From de70a4890484fed0eceb72d76f5d69a4a50dd1be Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Wed, 28 Oct 2020 10:48:02 -0700 Subject: [PATCH 01/26] Added 20H2 Policy CSP DDF --- .../client-management/mdm/policy-ddf-file.md | 746 +++++++++++++++++- 1 file changed, 743 insertions(+), 3 deletions(-) diff --git a/windows/client-management/mdm/policy-ddf-file.md b/windows/client-management/mdm/policy-ddf-file.md index 27c1aceaf0..88231009d5 100644 --- a/windows/client-management/mdm/policy-ddf-file.md +++ b/windows/client-management/mdm/policy-ddf-file.md @@ -10,7 +10,7 @@ ms.prod: w10 ms.technology: windows author: manikadhiman ms.localizationpriority: medium -ms.date: 06/03/2020 +ms.date: 10/28/2020 --- # Policy DDF file @@ -20,6 +20,7 @@ This topic shows the OMA DM device description framework (DDF) for the **Policy* You can view various Policy DDF files by clicking the following links: +- [View the Policy DDF file for Windows 10, version 20H2](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/PolicyDDF_all_20H2.xml) - [View the Policy DDF file for Windows 10, version 2004](https://download.microsoft.com/download/4/0/f/40f9ec45-3bea-442c-8afd-21edc1e057d8/PolicyDDF_all_2004.xml) - [View the Policy DDF file for Windows 10, version 1903](https://download.microsoft.com/download/0/C/D/0CD61812-8B9C-4846-AC4A-1545BFD201EE/PolicyDDF_all_1903.xml) - [View the Policy DDF file for Windows 10, version 1809](https://download.microsoft.com/download/7/3/5/735B8537-82F4-4CD1-B059-93984F9FAAC5/Policy_DDF_all_1809.xml) @@ -32,7 +33,7 @@ You can view various Policy DDF files by clicking the following links: You can download DDF files for various CSPs from [CSP DDF files download](configuration-service-provider-reference.md#csp-ddf-files-download). -The XML below is the DDF for Windows 10, version 2004. +The XML below is the DDF for Windows 10, version 20H2. ```xml @@ -8713,6 +8714,52 @@ Related policy: + + Multitasking + + + + + + + + + + + + + + + + + + + + + BrowserAltTabBlowout + + + + + + + + Configures the inclusion of Edge tabs into Alt-Tab. + + + + + + + + + + + text/plain + + + + Notifications @@ -18919,6 +18966,55 @@ Related policy: + + Multitasking + + + + + + + + + + + + + + + + + + + BrowserAltTabBlowout + + + + + 1 + Configures the inclusion of Edge tabs into Alt-Tab. + + + + + + + + + + + text/plain + + + phone + multitasking.admx + AltTabFilterDropdown + multitasking~AT~WindowsComponents~MULTITASKING + MultiTaskingAltTabFilter + LastWrite + + + Notifications @@ -29757,6 +29853,30 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor + + DisableCloudOptimizedContent + + + + + + + + This policy controls Windows experiences that use the cloud optimized content client component. If you enable this policy, they will present only default content. If you disable or do not configure this policy, they will be able to use cloud provided content. + + + + + + + + + + + text/plain + + + DoNotShowFeedbackNotifications @@ -38353,6 +38473,60 @@ The options are: + + LocalUsersAndGroups + + + + + + + + + + + + + + + + + + + + + Configure + + + + + + + + This Setting allows an administrator to manage local groups on a Device. + Possible settings: + 1. Update Group Membership: Update a group and add and/or remove members though the 'U' action. + When using Update, existing group members that are not specified in the policy remain untouched. + 2. Replace Group Membership: Restrict a group by replacing group membership through the 'R' action. + When using Replace, existing group membership is replaced by the list of members specified in + the add member section. This option works in the same way as a Restricted Group and any group + members that are not specified in the policy are removed. + Caution: If the same group is configured with both Replace and Update, then Replace will win. + + + + + + + + + + + text/plain + + + + LockDown @@ -38563,6 +38737,172 @@ The options are: + + MixedReality + + + + + + + + + + + + + + + + + + + + + AADGroupMembershipCacheValidityInDays + + + + + + + + + + + + + + + + + + + text/plain + + + + + BrightnessButtonDisabled + + + + + + + + + + + + + + + + + + + text/plain + + + + + FallbackDiagnostics + + + + + + + + + + + + + + + + + + + text/plain + + + + + HeadTrackingMode + + + + + + + + + + + + + + + + + + + text/plain + + + + + MicrophoneDisabled + + + + + + + + + + + + + + + + + + + text/plain + + + + + VolumeButtonDisabled + + + + + + + + + + + + + + + + + + + text/plain + + + + MSSecurityGuide @@ -47384,6 +47724,30 @@ If you disable or do not configure this policy setting, the wake setting as spec + + DisableWUfBSafeguards + + + + + + + + + + + + + + + + + + + text/plain + + + EngagedRestartDeadline @@ -48152,6 +48516,30 @@ If you disable or do not configure this policy setting, the wake setting as spec + + SetProxyBehaviorForUpdateDetection + + + + + + + + + + + + + + + + + + + text/plain + + + TargetReleaseVersion @@ -61298,6 +61686,33 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor LowestValueMostSecure + + DisableCloudOptimizedContent + + + + + 0 + This policy controls Windows experiences that use the cloud optimized content client component. If you enable this policy, they will present only default content. If you disable or do not configure this policy, they will be able to use cloud provided content. + + + + + + + + + + + text/plain + + + CloudContent.admx + CloudContent~AT~WindowsComponents~CloudContent + DisableCloudOptimizedContent + HighestValueMostSecure + + DoNotShowFeedbackNotifications @@ -70811,6 +71226,116 @@ The options are: + + LocalUsersAndGroups + + + + + + + + + + + + + + + + + + + Configure + + + + + + This Setting allows an administrator to manage local groups on a Device. + Possible settings: + 1. Update Group Membership: Update a group and add and/or remove members though the 'U' action. + When using Update, existing group members that are not specified in the policy remain untouched. + 2. Replace Group Membership: Restrict a group by replacing group membership through the 'R' action. + When using Replace, existing group membership is replaced by the list of members specified in + the add member section. This option works in the same way as a Restricted Group and any group + members that are not specified in the policy are removed. + Caution: If the same group is configured with both Replace and Update, then Replace will win. + + + + + + + + + + + text/plain + + phone + LastWrite + + + + + + + + + + + + Group Configuration Action + + + + + + + + Group Member to Add + + + + + + + + Group Member to Remove + + + + + + + + Group property to configure + + + + + + + + + + + + + + + + Local Group Configuration + + + + + + + + + LockDown @@ -71027,6 +71552,170 @@ The options are: + + MixedReality + + + + + + + + + + + + + + + + + + + AADGroupMembershipCacheValidityInDays + + + + + 0 + + + + + + + + + + + + text/plain + + + LastWrite + + + + BrightnessButtonDisabled + + + + + 0 + + + + + + + + + + + + text/plain + + + HighestValueMostSecure + + + + FallbackDiagnostics + + + + + 2 + + + + + + + + + + + + text/plain + + + LastWrite + + + + HeadTrackingMode + + + + + 0 + + + + + + + + + + + + text/plain + + + LastWrite + + + + MicrophoneDisabled + + + + + 0 + + + + + + + + + + + + text/plain + + + HighestValueMostSecure + + + + VolumeButtonDisabled + + + + + 0 + + + + + + + + + + + + text/plain + + + HighestValueMostSecure + + + MSSecurityGuide @@ -80733,6 +81422,30 @@ If you disable or do not configure this policy setting, the wake setting as spec LastWrite + + DisableWUfBSafeguards + + + + + 0 + + + + + + + + + + + + text/plain + + + LastWrite + + EngagedRestartDeadline @@ -81607,6 +82320,34 @@ If you disable or do not configure this policy setting, the wake setting as spec LastWrite + + SetProxyBehaviorForUpdateDetection + + + + + 0 + + + + + + + + + + + + text/plain + + + WindowsUpdate.admx + SetProxyBehaviorForUpdateDetection + WindowsUpdate~AT~WindowsComponents~WindowsUpdateCat + CorpWuURL + LastWrite + + TargetReleaseVersion @@ -83951,5 +84692,4 @@ Note: The first sign-in animation will not be shown on Server, so this policy wi - ``` From 203b81b89331e19ccf432301e6685038b57d8fff Mon Sep 17 00:00:00 2001 From: Andy Rivas <45184653+andyrivMSFT@users.noreply.github.com> Date: Mon, 2 Nov 2020 08:32:26 -0800 Subject: [PATCH 02/26] Update waas-delivery-optimization-reference.md Adding clarification for customer to add as type = text on their DHCP custom option. DO client expects a string when processing the DHCP option. --- .../deployment/update/waas-delivery-optimization-reference.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/waas-delivery-optimization-reference.md b/windows/deployment/update/waas-delivery-optimization-reference.md index b101477546..29f8b473d8 100644 --- a/windows/deployment/update/waas-delivery-optimization-reference.md +++ b/windows/deployment/update/waas-delivery-optimization-reference.md @@ -249,7 +249,7 @@ This policy allows you to specify how your client(s) can discover Delivery Optim with either option, the client will query DHCP Option ID 235 and use the returned value as the Cache Server Hostname. Option 2 overrides the Cache Server Hostname policy, if set. -Set this policy to designate one or more Delivery Optimization in Network Cache servers through a custom DHCP Option. You can add one or more value either fully qualified domain names (FQDN) or IP addresses. To add multiple values, separate each FQDN or IP address by commas. +Set this policy to designate one or more Delivery Optimization in Network Cache servers through a custom DHCP Option. Specify the custom DHCP option on your server as text type. You can add one or more value either fully qualified domain names (FQDN) or IP addresses. To add multiple values, separate each FQDN or IP address by commas. > [!NOTE] > If you format the DHCP Option ID incorrectly, the client will fall back to the Cache Server Hostname policy value if that value has been set. From f99b15f246ac4a630f8a11e4f88f0aaa33e5b378 Mon Sep 17 00:00:00 2001 From: ShannonLeavitt Date: Tue, 3 Nov 2020 10:02:04 -0700 Subject: [PATCH 03/26] acrolinx fixes --- .../smart-card-debugging-information.md | 26 +++++++++---------- .../bitlocker/bitlocker-and-adds-faq.md | 6 ++--- .../security/information-protection/index.md | 2 +- 3 files changed, 17 insertions(+), 17 deletions(-) diff --git a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md index 4bf706bbbc..f5268739ca 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md +++ b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md @@ -109,7 +109,7 @@ To stop a trace: - **logman -stop scardsvr -ets** -## Kerberos protocol, KDC and NTLM debugging and tracing +## Kerberos protocol, KDC, and NTLM debugging and tracing @@ -123,7 +123,7 @@ To begin tracing, you can use Tracelog. Different components use different contr ### NTLM -To enable tracing for NTLM authentication, run the following at the command line: +To enable tracing for NTLM authentication, run the following command on the command line: - **tracelog.exe -kd -rt -start ntlm -guid \#5BBB6C18-AA45-49b1-A15F-085F7ED0AA90 -f .\\ntlm.etl -flags 0x15003 -ft 1** @@ -143,11 +143,11 @@ To stop tracing for Kerberos authentication, run this command: ### KDC -To enable tracing for the Key Distribution Center (KDC), run the following at the command line: +To enable tracing for the Key Distribution Center (KDC), run the following command on the command line: - **tracelog.exe -kd -rt -start kdc -guid \#1BBA8B19-7F31-43c0-9643-6E911F79A06B -f .\\kdc.etl -flags 0x803 -ft 1** -To stop tracing for the KDC, run the following at the command line: +To stop tracing for the KDC, run the following command on the command line: - **tracelog.exe -stop kdc** @@ -184,11 +184,11 @@ The smart card resource manager service runs in the context of a local service. **To check if Smart Card service is running** -1. Press CTRL+ALT+DEL, and then click **Start Task Manager**. +1. Press CTRL+ALT+DEL, and then select **Start Task Manager**. -2. In the **Windows Task Manager** dialog box, click the **Services** tab. +2. In the **Windows Task Manager** dialog box, select the **Services** tab. -3. Click the **Name** column to sort the list alphabetically, and then type **s**. +3. Select the **Name** column to sort the list alphabetically, and then type **s**. 4. In the **Name** column, look for **SCardSvr**, and then look under the **Status** column to see if the service is running or stopped. @@ -196,7 +196,7 @@ The smart card resource manager service runs in the context of a local service. 1. Run as administrator at the command prompt. -2. If the **User Account Control** dialog box appears, confirm that the action it displays is what you want, and then click **Yes**. +2. If the **User Account Control** dialog box appears, confirm that the action it displays is what you want, and then select **Yes**. 3. At the command prompt, type **net stop SCardSvr**. @@ -204,7 +204,7 @@ The smart card resource manager service runs in the context of a local service. You can use the following command at the command prompt to check whether the service is running: **sc queryex scardsvr**. -This is an example output from this command: +The following code sample is an example output from this command: ```console SERVICE_NAME: scardsvr @@ -228,14 +228,14 @@ As with any device connected to a computer, Device Manager can be used to view p 1. Navigate to **Computer**. -2. Right-click **Computer**, and then click **Properties**. +2. Right-click **Computer**, and then select **Properties**. -3. Under **Tasks**, click **Device Manager**. +3. Under **Tasks**, select **Device Manager**. -4. In Device Manager, expand **Smart card readers**, select the name of the smart card reader you want to check, and then click **Properties**. +4. In Device Manager, expand **Smart card readers**, select the name of the smart card reader you want to check, and then select **Properties**. > [!NOTE] -> If the smart card reader is not listed in Device Manager, in the **Action** menu, click **Scan for hardware changes**. +> If the smart card reader is not listed in Device Manager, in the **Action** menu, select **Scan for hardware changes**. ## CryptoAPI 2.0 Diagnostics diff --git a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md index d6bad09f03..8547453291 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md @@ -29,12 +29,12 @@ ms.custom: bitlocker Stored information | Description -------------------|------------ Hash of the TPM owner password | Beginning with Windows 10, the password hash is not stored in AD DS by default. The password hash can be stored only if the TPM is owned and the ownership was taken by using components of Windows 8.1 or earlier, such as the BitLocker Setup Wizard or the TPM snap-in. -BitLocker recovery password | The recovery password allows you to unlock and access the drive in the event of a recovery incident. Domain administrators can view the BitLocker recovery password by using the BitLocker Recovery Password Viewer. For more information about this tool, see [BitLocker: Use BitLocker Recovery Password Viewer](bitlocker-use-bitlocker-recovery-password-viewer.md). +BitLocker recovery password | The recovery password allows you to unlock and access the drive after a recovery incident. Domain administrators can view the BitLocker recovery password by using the BitLocker Recovery Password Viewer. For more information about this tool, see [BitLocker: Use BitLocker Recovery Password Viewer](bitlocker-use-bitlocker-recovery-password-viewer.md). BitLocker key package | The key package helps to repair damage to the hard disk that would otherwise prevent standard recovery. Using the key package for recovery requires the BitLocker Repair Tool, Repair-bde. ## What if BitLocker is enabled on a computer before the computer has joined the domain? -If BitLocker is enabled on a drive before Group Policy has been applied to enforce backup, the recovery information will not be automatically backed up to AD DS when the computer joins the domain or when Group Policy is subsequently applied. However, you can use the **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed drives can be recovered** and **Choose how BitLocker-protected removable drives can be recovered** Group Policy settings to require that the computer be connected to a domain before BitLocker can be enabled to help ensure that recovery information for BitLocker-protected drives in your organization is backed up to AD DS. +If BitLocker is enabled on a drive before Group Policy has been applied to enforce backup, the recovery information will not be automatically backed up to AD DS when the computer joins the domain or when Group Policy is subsequently applied. However, you can use the **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed drives can be recovered**, and **Choose how BitLocker-protected removable drives can be recovered** Group Policy settings to require the computer to be connected to a domain before BitLocker can be enabled to help ensure that recovery information for BitLocker-protected drives in your organization is backed up to AD DS. For more info, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). @@ -65,7 +65,7 @@ No. By design, BitLocker recovery password entries do not get deleted from AD D If the backup initially fails, such as when a domain controller is unreachable at the time when the BitLocker setup wizard is run, BitLocker does not try again to back up the recovery information to AD DS. -When an administrator selects the **Require BitLocker backup to AD DS** check box of the **Store BitLocker recovery information in Active Directory Domain Service (Windows 2008 and Windows Vista)** policy setting, or the equivalent **Do not enable BitLocker until recovery information is stored in AD DS for (operating system | fixed data | removable data) drives** check box in any of the **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed data drives can be recovered**, **Choose how BitLocker-protected removable data drives can be recovered** policy settings, this prevents users from enabling BitLocker unless the computer is connected to the domain and the backup of BitLocker recovery information to AD DS succeeds. With these settings configured if the backup fails, BitLocker cannot be enabled, ensuring that administrators will be able to recover BitLocker-protected drives in the organization. +When an administrator selects the **Require BitLocker backup to AD DS** check box of the **Store BitLocker recovery information in Active Directory Domain Service (Windows 2008 and Windows Vista)** policy setting, or the equivalent **Do not enable BitLocker until recovery information is stored in AD DS for (operating system | fixed data | removable data) drives** check box in any of the **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed data drives can be recovered**, and **Choose how BitLocker-protected removable data drives can be recovered** policy settings, users can't enable BitLocker unless the computer is connected to the domain and the backup of BitLocker recovery information to AD DS succeeds. With these settings configured if the backup fails, BitLocker cannot be enabled, ensuring that administrators will be able to recover BitLocker-protected drives in the organization. For more info, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). diff --git a/windows/security/information-protection/index.md b/windows/security/information-protection/index.md index 84ea720232..e72f8d6c68 100644 --- a/windows/security/information-protection/index.md +++ b/windows/security/information-protection/index.md @@ -1,6 +1,6 @@ --- title: Information protection (Windows 10) -description: Learn more about how to protect sesnsitive data across your ogranization. +description: Learn more about how to protect sensitive data across your organization. ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library From 0ab697a31414cde17ce36d97e86840a161baa507 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Tue, 3 Nov 2020 16:07:16 -0800 Subject: [PATCH 04/26] Update policy-ddf-file.md Updated DDF --- .../client-management/mdm/policy-ddf-file.md | 49 +------------------ 1 file changed, 1 insertion(+), 48 deletions(-) diff --git a/windows/client-management/mdm/policy-ddf-file.md b/windows/client-management/mdm/policy-ddf-file.md index 88231009d5..0ed48a5776 100644 --- a/windows/client-management/mdm/policy-ddf-file.md +++ b/windows/client-management/mdm/policy-ddf-file.md @@ -38830,30 +38830,6 @@ The options are: - - HeadTrackingMode - - - - - - - - - - - - - - - - - - - text/plain - - - MicrophoneDisabled @@ -71643,30 +71619,6 @@ The options are: LastWrite - - HeadTrackingMode - - - - - 0 - - - - - - - - - - - - text/plain - - - LastWrite - - MicrophoneDisabled @@ -84692,4 +84644,5 @@ Note: The first sign-in animation will not be shown on Server, so this policy wi + ``` From fff9d307f4b583010b940825b531935064934be1 Mon Sep 17 00:00:00 2001 From: ShannonLeavitt Date: Tue, 3 Nov 2020 17:09:15 -0700 Subject: [PATCH 05/26] acrolinx fixes --- .../bitlocker/bitlocker-basic-deployment.md | 65 ++++++++-------- ...ocker-deployment-and-administration-faq.md | 6 +- .../bitlocker-recovery-guide-plan.md | 74 +++++++++---------- .../bitlocker/bitlocker-to-go-faq.md | 4 +- ...ve-encryption-tools-to-manage-bitlocker.md | 46 ++++++------ ...bitlocker-using-with-other-programs-faq.md | 8 +- ...nd-storage-area-networks-with-bitlocker.md | 31 ++++---- 7 files changed, 118 insertions(+), 116 deletions(-) diff --git a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md index dc0d879c78..8ad995065c 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md +++ b/windows/security/information-protection/bitlocker/bitlocker-basic-deployment.md @@ -1,6 +1,6 @@ --- title: BitLocker basic deployment (Windows 10) -description: This topic for the IT professional explains how BitLocker features can be used to protect your data through drive encryption. +description: This article for the IT professional explains how BitLocker features can be used to protect your data through drive encryption. ms.assetid: 97c646cb-9e53-4236-9678-354af41151c4 ms.reviewer: ms.prod: w10 @@ -24,7 +24,7 @@ ms.custom: bitlocker - Windows 10 -This topic for the IT professional explains how BitLocker features can be used to protect your data through drive encryption. +This article for the IT professional explains how BitLocker features can be used to protect your data through drive encryption. ## Using BitLocker to encrypt volumes @@ -39,12 +39,12 @@ BitLocker encryption can be done using the following methods: - BitLocker control panel - Windows Explorer -- manage-bde command line interface +- manage-bde command-line interface - BitLocker Windows PowerShell cmdlets ### Encrypting volumes using the BitLocker control panel -Encrypting volumes with the BitLocker control panel (click **Start**, type **bitlocker**, click **Manage BitLocker**) is how many users will utilize BitLocker. The name of the BitLocker control panel is BitLocker Drive Encryption. The BitLocker control panel supports encrypting operating system, fixed data and removable data volumes. The BitLocker control panel will organize available drives in the appropriate category based on how the device reports itself to Windows. Only formatted volumes with assigned drive letters will appear properly in the BitLocker control panel applet. +Encrypting volumes with the BitLocker control panel (select **Start**, type *bitlocker*, select **Manage BitLocker**) is how many users will utilize BitLocker. The name of the BitLocker control panel is BitLocker Drive Encryption. The BitLocker control panel supports encrypting operating system, fixed data, and removable data volumes. The BitLocker control panel will organize available drives in the appropriate category based on how the device reports itself to Windows. Only formatted volumes with assigned drive letters will appear properly in the BitLocker control panel applet. To start encryption for a volume, select **Turn on BitLocker** for the appropriate drive to initialize the BitLocker Drive Encryption Wizard. BitLocker Drive Encryption Wizard options vary based on volume type (operating system volume or data volume). ### Operating system volume @@ -54,7 +54,7 @@ Upon launch, the BitLocker Drive Encryption Wizard verifies the computer meets t |Requirement|Description| |--- |--- | |Hardware configuration|The computer must meet the minimum requirements for the supported Windows versions.| -|Operating system|BitLocker is an optional feature which can be installed by Server Manager on Windows Server 2012 and later.| +|Operating system|BitLocker is an optional feature that can be installed by Server Manager on Windows Server 2012 and later.| |Hardware TPM|TPM version 1.2 or 2.0.

A TPM is not required for BitLocker; however, only a computer with a TPM can provide the additional security of pre-startup system integrity verification and multifactor authentication.| |BIOS configuration|

  • A Trusted Computing Group (TCG)-compliant BIOS or UEFI firmware.
  • The boot order must be set to start first from the hard disk, and not the USB or CD drives.
  • The firmware must be able to read from a USB flash drive during startup.
    • | |File system|For computers that boot natively with UEFI firmware, at least one FAT32 partition for the system drive and one NTFS partition for the operating system drive.
    For computers with legacy BIOS firmware, at least two NTFS disk partitions, one for the system drive and one for the operating system drive.
    For either firmware, the system drive partition must be at least 350 megabytes (MB) and set as the active partition.| @@ -75,11 +75,11 @@ It is recommended that drives with little to no data utilize the **used disk spa > [!NOTE] > Deleted files appear as free space to the file system, which is not encrypted by **used disk space only**. Until they are wiped or overwritten, deleted files hold information that could be recovered with common data forensic tools. -Selecting an encryption type and choosing **Next** will give the user the option of running a BitLocker system check (selected by default) which will ensure that BitLocker can properly access the recovery and encryption keys before the volume encryption begins. It is recommended to run this system check before starting the encryption process. If the system check is not run and a problem is encountered when the operating system attempts to start, the user will need to provide the recovery key to start Windows. +Selecting an encryption type and choosing **Next** will give the user the option of running a BitLocker system check (selected by default) which will ensure that BitLocker can properly access the recovery and encryption keys before the volume encryption begins. We recommend running this system check before starting the encryption process. If the system check is not run and a problem is encountered when the operating system attempts to start, the user will need to provide the recovery key to start Windows. After completing the system check (if selected), the BitLocker Drive Encryption Wizard will restart the computer to begin encryption. Upon reboot, users are required to enter the password chosen to boot into the operating system volume. Users can check encryption status by checking the system notification area or the BitLocker control panel. -Until encryption is completed, the only available options for managing BitLocker involve manipulation of the password protecting the operating system volume, backing up the recovery key, and turning BitLocker off. +Until encryption is completed, the only available options for managing BitLocker involve manipulation of the password protecting the operating system volume, backing up the recovery key, and turning off BitLocker. ### Data volume @@ -97,12 +97,12 @@ Encryption status displays in the notification area or within the BitLocker cont There is a new option for storing the BitLocker recovery key using the OneDrive. This option requires that computers are not members of a domain and that the user is using a Microsoft Account. Local accounts do not give the option to utilize OneDrive. Using the OneDrive option is the default, recommended recovery key storage method for computers that are not joined to a domain. -Users can verify the recovery key was saved properly by checking their OneDrive for the BitLocker folder which is created automatically during the save process. The folder will contain two files, a readme.txt and the recovery key. For users storing more than one recovery password on their OneDrive, +Users can verify the recovery key was saved properly by checking their OneDrive for the BitLocker folder that is created automatically during the save process. The folder will contain two files, a readme.txt and the recovery key. For users storing more than one recovery password on their OneDrive, they can identify the required recovery key by looking at the file name. The recovery key ID is appended to the end of the file name. ### Using BitLocker within Windows Explorer -Windows Explorer allows users to launch the BitLocker Drive Encryption wizard by right clicking on a volume and selecting **Turn On BitLocker**. This option is available on client computers by default. On servers, you must first install the BitLocker and Desktop-Experience features for this option to be available. After selecting **Turn on BitLocker**, the wizard works exactly as it does when launched using the BitLocker control panel. +Windows Explorer allows users to launch the BitLocker Drive Encryption wizard by right-clicking a volume and selecting **Turn On BitLocker**. This option is available on client computers by default. On servers, you must first install the BitLocker and Desktop-Experience features for this option to be available. After selecting **Turn on BitLocker**, the wizard works exactly as it does when launched using the BitLocker control panel. ## Down-level compatibility @@ -118,13 +118,13 @@ Table 1: Cross compatibility for Windows 10, Windows 8.1, Windows 8, and Window |Fully encrypted volume from Windows 7|Presents as fully encrypted|Presented as fully encrypted|N/A| |Partially encrypted volume from Windows 7|Windows 10 and Windows 8.1 will complete encryption regardless of policy|Windows 8 will complete encryption regardless of policy|N/A| -## Encrypting volumes using the manage-bde command line interface +## Encrypting volumes using the manage-bde command-line interface Manage-bde is a command-line utility that can be used for scripting BitLocker operations. Manage-bde offers additional options not displayed in the BitLocker control panel. For a complete list of the options, see [Manage-bde](/windows-server/administration/windows-commands/manage-bde). -Manage-bde offers a multitude of wider options for configuring BitLocker. This means that using the command syntax may require care and possibly later customization by the user. For example, using just the `manage-bde -on` command on a data volume will fully encrypt the volume without any authenticating protectors. A volume encrypted in this manner still requires user interaction to turn on BitLocker protection, even though the command successfully completed because an authentication method needs to be added to the volume for it to be fully protected. +Manage-bde offers a multitude of wider options for configuring BitLocker. So using the command syntax may require care and possibly later customization by the user. For example, using just the `manage-bde -on` command on a data volume will fully encrypt the volume without any authenticating protectors. A volume encrypted in this manner still requires user interaction to turn on BitLocker protection, even though the command successfully completed because an authentication method needs to be added to the volume for it to be fully protected. -Command line users need to determine the appropriate syntax for a given situation. The following section covers general encryption for operating system volumes and data volumes. +Command-line users need to determine the appropriate syntax for a given situation. The following section covers general encryption for operating system volumes and data volumes. ### Operating system volume @@ -136,7 +136,7 @@ A good practice when using manage-bde is to determine the volume status on the t `manage-bde -status` -This command returns the volumes on the target, current encryption status and volume type (operating system or data) for each volume. Using this information, users can determine the best encryption method for their environment. +This command returns the volumes on the target, current encryption status, and volume type (operating system or data) for each volume. Using this information, users can determine the best encryption method for their environment. **Enabling BitLocker without a TPM** @@ -149,29 +149,29 @@ manage-bde -on C: **Enabling BitLocker with a TPM only** -It is possible to encrypt the operating system volume without any defined protectors using manage-bde. The command to do this is: +It is possible to encrypt the operating system volume without any defined protectors by using manage-bde. Use this command: `manage-bde -on C:` -This will encrypt the drive using the TPM as the protector. If a user is unsure of the protector for a volume, they can use the -protectors option in manage-bde to list this information with the command: +This command will encrypt the drive using the TPM as the protector. If a user is unsure of the protector for a volume, they can use the -protectors option in manage-bde to list this information with the command: `manage-bde -protectors -get ` **Provisioning BitLocker with two protectors** -Another example is a user on non-TPM hardware who wishes to add a password and SID-based protector to the operating system volume. In this instance, the user adds the protectors first. This is done with the command: +Another example is a user on non-TPM hardware who wishes to add a password and SID-based protector to the operating system volume. In this instance, the user adds the protectors first. Use this command: `manage-bde -protectors -add C: -pw -sid ` -This command will require the user to enter and then confirm the password protector before adding them to the volume. With the protectors enabled on the volume, the user just needs to turn BitLocker on. +This command will require the user to enter and then confirm the password protector before adding them to the volume. With the protectors enabled on the volume, the user just needs to turn on BitLocker. ### Data volume -Data volumes use the same syntax for encryption as operating system volumes but they do not require protectors for the operation to complete. Encrypting data volumes can be done using the base command: `manage-bde -on ` or users can choose to add protectors to the volume. It is recommended that at least one primary protector and a recovery protector be added to a data volume. +Data volumes use the same syntax for encryption as operating system volumes but they do not require protectors for the operation to complete. Encrypting data volumes can be done using the base command: `manage-bde -on ` or users can choose to add protectors to the volume. We recommend that you add at least one primary protector and a recovery protector to a data volume. **Enabling BitLocker with a password** -A common protector for a data volume is the password protector. In the example below, we add a password protector to the volume and turn BitLocker on. +A common protector for a data volume is the password protector. In the example below, we add a password protector to the volume and turn on BitLocker. ```powershell manage-bde -protectors -add -pw C: @@ -322,7 +322,7 @@ Occasionally, all protectors may not be shown when using **Get-BitLockerVolume** Get-BitLockerVolume C: | fl ``` -If you wanted to remove the existing protectors prior to provisioning BitLocker on the volume, you can utilize the `Remove-BitLockerKeyProtector` cmdlet. Accomplishing this requires the GUID associated with the protector to be removed. +If you want to remove the existing protectors prior to provisioning BitLocker on the volume, you can utilize the `Remove-BitLockerKeyProtector` cmdlet. Accomplishing this task requires the GUID associated with the protector to be removed. A simple script can pipe the values of each **Get-BitLockerVolume** return out to another variable as seen below: ```powershell @@ -330,7 +330,7 @@ $vol = Get-BitLockerVolume $keyprotectors = $vol.KeyProtector ``` -Using this, we can display the information in the **$keyprotectors** variable to determine the GUID for each protector. +Using this script, we can display the information in the **$keyprotectors** variable to determine the GUID for each protector. Using this information, we can then remove the key protector for a specific volume using the command: ```powershell @@ -343,7 +343,8 @@ Remove-BitLockerKeyProtector : -KeyProtectorID "{GUID}" ### Operating system volume Using the BitLocker Windows PowerShell cmdlets is similar to working with the manage-bde tool for encrypting operating system volumes. Windows PowerShell offers users a lot of flexibility. For example, users can add the desired protector as part command for encrypting the volume. Below are examples of common user scenarios and steps to accomplish them using the BitLocker cmdlets for Windows PowerShell. -To enable BitLocker with just the TPM protector. This can be done using the command: + +To enable BitLocker with just the TPM protector, use this command: ```powershell Enable-BitLocker C: @@ -357,7 +358,7 @@ Enable-BitLocker C: -StartupKeyProtector -StartupKeyPath -SkipHardwareTes ### Data volume -Data volume encryption using Windows PowerShell is the same as for operating system volumes. You should add the desired protectors prior to encrypting the volume. The following example adds a password protector to the E: volume using the variable $pw as the password. The $pw variable is held as a SecureString value to store the user defined password. Last, encryption begins. +Data volume encryption using Windows PowerShell is the same as for operating system volumes. Add the desired protectors prior to encrypting the volume. The following example adds a password protector to the E: volume using the variable $pw as the password. The $pw variable is held as a SecureString value to store the user-defined password. Last, encryption begins. ```powershell $pw = Read-Host -AsSecureString @@ -365,14 +366,14 @@ $pw = Read-Host -AsSecureString Enable-BitLockerKeyProtector E: -PasswordProtector -Password $pw ``` -### Using a SID based protector in Windows PowerShell +### Using a SID-based protector in Windows PowerShell -The ADAccountOrGroup protector is an Active Directory SID-based protector. This protector can be added to both operating system and data volumes, although it does not unlock operating system volumes in the pre-boot environment. The protector requires the SID for the domain account or group to link with the protector. BitLocker can protect a cluster-aware disk by adding a SID-based protector for the Cluster Name Object (CNO) that lets the disk properly failover and be unlocked to any member computer of the cluster. +The ADAccountOrGroup protector is an Active Directory SID-based protector. This protector can be added to both operating system and data volumes, although it does not unlock operating system volumes in the pre-boot environment. The protector requires the SID for the domain account or group to link with the protector. BitLocker can protect a cluster-aware disk by adding a SID-based protector for the Cluster Name Object (CNO) that lets the disk properly fail over and be unlocked to any member computer of the cluster. > [!WARNING] > The SID-based protector requires the use of an additional protector (such as TPM, PIN, recovery key, etc.) when used on operating system volumes. -To add an ADAccountOrGroup protector to a volume requires either the actual domain SID or the group name preceded by the domain and a backslash. In the example below, the CONTOSO\\Administrator account is added as a protector to the data volume G. +To add an ADAccountOrGroup protector to a volume, you need either the actual domain SID or the group name preceded by the domain and a backslash. In the example below, the CONTOSO\\Administrator account is added as a protector to the data volume G. ```powershell Enable-BitLocker G: -AdAccountOrGroupProtector -AdAccountOrGroup CONTOSO\Administrator @@ -389,7 +390,7 @@ Get-ADUser -filter {samaccountname -eq "administrator"} > > **Tip:**  In addition to the Windows PowerShell command above, information about the locally logged on user and group membership can be found using: WHOAMI /ALL. This does not require the use of additional features. -In the example below, the user wishes to add a domain SID based protector to the previously encrypted operating system volume. The user knows the SID for the user account or group they wish to add and uses the following command: +In the example below, the user wishes to add a domain SID-based protector to the previously encrypted operating system volume. The user knows the SID for the user account or group they wish to add and uses the following command: ```powershell Add-BitLockerKeyProtector C: -ADAccountOrGroupProtector -ADAccountOrGroup "" @@ -400,7 +401,7 @@ Add-BitLockerKeyProtector C: -ADAccountOrGroupProtector -ADAccountOrGroup " ## Checking BitLocker status -To check the BitLocker status of a particular volume, administrators can look at the status of the drive in the BitLocker control panel applet, Windows Explorer, manage-bde command line tool, or Windows PowerShell cmdlets. Each option offers different levels of detail and ease of use. We will look at each of the available methods in the following section. +To check the BitLocker status of a particular volume, administrators can look at the status of the drive in the BitLocker control panel applet, Windows Explorer, manage-bde command-line tool, or Windows PowerShell cmdlets. Each option offers different levels of detail and ease of use. We will look at each of the available methods in the following section. ### Checking BitLocker status with the control panel @@ -421,7 +422,7 @@ Once BitLocker protector activation is completed, the completion notice is displ ### Checking BitLocker status with manage-bde -Administrators who prefer a command line interface can utilize manage-bde to check volume status. Manage-bde is capable of returning more information about the volume than the graphical user interface tools in the control panel. For example, manage-bde can display the BitLocker version in use, the encryption type, and the protectors associated with a volume. +Administrators who prefer a command-line interface can utilize manage-bde to check volume status. Manage-bde is capable of returning more information about the volume than the graphical user interface tools in the control panel. For example, manage-bde can display the BitLocker version in use, the encryption type, and the protectors associated with a volume. To check the status of a volume using manage-bde, use the following command: @@ -446,7 +447,7 @@ This command will display information about the encryption method, volume type, ### Provisioning BitLocker during operating system deployment -Administrators can enable BitLocker prior to operating system deployment from the Windows Pre-installation Environment. This is done with a randomly generated clear key protector applied to the formatted volume and encrypting the volume prior to running the Windows setup process. If the encryption uses the Used Disk Space Only option described later in this document, this step takes only a few seconds and incorporates well into regular deployment processes. +Administrators can enable BitLocker prior to operating system deployment from the Windows Pre-installation Environment. This task is done with a randomly generated clear key protector applied to the formatted volume and encrypting the volume prior to running the Windows setup process. If the encryption uses the Used Disk Space Only option described later in this document, this step takes only a few seconds and incorporates well into regular deployment processes. ### Decrypting BitLocker volumes @@ -461,9 +462,9 @@ The control panel does not report decryption progress but displays it in the not Once decryption is complete, the drive will update its status in the control panel and is available for encryption. -### Decrypting volumes using the manage-bde command line interface +### Decrypting volumes using the manage-bde command-line interface -Decrypting volumes using manage-bde is very straightforward. Decryption with manage-bde offers the advantage of not requiring user confirmation to start the process. Manage-bde uses the -off command to start the decryption process. A sample command for decryption is: +Decrypting volumes using manage-bde is straightforward. Decryption with manage-bde offers the advantage of not requiring user confirmation to start the process. Manage-bde uses the -off command to start the decryption process. A sample command for decryption is: ```powershell manage-bde -off C: diff --git a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.md b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.md index ea8ab3bf7a..064a82cf8e 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-deployment-and-administration-faq.md @@ -37,7 +37,7 @@ Generally it imposes a single-digit percentage performance overhead. ## How long will initial encryption take when BitLocker is turned on? -Although BitLocker encryption occurs in the background while you continue to work, and the system remains usable, encryption times vary depending on the type of drive that is being encrypted, the size of the drive, and the speed of the drive. If you are encrypting very large drives, you may want to set encryption to occur during times when you will not be using the drive. +Although BitLocker encryption occurs in the background while you continue to work, and the system remains usable, encryption times vary depending on the type of drive that is being encrypted, the size of the drive, and the speed of the drive. If you are encrypting large drives, you may want to set encryption to occur during times when you will not be using the drive. You can also choose whether or not BitLocker should encrypt the entire drive or just the used space on the drive when you turn on BitLocker. On a new hard drive, encrypting just the used spaced can be considerably faster than encrypting the entire drive. When this encryption option is selected, BitLocker automatically encrypts data as it is saved, ensuring that no data is stored unencrypted. @@ -82,11 +82,11 @@ The TPM is not involved in any recovery scenarios, so recovery is still possible ## What can prevent BitLocker from binding to PCR 7? -This happens if a non-Windows OS booted prior to Windows, or if Secure Boot is not available to the device, either because it has been disabled or the hardware does not support it. +BitLocker can be prevented from binding to PCR 7 if a non-Windows OS booted prior to Windows, or if Secure Boot is not available to the device, either because it has been disabled or the hardware does not support it. ## Can I swap hard disks on the same computer if BitLocker is enabled on the operating system drive? -Yes, you can swap multiple hard disks on the same computer if BitLocker is enabled, but only if the hard disks were BitLocker-protected on the same computer. The BitLocker keys are unique to the TPM and operating system drive, so if you want to prepare a backup operating system or data drive for use in case of disk failure, you need to make sure that they were matched with the correct TPM. You can also configure different hard drives for different operating systems and then enable BitLocker on each one with different authentication methods (such as one with TPM-only and one with TPM+PIN) without any conflicts. +Yes, you can swap multiple hard disks on the same computer if BitLocker is enabled, but only if the hard disks were BitLocker-protected on the same computer. The BitLocker keys are unique to the TPM and operating system drive. So if you want to prepare a backup operating system or data drive in case a disk fails, make sure that they were matched with the correct TPM. You can also configure different hard drives for different operating systems and then enable BitLocker on each one with different authentication methods (such as one with TPM-only and one with TPM+PIN) without any conflicts. ## Can I access my BitLocker-protected drive if I insert the hard disk into a different computer? diff --git a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md index f31dcd8374..4f3681db63 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md +++ b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md @@ -1,6 +1,6 @@ --- title: BitLocker recovery guide (Windows 10) -description: This topic for IT professionals describes how to recover BitLocker keys from AD DS. +description: This article for IT professionals describes how to recover BitLocker keys from AD DS. ms.assetid: d0f722e9-1773-40bf-8456-63ee7a95ea14 ms.reviewer: ms.prod: w10 @@ -24,7 +24,7 @@ ms.custom: bitlocker - Windows 10 -This topic for IT professionals describes how to recover BitLocker keys from AD DS. +This article for IT professionals describes how to recover BitLocker keys from AD DS. Organizations can use BitLocker recovery information saved in Active Directory Domain Services (AD DS) to access BitLocker-protected data. Creating a recovery model for BitLocker while you are planning your BitLocker deployment is recommended. @@ -46,11 +46,11 @@ BitLocker recovery is the process by which you can restore access to a BitLocker The following list provides examples of specific events that will cause BitLocker to enter recovery mode when attempting to start the operating system drive: -- On PCs that use BitLocker Drive Encryption, or on devices such as tablets or phones that use [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md) only, when an attack is detected, the device will immediately reboot and enter into BitLocker recovery mode. To take advantage of this functionality Administrators can set the **Interactive logon: Machine account lockout threshold** Group Policy setting located in **\\Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Security Options** in the Local Group Policy Editor, or use the **MaxFailedPasswordAttempts** policy of [Exchange ActiveSync](/Exchange/clients/exchange-activesync/exchange-activesync) (also configurable through [Microsoft Intune](https://www.microsoft.com/microsoft-365/enterprise-mobility-security/microsoft-intune)), to limit the number of failed password attempts before the device goes into Device Lockout. +- On PCs that use BitLocker Drive Encryption, or on devices such as tablets or phones that use [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md) only, when an attack is detected, the device will immediately reboot and enter into BitLocker recovery mode. To take advantage of this functionality, administrators can set the **Interactive logon: Machine account lockout threshold** Group Policy setting located in **\\Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Security Options** in the Local Group Policy Editor. Or they can use the **MaxFailedPasswordAttempts** policy of [Exchange ActiveSync](/Exchange/clients/exchange-activesync/exchange-activesync) (also configurable through [Microsoft Intune](https://www.microsoft.com/microsoft-365/enterprise-mobility-security/microsoft-intune)), to limit the number of failed password attempts before the device goes into Device Lockout. - On devices with TPM 1.2, changing the BIOS or firmware boot device order causes BitLocker recovery. However, devices with TPM 2.0 do not start BitLocker recovery in this case. TPM 2.0 does not consider a firmware change of boot device order as a security threat because the OS Boot Loader is not compromised. - Having the CD or DVD drive before the hard drive in the BIOS boot order and then inserting or removing a CD or DVD. - Failing to boot from a network drive before booting from the hard drive. -- Docking or undocking a portable computer. In some instances (depending on the computer manufacturer and the BIOS), the docking condition of the portable computer is part of the system measurement and must be consistent to validate the system status and unlock BitLocker. This means that if a portable computer is connected to its docking station when BitLocker is turned on, then it might also need to be connected to the docking station when it is unlocked. Conversely, if a portable computer is not connected to its docking station when BitLocker is turned on, then it might need to be disconnected from the docking station when it is unlocked. +- Docking or undocking a portable computer. In some instances (depending on the computer manufacturer and the BIOS), the docking condition of the portable computer is part of the system measurement and must be consistent to validate the system status and unlock BitLocker. So if a portable computer is connected to its docking station when BitLocker is turned on, then it might also need to be connected to the docking station when it is unlocked. Conversely, if a portable computer is not connected to its docking station when BitLocker is turned on, then it might need to be disconnected from the docking station when it is unlocked. - Changes to the NTFS partition table on the disk including creating, deleting, or resizing a primary partition. - Entering the personal identification number (PIN) incorrectly too many times so that the anti-hammering logic of the TPM is activated. Anti-hammering logic is software or hardware methods that increase the difficulty and cost of a brute force attack on a PIN by not accepting PIN entries until after a certain amount of time has passed. - Turning off the support for reading the USB device in the pre-boot environment from the BIOS or UEFI firmware if you are using USB-based keys instead of a TPM. @@ -64,7 +64,7 @@ The following list provides examples of specific events that will cause BitLocke - Changes to the master boot record on the disk. - Changes to the boot manager on the disk. - Hiding the TPM from the operating system. Some BIOS or UEFI settings can be used to prevent the enumeration of the TPM to the operating system. When implemented, this option can make the TPM hidden from the operating system. When the TPM is hidden, BIOS and UEFI secure startup are disabled, and the TPM does not respond to commands from any software. -- Using a different keyboard that does not correctly enter the PIN or whose keyboard map does not match the keyboard map assumed by the pre-boot environment. This can prevent the entry of enhanced PINs. +- Using a different keyboard that does not correctly enter the PIN or whose keyboard map does not match the keyboard map assumed by the pre-boot environment. This problem can prevent the entry of enhanced PINs. - Modifying the Platform Configuration Registers (PCRs) used by the TPM validation profile. For example, including **PCR\[1\]** would result in BitLocker measuring most changes to BIOS settings, causing BitLocker to enter recovery mode even when non-boot critical BIOS settings change. > [!NOTE] @@ -93,25 +93,25 @@ For planned scenarios, such as a known hardware or firmware upgrades, you can av > [!NOTE] > If suspended BitLocker will automatically resume protection when the PC is rebooted, unless a reboot count is specified using the manage-bde command line tool. -If software maintenance requires the computer be restarted and you are using two-factor authentication, you can enable BitLocker Network Unlock to provide the secondary authentication factor when the computers do not have an on-premises user to provide the additional authentication method. +If software maintenance requires the computer to be restarted and you are using two-factor authentication, you can enable BitLocker Network Unlock to provide the secondary authentication factor when the computers do not have an on-premises user to provide the additional authentication method. Recovery has been described within the context of unplanned or undesired behavior, but you can also cause recovery as an intended production scenario, in order to manage access control. For example, when you redeploy desktop or laptop computers to other departments or employees in your enterprise, you can force BitLocker into recovery before the computer is given to a new user. ## Testing recovery -Before you create a thorough BitLocker recovery process, we recommend that you test how the recovery process works for both end users (people who call your helpdesk for the recovery password) and administrators (people who help the end user get the recovery password). The –forcerecovery command of manage-bde is an easy way for you to step through the recovery process before your users encounter a recovery situation. +Before you create a thorough BitLocker recovery process, we recommend that you test how the recovery process works for both end users (people who call your helpdesk for the recovery password) and administrators (people who help the end user get the recovery password). The -forcerecovery command of manage-bde is an easy way for you to step through the recovery process before your users encounter a recovery situation. **To force a recovery for the local computer:** -1. Click the **Start** button, type **cmd** in the **Start Search** box, right-click **cmd.exe**, and then click **Run as administrator**. -2. At the command prompt, type the following command and then press ENTER: +1. Select the **Start** button, type *cmd* in the **Start Search** box, right-click **cmd.exe**, and then select **Run as administrator**. +2. At the command prompt, type the following command and then press **Enter**: `manage-bde -forcerecovery ` **To force recovery for a remote computer:** -1. On the Start screen, type **cmd.exe**, and then click **Run as administrator**. +1. On the Start screen, type **cmd.exe**, and then select **Run as administrator**. 2. At the command prompt, type the following command and then press ENTER: `manage-bde -ComputerName -forcerecovery ` @@ -125,7 +125,7 @@ When planning the BitLocker recovery process, first consult your organization's Organizations that rely on BitLocker Drive Encryption and BitLocker To Go to protect data on a large number of computers and removable drives running the Windows 10, Windows 8, or Windows 7 operating systems and Windows to Go should consider using the Microsoft BitLocker Administration and Monitoring (MBAM) Tool version 2.0, which is included in the Microsoft Desktop Optimization Pack (MDOP) for Microsoft Software Assurance. MBAM makes BitLocker implementations easier to deploy and manage and allows administrators to provision and monitor encryption for operating system and fixed drives. MBAM prompts the user before encrypting fixed drives. MBAM also manages recovery keys for fixed and removable drives, making recovery easier to manage. MBAM can be used as part of a Microsoft System Center deployment or as a stand-alone solution. For more info, see [Microsoft BitLocker Administration and Monitoring](/microsoft-desktop-optimization-pack/mbam-v25/). -After a BitLocker recovery has been initiated, users can use a recovery password to unlock access to encrypted data. You must consider both self-recovery and recovery password retrieval methods for your organization. +After a BitLocker recovery has been initiated, users can use a recovery password to unlock access to encrypted data. Consider both self-recovery and recovery password retrieval methods for your organization. When you determine your recovery process, you should: @@ -141,12 +141,12 @@ When you determine your recovery process, you should: ### Self-recovery -In some cases, users might have the recovery password in a printout or a USB flash drive and can perform self-recovery. We recommend that your organization create a policy for self-recovery. If self-recovery includes using a password or recovery key stored on a USB flash drive, the users should be warned not to store the USB flash drive in the same place as the PC, especially during travel, for example if both the PC and the recovery items are in the same bag it would be very easy for access to be gained to the PC by an unauthorized user. Another policy to consider is having users contact the Helpdesk before or after performing self-recovery so that the root cause can be identified. +In some cases, users might have the recovery password in a printout or a USB flash drive and can perform self-recovery. We recommend that your organization create a policy for self-recovery. If self-recovery includes using a password or recovery key stored on a USB flash drive, the users should be warned not to store the USB flash drive in the same place as the PC, especially during travel, for example if both the PC and the recovery items are in the same bag, then it's easy for an unauthorized user to access the PC. Another policy to consider is having users contact the Helpdesk before or after performing self-recovery so that the root cause can be identified. ### Recovery password retrieval -If the user does not have a recovery password in a printout or on a USB flash drive, the user will need to be able to retrieve the recovery password from an online source. If the PC is a member of a domain the recovery password can be backed up to AD DS. However, this does not happen by default, you must have configured the appropriate Group Policy settings before BitLocker was enabled on the PC. BitLocker Group Policy settings can be found in the Local Group Policy Editor or the Group Policy Management Console (GPMC) under **Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption**. The following policy settings define the recovery methods that can be used to restore access to a BitLocker-protected drive if an authentication method fails or is unable to be used. +If the user does not have a recovery password in a printout or on a USB flash drive, the user will need to be able to retrieve the recovery password from an online source. If the PC is a member of a domain, the recovery password can be backed up to AD DS. However, this does not happen by default. You must have configured the appropriate Group Policy settings before BitLocker was enabled on the PC. BitLocker Group Policy settings can be found in the Local Group Policy Editor or the Group Policy Management Console (GPMC) under **Computer Configuration\\Administrative Templates\\Windows Components\\BitLocker Drive Encryption**. The following policy settings define the recovery methods that can be used to restore access to a BitLocker-protected drive if an authentication method fails or is unable to be used. - **Choose how BitLocker-protected operating system drives can be recovered** - **Choose how BitLocker-protected fixed drives can be recovered** @@ -176,7 +176,7 @@ You can use the name of the user's computer to locate the recovery password in A ### Verify the user's identity -You should verify that the person that is asking for the recovery password is truly the authorized user of that computer. You may also wish to verify that the computer with the name the user provided belongs to the user. +Verify that the person that is asking for the recovery password is truly the authorized user of that computer. You might also want to verify that the computer with the name the user provided belongs to the user. ### Locate the recovery password in AD DS @@ -200,7 +200,7 @@ Before you give the user the recovery password, you should gather any informatio ### Give the user the recovery password -Because the recovery password is 48 digits long the user may need to record the password by writing it down or typing it on a different computer. If you are using MBAM, the recovery password will be regenerated after it is recovered from the MBAM database to avoid the security risks associated with an uncontrolled password. +Because the recovery password is 48 digits long, the user might need to record the password by writing it down or typing it on a different computer. If you are using MBAM, the recovery password will be regenerated after it is recovered from the MBAM database to avoid the security risks associated with an uncontrolled password. > [!NOTE] > Because the 48-digit recovery password is long and contains a combination of digits, the user might mishear or mistype the password. The boot-time recovery console uses built-in checksum numbers to detect input errors in each 6-digit block of the 48-digit recovery password, and offers the user the opportunity to correct such errors. @@ -228,11 +228,11 @@ Review and answer the following questions for your organization: 1. What BitLocker protection mode is in effect (TPM, TPM + PIN, TPM + startup key, startup key only)? Which PCR profile is in use on the PC? 2. Did the user merely forget the PIN or lose the startup key? If a token was lost, where might the token be? 3. If TPM mode was in effect, was recovery caused by a boot file change? -4. If recovery was caused by a boot file change, is this due to an intended user action (for example, BIOS upgrade), or to malicious software? +4. If recovery was caused by a boot file change, was the change an intended user action (for example, BIOS upgrade), or was it caused by malicious software? 5. When was the user last able to start the computer successfully, and what might have happened to the computer since then? 6. Might the user have encountered malicious software or left the computer unattended since the last successful startup? -To help you answer these questions, use the BitLocker command-line tool to view the current configuration and protection mode (for example, **manage-bde -status**). Scan the event log to find events that help indicate why recovery was initiated (for example, if boot file change occurred). Both of these capabilities can be performed remotely. +To help you answer these questions, use the BitLocker command-line tool to view the current configuration and protection mode (for example, **manage-bde -status**). Scan the event log to find events that help indicate why recovery was initiated (for example, if the boot file changed). Both of these capabilities can be performed remotely. ### Resolve the root cause @@ -257,9 +257,9 @@ If a user has forgotten the PIN, you must reset the PIN while you are logged on 1. Unlock the computer using the recovery password. 2. Reset the PIN: - 1. Right-click the drive and then click **Change PIN**. - 2. In the BitLocker Drive Encryption dialog, click **Reset a forgotten PIN**. If you are not logged in with an administrator account you must provide administrative credentials at this time. - 3. In the PIN reset dialog, provide and confirm the new PIN to use and then click **Finish**. + 1. Right-click the drive and then select **Change PIN**. + 2. In the BitLocker Drive Encryption dialog, select **Reset a forgotten PIN**. If you are not logged in with an administrator account, provide administrative credentials at this time. + 3. In the PIN reset dialog, provide and confirm the new PIN to use and then select **Finish**. 3. You will use the new PIN the next time you unlock the drive. @@ -271,17 +271,17 @@ If you have lost the USB flash drive that contains the startup key, then you mus 1. Log on as an administrator to the computer that has the lost startup key. 2. Open Manage BitLocker. -3. Click **Duplicate start up key**, insert the clean USB drive on which you are going to write the key and then click **Save**. +3. Select **Duplicate start up key**, insert the clean USB drive on which you are going to write the key and then select **Save**. ### Changes to boot files -This error might occur if you updated the firmware. As a best practice you should suspend BitLocker before making changes to the firmware and then resume protection after the update has completed. This prevents the computer from going into recovery mode. However if changes were made when BitLocker protection was on you can simply log on to the computer using the recovery password and the platform validation profile will be updated so that recovery will not occur the next time. +This error might occur if you updated the firmware. As a best practice, you should suspend BitLocker before making changes to the firmware and then resume protection after the update has completed. This action prevents the computer from going into recovery mode. However if changes were made when BitLocker protection was on, then log on to the computer using the recovery password, and the platform validation profile will be updated so that recovery will not occur the next time. ## Windows RE and BitLocker Device Encryption -Windows Recovery Environment (RE) can be used to recover access to a drive protected by [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md). If a PC is unable to boot after two failures, Startup Repair will automatically start. When Startup Repair is launched automatically due to boot failures, it will only execute operating system and driver file repairs, provided that the boot logs or any available crash dump point to a specific corrupted file. In Windows 8.1 and later, devices that include firmware to support specific TPM measurements for PCR\[7\] the TPM can validate that Windows RE is a trusted operating environment and will unlock any BitLocker-protected drives if Windows RE has not been modified. If the Windows RE environment has been modified, for example the TPM has been disabled, the drives will stay locked until the BitLocker recovery key is provided. If Startup Repair is not able to be run automatically from the PC and instead Windows RE is manually started from a repair disk, the BitLocker recovery key must be provided to unlock the BitLocker–protected drives. +Windows Recovery Environment (RE) can be used to recover access to a drive protected by [BitLocker Device Encryption](bitlocker-device-encryption-overview-windows-10.md). If a PC is unable to boot after two failures, Startup Repair will automatically start. When Startup Repair is launched automatically due to boot failures, it will only execute operating system and driver file repairs, provided that the boot logs or any available crash dump point to a specific corrupted file. In Windows 8.1 and later, devices that include firmware to support specific TPM measurements for PCR\[7\] the TPM can validate that Windows RE is a trusted operating environment and will unlock any BitLocker-protected drives if Windows RE has not been modified. If the Windows RE environment has been modified, for example the TPM has been disabled, the drives will stay locked until the BitLocker recovery key is provided. If Startup Repair can't run automatically from the PC and instead Windows RE is manually started from a repair disk, then the BitLocker recovery key must be provided to unlock the BitLocker–protected drives. ## BitLocker recovery screen @@ -307,7 +307,7 @@ Example of customized recovery screen: ### BitLocker recovery key hints -BitLocker metadata has been enhanced in Windows 10, version 1903 to include information about when and where the BitLocker recovery key was backed up. This information is not exposed through the UI or any public API. It is used solely by the BitLocker recovery screen in the form of hints to help a user locate a volume's recovery key. Hints are displayed on the recovery screen and refer to the location where the key has been saved. Hints are displayed in both the modern (blue) and legacy (black) recovery screen. This applies to both the boot manager recovery screen and the WinRE unlock screen. +BitLocker metadata has been enhanced in Windows 10, version 1903 to include information about when and where the BitLocker recovery key was backed up. This information is not exposed through the UI or any public API. It is used solely by the BitLocker recovery screen in the form of hints to help a user locate a volume's recovery key. Hints are displayed on the recovery screen and refer to the location where the key has been saved. Hints are displayed on both the modern (blue) and legacy (black) recovery screen. This applies to both the boot manager recovery screen and the WinRE unlock screen. ![Customized BitLocker recovery screen](./images/bl-password-hint2.png) @@ -337,7 +337,7 @@ There are rules governing which hint is shown during the recovery (in order of p | Printed | No | | Saved to file | No | -**Result:** The hint for the Microsoft Account and custom URL are displayed. +**Result:** The hint for the Microsoft Account and the custom URL are displayed. ![Example 1 of Customized BitLocker recovery screen](./images/rp-example1.PNG) @@ -378,7 +378,7 @@ There are rules governing which hint is shown during the recovery (in order of p |----------------------|-----------------| | Saved to Microsoft Account | No | | Saved to Azure AD | No | -| Saved to Acive Directory | No | +| Saved to Active Directory | No | | Printed | No | | Saved to file | Yes | | Creation time | **1PM** | @@ -444,17 +444,17 @@ If the recovery methods discussed earlier in this document do not unlock the vol > [!NOTE] > You must use the BitLocker Repair tool **repair-bde** to use the BitLocker key package. -The BitLocker key package is not saved by default. To save the package along with the recovery password in AD DS you must select the **Backup recovery password and key package** option in the Group Policy settings that control the recovery method. You can also export the key package from a working volume. For more details on how to export key packages, see [Retrieving the BitLocker Key Package](#bkmk-appendixc). +The BitLocker key package is not saved by default. To save the package along with the recovery password in AD DS, you must select the **Backup recovery password and key package** option in the Group Policy settings that control the recovery method. You can also export the key package from a working volume. For more details about how to export key packages, see [Retrieving the BitLocker Key Package](#bkmk-appendixc). ## Resetting recovery passwords -You should invalidate a recovery password after it has been provided and used. It should also be done when you intentionally want to invalidate an existing recovery password for any reason. +Invalidate a recovery password after it has been provided and used. It should also be done when you intentionally want to invalidate an existing recovery password for any reason. You can reset the recovery password in two ways: -- **Use manage-bde** You can use manage-bde to remove the old recovery password and add a new recovery password. The procedure identifies the command and the syntax for this method. -- **Run a script** You can run a script to reset the password without decrypting the volume. The sample script in the procedure illustrates this functionality. The sample script creates a new recovery password and invalidates all other passwords. +- **Use manage-bde**: You can use manage-bde to remove the old recovery password and add a new recovery password. The procedure identifies the command and the syntax for this method. +- **Run a script**: You can run a script to reset the password without decrypting the volume. The sample script in the procedure illustrates this functionality. The sample script creates a new recovery password and invalidates all other passwords. **To reset a recovery password using manage-bde:** @@ -470,13 +470,13 @@ You can reset the recovery password in two ways: Manage-bde –protectors –add C: -RecoveryPassword ``` -3. Get the ID of the new recovery password. From the screen copy the ID of the recovery password. +3. Get the ID of the new recovery password. From the screen, copy the ID of the recovery password. ```powershell Manage-bde –protectors –get C: -Type RecoveryPassword ``` -4. Backup the new recovery password to AD DS +4. Back up the new recovery password to AD DS. ```powershell Manage-bde –protectors –adbackup C: -id {EXAMPLE6-5507-4924-AA9E-AFB2EB003692} @@ -488,7 +488,7 @@ You can reset the recovery password in two ways: **To run the sample recovery password script:** 1. Save the following sample script in a VBScript file. For example: ResetPassword.vbs. -2. At the command prompt, type a command similar to the following: +2. At the command prompt, type a command similar to the following sample script: **cscript ResetPassword.vbs** @@ -576,15 +576,15 @@ WScript.Echo "A new recovery password has been added. Old passwords have been re You can use two methods to retrieve the key package, as described in [Using Additional Recovery Information](#bkmk-usingaddrecovery): -- **Export a previously-saved key package from AD DS.** You must have Read access to BitLocker recovery passwords that are stored in AD DS. +- **Export a previously saved key package from AD DS.** You must have Read access to BitLocker recovery passwords that are stored in AD DS. - **Export a new key package from an unlocked, BitLocker-protected volume.** You must have local administrator access to the working volume, before any damage has occurred. -The following sample script exports all previously-saved key packages from AD DS. +The following sample script exports all previously saved key packages from AD DS. **To run the sample key package retrieval script:** 1. Save the following sample script in a VBScript file. For example: GetBitLockerKeyPackageADDS.vbs. -2. At the command prompt, type a command similar to the following: +2. At the command prompt, type a command similar to the following sample script: **cscript GetBitLockerKeyPackageADDS.vbs -?** @@ -733,7 +733,7 @@ The following sample script exports a new key package from an unlocked, encrypte **To run the sample key package retrieval script:** 1. Save the following sample script in a VBScript file. For example: GetBitLockerKeyPackage.vbs -2. Open an administrator command prompt, type a command similar to the following: +2. Open an administrator command prompt, and then type a command similar to the following sample script: **cscript GetBitLockerKeyPackage.vbs -?** diff --git a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md index c34ddf46f1..2be6494c9a 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md @@ -1,6 +1,6 @@ --- title: BitLocker To Go FAQ (Windows 10) -description: Learn more about BitLocker To Go — BitLocker drive encryption for removable drives. +description: "Learn more about BitLocker To Go: BitLocker drive encryption for removable drives." ms.assetid: c40f87ac-17d3-47b2-afc6-6c641f72ecee ms.reviewer: ms.author: dansimp @@ -25,7 +25,7 @@ ms.custom: bitlocker ## What is BitLocker To Go? -BitLocker To Go is BitLocker Drive Encryption on removable data drives. This includes the encryption of USB flash drives, SD cards, external hard disk drives, and other drives formatted by using the NTFS, FAT16, FAT32, or exFAT file systems. Drive partitioning must meet the [BitLocker Drive Encryption Partitioning Requirements](https://docs.microsoft.com/windows-hardware/manufacture/desktop/bitlocker-drive-encryption#bitlocker-drive-encryption-partitioning-requirements). +BitLocker To Go is BitLocker Drive Encryption on removable data drives. This feature includes the encryption of USB flash drives, SD cards, external hard disk drives, and other drives formatted by using the NTFS, FAT16, FAT32, or exFAT file systems. Drive partitioning must meet the [BitLocker Drive Encryption Partitioning Requirements](https://docs.microsoft.com/windows-hardware/manufacture/desktop/bitlocker-drive-encryption#bitlocker-drive-encryption-partitioning-requirements). As with BitLocker, drives that are encrypted using BitLocker To Go can be opened with a password or smart card on another computer by using **BitLocker Drive Encryption** in Control Panel. diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md index bf20c5efdd..793722ef06 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md +++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md @@ -1,6 +1,6 @@ --- title: BitLocker Use BitLocker Drive Encryption Tools to manage BitLocker (Windows 10) -description: This topic for the IT professional describes how to use tools to manage BitLocker. +description: This article for the IT professional describes how to use tools to manage BitLocker. ms.assetid: e869db9c-e906-437b-8c70-741dd61b5ea6 ms.reviewer: ms.prod: w10 @@ -23,9 +23,9 @@ ms.custom: bitlocker **Applies to** - Windows 10 -This topic for the IT professional describes how to use tools to manage BitLocker. +This article for the IT professional describes how to use tools to manage BitLocker. -BitLocker Drive Encryption Tools include the command line tools manage-bde and repair-bde and the BitLocker cmdlets for Windows PowerShell. +BitLocker Drive Encryption Tools include the command-line tools manage-bde and repair-bde and the BitLocker cmdlets for Windows PowerShell. Both manage-bde and the BitLocker cmdlets can be used to perform any task that can be accomplished through the BitLocker control panel and are appropriate to use for automated deployments and other scripting scenarios. @@ -39,11 +39,11 @@ Repair-bde is a special circumstance tool that is provided for disaster recovery Manage-bde is a command-line tool that can be used for scripting BitLocker operations. Manage-bde offers additional options not displayed in the BitLocker control panel. For a complete list of the manage-bde options, see the [Manage-bde](https://technet.microsoft.com/library/ff829849.aspx) command-line reference. -Manage-bde includes less default settings and requires greater customization for configuring BitLocker. For example, using just the `manage-bde -on` command on a data volume will fully encrypt the volume without any authenticating protectors. A volume encrypted in this manner still requires user interaction to turn on BitLocker protection, even though the command successfully completed because an authentication method needs to be added to the volume for it to be fully protected. The following sections provide examples of common usage scenarios for manage-bde. +Manage-bde includes fewer default settings and requires greater customization for configuring BitLocker. For example, using just the `manage-bde -on` command on a data volume will fully encrypt the volume without any authenticating protectors. A volume encrypted in this manner still requires user interaction to turn on BitLocker protection, even though the command successfully completed because an authentication method needs to be added to the volume for it to be fully protected. The following sections provide examples of common usage scenarios for manage-bde. ### Using manage-bde with operating system volumes -Listed below are examples of basic valid commands for operating system volumes. In general, using only the `manage-bde -on ` command will encrypt the operating system volume with a TPM-only protector and no recovery key. However, many environments require more secure protectors such as passwords or PIN and expect to be able to recover information with a recovery key. It is recommended that at least one primary protector and a recovery protector be added to an operating system volume. +Listed below are examples of basic valid commands for operating system volumes. In general, using only the `manage-bde -on ` command will encrypt the operating system volume with a TPM-only protector and no recovery key. However, many environments require more secure protectors such as passwords or PIN and expect to be able to recover information with a recovery key. We recommend that you add at least one primary protector and a recovery protector to an operating system volume. A good practice when using manage-bde is to determine the volume status on the target system. Use the following command to determine volume status: @@ -54,7 +54,7 @@ This command returns the volumes on the target, current encryption status, encry ![Using manage-bde to check encryption status](images/manage-bde-status.png) -The following example illustrates enabling BitLocker on a computer without a TPM chip. Before beginning the encryption process you must create the startup key needed for BitLocker and save it to the USB drive. When BitLocker is enabled for the operating system volume, the BitLocker will need to access the USB flash drive to obtain the encryption key (in this example, the drive letter E represents the USB drive). You will be prompted to reboot to complete the encryption process. +The following example illustrates enabling BitLocker on a computer without a TPM chip. Before beginning the encryption process, you must create the startup key needed for BitLocker and save it to the USB drive. When BitLocker is enabled for the operating system volume, the BitLocker will need to access the USB flash drive to obtain the encryption key (in this example, the drive letter E represents the USB drive). You will be prompted to reboot to complete the encryption process. ```powershell manage-bde –protectors -add C: -startupkey E: @@ -63,30 +63,30 @@ manage-bde -on C: >**Note:**  After the encryption is completed, the USB startup key must be inserted before the operating system can be started. -An alternative to the startup key protector on non-TPM hardware is to use a password and an **ADaccountorgroup** protector to protect the operating system volume. In this scenario, you would add the protectors first. This is done with the command: +An alternative to the startup key protector on non-TPM hardware is to use a password and an **ADaccountorgroup** protector to protect the operating system volume. In this scenario, you would add the protectors first. To add them, use this command: ```powershell manage-bde -protectors -add C: -pw -sid ``` -This command will require you to enter and then confirm the password protector before adding them to the volume. With the protectors enabled on the volume, you can then turn BitLocker on. +This command will require you to enter and then confirm the password protector before adding them to the volume. With the protectors enabled on the volume, you can then turn on BitLocker. -On computers with a TPM it is possible to encrypt the operating system volume without any defined protectors using manage-bde. The command to do this is: +On computers with a TPM, it is possible to encrypt the operating system volume without any defined protectors using manage-bde. Use this command: ```powershell manage-bde -on C: ``` -This will encrypt the drive using the TPM as the default protector. If you are not sure if a TPM protector is available, to list the protectors available for a volume, run the following command: +This command encrypts the drive using the TPM as the default protector. If you are not sure if a TPM protector is available, to list the protectors available for a volume, run the following command: ```powershell manage-bde -protectors -get ``` ### Using manage-bde with data volumes -Data volumes use the same syntax for encryption as operating system volumes but they do not require protectors for the operation to complete. Encrypting data volumes can be done using the base command: `manage-bde -on ` or you can choose to add additional protectors to the volume first. It is recommended that at least one primary protector and a recovery protector be added to a data volume. +Data volumes use the same syntax for encryption as operating system volumes but they do not require protectors for the operation to complete. Encrypting data volumes can be done using the base command: `manage-bde -on ` or you can choose to add additional protectors to the volume first. We recommend that you add at least one primary protector and a recovery protector to a data volume. -A common protector for a data volume is the password protector. In the example below, we add a password protector to the volume and turn BitLocker on. +A common protector for a data volume is the password protector. In the example below, we add a password protector to the volume and turn on BitLocker. ```powershell manage-bde -protectors -add -pw C: @@ -101,11 +101,11 @@ The BitLocker Repair Tool (Repair-bde) can be used to access encrypted data on a >**Tip:**  If you are not backing up recovery information to AD DS or if you want to save key packages alternatively, you can use the command `manage-bde -KeyPackage` to generate a key package for a volume. -The Repair-bde command-line tool is intended for use when the operating system does not start or when you cannot start the BitLocker Recovery Console. You should use Repair-bde if the following conditions are true: +The Repair-bde command-line tool is intended for use when the operating system does not start or when you cannot start the BitLocker Recovery Console. Use Repair-bde if the following conditions are true: -1. You have encrypted the drive by using BitLocker Drive Encryption. -2. Windows does not start, or you cannot start the BitLocker recovery console. -3. You do not have a copy of the data that is contained on the encrypted drive. +- You have encrypted the drive by using BitLocker Drive Encryption. +- Windows does not start, or you cannot start the BitLocker recovery console. +- You do not have a copy of the data that is contained on the encrypted drive. >**Note:**  Damage to the drive may not be related to BitLocker. Therefore, we recommend that you try other tools to help diagnose and resolve the problem with the drive before you use the BitLocker Repair Tool. The Windows Recovery Environment (Windows RE) provides additional options to repair computers. @@ -249,7 +249,7 @@ Windows PowerShell cmdlets provide a new way for administrators to use when work Similar to manage-bde, the Windows PowerShell cmdlets allow configuration beyond the options offered in the control panel. As with manage-bde, users need to consider the specific needs of the volume they are encrypting prior to running Windows PowerShell cmdlets. A good initial step is to determine the current state of the volume(s) on the computer. You can do this using the Get-BitLockerVolume cmdlet. -The Get-BitLockerVolume cmdlet output gives information on the volume type, protectors, protection status and other details. +The Get-BitLockerVolume cmdlet output gives information on the volume type, protectors, protection status, and other details. >**Tip:**  Occasionally, all protectors may not be shown when using `Get-BitLockerVolume` due to lack of space in the output display. If you do not see all of the protectors for a volume, you can use the Windows PowerShell pipe command (|) to format a full listing of the protectors. `Get-BitLockerVolume C: | fl` @@ -263,9 +263,9 @@ $vol = Get-BitLockerVolume $keyprotectors = $vol.KeyProtector ``` -Using this, you can display the information in the $keyprotectors variable to determine the GUID for each protector. +By using this script, you can display the information in the $keyprotectors variable to determine the GUID for each protector. -Using this information, you can then remove the key protector for a specific volume using the command: +By using this information, you can then remove the key protector for a specific volume using the command: ```powershell Remove-BitLockerKeyProtector : -KeyProtectorID "{GUID}" @@ -291,8 +291,8 @@ Enable-BitLocker C: -StartupKeyProtector -StartupKeyPath -SkipHardwareTes ### Using the BitLocker Windows PowerShell cmdlets with data volumes -Data volume encryption using Windows PowerShell is the same as for operating system volumes. You should add the desired protectors prior to encrypting the volume. The following example adds a password protector to the E: volume using the variable $pw as the password. The $pw variable is held as a -SecureString value to store the user defined password. +Data volume encryption using Windows PowerShell is the same as for operating system volumes. Add the desired protectors prior to encrypting the volume. The following example adds a password protector to the E: volume using the variable $pw as the password. The $pw variable is held as a +SecureString value to store the user-defined password. ```powershell $pw = Read-Host -AsSecureString @@ -301,11 +301,11 @@ Enable-BitLockerKeyProtector E: -PasswordProtector -Password $pw ``` ### Using an AD Account or Group protector in Windows PowerShell -The **ADAccountOrGroup** protector, introduced in Windows 8 and Windows Server 2012, is an Active Directory SID-based protector. This protector can be added to both operating system and data volumes, although it does not unlock operating system volumes in the pre-boot environment. The protector requires the SID for the domain account or group to link with the protector. BitLocker can protect a cluster-aware disk by adding a SID-based protector for the Cluster Name Object (CNO) that lets the disk properly failover to and be unlocked by any member computer of the cluster. +The **ADAccountOrGroup** protector, introduced in Windows 8 and Windows Server 2012, is an Active Directory SID-based protector. This protector can be added to both operating system and data volumes, although it does not unlock operating system volumes in the pre-boot environment. The protector requires the SID for the domain account or group to link with the protector. BitLocker can protect a cluster-aware disk by adding a SID-based protector for the Cluster Name Object (CNO) that lets the disk properly fail over to and be unlocked by any member computer of the cluster. >**Warning:**  The **ADAccountOrGroup** protector requires the use of an additional protector for use (such as TPM, PIN, or recovery key) when used on operating system volumes -To add an **ADAccountOrGroup** protector to a volume requires either the actual domain SID or the group name preceded by the domain and a backslash. In the example below, the CONTOSO\\Administrator account is added as a protector to the data volume G. +To add an **ADAccountOrGroup** protector to a volume, use either the actual domain SID or the group name preceded by the domain and a backslash. In the example below, the CONTOSO\\Administrator account is added as a protector to the data volume G. ```powershell Enable-BitLocker G: -AdAccountOrGroupProtector -AdAccountOrGroup CONTOSO\Administrator diff --git a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.md b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.md index ac4286c885..e71fba3cbd 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-using-with-other-programs-faq.md @@ -37,7 +37,7 @@ BitLocker has a storage driver stack that ensures memory dumps are encrypted whe ## Can BitLocker support smart cards for pre-boot authentication? -BitLocker does not support smart cards for pre-boot authentication. There is no single industry standard for smart card support in the firmware, and most computers either do not implement firmware support for smart cards, or only support specific smart cards and readers. This lack of standardization makes supporting them very difficult. +BitLocker does not support smart cards for pre-boot authentication. There is no single industry standard for smart card support in the firmware, and most computers either do not implement firmware support for smart cards, or only support specific smart cards and readers. This lack of standardization makes supporting them difficult. ## Can I use a non-Microsoft TPM driver? @@ -69,7 +69,7 @@ The **Save to USB** option is not shown by default for removable drives. If the ## Why am I unable to automatically unlock my drive? -Automatic unlocking for fixed data drives requires that the operating system drive also be protected by BitLocker. If you are using a computer that does not have a BitLocker-protected operating system drive, the drive cannot be automatically unlocked. For removable data drives, you can add automatic unlocking by right-clicking the drive in Windows Explorer and clicking **Manage BitLocker**. You will still be able to use the password or smart card credentials you supplied when you turned on BitLocker to unlock the removable drive on other computers. +Automatic unlocking for fixed data drives requires the operating system drive to also be protected by BitLocker. If you are using a computer that does not have a BitLocker-protected operating system drive, the drive cannot be automatically unlocked. For removable data drives, you can add automatic unlocking by right-clicking the drive in Windows Explorer and clicking **Manage BitLocker**. You will still be able to use the password or smart card credentials you supplied when you turned on BitLocker to unlock the removable drive on other computers. ## Can I use BitLocker in Safe Mode? @@ -95,8 +95,8 @@ Yes. However, shadow copies made prior to enabling BitLocker will be automatical ## Does BitLocker support virtual hard disks (VHDs)? BitLocker should work like any specific physical machine within its hardware limitations as long as the environment (physical or virtual) meets Windows Operating System requirements to run. -- With TPM - Yes it is supported -- Without TPM - Yes it is supported (with password protector) +- With TPM: Yes, it is supported. +- Without TPM: Yes, it is supported (with password protector). BitLocker is also supported on data volume VHDs, such as those used by clusters, if you are running Windows 10, Windows 8.1, Windows 8, Windows Server 2016, Windows Server 2012 R2, or Windows Server 2012. diff --git a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md index ac7c00f8b6..01a07590a5 100644 --- a/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md +++ b/windows/security/information-protection/bitlocker/protecting-cluster-shared-volumes-and-storage-area-networks-with-bitlocker.md @@ -1,6 +1,6 @@ --- title: Protecting cluster shared volumes and storage area networks with BitLocker (Windows 10) -description: This topic for IT pros describes how to protect CSVs and SANs with BitLocker. +description: This article for IT pros describes how to protect CSVs and SANs with BitLocker. ms.assetid: ecd25a10-42c7-4d31-8a7e-ea52c8ebc092 ms.reviewer: ms.prod: w10 @@ -23,7 +23,7 @@ ms.custom: bitlocker **Applies to** - Windows Server 2016 -This topic for IT pros describes how to protect CSVs and SANs with BitLocker. +This article for IT pros describes how to protect CSVs and SANs with BitLocker. BitLocker can protect both physical disk resources and cluster shared volumes version 2.0 (CSV2.0). BitLocker on clustered volumes allows for an additional layer of protection for administrators wishing to protect sensitive, highly available data. By adding additional protectors to the clustered volume, administrators can also add an additional barrier of security to resources within an organization by allowing only certain user accounts access to unlock the BitLocker volume. @@ -38,15 +38,15 @@ BitLocker on volumes within a cluster are managed based on how the cluster servi Alternatively, the volume can be a cluster-shared volume, a shared namespace, within the cluster. Windows Server 2012 expanded the CSV architecture, now known as CSV2.0, to enable support for BitLocker. When using BitLocker with volumes designated for a cluster, the volume will need to turn on BitLocker before its addition to the storage pool within cluster or put the resource into maintenance mode before BitLocker operations will complete. -Windows PowerShell or the manage-bde command line interface is the preferred method to manage BitLocker on CSV2.0 volumes. This is recommended over the BitLocker Control Panel item because CSV2.0 volumes are mount points. Mount points are an NTFS object that is used to provide an entry point to other volumes. Mount points do not require the use of a drive letter. Volumes that lack drive letters do not appear in the BitLocker Control Panel item. Additionally, the new Active Directory-based protector option required for cluster disk resource or CSV2.0 resources is not available in the Control Panel item. +Windows PowerShell or the manage-bde command-line interface is the preferred method to manage BitLocker on CSV2.0 volumes. This method is recommended over the BitLocker Control Panel item because CSV2.0 volumes are mount points. Mount points are an NTFS object that is used to provide an entry point to other volumes. Mount points do not require the use of a drive letter. Volumes that lack drive letters do not appear in the BitLocker Control Panel item. Additionally, the new Active Directory-based protector option required for cluster disk resource or CSV2.0 resources is not available in the Control Panel item. >**Note:**  Mount points can be used to support remote mount points on SMB based network shares. This type of share is not supported for BitLocker encryption. -For thinly provisioned storage, such as a Dynamic Virtual Hard Disk (VHD), BitLocker runs in Used Disk Space Only encryption mode. You cannot use the **manage-bde -WipeFreeSpace** command to transition the volume to full-volume encryption on these types of volumes. This is blocked in order to avoid expanding thinly provisioned volumes to occupy the entire backing store while wiping the unoccupied (free) space. +For thinly provisioned storage, such as a Dynamic Virtual Hard Disk (VHD), BitLocker runs in Used Disk Space Only encryption mode. You cannot use the **manage-bde -WipeFreeSpace** command to transition the volume to full-volume encryption on these types of volumes. This action is blocked in order to avoid expanding thinly provisioned volumes to occupy the entire backing store while wiping the unoccupied (free) space. ### Active Directory-based protector -You can also use an Active Directory Domain Services (AD DS) protector for protecting clustered volumes held within your AD DS infrastructure. The **ADAccountOrGroup** protector is a domain security identifier (SID)-based protector that can be bound to a user account, machine account or group. When an unlock request is made for a protected volume, the BitLocker service interrupts the request and uses the BitLocker protect/unprotect APIs to unlock or deny the request. BitLocker will unlock protected volumes without user intervention by attempting protectors in the following order: +You can also use an Active Directory Domain Services (AD DS) protector for protecting clustered volumes held within your AD DS infrastructure. The **ADAccountOrGroup** protector is a domain security identifier (SID)-based protector that can be bound to a user account, machine account, or group. When an unlock request is made for a protected volume, the BitLocker service interrupts the request and uses the BitLocker protect/unprotect APIs to unlock or deny the request. BitLocker will unlock protected volumes without user intervention by attempting protectors in the following order: 1. Clear key 2. Driver-based auto-unlock key @@ -61,7 +61,7 @@ You can also use an Active Directory Domain Services (AD DS) protector for prote ### Turning on BitLocker before adding disks to a cluster using Windows PowerShell -BitLocker encryption is available for disks before or after addition to a cluster storage pool. The advantage of encrypting volumes prior to adding them to a cluster is that the disk resource does not require suspending the resource to complete the operation. To turn on BitLocker for a disk before adding it to a cluster, do the following: +BitLocker encryption is available for disks before or after addition to a cluster storage pool. The advantage of encrypting volumes prior to adding them to a cluster is that the disk resource does not require suspending the resource to complete the operation. To turn on BitLocker for a disk before adding it to a cluster: 1. Install the BitLocker Drive Encryption feature if it is not already installed. 2. Ensure the disk is formatted NTFS and has a drive letter assigned to it. @@ -84,7 +84,7 @@ BitLocker encryption is available for disks before or after addition to a cluste ### Turning on BitLocker for a clustered disk using Windows PowerShell -When the cluster service owns a disk resource already, it needs to be set into maintenance mode before BitLocker can be enabled. Use the following steps for turning BitLocker on for a clustered disk: +When the cluster service owns a disk resource already, it needs to be set into maintenance mode before BitLocker can be enabled. Use the following steps for turning on BitLocker for a clustered disk: 1. Install the BitLocker Drive Encryption feature if it is not already installed. 2. Check the status of the cluster disk using Windows PowerShell. @@ -122,11 +122,11 @@ When the cluster service owns a disk resource already, it needs to be set into m ### Adding BitLocker encrypted volumes to a cluster using manage-bde -You can also use manage-bde to enable BitLocker on clustered volumes. The steps needed to add a physical disk resource or CSV2.0 volume to an existing cluster includes the following: +You can also use manage-bde to enable BitLocker on clustered volumes. Follow these steps to add a physical disk resource or CSV2.0 volume to an existing cluster: 1. Verify the BitLocker Drive Encryption feature is installed on the computer. 2. Ensure new storage is formatted as NTFS. -3. Encrypt the volume, add a recovery key and add the cluster administrator as a protector key using the manage-bde command line interface (see example): +3. Encrypt the volume, add a recovery key, and add the cluster administrator as a protector key by using the manage-bde command-line interface (see example): - `Manage-bde -on -used -RP -sid domain\CNO$ -sync` @@ -135,16 +135,17 @@ You can also use manage-bde to enable BitLocker on clustered volumes. The steps 4. Open the Failover Cluster Manager snap-in or cluster PowerShell cmdlets to enable the disk to be clustered - - Once the disk is clustered it can also be enabled for CSV. + - Once the disk is clustered, it can also be enabled for CSV. 5. During the resource online operation, cluster will check to see if the disk is BitLocker encrypted. 1. If the volume is not BitLocker enabled, traditional cluster online operations occur. 2. If the volume is BitLocker enabled, the following check occurs: - - If volume is **locked**, BitLocker will impersonate the CNO and unlock the volume using the CNO protector. If this operation fails an event will be logged that the volume could not be unlocked and the online operation will fail. + - If volume is **locked**, BitLocker will impersonate the CNO and unlock the volume using the CNO protector. If this operation fails, an event will be logged that the volume could not be unlocked and the online operation will fail. + +6. Once the disk is online in the storage pool, it can be added to a CSV by right-clicking the disk resource and choosing **Add to cluster shared volumes**. -6. Once the disk is online in the storage pool, it can be added to a CSV by right clicking on the disk resource and choosing "**Add to cluster shared volumes**". CSVs can include both encrypted and unencrypted volumes. To check the status of a particular volume for BitLocker encryption, administrators can utilize the manage-bde -status command with a path to the volume inside the CSV namespace as seen in the example command line below. ```powershell @@ -153,11 +154,11 @@ manage-bde -status "C:\ClusterStorage\volume1" ### Physical Disk Resources -Unlike CSV2.0 volumes, physical disk resources can only be accessed by one cluster node at a time. This means that operations such as encrypting, decrypting, locking or unlocking volumes require context to perform. For example, you cannot unlock or decrypt a physical disk resource if you are not administering the cluster node that owns the disk resource because the disk resource is not available. +Unlike CSV2.0 volumes, physical disk resources can only be accessed by one cluster node at a time. So operations such as encrypting, decrypting, locking, or unlocking volumes require context to perform. For example, you cannot unlock or decrypt a physical disk resource if you are not administering the cluster node that owns the disk resource because the disk resource is not available. ### Restrictions on BitLocker actions with cluster volumes -The following table contains information about both Physical Disk Resources (i.e. traditional failover cluster volumes) and Cluster Shared Volumes (CSV) and the actions that are allowed by BitLocker in each situation. +The following table contains information about both Physical Disk Resources (that is, traditional failover cluster volumes) and Cluster Shared Volumes (CSV) and the actions that are allowed by BitLocker in each situation. @@ -268,7 +269,7 @@ In the case where a physical disk resource experiences a failover event during c ### Other considerations when using BitLocker on CSV2.0 -Some other considerations to take into account for BitLocker on clustered storage include the following: +Also take these considerations into account for BitLocker on clustered storage: - BitLocker volumes have to be initialized and beginning encryption before they are available to add to a CSV2.0 volume. - If an administrator needs to decrypt a CSV volume, remove the volume from the cluster or put into disk maintenance mode. You can add the CSV back to the cluster while waiting for decryption to complete. - If an administrator needs to start encrypting a CSV volume, remove the volume from the cluster or put it in maintenance mode. From 16887b53262ee46cda30b276733a03b66fa32dc7 Mon Sep 17 00:00:00 2001 From: ShannonLeavitt Date: Wed, 4 Nov 2020 12:02:07 -0700 Subject: [PATCH 06/26] acrolinx fixes --- .../how-to-list-xml-elements-in-eventdata.md | 16 ++++++++-------- .../portal-submission-troubleshooting.md | 6 +++--- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md b/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md index 0762f04322..58bd7574f2 100644 --- a/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md +++ b/windows/security/threat-protection/auditing/how-to-list-xml-elements-in-eventdata.md @@ -1,6 +1,6 @@ --- title: How to get a list of XML data name elements in (Windows 10) -description: This reference topic for the IT professional explains how to use PowerShell to get a list of XML data name elements that can appear in . +description: This reference article for the IT professional explains how to use PowerShell to get a list of XML data name elements that can appear in . ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library @@ -20,15 +20,15 @@ ms.author: dansimp The Security log uses a manifest where you can get all of the event schema. -Run the following from an elevated PowerShell prompt: +Run the following command from an elevated PowerShell prompt: ```powershell $secEvents = get-winevent -listprovider "microsoft-windows-security-auditing" ``` -The .events property is a collection of all of the events listed in the manifest on the local machine. +The `.events` property is a collection of all of the events listed in the manifest on the local machine. -For each event, there is a .Template property for the XML template used for the event properties (if there are any). +For each event, there is a `.Template` property for the XML template used for the event properties (if there are any). For example: @@ -90,7 +90,7 @@ PS C:\WINDOWS\system32> $SecEvents.events[100].Template You can use the <Template> and <Description> to map the data name elements that appear in XML view to the names that appear in the event description. -The <Description> is just the format string (if you’re used to Console.Writeline or sprintf statements) and the <Template> is the source of the input parameters for the <Description>. +The <Description> is just the format string (if you’re used to `Console.Writeline` or `sprintf` statements), and the <Template> is the source of the input parameters for the <Description>. Using Security event 4734 as an example: @@ -124,9 +124,9 @@ Description : A security-enabled local group was deleted. ``` -For the **Subject: Security Id:** text element, it will use the fourth element in the Template, **SubjectUserSid**. +For the **Subject: Security ID:** text element, it will use the fourth element in the Template, **SubjectUserSid**. -For **Additional Information Privileges:**, it would use the eighth element **PrivilegeList**. +For **Additional Information Privileges:**, it would use the eighth element, **PrivilegeList**. -A caveat to this is an oft-overlooked property of events called Version (in the <SYSTEM> element) that indicates the revision of the event schema and description. Most events have 1 version (all events have Version =0 like the Security/4734 example) but a few events like Security/4624 or Security/4688 have at least 3 versions (versions 0, 1, 2) depending on the OS version where the event is generated. Only the latest version is used for generating events in the Security log. In any case, the Event Version where the Template is taken from should use the same Event Version for the Description. +A caveat to this principle is an often overlooked property of events called Version (in the <SYSTEM> element) that indicates the revision of the event schema and description. Most events have one version (all events have Version =0 like the Security/4734 example) but a few events like Security/4624 or Security/4688 have at least three versions (versions 0, 1, 2) depending on the OS version where the event is generated. Only the latest version is used for generating events in the Security log. In any case, the Event Version where the Template is taken from should use the same Event Version for the Description. diff --git a/windows/security/threat-protection/intelligence/portal-submission-troubleshooting.md b/windows/security/threat-protection/intelligence/portal-submission-troubleshooting.md index df44f6142a..71d4c9d78c 100644 --- a/windows/security/threat-protection/intelligence/portal-submission-troubleshooting.md +++ b/windows/security/threat-protection/intelligence/portal-submission-troubleshooting.md @@ -17,14 +17,14 @@ search.appverid: met150 --- # Troubleshooting malware submission errors caused by administrator block -In some instances, an administrator block might cause submission issues when you try to submit a potentially infected file to the [Microsoft Security intelligence website](https://www.microsoft.com/wdsi) for analysis. The following process shows how to resolve this. +In some instances, an administrator block might cause submission issues when you try to submit a potentially infected file to the [Microsoft Security intelligence website](https://www.microsoft.com/wdsi) for analysis. The following process shows how to resolve this problem. ## Review your settings Open your Azure [Enterprise application settings](https://portal.azure.com/#blade/Microsoft_AAD_IAM/StartboardApplicationsMenuBlade/UserSettings/menuId/). Under **Enterprise Applications** > **Users can consent to apps accessing company data on their behalf**, check whether Yes or No is selected. -- If this is set to **No**, an AAD administrator for the customer tenant will need to provide consent for the organization. Depending on the configuration with AAD, users might be able to submit a request right from the same dialog box. If there’s no option to ask for admin consent, users need to request for these permissions to be added to their AAD admin. Go to the following section for more information. +- If **No** is selected, an Azure AD administrator for the customer tenant will need to provide consent for the organization. Depending on the configuration with Azure AD, users might be able to submit a request right from the same dialog box. If there’s no option to ask for admin consent, users need to request for these permissions to be added to their Azure AD admin. Go to the following section for more information. -- It this is set to **Yes**, ensure the Windows Defender Security Intelligence app setting **Enabled for users to sign-in?** is set to **Yes** [in Azure](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ManagedAppMenuBlade/Properties/appId/f0cf43e5-8a9b-451c-b2d5-7285c785684d/objectId/4a918a14-4069-4108-9b7d-76486212d75d). If this is set to **No** you'll need to request an AAD admin enable it. +- If **Yes** is selected, ensure the Windows Defender Security Intelligence app setting **Enabled for users to sign in?** is set to **Yes** [in Azure](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ManagedAppMenuBlade/Properties/appId/f0cf43e5-8a9b-451c-b2d5-7285c785684d/objectId/4a918a14-4069-4108-9b7d-76486212d75d). If this is set to **No** you'll need to request an Azure AD admin enable it.   ## Implement Required Enterprise Application permissions This process requires a global or application admin in the tenant. From 69c0dc05d1b7e21b0d7957bba5f76bad76cc0771 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 4 Nov 2020 11:56:51 -0800 Subject: [PATCH 07/26] Update microsoft-defender-antivirus-compatibility.md --- .../microsoft-defender-antivirus-compatibility.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md index a89853180f..8facb0d850 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-compatibility.md @@ -50,7 +50,7 @@ The following table summarizes what happens with Microsoft Defender Antivirus wh (1) On Windows Server 2016 or 2019, Microsoft Defender Antivirus will not enter passive or disabled mode if you have also installed a third-party antivirus product. If you install a third-party antivirus product, you should [consider uninstalling Microsoft Defender Antivirus on Windows Server 2016 or 2019](microsoft-defender-antivirus-on-windows-server-2016.md#need-to-uninstall-microsoft-defender-antivirus) to prevent problems caused by having multiple antivirus products installed on a machine. -If you are Using Windows Server, version 1803 and Windows 2019, you can enable passive mode by setting this registry key: +If you are using Windows Server, version 1803 or Windows Server 2019, you can enable passive mode by setting this registry key: - Path: `HKLM\SOFTWARE\Policies\Microsoft\Windows Advanced Threat Protection` - Name: ForceDefenderPassiveMode - Type: REG_DWORD @@ -78,7 +78,7 @@ The following table summarizes the functionality and features that are available - In Active mode, Microsoft Defender Antivirus is used as the antivirus app on the machine. All configuration made with Configuration Manager, Group Policy, Intune, or other management products will apply. Files are scanned and threats remediated, and detection information are reported in your configuration tool (such as Configuration Manager or the Microsoft Defender Antivirus app on the machine itself). - In Passive mode, Microsoft Defender Antivirus is not used as the antivirus app, and threats are not remediated by Microsoft Defender Antivirus. Files are scanned and reports are provided for threat detections which are shared with the Microsoft Defender ATP service. Therefore, you might encounter alerts in the Security Center console with Microsoft Defender Antivirus as a source, even when Microsoft Defender Antivirus is in Passive mode. -- When [EDR in block mode](../microsoft-defender-atp/edr-in-block-mode.md) (currently in private preview) is turned on, Microsoft Defender Antivirus is not used as the primary antivirus solution, but can still detect and remediate malicious items. +- When [EDR in block mode](../microsoft-defender-atp/edr-in-block-mode.md) is turned on, Microsoft Defender Antivirus is not used as the primary antivirus solution, but can still detect and remediate malicious items. - In Automatic disabled mode, Microsoft Defender Antivirus is not used as the antivirus app. Files are not scanned and threats are not remediated. ## Keep the following points in mind From f248872c9b4861a1d92ea8a945899fe6280fcab2 Mon Sep 17 00:00:00 2001 From: ShannonLeavitt Date: Wed, 4 Nov 2020 14:39:19 -0700 Subject: [PATCH 08/26] acrolinx fixes --- .../portal-submission-troubleshooting.md | 16 +++---- .../microsoft-defender-atp/android-terms.md | 43 +++++++++---------- ...endpoint-detection-response-mac-preview.md | 10 ++--- ...defender-smartscreen-available-settings.md | 4 +- ...-credential-manager-as-a-trusted-caller.md | 12 +++--- .../account-lockout-threshold.md | 18 ++++---- ...the-use-of-backup-and-restore-privilege.md | 8 ++-- .../back-up-files-and-directories.md | 24 +++++------ .../create-a-pagefile.md | 2 +- .../create-symbolic-links.md | 14 +++--- .../debug-programs.md | 2 +- .../deny-log-on-as-a-batch-job.md | 12 +++--- .../deny-log-on-as-a-service.md | 8 ++-- ...roller-ldap-server-signing-requirements.md | 10 ++--- .../force-shutdown-from-a-remote-system.md | 8 ++-- 15 files changed, 95 insertions(+), 96 deletions(-) diff --git a/windows/security/threat-protection/intelligence/portal-submission-troubleshooting.md b/windows/security/threat-protection/intelligence/portal-submission-troubleshooting.md index 71d4c9d78c..bd1b4f57e7 100644 --- a/windows/security/threat-protection/intelligence/portal-submission-troubleshooting.md +++ b/windows/security/threat-protection/intelligence/portal-submission-troubleshooting.md @@ -24,15 +24,15 @@ Open your Azure [Enterprise application settings](https://portal.azure.com/#blad - If **No** is selected, an Azure AD administrator for the customer tenant will need to provide consent for the organization. Depending on the configuration with Azure AD, users might be able to submit a request right from the same dialog box. If there’s no option to ask for admin consent, users need to request for these permissions to be added to their Azure AD admin. Go to the following section for more information. -- If **Yes** is selected, ensure the Windows Defender Security Intelligence app setting **Enabled for users to sign in?** is set to **Yes** [in Azure](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ManagedAppMenuBlade/Properties/appId/f0cf43e5-8a9b-451c-b2d5-7285c785684d/objectId/4a918a14-4069-4108-9b7d-76486212d75d). If this is set to **No** you'll need to request an Azure AD admin enable it. +- If **Yes** is selected, ensure the Windows Defender Security Intelligence app setting **Enabled for users to sign in?** is set to **Yes** [in Azure](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ManagedAppMenuBlade/Properties/appId/f0cf43e5-8a9b-451c-b2d5-7285c785684d/objectId/4a918a14-4069-4108-9b7d-76486212d75d). If **No** is selected, you'll need to request an Azure AD admin enable it.   ## Implement Required Enterprise Application permissions This process requires a global or application admin in the tenant. 1. Open [Enterprise Application settings](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ManagedAppMenuBlade/Permissions/appId/f0cf43e5-8a9b-451c-b2d5-7285c785684d/objectId/4a918a14-4069-4108-9b7d-76486212d75d). - 2. Click **Grant admin consent for organization**. - 3. If you're able to do so, Review the API permissions required for this application. This should be exactly the same as in the following image. Provide consent for the tenant. + 2. Select **Grant admin consent for organization**. + 3. If you're able to do so, review the API permissions required for this application, as the following image shows. Provide consent for the tenant. - ![grant consent image](images/msi-grant-admin-consent.jpg) + ![grant consent image](images/msi-grant-admin-consent.jpg) 4. If the administrator receives an error while attempting to provide consent manually, try either [Option 1](#option-1-approve-enterprise-application-permissions-by-user-request) or [Option 2](#option-2-provide-admin-consent-by-authenticating-the-application-as-an-admin) as possible workarounds.   @@ -59,15 +59,15 @@ This process requires that global admins go through the Enterprise customer sign ![Consent sign in flow](images/msi-microsoft-permission-required.jpg) -Then, admins review the permissions and make sure to select **Consent on behalf of your organization**, and click **Accept**. +Then, admins review the permissions and make sure to select **Consent on behalf of your organization**, and then select **Accept**. All users in the tenant will now be able to use this application. -## Option 3: Delete and re-add app permissions +## Option 3: Delete and readd app permissions If neither of these options resolve the issue, try the following steps (as an admin): 1. Remove previous configurations for the application. Go to [Enterprise applications](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ManagedAppMenuBlade/Properties/appId/f0cf43e5-8a9b-451c-b2d5-7285c785684d/objectId/982e94b2-fea9-4d1f-9fca-318cda92f90b) -and click **delete**. +and select **delete**. ![Delete app permissions](images/msi-properties.png) @@ -78,7 +78,7 @@ and click **delete**. ![Permissions needed](images/msi-microsoft-permission-requested-your-organization.png) -4. Review the permissions required by the application, and then click **Accept**. +4. Review the permissions required by the application, and then select **Accept**. 5. Confirm the permissions are applied in the [Azure portal](https://portal.azure.com/#blade/Microsoft_AAD_IAM/ManagedAppMenuBlade/Permissions/appId/f0cf43e5-8a9b-451c-b2d5-7285c785684d/objectId/ce60a464-5fca-4819-8423-bcb46796b051). diff --git a/windows/security/threat-protection/microsoft-defender-atp/android-terms.md b/windows/security/threat-protection/microsoft-defender-atp/android-terms.md index 0d6e8dcd1c..03ef3030af 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/android-terms.md +++ b/windows/security/threat-protection/microsoft-defender-atp/android-terms.md @@ -52,7 +52,7 @@ DO NOT USE THE APPLICATION.** 1. **INSTALLATION AND USE RIGHTS.** 1. **Installation and Use.** You may install and use any number of copies - of this application on Android enabled device or devices which you own + of this application on Android enabled device or devices that you own or control. You may use this application with your company's valid subscription of Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) or an online service that includes MDATP functionalities. @@ -60,13 +60,13 @@ DO NOT USE THE APPLICATION.** 2. **Updates.** Updates or upgrades to MDATP may be required for full functionality. Some functionality may not be available in all countries. - 3. **Third Party Programs.** The application may include third party + 3. **Third-Party Programs.** The application may include third-party programs that Microsoft, not the third party, licenses to you under this agreement. Notices, if any, for the third-party program are included for your information only. 2. **INTERNET ACCESS MAY BE REQUIRED.** You may incur charges related to - Internet access, data transfer and other services per the terms of the data + Internet access, data transfer, and other services per the terms of the data service plan and any other agreement you have with your network operator due to use of the application. You are solely responsible for any network operator charges. @@ -92,21 +92,21 @@ DO NOT USE THE APPLICATION.** improve Microsoft products and services and enhance your experience. You may limit or control collection of some usage and performance data through your device settings. Doing so may disrupt your use of - certain features of the application. For additional information on - Microsoft's data collection and use, see the [Online Services + certain features of the application. For more information about + Microsoft data collection and use, see the [Online Services Terms](https://go.microsoft.com/fwlink/?linkid=2106777). 2. Misuse of Internet-based Services. You may not use any Internet-based service in any way that could harm it or impair anyone else's use of it or the wireless network. You may not use the service to try to gain - unauthorized access to any service, data, account or network by any + unauthorized access to any service, data, account, or network by any means. 4. **FEEDBACK.** If you give feedback about the application to Microsoft, you - give to Microsoft, without charge, the right to use, share and commercialize + give to Microsoft, without charge, the right to use, share, and commercialize your feedback in any way and for any purpose. You also give to third parties, without charge, any patent rights needed for their products, - technologies and services to use or interface with any specific parts of a + technologies, and services to use or interface with any specific parts of a Microsoft software or service that includes the feedback. You will not give feedback that is subject to a license that requires Microsoft to license its software or documentation to third parties because we include your feedback @@ -130,35 +130,34 @@ DO NOT USE THE APPLICATION.** - publish the application for others to copy; - - rent, lease or lend the application; or + - rent, lease, or lend the application; or - transfer the application or this agreement to any third party. 6. **EXPORT RESTRICTIONS.** The application is subject to United States export laws and regulations. You must comply with all domestic and international export laws and regulations that apply to the application. These laws - include restrictions on destinations, end users and end use. For additional + include restrictions on destinations, end users, and end use. For more information, - see[www.microsoft.com/exporting](https://www.microsoft.com/exporting). + see [www.microsoft.com/exporting](https://www.microsoft.com/exporting). 7. **SUPPORT SERVICES.** Because this application is "as is," we may not provide support services for it. If you have any issues or questions about your use of this application, including questions about your company's - privacy policy, please contact your company's admin. Do not contact the + privacy policy, contact your company's admin. Do not contact the application store, your network operator, device manufacturer, or Microsoft. The application store provider has no obligation to furnish support or maintenance with respect to the application. 8. **APPLICATION STORE.** - 1. If you obtain the application through an application store (e.g., Google - Play), please review the applicable application store terms to ensure + 1. If you obtain the application through an application store (for example, Google + Play), review the applicable application store terms to ensure your download and use of the application complies with such terms. - Please note that these Terms are between you and Microsoft and not with + Note that these Terms are between you and Microsoft and not with the application store. - 2. The respective application store provider and its subsidiaries are third - party beneficiaries of these Terms, and upon your acceptance of these + 2. The respective application store provider and its subsidiaries are third-party beneficiaries of these Terms, and upon your acceptance of these Terms, the application store provider(s) will have the right to directly enforce and rely upon any provision of these Terms that grants them a benefit or rights. @@ -213,20 +212,20 @@ DO NOT USE THE APPLICATION.** This limitation applies to: - anything related to the application, services, content (including code) on - third party Internet sites, or third party programs; and + third-party internet sites, or third-party programs; and -- claims for breach of contract, warranty, guarantee or condition; consumer +- claims for breach of contract, warranty, guarantee, or condition; consumer protection; deception; unfair competition; strict liability, negligence, - misrepresentation, omission, trespass or other tort; violation of statute or + misrepresentation, omission, trespass, or other tort; violation of statute or regulation; or unjust enrichment; all to the extent permitted by applicable law. It also applies even if: -a. Repair, replacement or refund for the application does not fully compensate +a. Repair, replacement, or refund for the application does not fully compensate you for any losses; or b. Covered Parties knew or should have known about the possibility of the damages. -The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential or other damages. +The above limitation or exclusion may not apply to you because your country may not allow the exclusion or limitation of incidental, consequential, or other damages. diff --git a/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md b/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md index 4d724bc3ca..f731a7af08 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md @@ -150,17 +150,17 @@ For versions earlier than 100.78.0, run: To get the latest version of the Microsoft Defender ATP for Mac, set the Microsoft AutoUpdate to “Fast Ring”. To get “Microsoft AutoUpdate”, download it from [Release history for Microsoft AutoUpdate (MAU)](https://docs.microsoft.com/officeupdates/release-history-microsoft-autoupdate). -To verify you are running the correct version, run ‘mdatp --health’ on the device. +To verify you are running the correct version, run `mdatp --health` on the device. * The required version is 100.72.15 or later. -* If the version is not as expected, verify that Microsoft Auto Update is set to automatically download and install updates by running ‘defaults read com.microsoft.autoupdate2’ from terminal. -* To change update settings use documentation in [Update Office for Mac automatically](https://support.office.com/article/update-office-for-mac-automatically-bfd1e497-c24d-4754-92ab-910a4074d7c1). +* If the version is not as expected, verify that Microsoft Auto Update is set to automatically download and install updates by running `defaults read com.microsoft.autoupdate2` from the terminal. +* To change update settings, see [Update Office for Mac automatically](https://support.office.com/article/update-office-for-mac-automatically-bfd1e497-c24d-4754-92ab-910a4074d7c1). * If you are not using Office for Mac, download and run the AutoUpdate tool. ### A device still does not appear on Microsoft Defender Security Center -After a successful deployment and onboarding of the correct version, check that the device has connectivity to the cloud service by running ‘mdatp --connectivity-test’. +After a successful deployment and onboarding of the correct version, check that the device has connectivity to the cloud service by running `mdatp --connectivity-test`. -* Check that you enabled the early preview flag. In terminal run “mdatp –health” and look for the value of “edrEarlyPreviewEnabled”. It should be “Enabled”. +* Check that you enabled the early preview flag. In the terminal, run `mdatp –health` and look for the value of “edrEarlyPreviewEnabled”. It should be “Enabled”. If you followed the manual deployment instructions, you were prompted to enable Kernel Extensions. Pay attention to the “System Extension note” in the [manual deployment documentation](mac-install-manually.md#application-installation-macos-1015-and-older-versions) and use the “Manual Deployment” section in the [troubleshoot kernel extension documentation](mac-support-kext.md#manual-deployment). diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md index 263e076dda..9b9d8baad8 100644 --- a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md +++ b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-available-settings.md @@ -42,7 +42,7 @@ SmartScreen uses registry-based Administrative Template policy settings. For mor - + @@ -160,7 +160,7 @@ For Microsoft Defender SmartScreen Edge MDM policies, see [Policy CSP - Browser]
    Windows 10, version 2004:
    Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure App Install Control    		 Windows 10, version 1703:
    Administrative Templates\Windows Components\Windows Defender SmartScreen\Explorer\Configure App Install Control    		 Windows 10, version 1703This policy setting is intended to prevent malicious content from affecting your user's devices when downloading executable content from the internet.

