QZyxkXBSX8JfgIb1xo)hdb=GqP_iwZK(~8R_eNqq8J>
z2np!u0vpy<+lq5FcsZWWcrdbjb`^u|b3k4SlP|@*KzY*MG^w=RN~M&*{$TM=j%yvh
zI}4CwZ%ZxyO$3B<H5>ZZX~rHZWO=LdxK$6EYssSZa49HSNMce|?QN*|JWkAE*+};+
zwJ9r9HpF$lb3Rob(TA%P;~%;N`qSD%KnqZWS-Ji2U>AMZVq!KqR7wzkv%qr}$_^e?
zxy`dkY1<~D`Bo;G>D#W$Fw>$x!GI90m?&_u-rZmlRROrU&K#{_AYF2A&GGj?N#%vC
zS`j?B-&EF3S1ag(a!%`G3GbV)Vq2BZEI+cu=`Z_#JJED%&R<OEK%SKbZqe+mgKe74
zAw%Z4Tg)ajv2T7@E+$qo*dBtai<MUPZlm&VFS+yk6^jKEh#HM-XfyC6mhMZMFu*r0
zNX2X@D->%olH;g+`HSz#8z~c%{UsK3wTdDtCNeBxb9z!V<w_7PfgndG#|5FfgO9f8
ze{##N^74v<fe^u)80&!S-{_Rt#YTH962>>Cw7Rl<TIPBVWyKT!`i3z~R%Ts2#-4q9
zufHV+zh>lU9B!sS#-3b163yORVBC3RfF*=qF63os1rNfk)WQ-sW`gLh?|rU+g|AmV
zZkC-vr^9cshIa2muf_jHUrFf9%OlH!OLs?L-VYi%c*bW&PR2c@^4&D7AjH9?Gx5Ng
zy^LhTlLiT#TAF5}?{BmU8#B1Y^2T2*UAOl_Z(h^UOAvXy-)bNO7e_CE^aneAe+Ib7
zVwNh-B!hPQ#%RBSl*QJ@VX^>(mjN}Oxq$qa4f|B<Yhf3-`}HuQ1D`mW)#f2uevG`x
zSL*pp4_MeMbYbJK&(}r3aFzFamzg<v8bSvpaVG~oos$$u=Cg--?H_ac)3>$U>m7{^
zRrP~A7UY&crQz?V`U$qcciJy+O%8GcuY%zZ8=QE4@9zI8D?z{6V!!Kymd~p`HpF{g
z2wBZx*anWO&b&615^iv6I=yG#MmZ4Kbo}Wb>2E@F+xekh_mGl&^vncc>NGFjvNuo8
zzxbx;kUaH+)<HOBh<jZhWOHI|zl?_K>-%7pL^Est!oN83?+1{hskpmpm(d1a;)Y*?
zM55|DbN}CKgBx9OMi*5HEvyq690WGnJNM>~2P8XZ)qsZW2DJ4$DZ0`~gc}5ZGj`b0
zkrKo7?5o7(EQPyfk$82vEr4Mf4<cJAW+$Bn{Q$-NbCtLy3iz$!Iw;DNgDtzgFH_21
z<R1J<G$EN0zyiG9eY|7`{n}5gm+ae;sa;XG|J(J<poj(-eLeeLiV%TD%drHT`gD_Q
zV28(W={u@g<J-D@0+v6K`1?D1NA!@BONCoiS#zJ4!N1HM!#M0)*MHZSJ#bc6{t1PZ
z6Aya1KWEz_`rlXz{0iJlvd=-5b7Rans-Edh`$$8jf!E1`pGNRQZ<{3-#pGmPbf)ld
z?&d^#uL*NbI8PHgAYgL2>KA%UDRbee2}^2s>JxXeJdVU<ayEg2nWhw07K<c;Bita-
zZB5qApJq-!@g(LigbNb6;QH*@3ZGwZZt8;(#^eBb!MwwYHn=DGyDk*If4*$t=4drI
z??;zE0AG&jEGJ(YBoE23&+0_QJgP*#Cl>Q#7lwcD!*V&%J=Y(Q-w<w|>(iQRH7`DS
zjr8l!x-#NH)LK}|!)3Y+rSeHp$lIB4`3{OD-)jjs?oq`PN<eSnV_?KZDdWPS7430}
zKeM36`uun8mY6=|`a{>ED4U@dh_jNO(xPiT4g5npKsltU^b$_C?&O~;r_i%46XD+a
zNzhIM>EXFM2MaxhoHFkP#m^%6xL22XN<obV@hF#E)vv@k*#2lWfCV8D4WD6UuEOJc
z?^{N9l@@a&Wu+v@jjfP-z1TIT&_ur{p_ZhsQ{jk*?~mD6Wr}_S{;^*QjxnsNm;E&8
zAfTC}sqh`^XJQeDCU#<!`h}lkC+vV)sOzukKPIcr)TENED9_5vGKK*aC~Gjv84>8#
zbxuhPKy;m#MO?D^Gdy-##}~fY@Al6)xD^*FL#r6(#o~<-l{L!jigG%kfjnPVYVc7)
zvmv&R_mY!fx>HD#`f{8vB0UFV!7hS%8&E%~BClf|4KVV9e5YV>7N(4-GnnmkYP_nF
zJfSRX*ZT~1O$2+cLhfxU0+-Y|gQ*jfl&`L&Jg8?n)x$%ZoYt$FdfKQ!;ccul3w=9c
zmSoD!M)fAx7TzDDbhcvCee0lRJd1IDx%4tmkff*_G5*VePJ2wBH^UpZ0LuY|1<)q(
zmykA7vhUjsuSYpQL+0y_bPY+0=Myc#=&BG6@O^KV{DZU97UVj`u1P~jTTW889x+=a
zeW!mKE3a}B=MS3{Wgn_jkLEUxT;J&SM5z$rkXN4#ZWn0yl=NGiWQrFgX!dCh>t%64
z?VP%B)d6=Eg3U~;8(R^T|JNqy9F1oN|7L$gwn|8%;U@Kd^#c)fyZKID;XY%<C_x~#
ze~dA;d76X&)j$Ur5}RNhVm_%#+i}jECF1=zomFiYi!jNDNu6NNMEx)<v$*O^#GF3T
zUm5RbJMR#udQ}|6L;!!>rY!JnlLNb)iiUa$T3tFidFV0X#V&mrr$fdQ0Ugms@&^YV
zpQxp8>;VdbHX=086^B=J*;!iit3bFv$JUiZ)K9=M-t72hcWI;YQfv2G0$ew^cy~(h
zKO7~g9Gdnt{6{A|yJQHp(-fi84=8XzkQ+70SiN3o;^bEA#r?_z5#dbD8~eN0d#vWa
z>02LrBKdd~I#X8ELpg(N8N0x8vq3~jV?V{!N`gF$t!3a%2y+COydwRMFwP!+qt!KX
zRsj<X*AH$|Y(>I6Uzu<n+z1sdjRD4Yxeux;2$9O;s5CEjU2#$O-kWkdL$|c0={;m~
zuI#G-dmqAmC`F1IDyvChRTJNB90~q*%_4L(zR$|9E&;!nB?-Vf4a&p4+{Rw7bIe_(
zEJ^Dd&;Va2m045?4!AXUOxmgW{Kxw9z-^jdvYZDC;D?d{@PLut<RVT$=Wx7bt7}f*
zaYLlE$p~dRmjLbYMJ%L?$EkVN$r>6cm3(-Yx#Q$P3aI^&ZR|Cuiv8@9*62Z?F%GJ#
z%yPC3{Dna4!;4<hp>cY9E9m;Coy#0yBX{hDA4n~6{J6%EG`udD%!#H$m}4D_s*#Gm
z$%bUjpp?)Sg>3SNeFMj$*n0F#5pf_nSXnNN?5+B_k|w3Mi>=fN0;4ePM4jX0b<O^#
zZJ?QRS{kh-&R#P|S;%j`PB(Kv$xd%E_GFnbp{@>R_Kv-7Y?1X5acx7e>bEW&)BMTx
zU*JFg(XYvYd!sogd=hIPA$`BQ?|;8L0L1M_kZ(Ig0pcC`YD$F1Tb+ieYy}P9g@-x4
z*0-(&Q@oejTDA>eE5u$p?#o@3Ht#;Dlp-H{9?|Cr%lQ*Re{VuHX1Ye|z*u7$Xo{!b
zP=y+!yL#9XPR?~pTzcgHI#tIk;Z%d90Sru*zgy2gONch?tYNGNxYK<(=i>AWRwP>F
zvJ{d?KRM?keu%H-ORw!rE4CxJK!`{re~i>yc-Ht*Dc(~_;o$LFPkeq*xi5RU&XKg2
zT}ymhz`0Pg(fhO|KS*SyoklM5TVL|Xa-9S3pU8J+SOgg%E_3=(zg9G)H(YQm70}uz
z+252tSXg!&Ebk_{vnA7U7ya$Q-1l=|D&)qOs#52aOv3QQFiFRRYf$5j5x3W$i}5hB
zJ4Da?r`%Zu+NU~|;iMMHQuONl1CCKJ)#;su<*Qp5$nVRaD3c@FQq{S&{*W5fdGc?}
z=-I@XKMXh4AU*h(p)Iossr2M)hCs!ur=>L~2GHdR+ZdR;uP9i3lW;^ON5oAIW?P2z
zdy<j=puFnS3Vb~)Eem>L{t*E}k^AH0?8e(8dCuGQtmymQaS`z4unPFDkg#rndDz<<
zW3WD=@0Q9kXW|6(cou2XzCLmH$|%k_K0da^NIm~tSykyEx@!2NfWfA36}Zlp!aM45
zTsQ<2PwzMI(=2$Xnl$sdpurssUZ%`k!E_Y83azV}m!AzuOFpT86+S12sutAbIm8G;
z!K*-3=3#zc{WNl#fBBkzvEkwYO-N(QcP~nr_`=tU^lsW0WkujmN~<F<CH=h9vyV?B
zCNF1hOyPNQ7JR{v!xb!X1)P*!eW`zRC?~!vQ)$F`S55i;%qkTTB;fn!rDTS@s|%&{
z;7hP@Q}vo*2Oy&>ZK#R$t9F++LeAiP44fAO@omp;vRtRUsu98KVL0(JRN-wHtIS?E
zaz(a%MAV_yImc#OS=l2xjfuMlhoMbrG(TrQsVJ9#<T0U^jQ9j41qQ(^Wc@h#81tU|
zGdn|0YScE2DDVRYAn-wn77=?h8Zk@VgzYVB0z~TvK}>G_%^P)OcqNvsRVKaVg3cC?
z;^=b%E?*Znu#WBqBpZlq6wmKT*EiM4ejOw>c%T6af8v#NOX1>^(T(ro&1~6JIWHSR
zUH3r&=m-EH@7WCxwT?85+XzXg22FGPBuvAf)PEZAfu<#S)1gPL{=_Dk{zwSWi^~@y
zL`Dg*dWMRnzsC7CWr|~MD|-tW9U)9msu&=Tok6iA$0;(Vz$2$m1Fr=>zp`aub_U}S
zWO0@LPDedh(MrT0?fA^(&9~?`T;Ss@_v01c*ZYX(x}U!+D^Q&2|L$mt!uio+O2hQ=
zuKPsv05NiLGJ2G8f_wxZ)o?E^8bP|&%J)@$<FAG)X`nUyw~A<x=-1We`|SHE5>F`F
z;N2ySzC&<SggOwBvQH2+GP{w=%Z``zxoqB*?xCB)v(s#Rt-rqLUR-HZIxoJ|#RH~s
zWY67r?DuI>x?8#?y>Xi)WVzblo;N}T_%bUB<o$cjndnc6?eawyk+$OLi*X3X7$vlX
z$Oep5ty}?9XejOJ(rxV-;fVV03{_9~Z9ANHf<U7<tB3f4^QkaW^TI!{Hp-gEX$*Bg
z1X1tT(+oks)w#=C(>AaZi27RP<?ztb<3tJOQaTe{XWnT)ufY5Ig+}^<855}+6|f<S
zxLUV@Y0|p{yE2-qSf!aNqyJn{Q&)FkNP!g|?+H2#uxwA!SU7Z|&e+C`Mg)Qy-3;b2
zV{n!%J6{4F;ueY2<7JrhLe+m)`=(CB$U-)Y_t5CI03@1zRL6Pi9Gdp-Ytyb$cv8q4
z?VPl9N?ah5v0iF9Un~>?uqH%39(Zbk*ZU?fZYE0t^N2jpw&NX{Q?{$i{%{!%3tagW
z5k#K8c-w+eY{F$m$ViuCB5S=a@KaVlQHCQtih=ID1(GXcGyhOJA)l`mRlbl`ab`mW
z8RR?46q1=Y8yq&gvyZ%;9FbOVR%^DTk6*2@1BZSpm8*L&%YTlN`;ud@og#1px>jzA
zNwp?3l%6o+SR~KbcAiuveEfFR`*~{);Q+9|Ld$Vwjw$lYczk>iuj<JejsZ&2REqIQ
z#rpTbl=zH{o#Rc(Fu5u$LA0YWM(N#i;lfW*erB+#`mJs%OBNLRvm`%L`knxnG4?x(
z1x;>u@UUAk=b=2?fwN;~UpT=A7arR>e5Ab}T5ao2S+iqWqwP?^j)_VCWfubaKe;#K
z!4-+tNqRdt5V!Q?p>MAbh_kQlz$pxbKg2Ea7wB<vy>&%H`F$%NcHR6;25gd@w2Rf|
zOvb2&fz3kVak5Y$Udo>lZm1ZvNa;&3rWTzQn^dFPe=cV~7|6tqt@;ORY`(A}K{Z6K
zm~C0$I51>5ac$EOSBagl8@*!Mb5a%Xp!k&mhf<}JYd%Jtz>oIljFwR`#VQ*Mp<Nd>
z0+73<W5t!0YY`cQYMg^*R|0gPn*VxEG=iYru%63>B+BcBElf{T3YSyM(o;{Rc1g_+
zYkrMK!}2vEgpSt>11H<8k4S8Y;u=08paQsi(z!WI=6L(vRtXQr-*s#E%`__z9j?g`
zic9>_<^lB$!!^@hNgsShH+`LtV@S>K4NU(h_eFlm)i+DLOSR>0D1m*nu^{9bo{)%E
z)uk>Z@Ss0Hvqc&v4W5-c$QC0aht6+EEnc18@<&8r%0sFwy%2wJxhq{`C}2>r;!hrn
zL4;lk6Q}Ub$CREW@2J`4LTj4cGXc@y?3q&_O<1C=Z|#R-&>hLQEjg<1Rze1fNx-|6
zylojG_gALL@)q|=)t$!s5Qq@x@E5|P#nxz<b9>e#Lz$9}b*`kUtjsbAy0Y&TB!coA
zN30RzUmJeQlokpfqq*66L<v^K^&3x=e#!D8NUWmKIXS=*DM#VZwYo=3wp`P^autyL
zDh>se!W#vq<+wCMn=rUtvht)TiUkr{3OxqF=AkN%Sd{@-h7F#dqe|LD?g=-<%^T#%
z+j2~>n#dRnW_RMqLoWvG18Gu?X*SYiT8}*w;CT^hv@fP&=WfgY#6jrcLXS*J%Zt=l
z_Re>CEr*C4RYSQWClYZQ9t{*j-4-?3&rV!7{WOWPbMpaW8ObkiC!SE8gg~7}c02bh
zn@yft8}?Q-S0!NJ{OF<;0SwdSywTG^)fslyzlS)Hj0bbCB-ISK#?7m!EsahcP-^m#
z^5dQS={v`J@5}z#(QR^@cq67t%5<t(?zJc3NadYETa>_xx|X|ADgVbOqTxo}$T^Oc
zPa)=Lj!G%L6|0><L0B7V1&rcZ0QP8M-vY!qcZqQ0eiyt!DHio!CX-g7nXBax<yjQ_
zwQ4i=eR8mm>U2dBn)O3}in|t;FrVG03+9-kbAxah#dH*3=?%B*CdzuMho_F{tkxyq
z`6(Ho$ssWOBV*2RH#YqGnflhyq6yU?Q8E=Wb?`WMWRj2vhg40g1l+Pd(;X0H5}vm7
z7%6ywJ!<cCp_9*8-mJZ-)O?731UUO8k2xe1H7Nfzfz7CRLrJu>TNc9A%l{b+m@W|2
zi|UZ}=I4|57ngZm|Ak<*IJh8C0Oz?`u8-g2bFde!Pf5rKEJYVmD!0iB{qd?D&T&FC
z;u(wS%v#;KNFk<}2izLw067Pwj~Gm`;QlnF8X#7&zhuT_m53P^E~A>oPiaNSmhwPX
z$qSIE7|+l{2@4hPR^z^g^SZUs_D80JTvDUUc(w4l%4rI9U?non{y-lq(ABvx!i((i
zFm*8^La}^8cSpw`7`oj~XDJU~3mlP=vY<6o<l{miDW@oK1I`P(w2;YhL_oVj6b$R7
zQh$nV?+tQGdp^T$o;BAQj(XFd2FRdM54>B>9<L4h&Un~5(@988W)*hrbd^+@2?$f3
z{5IjIEu5-LCHLW<-`TQlBd{BCt;oD{*BLDQD!kf_^FDAPS<C-`ovY^J+TFE<b5f@O
zC_@4>NhD8V18ax3#*OaO!U-AuW3ghMWVKC@sb-TcXvGX8u{)f<2LE`Ys{Pe1ED=A|
zyS5lA*c!KDTcLf-;Bd8Hdhdz91UJT@sn+e!NK6)Q(W5GR<LHq0%~dN$E%hWD(tKcS
zrH~A7sp#sN2H8EJ{ykfCw_8lWiLk7&<AM4qMN0g$EO2{I(r3VYny&bH+%TGL2hv=M
znJ!cUZxKQ>VFtSpRpzuLR7Jb++Apa%Y(a!|pKPDygYik$XeA<GAmTk5(jDx&$nvqs
zQP_vX8h9L-+<I8UdK~_<D9~O)NUzI7p`=b9vz%H5EPk_o5voYO5-HgiaZPIIFHM6e
zBs&Se3@nVgioFDbI3luf*C?M{s+cF3U$(nU3vuiP3dgMHGSjAO;H_?+b)&H8Y`72A
zc$E>e+56lbXVZpX<m_v#Xp!S^MW3Y0nDynkhjAq<xoWDvFr2|Mb<A^JxanHKta;&$
zdu<kX2oUF){#*V_L6WIMEfgDBR)q}4om~p!1@?U^AMZc#WsHcz-SDD`+7A3}e?*ux
zIRwQG36gI@l{e6`P{=Cdqr60n6(|k!cEH0E+Zd!ilQ7xsGrHpdU8`EoX8<?p<6FVj
zcn~rh@0-?nRBN?lqnSEtdu7FceV)RkP1h4cqGP~;q6Ag`_+J_%(nCzAVD~YM5{jq+
zV0h{HwIi{gZZBO=L_`OpyxHglt@uYCNVwr{rwA)uXpr1|oBxHE$@x2%rb(8w&Z0(-
zkg`EBej9#3e6wd=j{my7DkVlJm$sU&8z$+Vj!ZKG%YMzxhAxyB7bITiR=oucTM+dT
z?t*D#y^n8@oR6{j^O<z}s@rc=Id`52AY<K#mEQ43*bB$J2WsnZ);9JmuIbPp{5~3A
z%!4sn@WRx`_z{qR=Y*p}hB8o22Tp$ByUUkHgJ89WA_cIYy3|<i*yp+6u>#csQ&dep
z+uKcjrtwLDlrjSz?N-}}kKN4ei0fQ9@#5CvDSa!Mw_s(&mON)AQ*f!wrVxO)=+M#%
z<&-_DL5&J{$|-3q0buD;4B+}>+97iTVyt(4qAPY{lYMoNIYT#6Nq7Co<w^K5l)HxU
zZF(_d@khiqm`l{jwliOkpy%x(LaSvB&`QAgewjq?rE?N?XPZ6D0bAYqncd5%T!5i+
zwgB@zb>p$xu|DyNJ!z6vC!khEx!Skrq$FT-+R>@~dcng<{ju%U;p8?@rleZbKyd}X
zaD~|88Gr2UR5^#oV_1E;u*Cd{FW&@FCh&Yc{-M}|lp-f=bi(Ygbg+lwhpZY+llJxV
zeetz)J-kFpy=dj%e{$TkL`IVVBoU2~i9h@{>C;G{6GHmIXdNi!3P5a16K?@Be%w2;
zK)NYhA+bO=*wCI@c0dKoKfDoJCfe)9jqiiE2u!DRN8@2-VQoJ04yRitd2KQTt5EiE
zhKc>w<a{V+pULa?lW}~FirYzIp;0{$pIQUr2mn+mEnX<>{dwc$WQqTwx8UP4UY_Q}
z(fhfA8JtP0f<EV?0d;56_Qkac9&cvE^^#3d-Fm$+@F(<m>W0zqO>1Z&7iF!cpUr~V
zZ>VBGKB?gSB_o`lrOujn!U7SO2IMz$%&OZ4cABie-0YU;TfayheRKvYQO6B>*4HJr
zXAxFL&Io58rlJ{1-ic#=vqQrq5nv8Yu@G8L&Vc<ZEJ_X@DB5er@riKmsf<f`z=|d<
zwK{P-b_ZZRAn-M<WSWQ-^WFvT=!;%RPR2o!*mo$j<<icygNw2l4S%$Q2Ba<`<Y&_4
zP_`+Q_LfOk87GB!75W~iSzFSiu1}*KDqlMB*u1^Hm%C9Z@Z8z2UN>^VxJ`E^n9sp)
z$M`ydjv_SQfRug*L4Efr%~N>|;R~(bLRs|{OP2(*#3?O`-A+^#L&>M73!)B*&N0VH
zKWpjLOBwD#zuXP)W1+sx*IcWV>G7W`Fp0cB4afZblVb0Na=(=0tXuhCn7V(ibm3O>
zKJn$uA!svX7)1F^JBcST=B7s=Qe?Ydb)K*M*V`a47Yk2#obW2=cNVCYEsb4B_I*=b
zH&O2u6U`iq8D_O+1$U+A&|!b(^|*-!h%0GF@i;7xj{KPXYplChd6VYPWHqg|m`<0E
zp})X>Lm5j5?I88jVV#FjoN{J*$|7&uAW6Pn!EC}LKX?t|?Ot;Fdpoe_puQiaH!Krh
z66X#Sr!=Q8inc81Ztg;&eLUSz-#uO$J?WoI{$2QQ(f8)s#e~rv1@IxK$YXVK%=>|q
zW94VkeA;95mzOt9TA_ZpKxY~mcQkPF8b+kqhNir;VCf;z%+U#t`C{u2RzUZ3?CpT*
z2`lJotcrm91N^(@lJS~E_UKbitqd=9an%A=$3Fhnc9&hl%6j~l$n|;sPZ6S^X!f4|
zo@Pssbmh~1#eMOM1r-mqzu9OaLpqVlXGAYdf^AGC4l;PTjSoao@Jf2LxX&9TFtdX!
zBJ9u*iPY?<neZ7};M|v5LhSIZ+7~CGKk-_T1SCGg26AO+<c`b=$*P_P$9QSpbZrCo
zw+~Mb(1e`|uLx9kfw-q|#>Ft`KQ=U*1+)h+2>m9zQT~XPQIV_)r<YC@N>5m5=$dSg
z(UV9&6vdBs4HG1leHtsCD-Sry#lP^+<%B)zluU??g~cI}un=cg53nE+l#oDkm>WUN
z#(qdW3mQ$ZU&a{_H|R=%klq}dE3p&fdBh%@;Sf5wI}30w<<(6_kU~OreLfw8e@QLB
zh9LxM5xfFo`WYpg85oPlRL}WoOYrU{&t$R*JVUHbUOg@R86>v$cW?<bF1VjOjChHz
z&_fvrq!;+SJPJ9}sJDkK8QB^BHaoQ#M%Wf8T(XV)&TCt}hm5zY&_t(i5@Z#|JjU=n
zC{;R~uTfAC2jE^urg3)1pF?6X?>!ZUuz7%E!<S1-2T}BRpO>2^)5RTvT5cgRvGK+~
zyQIqMhFYyZ{_bVgxgFRz2p~pnsI~cT4<$1svt9qxG5{=5Jzgm^PrtN9<VN`uT|WI~
zb_klg9S?G|CZ>r(YW3#mKYE?&((|{D9wxt~KWBtKv(qCO5Bbi#Vz6LRq6vx+(u4zU
zzV>UDwfuYU{F63x>t9;#Bmy*ymiK#kP5l5LM%m6$O7ZV}v_=*>-|L<BU|MrbSfsQj
zCn{$yvy*La8LVEjzWsIkowa(2GnMxz3T}AvuNz@LxcP}Q_~KVzKUmx^cw%QT6eC#j
zTeC`B0H0H~M(g&gL+8Xz`CoJPQF;#G(*4+c$q!rxI!iz_hCg_*O~^Ocb8v8iu|6Z_
zG`-7zoo8OMT(c5fGXB4*@_)8*Ze%qxeGN8pWxIT|82=VQx$A~&z`6>x&l-3DxZ5(!
zQCxFUFnlNF@mHE)*u76P@j{37s$h5X!#q|(Lk7U4OCx24n#rdziZw&}K<*K|+<RHn
zRP&`=7eA@LB7T!<Xg<EpOmpqExHq#ny1zXpN@QQNAr^Nve%5gDA51G5GO}iq3vxj*
z;TQhsA2?KW2n}GTB$qk<Fj>jWv>B1S?qRZ!8|e{-Es-3j#>j*k?@85#Cn$q5;yG&@
zlAQ-O<Vf7ZCB#qZFxMiopLFO<N$)n^$^VBSyh-g2Mhp)2LmJ+c`~-sp|DUVW+;^CN
z|G8+0fSrc^Z;c@g?BRcn<X~Y{{&!Ud9IPPne<bCid^ncKsT**xJmmi=)<~hBq$5B<
z!B9d$;eP1O|IZNs{hZ1T5Br7UKSq_gy(Zq{Fi`6wcu<7@$KvB05ZI5DYIFzlDK!cn
z7Mt=vrvIN}9R`Z(|8ENIwg8jT21AXhssIgx2mAkO+*2>$VM$<dKf$IN-@y>c|6g}?
z%?Z%^HsPS4SQwz7(Eo=&Z6a7GPg^z@S1((07gkR@+yAR+suRM8W0TLYsbB<H!vBs-
z=|>HW0(t5n0xa2odt3J1nYI4IYYYq&6!HJ?PEHA%Y6k;Ll1hOHi}v5fY=|F?QNN@r
OBEr%j=u^RdnEx*|Y&Svx

delta 138764
zcmY&=byQW~^R^-?p`_9wd8MTrq`9PYgLF4Yb5xKH>AHY)cXxMl>F(}sUOxDh-+KQ#
zYn`>v-Fs#~GxN;s*|)v-&3Vw9w_n6xz`lF->>1oMa{;)Jw~g=*4;8E)R3*faF+#x9
z<I}sg2EU7ZaH&07F7ot5OZ2Dc!lH`bGvy4&-lQ#O({%P@iX2!gWb2UYnsXZ}i;v?N
znt3c=-ComjbZWA9_mR)JSbpRW+UH}4^72GjQ&j76y_mvh2mp%k|GZg-0Ut<w8W@C+
zj*h{S7Hu+2y)3_lL&4)iMhkcFNreS8iV1S<0E~cs2v?<r)Z3QdNSD!w=%^<{wY7mQ
zpm>`E3M6X{c&VzFYh`(fWgeOEP)dy?s=C;zdxQ_kgPvC@KO|kh%^iDpoKfU6LPB7}
zNYyG*|6IoAcMqVO$^g&BXsXT639Ta*7-})1m}*i~tcAE<Y*DJ`8}_q?Spk^p`L?FP
zQ%4i0$p4?7O5k8RULpObsV~rv#%o0|&q8oYX5lhN0rTjU$|9<v2HBz-i%?Y0=+7{h
zi|}o)Xp9X^$RzcBi`%umTYlUmJ7-Mx?ONCfcC=sbB40iyWkAgM-o1BnY%Ad?5#m<;
zr8C&Y%G!FbPC>ClBWsqtJAP4xyD$tj$sJYTrB{%YQIk)zPV4$8opT4GZfnF<+jmP=
zzR&>5L|}6@qM&Yp3V(N!#?WFv-Ke{8<WO(go;d;MG^3=t{f^54&$4c9hn_28KaQ?O
zYb66$Etz|t$0)`yT=|lyyoyJ^=aoVXQ84LuFBS#;rOkcj(nzmAl+e$#I7gWb(-P&@
z@wWV?W1|z2B%z0?3c$)%8j3`n{)c>6g%~W3uRvzw;1E2G(Z?dA4JU<|xx;27qclp!
zg=vlYz*U9Q=@dOm2cX(=3cy`*iPo5juFh{Gyqz7<l~ki^Q9}2f&^E2u6i_kjG>4lA
zGpF2ch0dEA<vqN~_@SP@A7Y=*9-$u}K`P0Koa$?=#77J&HlM1N(X^UmL$5k%l!AH#
z#ZqtHV{vdK{o2fk+~h6Dg>q^}Zx)2xzj8ZBJ!#3ODh4#VG=E;czMQyGaIZp;8o4^2
zo^RM$ZZGOj#)?PEgU8P4DB?;a3)*asHo0gDusbiJPT$<uWbcu>siH6pyS+WFi{0t#
z+e?dW%h9;h&t({j82hF!uau^fE4@e#pnu$d<Csh2-kN?S#dTZfH5LjV?ts%NL{8uY
z(v@kWia|NW(f7;%gT)jPk~JA)3?zpmRkp|<K5HF({&#Qr$YUOcS1nXXYN;euHe9>j
z{?Y8+<91_>RAcL)aDT63HA=bv^|~gphL)?w(%-?t5B|3xQXC$i<OD0A5}B}J_jTW$
zZ72O}=bu-c>|cwQYkRuGiN)-F)uB@Iw`<4_`vp1ucMghwR!S`*r8oy-2CaW<qo=mt
z&(^G^XL*I*oR9AVZl$koPxls!_62Q7EFIEZjke;Gqv;$H_Z(I;UfZ)05PVZQYUx;n
zsj(pSORLszQ7HnfdDl|`^gjisVg2b_a({(Kl23dPo`c}jSfN<3D1ek<|LTK(Y$&a~
z=vJ**te;K7*oW*lqZtp#`3oFTP=#p6c)lyyCYP>?`2JVTVfew+safAV<>N1N7CQ09
z=ga$6u6zP*LNxgl<h>#$I6ZFLB}F`@wez@}0>_8IXR%2<Oh$MqY3;T_Q9}pl@$Z|9
z!z8N8Q*Bnoag){4KpT0&t8DHXprJ;gc621s!qiF4ZL(|H8N{2T6|#ETce)&PhxrVj
zug$y@7xlA99HqtK$vKXyxX2f4(+`;VPVXwrWyg&Z(miD{(C6CODXNaVrXV(ydhN@i
z)thhtr3JlR<Ch;vDd@3K)UtOKBPomOV3B%lx@401uRI(_((Mqtc)U~3v**eX6HYb*
zw(2>zYp4YR!Z8z$8uI`S8Hc2s`+G(?<jQGxxr}K9>&5?OH{Npo>YZiUsl8>pal*+s
zIZ{ibmOST^nR7`PMm=EKj1?wtHF-3G&jO?=`yeL0@IrWlA3xYULPJD*>ccV~d&PJr
zeU7xoeEPfiPn}htC*vt<(1zdgO+U}4SEr_~c{20$*L(UE$Ajm4HPZv*=MELK2}`4U
zws;GfY<|Y@vyx759nn9v!xOxW2dx9*6brjq7Ytqvc9&CXvHb_~VFblX+1#Tv0wBVY
zCWXas*=vN!p97hgs45&H&(*ahD|>2FEl~U}$Cc=R+EE?!OM4g}v#P2JZ<M*$lYNY|
zlos~k<#9MY>;Ceg_qGUg<@>nZkK|3bVLZ@&q*abKiy(BJS}IiQ@Toh$_vGajR8jZ~
zvbj~Kyk+0z@T&9HFr<J2AgL_;2Xn<cQ;RGS+qh3cN8nU8;{EQ!h!9eJjda1%GWj4l
z%dqY|k|br@Cq4aSpzfo23!PCFfthDv9Z!tArmN1*BSvL4<r3)lw*Ntn$eh&}R%4dQ
z=NohW&e_iLx9=jpL4fM(>N<Qu{+{(2U%}@h^_?D0)@8upW*u8p{t4a|_w45AiRmw`
z_LP8Fr_%<kzHB5Fzjt-0xFq7l{urAW6ysc+2}TZF+v!}?<Yx^wMBx>A(O3^6JV@Z(
z*80xhH%mlfMmR*`sG2BCwa&-c71FsEoVv(gC^qKw;v=%Z?~^LOB#@D(YwIjAho1v@
z#X9>ZBkl%Vk@mI;_s5`)n#9Sy+4FlWemP<I3O>`YwvqMp+cyf_*L>wn=DB`p(z0z=
zJZ||#uJ<LZgsaO1$d&}L*#%(cy633`TIPlVPPRfm_<M2QHPYuAIlK4M%+reF2N$cl
zCD&Kmv;M{y6&^#iMfGR52XoxDUlM_9N8r4n=HkZw);WVb*Igug^kRE&oiOgYV|#5e
z$GgGxYD>|5V{dS8)!!lbs66ugw871QPIF)L=5lwxrlBqtSzp*jeH?ji8;uwv<~MwZ
zK02ycTx_SJEE;{k-Y5kV$(jK-HI~;uXW8T&`8C=L-fO&Y&Q{dh4e+=bw70r{?F421
z_PSnk@MV8{5wZAexp_44KHMJfOI#i6{QF4n!o~6>^+)6u6Je~&2E&{a*H_CFh_TmG
zL}%5zUphKK6}DZoRJIg&=UO^t>C|s|+z<N0S&NK%6n~4d1RUh*kxEmodf9gnTFXT-
z+b3Ge<i7uJO~Bvi{5euF+ROOY_@_bJOfNSN*iVCGB)y?g?Fshjcx_z9wpwpoK=ja?
zEn2&T<Lk*+duX!Gn>ZY1?Pohuj1@DR3V)Vvs2T&6>vjNa{z_}LQwGSLrhsV`YEBe|
zBAr~Yv&!y;N^>Tu3M9i5^wVLt01H(=!Z%eSjs<v;WRt7;q#ZutNaq-@tf=wdL$({y
zb<ksTnA=1x3mC!?+QHT&;cjgv{JDceQB&$04y<$Bc90swCDNMX-O56M2ys02)g=;7
zKeT=n-yYLJuODmR%a3wGJ@NKNH2o`5-{O7f^ezoIrC~+E+3ENqXU|$i$67fs$L&fv
zO1EcPmf>3K;#jNXbv-<#9+WtNIX^R7KEBU8d%nzdBYsk#HK{h}{<|Q5yN$;d=k|W@
z?p&jSx9;m)qW7KEGH(>m+NYzIaZt&I@ZCWSQ-fRh+7X1egzocLS?r{M^?d1g!)chU
z<}dr;lMh?5S~*&KJR<M+aMkVsTEvT410M5RzT*uq!ptA}(`T!vExWVJyBTqDQOkPi
z#xeV@Wv)9d=Qo2h^}tP8+;3+Yf{uZPxjM(=rO}2#z%5O5&^cgveOI|vyyL49YjDH0
zbH~Nr-rS{z);`*tWJdj-`~aT}e6Y}nIaxA`I2a;?x)`8D8Vn6(Dl-C%BbkhaX34ZZ
zj@=4ud{2TA5CN4cd(q7Dp2C$S7QS&ITOjHwv~;f5pC}MO&V&*K7b{va)~F!%Oo9Uo
zk<xadTl(g?P!9Cl!_&*K)U;#=_0{&7pZ&oD>3zL~z+IK&<=$wa;UHxq{kFCVioPF5
z>hg0awdFJ<;?#H|2n@vVqqSHj)C(ytTnkcJjjnS{I8?_;kINlIRVW#j)HKJV-uGnf
zEk*D1e0!l={b6$Hw|Tg_^yF7C!E%jJPgPCNc4FQ}erk`%cE|Xt+gb-?Oj4wPDEPG8
zb`MoEe8S)wNPkt$@=~K*0#hTd*y30SX6Irm_KGmwq1#a_FBu@!ZTUs2YSh<$2X~Qa
zcL&o_6hKt1`T3abs)n~qE&xHX@bDcA_!TGKkF;m{9K7jZF58mp7Dcz!mTAf7lGM`W
z1BsI7m|Sn#lyUl0bX4v?40yd>DhrzTE;RVgTW@~W?;2za+<+%J>!mH%gO_Liu&=-=
z8t8`>au6}Ur&$F2a(s4v!a9wS+fNs=<;Cx&KhVMs*!5R@fB6L-Iu)yrmqNPMax|>o
z$^}09{E2H2xRaDtLgbqZ!&zuDXV*vRuc^T*avX*bDB1SDPSCu&%Q<Z)MJ(OktwZm7
z2a+O5_Q3VJ_yZvV5bUKT0M}w3hXR|?Fg~d2b?gdU@q5)UuL<WH)<r$*TZE*ruM9R1
zezY{g4WsN6Z&vFDw{Llore$LJQxx!NeD$*p`tU>-@JeigqCpz^+<lkA_0^=9O`MX*
zvzH)7-yM#r$s#JKZpUC0Jvr1~`b|jx;e7d?IZ+ZLy^IF6vdr?vXo*V9V&j<>AXOiu
zwGv<nL*SKYIZ>_xwz_h8o40~HpTT;ZdGcPv`N7s4M;HONK<oaW3g7;i`PH~N*Sch`
zNHQYY)=#~)W*sQVs<F8ay!n_z`|@ndjqswHx_q?;lL<q=M_*`)r;aO$hN7k!BiHzd
zJV>lNyR$3r4akY_AJl;bMXE0UU-oLsEqMbm>#OnU!D=s#YWbn<+6wVujy)A_RXFPf
z-Tih1-z;}acL6Ws={F#am+C6dOfBN<UOuXE?8McXbL?cr+<YL`E$F^6;OI`%{jwsC
zC$#{WJDd;F6a^CeW%Gq2R^UO&bSq&LNa5y+q0|<RU0V{suFcFSGnSOF$G-r<2PiV&
zAeyoldEF(XTzXofNE`U>F9Yt^*YT_K^pPFk*lae!=WahpN@(+PB9qk$FC0X<-_N@7
zkHbMgb<@{IJi_7FtnRzDoSrsvd1pgPZi-+Q!M*uf+jw}pD0ZXJ_S+k<;*7B$Zgv<B
z9ss(rIDE4<a*NkxX*RvW`WRzmE7qaY7KPaT1-c10)#QDqv5^$M;_Yxz{GnXtvcx6n
zYx;Q1){0dsDC^@-n*7Q~)evMJskM&F9`G_TQVa9$aPv=#9OEI^tTvL(m)^-1e?~B1
zu~*L)g#-u?O5zVFouV!S$}kN*OIq?@aE=e{BIE1xh4?m09LlK3xj$BT!XbecxH#`~
zFq`wI*Cv}Db2|<0#JOk<Yf8f7)T1_<9>(sG1P-a{a)ZDr9Vinht@F6r*CZsv;ytJ(
z%N6AxOP?4OTh)zAJ9@yWng1^K&brHF`S_^vN6at4uD)(=k~|cj9_k!$AsD=9QhaDP
z&d{6jCfIX{tNHu-7F}v{c^`@Ae~BH9J+~#nV%o?rT*pt+Jemr}*#@PgGLbUP%cW#a
zVe)>hQydoIQ6!Z$OEfK)j!&~^_H=jX#;q=23M1LR;r4KKxOUtZ`+UW+uq_P-fD@xO
zQc-F2a7}pfBT*(TF!m0ti79xuS?)3eb;jp^%-&7=XE+Eive=wWYt_54bKPsb`c>$B
zh735>USD+U=-U!l5UlZIv(V{{YpF6&92K;OL+&>XzCc{C4qQi<<D5TKV%ts62t4jA
zL*_cv{nf3N5>RbSFekr!35W@-G@JutC0Lss*EREBzQ1$$pq-H0Tq!@jLEhuDLJX?S
zdKnT>CWy^98yVr8LcF&o15tqc$Jl?0<mK|0t0*Q}u6!amePiP#a_eMfSVjk$p5k+4
zY=`aO3DeEfAaT_Yv-xphaM9<h4#`g_;ck*5Tu_(n@-XlROtT2rna_k@EgLJ9-|%{Q
zcn}w;@OZJ4Y~8e07RJ0z!j<BN!mt9LdZ9Ze-3p20$Mg!AO*qEf7$|G@M$#SqYD_`i
zM07q|OC$Zy!r**3&Elru|Fg=ew2tG=FYC8gEgf<7+4XgET)+23ckUGDP*fE9T0B%D
z8gV?sz%c+QhABBhA}10p<RQ1Nkq?uNB<m83Nu@9qeD4wF4v|3kC#ufd;!yCUL04*h
zNXyuVfe-Z`3f7l1D+2mn)PKy_NdAbFZ?6{;#5=gUFmR&19$VJl>uW6;mmLyFOdVN-
zeTW#@-;v<0D!p8t!R5;0dDE<l=VIVg1fX;XH@Ijc-+Bt7dzEP37AT66>P_b=J?>U0
zg+*_R;%eGY9AfkH{E;n%OH(;jyXheEqeH3NmFgIM_cPw>BhY2iWpxhuk@HPc{oPfy
zJNM1)tQL=3UQS@`To(MDegfIlFT;GohIhAg_k&FZ4t;slma$i}DXwNaS_FWI89~h$
zHL})Z!<lmi3)Q-NmB%$~KRr;A=o|5aJ+5P%`)bra&^_t*c`&jTGIp%3Ugt<Dlz)F}
zJ5G2u)VssQUgSP6%D5J<6$g0>y-&Pju)twx8{bzeW+)wYqM*;Gq??w`kac$(bN=nU
zE4`6`=9$C#HfEdKu?kJbRuNF|cxvLF;?23C=;^4*IQc1IRYj`1avKX|BW4pzmTKYH
z9$OhW)fq3>WK|6EM8cx{WM{|kuRknyrWZ%%awUwUM$YYV5!v-8hZ7!}!>v3%umXYc
zjQb^i4uM2{q2~sPbhyFoe1G|TmFAXbf!vE4ZaQ7#(UpAT>pb`gd`C}N`z=1!W)jlI
zzG$Btz@|e(q1FX%We|&F2o8JIS#72B?%%YCB;{x+69&FA4-g2LVDuUA@yPEdGc9a>
zZi0-^O!x8iC|h(Ecyz_NfM*P0T>HED_GK)cZad%0+ue+vb)j`uxs^>jmJkbZ)_z_n
zH*z~7?lyob4Zktf7IZ}98ZMK>d-&$(Cy4bbP{rSAJ{>^y7X`Q$O{qkfRZhc6f>25X
zaZ=ypO0wEi?5-)X-8H9p`{^RTh&|$%HyHx|d@&QKVnWQ@k5%0JD9}u3^a?9CY{u2Y
zv6E(J%V33Ny)@putH@{f^9uZR3{cnLi-u&;Ye()tiKLt!b)H6-f7KrvBkucEOvFjI
z9Aw5i4?U;u>nPKYZhcv^a~T+aDAj0to*3CSZJ_z6$54lpMx?nR6rRI|w`f;6^Dc}Q
za|ClUvsw*GuO5=C&6GQDn)7|u<yrsPadzhm`Ji7x)i9zarjBlEtPQ|y*)6YDZ@cVu
zwQ>0K3xU_3!Hh^lN<Ol9NoPkD6@9mRt6_A<zif3hPCiTK6~vewXsxyo;yN8)m|6o$
z-wGL}cg8oBPI$B=HRxyWD~(44F_i94_ka@(O>gttmJDRVmD|$>)|zQ)!tS-ZPwF*S
z*;{+i-Q}M8p%XLD`XgXOz#h0Q(uMBLj|n)}MIUX4iQ5_2WcoW-UECEol+G6qbi{Q$
z8vz;4yYVEooZktj{kFzXFwrm*Z-y2VljX_DDw#vu!PMxg9GD$g>m~p8pi~(z&$ZmK
z#Fb^fQz^=4*VW?^;{l{^e4n4sa1w+|8Y2(AM4Yw)`Z=g_O@20By&Di5>q9Vd(B-LN
ztUT#O9kbpDy7U_RAkc*uR>$@0T$-|<RtiblqO)zB+dv92vT)||{eU$ac8XoiymxKu
zT?@E!kOwLjT=H@mq>s4uLxYOjVhF>fc*#?A*vIg#v1hVWf3oLF1WM{V$v&aJY)YGT
zk5)D+0Ez$g-vZ=IUsV<BLjx7-2XKGGlJ4<Ctf^*qN+%iWV_dqsn4Pvvba?$Klf?ja
zEX(t(O``JmR7|X4N`6bLZ0+mBu#q%?g^$$pcn(JM=l9+Aawp42B1c9vb3${bm%yDt
zSnnKnXiz?&Ob!~jJpr5+twywNwi|%ji;3HXjJ11L69NK25%XY4OUwSf7~v>pW^g`!
z66frWgv~b#1A~idPW}?w>0Npkf*+~Yam6g;DpcXq5HiS0GAikNecTLl6_&IbsC+=!
z{Xc@L`nxXT2GcU~W*zsEA$XE8y5abTrKbbne0|*eHg#wPgtWrD0*IJav!1Xi*+T5T
zd@*B8&(#yy1snDa@tD2e{8(A&cDl$C*kL(Ko%a*HB%-yil}&_p0situ|6w`1&7*|+
zIy3&XXL?y0UwE!l`TVu}r7MEHrGt6x`L_!U$?$SNcg$vV$lmJA-eWAyPJY2h6pk8o
zJJ2vs5E~ogB7z6#NcguELmBkTY-|}%9V04aGWJ6I>HE9>j}JO4N@>=rNF`XV5T)*H
ze%!)sU0-~q5nqt9am<49>-xG#&`e7|<6IVML|$ymmb7e*Ka5~Gc72>hOW%KS+`vpE
zSZm%+_?VFUM(Yxvt<B_F`Q}I?2RjgM)d0vx@JZ*FAEGW=gISTwL2CBAmYlK12Kfhr
z1>42Q-!Qo)a;qx7?w|}TckPWf9mDCx`BN(O@WmHLA4H0W8rq8$hts#g1gf&DzqrqQ
z{VgAfZ5NgQv8YhQp==y{XkZ-t04T-R4*_$OXk#lEeT)y}DtkKgWf45!C{O^TTj{w9
zqwnA~kB?Z17H<N4pE8ck{6fy>O*XltuBGVwn~u456MukzZI%w{US8;7R4|*Oh)-~F
z+R1FTphb|5$Z+bWMU%Eu{JvA7AswkPM<9I^HR|1rJAHeMZxM(w#K4K<*b`MB-l^hx
zfB9J`oQk20Vo~<$LhTzvfSmtdD)5JcijjVfnsJErNWn+8pVcRL>u3I6E{Us6JGx;=
zK8XId);3`LvcZ~5RXSlxW+sT-ivfef+=iu~>Q%+^^mu&_n@l~VbR*hO;U^Dy4(&*v
z2Ag;P{hnuK%k<jdU-nvK<<g2}SlX5lz%tevLah%5Mij|OOtf=Eg?ps7#P$2)Vp+;K
zb2!?u&7bIFWly(}KWmTCaUfp1hIEh7gIzKT&yV)fr%&B3$Gc&ra;}jU<v09c9k@C%
z3iNR}Dxh6paq)Yh@D@K=8ImED9UDRG5N~%$yH|=Io-bfr+O){zRWg24Amf8r4w#?e
zJnGB%jbT9>MLNB7J8EF+3V*qv(>cvz?GmZwvS&D$W`tax64X0u^RO_Hr-d2ycC-1h
z_OKlV;tA_Y_pl+<R9{*!>b<Cx#i@Y;HN~FN={;i~xUs~@sGU|##MT3U4MwzhNl^=!
zM(031020BV4G5qhjmYPPj?^D?#Cw3!U_8C^@iFM3J-iwI?Qg|3DML+loZf{+p%Q^6
z#2p&0kPwn;5vsVt(ESq5a&hM)9R4TyuNxbl7@oTNB5iT{A`dK^1d{RaTp#q^X;&N~
z)--vU0__|786s7a*c<Pg71r2DxAx5Gu8v3qw;I?85HiUa)z~rN@NzUzVyG0HEUeoW
zP$d}SHomoi=U%)?|1N_5S$cYn_3sWQSh<IJsh_NLS?V~oZslgf(Qx9k4!jJ>%LO-A
zQbRK(dpNA2=>3*I|K)R1(lgzbOL42L4+~2M&3_<pe$Z3c#x*zsN#uJ6FvYx^E;=yy
z%}$C}7e`ksD3!H*LW%1NEEN?7T4U8|N55Nt*NE;q?MnKeUKEc!2_~A*acmA+@oaYD
zhGk{j#raiK(fhkSGrfC7A^K$>Ra6x7)Y5vbvtK{amV`oC?hAt~f(Ju%Tr#F0&{kS!
zOT#sv>i)$AIM9|SjTXd9>T%e4%neuP?RQy7CW_e5r^#tnA#G16>)M%dxWbz*&LG^Y
zp*O2euPHV@=3!-47B4%h-p_=oHQB}((olirPU~2T!&e{(p`thuGV&n)$_PWeb;ZyB
z%<C%+RmD%sNVUa>{IDz`QVsQ+eMW8s(8kUk=zjx9X&I=NsPrnEhz=BIOV|-s6+2gN
z2OL2He+hQXN0axb{Kz1$N5~+7=r02J{2NBo)QFEb8Ak0dUU&ly5xJFiqBK^wZ6-B^
zAHV|1X7Z|rz{?;guFcd<E-Bw4|6}n#gQ!n==Ou3UA65~RFm?riz9OZk<&zaTI4R_`
z2{o-7-qB$*X)7(u+`OY>cx^0a53vitmC;~S*;Xz|LMXiQ=h@R@Ip?P6+$+%N%DfDW
z$@oT0&&GS}iS*(Z3ZazA0q@CoIo5h}*%yC3E;5Mu01G`4^x}`yc6NR@M9@9~y?=CG
zj6$3^M?O^skYhF8<FQ|6d-3ck5Fe^wKXWa4^K8CTyY;;E&G*6_wRRxGsHi_=-z{UP
zJ;UVdnSm*}E0?(CbKM{*g-nY^ADUw#1fEf&asKZQg-&exAX)j{cRKmW;K->khKTXe
zsDA&r3}UbWbbQ?}ojIh!4X3-eto!-K^ey0-M<vC3&`?YiUS)pu{Bg|`=oy4oK@?CD
ze>&S!#g3Q{rP;X6#$%xn8=)BND49^hT%qTz)c)T85Y879Nu6Lx?tlK^2V$hd+FW?*
zuXkJe=6PMi6^>6ID(v%IOy`Ml_pi=NH1p%Si{7|=;@pb}8lsfU)dAWoG1<a<inyU1
z_q)p{Cl&g-F<$!0{gU5kw_+y-Xc;Y>AYLy;;-k_RvLJC?^TW;s+D(P6XFt<fW|t9y
z)_P<^Hh0wbR?auSjL91)!;O8-!-u>_856ZwC;tY4U0}^c(V1s~fA)Az(Ha!?j7<t=
zA%XOJYW`9xT0rJF5QRQh{<aHu5)Fg(y@Farb=EBS86N2Q6Kp?xqk{i#840`a0GNry
zhi9Tkieh*U-DQORl%Gbm;JE-+`H&N&opCKjy*h06Fp~<q8}YMTbK1vsD8Y%5E~A9C
z%=1|2B-@sgVMu+U=(dim3kYTBj;AZD4GjAn7?{;E@Un~(eD+vM+G_#B;(<`Dq|x{w
z`V9FgUV@<=f|LAWN11x0`KIJ?=_Z29`R4=HXwRRFd#@xE?!o{J`(WIa`^I2cZ6$}I
zt8dBhz-H!;Pzn6!m5V${*-3~Of)IFC^G-7nvky6rHcOg!$Gi>2%i#bh-j+$+xgR)d
z`_PA*o}#|q%j|dGj8WDXh>2^fVL0T3E%o!<c|M~G{lwL$m9Ksqm(>b_xLDzZB5gOV
z4)<t;#q|BZ7T7R<y4VmUiz?ca+a{ND|Fr5>3q6FODY9${$s%*nGP2?>tHV8cYcsP|
z{)0XnBEXfzyQs+0nUHsDO2UGp{^H0kEu$emjCU7;w=Qv^74X~k$lR8E;qgdQg3XX$
zU|?9M*M#cK-7)31uARq~T(^fd=fjwHJ=xF~<es~Znzci1MT+awz546;HS6dI=Jtk3
z-J5BhfPy{m2D|qPcw`zzN>F{4!fJKs*6BQOx437$6T=i#VYGNUMbJenWHBCa`2lcY
zzg5)=x|!05Z9Df-j$_6)7Yk(ukJ+DrMHPo5Q)S|!LX4o<_6}!@Yz{B~S#BGQ_G<ov
zR7wv*(V*0CUSjz8(^=MkzQGLlUA9BJM@Q7&Glzm7h3T1Lix(821)_$-q(Ye)Op{}&
zM2cksWZLON0;zqSN6eGQmP0-4(1M`ge}p!c(W`J6+-k5%S|8$p)xyb*tm`R3%p|h2
zQn}PDSXHvaG|l-sE$S^JRtyQa9gl-vF>#A$O60?uiKP;7wt(Pv9LG+Ad+&zy0k_Cp
z3gJInrvkc!k#|1ezGd$;K#F(ISh0^MvzHK@7F$iwdruKYN~|y{Xsn*2@N!4%Wk2}G
zlf|<rO8HGtgW6bauqH3k*GX^()?dU5Cx*6DXnd98m@dBB0&8Tx?B6+<zebs!XDNB{
zXn*CwjGUezw`EI>%=@ulSJ>5Gt^v&w*=#op3Ay22W4HpR@!;xo((D{Ra{Kg)4vl2K
z1!|%v$ZY#Wkdd<Vpgquy@}P%F)kJ9PYhy?*S>v|={rK!gcFDUa)&&%>Sse7Sygl^`
zYn=%m0wv{Qm*le0C$ZsUz-DY#NkETTdFwkBt<aq(gSQ0)p&~$_uutKED-S|mq#_me
zP|rF#ksJ_7Smy<#GM(4-HZA=|8z>Yti2g{v%YiYpyp*K&T&n1s`}tTHY+K%;`B75g
z333sy^Oq#u4oD?ac$c^W>CBWEC47r6*)rlkUrj+^X!(>L{&A#o5jTqj>Q)~d%aR-P
zSf-YjaNRO=^u9q%@nwGtg5#chSM~%8GUB7^R=kf3Vf$Oq61Z}?lnNO8Y=+A<X15_=
z*|i8#rX0qxTL3%5;;6+*`H7u%4s^Gm#jR@p$A@?yP7PKZ4p*zBWA4Z`Z{r+K(GIg4
zjpf~I061&03dxkeQqV0kQT~8tdV&He*Q!#JlLZSS(FvfCl@Of`wjQB)|MXBAxTz&3
z%BL-<HA|E6?HkT~!24mbr8AG_nRK&)#HvK^qNReuU6_IbDqCFl{fWRwt7$XJM^_>H
zp+6msEl$j_I4jg|&0Y;aBt}=YpOlYCZuFr9MMOGbkE7~-zW-j5^$+!`U;ac$lCkup
z9|g`dVAc0K&23(O{PY#AYr$sofly6#FoI;uUAD*u!Z2RQeYFTsM7qtPn~Gh!!M{)Q
zp13c+<b2H2$^b|MiPc@u!ODIqwh|^4wzlLPO1~Z;q^AK&4Puv!%{Dhdt=T19-+yxb
zg#gt<c`UMF8JE5Hj@!erm_lIfAa@N=Rn|k#>FA=rqe3dWG7r;zv}e;(Hg;hF+MIJz
z{e$d~S?u@V(S&fTNoJj%IL~m@6nz|}qOV_<J;E5C<WjDS2qywq#Jdjy@eEF-CAuqb
zj($d(gt3&mj2kCg#NqbjRHR}MPXt+Kd*1VSO&peIq5Ty_7ebjt6ov01OJ);ES}R7}
z3?(NwITxx~$qv;k`!XO#Dj8ZOM+Peu@%^8{T6FkEP==UAQa-S+&LB4rN5%cZ97GM9
zL}1o=9U7-naKHCb*|OMt?~wse<tZWW6l%U@&vigzM~kmC63Q`SDTto322p?*^ndzf
zcO891muVr+I3;I0f8s5_PF1U3cNtW@euzZ5=e||1qqOE2rY<V(PVYCb#zAbG&G*B<
ze$SPIG5?kZxFL2SUjPYb%_P^66*6(rVL|3a$%qgMD=}gWB^lCb)$qNN16ah>r?!FL
z31s2YEa=_W4~VV<A*|kpZ8+lw2i{)T@o%qiiO;hp3|<UpB@E7TH&O0=_eUt)F;|%R
zt1+|OC8<I`&cn<~wOAGfyet|x>Cqs;7={p_I9F6?y4u`PRq4HzVWA)HKVSY!UyX84
zkMVtl<x0+PsQmtkYb5?BUzq^|2>hx>fNE7g&;7|B^790*AP~n*a*hn%#AF<jT6-54
z8L8OG4+ACy;nHXl{g|F2_N?3ALrnPIONPUrX>9v4E!uesCGLNGs6&ce^gISIBFV1_
zRp2bmsU*D~U5TZ(vCYr4E?<#Y_2cy3P*O5;#RyL&dr6x)QqMA{&`6Erf?hY+*ssP6
zPZVITIJK+GU|8>gFxH-ywxbc*cD7q=3TVg3Xt|<k6wMuT;Z_R9nCsk6gF2YanBW~>
z$Nch<r7!<Va1O9WeR?*wepSHZ`Mi8|z4?*bKQH8AZMvFiO&O5fuCz#@JqqoKwpz_b
zQON?@^F)Q@JCZFj;~oZK{!`Y=7s^*NdW>%Q4{r07V=~V;udjBW7VRY?;6WCKywJ^g
zRB#%CbrVPbc_^lz^pC3Pl`;&D)#x1#3eZ)K_T|wt#PURbCs&4vbtL`60G`UsV{E4E
zf;Y@1QkiY{Y~y$O9-bDVX94X%`|{*{(k;QC!}>`7Jm5{@-WP4~H+aRG!}(YMe$d_H
z6Wh8#_i~q$7!yLfz2d4-mkC80BKAcW#yWg@P+HJk&Kvqu^Ryr<;J@QWW_xOTiNX>3
zLs9(Y>TusLwC)(ks(DA<8~W;CVsr`>aiPe_z2-ysNRFps!6$q1t!OiH`;!OT-I5OH
zxZ=6*NCaplE|RW0IInLQM>qS@SMUP8>*}X9>(yN6X9yAnoTJUCxE~La^0;+2wST60
z`-%Y0SQKHVISfQHD)t?TD%sRwWvSW2lo(EJ%5NhzskuG>S+I6+<jJQ=3Fi%5_8rnj
zR_;XZs|d$i<HR{DY1&fNQ2W_f`k|;2v+ldCcyktv+{Ke-h+2A1$5z`c9y;w2wv?A_
zg_(rsvhKU@>vByvRJ57?6w&HTVL*M&grvmlio4eOMYyss<0J7Gp2{@X2LUiXCTeAW
zODVnxIb_T$#FW9R#nfS3eP~ifT{U>{lc7AC(IN^FE3zzQR^zmyg{o*zaF9_k>C$5?
zOMQSt$D*$Z_@2}*3!}+4z2}vlt%p>H<}++)SDK*>#7hDgx65{Lv#~0Q%i_%J3+*1k
z6v|KdGU_Z9w6KvfpJ}BbLq4_@Oy5H_CZr*YgGIq!HSEfDi&bJU5RnIO$el~`)^Xwa
zbeeft+M}WCKfD?J?SINOHC!GjG^1daluQF3B`JJVjwWcp-wwtHF<@AXwM@zW0}-&6
z8>KomY{zJxWx4X<y!U}rZC`?(<Nt9I1MYb;I5q*-CU!}NxU<Nzd~c86VdzVDUj;Fn
z2)3m*85IPoj1)gcC>$s!PU%HmNgdZP>4tpA-Jo*|waBsl^`AA9`EUHdr%on%?cbXO
z-Onu!hq7$7Zfdwj7|@4+vqZ`Ifw+&7%M4Vr)S)_oR8IztQN)zLX@H|N-^o`W=HSeO
zaVSk(xVB*h<6I2J84wGL*(b8;d%5|^fUb5zMQb?fV8iUAj_x%@_p(Z)b3+04JHusi
z8gaw^4jq9Bp@6Hzgi;cE668bORrWzgdB~fhRQKvL#jx#>3MZf==L3K9mE3&^+(d8M
z^p^Bv`<}R{G7zhCYrHj-SRUhJl2DrZ-d@ZREGK)EOU%$mETpit3u9PEF_!pb4<AUy
zfmn-l-qS!=<_OIlhi4Z2&dGNp=a=9CZ5I;pwA-$BQFFL-9E=yNfd#cZ-2BY!v*9Pz
z$biu15{d3*MS>OepKU(OYknCWv-inl=OnlkER0>eLzm)%@RcE7t50VO7k9)z)|owY
zJjOfU6_~x+hHpiPR1xp{TmWK6T#Ieb{s7%{U_00TWzkrJ+2}S+Y4<2fkDGE*oX#(c
zEtw6L;{1_0%}Z?t6Zm~fcfI5^Pq9;Ah;qqZ?ZsXTg2q2cV9Xd&*g^Z=RX=7_z6cuk
zq!L){m;#4l=#x5|qDnD;<i6cscod0}*_t)Zc=?fKJ!hqC{8AB-`sh8!z7&x%w}p<3
zkbw1_##x9heS53(1r?}8+Zn`^=SF)lts~d=vhgS)Q~y&Q@YrzkNnSiO)`A>-`ao?>
zops98?@4nJ=B8f2vr|E}m9{^b9B4atwBp(2q18g(Zf>P=k_6zl%z)g8)Bo7vNLnY%
z+CA^?P=@_s&)N~-hZ;SOZtJ34f+{srW0m;A)bvGy&a(*foV-Uw(nM&RoBNfOWr?Wu
zjJ)UqO8n3!{k$?k31PKeIB18pvTC%HJu@06q-|5GPa2UoFgAtum6kndBy-1iN_BpH
zzV5mStv^ResmDY|!*-Novcdst%~c|R-T<F^sIl~i6~2zfWoa$9snD`hG?>5!Y-h-q
zFlo7Sf@HK%=0vTY=&|{6kOArpNY-?`>v6la6oA7ur#k<;L|pAEOTX3nERj8`DRL>n
z7?cqEI(=xmBCX;mnthiwc`}>-_ZikU8?C1Wn(1}9LHkzf9~L;V;cKHczkWXxzQ32<
zz!V%N>0mv}+PirBkrA7XDrk*H22aDV%zN0_f9FN<!#O8hTewV63gGdptnqFg#fG{p
z594oFBiHw`Mv5_*3<4S}Ds;`GYVx8?EE#`cF+DQMW}(?gb46kM%{{gV9hy&1c1uuL
z+L$Ghbk#R|J-scWe^KKQSX<yedpqJ<Z*f<By*8eH)zf#{k`njgrh1$wuz`^QU<scS
zZ4^K1Ym>7>=NCmC)BDJsjEFnXKR5er9@{bjh`5hm<%$lkrx$fWgW1L5wzln4`qq9p
z(IDvX5y#PU6MFDjs?mAn`}z`QZR+$^$Y0RID+fb#xNWwENNlIXz!4%}(#@Ilo*O7o
zz(;Wf3zBp*yx_yk6?tg81OC^Z4<AXue(J-gWb;!?$N4!(olS@p<e8a5BjpIKYjBmh
zz2QX!w_=9Ej={X<%KZMewOsY<W7PidjcKP4+Jll**NKg{A*m|qnMBJ!SM=vXDgB(n
zGjjVgYdXPxWsOgXiD>iigHm@_#6l0K7y!BtzK9tc<i5W-@@+e`C%)8L!*WY+w3zpv
z3I8zM<kIs^#%JWmUaE_Yu>*>=GZ$IijYbTl>Xlq-2ac|UBga|CgSEchyE;sB?R3)#
zc$k*8P0z9x?{R21RMpJip59#*$?$HnQXyMtHknL+H^g0VHOndg3$uc+WqE*?dhL?T
zw2h`xvOZae%s5O%kPfj+m$`f!O%8Dv)q?BSGMazeYpdBsU1q)}BbUGYem)cPusco8
z?#K@i&UpK(!)IL(r#&W`IrmCt&OMZsRqI;>gQk9=2FdKU*yQQyZqRNxKCq!VdcAgg
zI=kDFufU77W{e(D0`!gb(`P{~X8o4DNd71ranDR_Wpi4__Ir_!_WgvFjvYo~h{~Zz
z+!93OT6-<=wmRJ|OTS>;DUJrZKBRIr1hzf~v8GghAMf4g(4Q9j@wok9Yv-@8+l)K;
ztZh4qUgoDT1&xeRny866#-x)*`5i{5nyZc{Ygehcg=zy7|A$_`lGMf+k;JOdrJL*l
z#E*N;6x9^8pQCHp!oID`7=J4o@RvHuij-8cCozprEVY8z@lweRoQ0=f)XE5n;*K}w
z#B>Y1{be}1<2}fLJK2$~;!-X&CXeKhn?!LXpPg9ma(=vLUNmoTmT~K(p@jO$MH~(v
zSg*dFN{hk9#^8S)E%*%IlFIWh4aV0cvh(^i7$X9QuT)iC9)LP2Uv<RB4swdq^NWrk
zoGR5<iQ1cc{_x#X+u|QxakzLV(iE!A2|B^L??H5s<hURY*m>Uhp7OeU4v_3F(mtK;
zZy_;HRFrd_uN9{{6qZ0E{+q%%^R(K(d4eYOYF}YE>#?X4;}BC7gZ8jrB{7%Wbz3oN
zI1{)fEdW}+x~Ic}9eMN=_zE?}yW^bfQmOLB3#95AogXHhcJ?6c0V&~@-ZF4tN7C86
zZV!y%sc$!j-FW9rFiTCpr9*4}>C=#}?GmRX06M!Hmr&M<+tUo~xJ-5xX5wHUQM|b+
z@UEHWd!2e)qIYB`Wr13aYVorLZR2}XFCj`#dBo?IN1nb=2+Q&CwwL6GRFANRcr0qj
zx6vPZ{NOPr`Ys!yxMFikqO`b&K{!vutV!izcna-pR#pMwyBu!yc|e`DVl+y_K4J1k
zXB07-M$f{60}<^TKr-5Pf|~74I!%n<MvAexCsev~;<*dI$^c=4TQjrQ9&1iMY{1q}
zk&mMp{iW;HXsu+*Q`H-vc7>-MS-&`y65qg0YkkrhgNTZ*`Lb4vSUH_DPwz#Aw2hTR
zR;p9u&>ZK$c}`1T0|4_n2NV`pC#D|ds+Rl3@ANhB&3U{%jVjmrO@Q1RI)%_a_fNdk
z&esEHw{gYK+8rEXFcw7T7|XEReb$Sw%i#lug+4afjm7ZhZ1!)j5RtU9zOBa;%3EAK
ztIXFRcIqp9#`_%#gE4IW^5SueHAIV^@wUL+^pZ46k3ca2Y8f?Gf{3l)Vj?GeR>4Ue
zLu1+F;`|vz3XFv(U@42zJa=D171pZ$ePus}Nu5e$YfG2PXZ+G%sOv0W2HqvtMkw3>
zDbS|LHe=Fzbsl0hP~}*l^0}Rh_;g-de+Z<Mo<Ej6P{^{hNzF6F413&${|QlmAo#8S
zFmRb|8u3D)7Ujo>ZJooSNY<M0{(uU5K0J-YFIq)7OE+~4G{YnIKJzN#pZV#weK3y5
zH1LC09H1sdu#z1FmdBJ@YkbinUB(RiYj&!4rb*4QJy{tJGw1xyaWm}m*>^{immYAY
zWh={pL%)V2b5^_3nZfJ!vtI&J!<1At3;`Aw`mzqcfCZhX_By6zv+!q;Z{U{9;{sv+
zHc??4rs%QZk{#=%guj<$EW1G?O7T1pOBbZ+rbjJJa?<G7TC7pn!0s1*stpz~sZD;2
z0VypGr%fhaSv3vgF|eKw?+kdd(;XIe@_~{heg?osR|ikqsnIN80*=Uv@5j@_Je$dv
zCs9++m-?mcyToLY<rGeE=)-EMD;(DA`>dZgHE}^K&=2}wqRf_WvOI1i83)87Y|$>R
zH_QSWp5<JjA|VTYxmZd?qH^SQ5c%y#D7884gvWv%?h{E6G)$Y;OMnd!_uXSZHv74@
zM$Q2MHhq_a<FDev6WH_HD?|MQrBW*l{XRFz1q+#N38od_Ac+sLd_!P|Pog%(`672i
zTf_p#F|(S`yda27!f0_qGYR2G=fE!w@T*I@3%`9I#rsaJmcg{iF?pM@j8K^;;UrbJ
zY>?>Pt7ZY|+T#>Xp4|+HUprAc%bMeMd?XSXu+6$6(RV?lm#bvhGG>CWJ5j@P+*rqA
zcRDX^ask;%t_!wsk5cFRjQ8E4XW_a=H)n2l`qfAb6fxO8erx(y4_9;EluVY{&<A--
z0cbw2kyeys#)*GGx;7tNUF&(XcS(gMyL4GvN(P<hG-4CH`*TG8@0i8rKmRra)Bz}v
zg{Vc?hTgCRP>COzf@WxRSE!ZDSZZ!4WF;oG$Y@C!JMQtrr}$lqLe)fftmpW)_r50>
zh}h!Y-?QKeeEEzZe||pb3ciAKNjmd5<IV+i-osgezH~iPF<(EeaqFP&AWFk8*Ofe{
zi*xx^^g1!wka#Ty=!0?1JYg#(CWw?2n7+0&4<`0qTg0+$ZjC7v&^Cxc+2qf!FKqDl
z3}ss#xL@E$`cf`==>eU`-Do|y$MmXa{q2v=b?HiP%4WLc`9)P<!)+^6kAV`Lwl;sD
zJS+ht)p+@TZJ=yT-RnI+on3MlJl8jN7US`jV1fB{VX47GZ+%-NapjdU{@~P4_&n2O
z-QOY$#zYKG*EOpx*IHl1tCY;w6~{NIET+!sm=&eLTN<6wze(|rF63kX<RtYmz&6=k
z+02_dC^;yw%{JtHKgmgh3=vO%xs&GuR$o+gB7opcI)xMyNSjL0E##?*od`xf*Qv?K
z0s&YV+A?R9yeqBMe9iDhQoes^UDJzD1OKc74VciVT(-X@rrKY5rgF)1ei^rRR-~jC
zoSM?vQ*2k7sG^_oE%icZpZe`<qpOBFa=hch6T}v2@gTds%{AsF7IZUqU&Fh12Cd5g
zCroXs>+}xK19AI-*ZLx9|Lw{LAc5V^S;!t;Tm|Zt`d&^`HtJI-2+ZFtpNhI(6&_Qw
z#TO)Z{#3F=367|adToEG%*Qn_)Y8JqF36QIfW4$5IQa^OfxwHbH_rPufJL3I=QgdE
zST$eFln%H!Ge6u@fP0SBHHDEc8id|^6HL?izN<p=(|^0z3ADknxlngZ>Q;eVa<gM>
zgkob!HD15fjKY?Yf&;;uN1Mee`%KUb^jn`{{o`SX!iB{hM}Km&-v=!8xg%)9&aa@5
zIP$PEG+St4wjVT9Rb9(B<ngM{S4*dn%zhS#3df*lYbc-jkt1`n^vT_!^<<TIhV_VU
z<u=e2aCCgRgPj4nv~>32wv4lRmC?ZZyC=b#M<wXE%SM_<C1%`OwI{#MIO|R{J66v=
z7Cj~^m(yuk1!)I+J?yEPUuZ~`NR8ZGqN+V`m+<EK*-ji@vEjh_-N{~JXZQg-#YM3;
zXsF^R7Jm##gr%;9mu9ruDaw9^ff^`P6K1i6=&m;G67gJ@vnxL0g&GI+WtG0%NE#->
zXPerz7&5{{124TCswaU!999a}pBqWGQ+n5J4fFm<C;sJVnMZ%*Q{H3T;^C9lh6!No
zUd}kOC(gUwl*PdOR2qBEev<Yh{fuzVoe^&`*q5_P>JO7|B2dCaweRZySlsZ=o(0Hp
z->`D){hDJLeK@eO{1C;x%oT*UZoQJgg)}KB2~m7&tenqfAto-{{xd{OOeNh3eB3)L
zO4Q+m_v9URCcBqAJs1cSCys4PWe%i}CQIm^>oGOtOE-TFub%GtST4^hBYs5@)Z3@%
zfEoz6tl9;TBi&sppORygl&_={jzl;8X+t%Mw%*65P3bMtoViEg-*Hi^V}snyeWtx`
z*EzuRZ?X->Qjf$|kgndUHgh;t4tI0lrT{}qlfm8P)V2;n-VZ~b%El8FWUmH1RMB$_
z_t%Xi7UJ=W_ka5{xER~<Z16|{rFnMw-ABdk^469<f26J5=(n;@C>BSKT*k67%*L<3
zH}n^5wYt&`dd*6rC>!nqend#O<s7E}*^oNy51|ou44HKTRC}6a<%3e<_v_uyjTnS&
zx*6KgN&{6@yC|O{J;RWBA`&0q#0BGB1TAvlo9T3sKETbd04RJH5iTGn_l<+T?%T0C
zAK@6YL}l%^t(u=PEi&^9JHc~J)R7>L-O9^YbPnr_R~bhVvv0paKR$~TdNniiY<NNu
z<DuXA!3{DMuF-eIcFd$WnQhkwZbgQX=1?_{;(YE_UrPn+#a3*|6pB@XUzid+Ddx9V
zniJ5=I?Q#|UdFFqxtQZ%<HL0GQ#`@I<E3mE8?$J=Q#cz7!WeS+dr)W9AljBZ)le0N
zn#hDp4B?w<5BRG;!N_joI{8lG+hZ*raLRjF2fZ*GU)8Ee9*-6khMm7+>V6ek!Q;5?
zuQfKNi4CwD79I8_iHIAr_e)p7?#kQ=2SO~`8~sH8c|D8(Z3^P!z;_|_*51EdO(>TP
z0wVlG=hrnM%+L`^mE)zY<l*1($b9)bB!CI1==)Ofa=B3w{l#8I@OfWLi?l-`fy?M>
ztxZ2&TVj7U3PcIIukPt4dstf!AIW&7<&DBHrPvSmXydF+Ho|YKfarD-L$mI1VFoF%
z!Z)%xVj@w+@t>VsQhJJ!#-lLvuszuS^c740Hkh1U_xzkDx}DPk4tfDvH;9eEv}Ybu
z#iO3so38%k?CrK~g1x>w?J%faI<pSta&3xc|5cT5OC8Frr*XC%sKk`MlYl_d;xp-Y
zSWV@9a$N-2iIut#1gUXZ#Vx~V3Ig&KgnFDoE&m0$@a0b@bw8xoEuOR2W-%FKSz?D6
z$5B{PW{LI-N<{a@=rNdY&BSOWzy4;0=k>qFXvCltj1Kb@$Vm`xyY+T>7?Bna34L=X
ze1W;Bev|w7{KQUp-=8hUg)HyF$@FY#u3O*%#%8Y+5?|RA#fY3v+Nd)728cFKSLSfg
zR=-i@(^2uuv>5G4VB=<axX%CZDf<8F1qQu3CFb&pbJi^rX7LX{*keB$pT+g7%O5v(
z#>K(2@_Vqu&P#N+^J(eZjE!32e2W0I)vHV@-`>mux=Ftv^rV7_c?V|ZaR7FdArkZJ
zVPw{K)<{h6GuP10CGy-TOTgK|#&I2^hBjdn(tZ;>U30kedNQ>A&&24%#eNSRr59C3
zy(Hh>gVm3!#o(hTl$aFBNrQF4CX^`<at1J)RrjBX_X7VqTLarL0?kRjod&tQw+dZL
z#7i#v<4?J_N4P3k2>>r<NODY2a1m(&UrtHIK7^Wu&&qX`4R@|?&|1r_*?J2L!kTi3
z2g|v~Rn#t0pl=mND?q+zc|vs^z8Iyn_U0=ZVmtz@aB*Dxt&=%c2+GL%t6B;o($Xv*
zOz8(7iV4r>mj6SYbY*BgTO`h2<UEzLMoB{69%L&iezkB7C`UF*@_$M6e>#EotQ6v(
z-mtA(_6ix~aNFzlr#$23!IgUxR~(Y7V}PI>=t4`sZ(gww`q`fFlf%dPw~pjQYxP;K
zkF!Np30ywRwze0tuUM;XqOm1dW6kdvFB@9HMCOFXEQucBv`PEpp-(fGGkjm?;ffjX
z@aG4;8p><+fv)467SUA&Vf)U!>l!2DdvOaY*SY$8D2R(C9xQUpp27HWScD}uqvkl=
z*a^?ChPai4?f)G4O~BS(AFk`L?&c&6KJVtfb9k^so7`MGV$JWXR?;3K(xD%AHKo)V
zv&3#?vB}!)I+{+MSJTBay^tI;1c)Vpxa_2d`|7W3hREava65&f2$=0+?I}fKP$R=7
z%!fjwJ6UAsWXPyOka1qJYVb2NJt4hXg1UM}`0Xw}YXI$dR#IIeXPEfT7`IfKkU>|Q
z1}miK;68V66>M|J6}iMBmkCCyj3UzPOOMrixaj{w-2j2P>y=GR79bJ^8I@F{F!cJQ
z+TjU}4dF5o4;9WbI}(oMvLUD0_!0l#$iKG^5E&(D7-xmUcJNtyCB}_I>k<Wi@j=M9
z!pVc-5s=)DCdV+V?;1xZyj$pBGzoING=pTX##|lfp|6lX&!k6klqE7f{eMhdbwCx}
z(-shr?(ULqq(elyq`SLYN?5uiq#LBWyF<FWyGuHxzbk&P{{Fpp@7>v%=gd4abIxoo
zuEERw$zQ$efwGVE0z?fod+BT@dC9Z{zA~h!qfs{sWlDS=<}whpIQadup8py^g5Zh5
z;ESfAzk$)t9aeGUpj4+kXkFsTm9$+X*gdHvgYWs2=lpy*uo8V*I(PdX%EO;gOWD$V
z{QCu@jQbAVK-O;mDIBk)iQH^-bd1{QToLu88KCBCx=-VUyJh{^D{9kA6uT2KSt9(!
zA{7u*Xn1|yi2QtZT2-Zy2>VIzk-L{-whFR8j!DE&*fbI%gMQ?u5C7i|%%g7_N9AE@
zb3E4AJjIh}WldChKfZ+p@NQwHu|Xb&s3Pv5L}Uz(Yv1R04(fP*F%qTuBn03rqvtMS
zo5JFr<2cnNv`#cLEb@|D!!N=N1}7q&<bqTELU7S0Y4VqbY;*ZdrSo6GdLnFPf=8^W
z7>X-ZrbOjt!mLNlkV{4fRJ%%Y#VTpN(^Wu%Z2NCQ!*GF@x{pp{<k~EUH8O?^C3JrK
zO+#tl*yx<mvkX5k5GBBYwA|6H=<6}I^!fVR=!TgjMT*?brjQ)+@g&z*55%m=xLqvv
zDx+rvB-NSy+D_#c`dkbDn?9FsgHCgfZQCWqDM=4-{#57gFST{Ui4>U;pZFx#`_6fR
zrMpx4Z)~fzgwfa+=~P~=*Q;%opKCnGtab)|YL)yn(h{AQrj6wkN8kzt^X&jnu<m4W
zl)|9H+0y$Y4e5SVzi%|BonWnKBjDNGP-^&G{X|TZ+%~{iCc1YsdvlP^!I9S>${mG0
z+U#G^FN52=iAW~96OV1y|7Ler)!JN*XNKn|cTTuE8~cQiZm@qhT3U3H&gy~lr@dO>
z?&WzjvjeV5&<`~VL|17NizU^&vyCejipVP|aL_O!Q#jcAg*9eJP~qHkDGT&GX#HNM
zHTX=?dC)G4tsdZUgia|RXgum1BTMZ;A&X3zg+$3Ju1o13@CQzxf8|HvZ{=P6{1r(k
zEU#u>_wH>|dw=;4=Mf&Uc3vAGPys`VRTaQJ<pei1)_A0TVR=a%cM2g_c~e;eR)*83
zh1uEG5;87%-$x7UDKNIB$p$(54V=aN^dG7J(%+<t%REQ2#{!!rrX;ljfh*t^-C(Q1
z+Ruf5+=ON>d(!gUv{Wgg=gB_xstu=fG~7AOk>G?h*8s?lVZ4JvYPp{35w3dwzBSu-
zb0=;5LXJcWy<CB)ZzC4IUaWb+53J(XyESQ;IX-JzPf+m~v@E<-9|}pZAl$mj=xjD}
z3$QcP@&X3s#Ve_#gAH@~nnu1vHFcMvf7SVqJ*YE%r|`_d3)b=23}9Z9II|cN#*utF
z2I|sR9N*#fNYBt+P}*6-N_Xuo+ML|+VqZn9f2dDzUZ0ApWA&*rO1H~1Tv5|Cwu^Q6
z;Tb?v^GK|L%O2MtPv_u22J)UbwW2$?z0D<yDN!Na&4+otL5dM++2+x!vEVeW`<Q;8
zeqZ<h<689Q;)Y_a$sMl3@QmjGTBA}hol=KoC_&@1>rqDfpNETupraU{L5<<(!5;=h
z>aI>JyjFbq7vU{4>fdIY1X}L%<P_WmezrgT8a@iFA}6R*GI*E!d>~Zprt$9Wi}{Lr
z%%wu66Q;6yLJ#ZZtj(lUlcxMGWY$r}8E)&0*lg;vrT1&ii+e!L?f>sT=uOArMq6k1
zT!LhprkzeGVmL5-=Xs99aNV{#lfG@0^J{Zg=LGLI|9ICx!718hKH?p&BtLunK&U=l
zQqW%S;lb1Kdg)L8CHA_j_t0PI2byfO{Zo(Siy^NB`jMmNl;L1sNHTdjW{f^P)s?B>
zMInualeiy15lr4(7$cj09w#P#Q5kl@jYaGdQuF<9J_G7j_)LUVe{Z$>A*P>$IrY4q
zcYD{e9hOHe;Nh?@0bqRc5r;-P|2P}Svr2uOLR$ful}MYm!MNGe`BACy4zd<p3+o+N
z!L#WO<&9g?2KL*1q>0YYf{{tB8OYzJB!LQa_BAb-wRWqV@|V<)6IoJ^I<8Yb0zK}6
zri7*Dv7c5P#wNBdrguOtDonRIhPkXkWBo$~I;dd&{|9%V)#X(iBhhC#tg)d>V>(M4
z^VPa0eqbu(WC>Ci{fdYPNO<e;n8eRx{Nv1pQb%0GfKV%+SH|-A$T!^=unKMC`Y6h6
zFwj`|%3SJQa@(qzd{XA1La8p}@;+bQ8SIcv7imY9?0toEFVSZK;9je**2cqlW!Kr}
zne7Wjm29tc)OYu&>qid3eNF<&hM;|}`pI8AjJ+vHj~hBp24oH}*8EG#4{$H~N2>Ux
zBE-Od83eG7e-hbDi2<Bu{fa}W`qi)MG}){sKJr>8RF!-uoa+x%eSrHjjbKek@<EaV
z_4%#`Ve?1qhR$>Red6nd4Fwu;Vf90-URD{$Z5d$o%lsp$z%uVbafqrE%K0bSf$Kvk
z<L`2aT>aA6s-*a~1`uxyG=iC4@Y&gps)x|<<_8%{98j@w7-O6*jyp5`TDcTmQa-9r
z#PyiVsuCU_UN87>Z^WTfH|}GC6*<av7~V(hm42{JRVTUU$jG;gY*4;w>ZGZTj3>0G
z4ZJ0hn^L7&Nm66SQ<-c@Lx#gXJ!jwgjwaYTwbqI8ejP6hEG*?ZXEyqxoy3gmMsomw
zE^GLCn;2L!Z*9pX&hMlfT2ye)9fFI~9Fc1R+c381DloD>LkmL+mpVLzEJ`l1NGVDI
zj59=UpY^Zv3$M%`wItiGvRR^4P^zVsWoKi6IBDm25+^N%rK0<SI=TM<-*WGT$Mgu%
z5?@s-)?Xga+7gRq!aa!wXrMPg?Eg$yWy5sazhFjz&`q^%H#mp;HCM~6_mbqodpUK&
zANnPVQsQ%fCR|mMiWB7d^;VqAe~d*{i$&NqnkSEJ@*@Ait@k(3!Rzk(&5LmBt=7jg
zw@b8?pExXx4X+qm%4gHQmnqvPt|s_sSj$Iyk%GYljF02jEKRn9uez<Gz_81=XKEz(
ze=(-h`GrpAL2tp6HWQ&K%xcZu;kM>wLinC?@!)rh3q%)TW*}ILp^XXoY*Pz{&1QPY
zjSB3kTw)`6sVU^H+w<M@NC(h3Qg!+Mnh=h=;<DY6jIZ2gX>iXlhha_t27724aFUxk
zlyz5-&JynM%ZbzBkb+}cj?{CM7@uqNAjaf@)HfwDv6J0h?PV|XM_X3(iV6pdJH3Tc
zK)_sqYDNN6tSUJL&G7;8{Au0wk^oJ`O_Y@xwUx@ZlHz#^lqqLPTWsRuZws?y8>lY2
z2)-Gqy8N5sV@|hD4=jqg9O5~vD)V7Hv_uP`Z{99BpFHg^5Il@Q5@=mb80SrXaK|`9
zezUDeG(LHIETZyF3pJE~GReNU`8E>d5h|2^cI=&OxcNF}uBOVg@u@h<pWm5jBh3lx
zm6SjG!vtqp7GZ!|YM_uMtV%mnuAJan-I*C)CDKK|A0y-k%&L7Lmz*L}qEH)Hl;Pak
zA^kHK=FeCdVbE9@t85Gq=zD}|YdW78Rp6NhTzX=xi^!q`-pOIvp?!@Q2_G_HkY}kK
z&F$xX&HJQlm>*6CZ2^5{&&vJzEXeW3;wSMwOO0Gw*uK`r!_nx`F#DXFo{>X)73|t~
zt5{(8kJo!cn~bB(&Kgmv28Y(9r6MskLQAQpE&gFK8<QC$)wXw7P<0;uZ;s?kXT-WF
zHh+Xy=Uy{m8lqayWtvmzIxXx9KZ9|urQIc7C}`8L3pcFx)5pgW5bc3DvN<Ls^!*x~
z^@Y;81fC;8_spU1$Mr>DEwEwof^uG;?os%!>4~Bb#oZp+3eEW*7-7M5hcPiZ>eUO?
zN3R*J2|G4S{vw=LKRA6}WWxkR<#;RQADWLd<DgtVpw&9F#1*B=m_XwU?T_06#an#n
zEVu`P(;SNp!WZE26$z5JagdDeAr5)(S&G3BU9>#`7`R1c2>2K02wM)7pohS8Vd_;=
z8s?~uDGW(X0ow1=Nh+uimz^5ZEe)v(@lOY^bO=m~Vh~4oH#B0MmGTfr&*$qNgmLS8
zQHD^_0?f8uW?z}>Qz%nutR8Y1mgV``w*n6r+c>FBG2NV!-^EozX?nK9wgDwE7%!zh
zH3RCR08Qhck(K6GIQv^f*=WR3bjlVUDdYK@Z8DGR>=txJ|0u*vTuiJLxzSaayAf<9
zq7%=Oaf|%G!SlH*ZM@nWeY%yXE?*}2Ygo4P^MV}-{hy@p3ZZvORh2h(uX&Ic;s-fs
z)Oi#e#ZOV;040btwRXXQ+7C)Ec5w9aFT}MU_ZH1pkB7;jHX`pQlWFXP`Z!SkRx7jG
zZO=^J!C8Xs#|NeVOtIsLtnp#mg)F1cX6d`q3J=$N=tG7B*!^YT_RK74DsPMPzAAAS
zi>J!wSqN03+O!f*`;9oRBfJlwHK7NrI`ma!j7r3T=CLSIsCP~$i<6@<_gB3w7;Fxo
zT=4jWYY_SO*g4#N?Z>n;5mH%@*{@sVmvBDI*_;%i;oJ<#Az8Y4G93OA&$dG~aa`nx
zv%Mqw5aeM)yAIm#hu3Gcs@jQT0Aq3#X=|RrzF(c<H^@!FQeY6(129W}jQuPxQ|Dm-
z^S}2YPdO7om07J<Aqk9F=_k3@c93&}nZe|rds6kL`??e8F>n}>YZ=k;gdeLftGeE#
zp|---WK*_%zt|MmduUE+bGRJ1bEf@xwR8M<f4F$V<K&yl>X^(Cr+Akx=;cmmLtF47
z8DO-cDvx6zZgdo>Xsm|U9X0ExRAWCHT~As`M;k?fGw4rOl;X3ECrR^{$R^ZL6ohg_
zDT3lL>q)HqfD_gg-SI7GN}sch&Gs;sQ6o}QFiUQ6c*U!v94zeQITmkB(_+QT)tzsU
zZW=kHFA*57M?x5(fo?7fP~4JE6|J$1fmBg*<{cH+eoG<FsvcWu6$KlVX;7^AZ~tRQ
zoILZ2Siv41$B>T-4aTh2)PYB}+`-;2l0n%kj;d{fVAQ;km|Ns2JPrs-=+6of0j~RN
zloF}SB#qdIaE}pOeuA~rSfDLh2wVEd#f+g9txVVZa6nbFa-DiqN)Cn`5+jAHG<C2l
z#o@<+0Qt2I0}qnF5f-ZA(*I24?gPm18oy%iI=vWm@Yvlq;#MjmT--XjQza%pR$0#p
z%^OHgI<zJ<C-axHjRDC*dj=Y2#4itg*FMpXEeT-|!B%djnkKIv#f=$yDj`t=_=`En
zPw*BQCCXiWXxN94g!rrHu|Nt0ke;DHdd`Z7ooM%BOy3q&-?a~KWYJD$3$ujQMZGKC
zrD}poaB4M8{I>79%V<n!Aea6u<ImJyoB7h_(S-LB_F%@m>L!%aiLHx0$Ci-KRm;W?
z%BFD5swK8k+X19Om1|cYYpC{2{{NN~CcJL&-A33)4-n_Y*3HScSr(?}xV-iRO~_%E
z;B^T9Mqafgofbh2$1Hok?;tYk;BO(0J($IudI4)9l)I<E308FffW$yvUSHCP^b#8>
zb)9rVr#&h}msONf@}zsjKB$S*OHos2#Q{+g%HpXU^d*pUin>lje-$oMKIL&Ha=;H#
zcuKka^6s;}=8S(>4XN}kw8GV-jLw%}KTl<u%yF(Odh*qjTfazbGp!0UZZmc;E$s8y
zZg^N6``()1)Yo+H4IyR&Ro^0|$ia`=oTey%AGf3{)W%}I0AT|iprfDq_Emv*qLa=T
z!9=>4(_dLjupqQgOeDK_3X+XCjtwFZLsk9Xz!L>JGri`>>M;=6&MS_=ylY#k0?Ip4
z@~(8g)7U8=PQZ$1XG#(tn9pL*ZYLA90j}?0d>dG7onaMp9$A_{pV)5Li&O9*FL!}=
zc_rhO16=dUUM~e{PyzpyoDjpr=^Nzfm8?u^S#hmkzkJFPF|r&@D}|3rlg*_#&UrXp
zs$PGENnxv}c)x`QgY2=X?Vl0>DsG68tqo#8UP4XP`E+e$R*ko-@sF7fRI$X7)UHr|
zKq47bJTa-yV8x;ig=W<nPkm|wvVvtYbJMZ|h~No@vH0!me>{i`*LMI&5csgIB`zp0
zjFjX3Z$?_LhsgCI-gop{bm1{Owd?dZ7HVqoLl%Qf_mD6i$NmZzl)o7Xhw6rKYoyCK
zNJ$*U=!~UJ`LqfV?Olwc?_voTQ$7d7#&KkL_&E?w69BL*^cf*NxOZ+2tTPk6z13BW
zzK*Bo$s0t@DknrhyfAR%hIx*B7sO7GTpo(fc{FrM>4qitNEY@qqBWjwu$=vT8~ACk
zwo&{gd`$T`MdKg7Z4l*1jKQ(Nm5Ywcd$(RZA|7WH6H{F%EREMe@g1```L9<I1nA?e
zqinL1L5ZgbJ*`u8>nK9J0W?S4hN<asmPSX_S=ccWr*y@V5zB?*TInKt_Qpv-J8g0;
zQ?wm+)@kiHB2}JQ71kCxfeL{!KYGXHmK&<6he#rHue|KD1zM-rq6FUyUu8y(bF-(r
z+9E74NegNYzVI`Yi$+bOjsQfJU8O#fPH^iRE&8NM;!E=VUH?o`6jxh#;(Wgg1``qm
zCUe3q7RLfQD#OPSVa=`&)B8dRG}7a$SKJtPoKWl@qU-_^jmitni`5lSQ^2#3l)DB3
z)r;?$?7{tn&>*##1t#r+GwnJQ9NMtZn@vYz6upxT$VkX_v&gt0O5s_&|9k6%+8nTL
zJhS(pTPI#iAegqtGma>J!gnP1?rn0vZJn1M353aK;Ay#TdtTn%xju_Xm)HzdjSOP0
za6?&a7mPC+=?x`Wf{LI>e!@dTp4wWJV1Lm94sV>LJ>C2kVZU)=pZrXPdIw-c|0bd+
zWXn}ZJe5K`s)w}1k0-ys!Vv90Ecth6L`k<s8cuRpCv=p>Sl;n-XpihV69HCtT2P26
zmx80=#1ndzxeOXHq12P9dX8=F6BP$Z)D6g5wzlUtyVYwBvAetJF&B1^C&S056%8lJ
zivrkfo5L`WiK|Zvz{RiGru(*|>$-#a$Gcxls~U8Yya<Tm?SizuQ8Ldw$e)seZD{vj
zVx=&n>O_A<cC<Trs%zA_1lzm*j|C4fk+g1dWj^*as^S!qgKUsbuj3s5ZVvm7B{|X0
z5#{*Xg~!K6$*k^r-l8Z-*fK^;hLnu|l5vg%e7#k7oCw3%4EE6TEoqWxk998BndCxT
zvp)vXm-duq)0!mjeOPs4*?&Nj4VKYGD0pspGv8@hMDkLG66R7B8mI_}ac9eB$ukmK
zOmM_07|4oDi776;kD02ZD`Fs-mIht(cZ!jZJskq|s+iF4qMg06xftM)j%S34Ccd@5
zWjQAUO@#xQmD>_HRWxExaBw7)K0tz-9Bd}ofTK5LsA6g8(7k6lbV;ld-4h!|S<{y$
zg9tE^!qYKb2~2;ZAFBmdcv*yg-jKQYa8eDTx`o2o<X_cP;*#Ex%TiG&iBz#fSy93|
zph00K{J)L>%4%YGN!<Ys)C7={$U<Ym6`teM$qU@>4N{K7Z4WzK>-2><&|qFSV92ps
z8nFnP!2XIpOK-@TQ^8W4OtGme9jPu>Q6b_Qtz>A8xFE<#z9@gizO{Vnuu==I`XWwB
zAY?hNy<M8<t0Li2@-lM~m$>-s;^?SPlI0sa056@_Us~JY8uu#BhTIEO8S8PSg)9eE
zp~#!<uP({eY0Fv4*4`P<Cl>0ccup@Sys~^;>l#;ge499E7C+gR0H^bLx__a`J;Ap)
zRpxMxH;n=z(ZJRztR<#g^8ExwJK7ZT=O?z^*Vp*^nyn?+ST9l0TaUREwEy(=4$3CW
zJlnxY??-m6iYU$z@t&%vON!S`us-Igc4*j`oB!d7jgm<(*sfbdUvsry@bykAK5=>Z
zS9N75T-g-p)83}V!``On&{)V^82>_(G=*`Nwi;IUGlBD0>?n%^&MynF9L5i{WyV)}
z=Np;S@W-WT9Dt%`Xd07A#)6cVFuGErFlok&!NJ)|&wIP+ZwYL!E9xX9Y^w=G2j&cO
zzRW&vE7W+YF50p<GV{)V+Y%{ck)39?!<h`3b^`Z2>oYF9A^IrmTdWdF_8mMA9L@>C
z`tz$`OWLVFh$U6cr!D`a;^Nm>9Q~yTC_#@@TXb^!37f)h2KuK+JIxs>AHplp&;EL&
zZ$T7O7<e#FAa4}eCy`-2Cye3D0Xoz!nHrum-i9bnmPC_h=6=9R^CMz3vbIMSd3@|_
zWq?$|dq+g~vH0060J*#NPVEH?AHA=tzz<FQMFk`$-^Qw?MgwB(DC-D^L795ljGj}|
z{Ds*(_o}*&bbpCRX8C26KG|cjjiwc?%5G%@C`tcVv6IP;(8?>>PnI`43O-U4TYtgB
zP8qzL-$PTYwDH0$NMVY*KnGFCc_o$@S~F&##TRJ4HmQe%5LHH@(6)j#gT8)&9q@ZN
zx*%#Cs)}WH*Hze}##%j9)jB){*q{1M<>?petj(jM?u_`S?(G6LUTwD-1v78|1~4S*
z_NO|GotK+c0(3(dstL5bolDH5a?zz%FzaUY!CQ9X#X){N?bPK=e-CQ;KWcPpRzxz*
zavU37x5<CU1DJwctEy}O?%lOyaFePyUuAMTiIH*K2D$azVa1C8u7jD9aW|;)Zig&y
z4OqSB?BYyX6$LG0=XY7lZO!-ly&ONvWOFu4sAW8eU39AY(H$gi-$y-~-6cQiPZJ&u
ztLS)Km03S^3@m%?qO}Vw()_{U8ItlbZ1EBXA+TL)8dXW#B-YsYRVxfl=DcttyR18R
zh%&lB1B0yG{;%Ya&#D7j6_NJ8C4Z=r?>J2NWBJ0}h~L=KnE+UTr>avVQ{JMFUrLGu
z;MK*Sr+PliMu9n|jb9mLSsOXsG&DThqblC^2KL;#1CKQg%Y07@HJ+~D0HlcF$Jc!9
z(`9we9L^_gN2Nrc>(0;a91Mnghf!56@lL5ARP{9~=wBjfT)V!8cXw?kS*=x8+-HAm
zamq}xlo_8GwIQ)(C6&XFA|p13s@Ir{|1H>RT^LDAT6WaMyPlR%3gr;%$7oI?m^_ZL
zdnA$CGFc8MJz&al%I%Cf=6jr-s9j8vnnxG>r-?n*(-ctm%SVDndYJ5ezuDlZ_)d=c
zj-bimAh-8pv5;`uO=)y#=Tx^M=K`8uj&(cjdi?cQtJubuTFM+0trMj30c?c4N|Bv7
zr4E_qXCu6e!nbsTgSj#TGA%pCc*Rry`8>e1gFQ|j1imRyE|0TVtax-ssppub+)|bC
z#iEWQ5k}H!b%!@%69+}rDMi%3V008^nSaAM?(2svQ$htUJ4x=7O%I2gv*Vq+v&JZn
zru!X_8*=`E!~4`PduPzwF-tS@t`s%b3dc3+6HA`0t!+(@V@v#vYTy<c5QIivvOr}?
z?MndyOH$VgRDhscAFnlkq}gZFH{b1q>^D+~qziXo|D5Pl^?IiEf7QB3!#+{_N3G_X
zAhl9})zoTmd(J$QCvv!tb1NB4KB6u_W3XshOG`!0bj*r5t>3sdZ%)nH7D(LR=C?g~
ztj#i-F95#!G;DW;&utuRi6bFqBdwX@>`(Z8(z_g=N2o`~zi3<1a{OudP^(&l8a{b0
zTe)|A{*DsNnW32^uJjHQ&N-znOEBF_pe#A}KbJYoMNzSp+b?3Tuv(907vdb{rSK*F
z{(m;9Brg+LA4}9^J_A#I2eU={iq~u=zdq(M*W-Wk%$Q7+J%>?<yNhseW_`;7c~-NF
zI-J#%cZJx)YTTsOeK>wjn%q3$XedRnh4Z80Lcz>kblPGia2{S<Duj--*Z*^UDhJ#2
z_i>81p<iq3A<TK%i?}jw%=1k4o{aG?;`Mrb!5E8H>m+J120DS?`S6<H8xK(78EJ$>
zv~<hm@*{Tz-g=6&zd>cKN|TXvl9M_ICDL0}s(+PBX!;Dx%E(VMptZ<bFVBR>6ntAS
zH4P~q^IS8M|5>2*G0@qjwc-AB9qV>~=WIA)IIFp#p|rKJ)%`+pvJdI8Lop_oGJI8q
z=LRrS^r@)<8>R4auAQFwlavt@mq?e_vY(k+)Of}@E^u`kDLW(Z;G({xE9q(VwqEJ@
zpOZ<=24)t~VW5*qc8r^;vABy)ST~08{ULnG$W^!`Rf!NMO`SnD55pv#Q~QT)R{SeV
z9`haz_l|9}MpyB&M9xUST}Wx5LlN|C#yASuEz?8cJ?59@wkNt+S@q>54|`$iR*j_v
zt|Hz*WR7{|pg&CvrE+ABjt@&+WL?wxiy6aIj7=`~^pX?KxCHJfjcSl^c7G#Rc?d<9
zG&}0XZ=5PA!`geK-#^H#jIc|7F7cnmLVuqS3w&SNU-n1D;Da!!r^hQYfv^U=jBJY1
zUNC1gugX_M5^v-_Rb`ZzD>utu9bJLE5=Rj!O)s`8=y*i6S8G|E_TN%A)tirVW1kn}
zJH)$T8PqOFLulfpo%kl=xYynrHF-c%y42)KmU_nSpU?<H6_F<<6pUt(2j~sxR&qMC
zpL0`N#5=TLR3srGEvy<&t(+%fq|JE21i9(bTep+ls8mSRPX7sQ`e?=7(&d;OXJ&Sy
zEqMD|3|a=~AzMx>-&!pdRo;cLI@iR!w)h_%1m|>1vrqii0c`)#g$!bam>04O$t~x;
znB|ZMz@Xy*DG@iN*B!X)tL_B8^e7m}X=;PjSRQrg*Kf6}dVy;z0DkmEW0>~E1M~DI
z&AztKMvK^Sl3I%;x8NdcmZ>U5am{%egK0)Rf-c{|_?tPTY9!4Xk_{Judcr(91x}!z
zusP2v6BAe^c%DekR5jQ{&HG#+PG3eXsWE^22~}%ibuzm*Rf{diIN$=E;qoz~s^!~x
z@-Aw9td+zvegH-T*eJKxk6NXzKQLt~?vpMj<v63V?_Jsu`{|r1^BAS9Rq-=LwV`{>
z4~o|QFAQuGa{8p%<+nf#ce6ZJVyT?*Cdf$01FPesIgs4a&&`$*l{c}twLwQ&!wb*7
zPpGR8+RP}eQ&A=D(5KeiMctXH@f?Ok5@RJ?_u}E-Kz_AGqidA@lDWvnXtqL7ACtK7
zu*FQqV$(!`Odsn!C9JkY@c_EwFEj+H;`Tt$a0E?n3H_uTV)di-A@L35iETANs;#pZ
zEIBc2RzB3anJL&GIWGMCLH3J(gj^IqHcOwJh%t(Zp__GU`?<!m2g3SStL;BB`~n}e
zdAGFz7xD0U2+vZCJ`;38oa1xN6zBd0lo^qz+42|f?YjT`A^oq;sMWW4{Wc&9ch)U2
zZ#5S$5D%fB1Rn-?4;C1WnRXd)&5s}@c8druvamI+MA*hy@KEnM(g?Dm7&N+-Rh!mY
zUfNl7a;r8U0`?@K)g>-}C^VVgS!sY~=oZRJI9JHKeb`5|mDsy@W`*P|YSHmj_88qW
zhX0tHgNOwEnRR2N%kPaKWUiFZ*!?#RC!o2?{fH4`6?)%;ZkuDC%s3|G@QbYN*$Ezw
zbFIRI+pb%KB9ljCG%xkSS8#H8kziw_rc1AQ5hQc>-wX0_wKi0CH8nzgJu3|85e=bN
z$XzbxuZ`*+Vzo0t?@4810$#C>oV8(tr9@lP#=NZQ4ld-omG_7vi9(2sK}t#hgSkv)
zA&-}ggT#P@NVYUhWDuQ=pDoe*y#MvL4s;oojlcb^HTG^XdS7W1mBWm|E{fl4L8-Co
zGMuJlc-7<wv!{vt)YN7qkEfx^_Ru|Qd7g`bR-4u%w}Qh^Q(lVuVMmsMY9vlVHz&lY
zp_*j%lpz?~bD#rLxPZYnLcX}<s!f(ev8JT<PdiKL?=exHT*=DPH%4`Oham@bN+QLM
z{aw;Zsv7^IK_Q)$RbyoBZ|RgurlvssXHSvHeN$6tAkQjgq@*I7!H(P7Ka^E3{XGI+
zYGT4?a*8=GIS>8n;4?`;FtsTXf8_KyN=;T~WVCWc+cQh6yJ(*YQN{BURzk7{^H1+l
zf|^v?EsnH^ZZf8n=reDNlF~TtTXBncAKKF#Re~eHRmjCo!|6|NSG((A4ZX-$A%a^~
zWu9D%n!mH@`jt`QY?s8X<8EZ0D#5=F3KqSSEzlUrJqHq;u~ZTAzD?8Wji^A@AmrTR
zm*pk2#>qu$3p`U6B8Q)$6kk2&)Nb}<Po9Dwcz;><V-w>>w?|imFLSnXeZCNxGsewI
ztl}6Ayd2l&s3F=e0iF0iS;2I-i094ckxn>zl3Q_XvwJG^U1p;*Lv*$D<X%vo_}%pZ
zzI_cZ&sGy+;64{iavGPNXrVJSXVYb2RKRK4e<PXn*N2QnQkcnbM6uoXw6Nq527EE+
zASj7pxo=ytx#DI#e>OVNa>4HpdpF)jT5JcqJeNyLG&IY6t$isqI;TDwn$6&DY=`v~
z@?x4^R;i#g+q~)VkdgIPEDGpHPNdHH*}`ONo2!*!$fBe3+V{)@1%tFVW<VwG@XK!F
z8^r4C%^0aSm}?1gp+%DM8oB`xiUTl<x~L4nF66@T{=VmD{ywy`wQKb^H%GVw@TIZW
zF7Zo4UoGd=&1~;1%qlz3HEB~jY9<o1l+~xiGfR<!MWmg)&r62|(IkP)T)z1<(3juM
zAd+j#%}n0mFy%~1n7~a-H1%Bh79`e897i8Ab+@jGS$G`6e%0K|5>YL#sTCb2L;vLk
z33Z&-tlxqmEL^ON4^QLgFICm+hRvSaItoov|7~$o`s`JP5nMyZepyaG)CXG<XDBRt
zlkgALa(h9I8x(#&NJRk(YKQDoZZKpYxCX&VD0VBo$q{pw_hQsrBbYQ>pTiEJKd{0z
zEK{mf_RE>iAnX@rt&fpYFe8)f;MpuYds3$wfnn)tNJ~H^1()ud5TQEaYh|~FS6F-e
zI$dAH(7;6Sk5)$=Oe>l&GnBD)Bb%uLkDFII8#LtP(>2$h0i=NizfYx^tFK%wL`CX(
zmo~4i-uD;{{&<l%Ak@~?1u8z!B>db~t|GXRh2D?H`=%1jMa8A!x)v2jlMpe9z1$2g
z`LlAgcc_G`OYJAudJ9bf!xS~bWBvwBxR6SpgwmKhs<$JTjpm<lrQ+Be@gORKe%%Q%
zT%}H`IDb%714^b_vD>+(eQf)3@SDIRB&l+&_>0l!4x9-=?-6j}|9QAmPda*a0Oz_i
zn_AgZkooNPRL$MYCOXjqn}^{+uwl^RM$&tsQm|~N-jbH2PUZ5=;K~)SE_AqIXyIyU
zZN?8bG3Uou84YB8rD2QG*xR%XrZI?_;XA1#8I4f829RFDGkh4;6yCE+h*3fte^c7=
zCi=S|dA~yp24|-edJgEIg<Plb-amMh=b&epz+q(khDS-F@ZNE>P=A>nn?VSh@0^fO
zi5D%-xv4Njmb=6D0;3TZNiLBE1r(ZIpDCIQz2g{~EKyRNwgD3Ju!B3NGQ1ux0E>SU
zID2sr{9yHbc~|YWB=B=I591Ls`dRLE21QSE8j>u0)R7A~R)IUOBNDG#tr$VdlX{Zn
z?@!>O5oGa&51i0r#MLRNXp>(%J%LAlAC^n$6_4FAQvzSUVyPD+V6)Pl#AN?j{1!qs
zhV;rZgVbrZKDVfDvww)x>82l8UUuT*4n53CflMytZ5f?lh{;JirLz)5UOhEXEtyv9
zkNNWLji4FtHvYiXe8~A~0@hQUmTFg_*u|L5W``x27-P_hhXkL<b0$<h=E^4I*{fC~
zi}gQ<|6)tu%rx&cDhEe2qm=Ni{DWW|+ZztyulD$;ib_h->94f7ftb%Ehw!ET(9(Ew
z)&9~vMdHw{ng#x&ScU%1VeTBl*!^7MuU={OKGxs%?^?V@I|W}1kYSe(Q7YqI`+jo~
zAt9En64P?~qwX03adPjYsOW<%{%hJPQ61*8{a*1rc><^<Cip05R`R^(S&i)-M;-H0
z{o<kR+wJb7xoiPq1R$ALo4Bsev(<8#m-DfPsrwVfQAD5t)^;uQVEgm3>*emn?e=B*
z%}oRX7yt9MxMT5?m6MA;&;)Q#l|>Biw{r8=-OFC$iEN!bK9`}my1Fi@c;ts_hX=NK
zwA2l)N1SiaaTX-gb?d-*lojG;6^4KC8zdGIM$XIs`Fh)S9+<JSGU3~`edIS?XwRj$
zTu_sSlA*b}zx{A^Uuu`PzBR<{Icqn&PTrlxv!efTx%%kh@&I)_=evMB+Za|$TJ+_c
zk|C|H#9?|Y-w0;cz}+LDkG(AhG3P)4hnv*Ybin`FQ-fvy^rdlCpoN!x`9KG<3eEiK
zvvv6B7D{BHIUqv`<NB(-L+QC8>!8iDlYOKJ6Oy?f#ba4gQNAv)5LCiVQIwOLd-v16
z{($HomeyhlpTA@j0<-nnIPZ41h;<#(Q;I|+RHKyg^zs8lL{Oi1f6CG_Z}JE;0G?F+
zqi`^d55MvRBCbVaw~Ja6(y;wHluih5MuC?1L-8eU(0OffZwJ9q*dFDQEbG@Mx=KU7
zt<~qQ%Si8mGZ!NF^Q_0yi7ghx7Ddf%<AEgkA5>$-6yAU&ah|RBtY@k^SU${LAs0L~
zxV4w}!MrADQ{taQc^%pxQjF+Mr8pL@8XTXR69-FAIw9y&imU>f|NJa2-j0O8Z!fpO
zZRFjHYT$)F?2<K3^l7cpDI)I}jB0SE<d3reeR9Pc0M;#6w~|dF6WuKGu4P@Thx&ss
zHdg)+87`zKMu7tHnAhRVKR^CTxIhC0Wew*r9xIA>Ri4WRs0t8>)OBkI&g=~t*m3gD
zKxF~WY&hH=!5u;4eHdx$a9^)0HYAOw6kncnpF(u=#3Ahz((JEF#yFh{dDqet@!c-_
z=gE_Y?LxIzie3RxT$*oB&SqS`Z&VtcuU*bg7zzp3OYsK|ZaIi1@|yXSi{mw(hcqGd
z<#*=?k>WZDyJE!YDN#mhnR9}!0SOBHf5iDDM;$$iMH3B@6am8|Ztz}fNp|@5ad7b9
z{?Wjp(E&^NJe4!ZZ}NFTt-X{XqsJ!^Yu3_(MJK?!*)2xIP;UnZ%N)KlBku#Fbq29%
z8%jS1zEVq|x0vqFCaV@Nas3~!LOcAg2~U!sL+Le4L0wsTDF+1&TYA6~adu-jT>ar~
z2RTinc7wEN)>|d7f#Q%)+A6{+*^W5KbF?xJ^_c$yz5N*Vhc6lGUuNqkzgZhgx4NT3
z{K$o-Dv3W%6)3>fSY*@cM52uD)vAM??o4v`VfE#BWxICg6d`&H#yL1s_Ge+VdrK}k
z)OYa#&aw4%^fL0Anco@o{g{L0BI8jcHs2N<vVCXxQR<cUgW~v~>-Wlvso#Z*t#9f{
zh2mtDTwad;761MXrq9r89)s~;d|at@TMzSOB96z`TBfK@l5c!1=J~Wqk=|(3#{Kr%
z2|FLKHILJNY#%pdE%D`MxS(Vs05swR&J(P!W5qQyXo`}{M_@>Dv<^uE2bce$h**l+
z8Dtyh-?r&Aj%#V6)MFS9z@6|<aKfkN6cWph{AlG)MUGwnp60|V4>_&ldV!h|$$$qh
z6^i9Bq?cBkthl@^mM*aX{j*Wr5Td-TcXO}BhFn#-r8h6|+vyEMQr8D)Cs-11=V#<0
zF?0y8GH_%NEA48@wB=Ka#oB4I%i*Bv>Os$r`Q{>6E_CLmP8)i~$P1-2Dhi$8I^&8B
z7w0(3Zlr_BXOb#{!}9F@Ksvdi$jl@5{gk+02(vN%+WIxCEmvc&@3mK=(cm~JI{2G0
z47Fn%b^?aJIHKL$rF-w<&BD$rOOX+yz#|KXKTWW4!EAoNw>@HlP$~X<*X$os8H&YN
za7x7>6TD^}5eH}5OzRS$z?9&TuW0y^^+bz1g@@jbljIRlkRz5Uz-CZC&4HkT`OSFY
zfvAdq@}x09oY2M}FFM3%5Ht}RBn9yHZLl|e0=X2X)P(e=1Lmd3w3&oZx(_&-hr9a6
zi4aH2P9KpGCokIjyJD}RAODQPBwm2Xh*^mE+bGe-%7IOkXJsMcWOTUnC7#bNRQ;R1
z0gBJiInl87jZ2&UXI@1{MT38yTeAc91XA-*i_^S?Ruh;KUU32sJ49aRlt3oY^RrE4
zuScBVH9L~%0bPUemtTRYNR&8Nd@8B4STeJHSGBWfg8FbVb3Rf#6&|DzVD7`aamVB@
z7L0cp8QE!UivFsPfsKJWUao9Zuu^a86Vv9^ZZn;xSCFz(x5W2zvE+}0tRH_=TBpnc
z78u?mmP32=5NmHriEdml32mz_A30x8;ZIiI)$AoX1ScBos`XA-xr+iJo(7jM_EJZ9
zE{4jy5Sar(Jh_XZ^;0{=&c8)sn;nyY6`r|9gqVIkeE{+xW=bB`g*rqxc~u0!(sVc4
zX|KETXYBKQ$JWc~N?_wire<wDFiZs#+8PqykhyFnhC=o-{v6ai^MSx%wr&52!>y|e
zP-PmXU;(Ct$p=et<@h)0{OPfR0z@*qGBgL<k-TLR6a9j6loNw>F=do)95Q*+1g>s+
zST2@NtFw<4yN>f$8nE^GOPk8>--jxNw?U4wlMTygt?>dJDCJ?qciOc}j3h6?iy5Q+
zFhwB3_D~?9h@rNyC73uvjeObewEOSrsIsO~vBF6;fS3lOjE3jpBdX0A$vhMqlfhg~
z4aBOSg`SJ%UO18MIB|SZExJbG8LzoU!d1BIj3~f^34LP@x|=dqW9dZ1T;R%D-*|f%
z0-AFQmO(cOHGG8JMh(*jK$h6euZ7L^VDN!F22-p4r%0%(ylI`A-O-{pqBQDH@2(CV
zq|=JZT29e#KL8&F9ygyJYM#No1Z;0>d*Rl-1qS16{&=_tZ`x+K`pza>MVDSD%-61J
zS=GgEklxtaep~qkq^R-YQQHMA@IZkVZSy}=pNbZoGT={FJpFPQjIw@Kn?LIndXw5Q
zY>JU}agRa1cS~o^%NjMvCYS@kfQ#nwt8Z3|cN-mJ(<$z8F~A~;&$_m^uEkQC^#wnV
zwd+Yc;H72^`0s}Gl+bYZYlA)thA_#P$A~hEh%e+i-hNmG)VwB@+usfU)9`Ao{G=u)
ztlVSUPYq1w`_X|XtNWnjDmw4InYS0M-ygE8>hi|*x7V9Emi0F>xIE`oh7Xzqf1Uk2
zkUT;O=_A}1CwJeK&hoxJvBI(~sO%lSY>zaOjQz9r!rOBOAT<j$IVECwU@cb^VF2@k
zYT<eb2gR|#pd^-j@yO`%&<X<4HF=}4YHw+cx$3GUczijDSUAyl`2ykfgFefR(N9$s
zn}I6JSAjc&xw~_lYzXIIu%2xK&+9dc>_*&D;_Ed%b%*yh0{QNo9#XcHX7ZaW(I4ng
zHBHIwz7?PZPh_ZSc}p!dds}!fBLTx%nDwf)nAk7zLI1TToMwAXyMGoY=MTBKYH~qg
zv@LY9N~l=D$jomHq#Mmvo#f@L!f^GN*#Ec~S&aHxr(Edmsb|yOH4A4woHbv22Ok0t
zO?{zXn}>_bkMHXm2iwU8Wp_(jF;j5>t)S17nrGZ2v$L-o5TICq`N2Scu&3s9Y~fgc
zx?N`At@BN?U^oig6_K)EURHZy6X~Na3i5KW)!y-Wz%Zs!ye4I4)u{H`@RH=XAwE6d
zfmbel*6@kk(TrA%TiYJi+rh+lIX-ZZ6CLI5&*4_>S1NRw+QJbNN7zFdk;_h=HmVOj
zj{%u3+NX{#0IHb*?sUwn;<6ax=6KN=2UD06ZtS9y5YLgXqj+@c<@EkdwPy_n&0E1y
zbTicf^v7s!V`y{jceBOrtj^>0fgBpOruZ+)b7SotkM}zs5v>GP1b`^qwBc24LL~W)
zsslNc)IPYVAeUz#9kHyp@Ybd`ApE@w$fADFfT-&@yYoT5`iXW^;{fZ_SXo5l<Xcg$
zaQUeo=>>8p<(USpxhk)s{~>it1@bl8oFU<SOZ)U}D}1?n&UyU8H>g>_oIu-?l~<9@
z_2|`l8D$@VnS~P~va<M%puhFh*b40T<zGa&ck;kb9?s_Y5<KNqqJD)7VD`tE%5?W4
zDy;o{ne=(8dL+u(F}l!6@b|uIQaS=YM*WSoO_uQXVB~UUo~f@or%zQ7jjW%u_(sd+
z@r%FB)b*l$#t$euST4&$LS)oX`opa3=IpB5*JbZ7c4sRCSD(H%oUA#SQtS81)zj&4
zsLcsD#jy#?k=?aUzX76a1%*|y@?luzRm2Gmg>`>l^N(yHh(_yD4W2xC5QKA!CPdv|
zCWa%(ruKR~Oo~7@fAzzm=sI-NbD0s0NjRU2u+mxz%dTxK1HIEu(sahNPyaD{&5a3M
zwD{rpm^I=fe5!d3;i(9mKV9zlkcMMId=~T(F91ta|IK{Bus8#<YbHEeU53<Vd@P!N
ztz_t<AEWtM^}gq?onGjgE{XyBT7ztp%qijATByxS*}cz2(_I@r#q#g9N|ObGQpn6o
z8&Dh67^t;`?lj3))E+BXMXj3G3iD2HU!|sH5*c#Ig2{qN=LN4nzDo)amCHPa_g1n-
z8%U@z!@~;dQVXz^Ayw?s`x+H6Wv9SyCsq7F%Ulk*r}wue<HfJ&wIZi~40g$3`0kff
zFXH8~_}Carv|Lkd9}#P-65A{byLhQy$+voJtbtI~ZIZ!A^kyl_41?EhpNSD2b-=g7
z*7zwNKE!w}??IR5spa2X&<JY+L7&XSJi;go$dY=6K9enEI=*oM)vR#gXghNSB%%>Y
zQ#1ovY&w~;h%sW`%o>G>MZeZ6v70~*F%&kXZ$g34Scl!>{x5OV6o%F0k{IJ#I|wL-
zO5dMbA22}mk32)OOY5sdT#u~r6zPC$$r+RI#|#X~{D_{Tf-(iX*2EvU57e=fSHan+
z{^o)YzS6%SHn06<%`Z6n^MJ#t{Y=G*{s_7)n{^l_vi1Sz`J&`B;*ZWv5gXrgFUP?A
zJFJsH&-IWyU^#fhF*zB6kTg5~sr){p49_gQ=q3W7(2*?~u6oy~^SJ&fd&0Q0IeZAm
zqMaS$>&L^}ibM<~&53pV^0Ml>{J5*v4Mx7d%vi~cwvC4UbJMG!ZiW5~IyOjjsFg0Q
z3U@cR`d!q=kif?VH4n=|h?ahx)spbMveD^Zm_$h18QjfZYL2735`<(zZ@D=zPr~Qw
zcO6)#JNzy$$3BJKw6Dc`?w8&{V-Yv>Lr0}j@I4YsLSYdD4dMwq4DtA)?pC(t#{9z<
z1&g!D*~p3nX`}bMvyZp5xOWdz_h?*B_k^NPwQBBneTOyO{G}@d)K0u|ni(mbu$^*R
zq#x3WBnnwz3ca3~A@qs9sX`|IR~JLM?~*v$B<^wP;^#0_yp`%DymzS~#`$uIa0^%I
zGRF;6bIW&LH|BK6&2eG{!f6-Bh<-6qb;;~U31^QwxDE`k)XY$)gX&N!^&c3>xU-iP
z8;#DkU*v~O%UyncwpiZadFRnP)6bF+!(+~CSAgD+H*3D1{{7aY0G^|8W-Ka{7vG41
zZ)3d1(m&-?j2XQFwk*%=CY{)76k3B9bN4GSalQ7N2bVrO;`0@}*R_pK2azkX*m1uF
zh$4(Vb|oUD>>aJMTt)c4Cf$odL{buxOZp-nr+ECjH+f1SA;ewzg(2nns0YThv|4KL
zmRE(uk;wm_Q#R8mHy8RIZ?7xa^bvzR$8wR|C+L=i_PI~uaXj5>+!CoE*yM|q<TwPI
zt2Y`_yK_yzCAcx!2J)AM9}MUR7*x9X@HoSQAKcguFaJa(9~amtElsgP6y-R(CZG((
zQgSBY(AB>7rQ84TekX@%*oh=Oi?IQD2Lkt+fvCy(_UUTsyMp5f9qlv}u8b(fw$|3m
zW1&YJH?HHhZw?m|Y@!D~N5C=omIv<JLDJCIY8bC^U>8aE7Vgo5kPkQ~h(ql_dmd6$
zjpVx9m7T%P`St$P(SB%=hcwwTz2RHxMu17@pR8zt>$OYyV%FZ@$6Rmka><KdSx?;k
z{ux=g3v4P6hfeYHZc}%yLc;aEqGhYcI~=V2z4!BJI5PS}6EeDh{I^G+(QjDT&?M<N
zJUVgfAEez_c=sc==g&Fy0;nb}j_Ddyp4afVTJD-1nk%*`47FlzV1Iiu(3qdC7LbQn
z#BZMErr9K>LsbmWQ@NaG)-5m)meUrYaEgKKr{SsfZdRH5OJyu2F)SU*arw%B2KcFf
zJVXUB?7I&OSxsnvx-&DrEpvmrL%{{jfQe(Q$w<hM1}mR+9D>GQPrAO98V=VG>sgGn
zs_E=csDH;^!Om4hOPP7(;!}4QvIX4-eeJr<8%6Z>+<W~cyKD9NqH9*UUgV2}Pi`fq
z^7dUw)OTS{Qx-)L@{dMIdh%}t72=hLNde|^3>`s!rvJ|>*DP|^ihNNHyvsN&<+oS~
zcv{^wdzMx4ygZUOcfQeL)Emb^X^u_BH+OXDCWv!c<m=s(N6G3tQLI`eeEs=)k-d<G
zU6?6D23d5h`>UMPu(<y=mKzIns7aPV%>D9N5E#}r*^igXSg1WdAGM$c;K7gIxcyF{
z;(f$${7&R#Ls~McYsTTx@qFeeBSz-)p`A{J<&lTqwbR9yl{y`{WyO26N3z23dseM4
zi|l02R40K50tA}-Nq1f4maHFjlznXTo|OI6!VYRP!7Ma$DQcroyV{i>UN=nqS1C_#
z@JXMw&q*bd`Z4MXq?o0Phi**vCo8FM<?Yyhow5w{u$#O@qHB-Y7Cj3cW~KMqt|`jY
zH5{|6CuM>#E8@RdAj_$zvcgFFT~Y8^p*JhS3gNJ>qJ=zHMTi#0B$a^iuZE%!r-T#q
zLC0|Nkwd9V5D5W8q$#5F!=8h6B96fL|MmI3^wW3XSe>xQ!O!dyN5tp>D-6MbXKu%M
zazAZbo%vDDWLm2h@QW(i*+Us^4DMuv4kes`VqYusw53U?@gTH7#6OE)(ZEs(4}R<!
z$~vX$2Yw&yRl_JDQymp8`ipp-DU`HRSuSCac2<;B3xWi$yyNeGeiW*fKfUU&xNANk
z2PB%FJILC_{XATWEZ^@EC*_Lc)^d$}(u{}cv`Wq*g$0iRP3GJ{?WG2r=^`FSXaBF7
zO|bXD-xOC{n$0PU31*Ks*8q}x*UsFmq}NAT4;3=hn#v6`^i7uhDZ`r*4A}=wta4dl
z*|x{PSXVxw+lDb{>DS8&LjfnvfSCScw=qjmIuOHraFm#=aZP7zBnvoEI>+sm3`4^R
z)_%dNs4(f^xnY)1_MaXWE|?PA?qIxbCbV0v@A?s^IE;2%!^M4)d}khv`oPcAj4D3I
zQ<FbVx#Q{3dolLhaOc`WaFWRP<-*%!Y~ENk5(&fWM0wgf^C#$4IGH~k0G>iy18S?g
z+~yk5>pPR22HuF#m7nLGM*Af%<vbE!f5e?bfdXuep}CDZ$7qUpJPKEZUNCb!d=mUk
z%xyKb@8mXLOWBBRz}=ZYzqv5}m&-lGbtWT}?F=`HB<$1~pBwYNjok8nFWO;c<d@fq
zt|I*%76*(NK*wTHLklK8*8geO!qS}H^F&&S)HwB?L$DF{R}P7eTRsK>&t5vwG4rZr
zG)glSdQfz;?4rmr_>R`|;mv9gx{LF}eV`4I^0Slh^YfdPUNEl}xW+u}Wi1+!1WhFA
zU9%bg!%^q=d&J@;qbhL#=rFiy;c=t;rKCbB|B);@kXJZ5d^YheyumP_I{b1Ek;BTF
znQ3)ychj~h!RWT<B~^D&+U9mUi`sbulT&@hyoo-wf3>}B%X^`;U^+w%$7UyK6+Y5Y
zKe9=jFLAI}SxWXc7X_E*2bHj()~?k}na>=n9LZ2U)PEg@ep^S_P44C-yPvpvNkCR|
zfBkg>Ji=KZq_0gBUSVlH9!>Y%QQdMNh;XKJx=mhj?XMixMT2{ieD|$dY6VYHZG)p3
zIBSFBKQ1W?oHZ9C+U5DRZ1dJ)_Ue!}LMgssN6m&%xmiV;((&fB@dR$__Wr`bVJW@e
ztR{Eu?o(v%j!a}o<rLb1;yn3?Fz|ZI2_jdgb{VB}Ni~9T?gt9PU>NAN&X~Ck;is5O
zs$a>-TLRszM}VK3(jU{>X124X^xsSx2to6)XPmfC1&|aLRtj<!>VM2+7gkz;!Qal#
z9vwf<*L9=&+fN9{lHaRXpT1O`eKUzaE#+2x$f*T>IZ~+tKPKh^h?EF<l4!n)wfO<w
zz2eXP!BH*9F<fbafj)~tD2ar<s{(9jc;0axe+73Uc~hXC^Cngmv^|T)@9KOXX|P85
zHNnH0rHEwSSENt(U}+MiP(}sDSa6&QjY97?i%QJD=rkrb3GVijYsPiLz7&0zm*}aA
zRg4J0W@poX32Xp2&nO<U&!hHkce8ECm+@G4I?O0{qn<REZ5MARQ|X@4r1u0ikhE8@
zbEg9s)U70wsx4_iUAZ7z!M!g<)$d6V2bv4cxx<fY)Jdd@AphF<v<J3?y*Www5M*PH
zH1Q%Q0_XAQ!e9J*!q5-NNJ44D*<$u(?`xKTQk<VLraYcQ!$JNgNl4blYhMe~s?w!s
zvR`4x4*W#8G#ah<RPuIJK!zKDsuVQ5D*6e(XmC*tc%bHevd=hn_Ylx7w%dLq>VQDK
zs~h6Cy3wzRBIp0Mj$`)%Dy27ji&CoR>emBr%6g@tCa4>&mvjhUM!d<5%l`@ML*vst
zKuOU-{j@Wnzwn4SG>Sm*pedh2Vjc22M=gm&b3#cs5iK;t$MgS~`U;>b+vjcR?(XjH
zkdW>!4~^2@4UcpQNOyN5-AYJzNP~0=(hc8v_5106h8boKXNKpwckjJ+uPsd{{e%YS
z>m6f%)_-DMSG#T9n0wR*i}i6_(ZBkr#YDxb;qyeT@<FnB8-+p4Lq7GiHT)hZIs;NQ
zpCb@vsm)uE-h+Sebs3YSHoPOqX{rtqNGnzF#A@we;3L-cfxH<_JIqMKA76~tD4WgK
z98}=#9TgZvcA2<&kXily`m+pt&At>w%v(D75TuPI2QLo^FM@XtTumM*j(+c6YW2f~
zVLw=Hk*e-vKrt&2fs;C5HRkxRwGX^o!!xf6L;dc(VD5x#4l|rlDb<32K<T6k<k3<v
z7<lxHVI;Z7qSgPOFk7grM;EQeys8~+zRoP_zWcEjT--Z6L&!e3C&NWGi2e}TxR;42
zC2SRj*Ygfp@pe4oIlK(+VvHZ+N9mG}gWJA;dc>7bPL`1toqPjap?FbGXzAc`8HV&k
z4(n1r9NwWBI0fSY@pg^AJLEESn$x4q=f<aV@=jKl0-s-L*~c1IV)3r;JX=c?6ck~=
zhU+9e8S``$7zCG{wxknPt}%F$(+D3OBT_BSYT}hAn@Fw)@D&(YvdtWB!~*^m!Ezea
zW?gGK@D;S4KdNOsKUZ2q{$|Bc*ob9b6y&5sYhxt#CjlpNkYT?YaX$YjWUv!a9%mU>
zA}vKkB(9E@jU6WgY?Cx`Z48v<AI@EpI5I}UvoR*fCfEvNK#>G4R?bpD9T$5W@*_b8
z)X^ABVJXG>%?^&rQPn28*a}Bd*XT~!qkr1{SXNxQmgq4P;bd@aaNq#R#j8p)8tkuN
zM-8xIHC|O0&x4}WypD-@CJ-jeRs)3czt}GO@xT=rR|QYzC85VdhY_Hv#Sd`w*hOGi
zZ6Zp!Wo+;(CNRRD=hkXN{?$lWX$D<{jX7O}YK&r&S;Z>oSULWBCQK-PCsr0tDq(Z_
zxsOZcS5rxZs(6*AD!6j80S*<wJ4yxnbK}m}cf(aqWaZJK{ST&i^>Xz)X9IjarW`KM
z!Ecutc0>Y-O}JnjOs-&KOHKotN6Ps={C46xI*Ys|2D+AkL*AsW<Jdi&^YCohtF)NX
zZ;>;<aB*!XmA1-s_$wG!`b$xQpr@`tA^U;(Vp0TfAc8$PM0nodTEG~5xc`fv*BAp)
zHs%6Rz|X(&Q?VO1XT-5McJ1;=g^cu9JLmznz!0x4++MwCQ4b;{fzFAc`JD$}MHtzd
zjQ~z=0%b|<2J_bEbN->N6{>*i<gZQGq(s;RY(I~xpT{OdyDn}FQh@S1MqvRC=g$`~
zftSs?9vsbp>iDaG6KPgh@L0GS^>K74y+oprq0kf5q{vLx^O^iewNE_Qs~L=vX3OqZ
zFiMF@uC435Z@5t^G(Y?=6;oK?Q&_4gsZ*iZBApt1LOSy~zkPt(_~Wnpr7Lm)Qp74-
z0$YN-VSWvB_)1LNr}^Nyt4B*HP4{+&$Tw_&^hr66fBX5hA``0fOz`}I7?yB4rCYZ;
zp=|*S($|~LGxHmFkk9%$F%$bCTQKZL($h#H`~tHpod2}Pik7`C=GkIkZL^1EzcPdQ
zv&SN|9Eg`5F_O?kAG(y9U&0_4V?z*mW^}DrD6kR#&0jWU5;XNLy!!h)z%iN~CCkE^
z!&5O3N`9bkq5;R}i^gn0h$>VhOvLo(Te74WWGNBhOBLIJ`S<39*Y8tPk5u<;$7C+?
zs1UnYo4+@{Csn+?@r1M|IJE@zi2lA~-#VD!UzqiLDA{hDQx2YYJa3nu%a#MYy^d2G
zR!?Tjth0xlfLE$0v}?do@!9qgJ!0t#k}8QYp$jav6g3lkd3||xU~Qipc+D#KJAczp
zrn%|j9kJE4YharcYRwgKLz<9^iX6nryEj*~0PA917GycjJbxgLFSIc!z(_)HUBFrP
zi4wEFBR#o!oKz+vMBf=oBAj*u4-v_nH$=4#p`Zr{I}q!rHtkXmnorfiya}=qV@_3r
zGhOoXE0Z2Fg>c1);7z^bFEsly8dh$ajEWG-9qtMFc!s!%LeyjIwpls3y|#!pyF8Re
z*`_`v&&+yH7YI^5s?#s4Lo_*j-Sqfed+-S_St7BWhJ;-isX*>=@~f~aS<uP?JR(J8
z>{%l~CiNoyCE{Dfw8eZ&VeG65PNT8B#H;|><W39hz5OGrln;thQ}wO&qC{k0BcqX2
z@>%yzGhK2<AnhC<Vn@QV>M-bPM^C45EL;v_meNM~5~@PTlN>zK*#VRU_Z#qto>tU%
zOd@c|DzDH58b~9#dzG}^6gnuS_(vrqfhqboVpG!|6|#=VwZ4>Zk0Ac?+El#i4W#)M
zjimZiic!(#*212OJwVXHl7m!XbE4M5SjwkQI;Rs^hjPr<WiKzbcvhvh@$Ed6)`2r+
z31mUjtL*c^n0v?JlC_9|0}2Nlu*q6t;3bD(M6xG`^^l}YT_<b3eF9MI%j=GCQr$W$
z^E;%x<aA0}<cBLGoRYD8$Y$YpZ~n=iytd~wwtDyGKiPlfx_c5yIjenk+|$tV*DwuP
z(uoa2ALd*;5Fpwz^!4BLIK)JEA;^S3g1)PGYk@H;bmPe(^vV*nEAU%CVaSo8&=oIZ
zh$Vs3!WiB7LL7PZX__aOkLMkBs<>tx)%#EM6t4m!*8ZhMUKOHu7F0y6fo&7Sq+))v
z52gY4H&I3DwRd_!!{?;*oY?DOo^czU${1FlA7jlL5PPrIWuJ{+*DyA5a0~~ORgt2t
zLzyNQH3j~*oS*JeikhU^8v!0?RlSkOJ~Mo7ddp>KlWEOxO$viw+AWn5nA#>QOB|@h
zO@aTjG^WOx;&##1#ZBOlBGieitg3p8_#E;Fr#17;;TYad)Vu1TaV;2az_aF?3v3M_
zTVYrx%U_6+#u<c1JX}dmhlFaYXi<t!4@tU3?ciKu&S54Gq}>#u1)qN%3owX#Gu?)C
zo&`-sAczY}Eq*e&L1X8e+Uh-9Kr~FwfdB11KJ|j@-idDEQp52D!o!uKXX?VaG=rUj
z9MN}6OQ+#?oG=nN!|Q1yem+CcQvQ4HTey&Ld;=v(*J$=J(NStjZ^ccr-h{ZXr}2O!
zV`Y2cJ?TC@9{(CPj7NE&IcAV*Od=#c%qVTIVRm{D@q>KV0iM%%i^k=|F&59|H$oKQ
zFSM@%t&&MkgW#@N73#s;{=izbkkO6sDs=;206)eqy-+C>3tQ7J!qRjyH?vEwbR@l*
z8j<N<dbu0Tod4f*eaHcN96wf@^Mel*)}M<Yrh4o0$L$tb*TcrxK(XOdK&H;Ra8Ab7
zh!bG_mY#Vzcleb@hcE9vQo!d%IArg`64!~mqpZtnwC2-RQ<7!dyOXV6`8(7k2yPnw
zBGycZn9<T<;S3J*fbKR?$?j3fSe*f={A4rQKROWJM#BZ1HEmFg%FQZm$ywN?ZxvUn
z#?3-cd3+HwBgQEmIxl6-NMCax_j~1n`7f|USKpwP)^Wi!pi-0=Ov{wKp$^S1ef;7@
z&)7hzkoNY)3kD&iI1G(<kXyi`Ah|-W8#^Yfb9+VdO`Hb~kx&73F=1k~Thc(>aSqu5
zP%`7D_~3TsC_+3`vU~E*8TTWL*CNrn@a~mU23)de6O$uq1i_78(@1bY#`o1uZp7lg
znB-ZPcS#xYeD>L2CYjLPLd|q&!nDF1GlC%$sV{Feg)oOlFcE$y{HkSIq>${}4bLMw
zk7rh1DH?)bGz}J{7Hp?oz|G(sd<0Ow!NwCO<kYcBgq0(~YS&kTPQd&7s?)1)DnH?E
zRSZQ{W6-uj#2&m|{cyzJ8U9u>3$t^djQOporcrU8HtC5z4O*6+pw2r~zX6-sp9`l|
zIeh9i<6D_nlx9=(ctY=j>NsKaQbiA)xd@jdpPLqzJfb)B@}NtE0M^V*g9WyM>a(Q>
z@Z7TusytN==g?k8F;|=)Co{XeH7B-*-cGxflb7a@DZSC$Ew@1td%SHE!~MJb6Zum$
za}MvBzwn5v6#_Tu6IWkpnkS-Dc1nNCS25>E(3{cdh|7z1e+0|hBnLq-%leWgbJP7>
zk?u;heO+bOW;sBsq?K1W&fepdMTPm})zl5YB2gPN)A{hB`}@=+#J}|i8}2yT*1kMU
zb38rV&94)Z4qXU5V7sM2jB?{2HDMfaFeY3&zMrQ=5iq-XnG2>>ye^3}?kfl(YG5V^
zf0IvQK#7-7O={oN2@;^zvlDTRxuA0JFpK^u1U!rlb}nTG71miCEyzId5n>mGAK}??
z^rb$n?IB$_l8<2e|B)mVsJQp0g|E52x49^%x&Ab|g^kx?%NU8y1Y?pefg&CTrH2JU
zHDVd}n-U?8TFi_fR0ql^?!T!27cZh7e^)xoF*qV@P8-5?S9u2=b`A8H!N4fNxZRJL
zLHY=+I5riN`~LXQ2t6_*8Oc*#0ZY_z-S$Yrbt5{5YH`ZkDty))HnF`h>nDHubM>2k
zc9~NGT)nliw1|4p147T8>tl7)vCQ78&Prnkv-|wRPK)zcfi$<fFt=ZpPZF0Y(e9Jf
zV5`-oMuo=5+wMxQsYC$h(@P*+v8A_f0qL_fD3bO!K3wTwv~ZF39uF>b#~{n$%wb=u
zX(fW@5nfBtAh=+EGm|BZpCWp<P7rJ2PW{(?4P{eZh&!7*mYs+1-Rn~wK7lf?qx36&
z`IQukWWX3kJP|H_5rsL1guv2TAMH|wDLvJ$RRf6Wp`|WMVRad%g7#c=vNHP5>P7{B
z<MzW<&uAOI`S)+A<^~uvZVS6Oh&{a0sgtSIU%i6h8J0f;vy^H0?5%*m67Uxxd^-{A
zS-a9fdxYJmM_EIq7il62qfA~>*=FBBgsH;DoxHDC4=JCl8rJC1(8z?QfyS;!Jf!r&
z4oOl@FLYw~MwAI*Sp8q(sm!~5mbNEMu_1$WVZp{(Em!{0uJV`QEK)C=urY7G(EBE#
zVJz!rZ;%k1XJSTsWGHN@XOHyt&`i|8&eBTCqW!b>ke{WX9*^DUuJy}|8SiFlZyhI&
z$I>sI94S}muYYt5d{Q-w0~UP<^Q^7>?hUseg9B`+jM1m32=0d6eTd%<#Iu=*l5`ed
zEum(*$0BHm34c;t8Am!hsnb;b6UlR!Fj^vOh`ooy;YK=QgfA!DXbHFMSl0SFqeCJk
zhC{8S3&Wv`K-jCP`mdNEwoFxQtD-Eo8skxDR}m2?eb~-#6#P~yIinI!xE`cinXc}~
zMJ?QxPusOh6s&KxJWF&A**EUNMV?0av7)+{3d98Dp|E~2u7WMKF?L_fS{c6cgM-Y+
zY@)v<3!f<~E6V{Iernf}U9^{`kab{uo{~R{{<NREQavHA-AaC^wd%TV*i%Qo(W6eG
zT`d6k3Z5B<9F^d|dpmCYtvB|ptlg&GoL=u6`{Ml8#kC{VNW9;l`$r^a%m-O-_a1J!
zX|TRBIssow4uf)Kn`U@RNKy&oM~j{HePuuh-e}W562_4VahbO(-R_7mpc7tbO76wR
zgNh5(bdnI;hv~)>=TZJ53qTR_UjrBcmHSAH5C*SP#o*Zbn@QgdJdDTsJ?=g=SG4DW
zhkd}Zq08qykoa}SYSmL7->8JOdFfAyR%H)z8Cbabs8py7^d5~ItR7zKW|wb07u9Ha
zHVg7rMg}bFY_}!@^>(a&7AuM*iuO~DoQBB+e~75=ZQRjGJiz(6@&rFpCLmixIBTk`
z%rG`fDBEuyjrK!7Dx{@eLM`hu{+w1Ex&9V$oHA}rE(Qm}QiHs@kCg>7)|<aL!AY(_
z@u6P_>x}``t=M<P&60s3m;u>Rv-7q7Iw~_voMSX@MCJx|*~!rd&2linwMM!ufSx``
zCNcrz(+Yl+EQP4xf&5)AEwqItVpdXN4rZ2XBPv598+Emmp>2f+jF==sB`cyb$<!Eu
z$^pEzOx(l}H6-LF_r(uo_l2z~MGk)u{X>UYilQ3n=Nbk@clpDT-CHvizhrg6?(%IJ
z!GfB-iEz!!61x9#n*+TCB+4f8R>weY;xryB@_|P{dW)r?ywzk@t+-p<RFR3UHcu`C
zPH&?6Kh@>eqAxm|OH`kS_jeRbkUtbT86ab|xS0LOJF?mJLhe-Bet$EueRkw!l%>5c
zLTY&A@kI6jR5!(LEB1aa@u+YxRJj~2nJIs4E6<pDp5b~}jp+jN_TGEcBI7>vo;Cj}
zZ(Bd!y7ep|wL?QA;)(i7Wym1NWmbbm8{TFFO@^+YO#Vl7V(eilnd}l8d?3ygxi`a~
z66wR+$9bgG3m|81tA?XWONZG9t;zj^2-5%g&mRidxwk3^(!uxcl?5%=jNb~F|6sia
z9-cN@<~KG{iuIqKCyqwY&oo?~i|9~lB<W{k<HA4DcUh$j5K+P_(z}X+$e=;Vs(&0&
z3{wR04gQbAR`_$o6;Ba_ITK?gR02`qk(zr?Db<`;3z~aSHL^)7u0HHAGpKGex89rd
z6iS#hrPLfJ--{V2<*@STKg!LS0%io#Z~ptrUtOC1jKb6);mh-Lk|z+a$xE>}((YvI
zIodAev(lF!!lu@oO1P#Cvk1Na(gWO)4$tlEEGYU1l0U55Jth!!H+7kFi!zvfUMZ#h
zNS~!2nXyMB2m5s2pc|b)uwpCPFq8d6y@f1)g$f`~s>|x#T2Ck2K#NYM%Y8pjdwxZC
zsnM)+>Da|k6L=D@6JQ|_j|DBTG}f0*q?uuyin8tRDpK0OOa%X5*^Rlhes#eM4HYZ0
z%ZJ(^s99;L^dhAwNJNb+S;uHuf)MUw`Tac*j20=5`>#NOH~$3kqsZ~YuQ`C29IQ@1
zcoH7Axcm^w4wVZ&`r~U^WKLRyPzwodYB8sOU-<NP{$f`c+n}_7%V)k+qir_-#9q~U
zRtv7*@@}U22C$7WlMroq2>YqB{^WmQPG9`V;D_{i3}ik(DCcJU0X%fl&qjNE@b!C-
zLjl|6q-bgnb^P#YB>1;J84*DDk3--wc@27*HL7LugOMdOpSK%MjF?1k&GyY^?;%(C
z=uG#s0<qU;s<_nBeIrx*%E3s6F0O3k&a)5xyYZAGUdjnQHmS7R&maAW7wfnwz|de-
z7c$>$I|J)e)^k{7`+Oh?=WDB)vMn8E(Vh@EB)1@@9J$GkhR{tv>IekydjzXZH3?8E
zX<P94MQ^g#zh+3yg#PDv6=FMMcBN--6LwF?jZxFxDZZ>LAO8M{6kte2*#rOI%-K3y
z{@;+)z7)9Vh;QC&0!PGJbzaA)_c6ZCwzM4{QFE92jgy9{fs;Y7jSrqHa{b01E(Z9o
z-DoAGC$v|menX$?wlylvmOtlUB>3Zpn7Q4jqq};zI(T&VA|=;+UCj4}6@3}8A9*eY
z+AJwIdKRC>x$T|5r#Yov3eE0931FcFxR!VIJk&i5Af-_(ZV50;K8OIn0wd&3QikC=
zl4)oIe#f5weS%L*YXZl?pa|3pmCfMBQC6Y*#RmuKWaqLwlqnqE&+fF6bQr(G{OjDn
zdNTA;`|@xM@dT22j#1OzDH^GIbqAlogQEyS#Wlxu$Q%_r&^hdH_vvZY_#8HLh-g7<
zjhtY-oF75e@cn(+M!vX|qAoU`lYut%2qUtuHM<uSH}JoF;+BTSAknS$d8iHa7Zp2N
zuU@xI-H-DRcd<udr+prDLVNNcRk<eI_1>uv;k%_DoPM590WdF$2e5Sc8_Y)Z@=1K%
zCp{-kyvM31ojADf`$F-1qTevRA$A|wsD58JylnX$SE>WVlEQ@<#mN!je+GREq(X1{
z10dfwRv=9HKeRv*HY`nQb^yucM@A;OghZBdIX&{sA_~TGYAHL69jR122#N(%d3Ir_
zza$A%BDObdS9<maVK-W$`81bM%mvc8n^z2h4J>^(Puvo_j~q`jUHdm>ZpA!DQFk&=
zP_j70?@)RJ=Hx?&3D5@VK8ZuPGHE86m|rf(9_=-Zon)q)Uq@r2{@p7B;^zyyqRy+o
zX_XInA=MvhikVuZe+8waxx(Ze)U1nkfG&QfX{F#CJcF(XXDi^E^e(i=w88uH#?|wK
z7JeLNh}yBipi83$YoMCzbiC1(gfi%H(xM}{3TKxEq8mLesv^9|3|_1CeYkL8)v>0o
z5QXV&=J1K_!Yt=fn`KOGam1T3j5N?WPDYNzI6N4QMpRhWW9R9oW(xj9JJOGq!HQR4
zl^v`@wU*};Q+JeW`d~GxkDoOzJ^EFTpCNT~6Bdn(u95j0%<nQmLGUM(ioA3?xh>S(
zkU)NoN}ynfR`7Cpg-m{SWIq=*g&d(KfodYOhW<agGBZ)!sar=wAACau%F?j$at<`+
zoujbv6=9s#A#&L4K#YGR_%w}ps}O{M*EW<4i4@7G#1YwBDaLQh&X|s0z+DkVt|*t?
z^wk=RR{wwOEihLISVf4p$X3(pgAet7TBz9MY1$X;wJ&L;f1xvg7$15s-~qy_Ln|k5
zeQTKDIJA=?4-ywsDAl3qKw1m7JR`%BNV`$9n~0Ouax31;I>K<kEQ<7RA~Y}L|Jcv*
zF*%bs!UM`f`x*lq$zFBYqwrn7TZJG^n6Lchdp+S-K$et0wwYN4zf!*q+|N})w;Uca
zemtC`8`GNif=nLX_t9CvI%}7Tb8)`E%w;WR8ex&86gIJm#AFYAC7YkpnqIr$g5~&k
zlt9vPUQlud^nbd=l~skmuxT4Iv}p@QzD%)&P?NMq`thTtqpIa1_j>G&wz8hUM7NcN
zn+yOmmHz)2JMivZRc9WxK_1A5b59kRHt6Qp%W0AnIR|KJOd3!c5Ncnw@fB{o<#cU}
z$d$2iHqlt)(x7(_TTZhlblRA8;C@Tkzld+=aFF$UUo&n1mLw);@Z$N@Pw<emK+F*3
z>fA~eM`y<0w#r}GI8u2N$lWibiEzH(rC6~+4&^_3cL~WOrx<ioewb)}TnnM$`cDUp
zCGz&Ebu?VTI?&y(7#Z`hojRbJ)t8h^+m~lMOdH&i){JX%{n3shFPQPY*wmgFwIAD?
z1$uqbBJh%6ogYcesXQYsPULM3h!lMojOvP!Ud#!#fK6P|BC)-o=jR}b(VJhM%=U6U
zrl2mkKlY%PiJqbo4KzoyjZub%JiSEaW!<*+{$?O_*65UM$VCYP>*?v&$_ke-m1OCG
z;UTU%`mE~IS}k*c7kNYw9OY$$YDqwlBLSu)WMr^g+$=(MoigM=OfWkd^#2S9KnsO{
zLn`acgVqPOteE550sJv~Pd^XNL{-=dt)G_xue?(^m&fVHl$Q}m8O*-@_|$F{4({5$
zo{6_iEeH1)mUEm`&M@R(1Z!ot_eOOz9h+GSuEfT*_2tiEkDOtZdMmg{4D2a)6g0on
zQ1*p%bQxBBSLk`nVsR^o%3Ov3@OL>|jHJk3877as`fZmW7Mv~%EgOFK)sc|sL(M)g
z_=RJoipBBcV~fimy9Elt^T`EA#`kqns$_Gkl?=Rx(@hnF_zRd24TwRMt?6R_Swu?<
zPWlzPc`-{}Ltb2vlvImRuWpmrC}*-qM+TC@F$d-Xpz4+DpC`{HJMtLnJrHHpK8Nm8
z_YB9`@H0^35Kl5Hfd2<-o(;;c?=c4KN!?qpKF0HPny|mIHp(ETV6~fSrW&8R@?q}$
z%>OOVg^^{2xiYtO>_f>D!7Gkbxj6n*Y;ktvMv&IzHy5HwH<wgZ{wRcq1j@id7R*#R
zh;-n8g@O?85EH<UE%)DJ_nC7t2r1jkq~9zzey$<^v5CsM$l;!w*WKvIf*WA?ZfI|D
zv$^XfN*D=fEw~#vC4KIzjv}lZB|L<1)A!ir&2}r1xOU_QRdoDn|1tYc`*AJ8^}S`v
zEAyh3oKhKuI8%@|;%^0$QUX$w;=fiV_I1mb5w65@T4Th#C-j+<3y>8@#GcQ}u@7uv
z_-W9Jm6`<k?|}6XnP^(mlQzLm+GJj*zCxEW#PNK`P<W|1Du00Vvze1y<P2#)DN-bI
z;kxRVTjjL$WM+z)NQyinD`dvK-Mt&oh3x80l`Jw{-wYIbH{ZKIShyL=KTq8pcrvy`
z*mP{YUW)OS+)d8c)K7o8W*+ST&y5%EnKMh{`_sAMX|k&X$>o5FcTsFBM`BK6O+`#j
zoWw$Dl2w4)++v;1jlyK?gKNI_KO;M5`l_a<L$2C<4Qyhe*3w3aViRsg6mY8VdjOQr
zh^8i+rNY@T0gVp2#*__jLN*X9E68fYndT#ljz1RXyEt7xsjPpgH?$zsaD*X;H{WZ?
zi9v&A85xK8P5h#}N(EsJxR1<q;Vo?<?bZooO^tlkSUsd}%{C;Pct{zrFMBE*c~p{z
z?`g>ElOmGO2=`Ybh@26UN^QUga6lOOylk7nv%&r4U&oOYi6H-i?N{j#-b8&RBIoEI
zVbNSx65vMkPF)@5nt^UiqSEd8)f4+t#70>slcFJheq*>^+t&gSED!t+U5lb3&j-Kk
zi%cne6n}0v82cqBI=S3at#uLEEq1hCEFh`vueX*?AyKc?Rs$dM**xZf>z}V1Kd~P=
zm-%&RlxA8bdn9;V%Sd!&@rBYeC#qW*AQal2mLO?@j@YFRqL_?vjKy(wzuk7^o=g{-
zd2#%f%DgatjA4gZZVM;T_ty)2EeKme$XK&Otdzu<fsyRJ^zsKO3r$`nZI%PxseVxZ
z(<UGx;0p19wl&>vi!h){o`73AayOpj!lKSme}LoiDfGXpP5r@7_jO+^u3EIi__k3T
zB)-i!1fmL@gn=7aSryR1i$cNd`zMzXLk_6@U-S(?iFesNtF)icr+d@WRz9a#!eZ8g
z;<GEs)h6ZUvV`jl!IlWM=Bl83KN8ZKCBOu+nDsAxRoJUpu9`AkQKkUqd%F_{Tr1gk
z1gm?KJStEOW`wRk=abI+-O{E*2nr3F!QX1Q_`jUj-TS{RSRR)~2<TvpDx<cUBA6#4
zechT&l|;Z&ibm?X-0ku8%f1+U`0}NOG<ztjc>8cvij`ZKM}TAUo%k}Kos{YU$m$FT
z3ayll7kr^8KxWFERqZ`D9E{s*)eu|8YeXebIk!~2ejf1lmT6B8fw$2fC<b`b-(TET
zu6}lHV<z~Gdgg+>9JMsdOp3TSc^S-&g<_KVO}1*8CWj)j)0CJc2<4H2)F!%d^mPvP
zMeGD{|LlLSAH8Yjr8Q@a4Rp=N&;jma``!XG^bwI-zl^SDI3!Zm8^})WK^g<TF0w)f
zMjHOzL(J6EhbRd+m{a)JJdLrS+a2SdWFn)dPU~2);k*XP>)_pe;PO<_NA%}kCW6uS
zb<7S0>Ebj7i}9(Z@N{lb!%a$R_~uRtjTo$iK7ieO#2Kr9AS>b<qMTr;RN@rP&SIY_
zS8<jaoVDf5H#k3&RDCv9uj-)xp5F9G3dQ5)sg_MJ6-T=@W%&)Kmb7af3Is~??PR$i
z)$-@Ami4QRExvNqLaAmr&6o~fs3a`IEBLpGRcbl3`p=GVcLMR@GYvoMm*RnPFUl|1
z!c<Q+lT<%Wz7r0id!sJ-p3D!Q#&r;&n#oj>dLI;y=;V2Pz@MvLC4Y$Txnzo+n5U98
zNcM;M{hoevEU(Xz7gHuA9bQ5QFXr1a6W__1bZH&_(9?2CimO9JH`sNB9P)}hr!0O!
zOlL<s;+A{o17nAHQ3ZbO|MlPM7xgsD*X-)GO1E(Ft{t;F)2<J@t*8=b;5`<ofcEh1
zl!up^-a|S1(`jc-<v!ukq)9(=cYM!P&2xZZTo~xvUw|8?kR$i&cgj5Aid}7J+HnWy
zJoa48EZCRkanBA}K(-iY^#wwP#2!_)ZOpF`e|t)sRKUssO^BC#Sx||jBgS{T5H&F>
z#^3^WX(?>;QY+niPFxlg^5f`k_0*DoUK)fdq6$N2dI>lrb-)l!DB0$EYG0Rqq9nB5
zS&~7-UKv?X_+GDJ3{RjK0mDCAt%E$|F%$NRp@1wL^;PoaDcXZd&O{DcO-VnMWF|0i
zl<C6RtwM5f)Xm8)+n;^bTzDh<Zc#kSZUrXOddbaxi!fWqo;5wzS+gOp65sV|f*`MQ
z=i5evb(1sZ6&f=XNv!b<<<k;cM1jfYy!%;tBp$623_b$=&<MF-a5VCIp^_=vhfWj#
z7Y5B^OUKiX&iH&2fg3!iEHBrJJ|Do0c_*|ZqqHg5KB9EjL<M;J=yj)=+PK#*n8Pzr
zS1J65>DAbPm1I!NP#|e&<wU}~Z`-9uiK>PWBc>2f$t^7(;Ve%mFU4%9HbtD-{in;m
z<>DC%HN|7C(!VasxU5{NxA1LW?n0^|Gv;DHdI=zehx9`N8b$Akk?I$eeOs8%a&0p|
zLqLBw9%0bw>0SZhcjUV}G^h;fKto;k3D=E4_8_HsXmq5H@X9u_N_2;|HB&d5lnpk0
z4xV_Y0Gn#K=l|39haJe9<Ttj5@C{5Qs55@y9YebJ_7sje)S9$;*_fS)XJr4v=JxBs
zk>px<O%)(%gx;X8QjLoTH;1cxEt?v|^1bfrc@+7}5Fz_&-TEEOJ&J&Nnp?qy^*yd9
zvOyQW^1-NA3#_kicHz#c(p1Z*qD&KJo*UY@nm8L5rjqOfT8G@f%j}U*W7pf<#a&up
zDh0pqC(2BP_i&%UL?~w8R<~UIP*>RlWDI@yd{GLRIGMe`spYLPo$Cf_3hL+F-H7X^
zs_gkg_{DRLoFDuyHesC>jLDu;Hl!C9A{md)&*n!lH{mrpG`=wFKw_6#sFMV*my|rr
z%zbkJX&VMg9fSKH$Rt42BWAF5rjLQM5@_ZYb$3EB3GCm*m&nj2fQO5XL7i;hBUfEG
z!Wb<~=*CA*6=@hD4&niE#youJrnT_v?9<Dn&(Ug+zxKjTGksj4%7u^pUqNWPFmWo3
zw|6S!?t+M4-TBBJ_HNm%t6H45{b(DY(2F;dYt!FGPQY4qXj9qlU>3mmbK~xCwk0hX
zZn1oj1Q`Z1Qh=Zmb_otQcI;kdlIEFyB|$s=6>5&*sB-a6Ay&MYhArVyRp@^nflo+Y
zs^OTbE7&8r;Ub769gzEAf@qjdP6Zc{C)EyXP|zs^55bnTscaemJfB6!7wmJP*am&r
zDR`JJX|}$eo8A1R#CfUtcpoIXR@X2hRSL{QzRUYa(dZH&Z<B*-?pUGA%JNPGz7aTi
zluq7!_weySUO#FO^Rp4OHE$`A?ge4IvP!p5;~nz|71`&z=*;#t>bD`6Hr7HW`GpTu
zS7m4V$@B=n?V`aPOL+YIImO+m^u3AgR%`1y3m)J#-$Y5a6Tt6IYMUMuXqD6k4E5+7
zN=CgN+N?`p?stpJ<?O~e)QW2TQM@YF-5~!@3*m|;8D}c2lEC~e@vNd?(H6gK2mT5g
z@o6YSIhnY3f{n{{(ymAO+c-vHI<<^|h3j7}HC=}8G>#`0{QA4+A(JJ)wAFq6SF*&j
z_EuFvkr&Lo!)C2-02k78qwqjV<!yo)aivwW+E23f?$@iS3ql0J5wHUV-}|h+G)mVQ
ze2((s$VV)ha9al4Tf*eZPjuES%<7osaDGd*=Lv^;?%5#|TP4QT&B?x;E5AfAe&+60
zH|zDFD0o;+=(@XM2iP(C@EX2EjxKaXj)JZeo3omO@f;`=>m=mFBWi@=SLFYjIgx|=
zrAU!!u7jm)K;;S1GQeH=>O@evPOM$(@DR_rTEv3@T?<C#gT3)ARr<zFVd5?Ic)=lE
z^$%jnW6j*#vfCg@P}Y{KzyfN)h{v8Y>EZYqVN6NF<LSw&YAUsRSmSKgycVrm|AyKz
zfT#gB(dsR2lciWm4?~$Ov_%?p%uttn+80PCY(u?lrX$WmzY{>kMvf#bkB}jc69$RT
z@<v%TyUygTqFo}QQGM9pu_xQBeJbIh4|@|R2IN8_>LpW8!9w$;YdMCbL-Qwq$f?o&
z3w!08*x+i+@|yiJ3cCAh_k)@lKR|AB#4mN=bLYl1+0M_;{CKOTPOMoA@^p=Xugh?V
zi(nWxo1{9I<h5s1sGBMXOxa0r{^z>T_O{Zy&K_F}mV>G5J<f!fLnmjI06$X0k>FrO
zvR}PsP(@R_lFg@%2(ws`hQt+^Y1(j{=EQR!4{riyxqrUHPVQXL156CH6!os~yb`Sf
z4K9hLQDR$1C-X0fii|nKOYS=d>aV-k%&eOJ#2r2+=~e8Dug1jc#{`SMD$}w5bcJ-v
z(0HRD8|_{8hLyt%jyu&H>7UiHL>%L7Pd7gz6a(2^=arF6noryKDU-T->40ESuRFPq
zo`?bG>BC5aF`E@7oN?{CCepa<Bt};cC%kT(iMJzWui`nA^+R=tS=Ach!ZI})O^XDn
zb%du|u4JTAClAhgTCipo>w=a4grkw!!Q+2gKGEJh;O%C2ksGuuzMx%B-Utd@P3`7P
zJPbT}t!JK03>3Elln;9kH%8AnK(9-X|BsE`96~0?M>WG@lyDO2@rD}SN{!igN~xCo
zm)Kdan0R)F*Av9=-+UJglFR(Z;Dc);`0Fd=GOIC8iuXx8!7Y)4q>Ac>XaiE8+E_{R
zSPX=IjX%}eId||4w;INnuU`rvNpp20yhi0hcqzM!^T3;b;s(;$XZ2<@so5waXil}!
z9$f107c|4z#?C6*k}6IMVghy5zOveQf3z>Dl$BND)~J;KNHm%-pD&tZXm7e2OKizk
zeuS^0RapLlvB5QJd*u^nuyIj03SMLVU#T^{{nSmYMWav7+5GMq#t^iJ2GjHp_w`p7
z7F=)uZWu&a1rVRx);G&1*&;<<#f}(XT%N&P7GL`L0X9|ipCC7gu%B(+d4TUckUp!o
z_E=9ft8}B=6W+vhY6miBtW~7xU{KuHLSdwt`^1ALNo7&QRDWp7Pfo*+)v{Gd-RkU}
zEwx8lW?hhO*e2Ral6p7`Vn`UfA+M2L0&LpWsOG)9X(oy6!%r+H<lPWBToBZy&u9<X
z2uAx{0Ui+%V-W5CFAIRsxl|$6`rIKDZ$S+NDL*btyIq`n-Y)69Q)bZ{G8VMl%?;YM
zlCy*+&a3{4xxwC7Dw~dvql5`3rR8>&<c<e1Blb7X#Hk-F4mSo=7YDUTw_M08P80^U
z#U#YtmCglz4OEMRo>cHz@Nl`B?vHp2gxBgx_Xc#cG+X6bIT9ABRioyKUA<PAmXf1#
z5rE2rHQ!P0)VNU2pLPATL+D1H5ONrhN{`lbw`6NcZz_BI)#r2Fv}Vg^wKt;W!mTjg
zy^<O?NI!$tMlh9t-?oL-dp+J#K6_|u{tI8JVCFbDM@i&tuX?8oSdZsRc5#iFNt&^r
zal4?a9Asd)x&11oRHO4<#FP|Q&u?Nlq%MQf|K|Q}8JRZwUuhM2tGLiuHEs5PFE>0m
zL7nZLxst}BO(=hE1iJu_L6>X+1@hO<0a&A?e23*&!+zjV`o9!HkM3W#wkk_oG%*)o
z{Wk65gew#rK>|r>K^g=<I340?#Z2^*;8WCsWizDdDZDfqwTSvS(2;sF{|{C{tMMl-
z&SlDjEA!QdxLT8{x85q2(umbON)AMw!$i$Phxwx8W6Yk3K;;3^X0A{kM`45GZ^iw;
z$G&wKph}I~Kg;$Eemla6`R8y*SL5SKxkgp?dgG+kXY%P&Em8$ML&c;qYL(w%&#$`c
z>hIA{5C%^3GuKzrA~5_E>P6lq_;(V<xjkH?)w=|3(!Zke&CijAl|?Aim8vF_4g(b_
z0fgZ<<wpx~&_|X7cIfq}DCe%FL#GEq&Rws@{ppCKijI-CThw07H#FxdRz=22SOw7z
z@eiWKfP6yUcFRPz<@y~6X$`1+!93~1^w%>Ov1b)so-c?%hH8g|P3x4+N_W6nu8e2l
zY;9Q9)aQnI+P2+MLb_bm$Mz$X)Fy%>06H1TSZ><~E>4vn?oVd!JSs_Iv-?_pGPwi$
zDoy}EnU#sDW|Vu@K9F<&Nta_53eNn~m%R{#WYSj~8(t|iZ~r8|Co+1OAW}z5Gy3<a
z&C=qVO40p{7=tT#CB0UX>0=_38{8JS<*aW4+0!uo!3PqfX+Lmm%~=4(4>taU(S0Z9
zHEl8fi|Lm^NSFc@d{$?gdVyxL?V{SX!ZW4oktaAG3yhnPx5V{0-m4#$J1Im-_Ax6S
zMi1i6LqbI??<MUR)*zred9{9$!_S}!uc5`d4%RhD{5C~MfiTE{>=dee(GwsTweLJ{
zWLW(C+NE0o7{;v@X(zQ3HF5EK)TN|H&Qx^xzX*aF*eVV`T0;vBmK~&6tkqkwNw-WL
zxf+dSJtHOLD%3Gu<4~WK=jV+9zEh)#FuFG8Ds42|sq%1yt}EH*6>VX;FCfCVo<foy
zeTi%%Qc(X<C27VRg5L6CI!}@>dj~53u~K&3{*GThZ1P}g;#YJ$2Qija?reX(geK%=
z=x<6h<ivFNaUG1RtBGFtW=bFk9wUKKZm7Q==^K_1t7M}wZWpjes>_vTUcHq#m!ZRy
zfI*?46m%$zS_n;|@(v!RBbX`he3wzKuiUU*l_QxVzb)H!_f_beF)%DHNFgZP(<B0W
zT)_05C`FkEO|!N@rc~1)wxRp*iH!{B@+rh7xk`kWElfj3{Q2I!sPZ~G-}-=c0UPdX
zSjA-U*EoNyec(zl_GRo7=&+k+5MNhC%eYLfXwQziAJGjnRzIrxu8LaT6wydi_Yx;=
z)vn8tEbH3=;y1yeFaU45>8Dq~{X6%x@StE8idz(J1OYG1NDwCl%T|j0M*MP{S!(fq
zfI6wY7bu<bcVy)@@?W3v&hK_5Z9_kYWSxsqoFy#hHoz+8=f>@9nRH&U-OXIr*3N<f
z`)D+{<gl#YDQQ-2k@7I|eeiOwv{@E3JxWh*RYh?mK#qs(LiK-)a&1raXw9zle`c$!
z>>@RE73Ou!!_D)7sQC+b*kbs}O>a<iD%*(kpQ6(r9wXQBYy%Q(S+1VaYy-Piz@ZMs
z()o7H!-d7?FY-p-uG?%+4N{1Tx}zk8-vrr~+6HZ~zoAIC^g&Qc&F1o#0}6x~QxnMh
z<JrB1QvbZ|U`^SmySYNCd3Z`>tO%{w;^WjzZ7~nMInNE9fN>526e7X4b%J_9Cp*@1
zAZWP2_$M4_Fraqb%2yP=t<qm*e9UMFydhzb&ZW0!*k}!?fps$Yg3|fxE!G!}d7{Y{
z-+&%>QZM%Ma$vHX;)W%{OF(hd<qL-h#8zFO&>wdut(kmR4(E99BJR2Va7~2T)4Pa~
zGkEDKt}7un);-w}wf@o>PN8NdqnAfnEt?zT$a(Q#EKk{y)w;f1cIhi>D7ymM-@6Wl
zjFW8W&!aHG6KK@JpHQ?X7-L}!`@OdisN!25RyVSUGV6jLxz{LtH^=Gt@M}f_Xqg(b
zacxn*&V$ZCW+NChftq2?X_@`1t)b{4!4lA79U?KdPbeIguHrVS=%&JfA81kUvHdAX
zPMt~%M)O4W7^i13wG2D$A<f!{T}njtN-yn4m4p%<TZDgYA=H()x1TKG9u!0tuu4|M
zbH4h<KMo<6BUT?MD>kbA;3eo|tfA$1=^?TEQ3TpD_#jJY@AQ4F2;oz^vBQr<l>oL=
z_0gB^*M>6=lrwd%j;*Pn0f(u=%bH?NL(%#+nWE_Ps&XOO%NiKj<#b}>6w8|1RIhF9
z9dpG}R>CTWX%=-Wc7wT}BEFObfZ0L$Z|9bevyH|;tEPVkGIAA-9kbZtywAPkEgPYa
zFSLfH3!GFVjT8x-Sx66O$(dS^f@YIj)HEl2J>~dF{%1U@9d@aIZaI~RI(_-w9JUsi
zFgTl1j4XfH?#=!HAII<NEarszt#&i1zSZ?BZ~o=iA4&i~A2cR%Xbd4kk$1N`Sl^|g
zGS6nR2peKJl7TIjcb{pZ<#m>FU;V{PA$SdGJ+DQzfr%(-S9)HX6#Ew<xNFyXoYX_j
z=9Gicrq+SxI+Qu6m@aitQD02IEVGy)gn<~(&wVi@C7>NPGrR(C#o)c0u<_4^Xo+^6
z0ILSl)6OtJ2b3(0^gCef9A>d<Xg+6TH{kV{G?PoD^UBzvM~=tb;EhmCi-V*wn{+oa
z58awR(K2rPKi!o&YWsC}bFQFycn^(1dvN!S58e%R@LL7VLF|I#z5qC}z;^#rYKyO>
zC$Dc1+F!d-$;h)GDs&-z^y9*x=L2Top14UNmP1&7;#b;t;kPdm;OWb5F>g7!l-6(`
zAKowuD%(#|cx*fr9)3`WB#RW!hWrGYPxM(8g2)OZ0Zhhg1~N7RzKl5kDU)S=UaN~b
zngr)zV2m!Oxeaa#t(HaEr}#b4qY(^9WxO<VX@7ENU)o5*_!*aCVV?k(!R_UGudjO~
z-~YS)$6De2cXN{O=iw1=^-I+<<k+v%o>xt)0_-dBCmb^Jegd%x45Ckuh7-mMMcyn7
zaCx2#xoH&+;zsSl-VH%`is;v#U8F=SBbdQ|JQz<e%;22#_3S}~SP*y;D@-|kl*D1l
zF+B7P;Ohc6)@;*@UIZiUw7d(SVBbzt!Et!c9{zpW9Xime>tDD5UpVP|QDM~uW&oTK
zxxl}-jv<nou+iGyB3s!w<L>U56wX9Seweu_Z!WS5;8!n%Z~Kht?yZmt!>Si%%3;I`
zC;p;cUR8VLXXI(Rz5uc7*6KD6(4Qni{&ZLGov0i+JxsX~H5jMkzap0+PR-z^r|0XA
zg6Ml>WrV6gL#EC_@Ss}!8rsK(#Y$?1b`q-88aJ4>7_EHloEq!9P=PSbKN)&xsHFhT
z7Dg;of8t}rJpbAY6W&Rk#lpu&2F_Qle%Qc@WgF@E)85NE=5$%)31lXfM;a~xG!utk
zFc{Ek+_OBLICx|Caxc|SwY5Pcd5ryFe$HBTEtDs^HKS#iXj&Tw-K96t@Sn6|OH{ot
zDi}Kdt0-Mll&={W3Skbhw2O0nooN2!$UH&7!%ith5V2vsMd+j5gH|DE+qqlz#r<0I
zey5oW2=X%WuF3qu{~GlcR!nC42cO%5z7A8XG~bl>jH}U@hO)G7KYx^i`2%EF?{j2}
z(B7f)(D#z1?EY=DBoOLmeBUPoMkhF`WUWAJ3g7n-T}#KXii^oAgyE?ByO|V4Pd0~_
z#?DO-3O8p7Bk}dW)uB44BcHC4#lcO4loT+d61@+K=?_>M=rsaqUBulh-}lO;F{e^h
zXD~afX=$XGWKd2Q;`B&q=64`-C2CmOB;+E`5dJD>mm&UZ-d8Jd5oJ1B(y2}eyGJU#
z6?+f03<lB^GRT{6S*<lO)Gs@5S7qq&i}N|(GPwjaMo5}``k=PU{ZqLIXe-4&#GpD4
zsY5&4ogfo=R#A|gJjJX@go#?&YOD@<o?pmFqX?Ualr_4YB$}#c57SDjb`wP<YZInD
z$la-I^l4HTGQxF?H;c!^Ba_CY(Z7~self^X!u$p*Uvc+l9fe5Q!=xI`RuF&MIn|cS
z?GWB<3-)i|N9f2wHAh7T+}ZTlmzsmOw^w|Ox_I!s5eAC5mMc~h=e0P+%<|s|QGZsE
z1}H|Z!)_!Wu;W|40C$Rw92I!;8xj|r_HQqKZGNjONBC{QXQJ9;vbVp9eo6KlX_y(=
z&}n@T{lr^RP7@y0bnCEcTES9LPF|xv`-xJ_Adil*r(Bu^Arhb+dZ(V!I0xX>>i+BG
z41Lj_#f+?&!_=o*xkHZw*QDI6lg{vAc>n6FI~*C3+N)?FWAnCa-T2P84XT&FOx&^d
zDV!IFH(0gbbjN%p!>+gTlqhr!9<#W(`G-1*sWy&^{ZVSK{Gc*n`4T8=K$bC6W`nZ^
zkj8KY>-E7b=MHug?sXEn%(|J1wHyt_dkBMiKD8avo)Fb7<iVRq|7*m06W2q?R&5^L
zF8xbSe$+I&J;vwdms*s}$HKsmGWdQ!dIv<PO`LQ3-H|1d(dl&Ya6`f=E#Z(3rEu8!
zmY=YFbIn2ayniV2bS9u>@o7EyZ6dsb>DPjUx}P0AkhCB?)OeoLHBIt1YZi=Z>%enn
z1at-obyz1gJOuRRuhcgG?%o?U+3(-xsBOSd_klCP^rw^aM9&4OVrZS4ni^GdjWb?G
z(#~f;djx#kh69;USEt;NJk8)AA6edvEX44#S1kGgDZZ2DAniW`^Q1EL>e3wu7QR02
z_Iz{b*V3M%C&tktpd>cs$#>8UlueKfe6Ss$NL@$%8zBTpAbx3WNnbw(GuvV2=NSeA
z2>utf2|ST+B@OrORnZc(csj7^Y*~b{&k+O~_~)X;?z3dgu6X5`mG3;isrmvF;mVJ{
z$Gi$Z;cqjJw-AGRgx+80Ps#+pSIbotQ|goR%8syo`(U;}#DArMD<z+w$k|W$auF%R
zZI_Zp5*O}$ky$eY6KDCjuo#VWWkG4xC>|l<{C=lgM3z;x<TxA7Ji1L(J_mWdu2Ss}
zE8|sd9L)((4he1VzyOU8T?T9WD!t!VH+Ft`-ZnTWCp@B$Qn3&VO*bH5t@J^=?d-wN
zq?Rr>+Nfd|nn>qZ==j;+NU+CZ|GoXaXbeKro7SXd;L<()bw$#$BYs%$Ufqo(1|OW_
z>wrEk@_D)ng@bR1qBBsDmW6pXpcROA<w`#WjhPf6P;T=*To|DoWG(*7>o(qwmm-0z
z?wK+lsdU~|qFrCg7?vgX)V-5<c>@w%-|#>%sx3|7nrpNf36nJ#BrE;lx~HyjZRL~S
z^7AAq=U*x?f1Mrb5zDG{!R%9t%d1vQgJdX%@JltPS2=8;k<!H}>y*)k(4hP6^aH==
zy?@ZmQ^wWNpaYkWLmVg$7as9PH7&LKKiq=LlKmEP_M<fY>|>y=SB8EbQTG$`z55u3
zDyBPHYAwGsOt8%+3HZ3Mbc;*cm}d6p^}sgkha)3>8&}2PD%=xvb0m1RZk@bD$Il|2
z=|4q{P$3g8OkQMv?96RD)0A)nwE4guqG1Dc9D2*pIwZ!;H`OfCyT@L=9~Ex&eg;jA
zaI*e^aA_Y-R#CoKw)iGZvhtay-kj#;u>sMiQwKiLr-SyKXIEfpeSpKDUqcgddfi_{
zRCtMlpjZ<ZRo)CEp4-at!*DS?y7DkSjva0Rul-@&*imE`o4aBtz>xG0;ZrMB8KWu~
z{^R)By=aT3-H6fbW5f0?4tqCpKd@=kHSBBM;~w%KIWya)MTwQ?KO<mlyN$QdJsGTc
zo&_ZZ(goVsU#Dr%-#**;rzRix%lM+(gLMCJXHqSCmv(dcs#+ZN_M|tR<+UWo#@FT>
zfU!g5Psdq1Ckp);)x<ul$l-EYwPfg3)Rh1JPW!L^bb;Y`Y}5L>7|a#aW(=*llE4LJ
z3Fo_<2y;|wXhqO*%nZE4C$`Uw%XFgP91h8EQIK7W&?&l~10f_OCs^~B?`Gy%FJQE*
z!AC63#juGcSNBI?X=6D6$e~`rCpz<RK`A>Jf4B_fu0R>jq?oh91|~%zaPW8+r4BXw
z6N*xQ2L_xM0z=o_C6!W}-J92Md;28*nW9?l@UU-leG*_(WGtNEx$klw$TO0*)*#MW
z?DZ;bAa7oJ`cqp72J_szIiyyDQMxo|v3DASz+7~^`D@cphvVUxOlKwSc|sxxoWzGB
zGTR<land^?(%1BnQa7rsW7IH+u7a?iRM_VrnHe&IQ%3ro$`zH=_x4Y*3d*${jRj%*
z=#k-aTD&dSxkr-=@O4?wgQH4)6ROPWCAW1J&>VLskDC+w7T@B!qrq_9uH<}-4bx5T
z2H<}C-ompi1in#T^r?L%8O$RH>R7}BSxvV1RQDobrQw_CI}{Y+^!+D!#+YP(C6XQ{
z9~96x|MVb;wnHoi3J-GD6q%{@qTh3R!3}EVuK}XEAN7#UF*xwIdNmCS(Tw>GOhpHs
zSuuYPCTf-4n`*`wKmni%mzP*+K7dus@*?8gc|c@}J(_OC)M<4RhERT)|7ZHNY51fk
zArFOIL2cP#Thlc=Hk6((rS1QQ28600<K%d<aEuECPLz*X5W45=ci+@8FmvJ!7zeY3
zCm!QXUUyrL%|ZRTZg~-(C#)d5p7^rnRkFYEd0mK99+<*;${MtA+cDk*e90~9?gJi|
z2G<V0IAl|e-3ynsX?G#dybVJ&UaX_p-Wa=%%WOB#VRF`uo0D*PtgA_H#?v8+Z#>?&
z{9YC5rPXEWLD^)%wtbrTwy!#9yf_!PhcW-ycZf;TFmYJlAI}p_;fWNGC^s@P60%=h
zb$D#P09Gq3EYy>}lrbN)v^|WWWQf`D?U>*AUgobK#<=ml$ZVihBOHcq+nySphPD}d
z4N-<-#8T~LyY9>8o*B&f{K&CxO~14z&muKl$(3>z9gG))mG#CcZWZgtESxV%83<*q
zn%EENeod)0m#Mt(i;f~r;H(@!8+Y>+*Q=$C4$!%rifa)wS)BTwE+iqPj)6_9WU$FB
z-!nWMgaf5Vh4u*!>HqKLh?6OlB%MDu&Z4@l>fbvv?kooQn6y?j7Q61w0#55cn|YcK
zHsha#P>6`K-wqss%IFh*Y;p!~-oE4}|39X_GAgU?d0RlFySp3dl<tr&X$9%-6b{ne
z-QCjNDc#*&Qqm3Y{pkOP?+4bp*I9>k_MVwNb4~8dpAZvZ=kHWjJR>Q<P;-C5PHB6!