    This setting does not protect against malicious content from USB devices, network shares or other non-internet sources.

    Important: Using a trustworthy browser helps ensure that these protections work as expected.

    		This policy setting is intended to prevent malicious content from affecting your user's devices when downloading executable content from the internet.

    This setting does not protect against malicious content from USB devices, network shares, or other non-internet sources.

    Important: Using a trustworthy browser helps ensure that these protections work as expected.
    Windows 10, version 2004:
    Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Configure Windows Defender SmartScreen

    Windows 10, version 1703:
    Administrative Templates\Windows Components\Windows Defender SmartScreen\Microsoft Edge\Configure Windows Defender SmartScreen

    Windows 10, Version 1607 and earlier:
    Administrative Templates\Windows Components\Microsoft Edge\Configure Windows SmartScreen

    ## Recommended Group Policy and MDM settings for your organization -By default, Microsoft Defender SmartScreen lets employees bypass warnings. Unfortunately, this can let employees continue to an unsafe site or to continue to download an unsafe file, even after being warned. Because of this possibility, we strongly recommend that you set up Microsoft Defender SmartScreen to block high-risk interactions instead of providing just a warning. +By default, Microsoft Defender SmartScreen lets employees bypass warnings. Unfortunately, this feature can let employees continue to an unsafe site or to continue to download an unsafe file, even after being warned. Because of this possibility, we strongly recommend that you set up Microsoft Defender SmartScreen to block high-risk interactions instead of providing just a warning. To better help you protect your organization, we recommend turning on and using these specific Microsoft Defender SmartScreen Group Policy and MDM settings. diff --git a/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md b/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md index 60fe8eaa5f..166698ea39 100644 --- a/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md +++ b/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md @@ -1,6 +1,6 @@ --- title: Access Credential Manager as a trusted caller (Windows 10) -description: Describes best practices, security considerations and more for the security policy setting, Access Credential Manager as a trusted caller. +description: Describes best practices, security considerations, and more for the security policy setting, Access Credential Manager as a trusted caller. ms.assetid: a51820d2-ca5b-47dd-8e9b-d7008603db88 ms.reviewer: ms.author: dansimp @@ -22,11 +22,11 @@ ms.date: 04/19/2017 **Applies to** - Windows 10 -Describes the best practices, location, values, policy management, and security considerations for the **Access Credential Manager as a trusted caller** security policy setting. +This article describes the best practices, location, values, policy management, and security considerations for the **Access Credential Manager as a trusted caller** security policy setting. ## Reference -The **Access Credential Manager as a trusted caller** policy setting is used by Credential Manager during backup and restore. No accounts should have this privilege because it is assigned only to the Winlogon service. Saved credentials of users may be compromised if this privilege is given to other entities. +The **Access Credential Manager as a trusted caller** policy setting is used by Credential Manager during backup and restore. No accounts should have this privilege because it's assigned only to the Winlogon service. Saved credentials of users may be compromised if this privilege is given to other entities. Constant: SeTrustedCredManAccessPrivilege @@ -37,7 +37,7 @@ Constant: SeTrustedCredManAccessPrivilege ### Best practices -- Do not modify this policy setting from the default. +- Don't modify this policy setting from the default. ### Location @@ -58,7 +58,7 @@ Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Use This section describes features, tools, and guidance to help you manage this policy. -A restart of the computer is not required for this policy setting to be effective. +A restart of the computer isn't required for this policy setting to be effective. Any change to the user rights assignment for an account becomes effective the next time the owner of the account logs on. @@ -82,7 +82,7 @@ If an account is given this user right, the user of the account may create an ap ### Countermeasure -Do not define the **Access Credential Manager as a trusted caller** policy setting for any accounts besides Credential Manager. +Don't define the **Access Credential Manager as a trusted caller** policy setting for any accounts besides Credential Manager. ### Potential impact diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md b/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md index ab09ef2ca5..d9c2770ad4 100644 --- a/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md +++ b/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md @@ -39,7 +39,7 @@ It is possible to configure the following values for the **Account lockout thres - A user-defined number from 0 through 999 - Not defined -Because vulnerabilities can exist when this value is configured and when it is not, organizations should weigh their identified threats and the risks that they are trying to mitigate. For information these settings, see [Countermeasure](#bkmk-countermeasure) in this topic. +Because vulnerabilities can exist when this value is configured and when it is not, organizations should weigh their identified threats and the risks that they are trying to mitigate. For information these settings, see [Countermeasure](#bkmk-countermeasure) in this article. ### Best practices @@ -47,7 +47,7 @@ The threshold that you select is a balance between operational efficiency and se As with other account lockout settings, this value is more of a guideline than a rule or best practice because there is no "one size fits all." For more information, see [Configuring Account Lockout](https://blogs.technet.microsoft.com/secguide/2014/08/13/configuring-account-lockout/). -Implementation of this policy setting is dependent on your operational environment; threat vectors, deployed operating systems, and deployed apps. For more information, see [Implementation considerations](#bkmk-impleconsiderations) in this topic. +Implementation of this policy setting is dependent on your operational environment; threat vectors, deployed operating systems, and deployed apps. For more information, see [Implementation considerations](#bkmk-impleconsiderations) in this article. ### Location @@ -76,13 +76,13 @@ None. Changes to this policy setting become effective without a computer restart ### Implementation considerations -Implementation of this policy setting is dependent on your operational environment. You should consider threat vectors, deployed operating systems, and deployed apps, for example: +Implementation of this policy setting depends on your operational environment. Consider threat vectors, deployed operating systems, and deployed apps. For example: -- The likelihood of an account theft or a DoS attack is based on the security design for your systems and environment. You should set the account lockout threshold in consideration of the known and perceived risk of those threats. +- The likelihood of an account theft or a DoS attack is based on the security design for your systems and environment. Set the account lockout threshold in consideration of the known and perceived risk of those threats. - When negotiating encryption types between clients, servers, and domain controllers, the Kerberos protocol can automatically retry account sign-in attempts that count toward the threshold limits that you set in this policy setting. In environments where different versions of the operating system are deployed, encryption type negotiation increases. -- Not all apps that are used in your environment effectively manage how many times a user can attempt to sign-in. For instance, if a connection drops repeatedly when a user is running the app, all subsequent failed sign-in attempts count toward the account lockout threshold. +- Not all apps that are used in your environment effectively manage how many times a user can attempt to sign in. For instance, if a connection drops repeatedly when a user is running the app, all subsequent failed sign-in attempts count toward the account lockout threshold. For more information about Windows security baseline recommendations for account lockout, see [Configuring Account Lockout](https://blogs.technet.microsoft.com/secguide/2014/08/13/configuring-account-lockout/). @@ -108,8 +108,8 @@ Because vulnerabilities can exist when this value is configured and when it is n - Configure the **Account lockout threshold** setting to 0. This configuration ensures that accounts will not be locked, and it will prevent a DoS attack that intentionally attempts to lock accounts. This configuration also helps reduce Help Desk calls because users cannot accidentally lock themselves out of their accounts. Because it does not prevent a brute force attack, this configuration should be chosen only if both of the following criteria are explicitly met: - - The password policy setting requires all users to have complex passwords of 8 or more characters. - - A robust audit mechanism is in place to alert administrators when a series of failed sign-ins occur in the environment. + - The password policy setting requires all users to have complex passwords of eight or more characters. + - A robust audit mechanism is in place to alert administrators when a series of failed sign-ins occurs in the environment. - Configure the **Account lockout threshold** policy setting to a sufficiently high value to provide users with the ability to accidentally mistype their password several times before the account is locked, but ensure that a brute force password attack still locks the account. @@ -121,9 +121,9 @@ Because vulnerabilities can exist when this value is configured and when it is n If this policy setting is enabled, a locked account is not usable until it is reset by an administrator or until the account lockout duration expires. Enabling this setting will likely generate a number of additional Help Desk calls. -If you configure the **Account lockout threshold** policy setting to 0, there is a possibility that an malicious user's attempt to discover passwords with a brute force password attack might go undetected if a robust audit mechanism is not in place. +If you configure the **Account lockout threshold** policy setting to 0, there is a possibility that a malicious user's attempt to discover passwords with a brute force password attack might go undetected if a robust audit mechanism is not in place. -If you configure this policy setting to a number greater than 0, an attacker can easily lock any accounts for which the account name is known. This is especially dangerous considering that no credentials other than access to the network are necessary to lock the accounts. +If you configure this policy setting to a number greater than 0, an attacker can easily lock any accounts for which the account name is known. This situation is especially dangerous considering that no credentials other than access to the network are necessary to lock the accounts. ## Related topics [Account Lockout Policy](account-lockout-policy.md) diff --git a/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md b/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md index 9a078921e7..4c8003e0f3 100644 --- a/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md +++ b/windows/security/threat-protection/security-policy-settings/audit-audit-the-use-of-backup-and-restore-privilege.md @@ -1,6 +1,6 @@ --- -title: Audit Audit the use of Backup and Restore privilege (Windows 10) -description: Describes the best practices, location, values, and security considerations for the Audit Audit the use of Backup and Restore privilege security policy setting. +title: "Audit: Audit the use of Backup and Restore privilege (Windows 10)" +description: "Describes the best practices, location, values, and security considerations for the 'Audit: Audit the use of Backup and Restore privilege' security policy setting." ms.assetid: f656a2bb-e8d6-447b-8902-53df3a7756c5 ms.reviewer: ms.author: dansimp @@ -65,9 +65,9 @@ None. Changes to this policy become effective without a computer restart when th ### Auditing -Enabling this policy setting in conjunction with the **Audit privilege use** policy setting records any instance of user rights that are being exercised in the security log. If **Audit privilege use** is enabled but **Audit: Audit the use of Backup and Restore privilege** is disabled, when users use backup or restore user rights, those events will not be audited. +Enabling this policy setting in conjunction with the **Audit privilege use** policy setting records any instance of user rights that are being exercised in the security log. If **Audit privilege use** is enabled but **Audit: Audit the use of Backup and Restore privilege** is disabled, when users back up or restore user rights, those events will not be audited. -Enabling this policy setting when the **Audit privilege use** policy setting is also enabled generates an audit event for every file that is backed up or restored. This can help you to track down an administrator who is accidentally or maliciously restoring data in an unauthorized manner. +Enabling this policy setting when the **Audit privilege use** policy setting is also enabled generates an audit event for every file that is backed up or restored. This setup can help you to track down an administrator who is accidentally or maliciously restoring data in an unauthorized manner. Alternately, you can use the advanced audit policy, [Audit Sensitive Privilege Use](../auditing/audit-sensitive-privilege-use.md), which can help you manage the number of events generated. diff --git a/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md b/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md index 550e21d847..a431f30baf 100644 --- a/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md +++ b/windows/security/threat-protection/security-policy-settings/back-up-files-and-directories.md @@ -1,6 +1,6 @@ --- title: Back up files and directories - security policy setting (Windows 10) -description: Describes the best practices, location, values, policy management, and security considerations for the Back up files and directories security policy setting. +description: Describes the recommended practices, location, values, policy management, and security considerations for the Back up files and directories security policy setting. ms.assetid: 1cd6bdd5-1501-41f4-98b9-acf29ac173ae ms.reviewer: ms.author: dansimp @@ -22,13 +22,13 @@ ms.date: 04/19/2017 **Applies to** - Windows 10 -Describes the best practices, location, values, policy management, and security considerations for the **Back up files and directories** security policy setting. +This article describes the recommended practices, location, values, policy management, and security considerations for the **Back up files and directories** security policy setting. ## Reference -This user right determines which users can bypass file and directory, registry, and other persistent object permissions for the purposes of backing up the system. This user right is effective only when an application attempts access through the NTFS backup application programming interface (API) through a backup tool such as NTBACKUP.EXE. Otherwise, standard file and directory permissions apply. +This user right determines which users can bypass file and directory, registry, and other persistent object permissions for the purposes of backing up the system. This user right is effective only when an application attempts access through the NTFS backup application programming interface (API) through a tool such as NTBACKUP.EXE. Otherwise, standard file and directory permissions apply. -This user right is similar to granting the following permissions to the user or group you have selected on all files and folders on the system: +This user right is similar to granting the following permissions to the user or group you selected on all files and folders on the system: - Traverse Folder/Execute File - List Folder/Read Data @@ -56,8 +56,8 @@ Constant: SeBackupPrivilege ### Best practices -1. Restrict the **Back up files and directories** user right to members of the IT team who must back up organizational data as part of their daily job responsibilities. Because there is no way to be sure that a user is backing up data, stealing data, or copying data to be distributed, only assign this user right to trusted users. -2. If you are using backup software that runs under specific service accounts, only these accounts (and not the IT staff) should have the **Back up files and directories** user right. +1. Restrict the **Back up files and directories** user right to members of the IT team who must back up organizational data as part of their daily job responsibilities. Because there's no way to be sure that a user is backing up data, stealing data, or copying data to be distributed, only assign this user right to trusted users. +2. If your backup software runs under specific service accounts, only these accounts (and not the IT staff) should have the user right to back up files and directories. ### Location @@ -67,7 +67,7 @@ Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Use By default, this right is granted to Administrators and Backup Operators on workstations and servers. On domain controllers, Administrators, Backup Operators, and Server Operators have this right. -The following table lists the actual and effective default policy values. Default values are also listed on the policy’s property page. +The following table lists the actual and effective default policy values for the server type or Group Policy Object (GPO). Default values are also listed on the policy’s property page. | Server type or GPO | Default value | | - | - | @@ -80,13 +80,13 @@ The following table lists the actual and effective default policy values. Defaul ## Policy management -A restart of the device is not required for this policy setting to be effective. +A restart of the device isn't required for this policy setting to be effective. Any change to the user rights assignment for an account becomes effective the next time the owner of the account logs on. ### Group Policy -Settings are applied in the following order through a Group Policy Object (GPO), which will overwrite settings on the local computer at the next Group Policy update: +Settings are applied in the following order through a GPO, which will overwrite settings on the local computer at the next Group Policy update: 1. Local policy settings 2. Site policy settings @@ -101,15 +101,15 @@ This section describes how an attacker might exploit a feature or its configurat ### Vulnerability -Users who can back up data from a device could take the backup media to a non-domain computer on which they have administrative privileges, and then restore the data. They could take ownership of the files and view any unencrypted data that is contained within the backup set. +Users who can back up data from a device to separate media could take the media to a non-domain computer on which they have administrative privileges, and then restore the data. They could take ownership of the files and view any unencrypted data that is contained within the data set. ### Countermeasure -Restrict the **Back up files and directories** user right to members of the IT team who must back up organizational data as part of their daily job responsibilities. If you are using backup software that runs under specific service accounts, only these accounts (and not the IT staff) should have the **Back up files and directories** user right. +Restrict the **Back up files and directories** user right to members of the IT team who must back up organizational data as part of their daily job responsibilities. If you use software that backs up data under specific service accounts, only these accounts (and not the IT staff) should have the right to back up files and directories. ### Potential impact -Changes in the membership of the groups that have the **Back up files and directories** user right could limit the abilities of users who are assigned to specific administrative roles in your environment. You should confirm that authorized backup administrators can still perform backup operations. +Changes in the membership of the groups that have the user right to back up files and directories could limit the abilities of users who are assigned to specific administrative roles in your environment. Confirm that authorized administrators can still back up files and directories. ## Related topics diff --git a/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md b/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md index 869edc69a5..55281194fb 100644 --- a/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md +++ b/windows/security/threat-protection/security-policy-settings/create-a-pagefile.md @@ -26,7 +26,7 @@ Describes the best practices, location, values, policy management, and security ## Reference -Windows designates a section of the hard drive as virtual memory known as the page file, or more specifically, as pagefile.sys. It is used to supplement the computer’s Random Access Memory (RAM) to improve performance for programs and data that are used frequently. Although the file is hidden from browsing, you can manage it using the system settings. +Windows designates a section of the hard drive as virtual memory known as the page file, or more specifically, as pagefile.sys. It is used to supplement the computer’s Random Access Memory (RAM) to improve performance for frequently used programs and data. Although the file is hidden from browsing, you can manage it using the system settings. This policy setting determines which users can create and change the size of a page file. It determines whether users can specify a page file size for a particular drive in the **Performance Options** box located on the **Advanced** tab of the **System Properties** dialog box or through using internal application interfaces (APIs). diff --git a/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md b/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md index c07cb74837..696c309ef6 100644 --- a/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md +++ b/windows/security/threat-protection/security-policy-settings/create-symbolic-links.md @@ -28,7 +28,7 @@ Describes the best practices, location, values, policy management, and security This user right determines if users can create a symbolic link from the device they are logged on to. -A symbolic link is a file-system object that points to another file-system object. The object that is pointed to is called the target. Symbolic links are transparent to users. The links appear as normal files or directories, and they can be acted upon by the user or application in exactly the same manner. Symbolic links are designed to aid in migration and application compatibility with UNIX operating systems. Microsoft has implemented symbolic links to function just like UNIX links. +A symbolic link is a file-system object that points to another file-system object. The object that's pointed to is called the target. Symbolic links are transparent to users. The links appear as normal files or directories, and they can be acted upon by the user or application in exactly the same manner. Symbolic links are designed to aid in migration and application compatibility with UNIX operating systems. Microsoft has implemented symbolic links to function just like UNIX links. >**Warning:**   This privilege should only be given to trusted users. Symbolic links can expose security vulnerabilities in applications that aren't designed to handle them. Constant: SeCreateSymbolicLinkPrivilege @@ -40,7 +40,7 @@ Constant: SeCreateSymbolicLinkPrivilege ### Best practices -- This user right should only be given to trusted users. Symbolic links can expose security vulnerabilities in applications that are not designed to handle them. +- Only trusted users should get this user right. Symbolic links can expose security vulnerabilities in applications that are not designed to handle them. ### Location @@ -73,16 +73,16 @@ Any change to the user rights assignment for an account becomes effective the ne Settings are applied in the following order through a Group Policy Object (GPO), which will overwrite settings on the local computer at the next Group Policy update: -1. Local policy settings -2. Site policy settings -3. Domain policy settings -4. OU policy settings +- Local policy settings +- Site policy settings +- Domain policy settings +- OU policy settings When a local setting is greyed out, it indicates that a GPO currently controls that setting. ### Command-line tools -This setting can be used in conjunction with a symbolic link file system setting that can be manipulated with the command-line tool to control the kinds of symlinks that are allowed on the device. For more info, type **fsutil behavior set symlinkevaluation /?** at the command prompt. +This setting can be used in conjunction with a symbolic link file system setting that can be manipulated with the command-line tool to control the kinds of symlinks that are allowed on the device. For more info, type `fsutil behavior set symlinkevaluation /?` at the command prompt. ## Security considerations diff --git a/windows/security/threat-protection/security-policy-settings/debug-programs.md b/windows/security/threat-protection/security-policy-settings/debug-programs.md index cb03383fb3..8e9e1de135 100644 --- a/windows/security/threat-protection/security-policy-settings/debug-programs.md +++ b/windows/security/threat-protection/security-policy-settings/debug-programs.md @@ -26,7 +26,7 @@ Describes the best practices, location, values, policy management, and security ## Reference -This policy setting determines which users can attach to or open any process, even those they do not own. Developers who are debugging their own applications do not need to be assigned this user right. Developers who are debugging new system components need this user right. This user right provides access to sensitive and critical operating-system components. +This policy setting determines which users can attach to or open any process, even a process they do not own. Developers who are debugging their own applications do not need this user right. Developers who are debugging new system components need this user right. This user right provides access to sensitive and critical operating-system components. Constant: SeDebugPrivilege diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md index 5e75ce5325..3705d5c84b 100644 --- a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md +++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-batch-job.md @@ -22,7 +22,7 @@ ms.date: 04/19/2017 **Applies to** - Windows 10 -Describes the best practices, location, values, policy management, and security considerations for the **Deny log on as a batch job** security policy setting. +This article describes the recommended practices, location, values, policy management, and security considerations for the **Deny log on as a batch job** security policy setting. ## Reference @@ -40,7 +40,7 @@ Constant: SeDenyBatchLogonRight 1. When you assign this user right, thoroughly test that the effect is what you intended. 2. Within a domain, modify this setting on the applicable Group Policy Object (GPO). -3. **Deny log on as a batch job** prevents administrators or operators from using their personal accounts to schedule tasks, which helps with business continuity when that person transitions to other positions or responsibilities. +3. **Deny log on as a batch job** prevents administrators or operators from using their personal accounts to schedule tasks. This restriction helps with business continuity when that person transitions to other positions or responsibilities. ### Location @@ -48,7 +48,7 @@ Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Use ### Default values -The following table lists the actual and effective default policy values for the most recent supported versions of Windows. Default values are also listed on the policy’s property page. +The following table lists the actual and effective default policy values for the most recent supported versions of Windows. Default values are also listed on the policy's property page. | Server type or GPO | Default value | | - | - | @@ -63,7 +63,7 @@ The following table lists the actual and effective default policy values for the This section describes features and tools available to help you manage this policy. -A restart of the device is not required for this policy setting to be effective. +A restart of the device isn't required for this policy setting to be effective. Any change to the user rights assignment for an account becomes effective the next time the owner of the account logs on. @@ -73,7 +73,7 @@ This policy setting might conflict with and negate the **Log on as a batch job** On a domain-joined device, including the domain controller, this policy can be overwritten by a domain policy, which will prevent you from modifying the local policy setting. -For example, if you are trying to configure Task Scheduler on your domain controller, check the Settings tab of your two domain controller policy and domain policy GPOs in the Group Policy Management Console (GPMC). Verify the targeted account is not present in the **Deny log on as a batch job** +For example, to configure Task Scheduler on your domain controller, check the Settings tab of your two domain controller policy and domain policy GPOs in the Group Policy Management Console (GPMC). Verify the targeted account isn't present in the **Deny log on as a batch job** setting. User Rights Assignment and also correctly configured in the **Log on as a batch job** setting. @@ -100,7 +100,7 @@ Assign the **Deny log on as a batch job** user right to the local Guest account. ### Potential impact -If you assign the **Deny log on as a batch job** user right to other accounts, you could deny the ability to perform required job activities to users who are assigned specific administrative roles. You should confirm that delegated tasks are not affected adversely. +If you assign the **Deny log on as a batch job** user right to other accounts, you could deny the ability to perform required job activities to users who are assigned specific administrative roles. Confirm that delegated tasks aren't affected adversely. ## Related topics diff --git a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md index 2da4ae7aa5..ae1ff7ad09 100644 --- a/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md +++ b/windows/security/threat-protection/security-policy-settings/deny-log-on-as-a-service.md @@ -22,7 +22,7 @@ ms.date: 04/19/2017 **Applies to** - Windows 10 -Describes the best practices, location, values, policy management, and security considerations for the **Deny log on as a service** security policy setting. +This article describes the recommended practices, location, values, policy management, and security considerations for the **Deny log on as a service** security policy setting. ## Reference @@ -63,7 +63,7 @@ The following table lists the actual and effective default policy values for the This section describes features and tools available to help you manage this policy. -A restart of the computer is not required for this policy setting to be effective. +A restart of the computer isn't required for this policy setting to be effective. Any change to the user rights assignment for an account becomes effective the next time the owner of the account logs on. @@ -89,11 +89,11 @@ This section describes how an attacker might exploit a feature or its configurat ### Vulnerability Accounts that can log on to a service application could be used to configure and start new unauthorized services, such as a keylogger or other malware. The benefit of the specified countermeasure is somewhat reduced by the fact that only users with administrative rights can install and configure -services, and an attacker who has already attained that level of access could configure the service to run by using the System account. +services, and an attacker who already has that level of access could configure the service to run by using the System account. ### Countermeasure -We recommend that you not assign the **Deny log on as a service** user right to any accounts. This is the default configuration. Organizations that are extremely concerned about security might assign this user right to groups and accounts when they are certain that they will never need to log on to a service application. +We recommend that you don't assign the **Deny log on as a service** user right to any accounts. This configuration is the default. Organizations that have strong concerns about security might assign this user right to groups and accounts when they're certain that they'll never need to log on to a service application. ### Potential impact diff --git a/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md b/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md index 473772b9bc..933e46f0a1 100644 --- a/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md +++ b/windows/security/threat-protection/security-policy-settings/domain-controller-ldap-server-signing-requirements.md @@ -22,13 +22,13 @@ ms.date: 04/19/2017 **Applies to** - Windows 10 -Describes the best practices, location, values, and security considerations for the **Domain controller: LDAP server signing requirements** security policy setting. +This article describes the best practices, location, values, and security considerations for the **Domain controller: LDAP server signing requirements** security policy setting. ## Reference This policy setting determines whether the Lightweight Directory Access Protocol (LDAP) server requires LDAP clients to negotiate data signing. -Unsigned network traffic is susceptible to man-in-the-middle attacks, where an intruder captures packets between the server and the client device and modifies them before forwarding them to the client device. In the case of an LDAP server, this means that a malicious user can cause a client device to make decisions based on false records from the LDAP directory. You can lower the risk of a malicious user accomplishing this in a corporate network by implementing strong physical security measures to protect the network infrastructure. Furthermore, implementing Internet Protocol security (IPsec) Authentication Header mode, which provides mutual authentication and packet integrity for IP traffic, can make all types of man-in-the-middle attacks extremely difficult. +Unsigned network traffic is susceptible to man-in-the-middle attacks, where an intruder captures packets between the server and the client device and modifies them before forwarding them to the client device. In the case of an LDAP server, a malicious user can cause a client device to make decisions based on false records from the LDAP directory. You can lower this risk in a corporate network by implementing strong physical security measures to protect the network infrastructure. Furthermore, implementing Internet Protocol security (IPsec) Authentication Header mode, which provides mutual authentication and packet integrity for IP traffic, can make all types of man-in-the-middle attacks difficult. This setting does not have any impact on LDAP simple bind through SSL (LDAP TCP/636). @@ -44,7 +44,7 @@ If signing is required, then LDAP simple binds not using SSL are rejected (LDAP ### Best practices -- It is advisable to set **Domain controller: LDAP server signing requirements** to **Require signature**. Clients that do not support LDAP signing will be unable to execute LDAP queries against the domain controllers. +- We recommend that you set **Domain controller: LDAP server signing requirements** to **Require signature**. Clients that do not support LDAP signing will be unable to execute LDAP queries against the domain controllers. ### Location @@ -77,7 +77,7 @@ This section describes how an attacker might exploit a feature or its configurat ### Vulnerability -Unsigned network traffic is susceptible to man-in-the-middle attacks. In such attacks, an intruder captures packets between the server and the client device, modifies them, and then forwards them to the client device. Where LDAP servers are concerned, an attacker could cause a client device to make decisions that are based on false records from the LDAP directory. To lower the risk of such an intrusion in an organization's network, you can implement strong physical security measures to protect the network infrastructure. You could also implement Internet Protocol security (IPsec) Authentication Header mode, which performs mutual authentication and packet integrity for IP traffic to make all types of man-in-the-middle attacks extremely difficult. +Unsigned network traffic is susceptible to man-in-the-middle attacks. In such attacks, an intruder captures packets between the server and the client device, modifies them, and then forwards them to the client device. Where LDAP servers are concerned, an attacker could cause a client device to make decisions that are based on false records from the LDAP directory. To lower the risk of such an intrusion in an organization's network, you can implement strong physical security measures to protect the network infrastructure. You could also implement Internet Protocol security (IPsec) Authentication Header mode, which performs mutual authentication and packet integrity for IP traffic to make all types of man-in-the-middle attacks difficult. ### Countermeasure @@ -85,7 +85,7 @@ Configure the **Domain controller: LDAP server signing requirements** setting to ### Potential impact -Client device that do not support LDAP signing cannot run LDAP queries against the domain controllers. +Client devices that do not support LDAP signing cannot run LDAP queries against the domain controllers. ## Related topics diff --git a/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md b/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md index d21bf2cf15..fb56241385 100644 --- a/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md +++ b/windows/security/threat-protection/security-policy-settings/force-shutdown-from-a-remote-system.md @@ -26,7 +26,7 @@ Describes the best practices, location, values, policy management, and security ## Reference -This security setting determines which users are allowed to shut down a device from a remote location on the network. This allows members of the Administrators group or specific users to manage computers (for tasks such as a restart) from a remote location. +This security setting determines which users are allowed to shut down a device from a remote location on the network. This setting allows members of the Administrators group or specific users to manage computers (for tasks such as a restart) from a remote location. Constant: SeRemoteShutdownPrivilege @@ -37,7 +37,7 @@ Constant: SeRemoteShutdownPrivilege ### Best practices -- Explicitly restrict this user right to members of the Administrators group or other specifically assigned roles that require this capability, such as non-administrative operations staff. +- Explicitly restrict this user right to members of the Administrators group or other assigned roles that require this capability, such as non-administrative operations staff. ### Location @@ -91,11 +91,11 @@ Any user who can shut down a device could cause a denial-of-service condition to ### Countermeasure -Restrict the **Force shutdown from a remote system** user right to members of the Administrators group or other specifically assigned roles that require this capability, such as non-administrative operations staff. +Restrict the **Force shutdown from a remote system** user right to members of the Administrators group or other assigned roles that require this capability, such as non-administrative operations staff. ### Potential impact -On a domain controller, if you remove the **Force shutdown from a remote system** user right from the Server Operator group, you could limit the abilities of users who are assigned to specific administrative roles in your environment. You should confirm that delegated activities are not adversely affected. +On a domain controller, if you remove the **Force shutdown from a remote system** user right from the Server Operator group, you could limit the abilities of users who are assigned to specific administrative roles in your environment. Confirm that delegated activities are not adversely affected. ## Related topics From d22561e33dd996d96273a123efffc7c5edf0a912 Mon Sep 17 00:00:00 2001 From: ShannonLeavitt Date: Wed, 4 Nov 2020 15:08:01 -0700 Subject: [PATCH 09/26] increase two acro scores --- .../endpoint-detection-response-mac-preview.md | 4 ++-- .../access-credential-manager-as-a-trusted-caller.md | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md b/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md index f731a7af08..35fe01b1c2 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md @@ -49,7 +49,7 @@ Endpoint detection and response capabilities in Microsoft Defender ATP for Mac a 1. From the JAMF console, navigate to  **Computers > Configuration Profiles**, navigate to the configuration profile you'd like to use, then select  **Custom Settings**. -1. Create an entry with com.microsoft.wdav as the preference domain and upload the .plist created earlier. +1. Create an entry with com.microsoft.wdav as the preference domain and upload the `.plist` created earlier. > [!WARNING] > You must enter the correct preference domain (com.microsoft.wdav), otherwise the preferences will not be recognized by the product @@ -117,7 +117,7 @@ Endpoint detection and response capabilities in Microsoft Defender ATP for Mac a 1. Choose a name for the profile. Change  **Platform=macOS**  to  **Profile type=Custom**. Select  **Configure**. -1. Save the .plist created earlier as com.microsoft.wdav.xml. +1. Save the `.plist` created earlier as com.microsoft.wdav.xml. 1. Enter com.microsoft.wdav as the custom configuration profile name. diff --git a/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md b/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md index 166698ea39..073cfbd4cb 100644 --- a/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md +++ b/windows/security/threat-protection/security-policy-settings/access-credential-manager-as-a-trusted-caller.md @@ -22,7 +22,7 @@ ms.date: 04/19/2017 **Applies to** - Windows 10 -This article describes the best practices, location, values, policy management, and security considerations for the **Access Credential Manager as a trusted caller** security policy setting. +This article describes the recommended practices, location, values, policy management, and security considerations for the **Access Credential Manager as a trusted caller** security policy setting. ## Reference @@ -45,6 +45,8 @@ Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Use ### Default values +The following table shows the default value for the server type or Group Policy Object (GPO). + | Server type or GPO | Default value | | - | - | | Default domain policy | Not defined | From d2680934b6560dbafa478f48ed22449c9769feba Mon Sep 17 00:00:00 2001 From: ShannonLeavitt Date: Wed, 4 Nov 2020 16:03:03 -0700 Subject: [PATCH 10/26] acrolinx-windows-security --- .../smart-card-debugging-information.md | 46 +++++++++---------- .../bitlocker/bitlocker-and-adds-faq.md | 10 ++-- .../bitlocker/bitlocker-to-go-faq.md | 11 ++++- 3 files changed, 37 insertions(+), 30 deletions(-) diff --git a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md index f5268739ca..824c20a5f1 100644 --- a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md +++ b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md @@ -26,9 +26,9 @@ Debugging and tracing smart card issues requires a variety of tools and approach - [Certutil](#certutil) -- [Debugging and tracing using WPP](#debugging-and-tracing-using-wpp) +- [Debugging and tracing using Windows software trace preprocessor (WPP)](#debugging-and-tracing-using-wpp) -- [Kerberos protocol, KDC, and NTLM debugging and tracing](#kerberos-protocol-kdc-and-ntlm-debugging-and-tracing) +- [Kerberos protocol, Key Distribution Center (KDC), and NTLM debugging and tracing](#kerberos-protocol-kdc-and-ntlm-debugging-and-tracing) - [Smart Card service](#smart-card-service) @@ -42,22 +42,22 @@ For a complete description of Certutil including examples that show how to use i ### List certificates available on the smart card -To list certificates that are available on the smart card, type certutil -scinfo. +To list certificates that are available on the smart card, type `certutil -scinfo`. > [!NOTE] > Entering a PIN is not required for this operation. You can press ESC if you are prompted for a PIN. ### Delete certificates on the smart card -Each certificate is enclosed in a container. When you delete a certificate on the smart card, you are deleting the container for the certificate. +Each certificate is enclosed in a container. When you delete a certificate on the smart card, you're deleting the container for the certificate. -To find the container value, type certutil -scinfo. +To find the container value, type `certutil -scinfo`. To delete a container, type **certutil -delkey -csp "Microsoft Base Smart Card Crypto Provider"** "<*ContainerValue*>". ## Debugging and tracing using WPP -Windows software trace preprocessor (WPP) simplifies tracing the operation of the trace provider. It provides a mechanism for the trace provider to log real-time binary messages. Logged messages can be converted to a human-readable trace of the operation. For more information, see [Diagnostics with WPP - The NDIS blog](https://blogs.msdn.com/b/ndis/archive/2011/04/06/diagnostics-with-wpp.aspx). +WPP simplifies tracing the operation of the trace provider. It provides a mechanism for the trace provider to log real-time binary messages. Logged messages can be converted to a human-readable trace of the operation. For more information, see [Diagnostics with WPP - The NDIS blog](https://blogs.msdn.com/b/ndis/archive/2011/04/06/diagnostics-with-wpp.aspx). ### Enable the trace @@ -65,21 +65,21 @@ Using WPP, use one of the following commands to enable tracing: - **tracelog.exe -kd -rt -start** <*FriendlyName*> **-guid \#**<*GUID*> **-f .\\**<*LogFileName*>**.etl -flags** <*flags*> **-ft 1** -- **logman start** <*FriendlyName*> **-ets -p {**<*GUID*>**} -**<*Flags*> **-ft 1 -rt -o .\\**<*LogFileName*>**.etl -mode 0x00080000* +- **logman start** <*FriendlyName*> **-ets -p {**<*GUID*>**} -**<*Flags*> **-ft 1 -rt -o .\\**<*LogFileName*>**.etl -mode 0x00080000** You can use the parameters in the following table. | Friendly name | GUID | Flags | |-------------------|--------------------------------------|-----------| -| scardsvr | 13038e47-ffec-425d-bc69-5707708075fe | 0xffff | -| winscard | 3fce7c5f-fb3b-4bce-a9d8-55cc0ce1cf01 | 0xffff | -| basecsp | 133a980d-035d-4e2d-b250-94577ad8fced | 0x7 | -| scksp | 133a980d-035d-4e2d-b250-94577ad8fced | 0x7 | -| msclmd | fb36caf4-582b-4604-8841-9263574c4f2c | 0x7 | -| credprov | dba0e0e0-505a-4ab6-aa3f-22f6f743b480 | 0xffff | -| certprop | 30eae751-411f-414c-988b-a8bfa8913f49 | 0xffff | -| scfilter | eed7f3c9-62ba-400e-a001-658869df9a91 | 0xffff | -| wudfusbccid | a3c09ba3-2f62-4be5-a50f-8278a646ac9d | 0xffff | +| `scardsvr` | 13038e47-ffec-425d-bc69-5707708075fe | 0xffff | +| `winscard` | 3fce7c5f-fb3b-4bce-a9d8-55cc0ce1cf01 | 0xffff | +| `basecsp` | 133a980d-035d-4e2d-b250-94577ad8fced | 0x7 | +| `scksp` | 133a980d-035d-4e2d-b250-94577ad8fced | 0x7 | +| `msclmd` | fb36caf4-582b-4604-8841-9263574c4f2c | 0x7 | +| `credprov` | dba0e0e0-505a-4ab6-aa3f-22f6f743b480 | 0xffff | +| `certprop` | 30eae751-411f-414c-988b-a8bfa8913f49 | 0xffff | +| `scfilter` | eed7f3c9-62ba-400e-a001-658869df9a91 | 0xffff | +| `wudfusbccid` | a3c09ba3-2f62-4be5-a50f-8278a646ac9d | 0xffff | Examples @@ -119,7 +119,7 @@ You can use these resources to troubleshoot these protocols and the KDC: - [Windows Driver Kit (WDK) and Debugging Tools for Windows (WinDbg)](https://developer.microsoft.com/en-us/windows/hardware/windows-driver-kit).  You can use the trace log tool in this SDK to debug Kerberos authentication failures. -To begin tracing, you can use Tracelog. Different components use different control GUIDs as explained in these examples. For more information, see [Tracelog](https://msdn.microsoft.com/library/windows/hardware/ff552994.aspx). +To begin tracing, you can use `Tracelog`. Different components use different control GUIDs as explained in these examples. For more information, see [`Tracelog`](https://msdn.microsoft.com/library/windows/hardware/ff552994.aspx). ### NTLM @@ -143,7 +143,7 @@ To stop tracing for Kerberos authentication, run this command: ### KDC -To enable tracing for the Key Distribution Center (KDC), run the following command on the command line: +To enable tracing for the KDC, run the following command on the command line: - **tracelog.exe -kd -rt -start kdc -guid \#1BBA8B19-7F31-43c0-9643-6E911F79A06B -f .\\kdc.etl -flags 0x803 -ft 1** @@ -166,7 +166,7 @@ You can also configure tracing by editing the Kerberos registry values shown in | Kerberos | HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Lsa\\Kerberos
    Value name: LogToFile
    Value type: DWORD
    Value data: 00000001

    HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Lsa\\Kerberos\\Parameters
    Value name: KerbDebugLevel
    Value type: DWORD
    Value data: c0000043

    HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Lsa\\Kerberos\\Parameters
    Value name: LogToFile
    Value type: DWORD
    Value data: 00000001 | | KDC | HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Kdc
    Value name: KdcDebugLevel
    Value type: DWORD
    Value data: c0000803 | -If you used Tracelog, look for the following log file in your current directory: kerb.etl/kdc.etl/ntlm.etl. +If you used `Tracelog`, look for the following log file in your current directory: kerb.etl/kdc.etl/ntlm.etl. If you used the registry key settings shown in the previous table, look for the trace log files in the following locations: @@ -176,7 +176,7 @@ If you used the registry key settings shown in the previous table, look for the - KDC: %systemroot%\\tracing\\kdcsvc  -To decode event trace files, you can use Tracefmt (tracefmt.exe). Tracefmt is a command-line tool that formats and displays trace messages from an event trace log file (.etl) or a real-time trace session. Tracefmt can display the messages in the Command Prompt window or save them in a text file. It is located in the \\tools\\tracing subdirectory of the Windows Driver Kit (WDK). For more information, see [Tracefmt](https://msdn.microsoft.com/library/ff552974.aspx). +To decode event trace files, you can use `Tracefmt` (tracefmt.exe). `Tracefmt` is a command-line tool that formats and displays trace messages from an event trace log file (.etl) or a real-time trace session. `Tracefmt` can display the messages in the Command Prompt window or save them in a text file. It is located in the \\tools\\tracing subdirectory of the Windows Driver Kit (WDK). For more information, see [`Tracefmt`](https://msdn.microsoft.com/library/ff552974.aspx). ## Smart Card service @@ -198,11 +198,11 @@ The smart card resource manager service runs in the context of a local service. 2. If the **User Account Control** dialog box appears, confirm that the action it displays is what you want, and then select **Yes**. -3. At the command prompt, type **net stop SCardSvr**. +3. At the command prompt, type `net stop SCardSvr`. -4. At the command prompt, type **net start SCardSvr**. +4. At the command prompt, type `net start SCardSvr`. -You can use the following command at the command prompt to check whether the service is running: **sc queryex scardsvr**. +You can use the following command at the command prompt to check whether the service is running: `sc queryex scardsvr`. The following code sample is an example output from this command: diff --git a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md index 8547453291..c248a61b46 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.md @@ -30,15 +30,15 @@ Stored information | Description -------------------|------------ Hash of the TPM owner password | Beginning with Windows 10, the password hash is not stored in AD DS by default. The password hash can be stored only if the TPM is owned and the ownership was taken by using components of Windows 8.1 or earlier, such as the BitLocker Setup Wizard or the TPM snap-in. BitLocker recovery password | The recovery password allows you to unlock and access the drive after a recovery incident. Domain administrators can view the BitLocker recovery password by using the BitLocker Recovery Password Viewer. For more information about this tool, see [BitLocker: Use BitLocker Recovery Password Viewer](bitlocker-use-bitlocker-recovery-password-viewer.md). -BitLocker key package | The key package helps to repair damage to the hard disk that would otherwise prevent standard recovery. Using the key package for recovery requires the BitLocker Repair Tool, Repair-bde. +BitLocker key package | The key package helps to repair damage to the hard disk that would otherwise prevent standard recovery. Using the key package for recovery requires the BitLocker Repair Tool, `Repair-bde`. ## What if BitLocker is enabled on a computer before the computer has joined the domain? -If BitLocker is enabled on a drive before Group Policy has been applied to enforce backup, the recovery information will not be automatically backed up to AD DS when the computer joins the domain or when Group Policy is subsequently applied. However, you can use the **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed drives can be recovered**, and **Choose how BitLocker-protected removable drives can be recovered** Group Policy settings to require the computer to be connected to a domain before BitLocker can be enabled to help ensure that recovery information for BitLocker-protected drives in your organization is backed up to AD DS. +If BitLocker is enabled on a drive before Group Policy has been applied to enforce a backup, the recovery information will not be automatically backed up to AD DS when the computer joins the domain or when Group Policy is subsequently applied. However, you can use the **Choose how BitLocker-protected operating system drives can be recovered**, **Choose how BitLocker-protected fixed drives can be recovered**, and **Choose how BitLocker-protected removable drives can be recovered** Group Policy settings to require the computer to be connected to a domain before BitLocker can be enabled to help ensure that recovery information for BitLocker-protected drives in your organization is backed up to AD DS. For more info, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). -The BitLocker Windows Management Instrumentation (WMI) interface does allow administrators to write a script to back up or synchronize an online client's existing recovery information; however, BitLocker does not automatically manage this process. The manage-bde command-line tool can also be used to manually back up recovery information to AD DS. For example, to back up all of the recovery information for the `$env:SystemDrive` to AD DS, you would use the following command script from an elevated command prompt: +The BitLocker Windows Management Instrumentation (WMI) interface does allow administrators to write a script to back up or synchronize an online client's existing recovery information; however, BitLocker does not automatically manage this process. The `manage-bde` command-line tool can also be used to manually back up recovery information to AD DS. For example, to back up all of the recovery information for the `$env:SystemDrive` to AD DS, you would use the following command script from an elevated command prompt: ```PowerShell $BitLocker = Get-BitLockerVolume -MountPoint $env:SystemDrive @@ -61,7 +61,7 @@ Ultimately, determining whether a legitimate backup exists in AD DS requires qu No. By design, BitLocker recovery password entries do not get deleted from AD DS; therefore, you might see multiple passwords for each drive. To identify the latest password, check the date on the object. -## What happens if the backup initially fails? Will BitLocker retry the backup? +## What happens if the backup initially fails? Will BitLocker retry it? If the backup initially fails, such as when a domain controller is unreachable at the time when the BitLocker setup wizard is run, BitLocker does not try again to back up the recovery information to AD DS. @@ -69,5 +69,5 @@ When an administrator selects the **Require BitLocker backup to AD DS** check b For more info, see [BitLocker Group Policy settings](bitlocker-group-policy-settings.md). -When an administrator clears these check boxes, the administrator is allowing a drive to be BitLocker-protected without having the recovery information successfully backed up to AD DS; however, BitLocker will not automatically retry the backup if it fails. Instead, administrators can create a script for the backup, as described earlier in [What if BitLocker is enabled on a computer before the computer has joined the domain?](#what-if-bitlocker-is-enabled-on-a-computer-before-the-computer-has-joined-the-domain) to capture the information after connectivity is restored. +When an administrator clears these check boxes, the administrator is allowing a drive to be BitLocker-protected without having the recovery information successfully backed up to AD DS; however, BitLocker will not automatically retry the backup if it fails. Instead, administrators can create a backup script, as described earlier in [What if BitLocker is enabled on a computer before the computer has joined the domain?](#what-if-bitlocker-is-enabled-on-a-computer-before-the-computer-has-joined-the-domain) to capture the information after connectivity is restored. diff --git a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md index 2be6494c9a..871f49b5a8 100644 --- a/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md +++ b/windows/security/information-protection/bitlocker/bitlocker-to-go-faq.md @@ -25,7 +25,14 @@ ms.custom: bitlocker ## What is BitLocker To Go? -BitLocker To Go is BitLocker Drive Encryption on removable data drives. This feature includes the encryption of USB flash drives, SD cards, external hard disk drives, and other drives formatted by using the NTFS, FAT16, FAT32, or exFAT file systems. Drive partitioning must meet the [BitLocker Drive Encryption Partitioning Requirements](https://docs.microsoft.com/windows-hardware/manufacture/desktop/bitlocker-drive-encryption#bitlocker-drive-encryption-partitioning-requirements). +BitLocker To Go is BitLocker Drive Encryption on removable data drives. This feature includes the encryption of: -As with BitLocker, drives that are encrypted using BitLocker To Go can be opened with a password or smart card on another computer by using **BitLocker Drive Encryption** in Control Panel. +- USB flash drives +- SD cards +- External hard disk drives +- Other drives that are formatted by using the NTFS, FAT16, FAT32, or exFAT file system. + +Drive partitioning must meet the [BitLocker Drive Encryption Partitioning Requirements](https://docs.microsoft.com/windows-hardware/manufacture/desktop/bitlocker-drive-encryption#bitlocker-drive-encryption-partitioning-requirements). + +As with BitLocker, you can open drives that are encrypted by BitLocker To Go by using a password or smart card on another computer. In Control Panel, use **BitLocker Drive Encryption**. From dbf2f662caee0bc8d32ec09e1ce5c8d4c5d6ee9d Mon Sep 17 00:00:00 2001 From: gkomatsu Date: Wed, 4 Nov 2020 17:49:28 -0800 Subject: [PATCH 11/26] Update new-in-windows-mdm-enrollment-management.md Additional clarity to address question from customer --- .../mdm/new-in-windows-mdm-enrollment-management.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md index 31a3184bdb..cfc3df66f0 100644 --- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md +++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md @@ -500,8 +500,8 @@ No. Only one MDM is allowed. Entry | Description --------------- | -------------------- What is dmwappushsvc? | It is a Windows service that ships in Windows 10 operating system as a part of the windows management platform. It is used internally by the operating system as a queue for categorizing and processing all WAP messages, which include Windows management messages, MMS, NabSync, and Service Indication/Service Loading (SI/SL). The service also initiates and orchestrates management sync sessions with the MDM server. | -What data is handled by dmwappushsvc? | It is a component handling the internal workings of the management platform and involved in processing messages that have been received by the device remotely for management. The messages in the queue are serviced by another component that is also part of the Windows management stack to process messages. The service also routes and authenticates WAP messages received by the device to internal OS components that process them further: MMS, NabSync, SI/SL. | -How do I turn if off? | The service can be stopped from the "Services" console on the device (Start > Run > services.msc). However, since this is a component part of the OS and required for the proper functioning of the device, we strongly recommend not to do this. | +What data is handled by dmwappushsvc? | It is a component handling the internal workings of the management platform and involved in processing messages that have been received by the device remotely for management. The messages in the queue are serviced by another component that is also part of the Windows management stack to process messages. The service also routes and authenticates WAP messages received by the device to internal OS components that process them further: MMS, NabSync, SI/SL. This service does not send telemetry.| +How do I turn if off? | The service can be stopped from the "Services" console on the device (Start > Run > services.msc). However, since this is a component part of the OS and required for the proper functioning of the device, we strongly recommend not to do this. Disabling this will cause your management to fail.| ## Change history for MDM documentation From 6f108ad3a1610d0a17288a6d1d6ed88ee1e892a8 Mon Sep 17 00:00:00 2001 From: Kurt Sarens <56369685+kurtsarens@users.noreply.github.com> Date: Thu, 5 Nov 2020 13:29:44 +0100 Subject: [PATCH 12/26] Update controlled-folders.md boot sectors are also protected --- .../microsoft-defender-atp/controlled-folders.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md index 7687279880..bed8a2a98f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md +++ b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md @@ -42,7 +42,7 @@ Apps can also be manually added to the trusted list via Configuration Manager an Controlled folder access is especially useful in helping to protect your documents and information from [ransomware](https://www.microsoft.com/wdsi/threats/ransomware). In a ransomware attack, your files can get encrypted and held hostage. With controlled folder access in place, a notification appears on the computer where an app attempted to make changes to a file in a protected folder. You can [customize the notification](customize-attack-surface-reduction.md#customize-the-notification) with your company details and contact information. You can also enable the rules individually to customize what techniques the feature monitors. -The protected folders include common system folders, and you can [add additional folders](customize-controlled-folders.md#protect-additional-folders). You can also [allow apps](customize-controlled-folders.md#allow-specific-apps-to-make-changes-to-controlled-folders) to give them access to the protected folders. +The protected folders include common system folders (including boot sectors), and you can [add additional folders](customize-controlled-folders.md#protect-additional-folders). You can also [allow apps](customize-controlled-folders.md#allow-specific-apps-to-make-changes-to-controlled-folders) to give them access to the protected folders. You can use [audit mode](audit-windows-defender.md) to evaluate how controlled folder access would impact your organization if it were enabled. You can also visit the Windows Defender Test ground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works. From 7503e090c0ae8d811d1125bd55eec7565e394959 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Thu, 5 Nov 2020 07:28:41 -0800 Subject: [PATCH 13/26] Update enable-attack-surface-reduction.md --- .../microsoft-defender-atp/enable-attack-surface-reduction.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md index 36216eb833..109f729fae 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md +++ b/windows/security/threat-protection/microsoft-defender-atp/enable-attack-surface-reduction.md @@ -84,7 +84,7 @@ The following is a sample for reference, using [GUID values for ASR rules](attac `OMA-URI path: ./Vendor/MSFT/Policy/Config/Defender/AttackSurfaceReductionRules` -`Value: {75668C1F-73B5-4CF0-BB93-3ECF5CB7CC84}=2|{3B576869-A4EC-4529-8536-B80A7769E899}=1|{D4F940AB-401B-4EfC-AADC-AD5F3C50688A}=2|{D3E037E1-3EB8-44C8-A917-57927947596D}=1|{5BEB7EFE-FD9A-4556-801D-275E5FFC04CC}=0|{BE9BA2D9-53EA-4CDC-84E5-9B1EEEE46550}=1` +`Value: 75668C1F-73B5-4CF0-BB93-3ECF5CB7CC84=2|3B576869-A4EC-4529-8536-B80A7769E899=1|D4F940AB-401B-4EfC-AADC-AD5F3C50688A=2|D3E037E1-3EB8-44C8-A917-57927947596D=1|5BEB7EFE-FD9A-4556-801D-275E5FFC04CC=0|BE9BA2D9-53EA-4CDC-84E5-9B1EEEE46550=1` The values to enable, disable, or enable in audit mode are: From 882f77d0100f5dc96d1381bffb93bd78e9549f8e Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Thu, 5 Nov 2020 08:40:20 -0800 Subject: [PATCH 14/26] new zero day topic --- windows/security/threat-protection/TOC.md | 1 + .../tvm-zero-day-vulnerabilities.md | 70 +++++++++++++++++++ 2 files changed, 71 insertions(+) create mode 100644 windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index c2913b23a2..952895dc9c 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -64,6 +64,7 @@ ##### [Address security recommendations](microsoft-defender-atp/tvm-security-recommendation.md) ##### [Remediate vulnerabilities](microsoft-defender-atp/tvm-remediation.md) ##### [Exceptions for security recommendations](microsoft-defender-atp/tvm-exception.md) +##### [Mitigate zero-day vulnerabilities](microsoft-defender-atp/tvm-zero-day-vulnerabilities.md) ##### [Plan for end-of-support software](microsoft-defender-atp/tvm-end-of-support-software.md) #### [Understand vulnerabilities on your devices]() ##### [Software inventory](microsoft-defender-atp/tvm-software-inventory.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md new file mode 100644 index 0000000000..361ba702bc --- /dev/null +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md @@ -0,0 +1,70 @@ +--- +title: Mitigate zero-day vulnerabilities - threat and vulnerability management +description: A report showing vulnerable device trends and current statistics. The goal is for you to understand the breath and scope of your device exposure. +keywords: mdatp-tvm vulnerable devices, mdatp, tvm, reduce threat & vulnerability exposure, reduce threat and vulnerability, monitor security configuration +search.product: eADQiWindows 10XVcnh +search.appverid: met150 +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: ellevin +author: levinec +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: +- m365-security-compliance +- m365initiative-defender-endpoint +ms.topic: article +--- + +# Mitigate zero-day vulnerabilities - threat and vulnerability management + +[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] + +**Applies to:** + +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631) +- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md) + +>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink) + +A zero-day vulnerability is a publicly disclosed vulnerability for which no official patches or security updates have been released. Zero-day vulnerabilities often have high severity levels and are actively exploited. + +Once a zero-day vulnerability has been found, information about it will be conveyed through the following experiences in the Microsoft Defender Security Center: + +## Threat and vulnerability management dashboard + +Find recommendations with a zero-day tag in the “Top security recommendation” card. + +## Weaknesses page + +Find the named zero-day vulnerability along with a description and details. + +- If this vulnerability has a CVE-ID assigned, you’ll see the zero-day label next to the CVE name. + +- If this vulnerability has no CVE-ID assigned, you will find it under an internal, temporary name that looks like “TVM-XXXX-XXXX”. The name will be updated once an official CVE-ID has been assigned, but the previous internal name will still be searchable and found in the side-panel. + +## Software inventory page + +Find software with the zero-day tag. + +## Software page + +Find a zero-day tag for each software that has been affected by the zero–day vulnerability. + +## Security recommendations page + +Clear suggestions regarding remediation and mitigation options, including workarounds if exist. + +When there is an application with associated zero-day vulnerability and additional vulnerabilities to address , you will get one recommendation regarding both. + +When a patch is released for the zero-day, the recommendation will be changed to “Update” and a blue label next to it that says “New security update for zero day.” + +![One graph of current vulnerable devices by Windows 10 version, and one graph showing vulnerable devices by Windows 10 version over time.](images/tvm-report-version.png) + +## Related topics + +- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md) +- [Security recommendations](tvm-security-recommendation.md) From 4a21465aaae2b3921feb27270c7b6870bd6e27a4 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Thu, 5 Nov 2020 09:10:38 -0800 Subject: [PATCH 15/26] new images --- .../images/tvm-zero-day-dashboard.png | Bin 0 -> 16418 bytes .../tvm-zero-day-security-recommendation.png | Bin 0 -> 41796 bytes .../images/tvm-zero-day-software-inventory.png | Bin 0 -> 50125 bytes .../images/tvm-zero-day-software-page.png | Bin 0 -> 57992 bytes .../images/tvm-zero-day-weakness-name.png | Bin 0 -> 38643 bytes .../tvm-zero-day-vulnerabilities.md | 14 +++++++++++--- 6 files changed, 11 insertions(+), 3 deletions(-) create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-dashboard.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-security-recommendation.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-software-inventory.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-software-page.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-weakness-name.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-dashboard.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-dashboard.png new file mode 100644 index 0000000000000000000000000000000000000000..fa995418a346e489874d07c2b46173ba906fb110 GIT binary patch literal 16418 zcmd6ORa9I-*Ch!Aw*+lm65QPh?(XjH-gt0_;O_3h-7UDg)401g{N$U5d7kyntThk! zR#mU+vU^XRefF*!CNC?71djs`0Re#|Aug;40r4sSBi{@Q{c)GQ3BdkH;OxaUoFE`D zfBd^XNhp55{P+>ZSwcnxW*6bhS2!+&AF1UK5JV6X!UD>`jI&Hn?F5zQ?k?fH)Z04y z+1+Bl2KVKk-6CQFY9i+;dt!Wx^8}2+e>6r zf6TFbF2f%LZE$GgN^UlU4$vqVaQzzz?HbOYeLlF(JF`Tm8)(2|No zJL=q@d51keo851{qmYpg^Ov)e-MoFNj7E`BjAb!1GUZDlxV9zOJu9I0E}nq8rl2}& z8y4Ou*MqC=c22N6pKhaHPJ+3|#!R_ju)YZN?~(#fcmu4u7zxa-7w5 z(~UzSZh)yYJ1)sDHXk0GJ(%}leKi5ztTmTFY*GQ#DqLA(n}X&$4l=$i4PR4gOZXWH zzS+1MAx|SCkCpmdgSICAKX&t)l5KJaSH#DnHMi!-tWap^`c{Xw7t7h_KhKkgaFtIQ zq;IhEHEF+4-T;rcKi$G#7OVXV&W)KMCN7UW)+}!yK@(`ugpb>2F#W^d@%imENS*T z_v$TT=@fjqg)qxirbG|UOrhS>5CHa;Ty+o1jaQs|hWSmr`vwPe#S9|n*mHGd5%7eE z3~BLj=qP?v{Jm&!F8Ee0@7CKW(=^DawdVBUx&j!V;TU*#)#g^tC{^VlCFJ|Z!a|hEDOZnZq*;_$MzC3kns-o8$+}_%A z=XTV2DQQAJyvBOY_1d3tJJHMEoKa4&=WJL3hVCPAdQ&@SvN%I-;oZE%L@#^m^=->1 zwzs046%Wo#q!tAE)Cv5G%jdn{!AZBvb?OReJxj&OGeL^T=i=m6d(MtA^m~13Axg!w zI$9FXr_(fiTcTT}N*WB~nb{+w92v2)rI@{30OkezowHJ&nrEnUND?3!U5aZmveRWg z?RV+P{mY%q@6jxa%1X__fwr!hn;wK%cOs_h>V z(ljJ1-vA$F4X%|Fg-Fj@w-!i$i)XX8r(MGh$hr0{N>)E(1KD+9&x%y*k>-C`J-#5M zQ^Isp$lV-PI8Ksec@t+|H+BX_WsD}|tUfY65T$Z|ynfTPUf&*w!?vlY*W!=HJQ&d? zuVQX8_P>82v>`qroTYrXgRk}^V>A#!`l?VvW9}X2kAGBDUtjE9soFk|r_CEhd+<37 z=s`#Po-A>_Fizu>7pHn5U3gnPOL54SMCt1tn)bdr+QyA!L0F}DTFoNOUgV(`eK7xO z8|i&3qFa;@@UNpp3R&f@Nf7ycx(SIAqJ zZPTXI<<((&IejlU!lWW&A&a6R7& zU8U8A8SMP&ZPY~sbMd`!^|d*hj>x>o_GU4;;=HAR`{_+Ob8u7cp+Cttl|FmDDB}KM z*24e!B#-|!d5`uTtl$P55Nd^Z=W8_ysTi%x12)KlE{fCRpYmk@{BIS%ca|L21Kvno zM)}HXM;_?c8_ix0Kl|%W6Y=YG3yr#jREDc4Hh34&b#KaH`AX9^h+|z` z6eFnT&Ls%=&YGU=M`l;9YMZJ&*6dO3Ezh>dK2+1joP2(LDVei7j2U7-dNav1rrm?* z*ZK8sy`F(Jbh16__7%w>3Y_Cwb2>oSb99L>a(&k%}fOrxu$c;2Dt_ zTD|gJn-_2;4)q!*>nG5BU1417b7edjr~Ww|TC3AClD!d>Xe)VI&#Q~^Qou}o=?7D)^LrLZmV*{LKJ_e9* zQSDulnJe3EecPBdw3+dE8$kP;Td~$!fLbK1;UQ(4))V=~(kF~)a3tRG2FaMgKJW4S zeAHA_?FK*&29&F<(sVu^8p6AsOfoWwooJjQH#za6cZJmaY?QffX!#J@3-ID>H(HBP zdyu47wgw`CzUVoNRX0>dh5sHR=1W}dKurHSjySs+L9<#P?=tJT zrJC5YxiMCg;$+q|dC=f(1GGP9`JBF^>`FQzqg~Eoks|vd^EJ_#R1s8})zg668Sv{N zoMKT>Z2;&x>#XLh-*_gfkMfsKNrZI?h4>b`*SI>W!k0F@cw&GF6#Mnjwf=nAF}xOH zpV5Ajr|qm+86l^Tq6v|UPskpnO@ltZ262I<$J`3Hcj=0Dc;au-Vao;-PB@PPQRc`3 zNS$Fx!DumE0kYzyiqpBMu)g`5hxGTUQQ4%bPQ=fO5u?+ZLD63A)?$+7>331c?L)4o z4ORz8yO*G9RXF^%Z5!~VgH7Q(`yX801s%{E%*rQaHC%$9NYgUBcT~F-?K$riyb8iU zvLdfl^dy_tSEGoyT~yW3<3Vr{kv&-JxEuG4l{`Y5J{^^1^yY!jhfR5@zSo?7lIXrm&c+Q)5(^>_7)G-Z?$OL7_0vq_AYe8^SE}? zWe?KQ*xf$LLX-_=rix+~0#w5;o2N#ksDKG!|=_^q6;fik!P=T29~>^T%x^~JYUg{zhK zFbO^i_QMMh+)Jh*`!&2P9y1utl`++23RmZtun7vTk_deJ525g`-<6gf;J^AIF?zU7 zf!>hqZ)x~nVdpTf_ixG{?>o&GCN7<}{siFKzC&j4jcUkq?%F5KZhq#)^$5RMDU^tc z6)WEOiNU%+Eswj_GCs0b^}HuG2PWtXu=+Xr{KfoCW~r_mHeEx;{oGVHO3SDvY^{oP z<7br_EZT|A7x$?vx$Y;arT8&oOP_i|-S&>?5C=#Hgh+kKq49S2Ee1w`9{Jz0*8sU9 z9(_BEa!vU2h17HrGXfwCR~(AHTbBnZ2GWd7pF`I=ZpkOlVhMU>g-^g#x;gnj9ylj* zP~UFe6iE`dH&^gC1sSL!MS z=~;t}&9r-&sno$+{s9^5ZGJK3zsgjkacU%aXVcLDZ$($sfm}|L-an`LIn^T01VYP{ zyp$mETQ^s8l)M(1WLnL3mkX(F6Jj;=$?0^oM0*Iji^&&Ozmtzp%@eK+q12%qe!PJR zG2hfa5P|e|C4M>f2N-G5fVm@vU*z9fhUAd{snKx}2mUnaso8raM^SPhUMgnhZC=u@ z_yhG?CRJ$j$ZfgVm6T=#tI#^M&^CPeBSJRn-RY6)9wouV&{_F$aX*Q*w=w0T# zlYQd$ZJ*{Gzs;$}b<(AdE-|TY4ceSTs3@26r(e!Rb|*{UpT7j2$|S?$@b>ovAh=BP zaNQu4lV&T}RfaG#-d<}>d9etyBMs5oGZ<+J-5;~=YVrq77JPIoyYxs-s|C5IqO1|q zhXKbH5)7f)>iK!koWA6{<}6=e=%1uHYfVxAsGssWzlE;}E`6B%p+(vgI6i#J_QY1m z;I^w565MK~>3XX3H`U~A%zKVLnGgZ0VJ~0$z-Tq?x?SsiO}^KW`?ft<-}($U>YUj} zgSozdni50Tn!jP7@W;e&KL^EE<$@c;ti`gUMXEbf_Ms?yw(ITsql2AvaVK1^x% zF>x}aaDAY>8wEXy=ZPsiT{AQAN}J?(b>M|6%&&$M5gCbiivRa&83M&hQ!1@ldzkh& z!|O60(FqfQdvnZUX*2UT`@!J5BDWVQbo^0bZ!_fim_mkSb<;)4ib!fh={2T7o=Z3b z(hyYaL!>>C42lh@wlG4*WfXIMe@camxb)gcxLA=$?`HmW%DpYIBXh!N;_GfEMS884 zbLYEqwC}5^0(DI+=BGrorQEt`k>#OcFc967+>$@p}>$@iivH>Zf>gIt_%@r)Qg&X zl7EwTXmoiX$q8o}@8pAzfSn2c70zXZnNqucB5a_kHZcZUYcft-f@FfTahs?4N4iY& zgEo|P!0QYb$!MN<6v6Pur?0|LA9gfK1@;t$sjo-W8Szv=x?@7;;D|XZlSUg|De05e zWJ=40AqhP^M($FMtD}uaa}&LMmKNc-b4E`6!SFb(|FYpW?huzhboB=ALF_C>y2Le$ zIWOFDMzZ}h{p$T{0;IF?clQb=Y@uFY@}6OYw&2<_eaxG)v+`sBxp>l#>1MNlrK<5s z#m7!X7gmSc(;I>UGjV$^XO{h&@olt_c>PCu)03JR0cX2qbzE2BuN*!FInH?77OEBnc|f-ccxiWwtZ!` zuVRyCrBb(`&v!-VnGt4Y0cSOz{0{Ar}~(|q|>cc zhkvVzUo687#XI_5M; zjy+q zKwN@l=5HUFjOc&l8C1_vDC2)!oKUfgtOrbwjZCpwJ$*1+<>XmXW~x6~jt-9Li-Co{ zbtCSqx#OWlYR+6Tvnz(*KEFy(SjY9ACS0f!>e8cE-!}0Vec7fOFfc0kSL;{TQ}r-` zs2bxLsW?w-cqldaW-;hWt-*)4SIxm#1uE(#7oPTLS`q}38k;uie`HMsvh#FK5`g~J zB|kVFB*(b$BM7du{AGp@e@P$}i*eXJWMo@w3l(7xCI3fYv(QH&&$@fS#B1r6zT4Af zYQR@ZwBS(bT6EeX8yyKTKcA=)qnl_$Sny{7E8Q+aMSRi zL(avC)&p$B{gN~J^Q(nbFsmmkk>(z}Engk680TysB}@578;|;ej-H(Z+zRJrDsh$}6PauC3SRQBr5pe}0#DFiO=uIJSs=r(mi66o zme1Kkgvol61zeCNm?d$*{vlmaB43^E`>RF7V9q{j<7dYD@$YR>{U3A)t&3uPuO@PkZpFw< z(;|ggqU|cYQ<|db(5ew-vPR6YQE$;Z?d`Gn>YT|8zLqU(QRGv_vrJf`?U)Otv2ye$ zp=_;(LIu8v8Y6{Hm-Iv%wcA7iXm7qgY}Lc%4USsM`Ewvcg2mmkdT@ge?Q^9pSaagQ zX6QIc4t37_w^;%%d;gzjK<|!caoW8iPp{GV3zd&hD9h_&ejU4)(~P5va!Riu=5@0} zOpdoNG)$t?HJ&+hoOl#dveXMK=HQod@w^}2U{R9I=mB(q9br#GNz^H;`?nq%;Ba&G zwv;$}LUwH(UxXy%nFjC{j+o-1AWCdM)LOv7p~!i&OPZy=BgGA*-vi7qAh<bljuL-sziaetFLu3bY{JJDHW(tcSJR<1iw@ z&0>8p>E8|8J?At(KS)ORwD3`&(Wi%*bf4PW;2O-<@y7rSzHyYH+yJL0Ax|bpm=c}` z=)=DV1aq3mbp>U|m8J04#}EnLzXys=t7%je7FH_40)Deb+%@ZocX zrEas|rT?iMer!Q_Mk!6LM4GtAxm8K_6M1j*Q~0o+MpnRs9#76hX3-$1*?K|RxKCm4 zcqKB*2aog1-M9o8a`y3QO=2XVbt_DBwDL|_!o5o1v=``6dC_~GKXhw?F*tj|EVhy_ zEcG1Mf#_qAD9AkUeU6bVt;z--kQXA)_k=B`3g92&l-FQDU^>f4;z^dhW=9MA9v;}s zCHvy-7PsaZg1tNM`Pf->U7ztvhJA4bK_FbgB^oHO5I7OVDPZo4$BH8Qbh1!=*Nz%E zIQ94t3D5t7wFDvSKvuCz`zxl8Wy=hUKD@*e5;4;cNf)Dyd^uPFN{M}$S*N4##U(0L zC<+C97VgbNoF*j1N#A^csN=yXuBya`jV$*55VUQ4fZrgx?0Ry!j8*lhi(pTJX>gL<84_&re2BLN9EJ7eh>+2z7I^zXkPS}wGA(q7q2HdT7yIz8t;7G^5loDTq%OR>xAs|LaC{ONQ2o@oei2hi7iPz&l+YXI4nmVw)}Tm|FCyw zOB}9Rrq$iwuJZZ!OQYX#rhG~Lx^(Ykv?+yVi>~d=l{v92s9pZy#mz4Csv5A^?uhGt zQ{$Ys$Z{l4RBV%{I%XbM0SozuH=@=jzXgth%HFwh%9DD5WUNN&e_AMX0V0-jzfZ0W zs9<{=q(CSPYvvhJW($`hDNQ7|#Bt@|Tw4Iu04i7ON+BlHwy03A^M?fOKO4)C`H^fn z_hZBT6Q{)@WB-3D+N!pd%pOf0IlsQWT+A&jIL41AVoH6;<;@$9IxtmLRcp?(GR@7+ zTRVnqbZl9%vc=5cmzRsKn~zJ6Q{u}9P&>iQmr+;&kd_&6<(n1E9+gy9b}%VAKVPsw zKoB97jbjH7gnj3+(*Esda2$!OJI3$Fiw zy*b<>w8?+9%;Aq~DR%(>kJs)19w-0XH&z@L93&hWk{@bShC@$$0ZY`hdJ1_0W8H@n)OxlP5bGQCu6W#T>4hy_dHHG)3KEQ|a=%{{B(=sH`!LF8`o~Ir0 zWUCczF{U}*u#Y>chN3osjd4ageoGwXEwTWJgd8smh|FA^%be2QgI@$_G8tBV?Qu{g=Hh8q=Wl}aBcO{E66$2OhJ1I?UrRSUJ-7TZpQ)dQz1Gikcj?L$= zxseX$jK|kY)6z*gUbEP2ekq6CK;d!anO|^LAh@oZk#JIVr{Hj*iKK1l+>NJ$zKU0` zgu1=(2@n}glisG!E`F^CvQPHto6tVX4+50_`1haj%HH#iCOo78aXk?NMldrdL@wFO zkW`YwXr1UC&$B6I)2MAiQp1)=q{-M^KU~W8j_0V_G1~g@c&IdNI!#}@MDvMj{$^BZ zR+ZsaA<}CmK_;Eo%?z-O8fj~2Z4^f*MPhdllQ4y8@FrTQI#TqRz_&0XGGU+8+P~nU zo0ij8Se9eW9?#9Ohrb-dIV}CP*bbxUV|Mv#QYN%H!Hi^Etitb|El^=#0O3x9q^9LZ zecm)(3Fc#tNk{B^EFm?{ch!@I*2KtMz@1RoFe;=+SjJD&13cdk80V-&-gpe9b$Fa0 z1!x2x(OD6cFKA7&31%Af1=|Siu7d`k{s56JQ7*`1d=L?@YKN;=suvt_SB!nFm+xb1 z^)kmX7)3pPK*k1KwlIhKc?<9=ALzSt8%|5h)iozI85fNA@!1WF7Zs)P7kA8dgOMXb zV)HVNsDeLM$=wjbU24P1UR$FLWRgVi`FXtHaC;%1>*Jo}Xu}{| zbio|TN^5?5mSMT>YK1e?Ri-}dWKKy>z2{IcshE8HqWvWXhU|z?J>)*#ieXHYR|ZIe zhax6iFNLF2d3%@T_z5)is##{99S&n*7OA;tm0lcHT1PJ_t~@eJag3ep3h2)f_tpjD zF$Nw!BY!W6hg8v|**eo_Y?KtA`v|P8+@(ZyS)q^Mu}PiqoCSRey9085`#==nvmo|n z)%~4JDSk*v`Kjo`cZCAnVrI_Hq(7?umMZMy!?W#1HKLU+=i|foWJRu?WcHnDm?TpO zBjXeIUYWQpOP=>Z4YQtJ@)aL$pXr#9rP!CfO-LYWR!-OA%xp~_#k4-hGvkHGC`{CH z3hqjLwsBnlQx+(fUH+%jkc4A?f}60WogL_ zjJ>1<{(8(jtDPhv8;@+Wnv5Qn$9LDsv|l6E0roWGxFXYdW~3+0eoaj(s@HWtK4Z?0 zHY>%pAnb#rjsb@>{Hl>7XDF$v*+mV$-@Ra=!OPjH$BcN=+=94siX88jer)EgMt~flHS9s5EYd?h9 z1rXTsA)ohQtL2V-+L<0km|Gxy0G`~e9Yyhp5nyb7ik`dkhOP-tELq`;9kvqB3@1zE zlIJOq&WgD1ng3ed`D?&Zq9*TzJ0=ruTR*Z-44LUJN~W!n_bW9IK}vt%5BGw?^L*oq zWFN#^eDUA--U$^8>cE=g+rASzA*uFT-ZI~%r;__b${2i{xvuCDBNf*U@1m(196m7l zPs_BoZBwtDIj0yS;I=pUFPM!7h>$T9`H+L;fq>bS^r~uI^qX4u(l&Z8;Ax>x0qrp9 zhdr@KF^oeF@yfk`YA2XHkPSaud<=oKuiT&KnX$SF#!JmE0?~Ue#@*-y8!p@-PbGC$ zP4Yc@<}@qTLM2ZUB;=B#eTDmGs{4knl1HfiyNP`fug>lo5<`K8Vv*y_E zEPFSe!8qCszD>p9g-KPt0zfa{eue%aic)JKXT)mkW8r4afY(|Bl34v)b}QX+xMZxj z=$F}f2_)KZT%+u(91oA7RBm#X(9Misl|qb=j325fHVy$_w)w;c6|z6-45%1|Zhe>( zXqTa_I|+pzcTvybSI_5J=)x=FV!f96wj*`I1sGCv;4OhUP6jE`9rlAhUd-~M_pe;z z29oG>E)^HFO|uGvIQ7ECj%owELrGqMYL)lFmAafaLBv$J0js%XQ!YIVj;C&ffzqaI zYYiTFm_MDjn7t&Z|He(;}bOZHA~r~vQ({yKHvp;z`t(^g>-q- zoY}VO!f`+OiXgp15^bN+XbhxoUPf@7GUW0Qw6o=BxaRKCY8{5x%VKL0N-$<{+5Ur6 z<}9_fDOxKs0%stD?HnQP!NFz|q(}fAu4i^CKO|4R2pz!-N$O#jBa2d0+VbH6MS%#Ij4q_H5>z!NiO&mEn(J-^+>4r) zJuE#)CS~^_d2(m?+J7dB7pog4@N*7mqyVSG#wvDTu$2!7d#LDrD$YHjI^US$y_E5{ z8zH)`&cQMIh^GQ3-7#sRVafeR7@YSlHy{Cf4*hdS{msa@U3~1HuI#elA;_zJUUt&K z%FilZDTPafEKCMAZze}wln&EJ&Rlz6GG#+#i}M>BlQw-`qSDfEY;C+F>UPnpOr&2V z!70ha7t(OOQ4^D0ui@$GxU`z}-ShJpSXfxv+S}Oe$~3?-gEr&?sXJp2ug((2X19egcD+UQcU&h_#(R?evDoB+ZspcO{eYvv)2D-f%?`28 ztq_`9LG$y;XeydcJ8Bl~Z}UINZdF=7j`Cf(fwAXC@wIue@4K<@5Ab?=@xYpbJI$Z^ z&pC{oUQ#>k7+9qPOsB*RmAdkRaU@mw$9^qdmwd8B?&|sFaB-hv_JXOY z&xyoyDnbLuLY!&xgY?h8!u9<0s2}yGfr1}^GGHUG|Mx@roVqCTOb%T72(IU3im{iO zBn8em1c6>tO!n#Fk@UV`Ux(B3b0x{t{fSz^IA9neDtL<0?$0}S$wnLMcmYZYgK_E7 zGY4dnuYimKNm>eG{h`Si(56gRREFZht5g?rPX20Ia4^K;<8fRrB)d2leLN**hrRnq zAKLAJdgjQZ+4);e2MNX)@ZHz;x$CAg@gc42CAR_`%krlkc>?A4k|mVVTx0O)?wwv= zEex0D#!EGddUIcd2=~qKJ4=|K*nZr7A}(M20cuu@U!_~ z+3Kfj{*>s|-JLRbLe!o{QSH3gR9sYZv3jsvx@%%^6U+|re1^$A^|99f*surg_JFZAZ^3cpCjdb;URx=TYGtAy|f0_ zCvkNGVU^k6^*`w59i4e+H^An)!-qUVu%8Id-`>PxpFxN9WwC24wdDJ#{7U9_|G`0gcD9_) zo9zBw5S-Obm~VH$aR&liW*q{pypw>G4DF>ifz_f_Dyn04X($_HwxPm1PnO1S0}d0j zK@fr7ipjZQ*Ij7?!i$6#Qr@OUUpLt9_kAK~>29b`c1e*lJ0am!Zgvce?s~{}qZ^@~ za{j~q#ydoHsLvXVeKE?m+@z65jCTSUq5T|JeB)fl%cQ3CAI$pgc8O4CmHYgc?^?Nj z_XDRj^@4Zbr1a#@-{=u3b)AuhjTXLx?mos~`JgI?9{VRta+uUt#U<9WFc>jljO?+9F`e-krvvL0rs%3*P~8zsq{Y_JDy57UP>%McbJj9&)8~{OzbtV=8v+b)RytrNyhzuC+omst9u`-`5 zR%fnBQ!!!*l$8U8$PQ|sBSu6GSzRy(LLZ?R(X3fbWvyl(J=hbtV{G5HO}74YgYHZj zOS#ZH$R$Eb`*T&`ZBa~fMz@bVGs@$#=uLxLxg+!MusicVIjp!n=RZux2g`B2YS*Qp zq|{egIlrU7i0~17iz;3T^VNB9X<`0jG?KG@pD@_j*){9U{mRR!>FDS_C=iHiB*c&H zqF3b?Q1oAlA;9xbnA$EA{Xd~}4o1AJ9$Z9a#(&W1v_l;pk5g+S)74wge`9Y-Dl65a zjVX4%GPLwnd2t!E!dld_&3*Czvc}H6u$=eNqmZtL4b(jUTPSuObr8aN(|S=_ZO7T! zVkR-uj>jl%WUKwgvLUQsJPCaV8>eAt72dszcLxqhbLT1z2@>N>otoQX1|1#K+~yWI<}5nk-07YeFR4_+TplaM74A1QkgB2U8ZhSTLe0sjZx3ppR`PE{Kwu$>f$jgfi6R(qoFxfLa)bpXwiu_hX%@*LN zfL`8~CuBlVIX{^bzFaR;j*aotR_(+rg%1YhAK!Fb`rVSH|NPGlnzu;UKH+s8g^+JH zey8HVB$bfqY*4$Q6~v3ar- znGRMx+(#NKc#VsrBnl5Z@~--^y#CgSx^q-(nmSFhzWlIVUg)#V*x<9hP9m7dvT41y zzt;^;=P5A;za#nfZK_gh#2&mF+bXnGaZh$*3uQ`9jy>1egB@#r2hgk9yJ_O_ozctJ zfN5)sgRX|3nS9#pF&}ac4x3zfj4@^m)rHrCVRK}(EJvvx0p{~%wET8iqg7w!u9o)& zHR~oFr1sH^^S(d0rmQ zTd(nBY5S7!o1??u9q^pZviYR=MM({JOhJKDH~8cUaHBswYOMZFmxS+VXZAo>7JaMxA=bi{v^u7xKUjMLb{GNhxekChta2cY-cPL zIy&of-I4B_c!L1G$^9j3+f-v*e*~J$G1`~?!<$zyw=E;DaMAB0!}bRXH)*M0@ZK`WZp`|`axcQGnF98*oY}O; zyq0-uV_8=>Kd%UVmyPj*`9Rj$`XL*4bWe7>NcJ+l&@C+_`5|VFl2Yae&?p|PE>;S{Q=P4?nZP& zaBr+*{FX0v;di^L6^%*A;}MKzTSoqYt5l@SKMtR+4`h`>SMSAQoTjd1 zf}clys@pC2+FUf*c+w57(r!4?=Vhu$$JlBEAe> zLazI5^z+T>Wcz$i?$bhpUALrjlh*70`hb7P%bm1+HgcPS@JFdVd8bIZ_Jcwt_` zvY{}tk~?|jx85qr*?h-9XpJx0ex<07IJM5`htqEj{dPttyGdZ!I&;?pq3Mh}#<6ZZ z+dzoaRsXiydFOFKX$s}`d;A@Mq%H_sT%38ZfKAi`RAV}8O>}I1aTLmud)&6$XKFLe z9}Lh+66Kd`ZgL9T&)y>WUxjIHR2OVQzlm9hHZdn$#4UJ&Tq5OokbRUD?zH z_IFHWA?+etDG~MO^HGh7N4sY@;#~%JEuxqF>#z0*J|W#MpdXt$kYMRp+(=;2hR zo#*s^kbS`5V>jfFny_eFnw7PqXe!&s9Uobrl^(2UnF=|uZ30ktou&7Q1te?fDkJr= z#x=!&+!jNuT~j}QXMSyGhal(U8_6#E(YFe2-dpmJWid$Xogew(Q*J3$u6nr|RJXP= zilPQTj9ak18Jo>W)gOU|uJW#=IZnBHeW@BXkM0fjjdWA%rXV8rNP5kel;QAH^7ORvhCwU%1q^zH2 zCs6ssmcJM&Gy7)d?;~~np5V3{Mauw3 z({3z;?RHBMpQ7!geofp}>e?RIR?oISyjgfJAZK#k`QRWP_ThJyak`912(Xw9qnDFLPSGlS7s%>LYn zb)DslIVrBDz0@&we5rz=k`jN#I&BR21|>yEvMnQ0T`p%4RH#`T;hryFAW z&x2eLoDMP%QyQb?^%{TFcpVmlZHa@0(MjShkRtej43QN5V>=nl%h=E@R_Ak0d6N&8 zFdc1-bT_Uic5@?0%``13XE!1^vT63=_J+B5StbuK4h@`sr3sNA5?ohJ?1QrLDr{}smUBWf!i}y%a z58;f+12o9l?xzMNKh^ou$5!&Ven*`8Ew4?$JVNcS2)rZx4%#)k@7fd8a{9qHj+K~3 zEO<(wJD}laGZz7i^68euH$}%cG#YbD)2>J>CkUk2c+8hXK2c?&rl3dSc|6|h=E+=w zoH|ir8by@aVyFk>OvRoQg3?VQhB*BI=nqz7p!CJ$Gan8G49^HrJ(0wtXT`jsZ$MXP z_NPZCy={b(TSrB^iqX(B>%}fQl=;5O1zfa{JvrjvP!qNY67#(@Z{G8lE%I9)b(>zO zi0YR{yM}06^RTfJbSh6~mD}6c*Zc;{nNAz5YqvJEbf@YZC3rW7ZSoAxI!HqCo?DC# zOeS9~n;9U!l@s2@919{NPszVLi$LEiNW6Ig2zfW*yC5e4nA*tK-fZO$>l0|C@37ii zH*VLDeUUYfYzD6tRn?HKh8F-AWRIXVU0RFB8=>uK>^}@#l6~{OpWQEZ^SrxJ{a^T! z!6DC#mm(C)u>xWs7fGO<1c9zqwQ-JYbFTXf2Z+oir1s9*wHp;~@oVMl;kzUtTQ(Hb zRKVdC%quWtAeR#N-a#GxiqiJAdE%=O6y9(i*CFT93n$jgZB6R|iHYZ^Jxc4}QqrkH zHOSre(l1_a2|Au5ei5%P#py@DFOyn&J;}PbMxi+3lNzUpVI~EprQ3r1`zHM-D9nHK z9Pr6l#6r(KKyMc9UR`xT&9cDS5bRuB?8UYr=G}Fs=uVuTds2LRloQbi-{h;l*t%vp z-N9~`b$dH;zXyJSWZ#Lsx&)Kk2&N5Bzwm?>ukqQ(wd|iFMo@RBLx&-)kSciUnd>Rv zaH71d+(?@ZdY#qa7L`(}h{aRRJqDiJj&LNuh@p)hvRD!E+v)X$HM~rBLGK2=+#bN< zxp3=|6Xf+(z$VVRx+sX~I>NUMUKHIB^eCaYxQ%H!{ci1bHjKpadkySQ6!sAmM6JTw zCI6n5l2obrnQj6T1l>K5W98CHum0|+04%63Srb@+dxME}_utH?;q)1vf#-G3T(@}vy=y73}+ z8M`$3e?Ch$hmRZ-k4mqkPx1M@pdV`6dPGL2TbBF57O$*m&R*bafDz+9Mn;sv;PLZc z9NOBtb9_89&c12AjZcXbAH`Tp_jg|99pQ|9-5KpeuQv?+;Dez;Rs7_$*-#WVeR*=V`Tw%UKK|w*I{!H0` zf`XcX{6FCm6?v~_?6FM#bNTf%b1w=C2ClQuIdy~k+vJnf-s;*a)XP^d-k=s>@OiXI zL2-vdU0KQKO~%H8e~>Y%8BY=_qUl4ArADqtv0sDT`!;*QQ2nBF^~+h9 z;(>Q%J$m35`ZNHgaxe>Qg12wA=V4~yK6IYVR)Xiq9V2g_EUMI85cYz}{kwsVj>R&v zvMA5yiP6#LN6zlu)a%n9nI=fHn59-2+U^2yvPwTJSAkRT^)p2qRRFG@cr8a z1-t$Q2Hmn>$u1xO2Xj0`%ar*5Y8xy>)Fj_mVAuiL8PUnyU6oHw422~GEb%; zL)ue&#;7!CnXbiu!g#FrqvJ*YH_1sS!NcL!dT*Bq`^+X>oY>0jd2m}pxFz*}?`Qk? zlUt0+_}2&GzR%P{^O4KTUwP$m&p!8+A@w>v)Y09*0eI#3-udv|u_wbn-|TkiB+A(o zl_^3?LkG7idYeAbTN7cpI;XX3(VycjeCgNIRg9soyNwer`f1hir(Jz1#*2Ze=0=cx z!}gwv@mUYr#AAe25o55p%|1&=5lYv%6lIiTvW3V2E?F9xq?F&9MBKVs=YxDvINONl z86EK8f`W*@6*1zjTk$U9v9))HWf<+%+S!|T8006G{pI}=Z7k%uf|z=3(MiOZDG1M4 zgS>!CyJw=!Vd5id8@0&wEU&WV9kj7el?pg6EIK1+faR)~qeW8OQ?`nF{lILV(FRAv z2!fKvbGS}gtJjYEAub&6q+hhj%w7qH^l%u@WJ&H7p`~Pm%d$$ z%UL==GS>meLuXI4J~GE>dR#8;OZ5rg%1T;yGwe8rsR#Bu$hVaDogPUEnM*g$gIgUl zZ`MS|6~vf`vsdWti{3h0PE^Co#`b0!`5f=#o{|;mpY8gP<2|tOMhI8$Zc}?e zGXvz|__q>`kcRbN4B=2|upTfQcfs=hno%Sz)GY5-t>=EGkNfJ&aMxP$di8}Tw#bld z>m}eote0^BI^QXVquh?y^4L}2wMl80;qFfM<^mEpe<(MoF2-PF>Rj1Q zqBUMieL(8Z0M@+7PKO*h3p5w%6$Z+EYopEo;A;5MWImxhRfVf;kBV?VQ*JlR7tA-| zS43a7aoS8D<}8p^t%oHD zezM-$H{k?Z@!iChZN&7p)UT>f`a?p1UYQNI7V=VIrH1`PY9CA^tg?Q1@(427%Xuqc zl>i6&_yAMb@ZHc>sUd9+xU(x!Ou)nBu)*CGG7h0;O>3^!Ij07KXvmCJ>$}?W)8}dP6qbw$VmVmMJo`i)U zK_{HV8z_0=d*^r`OeN=DazQ*H(g(8_XndUKXO(5rPt3H~e0`w~<`Ys4746EsmF|1| zK7wfHW@5ge{>PZU)&066B5*qy66LXG(F%jH;G9SEYM%IIJ4W%DScga!n@&1|9fR!Y zlS&J9W1J7%bNkW=%Q>J`EjdLyR%P*(Q;g8`Z#MC}L#2Qa-m`{>F9po&tLSY<#d!C-(H^$=16?PO#Xsxj#-`ALVoIIdHf=Y~HpsfFXDW+&8N}dp88pzseKMJJ8-ktt-YKM~VaSUp~E4q0t%Li0)7Dhnz;omjy!1t`=FBmZROK zYyx8?lbtt*PopC=)ALEKwI<>O7h}VtCI2{w3{fDOgfC9=Zyw~SLp(L zDjny_6jw<^Ve=ai^1g$m<1TE{Pcfj)Hp>|RZKF~d!)CehphEGkKtEZFXFGCa#TECa z`fG?!P4D+eM*q@?L{vz;e<*2PTrs^A;Ue#2(JSdbay1JYu$J|T#;|-{;#6xcNU4Nu z2<0Kk2UBGZSj=p-Ls(p!JKIbJH{jp{L1x`}*AOWDz<*stzJcI__um9r3nd5|B3@&^ zAxBoI%c8tQVrnZ*Divy##?_cz7wS#sXg|m%E29+adO#J98%vc+G$Dgy*0HU~khS0E zxzgQX#)XaF=g$RrBduA{=Um5b4=yY^kLv&d>OKLr2#zqD*E zvtLHIh15ONTYP`>${!4{lh7_$c6ndNBt_X~=XBmSIQLy$41TiA0WD&mM(8CQytbvF z=VkW-NY3Demr)OKwe5JHcD;Z`l!e%<`3md1qWQX-q!mRh*)VqcW+En(+>_Z#M7m*O z4!Pr=ivF)A<+uzl-Z~SZx7RI<4xW9sSKr?Z^kCd&U$F7w>|GX1{DKYIbB(kHPPKGU_|d2-P^zCV9Sb;S;jkCD8Q2n)Q4#d}G0MXSO>#L}~fR$)!Q z1;t^GA4d5SSlXL3Fz4zO?LB2vp@H!>bM>UgcvhSkD2j0Ue90X?4+N)&3p}3-C2Y+~ z(TS~utE6SFI2%4mS_yWKL!HKFzfrsuJ!|Q9V41WPU>jpFjAIuyu1yxYLQvx-&bHQ% zJyNj~WG#}aUtivdcab}cQBV+?xipk%(wQB2KwzSov`=!MS)OkkCC#w279UoN*6k|b z+W7WPvh-Y^jkX1zqS-=Fa)XZ)0WzhrPhWbo2d(%UL$RM_veFA4!G}ikfWt|OOn(&4 zo^ZbxU+g+6U{6bk34MBRA8H|>fx&j)j`B4Reg!xjLe@xa;5aB8@44SI1W&15Iq~_; z&YqWzWLrA&?$c=MBS5j3$-bWY zv9E=10;!ftdBISx_{yNg--^ae?o-bD(NlF3d{?sTUJ-|V)!DFR-`alKIXd;(gHkjS zQo#Lc2UA1gJZMFSL&~sX-gaMW}soXP$R_(K^*9)OwiQ&bx+@qA=gj zTum}TOtnNyNv z`R&`fZ&#MHJh@fRRyi@6B#`K|CbA?GJvio#3-(!77fAIjgrqEv{Do$5*(hAQ|HlqX zu^hsTG7AeWPreBN9X=J$mzetwu5Ayl?e(>I+o#OjnC#ylw8aH|u$+Hs)J*3!rqHrhz*_=|G;ZOz+*gIRO{uCd2J zLHHN5ce_#6jN%sY(tZZFS%@WJxJD>2FiJwrxJdHV(T|Z+dN(&2{F}(U`*u<{2nr`? z{_TN$U|?)?rY-upyJ^#KmHoo)6~n0CP+RG8AN{?0k09(Z@e#w|n=4XfuIZQXO~U7~ z&%bu7eNc$@CM7;eaG_NM*o_3bGFFMWbZ4i1|Cjobcw_t(m^@=qwEh+yj)Jlf-nmJtI z`ha?$PQOVE{#!+@+(zfJ*(6xgw3|P$x#h3HYqyME%T&;*$@hP!PRbi0gMOv{ViV`C zgb}*7@<>n0S%7r{CgfKuat-O|^U>z>^WYyzY$~dOSL!AuxU~CYzIQ;k>m-f7z?$=m{Sl!`$gLmW@w+($PVUfES{*}JEACi_)b zGPdmj)++Q)jq*~@+2tyWhF<6x2tV8cb(=U;aT5?=4Zb2}m%!m@w#YgwQr+{0>MfXw z0nxbqizwqH=o{Ph8i1%Y+ucw;8eMv-3S|AxOJtFy`>(n(} z^%31k@o|fLDw-k&Nl9DR;=W@EGdXP+)X}u@_O&K!+175qD9BUbPn&<+36<`$S^{So z_D{aQ);(}1HF)9CUgVVR*G{GtnL~6Ri^u@O3zw@QDbFwK*R}53X)+X0sij+Wx2 zk5KN3&ddiVhKx+*okvC0*=w*@j;zaaOn%$CkpGVkVB%U9;dbP+* zmX(l_4Cb{IB{F#5c{|riN&}&YjyXDNpK{)jnnz5+LrR5eMF)Q)!9 zjU0(&=Vm+zDSbR=DZ^(rlBZnQ5I!y-8`bgIU6I_f!7uaM$1)dywWQyE?;5tQw(0m1 zp$#^T>-UOVPcQqYEn!T(HYQ8IOZs|pCivCKw~BTH*EsJE4a%|)R=Zy4=U39tM-Du? zuD%E2AbK%eH`w3oXObI%Kegl5D|>J>1k<2VYlpGGH7=%2XxejkE->B)J|2^2;EWRN$waQfs!!882tFL&`JTd)*U;6htqI)SXtnU=E`d>L+}N<8wQoU+wJZG;j_jolt59I;Y&J3 z943!%3=Y`04BkxnlpWA|L+WykTiro2q1KQerMi?TDf``@<=gj(^yu&gXz5!yy3=T( z12vQ4desI^2Yvs?myK}D0`0>DTPd5F_;$Kg7H=uDhV-vNRSyS$YSnM3O}%wWNKHzr z5aYb=(ySA9SjzGWZBJEnvMJeP)0y4Qb?X$)Z$M?W{$wthcr)tSe9qDXO-=WMjq$&x z_o(`x;M47|eVD8Tx%ZJn1E$-L0mD(5zj|l`vV|eW4qx;ARt_V*0ZxMB4xFD>fUvLj zOx`XJIE9xp300a)JU?!K7Wgz3-{MKCPh!!wo*q164qUa_;_xCK9QEhu82DbhtVkRV zOMrC+WIoMur&}--u)FJ89T=5{Q+5y>7vU6bg>~yMM|H)!JM~7Ju2W_ct>aU-zD)4pwKT1;h7M`!4{1Bx z$<--$JbhM3U;*{Gx;pFaKOjkTE`n2i5@9n1?LG3^iiZVBB)RFv%K@{(T;}KBCzibt zP=34i-D+W#P;O9IQ;Z2Z*J{*5-+$sMKVEmaFY8sCTYw%C)~M`*WqJPHP{3u{Fpmqi zPf{DL`Wzos12(`IDvtTVH;h8@=Y8wSJV@~tzh@q}1;yC2w{`=N<&%LY@Xh6SB4FZC zyy|Na^YO}!-x~wLBlR8#HlCJ~0Gv;1us1edW|avCR`Ye~0?~yvtu?IMd6`X_tR`}9 zg*8YRJNx|Hl!MC6r=40@=SF-1$XrUuNOf#pGeLw@Hn2H)#C|0QvY-b!TcZ7+Gt!II zZ&IS4N6lEK*LV1mA~c(nmwNEFBY*vIbZTS1TEA3C5btL_cqToe${AUpEE?^fe`4;g zbe=U|ZU2yQYVg9xftQxzl{fO=U$}ZJ;FR5#r`{;@z zs=Lrq(}wCOh!9#AwiQ!c((}wc;(!RG%8)P2&QAe6;+6Lil05IbMF=&g5|<6L`_LNx zajZSCtZ<^%UBNcL03z+Sd1@b%zZF#dKs7tstv-GhV+BbaLOq8^w0dUkwtcOxCgnDp zx=qE&XVpX&uNwzo>+Xm<*VgShkjj_SBN9kaPYc!LuEv-;ZB|?X*Sm{OdJR-sLs;cY zHL#Xy8hfFvq{bJELu~iRF&FL`8g&gFwtH;b?8W+pUX|Y2z!i~pTXoK8cmamnS;gn$ zeP^r<)+($tO{7}Vp^2p^<3w5m(LN(7iR@kIN^5SFdTktT$OlT-9;=Y8-3$6EX}D8I zOFXavp&Q@L@h28EUG9U4YT85hS?V@PC#?-1os4VppN*@9zrksZb$K9sJo+*ubbEE> zS6j2dfx$(VUcn4q4LdFO<<-j$=52J0oxAEPfgkakUf~aQik~_bb#w6@iKx5#Ga8Yd zi!}>@X4uyoYjeJg#Bc`btO+g0Q0!qj&TCOq1ogRwK3Zk(Z@Wg z+pkee;1A?-yeS%38PE)s7Mv!TCOhG1!-Yc8hMhRuMoH19{PuerOhO9`JhluPb#ya! z`o;D7!*)q!a}hO07DlMvJ*Gk`T@ICjw?MK7j!5Bv4DYET{Z#7gdYVjJMt-j_ut}hS z^7&bv7uN`)!E#-K!Ru6$Rz|PVMXQuWd&HgAhS*ciSIo(M8+I8!eGZEfDcLco44ZH9 z*VXJ|RUyr_IC~Tc=H|j9`qwBcR*pUBR9nkbNd8MdJ zihI7f)S}Kgbhk&jdBNXM%rW@WH1X$o`8Jn;S3TG`sc4vo&ID5Uc9Q5q+yb|H-wB;| zOI7h4iotJ24s4mph?Be%R|FZg!)qDTRc98I0`~w{xs}aAK6RgwKAj3O8`U1U1w`T#vY2I` z$JjQT=*$Iyzg}SClm9j#C!t|#5uBF-gs64LAEBaces;v@MB$NjT}nff7R>dEsdjE% z6)0=o(Ajpa=arBkh++N1pFwq#tpI(^rYL`$&3O3I!xy%Xh{wjq3s3vS2*;P1MIRt8 zUAm@!l0uJ~uQStZOu!U|UlHqOuac5fsg>NE!Up>^76Ib(-YlIy=QK?48eg!0fsB7~ zbRY5y@GgLROa@2mZ^lPIo)qSa%`7;{n@g0RhaIPw>#q8hUr7)ht6gc{>GQ4_vm5Ht zIDJuPJ*sWDvRdt0o)Dt#x%}8_{sKz6f^;s<>$Je8eN{a^dCgBY(;|RCAI;%hw>|$R zI#o)gHZo&&=P3anu$T}uF0?;36z&7pju(6IjYBR{^V#Sjh7ovLN8f*J$4ZAO%+wL^ z(HgtGBn91X#7^1yz2pggjm>a`t*%R9!wO1S_NdVdXb(07jsmcEdK#YE6nY40om>C>XJ8`W^ z@ZH}c4J&BTH2 z+2^;tXpbR@r#L&Fr6#M`07Z<$2$(w+cSnZp96qVVXEgC(WA=>*)_r9@>?@jjv*yzh z=PbcJvhT_uv^q(ZO?Uu$Cz~K=z7&-KYVxam^soIY{Rf zK20z>Ul8&1Uh)$*Ij!ECIC2CoYsL3B1vB}`bZEr-?DNP?a%I-v!hf^vp-GJ4Zhho_ zB#@CBn%H0_PI%9syc~UAD55C@UwZCm@4sAt#@D;|>R;^93s{J9MV!{JFU7_%RdV~d z3N}}v8I;d5Vku>99Nlj+K3q-<9=@Or;|^QmKPlX0=zbk_3H=v2z~oXChLH1l4t9CM zRw;?!ytO11>pkEEaXqmY^@czF7Q@I9Y{jiLvLQYvF8eE*9Cu`NPSD(0x?1NMq_i!W z&l=yU>cA7CV)ApK?~YpZA=5SgOfs-S(3y5AZ2gUO6LuY!9x6ZPG>&IAC^g)5C|}l& z#><~nK$7OUb~U1$-&f34q{KmP@s3P^A`@lmpK1C9u5f$FBs{;$i*o<``^YrKH?8Md zmRCxdiscm}nercINM7#)+Y1gOxh+pB#n2ZQVo|xZ^hMWPlUh$~XJ5GbBsBFGQJG8D zmdKT@bg4B_8N6#yO{3zThCXRP)^5SMdC0CrQtJjl>|4P^`IY;{iVtsU|LTBgZ)0YS zORr}3`H^F7N(6zL6oSGsnqRho5&&$+!!9meC??RQedt7!jHT+gN#uAL+S9M$O`!<2}~9 zRsA^iBI%RO*YoTmQcPkudEZZboEq~Fu9n;O1BB)fJfw_k-93zEB8Z?Fg1n}tA5}BM zWq%7;*YU-J6Mu*^lRed0cODv{@}w0IWV0E=-$xe+GOF5Q4YAFS}q~+qxRZb!_3S~@|V_E zSF29y8XL>o+pS$)U0ujb6(F#j%v1>?IXL#De7umcnbu#|5#P)iF4|4KPVsgt!s^N` z`5YDdkIhOzes0+aqsMwT{%(Nc-kAsI4uuv<-ZZ-K7OHAn&CzAutc6)A=7qpm{!P$Q zCZ-myj-rmpyqSe3S96zqA**S+|IE7xLwk$tChFXokdF0SEFBGavaDcM6K@*Zw2dusc)%!L2T_@Rh>W3M~3+s+G`VOX36Kn#`&PfwE+B@cs#VZ6o~KgU_a z9hFu@7Lukq2jw~a-vetkj$7}7%A2*WcB5QW>QAG2!DMA}QMTf4J2@BHmr`SOFsbQy z5yIEYp%;}0z)TfVFGy0{5ji6k{n>&Rg)|OeQr^>X-;D7!0#0`RFqO&;$nHs2;qr|w zqyZy2`vm~ING$U}O)Y{PoM-f3UVvXAXVr>B4#=q`Ky#AAfg>gW;Go}33TmW3OfqGZ zj@BBKk+)c8(?lqE@**4EzH+ftyIJqOn3;W=kpp3#oS z#Q)DS5Wded!r$rTN^919_iB zVZ6}d4XQ2aYlz`|X0A;-RuY}gpyhn#kOUGR>b&+P?OerMoEPj1TD>FU zqV!EL8{_hA9ktaX3YH8D+pJbDy;oH4!AvDbrp=vx-!#9p^e2X0VK%9_YO*--;I6L! zbIsomfJW~Lk|EpTn$iG#?0wPnhL&#}X1V&+vhEnyu{IJ!1`XV8R_ItSZkYBV7lm#z zEAIP-Jjjam$?7S@GnqR(%xJr>WPKe(%ab!-t+>BLMdjaVIySFIp&T4CV;$Ml4W48% zXw%#@J9Dlw`_G?$Sy=muOD(;>Zic1GORE0oT(Q#ZD-_*C0J>hQy-zVYSJBpzUC*s< z>oW@as}zPEcw7s!D*brF%$gom-{_Fb;DmV+c+QN+34s4ZUigbu7rqq!HF&@2623g(+<-c*r?~{iWNqRYBmI<+G}kp zmA;8)-aK7MZ+4{n5y zX3E+63xXJs;k>hQ8ESF+odriN_}n`K_h$Xt%G1;YrlkRjoYb9%$OBFH7*xbue=E83 z&<=mDz|0%h_8t3@oV>)~bQB6*|1F!UM}3YarmKl;hz$u+h96NR&)7w3oo@9b9X%~Q z;!dIb<8|p+a-t$@ou=Ek^mmEk>Plv$p2p<8e612wAAN|(lu9a|L9D}R05g5@8$r>y z@m8vNxT=HW%6)r3K0e{Fitl9Ri7;h8ZL!ODs#~s1aSm1WmKERhMDs=8Fg&E_i2PS5 z-cqRdA|4wh^7>KpP`bSQmZ(spz9oM0t|#jTfB#7TfX-h1?9Uf<$(v%LyC>-1LIjJ# zFmAbX6QlX`?i=NM_QhzkgNoj>K>G0Shd}2Er~Av!F`W$q8M-4Gouel+wg~~z9dg5c z+!u>XpYehU2277@-7-Nja=q*c7CRpl z+u-C72w$7N08TEdrm|269~85dlUQB(lxC}=G&)_k-CDh<78|l%X4?wQzg^fd1-!)i>pytnw86X3Q z70Q0ia9+T#iR=ZmiFHDGR9=U~O9tuh2Tw~j=UIftU7h3TE87T3rJfP8{gvJ(EdpOG za==$RS?|B)*0XT65(;FRsOy?tf9NqBa=V~XG_uc5I!9%ppZLpq8xu#?^^#5Ka4oVa z?(sAZcTyuJL56x)1ut7#7~Klum(E!D`SZeCU22hkjoO9hN!k=qZ+PpB5b%DH>k}NWU1*t zPDYbR^tH6hOgwLx_NE&!_H+pv2J7FigNn}&UiPy2ooertf3uBk>o4%aWn!1^f^GWv zm_Uf8>!+~_3X1VN$^EExtm;2w>lkMnJJHr}C76uD4-M(~`1l&lc_`3X_@|o4dh4NyH|DTpC^+2v3vhX;QwDQKxPJRnKK&gG0SR|B1h;04S(=y!~oRg zA13YV?$z=rGNt$JyARU;N}sa57D`Q{bwv*IeJOF4gi@E8j_hIeS?-^eE>ETr_{el%ObL-H^p#n*P@j%lq=MDtTb^ z&@Z^Oa)S7?eJDq5uU8!3O!=WmfLd(*y~ZYo*fU+)7C^SuFM)O$HQ9CopiLKWgm7@4 z;&g%jVqwOb+nwCvoH$9B2E8UyPz1^7U-?63qM&%J)eXbBf_4q_`PcI>dxd@$KMi^K>dFBAr#dUnRR-FZ^937n{1QF^6 zcHXoZ*opO=5*gHMC4h$)3EpqOYY9RYNqf5t&w-Ek+VMjiB`-Ls0eC3?*-DATq3Lr-qK|R4XA+5hy(mcB^ zoo6 z*2jyKkl&*3mBCKQz0M$beyM$B`|M(hjYv+E*K*>?r>@_Ua1ze9JQJ)bIRPE{MDfaT` zb@j0vrBE@KiH8fXJ85`@gy7uSL1V+<3$Kd;u_F&2my`o=l=MiOv9mI6&)STEFa*lSSKu_-I@$kAJ?8;zdeW4zFgLAo)g{T z*wKL18mS9xW}mPEX9NZBv9R&M<7CUkJqAS|nC7kl*=nv*l|KQ1JGdm4V=cawrbDxapQW3e}$dvbI%cNnzgrG(@V zbNUh&A3r%i&kC~LaV>Tr=FQ_p9>Js3^~*7;+T=*uXm+#=%M8Ky z4a7voi_mKPB_S^Ep8C0ODxxJ$bW(r3wCnXD?K)oACiBaJArzzki#g1nwIP^=G)|+( z^6s@;8+lJ%WTd8JE7OdOIBq4=+cHL}tZW|%3JSi|8^uhN8ZyhhdF?G5G*_Am`?4ad zDW_CRx4*GP#|3JkjHEap8mSh`&UL0)DJWK%jQM=#5(MJzC->jlt~@Pn4$j-cHg;PS z&ifbtZHUOiN|ket(d>jglw@(CTKhqschX76FMy?GI&rU9kw;Wi^f+@RN>XHJ2u`Eg z@M3%mWnmETvo;GRR$|}mDUOWySP}F{D|N<7*PmKrcPVFA-#ix2suvBm%5%;_0y8eo znymp8NMju1SxTlRyU1y3GA3E=<>+Pgm zYA6oyaYE^O7Mjh<9R&?TGhO0bn?WS#X)h8EJ+&MjhQoIq%Pa_pHk*9$LBpg8OQTeVt!H^;Ok7Ye+FqdUhRc|fYo+uZ>-Ed8r%W`Dyh5oU zX&NlzgXVchSrWrhrGwOUJG8~BCr!$HLWynPdZIZ`lpd3a3#W3mBBr=#IE!c-h8c}- zFcb~Z&q%Fo^N>l%B@3`F7!K@Z)8Ud~W4^JGCT|3Z%3kKxCqFO7Mcc}7kyecT zOg+%5A8q+ka|pcymD@RBRlJD0N8M>5u$qRydFL6K>wv@>$9=!E(xxDVaU@L@W_5KW z_i6avs2a!G?{JPOD2U*__~UXrVXKvwhezMgF#dsV7AuIyD0(u;vHAhD#Y~j#qD2ki z>F_SOR|lT}=WbalqzGtr|MRD~3FH6;}nD9*0uVM0gCNF=5#Wt5mwG z(*s3;b(6n&B#$D`4~m(dy2Pc4nS54d(o{DXI?M@llL=7%{28v|_I+D9TF>qas@dYm zuGm55%1a?;yYKJo z>WQ}8aY}B(O#Br-Uh{B?@}k4bS%~>#OKtra#@3V}68RR6tV)((&sYhWc@SIK55apl zs$1<|yaAdy0cfj&`+ty0j$e>EiEtdbw>!t3a99}7e%PpNz0>Y~@g+qN7t}PHf~+Ke zyz02XFqpI02;CQ;VV5&|O12>Z0WD+Wit8xaJk|6-m`;SpKiA^jJ@MmI~yJ zB>9q6RHoP0U-!=DF$aFK^g)MoDsUP+^xziVQ7yEkxFuu7jFe>jJp+QiKFWS11skrW#bY(KGvP)dXk9>cIo+Q1(7#FN>yoTo*&~vi+7s{!e?Cxpbn=D@WqF3ZM6868!t)2ix%jd39Z(z z!qHNkHXxfh09&cEexgNm``|ecTA(;>G;$__tkc3!DWe{Z`#dBw85786;ugS;N$4G6 zW9!I}p`MSHO@>~qWHm7^F0UNYqA}OtI*ud}@xe}a&))Rcs{=TQWp82LG4XW5Yu02Z zO2l{BX_Qm^cm%r0_~1YdN51LFIzFlkagA5QU~ze8c8kmtXGW=V3yq%?o!2xUh$8Dp z;&OA^!FX5N+BSdxWl=}OwiVclQ=qvsFlscd;eq6_x2)!6ZNF~7bc3~w2`&@wly6t< zkaV1^i3VCgTiNEgxK@z)&HxZ^i^R3z$-0d5uHFfJk6>ne+}T3T6_BRGbFLHeX&k81 z``xoEZ=smTnk+lIVdHm3-PN^XHkT zq2y<)lJ-f?rl!UteF2Y%;8Q>~xw{ zosyPTHZd_lbfemcNdyuCX$QUb{GOh@1qH>B7{H)!68=zS_aeRQzXi~_F(3H$v7HJd zS#(5|MyrFC81}&lNzq|4jF&x&9oRm`;GdvmtGeR#}ObvR|| zzTflwT#lND(7)b(P+CxfB5jKoTIURFySUoRxKKD2H8n{MX3Cl-Tl<=aNd9f0$g`vH z?JVnbwmptYIcqkE`BBfGmHX%9+fV<+C&|a3{wvicAN(JFNns92cFO;3*XOfiS+}qc z$Onhl|4qkHl|-t>tp9yd?_bB6e8*$uf2ZZ_yUNP{h7-RI((xtfvcCpxcEO}{f^D^4`;0Ml!ee`;c+P3~b zxt?Esy{1MU;+Gs- zhQ?(OGG^#ZPH`h~ry=&WDVA_dBl4(bXosrGQgN*OR?psMHV3>dwKq-T{g+E4)(KDk z5!Sbt)~5>j?5tWurY86O42Nt(;Ih<;V~VG0H@oRT>%&iz(4qPyYYID;)Ar#KW~N*JWP+w_ z=1cJ*!VOSI6+pPZCd9p$-#9$FlCHKY2dG1|}m$btX47_XWU~ z_5sgxF7j`PsPUA-=3aLbA|Qk$LZfUEwLhT~{{mr0&TCHT?nh;itH_&RS~HX&{# zMD7w}J&=G!OmZO)%OC_sbr<7JQpQx1`^=Q~A>%?wZ}#5L^kSco<1ar6zETT-`xLfH z-T!Ejw>IR!`%gBbI{6Y^Ycoip1w;+spMBBJ;p&VC^I%lZMOnFKBc%phJ7bOxFx0;3 z&&1s!AOICnJpIOGCOVQe8Dh+GHStlo@@|_A;YBJ#%1k67GV!^??uO7oMyS74Ey%}0 z7NTb_8zIminpJ$NHB|`w79*2*i)whf_GS322>&2{YD=>3O<&UG>3pWbkjYR>Vjdl> zgwxnC?Q}4+(cHp9F^U&_&5*r{8;S44&&ZYUOO!?1?ciB=Z?6Xz+TuS7gIGNkPbZ*R z%q-tdHs#w7w!&R%1&CF@wcBx$bKhg=_H{M`kGHRZGv+W>XG(~?y%?LBVcH%a9sNzF zJ-j9xlCz)Wup$R+&VG{vu1Gr4g_9#TR;0roMJtYwlWI(Utb!+-tnUChq_E-g>Xmmp z9uWv3!^q}!4942W#|M&@#tbj7gs#ulI_e^`rvb4|MGJUENCx%!kT@(z_HehAu9*n< z!N%bwFRwUgY{jy;;JDJ-eY&olj0r8a{kZt)@faSCSbh-k+a=n!2#^5%4OnS&y(5d$7MXeYg~YYJ~>Q@xq6e zy1y?8H76}3VUM?l0iLImW+!k)(`IO(B^20c**=~m%2ufNH&~!JwBEgCJny1=di0nt zQWtoz7uHm?bnOrc?`k0U1Uq!