zh~XKI0<(sPC7*)r2tGvjp=AeZ5ZvUcyBFC}unM7WU*l4Ss0&VxV=+(`nz6t}8)9d*
zjL=SB!D8@2@kn|v>;9Xo78!~W*%H5Wh~H`L$`P@2$Q%BB5(!FaD)TXl_tVJPi7-DD
z6-vZ=v__RFci#$!$$)?eYyP8yB`4q{fosI}sxr%ZyL#0XG@XB>#v;?HinE(G&aWsm
zuT=i&M`$8RK^9xNw0~~OCa;^V|1*@oX7_J$aZb;BD}r1`Q&-ev@t)tL{YLchYT26_
zUnZ!goCAhjq#XNfeRL;5V-7zcMmmBDatQh`N)P`FS|!+idy;H-P`Uo>CIJk%@bl()
zqSI(_C;7Z*T-#;D$3H3?0W+<_HDn(}_7D(J$yE(+;)mj*8KOjhZEk<VJzw#9Rmw9s
z-Seg<Vx9e40f0He=a~28srz(o7`FIM;)6pp=CS=2xe;ur_TJ6L%`kr8N_h{Ms+s0#
zu|JdAW!*^&H+#VdFjQNx8`}hVFx2ExE9xeIpe_*>S1?&e<XKMHT*F;lkBxefDhCiX
z+eN(F^a<bm?Y%tkAzTU$HB$NbEb8tyPK<lz_kZJ@=gOC>&`!szKPnVHBp-qXH{Lt&
zwzSD;fAbPG>oy=!y1>*aq)XjTl?t_6_N5-}jue;I`^2dSI8zcw;l554>rNsMW^Ig@
zJjU;26k&~!1OYn9=c~y*{U7FE53yB6zs56GbP3qYtk|RlG*lOkOV}mVSlBbZ*%f4|
z9^1O<Z>E<v^8Zti#^el{l;qbrv$atxp3C1-0b2no-u)2RETB5V%6)=V@POvpXe}23
z0GyEIZP!Xw==d22q%JRhU0DRDf^F4$xbmOh_7{@zli_nh(wh7pXU#ZpPjqZC=2`vz
z&G?_-wS2^AX^uZV!tX>n-91Zd%@^SNKrj`Zwo&k6mS!GaJxKO`(A#<W)J0_Gxq=Cg
zEbINZl+1biR<qnQatFy4Fu=Ki$UsW+ZDTiRA~tII{%o;xfE($Iv6~InOI9BQUDVUa
z5LuSXC*`f@I~kPoMl(0;Z`_2>b-*uBygDS<@~Cos95I-9W1cCDQ4pF>L17rpx4T8m
zp(rj(x4SN;Vg!QjhX}j{q*$a4{QsTf%tV?@m-id<+}=dgqW~Gcd+KsE^|c)OY6+g{
zeN$?IU>-Kd6iNynbU0q?BAE!+Asz8)_Iy3N3_1mW(w90NEY2!+ZU-C>n(}kF7h1!Z
zH(eoO0nvG(2_EN%QeB~IS|nfrVlR{@gQ%<D^#)mpaupw1?g-CLv)Rl*qgC~i;jTZ8
z7ryA7F-q2R$N*ah0j_Zgrs`R|QcYK$k(n%cqg2w$spJS&wvf}_-VWyfXk9plQP>`D
zb&S7ZWpX<S^~I?$L!$ngn>$fUwXUDdR?P5lVg_MPm_0>JKL6;Qer34)?QBws@lYlh
zj(zIR6XrHs?GoM1c+(V?8(%?GXT`6ib2q>pr43F1o665_>ch*0c&;Io#O{ef8HHQt
z1@*vP$rR16NfBz({+P49V$LnwOBh^O+N^Z`%$U|XR{y+A3G&(%xEks@#^YVsblu7q
zJy*#D4$<j>!1u;B1?!aN+>u$Q5L|>O9*X|_y#EdQcRc;XborupLO{NcM+qk+APW@p
z4n44th8A*KE1=A9>&zQ6Lw>j?sp*hLB;W6TZR>5g5w<;@L%sY@_ipc^T&DFsRREq(
zcn`mN)6>0=p5~(AviKO#Xj96?gRNs-OkycUj^DRLquFoT#oH|AY`^>Yt#b+r{F3bU
z_<0BJ`MA;TZf);L+5Q6%Q;-m216I<3YWWyr#w;}1FvhbDmK+lObK}n#Nt4xBHinXE
z0W{I5DyRYfZ>Hhs1fVHsHEHsZG**f9JYYhig(9+wX}&Por&fWIOS^@|UvUq|3sCAi
zMydMI1OAt&kO~-7&<hUu#M-L^a%p2HTx7ao<M^jufCkUoljmk@qUp;!!SkpRlIpOl
zLIRq3L1o{@s$Hg;=2BRi8C`#QJ)a%YNVP(ZL0cQFdFH)&Uqg}FZsFEC4x(eLxdh`d
z!Mx9y^@vzM3TixmmBi;K9Am3W(-x<=d1Y^kQ87ABH9bc9o`;BsN3)qTxbZj|a$a7j
zYMoLa0`Ru{Vpir#%uzFY`;4u-_RB;$efb|7=;84GOFtUj<1^b>AU;Z%R(Z8qRZTBW
zsr&JVz*9(}l4?^i(+-9DUqD*n;!|pb{_v>j>EHkjHvGSPbOzpd_`wqB%KABlec3fW
z$`pu!J^m0rSE#*zyr8pAwEA-CIm)?q2OtyPN~lc~X2~`H*hQbCpQY9^CyYU6JcDi6
z6~26vH~70H=qK~EZ2ZVj{QYK4siIEp3Kc<|2PduQT(j+RjbjL!J3dwy{y!)hDzCYL
z?f=Oh9^}q=OtNzO6ZRE-zA%(q?|xn`<)6$GEZ{eX3;0QDL>jsQWE8K;ZK<ts$t+zo
z-dNSQ(pw_^$-8=Pp*)6lqc@HVMU_ZuaViQuIS6X{4i$^LszFkl<YX64H6SD}KZ9Q3
ze#O9{*4kP9exH=LwaF@MF71}MGfd~(Z6glg3M^KLao#7VelBauA+lu-PWd*-6gB7(
z;;{@|Rf*F6aZ4X)`hFL{S0@NVxzj}aDjhz2H)Fe3#tfrC2t^TmK?%EWj2~583k)*3
z!@PQ)TgqzlA2()>C_tb)<6P!C`jBhX>3FJB;Drk|Ic^Xy6*4N1wPRPZSc39VIa)bq
zH@E!GLN7h|!Rg**-O!bG{Sp9~uAA!K-^OqkqQX$}xq~@eWBT6NRYk~Uq~3#UeSyBJ
zF)@@#Cb^a`pnrsZMZZ6dOMZ)XmAI0Ed?o&+Bwmy~+h(G-VZ5+i4wtIoy)70gqMWuB
zOfy{`P#$g5hDDfv!Z0@<W!D)ojJSLe{Y6BHtdnNB0oX&XBLf>a(O;Az8mo`MQLAP3
z5?3_)?WY>P%KBsI92qYclIEQBuqCHPO=ZUD!I_!n3qx>nAuZ*(PtN2zpPIjZ1s=S~
z1;3*!c~KYT3-A&dH7)JIzWsbo9L1G10M|vAYX5@5<j;yPXaXkk5nIzWD=O~;4&v=5
ze84!gEfD{Kxtrv&*(R_gWi`{O=*Rd<k)y0-!`QYF2mIbU-wex8gf$M%H>uCd!pfG3
z-5l_6=eB~8pAAH9<EI1RbV-6!I1aggDCp#y(%`64T&q>qLAYCDV{ZG5qx!4qnizD4
z6BB)=??(zlHtt4)yhFh{HC)>j2s>&{3XSqe*#s#u{)W3XM$b;hQ@LWccdBBZHk{LH
zLjEI3+d@KeVYuV@EC|KMjUDTDYrKQPYx4mMYxT0zKZ*!%GV7Gwp{g}s){v^x7RzR=
zu9qaPxZGFSfx8;jjM=daqZzlG!?H#!0rw95i{CzB3;Jtn7Kn1ds))q(%PG^P4$@sA
z2|&CqS41tP8ZT)()8B#`T$O7e2^c_Ps!Pkgk-*2a@fipAk7uem7bY{adAoe859Vy*
z+l=k^sfX=x8rjx1(@wGA!0csex+OwhSVrR=_4h3-M|E;sTV<4xdrPtG^~*g>(Cwne
z6+2yv!z9}p)AplGH0G_b7nFfvkhJHdB0x(=3vC7Y<XUnU;!&-(dJ2s2UmopzSd{rz
z$-&AdoVp`74eIi3N$ANP5YlI%hMAROlZ7KR(o)B7JX6a$4_oH{cIQ5o<LXq7HP>2w
zy@YA!QB(;tqvc=E#&$q=*}Abl=RpzUPZ4@c3iEY;?(7M;DSm8lU96S$5(A<G(XGIj
z*TN&-gP-@bl!@wmLRUpSwEU)PPp+JW^-z2;C->2xxni{YTohTe<1bVDF?*t@qC<9q
zvQV<;N%e7c>jIOWpFW=?2o$!Owx=&{z2Ca2x2>N$U0ZASw12rUEqKAbqwxV1Aczsz
z#}4Bir)#5{WApEWa02k{jUFOdeO%A?sSGU>(f~hCOYWnXUpPm$)t{Q@q@p8b1gult
zGzR77yOl)x_omPjDHjW}WWltaj_Ak@#T4Qxa&u|lqtUm}i+$lEfPVkQ1V)68kxidQ
zLSBMlcFIpY@M}?!ThsXIY736qS6GFy4djjW1P9qS0An7)_ZbHO1?ht~f>lXAM1jC5
ziTu$U-?l@NjM{g(cB#{1Y126R4YW1#SxnK%7z&CN#h5IHj=PL~@?VPZUq4l)CP6E~
z5I+d|RP}6-Qe)zQyvBV1&eq6;cS_p*5E7$jD&wAj=Yt)GdXsE$HwGPr4vD1Dmpq-G
zl8}lQV2Sp)<6!JP+YDYHeI&4r@FkU;d!xMlj0d7ZI^wO08x5M2uGIHmN-BZHnx;l1
zFr>77p~1qr+=7f1(n!9TOf|k)aagz$Avu#|SS6RjWIYo@qH(&zms)YF4^Q^Bt6YuB
zPx(8zN(A6^N2G-EzA$TQdLW<QDyxVRp6&=5D6Jp^^V2Ci&(1XTS4mg0^sf;_Euh$}
zr4~yvD$Z>4=s<G%QjXIF%Y&@hH9iOzHaxC49~FY(l!dZ6Y?Ix^aM}Fx?aM_N4a~Ap
z^Yb3kVV~o|^2A9Cmr!{ldtSDZ*@y73<je@oz|}^_y3J$U_;oSfQ|RWlA8$cs2BcDe
z{~n>JdrN?$w%`t>_IqcgQgCNOqET--h6RhN(e5<7(bQV{-s*(#@web#-d34Qc!LPO
z?kC<5BBdUl=)YD5(QfX?SH2iwt8dA5Xiy(-fp{}D{q3yVsZVE2M4sVX^5*8|>TB(t
zrL$yQ?Vzr6J0U|Gr)1>`x(skL_ApWq-<G=KJ5tJn$iJu-+6Ni8Po0b`0XX*+^}99q
zENf1UD#BG#T;8|6krJ&9TSq|P&CiK{vv)=K+n#|wAAU&~es5Jx1{8_}Q8m@wcExM~
zXe-aiD9-oTq`IRPsHvsZ<vcLXnES=~k`AM09_^)xW~{1{;1~=&0!ZiHjB!V6#}+CX
z<|{3T8oW^om`NtC@yeor|IsoYI89JX*{J>l2bUy#nyQ$c%ySM+uVPX=GoTD1b02c$
z+M>=<m%TYLP}=MS?IwTjS!mI*s%m)FIhUxmSYUb{tu9sAC?Hd3qb;YMS2m|jwRmH~
zDr<ibYEi<LScDl~2jI4h_joe5d>_y$ig~(JMN}tyoM`=^DdZ6p{+tvR45w2S=jT|l
zQO@D-X<gz2Ss+k9u5uq%8rACV>9%Nb;~^={*Y<n~nFM$|9d7N`L#cWw6iT7Ht=x#3
zLVVg+e5&&qTZEynrvPiTjNXBVOC^r_=v{bS6;&FHO3{KE4N$5BGkzJqdX4X2PZX)1
zgw;oe_$7bwK(dV>yQTG0#62Y)4sL}9<6Gx~hWo<8T!bv550a3<Quj?|F2zfs;nQBr
z^JIIKGcTVFbvxCf_BaQcc&6vA4*PZQMlFiK)rr_O<t%rOM8dvbP>CGhi@wuo3J+OC
zq?-iXbbV!4Dn4E+sBOqht^GdQhHEss;{h+J={6WwF_yiDyPd0BDz54L?~FQH`uHus
z#k7m@ip0ax$kM^~%iTm*Trg=qXA`4A^Ye_CrbOj>|J`r-m47A^w!X{T`XnH$(I94=
z9m#Xq4Ddb~-xV!-s30NPmTm)<DLmVN)<|xQO2a4Y=aq&SOD;JfzkNGCHW7yz3_JT^
z{F5*4?@pI;jDdijlW&bHOZa6Rx~5}{<f|$fCsvqWmuSI|IF-8SP0tV<13*LH06q3^
zTvC3^Y6zgaNI(L4iFM2FGM-AwMdgY}z}78&PvY=Rj1n@z?Q5vC>JAV{tD2)diO&86
zXE&Ns$No(D?ycJ7Kdbl4A@*`xpTfh$m+Mz*VJ^~>)%aF!{Zj~SeOPLt2sUx$lZ8cv
z;Wh;#PZgp*_me>=_)j^1rxBDU@QZbJZT>M=&jtddxnBbgov`vlIO+JjV>rLJ?|U~G
z@QDJluLatHr+m|osYaB%lRvQJPNCQ6z)txid%1$AMZOXZI@dMl@hHpIzzHwxgdim_
zGc}1@_)Y3XwOc_rY$}8CoTcx`b|+!$DTisuS)~Ml`szXZ9U6e_%^fT5SeuUbye$xo
zE8>}|pTA<1uqpnDd_FB+#9gA2k1Utsvrt8^n6(CIO(_>pf0TL)K`VvEr3&$?Q5htP
zVv3`5Q;Sh>NzAx|6aAgJVV}x)%6Vh?z=AT3NA(ERZyqvKJ{5ht7IBxWaXcsy$Yb|#
zOoo2TngxyKz5Xq+$I{}08XlZHCT;ye!K+}8ljKO>t$SXvYii0J+UEEsp`-5P8CbD3
z5RlyOR?xmQM%LEb@JVGma0<9~c)s1=ULMU4I8ISK2_<^Eh2FQ}aJW}>NvO=CL5Q!c
z2$H~e$*q_D3HINC>@lRjJgjyjE$p*<*fCuzRk;6Z@u{?Wk$ArOl3rJ2-z6P&C|k|d
z54!|a)HI1y3N+`iszXe3BlgV>V6V*O1NFM=_quZL<lSuF$%Evz*IfUd{Jt}Rxko|U
zuxHd5(gU=c-CGu&;o>NQh5I?9)?Yr;9MRs~au1f@VTzrje&=5#WYDdvr2R$<vvC#r
z+Kl?Cqv*qdm|wX_JAVk>2SsTS46WL=thL#Ph{CIoiSl1?_shUH)ID3MRCzXE-th9l
z5Zd>!v9YrJii;*_szM6N>5?=w%B{5bjS!<$;8~FH@AXV}{KS_xw$bvi_Rv5UcPl*T
zPIM!LlK`VRwUr*n$vpe1GG$9;B`NaaONeJ#a-KYX4eDWKvf=z-o}=D5y=^k)O)-j*
z{s5V45CZf~s|1kGF$FPpY83y`-^yY4(yP)Fo5b~g56e2;8Dtkme{3&{tC^rt!DK94
z`&xdKHEG9lCS<b3pFhR2Ze#s)f(VgFBdIqnbboRXxpxI2Edy!TrEOgWP(63Q;WT3r
zs!i;Y(niU!@WpanB4@C<w}+F}!6A)l$X4^;OJkwyoCS_#!n|$WSH0gDd*ywHuL#`^
zrf$VVrdJYeT$h!9AMO$k_w<8RL#jQQ*^jm36~a$=uN!#fVHtaYXrP5mY2@X{xN3v^
zaPeIfzGNlI)6+R1My!I%&^l8`xpa%7YeEMu+7<dV7PSiQ#tAii!KF=vXx7QQ!yyxZ
zKEmeqcFrNC;@f%9wvkx3R+G1vUgj)_h#)SoS=8<^4<jB~${+ay&uC5Gc|Hjo%5?|1
zn-bebAV(J~8A4+vnmFScQ^$mo(o-90B+o)Z)@|Bs625A4eR(Qd##Sy{MmAx5cR875
zxX<6Fk;W04^6KE_L57kA0|Ix))JbyN)`QjJK@Z>65>qb`cSMviYComZEZF?vx-mFv
z?zm@owf!z2fpt3wy~#LS;?XrR5(aqLc^-*!UV^Mh8@NwGki!pk*+%*9y+n!V{U4a5
zt%md@=(Uiyd$GM~QfjtqW+;_#ku(${O4g3=%jf&;+Vjqs0m%P8EEX4^TMQ|-D2|<N
zNE=13;;pVo9leb)f(E>=MjzFF`zm-ny9NyTSjG(h8K%0Rq!8w*b~r;+rx%-kzM6*{
zA6sq;(d4iLq-&qFR@K_)#n88I*^HRcoXcVI$45P<;bLSSQfMih9u8FwrG%C3CduEO
z90ApEMjLvk=Iq}a9d}8pp`k?mcbyTPK3o^Se57ZtgAx-X+S1A>V~=a*4>8<#+7z|x
z&kWbP7TiyrHqhB3uJbl(1}aE?mU7k0ro8=67ffSNu~=3Wxh<5Uj71ziC7ca*>sn_J
zrPLN2@4e4RC!95`kIoz+TLe_fABZvs0d@Y#mlxCO*~5tf=`6SEtLN)_28}yMl8LE9
zwz&-a8+NycGC;6xh9=URhF#VqeVovFMrCoERK!)xj2wp%CqcD3;Hq5C2A1-b<C<xy
z=);$r=))lYvSg|UeK;^AL&jU6a{bcx;&iN;FIgZvV~$e%@MEiuDL@kmt^W~1<c{1{
zXon0~q|nC0?F@p6&p?s(n!@Zx;_-jBN~r_QeEMU_lIpNAq)o02VLhJNpvf+!Li3#3
z#t?eDxWi0|3z$pdh)MGbr^kpUgi*<3ibY|DDltm$G!RBj|FN)icbhFAYmW`Y!mqVK
z++hF;mbLje^(vdKLJ!J1$EHi753BP_cTe?<$xAQS))xtU53Mg}BOy1(oZJtJ$9R6*
zN3!+4DHzu~B@6PWtN5v7?az-F=T94ZLqzR&P7{yvdWbuV3Y*_u!sSZt`MtQe#96;6
z4L|tsOa8*hS`DY-;fi?wh)8-qKe@D9`F#rbPf!;?f~vNv$>6RdV7_XW4RfCLiIH7X
zTZ?jQZ5b%h5<=57|71f)<ZPZ{={dJn7jY<D<X{?|V5mXzG+Kk#=lb2C2&NomRnsFT
z<8WQ&!>gax<0wa~<7P{%1G3&_DT&fpZ4Cj7CRjWsoc_cZ4R+%krlY_f$yJvR*T#OQ
z?4^qh+sCFb8);h=?ri?kHw?YD=!F$Cn5O!6R}4vFyoy~o*2XOzXizfsBQ79!2?PYQ
zLx)`+GPu8ZU+nrvQX!hNX%uo7NW>PxN_j&{H?EIxd)UjI?n!Z3BfeUgv)mZY1l?3l
zED)llqS^&U#B?6vU2jWr3XkcWBTVb!-FO0ei<FN-Bq2xLVb?5&)h_B><^TB6(zICH
zd@JcH>qiA74!qVShe9J~?AgUClAGXU(VOre#Z#ut1&TTr<X_=eq)K7TlPKe;Cu|t9
z7%j@w?`Y}U%{1D)kIsC>Pz&8q<O+c0`bjKD|I*cYtovLeSKmb=Yn9{N241S0yEc<N
z!p{?=w;UF<$zRrcW#)~MZq7P#NFtEN+|)So?By!r>LVi$IH&oyg_I^9ZU9H^UeA}Z
z){l7ZY_N<ERi#5eh-~Tw4b%$Z;PQt%39H+z9$}du`Jw1UdkXM$N%k$3gFAr#aHXvu
z^wWJQMmF0{E<2up+V1U3HbvKJopBJha5`Fi_OPooor=<84XYY=G`(!(Aax$B{c&9U
zDus6!xA^N`O@eIfLic;Q#X+7~d|(i__(sSQYDep1vjB{MN_>?gxbTy(8!AVWjQpU`
z*zHf=#+Ckz*Z^R06M7{|?(@b7*RXhqP2x|5k4Qf>!paVMJ2jjfWH}PO9zH-nv*v76
zT~5+P2lF7EUr?nQVVvob-Coq0s{P^1V8)zGHA?`u2w&@2O}!ue*p?hupBc2PXqGsU
zU-DNoQ895vak@|@ESwU_l~kpNMzqn&|5<YYWX=z^)h9yiOF_P??OqRl$?sm8L-a@$
zn~m*jJjJ+?nrV0&n>6?K-^WNVwl*HX<Id`pm?>5(ubq*W^-Y{Dcf!(@apNahjhoL<
z0!}Hj-~xoorcB3XzhhT~D&uOxLz*Lc@52vIY>A&9p{US$TT+-_RydMC!_z?S=N)kB
zZ9u9F?xE$WeX81M{oJQEV^%_#^3-xM);u>;09;F~M3_ZfzC5>ISIv8@#Qu(Z-fTf1
zrOE!DN=nx$G!n#-Et*TsXgbBA6-{3>xGT6M?`0#0@~R6-1*r-GbyJnmLE`>~Y8Tzl
zbB|Gjoy!2_+JKx&N*)}LKwLi(<l`vcT{mcI59NyE##cIo@^L5SRRRr5CD1Q}VxKr;
zbJu$=<dHbdG)j-j=aJ{I)JoktA#SJ%5vQUj;OY}xJyvNf$k5)%&G{{XW$Pkmo#FtR
z0|e5T+qg*%)2Ii5+93fW0dsL~Zu8$vMWfGc+n>paJY&K>m|OtAmrDqEj4v+Snt^yE
zx3Myf8%4CT48;vzGTeSvrNnXJd~{XzF=WGHVX>l{ZA%6qW-tSDc&yMS{of|_Rj9^5
zn>7A!lZsTkIDU*}u9VE3!lM>UjO;09T2EAG6TVxeVajyYMXT)$G@W<C%n=MS()A-)
z0Qet8qSPeb7P)d(Ccww%fFs<>_F&p<y4)t-J4K#ARMIfE1lf%v$`&cqqau`COj^j@
zCC+BZJ;)NB!?DyN#j)r8Km#{Q{6CTM6OY|7K%NL;4FpM);%pCm_V3;Zz7&PbiiPAx
z_pTiN&2aDuHO%kc9#rK!z}uH5rwC_{S^bP>E9IGo>~iDPh@lpVDMBhrg5(8q|KMi+
z4?gGkbrvDbQ%;%!gpaeg{1dH2?ycv|Pn&unx28*v7iT!CtV{d(E{cp7Cu_^Q1Y43p
zH`9pE+sm}j#%+#!kJk9|14(yGld(6aof>#Ze3GnM{k=DAWGC44fS!Bd%y_QG_lTeE
z@ZC}>C=SRdE{&F`7+g<{e)$aDSeNNMWstW>t@8V1V-aaK&38W4@tRx&!S5!sSV-)J
zKL$h7!DMrlN0B>v+vx^J&q_BdcbvSD3;0Kkk3V7%#TexRKsvB~T23Y)IO)0h%BZ=G
z$95L!95}ZD<8{Y4pg9>OGw1sSIgvnrJc!jWsAEgbb!b7R>EYjPZ_H?$F#WZnGTD=b
z<7cenWE{UQQIS8>SYb&!1ujJxmz(tOi=(awf&SxivzJTap)KSTXCBO>JZ6~>cMng^
zSiq;=qvyz=B7w3W_p<!FZ>3v4XEoFKT}*dTVguC^&6er7e|B5O^l3!d+{x|m9_|-x
z(V?s^+Az_K|Nf!)WyX>#9CB)-I7E^;TVGy}8<;d*GO@ID>$M7wh}aY%&6s^Wm1i7_
zAM4ydgbcoIPzDl$Igk*%7er&7BlVnnDD}_d0D&SS_rX0rD+o3@Xl9@}e@pPT7lX|I
zS9|yNeg5>5nQ6)Tbv5s=F}``|?*e=yslP9qN3aP(B(fh^#a1<jFU#;IeC#i~GTcOe
z!L(Y26aHB{>Jucl8x^UW|1eKUjUR4uSZ}wu8qfav27On+)Qt(T2V?nAY89!(V!b&z
zLzOs=6z=R^=rk<};0PnBy?)8}YO_Ue<?aa)a^)TA@6=9qj?yg5+JK~|+~l5taTa8`
zAr^}T(emhY)yJXEg_z57L}R3_4=W<aE6o|FBT8RBDDTCWSHd9UZk~{ewbqvtoXe@|
zC!aZP?-&zu9lYN>5N8^*j9L8?aEx;u?nq|<5-`sfoQQX1Fu7;pq=RtDtZ7TpC5>>z
ziwcuA4V5q(+u_0dlt*958fD2tW6YL6w}8HcXe^PYw`43oX}z?;opfumHeZ^cTGL4C
z40Uiw63aL2&Sl5+^T4dF>g(wEF=NvQ2m;$sHUi3YtFG*PU7633U)GNwEr9}~mu24K
z1vOP!|A#Hl>l#m`5uMYToqgbWoZhSYNun_$DSxN>Va)D{IOM9^?Zxn#=zgvZ@;qfC
z2mgGO{d{xZ@?!JvhMesZo!3iiNVX@qD##60VhgiX9?)sYsQXO)bH~%gesCsI+$6ls
zv{A!-RnOZ1!LC7GrJ&WY$|_8lJLYMsfE45DTmPh|t*Pz|CwZlZe86R~SZ5064C&?Y
z$9;>-qL_u@aMnWo;Zxt<W^Izv!`6mg+7E{HS=fe`gMjOZP_JWTe}g)Mk|}eWT|@7U
z5rjnIO&wo8WT&M^sy_~(0XR=Z01W-Mo;S(%0-#ff`$^l7nj)B8>a@rRTss@y7&2Z;
zk>zMEf`#i2`V}`Ze~<arll|eX>=*CE(o7RdF863pN-n<8445O~1zRE1Jr!)7=d9;I
z423IPpB@zxJSI^*17-pCtjjXtrK1F*<;=L1sY{Gh(lPi)bnt>VVl6$;u#J`gEb<@u
zRf6`Xc{|#PBTQ)QosVkFB4H?YNlD3Qt`Z1Nrig)~cmEW%xV9JA$<6f&I0A)J@$oSw
zV-saaHr|G^Qg0tg-P4e#zBjP9dy8kdA!LE_<LPX^RW|AXU0@i$S&lOBV&Eh}qPE?B
z6lWyvN3%m=yg?)Iv7)VMm)Lmka{6%?lIm3S8xP8`<I*<4A5s}IfU{zy@^*s{uqx3E
zy3i`>7}8{$mZfEs5(mZvf1)V4>f5!Z>0IB&c|AWp+H&XcAp`tLUD_yVcAH6upj9Q&
zF%3Ka`k2yxx>omAZpf?Zz-c(0coh(k6b9hy=`SFCmv1A&MiNC+?fc0t)z{iW5TEfY
zH@OMe<#}7Sm^(1u9J%IZ$kdk%2l3TZgO%$+J?JWkaC2I}R1tRg@Yq<{DTw7^VG$B}
zCkwxyHLN?kE1Pi05L&lym#W`Sjkj=X3wCCX$5ZpKSlXpv=3)%eiA^woy8eM@6AU23
z<w8g0gMA&LQ|Xs3$IFhEoU9R~V8kf%jdcZcX|V}Leic?t&Qx>~OiA<u>bvLW8>7bG
zjHnwHF|3$D<DqTtr=Kyp+VN(sa9#5$(JJMwYNT)b?c#uyqwAsLe3fP=muTm_ETwpg
zvH@1*t*tt5=6A;L#9B%KXw3#oqrWmR3GQbKCfBX^oef`Oe=gKKd{X8i)^hiYE{h**
z=>XV8aVE^VT$kzpCjpqLZ1|YSWqlLEqAa1R*PLcr0tCKB;1fbz2!#TaRCgpnZcaDW
z>Cqeo16`Fy7XeUxTQy%VN0!`AZMEP^50egv0T$&9yjJO2ox_(@P+?d5arXf<3L|;f
zwRK83XdWF1!_<v^SqiuSS0`r7EU8mqjit&Hj%7W@H-OEl86B!Btg)AUq;Y{Cg?sbr
zrq`WrLsod@a*bYh7lA>Xu2?^0B?;CM-L7ce)r8H%5pr02+d5+qoxj;Xa0Zt6yP4-_
zosa0WY|A0Pu_ix_dzEKh8`Z12`}`L~C<e2i_tMj0hubd>a;kO_LshZS{ne|5E?I?7
zmWt(=UzHp;Jg0R4#Zxi&-)qo+BUJB>_KP(HX>pA^^jZ&a_&rR-BS`|tXV=z<q>LBw
z?6+Xq&MtA!wFv3kfiM?*J!aVEACH)S0O@=Aj(9AE%I9mvgQ%O&>C<zcUnVei`A_nm
zr!4K+8X4kfR<z@g#+qB7=LANd*OKo0botb(?WVR3*|KxWjTxQV`GMNcB|iu)Xy#^!
zKL2VjnQeZ$uUsCRohf;a;JZ2Vu&Dz7gkBO$mKy61XD0=~`O?VIChyV@fiZYd)c-r&
zaQFl7L!z_%8`hKW7uQ3H8K57n8jC*U1^oyQl@(y>x-ag}zm5#*AtZ3bYfN3OS|Y!F
zj2z#+np!J!UfQe68aiSen}MpehP3_6F}Ac2lO8d>X8ma+e<J1ZMYEh}E>iO`W#T;|
za7XnBORDy~6m0V+#2yEHK`Hb5Mh6J`YUxKCifNKEBnj4(ew;S=N$igiZyKi*55DB2
z?h7Xjhy6DpRl0(*QAO=x-oIF0)POL$KO*mG9uYNvE!Rjxq_=bWO(Ee-L97c?CDA2R
z&-tzMj~c%&i9uG*1}|A3QPv_rL=1Wo5*G;r>hVsl`=g7ToE%1VD8I0`VFQXaY1c*L
z4|uFUj7fru-_Y#u;|0U9(u6JhtQzcV5O!OpFR7o8ENe5Wo($9bSi}b(zv2DAgt5r(
zMmT(e1dTStFdFW5Md!P;Th5K7H_u}G&h7kI#mh&F${#9H0k4Dm<(+=#wUb6w2>q|9
zUmZi*o$9vsE@zCP#%zqn@K0nQ@EHZ*iAKGMNOd*mSvTr2_Wp#oNCoD<^F4kcK@xz^
z+A^QTp$U<}pr%6$Dx8)ffth-FZ>%kqq)Kt+PKl4X_qr%DPn(`bUg;a$%>ZZ=<3u81
zfc5(=$#RkxHi58KTJ4o2BIFO@0?)69`Qplvl&y}{o)Z8c$KrLr;<|{2SvyAe{d}MV
zo?dVLOy8eH6oa0qBOZQr6(sstQd114K`eWPZd#5&Hc$;aqnf7TJ$(;(|H&2fhR|#E
z0S3>#Iw1ugf`+YcCNp5s3p$)?_-d`<gtsY7IhKv9C(z5X5}y?M$)Yff@(L(v#x#8|
zhD6K@7j!;<>XU?M(|LZ+kUXF#YdTB^Z6<wZ$)5Me3pG2g$dBz#Rw5jaH7iJCEhVSD
z+$^0tk})waH&db1p7ah9#qg>Hz3^%(435L|fmn$Fc9B`a_$)DXcN5CU+5kp=u1t52
zIXWl*2_NW>8T8<{w#r32Mi=8xY^=RyRV`_<Yqa0c`5SVvC<0WRPxT4aeerCxCW!yS
zKnQveuT3HYM1A~-Sq5NZ6;g>c)$n(u(n;ff%T!fS3g01NaM9zw2BZM-p7p?YckH4*
zSwbiJW}J}5;3y*N&T9uFAQf;tQ?^Ex!q1Wt;CQ!#|LK{{+QBYodwi*wCy<HIE9wnm
zNzA<^uG*s?k;AY)pw&zCXAO&NrMFvP8f$S840FwWBhP1d8yme-P8Yd#54DRP6eVUC
z4a-))u0$@{ljV<qqNgt1I%5fD;4aQBw%4b)?b)r}Lv4>B(4SC9S2~&Ic+5ZsMKndN
zPOOMU1zo)yJUh1Z+8D-OeF6IQ2sR8Ua-5q}<B9n6*v^R>e!bm%R#-pu0XA$RQJBKE
z5W*}riCygs`#t!gbvG>{J_U{-^D{_nOVJ<P0$vCZQ62+_%iG?Gv=%{UsTM&K9HGCc
zgw>z1&(=u;f7hK${DA@#peOwhxP5Se3TX2{QFxF=eTQ{@%3i^zi1Qe?tK8Prl{tn1
z4~2+_pICLGocP&K6E>+vfp!;<4KJEj_2)wXe_<ceLj>bu)Ms#+<rgET8@-o39KiEn
z?`Mbd2D?#`G)8pMaEf>8TMTJxQ6^)<;v1kU-_y!BF5{n8#3R_DYWF{9Ws}6`lvDBa
zXGBz3&sp_lU-Qc=(zq~fzB7}xsb5iF5N#t97;}2yi7eA1*%=+d`bp|k^3Gg{%!*yV
z#7XNt^&du6;gmuGI~AC*P&JuKlG?_y95#wlqA9c4u4?9e1wDyyozmG}_E_q0u&<Ps
zS)A}bH#ZRiQ99{T6v3pY7wkuGR_Z2Ok>uQoddg^q(T%mI8xD@6AA9ZwPtciwRSC)8
zoNWl`iFOAjo`MC7ngWA;a25Fga-4J~AWR($`}7V@*GNot+B3utBjt6o{rUvGl<ofd
zpv|WC`Wu0p)RQuJPU^3`_vW6qFf)VyMa{7jk92kS6c1fO)6E)M*|Stk^GAu#pz5*b
z`F)GWR#2{Lp;nD~&Sgm=PM&Sl<?(Y0byc%v5c^37kfI07#1aGl%XIgn60lRW`zM2j
z(4|s<zV;)H8H*Dk^_|w?!p0+-35s2Ap{K1g^~;pny<NPjWoh42m9CFoz+6^gk#*no
z$i7v;I{*QNto=tIXwVlZvV%Z~$*kFL{2L7AYo5+#aTgA$7?~1nkgjitwpQzQ?3_mO
zj?ygxA%MyJsvJdpu)+fswMBZcamfeQeOSTZ`7fI}Pxr#XD>OVGT1)7}`Kc32?FML2
zzuM*BaR=w03~;NeAhz8dG`b*oxFkS`APGDL#_24ph5ZRw2l-n;U1K--@%r=o^3pX+
zmn0ja7gY@e7u$U|(6mvBjeC}l2iRmKTm2cnu#>*RJQfFuFzT`_ad-q&<9)Q5KoqP9
zCCW5uU8_+No=O(>sM3QVG^4^cR$j_<@!zBVOSY2tX7D3opGS{uf2JLr%;!lu=xF(7
z`egrd%RaKn9G5LMuN1GU6L1hU^Ys#o*+@X%Pz_uPru@SyAkN~;L@wwtDRDA=bWJgN
zIr303B@Nw>qM9n?B%xv6nkoavjWyX@`s7!gC2p`4NZHFS8j~fo*>99>!m_y;l|A6^
zNnPjhn0ju?gjD3A;h52+DCBe%fVYHAsX_p?pM#+Y9xv^G%J(y?;fD(99~N2S$4djS
z>a;ZAN>UWCG)hUN9>zG?j`5lF8|?a`Dq_j8(mP&Z-AYpbH1<}wijuYnEe<aE=uawX
z(5(lAjG=X9ofV1EXS9;(N%t}N#?JaV&=Yyw<>O|u9i;uga{{?E(CRUS{+g?SZc<6G
z5MnXGw?%_8iefO*fRZ#yub6jmC~NH3=wf=~7U?HpQqUX!%+&x7siZ9eih)TaS4;-A
zcW8r4W@uLBd3~{3MBE}FPWhIt^9sdNKD0Sjw{ob4hjoe0pFE6;vTtpOcUM04_+?z<
zpoR`zPYEm;ZKa^bfSIptw2|w=G!vu@$}DjC{eOUgOxc0WV-q*IZJgLPpG$EHtIcJb
zp>^imaRj277NIZw`q6S(s?ICU0c9#|{&rPO>Tem35e(fy&vC4SF3FM*x3OpAav9Ok
zRZI<dQ~6*(t=sZg$*x=TRnk?oaD5J~jOY-lDC2%CmZ&n!nBr<0SS~Pv<CP)(1?FEp
zQ#PsuI8_<RcQ^!82?{g{o6fbB_Ew%)CTtG=^aaOhtBlW~3puqTz638jC<V7;`)}z@
z-~?(DYoF`9IsR&D4E1qJ@Z#FT=wJa^AvJ%6QS!)+X}?v}SW;z4149ww=o}f;(DS-U
zu(1?r0Ll~mJEZfg(g_sA?@Vj(UuOVm*zYpv%YKZWqA-?%p0lcwuBCHC%Ts=ObX!il
z`O@Hy=jl)wcq#4Q&V-H?8&%_U+h))8I7KAYGG-&*{OBld4qOV#j9V%``5PQi`!bW}
zrRq$Y*%XtjCb~bP8zsZ08bS^XD$VY%sj7ywWNPeMlhJ;e`By~7q9x%-RhHERqJ(iB
z2&EX|-LE_?Eyx3nz!v>;4fD1TdHD}5hdoNhCi9lH%P&bfx2`>jtCogNe*uYG#qg*w
z{}f#RQ7o<Ls8rBkO<~Pi7@P{UB3T!Pa*HH8M1dzT<zwjdy8Hf1{3Oushe5kfJ&=uE
z5Yy(R(1Bn2WmKvZPC1ad*rD)dY5p)O?L*f2M)ZO2U?-*Yp425N1Z2et!=r&dIAs0I
z%HK>aL`M@3+#NP?ZgY;~ppqhKs#3U#Dn~0+prF!vlUhR|>O1<jiW5X%;C~flEP}iH
zCspSAC&E6W%z`$QZy<a<=g_IFwyZL54$q2|H+ggp)5SPvi|WYl-55{Y{GK*qS4tZQ
z#9DZN{0ib11XVP9fp?u!biwpnmGu8f4~fE7K)6$P2ou6$gZ_wVi_|F;lq>MrDTWlo
z(T>rW6cwaGfPCG?1aKDhD5zH(N8O>gZ8)c}?e{Jy$15nfC2+0LZq8F{c|iTXaFOfg
z2|4rPLa6${bN-vUfH=-Wk;t{n*8mLL4Nl~*NA;?I3ki!WyMr6x)p`uU#I%1T+$QhA
zbcrSJkJJ@LS`@>ce~3{skcyLT@5|@}g1P=_m!oh}hGu`#|EOOnuhJv-I9h4gx*f9W
z1eNC*9zN8}J@&!pt+cj5h35N51^uJbIy3e^5??Ez{v#fe+_au25#(;=^N!u5DDf{R
zSS|#u#47P+@lao4sjMewqHp0Vk}wSpYG-E`()4n52c6Fm0mEMu|4CdnjD$*pj))2t
zE_pa5W$-Uj211(R2j{2GtShp`a)F}6Y<;S09IKc&0_`1>4Zjh@B)6)Tq__S`_~$RC
z+V4JYRe7;7>{L-l7YpXqDT$hEX7diA#?G25?M15;|1QyERmc5DYWO)I>Zjpc<WCT-
zS(k$*8v@t3jkPBR=dG5)r^*yKdoK$$It)_$*c~>YaK2X8&y4?(uHum{+$Q+haYGUW
zf*-ydD&eBK(}7jALQ0hIakM2Lzx#E;&wF*_{!2s}REPV6DC_?pWk=+u$00pAANmRc
z1dh`IgQB+Q?kP2P!nFJDmnwozS@u(NXULb|-4E`ZJ(x3DdnHM0J$ih)w~c*?x0Y8f
ze~;E?1tH_tilBfROY9hxVAKINSrk=BF(sh-zP+f1(p7Vpz2exv*7D!M>LIYyaze1w
z0%>uyj6zGe&)Q3QmN%xDzy!x>4<9b8rOkbHweQ#ZOf4!E>u2TMbkSOVmAP1GPlbnt
z$KwO+djz{rEb5|IXTGH1Z|X57{+=?l4$`L3ZW(0cq7BV2^pIjSSfZz;G2j>)Q6y3|
zFKP#nS*VQ}Fkhnn1swIkC353+L~=24duYc`_3weV?~LCv3-3Fxjjp8{XGq)?cb>0E
z4I;I5K21&414Q(9qBWnS?WQ88(SKIF`<fD>)%8mowtc0WwmvWcMen9wwec@Y{(Azi
z)@TS8r=_8iL?0xogh7$5^irRyhPqK)I8|)XbbkwXV_Y$a@ETHFXw9($hRU++;1KN6
zSL9Wi#U8D$=Q04@I(7@0<K)@gQ<<&<#h(o+C4-`7m<NKK{Bwb_Qn0PIE`}TzXK61C
z$wph5T*mK41fbJzwXw`={ZBj}ou0Q|R#pkeWaJd%5l$Yc<MyM!il|d#pGo-{3NKjt
zdH+or>Q*R>3%7p`0lZ_LVE9jN<lQ{n)f1{r^`EA8UE4h$f7{h9bfv*QwsW(+FWl)q
zS<Z><P&PIDE=@s8j{ZKGr43$6*Qk)@o!JojeGuNP<SU3H+jL@!USMa7&Jxl#7He*L
zqbENt>F;R_!Hgn=EeNBBb6)oT^X!!h2fJ`hqcH?<l~Z)#-hhsP>d8CSY1bdfiM)}w
zqK5dln3ET3h~)kD#U!|$q+)*+s#y4-FVk_}4n}k-X<$V#7DbM!E?6_GIwH*flovu6
zA7~2E9s71<meA<=q&F*gC_gXElXqxK(Sa*l^UE`%#OzJinM;kM1K_x4z-$0C(4EhG
zpnHDI+z@@ofpeDG)h6Mo<pCOW)#yjLm`gDKH3suO?OVjtuHHq;V$*0}&f-hm!n2uj
z5)nt$eaN@Sh`hzNm#e$Hwj(P>BD%&Oqr>KiE1D!?6k=Hl>8#!+;WW{v;wUBO+OcBE
zTd^+O6aiOpug4-#8Nl~2^hEG5G>I&nx3-}~P7qz`Od;CC@^!bM`<Z4xy=7WsMaOK@
z%|nC5+}wNk?z_FZAC9Lyij}yh76z!Z8<eC{!Y%C@*26F&RM10J!lE^I<HTeWQYpmU
zf%&;OLJdog^EDdFQ`$>4@!w}r@iB}%5ipEQA^|Sx#KNx7hK6HmCzW<}<ed8L*rpUX
z>G@1kjb>#oCm~JT%-uFNznT>xF3!c1*-=2l`ey80@A_+fXeS2ZS7Q_*izpqc_pJ*w
zBk@XYP*nSoS)a2v_o&qKa6PS=A04#fX#cG89IaGo1ZG$s?9MnT-c)xNXH#r~gPs(i
z{@N&tJ=KM2bA5qE|MCyxK5q95T$uL@i1?(|BP3HpAjp%BTXZ@~Sh!Br@wz#Ouf!>F
zkie3OO@xmRcuAmXB{goCcB5G?N`1!u`CEIkSF%R2b$^APld(1puHwSGHy7oUQh(1;
zi<#!nawgx<Q;t9cPXJ3nGZH)u4+2E#0;NP(wTorddndKvoMbV{UuR>zOVLH{9p~K2
zXHu*84CD1frBrWyYPsnF$k$+J&rbhm&^kYh_=rN9`>=k8ru&7+uw=dx*3@1DhQG{h
z=o=&=YCKCm_8~xJbl`(MB##7tB#^^lPdYSPaA*!l-WVQ8fd~34O>vDbhj20+fn4t_
zyt6Vgkn0Vr^FP-+E2SHDg*S5?qqdY;5uD<lOt5B`X7Ca=LXtvCHyS)akf#`5ZU5gP
z)U-u!x?@Lg0(l4~hS|cLCx{GrabK^wez7^$WSBqE=C9<l*(z`L`2+T&%nFD@j%2#R
zzO8F&WuQ?|pqTG9=!w00Sqjv4lkapWCb@)PDSCEMY+(njh+%ROi#+#U7vtQBUL(V+
z(^TawQI_&qqzn(2oPnQJu?(;6wvhGk8~4L%(0N9nq|7c<OcGq5O(TK>c82JsonArf
zMGuorO*w!(v((spPvTmLK+s*V1-0h4#K66)!rT4LMmyaRp*W)1cF}k|4i}MMnum3i
z^)_soyNj~3fkt{8&Sxz3Hf>zX=lj>$lKLNJ?%Ud3kTBiu2G-+4;;>CT=mD!iv#e>3
zcw3`&6%!$Mi-hbSr;A|H?Vqkk5HprS=;%ur+i?Nh-ERkNb^B=1{Gov{^xUn1OKq_p
z#P;Z&mIe>sK-Zq|&(6j!CDo<PJvqz5cT^9jX=GqTGT~9575rLGswh9@#@}5u1xAkF
z9q0d;Y_))5vaDY8{B}ZC?{{A#%OgazhgQ>GfwIh>YF`5f_w!p3jGXfl>r0RKT3qeW
zmoJOJ`CNaPeJk!#?l`%k#^|hk-!f}X_ex5Uf4+6@Pz!pa2lbB<Jg2=?F(o_VUfOm`
zeKABTwQVd4wQZZfKeKv*Yh+M=LS`?jii{kJDz(!dR|l!Us2<cq;a7JDVZ5IDeq(!7
zx^r`KHQ#rQJak5U%$212s6d^tV!O>58;=6}x78iJ$oNUg1Y*69nAf6jB+T`_nHhys
z(L~;F35P6xxB}YVI(gcFnyr<?=I>TGWFh`|ks5F1rusM7!gwR|g{Cx{T~vsLi}4ks
z6R7EIf@rO7eEr&Cgb)i%y<XicOxsDebMstN-*-VvcYv(SSYU(8w?4tClc}Q*O*vFA
zjd5s22hK!THIVqLz2lK&ESOy<9hR(^e^Ay;<VGkY+#NhO@se?NAq*z_rfL#NE6t35
zD29-*d-Nhne{HqG0|HL`@xK~s5hsI(J9dKyP=qgAxDL(mVIw4C0n?`DBgB{&fOs?g
zQ%f_0BpY$ircER!tWXS}V__-y^lu==K<}*8?;9l^^4b*X``{YxmYGuo#bT^=ZB^__
zmJ*zSbI}JK&ltbnn^!7#7>L;+uW`OS>Bk@-+J!?ArAMtf<WO$xKGlZg9p4yV8Ij{~
zjYi#9D<a=SK3D)Dsd8bz2uGa|toL_Tsz#|j+2wSmV<h_sq!zdwf?=3k47Qyv$90}T
zSA+@8Xz}zP-$JE>;ww|P1w^-rfZKi|ARZ}Em|-NPw#^>hP+EJMp+H{pHV1Uy-TS!b
zRN8XdImDw4BJBUQ4)qAkZ)DIxU-|f?_6bbAeE<|=zVH&wn~d=UO>|b#3xtE+UOxv+
z`3v>=oY+3Oyj&b<HGXOzVB{OHNWbaby{o*x8;WVdli2Qq->!F5_)cVhD)c#rU^~7J
zk@h#Ji)K~`(i7><f-kd!amYJQ1xA$llkD0gtRby@)H55K*M)XFb^8w=*l+(^5MW|(
z*i(5$NBtYLBICoU*xM-QNsAR8i8cWaWU}@yLb1BFN-AFgmeXB_J)6w|G_x74`BZJ>
zy=~IbLZJn>;h1ps4r^MifInp{IqwV)`L<bqd0Fr&(<Zb`6k(0L%jSma{}_&fp{<uH
zIgIuN49f73={4w82q^azmJ@3sA)=zSz>U3S*#%vA>bd7pdv5aN=FqU7ar*px-}m|5
z44O}hw+qlU+Lii2sWY*?ePQ1e9%cg;{Mso}3l*ID3#b@R_zmO{-=zS<7iSM%k0N8f
z-&(4NA64=Z2VC{9*TeE;nM8N7VN@{#X_K?EO$?3=DT<Q|OM%}RV)Nfy9o_{m=>2W4
z$!7gEzJSql)G4&NZ;_nHx4StV`)!!3zBXA&R%pnTs;p7YYE`N-<kLFDkn*s4K`nOr
ziOqx_yh17A8Q0gA%#`4njsJ?;;w}X%-H@K-a`)(FFKay4RM=Nn6Y>_1>0zAm;^RRz
zTdfeDQwV^&N;S=MfyV%4QNi{p<}r~B|EYjg-62qH*7hjH@2Sw7U|eNgL0f-)fiuLu
zX9hb<)GVxY3LB-Os-~n_T=V;v)KQ1-H6;7X|8+uDGTP7Iz$U+}6Wbo~$X*aRp6xI9
zk$oRf;QxlDl90A=G&&ZRSs}1#^cBA=1@-~>yH-3QJpgIN3$HmNy<5bSAHFHxSTVP}
zeT=@tD$9G@P(!V;Us3aS_8B$BAY44LDzYlMsjAe8Y-|mL`vStS&HuV}RvNmkKK0u`
zBck?MO|jq$xAUyndy#XU>g%ewr;wBMNc;3HItos`i1U{Y$;SGw_zwUu10sGW#0hA~
zI}hBbr3!>+ZTgRWDX^x0*F`2oVu|!*9nRYs_1##7Rxu{u6k_1&B`14ZQcaq4;PAu8
z>f&{LF0wZmy{|$QNaoia^+^F83My!;-&A^Y{WMt|c1fc4Q}abqDZBB6_!E*}Y`_cz
zPxQAHet^n4D0t#+fPo`qs})cG`vKVLLroJ}jqh$Ng!djC&APkbW~vsKOV4(@Z7epd
z^d+K2ppg`+kS8B1cD?u9J`cG5mn47{y%O|ehJWq8iyPL9qoWS>@#(1?Wb?Bf?p2=b
zU16CNyP~fhKVe!Q*F8>No#HlZFmeVcBkXs%l}u45o2Sbt>89khGx@nU&w7yOWUmH(
z|JOY!4SLcT@Xa_5%){;{ItjU|Y(jlDcL_PQeDXWR(w{9q>6MGlr`{CG`@do$wn!c}
z8%Pg3n@BF)#C-YiriO{9v@+1B4C@R2gzAX$HO4*0huf*O(=`Gh>2b};j8ZFi)xx;F
zNPm`IST=8QMJA%bysOkLl3?A%OMfTuA-HlaB{=R6OJ+QUD(#T&jyQ?c;=@3ln;1&M
zQQ~4fk<SJ2FdE7<<Ym>%TBQH=a(-4Qh5y@coAsnGQ5srKqK1foYS`YH^yV7xtl5@C
z);v;89N=|-aGK(<#*at6Nius#IF+3+d3qYTCTi|uZStMd3{WOeH@`&@?_v9Gnb-Qq
zcQX0m^d+KJ6PjfpW7_JX<^9#@*gKlV_y3QotB$Io>-vZw0s_(@rF3_9cXxwyOE-f`
zN=Y|JcQ;6PcV0reyW_%lAAKL6_5E?zoHc9iIy3w1v-7w2>3VkCju$#Xc#^SH0IUNa
zT$??7J+CMQ3N;ku*mla7-}b;=HP~D6f{@AXZ!-8vt|Ifdd5ZzClX>^DQzi%2#XbZW
zRlizBB=FPXdA)e--eA>j9+c4aI`sas=J~wysp7@6b#_|~c6&<`h@?8m1Kjw4H}Z_X
zl(jPKeq4oE@w1d&uHUr$*{;RIInTSnYn7<gdq&RnG;vq}iEwmnbu?q7c!R<+@WD#2
z#hVMndp+h^;|7HOgnFBL{<Jq|F!nSrn(?%&6W@m7TkD}DMGYgNC1;^xjd=k6VOT&a
z{X1`AKO0IgU;q8DHqQ>|R!ZBjE*OPmMCeG-XSN~H@-fcb#sLCLthXSEl5(<Au=vE$
zR^a*!qOzRC6cIiB+<5c`$ZDYDcSRTA@VR!AlNjfDHFW4%U-t<XJE2`;NM<k;pChgr
z{WImrC4KHXelDjBW|WpxL;a^*g8Al#c1vX9KXsRM^zz9sTg8(_EWS7Nn11vWxn1{R
z(q4QW(kv|7!b)}~M$oPgb%fl3%0$HGa5$G@MBg34R9pX1B;COyRYfQ67MNq_%>A(5
zA#Rgum!kZqg30<_s`BTxSOk2@LPd{W%{ayB8W@W~iyg`HEWw;^m}*^if)|f4(D|x=
zsXzklpiF(rrc5pT)mb{|XXr`{KJoVuD$KP|ul;+KD9>dz<6*cprUQiME==U`ub??H
zd@N;);<ctY;L!)~XPM^ay936N?a1b<pvZ?hBa*%I!KPGMpa8u~3j=kG9Dl#Nek2R(
zw~9mdtET*f;3P<l@;OwyUso*{lS;fso`rOZTg)R+O6Zb?&f1;|lcyr#<u6{C|J96g
zwhxH3&-IJEMnda*fqwD!!^w~PpDVU?5<;WExYoMm1Bwnuothnz3gcAnqE5x-e8K4A
zLFWMM8a77tT#K#ai{CDj<BL>XKdNEa7i!+g2!qN=Syh|i0zaM&=($Av`_Xo&W!#Z%
zC=Jzk|M~>$&=Q!D<(c15Ak)I4tDT{?IZ<c0gp9ECEi&2<wGuXTh?W3NEeg7MEP*bE
zYv$<2f%P+$e_$WDo!qX&hAeOT>s6@4vg-Xu_OdO88ASr5X}YDz4`MNMRDJK*1Ghkb
z?XLbe1b6JMf!;ij5Erg|tbLI0&4FODg|ny+=4DrwCEBSxeKNx$&-n9}!ja~1q4oH&
zW6DYo3*eRD<|EXVH+lEN$tWXmzCMp>CMhMJjU|{fOWY-tgbDR9m_H07^%H@OD)_Ac
zM@pm-my^yC_YcmS7+hLT6u^k-Aryo#`kR~Mh7CKowi%OPoo5luJqFJ4)m)U{59SDZ
zs41xy#l~_DeWFGaNb2CW{u}ZX1<WEw@eD-F2_O;2Ve<VFkv6X-RfJN30Tiq2$4es`
z8cfvJy!XMGwA&|hkz>!CgL+&+<4s3H<@Zb)`4m`f6Mg~9YaEy&2=$n*zbQve)!u1G
zYpDFXKgWYkTASVb2adRE3{Ny>W-wds(v_V64Kr|07ic>9hjPF_MXnh5Nvy4bvfPlE
zKb35(l!PuXtrDS*^QtJWn+vRLC3*g7`yFzWp<dL^b$$$fCV(mdGiwsGD)we)Nj(PX
zx5t?J(z=Rnb0gJ{{2hl}q*gqur9M@bKcopTsf1~GQo(t$%KOKEp81>CLEYg@w(&*+
z<Xj;k!O^6G0c7xTmuH*DVxzTpL5#TyaW2nZjoNAw)p+vGOZi==_CW4qocMS6Aq~wu
zpw=SrmX^c(o0O{hypO|NWr(y$C~cs`U&FS!Yrkc*G)V>Pk}y9Wykr-;4@GV#K2;of
z@W&pdC{q|Jaf~e(4a~7eR%n?nA>dzF#QX5K5_s}u?~x$fDn<fP60B$r4$a>qJ-<%K
zzD2b!^1+`mSw)<1QJR`I8k966pj&VppJ0k&nL+oZ#^Dcof$2}A1cUh<wEu?{q7V+-
z38^c-2O$KGpRv(&z*50We4)shFhGrEl2Y18_|~L|Yn+>a0KBF>{x6uI`YYILfUUa)
z;<gtUW;JklpONEDc)aE^+Ljp!Ou_tE)g~KFF;6j7zltla@?eHJ8sAM+vYP~b`pF`l
zLhsy@V)$do_)92WC>ei}bOjicCG`()elO2Ici;m(h<|j+I*{eW!lES)v!RUR4+sPH
zteV=Ujf3Y1h;3ot+PP)_vS#<o2;>-DkswH}F9MEypRo&@2=_!`wRN{uTg6tJ;jmhO
zuyrHzW#;pJBm;q&1x|-^=kV}cMtIYwJUtFhZfarsch(jxJHyN4_+ly`<s~=r{Ps1x
zsl!38RW6gtn6ES&{UQ(600Cz{$`oTmC~P}hg$c_(fqxdxW?i)0@4&|vo@SMl;Q%?j
z6nk+_Sxy0JM}x)S?CV%e-OO!Du^bm6F@#(E3KR6d5mkq9k_FPa?>2$2LN<~^qDM}9
z_=;QTl4dSGm*duMCoMGAY<e=^kMV&}+6cO;hJqhLfm2*Nn&v+lL!Lm>1kxX+KaI}z
z<#K%;(Ur}f`|KF%AC~PQVABO6!2Ke_JiZut`I}^DtR%ToHny1RHUegeBx>1IiR?j5
zROr12TztrXL6{W>ldMfV<_SnX@h6KCIo|#9v(t0e&FJS4y%F3V@A1}m`=Nlm7XKpd
z7L{r1GNMH#dFvX+ag#wWYr+X!)c}*ZEnqlfaqA;y67?NaB>qRn3>wZ*epbsS{ef3Y
z?JzCL_m(bc<w@1$3pKfzwwfH1sUIHXfxj|1>y-qXbXg`I5+s|5gszs2imjj(&uL)Q
z2hF16;CvVY+#(^(1_V;P-C$W#$42<gEP<~MgyBmN$zJFc#K~le^M9tKLswPod7F11
zPb2*9%71m-Q18DPm{}#TAu}LCW-zxvcgf6LB{<w0XSy(ScTKUoUnX5XPBF1FT5bjo
z2B#a~!nYHR8ou<sned0=Zg+0q2XawrLJcn`#_dY&d-Kdrj4rrrLPuvOAAds0&~`D<
z1Y+CKRQ_2WeLu2zn0U=-zwSxuJVht=LTtkTr83o`=lpf*AxS6Jy&YK1kAEY<;qDz#
zn$gyhv=GDOtWz|^^mZL?%(aA};$yb@=(OFlR{GOj+#WN);%{(0>U<;XJI`BolTxZM
z|BJF8R-koU>B(INdKh0kr!b0lv)5gmk1>3%Bs@WkT_V_>Pl&9SNl2Ru>%_z~*$O@8
z#BS8FS58n4*(U+_c}RP7rEDvxFMNeFq58&ZwZ?aGWV5yO+0=En8tzJq&)sfcZ`eBW
zM?L797(6Y2MTQ*$xnhx3XvV^HXO$T0s<Vo)4p@oC5lb@2$&J|QOGcBaX+6-mplj0p
z2SnK&K@E+z4i*#nx^&e;&|a{baw<#gi5MzIVok}GS(1l5dT6-H7qV%Yj)EeSNAoj?
zh47vf)oQ3>VnyBdPjFovv6zky*koDsTa2DU7z%UDkt9d8z5l++ESI9HoL+^-B2}?!
zVN^@@mzkKgC2Xb2GV377h@BW&Rh>YF6%C(EslkWuh7^jVuW+0}S3aHOX6{viWjvQk
z$eycH5w8yuw012u=^Y@)qcjI?MWK$7bROH&ME+UQ<{)4z3Ic%l5hT=tptU+*cYaeA
zHAR0jO!I{`Dxn4qc8nTm!v4G!^;gZ0AFD_ZCh3b1Ld4SGF$5!W$nWiNM3p!UpN#88
z(KP}uCl2ZVn-x1Dl03*7<n*O-OC0C$Q{Bt2;SEt09eMSbOuvB$Ssja?`CeH=>d*Ix
zCszpzir6FT64x}UblVnq`HPfK#6aF{W$-4Ct0`!o<J#`V_PU10Hz;AJK-$VA%8CJ(
z#|ha#e_#&6#4SQ0jDGf$LO|sBPqRsJb&g!(b&f#xJt><~1MdB@179Jw1QRlt%SYKW
z`{}1O%4^#u@lOAPBxhjhS9DsOdTj_nQ1D>L#=veF0sBTN4cCfgZ*yBse&t&0Iu-5C
zo3^UgA()bq8XrY9N0anPcVvyY%n^pTru<T4IKXX=RElX)%JzE90Ve9?lKW|)q_XU#
z8{k8zA+G=4iigv2^b*f;6!KPwj7p=p_j+%59!mhi>7ddQ1K@%<<#ff1tbVHxz|F%E
zH%`k;DVaWQFDM*v!MRt=9*ciHVCiY6NgA+~vW89AMOPnZ|C^B1_3h^)tUo3m!7ZgD
z`Fc7E+`mi~1e*Kn5#UvGhl`@6MK8Yu6;LY2Ug#1JBb1DkC`#XP_)*a+{!i%vkb3gN
zz1ON!)~{6|JGF90^t09Nx**X4$55L~2ay#uX3Bc|Y!Fu}dibSbC%bymucLP1>EMUg
z#r2aQ1f@SBG0O10RdVNwyx_d0le!Xm<HSnDhXM;v?2keXzZ#3U#=zGIh&+EO5!J%o
z386&iKa{uzxRvH{-Qetf!<3YT)!ZX&^~<+3Q<dEo^=9*uM-uoX9y5+f<&z(h(&0<i
z-?XLT5H^&4gPe>6K{$CpsXOFVd}Bc>;H;dE3>!e(x@QrpvDBwji~j)~!#Yr5g7Gk9
zoKx}bKmBy(m%T1qp1BU$Kz%RK)l%0&0isfn2-3~EPr}#59^D6mAY1k1yt*hsD;=~%
z@2D788#Z!J=OfN1?uQfes}i#~&qct7JC}{3iKk5p?s%u$*{dn3O`kKzHS4lbDr^9k
zAb8o~LpRe)kKJ)y`?Hna+GZIdY@J^Aj6^ptk)e3u`Axx<G=KDtk*5*N9T&g|$es->
z4(Bd^uCq~tO3BQp($0CRlqJjhDk`zN*TPKwbRB<%LqWq%ME7R-=oxaJT8_z84|ph5
z`C`E(6sb>7DEIs0j^1!RK?ejF`#Qfukh4XSIJFac4Fl_S{)^9yJ+v|^WJ=V<7!!G)
zO*4Hc{JCgUw6LgO+;inr2;%r-0sjjdIW&;Gl`nt)7UH7!t)atquJO3v+{_6)Ii48B
zlTTVm`{97<l9MZSFb|mtbW$c>6`h3T*||Q04b0-rJh9Kfkv9VM&sIg4S4U*@jxWJ7
zuV~4T+h%cIHI~NW{9Y|wn0U1Oidar0$&jmShJj*M2^TV|$#Ou6SPEVYvsc%ogtYe3
z`bb$*`pv(|#BiMMD75^!?`T1<LX5wMD6a>v!fp)3>qT6#vxhrhYmgDuyqxoy6^FHP
zJhkaySqX+(5y1YZ&VAaZZBJ);gx|Hzcj<8Mswq|usMZ7R-G}yq`mEPeeQAP*$^(gf
z!s1rd0i{0~7j<MBD-}(plvfzF!p*Ow;Ug~3m5HgvB1q8@)QXCnbV>bV1&86(r~k7q
zXxuPr_t-FMA+}<PcUBhrWi$Ey<ncH+D5uv=U@?3?{H;_o^Lw9D*9HZLk)~4P-Fg{K
z)_1;|O!*@9m?MASSbCj6mKNgOAv19@9gZ5T60G!O(WEPtO6-m(aVk|-5i|#rR-0aD
zmeyaZ&?F(kg1sfsf*s;!>B(b^1Tx5LN!wZ&y=`FhxDGn>xHzdepLtiqdEN#ROW(e>
z!MQ<x=D7E=#oF*ydpg+}(RV%gG*#(*Ln=eb`f|vG1V|U`M)1~2qW$e+YID=Z)P5hE
ze95fkRrMvgf+mY9MshorSXf!Dh}JTz%vUDJwCX=yFj+_vlRNi)0AlV{UH+1Vl0h->
z-hGWiyHKp?=DHme`4ig#>T|P*P0VRoQ$dv5CF`2`OA2XD{K48BM9)ejqA|bsz=w3*
zdF&tcGh4qY@<9Xw>V9MN9!2CIQ1>DW_B6~DL>=!i6_zM!M@xsW+J5xZ5ByOfj``Q-
zWb)5e%AFf82z+I!x53_7-uAkM@(%Z7mN**(yhtu^`Q*{I5O*$Q8~M@Ecj^mlI_k|k
zeeXS6*!16y3SgyO(H`?kHMK4DwM^Ug&5<=bT5-aTWufrRcZ%Hg5@kviPO+L%8Pd>i
zAJWlBO_iiu1aG;Z)U*C$1msV#1($fz(-3in&!`lFch($({NnJDXlJnD!O6h+Sy5~}
zco=l(D$vu;Jr>-DJ6e=kKjZO7diMbB+zR*QKQ5-*m}CY-BjA@r<JY52zWj*ZNjCn*
zD#1Ji6CJi8tRB4$`^&uDQ|>PxbTdWh$LNcc|KlAPlkc;2VMmUXJs&`NP?=u{@z+$9
zRuiCWhT@+2eZY?aSuy>Q(`<%x<N>vbtUr26a=Sg0Xks<OfcM&Dst=E3VqBv#A&AOG
z#Fpuu+W$ErCZQ2nkZD38(~M$KSTT{%kILHGN1=nRgFNuc?w_jWZu~4STO@->7o^;b
zDAyeoHX?Zty3<?xmVRo`Y^F*i<MG)oJH8{Y&FzQsSrl?x*}<%)A9qkK84fgjP|m9Z
zZlR9sY8kv-Q`cia&y!-5$ibE;CJ!KPW2kWZBY2r-Hson+TlYCDTG`Jr>LaEmdV24E
zw(>@WZzf(ZZ^PqnJ>g5;;K<A6hnN){^EY8T^rKZpwp$F!%E7&JiFo2)>G2`zXdkl;
zXu!Z)pA7Z?=c23`Eb~%WmmHJ4<~u-{s}_FQWn4g6j8^!wU@}W`u;?@>kczhZKd&&<
zkEA<y?(I5+&2?bN5gZ_%Sf3l;$l5Dd^!Z{^sbkrlfFv(TlR^4>#Li}zcYDxvpH1p@
zOjGqYQ@g)ZYirzL<26LvbcaUHr?03}{;~1#Um}W8(PHERFETBXO{KCLM3u>KCPdL<
z=fn!1DPrI?MiMs5No9;O|1<R0aU>|E%im)_4E;VP^nfhXwv>g$v1Ot6c6yooI_~`}
ztKRC75BBv3gIkG8UupVO@YC#<b7Tkt$kI?5h&yNPY4-kDeL6v8X&CX&lYTiY<^ZHW
zJ)4AXIeKv3eVfz(qUubRrD+mH!)a(I746=CaDcjFN$x#1(lm&)v+>EwVOe*Zh#uwP
z!0h29@*z~PyB4zTqj2l8)HY+Os87qF4I8Kjy^JDX_|Et7IthxR9eO+%8?ytx9@Fm+
z-$U*wA|MJ{3Ib5tRWKLSG)e<Q_?GhKlta0~x;aJi`%S%E6;EBzivKY@d<0aiz6cZ^
zgyGT25d<L&e|764p$HyOxglODDpIm6wz{4hv3qXzdZ;L2UB?vFe6ThBTN+U^EzEC?
z(l0Gjq?~DhR^-sze1EE}*60e{IYdP#7sDXXbXEPo%7_xkWa^N~Mi(gtr6DWcBc+gk
z-kZABjxZKXfr{GOT-y1^3<*b8ch}y1MbWMR8UYHAq1+DG9ld6DoelVG*-@Iymz{p)
z*(s=ygRm|pM7-}yp3bJR9xb2ntnlUx4QyQj`?+QV;F$b=WJ=;n%63ZxL^7Hr>9kkw
z_E4&iqhB+1OLA|_5m%o4e0M%$!#Sh%YnSWvG8sWAYy4;TMV>u94dWm#m7>arf_}t!
z)3~-bBmrU-e<k$yghY}rrgLvQAgsHd3z5+J2nM|8kG<ilRtM}fb;J<-rNc*#$#|t|
zoy=`ouV2*-&G;E(o#(9`uufxwsU-LtkitdHY;Ef<a=hLdJdQ~V&(IWC^pIsac$NsH
zo~qCMoSFio`vLcFez5ml@2-nz$mfiXT;D|FVjWlC!fuRaX8Sgj^EvFGD}X4IxO!H;
z*V4qej?Hg}Zas7`8LZkX0`}f9F)}Nbk!;uQPPdgP@!hXU-Y|q5)<v8B4ngRm9kr*E
zO$ZYTIKTGTM3O309=7tYRby?Ik6@1e6g!n1>q2cAcPlf@s5$wc;c&YW#aeAGnf#CM
z2^N)dn(pCC<#M8nz7Sz+=%Ao&A~X&v6VmsbbK(II%)m!RZML3ghrY{cwg*pd(Z7n#
zqN2S2xo1+3sr4rqTG{o%I?%`%#Uf$q=QM|2Q67>-xJ4)Y;Q6=rshF_EG*Q)qM6PBP
zuDE}d5^i(0p4r?uJ;ZWhxei&}I_()l<|3+x=S>yivV|rH+AhG5Vlb7e8U?BcYCxAe
z*f-DKZL2m{y*o3q&vP?3<!1Km%?c@cJLncq?p&v|=dm{tOUq|eb@{<|yiV<ld%<(K
z>Oxf@tNcHboy+ium4wj=24ld34hNG={L8nZJ&KZLm~<&p##|~I>Qs%VU#wp-2mW$K
zFc-cUGX(1ia6y8OPO_?`K_|cT-o-V%n?d<Dzm`g=$ff=(yq2k@_FWkh51tz{dFCRy
zx_M$EfmDL#@)2M1(P)MGEjaSzxGd|3NyQiL^#JiteYTj>f6#3N6<?A&5Uj8i716<Y
zj%u%S+!k<@TErx9X=J)Zg~;eCd_hn8n{U(=zXE?@3CEu>rVsHD_91F?iAhO_zzr_{
z3rNrJ*OR~~Pd+!od-$Oj)1K5JA#@8Y4(TYJm=qkGWlj@QVemcky`i?Zec>OpqK*}F
zE{3+(?qcqT?klwgd~c0Z3L(dXoH(`s^$V>!_HGXxDSc_Z^{Dmsonouc7)nxrllM-w
zT?)(L1D31}oI$tdBR|4gn&<H}MgeKf&Yh8!H)YGQfc(nyiP!u9G5D+*r#ejYg&j@C
ztADZq)0j~43M`uZBhcr2v?E&N)o7?-2evyKn1L_ws<UMIBM)*(m*r3u-gtjGqZBH_
zJ6UWXUng_*uzais7;qsjF`hN(e(!i>00;f`lI2V-+2b8ckcDaW)lOjGn`5|Uh82vd
z{xF)kJ&H(<y4js<_`YqT)b05rh8TI3IAxkM*9|?1$MgEM<TyG0{5(gK2pIFWB8KV_
z6&3n&sx;k!7Mo-_`x!d{mB_7Y894B@65l@Xc(QY)e#b5Vtoo<#9};B{K266z-`%4q
zcskdDOP&~?9Cg=uPCAfhF`i$#x~*@};;zasNsO_tF0`hIgk>slXWi<a-7Bei6Gx9H
zm@*w`wl%OUrNV#>BZ00A=|^tgbqC~v$I)%9G!Dd__o-K<279k~bF<o#JubpJQ&G`>
zwAdm;eRYBY=Eb<6G7W&GlMGkD6MQc;aI~RO_GV4x#=cy@w#dBYy)XEZm}ugDYU=BK
zjvV2@{?xt0vLu>f<3y{u2;2FKfhyJJW$Q8B)&u*=dS<w2WdB$;a_Ju*?3?Ikbu&vs
zPQO!AcmyKqsz2?!zLDqtuS%AtI>xy@3y4NuSKs~=z8@UN#VBcE$`5vW##^VIvK^4>
zi-enV5KrWsZnREFDO<J~D<sH#egr>Y2LXqJM(;-La1(<|9^ekh>LYh^;cp1{*Y6~^
zQXn8`&s<y9`{8?Ft*7t=-!S`(7rR?8Mz#^m|M}};A6u6J8Ou$yPdBZ$+1uAS0La|7
z{+m2D_ptaJo(B5`MaUcZC-jsevlWArdnA2_dh~;H-H-{fhA7`ducG$thr_-@-?ltP
zo=0$cwW|Kp;lq=^Uey((mADW=a<fYAfgiT_1TV5P+8Ew(^EZW<n#kpEuDlzOc&3R<
zt~3E$o7o`fTV6JUgG7>t%>#WoAcm2Jubku1EwoJOMaD9_-nWiD<-;uJ!twHr<*YPn
zwn7prn#&SP-ymO|6M-y+S{QF)PTWw~=t^p37VYo&Y_Ni;a%2+B6ZBC}lct5?87ylF
zyv&@qh<_RWPEej1D^$Ao+r{TjwQCaZAMM2Ni70vD1V6l<JLLpcAZ9KfEp3^^*N1zQ
zC?vjQAA`Plk1r$9(_q0}BIuok{F8~3TU|>!%lbkBCNq+WUt4OiDM5ErX4TJ`NM%2t
zDeH@x?A=&a3mJm0miGuv2|3<3Qn5~k(7en4(#Yx)>*`g5@y4#?f?!zd#mxin==?G5
zVH#5Yg3pzIa=;$oiJ1@g4t!0t`y*w>K~8Ht#0lXWKA)KEqXr@#wA9f+8T=*s1T3+|
zs<fHvTQLT)l6sugHQDkQxsnGLQcJGpkWmlIiRz3e$LH<c!J8X<IJ*+636Q$q9--V^
zW7xGEaNo&IvBT$+?3=%Vhr~5+d%=X88aY5e*!Kp^edrAE4uJcXt?$NWHyB?emM+=b
zNaB>z$kiN>AH4LL_f`i<+-Xv`qkmQr)FOt($QM&)8AYY5xE8IsdtZpno@0=v{Gr@^
z;6)r#D)fKBNnTV6*jTY#zg~|IYr4a)6-XH+`_V%r#o0_NZLnVctd&YMa+zg{2tSDC
z1>D?zMkv?2>FM^SH^0H0A0s57$7gqZX;n?*#v{|Ub{Zw9u!6JUlv-xTzKE0v{*Xbm
zczUaN=A;SYamjq()bVXSh`fqSnE8RW=;-opHj%(i&mP0_X$Sk{WVH>NVfu-ymSWw9
zf1vP%fq29BIlfJPaAo?pTmr&5rSehDdLS1}8~&-7;39!Y|FLT2IAg2p5KhZ?I%c88
z+myfLSlVYt&K3>uWqSv{Dxo{z^(wz^rf>RqFwUf-9wF|H`!eHWA}fnkA#aDUM5{<X
zwCB4g){pGiX)jRto~l=soFwwlummJS!1Q@Z3N(+kb8RVaE%5jQUkqGsJ>1*-Apk2o
zT?Pjvsf3HRmix$7n_krnyCo>SBw4TOTG=<s!zJpLJVz}J+_yqc8SQmm8glk!26-qU
z`9Zcvm-cL*r~>F}=j!YI59$M5U#3wrr#G(~;y<-~e!nRN{!V2c9VgjeC8#=4LZvhI
zmX0P0QXDD_1?Tgr<;A~tEnu;!&3*MsQ?=zY=NxnDEzz3xt5@)i@oQZ8J&SNTNQCM&
zkJ7Rl$?^NirN^l6?|p)UJ>QHEzVMGTB)W8O{KgC87(kzXWn1xTzO#6Kbdj2*=ZC%x
z5lwQ#O5@F3{yYJ^TSP{hORQ~Xe(XF>S{tGkurwk4U{HfTH+4HTd<TH^?-pfTO1jdk
zYV1Xh8ED1CZlGA~YPHP_4B5n4CyEC>j8n0xQ?yRnoPJ2WZw-5$&5btzz#U=Bw@9#C
z3?9F$7O2AuUnp0))`35adqg~7+xM;j&EDaRIy6-1tL~6o9^3|~fj9Pq3=l9K>*=GY
z&MSFJO67#!N(#KZ2?O2<^PAG3lNocZ3zwJ1Qnl1oe-P1C*AllZoP_ST^&2w%o8<2@
zjpNy3c2{i-D==kaRh_PaSmzZbfjdw|IJ9~qro1Pqr?v3OFgG_Mbb`%<Nth-1RQ9pC
zUi$(zgmVugxLk1gSP??IE#c0=c4HGqIdpt(#Zh;FZ5v*=m389sty|TT8sXZAjla=T
zw(^Ovb8|xLAr(u=A^3@qIycizeYvuQD}s~4>vAcQ_nwP8rMpWiN@r!_dGkU0KAg2*
z?|r1z4$74M54dAWx?rumkyr2LFXVs+a2ny82^WvvtWZsC%=4`X!rk_*7e3#O<049X
zJun=AnyR#GhQPbwuOcJOU0hjo#KyVgc#QX(w7B>b*HaCTB))FQwH-Q+z92`+E-qwV
zIA0~M*zs~>6rVsiUW4!6CGy{FkB~f410XHoazBiGldXW3(wz-n&x?~yCoL$fiiXq}
zq6^-^BF|~R_zMsk{i0$WATgsI;sjuQx#Itr8UPW>=I?poygu<QM(y)qp&maKMB-{g
z*JX}n-><|d*!Z;^pY1hs4OW&~lAP1scTe$mkya3j+59v{IVI7}d50m0^7Fph$>kN<
zK$HD!xe_k_{+*-iTn6n`Yp>8%QdqQ}SR1LMo5o7Xu*ia2itv(tnZ1^?z9z77^LXt=
z^h>s{;D(j&DTUB7Hr|9HCUKx@*m9m%a&f|y<URqHDYWZ+h5l#R5MxtOTs3#E*R@wA
zeb`iJ6HUmEIeR+=g2{vEDfopErH)`4Jm00LnpK@9@hN>@kf$<)W-Ym)`%(eEU>*X)
z`G*TGh0lv>B}b(+RLXJP!GOAQW(loRH+6E{&$nD<k9<sAy3GiGl^2(S{1G*wS~K;i
z2Lg7~w@>NNU;R__gN4-_2fQsoKRjl+p95`hBCgV_Pzs)`q-E!e_fmS{S-O#2@IS*H
zxXCRB6=T!$?~Wwox{pKAc$50(=5CHW9w{)a@b)ju$Mo9)?0^j#{;D1Sz}3cK{>X(d
z_%>4xl_lUC@^Q>rM3b6V>!U15EAHvoD}(6j&-I7{<2+8Q7e90oHd?Rx#I9j>4zECM
zntIv(xNWxZEXWCr8`yD-h+uA42(rDXmaJ+bA0^|uK#p!=2(v=GLv7Oihjg+m27@K2
zL8LNI?#BwSpPwacSyq3IW2}tn3nmXL&iPxAnaws>7~Pv)l+#nHv^J@2yRUDoN6JH~
z_GqnUSTU}Rd3y)xx};;ChKJl$7w8{Xo&ruN?MkhbM=3iRWPIbEHM+KLjH*D{xo@xI
z{pNQNxRj8dzZY_sSJ9ic2eXHI>ou^!EP@dVZCXXIDCM9$!P=*lekX@U&;ROg5LkAS
zioZ8o+N~$aq+xafmmC*|)+D;4@v`rvjvW(21(z(DXUJ7Cc3DC*OvIV-&Oxgzvk)lf
zFV3UiKYXgz73lv6{(+si0N4=D*wvMp>s)1)Zk(Q)lK;~SG?x}2^p*-(^(Xwgx^OXa
zB5C9Jc#FKyK!L#An!F(Q^+B*t{=TAf^AHRHYK45bypk-rNMtTP!G)(Ipo=1?3c2vU
zn4`ISxE7>{Rboew66~{FhHL{lD|wjD%zW3*82l~JC?muEJV;H=C%a?Ij5iq5PA?%f
zKK)IzFg|p|CoRC;@{Dy&>UMo;Qtw)_<zrT|C4SlOA+I7!X>SQ7W(TE)>WAb4=&cXv
zl==SZ{-2^=GzvnV`Hw<a^!a9ZZTcfM<BB_Ux(PG#h-0}t8FnSA_%>s0gakK&XRbxa
zQFRGfL8N6=_rb|v8nmTX-0N(joF(-D-3!>?NoQA-`p?^+#K;K?`bDF^oaMFFl_a`q
z;*Kh*o5O^}#?fww2{8l4oX8p`|8-V#JyA7TpDXUiz}x3-ZYyC{IjtK6-&ZHoZQ0E|
z?kqcu#P322ip-UQ;cO5Z&c3$h4i!i}IEih*Z25yd?udyXU~GWrLESd_6=4+>V;+(7
z0%^5x65q*eB#~J*d_qc}CwR?+CI!vJ*DTm#gl~6vlN0->a%WnH<!gl0Ioizf?$Q};
z!g<e{%pUWrZ09*W@7ds`SLmL5+&dC3uOiyA_`87HlKi`#vN_v<W=v6eoQZ{~B)<?}
zR*HH%LW*fr^EO}~U(3nY;`swXDSXhmYPXs1;zwa}v7(W|<b`+5ELTPP)1C*jINdVl
zCzG&I&ok+HFYbLWRFE%N9B#w(L92^GU^BCW&uKB!uF<zuH7v5+XnQCJjn4Lb1hK8B
z(-t4(w|`BT-R#=V@0+n=Yt3bVO#I&5^}Y`hVMAO53l#&$Ja@P6*Bvmwl7DUA#s8oX
zu+sD0zB~P(&Lxji*ZiA-s`()D;YG_YX+>UD_@Zvvb!MR~)bpvIv(4qA@ddOr;MZ)$
zkmU8w7aF0z8<%8ts1T;7Tmzn(b=sqK&J;6KSm0S^V}cbf+`jGr+!Tva{Xl;>d&~UN
z2RJYIAhZLW^vpSC8j76}L}c=CV5e?ubY`i|!{X2SiB(tqg0Oo>T-U6yel?Xa<4Yv`
z#CSdK!I46%xmUr`r%M}S8Kuj5du`LSBIRRlyyI-Lq?tBj5Dps)#lpu5<VWPuqtIW%
z1S)EsDv2diEY3p*8fJ1QvC!%Xvy}4&B0&2xZpU&fp~%TbQu)L9q48s4>TxzUw_f%u
zY`X~Pam>;OP4T$8NLAF0uwDno8T%l&pzbi4tkOBk>u!6U!;r3?^joo>^uzYnIHIzj
z-7n)38l)XM!~z;9NhisJmEx@>h&8l2spCV@3SJDX4a)qDfLLs~Q8SzY2Wt8VNG>ab
zfEH|CaHHmsG_wdx;`(O|{!tBX$6@dgyQ<#0-e!(4mIr7Z=XZ3&Dhk&o>Ql!zNFVu;
zpQ@PKRl=B~oLMd(qDV1Fl6D$5lS%@hF4I4CApC3NS(rr0cOVd|RS5GGRp02{pG&2@
z$q&ykipfkO0JdQ?P2JhA1*>L$aru5_SKxPMu@%Zcrd;6Gbv@#B$D<hCE@c2I3)Oe$
ze^fr~R3E97W3O3FMG7^%PV(-KMVCBlx5T;E_O<$aez4lZyYMLi$rp4E^#_GT$0bYm
zY4Yjq`PLe0fNA!Ju}|Odss**wX+%Y-q~bS{(S8BJu=0y={~88?(;rfEd{E=Y@TKT7
zJ4UnOe+>&yqovE4h)m4d6BVc;J2aG8_uM@^jK@2%)`fFkgHx)z*HXp9ZE|>$7MM_n
z134Jq7B~mnqDqOIb{wWtS1S$gLiL<Rq3lwwgI;@auh((){eCq`30FfD0<C^PL_%cu
zHu)PC6@8<qXf9ipTImfTHI1Tvo-%V`8)3Bjo@Bda$KOQ@j!3OBM2*A3myuZOE@j!J
zWUVG92vG5V4lw=3@WtjX2|wtGKVQPx)mi*va*R|_7}T6NhsWRcwtl4VPs?8N4#t>v
zF2@hwNhkt7d`kdel#aT0`C@V;&2j|8eo<2m))0rZ;YIm5ZT{`~hZ@5P`NKbloJe(Q
zv6(YUS(pitha`sYVZ<pH$GEgvQUs0`^gjXTE3F!iAnlt+>VTI^1n(HpTS9q-URlh^
zNYAb0lh((uU^ldXUKzB@X=$$X;^BJr>S93xpbo(hE6wlslrdujhSTt$J*z3{9HMl+
zXFt5w$)S`p-<f<FH1JrdC0_B6Bsz!O0fi!z3LUGh?Dt3<4l2N)Ep5W(Lpb;zmu089
zRL5`M@YX?!=zSh1?CY$T;#}geAz|+ea-nkNsRYYJPSd3XXVbNUe&t5yiQOjT2ARv8
z0Si>Uv>zHB;RBaQioUPQlEATW%C<(1uzpz{BW-fs+>p)2FvrWSlg)0x@Fn1&rB2Dw
z=?yK?>GhIOm#|a`VYhr_&z0aGW&N`2rxc+i^uc)3I!U}xB`@lrzs<ZXs@8lq3OLK=
z+oQVdpd}b*P9@l}^d@WRDt5vtjg%|*1Ab3avwryvBVQvY{_-39n#)El8%?AOuqxf9
zRX@dF6-%MN5IkuuxHbxTM9{gNvaf(Rib=cn^4m03OQ%cC3QI@lBFlk=i@o8kb~vK?
z7$S0i>7B5V<+KY94UGjXLLQ=e4^eFfCpzbJEisFwpFpZxu){*dt;0fb3?P!#0x!S#
ziLn$c`rgN8^3|a)`9$ps425kDrzJ@(sjaG<;yG!VRy|&*7RFtwnp#Hd1b%>lE8<sb
z-pPL+`}c*`<Z5!lr>QKvW>S_|Y`Yd&ia8oDC(>Et@U>qKZyX^?2%;#HMlLu0WD25s
zuH4t32g_zz!%+e1H+h=NDcaL5eHHK#zV9mS=m=d@e6_3WEP6|jn$B>i2bkWz=aZ~#
z!v1$bg^CKjR481^4~SdxTjwBOPV8bYh$5d+m9|L_mWp}EXe%_oIgnYF`TF2?6|k~-
z<2eF&-JB6^*&C<_B>*wj{wxTR){7I5PksTyfD}=9@28esRuri-S9)@{*HHZGQm>mc
zq?}6=I;1->Xy8>sqbuZ#8!lM+FV;mXcIRPa@w@zH^y5TJ3tG7I;{2)9(S-lEC~Kyy
zWJdcrq|R5&H`8d^US?O!$Sq7CPkqGdJ8E(2U(O@kjowf?ippyHxubC&Fa<dH1I2@7
zmcZ1ZJ8FB$1PX(}%DuHzTi9OeL*3);^+nNBW9hRvA9&XNzR|oPD2vIbBn#D5AZAy4
z%nvghO)0%2%YwFx+G^dnb24!*&HODAdZ|Gb`O$$!-6N%R)1%ur%<#7ajDt+nk|yr2
z<R%hVR3<E}51Ge46=zLkzDQE20S5J3y>It+*0iPF83n%i<h=m22u|~rx+uHeseXx2
z<|?XFt%`I|z&gw;V?_v*73E*zX?X1#9T9TPqPenb=nN-tq3J>Ln`?Yu4ZS1FdJGd=
z(ae{d@0I9~HgNV040^xelEm0nNHd1wegOC7pTE7Hc#(~t{YBJCpbKF0AZg40IWapg
z=G(i-l9J(I;djo0NVf5u0UmlJ7<~-=T6xqV|D@US;h#C;p2XN?Z?QvOKQl{+R<Kxg
z8IO0Dggs=(klW&xe<3N}5U;Tuh}74KehM&d`5+1x<`{;6hWjKoMRV@8k7*k|@+G(c
ztG-r3z3ro=;Bu312oS2MVU=MwhEEnYwbga`%h|JD!)50l6lXr!Lm}5y*-&P6-Mz?#
z;&8<5G0NgqwRhRyq6WC?#i_%|#!=3-l7Sf@&9!}f=3?SyR#rhwk3;Po+?lyd)^f=8
z;RSHoEvw%3spOYR%;2f~fN0p|D5C<~yvg8=fu+mxpc^?2z>pN({D@@geZeRZ4cC^Y
z<Dh+Xsw3_15nZ$jp}6U?j~4Cg&Ui7Gq2_^h6wTdS-vx6^313--SDKCp|086t$qy;{
zJ3g}fy51%7uR6JT*ZRXMD;f*E%P7{!$hsV&V~EeO{8#*gYhzjcMCJYa4_?(M)osx-
z!oV$0g4@=w211(YEzN=<d$fH=+TSBO;bl9WrFf%-iXX^$Shbe*GS@MQGe%k(M@-bk
z@$%4{ngxjen>}!2(!c33U06@Y*e>Eg{c~CAXPWqM0pDl+&^9-Nh9zIT`k|)M6N|a+
zr+K^O_uzpUf+a4Txt<JO^(SDc@-bnR^m$A3>7S9#W}C!{|N4Avi4GZs&-93S*0m2-
zzNIdlEpDHh=mVreJK%qEwkyNp+`w1iuDq0q18^)poLdR?m0>SB3k%0;?bJ|*W-Nl0
zbE)R!7`;~wpH+eWb(&B^<IsTlK6(K5qUErK=P}2Waf}<%|CUeT8bPnAhWW||(DckT
zRw8R0!7oo$?$K;qYDD(@#x&?I|H9E%r^)B;A!ts40X!opZ!OXo!)}^W^hIlqDI+Wq
zPiCGX8>XagFR;zGPe<NOezonYAwWP~YP2#sbv1`{NAvecCw5b6!I|iLpB5-jXb0RC
z9GBLp1*qLW&a3umx;tm$MZ|6XyIDDX<)lVW3Q6nPwzqHX)xLwg-k*4fzKj}d0+LBL
zq?$jfm$v)uh}B|^(a|eq@-uNRPLTBJFM7aN>^lPzgF*VI^NUo9y!*3#!XXo?IcVW7
zrGXbM21^z82?wU7F~(5XOXF4d`z8axG4T9gb#e0i007U0<!IWiti{h~8%|FGt*@Rg
z2(bxI`>b}jW=AhlYA*1t{~0-jy0*%#=WUhtb!Hc6s%jvi!=q?Mr`mbTWo1M4Non$+
z{L2>4(=`{5>5Co^ws^WwANeW55Jp#`KI&5Fx#h!Y&ql!HJoEu*#K)7_0-caG{*;-T
z=yTa>cdoabMk1tbdOw>M?ftGKBkv;2&Wovhr5u@)9?;vFtFRzgc^=iAxA{q;-h6po
zg=Sfl6?_u;EEtdfqCRWPDw;P574N9@2VDASK-dOxkYCxI-X)pKgUh|mhxM~l%KgoY
zFFX`WU5wYHC_xLrW~CG%K843=N;EI0{P{1=fv-Bzy#5UPlf}^LZd1Mn{k5h`k<{d!
z6<ocR)3a=v;TxnV!N@pUIGCi&X6SSSUsqWMx@HqWHjdVgK`q#MFbBf~h*OyUy&l)+
z(8$0io_x@&J+7W7&)5w1Z=%IvXfATy=O(Rg^eNXTL1P90)-o5LAH@t**S^O6jA+jN
z%p#aU!VnGK1lK0xa0+ZdqlZs|+~>J`{zaEfXoL_?L2;4w>xL*bKStQqMK89k7Xjik
zM|G0J6hkDXR@&Caq&^>N8<S%=!|CM4`PMK<E^KpSh&~X4tP6TTILwEQ96?*>lnGvq
zCF^#Gf7=IW2`@#HO`o_lrO9_gew|r%#a)9{&j!n8eb}a;V7z|vPw{X66{J(K@nqd6
zNn|G0!?wvyY&`udi0cTieJmR_iT0yHR<1HF`_H?Yi7o`3pI0A@`ft80KHC(_J=|^N
zuRfjng1r$Ac5mADn=8c@vMwT_5}NMc0N6<N*mSz@9L5%r`k>FxVKqOgz51NfbUf_S
zHl=R<I#Z(BhPD)=%RK;eh!&AAHf)`2IC5uuYwH70CS30Goc7|(?vBi4Nb}H^MKIRk
zGj_B2A_$h)+9}o^ZSJ|7v-v<TH%HoRImlU>eUMoz07-9FPGhos_aWvU7K|Jb2U2bv
z_+Ku^hLgX`Gb2t7XO|dS4SUB>^p)FWJ(g_pC<*7}T6XxPPS&^Hc%MV|@{ND>1TnW^
ztg-6%{>0BUHmts5Hmnc^XBjWmvbfe?B95NAra$kMo-%IQy~S_Z)t|lI58~P}V(=a=
z-YL9D(5FjJP`=X5e4~*+)wRiP1Dx4;CArNpaO-|FyjhJLIfuN@ahv_%c?^=u(>wFK
z5!6f$ysug%sA^qV71Ua49At>aoL0p@N_jWi9O8-ow=g5%`thpAZocYAn{ci>d+SJ>
zC(uf0%A;GoXB?MfbqdUV`$WU~RUhw9lQ8rA?50A4%b2I75rhK;fWh8W;$9{PxIf)G
zy5d+?!)cXnZdF|Q#y*RmFbA!}#@QaQ!u?EVps<-NyKbo6tbiUlLYsQyuszi+mlRNC
z)R`|OdRxP#{bWWm_#>r9dHaIgP-)89dh+<IX&Rd-h&<#}Mq7mHliB-!nTTI*h!*2!
zn6?HY+ok}!5y;>aoS&h7qCXhf*5Xr;uPq&@%|I}A)+wo9$7P2t!8Q0JW(v#6C;2!Q
z{-)K((oC-P>HhqBEy4BbY)ZjE-9AITT7KMj6wJpfx6``3`>wNjKVFrkJF~8T`zkNA
zqBhC8fW9OKbn=AZX!9WzJ4w}EN<2xmaIbn{3aEyQ!b^3ZrZ2iOrYtt!@4#OyVtEk7
zUKJ{vopi<<dFms&=;1gUVUw5^Mc-H812h%j92HD_KTC1?YXlo(Z`f!-j;27=$RyS3
zc498-adv~>2KfYcB~`oIAm_AmeP7SRm;CHR3_JQ6BObqB|7=V|;A8DcU(1t#ndx|Z
z36St8<3h=2yM{0MuT;sSqk~gkVu724NR=8FYvi2L7YUZu{I2$iWrI&&&QR>z^q376
zR@d)Vs00x8?gRk!_xg!itP?)HYWeB$Q-K#k_&(9>*mSBmQlTksDnCkgES7{zuPv)6
zWr)Z8HfeKmRHR5#@J}3)R}ZcMg=Dg02bM5*o6f>^`26)ef0fVZ^04xpnDPEo{Cvbn
z*+nVD>&MSj4|o%DE+#&{e$(xf)iCm$|LS4m_;ED(9zJw=+wjH_w0iQ?rmK&fN?YCy
z#<K|l8GR%jpDtC-k3Gq7C$_%t$P=;EKFGES=V@g!Mu3IP#7+SX033O3+X{1%y2C*~
zRvA`57M+?GvdNG_WabpmG}%jCs5|X*hn)<S{)TerIDDs}()VPC5yzEC9|Xh_39KJ=
z1CLi}{Cv_!b5tu=&Xd7(GH~xQV3Z%FUB2`FJjN<5<oEh|^<^q&BlcNhjP2UQB&cz_
za-biYf+RF0ItqZ57sukn)zXZP@;b8yB8Kk2>S6^Lbro@jYXXMj8QA`6QmYcgpO~5d
zWnZW8_%Pbzq%a$Z3@mG8!(GV4mWF1IsJDX&3tgw2O~^7Qqql2S=JusRO^cr~mzEDl
z{N&PM+2%gt=p)}A&|wp)ATNnL)$RVl^Zw!)aKG8uAKTK|aRhj{rnIbj2d0#9abufX
zZCtr8JX7VOx4L<AW;UB_l7P%!1T0CN)HX?<NN(4NMuAvw)hd!Q%OW!cHp?+@Di7w`
z$~{i-AdO>l66I6&65;5zn8Szc!pACXmPBp4xpex8NV>i^NrcXLXrG3W0XEv;&7lZ@
zl7<pCQB3Oxc<8D2J6Gam7qTtSz{Gev7r6H{VY$q$&gwL1jbp*)y_RMKU0)Nlfn2uE
z)JuAPIRUi&k%I>(VM~Ej6<4o18U1fyVkaD<6P~^t9r&eNXZ-?SA_}MbJHz2Vw2KYR
z&I85rjHU;V9mW=}SbfaMQa0jGr7s)+mC_fVt&v{qS_^7gAx+D9OuAL*|LSNe&)1m?
zVKxM3S^{Q^teAQ=(!aD{{%akT9MovPTu-lkWfR_5dSF+|_G=vRZr~}@7_JPql-`}J
z!rn7Op71^eWS+T|d>qmGNcj015R#@e4k|g}L(x$%O1`LaaOQ|Mlf?vnYA!YJUYqt4
z<zi=<d4TSiy!!G(amphBo~0-Y>>J*?(XZ_;gxzv3gfL|n#GlgOj0!J)<#tH*b$Px=
z34LV#Xo?e8QceiMjx5zdUSDk(efgJB64ZBuma0d;mNL~h9?Wv1V6!qt>=cqlXe&PN
zG%t7ZJZ;G|1JnweT|@h~_j_BmS9=9*?>yHl-6WPHpl<Fq)SoU>QWP@u&sMesKvuaN
z9!J-!8dGq!%=K~zJJ17D$G4W$%AdX=?+Ib6CBYrWbF)}nfZ8Yzy&~Vy_ZWu~z1Dpc
zTvB}${Iw1TjV<stejP53D0Sbiy7kl*K(bwGoUbtT0n$LN!?vI!K1=M-P@=!i{KwjL
zxb^fN6bOME=XFAf=J7a@<mskKP<%x{U9;$~uye`0%3m&)(I}J5;O$wLFO$!c5cd(a
zc4w}2WJ@287t9u@2Du~_1NUa4%XSwG%l-`yzr0MYL;K9G5mOf!>;@09IjaqR4FkSL
z1BW*;x2nRaS8Ux{s<r&Z?&wvm>=hUYll(a5*CPMA)?aIfeI3SzeIdG*|8{oRH%Q;P
zIgU!Ze9$>^VwU*rBJm|awA-v-pX0XpzF7dL@`lXW{P{6xp6jP>!b@<Unf2HM=M6Q7
zsr67GRryD$0eS)8iFy7Ss0E+z&CNYg&plgTMP@WVJ6&Cac3iLWpS`Y{4fv<aGg`g5
zTft96wpT$6L@SF7K!HFDzQE&U^D$BVGk8`;?m(f<IVG_Qbn<9<HM29PkO7*jM>$GZ
z6#(4t&NdR->dFn8mPe)(?14uW^Q-daHfw%wkB3v`wo-o9)dE0(JpIJ$K;#l{w{?^2
zz&gE}vg`x-Ao<6Z*V@v*ES`fd2H*eB+&Bfa^&1<^^&24`&$F8~<oX#Bl4z;>?nK$=
zt`nneV&58(W~yNU*B82p7vyitRBkW4#KA`2{Lo6jROkt{_d#uqL2G3^!HpwKtwTsF
zf+E{*3Sj=2S=yYR0X%O!l*{8XE$e{CksyuZhY}bv1X@~MmdharyPjTy<`k}9_A|+6
z5(W<coG@<8YgFXKv3=!dp=8i;uC!)rwQPb{c#Xaidr-JCJLO}Q4U)(k`gmI@wSU1s
znqQg{J#E@GU1K^RN<>~zeviAa0Ay|Fuci%B1He^1%JTC=zCfw(+=x?~j*q9_-t$^Y
z*^I&SgIjTVTiw`40f<%b<mi5P3(9!9yuP>gT6;A0NY+nV*03}8*>lB$FE>*|<0wfm
zA1czjd<?kQ{~yIH*Z~Lo!QzwWo8@f=Yh(J0gcgbTyP-nt!bL@ei5cISAqjJUWp?zP
zcmMrqmlxl3<z+f0``V#V-K_pi+9&PVX8x3HJh9MAdPk+ZPa47JCF)VrNghy?v#Po&
zkr57wMiMcyO8Y{0x$Aq{M$wr~#u$BH$-Y$j50*5tsH|7*KaF3lji22ZOFmt0R5A={
z^R2V>4;!gcovW5VNs+10S;-~?>M76;ECkD9Ag-WFvkYv7a9%ro*8767P&7RbhN8fP
zi!9+G;;7H@Z3`McheM$1)>d%gF3Cogjh4Z+64rJWIqm`@(}3Z>VZnjhMN+3eVYpdH
zARy@-A_3=B=kR=j*XK&oqgZL&A?sYlwYUfHQVe+y??IkfR2E>Of2RnWBWJpyxS-Iq
z9Mc@lwrE<uZZX`eu<0GwZ_;ZLKU}bnIEY|$o*cu7r`xpGS*v`}l@c7l;i+{LXbx@^
zZcK?CGz0Yz-{ywfv9GI0JVZnipnJD!L{;rjjjTFvANR&aJrx@}A`>Nqq5~F-Z4-Ts
z=xt<225hoi4uFi^^M<jbKuw#sr!|M|)q#S5kNchFgR(jiXsUHr)A!MF;kfsnlld;_
zN?I99&7r%9+Cs~KPF8(2lY&sQ2rB!3Vcrmmaq@JYc<KuFZT7Pz&7$^PY$HzOYL9-=
zBbY$%5IL_y{+4T(%3D3A>Q4`ct5X*-55{zO&cH$_?Pz&9C1DA)u*_Db?8o)0n$i;0
zA7eOG@2U-B1h76yePsJ;!L~lO<JyoD7UpDBpO@iEQrE{8`cgJGDyUT9P+@9QOXYxv
z)&p^n%3Ov+Z7$BEN{&@M4mrkY=j2k>IcO3(U!0H&y<-v@O^@fF3xW~|UdHkT71+E5
z=#3V${Gd5Q4u5cvd&WrZ6+(72V`TXv?0+uiPtO96E1q~P$Y*WO*wfM(+Wwdmzm^IO
zRXa3ua&J?-Nt;bw!=Z@$_@SMtgfy^i)S#J7+-H)t6`(OlKCjhsd44$BaU}!dukYy1
z67QCsJYClZ_>o>PWW%&jneZk6-$`F;Ed$TuJj>|_qlxD-%6cB2X)EJ>jD!T0m&41E
zZ*ap!3hWDo64cgh+e&R;-P(}k*uASWSjzm!SLK>lR5aY8*)q9RU-`3rkg^-SFxgU>
z*V8DF>Tb%4<^KN&d+V?&yC-Z^MWsu+ySp2t8ziMe8l<H2L8U>EmR35YQ$o5yy1Qco
z(#_dyUi^OF>wC`mXLGTywO7nNbI&|$)|zJ=xyZILmgx0t_DQ&65s+vdV=SgPT9&=^
zUO{WVjHg~v3)uar%9!6ZptahpF6JJOT*9AGr^UFv(4v#o7oaZ9e8HW{X`37Q6*ntO
zUW20PWzT%HCUn7gUumbTmwJ1|KxAjQ8+K*=+t?IN!<eTJQp@U-O61%Fx1R!s&~8RC
zPpzQf8$aYp3ksy^lrH1l0`fI0e6T8tQ7OPktxPKKd~u=oY3j7?yqS>AE!}O;>HO{M
zldIi<>090_r^^=L`dFw^=%#;>#x&;oH{M8^mkK@${tsi#@CDmd|Dj(<P#tZrh1d@#
zH<o8!&qtmY;AVMp^m=llEarC{JsaD$(nOEtpqn;o?an(6uY>h)V*uqFuCYmgw<m$S
z{mBO2G0$THw$#E;HRoG+Y^l2LsG+&iBt*ywlKT9O28s-Pie#)L0i9!;>rZfE6-}S<
zGHyt+x4y4!gjt$&XM#OP|A_ZSZn>~|wm2k4G(C(#H7jPFs*DqBk+jOYzb^M?j#0;W
zZqfZvg)H1rhZ&@nW<`J{=b;w(P6w#m?(6u$twE$`R__(R@7AL5IFW@a)*0Li;~&#P
z=!h{7+YYlR0&@!f_$P}Zg?g0bHk&u0M-qoWUYp3NemBihn-STus1F#MN|nDnJ+&5?
zBclU~wGV$EBGF2zmHc$PL6FdSt#@73TbU}9p>DN)5Mp9mM;3cx0Ju~uUygK=31Iiq
z#%yRIKQEKPNaO!Pk*_)@+3juuw_QOa2cus+EHG`9DLnPDsX+MwV}6Z1w_-li7%e=9
zLjx|;nA#%|3aC%3#T#@e{+AddNCgfE^C)!KP6uf2GZRP(x5}~QgvX?&FZ&Wy77kwJ
z1v12?d5FFM0*GEPb=TRC3q&gcSJPh@<PhmltF-5n&Nlbo=&leW%U`iyaJxiRk$dO)
z({RC}2_cGAcl{oc8=LQKzxXk!F&P+~e1vJV$T%h6+^YC6xf$~DnGBVs^+kuv14h1W
z5`uSvH99{+16Y)QeYHFjFOSmDACaAMnmPn9GF#>6KJq11)b$*}4AsePIb5oHgU|f-
ztXCm332lC(shEnVy*Zq;WcW0+xdt=Ekhap6+*8JluoJMRx3p^prj%mC-As{@pOu*=
z2h~f`lg$0;WFfA2tf(3F?!n<Tq=K5&Qk-%~Z@&x%-e;%`;H?e#OxSr5-Ub*0?Rd{m
zp4DeSSBgr+Vf&RD4f$jxeM%?6F4`^B8wvS*?4s}^<F`=gg{Kp)wH~yPZf=@>Wt#kU
z0ufIp)!O9Y!Iv_&o?0(A4~7BsNFjk1>{X<e-^9wj3Y8!%@)X*qJ-WM5n37ng$((ks
zf^P{@DRE*vIO_}>Yf^uRmd@oy0FoCxUka!OE4+~?w`s)Ad1TkL(fpd%Ka|zNx~{M1
z#i~iKmX&{Z{naSnND&g!?Jq3^%{C9oXt19;G{l~-@tHJCUMCeMPhZVY)RSK)RlFBH
zb)Bjz5a~$wC?2a3)Q8z&zv{@(jvo025UhMnadGC%0ToRezPh~2@<H-%?_Txz2MIHv
zvgE7>YSfj>Pgo1fj*VITtVJbcj))Zu`AC_&UHz%f2TACXd-zXcQMk|q_go=f0_o!v
z#r)cZu$M5?rm*$EM72(YaT4OD43xam)#&gS%d@@OV4C0lbhG{|Niq1oibkxx#Ys}4
z$65_~jM_j-*3|yi1T9ia3G{NMB<)pg3HM$X{RF?sd=B)9fENyi*m4Eb<M8s#PqB17
zmV86hLyQP#S{^{2@AA>j5%kD>Drl>orU85ebX5Gg-7%*$+Y@24H{$J^i}4pQ@9UZ!
z89jd4$YYa-m8s!?8kJ)E`&Xl!_UFUpSs@utU<_C$C!6oMnT{-u3bZ*NE$q>lKB6GV
z|2pqaDY+J-hjMN*%x*1mX`56G^=D&u?1i&uwl4wnE$DN;!^hi(uW{wK&YN=!;>t`~
zV=kjE;Ze(?7;qhLV;3Xkye>KDp5)dvsW@8H%#IjMe(OC;wS7^s%d0QFS+@!tDy_Bk
zFZ$KG#&uAJ{k+rXZC$&iz;HB4PuV4yJ=qsy@>PS|DaqpAYHUiQ-s`$k<Q5;RgA%@+
zFml^J{U;}gu$M*=cBT+ShBVhkVz%;p@0~D{#on7ey|0!pL*JX#s7K_^S$ws*8Iri-
zG8^a7qa~A3o+-YXE_)BKK?C-bU;Wg>uTv373yGfzI}im8yC5+Q3$rf>scR!cQh{bo
zQ|?4o+g>4+4G2AzNLzsw!sw;cx%`yP8N2xMGZ)D&CsVPQh-Vtwe>T6(2Fs5dqK2lM
z%D6kXZ1?H0jv`O!k*Z#7alP9XULeNtzrltM7}o&gq1?YKrq(xS(@0A)<$bjXl!%u|
zDNN~!JIFqXJ6Q$w496c4RoPWG2$iZ|a=~rWA3^uPA1Yvt2rxJxU}8;VG`ZF>U(NS~
zj2nL=b1Uc0^hdlHzM*Y!dj_kv))kjl!9pjemt7@CT%A)&2y%-U@m$|8ncRcn<2aBS
z2#Em>ZscX$i0D?m3ZhRLWX_F7@zZOOG^U+*xh#i#fAbz`qP2DysfkPDd<Y~`@BZ^R
z=Ejj(x0ey^vR{WpdXC4x2c{5#qRjU@t7lr?ZXVYa-rL%=jRjkZ^4q(GrbQO$QC@7?
z;qtix36C7SEiFcZqTq{eToomvfzGchep?Dt5yYFP{Y~YJi7g$p<A$efLEoLoHEMQ^
zR%>mQz6Y$b98FOgzYkO%n=E;gyva@Xk(V(&!zSWuS4X$g!@e1QP?pYVa`ZM**a~6V
zu`I9XCA>D28z=I3VpU;Y30|tr+HB6R;WB#j@~IP2DCJIr*R~f@z<Qm7>wCtQ;}TYD
zNJ=_@F4p2wBMYQ$Jf(!~Azu{+qP!?hJpH%}#LS9B{N|SH;Xc`}Cf)OlLyT&{=qV?G
zBv%n$%V&Z3y2=Us^FNAQ`n%nJ&>LEw5MJH+bRjBqa10Za$IViBgl3tYk&1}38d_T!
zc^*v&?`F&a*hH=zzbU29+cxQl3Y8+9kne_K;logQpQYjyEF_0a34NeSAVc8&tR+Y-
zqkrR9eO!BE272Q46opVOhYOL=wdmeN>05t#xaQ2ymm<f<W6WnWEOVk?Ktk$Y5Fxs2
z)Y|-(2)@iKgqhDWJ$+y~@EO0g2KqQ6-8HeH6A1A0b_=Du)ff&#g)e(}(zFXrV4iM_
zVxAuBA67N*klpyXb&=Np>t@drD*yIob-58Z*BJw)-hd9RrsIs>-hys_Et4PcimCZY
zs-LVKzJoIryK?+oG4ZHxW~jhCWm8uDXrq1WZNMprxt1uu-yd@3!O_U6Qfvg+sLUz*
zu^As?BWP%i?f3(oQCZ#3yDhR@dMFRH7VpD|uwdlG`LLyuuB~Er>7r~lJyl~r>5$Jm
zUHF~^1wV{psKpiK@ad-G<W_lK<Tb%^tcqW=CXCStTbojMgc#~}7-(<A<f)Ll3&Nd9
zKrrpKMnO5KZwCoZfp<oF6^OF5jd)E?Z8&>+q}#{s$_-NC1_gZn_nF4Da~LG{S$jLG
z*^)wn?DO-;{?AaO->_JJf1CEtC=V2)5Nj@jReSm??pZ+S6Q@e~rvi=JR?aoKuMRJx
zvuY;fd(q}suMa<-{)&5E%9-~<H;aWRKb21(ffZ<B3s?sB4?sv%t_761cWHf@05UvE
z{4g=!mUuE+6%}888QuW0p#*U?YHVA)#zP_D<-?T;t8J+OGy{3|2caNI4vRs%42exo
z**kDo$)tknHO{cqer>OaKPL#*BsM#OQ_(ur80_f{PJmbc4rkW+DqnSy0li0SQL$_b
z$a26Y`6;6V%{PU?&}0--4LN4xj#$u&Sp0&knA$#bD)u;y2Q$;DC69KA{&zlafo0=(
z@1PzOo&AHl?Bgc9;Hr*#F+LWSI9{!0XSFAeFOg2SPgeNh2hWcI5#N?ive*8iuf7{h
zF^eCp6&t_W?pYu$XeSGKtOzKGXp>PG?S3Fu=hO<|BWCg-dTn3{O1J4oFs%q0XqC1O
zPuum6phF^GCP^v0Jhy+3A^A@DODJ#TZ!IQSg)P;O=BmEt;$GIAU(#w!d3u@I6|#du
z=G$+=BDYtgk~v~;rlP}%^0lJ4e*OAR*po)^JoRHfP(Tk6x7O=$z+~`otT;5LW_h$=
znO+;WI=|(|KtJhKC-|^hES90WpFAwn?l^&-w>pY`3cSqxMz!mmU+^?SO2UTW13FDt
z;1{)^A1FICtq3#VsmQkb4)5A`k7GyGf3SbXqbEHfue%tp6CD3`f6cCX#3^Nlie$1T
z^M-jY9gzL;lh@-A*J+B5-TTndn@3Kh$rT4FbyGD)YPj0c{kx!mEnMMsTVB&*#mx6S
zgyNK0Ls#xr1j2l?0EijM{B%Egv^@zGk|OXup_I+zXPOZgsv}gh87YES`^UV{Yj&g;
z!Xe+D6qp4(oKTYab+prze6&;PJd*|ZYMX3VK0hG3Js4e1%IN9aHcLv2_UTc!%`=^K
zeEqd@W}FM-PzF(GZ9rdOGOa{E^>{<pX-)q7_GwG%jGEJYd}Q#D9A4odL&r?ip6N_<
zQncNyEb06s_i@W5mZI$NI`|^P8C?C%8H@RJbI*MZ8h*%G5d}QiMJRedWPo1zEN7ZH
z)_SVA93;xAwB8^-WT(z?%o3JgEAOcVM`S?5|Dfm!+ELBWE|JZ5iau3EI|r)Y&`A%T
z>i$&wqPlPQr}hjbJCZCZ=v6NN)p-MdsHt#@RN(Kl#^35wQHg{$fuj!ijhgsY$+63W
z+-2kkk<>V|Ji0*0CA-8o^_FTvoxHs^%PzjB0mm1ZQ)TByuOwrF;%*Ile{QufMETo#
z>K@{~z)HKF)c#tJH8#)ZsfZ-o-?6m^@m0s*gZxAW*IovL^Hp_6E$IuP*=blu5{PKR
zk*q1~L9c@{FfGJAm<k#nFlh0xxVT(UxbOh9`E2I4)vxPCnc71<p0Dl{YvAU4=S7(>
ze@?`XO<+|g8k}V&cvl|Kvo;dA|AGO}j#K2t^1ENTVZC2kuw@4<a#0Q4zAtt(pQlWF
zBI&$+8(L+4+JPe&s%J682)|BT{bitG!Tl}L6NuFBzIn<GO;Wr<TrSeuuus|!h!P$v
zYd3XgeAghpVErw<d5P*(@95)z@{r`T)6_x|vCGDPs?DbuLWl0(_6$^OBhOQOD&ZC~
z5|#VBbjUrj7fa_5*i^Q%E4fYUV2thJtCRPbv)k8*zsK4Lt7ip@J_?zh^}HIft)%g$
zxL`X${F9U>P8KYXzm)|yJV8fCoPk&@NBD5Yt0cc`<s)C$iZw`w)7dtrM;ouRY(3jS
zT-By%)2c9d;qpcm=T!re7h1;mPLMNR>4y}~C3O{5uV0&{jh;8Id3(j~*7JIRwm=N{
z-{r0KyVFz-*ACjZpq?!vqB(E9Yj!<^%NkD)z)D|Vok-{kq)M_Bf5NPhw`brGfY@i0
zd2vsK*z}`ufd|Z(x!$XO;9?;DZT7?PUNr`FZ)w*&EYJdkbqLYE{%BG5dI&=JLn%j*
zcgaVqDjebiYSiLw_xcV9`&d#KZ4uiZZ*{?6eHIe3fCiW=?StpL?M|WqZ)2%8&La}z
z(2@|+3U271O&Ume0Uc|P?n7Z*J0u^mXshCtN3Bjc;?~j3gjJ72J`nH3k}#O50UTu=
z+pK~^6&+AXP>=oz&K<^4EO{O+Cck_17Q{ar-R2<8B&}~~WgwK4IS|&ZD5)GFguyXX
zg>}#@D_@qW3lQ6>^Re`t4=!U<txm*+H=ek3q{0ixQ7I9oc95^UTP2@O@Jp2p3K%N;
z&9a}78)Q~Bt^aDz_{PReu=7TZ`|Rs}iN)hPS-rj>o@8G9NKWec3m>&9gcng{&@H9>
zXt^JnLwfz=QtUCs&`0hS3%p^sW)cN>pMS^*Xo0q{c)XZA^yDo_r<}hgL#4dO9;Iq}
z`TN)E!V2$cek76PAxAQ%U#sHowS(t2G?R}7^J_0`dJBKgt?jN5o<Ff;pYKXu@O;0Y
z<@p|E9p0B)pSXMlK0{I{Y^vDU<V#?G^1e@u^;GFEMbEkV*776swpW3N&mPnpu%psy
zc<Gw$`B<ATt|m(R@cB-C#ArnfyBGs}r!vjOU@-o~mYk@~yIzM>8=dfVwfA2nWkxoO
zhkjsBN>%IiOyD(jJpI^ajbKbVjPmoh|EhdJbA{1W<=&@@;W8m62bxT)7^;`FtQ>-q
z8NtbLn*Q$RhJBZx6r`Mya|{(ZQvp7`eP@#l8NMl2KJhV~aqGH*r^|1?Qt3K!2#$Th
zW`;#+|G<~Mhs5oagtNfhi=T91#0F&miI2Cq*@#=?AAh4@BL<E6OEQX#Z3}ydD|Na$
zA}D+S*C{*l;GqVM*qc83!=Ji62rzrmI0jbhtl8dH{yv$HYk{oZ%f0!{bk>76IWLHu
zE27W^kV=ZMUq`g;I{%7G87BPHbml6@56u|n{9FTV*MQK2pU<;^5+8C1(aeWqkz~v_
z08_p?kS-!xUjI93o@UipK6a5vf1ZtCPWM;A=jMI^9E%T$J8md>G{QM)G#jh+uFRKf
z6v^L!WFJwQ!{1{xg0anV&2C5Sb+CrHpCZQJDGF1R6DFuT-h3h0757{-7;%3|=^)Xb
z$&meWOf{M9_PBzpDXPrz!oqoP-|mNMWUo!A(&aRb;YeqrZ=9%x{@NEl8WqZl6`8G1
zz4Mb-F>>#$MZfNCytFtC8l5~*>=L#^5mZk`1Ryc;W$V@sN`9GW2=9;A<NhWy#l<#c
zV>p$DCb}G<RQ%LYrFpW%+%P4)cn{B;r@6UhEqu9U)}ZQ|0qxPr%I6K&`T=_iSVx;q
z?DX->*Tvqq-j@MUE??#a-Fap38;<N{DP2VQ2mP;*_ihS2w5_g?YK$(-%z;K9rvYc#
z8v1;~d=E%qJjP@&>k#NP@J;*_pCEC_HjfNGQKFdICas?-gJZebcFX26hMh&%oUFCh
z?16QzK4f_y?PYjWRxGb!*^CNId)PCQW8mPCG07b{sh%?V7uUko(g>qWZgAC$o^1u3
zfR05kPY=jEPJwO3dbu2Hb-+e{YP?kF;L=@7+Vl4MP^O(Piy$|jkHpz)D;&7GsSh<k
z&GtU@Kl<(QQG%p($rKB3@_NXqtq($z7Zmh1NF~)g<$;MtN|pA#bYq189;VYg5?bLN
zn~-@PWns5Xge;Z@a!EDLg9sZlf)ZQ!fS^RM49_#Q#rrCsd!L=mPI=`Ut3y39Twr_i
zgbB&Nb;6v|Z%p>k{FG_o74o2(X5Z4$vSND1VNxLN79e*G?e)VfCqD;7cs;E}frwL!
z%Vl56?S&FJ_%ZtsO1TU@@>mU(VsfUQJT_vwQ5%ctTmy#(;tKU%^mK~SlL5#KtOw;U
zlsx3L*2L@M5T;7CtAl*hyl2U+7uuA>L-@gM{y1$}OV)#Z1=e?9pRISGeqLRVg=G`(
zPnWS|FHg?pkSEc-)M-y&M#k2r>P8UJ+r!-dY(bS;7SonFgtxUB%~F&%<riX1bw;d_
zV<J_m!f`1Ry8r+X#)nna{nC4S;MV?Z7R4t4u1H$(M`v1D3Va^9geIDqUY7w5w}Vi8
znAny)1+Ah==P%H3=7(%d|83|?jikDukGD$jr^oALrAX6P^xFNt!YjIU8EwIy0m$Qv
z+=nH>o{-1dWDfNeSuq}~5YooW0x`T8STye*&C?54plTG8L^hJ#`nvdpzkIYk*z-ZB
zk}9$~k@qq>tH3%{V5_$DgQM6Y93(s3AgD_!^Vw+i2%YV;HB-#wNc&rFi@YjNF$*;l
z^o7QifhNZ^(K7-O*IGWci>au0n%lc}A}`&IHGSXZHB%~@`#*_Pc5-3#m|VTtoP+`-
zlpDyfS`MCUy(BNAyfWV1xpbJ7l6Np0KT)2?|I{eR)oSwmkwf2pe4VZST<zZa^3vf~
z0Tu<H;&8+`lS3mkVh9-?w{kxgA?-%fenC8xbD)jdcKvKJ?X;C9f2!PAUYSaMg32J4
z1r%ie<mo?T*e770LGe<|1(5M6u2^0PV%kL53<3v~&x^UVC%d0KZ;5m<xq<hp?!Q@e
zBXYI@aYuFfH7L1cIhYO>C{2E{NM%fZO$voJ$P+(XJQ8cx$V$x{J-mbOgDns`A~&`B
z1X^~i3^jHV#N=MvzJUxyp`TI4_KQ+9pVKn{OCWK!Um$|_k<c?;1%M@5%!VmcQ*#$~
zBx3<np4995YB}ZHJz#IHVJnO<(fr9BL1h-jA)+<tkv5MH3?6W8mlx!7ZjDW;;gwP6
z;Ze4-7%(XEsffcC8BL8#au5F56w@!FNDy<8VK1p5iwjkJP4Po_NY?!Y_xz(mS{=aM
zZ5wTTJ`U(O0aa10KRU7_THWdyAesvAi|cB-I=a{#x2c$~E7xx*NH{4hykz_C$CQro
z0k!{eNux)An(omAJ_<y!BzgNE2iYM>8FxLV5huv_l%t8RiV+g2H>*sQhPP{iLeasz
z@*%cbj2rr4UZD}+SAE1>x*wNRELQ?~KR8ZX=HT6gLwNnwX$Z0{6!l@`YQDYa$36Ju
zI#&_$Y4sV3xwLS>k0+X#YQcLVpAnx71lB^MZoO9r=2nF0Z@p7j_vVgoDb+TKOlMJR
zUjEh{FFyFB*I<`oRmr4-2(F_Zu-DckDae`m1md)af>db1uR}!DRHp4_{{(DjSZgw6
z?|K?f7Dq~==1&*H<$XT2w49P$iiUeI1<#CFWz<=k%x3VDUw9oyO!FN4<;z%M2@Ln`
z6T`CMRhzHf=^1R<ibpoKB#%>Mf_o27{4*ENiC|UX#;D2EcjZp?rdXs>LpU9+ddc}f
zBc>iF?5yZZmg8KbfFO1VEPdF|_O|a*13Ij`E3#@y<J=61!5_m}G#Pw()<B;s^xgpF
z@%#;n>CujrmZUtXS(1GENzF_9B)o6Mi4vQ^8bVWUmwJnqzK5R1pHCqqzV@|P&!R7_
zI8+m33?yx-JFYeiUuZE9e5mpe_UspEdCNFvU!mVUf216bU7>q0W$A=4+x1e!V8Nxl
za5gifam_-6vK>0bi3`!SgYDa)*1PzbEiIpELfZ4x0;A-|kuje_|9s<D^~t!#v_rTj
zAf5}oWM^m#-Z``q?#@UiMYZ!v$_S=`gPB<x1q=JL3;eOtaCwXOvjga9Gc^6LgX|h)
zz~_%&Tl9<_PG^|RS{6H`+1nYDB7!e5`iy%Q*#^JoYdfcX2py_b81yM>RT_c|3AkL`
ztr~*svDV)mzI>7pNr%&x6To8cUhKGL(tbO~^GLI?8!z*fsfwKd418zKw-Eu!yz|_y
z%haTWsJs@Jo(hI7fA&$=@eTBGY+FD;DogZyyWj37nMKrqA6nCDV`lD&fMAGcPCDPG
z&^Oua*r#+<ms`&2`aX4eA5^Pq>D#hBi1-<5BH&nR^eJ!_jVS{juN43Ee#?rs<DG@V
zLAD^531dbp9xF%D_$i$gg#t|;uT&~9;W+*g{enD0Z4t|E1E0IZ&v==;r2%(WGkRgP
zvXmXO<tV^lur(LP%OKT%sq3;!9e<T8EHp)k9w8b~UsF|`L;uV2;L&jM$`&<@F_s)x
zaH7KM+xJeh@ZG_N?+^T61+lv`Yfrn|m)p}OKFwQp+98dE-oGJw?X~8I$xHMUT6BRd
zs6vn-BO@y{5xqFes9|BP6@bZ>pA^EzLOz=)rvV!@NjKC|QVz_zn0Rbb&R5>bSxd?{
zG2?caeoE``WOHsm$=^n0N!RuJltZ`jC_P}~`jUZ)wpK+U8jKCHtCd1@J(isphtLM=
zX&s#a_o4=jNd6TDf{ERVy30H25;<ssvQP=c8a?X1on63lRshsGilO0c;L1Um-!>9e
zKhpnp6nrc+_x1w28>BzC^S+j*C9%lXUMaM#W=VrVSx+jTA~9@xLU=Yq_t^^c2~|ci
zd4IyYvn>24(BXXv;IsyMS`xWJP_Uhhs<CtsZA-@GS{STVUg>5Mxvl18D@p!#xy>~t
zLr-KwCmqmC^Jf{{(hL;fWystugUZcHCR&t9Dm*Iy35&6BMuk^31DokvOa~>arngQv
z&St)tu7#+l?TU#dY@)f4WqsCFGeZAjeQ1*`YM%&(STf0J4rTv~(&?c#9sy2Sm^<p3
zLUT`|AV*zoq}LQNoJn<ao}LK?JnYvSYh(1>Rz7ezY55tBKF>r}mE)Fu$TA_^W}3i?
zyL7)O1-s!!o4yyNoOUKpejq4zg@mhh6|+l8BBN~%N~lF^jg@M=b&z}<ttl^07lSLI
zbJ=q)K-OZa!zd`6+ZM1EIWT`T^LvJjhSL45G6Ez73WKI<1Ej=w2xXP!J`)bhlz%u^
z+b-Lf$fm07_#9+|{E8!aatn?=$xa#J!D|vI7ErXcy2u2BxqHQx5$rTwXK*LHT&-`F
zysx+!;%-XMg{Qwv7NH%!sA-JAipG6>{oC1`28jrNXvf$EVb1CHL%{mYn*+_cjo~FF
zvoKX483~?6usUbBEuRjDFEYif0h9H#VEi(##@@7{`{tPYEDwB&hyWaAinJmjrR|}U
z;t%4Z@>M6qRWLoZ%GXQZh)YJc^zGOxMchho5R%(`352q7KG2+<m{z-lXLcwe*s#Jj
z###|Pn0DykYxEZKI{kX1Q#@fN04`nHGeUuBjnExcquUh=f9y!r$)_T{vAS%Ch&2Xf
zOkVAN@u_EvL=}Mqx+`XtjTA+2uB;*_ictswcDnxBJDmR6bKOzzj=!pi$*I*~&q|XT
zdGG3>P}Nm?vO6=KP55F#tO|bVZ7jA~S!?Xu*p)A1db%+?6YaC_3NC?mjY)RYkYV+w
zx%09Wn+8B=ndZan_djTH%6ewM#nk2-78KXT#)P)#{qf@ID3R`6@>oC%cLRU$lt|C}
zqJrPg+4Mt2s$gS7z4w_o@?2sNK~yLSHu9zfbk>N29{&g?{K_%jnv<Qwtthf_Qq1DP
zNny70Z=*6+01`gUxVLfBk+o~$lu*!-2}lShAH-(X?Xrz`e{IYkHETxm9-^eM<<{L{
z1~+*y`cNkZI<f{8b^k(wDvW_bO`OW-Hk#V}ef?+VEFcXOj)65g@(!O@?7F)-6oo~l
zeOyLSE!UrAT^wCcx2Fdb%}RUMWRoVr_2**eDkCph1TKt=c1u4~eOblq;0RM(eJ+SY
z<&d3<UV4?buEFuH2Kyavdqy%X_+5Iy8e@KXhpG1c4vDJ0hy?zdY)k3R{U21hJ-mkX
z(bdxum9Y7)=*65!Vb?2@bU_x`!Dy@xQnky|5&`RkF9KL66pn#0U$9b8#=j@QO1w-i
z@;*Oao`!a&->y<D$}c_C^a5qN=SX<jFpS;?*x9iR@{eT3hJ1@g`^Ydo1XYV!C=yYC
zSDEhsT_^RZ64cdExo*-jVEuk?NpW_Ts{gy)Sv3Aw2DmV(&)rt-nAg(NP;4rL*4U>A
z@y1Q=vkcoYRX_o{e2)mpmQj>?{Z6cND)(ckhX<t7TnYoQsr>}Ur)z??@;{4Dn+;p1
zEf4!D!*)w5sVLI)G0BeVzjdZ6J+1&uRN9_;RZz(aSC2cD3UGPte7#)LM14t`lofeY
zoB4y{wTAyz8VMZtwZA8!6Mqldf!Y+2Bmo9AKzg=3d_Z2EDB6nh0w(j_geN|mla6Vy
z;_VY%Y1%4+Yu(rBHt`)Rd<nEVInwO$&~zq-$Fio+k_;D_Met4iI!radIKU~9NG2Jg
zE+d3YL>iKmQEM=<n<{ZV{gPAX4?ffML$P?vslB|X0|)a#d8$1bT1XpI{QUqh*T#Wg
zSL9cZ)${)CSao7Ebm^H$XNT4^W5MscN7=PZL3-~`DxqR&Hk+IJ5WVMKb<;OfkGa`u
zhH()JC@*}(T@}t7slT}HE~#g=`AYiiP<b_un<q)kzKP4ey-R>I2psjP1ipL69YoqL
zjb1_#Btj{3#MS1qt<@9`eginrmGHT${#Erj?63k7mC~OBuq)-{!DkB6=#|bX(LT!w
z?mltg{H?bFVp7cfW~l+${98?K*_5(Q@n~>}g&V$8ghLq3{yXPLjdryLH%@{2+4o1;
za1)?)J8M($^{&T|NZF-{JCV43@@WZ0;!9J6V!haDhM+XS22002yv?wsEh0oOM%Dv9
zN&aCc&mVlJ19pke1Z`rfW>9-3!E|Bl<!RvF^mrqXGaZA#q|l<ww}$QT-guL`!juPt
zFyi)B1<eRl=QCi{YGsn-dsq<ecX|@H$2vj;uD=gS7UUQ$){Bk2s)E@Y9)XYIw9!-s
z#4$p^sa3TdKl-qtDdhC>+@@oE7R<SaL@&z-$D)@f)na{NGG4$%VX$Y_^Q><-t2)IV
zc{dTElaWSmJ>XVC%W4Ws_e+(h4-$e`4c|O^ilYH<TNTzbxoA|ef4@QSq`(inkNOOg
zp$==G^*CH|?7|C{OUOn8z#tSDYXw)pkYA}H*?*=1|Byg;(En_%b+)3Q<*Lo65b+tD
z&P8&Qg>tms&z9bJNu=t<@#z35yG(3t(Pz)f3z;Q^w09|S?HX0e!8VK-EAAVeND3np
z2YZx9=XR&DILYPt>~*R!N`@eiqc7xj?&zs)tv{#NqgDwFp2}`rJR`HZlp|ePf(vHJ
zo*D7&OrJ9({TfY|_iCd$E3rRH8uc(LB_X^N+w@eLUsuOs`P8xg{5<E2{EHLAZDwim
zaCs4kg};mZjEENHE7nTRA{qTN<NI=Xum+CW_1v#h4Gg~zZFMV7X0A$ph&<Bd+=`Fy
z%^U~{l@{qyk=l*UHn8fjj;!WTY$|-eHwCWD%>Z1Vtu3vM{9fzw>z6o6(<?<qU_Iyy
z5{VC?Gg<kq$$CPuBYE@5@Pr#bYFlk=jHc_*f>+TmCN>tiP`#EmRhC1rXt;_S6r<HP
z9DEw-)_O4KAGDmNon3)!U>|M3vAyJd0S}~I!1l)$BNJn}Tu;1(g(&JQheD2&orw4w
z*_@oEa=|g!5I($P_m`<LhWgTsNIk`C($tZG&g0zQo;*;MOCg0Sxr<EB9aVj|?Mt+?
zGGNhyo#$oviAg9cG1C!Kl*P)@+8zP3@xF*L8$Sf-ejy4!>7UQ70MKE)87Y2^7d(mU
zq-CzR^43lwVD^f!f2{=P&gqMd^Wr59Ml6JewMGs$<&z^NWSDw;hVq%A!B8&QSa(im
zSR@ilCAMcLBld4R>?yZQn&S|3CA0EEcEIbMq?s(3j4c*GE%S4N*M(k#{@G3y+%zNA
z-Chf2z{sbzT2YK_L^R~a4^#)P%HPL&DHRT&H!s;|Cs4A#)<0L!v@1^kIPUtk`#y)F
z2bE1v&TT?cl0hHcSAsZ{XJSpPjOpe*$)L34qjrsIOiLT?P@LXM1OGsFu80gKBsD7C
zAHbfHqPvg={zQ*HQ@o5JqEcT8przGW>j^g&iMvqIoGNj6GGA~raJqN-IkT>c5+;-n
zN41a5?bKJ<`BTbEU7l^H{InvPSu_&r;e5Dce?wk9TJ%rig8e2Th?zVqg-cnj<Fuvk
zWQe{B;PeyP73Y1V@_2jl2omh2AebSOb9)e%7$b`buTnSx`l7T?L&Si1<_LVUvH2$I
zGF=Nr|1#(YH@R=Db@K9E_6~So+$Lpb4Ez^LG}=Nl^esQSe7#a1vqbX97cM%p;TU=a
zBV9WIs|qZq{!(?O`BJy8;zq4#PkfWFvf^1-cx|=o0dyho&if^uOLi?@M*h!sP88eP
zSOnC6B7wIy0LMb3X57=KRx@ZJ?E<S6anTl?-Ne+IBcPmk^Qg$*Sz+Bjw`294r1&Tc
z?Eh@Uu~^`qt|;KTfOAq@x%`Zq6rd7DH#tiRvTI4~<L$!1roKuWI_ph)txT`<b0RfK
zK>1gXTBo!$a8ad%E5|o(@zR3J7N?P`F%q!XIilE#86t$rZvt^T{>Bbh``7|Gg~U>9
zz~A)YcPlCO-szhL{qut9pyS%&N|U<jkdo@@(25S;EmJ8i<`jb_?uQL_LQ%9(Dwh|b
z;NuA_(GK|rGv7R99<gACrLvNmfDqKg=8^d;o_?_qiSeIa?x8fjX%6iK=ntpNNN^e0
z<?1?!2Txtg@{G#()R;7b4XkTIatkdeyNoJU?+pR7fI+dilE1{fC$ZS(Nh5Emo?CZX
z#wX1fRn+_`%C~QrcKou-jhd$3J#1Uxhh#A*?q)E6b5ZF=HEP<szv|89fUsdZeoR7#
zsL|wDolFh@*}_$rRnMmD+D*p~df7)|d9zrT==YgpXKxqbK&isGCw*Norr9PYNtf&6
zY3yRXjmRTD?f~*QgHYN5#y~>MpcZd>7;)Yeu>l)t(yO_p$=>2qc_-JkwZtDh(7N?r
z*GC$<0uT+fLE7G;NSjF#f6Y{JSb#NJYLo1-1Mny5myLxdQu4dkXT>@@XuN)K0RD-?
zj>lcej>nbGHjWNeTU!LRRT|s$+bf+z+Uqj%C?#0nx3R`2v+10BXG!JNswBrIF)F`{
z8Q`!ne23+WYD<bcoS!b%8~1(;F6<YcyQp(S==2ZYdiyz_o^dn%ApuU?N8pDtU_(nk
z;P5$lnrAYF?aQ_2#d>(%yk)9#(MoMsou>)Z==JQ;Cr;e9kN%;$wFbt~gXcqhtB7E)
z+&2#1Q5zcPaU8&3yf(uNpCe0hi)a&6#8mj%ma&S<7)wW5_Vo}a+kaO{<x~tVw?ftL
z%8Vejw&LjB%h>Pd#~Om$fU7wU0#Bq2I??5F^4sjHZ^%H4kle2378)kb_-lGJ-2v!z
zqMyA=wVt)=lJSD-e2@cand#ApXkp5v%}V{KCDd|}wVRyW1^mIm;>mz91y)kbEcslP
zVYj$UDstBU+{aD_-^boeE<XgvG&XQ8`a`l)N_qe(hzL_<ji!M_4Y&E2jeuiyec{>e
zh+n8DPU?8_*qKqcl76w9T#5Pgjit_2tC9Hhy+4PgpHe6>=c@>;RB2=!&RQuDjQ!v=
zFWcqHb<2uMAx~55Wuh^pwy#1z_0KUH(iTPYG|-Vknzc3`*F})_=*-yj3&$PcpyI~u
zc>F}QN^QQAqDxMfxY1VaE6EFC{%MuIsFxe>L!SLQdA-SMM?~jye{N{u&11*lXTNgA
z9}zs4R(>Yj>&kQ)BqL-<nu9yWZr#;mldI2V@S)?0`GXle|4!+nut)AwS>dq!vtI3y
zwbjDqUMg~GBYoI+GeGi{86DoO8~?Y)2IZu0GRlu*{B~LJpG6dBMb%MhjiJ|*mXNl+
zu=tUwd(~}3F?7Fr4EhL#5;5Kisf_&Hi0eEgO|{E<eT#g(#;D?0uC%)&f}Xt1k#B<j
zoYC<XkCMuEiIloyhURzq&Qo*si#{9DKXQOIPuFvFQJAYmMTLg<g$FLT+XI$S#ofRa
zynty5_QWE?l%mg2NAP>dIRk<+4TPjOEOwTtP;nHeye*@lRZdlbwpYP17F#7>nW~~y
zt<~U)F@L@>cvyUU0p)Y>;-B9wUTZ-;rnuh2cglqSyC4B4vc)4)Z=gmlcO^Ge7U`BX
zVpOv~<ukwhJ0qN~k*oLLCe+#z_<>6Qz#le<+0xSdjZYodlo)m33}}j45*;<*_|?1N
zA=xwSCgnMFSvQrC=qmX%=G?kyKWUW`>acJ*$4WyzY=5Oud~w~66OUpK{?tiPXQ#1s
zr=lq;Oa|~~y9<@|w4tVuNP>SaT(!G@=SN1(0f}Y2PEHN8TNPYUEm%sNY%rwPw|A#v
zQ`+a=aZEd6p7OYo5DJI=@J+eA_v@CG!C9??@;aWffbrZbdeLMo9;yP|N`R5Ef3qad
z5E9cQqp2fiYj7lKskRud9A?RQj%AmZPzMPBlzFsoEO3I0k6g_xw2mX+j50s4dB3y@
zVz!GiA{etlp4mLyN*6^+9w+@md_UzGGr~6+zkkh3#S$$qQj-x98P~oNXKFh!Hs!LQ
zpjTuWrc#seenq{_f|&gb0YqASGrm~JT^-o51%P4n3uHY+@ybTwxM5hD173>dF2oEh
zMZ1JV{lqE=jZCOet2#h1658pN4+rRX|6H@ZvRaxuQdrUhTTj@nc3b_)E(03EYC=nm
z=a=gj^Gfr)gob&mpYq7L_2;hkcL$~_&D{oPNg0OaJU46`u<IoF3Cp_Sf|u(t%R(6a
zQMbDC+i5JyX7&LA`MBuBE(~|A)AJQLnQnf4AeYr}=&8|XiDwa1x{GP7EBv3z+2%I5
zIv6rWp1`rp=x_+$ejUiVrpCnP^VCK1J}P-)1QBtZmWBa6>Z&EflVxI1#kyfz9{GY7
zPf>J?{SI3r)0e>mqh6!h;@82?+8+X=YAt!dAZbq8;H}lV#A}cIpA+9aP937Vmvim+
zRO`*?tITEAvRD_R$#BctM8U6plvrV&!wna5K|B4mmK8p_)(mmfl*OE{NxS7W%4;4g
z;we>eY*(1kTh>MYKA_fEmGmwW*v>R7Py9Kh^N&d+{DA##;c%W@UIXSq9Y97|X9#Bq
zZvwY^apucNa`M_$lXT8SrV<e)CG>WkOIed8;Dz)tMo66q?oQcP4Pp?{KB|$vDegx_
zohIP;T7czKLTxRhKGqQ#L{5Eeb3U=%*xA%wB8dKv#|Ul8+Y~)dKKcgsV~N8|n-l`U
z16+^j4u8y67lLR3f4DjW_jZv>@T;&7)OtnOmoE&IQ?nx!Ya>ih#-!+!c_u|;@b{P9
zdrf1fpDx!rj=F?l<eu2JwXq4PM?j`jXx1F83jT5?P0Bj4`*fJo&_dZcW%CPpvKcK|
z`*bz>Zx)y*cG9#R!Kx3ez#o+*wd$grF*OCa)k^!k14qaM##p^63TdhBaw)@)V#nS4
zEJG8Od}HvhT9i=FzuA78PYoaTP+eFJ$M^~nJD)<yqZp&dv{f*#63<-ozW&@QW;&g<
zONC`x*l{dU+<u)F+ywUo{?)_jIqd9&M=|r#K9*MN?HH|vPgJd-+)nDa0T#_JjQ51G
zF_x$#DjWW{NX;4Z0BzzZ_(fm`nKsZo?)*rb%yKz?J_0mf>ikuOqSa|=XH#L68HU#f
z`)s6MO<`#oZLMUO4ywBCxl^ma=py@YkCjdd;l^dQ8dVfP=(?7=z+_dUr<*}beXv{)
zjf)2UnsUpQ943DMIstHsQgosZS0gwl1f><nVmv(2U}aip)`$zldtKO9+*a^zC+|Fw
zYwDQf#<q+gUkK6oaTIVO>|C<-cEyqoe0#b(9@m?Lpm)luC5KFhXCyn}N4@^oj6_kU
z>`3F4<rE{0$>qU^kBdyI&U21#YU7DT7N<TYWk~7{8bA}jI_Eu&di*Ta3^OU4p-e2i
zri88O2&<bm7E>E7Rz5oZc2x<g^WS$Bm!0K_?fXNcgzS^_RXN1EGaq%O+}?W>p9VN1
z$2O`|O<Meh)11;zCUPcI?M;VT?t7JemgNoSP8)SJT5`4jdw70&yr^RIy))Y!Fe#g!
zQeLV=x*%)I##8>gTHV7pcPz@0Z+X(++XpYaYNRXgRhCPVjhs3ckz*q(t`4#vy;bQK
zS#lCNwWQFhQ1}YAdS<V(OS-DpR6h-g6y3KC8kD1)NQ`OD;8#5Htv(U>2ev4KO0@1t
z!i!}L*P(!84YSZ5n<#3+7U0>YA7>byGU|3E$fgf+!#ik2vwo5$s9}ZhaNB@sth{}O
z^uqCXoAd0(vxbQ|qA9HDivE3(A2vEjEidN+m}LY_$4h@18o!&boVsHEe)gPe`5CLH
zF(Q(o)Atr_XALa@^<;>QL3Zt1I$@(VGim)GTNhih#S$RvBvO#C#zZYTgWjf&7#%Tu
z8D^)hnD<Y$vBiR1hZ^y(o2*G7+yQw1vU;H-JLe6tG;3?d#I|e`|5{T6^e>@YsxO>2
zFx^?4{Eo1D!UFs-kk3o0@xIiR{2E(4Cy=-_@~ecXVwiJ5+p0!L4};ds(CKt-K`k(-
zCr%R*X>)*S63;3mAC)6NP0hI3Gr>K!^Z+x<6bA!iRVR$D#1Gvd*Cz9-(*Qz{GehzA
zf*^?CX?B(J^@r2)Qo&5j)SDdI?MAO_MZA3t)GY((fXBBQ;?$7X8;X!lgd**Eoj9sH
zx_n!rQJbf}WBze#z6LPKi3p#bCEcBo{+OX*T?6$`NhzOk^lvlLRyCK$nckQCo2xt3
zRkH9**r!-d+wdT$nf!$dS|-MC{VH<+pdsILl^g2ApS`(fkjSu&#r56If;)vqT=^@@
zcu(q^O3^b%gzZp{5QWz{pA2JiB?jM?6=C^~igHAM2k@&=3$UGBLy&A%N`jT{_a9)?
zLuJHjP($9Z!-;r@f}g@Fk2KKL8R+UW-U!o(X~54FlF&|lGH9cINK4EH{z6Z0md@B*
zl6cFYyCT83jR}(2A#m@E=o_VCFV(qSm~k9H%{Wj@ciRfC=g*JxO~L(mMACmH0Q7kV
zev}6Zit(#=LfAADT!bG@P>i%Wpcl2|bVEI(?y^B+7$-`+gWbeLAE9wN!Zm1}Ac{RJ
zj`Rt<<^#L!lO%jr<CYdn_6*cbaea?mlcW7JV4|YpmMD+{jvmIzb@?Ry@ox>`do;-K
z;YFTd`oe_}vxDpZ_&39AkHsEGi0h#jcOxsu`a9uQ878%NL=rA)p!|UYX8h^5W@*b!
z_GVCXJG{i1`0Nw1nYnM~U#`@QU&WviZez$pXUn8<=$WzUnbacC^!gF(&Dl1(pPnCX
zd0k$dB0K$<YPh;?+0KsBpNgw0dJQ0(c|6ww3@OuNl<+%cJC?-8tL2@-JyUyw?8kj!
z>9w6)<B_)gI=a>GkGN85RMHl|RnsueSJHAfnRMQMCb+|M)sPc0poJ<SKkaXUKN$A`
z{IiFMr6tk4RBe$Q#_5348FA^^+)A3wW7{`YqIj!f=02bO0|(zH9X;v+wnf*sf(-GI
zyEZMMnPcUitPTOEyURk|^9=<^OpQ@`i%F?U7RL=zCMZVg)4E}uDz%^-r!Slg7q4{Z
zP8JHBP&8t<_NBS2zjkyhLni7ZtO33SOb?!Dt~ai)aMc?FNyge|^4hU-u9B&KYS?NW
zs{57S&`h4iW`ZpYfK*dl{J^f6XGg2Iwen#%SE0T@`{%RCn7m(-=1=m312Pz&JAQAq
znd?W96pR3n11_<(2*eH=qVsz=6nMLj0%RofVA-EmcucR3ZM`_fb{!X})hg&BrOSS~
zTXXejbfnrcG5^>cD=@PPDK(=dWw&HV8=~gA#IbX50DV0M=BD*Zj3LVSV_B;rlL&LP
z_9*`{UMX-{zpbA|KU0uoZ6CDE?tQ|MI``-Yr+4p95-Ql5$Uqm2TS#_Z3f6C@8pDsb
z*14K*&s!36`A5mhr|bxZ+{Pw}#_&L?J#qw&pgiv$;#FS-QgkMYB1bhSbv-1Ht~am%
zyeKHv;Wv6XhW~vuMN`bIYG9aC3?rIP3l}+&uZfb47_!xE#1A907SKR+5M0$2p&kiK
zkMIX)74zm-i>h<S*X!fp8;gat1pRSk{Yxn?l(dbsQq2SGH=~kg-8G%HvIm4Bvc*_=
z(}x1gP|5nBGaplVz5-6SX8|J1q4q^rsZq(a*Y4FcpQ}E0=VyL;Gf}ed3-_c?%r1pX
zFQZBNeQo(*yc)hDJEGt)*()PpeV`7;db?*Z>Tpm$gWo$59WX-IE6gxfswHu}VaKre
zJRpeSzdWbfa~i}e7NxDxl>WtY;-(mQMI6i$ATxFun$Dbb4Gj$c8h*inU&ffG(U8JI
zp{ibvn-51zmr#{*W<>ggpDTJYJMSjt@HlK^aNZgTz+RIlEi}v#%Tsh!ngVV^f`$_~
z;U%FPzOR--f1^^MZ*ty$gM_wjL@@!Odxa#84-CamwKd2mX5ZB!evB;p9O5IMYp#Lg
zhH+SLq%7V6tYE|N{*X6-{d30!Et|3lQz0`zm#W_*xWxLCCRKk(s@!F4_IAy(*kxly
zK`H#U+hQWIBH@Zf?@ulK!i4Yk6kf~B`3^%L<(58sKi9iH(;^Hf+8T8@SH2l(xG_Av
zD=t!TezX~5J}cNLlgj9@uRvS+gNMC<)de`K#mApAQd@(}mlymMmWBx<J?){9+Utnd
zV{&3MMoRJQ1$p79+s8z+{OXjm>k53}R)4nQzFE*Z7)DU)ul?H1<*MQ^buve)b=c%R
z%UNdbe?#A}I-~c71_^JxOgXE8UZ#%!O*@x^)s4)Y)MB59&F|g_pf;dcdN!-Z*lO}|
z8F$w!o0s}m;qkqtlt=NGeWRPB2eqMd@s0PF+2b+Cr{k(lD#|+JCM{-K;`+)R+HoEu
zk+n7P2yv3#?dEJ~t%tHbAx}#xV<21Dh_hDClJiX&NHYSg4VEwI6}Bi5!@SWdB&T?m
zLm%D8!T>pIQdul2aZ<+V_x|$~>Bp7r1^tuXERX3=mU>V^c0meGaTQ;B(47RfZ!n=!
z2<tTh_x5QCB=(H_&h9<B9(`+EAZ|S-$<1$#Y(pK+9SybFja9v$dDQ%+rA6V9V@k8~
zqDLETA`d6)5<clI%8Ojx0Q1&IS^(Y;<0CD+vQWLa{$9p)Jlo#~N0HXon0DSC<7py!
zMyQ;YI9X4W%=VC4WW!zd=5y6+DTTaqz_$W5PYzaF6oneS+=hb7<-f_rbAKg3Lah3b
zxy;ZVA;TlWVb~{>%;D`$jJiMhLP8*SY7NPc0R)fU5>^}Hz)~{WmW=C`6auu|C5HOj
za{c2N6~1MLu>CsV8lDK*B0kbs@?#0{BxFU6W7!tmBB$Qw-E5%lZtL=g#R_-`%|Z@2
zu-3^tU7YM)<S>dkO`Ys*fX17%&2iJ?^@GA|$#Xmm!UXGB1t|Akf>#{=rl$+^M=nRz
zep^6X+y=7^QQi&E0ZB~Fh#WVHj8s?T++J4(yP`Q@R$9+uJ>T*#7>~n+p)InQ+TR#m
z84}}^3)9ZI>A0_eYXfCH!`ro^+W{g#dsOgAv!hV-nfalHO++SFj155%%h)a<;qv(0
z*{GuS3qj<c8sT9~PKZeGr1`O@Pa=YTQ?4ttlh6RfFapO=<xy_t%8z#MO5Z9xr+h{&
z#)BiP>?1`szo-7FKqd?^q*n1g?BH2JV**HnFr71l2`w5i>aOK|AvinMZ)?U$Bd6aL
z*23H#kF^&lwCm}5#ENqJssx}N*<1^{&|ubVO~ly>dASdh63`xf+d@3y3)JjPXaN%K
z-EY}KqF&e_^5T*sY3d1?2h}5`9PHm**XZ@+MfvNj*7_6}R@KP<5Cv`D-QTxh?s}PK
zrHd=a`YQ09MJ)NpHI29qqxF^qVu8ZM5B-_H{V9|{Tph)7J-iurt$scf%*+%|kQK#U
zw`I{XDsM6m8AM7KkcbCFdf?x&TquxiLA~72Bpvd7Mg9qLOT5Lm#8iY_@ES9nLjo_f
z5*x%kWfV;#7LQ`7kC7%9_^V7T1NNIc2BeOwKP+0GuhjEn1_`TBPHbzIDZ}y(YL!4%
z5>>;yUwktQl0p+9z<|_aMnKC-fQ{H+)(#!Rwq~9J-juhPhbv{Fn26-?DS>|?GVmgT
z(zhG+zH%$&N&@WQ@BJ$5LY66m@;38;LBe$K871F+M=kItjDW0I0!j*#QS@CoKIU(~
z<O2I)8r#f24L(n2kl+hF!8U<YqV$!F27ih{R=58d^}g~f+Qk$}dU*d!pyB^+j!Nmf
z!RH5qCUQiNY9jLRyeyYPkak9mfAiM@!`d&oaghh_gkjH5kakzp)*rUQwKn|2r};PK
z?dBf`G1CboJVIIhsL_@*vcrv%Q6O`cq`SX2`UQ9uqJBYLeeieBAgKq@Eo~r(-IcON
zK(idgA(AvB{$Bt^qG9bF+dBqv0#hhR<pa~%P#~o#<#NQ$Jn@s?|4SCF_Z_&$2C|cc
z^}mcZ0w99JO#W@}_&n`jNJ~O`fXI!T7wR9a(7GQC0^a|@4*$M`JD~snXDdP4?aR%(
zybN9zH1H43BWY}c;0gU(WE-Jkf7W+j5hWp!`Bxg-<A1lkLo8Xu7nTIPG}b?*1}VYa
z{?!zW#D<&?SWtIJ04QL2Lay+Bc@@(C6uizs+;l_<?NDcI5KA{YSku!XJ%H80LIf;N
z2=y3>Fz})+fT#a2br0*m!%Wib3Ao{d)%j{UQvL*^^OwM2?Z6T@1O6qk_(%VRFQkXR
z@Vy)6FMJ^#{2zS(ffq8^U+{uE0N($F?|)A>0xZ_BdjZ`SZwBl6y%_&xn%ul(V9UWz
zh75UMoM(*^0o?XZH~+7;&AupJKsJh@2v~K~<Q|GbL;C%z?VZLzRO^l&z*-y#DeQcQ
z@0}k1r8bbk?k(+q;05>bZ+HRlNH3JYJ>KE=ko#o*hM5eus{b$u@Vfp(V0ZKR8{fMQ
z{%sJDQU2F_0f_xVR`eIXcZ2<n@7+BA#`iyGOAb-rI|2Pu9txtkcLw@Lae;fHe$ZUV
z`XGhu(`sPJz*@fezm4zOGLwkS(};aR0WXaj?O}@o((hkQ?-WMtPUH}J1WV%|dfbrn
z{i6!NA4&(~d)LEX_@e$7zW201*$fu^KZTO+2#@qX1qSn90t>pcKCnRm|LfW$AwB$U
z5O>4;g)gLszwo^q?0@mShxe|7zu<+;7Wlt?6<CwNVg>WlorL}=+<r$)5HbEmO!ta=
zH{^YZICGn3jgbD<e``4@*tT5Y?mU|&n0f!V+g5JiFN**h1PfT?e-qvvU;ojY2ep9=
z_7}dPfAIYuc<*T;=uT7bY2nVF0rA-XDY5qdlGvO7#P_a)zYGF0%wL3e*TMe{FL1}t
zcZ2<n?|<6wf6n&ap`k$>+W+xqcT)U|nEp}RyAdIZ3y^~y+F%+R?7tiTzdN+QnnD!j
z16bsL5gz%!RRKZ>cO5*yd%yp2XTMSZ9}exso!su<Z_#omu%`bKm^8$p{o9{C{ZDxB
zI)E4i0G{@rfaPwOzX|WIhrjTJ4E7hkka^xkvEX$p-Mx+D|9!Ui{)`;BlhFS-v^z2W
zUry@I@!V@JWXK1HCI@zC!T)Z1=g|J!pZ(SJuG=Uu69az}9?id10fO&c4}amC@t^qK
z(*inJZ2we_yz^($|LGx=fxj%`4&S!_#P>f9;%=C~3Gc3hzX(tHKi~xh{~zAII-sho
zdmBMeNePh@>F$zNX=w>XL_&}T2`@?=X%PVtkQV8bkdnNVA}!J_A>AF9d%tr*XAqrv
zedjmt_s^c~KF?Wu?e*-l_FC%<_e3Hk{LJq!)jd4WkOn$(pdropvtv4p#E?@SZd~v@
zD<O^@J#H}Iubt!lU#Qzo8u%+7{y7vtW+>miJ~lFpKXRU3`qfT20R3d!e+mV@<tEer
zuGsHV58a*5G0#Zx=bix$ve1K5^3aRcB8mV0lo8!>kon0i{bd9~`|V8s@kl>;#M}K5
zz5f9Pj%2p7CV!9p0eZL<QGa~M@Q-h=1AmJI{j|ZqL4jkr#@}K87f|5WK?SKhxXq8m
zAE$r$EF6R?&yd;8x7;l9(^fgNsQs?QWBj(<4bmc^+9H$QMeKn%gTA_#MWVHp(Y>Fe
zOnUPTy~NsbYe`?m835=liqX5JN(NPv*gA0r(Y%(<KH#_2_eozWJu6_w9#llOLrgLQ
zL>M-$xiD;2Q}E}YKUrbYUNY(3#U6+;7~r*Z^jT=jwKPmpGN3a-wrsN8{V7~g_C8-t
zZeHQ-NQt*rC;2Q?+ilW2i9PVjpp4fN@G&N&wZfDXAq2qxc#1r27w{g9<z<to#f*v+
z2ylq5A!#Em60a37>D|O0h&9;bWs4>;Qzw~=M79fR&x)9zZN(VukZOHuE-=dim2+)9
zzFxWLnlEj2V7nY-SfGT6`@ERb7dS55wtXX>^ae|bAJ<UFP`)uBuekziP>g4A{*c`$
zX6a7Q$W{IL^}=??sicBbXQl4FOU5H~#6bPYcC44{<)<#m;$GH2)jKn=pHfnhe%rlD
zCijdbhEA1M?wcrQ^%4wCdmEOm*G;hKM(NY@C?c+9BLxM5Vfkl!PYbxW=wtO_79kN+
z@#c$4UoSgE0_uPezB{FUs?An3?t;=+<&y#)O8UILs6`%DU4zk$6=_JRB)XF$8rCx3
z<_+3RvAcvyUd@n8YI#DZx(F%iu|`Wpddzc<H5(RLx?HsR^#w>r_E4~JZ*Wq8K4C9*
z(c?GzI{Zs1pNF;9tXZs}%@yedjJ+oyyAS|sRz~|Emsb7<fd;a(`m!&I^d?7$AarJj
z>s<)!tPZ5JIvHJcFBjbseITPm(3>*dlTyCl4O|B})8R6TM6RC_c~O9Gi5gu^oO{kP
zb8?snk`(?2nDCofzG(;isoqvf?tvx)oNG3ipa|qL+&Ul!s{CM<nnO*X%~0lfxzD({
z9mRV}1Ba>{H8bX+Ci^@HP_Vp6mGa1<pp|11F1RAv-jf2J?E0*|T0lz$D1;J}vk9_R
z6G*pk$l6cFLuyyi{2l!28yUYe%8c=%(xC-6Pa>za7Q|TyBmxb3WEJJn*PL})%F=;?
zeV(n9&wt80h8qNRLJl40;-ACT!TEA&(Lut*s&R9HL*p@5{Y34-&@mhT`!L|xhWgD}
z4^4~-^6KpI$G&?E?!_NBz~`p#_WRC60LX;F5hehuuJ2U*#Kch?@^J*20Ed2J;vd71
zOaQsG(%-1~#ss(rkJ|(}bexHQ3HF`;e=P2hiKjm@;q_NcfVTS1!~*!p`ceW%DFc1e
zf)&zDZGyaAJHjm9&mQFh_!#dQ!@&pb1>|vT<&aJPqMR7`82{jqdxM=o<1U2nfUZiu
zAL;Lq?r!6Vy8{j!sDZ3gq%-KlkZ9yn@y(<7{<MtiNKKA=6r?JDdXxi)g4E==LqQ5Z
z;*F6{;YKb%EB}+f`*}lk*8aQ$K;s>?ojvF?54SrKym034jB@9|CnMEX0lu9Uor`j3
zeq2UbdO<Pr*%;siPpl*Ij=_)~5jk|6i{FF+zrcYLg1*}WT;89D1;NkMB8QIK_`ik$
z-;VCy;D1HjAJPs@d=lI(hvzJE-_ifP0V;rlBL!&$m2XT8F3OSq9uvo4NG6a&$C>zB
z81U!Q^9$S|6FxsM!Sgc{$f4s*{3Z<eP24|+9WsIa0~5x7FaaDyMt>geNF#h_;`5>$
z`tLDu42EO^Idq(fU%-Ih#2qr>{sR-3KQn<GI?lx3!hk;mp1;NY8?ZwrP=8<oIQIt?
z$CyAG<~tMdL%|q7;(is&BA+pwBfkBcYbX0f_{8@;-U0rMWzCTB!?9TQGYY8fuVUE)
z@SpDKn0Cnhgw*7?Ye%YbBnSjU3Lx-6m1C#-f%Idc3{sQhC(nr=w<mJnq5Wb9{6f3K
zP!??-kUJ84{$Z6rjdFOrBlZ4%Zo3wUd`A0m-oH93@P6bBX%(?!WB~gq3xVsuh}@7<
z9Dja(A@6V<$P0g-+cPJAChgQO%yI!_2soDaI3YL2F*g1idH=0A;Anz$Fwvjq1=3bO
z?v}vA;2nA4kdAq!GQpO>^);xfVAm07Otd+eU6iC3?ei?9^nXt-be+{JXw81ma03W*
z03)9YFtvfE4+j?<#?n5UDNeGVkH{O0o~4`tqg5v`P6CiZ4zsC%1*MI^q#vTyE|Je*
z_Ok&hia^Tv7KIcGc8R<wI{F-GEXjd6VV4N-8BDuoDdh(agEMoR3`aVvqrnuY6^A`I
zngj-MNFj$=;ovYRp#O(huYy*05;+QHk4PDZNo#Tia#cS>T~4y4VEQ{8d<RUbm*jx{
z!)VX<H<#>M@Rv(Dx{@-pp2dT#@`#F#>Si{Xj|9WO1Y%g@duRg`{4&!-X5`162Qnr9
zfs^0PgTKXvVETR}jzi|WGP%H!@<s1K!Qgnb{J$*@0Lbb9G9^F$tRJfPgLa4K2NHaE
zF8oDt;P4qis(qM26i53&WRa=jk)1!Rlw9#<a!8{ea09ph5qZaO$V47FbexNS4m(UV
zP(kA#JeB}hN&2Zc@I7h$Db@UW2mD`a1HjRG({Gm=eykz<WeMSUmR=nF0V4bK2POdX
zKd3my#E&?z%4KkH>v1OjIqZN5AeiPm6^BgxoP7PeN&hiv-}wK>vmP?>A4>?wv-INV
zO|WzYCW=SvFQ9MQEQ$i%)E?-<lm9$Vf01eaYk4rB!~bXSjm(<AA6AFz{cyH`<wj)A
zdn`mdQ03^+0y>o6FAe~ITOIfoLC%8o9Df!MQt}^*p@&9Bf)5YpgL309iUWtSJhGC&
z*b5-fy)rX%$0TH~cw`x%ZyG>88w=nu8Fob8F&NT)B8QGghQA8~ew_7>S}pUBhs7_l
zbmY)+r~Ti<0I&voP%-&;#C@0cn<a!hlLzMy(pZOKSDBf$V-hk~{0%0K!H}jy4jpIW
z?_t0nb?IN=4yxwNKbCWTk)<Ptjx+JQFaW&wXt?!HY6$<A5(04e=A;)4$G#izI}>J(
zNyuFBH<&mELkdC;9cSWKFy#LK4cy`T3oti05<vYToBz#Z{s;{CqfYm)i2FNfzbqjD
z2T|ZJ!Yrh*zA-WLY4ISf{7<ng7|Q-4)BO8982I+8tLC@!;DeGrGE+T51v2S9q8+l7
zi`3+JDEo`z0Pwfffj{%$-z^RxGxFol;xDv2-0dJ3I1+pQTpjq9?;-X69?OdNQy$Mp
z|LUkf=Df$Of=qdTh@b%Q1=~T+d+aDfrqIWqi(kk)TnF;PpXc^}mCYY}|98AR@PDih
z{AY0h_&)Y~;ru}HKWjQjTOCOmkOAmn@Q%E2NXKT%s8T-dK8&+dsqjdWIhE2stYvSV
z0TvR<(u=+)^gX}IS%F_9t?~aUY5kV7-u*>B|EqL<^Ka60;Aoy6)qjwRA1yqAi8uJb
zf!RO!ss+sT58saR{dGQnGzo^9nf=Ff9yrYBe|O1Lf3uV$E3xh`{OL9Hub&dY@z@LD
zU%e0B>retV#;Hc22%d_))kR0>qpgl`l_uXHy<q@8xwf}dd7&7#%LeT3x$MHXs488y
z*Z0eUno`>k+lx)%cq8EVbg2+qoKymM&{uj;hRVI@IPprvWD{a%6xg?c?(c0;Nmxs`
z?X}>=Nx1C7M!^fa<AAHbibOdAw%C-KgSZWTL|0`=9E2<(zLqU)LH9SOMB$5bBYUYq
zOKw{Ws~z=A;x4dl_|^z~@<tAHJ6dmlW(jTsXIcq>t6kqqgte*YRqmv2ffH<vj_ja4
zKp-Sy5g*$C#%U^ssJONq_#Sj_iE3j+q5wcl;VnTOfya6!P;q#Go`5raBXS9P&keD0
zeoPO#HwYi!kU*UJ7>C#ulz^{vNFZ_?ses+xcqnYD(Gjse(}svfY>&1<C!(S2i+XTa
z=GJ&>4m1g|?5KwjGi<PZCV@~(j6-mKX#;uy#B|#P6b~w1fk1nR;FNH2LyQOMA&Q&Z
zQo)Z&Tin@#!cw7;;n3|iDk!WAfY*jYcfabvdVsZvG1=2SLCZ4m(<5$k@P#fk7)(Qt
z3SQfTKxFQ3w~PS0GkcuCF6m7tu|@=m+rGpFs3nu0ihwJ8y>@*j4vN^Jnhu8oxvq#>
z6}`<I#Pkw;8NTbkHq{m<UJR@Z)d$7FcXA{u_uy1+@L)L19=<(V&$(gJwZB*lg*k1n
zaKcw}5InHmIYdZKoYvM9VGr;QF~tenE*pWZ%#CcU)q~7S?nxkKMo@}#5ZWs{JyeyI
z<5LS;L!8iii&QJ7;xz97s+Be1)g3B=eY}|{yqSHxGcCS!2uZ^=>OREt%AMz9fSkFw
z(Xs@cAl2%!L{b6g)&~U1S}A-Dvakn%qxo*Siy*uu_iADhb@8rat-$!FO4}(3J5#EX
zH9et%oWY$oihh$tm?Q3j$SFju<X&qvFs1KCxwk|y;D`$ssRuS=JrS*Wu2Wy2_Ld_;
z+uz539Nt9^2ZHd;*hEBY#f~60B6jbf@4DC84op?LPEAAYM=I^tM@no)gm#w(i<c<&
z9Tx{27k_M(7euz;B8+QG&2W*_%~)py5Uak|T7hUycbysrraCL_m!S6MBPClSLWN5)
zFh>y2h(JObfT_Vs`_&PlV&rh^qy*}|W9z|1`=2f@h?pQ^!QsAxdp1W(3YKE_9XSq$
z6%K|C;blIE)@0YIc>ro}HX^jQbi3cN6)qCK8S8&AK874F*<KPYSh@{!ywLB+0T;nr
z5IK*C^*w-i?r=W%aRf9iXvm{&&}J-Xa;gOpJh+HNzvBg%qg%m}==KuKbmY<U$c_Pg
zARo~R{DG1<xDGq}=yT<oB>J_zPk6yhHvQplPvjnTh;K+5HAZi~p`y_kE(qE`o4%Uj
zy5RdHOfW@DD!V+dg2v-(0P{;h8tvhTdyi-@3>l4b+Kjn{&b$;H>r<kDud*!4Mnb>~
z!*pYuOUMi1f@3pEOz>3>0K8IsBky6R^vY(@d1)?45s5Spq=;0S4^l)XEdVJZm%aok
zqL3Db6j4fxLW(X(i$hYVMDU--GJjO2GdgdX>0c~(uFvn;yrL|GhE7ENMXX#yYk?7?
z;agt*KEIfGMHL7QlZbj~tXyL&pD|;?TVBmRzpQ!18xR_{vSAK@er!QW2SURkq8=Xm
zv8i?4m=QIf*SpWJZeH;&goZ~%Ju>!VbF0HW#;f_f$$fsE^NJP_8UYdY=-7`f9DT9Z
z$}5;#mFY}OqVfsb`yyxOr67<L5fS`XvCM7CNhT)!`GhNdk-PI!ZjclS5&YM&%%7C$
zOijoN2=V)k%LtwV#e$UmerFdH{U9{bA{_~_Pug2MO&RS9c*XktE-okrLulkhI+9|a
zd~Ve+V|-h{tK09#wV)UYp;0O`6uh;vnW8KboEkgRp?uQZ1hbIPuRl@-{P846%5{<8
z^w^nBWiNA+YlVdA{gGM=Qdy7`Es@~N*qJWnlNN%#-nYvu0JCmoDGQT~Lc+fONb3cu
zcaW6ZBEi|QW<APv7ACWWgggC_ZVOUXkQ9B9;M`cVUS%mu6P6-E(gEZ=A0c>q8K41E
zAvE_y)H7l~_UT_QB)medm<dTR_4MmfrnBNI?DtE-VYnfJUs%0v&X^$(p}!#2jWLjr
zVBu-jei0}Yh#<x}?EkawYjJ$@TYPCM-ciIjt0D1|3tg#_O8yudXVf|puDD+7bmLHW
zy}rKLr?|3N+-CB$xHzs|BaW;vu7gOIeBK1$m+ryXd!*D}SnYOC-N7n1Zs1^C5F7^Y
zcd+7OCzJXgc7gv7bNt;D!2fb}YeHQYK~fEo{4#g{*o{JtCNcxa;cxw4c6TT&&gzmY
z^<cCYwmVpX+$`8soI?)Cd>{Bfb%6t!zawHJ+6{zl3>>uN0NCHr0a^w!M_?AE0vRK4
z3t%LB7pH2|aWP{A)e>0B-c_n99;sj*9)`npL0#dvcaZIcgO=l<6~EICfJ4g2fBd!{
z|1K7s|Nq;}I@0Zh6|S1!n|-0D*$cozo0@}_4G@@M;oPx^?DmU+!&IB}byUztz2Rp8
zl==c^BHe*#NYIZEr7~GilGzqhX;Cq>QmSV&WhimF-w1iTQc5G(UH?#-v3*x4rO~;)
zutDPyXQ@CW%aU{tgZkGB5SLMYUN>4X4A@Gr2-)w*2HTm1I}TPn6+`~nO0lk*pl2;c
z-nb4y-Z;Dn-q<mKywRx)d7};Tz9V=1Q!wzmqC*{!ddM8;@e$Ocb6|_WW(3*TAj&gA
zy%2Q=ZFA<XWX`5aMTW$t)1H0K*up}bizcw%1@F7D;j6b0=N1OQy2>kd(Q-Fcsxl-1
zR130_8^GyqKD!(^NtW3J(gp#8pbb)jk;~_^`*B($vJ&L-X_3qSH^9Kbiq!3qmNn1*
zrD&=H8tx+XaGOWc5QGHp<{`lnn@Ae!kxK9PB9;C<umBR=GHDO30H*sbS@J<qO2(k5
z{5Oj2g?(Bn;2<k_7zl)cKR|p>JyQOAcdcZEu2dkJSP6vgk12qyS^FOYN4n|F$k9ec
z5OCOaLw0BCk)uC$fp5d74$e^t@COL`*6$L4>ipMTmr4P@?3NTB@H-Qh;(F1b;vES{
z#o43&t_%9V|A6=o*xQHz1?`<fnq-gvpw&ERA4GPZe+d5GC&S9-rUh?0=c*A@IAoVc
zWpfVv$GQ>pYRK+&l@#d^n4t=IIEOp)ut#;CcR{w{E<C{BtM`5K-&x8(!UF%nM#Kj*
zb0f9<yKWvkOKDLr@i|=`MgM#4h3^YYiGS$M_n`hba0qj`1MvB0v!~q5pYAt&%Kt}K
zoHI%qoUc&Z!HQcq`hVF4{y)s|cT)hrT3w!=^Gye<JU!Qg7C30#4_eQguH1L`G@o>Z
z^H#c28iG5H6+e^H%o0kRx0~=`GZXxWg=MKgCZ{FXHgQ^64&QOJy}PzK+e99n-I8G8
zKhw`vS`_hT7dX=Ym%68rye;UL3ixMJD)xZ8!4o+tgbPU|Zi)p+b+v;Pv98F$bij9X
z(Gw(^_yA3VMC(W)(f%OXEt>pS!wy#XNFnSA7N87i<cxnK<FCNLFK7HK^xuGa*b*#!
zhv6Om#VVV!L^d|&*~kU8oC7sy&P6T=T?@IOs;A(Bh;AY^M`Z;y2h{bEs$*s$(eD2V
z{hQ$4rA=_g+>s@uXz2KX4cpFxn(SwDf?5u2x#HW{K-ZAtfZNi+g+=hfsSYjV4gDEN
zU38GTm}Me0x6<qsT;vAZ;)7Oj>7akm3N9b?4_d*MgFdpA>JdK>fCox+<D~-k-@r~p
z5lhZehm&h>5ELx5fyEv-U~2~tpsGZyL<cQF_f`jNMqtHpRFkz-@a^3=sLSqXIAUgQ
z05O!xsVBZaKBu?8vR?+)0AXv;-Q8N3t(lJSIX&2{3NQ|JMSM-As@z%Msoh(G!dCaM
z0DB8~apJ%ZY_T@n2D&pk)B`+)?l0#offssu_QrdHc6(IxB<9EY)@yy^pi{Gnz{Kiq
zf+BQxN+k|48gBCjR))Y*RX{sQgo1){8pTTTv^I5I<@iMr6qKN*@PKYqVRX$B5h2p>
z=5ACLptDvO<#f!RFj)P|w(B!h?=Q@r$J2XSUO?q`TTp33BBU<GLQ`(9RU^a8<Yfwn
z5gOi{=JkekwQLO@Xlbd+?1~9&dkG-`Z>EChz0qi9jQV;#bvB5>3QJSql=vm>TE?yt
z4k`dPO7-?m`UfD(yR9WGtI5$@+2U@?+ehJ108OwS`1waO>wd+L%^KTR47HoCibd|?
zi|gDQpbIxnX$spmzZPcHIIGD_CmKd%HEi0RcD*KCew1}uu?ybx<W}`mZE-Vfd~pu;
z-stgqIA=hHLL_3lHZC7eq8n(<24K`X=P3yL1XAvgcvVRtdg|ilx=OX9yID{XEl_Nb
zNb9^$j{;S;;@CcS*W6Mqe4crW8J3a1T(q_rsso|bjHW<Q$kc!LSwovupVjn>xuHPD
zu<3@><<h&S<WmBMnS#wCqCa%%__i}>C0o6Tev_uZs}M0lYWdJOF?^t1s+J_8$TI6w
zF3sDk;r#;dm}{m=RPbAF2_$H6-44LVq6g+ftWn~fpRg)M+(I$By9&>La-w`n;&Bsk
zw;=pX<UobV`wRgq^f?Uc*D~NQzG<ddpB<N<z=H+Xwmdh3sYd$l(Qa05`$=57^ridZ
zsiegae2a_>86pMdZj5gJY!ma1$|=13j18G7b9BLU=(qtMlhK)p*8QPt=ig1SZ(t4s
zO5CxmGWRu^Z($*7Fv1+FUSKm}&Fd2PFtPRYb~&{K)h^hKV>+H=#Z)(cha&P2YBXeF
zd&fTitpOG$XX4{ETAR)t^d@5Q48>vt*@UyJi6*jVIYO<ZG{^HF`+K|(QdqFb)kJ^T
ze11#k!lpLheYHMF3qOVo9-3j0Sy<(F9f-_K(pW?}VW>g+j@_W}C8>2mGNvFa|4G;r
zeD0IgP7zsSCm~brSKgiXa=(I=NKS6fw9TE&#!Gy|&NKhaguzta6ER1U&q>0%7G9&x
zw1pb{^MzFwvf)-Q&gq5Np^3_0N7=!r+ek(|O?=at*Y$B0UUNie8mIo|V>1gS9W)0(
z<>f4?XzH~R6i<BO2WI@`Cx?CJ9-dIRb%H9=g=~1q?Y#}lXYU%nn-5-cdt9bTo}Jjz
zN)0Lse!zQQn%hk}_u;+Rb9}C=Q66nUZdMLM1-T~PL*`p~=M;AK*us)OReWV+Nq+uv
zqfB%jE%#nhZ&h@RG>*ym=ONX1rCRu}_<ewROGOSsoZ@Qpp<Z~w97mn?V|$<ZX6nI;
zy^!FB2|a@WZzYR`wi^BWPi~(t&7&d@al7>P`ImG@sJ415E`l;|&FQuZTrxe_NbdB=
zwA?CfT%9%1MMv_p-a%CPNv#uCQ}hvP@3z~eF73R>#Pww?QF_e9B#Jkv;(|)a`|!RL
z&`Kteu}$HOQqhK58U5*8Id83BU{!07w430(AS`WktF|@hd}-PF#5+|sMX_kO)40Q}
z87ONb!mY)3XIjm>UhCPRs0cr_-nNBi704HxRWG3qPg<gey+;?d-VPS?@=_JPDMw?+
zr%kgnha=G~eT##BF#Ce(+>+iqRzdFv7(k}KFRGu7k^J68n{E8$A^NBC*rw(?TnuLS
zhn5p%u*_n8nPJcFM8H0N;vgt^?Y>)Env}boD6V2o{XuylIoo~W>m!=*$Oi~16(R|1
zdx}9!xIa3iDd=4}0he2rmz^xt%J}umJ8I8|YH?0$Qq8q=UN3q?TV;JaqNsUn%(EE4
zmTxGIY*A1P3$yNCs2SaxSl;KUYZNcL*%#v0*^sJ-(1Ep7RiuZ-CZ}XGiNbp8?XeSW
z<#GinnWkZ;jkb8or(dW(-(CqDe@-{g*^&+9*{}Bo4dd+?FbdigIlT>H=f{SnwHlGc
zkW!Tgq~{UYmwlDB4s2stRuhT7-Jk?qBP(=-nYP-W=kN}tTH3iozDOy-z!zyGk)yzs
z#nP9>%mpK9>s7f>lO7R+tH@Y8IPi9byK|WUlS(qK8Km4XuRHTWWf*z7y&~J|$18V5
z>x;=W_oTR>Q>q`g@uTD~H0S26cYpXY7>kPvGh;t5oXT6iI85-B^sTaVeAF!<RSU&F
zr$K*~(*A0`fJzPhzJoS<;zYnZqJEJ{iuxO~U+Ur$1v`k9&uDIOW3QZ??Bla%zN9L7
z+itQ^Y`LP=T2x3<M3zT$dgbMl&odfan9LFh4)Z9OUiTf|XJEAOn`9SYVKUp_;nUrF
z*#Go?Zz+xwSU0#zV86|6iD5)a2uNJtcpLnBd6ibXerfVOPvRG@R4vY-I_7QIc8^-)
zJmg+)az6{#^ShgDTD7Y0BGq$sjY8}lyJoR#3y5Ugu(Lcj=$clR)KY51Bucw{gK5y@
z@L&<Dr{YyUXMG}s2H^OKE#DP&e!`>q^&V?fX<<YjPp4#4DYLxtR#ni<dJ|y1<Lr~y
zT)r|hHFQs{ScsI!>5Ht6(@l=}4EDO~4H4VjXc97ZM2(6jVdowumDSs-zYj`?`5-%L
z@KGqOGhM*H72ElXEV~a*;s81OyiaRwSjlGtOacjpyyB+wPMQjFrVBw_n1pwQ+dXR)
z(^EIJjAR~s9on~V6`}Qx7{Q7I6wwD7Z#*T0uVav$Ui8yX%ODfW>*Ryig+JC0eA;t5
zo{KAm1ZPssyccuNtntfq0tz?7`BKZ!5$2c~Y<-$U1&Ip!sP+k_uXkCOY7?GU(0jP2
zyD%&EV!ou8k98Z9<!2bB-;gHO3~W4+5n3o9KebK5$O^d=;O&u<3JE-64xo^P;45~t
z=8DoVrUr8&NCI;dn>5WV6V(ZDC1zKWP_97vG`qb;VsqsCCbFcrUQspl(r#DsfZqug
z?!4-i(0O(``SL351>JqL${gTzV;0Y2zHXOCZ9&gerE`aFExeXV{Q^Y{i+-&V^;RcK
zre7u$V-;G0jLRyfZD%yUg#$MSLI$cBjp>-3+k#5xv%9Sy2-xwnHEYN1(tc=DH{EHE
zJRjy2xFIL&xYj7oA#=883)b7RIFFa+(bK2x^^pAZ&=aQQD{d31Xd85DXa$?8Gd!mh
zm3=uNTVG{8?_7E3f#T}=KAgfpBRgNpi_P_grTkL|-Icpn+xo&jtbEi3aEkll8Sz-D
z)hmPNSSwFroqsIxnl`<D<D7&_8;Rl+(Vgy;vvUw?OXCZg1+c+$68HFJ1cQxc&qc_o
zx-fTG-$E&c7M}CJ^>U{FjLO~!L*LolYb}K4gD(x&@7NJ-tED$|D$nxY{|b3wuc>!Z
z?&?HSpz_t26P#K}D$~19sW<`Q!oWDy%eslrOUVMUZx)>vmGi7xq;r=wdgDJiPMA&S
zF<ISn1D4i_sjcs4c8xlj?#_!yDoLjkByJPa==$4g;pZQZO6dx(acNhzR&vm(Y6j)V
zvCrdmd${x8q~_IrQeygsAf>rD%~BO@maY52qZU=kUG%k&L2VSLI^>Bt03((!o>*4w
zaArn=*;jszy6^6#;qQB#nW$5Dh%79!&DdM!8#I{C@@R`45p4*FI@R=<MgYBA&lB}a
zYrv_=I0`*H-WjLnsyN0zGD+!a`_eNT9~qU!2>2L>KdbCNgw(PnH1`p>@wcxvT<hBr
zHO*h)S>%AsX?qr?(-Sv5uLrOtA55h`<#u8%6TjJNKcnuw!ug_iTP<F)_r7|Drl-<%
z#Tm46@{PP;ti5X1Ex$R5W&ju3YBK%uLIp*#!=TQx+Xs<2igU^_=1aF(==7O2_10#@
zg?A$i)AC{S5J#~PqGjX#OI5JiQ#VRJ#Dkw`@Nvs;$4ZSQXs8~OZR7w1Z%RB*d>_=h
z;PVi2A*iV)(dMGE=+d)G?wmsQeq0Twi)@-sLU$HAnQ!mYzuh8`$QBe6b#c|*#+Rs$
z>An59Yl{a59pSeGMG>^nG$`ct_KU~N_a?2ut(cZPd3)4AFG)ow2)iq6>rK6~fsl3~
zNosUVAKhiQiTQz8@kI7BfISNX8vWZ_obnt^s;?ep6p1||s-WZ!HNEq3J?~8oUNB3i
z<g@zPAoW<STGtl}&&q2)w_s;Ao0ShGKf)2puYh^Yg<cfAW(meJLpS>)Fq18OP+K`k
zDKf9=MS9n^1DCJ~Zr)3#sa?gEeofV-WvQCNuboaH@OC<3#=?i?Q$0}q<eqMHN`u*q
zH+bi#y?3qiN)18m6(j@_Z`TdwVAJjX)GLWxoIZ6ymGhFbFM@VW<TPM%&Hju}sWu*R
zClyywwR+Y0NmD$lzgSZ}NV~Fp7mqu($@vx0t3-Vs4ei!W0`+2Z8|y^fk*&LU?W1=L
zFcitBwESOb`dn{1^`#U*4QzNYveZ@6M&Td1j83QF#x}9s{8G6Y!nqVzSMT?NC_}E?
zB<*IGyeV@#Gi{+3y=&x`Pu3nMKL)*CcYNjehK}x}o8?3oO=nh87~X}4+0hVs?#M^v
zUndNhVg?x(+1qy(F?;NylTf;ea)T!rTyIBkwu_7VWHiXu;y{c00qOedw{xvI!jq!<
z`6b&YaKF$9`akF4o-OGxSzPGcdB<x={YLqHt4<oVewweM6l2P$Wp9uGi(nYmwRdnQ
z^TKoE{v~%Z9HJ-9iN|bM2>rFDNFVv;Usv@}NjFBVYWk2Tw9N!_mNziwFq-WFSVqbH
zK8UgivwFmvuX322_Xi&Jub@Kxcj`FbEYJ6mTyLI^3cL6=uEuZj8cwQNwrylW5am0S
zfZdXe?#8cnH|gmx+PThPo}KD{A9HmV%`cXaK8j<+cDCkLL%BAiqzHGk0{Ajj4}4cT
zZJ5wt-LhEaW#t^^H647}>dVl%g(NXtImS%8L<{v&N(<%d@BNtpdOd=*<n3;HZhJ$0
zk>dLpCg~i$AABn=>AZ8qd)#KObYtc13oW>Egti%XCIN23eVQIgs>qckLj$>xpfIvE
z5<-_PYmA|#Kx~%qtTEU<ab|_dT?-92JXWR2k0sHg&X$**^xJF5IQz@nhgh{5v&^-F
zQ6qY?LSuru^Bx$V1d0SNI_oJ}N~250PSF;vWN#8TM3P<;b=+v8HXFuZN536q#=+iS
zQ6|jn`9`$7n@w7fg-1z=oR=hq;>M||zP)KD8{1R4OZ3t-M$`3Cm#*A?i%%kf>6}&-
zW{Nl`nQV$0$vHx6YilS+#8Gg^oi{f4)<;!hVT?P2gWRD{hWh}OPYQ!pLHpU)YR05I
za9bido))bTI2w39yAv40)Ka|c!Q1&_xMZZ1wxtYA5wsdT?!1JhH3yfVVO)UH?AX63
z()Kif@oOa1S|_l{7m_qe$|`o(e@LQ&b0I>U(O}p)?jwU^-f_zw2N8RU(A6=sg)IK{
zi`A!IB-Z*h166sS=-z%Fda{liY%mt<kfp0IKf979R~sCUz2QJ;2g}kyq1}3rs%C2P
zw#A_%E`~?WL#>K*R-H<FgOVpgi9Cx<&#KqYTYqSijj#132bQ{Px<hWoSb-D?ruI@G
z#^Bym?U+<h;BdLVq@lF%oe$O=)*XT951C)^UDm1g=>Rx}&Cqzmy!U0pST9eIztAih
z<aqX|4#h69sk;EeRvPGTWTaeEMdcN@AvJNjQZ<8BP==(G5ROiq*qKBa7f-j@UNly1
zK>Wg`RD^2jApt#O#sfpYDf6$JjL_2hRE>9?TavW+_6Y_fr??q?AVju~sNUl&9y;6_
zg~NG|%cX(h&K>>k5<04osN20oHMNfS!j<?5R#9KRXzzN2?VZzB4Zj(cdL88papom=
zSHmQZ&P&1#5trreUKO&}vg>8+7W`n1LKI`=IY4e>CORo)Zq8cDKRWg)ZI$%8&)$96
zP=S${_^3_pkSv?B;O>El&}kvbnK?>J*Rhl->PVB}@U|&bOn~!_K1BCc@q5E{WjpMh
z-4C!yZnjhHK@79%vuxOme$S~MMbm^PGZ&-3(2l8Elv_%axclf$q<SiG{DZQ+3iI<N
zSg&wwHX>O?WT=D`V|w+@vJUl+tQkdSa+c0nCd~E<F9}J?FLpe>XHjv>|5L;JQ@g>l
zGxxD~CGW2CH9CI+=Hdvy`jef?d0sHgVIDhrYs(K?JiT|$(7MS%H=5@;YTJ_`-bK*`
zeu9tjqxEEr5Z$wWSGNOL=wXquoo0^wLr$;ca!$HQt@H^CSj&4|A=QXX!`DwkhqKT=
zznkg9PeC1e;*tr|Mff28X{#F!fwLsEnjx<kK5D)xui6+LW&tK{u8fDL=iN=!@)e&J
zrWbeCWI9u;J$=2*4s+X|7g5fnlo%ds`xSMBIr1{ENwOt8O5ww~4b8$26#GNTb}z-h
z#>Arvmr;+^bN1ojOMKY1B;6EZC50GP)-Fbt-d>@&8&`4Zf|wb$&_woqREFoXx8u<g
zI3>uXWmt5j7|B}!ZL=(@Y7ypFL#*@n*$LlF$22E?V)Tv;JH6Mmnd?URFs?c)BTPa3
zs#RU9C)Z3Wb0A+DZT&N<(Lo*jGHL2OXA0S_O*1RQ8^MB=mcHgBk;WugHn|S%c&KM0
zsYnOQ_Kh{;{g;~xmMY4w){M(eY#QHJ#I=9;@^*Vn{NvrP>j2vnHu~rKWbu&CuYyII
z;xy?lxz)|BzM-4M=KpManz&GzialnG{iV$Y^rUc6sx3K%Zn`O#%x#&Sa+1chC7p9u
zl=dHAa{OXObj_z`mNsv@;w5f7k!Sq7-MKBh2wshwc(Gl|>x&R$;vuZ8ky68}+1MNH
zaW<2@8q!MyXFS*d>1pA1<24$qX?vUxa8+`%lRTYD5`$K?Sh$ZY!cV>r!moH~*B2A-
zv|~*6zM1q|oXUI`^AM>!gZs+(B~Ghzye3R;@C+->N$liLq{W(%yrE#FrHIAe=lYzi
z-JD1==grOdam=WAN__%Gi3IR#xZL(WjdORY8r@!Li1N7I2254N?qUbk)dnFZWbPSK
z+Yge>%_MG{jmh4Fq{#Pbl&%*sh$mI4`VN&Cv}2Xkw#B@ob`icKRcP&KIM!Dby^ftv
z*38zg)}s1)za;7P7G;$q`PBSFf6F3A^pNwuQV98F98U+KRm`Yy-cT1R=bgOgGxE4_
z^t{NBC)@aOJwPw?=9yBexHM+<E_ya#pz{r_Ebp8h{Y&e<eux^&i}ySlk0dUDwLV~F
zts&@a1u>7Cmz<W<yi%MvQAYMC#jRT0S)Kyn_Xf!26?hV+d8wwUeY&zLei25q$S1QP
za)QyD9DUv;twy2vs+H03uCe~?v(8Y^PJtt&&rq-dfuwWdDXHO9h5c7Fs<cNOq;cZm
zL08|a!uQu(N(5ALd1ARXduv7JX0A)k`3SKZY(4CZh)huM@7v{*ax0k9CR7-ksPm*b
zDeI`ZG!wX}^*~t<?>sJ%{bI$WKKqoVkz4@O12>Yo-D+(z%j@f-pb{$WnYmB0$un0n
z*zFl|0GqxO7>}Q-H%93xuEM?d!kgucYy#MvjHt;kaolp^rrtAsHr=5~-*?ft_1Y_O
zx1tQPS~ew>$8GXs_mY*V@Pzo(Nd2AE<+RN{Q%RNHSW&z>R=4+%>b7g3zr#+gZm6tQ
zo@C1_pgSYI*mm`vz1G{!6-O}!*7N}9L5`0@G4VjszS(nPEyrxBoRepV7Tj7@$Hbpr
zE)1|$qb3*`NK#Xdd@t>x59riL`?vIaa7NZOztSq~%6J)R=MD%4<X5oLeJpNxhx;ig
z66Ni)a}LW+mtU0`KFi*CdK#PWR@&2eI`LRk3W5z8E0?{_&&V=Xer)ynjr2VI<Twdy
zx%??0aJZ~K(GwHfc-`?+Kx0r!+w)JCxEY7(3Y#LP%}>kNWlu2K8#<KBmXHs@ZG;77
zExp_|9Zw9SQNqr~>vfQHwO4<wyZZ=_<Jxe1@L8gzQfbPm`^LSt2H}v6GvlMPC8@X)
zn=X9z8R3Ilh5e7Fy~@eI;PkvVHGOWf_o2Ft2zX%F<vsf4Dhe8Akkmjyq(F^)yrV9Q
z{C#Zsb)uL!k>Y}S_DXV1jYo=Z7i;ffaZjqZ3rF#`daakd$bP^V5GAG^D6K^EwJsKq
z(QH~qL<q7*XZ2OfF8{+cen0@>T`>p-&aHtJ(lv@b+B!BBpc!&)LMy5CR%X<zdPG~F
zp%4(wQKvF}#mqcbfI~^cHT{`1_^o*ohX>dAa%C?eB5fM3;7TyE)H`pNVZ$zN69%I-
zWL!D9RPBwkTDj(bp{ao0H=2-~(s|b|AC(;IV&BQVXama+@-3St9<0`(1r#`$i$wKj
zGh_<FI13-MpXnM`)qDi?X*MD6#elGCo8(^yT;1t=n0W3^_-N`qrA^GOQifb{x-h^>
zJ-h#54E*tZZ`?A$?zHVihjEV?thkPXFFu;;{^>yZEP2OaFbPd)N)e!AQSR(XG&fII
zNaeJAE8tl1WDqj7f4iy3fsF8_`RfO@xlMIjS>|O1y`E#n(%OR91JdPJ)w*$NQvm!_
z{RfQgJ66=zBt_oan_o=?u|>qom4m^Hlejrv&kQ<zBw07A3dO+}DiaI6^d+jKn`R{V
z#Yvw?k~OnmC!;A)kztdwly{STmA(JA`R3HXb?|>U7Z3FP5L8y)owPE}HDyXFqSRTD
zsf-gQx=&g}wr%}s2R|-9>A7TIrY4|7NKFf=&6TKD>rk+M*7_;0;Jy~40M>h(PsYPS
zj4NCObarmfrjy!dZf3D*Fv{wUEpb?iPsCTFfO(hiaD3-!uK64H9Zr_c<L31H3G$U+
z7JU;&D4nhbO>ZtnmDezhnI#*4fOlJlQ0M|ouB&||m!)1ynf315hKSRe_rlr%hfmu+
z296#fb3gz)8)JtG%|w0awZ3)Y6Yya{em<*wuB!d^vRfG!WfV{+>MN9$4W`H~xFVdu
z>akvy*p-x*Oo*=#bC<83e$;OiW~uAFsH8=Nwj$<7ND!X$(vNC$6{=@i&I|`G57xgX
zT{2~fO>wEsU8z!goe^4zsWAE$pbuUdzrk5z77cM|y537#M1IMPh-z7B)b#a}6M-J~
zNj^`*7W-?Abck5f$GU}TWzadbaYnTs$5L$YNey98%i57_2WQ_P@$rsypnTu{TGoR~
z$hkqzf%w*GoKk94*C)>};J7I+(kD{qD|S|XII%|E;50<;qf2<Flq~7~DmoAWGwWg4
zy2e%e`jdhORkd@&^Q=(!o~Z~n0+_%A%JTSQPV;LRjLCPbhdA0_1|>gYdEb*mBdFFg
zZ9^hpa!HzbS&k&(4Bflpx^qx0J;UDN(Fq6WV>VvP^<{RkMQn2Zn5e!6?hBM6cYBLQ
zU7qL9d{yMX-jR*v6HC$h&ffPfKt>(cCB5!r(B`ZD@r1d%*v!?%J28DVxqG#w`FmGc
zy$v#-@Kz<Ny)Y|b33z`Ya>#AL>-pDvmvSth)y?D7!U;GFd+*rZA101-?%J#t#CF!W
zogKM~Q|m)$!sdPBOc&R@s;&8H)VP3TCv0*}hqv4+Z|4h7x-5h@sxsTegv$Y7P%`C%
zqV&;vy0PD*e@4}qr&Iqq*N$zmq;^5~<O<drj#{CqB8;Rr-fR~2^@{!bASKG0!sr{l
zA^=zZeXR(~P7V@fg{1y!gd{GC#0RM!op))DStFjtj8D-{S8z`|)jfZ{Z5v(dIIbSh
zA~@t=Kz1&|IpK}`?1$X<b@$hSfYTQ947C|yb#v#E^Jcs6yPOlYQVm^u5TKt}U4e6l
zU>EJ8nBR*?s6pQ;>TL5fa?ki@Xmyq9bMZVhdn*KCXA@r}_m$jQ16NL4&LHgOGI6Q2
zVzpatp^@B&{cK<&g}|rRk!&$DH{{Q!++@zrFfQyiJFCrbhBWiu8KQ?}>_7)U#SV$~
zg9Qh=%7Ld9SE$w2X!+~a@P^((EOc`jaqh<{hQFN&z$O!wz;K`tz2@a#86cc%XIT&`
zB6ky0#?$zt|KRNu0(h><DO8a@1~_;BORh{27G63zWteHg13S#wMKiukE>vT3^ty1V
zW<Mb@D(-BP)Ul|P6m$iQ5nG^@X?a`=-=93Osc@E={><uiB8%kc2W9tr#f2;vN8%**
zC0%x*aUm&MEY)P?bWgBl=`PvL>n+E!m}?iZZnu8gQOmN4?61qnuXbc-xYuR%h30)-
zRzC_C6T`jaK}3tcAL;BA)Q+25av#<M0@7R%N>BYrpMHV9jGD!f+yVBMG7=kAPa~9A
z(%y#l0qzhMR<r${>q^E<nKs5@Nz3kOV$24Wio;H9d86W5{X6Zt=4XrE?%c2~rN=q*
ziptOF`Xi1{yqS3~6pV4rr?b$eg1z3ey4pDVMoWDRk_vz{)%g;+Y#Ys|t`;+#38Zqb
z>8mMx>W2=2#zJC<*jNESNRWbSdeyc3>}u1Sfu^;IJ+_F;uAeWj)-O#9=V~@;mYm(T
z(e}%Ch6S0k3Z#iX&(cUYk7TTWbn;9PmC39ih0Ehhuxk+6#s#v65`KQvfNiRCIvE|0
zLckOpo*Xa6CIC%XY}WB9o#~)70W`-bN=Y{;5c1)Xj}qMN5`+P${EALth}i|y6J<ef
zZZ?j{-?xcgqj+mhG1V9AY)7%(9yeo-@lw6ip1~+Q&GHuBRnEI^>r>=IIfLn{MNC=s
z^fhO$T^+0UNO^ugWs~$({kBnfdai}v1}9g&#z3ErPt+_?*v93(z*8dW1!cJHPol%(
z>vq#EM++SyQzdUy0zs9W`@U;ruZMYv43==auA;I#=vIsolG<=GRKVBQ3p_EJ<uwyL
z1sfF231gBb>@T`NX+{a-v<mIWZfUu|H$w7F;I|Cpc<}F-NYpswh~ExL6T(k<qFr~^
z-cos+UD9Av?0&kR=4Od8QxW{B{rlKeeSuRfE|%?nVLk%xlt2@GyX}+^r(}K5>g_r%
zgS3zf4L-MHh<KB{yGYN3P>q%}JFMNkY}=um<9_v$4dd=duY&Y*H)q4mBBRee4dUm<
zz2ftBMs|KVaIH-776GxuwF2HZm&~HCR*m4ny-ZDEr}4kunC2xPq-ZsCzw?wuNcGhI
z<5`6;atHM(49mP&fY{+7{N8frIe)7stZD{B1OD=Hf-Jg;>Af#=ljlEVExjnkY30-o
zAe7_2ftx=`FqnwN)@Cd3NliL<GpNGf*Jo>hJ<A96%?25-h+-I9m5b73&swH)mgz;A
zCn9sRixU}I-qt5lTk3oY`baQSpcrf~Z%u1xl&Nb_SFemKIs+vO3W^0a64dr0A4k0`
z33U_iFb}?nKP74&DqyZDtDTMA)eL2HauYSfs|fq-Ga+)>PmP&g@TU0bJ=-^CIf9b9
zt3CA(nKuhAYZf{#CsUU0bZto5Z9Ko-=K6Yo(W6wX;e70uJ74i`xLmk&|DL)wbK5qw
zysXSgqQR5i4@1%&SjnG)bfbR>ji^M?O~trbA4P%ghMUom_(geiy09gdrK>+<B}Ifh
zHES<9fY6_lHt)_;iGU1r$~r}>>mgI-$uHXC;6BAWG|Vyk<63z-FK@br_#0cldI3eO
z&IAEFUv;kto06D&5DI4LWDfgvq{?i{vg4w`$?WD0!}%mj6qik&UFGW+yquR}Y89Q*
z*q>a-sFqkGduJ47z*K`&hWrzr59`~f7f!ob&ZRjLs4o_udG$%xWGU~#36;H1S&x?l
z7Nf^!8|89DC0$p-EA~*S0LuHJ81hERE9bX&StQR(PtD<e`Z5#bPsWiYQ6<&DSM$~+
zZD~m5r7~5;oMJeWC<b<;*f~Zqh%>kCqNH-?4aYbhjS+Fir~KmNM(I$QM>HhnmWdBl
zba2*BHAxY_yH5Y<#I^9bm+^+1)iA5beu4_wo1Q*c{P(hl&jtzQipv5H=$@JA%R&=2
z4(HG%DHnJXGTN`K`_GtC_216Cl^S7<L6v2m#XER<e(%asJnYFe-29F#B@0bU_EC1p
zH}ge}s@d$O&)#u9rhlzZX+TRBk)gUnk&T6L8W2L06z-;)lvsk&ggq+Am}QqNS(s^w
zXu9e|5I$uqd$H|{b}tnn;5h4@Ciza_&GY1CZjH8Att8K_(ML)P7EiA%%c;U1HW@w5
zeK-P1DYI}NQz$%q<q)A7O84r1zWaiSoX=8^(L9D7H}is+aS@W+75uHsF3J|V?j?^q
zC!l1a@A;PtuH-Br3J6p-<9b-=EiRHYnnPuTme^&b7c3LmfyEbalT_j~EC;fTJSHa4
z=i1MZ(R<T*S|gr7ySCd&6z52FP`Lz!Ru#h+L%dSH1k{B}_L?|obW=+TStY#dur=$s
zmZMl~5>{_Z)Z^xjt>9zcKk~kyBI3D#%Y%i`yI7rkTzzF`atpEMIXNTodtYOjdABi)
zC+D7HznOAu0#q5Db6AXT=H`lb+@_ZlcnrOml*}h@&6(o2U*n?iP7?gX8GcHV8@R&s
zl#uP(#j+X;uNuw_+eB1_c3ZkQ+ed3$&@!1wUBhQ2cGL?FZLY#A>uPQHRs^igJ8Eo=
zdOkdli4BV=@{Kh95J;B3Bp!GVKT9LOZ6tb+wnqb_h!fE3v-K$jxvZF9@<%MRXI^Y0
zgw~A^XC{2febF-9kwxw+T9e1SSh~|ZX8+QuudHM&p1_$7KJ2VjN_~H-Fi0ZKpqwYP
z?G>HGGnBi8nmUoP5f37)x!p+pR&mg)Txh_*pHx3{%aK<^A{E2wr7;r+u>ni&^@icH
z^fJ1;;Wj`Prj>3`ysgx*iP7$fNS@rO;T0HDkK=6|n4ETuqIQa1p&iarzqGu7N11V2
zEM?)FElrwi$(rnoHjeuRWJ}YUZNXy|#!O9O#{9Di##t&*-+eT7iE0$@rIXG+D)RxI
zZRN&H&8`_rrO!-Ku#HPpiceGnW1#J<a(HcEr@?RYl6@I|`=VOh@MI0=xYJq3G>l68
zp3$Y3@f@2R*CJEyd!Swo^BXNEO)9(16|dEI>xBuc<okJb9%GJRb2K()r<T=mxw8B|
zZ9um@S7pLcO>szy|7mGO1Q#TJ7q#xQe%BY+?Cv6N2$3IWbL`7<xt(dl7d>q;fo1+?
z8WMW|)*3C&%FJu9kX1hF&_#dd36<?bHIE%i)+;kM#GgvbA`18h=`^9-mkOJ}{k;kP
zx#@Zw_(zMydJ_BND!~4p-ivhsXE~}1))T8*!x?3k@x=anWdm_<o%!3W!;Ae&ODZc{
zC-3hpj_%HqrL}HoMkUBJFYFsW%6BQYehQ-n8rddiJz3rZt_<~_oROC<bmEQ<y1DO#
zamKj5(Tbw0bIdYIU08aAIDt|oX&jP$Rs&lpC(o`_L3}28#Z_s0siX|$83At0UeHHy
z2XNFNm@?&`VM*W;vQd&G?mrl{_kVFQIq7ZgSy9NA%tI=_$Sc7xUIIZ0D>!+X&;D!(
z@TN{8lzywy-|Xh82itCY>dBl{Rk#_`G@iW0xkH&wnF8+o!8W?)*^l?Jhl9$<!H|z{
z*1Lf<#3k%?702%E>G_j*#T$DZvR|t;lg`rGGPf4iKX!lCX2XP^U*<n^UEQiVn0a#h
zl^Xt=yEiG%2>Cv~t?27yqm?}}0tGJf`i1MAK$8H{PJCgyvq0+V0jmye;HW<3bHgT+
zr1+%d``P_g%izF85udjmuU>7uIH}t=`<yB6@ydQL^y2zLz!UQk?#_teI3X8zg$Jey
ztQJco8Hznj*FB>dEQOV$8km!6yY74~C_|a_JCUJmoq@fP0$odK4B|32Pj6&nqAG2d
zbF*Oo09=<&#OhMo=c~KqO2~$qTR0lbTSZ4&2(quiAN`;zNR?9Pwy&h-7nvI<uPLyX
zKIC{ZjlLGqLhTyoc($jr#U~bo`aw0p=`mls1EtuLz<a~oMCsyg4D7dJ%XG2yu1b~>
zne}%px(4-EtXXinzq1M09Ok&@@-;9ltH2R^fgZpVd3?<hQ$+ss;*3`f@p7BunaaD#
zLPHV+f?JMa24u=Q+r>O&@XqC$im7tn;i^;mJaVtZ+PkP6&l4uYaj!mc#12b^a@y!K
z35#iE&aiA(Uwl|;)H3wGAa(1iQj<(VaEASj6FOh*%D5)mA&t$YiY%eIx(TXQz1e%`
z{Zs$|)*&I-v&0kPMvZSzBX`RB)`oNqCS`;qs*g)0`ctEjYd0{-mHPAdjEA^GlVt?s
zmoe)G=pJ&SR$pvird1fZi%TjTSBYk>tT7kCoIfIh)ixZV?vr?(Z@x5Q1pftTUFkJ>
zBJ9ZLIauZjBl5yC0AbJqYGvhB=}Or!d4hpt;wP#MnY)yOG85+~WHkl}GGbJkCf84g
zzd=Kz01_P$FK#lU;q5*<i#atAYX5;5lH#G>NEUgf_0|U^)VPazyh$`cy;4}oG6s7b
zvE;#0)z5FCJk{*N&>Z<#nFg9BddPuKmrz=*Mlk1DgM7!cc#^gIA#~!Wy`yC_RMS67
zK)9cdy3kYeB;mNjycWZ4dEd8buCkH99@e>!KLw<!gB0g?Z=cf0Bjv#k3sK=t;<Jh6
zPkPgkNK*GcG-PW~m5a8}+~tM|{q;;~EsJI?$BN)jcPZ2vfqFImK3lu+ifBVb{@eB!
z!$c(4=p3B~?izTTf1ZD4l;kf@6E`^aQn=Y?O}RKA+>BCJrd6N2mnwFwMwMje@@nm9
zCq@LIIW@q*y=sgnzQ;1RHyy0{kmm`mPpF1UfQS#~$0rvrg?bA4)+AEDR2mzVrS%~_
zgCFNaE#F2VNjk3HOugx2z;yRnZfR*%y!*X)kzj1Bp6l|$0UQh(6cy*1uU+=^Zg?=w
zGjoe`+U|Z#-IMbp+(ewi=ufR(vEP=iY7Smf)Byx0x^21h#vbZ>Vyw|2a>o~_hfG2R
zP!-4$r|@@tu#KNMwvV5|p#}dZ%i9upZN5$6UJt!Pa36-3P*psAbp3_oe4|pDl#o<`
z<?X&V1Kt|;0{CSSC-Wq?IU*8CL@1f>#y=ei84N_bp-=PLjXEMzNryiEOo*yp!GmtJ
zGa-y+K=lnJzG{7R!2+3aN=eO8-mWAjuPiSg-!sv(GV%W6A^c{nTpDK=i;15J=o6qt
z4Gvoghmgjcto6RH{G_N8S{ytZ<%n(UnR(0R6RFoywCEGPP*J~D?g5%X2p!9-llNX*
zzDh_+W(Z!MU}(Ei6Y}g5?P*e@%8U598$mH*=S6`Mw8dfnH-1;Ef;eJCfh^u!_b)|Q
z`Z7#<I6yTNl`>VQqdT!jeVP<=$R})?rXg>DPf}XPORX_we2xy)E#}L|mt0Ln$zDBJ
zTs(@eC-0rXYWF{pZWnNp3+uMr$vz4K36<UFi8RTot(62y>?@og!FCwhGs>1&Wr2~m
z0BJzy9YG=64F@L-$-Y}sUAA3c-Xs_-)8V}v+Ol%sa%Q+nzi3EMFoJ@qLbh^seAF<Z
zV1%G+|9z;%_&#gfd<mpYb-ZZHD_)f6J<THNY;Wl^*(Ga^P+i&diecW+oY>B;_z=yU
z?f}YUn+M@i@lpNl$Twaa&OW6@Wi7EcK8^ugCYoxk<$L}OJp^nJ4KKX1tBS<^Vv=9A
z9a$d<Qznp6qo52#zYk*IUNORMy}i+Adh@xuY!>e;m+BMk=nTdMVENl9dw>6Zr*53i
zhhkN2tIzd|sU&q)zREKb!sQX4S&iq3d+kUes{xPbQWp)cW#e0%H9_}>BxRfIdt*xj
z)N&f4q;=Qf%5L^PF(=Mz$|X*VGOPKvz1O(uD~Ueds(fl#Hf)qIw1CAl|HVigCEjHW
zv;pFjmTYyLK^ZL^nQ-^)8O~g1Qu4X0?@Z_`$rP#fyIiGGg~XHE7~FI&(04Mpv%iBG
zJ`A^cIcl6-$}(~%eP3b{h(HYLR#e*E06wmaHt_7e#5TInCMMa}<!0fiW}?&Bm@Usg
z<?Lga5m={{Lh3<8blS%wEri6IHHYpBml0Mwu~inr>kZ9prial-UWSXZI{POglzqop
zEAEi)(!V;FP-&9pTH3=>$8TfpU-<yjC1sDyA$Uzp(zwHf(Q}Bmlkq`3uYN#9+G=>o
z>HpW(bw)LztlN-KlzKoy4M95L(gK2@fQWP=28eVJ1JVTP2vUM_=v_)gAQBLiCPiux
z!BC||2~tFm-h%XAANtl^_no)y{F#}(_V?}iIpy1HK&%)oYeuk^3w+IPw3>lJ*tlG@
zCf8^)`BIp`7@<viW6GJzE}|Z$;6i`Lha`7uu@s{gWGvmzk6hTvDG_&f4Id*m8c#X(
zmOrPIIE1FEl=%@jc$M6C%<2P&3j5^oS_H)ru+8CsWwydV&nKhJOQOqrLstN;YPCZ!
zkrujs0>)iHCCawHi|-kK6OwoTN@cMhN9fKyfsP6%@fl_5S!+8?<;`a=G+R^c8Gixf
z(;ITFM29-GOBHZGrY)e>kvv&JraFaEZhlO`9Lfq1EyY&jhg*di#QOq9>kjmtT_t9X
zn^sB}6U1DUx_g@N26@v<5ifi*PhBT%Uq&#om}2lFL5gy8yEwdO;SIZCyZiChGPqG<
z;s_X}CLt%kgeGPhjo8t_$|$RuJ->9%OJj2xY?kw+2-Xa2GB*n0#4$0z<GFr+DGI&@
zl)<GNe?}@CZmc_az1B6`9~2pjyMF8GTuafK!?m)%c8w|_mrNELvHU^G3N!fH@i;{X
z48hbe==zF183%n=(RKqKET{ls^i$Vq{YnFhGVtt|zFQ`!@{aMYnogH!d)B8FA=Zr<
zEg{W(<$-i_Vz+NurXCWD)-3<gH;FxqUUBp!A%(ZsulP?TO3x}<QNBIt&I-2KfszEH
z!jvN<B$V!G<qHiUxaeb`xZCW}{mb&0!{_7j?3}8M?nPCT@iELS@@bG92j9a%9ArnM
zLp{jl_)$KwR<{eJ_aWPvR4;W%?T4w4+jt-uTXLBEIn~lm+k6_KXxCKFi|yNbf*!wz
zXiI}+P<j1a8fsWTKBZ2~x!|0=PvYVUPG)|iHC-^2#`Q_$ycXnUXJM((yBt~!foa2;
z>Zg>*!#Z<495iCFX^J6Jtri>;eQ80Na1w9H9FUA-sJ_iP$2Y?-WzVK6M!40xU~83a
zvETl*6CtAFi^wFuRfgx=^L|;}d#@;9IOr^w|0su9<$m<9NjyCDAoT~Dj9|Mg7P_6_
zZ&91({9G*B+6jHX-PqdnNr@9?l2Y}Bny{t&vehWauUfOSw`T38qEe-EK=w%g)v(T(
zrIl9RY5JjgH0qW9^mN-}+n&71w^`R{=j7!8w-<8<a-Ol(rH>jfNEqrK<MI=i@uR#n
zT3`0yF-OT<%J3H<@p$NRY3SA-M8tRxo*-C#>rRqw-4g++Vm5?hMq3{y=5w}rdDM*m
z1ouJI0cpR89hI0@Ove(RZ1x@N-^*NdIj$qRxNi%Y@Ue7?506Hd$FV8PeTYGtWN{4D
z+3=FXQeb8xP}QQYzSs}t+!B?B%97czDK$guw;XRc!cyu3-oHBiIG(Ekp?7*WUA3&#
zU76^~WZ7@O)chW>>8ODbs$4Gc<`(ql*t|Gtmev&Go#=z|R8>g`Xvos$e7@qw_WN~&
z)shoZW83^Gep6J}#OEQthY>KADKQn);-DD#A(C0AX(ZtFYO8oOMC*Q1J*}+caJ8o~
z+UbgQg@&nvmbgyMNGpoOu1>AZWT_Ds7~m4VE3TS)ywCLQz#XH~$aCcPz@5j(TaG<>
zJVhY5R#HIc=4b#}Gvktw!x!2e5S6w;sQ?lAtk!_tFyn<(7=Hqa@AShKT*slvYcN0O
zb=->&esN$)gNxd_Ooew7YlK`uBex^Qo$?5|6FzArst&2BD!t*ibf`KJMWUb={I#0p
zwwL2^i7`u4LpX-vJs^_q>Kx;)ZM{iE?;)+ZsWiAlvIikKX!)r6(<P^G-8?jHx_Spk
zaYYlW^ER<0!^VEmSErJvkJIRnTHCALr~IvETz)<qZ641g&r4hAk6o!j@JFFmCdJpu
z*V*`Y5<#<Do}-zPHhbpgvkb7}*<Dv=|9P-72cyNnDFI`fCHD1&LzpV)k??m3!_b|l
z`F4+}b<Zyl<+dd%q_zHz9wRSxWqLBxm#W{Xcm_P8rH^pGUu<dB3ria{MXZjU2Jr3i
zmR2_#c}(0>t;dbEy|s?z;2ZY@)wBBER(umODPA8G+=m<1Uw?|<d?XIySOqUqfEu=_
z1oQcMSPO<dP7&jaFnycQYlV2*_U4A5(cz?8VV74E{gV_q2R(ZngNe;7*?__2Zlchj
z)Pl0P(!<eS(Z>~BaS9hB?tM!SOa>9ZBwevwwNb-4h3ma8I&3i--CMjJ?-wF#@?Jg0
zr^cwkd8o$4j1tRUgqaivAkg1ve#~e2uy;U}^nsXEB~IsdEo5w55$)RDnA`s8G-2kP
zRiUpnouSgA;A6(rc9b2GQr@q`ou6)JOVo=MOEfFsrVQE@YCF}d{2;+GX<V$KkMc}t
z1F2+nOAgQXDXrzTh6nK6VL`yg#UmC-dW4KD{f7q9wx*X=${lecfb0fIYvJory(94P
z1txNXOeQni0`Q*CQr6CBeX{GDIGsi~56i9WXov@CfQW581KUrlX^prcK}!k{OmKr2
zIhJ3G(CkeDAH)`|3n>z|J>jY|Ck2_UQRy7+M#F)C=8#S0HXz1t<(OP-YIrmdOKJ}F
zrtFj#jO7q1E1lLEB`m|ju7>cMVn2-hw-e#!qpZtHQ;w~F<v!HU`mFurKA%=bfT}D?
zfw{5p3@%Qs_0y5@fb>=G)+i@}3;G)4SyHN3c1jmn)fsiG`jG-Ku&mDZ>RxH^I$fkh
z7s@uG(brJBy|rC91?JIcrpj!*)IYZRqte-Qp7xaLGL7SBqD7*bB-WKm)VTozKKYzP
zUQ6gc_;oZEwKp61$q05(-}vsTG$!@hy+M7oSVTniB{tX%ba>5xowXfx>hZ1zY;$MD
zeHXplZB#cu61=^)(1u!JFFs_q)U=tN)@=SOG;b$ns+J+#=I4*g3j!Up#-)pY$IP`X
z1X6ie*Rc8j9B>O3;kJg*Fa+;oWT@>tYwVjhxEkZ|Dq9qqKIy`t<KDXyK19Asa>2vA
zWk?Qq#s1@VH**nhp8U^X?~c|xH@?Q@@RK(4y^C#b3Ynd34F#b>-?P%4*UQd*PV0>q
zOA7xG#jp{DfAQ|wYkuyAuuFmY4-n`R&@H~D4JNg+I!i5TYb6Q2BtXtx4F5q35=oHB
zxT8@O;Ei)>Md}{5Crh_yXji6svMC-`!jocc&5x~Bn)q_?V*RL7VC=C+Ue0C4ySY=8
zEc(X_-6K@_uarlot~&cUgg1(rfWHrRjk-w~AhNk1v|c!KnUy_%U7d5Kd5m&3Rrg0S
z1l&MoQu*Bz)YIvtib)W_$O~}6)ZZuM-~}RO2D|BStozv2XFbm!eP<ieux`n~L$)ao
zZp*SiPRw#(<MQzLz9u)C_ns63!ADpGffu7iZ?G`#ym~XSE06BsObrpObjxldTuAm^
z^5;Cco6s(y8DNA$X5uG&5XP|VSK~=4G8KP2ubc!phQe-5EzDfSNEc4JY_GMr$j$Q7
zn@Go(Zp@E2q<<1-)tNAPs@KpF-jkz0D{d2uF@l1}=RUI7&xc6d@1t&ByyD)=-}cGF
zJ0$2VOd+=o;EA?ntwVUu2ECn`hI(97CPpeNt6k>}VT~Z>g&bvDE#8)`Q>*?8mxD0X
zJNt2rUj6kn-9do~Q+-u~NJP%j=Qctw@c*j`&IEzhSbVDz&vvrND-WDYt<IKLHZy7^
z>Q}vla;zAT#Vs_ye2asbu0_!fZ5r4kPT%STnqBntAQPNLd(orwRU8Hda)?<0ApoaI
znPb*j5Ilu)g0h$iJ|%F~9PS^<ygJ>--kSiUWLD@*yN9?#PpiFt0ST|rQd*{@{?&nv
z7X8{o_UhAgEa?)61EUze{-UitNh2iu^Gs(1bGW8@fMIf&k{8Z|Fn!|jk+fYp{6Mxx
z96m}nzdTqTla~5kLYuBxXT=5@s{Ucd-ih;jU&k)O?uJJeM9>gdX79RH{A2NZ+G=?{
zwJIA}jDPs5GuwKL{@fvZi!_6mYgi)o@k`3PILAG7CUE>s0S3fx{uzB_1kf(eNzIeB
zp!kJlZ?CV`Cx6*b5wZ&WmR4NVlmg=jjML5pZbMzBsw8=R-<2;;ykUW~S9G@9;1|+!
za$nVU@u>P3>MYYmz8vlBFJRR?SBCoePQ`x0tWfW)FI0rW;u#AnI=OU|b#i>7HQQof
zzl3<Qf85l)?(sUC&2~Y)-_%Ral<`3sOG{1h&78toc;eafT%{CT2(l6;dy{yLd#2*-
z^bGJ1%WK_bFz6;V=-m8T=fDlRK=XTq^?-ur|3K#a=Re2(fg}Y$OMf6PLC~H5g<OR|
z*DwBd&2sgynlWJC34s*(e@`p5m{u}r0RZ6n(eTo_wf5gFjOqjn5(Wug{!K!X#a-qr
zfq)bqb^zDE8Rvc2)6NU2Qx|x!_k=-=f0+OA<N^Ug|CdQML%_xfgW!MG*DMU;1!?XA
zv9e$gw?5K<3dj!nkFWOuCsW%bH2@$50|1!*kt6yL2ncYK@$n6Gd*CA-;O_SSLb2*1
z=ZRC#fLL1*5Z526z;i@B7y$Ym_t?YxA=<;^;eUy=D6#dHu09t_00IC!{}4q2L0A<5
e5HEI31jP6!=jnM)pb7}fdv0=|ji&~k)Bgto!?Sw;

diff --git a/spreadsheet/macrofree/waf_checklist.pt.xlsx b/spreadsheet/macrofree/waf_checklist.pt.xlsx
index 57cce30adef98b54efb5defd254d3ee7374ebdcb..9e528c81c3e7caa3fed4ae8a1cc532c57a6e662e 100644
GIT binary patch
delta 112689
zcmY(qWmHz(_cbh?(jn3y-633bgLF!_gmiZty1Tm@>F$;W>6Y#W>3Z?!|JLXIbjG+i
zj5YV(bFVd5oRt=YmrI1Va*_~`7;oOZfqj$Zix~a36Ylk)maiyT2p2s|2uSuYV)S)L
z?7OA#t$at+B2;omLGXd-YlvF5=qrE|&s%C>FVkvZ?&?poJ2}m;Mlfk&Mbb{MS`&QB
z%W+U}rMW2W3fpBH*2e9H#Ty#Tmcq4J3wyqQJr93JcI|~jO!JKxmdvM<2W25RDdH0u
zMc$L+=o>jSA&B>jYfPh*?SKIU==cTiT^g0kudBF&X8OYmVr*RbNBOqax7+e7_eAP&
zCTf&}`4FgKG@0Rnc_9`Wifc4&@8(|Mvtk<k0%QH9T^)a32KFB-sxx;}l3-MACzLz4
zZ-rhNkEe|4cr6yWs=SD45><=FT?sq(!?lrQfEl7P%)t_t$T#whc3|3>Aum48ZzKQz
zcBuv)ydN6*_dYeD^4ij8fxoe3K=oaNZCHZ^W1<5PB9}hJoIZRGYKO7FEvmiql<EPU
z-7@7K2NpRxjq5}E3dBeyERY7*<tc4i;-!syvM`H>7#J!Q37c8p=vU2W*gl00e#j4U
ze<H~d^Hhz&roY_$@I?*PXapxcA*Jknzqg!8xFi+5McCv>i5MsfAj1nXy)iFskAll7
zPu&8v9yc5)>im)YGaPz4VQk`ms*ZWF%<mi@Dk5Q0rn)Q8#8RhBJvFu8+PCJ$2-XKE
z@a=4VCWMJCYWRfnqQD4uyl5IF^*z#8oEM4w4l-%WmYAFG>>W1B>b?tH=o9D*bv~>C
z1{|J&X}GU=QSJA9j6^n36Qf5`#=#D>B;h*1t^QmGmRx@Bi7TvwFAQokGx?6yT?4V>
zMO#OoO##m!CnJG*G9QG#ST{qI9EQ=K?2c!A0hdN)1A#nwSLs7x`}0@?YP0FIiWd2@
zn<~eTVn<1xH-aU5@_nL$=Hk2j<md=%@)rpZ`pn6Ks4MZ9uvWw3?$Q^-k%GET5V0B{
zNcH|L)`1aWo~oxDxh&z2ka0|mDTpu$na-O4)*-7AY+g_M&>rb&+#EzVstrF!i;thk
zd%mL<YBS@od4rlfzYg<Byo;2id=C!iD~wUYjnK4f=sz6o^9lm=4}@MM3dM^=&~Fd{
z9>g2MT7@}vP4O}fQ2+%@T|78(l#=UiN>dZ-K<`(pd!~j}xB3D-c)$IP5%eo0$|)@g
z-fS(6w=skEHW$T-QU#JxvN9h?2(aO5nkthSG#RzlnK2LFX8+`1hnctq-T6tFX-e3b
ze2FV4zzrKHT$9*(wTmObYA}aVnqU6lG?L6!)4}@ab`Oj02IOT#RQBsqA^87Z8MK>l
zz7@=%ZlvO%wdjYrDuFc{<((=R4%s}a@5#fWhpLxy@7HKCsLO1q`trl&Qx-OZ{Nc-c
z1?7(wKA#VG>V0<>Uny%oX7gB@!1>`@wzDn94>tBu{;6QZoNDgR-m&yF6};I^0rxRG
zP|kt!1xBhzBH_mxPYum$(LSDHLxJZ0!Z$Kv+eq=Dv5{74$xGH6V0k5pQfW49szm#P
zJpS^Ls0bP6n%Ni(H2LDfg3Q2rb?E{G8?{R8hBD!Y?ayVC>=+~!Swufy>YuOA`%iVA
z0zm^2aP4kaDkk?=r8<z0j~Cm+9YCry21RO-ae<UQ)z3c&(fiH|-t?z}gImE1CkafV
zL#xRWbx#K}JK4Ixsl5|i3U@K!&3|j%3Ku`y7`HL`opMyl-j5whr8~9AQ5?Mu#Vn`%
zPyyKQzlSBJ;R|U^SnXQP>nhe#vBVc{uV}a`lZn0{Ri3@l(wY4%%>t;T0n;!Qz0}r=
zJ;h~olAIW{WU)WW%b*7h%s|Q0lH?ks19_A5_@4~A--PS7D?-wS@+4wL>3~hr^vamm
ze@v4S%>PKA-&o5e!J>g1E#4JB@S#L&a+dx>Owpldf}QjLY@R%for?jc2zA-c4VZA0
zQDgj<O!|*%S-vJZN_W8b7zWXlD$O^J6GfS&S{C?QT(sMLT<v@pLsCqTpj6>@v@j&Z
z1O@T0h04AL)dFb}@Yd8+L`8WS-1={r88d}AV?Qt?;Zh`1b|ZqIYu;`sq5WgWT95>M
zxiFdhaSWR?ak#M7T)30%L6L=Z+~}e5G<v6UGGQ9Pd7-835G-}E*$(o)OT^|tw$=@D
z1vmYn0gw2H^J~_+l%3w$UT*?iDTBbci71jhJJINEvD~yb9JfD>KnFqy{qrl<q`H)i
zXpF*jlJA%OvrruH5nbu|_tS&-x@0ZHLWtRFsMnRiWT3Z!)N;uCK~^gzpq=Pk?dYWb
zijcP7v-tTm9(`ygC$^Cxo$&<7_7z#ON!=_MnGHhc-ZB$_Y0p1GS}cC`Lq{maPT*-P
zaIlVrt8)gOFpPY`P?GQ&jGr$kZg@H&MjV4`xc-3(Bz2@{L~9YMlU!W)A3<_hS#*8D
ziP@~<n-${#;+{-2jNNGn{dO~n%4>vHl@L`E72AG>YSOPZ-*2~RJzKY8KPb<|DCz!G
zo5+=}I}DT_xaGzF)RZqcopMjqY}ad<S%@){J&Z~I%eoYPw=TY1#zp5NOw!1KO(V(<
zW!)PJpvXz|ZJp#GVXaxI0CO@(<{1)nhmNu(+fg_Kcwy+ap9=AtXi_T?VaX$Ac`fwX
zT)_OJw!82%qzVb}o7x>wx7p>S^%`6`PpehirXDXlk%T&JWlk+Rw>EChS8brP<N6^T
z<)_)wt4YCnZJUfhSI;5M#0&1PbFbWCR!Q64CyQ-D<CYyiV$6crQedSgssRe3XcXCp
zT7=Jx?D|{?l+-sBLL_l>Sy|>#$I&%|ce5ACMy~`T0-MWAWgu~U2qK*p?6idIGY63B
z;jmA(om+juu07?Wb4-j2jT*xG;1a4qf2?t(^}SkKK&6!#U)t-2_k`x+hZ;{RDf_YQ
z&z_1uwvqKGKmhOZix>P!u_#*6LSGLk8GnJH_o(P_jID*Y=;)brb@feJ>|6^M2bHqf
z&=UvdWT95_JIoo$?xOB|{<ptl5>6O=d^`RJUwLUVUwK1$10hT(kgS1cvSC;#iEc@h
zVB+-3S0!Sk>Ho9$8j$3}y;9C3_}|XZn<!xe;2)<QPBE9>zL83tE7TB{cqp-rFS#!I
zUUA(SiOeQ>CD5;{zM_GX(?JB0G;d3@ase?XpnGtYoaja@Gbe}aO+f~i==1Sw#qS+v
z$NL6nQ%RoJnQ~%~(G^V+2REdq@WH3p%PgqjTFVZ@D9HEYKU!LnR+6^@XsSYWZuIan
z*T^hf8_h~xKQEa{UHj(Jf32tnda8jw%%s8?=}KdO?<7QBh0^+?Z1f^tp+qLFD5ydo
z&%B0yqre_!Vx(a|NZKhVU2Ckw_Tfj8kZeym`j;sfUF*wfrd~aqf2Z1lN{g-ymyo^4
zvvfr7XH;|uj4`*k7o}KJt1hT6)F;q19QeIqwa8pY8#^Yh{xVB6Zb);X{t3L6h3>A`
zKR&BamgA$^1{Ak`wPZ4Gt;%mY(~d3wiWxM3+bKY3t=zVs4%qCc3>?vd!-djLx)Byi
zYZCbDAY<{F*w^Eea7$Kdq^||91Da2mfZxAqzPFrVK+zlGtgA~efViGPl3@ywc>mGh
z=lh{VZc2N7Htw{VY=TYH9u4@#tTy%6KzwHXgS=NDH45A!M;NorK&~$4E_jzYBaTtl
zftj+I0y}i4)rA;o@!z4Zhx4bNNo2kKEdZQ|t%bC1AbSq6La711NKI-%G-MN17)u+i
zMy-fEw>uc>`w3NzadQihsnFFEs+oqw!XK-P)<fjIRH;!}=A0oKj73_5kDZZ3d#lDF
z8;;ZJRjeAgG7JAK)`e5PT8#T`an_O8LP*QFzMeyE$f~(wmkOrEMSC%*tZ{A@a2g7j
zvv*_esp39e%=jt$-sapnjybHNp)=)F7ObZg<;5Y6hc%UXY+sIH2USrU{@@RkI2$>N
zUV-$eHx8ViT6LrNWa*h9x*B(fnhxR6*wIUfkq-VLp^D^Be_cD$E0O|t;z}W{h69yw
zxpQ3#y0ciIHqoO&Wf7L+aylTNn$Jvs7rkR{^TYfXmT_&vwwK2*iEdh~E%5r$O`i{n
zO|>oP>PFI(mG=;46J|0FwYF7C-Vm9S7pEqVVo+EX1$y>MC3ds@xeSVU^>8-x<R5f#
z*LPgdFnB}lK<7bdfrcCnYB)Or?|Oq_!MA!LfIy3X`dCV=QrekpKHya!v$UZ!XO|y(
zT{Ji>?13LI!hQ@`?0YLDki8_@Sw!`T=D53Dq3E!X?y(#<f#OO^9jw8Nd>3x{^t;`g
zN}H5%->_M}ZmE_pkkRYdVs=Fhzk;+F@@;=;|BmZ(p!g|C@)q)<wDt``;KQC*GOIxg
z&1F)!_0<pa*FXCHC*O=5d2(#KY2-PST8x*j{Ow;O2N#%c25Spf6(MFY`_a;nziIxY
zGS70$%G_*7$Fa1l(>Ekjg%uq-pd{~MZ%oxSc18_aJ3aO$cUaImB6!ZLXSdMSK$906
z51}iWZloRJAr(mfYO2+UNThq0cGWY^&vT({?qXIx$>mX|NGQ;HF6Q2=;0OD^i_Qx!
z7UVj(MGEUzB#YWj)CG1)ypW;kj&1HYnfgUt5Rdq;5K$yV4M)k@lYm8?IcehcIU?L3
z9XK>iuM|VBL5@@*{MO>IaHj#))G&)o_yWW}<>_<hzcoc)7Sik1@I-mp=qTn~a)(Le
zV7IkaxqV8t&(F$Lde5{PA$pcx>%BTN()xn_Ra<3;t*|$ZccoXU7^YwPqdGi!_V0_?
zr6j+<B*2_>pyWEg%R36|TchD9k;zVUj(QVT@P1wQpEyZAfRzd<hXlywkK1uW)>7zx
z3DO6*mIugRXVvK7J8W>D-$k5i#Jc=cz2jzzqOYFZ^Vqwl>}ce~`1P1$64Lf{TXTa*
zOQ^JQWz6Jg45x9lAXG?Z8ke}U`zzJ{A0heBCte6kkxt@ce^3Pv4bx;><lo#LB_!(%
zL2C8$ZK(C+tAYgnPeL9!33H05kfawmQa!YxSd&z^>2}y|rw+qWmR`qd!a+~@mmP}Q
zwP<}CHursBu<_#XP5mPc!$6Ky57ji|PHB#mF`j@32v4N#&1=L(Q}{39Muk`lQj@?I
z6BO%OKMuQ71gm|oNeZ8L?bWmqg#R7nf&U5E5eMN<uh#Qkt=qMsgppL3g`0iX@0GCs
z4!NS}oox#D4ZE{PP`xj2)VPmuwasm*!s%)eb1c&I%LNn|FF2z5XhZ5x{rGTp)0{^<
z64QXu`UkN2uVwCT=E!n9`t=n?^v{eQq>5A832l_>5(<BWU9C+_Ng^OsARVQ|Q`@!n
zE%`2rh1NGskF<L=ZG@p)ocdqbI7Su6)C$haS<IJu5cCRZKC$2nk}#`2nK6;GE3fK-
zPGtJ<c~OnNL{vR}4r6Gnk(z%9mxG=VawMs2*R@|lJc|AKu-~*w7^E)3Lu42sc}M+6
z3XzThDk2~qOnLXu`;cn%njE$8O_kgAy4*ouu*ljEvCDBqt6VZUyYK!VEd8iDuUINx
zv5cGxehX=*Gf1*vZDHtVt+PP5J)aXAtDv740@H8Rsne9TxFS&E<2^V&+@$J>UPR02
z#&cebgQX}fI#K*yk5M7mQV+cU5L>nG{Mm2wGpe@=W_dc49zi7~y0@l3G}5Lc4hzGz
z4|h-xx6p-%7)aayuV?tq)?J!Iv;O(jGg#ef2dT)<m5F`;Ac|+>!;i^7qQuExb#S@`
zrDa7Wykpm`6T_E>DXb-1^*lhliG{zK((?XBDHq|t`teE&$dxSM$*c_yO9aV_v>^=n
zCF+0vLmoZ6(h%!!)FhSEg#+ncTpTsI{ERvu$U;2=Yq-Zli6mMnM@H@<N$^Vl-g_2w
z0=>@@@s-piTGWE^N7zQq(+&<Dz^|wKK-{8h3eRojj#L_$VNXapzmf%>w4I{3)EVFe
zcB0TNJ?oR|xFPARleNEu<HK&li^<bygGH#?B;t*&sphh3M49I~zLn)RTHNZ21x@>S
z-zutPZ#LD%L?xcVgn|+L@pMTdw|U3y!+Vm<>-^&N7ov)1d(d(n;Cy9D<6HwY9nz?^
zjvS^xuas(O;WgxV%m6aB&<`#5RzTNu=@^H*Uh=QNOu)@>ucx7>C;1Vq%W7Kyt;uD*
zrqvq1DXoq)Vc?36hS+Cie5jjd<Qxul%<5lm&-d<JV<P^R?ltWq)Euygo|As+@<=xu
z*i?EDI3`GkR=WzUj9YP_>d*7g*tit%P3q}H3LY4Nj+jz3&;jHjbl_#P)77sg^Py!l
zrEzcZ`P@x)-d4qaDYe9Dy)hbZ2-{_3e{W7$WuLZ}A`uW@Z7sntCTZlxZPb2fM0+U|
zxviG4%{0F9feB_<3^ehNBMH1D%{ervT1qX`5_f`8q0J|`)W;ethY%m;kNrKq3|QW}
zfNTM2V6WhK=GeX3^UJx8p3uAx-Xd4~9OiWU%f7J#f83n3e5!bnNk_qTJ8iB)Ek@ug
zXWxIAnttD(?K)_nt0bDwZPR#)Y5Rr_q{Kdq6G^<sP~F2kl+L}mvz80npZzzuPIqpg
zB4O&l1?DW0A%-1c>FZ8AQ15&NV#GDJ<w|(R?Sc+~tL?#G8qNgs*Eb94i;MA=?Up(t
zq`M#cG$R!OYPNGC<5fFH_2*{>D^IWe#)%Jwvdm242gGo(VTt;(|06A<xYE626e2lC
zywtf@1R=Cd7d&5(Zrx#Z?>SmRU-{;IxqHA5?wvl+^?yYMAkK)KqdQ}RMo;#2pN<k<
zSsR;(0rI^-Muut3b|mtfrC#!@Ldo$BDW0%6OtYfX8?2~}g<So%+no0P@ax@fkItT*
z3cfgBTU~Xq=%>=JO)dg>n_=izzv8Os4b%Q)^4~z47@J{=Qj9X1^AWKAX{oN2Ek_Bw
zlA0<=K%r$CS8^=2x0wtL`s@GwO`dTMgKR=7dO@$r^LJO`t=F;@hs@B@3lWlS*%yzZ
zdM&Dac?HY)dIee~9^Y72Q)ijpP7`|`M;Ge(`q_N?h!(ZdO8K%4)MjPZA=UdB%lmH?
zukO)N-70*)@uyBZ`*_F~JpUYRbii;%Ql9eF8)`RO)8TE_DuqocFbPNockWt(i{C=^
zqMj`qsl~O>(qHr<bQ9THuqdEz*8VF1;XDT=gj5JizM>2Oi0MVNZiYdyI`3Cmg<epg
z<cdyd=iBQ+cXOsVZng+U&EQprZB7cQ<Mv<DjB_#qs>k!Wf!D&`X9g|POwa|!=76FU
zv8>@fOm-$y%O~!ghvmZ|NH-GdkRM2R<7wQ~-=iu1hJ>1N)C&w9IG0y89bXFW1UFmi
zXVzVLHw4BJ@`lq^tr8>zG**mWmwLSbq5B(0=vP^B`}BsHujk>quQ1hjUi7X%S06m`
z0ubaAKa#5q6WU)_wN8N29=j+)kwLW^W3gM74cnCemn}7ua#OdX5s1`Drkwb@V>qnz
zXst#Z9vA$;^h1=2StA<k+y}S1*eDwS+op8Zq5q<bMeM*7*Z-A>NmD+R^jse=k7O0u
zkrjhMr09ptZxE?{RHg3<fp7Xg)$k+~XXx=Egc3@aOh+nY{<RAum(1%%NMZ#&Aj5wb
znvE;x+Xjui@@qM4RQuDb&*xb&GCSOKvf?}}$x^P;#&`Nc7r6Cq1B7(RluC#s5FHtk
zva0Y1_uD(tf8<Mx3b7HSCWocsO9W#4p+aj&jN9>n4`I88z2L<9C(e#&{X1c7OfsMT
zxwgA-*y39WKaAH@)e{>{VcG#3F}X!5<z4THlC<Yh&mMWO!F_SX5Z+w+%k;tH?i5o^
zfKc{H5bOd=_XOpIR@QYBMz|nX-9f(OG5R<NbF)`L3Pn;Jg-qn#&^lAJ=z*9FFzB3Q
zryCRd0TzB~JerD5hW4LzkBFfBTZvw@SL>PBXp++ob5-NM-!mL-X=gqXJBSZVbz@bD
zrx}rC64njov!X8+|0Yr_lVvPOgEbxzBRdmA98tWlty`~s7dp(Y-_R2azN4}Sgt8;W
z$TWua#}4qjL@XUKpK~i=j{0gS7Q0(y%cI4CSj9xMSxEWY7&K(-j0O+S+s|xNp^*vE
zlUW)Ap0pNs=)%3q)NtsCVfVU*%GJ?U$SdQng!`2J>OsX8cW>vPX;C@!`#`zE?M%}l
ziIcypXKnVyn451D8Ir#xy-5nu{2;$!XiGT?Y!9RiW}=B1j9@lxB6JC%CiS@K<LUm5
zsfsi*qHh#!u{wXDZYWxc7}w7($&$S6)|(=WLKLJtQg-Uzvv!K&dMZ?e%}UjsIfCAA
z&$3W?ZoD^~gcaf1-{2k|cJ8@Oo|qqab}BYfI=>LbOF3{l#@u>aJ3K$AGYhy*w)(d4
z&c~)W$=eG<qlEJ4BZ#Lr{VXrhBjDX{%HAX#h(K@YA5>s7b$tmI+RH=07hJ9EBK{TA
zMJz?8*qRCR(93(tOkv=8!YQ{ISn~nl;XVIOzO~P$;@`WogCcsXWQ)an#Tv-Z>JlO3
zEKxCn<lS8)`pvHv7->=8wos(f-HK|PQq84Dnl$!})7Eo!yi_HiICw6mZqj5;&tA?d
z8y5E+O3beB=$+GwnE!0LvXA(F0ZZX)kfJCeQVoOyEL8rLvKvSREiiGmnJiO*EHa@1
zJ(KwC-3|{+gRf)tI0uJ}51jZ(9y{0A)C@9qSDxu7^qeF!05+ht3KG)%c!m@9!tB`I
zsG_;7;JEYUeicy`<Vjp$H3M_6;V<nTldr1g^TjaTzBsdIum+N19L<NDre*R>E*?rk
zPK;o)d|0hh=rc$hqn$%b)+g5Z-{N;gx72L0T&`L9#9kMl>GryK&xo&jwm-^L7-1{{
zP>^!AtUFL-Nh~Y&Qb%BM?tqJ4cQqs9no^b$mozNDrP0O~U64AbliWsnwd^dG-|-_h
z27kE4dd~z5;S=HXP5c3MV-8_Q$HX(fwt~geZ9lt}6)mN^JbzNX=3ubUb9E^7O1Pu!
zV&d%9HWI_JqSGgD9)XvHu8v8qv{q>#ohvwU5-A0Lh50AF+Rzdi$SRR`;}|WiLDKps
zJ+U*_ctEXphHeyl)Sb*u^@m@!<bIX89}r^Z8*k1$Rx2k~)?4wZ|CFDd*f)-2YMfgN
zo49fY?Uq**T@4+bgb@G&7zd=o9H*RV^Rnv8Y*SOWUi_Q|3;CxGvjewm;6O9m$;yQs
zP&%nEV@cw?68rEY`&vf3oXxwktiUvL?k!`}ch(icJ>Hzyw0sO5A4T^;k`RV2s&>f2
zTQr{ynie^$rU)9%O4ro$`D;~H_$xLI9+~rhPGlyMvVDs-<kUo2_I3Mb`0`bZN-5Mq
zYELZZI1w@hfF7le(~N!ncrBdK5+}<g_;mQ}tjw0Xj)0FqU5M+J(UYy|TG)G!FCL#0
zYl?Y4d#{wV>Gl>S%6kqf486kWFhJc-T#I|f<q0Qn2US1BOWAMBhc?;X6V+!qqP8_J
zCn^cj^G;%ux%-F7B$BdYi+1SLq(B<*ajZ4@4Qi?&w({-wQS8*4P4*hz(|X|RsWZJc
z;4l|o{AgOMs1$Y&Zjgo77&wqrL2$gF(roMx@{*k|UBOCn-a}Vk2rURLi`VLqPnPO4
zCQgL73OCAjP9$1yCy)qLZK&?!fxL7uR*WxEe8>WS99THxC9%F9Hl@hh1@>~>jT%(y
z-k3GoEivJfHI}v>lmx8o9p`FVk<IkCYnKP`($=tRBnZB;gO42al0>^fh@J*WSwAxo
z--=b(hw%5J+KCWRP<O}v92vC3>P;Sh8iB*ZRm)g=B>k&qTxw8XlG6J4ct=yCVM&fh
zGbU+j*h$r$HvnP76Os{`@Pm&ZrI}Vtl3Km&I1GR67cf)jnYhBmDVCI$!*(mH8fr;X
zaI$pRreI)hRN0TmmLn^Y86?<KO(xTdaH8YwOJNbG!$sJWgC>*ZJ{9)+CQ)$Mt$?C0
zNe3pPp-^d#xcxYdE%#F(lF;z>h5yzABbfyO&e)o$u|gM&n36o6p;yXYQwk$sk3^1L
zQb(@d00j~+1;uFR=ZcE?`LyOfHI;)TSZrNt^N_}R=sx~ee!DOPH>w1I1hMqJ#@q-H
zJ6L)rdmH9EM{{sv-8p|-kY8}CDhJhQkEZZ&gL5Y%j;Y$1x!7|2r<4XYflf^ofCD&8
zXk0OMqR1jP|2`qBIL$-2d;v}Jx%nnvHY4KLhUgdVr<__}+r2d~$0#hFXOS0G<N^+M
z51te?;}N6{g%9j%AzL!1+zxL;qn6wCV$C|Emx~SN(Jx|D{rq+P-8px#{d>^ZYt)ij
z<Phn_o%d3;AR@N@hY$E)kJRiPanqpMr;{m7h-BMH$G5Wk@e3bO=+X*sT!rcu@mq+@
zi;^taUTRVy4;(e=B<>Q8OB8189jY-KG-ZmnK$Z$%bbdtg`vpk0o^p{l1(x=v=Q;Ji
zCeABLitJV*undRJN<~|O5%;ndY$bnU*@-fgITVl^l-wD=*8ejFFp*3aP0_%u>#NTL
zf$LFckwCZhY@MI%@QOYsGQ3fAcm==;_QU#Y#A!Z+(pwKQ3iG7{ZF=wyAGj}}KXVb<
zMu`V6l<fp^NzcG21(p31H^v4PmR($Tivu<NxNhF2a({^6lFbjiL6lsD@QIFZPi5f?
zfs)+Nbp1r&0(iaLihD_ASTE!J*Yl9(HqgzqHom<>aQjp(z9__7rb3P^UVrv%=Rnie
zp9$PkJvl?PgQty*8hkE*HxmC6YGDm))Wg!GaPU)B4QCerqLA}m;#xSwN!kOY0fl(t
z++#k>OxH2s^3m7*)S@_t@%zU%2cNfXX~U@pz=_-{TPvg-tg^wq<<KGf<i=LV`!;^x
zz7M~&9rGt-QV8=?`6%7k8Rqt6vCcmpbd$9kIqp_f?B@@=kN!9l(qZ|8>@h0k>MWZD
z8@jwZQs+<OA$?LcB2BUbO5TLBgx(7uocr|_*ZnR1e@)xF_r_ah?I3Y!HkXJBKutnn
zif&pfn`GPK+b#vf91Zd9RjAr+4l%_;mA|)pAqCNc#O8oS+ngc9HeY7P)B5Pmsm`yv
zv#6%X1;dF*#x=ILBl_R*ldpSR+bf)?_kR{P^R(`HbB~A<%dQ+tbwTlY+?>a|+FfXU
z(xKd<g?ab2Y0J;uedu%qynSnw2+*TwJZm`h1g%d`h9`#8yAmt?n7^yogLn#&8?TEB
z&scFeXiBJ@5b7Zx_phE{*<a@YgAM!A6hUjp7o9QePc+`DTOJ!PZ{U^<8&+uJ(Ifi%
zwf`%saVK(JXzHYelc#d`+tC^34q_?AW1ENt-e>Ap+(e6phVT*q*$9K2N=vds&wTB7
zxB5X&@2W=+=?n}9jIf1&8FGI)G)wFzUQ$l10z0LADRwm-B(T?(^LJ%kK`dOt2>f;p
z<vgHOrxIMNmocMcQSO*>qPtyKUznW+H4;tD^6As{?RlB8!yR*nmtgO!0My|p-Vk8E
zg90akHju;6?s~%ufS*wsSM7>@8}R+%_=SKYpK0lLSY^mUVfw$WZpT{qV>fnS&>;Ev
zIf5jyezkvm%2<(Bj2@{fSc~oSNr*&OWtjyE;nS$++PPb*iY!AJyKCTAEU?c%Jj{D5
z_%V=!V~H@;<5iHsiG@#1o8J<`4l>u4f5EPt8Ta1<s+z5nEBGfiwVS6^vi8o2^pFHR
zU9YO52^R19W;=MhCU4G`(krz)>NC<qHfrz9?n@qYGIp<QfUlW@W=dc=g5kV!+DE!=
z^%*M1&y6d*feKzx(Au>O@v(d-o{RMz1LGwnHw<e?WUGRWk*$waeDRSMJOFtI*%;rl
zF?#~=Jm_}4;os^;OxL)$3sXvMDdWM|ntM8cO^nx+fza(|LqVTR=od8zqEw|%>l{Qw
z#q_SqQ-0kdmYl5r8sFo4k=&cuFlE2DC`?kotlB?wY0%!}3Tb(SYI2<?E)QQ?S~n9b
zpJ_0)Oyfe?-|L-okSpDt$4ZeBU~}*lg=AfNBIo#P$eg}iYifHy8@wF;X-Mh{!PTOC
zLj%h2Zw_83=q|i+upv-?fn{(DwsR}g$0c9ulh_-u0?Tz4G3V^fEf*BS@1%|Gdby<h
zRpx&NFpMII-f{RaL>R_OXKcbI=r0%`m?*BOXtaSh`j4jQbr=)^Z{^N?kMlf#h5%OA
z5K30W4__1wtqGuO$}T`$W{Q%z=iU$D4oi5arVgLj*7!?!1?i_JKkZh;+TqkqJutS3
zcC?xia`)Ra6v$5G7K`yJiO5GA+Rl<m{A{nici5?1;em@iO*Fe`$$r_Re92iXedNC~
z0TAm8Zm64JluQ?Zb2_f4f;|O4JdHLCVJ!R5O0!qGTKVhG`TnY`ho|@8`b4fG%sA62
z{ea|5%-}t=!W{s6lSG!R;-`kPZD`4Tc!0~+OcGc8f0I2sA>Gk5_Zw0l7q&Rczfvhm
zH~ffyc)Z;qP1_AZlS$0%A_!)-02Kh0vp8I##<`0Ch4swd7Vk^%sYw4tddI?}GcZci
znwhV|)iM0!eQWKSuRkcp#aSr5&K~8hsCr7hZ?z@)JnH)M>3IcVUlhqb@hb2pihe7*
z1N}HX?K4&BNqYLhzT{yweW_LG<4k?~ww6G0IjY0#wL{{nupatoxuo*s&K3R^DB0~9
zcOM4OD5Zy@buE)R5-ASMZq4m8vV4jT&MwBDXTA{}(bQ@j@y$tcVbJ1S6=J#+VCGN*
zXMu@ZMny9AGGu<kq88Ind>Qj2vWD>u_0*Ap{0Ls+e={Lz=B&2WI(RG;ufAuHzHej@
zYh?EZg%_D#p(<pH<B8&#=5%rw84mDm?v+?+En*S5R6lJ>N<P5R-i6x8VenpB{ef)8
z^HTB<d+r+3pwk8-`?4ZXuiR9^y;GwpF4P^JIQyWb+#}c=U_$-P(&>tT^)t;UvfSmi
zgE83ZT>A*IHUv1CrH7sJ7<^pbWL&bYv)RJRX?#3GNAGdHxhJ8kEl=(?e`EmqQ}7rt
zE>NduRK8n=T(IH#W&&W~N&Qu9wVsFB&V7$tNoa#vGhThd>vHEo=~CWqx5@E~yKLxj
zHtC_Av8wjfeLRTj-M_jIk6gwlA}yE17^{Y>4qnd~nv4yN^CjHR%}cHp_y@|KeAf+|
z_>xnZ?VUGVW}Ots9X#wh-+>9YVHmlVtnrNIRPokI-Y_pPxe<3%ELs}PL=lnoTT3Gd
zS#yHvA1Dx-|BVLVPH#+PUH1tg4v>%IOeX}qi=rE`eRHk2b6Qt(Oy05<e<jBrE_YP_
zktndx+;OP_Eya~41AZEH<q>BiW$`(xp}xJ;Dtn#1u$8H#5TKS5Xv+M4FA<5Pv(hQ6
z5A%XhSw-O69>cO<kwv|wVvWZ-Ofy7CEJlFQf|gl|s7zQnKDkX>pMhMvj-%)cljX3x
zOuU_7bM(v)(8=AjF|O%3?iN32qn$Cbn%k~^?d*At&Evd9-e7aXMC??X`KQ%*%nyA{
zZ&fQ6<g>w$fyV!4;&zH+qI2&zz>p1McR?ljV953eD_CMy^78?`jgUu$dI?DAoyO>j
zQ^aCU@x*KDE8R)kNk?Snu-yA>pQ2odhfFJs>@=!|iRyD!oxUEx?9S$r4Xp9FMqW;;
zXQu4!R4f|Ka4KUs%B8xsm-R2<)#cMLVSu9n7G0|)E|&sZm3$=WZRVcy@t*<e=D3rF
z_@Tv!Te^*7`IZU<UsR);OxFssF4$KWc<K*LI`W|h+5+3U(+k7MGx{N{rCyi*!+|fi
zhfIJ}%@1A3zejbYJx2Mi>+YfpRw>rlxq{+qXs@jZOJ?dDoPk?=P1K=BE+CX+`G^q+
z=>|_h@n&py3vY|ME#bLNZkP6q_p=WlN8jQ>+mD|O_J>A6*PbSAOnuQjwsvbDr`2Xo
zqAlbxuRfx2u{Yp2cMVQHD31+P8tsG^;cpEp_K5OhHz6I#uGqsVgr9DUl07vN!q*D4
zoj;U_=zclyC3VlPVO7<4eF1_Q?6IIEe=8(C1|0WwC1&9|CoojR`7a!?q1!PvaY*v{
z48JbGe|*Vhus_p<`&)p#^v~6W+Z~3HlzVmU2-vSrx-|E7kGk<l4G+s1oGS>O87l_|
zyVmaM!<%WIi4`gPD~IM)>qc;y;&!*S#`iWltAh8B3qbJ%zi3LUEP^wCW=bw<gMP)u
zoAj#Wu%kVBhICsBNz!+C+&*1u7+q^?sE9}eU2Afvh+1*r5C+M2IcKU^^8|`i=sbMj
z`U^)gXRy$J(b-Yt!b0y3i!uI2Cxi9+q<dGW%*Y5q<Njk8EL?_ZA{_~1#$t2`XeRaR
zAGE#y#>MdsXWL23em&O1&sPRkwp`#!p0!n7`FOOS0ZH^4AR<g+-p&_*d9Aa*3K^<R
z0T?6#`!y5+7!O@Ah}wud86sn7ZIc=j6!|SI-Y5qn#qYjIe~bSkabf~6V~NO|St;E8
zao8~Ua&%$La`roZ8o+w{YRR+m<23@GCGxCY*5_W&q=$wTj_e`F&%g3C5G29<gD^I!
zks&ttco$0-v5hwKeJJ23@|mH-91+*3)K#nux~A8r%j7HWrEgC7E9E0iX*n(@?<q&$
z7SQzA#Z{W{@uuUQ1`2$X_S84159rZ&YTmVaDCqY(^Dy@(2nSL#di)C)#u0h~DH6Xl
ze;>#2zN`2`mZ<hs;p;tD@Ub74WDgx4_j0!yhUNO&I#xuWn>fjvY~xTIIbh@lKh>~3
zv65)V28jxV#jfDyHTWm?LZHa~nT~WBlz-!Mxeb9*^r}l@LSLU)KN}_ow&mvF<15x>
zDBPlS76AG;w)0g3k)zoR%lXQxP!CF}UvqD^c-9}Kx6fS65yVzx>CJ9Wg`%;h7R8+U
zVzj_YGfy^J6_u)oq@2GTLvAIV+MVvb&C!{mAJtMkg#;zy`s48}yS<-JQSYmE;=ygB
zYAkfkN}P3T+}3I^%S}js;%!<)IOJ|ZI^!z}X8`PeJ+D;B3B2n-P@R;vwN7hm{7g2K
z@hhkQc0*ZUwo=BwW<2(CroVtQCU?(A#1glhCL@^GctU#4YfLT66>PdwtBtRUp3{xo
zYAXd(l)S1B?=l~Zcx=)O1qK<`1`Em$<jf!B3*!e8<`2T<&`#^4x5Ha9^c=HGfTd45
z4g%zQdAC|b+3L@{Q2w!ZB-ab&^=|q7W^WQUj9(O;J(*0lLiTqDT(Bcq7$X~Z^vsB7
zuWD`S)q!wFKP~QqF!~x{K%*`Xe;i6j-K0O@2B~f-kCTj|)Qtey_JvzY%%i*a0c$$I
zS&Y!>L~7H6QyFWrn}k3gP@@c}Va4d_5@Jdt!#N8KkoE+RoV5=6`j*c&oy6u#0vDtA
zaHv;b1Z>jyiXVmlSxhe?8kch|^xx9PU9fy@z~y%C$KR)n9{T#k`c7n{c8m#H<OtI@
zO+bdv$k3nOHG0YO8of~>B#ita=b&8LCNmByTcu3|rcF!0z9Ywmo<r0gz#Xi^Z5>&G
zK21%f@9RX~YBs$uPo;;Or1I2hTKuWw0EOH#fLJq3%=>O=n>Jj_`fMJ`SpLYzx1S#5
zeB>k4OCKi^*JMLX@j)BKUf|GDnVA^)#nKYQvzkQGVKu*J`})4p{|1AN=#4R2*4*#r
zp@5P>JI%3;d8iyHYGS>YHVc_3L-zhTvms(QYFLj5#QDCBmVG6CRh-UsCx{mI9f;DK
zEtZ@1o!ZutP*0<pKvscU65}|QqQi0aSuS3h09STf*1py<oX<KMORhla^~!X~o~V;3
z!<Bm7=x3+llkcX5R>c6R=I#NOYXOwj3Se`l@34dk6@|dO|BPZA;;I2`%@`Z-)Wyv^
zS?jNMB|W@!{vJu*iY{8d_DpNarchPIAig~A)ML8Yk`>ns5c!V4z(zq}XMKkEUjjeM
zJqgS0)XwcJ^U)<jOdT;JHvRTY@gAmaorqxmLgh<9VI9$o&Wz{B!4fcFPD86VYHvsz
z5ml+ujb;4ZZD&ZdFUP^)A@TM+_kF=$tW7EPJL)ozxp7NN@bZgNJqV9(sxDH?j^?Un
z2|}+Q4JAl5uGk0rvc{MY<WTmztiwSLIyQ%a$b@>fSDO!!d?vCp*W1csG(GfJjy#^(
z3}rLz7)u8?Cuf4`BK#9T6nIi$#Y3aQUYl7<#zFahE+>AW)P;7b2alQkJX34KgaB+>
zIufca%$t$sHyj*XahpG$vs_KDV-ju8_b`pQ#M45Zux!pfddT@g?9LSj`4h0b6L;mu
z{1o|Z+{SQje1bUIGtX%2Au57KJu!AS<o|vR5E;?vybBE5oh!xe-cIysaxcJbiy6<_
zTwp%Uj_AtIrZ%h!kng3>drp32Ym6`FD}P3}34F)=<b8xwm!d9Vm#d}m+O%d1oLX)(
zsOIq5kr@I}T~L0>NQB#IS=L()m%uU%{*)#K$`72!ld;SFuNqc7+C-YN^mM_>KC^|x
z2HfOn<5)zPu0QdNa1d1cTFvo!`c-4va`VjGFRoZLaok}$q+XeOo_8jgdGzmEr8ZkE
zG#6Wzwz-dTrp)+Q%QY#vGD&#yEz*0_mbzAa#qhEP$5cOLAenk-os#+?0@WrbtIT$F
zUeirNh-cn4k&ahm80nXmH^4DfDBtb22e9Uqc`fr~W`+1))mttSMrz=*A`P=vRea9Q
zvhg9i9141@tzuf$l8}=<<v!;-A@OOpnqLE42iJgt$sV_zoL@2XHfqYZwtZXMIGfy&
zIOFLbP}LGZ%XkR88;~FWd5KI^fn!e>pA^#zyqB7!tO9lCIZSA!SYZ3U);QO;WqBsb
zZ!HefTJt2^Qb&*%EJ!8EJOGdPqYpOzOOWBXtL(Lz#oi}3^}3?teG?}y$i<SR82M~C
zRcG@DmSgbSf>e`)jCB-Tt8Yty_qVD-z7nPMG?*Jj$-MU@D+aN-`6)&j-*vG%p(oP`
z8?^_yJ2pk8cveGsbAVp^8MUYVn{P@^jf=EHTv=~iAv5F|=I{C9(&wF0Ro(3m1*I&{
zOHhut5-K@Ai&sDNl8V+N5{NbL9h?-EzAX*|+hA0xOk*{1J;$db=4;VoRuAHu-&j5D
zU}dprR?(^(@_tBFjusa6k(|0|kz9Ae4qROkIco{+Ii*MHXaOJ}PcVbi?bfTgBfso$
zY4>hahN)Wa;xLHp-R>}3d-QydeiOJV|0ke^Lz3REJYAe|&1`XycIn@yo368>@l*aR
zz4kWjmbn?!qq?u1(Jo&LitQh?FJbQu8P}31_(N02fY^O{nSvI`WCCn|LSYiU&Ra&l
zF?}q6D`IpxZ8v)j9EGqZecgcb?};re1W7q{a3}wEBI$JGQ^i<cx!gbznTF=?L>|45
z&<xEb!HoacIG>)k?p){tGfsSy=BA7^Gyxi6K*LsM!?C*%j36U<BlF$d9JChp|IF^Z
zj*c@RgA}DRzL*1{V8%I62bHewv$@R&57fICa*x|Ggd7GMoeNP@M0I32;PrtJF^b9^
zIT_fxyL8GXI2=F8S0}X;S3@O4CXl(<0MpwQio>Vf7K^u%(Yuo9vHNB+F8$BfQrmD3
zx$ffosM?V-7}rOqKen<tLdvU?IKvb^+eHNuSm7OqWr_e!c>W{P4F0|=`PP-8JzXax
zp!vRa-9#d<3i%ITGR!QWqjfTHBV1D$KQ+SoBpC+7d@OkKJLd<D*esLK<b*9nm|gdP
z#{aF()47+WMJL1fwK*wAr2-kMRfDdL$P!D3hy-tH`Pu1;YPs$K>1WHLMyI$!*>WK;
zKX~;-fk|A7rpbE&duoiIB;!%kp8c#xg%RdxIwP5Q4}%BqXhS(qmbJzmDgu2K%z>=M
z?+pQs<C~<ZwYQj49(lCCA;<Xl*l?C$;T=1;F{D0<zhBZPNix@C#Z5x01$=U2I-ZN1
zBlx;r4y0S80&Pvddm?ZL10hqz1PvfWz9)Vsl)A=zDcV16WE&9r;fB;VNye&fq-v=~
zHc4HB%VD3I4<RJvDukZvAUzBiBgECdWYxc-rKS-T{m|2eJi#=kwy}?&cEZOcJeqpR
z_1%>MEIvK^6J5vD{s(oFTC$4zNuN~Qrg`jKAae`=I~e46Q~kA5ZWwtBH`@^+K_Tmp
z#7^GGDhl<@p$7|TCPVJ#hQ(ocOuB2Q+s!4hRol92A`HZF`eJ8cfej<_&!tO=WfeVa
z3&@v<PfB4c<|rZDS1Np^*TTEKj+Ft0&13T!j<Dmt3)uG{audXvSMWhO1{QzM1~8@(
z9g)R)qeALMFA3=Hk|FpCGV&$RwD!u_CK!vLkXgPn;$TMFfF%C6&GSJ-_8r^;pI*0l
zUf(^+bbTBmk(76LY13MLHK_b#pOnd9s=jcxHtel^Vzu|5C4F2s*M04O2ao)Ee@6yG
z!bp?<5g-#G+D)t<w`I6Nrx;|R5Sq0C;l9rH{oe;nvs>Zw{E=(bo*1@+;2N2jBS9Cd
z_U*LOF-1F+lANVnq6j(VN3^gqe(&Y+Zu}zxluQV>de3iM$K573=n|1RNb#q`y*I@~
zN^hGbL41s@LIpK?q9t}n2S{JPHFU7&bpZo+GRJy_;q#wSR7xnbcFK#@!9IW6BJ3QM
zP0V!FF0~+>N42zfX!GDZ#B4!FoG<B6W=}5@mX)pD#mAZtS}Lj8d@aP#nfItv4$~7#
z_4%^(yCjIfhWS5!vo3{B=(c(;nJ6^bYi_MTqM+Os_AcE+Q56yDxzrZWo-gAp^93l_
z3CE=Q?t+2bc8opO1q})OoZrJ>{uyPjac1E)&MXwfm~hR9Z@aR3b2yW~#KP?_aCaTe
z->gv5K7L~yN9RuC{MXSMXUjq2@nLZ-F(yqR<yqobVRB>RlrOztUb8vL(sXotmtTt`
zNFOL%IHL_?elvC|4+P#g3esN(fZ*{C>^7#$uJKwbT9hI*=j<lge)7laV~{m(yPebM
zI&G53Tn$)+3$nZAon$FcyiEsFc7=IZnB2u@Wi57uZa&C6Fx+$X4GF^i*&BYxGn0<X
zZhX(DG(@SPyWN~fVS3d+GpAKQq$$>qUEriw{B`QY5bkWy88}Ak9o9Qrgt<Tv9NCZ)
zv#+n{Y2vg(RoPwFOb@hkAn2MgY(npw%&hWSBF?+;wh&nT;!T>CN6Ec^J_76W`o_Ob
z`=O|2x)_R%?3IJCU0wxOA(xSknC6|`(r9U=eL3=uV?$2+>zGop{oPQL!%l^QYf@Tf
zJ)rkAyTuAkF0JKSHL+a!6Z`wZ)?<Y46xYm$l>9?xTyCUWd8=UN+k7v=KZ8nVptap~
zuS~Hwo+P1~?2bHGHWa$;u`sq^yTeeL`@IpTebM|#5ZriYLVw$gzJy?&1On+iGi$*+
zpM3dVarqY7jUvUSiWW5jh5I?1*&d}u<>f!-4N9gmb~vBlhe5k8c0bcO4aDoK(K%LC
zqM+nIvTO}AWYsr=|Jn}pzV7=Gh--#SWW8(WJbU(3wsW4{XQ{^)=WrM^lCf}HUGDYq
z{<BOl(Lr`}dfCanMln7AQS!Mx)Q{5ZAN<l|ZI7AaV%qAbSyspyfPy`X=oJL5RiG2!
z2r;q0h3AjYsew`MHb1BAsm55@-zu_UT0|q5(UkaVx(t_(A^HC@Te@LUy90Nm_$l>k
zU$L2L$0Sqw$}mX``BL|;<hswAhuNWLU;f}w*5xAq7v=wU?O@Qxb^7(k$Sg5pILjmo
zoJ&pm#9{&EN?IVXboRqe1UBq=sJ_8Lz*O$P;~W(GRpf+Kc(+rIaQE$ImaEENLAyhZ
zFQ}*EU?+3tdG=^JIAIPsR5&G_Yho-=RHpx%lfz095BFeoM1oqgBOZ~Bp|Ry__sPcI
zby_CU*x_A?r%0jY-jo(4*)k$DBF&s)&1?;D>X7ob?(@|Vne)o#sqU=w%ns*FpL?j}
zLwFjERO?K?YPH7IW2;O5jaYh(+asP)zn5MF;Xs2ZM?gL#`JctTvj(5KwCU$x3(L2-
zWTb)&J^EC>Pcm+d_lyqD2djA(7tA=Pdug49`Zqzr>wz`?HKq^4U<)7)*VM+Ox3tte
z_ablTJhIm)5|zJ*cyQ^_W_+;WEz4@Y9bde^Js#IxUKv%YTTp!e;)dRH@9B6`yh11G
zbU;UjJMq7nwieRz|KG@~3rR|T=uC&3LqBrnq6*`t3FKzsDLzf}=?YCxcn5yQS5%d@
zxz#;DC3orPfvjfLj43bIZcf=8X~DDM!}zA;JY|&Cfa~)SY2Nsb^m(M)%|iIq5rY+P
zrz}H(G>?p`;yC6&M-T+TP+dV~@@A0Fc?{QxqetRygxOMka^<!49{S(aYEHu5{~9Bq
zWv~?=M(<XTc2~LVz9(J1Xv0e!1!RK1uA9gdzl7{V`Etfiof=P~8t8kGW+_on!PH?u
zinP?fPLJVZAo;jL9^ZYyu8yzZJ6z>G;MV5jn_jxt$#MC~6@gvSR{x-snJh8pE_OYQ
ztu1F{*l7-X6u=rx8*IyA5nUS4i7uiH+R-c{7|Z|HmREddQw;o6L)jCN(Q_G6E(vBy
z1E1*brAktyLMZjCgY!KjRPC0+_nJu;#JMhin0ngP%wIGyHdbh6&Q4n9&pcBptNQTt
zurMWsKg?`DqY+Y`^S_iR0!mDU2T$t?*8bx;54%17m_9>r5+Ss0A8J26LNzy1H|?u<
zH1g)g(-O%C{_9~$5@eVDR7=|vNsy{_k04V_&sD}Vz}|YZ^6>|+s%RM6l~NRyIk1Pm
zSKA*Zz(JReeuxCm?mp|NvvTn3KujxE_3Nd_c1nz6Yvz@eY4UKAiWSvmh@-`;f>I~9
zxw@MD0Lf;SA=m2Z@f?yDdL6flbQf4ESS|t}Ih5M!NBZ)%&?uV#BiV~4FGep<+s^wr
z?_Ja|Ypw>1uU@`9srNMRz&*8BydPLxe6r(3ouq51Ap8Zc{&R)p{4N4H()e-Z7R*_G
zAfv9NWYBnqV^cBgr~GP=`%dau5ni#P#SL(nao(W6c>LVGo;%eM_4c#jU90KMl^y^r
zTV^_?b2yka?uOp=m!Dpy&#w~j3IuLpZ~xF@m`kh3XuD0lyuqFfjo=kkjH=A8s%Qwb
z($*-qnh8JGt|<GF34@4Uss{go;j)u{GsvaNf@Sq8dzn9uNggsEJ&<H5y_0)+orvSF
zaCz%Q8nw(7y4e1;Q6nQd0XV|@xQsei@rx2#KyIh3W?e}E$<r40VLg%ER4FcWK~pJQ
zg3^N%DVFW}uEFM`M4KAYAWbIVo^2L@_a5}PM57CC8bWge!SOVMp^`~I#88SP`IAc1
zG;RkiKn5(CLTpBKOAA>rJ(MI?>i}Q9b^f!P328u$jB}pEYv(mA3+Q*1&V@hxeX;mH
zPg;0Px-CM;8Ml>4rJs6SHZ7j3oo~=*I%Ti+j8eX&xN=*6)<^z4lFh?0I7ds5XL`zk
z_w{<AGZ0Hh-D+ldCYh)*6208p@|42DAybw9MfkE_C?Wi+!DHhs<!4T$)nW&a(hAwT
z?(D~1{FvkLd&Ht9V0aSNcmJu-E>Q#(dU|FqwPo!bL2<D10mWEv4~v*4Ez7`jtud^p
zTO{6)(*ICIw0-m8waSU!zlr^SRZdPD0Hb3~(eI{DCe8E?kwV5X!g^!+ioXZnDP7Ft
zrd)Y_cWv%taLMB)L_fI-`H(R(>v0c$sErZ9_N|OO0FfS<am!kBlkVtQot2#tY7PIa
z03tm8Elcg;r)OmC;UCs<hqmZ&b*&<r?3cTbaPIq=odb#uKzt5IkP4|a+!D-hHr=sW
z{B`xPw#py%Z~ZOCTu(M1`TiccO91N2X=eQD4as;VBZk)z&NkK<608^Z8dsGSuswAp
z67%|f>1H|-N+^V4*`}q!yx{;zd8pUBAo{EyD7pPq4kdGO6Aby&e;jQtMS1(8R3`<$
z(~;`d3mQc!;My3;q!tx{-BVas_o!dTu^KX{{2f8EqAZv%*2?fDVfDO~^U=t|qZF$_
zR-;4VwENuW+b@@~p}Z(0dca;HK}7GnCNbLjLh|O$juZqh($n8sNwP1lz{|6mi5Y{f
zHNqWGZ5-!IT7HUE5lQFdIIHu(G2FspdvXghmvsoZ(2&$~`;(5oswbUsE7aEKtEYst
z@et()@}I1a4S@N~ceNL{Gya52VHjcVIQ&JIBtKpNVVPFfleP_oVKb~R<BX*t2x6Q)
zx0IK_&+9)CZiMs|!*4A!e*A_6rj~nwaRySLOd;{*+Xc+%prQvfD-9@@U3)sE)OQLu
z$mRJ;b&pb{Ep$ezzD0NUXh!VNQNy^kbbmnv>_}!k<}0PwLf<+D=T&7~sD?y#t`_jS
zhD0CHct3Q=glB&P_d`oqd|g<rw{^rn%p2_gW9q5{qUxSDEl78VAR!&1i?noicS;E?
zCB1ZacO%`>9nvACbce*!o!^4LSHFMZ?7ipCnKSduGiT;(uwY}ZSJB-K*ZAY73MIIc
zIEej4RW@uei}xko2g*a+&Y>n@+}BpMH1m5^6&;sLj?g0<Bz`oDpU}iUpGF*>P28;4
zB{1hv9v}kTX%6jw!&>!x{#;udfkICMVoKpfiKtOx2|8hw0y_N>U^j-E-fZ_uPm3JJ
zsqW6l<Ts5lCm$oP8>5gZX(iS1UQ4{%rxd5;XkT0J;rXX!NtkShdf`b0nl$*rJ?H$K
zEpf}bdv0yp^@u^Dwb`FugNS4;D5fjUCuiacl%lHMvyF0e9D=5zl)jSEMn#8PEc;$T
zk(AN$lQ9y8w&N6wJ)fH{dmQ?BE?4WxLscc$vE#D3?Z0O{9AOlAt*cxu?ALe(YqA>L
zaRJNEuEmd5@K0~fBUc<AEo?tbpKzTb=LBEc`dGemJJ~`n;kIOrdmnZ7DC;m!Aq2f!
z1zIhktLNPiE-L%R-$Skh)uq|$TLluIF)J!Brdw+%Iqz^>WYY-`x5*Z1NVyc7vGH{I
z#QS*j2*f%}6}1H?IQQ0PTI}J6L$?t8WPY6ASFt6_aOHpEaC^!aMOMdkpN_iMf7F&~
zj@Qu<NFP=6Kw$5@I^1plZk#C!Bn|@EcgC{Z!fhOw*acIrB?0-xlUPE$fWMeDe&32D
zZwl_uZFQOOp*8;dG<!n9gNJE~FU6boX~^R}RHOb4?9)R&Ygf&Z@zuY!yST^Agb{w=
zZfXq{M~8-hRb|QiZqidMqz$q#;imHWC!nPHl*4us#N|$eYPd!~uxfN3S!v(DwO(4T
ze*Q_nxd1IWTcWRDBPG1`9v~psDs2&7gOerp3_}(%f#;1iBoqbkr8Iqfg(j6M3}RtS
z>&06GD@7RXepI)7-uv^iqq!{(>KO2RrylkCgk$V@pLoJ3)!-Tf)1X)T`TnZQbv|bG
zp&lw|wm_4wj|EdkK9#;_6SfPnZ9~v}&tS~4db?U})4_62<E8epCrlsDB&g!L3B6S;
z_2yM!ok!spm|}xNVFf`ND73y*nfw|UhuM6mcu8i*Zx?H-T(!p;FV{4VprB5aMAc-a
z#zEhdAO#*%1rDghK6b7<p~AOC9fcn~&mOTrv;BK#unBi_$}ZG2SIswzHvC8F&Ztv8
zGMAw$$4&IsXJh1#F7Atc@Js5|zK>}+CzWX>XzlsCk?pY8qG+Bx^C4^N-sC-3k<EDD
zS1DwwJh&ceh*fT{qxlgu6!uAb%3ayJe$d`KmrW(Ac;9=IfYHI0;YD(|;U$r?S52j$
zx{qyGjl%IZXXLv$;6^?v%T3(1#_S#9p|+}|OG7g-4*Zd;84%0&+Wllgm*1`8@miXE
zkyp)T+ws%TQ5B!tvEfb5Iq_Ran6Agctj#aG=4V2dhlGL^NG(fJ{qd@bp=E;kGY8|&
zdJp$s*@xp%tu3|_9n03bgGS8+sSRjFk=ITxFXLqiVpZHw(Riwr-gO*)72@mhSl9SD
z@GGL}F#n9>nHbt_JHFd(HBQOGbgw3D62Wk@8&P+j*sy9e9hN-cm=7lvGY-aoxe-RP
z9s8G-ncDEd%p}ncm;0*8*S%3lgBY93{EK@6qk|$b0>o;rXx{sx1;g|D2u??Cd-rP-
zZgb*K^b_`4hdbqZyR@0^nGST1wPDEuq@|rw>F{_`8!eaX?2mXhlW1~Qad&B~#Ha~f
z{m%sk+2I$c#8%%DQQm!sCtKpc$p6+8#W8;&x%EkQc#S=g;Z1vx2bbiQwW+Kn)=J(p
zX9oJy$K`hr4qCbBOC_du;t;kJa4bwX(rw-$AC8EZN2HtAt<82aR<pKQefU>jXq<%Z
z^@1Dc3bg2{3wEnJi&+2G^!3rE&k;>H`8VK)p082sW?lwO<o(;7^{&48N33%tPjwl2
z&LMkV0-C3WAiOuUj|VF6Tdnmvw_kzU%Va!S_8!@`HmB^6_(*Ug=E-W9$?(@4HaA-5
z@Yn2hia~s-->5$=6{vnYqQw}sDX{zq&o1Q~Q&M(MR?NWSIsB<NqVq=9NhaTq=uEEV
zzGh{<yWm?9M^t#>X~AUX83Ws_;||`#FV+5t;f#mc^Y#rEKGL(U65a!+mLg9O{?CVo
zA>o>zW6U=B^zi&31Cw@{<;<5+)+)GeJFY9sx#&BlKQ~ifM4Ab|+7#l=TzstEEEJjk
z*1AJ4qs!HJxi0+r{Jyrv%dIMXNHA|WiQI&1D2>ukL^ostnV0NCvdinvXsf>@A+dz0
zxRWjC>r{(mN{s%!;B1gz!(Hx7h&Es3kMBBX){on;#y8W`CVmF)J5&?B-BPOPCeCDG
z_&<vpc<S>634EN6QzOM##~a<QC(+hc^s&*)V|+D^&*ialcxeZjIy!;7>6qKlor<<3
z&k%~V=7<sO9V*9&B=7;TtN+5NQ<x&%>u~Os)Cq;Y2E|K$5ZwY#{Ybx&7wp8p$Qw=6
z%fXgYAjKj%MV;9<w`j;<^~;vS$=Km?i_pZ?g}fo?2GEJstaCHo1O(|FzxqY?xgLNj
z!@Ec|Ih;@N_RoS>JAXLv5{Pc!xZ7LX*(@2jvm={kOV7LqCmZ-c=xC6e(~I^i1yFy5
ztlO0YUq?-QyB8e&3l~_IoqVQ_Mp*YyTJAX^bQ^tpx3ih8WUTm$h2z0~Cf>#gv<-(h
zXdVf0l==!$@w&>U$^FB#;jn24|DeGyKu)J`$@q%$(1vtyLxwD&c<qrrcd+*D>WEw}
z>UR1WX1kVu1la7Y?l{P<bzP;<m@*d4EV3SZUd}Ps3`iGPOPcZHhED4}w*bjc8h&C2
z7OOX3!~f9H{5*Tk0$vkx{YB>#wZB&?HYTh+c<vCTf9^^2%$jLvkfSHxb$`6a-2&6d
zcpp|};(Zn6{fq^yXS|E@_cY}wpyL{%tdCNv0-#~@BZc;Z(zf4pRN4Mj5PME4MxF*D
zJcwzs_J=PfwfNwKK=@!L1AlsFsf_!Izb<gj$A&&oB}39j_?IMIk4OGdu|~3=0VUu7
zhh3%{Xm?^H(mJJ>M)F+rb*>0~kT0Hf>!Xo!qy9ytbsgCWx*(j#B*kf_Zhc_-=raHm
zG_WsSVBk6DfApitD2H(1isW-st%*~5k66dh>wfGVhS2`=B)yw7>MHHQ-snBoa+W+T
zPR_fhL#mEz(!Bqx{rJUYxa(WOcCI}1saZCMbkGqiu^l_V-1)9D&R$OyL4c!sCxB+{
zw4!+}tNvVSZ<~+z?sxtBb@x$_z^QlvY%r=aQKO>kd>cX%JoA~LM5^oKUKPXF1sVK&
zqtUFJ>Q~p;EcD=3OubN{iz&;Ty6S|Oi$9cd-}l(j7XT=745$`tS|8f%p%yqv`o3(<
zMj+l1W!?J1h!pwkY%jF)Ujd)OQ9<!F5JAb+x})_8yafqzL9f}3uyy1W%^M;FW<BDk
za-}n~#U2%t2&;WB&IHL&1W7cM-S}eS8NAa=lcwe8aVY*4C-DcJq2kN!lCAhT3t+63
zA6aD_hrxT|a4ZMg;c*kni=(l)D*$p>#meCTuOj|}=>TrZ9^VqoH3)1aIDph2q%~=4
z8Bm23D-<Z{pnYTZQ%R+{JHxD9cjU?w-I#!RwI)K!cb-rZVBVkRRAML-Ks*4<2)8V+
z58>b&HbuW#qNgT)VXcFD9^|<00651h>~wiU74aPR&jCh*E@K9Ik;;Enab3ddveTkS
zZQVAG#Y`Y;;Nf|vwc2y>q=KX>;Q+rv|4#26-<qp$39uD1y_qZa^2DaQG2Sk}(H^~z
z!n1;RANUCrO?tR*TefAWZ@LXVS1P+B2`EReW5{7Y3^Q-Kk3Uy7V)t+@>#`?PbY3?B
z6A&?*8SPJlB#br~hhmfb{Sk*KR-LdY7);VmMIcxn^jtfngpDGWX5-8`nh1#?vGY<W
zq@&#H^diAV2s7z}gV&a$sam+{j=y0$0v&603BNR2Du*So_xko17;SCH6L>u!L?ETk
zW};z(V{Bfz-0Cc<(zi@nO-<6K5pZ4~B`E|-b?QGOpdW>|0jQ#jQV6*jk_fr7R`o%k
z(=;wZRvk|)f!1yx|MIb#e&*a##Bfp4HU0mWQ#waPL90MOP-4n7ni^Ws-#r;`czM2(
zS~tIAbGY^9duI@FmPeKO0qr7=pXMRCu*F(;-K-*zC+Y5+yp)dQi`?h(?u3xZ&TL;T
z`gr8`gAMC9g!T)C`fZ?8f5v0&L>HhoTym<3i#bi%N0OF*e7+Q^cjD@FhZF?tGCC5v
zN$7Z1PdUwCSc`FYeQ7cKeQ(kDlXu;Yz!=?~_QjHPL0l~Vmq`<KA@a)^s8FMr4Y9x!
zu%ZCgp8`-Vk|-3Q0Q+kw3I0_H?IuF(#z7=PkQn1}x|jb#6~{bt7X>T%NFabB_^&pY
za>KmtE`g4LXhRa1T|B1A{cQ(P1aNqhy9w7)m7J`0<Gqoy_&w03{)D{jZj5X+IK{|6
zg+W#<hMdr%TxwPP5AM_k0@%-N?WwbP`yw0Garx{Uwb=QcJbGcTGePV@z7&uc^f>yO
z6%G8aM5-|&tM$m@2N@)Q*=l0+XK>`&r<NPjn_gnskOoiWrj%X*sWzi-OK<L>35~2Q
z8*D%-eTX0L**ru`6MD6P=;!@TgKBh6V)<O-*HKdkKV==>LwFbraxYk)sb)&2wC?;Q
ziYN9Kq_c};E6sWaloMce6j9y~$)Fx)ju9>o+ms{RCR}&H5w4>Xj!XKICX`n6kI|Q7
zHQengVRL+nJ$+07q}NtNxlms!%bd_vn=6~Y^V^5=o8Ct1&dQZd`?c|#E5c*E>J^l2
zI4zE9-ykJYB**ot|78{Uu*hTuDl96wspczNaw7JZ|1GZ5_$|?TOZKg+!qVp!(w+mf
z;50<w>quAoI6d{3TadmPkZ9Qx`o(D%)Fm<;YXWt)r5ms#tp#KF%UTR|gm%K|%(hcf
zk9BZaH&7qtF9Cbkg-C#0fe@y^l(~+dP-WP&`Ez^m0v${`_8qiWaX>U4vZd=j9shfB
zi<yGUqTZKDM(eShbT~sjHS(dw^7GMKE%mC<+n1(Sj)#0xh9JWuE#UlN3wW2<R{q2L
zKz1kF7b`|h+9Azi3FNtNqdw!C4RA|-o(Gfi%pgv25I1;_&W!&|PWy2DRpEMk#Y(`0
z2M?Uh_0fDHF<};T4XLg>-%%X>^d>jp*=&6vPg6h!iZZ<>sIBa8WkuIE<+f8;OU%~~
zUZJ+<jpk;?d1M$4(+uLU_y<_rMZ+|mIYq-Qu1U6Q!W44dSYaeC@73@qSzpNnnn4#V
zj*-FuqWErH6eYG)r|R#?KguBKe99@UdjVp-E}Ao9o&)oUI~9hCTDDIPeiid*Rw~M^
zVnQVOl)D5^mPN?CISXms0|{iQ`dsQTwr4;3d^%lAa`R_O8u5s{)+MOw8P(px^&j$g
zIQ3@Tu0#fAp#GJ8n0rr+zuNk2VZs>Oi3ty}<F%VPd*i4UMVXb>w!8pH=bN4S!)p*r
z+3mI7;|)x&qe)TAc*5Wi8B=QN*RM-IBm!lV-_M*|&3dC8uS+1<+&T#MvUmG3G;sTT
zQ}XXy70?stY|Ei{)w6en=}}v;B{`QY(&$tKpgrS1M*;xJFDaTp!46>E$SLI(5^^kE
zloVFGaaAT@ctrU3EJz~FIk^$dHmDo;Pn@ixw%X2|fCz{<0|gx;3gaYn9>1dz4x8i#
zgxKq?^h0m&_9yz0aWQW0{;6f(``*~3dqcSsDfTAP=A2f1TX1QyhB^I+4&YKikG(Uq
zam>#bBE&s_=}5(IeEohc%Z<}woqYY>0~^S4-6R*}1;r->mks;MFE(Iv9jzAX;kfVS
zN4)IrTxvdk8)5xh*)C2rg@xm>F*(pzETGDkxWF!z-H>`uM87&?7r{wV0OM#{jEGaR
zv6H;0i}|P#(VF|e+C$fIv!3^&YU{*B31de&#@mQ2k~)tzpRy5cEFH2ylYvP9`ICEn
zw6~grtbbCkXx|{IR{^&H*85~h^g}{qGUVo?%{(#j?h&3yU?;~GtuCQ!aO^c=H^C~(
zzt<2R1Q~>t_p&NNoJ522HeGjqd1mxL<oq<(Mpd*S89R01&KL|DSJ#f{iGl*LuH^gY
zmx1!%g-wQI%DxwcTkOBj3F_`L64bEcy6WW`>iS{o!o1(lun!POV1<nMm$*QU{N4N8
z!hs569N$ShMpPTD-Ea)GB+1;4yRrnKt`$;V7Z##2i{Soo$HYAf--A{#9}Cci9;Xbh
zVI0*9D>QmHEe7o=w_HIIJ$GG!A&mar`;=qpl|i|5?_Pw804_rQ`hW*_zgAJTZe57<
zj<+G-1(MZyRCW(oaJ{iXnG^<?Nwta@Zhz1Wng5gg5JHQX7X?@oV>Xl>#%se#bQm5q
z4u6UDJ7&ckX6Ai=39ILde3~KUw_f+GZ=k1kuv;{u4WAu27ZM-}_a35fcG!`6kMQP1
zgP=Qft;uUjlB;|^t3iAwc+Wo+teziiJ0{wlDBO|dZA7IDW(}Qv9?MJYOdxmY2FQ;X
zarGuzC&dFY;-AP^h@jiYr@izbj?^7<nrje0TIcGKP#YVxio$ZvY}-Ji8FHA@`qYI*
zHDbLPGvZJbt}XR-Fg_QsYY;0&gqr!2MvVPdkH~)4<0oC?Iy;i(C-m~C@R@;pwRwE{
zNC)!l(zIO?lg*xUwS3D$iGC3APns?y?Ok}K8ozuv=0Dj&ep{ILT}TT-6t=wltFoXd
zZbn<F%<GKU%ASObp3vAVaTqRNhUjqAw2psocx0or%`L%ffcTp$^kVzCM*x+~h7V#V
z2V&}@TpzM1pi-)pYmkjG-|3Hl`n;5yF=fG`aJ9r+vWjsc9nQZu1i)JpY%>vQh5(Hi
z7k_Y5KN6lSI0y9KvAkp>0tLud6h3_gwnQv%UJI<FM?3hMHTKL_oDp>eFKq0xE!r})
zh2L&Vi&bG}z0f9eg>6_hB)57BTVAyZC;m^Wt_(-a#BIPhAC6wDx6LSU!K7Rq?o=m(
zLl@^21J5!NBrc{rdj8cPa|3$n2Aof&{H}?JUaHo;E}mJ6MuKl8@%;p(Zb63o9j8>z
zSeyp4iT<AttLY(}fj~>@PTiZvl{V5DM#;OVYZ65OEv0cX_=CpArtS)5jYV4PUj(I8
z6DGEA;?8*yV{xrr^V&@uC1dLR5JL4h&mH|z!z2Y!80=A{$sEG7d!#!V7<wxoA|i(+
zevEsLF0$bvd<tV_A_^WL9_7~1n&8I8jDsJG?9{gh`i9F0h}pksj1j{6PAHBIP2r!e
z!ADRGURhvJPoK=<H82vtc5EDn8gbFh)VBkG#m@uT8}o;$o^`>(4gfkOSRXc$W{s>O
zj}v@@$~2(UD2qasdEAex9u*3xTJOLs|NM?C&E@Y0al{g{MIKKli4||w$XLI+64wEF
zf?pZFzOzvart8I&-pyBtFnALb{KuCfko1J<EU-l#r7^_}qiWFY`&?5-YLHx^)#$L)
zf7Znl1ex;Xh5((>{`xCOYC0pd0$~h-6~F{|SPoO?7P*bJ6Ku%5VM9XD8pEI6v1B?!
z$)W^NF#0A6M->nnaHNEu*-=!;9}G#PLXjBD94MpR>e66tqth^@LLtpwxQ5cJ>HNuY
zT_VDU0SN(rZ3_Yb)HShIVqgx58%a*0(sQjMOUYV!-=asjB6mojqb5zaS(k-vKN=hA
zIUEJ#$Yg7?jEOi#Aq*b&WYnJ)>tkrgRf*!jkWPAg+b}-&ajm8NRz}YEfaJ|%n6{mh
z5yQTg&x8L**gb$T+;tu`=_74_mTCYBm1?g`?;WUxPJJyjs?h{Xl+f5DV&nxo+o=6N
z7>XI`Tz+N2gAcK^qAiTxRF2myyF*B-v&Drus=ub^_iE<$jkD|-UPM*%cGz^;WI3H&
z-!`+MX)CnmTLIrVLYgW=60mcWvO3=Zj=0!UD$33x=G}AeR>@8`5eJ=_A9q0Uf;cn&
z_&8l`^N>;hUd$9xSaM}Cg$sFcT|-n;PWhvWx&z*tZn;Y8?m-r7USOqBq$@0nF78Ql
zL2S5#FO#7&pj?=b5N`yZ1wQ_dSB~u#%qMseZwRBjW}rT2g30lIo9|Rdt+IiRcgxj#
zy)S}za{<JeN`glJ@4W-z0{K@KSy+(w($r%p=agqAFI2^Ubz0B>Va{#@^E*@}2N|q3
zpwEJ)DieJ8{`565Sk00P^W|fMzHt`m?G})IV>HIHp-v+c=En7jXJdhh)WyS8b_{<#
z3;izzOZXG<EVu&U1|$!0m+Hub<hwWIa`5`8F2Nc#n5%Em99b+h8{&EepEXMcsQ?J+
zHYEucZX{*-=9JOcDWMxloJ1nmPAXwr;Q(IZpb4H`6!NRTk58Tm>J6?CU57lqb-a<)
zjnt9X%3;g#eoRti<Sj-#G8>ZxcAnIyuS_5-V<+@4rposw;~BCH`u*G)1iucZ6#Mqh
z?WOMLo4<~3#y44ioAm+O2D*M2^hxyL{=+-Kudm3mBr_&KeW_-Y&H<by$6gDxp2QUK
zCiaY;vaV|5cypOC_jZ#0<sE8QjNuMmtHFMO06_wjfl<s}DV=3%8IZ3&UP)Blkj-~A
ztBU3GsXD|~KOqr6EBrZ%W^p`Z_Rb(Z+=23arSF?vs0S<Z>w<f`Hcp0#JNk3QyuXhg
zKT0~bl2(v~_wsu51OsDj&{NlGq|7P)1iPh>VAm89?AByR2Eay5AoB$IJNmF2@!_*c
z4f5#opf%v*>4N%s?WddI3jSZ0_)@XA@^+j=K^E5w-pTu~Oy+yeZBixGzqlf{mR)?<
zD={OAzs>RYy=Pt$*4o*oFCpSY3mrQ_r*FNP;x0Vxbaro@r2|?7?Y<*xPGN)(_=B8F
zdc3pYUIbvl5Dc#Oe~~0U;+dHM8p<()K5&@l=~C{~om2yaO0ix9{HqzF7wdq`Lmx7a
zv`(j248l5(ZG}gy3bk1ALR4cPP+r*KIZ^A*H#hOxelB=<q5y008M-F7pcRjT{{<K3
z)`uN)jrYyhq$@{Cn@K;BoS^OrO(#sLdXdO?6@ty}tK*KIbqgfLL`dt7m3Ab7*i{e)
z+kDg=6EBF##&1uVa19)F#+je!^_UkK6@rZT*GE>043lqQ8q)TE^Ggmcq#Ng>@eSPa
z1Zi$*Qp3Y%v3;*=o(>E2X<4)oj`_5L?3h^nncmjLpM=Zw9E<^CiUFlr6r3D^JgThN
z87QE30g_^uW8GYlOGC?AF@l<G@{`9eAI1C=TIPO6-RCr`{0eR!G*dbJ6v@YVWg@Il
z9Y+Ug!3H@KgGxplf|W)miI^jPM0rWlD0|VU!%qHDcs<J@sk^m*<a0Y6a?c7d2l20I
zNAVQKp;n^`DNK0dt0#`F@au7b9^{*V&~tg+|Fs#VJIcbjFO=`skuKWLkxmE7BTuJ-
zA`d2CkC^;Q^gkw453nD*QYrVbgU=c!m^xOmT>cfv_5hyI$tbWfm{eF{<-3Am#GbV6
z%)bWG`<8IGuho1#AZnjX#3H>Uth0<>e435D(im1xzgG`RLnEg+UngTnI8?r<&so}e
zWxH&Hxs2XzY<UblU^(qoGRf~*W>*h>MR$e=KEBn6EU0TjL6A)768N(b%hp)seYypZ
zpkW&o2xx%^thxw3*KB$6m{t09nHzQwdq<3HFWhJVDF1bQi!-hJ;Nu-r(kTEzQ!}95
zj|4$Y4`n%K_43L2WU}tExs<Q<e(Ej#ytz8&{+xiCw^X5z-7w}>7<-y2o)e<=(Zr7E
zQIr&Az}%{a*eRKuLd10MdobnhG2NcdAnu<C{b#7X2+}AnHJlnwTo<x0qp={$^gBw0
zezx~48Y_Mo+S9I8;kHjBvL`_QT~lx#(U7xYp^XVKyg!?x7;?%FO>4Hy-nIs*KpWTz
zBAu#R@+(q^myYh0k;(D@yypKdsL5od)5`9Fv^3_*QQIAg>_;Po^cvC=8ItIO1H!!N
zM9TA{h>|3`N!G&|Mz%}5t|Mp5c)@k*n=?EJs0kfT<K*f@dJXz(pg1})z2nkED9Sc-
z4o3!W6c*Ih^h|xJ=3E}R@aM-R0zRaUD}<ZwxqWOO-V%eBpDrsF;0UiLQS|d*LDQCO
z=BCrg3P+PQR<$V&c+}l%1h=xD-{0^5RMN^NL*_-)k)-?6<nU_%wq&a@JExEQn!Gd3
z1_(aXs6EbJWwoj&oM-D35XX2SSgMZ%DPhI$|MhB}3zC-{rHmV8<;+Q^O`XHOF?q+C
z1Ks%5ilIOE4Y<&(x8Y+Xb?5GhOw$dSYW(L`-qC#pf8(LVm^~yLIeIJp=@Fx86ziz6
z9O6)N@6S=a?5(o!Mrz<}K_`$2&^6dSuuz9(GvSZdZ0>E$*JYpO>}0}iO9a^A4xV(y
z*USL08Id^xMO^TP<mS;y_Ms5A6aHGNo^qkv9;VJQy{_^Brwp@Sa=VEG<pT(^!&p<{
zb83N2JB(#44?jmgc4+R6%sJOw)})4qhk9c4G)(zRfx?gvpW3r=lxMF7_Hv4&hg;GR
zBFHE>d#(U!PQ*v$T6;_+dS01WV{W-nxX*Kr%0Y~JufNp)4oI8!Zia>JF}nUnS<g|t
z;F)g7_`y;GOov51E;B>pCHPix?kNj9sd}u}w=0VlZh_yY7@xO$AsQL?l9ULh^c8wE
zXi%CVF;a&sqoqi|7hCdb{+jMeW1~;#3s9}I)=~p4(vXEnhgPWWG<bQ>JFWgRHGZL(
zdM%llh*;jY$$3Das8g%uS2FyA-v)){qfvJxS@eNMdpd^J1A<FI??#qZri`@J9~2;E
z^hR06N-R3NZ1UCSQPO0-6scXpXf1ZaAk!S%k6evT23@2H!&`NG+%0r34TkxCzPCCf
zpqusk-^C?H4OEdpyjh2UzATEI0@pCwv!Q)9x+yXA&PqaeE60&^NJkHT15mc6+9b*0
zgWlZI!vJtz^72tl`BL?r(_&|sxQ`7mUokcrDE8|(B&DimxvZ((>-7wk7zm3yZ>sA4
z7YGRDLpclhV4<K@OFTAA^)ad`)3+Xd^i}_=V%Gz6+K;O{ZccMgAC%iJjhKVUJUt`w
zC3P4@e!y5DU7~TmmPe4CMC-=Mt4?ZapFW_1WL9(>dTWdR8|@K|mxLk{=u)~Lkc8$d
zCn2N#qzIWmr%m((c6J1+fq)WfS5ao$(|qnC?F)Q)Smc{c4?oRT_I_5*MST`SNNM__
zQvqH~#u7a~Hr7n+ts28U&z?!Yndgf9YAutP=BXSu1XjUeq~!m(xlV9@#nYFgA02P)
z$oLZPJZ7j0PW?5^E9CYS=^Kc{A53KQUpVDL&&MwqSCriTtPGhCsESVgzX?^jugsKm
z<S>v(eLJ=2Ys=BI?u$u|fx1sMEj|eCQ05%|!a&zJkMHxl=CL#Gr?t&&^Q!M>rlfs7
z=}6P%PbGqcj#Y(3TBn9*xL;n>xr#~t9`?E|FyfZZbTEw>Ay~q#r=J#XX0XX^)5OKW
z7_~k59@Y&FI!@0n_;@qm5)CDiRq9~*S^%?9*G>cm#=H2WdQD`N<BbYn#e}3P50OXp
z#z1A0D^l32v`GQ(<x``D)rsCWGL(XVAUL&G@@m2`Iq7O*K5Az}q)0&sXW9GTU^YVI
zvU-!Xlq_^?K;foii<gGryRV?lA&vJ_E=!%gr&R$UgBEMB5Aj1Khn_#y!j?!U-HqGF
z?M04gx)vn{hQ(bSoZwyR#4kv%=`mC)<4ij4;`+i0Bu24VWRs3U<&O%ZT>2N6M55`Q
zO5Ovchzs5xTfaRzP!XTPT}nq4Xf0;2ZpK1&a1x2IA2hH7%QfjUlDyr~1S0%CtQZL8
z!!889ZPr|51-~O3d^?^=z_}!yf^;}FC|OU0o}cVGV8Y{Lx+d7bm{?RHIsjGux`;m*
zaHfHUP=zQ|foQ*d?+95zXS$L97SQ>)!&z-yT8$tQqENnD3^$ujuckX{W<K}Te_G-d
z3<)+E+`~JFJq(AHyH!BgS7b350^Pt_&VFz7dA<LF!3Z>+Ci;HUUwF2OJvIGew>WGU
z-3I?~8t$4<F(4v9VOsVp?dbC1)R;8-0?Z9}1ny|5Oe{LzyPI&0)HC1Hun2Y~)u!p+
zbR5%C%(>XZIEgJMF;N`+!BV~5ImTV5RH`^b9oQ;KZYrzqJ`75)LYN13ZO|MbKX^RW
zd;G9lIvT9qW_?<0-QeNT2>nID<+Bs-Huzm~^BXHYiMD3<Q$x2sm-*e<Qrn+O5S7}m
zCC+|xzrs_I{Ua{k`kd&c3`F5A;ojm>OT+{S_8YI1%v#0tGNQMni2w<|H=<1Tf03E;
z{D#Wi8t_r+f4b9>077eVA~y@Mg2-!E+H5xjE%+W!@vTIwdt9YU9&Iz&Y-tgUWa-DI
z?Wu<LQbRurUXpE`{3Yj{bjbhK2{k_nvQBS(3}Kw#444d1HVBS}@)#hg8Ik;u!t1gn
zhWy_aQgZpc<!8*6ybMncgxM6p7`}6sO{-_Pp!<g=*|4`Y0_kPY<aIQssvgj?OgPQ!
zNd}^b4g0OUY0@x==NWp`zD?M!G&dEoL^l!r%%ctMRNOJk@TOum%$I&n7AE<`U^8N;
znQ=)p?uh)v!yOm%s3Y-Nws7R$Qwoz{M&3=?_OqBmn3PU)G4$<>C&%^21VzAt4hEXB
zFNJG`W`WFG!kkCBU!6MxxPcDbV;F5sFiIuEP53X;BjF!%JgyM%{A!WS0q?L76n^1m
z%f)7dhrch$Nbz*fxVH`JPld;H0SIrbVnmAx2;<=x3b3(~l~C(uocf9A>cY9KLieoH
zk)vTgMVjo|Pm6w!fD!$L78Dd@5m>#fZ5m{;qU5%4a2_F9RO&?6ykN`?EtX{(IhBVJ
zF9s0jnISZzBG+TT6#tlC*G#DU_FV9Axe(JqjeK)OmWvUi-Z6Li2uwMd`nGxfNN>4t
zlSUW`(ulbzmMS7erx5>l#FpXh-c_S(TH-g*mvJ;L*7pk~U|GhnM$oiUbt+2Fj7;Xh
zFYbs}HCP-wecRtLNW4x=q2<ZY1Y7`6o0w2>{%HiZxE7*de8zabPl9nQz7+IOCANK#
zaZjB(O&Y!dC1VNLp|V=Iq2-mil~Iz1xD`;{3oi#<7t2f1_nh`7F23=@N(*(P!$kNI
z<kdSFNWVu<p5L?q;gk1T`K!}O5iv{3&Dy)rwH^4kz2M<>0$;d-xZ=0!$mXYaU6Rfc
zoAQw-J*T_v9mRf=<yn77rjNSPI2a3LmWuNu-99mPvAoi1zurWn0>q0voc-YJ&?Z9$
zKN%7PjI_QJTe2Z4=TcS{cyyS|V@ZG13}-Sa-wvbT%uvveP$7QFMcPKPQKP?WBLPKt
zq`s8y%velH?=}3rq7b1?yHe|7atyqdI;sgav8i1~GbrWAfUZZ>ovCZ5Gb7kJy}3`#
ztR`;<TeCLOzGW4%h&(SEuQk|=x?=Cg%NsGTERa#}`k>4*HLv9?<uBCjkb?d&Ip&oE
z66|DZh%5b=*BrOFaZ45$t1(-4wtnjKGQ!EF<_9ynSThd^_yqA=C`)2+6mY;0iGjGh
zONuBSX=o_tWp_(d^tR~Jh<~e)#V*j?!kw)HSq1rIDLcq2ScJM>swC30zEF-rFQ_|E
zG7wb#_?YV4Tv@?cF$F5ElYKzEx1mLwj&yjVJzbr}++@<*E^GKJ^6|bcOLv0@yiw8W
zVET4(>3cTw34>4pjD0rqw`bp=NwRxlTR23O#hi@DQaIs94SZ>Z#G<h)#wL}+uDNBd
zoCiE`VnTELE7xGl7xIZ;XbVFv0`0)sS)mpyw4iXew6k*ZJBflsi~O<=?BZi{U4W~h
zA{B;f3%5$O2oW?wdoK|}3mO#xj|qvr{lmM$+6R*P&yplpIeZwLS)<?EAU%ys9ZEQX
z`$OGTERh{;#wh{1O&g3zSZHs>2mLe`IQY-qS;G9bfuH=J{6z}j!e8>w_D_M`2Msl2
zUx?J6-g9AA&8OP4u@rl&@Mj;`bAMpIV(2TMexY*Umx}!8{Y&TStxI=Rne~W7erDP>
zU0TJ7>9GpgsG18vZxhp9h0Yh!I=@d?0Vgccd{`JmjFDv!(ziapA9Jg_`%m}$XYUA{
z@~SvF=uuMuM@6I{t1F;_N*QOM%~dkvU7(Bt+-_V`7alU&v^~0*mc(k>%eISaWlD|k
zYtg%r#iP{w!2BeQl>8q){7MVehC~w@JF2&<{qgbI7gSLt?u2>yL6Ug8J}@FN)xvRH
zrwKqp1W&qRL@w9fXojaK=XnBE%TSFc2Y%X+30$Oxsw;p{c@XIeYCj`n0Tp1CN?r33
z>=z9P_WSz3e>!hpoU0m3cC`{l`!2Y!)y2k8tT&YgWVV8^dM5c=Oaa}hs&*P-US(Y$
zZJAwqV&re+<+<dI(xufi+&n9#Ut+3`#wpYp6nwXxc^Us~^QykzL0fGuBh}^1xiC#%
zrFe2Nfy6kWGV`amN1Sq<KD6xQW`CxN9J%-s8*-dEpIe?io_Y5zw7nBWsQ~vEm(iRm
zt=-$2iQG2p<?xsh<IAr#mA$mnmS2iFWG^H5`}$j_#9lA#jhWOut3<Bb=Weu1&4JaW
zstxsH+$!?C!J4Y0kDE*EK50cUg3R>fyRiMBA0v;qfYhfZ(}T9=>v1#(q?H;E=`)b6
zZ{g)G!@ponO$4a8+8-@kQW^i{sEMTO!=K#xW7Xnt6AeW>JMosbLo}-7H(!L2!eSoD
zd;C5KIZ-`P7SRo4B=4(ohv^GpVA){DuplMK9|Q)E`Grv<^KfFK<h;g{x|Ar4TnDK?
z<pEF<-^rS<H9$u|gwvNZ_lop=Vjm?p1>-MtjdMA<6t;r^E|ZK&*|(;xW(UK#q?vHn
z^i8qf#kh<7Ka7EuJZ3I7OB_T>_!48e3g~3zSP&#Uh{x33D#*;vW2!3%E#q#!6;3Uv
z2@xkurD=B(F9jbW!#j`<T-P=2LsE|x_AtQTBqNcopDw2yM?6k;)_L&GN0bDOnIr$K
zv@hbQ(KR4)6Pri1G+>Wj0v16VKFuA0aW%f8GlUM2r-Ob$5N^BbuUmZ`gyPKjD9eL4
zjYcTE1*0Jh+uzz+#}K(Wc=2^%5vDO8wapb&r}rikx>gzVGxjFTVLq|Qe*&)Her;%Z
zx%u$)8ZasB2|cqF!=GplX`c;|CrwW>4f&@OcOP@fZl3TgB8RT*{$>=rgbi=aYZ_o2
za(kh>)$6`wn!kF^w(4bma@g}$0jwRJzQ(Boyp1wj=|-E#QFT4yLocc;H7??i+yCGW
z5(u}ou;q_)tj~6ng$yOS!oyqp0ThV*0A0f6$~LoBSyx(io4bT#O_BV$nCii6l!BJ=
zv@#LAG|q2Ucgq_4n%Meq9SZ9_ef0(RgZ2gFt{8~ZNg@9f>7K@Wf^<PAlc-D46$9_T
z5!TnDjJ(}qED?7_iRJPt%9j)}NFMYTi`>Cp^tWTX3D??(UvHm?DZ`TAoM;TX_1+X*
zq?H_>-oE(Us1RSqqQ}>I+n@qlmhf=1yho0Aj@_hlX+9BHHD>Maf7e)vF;^5HZ(U1>
zhI|cR+`z8HsE}NZclqv9Eu9^MuJ$ezIU!G1qmav1IpAPOiVqDL^v^htAXGxGV^j~a
z*d|IHfe$D|;FA{P=AB{oyt&2aw7eH_$fq5$-mcf1PGSEs{^dnO=?}2JN-e2@RBV7F
z`x}H?r`lzHe#SNz=PEA`(8T<tj_LVWxyV6%03r{m?(349+vUZ;Z+xR<(R$3g$Bk2%
z&oc#`17u0B0gfBkQwm8h2?HcXC!p+p9KAItI^)^8Hqq^ERCjITo{fuC68pDNj-eel
zmV-a!%r*9|+jmkGduN_Ioou(aJ^uI%bkvxqKnnLt^{8z#<Da#0jSf5puiaP8ZqXXV
z<m~Q&Owmx{+cF$v{8a1TGM+4fbWYXe$UHH(-;;cW{ZWfiJh}Q^S=*>1ux=U6)<~W&
zLNHp7Y4@lR2j_XZjsRJ~YXJNvHjZ*yfwn5<R5g6ytzscG&$-3{uF30rlYaa60jujc
z&o=~g=Z7n$0Ne!xufODE6*`pzue32jEcBs1l8*3M0W13&x(QD}so!<K`Bx^7?_p2X
zI9gF<ZqGUb=SXh}uk;O?r`=}2Z)_sx*9WX}IRI-uRks@Z4vzCpA8P&6If6XOu?6;Y
z&k2sPwZ(`o1!@@_{N#B7)?f5)>wobU*U`i_TOeKx(87=Hi^-2{?J{7B_je31?UsDK
zXxu*0g0P3GO`Nu%mAiy^ZExR|`U!v}H9n>kZ((sNTyV-m0d!~%U4pJWW8%yi`F8!k
z&25Wv#q=n9hc`XS>21W^CBk`BbCOsD`kZn@$KXO|Vn3=WPvVHi#DU|R^Apa^JaV>a
z<VZo3$-E2hPOD~S=p#uTxb0wq6CIgj=0;iv^ua7$wT|J3LwW5~#vE-UyqSo`y^Gc%
zO~=shAEmcAdRh6t3#feG0Rkx21i{;F+pah4Hx36Y-m&HzW60??!zL3D+6odl&vYce
zWoYa|=*;`hb7?#%M0XkWaVAKE*{E}{FlZ2}!*aF!*V?)?(Nl`#X<>*0!}UAz;6Yyu
zCm>6MNL;ZK!eJ$k>aI9CuqmrK#6R8qK(W~4Cz^b~%9(yrV^{yCik)CQbW*pBj3^cg
zdi1xWbLAV1Voj!Z(uT2}Z~O29$IX|ebS|yre|{IvTg`yCvOKeocyM$}>Lq#2C?SfR
zz)ONRld5d7Q_Z1P)Klbl1iuqcp$tm%oth?}A(Zc3zM#vJ=SMVrhc)cK`Ru@q)T>ar
zyF%hg3``hX-Nz{LM3@^>d^gyQ)9|UKCI>&U2d~quDk%CLRAQ}ElKl5!DSq+LjQ9&k
z3Aqp_yL*%3*=RJpiLg*`R3b<(r?z<v)}?15Ilo8mYp56kXoAonx1wS7tRY8ZPkq)(
zYoKZ;u_E(o+Og<fE7f5Qtwpx|$=spQ?4=JD*1Q5H<AvS2ps8d@Cg3O(Ycsf$sR%~p
z9SAi+eFFbgke*7|pUe%|mSVN`BRu-d)?%Fc)?Pse;!9{#TZj*v`h4&9oolicYJxv`
z2ro~A03KIK9szG2msMwPFKrOG+(!r>S7)ZUXE~ca>ZCI?VK*#D-Zk<=MF++U{DPgH
zaace3{=??#V!VTI)YFuEe`^~iEt3j_XC|H`HTn#Senxr4+C$5Z!ozXVt^pV+-w^)b
zrhgq26YOWN+D~zLN&)TMM~Y=@_nh+uJ##1@yS&nn4}?b{-U1tItIJ*)HggbrxR%pg
zGaZf9m*8qBPD{1BM&b<x=`UH`t?h#dY{${eCc=dTgz-Eo-yoxUx=WV#ug~i8M%1nt
zr}NsOrL+8B2XIbRc=I<o;g5Rim7>AJ#eNz%3ti<MPJ!>z)R}6&QM|<8bOP0T_~nP{
zwo|OaetIaZNY_Lhrha_Br9*_^s=eV%h^3Jd&ih=$ArgA6+nM5H!VCYYFgb+{Y7D*u
zL~qDVDF2}ctXBx?dbYHskrvx2h-~<KxkOjv%;j!h$HJ;7jl51#lkKh~`#;z@mwy@4
zY7Q-wgOR3Z%Wk3uX>OZ~P@Nm<H7rRo%Pxu*x+sE#w9EYJ+&F+{^??Wa-?ed*$Uf<(
z+s%{o-S)GPr&AB--##(L117d4i^#SPEEGR@-)v08MjInt#+M1T8=CLCl}g{|9j!>S
z3!_Bjy8WG^;SqEbL@^h0A$EJkew?=n-PaxDM?<`7z<S0PYHB%h7Zb-DdAY6ZCjwjP
zW4<PDjm*`;_o)uUn`n30_|hr5)4x$KUz2mn2BFoZ_<SH+^za23^~+1>--}%jf*y*N
zVcF~<v^K+T8PXYeP<d0_3G<TgXz0Q|!3Vh7ioue6%xg2V_>mb(`E*hzhJj`!&A<y}
z9{}A+=*qs)B?m7hMaY`*6(05?=vqPpQfv?q-R{r_m&WmQ_TW#5o5Z?;;>!&TQ0D&C
z<JXu5A(xgnYkCwj8PIu=WL_058=H_-K9n=>OX~e<<R0sx?QS9peo^igEn}{&c>!L7
zO>(-U$HrNSkgYF+VqqH!iq!yR9IbHo2YE6#(azJ>)DnQy1dA+_I>I6ayz1=cNw+bJ
z4x_4XwdpaRj<aby^+k6>iJ`&5aGjk>p0KVl>LmoHtlOKoXV5i^d4~<MYX*?9!*@gr
z{l!65w@_Rt2Yw`qU~Qwz#(v0*KNSth&#AEPBU+)0EEa+U?V7p*gk{89akDBWet)k;
z01?Id!PMavjD-mafYNBcI0<FjGY(^;`I_+O(SP1_VLL9JEXBpDCfk(>cB*((vTk<s
zj9`+26+c`h5tPwf5pm2_y>P3a2fmBGBg|5|Z?vL(svK%`kMIqIMk7OjbEfkNDv-df
zV#m)vaRE^#({+2{ifD^hg!y9}Xy-zPJe?%@!;y@=STV4rJ&J-rlFTu9^Z|sX=5tbA
zl%ooHr+b~UuCd#P?QpIS2>l$<r4_?`sPe1bp)ZjZEvKD%djiMZ9M|PIoT$zP72c1+
zKRkPhy$c?+JB<Mob(kyUu9<c1k#5kbF(G|-@wkSv#NZ(1s4qog+ffuYH_6r0Vb|wH
z$L>b+YG0A<Acr`-fOO<LNJI_Db*VH4M||6;=o57c{Bi>r(Y<ns_BA|j8ydHXdgufH
z#_GJ%Z4tbMW^<wqCc1RA>eCWz(q|SAeB!FKz(Kwas&=!{P&;=GppaALufs$6ea`TA
zWu-6)G#QzRJTF5?2>F3g&j#wrK81t(Ur>;?V~ay<sz0gTByIs|5rV4Qrr=2O`KLK#
zFys1=(HDT~fY`c{QjZ6lwC}Qx^P}f{KPYtZAkFO~v**JVp{TMFY&VI|EZc0JKssZO
z3PIEeboNv)h}>jD^~ADkVQ~Az{OL5qM$%x;1bXX6<(j&kv`MHij&2Hja(8DfZ5;BD
z!@$c|_c`KNEJ2Ih$|Qkf|7?B;>{Zw@65rF#4zYLPDE5Zdo*NVkPifIt(Wm2Zza`|~
zL1>rC&1n>NTj1NXEWU`6Y-ynVwdoB~oIqloTyFNm-*w~U+Q?uUtoEHQ(7b6153x7j
zNDLx!WKIltsyt!NUHd`Um(3w7@JRs|e~1#lG$xyf!=-0BrDlUM%w)HZjDqH%l{!M`
z`RbA9fXZ+R+M)LlE?of(v5Jh>_xWrgN_)&d?p9TF?1>Z2phi6c2S75YUKg)JioC~c
z3u%Vqa39NCicJg8&5y69=(d~Q0|By*3LaE-R@d5f$l$p_$@inGT%%6FH1HbSJg(XT
z%bIXC;0@Fz4xjPug?f{8tGFoT8|+IFyNDW{zjkk}1$zGbVUH8UyKo4Pnlu+8qzzEU
zr7wLd`6&-lJ(1^|wy<`Q{RxwwOS4WMh1nj&yWd_+T|j6j6Vg?-NJpectknG~OKma^
zy_%d>>~RS?Z;LOv695jsRP1O3s~uYfSWnv=J>1;yT-BC<niu(tDA)+vZl$QU*=A)N
zZNs8&G9Eg!x(~Fi{!n7QFVgncpvlM)tA|cO37)S)f}o*uzW!i0bm{V-5o%wnI)sK=
zi$Dj={)>u_4FsHyxuYSh(yyMtMq~V0fqG&dTN{=4q?G<i4W(j}`VC7=PU-&9ViyJJ
zFNHqN9^-y>9PZ9vst7PHmeH!ezk3+=Yx0Pg)S9{!8bR1%*M7#I(_j!_>pO5b6gw$V
zq>-SK6y-M>&4gk#g-mF1n7sh^f^{Do%U@dtyoEYl`_k3&1f_4aheIv&EA=y^+xvdC
zlvR9H8}w(tshcJqpY&j^8C_zr6DK#Y{@lpocL+ZfRHilFrgJB=9X$T41A4&1&9wwW
zPONpEDf1S@QDjZ67Yvgz4qp~1g6fbx<0~O&!~w9GM#<R^9!t1Ea!+yhUKeMJ++VXF
zV1BBPwqxo8R)?+|<J0ytOWCmL^G(_DgsG>nNF~5&!|@D2U)u&kr|th^<XBlLny=FP
znTyjcyE?S1A*@#oPD<JVi&(S$M>7!F94qb#MdWA~Wj7AS2N9uGSm!f6+N#gfEjd-U
zzf`DRcAM~LI=z@p!xnC|(Ko9h_qtV->%v<^S`(~@n@ske9|1Ioc!<QMZu>l8`qm9Q
z4m4{Z$-)|3gUKpmVMZ3h`P(9O%`KmJK}zp^sLF1zDapd$$zg-uqjxZQ(%ObvY}cw)
z>P@oL*9If}1h0jzLpAUl5N#-!g`l075xIP`bUpgk_<Opd<2<ed%t8{Ma}!L<yJfHO
z=9?NMPxK+b7f2tmuAJ6U#K`^~YEs_ljhfOfk47~sUF<hW#jLjr2i?HuOC<l$V9QVi
zkd-VdbOPyu+ZwHKXT7#aA_EK`*xvwHtFwuYRzAjf-k(w+OMv{3<r$W7xw8XXn_QGj
zPM43zF3cxttMG$$^^VrG6<<Eb+pd_j`K22tl!B7qkJ*Ea=``X_(|{TXjOdBb$S&H>
z(2+wh65+i-#pf$OpAlaRfFl1YUHlEGI9<&R$ox)(GfT8f=ibb$x6GM`pr^rq$cr?=
zc}dugO)0{MLT|(lcllG-4&BLm&h3Ex4&5^WY9W{wQ5`en14mkWhK=c_@;&dxrEhDc
zv5P#D2H_y!Lh4`us)|BZ>~Dx&1>X%#in|mX0f}4<&976+0XiVDw=1&HaB9d?W~wg%
zzU=$J`aR_K?mKS#wwf!1S)PDUk!BkiJA1lB6Pd!p!|=oi8~o77lcJ?L;<iQ07q`P+
z)ZI0eQgDYirphiG*grHwr^V>D3siewh=cCPKji;_UhAdspG~In##<5Ek*4lr#!fcn
zOa*5*+ns$Y`@95-1&_WxX#mfKo~N4t!nk2gB6q0-H*4w-ctqDTyXbyI@f$Gy@U!py
z!}$`JS#?JU7*UI55lWT&mgFF=r*U-JCw*~~N`Pcq3@Br|E@R)KOMc2i0$w0L9lUuK
zHq40E{ma81&nI|owpFcX47)W7vyb=%S;ZU_8BBUD-1N=BN&Hdpq3$XW0ET>FW=3a?
zh>laL`uV^V%G|r{t$_E5XoLBt^a|GGdx^vf+nOL#%M`F*jo4;r+l(w_!ODSvm#@(V
zeh`9B;|jrZsE!H;(861@(h#pQaUsB0!K`B4z)aJ3lZLZ3;6f3Wf2|NDdJtm-dNrEx
zcYP!%2r5lh(`VQrTNS2LJ0Z+s#h|3q{CaP)E?F4`ewz?|o><ma?C5C1#dO}%?MEI7
z%HoG#KcH}1iQXUqkHYR~<b_5>MxUWZ$t&OnV^4HVl)z|=c57bP%PoJELX@2XM%3y4
zwEn`l{F@$=okmnpFxCHaSpCp;cuPoJ5H|{a;V$!Q0fCwbYUZ@ze!J?SfQO*Ko6FJA
zu6Bm+C8yqlh3cYj;#4g9#9?UiFFN$YW{HL+0n0fCi!*<~fruwk;rs11U5G=6WF%7o
z2e@kuYT_%pIi-2z+c6US;e>jw^7h<k8fYM`8DI)aEL<|@dISF75YpM+%gz5wS1ZKQ
z5;8)bV@zHbxn}af$9+p07;YeXaKP6cTBD^iGqm-HBbNQMb5SQ>ulLK*wA2(<vkB91
zotDmuv758D`{|>{^$F8(<LwPBcHiD!pDmvwQzzzHDgHG$hbB|XB|9DT#A3&;$EgJ=
z>An(l0rKmK!W$okOvWAKSojO$eu|p=b+Td&8Srm%N$vtJ{$FyQ+yL9P_F$+*hb}?F
z2bstLf310*Mp^;>x24d%b6u?kJ84|YTg{(6;xI^uLsYk?C#*rm=%jKg^UZSB#A_6|
z*VhWfpwZ|12q6gsRNx?e&zq8{tkShSbx}&Rq$3YH@yr0m_-K6z4ck?gX@E8y<Y#fX
zf2A~IE1&_HNNJ&yt{c%gB+%xS;FO1Sq{>Q+tlnXkNYg)cj`4pfTQcQb@H45`IM+rP
zHO}Nv)I>(-PV<|G<s#V`9yciKC6FTI4yur0J4gP{a>WCfaM!*mi~mq$Jw9()FtV6K
z{?wybEiB`%QE1v$P47%}YpqG&WB%r!W8CygczO7A3*|!fhje6V2t=*6R4|C0m?hPm
z+3}Ac<Y|hF!e@WavHjCH4*aNbm!mtQb5F`_Hr)a`mpCg?t)~VCgzSFkqzkYYgj@{_
zG3XZ3BzZ4^QS`3`irMKTmxmY-a9*rOqiB$ArfpWE4B8Sx^{l?5K~wy@cY@hoP^dW5
zMuk{x;~9;b6hU%kQ?_y|SCofSo>e8UR*e}h<-)mS$!J2BTaypAUdDE{VT|Oy0V(OY
ztKcz-fULEMi?7a_CD3g691@iw!P0lsL2FA%Js(!xKp@eF&36Da)9B?_AGSs}tN(1U
zS|Ia~B(o*9c7jO-!H-vAeY*MDU|eZe0}X^}tQCxU$p8PDpi<tI>Mm}ehB9}(x*Kzf
z2q&v%mQ#s%IOrnuVy6F;G;cKc#xtie6D|sF*nX&q*zFZM&%(92);MJ{?MT;UqEeBO
z;3ZKy4_5UwxQ$4&#-<#+COa9qVXd`Zihq7w1axCQ{==4!gk$Te+9jvbGtMgLpah}x
zb^|^Yt#F+-)HAw7!9=aTdoSz$S87$D#$4!Q+{NH4h)d{PsMtxFT!1jY)C(^VK7ElW
zy)YfUV-S$tvJxXN2pBrNs4lvlt$HK0i0=Ysx^^<)%O?q|Z%P)^8L*gVls-<;^ZWW$
z-%Ix!?f)@#)nQq5PaC8}x*McJIv-kEIwYhU1nKSt0qI7%k(Ms$?v(EC?vC$KzgK^M
zaXowOvggd6nR905o_mZV4sXSwCj1UGy=t6crLU(ZZ=k|cWIdhQXMbvSzWRNT<(cO^
zu&DvQ5)KnfhwJkO2ixJ@%P5=s41Uc_d^hG7#H;}2gi398up|*~)A?`XOyPg~J&TuA
zRhhSRvDHnsWub<OmtrDT;}`{nGk@ZPTcp2Slf|Csu5X4Aiy6my9K!~H)u9}F2lL1h
zJ?{^i6?Ob-x2n|)|7#4j^{BvhGFggs@XKb}t5<08Wcp&189d2MAJB7Ca`@=P3b!VG
zY_^AkZJNQY!vB9W(E_a`XYroOf(PKVsx=d2{(3&h7k@X2?egQymi`M<=A@w^M1tO;
zE*#pVwW4_wP^svpf5ohp`JY$LA?C%ArDz1dG^ahurcnbh5aL=DX>oKql?0j8)up0d
zrgi$WjXi?l1i$W7_#G=unz4AxAm*GE2iA1U%DP_k*|+gn5{)!Y`FP8hG1@9=;g>pu
z4T~8+{ncH}${C!x!_8CJ9@-0tPTCLGAa~dDByoDWQ`9~%Cxy_15t3kwXSmj@<VP-z
z<^#}g@&z?EzWku$q9>Es!D8NNq?AjBT5-aEeaG4!Mfq39S+*e5gOB{^f9ZI0N(gfl
z5?{z-%`zNMdRuHHKCIOM{(ZUF)l&-z_Q)aG{jO<khmBI;0aOhO!4ReYABCy4QKD&=
z%nW?(@AodwYz2ot%0CIvjMEtwC1grOsr{I(wM8Zd%b$Yz?|5j9^e%Hp?i=dla1mTn
z-3;n11g<pG?2{vY?3KIu-s8Ap{4Fk`R%DVTTtSaMqZ^2mdDCK8rQTh)J~g02NSV5z
z+>((D+zlS=^*#oW3!{a<6oV$CASV{RWi=5}-U<x>NMjde$ZHTkdv6<m#fGV<=|Cg>
zJLl772sH4VUn(9p&H?slq!p0-Wlh{9j;#eoFz$>;X4yl!OWKChyiAk3dSjJx=S7@$
z)R*0Pv>Dgpvl`g*HPay)x*ztNL%BlCo$((g4-E*ZvIOWh*XrJ(%~gZbB#tcM0Hzp7
z2@~y|Vr$d4LGp;(@@+O^f9bd_ZqxFYV{hqWj8_^WxX1}<|A_<#B{FMA?j0IfB-(uO
z)MNxZ;)<#IS^S6L+S~`o8~e_N!yFaeo6KJe!ep<N-h1)fC(Q~uHlS_?<d-NhrVOC`
z!pKIG_u$bzj!H8EA!s&{>1QBWy9j^VELf>!>BJSqHX~v?Vm}?!+}^iA9YTNoNP}`n
zLd->YWN`Mhx@#+1NEvE>ar#J0{?@SUVH`8f&!N+i3%^~mMbhYdkEkah3*j}krDeV|
z$GU&f^f>-ZWcZ6{F$h}(4uP|J+Ai`Gl{BHZ`ao$*udh<GaL$2Pt?5P8q(30g0+e-`
zHSok)QLks9UWO^irG+5;UbR!Fm_7dAH&}Un5N=tvz3?~aBOaiSY<pz<GJE)bq*KMv
z$p~ME9lh-F{}&iIfYPF=$6yq#J~yu%G4{`gy*N}n-`6HQ@aO0>_dW0jkV`vAbNnF=
z<VxlPL31LPaja`vRdBzp13sFBJNR{EDtnAU167eQQ0U&LN({;viaGSxKj0`JydkW}
z*FOHPsrVhyCtxAY;6F_rB`!>T!x-I^`$p~<yb~&o4^uZ)Lgl(0!gv3;j0(%=qO!mo
z+5Gq?M+}5nbRZL`_vvSsZ_I4&e!zp3xDD;e(aXw*mL}JA(eGcSST@VX-TwG*O5#xA
zRLvL?BGu<}rw1I5cJ6z2P)E>a%TVHm$EmGE<+h335PLO;Szd05$dF^7(zSx>M##0*
zxI}Pfcs#1VA8ZIMzK*t}?^Yz-+s^_*`Ea_xNPKXPQ@mR-1y{n>;6+!I@sVqJ=m$c0
z;|;pt*eDp&AVe{I)#hVz*K<R{u3tF(KanYN6or%<IU3~2VI+wt@ZK>$APPmYC(^)R
zy#4}a0}~E{^C<A!X|V09fCtnWMI*lW7NOtS)TQ>@WZZ3QgU>CrK!=p>seu@TSz|x6
z`9#5H`Y;t;6W@@CQDo;W!9PWu@@@$_?p#(lY;=oE8CX_8YRxJw9zyGMX&mU1BYf4n
zGW$`wEvLllc~g;av!%<r12O%$ax!AkllflHFzqK!-Xya{IQJ0z76_qin6jq&_^^gy
zct;^U62QmZX65-43}^&pgIj>h$uRSn(Z(Bp=%zoBLgv1C5$C4UhR!tnMsXA7dci-z
zFy-ez37jM2rY029U(Lr4E%Qz@3V3|&5_F!w+PPx-IdP4nzK61L-d$QRV$~2WwvlwF
zp2Q<JC%Q6hP7NF~8P^~BLV<vdc!?QP#xK6VZPcN!A&4b>wG;Xa28ATrJ3%8>bw)g#
zoRP7LS0Auqqav4BwYH9+I&ph!{w)UqC`9Vqw~=Zy0Uv{_MpQP2VD1%0uCEj^dY1Qn
zccQ0?U>5X0xtm1LTr7non$hX*vb^dx^9)^e!b6^qBmzXX<Lp@o{s3y22rGkZ2dSu-
zla*kFW7CZKP2ksC>vN(s8oPXOFb9nDy=oUZGz<tU{|Nv<VopvFX4hF|%Ay_9Rg2=l
zc@X0VuHw%^mKr?DL+NFA4L!LfiDBKDr0#F(l3$Nu2ona8wpbg8CWmxpXlnxC&8TPf
zolGb>3yV*u3+txVNo0-~DjRWc!lv;?c`wS@>sMlXq-t=6ghBt_+Jh9CkkHB^Fmb5J
zkTfXJqbTOs@1*P=8Ix<vdqnqYO9CpZj$fkcL|uTBvu;C<xNFwX^KP@`7UtfKPoNrb
zySB<xH4UhB*9-+#i!~;jFiw=tTfRfBFZI><BkmeZH^1ppWWGe^Rd40$P8yeEHNJvX
zM*xx>JS-Gt+(yUv?pNt$_};`LUsgTZU8;d@?b4Gh%lY}5+3rX0oJ%~nUE)dZjv7*A
zBDu(r&MD9-rO`{aa^dL@A3%D1@@vdEI!d>_W60Fj3TD86P{2N@Gb$>ZP&M8}^W)Dk
zrJpUI=z@W?v;}c0{2PgD_r<sBe(Q;^51kA%w2^89#Z;gq!5tR(H(LUQ$2mN&99&1S
z<e=@&y%yrZ#CE$v(&vpq;|!<t^<A6?`1rQ<zY=)z#JSS)VLtT&)a!it3B4gHU%^lS
zK=IpC=)!iGZ9UB26AmIrhNc0l{@@!Vv1;cwh0g3}8y0esz8--`jRQGNZ5>heXCBLR
zF}7K2zIfc7kXfc?+Dv4jdlTCk>^;CSi)U7_ydV4QL*wJrAtj-KP!1f!&^bDCerF{F
z)_mE3G$?~LPN&(lvq;&cKo9tujvbn(->0M_`aSSH6GLZ3@GGti^mXr7|G7E%?zDIi
zbntDejZ@M_?my!5CHmTep6IV2j;eGw%rT?;HMDsqwHTJ~9FrM)&+R7j-h?zIYNa0s
zaM*V_x7Mfhuq62GxxJM;4r|~)Bc|j3Xcl)pTBD{~|I@ujKLEJ?zHzej!On$gNDQy@
zvrw2>cL<q@up4DaHchZEGb2bobxGQ$@SkuRxiU1+Uj(>RU*}&jx*XF*ZjPZxd~B1g
zNZ8FPIh|%C_8(r(z2?}@tLIKb-cCAJl7-oSRCOR$DP12}6?<7QcND<$4t+9E>!3NQ
zkPi+>?&$kwv@jWgkc-jAaR$oI{WN%I0MFBGMS4=Zhx9x#k>eJSH7k`oRk(1~Ao?i#
z{Vu~RMUy~W>gGMde5EP$ThlZPmG`<E-keOUY4J%!DKREU8fvEnZ}5Ih%d*=vi8d)6
z7};Yw>HesZS2dSp$oSD-<L9nDe(+VIe8ln-P(!=Zpi#1KJ;h!qh#JesKheXuaX~QJ
zAmJkX2-3G>BHr}6i8DBrt$*ksNF9)VqPv!FxSOv%8FGx$u&>*@=dW5<_M{@4?jY$p
zp@!TQ=rI#eNp@b~0$smj`uu#|vcHvn=j@(UR`GEmQu(upQvO9ojw=fZTt>7y1m-0>
z@VHqNv>$cY1?eR=aXox?Xa(1RbaH&yfH7#Sa={ae*ldxzRVP2JJxOvmvV(7!KWD`<
zBBD-3k13hI<!l}*>HFGr3@7bmoiAK?TIoV!zRW(f&F78sA25~SAjA);cQm_S4G|}o
z{8_f>TKCp)MXJi?L|(I;nnY49cLNVf66@5ryeEWIcmtp;kL>ntAz{c+Ay9Ec|7hgR
zG^W$iw2g^nOns<{?^n0ZrgkZtj|g9htJp_QL2+LP+bi<(ir1eXkAarQVgVxgx(Tc2
zS`fDG^V!38$1>-$_QQ1tO5U;-Z>it~k@IYVUV{=-ybcxxebm<^x<X2PY2Ylnl7_~P
zLp`FSQzSPSH2*K=%}HFQ4G;OUX|7w@9mhh3FWAC0GUD=mo2vZrpiXyIOT>8Z(Tv;P
zsA|NO)6pe0N5rT*wYC26H*tf_*?1HO-jFR8ei3Glj2@FEDDl*g!_q>MOG$a$hH7Ga
zO+vUvg<n>J9tiKy?4x%HadSJ$u!1%jH<&Dmh7-IX8Nqt_QjQ*7n2{fkCF&&FwxFm(
z0^E&dLLOb-#dUY7RMJN7H^0fB_*$DchV;vc-ANyB^JC%H8HGIs`dW`3i$7P+Dvu`D
zT%S!)0-Tsw@vinu$88(NRn!9T{2Khd?=01vfI@;WAE!5o)Eu?Y^ss4YY7AH!=d(+j
z4LsJ%hZC>LZ;EI7R*&y6j9{O`uspBqj3~VgEq|{eAt;HdX!TzF%Zr7KOs~1RyR1p2
zXv@jFx>;h#2}cQJ!YJvNq9qp;+wIcon7MRz&}O}&D&6#7q>d#~zmVDm(6ym)D{BD%
zk4p?9gc4;W-EVDTwNp6M4kYZ%p21u@Gn~N27<_|$Jg{wv(15h%!1{2M;&nsFn5)T>
zn@_O-uk)}j(b)~+3Xnq4NHR4{36(a9vW1uHrUc=|D;O<|Y2NwM;D!z=pr}?ThYfvK
z7O7MwXG0vc(p)wAf4l?$hUm<gzwM@kF1R$;R6Nu!!#brgd9%iHTSPAhraYgBHSljh
z@4@G!ntXm-m+<6$YN-jRcye~{8oh0_%=rE-_@qniQtq$;NS0Xkd}Oe$p?p7X5jWub
zy+$HeT!DFQ^^_^>`x8B~G5K?GZt%!i?b`ls`smIxCroOD3}FKBpyFAu*LC1ps^KG;
zK-5&CKcBCGS$4#qh>Sku+M&p8@LUz6{e&_jIl4PgJ5tuNd-KD@2a-4Y#IZFr%Y35+
zwy$iV?ek4{`h9|N%<WF`gwyG@<xe%jafCROH5!sny%rfyXW8@|(g146bqvEX%1l%3
zF?A|lKwcd#>D(0n_QJnV6Ozl=gff#dw=-k0hDN6Zy{66dGig`ay&pvAZwx*6*uDMA
z%eRXAyZyy)RFhvGq<F#t9y!H)18Q2JMEQxsEz5O&%ZxDE{OYcM$vjMhvl!C$kA8V?
z?5D%+me1uQrf*stDqqC>H03&*M=F<fyt>%uHN_nR#&pBUte+P=zBW*w&aaa^pq%tP
z)Ycz9-AIl&!97D<S2$}L_1~MF8HeSOf=UwxH?e;H+B_z=UEE5c0}wG@u!f$q#}2$>
zWrC*akN=!wwpZEC^b3iFxpkye2ak;RzuDwSeLK_MNQ>joBedeEr`)&j$bf=Hk@C77
z<&}w0%YLsg$D8APWnM&ZqV0nRR7pZAQ?JMPG4_sS^O*AWIz3@+xW(4`4(YE=EN#f<
zf;rKjSV>;j)@jaq4e6<OMYZI~Hz_Jr?c%75Cma+`8IaoXf)T=xep|oa1-+BL)S%5s
zOVl{>9E91+NfHkFH8S8&qB|8X(9q7bGYUMkRBI8!f*!9acZV|=YQB?lS>Ib~S%uk!
zYVApLGu_!8?mF%ps3DhH#_DbUnI9<FYY+`j@<@7=cey-+dHPPvhLnd_ry0e0+jq=)
z0njw>U&=^ezgx2Drc)7#<asLQm0S5h`D+3?DXr!GMgX>|8G#d04@i~!*P#F{ge;!V
z*p-o-;}A?lG4>l{1Oj7>z61ic-_id&p@cmqBbW7G41b`UB|g&KQ|xS+Fx0KrN?7Dh
z#TRvi&pfBC<ETJ?ejthHIgZ5v=AN*)c?eqOdue_d4s~&%c^&m#@$8u|MB?Q@bO()L
zpDj04e~9o~qFX6h^*XgJdX!krv9b+GG#tsjI_I4CDL#K87#P`zxV;y{h!nF+FxjXP
z2I85ck_ka)D-BMh7A!kBgaj3<2Q{z4!!yTx<F?dcBznfwcM>dTjIjterQl<WdYkAN
zI}+N`kk|ENnMptUeFgYrg?I1Ea@N5Q+5HX61*yQ&sJWTOhJe3^N{Mh?8NtlNcs6;m
zBrMc9O8wjv?wMO2La5AlM~3s+r%&4p-)<4K5Faa5C#0W54$_;)2{^Z^TWLZT58;yV
z4UBjT1g0CZqSo?x$1L5XsWcK|+c6Gx=k6vj&qe?Uq~pn!SXe&C9ymgFkzZ%E5ERhI
zxZxK=79Axw-fRZ6ZGp3gTCnayp##R9c1$t}7dbD-CIX6IJA1U^vHW$>f>5Bu>6_TV
z&8eJ81s1vk6(fo#qf21yq)EC2F1eXGW?YvF{0}ppD{sU-_&4`j+5kYuvw<0yZ%qn}
z4-*nz-y~t*SmxN}#0YozExbf{iTW}1cky81QKeK$(GC~Rvl)|xzgDCScvS8MqM-{k
z`s{yXt#e`wtN#;RB5aC^o9S>cSa6Af5-e;{>8-@BS6!!a?#8K1x)zh0;->yEXT%5V
z`^nVixNk0jr{2nkMKCGYh?b_OS8%8dXwUDrF{dJQlrqhftI>~7w7H<69L>(^9blL9
zge~Ilo^*?VuU;|~X1J!Sp7ZTWo0kE({i<&MbLKF?&yd(n{YhTYgkX{t{o(PX>yT=#
zE}cUgT65VFvNj95kTf7d^tjppZc`%32{;`(_w#`D)|<Bivy3So=T~)zUyb(8IvFqi
z7@<*00oU7rKZ!ko97RrL;5SU_Xz(Q|c(Q^MyHXmFbXQhCyHc-yQ4OhF*b)QU^>+FG
z_CwBJ5B=w&*CGXeyBHQl2QSxJ?XN}q?O&}5eMmT7BF^>=Y0F$M0*A=^?$~*YQ9|6s
zhm{__-+J%2Na~X)P3ZWHaemvG0-JEE)UKZj^2^jD3c=*uv_2a)X#=mXq0iUp^!eoV
zUk_6H-t!w*BZ{sy1hrvG*!^=&)1fG+o7kd7YMk5BJF`i;6gT#I9^|L}j@Gf#H@Yw}
zhW91_kQ4j&l$pa7@i6?GEBUYq>XYnG4c0gvRC*5l?W@ae9t^&U6P^!oYwU=>hofnW
zPn9ax@ePC&v&JqXHOeg3cR2)#!wJ%8!eWM&;<%LIZ}U}><@Fb(|1!?}zp*Q%n5D!o
zr1K4WENhBv&|Ux!=1klYAW?yIc|mc_t?3cB$bkEL37MykH7&^Q0oE{kg-@C%-t@P%
zP|Y6PQZM75|Eb4ygMcAFf5p^Oe{)XqaO{Y&*Yb{BN|DLqUOHsKrBXL!U;z5ndrZl-
zQ<uIh<L}rJI*QEYv1sQmm{i7n9isK6&AFggzJFH>phKL&yql_s3tlcd&4nIBtHxPK
z@$t*f(+f$A<nSxBSvPaW6zwtG5zC(}J`oB^Zm&^)od1;|`LwnxT{HE3btFmHQnRQS
zK{F{M{20f+_JJ!^7EezwFWabp?yeUm`R7{Izz4TkNx`en?D7-A<C=G&@vePJv~-th
zcq;G!ic#R(En2yTjQ>DSQDW<xiB3L(%i~!N?)hSU5~XD{vtI_X5<iA(dQysSdn-J@
z;1zx$^*wov<_pi`I<<SE_%i3436HA?YaEiy-nat6d+{NA1SrJV`JTBn%~l2ny(!1t
z=yBpFZY?k88EnV+*JU~n&7N)zA0V#)WW-^bykP=Ot$LqPeJPz6pSV6RA#xQxy>Gg4
zc~+xQ*L`#yANeUiIwpCnblC8eR^ML_cYa-a_a@(HJOTflM>2+faHF}xF+%Sx-)`eu
zZH;ed7raIS&@Q@!%~RV<=4Vk~3Z{mMCLS>&G%qi*8cv@P^`h;4m~SOfpePvmfsbZ#
z-krZTgc=A*0a>_S&tk7oy1mQkxLF}$$9|&JA0nK?E;B$@{HYBYx9Uy#afhb|tfsB`
zt>PE@Q=|OrwX>?&GK}rufEs-XzRv&jF2-dCX>HXrld8T6;q;`i(@K<&V$P<kgTy~6
zmasWk%-!w_W~Rrh%~&91KdO&6+%t$(P9tesI@T5(h-*%XBK`!j-DRS_I>)F17D&_)
zK3-hi5E#f|W+%O4;x(ylRmT@aTh~9R>>PQcddj?ZTOk8=G#F@1;FN^Xm2dMWX^=2Z
zl5pOPi?z4}W3S_{h_>}@&bye))79Bcx#-yJA)r|J<H{8fFV1f&=wWy?>WNjhS+ez-
zd8|-hIBfbw3DmS&qd)Q5YIQO9&e&U^0e7ioae8Enj(Fa&6z)4fjjXNMDdIjSvPcs-
z;qFBaH*!@vq2|_kG*kT=o1`K=mEbO>)SA#tK|@OVoD4}yT77rwo$r`Z)5a?(Xa+1l
zGc-{jBU^Q#ka<N+Kw2#0iDJx{-k#LAQ&M{NOR7FZPR{>N!_P+#74}G4`sbncODHw0
zcNFaq{&HdaHXV*Xd?sbL#`$scV;8Y`2OFvr?=ZExe{^JTJDm=|hc8`BJmi0Q&>$(Y
z)Wjmd|6v_dwA#Pa>yAb=s12zo`61y#Q9o7~sN08Pb(dJB*ZLLLInJ_)1J|-LzA^>Z
zvNk}cz}!ZMkTF79%ETJ_>yf=Q-16tca^3S6O8n6j(ysoib@-pk8Et`+BhOWO@W)<i
zD*QmUs!bQA>Zyd>FZ%_*8v1Enk-_KE<|V?O_`@kvh<uq(#?wRo0Zm3+nQR;|eMq9L
zR2<kQ=grfv8$onLsUz-#@~nw+@byM}|8ij5K_6uY**wW@w2po9RWt2sVAH&*w^sXl
zSG}uP<&9+3v&X&SQK$8?%fRNDruJHEaF-QAs#k+cWY6`Xb--G(VEf<)*-(=GJKH>r
zcTcDDwISD@O?LOUbB8)ZWO_P4MzhbDMdsVPkhQ9DlFQZ7?NrS7$108wpDZhIts5@%
zV7__l5)L7d!kQ0W7^nChm-7xU3|O6u<gI`>%Jx`lu>!czmKmq+r1`g*G4Hk&-s!nI
zU9O_x`{oVGW1kh}zqVLo_Y<ykRo-(Q<Q`JL4strHd!sj>Crj*n!~7%wEHQe0Nseg2
zwmY+*tX^t}{dnb0v?U%{+!t)adi##hzU#fAP_X5_(`m$0pIQ9<vPpp#-xk~c!SV^|
z;4%9{-zlt}BG+EBpX_{v)zVx8#Nx<z(2RCY6TXI%o0=p>^B0XyxkQ}hK+k3lyk;a+
zdX$mNquFm;PXo1&9G`m*fzy53=_1y{Pgi0e=T5baABTdkiaw?#xTQZ{Rhh!V+DGWn
zAO%T--8(L~O!jYIt%#Zw@GIiAvT=k&a#f<^#8TKGgm6*pBH#r}K1An@ZMi!BdE&q0
zK(-nPx9Lb)Wb9BIw<%vEkFJ#jhvbv9z}7x7)2IA70M>oMEg6rsUNDj7G~Xm~@7he$
zqDzipqCfW@>q(y9@SvhXmi#S$!t3^B4Oje!0fHDp-Gq?!XUg+u&F#Y;O9XZ0C)MN0
z!c)a0*$YGa=tVDXt?Ez6Ss~iY@K^C3r$abc`~q(iIFk>JAB$o7DtOp{iR2-9bn`Od
zGS1Bxz-w#3>X_=SwzujN+0~WygmmOAegCJmU&q%jsMzVMvEoyRO%C@yER>fz<1c6t
z<?1J;VteR=;#l4^W_ib0fp(mF!1w)+<wHeUYx8uK{bl*Q3x}jSeLoQ&ueEK@VTYqO
zNW^&Lq*FSmD%w{meT4o#kO92H7(1pOFXsyRUI08IS#W*5Sg2S4=LcMCe6A;^$K?^Q
z2$lr-9miQ+cnh>zv^*-GRy8>~-eY(dv&R_kKXpNFMHlul@($`Zl<L#n(bv~w=L~aC
z4%uWZo)5yS)^j%ICvq6Y6_V_a|76WqK+nE;H7QV*!`Pqtdx|gsTr6+(SaBQV(DIaY
z$;#W-tT-Eeo9<zkBx?H8M#}Sn#?Wv1D}jqdgbE)p|8gFD7U6q|eC;o`d&LM1xAqg^
zHm&pq*9qlXOx#KPsbrq{vyHyE`X$O9Fe&xTA(!KU-L<FOP~qym^f{q#MLO7fWTCmA
zm1gWwNCZZWR<IPcDrjiwy2;VXMZtx^uK41{vE9b2gMKCiPCT&2f`1A|l0Z~=psnTu
zYOp=;L5--lKKdDfRAl0q;HO?E%!rM<QZ<Ev`S^q9hnSJ|MI!q95bKE_u;UY4ZU`T^
zvUM=r+Sc^%)ixV?Ru4c36QJG4s>l7>kX2w8A#^^5L8q2YaRxK~S6nNR#=<;DGc|E#
zSX6R2Xk(`4(s;M0ZbXVH2)C544PEd;T_-Ll6um75w~b688so1_QWB9<Ty>*ktd2jk
z1xYZ48*lXNjF7LcTn@xXbaWlA99fuf2I<M&o*&Ju5GY#_WZF<O@_z)((!vyej7!zd
zy&Phgl4c}8t1_lVNE6i=4u-HAcav^A1H}zSP%w$0ZB*FkSd}61TKbK}{Yk}#S#BVG
zls+D=0=t1$<a<A*IkVD+1~=7_kmbPfZ}m{dp;x@2LUaL(YWZ(KG|lE1kF}RNOf?&s
zs6&Rj4X2}WMc$V{!RLk-Zy{d3L8x8X3a554AFO#Uop18A=h9_<iY1TF0xN<^9j2u_
zxW-@GoWSYFgcNdoIAu>Y4C7=i-sT{JHyzD+WX@NdN_Gt?+IUxW|D(3y4!pO2{UY04
zZ^(<IL5S!>Z5!It9h~0WTXk%k_$#hjwIJ*&HDDRIeK27sIvDP)NAwxDRnSd%PAOjY
zd@@5a4K%O6E85{#Ph4k<5nWz5m`rYr32EZN+EES5wmSb64*3-axU~r#P4-8d`=Y(o
zfhQQD_wY(rRScZGI+H?Hhw+SKjOQM3rT@&1D&6d$^A0S(p#V0o{6Dz3K`uSup^=x(
z%g7yPP=e3RHjqN_i@n3cxSqpz9Nqo(wI3?ki5_`WNtbJ@=kaD@e6_ANtjNEkpL`&^
z?IE&tzLd~&8`fd+-XE+d?}_u^2l$!v`4ka2(OwN_32%{Z^Id$~=0uU}{^y{%!WyMG
zo3e(39W+;~esVyZe~S_C^e5tbi&MmS$A$HH?efGIpf76ksl@)~8}f!LUBiNjB`_tX
zu|2tr2Z(k&xOAq-^Va)~dDtnJxl|;!2XZN%=UWxlzfZ+`zkb+U4Ux~(PB1|YKgPm{
zec$@(g<j5%O^VP&HW;sU)^9%!MLgX6|04pxObEPi2g%N+S7G2G@zPoy*7~}bM`eb&
z&6^;6mv;^>38*evIU`@$fr-sxa!}0nXSB2a^s{!0qWq|T<`}02Ux<|FOo|ICe?;}M
z8gc`^<dC+fKv&*Yp|o0zl06D~h>HpW@o85LSHMTXF@4GvH0S%<!IUFBJT=J#_=&@>
zTtIW{XdmT!eJSGf+l+Q^LnXxeqFZskzp`(k%VL*ZFeb3*khA}lYW|aVwMQN$J|6yv
z0(R=`(Ia%&sZS5`bRn<fpjKc~K7v_w8#tNvX_K2`B#l|e#hqoCY7(+-K(N2Rn<9vC
zedx0xA7S{Z4X8VN1xQeU6-xPr7=DS%l$Efls8mLW9>v6mB6qnE-oA?aZy8TOgr6QE
z_C$i0G3M!xm_!uGdPZ&luV>aY(kCjC?f2TpucK=2J{17+Uqg7FYL4DyIba4Y^!;qk
z`{KB&DiNYUNi6p@<JY!Q_bN}SQC&GG;63;f@YMxc#bBfjkFc*m(kP|!n{r4~{+Zu)
zfIv!bowomb%D*1mS|Oy$+F~Ld*n?Z43#O~vpj(@5fv354jD;$qQ8R;*Eung)ZLuRs
zt#X^yO`95xI1G{IC?;!GuJpQR;!ff5y_x>wqN*A>9mmA79z=Y=`tN8E;HuhTi)oD=
zzP1Vq245rg$)54Ggza%cL_SKO`J95aq|^(FvoYVU!4J>=>mvnC!h(XGO$q(MOJ*`q
zf=MIHP4mNN{&^y?CU2!Lv(1eynQ&DFv;A%0ygy7i`fx<Xm`Lc=gZZ1)hd{0nl5(Vm
z?|$dxhJEEMz$}p!8%WbI1r7~E2emAJu%qnE0Hk5B3BN7z&ykjb^6G406BGtJ(o&d$
zc70OH*yU%sc?{pbA>YlZ%`du_)|j(!a2GtCt!`W2v$}>H$yze-*)lud1zc}m);Xej
z<eh7A5P2_RwfQRh1hhTa&mG+R&OGLJ15$%=poq^>C@gpP?$r#o#9hf<*$VQy$(178
zTahw+j`7NSzW9qy%v=&<jx+Kbto%X^GnIC*rf%ktxN-DhjY=eY{sYFy5^h%G>s1JU
zlXl5VB%_Q^sb)A8{0kQo*}Z1amop=lY8^`3T^zKm_)#5`nN~3s-24F1$cKycVXm`P
zT9J_1Liasq3-<}$q`S13vmcUDutFK78U-Dni`~y)tw>sZGKz!X#Wbn8bS4q>5x18Q
z^$RV==0dg<KYS5)c4|#@Qq$Ep2onuCjb{zU&c8stx39ykIs^l4La`^tpACPudyz?0
z;Yx=eW*yn2w~^*1k#z#J7<Jp_6n&3mn1sX3sXyC$3jV<kg0P|Xx?9*B!2t|XjRj@7
zNRNZ;2IUM+gW{$o;SV;+$lLnAvnVnF=gd#^#N9ovxFp;99-jlsd#(`WP`)z!7!g(I
zq(6(H2^4!75MZUb!iV^ugpy_qT03r>fi3;sE5@16bWZ^@pIr{9?SDK)kObVC`4R8j
z5un4pD}$#kcSP0}apq(`AzCymr?%#~LI`iYu}AwevrB~2i|2*c{!p9(kTWxeZm>Q6
zp*^fd!g0js*;!h!&EDg}wFI`Uu>XZlWfwpY77x5ooM4l`;6k7WhzL&A2m8*JzdCC=
zB)t#nL#QrA(acyG43UCbdil=vlNITsKIwA8r-lgXY6>qy)09YpoCd3bc)*4ix5w!B
z^a(=^S)b@-zPQ~1!)+kHbqv&S{sB`PzCIUJYMIVG`MWjJ1>R7<d)1N%5zs$<UV-#m
zUk32ne<}1zav@Z7L=#v1@?;Aq6N2h~OrH=wa#(F*)fi8U1bj&?ZOB9<eSoIS=GBRc
z6+vp;PSXBo0p#)D21Ok=!0bVt863xX!?2KJx<pKz=r$l;)w88cnCa&~-vcUL$7l?v
ze2GgKSQv#{(f&%8)l(MDidHqv-5%)cas5pa`iDH~)O-50z}!3gz%pb6eNU)?NG7L!
zcCYdsv;TZ|>0S_T1mR>iPF)NYp19`{nkvRRwfda0I#YBiRt0y`BiXx@DasMtX`0v&
zUk~=_%;4fQb>Q}X&eAw#ja2Y?7>}6vH%$|pz!QCUPY)gmiKz$R@%ePsD^l4bkySUC
zlA=>7`-ZhYk!g&bW&-raz-S!S)Z?ES@Q3Q|X(^OiQDOXsKB~azp(2lpqh!g)amn`0
z&;q+<8cv_-NU%V%?2teysVpj@KGqLXy=Avnb7*|q!D*4G>qu^c`%}gJm#hepw;K{d
zvfMamz#o2t+)gx75(z(#7ij2a6*7&R(O=Qja=))71d)X%P=^>-X{jm_l7%P}qWz03
zzDGtSP1pORqc4?3ITl;G2XD|{bUxAwA2`f3%fLV~blDM+j??cLHbHgZ3VT3d<N&ee
zL^KSg==u25;rl|pi6+Y3sp}HZkw^+)vu&&oMn<rS2(%&ko5jWryk(_*?LQQKPk;T8
z&?SUc2xE#HfW^wtmH0o{yd`hEGx(V;tR->{vZm|8wAV}7W#qFRg$m0r#tMj}lEW8F
zOtdZL-SW;~rLU}=n3XRJaE?(Kc|329uO(k!<?O98y*-)*#^p8#uOAIA=esK3WdF>Q
z<mw6k)(qo7n1Vp`hvI~3Z8YkumJUS*IdMo1s#2J5P-2Q3ec1bmKK7NISRq2YYkn`1
zfbf4`DFkY#7f=~$3DNmR_pGRsqU#xHu};!ag%3O!oc(MJXe>5<>=9xNEB*4FgAceX
z%k8<hjq<^v#UpKFi+$@JmC3_~FeW|aIFH>E-phnoeW*nP|C>r^4qHCjkTTv9-l8|;
zu~j}+zKB9aBp>s0&OpDR5b;T4@VIDPZxD4j(%;ioxuq{8CnoCX&}B`IMwZ2WecBI8
z>FQInQZ1TQQKLqd{RQA>!L>qck-Yvnbiw{2R}I)5AA{O^&9YyXU-stuZS75?mib1Q
zMrsmtII7u(oUmDI_HZ;}Z1#cuhT!4oL-=~B(T4lpJQ>w!n^y13-@xAbWiYU}<tyP4
ziFCM-JM9ZWdJk+I={^@a@;FiB_E&<)b~@P2@eS0Ykl~P-zxdDpq@eEMa1~Ap3!QNm
z<*TZQCwp4yEC3hdh)9~Z)jtpE+n!3yj<Y><1gjBZt_|HE=4rW}EcCOA0sl<qnSjX#
z6cQW=xM_*o{M=QW0pkyT%IkL>8LUK8i^yGO<a;p+$f?p4f1s}cYobct7?O}e6r0@F
z*?^5YvtX!ncZf$H`ZCTS0w2@6Gg0x$u|tLbjiLu22Yy>A9CMD$)Et3BaQ*pB)Nlh;
z)^TeAsWZ_bi#R_7O1;EEcs-jhP3ADMP47{cb=sFLwv|8jB$@DXwp1?<_tl)EBw{Xa
zbB;Gpz3!#-C3l!Q&bEZH3GmKkG=-_&Y@<MRDE38BGv3M!#--5ntI;p>mG%WRzl)pp
z)cIHxyzQkSyBJ`aFZ@n$<zM5tR$Zt^D@WhjlIoRc+b*Z#(zMq71M8k1cx%2YDSYo-
zY#P-4ZbT`SlwX=XW8b-UkygrG?y>Ub#r^v%+GXKM27tqn$b`N$^MeUw-Z$zPGNG{Q
zhP#he%^V6<=z9{ISvT8~VFR38ea9{;kq~eR`6zFZvg}Ez|6ugr@!=?V8@_||A(c!M
zDY0+!z{?l2DwwJblCg`!_Cd`&S?`p9RU{PoXEa2RnZbfwv!BL~{us(mF^LC^MH)dl
zxfLCNj(0FmU~usd@d`MuD^ct>w_81x@K-3%XPqsIXcGo#|7au5nk4XoknGjVz;~Tv
z@lhHUb{x>GI`G4yYuoe}O?HVmLPt!C)H#s<%XEeShpK3URc~L6U}`67Wcm&V9qGFT
zyj`_JRZ9}UWbN8fUEKq_zm?b55Lzti;Eg}Eb@q$g7VM@gfKV`3_!QoryiFqshz^PE
zs>7dmfpC=?%QDK0)ls4{!++)M6b-Tco4xrDr;`E{G0l(Q_PQwrwy4(?Y~M0>CIlDf
zPR4|Xz8~n#y@cO2a>vXwOB^|(#}pLYEd?AJ7=rBIZa8~~TiJ7iiKBmo_Qg}6UfCei
zyar{w#w>uVEvfV7*)>io;@+w-fQcC3`>MFxH)9FD>7QKLkU<$Mbaz`CY{Q~Hy~B|v
z6!^H|R`EmmY^)beO&&IqxF`}ny(1y`){M}<3F|b&0z}?IB0~Z&(9jgw-)Q11^s?w;
zPtRCcj1AT)G=f>N2GHv$u~$%0{~lOytsx*`)H1oI@vW)gM4i5{6Hh{xs~t0~R7iGc
z*t5w@n=MY)Z(MjOU0r^j9R#_2{>(%4-IQjwgy&i^Pr%z9J&?#2Iq(h@$4PMe^V^T5
zzXTisfL<C=#*@IK(lB{OiR!n-Nush2H~DS4CbZT_@4<6OZTU3hf@`bZ{yR7HK)%G(
z@?X~4?@6Rboy8lAP=+J)`hKrH6u-W#-+dE+!MD*P+S5`8jq<w=>ykk3<U`*k*XNaj
z&ts*0eThkib{tP#FZxmaWbXO_b1yU%uf39W+!g45NZ$J}l$XR_SX}lw%lX|jEm5hN
z58@omFOHw4AsUOGr(q6`IOpWT?LSvzEC&y?F5bk19!Pn<GuZz!0%QFL*J}pmej3;4
z)1NE9IO7iip?tOFuR&ZDHiq$cE^IaJVvYDA6Jm^3{~oxoC2af$Y#c{!CGf)9vMV+N
z>+N`SBcid!tM|L;IP7~|JuVX|Gqs(F)zT{-_gAz%Kk+L@{NT2;IQ}eEUyw$JZPgcy
zk6{p<4ByGH10*x~65{B;rs)}LiMrCq&|w|z#}Z0>`nON{LREcP1~7^<@yYo?IN(1Z
zcZEg}0{d6ebkU!OKX+2c^XmEc97ZrMVCi0WtQwdOlcN?4V~ERkT)MJh7l|}@KDaq#
zvlB{~^`eO5Ix@=t!LWt}pR*Hgn}OQKF>UdB%cK%dl#C}RUVcyt40JV)V&WH!N=pY<
zSD&;0{-WUiBXVZoLTUMq<Gyi)uqg4=fpG<-9rpOt(iGUeHhi|)#pT%<D`3q9>C*LN
zh*%*0yO8@YMy9FGKK$?)j+ED*>==FfnMA5L{D!7k<LLVygR%4z`#(@jD%C^Uf$#Xc
za14eZ)jN(Qrxe0Gqaw<<W+&_I8tef^EfJ2<x^oe2jyZXf=3rCzwppDM2<C_KsF^Ut
zJBDxTM0f1tF|~Kok`|h>yE9zcvAOJby({L4S{9n8PURn3KGqL>;;k2d#ofv7OD(sl
zNBVe1&bXnsm|8?xnHbZ7v37Q4zes;&_sOY1@Co8M(Md*(0wi`vFQH<kIV}w^F;Zyt
zu3TRnzp63o-mZ8@Xc~1xj~%p5kKUtBAy@WJvQ;dq5T^DRF8WlMiq6Va03oiNTKGt8
z!Cu#W9Tf5}?`-?2mF(2L;+?YLbZ2oL2z}B!T+^VO?rX!4(Mo0!$_J;Q!pp7dU?`h!
zZ**`6iTZlEI9$oB0Iz8=-FEm0)NRn2ATFKNP<`jNk}6@|_Z#~D;PqIn9@;l@3aaLH
zq++k7ws5@qeuPf$b%Y43LTB|FcZr3^-fn`7|3TI=4c@Asx+|%I$KV%Smw`3u?f%4q
z_axh0dBo*>I=<ZUquisSGFRxfg5TiN$w^iKxc{)VSjCMNMacR)>~w!4Tf)9IP;?hO
zMUhnh>td-k7eq?$m{voxRag4Z^|F(kmmLe*O2OcJ|5_!Gv$xTyJDEE8l^|!vuVNf!
zpBI?S&6_PF?3TaYc$%Bjw7<E!!!iGW-*b?)f4-{}(Whw?OTFZ{IP4;^xeRQVP)Nkr
z<*Iy&Mf@zALk9KmX`Zt3XChNRITQzJ*{x-Me2vXe{(!B{g=_Jh-By-mEga-E$|d`H
zIXAy!S6BnBO#ByD1hvGK!$=5rCTXm6gnU~<h4o4Zj&LY*LbwSKWWHF|2D~nnO#h5p
zIn9d93CO7KB)V|0h*`UyZ5^;7RQOBv5W~z4F>%8W$x&GTseM!n+)pdxc@opffvYQ|
zr+eBgY(7ipU{Cm9Au7Oy9LrVey*=R^v!zZF+l<$xqffBOy~B4B0!2q#2*RVieeRsf
zFjXfyXeNQT=Eztz&3zfLTcvi-RYlKLH#d3D*UwML>9W=LKtQ_J;L`~MI%%N1q*!2G
z@50Sv51Iist0{q#*h|7h0%=A+4tis<c>4S?LdIK>!;(%@MT#@w8?;g-BOEM=t-tn!
zLKrcU+e_Xk-24Dc027~-jX&CeRzIQoNH6`K(#d^^!uu0Jom~6EF>hLU2KIUp;ZcTA
zqcgxM+X!V!;(6acY*Lfy7LVk{HPh}bJFJhgj0-V+G}8S1@htEHxG#DZ>iW`FER)K0
zzR_y|5&08-BWuZ%-#XHPw=m4B;_J4xY*WPW8Q1r@`=wjiruWZUysQ(;Wmv)<P0CeC
z2!!Fw0AaBSBsfc}R@Ls)@yjazLL0LJ*Xpac#OwNW>T9PdIYJ7m`h&)bug~!aL4P4X
z>mRX@y*p0QT1h8ouzm&~pkNi}!>Vf6$TDY~ZP?Dwj3HlDiH>03X-*86Icz5PDhg)~
zoF^hQadWycR3|tUhp3>s)ykvaWr$c`LsGY8j)Xv?jg){*=a$3HAz+Y$ZHjQ&!5@6o
zX*T0}6YsUAJUOr5qBpLJ*OVUE=W}Sez?;X-pzASJssJ)#azZp%&m2|x9_cOi<fg~_
zc2#T8?qN7v0c*IO-m)WH!I)AaA746L+SObj$K-uV!K`xUk0d!3(iM4g;msW3I9jC<
zhE5jgzi~YPUIl89wUOFHlEX<hKS^3c3CSbYGC)A2%x)wJyAB?%7=0mgFPO`RuT!nb
z*Y^Bc(D-=b8Bi2g8!wJfVu<u|zuxSKFgN&S_-^)^AiP-rKL5ys_b{;G3rAA$t3{nL
z*UBw;x~jcJyxV=WXyu*6B*}>yh5(hMNk5tEUc7T)#f2~6x{`V)$-!5BEPy0aK*x%T
z%l&<y1QV3K_Dwc#9v!~x(hN@vIeJ3AE-X9qkg>c-3O|x*c^>I-+82;JKKg;#2S(Rb
z97t)7vE1DE^orxOTLrVRc~tM2<L%(6Quu$harzxMjcH}qlkae^$OGF7=-j#++R4^8
zz)1RGaCZ~AETHGf(5dWUH81d-tUlYc##euM@6(Bn#oYX^NrFFRkA1xMkgMIzd~5S|
zvc0*|&)w)o9psh~E{eBD9U`7sw_*|KTe(Va!`az3iwb8d@*<_Wh($Hm6`p$*W*|hV
z>@`Z=pl2deIgPJx<=-s{-57vfv2c;Mi32MQ4O@I_4*tzISfHFkG9C#gOJ_8+iEYMo
zZ<@WAFVLm-GLtXfXlF^k0Vm>YG_5wk|LV>Zi$|mS=BE>}V@U*+^~Hpk1q=q4d+ME+
zV(AE_tw>5Il4;ZrQn|G+pdbQt3ai9df-(;Yu9CZKI&tRW<)NO~-GCyUF=kGh4T)0#
zDCk!k(mx<39g@f&tNfB$U_;a>5Z?(NmV?Vup^%%JU{aE>`C#eLi<K_1;ZJ9;>7R52
z8J9>pkGQH+gmQ@{BtFL#9qJdw^zDVk_l&deSJ%;!6Qh{qiHb#h-dRcRve!=V)}JC8
z^RS~aETv+T0N@ipgh!?>T}mEoIl%kuK_m<bi6xfYs2g@fFLdC*cQprad}%;Rqn<s`
zCxSjNuve>B+f&KdGXXkQwn#*4xpIIE;C?snK=!$k=wK@SS&?BmT=*Qu8ryoA3^M8_
z2rYSXRcn;1Q)t-+dxu~x!#dEnnH2Kw#a#?Ev8n$y;1BV_U*<-MSr0g9YviS0%V7Gu
zwfJ>G?hq_tT;$+4P|**=cox7?>D%fJ@xlnLJqkMLk3_aG`DQF?c%eZ#qSTM(X1C_w
zAEvBu@)jcPwK^rw@Wk|Fu=lPY9$lK6PdH2Y7t}@C28wjA()WToN!L*WLPcJ%!UF6x
z$Sx&h%K1+cZ^u$tOL5DD;*f0uXbD-x|1Mi*4)4$ocj4||yDIpfuuQhj9i6q8=ARK+
zr0ktr>(|IS2u+z*_P7af*-23F*nYFMkZsx4Tg(xbZsu=9)LJxqxLLMbGID7Xe0op3
zjOfzlbm5pRop5KhH3E<bK9^5&RfKE5YLXI|+8#mTm3wrZF>ARQ0UD3heUEFy9%^R}
z?>4i|w|z<TRo?m%eN#d%`C=}*r)aG`OC6;k>XE2SlO!!00OBAT&dL=@NkX<Y=b^|q
z15E~Ke}tVM4TTfxJ7eBL<c!uMq3!kO1;DlT<Nv7uV1^zHJK^9WZ=M8J0R{H>q+EO#
z)W{R7BA;(6PR&Cz@qwywyhJIt60lL($;}WV3+XD5T;H<9>?0+dH^|(sB2Mc|8}iI}
zdAyz#Ya5uU7TWs7Gqx@5`ONqfIc{je>F6J7Zbq&Jn_M7m#CaaHf(4kURJMAFljt@u
z{4(VLES|=r8XE+nv7B9DdUMWdr8mvORS+i6WY{N?m&EmV@66pe1QOltPvNrd%c`^0
zKk&|&xW|Uc+AJT>0*8!cNzRAU6*(Sbf=VuK7nPGOG$BnB1?Snv$UK(?Pj(eg6ldcr
z6iScFMoJ&Kl`gaC{J%&nA0O-*m}NMhIlPYtk}YuHSnjUJJT`BqAofJ~))5{YU_$f8
zkR|L~9&x<1lT6FUkKIny4vODgK3{KGv!@}xPC=*-0PPSDzgQF@bU?8k<)?UiorQU4
z<kR-^#kw>ux6&%xOq`!~U&Y`e*QPL`!>`WVe=J~>Aw+$^HS}UZcL^T%*5@N-0BVLp
zwNzM_&6jd1Af;`NtI^=@4sT`ra3J%b$t+<evw^X`;I#d*{X2p>7~XaNiH%3Pp-5s;
z!asAwum3diwT5(U8`F!FN(Wx(Y?WJzo<6_bw_B|f$4G9WtT<gHE$5&wL&B$)9VNJ5
zvTqD`H{BTxb<-1=L9F@<zGRe;01jd_%-a%gVX9tXLWxtw|L905z91<)oTSkROwMqy
zSTF|5bLc5PJi9&f%TN@4VMIC(*T-~1DVo*w>x)8IHLu?}^qs-n=aZ;zYqYO&El62p
z3MHv`JqY>agFScCtZ3bG^I>{uQrhHl@paVNRAa-c7NXa~Fql>cK=7?aY9NCNZ;JpE
zw<o$c4`a8#)_%EBhph7LC55jRWF+0&ZXe!bk3hqd|JJM-A#D~UEXg8<ZytUFnNs9q
zCK=3RYo2LC#dtXLK-J-Trd63M(&QS#bt=KJnhC#|*|J&GvH4{^BU7NU*d&ka5QN|9
zo`F7F!~!RPQ16sRUSJl^_AyeBhW?|dz0budZ^UPDc7%7eNW7oFd?gez{8hZg^vZDw
z6*fo&cO<9h>>DEPH`+3ZufrK=t8aP!8Z78A$VlQvjCbH+QGFbQ87qJl(0DD3=W6PN
z4uLa`CvdfO98k<+-gL5559=d8-4yiW4&c{I^CgmLemV)?BP=&09`dgvC)^4*X<I-;
zwwHh|XGlxaIM>X^cD^i7Y~c@iPH%EPj9Ta(b9@eVf*LP*5v@|MfX?v+MWG}_vta;P
zEN5Q8w3(eIs6Uzrtv`-z42SSw+3THDXl$%jUDmf5wtEOD_64VA$>8A7`00R8k3h??
zb-IeT|2oNa`|TFMt$VniWm%ug(|jkpQ94=p-F@*{y*avt-YcH1Rq1hPV|!#X^pIe?
z%X5CAh*ZR(w7C>T@TfjrbiPk=P4_rl7a)HwV=}I*P?c!w`dKiLY_C6X?<uM)EQCsT
z1F!f~{w0#V6uOR57R^h0XtQH4u+=Aw<t&SB8=ImVs!vCABG$&>?V)S<cCQ|iYKXNn
zDLZ}9(DaI~zS^1DMdu9Cyp=R~JVqjE=rs7b;5s*;>BEmS)!6Fb>6we^b7e};#oYSZ
zZ5zt3{cK}``;FS)0bS0PIK~^rCm5cup`rq%pz6z0l<lr%E1=PHcSrW?IIz*3rbQWc
zJWH!CmuKbR8}NY<KUnYt&X)R~Tx=@*sL#PuC1PI3&5l!}?Q*F0I!l`6@*_hoaa)30
z)vNardNTaNA1<2nJTmM1t((goV|BUDpd57`GzI{#^RV-;;6SWh(iGnFiujb<-Q%0>
zP3cD7M-RRw=j4u~2<v9<8i4xLpNRI1^VPV*s%BvDvhc?>Y>J5XXd1Z=EuJdpZ_Mf_
zQUo9R^~^qfH6hv!{2oyvIc4}&dn~Gia=-l5Qh)QhO;2&A!UUQsn?+0WqQ{H+4;zrC
z4TW!b{9TiVQJ)tqWciQ9hwt}FTKw4ryp_Ez@)Q<wi`{8-FC~PjKjH(<%}hq}bDTX-
zy;b{rO-rIyM{qpF0%_?NN}Cle@%)v0@(!i$_5u^^(xW{+vVE+i2!(8;xqR25hu<mR
zPXCDAi<nY+M3cFcD9V3&nR`c`uor<^sJp1CDx?<}{35%Q0VB>vXrjy5K45fdq*Ymv
z#!`>gH>X%7>5`4SP_Q1Lnv76!k`%0r+v}mjJ;J{JdC>KUF;Hv3lxlvgUsl8aezi(-
zpPH!<k5Vl}Y!)x}eYEGo=82ZrX54%F&8Lc~hAB__!t&Zl+vZ#{IUdVGkESCEUcW-!
zbnNOKTQx>td-4JO>__F;klR&<Vthq1zhDxh)Rl~g{FcI&hZUIr)KZ24DUhgmbAvn~
zCPLNr3~jJa;w9p93xISl`B>M<8<l=^v|)4o)OwyeI$j%mT+fv1M_Ow5kv*#wO87i7
zn(rD$aT<Tfk;Z-dW#wZ=l}`?0T#c&P6nFT{(@v6wpz17T>bgb^Nzsb+_6%~^xtub8
z(zg<VmPL-dG175>B%Ijvn2E_f30DwtDAj7Jo@v4?ZD)L--^!NhOG&UZld(^Bz1|~X
zGY8b}*g;=GMzh|fI^2rVMQlB~f-?{I12@#AhkFa8V7k|*vYyGi*IIVidAXm)>AbD%
ziJC}?bFRq~mLgPt-lNGJOE5Q)kX|(VBnM`}y$s9t+aL=D0_*L~SdnIU$r6^}a**ha
z%c`oSD#JgD9!pGryDsl%+zp%>yZ->Q9=?+nf4E~L+asAEC%x1(zffp4;Ya&;I|S!m
z>Ze1vBPc7vppnLP0&~2?Q9E4QScFg+s*LmluU$CdhT+<>$(r3c<1W?y2i)Z3!33+-
zJFDC`ywo~l07l)t>Lq2xmbg5`eMIK5IkI`t_oL&Sa9TK)Q5g}GnY{v^ByMx%_xvi?
zK@}qNgK0B~nvrr5BVJ1BoAQsQU~sa4F%nn!Oc1;i=cwW~f=>23pSuwjA%U9*#w~W=
zWT7|1Am&k$k_KVa;wE9#Hno>oDrzsuZvKy`tB$Ap>*LeiIn(W$n(3PE?ilxqVN6^-
z<Ey*d)WmcS!*ov@rpI(M)BW7p^Rxf<vM=X+`u&M>4!Ss^2~9{0z>0{RKpPfIJrOCA
z6IYCz2)o5gv+^wX7ZJSLY?}tMqG8GN9UNKMZ`l~rw80#cn2~4TqmoAvLfOmnER9i(
zqMmiZJXKpb#N~u09h2-QX(SV7yhq=+e2~ZC*qc>FQS9a;+XgGVz3=wkT&`RJukOyz
z53{z;>{~qVMut>@1F@T<0;+|(bE46{Qj8MHvX4V_DZDU&t>Y=B$#TA-q^W6ul!lms
zP_f*_>kFCHFZ7hwQ9PLt#@GMpT3>|K(dPRafj_!7XfR7&@-se0F<s2lpn3$mXpj+m
zdD<A4_~LbK35%rt!d5hl=`GuOXLFm|3P7I0<yHvph;~8Wh|ukTgTUOrYu;hX+!S<X
zd_(m|OV|J}(cC<?(~M>xRQxTfuJl9?b~eq?+ICo?R7E4Q73}kr0p$M_hr2Gies}Y|
z5ie{bb|wQBW<<is6qH$`Vh$NIM3v_j+A5Nmsw)UPiIHL7Z782d4zdEt>=#9>#|-Pi
z<0>i`!+p?T)+fp(9pL`Ng!kr{idnfW6jQ+jEkxbxl(TaBBnH9;16rzCVlEe;{8=qq
zCxJmNRfYkXe%$!v!fLi0l{&dNceHPZJ;C99uF0KBJP+RHi!deE_d}l4*QK8@jG{iH
zI0@+ZE+<eS0FR3{Wlom%^9s)S-rD4{yw8YwYgn|&(8{w{0o|{7wF4~;!XGsLt!Dj|
z=GL{<EW3_%qE@|n39jb#^m44^mA7Ej$a_x}$I&7u_F55jiC&e>U`z_3ZX1uyt$3!O
zXx+oneADoyNOP`htxu%hAuftqg$g--+W5wd0^c?SI{`0^k|nd0;D0RajCS8Ve@1zE
zP&YzGQG}?t6~()Jz?-*5VX&_=XkUdhHR<8WHyE*Y-shHe;-}ZVI`aDWb=q?ypo!~;
z;<@2CMYU+%?52h}&f@eHTnOf^4=+Va0Y$}HV!O^q8H3k?DY{W2)6S&*>A~Wg+IRq(
zUfY_HL4s6NgWoD87L)_zv^}dk%%ue9KZcz2OmEiUW9pU+p~Jh!ND(R6MXMQ`UB>L^
zqI0);_J_PLG8+-k-=w#;0%tONscD;~g2WJ2cm4UP8jxeqg5pY)`>5xktE_nGCQ1!t
zg#R^LJNjo3&zOd6JEF~QXOx74+CIQt_p~^s(BWkO2>-cdhvr2SdZ3?7DAf!F(#nSi
z1z#`3!zMEc@~4gJ=)e*aiTP}ZVS{PTmS>bja!%1o#px49vLX4R;g%pc_|+LFB857i
zH4hoL`~vul5b?413&Z1xg2|j{aES&T+X-QWXb<NlDcxo+6&G<L(4zR88MMkwv=I;-
zD%(U~kpkA%3po9n!4)Cu_rQSynN72Ik1s>q(Tfl>$V?-BngSBW6*&uv0*pwv+<u-Z
zX9aw)&X|j~-&OHtZoqLDYUi0SaK^FKdY$)C#`jw@DdYzwO>^HK8c*)}>t`YkUKMB8
z)FibQRYHJ^?1d)k%#OE6v*2V-VxmP8d+X&hP8=KC-NXq3aVg<C($X}C_XN>z?d1LG
z&C$RwNe2-g%xx#Ct?3;0brrh?+Uu94crh-q&>PHZiqDbA4rU=3GoK5twzhg41{BJt
z$ho9YfVVsI@58??AiXG^LaF&Nf|+CkpgphDE{aV$h2!)k?nE?*z_kk8;7&q83UwzX
zFwjDhXZ}ck9MJ3k>;vS{(=9MO)&p82=c6569zcEG<tWEcxKb(8bYt#DuFy18ZJT}?
z{VfA!{^$B28ES^;SExi$YC+>AxxNIG9|eDy>?aAq({|hG<KC1L?r~u6ta?(FE!2zp
zXJJ#4FZ`24GV3Bb2r?+>aUm(>gCA{_A3eI<U}ub4D<;~RL<7HbGd(5(arkH^15eOn
z<_90`v>M_Y#$omWSC%%hDUpC=VRk4)go^Ao2I^&=$kmdYue8@r?cbUSRe%1&5%pW2
z_N&uL7IVoVfT;a9*YRADP{x@IoSS(15K7I*5lnZREvkFA%wpsNrYX0fc$WpH-m%=-
zW9tp+YV46cH)^+r_%eP@I>dyezrdF$4_w*h$pMxJHmSOd<rqe0Fg!)gIr8Q!fd+ep
z&dp)i;d{p*AlWAAi&xp$t5am|B0^x7(eGCxj+JL7*EfSgWLs^R#xVN9T0%2Q0WWxJ
zF#ACpP?x0h1T|v!0NGM{ZT$v|UESxueYwzsUcazLP<;IKP1)F>6kQ=>3udvnQh?U)
z^w7!;Nk)nOH>z)w_=Vna&rr1v+-9p*X{U#;t5G@U#2zM8h#vb!<yL5a;t>Jpo*N=Y
zHOn7ZD!(_drI^I8=r(A}hdGLEZc-brxFJi_Nm?e)SfkLQ-Eh!0iDlKXzJ6>+B>zz7
zG?Bnh*f((hDWhgq72aeAd#6F>*<+nPZc)iBoO4W8HyaVKP{!U^uv%6+X4536m3=qW
zdku5tYRx*M*_E9+z|6`1WU}TlfjxvRAeiGbF(sTKOa-#bl)8xxANQG-6qyUqd^O8z
ze9FXrVk8m%j5ah4QK}wx_(uJrs?whO87bw%4!8{?f8x1fxg(aW!Yg3DLHWb_7;b?y
z#9ASf&QXH))`9Oy3LKE%W<OGmh;P1!=l{s!2K2BpYlJWvr7LA<b4d)t!+n$$BWosJ
zak6*dGOqS-V7RzhMFo%B@nK`P4SW(Xf1~+b=)`1O)qC+P&lwem%VvS1_fg^|9s1MI
ztpG1X`F0ipsL!kHUuY*cFQTUWVw<9m4S!XBD&PQf5+ghy`5%3#;gG2|(@F(^eM^Nn
zhwD7of`o?9fVaQEdgM*PqkT_-XFKC))iqjoq6?KCKl<$Br|0~uI8zeZXG2ezZ5$t0
zTK_RxW={4_T*g<@(X^g^CQ|m+1cj@Op9Ov_lAjyTZ?-P;tt?3Vu-2(&A2(Af84b)o
zDFlVBJM(*Y&L!O)j%4u9Q-}erqdflEYf6u0yVsqC4L_$uZx-Nd8-JCeVib<eP+E#N
z>he4HG6xeM^<y_ZOCf~+Pu$fiucXkcY+@wz7?PczVbIXj7*Rcv=l`8%@J?rm_T*wi
zT;=4un}iFWWZgGay(neRO;5s{YV5=q`^6DTkv$D!e+gSQW<=mmKp0y<L=GgyMCU>z
zT;@6hF>c(*8~1<bi8PC=REYW+xFHRiE#ufVY{x_n{HOC8bZQ|l5ePd#4P6=-`ZT5K
zeWP4rhr3vLu%}KflcUw2lrojUUJZV4VD+-t_Hz;)d|DFBwM2uXLe!^aQESHwx>T4U
z<-h>y8ZD#8Q|3PH%JD)lh^Fj^ENAUMNr{rF3+<9kVC(cTh<41vff215Xrv~lxkeVO
zY79{s9V(H*#0KF@f3-$}GpG}c8B9Z}lCmoJk{d6gF#uVcHaJIb_=r|V1}|D)YgWJk
z*^K`ouEFMy@q#+beV4$AMy52S6r*YZ3EVT}28R`zW$-K5Xi?wgjst2RS3EN*bdh!&
zS;Oy9LNdV#C!HJnc~i=una1|<^|V1T@_n2^_Aeqs*5tv=eyt#o%c>ZSC#Ktb8^|GB
zA{@)Uf)@!Qt_+xy6n&Ob{LfzeBMSjCSFB>>l2v?vwmh3rs7O@4*?}7<U53>;XsX9!
zPOA(%=kSypz>U7Jy|S%Snb|fYB`Ub&)vmfVblgohY-sv~0+@5^`q$z;>6z@{0guB%
ztjlA}DNfRI2&xf5*oRVy$&G8q8YR;Xe_>h=fNn~=oqw0ze~Ij`>jq%>+Gz&095Ur&
zQ>no2I3w{D88{|qCJJ6LBMg^sTBEUB;MDt(GH`Z@?3LYN$s+S%UyJno3(E*svdL!R
zbXD2eHsf`SJsIgXSP<prQCqehTRH;oACy7R;Sd#T%P94eoT58LmH|z_D8?=cS0_o}
zaK2van_Yc~PXj$Bu;KF%<<Vpvup5!n{k5T?Xe1JX=eb$%g7dqS#BaO+Ep^7?_d?5h
z37-dz7Fi;+z8t(;tE3{^WAwiuFU_8IuS*(%yVtMpV9{PV-V&O3Q6Wy0D8kfsg|4EY
zb^LW1BD9<OL4-P7TDVf=BY_7E0AAOccWuy5{d9s+Ur9EL-S!%`u0a`pL5$!=qy`gz
z!3<m8t&X%<|K4RguEfv$vJ^c`8|o&ptkQ1hwm*n&lU=i_`=!jMdK-}byf&ve(n;tO
zHHE_DMtVziIs6eEM8%Fm%-xM`w1};Lq&CW=s6erlP)dMRd^ff(=SrykhRS=C4Kb?a
z**6H)eADr<u`K!n3xD-mh|@FPz0$2RATm_0qZpqaq!_KX-yJ{%krp1o($n}we+GBZ
zriA_gwmmGn^600)8ZeR$hb0)1SPMozPy8}XGI8rnFW+t0K{?!rAzNq>t`<TEUa5|r
z`4DUM8EhlotFf_PQT!@E<>Ht3`LV*QH*9w)XY*~06=4}+HStN?9xrbK`L?R2@IG$z
z&R({V^I9idjoqokZj0{ZR(q1^de>Qx`ml`)ARwH6s!jUOHtr;h5LuHcqd-ayB~Trf
z_>qd;;-MivdtgC;Bgl)aykcf?Nc9P&C)O3QB782L9!3?HE1MWRFB{A|dBd&C;v?cW
z*tLRt4Lt;o(M+aMsFkDF<{Ls%skvCSsM_c{>JMV27F{CnU8cS*ptQZic-X`V99;`T
z1M;GuHdLOfGRD5W->dXYl8_~Xs9JrHlmj?Bfz&IO+MNh-?03Z;UzN!=;O~)393MRL
z4i+FO<w;qbg0kOR)rrtx13l+P9IX0$#=6uCr6&>%|L*lpMGqH*t(l;mzM8=0=^BT)
zZuHMZs?rU^mfnCZ9hyaqT-e?p**lS6c83@=p}N@OVZ(=`R1biodj_kM9R6yr2e^a5
z7cCi)#wdW<3jYF$#jh!$T7!ehgIu>OT8cSGIHoyGgys!A0sDgjzskg0iZk+eXovY>
zVGJ~q(sbjPOi1FAj&{lLukFs4Wk(scCz8!Ot($Hxxn6nLn^YC1GcS=4*ftw|!pCZX
z7Z}rp6LN|-hzM+Gm^JjIqY@?5n9F|daFM8N7(|j2(P+`l#rVd?UuZZ<+h6?S>xDI9
z4gJ(3gFnI@m-v9hntal`p&GTlaI7hEBJ$BhXv+gd&RSpdedDF(QW^S>lH0Xj$NAk`
zf;gM5;4eD}E2_xC;2>1sh+~=+;y-V2i)3p6!(RCT7s-h0CinpWi`P;T<S_x!*O)@J
zAo@cif%QN~6@ejba>+&($Su+X;!_e>Hi@(O#Q}?hDNvd_zr^wUc^<cuY)_?k<trqj
z#^?zyXN+3moHvaoR-7rX+usL2wq={U*DMYHcEC0~))rZEI!OWBSv#S=YXCu)A>=8V
zuA@~>m?I^39VS0#c)$$t1J3214tXPA-v0Sdz^Dwg#n9Q$*i49b&%%pyi$WjMdSWtj
z1CIcj9_MT=Mbi2U<VZ->xW<6nZ_@g1+mqL_7bJ7dEXNF!c70fHcd-Cya$tk*1^ut4
zfKmQaR91YI-%U9aM=2ZVp6O|b>sAlS)HONiwQ4odTJf330L{*(iNe(|cWvRlZT?;)
zOacK#j}O4_ars-n-qD@-lJ7Jpc4dk<+rFz2q2|q1EI$;UFP@Ma5C+Q6i#A5a#<`%3
zB3`d>4~5-;fpo$#fdHKvYBV!;wBoih{QYFwItgo7(wqu@z_&^ZUzK#*UX3cSbB#Z<
zMP_rWN;S_~Fw6D|Gp%*IAP?sC{57GbI8M10w}XlF={YRTWsdnMpvWr;d5Xnmwv`jo
zC2x#Jmc+g^k0no|r`=`zv}yE9F*lJR76AMF|K(@QwP;Kiq$K3BReVV{GwVv|@WIuO
z)}5CF_P5YQbRIZ-;G%=vT=KTc`|ylZwb60ErPXU?`Ui3c?`F8@%ICxytUp95{y-k%
zwd`BxjW9YC7W?Ta?v9HX5SEU=e*vvxl2W^nSEEmK3AF@${(?oX3uXcCYoQHnqz!xM
ztLO%O40eVx<sa6LDZ|iRtV|iVFyCu?rBr?|5OwV|r_-b$-0gBiESru*dd6xsmuZ5#
zy}UCI`!@`(v&ZPe2zH}U3eoM(>@`#HV?JF|7#NZthRW0*sO!i~u$kEi+G<vPe@RUM
z|Npe%rSmFK&dNz+#UR&$(u5aNt43_$EpjmAwl$a5Tc%L^OXr)XTb9eyOTM$S#hX%6
zb(bfudYf}>NTxJaX`G5>U9focr>4Myive3(kw#B0HaUVsl*wonDck7QP(o3q=~;!}
zCpDT+W#6QfyLA+O^-%v-7`YV#=@ehWVTc2);%v1MXyOAItwFD4O`1Cwy|1~PM0pBw
z!+@Lor+w?A_GeEvzf4|{&T4}=W^fiiid`?}(%96yme;j)U1(LjiCR94IN*8|zy^CG
zPd~T7wM!J`r<@Uqk);$a7uT2uonJ_w{^dwG-=%Hkw~^kJ=3UJzF=Hpv76y)t{J>5i
zYIZ<ahPv#${OS{y*0H8~Y;t{wB0k3Z617(}OX}?*=*{M)1JhU3G3CAw&{ve1>_lAm
zgUzTy=Ez`p9o)8G4D|7r-RHr#SyDKtyHXe`QR45B-=OfuRhYlNXVI*$kJ6C-r^r=Q
zO@fUk<`rR@z@1<yy{ZDx(K*KCttaDwH%86k+sE~FqU`~XgfGX2m$yxPNc=!|@$3UK
z+mz*!*U_QjMrLx^g-T0Ir>oPV^U12YafamTO^>QB$*KS43_^iU#{wLApzbqHhg=vI
z<H7sdmj3ZBPyKv)_x+-j5M>a~GOS2+`<h*GkIdM60C2lj3pqWV8dtoSR{5y+bB|=5
zTH1td!?AD0D25(w4PD@nc?m9;{%Jft`)}$)_{9Y@A55I5{}u6F;B6<+jC_~GSsTpn
ztRHtewdZbxul9IcNxo%V&fJx7DM&B8BKW}%m$rbx>%s3M&5io|!<(+4*+gob`5KtD
z0G?>Ls{)Fjvx(t6-nI54X@>GaxADos!|2O5`m%XPL@0x3qM?lgFJe%V{_7LLF6K9K
zMT$Xz8EP^cg2yP73}u8Ye&y`upjQWzh3Atfx_!Y<JasILl?)?>3?KO4z!56%+x#od
zAH^vek}Xm$I=S<Lm&z|SdoI|3xE`}pUd@tn(-7xF7agR>v~+B>ps%<Y3~AbU`~|3C
z)GYWiIl@!zRbCw(0R$tt4QS`D>OiO)4`M3PZpKSrd5JLG4r+hZZAJGe%XDqQO}hH3
zRPLxbCcJ;LVKHN0&WjYvj4ty0^zf55xLf^tjO50XwV4P?3@~h1{}!^%0;w8u9g<v{
zj%v*qDsKBkDn!<d>cgC1b;NO&>c&w1*LATqlSa|6mRq}gCj0_D#zBqRtAQY7RhCtB
z0rSLk@)G~NJh1PEhj;4SS*maf+rLDu1>8mKF$E5<REY6ntie*#^`TW(W$LkvUi^9x
z2-LV2_z$`;d1n&s+-&Dq53CE@Q}!2o$ZmQ!la%cmU3MQIoEYOQo++~wj1CE06*rIj
zIMN@}JratneU5)0x`nV(WPXFm`XsIL>X#EY!c*$euu#i#d^kaDo5}O4=wfH+o`nuD
z&*R4#iKy_mVBtqc*4Ky}8K4dL={wMb1|&*8od)>sTr{5O6U#PJ&eLDre8blL32*jn
zkSe<ZW!8qx8}T00d$ym)qO8bL`cd@-TFW_!(KMvj;gLD0Kvg+45S0k!ai!I5d!vO(
z#UAMA_Kf^RcR+TIr_+aop;<!_(>*FX!p8fO%bR?U0tA?SOqG8!p7n{D(fax6R*mAk
zhoj6>nPOX7aI+$Akt6XVukPJZXFiZSbbR5k^PK%LR_i{357xIhip+u9YA0Ls&io<u
z;EA`CCg01>BM)4Eurht$_}-9DgyJwgcyon2{KJg4k#2G0=B?X7$dj2Z@~iGf@7<w`
zvy)$<w?9aLA5Ii=1G-SJivEwOEnD0d1eo3CoojdbR4p@+jgDXP0mnpI-P;B!b+@KH
zA-NOog<}0ZFQ?6MU(t{s4Mko?Wui~7H>ZEhq(^Pv3f_%hzr50QG~XyGveDN<0TFI+
zL|x~QzshoT3qsMt&sm=6AJK6}O3rd@9dMtWdUJ;Yco@u7Zju3f+8S44Hb<sLQ?)`B
zPh=(GsouCx<ND!j>f*{MHP_;%qewa|fKZ41Y4~x1V8`hEFwm#4a#Pf1Y6ogDu+R!1
zv{&c+xK+$_9G~nDJvk9k9%>z4*QkC+<#6qg#1BGb7&QE)^NqbO{SJI*zB`y6#6a}W
z+q-WD>w!J)u3iBQUmc<u5iUJQ(<B!u(@o2e*4t$M1Q;>Wlp`>BSkgy;?5lLRqS^A*
zM+J*i!hk*t3>G@>i~h1IG+21KYHuTFzHeZ0Uq$)|9FVn<!_s!m(!fFT+f7UOiITje
zvo~Vd^;31AW8#GODAOW{)qtIzQ0C*#$qu{w>M-nS-bN1^TiT~)dg;0?B)aq<3>oJ5
zTS(?F`N0moDAQ2#rBeAbrEVR9_AZkDuSF0U!f`;>MWTcD8LKkpyrUluvN4hzHnCf|
zXf&`EQTzBHugFJX^hOltRcj@&h}p;5X_DzbNTCeT%mko}@bW-Cl|G^#L8vWKmb7L7
zp?s7|phUya2^3YFr~X9c;K6x{^uSFWGKk3nPbEhwzO!IG?o~&BDt%?A3*7~qZE)K(
z*~nzc)5AvSsC#?Hk;*3b>jqdKeRU;dwv}~9y?Bh>jch$LgP(7>swIovbk8o}kZTvn
zh~c)hXOlwylj&$EcHpLxbS8CCm-;k3RRwi4=fr7BCF2`^p+s|EMhX1D#kS`jf+DH+
z5B>My1+2Y9=;#26vo*xDb@W>+@(#OQGkdQ9{9;WPj&TVUj_=30>{Wt)_loTYD;FLu
z#j|^m>zF6jkK25XI(q^LJvtJ8GcsW<r<wKmZ1S1jUoku$1V8S3^(>$r6ef&W7=m^}
zn+=sp2neO8hTzJzE8-^yy2iI-5<g^FskU8Un2)QhR8Wg&L#(WX&YBwqs=nVNNUmKd
ziE3FGICwQ>?}#Iu`))uqvu1Pu{mP10o_B#cCLllSg{-NiXH$juhD{pjo(t9Ogo&}X
zuOyj4j8YwRfy!&I<BE7G<7t1RM$#>Lu%FSAkbVP)q5qcwC=abiGlTBP2#H`GCXLcc
z=us<VO?09$*Eqf1Uz1Awas)@L^>(R%ZyOg9rL{%Qw!#-vJ#<-a*S)Y^2Uy25dP^?i
z&l(?3X=sE0gly;cMbpdA>28uWwO2yJ-%ZHtlyU>%(E6#fzyP9CQ(uG7-(7T7%uop=
z3;Gcv8|?%~{R_Xfw)H|B0-XoJOsYnpvfhye!1ly&(<RZ54jf<8Yq6^wq(SnCG<PqQ
zlT=*a+9^o^dnWZah#FNiFbAJpa_x90SFW{pgMz6CvG<Lbx-}R?zfX&rQ6uy(P!(O)
zjJsUZ&RcXoG+HeZZdX{oO}u5V>{*Xq-gEf*yjAO+$G4*l(~CU>=-@Q#O2LX{B8hl{
z^=T;8zSP-oj7IL~t~y_vIF-zq7_Xj_A^ABplmpa838f!uaK-J!UY|e={<RmrRO6Mc
zoA~Q=f*SIK4CP88YZGM(N6LI3lq}QcgvH{0^`F-){Zx9z7LNQUFpP<!zWVkK_T<ku
zloRRJu7gu=lneqdbzO4|oE_?BRAPcs=CEg>1o*4!<@pln^d6h|u~!{=LUq6yEoZ_%
zXVv@_wg0FBZVi%XG#36e;CBr46!qOqx~S#>Us&x%qwzB81<+E_Q1AB1Q@tv;@d&A^
z?j1iRE6-WJr4dLhzZu7`GYC=<ITSRBuX&%f?}dU*`(-N&@AgAQbF$QFmiu+Tq1{N`
z`u9jnt#)M+0F>H97<#F)v0ft+!QZ$Z^1Pi;navac%Nes|H7?VNMkFZlDs7=m1iKw2
z?aEpYHN(te>R_WVJ#8a1pS*wzYJ5yFVsitT{>Diq(>bb(U@2_#jk8kyPmP$HlWd*t
zdJ2$GQ2zPai0&>3c((+P;*lDY=-7^*1teJPpFC!X<5yUPX9|n+(`00>G(qUJ{ijGY
z5n$dsGR`M3MWTQ;^RZyX9QFRgi5#!j=eNk0@)RkBn#mXJc4c6M-}A6n#q;M!Ne~+S
zYh#|=gM&r{Qs@!n>yRupA2Isk8A7(in~m+!E~d~D354K85^VrhY6c6{T`p+Z@{nLQ
z`2Ov<b5Ef{VPa^2iNUly@WT_G;Wh!W){957Q~PM?BzJN`M6}DwNv>@%=qqomuEcT5
zKF-|-ifx({yCcY#A=ypd@|4sLj?j?6il|FTTA)jAkhR}zU;Am5i52XFe`*E@KhK%F
zwi$f`OW)nCXnqDIj#IupD{pYI3ntY?H%LR2^Yu}qk{PWmFjZWrMJ1d516sWh=&VFL
zQoZnBI=$A0YE}n*A0N9r2^`lDIJ%bpI%6)Rb@p;DecxVddm_z~NNGFm5dBm|g+(ib
zg@8jVX;BRK@Tz&XX{uGUxC#(jgNnu_Es{U+QgA+#xa%oFxfq`__B?}rc|>w`wL-<A
zB+hU<Rv6*Z))-arvs3uuMDmX9$*t4xFldLZ$AI_EO}Xtv*fldyVTYZ|DAv-vM`E&Y
z9GUS>sWY09YItR&rHO}6Rje=ji>}MX?~mi;!&xV`UJgqLKFt_A72d#~DW%!;^M2l4
zFR9jAd1EM9FCHXORa=TuwOn91hOp%)BxO8=$rU^kye0QfJ;!97^8hSCe3*K&d(lvb
zie08+JO{->kFKb^s9y^R#9=3y2nt>BdyUrkn<$B1+Vsi(?KAFiURdSb?a$pc+TY!&
zF9K2TY;yf%JeG@oy|z<gwt#*ymcc_4CPvMw?ug!9dijpDAL$|QYVkr`yPWcYRw=M=
z&5=MG^cw0me&&D*d=@lxgoZrJb1JPLIXF}4SA-rgvb0@vHvIU=&em#PAo=nalhF6(
zG^RSuU4O)gJyQ<<GWbc;Mwo>HbZitXVB0CV&)>QI_QC=JAzK<bIn>3RmS{`rnFOuB
z-f<|^qx)Ia(M9Y%^n;5i{P8|NF+!N@2F-kJ@eV376ba=;{zb2|&y}0g=?0x%+FsBt
zSh4<UUq?<y$Xqe5MYOlFq`J{G$|dY7yOcLJ;g%Ks(*A3w`VByQW1vhNBuCevVEr~K
zp5IIN%5}2l8-Za?7D7!1QRzp|_CE;7N)A@!jgk383I*x+^wx)Y&??}s`^s7oad!BF
zsL_tD=L^);v`#%o;0AjiwwX#J`_9$@OO&`|)l`x_z`P17mVuB_3(Z?N{ETy8#va<t
zLIrG>H*^`OOdZEYYEAoYV1waP0=vmDDiU6B7}@fX`eW%pD&Zp9ktuEY0v0j-Qi9-c
z<kY2JU&r6cxf9|qZUiQyuFHga36iy4Gd@J)nKxbb$WuT0U~>9AClNxxdWI_EkQn-!
zH*vMVj5{D{J2kk6Wn#AUZov;o8-N>hHr?~+QMbufxmOWE^dLb5Dp$geXUOTjcBBp4
z!i+jmrt~D@^0ZlpAXKMTT-PKnAAOkzWptVdvA`^Ee`cC!v|AYXf=*{&*73ZwI(?x|
znM%{1^eeK~i#Np+!1gM>k(b3t>~dbVH-#h8?}7P3Tz}x^{7gbc`fMBit67(b0D9PB
z_pSF-Q<HjcE>p%@4`Q0;VQG+Tb|$hHrc>-@0m`uC6n^Y|n6Bkgl0t^FHA6%sq*M&!