%BZEf_P^O_DRa3;Ri z=m^c={K2*L!zVyWS*?v6zIYNETLtjG{~{JfFV)dAn#{W z7^Uj`mVps0*k`Qzm4F|}^PJ?5GCfpC;6Kew`hR$P>#(Szw_R945CudK=@bEJ=>`?0 zQxK#}x;useMI@x9yFt1;rG}iLYv`Dv2N)Qd`G)tL-+ABf|L=V35B4=&d#|h{6MQp&;v4r&SV^JM>2vXh=k&#uu+HW5maSF>`|l5DIfj4to=3sO?28i+c=!8a zF3|I>=S`eLH|Px>A|LtTM{4C9zjf0J^Vf5*O1=;eepcc_KDQ{Q)z(-%(6@6;zARty zA}3v1I*G9;(6yw~BY$|N|1jZ=t@UY7`Q$nBxQX5w zBI!0NIBURvzBp@DVb?N$UJj%-awWK=`ndAut5#u@mJlr-)iEDqEcL+eXWf9&&g7eV zmbb4**XPO<%aesJX;@V=JOjY59?T*^Pdu9cC4Ec$NZi(YY)Rnc6wVmRP{{f0wfCj% zTw2d*lG)MY8YwRxBJ_KiBc5~bKzt6s3Rnk*{4geIzFH0>eZJ{Qnv|ugvdL4XwX7s=e^Cuo|8XLQ_<$ET&OP0x}l!O14~V<5*Yb4)tv-YjJBaM11`TU29O; zdtOv_NF!g_>&8`*cW-|9sB2KB`m7Lbu~COQ(NZWz@r&r8YD?rp5)Yo#i9IXj47ejm zY3!vSqo8Q_Zj}u6U{n-IJLk937hurit8&O$Jme}BBk4-^yqlw)go=1u7x~=T z0;J=M>>2LVRjGcQUtlLZiP7fEXajBr)fIWntChSBc&|L)kiixOzc6$La=?c3do~xL z$*kDBO#z!|{X5Gqppxz==8^rk!Q<7{Wrqg?t&P;IZM14+XJhah9<<+=lm(4qpTbMMVteD zsa1AFcM9o@e2VQA&l9z`8u%qW!}vdHR0$=foHCac5O2DiQSk*fR-8^IH!mjm&zw+F z%pbFI(pYx1q+)++jth+5=0J*+! zzF0BnzxB-k>wZjrbcNmG9Ui7qk+l9$Zlp6c-rhKCy~tvAx-OV3PR55{>vbr|EGOWbgp(7pouJ)T zG^jcJyctC;5(46^Bv^9Q0{b78$wj9mA~6+xW0~k|HJ9ke-|N$J5zA2~T72hx{$>^> z8U?Z)G$yNUl@krY6{KGwf1OPju-BGUlt^#66-wRwZ#<#IAJ~Eh_q&u@P)(heC;AZl zq$as027b;R2wUokPwdM6TBx=U%CDzR-qWRHt{pb!Qv zZE8whUpM>x`}Z4eZrIHwlJwvIo-!IGn4vKG=q#j~M2<_p?41~uWa zjj0N;*WSB>OQEuR7#Xbf&yBP^-WheO3-(2^*M4s078WQm z=4yVfraN-j5z}RS>m1j&nZI>3MgG>+nP1k!Uh(I!e_8)<`##V4je^SO=ugD|DZCer z>*et9a_LgTBx-I4$IU;^1TIZEshD{M59_hNI8k<`5Km6>y zztxie@!xN9e@k%;R``Fa`mgI}#{UuY?)#Si;VI|u|M=?rtNbt0ucY_S{-?w~WvhDg z|ElC=%Wtf3jA)l5O|I=G76Ny5N29z0St|;=?gHw|;X2IW^HF@&T3x$g$KOPkQ-{?t z?QH(u^mou(t5;jLwM+sS?zl*9+0j*;+Ho63D7#&p3i!*STzA8nQcsgJ_IUhi7 zy3j|I?W_2BISo&U`BWocXN;TW!%|ky*4*==`<@yAD^k16v_Ft?E~~79OJ;8`HwsOx#JQw^=+*e* z-l`N?o>6moB_`=o*8V_byZHhM9>mm=Q&}xtZVnc98m)pIL2uL_9gC%nvD*>%@9KrD zV9fnU0lcs!lN%8zF(iKx^{5}b3cPMRNb=eUV@5gre#S>dMti9yJcImN0c?kzIO`)Q zmY2z7Vn8*HNO-yB=S_l%hq?W4Q&C`7H~YBQkeLei)=n#Xcx0)Hg~Nh$q3eKR@<2z| zJInqKxP}x))H>n;3tsZ(8>U_UOR=eca8C=qGi+d(n$(2&>7hf9DZ@AUqcg1<5*$DXYbB7hD%mae)_cJ~X zi_e;A4$`S{!W*m4JZA;c%6FYehn6}khbHgsqS>UOv@iBcL)cQwLJQ=wUx0U|VVB57 z2p)gn(hz2Ma)3-NgeFBB$077wN9pa4p|m@9{~C5f`~0F#CD76}Lqg+R^igf@^_eU2 z5GPnNtlBLL70I<6n}vD)FzTSnDd5Ia&KKpgc!G}P>PX`#cY=w)8s|GwHaa3-!2L8W zp@v9m==#^021)SDEm5icVY5)tPBneH#dd6zO{X6}sE#MPtVX3y-WX$cCH0bE_fcdd z*B$20QkXXye7Ia*x|jOzu9)3+Sxy%onIQo31T7JCHaV?1&6EkZ3d? zhP59iq&QyP!c&4rEjiqxJZN|>?e3iWrcF1*d(R}z?e~NmE*xDNoJQb$mGEayoiAu@ zn#xD7(sw=Ykn#`*T_-psZ=rbw z7}>wewCnimPg+H6W)AFpAz+(c49_7qye7WTX2&)1(fNXR4|y(c zd_woHItqgECrO{ce|RP8NBtVj$f%bJagM)owgKk6$w{a!?B#}0kAmAq%ncvjJi#Y= zU9Wtn|AK-qxC15eXo){K66}$GeD}w3#GUiSNe!=Gstq&)2`{J#OY)f?|5;@xExXaw z3f=%u0IJRlt5#D~hZ!Ya3dRC`#xm6lqpJ`(iKeGJF}utdy^SqZpY@OMx62xraRK4F zcISCVM2^fEbj7@{azapC$;xPd;B2eQ7)hjP=Od{}rl$R-S4nGE9;hO9^#90A>icZMDmxgLS&7Q+h9k5`k z&-`xFvcWo)VJ_wsi=0+tDtA&RYC2?R>T{-EJ9$6^+f9(N6GX;YOatYt&p&M7$NThmDs5{o=6r@zpB|@{HMoK zvW}}y6KrR`kE$K5zF6U&cRyjV^8mp(BSV!rC2vZj60sSYk1Nmc z6-M!Y#=pA)mwJcQNH^3Z8`A0`!}_YkeM&h}WHG^z`}NrJ#n<~VqHX#N6M}kk1b=Y8 z7IeZpkcQ+y@B(gj@P~=sFG~rHXTGiRo;~T$VYpcehVx?yzkk41{b(|2)2EOF%So70 zS6~y|ZbhILks+V$_NKKavTK=YH6&ga^>nrA*%GnZk$$Pqh>MD?3s5nW>B08inbsGB zR>RD);4Vl_=9kSHQ^9nLe+yxpPZ!_8gaY79>_b&63~32tk*n1@hw6X7Fu(B?Pw^>D znQEu*bu@8w;)E3IJ|S;q*#oWxs4;{Kkw5R3x{9c3NonF7&QWdkwGRpY(C$}Hq5J`6 z@>DwGW3-9)&Wao5Vz*mi#_LnxK#T9AmgXPdWS&32hXOYxQx!V|Q-3kcS2^ontN0@8 z_4y%wwbGD)I_97ps`k@?bwiMw13Tk(<~t!S<8BOBXTRZ{6MGwfzM>a-J#h2>G}1Tv zlO6t0N@8DY^>c6Yf?6FTM?8XK11C|v2G+MgreYt|xwz0A;;-~aRbPgKrOb0JBQev{ ze{}&T+O^hU<~|r3I|gS}InULJh64cyD;ZqS7fs)=bwkeIdndO`+F`O9P}RZ>%-Gz0 z;}v(MSDPS;Hd9q<6-j@CtnvPgXJN!1ItdPQ|OYp2Ju=2t-5LGBx!d2cO)*!SUsg0!#?qx{*3ui0+DKZcD>tJEB+0 zwGRlEcV$x!VumwUu-)db5K=dYvT4#5;OBwV?N4>r?)b*Q_LP8jcOAm5dq9}KYry=Y z?;f(qI(uDnxH18ar~;+mD=YY=q*qr!ED;a%o~>=o(PTQ0WW`tzR8E-U-nM!%HC^Lk znagk(In4S$>PNW=`glrQEjJcJ4&wZF?}uUsb_9d4m87M}F5NM_*=i{!)|ltl`xx3y zHTj}uKlR9Fz8xm%|ep({XH7a zIHr*r>5)CeKwr+nHRxj2G@K%8^lYS(HzI0?(YaS5m?p~Vvtv9j4HUy4FjW7xy~BQC zEVCKKKrFtVq7red`vbP76}iT7?SJT-m|R^UQ+O6a1?g%aLd>s-iUsj5(mcr=-nHG; zVR90TOHA7h3k~IQKa4T{G5w;IcXED7WJ-#(Br;HqmDfa8jEUUQ)ZI}awlW{vi`Oik zP~VycvaJ2#uCtJDv%Zp2$O>C6@g^?xR9siG5POB&|9hPyJzp+R2qAUFY)DSHaa>hJ zwWxSci@ct48j;|XWzI#X>{Q_L-~TJNG%yhRl`G?Y>kms=1VI96qcBu}jSX8tLBX88 zkfNgEqETO8A1OJxrk2)67Z+YQB&+D}-+@bE<^LjW%@J?@n`V7h_%BvAFul$0)BoSO zjeA#TK=A(sgZunHm?>tcKCehtYyHw=$Gsnu76)L3w{3&A0Mck3Cn1;6~n*B2|AG_M4U4Y@_8)&i>oU% zot9ktl`w%brK zfiHQASmE{5m{(l-49;NR9382>vFTy^t+)iA&oCZ2yvg!rLb7V#tdZf?+kVJf|Da0# z<_N=~93{>7wTIt%t0}nyc?7 zv{fIT5pl7YUx}&uHAY2%$lY3qon1Kq4VkB0#clxIMt|wfC-j3&a*vT?dFDQxZ8)v7 z74T~}@}?iIpG1<3-yQQhpSnj!%7&gsKO(Kg#AP(?>eW{L782x*ec4 zewx?+8RCs~?C{84%~|c{k6*%_dsuV#8ycCuS#_hV@6 zaYjFLEMJBB<)mbEy(M;Xf<)YaC3!0fU$SBUeTyr0R+M>@Z?v)TOBSw;jWsuUm(7Co zE1Q?z+{&p&p8j%FUmB#jBlmy7+zh`w`db>>z8s{F``z$|>97Pei3`y4{TR3|Uu*01 zW^U*b#wBWXELJJ9Qkk4&mtu%NG{fYUA(%lwGW#-VpCz$0XsemRxihSwq(Y9P$E6}g z)$GoNq)2y3-95e6<`7=VCv3P?X|+&yMyh>9H3Sta{c|Z{AmafY=7lFV@@+MwU0QSq zkE{?T%@YE3k~OK#=Y32Vyhb7mlsdWV_9t*U5i2m~BsPKT9WK5!qSxj~g`s8;nFwg7 ze8q*zdVS?jFfn#>HRzq*skH)7I{Qdm^=4aN>u4M1WbN*i3_$eC9)xbsh90Cv8y$HX zJ(WgWeYatvXJ|uXOPnMn>`QL&_M{NN2vM$w9E<;IIwMT7K{W}j^C!>Ica<)jx6w8e z^D_B28$NXOg1B|~Ze z)L0WRdlph@<0_d^)GnXK`15i%teVt*v@NK)ln&I0SZ$#?tWIu!8+g~T_${S9nUY#{ zZYABMr);gQ6u^&hYnwW-+>j3r>W$AD{?y)hTvP64{yw8RTFjnlqgwn7-V* zBh5_eaG3%mGEg#+=|YBl6l7P{lRZ4jIqI`~%7m+B+mvdI-5Hva|1r7f-X1L;DL0=q ze97NE&7HlocnwP;{A*E}s)GAmo$2zVLgyVv7HrQQuFfarEWJWIIQpHdN;KfR8vvh( zHh*@hC*TV_Z2uSWNB)rbZ#rXQ$9T?^k3QAvZ1J&+hUuCJ&_$=KuGge|6cSfmuN!=x z_3<~;8wuBk4soE#C)Yv;SszB6<=vEyMZzX!W3H`9*lJ6dK$3sGI3W&-gRJIkV4p-^ z$r5wm=L1hJ1_>BLPw=^GR%U0W4R1_L`bSoH@6rf;it2XFYfC}?T~mY4PL?=MEQjIG zrIa(n=wsTQTef^Yb8Aui#vXcde7qZ z9H164yAp6ZDaRSe1T!Dx-<3CxZAMq0ZZG8rihJolr*Qdmz`tyQ-ocJv{v&Gy6ak(*urdnx z+4jNu(iNYc@ASp>Q+;P8xA5rH75Q705K$F;?%CrXuF-<)VZu@t+8bGe7x26h=<^TV z*im*+Pb2RizBURC=!x5BgNLo!F2=kJFBi1IrEZC-sFHdfDr z^_k>B!Q}9z{EF>Qm6`N0$!JC9iUh~(mAaRtN%88R4KglY+`}e4@+I?X)dRiw#G4O_ zV4rL{BFxEQD@ft$?I=5&RWdCJ6@&HYkt?+@;2@S~W{Jvy7z05=lYfNxJJERSja?vKSnIEHK#IuWnCDr#i(dou6)i+OatVt_SuEx)#D|_Vn6}?WSzRxI=_DQf^s{&{Uoi<8a95k%RkcS9i^Eqe zhDxD^fv_$1mT;)AF)7AFOIR}7r;IYuLAN{rOGDs#BXhtk_1b=PFp}cf zi0p9Txvy}(MdHC=+Z5eqwO)t^5nt)a>AtQNIJ|M$Zsv>^VEQP!*CK{kIPmBW|Dq-R z>d8C!+hB*mtxy|aF-I_;y*F+%I864Z^Siym!|R^o&M$~UJ|9l~jv46w{BWO}x9+*G z@%W|HTt*>X%_#138{5|n2Fo2PVJLIcJMQr1cTq+{;7blKPHcB7;pLZgHZy5snWz)+ ziZYcZ#o>Sze69D?Kw*~~6c$PFTa(QvgWxp zO_ZlQNhRj0!6+uBd41(cK`8)9@IQcfSaVT6+>fsP&8SU)>y&v%HR67 z#VVoVk|KRglqA=qKLM_)$&sFI<-`Bko z7gMH@U!^yOH^??$OsG|v&c@bR|B=fJt8LyZ{^5>CE8mDt8Rcr+)BudhFI`s0~?RV!sCI=Lk`d~z`T zbXTBIv-4q{UgxiNn66?}%tg{;Z`U z$(P;D3a4gNV>w4Av9?fUkC92}0YV2d>Q&u1>gcr8<9?yX8@w4&kakK>K(- zSvjUfNVdcyGKO!vemC#jJUZ&JH8Z>O4ilEgKQ_RbTxW zJS5ys+_|!z#mZfxqGn$Rc2EBEQSroEtUB$I$?C;wvapY6j&Z~ruQwIl`8%j(nSMS~ zV-=XWmCT z^~gu+?l7M(pZ_xMRsOsl@&Ur;XHADY>9BITzCol+=z+?lXB$+=@0F=zJBlGrQu^vT ze`R7wW_lReDK!wPZ@Ch!@S4C_p)QZnZWfE~@>LKK*Pb5kakFXuYgS&4TpOIN_CMQ| z-RWnqEYaUqLTK6D%6x=^d^p6TcLq0r?Btaera2D1@>uKIO@dOEm8pbY=M8PVnE3(D z14p@x6q&zvqmEm;$pRVMx0>k|hy`wl*zWd|&2}kIDyykRBh93^KN6YZZPRK++K-a4 zbfSC(|1C14cc#>F$vmkg&`Uuz>Knd6Uz~J|_Fv9Y_Kr$FkOag6wwv_t^nB9QhGt#@ z@;oEXj*1T9Oc3O(;zVdQ5i>M?+3TE7FiOVMQfzUFx)Wa_aaim_MV?67^Z&meQ74)sxV!%Hvtz-eJ*UwZty{aNaX)m4EFX@vxxJ z=&y8V^tSKs!OWn4kEqk_$2UGFFNXZL=nJ+7f5cd4A-=vTh^=gvT26&s?WYNwbmNoW z;&~u^h-V6#C!ndp2fwVEVZzhe3_39wS0YW?anh8MqpOeA(1i8jSIW+}eQ6T|5GTG# zar<(?@(#3F$Im0i!1qN`RIj ztAlRq1X3sV#}Hp=`~aKgK;$t2ik8(yuS6peqiGVUc4fom5deT+2<6`1=46dU$ZxNT z^PfM1aD@c}Z(z}>^;`kHK}^kK+({zCX?ywX86s0LvJTl7V_s7S6z>jbonnMuC(XFg z=U(LXkqZ5VG$Vvu%W_3VqW9#}jyNAfmLU!fi_*5JvD^55NhRMAF?xT*bb&d%#UAoT z-0FRQHarjfGCTeG1N>i5 zD!^?53Ma$SpMH{YUHIQ&b$DA->>--s>g4E{_jq_}od#R)U8G387Y{tzSgI$F+!3m} z@eK1-GrF2iKJbSBKd<*Cd%{3eZft%CmpO2~Q{l#olh{jgum$ZCLl>7=h2pt&p6=G) z2BO9IXnK(TS%Yh<+y(*bO3RDW2^SZgh9?dr7&OKP`Sh4fNzq}dV#E9Mx{s8?O)Pvu z)h*u$c(rJN`G^nkjg6P#lY*qTP1|@R7Z3gaVb(Lo?gD!DD_-`d0a66^RIJqiOt@V~ zqF`L|&ei9>%}Z;>{;9Cmh*2+=q$I~8ml?tX?$#7~>?bf>#M8!qFUQ;@dPb*1r{V|X zXn){^i!aWP{uT-K8Jo7Auvw&;Jrc|SwNBX1q^W~w|I)P=r+YO5P8uX0w1>JpJ6njY zT0_bDLJkU;UaW`cktgw7cgH0G&EqrJM0Tqq+Y6sHIwqghbFz;OPs!9zX2_VLA2NME z`==Nzxm!Y%aY&;WTsy4C(+Je@_aS2bH!os26&`UiR7}#AWXOT#n+lk_>~G<0+mW9; zO5hYcJCrx%jn`O?;s-$ZbuxD3^N|5=J`2%=Nax;+kQXvyX~_0R3EcTozFTx6ZZoCY z4=dbOV-5J)aI00Wp^M0h#f{Q72O(d}Z^=|a&Emb&@BFqIdJgxkPnX|#1(*_Pg~SNe z*gL76BV#piD_lKSD(}VXS~0v_E7`R3i+)&gdi;#tko|ih)Eh0(F}vXk9V<1|zd4!ZcWB64=3-s_IlL`es1s56 zQEH)|@~^9avL4%r^5bx1)SkiSW&3pOnr0-p$ilJrXkT*4{y|=FTE!FK#P0{!K1BW9e9~=RE(+wakz>2%OzU$9(-iO>*9!=Y< znOdFQ1TawBN6!oQ%xwe6w#~)D%3AZz>9Mawo!MBHaTj{hC5VXbAGEm~&wBeQJy{|8 zrwx6*=}b7b^_IoA{1<7ObH~?r6^yD&nAAhSt#H8AEMY`|P&$l4lF-WGnd!n`Xj8vZ zMa9nXqsha|Oi{Jy^<$j|=N3VA5bwFa_RT@%ey4OIsMTPP`B#bN4HA+r`3F?*u%IPT z`|HZze{oJaJ)5%nG!>1zgodMCdJf)CwI7N_1;q8ms-(@GEYe??ZNL2^(=89!)c8#A zAGGA+ve|Y{x5D#v;P^mXq}q-gu9lvC0nZW*SpV3^(Si31+URB&iA&}c*RmpYB7+&j zqk>z@a>;z)>r~dAZIdSM0{6OWHUZ6><==GqdCCzi>-9PYwV3UyCLUJh`vPLG$Y* z73Id!=#$dn(#t-P!0`Cxfzrn5^%d&!z~Aqj&0D583iH`>iKTe^+lUNd)^!wJf7gif z52@5xjYATld}(r55YIG$eLM>UyVFeKgY)aicDKD|GhV(U@|#V6dTQ6+Wg{~v|E!y zlF@{-wZ*SMT&(U3c-vr}6Y)VSC_(gAkT`G0mFD;|^CuEF+`(+#Id-J=f%rK_}U`HHR4KsY?1#bKM zFpK`5f463;76SD$W+;Drg5b`oKJ=z1zJ2pa%`?ZneB<_=E#%Sm`vY>^&n+H&r*n!s zdpw^3w!idQRND=Hlv=hwacG>s=tO#d{sW>$BlNoJWXj)+7~pz==Jqnip(5PKrX7~2 z#UvR$c%i!QJ)IvYQ4Vr~E{harc{Ag`T_0sDul2BfiT#_Wx*vQS<>s%CrJer=$f{lr zIdD)!v=Y^r%{nqfJjq~OEoJ%!r+a<+uMms~#-zZ4Km^SHhUFjo6Z0!PF@n_1@9jw9 z>><(&i|Ld+UY9NL3Bk{U7oP{qJ-F=PwzCX)c2)D5MWlmA67a?sWm0F>!uuB!h1i@T zUDs^A2!D1KxL7X8JI-IeGVVXi|D+>QZHXU=KBeMPEjku7b+2T|u*33o1^&!xqu*dw zZv?7UoZHY$UeytGh9hSEhIdenlcAIQBNa;9K;h3nu|Hg~AOcd3Lppmj(F}~;{uThg z$2P_Y=8e6_2Aw($A7kt~q;Rb%Ka5akQFW?xTz}^UVdHf*wb|aJ2~AzY7#{lvsuGrK z`-SqLfq{?noEk3n$vc4OkQ)zu9TxQYMt@b|JMau?)a_#yX;hROcrfqTF}xt!EzNDH zeo?}n3_*Y`^3ST$%K2|b9?t?{oudb#xWB{@k3dn2O!$4~$mP0=T?vuOqGBz1BsB~H z(@TTrnS5w2SI`9)@JSl<&m{%HQ}0Ol7bd$JI;evgsj+|Vt7gRNh?JC$f0>rXDG zwfpHULD;&Jg#<7$7dJBb?S-BZaF6x67wPxM{kz(qHZHB`&R+t#gU2t@Teb-W1lvMrKXbIZZ97X9N2h-G$NkHt%o@Yhme+bDKR(v zYnog*Wvb|Y_uHiiz$&*9TFcw(BJ7FDlhPmz0XdUDHNUpl3Y*a9Rx7t`@fdSQpVaSi zZ8|K6&y%-HU?}sKDVYY0Qia{w3in`7s6;k@DIn(^E;|f8-#^nDJQ11>SM+>S2QEme z`5A@!-f&A9oCtM|O(itZYQ@vux5dX~G7}8mZ!}wF91m^Gtu}FV$!Wf_VkWlXIlnAF zcz<0YAuNJr)yfe0yikaLX3zHdp@l%Nwstc}#|OHPmmBiF_3bO0rw7_ph$p5^OnBtH zaq)QOUnk|r8n~<|L?dK3FATan7aWKDtc578FslI@m> z<@AnQmZ!1=O|@+&=Xl%NY31qBBe^KyIIch-cJb|~S@@c4qaJ}v>aS6*P;XLw)H_>A z+v=fx1I6t%17ih8vgf~<{#pZAqOY7x1JHqP)h*E-|C)&!ux#dx@X7iU~KY$lwqeTKK&X{$z#eK0cO3bEl3nXnhhi7@G_c-Sw>A0VluQ)fCQ!hU9P zNKS)Qn-n|anBPw4@!I}^FVX)&j;3EZM-*f0f$;T~6N^K*3$|R5cnHbuk3Bs}Or8tx zt7BQK2eqs8+rX6v53e_L7r@7~R@(yHVUG#{e)K-$Wn2&SSz3qkX)+G&dnUec;Nej? z+Iul43W@})X6#h+=o42-XZHGSP=P2MESk^vA~3WrT!9&2AcsL}mCqJBtqO*wiMATV z%?5AYd>5zlk8A~JY@X^`&z>{xzJ%8xF9|Q&N$n(03kN+UuUysP+HwK4<$IOUg~H_)!?XdT&&rD zy-;s6w`-=S&K=CVpfFPN`c>MGQA=!3erYqD`CAaNnElh?KOrZIP3JjYhN)xq=cZD( z&iL-sxTG#XWa2lF!?ytEQ5@C#Dep3^e~>6+5nw~mjPTNc89jZQ+e+1gOgsOm7gpde z5^gUQZcGY}(|f)l?Vj~0LrB?m;BO~uuS?|bGs7tdez^EeM6-ICm_RlIsUJ30Gccf@ zR8OGWL%L8$Nrq$15A7RJf4}){npanTo)qMD}8|EU-jf) z*{glkUM;ONRb=I^t+jmE^9vl^T*atgexdD2F2q?<8L_s`qI2Un%;#Y#9F_=4t)r)g z)vVM9dhhpaiC{M6ly_fkD~kWTpg0$ZILWk+C8v)E__-5kziWHnrXu5*XG|FxMpeSmQP1jIQ5S|?6{Z0U;FN2K*>xqq!mM# z7S$Xe?tq}rb_e|N_8wsQ!5|M5+O4{rc6;~o!aTJYK8P?@{m)u}SN&su=WWu_62k%n zr5D{iuY$*TWGQ+Cqed*^Z+#g7Ip(3r!RJn$E_q0Al7&%NEQYq6)4%s?6-_{JaZ4SC zQz$%O+{(hoxb5AkpA~CDTws@s{!vB-$B!w%orO*&%siJ!#t4LRpZ@*Dfcu9eT^!EH z%pc?69E2otD)BoPWxsQFl*HnEa0J&@q?v{%t)ov$hSGPp0Y5j|2!>SAiZn^F5aOyn zm-cT4@NXuk`8>+0hcq?PR1hmKD8LaV>~J0b@M1jn$*}U}QNw7IN2Q4Tccfl9$uL%b zeWK0w6sE(_EEyWnKHlC&5K3=%Ajms?hm$b0_$sZUcc-PJ+TEr#s*<&@#;r&7#Pjgm z%H!(%zOuYyrRv4?$xjO!su?u$X_@*LsM@%Av7)TaRvi7NwXGkd2jY6*6N~BcrKpD+ z{l_Cs&LtIDdLCi}jSBGjYnVv%6(TLGaTFdqfY+UMA^!M-C4Wwd2mMDA|l{glGj$+9>Nx;M_&iJ%U zzdtL_D3zgdbS&2W!;3c~lkPVgT7j0m6KD0hi+3xP6UeN9qVrrFcOM@yMx_H)%T4RJ(${Pj&-<%I@F6My2ZS2EFZ`OE;{p{%%th;O2l&Nh9`tU?TB-pd8#9*zD#rYV0o*}QPdl)|WwAcH& zr1#FtzU9g5lv^#XfsWZfs7+iGa{APx=1J9Yk;Mp=i5&7H+YqNf{~R4rWIw#PZP>bAr5^jOiQNI(|MCk zuSv*Khn7VRQb94bJ@6P3Q-K)m-NjW6>GG&aRj+5iUeZAhT?v{!-#;8aiRM8-?cWA^ z?o`lmVd%#kALV{~&eOO;WGKJ7XnfE&2!o;KE5rzMTR@QApB>DWd3sU6zArQ#!)YuU zh(%mfTgS{V@tXDdE}BNv%ld0#H6@11M;df7Q({C#s&HZu>dH^`czi}QzU|rAFE=^| z{(2JR-}5odhEpy!$2)>P*bW(Qdy6KL0W5&X7XEuZBSY5C08mGy35$5Onuku47sp+^ zV$Om}D-pN?g|E*os?Y4g!D(`9 zy%~`frJOuHep0Kt(ch|~#+!l4&I6sB$_=mWa-HYtBN*bq8%qBtHq=6LkJW%q* zE1Ju<=VNw?n@tb5;C=eb8GD&KnQB=l_CNw}2*^9!?%BDAj-xKjOMd|Ln^*mRie!1@^U^-C9D}8g7tGW*D_{=y;>fKV>+Q?u-T_%ZA zEtiw}`EpH9Y*Nv<$1lGIPstURKW^pS97fsw37Y7Ph>fY7<0YP|UB~ORR%4SdC-@eL z_sB{Yj3%!Ey9K}4$@hB!K02OJQ?#ce9{yYjCv4@8uB{8dMT-gZ+b&D*J2_fTr6Jyy zDCe&Aa@V6*_|oURN&?U~bpYYJcE79Yn?21^GLKzq?AsX|Ytfm5f?15}57qI%FLK%2 zv95hcOW7$E>mo!gbX{6^>J?$w8VpiWVq@dlx&r0C;b!A?9748+6f6B^W9RlXax)G9 zd9VKr=Ux&rj7QR_KtJS-J@=y;*TsMU|9ac`h-xa%moOced(({I;H2 zAloQz&t|Nq06G7&VcqO*ddu@eVh8-pCrGEIuyMsGZ%};6b zmifJSoMhyh_5m+nl4}}h^>3x`2b$uX-JM81JSbsS z!f-Ixhqg;32FJ)kB{C4s}Sabd2wFeudErue5|ZDrA&BWE+k4FU5ib*>>iQbT=}pCT%!5pIACQ{?T7d6c@b=v|jHF4!k8#GMJet+O9qg zVIS0+78y*Pm43DNxxC_Sf@oGoSz+(+e4-@%_{N#m)9+;kC?Dm?IVAD86nyWsol(GV zQ9udHY=S0ONNl(v_vW@M9lz`+P8Ku84p||IWUlL3zwY6e3ijQjUrAv+HHj=${ku8C zg|3_z`%Kpou-kKNHyV#A*8UnvS#RByz7x-MEp_@fM>O*>wwtWPCn76R)-m&5&5xBz z6$}uygaFmQf80`tJQ_d4S&G?h~Icz zfh_Cuy7ESTmtDi2YrQe^<+|%CRBL@cab{e`7Gdf9izq*d-EFVOzFxW?71LKYWYfJ$ zPWDBmqoj{{Aj_EI$#ALHOC20d(U!mv@@h2db@fh^NJGb1{!>1kCrK{AHy8WH&s#&w z8?kP>(kolz>LjQFzW-QG!l$Ya4N{8x)J*W-`%PUbi+A8Szb{6X^^f~KacGQc!t8Q! zCwtL8Pf_Sh*#mBdcFB}YiCd9?HCm%VvB6bi)sKZ&LsHIbe?tp3q7CP6GK7x_c6!B6h4(0LcDzHA zoh2e7g6O?0ksz#IqONYmk`1D*vU;!4SNm<=`@Hvi=Z`y|d+*G>Q_eYazVn%LrY)+> zLt=?bZcj$xyJPgluV%D%m90HPUjC+yElku(PjY9{ZoUt8)~v#=wX|5dGc_YW9MG5k zZIFtfbo0zhP>bE0cKh(V&Q8DggaBjpHBs*o1*q31H$T=valnzy2Nx>KBe7OJl}|}2 z+aIXlq}{oyo=UsMzKAx-c=&vSCH>U43Mp6m`&AiI>;iV2xDN+64S3&q;2?*{@@_Z# zm~$qY_UyUOpk-CLEC~eJ2)}jllRBI zZD%|wVsb}Md%cod{Mop)k$a2@YUBZF?ZM07Hk_ZQc%QTzX>{#_8x1fJPp^B@@Ox_% zj{Ub6>&?>UkPI`UtoI3zuYr|fkZB2W= zMoC^JP(N1fe$LM?3hJ_UBUvRm%eEfaNIwwQzS`uy`KYaMauyafz7Emav09HztUVC4 zI2G=#B2;i(b6iwlLmEK9$5sp1Tg7NnBABn_M?H5gh!ESo8|p&{MEu=>mOPhRwq8#B z#`!MXy)`jqE}={6wzTd}<}+QrA@fue_+c~F#D?x2;Ufm|1*}o=J_&FVHCh}|^K@E{ zax%XZQ*m2k8zp)wS>Nn5g%dLcbK%t9wloLpUP@=u1sy$aQ0zM2iLu>i>AC80i(|NT z1Vi)`j6YRrb49Bj7{zI?0Xd_-6I{H)A_@Uilxj})PG~=Vj2V*;-KKM+wRYwadqC04doj?d&=5qOD2rFm zSV7&w>XhdIPc3Wzd%7H`=_-WZ6t87VDOKXZfz^y7y|d^>=7VKnG)G#ZJ!l5ZMnDW} zNT9l7qXgU{tcM3qyK=g%ES(5@28X|8oS!}9y#{idCYnvBI+pZTC7$xgjf!@Z@hG+Fap$**!yrK57CP~xihnC7&dVE` zQTxkNQD(3(MzK8H*vWx*bI=k>3(f)d7bvn%uF~oP@w`?e86uy43RmPni*Q}c#`cKC z7i`u3D2ZQw1=%UjT-|Sb?(q?q!7(PC+&Um~`Dl7>;OmkS`X^$iCwQGtl&X1^OlB0#3DYNL2BX5DG1I__5y$4qX^ z)KjOob+e<@!uw5D@Em9H){NSnnrMXX>K)`|05uDjQZr7vwlF^%@F3-5`$k~scT1wM z+s>Kk?ahgk4RjQUSY_h4Hd6K`g8MDKW~Ft)Po0cHw2(Dh%465X>OhK`kRi|^lXD8m zEOW#gXBU|EudKDuxAdlS~ac9nHO0RheXyTbw43G!#x&QcbU{U6a&Zq z@rC${vP!-ioKq_uo%39FoK&vCySXiP2&>7dH_KT-+H)4shIJ9YmV80nfn!wZfRZX@MyNf}eO*{(Q)CQ#Orx2Zuul3O^%8KkcN?l=J|w6)#le|(M?AZIojap9x5n-# z$lwTp-f^)iU9b)7?q#T#r>s0!e}Q_@Jo9d|1TdR2??$bQN^`s)oH;0F;f87KgXw(P zC7j5SuDSkGLV{)bnF4UhGo{mG{8x;sp;8BVZF)9n@;R2)R`}2EmA@!n`LK%q)-ziG zgC6hCD2V#rZvD2cMq-a21?(`7C821%|~K6^mOG;tfyeC5^Zl-dR26wJ!H%hyu{nNQgONbA@^5@O&h zEr2Q0{{wvIW^)wg9(33flb*ovyNZ%fP^tM5!D`RuH=%Cx_~B8S({e9rF5~yTmR=F|`B0seGOK>X(8jQ2_=JveXC&sa z9z(a!0O^#<=0{57c?8S$l%^ll1g=HGQwwn>vv+^685lJYPS9g^cvkYEWoKZ#xOKJA z53{=r%>;t%qq-(oelR{tjx0=;{<$!`buxVo9|y(WT>Cg0u_mifJ#`j(+Qg+L9nJjx zgzks2NeJcHdBBmCvuuY95Eyx4kP6RLE%g8fwL(7sFlA)PgNa;+?2OS>|p^Xg(>;c|NiU0GrHn3^RowXO4Y zXLlSZjJ(*BE3)nA+1tArMntk;hhMR8RV%)5o2ze@m%!i0ykOl@A--tp`zynLUi_WjneX8KM@arkrMkkO{@b0nLrr`Y_~LKG;dv7X z)u9r3#X}cnvXkIN5js783S6Kl8WfWzTRD%jrAtV=D)w=FK3y-!OTBwKSBh(Vf7FN8S znK;qUzkIik9$`8g4R)5;MoYMeTF*4hx=-`w{HGsVgUuJlVS|W^^>6}idA#IrTqMJW z#fgBF_)~`cpW^f@qp?|g86_NZ-h+a&0ms*#|oENAqoHoS0>5r}Qg0rX=sSn7oT0>)$P|nS7TEryq3`-qQQ# z^y!GY<{KQIaAt@RjUHiT?X$epXUVx$(>vMD4lDZTY|Jq>Izj`|H%`QO{%)Ep#*K%l z$QcaBdLxs+S}4gCmFL3sZL085OErbVPVH14yz7Unm^Nj2JJ4yTU;_ch@yk=xIML?a zmNrZiJw>KBV^?nNjQ81L*lvbxPkBX-j{|%;`RHnu!Hp*d8l z=mR-9iK`2swHOCc${5d!{;?0^q+i79+1tTwW}Bqg_h7$r#=S!VlNiknXW#l$2BY_u zSmN9`B7z!9qT8xWB{J9irieMSRUQIfIpq=y6sdVdb8bFBIo&wc)vjy>mW^~C)39g| zY;Q64K1W-HGILLJnxH*H*^obVFWM{N0nLT-w(O|a&VwyE~0ds;OL2K7r`TD=7)}x!QD};`y5k&Z)E8XG+KGW|<=El8eh#bEprr>}G=jUZTXJ?|R zIo>eo6>pTPTo^q&-q`sTXSU#XUH~Tj^~-b0p!K=}I>ye~RE>LAljf9JGX?Nr{KSTM z+mdKbq?B^zxUEHQM{31tP(g&*aG+nwWy6!ONbn)bEbIDX_j*WAUM{Jx0404gQ%(yQ zrY+>KurHZ2eJ!{QCqMhB-U8OQZua#4m6yh(#9fv#!`t5;^ZldIK571nY#(H-=WtM- zI>~L!<=%6-;Tj~Lj8aj2;VGZi%u*SYHr=+Wwooe2q~O*%#9)z&2%j9r&fYRmHj-xS zk`sRr@VcvzqAF9_ucAzJrk;-CNDs&eNVddz|S4|^v#3>Uf?={=;`#1As>>}_4|wo*661r)s5n3 zKaI5P+P6%n)q;e%uXGM(@ISm^G?`g(B}HSa}o(@H*92v`Cm7Vs^2y@e*&B#&a|UGGZ8a|S{uR)^~K za|$1)Iqy6Uuo#0DT+ZD!fV{;1;aVT(9)j`M%&opcU|kh*NS~@76@w8E*8s_=Kiire zSf*@_>bW6aJ zzMDIaEU%nheknF?CEs42%N;7HAjzQEq>$Ei1F}QkzcADQk32;>L(BBYU9fWS7%MLK zpjV%&2wX4O1bCOALSL)1?GTLLY%biPBW_mzx41=;C8*mG2x5+cm73_doUa*Fjw7r7 z3e!e@I|-g)wjgQy-(UfT`Zt-_lej|wmkj>ZlF=PxFuUorP9$#sQ! zZ&64|-5F)*F(V_vBJ-}PSrWyXV;U0YSLAfhW+;}$-{L*GMw6_gMhbSQ+8U(_IW4TW zoMXR163$9Gh|vKDfESQWX92q#ieYu);7Qd5;P0gG=Ppc|TPb+A#x3ve;dgws?2-k+e16@u@Pl#t%bhVpgVB94=ICFxq?nZ~-5w~t4h2IOc#3&t!7%)D4rA|H z{k1H#(sN|4)Vu0$?^wDj>?|HH?K~`FJSNE<5WR(~S$0jWJ*QkbbEQWA2cDr;)>Zwi z$aJVz=Y)PjbC)e0;4{R}o@q??VSJ9DT$57rT6 zb#t+@9UGp!cG70S99G@!uN#yIq8X%{UGv&C>m;OcSn5ZPJhgmbAKz@~7{NDT9P`Z1 zNLs!5m$R#8^Y?A+%#3*?fNn29dnfQavkQiy=!h5u*|Lmv_6{VrYb7Z~ zwz!v!VrzqTCM?-cHKVQ{TdBNpC^!%laYAO~NUQ3CyEpE% zaK7L5dc3my!eo*9z62JkkptyO9eatIm&s zjTawqpY>Ahtmb*%eQR{ODC=Vh7tLjgaQOf5h+#26joKL zA=_=FQ;545pYVL;wEHf@OQG^7L^CadU63AX7=G);iVUo>8AxeV7qgj}Q|$~9w7Pfp z`HQnjvV}Dx)t+UCK-fvc2zlwW+locU#xTP;e;Bp%nM&$O3s_P+UTWPjDX>kw-T6*R zsV=K%#}PwUW{Gal)gOp41SX$OW8F$g#m^5H1J~OcyFckr>d229RybG23>IRH9i>df z_#;J^e$b^HjGd`O{Dj!U+CMTHIlvOLhzkJ+e`bP}cEX2-`wM--urOR7N{C(emVQj0 zhJo$ILjshnX48=t7toWogHfBB*_EF#gmvBt&xMB0J_cN5;(6-lQRZk|W=Rf2Ep_8Yk_Z%lSI} zGIrHL5N{{Z_zB3v64f}_!eo{PFZa7;9>(C}cg?naDhvmyT2ozNK_>rQZP`h356(_u zK0Jh=sLcVV(_-%!scPWD_@hG2NB0$U?&|J;Q2z@t7$eN|ns5K7r~}Pkh+wr?J~p}= zn{~?eFFg2z0#*$p$o~&4{#ataZZrNLLHx;5ly`MQ#CT{~lF&x_PY`?cr_Z01J+^%F EKcvXi9RL6T literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-software-inventory.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-software-inventory.png new file mode 100644 index 0000000000000000000000000000000000000000..b4b4696b6102bffb9ad2926b2874392bd3359dd9 GIT binary patch literal 50125 zcmeEuXH-+&_a@2lP^=B$;#P3}E+-*fifXP^B%JK1Iqtb(2c@*%Q6j>Fcxpp7Hob+&0q>MisV??4UPJf(o;|r>cV=znkYOKKuHN zXZsZaEwx8%AK=Wv493D|(iU7x*7?tTm^E>Z3jbi}HGjtPRCq);GWO|98I^L#`Egpc zjl1HYb8)@t@|gWTYo4>pH{T&FfHn^Xy#fd06ywCR0-Bo4Ibu5RP$c`+%r0TAB*>3q zIxp|k6%;%d6cpTfE#v6y%y{JJ=%}Ns8^_AVHa<4SRXttW(b3V|bp87EtN1#~g?=M8 zva-K=_`7|0fB*77|5H6yyWRKKzegA1&WN7+_vkxUtJ=Q@R1d=c_g^N|f4`#EeBj-4 zzvGkcI?yx7i)f|su8SVlWoy`AGh@dC`JC%1C9ElO8Xok}rA_Rq{|HB$ENvTm63K?p{j9aQ;mY2Uhz!QIawFeC7RQs7!>^XTr)=A0fRI`7wCp>hQw9-QO(su(a)0_46xx z&?P1?QKfUBsg&3~p@{?+>JRwz?gap{U@;=u=5WqyEMXb|XXwq*wO-MS25rsOM%kq{ z^nQNVWTDvf0qu-m_Vc@4hVGbvT9L}g5*=On$u};c8r~=!_<=ZfYl_~d%iLET z@7;OkBros&esf5~R-E3warQfjeikN)_Gm(jU*LN{d+A)MlIV*oGzV#3Pvw)1xT;-% zBW-1l(_$X32L}@NkzTql{eMskJ5KbyG&HGLqDwuA6dquIXfkastQE^8UJo$Qg+yc& zluJkV7%j$5yP8#SbQu^wog9jWA-htZ2S5L~@djDIF_Bv2gmN3=KA22E9aLH}cG@Q0 zsHX?){oqI-4sgob$KUh8KwrAo^?jxX+;Q!evrA8;adt#haTv{~8Hnvv{bW+DT$o^k z?=lpvjw==}r0^$`lM82l28}v`PFiB{>wIK4tg&gidF`!<8-bfwWXmhGbYb+H+Ck-} z(vnxZ&E1p+L}Ll5@t(WS)Vr(seO^yGC4SySbCr}I^2ydWszuj%=*U-y;7qfFf^Nzl zMtc8DDQ8*Tl4(MvV9s31Rf*oUluM-B9yvV$AH(H?wCgt+ zNOw;EGp}#TVtXHXXdU}pVzx8Y{-(E^I0YE}jD%6{e~gduT4UNAg(Rs`KPlv@U4sB> z{oxo5jxubMTs{Fa5DB9Wjn;u#e(P|1iVw9}CN2fv)Qxq7LYB_m8;9<_K z6vv`S+3q_mer3H^#Z+3>2uAzXrBaSE9)Ee2VYfL4wYQ(3xBElA5k)HS^-Z@_O97pf zg=0J~lLHPVMbO^AF(r@fVt5#YS2O?;;zRfY+pzTp%Re6(=K}Ph3#qXQa#F*tdbRxQ z_yt~_f(K6;9CGgk-yAJX71W=7;2Vux-=|559h=wbXM1ie;gKF#S(UMzi@h_&nVz3j zD!5IX66@JfQr;>>7=GtH?!BKv_zts(~`xBmj35^BsTQ zs9*4?-kgsGN8@Jh==TnvP)@kn;lVR<)DAb*?(scs%%&Gyr_RhVOv5 zeEF^vpkd{@6sqR1r&S%r=D^q)>Ry_<^J$%T`XN}MHnD$t2y-ND7slb2-Q^k+na*#% zYn;8|8q00a@z4W@iwOxRn~hf45Wi=#$$E7XT}v`o59%1kR4m*}hjt#kATw9H<4pyn zUkm+^IB4P3Go1=g(>2Jgl{bf!@3#^}3yk*{LqIqKxN_S5i)$85_m<{BhH^FrM`0c8 zGw#O-u9}DU4X_H+>{7qg@Ui55+V>^K9%2FY3cweY-$*N~%~hX)>^d1{Y3IPx{E4ea z`pZOC(K+a+vNHGkY=i*cCQO(4RhxrH^_bAvEaaedax)mT*q}WyOA3~znh&51svgd| z-_JJu9=J_%toPe*y@gJ1qVs#U$h|>3sYoZWXRpAzVrx?qcnzBbMuQU#Vgx6HRMBpV zI?Dfr&QlnYy<}wJPDqbv=3x0VVzeH1>oY&Qd6qz&j+p#NV9x~d6X{379!a~UpJDvb z0{Iq34wkClsMrhG;Pjq73!rQ5a4IOc=BT%LN!)Ty1vKqD@vPa&u98jX_+l*! zS190opC#Wl>#BiqSc4Dx9H+(D+%CW)dAXrqu;eFDDU`@@0shXokE68?}jZWfDCxD^;=wYF}& zn-wYnZKL0_;70fx?&o4m-ddF$;(?HG5gnhl$4jt)aep$}Pdg@ZN z;sA7v$6hI_oGxPJ&jbRDZ4O-uYK_CZ>8{4@l%Hm9`Qvo1CMsWF9HmxmcL`~CRAhRu zM!bTU#k*~ZMmLz~=D#;(HUtaYQ{9VOn3b7PjTIgeRV&(qYuQcAT3Qs&v;qt1%=@33ZuXe&MQ(Ct6xYnf`gL}Tc|!E>^@yx%LuBcM`_PSCbIG>F zH}56wTA_QH7`xf3qjWH@$sBM<0NTL+a65dSNv!uSgJ_?&L+VzszF|dzr&+^~pZcT} zzj5S^i6l~A=oT(LowM3aT~ZceA)CyR?EfGzTiLCDoF68pr;i^QthZ*BHlbOJnqI>f+_G0E2Im;VbJP-o&$T%MHYN4AqX%Q# zeKaO;Dhy3`^X*SYrdp1k6S;vsl_f2U8tieRD8W9XY(<{r#zDP+^1|cFoB2AGRVOk6 zqO)OoRkQao!4>dVZm`&ZMSb)$BM#FNA|2~oo@>kv?dhq)mCxfbJ(p^#o}~nkPqh~; zL7H7NQzNWenh1WlH@EsUv|-#_8owfMDyo`nwFx%4kB3{&lnPQ8OTT8{wXRon!3iHU zY9#r-IRNy?SS_3~t#=B2JgAlImah^Pb7Sb0s)?cn;a(MW%i3%#r=f+VfLK80`p~Wf zx#DM&VoPq~xirE2)sb&iiwj?Y6F2&|4CpEG`7aC1jU2GJMwM+siRj|<53QGk{IqfL zjm6AJ&y-dHakd`#>OvHvs>nIRomBw&qC56dnd^49!!2ez<^hyG(eoqQ3#@nBYXSKk z+Bf2gJq;iYA`hRB&X({1KQP^0)jd$}x?z&_brwReeuZkZ85IAq+e%zy!*(`NN?*$N z0BcA8F<1XmsA_{(a$jScJ~BfqDo13fkt7#&*1_k#5%m0c=BBfYXj)-BTV(Gx>%*ZM z(-PevMxhkNWmZI3=()DIPCY;V8uWWN?2h~?-V-g3nVVtyv)54rmVN0-PhWUe@$D!H z-U)plx>g7j>#AA*BHL7Tp~%szuO`4hBDS?jzL8E~>X6>%oi6XmrKJFBQ86d2cu-@U zcuVRfQ`lXDf-)P>d~G~eFH?e-+2KF-Hnio|qG8X>d*%51K*43s&Gk02fwu;FwDrcu0bv6k!mTR{gI#FLEChZSAqRoUB!Dn3ZSm#(K z%K-Gqt;Es=^u)X@5X#_$N#rl>eGt&|XvXo3OGa?CAIyx6nz^~fKR!2W@;GZD5xVZP zaPZLVqbiF29mA~>oACV*y7jX>r+uhaEY0XeNd#_SYXcr-u#?NO{2maQF_RywQl0My z_U@^7T(AZDO>!k^;nFnYsAxJK#2MM(5lFAU( zzs;y(u&LhCo;tzQ&DXtjSMq(GuK2coP&`&=qx<81HD$+WnJim9J4c0gE4^hOzUrp` zFoBy!w+5)E4f_082@kbUQ^kARG;$S1C(s04988aI7uNc1QS-M|*uAB28;{p%wZ>T1yj8!Z9zkpT7>Vd@nGZdhz01-ViG|P|+?2 z!&)ZGl`auFn3GWDTkR)b5-~G3K7CHYSj(tRLWekc|7>j!sG|R?(K|5vz}sM#IuRE} zIpq$BrIlr5HNmIR{qmTELfX#;BfWFfkMFH!-X9f~GpenMDm@t~KrS&Hz}T;C7i*Cp z@>*$|nC5d-&ED4FLk}_vaePUvI4R}_%fA$qWYji&S{{1TIWs>LuFI>pK|VDjsp}Bx z*pA9*8cWSXWPfp~(qES^Mzb^(TgXb79GFx*g;EbrBp8H*<{+Ocq=lcc*li_iti4i= zU!n_r5TFIK^1?sbciu|st#L?Ep$~9b^aLnibj;m$JKpHmd1>Zw2EkrqnhPu4D zA*JY@u0%?id{*+^!=oX6pety;LD7J%wc(`+5?r;nb=kM`dTG>3;!CP}r&`G~Vxd;S z*xXhO4a0le;I&;ECq?>qr!u!i8)CT~fg?9Z`;A(1&siv4E6pALhGadDu6l2#*sdcO zrFF_!+wcm@v%qoBsM}XATti)X!ng;SG$J~MLYiv&i&i4Xz0kEFN zlO?$xcIlZRMhWw9$!m+KuE7^E*OH4ZJC>9V=D>PO^--PY<7!8PTA9oGI5imN(q=pL z_Wj!eaxa%t??(RFz?iCaH1~62Xdp{p7UN%incM46yM8_*pv6$p2*+^zz`v)GyJc|8 zIK!Z4`jS(NV^6K5q1&|!k6f02JP%!!wo=s%3dzlJ91hBW#WdoRSUw8h6O_3bX4&}d z?fvHJ7%skB2D=`p!{)oU4AxWyyR{vxUuw!eokV+jdcILKbh<_V>#g&ao5zfSI0YzZ7cTy4_{DqwSwTt|GtGL* zSoL}8lkBrpvM`T?6nxm;VTKjH0`4s(SCTZ%xmjZdnZm1<`cBn&c6!5{Hy|kaR;0(8>LM1Zg5Ouhoe$g8T{4E-zpE45wL89Ra}9#` zbbPmIV#w9W8`}MV&D5Ra-pHcx_pTV^+DHOO>7{`A49EGO1PyI(WBYE<$jZ#8)zR`L z`SH|7joRa+$#s1aFXPk%3^^w;?UY^wEjwH4S9%vv@}M||t)R~V{I<79Vr9Fi2e4N5 zT}D@s*uz`drj_D=kcLu^rw_LmsE=Iml0J;?BSO7jUATt?YYzI3$`Qkj}OFy zLSDVTyT+t2njke7MAvZ2+&&pPv|q|U63N(?bp6vOs275NU`X}uM7fhiwnMQezN!;% zaDnydLyLK~)(ebu*E&)B>G*1Q@wv5^?JHduJBEf0r%IZ)KNe*S`p7hRIa4wR4zijn zGa`fZ7V~UAk^zl!jkmY@XLPOc~dW=tNSBIw(OFu6_x17fcJN_?3f8=Ik4e zmOs#*s9Wj~5G}iz&-|QpGM?(T+}~nhIMRt#BqNOd$(Qh4SB>nUQ>cR*!H*?}A8GR~ z>=rPRayB`EhneDf(ANvrvky={U9o3Dx;l8Y)X-$s+KkiOe~fr;sTH7<`IE?Di{EzbN>0faq> zgtM%=raiGWXtwk|YxqkD+rKec_P!t|=(YIyeQIFQ`p6uFfljkLo6i zCx4%qx^W3wuKrmCPn3>MZ1;t~@Spkkj8c4rhkgjs?O`g8RL(JZ`|*cTFN1Vkt9vF68 zhMT^^d`0HGdRm2S+(FmLZv}3Ppfk&uoA~t1CGiSMH=3R`3G$8o@UKXa=(^v5;NgxM zK;ARS@g^PTN?Lpnx}}h^;DBj1RRE&zgX6@3i-DwltfKhRzIDp^L5<^VYnwSzF|x6) z+)Fi5D1x&|r;L1XTK$@H1fj2;p?@N1Lq5B-D!_(OTt*k+FHgoAz{_3--ZlI#Ijn=wVkxL~CyIOmfGTlwpn`%%*oEN6?9q92iYt`JzbA zaL}Z+hDtUVJ6xw}T4t1WNw(T;z}VokChiY9ZZ!x^NwQ&VHl8V+qgs(`l;MaeDxy1e z)3nsvFen>r)g7Ij^eFJgjB_;w;h-klT3efrt({wn1rOA`q~hjtQMI?pq-_1#0wQ+wFNEq% zOI7j=>5Dy-%-w$YapUp*Nk|3IxvI?XS7rve+;he9M(OosGba}^(nIVKl6BctZQ@5P zeonqzzRviL9ql{Vr*EMk(Q{M6YEXaV>Pxbhz+Pab8@o2n&L0N~5Y8I%zqnC%JIG>s z1nJv&{-7~~)RxtDbMZiKFCbVJRYxw(w4iEk_kJ?ncX}nCNk#A2-1R|ws`{rtOVX=1 z-!_WJ>e?OcX)-)>ASksSGfp{4n_p38W|>G$P{RJyh>1&th+^J1f@nTL^ui-y0ElmBD@_X7SZ}Y%#iHgVPMNP6s7w|wKDi>PY$9@z2xIT~U}7NtN@*~DR6mVdwh ze~d`|de}eh18AIlltl=VNJ}Me$7FJ-RIh@U5(oxq>fKE8GouQW^R)LU7+hv1$KME= zYstsG2WdeWor`CEXGcbIDeCMi!yzsy85STeE?z=W=cuSC3R)LCy`gVqWi^kEjEwx~ zXBN9RjQ}^fKPj}p36zb+u(DD>7)rYL9IEf{)Vuwtfp}Lu0yRNP)ogIe^6$~3NckrD zd-^}q@kp>_ot~ko(PE`X)aH?&SE8fPyg#FyFI>geJX?}-@`HE(0CQ3)Zw_y34k*TQ2% z-m07%4Ctvo&UPmLU?CM42se&Flg#}U+Un^pBsR%I+PBMi&Gfb1L*s9bLw61S-VOZ`*$jGQ(fM=8qkA*aB2yC9tVK z7YWuM`89?^;-#owLi)CWE&&nh=@IfXkx49|Ss)lPAPj~APjDB_q-^6Vmsre< z;9*D7r>JV)U$p&uu2wXCd;m$^R4+t6CU z<55c+u$^D%XRG`uPZ&CQh-}JjIkAGq(D93sO6|j#UO(rqOs1ilk45$_Zol^PyYNSo znhS(RI-O3uIAVBzda0^@G&VN=x&3-3COX&$;e07>?D}myR{#-zLf0O(y`Hv%}%2sbIYbY-Yb8QJoC}W^{Q+E1a zv>QY*@(qFO1UzC#g#_&f$20H!!v#Q&wo$qPtt@T7mXVdE%=)i3uXFW(6`Q}5@Q-m& z`gwKfzq9RsMWuXoljmOzp&Wfs{@14d|7DaBptS$3GjRFOqN z(g7N2*m2hm4N8gF8D{Ygg9%f+9)bqpx80W&1*3_0$-YQ zt!T+%k8#pMtt9kB;;_MR%nV!)$mnNfc;GLLy*ikW?N2a@Xvz8Ge>|r;c{TU;e%Y^3 zs?htC{zoPUDdv-;S{71Eo+dXo0>-$U-m_19+gCLP&V6f#7{e3}jpG6^NNI}8z8Xzd zuo)%#fFCZmms-(n-1>zDTgct)q~=q>g0<;Jy&4PTWMygPt5pZ?xInEBfDraZV*#F& zrxKm`=(U{SKWndPzyuR3Wrd{(QDgsT+;)Ey60_HQdAx4NA?e)l6I-9d!^+G@a|3dA z^5YRvEjK-O)X`&`4rqPsPnT6Uiw^vNzfiy5ZrQ9jB-)KrXKLT0bV71nOWEf2ci*!$ zn_+~Q&T^Yoff9>|!Y`?_cK|7{Mka^86*s~#Nfqu}t$^<@Jy1@!9=&r}Eh6qp(5N11 z^%Ud}M*C~l5a%8NQm`_C`fLG4mYAmRC1}nWKX|Xg5!4)BZIOTtSd3&jLiK2H%4-Qz z*4fEKsU3O-Fd=^PNDZ}*T=uhHua5WoY)exb1dQ?iEAa)N;KnC@0d8#iI$aEf0-{}4 zxk|TajqoqnpKUC+3tNzzfS}+B2wQa{-^aRsuZw@l@Vl*;XM805@N>`~k*xIJznL%) zIq|{yTGv!t5ORGq7PeU$u6;nz0R(L&V9dNjIBGUlhx(JuO0i_(IoypjJGRQ@*Y8CT z^tt8B>=y>0)GTY9Xys%L{q=42R8Zq@-$D7x)eCN^y%i&hJk z;$X26O&@e}rm`2k5J`o-Hqlqw1DD-rZ({+lcgD#f56Q+yBs29Ff#VDysKQr(jZbZTfSLdXyvrtHUm0U|Of(s4Z`%E&c0f2@2oj zC^f>O3R(^^rVu*D6bth$Rnk6{z3s+|RIjSD9i8w58RjxHF*Y{Q>~fCAr`;B-F7@a- zS@qtSwSe`+&DAe9Vm#GTyvjuA%#45YxBkraRo$Z2zRmG$pFm=WetH6dsZOQBr9q7? zcXL`11Ldyes!jdr^qCMwmnztjWD^8(B5#-=hN_lLLy>Um0pYHAJ+gC2&uLX`d47ig z%q5j)h5JZ!fSr!X0m0o!(yvhG>^_;N;Pm#%LA#Nq!Jx>c6~}%G z_r~sJzf^5>qJ2Nf2IYbCAoLIF)|JkdLSMl#GCKLGq565BcHikp1(D+(C;#Sg+Em`7dEz0z=ToG2P){)V{rT^B(Z1NW)VCE>v0W?@; z6yymnRIF)&ei?@_ur<|>BM^85Fj_UOu9dkUXB=i{zN}X z-#K(~GY{&8PFH$jYxjpkQCH7iHl1Tvdhq;=NSl}*a2Ko(a^5|u^a{$LuqIL+sd4^F zz}(Hh<55a961_5YzhW~c6%R4VQc2Ckv#TSj8maw&YR2ftAE!Y?O)Lx)G?r;q1n^$h zL~X6br5D?v>-us~1|xLq~gKgu$!=9zkOwa&CR$Cxw%C~fMi zHO(QR2hBv~j4(9_t4pnU9V$_Fvylfw(@*!eF5Z-SP#KyIyUK0%L$9thojzE8 zyh7|Pv8#@+yvULjcQWAw65K_Q5k*BkuYK@y55^CfPO?p<&p&Y)X=t7IN@{|E1nhd% z!i@g*e^hTI@TSRAJ0Vq#dy*jFX981=il$fP?Hvo)1pT70K@j=}6h~5zs|tdB*$5h^ z=JdBlV9)h$cKNQJ6dO$stgC=ZTx( zMJ=LeWVA&t^JpwHdb<9ae8Xe%_O5jsBO^OB+B@;tY}2u}5iLQd{9y%;OvB^aP}vze zcC#{;0GAkvjPpVrQD!CNswMvJpZ@4MHxY*Z@gM#=r-{itG7x5@6SvvbvWK;Rph9!F zcqiUQzT(ye8Q$ei7%Y0A`8O@lJu&f1W@%+J=>eYuN=5Lx%cKpNBLT@5Vcl|K z=&QrJ6Z5qgKqDejr^L9zBc?}g8;mCK@H;#W#%N}@{~aq+Q9U;CyW8h9Bs~q@Fcbbb zN-y6ibU~x4thz5na^it_Xu!hPSIjJk3@ zgQa8fY%Ajbx{M3zOz%^IMx_6}aAQs*EK`f=}?Y-G+J zEl2^BWBmlikE6PzXJ5n3$FI-sWGWKYUFz(JMf_=jC%ZPt_>3Tcqc$W&F*f;557b+ByWGWr-P|xciN| z9z6B3p$R-z6gTBvQKDr@zq=$5USr$k{54#1FVUIoFP^8fZz|^Qcm$Lo*T^VE;o}{DR*#FJVXCu5#@jWjHWxGVE~skF)C zgeiN^M2<6}Wm=eg7wDc-<;HR)h=_(8#UjQP%dCSGNL*&KXbZ`yY*9RTOjzzqdg+pC z0*Gw-F<=>de@$AXT0F8BhTQWL&w?*Z4emADjeP&i)3}p&Quh=*Chzc=O+Hy} zoZ>l~*1wbDoUgMWa7n1G_o|%7y^@{=j-2?od_o1v`zrXWWOYOUyJG*c%QCr)jlLws+t!YjAxi4t29%KSbpShcp ztGgc(XJc{A!GzN&@T5&*I<_vxc_^~)?yff@zgD2FB$wB=QR7!p4Ark@|JH!}oVLeyLX9*DpGM{j*jY# z*A$H`Q4#MqFN*7x4I@KjVa|_SK30}uaCJc9au4dHw%nWTZC?v|gnsmq9C?XZl5vC{ zi}3tfpnTvYQ{t1WA4L$8)^q%ls7K+FM4RKTN!~WA?OnOeCvQkAz!xPN#IIC1AY?E+i513aF(`S&SYqaD57|#F(k-clY`_FR*M-9IZM@F$BRC0|Yw^$7u71GcNjro$s6xlLIt~29vY{`pLYzEBP1tCNzq_kL zXct%ujv|!#PN^twh5ERi?e3|Bja9|sXK#$PcLyBA`B6A`_^w$a6_qogA(XFG(kdUX z@$mW^a9IOq1<0kus0mMhg#K}%mhZ+%i*bWU(gtH~;Vvak`1tW)ty)uf=>2fF2+iAZ z%6`k1Z&1G&Ow6JzZ*_dwg#0I$;fHfh1q|YJ)abwAHZ)Pa#;}F&_lohj&%IlY7a*!v z+@=UQZDC^5DE9VA@5>XzMuCA7BTZRSxI}t9>;n)u{fwNZNuP1m z@uk;^lw>{rPqO~|1nSp3Rowk*Pr)MV?(RDL!X^hE3PQJpmw{`aX>xP^gbdB?|4V7T zy(vzwi4!@$C7I>EzT>3>vBC`9dhh;W_5uGpmG=0+&82ie!4dU(Y8v<{jYxoGa-B$k#Y79g=k5YjnE;R1!f=RP^I1*c!|etYYt(k#8rWOM)KVU&Oh2(OsSE9aH7Z!`zTPi-oj`S}Oc?%0;beC^MV+{PO3Co1d~ zDeHW;Z2(YoilvLQxNmle!N{~8bI32PdwLpaYC)N$)@bN2_)vX6t<5B$&N|B~p^CyS zbzSreLs|!b;djlZ9!Q`rvq5&Pcdi<~l-sf9}OJycKQs`I*SWXxB#qzUje3IPjF)wXV zWV!pCF(EX=3JZ%ob1-~$j?cnqCv!2HWQ6juZdBW;)|So6jZ~U(59EnDM7RY)Tviir zjbH|w#xi5&u_f{rCA?&kN`fr0c3qkzI=0wa;CXp#q$e$H|lS#-_uE9T%l~-VkK{`uaLs`BkT66ME5cW4W)%9M_w0J z;*}DFn=7G6AMh=7k=Z`uY~H!)v&=V2Mgq|A=Yc$p2T-TuQ|#tAhBq7a2=-%~XU##a z8wsXYK1Hc_@D%t@ww-MUl;B+>vKx@!d&4|<*{W{to)k&-2*q0bml&UqJ|YnmNLdq z4rp$IW%?9*rd@<{9ZJ@b zef@?13-z9iB(_O`C1e0r5C`ludEPUv!+hqvx)g#6-1M~U7O#O0ad*(z3HkEyp-hjc z(Lq&DYdGlbSoooNaFQs6JSAF8`Dl`;=tB;tPX}<3vr1(UxXkcK#CDg`eb zj%R31F)UVYVlMMfZ<-)q`liu@Y2HbIwQCPvTY5CjuDs$ERwa~hPl7B^L92KucgQ@b z#!$(D=XhA7aF8Qda=EEg7Mfu^>{)8dkQf~wSXlIf;7~0;k2n^Y^_sx@ZOKq7W*XRC zb8bkTBo+;CTK;wRoeiUm|H45Bn|@MeqOcfF$a2u$P}<6ttxD&OHAY8lp=!h8LgTsmc}~jJT8# z@|VCx40n8f-I-hVY*yW776qmXYr|Pe5ZBOu&H7 zWFxg24Sk+!^uF|6T>t8SSzK%Vg(4XA5e#x^-2Fn3d_lbPX3H(J%saFD!xMyZZAD)y zQ94OPk3Xu~i*KIxjgrvXzkv6lpUBb-wBafA1x!3t8PW5V?Ht4I6BdV2p(Gq!0cgv@ zheKXb=IbeEap*wpn>cv8KAY>Qi7^wIP3Kn40RW>}JK$4f1pDW^740SJX&DIpI?Bm@ zNun+i-6qO*_7x@+UF6TrSUZMQwCZ2`uuS3l8yDWQ;ZlMRxGTU*B=0k3HktNT(GB7z z5qfhA$?*@&jjLvalIjMh4m4L`q>*3S@6p+N!8md05W6h@<5l|u~r@%vQd|*xj`P%& zK~vBn$Mn*N`x>1>^`rgmmii}+{cIhvo&%of5j4Q56cVo-c zro`Nz`MxARvKUGc!M$M#yMcq=Uf;UbigGlj2jem*^(P}U>v~apAc{fToH1-WU+ws< z0~>u&6-+#O+DvMxO5>|e1!&)8<~oFdKN{U3fiwk=dMcht`It;xzok_%NelIS2C-Gz z(ZA!jtS#0r5bygwNUqy+$!Ih$Q{Lrc(12QZe1*A5MoFF3v#-$={r&A1K!yIOOmnE3%F(zx-in?SXt>KTjRa<4R-!MKv~2%WD%^52 zruUkZpMW;0e}!wAls@MNaDimw_)>%NwSX`FTE5dy@n(~WUhgQO-nDd>%T#sR!ZDqT zSnQL(69-9kN}Lr(6TUK;pC%|Z(2focpF0<|Jv=-N?`JgOhZobBeE>Ho*phA0i7O zdq|SZORVo+!z zAxU!e&`xI+e)T2Qin*6Jh~OHY*heXWraFZDTb_Mk)`qhCM`&usoW7b&sa;wzji8ij z&6Wn)mUFmx#JD&R-ny85I(Xr;Q*FOrwPsVLMs@WZ$o3DS_QrWD0rZOqG4$@g7(8W2 zA9MXbM3P6A{!^IFez4trSyq<9quch`%Y|e%`IkX zu7XPoJE)P$_b+b3O&uQaCkfqqo`>Xa@@jcz93k=MLB9GZlKZ_7gXBfF@?5URbS&kG zpZFP0aSe~9A!qt=F&?&#`dk>u+$k^k~53Wm2+{-%{sPQH21?E30ISG|{{?0Gaoni^NSZR z%4JQAjjcpU&S|NrM8N7d>n=S1Jr~!m?E}?YWAN23voK+!!a7r-!6t+}=Ze<$xJnS| z;w(q%n_nU!-zeDz?hPwCy0}aL49skZN7+x_U14S}sIVKP&FYg$EejdM?KiL|)aeiQ zHy|Wi89rP2fj;gvr=I3!ipxI$5c;hA4uVgU=8;;RwCB$c4-dzV@#Q$ETN8MtC^w*@ z`ieiWm^k1hSA`O}@6VP=KcXo5@U5iYg8ltbf{j<;ycb+@_3^MKe${1vrAb4=4@psL zSE*|ky8Bw*(b1_{*MSMxqPiau0&h(gh64lx%n45dgI{qetyvIw`MnjzZcYw6<@tq#gbovUW-NI`xUqiR zCJ+(XHn@sT>$$T*{|!k;bn%z$~Nb zvAocMMm043yin-2-^+eo6{K^iX=2%EEM(LhsJBWU?-G<3uOc0v7QB&E=z>lzBZs@W z^cJILf~xCT@!$lx3iF=VDi6Z^hB|iVHjI~PXdn4J^_Z>miinIHt8OBJF8wy%H<{rU zC4x?GkXCk{0C~V|=_+@-Onxug~?2z>A7oT`7=TU3=$aVfr==tlppYJHr zR=1kqwEA|TaQFEBp>oAt_)h;r*(7rOi*6+u*bJPaGw~2jq6XRRgne$=BGEtvc&^en znM?F@Nhf{fk-qY>4|FfG_GD+=Z+H7NNJI4U`?3ur)`XPlg1!1~a8FPYOLwGsU0Fdi zD{DC%EnE?*|cGwb&;{{Ro`P%Y|r9NP^V3T(#`+vada zY)Jse2!F%ryd&eoKIhEwKTc{07>zwhi&-1Mm5q-HD+vnbL{nT$Hksjr8y{+V+Uv*n zv*4{3IzMbdlIPa^6AFP9T2-Y_LqqcjOsKRSNWXr3zoPEBe3u23&qb~<#DTujeS(PD zqnHB9xm{*ny{r9u-;jeSHYpt=J*(I%*=Gk(dF1za{H#C&b5fh_-6;}E1U$Ck#tJYg zqa|;>h^$I+?%1y>Ah=DQm;LnB#D#+)xBJcupx)7`JmcM!Q{pr1MV~hh>{bivT}F#J zD!2Dw79}VYhBESzW+rb=b&(?b3RII;=lpR1ZSBt#zoWqZn@~I->lWp#Qm1~WE^XsD z%j-vj=X8G_@y;(@|9WLVA!TD@gI_=(jtfjCq75kgL<%=|kBBClPndc{QJ%Bp;++@v zL)lMcO?UAsf#r|8F`uCHnq@;6u{@Ou!V!(JeTLVJeFjpH)l1BRJ`25(k?9(?k*X$OQGOkQ^vS4p=&4c3 zkP|K;{5RI#0;;X8YZtC_DwI>96pHi|D_-28EmpjE@lqfV++C{BqD6vB(Le&h2?Q-# zG`IvSMFIqpA|XH^+}*zCobTR$jPH(n@Axwq3<8_%wU^BKJkOeQF6}fA%QWT85KK^u zDXaBJ)ZtsFJhtMXnmb9RoKcg}*n+!RGoQ}(XMXdNXC0MoEFsgUT@(MUOV{~Xj+lG8 zjNk@A(M$nm(&=4m@YEhuZ)mO6B#ywASyYzn()8B_cVMIHy~PVo;nGk2`T1<-?wz!# zeT<_wc?*f#pK&D=l$w<-a~iG9RiB4xkx??}oIUMtOaqf`lghaI<8yf)+xE?O41F!q z(;L!u-_E5K4jh7$7EN6fyq*%W;%q*ZF7929juOlYoUXyqdLs7{6uL!}+?Cth6ZbGV z)@eKVYjc?syJ9hFHS~pacUzBdrMlql?Bj=iM^NuY#LAD^v7A0>$!M{dHab;3Ew5Co za2MZ@Qr(ghj+xwAh!?wk0?pW_;g%{PECa@MFS?uwG{GM?ZK_4+HCp%Yd!M)J1_!kf zYKRTqn9$TPc~$Y4ooioB%$rQ#M4@E0@_LPM-S|aIG{F%3NZ~7H`rZ zrAHuZp>(p>ZViuz3C+1jH>yGxjv@Pf_T5D@OZnoV1t;S3Id_ST(U{74U-@(Ar#{`{ zbON3LF!?BKR-nF_SxKxsMdHGZ-@AeQw05wGjr7w478Dj)hLfjB#33xZHyY&q)v;0o zhZpA(D1@VA7KC2I6(7Bs7tZ#mLEJceuEVg}MknwYC_0P@A6ZP4A@e5R( z+@=5J>|Q=T`dLT85j}!crc5rq!Ff~mFB9Z~TwQ(peC)a#Bv#&*meo#4{>q)+D|7}cydOhJIK#_{B z9YqAEnp(vNv|0}%x#>S&xj|y0ktAFNPCUMxmZM>}I3wU9(Ji_>_K-Msh+8QEu zs41F3fyG0q^#TI}vAz9oHfFD%*p8O%AzLCxKc_!s0)pf3erv1z2S?tu-*l;(<`6dL z_xAEC%F9#WPwsp6$|U4ch%G2`@FeIHMa(73>TQ3cw+|kuj~zfGO*5+=nOA(MX}W1bus2losmM5~sV}^;vgwS^gZK_7 zrM>C|85QZoR}E!!3u%gW_Fj`hfFL$d9%!L&EokIAT-|&Z9q1WN6f<}z zTwr(7RkaXk?z*>lb%FD%+nrTde$VRpz7VHbQ>Q^|*^ruEchc~eyM0}S7pCSruXts7 zjk27pZLu8V=43ao$U4b@PbGTUQhe;h1);vdnrje8<3EFuDwBn8HeMYax86?r7op$% zXyWDK`{@!IlmAzISpRXF*6k*QHh-N|mElUkEn0DKgIb!9sGU7QIg(!ytvBwmWZN`Q zo%LxbW5vJemQnUv_(50~53>^+AlKW@<0AL}z^Gqs1QxsPK~5aS0YOW zONtHW;;D$sw~J@NM&KpHeUH;Rcq;Gc94(I~Z7*-hBUpJq7$3o!eduI7X;dghS}wd| z8&JDd`l{0K;$e%CW`%1(v9Z#!=?6O_u(duL#P3zDp-VlyuhHGhp-i(xPB1mw|5Xh< z*Fzi5W#}{kl6V9+&0-ym9$KD zu8v0gTAW&suLPn|jTN+hLSHA;l+!8eqsa}^0!htQnRo z&DZhWTuB>CTHRmeLFAL+I`PSdkZcNeuXebWX~MIuG6Z@ex3wNZ@Pi>y#LVuzwyOX*6LJ61@jU$O8M+US zzird^9oy1gr?GG#*0JC#it+#^oHgqb`mvw`mjr%od=Rnsd76KB)fdm(vacpq!GJTQ6e?+Ru{Jk|Az!qe2Fv1AfkI5l-A5>PB!G9&Ll&=-Q5Evz+2SCUZRU z%gmI1PCqYLPbaI>SK^DJZ#&Ya&+<%*`XTucW#!G=3;+GH6_f z(LLm#@1Z#b@2Da;riljOdgvGM)qel%;dja`?wk=x=!A1bt5|onXBMS9Y5pFHeFqP| zCbB8@hRR8+>^Yq{S)T${V|V3>D1WR`zB8}t&U$zJvYb&mcOrNny#6t3PRiI;$v^8P zMK1xWl6(HrUrPbyPkZG`FZM;Bl*yVimgQ{s4mkYWw{Edss1r9*{ZIo-lP~e?FC5M* zh#mwDq;hP{ges2Mh&p5}%M=x*_^FP=W{19XD)|Q}0^=7_pqK4)hacyqC2@Xh^ggM< zIkduJ=3K3JR&SC>(M!d``m*lzU^Jz~Acnl%6EgETzpH6}TzWMf3kBw#IS01d|4LBU zB?)D9uam?QoQsNVzw7V7VVAFy|PZPWELhKH+33up*IGxJe&klY-X<>t_2I#0~ zdAm*Ht4ucBvsqf(I8y7ayRWlza>5G=*vE3tv|gl_@hcY+68c*@;nxNktbR*BE)11? zawAT=Xj_})@bT2n9A++*@cKb}!-hzB!y+f{zdN$-OY+&WQu;n}l9migk|#LRhg zf;C%s{_=FzO6IsUL`od(d45)qM-$_25g!^~3K+{zCY#MxvST^#Rp&3n0!|@Pjc;aH zf<0>5rGp#V+udanY zadUNfh7rtI&C2Ym*q%v6*EX9Xh0E3%<{b|X_pDPd=TfUgi6@Li*?i$}7+2VqBUc=2 zRE^mRjarhr`+85ORJ77d$2LbDM9>MHVwPSXy)?wi?&;2@&|=t@WIn=@a~b0YRo&I& z`@NOzHxlD8*s4n{xXADmIciYWON8^A83wZ-eWCXpvdGkia0WLQfZ z4`%cs&o;|5s2(d#vl>ir83)}6ZX+<*HEboAXOl8DuRRc)u9B1g{9aRN_Y-H<&@FA5 zf1$>iy%a)~P_X$6Z_v{G7RKY?V{QI&U}2|Zx+rvXUzEx_KNS@vj4(Hi)_}h8v-CX0?Or3ha zv$@z}*f+)qT`+gx+S5G2taNc`;fo3`I3x`My`WlbO!@S~WaUB?D(5R2TZU&;)~fuH_7Ro&O32KTogHA8L%`!lG6uBup@t6~6jBGOE?DZ! znW;Z@T6?I(G-&i@KzOx;QScL{a-8fWgpCOT?>*X8uC5N`4OjbN~vJ#g`27J+|eQ|f-`5Sn^rKUV*(`S`%|@S9o&JW!J)bkmIeY{Q&h>Xa;N zbF{f!G9vPYt+VL|u_O*m_iQH6=iLDANRPj#kKHY)--Sub=;|o2=g}}$Sk_fzb{J7x zn0Q8O##2428uUqjGt(j6Sl6>|o1VgKf4>;>cQ+X`6PWWdNB<%78?BzQrk}nb^X<I`L zwfpX9_}Tqny;A;qv=RPDq?po(UXGmBo^Z_Asy&}cI$LJ_WaCLT%d@t^f539<<1qt+ zLQ@*JaC!#!q>b#luuRs1@CjRS@l&*uM6OyvU^x3g?7q1gHRspCHJqPt|GYuFLRh}fGxn(nGP zcQRSSrdd3<#p)Q;XH>**n`-w*dmX!Dl-+xi3o)WPFfAjeBsR@47%|oS`qah^ro5sO z+lV;=;_Vh<;8ONqN(n}OSy=F+uvcc#XV=4R}y$3(0s=@8^cA0Pe@5m6>hQi zyDsA1s%bxDRuHoGOGAFL^=y+-PsGOS=dF!wg@de@tEpzs1xuXRdkqAg521!f>JDi;yTG2W#_05BF1+hd7x27O2$$g)5|+Q=B4M#uV$42m8(|_R zP$!^s|KZ6nmMWONkYMQYuJ@mP1G*w5tk0=F6Q|3>x?RZl$!7L=-}qFOo!xa2JS+p4 zLy3W@Y(fI*Vw1Od#2leI&PuO%kKG&H>g(T=W&X(xeJoIC#v?3GK47gOxdj`AP_8l@ z*GEPIJox>kf37)mDGFXjep;je*tz6K&8NQwmETtHK5yLrT;ln^c53SO#%}X?x_Z(H z1H7!^X>>3u+F}Smhi#bVIb|BjtC1_4WzpVMv6&y%BQ&?k>#--}EZy_D+9dzhS`j## zw7H~cJOKNx2bXv?#Idf1s1{@HAK`Pic$V0J;I z24G;4xg02U&%?Yf|7Lhy>gprtUnDJ_twm9FPsV_c5GmncQ2sZED|UCabjr)7jy7`9 zDSG#ZZZ?zAg>DaKi>`mU+@C%{a5r89Zh-jCn!@9qeA%;n<$Q^TPHHF*SQD;NOB}ZE z07+!wL2r6hS~SkXDcMkNx0%o5&ge&^l~|VZy~1 zwS`l+s_fE#f9|lPArDUGL(P*;5HeJXKzLknsR9j`b{6{5)l^pGf|rp*P0#yI``C_H%V`Ro2y!13}dkB?albk-WB^|Zg7VA zYJ)>vS5qf9*ufA$?XrP>&^rZQi21$gvJhI(8*&2C(~$@zn`usNST1ve+iy7c?9|R7 zXiR42R@}WY{iAuilZZ@;R^ZG^D%4Oi%i7LdrNX0R98ueM31jyL4QDnF{mm_{G|-6W zdE~l@-*c5)oLA3jUyIgfqkT>vbwom^{m?p@WU`)|oI{Y~wus#rj+S8heq!N_cNz|d zCn-6H$;@qn7waal*;j)lF**jrGTHlsm+v}$*}vQ8LvN~Ckv04dpl+YB zT}M0q9#fly;z1*QIooJhl8WCQnmY7(#%_L5gSFJ7>E6uMU{@qdu9qTu0xbr;_etoN z;D9mX$a^vPK>g_$igL!?9~kl8=K$L}Bzn-}d^$GwU`Ow&JHcbe+nTZ>wE*K(`@4MM&u2njE|V%<5s zs}Etf%~BP@yx7eV3O@Sjv~pywEweeO((P1`WY{Men&GZxApX$GP?4@%#4Wva6G8Gk zx7By=T=t}_In*Hn0``@yF6qXbEEaJY#-9>W!67Z#Y!{ndF06&)seie#2_eaqIW!zZ z-MHcX?~d)I#5#7GfOxmKn4XB4P!rA!ssiA>3#0U_n+3vn_I@>uU2}&hw(N9#4Yz=7 zE?>cVz=SMVH;o}&D)Ec08aE^Dql#NtRb8du$lgxN_fDasPVpg!q;lGwvQBG{nldg6 z&*kRJ=5WS_Er$$Oo@+Nv?O%#8*vBRkUyz<9=&gkN!h~$0z9t?~ z59|&}XW=H0WDW=SxIp>n(YNfnUnLJS;mzlWPqKYzydPRcnVY+R_kSxDnx28NAJys+ z=t+{9sd8l!{KQRw%>mFdW$e%8%C3qltBnqfm;_ub!RI_6b&MIF$~mE%LqR6-lp1b% zQRAy&YJ*H~V!&U-$W`_83-@P&r&s*v+PyC|Gn*J%ds2!6pt{)Ai^pwIkS*`L;OQS`Pwy?^;ZhBvzKs&5jqP=nXBBhsv4={shupi*Pq|=o1$?o9gVCAZjFH) zkH1Mmb8|lu!$qlAX{IRVW;8|_i zVR#KUh$oS#a$B^m4!p1?V{f?lt;hyrS@`xSE=@}0;}!~HXqv@YZ*CfIz5GYH)AGkS z*z9v3ogPL7Qbjbgtd42zk$iU-nu4RhRh0C2Fo-&2EDe^yd1zyGq|4zQ%e zvU7b^H^r0EDpUZPqLT%S*h!S;d*EiK2{jN0=PRoV!G6s0h{JMvufh$)JFU`X+&ZH4 z4`YPJqicggHookqI(y;2k@hoPE{xB=uE1pL(PjL+E2X9r&PN`PMbf;0#^^n*tdSoB zc+72Yg~{|v!aF+7wOwSo&!uh&nqJx9A%M-vTB`eEAF~bp4zJXd>r?W8 zv2cT#NRI2i^}kLPsIf)Xc{CZ=Qs-1AE^BFrbf=Oy1<0c8MtdgW-q$?^bcoCIx9uT* z^KL5tlpz5Ems22x(e&#PklRRrRwSW+bcw8`CVH{o5)!GO;ZY%)#G&&ZVl9T zgTKaasr^kHZpn_`>MAkR?R`>e;wqOc08o*St-oL-&dnt3g2q^3?su1Shu18@9ab$YQZ?H-BDQJWYH39VIN>dl zf!FK0ur9|6yMSEXgr-PEDGs=c!aLhF{ZsF*hun@0xf2cYu|pa4thDJ?*T|_THcfZp zek7)I(mAl<<2WT_BPOmK;78)zBQl@5-2-fzyjvJ(9j^`^kj^gDNUoMWPb`qn2dzwB z_h$H|T10tuasaIhBFp&+zLgK%nxWSq)+SrBWF!`iseTn;I`*fvx)u7`vk@MtseZX%(&UnV?3Ez%%d;R{*g12;`R?%(B1fI~rHGl`g4d6+ z*_PM3ws%fWZrjd1hvJl9hpg=?ogswm%M&g|JOQ?6XgBWvhS+CbzZt}fr3a?d2%mJR_7zeGKDtdA4wBse9+$670w=0W!9&`uNd&-}R`+tB1 zaK+JI(f=oGtLgPG&f+GyM(FKF6LAy&d9GjI??3xrqPhON2&rU1H3cB(MgX&&6$;pb zR0j|ju-zn!d0OgG$us7+_}95JuU*XkD>CZ7KI86gB9E%Wb$2#Eo4NiklWBVnv=@+^ z;t^A~t6o(C9g?N?&15D2cHcUpsDw)l>uqFm1UJx9L)m3zFj&KMnx;$QH*EvDL7TekQEOkDy>gmZk{&F=AT!555ym}-QvBH}M9gffcW5BpsxtCvW3_yO* zbpM5dc7I@2RAGUVmO94%z0qQ;pJdtj*090n&$O<*|0jOz^&>s_&dA@2Dj?Vu>nts& zv^-tmT31uE$bo_JG`DKN6p3A;1Unmx&Y`4#LaL?~ghx|bIh_#R<>>B#*hsVC5SI2d zBc17eEIF2QVFli5 zmlYSmz##E=Gg z5^b}rEPg2$_>V$-Qjo&RL)~R+FeXKZ*G?xsU$I!qyuvtMLvNuk&{l!uFb;lNKftv9I~7grJ&G4Lq7MN>=PA)5fiL-4!4 z1M~r&u_u2|pMmpc#ZLfPVhk1}H3A$zh7W1H=z@{#t#w{k#7Z)dKGE_{FOfgn51FrnP2ul2ayxj;S=Q?nsU$4i0_x2zu z&%=Qq`St#_9KgH(eS6XWfVMWX-Oy7*0Qp#0)@@wr?CuVi0wO|Rhba8hNq<;lxh=-i z+wqfcT`dbHCMKST15_1)oIK^$_Ll2Uti-7&m9xv=$T${BuS1Rga3ZuJD!b<@g zFD~Ql6V}aMa0UgYgp7ck83~3O?{yQ&K-5ONV|#uyppmp3TR^rv_lVmHQAm}5pcOz< zx;w;=vjHvD7G$2@^7nx=53a;MJ@fcu#vCkMdhWZ^*hB$c;4S%-^vb&_Ql!`}XLVZZ zlfbT8OYfzhCbEsu%#%f*hHe2%qAHu|9gNdm6h-=<5 z!Qc_=6WF`+uOxJZ1DFWjBEKyvNvP_9x~hN`=H` zttvB}xo>tY*68hiQCnJ_jA_o!_QLq=;$M+htoU@rV;7*POC++g!6t??Q)0bod%{f@ zvgEqjC3&eCIdP=#s0Qj>t*uD{Cv9kvsO__R<@4eZ?lZdVpsmp)C1iTfsj{>AhBVF7 zZ_t3@Vmgj8$f)^c|EU?8MoUyVbIaq=xo*+cirW2z*}1dls`kr*#*O8`v$bQ$P-Y7p zx$`C|SrO>-t62vnA8HOCf} z6#grIdSb2A3st5>H@xAJuuJ0ghcSV7?ECKFTf{aDpwMcEMsY5DP~PL>v*gdq{Wa=m z{OHBkCVRnKteGxFRQ|hj{FklLQ@(e}9&e3Sc?(DNHZf@zyW}-k`a$KTigiqr@e^LY z9~OQjbkWg;qsJrh;Pm`P=je#W&`ckYrol#`0&LK$$lWxl*A6cRKhKiD+ELoHxeWCW zPaW`9OJE*d-PXp9x9cv|W~-*pcIQ97y6}kn^=lCNbS0x+n711(J%_K8@~p~dNjtIX z9_aPttP0($&J{}?CB)TEyHkwu(qc9en{%k-NjhfyQq##m-Ys2 ze~f9AFs=|xpuM+Sj&=3KMhc>KV_wYptCTQv5h=E#do$g)NwK~>av?B^e|I{@jX)ye zkf-JgYDYP}^Wv+Ax`}&Oy^~oBV4XhlNaYk}@5xaSS6ZKDnVw~+^_ma+ zMDV20*w1s$gI>@yrnIbDZEtF=tscuSz#fR~XiEb7xabs<5p;i9@gl64w<26E_*Mrn;?EgKUK6{r(rvxx%2h#xm9bfq2aL#TTd!{IuJizdm5leOH1B69YC3? zTbzEPtPh?-EfY_ksZOTjqK;I8>tSYCOf=H6(NnDj$pm1%M8q}kGgek3))*OzPg8&& zf|+TZ94Acj;p-P)$RGGDViHf1FVD*>52un`Q&fQ>A=h;k}}afUo<$k-+Gq2@iHJt?L10Z?$_pS@*vXs27ax zu|+2)cDdD_AGKFnw}VMY8;Q5*K;I`mQ*uD*>kDMc7JJN<_(>8SzO-onGV@hgNjfh@ z4B&&k&&=?>x>1FWSSj`Bw1QX(yzv*=cc?!ZtaiFc??Nu9RFIdk@lA!T@_f zg=J7hD_yNl-RM_WfG$ZX#1CxCHV|{gA*i0!LxiuUk$Ifnhzoez`s+#PP$7-_bpsX= zIL?+N`I_=)G6ZBM9kx(XBtc5P@qkudSdA8+IWRH9XU@w9%=lpkb~Q2>U%Tz<)cBDQR@X`=u(nu z58Ri_+T+hYW;3WUPc6|Y^|@!a4B3C{1tyYa+o#O8P1kv_UXO~|_zSVyRi_JHueRz6 zWI{;g2#wkV;U;}0UJx{CtRKSbm`mN?KsR1ToICRv?H8U#yiUWt-Ei?uJvmB`Q(JL; zby3Kra)ppowU{p=Jip1~6a1~14wR{nl63Y=^DTwM|KQe!c~YlG*FmdCQFx7Tk##`> zmj3vVWhU;4IR9tk@`+is*SPLsnJb5n{k`Iyk}sk}k3mWXD4wvU4ctDLLy7wxk>(l| zh*%^_QiulZX_Bd>dzQ`ve`RYxtxDhUP6{L@e$d6hf^tqXdwFQD`dr^LDXpe7b|vHH zq77L@9xbh1=A_84k2J|L4)#L==Sy}~&TknN&2DM{lh&b6xnVfu2gL0a(!x(64IfGq z zGIM+?^L1I2s>wl~Y!;Vn{rVzLYbcNt@khMim{XE}g5kzCA?dZaZ9~gq!^q5b>qOifLg?Dh96y_59_mKC*xrTkbww@yv^vm!9DyuGO0%Vw3QSGeCXt-7aZ10Q6@ zD(ai*Z9$^r>FEN9zmX@wy9ZFn)Vgs?Ttv1plrPOn zZykqh?r~hXHWc237R$=nNd@aupI_t+MGC$z$?tOZ=RO|1rYYmA>wUUL3B-NuwG@?W zA;K3X1T46=hLdX%jf=`kr)8I$7(B`;&%qq5cJgIRwhd9)<0LAi+ew4+%`r1E>&pBp z!nz_$C&LxH1?fA-{RznoWC3hQ^jgDbproYDqy7?zv94sU%QFYSwqeGl+fEo?Vs3tGi|M)2);g|x!hMXoBF=BHg(a-Q zmO4qqd>1L3*=pz&@Jr!a5hjg;!aeTViQKyddyBf?)e&mQQ@T$3rag9voL(jW7`6K}&bqc6~?2s1Qia z_-eTZaKh#!_5EuFs)4UK9CO$@Ws586nBpCC@5IIqPvZTQ`6q)0e2qX-Ld2aqY41~c zInLz#28utNBD#I2Q^j`8RMpjfoyS=1KzA+ehwH(VDH~HltbND0eBV2g>a0< zphPUi%a;5L&$NwAmj=|WfmY;XhV3fJ6Y2jKDo-~la92uRU^M>EYX77{HrAelOy8Oz zyN|{#HicY=p9-Y5U2$Hs8X8$dw!NsWYXUuEZA4wbLZhrh3-2IE@b@CO-r;Rl-(T+b zI<6D>EAKIwz*o*j#aD4?pq#~3VO(Z6mv9^(g(v278609>IUm0-z+?y;ma)qsbhA?j zI&7L;g{sDO`uhi+S%2l7{T)~fBz_OD1A){z!p9+{d_2#?>=I|3O|lY;N2*3xBBB*n z-$$ME`~!o9@Tzu`)>_vJ<`?aMue5r#tY&>_3v<}z__za}nS!Ww-;Mdp@i8s%Dyck@ zL&4=+E^$CAK&Cg%l9YvYxH{|VazHrBy9~N7+gBwXt4d<1D9PNZ-H}xtHpeWwv~SBw zeHWG*uxbKv+((>2Zm2#Y-b&-60 z!Lw!aA?vR|@P7k^=^PKtR^)<;X5x>Y06`5-QY zCp%iKB0d@UOPqW2Uy;NkcW_Xb*ZP4}Q}by#z7!%NZGr3wy=y3qT$|^jv?EAJi;P>(mAoeH$2V(gDiA#ebzHlvklmrkX4y ziq)&T3F(!F?cnltUbZqwLuWDyOC31R-tle8x0W(EM8x1iItS?C+dv;0<>+-6T((y6 z<6)bFM8e+%uhlfo`Y~K|0g^8a)iV1TFgp%YhCpj_YozfJS|p*FL`#pth7Z50 zeE*wR_~jmFHAPyuX5Q7oW0q}BEC4ue)DpUcqq9%)4x7Fjt!Qa9o(j77YG=c|_ik_= z$20D^X3ey6{dQT}tQmcnX`-O*dy!cUw*YRs2Ep08&HD%LEfH$Fk|`GR4!R9Kmm0E0 zXoU@=tcodH^T5Iup7&)b2%qzmZlWy%%AjZcySqNbZvD-`@;5rEjKYGCjGp_#W>=u7+O3AhvnTvIPULe**WZw0khSb<@^~p`g_YB_58%I#{i86Ua#fs zeA5SH2Ua`|8}Vyv&w(scKotTqoPt9znBOU-Kz3vepw9y5X#@IfR_M~w61m14_|KgG zNm&JQh5mQBp8vLFl{z?gx$ALxdz}v?k_uOq)X;G_J6^JVW!B5`FPv#_PpXSEONk9vCv3pj#mU~FF z)L#8p%jb&A&&_=YXoK(l=V0qrb{oQ`4byRGEY1}>_(3XBj`)=&14z_8`Rzw0SZBOA z#@+y(UOpV&)6e6j*^x{<{Q7R}$UQHnaWX%Y-*Ln|U2fAqcON!h5isdh1C z^a*MMC4jp+`FBp!nYBSEk?3&vT_M=z=Qy|aaoT*qTA+io%XRM;O?cqe#l*bWr%adj zvO;#7Qqzd-9>G6IJ=@6?BxoQ|wVU3D8pv{rlT!zUxIBB0XsT4m4jwDYWe~areN*t zAP&_5SfDd9Eub#RQ{}WsTh4K!UT?qwOv%&A+<5o=?EMRJ0od51<0(PZcKX6lM+tPV zo(G{nJ?AcUEFeENJxL0aYP8q|y6fo2!f9|(`|B=lJP!GcYJbhyaj@|ug_{&q^4F*B zw8zmvBGejdaAH4WE)G%ulquA4B5b2&JuZ`_xQ6xTY$?;oEZu3oLbh4X*KC#%@xO?W z-Imeb4g-uk>zk4#*_D#1?(9G3k{)KY=q~ z3FKrh8zQ8stYw2{ABeITQYueNB>~t^!}^EyKd}II7KJ<4Q!JlIHE71N59kj%t{frv z$Ra%Ja(qDuGrL(x2DEAP6g&-LI%sum2cny;5xx_%t`3LluDJ7_#@5d;-o2qNZ&ulC zVS7%N1fUq%pI3qt`WZcH5MDK~MGZLf0@KTfpTADpZ)e=Av9rj(8TL#!vT*ZQam(oX z1eVNJ^qrAx9B-I(NEsi~uT>K^q70HuzpGe^6;hMavStoTK-9R&M*_3M$)du7J-bT_ z6Q3ndrAwu!OB{+U0cRW_?vmS)`f$0 zi7|3)dZ<0?q&VN;8!fTH|D-@V0k^ihHAnIWUJSeD7p_qvZX8n_=kMIw&r zPUbRfn(E!+(qJ%!+vbGB??YC>R%Z-A458W=DI?^HM&lz4Oo$wJDW)lxih>pwah(^3 z?36w|8Qy(T8bTbpX=`)*m`48iW5~YG$FRAR9dnd#rPp^NQdVJrx$HPot{xooql;0` zqHBr!UbDUcgkmTV?D{^0)ZR_J*Z1*{GNUY=9nY4rK5dP0l@`lVBOcTIee2%9pc-!0 zRmUxO%UJAa*+j*8ptRL<1gEeeZfjAUxb)+6Xm#9ktTMQuxn+7sK5mJ;r}{(NKsO1# zym(T<3fQ|)T!PK2sFB5AMuCx8@_R<)i2kpWYh+UFM2mL4)@AX~C%&hdg4dOBZ(_YG zx2~AGJ6kH!W|-nB@&RO$>*2AE|7sJm;5;OtZztSd?}TgaaJ)gJdV#g^4;9Oa{_gzQ zOj}G%l}3Zl9k4@+jMm9iXe0CxUl&3tnh)$h2|uO6RP5XUmmW@I1Wm}!gn=n*dG(Qg zy8PmWpO#C&ABB_%!F_WRLbAzwD;7}_hVK^S;cz~Aqh_z{>SH7W<4k1wS+`V%Jn0p3 zph~<~_0yL9#=}aGtWhCh4ijs|bOPBAu6fpQX(ZW?pYB(aI%)z4h0@OQa{DZh5vB<) z>%A%TTnp>KlK-A<@Gi;yXk}1n3zM2x;W%M2_3c(`=Ydl;CGhlGXa7Ao4YG77^u#Zg z0X9Dz4%C0PvsD?paYC!)bXxz45V5u@FC_kuyV#gBn^L?_*8-101xp3mWXpj=jHsvO z$0^xjjt6`9j*4~G2D?>4b07;^Kyz$@cY7ArIxJ5>2e=s%an9Cc(X{J0tajm=T#M~i zb3Vh1CLl?%1>SaAp>br|K`XPdt*us{wloFC66*1%5|pX_49}Do)$~l9 z5BSsj&6NAwbal08Y0cLex(woue>~Msj`k_|!Og_T9Tx_=-PYmNI`Iu$l|wBpfsSdB zZ^mvlB>3o}$y@tPhavLWB zS%clM(SP=f%=$^NurTw%dg`M~jw_2GE!)G@dQqm05dzHz8Kf-ffhdT|S&5ciPO}BS zSfxlx-;Aqv{-K>P&&%V2;rDnNzpwMMn+;c%@z%H_bw9Z&Cgc?1g)f4yJ!|6wyh<3+ zbbd|gfex9^XzDoZdUut7@N59p(A8%$$(Je?D)1RR?QgH)%w)rbOQ5!~>pGTI;&3{F z3&gh49IKO*@Qs9KFxBep(j6MXa`ls5Y3c_L9_X%fv!xif55H-g<#CEZpUd#?Sa`Q2 zFxPd8nkc9h{4Ckv>CBMX(trGMwEu8G-{=7(B{D|B&^G$Sr&$IiKFrT!3*72$)pD61!4tlF#&#@>gLbaVzXmai4=vM_O&9&2C0WHMd_z*Ht{kC+>8Q z!6U07nIVBMu76fk+f+yln?52M%7$Bo_E=Q4mIn>cpYd2Vwe!7WDK>#Bb-rW&#z_a) z9F2DFazn{nH&f(RBU#C99`~X|UP#^Gu^O>aFXwjoG;a6Fd-Wv#-JcCpJIxKt_m%A6 zrom#V3)!XeWl@AfteBAVh(j)xra*fEdFY0D{&XJ!dYa=DP<(T%tI~gzH*BgQi@qUc z1>e4I@szGs+`(VSM#yj>Sdm+0zM1LgW8aOAvhP0+vFl=oH)dyJ-Ruv|XPL*cCr;D4 zWr;T>^*oHm)+I7P)Otm9x7Cn#WY0hnWtIeb=sTbK*802KtV{VcAEo~$dcu0I0XM~1 z5#J*osyKz5aFsLe2(Ebl^X*x!GyD~{!(JgK2zO#Nn_)tl!JobOp~KawR> zn)s}UOp}_v#cL;31)0!k9TTqZgG@^08&cUVv$=Cy%2KMDncL}j?G78M>UUb$o%$Y< z%M~LM0=F29;a?`pYtPkG+q*0wviWm?ircuN`T+!`*)4IutWB zB16m`4~CtUpsx~h99rQ1Qun6u03Q}LsFD`funP8AnioZu(w?nHmwcTM{Q#`5guY9j zVns`&lOAz`C#T|F^3*B6jQEGm(eHbt;&Ll!K?{p-yu2-=sHy(cs*R#so zJcQLZxqbHUzC|{z0*hxrYBwZmQJHp^jK8b>Bk7tb$N&SH>*T9Aa!MPG<+vzcW_Te% z0xamRNfzX^d1R3wZ@pW%EhCE+=J2NPZ_|WiFmc;@y0DHKqJ*ax#zF2LKOCNhnO zOLeuyZ2nampN7;l(btB)ZYul6LWmSYP`Ts!C7A&4s+pzf_pD~?V;^FuU#AC-KxfJ} zqnlohuB!E`G(K{;lrD-)H-koo)995M=sXdQG|@~S`SJA(rs?R4Gqh2$v`|yBa?QM% zhEdT5iQfzgx+_=(N+{nEj^R7`$fL^H(>I8C&-yU4I-8_(xD~YCpU6a+l$p+p6EO&PXi>{3r4<;hFgy=bj08KRNLcLEtc}3EApEdeOLwj zkBY%Z9SPW{m+ob=*o+6I+;*Z}b`*cF+I92Y1RWjq8wHj}O>&TqJW}9De!)GqjE9SF zqd3v@=OGuXJPZfIRcX?juiYDbvvRI5d0fhVWSUA~w|Qi`iV5ZGqG7UprI}G^RyUyh zaT0uT`7fmmVaKq@wNG8OU}*f68aHpG~G~T^Fu-3NQ5EBq`jS zlb#Vs&fM3#J>?%;(@0=|U5k3Ou=c74{xuKg+SqN>5=Mt(G5bPU1EK&>$8fazy?^h=Uqw3Hh0j{jc>BWb;7W?KG`0>`3 z*UXxOrboW_mIYP#37B)VD6$M}aZIkaEwYYzdh*ogKuq}gXMg;U>fZXV&EQ!ZMhg^c zp~Zp~C={3AUbID9+@0VW+?}?#yR=v-?gXbe1S#%LDDDp72|e%mp7Z_(&$GWoKDqCE zXLe?GXRa%|D=FTOB7_Jqe!^+QmaP7wyQ+|I+wVFszhb(2?<>RHcmvgn$XNK2ve?jw zahJg9@*Q2dLDz}0=o{Kg&5=hk*~?JuP5qK`DC5^Sas=l%za?yj!ccCNB zQL@_Hws>$h^S>-^oL%*I9L2Lc4u>X_nlaAKrN$#r|4g#(Q{zxn$cdryHh2bOu=4B_ zra+u?$nStl>mp0!hums~v$`|X5q5XY&ypF;n9}GY8uySR^=UmRRY+)k!zVE*qHWV? z@NIm3Sfyo#xvObT_}}%GQ1{>Uu`Y0e0SwK`%{>-jj4P)58pJ+fabm1R@fnHwASE_e z8-X)tLIzOIQ0J>Lx+5ac%0>s@${e;CO4i=QvOxGEQ=4?tM+>T!`W$LpO(i;yH8@9a zhgss9$svBpi8DL*$2^K&7KsV@44kf@MN4zwqn4?Tr&J9ssp%(2jDdWxNi(1g+#*or zn{>j{h=Houcj_6lBfQM_stN7PGj1*>Okf%%5-fN5QLh8WiS#D~=Zc}bX(yIuaD@A! zQ0UFRz)VcQrh146js;j1r*l}HaHnRlsfze;`<>pi>FlSqBXmF0RG3&%r%5|YJb1I) z@>^rN@x~wHWbjyi4Zgvddq=8soA;l@z?=7L0x74c>858z`m4>G^Ay*u{IhzoHer$r zxM4=1@7S*B3pzrQm%xJoY`)gRm<^VI_BH+jF;6k2koJcU%PqzHN^B?nQu%_G+Yxv9 z>fNqx76M&qrd}1SGrp1LXY{66IzczWjVTg+{(G3ZPQ+!#IsQ+SP^F`HR`82fp zbC58_k}m}RxCZP<4`!Ll8eWeol`8>8vN%=ec-pat1tofCyo(>#_0sj1 z2kd=z)Fi}smYN+^53r@%Enq>a8ElLBDm7EGI^0Lf-ocHc4#yfo7Lqbsi;ustzn@!s zrC~M$AOzQgucAjtBy+Cz{xEkCUkN71n(IsoDF|)#We;JUO0<*d9g_-W^G z@S0$n-AKlawzq9QJcH9rZDekvtJdo36VSe5Nz?{z$2~y+u5ios*53_X6fl?K$&JS5}TH(FqmAX_fd|9 zmNyxi2&D6aq_;qA%nFJUGLm`}-4~T$X~4-Q2r19*WZ?*FL#+D&*@bRHq0CZ~899Fk zD;&xlg8a+(tpK?HU;anT1~%~Z zD-V;I6uQm}bS{DZyM#9`d18tkD*DB_jRnHOJUKI(6((l(Y>+Cdv+I7URQMm$UK^%9 zZQvoUb00f(cdK=cMOO2()uWbBS55D=iJt2=-6GlznDYAgevg7DS0u~!ZQ~8v$x*zZ z&1}Rfgdr7vRG{GH%xI6SN;(e=LND}Q09>ta-K2O}_>nyN>=S6aE}nS1ytz9oC1zxGpVi|v0Bx^3t6EpQ~X#5!bV|9KRti)u(<_`!1^LZ(v&c95d4gB^0wpL>zgNY zk@1nU-BwJ8(rJ-PMegG@jS5_tl*<$SOftcdYPzCdLs9Uq<5<1>X2F|^?|ehZjAn>7 zoMa^rm-Ob4Sz!-A$gvGft^c-JDEW8flSa=aFfm4?A#ST=k%aSEBWIxo0qw*UO0Ww} zVcCzV%%FDK9jQ{isJqIldO#l=NFoS7hfg}+d1`k=MBn0gg80zI*OqOmJZsyT-s9X4 zZ97xS#NalWzG9>@$JnBvbA^(6qn);YfMi5EH}GPx_LZ|zDNNyD%f(*HDV)YUwmK>8 z@t$4y4i8(=ylUdA3VikXhdchJylQhRoQ~+;I}d`Nu&m!l7tqD*NwY-Zj^mF#>97`d z2B%Zf3#fOk+<4X8Hn6&eiH1fsNv2mT1>&dzm!_h`}~KWxll7V?4kB z14CAJx3Nj3Zz`#mLWpRAS4=FYw3fSid}2UOk(O_djM!gDVHz=sWeId8sTK*;`JoD= zuqS|bXgufU`1u9nlR%hZ(_rw%@3k%@enEk?Pc`(eI>llkt01g;%)%ho!t6I-~T!aKAxc-qBtWRQg)=`JsKUY z^;u5ANJ@I)P+vr`q-<_Z&GYRl83k#BJ#gbWn>+Su!4>NB1_#OyAIx&6f}$fMYHbZG zmMkUONbKtTfYa?u7l$~T1y^Ma4S!