zl$X<QV92J4me)vvW-!Ay@R|=|n0jjbdV~xo{!qv2p~K~@M@9|NhE_$AjQQvZxB!hy
zx)+pd6Q7Tsd|xK_l9jF~h22+9(IA{)vYfw3;url`PdlLBq`u+OqG)V)0d~_L(`oLP
zz4ZVtiDPcKp$1|)#QT=H03?F*L!|&7Ge_~VA8~&&Z9=#dS<x>VQHE^veNs=jfz+Ex
z^+%E(4}SgCFkS+Q5dzQ;3$WAa7=6N}^WA1o58m=oI6G&?Y6l}N#X~+5Y+Lp6_RK1y
zc6x3$`ZF3~9QgjpOeX?3n@HMz8T+((X7-a2Jky2y4c*$5O<$c?mQ(kD7%^%~txVfV
zkS_e2R3M1@+5D627o|>LH=~i<FUT5YH240tnG+!Pp|bWl#)1B{x*D5+2#@-1W|Uh`
zIB0D0V!F{&l+EK20if5IrEgj;eS6>T*cK+ezyPmuyoeE-a#{n8g@@q!Di$))#&NF`
z;9dI3wCE<qiqLsHq5~dCU2nqs4I}m952YR$4PvG9@%~a7T1Kj@-_wBa!NKdg8Hv|@
zCq|9QU}9XGK5k=!a5%rRKXfW`B9nGiCgV;PN90a(T!(bU?vxz4C*DM8E`J-1*2eDS
ze7bAwr_cJJibrE1wdm#T2C%@j`!TSMNQZqV*90xYOAYHKG*YM78KYY>zS$-)tV(d^
z#W%WXoDraG9E^)$GsnGefMM!;zvxTO5DWUWM%-D3U;QagneqG)-z6d$12&-jq{s}4
zh>8jvpQ$QPIQQTml7fA*Z|v<nR<I{=!++G`dbIZ!G515C&laWdo$alZoAF^IE-YTw
z+pKa>P}-}UJc_vPUDB%){4yk7ehCnAcDl)OWy!d{w)sf(cBa6z5uGSU+t(blU9zcV
zYhHbMb)0cznw~91c2mu~?Tz~;y<%0@Q1oKlO^0*mW;e0GyGK;op|36}3GQAIGav>%
za=b!jHA-7L4AHF1p2p>Nvb_OovDB|6pJNxN_rP)Lb<|+~=PQ8sv#C*5kKbY$z?zU6
zLb;J}yAg?3!J?-8&poqwRlcl`UMb^5f#`U*%Z@$lm9xYSi6@`Cm*&~@k^FHM#P0{R
zY`KzSZ!wl<`&w5Dxc0ZNaS~;=rf+np#Dq+|?oP8zNc*ro6ZyX)WCf=)n+L09qQ(V#
zyl4V}rPYwarhzI~WI{%lhcb65H)*WkF<Bn0;oF_jE}?<K>h?KW&|S-odxJ06@B(;K
zmQ$WGZ}xjmPd7*Cw0-O@i*FIAaYNvY_2)rv*Vr<6igFK_z2G9&)JO-iQIpK%_;R9X
z(AXpd?Ack96KJCSKWRCBe`MdThYe!_@OK#2!zN&D)CMe|$3Ws~LzCp6c$G;NHUgqN
zVn!Y_yQXWj25%yJ&T^Y=7;OHX5%KoTeu6H^N9b!e7%HsJ<PXizuct4drKgN!W?dtp
zLH_XPfB#uPGM=+!1>6r<*I+j}a1={N<#MfX1o6sZ0f^aB->4EM&dSi(*deW+G2LY<
zi04lIEO6|kPgLw-pzKuMb20DyS%3ISAEV&ZFx?@xJka9a5@A_+Qa0yPNj$xt^acW#
zXEedAOR-WRFK!D$5Y1WyQ!3|hf-D{wJLpZP7i5f(1nUz`dt*Qzm(E}L+kUAAZ1z_P
zRmES!>mj+`JX5<frCK>(djZ99KRX)>=*`#O2oxNDS1lwWz@Ba#1`6KjpLzAsGR@VE
zmLsOma$mZv#Pe$P!|%b%rjm<{$I&MX2apBzwhtF5HFzV(2sRDm=uQI8M9Gp6_TUa9
zZ0Y)RP8>R84Vl6Lkc9MZJpBg{5M`X;l+|FNK9jqlo-**z8?W{Tcflm$0F#Kl>gyuA
zx?2fC6jsZ|%5vg>6LDVY=z8zt6Y*nK(b~EX<sx$;=+)2l=rSFL4O0HfXV@1)hTi#{
z(AS#Q;BET15Y#M332oB(02JRZ!FWiJrNH^K-9O&|53a*$7&Sk8%Eubk(4rJ4>3FW!
z&`Wo7dwNHA&0<+_HiQ=u>(Zkr<hVJgrsalhPfmo?MtPgnaf~@RYFYX@Df518rszBP
zZ4m5d(wnKYtC0O*(L=<K0npmIxCBwOxV#S*>9VCY@jnRjEg!@J48Ep&8)WRC`A06V
zF}7fGNy+50^uvi>`h*;zY=N^l)fuL)%$Kor{+lx0tb-J5GS5<}mN@tCdPU%fAllNw
zL>!LYr99YtOv*1%g}eHISYvwO*Y3dl<10ea<hxtkn!Fm6a2f0uG10jpotzQZVdnxw
z0b`uB@+yF0hiSiA|8HhLon}r!#0Qr~(T7TrGxZ`E#*KYB;v7l621pfXLc@jf891Q!
z^h(}-DEW#D+=kK6|3(E$e?Z>g{N}_j2}g0YCw8&Bncth3iCV6$#$|jT*%J~X`N5`&
z_HQ=C%c)~dKZhFymW~bU&is`EXbmQp45XuV=r7^3GY!n+2q;Tjm06&hN&hpRCOjRf
z3SXi>KD{YW56__d$B|gKIDdzF9nb4{=N{XqWuF$JO_}x$jGMh%S6(M?==}P8j+ufR
z<U8v2NV%RE`R`O48ie$#+}#G|#Zb#QWHKgp;d-_h4xsGJ;J3687l?Hl3K`|ck;7-;
zI_#JamlPwBc*KfC>h@5_9Jga6Us74(abPNqQ*3-(!}WsCKk*5&I|ccYb17RgPs0)K
zRq$@$YU^%yi-}SV&lHNvs~fvL{`}}nXL75OOj+`d+IoUN`3puPj%L-zE6z9z%q&1b
zHOrd47`K)(*{uGTe7VL`_bS*$;k3of3Z?7lkawv6RXK(Rc{+kSY<^0@TvVD3jc7ok
z=X<Pia`@&Onr6q-SJ0shfIGEVF=I(1{-U5+R7Hd2c~&DmMF&0Jr0C!)8+qFMiKSUg
z#!!hAdUU+FuPX^iG#qk(gjbeYqOC8+dffaGLb8W&Ugk~GE7W+Y2ll_J#*-&B_NRvp
z`b@vVkf$x3cgKv6|FG@M986w4AInWm;jS_4j6U?s71~ed{F`pZipVMDARR$40mA0C
z(AuKS^l?Nq-!1LS_#4`k2>5-TigZJYehlj@&AwZ(E^x4u3on3eBy!PH^c~4D5p8%T
zG}xPSac9eX{JqjyZCKv5S{C1^8{c+{M?K2^W?7s6ey+?Js-WX2gg=}@w+=I%>ir5+
z`+!)fW$R`Z+SZ#%s2<HAB(Q|P6nDK+BBc`@4?FxV4F-I>eA|GJT4EAyw7-wLx*lTF
z*FcPbaR3v7jq$+aw`q96M8^J|Fk0*D^uIzNYj)lA3w`d+$r+JG_Bg)Ef(t^*t`e^!
zZ`c1TDy=|FaQ0uTdtY^?QDyK^wYr>_vpD1TdK!Q3)Z7)pA2fw<_*^)!#r!R8QFXk~
zK}FD~fj94)sYy!^mjH_6G#j9iW*tSU@>?G2gB=|e^%PyG5bA%MddCm{sl(=xK1}de
z4m2@=NjriU1Qt1x<H0+g=-fqg<&CH54&J1$!JOE+A5y{YmAHOkq967;VMAALe}}Gy
zzzZw^9tF5d8KwdqXn3;pus253D47C+tEhpG%q3j|FBds{c%BXl`9Ac%hGd#F-LV$X
zV5v(QTR>JNG<Wk`M*m}dstr+s8)vO!$VX{64)hX=6U6WP&q%{1OfY6mv8OcD@1gk#
ziIQ|6ClL{?mKLQ(27G!U`Oh&EVQTs1-Y&Ba5{vz!X4=M9Fz8PO5BPiZ=$a=dr^7}~
z{SS>cG(>@kir>kUhjF7BZ`R#IH1zqM*B!w6=-evPW>w#;*)|dH>x5@*A2d<@RcPP^
zQ(tQ3ocf?*NvOC>c;!5^Blc@}jq!D#lGORZe7VmeUKIQy`#=B#7W?|Bf-nRuS>*N}
zP>&fG7hqkL6)<MuRl8ESHS$)sX&%ac`MqGKXzuofHe4f_T#X?nW9FzEd~kkk8^L{9
zWe5pD6@r<D;R_5du&5hSjv2i+;rYpchTcl(h+9a3)7St$|2LF6$m0ie*tChk9{%|B
z_12jDVSHPnAJ|Gr^TPa4uJ%~+I5O7q6NVCN`dh@6@EC{{TPealnFVc?QL(p*0&o|-
zjo*PLUwHQmi{6`QA$mKSoJzs~G!E(-1@w-ixH#s++>i~VGdj=NZruE^hY&M3Mpw+-
zgsdH)?Wg~iMkye1fRZk?uo{k8Wo@MgXr*MzGQIrCi#CV~QTA{6>A*&h_-7_i<ES$x
zCid25Xfd_iGy5tw8SJZj{`6EHk74Y_BL;U^PsyFsLx4j-847+8454}mqb|U6Kd&5{
zHc>r>kgIRJkM?`}PiP{0Ry<bBmA9_Ttarq|lh|)u?@UnLC|5M-1I?mdvt2uSk}=;z
z4Z=_E=bc7>{T<m)B~krY0K3lmEUpQko&`37oM;e@g2WJ-OgKMqGlszaNt$!=-=rWf
z8ARk8PbFn3{-6woHD&4i%E$NP3j)v?Nx-gW2CshGZ_dD5z@AbS^{n7>n%}LgCRt6l
z1-QCvA%XV2eRS<2u0$(Bdf-vEa!X;jkV#eG&G^JZlzPKab}L^N;K?2p$l0#A*_AH2
zRlH5=&({daKxg`DZ!VqDsrvr0sO|zk+rdHf0MT)|fTfGNb9amApR>u(n;wwC&Bd<t
zZCFf}iPNSdBCEL1?b-(-mzpH4Ft7#-U?2^W<}4y?&(jEqQJ^8oRCQ8;H_!<PdP?u1
zPAo<5@p!etFrmS#5#%S&@WA990hv4vXDki062u(=Vt56;2E%U~QwhANFQ+mpg-yk%
zT!NcTvXN~vz9{K`#V^%8lgvd>ikHfmJIIv9r96UrBPJ{xJt-jsE&=}Zs3|e`q&RB`
zXhv1qQg*^Z2-uCH)snC1i=YkXL^N)6cw=AdP*lUfR{u0Qg3r%2$L58Q9z)6@@h3qT
zR-$QKB+<DtIMAlvJy>m<xSRXQoAJ!{Gi8uYBi`Tw80&41yiL`UzXb-g9y?mn#!%c{
zMl?WQtzKJ-Ho1?-ocb>Eh?&WPs3ZX^bZ5==n$553$pghsW2lXx<-RZk4OTIbn**;o
zV_vLpS*uc|Z#wj5{O<FPBcIKun{dV@2=16y9QRc93V7SN0>(tKIp>ZtRQ&04pV~Qc
z`VzDwss!NjOK-ka??cy+0;DAhNdf~HjAEFvrPg$`*BIKSkqG`xh_2V;`4YVJZ-X_L
z$?I^N+WTj6utjD!^02M7@<i9#Gyqv1)A3eE92{`tXS|3X;7HFNZJUO_bbdi!x1&vg
z(Yc@hfi|R>nmVyJM>La)#DcaU(3tXEo8HKZ06<x{`)8@zbo-27klp;XVg8H8&OdQH
zIBik{_v#~7qa%19`3+xvU{zB6-#pJAyv!(3`JSkN;_S^)_$ChPtYhKnlUiTr-01w4
z$5|eQ7{j3b_YEgcOQyw+^Lia(kOBgAXG`)ub=_KTr}>U=ZY-;Gb<F^0!gF=WiQLw$
zs5kA=9M0S=v?eFY9v^Ry)*`vz6dzr4VVrIil}tFYHzqNwKZbP7)5&jcNd5RY94~BM
zT7#k-3T8%oh@W4Q@Dd1LA}Dl#+P@?PKE>BjQH>2QUpox?S|7dDiJYIdtHa>_?W(-<
zAg$Tx=ei!%3&7bKErJhZZRw~Xk9v~y>5GDfYele$nzhJ|iuaQ{mpE?wlhVV?UysDG
zx_d8BwJD;o#rlKQ)V!L|9Ia-XN89O!D=Ykn(pIif^@Bkarb;4!KZ9Q%=$Hc$rl5VG
zd(`Qg!>LcyZmt~=qn&6N(uTph?9tM1M=Bj~VFyUz8(c^eIT(C7eNuv_r1KB~^>Mgp
zOLA;twDlPDaH?WTJNmaMB?PWQt=*~i*0_EiY#7YmeXI5wImB^k9#p4G96m)H-hohJ
z*er1$UDh%a|Lrg$<?6|N(#N1l_sje66co@;r;fKR(_+MyOmnE08La)734oyOs<sCZ
z{Fjfv*SC@4m!6_duT<c)VWUs4gdR|>e#ncfC@f?2;)*}hO&v*fgN+f^I@IcwlWlz@
zvA=E7*6ls$iZl{jv=dw4w@<UH2zu@KbQdl*UpaLa!<qs4MJYq(-%&KK6!&LwLuRP5
z30jVFD;;!Pk$__27inx0ycPOWW~`2;<2d~3SU&;U2fI7b6J8EkwsDYxx%1vp-ba+3
z{WG1Z??y|?=5nv$><6}pE7YrXc6Y`X@G8>ckJf{61Pl9Gwg@b3M1Q7|ycM&V?sC*i
z!|Uy~iKY94K#2v1wQL>JW1mK)DST#NH~|P^d%Mn3jWm#}oQ?Dd=_8!_t@pX2XX6>V
zIidg3k*Fs$vWGk|bTH@ch!IOyI<MK={N!_aI^W%4{h|<W2HDQAu0dWEcCRZKss5<I
zNa?hsRaB*~SGDe~{F!F8&|Wv}`jAo_x5a^uyIbyxXsY+8l0RH~>jVMf*nYd>?4O@K
z3VC|RhhLQiFTq*-2)q1BwC6mw3c0JiJAd9q;cZJXV(48z&LuNkqPDPQuv_P7iaLJb
z<DH-<TbV?CkFu;~9}!4#DdBdbig)?Zo2L_XMQcsg2>(JG=}aNi#`_i{V~jg1T6mz`
zJsI_gG33SH!UN!fNax2a!<?j*nk{<Eb&N1PH<EMiqH7pW;T1l4nk`x_aLNwHa%W67
zeu~yAsd&nNP<5eAo~|SO+^yLq$X2ZlvOBbLtlKTJsaS#mZ8|SCi%7Z?{4S`d%;5r^
z7bSEVKNJ-m9ldeb@T?BsNf#T5u03|N!9YLuK7FRyTMmSi5LQS>|5Xn?QjsvoF|*8Q
zuJD<EWyni>beBZ-P*7a>C)#vJgUTF2q*}={t_aEpBS|%r-BgbleP*($m&ZF%MH+Ct
zo^e!mH@UBmDW%a%c$ov*dX8OEURo@@xqs{_h9v4za3oVIW2=3q2F*C}1SqY6?;YA-
zcsIH$3OpnC6mqvq%6_o+-r^Q)o&^kCmVXoTunO~5HAsCsjj4lUGa{hW`({gN`kDUX
zW>xo=am_~5Mq+$%pxZ~g;^?_NOA=_$ho~y;0U){6*~+JiBEPs&m1KuyGDrJwFOUUX
z0}A?9Oe$U?!MB<GJ)uW}9Vj^|uQb-twOb?V2=}pY!OYcu$b2R>BSwo!v){E;7U=cr
zLAtZ{m@5kvpgQl2i4Qyse_4}3PmWObG$Voe@UdgG*M4`WKX6>_+ph^HsRs>hXh8QF
z*ISIBLQ~S5FuV{Dt~e=jdYpu}|957kwI+SCL5|!G0Hb8|h`=)?ku<3AUmP%`3jxXK
zWpNx6YdjG|H{<{Av@X$q%lxW01IotQfBRG0JO0>n`w9edZ6R~FPglThEE60r#d*s)
z?!o!Ib+qVL&c@8I$fK9z^Lwir*Z$;)NBI}uTRg}+2Z<)%p4&1S4;cNebp`;OPDGu9
z+7X<(kQh$9z6Sd(6e!53n7mkgKeq5!^D`CqIE1<pvy_H^K$;*brGylN;Mjsu>b0bD
zNCKaH;9^tt6)uan;bM^-8#Ld2>J$>~ed*oy%T2afz-5vA^>~K|vPQZ0Rre#6`7@yb
zK9wRL6qk0Dmo<-pAW40|%lNK8Yb)|24cV_%G>ex-5hc(bbXeZrQt8&+GxBF#<4@PG
z48zRC5z&wY@}4$XBgsJqw4EH#qZA|cF*nqMe6?kS1!u2I0+U<$L4L1(;EfZ~)%24X
zkQ8CnvTIOQvuj*m*V=a9sIc+e1s~<#otXkb@LN_B(uM;rAIU9`GN#XFEXhUtrEd`f
z)Y5uo<IUj>SUOg5C*KW5+Fa1w3-k-#da!8<RT!SPTvvJ`!y3IqVERyx^b4qo#hXK@
zSjaW};4FUUHSU8)Z*c6w=|)}p9cTyR*N>2d-uVzhT>^t<Bl^p%8-P?$RN=AA3uex_
zs~LiPV+qPA4{J8gzX=XUds|Gbt+9kpHh*7dK%$?Pbc!6u1yY~2I{xCokCX;+tw2`;
zz93(k2X}omhDsWSm%fJ4954~|7ERLUCjk+rAQ`(#9q7uTdF1K`30A=wLIUOc1)eK!
z;<trqKyL{zRG^=USM$&zO=3u5$ZMCZl5!9ag4I)6_urwN6L8d5Io=%_a`lAqCXjzz
zVTNk$jy^8qoxBvDbmmC??0JnL&U(m${!YBL?ZV><u(^1)1F3~fcJ_Bpb}DRN@k=|M
zuQ~Idezv(f_?)SZom{=>1$-j2GC1pcF>Qv2P*tmkdtV>HG6#Kz)oO?llo>E&Mbpt^
zU>A)QKP8NyZ~4$gBEIS&jrVE3CA$Os^j~!Z^LdBgw1u8plHlUbfb4e4m4F0l$-$Uh
zy;b9<W6#F;7{9GsZ>CEhk+(-HEi*UY=}E>|V)CS;foPuwtGU~Ga7`_=&IbCk|A~L!
zlTt{^)MOmrz0)`$Q(E9mX@a17X!f9;OuT0urlV*qpnZCpHwDtE>cAo}hBt=&%0CIr
zhBQHvyZ0OBZFCj*gFa&%lWB~;9rL!;TBgjHuv`@u$?rpP`R%E*t76nEbq?(8pSuhT
z9bQ(r^;S@PyZY>CJX3~3_gqhiYo|=w>fSHE79q`sa7uLI2J{U5=!ndX(MlBLL(K`G
zw_}$TiM<l1F>TN=bKPl2#d^>=efxmX%7L6SBfDl+i$#e!Bm*3lLZ%4qfrA>0pn%ks
z*m4vD%I#ci7ho>T)3MZYE&`O;ym>mCrtMW&aB!5TAfgoIrk#+nrxW;?c(<9eq})R9
z?_RW1AP~;Z4&0!?U?eOjJ~b3iylig<xqWE?h_?DFUUYm{t^YRWE4>G07%Zj>3VcaS
zxd|;XW)UZuWgjh;YoFt?dBuNv1v~#1V)9(+i#_&O8i>ADR9m-vTmE!>zp#ym9c8Am
z=b~7s=(&f4uT@KFA7NU`Wyw;MbNRU&4>FE}!NH;qVdOQxVxqx_oe^nF`vN|!hw}pY
zzWU!22=^En;Ta~Jd6<t!1QSi@Ds{=JDKkVVFyGuRZd~pbjaEo+82kb`0r+pIH9`p9
zeA+@ih@EdgQNufX4?Z%S@H%Y)O9NqZjwyC|L~^z9{bH&+A_&+Ms0&lDo;h_yc&myn
z^ilG?apN8MDYBO$GwCBk#qRsr(FqSuqE0X<h(-%DS}|EYIo^*bL9HFWLs31Z@+V|a
zO6BG2k;+~$2pM?5&gpzPrqdR&A?$7oiE+NL4P*oplBX9Os4VQTjhg)+Pd^_0?v|xo
z+MjF8Nx7yq5s)bI`-i2#=b193YF0g)%Ir66jsKl$*hTlBAquKweX7tDhNAQ)CJCzY
zo<88}Ib$Moe?X$R9=fO8BjjpUn5P8(-j?yI60fm?J-pYcp}jnT1M>}u73`j3=8TUD
zfgd=B%lod(2d{2-*dsr#N6Z@JBJPb2;svRXCO?ubuO&slFNj1UnK5JbsFC_*2SBth
z9bsLwWu$E3Lpftau2_Vm7&;mDoO$d(E>g*d3O~15Bqw1I&_-Zl`!uh`FuP?Uc){TF
z{w3Q2{ivp#_$E~I+g($%vWMrDqj!A!+uE&~<oMy@?<Y++gH&C@r5}s0TebujO#IYz
zqrS9Mc19OCt&vUkh$fs>yQR&NTs6J8DrYeHJHBX=@(y;CwgvS9pZ+=Y=oyo7q000A
z4yN>OqC)_YRXBRXF7DA>G3Uj<j@~InEXVFAHG$+glA;6rD^q3oy>JE;o3z||0<ibS
zHw&pZFT7F?CH7X1yYfHHDel$DGWP8Akh+VTU?0yKOd$O|O69LkLO0VC^nsoBu$f=p
z6kjKn9JG>0|5Qs|7?hQ)y(^RR2xvmi{dbsWyVgA53q5Md;YZ`n?Z!46t9a@P2vYF;
z`{?9N9)Xp-gJFGC!b#0Sy6ZlQdH??D@5M?lLC7JST}#<BTaAi31<Gk$j%1S(=0nM)
z3}*KRyU7QeT(Fn<bp8gUpPw&5rff0Gg0G9)zbdw>)*(j?ki3)E(y}w2nR<t&)bsCv
z+M<lP64c@ua>)UHD_fvxrJw!Djep}Qy=6o$;>%8%urIw+yh2`Tg?_Wb3n<$hC`llT
z%pYJ*Y=0g!?r8(^zh;Q+@0fzv1HnfOE=oZ)GeBMD)>Wa5_lun;Aqq{QVrm#@$^kwV
zd{O|DBR`k{CT|BMj&+4o&nwxk_`@FjOILNN_cY(qkJvc88J5-F3+sTuzp@L2%Pi5#
zm{o)0sDeIpT&TVK`D*vnKbEw#EahgBmh0Yg*HT4v(R1R*gXNUEXvLf*my^+wR}7Wp
zB?wf%aD_Nct-(b~HUc+b`hSb>@=2J+vC?trd6CT7v*7y^O~m(SovWCb-(}B)_u>uP
zme&k-ei(3>-5SMeWM0FSU!F+aOJ+GY<)gxE0JC)u))7Php5(d!e`WBcNk;TFnx{Uy
zuEdn5WN0uNL_+IZQ7GTE8m3K@5kTG54Z;UVq5mx6D3UsPwLb<!hsxCn?hTIB7e##2
z<}2r1%S4<UvFayP6P?}8%^VsB-|hOwBNLqzCO%mXDg?Ht2<^rTNzV>``V6}PVWK{T
zo=^U_y{lUXJ;td*iqKTt(|dNfFe!ba=j@B4rdMRI59yRDzwFoe!VUbQi_`s0^}Jlq
z2>E$lgUEy;eEib~1hqbl*B57$YTmvr`J*8L+>V~#ys}El<Qhq5A{k}3t<kkL%JFOc
z6#|`PL?qv;B>R&=Kh8nF+9%aN4f6h;=OPY>O+u70z(=%>EomPMr&Ul85mHuA_#KBt
zkM`2I4|bDg^6Y^EJ?Gdz+ao5YVe3nbB`y`6@KaPLF8!%`nO3--3UxVeSRB~R{q(%|
zvQ737@oK&VeG3s6_Sf}B*CkO<`V8Fvnw^f{QX*oIE<UC)%gwWBM9ssNHPUsDh+m_+
zso^Uj<NeX`k1FvoEB@*_@aKY!M44X-Pz!gY5}evG4J#zp!c*N(Taf|YE^aM#<?l|S
zRjD?vn20LehWv-UzoA@y@16)6$a2{s%(^gE{U34v9njSB{Ex#5Qly9=h$s*R5d{U5
zUZV)2R0~BqsDSj|%MlO}X)0YxKm?TDJ47kcn>6XtdnZ63kl#tLBKN+%_jA9`^Upxe
znVsF4o!89HZqA8tJ8jNw!murz+c=DDck411jV?^=gyAD)(NZ|>YzJ`)n=gx*MBStq
z_n>XUnLE;0_v|T)tv(H2#3ijf01sdNN2+|x*vwRLX~M1DcG0Bnb~hd?UqSmxC42Fd
zT+KFv6wWJFO?8(^^%|Gcd}9%+sgv8Yfz!7I1o^E{`|hybT^>B^R-<Bshkb{E?&Az9
z#;*FOTCDYJy=QN*lt~^xeEg`0c2LN3j-#g#I4pXvg8F<oa)BRq*QM2FtqIDYN)|bN
zldYS!+5PSn-)nin;kg2WgF+NtE6HgC@dwo-18xyGWLUDZNcb{TAL>Zk+*D>vIHN`l
zXHq84*?C;m>-r@4ppWy~e46I`0aLQHk2IQVX*%<FAyegj)6RFIY+gG$r@fCIy1wq*
z2fP@I-iFOI4b*i8<D<4vx;${k37>ICdxZlB-`PbRnL0yW69Afk{dHL#F)#IM`saf_
zjo-tR*T9iA^2l3g7a4dgLU`V`nE%m0iyNas5sh*9YTg)PY0;@C?cza`dUj<JO^5*1
z{bv7C5y~l%dARIV3*xSXx7EO#EfN2Qm8@Vt8UNCX<@nCZ&QN+2@JU3Sc&HM}YF$`L
zZk8|Ld{2`7T|Di;fN1%HNAGh}%RWAN{u%$W8gG--wAyERqYTFHPvms9oakCCd_bxK
z(XH~3CskP}E^?^yAL8AXND#h$ZE+&}>bXX~34WTTMSZpY?biSsY3X)JuqaTT2PYEJ
zs8i{T%hHuC$tNmnsqC~Te{ANH-R6Drv1PE4Mn&e8TLouF?Pbfv`f{7N6>9HMRNI?T
zGI8B2lMH(GEJfqMDcY}ZD$`hz&?shm?B3yNbZBsPe}mnAr`T($CHUE%cdA@!ldff%
z5N-u7_vs0*1Ny1Pm#*N053%t)4B)U$d0_Mf^GF%^I9mqxaW)@crGtuNT&H^#!on#<
zYKc@RBu67W@Wd-;Z`puf`L}iT`TEW(PFp-iTlJ8PE7Mo|a-OGLA>NKIlMkFad`pGk
zS#powc<yX-BGsYJ{pX^^<2O=J()I6DtSfGo0L)3EV*H*7`xnClvWBZ%h$S1e_T#!o
z9NOpzbyczuFvC31&dpIh8Nn3pN-kSfr%ZEE_68+YZSJ$rg9n*h4<C$c3tG*6xi9`+
zlIs;&g0HX4ah<Gw-#Kd4ym1qkeZ;ESZN4aWT|9NtZ%gG?qYUEci{?qyM=AqN29baR
zf#Er`p|`}TmZa59$MoMBUUnHf-=*fhz{!=^n@@tnz+!DD*WPtMh=ZciBfLWVZf05G
zz&-HsLHrTDuWwQ-I73@7R)``|flR&f0RJ>Q#3}jRJ6vO<LDZ<|R!%oy{z|lH;PL}}
zK%&`{RhuRs^S$5=(#JZDFB<?;!t=ug3e^mq%t5M5kAuynUw$4xeK3}V!emr}jicd!
zHqG5{@4;GD<yz{o)~3l8F}kXAiq-unZ7SYs+H#EXh-$InE5(K_mdKFn1Fj)CYs;0)
zY;6N$%Fjj5Bg&I+-Dyf8B8l}*v!t)?099PRoC~TL;hD~DJ^?T>Xj!;c-DQiUzWGw@
zmMjBQa-`xS#rgda1ex6F-(IFRR%|y?Je|q?(0QHdO7V^8&GZ8@?va6b%r_v7JwXPu
zN_i}WkC%rMAQdgIn2c5<-o+@IUn*P|xau0=^CI{-(Z~Z()tiLOcLKTEs7;2?njiGN
zN=4AtKm`Di`Qm|;CPp6Z;6oiCJIUAQ6R&2xh)J!hiAJd3d+YI(L}kHAWTAZ4w$XcV
zHKp<GC6fTz)srcR+vAanTsF3~UK?IrLgalJDP*?RN&K@SPSG}#=1=F8y##YEE_YYN
zt<#69yXBK?u!LSzy2QETQ)jB{L7xIHlIwm%#8wlB$t^{%5b7*JZqSUsd1^Owaqg&4
zdVdEum8$Q-OPpUHQS}M)@v&Fe#ZQ^1xX(7C+wA7w$#DFLkSfYWUJrju$1~T(u2}GH
zdr@q=$+#Iuc>$7xTNtveU@>M8|2EE=63>VThkL?Xn@9a%+k5PLPT~Qrz|gD*S?7We
zpNqdz?|cpQIfQ4Fg*xo4<ZUzhPj1ND2O2xBwBdbw_D;rl%J(MqeC=Ce#Q{7X@$ds(
zl&oh%V#W!JWgvse7hBSDeCHgan3O0Z+9g|=rIR1$9`BZ0?7(5cp38E*c=!1p1EaDu
zS5TBlmJh{8sUU#9OwZ@0N;NWJ+~Vbk_DqP-by1U&NJEy~uph;>G#8G1F)J<$xGXB`
zwkx{Ktev6P#>b_0)gVGJXr$mRfr+#P;rZ^3?az0*H;#U?l8Tep4skg$JFAzGH75Rw
zTgxEZn&eqt@RgmlQJ)rmr8^BJnf6UJe&At{`2<D5`=pUjg?twF+tNg*h(dx{-bZic
zzXy4~m(^K4Pp>Sd)<<h0)Q$4u&J!s%o4tAsBNu7wy+Ni>H!3hEPdnOlaQ=Er;84)=
zwaWdo70U(3ts?9f(+fJUTppNvb!W2p9J1ulv#pq*YuhRMz$|3-R-^bRaIXdFKXwwL
zNqLVMN^-IvH6tFMt4@$-XE=BiyWP`$^ogp_F_Xo^`Ei7ILzSlP3ca%uU3<zQS1ENw
zC#sdf2iE{*;K0%QBai0NeYnscG<Y<*)Z4g-(&7V=u5ngp=YbRBZSPRm4HV8EibQ@)
zR0`VOd^gv22$+~%l<)ZD+c4qaq%TU*F@C^3@g}7Dwe6a-F<j!JVPBi~G#{1eg@m0o
z1$$Y<GXhH%`m%Ro;_tWa9*WSQs5{l>PxMlriurt^7>$EY*(^CL2qln_=<D-Q?0$Sy
z^R*E~iUXAzYPCsPcuo33O^h(J{`j<kQlPcy&CrN^QR{rev8n8EBK*7QN44Tryfb!E
zxje_mp%2HrJ+;nXxz3tqhRdI9UrIar`g!{EkT+(1p<_DAHS^E<K&~I^#~;@|-yd`l
zR9|ZKcJRyd)RZ$%+&yJ0`CF--r9=C=4CH*Sc1)vZVyKGBwH^R?hDXNIbG{H^xA^Gr
z-C5~LQtb%yUrKOYe@O9`-22FJ#r-#4i>0Cx&(;?lF0FeM1R+WNz5oa-zxL&st&SNU
zSf_Yi@K9RNgVKk|G1?jQa4Y4~NvCL$RvP66tL*sQtd>Eg`#UPK7)2-g$~Xz!p#s+x
zKx44h>mKd;>3eKa3<WQfX1dJ4wAS;X?VI&_eBXlBYXhyvl&dP4qJ=jgaw8BKBBwiD
zVN;`}S*JNQ&tR7-FeONdC{ckemK-B8BNcCwn?%$UW+9Oc#;er)G|qfg)&^Wu-Ql%^
zQ<5(5Pj?2%8e~c>b>)h}0PTDDj?VS<hF&|b6naH-Mpq~_bn)=LYmMUihZRr7L?kZA
z7N4}AaD3w<<bTxu?xlw(@XzS}SToi$-uqZ|>7skPtyfqG1?Sxl`}c95${vXDlM$3P
z7hE#urPZe_tXR2z^$@ITOv&7gC-X^@AG(&V_87IFryfwms4b80NKpU6@Yc=<1SqcQ
z_&l&Y?N<9Z<^(mD-s38&0KfB$cpeT*19xAff41x^d*#<EZ)APir}oj#<06(Lgh7j`
zKD8h?hpOY=k|?Ib6<Ogg$JLupv6yPx%|M|20>$Pl2k%*SE=eB0?OfHp)th$@dXlT9
z6YxwG;YpJxqE21XPU^|8ihpP$04U!|%A&{#6KH%8Kc{I$5Oa2)yDjf{C>6_*S6)1L
zTHLL?ktz<_-Ejv{9hyeE$KEa~?&prb7apb^t;?c3RvUL%R3>1#LV<dO7<QWFsM&|w
z%azY5OmK{FK3x8>MfR!-vY&e!2y#81TuNN;!vjWn#ly8X&n6V6+@yEZE*pkCSwOO*
z<*H@*9Min4TbhV6Q{hL4v8S&w)-shxr;pd%>wCAd5=J$waPv%{U0hn3NF|##SK<it
zjrLG;g3CkAu?>!oKfa;RL8mRW9dwZ%L`HH^;Fk|XiRSqLTYKpXQTd|f$9X~oSDfp^
z&X9IT_!(5`hhF#ZeaB{#Gc?n*9IC%YCymgW71#Z+t&+I&1=l(Ecl3~W2dBqVUPt`L
znd)xPCb`}@5LM_OdRW6NkupQhQk&qTbLiBM>T=EZEj_wco(%NlIaMO?m(4w`Cz}9M
z5k7X8qsY_ewmb`|;ER28qcp4ZS_>`nPQ1NDE*39ZOawz~uM8Zfo$FZQ!)6g~+WO&j
z4*y|BA;0+|ybE?>udm-qG7k*sZMw?f$xqKouE3u)_K634xdXv6U-ZuRdq{YP%$*+N
z*!T3(8I-&#q$<7uK8+c0gzFZ7DoiSh?XzLM+UTU8G_ze^P1};_+@t8PT6#@?<jd==
zc7BWA&GX}7EJrHgt_7^G5-z*@1+YxT&M3_AJa(l`E=ecte7!TUoKrqS>m1L98P6U<
zurvzaN_;HK7Q@AMkkukJSMLZfrFImjR<HXl+8;?}kPxU`BsX~wL#l-Dhy0}2W&D)M
z@punMekrNuKn_aV;k<$E8PM`+j~b*pZwv2i2s29~);ZdT8Rg~F64Q_Ah~E1s-+%S^
z%hPf!xAXT~2YhA^(}QQum&=oV-;G6DiXqnTN{8rdtI@n3lTy`LW5!2DSf(%PSpfXb
z^lS?6^rza&{AH~wrpHFq3?z>27gZ%W6lgdI!5&{9CkLMyJGQ+@zV7)claLk4+)L^t
zD#Z)Fh~^qa9w7_djQ_$TSBfXVkC^b3alJ}{FVN$fTFAttx2g^=!|fZoOLfxZuv5u{
zbJrq+3H6%Dm`kTmbpj@$WL_l^qh&OQ3j)06G!qJkc^jP>0Uf9DyL2z!l6E_r&fdSn
zGu(Dt24Z?yaQon+Hd6w++QNyd(aph&8;Mz=xg)Y%wqv4Pfv2rkugDZVu?~F+KYC~9
zNR(jzeMu3Yb4bE?`9Kred<%+M#UP1?sbwnWU7G8?Nkf?=fCm|E$vQ{;kE34j+i!Q4
zZe{D;BFJEKZl}(x?Z0v|=z(yV*;y6-OXwQa1TG2I@y`kyYPxObP(`t8kI3TI)wfL?
z=ZK#SQ%2rJo!vOmqO)wIkZ5=-NS|`3b+ZTJNjd82sq*61RbRP;$q?v=ewz28M^^2%
zBR{AB^#`###*zDd_>mlA;7f?_+&oRLQ_rkM$?}md?({o`Gevm(o`)5pLf(^7Lq0})
zH!}E5b!}M@xAyZhB+pe^8ov;$>dcd{#YUBKN(jg#)vpep?yerO%6a%Iw{5b1b}(>u
z&i%!iWY^Hm4hET>4H<|J7Y$G|CUQXkUd&;y?33@xqMv)~@+&ooPmq%zthGO^M3o~U
zwxIpy#}_Pmc|~72J$|G-A@WAC%~|s^OVQ?Y$<o=ZG$J}ZZ&-Ii);<0(dKn+)<)M2I
z_d^9&g6NfX6fE*lNwSl-I<DqNW1g<zJw5hr9rl_#OjC;L0FazWhOj(hks$ZEoa~IA
zKVKE)lmn2+?eXkOb8W70H8~QnY534j_5Lj7s{RM!)ts}G*!^C?{l`2my-YcB`Q}?b
z>Zs`|pU37g_lU*mwM7p+erI>qp6S{19)~*2VYlqQYcXFByKQhj5PA@?iN;uoUJHs^
zEGSn?1`>%6S!S>_&Zd*v&NmM^G%K9=BxgE!Hd_C{-IbbF&pN&-!ZmX1Wb2jE<z98R
zq!ZSbPLC+`(qFefyUrOouvP@j&)J_UMb?$fM32y_qDIl(6aMIn{A0r_?~~CPXG$&3
zAO+>7$|qz|5l<#cgGN^f%wzXul=6jmlUcLB<^~`gPm$*(*20rvCv8i4^%qPcgy&6Y
zOQ(xcO1fiaUY#h8wzpYFjI^MT%rLY~8f_iy3+{%@{yQF1FOxQkCu5nNHPWA*Dwl+Y
zMBhZuTofGigIqT@xqn1sZj_HnA}_eQT}v5)cye^mV<S=3k}68`)2A9)CMo7R`%xtL
z;yXYTFGk@s;T^rFF6WAP#zr;vKZqdIdidi3Nr5i%?4xQ2Qq((YQpelVS<+=!kwdHf
ztbIv=uMPSyeW>+(=T{5x%<>h))N7*74#Wp|_%}*ydq#-#u@t9>Y%f~m_iHy@0N*MX
zlI_&W&(iaHyI{(y$Ub<eML-4;1k@g~y=>&k_O><r{8E)D;|l)(nR60@cDtZMn%X;S
zX5~_oZY5cs0|Fti&l-V<!z2%FcxP!f#atfQPT87#EC>sC86Uf7IfA51PHQ&B+tL^y
z9WSQl*{&H_p5)#yJW*Y<GJ%v^5(;OAt|2B2i_HCeH~7B15e<3{b&R*RU;)$z7DYyj
zXj-E$-lLl%TrH<2qvV)7mRv@c@hOCiGV)UFP4HK=Z*0Ud!rQBw9%!0t$v@Jr-RF8v
z3QnXy$INm*_vYj<W0^Ytbq?4f!@<{QeP*ZU_dPlH{h2Q#`C}gfKZtXT>co~g_)#R`
zoS<qRntH0z#NY0hDM<!&&^85(wcP5^;hY$U>CV^WZI#nI)`<FYULUZ!pJ|ipAS*1R
z%&r$DfcV0UWD{O+V0EOrRocQC3-^ZBlWHU0yoC9W5cNa$t=iQOFKhD87x^{Ozs9E&
z&YU0{y*ODvvKpIu1F|WT7=WiXKW(X2P$gKK7yzJ7`dxq~Zg~TZ#qUsvYw-1jydeb4
zFAOhNZQj|(BHSVp*W_tSIRVb<6`Q1SsjjK1n!{RBhk{M}!wC3}YaHW&x*j{2$ckQ>
z4bQvDUc#oUo*w*yRO=eg-OB2Faf=!oQ4pwY8WL9M?Sh)-o_%f*u@XY;morfvN#thp
z#Zz>jI<L<tK4CC0jaQ)R@uE<0tR_`3CeZBona6k;hs|$a6Mx`uPVxRO+xH}9-N$&I
zH~*}3zm7WZ?RF-R;B{CtR^|my2lH~KNufn1=x%nw$%rl6orU@}!jhZxY?Tg?X6G%|
z+Se6bTN9l{clK=YRK1AkbVIWgXYra`C&wk5222%eUNUfn1*NK8GuD$Vav{TMp!t0I
z1M#EG5jmjfL~^3j%O?J4@v71cZj|f37oJ8d{C({uTVm^rr~&^3IcI^Pgk=xigz(Pc
z+0g(v&@T#0Q*|uWK{aS@uY^D<CDfw27EqprL2_m5vq*m&c8el3YV;Bx^4huaLBxhI
z;M5XKEvtmSg-DQa8Eoq8T#uMv1oBaj?DK^<ic4&A*T1CABY}g4g0P|)%P5nCrm6xD
zCz=31K+svhp4fS#9Z;v&+|sr8o3J`Lt{1a4J&Kr{rw59h%OI8G0?r0#WbC>$H0ls~
z81Ag02^*lAw*fZdP*P4vqIpfaPCyD)QQk6sYkR3=i&}1J3BeAvP93aUonc;4m=@TQ
zLN9fX4y6qi`0MDQoXAJUCF~2wW1S1LlUi-p7MC^sA<bkZ^N!}#V~(&F{a^In@D3n+
zRzh6X@{|G)RsHSANV>Ux2*BT;3Z38H9vvUxr&(w{1l=sLAMBcMux_;lI{O-e3QFxA
z+v$4-r#5DdZQJ{MUoEOT)B5aRrgB*oe1jYR^xQjnRCZm|R=-m#@hz7gxgu(j_B>R!
z<D|Nr=DPk`nJHZ8npr8_ep|_fUUYu#!dBhp<6dW)41gbsrwcjvo>NOhsH865W#e^a
zBnkra+_Ii8K#>#!K$JGn-{)Lh3?JF*@f>!!ibh3`ZalB#Mus_TOx`|9gkoH;lM5am
zWkz|{k@dD-*dA`!O4wv4)9UXx71u2S7Eq7N$Ca!KHtie*vU-}v$1g|mrm*{aZLd!)
z&0W`wy1%lHEbkkok%c~kHNr*EF@A<LbqV=th;^&jl0%OHeq3OMP;a@U6Q66n`_WiY
zDyiM1EwFiEbkP*n$iB}EvAVH1H#W7zxnfni={wpw0HtfG_fHdjsF6>k{ZPQNHPYa+
zsVr}>v8_<wU0YMnr0orxW8JG`pNmrvJvW@FaK2ivS5{Z)6xYB?_v-;0LF5)Y>&B-9
zyGffRj{!ggs(H)I34x*<zmrwmOYQ`q>q2;^P<DmOPW>uyhh&9AT}@4qcTJ6g$87~R
zmjV-}<>W$;4$dme<)hC$hLPSvB65Tw=$wI$2ou~6&4O(w$8G5*G7phR6Z4Mo`%c#L
z2xMMyfy>(b2DdAFWX0fO67(ao<49jrzjLuY8bBi7(8JPv3+-J7HX&JZ0VUHz=9{B+
zkVTk=j^=zgyoOx@xxZMlY4q8PX-yFk=wYX4vtujwM?>zUZqkh!+Yy9VrdSUrL0*AB
zIBKotKWJxvd2qWoo{j9R5Zqv+z}{Iw_PsH3t)$Foxr925Yn>rrtcdNBJ!t0XFN{@@
z09-Rt@-UEmRP)29Vl%wD9$h=Z(7D-mYwP8?#1xG@rOx5$PNfEG$DUqV)z<#fcGHSQ
zs`Jkeg)+pyxoyrErT*cQQ)^wPOONmR8r))53N{pXVv(BNN!c@yeR?LZM7V!hYBOS<
z@b!s;I$~Sr%@g)1WCyC1KDBAKPJ7JXfB^DCqk7=GJ)aKvkN9t|2rbb<qndQo?M3U+
z#p96UA(=3EW6ScgV%cQl+N8#2>!|KVTo$E2bzR<Zr_%K?)JnvV=l+6N7pMFJAYYBe
z3Ms6qF~2a2l+iZH(rb$#x{N#@;ar|SW5*!4Zv0@}JW4}@ZU8c>aAVxPxEP001-Mu`
zZxB7^n1*k#(0;kWR-JU^)BHBtu=2eUJvY0WeVaPGq#!k|Cuw-r+Pb}81CsV6JbW>+
z$k;P{JB22x=fu_%I!*fnlaJ2blVqXdo#_gaXy7fmyp-3M4xkMg;Vb7f3boNsl&-s!
zYNN9?;K0_TU6jszmZJeOK=eyPEufPI1>EY?^JcCsE;=RI6`ruQEv*rRKkc1NMS^b-
zX;>y)m~+aC9(c42Epov%nTJMfPt2DV&oxf60^G&AreP@5o65Rn;W?OT$!FhA`*CNH
z@MV`JokxoB9(Zo$8nMVkaeqIQs-X&hZCnYCT;6J3tUHZzIx;_(hc~$b^q?&Y8?xuq
zAP|4JIPa?g+jjZo5+#|MG<H)i_;lhsOf2i)>VxIkZJaPiBL~Oq5Q8CPa!UT1QGEC&
ztcxDXFH5)G)!`zmytBxXTOaS+w%e3X&Y9geNqe<uwU(Edc)Y|>)1AHE&FVenMW&!<
zJ+(7s$zvYg?%S++K?8t2cZU=l9e1KOq%>f5^vGOOn(`_Vd8z^mfxsmCS7A+LpCe33
zw$Pi*TOA~t_Yj{tT_#~uYZ~|P&=0lafE5@^X@vpP>_7`~$X)JsV^zBF?ZiZr#<b(c
z{Tig5^Zgoq5e}oqJwELmQ)!A_U!;;x(s77O--sI;xMky|unfqg9p5rW`;{&iCWg46
zrO<vF8?vRNI@cSUj-MU4pzZAZm~5TgYC8_GNt{-O6lrvseLs3bsw;`%X@XWH4A%zT
z>4+3d*LQL0?r^ptn{YB68l1E`VeW!jWjEc1S1Bzzg$ylwLNp78XP3kCBj!$_Mp2@y
zon(2Nn{Z8ytH2<5RP4+YjIci(rY<n-IoxFen|F=eCJA94)(v@Rq@>%M8rz*TOOvXp
zF*In=RW;gJ$watiQUP^nPyz#|Q%%}=)1cDnS80eNhIx|fuh?&B0u8nbYpY{-m6V1v
zN=gkhAp;t|x*SUPRrB(!`@;7NJ08?r#@q4O8bCFUr)Vr`Yrbe~I!+GpDdiJ58y>20
zAugMvF&+|&><HAn<z}7(lG@G%w}~tPXJL904v`(0B4&Ti3XflRMSp^fdqCD_*ECcP
zU}t0j*0JFg1gNl{Lua3M-r}C_G%ebWpH53PEovo0r5;avVtdtD=ha;NiH$tdY2XTA
zA8=H2689^D(Ak-+&fVxzR%eY3dG_trjnX<Njg8sGEkxBYTs<{G2s*_?PpJZ#6r6vW
zaC^I*n80fqzcWdGWPaOf>iu{Eji!sqH2RR{Ixc-C^T`O_u1&=LLi7*>QDq&`?_vRi
z6`B<e@(noivFD9Td|coKEL7FDm%`Jcw6@vD6RxPa)aW+3+gZzt43D<tj(3g^xO|2}
zxku*Y)uZNH0yP(`V1wnWy)|3gjbq~)#Uk7&6nT%ebVv~!WDYjaxjsEV)raWYtP^C0
z%AJEWac(2eAg0-E(e0i2B-`_Ho@-_sI3e64Rs(tfarAQQpbPLU1ipX#6mky5wFn3f
zuy?b)fg>|zW8qFA<CVq2RjZ3q2bMHG=bA*$SF5w(3&15ekgMpiIg1wyo2{B*<F+KY
z=ZaMzsrf?oawYzVA>aLl{_QUFaaWgE>mUaPtS6f{ymBB1)`#eC)K&`fD%h&`6_;Kb
zPjJm1E@~}F=>$4?m3VpcB56*v!b@7_@8^J=*9oM_@7#X3e&xA(Z|nA&dhhb51cya}
z4{PdO%b!f)YAK;mU&NSpk%Nx&`vsIw$1r;n-559|g@#e#C-05V6tn<?WW$YQnvsy8
zO;moL%6s5_l@f^TQX!O$eeMQwykhd>-ED2zHEKB^k3Fx839)&nu~8~5Uzs1hoj2Yy
zGHaebYhISHxt0(f*fY)EX-f}*$N^8nr|SX~>6<!FN3kyVl`l>X&O!bC7pOKfr%gnl
z^jW;Jo24*|G#ASo^9kdyqBZzdg3@^97BYB!3235T0E&zI)9mol)7VCZpz-T->kCe^
zZvnf-_xD$4N+2-DSqGo4X=0~#Z8`L?($;)Du$WdZWt$IQ8-g9xM76qfRzjzlJ52Nz
zgZO5Nm4;TT;vIUzdy@JiH2sTCBqeDJ_09NI4O-jw_>SSLiFFOJntuy5HatZX2_VEM
z#zBY;&CaZ;KLHKt-?ZjR50q{&+tMV#*gHB*ITsDP;Vayl8*3o2$=^d&?oL9s*4#C_
zN-LXYO*QRI&~}!^DI3#0Nj(M=Y2CJIX=$m`xrK%FRf~m?)B&1UC`<p)`07;wt!JSx
zB`e{unS!kg4lYYgq36$d>X(gNYzQs8rWuC<?mJ|?Sf$?AlKJvDaLT3o;v38gQ!G??
zHeX!sI*KNsa)d)BR4AV2&gbjihv5@8-mpwUedQazhoO^)Z&w7$voO?0S$%%3$FSv7
zbI&65j5K|#&pD$v;!ib?7F5c~x@9N7x%L#MaR8eW$#vz}4O*5NTs}Uy$S-~5jKBUz
zN}f*)73{h_L*vrGWfjHSj1^4|kFd#sFiTH3dtz}3c2QaSQ0wEG`>!r~_+}F>mLpj8
z$r-S$WcgPy>WM$@!kxR|V790yeKeq)OM59)S6Z9#f+*_qn54?%r@=vOgp08O&%tHN
zOP};Q`p6mZ`xMaonW41t2Lr0O?h~CjM=lDQ0iZbbMu+Kw=vSYA%Hc?ve06#G7n7+x
zw%eLp*dWE4V7?P0^ESD5uBPq7u8m#BA~U3;?>KpZ^&R<;KFL>8#b+GyW&NdVeexk=
zJ+M=;I!VCbv0bF=SKY1S%cn_Bd)H{c;;@(Ij8A`Y^pu94Kyl-ajiyPy&Ql5}ord1Y
zUkxPCI%tjm37k-{#Ys$lV<<C<oLmsV{dIym!w#i!KF1nI02ebo02R6Jw6td@&Glcb
zSlnm@4huVv;4Mrvc*>!Q9m-D@1l6$C1=ZML{+iwiv-Z?N5uEXzez3vi#<kCS)6)K(
zG{DdOGKpR{<+;u980=S^@M}WA3=ib{nGMt9${xdW04=p^c=1)B)pVG+!4{XldW}Hq
zur>b6Z!QjCeLRg5bgv<6EcZ^mB^H{(DZGc3!M49ydGU8E)BkE^tdaNB0{Gp^|3-~}
zrbX6EjALQ?5dg5U;*w}U3MW1|=AQzE<m2c4MsLJ0!1q4<Y5$!a+;`Bp|2`SV_HfZ%
z(m)JFUfg5O0FvL0yfZw^jh&?$#+5N`e~lm0J|BLc+xx$JJa)i!lE2{W<CkwP0DKE`
zX;}S#LI!5eFkS4%BW7G!fLr5#1^Ave0bTfMC${gMY>L6p9=Za%lx3nBe4fII`>Rm`
z2~U-DUH3W+dfw4fUrSnygYIGj<D>v5sM&4@rTN_`Vf(*2C;&R|*DyU@|LFIr#j1hj
z-YNOOxYtPX`&?j~?lQ9O``?X+zuQxQ|3-~}tp)INN}8?*Q-@t7#$I2S$Anczku<yT
zEk-!ma1BI9a8NeksUIG?n+=@)F!JBSKt1RcKLs=J{cB)s^4S9!*FaP4ie@{(7Q_4_
z*y>jNZe>hUY_9w%WibBgQdnOZvc?B~bCzA&{+Sy8S_=SE5`sBnFEy|^18c9HoFR6%
z#HFN(GX%Zw6h&4AZH8AUGtUv?BIih^3|^3)$<X0slDkK6@5S9uDfQX4oF49^7p3aS
z!=KvU<IG48e|3)5#O4mCM{9$wL%dn>siR&@eYJq}w9uXWFNc4U_b#lANspKNPX4G-
zydF^}?N@m<oE`y(ew7ztgONAfh>_R7BTu>q6t}obTnbj)Dn{HI{a0~yoF1`c7o~t-
z#s^^JEjMB0?PI`>PkIxSheQ7B@VFmhhDTrw%A-EDBd={FtW5c7DAU+enF^tdu)CjS
z8YmmD7J<6BKI9a>!$(f;UGdUHC;n>Gxn8fQ%J=*}i`5?q_woSx+N1|HvO(jh`S7%I
zdW4f_Tt7dls4FlQRyMdx-l6Llc?b0|@))r4#N!o885JH#xaoTF-#c<q&gjfho7PJn
ztGc`w?mVp1HHdFMRKbw(Mm0?TH?}*ROoF$?ZGh7tpF=z-Vn^L&x_1nM6kNYdTh|Mg
zOvWp!;P99PDYCJ{do_QZs_RAc4?RFNYW%Way*jtUEO>ZFU8JA<3%Y}^el|<s47TZo
z@X4^3bO!;I)4^7(oDH^bp3PiuK7Ucdh+)jDp`y&h031_dwci2bF6kz)N%P;U@vpT2
z{ts#-y#qDCm@69>J82J8#szQ7*qnYC9LmT;zFeVuPa882rkE+oHHz0In!S9ULaHz*
zZ0rXc@Rg7IP9|eJI13=3o+Ky&iy^Lo7Y3l^e{nvr$1`A$I-nDPx4v6B;CCzU3=hM+
zGdx{z(ztg|8c^dW54P>j42uG%E?WHFjl4^(P7;YVeg_&TEGy33i~1~mekNX5(&o)8
za2A3aR={~aaACI^|5^*+zft3x?_tcf<9p)qGNp{%{}UPj78|?xu-Lc?&cbeJocbLa
z$M=8+>25238y<%F2Q=EAgZ{r88<@6VvGE-mPkx7n!5+}~H(CJLz})rX|ER`pEp~hl
zG}kw1bb~%GwFfkSJ+QHh4+D*yJ)ofi8gn-^Fac^8G}^!@v-j{Y%)k$9T=;#~Fl~23
z!(b0+1n&WjKhpwu@t>&iw_5CkWlTTcprKyMXuSgs;D4o!uYBLwu+Wg$0~(CKLqlK>
zXwdC4GVncZV7Pz6#vW+{({?vB{C<bV)E?0IOD%w1$?spP@ej1vfd<$Q78<~$;)8B5
zZOH9`jXj{Tiwy$}#2(Oa*aI5Odq5+A4)_afV7PxcmGG`v1J!NYBWq0U0gb3Vpz)Iy
z047QP-_`iHT4V#*B@4!0->`9J;04LA>SjyFlyu3|QG$`+)w!RnvPW3Hw8v!Zl7?9*
zJ^1dTz>k#;&F_<@&y6t+=Ee_XVA}3V&8PRsRW)F8*&X&U1KyRvftP#aG|Y&10S(*5
zPwSd*<J!F{+`}d+G7aDY4s+wjV)VPNz)lT;SxN0yRy_V{DI@7lnEDoe{%Uc%iwzT{
zK3)DjO6i~69i@P-7x<ugcdLQ>s|Wm8++vu2%mvpTM#ePVWxO}8zelO#J1zkHvbg=%
zYW!<00G)WG-(G59!xY9|-!izsnBb@De-x#5vtfM2cMo7(18oWH%HaB^e-Be!f0e<p
z%s-+O<L{G(X}UXsAOAT@0bdulFMfx{KT+dfYXM*!AEWc%s<D&7G4|T=y-TfA*13$4
zXk49VKZk+`&t@A;B;!8^H)Km^&^_H*%(FC6&R_rhOJ!vz(JkEoUQL<|1BU1hs$xs9
zlx68fzsEm|(|u<9rlAeIn*A#3T>p#o9eHQ|R^E4U#(yRbXl45|d9!~e?@oZ;GuzWf
zzeK8HM&o#lF6}EA4R>mnL-z4@5@otx!1ucO4ris{C$MC;lTeYt4hdUvPKN%8JgP9o
z-z!}(VTAXAx#L3kyD-roG2_>Q7yvg4eyxbVuloOeLHx<!TlM@?#VP(Pb}^t-cpw4%
zR&io#{ax;it#NlPtAADFUuyyUO<n(|YNTMxQ;fNG63h$z$log6zsljjZx!)>UJ&mL
z4^ut=$baqM(i*U{X@gx>W3~=<SDaw^zI!tUQ{(Q=SN~cI;E(J2zg6Rh7GEa~jIleu
zM-|3{^utuTKQBgpKm+&%8@u^1(D-i);+^4Ps^^{I0odIb%=+n<kdcYqI@rA#b9@hI
zU~1f5(D)}>0KWw02NHi+*Y8&2ue8{iv>$7)7y9Az*MBZ_0WS|sjM{U3`!gTNhFJvt
z#|3dpJb>9*!j#WHu#xi(8$X;1yLGS|8esXp8yYHmK;!SV0KRW|{U7T39V`D&Exu0L
zPtdSI0)B0~D%~I0_!Szv*f7xe4+>)7>#i|&#f(iGnDY6jw1KJhcR|B?kF}h@9?-zl
zxVxdTTMOX7QR81|u`_7^W&`0{+JMbp-&N`U6*P9SVWIJ_3SwYqJNT!H_*+4|Gd@iD
z`~w<@J)nVUx*Hl`^}ZV#m=bq))&R8tcJJZ;M|J(5Y5{;J7C-skPuO_nB!Q`>|KMcf
zdolT=mc&%QyVw1@q+xn}c?$U5NB1bO-?V?L+J7M9zbTx7@8>CdRL=i+H{qXeCIG+h
zChS(0D(ukjCE{O1sl6)6zb%M?AE!NEE8_oI5M!ehhWW=_U~BzdQ3_K_?@r*D>iyTX
zEkK8@ad(BOf2_v8)&lrnYV3po%m%{OC^Z>6e|=Y_`&UtF7aPWhcNfF}=CtRRiuj)u
z#5=>oRL?)66sFey3AR{xV|EU9MJY_#%LVK@X~fjHyTjBUsPV700CsjC|5S|~-}@e=
zYNV$-yZo%S$pX*u{G`asbGf`l=fduRid?F+Ik|JPnk00mm{I!|?;E1i2ROOG%PH~L
zDs$)Hyb&x!DSj6B3M{^Pu;r<N1Ey--kr%$Fyx+w&{H-|PyS$=5l-KmP^1h3c!EPD+
zazG4jB!C;J{Vx<-F(PuY2g!iINEo<h5dQNCF}O1Umdv1WxP>t$+d1RB|3~s3sElGx
zwSQT%{M8XGmJRrERQt6e{yAvO^0&h10bzPrFQOFz0e~&!WdA@3ARtogz*j2hVdxT4
zzdT-mwsTywvPCa$l)!;?v#k}YwZ#x6fAr>(cI!fs{+8h4ToY^nqA9!ue)XRW+DkhC
zC-a9EZ>*TvqRoJ{m9^GRXk_J9!f-jFb!)Q88Z`h*8$d5it(wl4%|cxGI)`l&nzoQz
z-~bk21Mnh8^tRn*`8=QkEUrO?fmLd_<nnPKhz-qxZrW;1g409h`un!rHQ#QmnvOe`
z!j1!B*PNixtx3oRigX)gy^SP;`9a#*7Xmich5-*aj}*G7Ed<arkpswqQkQD9-7J!z
zIz$sdtWR$NsA<GzQvz8DO3i+)bCVsuT;3M~U+Q94N6*#`^slWYz(2u@h5N3pmu55|
zZ^tgfAF;y_j_?2|DO{=>`e=ASM3@%*@-SS=3EFN`s9;kFN5Z#-kmyBtKXhvu4Qz}~
z!r0M^J=Em~G-LWp%M914T-L8_txW7|l&}_9FKR_YyM~j(H=7`^C^+to=@?YqLJ>g2
zK5q{^s~7GCEY{GAiztFZl<4~U<Z`RUMyw{<qSwXT!7d-D1{OEAHaF4hpz*2zC=ka!
zu)JARm9SNmxV`RKH{e-?1{R^fHViQ@i%u9QO_`Fa*o4d_Y1*NN=K*2o4$n1P2wE6D
z(8T*_a3yPK(AGA=(upvyeRN(LNq&EoJZFP^9G1}I$+h7r-{qOT;n~*ZX|>_W)#bUe
z;hEj#d2H)y;mlS1t*aX|SFdedm3Fa6L->;?BtcArV5V^pvq%VF76&tngqg)b%p)P@
zaWL~pn0Xw;A`)T|2eXKTS;RpsBO#V?Fw01oWy&{tVViz>ymw?=?T=~i1cv_yeRhIm
zE20M#aRS)+^S4wLdl#fdC=!qgnkOZ}EJI-0e?yrYZ$ih}pyje4MHh8Xj`xm__kz?L
zqQ1euhNQ9iMuDF{eEolj1YtS1%sGRw<U!J`Zt#br<_*$dS>#akk1HgOTM;rYPfA=G
z&p^vHpn3r?Z48UvTiEh*SWHWkeKnf?_*R4`ip1BY(LMi2-1qBE%@gB7BYF>4Ea{gx
zxquCRG9(SiDPjI(gWn%HP<{nEei1spzt_02$-cSCz8*^{*Ax+!^vjm?V5?p9ecyN|
z@(S6PLo3s$Hxg!K8`dsujQPY{0?=vlpg>f*#LYVz;|aoUua{J^ac?SUjE@VuWiAOo
z7s%U!I+1{v|Cb7Jf)gLSyq{Sgys>rGe14mo&$8t;+r@Vfrny1*wb7e4=gej@WlHeJ
z**4n@%@#6mmEbe83$`1Ytz;^c;OntFQnC1CD#z5GEuuQ>8)T#u&7=5QQz4p9F~=zL
z%Zzwc;${0}vAV>|&dFj;iI-iI#aa_DdnAi>CSLYR2E=+2FZ(8o4J2NEkt{ZxcsVFp
zY&`LDShCo3;^oNX;{}Y-)?yLDZv%rSG^ox71wGWHdK(lpp-FW%IOw4k)!X2p2`#F#
zAwdtdsosVJO=we{4GnsDkLqox0&63EV0~f$>!ITb6<zMHmAyI?T@#hP`W0O>mA%Fk
zT?>`H<`i9lGG(t-Mb}zouWj(R2b8_=m0Y`(y$&h44k>#bRdSuOx6kUBiEZXN+eqKm
zB)L*TMA<CKRZ1k^ENN9r6xb}8T}sr}EV)ujMA;(A1t*ekk+gyn1-3|L!-?8jBv;@>
zl%MKUbss=H;*|@u-Lj}<GH`OTDbzD?Dzhn!GjQ60YzpTLoY8Cw-wYf?HbrCx4qgsL
zN(K%UV(E2smxOB;^=u{%cMio?CXRT{@ewzYMh&ZaqQG{^?0TZMcFC1`BFYZQ>}n$U
z4#|~jqQDMGt{S4Y4uimPyhaxc(Xgr{3hb23t|V&flw7GKqWmn$^^r*av!vBWqQK88
zfxt(iw$CcrABiZtRNBBBT`DW!jV=|+Dx&Nz6|O3xwk{R<Dx#Gx6{{*D%5IgwDk83K
zmFy}adGIx>RYX?ZDniecTyLw^1s_x~zCd4>bU7tOhZ?UW_o#X{{vS}_e=-I8BVq`y
zdP{7+@2acXY{q@PL=Ihl{+7>iCHk#X8=3HV7RcIFGM`$B?dGeoOBv9WFK?Yz$b^Mh
z3Lla>7+?4w6!;US|A#!lAB^$;VfUoKE)&rslCPwth~H1yMJr=r+!HxD6FGlKeX*SX
zn*tL#|C{MI9#ZU;|AGRT?*EM-Ck<AIp)@C5R);Cm#a>0T)upbKiAnepGG*c5`=ObZ
zJC8;!)mj1`jb^E}v_2YLR%<!pI?Acua>rFX&G>SfvDgj;e*W<PhyQ_}#`52GpJxDS
zIr`2`qo?)`7!QI57$<U4Q1n;8i)(}q#)8%J<Z1^PfI>%H%!hz|)NUk8r{Bk&d|kvF
z-I@FMbZMR%6gDvjPTcP_5_|nG>BCX5Rpd7cfFJq{?GwLzqHU>FZ8j9NZ#av+ec^BD
zL=WaJma1Qnqlzf`>B7$CKc>J}Ie*;XpYs>zQm%B%YN!)A7&C9!5Q8*L6r7NN&KPiR
z04k-|ZdoCnuU`{uj<&y@_@rbn%u=|npz-1v8xYj_ri@stvMW|fOMJkjMLhkrY2L)8
zyDfRDR;QBxz0N<Yu&4eHpJ1(zrF(Sq8f*Rkh60fje<!E}d-pG?9c=+<NowDmJ!yz9
z)k?PpR|oh?a*fhv@`;?1hskuiD6n%06od;3D#`tSMH|vFlCjiuR7s4zkl_=Ud8v(o
zRLphKWRRMIxNIy1amwe|@?N0X@E=fQ;pOPg)ukZU%W1QthPbX8J>K{oAg${>j8l@!
zt|3ksQQ|~*3Y3YI6vc4nJjQUc;<*AKt4TY^dIH4YjCkG@cpaq8QbJxP?J?B$6n%+T
z*_TfjDtKy4+^|YIRMHkOp-AVD!Q7G}ux=qYG&4vn;*}-Ajs#f<9E{ojDFyy%gCG1U
z<b8>_B^^&O!#5PejGX(ms&#bdad2qOhQ8o1CvvWVLtar~#5CH2JyR9b-|#^mPDw|#
z37$jBi#{TdxrhpEXTu7Lm{A0!b)|rULC&v?V0Z4=?yg|ELtwjez;-8$?T#MX9T~Pe
z0_^DaWVfqN$K0&~NF2e&-#-2PLH9GJA?FO(&(Otkj97Z?hu1o*m`*QY+C2=zbSi{p
zt+@XL^MR`a!+P8hGXmcnOdlV+F@o;TVg{UnZF?8nHW|YX{6qe~VE@|rN;jr+O<ZaW
z#lunp40SLDhw~yWgcw6ZL3&PulNxl%b~OOh!l_RULr1Z67DFd;Fk=Iym4s%1|2y#C
zZ!vUSar^kXb9I8rS3GUD#rwFoMo(-A_tBDE33j9NU<aDrcO!(I%<r3HRW!t?_+8Am
zA&{5kVl1N3gRw{&#v%YH5@SvbKf!-Xk=tjZI}c&y|1||L-G9G*96Jcoi5&Nd9Q>8;
zD=R9v4znj6QudeF94_g2q#^iJ!|-w%omd(-w$XpU4*b6r|39T;^8f!&lr3c?`QB5h
zBj$f6^s#0`fB<>u5@^gN;Rm2$M~bRJBU8>Z;x=lO24I=kX}~!_np~PNb_C5n;ftjy
zSlWQ4vsg;%gt>bGOJy*0!Pu#ytDJX<T+hG1R$@iPy}uqy8?m$*OFv1h0N{-_?1v64
z{fwpEAO&asEOzE8u`~Y+JM-e0nfF^tfnG_Y+xh=>C+GzdEry^SW3f(i>zAfB`$}vm
zOa7Vye}DTwy1V|#5a<?}S@egat+wjS3tZMm=Z1%q)~aj)IbeMd0gWUZn+wtGL~mK4
zCzs%|<Lj&2lat%!8=7$XG*f@FakPMQnC;q{Tn~U+L3yDqoHkIC?OWx2i^Hv>&JpN^
z@`O##1kdTB1c-)np~%*`ZHqNn6%=JA;H4=CLBQ4$$Q<WI`XUETI2u*;C$mSawF13R
z)aGy+ebsO)1Wk5R3iklzzJ2=$_eHytD3?XX6;(p_?IV~E(SD92fGgD<783OwM-1=>
zdTrE~;hFVgstPwY8@UpnD0RfAJRp$kk?E*L$(qRLI-$4E7$(3Ls{nM~q~7)*M9x<d
zDVC)%t+rJ&;v6?M_ntscb^T3l8=?<_ULfl-kspV4l#K^V<|2wD$5S$N`%3C$g5IgD
z@C0aXC=L?n7krAFi;DNJthHJ!2eu7})+6CUHi;=ZNKn1F^+o?#&1c@w?Nh@~30(@(
z6H7cz&HR;0*ofPo^|lol2(%=UI{BVQP_H>3sAakn*tF7vGjJbQ_SQqz3y<8!3ksBG
z1DbQ*Ze+GD`uSc8SLEqoetnLOhTFsRKu>mIKVjE<g2!_?_Y_toja2Yb6o9w!TypC{
zWi}}@`_eKG)Uw)~)d@GXPFOkw6M7p|C0Hp^a(}fpIriX}&Y4G$6T?Ry9f&_+6MBe5
zxur8*q)WB~PlI~hmbTzPnQ8|i@de(TjL62}m(qyO1RZv{V^^&3^IqokzxT!|y`E#{
zu3#=d7B@+p;aWL%<u>b7)%^ZsKtY|%J#*ftLFe6B#f2#DGrjxga~z^?nlbRwd*HKV
z%_=RXeU`kHO>EC@P19M)9)D)M6OUPRnKpA!_6uuaD+i1y13&$<JLNSO=~0f4{I?jj
z7h}(u4p^h^R%`n_)x(RY_wYP|8`e!0*Y!SrChT;wUmQhbBGci~e9^KqO58vuQ>UZs
zfstdE@o1CG>lmeTaVCP3mzgu*Hrs7AL0c^sFLoXERuO(Z7=8Vf{RgicTK&fgWLwEv
z1^bsiO%_TtZ{`lhcYfxZN@yH`Zl|NNHjk|f#tbZwXgIAEaU<Z>iO9}&PTo`%Chy|e
zr1lYY`TG|4#9Kd#nb6Y_Czf^sDewC7CJGHnN3VSm^A<YG@l@MBl~-BkS?PhImLA$N
zSE}jK#y;u?l$n;d;(X_{_-!7E6l^QoQs8HLWF%-g@Wwf*&{z^M!nu-?anh9;<ERYX
zi63neUF<zA0-ijei{W-kp{N%)_5N2HgbqxR>oO&e^LXNww4VuBn1;PS0Awl0o(PRf
zCz@$;BI1Hd;yIsnRUC=bhg~w<;88L$Hk7&HIw<j`^a|P1eZ_%&T+ADzR|eiOo3n3b
z*6}1Nrku|jF5>X;JF=F^GOxPQmZF8|Q_L*!-nP?sp4T}VpV)hu+EZ2B$*Zi!O9Kz)
z=K1nNP;DD-W_<ga)*PV%wJ)$=<1%>_6LaeDi~VVn4$99Y%SI|Rl2+oaAuLO`RfwG^
zc$DG2iX0NW9A>c%>Br`|4arZ4kMSE7JWy4$czvC~v5PZSG=)mQh``C6_c=~=(>u!j
z4B~D`uQQG@l6Z{A(w>T$b}>P(iS2X0petT@i5+PkHJtt&xvw%(`Wg`(0Hp|YV@nxd
zH;;^rd&7lPS3Bm32o$aKudjEMR#F(yUL%pZKXrFR>_JrD7ga<-r*Slg<Ren`9`4EZ
z;t?sWGBs~iWio%3TgSLU#4oT~NG~yRNH`qgvzan09%>TXFfmlw!uw39@*(~CSt)#;
zg*Zr)ReLJqrC#?^aoU0-dBD)UI3ofQwK2LVPH)eYWy`@9h||e-zKF9VGX&~qPSBk=
zO&=*&xOK%=RXZ<J!DFBIOVO&x8ot{{iy%+jo_MAXyK%l}d!RXC^7&$h|NIBHH)hMD
ze1ca+aNJ9?KO`@ClJ}22l<ujqc#%hxBIT8L5b=3J%ZNL^jlb*I%nkBJU^C#BIfJ+a
zGuvmM_ZoeKo(HExrp27bUteR){PM69f8!mYlz$@czUu`yjz>-?^C@2{p(>n{H^bYv
z?l>Y<mLJP^tX%!r;G9wpOQ)|P!^#07z?~|SqphZ#3aZGx{4iDZiyT>e$qDEC9+?hz
z$XMwbZHP`YyCLe=+1fu|kZ}PX%H<`P9dxbpTYaf!$)GuKfP-1XhSIFpp-e=aGtp4i
zXDYg3SSCM*O+xU{MC^VMeM#+2eBM3}bz9#@^NHCx`R5cK1q)~vj>+aldAcZtd#dc~
z*Elsl^+*CYcGWS{`xfbWE+(h#S4VIib<OV69@TP_F<vnlw)(gwGZLS}0QeE^hu*pz
z{@8M9QJV2wG2#{UU^uQ@q=+f(Rbc8^Ma3b}<$ls*Q&BFIQN}P6eR@L2E;y1YhP~5i
zOUq^O7=in-<3~Dt9n~LqyxF%DYh?K-lLv9fgXCxtyUA$zLI1oOH|{fapM>5g4$8*$
z4aaK+%{du4v8EoiSUc-uz$6PquxGzC%Iw7}D(@H|G_38HAYdwNGvUh+Agdvma*rIW
zT7H}&k>Gwc#R!Qf6LAQ5N$j5XG3BuIiL1;pW(;=po9--97mu+fnq7A{$DvhJfv6wR
zzOxT`t3-dQ`Fw4mf(-xjFm^6MxOVkubedUo@U^20<PKTFhifH23{}(#0p}5)_aQP<
zCIzWJGGwM%-_;r?ztn&5qP+x3$;0A1Zf;HfPfE1ann|H&cr1NRl0bd>G%RxP1g>2f
zs`3#+rzv=ve|RX_g&Tr@Ts_fI;bqp#Q^Kz<@N8bCaBM~-BwQmaWUI&Z3OMosss3yr
zJn{?kgs23bO%!fq0PNl4`uT8Rl2-DFne=!?b)Blq8$FRg*Pb>L_k%XV$2eY$ZL+`K
zx5Ox{sgv4o!F;(gF_S)+P>|W<DP%2-vCO4A!J2-^U46Wzg+y3-6xO%IC_w3q;JZ%|
z{Jy6`GPv4NWxu?s2l51;l3@_DjJ%7{!zcRNB(22e{IAyIiUpS>B0f@~03QZp`yq+Y
zRR-^bKG_fa)SM1>cAxj-j>RTkOg_yjZNfS8dM5Avl8bmSvq;Pap-TuAd~2gdnFFnS
zKca|mtqT^N#S7KA8O`7F=CO#_yGL!ulE_dGKhfv*zMl$6ptW@RQf1Shnvj1aGM?MN
zP*nc?q{Zl{3qw}idviVBG#sGHe<Grs61mW45#65{{pEr6m6#C;%f?S#C_6b7y*yQ|
zLyak3a~!9PO*{-Pj@}B^Wwi433ANgC{xWyvc>Ub<<-QNcJf1<wyC>ymGB+jPuMx~&
zVaW7HJv=-re(Zp#8W|gfd6f4_erW<>m#K_%qz<uCxF4ydIqt%YI#>H80Mbp9{bVV3
zg*{>!S!frB3+!$uEM0i@#F;dy=1|+5fZ^ts@t345t`)8992|x|_iN0oQ#s;M2WRRJ
zx4%3w9aFX3xZtvR;C_tgaIv@!W$Oc04yCNo%B3yR!sAh<C+E~y8;9Z*g68(eU#Jk)
zdE-1Hk=c(!1#J|ADOYi*5}g2`@gqw#lrxC*S^;5iZiB!tO4XkZS)G&2n&_}G5h&Xr
ze(=um)f3e_UyzHjri4)t!ERjBTd^PO6!%{jvb#-Tqt=25J#tkb54sd9X-c{{v{i7u
zl_)gdnE=`yqgo2jZ|EP;rIrHxW_8+n9UgbFrkEcjHBqYUbX`Bn6CzU$MB6#pZf(a_
zEA&iqo76m$S1Gh>YO1rc7+||L+lC~aVB$We0xk-mK-+T47oIO884Z!A`BQpoUKTxN
zz8LCHy>v4A{vr>>bivzJF@gFk=i8i3YHu6Mul6Ls#XoRxIrg5lDW|xp5O+6Z?9}Ea
zJ8XNUQ?p+oP-<*Q7<yD(8o0}=STdmd)Si~7J5ue@$f+&5g$spLFI!v)4jB4%tg^{>
zNxjpaih^oeoA-q-UrJO7FLaVLC3JZ({q`yaV=nAcZw&c){F|~Dyp66ObRFQSQKt;=
zSjpy_aC{OtW5?HD-m%Y{rkV)PFQ$L(gxj!0zQ|fU?wwBb4dJpPt+)+9_>FcB8?F@9
zMC8-$*?puM+xqQg9<%<<w=N~5Y!E+59Js1CiE7-exAOH0d>`E_bt(-eX2TX`Rc*h~
zVbV(c<mEsDt(wdlzH)+&xJLR*JpW6+Nc91q6$0=*+OS*Kqj4WxIIDQ+OH+kjU2n&P
zplH}#+PCMN5p;{8xWksBO2C4UHKo!i^X1qJ%n@(m>BBW6WWqL^hq|)`s;V!oYqhH+
zM6?W=+;ICMAul-*X=3P*^wK+(L%w4!97l)Dt@+*N{<Fb{I$q3hq#7KN#D6?pHeedd
z$#Fn)D;;HzK6E}lK>EwEDbptA`{!6EZ>TAsF?J;p&nLfi7s8o0?ZN2@m>EYQC5MJ3
z49A4=->7~_ON~sf>@H`#vN(Jpi>=I!n&;KrI$z0i@Q2H|jr}jYq4Oe8GtxrRxc7Tr
z3@d&V;axcsq`yAfI<VkWAxsV*P5JoR_qxn>Qn|Vs>v@@&z_iZ`fTNe-W|OLTNVoRc
z_^qSw3aLpvGIY$-E~LKPP6G(zhO9hfugc$`%S^jrh6?o-huEgn9@gRrJS-DwKr)(s
zF-p(i;N^k9YEJbCxiRh_apsHlhdXE@DfI0=+@uc&-|4KT@;*<?IrNUj7dF0UI&hKX
zCAS#aRo;unP4RC?q3VKo?}+e-r58<H-mJ<ZsHx|hx0V{)@KA1r3+E&N-PjwV4L8Lc
z*$H%L(>X+zDX8O*k$zz()IXQ=!aM7oKKxQMh3?zQ>Ckf5@!BhHr|)^P+rV?KbzMNk
zq&}y*`^=9Kd9$vrXB2^_TTX6V@tk;4mh@J|vL0@DrG9TtyytAS38}hURLpJLTgOhg
z1I=3{%R*t|9D&m!I>z+5YC!9;yQNN-s<`AIS2R5rcfNxffRqq*3r=1|ZQfHjO)G0;
zkXAUnQq5>2n1QB$5Lt4*4&@evTFu~FJiAQu@m#JXZDz*7UYFS>m>h>j)0xJ|V<?XO
zK0)5b_vfNJV~Q$Qcqm3~t@e%K+M^btI^E3zx{&<b%~`K6kES2E;~E5PulB$3yYi8(
z|E@weOVR(=)muil(F9$>hS-idmYFeTW_HZX95XXxOo~ZnW{6{%nVFfHnVFd#e}3LQ
zyL-N!A2T{vt?C)gNL_VrRksV-B{^%L#(AWFyW>FZ%;CR<T>m7EM;cbsK>g-(%`2#|
z1mb6zp9>)bX!j(e&YII)`at~=59h^*5lt7hkF09E`z4&y-b<r*N7{PW70d%k>b5xQ
zs9)VOYkbl1^K%bGAQ4I<$2>Mw5bOG2Tsau1c>UMal|XuR^$uT1q`_W(9dn@WUtCwn
zvFDR=r2zRiBDq`Pww?Mze5>>)Y^3`N59OS6kFe(Vl5e|yY}3($y+In7I?@;ANcmNN
zXUSds)gHUzRR-xrn@`s_A{RE5LRVmJT2<xN;S2AibNI1EOXgyKYvGUK>2`#iBS^ym
zuLGNB;}@w3^)lrrU;5Xb7(v%N#A7k+c_D%ETTj=Z!&*k^A8(<(r%+?s(h|US=<?cP
z$zBR8P;fWA&cBCahmW@y#gD^Tp^t~tLg3r8(8s?;`c7K=+tpRs=8kyHlNPPw`ICc}
z6H%w!<o@{=TGbS6Z0vpjqrs+rTW1sS#nbm%a8jAz;KaPXL$`C)UHuu|nl|}FQa$41
zCCV1H!*u5f?9M$w2-`&b+_SuBoogjBCZn_B#~6YNv4oa1ZcJA6Bdul2G-JUjYUWXp
z>dobt5h6DT`S5_sG+s!7vF9TdL$nT22nC&<&@%VkY1<^CCL5d=&iswv{ZRtwNgS3Y
z9RG$0#U-@<(O8`HG!Lf}2Bem)^gYZG6NdED`loh|&fL}GBKcT#sKL3xp;eC?8Fn)q
ze1M=ex%J-E5=SyAo~w`B#u}js&wFY-6m1DcHv9>UWTE|>>G#f5P{(Xl57y`X-}_Cx
z3R5e0#+Q3=|6mg5U*>+mCYv-c#|?=tJ~rX&P_yTPex<HY+p}kciqPbTAxLB<%!y0^
z<0yil{adaV1$;U&!wYOSPjwEqKM{^mj><ZW=&zGXl(bFo42_dPt}GgI_e#I>%Ty(;
zSZXYC*X7x9xlErvGe+@7Woz=ukvTQT`SCJ|^tV}!!5_~^k(aI8u&0wi1{H;RTm;$6
zM}mzl5yF<cv7exo8HVt=tsEYPABYqc1Q-gtFwBZbN^Z`|X4Gu&cG&Z^$BIJe)D;UQ
zi~%>`PfGo9V@JE>$Ti=1aWV$y&>=t=qJfj&1vWKLv3#OHdEA`fid;>Sb5Xk3PWOlw
zLM>o>U0zlx!IH<R*y<0k|2^NEC`%G*cQ8&uicNlTIN@$q4umj2_?V|&Dcfkh&A?vg
z5?3H_z7bQj-r9Br2z^~R+Bzre*VHPO@gAJg&#r<l>hm?Tfb53;qolR+o=@6c#$Fg=
zv2%0aMIyIrkNCkU(W@E7b<utxa0e?05hy&e<3I6FD@#7{1^+9Mlo6L!5vaORWlGH}
zpk5k=`)2s9O}EB;Sjqb(|8oVxf2D!${>0FHNx|L3*blQBjr+@LC7sTteKU-C=bfh1
zChwFC%rc2_3|%p??R79c!tK})XuFiDf#+7Vb>B_yXT&{Mi*JMf>YQ=^lD`8m;D&2o
z7JKpi6KDxFzB%auo;FtgrTl|jZs=8}h*+nGh3P2%_sxGr;E5(@bwptf0k4eB7)B0F
zi=1|8TNRr(!dte3qkup#!d66qo+bZg?4nfoLMJ=G0h?Su9_jkKWYU@58S{4p!T_H)
zdg&}eB)6K!t??v{Z*~>w3TifCPMa;VVK4eMGt+`lbyoN7z=5Aw{aVdN&Ja^aGDszK
z6#5F0QyC3c+T~+pHD$~=_Uy3x6sX#MW%fW}%?`jDwJkf64lZH^cU&*-AywS1iOZY@
zEIGCy!tT&pkC@1w<YM#>{^9fHy`q}-#tBZw^1EpPyqo7WOaPHkym*!EA*YS5W5?|6
zxIW!$jcHK}@IC&{ODk8B6>WCfWI@-KpoC$9a{PUM{!cOzOsmC4k4CwAY35&B=Vf#8
z`|qWf{;bjfQlXMOBK)~u5Llbze@URf^ip!2pdo?VpTc0;umo(&%gRAITXx)unp&MG
zp~GjhjuUXfe?YFEUc<u!wU6PyI?rM11+I4T)E^O+K&)|tJcMyZ+>_tvyqX$i`-kF;
zHefg%$El8VDfZr?II=v+-dvH&^~@6yBa9j&oSV9|g$7Vs)v|jaL`W$1jHWP%KPoaC
zLDJ%V<doG|aqveI;8wFdfsltaF(-6r=jt)^&#RNzGwSz@cv6lx{fu~G<ov`({)48k
zaS+c=Ksjrh3R9E?5|~J^3NJH+e~&CGYhEZ6&Lg(L4^3oy;;{DtCA#+vX$J<Lk`f@_
z)tl4~*O$o{(h1ehz|R?8O`mvcEuI*E24AP6-_?zVfW^F(SLrKsuW$kZe|&$d$Hgm%
zPEdZPXHxb7oJcdMr~Rb!Ya-_tW71hT<g{bzfR8RX=9Chl;P;bgxey-_fPm0Q9iI%#
z8YFUMk+Y=8j%2*X3~!<8QwBdLZb{yyh;Rh2bh`7f688If-g7dN`sAiWy2G&2<Xd^{
z^)6Ln#!IMoir7d@<e9y53+`k9V*S8xA4vB+Cab^hUPDT=Z#MUb%~GRT4MR-3!Yd9J
zK$3Ie&EvD#$`6KrAb9(q%i{JwO9Z!XfT3#7cU_Lm6jEnzUq_uP6}W}K%q$rALeax1
zNb7FnFo!V$@jBH@{7bD_ws4=3;{wV=6{><%8I9!5wxmn+Bb}paYpR|Tf;okRU(jK`
zNlMU245V+ZSqfO~sVu{HvZ8y!+O+XIaQbRjP!-jS+rB^BeTyGP;&kDUkO^{QEClY0
z6(s~!3=BegvZC;GT^<~n(1nXnyK;F9jx69qmlfmdU-417_(>Fu{M34p3|&3TVI}G}
z&yZ-Ak{lJiQkPTl>!J2Qu<jF*8MPh%K*t&OHYF*m1)ty~Tq}w|S8zj>c9A;<u+|N?
zw{`<1dfw5#*)fdlX~RiA>pXwDSB`V;Q7kPh2A3RslPfp)0PaGj(kwff@^TrF?IZ)U
zT1ee)cQTQ8aJ^xZ9`U^4Vt?_f-j%G>U&Np=^m9FZiqtPh1faUa->>9n_D#lw5#~?Y
z`-1XI9H20H%r}hz$S`lVJ!fG+!cIiHhL4;F(eM#SlX|x@W!_(z=3G@X%8#BPwt~6Y
z@1XQUwBBzs$KprvsACh9R(?=<A{_a@0D7xBNVd4OC1$Jh?CpFR$-jDrbbyRkWwmEM
zeO|gOD_O}7KeOaJ_#sme+fV4KHCT`DPHmy~n7V4F#7$r>&M$r$TU?U^=_a8mAX!X_
z)ne5R^5EiF=2(d}qnboe@`DjmeB_LG25BC!US&+Qzhh_o$t!Fzr55klRK`)gukr;1
zE3=6Ec#i+F&HFZ*p@fFBkjz9OWJ)dBv6#}t8n9pT^KNQ}a5yF0kUBz>fK-^75??ef
z8=M=SUKZDET7)j>E?d+C#6rM_OrNWz0tIXjKAOzM&(_<uSwsXq2q+^*zKRMjAV<oj
zi?e**Y(l|eNo|h(BE}4Hiy`(p7B5~61i!46W#l3(!y+O<S4NOKcB+PQJmIhsw9jV^
zeBIjIfIDyD^%XfODgp^ot}5m=|6Ixr5=_L*AfZsp^}~E+N|_k2MPMYA%l{HTOU!A_
z)CL5W;!2X_(_p{WnuUJsY&L!L&q7$`2v^&pQb@}B<P(I#MgDY+<lr<k3hbl!C>PwY
zX^3ouz}XUH|5=MPabfBE8g_h2q3hRope~)SIy^fZxxp<k_yyoStkm;*PPb^lI(HLY
zq{|{-wY^@^!UzdWOlXwV4P?R%ckT3tg$+w*lI;;~wM_o1{hGa!{xgKBQ>gzu5OMad
z$ypQI-sz~n*K0Jfb}t^x|L6+wq{kcgTbEUBB`Y8-Ysbxow)$MNhx0%opLRu$b#5Rl
zC*zn8*;#>tx}(mD%Njy&XC+*n?$qZrulzk%yY5S*%I$C9NppQ_TZ%1=pRM&meeD-i
zf@bBO3fy=&nouP5vIG*w-}rPhLaxI~{V&Z<Z@&TOc=;>yO=ewH;#<P{Uo@!T`E!oe
zg@rn{0MvjYW>N5IwYzL6mozfC*)-qy-J1DrXqv9;DwnYmqBpDsDY#Ojs>Xp1UTuE2
z)EV(Ku-*`86s0jFqG3$qRT@-0N`)bA3F#Jh(%WWAE%zSow>M}J9T;{JLYId4v?Zex
zVX#jjxlShyiJXFDR%o!{U*?+YrgzuiV*T%mb&UB=v-^;diFmL5C+z4987Itw!6Qb*
zFQfgt<NK+EifCjXf#C%l8M(hIwU$2wZ%^a0d9IUz;M2l(d@r=5nT4yVyhkc3EEl}G
zepj5q2q%7<D$e>oIXveKqasX!6fp@8v$BSL-4ww{oX)tuffxkB9#DizDQ{Uv0F26Y
z(WAb+4Im<dI9VtpWE6(CfT}SUHpUxq!Xoq8wA67&&HGj5JEUwmXiw>J`gj#XXy$IG
z#tRylKtOjS@^L8YJ1)M7am1Ce#$7og#fc@P;@&av0=@k6?P%=+cXHy^3hLL%7h~$j
zOjm_1ml+@74R~9F3wWaE{W*A(cMh7~w|Fq?ozLwRyyv!}7o3Z+3*>?l2M0B@X-7J=
z+(JQjrX>KK3J-fO5*%U(9-a#M+SD^kn)VmiK!i)neyJ0qoX@j*=c&N8S}XngZD@IM
z)t6Eh08$^rlffw0PtZ*Ucirk%dq2?o^6W@1X|Q&lW?V_`A$&4U*H^o0ld{KxLmXLc
zJyQ%wkz>!lS|jf9dM)7M5Hy{HH|VZSU$Bk_RtokQKA%dUpZu<t`l}CvZS;08I1bpw
zT8jCLeo{%~ML{6Ud(LB=vjh}O&y)WW4-UF>V$NA@C^(h*nYkSg_Pi6UNTAi%XH|>x
z<Dl>}J)Vz!n$Fb}-H|lXM-C(QT@JwrjQL!aLhVgztduXD_}-I&0wgj~3F-?IC*Y3}
z4$5u*9GeD-RA_Th`DxlDdiDmX5rFjrQ{@X8tCowXZX3PFSJ{Hl1yL@g`H!?h4Nedh
zquZ%^kNYMJZwxH?@D3#48xztH?*{jtMsKGN3PFX$JQei=0nzz_aS@vEqVzePB;?}&
zlQaYXiBJIR82{zZVX3cgOG6odlxkIs1e>;-Pu8OP3=aw^s8B`2_DLNbqJR?~DXkhS
z^l()L0l}a8$NC6A<?9p92pzG2{nMI_2XFH3Z#Um&%A^HG+;BR{-=#BUB13(78k66e
z8xsz9A3~Grc(M5$NHcyD=aVW>9Skm45v`ZbuwN+k%pa;|P_eXYoz#!~y-{K4dCs8i
zD_JxXo^<qkgTtacGFk3=tp>hX!JFvKJI8BXqL@%<d+o%7t8OqdPQ*6HY&g1V_-D}v
zu*-!m24oU~Z6n0XiJUN~RUVJx!Ra?&K1xD1`YDib&i+(*_q8$&;pc1X<=+w~1Ko+C
zfveRD5d0DK6CdIl<DC^*%}&9$bPli99KW!aqu)HS>kN?u;V6Gq>Ht++C*eev@c^h)
z0NBwq3E_h>R+w;3iD&{>+?N%)kc6=t+mTW4`jxd#A>d2M)7^(3v?s#uma9Oqr?9Y5
zQGVN@RTtz}zN=kbiD5k_;V5s-+4xIbT6!Sc(Oc+>G+YU(E)Nl1g5z@>D;#XKX)D#?
zqXhO4uZDdw-WSsVU7&x&Dxpq**hGvop?EZnV(Jg8Y7BQHN77rfYC<c*7b5(wVANC%
z2li&Lvl>uv0ZK}mdEK<sblJ{Hq!)R|sMOjvRYUtP07O3#=us^0=CgArIrOk4ITzg^
z>Bwy#Nn>uuYAq6H`8-{0F({OsDVmSwOr}NJ=9#$d8Ush?4W$0ZH-1e8>Fn(G-4$$5
zgy^61r`ejXeSjhALP{fGR#H{NWFVH%M?6r6ljB!77~vj`YpG(5Xg%c3Q$3OP>oW`I
zPytE*h^*Cge?46oyTa17el1qDx@lG~g@PrLU)iT}-oDO7fF%A~)R*Veb$91@^k`}7
zfpS+aEBc}t57e7SGAn~O6;w^>>yLRS7!01ECF!OTLt|5`SMX0+@_0*~nD7dK6LI=Q
zprH=H67plaWYbgkJ;Y?_g-YWkzztXLJom>I#XbG=jMd2QVa`)uB5nCrG#1xU%PJ5N
z1&+K&p#|F8uP7wmz)KH*yJuEwFLy03?Ev5;COA?I1C{2yQbO+67wTSQzpebnRMU>v
zXHBeAz{zg4kliNYXY7IJ<DvOEW+!_I+v8G(>_@W9n;D8?8~mR(r(;?)Cg9#SJJ_HT
zmLGY6ag1SD6eVEbNk|n1Z5ZE={ax!^<RSP1wt)n_ofOHfIwtZZ6v=D$b9DI2D9J#P
zn6JeRMB{H-hDj?Olz{VQlcx;>+dkOabgc<tE@0AKpXMfDpP6H<b&YCujWDbfLrnH(
zNLX%DtK%OPla&dTY(S71gjf5Ydzg*sVTr)XITZGPXI6lHG&j=qghARZ2I0SD>vB~@
zG22T$;nTxzD}{_|5+v0Ya@Y?%fxD$~jB$2>V}rPgIeTJ#S-3m-D^2&qF&D>-n2gA7
zB+`AEmP?JoV_{%IaRQI*D!u8olW;KOL-hP%`O>Exr@GM3oW7RW^MGvMf!KPH9;QHA
zl^7r=*kN3h?u+oyy23vP1@Y)PhjNDQQX$&suiA$Yq(<52rC$wL^)vUuPp#Vy^>hT@
z?<Nk|p^S|zgmY8suF++6heU>Mhf+y<-GzfM9#|4=sTmU+6=`sZHIZN%J*tqMj<3JW
zuw2d}PeS`gy>fL@G+l>-OCEi$aY6!dexmPtxS^#dhz-TGjiZgM%qe2VYoB#B<)e1w
z7kh2>gkAQIY>SxvFCDJS(WjISSkvImDaDCS^^juP|A74MW9K)FtjNCD>xP8M=jEzB
zp~(#fwn<0&Nb9o>^iwmUKL*v$ecur4v6#F?A%^HQ3~)Afnq}|S?ZIxn$22d1B|FUW
z&Tm~;Ljh1wnIF6@(J0-U^NlKNvwQA9ng|&Es{s%Jd3M%)ziv9o&|R4Tb>RcObCG1e
z_Gvi+D1>J2ZG#NMwtwsKcicW7wXVGf4RzCLSnr8WOxd@eDiiMbNt5kJrprKQdVH5%
z(_DS7otr(R1GVf-c86R2hP(M9o%gmh3nt}RoSnOGfuWp#n3!&_@?^AH5TpVd%!jkv
z;FN?CE0!*I0guU3h^4)Nbf%f9)7NocTX?*5QR8Mj7%Ndeu>?g(^DV0^9_~eFq00_v
z^zBy67#n`MEF((Zt<;f!hRDtY6+;GMTHDkMuXmX@soOtqme?a#;6%)mPyg5o9f);p
zld|?99Bla5I9}FnTr}c4@gLl>X2A3x?D)89zM#*Nc;yG2{SOb=Fd+XAA9=JHfeUIH
z)e<o(qz>(yT?=qUVoQVvHe6Plidei6*Z4ePiuPX}VpDnY^|%o4^6%KiudQK<5?<&2
z5M@xOAY-<bHhp`Vx1qFKR4kwm`$JsowLmSnmC>`%mB(ufb122&me1E3x~Ngm<(%6f
zjejVE#4&2XhG(p8R4*~@GX0QWDkfQBQ|3CcS%#}&j>mWTGteI1Z|{tQ0ga)~k^LzB
z2eM?4tId^(b7eWvK0%lLbhi3g1rBX#r+Z3EH54Hb=K$l4(-it@_je^N9xPwJzEHDz
zPNgrwYYJ15@E;8FZl%e09vOcfk(#3$Ows&Dm)rcy2;mM8J=<K=M>>%Qi0o$a{>&C%
zQIOAsngYl>)c@uT<}J2bgb{^&MmN7`k|*Cw2<O&gNels^@cbyR()XIvkY?4v8R`2w
z)mjOxQ^B$B`wQ_;UUo&FW$u@S>g8j2lI7bl^uF7^Z{-9f<7D;HHKwTV3p%JLgJ7O{
zt{7MW5A|0*-wP@KDA)8Pu&lOd5j}Am;nSC&Z4&#WZFsqerh<+@MZ0Lug#*sSCela%
zN}&sP>hOgXR$oIuNi_ysbRk&xqKq9#OD~|owTWto<M{w4$^>yFy{=lp6&mtWf0GW`
zJjy@f8ptOWO5V+$KVF3|0yraG#9~KL!t)KTUrFiu9}mrUq0dlAr67BYs<3P~<L9El
z6R%D8@?ULE$a<C5-WlR&a7OBg@q*P2+*`U`oCzX^w>nVu0qjMwS$W^f+2$-1$A1E$
z04DN&k`}WpbJi(dQz9c*I{DG_-FD`GZ3}6YX>9f-#Ag+;f(MvjTzW?8PqK6q?`7=v
z+c_C@*Y9c=Rxl>7miyK{N+-fLP3H}t+dk`OKlsLxcr)C+KV{JqvpWtP?$&*X%G&xm
zJ-CCHKa16A6h*HW{p4Kj%M&AOh)uvV(`$kZ8fIi69qDOP&C3)nVrG>vOGJ>IIZ*di
z?ael*{j0c`S@BQax8LA9Zv?5&Ax+_yvT8!yF7!C8Ux!7yUvXI7iZhLlBeED5A)<?`
zykX>6xt})6Xyd2qgZ-)#+k9uxiKl&zzMl`!+gFq_F-xBQ-%$X5mwdL3G%T=(c@79P
z9|Pe4bv0Xq2w*|9SKyg=M-RjL<pK`%*)TUNA}G1)lTp5Hl<B#4dT$Eg(~aVgRlAq6
z`i>{&9f{dce1UWK)Vw-RCkA40e{)H)%%09NgE^a4_C(ZcJqH5Ej^aG6@JT3`{mr#0
zH?z)}w{{3NLBIpaZ8JvE7|2fy%KG_5M%Vb>Gt!j(-F)?q;@YC<M8RYp6G6P>IQzS!
zer^0O#s21=RJe2%-M{iXzLgRWw(7X2xbYCF&N-r#5mvl<$4nF4X*o#>2uj=0ySwoH
zha0Xlu;g>@(~iyU+B;yrX)+`M@kyLLg~@bQwTel~(SPQ<iNw%ebU>)7=yYaNy0^)E
z;les7hYPk%<u#SP$xP)oAMj}fhxp~aiDAEUWkTp=e*_T`(F5iZraSY^`zAPst?|Ja
z)jMg=4z=tD_g_GEtUgyr-=lyN7&EyL!D~i~4Q7AmVa|%C4=H#-vugE0{wcxh!O@qq
z{`MWL-4ime#Y;~o2efB<yI*!79oW?zoDj16xj%DR_H@3eXy5kF;#{N9@$Y+a;{CxO
zB7mb%wWh#B0P`ch^SzaX+o;BfxdM^ih2z%8Q$>1`(QhKV%KAmfq`h~~Y9RK5;Jj|Z
zu!GL_P4(D!>7fX^(<a(^ulj8kPaN(#*UXBI3y;bTLtzB6$<UmdPcRYAgSS2ZI08DQ
zFR?9_B#j6(9?`+=(CRXnqpgjnHl|`1T-{ccl8cJix;QK$5N32Zc=0H)e{-@se=h0O
zxh3!DzUCI_^xQi4ec?wldPkp*NMo%E#iP`=GIUC20~9rI@ASv|A_A-nKWuALo0z<H
zj{HP_cos`F!Bb6{(rZIX)yo2Gc584+8D$8}zb7Vwt}V+D#VQ(iY*CmSE<W~F!3>mV
zM9Jqacn=w}-G|oe=n0mop=dBZS^DSV?Yj@Xa9&lnyV@P<pb<Oa3f2rY{PR6?&vmaD
z84;ce8;~<_KTB@7$Mc4J0nbhH4NP;8OM?GXqQdZ#`uWEdyY-8>NIw495Y`reqRWkt
zrU)?}!JuM@gOF(Af8w2JGh#Tb{F%5mD~Aud*{cM(GB&XD@WJyL6<+eX6dw8aPxiCX
z<oZ;~%=Q5aw2XM?;d_*93H$^X2JF>M&O)aj3CdEs8li}QMx^@yxiaKf!a1T%p(1)+
zUo?{ABW{vv7E{VE<S>>EwTSF}R}$rK-E2_6NNn9ic7zTLvh%KF@ZQs^xID8OrsAn7
z0LQ`o=55$CW<pRC8J=Ox6|KPr6u;%-@Ct7+iUiXMo$ReSBm70G#l1A*A1j?XU5~tU
z$OuwWr)mIDh6-=kOuO5i=hm-{zT++(EcJ99c52O$3xree3Goy)I!TISP}ulW9EsZ?
zxiR}&y174U^jyZ2?oR|znFy26WOI=7RxpX#Jix$}i1UDJXN#-3sinDJ$}<O&o24>{
z2A$xU=!Cs_P)8)X%1ACcW<tV1EWbtL@Zr1aQL7=)zIR%})N~2Yar#80-bxS?WW6^D
zNf;T+{OMyu9x1e(6-sPopm4@4*#6X3pQxpuUTnJ-{yCARTT*BK%qX=!MPKARL!<qD
zYQ7de>5>@PcHhK8?pGm|lP0dC!))uU+);lElNsHD3?|NyXck1KymO}A+vW1y;G?Kn
z)a^6ybOaN6vMO8o;nCnT*Ris*trP(OE9(AeDwML^q88(&?xpB&t?D9Lfm;F;Lba^c
zJX~Q>*K{rprAng0{?l$=1f@_HsIIpedOlk+4+B!+jtl&zywlr~bwa>xRo>|d*!kM-
z4TDG5F8077%5kMlU#C;hHXsT|hwU?-`O6e|Vf`=hh}^j7T|Uz`shh0ZKMQl@1X&K&
zbGR|=Yg7QHL1`Vzp=AF?9*oS`z-IbJ{IWWdc(=g{)b^5U3eE*HnleGjz$i|8>sN<f
z!&3xC46D9BU|nu6%tCcxsFy9*v49_`@l%;yYW3%DGSy!dhF4qzQ<K@8%@kTsab&`P
zo#U}-6p@$6NwaeNpqt&Z^ibkX(?zj2oKsk7?Q;>*_5dr^ck?10zq-!eleFHH`kFpo
z^s8JIz9`a=wepil(%2TYS;MAb%6R{NZp*9qF9BfPXQB=5qxXx_4%>1}VZAZM0}9`2
zo6nyKlU^^#X^Y$+TfS6DO*J<<6O|O0X#8SM+BYhNAv%B4j)oR46w}c;#}Q2|oVgrR
z{!_FvM``G;hLBe%LEI=9O4khy&p%*H>DOB#*#iZ?pO`%=5$Jjq-DC#mB<!!E;72<6
z?TKQK<Tk5A!>&r3@`AooGj8h%jj3}GwA+XDI!@IW1+QxF+wymiQunRujfWqo%Xnqz
z?##z4wyxs{?0Jv2#q?uG&M=%md7J2A+%VyMx+0mXZucVVo=$4bWYeR1Zo?_bxYWTU
zRWaHvX&Jw-5>O;pzR5Mu)nPr&fNDMnaw$|n0s#){PaFrr;379v&o6GRmVU6xfW*Sb
zm}unv9^=2DgP;zXxNdPr(guO7ggW0x?K6IvX>40!;PIyx<2$6ih}z|#4JlpubaZ-k
zrKPCAFEGM~6O;3b;kCh>gc?A$4e@Vt#V<Xf<>Uo10+H}0AO<-wRpEZho!rqy^SykO
z0@G~a{U|Ie-q{t6WHnCO52(WhFaEK-ub{smL}mre5G`7ua|)Sd;Pe1<QJA?tnI7xg
zo!+HuG5afmz-3khczR0orD2mXYWwLEj`qmwU8#yAF}136A=v^yg74FXHZ!hBT2+%Q
zPT#Hd!MN$PTm4GpzKmN*t$}5Ce!G%^1%iq1+{Lb@Z%s;N?brd0=SW0hA;cfQ0uclj
zkvJwiTHsYV^*nV_{PKWZN=-iWsBYO;PR9{MA;yD#4iVQ}%D<t#I8wFia?`;I&$80p
zTYSGaIir@Zv6hW55n!2&PogY7YJ0i(^XTF<rwIP$QoQ)%NjV9Idb27Afv=wN%M7>(
z+$M&1f?7b^4y_FydzMCeWqm8iI;)k|H9qs>%U`ApG#WH1Uzvdp69tj~?&F-u#7eN*
z|1^h!oZFVKhA!J8jN<%BSGw-<-2Z0O4rc+q^D>uaF^&`a6p3P%L<J6{mnMwe4O^(n
z&t|<I#8ZbUcf|V51C7eWkr(}4(^q^WR97iJlVY_dk*`HCqgk=+e=wQCx1uGtlR-L@
z{g{M|jL*3xnLY+yO~|%a>4X)BT$>vP6jTmppW|yF9Cu*0XjrE>>89lje#5%_3=7Xi
zgiXE&3!ZKzE|pr5K354@MDL0+nJgKvzweEMh(A@|R-TNi7n;%eDn&cxe&n%?yz%fP
zub1lak{SF$e^!6l9b?%tN<A$8MXlRfQN%$|pgLqHLm_a--d>BQlsNdP)})O*QLHbC
zhtNq!Q7ogh;BrThy?>MPbbYN#MVIQuB?g|c2O3V$S}P;H4Arq$=C?pF!{-8ozDz#H
z`9ZNs$uEoAX4+vzmyg@u(x7xL+?f+j{0+a?`aua&6;rJCU~+u7npien_<R2qMbvdf
z7cNST<w_TbM?}?di@D`w%=>x;`od&n$0HC=>g2S;=U}Gnh{66h;6|9@Hzh_yRBLvh
znOXHhK0=rdg_6S9e%eL`qETyM0rCqGg@gi<IkAbOOJ-t~ORsXH5AkeM(O$W;v{_9Z
z;@&!)fwkD-4n^24J_v9KH+X9A6lQfWf;#&5T2&fYlqogtf)5g!dh|kT(J1G8+O&fh
z>$85T!Dta#wOQ}s3&3XUnEZ8QCpjRqo+&RZP;S<;aL3$nzL2UgCJTtYO$X1sWcK!C
z0S=rvk<+N0uFZu^njke^x>a&B@<`_KHCB#an?x><z2<F}`$b<9Aa2Y>$bVF8%rsA7
zgFS(m;Yy9Xiq6q4iIPHVQJy^Rxw9M*oWn|;;e8_+DDCPoH<VH?E;jjk%qe<Bcz$rM
z=9()wY?5SV)G2;YDvw4KVjF6fk7E_5EQtom_FXwUlwmPk;4~!xRY)|gNNf>!0wm*e
zK#hhy4nnSKzD!}ew@CL)Ms0D15Oh5=RxprJ<a~VnaQL4FsAZojm9i!amz0c>Is~L7
zUPIcWl>6rBYxLxGXj0&^Z_hmvr>MwSPUB5%^OG80LJF}UDF&+<?rdOCx{%sv%~1_U
z$TWdHm7B@1pg}-OA2TX~^uD>a;_e07_T!*C+%7?tdZK_r;nU5{p}%~=eDeuj(E@su
zWXt5QWy+(s#mc`b;Io3l!7GjUB1KCmVl{a>sl<~%AU2#jskA7r77eHHlRBJwmCC(0
zfgW3cZ{jWicMr&-$LG1f1UWV9ZR@KmB9a(7n@;qN<w72kc^LsuP@mCz=?_Ce9pvQ8
zmE*7kYMh&|KdP->NN|WnX{1PytbkDNl5lfyyMFk}y-W^~q?j8HIJ6o<xwu<@`S5Mm
z3_ca4`6BXXc#C>zfqo^H7jfpN>rm)b%&-9BG#uKlm%2Cjk|%`Ef9C|xXj1WgKI8`j
zKp=O<)s6l-;ZdB1+rqvjb(~IA01=M)N%#>sgJxKFzo_htyLq-EgWxLR2hfuhT6gt=
zmQF1NTV(#%>l{TCo8Mj6bEk;ISK@^zNy*yLA>1;EwP6Jzko7>~sk;^?Skoqw2h8l8
z$b=&5!j&Bm)RQ1AhNGhLeb62!96%nR^){Q~q7cHtun-L{yILYA#VOR2o?#nQ7JkA#
zh~+nWY9{!G)q;~5(5ICy3=CO9_WuQLruZX)^xe-RIY9ipk9;cxj>m;6A?I}3NhKY*
zSP<B&yzc?`NyO62qqI6&w=jyPZR#2Bf>$rQ=Kg3QzgUwyppp_)2#JEUx7}JUE$`k^
z2N}KAz+f1J^V})}m=rLCBL%5Km}NHEwc2N@CL0E{;6TNjFv}SkkoIdNwjZX-`morU
zZ9o^wcB^5uwTo1Tg_k1?r3j)4r%Ovs+HG`lzEaEzA%21aAR5p;)$F+_w+AcXIKsj$
zs=h@{jJ<<dBYcktyGvosIG?p!^nggnsW}>s>r8=@g)zv$;JGrDIFh!uVb>BX?(a`^
zEwV%<W^g*`TcU;q6ooXTrvOcm_-vj@zhv)8yGAc#8Lh+>c>+@7YJ%k=(<9aPs0Uv~
zDENm%*#csPlj#7EIv+#BzTF9YTPN*atkPefrh_dWiBH|6#Ahpi<HE0heS!tT@hbe4
z+f=xqn!e2gTvPD4rI}M#L@-mP@lineWo`|{S5aqKYa9IoT7*@6Blc?p`CI-;D?4ET
zbdfodKFu25P=x)Z@}>SHn!uU9-&-_xxZ;#None<PEgo}asVIzc8P-BI7Vug5caw8V
z7_!54Ik0|`8(mSLHm#vfpWz7PqI(5VMR=lNWU=qK4fHb5O)oc!_Q$ZEy=dyE61t4a
z;J6Q>C#&oOACi+`&nR}LTQlg)8bvDP6s!GpG*l`>;*Z^s*?m@*rJpp~C}@M5D|$3-
z$m3Wk5c}I3sJ-?-!jWsZBem5N*)Efl0#1YaqjRL7G=dYU>vS|qN)w9rj$OIuzrsO;
z!4Ec;?P*Y%1JX+c@sQD-SAv`d5}3G21VyVIILj%3Cg%>?#YIFz%c?OoBB)|xi9;GC
zmhyhsAK^;Kr~|uNjd4UFZ`46t?xhIwT6&uqd@ZM*@i1Jl)tby!k|*vgy3|Sq8Djkj
z!e#pwHz{m;NFJ@howKym8(H$pu4`&nYt78R_|-v*N;9-L`d4^vc|M~u4RdT<hRjvA
zMoVWv&c!Y}(?BRx<SCB#ucax~!;D`v((}9T-~+t0rDh3xEvN$QuVv_ugRlFq7%MGL
z%qEPJ9j?$BHa`Y$LiQ)GPx`$*f^CVj=*bbTXPo#O31H-RXD$@}*fHR@a^w;AE4N@s
z+nTgo#|C`qPGSgRLrBq=4lo?Tif33+`+%1O%Fi^y4aZuH{ZL4LfoA^x``3#|j3&r0
z44Y7SlNIAr276hlE1B`-z<>^zbQKCzaPHWr=6snktkQ{o$@Wkn{DCAc)b1k`7DN^7
zSsvNXAjvbu)!iR!`qY-iec^NG%ts?l%#h({cB|p-6oIpRj#43=GpbB}XKLNA422;K
z^n_uPbWvpe$1~!SwLx>ZgIYRcyU`puQ^C<h-&Tt0H*n+Yel4h@Z;q<-$Dv=qwn1wb
ztE{MlJ_zf10cVWhs<?j1CNCv0*N@6|?vr4F=-s%lb}i8BGb3#S=}**Q27rGTwrEz=
zH8A#wexR!$c}F|{Nf4Vzvf@LN5u+dg9x^BHMM9GJS>Pe^86l(Mp(@&6lc6$-g2x3)
zbEmM9TTlceF7UF%AVYo{xR+y~Ach4{sd7u`x344_^hjIsOZO`4Um)uNFcq2l$}n&i
zJnJK>wz{b?yelaOx;AP66G4hrW}JByTvy6ZzS?Gb@n?tnxvwzEfbajs>FdA~+nKb<
zyL?4$CI}f6=o{&><Y!02on!Av!=U!FjaaY4&&QX`7yAN(sezd>j-4j^ca=|rh(J$>
zby*OWiiOGhm`Kt}lC~lel4<@L4{^u!6<jTS`v)cdDEF#L){Y}zMr`3ELRPPs4HY8b
zBFCX`Bh;Pu=oLn_Kd-G#D;}6Uu`DJq8TPE3c$k^WgO>M)MmJUFq`TX!7OWwf+6vc&
zUCubXE3QEc-b7#%)t|RyakHDqLYQx0?rN-Il+i?BWvTp~TW~}`HD(2=;mq~p#vkWN
zbj`gj{wjvnm(CS-)Gd^xvgE>SS(bQf1FJ3~BbW8KjU~sPJ{4BlDF}!pF5~eH@={6f
z>x481G){Q3pb$^v0i?vi(F44x4GV!D#oT1;evx(hZ@g2%zFIc`nb6;<2;Str;bCp|
zM0IV*<xLI1z9xaIuD0wU+^Vnu_1yrU--+D6UDQ#b*2nG5<#)$z1Jn7p)01a!jq-T$
zjfZ)JtS-2Y*L7oo0%@Rm&mL8u2(?MOb<H>r3)hC7V2RhbEPCSz4+p|vKH{>prW0>9
z(Jg~0$8z3%gxYPJ88vZ6z*s5p*EU<tBlpPQ1WSdfU*SoBL{HW};aPcsxTX`=H$x$5
z-(@oZt2dtKH)luoteyQsYB4^^Pcei2_IE-o_qE^#z9xTPWj@g5-&Xh(7g>tDwQB9*
z-}0Vt(G4VuX-DI<<60tH((PWXhWBv&ah~ZGjM#-k#0uH_B4vig|E1?QUMJ_O*dzF#
z@FifN^(!NC*_m`KE`(qu+h7ktV(`e%A0_9KToAYn&AOo}SKwoNYf8m#Qtk5o5W-S0
zQ8(H)S<)B*&LE^ngfk7Re1YZl%pG<&k{Z<~R%u<b8mnXG)xc~03`ztJqBk;jhr?Kq
zf;~K@%5?${R|e)mSsfxGyM39S33G%DM4I@930Q1{G6<<2bb||o9kZvcR9Vbb0Fs0C
zscuvjWid+p6!e(=^``1Pi7D2oK;H4~5#{t>A@09`b{Ko#SbARb^g_U<E;2Oh1-Q8|
z9;lwZZY)-Kd&`1N_R7>$_7T-cm}>@k!QC!%fmyw<&<KrUtM|d2WP_2}IK#pLCQ><v
zTRxl3U}RKvD?H-TY}zxs6}c^H(m#fR>g~Ba3DErb;mgN~Q!vprvrMA$Wcz)8P~ohO
z6mqM9<YR$#QTW5_Sc);0wwXAm)dEA(?=La(4g1_9%7sXZo#Q!og~Rez;uRTo0ePr&
z_f{L3@|ru)UP?;40FCGJ9tdZXxbGSFd8uWOf1jaROmAIsoZB*hg&<5q=x6^VN3P3(
zV3-@q7jfb_YYkuPa-DmU;i(l=B$$En9)eil72JV+aj*aO&fM%L$T7GHAQYnYB3PH5
z9TQ|u{4NyjT;vZ>Bn*lOaWFj%@J?K=t64tbH*ZPUdaj<{-8x67k1sD)F6x5GllE!E
z^o|nAIT%!p$tBvA7wwMnR0u3oZf3Cq+Z67V2|k7^(0z0%VZ3vD@|(KA3wCA2n(5;r
zsnZiuAiZRFI~&)iw!=ocrw(~M-^m=!N?BfDwDY^<gn2I+RxMyH8YquY&9#O1nSIea
z{;BDUdEY|QhBQA%<rzZ8T5VdfE)$s*HF*aMqHnWc=@ev>QbqqIn1VhA#mG$Xe&-J!
zd(Gp?$v*RxMw0HQVD%%g4Y1XKV0T0Upa~gs2(urPum5HU;iDx?c-T&H7=w~Es)0{c
zEkcMS-Wo`Mu<_&0h<+<>hX-X+|Ljz!gn0*UQLzBOto+0jo}!z7{pX+5<8#%as4mvV
z?-RyxSoq_0C26$=JqZn%BfE27N0kB9@bT{h^8Z&)--tI3wE+$NSy|usItBF==D$}d
zunSNJ{{vkvKutsb57fH^b^Je2<ua7w|AHV_q4?lGn``H*$`-<>h_6C%{!dfCRVaMO
z*Oc^CC^F*z-fl({bY{$kf^cR+gTVQ$<Nx2=Z~y+3)m11e(*GL$-?Dxv2=f2k;`8_$
zlBO6c#XJ^@f?i1$5()$Q|IP$Zi7C5M3Jn3lfe7*c*kw9Saan_+{GYSQT!X@g`gWeu
z{CVX6uct=I)9|iO%UDnl5TBp?Kih9e{2M3;17|Z^7beF4_Ww_RDc{yVEq%F7VOWPE
z{2$Zu{{c&PDc0*y)Fl7&MQr115ko>i7=D3(K>t66|GS93`;?k>sPC{CkDt9l{D1m^
Bb724g

delta 105467
zcmY&<WmJ@H*ES#x(%mUAAR!<_iF8SKcZ$G(bX;^vH%KVmASK-`2-4jl-Cf_@`n<Tl
zU;LPBvG=+2*!6gdw$O<7Tv7HJJRS@T3^L3IQRJBCZ79$`T0}pvHPB)vDS`L??0DU+
zVOM3+)lN7im~+#e$?VA$-@ZrB*S<Oprt7?zV{@8R=ObFD-%7h}ymVl;Wt<|=FMVz3
zg~ZC&r_Vbu^kUJ&j!`7?Q213+Pyp(tx=z36)hzj|aNryH7xXna>7#e-!y_ok$tgq%
zQtcKw*R}V^SY*POIPoqaIq-m9B}K_cfFS&5nn0bc{PWIejO%1HT<o)7O-&J<4CxLT
zOc)S76#06D&6?888vg>6F_7L@=H}GdM^vh;k${_QUpY_b#na&43#Ky8v>5m}I-T!1
zU#?Tj28MCpD*>=FFB?8wQbH1zUo{aVaW!UZLBs`~?SOR4EPnFD*#m^SWsdKoW>2Qi
zG5<d~RUyOmB4Yk0DZ(K(hj+nnFw0F?{)@=p7m;B(UINdf)+7@1ZZ!hBv-A)_MOXJ6
zLEj3>K#jZ~bmD&;%<xA@&`KdzS;`vMGMXhtbU$2>GWZF{41%5Fjf)^##ud{U4lQAd
z(J6<a<qYyf>%qBZ8{ep;(bQFy+UI}S7A{PHF#=@X>kdGyOcKn?C|2IKN7z#pEq>DT
zqQ@0W_zbM;d0u!h)N}@a%5ds#LxLnMYDW5?X>M{~s$lRaQVjI#rHtqD-uF7KoL)rA
zpw4KO-F&kvM+7H}HH#12$+pu~Tg_0-3`Y4&!(zNZfKOhBP~TCV5fj?Cj9scE!b`WS
z%3${~;xzP)kRZh=T1Ck6vVJHT9lWDuXR5<a76T?czFn8Y#}zm{qMm*p(qw-e+#Fk*
zGrqdMYzSG%0r!aszBC)n1>??E+eF*E=!WFM^rpbUS;#bx1b=)}vRX*yatrBpCB7<Q
z%&v4O25%G!CaC+Yy(_5h$t6pAt!`yLiv1IB9@!#mr+GR@WA&YCy^VpbLIn5cNjOK5
z$^bx{j7zhi*el-n`WLsGyT7`p_3|shwt{sSPdn-CyB__cQ=RYNd9h~dfoWN6hCh!D
zkD!&8s3iXUHm!-uVLe#6Cys>mxo?0ljl8Co*!<<EfwjIsZP-Zg*HMxr2i;lC+>~#U
zAu9H?U7<yn#wG@#V5N<5s}C&$`Lca+K*X$sFP0RjS@wf%D~YM`Y*OAZ_xs`EZ4QKv
z2Jop^^Rs~l+5W$DOFqRZNK|SiQDx3+b_o<JZ`!X^ymd9yTj6k;B#m@Wn)eQQ(bmtP
zs=cNhDN9<+RbvaL$?PDFQBZ9rB+H`y98{MGx-2K+ysT}#xVk*Ue&L;y0Yn~|)Wrvi
zd`^5G+Z|PKwk2G71p#SYgscm^M)&%;^Xiy-E412J+0}+Cs>UUk`lrahS5Zo`sJhY;
zgcT(<;78dIn)kdvSg>yN{`H-7A68J?TE7JWZ&ep}!gj!1w*JK*$=L)s%2EI14uqc?
z9~NUqOfk~}ur$(++t{WpUsxNkp+d?~5+>{7*G79lLpHBhQ#(i@a;nWaLuKnJ1r9<r
zMa&&Rv4`HOq&$tka$`}CYPOy|`*iVU4rNB~!sWt8a>GV>emf$k(n{?nNGATdZpdY;
zI&goqc3J+YM`qRuztsGoV0C|SZUBFGJ5j6wRO#RW44(@u@>m-1?EZ*gC=0xZx9X}Q
zwJi5F1XaqtgK8Hgjs5v@DnD;?01JA|8ofa6;b;(e@t;o-kgv$CL>#>+(jU#zFqTuT
ze{-JXU4m(Ex*@4ldt!IQV+F3+8PJeaI+*+5k*|_-7oxX&^HX=XC@6(^ixN2NVdg+f
ztF_;$F_RAN$Th|JW9a&w{dBZ5O%l=4H7bqKeF3l}?Qq{wwPLO)im6)Rax|poyAHV1
z-ihRLvu@N?f0N-XkLb%ek}$<lW81D_4y7xaA9g4~A@=3kF>IyKN~cLEyY_;?&Uya5
z@^DN;PTkVNnpMraK9)@anAMbrxg9IWOx0`T8*tJ5(ZSy$blfA)5di)y)`Am`fu5u+
zZJAvuT<M0DA1jh3gNg#`kCsG#i%4KEWf7Z*e;QkjrKSqgYj{Z|Pyf$0kR(-=U1>p~
zMM-DN30yd8Wrv6BBT63j@k6`v)wpfyGnmfg*JYMBfY^%-D}(g*yInS3Oo(BKJ6zG2
z4l4RrxgUuA=3p`+REQxXoe%Xh1P&jhbr?=$tpV|VoF#?k2R@v}6?;SECv!pPfeY#&
zg%yRG%Ssu1V1dKPwi`_DCBd)sOzlX#&Y8iyAU%X>;`m38-{o(GbWU>z2<hI0E&%tn
z_umtCo0K09Ye@TNvOc?)&ogoejRcD~LekfY_H4UQC{Aj=kS{4aBYjYPE%lmmbx%H|
zil4guAlXR{(Gv!3RIH+Ul}Sb8A>J3$)n_3X-01%lZ{Lu8<6nuGCWqQau*NHX)%x?D
zdj_e<sr%^+Q;m!L+Lu>=`Ws|6p^o~W6kaM8Z8vE<`}*+?H<L>Sww~9W+roSNUP(D{
zr>uN}?v~DZa{=LpW0CRY<JdK#9(ea}j9Y)IeA=AeLd9)pR3qGSifBnc`N~UX#9n;6
zA~UT}7zn-=ZRRX0){}Yo@<*VMv^x~Y2?JdpWmVpQ51yeg7SQH9nxkIumSz?HEo@^q
z<OJzSqAYJ{0BH0Of=aZzoX)$zq08aDLiHnaqOQhL>-Adjl-=CI0oz@*V9SF(*|qar
zd^t(gS%Z6xNTNO@BiP-0piI_{;*Z<!g`EmWRL&$UyP;Qg`d~z>{L1kgOcnY0uDK4_
z!)>42hyMOAU{7HW<1U75echqocc<?aP1v<#@Ix2Q6gsTjy1~)nj3#eFLAb0GS`<dQ
zt@s_AWo43ItJAX@Age|8H^u~4fuY1A4I$`u*=*{_sG6`vuI=Lss9yT6jr;ZlPY;y)
zKp3G3r2Up)!BAr}<FC{U*)MP)ocl=z^0;cdWP|<5G`G-9hF8qH@eoTonlG1<9A-^#
zRAkAd=>Pg9Dcz?+#qD8#Q;rGM%H*OD6C_(DpL;Qaaq;%L0+Bpc<==4)I&%0cZ=Zuo
zAxyow5o)O^*6`zEJaE<p?$RoHDC3G7i_Ep808H|mas{E#_y=p5grbX_oAQG`g(w2q
zbBSKV(uY#?{8p-G$<rrlEgO<$n7)Nm7MTa)U_DVm_>6cuZPdvxr2|ku;UOytwXb-Q
z)t2gQk<p$=ql>FrSuKO0f>gHB<g`4aU?c(7{AZNTq`ut0BHBob7G;&}fl9CB{Sb$G
zzviu}@ZZD+tz(xCPF!Oh)P;+8hKTCo^oBMlTCIJ>STt$LUny2OYjse6{3XgymKbWU
z`GUqU<pBoKLYmx_rC=5Q028$FnEZ@r{>{g5dribATe9KtGs_}ve+A7%a|be(K_Hiy
z{ehLqfKwnaAz1C(hmFBfURs#opQd#IULN2Xj^gN~N&+o{SeShql{b(LxskE_H0?xJ
z*vxNx%A1HE)S!;|V|6eh#wL+I`SZhaAZ>6qhK*1Uz3G9>%<ttuFFCG`6w;?eShW{Y
zA8Ok*uXwI+Gs8SXS~S1K!f$L_$7O2*ya-`8O?Us0zwP5y<*yfB6q6S;sMC2)AH~Y|
zjTCdsrl9vK{5a9?wPi6h1`=Z;eV`$$4rLs9AwQ9ufNooAD!k(np3fbwvH-`r5Em!z
zvDk!+^x+@Qaitx3(SU6!3WYhxW$?BI4hro0LRzZVZtJSpv93}k0Qq&;?x#63g@z<b
z#eB+Am))6#pzPPGb3$vix$)0ui=e2-wv*{Ia=s0XU*$HFZTs?p3_*Y}dho-uJVslM
zA^i7^bM^!OBt8E+%O;Cd=`~c+jr%gQK_Cm4xippywp*cLM-1oNx-+WURpG|NwC9H-
z<^AY$z)4fN$Box$*Tj|rljx&6Qpxp$r(v?jDkZ~=NMiy-KG>Zj^V^BCBGMnBGp~J-
z5Af&1hTS=fcI~DDGSW<g{2)tlCR3brwhXGYWaGk5DTz7iZTfGCFBocv-Rdnk(_aV7
z%qNj~DE4xm3CXnX-PVlyN7E_*A6T4Dt6n(2IYC-b@T0^$-BT;R%=F%KEdSJ5=3CY0
zskZyodd5b>I+eFst6f)9hsUE#Bf+2;4aSH=+AC!t4-63%JhQNAz^fJ3Nq8PRln1uK
zU8#^0YkS?n{DZ3mE-}7h4LhHeS>~XE57f!{P8mC>FA@o3?#o|r20+o7oMeUEN80Hi
zC_4MBkFub+;r`|BgAU~x!v1UkiRk|D^UgpK7bMu`JSx3e%Eo~eeWCrM+ZLUSd5ck$
zE7SsqjJA7k0YsRnF;5E9>IZCzSwY&6kFDTT(dOLYD|e;@|5^|!-RE)$s8{N>0j_Ff
z{V^ua$2KXF%7qCtphKe0-Sm=Me&c@(LHQ|{RF(fo3krtvV_+b?1q~D^zt3{^54ycS
zN;jD;sLQL8Ce-d6&+fPAncbCsJ3AOBoA@#tpZI8PdiDEKGu+H6(RV6o{r-0qmag$J
zf&JBqCpmG_Fv6Tjg#}vn;mEZ$14d~}9XgfabsDh0w&d%+UOIj9(_8lNtVZ4h{<ud7
zmo||`?2pBFBa>0TihU`8g&ZS|-9gn3i$*n*k>;sk6EHeATrCC`c>+Rt95fWvV#g6!
zG|<3e0zdPHP9l0kJH0~Er7G&X2IWxWdCjQ{s>7kWkmuFX9)nYlio2qYJ%CAwyLg;^
z#qcP%P&MSDIOxU1?-IDw+RuqVzA@V6$-mR?GWx8wIHvv@S+(45vo^mg?ae}0(YXJb
zdPI_+^dBZQ@e>{dqzH=Tb9+C$wvr&)Tc~urX@U)ns<*4L4)>S-ms=*Vlkt|2-(~H1
z@#y-!cln(F=;COV1?pcER2igyTopLp&N$@%END<R;ATwa)juFyF6zQ?9b6pcr|)f*
zYRtyRn+P5l8DX;hj!Due%V*o@1nCQPr-j!fVxvzV$usjeJ!O;U>jrP*;pW7(gNSU_
z2g(Qz&I8HZJ1B|VZml)L<K&;X*<8Zj2Jn_bK4$IY-g(e3izRxj8}OdK+<=MazLhS6
z|Kwz}ee<P$;i2S*jW0>i>LZvtog_hHJ@;KF>-fl4v1|(Kv|ktm9Oe!iua|_QY&ixE
zQ8V}qImT(xVJIR4RQTw%fYx#z3bSiW1-4GqH1wx`k*SPU1k{2JP>WB<&Ya7zhp|j)
zZG}&SB>WzNA5uXQoxsyn@CgpB=8Jnxi4VA59+ajW?$k5yQPxbZqrn-&6KO|$$L#qw
zu!h8~=nczY9n@VL3_JZ>edA)BeB~l!rXltIBzT)NMcYH`BFmLYI`F@o`MCxXJ0SJ?
zJuY2>?`xtx?kX6-AqYR3(?;xSF7CP;EFJg+ohB(_RF5O1Kt=ikvl?)!s`cOVa1(5`
z1q&9wbmp1|Be3qqsBTv&b0KZ>Jt{I~LY!ckg!;U%84bId+`np+#KXI-Js#CJY8sQ3
zW>G{}t|_;me$a-d4gOV6weV9lj&6+!Tg~_mAWpA18dv84xu=uP2twj2yy2#lHa%5n
zl2-l?T=Pd>6<tYq;zMCVFY`Ch&3o$3J>ja`N(Gf4wLX-OMt#>44BEUM#D`PlQ=&S}
zh-NpE&7NL-7GP!B4wd9*3ZHS-Oz|f?2W(`IL4PpHV9=TxN2EqKygs1jCXX#)*0(AW
z;6Omq5YF$^ao2_UgFSQruAh*6%@zM2eE1Nc(aqCQT;R^8f7Faqo;6@b8~X@TIGNDv
z9LJ9pUpN@WdO*X#xGodUtm(wym4)GK^}gkPn)EW8ZzumVoR-ouAAvVud5C#4P)!)e
z7xRF_P*ec82y3}AssGhZAfyD;^Q|bkt!TdJqv%26V5n$2T+Ad3itf*W%90N7`C386
zmQWa^1obJgvj}t)t&$q4sWy+Js8#AEI~6*VY6;zV-*?K^?JL}MXqa<rI49;Il?F6a
zc}x!}G4Xs}K#|WpaPp)1=1$G51$ZIRt5(hlHQz54w<1PX88cgTHj|NPuxXTKdmoVt
z&G$1gwze+4_B04<rIzpd%5?Ipg3R<-*&OwQsyQ8{4%<UZV4TA3tom_lT&@sB)a62J
zvv)K8T?J6X$)nW-noEC}+11lYug&uK;H}^Qf7^Jo6jrFA=Wyk3_KL#$2H3C3eGX7i
z{3O6c_AW*rn`SQdNl4fl*e=1XQvGSC^_*eaKdbC+!21n#&-KeEMDYoU)|<HnyA|p@
zJ^sw~FDvJ{C<Ll=g9LuM2o+3ZJ2Di%K~|a3%XD~m<3az1oI8Z~<6d;gpsjsc2F+X;
zi6@gl;A;@)XbmF3ATx&8y44%Cu)DIiK0QJ1f9XAa`f`mvJOc5MR=zj1tk5)t3GMqu
zT%~#BFfM_setQ_ziIx_gc*@bJtjev?H4#I@Kd0WN&4RM^3(D3|d^vo5fdl3EM9Yx>
z;#<E7eNCRAy`apXms5Aa-qVZoLrA-98g~GpCYHW1#y<JdF6ns7<F-YOuxf2^QB9oU
zn6un{3rn_g6JGG2()fdA#F`?s?GZjupqj^uc_-ui1wVLhNTvrDd`8HxM4n`;Wq-Sp
zP1O7KiJfu7e&k>o+W=9ea~wq4&w)hYp!}a?a<8n4$z+D|-7u8y4S-GeSN8<^0g<O(
zkn%)lvt+wQwk?J&?(X?W6#(@5m{D@c(OLW9PH6ECrV~<3pRe%h8{K(y0DWBU^q-y(
zOQKk=5N2$5tV+K##mMt4_Cihk0FFUt!Ndmdfv_$|z23NCteM*;_}+{sz6N7y_n7Lj
zFT^Hffe71vXQPa!O+U`MhZP7C&pbJ@<og7kuWSKh!V}{k=W5sI5;XgTtazTcY7aZ{
za!uxM7@%j4+?L(Y-JcaFFkpx@WUXDGK>Rr6$H!F6^#;IyYghF&h>U#?6EzV7E18Cv
zNTi&XrryPlPi_W7qY4|-LdVPEk*fRzX~4ecU&~{V&p0iXltUg`acPwYq!l=P9$R<6
zrR-Ar>7>5IHTM9@RZ_OqtW{=F<@b-{vUcqc^>sXS-#JyS_)uKl0NyvR=@6;miyE0S
zW;7v|y;-SZ)#FB*v25nb8$N&7@VG4iw<|I3a4VJRhlxPB4F9;H3xM0L3gPo}ar_c-
zjM|#<Vvo?kl5MiV_>k>yIUp6G@Q!K6Jt=X&G3BSUWqybKGGRU>F>8lD0-$FVPq_VY
zh1J5f#3lM@kNQO!s9N^g2VYxpM+gQZ@ay@yYL%x~UkEP1Z>1FEf4!@Zw}6@x@wPUw
z+Na`23n-uj3QRa*NeH*6fzGwC>|0x3OcO%X#N~hAT&ydhL<;=tDF{jSsW{NC|JPI4
zN*Kgdvt1o_K7W1~$t&bd#`}u}Q<nBXrxCzEdSv^?`tywvri_*g(`~@(mry^O>^?4l
z@6E=6i#o}sl1rDW@avrD3|%fk2JT}MAoTN~l{CT&M<J9*$$#XWBwbY<Xa%6{t?GjW
zPdv4Q<08A^^9#}6h>_^;Vwb7<+qTgbO;<`8VK)lu>RC+;38<YobfX|XUG{44g+h~-
zsqnA8D@wnbGKu_k_Ka?(V)*<L9KT9b6CQNsgfPmo0-y*-vs{LGd#2+OZ3UlIGN==5
z_Ad!$kSnS8M=&x&`v+ATqiU-4`5v`;URMWlhh>NdpvkJWmhz2gGSRf2UeCRYPHM&z
zC8gV!-I*g2W)cmP-eBs4<p5O?EM;LPA!RXq*{~v0U);R#B&R_UYMg@``Bb`#aNsqH
zywtxp-%A8Q-z@Uqo0k#-pl=Rib<~jh)Si;EshBay(I8Dj%z37kvUYQyslNZ{DS%&W
zq*Aa%BQhCo&lToLSRj;?rDU1?idJt|L10bQ4_6jNm?hUJO<jquu~#*fD`X+{xM01F
zF5iksU0#t!R67mO{Fi2d$dKH1iLU>8Si{Vr^hNU@?%c+w$K)?^Z{(%C=-1thKe^)M
zr}S+}3f9M)i;yNjtw`ZT9RsA+5~Ri0K~*{m9~*X?@B?lMjd-i9*N+BActcE@aWBOX
zC++1wG76E?S?dxu*ibV4%)koGiN~!QwT6}Mjhy;k#&ht|r0w|;m-0-Gx+hmee9!^a
z?YFZNNig<Y0o}V1j-7~vnS=;WkG;pzsTldn@<7fSasXv9lb%LWH=I*uom5n>DPI0B
zZ-i?waWOWmFJSVD@T}5q0{3KOXQ~KJ3<{Z1H$z9C2Q0@R?*qLaIAn%T%&8FO)A}&c
z8zxhVPkbCLORr9wPHHV3h|0Qin)@hO>{htLc&a~6R_s+63ye0Cu{@B8O&Cbe>!>uG
zUpfyDCFI+gm4g-bvs$hutRp@Z50u=dR=>CWIP#n*_FchY(3)$m3@ic<>nA<OS?R6T
zq)c95o-$RwN&CJjj?#xsh*0QzliJ$*<<}VQH0U;t%RsLDR1~XJu!2kH`M_<@-RqwU
zrj33l6Fc|n7}Cr0@MJRyEpbD9X$Ka}W^J+qu#zYSPB4SJLjXqOQ1;sWiO0Fj_ctr>
zGaM7b%*ZiS>I?mK`N{@`4BsVdx9z-fW(tG=RIbWgS!%XwrIeVmaGN}1SyRqf`bxRn
z-X-EdeH?eC0lzk;^+!DW-A1<LICx(|Nj0kco5{Y!RWhO{Xe3^Xjg*M9KB7W9Cvvx&
zwK+{oir|xC!oi$yQ2)MRjW=||P1LHdb8+unU;(~$7_sTQp#gVF!5Mxs9{`{3Xno$O
z0g9s+i%gH?50;3OTb`@##SF6~Ca;@5X}-!;h~ts(=LmR-|I1qI(ul~8d`@N<^3jBA
zP`w>?%U|2twPv6<iMjnp!MNqVH*@3`&++I(#_XH$-S8QbY<^07-q!>1_Uk{I1isob
z3ve}bCxqK9Tz?o|?3OWGJOm69*}wDmKdfAVZ?SMT>?I;^o>AA{jpl}v%~lUeP4)1R
zWy?asS?SpuvOb#Bd?a>Y@RP+hd6AtqETU0orFQ*lbw(1x6#47PhqX#bjXpB9s|a#W
zzRcNTwT={=#HI%hZXgNWJRo@ilDUP@i?StpAE6a$<~P$oD=$^H;J(rQ<T^VdqMVK(
zCuv0Utd|+N+|O1BvbzP>TTI7?5r*@nS?Hk3aa<=0y%jH0^iKfqT)WZ@TXSRz9LE2)
zMV~Qjd=SK9|0DXC28*R&q3ih_9Rc;Ly7pt<C(y)shny*k@^-f{$UtgHZ=9@gB{UXT
zYabFWF!3Fe?ll2i^iD@^J^9ABf0~eUc2-8ZE$Uv#-9NOJm@&w-*irQ-7j1r>Ny;xJ
z^HXI=?~@{@6`wP<>ijW5!76lMg29I23FKSSsI8sB$Q#_OnooUr#>4YS!&L?2g2{Ec
zS$uE~OBw6$qswVL8m&?6GEyt4z;pv(XWs-5*xM}LU#EUOHTrrgC%RghUw9V!%u9m{
zea8L4xCTGsX9tKO2I;|2da7)W-k{Bv2q-(NI27m-pfphYK-}}I6Rg=%<R#A1oC~&;
zzQ0z9@no_L{gZcM$dF#DkX64!8Hr`cB}}kt_l){sWv!`N!njew9T>5t2wZumQHk=9
zRg3*!-=s?F4cyDIPj7$lY~lVYb}>fd7j13d_62H#4L;we3l<2C38t$GE|IO<+nkrx
z;3ypSty1=ku{g=MDjXK=UyQj>ZeDhF+G>uK#~lV$;cc0p5s$Cf0qpF9y2BG?EmssG
zujXT^imzAk#TLd60mEI<v4qkVz`nLCcTJ-IcHC(v!+oaY!ieDOcxjss{-MOM5hgmg
zN4l9C#Lm(U{*?#KEw9;^i7diQ(wKZ9laZa-)i^B9#=QBT?tLIvnNsl7rm3aMMnWVB
zt3(V>K8g^8-IJmp0MW-MlKO%(Su!N(b&>p*8#s7aRQz@E<!yZC^7Ph`eTMM)-0J>L
zXC{E?m>H$mr;)YP=YL209pZCnvGnGAq0+{ATNw}cgSL6jdoRiO7A{$&a966w9>!z&
ziN}Q*PKO-$A*SHC{cXj8=^H@(@eVn7BC>Vi)5MfPc?<ZvartAGK~zg^D_{1lNTSNx
z3~*9sU6kbBTpq)DHZgT{>Ve$h;5vKn?v8+laPquV-}CsZ!ot}l(&4A1Vz!61A)cdh
zwtThc+*%pC{3rDtBbaf~k`84|WSb3H#!Z{7j!kWAxx2g=4wlT_OlnV-k0wnk!`&RB
z+zg_NX<{Ug4FR>hcdNOfT@nF|Sxs|9#*eDMm_Bp`jeph?QcU53Cnj1>22DtT-o6Y}
z`z!FbD;3r<ScM9x)H>HUXr~vymXFUrnKXWQWWr#3w|u2MVd2o?Wdsc*<TImhuZ;A@
zsU7Q%h~{y7N9*D{6GtvZ4OGQ9W);G6!Tg_|YHVSnF5qV#;kPOc1cX@QTz@#FZUkZ9
z0wZ^Obajd4wi?^GyI~d$(gk)NBW2}nq<q-r@Qts!9cX2^d4m@@A0@mvuHl+Hmp&TM
z$YO&HWCa=VH4~L<EytkwpH$O+;B`0CTzr<zv!zc0NmX46CIn(eF#X{I1O#R{65=d7
zUGg(|V8HAjJMt7twcFzH`)cwp+%#tURo4oLk!Ij$gfH<wM&)6@-O@U+RlTi4@E7yh
zsWh)JUGN-ju{)4&;@E9{S(57KW#HkvkODT7<xY3lRGuXGV<PF&@huB!0c}qE&%(-E
zTRbJQD#g{0rl^II)f`wIY#P@9VUqQ3OXbm|K8LEIuZ|QC6W4Ra$K&E^Cq;$kr*V$^
zj~3^$Xs4+R)wj^eih}3d<CZ5?&ijKF?{U-ux68KiZtKnC5+PC{m~s%+h@%<C1b9~^
zd@-g_?9J(qMb)zL!iFJ>X0$iVc|)%ef(_Cid`k)ncM0Xb+eO`uIp1ahc7yd=oi5(I
zk2Sl8*YbOZk(6JBPcS#8lad^NP8oP!Yh2nH3^4NDa9?cnI!+TN4m?x{dY_*UpsDY-
z-{={XXThYZw7<A~$eLkU2`OR~&6hXcWQgp9V`J3X=|#X*(`=NcTOF;*Z<mAkkUy2}
z4UO1s8T#-Q2EfEZj2meCAkvy_VgY-DbKz5az0B?COa(I&ztBwJ{ZSH6kw$#n%mYc%
zG5$K}ypnhI+)9(>aZEvIgYAtcZ$lbf9pmqp8eUhvq9E&#Vi&><O6I-xLbLm_)@W?)
zv87yOtyqcR!S(MHfwP3-h>hd?y2sX2d%2P<9_dF?5rDCi5vlOyd8$NUm;X{5P&9Al
zo`2bd_~pX=5Ht1eW_%A%tB2tbKO=Ya5Z1Py4@PCOWjqS$t4yDpFPym`Z{HNl!L_z@
zvoLSb@x)H4d;N{J_1+YU*_WAHX}wcXx2^ZplR(gQxJ|5#tka^85`T5Y8sAZqCxWEy
zVX6HA53qjdL(<41XvBX1usv<|3*}kS*?te})pcN@sg{>i81g}`MFQz03$k7mB)Kj}
znp~~s=x%zz#nTQ{iwL>9g9H7Uzs6Bf@NJ!<9UacWLn_VrLdGI)J+T;mJkDF)2#b%q
z9L{256;hYI$5HF<mGqVS`A&6^!g98kncxzbo$prXD1AkcuJHVf!yRX=<d@6j)p0<O
zXW1|kf|{qaV%vYow&Ba$L~mooX-wejJMRtH>CY-m&%Rek1g(6dkPJ#Ooe^?M#~aP8
zQeNoQYJ`<-lBp;_mQ{E#f=@6J9D{NyhN%00O97wI4;WwR#v@%6^;PUK!T<}eKrFhR
zR9|Wg-sA*>B*CAu%X7ANoCmWhp6ziZHE5U+8qqfRh={(6Qr<BwW*TG589)9n1x%ia
zZR<q92Qj$s)b>5nJFB;PHAQlyL`O1oZq?V^bt+GBD<r;Z(cP}+KIXVqzp%R&Wc$2k
zS1dGN*uNjQS-#$Ae_v7X4A8ISD>e1`G@ptOftTbF2YKe(H;;Zp0^{BEK4nChtq8bz
z@p{K{RQn%SK!cg85AA?Ow(fD?M~m+_3Y_L{Jc25gQ96t^3a^90bkK}EnyjE`GD1ge
zd#?MX-&CvDeC(RmukGnBOr(dorSH}&gLh;!BLiN>Ff;(gKxo=4nQWgxeOL|A0miP~
z9K%pHzmDSA5zLa`MTOHOJ|m*Y|656bixxtCOSo~=41&StHh6WJ70Kn9s7?Rru|zp`
zs9&WSY25Z4Sq7tmYYP*N&HCp==eB(k^W%o<wn~^g{w}-LfnP$^6s5XLbYAYSVuO1o
zpM`6nj?Nvgjbc?1HQiGa)b%oF<d1Y;cVXw+2~dg(U#6JyR^sI+kP>p7q79qCV)DwG
zU~^`KfEYa`uR_oJVxb(qR2(7yyJ(_SjV$qNRs9RU)+zljW9&6~p*j0!3ykW^?+^Jp
z9}!?h;tr~OvJ>5Um(Hxudp|IXN&%vtw97|<cNy8dhO`H>YEuU{9-O`0v$W`8RdH+~
zVeDuS=fBcq7uzP4B#KYYl#U|ZoYGIN%SeO0jv4k-?n8+o%`ZV7tHzPX&-<2Oz=5wr
zi!L+xza^AU>?@2N^I^#h?_V&8iCt%6G$jJf#fR4!OEbb;l^B2^&9(D%A+Jw2K%(Qu
z2Tv@Cy9<7{Dv!o%)&PMc)+&q?ltO>|%l&4`pUy-HA*r4+a3|tp>1`%q5m0pd3vYmP
z8`3!d^0~D^+blr4x~nrU43Qy5+8H1mbuq%4TZrn|uKT}Lpv?!%^#`5yZPTHoaJCT8
zVkbt~0&wy1g;@<TKtiwd%aBn>3is6G7n{GmSCv2}kwLn{oTz-fbHZo2I}QXY^%?%(
zx2-%tBlCo+Q`l8nu5F!a$gZxF2jkEX!Nup+CY@#<kB+-?48PrqE;MN8wd^5_!-p-n
z{>NjbBz}A_!_qLN+bIePGn$fXlN!`OpEHYX13-JiOlRke9~x}^ZD3kf2%V7tvI;>6
z$aMbHngBsqjnFLFH8R5YZc)|dIV<CO<lp@%mb$L&We4WI^pfk?Wf9fmlx30ly~EoQ
z`PO1pCXZ&eCS0V5J{Tw_kzF8L&oORH@JIUUofkx+LSzXKd%hjT1;g2r^G+@%1HcP5
zH%XQJs@T&;5W8~mtK9$lOi{d}<P3=y(KH24%<*&7kvO)v)HN3P-+wKW3_JHRfzT6E
z!RnJNeC1&sebkRxGb1uY7UZTd{3b?C<s-&OLF~jgl}G_Jw@<PsNQza`ZNRTonDms^
zr78MCpcb<FtONNQU|NZo#fJ3Ile0rqTE91!utzdCLC9<Gb&EoF8u-w(x!b~l{edL-
zK@_jpq;ZU}B&<j&si5Ox^DFPx)&%i7Ndl}R+kvVgX?Y=441yrc+sDLTDPtmMly<66
zglHmTaJ(kU>wm_Qe?Q({AoH;E$P}hD&Ox4dS7kLI@$Se4IImjrUgkgMR>Wnyr8J$G
zk~>#^yzMN{FCVIJOJbgBGsrIxc(;|hW><f6<U-XNpH9hEn{{KqF3Is=Z;%b9$i;8e
zSc_^75SkqJA~F^Kc8S$!-H$AqS-ti?x5XN?_pI`}kh8)2cV0!7x?Y1l-<_)PPZIi=
ziafIcjYdm0;7nheK{kXivB;n-Es1#(;2n2<gK%`NxVDbI`Ke#__U6;&jZo`|jtkrP
z+;zj{t2^!1tCJtwpC;`_T8t#`QXne`(x@(I*U>N7-{~bbNOys-=`xPq=R22F<P=WN
z>U`<q|GOeowMavLPVk*(u|Jh<`(?r1u9%%L9soR!{0`s{ubNtJvrr#EyjrO34-T;7
zYUR71{dLqF?cMWVmu2=SVpD^XZVo15IWE1gxC6eduGG_tSMn$Er&OfDW1J~`@f}IH
z8CuC})2BRBlg7UqxA6J6Uv-F3GqT99f=o@fT&fcmvF?>)J_bl*--ocsgNqW_|FXNH
z>tT7&buh7mr1egYT&OmEkKtm3=O|k`ZRR&uJAZn@b_Gb@C7s3FCc1yFx*azvwv}Np
z`#_n97&-&UVHUIo)w+&L5kx`9e@nz++I$?VgOIyaguu@gIjkG+Kn1aHFJf~wG{;ht
z!#+@m|6f+&jEa;px&+K~*ws$?e}yhIPXpEWh)c2EOu*>U8{IINT?$N?%O$O{SHAQy
zjsAK5k6-O79;Y)X#$Uv0>jwoIe9+RI<K0(x2_9?Ku2B+N$eh8eq;%qVcS(BUc9g5{
z!Xyx0`(Ka$g}90?CQeImRclCmT&BkYW_jb((QPzP8hr854tOvb{86}#bLTJ)nLkiH
z+k&j5m60{^+{$=bzdz43c()Tvd+7L5`-&jo$L@BqB2r53*L9ostx13p8-dU!;bc(z
zo&0OL+yIiZsHWSv<+-)qyAc8^9i^?Pt*GRbWSa(bv`0r~Q&Dq;$MYRvfYMW7Cse~_
zcK_<@wO+|ZKA=a9@&11Aq<G+>TBzm9LGA9f7qH{=QG+7Y16lBBDcfN5hgO`y8+S2g
zR3^%u?!DVq{d#L<?ovBG**JQJrF%D;*qd9Yu;|-Rl>zx2R!uBIdgghMxti9e*(gtn
z`oLy}_86O|LTFc7LaNq-lkRg-3Jq4@iI@f;g7-MG^oiwcgVnv}aSZ#_{mz_OKrX<+
zFxs;q`wL_0NMMIe-7dHkt|d08f^4?C)pOoI^mM_EAB=?b$yHIt*?fXBh?%-UR=&O-
z43=-^G!|;pLygS-uf6>tGtk@$YPW5%Fgcy<Vd+%Z?*d*S!)M@rt40@956D987yy`M
zdm{xJz*G@WRndweyi_C4vz)@zLf?&7;8YL>ZYx@F9N_-ANgmrX^)}S}65>aHQGAx|
zw)XIKMYK$C_B;5woZx~*P>QUuW%Yldy@n+<(j(gT^`K|u%EoU0m4kPY3E!LBUBX1z
zSwaB%_wvY}GVpF}8;BI@N4i?IGZ2AG$i9QqI-4aiT!MWFV_=>YMKkDFz4-lYpOzl9
zU%xx`P2<)fk9=T783%#oxp?1dMZtX?E2@%a73t@&(y!S0?Mi?5i~@VGpC2rSBj#Jb
zkdzT~du2wY)j7PdzCMd-=S}hwd}tbe<)yY=MUE7q@lh8jcU1$W^yR?vt?qYSn0P2w
zgLQ*z$TRHEg(qz>eZVDh54IyU6}ic;XAAyoM+tH5UQr2(vQ|hIiU+&W=R5C?9ZMQk
zwq&G%N#&U5#=b>UmW=0DSn?F28b_U0n^=#J<#Al@fI>9!@Gu;UQ>$n$K)iUev5e10
z3&Kj>GJtp8lZyT(D+Pa-K1GI*(Om3;0#&#TTsz^kFuBPZeb68G(orvtr+%vkoQ#vt
z;os#tBySYbNuBAT>`1IRpZ`t`Frot6;=Ov;32``?3X>?z1@r#lR-zCqN||oNtD8~o
zUfV^jaScr!Ha|hYEZKS9d98ioXv!WBi2Icy-+5Q<cQn#qw8|cP%rX1X>IVg1r~z#G
zSj9WDk`m)#3t@8m#1{^r&s`Z?9=_2=6Yjl@P}s!>$)ia4v)`-rn~dZ9U?|zWX!DaO
zgAyh_U+C(gSgD<Ww`W3Cy*lDs&L0OsFIImDohA7%)|9IYeLg$N&TJvuazq4DB@xM`
zY`%>4O}v^-<!@8R5~0+y8an`Z&y$!gJH?5U(dxWrV(&sVA|e;1O1h~%pz|A9Em>)g
z>OUB_&T{lxxbmeLHcZp!9KZaS-aEW9Re2h2$2FF9wN<)YjY-(b%7|x2PtzL$6bYCn
z4^EhjqHCN;-vYo76;2E?#L@Pp(7-sz=gTA8YX?5UZ*fOEd?616%$yIYZ?WRmYImN|
zvUJ!Qq`hMR+<q%sF~vpx8DI8@$2DNa4%NX^AD}F)Ah2l?b)lfm*O`Xuzyz+JfUpvn
zLAU+*gbZCuPmAAmv?BA(#MJT=o}rK=>{UP&vftrfkm^61zT^1iTvD@!d&PiKk+OW3
znwusGBLJ7p`m`Uc;WQS_yDy*4P23`Nacbka<(>~-TeCU)(yEhdy4F@&Tt)%mkq=g}
z^W8~HdbRqe1F;K9!{&({T7#e3<x4}NE>9s9=SK5;WoWf8SrSsD7`a%#mr<$#R3wL$
zQuNmAtNz`Pr=Wy19}Ly$7j4Q4w1n^GhCTLEz56Y7ho8pCA7-#gD!M~*yqJl3H-cQH
zH5f&veuYiDn#Okh{%zw-ZW`MktJB8X@{BO8qH4c(mySV=aV<F-NS5YwP>;9j$dVCr
zN_Jp)9+UFw=XKV98%V%^`{9KM&DdMJ3*o1^)-7#*s`vp2{T8<y<6b{~?#oKZS`+W=
z^W`nbhhUG4^h+&zybeg5BxF;L83(K~d1vqtzdXXs1q9DX2Kzb>eUEOsZ`mhtY8tcM
z*~XQBC-+9c+}e(bDEvQlCFH%v*Ln8=y1AGi+dW>mrY5cR3iu9_$1EjUcUWN@LwH2v
zyi->|Q(P!WhA#1xCsm@_3=ho>p=pvnPahFUrCahIG>-)QzDamE@Xk;sd*=x=OGvuu
zJ+9WSw0oZ&m+Jccg9|7UDX#V9c%kgJ;h)yN6G$G(gY`faL};sPKZS<6=?>|JD-Y2G
zc04Ff<8n~Z${7b{<+a_wuAxtXSf1QBX>q7c7OIQ1hVbT`u*~$?=V%=Zmf}|#8c6QV
z+CQDx7%|fKVh&Avb$-V?oGjhj6K{^>3r@DLCevLPi+*Utix&GcCYoFI$q9ZIO93l|
z$fOWA%bd)pCf`SAZnX>qv8<M<faUQ6zk0o2?1YtmN>x?+$kAuEh*HYj2F7z{(R6B_
z<L%nDki99FGtS8@LGQ_ayPl)yn~LMoyD0gGVTy}TjC{lzW_iij)>q?YvMW-5-d)3t
zA?g0cRs(L<(LcG-8=pPOgBuNp%}^lzQ6*TKhyeJikpugRqUWpNKf=4nv!}L*`$|y4
zQ)W!Mg{u{b0t<lJ`_^dA8igop$Kx%z0qRSw(_7kCJ=#-8&3UTB$Q}14?opa@5#Lu~
z4`}BKHNQ@iCv1vsi7FTC@c#m+4|ROHV92m?7V*EW?!D}W|Jzi=SxyGN5H82~8159+
zfr=}oQdDva(};fn_-TaUNf09bEF6fn0p!9y596tGMAIHpcxu}-4&@F9C2{5BdX-f;
zTt|EDj9}`1#}2_`m&Tpr;-if;XSMn>_o}fR*0%wi7!GZEuM_U54}V2p<iIpFoAaLy
z9~cVDCA^vfZa%uteE1k3k~yBB;z4YF&@HSma2xnNdwPMEfkA+*KYNi3pD@wS?Qd6+
z(4Ku5?YQnOjEOjjTV!Uy;7jIqIG#eSodGLe1-Jt-tJR5V0WzeXr%^u(Yq$@`p?Mn-
z)OsOC#LN<S241rt9!ndya<6Wn!!JOL0RwXtIMX<@YDANYoGmw$eZQOO<i8(UfBk#S
z>w{>{Oh>q$02h0Qo!pgT+<oZE_tl>zP5ZM+SYJNcVwgE2BVn1`=!P{8zY~(MqH28j
zLVw6q^P$!G$dXzy%4QkuV^3t+%k_~^N(_(?$=>sV@ZKzb3VD0(?cxN%tL1Qj<a{pI
zZ&+F4`JaBJKjzN@H*oeQcDS}`g12fAg`+Mn6UvTuh3ZkNTMMHeChKGIUU+ISr}e*p
z?kN$T>cS}zQ3NdotHPDCb=cvgFE<qk<PAkqF@C|yH)bNiBU5djovyz~;s3Rmg4vOd
zbCVI;FhkLPq5@19vhwW-$T%0UMNC5S<J6*Noy(OaO=PjaKP8&c?tJpT$6JW%{5NWi
zTNC&kd}>3{UUe<qaX)}PxZ*nuClsc&gGX^%Jg_Dbbgek;IPC@=4tnz77nH{~i$kuj
zp&tCMCEOxAtTic-$!QU8yYhoh2f|KP+yZbSdF{A;K=^o_X&};CmNtMnTiEp4a%Mg?
z)m;>coX>1=d3UDz+4gF$Kl)<IN8!o$LBWdl0Gw4mD@E{gFId70H90fmp=*?AP2Wz)
zICHK9g6s<TPi}lp1SYef(`lnx2KTO*B^<?zTagVgNh?;-N$G9k)10JpN#Az>-k24^
zosfUhWS6i{bKwL>LZ#^=%pF<B6bE{=`HX(?K0AnXE5qmq?AA_SQh+Tl%f`;%F?%yu
z!y?B*8W50i^UMeQKT@nOJlh>ZiNatw93K+9u{pUCdJ|&8(~o_w{1Cfg(WUg=TD5nn
z*Xhnny|>sOct9dsu1cf&xPrWrV|-oLsRsi*nt1G$%kS)d&L#BbEwf4sc<(6&=@n`Q
z1Mlcpt@jvU3k_m47-%5k?Ks%<(Y;*8(kqiJ&O6oi9ek|sJt$N#w@9DzEmznLZOgA#
z;w7mGPhmWIQb{qTqPy0#K$@&lZXbC{V*uxE|D`{IBEZxc@+U{Yj;q?Be37U`2l7VO
z4&T8m1gIc5jL_yl(3UK8kNgk{4J5sH2w*$dZ@`@)Pm1m#=LmloB9eeAI$V}J@)h*D
zMB)XosF4)is~+ao7yl(l2n}pXnNQj;DK6L)Z~HeYW3GJ!vZKZ#-U#!Yd?|`8IMLFa
z(sgc;?hj*h(9}X@xL{^LiD3$de(|KA%@yp0-%H`PIo2&*ovLe$n7A8kO`F}e`@@Tu
zey&)O`2P{8!&Cbofz^U6g`<#1FU%jnQs)W!WrZSOj*wKvv=ouDmCu1z1OwQb7V2)Q
znr%y{;q->yS0qQ7ls^$87?zwa1~~T;pvK@T&m9@IrFxye%DFx|1{fvx^a|_j2;wkL
zJt)ur9X2$Qk$pdh%uh1d&$X4;BacPX&tGaT=Q6D+fs$2j^@#&~!wD|92`PI&JgJ8T
zco%N3^Jrf85*nY3{H)3FU%WARAhsd_dEfEqjP=rxUFCYusIq9I-evu%XjnRY4JeVk
zz2L5#;55KZGMc(|uL#7g+UiugPJjSH)D?tpDsv{-7<Yfr#ed*Ji-iQX^<l`z0IC~f
z><KW4AV%)$kyv+a4V~?r6|k@CF$g=%Djf*_So#CvIn{ftm)Yhr#&vGOBdw(;T3Il@
zRw5<)b3R8#;Oa4ua!xODt?@}fn<v;UyG!UxP~6hB0o6tl?uMPrl%jw1<ExU0DBQYn
zv^)tESrpyBSd|j&ySoNorhrxF9qquwqDSEF)CRyU$!YEMNv$$iY36<<YoF-rK$Ktp
z$NU`;cHP4evM!YQRU|0$-n!8*9NJOZ(U3nsDr6F#K@5}J9aRlAW%mEd$FQwXk22rc
z%WpP9hNpA~WGdhw`^8z7n21aRgJYiN<=w!sfGHAMzVrW70F;cfu!k4uJ(`cRs-5PB
z=JXRN|MCUdB??kn#8SKt&4oQ^^Ynd8NYjZo|B+(Xo>kHFYf+Hecv>$kyK)>?kyS5j
z;1A_eS%~VS)axXi0-JRBGF(WM8x20ok!!!Jns~{{GaekXmqjDr8}TH~o^(H$ORG8w
zv=W14Cp^E&Ceg>yQ662(xoc?`TXp8u(#^h`abSA(>CYIswu@MkcE(1!B1xFZbvXdz
z(-@U8Y%t!>!Vt|BS6l4cTuS%80ul?hr~f^k*dEf1Zrh^|MK9K}m4RYg(g{E-VA(a+
zAmsSzHw;Soo3_O>eX34i$_n=dMvk^5m|YW9>Ca1YpUHI-Ad&R1wn0ZAgr`}IjI_ZB
z-;T7f@>oZP5oC+l!?W3Ol#GKJpOIxfO|3bRBB=(J&9Ug!PP;L5p~r+ETkbD{!@IaF
z!DErC9*jR;no;}#9g_~=Q=;WTleg?q(pZy5z{`ll#Edis2}qmkULXsLcr2gvZ{*=`
zIv5rdPp=ttpxxxCBR+-3ux}d#eo?B|KMpBq+&dl}c(4(`e$vfc(9tvk$6rvxzD#Al
zyyEK{utgR_px;HaqRN70)`4Rsw(07<4Q?vy=xC9|Up^xHJDCQchdI#Ev;g5edPcT&
z3z(gS?svh7_1Aix4HE+Q-$}t}rr#=#mB>K)#BUKfs3LQfBC^rz@MQn4Ks;O3)b=s4
zg7wXvuw{{1iV<C=N~AU32KTrrRgRVxYr{j-5~YU2O{|_g#=H$XkzgKO7D~%7F4%?)
z*bqFq_`QF8WLf+jF73<}MrVJ{R_*9S<Hdy<rXAxfUfJ$Ou4UxtmplDEH=b5}bPPiL
zJt~mz#dcd8rTS{z^n#s^xMjKb)zM2hH+b-{xFEgRYOVm`pXHHMqOE$kv@KNRjAB%=
z7%`>6og5ZTMRk1HXV@I&^4WDhC4)eym*|T&H`XWg$$1>Ig=*X5_#gUQHA5jQTm_VX
zwB-T$bkNROv%5#LhECdZJ{Mk}_yufl94`bH27{Is(&aY%3GIPTvW3ilT>YFzUJn86
zgpW0@rhBcn-!}hx;|-cA=71~H<5+no_#;TDB;fre^rNr9(~T^l<hYtW=S~>3E@flQ
zDJwVuh+m{9xJElph&lqQM589tzrHNO`12&(&5iX--25cqponCSQ3y)kL`(FO`LlHP
zo|jA&)n1W_>McEmc#Vn%%Bc)RMcXO7Y|*Sm24#crsyn1#uyMm)@!!fNz`_HU;P=^A
zMs+Aj)0VnGEFn|tU|hO5-MRP?t9w1Pb$i&Hrl$i!S$SXZEz$4IUpg#gXDId~3{-C^
zTS2aP1Jq`#NC|sCa=Pmb9C~PfHqSnftE<T0LbD%vIyM^$=Z5ow(s=`=L-d|{O*G;0
z*b{co2=MMMSr7w9h<Xunv*^mKLGSdSfjGgQ1bQpNjLj8EyP%vT-j$XWKpst(n0I2W
zo(S0vw%T^XAC+9;!g$)Q(6SO+gXhVH6r{50|JF@zjs#(%rJKz?%oeC{B7qaoEVRdI
zq%wcL<F_$w>}BTMc`*Bx?!x@#2S1QbJmo#5oH@m5B6~k}E2=XPd$VZS=nt_EcIO*t
zmu)BiqfjSyj02+nO+&bOrZC2cI7UNTY?$+b_j!}L%K0qW@s3J?7ov`^7za;BEQS7^
z*mbyz=<{E#TfT78kxC{fftDEL{5x5SW!#gNLdji+OWdv5L;z+Z6>RFcz}KcgtQkUz
zVHaDNsm6oqmct6#fsx9Z(*6!7|2O6{quD(Eowdh=_*rNE3_)$^@<>-`egF612uNox
z7uJ7ex5n(Os?E2W7?#=$nZ)POvzT6BwA~=5b~sj?#7VP0R~!eSqPvjW3!Pn&G{mQU
zJ5E3+%JR#RITsc*_>*(ahz!h$U4IXjC^>K<bf4ODn$&=R3+4&QZT2p=<f>(bxWye6
z?<=n8ghqbP<m(HkyY#G`IIFCVV@=rH?OE615sCbP${MR}iXqQLsbSF*q{-@Pp1D%6
zY}bXdF{B4_6=tF`MBdXdVL`va0+j;)I}WUOfJYDHc@_j!;I<86rHJbFrJ6q_t{SJ(
z4EIS^uRWE85zzhKWyx8x%&Ulsa^h<(v!U}@g$qL8uo6Z<y}Y~j_uz#)Qo~b~jpRub
zXPA3piBV_VwE)cXg02c)U74%Dh7||tVCX{0jHdG3q5D`wRip)wt8<{C@|cT9$A|ZZ
z(h5?5DJm&(Rs%4fOpDh|>?(kV*0UgWDO7&%p!*?vpXVykmT1E`>uxS%8unJ8!#Zk6
z-Z_lZ?&p|dzc4$?+Tw>fKf8qI#VaxKG5B~n5}VPzs1hA<2ZSM_+^mc5tA7jIXe^-I
z*jNVN0gwD&6#^%lW@@AFvmT3DurDJf)DA78-f-W&%3{=&!TYnPT)G0uV(bddilz#K
zFPB+LI9>PQ=SEu&vBa5Vb*!iK$i-E43M8Un2z#pg29Id77@LTd#3tSmdsEAaB|O%v
z1SKM_-a4#rzv*PpAz3^gSSMNh0sOqNuii&)%Jdo=H~3+gY0tC=z3zl|?H@XfGO>ca
zMBpxtm8DoxCLMxMul;3(Ohc3E24&OPBSnQmRc`BlLO=OO(|~rGp^11;bi%WL#MS8J
zMN!kX>Xsfun<K)Z>ZBbn*&C6aUO`jz#lk&1wZ<{M<wX{3KnQ)o^!w_w*r`GcjeOwF
ze_)|DSoEul<)@`#ZGrQhS451usL%ciK?6d>*k$x3+Q+vEEHj$(k+@v6-49;5AViFv
zK}weQ!O1OV7SkgLjQ(_!Wv)-&{&r=^kO~T)ni{YWvj$q#@b(F8&8>pTGabv3`;&lk
zO1tkjM=Sgvemu)rv@^t>UKbqizaFMj>eLW1b0B#X`+(kWv}eRq@=8b~466Q6nw?|D
zOV*7r=(Q7c3jkXEK#%;Dr0m6wUfwaX&=9<^pOat#&1@xdqb>9$RcQ-Bu*w*_>S>-5
zjN@SlGpbz=J~Y9sE(QX+*lI15L$eCm+tMX`ST7jj*(3G#B~i(6-v4kez8%B-a9s?R
znd%swct1zkeyjC9?@iN<--tbvZ@{173PBf24i-bSh~L{HH#|IHH4Y&bK?1Pwpeu1A
z3vzKoL0m^6s>kFy^pk&T@}q@gY6^L){X=@`GhlO`?P}R2v>!yf<MvpHH}^|EX!i53
ze3JbG50S>bi)@&JP5FhloPu_|ImoyAWcBgRm-c49ugUlNOzqT>9z2SBYcV?}FD|Rf
zGu$KGSw7N!WcnKLr#Y(Li9%01QzC&SL&lmB>e?MkSFoX}cExgToQWWg6O7;zH~asX
z`s%nSo9}H>k?vf&8_A^`q`Rb~rBfPi0qO2;=>}=(1_7nJL%O6v-c^5Jp7+n)o&C(r
z$?Ke%bEZBUfJ1T=`_CPfb5kUAha(gql}k-sn3f6V>bsU<;0*Gb&5DpH?B(yX_2VEX
z!PSlMcw7m7V`z2tO1o7d9!g>@n1VGBXRr}&2p(THKgHBx@NC|oeMj_Jr*M19=&+EV
zBt}Cg!+>IyeE*<e3G;87@{VvfDZ&)E;Ob)5@XKy-!W|wSj?bU_j9wmsnA~R;JGknK
z-ZJ+Bd5rn_YH3MTK1L(9elPQn_QHLS(yHtUma?i6#IbLfOGNedQAfFMY0VE6>BP_n
zn)Wj@tX{(RwV};}FT1|sFc$>>jg}|$3XQ{?BTQe<s@J-t<(&rr-*@E`YCzd{B?A*F
z;=@Y}3?s^LQ5K}xQeeUV#CV7BhxiZ4U*F+(@>H(`ruCHGCok(Ii->zevTLv}j&$3y
zoIe_s-3*j8C+p|G?b9hq|GaQqa7>TG#|f$q5|CivsK^kynmtPhe!)4H`)Pd4t4k?Q
zfcU=q5kRT*8Ljog_Hz7wZ93@rrwldrqSAT`?h>wUX7c9*2K~`5_OUav^cAhiDAr>(
zHg#Y;=0UKt0#uo=6?!Y{dhYs#zWWEwd1HW7M1d*RzjFuV44W{AT6&7XLb^oas>9gS
z;-xpJm4f&V(p=6>oA4}ErLuE%(URc#Pr!2sjbS3eEr}PafG2^BNa1PK>kbh=i~uno
z7d+(ft|G<N=E>g-S6Ekgb_aYQ#cMcTy;s_+fy9KYH?pW{C*(asjRrE;zB832XjN@6
z>~Dvub0hzRbZCw&^xe&$L)PLjNqQZ1UggAoMqAD^r3Z~VHib~E2Lc+(^RIdkcH{n2
zk6=m``j!y6md;=aL8Ys8tOc`c^2D2B<!gHdzII>KGUWM7)13C}O8a_Vel<~6A!7Nm
zGDrF5+U4ZMNe8}N#Z}!&+M;Z|ezR)^R9uy4Nt*!)xh{%-FoFpcR}!p^jqwiSx|yzx
z{arVJ<c%v4*rPfqXb6|<u*vE4sXALK(xLjl#ttBUnDD&t&O9WL97H7sgdi$05SJPU
z^_Xr^O2Xn-qKkhr<FI|~fYBTCh!*t4++!pIg_PO4>)rL@?aX1i0Fi$FnAT<2lE-V0
zzQ>@7x3L=x9BaqF=OQO*GgD20<>2dNT@9z4WkY*P!wO_Xd<*<_5ccKRsebNzdYHh!
zMkW?YI)?(}7lr^=%2LWlCl~#Syhl{I4?|9N)hrQj=7S0x#&xU?Pn5{Brsz=NlPmv_
zM3{n){aCy^6ub87s8$*#52l`;zXSSQMOOLfo0MUFWl{$~lfV1B4WGXQBy{UOg>o%m
zZ?t|pC&shlYTk|VG`Fus4&UnG$QI_U^s~u}9`j!z$x2^rF@kg+1x)C<#}R+td1~^D
z*GLnPi%Ueb5ng740mayo_;YRHlq%0*$IdbaCXW6m3H`O@ZKx@=G~-4_6;XRFQ+}X`
zkapI$iX|d2lIDX}#*4dPlXLGuIEG)PnyU(nk-;1aTUh!1y0RSq#Ocf-jlSEmFeE1x
zM%aac_R^GfPdth0mX#!!L{3b2$LMF0k&$o*$vP+2Gkzejm*9}Z`yr2q9}S^I<_<)j
z+{iV$U{|>(CpoHs6Y{=Z@b-t7yF+dZenrbvu&xD#)f!&@&4>Hm0aWEL<xBwe3@PEQ
zK#BQ%b8e19jYjri;OpDASlF$XZwUDIq|5}H3Bf>JVh6{xqx1U{PR+SGZb>kwWINW>
zPq|e3zgc)LzA<@8Fb59CH+3@q1%>X99x{40WK4|x`T(o3+1?FHRZn+?T<Z@<^ZzOv
zBZQ0#^DK-Di#<a&xs@z~mS?l8I(<vNvbPdmT!nvoM0ahHX&3gsc<*tLyEpYdY4JoY
zo7;T9-a5DBJw4|?Mj7<v(*J4WBBG`eM`iglSpFspG)iOn4RMuO8(T|7FN6(<6j&5F
z@=~jrwgz(s%KmGPWKH>=!IS2FSSf^F`>OB5?9f-aV)A5)_wqmXQF6^4(QF?3Drl2O
z<X&iSwG6_*GCPEYdecq4m!qfow_QTT*91f6oc_iz?)3B$eH36(k_5?a$UO*05mo|(
z9y`tq<Nt%eK#i<gejjBRy)R8zXld}zsjLa)vZ|jaTGzb@f{5z#gr|1a+;$o-*R~{T
zR-*_kK7H(28U6hkOJwlmfewF(KUXU62|QGJ5>mb)zsO%hdCS7a-!Iop`*$5*@=NB7
zr73j|!HFb5(Ltdvro=>)rCx2$sajIVaN_YV1|A^PDu<xlHNx@uKPPwy-pJap*vKmO
zq~mAl%P2-{*TQC<a~O$s-L>r2TJD^ZsXM+g*f#NdQWo-lh1ES1#0f%!;Zs?}$i1#h
zf}DXI3e~&QOZ=<+f|Nz&;RlBp!%(p2pu>jw!PjJL;7G<)4>HSk(CL2!@c$G}{fAEK
zRuL$|vR_f;?dKjgCJ^K?xUUkYXTDV_`8<84k)3WcVuYk#6}z91yMaIy>cs&g7}7fM
zO)yTm<UlDXIoP#o#@-aI#Wvd5r4U3DqTr=$cw?1VCYg5R_%NC5)bdKjAMYqvbqIrY
zx^nBKx;WAb;GLFaUF0DXY`?qQ^unjR&91?_V3b)d)RzrCpVr41<de4|fFqs+qx|mx
zMBD+2p&z<91u6%5tM_AB45d|-X~`+fj&$JWy~-=?K*69jDC}q5>x;pF!V$)TlAIRr
ziz)burO~zMN?S2o)sj|YC(L@J*vbKPa&kY=ts#VnT3O=Vx#+*iW&!Fw`OO$_WZ$Yf
zt5^*hg!tS#4ovf|-8NWv%-oNZOcY(tH6(5ueK#yg6XG~bW)@gIMi>p4QlRxgqH0gR
zzi1!Fq<+`e%tx?7_}g0hp*9#JW0(T)`U!eRAN@})py76Fj57wpUXd^YObjG9?F0UA
zgCfZs^^@+}M=-0_a*2Ws5*FN?Ofm+ZBegmx_Kg~dRMZrE7DLrycjPhLoD#Hd3qLMZ
z82p;q7dojp9(f({p`T+7yNhxW^(8zPrB7Bz#|{0{?~&hd@jfE3l%J31vQYQ!v|rP-
zbJoIJI-_b^5(7!qkVCuM%NHwg>&hINcU{08fih>40}?9r2zscV8Q!Kk-ep;i6t&zB
zmcK3xg#o;Pv-w_2K1bhglS;1_CmjBp4Ge+7M6s;4O5z86+=382{y!t|p1A;@h_L|S
z!UBW~@QDRfcp6>zl{Sr}(;D!e0RZCp`j>tmcBYWDvg|W0#tWTCnLewst?2K+?RJzk
zJ}a#=6v5lhD{=gG+*r(gBAtPsrrPyo6hfIu{qe;MFSun;D+m=nNlgD=)!kdrewbr1
zBTWuVtix>8<R@xJL>n39nyGN(BngczY)kb*M<X|8)DO>&3P`n<R@QouSH{yo+g>OT
zfh<l5@fuvBA$*f8%R2qa`CyPv(E8=$8f%f_*w%r$eH7>dhJ6ProPEZn^yAg%xS7<B
zTN&FPp@!uI@TsIA`gAT!U;Dq<APszlvpJ_F|IUy?L7e9UOwx@E6z7}ari>*H)(?U_
z5lsg#t^lGL6VUxLmpQDXs;h2Nt6594?8ibwj#l)-JXCN@dp>#&9=+#XV<m1)LStBd
zMT__Q<7(@v?^U3hu6|}bgTb&??%xb{zC$}h|7~f?TAA2-(Fgpdh-9-Ne}+hc>&*}x
zGmRU^pQkWJLdO4JZ9l*v9SJG!PrYF%C7Do>gJvxC|MrnMM)OiM?IoKzxTq>=XmoXN
zbDlP1qiynF(W-nQt(VVS_5SDv3X^K4<{nMDa!^`&AWbfo@!xqbX_Ows^a{f?Gk}CE
z+|_H8_34yp=;hos*k(h^zF&(ONDt0%MCtvH0YE|Oqtu|rgZv<l2AX9@K?sgUS0ku$
z(h8OGdy|bHeG+rrWV0^^@{CFEzVvO!<C5cGs;9sy49m-!bfkguVpkQD{(@?pzv;fW
z$iWp6rgiwxx`EVaFc=a{uL57<G2GWyVZCBRoW02Wyk%soM1Zqd{a;gow*V7Cm*x;h
zm!`U)QUT!~K)+p#xTeEbziNYPwY!|YKxl=!;r`xtwgexrjoL?zG}<lFeS9UA!cfsP
zOfdO@AvT{Rk!0HOzCBsso2I=d5~H`OuPY;w$%m6)yfnuJB(V<mwF#qtOMYdq)54gK
zx#IfT)P~qM8BNBO3M>GV<DiK)4LDvk_y9e1k|i`UG5)9QH5=S#?P+%FHK!i$HCMS*
zCf-t8Fmhv5>GJ5e(3F}k4dbhve07TXAXgO_W#JXA^==KJZEhKs+aDyU<Nyk{qS<aL
z0OS6p4Ik=24JK$n76HUqxy*(xlzh=iml!1{0Q5^TrJP9FZAi;}BfeLB@4u=2A82aA
zh)NW|ih}4ZpB;U)B=<+6O48c>>|-30B{$~@fg)z%pSO8J99mc2m|JB(-EdF7<=`HB
z93L<GaOfEp*nJ^%;@$HJJ9l|1j#n=_`%>>#D^gUL(34s7)>5hLZIlnr7bD=!=sd>P
zv(%gQypO+Q%MHsaiPuDI$H-6<^KTU^4zunG=iP*`G6w#50g0q@?SEcC!hwXb%cK0$
zT8;6%{;bSC#~Q=C-AM}>WiQ0?5bss^@@^8y5Txfrd;h_Z0okn3fxLb4fI(HV@M0+5
z#@WkRllfYpO~%bl#Ew3|!hY<ktQR&XX~I+ND3-g2tKNaD%My|rSSGsnXos^%8^rs_
z%t9@f`hO6Ee2kMCJehzluSSS#3D+n}3$1s~^59P$$ZF9p1HxHiv_?A^axDDMtILCp
z)8Z_Q(~3P=1{Kc|3g>*@sGqt5NR}$r(;nHa>dqCW1?);TUfv>C4z<p!TDBcIUW$6L
z*{G+un%=9<B5n-OWh<UP<~DBZbevD3A5_79pOZ_X+@TXiqlk8lXj?K1e3WgU*y^Z=
zTu(NkFd+~=GSiga>tCK=XJ9@b&LSGqUr<(U;L=0;bq6*y(nd}kfVG=vER*0aupv1V
z8<`0i@?RkIKzT*yL30&Sx{G<ix*c7NxPm%sA#-ARklo^3*-yIaUB<-IY<AESd|kE5
zRhzFdLHd+^nXPps*rErC#DYr3D+2@L3abC6CubLsg99-^xUvY^bj6Ivnv$arrLyZZ
z*?`Cb6N^q<iw6BbrwYyj8Y?xJ>A$#_o2W|+qMTytg2{6>^lTCur>-lDC1b9alWwG2
z#g}+1hJremj2%7Ynuf5%KJ~#ph>wVx%V{JH6PDT*0mjw#!1aCfYNdhq{d<`EozF={
z_uuw~7igLdttd{v014&$t-#4)`j=N@B(bb`mp7{W2!C$WS_?+0NxxDgriS}~U8wiT
zNVR$@7{n=>R;}K|;@nnRyy4GZX`#fOxHg6Htfd~_62#Qw62vN(dK+g2YZw|`<5s-4
z1H$bdi>!{9I*VklP=e!qD)`<D>)LxJ1Vd_dM$f)u(^dlUd8M0xCo(dR&vF?*2A{^{
zP2BbGln$omr@-tEhYVDa<v``^tLUH&MA#L#9;c7Q0kRIrVczw{J;|!d|D2vfhQF)>
zA_F;Hanl=E6={cLX7Cc0p6go40Agb~#X7H%^4#kPxT2i@IJ-`X$lyVP2m#mtW-u#!
zZZV=1*_29EPm)(%BtHpxhu)F9mQy@In_!nuLz3Cn1-O-2X>pSchE&0Zs6J>pGwgT{
zq~uAE*@cVuYZ=YE%&yV)Kus&{HS8)51N0ZG>5mwzJ&vC(kxbk4BoXHQP3j)O-fdPY
z%Rl9hYbms8v-RE0Nklbu2erC^*ciWf-Kny|ndank-GAB*cJLi})6gk;s%r@<pjg9@
z({Iw?Im6<8Q1Zc*RAJKVZ~@ueL|^DW8!B9|)Pv@^`~$AWIJKV%eYd2>Y2B~n_NTX6
zmx@!yhM_&Y)}kKjykA_jki#;t4nNJCAK>-S64ZY}#R5+2daV9b*S6>{7Fm-RetUOp
zu|FwV_NDd_USYR2sYT6=mGGnH=V{V3SAJLnnsoC=HSdpUSH}FFVU{29GubxK#7Cx2
z&CXq}*8Jivw@#3V?U~Fb{w904ZPw(|Vr`59-c4-eI7kwHa#$8eG@>*Q4B;)yV=wiF
zs%m}&+LPccCZ0LNY4e$qhS`UPCbD$bzZzmCw0mA?bb0M%h}i_zJovN{b5DGb2fvv-
z+AWOtO*)>@Dv$8|b^ay3E;vB(Bb3)K27wf8gb$3gM0_<v?^8@zf>kV689$uN|9p!_
z9NTY=TV4J-f;VXV=pB9?9vgM4yf)xkt@BP%b*N-SleA!?2(cUQvzEWIBdRK%a5Yzs
z{OT1|j&cWrF=rf0;Pzis!(N^e#%$F0CaIbo64Y1_T-2ibfda58OhuJ7nG~#}L#d+j
zsY2q|zXT^@2X8-bjHx{0UGuNhcf6%pMR}D<mdS$s-t92=EPyw+?6zgA$JhB+dx80U
zPeyy!(_B$O0k#TJaP4;@TX6M@xU|QE$pMkD69whOf745ZxE4pM8TE3nW}=D;@U$$4
zV5;cWaErsJ%@Sm1omfMxR+UumY4pSDT%RSxd=A4pSqRHodfIsi{EpsES|dm4<EgLQ
z3g9y3iS*miLWt|orDmN>8Vk)TyuD-d*P`2PG~3pbT2hC{g;PS0*2&pPbg(PqomKkF
zo~<EX5%PPZ%zIdLkCa!xm}3%0@mNSdJf_)ayBtm)S`>D<`m*%h@}9f-1$`>m0{vZd
z5L`xvoTC#9^&l_FfDyr~u8%9R<bGN}1g&VN>^h#oIxW=6oH&f)*#D4GfzBKJSm!;C
zSZ9d!`}C>c6a>M|`*0?<l4&zVf)Qj=zb9syM~-!hu+fuDXrnKjuNOlZc9p#FGm~DZ
z6j26*m?Y7;MdMLT)qWn*x*^+wT$4-@c`1Xe+tl&mx23K=_}(Y+NDe@tLGv#`>v8+Z
zi}b0!!KU$OH?5;I&DQy)8XgxQ+Wm6uL8U4)4S|XJ3Bvw>Uv$V1{49?iF*X?fop;DB
z15js1e&gbrHwDTON;<eW=t5TrekMN8bjKx^(l)%4*CvH%CWbNnjI_pSTdE$KeD<-~
z?jqDK7CSI~6Cd-z^y#}DDPdh$u`7%V!)uoGKK=u{KGEVKp+=uX?aaGCWqsAQT#>O)
zX_+Kom(liB?H|(cJBtL``G?#CXF})O`T3s;Tu2v+A<Y6`4E$)rmcCYnS;o=>SBAjJ
z!6+^8{jy5x&l)M6l9R=|q7v_21GfbKU)~W&G=D*w>$S&`>jfb*zBhe~bfZy1w6X=|
zQgqA8OW*eqsig6>yT5;DgjEYbmFJYrX(`b65A6QJq)-;`NwzVpa00Vk%M9v>-#bmE
z-D@6!7=HPxueukYe_VMngSHT#VG@xjBj8ceaq;=$3ltf3M~#)0<9AUbK8Ej80fL0U
z8al;gUWp<=9~SbbLzu37CvOk-F0z_Ghl?b>1M4<Z#iwz9PG*8?>2GqS?3X=k5ds4w
zSPo<8&)~+mJA^|%JCx(|elryf(>8JmVmlTZjGPaPpvyQ;Ak|Y`fk)@vVgo0K&xi44
z4=SO988amTr{#Pb*~v09z_4P)-?AusLKJ%J=dTgOQw+gK@ZO%x8URo5V?6md^w@xv
zx!-WwVVVp1U7;?Si0=GR)J4b?|L4Q@1X+ncZIefj!A>a~gGRDs!3HYfWDzi$U=50a
z8$V9pm^ZD`?IEQMPGWcjFl&S4&)#z0=M$)K{1Zs^63{cgE*OO5!=lCX#VyUdswuu7
zj$D!P58WaYVR8{qtA6B@&8L|~eBk{_g<V|^X5~PE?s3hUgOs<d)UYYeMHfEClzze5
z9qJ8`t<yvt^eo1uZppk8)|kw`sAJNx67hU_kKptjhSUnp$-JYkmDmDnXcd}o%5az_
zFA~x_6xeYF3CKI1vQc-6A4`j-O<|NF8pveR`kyiU($VQJa41W0wj1Y4+gST=^|#(|
zB!%N}B&rZ!e^IbTt|JOGv=4+s|K6Uc>=@Cx@mPNP$|gMk<wz4Z9Xo%I!SEGu5f^*X
znKz6+Gy0{s{L8Y??lTGYhfUQrG~h4bNZxf^8-K&ygV~u)+HZ$G=;$5`&gCpW%=F0o
zT+Xohr#Frx-h54upYZcB62~FJja>GtoBaLe-fB5N;Zpxb3r@7c^2em48yA5P-wQ?C
zqEuMnXeVV;`#aDh;a-O|O)x^??grNaT1btc%+!|(HGTsmV4^@yl<!~YMu|EB3EiY&
zK3{C`v8cwfH=?s3S*_Vi9@TL=w&fvGbTGyI#(KH;Y}0$AVx3>?t*wq5N!OArL@8N?