$MLcRbDo|clM`9UURnvI#-8OaSxzr*d=k6jq) znSG8wyBjp#kdY3|{QTT3QFO|JE~&8@^6}4;tU;YXYRmZ4&WT4^x zcG&5Ll7^^n4BY-`s?s~!ehVF)zJzxwq}Gxcng;M5mVEjV&hl<3S1u9QE_QR&x2pHf zXbz_j9t-rvg-{8bFpOCpIPfdYiI=-BP-({YA!RS@Fj`@zq{ zpBzM*k-hxUfWH^2fMag4p%L4IOdhV-0uLsNlbh-G=RaIf)=FY*$g>ioSI!>U@Qw06 z#n9U^&EyQ8F1YOx?&>*vaN4U*F>G+{E3uF?h0L9i8?>az zR9tNTJ^_xEJG$Z)+osGySVA_9kB-YP?%NP)qea4w3}x4y#yUsW_He<$na8@WgXnbw z)dhQjWL7V~p@`gdHTwx!ZTxL-S*9)q0rw$Awx>B~8CKwz4pY?NQW|R4!^U^by z>N3@L@XrPhIFn)28LZ1DVUNT9_pb&G$9rgHi}~CX)bUXXWarY|;UxkT8zcsg_+*nP;C)2F_)p2j8s7v}SI|!xZ(Hh`mqsF7!GWRD)J6MIPm)|JdCUA z(@!`;TS zGaJVB^z8VON3jiN*+&U##Mr3aDaF0ZMJ$>J-_W3M%Zk#8wFwCDi8(apjn^)Ys3j>S zs2a7YFLby&G0|Y|atnmrTg-zGK&m+a$J7SGYrx3ME9bJ{s#?2MHF8^f9osO|N7PMQ z67eVkSSmr>FND7&Z?(Qw&d%7da@SwrG_^~1sD}uwOpxSO?^>wRp)Xh44t`6Y(-W^B zw=Y%93B6)eAHH<&(=kPXMb>#yeq8g09Xv*VQ40-Q9-UYMlxHh%>Jf0aJ3Mn=DAW0z z2x@c{Q6A3%T7o^0n`N>)cJLa#+Fr8;Ta39JHS=GnQP+5VSfA-{O}`*bc)j{@iEpYo=1~JNoDGA*P-kUJ@^>Uq|Nt_tTW*JK&zYJq)T)5@6=% zC+g|x36r%qp!9@5HaB7M83~fnCvjN`l1gs8+H-Se0IKJpZ(qLj8-7HW#Rm^GCCX@k zC@i(Y8N8MTvEg`O>Yg`xEt$hd7ODdAIc4I7A3|^A7Pk)zdbQEHp41{`Ihmlj%nV8U zAPsp%rEH+VOB_SKwH}wZsn;YmGR3^9KSaX^OvoHcadat{UeeWFUtJ9dP9Q|g-HR^U z`g#JM@lE#j>b{r=Fo1?8snD6`i-6|ZxVm#dElNrHG{(Cr+wYtxJI zKhL6}dCT$a88KyLyP!Gi#_;;d9#p;-`*ha5s4j=Een%fu3yM83N)6{%42~ewwfHIX zmlx81p6hICNyr~|twaT;b|knWOQE>7r9Zz(<~@1gV39F-OnqyAI9!<1<%oji#JM$-npS0lcB4cf^S71`x#cPiJF2evbdm1$a`QRDR-N z!If&xX}hDU8w|Pa?iwo_mxW0>10`a;_Og?${O$M=>X1xn~Tr49iP7F zSH$y+cqd=cxg@T9p)3X)JSDy>LgzfQEs|#@2o2nS{U39pp(y}Sa46s!O58^lLABFE zvuH$r@z|xO6mAC{=vjjAl-B*jy%~Ju5yw#=_5nv3&$kmZ@<^E2Q*5xE>kC}PUca{Ss(6E6G zo**Trp-mBv?V4K{S9R+NYhsxdi@?GOvW(2IS)qDip)p*^aQG|2aZVZ5)uvEiJl*c8 z#Q_xhic${=@g*bh%~2MG)`*kYT4LI=Kx9P17o1{Ag;}FEw$A|}*u|x|UIE&lwd(O* zko7R(H>MIoBI4Vmy^0{8p#^F4Z*B;63yZHP0ZDJx*wNfsx=s+<{gC9;KRPctq?8~yVL~n~-%txTMeN*w$8DMurWXuaAj&LNGTiA;Hvu z9Wj`vn(JEsOI80atCH0x-N`rP2A6 zuHpPpe@c?^PtuBiQCJNSl9pzcC59gzo!{5(I6>hq?kBp9PqAJobVMh{998FgrkbV0k#8l}2#8SR5i=`|hR3dVI2H66bT1n&n4@vs$ zEl4*v+((F0=L`+gYaNtXiHS3Jr&+=NPDd?Wp|rBLL21NzRBWSfA`o))I8Vi{9)-G_(*N>Rh=#XXgzWzw2!=2>AT3GeEvInRS5Qr5`jGnkPF{;P7M+5Ki?6 zR-gY;Z>X6wCvD)y9bscCR&3|@QCfc8UIV2gvF;uyj#5rPHE`oapR!uVCuu3B0mL1O z7k;1*x3qq|g=H{N4Ao7lnJjxn;HefS+I*_Z&d5-t2VM3=gx&ByS@$Npd?!?FSAjpF zB^XN#OtEli_+h3p)tM^(L)t;w5JaH4#Ou{lFOc%3LkR?6Jbn+N+0b({HW0}1Z&cq` zUETSJIa2bu$_$*`%K`Vf%XQ6s%KL9eRNg7r7Xgt=`wI!517)dcR5;nlMdW<>_|ljB z#TfYPL+xQThOxHRNS_4Hh4)6X0=0jV79 z^kvF*+R06#spXw(vn)&PW0j@a)Ni~cuxvGoyITD2h{vZEhVI{al&ZrJ(v9-L zakkhQSTH!+E>2%+l{PRQ^4l%AUR+k=au5rZJ6Bq;ZD(d32*aF_OJ%6T}Vx3Iq!&uA9DE1n@ zHDfPU&tNwA)t?`xvi9%;{dhrz&Wn2*H~uRlUA1SBp3C@wo+S(jCb!kDTq_)ZWBS5a z$D>)LnK9NYwl*Ox$yu0&W^3p7pS;QD3k_=?D+yX7X`$segl9?K%$p9A6lg51A%vHq`965&xX_b}ohGddM8$K)($((P6w z;3edb#~ALyCf3#0hK$gi&4^aZv=i(Ey;SsHhH0}jI4YZKScZs$t)gXOa-~}7&o)w zZxfCB`Po*se36GbSW;DTu9_uq(R6{o)d4^ZB>0d{I+%=3T6^qXmLD7+ZoS^P>9^i(Bj5k~8gknj^hu3fz}@FPzWQ#fxrd8XK6vUupk_kV?NB zIiS=f+W!&j(GSE0P(eWIJ2l&w_cLBNit%&D6&Rk6DJpnU`H>@!mjG9L2zo%F{~dsV zmgbi&OECuCSVvc$#BKS};RquBAocUReDPw{)#&#d)MQ%gM5c@6(l`79f(M{zMhQk* z%-}bFoxea8%5$so9ad}NN@PGu?|?XXm`l)fGV`7(cFTySrFIWdsW&?o>hBdQ8R>H# zC7f<2-(Q3b;#)@`(uwGxG<4U$J;(Yd8gJT2>e&FD$8n$O?(KDw*2J^g3NvA^JCLqcQnA4vX?(vpGFRqrDETKs%v4n zGo-@MQqQl}(X9`mt+Z-ETP{+&;OK3d>c2Sggv|l<{>*K zzTt5#<8}hNR~hvYAa_gZGVJqhE~B8S(96r~sF0BSakKADs}l=-i}n3Z>ais`F$~R1 zZe-rN$@=N01G5Sbi!M2f_TyPp8~5Abvg9NBCBf#J+3KokJ8ZMS?Au7S62I{)Bs#EP z>JG$J$UOF&T4HwI{p=;=fAZMU)= zH54&4CPX-rUo|wx!yHh)eCEN&A28$2Y7xnG{VN=gaJH2p@g=(0iwGUO{PG+{iI}33 zcfXV~j&Nv_Xs?Rw#ztej`jQC}UP4hP!o~|P-dy@`4v0K@r8XC_=7S$XRFOVhs?_t+T5I>Km(qvTcEbvqXBl)xvB ze{{`z{5lp&YRbVmJ3f!YY={11F})h{_$(R2^QKmMyz~c!KFtAFcy!?6M(lIOJ*+#L z9l^dgDsIHl4wWh!YW+N|WZD@|Ab>2V{XcOUj#Dk#oyKnNuC5 zbC*Dzt8*vr{)DW|!hgAGW_j?0ATlev0 zN7=ca<}nG5+wiwOhnP3lT0Sy+Rs;&$S63cxbyjv$%c0YDa)4CsnAqzL(eraAMM^uI zA&bvax+PBPA*wk}TVL;fijo4Z zasSEO($1jN=v1~D$fTM^bxW;&|ImNwJ6t`Qb;92Rm^n!OSbn6(w)X8T_x+|{^TMws zvTK)Gt`E{oQYcv0V`tal$r;+0?54U$akE1eKs2&4uA^X_H}B5w>_2&%{6>k?PAZIa z?b=pVNS(4!wWMZ4&}9@zy@pY+w1tE0CunC|EuN2t%N)z`NrJo!K;d#Xv+c3)6J_Gt zxq@0j zLZX$*-kyFf;!nQe$kLfBclNzEJ~i0DPh_>x3Lo@o$0 zTdqC&^y!T3lyXF3){e|upjdVXj4m?roDVVwEABmK$vLmfx^hwlsCsIYoHitHu+p2> zt+tg7wh*~evi1oCx*9Gdhu4Ypxka0s@DCJn>f|WzRk!vezN}wqUn5u6cKB<(q_*Mr zJR2aiQIk2b?ynT;uZ&m}R>*ZiCG>2ATsap~fGx7#jRibQ$#$GRFCRp*^`$|~kw#y4 z)^l9xSK#I?_F2XsynERxjeYDfb6dHlnEGdo=_*L%ahe)EQ{`94P{RF;ys{EIjwuhE zoX!F^PTXLcHPhKAz2fGbrI}kbt4V!|vSt}sn4%hc9X&%a_AuW9f{Uy-*C|bKNsUOK z`S_RG)I)U(=Wzx7#~gZ6${h8IigNEJe@NTh5wm_HASCM8v&&{Hr2FxvrvJFFm*{>! zS-F-%^F|(a-#)$i%0b`2jW11EeE4(WYT=vQ)D)xJ-+cYm_MCDMTbnI^eRqz znB-f=ZE0^o-V$+q=J_%X=t4)z$yfT4Nr8W00R4HOi6CNfd{@!-yD7x2Gx8b~7)hBX z?&Fy}oBYd_KJz109Vj@c=lEeAl!ULoPG}`;mNGjjh_BvPGZ;eC?WCj{paGa>Mz>d8K_-` z=3lZ(!R5Wj%X^<)bg!QUB1pe)td!|+F1HWYZC)bSusnQ zQ7{1fJc6o-vgHVW9KOA9`lUJAvR`hIy*9Wr(H$0|w)?aih3p_mT&0h<4aR%=B6hhWS?9Qg&CG z@3?uzhvMfz*`ZYXg#e7ap^@kQs_0ZO{ad`kdev|F7{BU7*FqvgWutSNJ!mUGkqD`b z+|05EO6iI*rf8v5%?0)9Tn5{4!bd^N1&hxGwpZcWK~~S!6c{-kH>M%%>3vt=e~s^+Q2( zaeIa=FG3!o`HFPvwfX97&$Q={+Fcq#U&ARlGADxGn>33tAQCi0mF}PtZ4Zakm$JbK zM}dqD)@y61)G*B|H$hmopw(JCz`@cVJk4tuqHnp>OM=ORfv)=Xb_BH@S@gX7oUH3w zP{By@sO+5mM`Vd>d*JuvefcwTpw!8&xctXXc+HR5*M?Ha6(G@b?%}O^|1`T?$2p)z zfpd;Ax_Kj#AHsZ=Ym9%rt(oi@&ihm|aq_uff9w;zlMTLna=dS$0Fc(BV8J<=2&z{H zEI)O#iWU+GUam)bIXoS|G_P`caY|@2AeL^_o`8tJRenq3i0#)-Hj@j>aQ6smMOYRZ z_P-L^^b4YA&dcD%toqO@=+ZdT?u}u`Xb*i6ARJNo*37sOvu}#heAV(CEPs0+D;AMD zYEfe|W83Ba?8ri^%7*s=8@^xGcJ)QAkSxplcW;?qn;rK7AoTPgbCkdB3|Jq9)#JHt zsiQYPXyrweRb`<);B%|V{D(RhuZN+Q9(gEsn5Xi_bZT@bV z@KtwJ60-n@gF!*m+lLuLX4^J}0IyyFAUnB$#Dhke+;VQvtLK*UxMn&yROXP6OHYAl zsNt0pSc_#r181WcBSVX*&O4jkK*7u;M^u<(EGE!<@!DehR50GzjU)08+!yoMKS&w_ z8O3w=%}^8o!vSFTPM-|ThNuVGj`V5(v7q4tIv|Pje=ce{K11V|GkH#T1dk35D9Rx& zcQMn;|K4hz!5{y8IV6!_q;C)RF2_Ru@^aOEp9e#9qvJ@m#BbG7h3l@J;~61Fi}|v$ z)F;_9=TWCHI~v$CluEW=iD`it4%@~3!%{v3W|-5I!tXmtY`^kW1lXY4IM3CzbQtnAMFeTD(rI*MH~z+j^fbAy)+Rbo!0 z;}cD}zt$cBiU%87n4fsi6_H7hmoesF#mWR%%OjhH9liW&_8k@7 z&}iVALOS-uWe5@8^?W8@*HSd4h@9XfXUjn=I%3y*^ZtC7H;%g{wt&XSRODXp=f%ds zp=^j*ub)J#)#c%A_Q!+LVmCR+d>THGH?YK|4vkUyZ7g47-I8rckX;4+J<7E)rdil3 zNsjbJGKrxBPrY-&TKC-XA%m{k*MIRCnwx#ng1fm&Rsa&yxB z4)5sOk3O!6>UT|){zuaiUq8}==6ZuKb z#%Ru}IZ+AHTH!B|$Qm4rU~N(=T;Cx-(o~e53OgbjK55gL0G{>ilMR9MWp6tB*?>OU znAQ0_3`HSLJvx?y4rH=gD^=&NJ+-T3-F{*B=<`{v=03f&MZ~P}%)?9w%EA?El}S)k zn?*T0XwmgRg0ZQ~YCrD4mT|iok0{A14f3_rR{}{oSycE{@4F(jEcOX450{B5hhMM=YXk>J zWK$c(EvfeaR&7!lsv$xRl2v_<%^5p_pJaWWbu?Xs1(Y#*7Ydm=Y^bn{rC#7vY=kRovmgG;r)#wB%hz6XooW~2bRkk#L@oi* z(0+NBGPhqOZ9_#MdK-&oDr0#^NsCia)@woO`|_=Y>I{2r;!CtHpA6UoyM+ShmhyAw zlhfd%EIjRzYSYo>T>CKmAf>f{IXys7FaH6biH^3aNp7M zW%I$vhBLoq(Z8s|AoNt=wzloNVhTdgU?IK{BIT&%Tb_;Mm~Ql0)$l5>x$@gZWMEyQ zD{S(&4XezdL;F$pp%Zt0Yh!)vgg5t^+^HAO4l$?00886O&0d_1;5R}kq%J=Xn|gHhKSae)`bS=w07y!psdD_c9sT%` zU{O@=jw6V+%fgMY>hwYhSHj5E%KlcTpD5zb5O3wT??{6^b~4NkDXwtW_M&36QCAP0 zShU6PCMMk#;cyn!)*shb(2M+8)+8Dgw{8Ess3z8Z&9Bxzqauq`L^2Cb8~miCA1B4& z@8#62O30G*=L1m}U3C8d2b05Z%XH$Zz1`#f`NAlzwaOpTG^6ykPL)D2*xB4Z*`J8Z zd;-dS#ndTx*enGz$?igVsz_lCqwSjpJkJ1Y&y^^P7xKet2?(;=NonNF$_N8Yq!I1$3{Sgu}gUZs$hR@f);jF;UC5d4FSja54#gP8?*Y#G1P+%NiL8nw2k zZ1%ZUvaOsdJu{M61s57wly)I{4e!uzJp#85-Cl8!=Y>NO*6kUdq=5FQM&fB79SzM7 zDD+3|5hqIW>(rc5Z5zpt%tFZBD(C&zt`%HXxx``Gc(RpdCzu+xeC4>`Kp#_yA6hK{ zL@wS*xZeZOQHphU1g0AECE11DL{Rf0Z@%pX?>OK^M;i@f|3>CdL2mtU%zLmhIpXo1 z>s^p$5b9s+Y}r5In$vR`LgOxMICCWx4L1QNF!R6=mgu5AadrbfR=~}BEYcrHMIUEh z_dMS_D6PlM)LCtr6X4bDg)k+1k_OkwppRI6)_W#A?0966Iw^=2gD`(ewqedhr(wGT zDB@6`-bkp`*G)X|cIJ)s5Vdu$zi|<{ohF%u9mCRG7Fd}incpYX3?d0HW^2A(9GT?p3IXqdJ!SB=pXu z#1m&B**$M64_)ZXM(gs1RuX>fXf7Ww$L$EYv-6$k93w?2&_%yM5(A#&xICR7PIAbPYz0382?of$c~=$>(N#9 zu5twUr9joL58mHcU#hF-v5%UA(_MEQ`GdDKxP*y^ndWq+&H^MS?o#O8FQh7^7QO32Y<7cVTV$gn)PQGpB4e-)HP8e6*TmPgO!H zD;)n}7?@NRRD3H;RR!asuI-R|KJ6dA*zx!*hw{ZIBR3*0)FT&cKLRKui*5n=^eM~*!Fr8cC2C+D~`p)5S%BUx@~}ZdFj0X>Tlehk(a=26kGkI%z!~LN+ooX*(7`=DJG)FVoLhEYU1p zDkVjbKvfYq2LiaG5#dcv_Pza7@{#Zq47LKg{4{QZJ|7uG`#JLiol(eLr9H7vkK$De zZ$eH^%o&L+I~Ib4US=F#JxVB^6_$Hrlb85o79wRq|Yxpo?i`2qOU?3QG4uSx;3btY$Zg|z1=H{lFKDB>H656)a zt^H+Xg&N5hq?!|V%l@-@+(29J2@gc@LZbGui4nl~wvIK^NEBcL2?4Dt4`~6t6NmbzyN~a z-kmg2R6LcBg&^)^Mn%I4g$`G(ow=;;E}i-&lvSIpR7YfFH*RA56T8yh>Byv|P z4c4t+UH$t-z6ij6YV12Od@d{|wsPM;Gz5Iic*4VH2%y};)ipJCl-k)2dsJwdlk7@Izmk3RxTMcDG&BW2I7%6_WX{Vn~}f{BX=|Jqc3 zZw~qoS7$J75cO2nVq{SQ^*Y2^NI2lwGrU4xF;Ty0wQhz(1SK1wS|l}i`}{U5ax B&{qHe literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-software-page.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-software-page.png new file mode 100644 index 0000000000000000000000000000000000000000..b3fd3b18a8a7c432021bf5f78918c9e1e229ae38 GIT binary patch literal 57992 zcmdqJcT`hb*EfmC$^qI!Gr#s46w|j&zlSh%}``=p_&!AiajDH0iyC z5~Q~fdVrAd#pipD&-uoE|GDpY?;YdbIR+!F?7df+d(OFL`K?6iYO7M*WV}g2LPDXg zrle0oLMBQ=a;fP0HR3mNS8v`Xe%x?Z1A38=+++X!cS&8JZI}2ZnYX%@GTAaYDb-~v zC6~sBBqR?>)RmqYzRB303-rFfl7_)$i!*qn6;59jq*8griAH;EKUK`vy#JK%$`=~} zCHlC|t6mA~C(og<#(6zoPP|Ndnq2$YTj8_<)8>g+e zYlCO+e|*~0@GjiI01IFoZ*-&#i-OgigiP$48u|GgnT@-_Ei80o2c<#o?(Vw8 zdH$O|=M!e$i2vOpehNJ*zVWB|u!w5x>Yvu<(d&+v|FnLBu8Lmz(^?jJpZ=#o;>q|- z>pv~Ym>iBjt+yGzj$!Gt{oFi!l>}I1#z_5#g4WN;Q#eGSee|SDP@QI7SLd6RKlh)= zNc%kN&$3J6b2dPK2o7+<$iZvJvfs4S0I9j#r%{Cw7)mI%{mG>DwRc;J`yXyv&uj_H zuox82hm_Y?=E`yHJ16`&t_DwVR$vZ#XN`A4sihR0jw^Uw#Xgqp@q+Voniz0CAHnqT z6Tw24F@KM{P~+3{KD`o~7r$u;%-Gz!!GSREU1b@TpOx(SX6KRQn0XN)UDG@mBm|ig z@M9;u2xv9d<9yFhJXZF+JJcZT^08uVl%wI(PY^Bo-;0HflgX|sJ1W#=}VN=+2L8K{j__+YC+4R?>Fr1Dy`7lzY2V={5=u+RD%PyZXU~Wt04QDcm1rV z8BYqDXk;B_#_P>8%in%kJI%^OE}w^P((t?mn&fvKo2FIu%6wlLEc$2~{mnARqbNyv z`+P=MJk~{;cC$vX6)s&XG(U-~8ThFi;}R+~pOO(=lV2&*x_w!gyjq}u9Y_}W*b%C2 zbGxg$0ew6x<}WhyTju{o9Py9dryG4R>Wu%~DHFq`>5Cj31Z~HUK}h#Jizk}q;!+&C zk1t$o{n?Z1YGxMstU(p>^X0k7$3@Og)vTSzjmdk-EBCAV>>TrNJKuAd*xo;}8pcK& z-Irx`n{^m1jSRN7`!-=|n{+1HJI+xzc^(a>Rp;(V=cXQ<5%|E(l2Ou93b-rIKNnOA zdLUlUK5Cy`=@P7(IHl=hDl?hTY}#TT=g*=UaC^|#W-6Ocb_c&8mmJ?q+BLb(*S{%w zEnd#pKHGM)zV#YD?O!t7eO-Gy|9xXUXVphDKMu^&%dOAP zUJ09+Hh*Vw5YT=0sx#&9*YbAo%i*(rqTD84qZO^5lzH}P>Np??Al_|nXHqM!76XX< z7M02DVCyTH_R0xhus&H;(1qQoY`mza{YlQES5YeKOVUHF5D6d7b#Ezid67HLT;kwo zKNHSWs^2$AH{Nu{x#HwEU;nUDi#*?S+STSOmql8CZj9Jh;4ZDz`NgjkzpgODFUIIw zZ3>x=nYWtTR2K)aD%9_uxOJlrku?vwdds!Q`xa8?1jPKUQc4m*L8pdkffl9!m#gc2 z`puob4L#IM*})^nMn$zlDe7^D|@)gqqjewt`kb$Hw3&d~9s0P+>{i?*rgf%!3(S&f06E*8)E1 zy8{a^I~qjnolP+@-z3{I-12V`N7`OByJ=YM3v=wdRk4_3bWP?Go4S6ANb@kf46aqn z)aOG}Y^SWKANaxA@SWCVOS*QBcpjzn5N#^+n2UA}uUv)Q3suUQiW@KVhTZ1{rWkK) zcUc>C1}K(NKZ7eZPE05RWpBMIf?1g zMlh1Tuck5tkUm&{ZPZ=@8Qg~4y@uX(?t+9v-_N@smv5+<2G7`Cb3?7GZBI^D8$RT! z;#lvo@t!leStb+h0ba%^|TmuG(&64;)OxBUQG2VKSUYV1~BrzgAM+R?2##_w)^Py;7KIxt#$x5{|< zYk@)|^Yv~0HKxk;B_W}kOBuG?$$X-kWgG_rT2v>u#6ht|eNM|jP6@N}B%Tc3E<=}N z_xJ4sG7w*@s(DT-UhS)HXzLPz0v}kUPdhe~YFRt+qbS3(x!Sa9!6ljL`gbZiUs3)t zAgj196FC+iq#n(hD8HosTawxf1?0DEB=}#*rr5dF@F?EPN%BdNT92pDd06FEFV(iP zuT}S6ZBM97R=QT5*f?&P6~?^MKh;)`*D;WJ$5dJXdL1&@jxby?h_KHo0v-t%Z*E{h z75&?ST)qt6$N+xtP%_GfQ>f%Pjh0e9ZswPC2Lt!zJOrzcA=)0KeSJcWl-1tO`U=kb zi3QOe1q)@=G?}Ihx33Z{iTX1OH{hhZH6Yn5*z{a;)W)ao8u}aL3&Un&e=SahmEOL7 zy5suYt~3`d%8}0M*#2O&&FAFg;yzwHn5H;|rbX6PL5SH+eNJI%VA)?uN9yq%C!6aL zOlGQv`wV|G;DyXaSUR_EKT-*#$I~EL<Ie-0$us6&|n<;oc31-(6hcjx}9Ch^W zFczBKX3=AN@ZvtJS{hFV36xV}>#DL-MTz>=%ft(PH%=I`gTK$#s(ZDXUfK)@*SFP$ zd=_fhNNe+XqmQ{D+R)}|zL@BVK46z3leU`l z$2@IXHM@ z)Q|yabo>iq3?3hLEbqN}T^Th4b1>NtX5V`N)m$_^aJ759Bo^~6^{NPa*%b06}7Wjw8 z)xKyS<=bYMq@Rw_T!wCTRL#A^5IQ~0PuolF=V_m?oEHG?dk!f^Fv`X-_uxmhx2gx( zCMF?TdyT>|4{OpYrx;&wU)%=@rR)O8Ui%9*P*{2;`e;W%1Lf-Tp%AI;>ud5VhLN$C*0pS(mu@6J+~uZ- z7}4DWkuK@?t2&TDOlNAk4LYlT8kf6UCy1q`xp)fk#gIh4zB$h1b%(O>t4dUu#yq4T zXL_iUKL@0K^}F-@+c*aIM3M7Tk!r{AWCnK2%u}O&Nrq7Yw*lp}lNT-ccHUZ^?w_6B z8rxFO%&_*DOma~@qgw4K;Q^{NnTQfeGN%>$J0otpZE`kkp%lvLB*24B!t!IJP$4)bH)M-+cAg#)4< zMx>>=>wkYkLZZfrll(_m@bdnh|M>tyMfcA}K%$`i`2Uf3<*gugxDplP_h+PUSD*jC zFzg>jzRmdWuF{Gg^T%H&Avux3=>$()s0Q1~d9MPc#4*t)+5e2&qVwZw2t{2rTJZ!Y zU9z)69=lMW84n>a=tj@re_}m)RjUzZ`6d%)`P4FL0*=ihL!JwCzP=ZE*01EhIr%g*P2E^yej|Caa&U*#GS%k&tAVZd^_W{Zrc9 z?`96!Bjn2m3B3fb)Js~C|C~_5=7qz|AZoNORfT3K@t<+61g#4FP-1~VMghlvdVh;X z)P&&mPRr>-6bx7m{zwJMH+Avi0n}~ovok$_oVP-fz`3hQMV5$!gv6V8(`yS}oB7s= zQUA42Pz(4^Z=OGH1RvuD52r&JZsWVtq_Ab%Q9b%0_x`N%o4WUhfwNKhabUj5m47bs z|3;Mk-xZ&K3djF1hkMy~$g_X0Lo4<4={$ub{xH0zfS4y}-E;j3Dk}ooI`O$=wJ{|}SHd~fSD2d!;6xh$25 zLG7NkFTQ2?me@;06@nMczc!hum(0mYNTOwl`o$4#;s@RVniQrLvUBsm^--38|2vl>KJ zteSM(_>SV70yCl>eG#=od0DY}$gauEj|Od?Ihan6(iu0)(k3q}oY0%^Rj4)xqUJOdkr1 z{GVS_>2#7&mo_Sz?lKD16qjor6#a0X(G^^#6KW|W_Pr%RHjAwn!s0(jr&1ML_9k}R zV6tm&$+_nsS_11AtQqH-Vg7X6db0Cjk`UK32rdpf)u9TP}y@NnTGQ#M#s_P_~y2%C{~rTT;lBpKiU6amNe%_*??4npqc#`mQpovB6B*6AB+W+izpBL5inq_K3@ocpa*o>YA2DPjPTzcz-k|O> zPsh@)3cfz>WuFhpxH zhEd5Lc@}Q1zVoiIxQnqSO&2vYJ#vn{4{W<1`g&#yQ1?~qrZ`Bur!@;LA=#ZgKQ8P zMz}d8N}<%K;(-ZMki7?6L^c@a_!Qyrfu^+@N$G%MsyKrQ`vj1TN2s=9YzqIzAhl4a zfUT63nse_j8tbA)mz|s(96l3MYS>j$AJ;5A7LOPmi6Ku*TXJ4Kh@Lv;WOw`4CN_`P zj~A)cr`;TK)sg>5RJq~KYfESur+A9&Xtesi&+LrE2Z79dCp& z1Vz<`#|t02kyQ^;uK5i=tum?JVQEB?5uL9f*59h*m!oMG8>(0>SaP!A9ZmD{0eMx znnCnl965p}LzH#Y7^fjqnCnh?+3Lj5QI7|S1ZX#Nw_Z~Oc7m1O& z>3I2hf~CeCP|EV>V$GN_R8hT{8o9arH|j0a@Do@Gzh1&A*3o+Ut@NA(x*86hyh0TMwhFIFgA41%yYKHh&&+fC@H%U5f5^)0^d%-$V{RVN7Tcla zTy9DE1%PoDK(~wc#-%b_wN^zFCv!`2{rwO%pb|4I>tRz{d330XSwiVWF0?@`6d^9ZqFGmR=3}^+6r-3Da5(+S#AWY$z zEhIz$B+>P8T7c=Wz$mOVZzP682 zi})e0jKK^;ZzW6axHK`hfKz>@4l5&h`n zin{5UEWAYFBZL4fgichbYIcpZ=cy$}1t;47IdWy91o9Mr`o59R>ae`WVbTmu@rnPw z)Ys4ZCZb0oPTKhbdK8a3{7g$cUa2X@RPPGiW_b57kI zHi*&humuft8^n@kg=8$s49B}>2U;SYo2Dp39Avzt33KT?IH{TA#*X=QT?vyFQ?WX@ zUS>5D;DC1Nd+Xfh7!9*JwL>o)qr?Tc=f538iQ`Dj?JVR(qu6mZf>RJuCsxJ#af%nQ zpA(NT*)=Ew2HVr-C!h>9fh|I=Ihq(u1j!K#SMJCtI9-y6mI42Z5Ppmf?CF~Qg`@>- z?dbSSqm`a|z=c*V%Wf&hf&uUS5zX|94)GVpA(pKW0D#+Froffc5z09C#zHSBbCi2i z1RX|+4mFMs7@rH#B_Q}yq;E0kb$uwljB2!aM}ClKYy#b!)@Qpv{LLyzQ8?CbYXKLZ zM@HM~*}7^q3k|~{L$eKX84S97S!{dH1bO&&=P%8TmH-@wTn6IImRPly$Hm57)y}{2 zrJ5y-D_<+5co9Hj3>6Df8dw?lS!#DJ!8r4tG~M-xIlHaPx{KPu>K)Hu-gEdYlhE(B zNjKkIh#}La zaOZad89Hh!Q#C_)lGS-ub|G7E1=dw8i)8_O7NkpSX;@F*7=&i%;Wv+`{n-f=V z4-+}|pfldtoFRZ2tGu<6{xqwnosTgRN$C7 zl1$H>?kRcEPy1NVl5679pnF$`pro9T0Jt^O-p}0joWHp{m{$oE1$>uI6%1K5art^h zdrz>CSn(pawRr{6XS2%be=-e1KTZ+fR!H8u_MW&s%}oc|ef5)A8vBeN-|?fc6Wi9J zi1+t0PTvz64;abfq@NMZ@aU0U4M;^96L-G*+Zt)_z_Pd#!Lx>1OW}r$0P~+3K^gtt zS;M6c4VtBSfbxTcb_(I8IRO`9M$<)9!`iOpk}jz8J?m)|G8BsSAMwyN$^X!~U*q(p z;PF5|dAZ=@Ijm0|TJzp61FG0pq5gZI;`ialHzU9_K9>*XN2VlqGaYQzn!>hr6wDT{ zrRH`Owx2#PiN;a&Zen#lV4%@e=N2M;V2Y|u7Jco1d2^>fe%E_dN?%s#j67mKRoD-_ z48DS3`J7lGFRi+7VVMt-zX8R~F(pmnos{_-jYC5v0uW=9!s_VBXBsHN z!OWk6fh0^nB+An>pF`dh#MFR_S^A15Q5P`bW?QcTU3%*3wt8IykZ|@L$=%BaGzR-~ zN6Kp$~)}nY&nrU5=LMy@1@=X_*16LbdG$Nm!O-EtQ5_!|pwmRLgL z?ns&f&?xoe5vx~$4~liyJ7nK1_+oXRCxbORmW|*_QPL-h0W<~$Yk2%M<)zA)_UK(F zFUq=RWVX?uD)Z`4 z>&&K#j#JudsYI-EZ;Zz3w=IjGEM&_CfQXP4}#`Y(V+)e5( zdGR?>65I|SOc($PIgXZedcvGpUdwmlPSlW`M=H&U4F@85$>AfNaL~N)LMv5{&{Uz1 zTf1SxV^kbh+#t~x(9QS7ju)>wlp1L~yWHm#~C15Yd(KS2k&AC!V2!7jZWSdOnv6X&Eqa(k+n#Gro`@YIF z4Xr@s_<{W-O*+exegWPI5uK-k$65NjT)UGYvMo*s)-`XgyC+Pto?q<0{NUPGmpXW7 zan|LupD^*%`Z(=u`ukkT8)I%nwZbU5qxX6TesdtyU@{0#<;O6$r{7{O&A0_4XS4c3 z5ptYOfJAWf&0E-SaSeAJkoa5O5_30iqV1uluvQ_ z^YlBuHP!m0N?u92o&2cd4Or~}Dh60*yF6p{)DJeF?nIU}@q(eL?3eB{_Q`N>o~Y_h z(D-qHXuoS8nw;|3+)4U(0o|-@5W2#HD5$}mqbqdW8MNNO51YRUb$Jx6JLO7tnh z<72tC5Gje9u}5WbUo4f|^m~3x?U6eg&@c~ZkpVUQzRU&w)m}I0q8lUV`Euh^L!$! z6Vi~pC(#9w4Sj_(?PpYBYFXpmdHcmUQ_S`AJwtIP4G0sjIbOaoSTTmmZh@x`ukNCs zB9_$TW|L_Upu{xO_4up!y|N9(bQMYd%m7ep(V5DdHX!ogYhTq43ou!lnCC6JM$8Xp z5cYX$cga>Z@oN}|@A;3ytwIgvD(anr@%^T?73MrCM!h$A?s2(iTK$5>ZHBuSmcvJ$ zFr9sul09q(Z{iEA@WFcU8W@jtvfl8@WDg6W(6r7Mx@eZf#eZGf*!HVhrj7`Y_d^Il z=WKjt6p}JumyHjIsliCPL>g_5RA~5*3IJXjR}(fmJo|S!$)4%Nd^9!p>g%Y%*-9@# z8+uaf+ieC{UMC7gyWHkt-BQg1LSXDG=Gs8+jKWWC(&PJ%V?OmkDs8USK9wV);z`V@ zjJ{m`Wzz?#kc`_rVT;`3AHau(K{KoY+*z3ur4Ca+oqzk&-d^y==>Fr|6*MqCMq(}b zp7l=NPh#EMYgVFHG;M`4^V^nsUjcL7Z}3obljbRhpax+&+dePDLMaz5=;Z8q^s1T0 zs^z@OD(SnJk4#{Dmb^N{S@2Co=Eqyq!QY#P5<<-E`je%y=b*)VX+)3OzAu8wz@Zi> zCLv8U-gdI8rfxO8Kko{53aG~eO@|z#`us^$AD0Hp_376Dlfzm-J5GjjbkkMvK{^bwGXa;fviZx4faH|mX}x%k$@NMKIarC< znoVC!<$Ne0^M`=AqlMEVJ>!6ct;V!fLhJ1^OxvqCV}?QMkvfNE_G?96b3c^T+`~;-rGnBw(5L`D ziG7!{7d%rS=E**sWkjVosahM7_i+hSowYu&#ASe(iMd3dID@^@$0@y5M1OPDd^Y$I zOn8lY;1{O-eJ^)mirKiwo5Q6M=$93&VciF>9q@A_ykgIW90|#{HHtK1`tz^6MyI1v zfm-NkWS7t6s31j#K@KQo4sy}xQ)x$kDJ`$JBI)9L1Wg+L?E~q_kgs1=u=U4Vtsk02 zu-zdW=Gol$WOHt+<2UAa^E?4o`=1|#H0xt4)M@|fOSr(vPvW~UMhAYSHJc}C+)v7f z;~vyx9}NzPl4Tj#?{=kgsFRKY2;(8)fO5?)KA!ItGeJk(JffQ7Qhq1*9Dspg$%ba^ z*=3yQDv;NtW5lLtQ4QPPiTPIS9#X$(TaT#a#iJ18YEXoz8({j!U6)TOc09zyogOSe z60mA^hGy^ur|gV&in2%UD^DluGl#!#bgC6JUF1#^@mA-<)TQAjD{Ps9xV@@uFZ+~; zy2@fvV-Eqw(6ZqsMP%&+l`Eoo+1?`A7F_nwG2+WRD$!n1u%9_rq?Gpo4R&^VjtCHY zm3=SHNlXWPFV)XyhE5?K`>yERc8H74G{-j3Y+OHmih!iRmF>HuiMrs1+O+}{k^aUT zWu?XmyC8HNbylt0w^QDA8o_SKr1{=9p&LwJo_To)B?53tdMs5Nja(gcUj`!q1x7^V znb>{xLwhdt+zFu&w$H%M=Mz&h>3NncG^a) zqqyRD2Ad2*QyMivojjNCi+1U6Rpu(P>{KGt^F>?WVyn+GSm(U2+p^^R;UIe1dg?^RbMZdg_s|4@7`86= zeXA_A^F1-g7`6xICpw8oCLT>CqFis{!W6>9#FCxn?g)4tW8RMx8`Yu84^flQ8SzA- zCeXf-^bx%^7~fr38RNm1d<7Lb57Js(`^#6scYJI@Nfi7lT9bbsqdh41;JD%Qhx%o& zpwKvHmo^EkPj74JvI+~abd>z37)#yzkHQ*tG(e-uqi;3fIpsPzsM`_xisqg587W5r z(JI1CMPpZ9qW8;qJYnaYogMVi~DE{kb560vrMU@!aI6}&_oF3D#;VsWJN{(n%WPm`a>6N@JQrvD+_Dw=$0 zj)a6BdJ4Nhy%GOaFmv}D(b@b59vdx9oP@R+ncTT^3;6G$NwnYn*DvDl8(!S$gZ}A) zf3 zAWN((z`A#qZZ8z;G&oez$5(;M?hs>>8_bm>Upr_bq={(0!J3r^m;cRi5_-C}+m0dA zMfx~IV7|)Fje0#7FT#bd2vzi%i(w$UdMUu;^tze9ls`U1t7(0ry;Z^mJ&YGNe)GUA zm&g2FzidxZ+E@<`aMiuJMFi$5`bVGb0+&k5TdbGO; zVLdA)W@zHTZ2Z)03&FB8??_tWy4!7!AY^@iMnOrrnRSD1`CJzaM&sSvMx`9x))p3W zESuee%*0r+@Oy3-3pgF8EH+TM6#CZ8?QH+{n+{SlP4=}%?eI8ps&4BFDXuUOfyok<$>*oTOPsnGm z^;gm+N8+@;Z@C-Kx3d6|RkeHZRqD3RD_ju)2&vJU!CFc;1_OKMPU}^irch6g6fly- z@gT@ga=M1ya5S}X|3SY9Ar@i(Nx#J|uP0mID1Gg`V z_^-$qV9P{Ioo&{UPWo#Cvf1br+NvMvGc`W-ffr@-UWPiT&jG0RD<~`+0u!h1{DV4w zJM-~VoX zziA#o=@ag%r8nR`SVCi~os9q_Wagk!f{kXDrVF$cj3OVx3^cH3bQrV#yMypIMi}sxGG!SBACxa{pln z!N}rE?tSO@Nollmum659Fh1`S634bTeYSjXjUN#dRcF`Nqjgo)cre*1WMFup@%MRx zf6?2>S4z+Nl_s*1zHHba`*Gl#{fEM1 zQpNIj--GL$H2PheZL6de=-ifMWbv)F<@sRrz1Ho_s1cxDsq1MK!wX-HZycAaO6>;| zfdnzj&hhDx$9EV}Gl5mSSDdeEtho@NuBZEVdgF#ZrR@mS^4M8sKe7H}Z{H5WzL1K> z_={pyZ?gJonLTXZ+ITZt7GFH%TJSBG6rJJ z7n(zD^kuk2^iit9NLDE(oraxx+Pph@!DtdksD<6p<+&>MFIrsFmlWM3Ck-*xBYiZr zm%Ss!q=3*)1YiBF%Iv%B4)ypdgTRbveftYWV3C~>^vG@Nt1vIMttTv6&rd;^YTKs@ zG#acuT~(zuxAh`S9=#=Mhzwk`HbsK9&FL|WO-33qKDt55=%ye{QBYgt$@Em5E zZMZXjJzes^u@(REXqH{hV!sG-8ZeGJkJ1OHg=u=+`Mh5nv&(|rFYZhis+-$-8jvbcGgKHsUlpeM z2{T0!?z$bgNy7#etcU&n7G@InCMFNv(OWs{J46n;*P~BedP3y-UqmZx9Mn7R7pSL; zfQULaKLb&M0*eftTh2>L*!K z#mHq|KoLxp3{xpA5A&?+cIgwlvmSEW4TK{0Q}SIlt5K!a)Gsr-@#$}4(Am3%9N7WC zu-nW!kx8#3jxqeGckdt4_;O@{NN>b1e{0_-!p}BZ4iF;q{eRd@-Ts8=9{p)9EdP&S z-;i`F`*~sVr;!9>>wN9=U$?F2vOIh`r|q`{n3zQIWb*VF$e%GuzG^YvC(=$7VI{+h z!(3t1A@H@)a!CCUsAwDGs~7vin^nRWv%v_ zPN*s-w4d@t-MJ~t9N47DNqaENDxt=tOYYnxAw@mH8#aL36@?2OGu`^LHi9R$jheN43mFTS!abpk5}{*v}DZm9%*~FctM5T%1H^bT9;B z;p=M_j{BvEc>vgZubiH%n(#i;gAXyGij~XbVk%H1hxu5D;EU(o1nB})Lr-kJ44@u@ za?7>{yb4j8XVu+n#9qs84g71pdSe0IKPC?&;^;u1VmDKZEJ$`cvv%Kz|JH|8U4AeF zJ%+<32KAe7-=?I12r>?$k3~s|RUXtzPdsicm49IPt1*jAe#3B(j;C-S4sfou*6rtQ zGtx04O=MK|NuH(0<&<72k&4FWp|9b(!M!nSiLcXi=7)>oV}tiz`!K~_bba?@gF{@b zs)dB@TZD_FV&@B8fPF>&OS^tINZS4pb^Xo57k8{5jP+^#7Gh&HY~l6K5F$Q_o|zao z{F`3##sr^E-xuy5pv1?aW{KTh75R^bFDKt%8Iv*GQ)XtwsQmp1F(RqF5S#x4!zCek z`$C0gOlE1jx~qv<(wfzc>Cdh1QjB`K2Sh#QwAsZ(R}W5DiHXJf3IDlHLjNx=#ri!a zdBMxVjLRI5zR+Bn`y&HSpFJ(&_;dGvACyW&6)v!SEaTDx2CG%>xqdA8eOxL@j7Mmm zf`M8vd{fh~t`nI~$XYwBMw5v?9e^>)Vts$}fq{5Fsq8mCPta1VFhn`)0{Wax`=Z*F zcqwC^2-|#{FQ0crE?}&w^J$F|HabhJ5HMVr_u2-yNMYoP%rrC)-KQEP+*$LIJ>3+% z6@HOv8v6Q0oJBNiQO{Q52chUR*P~cJMPhgEjMZ*Wy)rR6iQvm!KLnMtK%>dQ8NUzW zy$lL|)k5Uy(vH%LIq(BOZvtA%+q^`pwvR;)P~mtOhwc?!da;!&d{7B0{A;;LsVpgk>$gqF|Wv<<@*DG07szbuZCv8uEIPw7Lm zNe7XE&GLDCJYh{uW5|>}v~-QOmuAK2*_B9af`@j&*}r4ez6t=4h{HxLJ6fl5Js%)4-3lMFiPMX6Tkug%nH8 zfQ7x$q?3W)2S$EHKJaFc*plQ|IBbR*9p@VQgfO$TnKMVw%fkM)P>R1#*@lldU1TS3 zrGqvw9XoMH8jhovrC%Q3h8@eqD#Cpq=4A&X)aR_+blYb03W|zC;VM!?h4|ojno+{; zGYf;-7vqy^2>+Q+j-9L)Qr@o$`SB&*{}lkptfC+!IAEZ*2}{>pQ{)6r)ST zt-C^|)wHrFE=ts?>=5juU|m9kuQxo`N>)PiEQ}^_?-8HBoKG%99HWGX z?pD~daDL}8L<`|V$Wa(8d>6ig+z&}#flIF^P>KfE16hI&s9Z2XdZkyoXm+$~^Q~{n znpE(e`fXY@%@1X9x*88hUfNKqcz>o?Mp`CwWCW>-W9h& zFXxw#!-QzUPShiOTU@q5#kSW50;4}1SHGDwka>1`F7G&pb)7s@j1PD)>Gxn8;D4Zv z-U!f(OVq^oxD)s`be-UYUmfzJC>JD@8PTBVe=(6&H_ecOXX`&L6KIp%W!O2wx*`nf zMOvX7n%Tp##9sZ6vZ0|hYj~mvDcmEPKZScY%l#E9ymv-;&@+cq6sMb}2h6hP;M^U7 zoynb0*Rg={jkVi`r4Kvq`V$zMREUD|Mqv}9=ht8^e6HMdxbJ!7yJKv4Me4-Oq6dtp z&@xbBX3D!6wB}37-)CU?s<6af^NYKZAgx1Zea{L{pTWGO9AJPyMef8fRAheZ=dp?? ze(M%2=$!KOAez%|7J}r7O0<%&7_aUvyaJc zpNe_zYQkIWFWP@Rf_tB<@ZoTtw3*>Br-(gcnzcom?1R*gw?qHz)<*`Y&&| zH;ZlWgQj&t3Y=O^bIyNkq+jqMymJ({<}=G}Lqqc+w5vQ9d7k(=l#$ayA*Byi$5BL?bMjvD@!gebtFuQ~5MPFbt!Y@Kq$t|) zq5nH+?+ek0vHf;MQ>;?`>ct7J+-pMTCODe~@pe2D~%0NS+_?C`k88Hig>eWTlRL!T|5*&|fk8JZ-1-c?SNjF>zzba#CRnKR_Ocru71n!LBpzjtt(#{yQT{_%+w z-%xTnEXU?WfG@>HA*0y@QCvt#L|f>XXk1-SsCK&Tew66rhqC7tWVJ8m0yY*s`S=rW zp0A`&Ocg3tR&4x?((i8@Eo`;gTJYeSH7Tr8v1Y!+J8us40IIhg6^KWdE%E?%2|7upz zyk2|;O^npOaaj*Q{XYm7*|l=JmK%h)XV%eNsLfp2NvLZPptm0hT|6%`#%#yimF+SV zy$LP9oIN%ppVQKtvPGwfF~rYJf;6+N4noi0hDb<5{D@meSAfrMgUC|oiGE8;*PY(u z2il=>;GO$Za6<8M=)?Y#(4edcRloV)zc*nMMm)iCYv%2>5P=nnBk7i9)c|MTh~%;s zvs^x>gs{l?g3A_+spapi(8g+yXaVOxZYqZy=>sfJJ|DX^8{*=Oohs#Zda_xw3xrvw z3PW2uEp~htjv~CrQAeAxT5($#$UTRJ!hn8|NJ?sj>Vp*1d-Jel&Ft~2#au=!HY)}0 zeffNJy^c=E*`k!}gk=%oic3?`F~96K3fk2QDEP!uU$Qu0=_7Y0i*NJGPQ36S4&)QM z_PA+vc6pqQ59Jfl_tfLruR?t+Rj~VWZYjlhIRm6AfX-+$0+wWY{4Bz>H87=hGyr$nsgYf8Bly~7S@Tmo?_)|J|+T_yJ_=qvu$R}>bO7FJ70JaTYt48l% zg~;dFmDt%(x*&FZ9oChp^S2>i82h?5=DlUSChQ`$mF`Gt={TC4h49GKynViA zA9-;xFO@63MXr2?Od5eG>QNN`q;w`Uzt#hpKD5%$f{;!+s=6R3WdrM7Pk$*k)zk>$ zPqC5WD+%7~cuUX+3)*G*5$Co>Qic@19(OsOLOC*Dt|#$2`q&GmBs;dt;Ix6@!rXtW zqAu}}kN&5PLIlFxxMD{iQLyfoWw4A7Il?N_64q2|@9#p(Wt6`TTKCk46tINA%}QHQ zWk2`EdQUXC0p1IeE&;$ZJ81R5M!F#GMYz@V4c!H%CJ|IXnUG1r0B1U_)E$EhPW&bs zG^*)l<`qJz*3;XYASYKGJFt9%@gNFO5g0ZC!Jwc+WQw&d3e|QgrS(V8@Y_e0N1-DX zQ_bj`=uhgwXw!@HXC2qBdD{_ArA9-PmpAOfQ7l7m2QfZ9}*5c^KLQnz1%3KzZU(%L)qJOk9sC7rM8*4TmdD8ty|!a zU|uZCL5&@K7R~Y_6n3klw9j<1X#&$UA*397US3*y{EW4KFLkQ-7^Vs$w0A%k`Ihng zhMHvIU?+#xG0Mqs>K%MU;*5RuAy166zbliEJ<>sX>E+}MWkc}2G%Jve=DeJrxxM2Q z!BG+tfw6O>S77rv=o=%v7PhUeZU}?~zAO7EZBOMVmOY#KdkDN-3(k(BT=$WW@bP?{ zrV^3L({wI0W;k71D~@}IESqDBQ1w-3fdaeh)~{&fu+-WX$5#5r4JkxQWak~4S>g$4sLv^@pd&P@e_n)K#Z-XUjMZ2i&g=6PdB+B>KLa2!J zWnNd`K&e2Szom_u+&(@vh(!m1RTi=e%%n{SsI(bbSJStgQkM$!UxwQk_g@fvGw^h3!LqTgeY??1Z9^ehQq zB=JFo(-66_Opp)A9Kl-$))k-U6ywKv7PIJ1_S&op_M!f4ruLo}>22q0TEEi+`J0nd#Gn_UQhM2h5l9^MPk)PByXgU5~qk)y-2Cz4o12>iV|LSb06q=2CT} z-22j$GsM*c3~mn6$@DZ}vlcA3UfiWCU)e=vTNoiK5f)beHK3~BIk8Gl00i+H)ZncS{m@LE5E!vPe21A zjN)@Tc|KxsiK_d{S^cv<)PK#LaIH9DUUeQypRP{ms1NoomVa~&A#mK^!XEFQz*PMO zgT)TAC3|Y3%a6ylb6sxB4}LgjkWipswXLXrymUV0g*jJq`PzIp#-Hvx@VN`ZWy|2knV<&9C~Qp zjrZ?)p8NaWKj2-*!3;CA*|YbGYn|75o@*g(`S+v$ywmd|d)-VTbJ5~l^Y3~7dDv9Q zA0ztL>!(pK<)q~P{l-($k=XzLLv}&xj*8vQ+{dmIG#n2;D#xOvXIM|Gv8WMJze`|Ihr53+ok}Hr#uj z^(IF@SW{~AyX`BWx^rC?wsT6?#gSdZ$_+Q;qi23Aq6g&$5HLHB-Q`jp@qa5U3jTnO zTSB}gf$LKKJ(AUd$nGc4+0u6ZsCE~c{wV?Z@W(FqfLf9in&zkH+1S~w+YC++qkX3n>%AB=Jn;Hwt0^Aeq}E0W zYk(hYtVun5dx41N-cZ`4Jm4L7KG_%n$l?d5QIG>81oW}h%K|xony^I^3?AQMq z3RmZ@@zE4UcAhCU&82kVRWncHkcLX}Qt_xL-%L%2ZT&74x5=^W=&hK)o`7UegS+(_ z2#YrLcmp*;#v6=x`<-;TCTp1sYjlPW>t81HbF&z2*A4CMFV0>*bL7`(_wqzEXhA02 zhOS|}2HLe9qmnI-RgeOq@znUGbq{~T;|R(B+_AWL0P9`NU35rn_TfI#9Eh~3Kvy`= zXS7>B?t9Y9V?+%J8L9<3y<5(@F-&H7Z+#!z^>UQDb(}?5>--w`5sdl~$6W8&lm7LI zjRCw*l>)A?y@sI^1~dJfD)LW{W_-AoM5@TA*zQS5Oy0!Nu9Fn-TTLZiaYO)(|79dp zTI;`U_>@$wSW)SS+007*0A&T@1cuz|479!L%cn(H_O^*W4o~Ut1iC_lRTO#wX;k`#byZh?Cy5l1i+-!&hE(*b+NKPS#tKRk5=Ugn^Ud0AA%S}{O zH6lAAW}Ji$$Txe)NXndFp280IsMC1D;6BuLdR0hOl)-@xN~v;zWYm>9XZabNpiuizdHt>m_lhS)Gf0@8MRn0l#KFn)S!+o&q3O~s$Wr59*C=27K5Ii$gvI$llq#tuOE2$>viL_f1p?Mm z$EPhFZ+YFDBN+s{l^@s9j!`92@zUvsqg&#~+(H_d*!eX7%z}>EEK+q&MrE3$<&f&R z!tYsQqxJ4}6y>yi4kpdTMDW9F7S`Rc!kWoOFHg>l*=FY!)z>=EKi9q)Yl8kS0&%3` zx+zs$yP8}LUfo+oYPa~@{xM6vg%@nY6=S8W6_sxvOtL2T^zZhMgs69`s(#SyzvsN5 z6kZfs=S*Z`SYU~f+;dcI!TfT9(?vZlt+7jFj-e=X+jz*=GK-n_80H0 zwclgl7FJDOtPS^h;m11EFk?AL&x9{avp3NCRc1%((}u+P6k+!RsxbL1k?lv(&x{C5 zpXcayF8HEb=XNuQB~PEql&|7qdCL68tU00;$KlYZ5iVB?i%up5%49L+pC7 z$tpG~&Y_>zbx(B6Yl9)m+f*pDg5YQ0&>SVhyp5;V-d7VI;xG)?xSt0V4Q;>qh=I0; z@y?d=#J14b85RXM&Q(Cbv7e3PP0+@t`dU4*TPQ1BwHHo>!%&~sT7PO}%&js(Ta^#wR#xGAg0|Rbqv+x?~m#Q>f_4i#1fVCrQ{{vHNWisQ#T>lRJ)#1mO|O&fF;`S z1G)Z$XR9C{ZL?;5r8|rgm4&vc_1|h07Z(AG@Y?Hu^SNwl4)9YmGqS?*6sk6$-p(P- z@a7`8NqR&8NF%2E$$Q)#rzL6Jd;*FTUl3?0E&9ZYr<%VYw%T~ewQ26W zLqry2H6mS>DaS5b#0qy$e3q(jpi4Ye{f&tr4%_;gQKSp%IT(`|{b?}I7NKw%@ie1V zS=kE{As)#$I0W7ALjC)Kk4nie!q~{WN2CX%4m2u!7uLe@Dg1ZO$0D7(n`_uxV=947 z#-7lq`J$)f4)o@DN10g*76ikk|L}wbiIWHJ(?9;&)n(glz4m(M0sr}!WT1$h?piR0 zE5}IGRGnYBOZWRih`YV&bduJXxR;~rQ}xnJ1Im-mJQAq0XKr>l-GDGb`!B|9*Z+DWFjs}5X?agHBy0@6f0kr$i;UYVnigMAB3bFaZ#1aE|4~j| zW|${_p8~&*(E2SNlY&Yq?c12CN?Ah?Q?5p1CBt{fr;tq@JZn{CZ)ds$6OvH9Ay!}O9 zJGN7A%XCkRv0pf-_cMF#b9;s+Jf%@XOuJ{MPby4=8Yqf7KzLS;DAg#~$f{dINLBN( zkSX+!%2p`wH-ohCOSLIITFb>ORjb9XolmV&)#0~05eDVQ?G=Ron^>Mk$zx_JRe<75 z9~i{EA_e*j%5qT6GUDCospnQGOmCZQm+#xF+^md0FS1PnI;N(u6Xl6YYswmKGD?R^ z^wm`h5FkRZtM8_aTYTlo97r)XM^r4%+{hm+`iW&lh@EOw!>*CR3zqVBHIG?z%$ZKF z5@R${^~{$q;|ex$-;<>QH-wMRa+VhL&`yjp3wJk^WJ2A43&>hn1;U9YCV|W z);+)=corglV%Rv}AwbPE%At855&|zyh~N%k>t521lG?d)-dnSaG;#qEnUr_L6ozRv zkv1HxO+AR0A27E4g7!oF;%eBdLr$n0WRY}ZIn%-ZZmDXzpMf-ADCXzOm??_=rdOs9 z(`v)yO=?Q06~fRozuZ=gj#T`+KG2O+B!QyGx^-4loM3BnJ6~{hP#Kr&YivU9V_}K# z5tn$fA-Iw5-d_;raR$JnmnsUcKFM%br|nzsN0+{ut|9{&VOJl4%3Qw$oPDv#Vs^!6 zu5gZeKs|GpYaTq<9y+31|2Qo;NrK!ZrUM15clBW<}L)75sa&28EIQzfwUS z*_h;_*!B3Od*;k9d1}biOG<2LN^&jq+bo$|)y6%Xy((2=T&ujCdfDvWQ%EE=O;Jj` z+^B{dS<$fG1+rmO!B(e*T0TdL|*j3!% ztQz+%73bf>G%DQ(HAaE^J8#VFvCETosJo)b>5{)Xdkrvre#9tv9glyU;C;aT^y-Y!xp~CM zd!qH@Z@2LEf6GqFcX`aY)#5mnv!50@p?o0yXp$z~KqYUp$QlTRs3-DB12L0~g1$Ww zsA;bCky`gT(^}Y^s{O*z%_GrOSmQINuId}hW?wLmQ^bs_34Shxlj?M@6_<*b2XZn` z39h56v9Z0Vkwik%6mMxQF}_CvDsZR*0_`@1-G1tnC+KH7HDeE|~L zB>9nOZ6!F)KoQ^bsh?TNh=>mR+^G#X zCNRVFAE_&;==L2?&FJ#wEX6Ei*-XN$@jG^>eT3R%mxEVd%OXvj$g0 z`5b0p=XoKfUNqbm6AwTK5E3-7gWn~&U5dCXREBIqQ7@H@ZR2dOEeL?DSk?%Hp#lYZ zI8+~0S^mNSw~{Y6l@I@Ns^v5=9%_Uf zHvRD4*iiGsu-4!9cvgob<|4ga8}54!l`2NFn&EHWv<^$YF{x{XmpwD<;Sb+hZzR94 z%Im65e<10QzdXNnk@lt3oO9X?&!Eq-#&v$@5UwEO%*$@{>62vH%;lU`e%bdhoqqtC z2diJKdPK~9djO~RlIMmuxHMa^-1XyEJ)IeiU;`#Nabb5ybM)=ND^J(7;A;$g0t@pA z?dtGdGc@HOk(tQDmA0JR2Gld}oATfaJE6|}u$;3G)N1$nPxf@lMj@RSKENU4U1EaH zDM-X-J(2fums-=v6(Pi(#y{uQ!9HIiP%6umFb*qPBbl%3+M$qid+jGZ0B9KXi+_=g zuJd8`BQR;x>UUyZ6SHC=y7jAR6%z?HeyO`J(UPmX<*%s`eFkqZQ)8UiRns~*4c^6e zp^tJnkOx1rLft;FcRaUwNvQxN^34Dga>Xz?l5kBqKhn_ugeMU4q4H($e3Q5a(Zo4} zgZJFFuV-0e1mE1V#0aBA=6Qw*ipS3~b7;?QKA6i7`LYU6`OiZ&jt)2s{| zF&Xe~3Q>m(PF=!`|ABXF(tJD0r5$I@)v0W$ji39Nko;ih{W$AjcHM^P5uC2o1$cn> z4&GgZ87Gn@$ewcI8$w9r&pIqTFK^uVrYX*lXJ#_)4py{zD3{;ef!wj$(x#oF-GuH& zw8{xZbSD>N3q>}2W0mf=(xx3HnPVDW)84ToexaH4a<2+SSL!_dl2;V!wxQH?wuXFB zqtxpMSj8EqyOshHPSvrh2cw!*&7i_-lSEo>a61g856k+MlJy?UC=hqC5~!c!pgBhC z@*JUzyzY};q6SZ=O>;n`CEu`g^B4ABf7ayX_ZREZ_@J^~m%np2eTy^;`_~pU7rZB$ z2=30cI8cG$bu=YGI`Y~b@M8Ew&Ni2(=dy=Bt4&WIpOx4mD>5G_1VJ7yb#@dZ^dEI<$#1B6TEg`c8aNdSB}~ztYL? zGSnFK=NWC)Qz+4s6yG{C((#%)qB3uS17&O;NQj@w(dP%H0p|k z*w}_X1;hp3Ywj=QrGM8kxSDsO!tB>T!|o(Y3~WqXR^u*o(3CHJ>!z)W#kga8_R)wz zUqG>CfhxLsaFBt0ey5nki9h1}Hu}2*Rl&6Li_MVeXw!Z-rhfbrre1Sk%xG*aa*itM z-iuoGsI{b^k0{%InAr89WAL-)3`jLMGRLtd$9=16>E=uRv~!CV_tyBRptCc3!w~e< zkf2@oW0;TGKLH~X$#O@2lqOPB3(B{bt*Wfm^4c+8RiRJbOwRkThH5EvmaTG8ym@%F zKANI*7KNw}Flwe1#B1r@#L<`6QlR*Jsmslxt()M16bOvxIU#zc{YZbZD%A=bFA?LNwJdO$ zOiQ)mWxwM9Y44n=thug)&^Luw26&B^Tfjy?{y39JRGEpDJwZnJmO5yv(@+=u(*0eH z0|`CYGQyy>9M}2{M=(ZWs<_8K{>9tzDK#RuXjiEn7Akbw{T)X^&?v{e%|=OvchoJx zQMz;D$OJ({`!&BX0~Et(zQ3AfOMmD~;OH=q?YZeraNZ6iv3HIORbrD3 z$1l5LUMjYp>nQFSM3X7qI}Bs6b^l16zn887n`e6tsa40K8@hi1g&OCM$@&EV>DoQ| zDA+uV+B~v9@uOD$$JlrO@dB`|7t)=6`pY8(RqOZh2U&nwqr-lGJ?gk}hQJgX8q9GI zMh%QAFd9%d40wiLCXRL+C$SniY0DbiZ1E?LvqW#_NS#mQb=(K?nkt?KA6JutJ0bS2o;gw1PW`u$mT`L=HIO>A+$rcjfyNe7Qx!vM1QN zg%}*BJ}&C?1OV0|Wn|%Joc_@odMgr&Sk!>)K$!YAuC3hHCJ!3b{>WcA*S*^g?=^-^ z3&RiFNzeWR3<(P%~sSR4`xkYopmcaRosqsfx=hqo4s_rR0`?5*OnzW|Z+K1*yllRJ8q!*-q<-S>w` zGvcFFBdfXQCyhRIQvBRM6yJT{bY4U~=Hc9fad5t-h3p(soZVRSOmzK&`$*xi4}EfH z(GUlRgRzMf(Z922`{=r<^yGrVa`<+c83W;FLA(wFhmaKZz;~C_!p~eU)Arw zkg;>UmEH8*;4Va#tVoofoo^5=ddb5?A_H#@nVWAGxLnIYFIIkqyFycYPqh~HZ`*(G z?UIRnfk*HMYM!9Gm9NG5uG?SEvgM7%{>lJ&nJR0cc9*NdqBi<<`ak#JBz9c4+~E^h+W34Hrxma7C9gCjV+SwE7>zRvi;JQ=z)97q*h zl9L_^sit6%YCQ5|jaZ7;`Z`0#L$6?9lzYPfr%!_sO-#I-^B{;Fz5~ak6EjRTWe3+p z-eh%TTILK`w#cLm%U7NPHUWZQhW2WnE`9SeBzDTQ2v>m=fU@yUI_Nk;%%G* zq3zG>82o9}9HymdF~hb?d$`DRi9S?$uI#+8&Gy@?F;n`&>(^NrKk7iqB_0(%E7&=^ z86R&1Sfa^AU_q;c6g*>H72a}7O#wA?F`Y4SsEUKKgt{#IL0?sCycl6_lRtNvFp!el zcxkAq{u9WI&)8=Hfa5{x4Z6-IngE|pJqYS&d}zKs&&xT+uYhA};x+{T&GhLmKDFyy zF3$LRdAbhC5)>_zNNTqWH@c8hN*ey_AR+;1 z%O{sA@}HKoib8+slPc`kW$#XA#m*&uxU#vX#OJf(-A{Apl#d3h|j4GjP2JG`XmzhPkf1>pD*ccY*js#(_^mKi4vz z?4~03kB!d9D$&fOHBVIdS&(`D3I{#KmWu)#Fh>AMva_z%ZlP&g0d&8tK|gl;uRE~| z5VkPxBl2YSe9o}{h}rMz1=E=duu@@5i|W2MQ5_&+J{4(v+XWbM;Ks(FsY^beyP8+0 z0ccsCBYnxg97Owc2i7^zw6)t^t$4;u;ZvE}1%2|mM!b*7WJ*=5bSvC2?|^X<#NC{R zwPq&aGpW7skR9+2oq9rQ9X-61dL{O0Hf8q&Zc`OPnb_JpCBF}KexCin_Dm}%yM|>0 z!M$A;fL=U0R(+mO&27@yi^X5@u-ViB-=NDqS|l`;Eh4%G4~w=ZWzi?Je!FD*FqvvI z>8=HEe?C;w<-eN{xf-L>VgC?!9u^(++!*?}IOT_$l)_UEL18b<77S(H(@twm#yEl> zEb|5s^7F?u(4#Tvb{+QgTl+ZD$H!&W$~W%ZF4BR2xu8oyw!{Oy9szrfdk?la$LbWA zalSHr6o1CxHi8?zu%R%2^G+qI`klOZxVZeno$yE#_?bKk4t& zVjLo2)Mw9qz-Gouu-ek$wys&o?^A2Q|x+}#G&sGLbt{M;d9y?spTZ;Y% z7GupEzWmui8AOlcx7;0182vko2?!2@DWt!3;T?Vicl7@UL)<+DaWWQXx z`QwQZ70GISj;PNQhDLz0LB>4xJm>y`@q$n)e`y0BbXZWQQYpRx+wm|jvMbG4ThT9r zZ=BNgNJ!5|bcNcsh2WwfI>U zASMoK_n%g_EsOC5wc+xS4Mn9>)A)N5owit)3)<6s}8 zAh4TQ*{R2jNp3Cfw^l@h05xx@CgJ7q;&%Z{dHGjfqg-v0m-s#&8*ExUd#hpyDF0jH9OVA|ckZ+qKFX|0IHSHLUkjJ17vVq_d>s|m|uK~K65W>veq>IFFpA0yJsoG1&cFWP&hw-n09TIq0% zf1qJjZ^mZW$Cd3^ABl=En^ld-mh(&K?2rNr1P3bj2ltjQjsA9$_T? z0s?MK+u+6@m;T;JFbN$uLllg;^(ZpKC#;L>N<2kzNMREqSo!p3(hcCoYvA zkm$utYPHpP_z5jz_Y+YsA#UG(hp-uRj1H>(8kw4@(xJtU=(z)mKIuPK_?3WW(z~RI z3TN)k|9YVL%a~As{NYufBb8LG!hL$)O%wb>n>(BAT6 zICGb+?sl%H(BE!+?jp#<@PCYoqY5Xv8*e;rH6Rr#1o%b?}pzU*#aX9v2`vliyXr zCKr-~%}`eYabxf(m$e#AZf(7uHJ3>mp^%qFUQ;(22mm&9o;XduEUQMrCeM6pmW%84Fz{zuL=aap!@^5#t2;G{f?^?h(ld256vUy$*{wQ>^b`my+|cdJbXJM*>W ziqBx)a+)i7@KKY|y;a**Coh(`s=>^;=Te|ugDtiw(qTJ3z0`Xq&7d}8<>xjcZ)E2j zCY{$PMWi<}ExtkDnjp34iFX`tsYl27<*Ro*LjRbQh>bym!Bw#%K2Yh6E~@%}(w93Z zr%TEMwrrDPqFjLCrc5=U7jCd~@j^SCDg;~qI8xx$Nv2FkiyK%tmz4ilc-cPjMm`Lfy zqO#jpW76$#Zxei8G)BQsx+1^ICWpuVk+q%TBw+iBe}$&IPLzx1j7j|32-C`mb#Ghw zy-7=jTpQVZXVo3YVc_=M_(8~0@$&`!YszpTm_2>)M3Sf1!iPsuwDMHB~>d12!5I8ruksK!OFHJ66v4& zzJj2of|)yNw=HcfGzI!VV-8H?5edJu4&?gMS+2(0b$K7X1gPc;!kenD)}sLbw0fM%iHI zjU6KF;>+3hv3EkD%V2 zF^oDlAr~FJ1%je*sk^)a<4>+{KYAcyGORVD`=9&l({I+`4ZICVze{aJKZ7nwoi-J3 z8+DuIj+g)_;yt6Rd{@_*x43JNH~o7CMzpJrrraCj=;oCS!q;GYOsmC zG;?F!l*wnG2!1`#n!}qUrFnE;VFy!Hb85B1~(UZm~PQjLa&&-ci z+yPgImma}g_GRNlJK>C>G5Of##T^*>r*OpL0+`o5>aG2zVx1!(M*)_WgDMxg5C0bW z*T^mcTk+ogw{QHtaKZL$z@z(5$!tE^raJh0MvfPk7Jh%T!T%j@97L`uH5hMsnE$0@ zdRJT3<&dmFU{+lB3w_ypJ)IgP>t7X)Sf%F%RPS3_|V+@(jvrh8{rva~pThBYKrrJHEk&&JH34Flqp3$0_JLAM1B< z`HAN!LDz3462$-dHdI#GnS1)E6Zy#S75_nCzVwHf8~;U#cjtmy0CzX4Xq;1+-|>0Z zJog)}CMBZiXFu(P1`JV<%%yUVC;p6y(PkmP{d4y{$*9{4*dQ#tDXtvYbgBMze#+F` zvv?C#7a!{YlB?Yh>_eR|Qvs9lC9~zB-b^UGI$zD489UbrSM|Mx=f|(Ac`#DD=WxuW zRZHsy(8AOQwIH4-^|3Wl6#XLwBDTrVgp3|GA1}9sZ?#>#0f4^7|7>heL&kbW9)eeI z*5d%kO>go~sntz#?h?QME1x0*6tgy@czEC$O?=N>%X85RY6wPR+$vJ8izp?)`kEpq zMhCRf$)&6uDhk!W8SD&OX?ps<&Uc=lvDoExP3RxY^{2E{lr60i#HaQyeRcpaDFAPY zbFvUUI;vp%>?w_58|ziyM@-YQUI!!!Z3EN^1%O8=oqo$JSaDT@cUikB=|UXt{AS2~ z=o=YQyIcl;`Nbp7C38MWm-1h5bDT~7$9%-+aIKi`mTuul&LvVnF#M|~ecf0Hd;U|o zP;pO0#)wZP6`69>*yX9_lh?qPuA$S2=Lj$7d-L_-J_DDS$gDdb$Zr8Hg9R#a|1=de zH3aX3@L?u)J`YFXa_<>0wXjd^iR``ZGqyAGV{-eaR|ljXU2!=Jg?ewCpUv6*>4BiN zV3A86RGGnc_cHzru%1oaK8O&4=aRx}BX5o=nl;=i8l?0h|Ek@e7}{Uw@%KVKtsFkP zr~A!RKDymJC%z)h1H59XnfveP$zg%?W=k}W{-%o~_RMJ8S8~j~l<=1d9DVD2A9ugr zH^e_{P^j_E_~myT>q&EuMC|HVDj>gyrBdZc`$%XfSh$l1?~|cLx?n59k-~o+|2%*w ziZAkbuA(;RaBgu*4_H$c+*)Q@7y~~asuu|71tbc@)a=8JKlDuSj#9V6vSvV;5}i8t zEQwAIFyopCb575gT-{|-OB6pX|K`hIBDDBuo}Rmb_+olS0EXT=dAz4d;>>NUel(=FbDUOpf~MQ|SPBZfx(8@* zIN!(LNq9}23Uxj!EFv0bT$~r4+JD1@kB$JC*ms*jmSpWy@erG|C1w%;fY8PrC-woY zt26IwoGYLT-}TZdOs=SeZCg9tSOu?8aIkW`-G=510HGnJnRC8l<}NH?q|R0Hcn zu9=L}lHl;>)iZ4Nz4$HfKkEO)C(M~a9G~}r$Wh!vcq{w8R6ZXU>g)u67Cxn3&W`<* zTWtOH8>}v6_caUC;qKMZzZC5zZ`|SqF*WP}^Ii>$cF;+VDCJsE@m%S&GH1(w95n@) z0In$3S07#oDn3F4g;F4HhNs>cyn|v-)tJ3IlAy7rQrL|UOFJzM3riI@@ON$Q1$;Vg z`H%cjzm6A5Eb)h8myC7)O!-M98nry}zcbMgGCXMogqd|^y;KD+2PRVmpSXoO^Sf>s zco4yDBs}^~x1GOm<4LdJqI)S>yu?X3EGtp}m9DLdaA#3X?%*lKqiWwi-EmyH_Oz{)hNQ(tF zgnUf8{|=*z)&m3-MaP9E;<5TTLiG0P#YZRS05heS*J^g~mZTUd>*UKftS?&m128lJ z-;u_)pk09_9gPFzRs%f~eOMfl1Gs05G-5Jd2*io?!^=9rLPZa-oz37ZF25X6V%YzGq5+6bMNHBpX!0%b$a;xeRb|;z>6Q5&W_-^JX6+C%xpZ zjzL5#dYIg`3Mltb(U;`HlcJ|-`e}{y{~0%g8+ z7A}2Xa07u@@&xItSOWbHfCBQGf8r>vGveH0YjO!4-jp;7&CbYZKXQ&pkI`Gb;l*Sj zJx^%9`aYVY0NNa(yLWTeEqd53dh^s*CV|D_;@INmFrm5jm9P)w?uhe46BfOufz8nz zexIAh3q{c_$?II|lML^%$cyu^Q_#jW3j6fH&S!RW%AP$x11Jd7uYk`JzFpe)Wc77l z=14Sr>knkMuZMf9V4hje^Vyfbx`BG_!RCwqUoavl8Gh*1T!_5orJ3h5OPoDOp7jR( z8+^b{(BP3C*rTKhA2?M)!!ypvntvI|(`A^p*a<*PG4Jl!E!9fEEg5m?q7Bf!KvjGa z<*&D;WN-wbN5~EJ8O~(O`4jyfCv5^?MjT)O=E=DaNK(4ka#1&+x+GWL;bc$qUC*QKW(;B-;mZ3?H<*{4C^ z9RpqokmSxhvu^T-IrX-Nrqeb>X_ti07v7I^SUewnGphF@bI4oVm_;Q9lgzinW>Xv* z8zNzJ+&AtF6r;y(O7TUnyc~H^R3qB4#i@f`GkaQDNRgq{81%@h>*d#h{W9*T>kLn~ zJ_*6vMTsM>J$Y~N; za2dW^bkonhtlpdW1@t5Ew?x|IvL9S z7mVS#5YfDnp3PG_oUr+Mj4xbcvvB(`)G@+?z!Eb-JN05*ME7c3M0(E)8+^)415T4A zqi5ltYH}iNkjGGKuhuiq+}r)QwXpDU4z;k9#YJfFK7ptC`ax(pKGvWX`OqSDR}v_( zO&I?$W3nP>n}&KPf3}M-60urKU7&FPR^FC0z`1a65XH7V``E zZULpCyjSbiDOaz-)uxWKC$K+z_;zKT3BwfFGr1M4Myl^K1fwjDgJbGzj`F}@)=R3{ zb}N~5LD-#J4WQym53GdH*|ta*%Pze=BJ`L&lNTF#A1&S|hhGOoY~JH^yYMIZC`Zvr zvvf)A3#gF$qA9>PdTDWnhge)`{0)M?{Yz3 zoAiey(X#C5d?0LD$Bi1sU75Rm0B_`vjuyLTqvG8R`oKAyGj^l@Qp?g`=~K>OnX|Mx z=6Sn_TG4dikt0HRmqB+UO7a68mt=$jmbvvVL-oP@BxPERM_Q#~9SA4lE4I;(%F!#u zpl_zW3J%s@L2o5JAir4T*c|#rb!ai9v`*4 z?Ql1bM0xKc>IJ@tUIdj~jfy_L{6?P(AnLWg)VV&G%&G2l)ud#Mp;mV^ctBh?5-c?V z748%h%{`#|Oo6eU>hU6G_TtS#>uI2CkIy7@7&j%U6B3T^sKr;i0AG(9zqG%<&q!yd zUO{6^yeA<%o96{eK~VSxk2OxZJDNVI+(fPEGKqTp$m)`6_&h`yxqG7L zv&yBmW*o&aFD_29w|3m?ntLsZ&U=jJI!$tA=GZ@JDT8QIMv`cJ5QrhvCZdq3w7$g@D8<+ zP4-t4QmuEd+x@uqW%z~7CXhNiGO>TQ8{lFl+OfHX;KLea7)(9%3fedr-}?sm7Y3Li zgSA78r`I3F2r9xwq1?wuEo4;CO-&;nq2w`V&9j`QBz#d0`7eSID>hAQPba%$bk4|R z%sir%?`56Kr~3Pg`}Wxie)?X}MajSr$^HF2+QhK%1{;d3LuYxDopx zu^pTpAJ#u<*rBwxCuH}D9r4}F8b;-J_a5K4I<{pP50Msw>;A(`^?Y`%&-@k)LPP{H z$&q}NlDlL7Oh@QRiDDaUwlAz{S>K;8 z+PxS-En~L%F^v}EP$O=ifJ1-TknoZq-Y_%UBipvy51>sEe^|+*V|FDOd3O%Xt4*Rf zmLIKBv)D$iZ7Cb?R^F=HU0U~(!N2{-3y`xnj(9DE^F+#{%U|6K_3PDrtB;OiXN#~exU~cnEg1jPIkK?ii}EkRI`wBU-kUL+NyJ=2wVUDVyXQK(tQ~E&cli| z%S>od&o;vr#j|h%Njc{0?XsN2k5pQ@WDCb|(91l(_G|(#$}+P9>IZy7a2lM~FznM# zK?K!a!(Tw&9thahh7`}}$Xn_S8uTM!lEtgVVGZogzZXtUzo2liL4Z1oj%C9s>jO-=o&r` zag>!n!+g?r#!{X^J#0jN`DH{WF*oqPbUD?WtCixni^!~L;Iq~JeKLW~;WdtBS;<0r zbda)0ffBR@8&vSpX-D{U6RhAt>iT7W zjx=I2?n#RB``w7Drh~cym6RTwKQ+NZ$TM;ofo?Mry?r74U`rKJ`$0RqSBpRBg0-KB zI-ZU`AhDrw9>vkHbMkQ_7W%M~dU-a{Ha(!Rq!YnOv0cyWCd9(VPE1@AFi92R!ob5i zUh2^56iv*smI5*@Z){1UdDLLTF6wdqUN+!CMMd7waQ}l;QJK|+@!8xfv6RbUy5|u! zdZy>sIMd#SB&?8&n&y=P$)fppN&`fCBd1zcAV&U?c>#2QfA*N^mNn=~z0^3VZ->S1 zoczvQYizwJCa^P;nJ(?Ez~4E+Ka75R)0h7|FwKPmqeR()&oGU@2=QoI`Ets3%5^L? zs*vfgGnsVcCL`SshuZVqJSV(V^ySxfoacu~35l!4+lvwiDP62pnq24Z2oRiM;F#tAeZplB9pq-iP4mp}0eBbw_>xn2O6D36a^WCBl;sGE7 z2V|JhYLRsc`1eo5<9mDvi;AQjPAoyX8w!aOdzQtWJ)>#2RE7(exBQSxa6aQ*uAhXM zIz8B7s-Hrg;ZuN62D!swpDG>9&uIaUJ5SHp^nKsiPZ30!zV&nEd5t!Z&|1>uV4}2) zIZt=X(?HgzS|DSgi9eqYu;@Wz;nO{huNPgZx1+?GX!U#Qtn)VNC|9R_VwIy9?eve1N_W2{WbVs5KuWn?`wP{XKZw7S|FjWk zM_lSujyPhFmrrwa@1m5uIITHbM$di{T*fwVdxa^wn7DJ!dCFL<9L^`|01Zz}>Qum) zc=G(1IlWHTZEbpByzERs>Z$NI`T3Kb})h6m?KSq1|VziJrv?lYZ0D9nlnm z*}FUnAIknK^w?$el9uM;AEbOepQn8dOMjav?SHZ32M`o9=+8R#_NkJ@dGeUk%yY8o zzGBo87P%z%;5=;(&9&{K$jl;}4Y_X#Ls>ZBGmdH3Q*`T}i$PZRn)rR_yaFJu&lS<6 z)a|MYZiT+Wo3S?5a9!ef-#Zcgv!H6pks{;t9aZaZ=! zZ9V)R+wqVQB%7-3P$XfepDrRz#*J8&QBt`T;Y7u?f%TUVMBuh5#-5Q|T~eQ%!hWR# z1Xml0I2>$Xa`)VRlexGcSG1%~wI-=G`Gof+F3Z^difBpZ8a@PMR-@>#HY-HRdu91p z$7hR1(`xAs9f~*iMvi*u(mwMQ9V-=X2-rzuNexDByd#{{ zm8GyVfNnt(H%1}-=LC$-T9)te*R$C?GjKUX95jsrz-+Och*x<~_fMd->dwFs< zv(l)ngbtk!HusEB10`mO^-}rG`vT>w5%&pUH<7!TaPcPDj>hIQ^NYxy^ z-1+JK;uiyRTspf@Tj_$UG7hKMI8gv^8&xCjl<6(|7Q$CM4Z>D1C7f4g*DLXqhL-{?q)7teK+xVcb<0Eh? z)gGEYx!il9d)?*%wS2&F0c&O}ceeS&eK0QRV|bdaQd=504R4YyiUVO=tuWoQ!@QkN z9)7UD-6q2-+S(WN?3A=DF!KGU^MW5IyGPHfPYzqVUp|FIc?O;Mfc-73%A3&XnWx*9 zUmBHHai7vz?}@ZocW2Qbwjb8Go!EgtVbqp>cZDQ>XE(hc-)Mq~O)bH;yBH4-RIgzi zI9JyHZYP-HV2nWsO_K@}`>;@OedNhuhWiy`ikQ=3)G^Sd3N6fiZQ+p*{4ew7DQGKa z$+NjYd9S428Jj{B(sHmWHC+?g9!l(BzWgDgM63J2d3);ibe0Re_B0F~ORYBK4uu{5 z@sWwQ2RD0TwizQQ&d5n*O{}g!`UaWWD16;caaY;dFf5tKgyzgji>!`O;3W7 zEIa$mBJ=DMde|=Imk@}|3sWBmR_*6NG{OZljvT4V;+hr-^10}s#p>*=G@HHq_xDVt zDno@OwXlrlU{RgH;hRd-J+HjYA|`j1<``vn$&D;pTw@cfSn#WlPV8h0VcZ2->0E*L zi;{fi7^QNsu}g2hFaL70qAShHvc3T}u?u8LlP5gV6naq8Qy%>aK@F(ZVbR{J&lmg-xGs zSx+ZF37ibhTX)ivV?}(U_f62VYNKz4Te%A2LN31g_nyCf_O9DZ#NaoS(py?v=l!vZ zmh;NXYQ9R{!84S~h3mjf45!M zQG?o++$w249POsAC^l1=a6t}5QhT<<5i)2O-lf%ayBz_K=V~3Z+Egt*)G1h2>#tGE zb6WP0?2#TS$jVWAgJ%UuR%b>@(6^@$O?<2r%4@(!hVGu9|2#0D#1z^t?aIkvuZG{g zPWcA6MtCPB%HtD!qQsPSqg-9otM29+if4NhaOQ>X&wONaDe+|zcXyTsxmq7-WH9=g zsuF^LBvn5!!}*Znof2n0_~u5tWcvMeaac8!f$Cx%gsz3}67nVh%W;TtIQhJLclJ7} z5VdOX%~{C4cGUsId}&aPR~YIBeBqk$cB^%z&tSwd~uPltja3_CGGiy(|qba$=P ztMOIQ7t;c}BWtAbIvK6EXmn8-1a7!FIHh^8?SOVIJS zT-{=0JwlRty_MUFQr9u{~_$F!=mcez5xRe1OY`w zLP_b8W1g8l;<{yKCqg7-AUsHhP}(ocFJ9U5b~(p0!up z>yF>mkVt5s+4(0rlT2r-D>qhKdUfw(NB7YpdB+zuM9F|LouQF(d3M#-k5pR zPRI`yFYHIOc;IzGh@MPa#Yguxom-_Bmgo2&?#(Ss8u`w_Q+>HJUHxSDWk)T7J!h&9 zM1PcjOwuG4`8I`ZeM{+JX%F||$C<%4wWVWUp=~9$x72(HLtg_&FE%{dQ(waD%`Jr1 zX=O*}otl!ow)&xDjiyp>B@Qm5B}aWrgX*0si}QDso_yOS-z2@tBH{%}Eph(gKfzA- za2s@-B1`Z5 zHj<>}yLmci6H)|q^-%B7_#VTz_Yss+WdSJ{g zx7<~wCRDcfjv7JVPm7FkHkG7y00hjGR%++ry;r9Fc4P5G1a~euM;1P;8Ol8y3p4nU z$PZ%9kO^-*-r2YcFkQ+%=s)JuJnDaui>!Id7#xy@EE9W6QXdqcecE0@dEU=rS~BI& zC=iRU^T^8dZs>JddjXi-s_WL~aP!2~Wp)E91h!jhpVjK1mr!p=b?7;lKFAW)%6zu? zELhah%}W^em@5M}^zzqOY0+DQ>Aa#pcxQ}5=R{GaWHh~mtU1=J#%rHF)Pa~}3jdo^ ziLccS2BHHUo#pUwzO&2Xx=AjlmpL#|_Vu3tbGyA5U($$GUh@{3cIW5v9!5{{?Y}#9c2M^$! zJ_ydZ7+b;8eS&OMU9lN9zHb`G%>0j{w8eH2M0x(2k5)5YL}AyOu%4SuTf@ifR4g1% z3tDC=R%puUmg4-=>2Oy^a=1cQdOAaeZ6w>k?r;M^`=#%rG;>5mR!1LH1YPVB0)_6T>zak;9DK6oY2M!JdB{R@gO-e8v;J(x<7P|aS zAz^ay=EyFZs(SUY>B<^JUT!t;mp}g7r_HbI9Nvd_q~h7(8%Jwrvkutd`%Md1Kj-S* zId%O2AbHKjy8T}M#o7C=@$#EA*+`XW$LW~stS|XvPec-hqSViKo^6eI-t+Yw;yhm$ z+sHDhk2BDjBrAG~?l!=&S{B|J^AQH;oY0j`8*B z*(FTxr}<1csd!H)sH(AxJvhX{Yp&VcBAn&V3?$LofJX)|)91tU=Ez9lxNpDx4ZPb^ zmzF-}WFLaxKb(;YH*)_9+zvM$zR#dU?|?A1)o;=-gad|B9t(s;M-tIV*$RgU%~HsQ zzPm{QiMhA%?T}^e;AQDT;q!~H{X4=bMiv4(6VjdE(vF|L3iyR&Bl|eP!F87EI|4R; z#jI}koZf{n2M=TZ47&9e=4Xh%H$pdYuliH)g7FNxWI}IL|QWs!Qn=s2gP>D`0jF@R%GEga65qToy{GtN(AkB^cfq~LvsUYFjRR_#A+i9^`OcEr` zzPUmt#4zB#_s^7tXQy(P2A{=rOg795e|Lj#SV!Iih)#4;xaaZ9Qt<42lW5iHzLKdn zSuWIOlj?PAiO`Y9mZ)P7_=()G^bc@gYJ+)PQfK>QA5^j(*j7VVQO((-g!eOLWogu4B z6|D_6g`PUr#Ukm>23B5$sGC?5>gAr?ySMIt{`};L!9^3Q&VJ)TZk5f-C@`LRXn28) z4DyuBc}tumnAR+o?7RXKNS?_H-~}O{geLPL&Xh!zxxX7-Ie2GViY6aS$r2x>I7F71 zLYDl+Fr>~utP`l*a}N4JegjzjY0LV+*KV~hctF2zL2VV1MKAr*dgC}pKmOPcx?hpb z;U}3Y=wNzki)=y=JfrjoF_EN6#wJ|PjSyYG^u6AW(*zEDPg38plYD{3$Z{wHll5DY zQ6Jvqn}fbE_a;P|QPtUWDNnF`^`~I@$De|KVo+%9py*f6>KOAjyUMkBl8~EXBO>0P zQq)p9)r*!V^VKk3;SjjwFCXWtcBWvL>i8%;wjVaF^m`Y<`1sa3!m;L#NGi!W2 zta&rVQ$c%ky3;mng!h7K*vw$SP<{W;N(@(S_j&%iqcG@fM(ixfdC^IrNyBTFu@rnl zdeg2M7R)&ODJzf&{QMT?!0w0H$(Kf$7ogubWbqySfLi^xG4cWeoa_@lU3I#t@|exs zw0?J@H~Rp0ohz7EBrQOz{GeDPqT_S{wu`0mQYz`J9$ihTtl=S7!OK?yV#Gy-)xK=cTk&IN)922hCJY5wUngTm*Ev01_oqH3Ht5;4c zRORmw2~5!o%P+~>I|=_Ohp==>H>U-wF|Pq@7cSMRX@t zJ}H1BsFW4w<~VwxJ+AhZe1B-S2JI2#ipNH0tt%UiUv))Q8Yh@Ov!qhIr{~VemF5{# z-xtz#j{mD+V&7Tc+QxfcFo6iQBIBgVN@vJ^xx^@!O}99MCX(zEmbk}i&l-|HVLj9?g}?6iLE8bJ>;y&mA= z#WxW|GRyqBUlLv=sx$?K(4jx4MnyLIy*W4y9{?xuHdpr;=X23Y%WAohx>iPqHJ~sE!7ciFh(%ZLEW)){x{GSw%xQTh;p#xd zZ}i0?;Wi7(2zlq?P2V@pFf4PbfezfM>7McZo@C#I)|-@B{kkMEKtpfr_ZLHQ0Y@Po zo<7oWhh36)J*{*cT7jngATBe9_1_^I#g+Mr@)hf5w38@R3&j{sd>6y^DAH_(jra5e z!02=V@4nBWgljMZHML_eL`w&z9>k=8;Xh@~`xyBg0Xw84k~`!F$o5$hhnbr#%J@r2 z_|m{4u@-PsAor-<;7{@K|5TidTrPK=e%0uUQ1H0iHn_B1m39qQH5yh?nG^-nu9cnZ)T@!>Qx>guzowF6C^=`@r+dJu;|&YXUOb-kj5y*C>ni z+@uor)T;{(%BkAe8A`8jZT-pTwXSw9;Z(57)sKIMuVSvDn7Rz?gEk25lr3%kRzlu# zd_Vs$D15UXky!kQ^y|TmdC$D5io7~8#zzXZuJ8=I#-&C=(JVkAy5#rdwW@VqIcN#o zBTxV~@ExQ`6Z3WS4UsY#{Ws1|T>R){yVe;aw(QQf9ud*;LaF~aOt`f@-PaVgF=Xwr z!|C(&E7;W>nBpBr^JXl|GZgdxlpK6Cb69DGX|CI>16$8=L99EWj#Vi`AUVppiV5l^ zrV3TIZAz)KrrJq$tw2gvw_1L8+j+Xrj}va#qH^{ZfQESfr-sJ+w+y_tx0$YdlFn<4 ze`8$iPd0-_atsfSX+^lAc;;#iFP8CKgXsb3GdvW_?AJ5qLHa)>6!V;lQ-r(M41C-9 z?VnSs71RomS0Vntbluk7tR#{FtXJ$FVf6p@_R*(kwa5%S@|VQkoc?^d1+{2h3dGYI zDS9UAbKqAe2FwU^u_Z$+D@ne>eNVtOSY_+~^Z@Zi^L!sKuc<+FGi(A!%de!q1=wJh zhGSxb)4l#?CDFC2{U%peH-NW=Qs_bPKYdCA&5_G&awqhgf(;3|uE`CEO9Ao3J^NIb zdOJRf4}3Ugm_k&<_pl4rH#eV9 zdG^g^#NYu`l`C_)2W;m0&U`~kcm%wv!Be2o2Ly2EDj33MVjykfczZVS?wdEZVcO#2 zOg~}*ZWpHtv;sRn$$X5d0DZ6#o{OF`F;nTd&T4IsjFZSIq< zU9%gg0%%O>?0YrA<%fsD?(6ttWV}wU{EsB3r^-{#VZLXqY``$L_~}cq~~XgyW73L41641U)pB;TNfr$mYSP29OxI2_v&xU6V$8* zKbaDW%9jUIK_m3|y%M;u&m-uj&e5kgi*xCB>+%xji?yg$#~Uu_+_K+@GIxW4UhPaq zZiOEQFH=)Tjo3Lj=r(yJB1@X~_TJ3`4%+|nH`!$ktL-VFyZH8C+E_6_jr%#1|HxJ3 zoEBrfPu??X1j&ECTa|K&)Io7pCh=q%c0%HUd4@LC>Y#OOZvY)9q;*_0!~!`ews*fR z{C`Q2_75qdU(K~IZiX&+pDwvBcq2=#y1P@R%7Yh{m(Ofqlml(;hT08eBU@ug0cV}c zG6sH|Zbd?Nc30icfOgZ}+;mMrl}WUK+?}KNGV}6Z9-tyaYdeqs$#<*6ml>4Elk|csm+oT8@#24(xQp$bdV2TE+lN%~r9!4P$V<20lw3ipoP5hCCFiO#hQQ z5&6aNF*p7xCvHMxZ`7!~Hg8CWlzu5a7wi7Mo=4J{Sa;l|lkN&Aj6t0{EF0g_a`_QL zTo5kErs8;|oPBTJdHZN}s(g-)uDZLa zZ+P>&FB){zD(=>l!U@I&>W6LDS5m2QtaB6)oxJ}t0NP;MI0DFv(MyVv`=?V<=-^`d z?UGg@k_*zEJHG=g#$Jb&m$8-$1V5~p`dvUtb3V3dLcelv7f&k#0*xwDSY%y#jq_$%koV~OwzRO0_pRJb-jP=IX zcx*jPG=oKXT=GBmMaNc*%J3!(3uF_DfFD=dF=*pa;DATzDA~b$((@Tn>ErNapjIQcoLuOE*tXD~ckqIe(vQaioHA>=|FsbY3&bD>o z?=k!{`ev#AEP&_4Arjf~f#ZF(Gr=W#A7gZTD!M?UWL`x$EiJ9aXP=e5A~y#(HM{>| zYL9|V7UW$7_F^}GQLWq5kn{Ba_Vx;{am5cB0Mgm1Q;WJ4N8Gqc5|=!5cg?bIXBkw# ze&6762DO8I_eRZ9KyWmoqf&Hcr?nRZg}FvX5PG>DnUZnA>FFZ~OSX=D&4L_&S4S(| zzYAEi{fqwCa}=_P|5hT4#F}Zx7sJn3A9Hdcp9kG)&3R|lJEhlFk2~V(9HhvRddiU+ zFwpkPW6Vik3->`%Z?*KHP@@Yg25T^ZGnkf|l;;wix3sU+>bckLtax#b&=mp)0jxeQ zf&eyRZQR|hE8>#^zDCBSq=EIr6$uvZa{QDj!H>PN9k@lJpA2%y2^Z6z2Fu1qqs{Hr4GeC*ZmQzr5_c*}f8|5P6BeH`idM-{r!D*2>Tpbr`I zEaciA$sCb&=#V5S8Y>N~Ez4@9*>qhr_mp%xu7I1TFJ~#jZ|v%u_FnxDn>ja* zs1YEJJj#>pPda-N4*a>3l^o zS3PeqI&ZJ*Z)*mAYdg%mlRn30MDmQfkUdI{_Bjz_2)Z1HvU1YmC9NYj74o#QNiku> zFE`V=M6%3$-wmsrb%mb+b*Ko(iJCWaR=G}wJVc%2CbnR+<{lZv ze660NZtp*p{HqrjNzc|l{nRn7q?+}9GAdL=f}eL~IJ+<)mxnP4gqcL6<*`Q|5208w zm6Y^@8FM@-V|ueao}C{-cvndYP=v85**eN#2z$3Gh?%&(z#6-hHBjZ$q6hWsFC%ZdjBu z3#-RAFtI_N3(%G#+avpga0b&$jmw+%Eh)%52srk;=lgm&3BIYdTNHTgo+9Zx?yf%a zr-NWsojr;)T1y#ZNtjd+lHQ~WVg)7q@^(l=$mz6@TfHr3k%p`XHmZi+zgbk|`_jMU z@lb7fz29xDNUkVH0nq0{R$B{PZ0ap1a>jS79$!p8(I-^3$iY^**VQ4gJZqMY#vc;&K+-7Q~I-5%d#S=o!nR#vP8o@L(hLH=G587@I zzv93*Uk1CBKzT4)ayibsMhjhjY3ghS$uG^+7@kG_-uZ4Hr)k_lwjUCx%)yjGx1`** z&@@%kUUH&IUh;w|W$`EAd3=C7Lb0y^bt8wII#-L*klJ=sKQG8G-bL^12KGvR1#l0b zMMgQ_$g64qdEk?xrZ!1z9wAXuf~hF2C-$4hKgud5{;t?P2!>ZX9lr!jgqNk0_flA# zWBL1;{j?iuL6~}DOPRs(8lie$W7sEDRRvBLu9s(uDFEfPPAG*dS6W5^*cloy z-(2HWS|$2oyh?|+G8<=xo;Z(|GWg(gZRkD@#|sVzC>3R%rbs@U&J4kLUtqvW2=%uYA2 zk6-WtXZJa8*<Nm9@ZeVM!9OhNYU$RA+TlA^HcIIof-2FA_;FTN@=I zZ4Nu{DHBFg?85J8zVv)M;^K8XuI(qJK0^`8 zf_KO#iCX3EQ~bO2+Y_C2K4@x+^u)N16F>)cSi3h-qT7Apc3y_qX4Y^V=!IAJRaB_h z^lmS$t;MW5#hz987OM5Gd8%2Cc5xF~9UQY%Zb$wQ`cO1%jo2x-g=ASXy;b23tpuMA za<(MtBI@EPZ5BU3+m<6qWFCCX8x5;e2l3v=xR)?#{dkyayl6?>T8>~i{Q$H717#to z(LWA5LxIqDvaTm;utJ@S-kWE@-M4@CVa3tV^xim?w8);3Ui>!gnp*?Xz^W_%!fB|M zmk-)j+Auv9#ZUR{{WpJ!)i_NO+rt&>5Oes^RI?QBx_kKUYYO^(za@63* z3OJ?y)_+V@gsLeV4AsDW0&`&q7USTVzLMd=}Wu17TPg}-9)ZpF_ z!8R>R7455XCYGW@O`S_#n2U%`3*UGQ4)V6$n;GoCfP9RvhEn>C!$b~Ux8IRzspblV z466W_k;@3lekkex44rlMXnM}-H8R{)?Gy^|y6UuDW56!_s9XIzHk#op+T(W=e}84| zt912-G{7!$b6?tA3zQnmcheO0@Nl0>_XIw%@Pr+ry*lvkiiPUhxtqvYLdke~`Xgf$ zBnn1_1>_XRGfD zw|$UbU_6D{tj0p;x5gXz@H9C$7xEZv)+xF;n-*r0Q%C}l;=5$@!U^RqWgoV0WJW{c zX_rCb6c)d^cdBoK3xw5h|#4Htw%figEyLEKz%Hsd~G{w7q@;?q{>pkpcc7@ zRVu`ZHp9-*#Mw+e6+JmXM7)1@qs~>N=Y&WrPZHY#LW$)BoNPDmBr+cs z2b`G1iDHLVZIdMQd4Cu_7Z=y!aJEWQPQBavyycW94ef1tE2z7Kg!pM`$Y3ex#MA=& zAo;dcXIx9#Sb>f1hCGtnDAD4#SCvum^`SPK)LzlkV3zqIf zW&OiI#Q5sg`mYx=jq6j!-P&~xmCjbY$hhM3F3yrBL=8flp_9k-tI4NUXMy(p`W#=M zQ!Vi?;RQ@B-{$oW?|2nGijk9awl{B@4jf#7M-wBqWzBKgI-=A#6QxwR&G7X&p!YM) zpiE*qV;j+tdYZ(W{I;A%PEQ&Y`*rYOao;L6!q=;z>rebNNfA!(Fr%WO=cTId&&@6O z5I#m|4^@VpsAeYIALE=>o>qK zp}%1c9-d;Uf_nt*H^^UKVxkt|_I5H`2RRj=UYNi@U1Dcxl?Nnwq69u0&4Ust9*@|B z4?GgIn7K$alije5_m!{`Wu{hXHrbsE$^PuP#2MVv@_Da6VeIpG+;i42BD^B_ld1@b zRr%TrWO^@kG@`np$kOqJQk)*tiXb$M+DVmv#K5zI3-^v90T4Ug-7%8-U8_w|6fJH@y0PTJdmaqdlOUO4jd}Ey77DU z*NFaSe2xkpwPf6G9<@TNT)j6=_dVdUDW*8E8SGut8yeT(7wz5iY%VuZ8&ZsK{&rVp zwGj5SO(98qBZ{tqTx51`=|&NKh^KaQ(G=deH>f;3NIZx+<3FU=F{KT=d%U;1E`4ME ze2ECYf$t-an)B#N{wlCBGJu*2ABEbyKRL|spmA0Pyzh};#BS>4Ex&!vzB|_`2L!kL zv7N;4t({$*U{sLv_Vq{pc`N&$xBl(u{R2QV{o|jJmdMQd?>$)3cMRn$dH2Tq|M|+z z{X+j~OrPFIhvEejC<6ejYw(SqLS^S)oQ)_CL(vDt3iw2Be!=-acUP%kPHMw=eJ>sU zoF{6P%m4c&?dT-uz50>=yioLiUf5H!I;qLUrn?BmrgCz9dGkiPxBmmFI}WI4=b>+E z)n)xq`7abHo|RI*o9iy6nE*f&Kx2IRKW?ZPV?ceAnXZWjLg4@$A6nP?=Mkd+^9Tc< z4c4f~O`shU@Ba>`RQ%8XvWRb@ivC%Zw#u_S)hRx2L4eh&W_viJq&nfqh_QT=hGO;m zN;8@OU^Yz&JuL(mj26noCh_EL9SpVh_Rht#209Jbrkh4nf&gq6*c9n*<^Rqh3*X8f z1_A;s1GhDb?N@pp4XdhD0|A=}{dA5Z0B)a4n_JM9i#9IOW?Lvw$qWJwC4nNh06XNa z5{x*sfvXm9?dl3T1^|EzfT99Zj3mzf?eI#shuUR!`^$AQ~uAEk|MBiD~Z5=tg zhSDf;T$$$K0@Q$dm+)s67IDrcdNeD;bi=T8_R{U6gQK4O=gw+cNxcbXm6iYrHrMHc zdNTp$XbsyQYc0?R-3b47J<_TCS7Uz{Q1IUc?0Kpqq-AHYKrGY=2rl0j4OUsB<*3S-D%|Jd2#pls!kOB_cFevit8>Xqn@CCAjCs{I%hKbyg?z9N%+nvDl61cf*5)(tGkk#(o+chT+BZ4l73+H%*ZS50g z93?wDcvfyn3Ek4vuNPy_c*+<=3-~PCf`X~m0Zblb|t;|4807P79!v}>KY1fHY9 zR=jnbQDvJIt!Rrv6u9>$7D)6a7U&O4x&sHC1%Ssb>rY5Vpq1Hx{chjW;X^)2V{iXn)|+;A*}tK$7pF7Wf(e$S%DJX%=HJmA3#|*3OOE85PEaI!#r!&@}f?ldSO;7w;Y?r9~|Dmr_NJ zu9UFoq3FtM={Wb-YTES6DH;MNvoPx)Rell;)}=?zNyMFU5prCQRfQIDr)XVkH%l4U z3oIUBo58E(SCzQ0{jaI6JK)TZxyudiS}~v_&#}wb$!EP2vEe@bcj;b9WU+L~FCAQo zbLlq3JB9?1ur1_y9n~s1%5f>u+Vi*1DgTiP(lTyt2-7|HZPq=nEymjZbfw(Wd9bVW z4Smt&12*oK^I9|H!Q-lhBe@MK=r5#^&V{p8$N6MQNG9Qu*t80)fRvSTM~{bc4- zp6#;{(=+gK0T^OuL^#=c`JRX>uU`h$+U*5`C1KrWzdGl2>ocz)GfA16toh1KA-h1>_1ci5);u1{nE!0bED zk7$QRr5f26g48o)kAl{&ZU>ha;f(41J>y+;3*(hS`Yer*bm4Tbf<#o-N20ru# z1_)5#q^VwAW&c^Lhe5ejd~c!|M!bipwIe8Z_v~+&kgP7zGz@E$de!e;LaBeXgWk_a zsQXXf`2P4xMb1a@DeRWKn|b&M5i7S1EPr`z6n6!uTgLusl!$BN_17G&{f{=c>{Cdt z14&_(v{q)HF3x!Tm?z3CJ-5b&8!@R>hPkBAUZ&($RT&?l3=oDS>}=?=&r~Hf3Db_W z=`(_u6d*}!OE5~OEvk>!^E});3?Mq4Bt}^}G4) zF+?538C54mzB1R&d5`I<20X}>S6c>XNgzte&li0m(Qun6vPI~St~?Vf;d1C<%k;&v z>O}A-r11ur@0TxWGpyfe-f9j95<+isU04{ANh$__48PRpOw>j&89g-*jMxRSou60t zGJ8d1g<9z^l@1cz#&%xWtg3pKArvybNAlYAUMaX`lXBE=ZwZk|v1y+UR7U*jo?*xE zxeniC{_4vpaJ?82jaNbwV?iwkk11WLSSQD%q55)8qAaj$>P zmJf)Dn)bTSSO;&ZcY1~)CJb6q2rie<=km`i>q;1rC$&vbzczWMpaS|I3s7AR`;FK1 z#axkop|LcA95d5QM`Qm@*bV`#Uqwq5wEo*#kJ1yneUfM* z*{0&S)gQjOX%#iqK@p-;t)XAzYofdY!VPv-y+nE)%sk)LLw;G$!^!0v`$CJ#6RP@= zrrx!}PVD+R@T2DO72TSIwq}@!;cg`qe`l<)EB-mPiY6njkj%zpG(^EM@qyWo=JYFt z%UKRD8{^$hk|ulF002^J0OKOS!p|dPSJI9B581t*RYjbo?hkc7CUZ${fpellBEJ5B zE0u?e=>CXTV~PvgdTsyhWXP4Nlx;oh3PqzoH4166UFd{HV0F)1@$IQFn-BmCBC-0Ziyeao+XHm+1rzX_8K|MX`oK=G%CVrk$vON7U z=T$dD03gGr6H|^+sfJ#a=9BJ%f9W)cef2}!n!zh%jZV=bg!Hs4%e9A zNsiy=XZHbDc>T78X_1q#EeYXt`oxd+PZQ^(hi-Mqu(|5IgTt>O52H#-dGt$#LhHc? zH2=f`)IE?)uWhf)f6TwflTsU)=qn7=1nYGxvb_iRjF`mntIvE1OoD)U`OH4O}l-W9x0_dZ0nXL#LYp=yTt7mYXdGJgf^>!{+A zlL?+`#LlNljy>AgKG={EY8(V2JBmQJ)S-9dyXX}dn=PqXzmmAYedfzDD ziLP)&F>QM?)DRD5blDVDpH@cqVbLIA$OFVayAX;^50vEr?LmG5*7MOjw_6(|vUNMS zl~5%vhD%~@Y%L_+u82J+?x+1$l9YX|?_Ztw-C}T;uoK;Uv1^;+dQ-m8GYMM}P6*Jy zWk5$aGt4jgK`3wtuA@FNf}hUa`yKD{LWDM}B6E)7b+6}UsU3rv*tE&+S0EmUT1ADD zPjGjsVIqsP;?L=?;RJ&1%Io|eM1EQO8wT1nXZUb3Q_>EFU{~0*4a>Sb8~yN0)EAoN z6Q(=ax}(f(aklq3%v_5r_a$R4#h#KeI-$WtBOO+o&Lc98zA-xP8J*(emxrb33*h@k zX$n?z7Epouw=%92M=mePBHd}CW5Dp)hd*PS!^wD7x5lh=8@;CHGNhl5{ZtlX)2)`4 zlnkm9i{#2z&J0QsKqS|-e&gzCZS}u<-|K`&1@o2V=(k7A>cb75u0Y7)$0{fgybvPo z&?8T~KF8-~rG~ZX;};N~uCsSjqY-F#pgjS&zp^>~!>$B!+@1)V`g$uozk3S^l9;V`k51;ZTi)Evb7q