zjYgTm&ntQ=JDT@oUCHvw-Jj3dM@?@i-m4pKv=bI}ouGXMCPBTzx2|4eg5;XQ9rpl+
zr@GI}pcOa{pISvfzVwh0HZoK%{sL~Vgc{ww*-uRxIC>kJUsdMG1WATBCbD1d)!<mf
znbGOee07;j2!-LU)MwGxE<j~$J{@M4(GzZ{R89?J*6e-0z0KG{$tZ;8Ej8mDii3A<
zZVFG?^aaZek;|jER79)r7P#W@opAHbKESyoUog4Ii7H7`VEFwrLofTKtSoJ(JaB?#
zFnC?+JSd2tV1`tu#Cus!gtI;IGdYCt19@@~&!5hgDk?uAhDVAzr>;0ku80X-CP{by
zjSO)sqYhCUKYS`&Uqrs#TCUKz3^EY;|2m?pw8g4qzvQC?4s=M(4A1XPOcIL5d_^x7
zX}L!2^zvZlu8C=RrlA%DS$AIu_2h=J#cMt&dTK-|FHY_s|0c_{*6&T_dS_KEsq;hq
z%&b9do`q7M=PfZq1239ct9jh^oHVh!Sq1_wE%jQ~Qh?1Wi(KYZq(pB#Lk$TP4~}kT
zaIOB|qF#VuG-Ee9<66K5PiLH3e@m<(yu34wNo-+HA?rh0E$01xd!osRb1iNYpViD0
zG{G6tYS&#^hSNTaRuP@eH?beT=28w(q1)1mywSyld2c<?V)idg2{$=uR~S+68%S>h
zj$6!HyY3HoiZ%y+|6VkAV-4snz9&JA%(ypYoPG^>c}&tdnssw)IOuqb)G$LjCy*-F
zTF2O&`H{8i&7R2`NFgJj^M1m`V2tZDq4>2=cBKa;a(D(!-RkhanhGW%xcr+_0n<M_
zI5Q%jm(==R^&)ynw=tL`R!m;6KHi88bh5L!()}iO*^;pbJ=xXU-;#OLA$O*X97x^I
zwQe=?2F%5dgrxVF&mWcZ{Q{BkR{k`fX(8_W`eJCu73PAS4iB~=0D8I0{q3urB1;`D
zN9gy#%SUuOfpY(QTfh!Y+72N37GA!K*~r@abr4YsYiIt{%k$gfjg{}`47q%s%(o#~
zRnB`JS9TgAcL+XKBfezbz`%OcT*Kya*>tvg7XAlhP)xa9PNS?Zpw76mVKf)NZ*k7W
znj6vb-P60ouZ7OFYH~6Kc`Onnst$WLuhQXnU55vb#10>1(eT#!EHYFnTB|Ui@`rv#
zAIVyg+xkA<#!Q~E8Cybbft|q~zm$O<3>HMrF~wu~zpl(cTA<&1>=#+VhZG0RRLD$J
zt%HcZ*m|*(J?rni6cPHwtqa8t`+j)V41(c5$^Q6m2Tk%g5XzGY(gJ<E`{1)yuv1H_
zxY!2Hz>=6(dPi4x;&&fMZ4`P8clJ)X^mefG*c^L_!VqJ7CvXjS<<Aoac2ZpxqP5Mb
zP>skL@Qt*<prW9HRgxyWMPfDr89&rvbt?gU<1=f&jh+pTj>Fo;UJ9HcT*WV#HFB$T
zwdnd(+d!f5%jXLq2G<4)puTkEboM;`BJ`8%Tjz94=P@gGBE@1Tji4rVvJR42L4?au
z3}Ighgp)!rMeKvvu=3(p1%4n^ywDyophI?oPsVSex)rUj<iBZsh6a7c1JoeX&if$E
zGqk|;@se=$Js7#JclHL=_5{Gn>|dbeGg0+m^!qUSXxTOIUoG@xW@J7^2`}F3OcokY
zy?rELWuYoK)%<fyAe@e#>kT(6=4W*fzb}<oR~`kOHW@=UPVOd9#}*<ti?&hvrAUec
zN4G5`PWAta?Z2i(eZ3L*jIA>s-`0elPQe%>xZcn<$!XGaaz*(1c#Z8{G<6nUtj)KC
zZLyeW&z7(%j$9Y)$EKg2=VE+_f6ITFLnc%LAeA_x(!2)UCXJP;4(s04M4IKN*1;ON
zAtqIbdg}lsuEZYQe^skF{CW9H7J2!QEJey&p#pl%Sqz*xHK?v1F!SjepsO5CucfNH
z?p24=#FbT@HWA$D^>;t6<T95)l_Tsl>buv4Y6Dtj)BKLB+&iD_pXPt?T|A8}E}k~o
znjW+Ol5<3LCY!GF8$7(CYz{U>(zHWBh!cNmogb_XwoacNO<XZ~K@_px(yFgDj*eBF
zzMLGh6>9Z$@6{qx;*_VBk6=CSyP;F2L(HzS6=a5JZ@9PC4L4BR4^zYLNPE#waz)q+
zVoN^@*t|C0<iNYD@u>~9k4O~ijJ7PfYDKx4nVn}P95lq<*IKhqxFxN#9lxRjTD9z7
zF=V&Z?7Sv?#C_ox^nhaG*Pn{$nw$9+f3I7_gs=gQkWvR`RJoQ|Z`%XiOlZ^h#f6>4
z82hT6Hu?qFZ5ccyV1&YnI_8@@ftjqT_g1GsC1<b3a4d0-wKUTiW>ozu+$N{34vN2f
zSxh6%#8^%!mc=%OU;;=mwCFeodOV-Zug)+8(zWsydrMJmM{{a@tttU$%QC$MMQRBT
zL&4P$&(h0TJB2!~#;Z312jP2EPKb7BaA2^M@5lFKDTq;jmpUQxvCa&2EQuFeHwj+F
zV2d0HM)(t!O|T;x3)4%I>vQn0xbJVBzH!>1z=3sxWa(Kd$|va1e*tssyRtR}(__4T
z?-=ByxEyq?9NzlQCtemC(}AlltDD#1+~69=GiU9*5_J`ZyS`UAqg*QgsEfsX`Eq<v
z35IJ+eGB<$s{2hcA*S>g2*m4*u*Edi-HBr~mXU*yK)(Em+K({RgaDC#iXXSTh6pl9
z*)mk_@AQK)f?L41W=tokdS~dv+qlYk6j@HF>fQDSAHzqM#)`?#48GURZ*5MR(^!SS
zlpU``tLO7LE#X-MQXcM;3f-44-Y$RVx|1R%_PkJC8c7ZF`b!B_`;DgLfK3BbKQBj>
zH$1~s@phQ6fn$-;qfRpd8zX5M?r0O!nTSn;;xD}g0CuvbrsdWs$?>+{tLwZ4UW@9C
zFt1o2x|7?B2Osk*eq^G@h^1wpAPbAemg?l8r=e@Tih$Nu*$$MGwK7r_xx*kXwnaM^
zzj!AvVXw=MlVgLPjC*b1-Ilx0BmP*?7&RD_aY-SpKeeSs&-z6TiBjLnDdXJ9VR(d`
zj&*eu*fBz#Z_T4J@`b4v>+ZIQS(rUtbB*6jz++%`r0*+8)F4d#D(%6mmG`ySb?o)6
z`f#{aryhP1pMp|4QX{*E6WT}L_u8-#8r^M0XBoVVbsuz&s3n43CCe_XEE`WsZ3ome
zc8=qhgTQYj+kvSdH4KJ-ixAJKg)CwiAg3#%8`~w17U<W<L!6+6mNOmHVRFiDb>>3d
z&4T<5(v4A0Pu9`WEK!R4P(^br5z>t@GdWAD?X#h)k}3*9TLIj!bAy>>>QGo4lIU9H
zF3Uv1lPSVFuK6`A71#oBi;9jKUdPU8O}!mjOD}3M2oyrG3bj96LWjLj5*Q1xe4tj8
z;{`KsqkqAc_a>%wPD#7!Ca6hZ(!?^vEl#asauN>J<7eJp`-1&Uk>*-yIS54xid|WB
zG8N$qi(d$()zk6F?0rLJKKvy%@K)gMn?a=1dXC+~Q97>&i{I&YUB~<OfN0rH1;4Le
z{Q`3+hr0UgE2$r;0HSKHzApZrs>udfVnBd8Dzxe=R=mo19ArAwonZENIw`kI@!eQm
zORyn5cJiRlVg=MJ1x;USWhqUrL>P8u$#AB}sQWX9RaH=yG#r%PJu#h3nKx9Dt(#Kv
zw6+K;9@B;yu12^yd!%;@?Oyum7V-hgxHu2)cDnWIXY1qK0I&CbVe98wd-HKSWmjFb
zJ4}g#5BNp7YOVpB?{IGk@=T7^S&;rJ*ju9ATFCJRcb6H#RTwmJ_roB4LRn^p3@v&$
z;|^5tTt%d_&L5HfE77J$B+1))p(A+<&Akh1KbT7Wx?t*cC9S?>^W47`S{B{UC_bTW
zxQ+*);y!v*7Pr*kop<(RW*4rb#Cg=}-~4t(=fiao&X1QCYiPL?m$N2Gw{B@tBb9b)
zt#F(P_q?BK5=^`iYi(egDA?%_Wu=_|rht=lSj_T5;>AS(oyn_fj-8t^y&D4<k)Y)z
z@Y%Bv1?{+c^(K2!Z-iUz!Z>$)2COxm)lj@+97ypqmZ@tNzBuo&Lh;sH@ZW*CQh?Uj
z4<9m!8_kNNB@LpJyg95_3l1Y2TT;FBhf2#WY|qkGn+glxeazx|X%>CHCj~q8Nuc53
z{V_7){mk?!3TlQzn_Kt%v3f7!(L(ndJibLv8^?xNrZE!PBqM%g=hxAC{Qy$E$W>x4
zL3Dh|S*IFo174qu>8iA=V=rQ2Qd7dl#4tl-#<F<%5+k{$IzQ`jr>9KEVFL|+?{vc3
z6SQmY;wkNx#Ad~|rJ2x)m!fUP6IT7qM1xPm_a$_fXrSoWLzdnln$ofaq@r_$_p`WC
zEmMKu)vXQhc)3%B*!YV#r$EX!eDJ;vi-lv%4bz!;7Zz95Rg<7wQuu|!GcUKgNmjQE
zLhbVwJZg}Nx)s%7_tNaA-)IS|L^CfgDXk$(aWtnI!Fs%IjsH4EddS`5L0!t4Fj}Z8
z_isvbaQ)WCRGgf$TozGKYMOR6ew3`w@h2unj;>EYjKGdBXnW?(b)Ds$6-UNfvHz2w
zI+A+GoNxckIa){|X9}yY3Hn_=muv2w%wJb3a9D=2>eeb6fK+#y?~z)i%U|kPxs8Xa
z5RGSN-uMPjII0EAx%0W(|L)APzc-fJ4YPJ@V=yk9QjW!s$;=nTr*mAx<kp$O4g{D?
z#SCdvEp4*95#QfU^u<!Ezuiy`lVdF7WH(3CajN>nq;jNJ+ny1|7K<Wq{=sAEr6*qi
zMhxK#yOD+~le%Ba!0H%Dy3XA#UTcqoYRDmM!|MY@>cH=c%n>dnjSi}VeKO?9WP#x5
z-O$|~rljUHT|`<Ffv}x#fx2IeXaJ5ZvH%iA#AoLn+vxc@#*11t#A>%M0Mc|O#0Dy&
zAlc@L@0aZT(Y{sP;sHBpn;(*DT?P3i_?u+oJz-(SrCQ=~KI_p~&pKIY{L~yb4#q#t
z_}zm+jwk&|4+bMH_aty$z}SF}edi@~!m_*=_qD+IxJ2w0z+2k@8TGv9b3-%?$es~Y
zj=s(TkelJP(1O*=0>mF6wJ6YDELWEKLxwB*CbRskeMXCg7R0++729w3BgY#)u0+<>
ze;e5;-c4+;p7FuwsWbNZ`8a)S45G<fVc6a%d4sV~9~jH>;dK;tGgx&C^G)n7f6bs6
z5ZoNQ$u5k%!!*R6Ex9BoAQZiuWi7no;`kZiSp)Qz#KRyOAPLa`*E9935Stt#$qzxH
zJJl<0+tvIrCrv~b>Xg>nsA{P#^?OoQ!%7y0)^5s2EWNkn|72erB8bvMahu4Az5=q`
z;TR4v={G8v7N|&hfHq1(Wjxz)FmJrh+P%S=yQn{M0vPn^+3DaObcr4(u91~y;_2Ej
z5J+%U>j}H;dJdDeZD$vrQhlbZZ25t%c(*9g?<qeufbr;PKcmikS!w>&;nGtNmS{pn
zq!xk9F1KG=bJ~BkM`s%gVQ};kuUTUlR(&|@gBKvxs*3mf_Sf+YcG1zk_CjVvfY=nR
z7_SEd%O_V`qt9{!Y9KuJxY0v6mMy9F6B>hl_RD;SXntb>1kg_BBPRi#C}_^!r4`Kb
z-;&Kw*2Rt!9mpX|PWNG8l;Fy-k8UtL@wR3uC)YeMWBuYzj7pCJ_s-SnNDAovK~mb7
zfKiku_)l3wzzZf+=@=!dZjMxOdOOH(pmvbzl_Nc3tG}HQlR-nlRTE)Idp%>Q?;!?g
zM`x9vu9S~59Agiu^=mw%t=96>T#tW^p{DE?(Bk*ZyyVU^NU4tHNz51hW3U6c*-><D
zOsT>ngW}A9<RTL@e9$(BFlNTt*EObB`p0mgXtcMQL>^%2fM+gn?>lm?B!UScu0P6x
zbuW2Yt%#_a_RT#s8=><F+;IrX$Tw(ZE$%w2YXM@I&$B{vn9jnHF8a&J`tPjo-)YbP
z2xt+dT1*Mf2Tu)15_m9#1^gv$WCQ?dAr!UY4i`o#xdV<x*1>i%+oC{DjBOq_COD;{
z)0>q%-|+&6{kIaS<6Q7cqB5v76Df+qaDuBfIrPPf)?y)cZG#_-Qv@s&QKR&Py9YQ>
zy#3W7-9-BEYR(@duWG;k5E*>IL(;VxlJi~btM;)dAuEP>B*0hyFgY(#5Kpc15jhSF
z{5R3c{u$3o;tdgmi)e9bw?w7T+P}Coyx?AgPT1Rb7D4RpGYhH?C1s01^RCzJ%cq6$
z(_0q(ho$A09B4B~9CsUE2!j?)#;)L;Q{c6CF&Rg#7j45i_#m0n7yTs>sDHJQixn9A
z=?>1{#E4L&*wTZeFwUa%9_-q!>2-9%<yX->r5N!UFbJ9NAs~LX5bXBRKhBDWjSV3$
ziF~NcYy)C$PY!D57a!#~FMDK??gVeW544uaTlI%1oIYIAE%GTYNUV(+Gk1Vk%@&RV
zV8L6#(sLFJLH{@a90iy_II!*x7qr>ucr3&7jy-EUbv$qcQw7qvL1M6g18pbu5$Z?J
zYtZuwYL(D>&gjs$;IGKjD2|+QJ)FCRrY@xKi$gcFr<2@d4yIx3bknj@DG}SQC&oAv
ztA63bZ+;Q#uWm&SwjGShbsi~6LHPszST6B^sCjp=`6fn6WDLn}cdYz8leti}olG&V
zeeACLtvAW1So^9U8|x`3&*1O2EO_1>JMRnzz)*<&%@<zIyUx0QOAF9<{A?Ss7<uy}
zNoXcHeygGJI`0cwcFQXYLGs>M{PPPMsV^mOkpCG$P*krw7;_WjO$0!RwYuxu8MhRk
zaxxTRM&Y9U(=!$Cg@9vBSpZ2?Z_fW>y4X$6Hxbfn_$OuNRk#XALIVbpABJ7ky<*}E
z8~Bfz5O;QQCF;DQ-mk}htx|9rs$aUGjV7LCbsHU@>+$Wd{(X0K^tNKG!JfMizlW&4
z)N5p2dhyAO7$3OS<VG=lvwN^pvF0^4#aM2JnvGwEW<8WJZ*9u_;5c=bEBSg)Q*QDw
zxQ=b*vmW2n<WA2t>H5ze$m2N%b|<S1_uudMXTR2e9gZG2Ud)h>;SqRM3*PeYtEt*4
ze9d&UG-%?BD=pfe+2jygK&-g(-;UzFwj!m0HGEcA_UV;ZwAt{B-s2amX#B0Qp)Y)o
z+Gn{EB<F-NJ}=uLe<@qX6=Gx{vy2k5N1eA9m~|O_?bWihk4Ot@_7FZC`JSHQQdVHO
z(z}OikGX72*nkoVUS?0o>L?_oa+Z$tYZ0Qo@TqzyFv3Bz!RFed{7BF|ez5L>1mP+0
zFUBD#m2Px5?M}fX46{1<lp7)q)W4=A9UKty9hwbRO~zZl>_FY7tdhQuRHA+n)pux7
z1vf?h-p+iHUF)d~YkFuCE8K<V`Zj&mm318*iDB8wGA-Fbq%R$=I3>u|pc^_d_tyiL
zc*mQjcn8fUnXv~dbf&Y5m~E8}fQmO8&&ckjx&TO7^nci1ob^^vq>pwkEZH;E2JIU2
zl8zVr<D?JNNz7d*A1S7)QzloGR<gb5xLk;IE?{`MH*Cz4e{eBiRMEDvXriCh|2oBQ
z-%~{M1f^B*l;qE9;;z3p;7PT7_bN0Bzm70HTT!lcXB}!fr2xiq`Z+Hy1dR3g{3VU>
zr3}!w+q1RXb~n}kQ0E_UJgTJYZ{SeRj89aKGEY}@$VN)2Nq+cenpzfxxAYrwwC?f&
z=_|A4t{QE^HrZC~a$Gp&+|(xmrM_d?*Q{c1rmq}}1E^HE#&7N*x5VnWcrz9fA`bR_
z`&}rSfVan9(=NJoLc0E_Rk{uj1yMn((}~JeF|!4nmK72nOVoTTy`>HNvpQ*P6l+Q-
zHseC%P<$7r`Drcjf(v?`f~;Kp?y_mq*7|)#m8NS_JSshxn3wV1%m;!z_uYvewaRi<
zsC_uH(AO>f^NiQt@u@TNYTw=J^=7ke7K?qw0p)WS-J{kR=cSJZt36ozv#;X4d|7!O
zleg-$h8|dX_>z+!D0o^wT;8F0JL!L((W|`kZX9LPFeHjC`(2gyl>X5ryN5Hobd>R!
zNZ|4ftN+tQbm?z>pivqT%fmMKvo|PCtU#ApA^a8$wXFn`Q(Ux%W~iWdZPU|uildUv
z4~z_761oztt)@4=Oc^QtS&xG(WK+1)%zse1A3bpWp2(zl!7er%UbUBL%`s=k%_>4h
zfYoGT8`UkJ2@!Tt^_RtD^@oTqKSuR`F|vs~TGP1<-Cm#x^7KmR>m8=f{Vja)FV%A*
zWR{x>tP1U+w_?(pnGaa*QQQP0Y<a*}RU;F|Tqr5l3{8Er_ir8+aa~u`9n5XxT9C~H
z0zG@%yU!ipBPH6^bB>;YleU$*Ym18_H=k}cqj?O=dVa^q99;?D2mv>Xn{JC8RloV4
zP8Lbg3~l+Vgh}}A>RxxbQY+GAc8BXQA#rJ_%W>jbbX(*mTUgbSz}E!G<2V8hNY60O
zX33=08wTC8CbHy8aW2Ijd;Xk^lwT2^NU+WNn%#Wh9$bGIRWX2S`|G{^4&>#Y3xqbe
z^A|hvR#ci<KEFj8>*j<CEf8!`e&(j~d{nXc`jB_0Lj3Dfjqbr~$jgeI|2DA!{<^K?
z-&kB!gt}h=IbV5OKCF4ZHn6!^2M^<qg~XfeEFBav(EhG{YI<F~3l!Vrc<4Zjb@fO{
zy4(AVdLW4_@at@mOal-?@s%PROsQuEVgK~WED4IDu(ctx(9x>R+V^7}nx4(OgKE~<
zmVGPX0Eb3&<yBX+qS6`s_l<G$CC$|DUY{ZZ!qz3<znmP|HdNN`Kuk3HMb+)wtBwQy
zLFC_w+XIK&gR)Qq3(9{iu>Xsw^4s_ruKm3dQSrwHj!V(90xHJoyJnVasQm@Xmr;Ya
za1^wlz568@ZG0*QCwG}ncXA3`(SqwaB!8%8@$JnJ(6dfUMv+kL#(!7?4Dfj&TaZBA
zP_aRDynAgG{%QxO&TXT{=3Qg1U?y_AkF4+mHcP+mYg-kWCM<#bON-uqFi)^-<J&ZI
zlZ=Q9+E_;+#r|6`!LFL=(o$+G?>IrkH)S-<T8YR}`Qlui(pZ8Q=B*VD?5O|od75(5
z+keWlrlR-?P@D^M$F9RUOL?HU=rP!3vX!gp)(`c8CyL*H@_p1<je4?Z#+fD^B@o{=
z(Gk~?!CAj}c_}-(D7+xOD&#%7ugb<XYM#0@oVUcm<?oNtcny@9oe{5wz5ShA7#4kQ
z{oCP&nDBADA?G6Nj5*$LD!9})MbJ*2@if>~y2^SE;4H<3FZWU?43K#IvR(|TnXfQQ
zeu8zybh$e}$GGBQwr|vb*EvS#4Pwiuv%0M^U}y5GCKEavF!{zl<o!$2isK&g@Dt9!
zFaK@9)scHdcB0~r2c|&ty+-dVyD!_1B(2w1J;fY7r<^#H5{m}-dlRRhOg;%kVcfw<
z;Zy0o0E{wTANRq?zVBy>tsDU<nNkebHgDoy{TcNffMaKQ;^zWp5ivF=67Ccvech9L
z1Bdy)%Rf;xJWe9%HzK*7oFk4oCT2r1Kispf2GnGaY5E?R!`n(_Uv}E#^>R<o_aryY
zuzfD*IP#eB))F4Pi~`!8!tY6b11UZgX~)r|mo|;pXb!Ai`V?v_(fMfBV3aNoNr0g$
zq@fLxVi6jc^tuI`{=|wgN}%@32#({0W>cx$Vv@m3-mZ+vb=ftFnU~wX1Dl3CBX*$^
z(V*Xn<l?n$SVBekqP@FY{BvS8%(?yB{`L#-k1do))8$|DRe@2qr4iqErzlOvS1zJE
z(~gZI_7|ZIE!pG#MhAoDLQy1n6BS8?^T^U@k1{{WFMknO6b&eRT_Gh{8lDD}Icke=
z+I(uFD5J!OjCaX`k)WVQ9>|P*4<(rxDaK3_g1bi`x9bPFNu$7d&rmAUD<mH<>y5QJ
z`IHH;ii1i9e1CYkoD<M4UDU_~+-fN(r!Lj&Pg_~~*3LMeU#+2inQ2Y@p5^v#b0z(Z
z`S9+<s#Ert!iN;4p2OcEiJaSynz~Bkmqv<cuax`IQ=*t+zOKJ2Q%4cqzu~z8`<Wyb
z{{bhCFar#aGTH@}bKIa!?QLbx-)SDb7xKW}s}XjBQp-m42-?6AQ;?*}VQ>us`qPFs
z^|P+t@%%JO>`JVWtrcAAn92_UN(PQw^ir02GYKU=yvi+7b22fd_PsW|zPC@r6HZ>G
zl(y*6BEpCNW3-3p-Y-IOzVERotNZArYVpnJbXW#H>0~(<QyLc2mz@A15oTFVa+nCh
zWBCG#p!-Ufj~p@2f@hjQ0!yHm>PNN6Z-l*}@{JCg?-hs2>U~41qZ;xZ!9b7=c(KAi
z-{kKOHM@S)yu;)(Cv4Dxmu`lE*&gO73Xwp6JvV9Oi{2mM%xd1Pv?0>MVzV~~`H$Ye
zNdQRp+cc467)Os_n*uURVx2O};S27|Uu%Qr30*mlFZFG$5j@(a;iaTz_>ymJe%CkH
zO+28m1o;->Tv9&u@wD1s1}WUvb<$m2Zof<;G&Z#^S(#n@n&e%@KVj=B*H4s^(2X^^
znzpaJd(Qtch-cqW0x4@@6Bacs_m5x!eJ??rNHl)tg+{vGodh)>-}QcTWeI2_+Zpi~
zWTy>Db)mkF>kX_R^Md^P`Z)v%Llcx@YGS99YH*_v((4a_WWuK7Dxsa^Nc)bXc-gq-
zZXsFjMbW46LmU8Xy5F$^0B^r$)h~9Yg(QCn|0H$M@qVzwdcuwd0PX$72OL;YF7WX&
zER)rv@?Z-b<qVBRi(z+cu{>GQD>d>bnL}zT>XRNE;?`7$vHwzo-yqFl{284!O}%Kp
zNeG0chI+r;8NAR2om8vLG`DhSBwJ_V;0}6KN0-@W6&uO_e2kU8wMch+4|cZwbxY6A
zzFrJq{ROM34pa0gpZHRPY|XoW<bM>2J{Q1}NoYdW^!lcCAlN_c8SPlV#5iSzhU?|Z
zvHla|SvFHkf=S@Dq@o9}6jMTFjW0Jdmlb-QJKnb-G_<FK>?B9k#c@f`@@LPv5=cwZ
z=gS5#Zjqrx=M%iznv31k(|iF+qW4=vu6d<L7TC~=RDXHWj6xgdFC(G)5laU06+B#Q
z0)J|Jc&Awua?Vm&I$IXP&{SvQxLHDL&ESz;Pbk$hSDbXC-yl}XQ^g)-IxOlmw<zlE
z6%yX)1a!t^er*f4>}Xv!@`-+^Ug4lC(hwRZqLN%G0}MZK$$e9IA7)W+nV#TOTL&qy
zh34mGwJQqcKuJ5nzzm%|%6q2vq!Qu0zNmwH(Jjy3v`QJ)JYX`bi2MQ^_g}pJ`;eTs
zD=`)XF?heJNFF<{1=KorR&B9b&@8^jTd2u{%hWdK+Re6aJW+V8raBwvr&Y5%(SXXM
z_SDPtk3T-31p|v$CVP>2SDTGcMMi&J{!-W^TNf1}O{ZlF<SQ8eprODj`~DiH=;?jt
zU~=Ws5{nIoRV=H8A!_5-89~qS17-N-`;@g|$onZPufj2+8^qVpf^DO0_k73}m6f8M
zvg_t)=a>DVH*Cw|0mjW#x?ol|PQ<Y~I5iL4FGrBDm}}TH3x2VV7}>S0gRPx0z2m6t
zp|zt)_$SR25G$3C=X*M8kK(jB>dnN>ibW@%HBhrD?TkA{S?}(0o^jTUoVr;i9e5g`
zy-?Nu0*v?{i42Z&*}4){@F65J5GwN~UN_4FP|}lEKg=%evrxWTqZa^vvSY3fWdv7o
zec_7AhEqGk`n#ZduCrhCx(9$)>*jqhq!Y!u*eKOh<L90G(qo%psC(W+YPFdeX_mPN
z+#>y;i3`OR$V2fu<(e5|OJ?nZaB@_vQ-)^Rz3sHHaO`Lf3-JF#A}Gv+z}5TY)8Q{j
z^CWgE`#+qSWb2LU-VY!6lvMTp1flO6zLO3S54~*Ql$Fc$z4)P5_@i;ui7WeYXY>#j
zd*13`e5KgKZUqK5?`ze!X80wsm*)D(EW9>r*#WnWi|kb`aDLN=<4)J+4N!-~_!**#
znM7)OEkWOZBz=XOv4d)>UjoYSl+F&19$70*eJ*!*z|z7ZaxdHD>i6!veli@`Ep~ML
zAQdG)XsLKz70)^JHFF8C@E8L*<Ygvav0OM6Dj>Ea{_*<uD%bNaN6Nk=+v=z!papnn
zS63QuA$p32qM64-=vn<mCi2IN(!js@OHJgMsY#cQOX~Zx#d*NW*#i6GaGPRtK9<|y
z0twnEe{FA1uBpztbS2XD8G%h-$#yV;_Tiw&NuOD0Of{B8WH31@*K@jBMc`0WVLdUI
z2Ex;`)AC+B2?45w>b{=r=ClMG(wlN#ZE-{`p+G0utIIbb9EyJ(MSCwnkpt$YgrLuH
zFR<;-dj=LZO1~e?;`%6+d|ws9>lnd6#l}zvKZePQoJuOe624siE|Bz-FE?K3?jnbA
zAXw`8I7e#d&`5nf@ihZv`W*qJe2Q-}_0YQZcjw19#hR;=H>_%b)q#uIM3?mU>k3}M
z$9_FYt!V+BZ_0vRaTz!_q3QvdXPBNL!P&M80W2uLc<O#XE-GBk8T6SP9PdIO7+%<F
zVLL8@xRrSjsV>v1Oi$)FmG&70z1vRSuGL-dv0kA(q8AnX)l~`<MY+KE_a%_eVi`$@
zuig$L#VsKT4pES+<2#5YQ!l9j8$$wd1jz<Ae@FZ~$pauqdHHPL^9#BeCsiS4yt`8e
z9y63pBv-A6Z^?nU(&Cc)V($eqm1$!i>V=(cp$TH;Ow(ijuKCp>bkxePDetPF2U*gx
z#K<rduBFDIDF-vVEx~ZqBYkLtH`*zn{BE*9r`eaLS5ZAWe`&wcw_fgmnSrz6pc&Gm
zLk<mCh_-JDM8oAo);KZkMtF(#W^^jKCxQKFja%Iu!T$wkUl#-Fx*2<PAZz^UrCB4<
z-KtJev7ZA<s3)+R!n{dudkb^0j*dIU^|WJO7hUa_^V_@Xa4<KiS|(}sh!k73BBV?4
zBi}IVJ?izwcz);o(-f>%*V7c>dHKMZnGV}hkydE;fkmO-zX~2y<93f6Bj?_vZ4cyS
z`Rt6I*b5DEJ>3nbj_+1|2!*BGIl$z5G<RjZK1r)ue3<58<Iu#~yf1ArJb;T^{p!o%
z<yNj`w_>PfH^l_A1HX@jeuRtoxnmH``cc!q16Yu;JZLM85>~gx-K+)V(2~RvZ|2({
zMML}uIebWH*PRceICyFoAHLIrQMt-J7Z$@F(?jgd<sNf|w%NAsu4ClhdCW{-kq`zH
zEvzzaX{m@dMNXn4E{;;>?!H#C9BXm=k`%2Ey=bzqWfa`lGrl=`h}U#`L!F$zT2^_v
zQXs*RZ7s~>Z?jO25X=pbhMHBn7o)sU;kGyLAjt-~-QL(H?axlOTVy^Gtw`Kw1_|pJ
zh>VrK^@*#tWGualY)1P2ICfq!udz^^YgXZw$hp3#8a_vVafq{OYL>p<3h%#tRr6N3
zp``ig>drlKt$j%t#NNg**>3KpHyLG*v}vEjgZ6dh^(9~Wc{QZ}7qU5Nn*$-{AFycq
ztJ`wW0TYE_gVQu*GKO4KoJKMuL|_>IBiXlW_FzXI2JH;$i7k)%Xag`x=rh#M*NP58
zu96pzJIcgwD}GzV(0O7(%0NYWp%WdBSlZA<(zs$C6mi_jExS~vQ+Owo=rJ^Fl}odK
z%=mx?2$~$$)<#l_OsA7|uM&Fvd>m0o2W2<n4Ls4;J!zPY2G{yAF#uKER@3gRiweJd
zd}5Y;dG+ec8o!3?v%PZN{e3u{8AftKF5j4bl;>$HQu{@AQFwoJC-W0wIePh`6Ld_Y
zFozpf4vPpSut{{murD1m&opNJH>&7^%>ZVRY0uKg$E<_ERRow{3!zo<GhE6Ni%Dz1
z8PZH{=OD$F^_)c#GzSB$|9Oqb4bkXX<f?Dhko|_dRJYZnAj!CJ$3qj+D0F}`Tx}fE
zimLlG#$Xji(<If|f?Uc*{%FJr0d55!F1H!y?3nhN3+UD#DtsD(W~XL>Ni+@|qLm}p
z<uAwviVU;k7F9{Y?V20{T+no8{5ssn*|tV3C25DXJvJi>@M=G#SElRH`F7QLdi-3o
z%@wOBxYi{{%gO81KNu2U1&Id6;oril-*+apfZf9W#OSynhhxr+-psTh+b-x}NpTol
zu1`n-9IiXGI^T>3QaJ!EQ;LMIA1PhE96F6uo{<zHs-QOKS9T^@2)+fQM`sOR%XgsE
z1>ZAKwz2@Tw)mn=@1=Dv(e{C9Sqbe)LSInZ#`o9Ydjdr>;U9kzjZ=R<Y#ds=`F~7Z
zWmHw))0R-W8|fD5?(XgeX{0Y89arh@?oR3Ml#r6{?(VMls{bFppIGax!=1fnW>4&S
zW==&$)MYA9C?woQi@sOCFs4JFK~M%{7Icin=C#ac;t`<Nzr4)I?a<7{<T?hFml*|$
zN2R!L8a)+j;!}*3=@4VV!2`6oQPKPCYMn#+7k4eCWrp>N>=5#c*xleX*mJxn04;OY
zcdh43o<OHmH;dFSd<iS<=~wcf^cM-N&*syDy7T`Sz>yw<2>_~<1#TTD8YO1{XzJC%
zbX->$QvwVnV$vs$)E_phRWi`T-H8u&zWOK}1OL=~<S;6AElyGn<Z4F92zWW;qii=^
z2w<Sfot+8qLl%~o=4zJ6yg9e%4?M$c73QpcyVL$qWb0ZR0iZ6L<JQeV7tjVolaKlg
zJ#l<tigyR3Oaqe~;zgs3ZKym^0Q519Pxiur6Y;P4*XNu<acwd6eA<C)z<b4r^eU7q
zt9iZjsnyj6meFA=fO&k10lX6Dcf!mv{qoyl$;%a$_pP(h3#l_Vee+=praEsA6R8_M
zzJdH&Q3ZgoId<{ZU9x!qeqi7Japci?stfXef3##%=}%zrrO14CU5Qjvhbxw52GgU6
zZ<xU-97^R|KX^R4Tu(HBE-%$A8~V^k*O&S0>l!!52_Ud_lfXbZ;+oR>7<YgEo#Zwk
z;ksn0L<DZW<m8xd2|nLv2}d)57{G(L4|kC<zO^8qkpS>7%rE%_yd8@Xb@!O27_+s#
z-j`h-`=OTxTLb#^*pdf_Sm2*qCO$mUPznRze1nubKrcNBcKc$SC_!MLU-&6;N#<bm
z9gk5Gp&k9%?PA6PJ(&o{M!>6K+CE_P8jHi>{~a8Vf+QvqZQISo^<2x&rB)qa!M~7T
z!2*o2of4@|Uh-;suijIg0!6v;$C(fL#Mq6IG0}AmG(b~ska&lprT?xNR}a}4ZuePq
z_Cg$2GbDft#$KxueKrKCp~C-N-IHEi_BZVQG{ysk-WNLY;-M}>dQ9uW+%lDOq&m};
z5uZ$dOk;MKyVhQ<rI(03gT8;MH}n{@r?u)P)>vM$I7HOvlLcxNc*_47KIz@Mtm0d3
z`$vh6d*<ptqds7+9cqIfp>(#9mz{d7$R;L;Tj=fe5=)bS2JH>_SRG5Z0}d|*e*f2h
zNSw_Pf(K09Bu`S1eB^?)ADXtB-{H&`CX`C+dp0Qpzwmx{e4B6rCO(>l?pYRsJNzZe
zT{)!9TpqQgEcD6Lv>0Wxg|z$&^Vj>>{c=_!d4RP%r<^D6o!Zm)57b#fWS`q?AOub_
z+B!~Qe2brI=(@%T{$x@P>!0OWV2*+SHI!Xr>45_7;42}dIGZxCeI{OsaG36NW}=ae
zq69z+$<SEqKtK)Dt9c!o6L!!3n8W)!sg>k$8&B=2CTxFmOzYkO$1%1zz3XJ1KBH`N
zBPSL&FwfRx<fdmB-nEAPhp6}(K!yb-JP5!+(Y2Ns=xqeP2l|{m1IM(H7l9ZJ+(s$}
zF_P{v2cX!@86C0jcPR?^2Qe9y;|7rVV#47MGCetg;__U<9`ChTd36rZT5U8eFYJzs
zEf9igrat*Sr&D7&K3Y3|2O(R@>}jDM(s8H#wDA#y;zT%9y??9gHgzg>5QQQ+irnu<
zs3<ByoKR)}vI2@I#a_cKOm~AdKp%n*M^tq)Y=M-5Iq*L$qAG7OSre10P@Qv^D!Quu
zPt~4k;EuwvCB3_vV%hjRTwU4CrrBR|l&X!&8?kbd@66srG-c<rXncq?vhXZ?mc-To
z>h4>J2nj#2z5|GIg#THLDJ!0M5XBl5N_dV4M>r}9M=<BCDZr|4bv68KaZuxUs1X=S
z0#o4RRI<ha`<l~hmImaAsP`&@a(az0m&@F#!UR9^*_=7WNjNH##Pho+1m4WBVG6g=
z>qN{RDGvU>q{veVgDB2OLB})>;AKpu$wtxKZT-&7a_FWt(ys49gQ|*%Diu0>`cSRw
z4&~L+0IQTD2!qOoA|j8{Do}q!q*kHEiOM`4D0E3#l$3k2F16ldtArGdNnR~Ie9|Kv
z+#GJgVy!*B1tF1F+WE^zOL<SU({_rF-yD`f6Xe1!UT<e?n66mg-Iw5gWYk{gf&Fv6
zL2E}qp4^k8AfJ&^ExfZG8G6zrO+BR+W@8CVOd;Ll8se@>O3&0C(&Y4E=B<4L4=F7q
zzAN0S&o{a%F>2$M>hzjg3s3a%&Xcz>9SPM1q@=r{bB1LSJml?JXzaH%SO<qDn*kgP
z7jnNNH9w(YKFt)ozdKct4oNC@-{)34z6#H8+sWlwrXcqr0({ph>h>;j2iil_BdrSj
zn(Xn-F3ovgz7J&pf78Cyq0%U8IeOr3gN?g1M_@Lu>**K7ic0HG_>)L0^LHvI3iroi
zhhk1nywrU*SdJpsf+rtzQgm(@T}4)wMalL(8?w{DGqWK85RNdEj*;{hy?<qTFedLl
zMH`c&aGf)dL`z3aF4FDLr&T4B%`mTZSwN#A1##!^{ew)v1;ZH`0Y$HCBKD4fp?3gd
z-!;4(QXH*Ef*pN?#%^yG*4Z0Gq@%hHSM1kcuM&+22r3`y{w>kBs*gyOZ_j3Tt^rRo
z84q{n4FtR4>|}M3`e;gq2Y5}iz$MM@4iI9(u#W@W=g;}U!uu9PNz4G+SDPR#l$9ZP
z1!LbOd^lVZ;lNir(1$+#8x!5>0w#o--`jP(do>!1vk+G6A0gO4Mq|+hM_-tKdN$Z6
zsS@_Q)tcx*G6l;**;+btb)FEF)}@<x%i0}okDl3eLT>@s%3nx+7M5fuWD|SbRLcJn
zved~z@pmQqcrihg227xp@Ih@L%gG3EY|~_Po{?R&Qkn870mreB)|L(WkLvA>@VZ_V
zgcRzADE0OyG9t(UKz&lf2eDSy{Z9AE@~K6?mM`frZ|#?hc8Z$T&JFUaTTB&D0%4%4
z{Ri34BOe;ewD{fB18+veiQgj5*TfDmUzcP+xVnU+UCcA1tG|(HH6Bj!^z6S;=;}H)
zN}UOU(d$Eoghv#al7QDVX#AMemJeNz4%gS#h`!N+_<El28u|`;R9HI%uj}S0VXiWd
z5c8GRV()2CWen<pXCZEeqom@sc9b(!vi^#^N6;lfXL7JH)CZbX)jHD;PVLaB1&#yE
z{;aTDRv%9m4isFA%%+|BX^+%;KM<Thm6xuqsqu3R?{aLQ$s2kYrk(}a^-@w`6RupX
zcV$ox#d#pYR8CUyAu(^ClbzYKj+{f!)pX(z{!d+iB`o#^5obZ8#i%ava7B<Tv2dRz
z(R%z;-ZwY7`F;t#Ivlka9RBf?mJFHFMw|y@=~^x=SwnPCvf*U;aH-7Id>n4*OnLsn
zvg*m-FjQDzQ(I7$6NG=`t_77X@_SISu*H21!BN&Fc_Py8QiFb}=hI{dp7B5@kzTlR
zfGY1mbfORyJd}U1TIFlxtVDfFJ$<Qc^6^;ueHg=^)fb~3Fo7fVbF{Re{Ra^84aXi>
z6v?`5;#9;$c7g>iIdUM0TwU$d8D-ZD*V$ZcOtb_r3!jmhQuQWfVVn6IdgH)GGoU!g
zGYt^?4KF%tZa1KWwD2gvjS#^CVU4wdnT7v(>sA70bhL_LxEApm5w{ajUcnY|1Mzd{
z5+P4GiGn%|3jD@_A+C=p7Nr-kgsbbP26Z1!EX`4w+L|9Y+^<F+3*BxJ`*|Jai&F27
z8#Fw5-D^x(?m70ie??6ed=2+e&LaH-zup(c;{u_|LLh-(HpM+g8dWy*7v<#e<3)nH
zjo0slr08Ki9(bRz1HxZRp8X-byHs9^!|gG8xzsO;dM!d%g2iE<9?V(W8Z9rzT6|hc
zv+wg0q&Kq2Ewu?+KTT{bRrGgM$A(6(;z(uk4l1P8!Hp|VgW9S4!uyfnYmZc@U_h{9
zphUtvrhGIAa%K%<)gPoY8WtxX!l5W!xS2|R(Pf~weW!^+UWwixL>Z3odg+v99Yeqt
zi~MW&t}ah2+v=ezeb!pK_RKCvhiXm4xPj4fX{?A%A@(4#%M_~U;E26$d5G@-tTrLB
z_LItNynCj$M>-v=eU4gzH8@Z_kj0)hi)B^MO!D1NMFNM-lj+Z1eQV-Or@U9@C}_LJ
z)W&~+cyLR$xOELH5|}qg<b#>KJL&H?=|avMjlD>OF#||U8{fMo(c8}q9HQ+)_I>@w
zwI^P9Dp$p+=9ptjEiJ@-BYljzmG%m83G~eQU8i_`Ah6#0#K%MDI9W60CTH>GDYEw2
zN<X`_y-NZ6@M-<%0g3smPf2Tw`UIe1Yn)!F*zU<o0SD>8DPX+@<w}k!K#n~6SJ`i*
zsjwZ%ht8l}U!v%$A?I%WbY}KI$cqcB5yP3Sp)<U`kZKM8AB)EdsS^KGJ>WVp7r6O-
z+&MB!dlbsSbv#$ZXcJl1al7b!AoHFGuL2fSmCl}TuX`hZO|6-m&lSH(K9m{Nw`Pn}
zS;UCBa{U5q*m*}u_+IWdZ(;l;sHdF!)O=kmGj|hH2^R%^-7gdU%6Z8scqMH~tFvfV
zV(n0$yN~CJRM6*3eq*m_(y^&JfsJ{->+wA5T&dhc5yV)o9L}0}SkaA&BL-!<w`IJH
z3f>OV{|?6-L49nhYQeG2C~8<#dLEasTl{B%nG>5P<=E{HSEGlB*99)L%K}rhtd2)!
zH07BZricZ(0c@h)xRx_hZLN1|!edf}gmGt&H$J!tvNqBDXTV}27(@m|+poAH1wwLv
zA&`+SbeWKSk*MIp(O&NwM>rkw3NRamN^OmB%xDI9M<9;HDnsD2IsE@2F8vP;BnC8p
z?2NFIjbWQh6f@@%54;<?RGYJ#AN#Nh$H0=ztYma7j<x+WBK;|srBjlu>SR_;nJG>g
z_}5a=^~5}rafrksBcnv*eiW{qy_`bsfAoF`?X&3xpFz2xxnXj);r}2D2>gGj*jb;z
z=;~i-4!Rssq$J$JO_87V4WuGV@^bDh_}aG+W~PrVzo!t2mowF%j)7Tdr2K^V+iD=Z
z#-reUApp|}!D$0Tm&l-``8hee?H*Y`Ht-fM_lqG4rDVs^oFr;0)IVJjzH-Ujq=DVh
z5tbG4?jMQt&sKi<V%e<>SL<W~H6bP;L7BqKA3EsaWR`V%H*h9ZzZA^@CF1pNcb6>=
z;_n_!dpI*8cfO)}L!5)Ba{vzJcN8dffn-U^Mk8?X4^jQ7II!YkPR#3g$giF&sj?4@
z+-!_}C)th!R>aAlg>*~+_=VeAEG=qnc3}c4!S@V+9_Z0tc$P0D@VVeOzTJfbGIkYN
zK}bM=Db#^6fpbH&EHojgffnukkG0eg-_f`B(lnjKME^xAKo%xFBygz_A=?qwWf8={
zLwIwZVhE2My^L;?m}J(YVFuj-N9Dcfi4?`T88lPNzD@}A$vyqn_~@fz2f{D=5Dk>y
zW>I#&7P8wJ-Z)T0`(9gsK)X+YJ_2G@cTsP?F|D0*z}vG$w0^y7L#w8NGn{pj#48gU
z7^<E@mjEC`179PU$61JP(bcCZ4o@6WZ$aX`kJ|tGBVx)<{o?MnK8@jd4HD^&ZS2gJ
zy3@z$4-J1b9uSQ%A{SWs20v2I{O!ax+!qo=6KHS>T@zMzBsliU89Nz(_iJW_@Q68_
z0ZnjwG4&|MCUzTk48O(>tojD#azn^_T6Q0SHoIg}lZLkqX(`sWMft6HjC*e(&LgIv
z-sW;cSti681V<i}aksi{G>;f}m<Z3^DNhpD%nUuKaD9VC4M)|Y>_RuVqq#dsma+4V
zRW!qV)=*356-!?_!F;5dIM|p^j!P;lea;kX{y`>BS_i05Vk>trcHPrPY+9%bz7tX}
zFOL7-4S=eZLzuBGh+fJ#o<|@umYidJLG*1JAh767VyuX~^V26tKj;ewnj(Q|RA`8=
zcDZu0e<|oa-2b%-5qxncXd%%OW)pJ*{Qh&gDfoOyQ&9@vxZzqap5rX%tXe&@moB~w
zL{Jg%@BT58>Q1CoN*S8$&%HgINLwfC`chG!&62Z>6eiWm*j0$;irZrOyLU<@wt!QL
zEeDlHmH<ZnooH7>3{_5Vdf$3#zz~WnoAaUumyIDi_0NgbSG0j*Yr0~2|3qY1lvo<*
z55g`>LR$IvcU<1AM~hAlKog^dr=WG#%?Ckt_sf`x??KV5AT3U&(sYQmnkMT{9!k(#
z3l^Z|G`LU|iT;tKUBQDK6zZZgl!rmYj-Xu%di{TGBH#CJzPpN6`CA>zEq5;)s~`M4
z9ti><%n9s_+^8yA^0xw4BeuP(8&|>fZ#`+F-s70H_|~)lyBLQrck`YdS50z0;9q1j
zkHw1-V(ZYxTvV;unpSUB=Qp?1`B>&g3d=CNJQBIV?d{mwQMex*%g`n*aB}i=%G>g*
zUs;h3Iwjn9N1SHZ^{I$>E9c7FD{R$OKJ5<p`6A#vetRw>N-@3fG`E8@i3<H<z9^)b
zn`0cJ4H<$CbmtpIt6g={m1p8ls0`K)A8c{mJne86TB+1?XGYN8!2C(F_O~4)SX+?Z
zMmI{7<UKc~jciX;|GO`X>(zb=$2OD@^}3z{W8}rtDKpfF9Z_^ZQwDc3(oZ$RXm)2M
zBjMz!r_g8U;?H4O>s{ZaLF>o@&-)HqN1?z6U`dWK90sIGUi|xLcO3?H=eHLoxoU)R
z*cFQ#t`u+?X4g#Z`39DtH$VPQwX#SK{enL#sTmvX_yz}MV$6N@d}hRbUI;Z?Vt2m2
zE8zYZFYjDut-xm+F^jv%cR;+p2p2{3w92xREfEiDfS?OD#wSm4fFUah^h-bodNcET
zqjps8RFFC2VTve5Hb+AVn$mtS!L8%M60HLKMPPEW?{nS+OJL5;a*m`)m_#Aa5Z#0%
zCnpT+*)*ZHH#d2cw0PvSD?E*J9MLuLWnj9=&_yYxyG)rduVKUi37ezwbhnemN)?r$
z+5CdxPs?Q!hQ!R;GQ;5~fxaD^^;upu-z>#+!!I5aXZAHlQrTr2w*W5+^32Bv-DMwb
z7G({ZScb@TOuQ3>!GGn_sDhem44~gmf;fmR1Xc@TpfF@6ru|yqGmoi~SXr=W`e*~;
zTbd0yoxtzV(T%Lk;pVfr{t5yJ|7%ah4t6)#4gQJ?+KmD5Gf9pZ8{pBxp1G<1M@T^L
zjCoi}OLA#RYWY!AfD18(tBAG(-u&kU9#%7kC$8zYKM(Bd%a1MfzSzCNvpG0WmNG*t
z9a4eza)B%2RGD>)6G9lGx3AV#2c~)69=zP~^LM%{A3bkfjP8BXBSrCcNl@`k3>*s6
z17Z{B6FKw&{jE{JMYqMG5eyJ~L$^|0MWZ{(frU#L%{1_?@eb^lA&_&TqEVc$hAbFa
zl3qv$C5aTIg+em9+x_n@ZG7o!Re7bx)PiU;*kD%Y#qwhq2ygI_+!Zd?R1w{O5$SQ`
zQ!an2jxc)oIdWtrd_{M3RaWl@mXi8J09>wlQ#P03d6P9vYX7)!bL@`s-mRX=ae2sx
zyc$eE3@Y-%;_0+TaQvun`hGx+&(mVx@k@NW*VMA}wETYQ{m#$mtY`01<n@ib>?x5|
zz~z1SXV$kIJZx4WYE%G@==65ebr8hZjBXHr#sD-B1(VyW7j+a(6#0&6H0ll>7Kpe0
zpQSRWv3Kjpa*$n(v^Wg?EP5Rftfm4HLbpJHt>9|^X*$2ghm&@!+HZr_!cv3lLUfZT
z>(}1hP|)(BWovwLSo8D`YUtK2IU&L?yGP5bR2+C0B!WH6B?L>K-MKDJ>l8w&lkT^U
zU7gn_Pk0^&?bcOPOxizH0L@E6y;1`Q(vM^p-K89;(_3etsPL-REZ<eyr5sSJNpz63
z6U-t;GGkQZwVe~GaK<o5PgIbr;0&M^`$umnr6<c5&BcyRT2ULfCCf36tjSvlZIS5&
z_vnodvsl5YzQ&H|#cqjt4zfeh7Kf<{tZ_BDxVJ<ph@L=yeUl8<;VL#f7O9GWVrD(a
zbL5OG*wPf>ZEBn93$P%xEMJ>2SBuEg)BWbzjFoYmQ3US+p>MjvQ^m15&9p<e8&_7;
z&xU@_yxJ5BL+k1|6f|*_48tvdn!@6vXuDK(a^xO?rV#;NgxRUvHl%Kh4TH4X3-e^(
z;QYXFekpJ>C*fNX-Q!rA@>Z?K{H&XsC>ev|r*|w2vL^EQsl1L9l?8|+>0BJ{`^bmp
zMB84++XT`q<N5i@G-?wcwhQNCb10M<5~`pmQh7!HyM)f^m^6}4v#csmG1`I5FS`9O
z)d4q}F&y06Mk?EG;7OZXdb`Nd_h@_c^BDMcXKc8VP=ZDgY(s9JcmG+XfS~=*j`UDs
zn1{bTIY~Vp5CP8*Cyq23MJ4=XI!48ek?IHlOeaB(aB*-Ptge0+{#tFy+A9(b(?2kx
z84owoLUU@e{nIL36bCQ$--@UvAk5M%y{kbh5=kmLq?zgvXT80sk_9#`DiQ5N?Poc=
zJ;?O2A}}G5=vg;n$dltVsZ+5(>e-|e92u0gK1=$Ai_v=3q(P-|i^aU>bzCDido(Op
z&Y<7FDk3ZMiD?)iL!IfA)PbV3!}spNfN}Pj4NF9WOSls%#QDKvuZipz6l;*kvFJ5>
zv`R+z8eqBtTgBJ8X2|S{dPmOgRZtTwRyVFIReUa+nrtm$ix}H2u-=T)*{8=q8C)wn
z^1Ih>9h6&e`p9q>)<e=_ZPiT<7+>`cJ{hE5HMM@|KB+&F3koLS9P3P(Gm5JR%h7f2
zzfKdzac51MlkV@S3OKy1b2elvcneuftIwv5VbZh?G^>S?wuc}jLw`7)!9HelajIJG
z;DX*(me<|$QYr^mWshKor+XIt;;wv;b$>IOF_E%yQdh72av5Q9SGSW)-;mVm>H{gV
z&Ms!91{w$d2@1+HO)|6G$EOVu@tzBE7j9Snkdto^pYjbdmHuK}D%gV&;`WgN3Y4ef
z?>>0opFVt=Yk^NY$(i(1Ad75Ay(`Vi02{(<srLaIwfv<G&Ykw|fd@LdbjyrU;U*K#
znhO@bX+;LcCMHL#9MP&isFd0DQp)FYWL3{AU(7RKB{3NmhnvIrP{unHACJii&_7E|
zWF+82GCHc_3p@D&kVq!2@&<cvy!*yI5!gj+^j|E_0;|m1Kif!QEW_#~_xneb5om_#
z=siT^PV_faGJqFO3nEy?o>n&+86#nbC_!>~b6j=VpQ`JRm9oe`){jD{JLB>{I>)f%
zc&*L=`=3C~pjPh)o!w!SSB4+Ax(jS^JxM_wyuUtfdR|?&8T9SB5I6y6hn~+4nn^8B
zg*6BHZ{0j~_==sD>mh4lKUesW8J}1bisc?(O~<*S!ie?+Ncv?LP1g7*PmGXR%y$-<
zLlxxXdnfxVd(QfqRv-*}jH1!Nkz{m=p&pXD;?!@SfEwL|QRHNE{su6xqP!OKjTEf1
zpzTp5OUWuDEZPGlT+}Uy%%k|0OnKr1)#ACWO7FzoqH<E&-Uxf}lz`hvh=#a*yt(cd
zy*!**YbtLpFz4d(coM8{X6QZY{3(*zSG7#Yl3s}0vg3|{**5Zgc6?Dy_+~^RAVYa<
zXD+vxw<;jtzR`zavPdUj#u29e7qM<KT~D?tD05pMbcF!wU)y@TJ5f2wDyh%SSMQE#
zOo?g7PV*_n8R|-2W?N|eF6;fUk^Us?{H@k=YC}t{KkYfLYr<!x^f`NoO{ri6seNgG
zvf#d3GJ-OS(48`B|3xfDs5`3oQ`{;pfoDBiK}fdW^1y_wu1!^v_1)@<=tGp530&dL
zSt$4Ikv%q0J`X3{_~oA7Lw8@iZMxj;{Nr_R{QV2m`TH<R2tdB~F(P6UcZ`5D6x0$v
z-WO-+U%Xg488i$WTKdm;V&T5c@O9({>Pmq_Udkh#g3hn1gv;rc+3X<uD-C4sql~C`
z<ygPU8eUOfk~3?pJNDyzckN`(FVA?x2c*qFGC7&|55jM{$WFnfKjcqzB0d;C>^_?h
z9T~SdP`pty*tHbi0!XZeWi70RyxE~yLhRHB!3XV_47nmX8LnCdBNX$qZ@bkAdMhNU
z+RSG$y8-AxDqi5Q>*hWh+B<QIA?HkqAkep_2f&Hc1?Y^7iNkYl|MN>gbM$UEsx}8%
z^bF8SvDq+w6yP#YJ@c<Ty+I4g&X?|9Fv9j*>bAIMU*7Kb1F-5{68OwwA9w^?w7Tx-
zUnp@tG%&OsZC8$#y~X{!5unxjcqptoWk#PgW#%Ii40mxXR+u*uj?VG!M5b$1w!2Q^
zo6)K8-kqgscuBP%g9H{3+_ek>;{(qCk@}ll*vKfeVQ$bpml!ObkNDq4Z0rw<1n*At
z(0mGTxk;5GpR!2aPIdH&S65Ahe@-ypda5g~bVZn2XTITO_0mbgmz2Jcs<zTC$~ZXp
z##U1)otT9GTCbNjEVCUoXezif;y}haT=@>+9Lw)5f-`j_AJAh<@E3p*Y%kwH`WHhq
z`DggNo$@{3ZzJ!!i0q&*nD;7ZFbRBE-fkC;<Fe@BNr=DtxXdw#@g+;}z281AtVn=s
zssjo_go?C$Aq}$QhogUl?8A-q9Byqgr>&JwN8g2>Z^jcY!)PZW#V0QpamVmkM(2XA
zMLHm&LvxJ24OT#-uJ`PAv+jhK<>Y!9*W~^J^8?Tf$RptG_cW81>Ur}r+%^~Ms>`Zc
z3A_jxTJ9?T?z-@-)uzZ#(_V;^`E@1f{;@H+(v#i2wxk3f9;eFn!lCi0#l|bnF^3}P
z#j*Y6n)@omvosxz9PjPUgXRaDa3t;J6?x!h${T3#=nRH_udYX;3(YRS(XZYN;*r;<
zK1MtLDTz6{m)mTkyX;{qNJmbYF}MqGf0d-<TR6LeQ8!gXVK>paLb3ir{;@VEojiQz
z{Ze$3-`uLvlBN}mdd{kLbj9;I*Lr~kG}g5&_bV6aktKe8$kk}cal+5H8Neyq%x{Kd
z`&Z|}y2tG!dQVTs7fT08%PO4kHit#3N-yd7{T5t~Ioyj|_G1c<@%%sCF(STxKU#`0
zpU+RPYrWk3Uhi$$Y#WiCV7Py*BD3^^(a{+-|9CyINxEX!I@jZE)_L=Z)wlDMq<aCg
zaxeO+7q6S8!}l0~_9WG-?=L_k_Ts7T1Y6VcPZMjG2JI`XgGcuV&MQX;J{|@{<jV;9
zxRGssg3p-SlozQc21M8Z-0kr!-pF-h-d897cAP--L@(w$NJA+j<;V|;-Yu8RR<`a;
zt55-aRUH?~PZBaBk)>NY#>xPql<ejCAA2&AOFIvi3SB<|=W6N!_fU~<`q{p&t2xdI
z-62Qh(*2r5YAaVED=qPKH=bwN60;>yZw{CHc+;ouhERLxOwA<BGp2a6?NVqSpD9nz
zPBxh9hCCwh(JnOfs*qCRb4%>LbAi$mo!nJ(OraN6!M$$kzB5cQ;W4c+D)u`~{mWVt
zOiCT5h6bx+AoBbMyxdjJe?hon>Yn1$F>8@maizohkV<ieMP{@1qG@$PvsrxkmKf(0
zfk9zg+Ghav^!xza7h!+~O|d?aKbbrK<|%xYeaQ#RhEK6>Gfl&yQ#WjQJC@YznS=So
z^)q-X0#x%?=6XLdowxSQmP6@@Z+zm8rw5RLP;@5h@7vgkr9|`TqK6+{t`(;67809S
zi0ioHVw~;dmeYC$nmH&>P#GTEfd~&UUb^Q#Lx?vw77Y&#TXS0bd)l2d!_t%nJqwI1
zxDcmb?=)AdX&lIXEW@_BVtF~%t@!`RsgGa*B&Va_a^jFPc_@1K>;)V;QW)mz&lZhY
zZ902!bVO!md+b{toZHxPEvI;(7n_!2w_H*OBvUS&S5ed07-JQ?TxjuD1i(!foR*?U
z)JtTf!S2JUA#s6W{Za;yXIg!+yES^de|GKV=f!t4tshcSE7>qfgP3pGO%Yka8Mf?P
zF#bR%chVfQ>xorxqYF%3c7}0V>5zrr1=|)k=wib0hd<UymV&qz@SS-0cK`$3F5BE?
z-F_Qs0hYMs0^D7wY<w)o6JyyONo+Z3J`auMP8N%f*yoESr0YTvJ-pBSvcj}ldgU8%
zd>)0zrYjfuL&Hp{T!4u@KZZMPC&$Jj7Uws1JHW(aFri`GcspG?=B3%n)9Cd6Ba1-t
z;w>rpHwzJ22&~$()E^hzi#&e{I<Y8Yfm!mheoe{|V_j2qlu-e*=5+hfyXc)-dwWQE
zO9Qm#A53w&F4Ag98mPt7H^awwY+0QeL@xy5Lu~p)oERd0Y{02m4}>5+1I%N9JMUwF
zV*%TRR^^(6R@c>`bsk~AN$U_ZWTHcedEZ_18z`vw394c!%XJbUoqdG-#|tEPb?8M)
zJ>pD|90}xFg#=i?Zl`_aan_&l+N}=YEe=t2uK?sdqSkqJ%BPQo&kY4kfFb0Q>bPlp
zATBi=d`nt+yx6#L4jCnUp#(l{6=Xb{on169M7&f#UTqY-++7h8@&kP!lg!PhmWpZ`
zLngM5$>tY-m^)w<4C{Kcv4>(n<a^%{jN&Btjb;*r6g}!AF>zRjzrub5^Tkt|XL5%@
zF+B{EvbjU?H+dymyJsu&;W{p|L|L1yHa=3?^C_)>55ktf<u(2nVrI{&N~`*@H7PQh
zr!QiG%ERX87wIq4x+8VXX}dgI*F`$lr&j?s89gQ`{?;~qjfYvrjYLa%C59E1-H$|0
zQ~T7IGUd%&pBIjuQU}HUb5W%AHw{)d$vSMHu-Yc$r-?EG4>|sE#xH(*-8qcPTUS{`
zWq2Uc1;jxd!sb3JJ<HHgNj%+L*1#3{c3-!aEL`{x`{s}DRT0b?rlepgaF)i+%5D2<
z_k2%`+ZGMpf0$4TX;x0!Upqk3<qIleLs-xWXPy!ssEQij+B5;w{aF1HLLL;ukY?M`
zoM`3DIim7vWU>ZZ36zg?V~X-|f!y6&#z3kBWrQ~ckFovGRqx{#9(>Z*S9VLosLQ9h
z4y?iEq@N4-SEd#TO%E)-_reaPUu6G`)O|j3>Jze6@2FL*Ui)@gys)k){9wuv9?|4Z
zWB03r6U#~-`fxVrF|yK#(v}*D*JJD3TB{^a4d_zXg;W!sKbFS-#D0lM0;oDbq)EO(
zGLXnOvv(Y$g>bUQ!}4k|aN7EW-FMD@@h_*baE(E$j;9^=M6l&<LEJ5-;jI{+l$BoG
zx252eoW+zAUV39MZ}J<QKL#-AxVJDaO5eIq9ZuBMX`Lt;!>!D2yb*i%BH)DIUJ%B$
zZZ)yiQpFymehmQX%{c%j6sa6AUA`&%4u$ZRZI6Rm3b&==IolFAv-%$!J+}_m&>3Er
zlvE}T=DwrY;ky?o#@8=qGwFTOc|GVRe*<>0$k}1b`f#=p;9Oy5Q&qjM<4e0{V)sc^
zcn!Waq1WtO@#Mz>zF%cFe<VKlT4537M^GIM2)YqOm#c82JEj7M+Opxnaz$Z~nEByB
zBv`G%r7-#t3Y|q}@z*gG9@J|tO)7o`P&nbiiv^&^+1%cJt69=gF=Mbq8Lf5v#(%0C
z0EW)PPXJzgm9faDcF;$+2fdg(^?4}M#b-$w+xQk@E(a|=IhZfI_4iZ?dEnY^PC!ls
z!8g7p1H6E)v}zi72UaOjoDIQs2Fih8jb716sOzCLf^fcnIL!jL-5h6vdkL4|&%UX+
zN@*P}B0L2N`qjmept{5g#EPmlig$7P($nS0F?wk9!?$C~CjaE%<G;hva#nZK#Vc&&
zBbQgNA%_ZqoHF^`WhY1ewo}<^n+L+x>My~>?!zYm><>!Q#g(xM>nRD}Tvg0S#c#te
zg|>$-Mw(t{JE8W#80z8;{lnfJTzBxC@GwMF(2YTx>lULWItJ~`<Crd4zjs^}OTels
zLuy{z6LTJvDxEQ{8bo}4oNffxVn*>o>VKa>GH#cLk5`6asZj^r^W#DQz=ykGSR#mi
z+4qHQ3=L}b`vl&(MpgIRcw%yluce<pb_mCR;rQnNYIVX7P(ClaLgKD*WTTARsZcHh
ztGL6-mU~s%5K{^cNAPU`4#o(%bcDv7S(8H(o~}bQS#X_BK)fGlnpt=cpV_SDjfT#9
zzC3Ic-Uv%85khlO%bR5WogzeP_wHvm4poGHW(yB&E7_$+kI&b;GH7gP@LG;kZb@Vp
zJ2D9OI29x_(1`v2@MKZE?|yPed?Ue=WI5N9)p4<AC%w9#Jr(DfF;&~!;ASu>u78K~
z_ymj`XtB7~4VFWUn>)}f<FY7&4lbCq4cG=Oz878evt#3r<mF{tmCXbG()(RzZUx-;
zb?*^IWCDX{hpRP&=2|$-_|(NVY%-r?A+t7lFdHM_T{xcp_557#kMS?NULqOLXGbYt
zXX_DGW1Z>L0~?Ec4Zetzs{rSDx<5@O=Y3xhnj4zd&yV$962WdehnUMiqezCG%KW3H
zXln{#QC1WrnYf=^vilpf(#Xq3A7>q~k&HTF6^BGOF}-$4jL;FM{>_#Ma#IL%CQuPh
z4E($q8&o*cCnLgB&$X+$zI!^X0&I~5jup&C?qtu$1GRNO=kjlTthdhIIMt@A%Qy2i
z4be9}8Shg}@W)K?uXRzb#H{&U`q^j3vt*1OHiMkbrf|>F3KF~$?Z5xAA#o>zPLmO^
zIO_eGj=9H-W7_*ajqvBYaMuU{5=`6Ao2igedWg00tuya~I{U#E);=e&`Q5J?ua*M+
z1+_mu=b$o`7PBte7v0#NTu+Vcmm09YTh4Y1MEdls;sSXz1sWbU|C7b4G7j{4U0kVn
zG;bRFJD!o*Md$6IQPKWr*L6ltBqM@NzxR?4Y&j9#q_4i(xP*Xb{SyR17A~g`D(S<w
zxe%AKlB86`=z08dgWaIj2%tsn+bwb#&+qQagW0Waic={@Z%amEoC4Nzp{FDbFV73s
zN&Z&FO*!b+(PaALMzMaHY9G}HTs39jeT7rBo@k=}$@+-kwbd+D+SuMUU6e6$H^5#s
zOa+jXqueKzus`loLilAzq`Tc*R?usSQ~iDTGUXz(B7y$Yj^^FJ`e&CUQpj2Pw;u{&
zsc3R^B1XFjYQ#d|TGJ&3=H=E<Z*JtmhVH*~(a^4qJ|U#khuyOcgz@5pM8q(u@D~L#
zVI=&SEtH4yw$H@FJ17ZRQHAVQwl1D6NXq75zoL2WJgjA`{m04u82B+u_xC}OPy@94
zECX)fFA+Wbx`z`N-HY;<>iC6+r|yqSOvzd!Jj_0esmy(9wA+;D$}n)0fhH*wJc@!8
z&YBdY1B-0T0KBs<#Fl%G5C2dAptu9}ZidLOPz)4zU<nCrI#`2~aVoD&K7x&l?q7_S
zChvDUgLlbdvCYE_wiVY~ix@Nk_ai$z9_%j1yCdxxsW#=``u#a)<}96p#Dq|O9^mNf
zD9*te!w)esg;TYJqBKEptlm4}XhL<`>hty9o_Og0YV^`q0>m%4naET9obgSO7}@E}
z7+k%S>80PklqDY@f-q7(SGiXkyLtYY$!gRK89z}#Z~!342@tN~MV)N$krbxYkvXkb
zyYNLMjhggSN!-);7#A222n%X8M*u8d%gA9KlQ~Y0mI~Y|q&v5P`%vB}k)w_uvhTw=
zU3124h*LYVxCAsm|2N==*4K!GFMRD5(jSd1iEd`dcxY$nCRhYPG%9(=uM!$4Oz<PC
z!eJHk%D>a==Y|~)M1T*l*u;ZVeCqHgS?5$9&WeBGijBms{|JC59b=x(Z~y7>_8{1_
zZwj?n=Ix482=>DG>P8`@aEh+f)U9$6?%y$!45`IucE!Dvg}7O!UxYXq9hf<;M|D}X
zOoHrjke(_6fvp^C*Rc_Na{teGbh@d80TGJ*LF9dOC1xT=YdMlfT2}<P!nF2b%cl-K
zRVTTEdLN*ksWSHG>ZWYWvZwnPA`9+qz#5+|8*NRUEnH3HpLaKO5T?W}uv1`XGXG3?
zOjrYiMRc?Bfz3dUg9<S9tnEqk(ZE1EdN|GL<^D8bCdB4JK*K*sqt3LC<)dW>D~Qbv
zheG}SUVDrR)b$SqG?+dfgSyKtHWf{b2`5(w_ju!GV5ACck?-2R_b~39e{4lvnAv(~
z)8%}XAC-kz;Lwls27f=li}No)!j~fzgtmf#;Se`t+|B~(3(~yV3rE9*i()h*fa!PY
zHVGUex8wLHZJAjg2hcJ&LCZ)y6_N<>+S~bx$le^_s(XALX_8HKCv)szP%`8Qhh1d9
za`w}Jn`K_s|AJFRyy(n^I^*w@r&7=Zu`125RR`nPv;GZ&6sU>|#U2OD(QcskTN^Sa
z+jQw9BDL<je>0wHw0><kcw3%=$eL+{9YPth-sfd#)AGkha!rSMqosE5Vk)_pWaDp5
zAL$1Y1G@F#X~Z0nS2B?D4Y@v-gMc8vbU~wTnnR84W)!L#K1SrxdnOF?u9&sO3~OQr
zfJx)c#Mq(wc2xs2N}xFM|GBH<eFLseRtEgyD2GKy;(TG=8?VD$JNxGi;<6<+4tL>J
zCPt>W%5(4kx&-{xRv5fRZk5hn5eh*?2~5~Eh74|$kc&+HaORtJvK`57lI6}M^w(R-
zbGZmfn6l1Xkd50&gG)l+=LCAzz3mRs^jdOu;2N`^i8voEV`=epHFZWGNsl~%&{lY>
zT!i))vPYiE1@r7V38Ofl@6J>zeKojf2a(b;FcWERM!b5JeD24-S5!~xw;?uvUxv%}
z#NZJ3((Oxr<X-^wKHceMqXGIghP`VK2!WjG5Cs`3;Mt2`1N7CRVRHaWC+p;Q@R*45
z!>;Y^W@kdv@+ME*vhul=2>JKv+5Vm(<Q-!u#Q~Gp+;N0|jjbKnjyO0tYNL%##YU;l
z7sfR|#;?0>x!WVI=+c-!ID6g@R3$beN?+>sF??$dzsCN0LHp{N&>`GBqyY%PHb0Ba
zRBQn8iV*LOa^qf=#9nbC27{4~)lX~Z1Z<nDQN5)>UdtQp8w>LJA?yi$pIiJLox)`W
zuZ*9Kf6rC>Mym8z2Rg9MMnHX}O|F>IUN6dG-ww?+_$oslRW{kh#;jf%87L+BCkEvR
z2ap&VL1F-I6u_ZPDvVzBO%~I=i1<&+ue7_{vLnegDA3C$nNhEK{}~iF?1M%JCf5K7
zxkh4gOqrEZy*TKb9LI$-m|duELj{3jnjUO(?Og+U<)0OEb@K&nunV+5ybB$P28GeR
zw|gjRdp4?50DpCx6KUO(?{tK~LB|KtcKVM;q#T*RreG6i48)qqlefCDa&NW%27eiV
zO!AIz@n6BU9=qULsLaB50*0_SH<2Aldr1qZa$|yAzru@g{CW*L#Ju*wXggWIVuDoo
z@eA=UA>M?#zMawV{pDI^-rMy1l@ZK7e4=0DQi;v?!fQa@++#m}kK>(T8-C(iF%Oy)
zHpXZD4q?+kju)X;a*N26pY4Cyti1jx{q=$#tg{_jeMFRq<XsRvPA-#i5VN|G9%wA}
z4RgQIXLj<D_J0ic;Qk0=!1HegDC_mND~y^emz6x&FYsXS&D_Cd(7i3L(*~k-k;uFp
z!Xfx8)2iH1`N*1R|HU(Qf-+bMHXjr#>8y86Br@AW11+5Bf#{*a1j!YFoDu7dryNWn
zJ#(0^LS@p3um%aW4kT2g3b;AU{YIoJFv_z!5;9xU$lM~9wyKA>P%4G$Igd;j3V-$2
zs}l@}LHe}9--K)eQNImTYOlO%*7;;;P1h(W-|AyU0F|WNFyxTxd#AWr!6DBvSk(pk
zEP~Vac=`@S2Pf_;=^Dq`jn7?{02Yw3noR~7E6e@HoBU*RPlzAn>5QyT_%bozJM344
zYBqCii?fo4YaxiC@>fuOrd>tAS@=I_$jcT`>y<01W^e!RNnx##W^+2mH0mP;UTZrv
zK^vSGu(o<+ix^DR!sf)`!~a;E<Tfkgf?)OARWa)Z4l9hNSyNz4Xw%ftD#E)bP;%BF
zLs=B^r7=vZ#J~F;Mke6Gnwblw=D~c3@5PF;SL_F7lYLAi4CLJKAgIvk6(!(|`U3t?
zOxL6NZ+A>85qU7>o#Ve5TL`C#yWTjLFnnL`Hgn$mGCPGzA#l#Gr{VLxgnyduIsM#R
zz4{^JWO?||rrY5CepotSL1q3g=_Z5%YauM>_o8JS;Rk0_W{Vd*+k?O%vqifpLwTuk
z02;kK>;o!&&j7|NV?hHQbYRK_%YNI-I=BIhea_YZ@FGOn5i(uDYN~pOy8B<-HrQ6i
zU4osUIby$pmozx4g|5Ohko}dDF#eiox>QXV-bGzVv~~2TjnjTJJ?ut{Jl0VSOf$xf
zvW-3<$>k17RYEtS9R=ho6mN0LNT|z_fmnr9r4_0QEwNSt)5L@KWa()AX?Q}7oTi1?
z{p4P7CmUG5u=I?Et=NFDKzn%<-&KiREFYVfZ%F(%Vpih7L|xaAkkBV~r7%oyPPI$g
z8rs>H52ELA5K(g>2|%B_wgP4ohx`4LXP%pegbM<VuZ3^Tq@N7PE}vOKbKjp5JU`z#
za6PEtUq`;&ry*N4TGu}ye9_(agg>G#l)jEw_`(0|Y}>zImUckP;L0;qQqt<dwc#%H
z#^B>4XolZj7Jktv7&j_X0SU$5ARv&#5ET_~;OYVxmM+6~U$JtcB4Z77ovM3?Z%J2W
zO?R4n9#Vcc?p>aOWs|9t0c)(c&V)(>g2NUKf%kUvm`1t{Y{pmi5v7*BHa_HFPv%&5
zS^fgWD<UR(RY)4pB<a!vCIy_AFJ#&R`m~l`>_aD5RQL;{JgAlbh6NDNBfv>t4rMe{
z8QIt~9TCm0^TzjuQ9LN2P+cZAL|rsU9`q>vo7iR+|MFT<-h7Idcgn)7LgAZO;H;Al
z))>pq{GR*^c8Vz{n;%)N)SHVxKv7-*5Tk0}^UEfYLR}Hdbw!?l;rkUZG5p=V2nPfj
zYUW^^_?joMw(L355s1C~^NCRPskxD+wyfbcz5I?X;cDq5U}oRsJym7LLBcdq-m+FN
zX=jd16&cJVET^4EZ|khtH;HJf(UzVw9e3mo9D-M^g$3vJr)+uGEzD{^@;u=OkMuOY
zA!^U+{u1#cD$u<SZVHd--3?{37Z_VB7SL)RKonw%x0!V>fl#X~NbpB%amfLZeG+w9
z@o!vp>ido1{n(j+Baaf8G)dgyxE9qzYl6t94Asr>P_F+NW5OE=BH9lk8a_w|=~}qM
zf|#zB-+R(W|DfeW&N|KpXA5x}NYmtZrd1k^*blM)(u-qt36!~+sq#-%(rp#tC;_X#
z_EM^kwf7Q_JHu{E$x<y~6j@X8hyFdiIzbD=ED$vQn;L9qQ}3AE6}6gS@Qb}w!Vkf&
zq>bAo$y?KUYQ&vaP0muyAxK5jg&4^K1>Qf5DUmajMm??0EuP-w-iZ~9n(!`^BHesn
zbON%X=Mms8c+5p=R3@}vsy?&{mggml7P%(hBQ6yD1jTiaqHT;;#dxyhj(_}NR<%qw
zrWwxO3tt+0GD%8%@rqNUYI$DCN(;bVrWJ>eUWoE59*<BlhCMQtg*`l!q$GiR_(lUs
z^$D{mhxWf@tunI@Q*=fj7*Z$}=t%)mS1O{Y{2jE7oIcyh8zIe>G0E*@2>y}aD=$aA
zscf#1lx8!7Wt5@zrGBlq2~Lbpd5gPi?&>hCer4fP>PLbQeNp`pZxC>m&B^{mYq%@`
zT+o-=a|1J@vc0jwKa#S^dqmuc?pDsKV}5z-9J4r_iYJLdum)s7eGSVrE5u1fXELJ-
z#i-!)BuErTQ82CAQ(m|_#NvM_+H$iOHLNVGop1LihF*woE(jm7V(|Y(R$q6W<v{mE
zkbv_m!A*3GF8Z2SEcbduIK*=@nKoh#@|<-sgdW~1`fiB7hF`|z1YYR65d6SwTuvhc
zscVR8?7MNJkf)c!)}x3Gw&d%F@>@-PXD)%F1-AsYM2IhsOw%zcG<nQ8sZaI-k}9<^
z)FsnSS7dj9=WAi5{9v`EguVE%CEgBZ>@Q6R>e=QiZMXIpB(7XWkDdMaQU)fCZEX44
zCQ<2RIVZ|9bd>|m%Z3IDilRWGR%sfgZQ3^$A#-(0D+Apz3ri3S$?gN*rwhk#DmKgq
z(A0t(FE)P#2dAlt(<znMc~sAx0jv7@o*pFgr%R-_)Oc_Mu4dc0yIfz~qL#k##w~f=
zn0K9s<T&h7oa~#N+^?uFHQzO#T<_r4*)E6NwR+GEPRV7&Amb6DVPFAY_@7Q4*^X_h
zY@6BX%KI_a)~8HIopd2S0DGP6RUQ^?nhylpPy5=6mm0N}Do=Z>9*m#tBOhkwGPuf?
zw37mR)f>xx<m_h(Ed%X(uuQmbYi?Ry1@weeS`T~725&IXGVBseJY44wo4&Tt9&+q4
zwWpjbJ@B*NhcT*78}S2eS(+eC$#|&XI>+xZdN3z$wa|1zWdUcZ6b;xZtA<wIA=VTe
z?a6Z8R8HVyH6e}C$Xqng%45BKd=akrjVNjB5tT5A*{oumVsC@qS+^K?hu9i;S7R6s
ze-35ooJ&t>A5ji>cW7sD6eh^36g;pUGFkrce$>dh3l(*-q+bBY9bxS-?Ti$lF@w9U
zpT`u|`xEK?wxLyG2(5o(2UbkHIWl*;`d|so#81hdnjb}^ytmYQ)i6d@i9Vmh6vGt-
zv%fvUck6h-b*Gj_O8aY&@;Y26@Hq&ywoIP8&LB{wPnE&Oc}H)&(Gs3LFfHjz;ycu;
ze*axHe@p|#pjsObXoxar10OQj>#)%qv`=m4EwW2#*SOOoN!5gy9!wD4_JzJToIY?G
zdkY(b3^%YJ;PIm#;4ueVnFl7u)n+yN&1mOAR@DB>EcuKSqoMV%OfruG%+X0m<;|d4
z4zp6z^z~cIICB;?so84`qXl)VO3$}>pW@qOETFO?m58|VfUz@WXljyZZjxMAq;B6n
z_SU@;lNhM*{83-w2_l9FB|Z-#wkNG0u@Kf%4{+we)}E`Lq6vAS!!VX>kgnUY2-A|;
zd+wCJ5II`OyYv>&Yi?0DJ?;#4;O4YSm#3_(!L9Thx=yFD9676{VA80S$*GL)p{U{j
z_D0tvRXiFe$C__2)LZl*+u?G2Pj3nzRT?dKL55<rMhdEgf%{Ls(JV3=XS6aJbwb~x
z@%B2Zcniqp<eqyGA2SXk1|kT7e2uZ?X*Ki#Ri1Ox{4Zx7GD24&^7{kbc4E_~P^@MP
z)pV5*Jfj6yoT|xr#b)=dmb^fX3biCLBT;`|4O~T%YL|-QV)&=8eR8W}I?E`E+%WQ<
zl$V}hi!5mr#I#I@o!<Wmy&oP)%>xc8z7)BnUktaxYV<=CqpQa_k-UzrN*UMvwWJ68
zjc)M6t{M7C6}Noy3E_PAfmbe_vSBird71%MTxne$!I2gg2JpKUNEIqUPsCzpY3Pc5
zFJeW<*;IcD=F9Npt8Q`$;@QolF|j9m6CgAf5@{L58mUC?s#pcBWlPztWmjR?3yybd
zA!V{JI1CPN2+EECb|%w^o_5X&3B4Y-a&$znwTdV4X}7tNbB2ezP5Uw=TGQ0_L~N&>
zgT_M!YRjmB8bvZWQBo6c(WEAJ+m}>L5OsQ_TLZnPhF4nnjt?HB0^*Ls?(8XkD$NAB
zs&auLp%&2O%@h}JG@ZF9d2fF9##ciwW&FuVEy41c5<WoH9xfmbbP(o)qUb(8NF%8W
z{n)&0<h`zWoV<Qy9F=3@b-oul`h?R8{-Kq4)S5OQSaQe;Br`4k^6(8ot<KqCuRO-m
zTCKtYBol2Et7<74z2f)vB$GDlJ7FwM7fXFoV)FIWOM3byDg38%cAe%8MYreT54=Ct
z7od(4v*3*A14hsFAoa}d<gFe$ZdN=@987t+KgujJ$cU0s%-0Z|H+J{5bQ!eB6%!RU
zd>WSqmclrd2-fsc^%WA0WpXkvS`5%GTGR>AnU9EZO<Ro)=*Hcrl!Y<5TUa@Gk@>WK
zo(}Gg8miS}`OUXVYvk)}a?I{I3~Pm(-I?7q8|Uvv+2t0&g&PKx@oGIz6dJ0kj<^Nk
zpTzR;U>PZCyNkM|BMuHm_S7I#&i_ags1o`4S1@*d%O++%k2Y~a4GF2NYy8eG+U<GP
zgG?L$#&=%Z{d_dK=MC4NSnOECAw1k}E4Iifl^f?8r5?5xJ>(~SxeG)dR*6T}3u3}E
zT>1J_AR|^MGRqjJVWs#|Kz`qOkE6<C!{f@8l@QGD-4Kk&SYd`3l1y<H(-cYq<T6Xv
zKfo5T47Cr1MMcme>E?=G?BX*0xEUS)IoEyYdQr;65~;5nYGG%>h<FnJV}vfB_;TZ1
zJxi@?*x07-%&CV0;X7*t=?d1N`{~ud9W6`j?<)CYvrg}{yHP`44%%0xWGh(9Fc=><
zK2mbTv!hWs>W~-hOgip4u`A`;0b_$<<k0gl;7|#^dLXb>zluVTVaRHLcF5|tD3HaH
z=d4DH9AoG4v<{bH+ZMh(lVHhg77sFnG)I|2>@2>!glt~?ZVS%_HIuyf$BMH-&2Gl)
z$7mZeHj)#AzV)zkUU;NLm+T_P6(<f65cZzcCJ~UKRo?`hc^k9dMZq5UXZt-SiHp(N
ziHlZ#IwWOLVxUtspL!7yA??xRwA0~wb7Msx5qO(u=Kd?s&^@L0SwVQFY2gn!3+Uzr
z)I%F-n&bcD=_<pb+Pd(yFH$Pfr6P>9AU%XAsMH`JHI#sKNjK*zNQcrjbi>dL4I(i#
z(gVZL-3&04z&GNDfB3<(pV{ZEz1F+l_3pLz5nvH}7NrgrT};wmC8gg<Zwb&OD~_#J
z2p^yw$B+1%HGGMjwd@F;fdqWC@bL{y8@ofyOvP;^6vXNKs=~7>BCaWaeaP2D!H3Qt
z&#D`R{=8V%)tg#B?*;X(gBon~oUnE(Vt%U41Lp_qewhaIN9>g89hj1;#*OiqC9tdG
zDyB?Sezj<k2q#IzI)7K?xbE%FuR%(`^D~Z!gVoWHdk5T^R6y8=eLYe*l-bQC+iUKW
za%WJHJ^`>7xw53#=O;0_a*O#_MU>#krvr16rm(qrQoS0Rv7Ka)jS^98fb&>S<B}u0
z$^5My_XH=4cSrjemBzy!9rdw@u$9B~2-2l}6Ft3z+REhllB$D*;{+R)4a9lDtzB<I
zy?^Gp+VxJ?^Z*d>ts|iEEoPE*#KsCb!r?#HE<?lp6@;xa=)LO)S+J$>HM&z0DZl|j
z(G&F3q|>E;mhxu7e0<GP`SJDm?dl8}MzgQwjeBv#eAq_|xC4nA@0`}@H%~M?R!o=X
zRtRAN+v%{dj*8yb8u`B?7VIQ$z6Xrs&Ib|a=Q&nDrH4g2n}6p}6f$4I5cKao9_^y^
z_8m;i5`!EYcUqXUOff6vW%{wI)$dfW*6*w!x06AO55!owTaPeuv2ERd%W4#7=4F7r
zFJSZ!AC4(sc&E98e0p6@Zwo5M+3*2>aZ~H$hdeNU@;W3HOkjzwsHaAAOheIJ1pprY
zQAt<PPW)-ceH3Ue#fYZ`*`JscB_olEnIu7-13PS^_RWzUFYlNM8=$%VAE&TR9)8Q(
z6;8`q#EX$MI3sFEMghuxjnB+|bN^K<f%|<7NyJG5ZdH_cXM@7ihp#i=A}<fKHrwZg
zg}`QZT&5%B{f}pM^`{5`JNK`R<R0v|2$2!5WL-1O0Lbi$d*+~Kc9i(H%zgXkD+PN{
zXYSu2{YG;2Gl8VJ)W6vKcTWu`S~wOe$f6t8u7@NGb=!D=6ts)>KDQUqxJ}syo|arD
zg*zEDVG1@gVR)03Ja`@d!K&|cfYAX#CbrLnc0`^m0}2L=YupK*?g8a2CkXJ^8wT)4
z>nkj+x*A$WJMygcBR2^z_=`2_W<rgIHN|<>7E*Hg*;H=c8yqkj7Ac)N=UQN=k|duV
z$q<@_YP@ujYt__eJ$n>q3R({-yR0$-25}SlE1x<Na&Eqq!P%LHy_R!K@^ez|0ID?)
z>c4a>+;<nT+80jGu~2|r5CZZq3b0&1a-$vI<KWi8r}3Tpu^Mb_wz8X}ka^~Uo#ugj
zp$#MXl9;=fz7fb<7req*7mUX%wV^jJ(>JP<k8ou*3wy4kPA04L;L>!}=ParMKwcMf
z?5|E7sFgtS)cEi=&=OM}^_s}(bPCLK-!q){xvt^_S^a}^n1q-FVrrsep`X&RD@5E9
zl4RoO!J40y8d}0VaJ<rFyIc|a<{}62wuQD2A$bv0SE>^-RAaLs7<miOznbeAj+~1D
z6O{JNk8Mw58}5s?zIuL1Bim6=uVz&~y^0SXK%<Qb^B-bqe$#iV<s?VZ2t1+Gb28{W
zzY>+O(X~a!BX(bJ7O~3mxk#|MlZ*{8a$BQR%IKZ6OhR1)cssLN1FU>T`mP7=LTMlV
zb`lL+16qBW_qI@ZS0yraNoL26mpn2=k6b<cDTPu+CwQDrGvt?bUb6};{6Tu)LI3ka
zUsmq=FRXoP?X9zPE8S&c&bEwQI9NPl)q&w<9+F@t!P=>BVSr>9Iq;}uQEbiK?@`@I
z-7WUtyw(R*7h|xiYtFM(jU9=78Yk;r7c1g+*IrgY0hVXmTm?yZ;%^AWkGl1L?6`K9
zX0d*cVo?n57(pL10PjBB#F|}O^Wsl&MtCvpLy8es{g9UxE!*#s4Gs{EgV0Ej)qdCH
z$?j-)HfqNt{~(Tau_9XH0!%uaqZ{vQohb(`*sMZYIR--LdQWr7szmKNAMemHxQY6U
zRu(cHzry0j{GYm+rieCUV<vxKP1xrR7DDz;fw3g_vadN@<m%0`N4)}Q?hTt&H7q{y
zm~rZJr@&cE${paucShI-O$(xniJyj)M04ooi-Z~!VIP4)vy!yKVk(nMzT0~L3|gS~
z)z|2U{?KK=TxQdbZD?lYHgxQEwT2uMu{vT2ySc|+Xw4X@6BC<0jIH^y3J2O3!CZYB
zVlpW?4C_eyT|Uc}(&3HZnnHeqCa4ijh$^Lkftgfp*R0bHM#MNc3PRUrmqw96!ruCo
zXK(HCf(*2lr@k)9ppx*CLJS#I=?rL9>ELr{LE*P(O0+%pzEMA|Sm!gFB<CVcWWDPh
zm&&!dRPx4hPmC}yO#Qxv5#4N@4XGRp)J*2<E=FEsBw;$>ttg!{9|!e0EnxlC%pON%
zH(={UX*K)KypGZHFxQs>caBYTt!g0UuwT+16|L;&dx8V86;yQ#Dq?7HX`zMM5zcED
z9@2~AOux%)lAx89B)}g;i?qimZ-$1#GJ>m^$kIxHsYuCn@7{a0MwjGTs<&frn3L(;
zt0EEpMf(Z<G{32^R`N+L)BuH0)MkO;HV}get8@z?C^ai1lL~$pPZh0^yru?aG1ri)
zk8nKs3drX^gjc!kO?@nc`Ohh4VH~lI^Zc@YrxJpGeG!cleP_u<;Evv7HG{@IK#YR-
zHPk8bzsw2N<^ku4Hbu6^olHYNb0UW(DZ~FR6JFbQej0CDA;*F*+7nd4_NyAnYYR-2
z3=5OpGrh~O!#-;!MV)@<umGF6teKOS&Kk$(r#ol2YN-DUrL)NFMJo@_jaJ<F8J*sb
zLi{ss=eCDPr%$OY%7s}2q1wI<pV{uuE!M<|IJO%!7A{nqKiB#h?R^<9R<6DX>-SwH
z6m}(uwlTYcK1`X_zGf2AGV#-%+u2=C8q=DRhVi(DUD-k6!rygm{qsSEuqX8z@`7&C
zli%3A4U#k!V7$|*b2pW~4$TJL8O);9d74XUTGNCl-M{0XyCF4(Hr5*dZUr&6S+r~R
zFSu`2u%HxnLj}e1+&M^xmt^3ZYftOPCWZz-aKGZMbwY<2EhzP5x0ZYIMD%SW(JXM>
z<QI*aLJ?99M~rrm#vAd`uuGUmuiRyp2-192R1LN>df}ix;i%l}xueLi^LS_e$8}Ep
zfF@JmvWUO>(o67Zmj+?AhSyv-@5mB`mePKQ;mHGEmw}A7CXSC&3fG3YolNKedj~tl
z4a~s{A3rD1DB-Ze?#5hK!orV11*QER$5zuarE~=-EL!ku(5S~Ot?I;j&kLii{Wu$x
z_hy*trZd>`NpZi28N4OVX<AmVcN)l4M1QjI5cX_(2mZ%X_}U(hznM2!gZ?q(sR9jX
zx@0NC>p@?CknAG!V2yeE;I2c{hu`D=$N}ZoQu|3JzQ-7He!xA-UM=54YT6d`DbbEB
z_<SrQS5*=#r1Y#^zyvEUQp_Vvpy@y54B;)*3)*H`O%<JdH2HL<S-{HOOuC>rmfPkr
z%#!mTx%D9r!kQG~wz@p2zTx+4+C^j3NcaZd|Gz+bF8nPukv7)sw;OtgJ{#0XcGnr$
zayoB}muOwa*LmNcmAbjFB-tF)u#c~U3SjLj|FqAY->MLf8rL`ocEgI~N*)BiGR(Y*
zc_x;YVQky?4tPi?$Gt}vbL$h?(>N^|i@u$~^4qIb!Qt@^PHUfK@Z*X8NIS|w#JQO7
zVuqaa2Du^jeHzKnFwfi+w!7ABHDA*v)QSBvvrpvdoLQW&@;D+w#{PU|2p^zU(lJZF
zcvW^b)AW^opnvv;XQG2nrIu%1r@NY!6si??E-lX$Dc4wgbq+fv!2ner^pn=2c+SE2
zn%qyH$~9yz>WcH{2f>NuMCPD?YZSL+sHIIu2;ncOE{onb_tGC$e{yVxwzm>@2(5kH
zub%r5)s?%t-TqJW$oN8p@p0Fw+xzceo-QjrDaD3l|J*f*g6WuT-~^<_c_#p16yK#h
z{`#Nf1|)$NO?y-P`u?;doVc9aj1N)q36aL2q*K+ZcE6(xr9uH#m<<>+iu>rtJUpat
zP~2Vj^@iD-P3Xvth)!?Bqdx^)WDHGb?I-x}$LXXsVK0@abT<I7oXOh(6Y!G$nBL`<
z0o8$%I0>vDy@fajLmbeJ^_aC(_q_SY$N0gC`+tw>28ewAWY(WVL+R(jI$kH`>c|33
zH@8y@b;oUiS~5c!og3YE4SU)NW(S-Ho`lc~a$tn^WP62US)bREz4}v0!UUcb>O0%n
z=sV*z3bSX1a3WJ<%RYLri=)twF8!C5BOf9(&z$>j0|AYqJK5H}CFrLW(-})!ADV5C
z2SCJr6>3YIB%2jZpx;u_w;n&PSW|JnN5|VL_yE~|MgF=MDb3g`mK~|iQB^|Os??eA
zL{`SO8YO=H61HrqaSsnDa1Vc{d5a9scH9IS{dE7)&voRwH8$hcs3o@OIBOLOU_Ron
z3gT8Y7nZU9DOx7u_BKEzPG{+{U6JFxraXKCjG}hBSB;XHhbBsK5#E#d5EXGVY3Vw)
z^hR4mu1Zakgn~B3O|EJ=6-xO|B5=Ti3nk=h+{|M;o0-S>S1;*)B@$rS7v~vEb)BCZ
zee8ndNbtY=Rm4R(*nw?f1_J~=Bvp@L43O=5<~KI?!D6G+l0TV4+#{Sl(?l;zC1GL^
zuK1LPWWr)fQ9L)jj$=Q8FHOv4Lez?6puNNh8@0tkTP>+Qd0o(TUazM2mkcoo4Qp8O
zVp3E-D_tR54s*7PJE|h}NK^i#HT;VD<X@aee&|dAL)?VX)1wlxUoC*<>8)y<1#v`X
zMfHf^f&pW+dlYF`t2hVcNwIbiDf`FfmIGmX5497>gQCnQhEvWHPYOKLqC8|7vvUbq
zv}o6xKmU<VDtJ6JHaR`;(j1qy)vIH?BIY>@T7t#a*P2?kc$~NtcO*H=l7)OtOb341
zABB-hoMHRdajL))7ib~b>(}A#{2b|&0?JS;SB@@OvmV@V8}mq?J9>i{<=_H;NT|k%
zXFwz+54&1@IYtfI@1?JpK~HiAhdAy$8x?ZWn7#qos8LGvi5h)6?muJjlH!t$IG9qE
zPH0h;{$?Z1-+VdN>`&?s1Mc@DHbU3jEsVnfIc?I~vmZx>mF}W#O+tKR^rQkgExFws
z`(+*L&_=Qgc`i=BF(T*`QrNn6KZqf8SIF+i6HeHFt+~xVV!`}H2}7LON$Q`3IdI@h
z_2Rj)?^H+qm#GdsrRAl?e@8>iB$1&$#`%>s$xGOdwNPiRVdl|UoO%WwF#J!H8Z|;%
zbBaQir*^a^?LtmiC9F-;UJtb6EX?608X}(#t-GeZ9CQSUcPp7=nV552>D0ap=Uxx|
zD@QgEsYkjKsz<`V2JQ0?kQ=#kMcDK4ybxVp6YSxVo&1q%O>%2cdEK_Oz5woAGqQX=
zKN?S-#Zb$@yg_<|1&_!IM;?>?bI7z`x4zl5Ft)8H5Tp`!HEq~C1aeu*y$#cMzz4L$
zZ?ATHMFX?!t7ph;P-nQoLw7&@h0~qWsJ)wPIswT++^erLg(LH7ESv;tttC}yoT46n
zi>7iC)tn+*k1ymGZIZ>u6*;AVXf+Q75YzfA-99^1-t}MGj=H=)b7WCnJhFlN8AEwh
z@zJfz>S~s^TVj*5TLST7zT=T%pT|ku?U8QXTN$if_N$#en?xy|%r-<y;8)ulSG}()
z@*C_@YSyG$^oU#tiBX?>L}*SckFQH@i|0<$>-;n2fw61c5X%@0d=2RLz<g>O$oR|_
zic3inpX{gkN0IM7!j4PpJY_XoXZz#b&j)<-+v~sNx2yRp3^4Ub;hFSkg#7&YKO)&!
z{+*)Zj!FT~Se7P+hg!qM+*DpiToe)l1l8(sJ`PQhhv%SJA6;C{3PY|}SHc^QN^CgF
zKJN+nD);G-z6@{=%n>{hKFsk(?q{lD8R=z#pEvcaTYQqUTO9F%W3_VRO3oBc+d1Rg
zSaM}V9UPSJRC%Q0wZi~9KN{dXg<0D(Rd^kngP@hFEdyxx(Q&umV$rMHx|H(&>M|K<
zdjw847&pfzL=!s?h!DY^>%x)0*gh%?!eg}nw+cdmQdiW-wM*cnrbaMqQ6Lz!9tu#0
zIP9X5+%fNVv3$Z$`(FUoJ?Oi!mY<zzcNXg0bsl=SjnR#FG(*~hx;UpWjmg!qrPiMs
zxP&6!IJPNTruUwL*HMLl@X<3R*3&Bry3b^tVf*UB_i<#C4rs5WL&%xjFCe;3A#*ki
zD<tUzx;?Il3c?Z{e5s6}U&Dn3QSTX|r&b?f$QALWXx6zx)?|q&yg|?XZsU*ErBQ1z
z`0C1o;#VX+IrSDWSq3LIS9Rei(e-!OVwH|Ep{N&aI^0j<=59I8UDv-SVx+20qS!Ug
z-DRd4<51Jt3}OCLB>|6V%ISPnI%>bDbg22m7pTnMmWmw&I3HNtruG?J*=y-)PWG+e
z<T>avGJzLzMcjKtvZlK6wdB8CZY7hwNqf>U!|0LYIi4D4xY@0XGHtuq4B4DT-)Ats
z6Y)W0;jTSZat-9EQBs6JX6!HQR|O`9o8MkDCe7;)lHeB`xX>MaOk$ntv|^nszo2{s
z2l5TwH!Hd}u|If=D!$&*KUZ*&$4rHqtEl@DFE*PZ*7UbR;4e%f9pD=`FJ=rc-e_w^
z(DoVB$~3nWWhu-{4N7%C^xP3_OB={d(9j+G3c-XU8eLINe;1jV8bOO+WLhoYp#XD;
z0~(d2V$xn|qwZeQ9DpFTRBr451r%<S`-yC{93loz2HtJvf>V>!=nyj~Hm_H<qaq*Q
z|E_e{NWdRO*T3&@kR-At)+oW=LC96{1+dccW7avy{gb*l0fo7&l&v2mbeA>hlirWh
zE|njrQMXH2tuuDo034m;>d$-+-T6l$qPdD}#cESZMkOngwk8b4Mpj~$wI!;X!Fh%I
znC}<WC^-(}f^weI^bl12eu~=n%(jil0r!RNh>$nGsNAb(nN^8wX=<RooGqtw8{<;B
zjls{BYo38=!zDr|9@{_I%OZvfp_~ojg7SdA_FC1asNZaucD-tc0};=z22OI`D5}#c
zK*hbTnCiGb0E5OK=T|R26cp;RAKfc7QEC~C>0PnaZoi8BA%|<g^a-9!d2O=QxSVw-
z&yP?!-mX)+do%!G7@f$$bt=P$LAx=9Y+DNwjnxT>YL0eZajm$O4)~BQYkc$*AWHCu
zPv%-is=A0Bw_{wie)!N{Dl3Bk^JOYYG2@Y!ndFq0LA<b3=z7B)z9GynB`&~O1eWR+
z$N~#I)mloPzroG6<@U=H)^!7nthpu?qVT>TD#l5T8+-3XlybC|%<8G%9Cy2gn4tTP
z)vrEE9&B`x(V|ZnOU@iHx9I6p8XO?v6-giVd9^oT8trt@GCXs)eoQ@{9NqkpK$Bk8
zP1JDp7YPL^IKSZT=aA)!UbYM6DddThnk!0kK{HXcr+l`7Rv>iE4eQkW#O|IAjj-8I
z7uC74l%xT$n%H{5WulTK)ECOH(-O+ZdpgwrTQ3`cw$J<WwbP4<W(0=Ax=n8_g?v5F
zH?EDI+p=>Xlfu1QMSz3~kzO2H#C^eQMHPQki6{yLUX_sPn*E3!WP6hq*yaA11{C`$
zDVB3Ib&kb|TEH>Um%m+6-;eB)2V@utCF18z#Lt_-KQQyb-FipbK^BVz$m7hFX`g9U
zMpZYus$0lg6UIa=WRXMN4tDw!?bZ&jHIk_;DYlY2M`+dp;X3>h@Af{u$yODPiph)?
zxYkk;dO=W2XqrPoAx}ayJ*3RY{3NxjA#^Pjbv4osdP+YMQN&jzI4lI=lCN%`_+P3F
z?+hDen6Nf808=TsL4Rxo$#X-*((;^qv^ipb<$>3Cr+u?P^+6A0vH-Ut*;%S*oX0QQ
zToQg)^V*=YD2eHAS||~lQ<{(#j5BbzsDkc-s=iC)ihY~-%4ZgGmp_xJE;6QM&NU!b
z`MBh*wuUN%D&`8Itf1|+<I=~BTA`PE6p$j+Y&Spk!|nrnOIFplXePA14Y{C1Rv`=H
z`5gb0MIZ#{cp6RduwX;qdGB^{N3sF$SkGCFy{y;aN<{p?>412H=+2e^+O5p9ijwsF
zL;|%~Z0X$9V-3XSmif<bWOd%JvuL!83^Ng=s;~~@erx08VgG($V=pby4-<5X1Qe0>
zetH(jPI|O>&a+p?norRA%F7rb@zNCzIAbRKVbzG_1zABn{7&+S5$x{~<o#r4@TtDc
zg3Gr$e)yi4UzGm(I|cF^`gf|m-gv$}sCi%dd+47H9h$4nlJi>H9C7!X7q^im^s(LI
zyQ`H*V%M>L=aGTvgh?Rbr657{66K57A&_XL_}G{$>4uF5cx;Dz<0S|-XZ7|y4{p=(
zkiAcAIVqZUUSnSq#sfWH>UxDy9!#xYuB;r+!jx@#q!{itvmA&7fmbB@7zJJ+!K-gm
zTBmyw*>E+xpMP1vUtbUr@*wzYaRkE=#hQ|)o0mqb3TPg%W7nbKhjgs9=@Ss<W#qY%
z|IBh{)C#*?pA?N|w|T7zUcFomIWx7^arrllOA%Xj)Nsv&yE0rVIU#wyx?}na(W=4(
zo*qZ_v{xI~^^T<qN>QD-RO8i=t?Y*EC^Gfb@o?3~dQo<C;hntk@ftuPRquncqwtK|
zF7Pui*~2WK3&bhyDSxwz620#n8}B%_X4oa=+SaAU-RChXD7poTOLP&m%dXJ`@z>m8
zx>+5}X>nG2m}y0L?6jU&>RE$`o`qVF|K`f5=&M@!9+q${=SbeiRp-Ig2maNuYWW4l
z@oIvDZSX4EPi7TiaMeprX$r6sSwz{`9(fqa*}{;WxWh5uA5MAUROAPPvmiu1YK4Cu
zyQCKhi8`H&8?90JdhOTPuh&p5l!Q_KR|T!n_?(MvF>}I%91qJhEGG+F@`?U(+4tOV
zR80NH2W>qs-s{q<TBCdlV+N1~hbXBVmo&$UnuTp@b{{yBwbGO=!~GBd4-4CBCY{ES
zMuS_mqen46@()>Z4{~w&?Pa@0NOwUqsmj_2i}(ciYWI*BRcB*y3^E9pK2zH<HIAE6
zl5dSkBjZ5h1Vvoe4f~?tI2Wt7#u58J%@;l>`vv?zZFaQ3c*SqO3HG$;qkK67olISg
z0Sd`fleCbma&pBd6Ud~$+O7Z3ZS5n3;pYa3PxL^+qjJ$AZt^psY)4bqUxSO1Nkflb
z1(McoqSEy?!|(^jy=5U{mFSSdneCg(EWin-Uub8-D0+*ff={%a*vT%vrv!X|!RGj=
z=rB%}gI@8Pxa$|U!FF2pR)2szhk~}ja%*@5(6u=EtlEWF&U7qKuuL2}LD{VFHzmVM
zTg<K&IeiwIfv^>&2WYOxBq6U-420fbbdSGu(g!-tgLo%p(__`aJLw8EsZwSX>vCQ(
zv9t7Ac=(rIL>Oi&{}cHe*ejh40Rvsu<1y?v3CGGl`B+<k@`#qnN1lOkkD1Ig%OCa<
zv5FpYfdl_u6nr!#Ks)m6;nXbSERWo($oo)<1p_`>^#&C;><C5W-mmujX*j1ij`T8F
zJ`eE)+AD>$8<a!vRx>XbwNXi5uoX^G9h823I<}v>sN7j{OX^k`=gp#zdCXlw=yJdT
zuK#DQ=wkghOtNwm&2JN<_2Y*o%<`U+L$PexM0w*o6LvHp6$$ef<M1`Z<~x@;rThbx
zuSXDUfxY4bYfm0?!i|56a!~TGks*U%*OTqV-1SoK&csQ_w|N%vm5P`r4z*@_mE-;^
zPr%>eL`f^*^H1JwA%V$%R`eOa!G8#>=&UjQvA@_l(|~_?QtRvcQIcarUK{P*+1+kx
zkVj_@F67dMF;C+TGcx@=rT!m74s7+`x9{Gd(CZqN=~IhWa6>GW>{%-2oeHVep6(mD
zFMp_9Ye1XhKP8+fb{=s5r`Z_jD!vSqe%@4pc%T9NmRGJ0+#tI;;D6^Q>m!eOr0Nx<
zjW!QEq3di011VkD$+tB%)!0af7tG%g4=#z-zwO00Zp4gz##-7H2{3jTZQ7GO)N+kU
z^09!cCt(I<OGRVF#3Znr-x;EQxmYuvE9h}$6h6OqPppon`^b6}PD_;=<%dLE*8(Q5
zuGf{Qc4t*szyvQqvceZ8c*SY*I>nL#efB5zC2d>k+%k6>P=HQq1&dj@IZal<O=xrP
zUyf(m^KtTe3=CsmJ!0)J6I-GC)*|{=M-=WQJNKqi%rRA`if6n_YW-o7Y8baXEMVIv
z%+Chju*7(_F|)nl131@Mfws(6^a(@YN%%FeNd0sX17en`1jS!iiZx8L7Ruw>l$QBI
zv<0`*hh(xdm-k&(j>yAW<vCL`{W$q9q3mmtekuVMxPHlQ1+$Ffw5U(n;~>quVpwKK
zD$9!`eAbgx_^jMxjBZG&5`5N8njjgkq-)d%94N{r^cdF)drH^@zQbh1seZG|$_y0a
zKpYrFtX42kT(n9lw=zWk<F0Wv$nVP+)jQEDdR*($kZJx2R!ojVcvfDgf2)~DX2|Ll
zT=DZur8dvkkGX2yC8aCVEuFBYVE?mnh3H|&Uc4FO$u1Kbs}~iwmy5Y=1#~jy4(HXp
zQ(gK1xQf1+qalN>zXTt3ok{CPAT#gwkTI_yAyTI?a||oW$5Td(9(>u3$C#Zwaz+!*
zqLK73LBzZWXEU<Riks9IPx_<vX52rtAFc*TW?{($_05*0(jua&W53JXbLBJQRp@$f
z@1eh`q3eIdynpNlyy3f3sQ(pjIHP5|naSl&ZoJ_>a*`Il6L{m4QYHv$J<yr=XlB@R
zy^cK_KeHxx&0Hu13#JUt^QgGhWyOpzB3d=3m_>*lRE?1T+3;~ik(0ewmw#{DT3nUH
z(iADIs(b_Tooq^<zbLWTKtFMtH}>WpvHKOLR=lx*3-#)`t1mlC)%xSKt|;g9uJ3qj
zb(V>`yh|Df9~CI4_$k!FKA=w*XUfF$u_-LUw|MRkBRd&Tb0+<j{R2NH$+fI3b<h=)
z<QEpW+B_NckGuNSAZO+P<w||8M`RflR1sOZ&2<l)Xmp3oluz_~R+z3_UDx@9ZzcmS
zS_r=rZOMKda}|vtTz_@&MRV=O4P)1zRlUl(UmjQ`o*>q_482wxHeYDib?0OlY5xp;
z6^aTr@FXi<su}UUdZE^8pnUJWr<HwQlIo+c;%=)cV%x$7dY`)%8N~=rYo3+47cI(W
zrlRqm)sstqy%Vkfl7ItP3@D<A&a6|^_R6h<mFFzF85i9fip1~ER_CsIO~Mq8Rt8C%
zVMOyISur4<WlN{L#4!`x7t*kb$S)F=Ct_;?lI@(YPc~-=z;%0H*vk+bFExoK(YYR0
z$&`^>6}^-fl>)Z4montZ5j2t8i$-d&l#5<4lAXqJL6{=|phYgoEYuVvX0g7>H(2_+
zi#Tr~r1!Ziw6j{fAsWl|tq3mrwgJ)A<h1cg;-gDrSqZfg!COw_x(L_A-V)XYT*v@A
zALKhiBT%O?MK?5Fq4sB9XtNrAUbtofm+1b45Wc^|@=?EPo7u+WRMFP-9Suy&AmFe5
z+yb?F_5ZXW8%ju=FK4=A?g1aMT+m73w}|>WVoA!dHR6GhDoT77VL3VV;(?V|l=csa
zG4I+aL8py*1syEWorWd+)@}NDtrXivISoj*Z1^Yd5@C^J+xOoZ@=yX-?9YT(K9i8U
zJbVi;OtD!oHkcjgO$%cHaF{$7M4(55ub?cKh4uVlJeTY9Ghrr}z-B$TB+5BpvMt`g
zlC*c|%o|Udsd#889q7qe?HH#DJ>L<2!M;rxJ$;T@{0`NPdre4$*0)qGC0K`oi7vFu
zPx@ea|Ba`qtt5kwMT5Nq!MeQU-pF#<#DTdGGG<*MF?z5CPIJtbe+RAqH=jRkCLx<d
zkr=XX4P*r35!Hwi_Qt->)EY~l?`4087&*}BxaM66>x$5pL+u<JX_am4yq&=w9`*~q
z>>|}Nuym~G*n-Oad4MB*IeC9hp46UuWX#_vAuo~nDlEs9LLUbnIDVly1*#Guaf~ew
zIVCIue#gWAJ8I?RT@2-d;dMa^f+P0~-QN<k0s3L)OebL*WWdIZgPoD!k=?vO60Q`(
zSoUOp=W#$xJ)|*_M$dFdKOzX8C9tDoVfP2f#Vzd!N;;U!W3{uqR^0UIMT{b&4S1Kb
zA=H8fuP7q{na4#+I8V2(xBd!Tm!`jytZzqPV`*0sWrD7L4=25kVWu?b0cupzJGtw$
z%AVB?AwyQ!xJzBb$HFTEqRwQ8YIb9X2X3Yx6eq8<DjQH_dLGZDuTu{0aVeZfseznI
zQIp{cuu&1s3$~g^2G)GB{(*oK5*-daWAMw3-5;)ao4q9s8S}?C=*i5Elm1A_2y-JS
ziMVkofUfc-a?FIlI1t!^Rl2qJC1SCTfn=U^fF)?w%70S9I?!dziL5RaHQjM1YdiGd
z;V4|;GpgGlzf$4zC=_}zt?V5w=nG3T0?ud(9@+xTliP{V5C||R^08B72ga9J`s$Yi
z9vF24@WcK(f@Jf+y-C!70ec@?Q;8Y{+Pg8wCXLP{aBOCYD`pJVIlv&GWt<2?Vd~j9
zVc&n;GawAAI5wSmfbY-vgG;igx_bt@vZl|9hIDmaiGEx13=;2lB=h@{R97t&s__$W
zv0c5!s=s^tl2m1Uh*keVo1kvFpqa@xQf}b>c2ONWNKb%SFPy66a@;>i_M%!;q(Qh^
zHs+wYYrMUN4e@u3FBuEwikE@-_aY64UP0TJiQha#RH4kR*ZK<iYc67t{GmXN4{G@y
zG??pCU%FY`O^CKyn#3*;xAas^ki@3b?CooD!h2t>nqE;}k{th^PiuSx1!_>8wL)m#
zkqra)?GNhSu?woSabDlbD(c0hDwA)r*)MLN@$Z&<86<43X1-I*MR)XLuQ|a{d0~oo
ziHa)V7s3@e69R5370_>>B_rxglW8{h*l`*xso@F%2C8z&+C+)8CGIfw_)_49{mtOP
zzE;e2C04C!Nee037LF-5tw`A{_Cir+`PLx1Bq^twk<m=EAGtLVO7wd#PITw#`3EEs
z%#E8tlFW+IE|??EnTo7G^g*^<^z`VX%jEfqA8A<P24bs+RxerHf5f&716VSOi&pG+
zF--w3(QWCg)5S|YlV+7zeB1na{jcZmrccgbN^X@JCfa?R37v{C-_}er`N4KpmBz>e
zU8yK7wZZT~q=6qw<WgG9b_*j~lXoy&3x<mZO~QvI-73XQs}NdDR^uD->VrtHO1*sU
zs{Tf)f4#~uUC)4<^~-20=7Zg{rLG-2!v3uG2$@<@Qr6?a_$2>H91BNUSfS&{#R}f9
z=ZanS;(s*n66n8YPA%X?6&0%2MMz;NOaT#g4u4`C0ER^yDTIAtS}*tuC3M6l3J!)Q
zA#l+II%JKxB`I!f_?FZ3`3GP<>L&f1C~)kgwL3{NuIKCF;?8ALsU*1Fc<RaYyt26x
zecQ6vXvNjcM?nbT{C;q@f`#rP!9!bE68}y3_$Y_~M9`8E8I?(vWmoB$tDPycerP~P
zCvA3zIngQV70Tz*B-c1;SQ3}pSm?A|5%XUw#NP%}#@c-7+s_~xM*^xy>vnecveTXA
z>~JwJHCQsX0!H-pQ%y0lO^rFBrf?s1@$#yaIFuC1kW5olz`8l2hUkT#!a|S2fOz~n
z$&KrusLCFD4L|+ZY3(B>a0y~>V`fSMtk+BMAf`I1VH2{^#JIpiUZE{@e?Stn=2U5~
zLJbve2J}~--{$LxY*fXC3Tx(x@Vs02uy9u?Vgr3`2OZPF1a@G3BK-Nr)i!Z@bS;A5
z5SmPKkyfr4CPREYMZUFW&qd47Gjn`Q%Ly-y3Z;*}8QSMcbG_+ZdxFzdDOC1f8(g6k
zhb`lOMaxy~O4$Aiia~pw^p`phkPUXQm*x>rWqnjwXmcf#>t<$>IZ{ofe3nXQE%}cy
zOS7IFPz<n?9-4g4iEFFa0@r;DI{2jRZaL5rFl!#)rm6uVhuPqV+`L4~Jf2_A`a@2i
z;n6aWdM&v`?2Yvbc|Da~>Ap%+ll*oSa<ne%>j*8PTLYM48bVhXQ(w>&w`SwGe-n%z
z1!=ay1oZDIh-JqK<dO~9u4j}W6ZwMU{S|4s<3H=O2z31oQX5}QmYNdHHnk+qRNfJG
zL-*|}&SH0Pmk#@6Yn_#|-TG*bd%zHbi;|n5u1ETdeJch!Wz+iOhd&Bwv^=fmngNS?
z{y&>ke)ar!aU)U`HVSk#tOsN~O>*JNPx?p``2uA@*tB;<bWBMZ&s|Yke=WK|JsH2;
zHc6x9N@;noT#X>F&q;Dn38MTN6eGU3A}f4=UY}pN7vbFatDSU@Q~xfm1C{rlY^Xx~
z4^#jALp<)^6X3(6AjPaa@3&S}A?XgQ*KMElU4cap05C}Y6L=Pnm0D1-;$O3V=Jnw1
z5AozhV7cxNX#@ptG<kVWBNc&!I`C$Ls$gEMqjHSczh<84o3Lo>^;5Z(_T=Sxf+<F)
zgbjRym&Z6}=aX!v-`q+PG4M4Yj`UbN&>eVM)8a&p)+!;`h4%d+4EhFr!LK5pawf&)
zQc7FLx<FR&M^qlqhLwlPWd~}kvRFcSk|*J``h7%~Im5@y#W;=D-5Af<9(9*AP@}zz
z(2t;=E&}JL4@QY<dPr(}Vn*w|dlq+|cfut|7OSki=;Co*9wAiK!0JPD1zg(mEYw>=
zcSC_VU5lJQyg|i77XK9TR+NugKQTVzwyi^v@fu;dcy)&%tr}GC0zeNmw2*3-xk4n$
z%u+*VmR3s#{|paQ@T^hZiZsy76u4@GhJ74a9W06pP6A8FvFd!xh=l0PNXd>s(>-K8
z;DF=}HGFelhQC9Tk3ZidDTm)%b@Z78`3w7Zbi;)t-v;btgN-0i-xBp_62#Q?V8OPV
z<bM-X`_r5jL4h26f*LBYf>XW=-&m&}Bc-o=SP^l{wZpzb__%F|;M1`6uE(<WxH;v3
znQUe>lIt{LOWboYY_I+e4-QB{ts1YC&02^(xp2b;U$G}VxRe$O($04dP)9llJx`N`
zRI;kVLj9W(6<b{eZz#jlH{6shDDO+ojBmANh&*g#xQ}<lE~^5{R$L0s3~McQXw=Ly
zh8W}F33JaSnO!15gH^S54<f>_bU(!;0CjH>lO#YBkjQ`e+$3y6PV7jd%*62t&JN`B
ztIr94-+_UIe@RX(2jnar6Btv(cJ@S^$YIhWxQ7#QU>dPevG^yom9{QMQzd8_1XX8Z
zBZ@8OOI^lu2r*0`+XYv%I<Bsi+lCS;e(^j4m471^;aknzP*UBhHrZNAZvoihsnpgu
zs6wF_R=2)z`o>PJz0&<OB+5p0c?<u20psTq^t!7dZw)Oh!;1F5`6QfumOOgv{8c)8
zbBP%B`mSMeAbeJUQ+G|}!fo=U*Hr>a6qyl+@6tL=bU8#If+5nBtI|;s0>t*=IWvyS
zBdpgzYAvYj|631`!e<BZsKYjKa=iI0Yzy>Saqoc;ld0XE4vv$j3HcnXKpbBfcVlH%
zZUhCnKrzbvJ=t)Dz@N8I`ymibh1M_#3TY+vZi8nvERSd_?%Cn@-yY_}%tb=HOABdt
zbW)|iSaDpYg*#FDh5<H~hWN5VhRdh`h*<c1>j3%1uU>RX-fFKOxlUs2J|SAFds_Ak
z{_}QoG`SYc@^<Y=)zyoR0ew`}J;OO!OP<0=rRi+R)h>o0VM){>geKEqaa2mbL+Buj
zAofUq?k}CYZ%m~=OG}HVb2@3oC5z-I7L8nS$w||>A4VrNoKO{jL4J;c(`b#_1x4*7
zsZ}#rhX!yKl7~s#Zrp5`gLtOao3q^vEZGuP;#C-U(>+h~k=8m`hyC(>zQSgp0XFN<
z-(}KzTa6mNOq$e=JmQvE86v3Ym^Neb%0&lFLl%^$5aXg<N7U}K$Xl_z(xmDu!=1+;
zPJytnWGrykyPx~C8UnZb;*=Kuw3@jwVWne^bRW`iW~>P9M)4TBp9t{it;PO<2IKYE
zfD%I%gphHI2H$owi^Ell_BoiwLS*Wah~s>Xq^hsu=Ygjvp1(-VLmL`**cM8SSIGQb
z3k=(E)BXSCh5bA`v@->q7s)GqLl2P5A+ln&H5m_U`d*&UPC-V}eEP_?PWKLj)l$dA
z1_N8vsL}4ltXOFNACQzb$j8IeBTlurr-^N<Z&^r!5~QA#hGwu1kppshd;yr1^0cD4
z;1bop;2p?Uz`GLy{|(+s^BVbh@V3^19|E#C&7X6*bx}CO^Iy%`1QsCk8zr8ol2`vK
zdm)_^Ut+M?>0elmooc7(#t*Q!DOtAgUy!#YwHg-BJL$>`(PsbF@otypS@pR=<HEp=
zlnsm(VEm<yKp|P+h9!UY*511T!y=u)BL1Q87fm0}1cvZ5c+4PY$Go?ijwNOVcxU~!
zNE8%haz$Ncqw875A>R#|2bMXP{7r=i<eSP;U6R_SHhIGUp+*oehI>$x`j*JiS=)Ra
zCe8r3i;ABooZqb^OKK=0TY*ZjKgP^MX-O{*EUe%UEUcJIy*apF@7cqmAEKB2X>KG*
z6vvt*B6Ej-Hf%^?4){q}_cdve1=aR<wN_{ZlIGh481Sq0#<{>7iA!1c6RhZ_l?hsH
zVB8)#eV9|^oJH^n!F?;vR)i#j*s(K22RylkKVWT!(N_<HH$*Faw1em0x=^r>i}OKE
zg-I>5s{tx8QI5(Ywj5x{X04rs!D_LuAb%K8pE6&rFWOYda0%);eINH93p(xNL0!tz
zkXQ_HD{OZF@X&@#o_fcCVg|Sc!DouN!$SodoOpaw$kY+qR((4mB)ELNm>qdcqVMbs
zXT0@0rxZ*VGlH7D5?f}GJ9TE{?>Owz-qfhg<v7R|5z*s6dLT5Tq{0I1>5LQL=KiAN
zM_)!zN!4@Xjb^8GW0hnfv}$sg0ogS^-BVoE7^CT!j_Z8)=t$s5a!*{dGp|jp%4u|V
z0biQE(($;WRO5kW@UsPl`{%c}3QebIXoiGyJ?!tmZ*#u1Y%dw6?AnI1lUy7Upf+HK
ze1;1Jv<3oXRm6r|MGIdbDxiO7$7S-uJN7I^h+Q?J36>9v$^SM0@$wbmhYRv5`>He0
z?N(Hz8JX6ucSNQF?$ll`s1ok%uC#LAl6)kN!g6lFLPzW(ne7MYh!NlqX;Y{xYIhm(
ztPTZ4NKLv^`9PpqAu0-|@8jEa0a(>u^y&3lx66_@MX`A}0@dq4o!!SCmUA=??LRJ$
z^Ed{hP;s@1;*5f-9r~-eK6+6?GmPUg9hr756b~#y^k2KekNz0_PRS9dX)(FQ;EdpN
z&28Eu2h`9(VoK66iJ_?NfZ2keF29lF4G~$(vp+5l;13YrA>LIq*hvk(KO03U=4k~t
zeF(kXv46^&O_4lT;)`$LtME}wLgBuMIkAkM2Dtl61SoMeT=}M8*Kpn!)02czNYdJ2
zUraKrmU={1t_Uk9wZg=!%T-`pugUJ%5WUe6G1aokE7bE6ZwMY=?N+qFen;P`e@LSn
z9{)Z82;X>CzCScN9(e)40(VeZk?#|f4N6#5_xW(y26x1)XhsQST?@#`HohPySPIv^
zy1!pxZW8!^|IA|=zB|4OtR+zQSNwO>b@le~OGEpw+(TCreUuuw|JiwmQv{S7zGtGI
z>qwohba)WZdBx`U<{?IBih?di1sH0by*0VvUx+S~?#Pm+$SSxa!6|;~QJ3a%V#EYf
zLf)Gq8RQ0T)bM;40HK$REQks#gfDixt%!<ySepd0TMX>6`Fyv-TkNTd=Bb?}r!y2H
z{f#AqAG)YS^P^_M-zWTS0-(9pycnrr$<IW4O)ht&ZJOOe8W6l0Q=N2{72_}tyN~Vz
zWrrjd6slR(<_|kA?%8&h9~WnKs7WRq7gq3H%&N+W;KQGX=rb^rebKA(P%@j~R8~H|
zRil1Bb#2@KR`8MS;Pt(Le+dwLfA^$3eKT20gx<f(>r>8C_0-d3hk8c8Xjrq>TUbrx
z1aPJ9U^WVGGsE{Dyj+E${O{{uOywu3-e<1q0#wx9h7#s%B^!6MmymO<qQoZ=TYEi4
z6{6P*#w-PwZq7$+{$M~1JL9&`<WoJf6@|0Ef`rzkFb)0;N5B@E6LbGPd*sI84>Ftu
z{B5x^{!A_H70WLJ{^r*?)N-okH;01A08lWyE8^|E2*FZAMEmaBPG9wh>Ci5Bou^~}
zzGuHL_4`;og!a==@rz7K&D5bU!C1F8`=Dw>8ka_Q1$qCd_v+^22vRkhoov9ydFIW_
z2>s$^E=39Jwr_G(MQX?pk@_OW+8{GWcIQw=g@9{ik65MU_(6>lVrM63ajL(HfO9Md
z%@dxs#d9nGA4Z<L2`{c~KkqxYQuUA!u5R3w_M$qW9MOBZS4Y;DOF9doX{kZR#d@@R
z-UXlPQz!L}qo$<1KI3<xikfN@L`zOFK4MNiBN5$iH__k|@8gPQ8%5oC7_cDjv;~s-
zH+sb8b^{w<{m4rve3!A6u3Hq~*Nxk&CcHh|r)vZ9_@HHy?raDy@Va*zxr}iNjU^sQ
z@Rl_dE(q6iJT823$`bGjcmHk(hhfOt4vKZ~Kd>a3E$Ewtzb?$pY&P2ZhIQhb5;Nk<
zDm0`(A1cSq3)dNG*WFStBiFb1&?f<@)E$ecQ+^k!1+iQ}rUIdL=j-J&AI6Q&HcfV{
zakDec^S5w*RN|iDI7H7(m`x}eyj*Lv?Bp!pGkOwGXQgziEl_hZ!`a#<s=yf)c=N!t
zL`*=^J?g_<iN($rdZpQhXf{|eR;*?#`}2lg%Wi_xfmb*qsR(5<imXTw+5F#4_rc>`
z>6TlE4}hiKIv}BXgIBOf@HKAhlLw&=+wwtAvn}l4M`vTe658r&-r!wtv$_4LiQNLd
zqlwXU_6=)0(*@)wZgTUg!?C#WfYiOkPmbyhYvRQFcSpzQ2Q4;2SrOnY^)Y%YMZHO-
z^-QYjx^|4~UAHmt`2?LfSdsWz{Z#>#EQ)7F8~plj-GE$CiiEDUIVL{^Y0x(pf_!C(
zz#p+mKsHML@+hCTZqrkhEXp`m?ltnl1Eul6;{Dqr$c1|qH1?grrF9GiVtd}khOBF)
zclVCe)3vZ^?j@sYrQxT+nN~G}l}?*OvB!IzZamm`>ZE6nC*@3BP9H<bb%A$G>03vP
zfSX^jM`rxKoE`ZZ#Xn&8?zOeXWDcCWfXm&n)SM(~&nHDOy@~5y@0fFq8Y5;~uBjZL
z&$O#Y#X3vB0jCd0z)oL}g6h4pXGgX6+rml=5+p!w_p1!q4)iCiI)~^#BA>aT`mdZw
z^W~prSyu1QyL^vc=8)*!CzOwLor(Q*9WZ&^p7kqxOT70jyC){jaixM`?7sVl!F<tD
zMD_-J?-|%*5_k{fu^jWeZEU&>R}ETm30WRax_<Rbu^L0nrmVCfCWZ{U98c}WeZEbA
z7X!1v#8>@p=&wHZ>UK>WQ6ld*Nz6b+6aIgL!#fLIypTmnAK|PyXvMl34rHN~ec&qy
zQQbRe&aInJ%Hz{C-jp;?2}rlm?oN&S!Ur#LRBfr1lJ(r_hc+DC{EL%k*hkQLJ*9L|
z*x>`g_<+Tz(Y$RW7v=bd)*7_UIa%DR27E-kV7bhunjHVM;hXBGgo*K(If1IdAmtCU
zQDQ${YH=iUVN^XQlBW)L0jIDqx*dsJ660(N-;=U3MX#fc_H(L&v)wT&qd+I9SEA=v
zRo;Meu0XI=YO5kpJ*7B_aejD@(cdBUG_ALGYQ1rVunx>Bcfa0aEGg0fB>rooi2K;%
z>}VR{zQeT399pz3G~>25*kM;L-<f}ai%QOL^Bi7#>SEcq2HG<QMwlbLL~DP|TRd4Z
zY%`g#`s^{5>{WwJ7t0xoa&bn-aQ`B3bQ`57iPK$sqgcWuR^R!}+Wi=t8?cF^b1iFL
z{3fvtJ#Yr-P9&(Qf1>pd+|6wpPrAciP^dw=^9Bf9z6uo-yaeT}3R#IJweY;r(?0-T
z$`)?m=2IX^*Wu2BQ9Ud(N6rn5hG$1l_F}7`Okd{|a_!>&wbHX+LAt*XKt9HKmw&Hg
zVg2t~+wn?nVvS3G(}VLux%D-Vu+?km*KxjP0$PrZAG9_PEnZG>LRXmyow5|k>$^U_
z_*6S>*!M$~^gKgEyMJ~oA6G5L^?t-k;@b-H7HkG62KO74!COt#8sCs+beqwSN^P;M
zI%T9IP0z9AN+j8}5tB#u>a2wzLu0m0&IP|fky{34VOO9t@<kZhue0@6R#e@uS>j_|
z89SA{aOEFJ2QHyg$usBBLyxwrnX!*9^Js_5XQ-6$;ZAea?N+`AfzpQ5KH7XE`f);c
z^CN)A|FUhyFkm3FI{#jlbf%yXoqt!PO@eesAi6+74*Xv&u$imJ@Wzwrh~8Na<7o2-
zhbVD6?$wFFrn2se22Bewg%8e?1Q`5<z=AM(PQ~@3l!4LlkvbJHMU}@l&zKi)0e344
zDcTg^hpxG%a^-!uJDj07!#e7ECm_tDFMeuS>=Q!KpdL^m9&<~>Ih4T}^lB8%r#3?J
zYTUQBf(?STC|%DDRa+0p=JvU~B9LKNg2aJzr{H2gtI9hZKhy%O7bIKu9aAPilTA)s
zVi=b}vj&w<v&V+h=8~yVWvmq`KVk7)Cb~8(pcKx=O`oy7aRnCE$q(VWKt)FjZZDG{
zd2qg$F*No%OfSC`tfAaR5<Q^U`Itn`uUd8P`X=8;4H1}#IH7sttR&qKGsb_8{%=8V
z+7d#~u_BEe)gAHI1MJ{<YcW}44%5h3k?ZS5qjQe0Puf2{FrOc4(uvWV&!oHxQ5?wV
z+bgXDiKK?-1LBz@>|V|$d0xxmq8{uLl(2;kyRwGT!M72fyNT(&mEi$Rl~fgs@19wm
za43!hDHhSJ3rxLn?@f6o^z7|YZ5}2U{$e$5&eboo?tYd49lycVrw%i9i%;J%Y&~|`
zwxUY*ldqRQWRk!{J(hUmc=dj#fp#VBlX@q?w}H;rGSz{No26o>dQq+4!C}f>z3E@^
z-S-;P+ws+qx6d{ot44|F(?3>y*OsfL?$8|S%y3DnQuGC#7&0m8zj|mkd!3H8BOX~2
zpWFaFb|yY4n{4b$s+R9Uw7u!!`|{mbdST7ziutlJU!eOKTcG~LD*;#R9bq26DT&=Y
zxvKzQsb&i8_O4?#?Y8F0<Ge|_KFr;sUo1Q3+Hn(c6j4*@8_**AkeKdWr{s|CWID2+
z^R=h<h$guYnd9oMNWJ6wI1<kJTn|*-r;(8#M_c;P;@*!L&L59=k1?UQjs$c1>#RrL
zxos5Y4vtD#@fD5p8@V43%xvY`D0wiA$LIj9ux!6<?=lG*<a4b6L1S22CApyrgX*U`
zTIPjRGM@k{k`vpF!(6Jfn!>eI^oepE&)?f{tTIb@*efhaj^h#7PK*X($%;601Ga|*
zm1Db0W2^~wKn+{rbxoCaO|JxeyOJda;M9`_M($P#?}{)6H!k#?JisLgfAdTzhgN|{
zC5iUt>(Dhd?9g(R!@ZG62=ii;<8*f6lTRaeCk_5K&e2nA6$}JHLK@^>t8eC)irEZ)
z+kk1?5d}C96WPf9Tw)TPA>Z5O#(#W_C5~>cZj=6P7W3RYA2Pz|z5goo##NY52E$_r
zsNwa;ugPk?0aK>=<BjaC^M>SkyEi*n2f?`An%WlW;5*_S-fE~quljQxSZWGizM?_D
z_`lw{!gFLX1)Hzlr;&69TUholI~xy)<O;0N7b2M$h7hFuRc}9~_}w);@W>q9JQDF-
z7*t!y6Vt1CpQrl6y#dmX9<`h(E~r`(VI_?vlXqRo0BrAp&8BZuEJ@pbo{)3tqx?TO
z!^&k>_8j|Sew~CsnJtu})jE!U9pV2}L7}MRC#tJuqj}0Hb>DYo<o^*50=8PT#DM3U
z)BHUoQ&8A0eS_OC8nc<-TmKPidfQrN`^)h1o68#(ZiBqRc~9*$=mSY498^GN_xgZ<
z)8g9^IUMyqqLWgT@^1*!|9_R$fE}?J#xgss;z@pa;rODVrzr42>nwj<kyX7OLh)r!
zHo2QAQ06GX+Z%!-Ue#gCR+I=5E-t6e_evN^&HQZ9{NDrnQn+r)NoU^V%Dlsrz1-So
zQ=$27Nn`7UPAV^^{r4wbwSqT+-9{N&pX2`SZAp0{r8KD3TJO>p_@tMn^sY*bwbU~Y
zNgiXD)%u8{IapGcYYD=)Yijv`CpWcA1&y)zh121;+|99uY$~&A#kIvKtfFHqrs{lU
z4<!OgZ9uxujb65(miBKyF!MY4ns4);{9~I8g<tBzT&scu>d1AzV=OD6C(qi95c8dO
zxIbc2IsY7Dbu&CWqYKwKo}=(1Y?gfxLv=IlX@3`aXWi?NlJ$@)RED{?iq`&}9(fqj
z=5&2KV~;`Uf4qHlKvdoKwqhZoNJ$Aumz0!(fYKr%DGEr5bV*6g5ou8n5NQxlq(Mok
zp_J}!>F&<?&KcB~dhhk#-+RA*Hitdyti9Ir?7h}rduGlMI~tiw54%<;#YkN>x^lbI
zy`lB3f|NpwM(Bo_yy6i4T|5b^lcwevyI&+FcGR&r$<@`Z#aP*isRCrAm2G5qCh2x6
zC8)yfgqiWhMHzsx5tbH_>3A7ybVtrbiD;9!Y85863Wcu$4t)=A9bc^2`cz@IF8Q@Z
zo1ctuu&L60K1x?jU+eC6!mz{>Tj^ljb$hz5AsBI@8qLjg@2ER*9cBPc->fh(eT)Qy
z-B%hJsUR*MSi8~AkR9+$Gvf2?h<4p;&!*(bVd`1=B|eL7<IS2)kLqk|#?Kpa#y|Sv
z7h%#;$L!Ml<&x<*?c1h_d2if&Lo}10Yy2pIUu4kUk;`0ZKA>*N+FWm&yZv<ced8U1
zyd6CryPA=R0`>SX7alWc_K9>`SJ5Vi(Y_lsbBmj#jMKG}3kM`hxFrT(_6mXD=IeTp
zjeTbK0V`ImT%8>u)1{v;X&dRJbh?7mZ}$7GTrOX^iV5R1&Yma5Y|}|8dQElyo2aJH
z1BWKggd6rzi1S}E0UpkGzE+xUHpaSfn@#(|B1)TvUho%M4av)X2?IImvi$X3-ZIFK
zdB9Kv`GN9?En*S2S0nh0EDtr)i)kktLTC{tuL@={mrvaqdqi=~x!&p(QvNooAcb@J
zo3;Jon79JZ#;m+!FOplNU=j%Ea+e}M(RIby2UB23XyZaOfr$C5OZbee4>jH{yQ7hT
zztA8mkBXVo=8jI5j;8@Y57g4VSlo_EwjgZp)_@*;L*(46clb#xm9|1I7fGIUQP4Z1
z_817cUd$n3L4LavRYTMHVp0HbNSLW@6&yfdmC%RG`P|IzSG1j3I0W1;;lWFET^lY(
zpAxzIN)cb1H%b7tjnfX)51wDWF27jZatHbC-7wdB4n-Q(bob>0K4J>EgMfhT3<r4Y
zudVz=!UT0DasI=G=)hG&w_TCoT?fwp1n>1$hUYcqJ`MH~U9Sd|XetqgS6@hE0J2gK
z4m_IHD@Z`3Uf<ruLx6%~Bx<PA8o!1mSS!6y*P{U~IuXRp%vkg{9y&U^-*!cf^a(RF
zvpOAh0O{J=?CU%y8uCRRqe8DDAKY`1u!8^(yfIjVy-e4!0V^876?p)XH!$_eGmY&c
z66b$J@1Lp#{+b!JwYnf9Iyx$$VZV-_Z==56HS8b^Rw5t_*Lem9rhdH%33A8wg^i@P
z_SQatG0B|AHc6oN5qQV19WDgfyeR}3uzz;e);>EDGmO2M{r1i6D9Cp89#p&Q+RX#5
zxupSY7Z3UNy`+NxoN45O?x23;a|fO4%XbYsusn2hAdR~djpxL#i8l2LGVIUP0{?ft
zKdI>dO~rWu-N#774y-xQ9YPth(hdR$&7Y6b1K6DlKrRkVUsN)ozEyXyT?KD({`tW)
z<aF>p(zmjsAX|gDJOr8jUdWK2|NMKsKYbhA?;E7yuy1_e+(X7d@YSC&P{isxWY`n@
z8rFyE>7}|ZGOfGw7E%bssZs!Z8Tl1N2(y1s@4r{OO9epsn+x5G0u(%hkY#(*0T|yy
z!y3T2T3d^RbN2~gpUBW(O-VdINQDq8*+zjV*n-gvjqF#Q4Y`JLBxJ{Hfg>=ZE<6e|
z>>s}{+w0rWdXc^b9oz33Qo%vjfUvVr9DuR_6ibj#F(qUF!gl;%Ab}<>QX?`@gRlMy
z)I3M({ZqBTf2wzvij&aH{`oLAFs367`yJDN$0rdmVOSy2+<ks2_jwJF3XspgW-kDx
zLvk>uts>ie@D{S&rHPyl*bpcOF$+5jE!RVkfiq-(>_xf;2K3$Bwhyx3YJs1-jy=;1
zjO+V+gESoSO#+IIhtd_&utRAOsqkPL4BAx-{LF*DF#D(U9#H#gmkKcU{d$`b3hAI>
zz!3q8JxT!d4ubRNmkIPxDJXcbp#Zy&ioe^HbOfOu37PW|kO5&H$UJy3UkM$R29MVJ
z)3@UNz9AJHioN9E+}oF~04VlKK$acKSJaTkLuv32_5P_^0D7!1#KqBicd5Yqi;64G
zB34Ml4#o6n<P=7txm!X?3E~rV1mPc~!u_Jal7lzcg1G`$0N6VpN{`G}ng=mM`u6Hb
z$i5#1+0kluT?1GT_y%b><Qw+yd<DMxJ6%DB9ZrLg!b540`tQ^NKl9)}s`n=qP?Y*v
z%|js_GHl=85Q<L#!E0#uD*?f|`$!=R!s62MTFOIIIA4sKwG#qcJMa#HpDPnN9g2>E
z%<sr_g>?`z0J+xB9*NnJdUt)h11;J;zCj8O`4)8YsMw1%>~|aiz={t!agiDi#q|GL
z@1Lp#eicH{zHpa{7r&`shxX}6!w$vt-TgEY&fPC9G+m4VSLU~aRFFGgbm*f1TQFC+
zT-*y89TGBNZ!rd?c$_0K`<<`$rmH(grommk2h{#_?d1X2%&frA%pUUX!;!HUGVE{~
zgft#XgGj^vOf7(P`2VDLmkL>EX75sgj8BkZheG=9cG?d@^XFr#0O$HJDYYiH3DPU>
zI_*>FArTs$Y=$<jNwuj{{`s$m30Afl?1*aErV4a~Zq}tP6TFMiI921yYFQIl>|8^@
z$x||-(>{Q%9IlbTcGXV%v4qCJh`$f3OI%2J1FK6#2-{Wu613p+S`$I6E(D=$hE}dM
zb*bM7GH;eB>L{&LmIHys615BzT4?4sc%!w@(r)M|!CZ0KiM}^;X`#t+A2JD29d=*j
zI}WwAtw<S8jCF157CM72=PNz+?>HmRYEwH1IQhXJh-hCxR}RzYKx*bqdG(48e4G1~
z7hUygsKz>hV!a`LQ~fJCiH%S|BaO`v=E_)`I!utsUGfE~8hAuNAQ!kZPCzUdc#OMb
zfi3ZU2TP0(*msJ%<cUuE7P@k%MirZ(rK>hl_38X;*J4;mo7uQySST!9hjo;0r)fxN
zvBj`3TDaEKrmhoYUN3p4(>{S-h15)93jy_F48brB>;z9=PhNZl;0Bw0^bJ96;_cy8
zekYGx7g3F)|3zmizPscSZ6rE2I%=mEzr!tYyPUSi`QCCXl9~(F5^wU=J?iYh-@aNj
zp{F5FJu$U34FkWGAJ^?sD3W^C@U(KFVro*bo!nPE1#=U6yy&W}kjfg=sbf42xqV9w
zz48}C)d7n3lblYB>J06QHTiLu-^73A^2ct}-jN)3KWX(mtf0rZGlNI=43BR*rXfm5
z(WO*e!-SC@`OYr=UdfNs0ig8CNuENfz8Nkf>kk*KDE0R0qni>Vo)T+Z0mm)&qMSyK
zo8IHY-R|?@wK{e?dgk*aKwX(*H71q9GL_;^7xSVC8aUFfA6B9h>Y~1!FC^93+EFrJ
z7`1eRN|vtu61ICmtp3SlH6-(pb-g%NNJ}<BFEm7bkzSZ|&LB<M2TMC>3E=Z#I$)j4
zh4@bAajOk0xLz*O6rv*PR06}}%0-#_GoTX4l1#OcJ{-`&GwtJD+cDE#%|%|6MkhlG
zpQN5LJk<r_=0Y6j1ge1r0dk;&|H?WLwx7b-z%CmHQ27Z;es%s&2*cH(VW(pvdwftp
zMEAI1EvILaV8i7Pn%67eiTzvM0Wmw!CaCKm7r-CN9U=B;1VZ{4NEl7~FYHe3q4uW}
zP}f0-{}Kb9C;gG!|41w!Ktg;R<W>6T`mqv41Lxv_31A!a3&3AYeD3if|1%~Ih(U^=
zu3aX8zm~<nl>3)ryG)?&V?y{a6HwPdCV)Sb`(KIu#sBVP$K1!n%fDj+!s-_j4!IP|
z`{lsUl%E7eDHurG9%3iJaBv`?0L>-fGKN>f!G+d%A+;%MQ?iRV&JA40sGN>9>gU?g
zGQrr1#v_XXqPu+!0fwqOzvCUr;dsaVTllX<alkrcKmjd51{7d#M1f2>5K$mY4n`En
zls(ZHT7{4$2jd;@{^<$LJKIAu05}95WZv#{hopIn{skzFRZvWZ5S%`{n=FDmiRt#o
zMKCn2WCnv#YEyeg^5b9Xeu@Em<0rE302c?;L6P$h#m2z_HAKZh!uI5f7YCRHKx(1B
zgBTx_`(KIe&lQJ9-G%rqn1A-<*^`GS05YXO!2D*Si<oZzd^(Z|0G#dz<d6^_u`2$1
zv0WxA_cP&&WCGZ?$e_N1Ozg`2uf!n!|7_HsOn?h_4-@Er$HbmB@vxIPu5jPV-opg2
zZ&4hOLv9nGTMw*>|6XjD3Hra70H6(&<AFs1Vghv?Wa57zwx9n$8+Dfn`Tc7G<!_jP
zu==$oxYKzWq5aC9;0gTQUKZLC9N5dA_?@-?%EqS;r`hu$x(Bzignze{1t96a;?qI%
zpx6#saxk_-rtH}SLa`mP<Y0D(lpom1K$h&;$^yu}Ec^cX3C%mb=Z9y&QPv>?4^sHA
zz2_02>}Ge!>|bfy+e*~7&<og`@%F5Xeam9}_<qtLRL&eh2FYP}!66PUpS|h;sGfoJ
zA^kwU@>k;KJ%Y8PU^#Jku3#L&#!>2ke^?)~K7t0?6Qm%h4osHa9V7Sxu**kCzTRp~
zhYxJ$gr%I(o@xIzE;FkoG(;bq&&KgTmyt<l23HG@Z|0s=)GI$L1_Ic^(+HM&6U2AA
zcIyFMlXz>&z3TGgdVQG8!QKyG%?0T=0U&GEc1S_zJ{$8XRKbE~Rt&5OAth&!RhNUE
zTt0=~z8SsjWdUyT@+tDG;h^&L-LflYCB{~?ao<*Nf_NOn#unV#0FaK|JzUK+Ai3=I
zVc(_;bOPKsEQ6&c0#dSDK0fS3y0v#t2s#07e?YZhnF;FHt!^#;z-6SzqCY(W_SBh2
zxRMoOb*R$(yH$d$KKEJ(hH<EHKe%h%SEU1B+5ZP+`rj0!|HnEQv;;U5+MpAIeKP?n
z(+`I>=)hp#MEK(>eK!X}B|W%CfPZmzvAdUtAlwZJxq7<R$a;6r%>TReaUjh=5eDiy
z$i*?>aAZ4D?y%VIj_<GR1|4x6k+hD=9(%+9<iQU(1OAQN|3-}29Dr&oC<gwOJx~r$
zfP+U3xq61yAE0{o512S01~CD3{bU08UCjM!xql_L%LH`7wOa*2Oh9$)o;V7vF{tZc
z9>;|0zdw=tUy1$Ze|NGw?_=VK6N!UI4Y_)KGhzoS&A&U6g6hd%=YBr}$}#{h<Aa-}
zBg*tYtkMq^q!1MctlM7)1Am?S{i`w^gnu^!fzfz>RfXK6|MyioaFltwAVW3%Ux!jh
zfU<iS3YopTfy@etu|n3nd*b5X9fd$;F(d};Ipu`<4s!8J?mrjXJww0(7xV6p56Tr#
z9lI|p7X!$?JsVQwe)O>1|4MA{`O6Wb?m|ojPTWH$7kdvb4jwgRg^XB<R{n(eCv-<M
z0UVNp4lSTt4>EB;-G3mq%fz+)O#D0w1NI!Qzx{P6wP&_Neft^n`bWh;{{L*$T_&{m
zGjVt+9z1Hu3VCNGO8@sv0DI2|56D3fLtO`%`0vGbnLyja1TgId6|x5)hPn=}iT{n*
zUjF}Z)LkZU_c3wAiNwL9hOCea(_RM(O&c!Y=+i-DLAie~i!445?w|JTWPa^X{;*2_
zS&#yIxHx3qe^Lh@wSW49Djk5{ar*aV`rlRQyC6d~{hoU72vCsO9f{!2t?YPoj}KHX
z1AmY!kTvxFb7^Fue2|PI>P%>egUe^1I$-ymvt2)+SN80opc?wXegUd%4=#))X#03z
zu0R#}!M)az>VSV#-|nP>2Kp;q>^*HbeAoaW`FLVN*vrn-SO>f}j^9&^-r#Bh&(6)|
zj5f7<B{P1h%>BdS_Wbl8)V4rDj|pMdpB1<1CjY*kM;5oue^}0c&5r}XntdO~wxT)J
z&@sWIkv`~5VE5gJyMI{sU-%Q3L60|nm+8P?Z+;&<ngCs~YD(V!b~U(dosDViRa`Wt
z2M=ZQ<MzDu`3D7Qgz-iKDPnDBJ7Bygz#6_;lN$jP*gxd6-&)vN<cjD6R+qDf+jQ2O
z)JB_D;fT56l25aJ4k~;OJ7v~t1@>z@7=2r7a9};vW^H+E<HmeX-`3LnHkaB?9mXuM
zIo$_GteI`jcbUM}w)&e!F~I&dQpBXP{YL-xsI?lO!}g{v0uF#b?Es1(nEQ<2h-n~;
ze{|kj4bjQ(V85Dc5&(XEd9{DA3><xh3vRnz(YG}r4J-qTq8=to-oBlr!vJh!p@u&n
zvDKf8fv6>o-9#YD*1fkDPi~h8E!Hh2Aa-UqCPlZ~Fs9WI>m{4BJ)}SG&(wJXgP&@`
z0f&*zx}ZK_+heV5mM;si+pYr;rxr%}5jEbx)>0i}vZpMf05-;q$Y1E;ci31&jPS$O
z7Nyrmr1Lie_z_dvYvYsB<NRAaZHQM&PcIMF!CS^g5$Dzx)t31;q!;?!)FOHj$MX;Y
zq<nD1d|3)Yc_iXf?xQS&N2~CyPw=1s_*xw)e5(c6DG7jY3}fs}0&p9Nc?#!A(PtEZ
zvkBZ1u`qEQ28&O@K=e-{5G}B+ky-xjrR@OzZEPi5-bw^MY@441Zb+*p&FQeSRI)T4
z0Y|Kxj0Nz2c0iO!tF5E}le0T>I~#tBqjeFWiwiwv-Vr<NDf|VSJEX83pPj9`t@#pf
zwF!QO)!e?F1z@qi48B$c->I6LOhHH&?0nAQkI3Gs+2#iZ%KElPywwo#5g-UVq@9R$
zX~gkthwa&yb?}|JWnz94_$+MwhB?ArbP=;?+dTrYxwP?S3=nIx7n=pdbonUPNwGpO
zDt6qKYTR%Tg0hQbP6)EE>u=l;WFH;Aa_y7_wk-n@Sq6Psi=@}nF}l~8FL&b2Y|&hp
z#<t!ea$9-LgYXgDEDu9eMmh}F0^l#invcTGb^C6t&0g-bzOch{W^u6{7;P^wpX<Ak
zIeU4_+H0EU3?fWxv$p8y?gnJ{5>k5GdZq^aX8+o3ch>A>@SiSguN|J%X&zBT*yc)D
zG@{mFvlf&ua2OqfoA(u%&;Dxl`%+i?ZUiBkm-}vHn6z)shIVpIZCguC6Rqs<d|Ekg
zhX|9~bj?T9R^&w@YU3PAhT!J<Kr%HV%zU%90vI*iNvHxwy9+cH`fg+aCV^YlwbMk%
zS6#tZcl$%QKqIqE0=KQ1riq>)!tQRGb8OD4R09aG?c}Q7;R#qdpN6RY=uk2RH`nW9
z`PGfL=(@v$F->#{5$3issxjYZquZCdHhVJ=@L2eDoo=GEWlhq_brqBZeu|#=MATwH
z_wsi}xH%zey;s7{%%{{$^I$+-)+Afjus}e0xo^FpVDSfhG1_4igjjU5_P1!ANv9i0
zDf|{(Pi=#2=lq7`W;4coO1(*E7A#f_eCRpZwPDH4P7F+X6A5B>d7Gw!Rl(BAkQJba
zl>B~gI`hs&W@ExBvPa#Nt<0iN`75`&wu$CPVxnL-{5EAq`sVs#uctFoh4-{J6V1<L
ze(H61%MxA|$;&f}=NcF{Qpm?NG07D_70t-t|0**{h}|kPS%}jrCWRZ*OEr~>p|_V^
zk!IjCn}3Uk{gi}`CHWN|xrbq5<+bU6A`ST$wu}}J@aqgFmgJN?aw=hB6}9a5X*9pE
zwX}GIPDS-#HgjwCKBCmt=}f?u=?L1G5K^>?fpcTN3!_Vw`k<{tn22rG5rj4=^vEiv
zgc~z3jPA1(<&(CMEIgkMs@#ECv&y`D)S6m(Wg6Kuww_jx_9=<4mgHPKO~zrUKy7Wa
zGL3H<+jgtR*px((B{>gIlW7=gU9G$dP2*yKNo%M5+s@N9U7lN060?@%w|M02!^G-q
z+0|&s)7e_uJkX~lRxQbec;sMVVhy$FYBZYZY|CvPm!~BVmgHi<`a6Oe(Kx+U<G_Jw
zNjfX?yF5)V!%&-Qn>A?~)7kRd0gvm`60BC_(mYMC!cd!Q<+W(AmIIj4z)_#s$pwU!
zH`gv{(+Fe`O})4ZqWFYHGlR{)!$W0SLdS|+iAT;SOsuum;xSEB1{+m}hv78IN`7e<
z|CF6a7FSZc$Fpe(Mk{hPo+i&Q)b?5&P<JL<O}mHtd1^u)pU*|$V1NK;py8BI<>{u^
zVeTF3#h<Y`h$L=Uk?T0!DU(_<WSMUFcz>RnghwX5s9B4~mow0QN~r1d;)6UXA){1(
zx_HjOx?xLl11BSyhK!<g-HWP35}v33gG=CmFf3Wx;o8zl2jBe4%A&&rcGL<RY(Xw+
zWV(e$cv@$>`IGSU=yo%W$h6K*^Cyw%(Vb=*(P<q-^CwZs|7hG_!vg=Iy}$1Jr)~rO
z8_@n!BkWt*+>_78C^?OFs=ws;eaW{;AOy6XZpyfAVZ@?JB=j#Y*&zWDr0hR;DPsW`
zf!c&2#WEKE|1LKtAGR=WWx&5E0NagyT`5MmCMJMo!p1Osr7f#c?U-TjqirnpO#_t{
zW|T~LrNZ_#_037}pOcyJMulxz^?%M<;Qzbt`)vn)qpk=NV4|k*t3eP5x2>#1K%K}-
zr)?b^_}S8QI~>(6j1{U<lamBfcisEYG&^};CQnP|iZ*0`?;+CWWO7ZDfOp39M2~g$
zBBi?`)S?XRnr0wX2ZT9;z~|pY8Tdgrat8hB<s%EDYty}+$&xG9?_MTL#`M@VWK^Wv
zF+(b5h1;l`X7a~6A9v>CsfI}8t|Ha{zU81W@E=M4^TNPyt2a00LEATZ6n=XEh$d_p
zrL3%`$M>z-ZmK2?Oi#}mD8ScSc4`%uyVRy<jr`%qTl4Za7*khPv*P<s8g%C0ho5gv
zw@ZOhB<ijHt<!tl0RBBhd!+XX`*(m8#9TWP{G3b({I(Sk{P9l64%IG5*Z>l?FoJwe
zo`(F)03fOkNo%)*(iof8%rK%IqD_jIeeNdu$)HBbn&l{iG`dt!Bj>4B&*YlSLZP-N
z%IaVzBTGX@$ECorPQ!B&7Dkz;sB<{GP_R`)j2u0Fipi<pfo^*T-tpHZu;=>F<%Jc6
zZ(Sjo;-GrH1j-!F|G_2je^<OcaT_#ndjr{`3H&m)D}^02xv!x0%`>~r7FW>g&1GbZ
z>jqtOAX^0h`qQKcA!Fp<9PsQK*y7nhZ2+>xvqfGbTRc1PdMLo|nn_B*4?n$x4+TSD
z`+vg)*az);s0Nm5NX;m^AIKx0P9SL8;*An$ggOFhkl(k^%aYLLH~U%^k7ULXb63!G
zR{tQOwo7tBzb}zDWd<T|`i5hGrK&9P8M^7<<rE(90r&4-+`Z*e!dR!~OAgOu#u%lv
zKe+_W7H+%Ll<@$xOEu)*T>}4B;(sdu{F#|Y8Sz<7`o4wHXEhmQD+ji_{%&SigI;g8
zfbF}kwmt<lm9{)^m21LJr$8+lvb~V9q4_<=APv}f3jNu5foy$|Z4|Qof^3VScB}C_
zxB<lD;{5k`9%blXG)$}KaC#;aOSC;{$Z#6(yqaSLus}L5fP;*67FifwQsoIuu8A@@
z1MzoQdap1n1^1Vdz1{nC2tztD-JuaLA%)3vtXNc)g`fdFkplvl(1?u45&ymPKQ9dY
zGUT6E{YRRCgMj>z9V<N5zd_xWVh7RN%-01`UCC_#`=?f;K`rgGViY-6*$&c#U@4K?
z7;Dm{1!sP}@tt>trzzH?M=K{Y)}&Vpfd2F$|M`Jz`;qMc*p{0NYV|(a!{Bm_J;>wo
zG_pPK09`YJ?Yp*B{d~SD=(NVo8h8eWZ*I9^^dZ)2%2xXv)~B;fcDm{?7W**(`|Ub4
zzU{dx#M1IKVx}p8IbvrXSQZ8B5i_f^{D>`4H6RdtGX2KW?V^;OCA^)kRW;Z~e~5Gh
ze;#6|in)(sDXVX1ZhSGIZkEq}eI<mn*I_$%tqTLOv6IyYbI9k1ZN~!JOUosEQvCL7
z>zm1Z8=_1p%#}+Cz|PV-DQtbE621w)clX3eoMXq1p&m05M16p!$!Iw2bo1CT@2Y^?
zaVXp;64KcMU~woyKpDSrZt}X?gC~ng@gE#?2o*{g44M?bIDML?Hh2u9;i6YA006&?
zrn<F3IHGHb4Ke5aN#vt_)Poeu<ekS01+tdbKb+DS?PZlGHfFqmH8(@9_(f8Ke)GFj
zT^p(&7h9FmW_pKXD&-k%Ln@dZ66T!JRmNqlrNN(5(au@Z0053tTeWH=JT0wXwgyRe
zWbL=KHUkC*yn*uT<S*2i67^^MiMj_BQmO<p$hj<&gQe2-PpDDc-Tvl4>iDz*XP9j}
zvv9Tjxg1WX___B#Y>a0VHYqI_;|r!N^0cC>WBhAYJak{)6_M;GD&kB^<`UqXJ05A5
zq~xEE6{2|C02hd-tHFkSOjTvzDNMNPxbTu#ykkVUCoZpq219>%Uh1>-Y+(MiNnMmR
z4xS%n-`7rFaU6FgjyWNyxWthto#|)k*mi1%Sd__e?j1+5K$WDC;ituHN;%#Y3WJ-<
zi&wavlq(*Z{185__Tgc6QT%oK#l|I<_Cn3YD{;8XC9B6;f%s&%+a1>5N5078Fg&Xx
z#GZM+`jGb??R6g_Z-Ep39V-cI_YFVNcDm#R<h+_3z?1V^oP2>DX>*~&lx7aMM=wy?
zMd^gn)NM2h{+OrugQ2lLscSNRS+m@*t3xazrD-T~-o+&zjuO*ujfU!SD-u|WWwIVp
zEm-bPRme2_5(t3~-$`B?l&9$LQM_8RhcT&@k6YYrUH5BO;{hgyDq$895}Dtk6uot?
z)A~MnWU9$1N~qBy$j_i;{5;PhX9jbrz$km1gVSpxj%~e+^c`SDdIF$XA__0^oP}k@
z?BG4%K;+ntd{;<#?33k?5uE3#FCmqv+ZkA16RmZ-Wi<!j$k@E3YMm6>jT)-!bLP}(
z)~j{P)Cm#|0qR_~A%fRaHGA5=ZoYUWV8s-l-ave{>_R<F8~>zK@vTgj6&#7#n77gl
zS~KcH0Z;rDj&T}%NY^wnJ#MN-<{DD^iGO=NVij)|&5vL9`8sQCklQWZ;zZ}=?vd2@
zS)GruVB6S%>Hw#K#fc_tMaS(RX~z-Kxc3-T^)K_-rsbYU_Kj2~870xtv23|FbB*1G
zRZkE-9}$Az9OGH0oY7XZ>JVv(_t&<v$BU^q8+fER?BE%mgPT~;C7x;BK+2pnn_pcl
z?@u%~V4C30EOY%vL&6WaxqH{LWrJ*QwWe>7R1-%|M6m*e=V%AAhe|DPUi-nJ%6wPm
zPGD%efq!rMjG*u%aRW!`V(Q6&F0_%c)2EHo2`&xhKVj62F2Cu<7+~mmR|;obo!Rb*
zd~Ak*+w^l2@K;fft>5q`zx6?kg}>o3vwWQT$w6G7F~;1XGIvz<)NhGm_eZGsYt1iT
zx<>jw+pj__au5)GAzS}(`7(cUTH4#U)Ns#pgQ?-Nv1>j-Hs0g$6FgJl8hR4Mo}up5
zX+-u3e5*O<aYW9hMjGT&=LZMapOpwSFk_hPm!U#)8u=2dE$np%c5+0l?s%CLvDf{r
zAhA9p$prW@qT3Akm$0-e3Qrd-4F)B5S_-+^)n~a=SPv)yDv58WpF39Nm6$)7Pql<G
z-P~}(_(14}?c%uozUpzbmQ!i;;+-u1F=K`)#mxAN>N2up*=z)&m71$1_v+{BEmcfU
zx4TT8>p9Ouy)w_M^ajVc;IfWRxu|-50B4}W4oh*@<=1*V511AdBQ5FXIU`Akh+idr
zf6Gln<itx?Yy$w-=%qf4jg_7X!E8?;>Sxi|ej4UJs{%g1|I+2@&RhJr8sjp{r;pKb
z-HFELJx6mlCQG0#3@!QCG4PR^ckr!o&S+(yqv+m_R~*hUlXMQh)o+q2aLJY1CVQYP
z{s~Eq<+-i#qIBzMlf-+9CKDPTOFE<+hlEnY3Hm;EW`C>z4~EBAaG1zUI~pGO8b}RI
zh8!Cyt@1+gQkHK2q$^@s;~_(wZj*O5t94kn?6?DaA&n%RVc(CK+|<cr%sEy6%u8G!
z(duPK@3wW1w=UMt>M!0qSJ=fcq)I%etKJNgwqlKUbcu1UQ#038uR}L}Re~as8uz-_
zD6}>k?$MpDSPEd0{h&e9^)r>?3)iD`$$GR%qhWq4wP|!(&abg0G_d`)Zg1{!!Ja1X
z;<V`|#+nlv%$r<r%BA7p6w+$u%Y*6{1+|KE%u+n-gK=)b-WpxF*BS$he^aEn`Yp-+
zdjCA<gVgVj9|WIK;^>Y`x9eU?XbkgyZSt)}V1~p+CaKf|SaebJm3)`0Zr#2?q#@a{
zIrd&Cpz}P9;wahrEr(RLt!Lq>%VQR%vHpzk_a06C(oZ$!TC#Cp=xL2n;z*sW(*o{k
z)1B55#=W4&BK5pPd@|aA+z{;we>|5Yaj@`%ta!RJ*A`u#jB=rWy}X2bp}Dafg-^gF
z^Nhd)I;GHOL2kfD5~BByGC3SR6)Op?WL!8mbyMIw4;l5WdnDd#Yw>$?>kX+~ug>N4
zmz6&8!gTI;``mRmIrCN-t=Lwe&nO~ef`tiRlFsf&<E`ksmMP*-6|a2|P5br)5YxoS
z*;#5HyWQqubH(f_`E~f+dAl_1t&^%_v4yqf@68w3{NJoQumNF$dMIAwq4+j7Ro+Y0
zZr4mhI*nM0lFyu=ZnQ@TgP498O{i{Bo;ew-q|jP|r7`;9;`|_=xlp_GW_qoled^>*
z?%+tbxUDp0n2=jk3W<(HG1jvXr3x$?X@=($Ni4vLQT?Qa4<41?=WAGMA~bBtm_)JR
zZ>>dPrFtqwbpUPSI~tg?9y9ohGSfJr=B&|fZf?XZ>U{BpCE{O-hd4`^Dq-iY&fb4)
zGk_iM{logfd{;_D=&8jBj_+SRO(V9?a@#G=zd)(+pr%?P6F>FgyV7>KH}$ke)%ip|
zn@ZL)@2&RQu4NqSsHXH0nfvZ&*Hx4Ax}_gy;#{AZ8d3NGtYL<k2a@x{vM$GF(bHak
zpn8vXy&*Ksf|I}3ueD?PQlOK$K@^XKScr1uLkXL=A3IQ0DJZB_0sg0}SI$4N{;)oy
z{z~ARH|n$ny;X+;)sIc5)hn1CXJG8^3*_i1WXWgnJg(OXzquUaM8dz^{`Pc!!^h);
z=cw_)<ZWO#8x6QRWIcCNObjn>z{K@h>sPrMC%1k{vZTPZ<?$JP>#z)mIrECs{<j9k
z@$dsVzJGq4&3zwVZs(-c6L<ZJ*UR;THagGX4lh36i!|$vy7p4<3vOUS$Aaei&S};2
zbzB#%lW}#-n&QP*k2PHy2*1|IH%IZn#PKDmPE=i@Rv@FxYk*Yl={h>vimj4%Sok+W
z4)HmL$9iXSa6Ue;FyP@L*4RGvrI}Z<B#CZr3;fy1lXc$2(~eoOGK1O)$0$i|(w*f=
z9<#0XAPegvU6c8k<@#)XN9BXwDT(d^C(`M9#y+*~C$lDLo*((kR<7wA^A=C}w`Mz^
z&Po`Vyk&nbq>B16aPMY8E(~#dD1Lg0Fzc}}J)>&g=%_aLR};KwtBI}COTL8YjMU1G
z5&RSDil#)S3+*FPzM-wtk1JG5{qU>H&e>e7|NM-|V_BtHkDPeq%B2ZDF6}r@`pxO4
zz9@D4U|wUKT#d7_@v@0`7vF4e2S@`OlgzX9l~m^Q;iR7A)IcIpLazy1>CFp7(^5>g
z7T)Y!Si97NR-p?&@q$Ctzz#2d>SHsDWnDySPPTEi4S_<Eq$=M>u9N&<ESt$ZFuSA)
zX6jKdouK{nPMGt9bD>Gd5YtOZ1KWp}mv{xmt!`eP)i8Me4gIkTO4+^H&GSX`6e<yR
zO^$Jshz}(Fs;RQu07+x&!vM#RXiHK;2&?C(nGxyw{lzO37H_Nd5_VohPOR2H;D#^q
zv8ig2Q?byl%9c;k_=I`V5I+qs$mm*n5jnI<cjkUm{_R%12R?X-kBg!uv|w#q6x&57
zFE;DoV2vGnaPFl)`WoAO$F(eu4X=CDm(J*mt2v0?94TB2t;Yp!N)vxm5bNI3tvX8+
z7gsidrz1DQm!8d;RLlAWolhyFl}^VZTiN%@8m2#%?WeBb-uR&?26X?7&6ryqPFE}@
zV8>p5bh4!6d6m%V?0dXFXKuA?3?04bKL1sq7k<KXoD%!G>qggNg;J%sE!O>aca*OP
zVj2tKw3by*+xAzJ0V*Ln1-{@<ng-i=A0JnoOE91@_`EVFc5mxhRibC=50}?5JbY5j
zAFPVRCA+lF>4^>;$0JgLeSg2IAwkW2WmJ>ZPMZ+6xx{so)J(e6#3tdhE`_WgV!{-!
z4ehQR?Jxu9R^Ow6+MPwkhL2YGFZJNU@iV6cH4Gng8+aysKrjFTao1HNn=UHIx=k5i
zUFILrY$#JrxONgBok~dV6QSS@!&jq04^is5s1_vfM*VCgwHxlBvpHLed=esj#PYU`
zx{-@G;L;qU66wg>%h~6=G&@o-67tkz{kA0~y3*+MN~GJQZpRB0p~&ThkjCZ9ZGZd5
zV*$@&vpf!e&tzZe19a&6-ebdQ=&ia<aOUc(y1Y^sI*}7==L8;#8x0K@>UXA~r#lnq
zZ*Y&8{`mUz%@vRKe$O70BpIu7KrF-KQ}3b%#rT>R7OZR>96L;fh**aNa^wVY=C?Wu
zpO_I^Cyi_Hd{Gt*c&`)Ntcvsf`wvnJVD_f;6HN5s9O(xkZj5aJ`{{Sg5!I~camnV{
z9?SIMAXY_FUaUxMTtpNo;huHF4(Uvoxz4+Q+9fpwKl4C`x#}8RoeJ)7RqAG?y{p;F
zBrG>WLzFDF&BamdS8Zt?<}|1IC5~wgYjy?lj9HEuv*y1RS|=uczJ7~@KW}vTO7~+c
znAG{DMA~~dt`^Cwe+1z9Tya`&K6`R0`e#<ogqCl*SHD-_(Nbp)olji)3SZV$|JdU2
z620U7edA5syjuf9q6NP1mdQkgc+0<ZD=fWkiwIZ<>t2ppXt~@1*GUxN<@~-eXQ#v;
zDxTzM<+6^6W<n{h^(Yl<)hqfjM@GI|<eNMAm&dE$MoO%jJvJBv<hE#tiA5V%IJduh
zze!S-vvy%k0x0J+xJh8m26d>;XPWFUraYTo7YU}`IVG4ssroi{L{-xmPG6ecCy_ol
z&l0KdP0`nmL6B~0bg5kBN(*o5hi2BQdo#9KT+z#1I8j!PTQfLv*2Q!VzO;4U-q3SU
zUTHm@b~<2IBUhmDHn62WlRm^DE{dnqlm;`i4)xT?TRXEzaelo2J>_*+UjKUHU95}z
z19LgY%oTkb)Mjr@8csB@+zHmuFfD!uci8CSM+`P0)|cww+Z*Ggz)l?;!BLg+vTJK)
zMK(EQ$UlckQ9mQ+Yr)3nY?-P7eFy)zDo;;O&9eb1Cd|ERDu6?F!Lx`_+6(5EX%E$s
z`;2nqx6X3l-d&by8Gyqmx}2DUuES!9z0BQ?&xjV7u4HuT2475Te3uzf)qmocm5_E?
zAS(U67^dqTF_tRPOZjzY5h^+73TZV;zOJ7Q8Y-(0UL*C>bhqj+(|Gamgi$&_lf9wL
zCHA-Sn5SQq&Ge!IvlOgsV!pubA0wYO5u6!V@C|i_c?|9Gj9Hbpw6uj7RT1$HD5sU4
z&5V((bXR`QJ)OYm#45x0wO-};BtahOeJ-q_ue!|)PWPY8)8E!nMeo35Og}C$iNPu|
zyfP6SUaga0m|OKcr4O$5NOnRSPsi^)U;0{h;|O+)(tsWH9U$FHLm2BR*6|y7b)A#`
zo)}!D#xfJ5>!j89#JE|dN<B~<e4_C*<-I9yFGdUZ9b>0aTq3VOK_MX@pQ}zQz1>2#
z$Rp29HDh2w7e%I&t0YCbq2Pjw{pI*t7;nCUNBcQf@|I1@Hd*2x^p7#TyhM~|H9IHp
zX(Jrx9k{yHx4#0ym2sSc8sppHB}6K*f&t+Vs_rT02>TGKuzxzG>sadVRIHbGY{cVu
zycAPBx^@hFI?9%Fdt3+QTg$^1;d^`*Nj}@X$~W)gh9%2SZLDJsZb`DB7Ph+T)E@I&
zifid$kMDSO0_HqXKEh3x@%o(VspsM>dAWLL^|2Ufm^hNsfNZ!$UCE-D`quSERK1vS
zZW~`%aK*jIjkWOf3CnRs#yl5SE2hTuPd%H*GwcHJ9-)}^5fbOAepo|eP|%yj?>vWN
zb<96IW$NmcXYaAm?&iYTDFgjSmgXc>dQ~u-^}3Dv`@ZY0#m|4wZ_9J*Ej**nBKF{B
zeFte(nujcKf($675*!{ksU&)bF8t|}J_oB4Df)|myRBCV^rhkQpIfQ`%X+3cE%i@d
zSk?xMVVx71H$%ji?;HCob-JW)2cT;w_I)@d;&JWEsWr?m0hzb1$F8DW(d<5Hp2{of
zlKD9CQ4XpJk7dD}xhFAAipQfUDnZssUImjfxG0{C#3R*b!1l^=(}%Q3TnX=GJ;%(d
zD3s(eKmL2UXZVFJlsh~g-gdGSNqkO+Vjy&i$9_UU$IPT6>-*ah9UsYZ52_gX@D2x#
za))#BbJLoocYVnUhGKp5J&9w4A_d=gM^IIyIYmmXkmP-BM2o6XX!6i!WSvpArjzNr
ztH|9c`kXVVpbb!}io$2$lDKe;P}SqMrAuj*2c~V)CB6jz2SV>~PnW#@{yubwtjfD(
znt819{tHr<*RC22T1B`tPp=PdQ9gwkdUaN+4;71QTn<tT6m#Di>%?@Y`N|t`Ss`<^
zwd4Cof4&@1LB5Dwf#N~YFR1UPyPv#1S8Hus&|#ph_6}Vk3sCcYgki8GMy<(hTOI8A
zS}@~V$A_=*oSY`#NcGif<@Wdteg8#2Nv5vE*n-E)y!WW@kPnIaH)}a@V-ybLu46xb
zuHHT*!utYz$}|7x=WS7LN&Xovrswj`yDgwiwjE~;av-c-f1ld)rWV(=vX{gKqdMXe
zGr_lw80(YRx|lUU)Vim9WCxWXv8ljl<;#q%ymD>ECG~R`I`3n9Ji+IXbzahaCO?)D
zBBx6GN`MnxFr2fgvy}y#v&;D6kBjpH8}#LGKKWqE_m3s2*{F(4jpL)<*W8J>{6Zn>
zDvN{p;PMX1XLEipT14byxoaO>`wZk3q9flfgqK~$Bg4AF?*-g3s`0NbBK+{2RbKqe
z=_~i1jo)^~kvTTFGjMJ!zG#}_b05C`M}TcSiAq#q+2l+(>76atAM328HWSvSl^sFo
zYC0?EeZmPWkIY|$TdlLa)n(QX`R0F)MC)Eu8b&I;Y@=Rz$52~DnX?i((_?I^PUblI
zcb_*lWY}U{=_Y+v0N90+>QYqJbhRFz@i)?9QKO<kR-$ySJn#E)6=uZ5w!|96AC6j}
z0e)rFg8oaYw7N1hcjTA|CZgbB?0vqG6YE`Ki;M&lL2%q_ur24Oa-?RnzGCY>K0T6B
zT!RlxBU|y`Fc*3)QB5~VVG!sC14%nK@$@>HF0E_d6x*yJ20rkP@q{^SEW^L`u@p%%
z<d#d`ZJ|-w!SJDvAi=-jdeS3|RO7}>%h^#H9BNn1!7|o$-^kqLuRpdvi#}zz6mrI{
z&2PF8tQ<Rw2v&;DdT<Pj-Q3cxorj$=*2ha@kScmrTJAlUXEEh_Z=LnMN#@kGw`dWT
zX|o+1?GIj0Wl{o!ux_1++Zbg@_{|qWKNafs<SgnW_FuxfBFJBJ^2gBUTeq7Q=xBrA
zE!`R_bMQ*xieJXmx-$@Q*A=BdO*iPyLWg4%PMV^wU&1*?0yG!W*?LwH1^IXbOXGZ6
zlCRb*Z_h<UqJMl{)*i4;-c2bqVpul1uHF`TCcFL;=eZUyO(2s=>sf18(PzS1Mm#2&
zlYKnN6>0hGwt*F{8{xD~i>z9d^02q#?R+@d{X;Jmh##8NJ{!MJDL;a)$G5erUApRu
zAV10L#y|Mt7PHmXSj%Mai<8yf#>5c~36{49G^D;f%6;p%w$A!FdZ{C+E>(V6@;!Ok
zl(Ixr<nsv0K;F;5pmk);idr*FOy-7qVx|{|IE{DH)M-WT36eU~?{95$O7AV+)WjFy
z&PP>UaO~)ytdV{$9~;9i4Sv?a(~(h2F~cx7IL2D1>6$dY&1BuFaLadL-b&sKB3(@j
zl2vIH0W?3JM&5UzY89srgM~>x-#VpqDMvT4Fu#Xadg?0dF)(cNobrn6loQ&Q3D2b~
z*IXZt48~*LFON(&?f3P*Be8Y;Td$^?-qnO5%{0Fy`2h5f<*PhsTJa>A(orn*G42>C
zH@sitXxd=Yqm*<mxD2_W50|fQVBHr<RZ;LHd6+}7E{ln-J^zw|67~CIEm|yg3waqo
zj%xwvmc?bpXBFB30S$^<ezq&6_gJ>pV6PrN&B=VdYUop6Kojq12GEx0IQra4qlL&W
zp;@L)h`HRNoi>IZ<jN@`T_#>sC&!a}yafflrNpiFTm1}56TSEs3IhG-vnHJ`??O7;
zrAFCFV3b3*k2`Bv#FK}+ZODd3s>^I-4~la27Hlm0`ilWsq6CZ7a}Fhbv|b^GH7q#e
zF$=n7FR4ikY=7)<1x)eP%W33__@Hf-#x<HRyd4ykiN#iWfK#%P`KjBHxl$hXUA%mA
z?)mEz>3$(*hD@&bWULNh&Q;#+dGv7>^fuf<4Md+t18-?E6NrO#`tZhG*N45B{tPi^
zIrF*{+NhobPZz8_4Cbf=eP+1o3$Ms5YTtRLi&uk1W<V;hEH^nfy!t8I!Biud<o?V=
zG2?~&XG$hPPv5CrdpjC_;TZfb4c42xuHs#CEDdsb#*$Q-+v4rtyW`}AbMLx#w#!+t
zIefZZ>v8g10Oz#G`S*8Klt1fhhna+>X8`P;@1D!(liUM%vo86q`X&{6OV;FAz5C%v
z!6n|#A-HhmluzVKORUmUrdq-qZcGI6O8i`2r1zp!qvdl6v(WJ~QE!%e7EVw)isIz+
zjFsW3pa`SjKB2YXZ3TZ2g*uLmJs?p&QSH1d=?&Xc_^{?-T=nZR0g-bpXo@RFRF3hs
z_6o)t4yl)}0*MW156Z=_3Y++|Sgt!qp)$T_l643SKzE5#Yw+G$t2Sei**2vzKTfKm
zXE2`-IuvV1MfbknH*#vJisy~LaeA_6ua#5{=_6MH*B$z`?%`ply!%z^4<44r6mCq0
zYqByYhVtc;*fzF&c1)q^AQbc%m(#y=zFY^!i^WdUdkwJIPPZ0hj*{&pBne*H87kG3
za>@+6F!+qsOXqxR%)7ulg2rs<8BwFY<zvaOS~5c?8{IGmxqRE#WFiIIO=a{I+*<CZ
z-l8X2?oH5>)HItfSs0x&{d%ixX~?SihnY#y`YW~wLtLp)eG|2KO7*ywH<u^)xE(?U
zM1voxD4M7PzFMbL#}M|hDPPAzP`01=5sfMkRD2&0t*mWR0<I`~l7@Bh4tCh^NnVi-
zyM;a+?pJ%(UMiTmoX2sxinoXY9?Gqe2&dK#RJ$hc8g4?ucbs|a&aAqWAyXk?e9UR>
z=hgSkpI3CU2VzTV4hRjt2xeWnc$J-C<KprA&$uZUn}AjdL6;GSN!ECFoe+|`@h5hi
zXWx+C*tE^9dwi!j_2mOWkEj*{->Pdk&%zn3>cT%Vi*BKIiH}%2VDGrAM847l>!i>L
z8@iq|U%&g^$Io$b^tr)rV*UA%*4oq+*?xMaayzPUi9VDbrLMPmAMd(u)TQWMPSB4?
zaj9Xozs`;YC_Tv__Z}t?7we0oG4tL?2H(|4eM9w0UhUf3H+&aFEV^1PRPT7Qsa(VH
z?k%&F{Z@6?HNGLmwbc7+J|Pyr?UKIO7HxF`*?ctf<{QnqhB-8km!uvxmZI~~Bq=VX
z_sZ8>-dz9e?lj8kZpyw2=B9Q*ap5IL8kaV)z%6{?NT3xzr^VKsXnG^E*6unnNwZF2
zx|wmt(xc%r&I^T>H!i157T71cz^P)``_F@^;OdZRU8~fZ74u9)X_<$we0*h|PHboT
z16pBB1wY$_FJ!8wSLJS_42j-z4H{KtAUNwtN@SCUt*=O5eTM7i{jgjg{OYZ@Lqi(0
zpKqR=NooMrXP&l+hYTNUl}~*GzW<>dRQ8yZRM2KPy6k*}-LzEM)61#J%xxbUJE;WC
zhEYuwf)!AM0-GlY$XBfv?7K-m`znrVjxs*Ro{MHL9WULwPShH0rx5&|SUh{fUVo7?
z2JddZ;=0_Uc;V}SoQu+O&ebu3T5m*Q@kxiPM9=u&0sM>_i3ty-uqJynUQyna260vl
z*OUtz3$aN$t@KXEws<XSxvWP?@5>vb&#^5OUMRv7B&yfs<-&icE!XD;Iv;n+Z?g1$
zwtC7Ynmr-GVy9%GZbs{e2~X?U=Q^KT*Wu;y>uoJ;T*;=eVI#F9>RIwGAJW+umtGZ(
z7E;by8UXsM>$hl?1qb?tiq&s4(UylQ#N2B5Uhd<>B&cRLZ0h?UT++rSMKNS^byOO0
zF=D6B<e0R^<<MjrTxMEY^o+NwH_u-`rf~)qT1ESnfhpE(R{!Awub|7Y$>}gs8J_W5
z9L@}7TH07l{IVm3SKb+}4sG?0p*$$7WK?i^F7bu|Fg457y8EVlT_!oYoOSptHZ9}3
zVkUH^#|2k2DUt;Hv`%Et9dDX=P0c0mHBndg@EG0Mm=Ht%tGSF)y4kmH8Y;X#-$Xwt
zSN!Ii%^Xukte14?4r&L<mV0Nz3hITj*R0<XB}F7@u^9Qem#5awyfu$y7mzy1;Ed;e
zEp%pHT^j@V27J1)LwQRoIoX+M>6|6my>zzwMxWZUKQ<6o+%xT598f97EAy4@e6nK`
z`z=FD*7wQ{GbSZPyATx1td&}ng75k)B-qY`N)>YO%VtaHl{ei8y1!b7Hll6eD;59f
zrF9Yw^6~S%0%!Z8Fz}`M?9HyG+f3$jMr8_9A8=ohwgBAkb9usL`<U+tZI#RFJts?i
z?BNw}wR3g-%8SUgW%JZ1o`vUdU!h8GVq!wy#cY^rit>%OR!Zs|$23}dIiH?F5o_L}
zZ8BSgoj_1|tGF(-nYg^dX5;3Q#W))@c;iit_6=0ng^!|l>O;$Y&hXCnW1yLjxp=CN
zOFBi$uPDC;WMC&h(Y^}1TsOlf?e^U}H&5Zy{2)tTWlhb!+nXV`M@8)mV%#DkVJlhl
zb84(Ol{=XvI}EPmouf<Ozi)eYY@vUByG$ng;hMBX+cD6;Q5|X}CBV0P(wiK5)h-XC
zf5=J<_hQn#!8cU6=he^PO5a_#!W(03{T)FDXunFquQcO_UoYyy4Bx~b#We9New2bw
zZ%lfMke%4ay)gCT8&;f7Sj~s&jf%HapBJ?h>j=M{v6pKn#INy6`f)j~;7u9%Bjun0
zy8O%mTtUW}wpXsSCh@I-_T%&qqAP@x4bT<x`rZ>LK8Y_0m2ca88F_Ne;34@#-G1GA
z4o85{3w6BpN7>M$1kI)mU*lBW`iAuTiI2<rp0JCNqSqT0UGEA0GN&^v7+o*;g0#p^
z(obEi@L@n8*TpT)$0z0npQm6kzX+2}iRh+pXtT}$CrJQv;JE-S3bSwby0>nKJ1Pr2
zU1-B)_-ua3-Xn5uJ*{UO?Mt=z%vOS3cZ$*-;C&M>PuF+3y4qy?m!T0Cp0dJ26(d0-
zPj8%Mv+j<;T)3lo?LN9?ZG_;3dkoD+7e3qRJvk?szld$S>aU0<xV?Z~2#-r2!4<T8
z%9#^=A6>Xc8lN`Bk04(&Rtv`0(8A!lFiL~&!gV8FBlg{n3ie4puzts%h#|e&Gez}4
z0MM&oW%6+@^R9h;hMg>jtaADp=1Y&M!oXnZ;-Rvh3&IT#m18ifXWiqev<AuwFIdXm
zJSI8I05hDpnB0?HT(s`w<KkI~!xwcNj&FTet)+Dxh&`<yD=9UqoGmvi4?iPVwBUrA
z&l=nL?gH84SOwTKPQG*{hGI)RSD8p^?LNS_`E{i6diJs;s=)+#$-VTg^S+JA_-Fy7
zgf0qdRyjrHPcM5`{3yV9G$8JKg8e;Bf#DSoPtqHAY969sX-UFFpERkm%5wzR(t^M8
zm?h5pPX3E@rksE5+l;5tQR6h80)qiBZfFcYw3KG5wEdX5@F?U`vaxN)C8L)*YlgmK
zxxmEz0j>uew1dmz%mcuupxZi4e6#We!X6a`r%&kIe>cUge7DO|J-P4e;IiI}oY_Y=
zpEiX|OBgE`4xiD*GO57}bd5;*p!+3ZwJL-Zldj<sdQkOF_67eQk#^53PsS$Oe6A2Y
z4LSLS@+vHJL{dG>v-4sTwlF2@oo~_=3VPrNqy27vYeuIL=}GU5@}cyMrN$pg;?SPW
zB<7OazWb#C7WD}B46t($q<Z@(Oj2Td>;+Mw<a>iVr;Ae?C1}bF-RH|JGwzmasK*A7
zFp%f++*|&lC)r}5sT%BdOfGR_K`L92-IBSAq=K|y3;SuO_l#CNR$0RPGjxLQoQIQG
zEocA>ONCnI^DT9QrjO`-OtiBCYt$XNxn|mmPcz``$S3K>MKdU3O>dSE`<sS+Pt$U$
z2<LI7pDv?e4aX3aW<;T4lKIxzVmisy6+`2}FPLvdn2@X<+?O!^p2`d+eVJ}RMWb2}
z<>U2`E1ThpvxW)}j=LLCb@7NBu1y%mk2A9X5AJCeG^&M~T@z+-a53sOv%eX+)*T|%
zsqWm#M97rIbyxls^+V^#Ph$j5c_{el3J#pdm$`^OZQ<7|V?MWPb|zEq2bj)tf5d%e
z9<lB<@Qxf9=`NN{H_cfQo?X^b|MoOR&b=-sdS`Af)d}ww?Uee^CR~e(Hfu!_V>5@k
z3m{Q)H07hZMV4=T!DH5LK;X_WiCF2DQbS(xGkR_Qkd5`7`m6mV`d8C^ajCNib~dK6
zE)LEoXpKg2COsXuR@_>dq~UsmNV7_i%dXpzue1f<3>B&wf15b2D*X*UWP)Hql?pV(
ze>I6xrSg%IG+e$h%`<|HHZgdoPHB|YCKzBH;uqyf;s~5YBLW;>7MR63Cs2xm-$yj{
z=j0-E%*&K6m}=3xaSUC!45K-v8%`NB<bq<u`OU1dYv!4be5h5g)u@+n+86fNz>l41
zS~eQYqNJCsQv6=qVwKc-_sqVo9Bw%?CiN7q{!v0IXY%ymf_2>8tL&C;HoST_Y!Y!!
zSMbVS{c<`WyAg#JaE{RZ=8&Y$Ql^#aS#`IXi=uN#C2@=ZyULNd3N6FL?regI(Xkxm
z*h>AUN<X|2#mCXTtkzD3Xj-$%UjcFj)6&M@z)jy`gqliGcdz8md)2bmmwQDLkq4Xb
zT_0R2BONcQ_10NebaXuTnBSXT*NBro=5bgzdWxH@?^zCv6ac@{ADcr?@N%Ic&SSx<
za@?u%)lS4|w3~v$i{mFFD4UAV+bJ(+o8nxHIOgk+^{s_YGWkX1t@SWltX0~!w?)3u
z4<9`F6vT->T%mS;T*XlDsTG!0u~eVsh*ZM~&j?SQ)M&ws(W~+Z*H0Bv7s11nxkX8*
z1aqw^_lDKWiF2y~KblZ31OECa*yy>4uJFY276A7iWN(n)YHTpOrKwdefhvMlZ>WQ(
z>)!wR;kuK~$sK&=Y+5}Wdpe;`M@GSlc`nc3>?g7G;jI;vEWJ}h>wXm^VGhZJSPuio
z$qn1ksftE>SC-O-4P0OJ9k0q~7{7u-shZm&49FCmaS(Wo%JuOwy&AwKzaw>)K1`P~
zK>JkJaP{W=m$gO%SMvTc8Yb5tdP}qK#n&#H&`RWA`|_<Km(8EGWTo7WkcBQQ+w7~V
zhv7%_dFIOKD6Of@_9wlcu)a&odDfPE-x9gJMU8i#D@!-`;`u@k8!CyQALXm}K2`Ac
zVm);}ul3a4f^&nMz9oY@3t$cs=sRUj<i$x&QPTR{QxPv-av@HIO`Za{FsAP8>=-$5
z{+4y4Hb2KkuSKd&`je*0_^0989t9(>F&dxN4#`q+oD-y591T9DAjM6Ua5Bf1Gjd@&
z+A+y~>J{DW66Fm2i5VkX>)^BbN~<3YzdejYIbjov{d_X*j+gmsL_Qx7vatq>O*G>J
zRQqq&)0eyu>F5L2mp;LF7Lw`3@X<SZ{I*q|Ov>_3D2(%-ikGZ8|Mf}i&i2js-yVe-
zl*y}Bd?XK-4_C2R364a&-f%(D(t#pVIzbT+U%X%Ff`E_*#-we$`Hv47I|FyzDVAn%
zbrYAcI@-`%3Uxl$8wV{A0vN=JDsvp>BR*df*5!h|$ATkQxXivNoc26<##WIwfs2LU
z2UQ<6IXjx7eNrQLC@HR;-z8dBBEZ1*uJ(OZHk?y{-Z^J2X;sba5+Nb8SVCs4r5W<P
z|JTJ;M@8B6ZCJWHcS-3+a!I9G8l)DG5|9w2Ltv4Tkd8&Vq#I=EP6Y`?L~=oJmsWBS
z@a6G4&w0=L-G9u?x#pVR%=|O=nVIVvvZ#8&4#RS)z*rw7$~4~$j|dg@Nt^^=4^i<2
zm@KrP2##{fa=U*bgE>GyPGo@(8XWn!Z>3e8)5ZE^9_dT`WPG2}>dqN{oo++()3FZ7
z<@Amu=9IW%@-*-6_c?b<Uh6_``{h0Lp6);j<UleO<b$Y@h<&hYtQUpk$<xB8-zpx|
zp&<<C@}W2qIt{-twQc{BP%N^;>zm$pcis^E3*KNqEPI?b086Ye<*TVS(){>}5+WYf
zO1bI8l~Ce_S&JhaEz(@K-DDm&%nWr_Zg(T=O;F+Z^dSIstxF$6NBn$2{V6W>edYT>
z5ULl{tje4S0*c|w16Og^Mbfj88Qvn;v|)HCwNGlWfo-kyS0S3f?Dbl$=ht!Yb;n_E
zhuE7Pn$59jei%Y&b;glKB;4W_#45rNBqra<!cuxD+@XvN*K8+N&W+V;a`O*&v1d3E
z2ZjbwqP{*>Oxr-cxB2*{AtUrL>B96yeF9~5leg*WPRQ57$}~QVQR|%Wn=`$a*1kiX
zCj9uSL?=*x*{u;Ajic&-3yh=(I}^7mr}_^3Zu|G*AuMuIO7-OlJP$*<J>~c&xjx+q
zG2L^&_PHc68SB*NB!uowiS!)d6TTp&bz8-aDV=IucR2273Ka_{*&4uqq!H`!lfq-5
zw#PN0k+BL~8K2B0Vk<YH8b_GN|B7y$<>t>qzivCOGPUGlcy8sLY4+@~FReOT;GdlE
z1EMfI4VZz7Ysy|LQC?At9x2j@AP0zd?6Ld97AY2>kOov3w`+f`0!W<14fw?<kzmyp
zq9@`=iZ^dF7hh#31<TgGk%g2RES94go9v1lHzA*UR3s#g2KI7GG_I@%1Oo{y(RcT(
z_<CV{zrBso6PMm47B56`y_T62s40|hPw?qNU=2)e`A2><6&_v3?IJf?FH4?dELe9R
zAh+fj6v;=EZ`SCyyh^bMPTj;>pK3~}7W{&zM-B#J^*>{7-4bpYU85s?Jn|VhbL;ZT
zD@e<nv#}Vgq^W(1BbB-tN_p|5lu#9Ug0Se9-ObM!CGsa5UJrP7G%+{SWfA`l*xqit
z0DFR|xto4*f1O98?uC7!9@EX<y)Cu4JN>Y{FBRE#P%AQRJ(yvb6Gye}C0hGX$t6Sa
z&$$-3xsrdLKfXwTwfR-ZR7O+5=>CA80d%SIY(G&fLvJKLVH$tfB9XZP2Q7K0IIV2g
zF5SG7;Q=>e1VBzgD-n+;r~~c^y->%7Dde4Fs<Fz-Q3_gqay=);qWfkJyY@XyImKvq
zxu<zqDqUVN4O!ouK;{)F@#xX+<5AD<)LB`oN=t&uk;i%@ldo>Tz96;`reXTMLtZcG
zPzCYXLyw`|N+I)MrFZIdGGboo(t>8Y=yB;<h*v)Tdt8zDMB(OKKg(ll$LSduxiAPw
zZiaW=p8vYr{%u`2ZRt$%&tyYtD)Sw`k!Olj&l+<35`WLq!txpdhauhts2N3`4nhjh
zWtIIiw-%)VDM9RW+V;>PPCx0@GcR>QOV?^xfoXPD+*LRmc^dzKzcYbEH7lXn{XO0d
z-*iZeu(gp%`cA%{^NnT7hL{?xa>{>Jiw<YzEz;XT-WHpcx1yE8OY4~WOZKOGOw<g#
zeJ5u0c$yDS`1#n>08dq#zjly7tj*}%ZE8|G)B)Qg)`jTaPRjNdZr_TJ9@>BBgDMR&
zu7E1J_n&_jULThf5eTleHhv>?00_Q#4`-h1l-1t6&Mg_i4F2r0vUbRYb^aRu<#PRq
zT7cL1WF;0!aoYPhy1{gh{5BAXCDEMQClu2#dk#e$CvS|tKJsM^S)OY)b}=zDaDUSv
zrTE&bTdIQQBpvs($5|`V8AN}cDVEaeI-wAsDD#_Xn5=1@BAa=&9Iv`%UVnX@&c|!E
z_VEW1)^A0)sWLRo*a`2_VIO1q2uEuTqq`P@(|z;H6t0k-BOjW91r3&M+Ob!rxL<(D
zZfLKyG8xd@Pbs-pf(MbE`zi~^^2HL}^J6(+W_~Y-8oNK6hRS!nn1Gr6E>=~H6B=Jg
zz%%_ah$fe4L4uC*<!BH`=D;BP7ZDEk?bs4AInx@yZ{57KLcQQTSQkdZki^jl#rb({
zC9H7QtJl8DDm>DabMFlmr$eOAQ$o{nW=<JWsrM9%46%)YO3rfThp}ZK%<1>}+?I>x
zikNh}=r%hj=4slC0ngBUzXa+rGR>Hus?yp~@h1Rhx8<m9)42{t<0APzNTc$=xfg5Q
zS7~s3Bu71%*(rDt*0}LQ@bg%g37)CI_KrvHMvTX|z;A})k7P&}`c^4bMg!Q>xmSm-
zgYW^z$-fl`IbZhUN3B(zCIMsJR)61i<G>^Ma%svDUW^bgw&|1R&KjrMB!8Pa56r0P
z1+}AG8{)Hf+5m&r{<Q@j;AF|IDRfcaAYW}TRTC>g?-Riw?2-}k5Zj(F{-CQ2XE(~b
zKdA}{ml;bXK9V7&t1X%%J)S8blRj+ZQj2ZlNG*D9miNVkRFPHm<zR{?=xc)(?e)Zn
zA@-NbZ3Dwm^E(++&WJB5zrea{)1P$4k)>$(#qQyQl(w2y5lz+j6*t<`0WlMEHHuYT
z?HvJ4C#UgASV6$*_lP3gp$w*tZvp0(C0#v~H6NENd7SdaX~hC=8)tz-ul%>>=JxOV
z;0s~}wtPw{$ra!3Vlh)kEigOkYrPI#8uomEM-;;w6(?3+4oO}Wqvh7XZN99O`H@fV
zZd|uYrfP|7)>IMG?@ljwNiK^#mYCuQ9y;~~vkUo&!({Q|n<b;jn}L866<=++Bu2>f
zp%7l;w|LC~3JRYceIE72vaNDSpmEr3Y}xxG@>#}fi(F6ua>Q>H7<<3JdtgizvHr4J
zzM1)SL1T?oMb;V?OWHcL=eItG!icBXoOY<HlF)wBwC^Vuv8CS3jKde8HW<y&6gPnQ
z#MxkAQ4U|#A5k)jUJI0WWyF77!hOjy6gUW4*hvkYIo%-Ejiw*-*zt3c_`xEqQ^NXA
zUYe(X3&b5+;`_7V%>>!&jZDYqu{8rmN+KhIPoj1iNXN84Th}O#8yzsnc{F6xNqpB5
zQ{Ydwf*!Y(@MlSM_AdKzBm!^@He;F$;`+W6!G5b%*8yVz0~T7O1rIO#mNLFSoHRVW
z055au%2U%B03?jtQ{#;?(h@-1LAG(xyiDF2l=mlm)H&_;*ub5lK|Tc5z2*iyMA*t*
z$NRUAz2wzTujs_?l>o8VH;x{RqchOUlQ&!;g^xH3xp+lCDQJ&y`My#cNTC5)Qqzx`
zz=Q>-{s_&{Z4Rd_ic!`}WSI7<11xYwaAC~4h2_V-j}YqmwSuce+xvoZcWRmV=%EaW
z2@UyfHXAt(BH%NmMqA6;ERqRi`V8Cjdrk8!Gf@<8@W6I>obxz}sbKb=g5^kJ@o_m-
zqa>?E{Kq~Pf$&WG#r|LO`;2BoP4b0JuuK7jOr4}1FICFgsx^N%osUyUI$2YCh+?L0
zqkA!O`J?_2Vw2m5f6AY(4+@OW<gnyBe5XDq_{ZEMb<}>UhO^*qTW8HH6hNy^-6X)J
zUeauAQ=rRjP&r(!A&aG@C+p0OkQ2|CwLY7Bnv?p8=e0y(=pgn_ri8FoS8f(}*bGGd
z?7_#vkW9J|c83bJc4Kw-U)`7H(QZLvtm9otr?THQIeMC{OrH+zUahUn*^Flhb%@9H
zMrz9&BNCA+FYm8%2^5k#2rHZP=Vz^;pBPRP!zxV;d%$@u=#J`*PG9?9K{cdB#pR}A
zJsVQLwBBTSRJ(W%*x4-&H7z}BfW2Ivz{g`{E_T17G81*oupz9I)QLjV;GVUlR>;TB
z=;N+#W?9UWY$YOX9?yOLkUuK4zQGIa`;)SLr&ZcoNW3^CUQ$x9)S%tei`zo-J!OUm
z1nzpcFMX}&IN(d3f2-vH{FL;HmW!~#gCpOl;}k-TtJ<FGF;{VAAnTUi2Lo#*mzGPU
zX1u+{(j~Gh>`UFsD$_-ONUmZcPB}CUdj>T{_c14654v;}rKNtKGV(Yb9kc_TJv_>n
zi(pI$55a^}6B!WybYmh(_9^y?Oyrn64p#JD!JxJSjMJ5%(l_sS>d!an#aotHtTWW$
zWg4i-&k1F?e38e*&dEE4Fo)}PpG=IxI}^{Dip@@e>79ZPd<W2|4@2Ehq>IqH3&T<C
zw$pjj0>*4**f~+kb1-4|gUZu1ucW~#>>_AluSPJ~6TBO!q8WCmM<BLu!=~f%P2HM)
z$Q`w<3+3=+A`Yr~u?=zG<5W0R<```1-{xBcYk#+X(@s;Oh8va-^Zj6$E`c9$S>P(P
zA1$TuR6(J0R7ar$K^h}{QJ1V@Ww9%FDb(d2M2!b>3tM_;EGxuCT&Rm=3_f!+4=1WD
z_Rbs$O@_Zvg{zHzA`utFi<NqOz$p|YMm)M!8!z63sEd|Bnn2%>Rqv67(uUibS;Dz~
zcP^sBU%pj~|G2^r3qi=``Rz!Ap-sM!M5GT#gi_Z!DS>i=u2}Ce+KYC}l&@ig1u=T-
zG4i8{!mo9>^oaS`g^KD8Q;tiR1xsQ+FIgzJ8omv1`tk{Y<7LSo`0<sO!u6n#&Qbs5
z*!_>~nY^+qo-;h((XEj`#OA(DMn-p|fXy<c1>{%ZgO9}dVWOhh<!^nZjb?lulo+<b
zyw3W#t}et373m?*pD%e-El}<pVjrv5>g)#n%+7+K5JOX`=2B2yo4nRam3P9V$MtoI
z^I4I)9|SwLtN7){iF~0ESu13zq3rm#ln9nauIn<$I&s0E4-4l+ZOseI^Lc^}1Ri>`
zZ@WrY&g*p*3`kP(5CTF9tESDfs13+JVu<uLp2mtTeLG|Du|7B=4crw5Sb~yjG7z1e
zc!Fzkd5XunD1LerL{H4{o|Yzad;9p%lR251Jvc{XsbS~{Sj@l7V+I2ZDTsT2CKt(N
zz^?5vE*DDIcT1MYbz)sE%tjG5Q)AjPvD^n8q`8C*1om6ijZ04I=3GZx5IWVF>$QV<
zcgDJ>HBB3XT{q3Zl^VznKMr}cfIjaR$3CYjp1ij3G`B(o>9(UuYVet;XsE^o>x<Hk
zbWA}F2{X})?7${OF1^j@>Vt?It}`dN_QbyH#>0uhxu67iQ5od{2u+_eJB6dKvN`fQ
z$O~ruld?biBPL2vWj)SXx?1n<J+XFTLGoaURJGxFr;3@7rkH37tFPyRAyPlo_KY7u
zi$ps_7Rof<t#~fyHVC?|j#(u`I{9&Hj&zOHXf=gb+LADjt=OOz4L0lqhTkPk%dC<k
zJA9`&3>MYZIz6rTZ8#o=7roxYy0MT=GL3=7q}W^W>j+vi^Y?M-P%)x5l6aP5ID}t>
zX&pFJihmkHS-9@kKu^ze<U_oYD|yCN?$fTVK16tu6}kh>fgxAKL`gKhn|j89Z9&%0
zBJ`kBAVGe+wR(_M;H7@!QDM-~03;$OP?bP=M2+f=o3)wBL=R9V`!gZ5!rQPCYz+fL
zB#vf98j~VHoEkwzZF^#w9{T)mmn9wBHV(19Iz)K%q7;@17KMqoN1lmimqh+fY!eGg
z4w?1+YWDz{{j|GpR^xjP741E+)^k$rQ&9eqyi6OiL_lxLk?v7UuU;Mzh`XF-s<I|f
z(#0pjMO9qBfVykIDB#MeO1nJ2;{=9eCtG!u42TX+ZTG&{xx9&{N=l+}RBR^zSKIz+
zo@@tcf_F2KXoO|vtz;*E{e*w(TkbGV%W8v@9gi+*<x&DXDG~dubpcX#8G6eWOM`^T
zkUwuki*=-xc?HJ1F@bIt+#?TKs1J8mJDMJ>sr93xpwl%5_5QW2TrAKJhA_JofhlYv
znB8Hv9EedwU#Z@y3VfT5x-^>GLOsrR9y83omVIA>4^i-^6k+X4t0y@$x;uk%u06>?