    I#H*>=c359GRL>dOZ2+McVYsLxLuDsl9o56_#VQeQlY}J>!CW zcJr%SvAq?xb2;*Ds%hh;{jAK}Dd=7NwbYvs0~HsyyALir9%hu(3H=F1j3gdsjM=OY z-lTP+4;m}TLG;K@sDePkQ&1b7ydZ|P&almqjgiwApZ)y-|7DD_@%0(@drpv|8 z@fGglW9RI1jZDqGxG}gxVhsN^`>VxrLlgQ*<|qRH9QvBYrGHKQ8!aAWIhMb+_W+1# z`#4{}x%a>}vDun8d5$6=~AT7hkUviHi^Y=gLaevLLyZ-3&@(a$WR*PWNh~_Cg zPS0Cp+h_bt^Yq`qNv?k`Fu8f}O^dO}{x&NAS7Bv8=YB*BS>z)6Z(RMKM;^W(0{ru4 zYl-CYS|o4m2U&Jlqy5m_aym#_>$6s zgObK72l7p!Fu50kEyH(t`Mb1P69Fg3oAMBSlBIW;Nn>oh{6B9sgNexpme0~!r@M#h zAH>+$u&5;xito_^4yfig+-EO;+)|P<^tLH@`Hw;MN3ukg{gfRdv{9VgFuu*M^xRta zyE6+g#J3wk>k0hp%LxyE(0CAycyb?tz5Q7ocxC@hjq-rQS= z@Z=)k3f})|S%pj<+4Qeb`e7j#QtH{OSN$xwzCj#Ky6X)4&x07{OBsl7;g*Y1bw8Ow zpq1spN!Wg3Ilpr#vKHkKaUTTtX3xfo-4A3HvjDYYxe@zcA zD_V=G=fF|C>+kopt{j%yTwK4tlV(W8CqJVm82`MT+G6Uvb$Yp8-!E@AY<4=vnb|kJ zQI4ST!|m1&=%mP_68zPcQ4i?~+yESFA>&7yaLa9;ST%3bFUE?W`6mC~qD>|>#p zxSM49{qPriS@>M%e0DBtx?E8C?<=`}TBF8*H+pD2s_nBALtez3PIR>rZm464W|O3} z(dOCGuVbh2iI6LtA1OECRmMRjJ-p-Y?CGf-#v+GL@pZn%){8uCwY=*v0f9gDIduhu zLf`s+!qvL>KzClWoV&=(L~4wN1d0q7B;b$oxeOaIok@WgT~~FjXfoa{7BMLHCFS>l z!O-x}CiBCGt&DcpKkPX3a2wI-%}<_6v|PQ+sqD*?9m)AF)3JkyiZHxq0imxw@;x2}2`T!Y2fH}UZG5v6(~ z`b%rWZig|Az9BN{whEUV-7**b%=|1H)t%~_yK$(qO&@c2w01Ix7=LdyABK#19aa<3 zyv}`>Q=+X9#>1KTak}?-J{6oAU17|_LZM)WarqSL$kS@eJXa9aA_v5lCd`{QdiFXv zJ?6A~`)!EofZ=$^Pk#C%%DEJm#2=@DHQw0nS%)P;e0u`ZX%E!!icL)RU8!&QV#J{> z9E@*m!O|`FjX1V#xS2B`si}3-0JZmoo+#jucM9bg}W%%X%NS*TZFS zE%b(2OqK6YRmy0QLAas!su=iLV>9oB$cV3!W>Z2;r&l649KsnFYC^5jGEwMT?n}Fm+Q>N! zVJmtHO9$hR>baqhBP48Jl>VU0P&wuBG-sfE!V`PPV1LQp(PLbvX=mwrrtUi7=e}^n z3VZRhJ_o}Qy`(!<&O${3?fujrDzqzfd`^3MVML+IfQ#z=_JD=#5C(w%KY-;50!&v@(uyQUfpRj+5 zIQLpu*!Q}<2HJf|{ik-oIFPyl+vQcEBIvLoi zX+s^}u|Z~@YRK}~>D2g);C1VF&esF+Rb#_H2S6YUj8F4MpU2(MQG<(B^sR?RQ%&)@ z=`DP7WBSiz;8mV+Fowtk zuNvKBp^2h)pSKi`Xs6{g%xxTuv5PJetl~{XPgSvPteLz74H(dCJSCHAHr`rzK70zk zUa%Yjm2_{_$MBc|n~|fG9wdCMov@MxB{qf9DXRxvPc(bo!ob+r*6saWsp<~+_Y0S~ z>1}veXg2ByNiG_bzEo<*@0@Ck*u2_JEkZem1&m>g9FjZi)TqbqX#Q}My+if+i6#Kd z_XsK+%0gaQz-Cd|WM+X)LYOV55Wl=#^2Bc|n$tc=2LCD1^7zd&&&KjCLDApAn;tdk z&UqSMP|NV{mW@|7&?nE@7z@}24l3K>vy3M0_Y-pZof{t?PAEFEf|A$Si-Bi~5uTFD zd89UbA9XM`1`}Cj^~wsYylEtvY|brN-Crq+QPa*<=YvuD<5cs)TZ-dTg=>O*aG7u% z_4)?!)ibk`j;|3GJA*F+7wGkxyx!k|C7ujPnE6{#<*yc)@$d=^4;Dz!36vjuIOAaL z$>=4iPN?bCkG+dDAD(rcACV&zm(ge%k`nM8>?ld?Zs4wa@9dKnhpdu$)OFuIYC)z( z@S}{efCmP~plfPrfecB#h{J-@$EM>+^>%59(k#ltm`p@2YCHOZK5<9VSWk)cxVI zqPMjTF}yW$*F(MHLp$%LRP}XAaLs)7#H#SI!VOxkFwfV&F*kq1?xAL#H%a+zstW7|R@^cc9 z(b=(r)u%w37woh^W~`BledFU#V+;%ooX-g|UgTa}@S zuXM`w^P)26d)QDSKFyP^0!S#BWo;rWU+D{l+LMJDHF)`Kx+qUcd6xOLD;{{2Et+_3 z>bkgFf5P;s%<-+2T=Uc|a$LxML4|L6<`M9@*`!#dq+NiTg=~SVBaP{mPbE~4$z8{4 zTn0SPkTFH&YziUwZGG3hJ6Z0acNFl+d#JU(5srOUV?Tkl>x%Za1?4y=WuKy?->Pm| zX47NfyZJxlG0In2XCM9{wK7^w_eL%CCv8|V;^QZ7QH?Y9&txC=i9u?3RENGymj*3D zdsK$QlTuWw7sIdU(BSMiHS)2VMafA#ClkfMZFt9z@dJBzP=AQDyCUJRbdy{oA%^RG zMi)c}69eN|(Uo;@98}K3&mup}(r`VO1dY}3nK`43H{CsdgF3%soX+zCorn zv9ct7#5<~-T3MWG1ow9QcJ`{#X(CacJdKNG(6$ ztNrB4W~qeTBguh|u=^So*vM8`Sy^c_#(^>W+4mAHg+7891PX>JdiK5QLZ2`oi+5Yi zW@5g#t4|b!_ApkxWWAujTYVS~g{73d)fk≫~P<=IbtZ>WY19q&+T3eZzFoUV)Te zHN)tO$Z&)0@KqO;cl~tQaYy;H=Z*LUmhqi;Y^ktBpQOPS*+kL@2J*JYo*fGzf+5-J zH1tenB@z~5bO6JM*5NvqDkwiXsVX==gt&9fjc41x-I^{>gFh{;1j7)P?Y$lc*^ZrG z_4%a$qP%Id+(N6Q(!sG}*q&x193=rKuK^istGx&VTQua+j=w5fmQlWuncoS$(2xda2&O z1N}Ez=c+(*Lb&$4V) zeCpT4r=t@WM`w&<;{w+ymj#WN$L!is=)}mi`vo}Phm=;y}1!-lhlVOhw*MOS9uJXjiyV12;D8+D2EN@`x5PBjykoqP_DQ98=WDHFVa$?a8*xmz zd*sQ_Q6vAbN>D%XC*M3PS1F+=#wdg{?Q@kC3eT!LXl@Q0YW}z{Hm-L)ihHCVxYGDR z`LPmROPjn=LJHV}W_Gsew%STx@Jdt(6cc~#fS(bkW8OjTgmxd9ll?@xfu-q~s10K1 zGppkx%%?(;<(&gsm?g_>b4g&YmZeb58aj?u;ME#mc6luu8SS)xM7)}1&S~1_rRMB> z^irN4M)HmU+KC7QXJc8Q55%!$I@9kGYpqjUSk4I!ZMO0s6o&FaDX6cN{Nl3H*}P$! z`#FAB5j3Ofsgl*>);+`PX@SFx{yYK7>zi{oIsQc9nq}+DU}C!nkrTAL{Pn!_sSl%Z zCA4Au2J1K5^?gFWn9AMG)j|*qQJa&RJLmi!@N1VOHS8l1T&pvq&=6Lx>= zflTDvwM%(MF}4JQ)hIr1M@e@lg(jPbU__nMq@&6(Z0KWwE6pi zm*t&-qsCc%jfaGUOykY=>}}gEv6(8rVXskFAchs&L6nlKW-1Ao+jnnS8EzancDCW= z?@ka}{jwsP({5AB=4hzj7ZVb~96SAf&)1@QOdcBm&)_494mq^70ENl)N>W;CM%T{V zwppT_CL#>!{v~9~>rSeIt)UGNl_T8z=St>v6r-Lk2U})ZJLH!UW8oK3Ar}^Dgynsf#U3^@9B|-?cPIzWjC7@(2Z8 zuMW!n?GP7WX>dOk;t1pguNKSTw3Zz`ARQbfZ#o#Y+7s(mp&+%Z9ad%jVV>7(tl13) z+GWYbABQt#3&=g(BNY;&%x8y|Ktd) zl+&cQ3-S6rGuq3qYLzH<-J7@hl#Gre_V$~8T$xZxo=IU#Vo$@uLiGP{ea%3rgJ9O^q= z`cgoKfQI20KV{Z^RPG`}*e;yLb1W?LnO!r=zpW6w2xj7)lMBd?SKA)laP>+EJKe47 z2+>>lwe-~oQox#Iy~Cmm$x6Uux}wG`B5jOA4vmWsZ;qZvxJURqK(qMt{H@k;!M`;5AD z#Qf7?3$!%|pCDS| zAuX&kZ9kKrPPWc8s8k5b9qj1K5tfM2H;M9q=vYx8SN<<~dQZb(E8xkWHLes?T6B}j z-!xBV;V!s)CY0V=sobA(P0>yY55t7OJOBGy5DkMaxVKNNDQ{?>`jZr?3jMA_ES{m78O=)1=5y=QkQ|LU7 zN4caMn@K3Qt)3ik*~)IzLw37L>R97&Lk$-zb1IE4NwbM5I$V}cM1kT1Yktd zl%tPkUUVzyMsuF$_hk>f4fqp)J_#Axg*Odv2hYc|Ty1)}yRB}0@-tGxK;kLnX%1w% zdvv1EM;eI$!EAaDzT33CIJ3Z%Gvxfd6JXODx5mytd=O~DsymNB>BUk#l8*FmpL85e zc<8$^;6d6sPHtTcj9;w24LF$Gs&)fEzOPL|=Cb{0 zX_WMpz)!96{7^w{xYEo8iXYrlSh;NA?4G#l*LZyfm%BcJh_-yQu8;7hD-KWJxA*>2VMFEQr5 zwR{ob*$5LJEQ1;Qmr;NzC<=A0-@^3?^uN7@Cdmh#0DCthJd6%)?Sx#jupz*$?z8-Z7&Hmh_Z2@DB0 z)%b6s*CcFRDS9WXoVVV1GLrEl&J{@=Wned4TWje#-Iayoe#$9B3u~HvBu_Os=2OW! zbs@ttVEg6!^a0{-RtX1M@1v|66Vjeh6Y%UDZ;wlpjzx9ID&mvF=iaM4Dim-(&v!PU zu(J8_gcTf|vTA^ZbhIWR;%dyTvQtaZ9m*d@yr%*(UqqU=1Jl~X~m*ZNrW_W4qaXo9Z5A_I*PiHm) zJw(wqF}t%W77lImKL)Mv1C3;?+v*VCogExXnkPQByFj|W5nRD9GNk*5RuKguN5kOz z=+M#eyZTudJUPQ{#)sU%i>AMXRclI@6xHHdz(-;DOxBBxTcFYQKAYe5&UU58B*_|h zxK2Tw)8^!sAp2FILt=PJ)m#v2?DDdiNx$YMGZZVEmkCw~zH*j1OXeKVi^W;nbCn;8 zG@)H5*3}SX7shmRS9%q<=c|Hd=PB(tiqDaL%G{KFz7mGU`yce~jpM;$cL<8^%XQs# z_|SPL+O=V>a3US9eK*Glg1TIJVeEKhRz4zw5uOF%mgW>F`^Gj)RUYikvrEjPQ2VL| z(UQ3dkGz^f;EJiKS@4L?kodmN4adHOL zS@-yS$nqHtAtB*mJ4-Wo#R##s%{<#;@`$=uy_QWy)#oaPn+i>etUZQQ^{2wae_Nic z^_6bTpyb-khc8XG@h{zSq4<2`+>>SLQ=t;_%3T64YWu68GQTQ#>+^~1wLHG|js{*u z_Mtt3elN*Q;d4rCrq(jOGVh<&N*%i;yOPWwy0VxUf2ZEQq`~9}kLdH;a}Hy6TIwd? zlzjFy-^Dd>$({4X39$=xn#xTKTsp^}O|>rRZ4)34-stIZL|4z1KM)(Y(4Gz9=z>6F zRpNc)x1PLJ^tc&#QU#yzr+>$WffQr5F3>OMuiI=*827;7K#2{OL+p+ zHi@oYDfp{Q$duRdN4?O4)J4C&n6XEu7hNiT^bsmVp8Y?(3F74m7rn4MhsyUP+F3y@ JtIcmd_z#T~-zWe8 literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-weakness-name.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-weakness-name.png new file mode 100644 index 0000000000000000000000000000000000000000..ac2610fdaa0454b08bdb5ee2f302420f0c04f3b2 GIT binary patch literal 38643 zcmeFZXH-+&7bhGmiUJ}{KtQC2CcT4FrAzN1A~kdfy;u;GD!um-TIjus2uSaQ-g`(w z3!yX7=h6RvKFpf6=AE_PFLM?ow{Y*-ckg}n+2^-^moKkW`qGNkIw zD-LZ|$2&N?Be;-6Xcb*!5BYf}p?#K1JKx+;qg0JVAfpn^Mx>+%r9MSUYCua8E zQS#ih?*V@ErLZP$Z$vfB*n6;#)w5p!1m(vMYNy4D_N%e?EWqrM+(GS22Tgf-vV44e z&Vr8%OG=JBClPK_2sbS)t#13;UW>|t!or>d9xkrEU}G`>pw90iqgv#jTm1UWKodT` z{&)9@;LX3=&mHglXZvQ*-)(^O|IHJdCf(c}ozmXaJp4LUZV`WbdDmNb(q=kk6UG~0 zTYk6n=W^|v0&Y~q(cM+Q%7R(dW?Vb}5nWE@nQp}Yd`TvYR zHtqp?ka;8Livf=^No~dY+PS(GT!I2{$u_QDjfFL0W+p~Qn>IP;E444l)i-Hn^4KRD zsi*w0@oUUi?T-`L87dmW?;?pa^V1`SR=b#hB^pE}=vhDW(6l^o8k%ATDDIoB9lFC9 z%cilDQ=L}0x7Ap+EMD+>PQAH-Rwqt_EH|8yLF}2Ls(4z4{R_XrjGk=I(`PQwzLPU^ zF}eb&{O>60%wZyp*paTm4-v82YYzT$>&lIy7-=eH+z4b*%$HHV2GyUr&((GXw(j_I>MdigeM zt6y$-Gg)~+M4OXQz;4c1t-HAKIoq6IkBHhSdw03x(6?iIkJ-I^!u#ZWRZToyTWdHM zN)e?@R+lrZu_JShrElQ2VM?VU%7qBc0^FLo!q;$|q%w<-7DspK`zpHkPwxc|y~3p~ zdwx&W?Z9O2GPkeN(rP#@WWIt&d(9%3Ww7Bnic`6OgnC-D#-i|Y5E$a4{Y6wKvmyd! zGu#EL=0Fd6t?aenI?=e#7L#X_0k2YgQp*c>%!-W9hwp?TiKY%4;wNbgy1B!WtF$Mk z-3P#}A6Gho1wrX$gnu3%04+5CAoYp4(Bwna9Mw?l_P32#ia9!I_1xk(b=7`Ti3oM+ zpquh2!F%Cko4b1~xG3OOg4V6HBs)H4#_!(2E}mXahmR9MLB_Hh`&FA?bckzA8?L7> zjTM3qv{^hyi)ACqV~a=pEy$miQxl;#HUf)U9u>cyy1$m*xapp5H+WB9=b5A`<{)jX z!L+awTEROzQ%s)Zy`c@QH`e^)a`K3EWv?Og-`G{+Qf;xk|Jfvi z>LBM+I~mXTccf6L9rn&g4qHQuA0kHSJ~LS0TGH z(lr6&+BYsqffE!}uN+#>4F?1GI+CWC$`p6IDn#`o-gbMY>*RT~LTp#(g&3^-judh| zEX?kmH!y^7zfrGNLBr68P+D{i0lw3U>&sBDqP&RDopgnMt( zrn$0lWF~Uap5o|-i~iLTwXgcC;_q2+NJw{vPZ#PTaq7a0h3>qkV6xd#W*!8t$(CnSg@#o4jSq2dR#v>tV?D^v^ght$7jNGB zspsXDAm8>PO7bc1=`f49MroXm7ZU(|vhp%Asot@{9nld^NFnAHiutyJ^A-)8GqOk| zsCT;=)HCJ~x*k!wF<30ST_f$^BR-oqYgY20R!ZO#L2_1NdqUp7s%>!WDJJg(u=u@q zBd)*v(v+|JNv4taN<|)5Yx(QVK~uOJEIbZa?* zCz=_srTaFNc=ttetz@8QTDqFW-*;{~n|S$nHCR@eF2amxUGhW%l!ts^&p%RaAz?6Y z3A*%M7eBMcq-EmGkd?2V{u3`t%sb2E3-o}zDzPkBQ}hrGR17sn zi@lGna2uzH)#fN_%shU};HKWo%|3*mzNID=%k7zE$-1z8sX_%Bg8NIozmFduYU)UYf)8TO^oZoBIyr~%rS3dR zz)d9chI~w2#y3v(noAS+Few^})M$Q@U)|)UTpDGbHZ|FsV~s#k{Q2k2cDFPI z=$i0(B8E&xofGw_b+<99NsC~uU}r2|xT(u%NZW~UzTx!rvnisTu`JeRZtU#v<*EJ} zH8h6!sYdA?h6|fu#t7wCE5qrd@5SoH;YVPePg_SBid(PP$B}3PR!zS{b&Acr;lb9N z80zZaLEYG7baCh0RT=j_D@P`h;fSfO)S`vIdEgLQqd{tCBCbpq)IZ#4@|F6ZT+#3# z)KudMU6)TDYxVYLrvRgF4u>*+dNp=26Rp*s)9>?2J)+?T--+ZzU*xMw2!HalGZQ^TX=uDHth%J3#Ulh`5r3(31ZClFNQyjAu{r z2%abIs*dxlLwcn3iX>EId$z_R7asebk|Mp3_jOx?(2qJJZ`0-5uF4bVm?JC67QLdY zsNC5o+`&7lsjTA-ka(a?uZzO=WK2W+eEOoX#-S|IQLm;oyV{?t@w!1gkC4}%y902$ znFZJ3%Oc4?J_&7qz|SJi_RfFEU0Ek7oe6WNkyyv^?Gz&QbmUR-33k|La^1tbrF?u@ zj32_yI4)+{p)=vN?HHFm zRKZKjss*poj`(q0LPeh5qR4YLHfreG#sF9>9QiMVk)3ST-KRewfdTm8E z36`^2Px|85LwU!K92@Ikp>cTlBzbq*e@x#x@tjBFt$6pWYSbos%_Hz2`v=XS?N6AH z-3v3ioYIFuk7^=Xv#bY8V%HK(r+ZyUDv)|b^$zvzlF0)Ul_krM5n|iL4kBp~vW@14 zLsn9?i*;Rm{!O$>A}!iHao(k+_218OkIyZ&k;`(i<#UC&n7f5`g`yUbo+sRP?y75! zKm*PJlcMu%l8X9|V_%xX>SS1IYQEcLk@h`uKo5KN2-(M zmvd;;IhP97YqFam#K*k3d-tlcu~SW2kZG0a?-kXV_(&i4RI^;DpJ_Hkbs?98{lRO! zI5}3gDEHMlY|4a=XaMzLr}eRxxCHa+i2z%mnHB6+9oeIFxN^UGrX{pPl%0Ya8v0NI zhx~(LF1|$-Ex@ot-?dPkMK@A{hNC&&$Wm3|t#m5)hHwxF6zitp?25=>k(MXQ`&s2u zZ3%7bN$oxSIbaTM{F;=@5S8-^9g1XJYg}$~@zm$twr6*S!H2Zl8YTl4Idz>{ePy#H zUXC`FL- zBGHlH-j$zjhn(1186RbUh`nr&~E~C4_Am~-`KXL1Mh-1m%2F0C4 zeR#>9AW)Mfn#o4(QokO;idR`qVFES*t)zv|jqoUa-WEqkOVRxFL8) zx8Go=%i!}c-ovUwI!Mk-jAz(rv#|=~2nZvZR<@f5$Fm*G$~o*(6p+Y#N%Jn}7%et| z>3oN0P~9kEME(JCo!u2_A*+_x{{(}y=-5aRL$q|u5!jX5l`ta>x*GB06k|7A2`Awo@^(`@cR zq89_`5T&zyu~UoIO<&A|VSVWE(UOmyS3RoM$2gfv#AKvw8in_dCJjIO!0LNdX^JP; zs+q>Bn6n3BG9wjKz+(OSn?~-Xnbr!)9qvg3CsTLszqbdP@~0eiaO$S>aK zzWB~mc=|c4{U)F)?H33%Je~TFFn|()%N946c%jGm=^I!KsIZ_QvVG|l7+gKrjzxd$ zYl{jC72Fz)_>+~ffKXccmoHy*4jV#&{1EGWCcpt5HcK7DA6JMwDZZ$<8yLW&qUKlTD1Q<|>x^cS3~e4Kid)DZqUT@To2 zoG~3wl-|H>7uTEYyFJ-2w}l}fs0f~I zeRU*Z1mIl}E*<_qA@N=B;@Pw12LOPf$)i7AV-@sn5qs!QYx{$oVGsN_=JnwJ&l6u= zr9kfgO8Bih_mIGU$R7eJIz2y`Kq`db+AJ7LD5~oGK>5L@jjjPQw5ps0ABRsM|3&E> zoA)r)$&GzWj>n><1qEu#%3+W3g9?j^e5tWE$Npe#UNM8Hn6fP_EZjd=Qc`Nlf-%UW z+&3NPJ_XvpK+M21T{iR^DFJ{g+&ti|e*_t#hk>k^jTT_H0ng3u{Hx(#r^-72RpGlh zqO>#U>HY0Z0}n5hZbq=G&SZ-ozV)gs|2Sm1h1mTtf)}07m^E?JY0k zOXMG1Str!EuHTuPE{6yUJ;rs3k3EVBSJ0xdEPNhSrC%%ac%nQFS>_ZR?sJ~;9a%W; zc9kZ4_JUJqMiHFlkp@vt=OZ0l1sZCkoWWiuVJ`r4j6~kYI=jSQ|IRQUPs|!y3-yl4 zfDc!GlDmWo<%k>cd&#nZ2PNsdT7PbAztj^Rn3H?^2{#@#xlo9R2L5$m!VLM_~68*tS9k;?kUA9W)cpCP&)S z2!oJYN@uQ9`L=m1w*VQ&c32P3t`_-c+ye|9&V3Q<94>;7#Row)Hkuk5bV2Qz+uJtj zL38%;bM`t~TCqEBjkf&B*byKqK}1AUx(Sva5wV*#+;idAnKccvKg$WLVB#}&zi*Ow z9nb$p3fZw+sJ&R7nnH(#-Q@4o>eh5f#y?+4Ws9m<57y(535#8g!EAcMrde zfQq-k`BPKTAJmbHsB*(rXTE_y{4q#f;6=WiF3270=!Q(XE4%vYYQSDD1E^$jkD`K> z8Uo@6{?wz;qjh$tD$dKeDA1UxwbYY{7jq1fS2SczC;zvnZI4207qymVE3kr9drOmn68jHgY_vD_yHb zD+;Jp2GmMqK;EdaMy?da>Uf?s%p?Kb#fv7-bc*_PJ+PP;mo;~K;YP-7q=RAsM(m9b zR3VOqzrPr_8v_=$mKGB2xj4MFxdHdWU1B`Y2sFZxnL5USvY5rHgZi*w7|8Kx=5J)|brLV_{!U>66&`Et#g$lU!@$9xO_+aRLRi{8j$@ z)!qeG4QS?St#M0;$lY2QgrjoDMt7@+2Kp|syAl0 zH#1LAKfP2c)><1#I}b;T{Nr;J*2F2HWCwP5Ra@GHeP^lQR7lTg2v>m@ zCP9Y0Qw`KPY)U<#<{x5gQnWxX!^*#8+N{59vtd{;Att1IVU`7U*uK{zW}n}BP7tUjmQZaPgUzsBp>bWRPa%w@#X%s_;arrAFGO5xV|bn@nW+SkL8Hb#T;< zZPzNB>seDIJ%CQ;Xg1eX&U!j5cu$PuU@jU11L$pjl=j4G*n&wktxyA^40sA(?Oc)$ zsOx&f=y=0a68Y#XGPx`Bw&oM8(Ei6HdIR-GRD;7I1viK(M^&ZL4T~yV=1Ko%$9;9gd%8a1?ASp3;nCI&%i*vyh(Xb?)fK*ZLh17ruEBH z*MUO!jmFcjy9%i_VO;{3o{nhqX>M~4KkN-pt!LBO3Yql~=jROl!$&J%IWKMd^z2DU zB`ECh;Hn<#O^}Le%e*_hEpe{b+~AtD0WLZ}BoX6oO2>HF&BI0(HU?av*c6tK2&y|s zr#!=Y?mJI$(w9=%bM8|JM^ok2qx4cW68H~W{+&Glixd;UwoG(CSylciIlDivdRyTB zjV}Aq9B_K!?p%TJ#koj@reck1y!9-o&1pU+-Ztmy}4x&3Oy1#U#1d6`{d>|85OJ6DCxk=a768@ z5Eq~e&t3?SZ94lFRs2@}+`P9g#>H}oMTRvvSWCA`QSo+_)+)-vS~tIS&_F7kJQ-J8 zteCHD6s`869JkUB+OtN$x}t&E4vL&jzXSmO;R0OF3;YvBut9o8pFz-;@?qBEK3!qm zrU7+)Ouqe#C}gPms!&mQN}Pg(w_FYFM-sB9EcwZ@=RlbnF;YD#x|ktWom{!ximV$+ z$Bl`?XV_XbwMg*?EWn0a(5jrhdrUlcInSY2m^;#%NOHCK8Vveg{exhq=<5>}dQnNI z6FJQi^))*|=($#e&1^sr+CPqLGsuK0-dkxl_gW^umve!Pu=weiDD-r>Iscx z6?jlruhCKrrdkaxqlanAfG~;{2aOoVqmT9K7e@A^Zi_6q)B47WO82l=o{D*Y+un*s zhDKSt1g=}GbyIv(oSfWv5k;I@{G%jF@(d_Gf0l+95gd&eBGkHxQ5$(#w9iHog?NX1 z6sp$qe4(sneh^B(B33L|Wio*U^WEJi6qSMxstA47-)TcsN9)wgurQLQ=luGV4#q`C zr(?pE{oF0@az%$x9?y6FoJDIsFl2rZgdwDGS&&(y5ni4~ZTQ~!*TCQSO0*^fcZ7wF z{O85AN7L{|&lELMUdX=t@Nv$JSUFgsLHQoRdI88OX4x27P|1nXYRhnD@hg;MXf>6j zTDt3%vGSNC25({tvm8^!wMa+#AeW_A$3{25yjW5$G&xqtYpFI@VSc|R4Y`@ZJ?v1W z$v#D24SKHwblwMIE2?9)yUozxnWS7DCcNRA1=Ls+tui^(o#YO(D8MAw8VwM zXOw3>O-tB7>XUqFhDEV$)E&K8K9C5wR#`L|WCaghPn2V{ws54AyD6Za8Ln=Ac?6zo zIs`)r2;$5=tF#5yb~UE-kA3R%-iAlAynOFJzfDriX!4g;0!x_CTY1$MoRU;BY{EW9 zRK!-n_iA(uRQJIhss182XWKb(!AmDk4O^rqrjDiu9l=k_KqfLb6N$$MpB}7>cE}_o z4aMJKP`;x!kZug?+M|n^m5-7fgX+BR=>g_$E0F9AfF!*c(T}4bb~B1vQ$vSY8$hio zF6r7&FNIrl>N`49J$qR4W8P{^O%P~0>U==rq8CCXu7nLR;Yr`4V_SWbU2Jr+GhY3I zp-)=F)RAQUk4a!atO~3`6&6%r+o@)}-}(00>8p}8U7t_b$amQ+EXdB1X6A=a^<361 z9S^&;sMoqT8PUE_Kd}@7KHFjaIR`g{l|40BCzu8@2tVCD@HZ%^tX>eoLlU3(g}u++ z=G+X*TnDmJ=9IS#Kh;RIzUpEUgLET__>VmgFo|3&Ho6ABDU}N+LgE$^(*#OhPg?Gl z()|fgumo*fdlSD-I%bf_|?J9~@qT}c_-_jO^ zlSUaMf9l-VzZeE(`v-FQ4yAeEjxkP|oiuwV*cK%7z(rFn5(;^kG86GO2%b9}2L0*| z#toNO?}2IS`Nw7m>U)PeSbC8Mi4o&56{(e>R{Gsx!c11&Vqy8g#Es#yVB$F zV6hh;3wzDeE;1$#FGKiM?K0Io_>1~l6~`B7CJRqKmXx!&{7!jx+y4(qW7YGYr2w$J zDD&VjZ(X>gh0V$FdSD=bta+}rm1NbMpnh$?Ly%X}&>y_*own02VCx%S-XI$ZX}?Wo z=LeFs26Yj2gM6Xi59Qe5TXC7eNMo1H5q4j#?Dj&AZ>3-HfKHwP7RY({;14IwD)32v zGDW6St$^l6P8?gKN3Jjy`{E$fi2XOb)V)phzI=6Y1+DgW%GHg*rhcJO6G$8YARgxr zI0!JzvYB%}!<%+rtShFPfv2Ue|FOe6MMss6WO3Lr6<2gT+humMQo&oAvY(~&NLTlLTAvbhko>;_}#jSn{ zJU4%u#y`?m`0Vkv3(ZL1bmOmXC_#@(2>`pkKQwdyl{g8RV{|&qZez*3{b*hV;Wq8+ zys$yh3Q@@Ro08)4zfw48$&chaW>mJ{7E-9Fdf7caEU(_pjW?HAOeMog0(94{Q)HDD zW+Lua^*55A>HxZqhf%dCnaWfW>s2U8jVgO(Tjf4wu*}$)XOiz3eG1padWmz|!TZ2G zAe3D-ggd$#Th7X?V5Vc#BEONUQKaqTCXKz1{t|L9$6Ub;&Eyt!D63ZfltIguzsL|N zj4kg)$I{i88jzYZD}IuRi~_z@p)CHCOjP~mZ9ewlPv%?uEx>2P(rcDTt&W$l>bRYe zhOvT@8USEH?my@ZGU$cy9>%31!~Y;4h^(bTzBVBLKuluXfJ}jJyE%J$0?u#eyN;j! zuKa~wL2$pbm}-KiKv+AdJkavv=f`b5Eb`-# zebq^2d6Og$6}DrtSPF)FSQ2x8ibus{oS2DuCo{h|*r>nJ`H}&mP}ExZ^)vwJy2_SY zSA-@nzB|nzU$Jw9P|atpDynTN=g3h(8`nPNJGhHEc*TG(|Eh$(K+@a2XGn*|`E4+L z2;(X$>Wo9*t#mx#eI>^h7LP3kN#X`M^ZcM> z>o6?eq^+v<*uNr^FTm5YX7YmZMUOg zJ)dgc`%J$GTXItKA59$5PPoGfMkT)Bvr$LS#ovVxa3OApwpR_A*O4$RIJ9`&Z*}sP zeskMX>-dRW{E0qA2{FK;@HcD#{HH0qEak)%pKG5k%vGb@CB~PBC5D%+38w{`vj-eb zXxN23RH%}PC>jF7m0;(b>al7M3xCj#WOb~2$v#pz+0sk17GvdyfFh$}C%c7=HX7u6 zn>75=xIySOYCZSu&&AxKyR1`d6i&Le5+up}6=Md-#~pR{wT)w0q4FTOm>u?k_VVnJ zq*xA-_Yc#YD2)RjWV(4J+!Gr}e9INd8=?IP6(j)1=GT7%7h_%itb1#u-wBa2J_z2( zy6UFvH&)`ws!~t~kst1-u6a-x(@jJo!lInF6YJGZ0nOx^=W->QAO_{J0zy>@G*pzT zs3Yl>$0%h=(C4xxWBAy(uT%xk|AHOIaob@(PjhTqZiB4)B-4+Qb2NfUb0`NAh1G~= zbu=3#u%&6Uw^C~we6*d-$Q9}4a*M19#F76rmZ9)An7nw>RbF8zVC-gl%bVu%S;t>& zzs;SBq>(Xgmy$Le#An=Z_o;NyHVT0Vklj`ZT1O z^|u35x2>Jesr(2;%)~P6rf{mcFqDYiT6oS`U8BQz ze)$)Q^f4nU&fboto}wu9XsgZnM(nBdNPd~LU1)3bUOO<{dgi^ld73c9_sC|$Tl$5< zsp)5nE_&-95jR9H{I9g^f?KWYRL+pXd#_T2aVF`1tKys1O1f5so1KA!6|+2IMp1_8 zk_CNU%R0es2n?B560lYv%%lY@0`K4t#`qO`y5Mide(!|qFPLPnR#gs^4Q+xNodr@} zAp_ApDYH5b>@AQ98mwJr4rnN4@hQU3HbHBCRcawY^96RL^QD`~NiKX=V9Riui?kaQ zSA*M(j}KGvH&COibORZ~I@QisU|IRtk56=%-bC zJ%_jZU+Ymr%5Bh-anOm?BQ@;(<=+U0SKH^xW;J zW}4;2gzH!CDf=NZj{0}zc4U&Ba<$-+CxmttJ|&(IPTo`M0^edj|JtZIs)e|Z5=zLKd^ z5}123HCX7;enzo3rl-1FX@|Z>5`ieOYBxoAxxoxZk;9+U!D?MK&eWJ;Qf2=g&>(Z= zvP4XwhlRsLY~#95Np5`*FX~}fjwj{@+YhZ@RHB(O0oX61FI!SufH^6@y}yrvW1EpgwqZ&RXbYf)f+OWvVQD_Qpb z@alZY(5tBFg~Bw6R=I4yhsP(XmvG6&*gr5DpyVNxS8EGzo7}&sGa_Pq)#NY^yw=-u z|8>vEW;q5{34u;8_^@1*!JC|f8r};Oxe$fdw6w~aT3a^XD#u3ARGjg2@Waxkj3>%1 zxkZd}7`3a>lO8twCru)!x!i-^0voc28dqQA5OD>*ioCk)@cAqCNws#qIme=-Ie&)` z%)iD00DSzbRU99ky~A%t&Dl;TxnBBY6Up6AZbp6G3J;8^+wE6dE14s<&mR&GDw4Zx8d!5zda^Yz|PhcSK$g(&)jq{%s@H_&={4=WUIvovO zfkL~Bphcj|iwT~m&{% zO>Z__M)455%QXW@)Ubdj6{k59{%%TeJeig6$cfoB_6INjhz596bx9G_|0W*&Q6Tnw zQZLn&Y;IVFGgp?^^=s*5GFtugLH~&i!7Yl8lyhc-N<2D75eeelj@F%r$3jjd`D60! zKcA;ctWZ)=2(^rUyoKYMmuOiv&AAyHEjJF&w$s-?HG1Baa$fwh67OPrHnWiw1L_HA z_-ABcKi}88ef$+A^>-VPo;#E%O^Ew!PW;3|X-=LJnZAd%3-wGE$BlW-b+T&#LQF?C zN1{@%rWzaho1Zc7vZy$XV{cg$EPE~){)J$3#?OdvpzgqAZQ6tPt2Xeh*n(~4Rx|d zSh=B2)!RjQk=0CVf=fOroRrxqCj#C#B;W!``-`M&#>E?s@+0nEAkR$G;E@{r^W|p~ zd`%p)`5h7{$mS3w!>xi9)idk82z%b0QuRHF>*OxSMExxep9dl+8M>rlE19&y4?T-y zkH?C}@-~~mBN@tatz+p!jSiBAqE)$ z1-^5$*K9P98XFJl|-i>Ko z{8o{ChE{gXym13wWCTl(k?2b?POerSbkn%y*$;Oziu^ev#ZiZ&Knaud@f`^tHqZ^Z zMH_ID5>@C7pE?){{(bexiuOIh za3d~pYqi_~Zu88FF;#Z0-&C%ioxa3Xo;+H)^>In=6w2ycZU7ODq8UngPdI)2>frP} zEBi|^hgSJQ$5N19fp5A_k$-@9{_E;sRjt#phEcb* z;ScdJcW9!={w!Dj6wHW{NJPN#@o)b;ZaLZBjGRDXl~AW*DAKkx<=bQUTKApfYX^4x zXS||`&1#8c$g%um5%Y!>#_DMLGxrMQR0+$Vzh%B>wCrJhcH~5Z)$BR5-TCG_rkm3- zH8P3i8hle@i|^}tTzBS-Toe_nrK2>VLLH6cm1bG8u5km8f5Hx<1DAXSW(#xD>(X@6 z$7&F_yv~z>sRT9VL12K_eaJ5&S>`VI)efh~W*e^e7aj!PS2 z?L^GskW8$-7K?S5Fp!Dn9Y|$0K8CD|9hI+dt=v`}J}G|`MnHcK7k|llv3JkTtA|S1 z55i(?KwP=zCxhcCSn`nSJD<=_K6ixSki2|F`mnEv#J&dC%MetsS`}-N$cbJg@~pFZ z-V}XH%vdwW`{_fYQr~L+RPj7zNCcn9_GRsb=8FI9YZ8cm#IT}-aDlQ(Jxr%~Bu4d! zCC@txf~8sf+t`jiSGKtZUX$A<%+l$1vPkKcXpde=`|#2p!Oid8fE;;5mG)!-p*3OvM&S0}$ z25bVH+@FU{fCmSE{P@A@WrRgzPSMT(O>)RE72vJCCQF{hz}52y?g3uX zxBvT1&Hn>UZUwIM?@lqDun!ab>KJR~hBZgQZBc|u zh}|1pUHI#@((zw(vY8@H^IzOTRxYk`trG03l!pFERFCK9Bw83w|4j)EbwW)|5!~*& zn|?_AdsJ9bnvrSdnW_7&fd842hK>1FEPufXtQ`N%Q~~_A8~yJodv!aur^1{j3)ODe zqTKV3e`zj;#wM2Vog|5ZWh;<7wnN^4e>oP5SLN=gJ+(2+WtWL&?mV#TW-sDS$n!7U^gEa{2|ve4jpwI4eH<)X5M)L0vXBXf>m5r@Sh>v8(~!GgKfI?K zySe!x;povyE^UUb)!53XfK^OaA9BFnLV)ro$--dQN1X1RoxTl`gVd>hpY;PO!Yyg0 zV=EA$uYX+6mt~29?N`#$IXD{2*sp(^@St3W&&adrP0+(FG9%Y%tsvyN>+*h)2z^!f z@N+e7T4ag7k*^SIt$^#u_x7sX!moA3&Z6%`7E-#n!wMz2pN1E`&nkA+)&?t$A&BzA zTI^=Dea4GLJH$7q((Kr3TT((}j?k0~ZYW2p;UHDtWa;mz>B?%&{rBP!n^VSC17>sn zU+us zHns2iG0xKPq$U4m#XVtn5|dxjtKz41UKRl}ZFii3q(|^~i_@7n7@WZ)ohLl;!Mg8k zw2{C<t6S&OdMHiN0iXDHc7GA7J2!hq5aw@g2~yjm3c<>M!8b0$4I4=(0f zIU4P#mnW@OW{2j*hbht1!R^7pxPf?-vOYedzNd%RGE~#W4gF5m=$V)*!EkN+`Zdx4 z5mb|XxTdsMHfF&;-EO8PGAc^4)$hpt5jIe%85<8EY8M7Rkr_{R5C(t#)n39*qx{cT zdfi$!3{RgZcr;^U@$df&fIhQ;NRNu>7U7AVXJ2aQZ}u`k)WDl1#dJ;z5?SOoisn2R z=^trvigV4HeC@q>O}`jU&&5}WeE@}r(9v3fuZWxcs81<|z^u?Mr#J-)cR%3>JNGED zOf>kK`z5!{ItS#9q{PabBhkvww7~Z}A8xK#qP!Sq-_i9_f^LYo6TAtpPGXsmv9Vx4 zl5+{N+a1QEKWQkC_ZBd3TK+IG>>nfNsyj#zYV3DQyc@E^@&a)ySvSmlpu|vGrp+~U zb@+f-2s_9)LMOL0-%55y(z|%$;V)R+8$8-**Y=Q6{h9IR!(L@%OnCwCTvKR8pCQoV zk=+*qqk+0l17$Pp%ls2qhrSEC=e)-`tR(t_vHY#ZUHkJh`|g;8Zx|gC?z47Y1>8_O zwHUs13Y|qZiyNbtOuQx?FL5Ag;c94;!H7S_< z!l28Rg8Sw~9c6;>H8-RDejR4nkpU39qp#JK^1%=Z!J2Es0B!Ald9K|RATq`u z=GZuML&h8fCF}IF`V;4?V{q=8O%jDF#%fv z;*wI2)1d>UUz;6;-o`HKT5$|A;un@JtkX=P<;ctv+qxP%SPs9;=j$-yOI)41*nmLw zm#1)Fd8wkdk2s^P{{Gk_>lSR3Y(u? z3%4`hJJ+`#P;56pa5kS;N;4&dkI3HqVV-K=+GiAMba|)yLZtcD(`$hQG%6YzM7M6; zs_AaWrhjfblP?q$f};YT{%$5X{tG`-8n1#-*q4%*C~cU%56+4`m)vf<+PoG^(6bZV ztjO3RV;bS~x|W9V`+2La^plqIRFGK$`K?9z$c-tz^w$!G)>zxba#UD8BD?B6imzbJ z9lP?XxR>&LAFl<|$f_ux8V7Hj+)0VL-O=@KG348Lj9psaV^qfyGt-ys^KN47c&HRG zn2@^vCBEg&kKp7AMWYw(n2u*INY>)g>z2i>VT5aViNCJ6(j_a1oj=AeGj$PGY_1Gb z-~ooRA*v&)C7vZ#^E7qGJbD;S@al+g7xDS}ek-SK@O~-j<(p(Pp!g4ccb|z%r9xn~~7Mvy_tVzJb2Z zNHfN-+jB9Io$a(yZ)nf9Z!&%9V`A}tMq+U`8=Jc`ZKyB{L^aA)kK2- zk+Kby$h?U3ReCRbO607j@{ki8^ySv|Q!Wc`i}7nK@oLtx%VCjh^&+&dMdGNe-<5r7 ze{F~2EL!xX5nH;gUWvcL6%j4OFF+zK(v`4*mtXHn2;vIAA;&J5@=fl6gh02Ug+yl< z)sKO93^!9ve0FNB=?|ox?eEP^WJr75X@gtkVp9Q6&z=2FJ=Fv{-XDA9B-<(DZjaq& zW?LjE?jB6(ePp(dO%SX86;gYCEd81syQ7(eHd0({O;Do{0{ozl*>VxGX@a5&UBxC2 z=nG-N>X3)_CPXDw=wcA)v`y5)?(z2(0@b(Ao?m?tO%o{ZeM5YgloI4~a7Tq&KRPh8 zkWl9L^tpQ96>)$4YI*vOrQb(RNGIN_t+IhwuFUf5npK!`B? z7?SMRw*5Io8@xGniA#Az^IA$F%|XAZ@qGc5V~qb*RYSPYJ)-ky+1%=uJBI#(6(k0n z9!#9vMHZ4B3H?d579H|fkL>7lg@7J_X7NJX4Zy_A(?Wqs%QhJg^OTvAUJ?amDp}aQ zcqOBXC6Si9#nepim}wK%AB=wKy&v9)4Fx)m30hHUh^b=KtndppzjTWsFOYh76J_f><{r6RRv@5xzI%I_8&&zHKyz0c8rI88v(mtf$ zHS#f!_NQl^hOY@O|xPaSofUf5&Uhlh_VZ|la-WUnG#h3YEo;*YVbFxzC z{dBu~6xd47U`tb%!KKS3cCtR8@8WW7O2xV}+5<`b(FikpMFTth<&?uGpy zp-C4X9i`t71h z@n~H+IA%@fL$8VFI!M)52*f|rJecOo_FhzO`!l8{w{T5ZV~&Oq+I$<*D^r92OGp@#QkQn`!By2)bJe& zUmv5%v-ls(y?0O)Ti5?93L;7n5J>|_20?O;N=A|>IU_Jg&N(WQBxjH$8Ob>Zkuc{q2=RD`Wb*tXGRkv>4{sX3Gx~6yU-g~X@`mEJ^#-9b8eaNPWdR=y9xHaem#LGnApIb8c;-8Sy>+y*evvkrU7w&bB($o zprWEWlOQaw!mjkd>Pxij{Nr7M+y>7sJ1y@kn$w&lcRG_vM)x=!TzFWQ94m`=aa#=R z;+}1ucYE6M`IQZ(_HmnCZ=C3nlIUzw%i`@R&Zg?6x)Issw)WK~F27Wsfkhvw`W8$JNOl26FwCnmCjLUX`f90Q;`1ETkguAgZB~etxegyAiZ%)@^ zj_1y|Pm9=%8SR((pUi!|#e(^+zZ7U(MegHeH(Jj@wa$Oc&^^xoTCDrInD5Zie8RXj zm8)mh{zt{9S5TvSh3v>mb=lRIS7Sqm+n{> z4+Z%fGsh91Wwd|b2y#$*EsrS^`&DGrm%8swV(hRrN3lW#-PE{6KuD@N_RLoy{s?zN zQgh*1l7t_fPSrys72k!9P|XihjoEV;=lWtx&bsm*SK&-96T^{gjH$i?r9Oit&yKJr zH17okqz%q~@|B9~nAI6*0Uy~Eip@RuMUq%*OmISAh-tb+Yc3e~^9cIBEWWh)x{9!F zQXVLdK#LE*M^)ZpRF~?7hy$~Xq5RNbEmeL4Q4SSD-jVGmG zrIo$fI=7GZXyc0g!F!LkJ#js)vbP;)@S1ev*-RacV11zV=J!%s-yKKFI##bpRBc~w z-Hf>eD6ho|q(A<_6UuLCui+qQP?u@r7O_>m_Hd5&+<-$Hw*kZ^D-UKPleOv@*@&5D4 zJY$B(+l0ZT8T49wbHwj{RAWfijVKc65cq=z;iRM9+qXXL%a6(z z$-?HLrL&~Fb5h))8}s>X9+=f5Li)LJYU=8H!Qz*%LM8tM*)iqCOH#&wn-P2k6|ny9 zo<^;iv^Q;7&#~zUuS$y%u+E=R1Q{$TfHGEB`$S7fj2Lh+Zz3z})f|yQH%kcPh?b+^ zw{3fIQeZ~CDHm7=EV5la$agP?X5kDjjr~yWLB_YNro?I!5Zag+o8Av%&2rOqvvd;c zs9!HtClBo1WIp#ra=#+3Z3MK&N{1=*gKTV00N_ZOodP{&at?WB4Mnx@No&&!JXMa` z3c}cU>{IrDwfi?a6mKe4{Pz8F09 z{s%jKx*Z4zrRn5-E24Rb^+E&D)X=6+s7R6(4OGn+JN%j8(9NYNu&33|PQUP5#gxK( zOs>tN_|An2U86Xt>>dH}SO%#U8$Wt29n0ltEr4t4sb&O zk&VO5ckb>3VQLHu{h|vtzhMlECR&5SEq0~Ok`X(4jib4rT4;*}@!1s-}+m(v4(SMA87Q-c;<(G$cNBngOk z?9)e+z~=lb9Zle_o05<=U+=Rj%)Qtafl zXCYryfg>$q>R3L1l)M`ocWeVvwCXvYS*J)$U2db+gy}#mSaf?zxHdm8V+*@t_2IFv zr0~%CHfI?~E6eV35~5y|a*y z@M!>lxS0Iqwk29(aEW$vyo=|t)8f9 zVo~aVFIe*w(o?@j`DE#%MRT@igrv8epO;96yoTmqO*}d@`7N=Xvol#t5ImV{{Prz@ zdAiF}WV#zAAb`P#>mw93PigUwd}mYD@~=opY)Ku*e+sLC7d!`cv$B#rPj?|NH<6q& z{e^c$x|Tbdmu5XEQllSD^k@)8$c*k@rB0zH#j#-g?8@^Wd<)*_~xrZ0s<8p;Kaowl^aQ- zJ6OSsExWq&6rTXxk(O=XL=~k!T9E@cY)&zY+qm=RrqwHLQ96xt^I_)gDJU#kNw0{?Cf!(w1fY$qtbW z=0~;uZzSp~Yok2cJq0>j@CZeZiCr~y4Hx@+UMx^6eA7A1g9P$oecIKHrlQ{ojG|)YI-qf22s+&#X%ij?;m(aE~ zP-a4JyG_}0@sjq1(sIWo%mWqUpxCn6?qP9}c{+A1zNfQHC~~&1O2QRR?vXOV-ZCtk z>HT9;{buNfd(pGR8OP84f>1f_k^#_8s>JoGK*Z99>nYuBY|em#c3-9GON7N_mJp+( ziUAp$zkHNEbUB4pdElV+H=vAmQh1_Lsl1}K5z$#?T^!K8P4O5=Qs>Iqf(u|i)(BzR zLFU++=Ytm(b6dsv+!?e21HywJR%mwQ=laRFwOKg?)W~&l&ICVs`8tqRBcP_VF9)Uc z(4e43SOQTp`6Be@7+Zl8GNy_u)sQP1cV&|0oKvc5%AbI{n4JE&+zr@R{&7w ze*Ydy$f*2ldV2jroH}b0lf~vtH`)C75Ud{9WkV*__Y-|OW9a-N=^Pb|h{g7n;6Q$E z2y}KOI?#n~VHKSB#y^-GL7O|98CUExvQ&|`oJy)5-Cn(Zw_v*s$C|SHJV?AT&4_h$WRdOankKCQ8NQ@Z>tAC{9+SA%I1!f>`mqt~W>_Z7%I~)r)SX z?c1>j$`FbvpE7%l%LSI_xarD_%H~OFqkp38+dn$OZqIW31UL>iuj~*ICA$OhdnhB^ zo9-S3J4C*f=jGKo0V@#4K8m0cohJ`X3(Y3zWvie&ACl6DlCL^;O@!A^3cmm# zQe05|HRA!q)s4seTam=d+tE-3c}5ej0Kv+y35XgXoncr7triuwUnr8$&^RMr8;0f= zQs#VNY){K(J-9krE16sHH}~R`FUGB)=1y<$=9kt+T>7i78DGt74Zk*2>^YA(;(ZgZ z9@0ECtx&kv3gZ&()>8q3@szwR9p1&oVOMLsVzR}$z50&yOv;)PfLuRWsq1;-+WJcD zIb$cetgj3CMMcN-HSsja5QUW62nRGi(j9`&7_2Y4ORy>s(@>>hQM? z0Vsf>`9#U!=UR-$MCutJe^5kM`7G(8BWbXgQcGfVhco_(>1ptNY?qH9qXUE9zC4(6{LAL)EI@>>C&jIf^ zK4&=O4z4KSMn*0B+NA>XhN%qvI~;(~D^%c0KsUZlYE-oQ*`t-;KH4Xi$d&j`^%t}u zS^p2%7BF9Z%h}niq+qX-to(kTtG_589*$A;{5xr?lyk_@eT_j1qm6u^rKF9N}kgVkJithZHUy(TL^pS3X4nKRB4Ew*LC0sRL!|F zkl0K&dOdb}s*^~%NyA%Ba1u_E=HFZu*~NUdlv4*IwG@{bH>e1m(8{0ZUV~_##Ep#8lThN3e!SWJOea>LLn>N!W-^rC`tlNS=L4{Lm`iW_L;%XKW)UK` zj%{5pES`R(j#V1`28UCn3u32EO$tN?B7bTg55RhG#O zxSSpit}4dIb*WxI`myju_Kr;6GBv|DQ2@uf+6>d$R{QA`J<4xl;1=d4m+du2D1jsS z`<`slOk5Q9`2lG|As3!nALG!SvNF7?q!ixi2ESwVlUsFbDJ*_5@}+dJSyjtF?HGMWF|ci0^#2>o&Ui?%t+SA%GZLc)ksfeYj^KvZZ9% z(s)b*|E6VtDeZ$Fhr<(9!RjACtUB+pj%zH;`Stk}De3;e3i!i%^ zU5Jb9@5<25dziQ!j;p;pxRO$_pISJbJyd-Z38hQ3Zb$5_Rq5m z9ar1Sj|bdf3_P8j!A$xjEjTuH0orIVK2$~c!rEsxk3(xHc<8Z00=SZMeuJ!w%Q81m+w9*)}2nvEDngrsG2Yu5X1?C&X!r7V}9pn?U{sC&~#9iA5^B3v<4?Y0s% z)sLh-^y3ARsTAgrDHYyc?~zGeiuf7IgjX3FTx%Uq2JZcz@YJ+t87f%_nP^fbjF*@s7uMi2?-ch z#(C#>I9b=@AB7*#AWuvL;XRX;V(kQaW3*c3Q)vAyooA{5m5fdvi&~G`T7XeO3g1pz zs|ao9DyCLS&zvMxz+j_`+4{!=R9vRH?RFzShUYPj$a)?}Ca^vK6r_nmnO!3aqi(Qk z4m&XFbqx2(Am?DUD!f()Xm0Sp+q^y__zM6~rM}iu3F&G`3DLo#8{SnBtA#(WIt~h- zI8LVFke|c7MXmuug7+SXAhn(g=K!gijCS!quvWot$@jt4T;F4#-I^NsDGqE{P8z4D zay0arJ+?eoWW5|P$bFymorwvsHN%^7 zj;6boKVdx5sxW%x7EJxu=m!4Im;Di8cYeqvu96U`o*;8$IN8$$oY-={f`zQul^B`n z@pd%|=_*afyjR}(t6H$i+j`wX)5xWKAT#)92BgbLOoD@+tej%mSeSnI$(vKEUy8Vp?$5kz8EAZ*H|Y*HsI@+P}qltkrg$vE!>8{Lw(J z*6RSR0{7#3M5nDVy1DG9bH2W?aP#!q(Wvj#=Sfbl$*cx9_WI&N>#Z}p6p|{zz59>l zNoixMYbNC)N%v}Q8uq)1UwKJFEd3N~nU_fRHPvNQdW~#K&6*=$=a?=VO~TTgyt4`1 zr)Q~T@>HvS*)}MeH2=l;f_$h%x~Vl<9i%)jXX~q5<-16BpdhI^k!n0$sH%-6#KDZv zuh2wD9FJaRDD+kSTeWh;+HUc7M#6ettc$pmUN z5{I>G{v$zqr;_H)_)#^$yZ)J}si_vWw)uH^fpLr~_b-8EgtCF4pr=O$h!6xER?s6N zBHC^U31$ykS|dmH>s_Ou(-%PTMkN`g?Ns3L{V!Fo?O8>-AI`t|2CN+PS1kZ(4BOaW z;Hwa6@@4vgsy6K1AKK-DvM&`?&1AV7%)e7f6#UOPqnU?ZTngk=0ibA`VYC`hi*Yr- z{Z-ZTa9o~`1N~0 zdqyK1h>6S+;AkSSYHjU_3?g(}LVSF|gS7d1w7Uzmx;o?$Yr~)#$yV^_GJf^|2W?%<$JDi_Ur!ut*AeZ2hO8B;QPUnr&>hjKET2`x($|+QNTTTY0vuW09&Ua`?Ie%(PbqO+lmR5APeU-oZSYr?hB-<&WJy`sqpmwHTkR zC-DZCd{H6^Y)&cHHgF~bnW4EgHN|yvwt}5;*Ka_FKm6C7m1BQ1)E{qV&Ecoug0^@+ z*3QT>o^wbas23W_>nh!EGpAGd-9bv^E0{rhD>BfqdZM!llASF0gf|J3|K!?Dr<%2^ z+vD|_^RCZg^%MDTGv7j!njg9AzEB?4dUM; zk$k_8)-T3YkNFbFj*PksOcFRb^6?&hw$6b7i-@Kkguu2k6Mq-wgAYs*PY$`0;B*f0 z1i;iV=c32`C+5!$w))1jNdy9$WdR}IrsQDC*Ay$YU+Dg~yi@gI1 zQU%PV;xi#5||rYh^^DQ}1RZNp@wq?!UU{xu&& z=Qu5o@qXfC{JQmI)<`lgQ#x`!3{gXlPisJW{YMeOf%Yf-5J0c$|2&_46&`js`#yX+ z6XKa_{`_3(HlrJxkl;cmbW!UmsJ4}{4SmPwDoAf~vY(7<49JVu&d_cEu9Bb>3j&B7 zt(EWW=0jk+=51*_P*<4-?3;L`>ZD5}kng+(tq4ZY(2O>J|MwVeAOR2i1m?y&8_|95 zqqRYP$%yWlopp|VyC05KT69N}mGSw}N2Fs;qs3?@c24q$L} z;bNK%cYQUx|G^6(a^^+P>Da2r3r)9r%t-*_RwMl{OPl`k&(7!=h9<~2Cw1kY2HrL_ zhEnS9gvo!Jt@^JUa0^c2|7*nl9PR>6!m+A8mMN=g!~f1(2TG+18lK->1Gq?7Nxmzo`DNnfE_E(XBtZ zH3I+IKK*~Z-zwvC_NYb8iKeTV(Y<{g!=PNe){N!<+U8LODf+oCl6w99UvgwSE(=|F z*~&IE|1!L{*KtVZL&|ql_iZ(c-@=`oU+_F*KNh-^eCHqIcH2w2RwR9rUksM$%gnK0W`h^}9X5Gva)kMcZ!)y{*5qmHdT#Ct*uM{eFC=!}Oo2MjJr%pF4wJ(Y%F7 zpBx<}*mZJp;vO0rs;Q~5-(T(X_ft|*;^E~5N^#|YYA>LK^;>1-$cdkXghW!^qoryU z@z4)#JyDA*37YkLJs;hcv%@}|XUBYioX9I?^wtJIH&>Z}Mi1+`b&)^eb}%v>Xx!B$#<(o|BS?UpV@_&=-QWkk1;3e{ifS(dgO2-muZRzkUC7KSAWI*QBIZ zr{_~@`I6k8UzPh%D#&7IM*wJ#XThsDl=*x8NNtY?1+hFeIbB(S$TcsA`Q}jn0YzDU z2Sak=5#X>#Zgupp9(%WKGF@n%CQ>}7e%7k{Qk=|*J+)tBnl5cl#Eij9g5JL=SNt_> zbiZ(}IjX-^S9@Ps2Py!LvRxT@F{Rq%mPrZ=5a?{{=*;J>utkYI=l%(0rg4-JXbQdP znIpdj<8B=3_#iD!{FuM68?KoO_|?(Wod^os7{FL9AcBy6kLlXD z3%(%XwqXZr3)UweH8IhM^fm{Mb8>9udoiA6rWG99m-m67!Hb?LZi z{xWvLo!>>*Oxur@e&#xidmDMVhLldPc%)|z|rEUU$ zd7arrC^5O9s#v7r(Lz5srR;2lvd-6LXq(75Epp%BlLXhE@2)fK9MG4G0@sLP+gxX4 zAmZZ@*nYL}rH3;|eTa!>ez@A4ysLBc?)<7Jm>d%O{-F8oo=dz^=(oG#B_HxdTca># zT;90TEQ1z$!l)PzmUu9)JLKAzN=xnb-3F}h5$?PfI$OQUz%{)ihnaX487 zT6maox>qd1b4_hsAy7LsH-0@4)R|0%|tN}U7wpnU<$u}z;aya4b zk7U8%-sZy{D|Jp|J?Gig){unlxF4GqQM!N>Utj|yRN4}&)TrJoJ$ zj=vbN?41cu%T!P3h!*CZS7`cX_pVR9@%7=}<%m zvl!!4Ua5I1edFqas^kjq2sPo$tcx6HD!esaj$_z0k;v=(a)OachSTP-ILu=mHq)mK z5vlhlhv~$eic=mOS8Obl>LJtZhMRkav@bL{Hq&JXO&u8`-CXN%&Bg;t$gi2=0*YCV z%Z;k&@mpbBdo2%9n;@>;coPcVF$)JlC-W|j}sP~XTE{ZeoVH`Wg2`z zE|^P98vXLUh<~usOd{}OEU(|DuQde@t;_FNZ`NX`T0Qa7m|hSt^^%M^B9lL!eEd;& zid$$GOo>{2{5#1!w>=)U^d-0Wf%p5-87Vvp5}s|5HvTnPo~>CGQx(N6&rVyap3Qc# zq1?q@k1h9o&upRROn@(b7Qg`Aiq55Ga`@2Mch8D~^(tW~X%cPhG~(pvs7~+E6@Fa? z*TKrH(5U^@L&_Oow$|b55~uX>=yme2|SW?zSZ?~G}R&+3wQMGv9ZPy9a!Z#&zsGme6DA8V;{h4 z+qwB{pKMrYMoC%u#n9&(0J{?f778~`J=uW^O{TJcKEq{fgqiRaGW2php{kwMK z$JaQ<3)qLS3=X{}=V;m%UD2}t_m#!$oHEO5XQ+2^rcb4mtF-X0--~$wQMyA0voyrqf0dDCgU(v%&50?%lkwzp2 z!UKMGs_y8GDo0LWEF5_ilP=OQ8j%8OU|u#f(E3U$u&Q5lBJs^lPG^&| z%?~5aYG+>`T@j~t>r|Gtb3CK}05ih!hfCUUHF1u7vRY@|m2Dj-KC&=Wz|!(cy%N8U zUTjQAsyxVpFlNW(iqfpr0RmV>)BLjxtWA*k*eUg#o5030>*APsXA@trD-|Tx@cu#? zoZ^#+)*6>&@53Yhc}s8&52OGYf|6 zR6ABb$iWLnc+x^L2}a5#CnbSu1#_8zVH*Qvi95zP2w%17XJJcRIuV(K!-bH z(Bn$lgI7DYh)RQe_C%+?pW?5;YP(X}gvF0o8SytX?&a^Lw(82yt+c|Xt}jg50ZhqONppSg=X#1taxK?YhWTNRZ{q-I8ZdQ?p)6+DB%RK2B<0 zQZ<|~5*U%B7%%aNB!fIQdJyTBK}($ToG-Rc3eTm2gR2E_ga649s@G_Ba4hK{ipmCwb8ywT{_~wKOt;y< z$Zb*yjInq-%6%4!Jp-n+Uw+}Y;CB?M*IumdFWG5EVz{cjV$?k4k~o{TElKI0pR1gfQYbAhC)B{2U!4UP+*K`z#{$ zt!_0T`vPpI5))3;y-)7%qI+q9;neX9(<;N)7ro#=Y@hMw@A+IxP1 z9fhGihhF^49eww@quy|PIsf2}x$GP#>&%(Nt|u*WZofHuUB;P{BAubSj3hsw6mLD^ z<_~~#_${s}eUOdgz;bmE99f-24!tkH5ioQD42WvGPu#4O4o zF2JtPBj+{tdNj&@w6nz|68n<_VZ_aBm-0;xn*9Mxu{pKzt|0euC0prH^r{A6#Bdrw z5H>&1G5;b7f8tsjh$PPB&2;o?_%2k>q1*5bw*0{SX0?0^@)4d|(AEQMNeEnc-o~Nd z-gZjuD?C_odeM2eN2Vz@=AhR&!;fh^(s}5v;lxTLh43`zNppGyATVNjZ`s%3ha5`N z`Q4Gh6}BJlk;*&qBMttiH7VPL0^#7{&P|AUUfsn> z?y=)4AxsmgII)03!hO`h=tF++0L6o$`Y24D7aSkX{VguRsG4sc;l`E$1@}pgo+Wru z)%f&T5EG9mdd&*?*?T9t8mnn)1f@--F~T?e$w9Xcv!A>Z;|0y=SvV30GlMFpyb;$| zJrZdFM@{vaP+~me9TGk?2|?MDU1cSG0ndUk%b0VtALfF^B)lU|Y8?bDxf~)m+f4Gx z=FPD&EaRSFpRy$;%C6m!Sa?DROyZK_y^|L!R9S}`79tgsQ~Rq~d*hJL$~ntT z!zx$M_Sp+NZ*S2l!@HpAjz`$E7=>Pb{GBTif}1P`=KM+0EoG?TA!EoXqx;oYW4-&{ z{MUR4?a8Z2s?5*E?18#>;dYr2yRdieKXqN)`^>Om+)`0%!9Wn<@= zl+>!#3ZRNFh(xlNzurc9LJ7iNJg^>?S4^YxTWrl91+_Ib=$CVIbBaKG_Tt5hG!YN3 zB|{)2yN%EI_(sRafkHe+pgiU9DlaBI=V44*jx)HFwU>2sezE$7 zS|uKPX(4c}nDJ1q?Z_{=RvX#(`)iL&WNnFA}c?`*?>)@`UKG(4g-$KNe(ohQ?Xzd_p87ApB| zrgPJ(idhgPo4a`G1Ddpoji7waCoa3ZTzonuIJGRmzWP?E=Od^GMOIGz66jy+e=+S* zjJC;8$+!Yba&}u*gk5Gj)MF9-t2i>OnjJaI%pb=Cenu?)#$wv{sHJI%A!E+u`gf_s zR=9d75T`r-D{yy4qsP7Hvo}MW=5y_lHpbj10fg6rL>-}>)y>Sf|Ag9SWP+%l!<2Er z0FY8n+ClyE!JilZFC&%z9l40jV~kT>6w>||YYCbFW3A@AF)xpP$$T<13mn2Q0&eBfMovF&BAy7>4^<}w#!NB zzsd=n@2dYR-SB?{dH!d%;+H;DK;%M%tzk)ISnz_iZKNPdure?a5yz8$`Uxt2@hNVe zAo-BaP@n7B(utj~cTFnIKPLuW2p+gNbT4bCU6eAhT^HDmoRANton8`(iC*I$LBv+5 za58t-G>5!%Q1$D?6y1TyjEUN;&=Bt-9u4c&($0B`z}qJNwH-du*K%-wiac&kK7iUT zcbQWbiP@SCwXsjXb^7G?JM|6;r3+si2wDBif+K*vCE4ysaJay*@c4~XF5IW9!zF6B zV@?ZJEtTnpbRI;*5PJ9S&sZKrn{SNQu3UPy zEy8w>147V^YWIK(qu|A*uim%f86aLQt6Xs#kJN(@WtJ{~EBY5P`pl*PGWY>pk@P_l zPD#;a?1h4OUZvpST*MH^Hb1Hobu*leIwN*g3ZW_3rX@oT=Bvt+Z0w1xEH&i_UDAmlx5r+u z?im`K6TTP9`fcB(PcM?;>;Pd?YtmjqYV4W^Ol2V@d}QRKoPhJN`$l*!qTjfYm7mAb z_aKitCKMkg*S~-;8(5#Tey0t*VVj^YSsb`q7e&vv={(>@W7QG^;&1c8kE!?ITW>Zx zp-R;sVU!wnj`4X~@2S!}yf|82b8U@#*$e~UQ0WZ;7yQw$UUr|$!G{3Yf&*`Dx2)TGpm1UH9)Cl%rcN z|31UO*JmwfXEt9)y`CPW3TNM877@<TcKVkG}@alUcluf&4RSzA-8g{)uDnBN7~2iTAk^Ks$Z$+9}@P$6Wx_Q8mtI4$WskDb_Zm>-J2 z?&;ovCEk$w>)KvnQDL`E_+^yn4dt%+@fheDXWYvRKF1Yjd9iH1V2D=+cGxccn8}H$ z8Q1Z;F5VZ@Fm`G0SEl6X&^eyTdg>Yo4K56=6y5SBJne937!{C-^4>KMGVtQm^WfK| zMD=LdfINryTML@s7k)m=qn9#H+e}Q-Gx0X`+Hq?`c?4%Da1~H3&n)7t1&$JAmn_Cb zN;%H8426|LxNr94+DzD%>(-JS2TBt|AqMa(D}`ytq{8x{C&O%M|?N5 zbqMa}Q=l-#>WBzgs@56?VQO-3bl^3vO%~r{m`W;H3VBf1`|a4&oemd6n6Iyb z!@ZW?XP>j1Da3M4+-N`f%?%{zchsh(cvWsZr|yRcpgko>uJ>fm(Dz`$GdPm% z@0?Q=TPY)`6S<}h3Vd`pZME8da_3-3obG40>uP|w(?IQlxK^9w&r-1UE8Nz@Cz6`Z zJKaV3Yg1$U)=!bx$I9QAJ_D#tJZ-%%qWaA8Ooj}Jy;Q8AF^X>QZeldC(i0_7#`ta2 z0gjnv_(-entlFh*jfi5>HO9VWB51KTqXtx<<#M`m_0g?G{1h^I0P>1h8(^nzuKD~T zkDksb9r!`u(`O%n*VbqA_q=z#=5ZFiKm`TR4B*F2p1zltdZl)HQqzWJy7Z>Z7v*!~ z+hWahuUUx4A{Z5IU%b}*GX~G-`W`l~_|&pZzu_eomgZexP|U=_-3fKO+n(RIQctb@ zv@Bhc`NdToZ*uv|rb6OrF{!sCb#QTr!0-hs@I#_LeOJc>E1SoV)`F84lYw;v>@C(5 z!s}i;W~AJ{pLsZ$<99pZc&A{L*Fs1trT^5)8@~#W_hMFCXX$~l`PyD@WUBwkIfZAL zOP;*i=v!b$Dt&T!e?!IDon%DO`>S}XKD9g@;d`Xce7{DxVx>8 z@yf3YyICW6@1fJ$@z~Jo+9gYb|7$1p1ebCa6j)*7tu2LRx_g=^RoBJ! zPSoqB09}KcG|i}OW2BkeG~Ip~IBoO2gs)7B(}d>E`}J*cnlE7~v8(NUCQEO)JxG67 zE8Y&#VJ7{LBc-<5j46~Jf({2UG46*eM|KS}R7P(>#<79S9if|(U7A*^W$tBl zzRXCVR}X#B#3>*iH=-!V@XTPHauOU+|Ad|I%T3T6zL@)1%Qv^xd)MAG90M46VWh4p z;-nr$z(|Te3l0z;ep879vQ#P|gCTC}-Rdh<_1!2T?LBnLFz0vSgdYkqkUxS&>M9URH9eJCY!2Spp87IP9|0`)kedQZ(-ugRezk7`<@UxCLmzCswZFSwFvF| z1Fa-p_PV=V)&%!@cHYezK|9+T@SMyMk)-4%=YYfwZ*AzyXUbCv1Qz}-~veaG=zyx{y5djzDK24Eh@hKDne z#blGFFSIZq>KFX!lyF<%Qbz%aPq&sEj~%|4e=BtNY~5sI(}1z&Oh80yu<)#$P;5sF z^(@?T2a_M=9Wq_gh(i^so6#YTXIj=-^+M(sv`L-)wN~EdXR1jV*`LU#LQ^TPy2lXa zwi;;Nf>$$**u~r~r{E@20n;JlF(kgdC{Niy>6m9n$1*DxI5wMU*Y0(#}4>Cuq5I) z9AhIRGc%vqAquvyp-RW1BZIrWR3>TsNJ(wNy*qxFm+uF;w_ch&M5P|*5EHh)!x>Kz zDsq}L(1bWlK3!&E&ugrR=~VLi-tfjMvMN+>4sdbLky~H}Nq%A0C+WownI+n;`lysPX6lI4hSDqC|C*K31V0=MJWP)y$b(p6RYy3p@SPZO<{;|vE31kp zuf~TJu_xN4P3K?j)WO~H?5Bz}L%cy$f-Q=ux+!^GqIs3`pZp}ei+e4#BM=$!>o2X| z<1HRicfn8L#9}{1x|xKz->xDYhWKi*c{bndyo|gf-@6u1Ure@;ORXL*X&l2V*mHmwA^(%A5-QZuRr5%@14e{ zKzFRG;DtQUazziHM?7U)3HTz`R-a6<)Z>O{(h7_x9g3M>#hcj^cwmA1oC3oArOK0P znW?=@^OWwk{&}-+Jr_;6M;2UbXx&}r#WYTk7xO9gDXoys3;Da>jvc^CUEK3z>%2jq zQos;<@4&DUL00DGUi0)N5ccR)qZ(s%uhBYOC+$sW&v_c(bV?V|#RnYcJ8^pmt$Q+q zAD@6_&Mk)`+`~Bgb!0I&$ntFP_<2`Eze*qqtvJqEVG5Re<3)!pKrqsqZYqZmxD+B; zNhNhVpi0T{DCG_z5}~`)H@NU6yYcCI@!`Sh;sC81CKk?2IZ^eyoG9hYxu4P{3r-1wnO;O!Y-X8Q0J){6@#PEy9o4~iPAdwEtR7B#>D-IqftoeSiBA+p><8_kYt7IX~ zliV|MEg6#ceIrkjB0&^M^}wfgXr1R^Xl`IRpHqvlPIK5f1F!mB)I_Z_r~}+ z2k46ZS01_4WTHLPj8@wr8v8VWLE-maFq2RJ$hfnG+R@UvaVOjFN9&*__=@HV87qQkDII|@- zqJ#!mwH{Q@+*$;P5A$30$-x6IN|j;r$cvt(h0r_ZU$F*Romw@3(VKnr0W-eIFy}{! z$WqIW8)bHt$dB0kh>?%{@_*Y4FVe4X^9+5I>}K^#F6-@to*uthJSA11l!JIzki&*Vw(y|a!#d|%Fc2}t}E&^s4x=xmZ1m1Z(aazM_wlDMXx{RpR58?{~iRCzfCon zoDy!5oa_`c?={Gk1{Xy?9`CujA?ut2Z2gZ?Q?G24VsE~Slm6?JGT`={ij~kVaULhl zL?OwVEDEiAQg_p>MJStV3UX$Dx<{F?O;wNE@U@xe9k*3ho!?&{gjwfjN4+g(?tlI* zne6x0)Y;?a&9s^5ptj*Wp%iIby_MQ&YAc!y6Yza%lJ<^4apAkA$EeO*LsW`X+*>)z zjchvQO3-$iR%^aL6}oAb9B!NqcWNlEoV<*fhomKu1gL>Yh;>h_)R5G!@HFy0R+yEM z&AYj!c)F=Sp=4t#wtNruWkh*fTQJtmss2LW75Bi~^_a7%Zc1O*8{X?_hloS3AcnRS zZJptj*rb%9#N^0?>5;j(y~Nt8=KDGW{n~;*e6$aa>F$q&`@^ici#g+L$&R&BA^<;k z%4|^0xhK04&-L6rv5DI${N*a(Hnlr1?%`NBMZVw8vC*D?qEa48O1`tbVJ2xtmT)xM53_@X<;BuF-=q0-A5Mpon( z_8|KH=esu1y4INF0aWd{pqfn4^F5KW?eBqenXy@1d5&ZHh`~BMxf9c+i#+z7N}Dd$ zvoW)>Ey3aVO*0BGphNZ>%-(5C&y1zyu_Rlu4eKxT8avG&Q{?feXc@CDuAgFqI_K7| zpy7#GQ}`dc->omair3b8CB0TX$i}$?1s-Vl8c0v8f%t5#6V(x`G#T6H?xdrw5yu086*Ne!v z8dIbyDV46}S1Io~o>Qp7=*P|9s5Zw8vby`(5JBU$@+hBH^0tkQadn3kWIt6YRd;of z{td+lXN~evOWF!!`)X?{Gpzqk%FKfqSWrPYxR$$k>!6~cX=MGI(y~vSZn9Fff_nJe z+IOGw-{+Uvs>*&&&NC~P^&M7IgeO9&NKxYV0iS)+1|nbb8BDzf(Zm+Dm34EZBuvZ< z)`_dsjZ21fW|JA|UBEQ;GwvUtqE`CP2D~@hsK40Et_WxA326+s3~hb! z!5U~LD|QDvu_*7PbA?{q*&5DQBoH15ALSUPvd1+8f2+RrV7!Rlkxds@=~@(%Sv_Oj zWw`!uznN*17fjCDFopY$Rl@#jpX*Gklc=!9Ob2=~ck@O-N>fpL|5(d9gORj4QEwQI zJ8h4sV-0*al-a#h>C@T_Vd^POos1S)BAFA3{6&sP-^L_$*?lp6it8py0?V&)DSwpA4l>C?mutO|G_HL}RhzF|luO zq0HXz47F~Wh>~2b8&i@r<1Haw(ktcKnsrm#n;E<3b2VJmy3g%oUomGr%qFmjlA|MV zdKBDw{Nf2NA#UJeCs4yUiD>j!>poNH{ z0O?DWQ`RD)X3>5tK_6`bPK%qUes}2+27{Cgjn!`PeYa3-9E@A?xT?X?^-*$c-R_6z zqLH(w(2c$3*Gg8>^P8j0`*Y8UB6$j%)WPcO!%U6<(t#06gbIsOhY2-4O4q@3encIvlx0yL# zGpXc*@-uHPw@9lZt&*%MozexXek*XYHit%Qq_iy#V ze{#&S#a9g~*D@oP-4>|k0N_$$5&xHd=otj1DX`k$)yE>ImDsC;u7YB>UU1mUTwp;f zYtTO7E~0BF%4NZHmh-}^fhc!*53}fYa!c~V#!dcyIjIIc1e%?5PSK2sEXhe1Z!wr1 z^{4e#J_^{{m89|Eck&E@0~{L-Le%+w1u?_QX_#ZsSQb5}jvSj5gHl0D0##gMA*p5e z@ED}M4n&R(x5<>ISF)9hldZAY5eYkUuRzL{ICc4NIPD(sceX#1u7_!882f2+HhZFq zxD~J?^6X=D?%3m+bQXxcOc&N+*>(;&(8qzty_wJx*PXcj?y+4<=W{VC-5-o|x-*Nf zEWa;BbSpmT>p&D>>fPv^_-dn~Jos+Y-YXT|@@#(&vt$%i3e{r;BN&#_Ncs_k&a%gY z72J^`J$Ti7_$$)$r<}{9L%gu6<*Et_QBI5sg}FLdxUZO!7?dG&P5phq8P;-)`gyu> z&b9$sF6OUI^=Nnha*`X2E%MQV3op&tx7= zMtB4@mxUnEQ?9rw-PkGXL6ru|)`SmDN%Ph#W$`mE>>B>!{bmr(zlQJ62|+f&6ckjx zDcU!!$iTJ5i9uV2SL*aFsUvBGgY&fQkYaOmI5DH6CAQP^Mh(Tj>lu6%Wq}qb9T-MW z_hTn%ZE19Ot`SCJkV=K-f3l@LQ<4&o^h`&UZ}&voCRSaDUvK^RKdtSwxvfk*5(eomK_hc!JhV9a~!n1C?g z{HPQL4i5+CWp@N!nQ9iGB~C(y4gA9Ui#xn&nPYt z(XEhDC`*#k>h2{5CIs&QR~u(u$J}G+SPVh$%AR;;t1Ex(P1NgbK!JWb_yZw78}8sw z`!(KTL4n{kyOqm2?wG09e%P*Q);EKFqaopPn%L8CAjzE@SK@5POIGC=5yxRXO@NG#BcswylOW~D~GDuP95 zza?HwvpU;m9>U@aG)blVrqcF?d)v4G5?KG$)Ne?jR0ZDW4Tv?Js0auPpKLjs`7qs0 zt5r2Ji%xwIF};t4VhRcyVj^$}v?OQ2KQ6w@kx)jEKq(j)Exgv!p^i&CZrl1v Date: Thu, 5 Nov 2020 09:24:10 -0800 Subject: [PATCH 16/26] new images --- .../tvm-zero-day-software-flyout-400.png | Bin 0 -> 108194 bytes .../images/tvm-zero-day-software-flyout.png | Bin 0 -> 67565 bytes .../tvm-zero-day-vulnerabilities.md | 42 +++++++++++------- 3 files changed, 27 insertions(+), 15 deletions(-) create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-software-flyout-400.png create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-software-flyout.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-software-flyout-400.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-software-flyout-400.png new file mode 100644 index 0000000000000000000000000000000000000000..04b983560121d662ee7d1cca96bda46924398919 GIT binary patch literal 108194 zcmcG#Ral!{)CJg<7D}PGYYWBQ9g0J7FYZoohd?QAp}0fw;sgmAC{PGaad)@i4q@o` z&p#J)Idbtnc`YYL*3NVG+G|CsD$BlqNAm8)ix=M<9WUk8Kb^dI@l+%) zC9dghbeR3d-#}|VJh%T7my1^_uhKreYVzkBy{Oi~+PZQW-h35SDp?Y|9 zq*ku=Iy^+xP%Bcqya8~zkbm{gyf5uzeeR-+xDpexA$d4xbHbzVZOa>hf*QcJx!lX= zp(U(fM>|i>%wXf;#i*Cov%En;LFwwEre|X-fIh-lZPIKf8l&lZdGC>8cJ*Q*D`Ft^ zBk2`v$$r85MDk3p^%Xzc8^flfvtCHZ4e$R&&1Fl;!z%K2imYgEEb+{j1}Pk)cjmUl3~BJq zxiCf{9?rNQJs4t7ad&41`c$;B2>1k~S`2WdSNNaa1-WZ~W==!bWIT z(gK>w0+xTPw-%$uW|OE`UwVaf{i-g>>p`V-l3hqZ`=3=teAd(Bo<5*rOrD2qrj9Es zpNY4%#QoW!qmGM?#>4uDE%$dm*oObmmM!t$ugM99{_lhT5Jt6!_uryRjWZN}dmdh7 zp~inxjw4_4dDhyk@#L`4H2TMtCrS9UGQlO2x{0V%BXRg!&L3#Z8zG z7tC!Zn8~)51&YTY+>~Tb7qhd?hhx*ga$l6DBy#~cTCZTKcUgUGO%ryZebV&|fgJO8 zD!d?XHSPdK;#!?|LNtg1uaARy!TX&H>B4JYL=6LRf&qKY^|qihJ~cYbfPk-?qo3!` z2-5{DIRk;Z^)z6~)1c8NnTn@X=U_nGgojDZR8V@$k`t%xI$8T-`f$%as({e)4x`KB zEvz0w(-DG^>E03t3G7%MmeJGK2OKQaaFe=CxEQtA(ejC%sSM}`Tu0rh4c*zb`>(SW zN1Ua3cPAF=G=5DbU6>Cr@nWMTl>R(Visl1f){Pe_2E@MM;_*T8+1pQF zgmB*v)rPHa_@Dg6Up(8UxPTOOfV5q`DtAs7s!h93-`RHqSjD7$Eg5=xwvr}!byFX$ zcA0K>;XW}qmL?40$I6K}*E->2PeFi@*{T9?drq$vw1LZ@>}%FLdr|#)2Zex-`4kWq z@8r3_#~;YqJ!BcS6TE6{;|{if`fhFv=_tVTLlxjPd6Dc!G)2R z#QGY)aF+A(8l)YJW!<8e=S$vAKs2bPDTV!O3)l{rW*_zj4G@i^W4kP_V-ovU8B13A1+=G{Bgmgv3$$7Mwnl{Uf@?HGGR<<;4;svi*>~S2*v8>fFSOf)4SgC z;T5~KwIn=zS7*!=M87ENipOU=y@huE2;^Ed2dYHH=WgKE@%_xMpJ$8 z@VW1otFA#fj;NSEj^)>>MW~)F1~16bSBk>EWiklVMmK~rjp|<6+gh!(Qi2Xt(Q79b&Szpf1P*pZHey;try_tGaz#;ot&)beRK{5Iit76Ado7&%aaR`T!nJ z=s&~MQMJuXe(-HWUhIP9D+S)cV_(lb)?j0{uaUQ79T;~2-r5bmQbHaS(^ZP~sC=U% z^K@i6Mn`aR?L+OXYLo?H-%q*L{Q$ZjzkF1kOLk_uDcU72;oAZ^Ymrmoxv7+1ll*4ExN6E= zJEcL+*vtn)h?Uk?$=Rz6jYY4cPcop~uC5+q4&XTb0q=Q^zMN(B$-;uY?nUDukubuJ z_ig6`=!SvpZN$FBHHFCT$7094E3)Ng!=!JdPq7on9ikUVIN|vonQ!R%s+77zED_l}m3VimLj%;G4 z#b4@`Mc>@@=aJuIQ2goo!x+GCwKp^;7DIw+Hs0~Z2q zUTXA$)=Qn#9mxBnG%guLn~k$FJytquO7fcv(1&UF-(j3wR4_n1bWTswllN_}E;(SUmyTc0Y)^VRmR^2t zu>0J>lKoLnn-1R;YeesEKaj)p&*!Svd&B7fXReKsQ7e@Iruj0KMZnxN@6z3&A0BTG zsS8nQx#IQ~YRTZvN1QXe%3FYlV6H&p;t&tzClgX~1O`KN&N?y}aS7emTQ6`*iAraVPbD@!zSkGSdURfoCM$QSFRm`{Uu{^Z zw)zEFS`}yeVJ$S>Om=gI>WBve272LZl385UgVA#YQ!Nh&T<=dllHZG-^6;<_^5%Jd zp`oZ^rQdI?p)Ts~2RN0|ooW&caPYBlob^)z}yLv-@PF<#s1L3i)jHb_!o0NZgNT?UWrY;9IyO4r1H6Obo2mjr07H z_T-reKgxoz9MR(-W&z87HBx*!b?>W`y20asO9jp^Qa-kBK3fBWH`i8!o+rb>8|ja! zgkK-72b-@VL$yiuANR=7a~|1kr%Dz^dp2g!w+6b5nf>|1v=t-yP6c!rV$)neD^`e#EIX;*|sX>&a! zk7*?1H>2HgbyYkW;W>9gd`hQg{ajwBh;{BUDP|ZX%N!$D_?%zpyhlx{*v%{8kD*GN zw8CG03ZUNREhusmc#C(9u*aSvBy#<%F(fp)0_#X6=Q##%ExZd88=B|-Nm;c{o^dzko-`V!FDs1JY;hXhGUUH zF{h(i>rE}M)9aEPoZfv>`vNh_;%OOe|C3LRq8$lo95d&I{M*?ZuWlYFF;8zEg8609 zR}p?YIF6?Y1+ph68!GI6a!r--2eVL~mnC3K=fV0lev<2xZM4B(*i>WM*+U%^2%*g3 z(}&Bw4!1{s9%E4-zVjK2w;V!13|;?=IJ!Aw=6MZS_U#?;)U1*DA8@08*gIQCByFln*B=z?~zsX19Q!lQ*&)LS( z^nt__L+)9h2&TrSXpU^Ie^|4~S`Qti`BWq=xNfe+slWey+m#Y6pvy)Vl-c3Qa~kJ9 zd5ts^m*@PrBYZj+!uBI(5$EStN&B?vK z#Rt~v0N{_4{%gGn-@7YRDwZ*ftH7QDuf^d2B}#bU1p|fOs+C=1M}KypPX;v)g<|Wm zY4O!z#Jv~uHF8vM_q3?VX`s92P;=TsDeanMiB6R zed|zproB4^%xvl+0r_gL^5^Fu(K6Gk=(*Ef0T5H~HC_HSy3BQSLsXRC1(wwaNmxl~ zR3+2QSUx2i`dEWvhHxsAHNUDGRpQ}%onywtUzDbuV%;IX&5ym2GV^I^N~Lo-%hYTI z;h9|gP2*0Jc*RE3#r1WulReok zGfTZ$b9GIQa5CXP`QOcn>jlGIo&t4h%`acE9;|sGK61D*`E@)by!Sgli6k9K#8ieY zkX&W+$A5d6n7n zChGJ#ztYJjUGwpNe|{Dn7hqqrOCkg}HQr9LB+C6$jPys zS?}P~z~K8vlgqM_BKDqQh6_GdSW_MgVZ4Rzkai@O-DwxUddg znIOg}dED@Idk!OnVY(m?Ik@F!eqX-xCj(cy*VL4O+aCEN&_`%gFGFJshQi)8}`v4VZLustV|T{ z1ms#v{@l#`NJh0U%k?uiQpe<&1Z6ZslWTo7>_2qNsC}o+VT9f zyyud(Z^!y#h7$WnX%6bu9oONEOD~GD4t(S1hvSME9bdfm^ zZXJAmSvy8|cnsDh_vLgTr%+qENV!*{xvRE9ff0{7|tpf9KEO zF7CX`pIL0KH0}y9j$m4@0B4=@SdT;AC??wX-3zDp(CeA=gV%+X2~*`vHg%09Py}8k zUsXwyGN7`4KY5VhuK~aNgD9=!8?6#%s0ZD(3R(BB_yTW#pSrJOa`H!WV7b=as-|cI zCbCKLjU0)+(PP5LA7SGX2Zpqd`30&>EDCr{VN$rX0S#JHS*N{|7*`?pzPhAPC_kv- z6wL|798j7ia^mjQjSx2PBq$q)oX$5=ExUrW?^?Sqo0$05g!>;*X+9ZLhXuzY-lJoOyO+M~0(bQpR?xgzQ83vo~ zoH;U|=OwM%=u1$vOm@0I-to;n5v4s#{qbLejG<^g!(p4j(@^J*`Udq27KIScs=3Gy zT`Gs=&YuBLtWUzyU_E^u7QtV{$&#EV5zL+ zZrDV{T!siieJ(OOr+r-r@&j2tU%D(#u#sqJu@KKmTNIIXt}e!=n-@s;dr^3NeNDv< z8xf~@ZD@i8P+gHID}Iw$9Hv5HOEU@r1IxVu8tDy?C6M=M;uVp%cAx_)cCrV={Q_28Tj-F*Vp? zVTQZxIZ)w*mT@!ny2QC!1d#~x1@+JtO!$g6>P$cMD3VHW9M>;XphjomFf`c&-fZ@I zdD*B*(3U~5-rdzJ|GN}|x%^0YkAylVo&R{gSi1!T4dci|a39?eYDkGJo$u>dr1Hd< z+V+~1{9&Pgivli?*i!uAJdMBJRzIbbe}r&(V0<~2WR+l`6V_ZAd9>07LwoYiQPGCi zmf0vBi6?LcwqKi-Ty%Dq-^}D0Xkits7^FO7IE|r6N2U1f6jV~4&f$Mu|iz(Jm-vu0_|7VC?_Ir&U|f# zDmu}G0pJuMNr;zU3$D#Ch|xz7wWxu#^YLEWC{Gki#6O%ZD)U=_|d^4iwi1aqSVm>&@v-^p%Ha%JpZ%n>rh*5!MuYFG4~gKPTbuEFCiE0|Hx* zmwZkf<*j@!iN{+7qXZ|nuqP{3RffS8V2;NgVc-LTnelEYOG#6Kn6l$U_&_0hPwXeA zav3F8T-A;KuzcihCSi+RN$+4$_ZYZ7{+qXgyj`iIFcg{+YsiC%=IV9f`71Nt`1U}Q zB7Ed7kvk!p7;#yDmspiEZ#(2W{t?O*Ow>| zSNaAbC}%`a!5tc=3+1_2(%WE@@UBT^7wKZ>$UtT6xsCOYjK4}jNGJ(?167F5p09BM zsT_+Fs7H;twcH%RLqpkZw~a;lEbco4@nY0+j@4_Kuo8Bg2d#>yWoh@iy!3|S$ME5; zF3#7OTl3hCc-GcY=3k37lBR6-c=nVZ3`oCrti4Df6=mMBag4%$K}Tiy&iQ&X$1RQLj7;t3C#4Wnw0z$M?+``_pWmJv4dCOw_3mj$K@x&W*pe z_c{D}BPd_Q8nPr1YZKk6DY)T)y&)+(n-cJSyd`%ajvPq41d3B&DW5qk>2amVS46+; z-<;H^Qd+PQ3*vMj!$mF^XbE`VN`n6f_P%REx?VpSExz4xwt+9P2}sOfoBjztCw`iq z2R4oY@zDd95x5;jrv0VvhHRL_BDBNY^E{5JYY1jE^DKVfk zC(Gd42_wZu`X~JJSLfF$U^EnKCz)p^+|ineLBE|=U}`*o7tG5;o*eke+%LpXbv2nP zs-BP+;&Cf@wL=gMaXl^QS4NBIpB#!u@&m_^ptrbC8ReVK>(XKNuCRaQp47&uR{8mv zJH*l4id}RlHR_?d`MN)jVS+f4j5nSs3`JGHK3&!kn4H*!lrNkTrcg{iBBo#lO}n@di9w&JIhxpMdO|prHdG44*6C1E_?{EfdMBUEi_Aot3lA8D z^HX@=G8B6?!~{RQJ`ybBK~_xRxH>kJnn|&)IW$p*1)Ergd*9{g3ypLNE)DpVgG}~a zd7MPuggSZjn~uW{Di0iiH|z*(LX6}MYta!jFO|^BYQ4se`%9%8m4I(va46Xf$fb$$ z=R5dd-Kgk@&5GT2#|^vJ@-^+1A#B5{b!Lpg6Gvr)^b4XhcG2sg!GYnrb3)JtNIcsN zHmz|9hbyU782LovVFt@fq;4vsx_|AEwTL;HPd1LAx zzPa>1U5t2L=sFE{ptAVQ_*M|!ygbfYwUt8`w@!LzE=jZki_J@#k==j%Zp>Z%OjerenIfV znR`ZfYa8D!EX8$2DbQTS{&oD05mw#$kaHsmMe`Fch0h*ZS&LC8u8OGA1t#R4*!yB9 z45j+_jDJ$Unq5%7@qVWNFiW^4rRjbK7Ya$LRaSe9-|&FCE`Gv$*KoLTvEu##i4s}#5e zZVuiPdNj&;x|eL)cC5Xc@uT#6e~)nUJ~MXWT$Rm-|7_Q2s*rs>-=ZaaG4u4pa3vju zHIOXywl#RF;{|TZHtj(o6jYT1v46)K!Z&6^o`|Iu)LQ4^uUb9!*ACBcPB}EQoXhiF zT@8$+KIL8{G<*!4Epa#>Q+(;3N;npsSne@2H(M-SU@w{H*|Ri;LqIad%NtGKU0WRu zKp$5uFIJNhF;fYpX6+)Kf!J^`C9OA>^SrCw)L&sfGb3HlqStI{io_bL?dX?NP>8{=m5bv+bP;Ep5*uRiP%Y}Ss;((*f^7(iXyC<5Q4ziF;p%`MDE0S| zKt5}IezA13P|K>x zc%*qoMMw73ReqHec|=Ps1Wjj*m3hZr-%4}w8HbN}E3IR*f0YXxTi-I*- zsZekMM#avreWK~x0AroVc1L1f!KLuZ*+|3@)xe|h3>gbRn+bIA0d(Ntls~5)n4jF- z9LD{=NuWCntFcg;?Ogu(z1!kJ8%%S`MY2TY$+p6@-Wx{=6rgMHHEexZA;+iJ+x8^ttCs^%LNKOW0Y^7V78PHBLX< z=l@&PJ4#IIvtAjefD0pK>?QFJV^Di@h6XWR-*B~%8)e&n(g|ZhAoh}jgV~X6b%G{_ z1{@f#_K|>vQzIqgx6Yua$r;9GSS!V+p|cmI#YvcA_X+CR)H);SL!E?h(*RJEka70t zQUO)_^|w(KQ!1~SoyDgi6mNInca`?E>+HrMM9yS!_4Y80JVXEu+O%`q9FlXs`nO0@ zh;F)lG~o}(iQ-qbuj^pJ436iWVcaXj+mE6?f!UYuE8#)$i~bAQud{q!7Q~iOx1Dq% z=c5>oWR(Kda{bEgIJMjBzTqwCzZbb5S<5TGH#+GzcovX6Wsc|zhTr~LX4vsGg(-gcU4ZY=SGg#3{qEJ$WEX)wf0G;epiaf7lKStJq%$W+jVrZ0 z0G8 zTm4Vv%_*s#$WPkQKpaqNv;e)5t_y88k3PWkd zh2(=i#zr8Git(uDU@Z@6e|23}b>u*Wl(z19LqefOG6Zw4-qr3vCI#44kI0e2z?(6*tF%1r8lJSr8}fT_gB!N z3}R{Tu%}1kq-I!y4()TiZvoqhmsW22J-p{ElJ^;u{<|;Fzafx@FxwlaD*$|Hi3Cs^ ziizs#+vfL0DbS(g7*bpK%CX(~e9RX&KVaUiQ==lm!Zn{tI`5LO!^sP9RkhFTZ2vZ! z2G2A#ensGpmK6NXg||JSC_|Mp3sGE}>8VR@tv+YJK-_nj zWEMHD$E4d`R#07I-%0T~qz-eZ;6;!U8 z!>`0~JfH2K7)FcZi8P0tuw0TB2|Lux+VJTbyGiYWzuGH%6J=-O45(pUBCHkHlYm5 z+6gJs?q$kW_~c&dW_YwWu&x-WYFaJduR*szB88_to#kFy#hzeP;5l&`^Sb}^Sx$7y zEN>8_M}PjWpxe?xpJsZC9!J+Vg9flCPj1j-ysG{f`?Yx454X->_)uj~W}>X5hB?zp zcn_D-yYnLx*O!)<=2VvZ1n;eu7mBf3+HA(go)IuH#X|Lso{i&*_0=GeMN!(tGe-_m z8D-{xnClsxHJ&wjPa4XPK1+e98cDSdb5x+@Ml75e+~f$Uakp}ghBXaQIi*gw6JcJsg6Wq1%wPXq`yBmva|LlJz~v=bU*#v-b`m89=2rco(d zyc|OK;oZxZC@UYrT72?n8r1a?yMsLTnqaRdrmBU4OJpQ^<<-mV`s5XY1Nb;a*CozA za^|a#IW0OblHs|Nx;FnHH9cfx>|-0sFKQ<4h(Mqp5Jm{{jo+%b$VtfOAsEq{&)=5x!rqpR+CP^ltY#1~489DNEv!+f{| zsF#z<^QTGI{Y@y|S6>d;V^}uyFnF7mp14;s5}-HH6YitZ)=7xgzM8jpDg}ZD1-uhd zKIE5amr*eCWQ<+UVhuE*(hB$dF+Cqu)(|D_)X~+k@{ll2KqE6D9yRKpI2j+LBi3bY z?B5@ax#T|*{$r#li$+Cwp!-Ream18+^zoAS`yz|L!Dri@xcl_zZNjSZ;|XvesjSL2 zw%4)oEsVMmdq2I;K2CTL993tWm?ZZpkToFr+s_NrO-+@4xA56XD8IYEK1kzu>$Hdin4QZGAaC8$>b;uH_Q`DS zyz=1lBdg3+Xn2Gy8*Z|k<##QJh5g2&yzpzR5h^7zJhZ6F;EgenW-Jx3)J$&Vbh~mk zAa84W9QL|-&e6D&>E^&5XrrR1SmDvkxq){SjAF<}yonvq=5I&kM)@U@q|Zqj_+v9c z_Sm;Afcj-KjNgA3OLhVce17pq(v;s#ZLWVV)Dc^pygCH3%KKvhPV_AsYrQ~Px{y*H z)_!c!D_w5mgjzwE0PK2?8hW)yC+rg+6;kdk% z7!ol1SYdFFQ?UL}S^c%K&i}7$2%U_^M-PYwpn|2q=s|1lY0`d!#lw6~rsrghD^0)+ zIW?N$6ThldZfIdDx2MCWXPmn~2)@KNviq8Qdc&Y6FW3}k1;t)T^Jbk z_P=;3P;AnBfhjiHGm|S3)L2bvCyPQtqCsCaZo;`M;PZ)i(Ee8Fq-4c1Xx&L5Q$tX+ zd`3IHtJuO+7udCnzZnu-LMiEwWa~6LxE~_*5Pm_!NspZS0cG03P{OhxBF$_u&rs5; zfqVwq9!hR6W)_l*0(eujnLMS-R+ZaZSiWJCvqc5j^21eby1o9yJ5bvjQILrOl?-;l z8TjiqQZOBTBIHS1b5&mb_2CRZ3&9L3VrE_eh(?o-QI}wEWx>iCjW<3+GF(z)e=m&W zL{!Dk3h`t8J$K!%UUpD&f^8SI-HtWJpn{KBRSoFv*ooy9FIY%jqfbc#aaV+aXb28Zs4%y33PJB!n9pN@wc;AjCGJu4EDX zXyxhMn&XyR^SpW1IAwbCnygjH>`T`7j0}?KH|95g5YzVvL*Xven2R0*11XQM^w3}- zufZz6A-O6_oCpYGE+Iuzkk5J5PUTd;b@+Exu9IFmVv_OS?bj6M@GJoXultqRlme5B z!gTj*LR$U3k#E?`X^McP6r%K5J~F=17mL6)TM=h0K()~YCf-8BblpiTU6U1@Y zQ+d+X8SR`-bm&;dd^%eACPUWF>md}kXscijf2@$J7T+W3OHM2R+uN@fbgWQ~JXwi~Y4-j; zfSZ}kssz6M!{JJWX}FR(UU<3aH6iTSbT6+=z_-rzs7CAMQU{=U2CoDC6GP1-oXoQ- zjRZq&d|yTN#M^3^II>z5O9;hJF*$h>vM}M*hgA%suzEBo+JemI7bbH1gmU_i({~x* zZ)Oer`E_O0H(M&@C-hdxNKrcgN%XY4*}+>F*gO2Yl`;KHo5#_J+Iw}4>F?AuHl9F| zT7kK<2b$^n?n}Jwt#QX%$)o2&z0k_)@IrWgZ9tGhP+hi>)ce?*E25F%I+@jtweJez z9LYz2fqidfFn5Cn7VRDbyn~C$lY>dT#KaJ1y|2PT1H5dMB7<=EY`N{;n+c(4+Ucyz zC~iOM= zEvRWp8@47?J%+RUb&)e8{ zw}M{(X``czMM9oe?m2T*`rpj)|FQU4@JY!%F*56Vxxj9e0;_|K1`p#|=i!Xh$z?sC z@=sX3X*OZ|lB1ykJU)n4plz@3YP&Ywz%-$(yX;K=uMaEVM=(uMmzp(uy1$DTfFBe7 z<*!bi(op1l)zZDzHTnroE}>#`(#X?0kLq*JT>ezkr#&j1MwTD{UZfG<39q^EP4V!* zI&Pg6P1xkLC0K$n^4~q!CFMY!54MAv!CAcno{Ntns!e4!!rGDgD{_ZN(!L(Ilf{Jk z*A1&g*7_BbxZ=@m*X2V^?z-jd~g3RXT+qfj$;q4|ftBwv4 zM@nPG7DF<@5sCwU`52r@Na-N^Ap373vvO_CF_xqk-m2utxdr`Mk#KrF*twD@%@}Nm1XdJIpsN zkugHPQG+--xct8%9B;@v0#E{sod^~HolM8Ru8r;$W0pFqTHHDEvJ*rnqoiP+v@w58 z`Rd#9^cx4hn3Px$f>244y@=`BbW;DBV)^Iu*jzW3dJ;Lo_|xjgykzW~l;~wFZkPhN z73hoJ{WtUl*VF2t2MYQlu$Kq*dA#f>6UBc^aCGZ|9g(O3Gt^1_pxoJMV5Dc4nfMQd zJ;mqP5!ufchWi{J_=dVfp5{8AYau}SpOK*BO*ZH=bG^2gt}Y z{)hiTQ8mtgj)jNgv!`>amVZPlZGQf&9PAb$3XEHt1o544@W`tz0Fz6GH0?s zodByvqh<82wX#JuEW)vQ*~ls??HQ!s3IOq&aercpWJxZNYhBB9eWYY-DTI&k&|_Sz ze2tB%M2^$~Iw+ormT$&1AC7Zex8kvLAT&yC_qx=4OW0xI9?QSOl8d|*Q7t!Vm_Nt> zaTj#_|G2E^3iAp~LoP-`jb?sFy=IX__QhVcC~WJu&@cG#J1;&J=g?;@f8kosqZ)`Z|-z?;_i4Jvf6FR0Z<0b>8I!j!$Yn3pCF6-;o(wS@Hdn#quwb4{+79PKfY&JU8|nDYnYbHLA|5v54ZcOor~ z;7}x{>vaKJs-@6xUs&HG{(fYx>+eh9E9L^;aTkxaBzRpX>p`nm61N|qNt2h`Eo<0h zOQ$rgwe}&HH`afCmmXR%4v@?yXxeA)GfZa_B%Yg(^VO{u38jfDO^($!``6GQbxX5- zpe~Yi`!xw!n<>JCQb9+UD5OycYd2M~X+z1uz%bnHTT%t1B~&;NNFKZHuN4Gs@^vR9 zb0`mB(j(>ZZz_+^0Y0XWbsI*6ryxZ(?BZYDpoyn*O-64@YT-2+|HNU$aD8l>BL{v_ zT(Kf{U}Ams9>wRNGnqRg_lm-hNU%j{e??vRnU@=SO6jJF?NS#Q^E!KLwzz52TNHAZ z`)c9XI7EIy%B(WVbge`Pobv}y1bF8+E3AtoLyg`ZqlSQM{Q)Hymzm^_XFkQPKq0BKCqqsLZb-p#AqmGyYS z#_8>Mzgn?LJYoz@66R3t$uVwu(E1}mIqak4=TnDDAN&<5OuaLi=D>a^&6n@GzT=V2 zHzalmQi~$s^|ts;EoG%_BgMVDA>kyhgXPYiobmBBxwurZ+NoF%2Ji6>M+?6giw8i- zUsk>2RKNO>qxG$e3tgq8Zf9Au#@K;+VCx1uYGD2Zm0+icJwDK%PIltF)Xs}$c1GG_ zNiIO|m8{C9xwAX$ufy-2si1@*DNv!M+QzDE1dXH^Zb4ph%qwcJp~wlojLzP=+|S%P zk9TfkZZ&^FE+U2kxyIH6_XM`9K^@RO!x@m}LgRfT*)(}cu>=NPk?L2YxK!g0UxKj; z5^u@GJQBvseEkg+55>|HD~*D38|l8(fD5v;6Y) zjh|{tdvwo&3eNg*OkCpk3R=H%n+6?g@VztRtq;#HBqSF%o05~i3?w}r7lj3QYf4S2 zyKewmpN>VPta6a6--?lq)(@kZ+W=@A!eCW%it`0n-C9TB#@#_R-LfIwyxm6%xKTcNvRm2nF1%c%M49X(i%2wbB`yL{ z#Z6G?e9|ZXE|x;-j$bv)K_J&^99N^yNgI3ry)1@<^*w~F?cVd_WOMACFC}wuD=A@8(1F>qva*H^Q6X=w<6m26n``_0WN(k zrWz*FJR&BC2->J0UAXP~`03|mJW;Q5+P(Q7U2mQ2r%W~J)#mrBlok{-C1QgwEr#mt z^f?%hz&a1^O9l`~9rkiE+ru><4>A6`wDp>!WFvH-awXp|h zjHyGZV(nUR^XQtABoYEvKJx&7(RPHbcURl!@yE$%-CLT}BV5#4EzB|}p9F8b!G z1~SU|;>iNcbQ{*k65rTC1x?d;ge z#?!rc?+=DHoQa=QD`S4H(e4c_RO8@i?Kk2!^I0ds_}YYA1>uGEj*V@et7Glhp3BAE zQ@qr(v%5R^>fyD~Tn<~?iH7iXoQDmx?NmGU^ityhOV(m0FlQ&WVXo<}KJjF6qHv14 zW-mPyZ#MeKe^E;JNf>DZdv%mcCyd=%^Mm0M0IehV)uoRc`HQe%&_X^*R z-`9joz(a6ADjgtK(PfxrZ*NO+w|>-C-<9A+x$h<1v#l|8=(mG!r0a=82(A!ZBW~wc zr@M=fj^HJ5HyTs;YQNVv}4Z$DnP%a3@gtHzU>Rt1^_m$EQ$Z*0;UR$rQ>JA&N zP+qaU$iS`8YoaLHMfm~{CA}sWpGfN$Vhd1gmXECiM>T2#2*T#Eb?C-Kh1;AV{{$N> zcny03%?SJHTsz#Yeeu(2uh}2vgj2Q2I~0D22109Ja~?u=c&%LhFRc>nq>V35yT;a1 zWm&C0y0>-!qXBbM_KQ^Es+7DIlAaRo z%aPM2_tq#|V90F9#mD)A1Q7O5ek&ys83$*Ug=L091x+G2{3Cz)d+z$IBmQ?nLSZBA z86O|-I1g)Gi0tFc*rnMWB{0E2_EQcDn~R=`J00SQ5*32m!@*tR#)t^TZcw!tO`ASu z+v3vc<-1QM`-ja412VE_9LbGH13ht~0}=+3lokUQJQnZz$_+T|smf9m_a~$*K2nJW zQUNbLMP_{1?3yYkW;A01BcV|)Fl0QXx{S-kqL#hBZYH$NKv2?6CkY) z$LOYxRU3=Zj%LJ;b_Ej!cRQb9(6Cl9jZ8~s^ec$SHCaZ;Im~!%;w!@Iq{t=`ymhKF zgrq0u@QPzAi+|3CSZhLTDB-VBon~*Xr6{#S{?0NSN{KMAh`ljd6on<`=Od4+sNi1> zQS7*M+H(|FKCR9B%tY(~-Z`62Up{_q+S4CkTqI(d2O=T?ifv|sNcY#~yPGe`blbnx z7(Jfg1DIH;qJRR)>x$-0cFUUfq**?f!sz-c*wZ}dlsi~0A@`_pZ5v->{RrxuHjUE- zTiB59;<~05(#vScmGd!UbJ>H$^F{u=eiO9|uUJezHVg_FAC4hgOvRRzbyb%FS0cX= z@da7z{uM_j7l>-YQwswHNFl$*C0|K2S@@e=s?|*qi#sz!LUYFZV{Rhs>7r)Dz&QF{V((k|NfL9fv~jY^7uST7@gpK4%VtfdJ%<$P*|qJpkVgURGH4

    PIKq9}|DJ|NkBe1V8KTS(Q)+2m05;$D74HvcaO%UtbVR##KBbxP3~RTd{PRn)TrYBLE1Y7N!E31+fP?@+03$S8(p@#>@M4O zmz`zXwr$(CZR@Y+-8;U69kC;J#DA6tnYreiE7n|djB$_a))WFWqm;lIE6LGx{kxFu zI3LI%b))Kb*z_!CI6pEkX}4$>^QAPt0dnJ{6gn&Kgh3RCq}{e@{!>;lwpLWw6he4D zNm^imQ*Rx?c3`t}PfgMT&5DSjEWVKu=Qw-{n+E#WtQO@8A#TZOPFwY9~YLySU^wh(=;wL&zaSce<5nPjI+4@mlr0SRH@#4RGm zG2UddxZ(C^s}0?I1D_?}rw3Nx@jZ|#?R|yP4*kHSrLwRZSMEH7YZ`@J6PpVV-XYJq zta%X*7APr9)2d>zrVt|8K%?yXj6{En#Qf+!xRO+Bu}AfY-xRV-KQu>=AvZJ^B;xBL zuIi^{`SP3M1_7$~iM<2S(ahjXw2MD;1AN+K2!f}bDg5!#*>OVTyC686&!?ArvEV>( z@spMdw}jgT851|C%7&o8`%;T-587DQjZ_s5_R6%L-%nE>N0Gh@_;<0R{&`@xVK)nh z$_g-4Mo4|b;M>d02?*a|#)L~gS8}{zsy0;TQrPIloNb6mNP`JEHJ7`6x6d8a9XSuJ z!6@s>@`v0ljNe(bDrb#SmBsVV8dF#PF3jR+w`Gypb*g(L&g?D*mgebhFFM68doy(g znb#;IeiV|{n(O8?X#H*qyViA$>3|5%b^;m|in}}>D4rm1KgJ#T&>7e9GR92)d~Rc| z%Sy7kB@h-S#I>Y)>AZFGY8|2elW0QZ(CG&cK;9Vq|*5!GR=Xwh>uG$jQEXQa=nH{fc zj7U-vvrQj~VK>Zf!YFF92H%aE%`Mbgq)`*MwuP}S&}=%TH?rYUTA=5pu*g4u_Ci9> z88Tp40)c+NkR~pluc+)-S52#UdsiDij`6%ZeSa~N`NM!#wWsRnQ09j?KRHx4smAKA z504Di`58=GP*PhI-lmrnsyyNLe83Av(^?HNVFub>eZBtUMaB!vdQ(7Zp@KrNBkK8W z?9NMCf+_q2PzWUpF-vS@^*|SDdkMXpL_CP0oi#NaD!STZ=(m4LVVH*2JEukaQ#W{d z18S@G35~gMK_p3^S6Tm$O%r|>^CUG{=4_-?@nStp(G9AOj^Iz4zGTj!Vr$bJD*njc zf5bonp3qzeb^KB3kTi!Chc0BBpXL90GIXGY2w22oq zWcu@ehgoEX$=AFaZZ;?#=XZU{nL;|Fz(3{8o0i`IlUH+L`=W?S{oY1ajvFj={pU_8ikI% z+7S1S{;HIb0w=h_o>zR9U)x@b7o|kT^S|_oaw`CRic6l7DOZSuo*JHht;kC@ z6krg5I>P~#RnS2u2S52nHrfhN01=Uw0*2#!_?BG{o{B+!wF5z=2SplS%4FjZb+;;Y zY#4*SlnEN@cDly(23gh>xOY*>?JNT)dWBfa?-3=pWRp{HWSDSjJ-Uu72_odVsdf>RwcolI*xBZ+m zy~?1Sp;ROoQ0IDp&XUuI!RL&HM2dg6v&6mJVM5>O6{J{48WqxcL4)*B;d!0M!@?#U z;DFSO0jT4f3*}SLsjqKEVK&78-NSu8^q*QuNuKQ2%pw~V@@>pPeYz%e4TaQNoAqnc zMZ9bbUpCL;c!zZx*R4*j|IK?>nL<5Vk{mDzA-txDK-MY_u7V?4om2N$dYL#o>(fxVb2btK6Ix!BD z$B(m5&_}`WNpq%fCN5QR3<$duANjk6Q($aGQ@ESEKZAVm?RqVubE)pR&;`nM4|DMC zgHKddGp#>1N-E{9NxeCPK0R71)=}e^x728qZhwYP$#$(OC6Pg__e{k_bv~KoiE&^|H^ys&mK+fZ%h3r z*)RM*l#tN>8~=xbWn$u%P3J%L2z}JoMV0^h;>!=RI;f1tUV7#P1Z2s7|FT_ev%LIY zY!$z-4(N9d|9@u&c_Y2Nyc|Ec|2K>1=*SZ=LrqQ1>G@p!z%9rG^6!sFrijSNgZul1 z&upa535owx3rJ785+eZj?`b_}`7cV5z0SVFzhEq)7n%QuCkn3q9*nTPjx2&+LSmvm z3zn7C6w!Y%i;fQJ|EBY}#Wpswt0N&^0j=N-k)hb#t|7VnW3XUh#KZVWG-X4ZkQ~oUh?6V8}UvI?!9L~-6 zS)`-`_hrWE-vzk4S%VhW1VfYR$`LV1`?sPqk`=Ti|7*NHeLb{COyq8cN4l}#KcjHC zPJ;?j*9|TlM97+9md6547qYG{zN5M)dOjmt)LQuL<0 ztCAo67U(?UkD+jKOW6(TG#)J4=}&-5vK+M6lLZ=U^M=ElOwW4fAe$c@2TiRg*wsi) zckdjub!r-4z?Dl-3e0Ks6n4Csy~x^OaYUy|&A9+F0alkfe7q%uUusODU~v2zPnc!w z@`i68V~mRN&awNW?rZOIiVAUKC4!Mwl@9rpFR>90#CBGEy6qm(vwkR+CDYULF(VoZ zPY-Y_=UnoRdckAG25Y4+Jdcl}lHSkexmm%Tp$DNSEDag72dV9O=k@ivYwdxHuUO87 z8QbX-bnwQYBWo(R-F4U_mDGm`O|&9J{9% z=9+KBN~AS46d-Xz*t~)tHBE|YfTg6Y{SLXLn!`WPU|1%tVw7r+i-Mh_3$y%m$?JZK z>8njKP6?U))b?(6I~r_7s?)4&$Z`uU^nkf&1|KMVJn6g|34!~+rjk!q2OSA(915q> zs!1ShDsHpd!m_kQ&au-t(f~P+Q|LI(`E!Bz;ILS~y?tXPedwD$?Hs+KLlD1Q?cqvG z^3jRzn*0yXT5s->0b}=ma07G7qwuOu{S_TtFL3u50$7oq9GPCo(&a9FINhs}US1|- zU2b0GfuiItJBT+2i;$?$K@qF|3C_Qby;@2)Gp<~&J4$xRPbwFL6(eXa4xGTtAH{2F z;vCANAyGvX%%sMVxS!e|B6ijXkw)BH zwqd-Xr>I5$pqLnN^0!T5A~PAOqX8@v)4t+7vyc%oORAs#}Qr_E|gZV=Byeh-$s3*uGJ zw)45^TW`jgnm{8I+%*)%N0rPscNo@6q3}`)msqRdMZ2R`fMAQ0#XNd?77(&$^4ylBZ3_|Xevea+umHO zc@Jm8by*?vRd2qn^l){}QNS2`w9+5SAqK3vSPA+H{hQT_{pNlKhWSv@0&?vPO^W)b z{O~-O%1f?C&zhivk^^r&&xtOw|J}X!ak!bJx$7+_jVP39u(ln+9d6lEKLMNp=xGknp;-( z@*lhVS`yHnG#0oaeW<>fJW+PSv%P6fF_Ys;RyB)XLwz6RsJh=kSW zakj?!yH-ZoaxVKk0&#WLps(aT(|)_!$q>nIcw|fKPR&qxfJfnp zs^a5=bj+tOH^nXmI;dW3Mt%xdySlr_G@pPfxJb;q_Rox!B^VsQ-@`f7kZl!Ok(`-A zI-Z1STVdIFx5hR=Xof^ERy$sZ!XG8f7HHbc2Xea^?~pOAiDcQ9BU_z`;bG&F5c1;a$t2`_H&y(+lE$i2g@O1phacHO&nG7O~w&@R6vYEouLHg z*81HmLZ~%&L^NL_HEXp$VSW;!Zu;(aeQ*70n++Cjq54ivtfG4eV9!lRh;fOjUS+l? z+(;Xj!t;5rxoc@aFH079HUSQPVVE_LHq9hz;$t8Ss9E z&clB`>&O{rDk7$CH*Q9x@*2<74hOle-35`FCQ~LEmVS5g7)>Rc+E`$rQvu1VCp!Uh z(pM8DAEW{B7owiF)eQIAcIIQf7&sy`K+o3uNByf)9Q~oeodWsk%|+qI8M0jcj$xkk zh?a#AZO3MYS6UKFS~Bmy^eqYCgalY@cvbs})K%TGNkVN5uB1?BP#COnH8Ba6672Gw zdlWf!RmQ@}{53U5_s|Z8+Bq@4ofV$3N|QnkRRq$SB4LQ5h{~i7qCThvZp8*59GNzM zOq&o{=swq(O1WQCH8gP7Z4nhDGE^jlvx`{EY4}q`EwUlrYFWqA_yPsAJ>@C6M`t%D zf^`%WglD=XxDi_2G+;}vIm%|$?22R7s=Bb~t+-ae+3Uer148#WP4AY|E6DO6{>f^* zKU(1Q8hJ70r3G!Bo1GS|Z%Vx#rD{LFdoiwv^|;KKOlDA}DowjafGbpRZU505eR#eS zu3P2(%s~+_oNza#9m(VRq4cg_uqAQ6tA}A z$l=&6R*NiJBKb>~xYGF#?F*)1M{!4tVb`S}mZmU05-YO#P2{bkg0d+YP)a8iAivXU zLKO8>Zt%13`Njg5~jOa>b zZW-b=d;T-PjlQ!=nmE5#aSv%)2Q6MKASTiltK%hf<9s!G{3B-mf*;sbFzy`Abhe^k zTnRJ}%OGws`Hkwah(~IDYFK%BFu@%xiHQlFHcQp=G8!7dwPtW)zToyoX%9*4verb> z6gX3K!J%$_6OT7c;(ZA_*oqw}&V_h9FKFc-cB_3Qzi|YAnK}=uD}th1l;rTGoU~V3 zfn>FU&A$Y{GlllxKx4}m6=i4g0mOQBJ-X}0W2N8Ziljr6QeRjP?-4K`(`GqG>Am82 zg}nn0ym6A`BX)o66@y$n$O}S2-WEtY7J!Ad$;+PijZV~VPsbf`Sdz<6YT`9gMst1r ziHN+Kpd&af*;KeaHi^Ylqbi0`|^X&*W*ZfPbeSUzZ_+&6+Z^+O<*WaQ!I$vIO=>H_kaMwxQGTs$L4qqQ?Ph%t#i0_lKiQv)@i(hBoMcUQ$SF4>k zqet4}kZMMts%J$80}APrYF^;Ee?i`-epjq25QC+FMrOg*{)-Q~Hf|+(Nng`|5(O;s zrHI3jKRHFOf+QiS#^y*zrHCDQpXfInf{9^rQt>)jtEf8?5zlaSc*|#;4}Bws&yV zq8LRrF3v?!d71t3UO1zrHE@wB#pAp^g%chtG0y4frw&0$N|X0kEPlV(#RT7b6!jODe@G%kx8JWAjUJ@svkAd!1$-XRmAp%Y{2&Dg=GK_H#XD-@;{ zYPb&sBA)LGCWSEA$(q2hwjLRw7U83A+A|)=fWL}>?~u(Zt;|}MR^{3}+4`ktgj_QI zpMuhYsgx;+{NNr!1R!^0mFblN_RMM5hhHP=g;b0{ev9ip;8xFR z9t}AeXg_-uYV(9(_jW;TZ=#Bdl18vXRn(&Fl93fmM%i3~hD5gM+UHT!OUlKU$13Z8 zV>wpjwzo3o_{4KS;M-Mx)*nx?mlt&lR3H!8bqj<@x+Vdcxcdom)44~-WlQ=u1p+nn z@=50-@is4Ae}XZK+K3uB=i9`G@T@OTSfP(E-MU}JqQv)a^tE^E@5ndLl1~G#eYKBI zPUv8p@h1f>xrz^lFZmWjrUoQPXXTkIH32c1)H%L6&FOQ8%8!iFr$`~;y6o=ZwG^~G zJ;{0$fqQ>?Xd-0mu=~MW_b!iyAOoQ@7;J&Ll^IHp93c*NN@al#b1^&X z5&jW)>o9ULz|~D>WEMNu4evz~5{J?foEe&~;M7n%FUT8bQh5$}cO&KoupzY$i==9V z1EnQ1;nznF=$nd)VZHrnyv4_p<80xJL*XnP1y_!ju#he7v5B(OyN-$T=4pik{=t_){X$HDfUhXlrn5nB-!469YPLnuJ=ShB0VSFXUi#d3GWW@ zsGA|C*_1$=#s`gKVCt88OR7qRRU7`FLZYtpWT?IrrfUAB4GyrqT#`~t3%FE`*ao2V z)eiM)_%(E(*u2-dGLPfN!urhGRAU0e7Tu-cK09R9hPbvJo7JRqvnv?0p zMIrYBS(0K>YF*-X0NeoWg_h3(&Y)@oI2pf)n=iWF@BfSB^bV@j`#<2G~6Y z76t4B)NiTr<1mMn*+&C|V(Xud76#)1)WSMd`o;)f%z-*-F43jalw-Em zU>D#hA}_Q*+n{{8H-hQ@Iz;mq);l6cr9s^Q@U~i(OE4MSc@*7;^2+!ECs#k$BsNrJ zrpk=%7qU%p(2m62(|lXkCC@k<^;Rh3y{$2*94OFm+4#-4ziB*794a)AGf8zXzYuo) z%VDOr@iqbzwNG}XJHwkiINqMfQ20pF=bXh!PZ?XJ{YNbG^UIZ7xe{lux~XgF9R{BU z=r}W+0bnIY4f@<`lD=ud2qWZDX2^JwMzU1kdMvyk`ps_le_A+#RHL>5!!n!?j+6E*J;bOQ9qksKil9<>~hQ> zZlMbnm^0f%GWc9CC|X}394Sn!cj{bCkd$&>_qIUsFB50)hr3ouRir|_{v>q2`=xmraazCfB)4@4t1dYr&)XM~6DiM8-~k#KeA(un0~4)6fC-w7Vk2r3uZ zqczy7k;h@$9?YU1_)4@79Dy%+GZdll_Ci_hQ7%zUjIF99z!&P_3%+25A0`tKjfL>s zHst6&FJLgvSp=rTsNm1)H0iuO-V5!YCz7|R>5$>!dBJkQ*Yzi1D{-!V%4v=AC|sFt zpuJFzCHpT?Nd`b%nesAx!d_-NYVBT+u`mp`r3Kih`aDq!qW(DvVH@{$L65!p`0lRG z&0c{vNbuL<07A#Ufyxw-1-$hQcGLpe(mG*rJ<>L}&$JAsv<}F~3p$<)XC-(#!*kcP zq(uAyvwPUXkPt?bF|JK@pT83Y*Ppy!!4z7;u z1|@0$k8E`VnK2u^*T^%Ciwkiax+bNXtB`j$y_>~F5*%2a<|v|hFgHT2b$cIE&srRk z0v&BT<|ZWFV{wm*D)GR{=2Gs}9)x9EMch+8e zAn0k&(<7(KaFr(V5W`B;Ul-HjC8jtdb*^!8st2n`TgeAbtnAa6|7|=r=ZL@XbpV^})LmS~~ zr-@9NtNPA^SLE&CmgR%#ayU68DOfbZp`mjSrVIHj}-(w7Z^fI{nGZnqDR(Q zms<@ps*rI?9tW6TCJIr0i`F=p58X=i*f51DEKzl;HC(+K1Ctnn9@$`_J#gf7ZJyDR zCqyHR+n8NCwONEy%-3X!l@slp)|f`3h{w*4h|hsDhN3TDIenjl?_cQur5)EBw#ofZ zy88>vNA^dF#8FBExfz9|vG?ng&+hXOqn*7A6QvA)d*pa}U8Wq+=c_XhW@d7;swtK< z{$nY&)BVSg_oW_pcu8dbI1QF#7he~8M5|~cE~nsKOVdj7{rOsT1cc5rf(!o>6Eogh zME;{chYLBIH^18jsW!;FCVuPbw5uWE=wnw83g1UVGiJ_(5NamjDJ%79F ztJHTVEA}H>2JX2js+U7gjQ-lXi^O_;`Yk?J8z7V|cFA+NlL{09{fgjDOb1u5RL)TQ z70d>kmp^yhIsYK9ZCjJbo6d@4d`noC93sS<-n))`hFe4mtjeb)0B)oxBqX#i;WwY# zofJBN5@Ut=r@;tPW?EO6KPi@b%c6ZgZ?Y|bf}=f-48f%lkDB1?+8C={5Yirj;A+@7 z@q$aRat1d6@$Vlwz-X;(tezv`{Ozy!%8-ngM`86$uBp`?B!{1?c_;CW>DvupXCqD_ zhVmhx5J?sL7gleS=Jmv-s;KZr;M}*9~IJ#J$-r9i#k5sj4Gh< zpX%6;@T9v(pm2OAlCT?h4&n=iBz1N+X@Xo5PG5@!O((5e`@_LES$>3&g)1OWw_uNv zp#Rm-u@?v}*kS&BRJ2t~Uj_V5RoOWoW1v=za`cX*YM|3@iKiOC_W5PZpq(Fu$}L4# zK->MmdwX?fpo^T^(8NKy$p9Lz6q($S12s$ROz8iK!rmb9ABG z4UJN<&s~W0Mbc54XWhOy@oyx`VCR2H%y_tj4R_LiD%!f+$^e7lue#4i;+xe|z){xe@hY!%46Q^T9gX8hB??I-e5 z5q_UwI)$XnHh(x5_(`Or#ZyqflZ0ODBN2L^o)5M6-U(T~=u^wAQ>(>q=%W#xZsb{(7d#%+)!Hcz#5Dby1|fl?lw_%NFE3 zY`K{_bf5$-U=48n_|8g_pK`)Y5mLL)V~*z5{xv~n&eJx>-3?#YL9YM=KMkz8ey|fN zvD)5y;9kj67qzrx2a$n)7J<+kUY(57wao5iOy2Z1U$oH}8L~iT2)?iBr0tP3;G6RK zq_uF#>SrZ_RvzKg*`V_t63LNR9&D{Q?|pU2bH7sA)M`l}Di9xQOB~3xe6rRa2@@0( zbwcP*O+COY*+s?zTJCRjfC&!@?^s)Ihua+1nJzJ=_qNGbzjBmr_B2zbE_b#-@?RN$ zBM0NH%-kF=7C~LsB5@m5%+iZX{_Nb!Usr);=Jl8S&~WFfYgVDN1RY ze;I{45X8ZPa%JMv@s7RL>x8_$sU%=}(|4adqnnrnBd#zpeO8obgT?b^5Tuiifw8@f zzkpRkP=vP-PiyLI%er8o3vk1i=*OVw_>TDXVbA(j`*44ZB=E39Ybnj&11M|SnKxoU zs*Ei6a3RFUA1lxX)eauq`%rwk&FahAlem}FBih@Bir0Q~m<#ZI=5DHesq5&UXovR zq{I@S0{G zal8rR84U6A-&!6jeht}+p}Z@WN~~iMYj4gQMn)5`eHL)sAs}v%SXSn;*{N`Fl~M0; z%rdrAHFHy~gA$F&fkj0gse<#pAe~njO>A;b=&qlZOj&Fa8O5B zM%@X^Pb95;`fWP4HN-F3jfbf^!z3;OmK`<3J!Ge}N8x;;m~62?G(MEtWfD(3+vT5| z+=~8U*;r%9K0X)LHD3C?ffYL(FCWlJ&;X3Y<(a-QOEg6Ggv3~P-O31?JT^-v=C)P^ zcNVw=F&G;Yce|_pP8MA0B7x=5S0Z-nPH$*CJ|He&HBw`dPAcc=Krv-)Ew~9Gktxpy zM^>j(i{BaXyNTf*e>w}YjcdoXJHE!Bao%_*o2|}31W9$vfp#N|kGRi(hB5Jok`|=) z0&&H%psI?g|kBtOM_T5bo06Rt(tGD z!GE87Vjkihv&PReooSZK$VUr)dR&>pI+?{|cW~64|1;x2Z{Vj04C6yjKVxg! z2E@K<_v`#je67hZ?p_#+YPQzCb}7v-oB({34CDuEjl}KotW@V=RRwjN!=?5r#u16H z)8IhH=w?Z&{i4euq~RuV2Zy|3Ov7!1S5(&?@0pc+yyET`MY?;V#twmcBIsYh6oYuf z=M&S{8%7LrEh%@AQ(s(LTg!BGx-0ZBpd>#_t6@*JbNZ}#({8&P?uSgr`KXZ7Fxfvn zA;xM552t2C;#0Hsr>EnXEbRyu=TMMUtbWUT?t>=NuOOswv;5shS6AHiD{mnxH5)iQzm`5k)ETDJtcDQim^(; zlhxczGltz#nL5A?vgc=NYdXhj$;*{c1W&vnI5gLSA?!?@V!<4vACtGU>iU7SbIrcP za{(`T{^q`^wTtjM(URt0PU)426SuAY?a*-S%<&J@bI2w*Bj|e@+&L^JYy2{mrp2m7 zX}WzG)$W}>ic4Be;z06hd37p~ioQmnVp8j{LBNgz{8n516@PH@VGj48-23N60}mRF zV!h?vo%Ky|bVN|t2H?H$HyapM&paf8H!(+*nZkML0* zVueHNP%lX8|jpjJl&Ulq307c0y`Axam;RD_Kb|&Zz`k#r56w0*07v>T zsaRf~ZZx+H=Lv~XzQ&R&H&`}N{26#~ULy|%vHWr9pSp}x1X4hvJk7$3s!I7o?~%)s{bwrwnK#e7w~=n#qu{tSey=u-OpLbr zmVlo>)4g(=tT3e^*FNjUJ{KC=Ol^O7LC`i-a>)o6@gDRcDgpNPK?o8T2U*@vI=&%?lY>? zk}#P3-dGMEZVs0rwPnHNR&bx=C@&o*muN(%wkC`5JFrpkg_Y%}+%{ai;UVHwB1$a! zI7^XNK!We~1E~6fRb=bY~N%qqJjk75Z{Qy_* zJ$^-Nb3h`Q2u6&9@K#ug4NBqzk~b?c6GBy0cNA(*)S@GTaB?g%G!fAMEx~RV^PBH*DTFVfSF=!gm)@?e<<%t*J^Uw; z;5Y|aKsNGs828khG4P`+MAU8)rToF;DVa|AnZse7;ia{bMc2#gyJDDM-4{^=f8>dY{ zX^UkD%xBIH5tjV4rZ8oqeCO{YNv&oWauv@pXCqYNwwBmWC%nER*ugVLABDF)m74e@ z^rTrA$^7eM{Tk|N1+A_iIn_jl*UYjM#7n7}OWO9fgX{+|PcQcXB-5g!xEHCFGxU-A zzXTwyU@`9xT;~w7#-&S)I%?GtA#yM`H^!S^=P-@N^9=U)rhet4MujD{NbH1Ec+j9| z-zE&96b3s@;VX9Q2|C1}q2F?;r9VUzEPwylAbX!? z$MpLx1Y0ih@~$P|xM>LIMpC_eY$2^W^khk!aVIN|VeFmSVuH?`ylnxq)2EVC@&Fvq zz3C#)p0qM}`Hed=>+_vZN!Kzg7eb;UC?FRu2f?o1NT#%SJN$`f3~ ziEax1_!sJt3&voD&m&IV0SruN~;a^C6;x(d<2M#~NKLZyY+9p?!C-j!#<|Vg)X2S)fX&Qrwhr8WWTN}-oP~!(x9U>v^ z=O^89z}(ElR@%oK`|Zo2mlA~+<_0aYhc@UXVGIW}Kw!yyaA-|Ae`e6PVC(jD)r$kX zpV_kCl&GQ2?I5ksN-7f&F-fzpO{RYLfQu)p3$ukDVdP%QoKH?k136S%HuBr~(grLA8;GPN)#B{r4o z*BDy9t1vSu2PC-xap^SOBKa%!>Dmc@J9en9cc00SxNm)|IH(}77;$lI~+rr zO#QcUrom`qAfVguQsGg6GaycLZNdY>P#097@sy0>}Gl=yIYy zd=DFKH2jt=m>=tfV8`a~fstEccrbsF)vCnJ^PB-aYyxVOls~Z3%&nm96af(d2Ko$+ z!3X^2nK-(D>|a`k>Y>bL6ML+F*)$1%jQT1Iquk88}OmuZ=i`fto5 zsY)ITe$85o6251!G#Zx!EkxoWHe3Q3>aI1K7;!pUx)So4HFFqOs~-JC+{u1=B6NHq z_%atfy^$F#aAB^yg;<@{UpCOS%yv)reK`$@prjM7E6O)Lnu$dl2@xj;a@GROorj9&7PtA~ zMPcKLV#Ny2+ZJBDyrxV|x63AHCAP4Hvugc0F35odmE9^`W2Ug7C&Obp^Z zmw{5Q4o7;WsR{k}XM)*%Q(YUszfEbcZus9xT8AUzuz87yLlJC?ifdB-ylFTWl{R}! zB7Pgd4Pmf_h4T6j%h8ka6z(~}z+ZX`;^c;^%sb3Z!UVq)AA3UB9UbIhOtYdoDPZr} zqzL>{hUcv8Nrr}D@OTpvf|C)&HM5vKW`1HC7JLX#`kJoKt>iLIeZJmoAiGfsRH# zB|(LS(C-Tx@JS1{&$dk5lJmlve7O|1_I5&5^EuS~f{jA_?N&|hDysXlO0ko`KCzO= z@8VofhBd0)6q^TKRMUFdW?b-K;9l{q$@H{VsihpId0N@c-C0<09fzni2Y8$F*aSY2 z9IgupXUK4F0Yh+m7*32c6WC-=eF7y0GMZmp9d?a^AjX0Az_;2Pc@G&G5rq_U;U_#^ z59^-$Ug7g4t-+*@_A#UF&n8{YjFJyxc}<&T)1zmghPw`5N=b*1yk7spNbu~gM$GDq z9TZI9J~2*}Ga*HP6oEFY(BQ;AklKWacJvX~#6!&Qq1t^)f#?k)%gwrfVIc}x2=T7J z(M5|hmV%pBJ&Zx;M0IkNX3SyGEMFs2e+jKdPnW+H%B0&bt_(q$m9rjeJRUXvj|pnn zeFwJeI#0*+(wlvQ_*Y0~7Tz?3H1|7Od|l1YUkA87(~VZ|cV*g^<5qb|KGds=e}W<- z^Bl*Z?#XmZ)0P;0oWS<3x>5xMqs$wi^@TvE4RH@P&@?Gk2N*mIRpT$PU>|jUf^*dB zAL#Ug%jw16A$>k9pf}>pGV2-hQ#F3SWVOZYP>(k2OfbF;w_V-9wr~8K5dZCfsLs8W zxaZGoEzjU-$@6 z(Nhx7sv%RVJmmL=iWmGZ=<9{#mGtj{^3!zOaY9Fjsoj>~t!#l4@xx8h^HEi%Y*l~~;HvH4J9JyL zU-WZ7R|nJ%7&g?=kkXo;VEK)BS#(-rGI5rJhPNW-J>kG|QYD+{3~UiP(UH20y)SE_iV`a6M9&>~aUYYVR=J_)$&ppB9?2=3LbSBo1czunzr&#%3R-=ufFbM)189bto5v^hIE#pemdO7QwN zVBh#pLK1#hxb*Z4J9%eI6E-XcYScwSiolHLuY0xl&Ojy^?i@ma`(jIL+jdA}z1YBcP=!ild)U<*OK&y{f)y;L$suk5ai++q=9NuKt ziH`S&Pi_o;io}RKEV9iPK%tYBiI+a(4&#q=okn2$s3;I`s&K=0rgfUfaQxjQ?)w>Pd+ ztGXm;V*_l>Mw+5(9UINtGgGV4KOcS@rc))%4w^93UE0FV9f|R{Fq|5zf;W{>YV}>) z+y~z;tvJ$f`0O{Zgq#YFN!7Ku$xh!L{b|SemnrMrre^}dw8NiOo1V;Bm-IWk>z8J^ z$J5r2s4UBe^fIULUZaPKTx;u5f7on2`=HtIt6Iem?%rA5 z3#|%k6kKj#HZ5~=%2N*;!|x_(!e^)|N(cUMkrzn<2DiL<4f-;s=NG4ot%islF&vH} zM2xJB765X;=WTDcRu(F)a&u}PxQ!MIOGup#6vsQ>g{UmY9F;M7zUD!-d^RdP>+dlx zMB&=_d=guhbjGaMJH#4Q`f}v(kk6_bWb5eDy3@iH&6+Nva#CUy7fg=m(S$b^=asT8 zx;W664NY@O>wykkUWM{43}>fqjyLv&C5`c99Wm34E{ry=Kb;%6T`x8dSi&#XiG~3^Yc0IvT1%JjXiwKZ2QK=A=vMu^TZ6bx9h0=iUg0ky zN$2a|VZ)27i;m`3q%TjtzHS9hbRW1}U|J&z%F8jrk~E|&l}JjNtDwxtg(%JdV=8qX zS2~ZE739u_EF##6;YMe}Wey~b7LXHeV&YuM!(owW*Qbv@=NVw0TFQ&vUnnWk>l+O+ zr#h#!R%Vnc>w3Pq;k0cqV|2A`&D;;@C2eg5W_y>Hmwa)Chh9%Izx``}#RPtAX6c&V z9*%e&WqRySv>m}0*-qGZuDe9Xu~H4f-42{%$3en%XyfR7p<_E|~MnqKLBAsp1+-iirTDW#JAWJ=xiy%xgz!) zD5bN#22(pHtkqC-;yBgzp0p%qp&1^IO+x`0`T3mqY7M)JI~YDF2#r|}No&4j^{zwI zOU{J&xsaW>n~a#F?2FV9?A6G!rC)I5SQ^%Wp}1@Mh{`I#tLYFcMTXI66T~1lHA#D7 z>G5%=J3kw(YY=X#YEncbQWyU<>-Hy*l`EHFsim~t4lhSbx~o$;nBPUHha)N>7DJzo z;~U;&-OiKbY26tf>_TPK$Ha(s?%TYM)LaeWqr5Tg?dHgaw^%Rs>vIq?!-l|M=d;m6 zXG0NIT6Qe|ibI|5ObvB0 z?wY;t4VG;@!O5r&A}(_$=14Yff$peV^Z8^+3c(YDu&PU7d0G#oWYQ_+vUtgQiVU6% z_jfkRLUs(9DN(emU2(E9r#WX2@$GJO79PaHWe^sIcJ?F};N$E-PIfY0!J}!2pSVDNwFEIot-V1wq~c zR;6~3e`p2!j@9BndI)xA{ikip+|H7<2Pr7j6FfQ`i&bJh7jbep&9$kUOf*IyQW{R9qv5UV{b`pI`>NTK8W_ z&{Lbi;$^Eid^8TNQviW37GxZXrK4BYm30*Kx-dM@l{4m~Iz67UZcAJp#C=w$@L6IP zW1YJBYSmKq9*Ck57lM7AsSz1_tHBm~Ycnd7;wUx~Q;+mEuaezH-!_H;8R_ppSZw++H>MFSk+DAwHDyh})pX+D5)r6*eY1K0lgcjNjTa zkCLjgrMjquHmw}d7=(jKr=sgzblNTy^PLrmTz22RjA@EyO>8}NxlttA1oOb6JCLGd zNp9$%Eb1_smJ_+{mXXwy^fK?(d${AuKtA4m0==Ahq;BK5#X=sw?|MoWui`{)H$@3K z)M?LU8QRur@^hOAnROS_CIoTYy|aWG>&c7B6NAP;Nm3P7YT@_>20@>pls-psPI2F= z({Gbr)k9744t7O0a@{?T;L!33(FHA(9sZCs*M6Dx4an?#?7W6DI>P(x;G!vx<5?|y z^4v`EOx2hp~NW>xX_nl$uTM~Q3D(^*kTRr!7j zTO^93R$^jlEo8QyXAY@_92e5?B#fQ-lvBD2GZ+i#e` z5btSRH8~7@YcaW5wHORd9Nw~q>32QCb>n(Cx+#jo?>s@zyoW`f-9VV#g#|(Lw(g^I z;{9Adri0hECqhRZr6H49wCHZ^GvYW{)Jt7`2_=nP=(}3UsjU+6TrLOJRkHAbN0{Q5 z&d%u43m&J{beupPIG062u9bT~qP(S-v_oH@8hINJ+;cVgdq1R37|6|UBy#y59^v*0 zMJ(QuPM0vg+gC1T(7Z>O@0Z3`do#{HiLeiy%}p~0Gwu3o33Je~d-dlGyZ(L_-E||i zF)OI;&{LgzoL2d1qSQxTX%X#0X4P?9*jehv-FMwaUCuG`8#_opy#veP3%Ku&8>q=m z>ObZTJ?*SpeUyNCxAO1<*HW}>H#wpYN>jG-Kw6l0L| z6o_%?=4MOW?k$)PozFuL-cH}C)1)+Z(pX(WLz`9{A<FREfq<;alC_jZodWp zGdeG|u;sb!xZL<44=?aw_gBfrV_Kp<<(k;%Lz?O_2?znFe(?+v6JsK9NzOwzkDi-AQ_#4L8jgLStqmMRlDdC&W|HRz*R* zoX9(H*@%(2JK2y{-NUtWN8>D_rJ=KKL?t5hii&tXdGFu6^1)&;!1Fk`SjB=V;W#-t zaoIJG<1Nl$sR_p0sgBr~EF_Uh=m}!Zt-=^rchh!i1H}t3$6>%aS_ckeW_2!Qoo(z* zRdeNd*Y8Ok?YQo`x%jzyGInwRl})V_WG2(nSWSFFGEKb&WLFCX^YCWUun-&_tce)u zPepbbSw%Ip^;sI76(bgM$9O-SJj1#1nkHg1zv~&UkeiJI)|P7Q9j$Q@k!rVXy>OyE zBH}K?-%CW?1AD5?f(a4Xj(p$PIU665nQ1gkyLJJ-u1<^?GmEa)EcSmUWH$9enf*s< zOGxeN;O`&qVeOI^s6MzIRp3;bcCTjJ-o5NQeu&(be)D7KtYUA{7-kK%`j#BKTGII9 zvW?RZ@syMW&gGCQ6z*Dr%dBUws)t<&9q?vuOWu%J8 z^{V-(1oY2ynhYdGT&Ob7^fqoA!(MCtWphq^J?PBZY? zci`Z|%;_`m^l)RS$jmz0brdG;qg-1$YKI6DB{+*b8L$G1j-^A=7R|b!nihV^r?KVD4acm|bF_kt$FMTE^gar+w zy``0=nmjCQz0jT7$O#8?auQ?6sp+GqsP2NtZXS*cm^IcPSGQmWg#}UFn!<_YrF2*3 z2tCiET5Ce(p^fbJv=@dsh9n_(tMpQ|LJeH5`V*u4oCuyW6Zf3jvyZ||)ixq>x4_EI z4t3!k4mv-;gm4dBJ-i684yLw6j_@vma}aZ6 z!R0uywS~P)3J5i=6=O7wF10OX24|)>mQvc;$E_0;hzO*V z?dikdov#(#6f{rda_2O?3Cn?d!Vl{|Luy}YpW5XVId zo_&E%bQAN%dIF|gEz(~x_%)Vz1%}|~=g+9iuVk)JrV9{J_SvrqMCQ?FVTQfmME>-* zS9#^xCm7~oWsFqLe1X{0Rxhpql~K#tS7DB?pC7Jv{hH-FaxaE|{1KLuhS-zkiUpj{q)Pcnfm^?FaS{^t7>d*D>_= zZuok88kf)gCi*@duFf_CfBk3F_FjZ^s3`8tL!0G-o5R@$57b33V{?(I@xI;8A5jBn zY#oLBlj*%cW^z3BA8~YJRLE4Eg}BYc05-9&LgzY#XPyy}q_~!!pBG_1-dG6jX%$hw z%k&7mFLIx1b9-#swbUB3y9==wMxviS&Q$W3L`-bZtMQm}6CPWSQtjoy&~dX-?>y)=-Vkb zUCCH~hyHy8z1`Iu+`kJOH$S{RUBA7mrHCr^Vt=PgsNH5A98RE+ZAkc7uDoIj!88BL zO;duYJMsa03cp=K!ic2}K`Ijw8Ar1>s|jx(KVu*!U*5;tgVfSGietaTYw%EHQG|yM zHtI@*FjAM#9n3|GQj77Y*9fDpHWz_eAi*J`zXO7qx8No`ZOw=X4L6=6Fmwvn+n!5w??&qD>kp;`265c?*0>Y*W~H$)K8BVgoh)8~fp!su_FW(np*g~Fo+-*C zk1w+e9_^Uo;CNwYnTmj6s!296!U3x+tZ)zkn?dS1cMfsBA6vCscitnOrdkoy8Sy3} z+|MYpVGEw(s^J058&Si~lX)~c*fP}VT#%z}Z=zM$!1IX+jW8Y?Ja{Ts-94Gn*Z!5O zgwx6UY6qulex4UWehQcDKqNyC$z`>?v}_HlR;^~`nyoCmC7Z~2k&+vC&{K8dYqn}8 z;HIl2Kd%Nm-@)h$i{#M6SPI_BMt#lz2*W%~bn^BMC&P;|vl; z!qi-iXHN&m;7b>mNX zeL6YI5@aTEFeQt;q~pAEXf)F!&N+f_A}^O^ZemJ#VGTN!1rtW}aCF5XR9DT%_#|$C zrs@P7P38MGrM|LaVCy&WW8xiU?AkXVv&bFa|7MiO6e9XIaUwdCte6An`o?2p*+*w< zpSV^pr6-RQGI4}4GOnu3!`IFIqQ=O~I)MA{j9~erZ*#i5@gj1yWx`F}tXsN<4AHi{ z$W5fV&BD<>h(OP5YU*`DPe$PAnunLKw=@5bGKIJL#qB3Tf9YiEnS#_X()8hV>)Ef-Ozg&KW#1D(cTsgLyh1X41x zi9dae2I2JF%>P4BVrC;U$2uzO+s+y*2G3-A-acA-#Wh8cWhbuNRaZuv-b!Sl2C9vj z`gfyk?xwfLTJ(*I)`kvYK!qc8_d=a@n3I*W8SEvT?dZ8!BqpFW5!bM^#KzY0g2CU~ zewgUE9I~?ykP}raGLjL5UsFh7jaHo3LSzzlxQdL{H9C?eNt{FIx0R#ax3Z(}WY9Dw zXRhJMsZ4URGO6sX!NXp(*(rkL#3VA)P7!}7XJF@V;(%Y6AE#rZ$<4~(bapyj1E0uP zSb9Q5E&CFa$rIyj|H+ZejQDmybpa}oIZpQG@a7#j1&+bm+z~HF2lhvvCRd#Qc$CN# z!tHS|*NDt6ot*S!_C$&6en)a?;o`&8jFW7L&m}MG1UnDNVVWb8Z*O2{Y>kki8jXbr zE^IV-O`1;Q!M!5W2onKj|M4>J{-NaVJwRqw7SRbw5Ih5?n3KZB$$DXdwY?Q>Wz`~+ z5f0C*f*R4+YuBtIx#mCX$1lmHe~B*jiU`aSKmR~1gts>lX|t2}5PG{z@$$0AL}Ute z4O%RFo2aX=r@mfA*o3ionRSp`TuNP=4i6E<+S!UU*Tqd34NF{tM1<5`L1uX+s(?A% zFy8OnbNK;W2hBiJlTM+C90tv~mk19>0!B}#Gdqpadf~CBO~cpS1NjL-er65fV~6AC z_>D&ymL9k{fq(E2Y()>c_&d^6mQRDuoH;Wm;_K@vKDWco%T){syGp=5dC)_BW(YSSx2wKWr>6 zjPTB!FJR0VW{uQQR%uSiuuy!0Jg_rYVWP1U{q95Xu$hdqD< zKxaIBBXAdTw{`Wx+uH{xYYQyx`ekMi%|e+ndl-Js4%pg=z7;xWXXk*kIJfL1%q=xIxH{tD7lMhdilUMV>boWUyuGj! zGIVwi#7+bYc8*=-=9eP5MKF4(pXet?LcBbwZ78Ry&xU!krs7~_j*T$5o-Quf3cYZ4 z^%VN;h_jn7t}cPNyH!%v?M#5TyHWRDTz!OWyeY`arMj^hjg!cjMSrE_SD_79z-<$} z#5m}`M-wx(=wl%pVZ2o)=Au1LgpUYC*H}zxRWshhhBG+C2S+O#yzP219Xgo^XW=ZY z{qXnIla*6UeRCW39)3bc1{|H}D`)rNn3_~jUfIi}n{LNfD4JL31UgGH#Chw{Nw#zR2S=PdY|lC;Q@Nj=y+wPRh?o>XrO>JB z)-J}*ya_KmGn`yJsn5%$vD=3k3&-N^=xCIgi|7|y3p3Q#mN>dQ5+ow=wz4cL8@d=Z zZH@^3#CQ??CZjU5V8{r6s>OM#>a7#Ta(MMr6lEU2zrtb>1s)Dtj{u zK1gKDqIoz9o%9VKLVHCXWmT<&&6v(GZ+q;Vo#?DDq`F1N#OX5#_7(kQZ-bMoGmf?v z=f;o-3`R`!rYJp=x*k^++%Q%2vkyVTXA;ttMV8108=Lfa2Ki!T?S`k59`CT>IEs5v z3!CBO;fA}X2%N06WEGWRV&g>Mpm7WvYSAz6#wN^#ta@|P$*QQqX6ORu4RsUt#s&{p zSFA4b1mNf3`@Tf~->k+fvY(FT8jeQpV#>USE-)~^Hw^k7N{+wJ5u5vXV8Zu(U!$O) z@Ix@@dufba$(OCy@brAoOMeveKhFQpYP=0;e6(yWRzq(4T{{n%y7b+AQ8k7;MxFce zTtPwMr%{t}n3Wj;ESl?~IFFxzvL1+nf`Wp=MN!rRQBY7&Q20goO*@drwC(K6`59~8 z7<$P#bc+0@^WWk4^)R%ib8u5C|NWQmE<#r^+dkY*<@dhh`_t%ZE+*wv@lPsyQxW+- zo6{Qy{`&n>bLu0$O01_Lc@4WVTL-qDhe1c`-Y5!MFRZQ9ntzBbN!0^?eK#$+`*{0} zf3Yd;(qz`xl*W-A8GOgf#J?)qwi1$#74RJ|L;Ymx6IZh*`)7Kqskey(i;q%sehDK% zZR}E($JQ8U>TgeNq_?qv&$mR=^*ekP^b;J2MB(u@+avz3yTF_Dg_&P z!(;sY%pc@9@YheEua!+N ze?^*crty!Xt2UFxTlb*-zIVQV0Ip;2W#KR<+RLIzt-MG9KBtSH4T&We zaX9Cr@8HC?O2*y%09OwF5i)B&%{vcoGQRSy?TXc>296cUIVPy^4@;=PHY^aRSLhWTj za!dlb?Pi2}I-Y$+Qm(?Ab2^gK$!XMSRd~9&oSom$(^*GRb_qo(2_)o~W9R0Htp${& z#d0z>iL&|@+`a6{*tvtFDLHgm1rp|OLs?WLC&l?1`qX$>HWDA%LbpXVnK{K+IQyJ? zl~SPBwviCEpM=yrn!Bv=^t7X~B$2$rLQ+%P@CW2J!d2?wZ2T#OPRIJC@xr4GcQ(SCBqlG~@T%yN|D$?resXU!RubnyN z$qneGN)Bz?Mxo@5r>cyKJ~uqYXCmGu=VTGqKCYOHu%oZFg48&4YG#Q5s7T=FC_y9_%g z2h=7iS__X+(Bq9&OEQOqEK3`;cnW#vo!G+uxIA(1?)ZlF%Ucdm%HmEFnUG9*OAnsz zZqyZ=L~rejrMX0XUO8PFOX|{g6B(aNX{R*-LT5UQBdNq6vx)fe!aN=5ERQ9wGla{-U1%>k#lgsAD%(|fyE|h#@cw&8 zMG~7M6NMA%#WQ#as>+ibIGI9DPNR^S7nVKEoGh$Dn-fQ!!3k#vOH{fRB9HCm$k9Bk zBLeZ))RPk1M!QM`KzXHDxp-r*F%kEc%!!k6l-HW$9pGe~@F&wIWOm?W8abkG3kr*{ z^$x|NF_k?>W65b%5$q|(baT-;-E;OpS9p*k(b?qYcH=eJlW)%AC{Ea6l$p-biuO{8 z&~bJo3;l@~*XXkG$3a&}TD>V=qW#cL&XH`){XB%d=s#Wvh$GpZ_b<0;f;^2mebpFMZjZ5g3z5py%S+>)^vzKp;YgUruHOB z`cX{x?jyRq3x|$up^wLDHt!YJl4$C)z*ROfJq;usEyLdUiv6$4_r1n@M!Y`@2Gb^D zRv)EZgxIZBxnzm7ye@hvo6GHmQSc&d-AfeJl(O-i7ui-M27!AUTV7qunF*D06;pq2 zXEcu9csbi*(%Vg8!f70R!)VXi!>PPFwCx$}TzeSTfG}LujqHnxqqDt~#6x+;$X?e{ zMs!v-z1j}89*e}%JpfP3E15o*XPRQaC#wr!D09cLt-in{f^i6V(lM>SMLc{3R&n&_we$2sd$Ek;nG+{ zMOiG71p_6c8&dfss=}zqZ$7(;KH;qGr3!X@e3D*ASKJ-UarX(trLTmy*T?nGTrWPr z;(RSO3B|3OTdj`r9kEX}nR+rp?j z_8CR;F-7~xwGJc9ql>No{DOK5cYK`8aPbkwz|x%j$W^3j-3SSBC2q@y)SnlaSDyTU zsFDT_zOtTbmk^`Fu{J%Y%I(52y!Fl|@bbmHJen<0CG>UFv2^oEth|L|ch~dwm&fR_ zaluvm_yh%uYYrT5qNjM%eqyU-rEKNMn@M!)Yx(qO4qgF4sB2HNEvXtOPd^;pJO~Op zZ%}tPAZ!hRK>^f79pP|Z6P3Af#FsRRB%+%`8Hu!Mi%7_}GRmiT>q|tJYNo^vZgh%LfN)#c@G&M}EZ0*mKiC`J!L_Nl3mr7n9Og)7?b%u879ygS``X8l$7dOO zY&vuK``2kkU9>A%!}91lp?fiBb2cW9v&Rscfv|t*@gnKCh@a#akJj#!3liQFoH~_D0H$VlL*yvOKDj zzvNV9|M-`xB3YMmt`t*C-T_|u%g59?hhbH=jDPMchPrs3`7#?H(GIJO_xU2Bo}9g3 z^6c(vg8aNtR~;u=EoAF0vGawc164Ur@ny75wB48LP0z7kI7s;s)`8q}kI{{fu#V+m zA^OV2#<^b~d&+rhf4Xt9X;9(YP+qP8K(#|4d( zFW#>9!l76aG3R#13=L=8$O-gSHB)tR3q5o1W&8-SZR};_)wW)=GLZZHc`SUL)B4P;BB77*UYCy7eVC1C9L<~BUeaIz3Y=yJd zB8ky%=jcGk$@T0AjKEn0E2iGwSjHETd~_329~W{84`=)xSBY%n;taZRJ`)Co7>%}! zm9rZj4r<)}gK!-)mn$=psO{||Y1bZR&lXwcKt}f6%;2HxClDS!mTTvZA}uGD4X;#j z!!@(Tws59g{}_StZb3IOJ6Hq_b|LsXHDY4tfv<}>E`EVHT2*lPlXCpr9E9H3$wdli z`PO4c3tR?O(%LHgu?RM-&T}B3Val}289977lP88#-PTBBMK&JJ6PYw(xX`=l+@g;m zRp*AAohyDJ{Sz;ZnAk97MjOdxo%B`buz%`Qe4DbdZn47L)XX^PGr71GXD_+#k|!Yp z*`5(gcV-Uv$K2c;XBRtkk{;iH2^eY{=x(pa%A{RHl!LfpZm75~;ZTE}>5z*_eFII< zXr_DEqO!7QaEFKhjh1;3Puwi@HhdVjESy2)kwjw|ADQy(47^N)p*Jzb)xn0?{Bwp- zZ7cdyWXnOJBFM?fWBlX=j2{v~`1C8et$iP9O=71>v$h%N|2=c>B5u2z%ZG(C=c>6hr4SOjM0d& zt|lgC{nzR1rLC`LU@x)VxKTvAuJY&Sj%_ST<~38Uu3L4kHf3CksueeJdZPS)>t`XW-bqT(c?n6{hL*&)mpx* z=Ap;fn=wBfNm5!3*Nv3du@KkpY@n!6^mDfZ)5Bf9)h99?bvf)ia)jLc0?KQejl~LG zeLP8Qtfn?~7b>rLm=^5hvx7;-@lf7yURre)Jq1UPaWE=F>{CR2*SY&T(^V?rpe&so z&ju7o;=Vd+C=}-pgDqoVB%V zI1Fey>Wwm0HIhAM-L=Mj3%WdcY`nX1Y^errNRmWb z&PFC?n3-wM)x?u^!Kgp|pBp+_=o0#qvEyA1B+B|zM5C-fDre^X$&%P(nQW_{%B(<3 zhTr%gON4ED@1M^im(lYbcMG+rjO@9|sxXuP<2d^7tK%E`6#VYCRY zevAA>2Vy|i-D!MJxI-wqL7XncUrqXnBXo|RDLlLv;}(`uWignUGiP%7l*#=?75@_^ z!ieg-(SFBbPR?P&sNK7UipCDAO0#ftvc%TXiB3%t^-UdQ#q1)ZN*GxyKk6)Esi*5oZt$Fx#jnDf^aDK?|wtTJaV-GIN|K!nPQZGrvA<7rlCa z2G6fR=6gX^n3 z!j@=9!hLM$?&=aw)ScXF6UNLC`-=XYIm*{qxUwHBhR&#E+48;A%XTDVJNry8$L&nC zhzk?0%jB#5Sw{Uy+qZ;LT1ng3ipMxve|*pmh|zw;9au)~#cz5LPG;XW)3)vrsH%5R zK5`bm!VEck4dY0BrZ{gYYhT?pu-A8CN}$M=(n?i~m+wLROc8o;?kZhm?P$SewCIBg zf%Mj$8Mw#U7gZ~+QNY@N?PU1ypnj)xF~nf+*GG8_nBXDoO53*Gc!&65BOGjRZ|_-M z`>pVkzC`cSRda05ZX#o1h$-kGVrU4?_O_&E_AqPS7+ft(a33+7wqq;Vek6vhf*!(# z`P0{FM#zK!V@A=_)qHe;Tz=ES4(~yu@ieVr z^Ol|D)=S*D@H(8VgrYVTvUSIPIzkpOW3V%RUVenwN^IM-ML3j3+*H9t%nZl6rxyo5 zZ=5X6g|TWC*Bgr8K!GWHHy4slY~{e|6kNQAGh$dEj+%bYuWPHOBfp9G>}Zm!4BUC+ z0=zx_s3|zWj(x&FdyV3<&;UH$Txl#$Wp}2YtFD_%Z~Ota9*M=wC5%D7Ho`HAXf48B zL~D9_3?^cKp@c>^Zi4@?X%rm)l08QgaU5|Cvxj(yHnyX24Z-8AfI!<)!p2ogITVwD z|C~n|6FP)2-)g>EyMvg7By{dW89w%MhT0_X)y4zlS`X*)$wTo?I?Vc`DTL0Pf~{u& zV?E5!S-3OUQ$(y%5AAIhgpLnpaELFvw;#aKe-K`F8d6J(m^fx4&gXsMud;C^qBD{; z+v9KGb zuVd}OqqO_Z=B}xsXNxULLRa)ETYP+-FcAj1OJzfNP#|O6TiLK~CsFxY9=?Ae-Zr+P z4=dTV?GP6JJdD8|iLBmokm#6vEJKIlV|ylImC%Y{#?9N^SnB*TyDV0Tb3|7=@cd&7#I+5y z>NSiGaJ?{CvGl{id>=;(H4F`Kq1WJm{~$L^MR3$3%)ejAB&?-$Hf-5POnN@fK|^r2 zk+0cHe$-(y$_q(|jUgd91)s^ca+PB=E7u+&M%W4|U?Tq3Jp;PufJ4|!M(TEn_D2!Z zHIf$}n0j87U*Y&h&ci%*1)GKbxXpWtQP%FvzTJxrtJe`zE&52-pF#2>TvjyKp1?We za{SM$a(f0dGc`5Bun(Uw9A7(gG(Le??AyS$=w{|TayjNU0Svb9!QecMAlqJgto;f1 zurWIIcAX7FCQo6q$w5|Zh&0}ZMd%b^SF~6M`r~P1P53xVHh;O6=rTRy#{1zf`o*lv z49Y+X%*Bj0$(k{NKKO`WXxFyGSO$#6%ie>Q z!Vj?8%O z2EG?i_#IHfhG(Oh^Xjc41Nk55wbpn(U0u%If4m-({B<1cn8$Tv9e-7Q{C_(Wy|254 zFJ8Ngd+xrAC*Rx6-1##v*?Gvwi{rSs+5P9Q4F1Qcj{1PVzPyB>g+IV~$e3zG;O+jc zS1^B9Xd7Al*0X#hJ)<~}-w{n2TY2)~7jXUK|AO<7s7l$*(|_5|#CsNED*{&Q!MFbE z&f|xm)WT9wP*6~~C`v6X1qB5KggU*d&=l2IC_A*=3XiiGbm~8p}91ZwBqIq-d>R_9vq6zL-%9E*HcgYzO4R< zYQG>oU3HXX53K6>A80C!C9|USC%%;<(NLI2MdQz38?Gkv7@H3z(s6F0({B>Ju7kMr zDJ#M-SvDOU4TJl zj*piInhPeo^&{zfIlAo~s@lHCxfuF5esC*kHSHL>o7sLU=_f0FbIu+L;UZEhROo_~Mhzinj9ajj6`ZtepMu zaQMcml0T4!%tP!ym`k6KU0GrrIh8-v5q*O;8bb1l77Kw9ZQC1_aFLulgz?0wBLyQ47zp-a^?NAscI5( z((9-w$R;;Ci^8J*NstCZH|4VIGK-DnXk@farN(PyR>`K*Kyz6&4fU1em(|c`>_>@? zx)SQoWEOp`)YLRnD}H1HB_GpTSs^0P{*R6Fsja7}t&t-6yyZ>Cat$)w^|{7t71he? zg^RwZtf#S|l>Fi{dV1O^5%(^CUVWxRMc zDzn zao8-{CiJ#Z*uwUnh$Iwc&*o*Q{l?>@ zYG&)sQ@91IIrz~Enk?*St<52)wufLZ7f$W{0Q=yX*ytO1e_uSKLIcqZ6jjPSwT9z) zZ9nI?PwwPoy*nylEcTs_A!67_tmTS;g4Vnpy#M)0 zG>(?2O*=VyG@iabEosNH&}e?E=;=iCYCHUVyh+~wH7#lCGumxpw50Yg&)1niY9CP?JeRdz_o2*_&LAN*Egp7hhbBa~lM@D)z72Mzx0*7G2dGKeP{@ zKu1>peK$e#C*WXK&5nO=!F~D!Y~>gAyNdbnW1;Ia2BV>q!|#8F$+)2$edHN-^*Q1s z%v;j2m9)5BhDX(2-aB4`tuQ{7$vdc24Q0$26ZUV65d##-vZ2Z$C%!O&BvQpg-g4t|KNo zMi^)Cj)=gt@-*wxTX8dOysiN@#e{*+P|7X}j5#SY?!t z+Sv!2^8LKNAr2c$wa8*mlc=*7vMwU-WI68ReP|MnJHJSa@91zEBEP2Fdpx$S$N7A9 zBH?34iu3Ivr_+J@Q^%+fjv{~0Cq&sy#5d<%o?9w(#NPoAa`|{$y095~vSLM_driSZ zel_VldK>dO)#$>k!Om#wGdPiF&%EJ1ytDd<$TB2KlD1H22qZr0fUr|TaFiN&^UDN= z4z^_HzFmY28bxN*I#SEKL=apgvNB;)(zg(6c^MIw87zHe73L#m;n}j6kB^uzX;lA8 zhPskicBfR+*O1Hdb%mn8{Wf6aWZo;Q!ehDH&Ue~+sb z5sj7CP~$A$03T1Lj0wR$V2p4wUS})eekZ-HoXD}~##L%(j|gU7F^8#> zrs3(RLf0o@>Ez1vIajk_!4-Jfs;TWfKcTiDIAjv@=Fg+MFb3OUmoa(j6oz>BkYkK? z>=`p|3Rhk=k73rK483fUae|;Hgc3?r?y@oaQ% z={J#XXTKll>8=qG za|1VDBjj||wPIkUaH7bR@S)*&4V}Q`iT=hqJ0Wwf<;pqpx#x~K6eZ^nz56TdM_s{; zNt0M82Eq2UDzTR*b7#+D+L&-Gj03;~p9wQ?%gClvE**ZLi7}V?eve`~GvkW6%$&cF zJEpZ0Q&3C7wj_dw&1I61<;+kuQF-#?G(V=#oX)ffqj3_S-7se|lNMab@a)R|?;?iG zZ#hhUlG^sq8IW8Ed z;IWJdxUfQj`{Y|$aK(J)&mKWXMm~pDe@yrlx3fT;Z^q?wg|i>nQO4Gv>EnhF9x;(I z{<3a5F>l5Up%>S1-KcibD>{hINn+3xA?q2F2rX%%;`}o5B1?C&4ifU2Mudls-EXEa z^WHylwYb(5w_S}@K{|eyjUmh-f^nnAbNQs9g!qqPY_JFR9=68JwIMYY$;pML_73`* zD}|HrW!&{Q^y}HxB5)}0@5hiU<}qjbP*OL3iuYw#i!nWk>7mZVl*$FXzD>sJXSnw2 z1w6gel$ZZ>8Ku#CFb%nkS>m{>#{{xDr;TC4!PSWI-&R{pz!-Pz2OcX+QXYw0TA4U? z7L&(cMtgfZUPF9|jY^{~ITn*CQ)nwGry)C)A=8JQok_3uAJ6r3r!i^vY(|R!t-s}g z+;HVA=3jjyvwTjI(eB8oMiVNveIiiFBy>sy?iRm&=kY_hWCtRb>YID%1n(zj~<=jY_fMz!Y1B?b?Fg4Uc8cMp}aqe9xb_M=Gd6`C!uB{ zN~+8_!iv?)Sh{>QDJ3Gakv}mp>92!iYKD)k)3@d+n2PQ4fHd^95Vd;)ix)59c&W%b zRI-|wU@n(M5TBcxn4^}Brr6n3PQ@h?n)B27a{1>hUb~+Vk=5u_66RLc{eqRPzjW^Y z<@7h{(3h-O`Z=rD?xy-1-^fbxBfg}=tQ4QG+8r+<|NqcELcSKVhqbc9S7nY~GNmyq z+IZ}e&8HY;qdKn?i%J+jaovQ&m<@LI{yh1EHvh#B`Vy!BaC9w_jQtg z@GIlB)~AW>*0Rwu8>r{iLt*4`)_=5^#Y@(a);;j(#Y`izM)9x86ekxCEYxRaU;i*9 zgOFKf469_BZHi)~wFz!x=VIBN$g($=aipN(g2y*1;bzswNL+=Lqbs(i=7i0$PAxJfI}tVX_PXL=J7D5e2H_O@f4w*+XpDu*%y4tJ5UMSqZmVSPhSlQQtH>Aq zpwgeyL+{aZu*&9nam{*6c#}*g+ez}{NSz}?|&|hEcB6#|bLe-GL>6|fKJJOuu z)_k(FTyZg!v17+ZK9Tiod*a!k$<#tES|`!h>qy$ZWk%iDnyeyB_`Qo+m7({(%Z|-o zF|Ivo_(Zh;WoHGzEG&vVB2@4Vw3=d6F(V~@Remd$HkYtCyH z)4!v%`R*9PdQ%|vd+GW$mWi(iZ|d9Fc~hnswe0o8Gc5>GLs9j6SvBax1dIWAeEgS$JBA&Q4Pk%Y|Awhs14v<0m88 zWv9rFJkL0ph4_JOa{kqk2@I>9?^IqF9FKb))^|90t(JC>m>uyTpFH1Ec%nn;?q$rP%=xN_Rc6ec&>9FP8LBcCjkPwH zfC1ySh4EBQ|8;#fre(D0z3@I<%Tpa9(3cbSi}hiJ-JdFBQ|K)7S6L)VQG*r;BCD3Tfixcav@F7O>@NZrdU7a%ci50h@)?9#nc-`puglgwSE z3Cmg%AL+X9(}URr%HGM2cZ7q;;M@MP9eGUJF8Vc{`~Fm*jr3JJvk+xfo~(jWM;!C6CuNxC0z z^~d0ezGW}7EQ4=0aIrsNXDYO`m>T!P+V$1T5u?W}Dq_`x>VY#kh@a?SF9xk6l_>fx zut?s@ni%^MQHJu#Q+2`dxJ&isu%|lRwCucRt~x@R)dOLBY{{X(V0UI4G(lhbz`pHn zj{h)KBnlrowxj?Vitl1#<7#i=yTpisPoJFke<5-GlTiN7hDO%Fg$M;PIGWy${vvNX zbe02n-%;fS1Yo#84Q+h+h36;ZC!Y}S95|}YW^EIna?5B)SBxMyx9hzd-Huz}!*CN} zm@tvG_W4q?rG~q>=W;n0ei+}PLU4H#tFgTWmE;>G+qU~T(02E}j8k0M(9|Ib*EK&s z;*ll~acMq=5>C2NQ|o~Ep2S%5k2=ok zXqG9eY#c^kpGIs;WkWGh)MK2iGxH}j(7UklQ+kZHi>nM z&ira-zCGIS_&fu0cXjtoOhP)(S%29xl2~j!IZ|tVo0vNVk$O*$eJBIXAEQ|$e5xWt z#XLT?$DvS*j#5*3;zm~j&4Loj6z?#DAl;iK+Bh?ZoAL3ze})7a24{M)7p$T^d)(OK zBQA&cMD>h=ia^BJg+Neb?1q_6xG-nmy6n(k-0Og|-9wPXki>0@^WN&G#i)-H%u^UX zP3X;3_JUZmbKFhWoa`9{oVWf|b2VImJ)GMoa<4WFCI=b^A-KAa<0Maw?;Y$Bu{HVu ziq=u|O&`~{m)<%p!fx_pC#@x)R^uvGF+#wdR;vEieejzp%flqPMS)aW+GYlDOm!?aK5+F!c0pR9LX@Sk?#cxVx`LRXV>RzV*Cm-Ki>+7o;2!%{#_v5 zHi;_NlQL@IfeiYY;?m>e*gqyS<%@f9oEGc3Y}f{Tj9nK9+8oH;rigd`u;WF9>0*8b zVI{%6^mtZZltaXhhKPr)pYtCOsz%zKPEiQYwEo1$72xUeM<2yDGv3+^j&90?u}~u@ z;Xqq+Nqjb(e`%EtjksHHXK0=LOHkoYOd1yO-Pxn7{z;^^|3*? zv~{=1j%+dcdBu6^O!-bv$8hc3`bX)5mhcU@E~CC%Dxz%#uho*e(Z#!QK>XXf?9|`5 z)=M6LI4oLa#}@_q2eOJt?0h=Er&ASG_AVO9aLYwTtY|=fPX2tMy%KBjS2;nAdQ7o5 z?p*F(yl-;iW#U{G+~tvSe>Ov z9oR!{u;Ngh)^(0m>7G<;=aGiq_K}={J>Kz=7nD!J#)9A_TY{GX&pfx{W84wqV)w^q z(c{trF!Fl@hbmay_r=ytlr;-NqImm*hxi%E?#bo(9bk{fG-zP{fEZZ1?0g|s({V!v znM_I|9m_`eaqxXWB*C6T2zMiWJ{Wp3(FMr;zmWMxYk?#dis^jdG8-l!bo)7A#Jx#v z!*MIdNy>qE4$H#a1wiJ!ln`~`3|UQRAbI#*Q&V`TW_?3qv8fGyulnuL;XSFPRRw&> z+Qe-ZIyLKu?tE81F>RZNN zJps5~X+7R;Z+rf1AQ>is>|bz>OqB20Z1!j@ASP4G@J-mcAc8c<-C!Gc`g=NPGRh>H zo{=Xzkg0jPNWC2Buva#@2H{{Up~ClF>1(#fO;ew9j72pV^TA!0uo~0-X7$F$n0`K_ z&$GomG_m%7dWhRlwIFmjQKtF;cA@E_bfXaVn$=M}PM1y6mbA4)D*U|w_NzL-uYX}< zV^!GJ_Sz0eRSwL?wgcfNV0ycX37a;JLe0JMRUi~N>f{1p;jJzwmGqH$6Ydc4>SO2F ze4cDL%+jh<_svB%C5r`K^@RnS-9}Wmk6W%QIum$xRVlqjHK#-KXyHrznJi-|^wk5Z zi7~9SiZeJUO0ONu+!KC(4a#H9QSj(kG+I^F_8`u^IE>yFU)I-um}COdv7gixz7Ox2 zwifo$Y`ud+XgH`@s8<-NSx<@@R!I7Xj*q7I`-EilvsYxKX&iW`%vOP+Ck`Kz*cV>g z@QqaHuBI<)3a-rCQ&QSpG-FTPsd#~iyg=?=lnjo12nPPOz8TC$e)n;_U2fh~u;-PAi^*Ln^ z8#*Co@ZHt9K1fkuPbiy(U0!uRP;^G3{UPi?H!k)!&q`NFw4n` z=L-dxC#Z9I#Z9*D*5R;4pY1}BGlFZyK*rpi=sLEZ5+Cx%bIqJ)@DxzisU3q~wBCpf zEAq{0HXJI`jA;pUV%e$2hv%lMmrY@)>mxqDj7|Q*keJ)jGU7dBa@29TyU3RBvFUNV z)QoILgz$kGDlklz8l6PSOp1oB`59KZljA`jO~?A)HEQlt2&XDoEaUR$E4_E_HD~$E zh^N+-ymEWc#-K6Tj1ae{*zenlB^RO~9FK%>>7Zf`7PO=U%O#ahs_t4|DNJM8$GFZX zYfSeoo_%#TxvjOI{FbDa^qYH;dvWmbD5T>z5cxL^<~xn2;)KvZWz#G_lJLzbq(bXi zQ(A2GdOcC9H*Y6GpCgH-5{P@W3?kh4L-U)=d9l_RgNt;3r;pm)CRQL_NT9+0(OczN znCu5YtVmQux5-|>tAx-J5th*4%~~D&xz0w(tbZ?Ce&h?`@fX=$K1_J2B>?dQBX`c~ zXr(b-I{RJEHG{2ASM1`IZS7_MLhsFy$U`dF=yER3GAX{A#_$;iv~#ptC}8@{l~Zig zhm+kVN_*ZoJD;=M^wB2)zRCHyp-9Qb4yyRK7-;v52zYGrdGQkMA9_N2=@}=eq##?w ziz@{3f1w!r#{%6lo`VRWwEaazW>isL$$*8XKOOLZc1N9KV`celdsN4EsDTZ zz%pyhwv=CMNWMDYw_Oc-bJHk=7Y08&QKpC<9bBFW<5b1RwiQ>fQYA!}YksG{-*acI zm6No~_9G21Q#M@n-KPnyN5A>BKE;+!xo$5M!!!VIzTU(HN_lZ#*>v?yf0sZe-CA#} za8FF@u2JoyhA8tOK66v^_E1IFVk}i$hwR{aI#MOjf&?rwk55S{_d|t^P7V`#l@(Ac z!H~W)gHEAb&S(HzUpTzIIs|MAel~b0Ne=Ml(Z^<(rh6IqkCC>!17MV^fSM_}-}8bZ z(rQbgd)e)0t0_~&NwZl{>tu^KBIICNDRG~giLET`0Fi9F z!IpwuX$>X43P^KL+mDeOWXojgdKh7y z7O_bxR&i1Wl{=FJ%5%{ilAC!TY= zwR-V1`O4aja_NAzZk>wR zYlZfC3afs(Q~CbHeEIl~s@x+T4L2!`(BL6|(vikK1!U_1W%*au38PkB@2j=kq_1q{ zm0a4(h+X#b?M+azO!nL2xJJI|Txw~B3;QH~g@>#2aW%xUgo2T|yP}$3kn5nxU`Y*+ zcd1>P_;M?t!gfvp4dkyYoM6a7>b+7j?(i|$q++GG>N)mnVI#<2FS;1b$dGmJ`sRz5 z&qgX>!)R3kI;|~#TQ!>6m}{66@rS`rs?_!LqA01kM9uqthVVIc@O~o6a=%%izZK7K zhM+~S-Cx%PDKyzTRhc?p<1H7(VUzr@Tu~gr0btT>j-)!NOeNZAFo+tDOGyjx`vNN` z0WPcU&yb6!Ubx0iAM~#jkFe|Fx0lcX9~Fha0qD9O{&F+x8)#z!tQI5yiP+|h^3+uu zG?AEvNE5Y&#*}Fn;`FQrN)$o&sLU(5k zzhS$_uyMKEP+fyQEOSwdC_s9dLjAoPAHkPskRE%J`}LQ^jx--1 zlaI}gun|$3`Gth*g4y|qVgNKyE^p_1kb%phkUEa-ah8Eju_ zV=hel7to14aAZtx_3-{%AUZCO!!I4_yt1xAP9_tAfcUEpB$dh)~gNfM8438v^fyTir9eHz(DZ(m5SCE%#}`!sTShVv+cvF z-}9d=4eWM9+7v?N=VC?tFk;&%i3&MpwN3Mp4)%ncMzlX_xh|0CI=gX@417aGm4(BV82x)Y*3?J@s)DcVB{lu-(ZUKZBs9- zauhn3j_g6fkr;kz4LnsI`&iph&pDs!(n172kfG+tjSs0=k$hMt)}@bcyH(jKt zrdJhx;*5T}a(G*bHZr24XH56dtC6$PHvzb6dE2!7^4Np0UahjOnUhCcjf;R{`&3nQ z=n+R;E=Peab{y}7-`xZ@%+tqbIRPvS5H~q$)@D2(P{(mX7BVeq>Hds7egoAZz8p)& zX<#UY1)Yjbg5|76`~kif;#59REN*gmOT~ETQ{_0P_R7{Kl&;w~-&ZL_v|1*OcA&^W zYNBWQZgHjuJg!r|Xi)uEX-IlwLFV8@)e}(w_k79)#+GDG$SoL*MQI~PP;f;1wjqO7 zR`)k6TYxu z&K>L+gnPmgQpnA)+8@?Abew{j6)&}m3mBppt0!dj+CBM1TzxoekR@BU&nvFinNsGE z7nSNn&F18F5#{4;%>((+_3;%j&{SFZ_?(nS)%B>X>fN5<`GsNY2o6R7DzCZL&W?6; zAdpUsefZAr^XD;KD7$wi12w3BXX>;&E);g8Uf$oMK=wf~vfufrtpZ4F(z`o}jMhdv zGYL6eD84|+7MWhG>x?Yx7xR0%4IMaWCGH&&NSXITvw9cT+`=4r$1`C5Pt%69tw}rt z4;mC4%aK`Dh@K%q#zE{7S0k5R?VB{-C(REEMf{Uur)vyv3p4fZ8ZHXb`Z2L z^B_U9uu!B49X1;n2hi!o zNdUgLm;POMGqH;!dACf@sm>$Ce;3Z@O`IkOM?Il9JTVj3`ft!ASbxw1{Xd?zBn5nI z-?vr%pa}d&)@K}=pMMi@bFksiHynW1(#*cAQ_0u6YO4?>HdX}(m<%&H@bDe2;Lx&j zyRrwN+i&Y(!Px1pC7Q%R7KltQa>Lj4gy8vfHMp@UUa2BFx2)qQ*b4UGvHn{ z+0Qm2omJtMY`w>pp#}vPJ6}&P+mnw&FZvTmA7@4Z>&u6D~ zZGk+hJKA#UrUBF@3a6+69qTGiLV%)~NmO-7#Ez2El#U*TTq*5)-k>g^#L&YLl@mbG z)G&8T9Y}At0&3f8hDV;d_bhAmCKMFu-1e-kUT&(-;(okQ-{RrTc#NioB>!goSS1s} zTEk_2LMiXF0T~Fz(9Jm>%eS~Er<1e6bt1tfO^l7rs-MYjHEM)!5o>XKj_meWT?fQm zlbBC(Y!;B$?A|=iVK&vh`&P?$W8wZavj}%(_QgW2r554shAW##0AReC!YXF&Ej69S{cB+awW>4*)Fm(P041w(M+3;3N6yO&SGG?=Hv$S68QTEr4KA z#3~_$*QM8&U?7v{xKT(B^KUI)6Z#1ij6n`lAdoQ-sIo<}1Kw zhtUa9?c2&12^hvyBzIzigpNxiCm1gt<-8oUi7X(t`3j=nZ}QV;^cJJTq|HR4LiuXo<(KPC7>dEgbOSYp&#@aRl$n?LsE9 zO`v{4@dgV6rrQ9sT)(ZKM;}8W89ad#*gU4FB;u~T*&$Ay@W8=xn!evf)=qvd1r6L# zEwZA#drb7LpH)6gXg!Xk`VJ@Vikq2oPx6LmZlXULa#muTJGG?m-3@lNCi73bA|*iW zZxx0Vu&=7v_y&HePz~OgP>kGG;VlJ=^0OwX)Jt@28;Ei&7YgyD@lLFItAEHx?5jZT ziTynZ$WIFlAR2%CTG)0%-O5M`-EjvOIS;>xh!ZXCm{OmbC}m_1ksP)8fkn5GP9Dg* zNr&Q2Q9$Fdo_+Tzsq0n?#AH|gF5#cN`#rpa3HBGqgRo3SQN|ze&5Dmloo0r3el`ws z)F~s!4euW3H^8zv;o~Ki*F~$2Yc?j|C;zP9?M9%M)tFGVof75g`sV2G#SBO-{!XZw zS*3fp4Q}G|eAQukiWgR6FVV7An{Zob9ioz9V!RiX?ihlz-bRr=>;hYTLKPS?-H*Iw zwmIE~fn#@Ob6LHu@cmgALisLX;|mu<(TbUTHsbTNQ%$vvZQnb|zWF#E@5mSGF>Tv8 z(4O=fz^bdlX%{;WW#=D{`DuXUp8F7#f!8$#!RFjLuMVKJ(XKomgA$9oA}A9^WM+&H z{qIPJhOrcXlX;Q1NVj6!YTUUc{*GFeDV)Tt!G3TLDLccU*;j}b3v>Hp_R7cCs2>^) z9$ILzH||-M2_dV7JA{YLRv#(e?9TfPK31V>1B|)6Zvj2PPSP@rjfcCnqA_VCZi;j@ z6lcL`5=&scfBoPebF^qnv7#b5^qq}#+5DM^o@48C=EbRw79UoUTgy};6oUIZ4IR%EI`?H8PFc^S%LW9yp8#oZ-xs4g} zt8F`(Cr9)8qL!gHPUY=R1F#*b*`F5l1uq*@!iV|ge^O7P6oH`(r1I;XN!8Db+xJ|% zFTJs-MrZ^C&{r;vB-|r z$0eqe>Y51o_Sdkp17_B}+!O|Dmt-fm8ptAF|7Cjeqn!?)Ggpwv?MWQq4e@KHRAu}Q z6I|W>93kth2|+7IxL7ghf$Z z@T!d6a@D#x5c-?G1n&_#F5GaZ(erLXZDT=^X&~VEW-5LY#n9;w?+_He(7DDAK@?wqlHJul^;6=yroy;*?DQ#flU@=B{Ovfi3)l^dR(?${$LfofG-tq5RfsnJ;rUzF zQofFq@MgjW_M%YSCwEtEg7dvpvrc05xRN4#nzSz8ZuU$I)!D=))4vADr^s;c>Nt>{ zQkiH`T3NitJAE21{-LykE47migFd-3mi>l$la$J=4A^I?^=~~jN8T!@<$t{jS;v|C zSG$@*`p>Tyg>-OFL^+;m=anCe`4Q}C{udVQ z9{peEzfBSkerY{#!qI8BC7r}%g&gB+Zoe0+c!qOOBYV2b86al|ln1gWkafJR1J2BP zA&jT(P~eUr-)`7l<(Xf)%aGT1j97rIc{%Mnr?F=$984RWbRcC7m^LPPqV0Po#)5r_ zIZXGbZ_y{$r6QdGlU^HyB;N9Ic00`$8$b55IXK5I$$=~*9Z}Q@W&^F+RFGsd#muQQ zzFjsHobsIT^MUAFP8Zmks2hYtNtxdJn9lQYE#3?Aw7)};ib3c7Gb+K$x7C$2-e6bJ z`_tUgsl5h^g+?=FO5>GU%KAWtRbEOiOG$;)s5aDHsoBm%H8iUUCvImEE6+Dc1BVPF z59B2{NKHLKFvvclx7#egGeCUl)Xm1RN)c0*itgR?I>1mc#_tvmPS;k|wWe`cSZsJ2 z{$|@Y6IP6WU5p{O$!Wnkm`^c5!6c}*K5^NCW%iu3DSgFv2796c`1+=_YQ4uwl$lM{ zI{y~W1Md@B&tt?Eq~4l+ER}UcM1EWSp*FZ3V&Y>4M;^iR_Qr$glhaA_jQF6NH*Q^d)3=}* z9Lf3PCfCmr?p=F<`Toy0f1%}9>1Vi$dqgwAe4kD(`f91H73-JoS~^<&w_-&>B|#NX zB8cv8MP=+_WeXkK-5^4}| z*=x%t2o$|1Rbp#smZYM-naT_@+gPgP9v{@lrKmyb~HC^aG`53LNTu!esy&v7P9cX3^r(8XpWxo z(hFL%t((40O!zjuBLE@kF8+Ds%*IB$9PnIAH`pk8Z*D9Q&21Tw1|@BEk7GJPnUlAj zg|_Nuo0K~BF91HT{Dx!*F2J-+NgEpT2#ky6*f9sWxl?Tx2xb;7Mx;zvJ&oPCwSlaq zO@^cU2U_MJ%F#^$jHM|$@E&=eEK*ChGjpu_z@@=9Rwo1hJJWNGoD^emYrPK4D-8k1 zdmpD5-5fdRY(W69cSSF_L@%^06y2Xp{mQS4-fW%|a_kxAmnEfEo(2t6XL*is=)UXk zM&aU8pD|4N?3|jT31g0p?csEu^4e`$c+FY`4^7nk+Lo>gYwzRjz4a3->5YVr6-f+!^E~%A;AWhdncVv?o@BDo^d-VP1THG+qg=G@Q#b zqu1Eq>FRR%MZG?xtIQ-bj~`eK0!yt4ogWE019Ie-X0`|hiQfr}#~kfFAKOd??)i}M z1>~EIR@iwRu_42Z1-ipN79UnYPjI{Yp6p(>aVYIXlOr5!Ya#n(1DExtBGjd>#(SrK z3oIDVLezOWvf&xW$A1FLm=fr2;(dKTeCqiWlO>WBv$E!8VnIr5px}9eaNqhVPruupLp*P_3zV^?k~F<+4q6bE~Cf5 zL_c?CK^NI|Hzx7$JbwS?`hoCwb()lpLbq{aP(T}d;^I?FSIMSWUgZkWWlu*oiO-{_ zxc8MXk$6iI|Dl5fum~8foG)%6dXp?>h>7KfJfB>rEQ|P!R0lk5U&*9@bHm6C^_xev zPe0sQh4VU@S=3kf8|1PnRLt^N1!dRe1dYGEQt@x-S;489HkBwy(sLV!Z6iah7_e{#DO`cy5 zV?Jn8U_>joG0mo^&JU0SFSQB?)x*)wZwMmc>qPKqI{~}OV)4oZT-spL_Rb`U@tbx> zJ8Y~STV=vH6{)=Z2IgkF#A&nRjGXGF<0lsXo{@Nn62q2nqeNaHSX)Wv0}kAYkU zjLvw3Y|(1hXgo`gjz42U?K>cNWvv&De7e;;@=jO3XA?{%_&D(Pi21_@1K}^Ig^mhC zHe=bDSvj|l6Eg3zN)Bgms&HyP({X$+zQcKb8`kqZXVLFLUN>FCA$P0K5=E`pK}~v2 zRBzuRZ9ZT>o5pA3nDmw6zq+Rk1%mJXlcTHn+3Ee;e_MLUw&e4KAs}E!?+^U&Z!^G) z`mZ)>D?I^P;jicBsDLQWgb`Z3hr{hMig*L5Df&@-avLL8v4t*YJ<(h%GKM+HUxObU>{r!#ZAAOon+Djfa22Ff19|;oea3mZ-mRDB1q6 zg;|rCPcYv1Y@F|@{-qadl4)}l346DBb?I8#T$eB=Ya<)x^o9A^ixwq;^W1< zZ}x`WoDAyIJKm(q8SO&Emaec6j}0a;MsvvCkv#IAYLc(CW-s4J8Z36!l9=b*`~)Z5 zX7TwQYd-k0?E1KucqPWm%a5I-?YY}dMkdl;?tu5a>Mr)0=EkpbJeJl^ z_!Ds(r`4E@T3%G2_u+Nrj%#Q|*zh+_F~uG4TNCctmliZqtrbwdq%Ixo-Qwg#z&gBg`zY$d7AP0s;KmY~s;Cl&{A2C7(t@F%jb)LGG)lb3@%hf-sXGd3rlG8 z+b<4ea6!Jc5T2zoE%3mW!Mp<$CH)>`RGJ-LTaY44jV4>9vzV8=6sgt9*oax>(C^=L z$9Gc|Fs zjQwH4L6TmQwwM}q#}3_q$Lf`L5Z-#;1H=BCJ|-^TT>O?q7yK9AQr;>r1VlE#(Ms<3MHGyN{oQArA_wkQ_%9Ej zx~=X0o>527hLcOL<@C?g^W2meG#!|Waps&_1Ix6`OHK_5-Gv)X@E|=inW*pS8hR+< zvBi>R_J0%p@*k~x=VX;K(&ET$@tfg^XFW|SS09laXiU^ppUFXpF_LOj)u9_quI)VwaQF_{_g57N_6x zeUehPQ7>*!>1W(Y?Bk%1)CL6jykvx8C8@60q_t=HA;AY9Y~t>nM>VLyZ~wE2PjH+_ zDzWA2UawLP$fU6b5y_*oz~Jj8ppP(5b%nm%W@<=a`YNjrGP%TWRP3d8#* z)63AaoYC;Br#(+1<-7tEQ{;s;76rYHO=)_pQiUKjZQ=TB4R`QlRVR6gNNuX@pgB^- za(C#2#9Fx2!CQc#QxtA8;@r{Ie3fkhlGU7p<6g$II75x52!0nW$)0T-9~(RR`cmtM zMp~eOOE7xUdhS0SKD;-11|Iisnmezx-BU$y`DbyOMhM86JSeKiI9nPA`@vss$aNNl zArSL${W}e+>{8?1(fISdmX;ZNYe_q^_(~~cy5xxza2s0tS=`r#At|36prVzbA8E>@ zLhk^t>})QI?Ev`WN$9g0bau(`Gucnh6V-Athjq5W80~P(OZ`!sL*l|Q8 zDxZZ*?u@nr?5T!MBWn(L0lrVVBXm^IkwkVRdAv7^s^dmcKoNr@cKYkbs0O}g*6nHU z8~48eD)gDl!~8F{@(BFj0I2@~>in;e*prc9Ld7gy&QOKPcP9`A_)uQ3K0buS%Xo?U zvj9V8x$6xH>VMGD9da1BE!n8ajCd?ZYehau)XF2O6i!I)b`}cC1yjeOpn?4spuq0* zpho()SxqS9-SM*6cFUhME7c-(o}nUApp*jx)gK9lU2gzT5GGg6DGhs)be3?fyN-;SAA6~&i1D#6KC{)@Z~{H;c$5H1Wn!dM;7HJK>v?F3 zP26NW4H$`H$Ywr0+UYBuTuK9fFpy)_CkBmn_ozgvoc_4p!mFxMVy?C>6ox8xujhxA zH1+-EqfYz=mYq29(DC3!!Dz6rS9d{Mc8trwI(7We0uT(-Vo|J&Ss{CtW&5Gd%VL93 z*ir-iuE31eeV3FpVBfBfvDCds-@g9#rdm(c&WE}`T*7qj#1k{kS}!_^Irb^&wma(O zC6&rYzgWt;r7DCgp%rD?Z|e%?(|taG+`n!>K%fygkpAK+IsS4MAGss#MqOkv*6-*{ zo{wH6x^+>$SgBllg#n2gPR``@BVrdTp-)Xu)R-D&(>9z~v}(vWu^CyPX}h|z+J{XQ zx?fmKJIa~dQVcRWzG0v6zti6zs*ZpR<*5xAc#%Vxl#B<8|DxEDNalZ1`plsXaAJTk zsu&Nw=YT+?if43QWB05L<5Fh>3hUQ0dB<`Jvl#W>nu0xX28OM_|0VLnMRSL8`fcSZ zQA8uw|_2V>9evAGjMiAq)|8avEVfmA17aF1gcku9WRcDXKYpPNe`n+-YRhEIh@9=8)#%-{ z5;*&_DyeqEz8Bqf?iy+PtE4ohv(vyfY|Nr6KGu=@dr2ZzvtZHr-6ia}6i0m)YCa&b zdpL4+1GB8;V3Gj7af35kbI$9s1m_@G!Wu!^!b)NRQ@oWNMw;%uY$v}SoGHA3pGWux8cE^owHwpMI zIqOaWmz%amak)yeW#Km$wA+^>AC%&YDL4i^U%%U49vK+owT|YF{0K8Xk>)V|byZ+rv?GA-*8kaI!kN2HSY-13otOqN=8H zog-%`W*+R5jdHM{KW}hXdVvfc*&iR8{jfA5`Tqqv2;fyzXDwtO@`k0$j1NTW0K7o4H`Aa?4Mx! zDJdY5Xg7qV29fxXP`D`XtZzulPy2527bk5{kkb(}bavP>s);O2CS=pnF0`Nky#Y6! zhp$I-hpnrT?`m7ZRxo%#sTlY%a0sR}`@%HC^IoY__%cE?SJF6|r)c2SS5l7zQ?ATA z19w7gtXsmRSzY4de_iB;3!8w*8axq$tK)g_?%KYN@ugZZ>4lv~*&-;K z$`8r(&FC@lifp%<<3F!^3yMP7FXu2GjGDZI1-E!1i`)nrb6jX;5*6=PI#ysOVtb!i z)Nd~S!hz>c;SLQZsswssR|mpVtTuwr9L5KP`JLvoEO9llwitpSz~{-!T!{FcCU@!vDD^u~S^w3oQ9!!UV4x+h zPF7~Y>G7```#1Q(JE4UKi*Pdvhy&N!8F1IA$Atbr$=m|?Er)&8;&saq0P`iA^XyU4J^Wtra@ zZC(y_Ok4T3^uILB#NGnC*#)cMyU4AeR@{sdHwI%nf({)VPT`S4R>CO#H{}g zM&3QO>-%4JHpLaq3Oj_48G_#UMT*_lRwha9h(`ijrFGCSV#<;uJ z9pBk+4lO_S&Q1_xNU`oVt$BL;{L-rb4+?5Ps0#m=Pcot^Ap<`5N>I<~%m0B#`u_`q z{x2c*e;;%Q6nrP;AV5Cft*nr2|9zB0)klR{+u=i*&E{!-wisH2kRBUHmrvX@LM=_s zI*#EjceF0mLVwA^mnSZmg0Na&qId6~4T;#e2lsWcZ;GdrF74DZHr_O+W!P11 zNPJiYGvskivoT*cc$4_gFB{Y28p>JsD{R~Q*Ha!&KZf18vpUfD5d^ca7wrivK=ZmQ2ym(g^s}`fGyh?V z4isZo(cg9ktYrDSQzqsI9e)pSU*A?lvd~LNU_iroM%AU>K2vFn0PV=ypnNN&a+l-hgsk zGZvv_ZBbk#ns+NeS$z94^9HZs4!3*cj!-nUJN+Sz|0SskxA-R()av7$1EHe9z}tcb|Mhm}{D5=aR&lmE%a=r&%( za$p+c14_23t})kELZKd*!_{1p3Mt4PywUnLXEE>w2a8LgWT5?ilFDkw(~6jlNbA)t zU-F`56sQP&-)UFWqc!d7K;?%2hI3SE{QS2X0B<3>eBU?*7|2G>s-rtSTyBmcHAnfQ zvEtn0XUdEj;@A?4{H;izKmQ`B_dR_9)!T}D#UFI$D*TxB0wNvFzN)6IlPBzEnxFAm ze6Wn&OOND#7uNlX+f$jHshQ^-lTik8eheUl+fCT@>yh{>*J1?Q!A+w^>aD-Dk2y7{ z)j>3b#^dJizI1iwuJ&14@MXslUFd0u)oF^wU^L1c*l%XErnhV#TJdCnfAMj$PDPC~ zMJpWF^-F0FZnS9Ci3CKR<2S2-sirokPPU|+1H3WpS=boJ%R=qjug|BuTNO9DLeQL<1U6&b}9C5&cUD`zxLQFsK-I{3>ZD}Xxe4o!x5t( zhcnd934!I7M>S1=h*+H4KY@naltdp{Axt#jlvS~da)W;AgS_)=O4D%I5|Bv|z+g!0 z#Z0Dh9!+>Hct;3t-p#VkWK0pCGce?Ze|lASL@Ub3YOGsL8(OJf`e+AFF1EY3_YuBX zdV$@h7KtD=VEFg?(6l!q&3IE(5fOBV0oRu%?l=vWo<8jO?>=!z6n+MnC20QO4-y}% zFWMS+B3Dxz_suOA%-q~k9xZ`jrt%=L0XUnM{wsPAJlyR1x`A16OmBO~>G|D9XUi8T zQ73wly8z*5u+Kw|&&3E}&E@i8g|;lhsCUv?gnn_#;(2F33)SM+5_?d6NHAr#(7=Pp zM4g>2!TwOSj#0e>fU%rz()9=<)(aDphRAraY9UKzw4bjQ+64L6&kt*Ih87%jt~?~> zNN0C{zCaRgJ4)F@r9(?*LcONA@g1R`xpl~0MwpAGIM)l~>t(ubl>N)EksUDec#Om% z5zv|3YCD9I@+{CkQ|8;L9a$qHQTEJCzle^=pDRL`a{ULC$k*>xJ*ojjKaR_b2`i8& z#trsTJK~OqY-LxwqM4*)6F$Rgpss1ns~L7t)1A>viYDZ=VEpn69X)+}RcDW7YVGX_ z{ivKg9TO0JF)%jk)^nbpqWD@`R>k$;*y^SJV@uY-*OReE_yJetvxarNR@k-Gi?gMv zCgAN{(%KeG6*4oiE{3{NYXXhS5D^O;&;?q`D-u1w ziaD%STD(rnY&0?*PV^-|VrsfnjQ(&-PO%}IPH=@uNEmZ+>b!DJX+M!$w7~UxXm;dR z-@7p-^!3qWEx+cYoIe^Ft;_>2Cr-Waaa0wOD0w&*wAW|cvI|*+4xF*5-VFFnw9)(+ zJ4q}+3W=(`akl`yp}Ec{*XIBIE#Po(V$A@cM!b>K(o~QN&6({qO*zzMyXb}+Y-+GN z={9xc7m|*(bQ%^)8i87Sw6w>UJVYYKXxqmpCc*`^kmt6+x|E|I@)P8aSrUkJcP!*G ziIEjA*`)dL#tFcLu=@XtA|Q7<&B>mT1iIr(F2)WX`k~=XSNG&i&%oJg0}P#2+N(`w z*o@#NyfBzpETZRJ(d~}Yg6t?vv* zaG8xZ@#LP<2~`Kuw43rXa4uraK?Yyudpe)!Kef(+75lt)kI@L%{bb+{Rk0o7%&yXK zyq-1`tJYmmfl?E_R1CuoA8;&j7ZX_%9n*$`wrt0?ygJt6J&W0nPE%OtTI;n#(Gf*& zFUl?5!7YQaWNi1O$H_K|fYrF2-(;PvzNj8ZCqGwLNvyyI_Kbip(0aP-?l>)tF8euQ zQWzHwN=`b0que~#qfsp?t^RCOHbO%@Ed79KglIn#%HvhbNc)svCd}OBvE!hBa_|;X z8=)ASj+sxMcXrjYAJcIw5x7GDS9M2M) zC^Y0fVBdN318!4cRYF6&+tP-^<%;-;@KR7DNJwod-t;0hO@r{xKgeTHSn9ee7o2T0 zbY0BBJ7a=-*$H7rp|jMhRxLxokYNF|`s!p4T#G?_th*qbuRlY!f<3lMo)1}6j2h6f zvsZe9o_bgV-jQ!OV>r_@1?*Rw{!R=8YQ75-g6neDuc?d+`+F55Vt_*KAow=I?&`@# zj46;RlY9Y0C)11)*q@SPpkcnJp@y0&FIvkYj2%2bygV-#q~6RZkTiu%md9hM zjGErPyxlWaaSgxQM9PC&#P$pdD4NH zyeqo-s`RxjZN_|ir4ha4g0Lhs1S{N--l;i!TUe?ui&EG`Or*`KMLaqtwxvHTfPa_o z#rzuB<=|}219N$s(`%3X=0-=jb0;^m!*uDcksA-)*&+~55)rDbv5&^<=Gn2~qxh!4 z%E%rxznkj%=K5kq$zK>1u;{a)h=k6Z9-Q}N<6Fu`z4WsQms5>oy)4+|a0E;-#^@@m zNI_a~(TV(0?$-nI77FSdM$YgjtVU#Q<>>@u)y-)}8o3OZcP~Caqj9(5mjB)$UTr!0 z3d_#|S?ML9`#)5OV;doLIA812xP=WHaV%V}T@Sdlh+rZ3E4Nx;_9yHBef_Ku9=elw zpjB=Y6VErg0dAa}qYKX&s=iM-G=lzCd^C&TsL}Y$X8~u{Hi_tO1cq&Fa7rp+!canR z*rQ@(&y$+B`N2m$E=fcT)YX2ZME%-VuI>XH2J-$u&1fwFhd9^4)#cyrIo#?e1KM_9 zPEihAnm?ToX*B1N)|U9-mi{Ge$HE^0j^=Yd;SROfo1W%aBj?h6ayTgStXLePuLcBY zqyHhxV_FR2q=@RFyb~uN#1u!5+ny z)hm)gJ}0wbor&e@mLwD#0i@YMzQ3%p2L|s5c=facdq?%zSctppI#9`S8XZcDisXW4 z6{*aB6CvM^Lfn+K8R{CE1~vEpC1Xm_0Lja&Gf!e=M;z9DlUo;p@+6g|fC62p8=d@Qkw-%}j(&TC%e374-}^9P+639x@?hXf)N1G85RCcq8g^ zy0xBM_n3Di=T4m90(w6Fb|fSs`sFr8QTqhfqg#$)Hl^5@8Uw;k9*wnidwQO7T-be` z+Sz<#&hdMP&Ix#D7E{O3UxU!v9Zf^1FFH*~ix_u}z0HI^1ZXiOLOYx?Q5#Wi;Vsm0 zv^ps|Rj~K!OrvtXbghT9@`eTF0QK7>i@J)HzMVQCkW!9E+%$w@hR4rzR|@dWc;VV< zw5C&S8wKL3d6St;^rj}?M_GJIAPALrS6>GXi1-P zRu5$;2V&vdll8a_KbWiORg^gm+RGACs*vo_nYo+w69REwB-ekRK0yiH{uz^{astU3X7nEb)|6QIC!|(e&6+iK-S|t2idA=#b`@D57&1J=VG+=5v09{| zA!gi`-&ohDlE3eoKU`>1?bCc+;Nwj^rl?U*(}wB;^m;pR{;Dc(=}y$fwOFQ)IB$tH zFyGx_1={glXzWpw4gIG#$J8T~hj1jn`VwA*n^E5yOn%xt;KAL&brI}K|i!b`Iq&T4GE>mc`-H`JnHYX^3GLW0-w zSkeb)^$2;p*zvz{r2;vYrwg6Eqxd{i{|JUi?(J+x)ugg0$}z}6=0+H*`>FB-gjSvq z7~1iKP2uqg4R||DksPu+5NyX2ioJ?Zw{|7|4Rh?WC;WcbMAjkaT2^b`WnkxoVHlg5 z31vVobcLN#(bPo*^d*Xbcic|-hl&p5SA(_jZ%336F~}YfOKh5DJo_M){_Di1U-orV zi!k7rE|lT&bo<}ZT6H4Aeh(fW{gAMoZR**MOp*I<;r7H1%)HtJ(_rxI+SnJPx~U}t zI3g{E`pP@dXk&?bzIj^h2~kxH<|6(t>=RKIBUr)yHlk1!?W%?Xg+IJfgr|qwVgyPA z?EQ7{IItIh(@42AqkLlepwLufCPq;d0PL&aIb%*la#~Wnm^F4(^K^s@k{#IzC8JP) zO7{<*cqtigEthn`^JDZgF|XuU-Tc-I`%}q~IQT<|m}Fq;<2haD@5zm3&zF_mi*vc8 zR3^hfVotU6;ZNJIiJ{;x6NGhGL6buUjd4-6dy-E z>mfJje*5TK5gxTH=NV7RhT1DBmhoV2Mak<6PH8nNVtj>Sb4iBv}prXXL zsCt$l3&%fNkCinz4e8BybwekAlV~b!?}TUBG!6mja~PY&s6C%{G0^|@FlGflyO%JFgjMj@ zP4$jBLqZCbaPx(`A7MSW&$gL-8|c{#xxO`@|EP2n5fl=2}dsuF2yC-@bvNC zr8zMA1tjtpJ**alV-fmX$c!YHCxS(E5dGy&?6#vXWi_K^&^Mimqg<#q+YO)r1-~*K z-d?*68RCW*k_qp$2sAGiO!Yy*!MWEwXbuP>I~+?|h@v&Y(^Q|%1a4V&e`|>>Xw$&+ z;zCC3{@@oI&_+3$jz_gegXU^#ZR|)T(2W#+K*TomrV8cac5OSQ)`fZ6zC2cny4Ot7 zKu}VfpE#%=eH_(4m2_o@&l|Cs%(~{v-$8A7cw~K!y@Gsw+YFhpMuh?y*M;vCsL6Ps zSpI}99n(!ouoXpe=~e)JY$GGyzw*S=(#9A~;)UrQ6D{73DJOgoH#g%rygo6o;>V