z>qq_=*GP#%7&K|MS7?*~7*ctDuA1#j5y$7U87L-)yp|!uli3856>4mcwZ$|Pq_<wJ
z)JC`Y#FnDQ2e&x#bdIslZK8!f*i|{8+3jZuh_Xw3t{4x*(vE(ivt}#PW>@%qf}N|f
zlm_vm-nDn!CKxM~?3i+i+(SVYyLM}<7WFo_M^?^{$<?1YOj>tmF)9L!&}5{RK{F2F
zVa};MyuaZ0Q2-GU)|(N-ov?Y3kzqg&S8TZhHIp*A^h0SuEM{5!_&B!aT=v}4G|z$T
zVHPP4o&$I)3ZP?GL&QitIm7n|Z;ax(W5LFvLSFK9buUqDJ|DE-v;yzuBqK)|@T@+8
z9hJ2o=JHmIt>?&uj!Klm)?pgMKie0u-M+8pG*X004^ljstcW=1{{#CUi!ed~4Oqj$
zxibqRSPlS$c>k2(e7^uYe<7+9z#R5pX!{g^{tL~W0Sx{Rx_1GPC;G=_%=m%IoCNN2
z0g(PnExrH%v2Wl#7XVK7f2tX#MSXN%0kAfDD6tsttjYg=5iiFHGmwPLaK=jjDaSv|
z|GJd{Soi*=-Q^M3+Nl7zMm2y7?)opckxu7ZEe;lz6baV<i%K>Pfa{_GOz_4#?%xsh
zT>^lB!&&(9UH%uq+!f?83ji!zA14oAQIUUALmg}YEzW<v(>|zdw@Pd*EP=aDDE?<K
zn_u7t7y!%PNM4w`(CuI0uQ33=zjJtt1X{4&HM7IT!lL<~W~EC2IPwfY3rAxBl=#2C
I0q$!51DeqS#sB~S

diff --git a/spreadsheet/macrofree/waf_checklist.zh-Hant.xlsx b/spreadsheet/macrofree/waf_checklist.zh-Hant.xlsx
index 3a9977aaf4fe5b2a4c0a0be476cd5dae6cdbe151..afb4182c2d594a0e0332f2ef41b26c4087183f44 100644
GIT binary patch
delta 88025
zcmY&<V{lkqw03N^v7Iz_+Mq#WHb!IH)`{ELMw2wQZQHip*!<GG_qO-@wPw!jnZ5Sn
zvv6{D;G2>W5Wh-*L!g0xfWUyH`yxalw!yv<)ogi*T-eAN0zgZmlM$`EReawqiFdgN
zL4#1i9R=P8yt_7H$)Y<4RxE3=mZMmsmbtw*#qRhd%^KdMo)t+mwR}wg@$;vHoGbMO
zDOZ?w+mL2%FO1K@f$T|Kn^iDp``2@DcjVVz*u*qN#4zMOZ9FLRfeB%v<dj)Yj>8~d
z-+ckcSy*ElrUF{@!9V_f!NW@V;Bt8tbI?G4cutIoEBh$h+=RF-yL?Zi25X{9)t?QH
z8bb3k^m|s2#W(pinr5uo7r6AOI=}DH{!*@vD;M8;f6J>ecTka_m2bzDIJayCUm1-i
z4QqKV<hd%ph^P})2*+FrI`+aglca$fpfb$D5EjVR@eX6O+L<9QJkD(+|9@htgazw`
zLdtj*l&)2<XkP^w2-B1A3QX+^45(EGu*F^h`6BLFCm&-D>9B@KD^)W?GB1ZDWI&Nz
zsG3|}UhW*_Fs(8DO;IXv_PUpW1XPd&<rIRM#dPObGg0j5_*^`zw-Xt!?bGq<9N?)F
zz704uakW0^zD&KCQ}A4<wBBBo?s6=wv~TISAF~y@b;Ky)u-PB=bg>EJ(0DfhE3|!X
zoC;rJbDZo{o*|PQ%S@1yk;LR#6CuwTo=wk7m--B%RShGS^y8EPA&d2qpB2ys`|vl8
z#UT2s>&JMHoxj82N_G(*OEYgknipLst51<@KW&te_!^;M#}eUl1S58FnhMmAfSU#+
zWem`=*sK~;-?IV%ok0j=RlZVy+nl{<Qf34q8usHf8g_l;pa46ID82s0=Q+Do2*8jt
zQRz~p+GXgYqG`Rk+{bkvch5|p@YY>)wU|K{1{uAYap@_^haLE9X*&O-lT_Cn*}*YK
zgyRW<1gMa?alo)~SY~i959jI=qqjfa9hV1^q!OyN*NR2+z8a&q+psmDqS4NB0Jnk+
z#Vi<F5QOxDO@)}P%1~&Kvs;pLEQ&%SGqm#n?hmJLjFK?IPN6?ePodXGo=EfHh3P~<
zMGp~uV(bs54jXJDOZbSw#7|{d+_JnMJZnM6T5xO!zYwH~8Su2dIdRqH&~b{0*6W`i
zYcTija@PkB!vGE7_GjtED*VC3cT%%rZxPX%YT_(RGUkXZWUq7KX0^n*bvL{@`4qlm
z0k}Rs_P>ylArj8UZVuYfZk#>V+bDAP91s}B+P#cj0RUdu%cCxPoN8u@aCrc4NWi(x
z5=!qmB?ZxN#pQYiu<&@WGx$idKUassUV=ZUCw=|%U>D%MzWN^j^I9f+*jQRz#FO(W
zNUH*87P08D7P;Amtl@su;yL-QU53HY|NilAv-f`g8MsXTK1!JUY+_Wp?5_B5d$+!=
z+`7WrI&`vHUNm6$VE<y`S8}%6{^ee3>)Z+>K4Hr@Irv`j@~L%kZS%nH^NRZ?v(KL%
zjxVZCmmYv`Y)v@@ro&{ctUvm5gb<I(4i+*9^U|x^q+BU{$m!Efpp&o5_9Iw@SY(N8
z)=MdD`a|8FP~)jsR4j!D9^Mgzj&g|jI~K2HTR8FM7Y3ypEi2Hcs`g+@Lzro;o_lPF
z2vBOaH2*lvsG&00NX~;<WNx{gGRX+3d7{kAqvZ$0O=ubFRxW1a(`0o*W!m4<e)Lci
z+5~s4zsfN)QmPX{i?_Z{8LzOmJm!+;IjHxhHcW$?pxez`_vm#NS-{x4>(QZuH(qGZ
z;W6hVlR`CyRKs{SRf~IdoBaz5wKy=sqPXqw)uty`JIGU&W(l~1oLJk8IRjxFm6Q*%
z$`F8XoljQ(gdh=~hP5p?jSAfHcA}s=`ZnC&@=S7xKRjfokT6$;VSuXx*t21rckf24
z3)F*^7Ma`}!}HT>%Ps5k+Qak9^Ad0Cqc;6oFz|Avl5pJZ?tQmcO&TJiqGvyhBtn4<
zu%typ#HWssvxKMj*hlE6iy|(O#fURzxd5Y)Tf=<YW2_$0meK7xcS!%9LJNJ4{~7^O
zm-^zjqY~TCA+z9@#PGEr?|vgEH~NP`(tc7>Ptl}V3<zWD-Ro!ptHRu#OXH8r*006n
zI4S1HWmXZax8$0hf4Gsdzp|?vUP-V^PA;U<ezSDCrH*CWCKG=ksw7zV`aO42_4V<^
z;0-D0r4tLjec1@`_&AZEbrjYL>3wLPhk8&j*fm*SI9);Ur5EB|Q9jCX01jJ}J;kBI
zK+}bqJ+nqhbY~FmUpL+9qX6p;b!O|9vfOHn^3<>AXNEQMMlN~5+QyhUYNr`9I=X*+
zXNtPR0;p&H7K>CZXc*R<-I@EzS8p0pkD*IoyRM|Wbd^&@DRH5sYh*Wm*PP<5_ssqi
zRHQs84*JsaP)gb77vV?Hu$3xP`UOu<PnX9z9?v4HIm9$%TQTPQ^Yu@X#EWOUomlrz
zw9wU0!t@Vo&f_!X&mR~&6ZhPMSpw(kMZO{@)dCBA_C}h{T~JD-#higLcy0j|E9ow#
zYbTFwAG)BVxaO+9OMTD!AaKMtMy4q>7K2-lP|o7Jh0@5U5KHg0{xMBfwo+_J)Vy$A
zzEJsSKne>20aT6Z#wf_Y^>L}nrY(!c3b#7J!N5(bM8f<;I78hDVzxDHRQk;Qu>XCh
zM;dS;jc)LZAV!`IX}I1j_Gk)LZGNXKa*m~7!UpM9M^?Ula^OTGNU=*QJ^q_jgCm$%
zG7qeZ9T{^HX_38_8GnQe@nxOpXZm=vu0v_X0`lK&6VUWvGkD%P_~r|pIbSBwK;_dv
zy(`W6G!W{p+(9~k7zLgKMyO7`FT`f4HTDcF=EiX3MvQ|kAsvQG4gtldy?(85ItHeN
zxc71N_@MEoKj(zw?mQpE5}3BH1$gE`u`ckI+5}P`Sw6-am5_{qz9k(-a1N7qW$MEE
zTg+Lxipx`o8#}7R0S3Wnmck<>C0sL3bte-O!k~i&e3MA*zjY>wO@g#3A_jjb1JQ$9
z!t}n0i(Aa(pXW%U2tDUyK%E|EQ8mfPxkcUFMSReeN@R7>l!H^p!Z{PbBB0M1TTrxO
zM8uD(4;@Qol$8=iHC6{*zWLa-femWI9lP=qR0iQeUD_T>&4MA&en&-vN(k`-RdyJ5
z<{_f(^1?F1o&ZPBL&fJfELqTJ2KMPA!QvRb{)tPHNC%~qLZ>fO9g4A53=7V^E$C+)
zS--zhLg>&eswY0gm6<AaOso+<!7PXTH<Sy^+T-#=!jk2m1p{AWAd8&(v>xjrbkUo^
z-y%q;mC6Z`cC&Ba9{vwg`&AkroC$G#l4fD4LiBeU3{WM&p}3tkIOGi1KMuN`(w$IB
zbDUl|z*w!_$3Oo}Tk|pH*)dc36FX#4En=-o&an_DEhC?b(DLV6MZqo+&)67xH_?gg
zU0(_@?Die!?So0i906=_V)cP8|I|(-m6fm7dZXIC)aOuRjl~=q!T4oO{B7q@k&zrg
zLZc+-bPWs#X=RMbXUFuD2%;iOeYU=w_a;YP+lc?d{~T%`ZdYMHt}SW2POrsz02rZR
zeLH?$syO_yOw{)~s@&lbs{MFru=dnEW(qIi`vN;}L<yX8We@r?<w(}IjK9zpK#nNT
z=ACNxgD81n%Lb8oZy6vK#_?t)hmg(YT#3jr`ObPK*Jf_>H;`nuA<b=UOwVn+0u!(Y
z_Bdy6<h!hwzEhj*Pak7zz!mQ8J4%sM3~X7rNQ2RQjW~yY$Rn?!%Q1cP?FaE*wyhdU
zx50B?F90#r-aQ%l1ft^ag6LZNnpr?W3^m~sT<DmAA+sE_VyKDq79OQNrFSL)pWd;R
zBo!P$?3$2-cqPvM695PbV`+CGQ>h(kJZPK6&><LM5Qw%M*-z8qoW*KGFHjsK{<DkT
zd?r4@cd_qfgh$L~!B*{%sI*5Mp6S!TgA_l`raQfQFvjbbYL09#l1|7T$(aPe5g{@O
z;m3!LufxLtl;uiIK(sK6HY|vpH~(Kx@gi9R3s&9)+ZCn<4_Xwz!@NadA#vxb!?pt*
zB7(a^pe)8ZeQ3e2c$ksz2X`tW%Hy#P@nl$$|G{S5A~}2O!Qz!s19Mb2RhCSG(1?iO
z4pzgO-d3~`)tJib1gQ9HAiO18Z%9K-H+eV}W`!kbM~hi@9L3a`A50guIVHFXwG)#3
z9<vgNDO_y|>VK89(?$YLUE<D0ZE3khqTP=e1^Sw9!zjJAcQVR`Wy;X)!Wt9Uwbm!5
zH|_l6s3}@fett`PXpU|oQ8UFNDu)h3wd<$_KsY|G3nJEp6p^%?MjKo*cXv=f$m8=e
z2sm8(Ck<tN?DcXwD1)EUz4*orp5)W`6B?%;P9F1*dn<#5zGeW{l^BqudXu}<P>f%i
z38YJoJk065M4^eGINhc!LR8EkZusvEBYgh(w^SQZY-tbC@T-5b)-nO267E=qSiace
zNQ@gBGQBatBairRxgV8@3(Jcvn>{~&dVMIN!UT_{v=lX1BogvsGT<)x7z<4s4cc!V
z$cE0E+7lWies@T*R0Cg9)%;m&eI);evKq5I3QXoUA<Qd>`C*}!I1yB{3DzCyRNK(B
z{o7X%=R!t#euml=d%88CeMkY8McyDFk-8x+DDJ(2PUTm<&N0&ES#XjnD<<qlz{$k0
zz%McXpCNi-GRkikGRglj#1)I7DKNqfVWO}sCV%R}q7u!z8th6aJ*Po1oV2FnLU{om
zJW#460d7rk;Y~SOG3Vn-vha_*dZHnZgxQrk2K#`Cji~v)=S2ttSqm&)+vom9l?n!(
zd((DbAMyuV^n2>JDArAq&_b<qUobSLoG-`ryMREE?bi=k;>Z#lALH4`hLgp#n|-kQ
zcR8j1<g6phrxjZ&to17A0HNA(Wq5bd{oeROo>gO#l3*IzC@FM)kgf!A09Q!p;zzVg
zT1}w(UV=he8V>l=VJnn}cTaki0Z^2+S5=WhY3OKBxBT<7j;HP-@`vAYEXkSMCAzY!
zley;ONzCzZno;8ITXRuHNix|=#JxV6maoOdtxtdXJBr=`gikdE2Q~85!U7VOGhya@
zK_(%hlkm}>X{2yt0~iwU0QkQp7lan*C#4pgPwX7F*zVg)50@sJ_m#P4hn$W_%l<r?
zFSDPdq8YI{fYQ;FoPNc=y8ql+Mw_{0h|!YafCu$5`F6Zz=8gi55D+ej|MFF9bF*AA
zpRN@3dDG+NoV$?gE_rzJmg_0_iW+N^w}a`K6lW8tmAPj4g~gpA-1`g9gT1VNDSvw!
zczizVzLIm;6l%uzd>@8}agDHjOnBJ(a&T$ZyODNdqUdsr8p(eJcY`R`{8bOt*;~OE
znyiqY1D#NxD=WB7A^{EY@3Z_4K|iRq;C$eGeOAft(%`!5N}%0P56#&VK=S+x@CzKi
zbF)MGu1w7C`&O3W1q2SiqhKFIC|A9zJ}3-JG%w*eTm2ez&|--)X^*0?835X42>U+y
zUwqo&C1M{`CS`w(Pr)xKZuPgLTsGx!KFq6n?bIcuU%AzNY4{f~_lYgXctjHjQd=E%
z*L2WbS>G%R@P|$ypwn@!8XEg$Hsc^}k9MY$C*_*1HU%S_QS+NdtWn&?cpiH4*T3u5
zh|@&|m4Au6Ug!Hg#qE=GA6L0)bce*Ir><i5MbK;BnM}LD{F8Swc;24$ns-b_nL90>
zMNV3Q%ja(yH(JMRW~P-tvQ$U_foj1bJw41eq+bPQ-)K1vD*UU;lseE{|3<k?F_QGL
z*Zam^?@K1LJ>I4W1Vi#@({6N>IVI$-Jwl}!8e?!4hBQJiWW0Lw>fcLHELY7RVyg@j
z?n96qM%hFPav+#4Ml#j*2o%A|={ASj-j(G-vRu8s3HTp0bV{XtFsQ6|@Onw-uh&O$
zQ(Kb|HE1+`ze46*dNJCwE*nc<)A-QVt>_2!h6FJ%buzp;vaOj&S@W=t3mfD`+2__W
zVG$LSLs?(;VNcvT^x3j(P%&`+0t?n&A#@nTsX|ypTT;w*-I-<tdW?_28S>{P0Ef`>
znbj~|;WS<QbBdZ!2*{r#Nz>kkoB~2>CGIu8RP`u*q4_m1R=ATf&TcA8IMmY2PcgUe
z_9b9|4C{kR2*_V^gAn${;%`pEB7QYDtnH;iZ&^@eo@LbMg6>UTV>_+q+=(5uB0egY
z^Z6Kw;!HjOq<QJJX+Z@|gYx?MD>fvUK|@bd_m60AV&QV(24-iY9GVrAmD;O_6&(38
zFi_Ut+LHwA_)$49+hCABu56G3mRrm*gZ1%W>faf<)tf#pWFNe^F4#gAB8sPp5dccE
z_+D=T;n7<W8cqp6FXVu)O2z3*uPmK4R{@e5;LD57eurUc|D|z2lFa1Kseh67_I)1G
zRAD}nE$M13D`I~`eCN-m_h&VnxdXi=hcEgxYIiNfEjwAiHj-kx^o2P#-rIcpEcZ1s
z&@3TL%eolSrWp>O@C}Ieuu1kRGvaF*?A`h@D^r;Ih?cr_i7sb090CvrRGpbt-&;0W
z@n;$F3ID#2ssx;~#g&cI({ih#uBBMX!5i5u;7Sh8lfSKl`^Kk`3T966_V~>d*tK<9
z8g;GP44r3+ew!(s!HEq+=w8h=3*3OQp|^)-6^pHT`GX8q{wrtT=DduGHA9V3ae;bT
zZL2L+%#WxwCu$}nQchbdlK0-j50R~BW57qk4o0DdwF)=^XY>Nrz3tbE7*QvIx>&oQ
zYT#=&8>&xrrhw!%8dJ#`RjhHu!N+)?;1%u)dzelIlYj1mf|NILFr7E?r?qrjgEI#C
zImM#Q$WYUu+HA;)0MH<1*YULV?u0C_hm*nnPg)d1@=A;{ss_#jL1*5`6eJE3LkCKt
z0j6RfH!Mo4T!Iv33hd20xDEbYGKb(ia4_vW@Op{vg>ag!_j@zRQhJlL>&EBtFBdZe
zNpLwjnB0?Kk81v5h;MM`3_eGX26hurjuZHH)j$ju*m8h!_{|^92usngMo|$N-^y$9
zYl6VP^x&rj>aWy{<Nqf;crJ@(&{^wx;v~&*-O}&A*ZQ)Sce8{w$0xF8CkyvpLV|l#
zWS_cAZfx)sZR2J$mQN+i$tDrUA*o!`6-%y+W~o9YlnFX4SLFfSUpOu$9WCJXu^G$J
z{%KzvTsPm9P1odA`;$$$f!QvU81A4wU1z_qwrmLDCnfX4HbnJ|uD9@s4AN?LtqU4S
z^Zm%x>)9(>%$B0k9TFRYzET%+4n{6j7F*{(X^N29{bqZ4d`339-%A50NT^pm6-EOY
zr5*yL-gt!PX0)43mTQZqK^?vqh9w?PUw|sFIgBuD=F=Y&VAlhOhs4`#ACmej@tw9`
z;5#{<Y&(Xp*l+C>`^~%dJusGF2}Za)uusCPui-ERhUZ_`8a4|GqKqpu;_X_F`qZwK
z?D#5|cGyGwar)TyLuhFLqLhQ&$H`L7Gxx}tLt)d<ujB(WJX17V)y_}*wJ2r$ZH@5g
z_ClQ;(!Y%n*;6P<ktb8h-q#*ayBq0bc^hnNi&G`b_Rul1U{QBI`6Wpq(ZHFFf=U2f
z&^)Bp82-DY<P4Uk&xjZI=d&)t?8VCK7v6tz-GWL0aOaM*bFq)`vlK%&FF=}jVg`Xp
zz%{GEo8)4NNj{;khGJhO;LiPDOen`Yy}K+tyL+vJy3a%1TfivORl;UYJmjn3_t|k`
zxiKWLW>4xt`~$6Ac1I!isQozJN-o@V#&xMqKaN!5rty+|NDi@z%p#WPVpw20sfMjU
zNFy55jy%~uQ3LV)%D)mBjFqTqUzxONTbLex3>VglTpAA<?D@76`C)iDi!-I>@(ImM
zX0vD2^=BAM!VjgjFZ{NRaHxp?IT5a;;3Olel+h34SlIjw3y6XwM{Z~N2|)tvuZsh5
zw#)A(K;M%{0)pUwn;b#4UO#fQLVv{J)*Ekf9%|CBz<pGYMB=1h^Yvf8KaawdaDF*B
zJ1f0;>ghdX4#Y>!n9|j)-m>NTF6_{YR{Oqu>*7n3YS*gNy-`s$`No%ihZsRzbNSpu
zQ9Y<3f13Jmmmw8@c<49xV*=mlFiC*V1z6PUa!}Q%+fgj%M8!*??U$A&6c^z%W<7c*
zIrS0k*8fR^k#wzNUwO0RRT{~^thPGPKdze<SyMW9CJeD>xYH(mm4uaULNO@le>aOB
z>X?pbhzEo#U2kCe#OCdIFV9HRc4bRFQ}QC}tInrSez7yJ-7X``0LBc;Ni84kp$~h0
zvc|P#H9bD@#P600^nkzhHL$><&sZgUCb5}U7!x=wiVVE&#)y<|;Px}N^OTx$GJj>}
z?AHwAP;CC|x9EuS^-Puu_Y8)r$2l#j)K;~@hR`Tmj}Z#l%x0!?h7}<M`zFmVPD@3W
z%rpf99vZ4g?XiW88>Yw)NteA1**Zg96``fL+4z_@SZuGxC*}@03mXqMRv2;fUyqu$
zbBhNt`o=z>X_mVG^lNC!f{i>PjcMFrD6B=n!$4L*sHvAqK)>7nwb_W9%fiT;SDW1i
z=ZLyFmmZ58cTA!5PwWM9tKHPm-490i_KwQF>8|gYJ|1PbhDq<z5ci@U8v!p*Z9(n&
zry)?P{ko9EOC?&0itEmoS@RiTn#PrQBakupZB-3EBAR6rD*j6UsWuWaXWAq|DVL?H
zf&Z*PPnQq;giIGPE>EXGs9GVm9Zv~$Zx1nN`ag*Qe_B+;5`2ZPA}bsW<(3}Wz;djy
zR>4uV%$nX#O^9C0Bt3;C?10-QfU|Hc%`JZH#>Pb%8h~u(hgBBu9{?34k22WI`5kg<
z=}%->Uk`7|w3*WQ^J2_I*)`DGVz4+dHWIv<R0aD7X^CUQ)hL5b&bie@8aly~m@o1W
z1})%B1J`DRUPJVj-5?1Q==P*Ooc5PNJ~Wv17Bg3J=0kM}gSKpd3)kgDRiPgSAc4G|
zf%yk_K7)Sy+KTgy@ii;lF7;v1TI;sIV8)fu_<iibLob=Km}1tE90&{StkW0kC6Y{`
zIin%;EkxPn`&0f|Aanp-pRB~YwF5qiT&no0A?GRSz4*l0X8q{+u@@xKkH~sZC9T=n
z_33ZiHDsbHd~aj<_;A>z?YI?{Ews{n!KAX`mwW@GTvH>dSYI(%l8w7FXR*9K|F{nv
zv+=5o)<AFQg_W=J_ob8Xbm!-+GHinj#yq)1MS}V40Z4v)Uv2Fw_^k1^42it{#AOFQ
zM#LrvpZ+QcpS~CnFp~=EX<Y^6CK1U{|2o%c(hJ&el~`>KzoPHmc&));wEwj!K%n_f
z)ySHT`V9E2abZi_0>vKLn=jVuw|1T$cr6}j%qy>{t7B0d2&fGXB5ej)1;77@1UQNb
zhHm!PcA*Sn=z_QjqH;h%^p9e>6Tv`KeCwgz{)_=$zZ^^Dpn>QoxVi61S<b+8P0#H~
zUZ?iME`ZvY6BL2kC}t<Rd9IOxcn$IVPs0`r<Q+(x8PiS0f8Cnqca$6Ek8;J5Sz!)B
zJHtcI&*e{MFBNAxfcsLb`<Jkn8a5CL;xqe}e)mzfgL^yz|0+MbY%fM=7r-DMDTNr1
zw@JX+w~5!PfxU@;WmR9?-zngRW6FoE=n!R_j=xCv-87vQ>gMtoLP355#r#D(ateY~
z#LfTCPS&M-Pe&pqT8@DhtB2v|{j=Q%qxZ`c2^=TDL+&PWD@V<<)&AUw-Lg1GSjzxX
zjmM+TMepeF&LJ7)$>BSr4RfuJkd2h@=0H4Na#QJ&RsDD2qw~Tgeh+S`&3L8tujY$2
zA7P}I75QR`s*h{`)EQDm+TVkk4}io({CQ3I%DcTU?Uz^H8~Eea^~Hsp0u1KZ1zEH5
zWs8AE!w?hmxU)=wR7;`N4Ow|`L5@CVzkfNw5<}1_;IpHJJ*K?}L-_HK_WWK;f+<!l
zF5|wxgOZ*R=0yX}vz?`#_1#_GlRL#&uK0>(C~i3BN&Cb8&v|=eZW^z+E27x4wa=;G
zer!~JWp7O|6h63DMnDAu0D+G`N}|=oS-}`}!KXLd(*%5b5H8f1)TT}NKtA}D{T)Af
zwSn{XS+|uy`uRAnZ+k^x)562Jq<vE`Ua*>x6$-~aQV?(K8NH&q=1Fx=qtE+|{0_P*
zDvW^&PefI;mh58=_Ju3{ejAjF2l=cUMcM4yRr?zP0RDW6{(wGL@44l$$`oDxOMDzI
zF(OCQWSLk%H1ty;G)1(y6R$OM8NVjs|8&$LYhb{*zQ8oHm%-oKZ+oX=)8fuSO7-uC
z24QIU@g!>5HChEET0msQR)LzyEL4OBES0<@+%I}CI&mKNh8sO5Byc~p<P-KS-mFRj
zi2R<?_}Curmwi7WEsZ%p-martgKR;()<hpcY{4ky;h>pQ+Db~GF4A46bQDA1H}N%;
zV4Eg>)sWXSOmoA5=94Be|2zFc>H~phW-T$Z(e^j>oae7N`{@Ms-DdYdIYDB@!*%60
zZ~1Zk+2Apb$uv8Al@OLYxfH0eYPrAfJIOZ`Vi}mcFO$^bbmf26=<h~1ZzyeV^?j?(
zWD(9!DCDVwSRT2e<#lMO-`6bA&a28#=k4PJ-i}QhG8_3CN26iAN-2o{`G4mQLgjFo
zbw7Zc=k2rn=kea(JB2^*uS*G!e`-yjrsS%iAJu4WD02b<7gJmuyFFqJs=kUf4HVUj
z7O@Js(`WfUyGPW=(oe#H7D&HDljbg@`tgIDj+$1C*57TCsLQBe%CNbIOMog5lK!Tb
zojL=_9MG0GVxo^?d??xCgp1HeWY*Xkz!S41o|FR5jesDV6v`3&%$IlMI)q|T#%Er1
zzS!3w+<*!UfrO|QO}90GkWIG#Z4wd(B1L5VkaWV1D*9@7!rVF`8dchW$#BuEKi5>A
zLDp+$?m?rg1p6uaC}i}rU;^X9<kzUHVfXL;P$PJxZD%gooYyrtF8sN%eV5Zn+S2qN
zL4RSsOTs<&9I>wu(H=r3knmZcgI}fR+ydaO2sQ6>zdvs~W39W|%(Gv&INF>wv%XYm
zuk$#d_oWOitY!F1I@P@cwEWJW&AYaeW{#>*<h?5)i#Uq|8u{ahK)EN%Ix5hkAHWI(
z6-!h(N*|{$7&aeT&T8qXER8YJrKJtuxq{SQFkB{HE#h<y_W6I(Toq_afs$Tl69t+=
zBm)uEggNtF10^>odp#-9rv0XV%nDprD0%cIv1<BuNzDE4^nJ%U6nul6o<vjAZ?>K|
z`1GEnHOe{FiL^xNqh;m7XP`v-e(J@Fpx95xjegTl`Po0*$wKnLXs|+Wr)@$&x=D<z
z+<(hvsS;bSJ@snfLd8MN9r#cqckw8<;`ySnVzEa<Y0lER*L`SM{P=XT>gnL;u$?2i
zs3r>|!N+A7v>C74c)?SHU2)1SKPE%|dsAe8x;iMTY^^vkV^{pvSfKGzRm$jhOU2dv
zL$cqx&-WympJ&vUv-LDAAA2~)wVv8wKVIiR;EhTRo@6P?7)ZDYRspQ=uT%OgNDJB3
zo7gGD*#e2U?sM?mHLSm-7)%)WJq>+kt0q*h*{LSOISpd33kSD<D%V7Q_&A>7Fe9<b
zmFF_@)0f%Ypm|UEjZt?yt53&F%kOHeYbd+!t7-~pQI$=dwxo|Nvnj`V3SK5iZcpIw
zc%y696;&z#EW`edWR;3nqMJY-%tAY#v8@(WgKH)kjY>(aP#8q==~R=o2%9r0r(Z9D
z{Qs1r??ELnFw6BBIs@7E$}#U^djgwqMN;Ni2?@g0VyQ?^#o}FDG-R*`e9)&7x2Uz^
z-eFy2job8IoGq|$dWJtN_iol#?>YnCyOG-dNE5yMN_-FrD#2DHGrF%tN0)8{#jIY;
zDiP1@foUFB1w~h3Y`Sk~X4-3!AQ<V-(f`8=3}`t9Ci+wp0;*D8mP?|RiC`a##P9@Z
z9|#`v?b4&GU>{)9w7DCP$|N*v0X>Y55B!t}#v<Kz^kD@CqOK~R0wL_lf8hfzOEt;0
ztsm*yckKOBs=OF!=(EJ5x2OjvvCAG>u&{C!zrn2?W1tJAU*l&@w3wAGU!Qv&8i<8a
z?JGy`xE<-WSyt}|MJF`6T9&NO36|-{Lh5f=vWC>tpee>Wqc^Yw?2p`1yb-J%u1$pH
zM5H=kvpMR=<&wS*4_iX;B8JU$SrXgMxI&vLVh)$@-*}*7$>-D~B&5jDxy0RA2V%!?
zMiW{OncBQ;N(WYWbzUCD71<@mD07jlR>Iy;s>5uWuHj8C@hgP4wocGe5!Xf&^N9e)
zs72qL0y#xq-AAfu&uz4QnvTr834nve?IbgIfB!}hqRVUo{DzH(6^p;Ij*#ow_#^EH
zNK7dfucg2;N3gz~`3nU}65vGV>hi)44H&BhKxYRZ#XA+!g7A#gK@8QA<>M<`Un0q#
zUwFjSGw`2mBGAV$4F@)p6V9;=2lNs?gtJJxEXenm08+Ar5JE#kQhAmTB3bY0c6?o!
zIp@PxkW&P;5<Va&{kQwEhs(HaBMZ4SI98hu?M~qF=lv~^kIwP31~sQ1ib)3EN1ui}
zKyo=@rzf3LjItTTr)0xpj?DKP#TBU`wVA9xQBtPMseQ8jZk>W6A{00|bn!Ybh80w7
z11e3n(2b&MzdoE%PkAE9Kb%Ru5hlssz1XI_xoTILhq59+1d9$CC$jP*jA4(59!t#H
zC)yz8AO5w3y=c;}H#2Qp<3VTP96T8=Xb{yQV?9Zk%TDxvkKWXg@yACnQA+%heNG0s
zFQ-{tuWV+m?%Jj95@ZLE>`DrB-^XsnEZoYtj96_m6RbBJ-21f2E3a)C+tgZ>g_Tdt
zd^lM`h?nlg?XSLw3EehCk^xB!Vx&R$$#fdY?GA?CzXmZ^bLW`G#jhUYPD$kM)AhEX
zu_JdltJ8w=P!~j(rOuGI=&)!Q@>s7~!mVpk>xe}Unh@_>qm}_u@n5^;1>o7#pITwq
z-Kx^q{f5ErZubfkc(5yMMzTllygsp96p@Ium*GLKlD&~mTeOtuUkG}=Kh-k4BQcor
zU9%L;4AaymB2)WVq2&x!!odF4C#)9`wrEW)c;p=V^Fwx(c;qKNDGBCWt&muUnB$+z
z!vNR?KHcUydB(|*Tiag+mqiZM#)kFF8!&^}e4F_(@|(A!?~TTfRqDkRG1Ls3Eb8Q&
z?Z_xFZ7evHa~hH_7HT1ROrIVNf_Fm{q8WTOeD}ckK0kIH(VJfwKvi(`Ne!^5b0L@C
z<+?%XDv$3EX(W6(lH$bYwT9ExNga7@D+42ui_6tT!dVA_-g9x80ej`rBEC{7?4;|A
zh~;I{(Eq})E_f=ErdDn=ZUus_)yzIx9V){uBGul98n8Y^i9K$$X5;4=P6mj_s5$C1
zD5))4{*B73E`>!ixR(p(mbql>Wxt#tqAqj{E+w!;zh|wdyWdW$DNR7Y!*$$JvqWxM
zoyw_dyvz-LftUMXaX7^s;q&G5@L3?C#*dnoWs&@^*ECWDEM~4K<PYU}eOJ!aCr8R!
zFL!ycvyN#Wmaw@D)?$Ajt}O_pcHVrm=OKd93^*w(fnLozJOj@?#h<wvdQCcb{Tt#A
zJUD7Oh%L$74H*{SVJrbClO2n3JFg^=L)X8pj-*X4SbH9Q4-Fa1J`(rVzEZN5__}rb
zcoBysCd^ApQM*t=$K68_{lvEOr^Oq2MYLqm1t_wvxUWh>)CzToeSy$6XjlvVdUlxA
za*_fT&jLdvp7aQzTs*^uzQ0!Cos4F=Wj7yN8uAKQfw&O~X<?1cCn0Gu)*egTHvHy#
zLuLvNN1nsSNaBnP&WR<7+>VS`sibO&0So5OC%o8ru%<NEc;TnaA~uj#63<j&MVTdu
zjm+Rew$TkeuM-2I*NMT#Qp}vPvC5=V)fZA#N3ww$y$6@ThB)|2(R^}(C`5~=whvz+
z{uCL&+j<RHH=o9r8Rgln09x?w<Y_iY%Pz4}t0H~f>k4$vt8ZR0c$2xqs21v*i{;w(
zIKP<*p4sE$d$o8hpt96qC_pVI+hvK4`xI)f(`3HHV^{Mi2KRtJm~zslm3=sXaz;wF
zls%77jNyh*I*&;HkA$f2<^!IOkHFORX!48EMeR@53p$2Y_XCdBhvl8%a82K<MI&4U
ztEHa~i=RC`on4+g+;d(YBwofW7J9>feqNeIW=LMO@N{^2JiY7uuI1tC`Z&egymT|#
z`sDm#{qnjBK=_&aB^$t@k$-Z149IvsU9vL0IJ0XtrFXk1WEgV${^IL?mJEbG;XZB5
zwz99TU}x0<##-z*%U05#$&SZ=R&ZqYX6@IH<@K2Ig~0nL^m0vIQ|Or3GjOGu6CXfJ
zlQ0&21N)z~NC+f*34M=cIm<p~h!)jag|!~;K+b*GRu^ZN0*=K}`S~65MJw@DLop2;
z%Zp=4^I2n5F2xrfWny6KxC{Qm0+xqoBWN(?Tw3`?m-8rTYmYvfH<q3^x<9v_o#BKN
zyr%F+77T3^2}j@?DH9FS7nFOV^4rk6@y<9vcnoo15bZ@d&Tp%;s5hU8fdUK8`fJTW
zYm_Krkyk=;^~8f~yM~bpmVOpbso+T1UEGmHfNd`7MS<4mNoK3cVo_-ecYJ^s@#EbC
zV{y#nV?khoN!)}q^lR(b7Gg^La9)_SR)i`>PWcdYj_Q)!yG~;q_iKTAV3vJ8Yc26U
zS3bjpyzkFS3Z&yalLhn?=B~>x33&*X---LC{OM%gMXvjt2{8I8ZNsl5>>8!yAv#`-
z07dQ&_w{FhW{9Jwz9W67#uqvvC0Pkn6*?iJ=1Jbp9IMw7OqE40Pxe?Jk0ad_PegLs
zw1_k-!qS)$hkh|big5nD3f#ZFUB4o4w4fpe{{ckRfFcfw47jBPBkq&ch30Y?2UZ^8
zV527)H2fbHrk>g~BgVvGzChX@*SvlI`=&=v^)NHmYMVj<(1r);)1tizF1zCm3_K1e
z)AJgS`j`4ucaN8;+8yF2+X4-XVXg1qs>iR_yFlBJZq3(0ZY<<=23<yJU{Wy!z4o*L
z>aR}Y<c)YKx;lgr{N81feSPd@==mvf!)GOrA5f-S>>0~{@>;Y(T>-5eo+67f^4B^K
zx|zYNJf^u8Lb4=6Z12B+HALS2xO>bk*Fbko&0{3ZGgxWYO((}z5u^~>CdXzQ{YJnf
zrbUGd*aya~!_8O=D8}-V`5F|#LT|*_b|M`zrDRCU6cGQ$aAO?UEK_}td^O9y3X?6v
ze6^KOz*c(Nz!*s`Gv|@x=pbIRjM7-CBqSHS0N$`13`3xwWzbw%Lj3ZPf=W4T-h^=n
z7jC?itKg!GO?%F}QKEm7*;e+h0jpLfzqxGJMDyJSCH9Rm!qEab;*Cl-;$zFFmDPFv
z<*BXl_m(oZ$qD`8Nb^QVj+LAJ+WpdL;VdPQKoQm$Tg+9mi2Q@G`4cu*xTlNwq0B`<
z-V%je6om(8MJSGzb7r~Lp_qvCO*h1o-!5jJB|C3rk3F*7ZM4W>C)4b3OG@(@wvWc+
z-cX^ovWvhRNB`1SO6ppxB?W|!1<UwW2K;y5f0k@sK(kaItPP9~m({W!6BqWO!qSS6
z0UZ5r6nl7Gd>8TRJ90SS_9Fi@<+OU;+GH{8HToK4Gzorcr5zJ`B8(EqwceZEZf%@p
zzufL`$7^NtD*3Kj(62eCopopLzDva2@lP;D;~}02Mq<M!7IjQ@p-eWN;?BN6Qptk-
ziwR<!AV{PtT0~hm^i_csn@UlZ6R12s@#5YVH}^V@)f%xO7k`{lc_Yv;BgILqIO0ya
z#kK9^sBd_qlr}uVIx_yf6?=}OOgX-dle!G1Hy6RAm`SkT8iMWRsJY-nSb5c~<uMM)
zMR3Ch-gUvz#i!lkPkzX^iDrxw{CP)LE47EFtVz1VT)&UI``!wOK&cP2%RId|bm^+<
zZT#4lXg1*fv}#^*Te1bo%TidJsYqU?6uXr5M%vUAqs9wdd8l!+zZf4edmnhCPK8wu
zD}D<d$YAyCR8#y1jvtY#3iLgSO<yD8V~c8`+L~~P4Q3CS{pX4VWUm3~@d=ZtY4`$p
zAOkU8u3yWPcDePkQN{yft7)@D3&2+4><Hg1U{H!>GN)_NvgW7_biu@L)DRvvqiaEk
zBW7A(nifbb0iVlKr*h2Y9p?N!m{`z9kJ(%#uAsTBAJ0>Awih_2sj9+psMffbkLNup
z?ld_Y8L-WE9~`L&kqUufAC>$@fOjfmV$43$3=4w4j$q154Du)x!~0YY-Dw@daEY1&
zAXERf@lWw!IQ#E?MwTKBPTechSx$O%xvX-&pFR9G@}>!mOSGcLb`E58BsJlLOxOeQ
z%pJSN9cdp$#TdY2bVNPwY8Szh7wN`|@ANHbd~ZUq5H(fvy#Tm7I>LJDVBmIhTgn!$
z?VeoEmAFi0t{batIZRx{m6_W~{NO~Ey=<8!<kI@lMniY_X3h^}QFR^9b@x{xNVD>I
z(1=FjuNx^f*;i24tW&(V6qBdDeVJ~Ih926S#x;ci)e(-qXR;WYl*#JasV4hRLzhTZ
znfic7vGJ>lE?ZP-lAK7FCoKdlXwJ`udvhFz%2_8~_8ku;#&}Lt)qALG%MrFaY>@Ec
z$+srh@||$!_AfRra(9{Z+U>$AEMvs7mOVp$YoU2xqCX%IRc&iEgBgDlqWI)wfMmhZ
zPxcBpjC~EF?BoR~_Ol|4W1xs<oY2^sGJ!o6@t@3}sC_5Kpa#kQRuoBJa1r&R>^&0o
zUlEvb<0}HI+Fk}3O(t!33<F#^^)4Zqt9cf`J*GKAoT+@2rg~wvk^b$!6f`F|9Nk1?
z;C3ttDexsf8-MmE|Hw$*Y)6DuW-@LQa3W3s5NPgE`+Rwuy23Je0&5UW&hlWIJ2~4<
zuCl~9fxAC+ESV`e74kNlW3u!}Pq<+j&@k}+?Nzl)5Pi%#gh#Ub64yRB?9<tVyT-l|
z$+;F5-SQi_lX$x89Na;}VB+5DaN~?Rjq$5HQg1@Cr_nUkZbx@Op^w;-+=D*ULL+MU
z;LNVZnGIBS+_5*g9PtEN(>IDPLfuS-JKBtv=Cj+^E{&>l!_#*P&STD;UcO&#=4eDm
zZ2n?de;gj}gYFVh33ZaxZ}a47)G)o2BFj1L*WVPKTkv%jFZ}K|LbYV=NgTDGUvT34
zN}oA@nW451n-%%6GpQ5F_PJ;?sd5N1QrP4<@mxSgWPNx-z2p>Q0jhGfX)p9N2>upT
zQP&$de8YxGNnqp@8d`ygxE1E64XS~vYXKBww8~<E#k~A9CWCr%rB4JL3qg(#6BqpD
zFf4bW@h76v)8d=^d{nfQTJgyhXJMOF@o*TQZF^sOPd@$Dk-+h49G#T9)*L=}8wH3<
zmvr76wrr(Bx&SgulRr|EVGzcBsnYzg40cB(205gQUY;qiOP7b8qElWz4_NqYTv~aS
zc4Df+T3!nw_s{*Vv2mxuIqZGZl&tFXbXE1EiBP-~uc(~mX?X}k1@{QnYL+dnz+Ls}
z&O;qFY@$r8@W0dM<S;8HS<5c-iU(H6-e?DyW)kXYQeJj}EChBJ(T{3}V0*2bypHBQ
zbleB)?Apu^v}=%myYflZV4w^dT5ZX%GMQ;mZTq&-lLua{n1(S3W_n|6#F=@S67!O#
zO6nv!vcqyQu$-JQ_8X`0fz?5mtP62g59^bINqIU({|?Lyz)Dusn>lAvNqLZpF1}E4
zUazvWCFU{2pAPCcit!=SGQMwr<#in6lln`ss{##Ua3Wa^UQR_uLWhTLc+Vt}td2zt
z#Plp7trlMd?gp<sX;00mIgxi#fC}!=<gYsgdC`wePF!78y+S~*V?!Q`6+{^M2_u`{
zG9c;Nhm?35f`K*0YlZHTWVevZ;zooqPu)=*l+*Tj057U1P)=cw_jiY3<7$^QM6mbX
zE<8`ZOl+<zGHkc4dOchLhc<oNF@HVYF<urrmET1~O;AmA$AYwL^c#UQ<1!Im{A6E2
zT)={z>_S^|{oVv>D!H{H=K#%MpB?Z+n{oW-UHoe4zq1a_xL&=Be_?oG1dQWx$KHi}
zwEJ9=Gqm>bbJ8+t=mAmhCci|vU9V>1VO70J)sm*Za~mDi)hIo>Jm%32{>D|)w{LRY
zLQ%~-ocUNpah3JjnO&-%y6e7MR)-^ePbP*pAi50sB`{@^8ruzk-y}(E2~BH=(5|Uu
ztqhsm@a#37d1U;ybJiHEi^!n?d0PK762MV{krUm#87<pi?2iFkSLYDO!Lh@1BWsW*
zQnCqAkQ!dC!V#RE!dKjH7(>Ho_&1LBwkERwbqK#~`z6l%bXcHv3Fc&VzT>It9lXLq
zNRJ;d#A8{&iH>=dsrl9L=$z@h#%KG@W5V))kuNbP^pK7_8zmz7f!pq(58Do@owvbk
z4)H4~2Jj5CF{U-)iJoM+p2n!($rjQQ7VfBLNyZ&z&+vzid>$WGTc1qrYEej}o3Tj@
zZOdeE@9%b<axLzLZ&sULbfQ1<R%_ipDBSe`5MG4AC447aRk-U;Dz;oy9ar7kierpN
zmm?`*N#zz320O5K+W`uG1ZD@?yqvI<%^Tl69^>}amK63zU4}b4EC?EP4=Ux*)}!=R
z0CO9H-{JMSn+`jiRpGr``}xNh^F$g#?4mmJM9pGv#NWV|l@zy#OL|eMCa*UY5G*P&
zQ%GKdP25f|!Bw<b$iFm)8HD<0xrUv5?4q;rh&uta$%s~Qh&#eCMqh|N=30z@pvo_H
zW~1S(o<CW!dMVvEHoCYj<W2plMZ`4I81+rL>|0roKEm5FMgRpZ_OCMi5JNIO*RKs`
z2EJ4lu3e&`vQk@sm;Nue&}0H+G#DurW~jdy4K2xAKcs{Kdk|3-BZ)(z=iD-cvhf%N
za`MAu9sI$a&0y3GG%EXL%Yp~6)H_%RFMcf8rJjTth|@})^+i^~|CG!BEF+|F>;Sji
zIZRHHG9l+?Q|!KcxX-53UQ=>EMzAr4v|tY?0GPVUi`(>YCF&b58J?KDha!_a=!Ma)
zA@ResGAR*bpXyt;evmOnq8etJy!>d3s#4N8pWd9jxcSL@Iod1fwBqNq(0)zss&Nu?
zp=dDq;p?*ycQjZr$#GI6WAA)&mxkvW+DOMn$)62v3*N66wy0C~l0?FbP}2^DUzd~O
zff6g6&_nxe2)N+Je-)!OJBrizRky}#xUjx9v{7CO6;i}RhD+n$Dl8F_;vGI%f@4Z7
zk&_aXQS2!TmfG0M99PQWttP4A+<_1nm)@+mrv@UijVSA(^8IL3cJ3cQQ$?Q~4ejMA
zRN{uJ6BOyCxW}6e3zwGSfZK}6g2w##yJ~$3!EI*uW#USG2fUzpHCtCvJ|X@B+NYt}
zumn>mY5XB<<;p`ET;7#02_>zko^%c#s8S&kL8GC)!|18(>Lc%aFk=D}S*(0ePKm3U
zl2_oloNk}MSCwZmMF*PL?9Bu4mzKLVZ2CK<o<)Q27PsNy8)`oi0dyme2~i;~pzZt5
zUHj253;CvHTr{V{bj@y+!^xLL9ujUM4MCPR#~to7En>BM(9**TWtKLU;^v!94W@@_
z={1UQOp@esx)FKB3poU?-ie|d73pP`sDF#DyP{#RWs+}NwF$Tt#xpH_rCUX*PT(ok
zdfL4d==Z=xDaFbX9r9W_vM`H)D}}gpuic4JBQE3(M{8rd5-QZ&I`zQq6*%R_Z1TG^
zE)Kd@c?bN>idkc_Dv}%=|CmH_6q7@xO9$R_)#$T9Z5^V2i&~FR9egz{jEt{!#^VYt
z!cgPc{h6DraAKIA=+DcNt<RWUX8<)d^?zG(y=6f`?bOt9va&8CcXK+}q%$VW^eMQ0
ziz8(5JcRp6`yT@o75;%?8@#-{xqIq@S1@ejUKvDv(&Ga}fAS+(HaH$#Bg2$GaypdD
zGPTx0@okp_NNBGj7q>0_#l*TNgsPtkn?6I+-R%Z<Hj4olGjsP-$-LatKRw|ZIb__z
z$M<(_gt#5V>#JL;pN8_?uUb89XgPQY3{QAD2#>#gv$_uk2*10#+%J8nQ^mUrNdR$j
zvLPXxTOK(5ob!MS)!SD8uJg1Yf6XC4S;`#!3dMK&%MryJp(RCi4b?2P$+)-`s&8R*
zIW`>v29<77Xr_!Sd-U)p^LBWIv7$@%_2qF9L}eJu)?oi?(bxwTLdM*qUEZ?qeOy>}
zU4Io#WSX%h#^=~Nmd-CXIM0&ou$R|Hla{;o2hr`^(36oy2w#UHx@VWKll|nub2_-r
zr0nr8Vwl_lcVG8igpl91uOSHmmGMq(A>=_S*9GCLP*WO(S)UM2g0P;Xygu3+)9LCR
zXj+f4j@J|av`PjYL{QU`Ny)Kg5b0i7k=vE3O7^n;kU!Sl>Pc9(_q_I8P4$aowem_N
zo!!|7&3d8N+ZSEVw~3}M$gaI1ND1=K?|ZXQG)0O!WlDg*K^3(}cXAFT`ow0)U_gnm
znt0%lZMXv#e7>`qXRmfK+`pU4pw!T7T9n9NZ*F(3G|X;GHG$k#p;TXNfDC$&7P;Q*
zjE+cU+>R;!jt+8+5w&E%yHXeCG2cG#(mJt@9Eh+IyA<#9J5@0Y<-ZkbDD7$h!gu-|
z?XNhZFT+BEkOf>hD0;E|oo-?gSw#lotZcH1IIo8w{<46I0AUJS)1pT5$^xTxr76h?
zQZa;sMRhgOBKQhjK}f97)^d4gjYZ|x@~>T1J-^_7sQjRLD%lFd5Imv|vHZ`{%Nc(q
zw})89>DW720NoDLNTR1DB9e*O6{;B3c@~`XY^a$g-hsG=_WuS@LgsCIhKDQ-c3(6x
z$~jmXC6*F7Ofz;o930m2vl-6d7E=7?=OI_Wp%@mHRlY5uTO_m}nL|}pss^NLyzdWi
z-O}gqg=JZ`iT<FBP+et!b6C@kSeD=q%+LSxDIJWm*YlhW|E-^d!k5{rY=7#*^iy2<
zY0rrMk%<zH0V6TtKCGYw!9>9W;Xyh-%pWg*0F1thfo}ic^TGw<sA(GKOn3Y5oh23n
zv0cnh$Oqr3+RV}67~jkd(J%q*NGe}@<g3>qhLcYL9HKY?)0LF-rP>n9)Oz(o`aqn`
zBp=fEL)$-|+VQ@6sRqa@y&G~FIDu?WxuL`#axq*|*br1z+?2)P9W{}vTNH~P;$+&f
zRdc&W3uBc<_fL~1GosZ_zdp%FBH^8Z`Ha5q(6=VT?0sc#4R$b~`e~uFoWQHzB{wk%
zV6?0q#jebTW~@}#FqBEipK#9M3TvZnC0{#uR4O6!)-#t(nJsu%BaP_Lyp`Fxxc4xE
zUnr2$<wVY4#J^JkXZP+c!~5V5rCjEq&21+{yQARUz$Ge&5zipM%a4<&)cne$m^slb
zipi(VX!q`~M}L|-^ZL{eu&_3Pl?@`=pw6M+Mng0<y@&S<DCI3sFXx+m3@;m)HgU*4
z@0uDyc_2c%Q;S}pfqMOcU|by*_fb;R={g6_Eoqp+6r&4r7T$>39esi9P0k3Kyw)Vn
z%^y&k>?Y5-dZFleCefJ(-J|oT>O?|a$bLAXXEd-x3{O1R-~l;O|Ija_6<_ie_OXW8
z>CV0zCWO_i+D|be$T~G@8~w>l6ucUAg{H=T?SvKwPsG}zbS(9PwT?opQ>Tdhx8mx@
zxEtA-B9gYwJ%e>)v7A6;o*-x*gTL1h2P5%8g~6@o(4IvG$&TP3xbk5H*0|3RVhhM%
z;6GY#^C!G&*Uv><g#soQfj1tC<+TS_a%<OxkmrMap&lWiU*SYP>p&r@oYC;#{w|S!
zzGX@qf6{s=VuP6i2P=%8#e}*nTi$UalI)B_CPt6=L=zLzMbAHE;lsKXdWNvQ*Qm8Z
z_^eR#0;J*|RA|#}1mibLK>zkPFaIUat`WO%MJu{5GRY4m-vIa6SNh?OdW!x(-!*5f
z4(^<yPs?zW&F=X;gLhR>AgQ*1n$_r?>7Ar<XwzLNoa2j_<M<DNLw@7?y@5S2M&4dS
zkxj#)!ahe&X20#!=!?@4sBsCr%2A=X3D`AkP|Q<%`=yBeR=WV>d%ha?m+1pnwb@iv
z*d#24A6Lb~YB1hp-BoOdww1b86YbFQ)&J*N4C$t42s*n_Yu}<XV{vJ5-N_;7(x_={
zsEH1749*7*R9#}tt37`QjNH0N6c9Yb=lWt&sG+NC0qqD4aN}@qHVnliS+&799%S@G
zsctr8I)rpNj2U`CV#*$jl;8LZWGP$RzJ@B&`{Ms|?MEWDGiH*>+}wxngdA499<HAo
z8`Pt9UpYAafZv0uHNPxJz8(IBtoCp$X#QT?2DQ-HLv=oyoFq}hXkfrGgaq&zk_m}X
z6uZ^SNGDZRahwFKxJRa-BF&D(W2koH$*m=lA%_~d@nzZ!se|{osOc#N%!B_QQ{Nb!
z*Y~vD#%vm+v2EK%V>h<#oF<KJqp@u}X>6;plg3Wow7=)yzTfV3ud~*fJ$q*Mbq3c4
zldRMh6I;haUk?f1gy=l};M`|*E2ZNEYVMJ6&kI_4({y*;aa1mW;zXk3=T+7kl1o_L
z(&TJKkj~S%uE**~iR*mYZrQ%net!rYg}<hZE?2nNyx6`nTDPsxJg)aL``+2wIR~3j
z2U56#BdUJgDf#^CPs1inLJtb}2gP5m0ls9Mvx*8-%n68s(uW^rOU*x)Lrhi*zzG)|
zfMMtV{I~sjZv0(aMkoz})H<=AiJz!LclySp5swgk$>$6E2wZ?Pb2s8&v(NTkz#dO?
zOl%Nj*ASX&m_?)<P7|T6Y)SBXtB1R%>!RoL-Cf+io<Vz8oohwu3>WmBnUW7?Ab3N|
zJ7pC;?Ei+|e*c4QjC}#OWox<=plr~=m*3BWHkp-=gP{=L?H8+&1WgrANx${+ZxDh4
zltKCl#_4Bih2mM70-L(33u9b%9mnV^df_JRwbT}(<a~v&JM99t>`WP|s~beN)ZJ=>
zQ@7p2lj3^w(c7a1z(g~)YQ?4UC98zTLl8;xyauTnhJ49$QbUkL>kMBV7@L@Xb(N0z
zvSq)!Q_(Z|Ptc#=7L(WFK-%HB00#`))ldyW8LF^_2{v&T3?kYk*_ih(rE(42JM>)0
z|0KNwaVDjs^3#Cww76h)_-5o&@m;o5^G@_&!jr)7TkFt9@>!mvzKtm8$S-o7O!}<K
z&U4>8E&tC@fBMb0kV#S86)Aa{{JQl_Np_q91B{PniYR>nEKx|M$TaiC>Ut!8eGp`r
zzriVGpa2TWpHN7;g`C&nn>I>jQ<wd@`cG-<Mbvn!mce9O|0r!5ty>Rocc<whXx>y(
zsQ#1lk2&QmoCLu}GW1!?k_R^H9jn+iP+Uj5A<Yh(n}Zh|g_}zhVI}I&1`Wa?tD3)9
zJb_OIi{{7HgN0Wo7C$X@y(>&i6)!NVO^H<W`2Xlivi2PGt!*e3$&~3g^u7qG^HUK|
zx<z3qC7){D6}O`hU#-uM;SOd6G3Ngl$+KiSzoHm{W5G@u%g`EHS5hx+r*n`Vyll2V
z{JLvee#-JbcvX3=hV}(IXE$&Y8HuZUzxT3ASK{DIbwM%V!?sdG^(!Yu{Wo5Op+}ng
zH93l~$FJ9`M`-{x+iN{S0|Ys6Ry>SYX4Z)Zr<j%J8a4^~UxfiB>^-tVoU%GKTt5p(
z^qW<6CAsvUeQacPEI^x{gyG~JKG&9h4q0m50QA%!t02CnDoT)}Y8d{i`fy>Hl$q(F
zM{CsO_4QMBh;n1xe?f6Xk2ddXQygJW-b{?1C8^3xP?nIvrhl!vFOk(+VivBNoKuPv
zg)S}0U#upd1gRw{ud-E6KQeEqxC=2H;PyV0Vdz&5d?mY<K(xF_rSnD+pt!+pfxlt1
zdxnRn!}=Z~39cN*Wj)(Dx&V!!YWl_V)3SqAg9Y2p;{?Z5srygk+qF4zDK9fDHQg7}
z!SwMx#FAfP|Bdo?c0S3!zZ4S*;9G*X;(>#Z=Om1D17moX!%3_b+Tt@;Z9P4U0ycv8
zFN+6~^py{w3~^0ae_G*d-Ht<T$~u)S7TbeJ=6?T~L~b}tN=WQ^;>p>w-eoeoC3HEU
zqdHD48#1yQ3@O}4LEmWnG>GB`iBboeBSu#Y$C0+}N)a@*@I^QcxaSU5u1S&66~aAU
zVpCS5wK>t^)NxgnYiX9}Dott!b4n@>@>-HFps)ZsriccTTC2fUXE3N&TZ$SlJ6mGj
z@y6PfcblQn7pSlFnvHoq6eK3fjlVvovf({E9BeccfXuu#-#yl_;o-GZ(QT&6;T=Lc
zzMfA9zU252D!JgD{qFL7Ae-Ukb-bm!jYPPHRKh!w>5#a)IB|?F!Xy{UPH^JUWvr%U
zIRX$r2}h#D;t-~jYHUC>;8e!=OU(R3e@vhGv(ZEhcd9W9zc!?0`Y?XmHvYc3nNSdd
zKV`M5phGnrytXP3U6{n9TfbsX=~t$;f$-I2emnN22;vn1aK}^X<Ezt+^l)uHnBd9@
zUNzxm)s&Ot6G14~edzLSbcO-yv)<>g5MrH|neN3Y6%Gt}y3^0Mb#;_cZ+&gCs8{Tu
zTjFZzZ~6WbVo$=q!YeSs0Paqk0$zYD-r|w$@m*2G))Es^aDn0#?Bo)1xG7cVWKZsL
zJNwlyRl&ODyq!2?eJl-4Ez~7%+Xq`mOA}LDNrk<=_0=G8<-BY4g+2io{1MJ(5Y09Q
z3e}#ZBv>OJcGZMFRjL_jxO>p|i)u+CnokVr^5?H(5&WTcajhD~z@LsEDg&4WO9{h2
zRx%5&5QqQpYUW0FJ=OeXS6I$<b>9TIivlgcJ+v3Lx$b75KRO{%>;8{Ubs^>$!PMZ)
zIgr`-K~NNVrxF=MJAPMyKz9TDuggsK;z7{~M{{RcZjQ%x!jis>;5P;H>5Q=+mYpW1
zC<@8#ay_U8aX1CND|Q;y-99)!-=RH}jLv9)Wu~0Wx+r6EZS4;rcSXLYWBPKO`N;G5
zmhan@^;G4X;k!8liZdU^ZoKd7UrBxd`m6n}yyKujK*XX4Y`U1|jcz^x>}-Znda^7j
zU$)We;+Mk$DO}j*CQ0iT>K?(iTefCgDGR9GUrFXChoZgOGEYR8XZy_0GOZJEn%HY-
z!B^~)P8>0P%Q-{ay=~py-0N={NJ`JRezAgbJ|wC=#o<+Z4<h^X70bqeM&VLITExmm
z;T2+9V9<+`?~`}2j<>tF;%nrV(tbjZ-1YDl@`G!bpyN8`b}Qa8V-_ABaGHsG7+4RP
zFRnID$motHoofDbU?|D8)M*%_7;|1+e(_epB^y=SJ;d*t`k(zO8h$rH6md_ereLfv
zB~K!JqmIe{(TWg?RDb#5upq$`6Igiv;LvZh^&DLV%?-P5S8;xctkb%f@Qu*cjxf)L
z%0c+Gk*_a1BO@<Ijcp+KgzkC|fld+q6N1=)+2CP`S05q(u}kMCCG(B$OMTO{wR=qo
zRZHHlmy^e@x((P%A#SzbCqDAm{j8pUwqEp~7zbM{@KBjC4QybN-L5TD-~`&xNfopZ
z6^ts*3lG!kwO%e(iyAK+Q;QFNeh#=62W@WWnU(&4BfY<yVhq+Tf%_4M8ANWSwc0Vi
z9ZdYgaFG5GiLhce6077$;LuaDOe(2h6W?md3F*rxyt*BufJkQaRL2#Q>W^O&g>76L
zjG|{BrK!FBHz!g)q=3OXVXFds__y~C2P0U;tW_b!GM&Y&cCp1Yw+9z}ZE~g)Z@4n^
zjPHu?CVkw{+b((373AGEL#3~*A&O%yE)~Tuw83Vpk4MRZPSbY1OR|SPSCW#tk$5T-
z|KQgSgO9H)3dR1=MN%t&5q{(#T+FZmjIaU&7tb0^u5%x7G~sC1J5<RR!cyq1b)IW7
z0>ZN4Sq4W#zs2%UTd*%Doh7rD)5dMUxpC|Hphi7aYlX4-a24jU?#x-^ae%fH5{bcG
z3cjAv3e8ZD?3RX1+Eq<QIF@|GbV4e!F6X_}S-B>sOtq;#!fsw9g_`V?a)Tw3iASm0
ztJRn`<n$e2&CCqNwx2(f#r2d`d1_jr4Ul3QALUqln+naMt_q2=earlnH%W*mJv!cN
zO}{=*LtZKu7G<7kUajywd#<O<UNEnQl|^Sw8>&^av(Y>&#tqLIQi+Q*t<tZh9z?Lg
z1UD;&RMi*2^C$U{g#NQkCK-Hn6p<L9uR1xOpC~EQ?00BQ0hu%u7G({tBH?P;nWvCR
zzZA^w5&3p|BRyCrBZrKIGX~t=*}m!zGuRp<c3+~tZ&Icn_x(sGDk(mPYBK2kfE7LV
zC7|*Lw$~bJ>3u!!i-t`EzqvZoKudgve&|}^Fgm}~xaAJsrA`ak$N0(jXTm_OZf>tK
z8dCe0f#VS5p1bRLCpKp9_b>&UZWd8m5OI<iXf)z+l5L;QIjWZl)YFK>ydSS0;}}2k
z)h+L2or^UM=$|c@M*qC0u!D!MP!s9laxvm%S<BrR^=fuhb!-3j1Y3;Pe7QoYhR@AL
zqitSjJ~BM_9jgJ9u^}o;LlqUsW;rrlW*TgE^pSiI>-P`+jR!D(gc>IFv7NL``c!Pn
zIszY)41dY{^;3T6R)P3~0g^dvhBI=IvLJ0DMPEsp+9=n_wJ?iW0i`WOtZ^u{1MK2R
z8%O?tuB#|iRENo~M%kC{w|Rbw{K(Xv7+Ml`Je;TpDMsKBplf*CVmcQKRwA}us@=aZ
zc~_I(ebOWKdNt9(&zAFqIq+274Snrfw^vF#Qk#j6-ocn?#8iM-XL4-Zk!QUt%ylb@
zE8}oi)v~)9oPONyKBmyFiObgrO+@eoIs?-a68(v^LptKiQDZm;^ICFK&AWgLhXO5;
zXkHg1R+phv0Og=b?v>0+@8L*FI?rKxO6Uulm5h17LwSFY)3w@l(`=B7bX|5dmdn9u
zJCaJrzm$|rp3j3eTG9G&{#0vJi!S9TTuiFu<%wfwk&-Ka=Cr*R5no50+X}MO`{#qG
zsSEAku7aIXl@FCBY(-PC`aW^Ie%<Gkg}{Y}=TvnC^9GX{)Q@f&Q27r2Ov*K^j}4ar
zs|IP3rgDcS3?)$(w_pvAnV60PY&upQFT83L6jqTVwR9x<Y(xbh58mA&l+?0RL`;JV
z1EwBash$F9q>Z&i=R|ygR~B(xQ6+I)NiB?G52-^q+q~M%lAMF`84r5{<8oG!yui!d
zIXKRJ5ya8^uYpvQBQjD0hsEeL$k-IC4!w<xC8U&G!gcB-dSMdtxlOD{<%Rzr)4?wR
z5pZ=S`7F4f^Q8q*pQs_Pz}x*Ghf`hnT6vK0_gj~;Y%WwN2H$=5x4=YUm;X3iGQ<2I
z-9Z)HJad$-3}|u@V8(AZU@HgS-KZS&R-{r!fHxlnciF|%14l7Sczfb+yF@lWtU1<?
z>=XzipL%1FZ!5Y@{4I?<Ge=hras$R|9KhHSr^B7&nBjXy?py6NGCALB`I(yg-N;le
z(fS#U0TYZ+*in?!@LR0b&SAV7*@5)Qh|XGcZh#8A#_jdw74vR?su5h3=LVDf(wqs~
zLsPnY&yYPjV@a_wTbS*IhYr?WI$vVf;EP!cc)E2y5}RIC15>)A(RwUXL7jbk%15Mf
zXabvJXo8LZeloETK#Zi;lVKcW%myhNEUFd}Glr7PAreX}z!?hK%0T_!!T|9U!ml69
z1%F(d3vLHA!+p0YftUX&HG&plYuFu%84>1+h}Pzk&L@k$OWqhVf)U1BQ_UYOYSs9v
zHrTh#RIJSW_<tM-8@z@{2@}I%ei=&e=rrhsxK!N?5iAPd2*nlF>`77r3LQ1Ipr!Wz
zdUyy3Yt+Ora7}#Gltl}>u$=q0d(^C@tD;R6z5TT*&s+-3nMw-no0>*>*S+<Pyz2qf
zI5psG^h4N`9@Y#TPSME2VFn}3#wf6_os?F$ZqmN0!lx-g0}f`Ip2%`!XM48?`P9@x
z=BbodqO;7;?bEfB>^#R|8WRoF_%p0nK^{|jXOXtR!L+b8#jyS}fsSWHZettncy8m&
zSq|EceTRO&TxFK{&|}R&*Of7*OengXlJ)B5g`AF!fLh?_$?b^CqyFP3q`~QQNAIOq
z|LPYJ>^qqEOL@Z~eg%pdBOE6loFcDE0bQQ7+-)FI9OG-Rj#%m7J`QGAl!tE6C3`zE
zhi-g;t+`6T^$BBvjSWMEohAWC^~YpfX+a+6XtQPOIC6=}T7E3}qvd~EGv47}r=6c}
z*b8X3RB4yl`|?w&HU6gsDJR8LHvbkmCoNPfI15iUX+7O7-|b7JFZ*-;w#KG@^h*kM
z(47#1{=}Tw9Zut0wyt-u@_Sh*Fp{$Vnqh*_OcM0o2`AyEGKmBCtasW$JP;~V(h~!3
znimaAc%uY`UOO*ee*CHTvY_sB1f2wg{KFQM3tPTGK`k*;IJjh+A+(%>NAb2NhDquc
z9qBMmuM=)q4&k-z9W=G($HB7Wpt4Z0rc&%tgSCUQq&$@8H6_;m`$U6UU}Vkj%C9jX
z>PtCcZenHBmo?(tThIbhQMFlGrefzw#TBSU0)o^fYE>3d$y7Im+v3f1flxH^Cqg}C
zuKy1=V-zm!xEJ57d`^@JYbaX2Y?r1=DYCEPdY6PBrp)-Y^YVRK#^le80Px#ld<a!}
z;Lo@H5{4h(fhDOHO~Di*y?TR#<`l?T3Z^floU^n|UC7ELOryjj4n2{qD?<ABRq}8U
zA=1gwMr}aLxMS&fxGlQ;)ign(3lWZmi0{-n;c0#XSMLg;ivsFZL}ZRR(s{@8p_dx_
zBwn?&W2%An+BD(pZEAnFA%)E;+QTCWAY(ehm=@X&8%3qN4H>Q(9KOyGi_kyn?N{-h
z>X#V_-xu*i5PG{61G4R_W&G3ire!p8*T&%^YMdWu5J{HXy<T6mrmF*D&xTPBKR*#M
zXWI9w>c~I^wh=y$7g(g;ER3&z??W5QU3VP2m-LV3bXsEkr3u~Z<aDtv)i`Wa2k;_l
z^aP%<>z@a|&G=0F6bwT>C;RgK3~L|Qy(-9tb_ON!I{QAPc<^obiWn4{ay|aLU>9*s
z$T9Mtl%*^q+YeryjKjykw*(~mket-4)noKrM8=Wa{{4B+URBbs%hcB%g=X*DnN&pH
z8w72yC%2So@DhQ&{Jdr9sA3BsUbxK|rm9|5oPltH-(&JpmNi|np){rv>mM11X#(ub
zcgA^AM!w;lIt}m|t+ntgYE?>}um?f4AJ5azJ$oG<aEnjF&qB9%4SSWE$|I)uD(^YP
z)(W{QMEq;5B%<-HcYp2oY2$p+B~=i{p)*hzL=J419-myn1-^epRZrmMdVq8|^kR$1
zv^PF7<s-2$lH&;~Yxex`VZ%8cyh83hb~)iS=$~0kTQ&0Q$Mct+g7HyA@JPDTRK%Ub
zak@ynNY{h_Cbcm(HWFs2^zF7e;|*!GKsBB#@h#aL+~H;mnF&elybZX7%fHx|IgknU
z2XL<>`V<pbvjT-)miWdm+O6S({Dm$Mr(l!3dDZi^#~Rs^_`!UDUwK<XYp=eDv~8YP
zB6Hcmx_Lbbj`BNsVkt$Uv_c|rvvk4)NkqoELA{UqQ>aVq$1!SwlQC0SjtCNtlRdBJ
z$FsF{nZB(8#}x}kV?wS=Fsm5z2E6oUOF%%%VK22@vQAD#4u{Tf85bMVUIHw=1Ca@g
z##Q|Ss#pcl)8{vVk0jVz3EG*amE!$Z2gOZs_+bG!rN|M_;G|;cDHMdDTPLx{{DN9p
z#XwZ*Zjir?QXrlDetGucyqE79jn^kZT&CV7xpc?&vDa7)Pzv;HIw1oAeS!FheqfqU
ztSliGTg{BEThRjIBrIPo7TZIbHc@-)8Gng^OzMp&6|EWMZhe;)!&#%ts$0HyEc4%0
z#-9pRes?#XYY3xo+)CAS5B{|}q#WwXo+}wG>eqk0I)b5L*#$=7hYSf2M8yzQ<p-Zv
zFJT7raZ<@b1hzQC0kq2O|8K~J21F!s$cb<?r!Pe?<4s&s`QzT&vh8Uy4hckUgz!Fs
ztK@I3Ek;7Kg?>gWs1}@uZ^IGi@;1h;=eLS^j9t>hWHeR!9SXhHpp+b3i|{ElF%#nl
z-<dXFWidy>Zy5w__Qk#Bk;%#ru#CR!K_j}v0=k{?1vpF{M42$`<a|RitY-+oQtMf!
z_h}}p4c}AQ%Z^)(M-nA09{K>_`MB3m6yCRAOqOn{HNpJQ_R~5nUgzyY`zrP9(U}_M
zB~+)CkLUGbBBRyS-4b_sK(79_eqGY(Vr4%A^J4+;Wc=wDO-@k0G1GS9wP3IPp^h;q
z;4Q*?<wKN=7mtrfS4z_2?VG3>n4>yj|0!h2*fC|&E-}^V&%bQAtx#I=@})9lWDe9@
z(A^?r4#Yr^;aIx7YT>0;^E9zh(D*1<GRhgnxrJk(%GZj7IQU{5U@1BDBielWQWt-p
z1x6~ZmJIo~!-iQ8Vu(8)I66qpq@PFGMs1AEpr^B>!KRlX639UB=y%1F;K>irpV%`H
zjIz1PPV@Cv(a%D$pk$=Gl6kWJ$|nv=DzoqKIUP%Mb?oaZ#XB-Oem`^o7wJ+aR(-|P
z;xJ?P9q-cWFaMtBXLV{f<J#NT;#4W>y%BVPodWOV!F1CUl)1|l_`t)~)tR0t1wzzu
zr7p7bAB6^4%18knXByWi8Q<#b9da>He#SR5`W$Fij){B1vAT|%`SP$)b((R4xF%BI
z1T%+I9Clh+F4O5`6`rdPs-KN2u9}opKdaVYe7#o3$@ARVEc6dZ9*|AEJ)d8u`=G99
z4XFK;b$=MV{T>lV6Z^4y?<nKqkQ`G{DjXVV^)yn^aUnA^zlvIsm84?L^YT_sjx_V(
z<@_@Ar1g7k$%yvo)Rp1U7BX(;;q=Jvg6q|Hgd&~hhehIT<vq@<QYWfC!c<M09i1Bh
z;!GE-Rxi(_>&VeqxiX|1`A-jk?=?K2olLWIb5rMzrBlN8miWDr&X^p}#QppnmeTxu
zv?nL_{R42K23O{Nz<2!|`~H!czUM(9eln5OiDbDr1`45BFzg0vw$8^?&sc>N%cz@B
zTS>F)LE-Oe33WeQ<xvuuP`=w`G0Fo!&Gq4^7@{ou{<C2m-krlc5%33{FCAdh<b&?d
zAw4O#e#ypcjWw2CDWxd85{p(bLfUKGby$!A(~w(dD;DVVWBlksyS$gr0HYAsM&;IO
zyXRULvIhTWHTo!}E{c_FGCNn+xmjCrfmmT;&c0ZmX@~`cS#tH%_OZUBP^q2$Yw_|!
z@>!DsjF@r3$*b~5$~x1TB~gx+^T{K2?<oezDT!0%811*fy7SZzF2DQ9R4R1nKC-sq
zx-8dv6WtxHlVN4k(6Tfe8I!A?uCH=tX1ukx;Gr`)6Rv#OAK?i5)+=x(xfbf%cS(sv
z`loam>Qw0`(S<}BA5E|9Nk9GFhoiehj~a+3k{2=$!@9IQ3Q*-yqW=8$#6RVg!V*hU
z=HyXyHnYS_y(zEi^dcZl&!e61mhP?Cw}gF(>!HggLAm0S!S_Q7C%>0@v@wL41p+wC
z7kZZ>dsO=Qdd8kZo5fPTZvbaXx;av$;mB6&mqL!{;2uBtoFOXrSAZ#ano@)MPXQU0
zl+AHd^SHN;kB2v+glicS+G`&;<zpXv5_(kt7>8RuE<N@O<Y*XQA8gl`tQy#QQCo4n
z1+>@K_)_t*Zw_AiN}m-5nAT-)iNGB()74CN(O2M*ptH?;h1nEjjRKpqSk!T?gnOpq
z6v2;r|EppGzp04dx>JLTQl0dh5NSc1sjl_GW#8d^+cVk!HTJ6TLGJh*%mFiEkJVLl
zrmFQ4Zyn-5eI@t9UA}`jD6GSU%g+_oDN0}L|A=*&Enw`&(g-SQ_7JEX-+H>8#0ky6
z5%Dm>!W*H5$MZLD!I^Q=$BHGRG|ME?Dpm?Y0{;qJIw1ZL&FWdPpEejhn-q!^e+o}#
z|C$ke7&owpmGC;8<1l!CEAv^r`*x9?m5UecRlFjye-bU{bG{V^nzVL>?LdA^T%-FL
z{#a*7;!`?%AX5ps_J3U8V=EIgl!R3aGe&oo-}QS_9(rmd<T7ORr(7uj-RGGX!>PC%
zqo=?#C^yWh&duZ|3VEmQQeDVC;%x06#7_|ZwQk=KE4Y@X0_5dErC8P8h*<ycnu2L;
zGe`W4Nw!cEdm=4AX7E$u=={#$`>y3MxrQb#WtXNHkZ9V>hN>u}u1G~#QCu+MUrpAL
zTt2~_)>*q;roz`I0HN7)qb#>z(Wb`Rkhe9cTe9zuBDWZuuWqe)18tX$B=)Vy#@Eb6
z3~jdS0tdNA8MDTmFwAU^%_n?wz)9vNtd9qlER_-PM*UXxy0c)h1GRYuyt2$tI!yCo
zDLw3Du@qj>TgqzMUowhIEM#_gFfELCB$(*xR1l88QCG_X`CzGEOyam+MS6wL>_A%f
z@_U_AC1@TZR803V1;VP|Q!JYH&VC<Yl9*LB)6WiY;`^6ETfo`(z8Y=LT!Bi|yNz#t
z;|7!<{pnjwP2s?G9uZ;P5-#W7)!4b$+bA`SEJvdoUonk-0PVme;+UUwPPY1Z>sm!B
z2RtXX<2LQRxNhHV-P$B^)g>`+S62(>6h(XqY3``f7Yp^<;<o{84uEq1^~Z`eo0o?0
zdz*|kMj4HdY<NfobaWRw55||*&o%GEZwe4^#tCRk4Jcic$M8=nA4vWfWwPlW@ADxs
zudk<e#EwbAGRS!5TcO_5-7ff1e*}=ScLt;s8#Co?DQa{rK7D&s2!g1RWSB`3hEdio
z2spQCmOcAms@C=YjkrDf_)4vp{u~Oo#XQw1`bqglgeUySD@?%$o$CVX0M_)DMxdRF
zE`q?>%SD!5s+JwDCY&R9btoWie)2$Lk&!G>(d@9a#_>QkT8Ra|?|+DcCeigGO;|cz
zvw6D*VT*IM_iFcf?=kV^YX4=5Z?$7)Jhkk7^R3l$7D927j+57c1V{qP&U&juY%gUD
z;h!~fNt6;$NJ=AJBevl^BzE91Au91bO|hU`wVJ9a=Q0%&T4z9D(u-OxUj;=cWT(J^
z)alP$lr(QJ0y0N)mBmp1ys#HkIl5h4IquC1KXxc6$31F&{yAnfCi>oc<z0OX^1Gvj
zC9TZQ4PIL!sdkg$YJ?t~$IjubJS_vxnAi9A8f{Eop<Gye(D6?h2wiu+HkkhHoLU5F
zLog%5?|WN^Mu=U^>pmJi4#5B7vW@lHGy+J^9+TH0!Mb2KE*1<nr8<n-ORuz^nwanr
zhTShV>^^L(MqmDSUq+OU(3r#Y4cxn@0lF8mhnvhFT$dfa^QoCHw^+}&a=UV8LH9?K
zsF!<AV_`a?>*|3o!QR@;=v_!e>9H8_PIM{lBBU%mK?h5B%P`^eC0Mf!#Y}oYW=5!P
zFyi0O%SkPiw-VGSQqG%EkBX>DhS_I+BMony{AmaJEK@0`ZKrcI>$GiL?i5DEL-Wf*
zWtk=8Le@yqpN0VoSSh|I2#A+jeU1Z{EhQj1p&b{2?YOcY{E*tt^ROVjwoNwD=jYVg
zV<USMa!21!d(3EL21wySGMA;Lit1*`zl`#-g_jaCgZ!ahoBjbWm?J%?0^07R$ag#5
zl^^}8Zf!yyzEF81Zc;1eL`8qZB4$iOgJ>~wm?h65L@M>kV$7w^^lKTQ<^lG<2&L$^
z;BzCsUdr>^TJ?2`cqm=;zx0w-bs=r7TDH;q0=~{I=k<3oy=^=vZh<&vUf+C*)|l&3
zg=8J@6wNjSAuq8urp<eNca21prpEfDP=N)0W;y5Z7Hi;0Ng{P|6Lev=n1c_pZ4BIA
zCoRa|X{jLQea4ID0feSB+X(k^b-a=Llux|DeIq;DL1{Mjf3$M3vb)o-{-2a8Z2=h*
zKMU6=CH<o4!=0~ckrqnR#UeZv{_2DnR|GQdAwK>V{{oJpG``j}8|?gBux0JjqR^sh
z3bW`sm_glgRdYWKiS{d1T&ws|$}n4t+XPqanR5yLes9W-duFuWgLQe!tEiCddSZIU
zNrP0Ff)g_|7%$LXh6wP=LYEsfR2prj+Lmk)S)HFM$HnB85KFui$X<-nyi#`?ttBIC
zA}VYdzfaw<`7$GCJ&8;6vewPzL^)()#FjHeR@cx#j%AwBv?^5F`}CDo=c;WQT9(;*
zac{tQ-AIc<O(IDw)WKnm5=QVpSKTw>edbfX$AP!NauNlm)ud)8BJ_o;N<SKa3c#Nc
zBVo@ABa~VNI@Z9wJ@GH`l;6caU1&4MyeryhiPfqwo#diF3ALOkMI%yP<S)PS<CA8o
zYW(ot0MU)r(5MX|+umJNhcDAzWeEAlKk#g`CndX+;Z$A`D8$paG`RY8_cbC@4A^B0
z+-PruK+?U=94maa9mPz5BVtlk><tLWYA&E5T*V*7CUceY8AVrn{`c(w2JQ18w_f@(
z{AN_dT178Zw)(|M*mbpoR<6R~?P!o$<%QYnd}>O^PMAlvLT6LGRg0&Vfi78A&L4L}
z2_FnktGg2v%h{qoJp&w8>I5T=v!2bGpRrzbi}YXY(tA3Tb3^`gJ)phL#ZgAUy*%O#
zr0-;&Wq#qE$D0^vejW^Cmx`zD;ZsY0EBR>KBwK2-erEm|Lewu2in7Hs1z%=p@P*}l
zAu>y;?7u;(?hgL+LK_vbHwD7ImMf8=u_MO20ZA$gH7^L>0Mk+f9H&(aw}iavvQ7SU
za<O5X!uc$6-RaZa=fr*vSDUrhgOh4<5v^vIV&_J!_3_haNXPEHBb33$GfR|nm$9?%
zhv1C`Z%2htZ}gQ_xVb%VI{8GlmO1~O@As-_*a;Pckl=qDTkRA=R%!S=A0^B<HxU@3
zCiS<bC^odweWN=!576TtJqorQskYzuVMa>$^0%Xf`J23QdT!#@y3M!AW2nSV(_k(N
zj5i8a^RI}B#p-cxym&dtF_g>21ni(8w`;rHOtM-Au$&fM-~@-Q*Mc9q*a${)1zc~a
z_UsmFaJ2h+hSISggjc3#0CiNTMX56_n7r%(^lYWBSbzD$yNy(Nn48~C%2`S`)31G)
zdyX4Yg>O7bVKoO-Ys@^1HYR}>)2Qa=q|tF9h;w?>hSfdEZ&dX0|Jcet2ZI*2Djy`_
zY%mtK${wiw^gAPE=d2=@#EHbQbWp3|ug5Y8U#;?!0hY8n5)^%RITP-MN9%TP{BsS8
zHOxvNRo$H0t7*Qd^++f>hVI(d3Wip1;Zt=Yk)L1YTj(7?1nZnE540yczpi_}F%LXG
z51bqRoDP&<XUf3hZg>`Yc6^0;hd^EzDlN4K!FYPDf_f;86{)5St0bkJBU`Vnxe?$b
znd<`?2fT5I{g1KhJp%OCJ(VJDXTRaEdz?ku(a7>m9a^G@sy^>ht>jae?}cn!7I<Pf
zjFP$<vBuhI4*i%FH8l>$*sMl_7CNR6XT51PpIOR(?lYEx1BLWt;kS2aMi@ANRk6>8
z<VUaDhlU9oVQE6%y{TFTdMo@p>jZOJU_8j?nHhRv$x4Y~Cly+amcGLH`R0i|W#q$a
zfwyCXAnGMrei~<a%F(o4riDjUHqr`?wkq|xN5LFV`9{+eyE^OB0@F#aT~ZRr!kRbV
z?dU^J<{G;S^hQct$l|=9O=AI|#)>b&-kVg}LU}p3oCuw7ypi1v+2_QMC?{6~d}ptI
zM>S^jY!O7H_xlQ{ldI-@_6wG3@6Uvo$qD5a1nP9l45RZP45jo~Y+Il6Ap1qJ$Yo;F
zo;zRZJkFLhIU<aLUr<3o?>;TNf2Jd*r6oKGf^#z7o*ev9+?>?)J<BA&1-o94i;)W^
z>D8MeI!-*~C`wF>W%@R|LrKLISVW3+Y;0_5np>OeL)Rc?P}18s^$+V~Q$bsoqKO%!
zN^7{Yt`UEL)0Yim|B$N^8df$k(5;n`>aR@1N@P(&hy98t;UeXfrqC5fmT73fN_4;d
zT*>?zp01TeF}c-Z8=`efPqH}~kF+FN&LH_T78O3P<=m2SW5rbO_oM&q{u6oLs8+pH
zm?ct~xdG;33yUobH$AEfffk$qN;sUds4feojXJ3l=Ql|PES8U*dB05v$F&;EySdbT
zuv0ac7$0PxH;s8sNZxHS2shysa_Kmz^okG~NE&e9U>Ufz4cqwrZq5OUjID|9M*ImE
zAGDcgB$i@`%Lc-XWF>$M1fIcc>U^5fX^2rf(~0hh_d=)v5h_2Dwt^W4=vYiSDs0!V
z*NrDGFnc9S444U7J{1R@M7fFQC_zlSbPV-3RrVq)NY#E0T8KZq#xa_(mmM9M4&`<{
zbLFm81gi}6fQ&4Un@|C{8$Vo2=Bo||uus$T%eF}2+>zjf1Wkd}hFoi*`cQMTX@94M
zfOFkFy#2MV{|WIkQ)wepYL)Bv;`x?WxW+n`_r*QQ!ZM}`9IovSpAA`C8Zs1h%7%>=
zW&AEr@>k@DT|Pf`_>=FUUMR(z&BryP_c&D>vJkCF$dMz@PBjoJW0>!CGsZG!ng;3>
z_iA1OXXA@Qm#$L>{b`4XKWeOQAz+$?J=^1P1Nl7~MShV>L0j!C05O_|kP-fKA3-$`
zn$Jv^Q0zoQ=ue^HyVFptu%fwXH=Ch1OXc*r1_Ujj0zP0A(>vA*LJSzg416(%xBIfe
z9kFT*e~#&A;%!cQw&4}#nX%|Ti@dv?6{@rf>??bIV+f@y&PolCc6MViGAu@%zpnS2
z7TF$*a<@~CANlnmLtk(|@Z8M`SGqBf4kEJpO`W78znqaZ6ySc?%chf>Wls8molJa8
zq30d?hEFDdv?GM$Z-od->6?H8heQ9zqTwiqP$`>dVm4d5-IQuaV>X|-loTX>r~%#w
zEhUlH%d?LI4KF+QJ1=#aR2dgnS9Eymueo=%dp&Aa6@^2GVc1nt0hZQyc_g%GWD&uI
zw!{t#ScufmoO?eU!xU|5)vllERupK5=0m1W6yZQ{NO&t&z6speCj697Kw28Y_u!Pe
z3D5gp(ED}n+gJc|f!A~l;eokePA)(ugN>Ryeo<)gKr0SXspFr4^jBmMDin~G8O7fs
zgVm2JZZbg?h0s%$_Cb$(oRjXUX7a74;}^zP_*#+m>1kL?HK&)Oz(|cs=z$v)2;vm0
zOATt6o-COvyWd&fOWCpqro?7{I71vQ%-4u<jV8{PXQX?jK?RVaO)pra1i^d;1aeh`
z({HCOlloj@uXj*p1$zPqZa0-AZ4r7PakVM3%1~Ow-eL}F(|kig;zL7C>(J$1?RjyJ
zA(Ej8;s<pxg?ew~CDiv6rr6aVqfeBk@eekaG}`&UEDV)Q82V<x2#HbUUYZvsNq2|J
zkd{-W^_AfEQ~?*o1Ng?25=?oY(@c@^>(r*N*sGYR!1yA(!a9VWJn~TLRQfy_y{DT^
z`UI=`NbH#ll7|c|*$-N&(pi6`G05<xuYCQ~VRKQ`R5NpQp+hIyUn@RK=~|NtU&?l)
zef8j7g3Dn{6Qm}I?SKd+W#BS~3=;6efCSJfgT09tD+eH_x~vk!1?y->F7n6VedU#%
zoEAu^Y==d3#8I}AZtc0eo}1E&N2s8{H-bsTGs%{awlf6D629A_vms!=X(e1L>ZoEo
ze)RPV-`sX2-S&OntNrUWtee-#54;VIlBlP`1ZD9+>PfE^XQ%ag;v+^$)3u%452pMV
zX>YeebOSGhHf1HBgPyrQa_Sa#PfWsKmPBo?L(|=yHJ011QPxg&Y~g|(vl(Q>9PNnl
zz~Ya$i=^j`C=VMNsV)i9oSHf3)#Bw+7^(CL$j1adxZ34|&+USk%r&!qNI-M*CWcBt
z<Hgf!`xs334Q_u?RN^JE!1cb{p!lP#Je4!4n<qdg`}v4Af|$KoK~S^kI&<1_q$9LZ
zfzN$ae?*zp-J6yb*Lfj1rV`3D!#H=$H)A5}gSb$jPp=oJ2Bztf(bvGLbZ9|HIAsh@
z4T5ihs9cJ!Rq2CH{+F(<Iq8EuPz&b5abnwL(kNI=LrWEA5+^owl*Jt%gw&JZswpX5
zPf7vBwj@V5LFDALMRH0aH6|v*IntPF({JL5qI#U?W4pQR8<@z`J!j;sob6vpg!rxz
zSVfr!Iz@vI-IQTxs$Y(&^bSsq;rFa)g3jGZ1ds3c5o+_*OBOfWeP~!u&(4aj_0dD&
ze{WRTkqB7ivEZ>aG|p*4rFBk3G_6@EDe&pj*Sy@Ko-|=Q<T<a=FS2@k)v#49;D6T?
zis~ZeTGi6$<bNch!#tUh{*A3!V}(uUS}Dwx%1$Ku{{EBZc!!pkcZts0kG+P1U^1ii
zOA18qvN;$P-r<9yKzIz?@e!|G)KmT5uQ}8twN5blM500A7+F0*U9Rl_Y+x&i0DG_B
z95p?q=~`^Fb-?!zfz487UXk1WWr`m^G2s7qB2yG%Fm#88W0X_f$#jK7z(uB}(wekM
z1W={-Ppcj_)vlOiO>vcU>+br%74{Y?r=tbxBzzH4SS&+@XA1W5CteZg_jR$NVQUz*
zENz`}A$^2iTy}g{1>{jRSwt{Jx>`G2tCI!URNwogKC|(yt)4^HKec0~i@OzU*c#hV
zsU5Qv-yKMDOl$b^)(khSp`E+acuG!xW}nAY)`@2eEMjf_B~aitL^RH>(1-ApSWyrH
z$~~M#I$dUx)U8{{^{@xEzz!N7!o7t@Dl;SQejk$YV4i|!4qzfYng>d?af=ul>x5Lw
z{V;ftZK$UcXu0$Ixi1NArR`fON8ZbuHL-y_)LjnmTTjGHONa&@aWUzOMhvrre=wcU
zcZv_w%S!<De~~_nMEo4uAN|o!OZAtgFYCiMZtHTVAkCU<^As9oG6fDEE6jEyDcanl
z%i2+gLx5?u&-M6<p~9up$kK%j)|h3!AbDRY`n^r^&$fQ?hFErtE3VHdTMSb@qKsS5
zvnk8FrQdRqZmz0#vM>sYo_x*Ybd_$RPQ%!@Uca<`qF@ddZb7J#jGrv?LOZ-Tc4HU$
zNI@5X6ri!UK8s{l%34tPiL14>{U)l}#m=>BG9GxtMXS*H)|OQ;IA~P$7$!n#y@s_H
zNK1S0gNri+UWgN}`&>7Dpe>M=Rlfg&1>ddv^ijW9R@rNBxT{1&m<b-uU(K0dI3M0L
zav(g8q&IH1@8+S!u<u&uvBS(}N?o9UyP*N`^4$Vx$60oyYC-vjwI<Wt_os)6z}fn0
zNSh$Tbh6j3{%h2uVy0x<$>t~D9I7`<-96p-w5gqy_$?(dBhx*WuEWcXsKV><+Njjr
zfX}k)=KF*m0#@@IUl#$XwkENkGc(z>+GxHmfesFw*>FZdI$k9Y)L%!!L-F|RTE+9j
z37pS+!4&qQ@qX~0^8+Axm7WOR4$_Wn;3J=3qTs|r2D{;^z`GN;XP2Q+gtQ5aj}sc#
zMJ?P!5X#HP1lUAUjPAaqTo8^i?q9t7_MGy=P~2)Bsa90J)Ma$aQBKuJd;H|*F_^y<
z4{qctkw8;u8Dzw7#E`vIvl`Bg(|(4b9Uf1s^O(qYs#$hP52(hL4>@{yJ*LlCQE`oS
zaPusf!E1&K2F?amn+E!iK_6^o<CTeax%MPDil|iDXiPhQuNDa^6a5>mYxC8@yF<%F
z-yCytNi;NiV03hMJJY*)a~pXimzXi}>{N+qtd?tI4=d~)ce5lGSJgS)I?o)!`r7I8
zd<n1|SWuA;m!BWV`SP>ay>LCCAdwE~{^f}35v-y@b+n<R<>mUNLG0Ql;`s69hVhGR
zfcCVu^+A~eg_I!(AD*mDU}f}=z2s&N3v?nxY@@e0mlnTeh3I^-A4QTA59WkC2d@`x
zD`pz)nERdj*zA&!a)}hK`hy?O!XRiCXaMjZ$VLc>C2L(6+-mm4<Fj=9<+`#mgy0aN
zRVybS=f!tx1Egx{OD#Ryc-4gC@vgkl%pJwLway^`6!E3u?KbwZmX@05ZWyP*ZJ}P^
zzqLIV{5)P+QTi=94V>s%%HwsY^9@}!BtFRWlQ=y(zYdVwcpNM@kP%p<0%iU;QDCWB
zj;7CUo8(20#FFBQ1CA?ZdAYI=LBe`k4PJB1$0hm&*p~J_|7ZT<1!>|8O~UA@T5len
zjUB0{MlrCp`^uMt{ful8w{=OM7KePIulg2jO-xbYpGy2*7CmD!2FZHv(8{z3`9l4r
z9Dl^jo}~IYJBjrJ!p{pg?Ia>-^M*lhBQ%>?G{>VS+x}KsAaBa~Pd6kX$^^{|#XsM4
zlW18>?z-}{-P9n9Yl*8vGr$zG{|)azq-i2sG}%@)9YqQ1I=HdWEx%@4oz$444_7Vt
z?EIW(!2n%^_xIj}zYjgCcvXa;Mx5Ia`+)P(*$xn@FCh@?Ix@~}ABnFD6NGBS5P!Ft
z*p=5K!z}Fy{GZ3;V~PagX_xl6Xm>>#vL2p!S(j4=Y?prVg+dJ5ra-S_qMR`I92Q!R
z$`8S@51~{c+Y;SAzdRX@e3qK7p?e<PJKVeF!%p~4`hkfcWN+t2H1R7r@(77YHE@z*
zdVqiW*ki)#&Fh+sj8->FhTawPPAA<$ilJ?W_Xp!wGYpHJ4=Sf5cKi?;(xumG8m@P*
zPf|!Is#0MCcd2{hLSMiIGL|EeLOai0orqGUzgg(eWKf}((dbhwHq2V<Tp3<EB%%2+
z7_id7l%on$;Fh?UF@#KJYH(LluLD~aCsnS;gyVs4+w}v@{d92+qyo<0$*8gny5iUu
zfd{iDX8T~WonBXwf14h>axgK_Nk$@RGUzj!Sd>17y~3?}qLZT~UFIS>geA<^|LIE&
z14WVFv5KP83B1E!FNdOYZ}+v1{%OAZSEjvQXFg(NMcqJmWvCe#@W))W!CAwF7nqSa
zq>0Q@*{qm8GqMopnSG8TtpG*36(N0yUeW{+U10ue69SVVX2i`4%$sjEA!5TE?z*By
z7T(iRVbh@lFGp9>o9*_iXsS0x`-fX!ys#R0H!)iOBefz~b=+6UX*FqNTIhIxWbA5q
z=VyL^-d1myAHn5X(<^TxVz~`dZ?%0K*|DaJ_Q8vN=na!CzB{@lDqWAnet53Bw4KTW
zEeef0*$%BWwu~Yp9)V1eYvZ-|FxiAUx+QSz{Oq5VgUYzTKY1pGesrs?`pe*3_=8tw
zYHIA0q|{t^jLjol_k~$xi~GoTZNnMcxI90gehi;FC!#Wp)BZ={QJAq+8W{1JDc8-7
zwFKfkXmDtw#S-VR28{8?1bLzTuYW+i;RwEnD2_IDj<a@`4TM#k{NsuigSKo40c)Ns
z`?#j}i-NZ|kcTSxnbL<=o;{Jl*O_yQik*|l)zk)s{o`DSTLFHVhZ}WEyuueR0^s|K
zAw^0)spar>`e+oPw~lGM$x+rKg|DXgEJ6oLD1sIN$DEx9w=)9FqR2SBn7X7Xm49xM
zVC592J$c!3Y0+aYrno8sc$PX=Oty>yW7vsXPb<`6$`S<_RoP#SkPFLeh@n%Jy=f#T
zDqPYcGxg}vU8=U^vk&kXq~p*#7{h2B-RneFK5cJ(FrGluyZGAAtMRVX|HhRbH`WuK
zhWSrqjm2(Y52`$6x8INOSgHx)l$2N|i|d1ykxU`A5@(vxn{vF5^0B5uoWuF6D`|TX
z7i{fPuHU+fv6;c~SXrT-)5V%HF`>Q<I=plO2z?Z`4=eh49`AtVBH^7`lZ@ufNBp=m
zW1u@8P1p0)!f25!^d?Dg_IRi-eGKJGNxWNA?jnP^NK0vPxyX74dt^wRn9`}@Zo8`J
z+FN;_XcVXZxbs@!+XR%>)eHpia>g4v_oG#izY{O2l72kilG~t8dDi)-!{mWf@Z<vE
zu*b_)k|)9|U3Qy&I?L+8k-9E^FwY`WU)|fIE>Ps<)LHBhiMdn7d7RDp=A&<@;P*e!
ziz<+ThunG<ba0}X+R>1HA5O^gb)~?z(m9J_nN69#7rs687m>{h$ft{;myErsUlWJ5
zc+AV%n-ifYX_?oj5@=rD%Ev`EMR#KRqhjR3PGl&HLZ=@I0nj0=G8Dl*rDV*<6ci6h
zG0aCH_|iw*IGwmK7KQ)Y+9|TnrKW{jp)51yRIW1kZ-)U{)WGOCOvT;e*8Cv$T^24X
zd<AZFcv&;5oO@E;uTDu$w5QA|y3L=e6s;AF<3K_Zu_R1;HH_IVcQ?mXkchxDF^m<S
zIj1Fp8%x3Ggb(n-Nl_xLyFuhq=@%L)mDw<nM^_j!30?DiZS_Ljh^iCxC?|^t3KwUR
z*Q+5krQ}WeDpD)~HxiUz%GID)U^VLyKZW-tEa`FB5F`7!U8Pra*qG(GZ|rGX^%)V9
zKLF5`@2HW}!9^4;y;o?whK@U`g7Do8e|SeNcWjaAGk8UqNd*sFIna@u(-!}U2%i#>
z-1LSO2nmK2vW1R3AT~Y*$goDSp9NGU&L>3-D+so<!-qB>Y_4TYMppUZ{ttf{P{<Qs
zo%bQR&!d)yvtHih8Rqz{ZS4ZB=~c%xIjVeiDk4$7F3CQSv&sv?gRZMv_`zL%y@IZh
z2pbFpE{NSdzY`gp1TLuE<2*!z7Mgrl+Xp)h59cp<ij<oHF?81k&!6amFP4X==S?mi
z>fEe!PBX={9*s&y82TS>7qS4kRL&vHEM(4jSr{``h*a={*d&oGD}ZYbsgen7uH&!A
z(EDWrk#ut%E#*H4K7P7B!(~f^bwmLdTu`yyz^y2y*kV~vd#1c4#wtz4kreTl>y*~-
zPsK{Fl8X5_>`w@_BOixxtQF0K`VAVyn;(BRi1ZtY0BLrt=|Q=P34Lk5Gv79He9ES_
z(t@pHo?kt{I1espwT7C5!&H!an!)}GM|Yj*ee7p<IW@o9kQ(?<WpFI|a(=b2?x?5^
zrNFdrOuN^MA(cb#@fe0tQezOvshPk=U=R)}m|98d)M;8m6+@e4#hSogIgO@b@^?`a
z3E5*2bSfrqixSiPG`on)h5(PH!4Q-I;71V2FU6Eed-C;PPlq0>7?#JTk@;cz2i<UO
z3QZACV~AEj?XB37F;uh|&OESu>PgKMl5n-C^Gl5D5I+etqvRw$SD^SlSJ``=xr~W0
z9JYG4hq84-NEh%M!pEOu170enbG$qsZaZY)1(hMVN@PsKL`JKGW~gCnqN;#6kSs5x
z=<K4cq6EQ=t4TG9t}#os8Mwdb$1<dlqg`$0`0b>tu|i>Kv5Da1O&QT8{ke<f$cUdB
z*{fhTL&B*xw2oedT&&VgpTfh+^ms9%++P4Xq=fP;BiwSIgbpejVriGWpbj~l%#*PS
zJ+~;*4=1Mj7RrwR_Ln6b6T6;E1u%yt@b(qz7J>6mOV*#+cYgFdCqA<A^Qnp8a4F4H
zi^F18*XyQs6X-s6(d!AL%sZu3p3(gh8c-8~|DUh|d?6v6?P?+?Z^AxXD#^Fllu!4>
z+lE6E1Xj5{?mX}546IigF4dJsZvn`Nyz<fZ)qvHH1lmvetcs%A5H2)ro!h~|`y`|-
zNU%N&ZUY4KH7!R<A()~4JZtpjO*m(SXn}vUT2QIR-LHSXK!9fB!8s$t{1Iz_TJ|8u
zcSb@xs?k8tdj`^Oec=;EzZ&(2zp|l(sByQeQJ=oaCU1!n`gRZ;&sZG;h6%lqZHUE-
z+T#_<Ybl`Fgd31w;xvVFgvGl+s(O&Up6{;XBN&eeO8G!cdDu(7b*ouYUe~Y-&DC0N
zZZD?6WeGE^(Px=g%&XIpnT>1IrvWHAcp!n+B^_EclXJzH;d`Gr`n=W7PG5G@LZ+N2
zn|gld!-u@p_HYf-J&u8?CN`l}e|4dNAP7IvQU1fq;X!`Lr5mr502+3+9!{741#!3=
zMaR?gK2Dc;)TafToUv7}OH?kOq86mWF$enXIm|_p+5HeoClCwCsXg+XxW>wngK4)M
z7e3&#f&eLOwn6=Ezr$of+hcTk(oGBb`o`~%`}7-hK<T{;aaYHRoQOp4TIqq#`j5+D
zwJbwwor|5Lp5^Dup2m_#D`|xEc$V&%rv;KhxkqyGp0F_ZNvJYN$&ga0!6<Y)1s4|B
zDSlpTsf+)e3XFH+(c1&)QWtM0&Q?x%jAvx3#r>~5o9x9#!#R$D7~{q@lS4=Mw$sl5
z1`7CDB=OW%AwkF!4*_(PL>_bS;<^{``s>$GY)o20Zh~0y9D!8A85KK+Xc5%;uAvuo
zgM<AenP8_AXxkH4+Eau&Mt_}Iu#!_~rdU%YWq<SuZ%&3+dpr3%B5&5$2s_^57a6<F
zTa}PfVyexv1e&*7M@;~oHtuJS_4a3A#B|${6+U!|r(F@ZIaFKt;5RC(M{3xrcs=kk
z-X^Q5suX&VeT?$|peNYBDeo8HBojiP<0k`yg&@Q`7g1e9pV0m{%v4qqdPUMDw6~O3
zf(dTDU#M=XsyP>hZXLkqzg)l%udAmswiOp@_lFnZQZ7r1Ety^iicYW+=34khiW;rZ
zC3yZM%BF#F-vik9L26~zue>28hbD}o_6TxLx8^qM_Pcg?Xpct|50}CQ8D1mR1&Rsj
zHw>7U$A*%%p@n0zm}<ue|Fd{mOeMs}>CnEHw_L9X=3A~;A>i!>vPr&*M*1<grhUAH
z{-0Soz|2pVbuqGi{&fzR4-ZX%$1V4D`FQq9z9#?3PLRrW7eBX(fP$hV^G3)s;m^cG
z7_Z61WHE(f*0ZJY$m`2^!mvc#lh06n{)}D~(Lv$A?6>4K`%&@D8PCkU_Y2H!dl!9I
z7A??3yk#k2%}O&k@!~JsMbjZ)9X<O#LNZ?V0eetx2dO8mcfsI7ukGfr0RyUwIBZke
zU{}BQft42fqC0^*(~tV9R0u6y{p0N91RU}IBkC%{s_dHXqk>3CNq6S~q#L9gq#Goq
zk(9obZlsZv?l^R#)In1E(9+%A-w{7~e{y*tv+uoU&zd!BW)IS3uk+zc54a-aFf~@7
zj@Cv}T+<_TJ@t6>6%P%#lM~}7E!#*2*H%$RP|GRzW0!O#;{Ma3-iQ&8_NN4jAG&(F
z-WT-)odFKtTw{bdmBAJB%N>h7k$V&c50{LKZ=jp6@ogijcCDT=?t6?G+i{09jAZ9$
zmVxBdMoC@XT(2efcOB_NPq!brh*xUE<)dMz+psT=D{MOkZbBf}>~5e5|5Y=@nD;B=
zdJC%Q$xhkfqBH3uxcyrjkKzhQJ(h6T%(hF^of3x3u`DbwP1UK_JX2*hn)SqY!n7g}
zVRb#;H-%f=y7g&PM(~i-RG&LD+-f_X5OypW5h80BRs{>Y9-)u7i7&CDsIG!LCItzJ
z8Yl+5Oy#&Uy%@+;=Cz;at{jk&nxuS!h#$R3bp<1Te<+Idc}}<(0<N=dlOD^cD#AY7
z$yK%ESl7=AI!J$Y+iGyzzN!2GdM<k$w<6JhXZS0~9hwU|sOy8$oguvWmx_RpLxn#X
z?4W(nU!3NVt6)JOynV8l!vE2PUg=ayB<80qw_Lfa8ABd?IWrxq^a-VJibDnod=`j&
z(gKflp|>3iaI~}``lY7cE+Il={GASY>>1JR-P)4@dWQBZ@2JEeY%6EnTcHQH!1C|&
zQ!UBKN2T^2NJzA^pr>D=qKT8(fIXHMesYVBRgH&~Jk8JZwj}2<ZU6nBgp3l4#t1Cz
z*L|ER$T_cXD16H<t6E|lmPE6J7sC(=xPlX7H%T25diny&?t5$mYYQ<UO6P62cW2k5
zlaoF&YMa8iT}{=#tCE}(F18$=3XE|_u~OeF#r(A?`kI?dZY;b*C#~0G9Zq(Nuxp(o
z(bI5Ei6{N<=XZ>UEWU*tn|`xvrNbdB5<-L?8Z+cL2=agLf0qa!Bv25aazV8WxLC0p
zm5ejIV=lLD9Tb>va3x?drx3(SFL%H}?u{1>zaK;T+=4?=)kmo{*X8u&PXe|r`&ka6
zYUA+@byO@Ce&=%zuZ%X;8w(t%9CJh75m$v*E;72+AuUUoU3m!qTp~PPlvVIom;xG%
zCM(4vR6rx)u2cSPm<~+&WVKy&MsVEp`|m3ReEpH&oIwp56;grVOo1(9f?p|r^kdif
zVZBm8P0>@09>eb6;2(bUZt-9Vg@I3{V*BVQ@pA$7S2%~QcW^sa2kxPElF+WX{~q#0
zN}ju`lHKiv>$|UBCj4XL?yoQTylWbdxhkLrBE)A%(*det0P={0n1V&SD_BD3qyHL5
zPmmBHp$?QDafXrXUp`GI1J?W%wu=ojU3o;(GXTc$NluTCE1jC0PfrZR#CDJM=o#<i
zU#XU=^^VuY_Hm8A)>Ame+n&7EG%Kbb|0tWMQvM_X$1-zRvqG(TJZsHCUQ=KXCmK2G
zojAZ!I-K~0u9^EB^%cpjb^>j&GnGh@%!aQ3R-wk?$(QM^Pv*xiKeYSlF+10um!Ci9
z9&Ab?e4xgug&~IaTR-Xa3k}ofJ#yKG-TQ+|vB!)`d&G5FBs~<wEHa+w>>VY;$?CH3
z9~)W2`~NG=9@9@Cd4Ox$VN@)zHe*qGP~YJ0@$ERg1aD>3T<Ob5em>;7E`KwL{96{{
zBy`ert)w9{q;c7>nqjGc+w5@iWPt<A2!C0BN?SU!cvEd0b4>wateJ7ocKTME*e%#^
zd07dkas-W}ITkTJ%F3maVnf?MtWx^IZhw*E(l{(+NE1T*dC!>hb2bQoVN`#Xiew(@
zFvE*u(mtkLX5Ad9y(qCy><17oH%^#bx3NRDl5q^Ktz4dmLl#eLS`K&t?q62pmxJAg
z*aEfxL&V6~pQO~=xANhF5dy5*a2rIpkU;n;Te*=36UfPn3=zngvy0ALtL*Fbm*p86
zx71~c9X^`?CzoomIkQ^2#`c_DXPKeCW1RHtP7>p6qfKh2$A-{ZQz!_{N<-fQiMqkn
zed1bw481a|67=o6dTf=TvcRWHzxPH-g`|383TJNC%THs)1=#hlJ{Pf$8?F>eJe|=I
zXl<lbQ)+^0|E*>aomEto$f-J<?UMrKq%*CmfM&>@@cb2I@+bJ>gslvJoe2?olO={j
zeXSL059*u@54f<<q{@-8kjvBY$|{QYmifMh`{-2EBCKt{!UkAiCzA=0P=N*JRMg7F
z`9arbGx4kS5FQ+D;^qDncV&Ph#6MDZqXA-WK%~hb+pREA6+`#JJ$SnS@DkAEitPL<
zn{-sm3hGQ0^fC!(O6)J&+cF@&BeYUcEfLCCw7`zf4}uJRf*R+Qk*kaenQL7D$n(L<
zLZAlo7t!tXvRydj8Jhc%O&`HXKmOe9vZc6M0eKmSDerFEjo0g1y(xDzSWdTR`X<k8
zb0+iG?*g21=jiE#zeWHc;@S+;l0EK;Gr7EJpX%(Kp4fEx)m!nG%>3HMGid+LET1+_
z=q_yo^bAH(<7#`LbjT*a7E9V#^-@?#yyt0mc%qwpoPU56(fd3d%^&%*Gu!UyVoUFM
z^vr7=p2sVf(LY;DL3GV=pcD0UP$@%*mvbi`HoA>_0~r0>4Bs?1AeI`)33tZ)P-ubI
z*_>5#XQSC+M5>vWOMIAr=fhcf;(n@FDenq~JcKUkgtE2-)1Ph!=dAKKy$0jl>?8_y
z2CYIuy?WxeH#cOBn=P0)_N}+`RWD8#KeKLLFrJ!7HC|7y2VKov3_-5fH-&F!k~+xH
zIFSL>8T%DE!?w!(?xaJv7E7xmuMXcZsDbkx<nmApPcsM<&hJqvCB;QdJjEf4tkT)>
zhDOzOVmREprX)P&9qr=>dcMq{n7(368?}w(6W%oZbJ@X3Te!a@rO2FaU|<sq$q`=>
zN4|Y%O1;i`0=?DdEHN`36VVMFpzX8AC%jPqV8JC-ji!dBg?-od8bgH(<GbSUQDJi}
zkqrSdy-z={ur!;plFp(r|D{o1G(`7+tWCc}>H(_8kk*pO^mNmqZYy(5Oye`|=9uIX
z^R0v{$23x^f{B%p+6U>N9&rCq;SajdQ@RGI$4aB`*ZfL$pjQ(1{|!VKOe!Zxw+s|q
zel_8HJK|ldH)Ka7#VNW-Vwy7HjG@QexvD*GpG(KxK_>RgZu7^F^L81H5>@Y`<q~@7
zx@<!HA7rQ{CWqzHN$-{;t`*Xy5owz6>>hm1j8ds%!2aC64Y1AYvG!o+-hmHym^eW@
za%XsP%LfE#1MW>gJ<zmoXg_aob+;zxeeZU>7j=Jk0*%cOPd&A^Ppc3fBpsFfgc_^B
zM<3T1hvE{AIbC^Q*d#zJlZ3`WiY@!?g|V*!*CPyrD@d}52~*%IW2DRf&u%{#@?l4O
zgKMUQE}(ZU@QJ-u!TMIhd{kb8&PgzkDj0_wU^OyIdm0Ve2v@)T6%vX{#LX2hhyS`I
zgya5l{kraME3wu4DjT@0C7LRi)$EJQ!~y?^eI=&eHS?uyd#f<=_c(&K)CUIfZuJZk
z237%wWmTe3Vlk2h@u(g<+;#K^Vok46Y8@^5d8)<f(B0zae*7P;s<4Tfo4~8<Sj-^d
z5W$v4>#6iQYr5>AVALE%U0L58`z9f|X{xQ=laO1P$EBSVUc|<P-O7|P>Rq2)p5g_j
zaS0M(8MMpp_IO&NTsHt-CW&4L=!+!;{M|&P+2(t=xMQs2_#M4UQ+<<6S70;TOjeZ(
zgYYUOCswUc5hNhi69-O!L?O1SGA@g3Sw(MV<H>u0R8_B#TXrG)g@MGTi}$}DR7icu
z9tkCp*%_o;Qf&9A?$`@<Bd0@XN((d?qYdjrh+KzMsIQcmb+luYQ^YOsRBDO$O;qSg
zLA%bO3IdPjI~OIn!FEOfc41Oqa3#Cx0RT5bfMkF!G+Nwden7Ui*vTr^T*Kv!sRZod
zoO>09?Uti9ZvIe0ZPBS$-)DD+PUtXQR6s1-z8ea^;}^K2n$2QFad2>JY}cpj12bni
z=p&?l>KP{omND^gp}Bjx2yA@7J^s4`&h`231wJLDt+&~<yQ7RViFGW3Gk{0zn)SKv
zJ<Vz|Wwp9W#yfW9rPr^hwJ{=+<wqulwWur$WQZqT;$LOS#V~)fwJA4Fc*l<M?^b-y
z$zYzfV$2>5bNa8n5#|(8DRP)vY2R^{=s0k@g2hjf*JWT`I!7MN&gS!z0trGA4AAi9
z!v-)u?NnFzGZ+N}STKJ5tw@Pj+d+lOFaIW`S?S8(-(d!QS{$P=h=W2V?R@ta>Q1R&
z#q$}XM?kbzW*j8LT-yOts2If9W;1o0pmSmSCpcGzMC1x_BQ?B>(2P05M&v&sa;IS+
z%ZWyR`9ABFsvYASaIjjqbLI*EdtR3`LF13XL$3hmAiSn}v4<@-3lN+mZ<N?S-Q5h3
zz+9KWfF4Kl2#|_&yA{Y8V}3Mg6y9@;dGD>Dg*9iYtx4-*a_&V1J$~|dvxtYTQ#L@4
z7aM&IvB1N}i%w3xn)Y9rkwg~*r6ufbhi9X0MaBqpcGd&XE#SGTo{Xi15CG$61jW4*
zFk(H4I@64=&!&!s@h4uqzWL}g!VJ0}Nue>qIx?G==cZ<f%{?ybfgd(QR74J(dP|d6
zmcJyr5Z#Aoh#jaz_kj_)rTZ;;jxX0T>6mD?Rq-f9GEvjj2ab-Z;zFlGIW)WZ(=#^A
z$ZT^N6Sr2fRJc8@mLty=cY&tK>%FVGy8W}O=lXL33g=gb<)>OwnL;hb?}~#V-18<~
z&@Q&853oBldYK1vhTYl1d#KTJ#Dh*pWkp%eg5RGiDk!j1nRQGI_slzHdWvv{{c)$D
zy5RRzxHIgqN~y_y#2L!@fIc>cls>|JnG{8GHvM~RK;MA>`H#<4_&<p#D@!vAiZUc<
zdEPo+due#$oa+%v5sjn}In58?`T5{J2c;|cF|w&c&})A9eqsHlvb<o8<(mHE4l#<Q
zJH&g7xfSt2MRb|_{l=I0C0}*xdqVLksBI()$2XJxY+nwC+35O>5xT;utmtXv2`cFD
zf0@sKzeUzTmck_qX%<(G`m*0$EF>KjM`71%Ukvm3ynBh*UoDABkgH=$1`yCMyPa!u
zZk1JDy7C9ql=;ma7oq&>>C8wvxl$dbX@Sf*BH(T^3;p+}az;qo1`}ps$U7TCg$)<3
za7THlXG&YxKJBXyO=tI_*&C4)>!1O^##Sa`5NxpELY1JEs7zWN{N@!6T6T%O&bLBo
za4+d2&<wze2Ry*N3oy)#GhJ{5%j7bDjyoyzQcdQXT4#O944~`545F~X$TzK;lveXh
zQ|jx)0lf?`=f<f~ThdFoU~I1Y!d2^xmCIUVDbT8;bz<LE0J7Qujx-2O{mf34G6niw
zGGbrXdKFRAVU@wxZX+wgd&<xyya0<#eoWX|_)5Xs$`#72Ly|Cju8Jd_dJWz%#5t<~
zp;_kYe%<a2_0tn06-<0)oZ@x&I-uz7?AR(s0>Yqj@&-b+T54$pE>q=`W<FDpLExgc
zP))dzR1hTmSgYF=aBzNrG>zfBcUNO<XZxI&=kJGCrsA$cIN%$~w<lB9@66mhF4+>a
z$ZlWH)}3d^O}CmF5r&|a1`$APN2mwhKu54&@xc*WHd2vUqCXddK|KEikPYR(a($0h
zB^IHK2RNeBCBT|=E)?>5M=n8XGU}cW%1ROoD2gOPVSLLD;R7A7GL(L+l5Uuu*ZWK<
z>aUiLud83@_3irY%>L2$An%Tzu#3PnTosc<sjUz0&hD(v67$h?dsE%5nNJGC3TPe1
zI3-eP5UoBZ8YjZ4Qva_-6{cs7Ix$WR+D4ibVl#sgGM7Jh_ktyuJ~sfA@q9_@Y`e?l
zZ5rGeOd#jR@q(0^?oS~>&G2E0<#)kl31l|d90Bf?W1!}%nI<$%WID4!IR(9z>0bKe
zc2vZux(y8a-K8%N+OGJrvk%h!<A|gS2GDz3sVwr5*TV(z|Mh&hAGy~S7J%+z($~u6
zpf+`C(FeG4P`i&v!Rjx4uph#6RZMZs_|c4-;2w=eqjwECF>dmQ-R%w|l1=`wv=jB`
z#&2V*i_8<&VQzOvk^%MeSl=PpZ$_hj*~Lv6!i;8jngA9J`Th~s>hu~j$^|$;Kn-yd
zs;8wVfAnS9xN<qfU`3+aOVTs`G_$;5hxV)o*cRm97ZfJhw?JU@HG*_|H1B;LmXy#y
zN%c%p!Ph<7h6mB5YF|%VeB+$sUJSbYdXTlTtF|_o5WHLN)%ShR+y^x`J?D@~MszL=
z&vb&D!NWF;+pHO5nV$-wrTL8Nw>}Exoe|MXqxW4R-&0V)@a139!m5$BWKxfUFuRkr
zfLZx3J=iRGf=tIjzq@fRjS?ievTVgAyOdLef~Rg(gFB_Ls0E5+8n;$+pmfWu`+^Ar
z`r&L3$dft6lfcY*DuM1Z``uG&OplVbgXYVQNeBEImUJjlEMGsXn7*^auWBkA$6B|u
zYVv_!FR5&yvy4m4^d8rnK<EG~Iv?==qRX&+<4746E(q-YsdKaAfWQ<mFKTzaRo(~w
z>SOLP?YMFJ8Z(AuP%`<gq0owkFFwGs2)`tv=G`Ulx%UtW_OO#Jjt{;tcVBi?AyiyD
zWsQpO<wi_-{nhr+ZOVLwvG)bHbx~Go^!!Jwv1r%>NovJg7@?9eH);Tez*{j(uC|xj
z6G5Rafi2oKVY~F9U2B9H_CYDeA6XY3yi*qJnQVWSrDanoLrep!qs4mlIAT7R5!?78
zp7V3dmrCLFTbxW&4!a#J80vfkJ6Od@HY0yw=y5O8*g0Ngn$?`&mxx!CK4*2#ZrGPG
zA#ecIb-z%j<(9&*mW98UN0TrmmY$byDqp|6bZYnT2vo<hMuoGd0M$7LW!1p<u*Ra9
zQYf>*V8e*1Op)Hlpfj_8WH72EC&P<D(mbEv2KmTMjKsMvOz_2n=&Et1N^?jB@dmBi
zWu;*svb3<C>kp=-cX5l^;xQ`rR{J6Z5Ua9^5X4ZB%+O9eBM!@q;CszKZlr|y=mq2S
z={YCHN-;3kHDCyfFrYdgSa+kQccbByar*|b2Hev{Ln68Jt%rQGi?F*&LUSd^(G-?h
zrH+mb7p5%Xu0v*(7RSJ&%t90o!D+K&RO%%6K5_EO-8cf0&kaaoD|au={7N9Wbs#B?
zct&LR4IFM2hZEP?@#U3H)K_RpwrNQ=gRa{Y?|)67ALA;|8;57PxJ{p7adk%7&iR@9
ztXEk+!x>%W>mOJjzW-+u8Q4!3qA>PW{++^FmW0A`o7wdSM@?>bLgS0dLNdCgE;or9
zf$}1;K0vbU=uSch8tOZslOLO~QQX#Y?LH1?M89XIo?2E;&;G%~E2s05`wwfwU`@8V
zdYmQJ7TYJxe0FDrX{7Ga8*R97jlMsnu~X72&2XQ|j<>QDE7{w2)AV|X^L~uUm_{^#
zL_zANDLH1l4xc@+Vs-p?S85hLF7lOV(2P?c`|4h1PQbfn(mRf{Tk;l_5hMFDZ=f-_
znw8jdR8sI~P=(2&A!(hvA(}06yRZ%Q|3rvBU9xcoHq?$VNzxU!PKbaVNsd4{&7i!7
z0JS<;^dqk$)546THXpo6vww|`M$CsviX&QH?yqa+<EEU;@1$bLuU~`Yfi&z&n-2;8
zS?(uv>a~tGj;zZqT`Qc`*~0kjDch@CPO$02Ur8$LaxaP3vYFV=1TQaa<@7t9zN>+9
z1zy*+<!QG>cj__ryZ$FSV8jg`v_n25M(o;tU7V&wquopcruO6h{+rg2ut;}n!P;9N
zn%$w$7^aH+p!#uH^hE`@YvX>viq;*opFiKW7g$nvbc|-`nVz*zgtF^O_eR<2N)QEt
zzwI{B5UHq~Tgqw0jeTiGWRF3x<e?IIl}D^4QDKDg4<vYF|HSIhas?apyTF&Lcbec$
zsCRlhdHOe7N%mRa4C26TlMWD3zC8SjDPq8~uCCg+!~xXku$Ks=a%NdqAwsPX$Yv(L
zwKwbFd7ld3IiC03r{+>?PV?n#Ac|s89A|yV(-N_hw7_IeiM@R0WE6g**<Bpbdxq85
zE#n-BPMCxJiiMD+)u8VTX9R&96@K}3{}iFDZ!xJ2a^Vg;J!)g8F`WSSNd89{%(Y=b
zA+CAv;|)-kCXtMs+N|TLM^xISQ?4@|?KRWirdGrhg*1QZqPl41$ZyuFu@L!ayf~5{
zQ~SYP-r>AGes_t@|Bo2NVbSsSR2zA6-!P@H_jdbubYVTarK{SZtm&<fMPE#=7#Ft0
z%yajYm{w*?(J4O~38<@SfnSzVW&Iw3XILLf6M+0!vr7PV=_l#$FgwGzd?}<|R+Q_Q
z)#l68b1oMR(XZU7vLvV23-RNXCm;ug{WpcW)HH3Gebe0M_q+-?(7x3>FIu+gDP|Jp
z2RD~ldWtp~O4azFopijH-zxLmG&F>mo0uTX9`8bqp3S^yUtGmhU;!N2CMal}OC(dH
z#)Bamn<n`uU@UMNSw$l9zg_hs!(!2d(e!;VEm@Llc4D8mlQ+M|>E1C5ZSAi!dC2%2
ziz<<P0H&JihXhq-wVd9meaM8;#XMf&;L}8CVWs|#+5@(!{0{HR;EAh=Prf0<&_qh!
z(OS^I2!vr$cOkd;w31ivTCpWek(;3HfZ<&=smSoYx6(ZleGO$7S(Rbl%CNk3;54F@
z?tEYhb5K1Bw6uOLpzQJeE$tv-!Iu&07T5DIc-D_!D%U=uW63c`1YtA4>t&dn4ORsF
zTxQSs7N}n$_ZMe%q)+4uK7+FXjC=KHXr|4XkV$2RxyUm`CZc`4je4NSIs~aZIiD5e
zAEQZ5W>QjRn1Vdagy?R`SFzV?4(Ug5(grJA7$s`EKiSOJh6}Yd#f!Z%O{>M{BHjjD
zTyUAG<N9Hs)bU^!(zWCeqks?^m08cf8P~a;-w04gifbz>01_>;Dc8VSFHN^{h`jz~
zBs}R4x;ZpW6WuiF&$Q@$s)#3WIrfY(*s^Y_o#U@?to-Q0N9E_xC3zQ0Y2aP7<k)wj
z4=)rwP2F7&dmdtC?+~t=DbMzx)$Y~hSCn&A+<@_@gjZqt>-j<X3wzg-RZxN^bG9IB
zn%xfnGY3FH@&{$6G70Qc35Gna6-1vi+_j0&XMbF_O=-P(WtcuYY}u=xT#e=ec6Ka`
z-2AIY;Ti5Y%9YIeA6wjr=yQ2zngv@=S)z*8O>txpi|2@55HwtN;dNNs58_;tt;c`r
zS}2X3s)B}+3Q}eAEGqEuro8{p2qy#(m2P<b8A(51v9<D2fhZ&!Wm!HYLl<g^dadR)
zAC$7@dRX`u0yueIs9n&U*4VpvhAz-xr>L+6(dYJUlkJ6tn`#TWw&a86QAWeVZFM1K
zrMA)2*0t}UFm1;_5$n59dg>-<+#jCY&z2**-d;$~d61!u6?n;ot~(?jd~i3x&82=$
zffHA=><^_{SvNi+`$&Dx>-0u1?&)*zl?lH{%8vr~7u;xyM{{5Ou+rYG2X$qAe_J&5
ztZ#vFg6y_}btT9@8!IMd+ssd*<p7hfon*W4SZq-3<QQY1t)0w3{?OH@yPF`Yyb(co
z-?#+E{llpL3_vh~v+W#hsEVuA)5_3Z=svdywe9B0zAh*O@V-AT=Pp0zc1V?!P@xjJ
zVrhd3&?}BvT?b83*X1!LEJsE^ad=~(Cv&jU2ZCtCW<L&m`Djb@IT(}w{bQuQ&~g|w
z#pQnwi`2`@5rg<qDKiwkXe>%m_L?7+lvn^w<Y5Ksu>KKoW`~wv@A`>piL&4&Ov^i?
z<-8io_>DMl^+JwMk>v8-p7Yy#rDvtQcXjyv_nfhNIv))$y{WNNnG~K?GMn3p^NZm7
z+EG9`MEuk3ornd*_eU}lTaINDpRs4`VRO48FSOu~<oZEXEW#VAOxpx40RBj>S8X`9
zV1P5$u@)|5%NY{CpkahIf)%v2pe<FT&e`~ypnB4q@M8!5IT6z0{AH8`(n!6$kI@iC
zoTK}X5gEJNBsrqG-e+%wy2@}f%7assK037gH8CHz-hjDC{-eej`i!Zwg`ki73;Av_
zQqh@aGWTIFDwN7dU>7^)upgq>45j&>ZOx$yG)+*NKc*epRsZ~>Zk<Q2D;u#gek&S>
zggQ|5hU<H#PMJelKh02nqUfqlzID~*#0Xae_inNTq%!HN@`e|)K~?bLg?GZ)dym4a
z!&Uin+^*4_8czoUD|N4KvUvX20b*E!g|C6sZWg6)8Z!M(n|c#h&r*&WUg{>8eLgy-
zTU~lXzhvON-~l<jY{*l#urBiqJpt!-t#5DA-0Fjv{*upk=?Mt{!KR637^-&GZe#IO
zqGJgdr`vzcNE%7<85P>Lj?UU{PLw{=KZoAT$zUu?xG~lY`;!dj0;~doM%3O>Dffv?
zcWpL@_xQGlSDKo-i~_CWdo>gbT@nx6%d*bm)wVZMXTXzTu+i*9bfoQeNtoYFeL|N=
z(8RO7s`_p11EmpiMF{2ueqk&fwKuHAI?KMPtg7y+2Mj!xt4thVGYT)e?l2~?n_b~x
zGzSZSY6k=;%L3|--1Kf8;Z$f1iDkbLaWG~xm^0fz%r?I844bm$Gj2uaX_qJoUFKAx
zgC80;RIrbdootGKP+AXrjqcnViB}^Z7Y^`s9kc>&$!8*x*$l1!4P?C8s#m<3(7)9%
zyj8nzX}jw8Of<axB`jIY_%%wc(S~jTTiOsHd#`u_hd-6y`zl8yIizSruZ8BEF7x+t
z150KCc`UY+OL^0>vivDx_r0WE3VB5M{QJ+fL@``3*4c*b_!$6egdIWu#Q@e&bS29H
ztxS`q5Jn)$A&9d=B5D)7Rbm_Yvr5Bh8N>}u4w9Rb?!&$qqX?VRBpF))_v|gT`(^`w
z6s6I(@9QgC1%yv*qE02#4fpN~7NEV;wYS@h?w&DeHdnA-jT!c^mp$*_>ALGH)J{_=
zZr9Tqu_tq02~bLmOi;;Rm1W{1v*<RlGD5mRk3lnDlhu3`m$2#&NKdfkFmJFI@+|9@
zWF=(4nfJc8<Xa6^bpY^?YWYUW3*SOQ-}?=t7VRJfDEbW>8!tAi_WKbVk|-g}@Ez$B
z89qc!wn37Y)&84d2s?)Ow&BjI!p)eHBD;Owlz#5xG_BDt6%wG2TAkgBoS^@TWoF)o
zyClD+xcpLMYNJkB)8#tx1BdmWZ737UAmhs}9994(r&_v=z+pWfAm2VnhaPJzu(Ox-
za=KwrtH7CWGFGwuoXr|DrR&9)CwZII`pI%IR@vs=C5)Jc;g19r?aKK8)<9lld$xBZ
z2PHRg;q=9;p~t*Wk!J()DVS_B=Fd0rbF)tNYH5nMHxssVBZ~Xyd)g9;ligjW+RW`H
zdtvWCfks@OM?*8$553P{P<(XQ`dh)<#N|14<DXEcyF5_)m{Ul)1#umd5f&1R*<^5<
zD?0Y}<UQM6MO~QJTB+TuiZmr2cwuIUqLO2)2zx1+!!lXuB@%zE$pXn^9v92l+HzyO
zkPc%r<Xea9)*X&xy8;D70V&GWc490!!@VKl0`CTiC#^%m@&v{XARgV}!4NI8@K6fP
zmfJY(!rocO6nDz6^)D<LCZgYNxY5~149M|G8fErGE+~*%m-WF-mz65!n~`H132N62
za1q56iyAx5*!w*Hv5<d($A2u)%0uGS9LA3JkeLe2S9y+)Sib=X4rwlzZfCe3l&kCP
z9hNqbK7Ch#VVzImK_!%k5UPA{X|0uxvv&?W>ELM@yqUwt&?2n`US7qWIs9|JI_;~M
z8|+bMP!B$MyrPZ-s4Q9O-3T%9+v&&k{r0hXMRQk76KP885`vFjrkv0>{y^nDr{t@N
z1s1yS5gw$F1A4#1mlt)f4^C<*UCvMX#|c<$NQG7U2drm=Cs@vvV4?8zSmFNa0B!X7
zjV%Kbq-QgFcW?jxowMmWp-p-p@ft5aG<sM<%3>Bbr>D}ZayZv0If90df8pIR(c?BO
z(5*Gx7$2v?w!y1vSYRD!y(~I*`4R#$h=XtSVz(z7c-IR>=PMR_!s3X7bgDJ@vF&-t
zPq$61#dm#)5agp^dsnd6-xDH$d!jOeyap7`EKHF`DWkf(EoFi4&-z`{qP!vBuOZys
zVo|oj(F4bQqrfbH|BUpEkV$y)H~E(|j|wHw$BWJ!?nGrkDIJ|)?HT<M9i^&E1Grv~
z1X|O<dln+{PvP@6YUx!U%UMVROgSq^=xt2Gt)x1P5z|{qPs_)wU+!We(5Q_X9dWEx
zdb84Lx{s5&JidOn8g(ZzM?ZZYWz&(&;8~SB$+jQCy9XA>;0L#@01zHIdwcrJ_}u{&
z7a&$IxCrza-8B=fPmYF>bOPVR==|&TTxuxT)gcYmpa&~vyWrLj-qm$!LDLfWXDyB9
z*Axh9sgz<IlyG5%dHmDLpW?AO`Oj=WQz12tJ|2!>MTh)V+@?`I%_P_yWecTU@w(x(
zwbq8>9A+z&x}ut_8V$oiIy}Inl-)Y(d;M^PH$CNkonKs6_F5*0y3D2}K7#lgJz826
zzcB%#lYS;gH&koTtIz`daEK<#_YKkqR{EagoaPS`3?7`ebdplb4Y4gYbD%Ja-lC(U
z{p$U6$MEVcQ~M~Nfjs6nfdXwh*@Kg_Q#$6j$EGD?RZ@<pV_SYL9(w?ylhx@|SN6jh
z+}?8fEVU2JZ22*H@R@=)a%EE9UpjLsA?n(AsEF$iX6=Q;vxQSEJ@KD{W+D88GT<vZ
z9GGi|{c&xhGs&=Y$iSpJ{A$ti$2@`PW2N&b!+R5BJ4G6qo(5GSvwrWS5nsX|{Vq~O
z#Ejl4Ky_7a{1$hZ8-FYZ{aQ+S5=)Mn8VQl79eC=1<$MVE1-M&h-0$w*$=zRR0Pa35
z26~=GqPFX2UO!$a9^=<$HW>b(7n<qvdH&!;8M{`(DQ1yvlm5}rPDAg3TBGp#R+j<y
zbqc6co>+o_8Tz<{qUs2>QTq(*q>1W8Enw30x>oKz==q>T#rk6+pVo!c<)opv!|Mdg
zMb|$}o8W2S95*z4ICG@#yKwiR7jA2F2d<}#sggH41>9X+vJ#2ca?NLR_;E0pTf7tI
z+@jwL#H@Ji@>U`jZqPcLtGX3gkwb>Af)04)kkh!BLwZv?+%#;htych^Z!l)~8~4`i
zo81Ox`}6R{(^o!+h41`!f^m`s`+2w%#qfeqWZAY1Uq`eGwtDW}*n`8^QU2Uvk_3sk
zkpsy0JYqN`<K$s_>~cp`jBIR;n~1wHNgN8@zLUOZf-hr1d1s+_@U`zBJ?fyqc!+_y
z_C3s_;=_OgSP55ZjyvONQM7Nj?2Dt{XQL|RE;s(93%56WrX3!0Wlj_}BM3P|O>#P?
zSWQXd4@LDfd-8O9Xk4aPf><Ou;&Sz-^d#!CS6Ff(s*q8iG|{;j_peTpIxJ}1V|9*o
z0ZUcV0ZiWk%c3u9hvOC<oNQb5Q-ILfhL^uNPWKkBiVd}P_$N4D<wn(5k$rwa8`CrX
zqV~H6Vic=q$;T!wnui);8i0`wK-1sy>>%0-I(w^Cz%v&hh^Ew1x=%c(!h`DWj<~(J
zniaaQ5Pb44e>b_KKl5KQ_VoP&_y*`;crOFkOCdZ~$`G5j0^a9<G(=j4=Pt)~I<{QT
zgOy4>nhK`>%9CAK(_OS=4R~@^+{erm=1+6NAnH*QPkt_cBX^i*&)PaJutT^m=}>X}
z7uLhI^QC`=h2^gN$<rGnR2*U1Mpi$47{o*&yL)jl*N*gxokG!5TkKk|v)4RoXb}ux
z?q%5oKJ?WnstC}6E9*bdh0O?r9)rqc#!i?rZPj9F2IvbrYKOLk(6l(LGGeu~AI15s
zwAf}24&X{C?3?m7C~NOHIL)NS#WRR&Ki_mkN2tt*5|&Am$MP>!sTu8G&q)5HwY|-1
z5rtSEwubw_fFULUzY&9TYXiir2(dZrMwn@haDz;Ct9{4xGonHJqcpNj71Fy14)6)n
zqW>;r`8N_)x_Y1*7g$HrQ@glnk6EI8gFJ?YNv9fS?}nx;N|o)^<T8-;AXMlT_{D_D
z2?@IcE(Yj9guu?)#g4(KgdB8K{WDug!S{0xpgoO25J`-LJRO}Gv0STYu@HFnG!R}R
z{qgVhi%Yoc=#>ck`Fk{WYUv)cvm7CP&jR#_&=CS&C>_faAs_k$2`nLH{QP}uImIq%
zgl=_uY^>cJ%1!(_%%G>r#pmE?^1zh8@F_Cy9O>zpog*$eEs;L2STW*xIe>TN5NP8x
zOdc6-IU%V(6C<=M6(RdZhNK!%Cc7E2s-kT4g@3LV5#qnwjujW%!PEiFGvWfz;{K<Y
z<uvSlEU@J5wN@K@w)CvnD(kN6`H9HJs~$n2C>MKN1%ii_ZyQ9e6D0U<eleS4RKdBb
zdj>nHtoQ`xKn{I!YK}sZtAdskC*7>>J9@l-vASDNHRoMdm&$7xL|mJeq)&nj<g#g;
z^kT9-cR(Ut`TT-Uq6SmB%M?jA-_XObO~C6~_jcmW=X5U<aOW4?t}yO3$swt-!(GLC
zu%K#Cm3MWo@^qrEO<1r^v9z|5tY_&JP+GeJ0V`MpF%;o7+TiiYHu9P3_8Lpe5Wly9
z-|dbJt~QIp1f^?X!~gpLT$y3-lqDkWVXwFCHv10wpWz4Eio#j|6T_8A^7j|iGp@Mp
zY(rxTP2bBS<JcL@dEMRYt)0!4YZkW@<l_;IDH2#4S*YJ@PU*gN+S~yeMY<`KWxBR4
z8>Gz|d%ALb|B%##g*^8<F};aCd2x{Zy1P@F7f}A5P>yihYF0Ei1;Xd1Vb7AkJO`nE
zGg;(Hh7cESGgG*eh%@ajbG=|EwCzFGwRk4>Zzu(qXaE;8_7mRn-%^A#;%|hwxg`+!
zB4+0mnb8VmwSbuKYZXJ$RCpaD`Fp4?Ci!7IuU#^!ECMHHv{7z(#A*vye_iLmRNp_o
z#8T}*U28YQRI2FZlW8^sOCn>*>u`+XacdQs3eJE0?Y+#?$dNCVI~5v)jcF*g^&rhi
zv7VW#($iS7P;<~x5Jq2`tz-ZuP8+_DuND0GU=;|64u2U!I8Vy-3=Vvlwxh2nxLs0)
zGx^%|P%&=4xvsqQ?FZ9030@j8@DiHuO)aV-fB9@o%|<=NJe5fLRq}J`Df)j{L`MI-
z6a7sI`uAL4%606U7w=Mj_pGmN_jq99dHY;X&j~AZ?Wy=oF!&y;zQWuJ_Ikd=N)DX=
zdbRkswJS5-BG4wbH<Om(D$CL$CAKw~K1HpX+y$?Winx-?db!!YfJyp}ip3^P?X8mk
z-&Rn0h9dbQxl{2!%Pq3?pnx@2KH1{QyxY}?n@SNdzK0FPJ!~ZwUSeE050u<QBR?9A
zKJ=Xh5u0U&2d(i72=W4%6+PR}8fe!^+9?G7^t;m1V&M#Yv32D0mk`s!Ri2~Dk@ofd
zMe|cS9rc-|Z{zkdhs_&)9(SYd75{dMzjH@S9BF!2n$@&cn%irFIEUWjo&DTwZLoa3
zHeV*Q@XcAj3a7fkAT;5*5p!}cVsRRITRgiY%l2{IHDqrS7@DO1kia0;1*R$PO)s%;
z8q<B<g{Ml*VfLS#aFVz)<?8O5#<-Tm5L|M<AdA!Xep;<!%DJ|XM%;&UCnD|Q*5}Q}
zw*6eBg=V7;q0`??`_{LAi`aTf*FJ1!Zf#f}$AsZRdaFG0=)mN<oz2Eku1^V&(m%wV
z-Lf2YeFrFA+dZ*rN3jqrdA%Q)No<Tc+)T|8jI5HcE!WsOa9vMQ1^<aZlLqDSJoBpt
z@Ux8j!_G4#ZHB|hhg%8m>x*ZVOf2OQ2U`d3y@S+h;tZMQ?i0nodl-XNIK!Ka2YIvZ
z%S$elvXi)DLfx$gK-oHS3ZuLr9<v=_TerZ}z+ZHnvdB!8fk$CIeJTSsB@jDsvjJH*
z<^?K_9!*EBHXW_?jD=v&PEC{|28mktWwRJs`-~WV&_h9K(LEu^>-OsA=H!SgU-$}=
z!m<#2u{p3nnsMi~(X`+(GFE;&pm*XS8}kKnH>Bxi#|v-}?()L9i43Oe0XWa87`I^E
z+(I#p);gFu`WmBT@)jddOEjc|*Z&0A7A&e3`zlY;kCA+;>l8k%yEwHZ`+0O$*gY-o
z7LYWYdV3JTbFWrj#UNtRtxrC)t&oZpn6=9?zQpJ!trRuf&0Q&(T*xI)7xf{6aLDC{
zsi)a)hXSe4?*I=Zz#zzG86ocLGApyjcK#1VA<0;eh3iN&*Re)RWl6tWODNxwp<q5;
zpN+$HQ2;HEfl$}^Tb0e@)t5`(w_ug+t7T$05?KZqmARg|<rruKx5FSawW6T+D}Bsc
z7O_-nKpF$$&(y7e+2u_<Mke=CJrVEUoFBMUMmR5^aBIXJUij&JUgJr9!ywcB;f?)n
z;@;``-J%gQUv}CR+taVDRjPYR*S0N_@eW!x&S1wq=Z?5nI4K*21iSF$Q3l5#ZI2Q?
z7EU)a?{fA11aZvhf(GlI-^b$UMP#!S=(}pM{SstvRkn@~GHE<v_P&6Vm4Vs&h6s2W
z1$zkZOm<2WjyPHbzvxNne$tq>PL=*k%j+_->U{*2F%B9N`dJDE$koDxNBvQ|#?fas
zwf`UX<AoI9#T=i>2fJ5=W=so&xN+@Xa0QFf|F%UeN)531L}tqr7JCVN4Ty6=uE`8%
zRl$<o0@vJxWeNQHIKy*ZcqY#IoTCcJDPFh~cO3D<JfvBWtg^o~l5P23{&AlZ{K+=M
zrYWg_C7}`;9#lkcKQibUp91eanVGdWYTgDpKjipriMs5NVXQ?*dIr;k7()e3JKX;C
zbh7Qh!{ZJyknv9#dR<5<G+vdGoNqhDGVqIu>4TqWH!q1LJA2Q^z9xxso(5{E6=JYW
zx{mT}x9Q||#&K2yN>N_Abo~{M@QDS5mhm)eX~Nncam74QI(mP>RL6wyapq;IQO8MP
zY5l~%K`1x@w@@7BSNuZ5&FUPQzax~VoL8SDXS-A{s&G$rn&vw^6Y>si{w?uhD&rWG
z-3m@$mO1;_T=DUH&_Fvdq-Vp!8y51ikOxFE)lvc8(6iSd%?Rh$#DCsUAMDUuvXLsG
zATD8mBTnt>(lvwF657ybv(+43OXAf)vX59f(WXqG?ddf&dpY_6SDWiksE^3mz1prS
zS~-i_?W<d_i;h}IH=ywm%749gL(imEDz@z~VKj&0JseH7`4kYfB#ceQA*Y|Fu~}jc
zr}X^H>uyA-{@79WwkB&8m1V;5Pvh!1Va+UT`3h^K*Y=t~X`4{<R9+2=w^<LPiIC2L
z^IWI#nPnvP?B3_};GgaKIWrHOnW8<!FoUz@QsjWA$?&R9^XQL~r<s%e((^vzhP4%_
zKF;HxNZkHH&9)tu7nTwTw_CsxB{ik6AZ`lM{&ns`OdC)W9Nb*t(rDt%>;J%=v(90A
zySsr~XJN2+vsKw}&%vq6GI$4<I!v!uElnB26Ew!&#ipGQCLxIULA=gNFg47{3a9Ac
z*owh3@1Tb{v*G(GQ5#lyFuJ)6Fo*4R5t%+(g$J>j>34!VK8Wym=Y{6AH1sN+CwN&)
zGO}TMKG0V7!l8L%i_;vv>(VVJbT^w0Bc3-*v|3{I+MD2g7Bd{S3xqOr(dc@mI0Lm#
zI5L|=$@roJ>+tJ~#0Xbt{!<pv)cFOoJDfq2^x5JcHLIDq($7|0cEAisc{kX}B1ro#
zbK0FZ>I-;Y*m>jjxL_kY-N6CNoHf%jAu<9{B?iYxEX>Vj*+%ogUu*xd!%n0pbY8ew
zYkwa`)RWtfT{qba*<-GUT3nHEnOBL*uW5}XA&#|xZOB*vJC(29&Q5xD<{QJUECr!K
z4oAV>iY@r(01MnIV$*#iev34AZ@0hX)&Um1(Tp#o?}RK@-v;?F$sPl1MjQ$ZgYsbT
zg}=hkCBCj5l7aeTAmetVuDFQ8rg6Ofx$I^^2PHOM{-1n_pT0Zfz<BwOd}#;v^b{=L
zn=(<)%d37)6Lw%{(+P4ENX0fS0&Gwv;B-SgqK=2mT+;oAxbY8q{*xDe+S-tg_SV#k
zA(E~q-Z6=cGn(R(Ck##r;-$k6HEabwdYW~+yH>Vyp`I@b*5uE1wLW>s|7CdZro(d5
zx9b)R?HliEyc_II531?Xe%fb`xmzK4lSmoeOK%)Roj4G>h)K%yYp4UFGxansqX?!u
z@}%$*5LXshH5hi!MYi8zy!boREF0@y+6@eJ!i0a3(;K9R^$ioqFQ7swX+LQ%1DYGR
z5zcJ449j3+dy3Da=8i{im*dVbIj<91CAzzL7x}eG&<4_&q7&r#Q)+W=1kn`DCUdk2
z=?E1OEs;&seLet1#LcOAi2@lDLIXUCz1->Abdf?7!$z_IL)98fJd+h<8>B>ugFv+O
ziM-#W>O<I-yi%7xRAuQdFg0sRzl7?+$wo@@<4sErIWU(eVVyhnG;=iEEQX{~?P<wt
z<8rT#HIGiD=Y96=*M!N^l2CJSRX=-edbF<vp4#67D|>}0c{D@ZtTWRRg{6L7QOD0J
zl`A_ER7OF4j=dD!b|sAQ=DhTc7Gy3lwK6&%<CG)QV!%xQ8;}-*tt;yWX6k}{AK7^e
zxx;#Qsu3sc=uo@UP&hpB{%(Oly-JmS7FGZ`RFDZJeSGYV`p(x8{w@jV?xGI|kY8_s
zn~3nxV5hgTd2}$HsAv_Pesd@>6FZn5l@I`|uMJedQ#otBIm#S@4eHFvb(ghJmC8YF
zOn{TYki85^Gp>MtEU@?)V<E$K3;xe;g-%&KaahpXCv<PArbdm`a!y*OBHvC)Su&V%
z5tJV%Ir_NTL<*Q=%wBx)xsYpEIlnwROGK-K^&vT(9$%B9z5={&PA9GCy=q!>wRNQS
z`5R_W*L5X4AQY9N!JH?t*k3b{RfZ#Z6$&vAvZS5j^GDSPTw6Qr5TaNRUHSc+>WLqy
zl2v|)VN<Si%%ELhd3a+tlkM$mWDZG(wCbZfZrJ++9XV5E=O7NxLQ=zh+tFjlrOC|3
zpjmyeUzY7mB$f7$_96~j={dGR!gyzub|aX?s{V1v%{Tt84;ThE^&emgoINfAW-q%k
zzWF>$5`}6`xdjyRO7n)d#8rVb3W)$HdWz3i$D^)OAg0&-nVTvX_Y66TQyI#-20%;~
zPV;l4wF*UX_FT<Ba2J~-YI+&Y2sZ`(A#3bkwXC`jcJlo+K)`4Ea}ZG(5g&~YG2$w6
z%tnFQAvt$hWZiAhl9t(K;?XQJ=B^T$SrdQEs^?1P^s-|P?)xHMFP`5g<9ql~(iiP6
zU3>pNXK<Gz<sHEI`T96xdVklL`qM*ey##Xw=FPD-93c{{UTIh8PqzG-D${!=md{4C
zJ)u;f<P~4K)byW!{>QYAXj7@6zz=r?K7|$4v|yqe4IGDsR0q+w1z>*%10K1Iekl2n
z<k#tyc{Vx0fr6(zM0rjxOt~&tvsozBz5=7yfv#uO?#R(&I@$cB2vh+FX4LMjc$11+
z&n+;`DL`<8bzrg^H9uDlWIgY@n?tMHOSb}!)pHekNbGRYRw|E3<<-YGl-g0{2sBd`
zxSPU%j&cOmHY@^5*J4w@#LpCTT_QWBNQft$X|Lonm6_pYno0f@SsfSYJ#gg<jL8sv
z5z3D{GwP*inCPv<ID7io+*(nx1Ru<N_7tW`gj5o?{71sQo-3<}X9f9;O+ngKXijYl
zf9XQ+k~W|$+3KCAQN<V3ec}{jgJn^mU0Fk>IZ2u?K~7NQu#{fuoe-z@<}zI!r!rZI
z!Kq9Y=jfGwq75yFjVth>EkxD7Hf-ui<exFMqBEmAWQvH+>ZQRXhRKbBQT-L8B0-=L
zPV!r_Wh1IgZABTyrZ4`M3AFkg;qRke**X*-TRc(NR8vuhyA%;%d_|8<_UMoGwdK#>
z$LI3zTdB5zyX~f8-f@;e#9SwlRD`7Q0Arj`rG7R5mwfSt`^;nIUZLj7T?N8VK&$3N
zl@j*3aZbVg^CzAqPB9G`j^ldKI6-|<>(CyR{GYK{WhtCHD*@h5_Gp37X4k`K-ydjt
z1Kf)z;;Vy+XXn?jjx)mh!x6MwxqBYF*YTun^Uj8MtfZfW&g}hfukU?|Qzq}NOZ+rv
z7=c*{C=NQW%@Y-Bk!~kN(QFWngd9Y}lT&xF(N$orx(c@z{(l>iXp9`pTnqnaLktLQ
zVV%Z9?M2Gk{P1K;Nu$MYf|I+WM0-z5<B)I6=qMxLj}f019R5guy3j|>doS1!gq=C2
zr90~CO^=`Q%9#T*q(R(Y59q$7j{RyjXWSY@q{LR8ob_at`6h{*oUf*?Gw^9t`4ge<
z;jXNh4=e07PnYx!X+Yt!CQ0{c+Pqp1%D2z{P~zj&bgv?Oqa8&NksnlE^)x)l9GGou
z_AVubCd3ZUQkwAa2N><YSvf#GF%nPV%gZ4gN&S_xFFjhxw7LQa6Yu6b#6sy&JQ4nR
z6dRrVA*wj8CjzXnm0b}r|Kxl?ledXt@m0zQNbUUX$WBk~2e8l&P6{1MMFlHyB8&Ko
zbQ%=U*16jT?F$oJ<p&oi^#=zP81BvOwFwA+z`qAkd;7Q(n0!-SeVt4_Su}cl=A^Yo
z%4-VT$t;Lx%cX_WhWdBQh#Uzp^sJ;44a8a|OmD*V-8_oJHpHVZrEvRhU;`bpV<XrA
zm`T1Y*}}f~`6UEj2Sf|oRZ=!QMv5GZl?CV-u`<W&qfT}@X_RmVZOwY?a#jmGO!<9z
z7kpZ_Ji)zM_}9O9-p}w+r|N0}v34FdYbGCs%pK<WNfF^P4}wBpmS5~^CAXjxY7Cx9
z8VuL(!313T3zwW<ihFy?BO};6U2kl7mw9E}Q==W*eETUPk45~;vcD*~hpo-<)~vk?
z@`J4KfLG_c7XSMLO16`oM5@AFcC+u_J=souZCd^gq{n^NuDy+P#vl%$mW!s3hu7-L
zX5~b@cp3J2Y#99ug>6*=s-OY|dY*Cl(?>e6G0P1*E35?x#x0jJ61E@-aZkp(G{(!O
z^jGDaolv|^(ac{;f0gJ}4|p^fI(H7nZ07AwI7p2K^3&3rv9V#VS6dQTS?ebG7mXUX
z0+_1cIxeh!;B&$Aj`JlN`k|o@m_~+XuqngwQp+Bqsyu+QrH`6v<nzJ}pQK{_c&KAc
zu)>=>bHp9TgW|T+2#A%CX6a9MpZ=k>NEOOc`+Xsckq<pPP?n{`Qvq-aw2S5G10t*1
z-@?VOdv)Hy-QE{lnbw&k#HrU_<#(~Ve>-z5<_+Z8^R%PJ^emEPN<b&bDevmDpJXcc
z@wD~58VQfznW_te=X5nQ_9v$LC*Z*EEa#EV3L~b1eFuztNraH=wc;Cp&^(pP&#Z=E
zL%ISS+>4VFxBIhBIq1v|1jl&1gp8ITAqW0^k>=}Legd5>wZ^ILOQBtMl@?tR01Du>
zwO#nG2g;|$o0ZYvGRTi&E3jiAUPo+WSsPD=Kydp?7b9IAGX5%R(sApR6jzMl#Ew`B
zs^OxPk2+N6TC$w?v_YW}^wAwjDk!!hv3X=7m=Tbj(>IQ1H2CqAm#<GmII4dq5fiFD
zx|o(4Yo0i2(-VL;9L<n4zZyEuBDk@0-f}F9tR0SF!x5zAsv&5tRg3Gr&Q8W2j=fW%
zcD~Hk7wvxmH018(cZ~Dp=_?!3SZ#+u-CGM5z3{^%j*A9vR=oDsFaj}R_TF6wUyEf-
zhwd8_etw9nj-3HayWUi$DPyRk&m)$+zKMurwW4+d44EK#<dHye7v)ad=t-C7qLen%
zkD)wiEYy<HvEXhfX^dom`G)pXyW?r>w8@*Ryq_F874FG6TX|OLi4<|HcZz!nxq(wR
z*HecH2*zm1hfbzo@CxDUYk}_Wm*?vOoKYWH?H(>Mz9?jYD6p+)5Xg6)0__O+QrfN0
zXXg+IqI5~gq1u@td+AGVwx9(2#ahIFWt9_mBF5SfC^_gn15(DA#u+t4nBYy)giy^V
zge^$ePf~{Q(m49dVySJo-iS)J#tWZOo?fPA^wqC)@TrnsjM3&xJX&r{V;(jWmn8t5
zt&nH)f9DBg^IeSpNdYjndAT_Ox3=FJQG2ZhReMkrf6i58Hn!CcLG&3xG>z%vN1QsD
z5eVW=Ii^Xb(4#jtYxrM*#SFc>n_aEfhLR@VzeMi0KK~S+pt3DHzx2ISTD(l-M4l@=
zzN}k?E%$Zzs+WO;a-PA0blD(10{)Kmc}i^2z7Pu#k$)Gw%ke4xbPwWWtQ|CZ)VvuL
ze|jj<>)~!Ra{?K0C9d>e*Crlw8A>=!4O%Cs*ZL%JMUkh!0MQoR_1wdgn|Zt=^V%qE
zqll4K+4I_T&3w8~gsrvST{U%0t|^bqhHjoXkJWYces<G2$kNR+=y!Z!u7QW;30yYJ
zhc_tvV*lpe`7)>y-=TBJ#r)Fu;?&Cq?*02GAmwv6Sz4`kxFLKG5FLbWg!3H}Huwkw
zttwc;)@B;b{fF--Wo&ggG3h0myn!#+?h8|BWhNku#~B#!o=8xT@W-{hulS@(>Gd2r
zl@s*+DarJyc$~1HAR~YckNmMo`kW-}87H{L=8iJu3BKTu^{vw-GB?ZrqwTBXs@S@}
z5fG)NOF;xAC8SG~25FE`X%J~pN@`RZq(P9B@X%dKqaf1K9fHy+-S5mn?-k_U-@Whi
zJpat+u;;tiUbWZSYt7+|&&M|2<W!T9uYO-gwjNjLN9&izO=vU@dpp8HJDmoSmoJOO
z7}dV;C?quP80GFxD_+GS40S3e3Y7iCocIX-^NHKEANSnWhx0^6W!?DVIM_AF*4znQ
zq`wz7Ns$>^i<ALeXk@vlH9HnReGTJ4aSepiIinoDrKy)<4w(5USQ=~JN{TghY4c{`
z*VjB)6?2C?0#(eM$gXdJ-L0Zm3^Im^K}KPD@uM%fOYHYPtDx&nS`=ho5Sg=l7+<d5
zx3Ka>;OY`Hq9vRoT9&#{qKq_suc%UEx<TN>*=s%_nN)@5i0|JQN4Z-Qe|!?UIir*F
znM|LP^AB(PdZ()^PsCcoZhvAB{IUw0`6c1=z1^+omoE}I9d2#tO*Hby>qagVeD`)L
z>xhhh*KpA_#OGoH2D`B9p0;S(>;uCl#`uKQM_Gp>*E{oEWK}L3b&AnpC5Hfa?FgH$
zdMu=(;}LYdV-;b@e=|po-=a`N*(Zg_XzfCt5KV2T`1L*fzxr`euc9*f`(NtlgXu11
zwIGJ9>3&q*vbiifikaMMIxuP8TSC|N^iAF$p_)2DQeWT8VM!*$>h_to%c%8rBNb(3
zJ2y&;I^D}WIfJtDf$5k-fqP7ENMl9w&*bxrhgQ7lF&}la?O*<u`c%;SY47|ui9N+n
zW#?PVu&6UQ1Mpqy%Xm6opfu|2J)U?d74cEAUO?{M?)9jFW==;B@;fsT3QR1nq-{3t
zA84BFm_H0C2eQPRi&#j!<pKY~X_Hd3q51*|e^(sSqRhh{Pr$w7#e(WU*n(<e`Be=b
zWRboN-GP4e>5u9Qe?0Q5G4vf^x09T0{d&FRro6MqHh%Hr$cZboyv-u}4eXclU4t``
zm__gkn7xP0A|GAJCatL0)qu$?bYAcy5sVA3=NJ-eJ`ev7PLAefj@m~xeUwBmc7vx)
zr3ah=GkcBXurADKKgEb*-Rso4Dt($UY%kIOc>F0NBF0S2|JBe)?t>tWTee?pOu*tZ
zY7Lx>+b&_~HTiT?CKgCCRbJ}pMoY59DRVnLy`IR{{l=g82!sR#_cy>djJu=`Rz7ju
z*$t<eFs{X-HIUp%>7}jOt<gD@DE9+mE<gwW9;v`@?zs7~j$SdWK7Qr${T~zj^oj$g
zcY^RI5)22#bt4FD+mkoQOW0oG{mGi6m>e;G;X@<29YGq8Y`=z%w57%Q)sd|HPBO3k
zbv(5Lll=?=S}rwK8CklzCDMSx{!PwH%k-360*6L}BumTJT;&0+`pkKTrIwxz4z=xv
zceDl`mf?KOU&x}fzqT-xIPEdUZBu1E;MJ&Vn7zz!(MjPBeF@6PExC3)RVhd32m!rN
z&8`r5ld1z>^|tgUab>KcuUiA(6I&Z@CRt<>_k~`uL<;HF7!p;Koue-31VKO9PwvFO
z(-i`AQReXn!tSf_`@!xLJ^mc##FX*4iF!;|0ykN2V6r&AE&kR626YF#^fF&z?-bFh
zI$k_V|92$U45ma!9_u$Vsi))}P!<}`uVfB)MlN0nIQq8;(kAqKusnCBPIa%I&G`bp
zCBD0%Jk$MzRHphJqGICjbA84+Om-_vC;)Q>rU3V!KU*95(U&KLkNT03+=SrSkZiwq
zusjJ{!!ODaWq#cZ7StETB4QP(!<{9XDf*@;RcReDKI@Y&CMv<#v?bRIzf#8_HmgAY
zKr9r0yU(Xk7L5x#=_N<uf+RlIt(WJl`KULrT<|mS|Hv4V2|%J!GFI@wt5qxcH;Hq4
zTi)&Z#N{!#YAEH=0lVM6vY&mw`ch~Tsa50#uVI15yGKEatQ|33k9DQUl~x<eH{SVi
zdXUFA>n|=QUOVDqQO}&RZa{eUGa(Gq+>?3nQzRFK^5nIK{=<+;*-qBRIW|*^_%ii-
z=Z~Hz16e_A_5|jXw&yEaW6GRn(KU(q+3ff4c$l#?h1#mvIN}L16s;DOY0p2#n41z1
zA7iVxYj1;p0gbOd*EK+I|Dx^m)YmjTAFo`pxunTtZ%66G8*(3V%|pxcjOyrm+Wz?7
zOEa68kVNqLStpEPy=g3wCAPIQA`}3dO6%v@Yln=Ut}&E@L<qOysSR8_)WyyoJ>M)B
z784T-7X5Z?4mc%ffk4j#qYjPayh}*XI)R=)`cZ3o1&zQTU5s{hRDYUK#GcqOFaeu*
z$2$RhFqCrv9f^(*<>qv#duGlBiUpCQmpuSE3cLd;(<+;%tS~NO=!+drxh5stqvjpx
zL3#8d0JYSM=*l+Yn}VJeY&KpAo5VX$69S1Dj6Q9kt>7fMg9{zWuoZ+Y41bf2gGVDJ
zh1e9)X*^K?@si*~oTD|cZyvpDU`;KO?%ZY6Mol0v;U31Y?zEui4V`H!&qk8`a^dsf
zQ}LH-=M&^{^DBgZX3ZCBsnk_?VH<noA|=G7A3i%_xKw|ZzzAnIaPr`piyF&hbiX0>
zX$Q@E1pg;f(jy$V`g4FKHXFYLevFFx&*v~)Y87}ziq*VBEm7qvZyjkWrR~QH5Y$qW
z+i=6~Z=be82^Hlaqv&T^R1Iy)*4CRxs?AYoXr<=iM>;7&g>X!)l$9NdFl1`L142OW
zCNU@%rr{4Ao5yhfO|RB=S8Muzn0g!pz@I{_poP!NJTG9sP+Ir-lIMv2G?M2Hy;RVN
z7;F1qfoG@7M>+)o@b}?-WK_v#M+KQX?ic{%8Ae99F|p771^dCE|BWB5{_|<#-%0yB
zd?ttWPCh$*Yb$VqA5W&73&KLJLEi|3LH&cg{rncy1OY?;D|}F_-_2D35&GfSAmFE)
z8W<@-QeE?0WL+Z{p<rFZ5&4GEuLT+?8PYlEKb68UK<u-lFHUGBgv3f&gI4+7fA}Hm
zf=Y$2{^K{U{|+7s+33jKKzcv+fVAD!I?#r{Y<>7P1|U89f=1c_d&A%&Bu8EU|B<x6
z3k&?VTmG%IzbmIhTNh?vbp3bbYiLorgJG_T(H-<P&=TPB68O_ONsc?`*5OM#`xZyC
z-dCQ7zKK$A9>|FcbAQI9E6%`mMy4a2JR6eEYjj0g?-dS7h;QuP4yAF$wAQktg**+d
z&l}Tde5dx8OGe7kQN@1cc(b-w=WNA04yZTX9b<!S9`b3H#^&BN%GWXisQsg^$`-)H
zI@68IKJh1LL4(u_@{i<Gdr73cV4ZIUQ8SKary6%~nBL{c`ayA0Y6NwiFLa%cY9?Xk
zvrVZDziv^hK}D-1DW`1I16e=Vold)8d*KTB*g*W(IE5Vc5G>i0+a-9ab22@1FOn5I
zlZ}C%!iRS`&554Sb{!4wOD%$Ass8^d{yT!e5sv~5KSdYhxD+K9VL_YO^C}b6KoU%<
zGt;=e&}4x5yIgATE80I8^@53X&V&f+YG<)mfGYb{jl2oTL`1x_VTD2<*<?7dW5K<f
zuM;xDaWw+AuwGCVC#7Bk&BS36#nBQ)D4PLWxUvM=Z3a|}F%aSes#KDXBbIqsPW|_#
zAu-~<#)7(rnEFK+El~U7vY{}I&P3zxLd~BL;5S>t`GHLHt0HqiRqTcifsQ2JkuYO3
zWB1<Vh@UR-e+@XVMXAaTib3uGm++*UIiBJakbt0i1Obp=>OVAo8k6#Hy+e1%qyBIo
zh@aC<1Kq)v1s#{h>3zaoBa{<sKNgl^VSXe>2P)ED7z6@8UHrl4A0GLO*v+p`5u0QU
zG{Xt8*{4t0T_=}@_QH{$L3bP<!fgmZMsz#jKade2%*kB?=jWu@w?NHo(7prr&x>Tx
zBjJt)=jXVi*}?@p>1P<gDUJr0@T8-i#^aHrL3e&}G>D&*j&@{2=+2Q1C*500MqfUe
zY@z_Xsh<1m;Pqh?Kh4s)mnT$3)90rLxXR}4U!RK8!OlgRUt4hPgjJ?pG^-ZRMKwdY
zSFM_x73rkRJB0t(k|8C!X)n5Q1!W$A-=%Dnql-Hn9jos=*RvKK^ggs=0uT`qqqivg
z?d9WFfbzS^r<Zh6EH|S+?!X>(oFS{Zno9zhow-+23_%K&n=8^T+B2_OGE80iv2Jl?
z+K|KXb>FQ+>-NS$>sFjQTDLI6l0kwZ7sm`Sx`r^9z>INnL?u9|ZYa8Od+Pcj>=6PY
zf3@7`BDd_i>^C%IuII8k?0tyE&&@#u(8!qzO7rfV=H#dfv#`#&zL~*&*t^QK7?0!Y
z@?t~MoJ)k(^*R4z-5g5>`zy!ST@-`Xt(%6{W&g46rP=7lFXzpWqpKg}o;5o===+X4
z97&076ZS|LC~dAvyBJ)JmD^b|C>!l4VFLa#z%Lw@M@u^?HkYLp?qA=8b&&tyZ#|%^
zI)K{zSArgw(w<$C8gK>m+!vgDq~{)fB_#fk!e8}*Z<mZ>M{T@ocp$4Q5n}fgh^-v9
zyt^ccIWO69%)WiWag!rI&_CVaH|~a_-yd;O)m%jnQh=n`m7P0c<ySXAJK|&?)JiUu
z)R8r^>_Jw*e-xtXL*{b3ro-5$+FSt=fjHR!wfsJSdI9cLg(JbFph$muDX6$yDo&8j
zAj_&H8YtkAlb*`m8pltt(+}r6t`q?7Eufq!@3?=c5D9MFVU8|-rKg}q{}f}@f?+|7
zZ3zalHw2pHPkP5;k3pW`Gf&#$G#GG-&3?yqbV8cO2VG+W;Sc2@{BBxk=%kMS9tQk(
z$^9KQxQ6LLzg;+E_w<L`odG~+JmCQHe<<*$B|ww8|1(P*hrtO!LnkfqCk!|WQ=rBE
z9`_UW!xG@$`Nb0Ff42lQbkY*1!GM2=`>(=|ECFpWQ2#$of%8|EfE4q?5{2NNB|MG;
zLlaRQ7^MbT!0`BsWv~4nQ0{`ecp+jN+-Fh)XY6+Ds*EeBfFf`o!!yCpM4&5S0&2Hd
zdvX*XT<IttgYgdJ_C&m!F<t~?7zF;s6eqZY0t&>*$$$c}0uLwvJnz9H3dG585e20F
zOEiYZJBX8$@eUH{&p-k9JM>db_B(fg<dM5W=yQEPwQ`D59HX4Tzz*>(_#;`AIZDj_
z!(>tOoAT1!j<&_|Y;g|c;zYK<0*&xTw)nAYFa2)YqhtYr|4bGqxPvPX;^bH50Z_Jp
zcsZdxh?A512cmu=RzRGbv@PFH+x}@<+fz(?#2xU<S>S!ZQMQ24zeM*_lya0TAhv&o
zsBV6x=f|X2{i|eg90tIB1sXdUqmJYL1?(t9g&j{8$iG__8rla=WaPiX{jXraA~zUQ
zPFeLRMuG0~OH4ui-2skv52UM~mgwbI^89C(fMCE0zk|k3TH-i4xF!A>?1v?eM<|SA
zmH^;~ENJYcw;#v-uV5$bf6A&ymiTbY5+r|R2}m(NlSPhwGWl`b@5ur<I(`cN9#I@m
z$rkIsCyUwBk_E`@smTHY|B@^~?tqgK1>)pnM1fd2ar}fhIhiaV>L-&0#L2Jm4hnZ(
zzqls=6-nUf1N#&YIH5c!mmRq~1pYHwoT8MYWC5}LGg){!N|2tGEP&rj3y$AQ3uEX=
zdSY92oN}-{1Dg9}vOxOXv`5JT0%HR|D!t#>gR%vjlM~v5vvPdX!Z|s)eIV*5k_E)c
zNz(!-zuOk`6x*Iq9>m>IvVg#UCX3UQ0^dJyw&5G2fZMz>%PzSMcx{nxjtu-!6Y_F*
zZzM)ORyN-?9FZ+LvfHj~^bX8XqT`rX&0d-TYe7c|$0+dS(NxAqM{dk@+4X?rV@}`A
z-(k22j;?VWLNtyJdZcsFvzMd>|4<+Rx?j3|GFZ@nWQ`9XB0s9GEO4CK{8tsGjRZ5p
z(J9;9-TWcNM`c%bB{*JqY<oCLl!CSV2v|Xmsw_zk994zNE)ciJj(Y0>Hoz+<a9FUV
z3L<h;wNCy+krz&g@>i1Br2dU0z@MVnb;5qDG{Is|3xCyu0o=nCX}|0_&ffzORJi|k
zYW;mHov6|QupM%|BK@m^bo4)}gW>&x6I%&l1vq)|f*J-V_Y%}G_|*~qd6h2M^0TD>
zi`E4IHA6f=*Mpzs|2VT)aAU5+>)l^G|F2phP+9y74BDE|&`DdI4g>xP?r5i<{Ue-0
zEe@!VJ+|FEj)qR?`2T_dKRPD=7w$iX9cdWtShNDW6u`-o_sLd+1-CzFiQ}2=FD-E#
z2Dbz_^qVDqfdTL?9B8rs1NQ@VWC^k3miWCiq(7xbgO45Wn1MsUZ|V7T+<y^vWC`CR
zO91eO=x+@U=uB|3)nLJG4jvwkSDIjGI=v+Y)srVGIjHzNnVhcyzh~#WpmtA|=|#WC
zyORYeyzh6MJNU`w@9SXTkG|jEmg#?%au6pc4_;6Y;6wy~_X|$!#S^-N>llD{)*$pR
zb;c>Zi=!h8q{5^6)~+*qB$)5`+2OB}h3)UkgNjf1wt)IyfAl#1x=cUT)BOhpDU>Wu
za0m54Ax@4f5BRN#0PWhYlV$q<tV#!dJb8e3V2-i{RMY>GEq+(Z(FTH4cyyMx02})O
zP`&$$5Byb#IsqF3Kxv_|lQHTf?w`YsLKMyM5cRtd^hYWNj`hvqgC}CtDW>=@!l3@k
zDddh+EDgHLpJ&?>4URuU6r`)4mS_PjaeO!ar6u67<NX(C>Ti}fP7ZR<e+WCWgyC^Z
zoG1+e@bE!@N|6R1J7J0c1?+_VPjL6g$*A$TC4TQnoNP5%a4(#wG>ZvNOBMk9_z4x1
zC$a@pe4fk}|Nm9`$$}J~ETB60WdG$K*1`X^Djfiy)`9Wv6w@9n(~qk3BPB!NUy{Ws
zN;ygvkOqGyi-eKj6NToFWC8qET0jNmu_{RyUb&y#7XLw&{%b)B{CvcAf;}i({KGo<
zKdRDCdH!=+nSKg)N67*L|CuaKQOZ#ygUa`#5H&CRp`<%tZ5z8wwg@a*|Hwa6umLUn
z$6!fb1wL&p{@Gnoh8M8M9*kB{X@ZZJmn7v^;brAf@=o}NMX>(KA{c-wberFc;NpK+
z&kuCNOYvVfFUVWOJ8-n4a}QqYA3an^KfMSBz~SU$_5A&RD6-2*QT{>_tiP26_@gyp
zF#tYrJ@L4DSY^OZZ$$RZ0w_@UFO9qZyCB`|l&#uc?#xi5NQt1(K3L>t0k*g7p6pLf
zWNd0z0P7!8CMK6!_fi1MsfD)Ds)Mbag*KK^Cd<*oxu!r0?ZdqZHHw3UCa;!#`_<K{
zTI|EErf4;7m%Tvy9M|3Ts&dEG2fNGbYD*(kuDb{8^@m$)`+%cg$&ywDu)VU7QkAWC
zxY5+atqrX2QviLHhYP*&t6N_3qZ=%iS_g}B-y*n$%3W6{yMayZ!^!BW_`McxV5jGB
zd=s~-d-S#%z;ZaXP@i+K-@V%_RDQtXD$#Oyh&@%cI)S=V<}+Ep+A_KyQMsR5wXXo|
zLOj`3xmgayQvhF5TH-4CJNKuWH{)He9PBr3u4`-UZd+ciI@r#+vA4E?eYp88TKk5}
zbVOCo-trP)3GCY+%*|;7jcUN`Hws|Ce|K^rCB8%GU^V41KwatL#1zmqy$T?@?yDY_
z358V6Rq<CGB9!k;lx^nRaNb&5x-Jwq={O8?96sC@I<VF{n6(^n-W#miUYQtm-F7=%
zCkmvm^s;in9&KFuGM6)KsU=uFm9n$8oFlY<C=YCW$pD`0HnmY4u2JQ#Ifnt$Rl8na
znwFj%&KPv=mMp<afUWIS?avWHdEgK7MFj4qRINn_RhAxn-8<MH++2@$-kxk36x!R5
zju1LLSlwKk3*2s*!=`8oOy3^1tlD$lT2=%0H-Sr)yK6wl`UewNLF;Y5-2$PNFZNa2
zGeBp_&OysuJfM9zC$vvAwy|wVxK!n|KSMccIm)f=+OgN~<$O@yw9a<RSw`7K2A`ty
z4n?PLpj3Cg&A9%fbv7wynf-~zaedEOeaA!nsGa&7-hpYreEcEi;yI5Ux7ypl!9A<(
z%PU>7_kbXWIhgC5xPYCqkR6p)S(<hk4$x)}kos&|%x+rLx_Rx?kgbd-xUO8*66j(f
zul4iVsdIB!QK)jbz(PJtggss-vOj*S+#yw4z?%qr-S6B_aMYoLA5q|>(CB!b{{FaP
zxkIM5fG<(tx}U_#c%JJDot8ik3wfPi{Z3ty!-{&913nA+98utS-QW%YjTF1CsFpk2
zt8!q}D$mj`Ctw-rVHxoyvTOm|{D>^)h%D>;O4j{KAbj1um2va^@hpdxZ1^O#DhFDv
z@(k^AJeHAemJuH!@ZTMmYW?ij{p`o<_*c1QSH?B>$7A7expD_MTmTM~U-zS383)o_
zSE#kXk+@pFl%2XzhZU772V9o8St9xIy3p-W`tdsD{c)*shjeWLAEGw+oOiA(Oj-iH
zEOB*yQ#*A94lDPo90*zB=7`$H>mKiqYm_@=YYX@hwM_z~zR(n-m2nsNuy&OLi&lA#
zb~zEtNH5EXAJNhrK(tinx4G`OIbOHBQ|AOnRyeFwx~^!IJ6Im{zI9ju?V(k^rBJnX
zS<5+9+xY^^jV_iO-b56$L=?4t*z10vSwK61wg8O-S__2Vg2TtE99UPlw^+z4i_U%(
z+K$jBQgI18oYZ!GBekx00KU$!2)$bZ*v=uBvE~}xX(N|;?3$*snIv=0WlqSMb$I)Y
z%5dOynzbwk$IduylkR=G)r~7cAFc`24GtdQpCL7S>Whe3d{gW>O7!c*TW;nGI0-f4
zsi~iJ7*z}&=8`b*aYSO7i+ZErCHm8~UohMCE8(Ue@Fv8BiIL$X)zm(uGU13MH3vik
zP(qXZr`vTL3vq6d$^>yGO1jZ^h*KN0N)32l#e_+b;k=<7_##$bk=7w@V9cs9;LVH)
zyG@1zt8q7`YUGH#ZY~;y5(@Kw*r_v6h+|DE6T_7#=a$wf{?(ZE$$<9_%q-1{+QI0X
z=AsEG%BlX6T{^f$IR2zENnBTy+<bs8aTOER@Bwcb%&W>|?P)bOCRD<lkqYLbX(-C+
z{*v9F`x_L?D~!9vYfV`52E6ZL!c@tEGitt?P&sl&YMG1XqTprv)Ai{17U49I%H(q;
zYPf+vWGHIN+CJcIg4wWGF}@&M%$0c0ZKg-u-IVpqfcGOz*nP6#?3!d#ssT<Q(#~A8
z90f1OKebn9wg_jNRHl+EQQK{%R~*^wlbsonr6pQ14l0?<d#*%XH{(8WQ8QMYL2qA7
zm>yYhUX6hn6(3h*fVt==6uf+Yx_%w$VjOxhnMSTeLpS4o@me!hwn6VGOxOdm;DVa3
zW>k(`k#XjtpHc7%{pkjDe2Z}aDKeQ3u0&%u;{kC|b5_Mc?{rL<30ZJayMZ}XDOXfB
zW}<1*%)sUU)kokM;eoas-)#R4yv#(?i3Rq|@r8vHb+KOYU0&7pqITDiJ2vKp@rDGN
zWD6-8(C`!Za3VO&p-Cp%E8baj>)(C^{y*pax26IAn&bc0%0~+W|9@&b&P4G>@2qdO
z`9e+)f#zUTwtu4Oz0M*<8*|fAE^t`3SG>I_Yi5A1w3t(qOsuyUW|}lT&|_nc4}yVz
zh5m1Wi>jWhgX{sQc>u`C0jXYl(ZT`|j$cVhl`s4TNgg!L2aad$d(?vR>@xa*oNq+n
z`kf|_IwTOjDI|~{B)xJbB)u;uBz+zzy}6P0o$?C$9!Ldsq>u`J&H%tEgm8r=LR0Q?
zKvVo6g&DVlXxWWBb%W7=1K_*{Cnp9mQ1}pH;NO9Pzh3)4CH>cw*&(Lwip9VS0KdY-
z?zI=i8n>(3m>V4$-}&S7-9pfzUJ;suz+WN%#bMxoNgPglBi<Agq94cw!<5nC8AVXI
zeOggSqRzYRML_IKAtW_l79=U6DL5Xx&*odQG#?129r|489$Mxf_h8lFoY?>3Fffn~
z5id4@7|Mc(8)txP_718MSX!Qb&*;B494&JXC`vR9g)e#CyxTWhwm3_)_v)Z3IB3q;
zUer(=K0RPCC~ae&Z%$Ln)nAOO8EtmY=U13<hMbK#I2Rm*W$}Si3h&UCa=j{^1?hCE
z#)8ua((yFGm2BY)odg5_3jH5}Z?yG-OiuRZ*nymEo9RGowgD)={B?aEWLnu1V)_PI
z9|+#aI0s#u;MY0$75zLoQj&9-dSt{El@gTK6%&5NfnN#WR}$!oZwf7-w*ZmMgh=`p
zL3+r8)}!x%^iVh8lMTqi)cOB0`Ulv#H5Ve)3z3=`fJkW$f?UB&Axbvp(7M^sx}8PP
zx~0W`0|x#T`Va5}IB7FDX<3Mm0yrOB5FagYKKfn#!I;ty=O!BB=JY9mIhSTM{HB!6
zzx!Ah1x{1Wgr@!LkDZCov}+&*;K84tPyaaCQ<?7I^namFpZkB00=t}GbbYWZ2EX2c
zUk%|`TktwLNK_2QfvWth=>fB<Lin{9etipF?{Yxe77P8C9~s!8Y1g4?3;^`G!sX7&
z#*cwt?!iA&K(HM)XvT?;0)0@7I&o`3R_JPbQN>I>b!jp8exzvc27KDcnm(@PV6>}D
zqN!77AgFvxAOau40e=G=3<S|9E}elI;N%@Pzie=&2OtId4@}@n@lDMjR@oD}*~kjr
zBmr-_<Sx;S-00iHwftr9#|*<rF_1S5pkR7nButkOWUkE+qBm0y(c6dLrGRd(=|eYN
zA^N{9{-1+^{|)JbMLLk*-N7X9?1hD;z$>N2B~`b4L1_-K=o3wM2Q7oIjEo$R(<cHT
zDmodC3W1|!A(S&SJETLnLeiQcg@nI?)O8(Fh{^*<A&qc_zk(Fb0D)Vk;5Q2&LN^Ip
zAZ;Z=H}7&ll>8vo8n^#J$<5`?;lerPR~mrLf(~TOOEQo(-5`b9u|nF%f<fA^fwa%x
zH)^E(6Gyt64pwx31CE4Dbq;cyUoNZLaKhpJ;7ZL?6i(n$#_d`lP2g@JktTm6;R3Xx
z*q`J7tKoy*?ET4|T<ogdmNKx7H2`Q=9<HpnQB*pv&Uyt_?e7d8?r-aA9d325Y6H%@
zi%nHKYXOIQ8x!><hdX;o@mdvo2i?1Ez}igN_Lqghz+MXH)fCIEcrBN`Z^LSqqgAf!
ztMx2Zx4_qHyKZjm*Ke|D1A99e_AEmCclJ8x4xQHrbA&2t<>PP63XQt%<nnWOmi5L1
zoeK$<lw4iElv^GwZ|pA#?XAsr*N^TCDcnXv#z#OvIFFFvhM^&8_0>7=CIZ5_B}4=&
z1cV5)6-4TY@?=D8AS_KFIkx?iL3cO5zN%p7V0Qt<<n4PG&W9+XUcQVRL_gb`<8+b7
zA^9A;a^lot)E#=M3j$g(ZGuDbhfSj@^!(-~W$pg^A9~X>7wUy9O0%~qG#;$_rzgAU
zlivBj$k?fx@0PN_XKLU|+sjbqyt{GLG$nqe9@vkVF*^9NGzf^laZc38vdKO$_+F`G
zYd_{zfa$DsZ+2%f5ZEd+>rG#!F#Ynlw{&o=iThnze%t7d>NWrz?Afnu1BWkdvy?Pw
zY-79AomdxQvwK(A5A@Kso>Vz6sN8G%4ieZLpP(27SeOsCyyh?7l%^Tnk$tn;qh2t3
z@yg7FhVsr$X#l_U&J&{n^Q+O~99i45<l%hw+G9CPT$8uvH3`lS<5sgAYM(s_xU_t(
zC`MP~7P`Qv{N}Iex&3bUeeRgf%He-3Ok}efRaNh{Wi6%8RhzHoqw}V|$1r%SO1EUH
zk@;&yyT?<qh*A`TL{pjrM8yVD!q=*wN+S!Ap6%|ek1b{axWnS8jEuy4C=o1*6Z#iX
z^{c4%vS#k--mU22e0DgwKE_fQ-lXK?A7WTi<AcHN?d6}Ir*YT8Z1xfQVJd=VHIN@5
z-;*^%mdI(LEpMuR=lv{g&qw?MLY#DF(xkb7sFfvcY}Jd~Ppz@S-fup;RC!kzXux_o
zpXFq>c*iNH8~E^kZMb8Nli9>J%gVlU_~kg2W&ana!o$7U``+1wSJcc?)ZY39S2$QR
zj}%E<R*S{Y{WPtV!8gkFW{BDUT|s|7$L%&6GWslaU5TBX3m;_1SK|-%0(bqmJsPT%
zo|1ge;u@XC`bcv_QQNS)n!)VxohH?2jGdw(VWGjycK_!<o2LhHgb8}}>zYRwzkSu2
ztS@?v{YG6%p7q*%%DeY7{Y9|k>g5R~q1WfOandLdq9~k7mG4=z?B+N1q^o8z6$mQm
z4bKVpyi5GNqA!x)u1jT2!4EK~3?d#5Bb;GwXSPBKg4q+hiatDdHPT9$pp@)_%k0+<
z*IJ74;+{9|0Pqy6RD2pE%DH_<c{6{$BJbgVuwu{WvqBw(orGt4)5A@j<@i{(@{%vz
zB<N#|J(%46v>~fM5P(?snP`2wb|~^3@k<_+;bBBp(>^t#n<;xA?~-=hvTg_>qIoLb
z8<w4=WjUSK7>F#Gc8@+XW;*!JlhNmSX9;h|S~B#Hoc;P1fbl8iqVrXX)bii3y$S}8
zZ}G#s%S-dFZ<pn(1rDBUZwWRLHV>9BWY7pa!**UR<6PI%qm=~^OF8emVMhyge~tM>
zvUGJ5lM$VA*8+)KT+KA2a;^02F2R5}&mh8!GSbE7nra#&E}^){Lc50Nh#LcRiRWI5
z^nM6?M1CuO3Fzzm@TPf5MKkDT-{Uejm+r!4CmoU(nZ5D~22vr{Ye(~Ffpa)S>GUnC
zD!JLF>h?X${`d+T?p8?1lAoN?ZoliISr~S%_gPpO$z$RRekRh}5$ii{@|pWegsk4}
z0;AZh*#UFbhxDv5Zw+@|oLfD|WV>0e9a7&B^XWdC_?#eMnW5y;?cmyLez((>=F+2;
z#qbVTB|BFH%{OhQO}+*^vrn4?e3l*zYF6!bH~l`mBRu;`@YQUzEhG9jxpqxj=8bFx
zVr|+szG^-~#Pipe4azB=Mi9pO9nfg_-sBhS13n?(c^Wh;Hq@XJj7#Jj-+sr>#MJmC
zgKQ}geb79O5g6{Tle@Q*0loq^(KMZ~LU7W4BzpA2E6%gQcmV%-3sN?AClBF|J}fH_
zV4I~2j_UNnFW!8%P0_iw@X&427cX#P_*0&>*OHBve{HBcqul)vd;W7(A{k5Vwj5%%
zndZECY9r=kRJ&2GsNy5JTGZRBIa>t}bI&m>iEXIK4_N_Q)|2HNE|dnk0yKAv@|F7Z
zHC|-r-k>I{JP)*tkXXEBzIx4VzEoiomggs|QIW0rR`~3umkvXEcwd19Ym^mxp{Djj
zsz*;L`Km`vIs%`x1o5@yZO1*HASF-l;J86}>rP*9vbj}@&xMp|nLA6<EgVtpm$1JP
zUy;0frgxtH5y0>ejgI!CGY^W0Jt^izUGik}A=X7M2XRs1iCX1A^BZL9`jsBuU81WC
zQFtr@x@J2IMaGy4=x)zGmiDK<oUc1<>r#3Zm0jz!7HN~!${*pMSjqMA3MUt%fZDa?
z=8HY&rmiVlJ&O~GIe&4fCy;Gzpy-iAJ(t$w@qqF{Lc)3=dKy{qrIADtmk5@l5j)0b
z$IrI9<e7aOyx|u<2AT17I(7HH+kI{3K)tv_v*+khJ10jF^4yL&O5+pEB}rC%|Ayy_
z3-#FQPr`AFsRtt{+ucS3SEz6?uCcXA<8GPyR#LkqT5bgk$cP5#k{2)Xpx8|;JiD!z
zwfy#h`bWCRJ%C5sH~tKtdjEGa;x57h$|W3?*a_cW^P!!mEDE1_ajLDyN;}2R%-LOI
z*!qHhUQWOSInQFpDmB$~kR~~H$ZDJ^v~}75{Y5gnf9e-6Zj^a+G*qD*ta3p?QqShZ
zv!hzEUJ>Lf1Pn5Sv$O;;A%D~_DOL`boJqOoxtK!xdaNEG$1+pKKktgK$11GT_Dq}q
z41sn6>&gUnV0&Wuyk_a^VwlVq%#x{bOed0on$f3z9DV5Tx)UFAX4>B{NV{o#p*-;Y
zhfs_)*=OX9?RCQ0=LEJ9vQ6y63DTR;6K2bYx#-<qP|!cM)p?UthR)0_I6L3WLZzIG
zsFT8{Wx1^gzQrX=#Xq#3!W@BW^c{Y$$aE)Zpf#%Z()J_IONXRIxm8mQWLMDmT&4tt
z8lNIOZx+rS(c#PL6h1SuN`<WtxQA8P(bHoO?e^9YDbb<}Z6YQL+Y1|i<(U$DBl03D
z*XmkCnA5bNd?l;KS;C?;&1Frpu+{s{9@!EUQpOM8<Zc22+qL*cFQ^z~10)olSnMEQ
zVsh=$BZ|;Qw%*>l^p<xcX7!UeY>`M}G+O__MDy~>>+01Bva&I2eNPlRo2iM`_-7kP
z+OuDhxTqG14dQs*g_fzWc+rK=$)OH<p=rGJ(0;07&#=2=#r%C7p%S%+mH|~(4oyFD
z@2d{li|2$W08{$gHQC9S*M{_6YUZ&OHxs@#7%yk{<Iq3w{Y;`sv85OtdwCrrA_Dgn
z){9!ji#*+~yVarJcsvWjX!u<3J+s&nE)KI@eny*Toq<M9r=vtk+Bd>q8g$m|%!Eho
zE$_-6ZO4cYNEK3)lM>djGgAe$4OAht6}%5*-RUKsjY|Rd#N#G?q_j*CKh@of3;Rkh
z=@4?kX!EiqQv@|)@nTTu?sHmGD?QtLq3%y9lpSnV^IBmq**wI!5i4s(pUElFei9s!
zPn?pX8rQHMXK-10N$VCl%^G@si|skp?e~d&J-CZRI+~F;8(Yv&5^X=`rE^Oj_}+BK
zT}5IU`EG#C47A*(Gg24Z2XN8kTc3VOd$^cHL0dbUggNA`+B1jz#4K))@_P4JVxsOc
zHTK(~db3&;UX1|65qXdIq2dB<c5la0+x8Jtw-h}!d!-eL=RzK<ES98jpl>`+Xx<n@
zdi>2@5<x&iboshkqlNqZs5k?pi*NET9ilcCXs8UtA{zsBw-c2j3z63(i;_k5pC?_g
zv(CAug8|f$YFtEl!_XLPU!!=IOk-YjgizHZOs4=nV4#;LTp$)Jg`{Q`yNPVpAlS`6
zsgN^D>S6XyE_-vKG2TZK`O2}U(`at2&m)OY-6_Q!3Zv?j2(lWM#z#{#U;74isM1g;
zYv+de#F3T(cRa3UW-ql|8nzW^cuwZl#~2w*Wm`tfjGslV&%(@ub`2>#d{6k`k!Q@A
zb9cOBz2m|PTc+-3>I|tYSHEL@A|U4}uh79jthG#P`_j2a{sIXJ2Gc!a%CZJdE3$qY
zhinWRS-_*asn382krC&s&JOah2UGHBKtjI8Cyu!LsDN3G2kwWma)+GW@__!b8hM-T
zjZtQxbdOi7!eK5uXyHSsA@Xe8g^I^Dis?Me3yYund-C(hL<STu8u|v;a>2;3=_N1R
z?-%Atl597r7^7p0F>8nI$n&6KRtZRY3h1Le%I~6hI@8$hl2p$qQdQd-kV-OpMglOT
zsp%5t4FO<x!WS7M6eit0ROVd8g%<==Nvqm0kjutWC!MAq9ZIY}&?b!(eIF_;pq4oP
zJX~k-_PCzpb!YOn$0{GBx-c{v8oGRwSQ(!qn0BbdO~x7Qv3KdZ2&csO2{GL+aGl7P
zDC-%^Uxuk}kwjP)_?7g3E1TC%TJ?YH)uIZxH534BE*j^refMXJWE(4ZnAa=Ga!%r%
z%5*AA#SDUH#hf`^qK?;q;1|xdN3g657zD~LXQFL0{FXl-y5oO{OTwR}wtj3pAh(sp
z^o_?WX~g(E!V14~0-F7_>f3QF4)VC6aVhfqp6_8!suBs;m~1aO6Ap6<_#k2xRnFg~
zzetFC7LbQoy(o`Uh+KLej$nkyvgyg}<C{XHcUN1%nVmI4xEtl7hu%_m7qPmhZ={6B
zio$?R^s^`0Ivu2m&Cg>h-6O6G+3?@Fy~UPmrRV9?*DcpISj7_^IcaYZo_F<3KjNNx
zlV9OYA9AU&(U<qn5u>@@C_1|*d?rK0hXp&Hsr((_UDH3O%DZ}CyiU(dobFu=Q<1y-
z&Rc5z))SiBwx#S{7?`+39-ar!hRx;_1{CWso9uc&*Q3Wjs2q^v<A)8Fq0NcCG409>
zU0fYX@wTAiS7dyc+gd$BKkv5qIov~D(}2?~jZn77VBH7YI!R@+Z)bJGCe%K4ELM;<
zKCDj!23)VubQ@KU(P@<WxoA6Haj|2i2FjKv4HuKRrBoPwI0*{ThhX)rA~)Wm<FhN-
zq`?sJ3Zg_yNtvV`jq1~YzkA2?-l*uh-=};;o)_dpturDoL9>iJ&$hD7ThZb4UVNuJ
zw^$c<t!2Qsf1A-Kh9Wwt_&V{sWkuUc*-(ixK!+~d5qW%wiN<;*Np*M54DXTHgGX#q
z{ZvMH>Mqxt?1bOtjwL>2i<35BTghbif0p*nHqIilum}zBr5Tbdlg~pp9ff9;M<}Li
zl2?Z?@qAwO@fh4&)|cgfr77RKrboBR=T~OgEnS4xgf7D}n3-B>xGt!0HC^=MS&?UI
z>qS6~fQj0i(+0IlccVXE#sL3!t!h)P6$0g4(~PoI#IqkNofK}$Jcys<7#Mn8Whps@
zCK9e5_`ZJZfwp7p=ynu>{&MG9fDYodL=6sL<#}yep!Wjo@uEP99!(X~BaMkPbL3$<
z4`g%oIo)ed6{+e3O)k6+$GrEou_cYUJ*ia@DA=%KolxJ{sZ|gU;45y!cC;=k3&402
z%g|IdN@cfLj}vYu*Q$7XvxtjEh*UaLQbbU)>U=Q5wzZ6jX|@4Y&t=pX6uQVL7ib)=
zU&cbSKf6h!?LAJJw*N7Z<3=6V&HBPl-ww?3g6eF!Gi`zL2RzFd>(0Ps2Um>t799a1
zBp{Jp^(Ag=djf;`3Ub{%Nu{5vE>|tG;KFy_=&dCxE-S%C@*4dvqx0V}d{QVe-nio6
z>G`}3k_~%Um8{gSc6qDJ=wlbFp<u^In{MQ*&G5ih8wprm&?Q0XZAI9yqVE^11Rgb|
z&qyMQV{ZyuXYdbTfwHcJ4~fw3c1bnX5n%v^u7P(HTfvfgF@7z3y#7%@(!CEr+9zg`
z*~3cw>#lq5kCZ8_mqH}BgM)`<vEFuD5#CP?pKp?Tdg&d9i)L~xxz_bA`~$81C(IrB
zYVFGrE0-6z?SnR6FWGEt_Z|`gn79FcLxq^A-W1qRd}BETSubLs;_?f<e>9X4swy@C
zgd{MmSj)(1SoJOt#|mwP+RM8R`M~aHQp{`07b6LEu$!JU>N`hkAWZW8wkK{~{Vu`V
zG|lGhxB2(*#XX<b$zLj?R&m9c_PSPvaVN-Vc;3nGteq;ARR7c4p2DA$u^o9VY^APc
zF|gh(S==KrjcVPe5t02$U)`Xe*FGov4io4XF!;DiBcl0rV$R>hrB*%U;u4L7=2zpw
z=C`F7#r4zcu_cJkMOg1NsAqdcT|W|czZNp<MD}JOk-pZZVA1Smm3ND6!w~mNFrl?m
zgM$7Ol=i7@o!*3V#HN0w&JzxmU(jE)IP&wTet7roJ&o^}Q$6RC;s|kU_HG4?Z_)9j
z0K2&GH;GpP3nI_R<g(Sf6V@kRM8u_Y*)}MwZwG$~EL#-tu(RA^5&rymi=FxWSG{@#
z?wu#Hw-6^KN&?!Zzxm>xFEdEJxSx2N*C(C=k6$`|cxS%L4T*sF!KfZCCTa{X$)E?<
zAkbUEj9a+JOd_o=aUVNB?uJ|eS?g7Omy1A~)yFW$(pvdO$7)u0o6_sI2fre*t0MMD
zTt3@Bn=Q6*DN~ueAl-1Vo1;QM^_Jj^^6m)4Hom4-iOhO}q=nl%wcZKW*Pk-_MrMb}
z@a^l-$+_S+2^0Afye%o4@`<er%oM;1Laq&RQMje*5`0nAu0f&7@jmA`nz62|jYZCT
zfQBM8a?9GcqOP)IPIafxtSUVCH8GywnM)s41kH*QSs7s7*g3p`{`lkHAEbt+ODQhi
z_EhR|a`9oLQqN8o!@kxZjM1Ip70@NCaFOyB>s7K#o|-1=7rX)(bkM1A*kB~;M#C&b
zt&ws$dCm<AWjkB0L*c1d24qY9R}w0&rUTEc0Xp<j&tRznx&YGdz?YJKtwF{Q_1A2e
z2=)Yu3dn-4RY$(md1(L4n7|-w`?hCk&u+9`!nabc;!a+FFACHr3JAKyvFYAZ39U$P
z%<Kl<>Ze*(NNl<|mW<-qd`dWPob`n+QnVrPd2KnW^XRf@x0pVHNj~QXh54w)B>xWp
zr=Bd<P}Sa-yM5;z8O(a=l%B;;Z#VcT2T+J5$mtj=Vhj$(JvvuOr@T#~-!jjmGl8)1
z)$wAqAEmgYj5h6;?^IlE(hRZEadHpV24;9+LF%60hsySa-lH8nG@=}rxloEnPwE+g
z5nf7_e$MAgQr74lHJYc7zS}jJvI+^WAp)et_$Hp|!<`~!4_}_w*nK?^b>B-nete_G
z!`SiuyA1Rap0#n^3d0VK_X=@Nd<c8YvC=n*8O-HtMCDh~Im7$bZtIdgPEjIQU?wrq
zmv3)bi$&q3#l_biC?w;2%4}_3mmh9hY2DFt(9U!hQ9SL*&Gn(XG9$N(5rw!o=LR%@
z=jQ^3=yZEA8r-NwEBB@qz0t=$`fgyespPquT@-pPS|*-m$7w;LK70P@xhFX4vDC}n
ziT3CAx1QgAE&2LAhDUa<B$6qHKHAFF21<@hmCSfdPYPZ~6k^w|ZzMWAiV+VlKe(;l
z&mE4OKD%<~oyU63-P~MpMgvMlYx>-%@HC+5n(vjur=^k`y4UexuHr)9C)n$2MAyNl
zOrFW(H(7N#k3y0b!wa9Hc;<JuP2ZFg5bG7Q<WHHzX8C|20uVSaek(ioB!}6}&=@Bg
zaV|$h(R!*8X;oe>$1Bdp)@*D}s`#UV-cDGQ7}EDw+JVR|J|!5MLJPy6{Zhk<pL<;e
z-U(@-ip8Utvt9bQqIa>4G*k8(Td3#I17Z`gHk#meO_B_A-rhIZR39y=^H!3Cy>h=K
zcBNxw<U|fotdC^K$KD?Z)Y_B3zh|@k*uml5&HA;kc3orEmNnZi*yGIz<YG)Lwb8<5
zrouHsOXxjATI88CxLF(WoLSd|oUN2i%z$*UQT%D{=pmk*MoBJ0Atk%Yk2^^HclV};
z7D?J#SB(*$d`BLyU6tdZUFJ1rroI|oz40w>ELdAEmbFK_<9ag*gGd`UcKlPKgJgSF
zS}r0T%sa|%*KbZ{@Kzg`lQ#RnSlPlJVbuk(uTdgqFWX2?resNYqP6Vy=&KmF_6P!T
zov})?`ymNvtDA!^S8wBb-f1S4#?R6UzW*|zdi8#u(+1NMUcJ<n@~~~qQFoy$YII4F
z0bUd-j`yWEZ)GokCGfP+-7qOFQ_o>@w!4sKML_hm0{32L$xUumE_zF!goD+`r1j|o
zQ>MC)F(|P7kzZ<LebRs8iQ8ds!nmk73UJ=bASKLS3o`+S>TA3$I-{}~@oGtkeI=GA
z_|nF|@q4DXw|UkEG6|C53OTNsN$$}#7f`MwvFrxvEw?YD`S?=!Jh78lNg{9aTqE83
z;1k4?=j}Gd=558XDJihmCn7Dj_Ken}mo5^+@D+N|`_EZD(Sr|rv28~_%q+jY0U*Kr
zA7{{PGKd&YB3Wr-)z6o*fE{;BA9`5_B-C&Ubl#zYBD~6Bzg^lD>qP4C^y^C`={@Fz
z(u$(p$s_4zl0+AqRDuw;al&*bpY%$L3y;-{Yt6dvTw)}cbR&z)XdRZscrXIvc{0Kl
zrcREysXFa!|IYMH%OeC+26aj4P+;_0ORoyWD8J|TMu|YO%C&*mfNwlHn%dctZ;I?O
z>cXk24UJz?8t5ry7<ms3Hmq7Z)hgYM^@}Z0kgZnWdc_kPNn!NC(I!W_^Q{P~TD*K#
ziJoI#7h|~Ps?xRh+tCcQ`Mrj>TCF_!npAZ$WVVn#xL$DAo=05_nch;2ix36seU=rb
zAMiCWpY7kkyh}|j9gsOi+=w=BIQ+tAlKFEVL*HXI9mA~V((o3Pm#hGToV>iN^9+we
zS=Op7y6EgZ@7C}wi(GMgG7r%fA1TFDHpc45pHdld@*`a|kUI%WH)tMLjn(jB#!*f2
zp^#&%o<)<?m%8sk#?K)>bNP)ZkXfn!Ce@jPmfG{{z_S;acJg{Q-}yb2nj{=1v*R%P
zy)XzO^_g|f-z=hJAxTr!k~SSi6zIK3{A9`@N5iL&;d+~Fd<QYcc2{}){#{N7tt-_D
zPtkpXC{v<H@E6A_72doLIcr7JPiR0lB6E2)jg^|&6JwT+nb<4Voj3X-Y!wJdc<~sm
zytYzb(qnQC)$#uLcb?32Y9>!=qaLHu^qtn*;vQ$OKjC?l$T9jMsa9d=iBV<UwHDs9
zV!8~G)`>3(c$rAhcqnH08ACtRj<Vrfk9?zcDPdcvwU9{_IS5F|d@O9_GAnbilF}qp
z#$7#Xg)Q*Njp*P#rlo5MOslyK7_9ps-kn%NY>z=9S&T({-3_J-=FocvbV$5*<#_sq
zWIm<a_P%Q_Y+b%_EW!ctb!S*nNdg_U?I?GJ?LV~AyOm?1#;^?bldR*Atido<U$zbT
z_-sZZy*p21`o`~}k~Y~Tvz+AeJ<yj@?C&8>9?azOv?nEn5}8RhFWP7U@mH7z(h%Cj
zLc|}Ms$1=RBQt-U;+uPr>WJy>JRA=T8+^lN??Bu+Q_5Wt%Rn-bfN`BxcMScDB|jd<
zGm5aek3~4-N~nNa9UjH^7cmJI>+L3$HM)dY%@fV_B=QLcG+O(gF0gbDWXZeQ$lIq`
z8PoBJUYQjA;EJIqhp|964!lM3SYUW|Z{Lb-F7(=E%l0fA-YDC}>Y=Z&7w0U|%Vwi|
z=&*9bo;TY(saH6&i$8B)^d$8x!Xg_LS|9DzEq7;1+NulZ(_~PYbZETyKW%*!;Xyd-
zG&sHSk=}nW=98?c*hM_%PlyDo!dt^uL&0`d^$OQ_Bc-_L`llAS=*xqEgq?M)V#@Q4
zt3mJCmpU=qfRH<@ZMVlKX~fgNnrmO9U7{Wg%CT%_A)m0iAYz)>6U{9AIOP0xa0#!l
zMzrHS%2#z*FYfJF?XZWZYw)~L!$G4dtCy`}8vfG1rK;AhzZvtw<f>=l&>Ib;>;0Ew
zy*zO2v2(j<*9Goly-n7@76G0t(sSi1?|hUPdx3_c$0AU_6RgAEM__o5$z+|ttqotp
zV&RfV#RBR9jpOI{K@tU6D~r8n0tpiAiCU!QKTM!c?tP@a_7dYwWy0BsR@B?yDlB9d
zZcxmR_XIicuu156lFn5d-E_=THN$AZ{-(3Tx0w(@O(%!{dD{#7)x4WKP!y?E+<Aac
z>2xDH3uBm8o=9jBc_O6cz0dj9D8uW|y*ympe9w=33q|n9!;TS-X5w|jIz(pn@x$Zh
z?=i$%*vINMV&sy3IV@gn*+gGdZl9@A7AS1<RnwsX7Y&DTW-+O$txKQSUujH9J-0EZ
zM0qb%S0-_)w$S@vXoA>p8K{0HaebWHYc@o@#Yg+ny{A_L<u%;ZjosTEZM=xU_efY!
z<)T@4BHW(2m6#<P!lx=dHfj`Z_y)Uj)XVKFxmE0|?od*>8fo-BWasuUq%tl_jM#9=
zt%D1(*L!cJ-NX=x@B|;uIG=NfiEO=5UNcOcc}*;PKrUzKk@Ocmn(zC765&~i{zZB^
z7B}xa#(O%f-MQ$}5s2ehcRQ{W^O!hL%vKCPPEc-jCuVpg&xXQXZ>+?O5&jlihm<J1
z{La~pc%}u!C)}PZJI!C7w1vFoWqT#@(Ntim9m}>PmTv{@W044jyEpoD2^8zPzaF6s
z82L83z=Z%C;dIeJ(@a?S2BhOS+Hrgw)knF?Kpk}LL-cvutQlSBL4USkl@WHak!KZ5
zT=Vq0<VI{aaGwRgbts6}9Vz9j42`^wMkHcBPoI5RBT#GouANBxiZa6Y2f|c0^OTqo
z8=2qJ(}`;r^2t96U{`6n(c$mFYnOzLO!odNZm0-}H2CxI<lkh2CMSCUCH|SmWeS{o
zSkukfg@|>vAwl0^qR2{{y40d0Di1fCv**|fZoagrM(clwOJOO@p5VxwY0Rc|UO3Fn
zhSw*IqKfym19ut6f~I}C)|wQl1V&Mo-}^ov>CVMf6=04)#D5M?22Z2yMNmSd%fs_`
zl1Z<qVR+<W`{mX2@>8&10~%cG6iA%x9vRDm-9NOKZ;+{y&vrIS_zfZ1b-wTrl}ax6
z`K%Mlp>8Q%Eo1JKTmC7mpV2eDUkUq6({y>}8*;xvWTFRWF|e<GyOPY>kob8di9Yi_
zy+A=GdY%f|lN`)No;j^zF-A@en*CWb$3e<?)aaV<kGNG0={0#f+oM3;;o8Nxy@e^g
z8?3`zZwEJZHZ1L_in0sB3pINayMhL<&;}rmRyZi6^+vy1&U@O_YG6J0_*u%;ekI?l
zZk$t-f)6Ng%xi*Z76RuK^iAC>&acE)h7hBMP~4I}BlUh<!cz;er$70f&y0_C(fiux
z15F*7?6fz0hUyy-xwDEJfwTVg2u-Y(UJKnVUBu|g`=TzJUltZPQSk7x9x>mwv8llv
zyZX7PS&A6r)#nwqvI$GtniVRcJg%%VBp1z_pE6*0865)1k$U|R_5lrOwk%ELNDM3A
z<R!zL37zhYI}og0HvAL<6Cf%rWtfWa<m<BL(SGhx5In5M<#zV!g;GG<ue}ZpNLRIy
zs$~oi9t-_KKCvP|CX*FoTPKYe6IHw1-lyz$)8}><o?Un0&N^%+4L^?2b6|`^Ra2KM
zA`0s+?v&}cB+e9W)?0jOYi3ws*^}1oJ-TYCGd$77n|LyW_`BI_+(t1n?b6zF#P%_`
z76|N<w=MaM-Ed6G9=-*JM(*o{-DtnEHzXQJ@|AfehC`+G>eqd}i7*NzM|#8{@?4-!
zp=tMGR(14lvps$Z{`S)=0y=kPuxYI79_563x7GQPlaqrTfbuBL3(rRLt_I$7iY+a;
zm(DGii}=M^`l;|v5<2dv>A0{INiMaXYvx0(Io|O6c-crN;Ni<<K$mke&d8&|+_UP&
z?zNb+2eW<KQ??l~m0<+nS6cf0dk-^*XYm&c;-ximgtQb=HH_`JE9TO+BK8(?o{zaV
zcuG9Y&Mn3(UK`*r@a-j#@L$lte0uBfhHVsESI><R<E)i4A578%&kT~&1lZIm8t;zb
zWRdyf<%Nch*W?g0SOCh_1eIeQs5k^_M#>|w@&$Iot5fFoi|QPVw~-DJg3yu-bXg=Q
zUZNKv;1!Pe>Q2=!Zi;{V*6o!sh`r`o6FoNnb`E9YyM5a2u93HRT3&2#2Dfp@n!`~h
z5an4Lv=5`?D&xwV<78p{#wKzt5<)^ouyHLH0vzc$zN#Q1)5pNGFI?nqn&ppeUwd=$
z5-~c~);=0*%74zC?Sz_PX};)kmE?ZRMZ&F#Dk}uHq)RtyV11exG}YRRpXbfcM&vJk
z)0a(tXTfVxWx6zNrgLdEP0bEt_(Hq$Y7I%r(rBk!EJfS*to(a-=%OVN?H>u2lXn&2
z8obU18^L(pj3O7S0W*99k)}^H^Pe{F!jOBk*}694<d&aQcJqCy_6X14yzx5pJ5^3A
zY~1Bya}ZO!htA48N2h1P*2ZJXSXpDIM|QY&@8w2qC*^{X{K8c>0xn&eT@;Vi4SObU
z`#iVfLxA0?AX;BZI-6bXv=f%<mQx|0Z~L%vDvG(uS2L~%P86V3CQ;Y@kRzXjXZyLr
zLOC*?DW-wMXa>@`aF6%GPj7a#Ti?{v|0Hu>9PP825z#~MFaCG8-HebAIJK-4J2bUF
zs7vza8q)ahcPQdv7-o0!y+ZyN9V_5^y+5g-4SbK2$IMr37oM{|Q562Xcda98-v?G9
zGi~ZHKBpnRJTs8R4D1ZbSl@Mz4#5g1F_BC`4u5|@au{alK`*MjRF5}to5VzpBL1zM
z!lixw+~^l8p6|PEQ{~;=a5Q4j7ko~&WL%v*H1;uEscd}Ktg$OhLae@TGq0swp611?
zF``&6|80MsEm`Jl3k$a1xQ7UG&5XK@$P$%ae6ouxFN3Jeh(m#iq=I%LMS7Wm68Trc
zInUo=N{|Hy>zY=JWuSM%wpG-nR6B2;qoT%mA?2Sf?_bG%$&5Tpqa;5)#z-SE=gERw
zVGR2_72}rg43fj2nbZT*l=G!uXBa7GjtG(VeaeYt`xYBltEt<L*;&>pGhJ88V)*~s
zy2_w9wyir1l0a~R%ita)!Ge=P2Mw;l-9m63bO@dVcLoU>f?JT_!2=BL7JP7*d~<Kr
zdsVOM>py*Z*OpUVb-KFOUS~CzE`*fg7dQuyrCOii481>^ldZf0TgRQ<><=c>4OHQ{
zUN)La{@vy6Xf4IT!Q!&sM~CNE4%L+LiXHBUTb=2Mxa*xc=eG?*21N&kOtHLR7r+_~
zfJT>cyXu>h=N{~toCE2@km*}Yqr9Hs&A8nc>GoZa`&-`^gz>>1Q3@Rv*PGQPUt&MU
z#vC_HLUB}#t0%_e&8fT$fdcsi_-PftU+4mLh%-pMoRjX~uQWZy&zQ#`GIp{nX81B$
z`ApYvf%ml)>p-nPcuSyV2vV78PjcdZSMA6cB-tfMCpN{yJxp$*rlw_Gf*(}Z(Y=@6
zomyYh13CGsbSMz-u-5Eucs=s7ZUMKu)1%a84_cp?M`SiuP{kjW3W{3n7JCL>4kX2u
zo)p&Y`O@n0(tn08>ftZltw=07h_u<xaH@>At-;K`$1i45_!&cve7=Z7@=^T9uDm6Y
zlQ8B=HyXhqEl5r8=$O@8eK<hRBwU`J;fyKFe-b3vpD`WanP9<}*YT!nLt*oB)m*Vw
z0?IEL3IFL+f+=!7h69lNFS`q#!H^~r5z=cH?`6I;kYZqTZX1`9OLAJd`-%#dv6;9r
zqoG30LXF4MXi35n1^DosH5a?mvg2kmkKecFoBGw6`+Q6;4-}t(m)u8Du$i{J<VWM`
zWB48I6eq6rNHuoKx6vc+gLMh0O&>l1kamIga(q1b$33+P+f6IQUiOg@=^DaoiD~th
zTv%oo>i5_zQVv2bEVb<%pB&Xhyg7T#N}TDYtU-KVl<I$s6)Thsuu~Fqyqs<qxLMK)
zJ)|7Wlv*0LWw)X$`W7hBIb5zCZSR~Q^We8fP#+~vuV8;R_qc~<`%ae;s{ezTJt%gE
z(EgaLgej<<o+OAVDh|W|fw)wc?Nbwt0{R6>yGx8z-k)*Bi(x&)K-2A_9OF5+U(sgy
zimKN*><WVCP6v=6t+x{J?>~2x*ty@2Xfy;sGb!H4;qwU-(@Qy=ZFbL|$hsWUgw4HV
z)!}6&nN`9ZW_KCiBdw2xn!I{0qhPz1_vaNf1@cfi_SHJ4iB+{f81s%M?7HBQAOjv{
zAwOd~DWOjKYH&$L*RSKGKt>BRSi#9Zs+Sob3nFisah~Z8B?cNC;?hM$g8p*EarbDZ
zGzm1E*$ymu2o;@fx^$h_Pn<MuGDYmya>RiYwic^)B9_){E6;JEUj;jRHRgwoocSMF
zqlr`;coQok;j%YcN}a1>!7D;>b0=hT7DqUP&&{YpZU5GG3yT+Web)O;lMBbaMGS#B
zA5{0WG-b|aa6Ly%tsX2C1Moc%S*3eau#Us|<<A8Xp4G%$!cNW|6{G_elx3+PsgH);
z(A|fD1j05{dm|kB>-*=|2epHTufK8DjohDo8rvjOYl^R?_oxouuPsdi0ZSdm7oL~+
zwGnCYG}*mpYDjZXp-nf=Rh_=KCQ?Wion=xb$mD3>NYY(ZXd=eCGECnc;KTkxQl8;;
zfw0OHCsPI^nJW;Z#c8XJ1T06#)#X~7V;&~?@GEqSEOSHXid()^RA6IT1m6L+6w~Cz
z&9gOpiqU;tA?gpwHtdd%;E{sbs4S?k*O<oiJ<F^F`0%vftXbS=j?7}kRi1H6HY+HN
zwi~i|FE=L%-aSi2aiuV6L8VVBvBgzoUDsEMqG5Ov8n4F-1J^Zn>$S!^)0Up5EDKOL
z<aHn@wiKZ6qf<+(g93%B&yH5???r|=WKMXRypGDAm9uz5VVZxWa7Cro-8EI(2-bdX
zl=869Z8?SRsPna<n3W|w`Y-B9zV8}Fb<oSZwS?VOvnX!fQ;ZkL7h6`>X!3tA?dwNw
zI_&s60rXz>)%mH~JQ%-1NK4HFcbxT8`0q*B1Qwz6bV7sKmGu-)HBya2m<PkWPggwy
z)<@TWU9KvW#WzIius8rK;y7%aUy?ncA3wD;N{EL_zm9}3ZT7b~%;AxtNyZynncuqD
z`?2NhDT^+$^#t=FM4)xg3S29=4wWAHVH4Y91MXZ&iDvFxg3GVHEfn`LJO+f;6vpWe
z@1meS)(X*7s70U!4R8x>WD>vPN7@yua#DE&3PoM80d(pYLO*}}S;g}CWJ7N(y^h^n
zLd5{pzp}X~c^mLkIO1E#JlZVI=;uAmKV&EK6VH9tEi-%EMiY!AYz4wg0bH+B^a!0n
zjKBe#RfU#!d6dWE9>mwMZ!(P-QXej}Qa(b-3`M9sRP$g=Z(0Pe`J1=vVBFDBv3_sL
z2*5Yj+woYt1%@qn6vfn9WRg2f21bt=@P>Q$3=B&n-Iku<kkv*8>R`~5fRq-@gCxIt
z&vIGQm8m~)vX%Czi9*afK12mHR&zClFNgKh>N^s>dxn5rr_eL?1ElRIYuLo;$|Q7S
zRO7{CbxyYP#(=FYZt}YNljby29&I+k!xpm=ENIs-ZKHj7z!#dSi#f!4E{rBmm)(Wf
z;%Z_zrM9%ML-9y*67o7z`aULDp}<Ph>s95<PDAZ!(Bk)s#QePZQ25}z`-=v0r>vRY
z?RVOd$P75m!;SV$B_(7sm+$$z%@QaKzJ711N_g$WIc3St40_c7vcg-bbeMD4;QCzl
zrs=fM(wGrD0hCQmVE4uY%w4lrA4X`L)Ma>4|4Mk5G!x`4_FT@<IbD*^lt@RpuO}gd
zcJHeXAY)OF=3<&)bv}-ZCQFLKps7TKe>^*EiMZ73`0ppYp9%cqH)KeJ*c9}rQ^V$g
z{*5bcSwj){>FcsQP*xnli!zaBWEUSN-<9mj7epMK@V4nf^{L}2V|PMntE?uKg6A1}
z!S5oNkdIotB|qij{wfRn0AnJNxozALX0cUjpe$`sF@Sm_71hnynxwI<vhj?kZXV%w
zGNG8<<gCOin6STB(oBBHNQORM^M{v_1lDq8xzV#Aj0pH`J>HgoH{0@#PD*dHDUu5+
zBu#0PixS-5E7)yOK-^Itun$GY92Jjlf>2-gwRaTPVgt@$w#Vz#N#T!d27-TE12+3u
z9F(^H1&<hw5=qoEuzg~^Sd5=gFCdUc0=j9eZ{6}CbUHJTRD~~4G*<-_)Y%&ura5Ew
zS}VfpyTL$~f}V7Pwr6{(mA~+>H->tz$jQR#zY)8Vp0E(JOFcfXveIw;g+LeJj*GZ+
z`|uJ2+<7M9shF!BBj$#}N6k^a!fKE@Prv^N<iKwCcU)(J`{8+QZhnNJ%oDL}bOOHm
z#W_K+`T0k}XLQ|A8aZ-*I0Q3{;yd%1HLPX_<0S|TS#2?A{}4ozTHcA{E;I-GVb1QE
z1LUnf65-DX+mGV9B`WG$FN1Wg%i7~#q*s=;yQ9s!g{aWQXR(hIh_!LK&SJeR;H#@^
z;F9x2x=`#T9t}4(75RE^GH<7b_azL{?21*jPbe_^tF1#}bfQpMjz&cYV;h}*)X()L
z9n)SPYT{R>Da5||E6yr0<CT@CncqcG)s)}TQRe;N33*Rocq3xYhV^Jc2VPA?j6YQM
z5fmCmCIdvBB4}qHL>qo-D0?1UKUs1PUs4n|?9f8E-Qs~+&TqQ*MeJz+iMMq8@qqmc
z6c>6n6sj^b)o#un5@dx?u=<@Tq@Ti2_0zy)xufl4M9PT}yj@6iHdE3s+zGFJk)r`t
zrykrJB}|*$%20yM+g*4O<Hh;Y{p2grJQZ11(2aa1uI2ap+k!no`cwWPJf{w2OJvRJ
zuAqd&u{WoPEZ{)`InpJvB7(bNk7T^hGZwClgYtRGT~l*UW9Qum3**ZDPC&F$W`)D6
zWU_8VHk6XGKF%_MTeTe<C2z(hmWsMqWO>Bq4LrIb><|6)e|mn$GscT)%vKUNk#aeo
zhw0`vTIjXVs2Zfo+kVi(SrBfz;W;RC)WB_<nBFDO1Eh++Z#OUb7=+`M%ZnZCZ_4i*
z23_l~4i=h@!w*N8Ff4?Uko#K&6wG@)J)tpv5GiuYM6a!>XN<>AH5N}vr%dp<xBZOQ
zl^Z`o)ES@KxWHOk``WE0Z1%FQoAyj{=~(<dT^saFYqZdn0;g__Ji$#Q7IIMKwYbkH
zz!voh<eSNqRA1Ui`o-YjXA=s+V{wIJLKjq0ihP5UyX8ch{>4p0)~<Dp`8Sbs^m8g%
zv!-827lctyH*_*?>|~NdrhwI`t@kbzWi6mi4{@Q$u3sA64_2`;{9~L*Y_3w})~N8Y
zoNZc3fMj6k%jZEeU%T(~ul1Y?+2?x)rpR3=27iEHLh)KA`)XklUR{b?3d2zRu&mTJ
zxZ4Sn@(TRy`lP6vo``Vz4J+D-rO?!L5J#;}X}g2>M}o^>2Q95$7Yc_aDSW$XJ<QS9
z)gFAu58MG=hJy)bgokE2Gr|_NCJimpWJfU$H=*^&tSOiMfXNKeCb8D<V{Pl=n5CGT
zE)>xn3w^%A#=~Ch-)ury&mqtXqaw2#PyQA)o8Mj~V>Q#~gl6m)l4rw_bsAz|sW!{Y
z!HQp0*x4W@hXn1kOljt~CmRY+uqt=>MW<M_n_}JX#o|qgnWX##dPPW{DV@E1iLlIN
z#E}!}e@}bOIMs!x+grUmvnsF^Oby#Rc(Qss!m69k_{|Zfd7!0Hy7>_b_iJhCSH=5S
zKGMhF^Gi_0Vne})b@rX4N<2LL7UPJ5gH+v|Aa{W0&y4N1fusmi$POREc*Q>Yy_4{C
z=x@w-(eo@tB&<y4r%Zwg7fs#{hh$ZT*F*XWP42BrNt`}gOV2jgzKnDx;HhRX_54;n
z26&p33c+Kq@W9RI*fnWTYZ!<~i7@IT=t%~B#`$L#d0ItcM01+jM@%qxZkr^=>`ybE
z5E-;?M{00qfVM4+;oN|UW%Q*upPMOvPmICIO)B)R|DiXtYtvMz=icu3nv0X6j{U4M
zHro)%JtywPfbH`^mg5*T^eB3Gm5oZ`vaIKHes<1<=5LBY7zhS!&@|)nZ%Bl!Q<lNT
z7Dbo8KlyP>v-3%xj+|2*A55pXzNO$_;Z(CYHvpu=aU5K>R7Qe>7JI30YWO5`tcZoE
zwE#3u)<dpMz8=?!S!gD4YjzPW!gbU!MbCW<qRpR|cgf(HcU9#;GG9x%_oy;%DtLcI
z_RkG0_qZWBM6gl)r?4k}&-ytzl{ys;4lk6%#K5$!7o;C!QNjmeq%fx209}SYdpfx_
zEg<XBM?b<iNPaD@U_1Z7A39}KYe$`KNdp^of=}ip>k<n>M3JBY7v<*pUxu1#6lHGy
zT<yBFEsy+Vb97AtJ+&!634hH4g>gOWx4A|iOL`<dB=(>N`(c&O&ZN<|WIcmY*RO08
zk}*Zc-9odsrH?kri5K_(h({LI(QMBh`q$82kLTXlVWnvO2xOI=E4SbQs1aBOoo|bc
z=pnUB^mV5<h|Qm{Fq~M*xGT<T-QkW|22_=c=LkrH635kX>uWeT_e12H-&7Z5w-~93
zS=XFy$R$7rx?Kum60@13uW{iCBFS9WlydV_y&8W0>bFkwC(JqSZiSJNk+cG4YGqUr
zpqj2tp>DOopl9JnddvaqujB>SybVqkzUO93oaG8SoJ76PeZW|1d-RdX|0A15>_@bL
z|AjUX*R$d3=N4;y(gq&b<dFP;3z<}GKcdII+aL#J(?xQT5pbu<_GfR46VOTxx|4N>
z!$rIqsk?x#lH!QH(C~qT<E)||2Bki^6HA9!?BQo#`3WkDnMNV?v^X!6Yx^8(O`^e{
zl7p@aynHtAd2(aJdlQHcJ-EE)16fw@!lW1|sifY>-jHJ12hK#sXy<L`L+}wYQhB%Y
zNm$S&L=l=1E-NLsW`m>uQ7i1BF*s6}yK&7p3V|n@S>aWDikA@`h^IV=KaCW1yj#8h
zGE%ogM3E&3QMGE4*Q5CJr)<M_#ml9lpKc7?eRoJE5004ji;1HCI*?-4Zj(x$>YAMx
zYsY}B;2PbeaJF=2Kq_U%6^vdg|6K3S*@0>uQovL~H~Q1P(3NXRu^QJ<+(`T$jugS)
zFUU$FIVjOxi`VTiZjE4^i&DfAQaN>z%N9NbV=U-NKAc6&2d(*G7fn-zGj}O)-K!x>
zadLk{3(6(o;{w{2p+@q?xrK#;^$C#29Yoeewd>R0X%Wmfjm_)(KSQ2n4zViI1wjMd
zA1=dw=`7r2ghg{}e;Cr3y4!3wiM3}uqyFvbz;~YGgc*ci)^F5#*fn68DW>yb*CSER
zn@HUb8L4k|px+wT<Hz$TfGy@t_{=jmvqsx7`Qh^BJO3=rAxJoSsR~0|heNl>_t)d)
z(6-bAO1zA8E3es_9iXP7FRa@}Vhep5N7FD*JJ-I+@PNZkzJyb1XRr%pgV(nyyBjJ6
z5Y>A<43sCDcHg)0yG<jugxVOctG^X2D<O0iY?{DK`nWY&hU9bf%TGI;8HKn}8_@>X
z*Nk9;YY9F35>B{PX(1J#R<C_)-VxGBbzKw*)297+RNsRyAI@2IfJjxGv!S|WoWJFW
z0+-OJTJP=Wx*|ptcG%M=QyyM`Z;<d>kDzT6+ZOpLOEV2*kpR4Ip;pNY^dY~!?(RG#
zS^R3ZSbwrjX4)Ru*I0qkB4LA=-OK#^XqNGmEaf@z4j_3va7ZKl&g{Nn*g0;QiQ6|C
zT@e1A0>?G?r6ijNCV^gmG?bm$C8%yITx$veK1XG@1sNJ=>TXlGV1X(O_aP>EIlyMv
zOT;f8xOYq3?l;H?ORIH>=8|wPyVrOND7YThDf)$0-tZfE{P4ZW^_{Z^7VLcm3iw&>
zK%esaf=#2~yFX{eZOtMP#Whs;;!^>!AU)2$<sYxM_j`n-d^VKO8fM9$I-6xn=@!!a
zz4_!keP16GAk%6+EvL`FEI&yLD&DVOdWp!!S5jI>Bd696>NC4GSNY0AZ=0CBoOpeG
zcxHMM&?7<AvGq+pLa~tb@6;MkC8>i7$JUhOqaLrD?O)#lMa)?vnBN5N=TZM54HZMO
ztNC@#-M`U!a>ZOw532mUhfn#cs3l;`ecR-y1EUX<`7YpFc2dAkG5x9@BhMAGna;Dw
zb_PV|CsKTPx*w|+C5pNU^s3C>qC78FjWmpQlFplqVCxgSgyz0OD7H~#T7zw35-hjU
z<XbV0AfC#JO;F*b`~^9=>+grtJ_P1{Xv?v$qRls@HzQCDTt8keYnm!P$umvWq?Zqv
z3@?h5KKKg>?%4Jjb>RvI(z=Tt8^7L3l07)?MK(_BgPuW4NMz8J$K9AgZa4T9o6m+X
zndd(;kWXY&bwzEDVF|@dHaV&iEPP&~0Dtg;iB8CwJK;XcTwRTxS&?;WNZuyZ`_6t)
zwKTgqO{axUY7h}ifypkwCmoW0q?^7Ik=OecI?Oa`PGydr0rJtNlpbR9PJWw24cW6$
zf|}8slz^ZijdDLJU2(Ea+>Pf(EckP?7%m-`+hc4L-*J=6Z954_e(G!V3;n_Oqir!#
zab<ejo{!E4`bCnIK0fbg7#q|T)H`r+pGCD}@HP+Hq#s)P6H?~qs@YF(N$y&~>72au
z`ZK{^Ri(@y+=HlBIdJ_80vfz~MS~2LISrG=OJ$#so`Hk_mKXcrl#hO&tecH|h2KG2
zH<6o_#fbSfiOe)F&hodW)RuwQ5)~k|wPooaoO%fZ>FoBm>5aH@bzqjSGEW4&Y*@|T
z7rxSh!sciDKYz<pKgsp*pix?gIj08KAE36jR`PwlNWhR(>F-YPJERObHp?J*SsMIV
zUvDo3&U48Fsld>*Na^70X<AWnXx%V>Qyv}1e5DJEo=X@=YL+hZH&Yt0OaUp(ACA~P
z;MK<%(|3sVBC_9$<}nYt^A|!;gxvbhiq0WuBl*nCufZtLaCVBg!p+X5)0Y`_WV}0n
zEZbkRph5--nj~PqM$qj^g)%Xr)cSENz+E?VV&zDB-)UlkPbtIP{JleJN8sbW)Z^h9
zG~lt{6#8&~CG~fE<?+jwUavF0)Z5C+&EyuI6o=;4=5{~R#gd_Q2hZeEZ*p?-UKV3$
zdwZLYzuU#y?YeVLf&B2)$cGD;3!6!uEw&^B?kNSGn7_AiP6X{%>(_8Ekx^Q#CeY39
zMZBxQfSP6L{xupvEWgG;1%s5`kUYz&$e?dEQHE+|I~>XZ&UQkh9vxw``T}AjUxTWw
zGR{YUBC%8O>&73Oj;rMiK51&oQ9Omx{qSdMP3Re>S9-(_$;>_ayMTb)?}dHqS=lZ7
z)Mz_dg}-;)eOm008;nMlBi0fr(O7d**;zJXrjletp21}%5q7n)Cm$+K9_MFsJjnfy
zg}o|<K`cK)DA@jip|51|ok=1}GNon89~UK*xiI9N^l|QR&ZCszg=CfQrB@g9xpKf5
zbJR3{h2k4E2722``0{>o41q8x%Z&6S?50_ZctbXe{kQOIKL&YPC1L?7!*g_LcMCan
zpafr+Y<-In?8DRw?aK~uk=A;<d@3VVXnoAqIowp|BOeMGTA9-_JJ(Mly-adST}AJ9
zY*dXl3WZx-1X(v|D+q(<?A4)TSW2O34Wd|swq^k<c*6Qnm(L%{Ml>w_I<}9o$oGC1
z*-pRIPVa-90?9`hb@LP=JeovHvihEx<xu49ZRQVZxZd{jl%eJw#H?ZbP1^)x3p_(L
zchuHft3AF8>8;EK@sF-xgaMqKeg5F`DdiewtCnSqh^#7<#5+}Pe1&qphnE91uwmZb
zZ%&Slbb(WooUwPxSK{Ic7<~y$ai455Dihgui_>xC$`X#0hTf&ROm!Kt+Z~O4m2N9u
zx<jk?=jCn1SZ@~;_4&bml6+NRRn%r_$Ez`mroG-?QyaV*qQ=gR_P6KL>Q#k6ais0~
z(#VB$THg}cqjN0mI~CM*(SO8$2QL7C6_(VCp8at0=#-C;l74z30p8jL4N@<^dY+wA
zHr0b0#P>9Z$KWg{`SKjmP21ISH%|^6fhoL`v*$;A<>$hsgGdiXQ3RS6W~EI$-(?<g
zxb^8lMpe2Js(X`P8wl+{kg3@2TDQ_~`D>y?s=v*d*=6ilhC%nQS_JFw$WjLt;1)&T
zhgm{i?X{ii$@xn1nt)G6R;J9-L3R6lKkddlKh{+}c@p%RcG<U-96sybN~zeeyC0vm
zQqfbC@JanUoXKk;BD^o^ZD(=aOX|Yo0`34^gJHUnj&rKJw_Uu%+09z#UBenietK;0
zxOvZJeSHa-YEPj^`9tDCBpyfLV@@)%?x>5B!zDSw<Ox$;$gL#}$t=Kh4gA&z{KD8c
zaY6Ao9w@}oI1;|&Ml8lFBuLvn$DYje5BUa5GO)-{_JtEiF@%{}MQt5nw;47v)7;`2
z$aE=Rr>yo`nwE8;ys1#{tNZ6NcMC~!Wl<&@-Lh#hE&e7x3R_|M0=)4wb0i(Ww63Kv
zpzp|Fz~nFcaE`3C*6&NxzXboIrO?Q|4kX1uN2w|_%Kia9#r$WKs=g2W^RG$d0632J
zuL&0k-2K;djRdNrq35BzAjd#4Y}CM@NK3gGJ2n0oC<OZFvRV%BARP+;05SjoBq+^>
z{~W<+cc~l4Kt|9%5)KxwF^Z^7HURzyVgSW|JW%K0kls}06CfM?|D*HpU$<bi?jNa+
zCqVvxr<QvHqz2aCr?#E|Stb7ovnI#uS;YVVUT^>ac>fJT<whF;paXoIc-=jGovht?
ze4L#$l+l3C(f_L~kxG9Gq(+~`L{F7G1ycN*-2i2g?!@{x&fE2aqlK%h<Np(BQ2y=%
wPaUdQ91sAY`k$i7Ptj9pkU;9xu~Q)Kzd4uxsS<*Xo_c=@WX2lDK}Y%jAF2Ka^8f$<

delta 81157
zcmY&fbyU>N_eP|<rMtU3q!C!UJD2Xxk90^YxpadFNJ+P#bax}&Qqn(O{l32E_s{O0
zIdgVqZaj0Jd+)SDP>Q#aQB@RP!r(wbK_NgnNFpSnb|OB1=?3S@r6MKHkOITDJ?t2v
z#$SIq4%WP%Lg<fZxKOdBpBkHhB=AO+U53<s{l2K}LPAFo)@{Vib$1l~Db%u?-`k@v
zxChO@PP^?&an7SvvMvUL%`>-ASyBSt%{+4hKig4(`IWIhGWBQ;uIgI@*B?I+6b}_+
z=n8STCIVXmVdTVf;b93y@)!V`9p+&5$I<Zd^!I+N!)2!U6M6V<rd0Bx8L3}fZVD$!
zoA5AZlW`RJ*Q^a5?1iO3b6SvSgWYNFM{OvAFbWiOyqUA_K5V3<izSUCwVAX8pr4is
z+7&uA(l<U9hL<@(1K%7cA7l-vbqUIc<x^I}n#r@FJaAcO-QtI-m&jgKcDUKaFI;{;
zAp3uEszreAheP{EQU#=*^Z*1JYRVyG8R5$^!V9N7fVjUB<|!J$msV&%rFql(MX@2}
za{p?t()BtzsgBp&obyx@cYi1{GxFO$>%%Q9;#;)fMl}AcynZFfo2+D?rS-L!@UJ=r
zt^>^<Z;9NPpT2A^-$bku=d>7K6qb-3I6WSpZ1XKFb?ut^@AIe|N{8ZLO?#L2Nm)i&
zFyPw?0d3?b&c+wg1}h-byH^M#Cc6ldCG<Fo;OvKY?dcCp)2=HPDc00H=|#)N;<}B4
zC5J|Ow?l1)=1{ue#ulk3=ca;~gQnL{kY6I5D@P=CDUa)%vN)a=W1&<9CYlPDW-k-*
z4k+|BM9Tf7Rq|5PEwvSfni~VdyW>zW1Utttfp8^Ndi<Jfs*v_{Dyrwz5<uKZgf)Aj
zX>O~LfndROJnx|eVW~{Y27?(2;@S}Zz<jm195*x;#hccYlJH^cs@|cyZLBLLny{gr
z5uV9vRcn1%FGo~Gkc`El7{~N>iKTl&>@8M$r%c>MR=X4}1fT!UMitlexNtlH?Xl37
zV9&N<lwuXtHPXap9Jz~Fqwypy3=%YMO%mmC8B;IVzhX&<+NsQS+OCwV_xGw?XGaU+
zPp2k)llW#qgM;-v-@@#T6uJa2)1`y5ai){qx@!HZ{x_|Q=CLX^vf|1rdm0q&*Dg9~
zg!<uc!~vUxp5mC862N&K-yE9@Zmy**WCqQ(krNf91Cw#Zp}<-pc0E!lX|y6DB6eT6
zdbLwBnzLl=KYrR+No<tO5!FAqvj9HBukqW}9O*G%eAp@@d%A__>ib5yI(~)fAbNZ6
zX^(Awi!DNaS#xpr*>C0HXgKu-V%;AeR(-sXM(WlLXt8yi08<gOIq{>)mr$~wsKj!_
zHc~2@4>GhK7bBFss2gvAxd*-nbg_;M-2K6wc(Up9o(_+e{!y}n;~SGo!zYdNi<`4c
zrzc14C&3QDTrW9w`(}OewPDX{Tg1g;?qG+Zftdz+CELDJ$m&ysp+KeR&hsv6Zy~j-
z?aau^Z5`482p3PffG)3HCUh3Hd@!Y;VXuXht3pS&-->c>16l$eU$A?O0ST5X(aI&y
z3GDLbS@Ov#^y50VGV<47#Rzkp;y7&-y4=){q0Aw;;v?l{212zcT*T)y?Ug_73gbhS
zS`B<K^(7q=2YPW;O^Yr3ugWI72^{v7O|<ZXJ|qA%9UH!E#>W0KVIrag%IupLHrVm#
zbA!*?7^!fMr5{*76<D{-(^&PQ6r558X-bLVQWMFmf?86>8f*!3w~4~qn91GW=24+!
z<*U5b%T5hzPfw+pb~XCt4@spdK<^v;dFQkOwCRfr_nlxBG}{zq+IXf%!QolS&(Q{%
z@&Xh#+&q|avf7zTooFdBem)c!tG!LoSB@vS_3jiV&2rwd4KXU(@M|YvOmFK)h-~%K
zIbR~i72neV@VGsBiZ15<bmw;c^R}S<?dpA12NBj}+dkQtvEgF3b0|+t<^1}$sh(A|
z9qJX!e)I3WR4O#bKGWvZzU43FyAYD<3V_JT=Kj{IgUYzn@43|h@S$kz?xA_=I7rs>
zwI^eIwI_vo?W`$^+$l=rS>suAFZ!-efTd*?e`b?`&xb!Q)Y3TJLv^IJ_c&h*smGNO
zSZK(D{an19eBG2nG!gY3N*cYN+7T-QmA-r@a<g%B!-hxsZRry%1}y#JM1}5vA$4ue
zu4+|1dX6!G50m@EelG5Ja9=W7RsU!r6o^DQtE>KU8h19mL|vPysr)vDy;sgKx8?}9
z+-G{fR2|`AL}BKqce4_bkmKuJC`nm-LFqh!T8>edo|Pe&_qI2zC8WCLiBg^E<M8?b
zin^rT_8M*}SA%GKsC;M>!j~jqyHJiz^9WqU;&!N%YtP%Kfyg1-<jlZfYp0&^zQ~8+
z^SjTx_eLY%I07JS2~>-{gD?NlP4bUj!nlNj5Z+j6$S7NtGTCBD{C@cInh(`1OhFZy
z(LF{D!DAa)cp%?9aZp?0K|8-e-JZ_%VV5(t;Oa&Ur{_LqsnLXtZ8YF`i5xGdjFXhV
zC3l(!rr+a+^b<ag@DQ8Z|Hj9E;L*f>bgXw}XzYWnK>TOy*g|}v9t~V&FH@duakbj-
zLptedJv(YuMIgRBf-yR4+QS?U+{d4OlYKANdD|RR%w~#@rawDc+VXLlex#bay>$1C
z-jP?%#yvhy^BMr?iKcQhYh2{y9m*^YloGme=+K6;#Z%%GdeI>noY`8wCrJ)wj?jKh
zUSkW0P^?$ICZm`N-f{92LNvNz7swP5(mxvwv?9y3aPrGCvU|}D@DBx`^IoEmnC{|)
zL7V*)mOUI6mMu#;adnp}lTqvaFb+>7FQ^{7{E8d!qSyk4DJ-g?_=cOQupc`5eicM?
zoZ472emuBl$rglGniegKjrkdHAFIM)c`fm5e%9w$%bhY=7hH`vR*q(4FZ{lEjp=0s
zz2oMXW9`B6OfT;VE7y!I4b+PK&?=r^0Y7Y3rZ-V<IotOs7NueE?bwU(ICl4Fi5J7(
zo&;B5&vXr7(1+U%Vn|zpz8(3apDcdzEzuM21ad#_WjCpIqDe@y9R_~bycyk9Pf9V=
zc91W=QKZ5^kI!D~0k}#TuP;5)VR_I;H&~$;deMaQ*jI+QHi`u9aBD@}4iT=QhaCl5
zvAbIZPad<}SA%ngN`f%hBA%dJSK+c*VNZ_Mh$ac>!h`#(Xmb3~?#`8=?u2JWn>g08
zTU_MfT(nY0vDV#NTeQbHACQ+C4Nl}SXCk>8tSVZHUjTC+@w!hcHcvRx68S?W9g?>j
zY_J%RUnIY;I8XncKzO)25}oc7l_)*WtWp(29^$>kN|j}~Af3g}+47olNPvBAXCVCF
z9pJBKuLiZHuTnhU#J}2yPZExM%-;3fI??$gYpQn!>I3gA%Z;cXU|!-fR4?!F#zmff
zt6E!<L04_MXdN%5?^z^fvkxSc2z4?qWgPJN(aq`tZ}0T2@$;)jb8Nqtzg^$;dBmi;
zEr{k2^_Eo|_+(9}F%werK~7L3*9r4uWVz4yd9$U<@!KQRzqr~-lHK;atG4G|k$NqG
zoxbh%F!MIPY*TmXd6@sn?zGi9PXP0<q(@%LqZtl8)@kfvW73lnexYehI0w-o{3DF#
z5xBm!pe)A7PP?MbMnan_N6a!?Ae_3AF*MBD#&FtWvOg>pMeAM2zgE)Kc{R0hI6Spc
zmU0ev<-m9rBU%{psJd>h?xr#Xf-U{E7phN^Akhy7%YZpxN8K|p!$~U{3(0BW-_t_Z
zZdrd2mlWDc{s^rTl+`YjieQ4h#q(PNSWp$M;Od_lG#_TA07iz}av4J|@Gc(l8#T3F
z4c#f}aZdS734A!FD)E02?Jbn>7LOm-mPh%PFmxlxCu=-{89I&l`;I~Fnd>J+v$qSn
za`#IvwsIIj(pwep*Uy*gJ5LNKk#yX$+TW!{nqd$BZ)MnuCQp?ZdMv%QBxlWylw5g0
zQ-m^~Qcm?jOk~<gAM{ZV%LEb1F6h6N>4jO?{kT}1pI6RrWJv~O$Rwmgnc(@<S>Iwx
z6=$y>;=U9;8K77+7AX;~?ngp_yzF0dThEr*6?d~~4qt^}qVT>ki6{!6$Dt@%?xY{>
z#iPT~(ad!FGP#2WDSZcY867`IjXEYCpF_-glM*%>S{)XOQ%bFiq(XO}%9G0zZ5y+L
zn;SN<_`Tj1HU4W7W0^XQbYHieXupE$Go_i!WUzXZ#v{(CF=B+JY&PCcqzObADq>fu
zIG&%)ODVvb8V`-Kumv33S0SVjX2=Z%ndfFY({%DE>j3H@Z>X3UQ-6J@_l+VCOnG34
z&*93`^IxZ(q!{5}`y_OT^kwcIZ#0s2^SC4`+$nzw_8%ye&v!wUjqDT0%ukmbT&<uX
zy6?tG1}##6Zbg!4#-*qtC)7hreNC!DdXUuqIu|*iviQKNqIkx$ds{oICv0Dsegn)<
zWat^X5#Ec%Qaqgs#0;xNCZ#VfuSa?IoGAC=fIlEd4IuJ0vRfuVcc)R3LNW(1Q{vt>
zcJyXoWhfoNy(wDq(4P8$%v#tanz}yHd`<U7+mabp>6C-y1<2;Ah)I%@s?{0$7uI^$
zz*Ni^@{m(r)#Bi`B_V5;=MfDwCP3XsB7I;1t~Ok&l>Sm8_97s{qQqBYy^`T$-mMpr
zcCo8YI?~@LEOduK{RYCIuFkT9x#IBrkD{SruPfxt3Cj!F+kL@<;31@#Wfp8}{<G#m
zCB$iGm{M!Pjde9n>sP6*KSu*nHZT`Q6R<)a(PwnUYA@>eD-?nKz=s%an)Y)+m1go2
z+d<KYt&argNDYVQpdTMiPOi}O2BoY0lY4$@W+zmcQQ$bfL&J?Wkz(JJ!}ADpUeqc-
z$cXbigJ~j8sS5trZ(qFf`KkE`{yD8N=wsjx@#iT(=Xm<%TEBw?3iWYGH?3iyLg>U-
zw=E#IF#;?dvUeOPh1}ig<441S9{Zn8_n}ckCJG-oQu5CSTuIZ?lh+@;AHyGCsRzo*
z5oM%fuz29UyU%8|K%V(frgEC0f`r$<Ej;N?UmwMf_Z#{5kn#Fmb%+PCH|FwHKujN`
z6kW?_;|gVizhP;5^t=CJrmmFEY&UUXe&!XxAHFq~N*DKR&2i7xENfhL9B^A#dpW;(
zU#~>s=Vci?`{brH$<N#eT0KB6vGK>|VEv6FKM|Sxwh+G_Y1Y%V`eKWv&k7obZfvrB
zn{hq;Y3EO@keqQr_-K6GGMlQq@_qF<J7Uzms#x2I=xO828Jjo}@MQmJ4zP#FF70la
z$mZ}=uz4~1T(TL9wk_zDH?-w8^f*1F-1la;FFzFA4z6a4@zP%VN45;8$CvI)(+yP0
z<eQtxL60Vs4w9bbr+SF{tz4W@pAzFq{{_$&Ret%_kKp{>XGOGT?;AzWPG&V0+8ca7
zd5XG-C&uF~IRS=gNLQrhP<{uz!YIfP0cQJcMAO>c54+JRyVjMHn;m`lWlGbLa!Xvy
zgBeiWU^HaNUvx6L_v;2fg1fh$7uXb=Zkzh0?6qP03Wm0_FWAMP%2~K#9hdD8`5uGs
z7b!n;ywYm3!bNqIFyZ0y^98;4B1P5>&><bh{%I|}pjC}WwQwyT0iQ3<V-9PZQMuO0
z0uz=JP%TXOHzwZgdM|s<_g=O{Z=@hX<67+^;kdV08mWrp`h7VgskQ;(T=k(qz<4U$
z6>W`GwU;0KCz9upbh^4>;M2qP>;gbE^{CJWuAg`(XW*(~`W@5eJD>tv&7wNa3;M2?
zR}j|tIi&~7_b*_iQ41rA09=Rx<y)<9D4&l<otT$*jbm?j4f9m)ra=0+8|fj&>Vu2c
z=O{I@-=??2t5bH8t236NvX8y=F-|@@v>TW5HcLACI~uM?C80!AF^!2bvey1z6#*~E
zeB=Wj!SWB!BJ}_8tfP2N!F9ytnPbxjO|)xc88mnzRL+%T6r-hHYp5&NXIj#VK!i$+
zv-vf2JeS;3yHtzZC^h5N<=E@;(x%6p%6vm@Orr}IqtIBm|G@fHm=!mM6PR1BKJ)9l
z@5eOW90l0Gbk9S}9<aWxY%U}J?D8``QJ^7&-!A_~rg9yDK!9FC#?AT$a@*F~ii36e
zkT9aEg*08GT8i_jH2kTGBR(nd?J&Z>i>SPo$tDnQO(*y#NFXR`PNghBA@Oacyf6Q{
zX>93ceBUy#4RiSVo6pbh2@3Wbuc7{dalI5EgaiTFlRPr?<qPaG`GpUWS|Z{wsaW47
z&a<*Bt(k0QOGVpxXieau|K<RyGk0ENIBmavK1;uA*>RB$tL%LC388U|#)H_XKC8(W
z@e!^!=cBZhFRN3ZEntgm&V$@!Hb|}!O-Fs8!HGew!X9o`yx^vU-lJ7>2B_(C$fHZ*
zf9kA!`B(32WTPJBD?=U$|L_-Uxf(x)$2VS-OIjs5ji2of#L{E5Djg#S1#F5M1*yjq
z$7Am`=2^%_*cD>zbmDScJ`rsCVhf1==CE<kBWxxD?Q-AF{PL<|%8)d(4l&9!LNpdR
zr_9u9D))evl#O4F;ak7{%8|WNM4;W9OCa#s=v)HyEB9kW?FA}QwN9Dfm@C{y8>3@h
zv_!3t{5Cgu<_fP@Fr?LpSv)p^(nxybtca3QsMAaq{VIkUmcuRuFZoR<pbjejbJ$K_
zLAx`s;K8%Cy}Xji@&IJ$?tdB*feO!}ms-AyRkx5`5XCP?3`*js$XOX^^<k_?F{1u9
zyXO&kWF1BpEHxWl4jDo%@@}CRgyb!g<kCcIhOL+yC9#@c7~w?|{~aV$q^!=HtIYlR
zAQb-kXuC0@2F#r$Rz{|+cD<UU%Vzf7w?BXwG^?0lko$lM+clb=5U*)g&0CKF$~<+v
z(5t#xDmC6@qh(H|gbiHjy1mdT<<Gn2l%mg*IRBbM3`n_zc}1}#(^kOAex+1>WVaV@
z@*`?S$wOtw%vfuEc=21yIf7B{kPhBN^N`;+FVN*`-(~tJFK_)$37El^tYFfUYL+1v
ze-jmr#3!A1n=;dBL(iNC`<F#M{-mzk7^bd!jzfPP$RIk%&~2CGxpahlbQRs>(IJ@1
zCW7Nt!TdEr9~M?5Afg;U0SYbpa~^q9)3Ok=0&WWCBZU>7#xWPMbzg$q2pY9=M-}xe
zhgD2qg%=gWva|cYC<VVLyIP|)y_)-(0@$p?c2Bs|;rYIhnEQ1lc-BaSJgLYa<5t)g
zCEx=umA-S-#HqFXnK2F1V4kz4(soHL*CVT?ygQA^D+RZSPGQ~byhTe6JZKjPJhdQu
zxU*rRS1b*AQ*lOGVQ<m?W1+wd*7K0NN{qJ}L;f3W<Uam=X?3cJI+mnD^U{5q%}bR|
z38;SWYFF%kQ8)uT{^A4V=kNzeSxRjr-L#z90mX8J>DSKIZ;Q$4MyJrpTWY`XnShV8
z3b^Mo7f4~7t&6o?5Et#q5N*eNcbI?texU1sFb>5CUK$QKA=Z1Ob#hsJ)dLRIz~2i?
ziz6g_&|XqkdWSdJz*G>T-7PQs*D>*1vnN#B(<eBdWwX|%x|cSN_@(_zEmv{xAv#R?
z*D~r0%JS0C=}iPNR9tTGD_?Oxxl*Ta#ob%#iUS4X9oWUXC8<&P-*=rk!OZy^ol$@e
z+gJ3fj`78(*O~<gl$z5N<5&25J4RTlTCJ*@{>(kTqW`Tvn4PWMo}SJ2yt+=i>S*dX
zqBS%8!FA=xLRcM9Y;gQ{tnf=e+qd1_U)*=tP{%+pPQT$)=(TAVBox+(lft{l;S>I}
zcui;F^!rbw<w$%;07J3HbgIUwU^ZC0JDBgkwQ{r9K<(*kEYE8}wW*$_Oh%oNuU(5h
zdM_=5Dtl}cRzaV)xgCE^1^8!nNz}!NTEKjPAdGkZ6U}?Jc1ds}B9B{0L~89)O!M(b
zN-v|pI|UykYG0Pxc!!kPmzTrRO6f$xNx%dD%kOOtW9NV8!_F_#8(C;n@?_&#;p8?5
zLKjqAQ|GL`++yaFIena-oXjC@&LXNBB=_VG#d;St9XU8mO!$KYdrGl4a|HbiO!esa
zQ!G`DkU|v40A9Rqo7bg1j^C<NuQBs3Z94{3=lt6%1_`S1l)Cl!)5p4}0iO2;?7;&W
zDEaQw1ukw1c%Ys_HA96>Q42)7^}iXVw_L(3nf_cX2G39;a4W-NAVX&mhii-KWT`vM
zo42GhCCLHicaizPK&OzV%{>=1lgSZ?_G)|MRd_P_PSE^J9CL3I;$umm?Eq(k_(4Q*
z(R>P%&lZs(o)ECnoO5MjcuhA#Q%%nn0I+?%fkdAD$xut0aAb#m_2#7LJMeobMr}fo
zUzm+7RU)6~!(kA|1+##W`UiOxbYkHD#^=NvQD;9OQD<r_J6}oowpoUErF8Ll*K>uU
z^Bbgu8VGfd>ENepzYIgV9V&f<t}IO(ff8o>6<mnl+*TpkdCIN%O0<K)3cXEz<7R18
zyroWWs!NtLBUDqAH~R0Gsh^X1<$blcGHtJ4>{{XBJ8^X(`|@PygDu}r5xgmed6GSP
zQ=K~DU;X|=;S`axY=5pZqi4~1ugRPlHDi0L)Wx1tPoDp(^F#+~gO#TV7=?unw`po!
zd3?`QL}*If(i3_xkHNt8U1zko>?w?&>UT5PuER=WRh&S-Ux)KuT1M9S#PS3<B%L+Q
zF|yg8C+4KI;D6r|L(qf!)XX2>BkCHmS&w7Q6l6CLCpP~mrOg+Qekb9E#=y9{i<&YW
z^e<NcUetQm2;P8enl%P{dWZT<t*|1#rf<pU8a89QVH!BYh@OSy<SnV@MICR|C3o<f
zzl5u;4l$|?1r=EwLTPs8+iVsep*%U>P=o85kR3SkJ}dwwfh7+6MbYx_9YIww%zLpG
zMGTcSO_QLfB`mP~Q{S-e`dkkGO{Z;F%oj=^#Gh9c`41y|9ukND`i(9R?@(hAMc>lb
zL+v6G1<qgm4l5byyqrO9@e9;HbN)IhIhisG{i-5M+B2c_cho=zyPM@bS;<rm;uG}~
zgL$VNR5(o$2KqWpb!vM1$(b_;_q2Uc94Rwj{?6ucARzA$12{w>i0cM45yVq9vhpaG
z$b^cCrBYFhx+)`O#WDof-xYND|Jv7ZA357dchh>uDj0=Ue?(WWu*J&<W!t@b#19vj
z_KTwGT-{(pq5d0%77y)_ZRP8ek#qHd`K#C7LmX2=r?_>=fiBT|=S{wEU)PACbDBwE
zEWH475L_LVk`Vf29BH8&{|T6=g3H!vFcrs=5TNNLU<_n6^BEHNZ6YG^v0OazC2w_k
zeK}Oh^<*BdpJPPK&VTjz0`mhYW@|D6+q^3&<`Ql9;BK!)AY{eo$-vbMc<Rsc3j<9V
z^)_Gy4@fr2x7p5dUd~gf`~ZCf;2-=Z?!1OMyQ!r~(cWyrKrvpqW-G$Iu+Lix`5huc
zLnZrR<50Z~b&bEuiW{~KFU3d7I;))K5TB&d+lT-7#sJ4<E8C7=9xB%r{eS7j7aF85
zT9aM>+02Wj;-$eoDg0RDgJi^|&%EDTv*%B8GQ>Qpg!p3mAAmux>0e&&Uz%`YDepjf
zrww`<M%JwhKhfht<8S94vz<%?afO}@5}`P$T<_%8_Yh4zfK=?g>D+-fvqD;jckB*~
zQb^s2w$>pC4tLG3JjQ3nGtev7cTeFwfd6Ik!}+ely(B(dd0Y=lP9DXLDt8FC?v8(g
zKR<5wBL$w$;A1_2xcH;G85Xb2-H#ULcO_(A9Zv=)?Qyn0+eh{k@sGF;OuQtZxn7?<
zd9&MaAwT(>a$c&k8fF+25GHWl3C-lC&O=+scwk^ffd~&NW10piM4QFyP5Y#KN**>-
z`S6!>2gbzhWcf-tGjr#5l}b?{&1N2&OobNu=zw|i)S$Okt`={F-9VT6%NR!$O9aV(
zt3Cw~?*btTGJT<DuJZPs_+u&a@8bdWQ|!!qxjo2}y1IIq!{@e*C-cKyTh}2!&!d7w
zEq{7CE>*WVqpyITdP609bYIj}z!!xQT<>8~*i%r1{!SQ6K+%Lgt28t;v>LE-7^K;;
zCO47tWsV3D3G&rVN@5gu&f5rul1DK8n}5S7l|?{Aozs)}M*k{X86m1KDKufG2{x*D
z8BBuby=2m#3E>GWm-+m0@5hFFI4B^&`8BfRW$=*g2ZApO!5l+rI|q^I_A0ZfZf&pN
zuJD>g8~?DwT%gh^*zBc{X1sw1%Q&VGBMfT-=>$F^gT97lG9!bk$hvAtiygmUwYVYK
zpOkuV&~R%|7DnhZwIuLuz7NW>W)`UCicT6u#$_o-5aQ@41g}<57h@#gETQPQO{6e$
zTX;Q0jIADq%ul+^2J&x4bpMz?0bRacSp~RoVSpPNPm2qXGy1l$v*h~Ov!$Ivl_I*2
z>5)S51YzTB28GgAYf4v<X+$ij;q<_aCTK+GhO>{)lvCd}_4`0g!F2!iKy>GLcr4D!
zdf{qu-VO_@?`Jv3QhV`2kPZpspX-x@Be4t1C!|IZ#so4fd_V70J8SQ3pN@f#Rk8uf
z910nUWHWa*w;KhordGEM4El=i@NR{E;{nOn+(*Y?vjYCSj!6zp-5LpW{j$`<LROse
z#SE&2FY?OUg;pR9=uN`7I5QOh{!a<W1P9p(hwehfvCx3<v(1}nTrRI>u`^7_c$5i7
zn4Ke$JOt5IpodK!9^iyv_XMsE74Mvw(+-WS2*75GlvJSvgr$(TT=5?D!t<2c4K_Y1
zsQ<+C<^7|yq1<eTV6zZ`JS%n3{Ju%q>oyZb^zCM8`5BmL%URVnLN+PX(Cyr8)bM|6
zX>hd{aBdPh$y{lZ3l&UoZqHlk%2aaWV>k%|%JzitlFnVVSAF(Af#T+EoS5>2c*<Dr
zQ)uVgm|zY^X3Ds~%0+2@bLG%_NBDtv2FDt?Vbay&?HjODdLDamx6f;Afk`j8AG$8;
z0p}xJ9@3@r?C#kXU)K2+zn#ZlV-p4C;m@-2Ig7`Pj?=typ+gf);2445)JQ{mXo8XG
z0#3SaB!eTw=$cSNL(Hj&5=iKYpS54}GA!iTLs~+eF($LeYp~@yTwxL`cjUM~P{~L~
zz&;bad><);9@T&5{ehW`_lA3j@Pnb=%pr$rAOmSnf`_Q2=S%bnmJf616%SD_!7Q>Y
z;})%%*zd#$ackxJw>1wHz~XcyZ_6pE@+(OqtS!WhzCqoybS55VyrHz(p2zaNb+*y0
zv;FDc++Nq(WpALR#IIy7@5zPFOmI&B$P%J;i919+=g}?jrGnnsbachAT=<}j=}0xp
zkk%rM=}a5}`GoT}z!bxgvhn3V2(a)xaxAaotW68Rc$G7^$V~fU%!E>PU!X81Z<PMX
zOpNmiE&sL95en<|Um$}Z(q)*QV7Z0TT~~7uEuMC)?2l1AIY0xqj<a6UZBkN<daez(
z3PI`g>}%zgGo3f+^Dx9OgnZlnQ-4V4u4%$b8BS)H&$PE2zv5w3DC;rM0;c3VLZaj9
zSkx5@G!1a|yK4mgUhnvY+4hx+r61exE*~#sg`~WUAC`E4+tbsZgk%-^@>^=L=_F^L
zz0SlT<LR&KX&Vu>o9fE8%+;=bk%vs%5j@CMF${t<?Ef&qITKuc#E)|Wq0y+w<7<`q
zrPyCpMDsrZ3B*bLS32?amCV+dY(F;$<Is3@zQRfTE~J`N`!F_e<{31Ds~yS=6nIjI
z?Fq6Fz53ZsJahPx%vyGzCCk(|@zBCO>5z~AN3vb;Onve?99pzE<_;0bwwLlM@!}jB
zI!SVzeHi^)DrQmpxPByL{?%qEzX=`iPpug)rv#q~dq3X}ZZ(DRvxfQiu2fy0=|z?7
zid-3LPF$P3uwi`7Avp7|NRSfC<?xZy0QFCA;$2NnyUVL%4hGZ2`BWo<{-M@K<l)n%
zG!<yie^y=dK9pV}(Z1S9eIu@**^<T#x00hkK1H~lNxyra{a+yi^!UBmf)zspx1LXX
zJ_#YMPZxVz8~d&bAf0lKD&;d%|I6gqmtWYcDnK3l)9Sfkl6|$NFt}Lf0Nu3rMbX%`
zBPdhg9c(I7^?qEXYnBl@nLv46J7PplJJV!58x5<ToT2cQ!38ES=YVhQsWHdx4A|N=
zlt1rG1)A95V`$ld+7Lq((b^IYeUbs%hKzkf+CZmrrOlZqUR7<H>ZU-*Q@28eWs--`
zY+O&<-I1*1<U^CU@rW<E`J>O%<@z!;2@*Q|E6(6kXBW>X7uJa600Ju3kU>7xU%v&y
zlG=mRfu;2;88M8^PC9~#24iOQ1tzP0p`2<#&8{xU7nsrJWTm4w4I}%T(Qs}mIc2J?
zdE9dK2`^;L8N`mIX%cSXnvC>7;TX)oM64&qZmb|iL_ZOJv&$+N1rt`?-K#J83G{`H
zQvnL^2M^yJ)yXzNU+|y-HR>R11MbqKz(@N$er7&Z;y-cj$Ij>;EG^;`#IL5t03Q#7
zMhG>5drx$IsiSYO6vaTaR`ebPi50Gn3&LMwQ?bE-HW;dQB&ap7=9gy6{GD-cBy*IY
zB8&8WIxnILHrJ1W9~fwB?A_@#FAY5@l|*4mK!mWG=5l7;?<l@Zy;9(GB`lHFQImrV
z_5Pqws}x?`<5$)clvV>W6>)opPBQF6pF|T4GJlz9g8PUP#r+|rTz@K4zf3%epDR<T
zDppqkWrD^0Ns>Wk6J9(?4!V>B87bNU^GU3F8eKfZG@?3Lh=1JX?Jr>uaC))>d+M)-
zDVt(K1uSD32aA?dLw<t$FqOTpnkl1rx`W+tV1FDkAg4N)y<n4I(+yjk;!ny>Sx03z
zckY)W0@7XkdRjT&rN^iK5_(1r>?JB5>vA8-jNlhRh|Kgb|E7nwH*0^wglS5oc~1XQ
z<oW%PLYVXHs16Yo7=4LSeW+9-59u}&V6^n&Sq4ddUQ=i)T2pJ&!#H1eEkM&kcN4T*
zOt^4&ciqzBru$xFn@Vr~Ok<vtiPs~8#i?cpBz&?WQMDeUBmO-+EWZXv+Khm^W0tGo
zyAR5nhB98&*T1z&v)C9;Wxtt=usHOL=dOAQ#oe%Gw<0_=xYU|Bhy%Js8R59XdTP&-
zGAH`i`RGlE0Oc3DmPJBCmJpWugtERQ`}fB~_=PR+?)G~ocV>!|7JWkAn#CQd6-P63
zIENt%r73j6>UJT0i!lPD^npGk`~f$7QyL3cCW?=tST%>XlzNO9$IakVtX&r!l<sfk
ztP2f20pq<Tk4Rb)|J@@d7atNdwf2ForLM*zTFz-5SN39|O-}@*16lW??rvOn@085}
z@@Cxnz@CSnk|uj~?7`>(39lk<wwhkesDYQ@`C(1#qf)Sb)8Yt$ilPb=7R%%@HF+ht
zS}s|h1AT57BRRANtFqNpqszh`&dPr#(EN2W6gOoBT}vB0z%Ak?#dhEs^Gvhz%uv)H
zM)^9s*O4+}qRTUBm{B6Qiae=M-2{fuj73Fsm5Y~ma2ij&R>6DHZC|_cCy)JGxOWyj
zXC0%j^W1iI!BflYkAd(H)|omc57r}D%Key-UD-c&Z1Ow;dm#HUG_dZ7X!<%sbs;+5
zMXCrul&OnMEVlQnXtdoBP-WB+`>)yuv$-exkvVIdufsjQior^{ysRZN^J|$*aW+&%
zQi>%KI0lPVy$sh(@#Vy{DsCpeWGM3xw3teB*k0c<ufH5r+MKzj_6@UE%RCGn*t}Dh
z9JD>v1y4dEvT7mPlBhmJV@;U}cueb7Tfulg6e%yg+Rj1PWP3%I82k-6Ra7Lprn=@P
ziOuO~NifGpd$gtbTtV+!YOsQ^)2PO_O^alfJdTyX<N&Ge*B{N-+nF<gzD}%0i2PRm
z5U#guQkf9z3?`jPgXKaSrGUGg*;!?_r|T9kGQrFHU)N;IA@_INdj&UN057tfg;BER
zRIeP-QrU~sv&o3#f?~?Tg?RLMbhfHxF57I<#R!VwmfN=)lkRM6CzJs<J?@F03Fs;E
zx8*M_c}iJn_AvHzBVg89%Jp>LsLohULNn>=NTL44F0KT+{K}f%0Uxe0xT5Cwv4!AV
z;v;S@{cdp<rC^{*K*zJ#%TJ{j$qX%Rv#4@=_DAp)gUd=h(3*p_<5Op9x0{Z61d6ES
zs;SxPLi`c;&Ci)&QrX5fqWS0R#@;Es{c3o-AZpxl8o?aW3y+h54z`$$w+nW>>QB2v
z2vuhzgB_IiNEj{37`BQb-_0i+&GZSEmj|a_deF>W-u43bLfExxyXzrEQzKQ|cRN0u
zIzo!-0}gzm%vszl)p#fJBQFVzmnK3D8h+gWd^|WHCR;i}Hz$Z$^5(*G+4P6%dWDT_
zjTe;IdLgmz@iC32#gl2_d!m>X*2CJs{5uuIb4pbKQhCGZ7Y)@i8W0^S#yLXOWs6w3
z03k6v?>$0b*hQ`kFCcI)+juO8%;>qjzz<gOzWOX*9-nQYyri&_dP8wPii{~-BX1K*
z6><6-#Sx`RYpKcRe@&T+_t|Ip12uF%K=(G7-hI6}&+V#bCF(<*d$in=BA#Ue-%J%0
zq?ZcP+#LPL^=D&bvU9SHB1Tg@L43|Gfd9(KX(>#^z?YG=bwZ+~HPA$dl%MGnI1JWH
zY**+k%U46p<67+FPGx{t-v+Q7c)5`?_Jt#JR6Ral@^Ynn2Qyn_*XEl_y}B-4@%u8e
zu9^{80Y{~s!n7OCLmG6%WqVpauN3j3)zvlMn2Ih)k7QZ>$Df>jz)1X1TfyW7z_%xX
zZR_H#Pkp)xGixc0cOskmUDr>O^TEHv|0(&2-h=E@OCXNcNJ&b|)|JfISB2VjyzL}g
zY_~VC5QTEc5KWm=iB*sC{^d@p*Zyi>*%)g?&h)_~*DZgX#KoBH_7v0RG3>*|g~IiH
zDJcXkjnY(1A^EiSLnEuNAh?eixWr*V6pvPkg4s6gw;UwIt76yf3dH-1&}oz+&-1se
zzC$P{<HBPYILGB|qZO}B6T4?f<-%x|)ay1+*(cEU<(jC>MNUxyQZx9nZka^R!XOR|
zjL@&>G9eDqLXc2_t5-J{F~ncp-O}bB-vm6K3KpGtx^pWj0DZ<JwDVrCB$|3x(6#X)
zzJ{=TS8phfF2GvaV1@O^hc>!ueO`wl;Uv>iL~?!Sl>^bGZRmJ08s~Mkv`OXb{Ic;B
zJ7TNM+(}x6y$hq=M6>q^NN%wOAKeyQZ%R%^z9*L~YAC`-ERD+Uf4>|q1J~I&NzBf2
zV`C^?y<N-21iUwHlfQCZ(~!IB#L-jQzvhNzJT~FBs-^G;PZlF$Un$?&E=E1|$vU{F
zKT?5WLBfYz1W5F$5>DP<EHS5B<e2@#y7PEQxH&fN__f5y?;aG^hwv&JY_YZVVOti;
zAqEa*PCIPJhOa|JpBs69p61<^*%?xwe~h&c$A%)01A<80HM_+lrW4)-@kV|umMNry
zE^97|<Yq|?m_{545(%6W|C@h<b&1)@{a8cn?&G4kkoy6%|GD}2D+d8>nMxMvF`ilN
zM!kJAzZp%DQ1o<#Xr=cC7dRZ^+^!Xlm$ptAu%PZvS3E{r#V`*c;mEr26AfU-v%vze
zdj__dGYI8f{Px1PYU1&UKlyZ!wjok{(e}^8rtPUwpj3)#LhM$G<`p~hdD(LjIG~3)
zV%A*Hu&uT=tC1lb%_@q+8};0BsrmI&XJZ<KSZ&rxnbbfr<)LkgH5`?TZCKzt--See
zg)KJKdMomI(>5)Y>Hgx48|XS!nd|~k&eLlX=HC5^L*gr-%vaSBxSu;|F;~MMk@A3@
z_EScdDe~;Inp;VUkREcc1``YgD8lYFJEA_`e<j7@Gv;@iDV7{g#otd6imfuFsLIl5
zd$<WA6Fp4qdq+HPJkZp4niJNXRnOZ5)Xg+TQp!K`On52BqgT<A05566DKd>PtM$XK
zm?O_5ibL%UO+OqKR|V}2S+e&GbzM7jXNZ+PD%<j5m8lNLcrl571-Gfrvb{|a;YtTC
zo-#y&$YasG>4IUYD(%4(+dn;qD)}d3^np(;dF#jt0=T0JA%&E=I-S+@;*?T{VMwEi
zM`+(Shy`}P=yxbn0Fqn9p0&bL513b<)9$t(3-OJowgVwtrCced5O41t!*u0XJ|A!O
z)sbb*>=W{*=qYnQU42-h(4Daw1s=Tmz<JxkfnwQPJgh<sRq_hCcaS*ei9T!%t!i=n
zzZJ95@HsAoP392i8T&L_Mmt_bo}@I?$p9!m#aBSTa?qtL{8YH`Ff9fHzA>wMjkZ7@
z#B1RI(RD&eca58F7*F>WFG=_Lh9yl}hoyRbo4sep6Nosx3ogPJbG%Y-{&DK>{Cc1D
z%@ae%99h5BMjRH$yQMmt@vRXkuu#}t|LpP2XTLB<nMW?POUrcZeO$XyU86J`F*e1(
zA~s-9O6jHD=+v;Ig5hWs_!!lfdw4w<ul57iRml$HR?F5|NESQgHttD!mzQ&%lk4D*
zwR*I{Nbw`XG$Af)dJ(S;5b@r5<<Pd0|9dKt%OjwKMbRrDvCJKf#ZOLixl|r=s=i#R
zP*ZYdM}~3%YrHyRu*M-@ogsYr<TtYi{^{FhPxd|b%G?SZg~(6J9LJP#KZ6`2D0T8h
ziP|<o0PCPf*!|MXb|W1g)$KV&(RhniMovnto@kfRQem`mG=Y|H4pPL&&hDc#mxA^r
z+$>$m*SL<PQO&ToAI`MiH>UFqk#2sF@N*Tb)eSeOrE3&>l*koof6jhgqOSn*Z{*x8
zXbl-LYY7Bs#=Nk#5=>q62=?Ce3HNo|d%AXwU>mejty6XMUg#GJK?z(47Dr5ytU)G7
z3fr?<<OLU1vs+S2Mn^#rqK_A6xUshy!<SH9Jp{PhV>RaGyE>Bi(h{CHn2Z<Yi062w
zW!i5nb+sHwW*1EO3x2mW0KcDmV6>*HzOb^?_(t`M<(#3APysVQ#uyy7-tlnuK>xP$
z+&-f6n?42q3pv~o%Y^Z$n9r?ml>W3gkPJF2y+qmJ?u^QWYqWneZyG*OgZbQiD<g5q
zV|xMn<(42BT5cj{J@aojhzk2yYbG2&Q;GP>>qSnWK)n3()a#aJ;i<(bxA^#B_njqy
zs!v1f-2x=A&QD8TF4@8a190l2$B@+%HO%=5JCbZuW>)S*d)_5GXE-*mAwd!^I3egs
zqf=&=q2ovNr`^l(a2MoHzH?UO!yluZhaARV<kYXj1lrQABS9~px{csjBrCojmhG4T
zBMTY<iZsmKW{y_EyYlUHuaxZ0Xay+PGqIspKVU=m{P{`eDse&c2~x?Jco->Bh(FQp
z+LdU;oY+vFh87(phcJTp;%}%2bF>xOxwsW7$KydFzM4WrS-_U3$G?^s#ReAUJPpga
zSkZdqH%?1li?%H`aZgO9hz9uWdM^82S!qdB9X96Se-~z6AkR|tRELq$F<)q^s?Vr|
zPbFZ+jj2(Nze93SBx2Mt)TT7Td)0&YU!xFyb#@r3lU1HFkH_-cwqg04@zk&3^~>~L
z>2r}dwH@$r+qDV<mi|mJ_3fNAm29aL@8aiUi14M*!T^CUX@VY_bSaqq7#_pac*jAw
z6Nl%!P;3fIJc#i-GYzM-*~%+yCzBvm9f>Jk%U#qOo92KLn*tZ#Im9oyOu8zj>el2H
zZ?u~q*@;9!6UnXgGbBI5cI1LH4qW7;?e0W;RVz=lOE1oNaX#MP9<H1Cejx_EdlirC
zxooznoC-JvrK24zo_sjj{_4p`U0tGoa9{U?EdB7#WsMU?j)?W$fLNBR*@(^Rq~L7{
zH_ENw;~s9>fX~%qf6p#8q5)C?pUbHEoJhQr>u5{3c`fImQ$GXXr>>^S3%e15l=#gE
zeo7KIz1Rl+9hQ~H%h2)a4w8Ry5eaNL3arL`Isa0U(d?+zKD?7Xp6blhwWV06RVW?Y
z*X5qcaf&x_@j7F!RrG$MNsO~^k56D0i}s!Sti_vN5?_rBhffi!Ngvx}RCS5)>O2y4
z&Ra$WE^`fot<_QkZP9zud(M>jMebY?p2|Wa&hie;*TpSZ6<#Dt+Y@>WjJiJ7;Q=FO
zMc>E~fQq%_KK5PW6zXD*(Xv;d^)e@A%q;XCYqwt}+{@x=JK|m+zOEqh1<_zr&L<mM
z{@gGfKxR5m)Ak+IVt~zoO!Un?7U8he@==IVIGPsrL-6-F><jz(2=)wnK1X4C)^CP>
z%<^cgAaKImte+Uv)TN}j6lM@o9Rsv#rC(A9c2$4;Pb{=DqtkI;-0J_4idpOMa`y3H
zU4A;}tHqaZqq^m~M37pA-)?dd8cecp8d=74ftGUquyDBbjBtEUi;Yk!bzVb#&guLH
z9F)X%6}i1MSOyVEdRmQ90dlKglJx&ls&FEJEUnU9&G9N3HtvBs%MvWs!><GdFDlWQ
z8kC|Q=_L@27vo5iNZC)@{)hrw&a;lE{T1cRT{K<Vrs1^I>sC3B%VLG%f)8F^$WISy
zwA@kz4eu(E5<n(D2vHTHP&))_(Zjz6rVYLr95|N`Y)qJg{g6COs!vt22=^IKUgjMI
zx+EP8tbV+9<a;ekWp#AEk&z;hX<$gZ8nHo|_n3m)-fS;XWXv@2aOdtYNqV<MR5#b1
zeh+DIV^ud@Q_5;US<;fQ{3zJ8`l&S5vPc+N?;*m8$80^S`l0PSs3aC)IXzft4JEL@
z_hP3I5&V)S@FaIg{VZhg7xha5#*SfAAS~t$7<-ZKcj`xplW$JcIA^+Nvu9Hod8Z_C
zpLdzuPL^#S+t=sz)JKl?{^#)%M^Yu=ee8}**3z#P`$RhH-sLzZP<O~{syWUZT%d#%
zBsYmjE%#L=UT9`KW%g5KYDIT75zc=$FEEN4t!_y<S!=NHF_{AxENa2b*>e39A#R8u
z*#!7|-`~ILr)U8Jz3p=z?>DqRBH^MYySyDq=PMnt)1ioCp}|Vd5+L?dg+#nci;|-0
z8%#6!nQUoHxnu8$rqUV1JSeJv1ONFrU@;Ej3O=yrqfszb5@CGraf3zDy(P$Hl!GF;
z)Vu$uTJN3)*j(Q2tzYhpUVaPSe0S$)B5-+gxwrYv%0)2b$lr~AL)=>6sBj8-C%P`O
zv|X~so@QUZazO@NkM$jYR+s1B<``=wtKQo4#LycWkX0F8r5>A=JDt28L6&o1(}XRf
z%;eE=1R1)J6V<q-5L^wV^0r_Li07t_RspyrMz7y<G@lrJOKD$CYtJ6#kYG(UkHqG4
zAt44PN}DHZg~T}fBHDV&sE?c_Y41F=R(0GTKRU{jiiK^CyyxJW-=nh*)~J23UbaNm
z%@A3w(=9iw_O0~pI=ouTO?bz-dmo#|Vcj>F1XihuT1Wn;Z;pvziidc<-dQCS3fNKk
zA@}Kr$iZjg4>!b^d5qL9^Hd9EcwQb6pQ9Bb5beAFdrSj;p{PTxxyuE5t3N|BysMN6
zHJRmX#v!jb|2f!H%xAgRbe%%(HN^^E2V!jZQX?<wiL=F;!W*7-!ul$5ULR>od4fi&
zpfz^zfW`^`gsn<(0op9UMq9LeQ&$wWtxLY~PV?<AwonTg*F%4Z+c_74CAKl<+~5NY
z3;lXW&lnjkeIFj8tg@u-crwi_vFcQ0oyR*3S>)aWFn#tnU)^$k{mwYjzs%7Dd30P-
zEm>~T{&P_xU4f8G!?)w!x=%m4=|pug9Z+MxQe1?Ev;r-b;?v||mO8k0g8Lr&Z`W0w
z^4r$WKWn6$6mA8ljD0qa9I$_hBq}t28O@><C{_|O^7=_gnw@W@|7}|y)s3`LCVPn;
zhL0hh)DkHC1ti-u@?J&+*I7k$0pxjIB6fV-vSZx5vwVjRXmzw7qQ$F&*Iiuh@2*!n
z;vJabv;mPDsh-f{uASBv4vWAx!28Hk%zZe4{$BfwHxPJp`B~t4<EAXoHd{1(VbPIk
zdciHkulNmd%j?udKZhSE?wR8T@~ySEW5qxgqG)lztrVKpD^26HbdyvA-&|vr*hJ8h
z%kL&Eq7B;ita>Zkp~~gW!D>xCAaLBFwG{=hoHZgN6+>r09TA<oT9=NMp3gpl;C$)C
znoF0(8fncyjiX;87q<zMo1T$VmB4hc)#DC(ltoiatL8%g>(sQ0qv^70JOPu~+bQ9#
zF~_}hLre<De)5x@2|Gho6sz!B@nyOA7Y`~JKakoG4svsfbiQq6<Y&;`0+maSZ-wMu
z(t>vVRI&+!k4E0kGeFU?b%wqQB;z~>z1P*TwkyvDBZ|%~J4f{_Kj<?1fNQRwN+J3L
z!|4i-&Yq$fm*a)wa2CPq#J)DcK}=#hC@~ikR@kXze=v<Z%E{P+-z!@=F!0x&Rbiki
zI+@19scD+sEuEXvHLz2%BNpJTcJxl5yJf#FuCrY->6C=A2;N|kz87{6(-c**h91$D
zP<KG4YGqNTuY_#Q>%X$VWc-d0HKMY9-$iZFGJAp0*&dx?h@f+Wq71^TDxvQmlPwf!
zcxdJ8TEu3?O&=eGV`-9WIQ%Y;Aszm{GiOui$~k~BXbYCY0eozRS1hYQmUHtfGY8Du
zAO6YDLvDFudYHDoQcx4o@}s^0-~5s<)6?EB5pVd-LR29UE~66UkHH|~?BD8DnBmi~
z<h5T+pWXNI{<QL(&>B;?3=X`xh@3($*F1lIyepG`_1r-(sa~~QQt3BiK}H9jGnU5!
z9w+p0TN#kz28{3`*OVxWxTU#7YO%DCMVL3<)FU3U{nrI*c6DDwZE7_@zRluLM6eu%
z?Y5Ad3=!{g$g#Vsxn-4vZ_tTnY6#?wftOxzSh<(x@U|PytkYH3*^8r$9i)zNxxAJa
z!juzuSXqO6@lt+tsfjs<2-u<jrh4TtvKhwI{~mPj`1>$}s@1Epoq>EwKU*|;NQ;Fv
zQnzxIFhta1v`eu(G~Xw^ft8C!JoI|`Zv_H6<@DZ>dj0I1Nfe8N<MY;Pr5ZXM2)}j-
zi+#n{jk1^&mnkP1ZRA!6I4-I_)7sazU+tUS^n}bfzyQF5Wg+>(hFXYzF{Ebi@#vG=
zy6(PKqo;zzNbn+)kXzIyx!c$mffMPz4IgY|?B6!!N@8zHSsfNd&8!G}bje+6Q<*O<
zR`_kbv{EC=_Q75g^bSoPPtF7x`)|74Im^nF5|IrAH|wxxFz^hW2bFB!_ELB5fOfxt
zr@cwX7{8&QWs9<Ec;91kHqSJy0q!2=37wb6Q=nTI?yMPtg8il+uEKV6l<(q23e)|`
z-r3FuwyYJwg(a~iA{~Ao@P>K?T>@&=`C|;Ud>R}2hrK*vVj`#?h13ZU19k)VM0JMm
z&9BQv_bgXJ9*J*n)I%;-MFC-M@Zyo7CAQIZM}C7HsnLa4{_`7Z&8i2pel8&GST<%C
zOZ2nWD4XT7TQ6fChUpQxz!r<`os6tcBbX;jK?(5?`#(M8pZlBr0O#nGhaE&Z78x@a
zV88ylc0(Z8dfrjjqrL4NJcrP4LzGErt9bGZfkxhVctF|9z&)(V&c4hGlE%8&x+n_x
z-xZB?u!7`B7}pPnt9#Rk5n??f_^PxC;R%YiF$~{v9d>Gc`Gj7PahDHhc@Xb?PG}+b
z|9T~jg(J|K=JVd$t_ue0?oEB)m72*vHITTy%d7kTL$v-NlOpJDM1gvJ-#+GR9MJ!R
z?Cf%UY#|?4vG7g5nwdV+Qh6DFrG2|sf|W_X!mX0QMmi{y^^aY0@!`}XNioy9?}^!!
z<2T9#c#p4te}|@MYXz$@Iy@?<Xk!%7(HNaD%Yka2oi3SJf$a;sh}@0oXcsNFicEb;
z6jN&J5@Hve4xM6O?F09WpTO_e&KX>&mqT0^;B&?Du#ai91wyLD-*<cO*BpvV7MHVX
zTPi-h?w#B@LMei|FkcQ9M;FHYwe&^yQ&(uRXWllWHO!3_wB19s5^<S^3Iq3iz?TqT
zf`V^l-bqYv1y<r+PK24Gh>t@F#6T4wtEDd*f;Y`pP3bZr+sCCDz;VH?`Zci;g2AM-
z9z#oyx;)RLviYav#NLyRdqT$KCcA8Iria@(Yc1bHuN{^qAHqWVqtVqif};}SLF77R
zzRx>v+ZL5oq(I8pBUw-6ruhdhp)ETq7A>F%Ji~X$Q(lD<Fz-nbjTEG$*&?{!jN`hP
zQicVH{TqV=DxJ&OClM=$cW>&QNxZ5q9twppHKADx2Z*s-u${Jcix+<Vc!h%PuN2+V
zD12rBt<@+T5R}8tqYh&g9rf62_Z0W)<K`4_Je4cr)lao4w%S2;HD&fQ;k+9^wpiGg
zWAAY!jRX}N4YloQ;@guwV#i(8vDeeA(vy?k3MWVpNZ=*oEMa5&nbYEXecAJlHg<a_
z=!%Vl_0W94JDrvNnD&w8cf$xuo%(8^8>VrXfl=I+SIQzZTaH+OuWw*|&|Utp-Tx7F
zm0?kBU06|40qKyC?(UZE?(Xhxj&ygoba!`ybV<huNOwrbH+sM8{X4UtnR8a{cdfnF
zyA51iB@NrN?d)JX^eipLA2MpNV+B4a9e##Gv!=S==*kZ}MUY$Uf&81Px1Vw}?~Nl=
z0!r@|&YvZqRlz;=qV+etk}cw&IzOf$f1{~C(2t7}V%?)B&2*c|ch)FGW59KIvB?x#
zc$pw961SPRn59F}4DNs<JQ<dAf?f_FtmkEtJVv}}+q#^smRT_LaDBPkXyD>&1rD<C
zb>>EGszOgX<?%V`!tY8C!)1}H3&@{#0PQql)*4jbjumkC0&z`X0Xd_1acl>E+X7#7
zEQ~^QSK}|`k94RmXwv~@AqPeBzl=lE3Qs<iU`Hs;F@3M@8KqN_cGsGh)>lRP8|-45
zcPVq(+QJlQv_v<lw1rDf-C<9TcC6^Thv4<<xLy}W!J8ZgEFXU~U49S5+XSF5UFtW{
z)bD@iDI6&dPu@Do+*duCzFjK*dF@qN+rFs^l~;A83bR`eaq09br;?FjI8&15?euf=
zYaeKvTG`gIJ@2kF_wEnv^t6a9q@8w}JEKyQOQ5#T7u6MHJlwRgkEAYmf0RgaM{~r@
zW<B|;pYQn$^y3Cl1iZ^$=q@hrbzhWofT#QyC*0{54j18<mP)3+=nY%x;AbcxlLey(
zohYpq^H-^%^TH?Gw8Rjxf`=9QPzi<axt2m@!QNi9el#NgnzS4}hC4cuN8JGVT(7g^
zv_!c4f#*~{5;`^x+Z4$C;X9;ri;lIhje+El+Vm{o*JaY8-A8enQJ9d5nzykKnU1fZ
zwluXSt^T9`Kyv0}MuYi9^fc+9dVj&cYWzsrrdLZ!Z41}ORYx@-n88FpSxhqhf&Hub
z_6#$`$H*Dm>jHBllsu$A19~z<Y?zVA6q+n|r5YVhbnAt&4^7`E<T7gXPm!eEqLun2
zW&rW9D~&WFg~K^P8dQExiH{BwO<{B0^L$4<{{jEO>vqvAlT&$cSjY4%xFPRCxg_R|
zg-?n(H8~9QMa^G}WE-}HI6iitT&WT}gnKV_S6H)zQ=9c5C-IJqGi4VhTjgUAbCqN+
z@~Kv{l6^3IV*Yfg{o!@fL@H1pD$Xmnti_VN`?aa%^FbU65})it0%P}ZcGa5RyX~M*
z)AXj=2wBc*M`|8gT4~O7_Mw0JnP$Yj9{BA1;aDrD1MDk~ICe;q#hltj^Qq7jn$6@y
z(Pkyzj`J$xW*g{jVgEHvDTXZj$aO0%$p*VM)Vi7GB)}2Na(G`0&5)a#M|B`XVV>gz
zW3HTjt{$%?s#GiIGVm4nd>dzOywTI;;k*-dG1TMC{eY7W#qUE0c3fz*^ipmt?R0p&
z5i+&O9GXJOn%{xtd1Vw_wwY-1C4c^6jP@0l=XgEYPzhS`%4tjbwvCRQtc^S#&Ewh_
zm$S@>DPYCsKT6iv)Fg&ooZYe{$lU8COPl?xZ5CE$%4Yp0*Z}0NL9r;FViGRtxK4^7
z@W+fZFOfmdvWY&yy;&k@XUvqe7OR`c8*vyRF`WV|)*J@)N{L6}vsdQ^Sg6;`|Fs-2
z@3~{|k7o^nLyojR6;I^83^g2}-{w@(GRBff5BJVJIp|PWf9q}|#2f!`hmD_Y_c5l^
z@7-f{D8+|AoARB$q~Z_y6Zs0>;vtb2CJ!$Up{<+PXCn|FvnBa!mzU{)hbpCngp33+
z**VPEPEs-FW`5-rN1h>uWj(!1NSBwtZSSv1+)nsB>K^C-u#Y5E&pahhhf)|i$jy*8
zY#^cDYv2Sd=ZD$6=*8A7h?LJFbikto8?@Eot_L<PDWph-?fJDFB5TUjtP|Tf?bf@8
z()TG`o?GzSKl@jN?GHJJzOdF%`uz@RG%wcX$~dTxh<xx|qg~wGT|O%KQ=)T^<(e6R
z5)0?}M}SO*;AkaV02};1!@;N@p+FfFtN<6WrPi57m&JQKGKIy=|KR@PZVSr(_(}io
zm<^I}H4q{5V@8~X^Hh21Ikts*NYW{={zwLE<@hk}#i^K7&L+|6ku<MugI_wsPIkKX
zgb$*NR|qKaEV2q7{q=N&$01Nf4m2ea!a65LLOe}uYpby_L~M(aHSM{suSwf^A2`Og
zw+}baT0u*9c_cS`p>UD^!(h;2%^nA)FJZuzR-+5lkz!oZQ#zBGHCsq1K6%(+t}1h@
zNKOP(sl-<QLjE^JOPeLXEKfc%IWz_%3^Qgh!oZexHK6<gAQhIX=eu`ui;$6`6)O3=
zLZO~?j60ju*9Ov@mA}R4FTR|4M*#)8V@4s{SQ4eZtXAY&jtCCq;c)V8jxUMtWvbm>
zZy}c)#|K3e%*b9tNY+TNhW|lJ!wMy~FQTFuC%r^U9KnQ0rfX>Rm0bCt33MdFcS=;f
zNV|SY`2daN;1=2h=8@Ciej<p{tBj~4lOjWKxG8ohm}OXlRh72e>sKIW!Q)EVtoHD=
z;-09jA3`QItNW!f@j9(SZ3luyGi`+=4xzxJr2x-rXYOu<)l=V_z$^`v%YkbxpBrIq
zaQ<iNKtrRoXR}D_Zqar2<fTn^5|9PlZ`m{6d)?FDdIl-_Cl`7uO(M#^I`39#16Q@Q
zbm2Wagncz|2Z<EOgHV&<8rsd%bIZl4)H2-k%5eY2l@HOT4Tfx*$G^8cZmJ3wj!c-D
zrvkz-`gd>Dtlp(BPT+d1^qugJ4L`vQ?%25)%aawRj?5T%b^_)OA^}faRXXE0aZ9>=
z@1t0IHTHrT4QK44ZDWI`4;Bh>Fj*m|U2TDPYa;zdn|0c0tWbsUZ&k+?#*VQzDzZsm
z$G5@1Bh+Geod;PsP`;jJDXLP}_fmqFnJ5?78c0!yP`A@+w>q#qQBIE8Ai4k<>UE;k
zI)u)RQ5#VRj}KTDX0jl}D|}^c0*!mu-S6$PMWIG45f)fo*G+vq`H3$AuO`eX1jE!u
zc{#jN06XZhLHGzQTtJ2tEn8R3!8neVock<27W+rzTpc#%QC{K2_>E$<0m2H5GMwx0
z^*fD15^{z5OmHZTWWRlSGw|hGY7e^jzhxSLJjIJAoVaa?Fx6tCb=b8)m@yA!Hb`vq
zvjxL&|BP2gDwShRHF-b!(eeaY)C=Ltnhfr)F+EGVY$d&B^<9E@oyl`LdrNO&|5ck^
zs1_Ro$v=MIVqmwG+~dNPRJ-DwZ+VbI{1$&EUo}@WcRn0$W-84!1>9mEXozVAH2s&o
z=v*GT9GSFfgYC}Ex?qhq4}}S-U|7BW#iQxHJ%+{bSP%QQnFHX;HLf_2Hue<J@?ecH
zG{k;{DG5rJH1t9l!u;c&QT7ng_KRN!kfCUnRXTFZ`4dX?hZH^#3xNo9?4_^?)!-w+
zU;iHp0$^?_!&N4;nsj&#aNY3Z78Se(R;HSnv!6h|K0jI;4jiI+`<UM4Tvd}@Qmk9A
zdFTYHfoj3!V-&4f3#sYOwm6>4X};|;3B+Q5#~*5-hPP+g^BsM9Hwco=t_LC;t<;=K
zS3JT(&hQG-C93l9B`XSv(xDIFiQg0451as)1MN4*4|wFaqt6EXQyR@tfJ&>Y0!VXT
z%*!@1Yoe&`;Ysa*g4zY2r)ZsK)_6cVV0JRnlP^(|Kb5aQdRIBEqI9Zq--*um@Mn9O
zda8tnO6p!wXM<+o_L0`&F|jn+vhi@co8|puy{0>^Ea_T`p$@KVW2VmM9@^Llpowwo
zgBeN_%s+|s(Z?2H)*ot%*uBW}F_k3cNhw6?n+UPFsA8<;0uYkr2N0K0o9siq^B?{-
zAo3q-li0mBjX}Sk+)!0RkdZUCg^#7+<{Pg_=Y&;9F|6bH)If>Nj=ER4J_g7{5D`AL
z)g2fmS0bXlv{na-!q>?BzlVpH8~M7PA*1yAq(lrQ^#r8f8vL0hOoHWTUk#w4pw<`P
z$1=txLq(I;B@$r456%5h{55e;S(z32jnZ39h5ypeFm6e>wxzf@aQaE9VJ<H2jVMuK
zWK7NHbbNAi;CwT_WqI?sf45PP&X|>Uybs{}yo}@XWM4aBa%ocC*S6|Kvy%uSBu7sm
z2OozLHDE=p;$26;O#I?3`sNg(2pTt-v-P1*a!Bu-&$7`q_^>D+cm9nD(+I^B_KyS^
zza>q?SsPL;Dl!HqW$y5x<d=OUHZS{7Vis(nCH~!BzQK6`z5dmFS#{Cd-+Ke_hinUG
z>@uM`oreT$fkf4bS#c3E?8-th`tXW%r^aC!rzfXfouB32=?3b^EcY=ZtvI!1P@qb&
z>;|BvW#)tC=#v$gr<b+mO0Vqj??~;~q0z_!Dce;8;!`b#H{ujD$(Qn9T;M`S(C^ZS
z36i?)<?pcMi+<Ig6h0c%1D#sA8jEMKK6JF!ur>y_uYR}3YlN-kKC5zvuZ|wh*4^)O
zR@JsmU{;YzkwPZd9=V67WOX5#8~YOX6d)k|l1N0WAE3<Y{L({;@~=&pO_Z%NrJkir
zlY(Dpb1vdU$ekq*1tpRGge0ua7$O7R5(f`M#boAUOAZ*ieHQ|_>L^(1j_qzXssEz3
zLemr>6n(qF8@+#0ZLZ8o8v}0`<ipwY3XvE8!o0aQV|TlY>mydGkq>(N@Ho^M+qv@9
z#SJ=(L$B6{MRA-!_<+nB%@law&p&Hoy6AQSZ^yQF-t7KBP$cGWq3yjY9EKE#QFgXp
z+-9_E69)kjs0^$PtF%pg1&YoOa4P(6`fzE{@k^))cmf!OpE^U+|I|aMioSkts!AMx
zDaS**-zK`hTJ`q2eMIVLuis0)NK^l&ZDE9-CK$Vi$5wHW26di<A|yl=Ln-DP@QLKm
zX^~DCB{Puy2=w~jf|;NCx69MB^e3(o0KGCjQ03lrCiB(dctFw5%d5Op*cdX<W=27;
zI+fA(_r}2NRi<(YEIzTznet_SLJ4ah?lDteXZD`JmP&vBf;#T5+P9KM6C~7Rgb$3(
zUv%gaR<ljQ7o@mz;5LvOdMENDZZ;trY&OLp{;1Z%J3ZI%PPxD1ae5Tla2TkcKI!at
zW7jv$Euaq3!=cb|3b`u%%(Cwpz{RSD1!Kw4-B+Cn`!9@vb6c!qI!`~A0xNcFBhjVM
ziL6_Jh?OUo!gzC9EoR<FT++w8OjzN`7_+p`NKbVD`ZUhHbdogl%hZv~gb}JUl2tPk
z>JF(x?cNu$$-v$npr0!>o}Pt^G$)uZ*2>B4)h_ORjgQ?_9t9MFf|6{V#zxVvg({)^
zR!!!N=)_M!yHp<yWJQ6`=4l0KxEXYM;nMd{9n88`1~q@Uz?ScFA)=4ik8CzzT_sD>
zO6T&!vDGhgUSSG0P(qg4X_w0E2NP|Hy5P7p{X+%@{AL5g@H|2HscR#d>s?dVWuDQ=
z@K<fsnBnUzE&+3^ZDtW(KCAL%gK6)&N_SPAUhbJM^2<DVZ2~}dEq)!AE!<anZ$t)p
zB(vSmr6Vx^ISPHNPXrYliOH?sKgA77>M)a&zs5u=cta#E6r51{AduK$q27Li1YQCB
zm$km-A%f~!3W>EKu!X5))-!r^+jGdm7#6cGN<F4}(ORyk`}&<LykBp__kB#LeUkGs
zo{z8vJcscOwYi$udro2o1V-HU$(;+krSb<01#d@HS#q7iHy<<$SzY^l!bXm)X)B!r
z#t2t%ng{sq9;&)n*^VCX0D4aQi;3=y@@y6R#)aF>qD<F9XN3D+O3-C(h^yoVieZ6s
zrDf^*F$i~X^=uw`{4G-~S*6#x|J~VIihcKy!)^NhG?SDieFoQk5ez%~n~MA&I|i7)
zi1sh3Joe|_(;ckhKUpO2dbwwPqvl2H;mwKI;CgoQf?Mt<dkY?f2fj8aemFwetd<QS
z^Ac#cO3yXZ5UMVBLS_FZN)lU4ndawGK3&800kW5u;NS2<p5n)y{h@1#ECDPkIE{V8
zk=t|iz-AInx}YVF!?%uoOpSf6I&qr&_smv-pE&x~uE}KZXT6}CBeqVAM$0!InUON-
z80kq+YIiY#U6)#De|PAxM!ueFyXw^QahqZ5*-HOBWbd2XyTZ3cC58Na5-^OO?5<Ed
zJE!5MTLGkrG&e{lC2*w;vI5$5o;p!TZ<&VWMjTY`Tp5I+>c&Y9f^c=zt9ZoL(%IYp
zndEMzkXoxA2qU9b@nGEHDa3?V(GlX5C&~#%01k}!?LZCp18-Cis|Voz`dRTxo!WUi
zjY<jn3F-D;wKS%;bl1qfNJcA@&uW18hQz9)Zo1MtRKqQmUgiClHX_;dnBAi)I0g3R
z0G_vwqXGeUeL9Ga_X8)vbRh5<6P!bC-R-x)C&B%)&iY@Cp|&u85=zk%0KJny5$)bf
z?s7F%(e~=RD7tE|z>=2_QQdkon5LR1gzSjlyKJQKgu&vYIFfnjXNzwpM9$xe!m?QI
zeFpDdH$wlHQ}Vf8fAXp0A)gb#<14R+G=97tIOlX4na^~E?S!jCp7lk_E>qaGkiqRu
zm3B8ln5@z3F98C^ZpPL7^U-TZ*ZGMp6lYSl83?>etM;+Q3;A84G4Bms$okCNCipFt
zH{9pSQ%}sBR4pi>G04al=i}{Hm{`f#YJPqBL#rWgt$s3?iNIH%Rv9FfOt*GPhd5q-
zQ7s=&JLBZ-^MqAWXrH)~oz2^C4&R7<9xxZOXC@j9OrScex%kf&WBOF{SNv4yGIySZ
zNTp%7V)?K9qH$R+@@P^9F28VVXqq#Ct*x5<&J|e2x}YFcsO3sN?YbUk-#X~eur!1C
zR!oUi-XCP!2`J(Fczc`axafMj-LJOlS+tk*@f}6sf46+OdYmTE_3@cjJ-es{%78WR
zwGQsbt36;hA9S;@o5O+O64`Zub~iGbVC)KUikO@%SRG5gn^nkRi9!TEj|EecIwXBb
z7OsvrMG$tWH_JItm=hE2r6G)K6hp?nW)@JXEgAJ|`n>pt%l$uCgwIWe*tIkqZ$S`^
zufplZ=)*mN2xdeEXtFmc9y(8TUfi8RGn>|4TFMsA`<f7CClN1uxa)tl0jr*Ete4J;
z4tjl!i5cm!c#G+as{hbD=ye5p8)HSl;6^x2j`xK_;p?_#XU&y`ODbL7pN)R9^*l*i
zAfvKOFAqGAdCS@Yo(uW)Bdjz^1$7QCUcX=<CRaPK6hJO3+;XnaO=REhCdK&I!_8zk
zdYM{6(xquj&}+%b@;=Is4Bwu=WXn%HhM6YBJ2J&35V6)!f%PssMTmWSir`_%tFL+?
z&c{7Kp4@C1YB!7%c68vvLQ-KdT`kX-&|w?%Q!NK?!CC%CXY6NtuGgAq|CbCPobyGJ
zyUee7sWb*G8c7umR7Ri2&6b-C?ko27%xF{Y>0pkTvVgf<mDScVS~$w``+ipJto@7|
zbrF-6e!OaAzO4(UMMD(fKZH9fP}Jb0yXd{z+wwjPSX`efU8IRtJhU{KpbRe>1!v`h
z;=ma{W?>>qEHW&$V8s9UFNnAH&j!XhAC=y@6W1vK*_T_L2HzqN96#v$BlScSYb*9p
z4>fVs)4*OH#TY8puwx+-MxS<h+ytMroLou1oIKw?v2}4}_+x81P=&GWUqdB-kw&p1
z7Op%>quJL3Zd`9#UkWd6WEXc>@wMOX!k-PaG@{IM9RvQ7Z@x)zOS)Fu(Jj4U{Mz5I
z5Y6%q@deaX6u6pc$UP1+d1+@>|FGKf^r?m%xyjYW$Z_RIo$BaO;>ryAqWHC8%gUq&
zn6EhkrMKFURR*pEt6vh2t7-<BIIoM@y}R}?Vu91}Vo@jy@!Elpzh=sD^aA~C>{A|-
zpp}f<G(6z5H&sm)nuWK8@&-Jn0IT=~&np)^V;mO`hlDHoY3T-{B&w;MM9|$GFB?-&
z@zvjqU+R4p#phKkII)HpHimL$$e)k5x@19JGVfm~$e<RP<IXiqrQWBfi2P%!%CFN!
z-dbTJ!Op^13ax$T;Wy-0=!FZl$N}I2xQ4BHX57R-gO~j0F1b9jA<aw7abTOsRZSCN
z^zo9x4!!|%)UN-MoeYm0IQubM6nc5$M~|gi+yIw=s=39p`~2AjS<V!@F92J-STZ9f
z#(MAi-Do%C>Kh)f3Z1!$yv%w}#qQRp46YOtf9b1-KS%)>g{t<^?Y{SpojOHK3^pJ2
z$S0nqavx4GdBZPH;Xyd4flsKDss>*0uWyj+y^-yrvzb3F()ecRpLqY2fsY7%XVa+8
zCf2z{1d}9d`e-o-vn(X?4{Z|o6Zv;)A~eX176Y)h^fWPM;!NMKZDRUMMb$PNZ2;6=
z_}3yIsPmxyVpF7_!^H#Rj0a#-Br+?A;M^VJncXhNoDm!exGem+i}>(h>ry8KqeD97
zh-zaL@tFg67Y!!^iL@RO8Ar`>pkBdlp2t_aLBXJw4z)jp+Im{4G+9fx|2@U^rOG9b
zI%1y$(xAYB?jwh~S1cSbtdHwDXg&EgM*3>?k3=L1-WPsQGp9k8I1E}S&2x^{n3EJ@
zr;4>A7krY-YC^4*3+tzNtD^Cj!t8aRn}nr(-3%vq-w7;N(%5~x_0q-<b>X2D!#|(I
zv8OGNN+Gsa4?V2SSh=gyhP8j{Vi$e)$})$^MrsiF1QL4pkEHx@Xzf4gt<{L_MRCpS
zhqM|L?~_m43yjNY*J00fP@1oWWxbhGd0Wo)pQ!jx_M-;ITerZX^7kq@Vc#0+GlI_{
z@OBu)j^6WXk0P#a^8D4NKhFDT%2Zgqx|Uw?P=e6={Pa_HaU3Fo4&W96=7$@(3zb=l
zt~Y5<QP=NM-6QikrY&XLj>;;n*Z8O@TdqP{okx^zC>PnXRQ>IDq83lO*Epc{KQxau
zv5q|ffUP7^`uo>`E&TJn+{U%T5p(G3E3dOhGdkNbr9rM+b>SKstK%7SIvJh~eHs%R
zANL<ybB5;&+?pxLBPS7n>H}^=A>%PH7w5#EK`|GXFUq?JVdDs}a~yNgRn$<~nW&J2
z-b^7BSExDeqVmG(({`WbUzbh%*MRSGrnI|hGUr|z*uJD+aKOC_9uV#`+lfN_q_&oM
zo`?0u48@u4&%TB52^RdJAWyKt3VomzCJ{_B&@PyN1QUl#8gj0JPNL}ds~a0`Uhc1M
zFJBY$z&Et33uamnSiUlLBI5i44$q}$BN;qCc;mjHQvT_)IHaZiTFq4HXnG7h`gjD`
zm!V?}&$C04^_x}G-IV;?nXz(}G>%_(a6Hx0#j<6LF7jLYp60b2iL}mU`as`Xozx5>
zRvH$j7UrG^O47>oAv0R|=f?w6s{VKOkQ9=dS(zD%&&OV%3hmzI1S<W;?_VuJ90Q{=
z!E*7{&huMes~0(3Q|JSY!W5Krf8IY#7%SPfuMa4!3i~x?eL?7MuAnvxH%Q;I*;Ske
z3_kLweUp3f59!*%FsQl1Ob4V%u=?nD62D0+{Sy#462WtnilP35io;-LDiir@WA#fs
z{po8#nks#+C?=uhN{WI~&D8<dD-!A)=)X=|(jPxHnoe>B#*2Q8m**u$1p&NUL(&|E
zs+wRbf8tcM9@zCY1nwAZVMJ7$3p@<eH*b*9drh?fp}{Y!LNMUq3}*Iw<Df|JsKkWa
z!F(VXoRtMAL?gbi+6cE3?d5^Tpi&da`FQxep96Gw7wE<>`-)y?d$UtICR9IblU|*c
zt0YbZM14!)EFt!SVI?^rpO-hAec$qS^Zn~X&|h2mLcsmh)~^1N1&*r(DhD7Yz-Lu@
zN?BP=Kb^UkCtiJaz_P{jI=q8SQ;(-y&VtDcV$4X?t9Tl#lvuq+%iLcMMR;jK28$#0
zSV}(S4MdU1d#nibRS~kemR6mN9z7P9ds5wR--+4e_5J@GKRB*^`p&A%kfy(jT5>&n
zCi_y(>mo=J;X0XV0eIi=^E3i!Yg1i3JT9lp3^Z>Quszrc9A_d}@~YkL-ouvF84F|{
z&!m4P7<x_UToOacY~2von855MX8)mxMlJKd5x@HFlDh5jgClSpsBcin%sk&R{w(+o
zD%JMG)<|LFccystXso9zbr(z5$`bmIy=ekgcetLhLKj$lz!+063C1dFdb=clC8(O-
z%MEuu=!QD^%zYGObDSKp1Sd|a3>Ra$xN!+YGvQG)$?#=MMl^-CWBvi~Saj#dWd;p9
z`!&F=IrWDFrbT6A0TOD9Bv|=6$uYkmCAbi$dVyLMx3PjxW~%V1sGDO@;c5S=V+r7v
zuWMKTo&na!l1f<GEFXfh*ZWk0)i3D|Q!QVtIFSvni$_(eowA#1P!cL0$IQ+bsmn*1
zjIr<$$y258C9PZBt>RuQ4o}j?vmbUl>_m9F`Z}}5GW;X{L*mZNsJe)ayNtJvT9CY5
zTvbrVWF}?&hY5oCc)Yyr5LdvPvSMQa;p4dauUTvgbZ`#>RnU^9p)gc|B|gAwzWM;=
z?|(Do&wN>78tdh`G7T}Jd{oNc_wlo5`zBfk%VUVt+MmwGpQ8K72)T~yN@M%7zX!?o
z+i(n^8|_kl%we4s)_(1pY3bX7f}$xorcBZZQF9n2ctYyB02I)es4-`q2W(`lIH1(9
z|EVBfpi-kJSF34}_HRmydMK;%5Mmy(7Ze~<loIz=AY7JJc5CC(>5=Q#u>XZ49|FnH
zli9)t6ls1U4M^0u4Mqniw)!WIxo?r_z_658CaY4~4!=&!-{}s=v@{d0KrOGP;?`W4
z1nN(f6VzSw-C;lP_lV;v8MGB=WDh{r7G4rgWRACd7$M!Fp*Xkfkn!LU^_;HX-cj)L
zfPuO{xQ%XetZyhbjlUD3t-&vMmF?n4&aIbrI{Bwj#;1BhyO+~7b*5#Z!$MLguagjx
zP<f3=xe?-5KAH3ag9>YR4|cgDbPn(@Q~UL$)5(QNrYAVbxz;RklzqAN%lwkl_MuqD
zu$p-uOO=GBIPAa)LQ*0vT3(t$O=R$D+dJ<D1RPpJ27-xf>%37`lkci!LACGtd{DNz
z{>TyG;bZL=GS(hG-UxB=qvi4w9i8c-T>`=3n9iSDyNFeY*}TB}vexXN<D4>=NImgR
zDe((+RkZS-X5=A3AqTK=T1mwi$cl56xcRRiHmZs7|E9;c-{OCQ!`)p8`o*nT0Wsg!
zkm<w5ZfmIiMx6L=1nxLy$E4c+m5q8%b<E6n(b|<QIeyd|4k}o?bcqOqrw%%NUa#Bp
z;gt**AfJ?yw=8CR=0;pF3ayS{y<R<f&0&J(#R{gG`YT!I7q+e%guV#YNKWOZryB{i
zGQvuOE~dSuqHAji%m>?9Q@>037p{xmUGy;O5t8T4_WWO{d-o4RyG6ip+QKPIB=}+#
zf8l+sQ>CC20~C4AKieR(>*k8Bj_IJbdIS)NGUGav$mv8*fgLAGpg<XDGz>fA@Asn<
zL-3@S{axRT>wmycU-q8XHmS2n15C-)_j=LY9>sJk5&1Sk=GB1VyC73z-QFKD2_~?b
z%MPV=MlvN5Kys30bv>^)L-J;$H1V&0&WIkHq*8oHUwteq*^%{c1|+-%1c`4p#2e_&
zFKATpZh8z}IO^N8EEY}iU6z)bM`bu8g1lXrZR%HwX=Sjg7ys%YO+JWx!r*12%Qi2<
z=-q;xh>WX2LhNj)+?6dO?R&#@>3ir7`rE0@xgWZKy7pK9yOC*!shhRK2U){o51r5y
zo7V=FLiNBV0@PUy<S<Bq@H;t}kS@&?&Ra8iNl4+|be-)c`e1efWsob{#XN9RCACvo
z_DJCNvCqG8jQsQCc>9{uEZyu$U>#&rZMHh<I7f+OeogaXq3Ze;mJ{C2!B~VoqEX>s
z5zL(y8`ly$xBlDHGCuvE?IXj@_EtZ4Lf@Q#Td{#d(x{S+ZC=n@nthHhgq(G`3d*`S
zFpjzV>eF}>9h{#dtt6FeMU<7V68czha!fIQUt06~z~<}jOx~_0<kc{`!~7h_TF9)!
z#ZdBtmyhWQy1GsK3<?sxou8)&EtA5Uj8^EouDGiLUpTl!M_Po4qd_`b`p^9Qzb|~5
z0+8{(e)Zw`LMT~TI?z5-MiYo88qmm7`jC}V`?Gng!{myVGT8xM6q>wPH~61hM(96N
z*?w6s)s=0u(|)X%8OoZ5Wn+@z&@Zp_PGhKe=2ji*R7;2C(n@wdc8y2S2_|TqXh}t#
zbpF2OP<HF=_0*TFo9zlhUqTRQ5jq1_c6nzV(Bs~EBX;c)hA181j0SRk^{nSAEqo|`
zHj;R0uH=090{<c~@GLjnXYx|}F&ccDw1U8UGW^2~)qI17OBDs#5F++zAy&rS)9n+!
zKdWzsZvqm#wLZp|Km2Jr>x@+o?gLMCX&5J;56%}FJ5AJiv>mK8#BSeUuL5?;Y>=DV
zG4B&#f&%*QyTU3_jYpk+;3w9!1m(>_>>>XDY884KJzI_DIs6!_4O(`|5LxKM$JbbV
zSz3_{b#uCC32jnryBf#qaz-;o81>M^mqdQ9eViSXRvH3%(=Y~|fq^B=Giq8NcBnQ=
z{Z=rmHv@q$OfOGoUv>awG+%HE6%0-J9junm{9k=Q{FW3jQi#0#3<zT6`-xdP%bf&b
z24P6kNStxX!}1Hi0*Pyr1B9vAn}hOjUQzDr|HI&I_v)PehYE>zZD4!D3MYy8M07A*
z!zY#j!p81^Wkaz|isfUC3G0`|I-z)4r@MmctHn|&9KZ{>-QQgR7p1zKb|Xvgx>kN_
z*9C0zv(6ja)Vs-0nT<~3zHWm<(hn=Ic2B-z@W41tnkf3Q$B{^Nq{Y#zqGRW-RdTob
z(*Qhg9(t+u6_1x3_tQNuZ1v_qirAKo!<WFGN(2OHxkL2xgmmtPRcuRBEc(f4OAFJ3
z(*&+@VkUb4FKldxJrr_HO8)^c4|>&s&XGq&q_)=U`1<BIBxHh2;q>t{U=r@VlDiZD
zeIWfX8~ch7M^$WJ6@kTCTb0JzNH7m8S*ve46@r=P|GtqzQOu^eYT+T)7{jJm&cyTc
z(Jcbv<vd<T)~W3@B6ct%HKn11g{hx)jSPStZH~$?G+nYci|hWrvqm35A{~XpBaG^W
zE`S{bQxwCGXN9X1#BVJOw^k_*s4r^8)pt|(z`Wplo-S{(#}$}Aqd`N3*dG0O^6ND~
z8kUSjDL_q?*M=N3nEpy$I#Wcr`sM^LH4}ae&{be&!j|6U$(KAxeVWpxq}qgyB?a)7
za+WN2A?mPMc?O)L?V^vMxJM*%EqQuJia-tCPo^NC=^4|d7-P3*KKfGj@U|14TB?fv
zLyje0rla7y!@VqxQN$o^E96Ge(P(cj-e1#;Q+_Vu^c@g+JR&S2@S*RMQ7vfq=dZ%%
zsH_~t7YbCZT3VLG+I(&$ADq07mx0q6vdEbbN`~uXmj#PNhvb!E_jGe&t;|D)#;WM5
zWfesckh#QmEtFbHz;LhklH<V2K&d;<Y+wBeI#secB$0=Cq&uwd&W+M3eQaJ;?}brf
zR5t<!fs@M-Oo_6Q$G1g`mFVxzJ?igw-|9Q`v9|R@Uh>3!JlmrTt#tOG$_6@1$@0b|
zo~|F~EfYi6cklEp0)1(Ra6%h({AamvsJjrY%XkJWj4iD@%qF1~spyvtl?=bfd^_`s
z-MO=ou2AdfWu0`@wirlCPcMR&<RhYjvNo?H%a}R2+dn_P^BU88$c0^4ToAgWo|_T^
zoln+KZWgoQ%<JyH1VyPOf$Kl2F6c9>b9YLKYCD<H19+W}hb_S)1HQrR>^9E=>}A_M
zeI^Y0TY2EYcBB(^Y7FDpv$iE)*G~EYqgh!~Z%B`5C6qrJ%RGZGAuS^a2Nmw}C26+0
zF6Md=CdBIuv)K<i*c;X~>rtcc-uRjhh%cz`df4Z(qa5e!cftZ9o)H!i*vMEiobwr1
z6?dd%s*5}MRikW6c9-FfNFMUVH=eN{jq<wVYD%&WVRSwD9a|1OLqk?mSC`Z$l@52h
zj%n{Dy;2Y#j4Nv>D$+EHxhr&B+K}3Oo)Ysa`p2VM2sK?Xi}LVWqn|3ZHu+16!-WIl
zyj-ozZ@5GSzl8xKwO@KsSxRP52Hwc&ayw**y=>;%TtJmY(xr4~CTtMb{KA|qAZST`
zD`mNKF>9QgbrL(_C#ov$bUeC&w@;m1P(peN;(J==b$*fuB(Gkc=lMFan9#Fz2VDmr
zbYSW420jZBKd6P-Qun)JzB|7gBCba81*z|9c;%L&JxKsxhUqYm8A=%}#EjaJk&hGY
zEH6e6&>B0CD<wUa92_NtDzdwHT>$P6Lp*~u-v$_>mdC>H^L(i`n}xY=7RM|%H6r5d
z6)(&C8#2v9+Z689lv!N{Qo~SWtPO)mI*&FE%{x6+T$0t-FoIu1m`kwAD<|yG(Gn*S
zZ8_gy>zDxdTtZL{(Qu<zAR~)@a{MGO(~wV)69v7fInsr?x~?E1WtiyNxIK*p55dx@
zyHlYwy$8nfOwj$wIJV8Nna<9R$GvrtoBPKOAk~W`m7=&4Ynxhi#>cOw6{NO8$G&iV
z8Qq!K&u^PK`Vfk(RbLli&iDWKt#?X_N&>F8Rx_^aTmq#h9Qx?ROj|Z~u5uo#H?jj@
z)VtlzBxlpe?c(4M*%d81)VxMIo)n-N1aKnWV{BWiU?keKhrE|#Ls_4`!KtaoAln`l
z-qz9)byC}fKsAvzO$aYKU~i3MY(?>eLvyyWEj8=#YQ*Tn>a0vCP@T_~e4x$PMh9lA
zI3;&!_ZjRG5`|PbM;l}%O*w9Rbcc*LqkEKql*8#CTcgoMWF^A&pe_Jy?MkOYzvJ%O
zlCNB@%LkWx|5kRnD9_o;>*=}S$?$P&cI)O6xNnm0tL|*<V{CZnyPt2W>a#Ue;@08A
z(>Qz>(zoB37T)D68xnL|B_ZTK0aD_5OpG23MH)|oLKEGJ;=xUkQBgk3kM&~Fhd-q7
zLas6AFj<Hhxhs=~!IByVOUfGWW<)9ro-O%T-&ku&tAM$U%%o%w#e1^aN#AVBGMkff
zf{WT<Sx!mu{w#F++Q+0C-!3(rv~i?;-!O<W!k0-{A@X#!?kv^Oj7k~+`lAOSDk$Bn
z6IUoVt9~ckd^cDzid9YD|FTW;013yKWV&Gju?SCG$UPzPd!AW&1Cz=!?2rW4GX);E
z#1vkIV-2o6oZmG$`!AT>|3}>D+yXofwj#U=?Vj%?X3-ADBhx|YA3G}7$Yah~4acH2
zW_{yMD7Q6?x5||OBGe`SzCxCaH?*ch4K<}8VWF0m_lywBp?Em6I_x2Fk|nY}nUWaw
zQlf0A{3~_CHCB~kW+|5Yi8gza_RnXy?MO1s_BImD>JRl=VNYA<#|!wumm`N(snPzg
z2c75d5a*K}`S%ts84q<qcwM}mJl9qDAf5Z?t)}bq{jDMZ^gMK_X!|5wUiZ8lk8)ji
zpO)}OOS~3#5=mlcinBr7>~8Ih@0cN~qB~U9hg*bvTKL0upg43$yw#^aPRst8W_YlL
zW7y;vZkeLn<77K%V=BsyXKAOm;I_6Uhlhnl%fi|5RFtVj<0?dnBY}-(&PXOZ0(|>M
zW)>b_KcM84(p;mTG5UojT}&2u**>oTZVOJcfJ5Eql;|Tm3028qyBY(3GBOdRx$i-b
zvo$;mNM7VdxIK;pwG;=A3COrRgBgeeSb`sYLO-gwxDMm^<&_h+&L^+uT?WUzp0xRO
z^L(f(N#XY-U-lr@CYzD{v-~F+ylfSZOJCNF8*m1Fvwu%k2G0em_3z}mmY;&Ok^Q~u
z?KEB<c3zNB(8KqO_>A<+`1#5+eZg!HP2bnGouKz&(!Pn|M5iqbN6F9o*3CZ`;Q84x
zB5^xHqsw+EbhVnJ95Wek?kGI(Dxsg`4hW?pP~GVU)dTMsQ^NVfh;P0%7X32AY?mwm
zP$98)H^Bp?>{}al&&a!zRyEJ9UG0+3@Bf(I^F>e=3C7SgsH;&n>7H#K44^fKo*x!=
z`6l?KPI&+qJLKrPxPFvym85yhbfdedEyR`c^*ZE=M3Q3}dt^kR|L-m*N|KxQHZq&)
zZN03%rz6B!4U;9pIr1CmfD18Fx@%qB@c>7|z6tHYmv3Rs>-o=to#i*2-s?x?HpKz8
zWM5iVR8Qn#oEg=0<{{NteHWfP+<(#t!>OxjeQ#85u#XIIU=laymdFy25;V1b7Zo4O
z`sl>k+}B2o*dwoktbK@Zn#%p1w?X&iHhTRaOE=it{bmMH)AsOe3%HGbmJYIv+FOqC
zfF?uXpc)q9PiQujDx7OLQ6t{}u2C_ISFV_i<Nw3#AyZV9!O@Np>ED;Cl$Rt0lQ)xU
zfM2TMV#FvH91~=IY`$eh63wY07a=ayEzi2L39Whj3YVFB!xCM<QREkI&+28H5wW#O
zf(0E_8Mg;$m_l$xk_(NmB|2fQ@b!C7K__iFLyz(`SI%V#EWj-{pUSM6S97Y(|8T<m
zHyG_yCLw@>5dt_E-Go}H77kcpzD0wq`H)$xXNZ-3$f?-9tR(JX8FMDVEs7Hg2a`kP
z7eoYZa4v+C8{?-8(jvdi%v;pu^6XzC05r3H+#_$%E)o0=zzZIMo+iQ6idQ<IEZv~Q
z{s$E#_T4`9;k)X*9z@(XlNV8WtEaezR8jZy*ecV(<eZKCo?jh#aWXDn|7)&fGY-5N
z>5jbfmDSd0_Qn%KN$C%>E1Dz1jYPEs0@IqB%&s_%pFH3zHcnBHz8V9H!%*}mQs0XU
zEz2!5xtPv+sbOihsq5C#%83n?T;#<O`)-9`2jvnT)e{m_USw2ULgU?1TL@~egi1c$
z@@%U}-y51z9<uvbaR#SI2u}==D*6S)ZH(=5wF{65OU)P2`@I!*st&VA0+F40%WF<Y
zH=IZ9l8rLPDD985aJB%&-+8zj>_s1b9m`fl4<Wv|J<N9a@FU`9Pu|??RvoK}=4^v7
z*_Dm@=zRJ<ZqZT@{gG2AgF$;#|2~$all$bg9n6a2jJo)dOA;s(hw54edekvq(UX(Y
z8$Y1_W^f<t!~gMxn=K7bUkeA1;W6Aw`%U6L)*+iNP!_^I=q%OctXjVFXm>F`dbVtj
zWL3pVByZWTZ%JNyAWFOSrodL!wBhuE2S0)cAvOI-+J_CBdoLTuQ*AQn+TXb{ion8u
zY2wH02JDw~5&j3P48EF;;GQGJ(>S)*zmZY}AYKjhV8Q=>*a?@snw1Ra3v1xWJ3$S4
z65!I%ad^M>6;}tFK)ZSnyz2i?TYp7YnKb=lJ!85W3=W=+!QkMf*2i&Acf$F;p2Gxg
zlQ2v`L>Uv!!U%Jyh|VMTBrr|3NHNA4cP~TL`b!Y<q}2VkqPo;Q{JaJ@9Jvm^`SLp~
zI$TtF-}Agi8M5ue*9F~UFah=wjhddg-Sw*83wX*t?!E75rnk>zhpwIMWPG=OdGj5~
zzX4fn(bhyg5xA@t^ErJg>>ZGQ{wq=fnh{V3#|ZFSq*ICV&mV1U`hU_kkXpyl2@ccZ
z25M=9_)%vOCDCjqNNr<>T2vj>OIh^@i1r_O<R*n-i~`8O@D2^}HjQf7OiGRU?7hWx
zF7P6JlPjXNJ^;0JRy%5&!!tI@OBN;SRpu^FUW*>2ojp!-4I$c2*bn91Qit=5V@@!H
zACVj0-^Y0GGXfD>ia&ZW#K=v(Nub?dQOsGh`Dq~}T4no7ko5Bvy|7YF^S(w@HMgBh
zpPu{YLm<2^v1dvEKBZL9qZd<Tg7F5s4-5CB$!gHTqBbMv4|1x|O7F-DuQbodr^)&I
zY>;rgDbuR#H`IB<l}?|>^{$L8-Ofl7^zvsXk0ZPxIg9(mz*(`RJ%{3~1<0WvcC|sO
z$)<N?4`#SgzSe<_hS^ctpq9PgYd-zSWPq4&ZpP;3#3$qC#FnbJ)g(4xP4B7B2UX&~
zI9D5T7Z$v0CGqa-ki3V&(FS9Y%H6Cdh0ZSSY$`-<K6Q}py=`>WF3Y6>!_&joO4UWT
z>207o-6qC$Cke~Mg`H|Gca*&YC+YdLLx<1eBEHv(1xiyB_l=uaJ3WltJ8le9!2NUm
zQ1M_fLF`6$JvHLZ4s~<`mDeJ2VY@zNJ)kjpawbIcdM;K1e=IOX<@s0DuOYesj7`nR
zO3w=W9%dT%czx&lv-Aggx?WmzX&Ia`mUsBi&n0dtIqw~_EH`P(D(r0FOvS9KH-i#q
zv>A#2$kSQ%=39*19BlTwP7v_25*alZ2a5vTf&9hU!)qU~?eZy@CDF>D-Kfl$j7U^?
z%){5PpK4R&O0H1|V@Z;T)lM+y3z#MOM}FW;P*9^az|*m{e;KW@BEC{8dC|_X4%`LY
z%+B^Wb)Q1b=I(%3Qu@HpI4<#_uTcw!$A}M@9(mOD`Uaa(G77|hq+@lB;=$GYCWtnK
zpZ+d9T%51ofnn*~Nd2d9<z2)zWpZ$5Zf*7=k?zS-(fZ}q`NXE4u-jry&AQS}w^<$`
z6;vr+VW*a+%tBqTaL&ategu@p?gP}Uz7Mg3eA2N}!V*NyQ=$sgzRk|f)PXp5S6sLH
z4&gGAx%{-HrW!C(9diCL&Od7$Z&49L(Dj~?3SM8i-<O943tPu6^hm3|_$!{<#+4k7
zEfTd29Pve@X*37TfuvL@&Bf?gq?OQ0$Ttj8>rwvVqii7<{K}6~r4r35bVCE7j30NN
zf);kPk&XW`V(WD#c@wNg5{VxXFWpVV9u{5Ft#=Cm{+4BekNf6NOji<)o$sWgle|tz
zjv>Lxrl<Jjefw^;y?yjI$aK8KJl^-G;8p)_fjU_l4iTP?4r5@ccW_rpMJ?Gm8rDeP
zh%4h6sJrlo!5^F!5Vw%K+20{3NGlUfmyE&o3Hvpi)26)mj6A4tQ0DHY!96lQ1MAe$
zyb?9O*ER}-t+o$!I_GCi*$+*|ePN@0d}xZ>gZ{G*@tp@D#*T1+{9GSWByo|V@Y&}`
zF(zYp_4y%;(^U5NSG0{8;RC~Lnm)LPwAZx5Y=5?h)<sWJ(CX;GCh<pClHo$<txvqd
zHQS3lJr}aRmbkgBHGcly7r_9U#7|G?<=?CReKoD}B%`hM45K<1NNb%6=mT3!gky^Z
zXo8Pqt+Pv@)eYr65>v8I9nm9#+_D{)7Gn%aUZXC+pn}~5N`_W&Nq}3<?nGooLDhUI
z6xN)tnko4WvVRwPq-#GLGYDhUn5I&O;+gjxN1n%vvo;R6`?+giRNvNT&i|3RzGrQX
zga;<-cfRTBI;q3sNOA^((lzxyeW<y;c_7x$i2qsnlej^LzWsQu|DaDktVVE1qP@o3
z!1H3rz|0T_^Z39{2Kg^Ok{K0uu$>SG<D+0{d34ns!U~X9g{q&Cf`Y%E#-4OT7i$(E
z5E{kib*yfu<h)@(8&=RVQP2EKB=YBOmv`<O%mkSR0JmB*t9=pj<4?r~|Knvy=dYKG
zWgkAz$fDh*9_8lg>P}~J^Q$^+n(a3#wZ4Olr8X(INv@m&NuVeRE2pc9ny6B%4dI7Z
z8SsBGHR4pQ?`nFT?|datZ7u3<%sLg6UglA15KZ_FB?AM;&NoLzaEH=7r8p|3JDfgw
zpw#@a&I%tlD1n)EK{!Slk{_w6r)rO45@RmMm`K(Ag;=UMSC4W&R65k>_Ms@7F74CU
zK*zU`*-=XgNShYknfWjFjB}kINablNh0hjitzXk}+FX|?M{~mhNiP$P$w*Q`N>(l-
zN!stdbWa}~&X0#pta8hPKgy>5T$RBzeYCn&wpGJkC)tAjqZ?4?g}IG6`vAi*uU=P^
z?EOpAa^EFl>q*`tW5S`XI0^RZV@`Nf<(&KTV*31X#qCd=;BDPgXM0dqD+2Y49p!%r
zRu_;Yaj=yk`3+$g0AosUqPVh=Ulz&~|BjC&&p>!}d(X0{qvB)W?!cl_uZOz|vXpu_
zIiI<6yt$2vbd?Ftk(epFSE_z$DWOqt50YQ5`xSYf)%N1gQL6(Q(yAKv`*=%}OK<n{
zj>0!&6o@gJ`}+t7W}{jUwb9ugb1m^uz)`p=m|M7LJU^EW!Zr*I&*c?in!k*J@)G(c
z+a`=-%G|`Hc<pT_b30=p6z1&k0@@r+a@XOu=LR0G&1##G#UFtGpwpbw2Ty|4-oXth
z<6;H@^n>*pMOBksviv4=eQleW;2mDIXq}J>*3e}EA8~@Bewp{ETtCsN8rbwlQLn+}
zEb8WE-#}^?w(G_GzxmRD2(yytch)lK8^Hj`HWt3`6NvDTtw{A7#<*D#b{8e2?_<mb
z10w<Nj7kjt&ShzxR!^IXf_`RF-QdBp6@*L8o0wxuIsNqk#`}$zyM?3V7uCQdZt8VG
z4Q^keq;HDy>`ZF>fQ`swcPbm%!8=)Bh6~wgC2OU|q7*inT&94<Pugyq?prJ!RmPt0
zQlSYDAbEyDq2EDX_hpx0lpHZpAhh<6%KcpZ#?7N+%-V<{g7Ztn`-!lA^D&0E*eQyk
zRDOP3bGkk7gqNj2)h{t3Ed)hf%3wKp@L8!`qyDR*j@D>NJ>X_<ow9jIM|(=E9`rkI
zsdhHc^FCE#EL8C!>{8xTfwEspqON!HBX3MFM(Cv5Ym-94a`!m7P6Wzq<GU|{p{+?|
zT<c{jGOzf5HVnO4+nniJ3j7zIwb#}k37qa6_5Rt@;X3p&uc$14?MU3PZj}oet+SK6
z1K*P$OTcaAlkGB@oN}~^BolW*mL=Y$FNmkqcC-ukH-@Oz>`&{v#C8bDu8If?%SE7V
z;;5&?ExxSsp;Hx4?#`>KD#N;(nl~p8v(eiag*g2Zw8>^3NScN;2BY|8NJEA!n>EV!
zixl3}!ctr?8KaQ@W-9(u4lV6Kx?{`lR7Kj;82oSJ$t%;rvbsL{jZ^hA=P^$XI?xY<
z$WBN->X{941c`_*>qK4pHW5zykT&8)7bkHtkbm$sMl(TX*vTfPD$FQ1B`1DQpS%3J
zgiZoEMV6X>9iN(yt5rqKSQN{3H=d>*e*7zHC_5e0|63V=<)}Rxeql2a4tBxD79V4s
z@Au=us<)`W*voH=ytBx8^n}Pt;S;tV>e`c@1U@)IQ&{?}xG-9p&(;dKzQ$jVKRVt(
zErbW9+QYkwYy0Jufol&et4z-OS?}Iv^#80NVYt)&4nHbNwT}?By)r#55riMXa_yG{
zD^ow)EiMK8t15PQn$Y1kj!<(jlFk@R6qh<=yV<lu{=7*%AFXHnJ&W4V1TQnqSr|Q$
zj#*gp`<k85hw*ypmf~;*_7sW%3RvO&f`OiHudj!srO<PB;j*Bv>_8&<Bu6A+9+2nA
zi+rMVL>@AQwl(fMUcc#9e4U8nO(8h$*MMx6#8<LUmyKHLIYt&?Zs!5Q^}dI0`uVmn
zYi`RGP@!FM8V4IVsqkI<@RXC<4n}{##IH%VpWmc(RD~^@KwX+eLyj1M;azF6)LC78
zfcNu|;S2bjII_;9J+VBs+7+VfM#J*GTfG;X%TQm~y2G))=cm@LnRRT_@z3?Z|G{TP
zLpj#zPI+nrmDQ|g<yaaRPPCS1j3k8T?T<0p`;X2z<L}^zf^N3-FR!oWySVo`$SB1m
z@|Q~jzvhfjhB7D~OD7uG4k?o8owrCbXhLdAiz50G$+-CsbEKQTlKB}XAXXy=fo7j6
zxl5G}a;sz?p`WNPa(o9Yk8f}%(p;;#I=T)k`u-^$jjs{O8ZYN}Uav9o7_X3`krlX6
ziBk+UH+1lZmXn7KRo*;TuRHaA!(M5O($;Jv&bMszWT$}qxBQ1#NK)X&MpjU+t)C9v
z#)xJ7v_mPht3ALn;omSY&xFkH2Am=)Dc#^ulUoh}p?WB$oEY)YEf^cTr#Mrn2@p{B
z=laY1>EZI1A7tQV?%P}u6rB8&5iQjqIT_Q|NO`LYplA?3X70z>y${TYJ2dtmFy0_>
z3gDSn%tqi4oSqbAesQp}l?f|)Vv;FeI#UGw$Ucozdn2m;I}=?`QM<H!`PCK{$;azj
zh2I4{T56vHcZXdC57{qiFOLh+Rnho7bWZV~V2{ppeY_v86R(HZ9S1dsGsH7k-+O=>
z5xfmFeeBN4f1<k24<AMcD|#JqW0aHI@4WvPcRZ_&W}MqhWc)5R0ba&CV?pVPR3n?)
zcl*Z#o<2VADY$DbMzQK?W;D$@K)+sb6bcppJB^r*#;A;i<YZ^Eh#fzSp1V;v$&Bot
zR5r~l@D+6}l28bL3SvGxc$r@4ho3uaW@=vU-DnR*+Hf+8w<?GazB!6oa#vSBZdGGi
z1t&*1??r(x&z2s%gj?SJA%y!E+(ji7Z>?n%|E?p`?v4lnnec3&J%>tl;)7XSRi8Gs
z>#r#WqAxfcGs4PwA65OG)|%|uaHPTW%XX(v(ZW#q()t&5H&QrQv~=xGAL4Z#b%wO}
zUQK0hmM7Ej#X18X$>kXAzYp-9_Tkm(*pv%BlRZLajlc=v<Hd(XY(#JBu5c78nO6Vp
z#cBIRs<*&aD&n!5ecE5)MX5^0pWDd9{}$emr*Rrscyzd@k(#Qh76#34*-&|zqpX%*
z4gHU|uK<hc+upX78W2=aN(m83L8&1ON>V~nKuScqo1=oXARr|rA&4|GbSMaj2uKJ>
zjkI)k%y-U=D8l^i^*;Z5zvuB8b+gWj_pEpAwf8x*(YpWi4M!w@Yz$rq8=ppGeg1Hs
zp+XDmNo!``h|^CRZqL5pB{MB*?A|g~edBt$VRb9s{)N<J3@01uZRcu{vFDE%IfR>n
zEu(<>l_8wgCtj<XcC1F5kE9D9RGtzEOy4XemwEq)!^_EkUDK9Ax$%lM<(op*kp&Bh
zy3p8>qLy+=2|V=ukU_;TvY-rQs0|Rz$Fn<4114t@D2&p0V}@${b?M#6vviV8^gr=W
zE?6kxZBOjcWtsYj6>bAWnnoW`8QM%n?s1K8lYkqQnY)6L@I|3?)i&mmi|v)cwkxxo
zX`@&#@Ex>`xSFA|zTkrUfj1AKmu#VKK<Q~hxoY`LE6kpkxoPO(`bYRuWj_*ER+A?*
z%Ri0F{6?x>r}nufyPAPO)5X4ljpN%%pb1mk@&c^3K6ai2xF(Nr;k&u=rj00*y;@+C
zm^xD1%1-MQ%^1cSap+Wb!HDFKMz%2R$KQ%tLJCa>QhH-Q8?cufi;D3$6sTCISSG!&
zs#MZdQ}rE=yoVyx6@fbmmZ~O`^~!3+Hm;vdko&rDKpuIu+Ts%Gq7kywvpg3yL0u+Q
zT1UOrEmTOV3~*4Ve9oCo)_C+8FN&YR`LWwuLIlH)E^WFu60%K3mI3|X*_>;{tS2~B
zEvzHP%jPaLEaFt7iWH1Jr1ZL-Pl+3f`vy9*uhEwbtT*0FP$syyq3<*DgHY&uv~@9|
zx)NF4$;LYe)fd94QXAy0q+$>+$PEhLYYv)^k{hlb8P)`Hc-9}d8FkJCl}esEg}$Y1
z-%x(cX=cdsrAn&t`n9dO74>zl64l}izy;A8qt6hzHI!d76<u{?kn?44iIH?((K|f#
z%>1az@U*6yz>q^4M!eSm{*|Vzl8GN5n89<#uKnC$m>vE~{B|Rf<SjJetJ~`9w5`<x
zw;MvfT^RQ9dGbxRc%IRd)Ti=R*4Mz*7ca&OX5KD^!`@8dibPd^KXtHT#3JUXfwPG{
zA5VH^xnwmddOw6}go+?nxVb&|F6vUj)25zWEv@wThi%vbjuwWuw|vN4;NubbtabA^
zIs7X=URK-K+Wi^6qcw<rg;rJF)HA2m0VyZSD4HYNJxP0${D+N5g%6O2rGUOq$69?{
zdxWD-YWkL_{vE>ha3#6xH0+XE5g|7fedSwjtOg$qKKlGM+g&nQomTcNd)AN;m(?d1
zLg>de$aHUAEE(Oe>m)zas3Uc|QCV^1SY?IAprSj@;$*&{K!RdxPH{Rg`Zdh5&a?1o
zs-oFo@{oFcNzsH>LMK87w?3;`LqoV9zm%YSnZWmBvECSFFTL69V{2q*wk9)uxnRE7
z_!n1`*rH1^Yon{Rd|D!3(;b1{n1K1EjgXSk?2jg0Vq#2uYk@<ALikKL#T{o-yVu_L
zeetvfPlJxiKMF<-pr3Itw9hSVM9wdPVb=$1MdauA4I5|25lD*Nu#DiiFkIHHwUxF!
zbn5U**~Tix4QBttw=Z@&DWzFH^-;>GTT;09>Y`Ph$(X2of%(R*5;2P7H3PEg*~vlv
z8Nv6pYhoL;B){q(FllF%N!CAiGSJboiL2}5vyuyR=kqs#VLPI&$oU!`PP0lv12>^E
z$$M0oCm$;@J*mT*2RV*UQ<SZ&EO{;lgpE)mk%dv!qxM^Bd@=V~?mqQQOCVWF>zJlA
zQdz}!VsAX%sA9<A*D|}kH)LJ`3IbMqz2Gi|Nq?qPje0q+F`S(xIn&a6z%x-DKL|)6
z@V--F_*G+4$dDB;Bq&(p#i>%nhl@z@;Nfn9hG*)4aJS4BYlMZlHMl)r6hY20kTj&e
zytrD^^dO)SnSB3gm^QUgQFuV62CB7;U$ETO*`yqp&??{Zj5xAUQ+T2KdsK`^&*p%c
z8$5oKKqh8hIcQ|CqT$TjAI!*c5+=YqekDqjlu!He`KG3=BMgn(Wa%@@9pps~4;F$Q
z(LA^E`NnkQM*KX266a*&(+MyeP0rR=J<mROCmnX!GLTkGIH0O!s@+`2vh)KlMbsSP
z{Z;ZdZo8YSn1^Ar-CraPRoPMMU7LK)_IHL<v|^KAW}}u|IshBN#hU$sf~5qmKT^gU
z8-~~G=F5d#$w>t(%YP)1_#5H~7gI$s3}+5{*LHWmU;OZB2tHdYp~Ici@O7xV-!fae
z2DZ*4i@)9cv?mOCuX2xgr-RMUcp-<Zab<nwEo=7${ck6d2AVzV3bGAtIH_sKN3wnA
zf(>Ms07ICy^Gb91MqBw0xQHW)$5`cti5b_jT8yKvzZ0|E2bl@B<VFHPqi?<PYwg-*
zr^X@&g%$O)MedTW<tWtZP1a>(WScL2D>5m#(x#EqfZ3+7;ns`ZG*j2@o45?n!|T0^
zSBUtcPab_=ko@-GI1wzvE?ml$Xkn{%`YIrPqCv*(et_Ilxf?W<O@`kLx9Yzc8Y%P0
zQakwzyrS$0`DO?{CSXeOJyWUCs-~K&6x(>=NPtaBn)iVLQSPNezl}V~L}sd29voo>
z@s3R7@T;8sij;QtWlTZi#Oar+Lxw(&_#By9=oyqFdbV$b?yzdG^~ETgY{x4txBUF8
zfj7aW#y!lwG@stg%~|;(V{HAbn`&b;H(y9=TqVolNS7Otw8;w{)1mMK4~ajQVQEGk
zm6|W8U62np;|u6$UDmswB`lXuPP!>9gnEfL;kmK;_s@STF(Y7$?3L)&<xeY0&_2gm
zaBTWe=r<k_!k@RwFFznOegr^9#pi>)P~8NR!U9+KM$Vg;&f~^#1wr^oIltiM%JSQh
zn5diIrOFg2^j`}~X>-s&j+myjuufYvQHx^H5Z)A>YHgsyC$^c#YaCfAd(F?Y)P3e&
zWjQ~1tN|)4e`>wFRKOK{^xSEN)Drrv>Ll}BVPvTVuX1?vw9E~4?)|_><5ZCA5%e-n
zsMu&N0@rE-fjGioyQJj;H?BNVvsg1bQ)YEM$|_ITUB<B3gkz#QUHAJT1^BS7@uyBo
zPYo3c!u4tr9@6)`20zzQxeGdvLak19gV)$TAykJYbK|=$=%|~rayTW6ht95V$h*`E
z4Udx21d0~|B=dtd=_I8S>}<N#(stZw$3}Vu=S}&&6AbBjtBg`Zq6d6kuTLA}PLF3l
z8?f7y9^|b%QB+kx7xJRgUP&5pMUD3*%E95PS!>~=?2)>erKd(<Lsh;4{{Dl!aR%Q7
z_JQs@Fl`Es3$+Csk65~wJ&?UcTjbsJocPdAk_0!v$~F-}x|K%MCl=;)tljT1_{jg`
znYW`XC^GxDJ|Y6&_7BreNF18RWTv&FJOX&zJQI5J%HS|}vH{4m;8WS)UOlx&`KrUU
zD@8A}i68S9^wck^)tITcuC0=EWw}OVR5C|~9#m^6R##g*WOtMJ5wuLTE#tK>1NsvE
z=xJcQGLHtHcqZ6P$P74J5svV!w9TBEE!nc>U)^77ieoN+WV^SYmzMl=%v9!+3b<Nc
zwbhre2HVr&uA`hZ%832oc4$rhR$rL*B)shk$*Ta;uUCz;qmFeWM6>qGgmkbE6HFHu
zCrY7vIXLPLKg!(kI*=6<^97NtJAJ+qufbF{6!_t<L}8PsAA2N~>c+I*@+ARK>cB7S
zvXZi(by?85CrkYWuyF%l6yW9_Mq0vHdTl-QEV5s77s0LG5{l(#2826}_t3wggr4$t
zs*d!jdfupY3%NDdAt36x(xEP9<~+WdZUR)rxMY<SP*dEdE;g}?H=u;kd;Y8jx^0GW
zgYWC(291<ExW+T^>5=AE4?-N2W|I&}as%e5W?QXwyELBB9FK)N9|G&i%W6Eh`!r}G
z`=Dn=(ZPZ-!8|!UD&EXfI_<u+nTYNiNLAO7ytZ?GE~z#}f~M;oR7wd8K-7o8s_i|1
z&o^0ecnWxP?7=;N;lYr=Dsoeq`kSgL*PrV@`v&X3x+FPIdYWONQ|9&U$;*q*rU&{}
zkOXeM?E9yQ=kcKR-Q*$snL{7q^4?3lPLEvaJ;z@iYPArRZL6k(s1eMGFCZi|wYLs>
zCg_D{{+b01DgeHEMsf=eL0}3)Xn^+=$6o*Sq(`Lg=+GVdWw$qN2<IMwjp4CH%lb5C
zdCnvQ8rb6=_B8^|S=MV==xz3f4@8Z^6b@(7gkz|5@(B;F>phVJ*ZKw%x58J%##<dU
z+mE;+d9C+X?h}i-{<9IhM1uI(@_qPY3xWwSj`UU*jWI1KjG$vBJfUN8)tEuY;fz?n
z%6&e2uO7yVk*M#bk;{G=x^Uk$hZttfD_1DleKkM6T^#*BWCrV!x%lo;)VNkimvk@v
zGZOy{`5!tJn|6MJOv3e5A>YLt1NfFZY?P>%bp3oL)w6pJEB&ZG%3#^aW&J+q#8I*9
z+xrifND<#Zejon+5u9ytWxuiGJF;dV`E8R01>a24X*hq6fAM2U=V0A6W`-|oD_kYZ
zQ^dhX(11I!Ra+5wK4v*S+bdb2J&KI>$k*WUiIdTz47y?b<R}9_RaBeFwZ7hco{zU@
z_Dk)#x3azu-^v1QMFK|39*<253jO>}mgWePx$!*7*Hvfc6G0HmRSlM05I`lAxU8<#
zAiMIX+QFT%^)PPNwmz>E0@@z-@hM{7!)Pbcy2yADz53(n)2=RCTaKoPlizFyFQw-V
zw#S`ckWf^#<P%M9Y0CFc=QL&vR=AJQyj*fEKvzt-oSX`vw|D4&ec|WINKNL)Engp8
zGk+g&H!KMU+%Ft-?=_#-|G2_iGny>Bm;pq}M|OX|lhZOEtX;S|Gg}A#4xJWRz@?zW
z*A)NAQABXH8kz4K6zLet>%xVtqHA?xIp!DDW7^&*;7k+Op!XnNDS)pkSzkmt4#~&F
zAc3{^fINYYvl7>9XnQ;;*!#Fbz0{6UP#~$=_HU^a)CZI%e9aSU_tEW|+~^%QW}xX2
z^>TaotG^>xBf4d8Mf3&i?+TwXxjp3S?#7o;DGIzSVBqlawY%yeF3-)3XYNFv2TaIj
zJyM*)o}C3(=jU|bcufXRUZ)_4foYPW<jPvXDy8ofo|DGSa3#2u_PF^m|K!(;j}@dy
zwFxXre!WGbAnCh|W9GjMuFdmOZ1hVS!Qz+qcKTBeu~>py($`fsVRO^l%0g@dR@aoe
zBnXa}di1}HBhYfL#4nZnLWEgdwLi5{V$;m<=S;Kfp3#*7%GE92$rTWrU#`|<sNu?y
z(Xh_l*lH!TLLyl5Wux8&zyibe9esGv|5wQS)ZWS2TfJ)nL*{+RbkHB1v@P{rVC-vi
zO9Lw_&aAeiG6v~777fzk6k@sBXUWeGYV>=fckQB|@x)yCFe}_A!7ta$;OT~}Qi=ua
zx7brQ+`jT@8azpU?aRkDMJR|6@2$lP4#uq^xrTn%He6ASA2i7inUsFRG~mtE?Ob@3
zlA*QyRs82(Ua<+JZGdb*&&o-yWS30c=UYVATqQX)%_Tx@Y2~VQ1MNP_%224}4&kNC
zHWVK^g<i$Lc`feBc^&kv07Bly2e+Izbvl+tmqk)1bSUtoC-@RzR+sMdlZO2WH$02G
zzn+!^E8sEXn!%W%=UFT%4&bhVY{Oz?Bu=%0X*+M(wecd+Q@N|`q%4SNmCGR{DYl|3
z=~0*Jas&aunNJY4#m5$<|2!@<`+VxBoJErnN4$IN)rA1@3$BNS)KX`Q0%azLS>I&)
z#NfETbkwXKEFVxvu3!JGRY#CCVbDmQTGpvhrDoRQ?EWFi&B}yF&#1Cd+s&w0@*`%|
zoH04f@pLjEf5dErw55g`8K8S3%xqF&J-}*izUETtKz_}Zon!t(-HM8kaCQd47@3~h
zw|9i50A}P8aVkMV1K*NHx6|b7Q~QwKx)s|udnQ^<O2ytvssluRwSh^uf~$w0s6m+S
ztU}R-jyvHxn}H4MOqE2HY9c>d>i3UKUh-GmrsvMb(ypOC`Jl?irJp92q#*8{SoIBk
zac?+lhEZ1wDQq|FO&jkhj4(!$3Yq|;PKvI1->xarNu{zHUpwoZHKT9&E$P6Jo=Kz#
zAxF{D@sSyGz3wCArsno`-hOWA4bnanX2R9Af%WB)Fm8HaL6*9FQ`@_IbEPqP1l%>K
z0T$ZgTqcFy#J3v+esCNEfU1$ubFg=K$_Hj9?CmWBb=BpXi$aB%sneJ2fgj9pe$jL@
z_#<kH`}v*+XSPE(cT(G@X>YX;TDldMG98@B>vmSHzb2$pV0<7o)4{JS$A5;qe?y_X
zK?LWFRnHK<Q|Vh-ONyqYcCEBbe6ddffpgqBqAyOHkgc@fwijf-!8_l@#8%e5TGyoz
z7o+#)hV2mP^G~xt0c+cM@_QLU(crc8Wy-pVA2u!BAM;0&w8NNCz9WO8#}TIG_xo`C
z!+3#!8yC4Z>`fZa&wHVq!B;Og_+csdW^bOJ?tfiJB&OlPBp23jPSD;Pscu5O20s0~
zMC(1GT3NS3RG^9MWVw}M(MrGF$iP&5i}20-i|zp6Hs4Wa{njDy*+<zBvK*zpJh`$4
z?$D-Q<a^7rNJ;T=mD{Op>lDiI+xRCQX09TY^eO9Tb4!&<VZz0)F_TiM?L4@{R7}*v
zXG(I)+C`>Aukz8zS+#e(uX$wtx}xuV9{8+G*a&vW^SP=03eS0XiR1-F^v(%PZ>VL)
z3;0Yf#kV2+<@jmX4UPCZ_z{y6d6gN}V{5uPt1duJP}_1^_6bvB58X|(A}Uj_%3J4t
zzJPBos7Cg{-imAtszb3%mAAON@95pYcN5P&(EB0&0fLC&n0PV1Z}3{V;yL}EimF@H
zSAxdH+ixH?ta>^$r}DCwQkI3U903wb2Gz>v-v$TsUYKef?7F{H>Kx9Y`8`v$?AWQ7
zOSP?4!Y<k7Dv{EXU(Fvh3oc&d##_^5JsIZESy>*rG+QQ6OHn;A%+Cy?)<iwApju+p
zu0*fY9XrTzS<6x%PN)F0<3Mg(wu@2CX3+zA5vThU$|b_W87qwV{x03>fIm0YsI`Ux
z<>L#dnL??HGHep|DXQaJ+`07gR<Q_JCsv&l<E}ZG3AWmvz3lkSH_Qrnqc6O?Vimn%
zF(Lh4W*Bzs@Dbk%*UD3@#Bjl;lG~S+!_OqZT5Qx_rsw)|<+Mth={P1^9CY0}Wx;Xs
z9EG4@ieKGRgqkcYHWI*f>T1dI95P_$iV7wrA(yvM;dfkipNoIfJ7MW;+2at${xQs#
zELl+`#OI8cPe~=sMIudQm6~sgpEcg3JfM}Pa!wb}tX5?M<nRni`)cwsVnyw6>O3Hx
zHXDL3duiOZTu+`F3Ya!a5OQ^L<y{}KJ6Roq3^M;JY0cZv1{e}13-YR6GtXr~PV=WO
zlGI2PxmnHl`;R<6V0GMo$YXnHeA_6yyQx0A8*GM$-(>m?^@7bX2QY=Q2X_Yt#>uaw
z4>c>ZIt;yNls#WKHBt4$(Emn3`_WHnweiL7rj<>%i8bJ*%HV^|Q31+B0dLn|0Zs^4
zz<C|8c~Eb>`4&~VW^%c6Jqhm5rbVNp-^SpXV8^3k%UvDjq}w44n5Sp!T|?%llhRoq
z4?I>Ac4NDd>_M!|{TN=EgIcL6<?1lAg2Hc?g_nGTL|9)b8Yq6C!dr}L=a4($8|HX-
z;AD@;c%Mp?0-<EcXh~<7fI?D;2JpS+G20c_(<L;a>~F2Zq$;&WdD9<Te9o&67Jcbq
z)_O2<>D}iVx0^gO{IVGox}~M{S&R|>10u?qa@S6b3}jFlPZvFU{W*dzo@Fc-xm+sV
z`ea6=$3pqT4F39{XZb`+<G|~h;P6pxpT!6jR`SWL!Y8D#Z^#+-&a9at$&Z2nx+{or
z(EYe|zHvjh<B)93%Bxt4EU!)nhu9m{vs+CPCBVe_(k{ZX4jY=rxylO^<RtD&;XFr$
zW~;dxtPjb$4{ZM8<VUp<z}l(=1#xnaX<)P6EQ8DY4Na#d;W)wD>r(e*Tf?&#OS6s7
zvY~pd_3>nr+W?y|Dn}_KX~qM!>RMV``qI<OvhH;xqg!G1Kb|OFASXG~d~W2qd1u8D
zT~l)jyPN9h*9hAf)1B8)6PCvrWQ3W#Nv39OCyE90qTB{xbs`LT{aiCF40F+Emr7dR
zA1%HS#q;asRJ&$khWJPl256rVt`WhL-3JWk)Vz6~bc#S~_+4@K@wZ>>&u5-}#eq0+
zyjP;tNfBU6oj=s#9E?X*xKEvGKd|u<c584=kwQ*|uv7c7pZAIW1YF|5c4uGPtn!To
zMi=&WhupUnh7{ugVO=e~^ezXX)t?#zVs2DgX3S}QX?z@fIN4dsPc_(Y=x?33bqVm`
zi|x8r-YC|$5qO^-NL=Pyw)b(aBkz3^igZZ-O6Ayf2HsL^Ye`|tW_>*P*hs*y*X0s&
zHv)eQZv=v=H!r6=9AI3q8c#|jzRun+Wjl9t_1R)_UwdmgKlpwi)m-wx@<>hc+X?yy
zOZ6_keow8~C-ssSpN$!N13I;*3|ia=%V)nU+Dgl3Kg#KQe$3=_$(Xfy5s$rgHGN|;
zcxWX>vXBWstr&$%L40NFT*~Y4@>_YYDKj~R2xKYDy$&8>So&PSvc@^o=Fam<Z<Dm5
z@LO?W&^w59<M+6eg8Z(;h}NtOfM19rZ0P}yNpj_X3R~{JoEaS%4wS1k%C>c7Zi+4L
zAHR^~_SHA#t_ysrjh*{r<CdVltP6i`+j4*=M+aLXpNg{*p_gSXlOba|wTRpVAyf5$
zit<H29VXr)@CEt`)?-}>LIo6^^aHskwx6`z$q5Z5?uiP`fgZQ5e#(7Lz-{-0pOilC
zhf?N~eYDe&fPdgo!lF)k2|2R;#m;xLe3FjHRgu#RG?4Zg2P}$JuErPZIbb63<+|r!
z+!+>=AmTWlZ{{nI@@e&l#}LxVhBN8_aeCsz56Oa-w2k?ELNFH8mm(!2YIq%tSj;2#
z3+s{Ohre!{PVR|kKZZ{{18<wvCFLaGVH(o;8~0pgcW4I=f0MSWC2>w!;puLs;tY6P
z?+w9J!A;e}@1GKmHlozPXCb+zo3F%2ocq`o8&_kO4N$kCS0eAMjLn7KGmO?p)~;p<
zC9D1D$)b@I&Z?f%6B)Czz0i5dGcJ?GzDZ*Kda}B(;g>C#0o-^c@Vl|+57uu03_V?~
z6^F=XdN$v*Tbf<aHP;vj&D(r);BxhMzKBoj$c1uvv@Ta#jke)ZvtX&9e9QdXwa(|o
z>XHRB6N%$R2`7bXv(j)Y-M-qoHImbg>K!{eIb~jPc)Qn_l94R%GL<O+H%++g?DQ+Z
zugZ;|HXAXVis=c(1zb1}1d=k6I##D056;6!g)83+V|ra^=gXa**q^e$<TO`u^Eto4
zJB3ljKdx$DzA3tVTid+9tQ(ggS=rdWm0X5sD(K#R^t0uW&hUG)!0@5{3`Wey;~KnQ
z5*zXV$aT&aQk$HSL6orL*0?pyMg`m6;ZZ%fy^U1^yrMS}=4LR09+nRjaj5Fn)jt{F
zxK7jdSY{;n(14Z4yQ8RR)#=!$Rs*FtGW05_t!~$8)|5k-Nj{KV9%pO5^q9;AmH0Y~
zI`Lyh{LgYX%Er^%czN1pI(?$KW@_feJAJ>qAJ|^uItHppUhpyluPClK&z1vdlO>X>
zmal#%nGn{JBpZ2haiR7O{6iC2l5ImThok`Gn@1t|3W!4-<Qw6sY`Q7&gD$kTp|ZW#
zWyUx}l_`%N^8Q$d+ix#(M_2yH#yjs1IYfG8PY?GsUb$bR_sEk?>yu~QG&f5~!<y!W
z%GtpOw;QAGMor9dXPM`ayHa)3Rs(i8o1V~aTyt#(I9bc&k<b$y^<1((aWsY7L3I^@
z!&WTpZVdeJNcRSE`H<A>FBZMO9*Hqo%${B^C4n&&`Y+^MYB>CGdz!9$P`GclzHlEj
zP3vcVKHOnGpQ4Bpd<za^KJM5$_<;4g`lB+|8(>%PJT9N9{Q;mfqGInzAM|wpnIZ|>
z)6a_igkZtKmlY!^mQ^Qd>3F+hm(p^ch47{LCG+SXcg^vWOrks^W2=&XXynUO(8NCU
z#_f$_gB&*=dKJ;HK3@mw;wF1XKAR_15+9E<qFJasLrBXa<m1A$6yQJPE=NJp(_(+>
zCY&>BbRYE44S>F4!`Z??*&oSC2~7(T8WE#eL&F1)-rdMsr+%w~nnwx>Tu9N1BKh?B
zum#m!CDJ)!1GV@R8oFQ<xs!klihy)+UXNlroF|S!3})5TmS5bbc=nxD@{4n%G%p<P
zock1`NoC{{GSn=c!|EK7b`8!JMVhrW$U9;a=Dd#wC<33=N4FEK?u)k^kz5`hP)C+N
z1?)#<HziS*P1zCUuABB7OVnfg7E*w>9zrOj*<{}$>dg3eg!PkRvgE@bm<;!GNK~9@
z<YhrV<!2h*$o{GcFKO`avHyJ2i7o0BI!GwS<>uxC{gEvPpctJrB2HzwTAft60-nDV
zLwdG9+)CjQkw&#0CE#PWn7j`td>-h1c<j*r))lgtirg@~{!wJDK$?ogQ^b{&@w#W1
z=)bIH5Dg#59^{x}6Npf4tB+iIHgK~#KI!$Otm;Z{tGid1dcXT)0-=M>4^JcM1NWh)
zL9@I|f!`+z@y%>k);0nH(BC5hgsR_VFO5#ls;@6D+u}FdZ>`-Bc_=OU7D=Vm>zb?O
z$ujbNIOYhUSTT6QCQ;@fY{7q=TCFkPKbbvm<E4<Ar)h_L%)D&Pg2FV>7gqcc*snrc
zk=y-fWw`qhRA{x8hhb^Rjq7hE9~<hdyAJ+vx)3qJW87CV1RT=hiT4dxXt_c|E$*>0
z2RnFl(aipbUuA*hEg{T0Wq|71rsed~%H(=Gqo3B3AXmVFs{N|&^U82$htoD|Wt$YR
z`2gjL4Y#fD{;Feb_VM>uHJ_<e9-zx^_!g`?r$_cA7ye%R*H;z_NLW4#mGORtzOv9=
z3xsHIjdPbDTj5xv4Ih8*D|+wZt&8U#kht*Fypc%}?d8q6j+c98IglKlT^sylIgcYc
zFYzncBG1IJ=e=8f@zYgLbo3`~l-hT+8P*kkGg?y?;F{0Q6uf8Ao9chaSZvVKhahuh
zTIGenaq_m>F7l#y3yqMJEZfbmv5%Zn{kCiX{RDpg;!$JX7ng53L>-q|#g!MK7;#f6
z@_*#~;-vJr`7}jTUzWBdyZThI9uImVTyH3hQ?1sYOaQ1)rAe?;NU?+GhNIpW_cHM)
zpVO?p?Ule~vDuK{{nCmBc~eGdJjNJ&^!s{Vwv@WyZiJ83$?X-kedhf_TmUQ<xL~nZ
z(k$dq)~>4$3$&?Id{d>TbPlm0d6hmh#@8vv<>u_l#vD)0@yt*u?iN$!sryNN7X#&e
z0^@j+32qq7npzzYYs|g1OvtY_k^c19J#|I5h^77{1*OIr3inN-=qHW0sGhPNmJVF?
zm6%VUu_~kVnexo;y=`b8eF)GYAsW57pAxn;1HM(&XOi)z?L(9G=h%WrO0<j9u|6XA
zc@`#kwDc+)gTG04(`y|<XL6%!yK|rgeAa%g^2MiM7~ES<@Jf#R?IW{wLhJd{T3vR-
z1T{QvbegqiXGxNcqTkOti6Qfx^U0mJF2T|&Rcc*VYzTbM@NrzK22Rs$@4oZ6vbfQe
z@w(}Oi9vx1IZX%V#TN#>+4HBvm|yrBtK*JU9ky+h4KQm|z;U{`8E&5Dt4NfjeKTCj
zq2L-_JmpiBv0L}vKAqnzX*?FzGxu(*a%I^{GwZ>}%MSV}Uq8^`wtV(kqRl4m<zj6x
z>Q4(M5K3Dl1EyA3zcHY9(j6Pgb7aX_MD0J09=)jWxaRg;`^eIY&tSKmgIrWNaVA|7
zT{7#e+YOy>kKj~q^BI_^n0X7DwFRRby98{$hf^{n{o<Yo;=^-$`kuR%WK{vlZ<&{7
zBnkP}H*+0deN**gQc-5fzMr|4p)KdpkO$y@yi<)k&91y0S-~vEaCy^CB4xd9tItx}
zsc(%&PF*%F`m4y(&tcgr3yKH_K3?S>eu^5AI5>}s-ln9L`fPFHQ%rYe`QeH8k|42M
zup_-;rCsUDV3+sMQo4W=4rQpJt$kKE*Ub`E?=G$blC)8|+v|bq#5N#^t3Tv5%1&yG
zpq@2PcFc|d5B%prHPaWLg?+VSJiN<N<mcs?_5B)advg4=xr8z~dUez%t|g38s2VdT
z6Oai6SoBw~Ee{UQY7ldypNB@*;KbDMnCN(WJ?y2+(>1Usr>?Z{weq1!oqYVoa;*Vo
zvVH<qF6&4&kc;C5V7_0h)-WI}87Z!Gpf1000KrshL{)C4vcRuN{iSL)<;S<XOXfB%
zT_le`w{}*42^v0wp!v?d&>cR5XG-BM|1J)0LSG?Han$z?UMUqhZ)}*>gG;g8WOrR8
zpLNqK?}HxneR5!7llpAr?d4D^{6Y1{chi8pc6FDoXl4Mpq%r;-zi#^D_~Vz$2RgLq
z-#=R0&dAS3EVqPIy)#{FN;Cr^fSMB5_N;d$n$*vl<i~P?@_Ec955#@-iK!LU8B)__
zWMuRkpEJ}fG)>e(5-Eoao+VxPU1yYAYzZrzZ8f8sJYuf5xi+A!IbN$lGu{Wi&L6!6
z17fy#a$UT=h8$WuO}Yp(7wy$z;7T0KS!sf^8@fm*x$iAbQ-?hBeyzAS5nq<{=&!F*
zwg3X3HYi(A8kGmYf39@$OUS2(uZ$LSpE5eyug!6?hj>wE_y+siikBUAsg9h(T-qrQ
ztEZluUx++j+*0U|t3`z3ry>X5H)-zkd~Ieg;YV5^>BWaG`I_&lz(FqtrgQx=gRs;*
z?atVKJ(WX#a&q1-mdw-NS3MP;f7lEZERZqx;@NI<HLv0wmsO&1LiQbQ({%?wd#^Bm
zKg{(Z<7oT_qYx9~SSVwc$h~QT@pmFw2;(i<$o;1U-roim9W99X^MxZDc=c|DbPnQK
zm~E`<*W`uFno>00nG$W~6fkg%<z{T55s5OecOzBHRS8~o8R7eyi+ulnkbELXo5V8g
zr6uN-zW~ooLjP$QrT$`<;>CtboN@-sp|J~bCp~LA#=1YkS85t;V0TF#4-{`N*k^<Q
zHD|jV;tLxv)LSY`iVywarrilGt|J<i`&|uO&f;0zqVT-8X|_I{X+`izNT@6Xd?_4P
zA@IWBsAwfJ`D@MPNSHLKB-vLJTNCf>A7<jRniL(SeRU?`C3ZM7=uIHoxi$N_{`+Hk
z^e@)TXFLU>dQ?q`C|Szk9c@|0Ml3*$6$P8%2N(NzriJr7FV6gI%>8OpMHCpAj)#5C
z1{|H7*KbI5g<SPQq?VfP&$i6o7@d4F7xFDsJACr3j@_q8+|tp{(hpXy(Ote?2zGu0
zs1F2-#%+CzeD${$i!`^29g+qXuE;%d4rit5zbYzU*PzqHTVd;mM{=?iNPdTZI*{e9
z3`G;Z&80(~H@}N_vjmv;+yqYtAVq)Kg5mgGhDSGagG0V_RBC6blYUeB0&kk}Ae3#3
z1K&aCGTmgI@^|sHK0<K@Z~HB-;4jxf`R}E6eBO(<-r4bZhxodzJr~#*Ov;T^$<!vO
zQ1bk`y0F|7C0_)XGh`S)WcFXtGfSz<n_klYHnaNru07F`;#)hue!J)t-<O>>FSFDJ
z#4X0{NBk})JmMfLe?Y;~^U9(%uA0$KOH_gUc7pPUga@0%LEmOZW}^bklb-2!hV^x{
z5C|0zlufW+dW|mcYdJ*g92AogX~Ish@rHK+d^K~M_d9@e>%J^?i-9(us9+b%qF$T;
z>-{~4#GJMtmG;%;-fz^SPn?P_GZwfiyWyV9D7Bsy;+rLCd;|QI&ek8-L~>vScV2|s
zTpPSsiO=vNUbJPxfH9)Eh3F`!sl5_;QlG}-)0jun9>-%mc<!*P;*c(^H8tgzeXY_h
z2I}Y*(wEpji!77b%9!I)aL2vnA)#PB_7lqL%dHiMgF|L=>|`pPJn%C#{G$EG58}js
zXwh0UWj+up!mDgWes|c(OBwO0)S_f2r)=>k?IDX^!;gF?0aw?pns&{tl>5b7GaDO?
zN3YLbZi7jYHP3aiF`(Am-mg;EY5)~Dm{PRB6LpK`L35@%$q`NB<-RNno}%8Y0G=iP
z5I@gQ?Ge733x>fr#Fq=C&3VpkQ$AP|k3mXFr>U2Bbo#V>f$b$#zC{Jm#`VPu#rgwT
z<&#Mtks_!EEF?}ocX_zuPN3R8iYqv1jT{s-!O0jdmw-p|IRm}`L#D2hZOAfJ@1%Cx
zdV=p<vuGCqJk-QYq|hj$fyGDj7|LUcTgFMO>&<K2Od4H6(c7QWA6*h`5a_#5OHlrb
zz$my_Sh52BJ@+K@+(hB$k!s$d6!oVVOpK$QmwA-%C(`MrjF}$LPJb^-M;<vo2};rZ
z41opcR@7;13K~F_$407^b~<&pj#b%nBea=GM?xP7u)q(%Pqc6)ZE3n3O;N<JBNs#7
zrlYZ!SWs7#aF_c0bVJxyCd$#&@6&-RPoJ{I$qukII@+9xWwV^WTn+62o1RI<(~{AB
z!kV1@h;{m#n29t0TKdqp&8#XfzDB-+n|i!J!~4bS`Qz&`{GHE8&nI2lK8~iPqbX@t
z!mAseJWF|yPMIx_>nXRQ@+pTgOFN6%Q{0Edn)D6ugK)R>B7kd+H^`z3^dFKB_X)(G
zm_@(+;K?o_ckTgIhA^XO?K$!OY!X9Kx=Ma)`1p4_u{s-=?TIc;d)$vOmpPzfkl$U-
z2Xn~Ba9nDAWyo2CT|*^Y^kRl4KGh}D)76SHhCcW!)`C-E!HxJtO6sm=XUr$0f)%*b
zZ-uz|Jq{dBRC+?6OuwiY5f)R-o@8Ff-NkM<eO%oO{cODZN%j+5IV(H*Ja+yS&z2^*
zT7t2l#BlUULX^>>1{uI-+U@^_SHMo&_}q5vR_!grQxY%R;UiO&19-}8)t`GN<(^b(
z+7gdDH;qa!yuK5asbBuZ3ctG1<n((FUfX~bUi1+_BV>ND3SKXCnP#o#T5IQI8Z6QR
z&Zv8Lt%r6w#SK_%5K)WYmeLH5(q(srp%0g+rU2#<ydIBVx>j7Mx=?wc=JmVRA70D<
zsQ84UOlZWF6WZr)OB{IKT}}}LkQCYd^TOvY3TZ#rd9M9jSMjc*jv}LQ1d-^+3*cv5
zv~VJhwjUnm+$R!`7dTC|8?t1t$n?pE$WD@lkln_WJMaEzKlmwppW(RSb^F`^0Q2IT
zd*Hq6)^FBHL>Wa-i}H#d7Nr*rx&9odFD?iCJl=Uz_yrLa9_HjFcI~tXqUfeg@UF>u
z$ob1XlJk~(MWlb-UidZmiSgId`KQ0(puZ!ed;Fz}-S!v2>Dzw{?QrOM>)eAxM-AI|
zNrw}~H{u>Y?+$vbe|>vjQR=lf5*8!?`~jO6$2lbp%Cw^ExxrqS&$UUPLmyBQeyc^A
zGSPL9zszO4D$Z^I8VKfC%#&{Rxbv~R;&)bY5>6!GCr~6DNFYv-IQPk2r7I9rejV;D
zPNHLTBp&_FEY201>i1*#V21BRESqoOE+_%riEO@uKf!&08Qi5a+9HeZAkZX3)9kJi
z{RsUXZ0+mP=+Rx!rZw<@5@=7;8m^+B$+O2Lp$B)S4HUlt1t@`zU&#P-Kuh>71@z#q
zlu6|zmOKAp4DfUNdipo2DV#9yI*Ci4*gsvm$bRwCn-lR;USCgpUjXAqM~gX6ghl$t
zgE2o}@Je|<4nIpjTt5lFi%*V`TwhQ<SK&@HNf$4*J%e~aI8|Z82|_X&*bNjkx(6r_
z%Dp&2`2LxKX$|5a4N^H-!5Dr%ri5@R0KwaX(;W;>z-17#-#|g5dw@c#gD8;7NrXO(
zNa}S8+QuH7NI{87IvQyZGB5P0Uguj|PeX%$a_|ENJBZrA2M`+cIc+3Z5QShDr2+FV
z+5&>$=ZQ4`geWaYkTi6(nBBnmS2zOF(X(Kd{ehGAbuaMsD3Dgs!q0Jl?N$^5${rg~
z{MZr-8r*{u6$JZkoS?xyIAQXs5)2*qc|Z*W6d^XCJV7WSp#H!K8r+$A==6lt?O`Z1
zxQC(IzZtq+|3HdDqq{Q?0&h>|?LicR9g}%z2!7Vde*zRF2bdpFu;95Q0C@0O?&Y}5
z6i&fiK+%8{GJrS*vYF#o%LCy=jSZ&&Y&b!KdvL1Ri4%JN6-p>*bT?3#gj#`W&(9a6
z-9emmvEhV`p|jW+iq-~AK41ocl?*)p0?IsSbPq+Hv1J}KxF_=<?Dk~dZa{ZbGALL~
z;sK}s5mAsGU^R!L#hmLEdLI9>&G~n`aB{~vx0Xf(a>^F0r|vs&B7x?C-T8#GJD&ik
z<U^x>P!vk2LlEr0fx_Sf4er4Solp_`FbM@6qz9G!1K4odzXvA(EM?H>Zi-^m?J8yH
z!QG`y>LHfQLl5rGJT!K@7z*q~6oMU-d1wfJXC78Wp@~@u9WCaafTm`5FrUDR`6o{7
z=Y(TVLX?sL%jx$13WyV6043s{gn}l8JqZO3?!gI~6n2+<Xb#$2^3nN(?jL@h69-m&
zDFB)(_5cMHyInxppex{RhN9K&ZZ^<^dom9jLvgYJESU#^w<q)VAPT{b$viX!m?Ipa
z%)<&Oy4is0-u8327wpZg5yw)2KY;@KydQ6`gPa1vk09E9N(cevjt!>@Y&b!KdvMxO
z@_#jDB;X*hhoYE-qJe4;=DW!dL%p#vR2Umh(BK}1qP0OyDVRY&n^FY>Xz)4kXCt4=
zc^q5jL4$iT?-;hsg9djq)DM$+5Cl6i4+ALhyM6oJY(UZeY&IlGs$cMt>@N9WkLRM~
z1#$`w&g9!$6=<BWmHZFbaDoOwoPb}89yE`2AlP>U1r6?DC?=u&ekBwK)RbMqh7%b!
zoS;DnC*b$W=);&4q;7Y!fgaq$&}wX%2MzAYJP5lz4E+Tt@OzCBjmbPT1UoVh8={zI
z1Bw>Y=H54~5LPfC-i^~gES*v~aem<h{O<B24q*cd8r+>wQjf9W1P$)S3DdmZ{GCtG
za^U=qWfSmorJ2najBVY79^75Z(CT(Co1noxb0{6Q%!3AhF%$ro+vv=Lz}u5~dk}>x
zJ0|m>Xn&qf3T57JM1KQ{SvH}g{kd$C`q8n(+!%%0=l3z|x%TNwOAp{AKGSKX`ibUH
z{B{1fl13cH$z<BH9+Rh)IMd=H3>C!k8BZ9Kg>o?Ksx)Lh)~2s~6A{Suq@w<_c;xj_
z(Mz34w@S2C>a#rVB}r@aB;9(it@0_$Pn)+A*CPZ!^`2<wiHp3Pv?jO+imLmO*RObL
zU#UFvB7$qtI`aBWPi@9Z4!~mwpNUL~Bkjd$Lxl^IpZ#(fPuQJEFu@(7^!SQzbpKvw
zYr6^V6)KNc_;qBVoN0GeYO@~POO%dl<K%2kx-}{1m&e%ZM27LU<tpf{%N}q08zFC3
z#UO9@>HPHe2I%c!9q9b4KiqwD4RUw!Eaa|;*H3q!g6^t%LGJ$HEnz+6trz4iJ<U&V
zFSnWC+R*IrR`W9C?In50Tfc2@g+Xrt|2^&=XolRyxe2)|jB(dPno>i|l8h232Xogj
zH_b1HQ7_g&^xKJ?Xq`mqb6uQi_f&3hwj>q#53=(S>+Nz^6r&(oCs+D3sOW_@LA_Mu
z7{C`)`9u8KE_6>*)@obReYEvy;?f8Ie&BKCGN;L#adB7z?X_LG0RFsIJdy*W=2zNa
z^EQ_;ftJ_L|IjxXFf#CORVZzMBxxIrF?kPt{JPUh>}h%`S3t1*FhRh<8^HkvgUOq(
zHguj%foCO8hhAbfP<fvfr2Q4dYTGz?BR+w#VA4jhJ&;0F>@l;xN_AG0_TfqikK5p#
z1%D33kf#9N2=H$uP5_<d|K#pX(az^hXg$V_Sw9i`2f%J}{PNielM5ZKpu1ta-MtWb
zeaYe8bMSUCg6zlv1S)@_%Ze3UNCPO_1v+vz^>o{p&$%fXw1p6Uf2J<@^E+U`Ab(91
zz`uXz0tDZlTnGYFHvv=wfcGQjXPRSk7maQmi0b5SbRlDV(S>68jqWzMP{RF@xftW1
zZD40IpmPCAxV^am1+ga=_JE7_Rxc4u@LEXC68^sdjE)w7QUdL?0lF}FNDF9)&HV>V
zyMzs0w1Qns;|r?6LNtJ~Ru>!7sIcY&hG~$V9ZcKnErhPaZl<BZg>3x+E`ZKjD2P4i
z2JB8<G`eWxyK{jbYc4=B?8${)-U3Qc5lx`QFb&ePlWEuxqx{J<$md^7Yqz0`-R<r!
zrtKh_;BRn&?Kut17f8b%rmbRSnlt3+9;R_(%LNS6AT>LQw(TwOXB}(A#x%&-UZz1o
z>_rzV)6mBE5X}I}1z=Crg@V|V3)}Ag=`Dt7ke(e(!wwi7y7r=d-X_{X4KZ9YV0UHs
z$2si;);SFqqUvs@$-l$GG)l(1ScnFQ@Bf_)J8}WdG_;-_OhX&nQ^yWtV;b7nA54RY
zhK}J6Z~?BbHi-{+r!K@ajPcz}JAgG8pcwY#0(NgPM1$0zi3Xs%0F1FcO#p^zXs5TC
zcDdCi@!4*7|Cwp$uz`zK@RMl3?>X%WR;FFY#<UavVorn9>|oknZ_(g>{7E$6kB$K{
zwwGy85PQ+Z$~3g`-ArTD+g)|hxqzP1fL;9!c6Wo&OhfD0!8GiEVVH*Yd7Ejp8e%^G
zFr@)ly2le(=QOm2Jxu$6m1#Oym?nN4TP^^Y?ol4nvx8}S-GwFz5v)vujO}F_wka*q
zYj@^~0}#{D#&<J~25T-rLF~x|?A~IS2C3OGrJ-%@AQ}KIW={W{)6l^GVp^L`VmRpU
zI!dCr>%2h5+s*+kksr5O`v{b#N4h#PXg06frMxI6f77tOKVTw7>axydnFFygffL2c
zn)L`JnfK&gn~~yeWzTs~SLR-mavdXoB3*G$Tk^_yQfsgBTT=-WfzKt303tO@y2G?<
zHEGgc@q@o``VPVQBptDfI%4s8RQHgI6XLC0+QlX#k$G_W<8WexX2)6M6I?ivPguTw
zj`X2S@uKwZbPRV<$flL+a-YnLHtU=c7XdGF)OO2~>!33}m8ZyQcF{I5GJ^XgMg!U~
z@c+*;jV;}SaqT7PDt}=UlDsb4GQ(oplK|-N_!EK(QSIO?)eiakl9Y}>pN_!S>7L&}
zKZz0l3Y($`2Qb`|poU`H|0L$F(WEe2u_6#LH8#MQhzmE;y}ly!L7Q|+Y39A2=OBy@
z3J;XEBeQz)=B2wRM<K^cv#xbqFec{0Q-1>i*bG72RyhG8@7;OcIDgW)Wn1HKg~MQ|
z*3i9LWM2nwWqck^mkAu1+Y`tN{-+I(-2G|Ac|iMZ)~gp#96g_**r6ZUp2Q~kOHcz$
z6EJtmK<U>e6}DXs+$MI3zTkfrD~@O<WZmpwHcq+M3nmOHh>SYnTkx*aJ@}_!fd6VV
zzkK}bV1V6{m65j7FDOUrsIww1cP2&wWB&42zer0kAk$Bi7mYC))ZY7iTD<#@9RFmO
zSot|}j&k(glJu(o2TZD^7@2*tqci>EE)Kz)wTA&v#+q|I$yux)1A1#d_Yj;o{||bB
z%Gl>Yk)j9}g)&+TOs<{j1dVvBv+ca!pe`_X%D{VB#)u3oz}%gulaL>O65Cmf4<tV_
z&=k0bgd)IDJ822><7a04#IlT*@*Wf<_gi!XnEPnu1o^QO9!MFC6BJ2|{DuwyL!4Ko
zkRN{}2B^z30u*Vkp8x{@yt^>zEBSXSN0T&)X>ESzFWO5Rg$L8As@$)@Le=}c^LEEJ
zA;z#2G-zx`_5zsnmBCV}pt0Q)!=@2a1|Xky5Qh&-U4h1S^8rX9!BR}2vE8KoTaEvj
zLSR?zGet8u8f3G^lV9Y<h7P8VGl0~_RH_zf@W$}&in@pqvHUeHQeK^q(@f$QX?Ds1
zzsqhEma;pD<qlecNbjDKg0P@CdJigqkOr)lF@^!C=>4}X*Lq`_46%Sn$6yQWos)Kh
z2ziLPEs%<gitTCmuVOArF|(s%`*Q*TnX**&0wm2iRDV)_-{{?fP;Cw(#gdC9SgO4y
z7P`#sBI@sX2GRf-1~Bu-{};;+*!WlL3r)j2izt{gP>Zl@hQsDzb3N4hKpJ)woqr#*
zZI=u;!KD8QD7S$f{nj6i*^a&pEx1Dt>dSDkkU*YjZz*BK)|XxTUG0EfjTxlkcSrcY
zw2UzffGy!!Fg<rSW`}oG5{Lwku@new9%2eIq+v&2wj<`9Ap>AD`a9;)r0kx+_+7~j
zc4X^NbCwQHTd#JM_}y|)%Oi({1U^_uAhMl`;P1cs)f+K_&D`!(wC05FHl*UeZ5d-2
zK)0CKET6zag2W4dRuZT{$e+McAh2P>jqd*;4ZnL^M&NH^?zxPB%M<^Z+~BO@q*V`2
zFpFSow4*BSmV+3|h^-#qM3Vscb9F)odbc|j>9M3DrXE8oe%Isw&@#p_u)Qw&TgyRM
zNbnrXEGdDlK<vU0#0CKSRA`!nRP2~0|0d?-$YEQtPrH))pIWiqa?nhm4+0D9ZipDM
z)Z^#aQjvLYDq`v}q+v%r{wK>A!{Ge8y)^m1Se8G9g#<af3JFvoRCg5!09v?Va}l#H
zfmHmSpA-KkX6u&bJu7c;wLj?sE&SWSrHTBGswe`WS@0(bur8Fbkl??uP6qzi9Qbcr
zzKD$kf9zfW|F`Xnf84#;vo~PsXt;Nk-18j3KDX>xq5oRb{#V!C=w&z9zJT=?y}$6g
zB>zvh8}<YP{8x4nwxjvGV9;IL&!_>A{ahs}PVE!oT3Zi$p6^^wS4$Uy8#3L`yBx!9
z6il}fD*oF=vc})6XaQ*Jt?b{elD8MhU;c8t!O-|0wi|ZuHe3b}f4SZ8qU$fW8(99;
zcEiry22E%K1Niql7&6?Gos_#*wf{K%Lo3ohwpqXq1sdBit1pd9m#=QjZ*JC^F9Vj#
zm3DUJCH&Ha0c^{SW--%3B~;u%@rYJ=baH@@U<p6JONmodObp6=d2ViIHkmsXwK?wj
zbf{}~$*R9n2sLMq8Xgi7>;X_q$SG>-utqbav!km$_-8eseHyjM5+m3nge>JR-LmOH
zt+Uw$m?1Y-MhNQykmZ{}HPnD+`J@)rw5vUQb8e-tZ+3R8CLifywH}OgnIF&JA}uFH
z`2%d(o0?mrqeJ!7)3MZo{2PSj2~#MP=Y09<EYDVt{mQKKJRvH<3^{LxL?E{oTQ<e!
z;Vab}tFxr8ooS<80?|Oj#>yJWEciRUCbcwI=D43Bw>Bahg@iUo0aTB`*4$d07OHHn
zFF>|@6ONjh>5^R?mhIVG&5tb&kj)f&1s;;wj`9x=n%)cpT7T352VB>cQ29bZzy;(~
z8?bK*wK2N7H9yi0kZ#x)4cHV9+n}aVt0NX`spSsNtLx>fqeIi>TknxuRk}gb?<tX$
z@HK%F7bDmCiTyws|JU(Kp^`0>^7_UwGRAdvWo|rR-{{f>luFrVO<g;|(4t=Dd`oiQ
zD0s}@#$lIDlDZn%@{+VnVAM{ihZ?YSc6D_$MGf{0479|$F5559E^Cz~BV9iS5XNea
z1-x1BThA1t7DRp3LQQ4%<Y%H7D239d@=4mu3s6f8f&gl!r!f;bHa}2VgUm;*wWAK)
zDch*;U+wa2_jJ~DohaK%Ts5Pf8=7aWso|Nsq%nUf##zc(@cgrYoAouqbC(KN!-WNt
zHZAn$E`<&2`fOg(Sl2Co7GMaT!M;T>e6(=M?V}{Hs&2k{cCJ<9zK~amO?#P*7*(+m
zbun#b4+6;S2^^`86&)-sUMhvpea~>2@h>Sb(&`Q*wVU*X&-G`xScqwMBiN=s`W7!$
zQ94+(mle>mO?8sm4OVHa_iqa?&rqAq^;2!lOKW!LvrX0dt}j&yI9MRd3K-a?x=5D?
zt6bLmV@e9lw7P>ymnVIl=K9NAEMzqS{#;1fbE)c}!|azb`?G9Rouq_=RX5iAAC=fY
zL>*!HW8l6P|1(m;N#CP${n;+FS2g+b*r;lKYnG~L9cDYq?CIF3x<~^Ct8~}<1551P
z%MF7_115dN(8A(Bg_F_3t!4H!Y%!grfb3wE!g{}ViTwjD{y<XMNneJ!{uGy4VNL$`
zD4BDR$S(;~NTPAl*I=%{&}CLilRuv=rq*|4sfyEKw!6&!JX=f`Y2#p()p~zKiM<EP
z5VVMv2t!LWm)W0V)9fT=8?2IC?|)KaZ>UxBj1*v-^d+6^f8{cJU9%*YP4lBKD2?YZ
zdjMq=RkDH}-e@jcd4m2oI1XM4ii0ws8t_uBkG@)+q~*^@%X8UW&#}20YHeKCgf6IZ
zwKzI!m#x)ZT6rKRc4Isf?}6Ya*ZIuy=ET(t>rLfbolk}nCY0@fTTwmm^>37yN7^N>
z2;uVmh~Aum70nx^yr4czzu?a=kUP?@2L7NoW-u8(#NgmGAxr!ccJTR$*Odq8amLuM
z-E`wKzC|1dqkXRUx)PWE^cee%o1T0>zWBSpb|ab;_vZ7Ql<lRG&!uG<dnp1ZPJrp;
z(q0*RDGCotfLZ3!0s><%#o)w=u*bQyB4aPb;X#S8pj=w%v6naD#IG6#X0G>Ay~(9j
z9Xl%tZ+-<U%B9sFJ1Yg3PlA2Qr8OKoD-CZ>f_3K7T8y2Qfy*bu#&T&L#?H#Zo0D0;
zkBRhB9YD}N8GCsP9`qVUjG%ow_EHW`oC2dk(1wh?l!phU05A>&ZS>en1vv2=*mVT$
ztFf1g@Sr!W{e$AYRB8y??6I>-aQRf&0|ag1*jZ(Gb1KXcLHmB}tO{H{4d#QOtsOh7
z3U5w>y+F`5jh$74%cryU^-A_q<sfK##$Kw!i8Ejo2-=~smv`Vn8L(yq?c~@?4LETo
ztRF$UIQA0Iga>89<`A@-V=uMf#96EZ9WuRCxOucV<7c(u%~`NBd9=sJ&+5SCvtbwW
zXitxy)rB`_!}#)O&yAnegUjc@B=Tq($It4+n{!}ld9;_t&)$Q}zlA->qvahxYXEP4
z3v<k)y*7UKK3qN*=95QzbNs9!yg3*4A`g7<boK!Nmq)<f<k6~*pEH6tBdChn0y7rB
zApEV<Ju_?)jRdUIX*I^<j3`Id2sOatD;<BRi50coXy^Mch|bQZCK>?(u8%{k(}i3-
zLP`W&eZYU#G-d~7EUw&C0!;|jNffmWB&*(RciaFE7g7s|y-)w&bqDxgNBM8C1OE3o
z|4R>mzrE80D@Haq+mCE~ElM;xXr0cWLH^Q6V6=0e#yB|oLru1b>uS4WGh%;HTW|)!
z7etJ;$-|7re=iFB2eN-D3LL&P+WD~DJ>1&loz@MhBCaUc<Ch$qHg10a-Pz*M0i6UW
z(IU^ntpQNxCMffrjs85Akg}nWe7=Gq-AaQ((t$!ckqSkx0!B|Xd%L#l23Dcm*N~71
z1QE*^2+@5x2qIrl-?_fjpnT6$kfz+%z&}atS8IiUjEAiLl>J|b0{`si-+6Ey3hB7|
zb8C|ir|31v<3tXQb{=CnBi=5$k$n4RyXgI<t3_PbeUE@bYL}m7JpB^?$lApH6hWd9
zZSMWE8o<sg{*CPaLKHarhtIn`SZPEAWjtLW%tL>AL7%eF=NCgL3K={w3Trh;#k&Ke
zon*5$;=O|X0f8j~Cseivj~zY*VsRl0LgCS25CvRj5QSTJq3aLeB?3mYe=WN$nhx4J
zW^xi#dp{LYs}8Eo{thKo9xepyZOAq@q2rwwp*x@i+5Rbtj{k3DNg%b6FCo!GknQuv
zOw9<KE+1=?iaZ*P$gK2#GxRvmC(#I0LI)|KK`Xi0e*Qj?Dqh5OO<e@k)p;=}L;8zS
zptZ?A$o?-xf%Er&s}*b{1$|msOoe=CJR%A@B}h&N4H@5s{KlsR{nr0IFq3*TFhhD}
z$PJ8rW9=FkpX>f}&4|&3lkOk82EvFyTxN`pK_VjVkjTaBkjQCJ1jpwJ80@XIKmfF)
z^AsFDVFX!Ffh<&=0Zm?LgMi6~eAt%#3sFG>$h#k%(6#N*wMASIs0b*a49JYN31r3y
zGNVBbiUR+E?7tI@gVf?fYVV;%Z$KWLhCHZ8dr+NeAz8%r=O`Gz2jmzh+OeM+BE=yM
z!jSBFw1z-PgEu59jTQxgjWZ&FjQw9lfxlOKD-HAjw(@3hGEN1uUG)NV^FkZsW;W!e
z&lS*3w2;Rs$j#jQkeec)C<S_&@P&lbE<>@zL$RQRfZtMnS}md0Ce>^YK#&HM5%e07
zvvr*yb}Kd}H`|9>Nb~5;0<^xNMNA-(_B=?$w+n*zx5D50@L3=S?>9jX?za6&3UqKm
zmqr7KjH3oUyfah!v5VB1ZEopH0OXtN_Rldt#@`HwZb=QKN(c&L?GhBmKZ>4$MDwmf
zqK6?-7PROiNGl#>RsAJo^l`Z)E->1808)<qiubN`8tPfpH``B5h=Hos!8Cs4`Wda{
zJfwsZeKq*wA2m{ty?bbT!H~U(zY_)i1KDlSMqkLzMNZJptq91@C&(qmdyq>UkV_#E
zpi8emLoVq<qJnHMz=8Ws&;a^cwabu?@!++<qf_<Z#ku#fUHot237UbrkKaNo#R<<c
zSXR2wpX=yP@<eC^4t*vgX`Yk_Y*8_S=C;nGKUo>U`3G-{3;GY*{qI)jcy_oX0>#7f
zkM8gE{%=Itpr9uYL-CiQp#VtlH#x6M-whyK->9^UopLSGnvMY+S5{W*2R1#!rjcdq
z#cYK0GcAqzz~<b-=y<uK%R1oV=-{wcIT_$uR=z&FwOU7A>dH+W6Qk)bv@+aowxTtq
z<+}R++Iq|2x`Aa|*vxif-sYH@nPYD=Gdt#(8DrXJW@ct)W~P{#nPX=Be9l+zRoz=p
zKcrD>)ZMC@(nzaU_uL(xJnww$jW2C^-n}+wXJzSST@wD<?0R;3d{Mt<{Py|h^L=ee
zVCnVwKL6wP<i4LUSpJ)yH*iV1rNHwwPiE`w<mCBL543ei^ns`#4GDz-1_lNPW(|bX
z{KVwPH{u5aiylv2Ylq+hi5#k~;zY_U4o{}2PTjfOp9eqBVnO*Ct3bfPfyd-|zqg4)
zF%X{gP9z++w*OX@LW7FNK63o_c=UP0nK&+%K5OG-0(xv5k$$~?OfM?^5RY4S%11EY
zN|j2y8XKDrwAwcBl%q)%7;BWmy4>2LynkZ#{;d9F`Iy*x_tGl`rO30DC(11l$*y9R
zS;=|Y)%nVoIqC|0e7J&=@3q)JjOaZtv^djUo*CFhZ=SWaX+JN&5Gh^HkF9PB*-8~9
z30;ap3zs7A`GdCCi0%|5@6GHkjxq+5kJqhtkB95W`)<?Qtxtwlm>8YWHc$2A29CuF
z++YbF5f<w^wNM$*5{<P?r@XOhXc>pzM!rt*1>#%c%Fy}1jH>T6J-FxfC(RX}OOLAs
zcW<2^*77Ky{60<ns9e=R8HWiei;;yQPKzyLg#|8P17lg+MV|meB#ti8I%lh9P1(fM
z!P1Fhd#I2BJk`u1wEHJUT>x|mR^5cyzn|M(9=t8u<s$VU#lA5JnC{*K>4YbMc;ECT
z9LRQ6D@Ci?S#rA@#QVf*eZZn_m~XskWk=GFY}l+w&LNE)Et`6|Lxh=w_#~gS5$|lh
z8fF$5+&qV?c2M&Y+Q__8AR0hZKXzP~`}=Lm7M3>3vxf^>YUi~FMUOhS+Za;%VUwRj
zTh+F4^{)(QjZRj3H%~1I!Ig94oLb-}i=d10b*g$Y)y#obNtM(6t5WVt_^su26)8lk
zMS+i~*pXJ^N!QqcxA{cAY*MSHJA<aA`5*%CEGY2U7A^bp=?G+XbjcF$T?odyukGA6
zgB&64nb$Rz=cl?{RF=@l0e@%N73|$4Sx5_=jf@ClW>~=T5%MqO8XN7Mh_)0WlB$i%
z($`v+R}P%3FO`+^-5D<Q{`u{OR7ntwP4MBa<iU`3twVCLOr>!mo>akb<5VW8G;jLa
z2v|33Kx$9K>qVoY3;DSL20l5%U<VUZ<O=W>IR>Lhu@g3FJ3;lb*q`+tAlhwOEDQko
zptOO+%#hMNGw+L=SZq6M%}!+$7pF6b%z4bheJoYS*##&wvEMXi!E+$a6U9KcUdC%>
zEY3h*!{cyw2Sb|)lpt~xRo7;)3EYPToN4Or+QT3x1v<b@9^CYC+HB#%88W}xb8L>O
zGc9yHI)5FFwIx$ik0JG(Eb-Z}5B`#hI06Vo$o2C320=D%y!V^=wdte48*eKS!y7tN
zH0YOr*Hj(MEl1^=A-w!H<ktIdS#G=)$-QhJ8|0<!_uumD+>{PO?W11(V=^O6D?O2!
z<&A23TDt!42-c(-)?h=r@UBJr+i|SvMDh_@?Z#r@9+nt0kkYwl22$M7KUQ4NPj)~`
zMbTvw5<kvcH%7b4ES~slkX$O3<Q0r1<5&i4m*czRLs(T0elsFyEU{PcT0V&(P<aTq
zfJ2b&tDWjFILmo(+H%$MZ}KLIQnJ_`E43*r>L9O571V`UnLkw2tI2kLgQ15GLT`@9
zzSjTnDZI#PmcG$QLr)FwHS0XGPAmsi<4#?s$y%pT6ayJ-HmR&F@QjpGl|LHOn<caK
zftwa*9hfwFy`pPi^e9JK7{(9AWtEGK6A8Scu9;lCZNdhg>3nBUXDRSMMtb6}y}`1y
zofuw{jTs>RVHkW8L&^Z+n8nFGC{;p;B!}n^E^2D1iW{ps!WpcZTN#{;OkqLRC)G-_
zy`fd5N(~PgThC_RkEV+lB64s4$Xe_NCiXEAa45S5(o=1mHyUb`0szvv<6^y9tJ5%l
z=_v_^+hf~@{&mm&VJDGCv*EUv-28|ChSIp1cV-rGs<Y-`SlzMK6n<X5N)Gt*?v8q(
z-FYyT*Gov%fxV*FY1h9qoH_?uZ%B<vy-qMw9Tzr;Cf9WeyeD3{5`D6anzZY8X12gF
zUP@g}8=GV?xo>mYL4aN-@+&P-Gn{JcHS7C3&0$>>DFGg21_r8>6g(sVp7ISIdQ3)I
zx|KL6KWjj#>g&Zf^%77D<J+=eR_1f=nTfgbB^ZYMFo#~REgq@Oq0Rwi0B%nJNE>Es
zb^$Ar+N}obR#y=r0Yjn1S!<pgHA9|=sHL%oYXp?P+<KSq)+|-=a<E_^Bb^%+*;m3p
zvr7kA*mXm)XN+d&d8~Cf!d|p+!snMOu5{S@SsgWqGMZ(2q1{pJN$fhbyTfyrsuJ;d
zny#bJUH3PdYPdFC<)%T7e_T{7S@(0IIeNh=GZ|Rx>kX9)RfGY+x)Yg8Rqdh+|G1A>
zH>>2UGfcE<@kB|4)kd@56y-0O9PszA02X0<LHz?vspSkSy&#cq-hxBX5=;#PY_yWw
z)uXE!NMT(^;x|mFqJ8cf?R$Xb$VW<s(8j*KG;f@I{hK{cW^WM8vA)Tzt-gZxM9?}(
z3Ckd6^-9Y<xL!_<BZ*Ick8^P(#Nt0CjH`a??-_3MV1~MlI|_=)O`#IJtw#fzVwp1|
zxBy8b8pXbE)kw?O7--&}`YAt%;~|zJRa7JYvC``2;y0<%=%o>B!bJ>USmz_4&dGm6
z+K`|6*&EHDv0MbA`u;{GVjIwt1=;NaRpt@cHxMnzCmKH6;e6t^n#LEz$)^*}iEm;C
z3xZ^r)n_bF3$IwL*?j)WIxZBt5<vJS&oZrs<4y&Ojo3<fwGY`+#*d{|Lh(0%X3kx2
z5Q)XR0Bq4W@nT)quGK=()YKg()ejSlck%kACz{3BqEHHy!S`VX33%=;wBZjBpuYwr
z`#iDgP1<ei<zqc$|G5c5fzIr@WfdIr0rQ&>uG!S*soWC=_dXOS4Elhh_PAG4B5cXt
z!qN-Lq<dRO3_;j{Z;kEGzz#%Vw&?3?R8hLf{ZbM*L&HQXd*XL_nv-#~OY6k_B;f$0
z4Sb)7mj^}IyV#4gN?ya!$jaj7`VU5H;qTsr|6m~M2Im~kawJ@dDt#TCc|45i*7_~M
zM|Jh~G(_ySo{|gBvhmb%i=Fe{lkEOf@)yMw+nA6$K=6u;q?ju4Ob&i67(ufoRnJGo
zk^1$;j{asBtP63Gk_J9f4xydtd8QWw0L_l1p#riuFCX9*y45MEUgh!d6&{VB+t!UI
zRhq!aWo;9<%IAO;I)!Io<YplNg!*&YRlGm=QjXgrnNmACy)8m)T%}e}pKU|R8}6xL
z@+tHb2(#66x;jy?E<*$%8u)*=F70k$2!?f!7oLdTjewk_l+P0<lXrKVOoLO7f*AZ-
zv;oBT7d^gV9xCS9BP(H_Tf!~wyXoT(+lgc{h^C8}@K--dOFKhn5A;AEB4sy++uF&Z
zBwd8?Dkx9?Zph36xfqX@Y>}yWF(=c(*z&tKet8(?Spy2xD<de=qyWt(M)GyWo;D`m
zgmg?Kk+TRRRhyVM6JI#dL)gi!TjOsGf3-kVrW(#KpJW(W8Q}fOGwb4lav=-icr9p+
zbW5l=%Y4tkVHN-Iu%O;}zHNss6VjovQ3s4GZw8Dkwq28^{)~KqN7|fSaU2v~TFu`T
z(vym%TUonw%iO@!f19v}WAL$HZgnBsCJYH1aII|gqcB`jCcGc$38wLK=B^k83%Ve*
zz`g?V9Pu&=f>XyR;pG)I?H<5K7<(NTl9Xx!sqLg9G~O5QXA?^;Fh#$fTl}A8hE$eZ
z@La@KA>jjL=em*JA;nePzhrFcUduRN1rJd7A}ICjemeOI0fZ*Pq55J-_%#0-me#En
zL~m@#X$qMT7gmNyNMzT?g%aYmi~52nDj1p%V=s8JjC&)6&M_xOV%xIrvFo(rYO%lk
z8TYXu?~dutAU5q0!Zf7hk(XLObfi~fvZ8U@&PZ+Gl?#$rn56;yy25o%;ya=Yi9mu$
zqK}B#D8Oxrtia_{hiNP7?mIQHYC!Z&gmYl>^1Bd5o3#yASRpgUjjn=f+6D=S?&$vN
zShD=(y3*b&-{AIX8=j2?I<A`BYNs`Ry)wq}Z4(!{oZyzibd_%Bb!aNAI3J2}!4OY1
zB&$s{4+0{fL8&)=pQJKu&^p2=56Y)s)%b)L&)r#q9gQ)S`5Be;g3hGN-DZ2|W^$bD
zwu#CP<lmmu)0ALpRER1lQw8O&^^qrV8xX6uXQL|eMkfwkB0}~a;xBj->0W&1Y@SO)
z#!I*<g(OR<OlZO%c2O_{k@X*4cZjfOi2RL7)RC#=LZ~N!tD%tHF~1NU5(E+~nmUa&
zKJ~M3p1Cr3G?XGUAYMuZX4kr9Pi#?!ryDoVoQPQ&)Guu5-&o0{n}USHos5uvBR$b+
zowLu5_bM`A@|;Rr;`$g6Y2$@aEqA%dyCHXG*waD*2UYZXe(Rpm@!bg$57it|1@cI(
z>!h`zdeeq;Pwtes;zIm<n@lL3AZRnGYJrRlrfhagf=$k?If-3}HAj@zh0GRpMV8O=
z0apG^*Fp#m6zPqp&H#~CV`Chq*Q0GmY#(e+lPg}|2}hhEhS|a#DwVAI<SXEJ;^IM$
zE1=$1FcC_nU!XHxvdU-y6C`8ilCP9@gKhGq;00l@<R<LCwXX)czuuOIntLCq;aH%>
z(Dy_)c1R)aAICy{SdTjU<Zd51YWFZ=)bQ*-Ied=xrH2DDIzd&5te4s9*@lw}q759a
z4zpvL$tpw%>Tw#yyuiQHKkQ@8kBOH5KA;p5sI1pmxx#z#-I^bkzn9dvJ9(%Z@Y6bl
zra8}gWxZm|SQ(Q_K_f2$mU#m=PGEF3pXNo?`jaeXj3d>uQyk|B`K|g?5%cl8g%2N&
z7Zk+WY0LgmDuGnI4!OlgXMyL#v*_3L{>0C`0i5)XTYut3YU4DNh1z?p-H}-L{eyop
zlZqZ$&@nNWN*07~#*sbptJM{E`H*_5(Z{1`#(@XVbgprGk2oX<^J`6GRxvd3Y9Qx%
z*eths)S5chHyJv7NRb>3AC^=ii7|Mpq+aap&m1BRs)D9|W~3F8F?i3Px@A@hSB;1;
zP|$enTR@ag{a%ry!p73UU>Z^mEs*B3lrhn_xX3KVqp&XR3m{+fA(AFp{Q<y;_s!_R
z<&S}P?Uyhtvc#{Wf2u9=pQ!qp>zEV%WDaaBSrl3X9zYKzTgPE;#W^4*gwn(^n^Iks
zb*ZI@{{vZg$!7(WX_eX=s)~zmvbz1H?J`7gF?XIT{n=Y%>w*w6x<8j8mX3G#1s7K_
zsf6BBc_P`|6fT_PSHm+w2}WMRQA}5`h8HnTO1`~?EF16~^*Yk3-Hg*El4q^D<j@wz
z<lI~GS3oma6fEb#fNQPPh*qs<Sdj3a;<H=I!-7~*OsW}?O!iBRUT<=+)!WY|6nIMN
zJfHY?x4rQd?T_~H8=bZ+lyCBL2g2r;{O`iQ!^aQ}7c?CT7wIF%^*o`9>4RlL$wLeX
z?Nn`l>>_5mNmzAXlSWR}B2P2_YshngzMQBjH|n|Fix))U1M+VX!DSHvomc@=gFeSd
ziJ-y&N2d~DZ9XAp@u15JwG?D#Vfl8?DvFQS0AwAMI`J#OJ&qqAaNisbSgJP=puwXv
zLgCP$XIOfU_x+8Z#Yifpj?nz<h-qTNdMBTCBi3AfB#N-`jcRU(YS1oNA%m9Y*f*Ez
zN=fU;2?4Y>Od+V{1P4ujN_DXNHAieYf>aaGTgNJ1DZ9#_YBO$+7q9f_>Y#z|TT8-2
z(b)<%r>qycXw-r%4lSeL&8Jg-tc`Kjn{YLx$wl<_Epz?QK-rzkh3q8~dT~tTPd5C5
z_fwQvmls9KY|yjq_0o?WE@@faSf8isn4@LMJ;?sem>;#bq;yA}Joc(=SV*d&peZAV
zF~4A&;mKzs!9S1t!~SMtEAFO5+I0j^v00M5T>S!E#H3>}i~uQ&>`V3SA{UO<-7y<Q
z01g6{pzC>@!ZULYQPVk#icpqQ{pAYgvSuQg2_zO$V9YS#o!$CroR&qRL4(c86YC;Z
z=IfWc`^-HvMzu3%vR&U+_>6}@w|=<{H_!KC3j&68Qc<qGir9bf=~*inI{z`dc@<ZJ
z=~V)4utHzxW3!3H*pI)hae?nb14|F!$0AqYvGL{yyCO*Vc1diok=T<czk6kUb0Ki|
zsckA5=e(HY^z^Njw1pkE;A+lj6+!j9tf7#9n4RpGVaEVIA07=w#40?46pI{R6}E%&
zY1P=xI=S}>3(I8b0c8S$%y0HfnMKot$e)^U?kJ!jXkVRkz^Pbw1+_%a+wtNvPN$9{
zgaKmE*i3a>Lj2P+b8Y?IO68OsKbJzR;{!d#OiWK|d@ax{{@r!slumfuwpXFAt-mq;
z;K@E?!;T&2?AGmtwP+bMNA9h($R8w7Fqf#gDo&JAi&i55Nj;**$!>9}pLxSjuC*vD
zIma7>JO4hS?KOH;!D{O{;NEOFZ!MP%U{)!*uy-aYq9xCl>js1=XAiQ>X_`P^{JZ#L
zY<f*fD-THq&TLGi5~G?f3L8rgI92~vF4ioprGcKgM(a2_Ohy6n&e%1pWxQ)k65v>~
zH6f!K8psn5W>#(g`^#9&nR@r#a?*%2P-FekS&5x`tW%%L#A`meg~jin%;Ii3j$l-w
zv+Yts7kUsC4a%r)Mt`|52)g#N1gVJ$4b>>k*Lm^XVJG6`33nVZXm#P}agRdW`G@wO
zDJ=MZ^oqz4uRu-EG<$?hnyCGJiFcid))5j;Fo#Q4RH0vXF^UUh9W-DL4e8$`Q>9-8
zd$)dxrB{c!saBP=5nkr3+f!^zCIsC3v5KZE;VGZO7)5d<Z_vx4xYJg#>nnj!Fn(Cf
zB5stQWWpPjL^7xE<ym$KOF7cd$fn<bFkR(84I6g<YQ$hc7mVI5SP!9D2y5(ND%+Iq
z-VQqnd*X^E=o+ae?+-2o>%NR*8s0-1tnGL;8(`M^?tt`q0WpaPJ<6RMQVvEb8UpF8
zsNZ+1C)`6Z8bLSf!S8}S2p?vq#Je)z+fbQtgAjwHHVDcxMPg@GFU!jDe{%n6KW0xM
zB6f#HMnYf*0T(W=b9GIV;51)yR^xPnzdj!yMgz?~b^eqfa`N8qns=JaYW68)dGLX~
zF%U@q1khMV_c~?ms#+t|nkV<E9V!metkMH4jG|{`?=s!FDbX<WR-FLsJ`DEOgLO$J
zZT7Q^A2VcH5Mre(x$ZX9VwdFFzC`J1PXEYyA;oP#lm_beqyA(fU2n&dA*|a&VGrM!
zRcgI0@Glkebn{i(ahs6noS}OBJK!qh(A-28+x)#fd&w0<6byodmn;i>$%B{!-QthG
z<EqgtGQ#vn<9C7~37+0SFlCfToBp7X)>z>Tgep6|#w-oI@71cQfuS{~K&<_)@pmlY
znNSoJWbrdo^pyz*LAg7J==nPJR-fm-zfh*u!ZEjUu-YLm|01!)2PUX)j`8@X9G_^i
zrX^nS;Wx&9Bp?XW^J4cmWwQk;opkszh6V^ZER0v3Fy)KY$A4E)ZUm_(U&kJVHkUk4
zcN#1I=1yiN*HL)+Vt*O*OQf&?laFoYeN>7H^ul6Rf6a8k;IgOb-&jiidp2eb30Qet
zO2*Pg+isyf>3q^3a*Zcx^;R-XZPh}xP}X}&TXZMhseNA>EB!hX{u%l#A1)XW9FD_N
zB;K446YYUGX`1nDTyD3kBL1pWV$4%Hf!is|oM7ecqS=`xiE`kd`?=#^u4AP9ca;VR
z>Rve>GFKI=t9^>CJ7ZtG99i5IKSG&uL&=IpAIYcuPMPJ}%k4WQ=}62x3fIK=2o?S2
za2iniftGAAset3&_U8$z<BGD&pS!jdth_o6Hvt???=LuorK*7(TVQBzf+JN>M$R`>
zyTD>E7C~!%78NsrCPLoCL*tEI?hWz<&^$JhYD)Lk1*=vZQ-$HI0!jIO*nS-nbXIZL
zM!f0FI4Usms8EJzjphxtR2XN_jqi<XVNR)yx3w=`9nhA_U3PL|*co)S@~favRVPN9
z{Gq7Q*QUZsWfKkfew54>rCK<()OUC+h>r_TSFaR1e1k+@K(z47N^y%_vm6ZzRQHr%
z5rj5-)En|!IlX9<bN~ksCQh{1R<e753|u(I2JVU{{Xz;Q;&*2z^Ts$FjCq<#Hj>c2
zQv5^+4I>KuV=sQ4PskW_hxODS7{gT?5`V-TV#o9-!S}Wdlo7qlq6}Q3N<lJ7Wo_)6
zu3SxDGh2Fe-t0fIs}_JPigYXoi9XT*%@5J-bWw))+Zc%~cWk4mW!)g*6NwPHH|h(~
zyZFOiDX;DG$O385E^%lUozbKeoysIDRVA|-xDrZ#fZvc(y-(a$B?biaL`QZk!rvp)
zVjjlhWtC6rN+SK<9On9C1CXM7^!1>1>S|waT&JM+VTYz8Yn3EQKD4X=MPCNxcHFG&
z1u<5-6dO^aXe=euDw+Qa%58CgwM$JmflCD}oSu+AqTG0{6V@iE74L4-tDrL_$Wq8r
z77ee|5L&C+(700VoZgn+|B7HdbT6FsN-Njo0x73zH1SN0;7lr*uFypI!h`geAN{WC
zNqcqC2n5G&(~h}N2@y6xB9tqIKh~Or!vjP{WA8J7nm(Ns<-{}V(74*r9t<!Q6^WWl
zb*nvShw_6bC!^7fnXtBxCT*p@5?+Wit!P`wi^m4}F(us0)Claqq1{kcPNV|pe(PcN
z&ZjbXjjl7g)yVlDjkHes4*RS6Ld<HQsqYM-M8@(;Fr$`pR$wH8rVay~h+CT|jXF2b
zaWXyo6)c{SrugRTiC<%KAsmwt0T2q-Bhq4JiHEaV&0zBEurQn4>y~PHmYAtUMUm!6
zL7o<?Q{I)Q{EP%WT|S7RF~r4b0E~-m0p-@dIA}ZaRV-twO_?9JrA%ZDK}e@`41nOs
z0B$^jBFBD(A#NDZFXJud0^zxPD1L^Go8{^<GP)o#(^=Cts?{NBu|Q}RcP@uKwypmB
z0fqHv{Vr$iG)IK62@Iw^5o$yS4HgVLfjL(-vEa}xCJcLleKPBM=KB$wh!UW8zrrGS
zUcCT2#rxCT?$ibH73Vr+^!j#Sw_ShxRt2@`+^tLPT8R><0c$U62Xb_AN96Z3n~ZT`
zJJ!kgPZWa70l+`8Je!Yv5-&ZZ#=PS2m_5@CFhF30tGk{H#hMJ~`y{o02MT-!;~F>M
zo`B_87O#RXyLFCy(+FjsE}<fkAy3k)(y691@8-r95GGI51T*nIZeX7$Zc53x9Fwwf
z(jlO!(O?7u{}oP#JiS=6-7xOD`cvM-;9c<m_xp33pen<ov=QMoQ_+lxrPkN7N<%;#
zW4XQ_?7l5`5&(oC)k2~rDPIBF2TVAnz&;K)aO1Ro!PCE=4nM_}mB^GYFfP&U9v#T1
zZrLpGJj1_P*jLzf{5>=U9r=|xgqyjcKBS$1%1RxCx_%lQuBm4Q{wLg~@V2+Y5%!RR
z{g3MvM}2t_Zs;zU^yr98GF}kEa<V>%?r#+aSj%7pm40^0Hu_Cq#+&eu0v3uIpTr*z
z=zDnIcEB*st^L>VirH)&N!S}PH&X0`uu4*}`z~MhqFVfUgW^_>Wa@s63RFHS?gSz&
zRDY`h-3uvX1siAm(X(;;h^H$9{X*kpWL6^oiaBt*Q?3MgdKr0N1A_dIwb2_lov_m4
zMMk1KWKqXv6J8-k>0I=i3m=OGjY`u}mEAFO73w^68pqcOvXE_^G5JxZMoWGhQjKM%
zv;T<4oc*H#uzv)T_EMSZKk$)GyJt!`A~b>o@fKEkLQUrA|A^{ytRRAK^3_#bT&Yme
zV}6o}Jy^5>oLWa;G0ym71@Wahhdj2RxT&MQ*v;S%3h;I6%h`G^8jdQQ;%U{aaT}Db
zpROic-1ah5A%_N|J3{>~sYUUGD8RNHbjf|r#h1}861a<l8VrTt`Mjcz?@X@2+8cKP
zt!I-MPf^Av=05MA><;_u>(ps-q4rAFM~K;V*Vrnc_O^SH<k;`}8kyyj7ccD)^^)7$
z@BTh&vnuG^+J3Pb6dUbWfqSy1E=+Rmmuh^a6A|AGOs32IUK@8I(Eb*|AC#$xpo4&@
z_I&RW0b+}gyvs<zn#mT&H^L(1x{?qBW$Y`Y&XsUqmpdX(A77J)f2WPSl8h$2f~bL=
zv4&D3w!zh>{ztaDN>*xA2=(Emrm6O_J?ynCeF46ds=;5ogHh4Y!`QQw>Y%?Q7LZ$y
z1}{jMXLPtqiy4x2G<(HWn|TQqjXuX6wA7v+(AX-Wx^bMSEk~_WA=0Hcp0`Z}TH}W~
zF!|2xV)6~C=-5^0MCs?ckhIPKmN@dIa;K{sgVSj0ccAD6^U(HTi_BPHF4`l!On+Y7
zB2E8Cd}}80<q*@aY;L}PnrNJq6t@Fz|0X>efE(w-a&KQKR*yV+t^*0XyfuKhq&Yg@
z_1QHT*{9T1HT_5!+svcYA|Q(Zgna#&;v0$pZ#;fQAuMaH1=w;il3`7HjEHsBXADR7
zkV+Yr#3l;uk<jT_kr%YpCD>Aw!3hk{<#+(7$5e<{yHlrk9Y2wS{b9`o&(Wa91~)O?
z!NAC8w8#|W9>ys%$vzS5Sa;6<26fg?K@tzdk<tZ46CTLM6df)q@t!z>c$LZDP>v@k
znjr=U@?vg^M4*%&4ah_`RgSMFs?3?|e;(TOAZVJS5!ni}=D9Oem~-gB2`6+qafc=l
zb#v#sakjEu=(?6=H7eqYBQ;jmPb|ku&F$Q3fX?WFk!Of9=$dj7F<mKMW^jpvxFpR;
zfwl7CwY^KcM6C3q-s1`&91jNvbJ@+dUWBAVDAEF$xiRr@EAaNxAmKbRrA?8NW=Wa~
zPICRCMS6{2#$)I7zy+()S059nUr9>e2Ce-N>%oFx;~lV+QjC+#FJ~~+sxY!NlTtOx
zBG)bac_-Tvoz<je)g-$+(>7g3O#6P@71j<^*Ok~+cz?KF3-SkpC_%4{Dc@w8kuM(T
zQ{G?uB`VvE$*t$+so3|MMq=}OTp0;fPVaw{c+zdxv1+crWbBkm)+OXg>Hls0#Ho)C
zY0@8wiyC$=sb%lU3Vf2&lZ=2Gjs7v{LuPPI3akb{vzT2UxEpBEGHCN#9bd0NrxXZX
zA0CBJZ)_Taj&ubFB^hi!td*yi>e9tLpx+<%zXtOnQBY_dXf+(4`{DIO=2)i2F#%X|
zZ;c*$w&eWw#J$^A8!k}poWY41%fu=i>Jga+>;4iE#A8~}-eN)0Tp!3wBzR(Z#O}Fa
z-u*Bci5ud>ZfhGUPJZE;-?01T6IdVn*NVj-n&Nw#Uii!)2mw^4<|H|w9VNV-zq2{G
z_lE<Z&3%@X2*t%7x|3g9{M#4psD$#o%)IeTc0q}nuNkSa*Sw;w$BKcSuz_r{c_5Z2
zL%LztkZQ0oWp?L~`{33ej1qd=Vs&$hNmJpxeR?ayo<)q-tI}xQ-k}A2B89QiyZ~9O
z#G0r7V8`1Rr1&Bde&vYHZxYj9;5e($nilg|9;xh&bleE{)3fJ;9!P&_*#KdC!MdTi
zuCxyscI9KvA&}66Io>Hp(uKvi`p;#U1^(Ax+>jnyjrifpPPvU0`h|2X4PQF}@}I=-
zGti-z^!B+WNE&F&f@*A)_xRE))f5w6d~A+SHE51gp!kUbj$Xa&H{3}Gkp21FZJU~$
z-dLC(==pr;43uQ!jPST3-%7VcbcA7{mbRgK=3e$H{qevlWY=fhPx@0`V+~&0-5Qr=
z@GL2R=%E1SXElh3_b<T0GW)V&^~uM8eR0^wIvP#9?VzN=>n3C|awv9rRP=hg840tw
zv;{#AWOw2h61G-OZL7Tb5XusN+r;ZimzLP-3j&kyRjjK?&i^(ZsO1B%bs^e)YxL-m
z?_mGB^RNTisdq)e1$)u9+43fPir>gd7`S8*apK}V0OMHL+tPzBbF<W47+-D5Sg#&`
z5|x%_bUQOO6<X@1q9+;<S3LQZfwHQj-|{aC)O*NTg@Q3dv1BMJpQ3@{nT35d<V<UD
zPyct(G_H4W#=uwb0}+;qYjp?RDq>?$0pjf*<!@Ed_WOjQz`RJ>Y0}<9`$N<u!Xk6F
zyGigg@=U6&0N38mQT9piWVGqC8g~UvLIjyFUh9S4w^J=t7KLUc=<d+dL}C<u7KFGi
zkjXxp%YJ1Nv+sQ~(tYPJx@VegV-%O2LE*U<(sAC~$Xa=+TQ=+*<v1m=24Cw$g8^07
zyOM;u@+x6wW<X}mOmyTQmHi$=@<cCv@!+=h%t@xPo?#v#jS~Y`ms>38b4yhmUi~|M
zSlTzN$|x(lN8>W#bX@LqS(8v-)_gMnXh$&83P!H$hYIgh?|>HM%8a)2ZVrpG2HbZE
z9v&14E2LETUJ39t>vJSz<_<+#&{afFw+psTg40|Q6V@(@m8PUox63>fF!iiOj>7l)
zH>G^GOw;kXBZ;_~0nam#NKPp4P~2!zZJoUKYL5|o9Lq|y1`3i)w{1ZblujiF3b#|9
z&t(B3pQPj{Eeo~_{`sYkFthx6J@KRzls0!nS%t15{)uu<0qn?SI+&HHNa_?w8PkZ~
zp75YyqULO|ADpjh=}co`KTw>}J%644y;+PlBy$xm*FW?ohW|!!yY>n@(MXBwgMJ&9
z!qOXinHv@F(Lufshc~qUbZm7862(A>fB5HEG@Y(*^FAXsJW|8Howtx$w&zJxK~`>_
z(}{`(GgKnBR4ipH3z;r%z1T>HaHN@ZZ29Z;2mO)Eq^eGR2fWe}C*q=!MFJhk@#z9a
zd2}=k$Bm_t%twj1y}E`|f5QbEx_hmaqh@%b5)RBw3?-Pla^-KlPY?E3(Al1X=AP$A
zn_ZzeT18*_+dug)4o$LPCoKyC46Vr-dTw6TcwF9Jynkl_WOJ%q_Udz91)UR8V?1Ny
z*|07__YiRkU<!TGU9!U07*15_Bx9))Qj0H`+CPRT_9M;dQ_cIN-d;@Tzeo8vMTvLk
zeeUO$#GRAinC@67W2Us2fC}?B0?n80;ipl&?0U#jt7_3o;-)idEc5q+Uxzg9rV}Va
zwhe*2$gv47x;3+_-hYW%rLy>OX_9Aj)f_ft(nGS>qIJ=)Z&9nRmrI=t47!dToYH83
z&R6yC1Zq<lT@^{(YGItJR>k%zi1L|peYP+~o0I^QB1d+`Y69p;5SRyHK%`{Ho5Viq
zrX=8Ir(7Q_t*I`LcJz#*-W551`SUV2`km`aF}A);t?^~n0x?NU-PZo?H}Sx&1crF!
zO+RWZP6M8}cgzTTRQ~TjGLlVIx9F)RYE(U{zjIL~M&3rYXYR!R*8Z2?#Q>PrBi^|t
zbr8Q|Dp>gi$nFOz==04(oWGhvgSoOyeL>Myb@8++tWfBbtTh1HnaK*?6&B0zkBZ(K
zN8wF!FR^}wcu%J{+%WTe<NV$O7qdJn)Spp(`{=#S=bYL2Y-G_b_vXC(#hITCPe8Yp
zlpW%QW0#7&i%q{*^b1#&a;60KVG4~!9<PR)@a7bpH9-)Z)4AQUYgE<z!PYU$*wLWE
z<=b)@TyfJG7PzYpTMIS5JgMSM{%?P67V~nX*256TVI`!X)x*rTa}?546|W~x&j8%W
zIO13mqkoR^0s@rFS-Bn0w|_l@gby<t8mlQ&+!CdjtNzWD>qWoka?HZ*Q&|hF=<#n4
zj7vdTCPRS+qfs+SkT)Tm2d1!%`)tW-uSrD|N9onrzt+XY*{&%v1UN^++jtM!59ffc
z8PVzOhZPSz^ZZ$5k3!YxJB_Hc1y<kNRaE4U5t-ac5D?dy6X*puDP9y}(I+CIMxs~w
zUYT6DV$b-8^_!3+7wTuAT$I4k!_pVrMd^)Pkwih$Gn&ig&obGAO5N?{=BeUUl6%bh
zy#m8OKIA@O|4vIV=eL)iWDSSm6khzG?b>>p$*KKjqLc_YDvuN&ibk~l4=*Pt;HMg|
zulVlHFvx+FwKjp9A@crC(}`18wv?|eoym*dm5<>?V&}p_YVSyqo0HDn;M-FwEx*6H
ztR09s;o-(Z8yhqiiW*_T7+(>bEAs3pDRjx}v&9j$a*efeevB}Np^xil`WfHP$yYEQ
zt3HjNos0CcJWfRO9(k&)By{VF<os99<lRuhQ_g8Vq4X3jsN4E<F*ZNdxfYF<)5^M?
z4s+BHrz|;JFhr{#bp1XW{k;>5#XDf6Iu=BIUO)DayK$^R_U$%iY9C9kC93v^Q>{;X
zd1*p6M5)xwDxk!@6V-@;tK5#XDaAsDAaz|=cJa*_)s@D%Mm!CRL)mkfys{_SP88{)
zk!3I50F8`Njs4=Zc9g@NE-7eTQlm68nz`5ZQhIa8NWFL@`=m_-cnLee)!)*!CjtVI
zyxMTU8*rg{ixr*SV)qd+Wh^yTaO~6kRakrrP7_y0=l--g&&sWMwyg08T0M~Ob@+2t
zH#tzd6(KSf%Jt5~8<g1cTwdoDG<#GX7=ez+Bd8>=gYK3VvN^CxI*-F~_wzs`J}MNL
zyCf$HYvjUPb63=>0QufHL?!4K-wBe7yl*cL%>;eQ?F}0+z=yf^Hj1n3YS6d7vL>*6
z8caW<W``S|dcnaG%Cj?HQ>mkifPzlQo5k|m^lRtkI*LlkKl~WN<_Olm(F=VA7(=qy
zcnHE115a<#q&&~%s$RN=VeH6_WGa`87pDk-$anShKAS-%n}ML+fFQg98&LlGiB_a9
zm`NA5L>`|T<+ooh^6Q%TD}-+n3o8#bG~%*8{~=V$2JM28X?a_njb4AFDpoKLc+*g)
zPTwTy879C^O>NRlTMR9Ji9=Zn0ela_J(71ZIKs1Z@Q4LP<la3?->kD7kS(uEMY_sm
z0%m!@b?aoG6dNdCy~%#9fMW8*T#*Lnvwvl5|AU+Iir`%>%@2dw(3LfO$N8yx(xgvD
z!ek|B{PwgUO+hcE@u-|MFd41MZ;p|DC2L@r;{w*?=UCwG+p6hmZO+1XU8}m!bu?W0
ziv_n&#U~MeoHnEl8P(UA^@>!tdK$@%kO#rDe=$efkBHktQrZbi3&e%%B%AX>D%{5Y
z#N3+P5HwL28{sZe_6_*_lpF<flCPD93@FBnHx)Q0)zbcm%58d+PJ=SiR^u7=@!f7F
z#`7V9^^9$UK2LCObS)Rr7D)Q79%j2GVzcY#1+Z8Y6s5M42FRgH*x82Cethq8V()!6
zb$LV_VF8*yU!K^Tf=aMHRi@;cu8-?kgQTvL{WD}4P0M1_Ty&XK{JZrJQP$XmyCkAc
zFDxvsr+_F5h!~vkwI24r#}`!g^a@?|%nEg6e|)I+<SVk!w69by9XHiG@SdwLN-8Q?
z_bQlt6k@H>a!ju6I#!nfU56E-KHSSZU6Be;7y$^?4l4Z$Ap4I}3OG-Wq*G>$xJ#BM
z*SY{(^}>qA>qH4v3Y|Z*#0;?k!_kw-ux!L_xwLhsjsD+tC<7ZUq)lyRX*mQhTxh};
zSNXj4yNJuMB14HFc^70iz|EZW?B}%web1PxYFt0`jdv=TRwP_eT%-$Ddq063V1h#;
zN7^mQmm1x$AYkf!JX|Mp$!Qu2@qUS)w*$w8g^InyMxcR;{zYgLMJXPT_|D)A4|VZa
zG>Ay~Ph<gG)afCmSgtg3<y8j$upwJZbFZ}U3VZ>jqI>?=P#QC;Px2Yih!>b$ajIY&
zALgFa|9gtT>5#6m+{RQis;YA)UO4v@UqJIpK>L0Ta)eVQT|HIc+7po~X(nvTn9(fl
z@=M&JQu_V1d@t5>s+vX<7WraDd34b@mLid9O+FnhL)ZUht1@4?Cal3sZ4bIq!N1Gb
zm3;hp9*C5lkCQrU(ump=ZK9yeVne+GoJ+N!a5PbGG@Dg0$>!~fB=VINB{4*kfp3DM
zqOJzQzrhw(Z8{VojBYX~a4!`J35q|eTNR9)t{iA?BZ>Z%2jacOO&3N6WzwM2{tTZ>
z`})Nc%!J`i+{&@P&X?QDy?weanfrnI-J&kehbxxiTgmbo<Da^*1@%rR`zm%PnTqk#
ztX#h5IiKI+7Al6t>5(YV7H@PNZuFfX(~{qE4gSexTj$A*lTgbmzt)ElP1~ddUG$3Z
za=?XdN7&;*qRH5Bnj5SbqRokjK6dN1@j&eHjzOtggr|OmlAkRO9W_+qNZ@j0#{o1h
zcJgcRFXpkWGqmWnlxRGHaVpu0ZMZ^Yir0JMlrU9b>GBJcHI9^ePn>PjL;OHc=q>Y*
z<g{P)odn6Qc*IbMA3$HPU9}_^%f4l*y4RjE<q;`yO1|elUA8y`_~+LJ&RBM|&|n;C
zki(HhcslNP^>ifQmBi+SV(ea2?(s7mp4Dohs9xpB0b%28AI^)}CZ>KAhV@L~aID*N
zZ3^nI6iqy3BmK5&WV&-PLoN}}qfE8*iRv81QhW0szawEFNeBwC^~S%b=eW?RWRo*t
z`r(%X(GSVKeQ}GdQ~S$h9*o)4=kXHLRjy5&n<}*i4}&L>I_{_1Tt&wKEq+qIyy^lO
zlD%PHv5}hZ9nmU`M7(GsB)ebdA!1$y<-~-UP|oy4^)UU-x;%8*@7!NCl>OIKvC8zr
zHF0mv;!SLl;Kv@x5)-(_SF3j0{>v!8v;AD2+%lnfmm)b7_m^`uQY{zm|0TtxnYE*C
zK<?)4C*0~UGGq1wl?-Ds!hAkGg*<LyuWgcyZE@cW%DS*l;gp_3Y$q%6_cMHR)Z<xi
zl>qcAk)1Q5Dye5K9te$5aMj2pF+j=mN<kyOnNZt_=w^?>lorF8`0rw`8pmf)y12if
zBoZ`@f4Zrq87CI-{W^2ZaVFX@k-H?HM<#dCGdTSV6upSph>nl%jNMyTwnM`Q!hXBM
zic*a*^N;3QJ==3}3EDrT{f=X4Ime-^SyT0NWX~2#%C_ek0_vHk#S}HgDT@^>>s-#;
zm#tGHKac<8AP^Gt_1^g>(<G~xk0V~Urewoemq140%{HukU1%|V|E(yYj*{UXo|Kyj
zie>mYEBEcmX^@*RaXGk3oZoWegoTwCmx{9NHXWl|6_#3VIy4F$pAXiZvO8vbljDdR
zbM}a9%3v%0AE+n#Lq?pnCS&#=Yg6U)y3z_8YAoT<+wqiZTJ?IVLK9uZFnJ$}l<@Ab
zUr|g=aTHG0a7%r81FyM{Kv7=y*KmwgR#}AnC;bn9-wuE5MNCF5sBd4su+*wR`VWA{
z9&`ikAh@f-ux)B=Z;1h9ze&b8?&?lUd$MWf{Rw$k0HR@@BOaBpKtC_oU;6pvE!0OT
zV5EZXos8N2akH|*`l)%C@<Mn~pPkeGg+Y*6$OTa6VKZO+Se+SGP<VsWu`nb*_;Mn+
z+fdKGm`@`fs<80kctEPt!D7lm(rNwA<oNV;KA$?X3?R&3ypFi|;j#}{IVq9y1~=v0
zmQDl-3Ol=Shs5an!#g8RQ6O8{gMTaY1yd>B*M-`{vCP8>8U?#%Y%P>f7+mLzz;1+P
zHqk?Qg03h<fP3O0RNcbayJs(UScrF8Dx<zUC$K7d<?A`=Je>OB1oHxe@0|X@YIKh~
zI-z4m9o=a#uKBabX<^pz(qrI@hYY1_+i!881r1MVT7ld?DL+dmUjrMt!tvK8Wh4HF
z3qH1vtqTJ-4719mloo?BWB5bMx)jFEt^63w8R2zJb<X&9GdxSyT5@ZSAmO!Y@bE%I
z4(GCsK;roAC;Os&gh*N>oBryURsyGGVfV%=MJl`^V{A7>T8;cg=Y)eX1%g-cyrW@I
zeAKiylI>lqu@9PjVZwUegJ8vQV^QZOl4_kE(O%>79NGcjR&TV+G1leLx6#*N<E|^%
zjbEsPm6BafG*znJj)P0Skft1oi8m3SXYK8eL=+3_5_!D}#IL(unaJiOb9mFv7EE_p
zR?yxkWyRXP|N3T((s@-KPMq>ZT{##)9mijc2f9r$!%i#^ZeS*FNa|`4#ngfpdAIk6
zCAL-6Lp0u?jfNreiq03-_k}zaPl4XXvo|pd{DX2A*_jPCH16dx1la1fEX1D$kJm#9
zW|2fIvu6-y%(lP=)AAZCr5&{-J!ksXA1JG9e686JFOfs*t5ocqfLBJ^rk$Yp63#|>
zyI`>zfH8Ly1Jm>x!C!<Y>pef~Djt@TL{loGcae@w8zTqy7)&&LLHR}6F9@=wtDy+o
zap^NuVBV-u3Aw&h(zx&%{I`bjao(}#1~_iVo4ICx;9v1$s#GzJ2PBj7*U8zFeAmnq
zG)zWcq1NPGHpa_pieFx1p)a7*3*{iR#pDdb$VZqJ>X(?5XGN0vWs7p(5B;<eH1RSh
zo}a&+95G4-FuUoMweud~3bE~ThVB;dc9|)MjzX%ocPvH@qek-dOANhwOD*n*Uls-`
z<>{+bE0vKr{lBTPBUsu%pHfd-QVHh80WaC`=Cm*~rAHL%+bZjX&htPnf?(|Oy*zyg
zX49%dZ=5>VAKq)+kU*}*uc$u$mahf>3{+I^`Mnd%VO>ntz`>t&tdZL*x{Bz~wfnwO
zV6hMLXiVW%ZCs1Mg3-@5%(v6oHu`~nQlaZT`gjK61B<oPi>e2;j$e4R?`F~TWaOa)
z3>-CYNWE9@DG|CqtBOFRUS!wTXGh(;&mkTp-m;dF2(c2fALYHeI<)gCN@L|-Z`EqM
zlOMs6B$)b_IH!``Qap@6X7g0*#zEEDPfVe3IqYLLk=8c>(R8Tc=vF7p7vUJ8YIR)x
zg{K(+(ix66#55=OjSTihyw6`BmZr#o7@&r!lgd0X5Zauib?%G*t=``#^N3wI%#4xj
z9SAoL`^A|M>}&99Nh@G`bK3Z^LZdL(V|-a8ZgHu?o81k39OqU3eT6tSaYUTjSOj+u
z31mLbuShWH>3foKWLFxy!wzUjpcw66n9tDz*ut~UH<%>P`5ui46&LiQ=$(7hu9ISX
zC{X&rB<1Z%2!M8P4h`%%#nm}y#E@FQCsm*Jg%(e_bA->el*%Hm#clwA_7AW@JhPg=
zt+3zxFE0I$YUy@;b3O0KEgicL(#Cpj4p@1Ia!JU%gXm6!cR?O^G$XeI->#bn%c!_2
z*h-_r*dn9(`kGi79^X3lZ()P97KUqgiP75~i}lN$fS@Kzh-SUl+atHVd*57#d$K13
zC;;N=@))0RHPAKu+L~;P(+TVl@{b?OZ2?(l`o!c^sc)7EPFT2T3PMFeSu}++w(<FH
zq-t(u9W3RI5Wyn*NP;iF>(Fh!j-Vae6{(3mi%II(!m6s4buzi8@11Y%nDczyrfF!)
z=~eIo6{!78J~<D6<358Y;hQ@8T$Bm>sijH9x9;Hke(H5RGxdX0W^QzHIl)`s+z^+N
zf%!8Zm&{ZN0RHtv!dDFFk1_4B@*5=~f%xnL&-+kxOlQH(3nVb`oRsuCVZ^PF7$y_R
znG`?M{GfnHXyQ+Yi5vA)z(cxF+c*KmJk6Sf1IX5-B;`FpCKa(@6+$|Uu>Or}*1*<f
zQBSXZ1p203S!M&S7*Z;)0}Du_lI^2`JAtdyk-fE%3k7%W-#QnUOhv@6BYX4Gx?#^A
zd20Hp?_EGFfS>R+5;^%Yoh2c5#qob(=zsJ`DZIQAnCZ%D;ZjI0Fe1tQyIGn7y$^SL
zfj*+AKA+AQvp+wMKHt{#;_f&+B!~!Y_D|I|%i66<lg3}$*Rtz98b@r@n?u`Dr;b)2
z7`FH)wx(<a*Z*!6Q(FwIZ!)TLmb<1GjR@vW7*+|CDZMRK8+%-lqaS^1?6<cO?0FxF
zu6BLvk#fP6)^#NUtKn7QI6)JF4qJq#1ZmqO>0U`PMqWDhb?@iOHTfVPeW0_9M(2lL
z3Gyt3xa<rY_!UB0JMl4iS}CFxB&cA)_zhod!d;Rwvr5E)#I_HQ{(;h!LiIdr5}$Z=
zF>iJ(a2JILy7WF&PSBZp`W(d{YmTs*+RK|Q&;jVrn}LT28dKZvEp4$sszvjEfdCyW
zq3ZAm=Xq06CArA@TA*V?6+)ZKkx@_fjZ;z>&&QAV-5@k(kCrrs`_e&Jj;Y0{6vL=X
z9P$~SpoQ2NX}FOEr;=!QlaHMb|8NB|Zze%kDdUU~bm$ifSjK@IQc1r<@o;Z2Gr5Xm
z%^VLgK&jeek3!W;JMhr8#7S};w6v`x0<3YW%@DXNheM@MfwaS@euy9puj|W-!$<Sf
zcf0QjvzKO4sSv1|z&bnrO~w1~M3Yf+y08+(_XZxY75$F9n5{jKVZl0|B5=Xo(HqFa
zHj~=;4N0}AHm;*bl=X~eI$xMa=bx%vJEDFTAm?;HZ%o1V1(vbw4NkcTq*gZJcav)w
zx!=6Ft665|l-pL7O~@>_1?3NBW$ku|#3Y%mr7K&O_Lpm0ykyd<s=tWFE|(Te0VT-Q
zQRw;#Rt;idk0xSR`jL$<8e&Kx&)tV@#)*JGRPe7cm6DgYyjByBYdO}YFt8oVoM-mp
z-DkBkyfyhJUz3=JEjD=<=%z<XZIw4D3L=o;CwWs~CKS}8ldu8&(@_vq{cOfXc4+!*
zdlnONJN=tB4zeEmy4zja<22qA7!u5Ay{^c^@PbGw$mjbmB=F#bXdDj^CKtV6(T3#B
z1ee9AdD|o9;eNh@Vz6O-g6K=}PFkJEc4j%3f(i3Y^v8inL>H|RNDXb?s34!M{CW?(
zowBV<h;Jiv$8;r!_Kyz5gzO2r=->#&?m!cTe{LBM5uVQ0e?t7)Iy6L~Vezh~rNmjK
z6EjA|jk=S@UGW~qdSpMn8_w8zCiDDJ%?-YxygBf7%;`)C*B)K`{;^U-kLT{~xckd=
zq<Co>HTa*f@ZLZPXj|DL^-k$2lg?8~V}ek&y8-uAv5yh$E2@Hu$SNr1T!PM+6y9*w
z(GVD`>E@d60&k)Xl*$&YnazCA<su$ztgAWGFJM*xMHoTgZPR*EA=s9rhFdz|!EeU)
zQXDj;e&?4nJQ^$->gU8Ma2WUxTcD@7S|ze1@b7^}Xh49@sAL9iq-V`Du6lD-<-kmc
z%P2KvNxzu~CZdB$Tbl7bJF{Lmxh^^@BMN(JUurK`J27r$^bnHcBh*vHBKHaFZ*tf7
zd?pXH#0a4^(7WLONcL{-dxOA)g8WMRZd`?ggZ@t=`2ZU7@IQ^_Nf^i(@c)YP;2=-_
zD~f`Ll>h%l+X#@n@L#<&{c<Fd5t7LeAvylrRTmKw5Bx3p4<aPVkN;fGCv>3#r9*(t
zTcd#izH-d}&*tMh1Q)*phfAj*4Gw_;`Tt5khX5n}KfS+>KHwe&$>2zk%>PxJeukXB
z3ke2Bgar1#)DrC`D<MHr{MQ)|BuG3>&O-<=H!DU*r$1IEjtp+rR{z^#v-nw9&zA)(
z2rw|j|6x)13<6Bg!Nkguk>Nl4|8-;X<(GO$+H;6xWMoME{~Dx2{*rwDgGiP_hNL9^
l&+`}V;As$ngMsNofq|j_59MbU5Xo`KkYq5tS6_y~{y)x9TPXkl

diff --git a/workbooks/alz_checklist.en_network_counters.json b/workbooks/alz_checklist.en_network_counters.json
index 46f7d9e72..a20a4be38 100644
--- a/workbooks/alz_checklist.en_network_counters.json
+++ b/workbooks/alz_checklist.en_network_counters.json
@@ -777,7 +777,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}"
+                                    "resultVal": "{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}"
                                 }
                             }
                         ]
@@ -796,7 +796,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}"
+                                    "resultVal": "{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}"
                                 }
                             }
                         ]
@@ -834,7 +834,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query24Stats:$.Success}"
+                                    "resultVal": "{Query4Stats:$.Success}+{Query5Stats:$.Success}"
                                 }
                             }
                         ]
@@ -853,7 +853,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query24Stats:$.Total}"
+                                    "resultVal": "{Query4Stats:$.Total}+{Query5Stats:$.Total}"
                                 }
                             }
                         ]
@@ -891,7 +891,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query6Stats:$.Success}"
+                                    "resultVal": "{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}"
                                 }
                             }
                         ]
@@ -910,7 +910,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query6Stats:$.Total}"
+                                    "resultVal": "{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}"
                                 }
                             }
                         ]
@@ -948,7 +948,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}"
+                                    "resultVal": "{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}"
                                 }
                             }
                         ]
@@ -967,7 +967,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}"
+                                    "resultVal": "{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}"
                                 }
                             }
                         ]
@@ -1005,7 +1005,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}"
+                                    "resultVal": "{Query24Stats:$.Success}"
                                 }
                             }
                         ]
@@ -1024,7 +1024,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}"
+                                    "resultVal": "{Query24Stats:$.Total}"
                                 }
                             }
                         ]
@@ -1062,7 +1062,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}"
+                                    "resultVal": "{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}"
                                 }
                             }
                         ]
@@ -1081,7 +1081,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}"
+                                    "resultVal": "{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}"
                                 }
                             }
                         ]
@@ -1119,7 +1119,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query4Stats:$.Success}+{Query5Stats:$.Success}"
+                                    "resultVal": "{Query6Stats:$.Success}"
                                 }
                             }
                         ]
@@ -1138,7 +1138,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query4Stats:$.Total}+{Query5Stats:$.Total}"
+                                    "resultVal": "{Query6Stats:$.Total}"
                                 }
                             }
                         ]
@@ -1233,7 +1233,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query24Stats:$.Total}+{Query6Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}+{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query20Stats:$.Total}"
+                                    "resultVal": "{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}+{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}+{Query24Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query6Stats:$.Total}+{Query20Stats:$.Total}"
                                 }
                             }
                         ]
@@ -1252,7 +1252,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query24Stats:$.Success}+{Query6Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}+{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query20Stats:$.Success}"
+                                    "resultVal": "{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}+{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}+{Query24Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query6Stats:$.Success}+{Query20Stats:$.Success}"
                                 }
                             }
                         ]
@@ -1326,70 +1326,70 @@
                 "style": "tabs",
                 "links": [
                     {
-                        "id": "f75f8d7f-5d09-4f91-a404-46927ad56971",
+                        "id": "02aa6311-8ba2-43ea-a75d-eb15de71b18a",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hub and spoke ({Tab0Success:value}/{Tab0Total:value})",
+                        "linkLabel": "Firewall ({Tab0Success:value}/{Tab0Total:value})",
                         "subTarget": "tab0",
-                        "preText": "Hub and spoke",
+                        "preText": "Firewall",
                         "style": "primary"
                     },
                     {
-                        "id": "3bfd864a-a233-4879-a2e0-cf93a2314784",
+                        "id": "595adca4-994f-4ce4-85c4-0858ce5f7fae",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Virtual WAN ({Tab1Success:value}/{Tab1Total:value})",
+                        "linkLabel": "IP plan ({Tab1Success:value}/{Tab1Total:value})",
                         "subTarget": "tab1",
-                        "preText": "Virtual WAN",
+                        "preText": "IP plan",
                         "style": "primary"
                     },
                     {
-                        "id": "5066dfc2-29a4-4cd6-bc73-c42375f5202e",
+                        "id": "b35d7a26-c224-469d-a743-16ed3848552b",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Internet ({Tab2Success:value}/{Tab2Total:value})",
+                        "linkLabel": "Hub and spoke ({Tab2Success:value}/{Tab2Total:value})",
                         "subTarget": "tab2",
-                        "preText": "Internet",
+                        "preText": "Hub and spoke",
                         "style": "primary"
                     },
                     {
-                        "id": "d5f37c45-5b55-4f28-b2f5-a8875ca0ae3e",
+                        "id": "2682b5dc-9340-44c9-829b-dface0f1c611",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Firewall ({Tab3Success:value}/{Tab3Total:value})",
+                        "linkLabel": "Segmentation ({Tab3Success:value}/{Tab3Total:value})",
                         "subTarget": "tab3",
-                        "preText": "Firewall",
+                        "preText": "Segmentation",
                         "style": "primary"
                     },
                     {
-                        "id": "01b600ce-86dc-4e27-a3cb-91233288117f",
+                        "id": "a8fe010a-0e38-4f2d-b893-a22de17ac068",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hybrid ({Tab4Success:value}/{Tab4Total:value})",
+                        "linkLabel": "Virtual WAN ({Tab4Success:value}/{Tab4Total:value})",
                         "subTarget": "tab4",
-                        "preText": "Hybrid",
+                        "preText": "Virtual WAN",
                         "style": "primary"
                     },
                     {
-                        "id": "bdbbe1a8-2d25-4b5a-8c2d-ac374051534a",
+                        "id": "0f9bc02a-8df6-4932-9d48-996c7f099d13",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Segmentation ({Tab5Success:value}/{Tab5Total:value})",
+                        "linkLabel": "Hybrid ({Tab5Success:value}/{Tab5Total:value})",
                         "subTarget": "tab5",
-                        "preText": "Segmentation",
+                        "preText": "Hybrid",
                         "style": "primary"
                     },
                     {
-                        "id": "d0c3b52b-e070-4729-8990-1f2cf6464ad8",
+                        "id": "6dfe377f-8cf9-4bdf-8dec-aba2532fead6",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "IP plan ({Tab6Success:value}/{Tab6Total:value})",
+                        "linkLabel": "Internet ({Tab6Success:value}/{Tab6Total:value})",
                         "subTarget": "tab6",
-                        "preText": "IP plan",
+                        "preText": "Internet",
                         "style": "primary"
                     },
                     {
-                        "id": "13c80d9c-4286-4014-9be5-84d919d27e03",
+                        "id": "147aa5de-4935-4674-8e54-3f524aebac9f",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "PaaS ({Tab7Success:value}/{Tab7Total:value})",
@@ -1410,22 +1410,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Hub and spoke"
+                            "json": "## Firewall"
                         },
                         "name": "tab0title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information."
+                            "json": "Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext0"
+                        "name": "querytext14"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1474,20 +1474,20 @@
                                 ]
                             }
                         },
-                        "name": "query0"
+                        "name": "query14"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
+                            "json": "Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
-                        "name": "querytext1"
+                        "name": "querytext15"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1536,20 +1536,20 @@
                                 ]
                             }
                         },
-                        "name": "query1"
+                        "name": "query15"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
+                            "json": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information."
                         },
-                        "name": "querytext2"
+                        "name": "querytext16"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1598,20 +1598,20 @@
                                 ]
                             }
                         },
-                        "name": "query2"
+                        "name": "query16"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information."
+                            "json": "Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
-                        "name": "querytext3"
+                        "name": "querytext17"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1660,42 +1660,20 @@
                                 ]
                             }
                         },
-                        "name": "query3"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab0"
-            },
-            "name": "tab0"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Virtual WAN"
-                        },
-                        "name": "tab1title"
+                        "name": "query17"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
+                            "json": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information."
                         },
-                        "name": "querytext24"
+                        "name": "querytext18"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1744,16 +1722,16 @@
                                 ]
                             }
                         },
-                        "name": "query24"
+                        "name": "query18"
                     }
                 ]
             },
             "conditionalVisibility": {
                 "parameterName": "VisibleTab",
                 "comparison": "isEqualTo",
-                "value": "tab1"
+                "value": "tab0"
             },
-            "name": "tab1"
+            "name": "tab0"
         },
         {
             "type": 12,
@@ -1764,22 +1742,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Internet"
+                            "json": "## IP plan"
                         },
-                        "name": "tab2title"
+                        "name": "tab1title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information."
+                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext6"
+                        "name": "querytext4"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1828,42 +1806,20 @@
                                 ]
                             }
                         },
-                        "name": "query6"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab2"
-            },
-            "name": "tab2"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Firewall"
-                        },
-                        "name": "tab3title"
+                        "name": "query4"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information."
+                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext14"
+                        "name": "querytext5"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1912,20 +1868,42 @@
                                 ]
                             }
                         },
-                        "name": "query14"
+                        "name": "query5"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab1"
+            },
+            "name": "tab1"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Hub and spoke"
+                        },
+                        "name": "tab2title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information."
+                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this."
                         },
-                        "name": "querytext15"
+                        "name": "querytext0"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1974,20 +1952,20 @@
                                 ]
                             }
                         },
-                        "name": "query15"
+                        "name": "query0"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information."
+                            "json": "If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
-                        "name": "querytext16"
+                        "name": "querytext1"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2036,20 +2014,20 @@
                                 ]
                             }
                         },
-                        "name": "query16"
+                        "name": "query1"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information."
+                            "json": "Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
-                        "name": "querytext17"
+                        "name": "querytext2"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2098,20 +2076,20 @@
                                 ]
                             }
                         },
-                        "name": "query17"
+                        "name": "query2"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information."
+                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
-                        "name": "querytext18"
+                        "name": "querytext3"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2160,16 +2138,16 @@
                                 ]
                             }
                         },
-                        "name": "query18"
+                        "name": "query3"
                     }
                 ]
             },
             "conditionalVisibility": {
                 "parameterName": "VisibleTab",
                 "comparison": "isEqualTo",
-                "value": "tab3"
+                "value": "tab2"
             },
-            "name": "tab3"
+            "name": "tab2"
         },
         {
             "type": 12,
@@ -2180,22 +2158,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Hybrid"
+                            "json": "## Segmentation"
                         },
-                        "name": "tab4title"
+                        "name": "tab3title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
-                        "name": "querytext7"
+                        "name": "querytext19"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2244,20 +2222,20 @@
                                 ]
                             }
                         },
-                        "name": "query7"
+                        "name": "query19"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information."
+                            "json": "Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information."
                         },
-                        "name": "querytext8"
+                        "name": "querytext21"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2306,20 +2284,20 @@
                                 ]
                             }
                         },
-                        "name": "query8"
+                        "name": "query21"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information."
+                            "json": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information."
                         },
-                        "name": "querytext9"
+                        "name": "querytext22"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2368,20 +2346,20 @@
                                 ]
                             }
                         },
-                        "name": "query9"
+                        "name": "query22"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this."
                         },
-                        "name": "querytext10"
+                        "name": "querytext23"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2430,20 +2408,42 @@
                                 ]
                             }
                         },
-                        "name": "query10"
+                        "name": "query23"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab3"
+            },
+            "name": "tab3"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Virtual WAN"
+                        },
+                        "name": "tab4title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
+                            "json": "For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext11"
+                        "name": "querytext24"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2492,20 +2492,42 @@
                                 ]
                             }
                         },
-                        "name": "query11"
+                        "name": "query24"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab4"
+            },
+            "name": "tab4"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Hybrid"
+                        },
+                        "name": "tab5title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext12"
+                        "name": "querytext7"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2554,20 +2576,20 @@
                                 ]
                             }
                         },
-                        "name": "query12"
+                        "name": "query7"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information."
+                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext13"
+                        "name": "querytext8"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2616,42 +2638,20 @@
                                 ]
                             }
                         },
-                        "name": "query13"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab4"
-            },
-            "name": "tab4"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Segmentation"
-                        },
-                        "name": "tab5title"
+                        "name": "query8"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information."
+                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext19"
+                        "name": "querytext9"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2700,20 +2700,20 @@
                                 ]
                             }
                         },
-                        "name": "query19"
+                        "name": "query9"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information."
+                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext21"
+                        "name": "querytext10"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2762,20 +2762,20 @@
                                 ]
                             }
                         },
-                        "name": "query21"
+                        "name": "query10"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information."
+                            "json": "Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
                         },
-                        "name": "querytext22"
+                        "name": "querytext11"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2824,20 +2824,20 @@
                                 ]
                             }
                         },
-                        "name": "query22"
+                        "name": "query11"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this."
+                            "json": "Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext23"
+                        "name": "querytext12"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2886,42 +2886,20 @@
                                 ]
                             }
                         },
-                        "name": "query23"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab5"
-            },
-            "name": "tab5"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## IP plan"
-                        },
-                        "name": "tab6title"
+                        "name": "query12"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                            "json": "If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information."
                         },
-                        "name": "querytext4"
+                        "name": "querytext13"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2970,20 +2948,42 @@
                                 ]
                             }
                         },
-                        "name": "query4"
+                        "name": "query13"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab5"
+            },
+            "name": "tab5"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Internet"
+                        },
+                        "name": "tab6title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this."
                         },
-                        "name": "querytext5"
+                        "name": "querytext6"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -3032,7 +3032,7 @@
                                 ]
                             }
                         },
-                        "name": "query5"
+                        "name": "query6"
                     }
                 ]
             },
diff --git a/workbooks/alz_checklist.en_network_counters_template.json b/workbooks/alz_checklist.en_network_counters_template.json
index fa1e3a91f..0dc22fbb1 100644
--- a/workbooks/alz_checklist.en_network_counters_template.json
+++ b/workbooks/alz_checklist.en_network_counters_template.json
@@ -41,7 +41,7 @@
             "dependsOn": [],
             "properties": {
                 "displayName": "[parameters('workbookDisplayName')]",
-                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"crossComponentResources\": [\n                    \"value::all\"\n                ],\n                \"parameters\": [\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query12Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query12FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query12Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query13Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation))| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query13FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query13Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query14Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query14FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query14Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query15Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query15FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query15Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query16Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query16FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query16Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query17Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query17FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query17Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query18Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query18FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query18Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query19Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query19FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query19Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query20Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query20FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query20Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query21Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query21FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query21Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query22Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query22FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query22Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query23Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query23FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query23Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query24Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query24FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query24Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query24Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query24Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query6Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query6Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab3Success}/{Tab3Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab4Success}/{Tab4Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab5Success}/{Tab5Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query4Stats:$.Success}+{Query5Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query4Stats:$.Total}+{Query5Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab6Success}/{Tab6Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab7Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query20Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab7Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query20Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab7Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab7Success}/{Tab7Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookTotal\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query24Stats:$.Total}+{Query6Stats:$.Total}+{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}+{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query20Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookSuccess\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query24Stats:$.Success}+{Query6Stats:$.Success}+{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}+{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query20Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookPercent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{WorkbookSuccess}/{WorkbookTotal})\"\n                                }\n                            }\n                        ]\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 1,\n                \"resourceType\": \"microsoft.resourcegraph/resources\"\n            },\n            \"name\": \"InvisibleParameters\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 3,\n            \"content\": {\n                \"version\": \"KqlItem/1.0\",\n                \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"WorkbookPercent\\\\\\\": \\\\\\\"{WorkbookPercent}\\\\\\\", \\\\\\\"SubTitle\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                \"size\": 4,\n                \"queryType\": 8,\n                \"visualization\": \"tiles\",\n                \"tileSettings\": {\n                    \"titleContent\": {\n                        \"columnMatch\": \"WorkbookPercent\",\n                        \"formatter\": 4,\n                        \"formatOptions\": {\n                            \"min\": 0,\n                            \"max\": 100,\n                            \"palette\": \"redGreen\"\n                        }\n                    },\n                    \"subtitleContent\": {\n                        \"columnMatch\": \"SubTitle\",\n                        \"formatter\": 1\n                    },\n                    \"showBorder\": true\n                }\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"ProgressTile\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"f75f8d7f-5d09-4f91-a404-46927ad56971\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke ({Tab0Success:value}/{Tab0Total:value})\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"3bfd864a-a233-4879-a2e0-cf93a2314784\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN ({Tab1Success:value}/{Tab1Total:value})\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"5066dfc2-29a4-4cd6-bc73-c42375f5202e\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet ({Tab2Success:value}/{Tab2Total:value})\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"d5f37c45-5b55-4f28-b2f5-a8875ca0ae3e\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Firewall ({Tab3Success:value}/{Tab3Total:value})\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"Firewall\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"01b600ce-86dc-4e27-a3cb-91233288117f\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid ({Tab4Success:value}/{Tab4Total:value})\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"bdbbe1a8-2d25-4b5a-8c2d-ac374051534a\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation ({Tab5Success:value}/{Tab5Total:value})\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"d0c3b52b-e070-4729-8990-1f2cf6464ad8\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan ({Tab6Success:value}/{Tab6Total:value})\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"13c80d9c-4286-4014-9be5-84d919d27e03\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS ({Tab7Success:value}/{Tab7Total:value})\",\n                        \"subTarget\": \"tab7\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext24\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query24\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Firewall\"\n                        },\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext23\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query23\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"name\": \"tab7title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab7\"\n            },\n            \"name\": \"tab7\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
+                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"crossComponentResources\": [\n                    \"value::all\"\n                ],\n                \"parameters\": [\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query12Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query12FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query12Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query13Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation))| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query13FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query13Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query14Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query14FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query14Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query15Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query15FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query15Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query16Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query16FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query16Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query17Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query17FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query17Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query18Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query18FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query18Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query19Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query19FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query19Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query20Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query20FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query20Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query21Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query21FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query21Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query22Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query22FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query22Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query23Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query23FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query23Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query24Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query24FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query24Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query4Stats:$.Success}+{Query5Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query4Stats:$.Total}+{Query5Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab3Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab3Success}/{Tab3Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query24Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query24Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab4Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab4Success}/{Tab4Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab5Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab5Success}/{Tab5Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query6Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query6Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab6Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab6Success}/{Tab6Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab7Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query20Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab7Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query20Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab7Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab7Success}/{Tab7Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookTotal\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}+{Query4Stats:$.Total}+{Query5Stats:$.Total}+{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}+{Query24Stats:$.Total}+{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}+{Query6Stats:$.Total}+{Query20Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookSuccess\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}+{Query4Stats:$.Success}+{Query5Stats:$.Success}+{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}+{Query24Stats:$.Success}+{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}+{Query6Stats:$.Success}+{Query20Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookPercent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{WorkbookSuccess}/{WorkbookTotal})\"\n                                }\n                            }\n                        ]\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 1,\n                \"resourceType\": \"microsoft.resourcegraph/resources\"\n            },\n            \"name\": \"InvisibleParameters\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 3,\n            \"content\": {\n                \"version\": \"KqlItem/1.0\",\n                \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"WorkbookPercent\\\\\\\": \\\\\\\"{WorkbookPercent}\\\\\\\", \\\\\\\"SubTitle\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                \"size\": 4,\n                \"queryType\": 8,\n                \"visualization\": \"tiles\",\n                \"tileSettings\": {\n                    \"titleContent\": {\n                        \"columnMatch\": \"WorkbookPercent\",\n                        \"formatter\": 4,\n                        \"formatOptions\": {\n                            \"min\": 0,\n                            \"max\": 100,\n                            \"palette\": \"redGreen\"\n                        }\n                    },\n                    \"subtitleContent\": {\n                        \"columnMatch\": \"SubTitle\",\n                        \"formatter\": 1\n                    },\n                    \"showBorder\": true\n                }\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"ProgressTile\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"02aa6311-8ba2-43ea-a75d-eb15de71b18a\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Firewall ({Tab0Success:value}/{Tab0Total:value})\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Firewall\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"595adca4-994f-4ce4-85c4-0858ce5f7fae\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan ({Tab1Success:value}/{Tab1Total:value})\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"b35d7a26-c224-469d-a743-16ed3848552b\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke ({Tab2Success:value}/{Tab2Total:value})\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"2682b5dc-9340-44c9-829b-dface0f1c611\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation ({Tab3Success:value}/{Tab3Total:value})\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"a8fe010a-0e38-4f2d-b893-a22de17ac068\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN ({Tab4Success:value}/{Tab4Total:value})\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"0f9bc02a-8df6-4932-9d48-996c7f099d13\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid ({Tab5Success:value}/{Tab5Total:value})\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"6dfe377f-8cf9-4bdf-8dec-aba2532fead6\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet ({Tab6Success:value}/{Tab6Total:value})\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"147aa5de-4935-4674-8e54-3f524aebac9f\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS ({Tab7Success:value}/{Tab7Total:value})\",\n                        \"subTarget\": \"tab7\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Firewall\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext23\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query23\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext24\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query24\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"name\": \"tab7title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab7\"\n            },\n            \"name\": \"tab7\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
                 "version": "1.0",
                 "sourceId": "[parameters('workbookSourceId')]",
                 "category": "[parameters('workbookType')]"
diff --git a/workbooks/alz_checklist.en_network_tabcounters.json b/workbooks/alz_checklist.en_network_tabcounters.json
index f5eeece20..759bd398e 100644
--- a/workbooks/alz_checklist.en_network_tabcounters.json
+++ b/workbooks/alz_checklist.en_network_tabcounters.json
@@ -70,25 +70,25 @@
                 "style": "tabs",
                 "links": [
                     {
-                        "id": "a133c15c-e49d-47cb-8b97-ffdf564e4c9d",
+                        "id": "7fa4ae01-6e28-4e40-a83d-87622bac7c8c",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "IP plan",
+                        "linkLabel": "Internet",
                         "subTarget": "tab0",
-                        "preText": "IP plan",
+                        "preText": "Internet",
                         "style": "primary"
                     },
                     {
-                        "id": "1a90fe1a-16b0-4150-a881-03106bd53197",
+                        "id": "15c25825-0033-4fe9-8636-696d760e2789",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Firewall",
+                        "linkLabel": "Hybrid",
                         "subTarget": "tab1",
-                        "preText": "Firewall",
+                        "preText": "Hybrid",
                         "style": "primary"
                     },
                     {
-                        "id": "953c4465-f7e2-49c8-8ec5-8c68c3ac24bd",
+                        "id": "08fa3598-b03d-41b0-971d-befb063f6191",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "Hub and spoke",
@@ -97,16 +97,16 @@
                         "style": "primary"
                     },
                     {
-                        "id": "2d4ade89-52f2-4c98-8b38-275f70e14b97",
+                        "id": "25d23d11-3b3c-4d71-b331-91869ac7c509",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hybrid",
+                        "linkLabel": "Firewall",
                         "subTarget": "tab3",
-                        "preText": "Hybrid",
+                        "preText": "Firewall",
                         "style": "primary"
                     },
                     {
-                        "id": "39ceaf48-7e1b-4ed8-88b5-e0c6498b19aa",
+                        "id": "e3f6794c-465e-4266-beb6-64187fc630c9",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "PaaS",
@@ -115,30 +115,30 @@
                         "style": "primary"
                     },
                     {
-                        "id": "73469dff-dff9-414c-969a-565c72c5d323",
+                        "id": "52a3f5cc-2a29-4686-9b7f-6a391edf22d3",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Segmentation",
+                        "linkLabel": "Virtual WAN",
                         "subTarget": "tab5",
-                        "preText": "Segmentation",
+                        "preText": "Virtual WAN",
                         "style": "primary"
                     },
                     {
-                        "id": "bd1779f4-ab82-479f-95b9-0b9f3a6a76bf",
+                        "id": "623cbeea-0055-429a-8db4-58a5fff1cf20",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Virtual WAN",
+                        "linkLabel": "Segmentation",
                         "subTarget": "tab6",
-                        "preText": "Virtual WAN",
+                        "preText": "Segmentation",
                         "style": "primary"
                     },
                     {
-                        "id": "2c6f8942-4bd4-48fe-b802-68d1a58b7a4e",
+                        "id": "60eec08a-97d0-4bf8-a558-c31af15406f5",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Internet",
+                        "linkLabel": "IP plan",
                         "subTarget": "tab7",
-                        "preText": "Internet",
+                        "preText": "IP plan",
                         "style": "primary"
                     }
                 ]
@@ -162,37 +162,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query4Stats",
-                                    "type": 1,
-                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query4FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query4Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query5Stats",
+                                    "name": "Query6Stats",
                                     "type": 1,
-                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -206,9 +178,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query5FullyCompliant",
+                                    "name": "Query6FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query5Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query6Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -229,7 +201,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query4Stats:$.Success}+{Query5Stats:$.Success}"
+                                                "resultVal": "{Query6Stats:$.Success}"
                                             }
                                         }
                                     ]
@@ -248,7 +220,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query4Stats:$.Total}+{Query5Stats:$.Total}"
+                                                "resultVal": "{Query6Stats:$.Total}"
                                             }
                                         }
                                     ]
@@ -282,7 +254,7 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## IP plan"
+                            "json": "## Internet"
                         },
                         "customWidth": "50",
                         "name": "tab0title"
@@ -323,77 +295,15 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
-                        },
-                        "name": "querytext4"
-                    },
-                    {
-                        "type": 3,
-                        "content": {
-                            "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
-                            "size": 4,
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources",
-                            "crossComponentResources": [
-                                "{Subscription}"
-                            ],
-                            "gridSettings": {
-                                "formatters": [
-                                    {
-                                        "columnMatch": "id",
-                                        "formatter": 0,
-                                        "numberFormat": {
-                                            "unit": 0,
-                                            "options": {
-                                                "style": "decimal"
-                                            }
-                                        }
-                                    },
-                                    {
-                                        "columnMatch": "compliant",
-                                        "formatter": 18,
-                                        "formatOptions": {
-                                            "thresholdsOptions": "icons",
-                                            "thresholdsGrid": [
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "1",
-                                                    "representation": "success",
-                                                    "text": "Success"
-                                                },
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "0",
-                                                    "representation": "failed",
-                                                    "text": "Failed"
-                                                },
-                                                {
-                                                    "operator": "Default",
-                                                    "thresholdValue": null,
-                                                    "representation": "unknown",
-                                                    "text": "Unknown"
-                                                }
-                                            ]
-                                        }
-                                    }
-                                ]
-                            }
-                        },
-                        "name": "query4"
-                    },
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this."
                         },
-                        "name": "querytext5"
+                        "name": "querytext6"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -442,7 +352,7 @@
                                 ]
                             }
                         },
-                        "name": "query5"
+                        "name": "query6"
                     }
                 ]
             },
@@ -470,9 +380,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query14Stats",
+                                    "name": "Query7Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -486,9 +396,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query14FullyCompliant",
+                                    "name": "Query7FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query14Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query7Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -498,9 +408,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query15Stats",
+                                    "name": "Query8Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -514,9 +424,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query15FullyCompliant",
+                                    "name": "Query8FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query15Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query8Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -526,9 +436,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query16Stats",
+                                    "name": "Query9Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -542,9 +452,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query16FullyCompliant",
+                                    "name": "Query9FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query16Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query9Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -554,9 +464,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query17Stats",
+                                    "name": "Query10Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -570,9 +480,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query17FullyCompliant",
+                                    "name": "Query10FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query17Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query10Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -582,9 +492,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query18Stats",
+                                    "name": "Query11Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -598,9 +508,65 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query18FullyCompliant",
+                                    "name": "Query11FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query18Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query11Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query12Stats",
+                                    "type": 1,
+                                    "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query12FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query12Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query13Stats",
+                                    "type": 1,
+                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation))| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query13FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query13Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -621,7 +587,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}"
+                                                "resultVal": "{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}"
                                             }
                                         }
                                     ]
@@ -640,7 +606,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}"
+                                                "resultVal": "{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}"
                                             }
                                         }
                                     ]
@@ -674,7 +640,7 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Firewall"
+                            "json": "## Hybrid"
                         },
                         "customWidth": "50",
                         "name": "tab1title"
@@ -715,15 +681,15 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information."
+                            "json": "Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext14"
+                        "name": "querytext7"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -772,20 +738,20 @@
                                 ]
                             }
                         },
-                        "name": "query14"
+                        "name": "query7"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information."
+                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext15"
+                        "name": "querytext8"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -834,20 +800,20 @@
                                 ]
                             }
                         },
-                        "name": "query15"
+                        "name": "query8"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information."
+                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext16"
+                        "name": "querytext9"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -896,20 +862,20 @@
                                 ]
                             }
                         },
-                        "name": "query16"
+                        "name": "query9"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information."
+                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext17"
+                        "name": "querytext10"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -958,20 +924,20 @@
                                 ]
                             }
                         },
-                        "name": "query17"
+                        "name": "query10"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information."
+                            "json": "Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
                         },
-                        "name": "querytext18"
+                        "name": "querytext11"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1020,7 +986,131 @@
                                 ]
                             }
                         },
-                        "name": "query18"
+                        "name": "query11"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                        },
+                        "name": "querytext12"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 4,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query12"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information."
+                        },
+                        "name": "querytext13"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 4,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query13"
                     }
                 ]
             },
@@ -1265,7 +1355,7 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information."
+                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this."
                         },
                         "name": "querytext0"
                     },
@@ -1327,7 +1417,7 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
+                            "json": "If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
                         "name": "querytext1"
                     },
@@ -1389,7 +1479,7 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
+                            "json": "Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
                         "name": "querytext2"
                     },
@@ -1451,7 +1541,7 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information."
+                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
                         "name": "querytext3"
                     },
@@ -1536,65 +1626,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query7Stats",
-                                    "type": 1,
-                                    "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query7FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query7Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query8Stats",
-                                    "type": 1,
-                                    "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query8FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query8Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query9Stats",
+                                    "name": "Query14Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -1608,9 +1642,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query9FullyCompliant",
+                                    "name": "Query14FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query9Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query14Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1620,9 +1654,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query10Stats",
+                                    "name": "Query15Stats",
                                     "type": 1,
-                                    "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -1636,9 +1670,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query10FullyCompliant",
+                                    "name": "Query15FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query10Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query15Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1648,9 +1682,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query11Stats",
+                                    "name": "Query16Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -1664,9 +1698,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query11FullyCompliant",
+                                    "name": "Query16FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query11Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query16Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1676,9 +1710,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query12Stats",
+                                    "name": "Query17Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -1692,9 +1726,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query12FullyCompliant",
+                                    "name": "Query17FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query12Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query17Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1704,9 +1738,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query13Stats",
+                                    "name": "Query18Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation))| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -1720,9 +1754,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query13FullyCompliant",
+                                    "name": "Query18FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query13Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query18Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -1743,7 +1777,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}"
+                                                "resultVal": "{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}"
                                             }
                                         }
                                     ]
@@ -1762,7 +1796,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}"
+                                                "resultVal": "{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}"
                                             }
                                         }
                                     ]
@@ -1796,7 +1830,7 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Hybrid"
+                            "json": "## Firewall"
                         },
                         "customWidth": "50",
                         "name": "tab3title"
@@ -1837,15 +1871,15 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext7"
+                        "name": "querytext14"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1894,20 +1928,20 @@
                                 ]
                             }
                         },
-                        "name": "query7"
+                        "name": "query14"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information."
+                            "json": "Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
-                        "name": "querytext8"
+                        "name": "querytext15"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1956,20 +1990,20 @@
                                 ]
                             }
                         },
-                        "name": "query8"
+                        "name": "query15"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information."
+                            "json": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information."
                         },
-                        "name": "querytext9"
+                        "name": "querytext16"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2018,20 +2052,20 @@
                                 ]
                             }
                         },
-                        "name": "query9"
+                        "name": "query16"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
-                        "name": "querytext10"
+                        "name": "querytext17"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2080,20 +2114,20 @@
                                 ]
                             }
                         },
-                        "name": "query10"
+                        "name": "query17"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
+                            "json": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information."
                         },
-                        "name": "querytext11"
+                        "name": "querytext18"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2142,82 +2176,176 @@
                                 ]
                             }
                         },
-                        "name": "query11"
+                        "name": "query18"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab3"
+            },
+            "name": "tab3"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 9,
+                        "content": {
+                            "version": "KqlParameterItem/1.0",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "parameters": [
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query20Stats",
+                                    "type": 1,
+                                    "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query20FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query20Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Tab4Success",
+                                    "type": 1,
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "criteriaData": [
+                                        {
+                                            "criteriaContext": {
+                                                "operator": "Default",
+                                                "resultValType": "expression",
+                                                "resultVal": "{Query20Stats:$.Success}"
+                                            }
+                                        }
+                                    ]
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Tab4Total",
+                                    "type": 1,
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "criteriaData": [
+                                        {
+                                            "criteriaContext": {
+                                                "operator": "Default",
+                                                "resultValType": "expression",
+                                                "resultVal": "{Query20Stats:$.Total}"
+                                            }
+                                        }
+                                    ]
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Tab4Percent",
+                                    "type": 1,
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "criteriaData": [
+                                        {
+                                            "criteriaContext": {
+                                                "operator": "Default",
+                                                "resultValType": "expression",
+                                                "resultVal": "round(100*{Tab4Success}/{Tab4Total})"
+                                            }
+                                        }
+                                    ]
+                                }
+                            ],
+                            "style": "pills",
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources"
+                        },
+                        "name": "TabInvisibleParameters"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "## PaaS"
                         },
-                        "name": "querytext12"
+                        "customWidth": "50",
+                        "name": "tab4title"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
-                            "size": 4,
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources",
-                            "crossComponentResources": [
-                                "{Subscription}"
-                            ],
-                            "gridSettings": {
-                                "formatters": [
-                                    {
-                                        "columnMatch": "id",
-                                        "formatter": 0,
-                                        "numberFormat": {
-                                            "unit": 0,
-                                            "options": {
-                                                "style": "decimal"
-                                            }
-                                        }
+                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab4Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
+                            "size": 3,
+                            "queryType": 8,
+                            "visualization": "tiles",
+                            "tileSettings": {
+                                "titleContent": {
+                                    "columnMatch": "Column1",
+                                    "formatter": 4,
+                                    "formatOptions": {
+                                        "min": 0,
+                                        "max": 100,
+                                        "palette": "redGreen"
                                     },
-                                    {
-                                        "columnMatch": "compliant",
-                                        "formatter": 18,
-                                        "formatOptions": {
-                                            "thresholdsOptions": "icons",
-                                            "thresholdsGrid": [
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "1",
-                                                    "representation": "success",
-                                                    "text": "Success"
-                                                },
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "0",
-                                                    "representation": "failed",
-                                                    "text": "Failed"
-                                                },
-                                                {
-                                                    "operator": "Default",
-                                                    "thresholdValue": null,
-                                                    "representation": "unknown",
-                                                    "text": "Unknown"
-                                                }
-                                            ]
+                                    "numberFormat": {
+                                        "unit": 0,
+                                        "options": {
+                                            "style": "decimal"
                                         }
                                     }
-                                ]
+                                },
+                                "subtitleContent": {
+                                    "columnMatch": "Column2"
+                                },
+                                "showBorder": true
                             }
                         },
-                        "name": "query12"
+                        "customWidth": "50",
+                        "name": "TabPercentTile"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information."
+                            "json": "Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this."
                         },
-                        "name": "querytext13"
+                        "name": "querytext20"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2266,16 +2394,16 @@
                                 ]
                             }
                         },
-                        "name": "query13"
+                        "name": "query20"
                     }
                 ]
             },
             "conditionalVisibility": {
                 "parameterName": "VisibleTab",
                 "comparison": "isEqualTo",
-                "value": "tab3"
+                "value": "tab4"
             },
-            "name": "tab3"
+            "name": "tab4"
         },
         {
             "type": 12,
@@ -2294,9 +2422,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query20Stats",
+                                    "name": "Query24Stats",
                                     "type": 1,
-                                    "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -2310,9 +2438,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query20FullyCompliant",
+                                    "name": "Query24FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query20Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query24Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -2322,7 +2450,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab4Success",
+                                    "name": "Tab5Success",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -2333,7 +2461,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query20Stats:$.Success}"
+                                                "resultVal": "{Query24Stats:$.Success}"
                                             }
                                         }
                                     ]
@@ -2341,7 +2469,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab4Total",
+                                    "name": "Tab5Total",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -2352,7 +2480,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query20Stats:$.Total}"
+                                                "resultVal": "{Query24Stats:$.Total}"
                                             }
                                         }
                                     ]
@@ -2360,7 +2488,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab4Percent",
+                                    "name": "Tab5Percent",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -2371,7 +2499,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "round(100*{Tab4Success}/{Tab4Total})"
+                                                "resultVal": "round(100*{Tab5Success}/{Tab5Total})"
                                             }
                                         }
                                     ]
@@ -2386,16 +2514,16 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## PaaS"
+                            "json": "## Virtual WAN"
                         },
                         "customWidth": "50",
-                        "name": "tab4title"
+                        "name": "tab5title"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab4Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
+                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab5Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
                             "size": 3,
                             "queryType": 8,
                             "visualization": "tiles",
@@ -2427,15 +2555,15 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this."
+                            "json": "For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext20"
+                        "name": "querytext24"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -2484,16 +2612,16 @@
                                 ]
                             }
                         },
-                        "name": "query20"
+                        "name": "query24"
                     }
                 ]
             },
             "conditionalVisibility": {
                 "parameterName": "VisibleTab",
                 "comparison": "isEqualTo",
-                "value": "tab4"
+                "value": "tab5"
             },
-            "name": "tab4"
+            "name": "tab5"
         },
         {
             "type": 12,
@@ -2624,7 +2752,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab5Success",
+                                    "name": "Tab6Success",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -2643,7 +2771,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab5Total",
+                                    "name": "Tab6Total",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -2662,7 +2790,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab5Percent",
+                                    "name": "Tab6Percent",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -2673,7 +2801,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "round(100*{Tab5Success}/{Tab5Total})"
+                                                "resultVal": "round(100*{Tab6Success}/{Tab6Total})"
                                             }
                                         }
                                     ]
@@ -2691,13 +2819,13 @@
                             "json": "## Segmentation"
                         },
                         "customWidth": "50",
-                        "name": "tab5title"
+                        "name": "tab6title"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab5Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
+                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab6Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
                             "size": 3,
                             "queryType": 8,
                             "visualization": "tiles",
@@ -2729,7 +2857,7 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information."
+                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
                         "name": "querytext19"
                     },
@@ -2979,9 +3107,9 @@
             "conditionalVisibility": {
                 "parameterName": "VisibleTab",
                 "comparison": "isEqualTo",
-                "value": "tab5"
+                "value": "tab6"
             },
-            "name": "tab5"
+            "name": "tab6"
         },
         {
             "type": 12,
@@ -3000,9 +3128,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query24Stats",
+                                    "name": "Query4Stats",
                                     "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
                                     "crossComponentResources": [
                                         "{Subscription}"
                                     ],
@@ -3016,9 +3144,9 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Query24FullyCompliant",
+                                    "name": "Query4FullyCompliant",
                                     "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query24Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query4Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
                                         "durationMs": 86400000
@@ -3028,7 +3156,35 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab6Success",
+                                    "name": "Query5Stats",
+                                    "type": 1,
+                                    "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                                    "crossComponentResources": [
+                                        "{Subscription}"
+                                    ],
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 1,
+                                    "resourceType": "microsoft.resourcegraph/resources"
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Query5FullyCompliant",
+                                    "type": 1,
+                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query5Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                                    "isHiddenWhenLocked": true,
+                                    "timeContext": {
+                                        "durationMs": 86400000
+                                    },
+                                    "queryType": 8
+                                },
+                                {
+                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                                    "version": "KqlParameterItem/1.0",
+                                    "name": "Tab7Success",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -3039,7 +3195,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query24Stats:$.Success}"
+                                                "resultVal": "{Query4Stats:$.Success}+{Query5Stats:$.Success}"
                                             }
                                         }
                                     ]
@@ -3047,7 +3203,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab6Total",
+                                    "name": "Tab7Total",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -3058,7 +3214,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "{Query24Stats:$.Total}"
+                                                "resultVal": "{Query4Stats:$.Total}+{Query5Stats:$.Total}"
                                             }
                                         }
                                     ]
@@ -3066,7 +3222,7 @@
                                 {
                                     "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
                                     "version": "KqlParameterItem/1.0",
-                                    "name": "Tab6Percent",
+                                    "name": "Tab7Percent",
                                     "type": 1,
                                     "isHiddenWhenLocked": true,
                                     "timeContext": {
@@ -3077,7 +3233,7 @@
                                             "criteriaContext": {
                                                 "operator": "Default",
                                                 "resultValType": "expression",
-                                                "resultVal": "round(100*{Tab6Success}/{Tab6Total})"
+                                                "resultVal": "round(100*{Tab7Success}/{Tab7Total})"
                                             }
                                         }
                                     ]
@@ -3092,16 +3248,16 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Virtual WAN"
+                            "json": "## IP plan"
                         },
                         "customWidth": "50",
-                        "name": "tab6title"
+                        "name": "tab7title"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab6Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
+                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab7Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
                             "size": 3,
                             "queryType": 8,
                             "visualization": "tiles",
@@ -3133,15 +3289,15 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
+                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext24"
+                        "name": "querytext4"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -3190,176 +3346,20 @@
                                 ]
                             }
                         },
-                        "name": "query24"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab6"
-            },
-            "name": "tab6"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 9,
-                        "content": {
-                            "version": "KqlParameterItem/1.0",
-                            "crossComponentResources": [
-                                "{Subscription}"
-                            ],
-                            "parameters": [
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query6Stats",
-                                    "type": 1,
-                                    "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
-                                    "crossComponentResources": [
-                                        "{Subscription}"
-                                    ],
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 1,
-                                    "resourceType": "microsoft.resourcegraph/resources"
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Query6FullyCompliant",
-                                    "type": 1,
-                                    "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query6Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "queryType": 8
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Tab7Success",
-                                    "type": 1,
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "criteriaData": [
-                                        {
-                                            "criteriaContext": {
-                                                "operator": "Default",
-                                                "resultValType": "expression",
-                                                "resultVal": "{Query6Stats:$.Success}"
-                                            }
-                                        }
-                                    ]
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Tab7Total",
-                                    "type": 1,
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "criteriaData": [
-                                        {
-                                            "criteriaContext": {
-                                                "operator": "Default",
-                                                "resultValType": "expression",
-                                                "resultVal": "{Query6Stats:$.Total}"
-                                            }
-                                        }
-                                    ]
-                                },
-                                {
-                                    "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
-                                    "version": "KqlParameterItem/1.0",
-                                    "name": "Tab7Percent",
-                                    "type": 1,
-                                    "isHiddenWhenLocked": true,
-                                    "timeContext": {
-                                        "durationMs": 86400000
-                                    },
-                                    "criteriaData": [
-                                        {
-                                            "criteriaContext": {
-                                                "operator": "Default",
-                                                "resultValType": "expression",
-                                                "resultVal": "round(100*{Tab7Success}/{Tab7Total})"
-                                            }
-                                        }
-                                    ]
-                                }
-                            ],
-                            "style": "pills",
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources"
-                        },
-                        "name": "TabInvisibleParameters"
-                    },
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Internet"
-                        },
-                        "customWidth": "50",
-                        "name": "tab7title"
-                    },
-                    {
-                        "type": 3,
-                        "content": {
-                            "version": "KqlItem/1.0",
-                            "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"Column1\\\": \\\"{Tab7Percent}\\\", \\\"Column2\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
-                            "size": 3,
-                            "queryType": 8,
-                            "visualization": "tiles",
-                            "tileSettings": {
-                                "titleContent": {
-                                    "columnMatch": "Column1",
-                                    "formatter": 4,
-                                    "formatOptions": {
-                                        "min": 0,
-                                        "max": 100,
-                                        "palette": "redGreen"
-                                    },
-                                    "numberFormat": {
-                                        "unit": 0,
-                                        "options": {
-                                            "style": "decimal"
-                                        }
-                                    }
-                                },
-                                "subtitleContent": {
-                                    "columnMatch": "Column2"
-                                },
-                                "showBorder": true
-                            }
-                        },
-                        "customWidth": "50",
-                        "name": "TabPercentTile"
+                        "name": "query4"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information."
+                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext6"
+                        "name": "querytext5"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -3408,7 +3408,7 @@
                                 ]
                             }
                         },
-                        "name": "query6"
+                        "name": "query5"
                     }
                 ]
             },
diff --git a/workbooks/alz_checklist.en_network_tabcounters_template.json b/workbooks/alz_checklist.en_network_tabcounters_template.json
index 9afcd0bd5..40cf7047a 100644
--- a/workbooks/alz_checklist.en_network_tabcounters_template.json
+++ b/workbooks/alz_checklist.en_network_tabcounters_template.json
@@ -41,7 +41,7 @@
             "dependsOn": [],
             "properties": {
                 "displayName": "[parameters('workbookDisplayName')]",
-                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"a133c15c-e49d-47cb-8b97-ffdf564e4c9d\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"1a90fe1a-16b0-4150-a881-03106bd53197\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Firewall\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Firewall\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"953c4465-f7e2-49c8-8ec5-8c68c3ac24bd\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"2d4ade89-52f2-4c98-8b38-275f70e14b97\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"39ceaf48-7e1b-4ed8-88b5-e0c6498b19aa\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"73469dff-dff9-414c-969a-565c72c5d323\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"bd1779f4-ab82-479f-95b9-0b9f3a6a76bf\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"2c6f8942-4bd4-48fe-b802-68d1a58b7a4e\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet\",\n                        \"subTarget\": \"tab7\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query4Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query4FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query5Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query5FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query4Stats:$.Success}+{Query5Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query4Stats:$.Total}+{Query5Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab0Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query14Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query14FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query14Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query15Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query15FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query15Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query16Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query16FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query16Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query17Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query17FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query17Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query18Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query18FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query18Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Firewall\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab1Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query0Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query0FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query1Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query1FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query2Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query2FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query3Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query3FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab2Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query7Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query7FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query8Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query8FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query9Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query9FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query10Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query10FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query11Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query11FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query12Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query12FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query12Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query13Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation))| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query13FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query13Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab3Success}/{Tab3Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab3Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query20Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query20FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query20Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query20Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query20Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab4Success}/{Tab4Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab4Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query19Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query19FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query19Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query21Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query21FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query21Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query22Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query22FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query22Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query23Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query23FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query23Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab5Success}/{Tab5Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab5Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext23\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query23\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query24Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query24FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query24Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query24Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query24Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab6Success}/{Tab6Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab6Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext24\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query24\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query6Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query6FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab7Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query6Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab7Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query6Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab7Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab7Success}/{Tab7Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab7title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab7Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab7\"\n            },\n            \"name\": \"tab7\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
+                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"7fa4ae01-6e28-4e40-a83d-87622bac7c8c\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"15c25825-0033-4fe9-8636-696d760e2789\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"08fa3598-b03d-41b0-971d-befb063f6191\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"25d23d11-3b3c-4d71-b331-91869ac7c509\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Firewall\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"Firewall\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"e3f6794c-465e-4266-beb6-64187fc630c9\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"52a3f5cc-2a29-4686-9b7f-6a391edf22d3\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"623cbeea-0055-429a-8db4-58a5fff1cf20\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"60eec08a-97d0-4bf8-a558-c31af15406f5\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan\",\n                        \"subTarget\": \"tab7\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query6Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query6FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query6Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query6Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab0Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab0Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query7Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query7FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query8Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query8FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query9Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query9FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query10Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query10FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query11Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query11FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query12Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query12FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query12Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query13Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation))| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query13FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query13Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query7Stats:$.Success}+{Query8Stats:$.Success}+{Query9Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query12Stats:$.Success}+{Query13Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query7Stats:$.Total}+{Query8Stats:$.Total}+{Query9Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query12Stats:$.Total}+{Query13Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab1Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab1Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query0Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query0FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query1Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query1FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query2Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query2FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query3Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query3FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab2Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab2Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query14Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query14FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query14Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query15Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query15FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query15Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query16Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query16FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query16Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query17Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query17FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query17Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query18Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query18FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query18Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query14Stats:$.Success}+{Query15Stats:$.Success}+{Query16Stats:$.Success}+{Query17Stats:$.Success}+{Query18Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query14Stats:$.Total}+{Query15Stats:$.Total}+{Query16Stats:$.Total}+{Query17Stats:$.Total}+{Query18Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab3Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab3Success}/{Tab3Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Firewall\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab3Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query20Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query20FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query20Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query20Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query20Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab4Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab4Success}/{Tab4Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab4Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query24Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query24FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query24Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query24Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query24Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab5Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab5Success}/{Tab5Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab5Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext24\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query24\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query19Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query19FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query19Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query21Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query21FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query21Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query22Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query22FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query22Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query23Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900)| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query23FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query23Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query19Stats:$.Success}+{Query21Stats:$.Success}+{Query22Stats:$.Success}+{Query23Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query19Stats:$.Total}+{Query21Stats:$.Total}+{Query22Stats:$.Total}+{Query23Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab6Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab6Success}/{Tab6Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab6Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext23\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query23\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 9,\n                        \"content\": {\n                            \"version\": \"KqlParameterItem/1.0\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"parameters\": [\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query4Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query4FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query5Stats\",\n                                    \"type\": 1,\n                                    \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                                    \"crossComponentResources\": [\n                                        \"{Subscription}\"\n                                    ],\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 1,\n                                    \"resourceType\": \"microsoft.resourcegraph/resources\"\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Query5FullyCompliant\",\n                                    \"type\": 1,\n                                    \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"queryType\": 8\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab7Success\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query4Stats:$.Success}+{Query5Stats:$.Success}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab7Total\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"{Query4Stats:$.Total}+{Query5Stats:$.Total}\"\n                                            }\n                                        }\n                                    ]\n                                },\n                                {\n                                    \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                                    \"version\": \"KqlParameterItem/1.0\",\n                                    \"name\": \"Tab7Percent\",\n                                    \"type\": 1,\n                                    \"isHiddenWhenLocked\": true,\n                                    \"timeContext\": {\n                                        \"durationMs\": 86400000\n                                    },\n                                    \"criteriaData\": [\n                                        {\n                                            \"criteriaContext\": {\n                                                \"operator\": \"Default\",\n                                                \"resultValType\": \"expression\",\n                                                \"resultVal\": \"round(100*{Tab7Success}/{Tab7Total})\"\n                                            }\n                                        }\n                                    ]\n                                }\n                            ],\n                            \"style\": \"pills\",\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\"\n                        },\n                        \"name\": \"TabInvisibleParameters\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"tab7title\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"Column1\\\\\\\": \\\\\\\"{Tab7Percent}\\\\\\\", \\\\\\\"Column2\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                            \"size\": 3,\n                            \"queryType\": 8,\n                            \"visualization\": \"tiles\",\n                            \"tileSettings\": {\n                                \"titleContent\": {\n                                    \"columnMatch\": \"Column1\",\n                                    \"formatter\": 4,\n                                    \"formatOptions\": {\n                                        \"min\": 0,\n                                        \"max\": 100,\n                                        \"palette\": \"redGreen\"\n                                    },\n                                    \"numberFormat\": {\n                                        \"unit\": 0,\n                                        \"options\": {\n                                            \"style\": \"decimal\"\n                                        }\n                                    }\n                                },\n                                \"subtitleContent\": {\n                                    \"columnMatch\": \"Column2\"\n                                },\n                                \"showBorder\": true\n                            }\n                        },\n                        \"customWidth\": \"50\",\n                        \"name\": \"TabPercentTile\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab7\"\n            },\n            \"name\": \"tab7\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
                 "version": "1.0",
                 "sourceId": "[parameters('workbookSourceId')]",
                 "category": "[parameters('workbookType')]"
diff --git a/workbooks/alz_checklist.en_network_workbook.json b/workbooks/alz_checklist.en_network_workbook.json
index 3ac5b5820..ca9a8aaf7 100644
--- a/workbooks/alz_checklist.en_network_workbook.json
+++ b/workbooks/alz_checklist.en_network_workbook.json
@@ -70,34 +70,34 @@
                 "style": "tabs",
                 "links": [
                     {
-                        "id": "724a6206-8fa8-47bb-8a6f-36ad0b9602f1",
+                        "id": "87a147f8-995c-4a70-a074-7adb8e7edea5",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "PaaS",
+                        "linkLabel": "IP plan",
                         "subTarget": "tab0",
-                        "preText": "PaaS",
+                        "preText": "IP plan",
                         "style": "primary"
                     },
                     {
-                        "id": "e35a272b-0003-45e3-9785-dcaa314cfe51",
+                        "id": "8856bd09-4876-45f8-92b7-394da81de578",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "IP plan",
+                        "linkLabel": "Hub and spoke",
                         "subTarget": "tab1",
-                        "preText": "IP plan",
+                        "preText": "Hub and spoke",
                         "style": "primary"
                     },
                     {
-                        "id": "ddbef687-4ed9-46bf-b9ae-6179249e4bf8",
+                        "id": "c9767a8e-b7e6-4f0b-beed-3ec653839908",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Internet",
+                        "linkLabel": "Segmentation",
                         "subTarget": "tab2",
-                        "preText": "Internet",
+                        "preText": "Segmentation",
                         "style": "primary"
                     },
                     {
-                        "id": "d7eca0df-b9ff-4125-a232-1f86168676e8",
+                        "id": "be0e92d2-cad0-4085-965a-f47e82a6d204",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "Virtual WAN",
@@ -106,39 +106,39 @@
                         "style": "primary"
                     },
                     {
-                        "id": "ad29c45d-0bf8-4740-aaab-6d2d5095fe66",
+                        "id": "8b83300e-51ba-4c2b-bd93-0ec0396c329d",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Segmentation",
+                        "linkLabel": "Hybrid",
                         "subTarget": "tab4",
-                        "preText": "Segmentation",
+                        "preText": "Hybrid",
                         "style": "primary"
                     },
                     {
-                        "id": "582857c2-778c-4bcd-a34e-ebd3f5292e47",
+                        "id": "a93e1629-85aa-4ed9-9c69-7562e844e762",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hub and spoke",
+                        "linkLabel": "Firewall",
                         "subTarget": "tab5",
-                        "preText": "Hub and spoke",
+                        "preText": "Firewall",
                         "style": "primary"
                     },
                     {
-                        "id": "c61cf934-abcf-4b10-9861-b1b13a1b5a89",
+                        "id": "cb3b9213-cc5c-430a-a4fe-f0e90fce0aa8",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Firewall",
+                        "linkLabel": "PaaS",
                         "subTarget": "tab6",
-                        "preText": "Firewall",
+                        "preText": "PaaS",
                         "style": "primary"
                     },
                     {
-                        "id": "281a8b23-6cdc-4616-acc5-e84fef3a06f2",
+                        "id": "9f04eca6-37f9-4ffe-b646-e9fd67e1281d",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Hybrid",
+                        "linkLabel": "Internet",
                         "subTarget": "tab7",
-                        "preText": "Hybrid",
+                        "preText": "Internet",
                         "style": "primary"
                     }
                 ]
@@ -154,22 +154,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## PaaS"
+                            "json": "## IP plan"
                         },
                         "name": "tab0title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this."
+                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext20"
+                        "name": "querytext4"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -218,7 +218,69 @@
                                 ]
                             }
                         },
-                        "name": "query20"
+                        "name": "query4"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                        },
+                        "name": "querytext5"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 0,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query5"
                     }
                 ]
             },
@@ -238,22 +300,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## IP plan"
+                            "json": "## Hub and spoke"
                         },
                         "name": "tab1title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this."
                         },
-                        "name": "querytext4"
+                        "name": "querytext0"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\.|172\\.(1[6-9]|2[0-9]|3[01])\\.|192\\.168\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -302,20 +364,20 @@
                                 ]
                             }
                         },
-                        "name": "query4"
+                        "name": "query0"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this."
+                            "json": "If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
-                        "name": "querytext5"
+                        "name": "querytext1"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -364,42 +426,20 @@
                                 ]
                             }
                         },
-                        "name": "query5"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab1"
-            },
-            "name": "tab1"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Internet"
-                        },
-                        "name": "tab2title"
+                        "name": "query1"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information."
+                            "json": "Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
-                        "name": "querytext6"
+                        "name": "querytext2"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -448,42 +488,20 @@
                                 ]
                             }
                         },
-                        "name": "query6"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab2"
-            },
-            "name": "tab2"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Virtual WAN"
-                        },
-                        "name": "tab3title"
+                        "name": "query2"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
+                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this."
                         },
-                        "name": "querytext24"
+                        "name": "querytext3"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -532,16 +550,16 @@
                                 ]
                             }
                         },
-                        "name": "query24"
+                        "name": "query3"
                     }
                 ]
             },
             "conditionalVisibility": {
                 "parameterName": "VisibleTab",
                 "comparison": "isEqualTo",
-                "value": "tab3"
+                "value": "tab1"
             },
-            "name": "tab3"
+            "name": "tab1"
         },
         {
             "type": 12,
@@ -554,12 +572,12 @@
                         "content": {
                             "json": "## Segmentation"
                         },
-                        "name": "tab4title"
+                        "name": "tab2title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information."
+                            "json": "Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
                         "name": "querytext19"
                     },
@@ -809,9 +827,9 @@
             "conditionalVisibility": {
                 "parameterName": "VisibleTab",
                 "comparison": "isEqualTo",
-                "value": "tab4"
+                "value": "tab2"
             },
-            "name": "tab4"
+            "name": "tab2"
         },
         {
             "type": 12,
@@ -822,22 +840,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Hub and spoke"
+                            "json": "## Virtual WAN"
                         },
-                        "name": "tab5title"
+                        "name": "tab3title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information."
+                            "json": "For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext0"
+                        "name": "querytext24"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -886,82 +904,42 @@
                                 ]
                             }
                         },
-                        "name": "query0"
-                    },
+                        "name": "query24"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab3"
+            },
+            "name": "tab3"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
                     {
                         "type": 1,
                         "content": {
-                            "json": "If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
-                        },
-                        "name": "querytext1"
-                    },
-                    {
-                        "type": 3,
-                        "content": {
-                            "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
-                            "size": 0,
-                            "queryType": 1,
-                            "resourceType": "microsoft.resourcegraph/resources",
-                            "crossComponentResources": [
-                                "{Subscription}"
-                            ],
-                            "gridSettings": {
-                                "formatters": [
-                                    {
-                                        "columnMatch": "id",
-                                        "formatter": 0,
-                                        "numberFormat": {
-                                            "unit": 0,
-                                            "options": {
-                                                "style": "decimal"
-                                            }
-                                        }
-                                    },
-                                    {
-                                        "columnMatch": "compliant",
-                                        "formatter": 18,
-                                        "formatOptions": {
-                                            "thresholdsOptions": "icons",
-                                            "thresholdsGrid": [
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "1",
-                                                    "representation": "success",
-                                                    "text": "Success"
-                                                },
-                                                {
-                                                    "operator": "==",
-                                                    "thresholdValue": "0",
-                                                    "representation": "failed",
-                                                    "text": "Failed"
-                                                },
-                                                {
-                                                    "operator": "Default",
-                                                    "thresholdValue": null,
-                                                    "representation": "unknown",
-                                                    "text": "Unknown"
-                                                }
-                                            ]
-                                        }
-                                    }
-                                ]
-                            }
+                            "json": "## Hybrid"
                         },
-                        "name": "query1"
+                        "name": "tab4title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information."
+                            "json": "Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext2"
+                        "name": "querytext7"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1010,20 +988,20 @@
                                 ]
                             }
                         },
-                        "name": "query2"
+                        "name": "query7"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information."
+                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext3"
+                        "name": "querytext8"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1072,42 +1050,20 @@
                                 ]
                             }
                         },
-                        "name": "query3"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab5"
-            },
-            "name": "tab5"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Firewall"
-                        },
-                        "name": "tab6title"
+                        "name": "query8"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information."
+                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext14"
+                        "name": "querytext9"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1156,20 +1112,20 @@
                                 ]
                             }
                         },
-                        "name": "query14"
+                        "name": "query9"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information."
+                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext15"
+                        "name": "querytext10"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1218,20 +1174,20 @@
                                 ]
                             }
                         },
-                        "name": "query15"
+                        "name": "query10"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information."
+                            "json": "Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
                         },
-                        "name": "querytext16"
+                        "name": "querytext11"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1280,20 +1236,20 @@
                                 ]
                             }
                         },
-                        "name": "query16"
+                        "name": "query11"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information."
+                            "json": "Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
                         },
-                        "name": "querytext17"
+                        "name": "querytext12"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1342,20 +1298,20 @@
                                 ]
                             }
                         },
-                        "name": "query17"
+                        "name": "query12"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information."
+                            "json": "If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information."
                         },
-                        "name": "querytext18"
+                        "name": "querytext13"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1404,16 +1360,16 @@
                                 ]
                             }
                         },
-                        "name": "query18"
+                        "name": "query13"
                     }
                 ]
             },
             "conditionalVisibility": {
                 "parameterName": "VisibleTab",
                 "comparison": "isEqualTo",
-                "value": "tab6"
+                "value": "tab4"
             },
-            "name": "tab6"
+            "name": "tab4"
         },
         {
             "type": 12,
@@ -1424,22 +1380,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Hybrid"
+                            "json": "## Firewall"
                         },
-                        "name": "tab7title"
+                        "name": "tab5title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this."
                         },
-                        "name": "querytext7"
+                        "name": "querytext14"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1488,20 +1444,20 @@
                                 ]
                             }
                         },
-                        "name": "query7"
+                        "name": "query14"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information."
+                            "json": "Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
-                        "name": "querytext8"
+                        "name": "querytext15"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1550,20 +1506,20 @@
                                 ]
                             }
                         },
-                        "name": "query8"
+                        "name": "query15"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information."
+                            "json": "Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information."
                         },
-                        "name": "querytext9"
+                        "name": "querytext16"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1612,20 +1568,20 @@
                                 ]
                             }
                         },
-                        "name": "query9"
+                        "name": "query16"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this."
                         },
-                        "name": "querytext10"
+                        "name": "querytext17"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1674,20 +1630,20 @@
                                 ]
                             }
                         },
-                        "name": "query10"
+                        "name": "query17"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this."
+                            "json": "For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information."
                         },
-                        "name": "querytext11"
+                        "name": "querytext18"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1736,20 +1692,42 @@
                                 ]
                             }
                         },
-                        "name": "query11"
+                        "name": "query18"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab5"
+            },
+            "name": "tab5"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## PaaS"
+                        },
+                        "name": "tab6title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this."
+                            "json": "Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this."
                         },
-                        "name": "querytext12"
+                        "name": "querytext20"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1798,20 +1776,42 @@
                                 ]
                             }
                         },
-                        "name": "query12"
+                        "name": "query20"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab6"
+            },
+            "name": "tab6"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Internet"
+                        },
+                        "name": "tab7title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information."
+                            "json": "Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this."
                         },
-                        "name": "querytext13"
+                        "name": "querytext6"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 0,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1860,7 +1860,7 @@
                                 ]
                             }
                         },
-                        "name": "query13"
+                        "name": "query6"
                     }
                 ]
             },
diff --git a/workbooks/alz_checklist.en_network_workbook_template.json b/workbooks/alz_checklist.en_network_workbook_template.json
index 7f317ab77..ad91acf2c 100644
--- a/workbooks/alz_checklist.en_network_workbook_template.json
+++ b/workbooks/alz_checklist.en_network_workbook_template.json
@@ -41,7 +41,7 @@
             "dependsOn": [],
             "properties": {
                 "displayName": "[parameters('workbookDisplayName')]",
-                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"724a6206-8fa8-47bb-8a6f-36ad0b9602f1\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"e35a272b-0003-45e3-9785-dcaa314cfe51\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"ddbef687-4ed9-46bf-b9ae-6179249e4bf8\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"d7eca0df-b9ff-4125-a232-1f86168676e8\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"ad29c45d-0bf8-4740-aaab-6d2d5095fe66\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"582857c2-778c-4bcd-a34e-ebd3f5292e47\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"c61cf934-abcf-4b10-9861-b1b13a1b5a89\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Firewall\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"Firewall\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"281a8b23-6cdc-4616-acc5-e84fef3a06f2\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid\",\n                        \"subTarget\": \"tab7\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext24\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query24\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext23\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query23\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Firewall\"\n                        },\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"name\": \"tab7title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab7\"\n            },\n            \"name\": \"tab7\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
+                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Landing Zone Review - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"87a147f8-995c-4a70-a074-7adb8e7edea5\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"IP plan\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"IP plan\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"8856bd09-4876-45f8-92b7-394da81de578\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hub and spoke\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Hub and spoke\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"c9767a8e-b7e6-4f0b-beed-3ec653839908\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Segmentation\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Segmentation\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"be0e92d2-cad0-4085-965a-f47e82a6d204\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Virtual WAN\",\n                        \"subTarget\": \"tab3\",\n                        \"preText\": \"Virtual WAN\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"8b83300e-51ba-4c2b-bd93-0ec0396c329d\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Hybrid\",\n                        \"subTarget\": \"tab4\",\n                        \"preText\": \"Hybrid\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"a93e1629-85aa-4ed9-9c69-7562e844e762\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Firewall\",\n                        \"subTarget\": \"tab5\",\n                        \"preText\": \"Firewall\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"cb3b9213-cc5c-430a-a4fe-f0e90fce0aa8\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"PaaS\",\n                        \"subTarget\": \"tab6\",\n                        \"preText\": \"PaaS\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"9f04eca6-37f9-4ffe-b646-e9fd67e1281d\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Internet\",\n                        \"subTarget\": \"tab7\",\n                        \"preText\": \"Internet\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## IP plan\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use IP addresses from the address allocation ranges for private internets (RFC 1918). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | project name, id, location, resourceGroup, subscriptionId, cidr = addressPrefix | extend compliant = (cidr matches regex @'^(10\\\\.|172\\\\.(1[6-9]|2[0-9]|3[01])\\\\.|192\\\\.168\\\\.)')  | project id, compliant, cidr | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that IP address space isn't wasted, don't create unnecessarily large virtual networks (for example /16). Check [this link](https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing) for further information.. [This training](https://learn.microsoft.com/learn/paths/architect-network-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | extend addressSpace = todynamic(properties.addressSpace) | extend addressPrefix = todynamic(properties.addressSpace.addressPrefixes) | mvexpand addressSpace | mvexpand addressPrefix | extend addressMask = split(addressPrefix,'/')[1] | extend compliant = addressMask > 16 | project name, id, subscriptionId, resourceGroup, addressPrefix, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hub and spoke\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If using Route Server, use a /27 prefix for the Route Server subnet. Check [this link](https://learn.microsoft.com/azure/route-server/quickstart-configure-route-server-portal#create-a-route-server-1) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-route-server/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'RouteServerSubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you have more than 400 spoke networks in a region, deploy an additional hub to bypass VNet peering limits (500) and the maximum number of prefixes that can be advertised via ExpressRoute (1000). Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | summarize peeringcount = count() by id | extend compliant = (peeringcount < 450) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Limit the number of routes per route table to 400. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits?toc=/azure/virtual-network/toc.json#azure-resource-manager-virtual-networking-limits) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/routetables' | mvexpand properties.routes | summarize routeCount = count() by id | extend compliant = (routeCount < 360) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use the setting 'Allow traffic to remote virtual network' when configuring VNet peerings. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-manage-peering) for further information.. [This training](https://learn.microsoft.com/training/modules/hub-and-spoke-network-architecture/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | project id, peeringName=properties_virtualNetworkPeerings.name, compliant = (properties_virtualNetworkPeerings.properties.allowVirtualNetworkAccess == True) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Segmentation\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use a /26 prefix for your Azure Firewall subnets. Check [this link](https://learn.microsoft.com/azure/firewall/firewall-faq#why-does-azure-firewall-need-a--26-subnet-size) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext19\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureFirewallSubnet' | extend compliant = (subnetPrefixLength == 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query19\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use at least a /27 prefix for your Gateway subnets. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-howto-add-gateway-resource-manager#add-a-gateway) for further information.\"\n                        },\n                        \"name\": \"querytext21\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'GatewaySubnet' | extend compliant = (subnetPrefixLength <= 27) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query21\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't rely on the NSG inbound default rules using the VirtualNetwork service tag to limit connectivity. Check [this link](https://learn.microsoft.com/azure/virtual-network/service-tags-overview#available-service-tags) for further information.\"\n                        },\n                        \"name\": \"querytext22\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/networksecuritygroups' | mvexpand properties.securityRules | project id,name,ruleAction=properties_securityRules.properties.access,rulePriority=properties_securityRules.properties.priority,ruleDst=properties_securityRules.properties.destinationAddressPrefix,ruleSrc=properties_securityRules.properties.sourceAddressPrefix,ruleProt=properties_securityRules.properties.protocol,ruleDirection=properties_securityRules.properties.direction,rulePort=properties_securityRules.properties.destinationPortRange | summarize StarDenies=countif(ruleAction=='Deny' and ruleDst=='*' and ruleSrc=='*' and ruleProt=='*' and rulePort=='*') by id,tostring(ruleDirection) | where ruleDirection == 'Inbound' | project id,compliant=(StarDenies>0) | union (resources | where type=='microsoft.network/networksecuritygroups' | where array_length(properties.securityRules)==0 | extend compliant=false | project id,compliant) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query22\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Do not implement more than 900 NSG rules per NSG, due to the limit of 1000 rules. Check [this link](https://learn.microsoft.com/azure/azure-resource-manager/management/azure-subscription-service-limits) for further information.. [This training](https://learn.microsoft.com/azure/virtual-network/network-security-group-how-it-works) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext23\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/networksecuritygroups' | project id, rules = array_length(properties.securityRules) | project id, compliant = (rules < 900) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query23\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Virtual WAN\"\n                        },\n                        \"name\": \"tab3title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For outbound Internet traffic protection and filtering, deploy Azure Firewall in secured hubs. Check [this link](https://learn.microsoft.com/azure/virtual-wan/howto-firewall) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext24\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualhubs' | extend compliant = isnotnull(properties.azureFirewall.id) | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query24\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab3\"\n            },\n            \"name\": \"tab3\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Hybrid\"\n                        },\n                        \"name\": \"tab4title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Select the right SKU for the ExpressRoute/VPN gateways based on bandwidth and performance requirements. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways?source=recommendations#gwsku) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier !in ('Basic', 'Standard')| project name, id, subscriptionId, resourceGroup, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure that you're using unlimited-data ExpressRoute circuits only if you reach the bandwidth that justifies their cost. Check [this link](https://learn.microsoft.com/azure/expressroute/plan-manage-cost) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/expressroutecircuits' | extend compliant = (tolower(sku.family) == 'metereddata' or tolower(sku.tier) == 'local') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Leverage the Local SKU of ExpressRoute to reduce the cost of your circuits, if your circuit peering location supports your Azure regions for the Local SKU. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-faqs#expressroute-local) for further information.. [This training](https://learn.microsoft.com/training/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project id, gwid=tostring(properties.virtualNetworkGateway1.id), circuitid=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitid=tostring(id), circuitsku=sku.tier) on circuitid | project id=gwid, compliant = (circuitsku == 'Local') | summarize compliant=max(compliant) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy a zone-redundant ExpressRoute gateway in the supported Azure regions. Check [this link](https://learn.microsoft.com/azure/expressroute/expressroute-about-virtual-network-gateways) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources| where type == 'microsoft.network/virtualnetworkgateways'| where properties.gatewayType =~ 'vpn' or properties.gatewayType == 'ExpressRoute'| extend SKUName = properties.sku.name, SKUTier = properties.sku.tier, Type = properties.gatewayType| extend compliant = SKUTier contains 'AZ'| project name, id, subscriptionId, resourceGroup, Type, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use zone-redundant VPN gateways to connect branches or remote locations to Azure (where available). Check [this link](https://learn.microsoft.com/azure/vpn-gateway/create-zone-redundant-vnet-gateway) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-vpn-gateway/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworkgateways' | where properties.gatewayType == 'Vpn' | extend compliant = (tolower(properties.sku.name) contains 'az') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use ExpressRoute circuits from different peering locations for redundancy. Check [this link](https://learn.microsoft.com/azure/expressroute/designing-for-disaster-recovery-with-expressroute-privatepeering#need-for-redundant-connectivity-solution) for further information.. [This training](https://learn.microsoft.com/learn/modules/design-implement-azure-expressroute/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext12\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/connections' | where properties.connectionType == 'ExpressRoute' | project cxId=id, gwId=tostring(properties.virtualNetworkGateway1.id), circuitId=tostring(properties.peer.id) | join (resources | where type=='microsoft.network/expressroutecircuits' | project circuitId=tostring(id), circuitLocation=tostring(properties.serviceProviderProperties.peeringLocation)) on circuitId | distinct gwId, circuitLocation | summarize countErLocations=count() by id=gwId | extend compliant = (countErLocations >= 2) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query12\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"If you are using a route table in the GatewaySubnet, make sure that gateway routes are propagated. Check [this link](https://learn.microsoft.com/azure/vpn-gateway/vpn-gateway-about-vpn-gateway-settings#gwsub) for further information.\"\n                        },\n                        \"name\": \"querytext13\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,resourceGroup,name,subnetName=tostring(subnets.name),routeTableId=tostring(subnets.properties.routeTable.id) | where subnetName == 'GatewaySubnet' | join kind=leftouter (Resources | where type == 'microsoft.network/routetables' | project routeTableName=name,routeTableId=id, disableBgpRoutePropagation=properties.disableBgpRoutePropagation) on routeTableId | project id,compliant = (disableBgpRoutePropagation == False or isnull(disableBgpRoutePropagation)) | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query13\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab4\"\n            },\n            \"name\": \"tab4\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Firewall\"\n                        },\n                        \"name\": \"tab5title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use application rules to filter outbound traffic on destination host name for supported protocols.  Use FQDN-based network rules and Azure Firewall with DNS proxy to filter egress traffic to the Internet over other protocols. Check [this link](https://learn.microsoft.com/azure/firewall/fqdn-filtering-network-rules) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-networking-infrastructure/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext14\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.dnsSettings.enableProxy == true) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query14\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Firewall Premium to enable additional security features. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext15\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.sku.tier == 'Premium') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query15\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall Threat Intelligence mode to Alert and Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps-signature-rules) for further information.\"\n                        },\n                        \"name\": \"querytext16\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.threatIntelMode == 'Deny') | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query16\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure Azure Firewall IDPS mode to Deny for additional protection. Check [this link](https://learn.microsoft.com/azure/firewall/premium-features#idps) for further information.. [This training](https://learn.microsoft.com/training/modules/introduction-azure-firewall/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext17\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/firewallpolicies' | extend compliant = (properties.intrusionDetection.mode == 'Deny') | project id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query17\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"For subnets in VNets not connected to Virtual WAN, attach a route table so that Internet traffic is redirected to Azure Firewall or a Network Virtual Appliance. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-networks-udr-overview) for further information.\"\n                        },\n                        \"name\": \"querytext18\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets=properties.subnets | mv-expand subnets | project id,name,subnetId=tostring(subnets.id), subnetName=tostring(subnets.name),subnetRT=subnets.properties.routeTable.id | where not (subnetName in ('GatewaySubnet', 'AzureFirewallSubnet', 'RouteServerSubnet', 'AzureBastionSubnet')) | extend hasRT = isnotnull(subnetRT) | distinct id, hasRT, subnetId | join kind=fullouter (resources | where type == 'microsoft.network/virtualnetworks' | mvexpand properties.virtualNetworkPeerings | extend isVWAN=(tolower(split(properties_virtualNetworkPeerings.name, '_')[0]) == 'remotevnettohubpeering') | mv-expand properties.subnets | project id, isVWAN, name, subnetId=tostring(properties_subnets.id), subnetName=tostring(properties_subnets.name) | summarize PeeredToVWAN=max(isVWAN) by id, subnetId | project id, subnetId, isVWANpeer = (PeeredToVWAN == true)) on subnetId | project id=iff(isnotempty(id), id, id1), subnetId=iff(isnotempty(subnetId), subnetId, subnetId1), hasRT, isVWANpeer | extend compliant = (hasRT==true or isVWANpeer==true) | distinct id, subnetId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query18\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab5\"\n            },\n            \"name\": \"tab5\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## PaaS\"\n                        },\n                        \"name\": \"tab6title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Don't enable virtual network service endpoints by default on all subnets. Check [this link](https://learn.microsoft.com/azure/virtual-network/virtual-network-service-endpoints-overview) for further information.. [This training](https://learn.microsoft.com/learn/paths/implement-network-security/?source=learn) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext20\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/virtualnetworks' | project id,resourceGroup,name,subnets = properties.subnets | mv-expand subnets | project id = subnets.id, resourceGroup, VNet = name, serviceEndpoints = subnets.properties.serviceEndpoints, compliant = (isnull(subnets.properties.serviceEndpoints) or array_length(subnets.properties.serviceEndpoints) == 0) | order by compliant asc | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query20\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab6\"\n            },\n            \"name\": \"tab6\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Internet\"\n                        },\n                        \"name\": \"tab7title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure Bastion in a subnet /26 or larger. Check [this link](https://learn.microsoft.com/azure/bastion/bastion-faq#subnet) for further information.. [This training](https://learn.microsoft.com/training/modules/intro-to-azure-bastion/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | project id, subnetName = subnets.name, subnetPrefix = subnets.properties.addressPrefix | extend subnetPrefixLength = split(subnetPrefix, '/')[1] | where subnetName == 'AzureBastionSubnet' | extend compliant = (subnetPrefixLength <= 26) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab7\"\n            },\n            \"name\": \"tab7\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
                 "version": "1.0",
                 "sourceId": "[parameters('workbookSourceId')]",
                 "category": "[parameters('workbookType')]"
diff --git a/workbooks/appdelivery_checklist.en_network_counters_workbook.json b/workbooks/appdelivery_checklist.en_network_counters_workbook.json
index dbbd1c32f..a7340d013 100644
--- a/workbooks/appdelivery_checklist.en_network_counters_workbook.json
+++ b/workbooks/appdelivery_checklist.en_network_counters_workbook.json
@@ -413,7 +413,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query9Stats:$.Success}"
+                                    "resultVal": "{Query1Stats:$.Success}+{Query8Stats:$.Success}"
                                 }
                             }
                         ]
@@ -432,7 +432,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query9Stats:$.Total}"
+                                    "resultVal": "{Query1Stats:$.Total}+{Query8Stats:$.Total}"
                                 }
                             }
                         ]
@@ -527,7 +527,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query1Stats:$.Success}+{Query8Stats:$.Success}"
+                                    "resultVal": "{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query9Stats:$.Success}"
                                 }
                             }
                         ]
@@ -546,7 +546,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query1Stats:$.Total}+{Query8Stats:$.Total}"
+                                    "resultVal": "{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query9Stats:$.Total}"
                                 }
                             }
                         ]
@@ -584,7 +584,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query9Stats:$.Total}+{Query0Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query4Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query1Stats:$.Total}+{Query8Stats:$.Total}"
+                                    "resultVal": "{Query1Stats:$.Total}+{Query8Stats:$.Total}+{Query0Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query4Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query9Stats:$.Total}"
                                 }
                             }
                         ]
@@ -603,7 +603,7 @@
                                 "criteriaContext": {
                                     "operator": "Default",
                                     "resultValType": "expression",
-                                    "resultVal": "{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query9Stats:$.Success}+{Query0Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query4Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query1Stats:$.Success}+{Query8Stats:$.Success}"
+                                    "resultVal": "{Query1Stats:$.Success}+{Query8Stats:$.Success}+{Query0Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query4Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query9Stats:$.Success}"
                                 }
                             }
                         ]
@@ -677,16 +677,16 @@
                 "style": "tabs",
                 "links": [
                     {
-                        "id": "e5ba4fd6-319c-4916-a866-b6e195ab5427",
+                        "id": "8f9328ab-7cc5-4882-bc57-347dd7f12f2d",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Front Door ({Tab0Success:value}/{Tab0Total:value})",
+                        "linkLabel": "Load Balancer ({Tab0Success:value}/{Tab0Total:value})",
                         "subTarget": "tab0",
-                        "preText": "Front Door",
+                        "preText": "Load Balancer",
                         "style": "primary"
                     },
                     {
-                        "id": "a1ac9b7d-6f9a-484d-b89c-31d6c1dc2423",
+                        "id": "6765eed7-c503-4466-9eeb-345e61fbadad",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "App Gateway ({Tab1Success:value}/{Tab1Total:value})",
@@ -695,12 +695,12 @@
                         "style": "primary"
                     },
                     {
-                        "id": "9c735b8a-a099-492b-bea4-d05bd6d6735b",
+                        "id": "cb096da5-a7d9-4383-8802-4285449fb49c",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Load Balancer ({Tab2Success:value}/{Tab2Total:value})",
+                        "linkLabel": "Front Door ({Tab2Success:value}/{Tab2Total:value})",
                         "subTarget": "tab2",
-                        "preText": "Load Balancer",
+                        "preText": "Front Door",
                         "style": "primary"
                     }
                 ]
@@ -716,22 +716,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Front Door"
+                            "json": "## Load Balancer"
                         },
                         "name": "tab0title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy your WAF policy for Front Door in 'Prevention' mode' so that Web Application Firewall takes appropriate action to allow or deny traffic. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information."
+                            "json": "Ensure you are using the Standard SKU for your Azure Load Balancers. Check [this link](https://learn.microsoft.com/azure/load-balancer/load-balancer-overview) for further information."
                         },
-                        "name": "querytext5"
+                        "name": "querytext1"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard') | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -780,20 +780,20 @@
                                 ]
                             }
                         },
-                        "name": "query5"
+                        "name": "query1"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Disable health probes when there is only one origin in an Azure Front Door origin group. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group) for further information."
+                            "json": "Use Azure NAT Gateway instead of Load Balancer outbound rules for better SNAT scalability. Check [this link](https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity) for further information."
                         },
-                        "name": "querytext6"
+                        "name": "querytext8"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -842,20 +842,42 @@
                                 ]
                             }
                         },
-                        "name": "query6"
+                        "name": "query8"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab0"
+            },
+            "name": "tab0"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## App Gateway"
+                        },
+                        "name": "tab1title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes) for further information."
+                            "json": "Ensure you are using Application Gateway v2 SKU. Check [this link](https://learn.microsoft.com/azure/application-gateway/overview-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
                         },
-                        "name": "querytext7"
+                        "name": "querytext0"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -904,20 +926,20 @@
                                 ]
                             }
                         },
-                        "name": "query7"
+                        "name": "query0"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates) for further information."
+                            "json": "Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24. Check [this link](https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
                         },
-                        "name": "querytext9"
+                        "name": "querytext2"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -966,42 +988,20 @@
                                 ]
                             }
                         },
-                        "name": "query9"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab0"
-            },
-            "name": "tab0"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## App Gateway"
-                        },
-                        "name": "tab1title"
+                        "name": "query2"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure you are using Application Gateway v2 SKU. Check [this link](https://learn.microsoft.com/azure/application-gateway/overview-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
+                            "json": "Configure autoscaling with a minimum amount of instances of two. Check [this link](https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
                         },
-                        "name": "querytext0"
+                        "name": "querytext3"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1050,20 +1050,20 @@
                                 ]
                             }
                         },
-                        "name": "query0"
+                        "name": "query3"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24. Check [this link](https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
+                            "json": "Deploy Application Gateway across Availability Zones. Check [this link](https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
                         },
-                        "name": "querytext2"
+                        "name": "querytext4"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1112,20 +1112,20 @@
                                 ]
                             }
                         },
-                        "name": "query2"
+                        "name": "query4"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure autoscaling with a minimum amount of instances of two. Check [this link](https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
+                            "json": "Enable the Azure Application Gateway WAF bot protection rule set. The bot rules detect good and bad bots. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection) for further information."
                         },
-                        "name": "querytext3"
+                        "name": "querytext10"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1174,20 +1174,20 @@
                                 ]
                             }
                         },
-                        "name": "query3"
+                        "name": "query10"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy Application Gateway across Availability Zones. Check [this link](https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
+                            "json": "Deploy your WAF policy for Application Gateway in 'Prevention' mode. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information."
                         },
-                        "name": "querytext4"
+                        "name": "querytext11"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1236,20 +1236,42 @@
                                 ]
                             }
                         },
-                        "name": "query4"
+                        "name": "query11"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab1"
+            },
+            "name": "tab1"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Front Door"
+                        },
+                        "name": "tab2title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Enable the Azure Application Gateway WAF bot protection rule set. The bot rules detect good and bad bots. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection) for further information."
+                            "json": "Deploy your WAF policy for Front Door in 'Prevention' mode' so that Web Application Firewall takes appropriate action to allow or deny traffic. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information."
                         },
-                        "name": "querytext10"
+                        "name": "querytext5"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1298,20 +1320,20 @@
                                 ]
                             }
                         },
-                        "name": "query10"
+                        "name": "query5"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy your WAF policy for Application Gateway in 'Prevention' mode. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information."
+                            "json": "Disable health probes when there is only one origin in an Azure Front Door origin group. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group) for further information."
                         },
-                        "name": "querytext11"
+                        "name": "querytext6"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1360,42 +1382,20 @@
                                 ]
                             }
                         },
-                        "name": "query11"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab1"
-            },
-            "name": "tab1"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## Load Balancer"
-                        },
-                        "name": "tab2title"
+                        "name": "query6"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure you are using the Standard SKU for your Azure Load Balancers. Check [this link](https://learn.microsoft.com/azure/load-balancer/load-balancer-overview) for further information."
+                            "json": "Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes) for further information."
                         },
-                        "name": "querytext1"
+                        "name": "querytext7"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard') | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1444,20 +1444,20 @@
                                 ]
                             }
                         },
-                        "name": "query1"
+                        "name": "query7"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use Azure NAT Gateway instead of Load Balancer outbound rules for better SNAT scalability. Check [this link](https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity) for further information."
+                            "json": "Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates) for further information."
                         },
-                        "name": "querytext8"
+                        "name": "querytext9"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -1506,7 +1506,7 @@
                                 ]
                             }
                         },
-                        "name": "query8"
+                        "name": "query9"
                     }
                 ]
             },
diff --git a/workbooks/appdelivery_checklist.en_network_counters_workbook_template.json b/workbooks/appdelivery_checklist.en_network_counters_workbook_template.json
index 69e51b27a..cec367efb 100644
--- a/workbooks/appdelivery_checklist.en_network_counters_workbook_template.json
+++ b/workbooks/appdelivery_checklist.en_network_counters_workbook_template.json
@@ -41,7 +41,7 @@
             "dependsOn": [],
             "properties": {
                 "displayName": "[parameters('workbookDisplayName')]",
-                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"crossComponentResources\": [\n                    \"value::all\"\n                ],\n                \"parameters\": [\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard')| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6Stats\",\n                        \"type\": 1,\n                        \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7Stats\",\n                        \"type\": 1,\n                        \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9Stats\",\n                        \"type\": 1,\n                        \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query9Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query9Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query4Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query4Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query1Stats:$.Success}+{Query8Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query1Stats:$.Total}+{Query8Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookTotal\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query9Stats:$.Total}+{Query0Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query4Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query1Stats:$.Total}+{Query8Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookSuccess\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query9Stats:$.Success}+{Query0Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query4Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query1Stats:$.Success}+{Query8Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookPercent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{WorkbookSuccess}/{WorkbookTotal})\"\n                                }\n                            }\n                        ]\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 1,\n                \"resourceType\": \"microsoft.resourcegraph/resources\"\n            },\n            \"name\": \"InvisibleParameters\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Application Delivery Networking - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 3,\n            \"content\": {\n                \"version\": \"KqlItem/1.0\",\n                \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"WorkbookPercent\\\\\\\": \\\\\\\"{WorkbookPercent}\\\\\\\", \\\\\\\"SubTitle\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                \"size\": 4,\n                \"queryType\": 8,\n                \"visualization\": \"tiles\",\n                \"tileSettings\": {\n                    \"titleContent\": {\n                        \"columnMatch\": \"WorkbookPercent\",\n                        \"formatter\": 4,\n                        \"formatOptions\": {\n                            \"min\": 0,\n                            \"max\": 100,\n                            \"palette\": \"redGreen\"\n                        }\n                    },\n                    \"subtitleContent\": {\n                        \"columnMatch\": \"SubTitle\",\n                        \"formatter\": 1\n                    },\n                    \"showBorder\": true\n                }\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"ProgressTile\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"e5ba4fd6-319c-4916-a866-b6e195ab5427\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Front Door ({Tab0Success:value}/{Tab0Total:value})\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Front Door\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"a1ac9b7d-6f9a-484d-b89c-31d6c1dc2423\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"App Gateway ({Tab1Success:value}/{Tab1Total:value})\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"App Gateway\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"9c735b8a-a099-492b-bea4-d05bd6d6735b\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Load Balancer ({Tab2Success:value}/{Tab2Total:value})\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Load Balancer\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Front Door\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Front Door in 'Prevention' mode' so that Web Application Firewall takes appropriate action to allow or deny traffic. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Disable health probes when there is only one origin in an Azure Front Door origin group. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes) for further information.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates) for further information.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## App Gateway\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using Application Gateway v2 SKU. Check [this link](https://learn.microsoft.com/azure/application-gateway/overview-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24. Check [this link](https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure autoscaling with a minimum amount of instances of two. Check [this link](https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy Application Gateway across Availability Zones. Check [this link](https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Enable the Azure Application Gateway WAF bot protection rule set. The bot rules detect good and bad bots. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection) for further information.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Application Gateway in 'Prevention' mode. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Load Balancer\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using the Standard SKU for your Azure Load Balancers. Check [this link](https://learn.microsoft.com/azure/load-balancer/load-balancer-overview) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard') | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure NAT Gateway instead of Load Balancer outbound rules for better SNAT scalability. Check [this link](https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity) for further information.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
+                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"crossComponentResources\": [\n                    \"value::all\"\n                ],\n                \"parameters\": [\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard')| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query3FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query3Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query4FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query4Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query5FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query5Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6Stats\",\n                        \"type\": 1,\n                        \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query6FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query6Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7Stats\",\n                        \"type\": 1,\n                        \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query7FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query7Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query8FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query8Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9Stats\",\n                        \"type\": 1,\n                        \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query9FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query9Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query10FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query10Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query11FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query11Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query1Stats:$.Success}+{Query8Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query1Stats:$.Total}+{Query8Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query4Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query4Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab1Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab1Success}/{Tab1Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query9Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query9Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab2Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab2Success}/{Tab2Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookTotal\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query1Stats:$.Total}+{Query8Stats:$.Total}+{Query0Stats:$.Total}+{Query2Stats:$.Total}+{Query3Stats:$.Total}+{Query4Stats:$.Total}+{Query10Stats:$.Total}+{Query11Stats:$.Total}+{Query5Stats:$.Total}+{Query6Stats:$.Total}+{Query7Stats:$.Total}+{Query9Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookSuccess\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query1Stats:$.Success}+{Query8Stats:$.Success}+{Query0Stats:$.Success}+{Query2Stats:$.Success}+{Query3Stats:$.Success}+{Query4Stats:$.Success}+{Query10Stats:$.Success}+{Query11Stats:$.Success}+{Query5Stats:$.Success}+{Query6Stats:$.Success}+{Query7Stats:$.Success}+{Query9Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookPercent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{WorkbookSuccess}/{WorkbookTotal})\"\n                                }\n                            }\n                        ]\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 1,\n                \"resourceType\": \"microsoft.resourcegraph/resources\"\n            },\n            \"name\": \"InvisibleParameters\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Application Delivery Networking - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 3,\n            \"content\": {\n                \"version\": \"KqlItem/1.0\",\n                \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"WorkbookPercent\\\\\\\": \\\\\\\"{WorkbookPercent}\\\\\\\", \\\\\\\"SubTitle\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                \"size\": 4,\n                \"queryType\": 8,\n                \"visualization\": \"tiles\",\n                \"tileSettings\": {\n                    \"titleContent\": {\n                        \"columnMatch\": \"WorkbookPercent\",\n                        \"formatter\": 4,\n                        \"formatOptions\": {\n                            \"min\": 0,\n                            \"max\": 100,\n                            \"palette\": \"redGreen\"\n                        }\n                    },\n                    \"subtitleContent\": {\n                        \"columnMatch\": \"SubTitle\",\n                        \"formatter\": 1\n                    },\n                    \"showBorder\": true\n                }\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"ProgressTile\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"8f9328ab-7cc5-4882-bc57-347dd7f12f2d\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Load Balancer ({Tab0Success:value}/{Tab0Total:value})\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Load Balancer\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"6765eed7-c503-4466-9eeb-345e61fbadad\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"App Gateway ({Tab1Success:value}/{Tab1Total:value})\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"App Gateway\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"cb096da5-a7d9-4383-8802-4285449fb49c\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Front Door ({Tab2Success:value}/{Tab2Total:value})\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Front Door\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Load Balancer\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using the Standard SKU for your Azure Load Balancers. Check [this link](https://learn.microsoft.com/azure/load-balancer/load-balancer-overview) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard') | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure NAT Gateway instead of Load Balancer outbound rules for better SNAT scalability. Check [this link](https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity) for further information.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## App Gateway\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using Application Gateway v2 SKU. Check [this link](https://learn.microsoft.com/azure/application-gateway/overview-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24. Check [this link](https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure autoscaling with a minimum amount of instances of two. Check [this link](https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy Application Gateway across Availability Zones. Check [this link](https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Enable the Azure Application Gateway WAF bot protection rule set. The bot rules detect good and bad bots. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection) for further information.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Application Gateway in 'Prevention' mode. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Front Door\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Front Door in 'Prevention' mode' so that Web Application Firewall takes appropriate action to allow or deny traffic. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Disable health probes when there is only one origin in an Azure Front Door origin group. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes) for further information.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates) for further information.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
                 "version": "1.0",
                 "sourceId": "[parameters('workbookSourceId')]",
                 "category": "[parameters('workbookType')]"
diff --git a/workbooks/appdelivery_checklist.en_network_workbook.json b/workbooks/appdelivery_checklist.en_network_workbook.json
index 3c2bd2e4b..06b49bae3 100644
--- a/workbooks/appdelivery_checklist.en_network_workbook.json
+++ b/workbooks/appdelivery_checklist.en_network_workbook.json
@@ -70,25 +70,25 @@
                 "style": "tabs",
                 "links": [
                     {
-                        "id": "eead62f5-2b5b-412f-8ce9-e444104bb64e",
+                        "id": "a03cc5a8-4699-4b0b-98f2-534e39376fc7",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "Front Door",
+                        "linkLabel": "App Gateway",
                         "subTarget": "tab0",
-                        "preText": "Front Door",
+                        "preText": "App Gateway",
                         "style": "primary"
                     },
                     {
-                        "id": "ce137d79-b47b-45dc-955b-efdcb38cc867",
+                        "id": "51948f2a-8109-4519-b518-9bdbd3677a9b",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
-                        "linkLabel": "App Gateway",
+                        "linkLabel": "Front Door",
                         "subTarget": "tab1",
-                        "preText": "App Gateway",
+                        "preText": "Front Door",
                         "style": "primary"
                     },
                     {
-                        "id": "4d025713-e2bd-40da-ad43-4e01514547f8",
+                        "id": "09e97a7d-c2db-4d87-b154-440f1fad8ed7",
                         "cellValue": "VisibleTab",
                         "linkTarget": "parameter",
                         "linkLabel": "Load Balancer",
@@ -109,22 +109,22 @@
                     {
                         "type": 1,
                         "content": {
-                            "json": "## Front Door"
+                            "json": "## App Gateway"
                         },
                         "name": "tab0title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy your WAF policy for Front Door in 'Prevention' mode' so that Web Application Firewall takes appropriate action to allow or deny traffic. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information."
+                            "json": "Ensure you are using Application Gateway v2 SKU. Check [this link](https://learn.microsoft.com/azure/application-gateway/overview-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
                         },
-                        "name": "querytext5"
+                        "name": "querytext0"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -173,20 +173,20 @@
                                 ]
                             }
                         },
-                        "name": "query5"
+                        "name": "query0"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Disable health probes when there is only one origin in an Azure Front Door origin group. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group) for further information."
+                            "json": "Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24. Check [this link](https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
                         },
-                        "name": "querytext6"
+                        "name": "querytext2"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -235,20 +235,20 @@
                                 ]
                             }
                         },
-                        "name": "query6"
+                        "name": "query2"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes) for further information."
+                            "json": "Configure autoscaling with a minimum amount of instances of two. Check [this link](https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
                         },
-                        "name": "querytext7"
+                        "name": "querytext3"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -297,20 +297,20 @@
                                 ]
                             }
                         },
-                        "name": "query7"
+                        "name": "query3"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates) for further information."
+                            "json": "Deploy Application Gateway across Availability Zones. Check [this link](https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
                         },
-                        "name": "querytext9"
+                        "name": "querytext4"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -359,42 +359,20 @@
                                 ]
                             }
                         },
-                        "name": "query9"
-                    }
-                ]
-            },
-            "conditionalVisibility": {
-                "parameterName": "VisibleTab",
-                "comparison": "isEqualTo",
-                "value": "tab0"
-            },
-            "name": "tab0"
-        },
-        {
-            "type": 12,
-            "content": {
-                "version": "NotebookGroup/1.0",
-                "groupType": "editable",
-                "items": [
-                    {
-                        "type": 1,
-                        "content": {
-                            "json": "## App Gateway"
-                        },
-                        "name": "tab1title"
+                        "name": "query4"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Ensure you are using Application Gateway v2 SKU. Check [this link](https://learn.microsoft.com/azure/application-gateway/overview-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
+                            "json": "Enable the Azure Application Gateway WAF bot protection rule set. The bot rules detect good and bad bots. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection) for further information."
                         },
-                        "name": "querytext0"
+                        "name": "querytext10"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -443,20 +421,20 @@
                                 ]
                             }
                         },
-                        "name": "query0"
+                        "name": "query10"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24. Check [this link](https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
+                            "json": "Deploy your WAF policy for Application Gateway in 'Prevention' mode. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information."
                         },
-                        "name": "querytext2"
+                        "name": "querytext11"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -505,20 +483,42 @@
                                 ]
                             }
                         },
-                        "name": "query2"
+                        "name": "query11"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab0"
+            },
+            "name": "tab0"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Front Door"
+                        },
+                        "name": "tab1title"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Configure autoscaling with a minimum amount of instances of two. Check [this link](https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
+                            "json": "Deploy your WAF policy for Front Door in 'Prevention' mode' so that Web Application Firewall takes appropriate action to allow or deny traffic. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information."
                         },
-                        "name": "querytext3"
+                        "name": "querytext5"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -567,20 +567,20 @@
                                 ]
                             }
                         },
-                        "name": "query3"
+                        "name": "query5"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy Application Gateway across Availability Zones. Check [this link](https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this."
+                            "json": "Disable health probes when there is only one origin in an Azure Front Door origin group. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group) for further information."
                         },
-                        "name": "querytext4"
+                        "name": "querytext6"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -629,20 +629,20 @@
                                 ]
                             }
                         },
-                        "name": "query4"
+                        "name": "query6"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Enable the Azure Application Gateway WAF bot protection rule set. The bot rules detect good and bad bots. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection) for further information."
+                            "json": "Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes) for further information."
                         },
-                        "name": "querytext10"
+                        "name": "querytext7"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -691,20 +691,20 @@
                                 ]
                             }
                         },
-                        "name": "query10"
+                        "name": "query7"
                     },
                     {
                         "type": 1,
                         "content": {
-                            "json": "Deploy your WAF policy for Application Gateway in 'Prevention' mode. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information."
+                            "json": "Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates) for further information."
                         },
-                        "name": "querytext11"
+                        "name": "querytext9"
                     },
                     {
                         "type": 3,
                         "content": {
                             "version": "KqlItem/1.0",
-                            "query": "resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "query": "cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
                             "size": 4,
                             "queryType": 1,
                             "resourceType": "microsoft.resourcegraph/resources",
@@ -753,7 +753,7 @@
                                 ]
                             }
                         },
-                        "name": "query11"
+                        "name": "query9"
                     }
                 ]
             },
diff --git a/workbooks/appdelivery_checklist.en_network_workbook_template.json b/workbooks/appdelivery_checklist.en_network_workbook_template.json
index 7005f647b..298a00e0f 100644
--- a/workbooks/appdelivery_checklist.en_network_workbook_template.json
+++ b/workbooks/appdelivery_checklist.en_network_workbook_template.json
@@ -41,7 +41,7 @@
             "dependsOn": [],
             "properties": {
                 "displayName": "[parameters('workbookDisplayName')]",
-                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Application Delivery Networking - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"eead62f5-2b5b-412f-8ce9-e444104bb64e\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Front Door\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Front Door\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"ce137d79-b47b-45dc-955b-efdcb38cc867\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"App Gateway\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"App Gateway\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"4d025713-e2bd-40da-ad43-4e01514547f8\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Load Balancer\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Load Balancer\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Front Door\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Front Door in 'Prevention' mode' so that Web Application Firewall takes appropriate action to allow or deny traffic. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Disable health probes when there is only one origin in an Azure Front Door origin group. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes) for further information.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates) for further information.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## App Gateway\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using Application Gateway v2 SKU. Check [this link](https://learn.microsoft.com/azure/application-gateway/overview-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24. Check [this link](https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure autoscaling with a minimum amount of instances of two. Check [this link](https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy Application Gateway across Availability Zones. Check [this link](https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Enable the Azure Application Gateway WAF bot protection rule set. The bot rules detect good and bad bots. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection) for further information.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Application Gateway in 'Prevention' mode. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Load Balancer\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using the Standard SKU for your Azure Load Balancers. Check [this link](https://learn.microsoft.com/azure/load-balancer/load-balancer-overview) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard') | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure NAT Gateway instead of Load Balancer outbound rules for better SNAT scalability. Check [this link](https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity) for further information.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
+                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Application Delivery Networking - Network\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"a03cc5a8-4699-4b0b-98f2-534e39376fc7\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"App Gateway\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"App Gateway\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"51948f2a-8109-4519-b518-9bdbd3677a9b\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Front Door\",\n                        \"subTarget\": \"tab1\",\n                        \"preText\": \"Front Door\",\n                        \"style\": \"primary\"\n                    },\n                    {\n                        \"id\": \"09e97a7d-c2db-4d87-b154-440f1fad8ed7\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Load Balancer\",\n                        \"subTarget\": \"tab2\",\n                        \"preText\": \"Load Balancer\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## App Gateway\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using Application Gateway v2 SKU. Check [this link](https://learn.microsoft.com/azure/application-gateway/overview-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgateways' | project id, compliant = properties.sku.name in ('Standard_v2', 'WAF_v2') | project id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Your Application Gateways v2 should be deployed in subnets with IP prefixes equal or larger than /24. Check [this link](https://learn.microsoft.com/azure/application-gateway/configuration-infrastructure#size-of-the-subnet) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/applicationgateways' | extend subnetId = tostring(properties.gatewayIPConfigurations[0].properties.subnet.id) | project id, subnetId | join (resources | where type=='microsoft.network/virtualnetworks' | project id,subnets=properties.subnets | mv-expand subnets | mv-expand subnets.properties.addressPrefixes | project id, subnetId = tostring(subnets.id), prefix1 = subnets.properties.addressPrefix, prefix2 = subnets.properties.addressPrefixes | mv-expand prefix2 | extend prefix = iff(isnotnull(prefix1), prefix1, prefix2) | extend subnetPrefixLength = split(prefix, '/')[1])on subnetId | extend compliant = (subnetPrefixLength <= 24 or subnetPrefixLength == 64) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Configure autoscaling with a minimum amount of instances of two. Check [this link](https://learn.microsoft.com/azure/application-gateway/application-gateway-autoscaling-zone-redundant) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext3\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(properties.autoscaleConfiguration) and properties.autoscaleConfiguration.minCapacity >= 2) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query3\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy Application Gateway across Availability Zones. Check [this link](https://learn.microsoft.com/azure/reliability/migrate-app-gateway-v2) for further information.. [This training](https://learn.microsoft.com/learn/paths/secure-application-delivery/) can help to educate yourself on this.\"\n                        },\n                        \"name\": \"querytext4\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type =~ 'microsoft.network/applicationGateways' | extend compliant = (isnotnull(zones) and array_length(zones) > 1) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query4\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Enable the Azure Application Gateway WAF bot protection rule set. The bot rules detect good and bad bots. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/ag/bot-protection) for further information.\"\n                        },\n                        \"name\": \"querytext10\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/applicationgatewaywebapplicationfirewallpolicies' | mv-expand properties.managedRules.managedRuleSets | project id, rulesettype = properties_managedRules_managedRuleSets.ruleSetType | extend compliant1 = (rulesettype == 'Microsoft_BotManagerRuleSet') | project id, compliant1 | summarize compliant = max(compliant1) by id | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query10\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Application Gateway in 'Prevention' mode. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext11\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query11\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Front Door\"\n                        },\n                        \"name\": \"tab1title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Deploy your WAF policy for Front Door in 'Prevention' mode' so that Web Application Firewall takes appropriate action to allow or deny traffic. Check [this link](https://learn.microsoft.com/azure/web-application-firewall/afds/waf-front-door-policy-settings) for further information.\"\n                        },\n                        \"name\": \"querytext5\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/frontdoorwebapplicationfirewallpolicies' | project policyName=name, policyId=id,policySku=sku.name, links=properties.securityPolicyLinks, enabledState=properties.policySettings.enabledState, mode=properties.policySettings.mode | mvexpand links | extend securityPolicy=links.id | extend securityPolicyParts=split(securityPolicy, '/') | extend profileId=strcat_array(array_slice(securityPolicyParts, 0, -3), '/') | project id=profileId, compliant=((enabledState=='Enabled') and (mode=='Prevention')), enabledState, mode | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query5\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Disable health probes when there is only one origin in an Azure Front Door origin group. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#disable-health-probes-when-theres-only-one-origin-in-an-origin-group) for further information.\"\n                        },\n                        \"name\": \"querytext6\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups/origins' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups')) | extend originGroupId = substring(id, 0, indexof(id, '/origins')) | join kind=inner (cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend originGroupName = name | extend hasHealthProbe = isnotnull(properties.healthProbeSettings)) on $left.originGroupId == $right.id | summarize numberOrigins = count() by originGroupId, subscriptionId, frontDoorId, hasHealthProbe, originGroupName | extend compliant = not(numberOrigins == 1 and hasHealthProbe) | project id = frontDoorId, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query6\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use HEAD health probes with Azure Front Door, to reduce the traffic that Front Door sends to your application. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-head-health-probes) for further information.\"\n                        },\n                        \"name\": \"querytext7\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/origingroups' | extend frontDoorId = substring(id, 0, indexof(id, '/origingroups/')) | extend compliant = (isnull(properties['healthProbeSettings']['probeRequestType']) or toupper(properties['healthProbeSettings']['probeRequestType']) == 'HEAD') | project compliant, id=frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query7\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use managed TLS certificates with Azure Front Door. Reduce operational cost and risk of outages due to certificate renewals. Check [this link](https://learn.microsoft.com/azure/frontdoor/best-practices#use-managed-tls-certificates) for further information.\"\n                        },\n                        \"name\": \"querytext9\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"cdnresources | where type =~ 'microsoft.cdn/profiles/customdomains' | extend frontDoorId = substring(id, 0, indexof(id, '/customdomains')) | extend compliant = (isnull(properties['tlsSettings']['certificateType']) or tolower(properties['tlsSettings']['certificateType']) =~ 'customercertificate') | project compliant, id = frontDoorId | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query9\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab1\"\n            },\n            \"name\": \"tab1\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Load Balancer\"\n                        },\n                        \"name\": \"tab2title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Ensure you are using the Standard SKU for your Azure Load Balancers. Check [this link](https://learn.microsoft.com/azure/load-balancer/load-balancer-overview) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.network/loadbalancers' | project id, compliant=(tolower(sku.name) == 'standard') | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Use Azure NAT Gateway instead of Load Balancer outbound rules for better SNAT scalability. Check [this link](https://learn.microsoft.com/azure/nat-gateway/nat-overview#outbound-connectivity) for further information.\"\n                        },\n                        \"name\": \"querytext8\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type=='microsoft.network/loadbalancers' | extend countOutRules=array_length(properties.outboundRules) | extend compliant = (countOutRules == 0) | distinct id,compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 4,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query8\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab2\"\n            },\n            \"name\": \"tab2\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
                 "version": "1.0",
                 "sourceId": "[parameters('workbookSourceId')]",
                 "category": "[parameters('workbookType')]"
diff --git a/workbooks/azure_storage_checklist.en_counters_workbook.json b/workbooks/azure_storage_checklist.en_counters_workbook.json
new file mode 100644
index 000000000..25180504b
--- /dev/null
+++ b/workbooks/azure_storage_checklist.en_counters_workbook.json
@@ -0,0 +1,536 @@
+{
+    "version": "Notebook/1.0",
+    "items": [
+        {
+            "type": 9,
+            "content": {
+                "version": "KqlParameterItem/1.0",
+                "parameters": [
+                    {
+                        "id": "497a107e-dde8-433e-b263-35ac8e8f7834",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "Subscription",
+                        "type": 6,
+                        "multiSelect": true,
+                        "quote": "'",
+                        "delimiter": ",",
+                        "typeSettings": {
+                            "additionalResourceOptions": [
+                                "value::all"
+                            ],
+                            "includeAll": true,
+                            "showDefault": false
+                        },
+                        "timeContext": {
+                            "durationMs": 86400000
+                        },
+                        "value": [
+                            "value::all"
+                        ]
+                    },
+                    {
+                        "id": "844e4f4e-df51-4e3c-8eaf-0dc78b92c721",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "OnlyFailed",
+                        "label": "Only show failed",
+                        "type": 2,
+                        "typeSettings": {
+                            "additionalResourceOptions": [],
+                            "showDefault": false
+                        },
+                        "jsonData": "[\r\n    { \"value\":true, \"label\":\"True\" },\r\n    { \"value\":false, \"label\":\"False\", \"selected\":true }\r\n]"
+                    }
+                ],
+                "style": "pills",
+                "queryType": 0,
+                "resourceType": "microsoft.operationalinsights/workspaces"
+            },
+            "name": "WorkbookSelectors"
+        },
+        {
+            "type": 1,
+            "content": {
+                "json": "If you set \"Only show failed\" to \"Yes\", the different queries will only show items that have failed their compliance checks.",
+                "style": "info"
+            },
+            "name": "InfoBox"
+        },
+        {
+            "type": 9,
+            "content": {
+                "version": "KqlParameterItem/1.0",
+                "crossComponentResources": [
+                    "value::all"
+                ],
+                "parameters": [
+                    {
+                        "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "Query0Stats",
+                        "type": 1,
+                        "query": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                        "crossComponentResources": [
+                            "{Subscription}"
+                        ],
+                        "isHiddenWhenLocked": true,
+                        "timeContext": {
+                            "durationMs": 86400000
+                        },
+                        "queryType": 1,
+                        "resourceType": "microsoft.resourcegraph/resources"
+                    },
+                    {
+                        "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "Query0FullyCompliant",
+                        "type": 1,
+                        "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query0Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                        "isHiddenWhenLocked": true,
+                        "timeContext": {
+                            "durationMs": 86400000
+                        },
+                        "queryType": 8
+                    },
+                    {
+                        "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "Query1Stats",
+                        "type": 1,
+                        "query": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                        "crossComponentResources": [
+                            "{Subscription}"
+                        ],
+                        "isHiddenWhenLocked": true,
+                        "timeContext": {
+                            "durationMs": 86400000
+                        },
+                        "queryType": 1,
+                        "resourceType": "microsoft.resourcegraph/resources"
+                    },
+                    {
+                        "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "Query1FullyCompliant",
+                        "type": 1,
+                        "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query1Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                        "isHiddenWhenLocked": true,
+                        "timeContext": {
+                            "durationMs": 86400000
+                        },
+                        "queryType": 8
+                    },
+                    {
+                        "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "Query2Stats",
+                        "type": 1,
+                        "query": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())",
+                        "crossComponentResources": [
+                            "{Subscription}"
+                        ],
+                        "isHiddenWhenLocked": true,
+                        "timeContext": {
+                            "durationMs": 86400000
+                        },
+                        "queryType": 1,
+                        "resourceType": "microsoft.resourcegraph/resources"
+                    },
+                    {
+                        "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "Query2FullyCompliant",
+                        "type": 1,
+                        "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"value\\\": \\\"{Query2Stats:$.FullyCompliant}\\\"}\",\"transformers\":null}",
+                        "isHiddenWhenLocked": true,
+                        "timeContext": {
+                            "durationMs": 86400000
+                        },
+                        "queryType": 8
+                    },
+                    {
+                        "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "Tab0Success",
+                        "type": 1,
+                        "isHiddenWhenLocked": true,
+                        "timeContext": {
+                            "durationMs": 86400000
+                        },
+                        "criteriaData": [
+                            {
+                                "criteriaContext": {
+                                    "operator": "Default",
+                                    "resultValType": "expression",
+                                    "resultVal": "{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}"
+                                }
+                            }
+                        ]
+                    },
+                    {
+                        "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "Tab0Total",
+                        "type": 1,
+                        "isHiddenWhenLocked": true,
+                        "timeContext": {
+                            "durationMs": 86400000
+                        },
+                        "criteriaData": [
+                            {
+                                "criteriaContext": {
+                                    "operator": "Default",
+                                    "resultValType": "expression",
+                                    "resultVal": "{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}"
+                                }
+                            }
+                        ]
+                    },
+                    {
+                        "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "Tab0Percent",
+                        "type": 1,
+                        "isHiddenWhenLocked": true,
+                        "timeContext": {
+                            "durationMs": 86400000
+                        },
+                        "criteriaData": [
+                            {
+                                "criteriaContext": {
+                                    "operator": "Default",
+                                    "resultValType": "expression",
+                                    "resultVal": "round(100*{Tab0Success}/{Tab0Total})"
+                                }
+                            }
+                        ]
+                    },
+                    {
+                        "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "WorkbookTotal",
+                        "type": 1,
+                        "isHiddenWhenLocked": true,
+                        "timeContext": {
+                            "durationMs": 86400000
+                        },
+                        "criteriaData": [
+                            {
+                                "criteriaContext": {
+                                    "operator": "Default",
+                                    "resultValType": "expression",
+                                    "resultVal": "{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}"
+                                }
+                            }
+                        ]
+                    },
+                    {
+                        "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "WorkbookSuccess",
+                        "type": 1,
+                        "isHiddenWhenLocked": true,
+                        "timeContext": {
+                            "durationMs": 86400000
+                        },
+                        "criteriaData": [
+                            {
+                                "criteriaContext": {
+                                    "operator": "Default",
+                                    "resultValType": "expression",
+                                    "resultVal": "{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}"
+                                }
+                            }
+                        ]
+                    },
+                    {
+                        "id": "daf05c62-1d5b-4325-b241-d7ee468f23eb",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "WorkbookPercent",
+                        "type": 1,
+                        "isHiddenWhenLocked": true,
+                        "timeContext": {
+                            "durationMs": 86400000
+                        },
+                        "criteriaData": [
+                            {
+                                "criteriaContext": {
+                                    "operator": "Default",
+                                    "resultValType": "expression",
+                                    "resultVal": "round(100*{WorkbookSuccess}/{WorkbookTotal})"
+                                }
+                            }
+                        ]
+                    }
+                ],
+                "style": "pills",
+                "queryType": 1,
+                "resourceType": "microsoft.resourcegraph/resources"
+            },
+            "name": "InvisibleParameters"
+        },
+        {
+            "type": 1,
+            "content": {
+                "json": "## Azure Storage Review Checklist\n\n---\n\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\n\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new)."
+            },
+            "customWidth": "50",
+            "name": "MarkdownHeader"
+        },
+        {
+            "type": 3,
+            "content": {
+                "version": "KqlItem/1.0",
+                "query": "{\"version\":\"1.0.0\",\"content\":\"{\\\"WorkbookPercent\\\": \\\"{WorkbookPercent}\\\", \\\"SubTitle\\\": \\\"Percent of successful checks\\\"}\",\"transformers\":null}",
+                "size": 4,
+                "queryType": 8,
+                "visualization": "tiles",
+                "tileSettings": {
+                    "titleContent": {
+                        "columnMatch": "WorkbookPercent",
+                        "formatter": 4,
+                        "formatOptions": {
+                            "min": 0,
+                            "max": 100,
+                            "palette": "redGreen"
+                        }
+                    },
+                    "subtitleContent": {
+                        "columnMatch": "SubTitle",
+                        "formatter": 1
+                    },
+                    "showBorder": true
+                }
+            },
+            "customWidth": "50",
+            "name": "ProgressTile"
+        },
+        {
+            "type": 11,
+            "content": {
+                "version": "LinkItem/1.0",
+                "style": "tabs",
+                "links": [
+                    {
+                        "id": "5e966a67-2168-4f58-b32e-e3e4c1249f78",
+                        "cellValue": "VisibleTab",
+                        "linkTarget": "parameter",
+                        "linkLabel": "Security ({Tab0Success:value}/{Tab0Total:value})",
+                        "subTarget": "tab0",
+                        "preText": "Security",
+                        "style": "primary"
+                    }
+                ]
+            },
+            "name": "Tabs"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Security"
+                        },
+                        "name": "tab0title"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "Enforce the latest TLS version for a storage account. Check [this link](https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version) for further information."
+                        },
+                        "name": "querytext0"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 0,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query0"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "Consider disabling storage account keys, so that only Microsoft Entra ID access (and user delegation SAS) is supported. Check [this link](https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key) for further information."
+                        },
+                        "name": "querytext1"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 0,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query1"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "Consider whether public blob anonymous access is needed, or whether it can be disabled for certain storage accounts. Check [this link](https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account) for further information."
+                        },
+                        "name": "querytext2"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 0,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query2"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab0"
+            },
+            "name": "tab0"
+        }
+    ],
+    "$schema": "https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json"
+}
\ No newline at end of file
diff --git a/workbooks/azure_storage_checklist.en_counters_workbook_template.json b/workbooks/azure_storage_checklist.en_counters_workbook_template.json
new file mode 100644
index 000000000..d7617ccf9
--- /dev/null
+++ b/workbooks/azure_storage_checklist.en_counters_workbook_template.json
@@ -0,0 +1,57 @@
+{
+    "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
+    "contentVersion": "1.0.0.0",
+    "parameters": {
+        "workbookDisplayName": {
+            "type": "string",
+            "defaultValue": "Azure Storage Review Checklist",
+            "metadata": {
+                "description": "The friendly name for the workbook that is used in the Gallery or Saved List. Needs to be unique in the scope of the resource group and source"
+            }
+        },
+        "workbookType": {
+            "type": "string",
+            "defaultValue": "workbook",
+            "metadata": {
+                "description": "The gallery that the workbook will be shown under. Supported values include workbook, `tsg`, Azure Monitor, etc."
+            }
+        },
+        "workbookSourceId": {
+            "type": "string",
+            "defaultValue": "Azure Monitor",
+            "metadata": {
+                "description": "The id of resource instance to which the workbook will be associated"
+            }
+        },
+        "workbookId": {
+            "type": "string",
+            "defaultValue": "[newGuid()]",
+            "metadata": {
+                "description": "The unique guid for this workbook instance"
+            }
+        }
+    },
+    "resources": [
+        {
+            "name": "[parameters('workbookId')]",
+            "type": "Microsoft.Insights/workbooks",
+            "location": "[resourceGroup().location]",
+            "kind": "shared",
+            "apiVersion": "2018-06-17-preview",
+            "dependsOn": [],
+            "properties": {
+                "displayName": "[parameters('workbookDisplayName')]",
+                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"crossComponentResources\": [\n                    \"value::all\"\n                ],\n                \"parameters\": [\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query0FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query0Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query1FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query1Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2Stats\",\n                        \"type\": 1,\n                        \"query\": \"resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant| summarize Total = count(), Success = countif(compliant==1), Failed = countif(compliant==0) | extend SuccessPercent = iff(Total==0, 100, 100*toint(Success)/toint(Total)) | extend FullyCompliant = iff(SuccessPercent == 100, 'Yes', 'No') | project Query1Stats=tostring(pack_all())\",\n                        \"crossComponentResources\": [\n                            \"{Subscription}\"\n                        ],\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 1,\n                        \"resourceType\": \"microsoft.resourcegraph/resources\"\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Query2FullyCompliant\",\n                        \"type\": 1,\n                        \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"value\\\\\\\": \\\\\\\"{Query2Stats:$.FullyCompliant}\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"queryType\": 8\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Success\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Total\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Tab0Percent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{Tab0Success}/{Tab0Total})\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookTotal\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Total}+{Query1Stats:$.Total}+{Query2Stats:$.Total}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookSuccess\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"{Query0Stats:$.Success}+{Query1Stats:$.Success}+{Query2Stats:$.Success}\"\n                                }\n                            }\n                        ]\n                    },\n                    {\n                        \"id\": \"daf05c62-1d5b-4325-b241-d7ee468f23eb\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"WorkbookPercent\",\n                        \"type\": 1,\n                        \"isHiddenWhenLocked\": true,\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"criteriaData\": [\n                            {\n                                \"criteriaContext\": {\n                                    \"operator\": \"Default\",\n                                    \"resultValType\": \"expression\",\n                                    \"resultVal\": \"round(100*{WorkbookSuccess}/{WorkbookTotal})\"\n                                }\n                            }\n                        ]\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 1,\n                \"resourceType\": \"microsoft.resourcegraph/resources\"\n            },\n            \"name\": \"InvisibleParameters\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Storage Review Checklist\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 3,\n            \"content\": {\n                \"version\": \"KqlItem/1.0\",\n                \"query\": \"{\\\"version\\\":\\\"1.0.0\\\",\\\"content\\\":\\\"{\\\\\\\"WorkbookPercent\\\\\\\": \\\\\\\"{WorkbookPercent}\\\\\\\", \\\\\\\"SubTitle\\\\\\\": \\\\\\\"Percent of successful checks\\\\\\\"}\\\",\\\"transformers\\\":null}\",\n                \"size\": 4,\n                \"queryType\": 8,\n                \"visualization\": \"tiles\",\n                \"tileSettings\": {\n                    \"titleContent\": {\n                        \"columnMatch\": \"WorkbookPercent\",\n                        \"formatter\": 4,\n                        \"formatOptions\": {\n                            \"min\": 0,\n                            \"max\": 100,\n                            \"palette\": \"redGreen\"\n                        }\n                    },\n                    \"subtitleContent\": {\n                        \"columnMatch\": \"SubTitle\",\n                        \"formatter\": 1\n                    },\n                    \"showBorder\": true\n                }\n            },\n            \"customWidth\": \"50\",\n            \"name\": \"ProgressTile\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"5e966a67-2168-4f58-b32e-e3e4c1249f78\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Security ({Tab0Success:value}/{Tab0Total:value})\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Security\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Security\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Enforce the latest TLS version for a storage account. Check [this link](https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version) for further information.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Consider disabling storage account keys, so that only Microsoft Entra ID access (and user delegation SAS) is supported. Check [this link](https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Consider whether public blob anonymous access is needed, or whether it can be disabled for certain storage accounts. Check [this link](https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account) for further information.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
+                "version": "1.0",
+                "sourceId": "[parameters('workbookSourceId')]",
+                "category": "[parameters('workbookType')]"
+            }
+        }
+    ],
+    "outputs": {
+        "workbookId": {
+            "type": "string",
+            "value": "[resourceId( 'Microsoft.Insights/workbooks', parameters('workbookId'))]"
+        }
+    }
+}
\ No newline at end of file
diff --git a/workbooks/azure_storage_checklist.en_workbook.json b/workbooks/azure_storage_checklist.en_workbook.json
new file mode 100644
index 000000000..301d081aa
--- /dev/null
+++ b/workbooks/azure_storage_checklist.en_workbook.json
@@ -0,0 +1,295 @@
+{
+    "version": "Notebook/1.0",
+    "items": [
+        {
+            "type": 9,
+            "content": {
+                "version": "KqlParameterItem/1.0",
+                "parameters": [
+                    {
+                        "id": "497a107e-dde8-433e-b263-35ac8e8f7834",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "Subscription",
+                        "type": 6,
+                        "multiSelect": true,
+                        "quote": "'",
+                        "delimiter": ",",
+                        "typeSettings": {
+                            "additionalResourceOptions": [
+                                "value::all"
+                            ],
+                            "includeAll": true,
+                            "showDefault": false
+                        },
+                        "timeContext": {
+                            "durationMs": 86400000
+                        },
+                        "value": [
+                            "value::all"
+                        ]
+                    },
+                    {
+                        "id": "844e4f4e-df51-4e3c-8eaf-0dc78b92c721",
+                        "version": "KqlParameterItem/1.0",
+                        "name": "OnlyFailed",
+                        "label": "Only show failed",
+                        "type": 2,
+                        "typeSettings": {
+                            "additionalResourceOptions": [],
+                            "showDefault": false
+                        },
+                        "jsonData": "[\r\n    { \"value\":true, \"label\":\"True\" },\r\n    { \"value\":false, \"label\":\"False\", \"selected\":true }\r\n]"
+                    }
+                ],
+                "style": "pills",
+                "queryType": 0,
+                "resourceType": "microsoft.operationalinsights/workspaces"
+            },
+            "name": "WorkbookSelectors"
+        },
+        {
+            "type": 1,
+            "content": {
+                "json": "If you set \"Only show failed\" to \"Yes\", the different queries will only show items that have failed their compliance checks.",
+                "style": "info"
+            },
+            "name": "InfoBox"
+        },
+        {
+            "type": 1,
+            "content": {
+                "json": "## Azure Storage Review Checklist\n\n---\n\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\n\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new)."
+            },
+            "customWidth": "100",
+            "name": "MarkdownHeader"
+        },
+        {
+            "type": 11,
+            "content": {
+                "version": "LinkItem/1.0",
+                "style": "tabs",
+                "links": [
+                    {
+                        "id": "96368cbd-901b-4d5b-99ae-0aff2aa05fc0",
+                        "cellValue": "VisibleTab",
+                        "linkTarget": "parameter",
+                        "linkLabel": "Security",
+                        "subTarget": "tab0",
+                        "preText": "Security",
+                        "style": "primary"
+                    }
+                ]
+            },
+            "name": "Tabs"
+        },
+        {
+            "type": 12,
+            "content": {
+                "version": "NotebookGroup/1.0",
+                "groupType": "editable",
+                "items": [
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "## Security"
+                        },
+                        "name": "tab0title"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "Enforce the latest TLS version for a storage account. Check [this link](https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version) for further information."
+                        },
+                        "name": "querytext0"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 0,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query0"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "Consider disabling storage account keys, so that only Microsoft Entra ID access (and user delegation SAS) is supported. Check [this link](https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key) for further information."
+                        },
+                        "name": "querytext1"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 0,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query1"
+                    },
+                    {
+                        "type": 1,
+                        "content": {
+                            "json": "Consider whether public blob anonymous access is needed, or whether it can be disabled for certain storage accounts. Check [this link](https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account) for further information."
+                        },
+                        "name": "querytext2"
+                    },
+                    {
+                        "type": 3,
+                        "content": {
+                            "version": "KqlItem/1.0",
+                            "query": "resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed",
+                            "size": 0,
+                            "queryType": 1,
+                            "resourceType": "microsoft.resourcegraph/resources",
+                            "crossComponentResources": [
+                                "{Subscription}"
+                            ],
+                            "gridSettings": {
+                                "formatters": [
+                                    {
+                                        "columnMatch": "id",
+                                        "formatter": 0,
+                                        "numberFormat": {
+                                            "unit": 0,
+                                            "options": {
+                                                "style": "decimal"
+                                            }
+                                        }
+                                    },
+                                    {
+                                        "columnMatch": "compliant",
+                                        "formatter": 18,
+                                        "formatOptions": {
+                                            "thresholdsOptions": "icons",
+                                            "thresholdsGrid": [
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "1",
+                                                    "representation": "success",
+                                                    "text": "Success"
+                                                },
+                                                {
+                                                    "operator": "==",
+                                                    "thresholdValue": "0",
+                                                    "representation": "failed",
+                                                    "text": "Failed"
+                                                },
+                                                {
+                                                    "operator": "Default",
+                                                    "thresholdValue": null,
+                                                    "representation": "unknown",
+                                                    "text": "Unknown"
+                                                }
+                                            ]
+                                        }
+                                    }
+                                ]
+                            }
+                        },
+                        "name": "query2"
+                    }
+                ]
+            },
+            "conditionalVisibility": {
+                "parameterName": "VisibleTab",
+                "comparison": "isEqualTo",
+                "value": "tab0"
+            },
+            "name": "tab0"
+        }
+    ],
+    "$schema": "https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json"
+}
\ No newline at end of file
diff --git a/workbooks/azure_storage_checklist.en_workbook_template.json b/workbooks/azure_storage_checklist.en_workbook_template.json
new file mode 100644
index 000000000..181bff32d
--- /dev/null
+++ b/workbooks/azure_storage_checklist.en_workbook_template.json
@@ -0,0 +1,57 @@
+{
+    "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
+    "contentVersion": "1.0.0.0",
+    "parameters": {
+        "workbookDisplayName": {
+            "type": "string",
+            "defaultValue": "Azure Storage Review Checklist",
+            "metadata": {
+                "description": "The friendly name for the workbook that is used in the Gallery or Saved List. Needs to be unique in the scope of the resource group and source"
+            }
+        },
+        "workbookType": {
+            "type": "string",
+            "defaultValue": "workbook",
+            "metadata": {
+                "description": "The gallery that the workbook will be shown under. Supported values include workbook, `tsg`, Azure Monitor, etc."
+            }
+        },
+        "workbookSourceId": {
+            "type": "string",
+            "defaultValue": "Azure Monitor",
+            "metadata": {
+                "description": "The id of resource instance to which the workbook will be associated"
+            }
+        },
+        "workbookId": {
+            "type": "string",
+            "defaultValue": "[newGuid()]",
+            "metadata": {
+                "description": "The unique guid for this workbook instance"
+            }
+        }
+    },
+    "resources": [
+        {
+            "name": "[parameters('workbookId')]",
+            "type": "Microsoft.Insights/workbooks",
+            "location": "[resourceGroup().location]",
+            "kind": "shared",
+            "apiVersion": "2018-06-17-preview",
+            "dependsOn": [],
+            "properties": {
+                "displayName": "[parameters('workbookDisplayName')]",
+                "serializedData": "{\n    \"version\": \"Notebook/1.0\",\n    \"items\": [\n        {\n            \"type\": 9,\n            \"content\": {\n                \"version\": \"KqlParameterItem/1.0\",\n                \"parameters\": [\n                    {\n                        \"id\": \"497a107e-dde8-433e-b263-35ac8e8f7834\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"Subscription\",\n                        \"type\": 6,\n                        \"multiSelect\": true,\n                        \"quote\": \"'\",\n                        \"delimiter\": \",\",\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [\n                                \"value::all\"\n                            ],\n                            \"includeAll\": true,\n                            \"showDefault\": false\n                        },\n                        \"timeContext\": {\n                            \"durationMs\": 86400000\n                        },\n                        \"value\": [\n                            \"value::all\"\n                        ]\n                    },\n                    {\n                        \"id\": \"844e4f4e-df51-4e3c-8eaf-0dc78b92c721\",\n                        \"version\": \"KqlParameterItem/1.0\",\n                        \"name\": \"OnlyFailed\",\n                        \"label\": \"Only show failed\",\n                        \"type\": 2,\n                        \"typeSettings\": {\n                            \"additionalResourceOptions\": [],\n                            \"showDefault\": false\n                        },\n                        \"jsonData\": \"[\\r\\n    { \\\"value\\\":true, \\\"label\\\":\\\"True\\\" },\\r\\n    { \\\"value\\\":false, \\\"label\\\":\\\"False\\\", \\\"selected\\\":true }\\r\\n]\"\n                    }\n                ],\n                \"style\": \"pills\",\n                \"queryType\": 0,\n                \"resourceType\": \"microsoft.operationalinsights/workspaces\"\n            },\n            \"name\": \"WorkbookSelectors\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"If you set \\\"Only show failed\\\" to \\\"Yes\\\", the different queries will only show items that have failed their compliance checks.\",\n                \"style\": \"info\"\n            },\n            \"name\": \"InfoBox\"\n        },\n        {\n            \"type\": 1,\n            \"content\": {\n                \"json\": \"## Azure Storage Review Checklist\\n\\n---\\n\\nThis workbook has been automatically generated out of the checklists in the [Azure Review Checklists repo](https://github.com/Azure/review-checklists). This repo contains best practices and recommendations around generic Landing Zones as well as specific services such as Azure Virtual Desktop, Azure Kubernetes Service or Azure VMware Solution, to name a few. This repository of best practices is curated by Azure engineers, but open to anybody to contribute.\\n\\nIf you see a problem in the queries that are part of this workbook, please open a Github issue [here](https://github.com/Azure/review-checklists/issues/new).\"\n            },\n            \"customWidth\": \"100\",\n            \"name\": \"MarkdownHeader\"\n        },\n        {\n            \"type\": 11,\n            \"content\": {\n                \"version\": \"LinkItem/1.0\",\n                \"style\": \"tabs\",\n                \"links\": [\n                    {\n                        \"id\": \"96368cbd-901b-4d5b-99ae-0aff2aa05fc0\",\n                        \"cellValue\": \"VisibleTab\",\n                        \"linkTarget\": \"parameter\",\n                        \"linkLabel\": \"Security\",\n                        \"subTarget\": \"tab0\",\n                        \"preText\": \"Security\",\n                        \"style\": \"primary\"\n                    }\n                ]\n            },\n            \"name\": \"Tabs\"\n        },\n        {\n            \"type\": 12,\n            \"content\": {\n                \"version\": \"NotebookGroup/1.0\",\n                \"groupType\": \"editable\",\n                \"items\": [\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"## Security\"\n                        },\n                        \"name\": \"tab0title\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Enforce the latest TLS version for a storage account. Check [this link](https://learn.microsoft.com/azure/storage/common/transport-layer-security-configure-minimum-version) for further information.\"\n                        },\n                        \"name\": \"querytext0\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (isnull(properties.minimumTlsVersion) == false and properties.minimumTlsVersion in ('TLS1_2', 'TLS1_3')) | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query0\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Consider disabling storage account keys, so that only Microsoft Entra ID access (and user delegation SAS) is supported. Check [this link](https://learn.microsoft.com/rest/api/storageservices/authorize-with-shared-key) for further information.\"\n                        },\n                        \"name\": \"querytext1\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.storage/storageaccounts' | extend allowSharedKeyAccess = tostring(properties.allowSharedKeyAccess) | extend compliant = (isnotempty(allowSharedKeyAccess) and allowSharedKeyAccess == 'false') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query1\"\n                    },\n                    {\n                        \"type\": 1,\n                        \"content\": {\n                            \"json\": \"Consider whether public blob anonymous access is needed, or whether it can be disabled for certain storage accounts. Check [this link](https://learn.microsoft.com/azure/storage/blobs/anonymous-read-access-configure?tabs=portal#allow-or-disallow-public-read-access-for-a-storage-account) for further information.\"\n                        },\n                        \"name\": \"querytext2\"\n                    },\n                    {\n                        \"type\": 3,\n                        \"content\": {\n                            \"version\": \"KqlItem/1.0\",\n                            \"query\": \"resources | where type == 'microsoft.storage/storageaccounts' | extend compliant = (properties.allowBlobPublicAccess == 'false') | distinct id, compliant | extend onlyFailed = {OnlyFailed:label} | where compliant == 0 or not (onlyFailed == 1) | project-away onlyFailed\",\n                            \"size\": 0,\n                            \"queryType\": 1,\n                            \"resourceType\": \"microsoft.resourcegraph/resources\",\n                            \"crossComponentResources\": [\n                                \"{Subscription}\"\n                            ],\n                            \"gridSettings\": {\n                                \"formatters\": [\n                                    {\n                                        \"columnMatch\": \"id\",\n                                        \"formatter\": 0,\n                                        \"numberFormat\": {\n                                            \"unit\": 0,\n                                            \"options\": {\n                                                \"style\": \"decimal\"\n                                            }\n                                        }\n                                    },\n                                    {\n                                        \"columnMatch\": \"compliant\",\n                                        \"formatter\": 18,\n                                        \"formatOptions\": {\n                                            \"thresholdsOptions\": \"icons\",\n                                            \"thresholdsGrid\": [\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"1\",\n                                                    \"representation\": \"success\",\n                                                    \"text\": \"Success\"\n                                                },\n                                                {\n                                                    \"operator\": \"==\",\n                                                    \"thresholdValue\": \"0\",\n                                                    \"representation\": \"failed\",\n                                                    \"text\": \"Failed\"\n                                                },\n                                                {\n                                                    \"operator\": \"Default\",\n                                                    \"thresholdValue\": null,\n                                                    \"representation\": \"unknown\",\n                                                    \"text\": \"Unknown\"\n                                                }\n                                            ]\n                                        }\n                                    }\n                                ]\n                            }\n                        },\n                        \"name\": \"query2\"\n                    }\n                ]\n            },\n            \"conditionalVisibility\": {\n                \"parameterName\": \"VisibleTab\",\n                \"comparison\": \"isEqualTo\",\n                \"value\": \"tab0\"\n            },\n            \"name\": \"tab0\"\n        }\n    ],\n    \"$schema\": \"https://github.com/Microsoft/Application-Insights-Workbooks/blob/master/schema/workbook.json\"\n}",
+                "version": "1.0",
+                "sourceId": "[parameters('workbookSourceId')]",
+                "category": "[parameters('workbookType')]"
+            }
+        }
+    ],
+    "outputs": {
+        "workbookId": {
+            "type": "string",
+            "value": "[resourceId( 'Microsoft.Insights/workbooks', parameters('workbookId'))]"
+        }
+    }
+}
\ No newline at end of file