    4p<5nMIZV2 zr~C&cdW6I*Wp&fncrBIxwO{l#UWO7~HnEi(zQ3%rQ_jAPtM*`?UFwxkt*0w+C8SAE zz-wp|`{?R{&a`)!&z$r1*;dxENJ3Wf;5C=m7fj^hBQwSYkoXjY(Z;E0N z&B$P~eJRJvto?g%No2(!ii07t0Ul)YIsI|P)=PFayuJM^Bs((M3pV{>PS>W!G4tLi zawJ5`Ak?qMtjiTFVoha-stxRJ{H>Y4J)#~Qy zVT^A6J%0DY)CN8MdH&nZ``tbx?aT#x>aw1=Ft@W+)vb8uJtF2>*Z03{nWsHt6a1P{*m`J>GkdPd@3*vdSj3;x8A*vJ61BcNYW+1eNO4f zLB;FZk(>AG*4erG7YOVc(H2Re*~}i9Vb^+gv)*tdapm7c^2!3FFq$0CF6_1!`sohkWH+SSR6}dU5ue6l4!HI z3WngqHMXNkc7L$iPeXk9tC%G;bHTBsLmu>OfwK6}{F&px4%HsIHOo&x_vb_1){bM6-i~7dpS+9fFrqBob<>!74Je4})v6&tvgGl-e)&X&_88#Dt6wXcQQ1h{Wzco52+!VByX05%QC zkVyiTI_*6pFR6%nw|_P&euq6FF4*Nfg;htjSXRr4Gm76_He`8VNok1X+yge&!&y~@ia zC-VpHs+A4dB*HVIfNDf8i$8oVwzsjJq-t;05Ok(Dgh#@)`AJHISx zc4@aid|THI$(!Q;D__$!k>zDue*a7UMHy!&1-NZ4N#9`Tm5HZ=ytY7b^BU~=Jj*F; z*pirFVdRuo)n@%-zTtCZVaYgAGAFctjrx|*zC)Me8-UC=$!xA5qVPimx}kJvwp|*x z*);khgAFH>mFA$UK6Gm}(`l=VuRn?Kpp=O3*2Z?AKR#wKrwgk+D7*7+*!IjUQDxB+Fgc55D;NIf))bwk+^pp3F=eYBl zrz5dS9E;gvCQqHiySoi%@}8#kv?YRQJa?K`R4V&>L~q%o$oyjTVJf3VZ&giec@)di z=0EMvQ4K`#ON%m)y{7s%)J!oZ?#Vrb__oQOt zr&p!fd}hcmklpsQZG_#PtYjNcdT(_gM;9q#`uCxSy;#l2i0vOlozz~*6}S+3vs#6!;@4a@q}E{URvc2aC|hpE?21K#-CE!#cG ziUP1CqmO2`ZGTSor`I+N@+E)trW*_UPA{78>)R9}{Je^`PH=v8(!iMF)fLTV6nAF$ z>Es|bnT?++Y>te%JG_pKhVe*<#l**PdF?iYQ?Usa@O z5SIHbH?JWMwHFk0nxs40_Am#2ZagUeE3x4jKnSZU$J}jBO8q<;GZP|wMSR{x&)ay< zxNJ)e7xg5RGGHr%_EilmdTUJ)qW>=2{1k`1XyF%9K8?+zl4B5Js3#9ZZEn(qvUsAp zMSz$5Rrt3{g9L`RJtFDe^+s;5t7X&tX2)+He)*UPee`&gopWJ7>1iJQ%vbd2xv3j@ zsKB)mZ#4vZ6)PZhvm3^&*m~sdt)Q0d-^pO{@(IC_$T|KL-#hvmzgv#)D-=oU@C;%z zsrT617vVK7UoWHmlJNvsI;%#3AL1eW!LyYJ6NQ{*0f3mk+52k!k35uBGYFk<_m{rm z_f&~!`>DdYR>X|KIU79G4x6VOsN-aC%&5u#y?Qo0(SRY4j7UsmdQ_)kKyIoVI^{3Xc%9fgq zHVf%LaA4PbGYVbns!?Q}E?Qw4-LQCJpXWviabz2p{}q)&9>^@*_jXw_5Rz0{ox5(w zPSVh?M+dhN5UpccvtumV${62=nO6POj^N(L3`0KgDywOm`rEUq>`hlK)%x4Tc8Sy_ zZB5Dy5R2;*HWCq2xYeu|;fgtuwdyhkM7s;qkN9iM|E=A)s+_ds_S;yuSL%{*y4-fW zwdowf@eUsO^I!bbgY09P=ZpIJlVs4MBNV=nBNGMDwwO93+Xf)AAjOR zo|0-x#<#bbV_?dzyzN{#%I&lnlx-vHIKmjeUn*>N`yCT(hk{mKXA7TOpz#^tW#(*W zuxW0#MJWKC4`=`(Cm!Z|Zg6Xuv#lgE+Y=q{QgeTuO1On|3+V}>B%$61$GMN|fM)9= z{PsmU&Pz0i9n1MN68tG{=De~s?}K|8@K|0pgySo4r>D!=K5O|?ALIl3>ZvtNV8?Y`~x{a0DD}QVa(8mM1i2)@Z>~IKw^=K zxVx^t-^yn1=xAg(bIbL!4@p#K_g<+R$=t+(go<0T1=0ZRGo$!zcAEoyu&Ad*!S{aO zO71Cu%eR%qCCIbDftiTa3TR*rd%HJ=!f^NQFwEKgg)pShow(3Y!9IrX1h|*`w@HQc z{=&6Z*8DDV0rO*UUFJE`PLoNme^x`_x)v*CqHVUEL;J1I)wB@hdh9HB*{wC>3rkzW z_7EN;deE<@$lxRd`76QRbuW6}^xU5G-ZPyBUKML{#(qda`7zc;(8-y?tKcb3io=>> zx)hvval#^%l}@wgcY^z@f=NQ>#nF`5x8$>IKf>HVdzMJB4bXW|DRTf+;B$;Y@9Ys% z5M#-*Ih8e#F(DueG%D<3_b2j{Y|7Q)z|lRaBjb;AnOT~!KJWalPGS)XZlNi8cMeLg zQ0veU48U&ad5LhY>2T^Wr8RQ=9xdkM$RvPbk*C!eW%4ty*Gt~DiN@E|H)Gc~VtbZRzPKA@O?9~`YpCJ(}XtJG%qfq`H%k{7q$ zkZ#EkYAWX@mq)rgo$G|7-6QKC?{b!om`x~NWuQBJQ-mhT)Gg5U8(v(7>v7x zIyQf4Rpsfc5gZ$AL`S;)Tzk4a+9L=ADm;);kz1NTp58Or0DUwpI$yk;a-7+30q zYb1y2ui#?EjG8jr8vM;iRuoJ(Y$dJuW@p;MbNw^=3M|I>GIXLwHiFR%Lm6M|w!zs} z<<-N+=d(uI?Up3EHLOXd$lk514bF3-&QlJS%dba9UJ(f&NJ~eut{5jbVxysGJKHBR z<%$tKQC>GkW%TpLELF*-F-+aa)bLSqA)%(BQE83L$cNZ+3z+-KoN%xVgjs@)9u0-{ ztf}-W-$FseEJipskv2{@E=_P=kPJy#!@7N3tD1lG1MZx$G2D^|lGJVbTiyGsC-Gqe zXtqN!qnuAd!i>W}y;w>vdkZ(g(V6O_E|;6XAyhC0%_Y&M*`w$(GdCR-;UIV<_v##8 zT(`22Lp3$+n65aElUKPjUm-?>_LUX(=w=5Hl$u(akxe?PoV1d!K2{Qzwd1u1T60VM zXo0>2nv<(@{kIpF;ta8vt4}@(NL77%|I%WlunPQdWnAP*r<{6swRI$Y?e)#y4LORH zd4~PMvP8^uog%RzZ(2opgHzMDG|tUt1ATpo?59PIe7jen_34EqRsDRad}q+|1~QGb z4=0G7Npp4U)ImCXB_z?B!ObGx8kQw#k=mrLa$p--``DI_9{b#)%IqV>vwednjdckI z_={6nS5*dBYnd#T-_g!%Qd}ufP(a-+Qn_8~f`>%g+F- z$=ij}Qb-bdf%nBbzkXIlpR!Xs?w?Ou6&>BsnQOVe;I*T=vRXOL#A$f4X!IdJ)Fd)} zyb|<4u?DZtv#vwnohx>Ce3`VUN;b46QE*4?DoA~&WI#eY)HMjk>3as%g~Zy>;M? z^sjew!i4-}8cgDF3&qm*X*UxNl}$PqSXnxaSgJj|#_C_X(s&iQYwuc*{NiM|JJWl}J$tG=@KeN1^(=zl7tHFlxk}QGe11hSza&9WCZ;dg|+4+5luH6ruI*UO>6re|Mn}Y1q0G zeWV8t@-1~#{Kmt?fAjTe$>JR@#v7Tb1DU?&&GQ!QhEuX(ez!79AYu6$6fiD^e`M& zdpFMCoAFL7L7s!-;Gc?XHjC#!2NTwm#|E90Tt0%$cvET`iYiAUEYD~lv}{&oidF|> z6yOwxWw(X1+y@xjI14jQyb)O?s?yGClc|r`i~__-^W-b(46ymMvZ`UIsM=tEx`;~& zV}=(?bwP>AM^kA=@@Ch>WKsR^%@5=%5ll|sk3L+)0Et6+$`7GfLSczZVLt-@@6iKQ z??*_cP#0VKr9+Mn_B=D(Yb27_!v5(^8E*tBb(>UZs=sf9q+TH(5sA329ieRt(e_?B<5&L1p{{$* zO}}ftsFqUH>2@LiEXxDw&G;;@-{}q5s=JHuLq+Aj>@EmHg=TbjC%=7E$ScCRzX|BY z*V^J4`3c1U*^a+SHT4FwTl#k-sJ_WsDrCslE8rS{gr+vDG~+vCl&~-JACIVa=KVu- zs92Aqt{H{Wr1N-tY6>Iz@8%vopPg?c-jJ)oV#-MZQNp?56>~_BV66t<11(&rj)HMM zxpvLQ2qS6{fBtNWF!#C=`jFTX&+hjVhDBl-$|4PcPIYQio+*>Hew}`-lMzN9=NC63 zUN`#qaPIECi;BDjrUI79k^#%jb!MTgjzI2i2I~dkY%Xz&;Am#eEsg)X`a$ab*11P6>3*qf zmEr#7OGGcP%ZXOO8_y^#9p)&^PA)%^C&Ku5%% zxXukn|C@ov7aA>qnACs zKq|re-a}Uo;=@#fk-dIKE3c{qt4;4<$8#NIN;tAgAQc@IR@3s>+`=D6`t;cqcxs!P982nA9ju|Jj1fzO4(ksry?be#(cF-9bsR^>O z&OeRqK0}Sab#tHIG)lGR+w|~b=zPhhDgH=sTK$8%Wbd@fwEbQR-lq2es$(#WCCl2# zd$2U0M#bRb%y$9-EW?ZH*7geJ2s6TU16IllGd1dd2fe`^@#CcAVik&S4GonX*{hOh zvp^n2ERA{XekkarbP*VbRG6E!!Alqdj? zg0Frvsf09dcEU8=lU55k4V2U+@q}F{5AMN7(`#|qL>=4bCc>am(1q zaYSw^#Q zOJ^YE`piaWCEaDMTJsCBZK1ZEi{0Q)h8%LWLs^oR)>6RN|9+kUWX<_1uG7SO)^_<< zP|SmJCfGN|_NO5Mr~ZgU+*#5_ZwVG8n@Xb@>2@RT`BQ)OexV($IZ6l}>|)9pwXeIg z^hrk_1nWS&%6qi>HjKVi##d~`Y3k2*w6`-OMA$FsA6VE%@9g5NL*bqAEi(4VWT2|ehgih^$!z_aILitZf#U>%Y1t(QACxF;Xt%d2W$4ao-Q z2Ngxab@89oqHq~D^ziI5ii*W$RT~|Sw}_-1mMlK8snaz8xKhm;(~mj~!e!r}9R}f~ zDjL6aa&`)snQnU*5QX0C$8&R*VN1%V!(^wkns%4H$bb}21~hM-#~k*J-!p5K2DJe9 z`HsZ6(~c?oOuA6|*w!(g;@PBq|ABt%3w_zC+x&pN=~KlWqi$R1A_br*dwoByhp^hd zW*2!0qe`bG6?c1rP(VX*Eb#4mgDW#P1z`D*j3NU9A@ZyzZKK@cp@r*;O-g z6*UdK+jd$%7~mlD*9C}=5B2|fudQ_DsBm?pLElx1Gus!N>n1=-p7pG^R>J80-3 z2yR7`R4P{cN|m%Yk+XBdHPgn22TDX~r1Gw_)=>gXOQkfHytk~!<-psr%B>|mvr zwC_n&NOk+a9MDp_Tn|H?oK?Va8a^hiETae`Ysx@}#U%5RKRPylm#AVQE`bN-$0DfK zxR;q-36%qB*`S^LP{v#bDHd;3i8=w_MEI_M%L)R{d|;L4hB`h>Sv^x_$q0Dc(dUP*&+@zHaGX z>FBtB09Kqkt^LvDofHD-TfQc2zVT18x2p~x(!vqUpE3OnO>5QH_}3;(!0sImwjQQT zt8HI%048;P9LsLHJ-1lkTFf0*XG_VAk|ya5dWr=3lhrObNPw7-Trm4HQsu33L^%0d zxYQ!<1PwUoiM;)sqawYHbctR&3XAh1u7NDf8v_Go+w{*ga3d-0K)%&Naz1xrC>TaO7xL{kN^$VfiVl({{YknQgd@N z(&jt9IjiL74Siyu|I_;aF|xW575lGGaaSHfGTMfQ4p07cOA>*&ceL?VjdY~|Qx!p;56kaQu=IGYnR!aZCl50+qQDIDbhZje>)1j)F{)YDUR3gTyH`U;VFj|B1$-8WJQ?slx_cxPKI8Uk)AQpQGJfRIHw8B@L&&0 z6XA=-^Tnu~uJK%l5N|_KSG-ET`r@oiV!yAevu{c2=>{+uC$~brS71kCzhjKpLyZNR z1?*ZAP$eS4J7q&lDJR?Q*&-cW(EWz$1n$7pX=vyeewN8|#UJ1oBZ$l!E zg#5xB^Y=;5MiBWXq)+;1Hdpr25aRZe69S#aX*rYJK}QS8Vc-kNR&aV|`Ru#ymwDp1 zoWqSY>2%tXcFy#;p6AGM3X$t^y&mo6WUGsvF&1p);nIp|G+_H)0lj#Ei)z(*{+S*U$WW+dD1FJaeDuWw}&4p>r= ziOtu~WiMV1YhNR6?$oVFc86lZcrUHf5h>601}^%Y?24Evhs8_9a-3^GL#>=ZIF7+*}6*r!v~y z*-xQFxFY-V?LPDKR-_>|25wyZEsMU8+3ZK@wcfo4>0NvKJVjuyx_3wf#*)jWUSitQ zv08tP&Tzyl{;k`<9>eO@LF(@J;V4Th&E(nxA-w0Cmhq=|HN=@!J{|uHLL5iy0I2*G zsJ*CX^&+DFnS3tdW@WX?CR)x!6|H~`sdi~24Y?RIY2gn`a+Rhb-V7bFm3L^u>Qm6| za>H@C!00o^@)7+gnK|p6WtS+y2dPvSSF%o`Ax*%lCAtk4c`5p2((kMLz4F_I3-h%> z*L;>nb)Kva;(XFZn-f{YT`<+0Ma-jexXSAj^D$lI)A4Lls=jUN$Uw*eAcRnmI4NWwiUbK@A-QU_OhZ!^y z-R-zwxu^EqXmU(17NN{B7mVv&C_8oj;f80hQ_w}O&KbADC~@WnVsFcQ?>t`b3Z-qJ zQJD~uWoB+L51_)7)2p(ta;j~?@>&GUX{BOhCQtUZkz9{Qk+`%{rt6+6!?asn_cE9* zr>n*^buQ?V$LoW*;^CX&p?-b8CKU0GKH8l*6d6+5&v)!31v8~__7e*C566{Uz1^mR zR{Tji*7bPH>xS|hBllkEIh(LBHBSDnU>o81%qE2Xotsz5GFtf~OMwYr6=QRIH@g_* zB7^CkF^8G@Yr2A={4-m8XlN9R0520ZX}ot;PuIVUVtfXEI9eU;GTAKFMq9{-#-rhO zJj+8c(1l(=u(9WJbHg8Pm@BiE@j^RPvTRJ65~v~xmg*e*ETlErDA4Hi*TWP8z(Lc# zqZtkiwrwU7I|=|gZ(xY}vIt@qKJ!>nnrh-ECPW+6JuL+$p~;#oooKsWC<7~##3-pL zh&~=)MJ6-G5|RmUIY`r9jBuws0GqvmNKtfUoIV1dc}C|z+q@r`A6X)?NOr~gm((#i(r*rKph>Q zy4F3+{%hs<4_-%r$w4F(<`N!$^E>`#Ew?!d_@~sTYbBhJ85aK^;tQ)M=d~6)CAyA^ z-?2v?JfjVjkB`9*PbXm(d*Ac@x`jcR@Nn0AXTNpEb$ycH&)c}Z6G49}C0^_*f%O+6 zmtZBi?0N*7Ck-1p_c@NESa=<}VGq`mvS~^vLvAY+36BE5<6M&f*6Qg$`2&OpsOIOpC zT!{W$#e#K=CU{x55GyvK3tU#IQmD+A*T{WYBWk9)V{8?wXa!QV2pduEVK%|E>6_dz zEK;AH$F?Y`fTUqfP2vQfyl>U}dT0G@! zvhIIMa+ibfbGy4QTF>j+4Ln7!;5#wjSRmtvU{cWgjl?xe;%FE&W8B;VTm2<|m^#h7@ zlVp>nXruF*^O7`}@m+;P@G3uI+9#cTYQ&NxEo`Y`fqmBX=*JQQX#}dD5l-O~%4anD zUzlav8vywPD*uH&hkxKdH~%{|Odikq{eRPQ|2HM~|F*$96nuY3bIIThsBCkv+34CMBPF*^ibw6JtjJ$dfeT*n) zSZqdQ#&6Q}L)N_NGE}qX?Zez3HRZ*fRkJrIUlkOvEG#s%cmVkMm6df8ZttgPyK2Ca zi<+_{EY_3LGTKViL+h1So?|X`bsl&YSIPH(e?F%|9vDy);~R^3Zz?9Ccjw~W9l6r) zY9NmYWtJ~37_zT!Nq0sj?AE+aue_2c5WwhTK*(<>HEO5U&Y3bzoced;1h9+SQ3V3H z-4aDIhT2O*l-w43-0C<|V{a+)vsAa4QTuNYbf!!VTLFuL#lp?N&V%om)$%A8X4;%i znPp$58d&df%7@By^1deBowR3rDVN6m9k-dr==E#UY>}TtX^L_;fE)lA4{6uGuMz%S zF;qIp*PzrRchqz=UC4NDe&a|(Bs6@Y5_zo+oZtDHGL9so26FJEet2dEe@XVL! zVM$_jQ&BAz{+_Y32X!W#>=Ylwxu{X=GlvG>q+4%Vzy~R1@U~F(@E!5kWIA+pB04T@ zR@-<~a63UP@F?Z%6d(HGek*KRKXsS-drzETctXy6U_-)R_`PgjJ}wDgeAE>4hdt>js(NtE=Dnh- zZM^>>lHZ}_1q7BfIDizzI_~qOTbNr{Qfj@=Ixt}#3OpRycKwCJCr84V*S%*uJV@#k zCU!9XFT&m`Dvqe@+Ig8nx?U*Q&MWd?o?Z^crws&z}xt@?(}0c~-Lbevs(0Yo@fz5%-PoDunHp z6cme3q7qMHm1L}7Uu3+8d#Op4jRjt{Lar~3*ssWAE*N+(0~D@zjfc<#Y^)`YtD#BL7-3T*%-L8;d#f^;j%Pk{_w!q{A(+Qk&m#!mM-7q3QlNVX&B_btvDd#BIE! zc+fBHvK)W-Z#&jVYe~|hi18Y3Px$Tk*GjGgn*+&bFt%L45ko4`n#>y9$!-$Vo_Dlg3L{89EpIy%7MOiQLCC$2w%o~?!a%wk zHCYVZ%#fuTxhmN0WGVitG*xzhbFOF*c`CZWUjmPwcvt_Z`4%xIM;i9YL1e0Q95up_lqR zc9T>0rnl-3w->MQ)GP|)?p$1HxKqogtbZt2)$h^AHVO^gvJsaLii|5*lW(6{yhBdX zpD%G=np_2~tWj4b9#x&aY4T$7{v~p*jSBdMtMl*i`ctOGGZT-lJu>jqc+s=zFcVpWzDeg8zWuj$GNw!;)Uxz|Lnc z*CCn6^Dx;*?%reu&C zR0Uw~ZH_$w7V8t&Iy+)^kJ{1tr;h9?n40lHb`5w2Fl#1$*7)p5#BD2=aQ&L2f=zm7a(`tN(1v#vs&18WGwO+K_P0=M|rtu+>Ip{bh* zH52dl6#g5l+v)W&VR?FrX`McQBQu6qs&vx>%E!QFJ@y7RWV9=c{<(v{NddT z^B?eW(2XlJ3yKJAo3x$3Gh4l9_dNNNn`#rY8kpqUu`(h%XMXY8#Ls)XK=Q)ZiJqiG zc2#ET5Xc_1)}D^q>S%rb`OFhy0?ZRiKyQ6$xNppJ1bPr`1-uI`*=RZm95c#lbX+Fz z4By9X{k~dfL|gW1-oI7sv4EsGm>49PNBG**-R};12p#6e>&BXM9nLv~{PexTxf?Ea zwjUj|95KFM707)y{kGM0FW^N7T6Xgd|3l&h1w7K3F>U=-OlPNN5IlA8UsOp&pORem z0wb*rO_n|esSdW_ckxjNFCVc}+U1IdaZ^Xw)q?atQhD{34p_{v~5r+;rITEV;Yo^5qt+EOB{HwpNm;%Bpq+;Z@m$kaU5f4PX2FlRRK> zn7fX%7CTQ4?@u0Hop&?SQV&l|IVrMXZ{%K44&Q|IGnp^V(D?lvNulYW%9!ptk1J!u z*eZP!nLiehu&BBdGh~eq?R!PJyUp+ee3IAkBA7^FLg<}Kif}si3&(h=idJ56Ncls@ zGoXNl8$7FArpdgt=lb z0*f!qEFNyczJ$tg-cPg7SL^qU7V?kuyox*J*0#6GDiw}0PA!=KRcd3$yMLlkD=Gmw z-QWsb{-hD|al-QudKBs(Mmnr4g>^Q57g`m5LzycLkT7)rMt2ZG#G5?U*oT(&c8VMA z1?JT6T1bM`_sP-E$K4DwVZ&Gc>Ut1#$?o~4pg1)^>Fj#Rvu=;!72)3AS`1-3;c5{> zhA1rF9GGSpNMtr9xh)97-}4-Pi|~$oS5-J00;djVkgqyG`#lW(&EjK{a9O%uvGwQ| z;|cw_F$Z~p-lt?-Byoimwt^&kie`Cq{Ei*_BBv zBuf)+tiw3^mz@)uMpbh+q7bh)LT%HJ!~N)c@w9BYc{O?~3P!3%d8<8~pX^2;f(iyY zzV7%^$<66_Wl{{ytgml&N<_lq=KA!ZBR@r^d%7yJcSVFhcN5iN5Ull%rUoX@F?!ly ziIU(Am7ZMF)gc@-E)jd}ywPa;DiLit7U8RUeIxC;#G@D%nBE+a8RwEr;YVrVI%=XC zV0?^~lt40?U@&N4BHJn$WJ;&!ZS>=1iN*Q68=sGDTv&Krl8{bJ#o_%5J)k z2ptt-V*H8u3kX~WFx0s_Qq14VEX77AWAlRQ6=_q;ZBOKt+Ay&fdYUy%e*!T3n1a5s zIc~clLDsWHwH16{vS}P*F#Ik?nb!f!2vKE1Zu<70UIF58EH!WUUlX-}p2*!bCqXu% zBc5sTXkDjON{?Y6?b6bQF|p2z|JY68JanP9!7f|6Hj4r=o_HFX1L2mhdg`T95|q{ zU0j7bY3KN-U)Bl_#Tyl7^!Sik4Qg9D2VP*^Hfzw=d$hd(M3uGnb_pYMECrT+(`IuL z$XpAC!?`s_E7Rl|5@Z9ToGd3rThq{!;`_l=@awE{o>OVj5gm!2MS}bW1?q-IK`U2a zIevfv5p+PHmXYiS8^$#urfrVkC0)(HHpwrBXX9K_Csdo=3OYL15)%hyE*J9_p@%R& z74_%m6Wd=#Z&;O4Ht+Lzy@` z{>IS=8T$}Xb_>vt4xQO<{@KMwAXzqrk1=7MtXLk9C`NiaxG!hzgJQua6bj?Ubc_bd zBw4iZw4M;HilyUo_;1r#0zvFML8ZmkRPe(iT>g0s85k{vfZ{2W?JBV9k{i(=C&9Wp zwj&dREh;3@is#1o1ELLb;^13oc&MC=Gdq_Ks#DUn-16ta1T&e8&K^wUz4Ik(=C2ds zO^=E4275_pebWcFiDr%J$z^N5Rj zQrnVlZ!C_accCVBxsCG7Bi3T91!f${utp+rD2pM)fGR-fRA46oT z(+Jt##u$pi#AO#_4;r+H5o_v5QMBON@4iEPdeTYC&i&Q=QKAAbuxL`54%9BG7&=6ZXa~?yn7vU3sQ+?JmsN0ZnW0kl4X13j zmel#3)7f_G%+@@f#oT~{$?YF`Do+~WpFVB5Bc0A_dAo1% zp;q^uR*>x<9IV~(#=j5p@?|mEgl06|JMDC&`R|`tI2f)a;O&6sX*ls+ zmfPubJxZheA0WJ$ddE~L1#JF18~D!$af~=#%m#uPYasJ>gLbfq`5T;4UrW-))kLm6t##wF}np>3W3#f*$QI=mh-9_`o_vr zhe~{%2}FcJk0qRLUL*$v$huXh$9z}fV8$G|M;1&FuV#aT9udx=W{!e)0X%oeL)d^6-=)~76byQ1uJ!%dh)Io)X`mLI{x#EuH+BvE(&t3w#AFYPI%nt_? zwcTA|T;vTjtA3BELj?ZG3cT`q>@^a&TlFOOLH@S^`UB3@@O_*W?Rt7+Lu#2yL+3KD zy0G_Q_ecj{%*>E=wF-o!Dr?YouU(66vE}+%!u1c_l?J<+kjyi|x)m9opa_Wi5gb@3 zzIRGCnD0g*k>2t!7|-7XJR7m~5ZdwHU0RgH=VJF?D@JY=ZVgqt0DKAb-rx}t_Bszq zz~#8+2{vt>*s~!1z{M$e0e01~;iv*Kkg~qDLhA!?zAG#g>5wsT|utZ%GEpyrX9mG{>j`_$drj~brO3A~Re>1WnO|29vf{SxOGx@^B4vm`7A z+QUDqGw7wgu195}vc742cmsc~v|J-oH0eB`lL%+CZ6qDj%hBZ(c*P%o6kfCLf1SRq z=z(haN4IGitWRpJm^mVy^$Gf^`#xS#Kqsu0m*KYDU)y@!kxeARx%@onUL{b;)RHG# z_mC}Hs1OmC;m?7hPT|6Tg08U{!Pi>wie%xl2bE61#!@_Z5yz&Ul)jMZ$d=b&x#8_6 zx0bDcLJ)s%emj#JN00_;+)mn2L8##E7uTMQWyM^q(+fH$KHPDxkeCFh;I*f2)8x&9 zcSkewBl6dRf~D87YdY#JX6q3%F5>cSKKRzv65Gn( zr|~NT1L^0_6<+r9X!>uDcxgzWk4H0Gtp{+Y`aV~f=^{Vd3N3sSw(p=wgf}5I-Dj_L z{-G(WmG`{-+Uo8_Hn{11&YlRGWoXx#FfuvA>9zH$6Q zUub<-q6Vs9#32=m*l$I+Jb_!{(U^}2R$Q1<1!vj||ICO#Hf9GgE`J5PDPF|a^y?cL z+c?k1?Z#4!<&X}l4GJP6F--J4$630aVSMremS-)55A=p}UV|p-lg+z1`v~27e;vd$ zx5DK2xzvnB?R1xh{Vk6TW3>O;FdKZJF@l*8N{V4Sb~rR03J_1jeJRHO51r~ zKrEh!akb*tZsGKO7i3-#mK*DS}?P1Sr&nH{<=zc~OOzct1#&Oi!6 zUWKQ`4|{^Qm}>teg1N_D0nar9W~f$8mknku$$RvQcapPjF!8lbucbz81=Z|-n>6(& zvs0wrSkv?7HMpy==_k$))6PLX;1Q4i5nB{V|33%&27lDPFCmB`<2zZYyeQ}@t|X*7n;s`sdx~Zo z=c{pabMZhiw%!dCWDwILAlqd3$}Sgx8wv^RsWU)IE;3auX>a?AtnQUPMJry)jBTPe zKU_q?LKoC9)M~HCNlow4K)3XIX>w~EOSz8~<*$*Xspa^V3VG*SlKOKLZXo!FTc2>; zruOxx%H)>Maplp&bk}tW&r%zybZuD=EFh;T#beVuXQ_m-qzxR1CEN|6NVS)45(qHL z-*)utSSrELe8TQR9 z_!1c7`t>CQhUTRy5%wfbx0tD<0nsn|c&OWq4sa&EL8~Qg`(WwsN#~QeK=#;ehsNOtZ9%VhPT$R9l+zt1A!< zlOOe}Dj=bM^%S7|9-|!cF0Bjm)tLP7fp5{u`>I#+!;?3+L8q3L78X-BE<;DpSRzy1 z4EJ|+mEM|OhL)+iq)SKZFY-9Mw^2g*U>obax{9uvl(bh0RYB>m(qDS&;!aMZA!w7{ zMll3Fm*7s)>#G?0&Ga5cExMKHEuE<(hwkz8RBSmN+&E>;p$5gFh8}7Rw~|LPHsyjy zMj@Sy@i~Wpf5W805)Ai5{#24S6--FLq?m;ipoGk8F_H*!Qeh{jr77!I zwgyi#qd&{YRL(F!FC9n%8y~%>3sbKO$j6qUPp>TRR&CnkfTi+o@Kh7`!9u zpjc}+rsf0Wwcy91a(YVYH%2e|LW;8O}yp>;~pth z{f&#@vye;GYG8I9r;@6!Zk~f#H@eY`nlfFmta^F-G(8IjSi*=mbJ$35S4&wTXH?40 zO4^SEn-g5p%!sAAz)3{6T3=ByHOpMg**u?|q7|%dGM@r=iMRxfR4mw3(6uy)BTKNR z%Fq)&Dg4DW(W`YO6Bs}oFLdy3F1v5{XVo6k&+v*4XRWouyKeqilgc^<__zyQovF_) z0}p!nuXX2hH+w6#7r%UPCuVEk@UgF#*<0ECH(~lby26M!RDdxn4%QA|itrAWMvN zKJpDc&p1H>k9igH#H*slJf<2DOsmRN9MhuB?}<*b@Bb@adu1CNBfK&u^<|$&q4YpS zL!0U8E_<6>iQ%c`lHrS7K`xcC5LQ|$xA#Jj7gGALV!hes$pSWIuH1JDmOLF$+Tm(d znOZc3vbznx1v#NGEkgq+(#!JfaJB*Q;JwyKK9CL)vd!mI5$W!yv%9+^86L!m%{#0m z=*31X0GKOON z%Zm;x>dVJX4)63#kGn1Lv8Ap$zS;_BjPwp7(prPUz|Az;A93--{)3Fuu122xuo~66 zQ*Y^>3fTg3DJGP_5>t(dwSVQwSZsS35iJNNrma6^pW#?VdykP{Zu*&LomF}88gU7? zrnH8A$JeeCS(9n%TtF%+q8%Vm>057qM-@z0D|yVDUZ1kY&{c0*7#wn?(MsHj)R@AK z6!a4-c)+ttXv!mu^Tui?MEw9Bn34T6D_$V?%^JC4RY0zW>;a*_U%(o|cE@hFVy%KX zH##jSU(S_`qDQ>Ueu{gSD^0oMNVLH04fdi@?;D2uxFGZ`AvApNney2{7!vj2-uk)rBoOq>EFgyn4RL};dY4ofEloBTFkYJ z;thM)mdHg@1aPzZH?2(goHE!xqxLN+^yeFtAX26G2C5l6N%DxU2$f7s73wuQFM^+) z(<}($0ys(e<#EEeY|SK7gu4rfq_x_Dn+uQ=WAnDd7jxn(?0kQi2oLT0LIVYOT5L%q zF)&t|+y(Edy_GyX`NJxMKlAzp>UAzDgV#d-MGp!z59f9U(rYJ}57(jGy}YcdBzLbz zXm_M0d12E=yD{>|i?yO8EH6-By_ND?vHuN9S1kC0)YrIDpDGU`QRQ-(>S z+GvG&++RbA>vUmD-X0Pw)>MP)a_w=Qhg5RJ96VN5GbkW*!-{i?g}Gd|Hv{tQJ0~8( zR1}oKJ^Z{IB~F&pedK>FD)6I-w6$f7T1e5BLDmd-Xqc&)Q#3XoBS{hv8RlR)xl=@* zzn}7@`Kb3u8Fg;f$YZ^s|F&gMeah4kSjgLnU7yZ6s^o^?~Zf8 zH~j!&lv2fd{)0ZZfV6)Kp3Aw|8hPXk3QqDYIOL;l%6++W>nj_L~aU_aleN0ck zEgF|a3O+mO(n_>49Knpc9zeX`?I2I}HDYT2(z+e$Lvr{y?65nK-{|Sym1}_oYFlrGAS-(*no}O9;G1}8thoTVvceK#c{`aCWlF` zOAP~GkGA>}-aG_;wv{pvpAq%XDGH4;#7Q{O)_0Mmxuny|2#U0r@aOvPO6zwubGpQu zqPZ|;{#zs6zN8s;JY*tP<^r0jsZQ@lAE z6atf3f9aZ~&va$#o&$6NpS!;KYQ}fb2W3B^G|zM(oGV$9p{@3nM9f8Gku3G=hU9f< zIJjAS)U=&@Z*VwoKcgNMw8@kwIv&~XG2bZgwEaVQlJSNLzNpgPFq%j59eleZL1?mf zB(6zA^$|EdlVaMq(Zem+JuUBpnE?WA2k^&5)pIn2(R5;nBcCFfBGk6i?{RQ8e;Yf2 zC@rh+9a0S?;CC8++o+(VQ+2f+gfAFh#oT@44`ldD9CU_t>v?Am!6Bh$VMv7!@fUc? zJ}OLu?XT)jjxe=H*K4!6`BC8edL;ZpHBRK^^fysU_C_3c^^RabN_nXs)q`wj`1Lm5 zgE=V2h5bo)DK@q>dLIbz27z6_di7n?DJ;jG>n-J=niv3bhgL+G3MGU`%V5LisOIq* z?64W`59j=%kDg0O^Hc7yyht{VaTjvdBw`Cpeq)}(#^IRxL>}75?W--;N`^cpYP8n} z`iKKX&utu78{VRHF~1u7qlP)u!iEe!AZHeiYoTezO28$r>}~F}AL<)#)|;qlBG8pI z4Q`Ud1>bJ%eKSJNL(@>EMqOXVuo2~~XDIy$44l3K7hxO!&cgiZVVj?Gj-)R2Ffem~suEw@6TjvAFl!J_jBizED+@33hs)3yKai3kssI zMl3#%E*iuSM{@qlLyvfEi~Py)qS9n*nIJO;=U&f=IIt_1a~bIkUGkM>defX zFJ0Tu{Tnp!O9_A#QCVx?{v0sibSNbL~qu@Dn$gE{}+CM3(*eKi)-z`~y zw?2d(lLG^sx>em8qJW!z5U6P@IzI}BkmFnbZJCXl`PTmd5jV}S{pQALl?B`rS59jk zW-6Hx|FxDC=4d&L-cmIUzI8Cc(NKl9I`Lj(VV4Mpb}3K{n$&eCM+Io@d&dIn8+m znbzbRLFJ6nd#=v>_SpJb&Sofs+9*8bQ^ckJY7dz#6^ZvQSP;Y8-oFts3x8qx4vw2K zq3sH^WPY0aJ7=6y7r3PF8G5MylzQ`%$-42(*{x|pUQ`_&mRk{*#qN<8BPif~l;CHa^Q_(Zd;H zKke2G@%2{syH#55uAueegghqC_KezNxGkEUM!FFSR&xE~^ zPY7tyFtt~XlhY8(jSl6`7d48^HFnO4`{Yr3COuS3S;c+NtlT1QDc9#6aB}6HV7EIWy=`M?xsvQ2w%uNnlI~Yo!woi&gA&8y#?F*UYmPb zVf|ADarbc1emWb|f9noSX4esUC0tpOk$mdFa3ohtd7 z3NsumO@id^A4|y1H-xCG@@lufP2o(o1hJ$RJ*@;}c$T2%ZkQc=V*K0QfhT80zYzDd zC786{(9~8}3X5Bmrk0wAHhr>@Su;n(`A@j{*pd!K52;fR5qGkRQ-2ptzdvr1OhIa} z>X%b+HsTt)cB(_I_zx4Q-}pkrLF`u=LOGW9&(Z>31|Dig+^m1MVNrOS3%gH3{szQO zp%4N5;u%5HnNY?C4k3;nvOrwnOrp_fTWWi3lh5UKHO@`oVs4%qS#!t3mP&NoZpGn3zp{H$SHRO6+X zO@ORY>;o$h^Q>jy4f`5cr4+%M;Y%$ZZAt6|;7auW#c6;8$j1ZlxbA1LOq~9RsqOJi zo{=#3-bo-`HhTZP%$+d&{KREDX}ovIc&RB0-CZejIC5P`?KU`taEeFZY!uA-a8Zv=OO$}Sg;0|Giaf76f(9HS>N12ndm^HXb!E@UpBbn z`|Vu?ckINUr$`*GW zr)mB7T;2RZVxnwju^MdA!hWV#I&`*w8!I?z+g$6r$^ViHLnC~1O~iFs7e$nKcyyt% zM<*3@LR}#qxdc}5hFrEsVFPPoY!zOgSz-u!arqYnc+1>gKNtVZZ^9iatTt15Y=(*- zjV?qJJkmZ}PRBFHEJO#I=d3ok*kJ2*K1SW3+yuPPp(uLFWt-5}1~eo)=OD-C-s%UB zYE418Cl5(`Gk@P7;Xr>!rD4jHD(Qb%Ro%PonYa1}+#iC;s-gAu_y1Oi2myv>)qSA+ zSo!m=zKeVcZQZrZPJljIz^7CDlB_4VxHzII%|;F7(u-mfVS`OiSGZ~Dy|EHME|x|C zBgxb)%XK|QZl;OfnofBaKCeKamB|T=B+9dYURfrS0t#}H4AJ4PF^d2fY3LKpCGg_G zcwEhsk5d=mVJSPdF}pf6~tHBS0ap&9&b;ET4X<(K6-9w;T?1`X`&cL{|i3B7$-?FXi%k zjBG+kUwZA0+hkcFBB4K*9L3Sr|AfRo zv>Z$Q_BvH)Do;_Ng4l%x1@P+=8V~aqO0YpH#VsL3ZEv}R8JD5FJX@l2x~}Pcuc}Os z!VgBw=RzQ46EpPUv{2?&bdCEQJ6fiO;k9o4<1Ac1y^urjMhi=8<$KZu|jeu#OXMEap@kTV3`m4N&y#lD0iNJ zdh}+$)g!3}$va{Z?0=Q&@96(`Obqz?|C$m%%1#x{VpTs`-%86+ga1kGa>B z^nN_bZ27uinl>WNLEh|1W?%)IRRc<+tHT)8Wh@8f*@omw%GupZm`Y08FCA~XK?`@s z@1U0%utSoQE7`{ms&~~%ZD|chidh&YL0{&79g1Ip5*)(iil4c*FsLi*UD?803h z$RUB!rC{4x{P~V?;bT=mqO7sPs5(4-u_D8_Cd9V=3>0MPXH=E96N{KPkQ%mWVuEt4 zixkc3mv%khP8%32hCHLUh^Lc6pz_i?gg3p1z)l<|YKgH_$7W!0CGS(UNWfnA?uXam z9856Khk;PU6Ja9G6|DMirHL(>B$tOC`)Hh<=Of!#*Qo8OgTIiDufP7Ix!#N*rkW`N zJvMc27+3OYD=cHc4($JyQXLpL!8oqkhk_tD8j{k+R~G!eJdG04z__cJLsj}04Hh-P zwqjO_c2PMIT~WiHm|2J<-2tYSX_8!_XdL&DnTe%HTMG*XOw;@oyd9`LdP!Mgs#Fb9 zjetq`L!x$2gdRX0F-wnmM#8L>bz@pg9iN`9U>3tvQ$f%GQG4K9DPWK$<73W1NWwO& zFTFfof#uG!PK+Ch&s6=>-HLk`lUMjtK65!OJ4qDS8}T1aY{+M2uyqI(t*&|Or|JJJ zT~F7BYf#Zp=j^VMU)c<{S2OSuV=B7)GksJ;%LHRmF)Wm|lra-k1lidiZOPcuzhZG& zX(Pj?-)T5=8%Ocg=mjs_)pQ^^8J^ii^F;FmFa(8&{%39lZ_I6F97RODzanY#hNckt z-AKY(8MjUC5Op}O`zrV_b8_N}kr5N);^VVLm03L>BHU+F5}jJY*ZW+R<36j|3oSFS z%x@4iv2c=QCf^Xr@_T#o71Yuf@$>{2HJLU<(K|Z1M$0U*zGHd`osgk`boJZn5=6Dor)H4G(UeQcz5z3Q1>8PSaeD8zOz-`afme?p z)NT--R2jx3>>;aGQ`}5=tcu0lOkH+2e^;5PPV_m#UCdz)sj`EPqnp*r7@pA}j;LfA zys^BoFTgqqcV1$~TG*7wYX94JyG-Sxi{1LyaYUrNWl8P(fNX(aL#wzlx$4F$!mCYh zMCNy{%QdvGHRcSNkx&4utK@d2#FbY4t-ON*H&R}A!_sb3-Wdl+`R}yv}#g^+kLHiaAu~78q;cX4^wK+UN zz`BJc@nW67g}~%E>^uPlkLRALS6i)!L<%E=Dm7>Jo&d)SjWm9+o4;!dwP|drHtLyn zcF4YPyU=tNr6;F1BegvkQumc>Gfjkn%)Lh50LxbDpU45zEUxBTD3Qc*>pB{@!H9RQ#HQ`s1f<=iU_1G-niO z=_hW5ImpC)li%!3>T=Zy>TrW2tJW#3Rj3Q@@o+hjeSZ_g^RzM0S#Bz@$RoKqLz8wh zr|wLhpsupR6%l`aZtq0=n)t6I!fW00dNP&mrt^)28G#YQ7184k+st7h31_N(n?z*% zC-xtvwY_t9W)3m3N+Ct?opK?g-K@`r+p_7PQS22ll>7HD7@s-Wrcx0atO>6}&YT=! z4d?L<55TI=&onr;M#PZBx>AS3x0{o>sH|GTpM9gQYCCrDNbn^tOXk^~S{izZkzD`M ze4cI#C3}9YuX^!!PGWVwOud!a5|>R1^e!?1mT_u#fFH(&kit>ZknUp^HvclIP++&^`#I`F+`o7U&c zg-%OvyFKnkcusR??1Rebg})1bxnVzZT8%11nsw4TxLT9x+an-c>DJkxiD@8+e~8;c zY@3G5$p#`*L`3cW@G4U9`Jsok*rU4%1-o@F^5n9#!3T9y+#%!MVAEUJPT({@cE&VQ z84#ZT6bUfn0vOo|4VnH`q0JX8u;stc9bgrh$B0*eRy&A>a4u>fA2jJgFc0TCl00oI zi(eZnUg6x8!)=MgI+xOV%Qz)D`NDGN1+TR_LArN(lqtH$v&AEt=f9KuUfZ!2TXubK z&p}Gz*I9~og|36eWMwvj#-*TNO(w5iDFxd)-798XOV#-kTry74M@gaM$uX=EWVRL- z2BZz*M0?vuBGnhVgZRoiS#hoX!arY{-NCV?Ps*OIsE8pRS)hvo){l$}SBS+C=Xaw~ zX0~9;a{1+vo7s~OpJ^7O9@;&ejobVYD7sAu;v1|>V}yPlw;_?w>+Y>hE{x??DqF`+ zOcbRB1S7o}CEOs(8lL3)zQE`)eO?rKv??%xwx57N>q~=(F3I`hJF5+tRcqnAfxhxn zA7vMZ#&?Ba2|i~Yu1WHLNho&IiZCd>%3^#^j_)I&)GHKQVrk2Grp}gOZ7hRdwsNB3 zo;HDfU0RLc-&FIi3zx`MOlZ81p{%srsWXHpais2B8xPs+>v~;BxINJZC`*-H^OJM= zJ~lN^34iPEZdk@k&IND1w!HjUi2Ser03>zX5e9^sxKSf-3MJMhi{i=*dSIa8)jioB z)`zPo$^K9wfrsEngm?>uE1kjmozazvZB{4^OagPbA*ZyUGEo<&B2;N z{DN+I%3|uBg9D~yc}~`dJ|7U?XtZE>XWEh(c6fIXES-;WM6F5?b)H)#%+bmdLewL( z5fUM5;MA0xDb9X_6U2ria+xJT>h1fIDY{-Q^Dx$d*ifr#hQ~y#rZApDx&wO$-s1J+ zz@Y7F8@l}Rf5?d{XxY4H+U0Hd_^2*Vi&m;|`(6hRL(!pSef`DBehYSOjesAYga}Xu zp67ZT8W96Eup=86G^phOBfm;%?e7qVmK0@yY=LKFQ+RHiYU;}$?B>=HmQ)Ao$z4x9 z$(nPTV6C5ZR7H&|k+(?aa=RTY>CKiD%z|Mc>gAyDIt{G@BGc74mz6q}Z#}8RmRsGz z8L;3F7(O=E(_KMSUap)-TfU})cUizrWIn5m*^ig=o!ws_m@os-FA3>HtZBiX?{EhL0qVZ|_T*WK(XQv) z@|K-nWB zO$Oy>_q~=sOtkWXK^AHbx-2n4v&%+O z#%tLBR8<%8A3Qe@;y$(>nPmR8wjXsP-z%jqO;+6eF1(oc-#NVHDQRZ*?mBFO>xW4W zC!K`R0A*Io*DOB`MpH8|moqDjUm%E`k?{@!lZ&JfqEcWLlOItgKy6oK-+gWy(^2K?;^fx=s_6(~civ!h4cH=50GKR`va+i*1#N(;_N_tA})_CZI zD?NvV^*G|Flq^MU+2*^UumK+#-e zkld3sg3C26!$fm(W0yo!eNA$ZkGtcxDftT3H@>ZRxOx;p^*G_=!h$EgmLI6Sd0; zY7%dwIYbKTXgck&lAC%#g;}xPh@~zC6})GXo+tMoc!0^>MRnsA}m9Bvjih8|+Bd{ve+FfJ`@2ogF1|vF#mJbDS?nE^NtzJ@vnO zm9jZO)-fEi5L=-`gE{04;)u4kwgfG@_}6{U1`&_c8(SS~8vi9&zQZ)^wi;~#DeNo0 zeJXS;Q9m)abd~`{+k$pH?I-`S-YMqsf&Fo@ zNES`<`eU(FA>jy3d@Gj8(xrc6eTBVA{}cTA-oR#e+g(=}s|m@@u@8T}!yVr&0duL_ zkq=^j9)W!6i|PPXi4zAi;kkY5#dgyDY@dR5-jTuY53=vaYxeE)QN_&rxzLVnX2Min zzQPmYWrEYVNDm7QUa&Da5AU=5Tk<2Us}HZl?~Wud+91a6aIq}7(#Wn_q?lt%zv8b- zP9&K8qto3zOF~GdUJ*4LzR8vrxAp!T+leapYln`?^6HwgN%c>jsnkZ)T=#=?jww&xG9|bZ09Dn=5JFK6c~mo^zu{_8d6fW~3HqA` z_+5-VMC4^IUJIZpAJd8XiMfS#puMZhcSh5iF|8hp+#!WFs=6AZnU6H4<_&Ki+f?%i z?(TX}C;#UGC89fUqG0fiLkIAMbNmY03?bPS;Xe;evTwtx7X@Y#EnBO7V@6*~uQZ_w* z>EPSre<@}!!vDs|eh+W@#cgL-`#ueNwwOL&UlySr?W@12`ZzvE?KIeCPCzSw4zEbJ$ zX@N(KVpdP2fN7x_>yj5kZoI&(sK7vC;;1HgS0nroQO!2uoBV=v(`jKFiL=^Xn-PrLSPueze8Dn04 zIK{pFDmK=1@o1o4bt&+w3VDOIv|W^kB4nk0p4E*b02*m3IsbGv?g4y?y-7hIUYdDD zuPiB>zRa2tzj^{%J<x03$fTs5XP0;a4FJ9%9YSelZN{QuI4npuF(mZ|>+H?AAUT@RNw# zv5YN7H-BYEt1e{K=k)buvBA$ZaWE;z{rx$Y&3VqmHW;*$U=z(_xhLP?y5lIQTVqsM zoehK$|Ch{KV`=(_X1S;MzccV)JO2s6i@o)VB_>7F_QKYjUjIXY|F1YN|1{P=Z^r+T zioI$(-^T)#9GhKUI!&>~f37~DWBy8lfrZg$Ve^=8s;=%cw9>b(Tz_`vV(MJi3F=TM zUut4kUaq34Dd(bi{>Yz=1Q(Bu8Gkytzx5!sA2fKwMnl5gfVF=U05S*L9%s01WB^Vw zHXm-`0Pz?$$R8HWP&P=MFrUyDrMUlV_=ku|)Q-yV)w$N3&=-g550Oo)Q1OJ+!O_bP z?LODsf2LtCqZXb)+dsY(8Xa0*3!I?kJ11?Ikl8*GK1T^yIu`{_U_ya<^Rm!>!MF=l zuES{SLh=WO?Ul>>JDt-vn^wUHKyn5(W|8`5HJ^*wAmfwP*N?k4l=@@a zs12;Vgny1E4>QEYoq9mfJuG-iNJ;i1wyJ4h4qjbNvPiwhyP}Hk)jhutKj_Z|SCyuQ zk85$45D-Kg3fAeqwYJYIZwhaUew?;j%0)If$h}KL|B#pcGc9UDHGxh-uynp*xi#c+ z_0MAG-&XpGu7ykOEQ1H~SoFL=sI*u_M|%M&<7Oxxh58(-{Wh;HD!iwnA3j2z#Yt9a zI{&UZ8TY5l%uYdcep3}@jYnu&hY2?ifsUT;*q>Qh-H%rjRa3P9N9|`msJ6qdU@AjO zTUZnx3sNM@u(G%}s~-}_X8K$w2LBx1Mju2P^ zcC$E!Zmp%7-)C8<($^#u_7zpRpvKYmJg5UCtSMvdV$s4$S(HIA0`E`4NwOk*>FlCD zHZE=Wo1bX-`LzYXF>U___wsz#oXZ(?Uv)j8-TYG%+>IEqz4;S z4DyP+wb5VfIJ3dAiU)`2!;&zRqBW@UXo9Y>NP%uT%P+09^@)&#hxexBNP51l9$U9| z^IeQR*U6IcNv8%E#R^-x_s#O+@$D3GSL5W%2`9^qG>22&zkJv0y`w&I zNw55Ny8MpPdC-RN|C>xZ0*s5@vC?D0-AWyQ&1z`(4y0l2;@3lB?6K?4^={v*se$pUXGJ>NQQrF3lpsgFJRtuE30i*;a9Xc8FeGBG-tWJo!?rg7IB4N>nNPkSA{Y#I%k1A?*2a|4lT{(*sM<7>%2 zOUqWspHOi3JSMVB@N*g_zGHK$aVr#1xajxQT&gj?!mW20U0^GmlgXtupsuKaR03g3 z4FD-(21`KLk%5J5bnMfTq2KlB$pn$9BqLD&!<^PofnzxSaUViFs%Oj)D@UEkX-@LD zk|GuR)s?U(H7cL%8hO4p(s-Z`%gGy5LYD{YG_ZLHbJXHJD@}SJF$53L2T|)3ccfr8 zi#`{TW_-n18Eu<&g&6TZjNL4%g*|2ha{Dh6Vfr*St{B+iJv~V^lEzQ}3+{-{%`~`9 zjDX8^+CMHO9)jjyZMaZZa6ovHgal+1%{(}w{j18%NP-3oRBb)6 zdG_zI@i9SoVC8!10D3w>_taFk-Igv+Up%9RNINRNoVFICKSjFqrLSs|ct1LR&)PWG z>lt-H?XahW+~B2ErChZ$0I_wY5v{Mr(l^UB&1yuj@y*}He zIYomRh3h_XGnoe@NiWDZaZQV?Alg<{d zf;9b5!DSL9=>6$B;`I>!{yA$rVdkV{&lLC}e6OdqShtm&t|!`efUfIja^vSA?+0vm ze8<%Std^Fw2)lCryg~OyerGz&=T8V6dQQ~FB#`axYdW;@vg1ak%AZGoQiLD(#5DsQ z+`l{*XzN?JW_Ix)cHa5T?@AkjGFE;Nh`bOvT&vvQsDSQoaDbaa^Z{uo70}{aFDVgK zsT}C3jp!h*e5y@?2hn?bu9d34=K#yr(KPe8txTPd`-M$^Nc;Mj^|3HzVq=C=y*o~m*A|^y06gsHwC;^o1O~|1Z1LDS7a|J z_;k)5fnWX+ck#D$)#}r+QtrYL4e5yK%ttNwPj7Vm5ZxgV2qLfcCr->G^Cq|RY7SPM zT=@v~iBA|N@pa{mf|u#NRO>9M*S(9 z1lC)|8&4}V0+VxQ%rF81U36xxxkg^Bk3J)Ko{RMad(=2>AWRGMN}OZVJ473{!$i~T zTC`n7LcgZsgup9NJhk4b>Eqp%W26tL86O%gicSHV?^F{3$bI=v?#h4-PnO;dZJxzw zZ3z?QxE%M$Hp8<8k1n@(Ybgt3GqO}WzhGv+W;p#z?!2TyDWMWEJ@C#6)a!^&zO^8`02Y zC8@nOWHo}n9Evg|_Y@~xS?{oh3jWgCb@tp}c2?%b?w%}?!W{c0AtY(h#UUKLJisa} z-W5;1Dg*I-x^2iIZ%T1PfcL%9nNFTH7CD38S81)t$hi|)5?Ge-bVa|sYkErEa>p!s zGtt5W@AuzM$Z*P)$cYbt)a;lf$!dkTvA-?yu9xQ}{EtmBs5QzWHVkP`Nl+*RoSYbu zKH*yM=D|)kr+#i|d8EgkQ{kJtbK2pHRJtgaSJ$?e(}S_?&%E4GhxZ+p(%;d zMZfOcP07jkXB5!?f#try!~ukBq}oE}(`6otwp@t3zWH7P19RbQ_s`{j`Pji2%*FuL zka-zf!_vMN$KIcJpJ8n9^_Wy8$GGiSb0HD06baaP&HO7ny1os^1mRVYqwaBL!wWZD z!I`dKv%drFb#V+HjGhGc=$-pzKsKjc_~=YoQWys88;noMD(TYn)%t1D3Jx_a(3X0jGepmY10{pMap1k1oCnv#5!;lPgm^lZ?fm8h@_I^ z&O3q}qstJ*`u0bhN*Gct93B9lZz)8Jp-X7TP%l_f9>EEndJBc>(PRQ0%V(s((q zZ*bx9a-sR(R2lOHftKs1WAiNW6o#dlh^Z(S$uII@kJs8xNNKtq;{RI8c0)1(EOUw% z`i-IL&T5I9T~PJ7+1>sCYl>H5ZEALH8Fl6oi|jZgK}L!zLCgDlZx1L^`{q)kZ|b~iES4pc9uCca2qy%Ffc>*rZg8WdD{J5tFVK%G zrbRY8d4;#sMq??vnP4Xg8O4n*0cK`LW);fdKcj-u7sbL)Ol~!Z)1AkEX`0MMPHsrw z?qPooezLlclFjIo=&{#prl+9BDX17miio*5$Vl$$jdXf9V~r`8BupXb#HhS(J6I1- z##Je1o``$Y;yUPHROnH(`*$X+C*)2Y~sV-*AtV6ea^AsGZFHc>50_-5eVL$I5OG!`GycgXMWY!0Y6r3k-!|H z?iEHs9I-^2IvA(zvp2j{4a+$iSO91Rm1P7m^K02tVxsrDoMEBAvbs+;tM&@&QV0km z;WRP;s`%I`|F*vUkTQSkUNoeNI>YD%#50**`UUW2cmoHb)?Do(fUv603|pwZTRe(Y z=gvCLkh9~W5MwlKx|k)^IK1XZA!-zU5y7zRA`#VTPzE=d;Jz7+o3!XDNCR#OsJk<0 zhCB53^d1`DyZO0n+V0;^W16f2x9r4(HB&<2KYT=0))CLg5cemn}RRT8p zOfuM<4ncdJYv*%tS${R9dl)XB;nyUV|D0yB`$wY2e0{wUe6QOKs97j)njy)i zNmU;1Mr6GrL*g-HEAsv)*X0!I0??`GshoFWn)HapmKpH({>v_8*?U_j)?E4}HV2@X z_YDVNGd>HsX@i(kw{+oRvz=SCd!g z{&a-SJQvHy2+BR4yX=#u5BOnMhm9sPFzF4lfeUCE3uJQc~xj+MIvKBE@HcaX(X zXp_4~-S8Zq5m_t~c%^X<+K^Jf3UE1Fhiz*sKwWZIaQ*z}n43bq<`6?4k=$05#JE!_)uTOAq~GUb(%}+uVCzDkX&%kcU_(% z!c2C49X@`)Sgf0-@F7M2baN~Ks}<>X;cpEywb>tWTU#^@;HOa6ke4~6Fm~N zQ1Y(fFb+wfG$vxcXM*ntbP}@(jC97@hW{fD_2K%YE*nf<#tZv%~=q+{!bD=#2IfoO@I-W$hHuP zQ?4>V&dWiHP&G%**z|~2ObD<|+mW;4%pkHtN-m@F`e_Aom3y80v&P$3p8$S40Ow-@ zHla^1YI5cT6B0*D36{={|1RbK`L1J!8;;vMA{$fK$rMFc?j16c)*Mzb*%;>gHh*C> zTwSNE2>fg)`k3r&fRUqgOU|U`tMmv{KwvGkEv-wmsa%;k)AGB=EcjVP^@84^zOOVH zSE+bkJJ{y<2#0pb!7ya3RyT`f87URbWku2sDavj(SWM&|X>yz5MMbl@IQD*Y!Wj zSlzu&SNBj6t83;o)70Asd9%X7Mw|XIA^4HRW7G42G=y1ZpsiZvA=Vd7zSlpv>%4t# zmY5!7AWbq+gv2i^CYJYJ9wo1e2H!~h0N%L7hR`dG>-T_R_@$MVPRC=aR_Nyun(Yz` zXb)GK5O^)kyctpLtazP%Ebhz}(k>{H1&A}K|3G<#v&dBXjvlASImWOb#j_&rx1_3^ zR#r5mAhY3@yqgrF4mwees}LqE1Z^leQG-nqLwy_k3(e5LPp|v9X7u z)6K^NJO;elBeRWp%)I4LTsysTR>2uRW`?LNvm6@ged)W*(Q(5_@rHb9J}OkAM5!dzu*^6k!Wuy`T)J- z{$jvUU?NqOIS(@&!Mu2gvjX>7cICVs65>n>lT*xBSR4z}+|%2oRo)MK|6y}#sUS*@ z@1RFXpEKW%$?Gc(GC^x#OpT1ks=;-w^ZDHAR>-FxS0nDvVVTzx;1kW?uo^ojp_sDs zdM7T3xs;%w;O%8Ecq53)tf5(K%t4gwjurIjKn%8YF!I1~5iYc&kQo}Sb95?ufkwx| z^RmtTCxyNg=i*!8;LvA2-=el}w~vL92$&Y@44FWw92LbzB`5>n#yH{!jO&SKZ5v>Q zPZ_Af8;zl+OpzAjt8Mr~{_fDKJNq_|?fO7sLsOI4!lN7=Z&K0{SwTUkU?t^=_p2%0 z{2P_6$q#<}@(j>JKZ}(>mtBGEI`QzldAUQcf7ZbpPo|3==C4vFfco1)6uj_Q|u zx-_qREo8D2>DA7+gc+ZrReBH{cxq5D+;Vfp; zGthydK{ET7$h0OoVuamsX@lq>wUpH7$k~Jj=#I-cC$;F=m=mphxr_Y4x@78kBr)AK zim|IiXZCM=yKGanp~5wdZeuo?$BZpQetmtiO9Tc^CY|Gqi^R=~0(Vd8gH7gY@+(5V g?VXG1$5{6Q2Ds69{KEKjkI)MuuO?R^^ETi=0H-EpsQ>@~ literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-software-flyout.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-software-flyout.png new file mode 100644 index 0000000000000000000000000000000000000000..941dd99ba84449997b62f46bba728eaf5a9c9161 GIT binary patch literal 67565 zcmd421yEeUw>~(8Ai)X29TME#CBfZ-JHcgehe;r~1$PMU?(S~E-Q8ty8Fu)+{nu7) zZEe-7-B-I)HFaxx?(II^eY*SmzH@Gfl7b{E5&;qb06>+N5>o*H-mwAzuoj5$&=S_< z77+CE!Cp$s2>`(P^7e(1R{4AZEktmZmKR6ZL59ObCH*WPd;kED0i?x5)!frgRzcos zv+2SR+}S)8TjhQ(CG~nN3uN2$!1uVz((Q&H4X2TIrf*Hanpg!QwdKngUA|A969o7u zdiSm)QGfKFdNBClo8xScF;4bisW7>dSDU{G6P5jA`k}po=cj;C5|&p7e%Xfb-Ho@o zoqcAPW@^od3PK+mO?R3QyjyWvze{6x%K!W^$)J{sSpO=H;qd}Q=TX*RataDZm@hw*?C z`13IBA@Fp6XTP;YnqH8;^Ko2g)ep-FLST>qMkcCEJ2@u$k9{SxUTaZ`>o+bdm<=C( z>;U$ji46u4g1%UP-_NN~&~gqCGj<%8oQh_`l|y%1ac5436#fccRck zg9(~pb%ZDiCbZg*`)_7N)Bk7UC^U@U{70<3_iccJbwmF5d;a4Nj$hzeq5tj3{HMaf z`2X1a|ILH=Wt%K>`^;jZkgq34nFph~j9ZBFQl|QUIM+b3@{1?Aa7=&+Y|Ji#ACt2|eem;NkqMi)lROcIcU6~42bzRUi-%-Du zqpmc7xP8W}M&&qJW~q6^?2GNPdst_*sJ0zor?$2&lh(1s|BZKMWQ@UWc@Ag7N!0(y zcDfKFAIbHD$S;Yf+e^o}LM-EuO?a}$sB{9o5I0NzQ_GdCGEgsD%dkz+pwH}n7o<^6 zA7n026OXCCvnS_FV)1oB-+ad`&Is3NweP*XVx^?BdG`^^(5HcP8G8qtkYWWvB%|$5Ec1>oN>ZD5ZGFJ zF6iYrTvgEEo$VAoN@oyQ*j(+AV+$)OX1CK5xF%#{Uwufk#4=GVaa~IAyrt3Zmt&2CRw`3R?j2$F&}zun22GAWp}H!gnoU**lqJu5Dq7TKBX07s z+MwwzL?HGs7lsTPS!}af?+*%jj#j!7cj#B;YZ24(N)*yVcLXPGh6Pl~6{AecaC*?+~^_HU`=^VX(#NYk> zt8s2CY$|41sc&d4D*`8SEw*hwHy9NiNrtk?&qChe^sL^3t>u=Nlrw5(nkOGxAu>wm zMi4r+$5>$_5Hkz^!0@G6vpgpdA>xL%XpNvDdc;v)%FFUqd-onfKgRX>shX&_ck(7& zAn=G;R9PQ0G+qY7YT}@`(xT_=o&U1grQG;oLm@LlF%Eu+~6%6{)V~of%#Ud?=1)vl7XBW0hmbn;-5Ebl zX_qWGYdO1mV}J6zWPJ@=suBIEh{tL*j|tt?$szjhL1N)9di)w9yD<#cU-+zWb5o-( z)5t$n+6iMww=EGT2b$xb|JO#cg#5TvkBwLIm#uvIM2(OB^1U)3icc)6! z=Wg^rxCqp9%?>#uhj}9NN+th}bxj|%!=QBTc}T?Wf<<@Srv=vk{nn-=NCQ0irkFaX z>MtTi>`z~O`b`liWxep6>QLH%F4%VUN9tAKw3jARwc%XiMI9Wgy0{XQu_i>MI^a=< zbRt`)sH%K2g}Qh>3|ApVBOJs^= z${tTA?rzp(=Bfo$rUkp`_Y#OqzDCC}WyR-nU|AkxP%DIP<}t@qOLuZCFQh1;t#v$+ z%GbnNKs0OB6zakpidJ_Pmyc&WJ+7=+(cZ4DaG-jWquCHZSi=Os8kR4GE#hJJdOBvH z^;VrmN=CrOFXkWercsXSAgm(aUGHxCiY-&kL1a761bE!|R^}$7C0TDMJ2h5A`1Ea6 ziYxT-hqfde=MdM}W0w64Bor)jJ&>-T*AR1*mZzRO%d1DMab^@iqmR;?CSkZ$w|U?` zFqa>S)jaz^-)y^$IR9R*K^dGgvzq33!n&hMyDnHF#MjIhBd&#NTpJ<^eUO1T11KH; z*#7Xj*f|6@Xkmnm<99U7XH>C!?roAL%um!k$#%zTpcWjL<3Jk$8iT~G#(++-G@8I^ z*sA~;8{_U1p7)NzLRq8d=Rv2 zcK(arPIOClm{A|_SJo}#ea82Q!0nGfKW#`~GcJFLv#j+#!)$C@#T<)z2IVzF%3SK# zneT&^M}9QB{Wf}b&3uORHKxo{RJ17w*vUowdrw@p)W4nLt)`9&^Q>?Kdn`WMEm%PU z)^emqbKx-UzIyGfwJXn3hw;U%q4LK{Ohb->Y`p7C(lQgX>UB$;v>~-wxgS5}U5X<* zsMwg+Km>G1fPqVDdU}J)G_%SM`cWWuE@Z*+*c_4weH`jrBt>~+xIudHFWR~NG&7MF zWx()=$-fxH4TkdViwurMth1-)`gZ*}{r8JWkH8MMddQeo(*>+bpOE0s#?8Xm`U!xZ zTV2+c%oZL`*|QG8yFx`7@pj8YCd17=6cG?w__}9|*E)r4q|;JBkTs^7djP|86CfVd|$i16~f98&sB5$C04`T&kcH1%iCj zbDC|IgclniIiQN0T-9a3Pnw@qr>(syAW5wn zLj?b@nIa-k%n}5x0 z-6@s~g?^3Y2vs@ffd8_|GrLgcJtd@TE9?o%j4#G5UjU5fNSzY`Ef>vY@{c0NNSycS za$R|)6#I&jX5!^AywqUHQ?vA*2qh(sV({ntxu0{F6Rhbn11XeGxd^6lYIE+iz{VeO;rl@S65HtUI!B+ z5*^w&G79jJX5M^XngJHzbygB=o>OY0OPr>WOh=N&}yzT0#GhEGuYlj-8s0IaG z#1d1%+nv%_z@VOmU7Aqb2~qANbgO+4ZU@fYUab%gXL3wxo)n+dZ$#Z#;ME_T9%@Oc zA3xObkeri*C(Dg~>R{!f+Y)oDT0z-o5hpOAdt&vLWnp(22xO5I6V&KGmOMjBVy|;h$J=Q+njb&c10P8ZM~1oU00=idme5gYlwcsdbczjj_ca~& zGZS1*E3bRZpfY#)+;+^jrkzs~)(kXx7xIrpg^s;(~oa0zO`V*0F zAK&3|e{+^V?E2NLT@nIOW{It-xSMl-s#D!%8?x4K8@+IDYgVJ z@}niWad8FSTfF{7`czeKTU7?xf`O!lNqZZd2kBIF!k8mj?Azoya{9xBwilO#$k7>M z>wapPnxE4e)&lFveB3w;d!ztMZ)+>HnX5R6mJl&kbRv8KjlGM;ThbZVvG_8Mi zK}idDJ856Jck11fo7G4Nw-^-IrNrfpQ0iR#Q1R4YttxeX)f<9IZugaboh1{nsd})- zJ4W4&)ul$AajcV`r#KDKj?4%?u!;*H>-Wz#U7Ff_%4At7(xwc$;(Jwtb;Ki@vJIAm5O)TQM076JC+aP8)At3%EvXRHqgo@Zz2a1B*> zqb6Ga=Ev=eObW}wJ{}GefeP*9Mbx`b+;@k#cB9CMqB+yFBe=yi}0L}yyoZ< zrLz1USRy%gOtAktb0nc+;qS!dthn+_hOH1C8fgF32;S<`mjCGWfs&OmINtM#Ksh6p z0=?VbVwdk05_q~xn~nX8G~ejf^IA-B+ZnzJ1`^c;+B z2H(NeYRo!6xgl{o*xv7IR{l%+6Q@|R>1W1xQM^tE2iTHV=2h5kCA~2#BFXeNIYqbR zJ`<55jImfoF%n@4F?aY-JN}NAr}C&PnCpFQs$I<{4-_@@;?n@b0cy@n3uB*pfUQt=`{i zEkdiy(q@fgBc;Rr-5Eg&0o$-|xH3_{|H)<%6|nIxo+tX}D)DDyP%~N!!qa&W0z?#e zxk{@)Y`rmOTc@cp_gC$n%82{1auGzrI4DN1$-wzU2ma$NTiZmfZNHGg@dHb+Q5+Bn0>9BRS9vy2Dq#)OdFnDDRdI(6b0{OdZK6uWh7z3}vEz*@HRd zS`)6^fLE2FN%OgX~EAQLCsCj`ok~rg*pe$*bSEPXOisfOp70xE z3>?I)0j{5{*U!PfR+A23nX3whTiwEfgV`8MIu=UgMNTF5*{QzKc2B=R+7t(4^>46P z2gXb9#K>=(3!88}&BMQu8Y}v{5-t7H;x|(Tf z5regLen`{%K)RJic-g_xUe82gzTfqSPg*DSH)BE_%V*R3i9>tkYMySLx(_`NLw--W zpg*Nlx~b1-$|=2k=_@%k_FT%4CIo@pVS?!7m@N!p)zZQHOzfR=M4cHkST_b z(|)aTeE0QNZb-*uAjdus@z63BbR$|YN0}w>ivw=7X86V!81m1{W)C&QMUj91aXnJn zdM!StoFz&|mOJudZ3k$HiK*>U(p2n&`5%0%(O30-R4CDAQR|ap{Ul9r2xo8ln_Q@aa46aLssC_ga zOij>-Nf*Nv9*)PK=9xI&+d{<&>zdflj!HO~Pyn18C8h0Yl$t`zw&m zk7?)puOzltuv$pDVgudfI{a)|5x$+APOdJXw$UrJ^XXeYi*lQs?P-EwTB;XW#Nt#V z1-qGNLsj5p@}IcUm}}O-m$TYFK5a;|uItU!rrPQ{)O0M%J9& zp{`YJBtsD`CFe{91qi`Y@w*vsYI*j_f3)}iDeZLLjB-+S{SikW3I6gdPj*qtw_BIp zmOuy_#Tdff&N`_D)x?{R zVDUDFg}9(5b8n`-S?-uuIvP?1z8ps$Y}uB02?IK3zvh2@rVD!-eHoLt&`HfBhDyYf zjf8h(dm4S*hko(P3i_Ql>l6BbH)y1hA405P<%{2dV%vAAH;gP#Bm4PcSL~fZ`@dgN zBg@`dHQzj6eqj9!s=W4Vm8bZ{>@4&n<=U1y-j<2XEkXJ*1X;6LRK`F?Ve%=~&J#hmYx|G@&nkbm<+ zzrPP1_omMG?^*keJ};KzF|BGc+yrYD_a7JFY~Z+%$YD921DM(h*N?`sxG#Q9(15i` zx=RC8CPoH?*^ohae6(#V&syFht9Kp7KlaR(Ze&oD(?MF`oZ`R!tk2M?)EFGDh80d>`!X$UwrWd_ z)%YNs&-2Kb%xvC12=zxA`RBg1y~InXvotM?koHhQeG&7vH~gK~8}z0k`OjrAzWQS? z)YY}QV$wgA@0h&Z6kGb9H4_QGVlefEb2@)hwQEDn+#mYLpFG~T5QW%c|9`Ike+X4T zm*xLZR3*=P0%B&E4HkiRIIjMGksfGsGPprdLIb5P|1U*onz^=V+i!Ke9VV9Dw;y*J zj5}mIpCGhD6$akSXf~-~6F&slop&39Nza~vHa_M^W{Ux9AeoKbV>^-c{*KO3hY>`)Xl|*UFi+>|4n2`!ILe!OM2#)>V<$S-+Ag{O6 z{&^MC;hrPfy7&EQ=@0*Mj`@vful?-`VT+m}>yAELoqon|JFcKd!L>$jRJ&HRV3z@< z7htDBMLRx1yE9g~s^9Ji?gc4v#dg@bCoHI?Ka6?Q`13aoEqfkIB5^{TY%&lz5xwa3Pv`;jAR(733KIRuan{Lz$EhcQk ze4KVvUJwfvM^lU(c-RLfBqXRDiS*sb02+v~@)3C*ADT^S={N251$(uETVxNOW?%6j zEx(a1^KpP>lk<5)Q^9+2CW=7HVJ8(E^Fm3eGE&3O+-$#Fm4SsA9^`AY^DzR%W+nV+?wxc zgJr=1dcDa6UDMw6xmed6ODL6>UiN6y1=Cs*Sn~OLz`Sy!#_6(27~$v0!PD+}bVqlk z?RciivEOU=8m@0t8S;86->Ha{rv-U-sr`3FxmHdZIF>+(E{)|#KAW!Cmw(w_m$ZZb zR4H$FN`dj2nDRme?TMd5^~@B{-oj+u(k&orq~Ut9kBff056G8yubTdTb&Nls@5;@4 zG?{OQp;rC6|2@^ADg^J)VGPM$h&S-JKUP>h&L6N8hzShPTqh83>~E$1I)7|>!25B1 zd6pR^pz~i(^khag_`YE8wZF-rPpSIFv%ZO{*Df0b#NP{gvui24#~ACXnY!pj6c9%??B z*C6~3fJDT_hPH1V)Ms3 z@G?bKl2nf}+HxNhd*4mjA@>O=3z>KV>9c`+rVo2N3gqr@dQ}ZZWKT|N-0v>tKR&b= zNPQj`j4#wmqJGi2*B#rOzgfng=I}jRQ4L86Fpw2+8MhSDmpajnlYLDf7}D4rWdhr(S1VHBEX^Iv5TN_5K2bq;x%x)5W&X6F=gvd5>JIe<^~T-pd;g z8WmTNLQz1v8O7{%3vAZ( zKhjIl6F>0u3j7cN1+tBWX7#F1reIO4ZPSQ9KcFFFOu`#)fvFr4@jI4 ze!2^(SW!*3@Mh)rARqdC@2bKFrJ$yeNb^YCU|P_3qs%3pZPABjx|#FSuioF8GEm;R z*e-dAk04EYaG{N|c{3Ft_CXkfQDOc?OnUy|N1rmks)Y%1KgL=hMa-gBTrT(4!$!&o zGybMueD(tx7<0)veBc?@fYF-(^o{&fcsTzx{hg)=?q|fpU+>Rvb)o4k&U~kN3ehGt z*S{hQ5yqS8&jP0)^>01#_@ZZ10_S(=|e6dN*cYUf#n8{#u+6{`K<9YceMRNJ~d~ ziYNAoShR$VqnZ!hbqD-!1;GWKcefCYA#S3~8zqXS$4n^h{m=Ydz8E{cpB2XJ&!(rr zbB~64;DMNq#f!%l`SLNjl#mXui#zviH(;t9&MTlDGHdOS6Z_*U%%|UR!o`&pZj{~^ zM&D|1;ShQ{5Alvj77@{Z9ymQ-U6j%V4cvOZlhC*wU!t$lyI?GOcZ)`bmU%{3uV_wj zr4cvVtX%0x->!Wx^hpj^Kdt>eh_Ds2Lh+TOms!ELvXEds2_oF+A-V?^B}g0#sVYyq ztYN)xtARoJ+`&ta>q`!efCd!euA`&83yUC)@rzHoG?nVn=;NGwLT~w?Ho6i_BZ&d=^dlB6= z(BE0&_z0y+y}p-lpz<6?Dckp6AZL7o>sJ^zVV9wcH4bkty+_L2Bi@ts5WhNdF%8=| zLd_C3x!5xactF4f8f?+9(hnb!lg|h*HEjXGMZYw!ypp95c$+R#^n&n5GNHmRxupfR zh^bSicMnm7+vWI$jytuvr=ybNCZ~nzdcs0IY~PSW+r@TN!Lx+;XG$$SXpW54-4|H_)SSBL&^K zs~hDkRj!F9I66b*Sl)|k>%cRgaLom$VK56uY%hM8TWQyF&~RZfAa5tHwF-ULQK`yW zf%FUpBLv^?{i?4jG@7=%P^e-hQu|vx_ zNed;z%fUXs0xYah4JYV2n^C3-P3Pr_aHbYabpi>Vz=qVk2c+RHJuSVkWa)+sW6psH z7)~4^J`4|Fqi;Y`E*dbCgx)$N7$nU1dtr*O(r%pdu|WV72~3@>l7s3gzWUg7{-VEe z={*`erD~cp;w!Q5|75m~US&F#Qt#gh6FKyxJ+77KmB1c{A{@mYYgA{ZZ-T9|)5^ zgI;}A@Wl?_O2ByVckM%B^Uru6sW9M`qdtDxmE!(%YAJ>EsqVT(8KfjD>}ijjd*ZHC zivlGP;}ua)R^Kk*{Snd4^UK|F5&>O*hvw@~hm|HC1s2Zmq1#gxsLZ$9M70p5VOfTbbLTjD=d#z%gO~$thLMO-4iPsa2=(ew~PlQgt%&XllL5wEt~P@(m2|<)DJrEv+W`_24`^6^p;&D`R(^5B zDSU3HLCW+qTJnDGqP~`N^0@mxbB~KZRofe1h@Sj(I;W80DF_ixZ=WaQ$-siF8OaMz5yB}QcO*gVk3*($c3Za$zOM%ax^6Ew zCPyaZ)vk=K0i@ysWe(5Bm-7yHs+9MS>#exL_{Y8aP?2X8f%V*j+0I)y)33sL5{lO- zeYYh}sHhxE4oST2>JTz@7+)TeZRAhBWQPwv+e0(uFeiDEu5;Soc%a$;QwF5xb;}Kl zm5u;qRoS%;r*E7#MQzO+EHAn2z!L%`S^u3BIZInxxX$$uC?m|4?mu%gjsw6$V@_{L zc)#&F0soa%2ltkpxcQ%Uel(r{pnvL3{@-=ta4BT`?XKu#2*h{!Zt=eztorZg{gsbN zWQQ2s{h-u>js}6bs*pO%q*i6`e?+kV*&IO*X}_cqo^|4`Wvp~mXyc9%Lzum3z@F5x zby zXiYz2wSX=5_6nQVU^wfH2otvRO$dTE9(sL~xr;IY`ogNrW8)%t zi0~_Ke-vp<1Lnj!{)zfgA?1`g?sv@-U}ii6I-VpO|bJ(bZzVh0*>_0 z9*Wx+QjF>ogEn?U{m(7-#>A&AaE7y9Q|uas)E6*uh;^f{QvMd!%E|+;dh0155=LBfR6C+>*+71 z!y;Kw*KkyO^C|f<{TEROz_C5=K2#e(snY2BT=8y|m(^>E z^sO;=74-CSBIumLWR32e+C)uqfF5ll_J?nQoQ#Y>MyvNUx4KC)ih6nq%1mEZF$^?3 zV@CCBN_#NYxr_V@&<;HdM?Dd<5eV$>@5y6*Qg+2l2T*wgC`cN}Pr+Z)u}8*hN72bc z*%$PxP@kT@X(~_t?CFqlXqRYKDw)|v%4%Re6u<-9=#yM-qiR1kKjO|tPG0l$T7Q)i zw$jf(OlUD(Hghe7x>ui@K`+FR6USCK5Oz8KsE8d*;jGL{2nW>$FZLS63R2dcr7uEt6LiwhW@DP)1Q z-&pLq^SB=r@g`ws-A@|PQDtK@2eT3C$z5O3(lq(>nkz~0V%C!0{6~DMBmRY<4QuUG zMxQzRX}_jY!FxE>;ODR*dbZm{fFh4XSxe72tFtkJ0#O>%ZpSH#`nn+QB&;ytEH+Bk zPJnP2WdJ#8=evxP?L-fc!v&KRcQxroWd%;jX*KIBQySvCx_$M*-5aAP6P(_t*UsCa z`I=fB>I9kB1Un2WL3_!1D6064(4T50|_b3nT+6TqvpEG0x2L4Qi+D7UcKFR`A zLSIIfg#s(2T*R70ZJLoQi+hTjX!M&<(+kf0fI_(l!OI$*u-mR?`eH8|=_(JA&RMrl zdci=D46Z>UrSttdwRPSS?7o*zg{a6R|=kfv@ifEtXe# z$m!Yh9;5mC&0eZxAkc|ac&{h(%nAavF z&AWg8gKj~UXNFiLz0jQq;-AY$EO?g-aYvg^pCAZo$0vA zU7m4*ePNXnv{s1@2qvA6xm#s4$ZQPmS&pJ;zGl)i$ikU7S9wC>uvvn!5k@+v;uVbb z-uN^+^4zNB!ysb*&%F&2EL;>BK-rt6hVyE(2vh( z{k_dOQ4(hcUX|$)!tJ9s5Ibp|ezq9+0U9NUVkW&m`*sUf+;M8S4Hnl|7b;yH-NXG` z4Wbc8Ie5m~p48ufVBExfD(zwPOth%~TNJD{DBgoL{ z$H<86YYx*-~aRI9TL93R&%YOR{SuzueEu(J96589K3qPlCpbjXpeE> zE49>LkYblQ;dnQNj@~FU-auaVeiM(zf7P>G(YgG!O{!mi?3;a5fy>HV<)pkao6wo#qM)UiMBY*#L zmvYV(UIbmq7gxZ30n@~iHwB#_!&#!4XqQt}g}6q>w>gxgus{1R>pHH3`_uHraGNA_ z-?JF9;Tn(=a8pt2qZ#c$rbZk7hKRUv;FB{J!GZhZrs$idS`})17u6@&LKFfohH=A& z*d4QbrRQN~F&O791pyvdktLWieMfz!t;+j-=ynYqhI$Q*n`_*qKZ-CGWpZH&Jc1l{=iEK77z6#7MbRZ$&^O{&g{BB@E&x(@XL8^ zTRzJ{qcAGWqiS+vPdpI02lmsoq_6`BuhN}6mI9F)#0zijoP;x({sOjlIDl|79KC0m z^s8(ru=^ew9N4O+NYXJMljOlLUZNa zpd(nIAm%6u)!U6b%Omgd!>LQ}qj?uU?4P5~usu?tshm0g`^$nVP~Hj{96G0iYl|Fl zgqN3*z2lj$GLi0~*mttnU<``ln(w;8V}YLgry|6GEHrn8nzLFX&BaL|T!r_El&)vl zwXc(!MyeuN|WAuBO5b;tfRHh-3x7 z)*ILI8s&pZ8gumJ%D|heHF)!gZ?F@u=>%4C3w*w5^|rt<-YodF?1KhNRYXlTdy^U& zcLSFrsDA8o5Z)T9xyCRGPjwN%64J`(X(jJ zBcPAV$cRUm1;fS24IDlFzP?JxQ8^2}i-)V!@Llb25f zsnU<>7?Dwj9jFCxidp?0eaq!>DvK4yE??JIw=OdCQE#EW? zh``U-g~%fVvA80uG9`ZO^vE@>_bAINA1YMbG?;LYUdk@eAb>Es+-4Pg8^`-ou_BW4 z!h^T|X$tm0ybtjv+O!)^U{MUZ7{v6Gzcgs5h!CV63T#}hzErBiJHA}=L25rx+otYT zMcR=<2Wmr^{M6;hYeYG@dR$XCGv7ABSx7@oZKREE=)oe%vK<%vcyCmzW)pi(+K_$b z@QwM3=J9N6}-mkRg^@tw9aoaMRu4=*_1P%Ln|JTiHW@dU4?Q41B$({>Gy^dwKlg#fclfr~u)t3ZzCmu&a_38TZKSHykcI##{VV4?3Bhc= z3%rZEV}kxXK!6@p8ehtyEsR+U&k+1fQV0cgFXsdYQusqwgtMOJNK~t}TRwK9m;pG0~gmub|Q0$GX?ozr# zdpY&s`wHVzw(jCl6FcYN@ZLHDfRRr{$jB6SpG}_2$ZS?kgG!Ub?EZM^iK%y!x%iQT z=C6$Y+4yNJljiEe#iI_Yk|gc2R_p3&@Yy!*Yz5*uy1L2aFB&u;cR7Zw`xcAX>e6)M zSZHZN31VvLmbK;=z6>*uU}LHhed-Dp>ngvhU0+l=4Z`}z(nY#CS9<5L{jN$Yo8i_x zZAR^dC@pQA!_*3u^kMuHw2AJVqo_z;O%I}2Yp7|*GMpdOwKdd(xS9fcSnQ>yG{ z_cM)C8$)k{FIxxq6$R{;!H>m#lQl0<=xj^P_3_fKBWX>%y!C(X-2Db)l7&9~+uO zD~#eTJbsN}T~##FmGFBl$7l#~?e*ErTGwEk$!oCGFI2QscNy1hqHFCwAPmvl5o-L# zzOwQVQ1?)6s4HZa9UCSbx*4N;0T*c$abXEwaJ1f8y39-tZ^zo^xkw%Z3t)+-e8@!>CDR~kUqd+ zbe33AU@2@c8UyEp^&d4HKnZe!iESm!+CZ7_m-))0x+^E)=FE}~Y!}MTqiVoyeLBqE z#CM>!`cr_N!B7dRTSiOpJ#WoKhUm#)*aApQn?QtrEwv16Ge^|`+4H+Sl zGG)Q-YY>Pyi>4?IoZ<<~-6hplfN6i2I+_^AW#{0J8jqY8s8CszYR~_he#{~66-n;6 zlhiC18pw zRc0X&ANLCBI4ZQHfBU<6Ca2{9<8n2}5@|)Ff$Y@Pduf-2IFFa!Rqe`(H3W&~(utxz zR>I`EyFF7&ke)$N`5!U~-z5wUoSQCZm!pGUHYa+PJ3gHg=2`BlT({&-jiD9m&Mx13 ztOjv#BQpAsYN+V(1{m*-<*v*p3>y|hmveN3dO3hw7lDgbdpNtcrNAidT+%wNUp;98 z;k84Wfkhf54f)RL^oN>maHfuVH&w~^@pIza(1oc*OoTrovpQa}PQwuCM8w-x4%k19 znzm+X!yX-5`eJeStIJ!BF<_=Wm#0Abj*0bEOTX?##(sA+1m>DPOuJOUwl4J0LSt=q zDm`GlKIfn{ud`N%Jdn=!6%LncX@IeTe9WUHb3cI zL@di3=d_hm4apo=JLrrpWTQn&6UGEZ#4Ls(zp$F|R zD+X<7X55OPhJN0Ir8_D2VLeCbl(t(3Pp)A*MahIQw$aFUZn=7RLy{B0O7n~B*36|H=!_Z~f^dBo^rfYjC^SIMjTtz_ky_AA;!+5J%DCYIr z5f?ehSHIdc+`SyCpL#sdsLddvFQaFJZWPhJ*tXMrJi|sTUq}@y48YsYQ#vKW83_JM zM;DLr{i@R2&1^#*vz&Hgjoo$A*rSX``%{PAJ|azL3`^KIX({V1pXN&Hb#_KJpW*P04tXvFHL5|Cg#{v>|D0gT4ecVWsr4q~9^j|2)))5Q zVaPLSj1_Ok!E8O#FIe--+|&8RNXm7CE+WS*+DhGu?X8`c;&$qzqC;aa)S^K(O$x7FbV3I`Xp zECxA^BcWI|_#%yEDroLtIek8L|NpKi%#|tGXzp^)(v|HU9%$so2h;z3cj0hhnm@_^1YY4mmRmJ$KN6TvGckKU_3s7sZu^Cr#uMd@K zxB_%d=m{|hf90ghJ3DA{LsSZ#*-T7$e<4?fpgY*3JruKN3p?_n-dwd9o4 z^o0u7NHu#Ua#&D%!s&k~j2;KyO!&FM|J9*gAiH@R2|SHld1= zP375!v%5WYE4FZ_(YnSTPi%u8s{$PQmm`g%dQHP#$<>B(s z#@LhR6`H?#8tX>V7eb=|c@ctdy6+E5HYn^P$MSlEXI4G`ldrYE>Ec*bHr#KTz21NS zt&#srA^tEF#hB?eA1ljemFMovLP*dL7maIcP!?#)rvvR>oT!!-|A&KtZF-0Sk@9Os zXsS>`5VqSqnf=q~$%)EEkS4CLCtlKBz}L~V4CC#v7mLR|uD@H7h2sc6F|SDEg=*X7m%Gv{Qf7b5A_W)#c6KYCB|H|h2n)>{xQ{eF9 ziO<_|mo2XBUf_)1oj|2xg3ZQeC8+Gqo5U2oeygvijz(uP7#CpJh)t-$&~sM*DyBNN zuUx+czMuN`WPio@(B?(p@Ub&GC~+t=dYa!`VQIewxEbIN3VIsO^YJ|_`6?7&3tFNj z9oVnhOHI!q>W799vYo?^(~^=$Ub&xn!UmBkI|CF19y^7%R)}AJl9G5J@xNv|xj$z~ zh%u%2L<4QRYPeT|Kq#*$L2lk~+-*-d7iYXgi@IS025CWFZVej)iV)aP;J>}HwC4vM z&B=TA+Ee`i^pumQMbKIQ3h)_G*v=CX&b@&X1VJiLyP$Dmz!Ro2H3ja`u%a;AyW4ROWs4ckuF<6%YoFCi8adJ(8>Ia zw;s|qZP$qkxHvP_4JPVmzR*Ba^M1!I-v;BP5og%7Yu9>lJksd>p;HI&c9hxc@6qpGnP4^6X;V`h*MVopMb0Y>hPN1afI3Ecfn zM@dozeRk}5#SR!%m=%^6cwJ$i;!V{T_uC6ZGj)OAp>XUDFW0<{+a(5lwu!G;6Sr0{ zGsM`S2smEujf5DsPp~{sk5YTX;ZWz1Gj&mriwUFTK``8tXScr%Nc=UzY%;yC?UFj` z<%ZVY_+XUg;f%ngPSkmm`S|gup|oq1oq5}qp_h6uh1zEtwI3h`JmTyoonHW!5D0}$ zC;n0d*+kwhUE?Qx*tpiw#>kN+>`d-*0#pnCN`BiCxXMLG=@m&kne%bBqnGn3_PeQn z9%goqgCKM`x+W{tc zIp6xKDw(ei845yvIyX}nK zuGEf@K!@6}(hj|RHVBpf7KzavS-t_(J$I<2kH@?U%GAl}|sTPVM05++iZxS`b>kmGkdUDQLVDDLR*K zl-yo2zOgbY&V8L+H08er3F>7tL@7e%3->^7&`8_T_C~K~;#k&VUE%H@PDC`y2Ml3= zL;FMh|IYUZLwHia!yr)J_$NO6zmKT?uWFts$Q}=^1?>x-cmioBTa7P(XXhgp)ipCv z#^VvoFEH#bSWg)!M`GLV?2IP)_l}-nY|pxNVJfPCcx zkf2NWIRYN@<+ZLr`sKVI*)QQp#Chard!kIu7Ae`UZha z!{Pc)?3GVE(3fXdfTwd+1Lx>udJQ(PTcv|Jpt+tqcJHV3&tdHB{i3U^SHDhIJ`k5T zfk3Zg2MXXPe|lV9L{9raAg_876vVUkmI{77-H>RV#Gx8Y6Q)GRITR`O>cgHG&#odP?hTCpMGBNravTuGx% zd+olH?ttDtmQC2R57$YYgZ&w2Z+!TeCa(W+-CS?eV<6@nTpC$u8A|*y&}JGs&tuOB zpqC9_R?)t9A^}oO1?w(|FNu<_BUMv#G@q7U9F~(c1cp9`$7>5b;i84h4wTqicFVOX z4jW`Scn12}`*ErxfQl+^&II`u(F7-an8cbzuNJd4tK7jRGKD!x8Oq^<`COIcwDNk= zS&~naad|@boqb>pOfdJ5*tJu=+Zz_ZeAao`LsV4~a8G{Flx^ zc4RJoFi;8O^0Gc>3`v36$`1)BBk+#5=21%>j(xbt$C8iK#}>Vy7DTl`Q!pLq0lR?c z0GOUDq46CaqW9hbQU|tB;Jp^dVdV#PwJlyPz~_g%{}rn&Tn4q+frSw%I388+#g2d0 zwH-=DDb{|gc0TOBt#kMFKL*HPejGq$6Ke8f|0QxiF-;k#t6ciNKb9V@Rwr!X*8knU zN_K7yW>uY3zw&E=kM8z2>qzzD54H--kRu~Q%8>UNkrx%?6;F4zCP4n=K<_U_-wFn7 zEw4{d0g&I{R^FX8Z+{;kTapRBcfr@)?>=-N>UVUlaZPtk_GSWxkzKINr!t8xXrJ< zGM+f99x=uJeBzw;XZ2PPSJAvIdICdq_4;0!j0f9pXbGKOuDq6?YjtS2{0rR# zo8AJhv^RRjTSddf))f=Ct}#9TzgoJ}R9gj@W{~TMoQ)FmoFU~od>ei{ zv0~@J+aCFJ+Q0zl&p{S^5^yW70)K}PQUUwy7rKd4Bx08AZe2#U#sefWKG8DgOSCQw#F)d(&_1w@XOij;0@pIi$)p+M+ z@WxkWR|@uuwgM#%;sy-2j{?>%*#6DRetI2^zWkalw-n6XR&$ihSn=}_FijV+c6#Hj z;c9p>if)m`t(Sfm@JK`Riue$Tguyy|P5G*t^O*znR1tOZrKMPj8%z;rD|ib3K&bKJ z?}v{@a0AQC@GL-;6$O}{hmaU^K1$Lz5GX0&L8Rtd70Ap>9oSlO;sI%xI0{QVM;H71 zp7bmJQeccYBX%_ZFk8^i-r3F&;MI5V?8AMSxe(sADCCkk;dQ?49S59JLU`#y2VR@MtWaL625 z;N`3rTIgujiyH0loA)1&C+K@_K$EP^qyT;q_gP^a_&FVyXa0k-PNSJS{d@Oe0jX=2 zC$t$Dc-eWQHT4`?^Q|h;KjQtLW!iH;M(sg+Z@jf1qwG!Zh1%yNdkNFHutU5Huz-X+ zh8q#KvII1X^xZzj#lTmvo{^#O^8H-N{Jg6Bo#nuHDkcYw3@v-?fV*#K^Pao{Bw`~; z{?SJcNgonZ3#W-&$4U}%{T)#yK7m$IbN-|O$Zmy~rESNlds0(q16U=ZifO?NWX%=$<}3XWp`XpjHP}1km-X!dF&xgFr~xvf{F5 z^-D3oD7D0^Pjdm{j?+YUlyX<78Y})-y76I)Xzn?U%z2D`@sA2itN7Fj-B(sJ?B(h@ zLyvZxX{N_P&JwK28Zl9x&?|NEO4YIw2=WAB(NMw12Vh<_f z*ow(E)#FYQ|8f##i-d9(m|9ao`)T+4>r~7FV8NxdorF8TrSCr6tvC~kvb?Tx0O}tp zJR_=+CPUPuVia2lkYeJ8@0OWJ(*nS!iKWX>{ePmPPV*K0JxCm=SIyF%6WirYrswi; z2MV{f-qvv=5}-wGR?aMkSDy@#i(Iv0*(0F8J*>kW*SIGksN&;oG=tFxckv}>h`bp) zCGEQ)s43TnG)TrZae_`C^W}lc1U(hoK`$pY80EhkpeLKC071A_4&3@y-6gLubbn7t z5XrJCDUg86yF`BxayJ8=teAgkY&!UzrP?VFg0P?IEg~Rh-@ueqA#l=!;8b~U(-xm<& zz2|ts7u&g@-e+aaY~eO?>$SNdb1VZ@iFHOZ-i#VN^F{OZ5OhtS0=3y3NaZ=_r<#6x zNhN&{nUA>0A`W|^OR9qz8-{`FBLus|ub z?%Aa`meP8n_Viwnw7b>FUA%Rl6N7(`({O-T=w9EXn=3?o9esHPfWet>Uym*d-I)(O z3B=fGW&PB*5RZQSs5PL!^Qs=^mkzbpFV>h(ybQMzMI|s7_+9=rdvxPR{reV#HfA}& z<}47yT!JWA^UWKeiUY%)Q4or3KqaNNIN>aEctt&~15+N^K*Dpm1!5Nc3{3~RkFsRR z=eV~|KSF@Sf4x75C=H8@B@l!fPc2w%KlfF@Qah{}@T>#t@Jw1d{bRhzunEIO>BCh& z#*eWe^0)QRFUM_e?x?d(w@+7>sXFFGy}tY_rS@vkcOY1A{+}{}Key8O`L~t0 zsJ)Td_O9OjB>OYB1@}eoC}ODBnzF3Ehc`;>yUfpbia)D2oMUqqWuqcvsXye3twx-A zz9c5K85@lsi~rgZ$QPcuGVVa6I%xTX=R zpSo&?u7)^2TJwzNy@ac!J5W$S=^H}^Oy2}8Xn(o)$&5rQ^d5|pl^gjlagTZsPL$_F z;R&$`gw~~jMAW<{?|BQWCZpuXQugCL1x9rIh}p3BF5jsjCxT(AUkLiF?K}*q^g!pZ zN<{@HM_*DNg3{Mr2i2!PXNT!xoIRctDZ39avX?{d+}p*=1V<*722;PP7#zrGZu|zl z=lhMh5}T(KgW7Gir%|5D<%agFuWtgVYv_4=N-yLxTF+-Wh4#;NsI7{$TW~F^+WVtF zk8@3AcrqEof)l}mV9>v(XOP;!O$?MiNXj4EFjb|#zUTY=K1=z_fo=3i53J93Sf9@^ zzmW-FKk-WtNQD9izQfWD8lLnl2(_LlSrGEx$mvP0nV6IqNDY|uaD}B*Th`XOxfo0? zR~TF}SBF$vewTRp{WBo#8`@+cZSrt7kCPQokV=Tu9H`)TW}0f9x|O2th(~I9$pHyz zA4+i>2YU%B-EG~U({2L4hd5z=8p_AX-}?RE(r`KBFm$>8R-3S_khvWOOzJa#^uPbG zP#4(3n=ssE`lU;E-V&E>M@+%FQE!=_#glZGpgo%m*2kJ{I<6}7{l>?9teA2FF@fto|>hwk#g+eydJk9Qy!WMFaR{4gg#*-3n<;wbjL|ghFdg^>0 zhx?^5{v=34IW%5OESJ-Ppbm^sJi{VZ<}dI$Pw4T1<0%iLgvF z(u{Ee+;wd%_RI}`EO{!p>jt@{xj~g3(Pj;fDLwHjMSe%=2)~hY&QaE(SS^1V+{_v9 z2s$yhTT?%+H-Ue_=Dcuk8k@Oo_9t1Zj+N7n**UB6P?v%(;JCWC&_0A;LM?DtHzIwA zXS#K7k5PB`Cm-~-BW<|-h(K@87<(^gY;~SCmD|d_oRFM7G#UQ1m*PHbzxT;SZGY|3 zM|2EcGQh4#?VjwC>&n%1{U%`QSLpW?V(g*WOMc$=woe`|R6}mIAy(qC*Gx;}#+40v z<|(dlQ$iKf7CFz!?lD|aZSB4D+YEEQFIb9B0$jJldiqH6>XXBC2~B^m8V5!{&yrcF6#2>Chd9>&d^4vJZ(`v@H<9$uW!N)FSG{6D-E~E8DSDwk;03-B7Eu z)i(SWhb@WF%`aGO=EQmx1&WeWDx(2D78;GJ%Aep#O+%!`h$eYa7TxE}j=bRrF=Mh~ zzJ&X9q8s3vsv68NU%+|)T=uRQW*bFJ=T9mA87zY++*lZt!WIOtZ){W@CcxUc_&-N`moS=Q4PP`fzIOnL8$US19$Ofy2hs%ZVqL(A?0Xt0_q(#Iw}%`k zJF495$vlll*NdT{b1156Q7BiCN~14=nJ6;Uq}LC5*Fy52?5i^t=Gta0YBWi96a6jV-*Eihk8fsp6*EiZm_MeXZr-oQv*tl~_K?C%c2D zPe8jQs zeFKA$(n>@G2s^(e0&WPUtzB~F<~1x~M4@hKN>GIZq7IYQM-%ypyNdCKp0y3Dq{6P;n1~ybYYbhu}%wxttxN<_NP;#v@ zOeRn8h(=tIfGLI0cG<>P-m9je!u+eiFx;h0f~%cNYNQ9JMJ_dm`oZCks%XVCTD>T> zz|~^@Q>xXogh*K&k`R;o?5yxB`+E1ZGvy7sE92p3=<-a*!@Oz(bbX1a6BY^S$wkv zj`dkose*?v!x3D$-x%03yG)nZNQ=>9&KeO~tJmBm&Fh-umk$pZ_sC4NVI+m2-=<|)No{50tiC~qtu`pENP~Fz%XMT!mQwO*Ejku-hzc-$3?Tx6!>DkI z{#1xbBC#H_%Kd$+p=0eM)^tx4?4=LtKURzN93!ZW{If<+ zmJrhsr*{!Vn)AV-CS2?KWJUUC*EL}a``q**#6hv+V}yqn0{}3anVr88g~NLb3#cb! z4+!o>-#^VKM%=Yeqi%^ZI>ODL5tQJ44Maq0C_@ zu5qK2yCP>rTUFDsy`9cxPY#s{G|lfTRJIHT!GG3}ZMS1D^2;rpPW`aoh>TG|C>WQO zW9mqF_)jFSWxTN2=DGuJ1Xh07gUo)K(T%7WByWxyf9fsf{@@&3@+8i3ebOTo)xJVJ z%Id(c8H471Dw($b5a6lJ%iPkhB!a8TX`o5EO<&WwdqRXNqK1}EcHh`E!Y;|bB-X-q za5TZx@Xpw#K3Rk=-COs%$L}QM+QFh$b+4~-?1qw{7~Vsz^$lFwZ9i=HinQ@Icj>VsT&8d8q*P=>bQ8dDB#_uVR&i3 z1?hoNYZd7W-lGYz{}uFSp2a<}{q-4cNKU{;Q2v+?IJI|bWHfXW>2om0jSu?~eb%eu z^UARN0+W~@unQCn;y3vC};&W*KG%+i0n z07$X?RD@3~RG^`No1&#qDSf8&;bX1Y3v4%9DBw%&-3)&Dd_)u#2_~;)A5owFUPGoS zx<$W}6Y~KTC)gHF{4;^jy%lS1LuRaGzqc|N&$!ocj@FP(^fSP-ep>!iq;Rh+YpqK7 zAA}8JrF%W{y@x2F4tcAL;?fJb2k&J1@&?tPhQDN$nd?tpWfQ1p^Bbw4AK3DHZCRYv z!29epbJqi}hNwl$ z>xaJ_s^}Ls3b^G>2sp`t_tSV$KRLJ=LZu$;Q`fGme5?jT=LPgbcQICvPn|qFy@G?gCJf)%1@sF~1 zW|A4cEX&*jK4=c!y><6%C&N1U90Nwz&0VC;%|ShuhhN2K=|dokwI^L-txGQfwMx=~ z#gD?8JU`;*r`nZH`ezbG#QEmx>(!U0JR9osnrIhim28eD&-1xJD4xEO)A+cg?_6I>F^_(CAA}>?Qbov?(z;~il_^N+@&`noS#qagjmLOn z{9ub+d6cunC9B+U?7xTA=TBRp7zS0q}yiWsKA|DJH|>?tlCP|_a)S7 z__)(%8vfpnJEJ0N=6kh>;_HVgg5xQo1Yl91X0t&9_KCOq>U#<-?~57cR*?PhM`*o?8s zmp|f3Giw$dcRB43#1q;H%ErShI zLN89$G*exp!r6IFxx`*H~$NV*F*cri5zWuAexM7ryE)D@`2^o79Ijc^m{SV?39*FD!p3uie zUhdYuLf=S#-KcxE(CVDW>Oa^xPWlI8BWr-ZLUnh}n?@9BAQ9j||DtwBltaylC!~Vh z+#FH(33|rf+}`~- zd*{5IW!o0|6Z{@L;sb_8e>@%Wj)T7;cR2#cm=-{oQP=z&%R#6ehEgubcrCJGS!yJ} z=SbQL|(oiO0 zMO>aqom{W(%;#u163!Q7*a>r_6>>tfzeL* z;=nTVWcGgi*0Zu<{DM>gw!_RC&Y~m7_!7jp_6z5dk4@A6;ObLEL2?y^*iTB%{R;C~PL|{`nHKH+ee8{f(77%%3&!X19`Se=DYdf6-&BqD(3(lYnm= z1&ZXo4iy#=#=bP?5wjS&(yj*3XsU^gkyJR+g*>GcuP7+F z-1XFGv-oZsu8lo8e$5^p)(IKQT#=!6+9@$qEm(H0FJBNllm0t%n2xr5UDYy2fSLJ8 z3xN2%HF;RsfJ}SBg&&#?F6Cv>il}!6LbwxDQ=Fi3sbQZq)MHoe1SkHlV@sX(tqsL0 zEH$X)vI`BbIB(iqwRF3!dTy&jsIx_%?=U2#BxuqSDK37bns=mcIDIv}17Px1rMU~! zx0h(&pvwBy@#xWHge%$IxSiroHsYmvN7MNmySmYG#DyXCtLmzBc1kvC_~4M7<>P}2 zV2ZeBw649j^SzAS9*D#s`$Yc6bPBkb!R zrOx_a(hrs_L59$s9r39QA+5pht~8i{oJ`hF9ODJuYA2?&O~3r#cYHw(8xsnow7#EL zga5m-EyMBqS{*=GO**Et>;a(HJyeDOTw3xLOA6yyABCJ8A7q<^#SlA{9Ec^`9L{L~ z5{36EHR}9|8Ctvc=ZQtjd3O{CUG0E%dn+`z#QeOLmZYR+Qj(f-&8PxmKo0RO0&VG; z(Rp&v7%9cN;VFC##Z|ZJfPmZShSLcsyX-Oq zZ1Un!mNUCI^hL${7jz-(RmifcN9bhLEb;VFVXACoRQ*_XnlJ23PmFwOjnNNTRKj2O zZ|B?S zf%)N_$^u1E`!c64$k6?(T>56Nh4b2~F8u6&dj4x~5>j44=0urnDfktwhYq{d0BmLc z7t9^ZDpHvJy}k@1gM+JcBWHKStGjjrs#8^Q7Na)|2l68H!1)%b$rOlyY%9CI+KRCk zI(%`|dAjo<&3#L(vD&((e8JQiTedPEoB7(zs+laMB=;krEyJFG;sM&$BthcYZAgo4 zAn*16a%@8jByuD*nx%VE)fKpGbO`@fNT^FPw@r7LNlx}r&_ zJ=V2=P8Ol3nsDz4|H|-5PUYe7lp$~zqJTsOojjb#@w4ll;=fULaLaih zO*Fw?`FzF)PoTRY+WDOfr)Zt^u-Xo>%_vqyxxSfS3E(Ard&RJ}M4c->q}Q%Wv|YVv zZS_PF@VUkBPOZ2Ir2WOuZl+u?MNnc}do7IEbx$BVB)eOA>}Jum?O#dTM@OiEjqY>@ zEn~XDSq`|vRyzT*x8UjUr`jrd!+cHTZG;9TdQzY9J8TF--KW~t=pp_#&WZz8nRGTq zt)1k9quHOc&Gd&CCJcxBbJR5|OF6*&b*d#n-7NhpB?Iw_UeZz4-VWxnzHMyRbec%r zt$1n(wa{)F5?_=We{R1-k(5(W&}S&jWk1~_yu5!Qm+-YDUbO-43i&vBH6Ao09DrZ8 zXc=(5lUFS>D_VjLE?5g=KUl6D+>M$E)QUD#3#WN{SV4v8ZO>>PlVqfV+O;#1MKPwRGUl-3Uv%AO zksU|M6%5pBch=7hFfBuEVM0Z0zk8`Bx>!4(R}J;6qML6rzqBkMs(d(|ixCl5{cw_f zn2*cSmN~CZJFh`Im+IQa7@40nlTf@{vOpR+UNmofG=y863Vi^y59;6*l_^s}GY+c0 zblNQt7>m*pBmr#M>7{zvoKN~L?tQLYucXaWKpUv0qz}eimdq@_yc1T!dwV>jXA#kN zT`PpnW@GZScIWoI2$}i#25-oOS~eVNqJu zO-2~&G2%GW2U{1KwNwuRFVv;{Jt40?U*YV-90pZ}X?fW_FfPz5Xn)E}xl7kw(>e(< z7^#oaon58sLu&D~s+29-sW}_@Hj8YKnDn`hdEQ> ze_zrSGXwHrh>MN+m}zjf#}JNDZNjRN&~{1h&O4K}yMFd1LUmG445rln4h=SoQ7#gm zNY@={nA68~O7KxVY)7u+%-3H&viPgiHUi!8X+}pkIgMQxsbl0LSgp`^1@o?XU_DY+ z<9K|Ui9$QoOe@=Z@^zi>+9GQ4JU%x2wph6_ub72IAr1H7*p*my z8Ks5?Grpkr7}+Qg4_ceQdsdo*5XD76p3mRa0Jazb&oddeL4|^gU0xs zjgt&0-**7QhZ^nmeT>gU8s5krz{_N)zK8u>Ooe5}MuIu*!abF~U3!d0J!gnu1~s_2 zy(ru`hU9Jrw#We%wZXp=7S%0nk5b_*%pf*){xIO7ocUA<8zZ?rBrf}Xeb12n-M`*p z>$~aqW=B-~FA;lyYRis~_oG(Y!J-u0gk&|)jv>W@`=wr)D=KV}d2&VaX`oFR4?(ND zeGS;UQ0&08!Z`g|pqdEhfv5}|rr8TDy!~*oSI-a}_oA5tNvfZhl!YKDlwVg`ds`wO z+iNyn`y5-d6>cEZZhfJu6;F=zi!mCO$IdUn=*}@F+UT7n#13MZu|AC#1R-H31&JE8 zu7%DQV-t~NU5dao?Vt|D5)bW_m$CQ*3M=)*B4q|ui2;dQAW)oTzR=z5#`7I$^!Qui zXmG8Oqm@#Gs2{KNwSJJ-`UVi%_lLtn|$ovbe#dOQRLP~w!IWlpFQ_2P@HkyeXlwa;~17UteadS$C%#i_pxsc z|3ywLxh?vDV}vBAIR8awBSz~&4Gx-m>D9SVQoEg9e|A89-c83wGq@*9u4a*%wfmj_s@WWQF&(K!we@r#Q*&(b-=?At(dol0z#Yca zNi_fhsZDq_t*)@m2YpAh9|aUYG6O7f_{gN?y|K#^c5g)1Q&D8kPh?>zM(F`cYmV7C zB;?&T95gO7yxcz3z6*aeGRn>*_*y7zCBRNCENxc#0 zZpcYx5q2*eAf4kD3|oHO^All9cS3!xs$vt=4wYk3Pg$70qvQBN{$sWYz7K7gRnPJ1 z+brA=P?B(a^OyHgoPKp87NJ$E;|G>5f6E-#SYkK<4%2^tSAy3?t^$FI+NC7eLD~ZU z=Rc@_WRHC?hpK+?+0&G~x|;0Ca*6o%+MnzO~*TD3pNw;bb{cxUV44F68 zGsmj~Ss~WK-R$<>rdSo$UVm>!YZ<^`b7WD;nDh)zI{&<+7f_~sbLp~9Z-$kj4{r;b(vwV zz>Q78>6!Do?FYndubWGnu9LSmvbBAK(JiyM^MFu1YF;>Irl`d%4y~lZoyTT7q{<=V zlG6FuCz%ilsNhtq>u+`*XaeXvB^)Y#{&XvJ<1Jl{{Qh6MI9IQ><9O)LcJ$0O*^JTC zs@XsD04x^{GFwNTW(-5Y%MEx2->S{mh#$_IQw7qX)A z*|Z3tatZ|H1W@iVV=NCI60K4pl}<`i_i4BHj_759lbigxy_<_khC2|gDr)wyY)j#&b@7`)j;twNDIax+pQ@7{Q9* zkAG3jw=@ddG1OS*i5w(EH3K*l-0B{jwF>$zI-m_uOO3l9yy+OognoOT{T%jDOM{9{ z4XbhF8B5XY^^YQ(Yx{TuL2(Rgw&j*15)5o8j&xv&6My*phQ-i-RN@4Jw{X?>kIPhICX%wJ)dHFE5Mo zV*r$A*Wfv-wD{gxmFo#s^SAE`q@T9#E58-~osH6fB%N?1aP5F?^grf`wvYei!q})5 zPR00#vh}{&=)L+f_BRZdoM3A!LakhO_gAh2ACR;) zj5PS9B>Wg@LdaIyUTXfPxe8>)%scu{%XQ=jJUFE?KRUi%AJ^I~`V=7<=<9|2O7h|W zzALjH2$b(cST$g!B98|lnsAI-f=8wX=f<0?ObFHvY!E&Gt@x9CYNI!U={r=+-)$V; zmangW-&v5nx4)&HizcU9H}bc|tx0i7=kmZO-tv8B|3MU6YM=Pv@em0{n3s#5^6o!d zOf|Y$#?2+UhMGxA?!wy1uuK~G>$ahLNL`(Cf_qA#?tXfQ#~fPj+9a4GlXv`ru(+<@Z&T*Y1X zMV~#R;=tcP+f1yeVlZRRVl6)Aa1gLAaNl>#>UTW8x*(p9F6r&PQYspH+(EXmZiy$w zaeww2YC2M(pCsz(w2$`W*ZPQCJcz>%b+_>GO4Q%IJh*eO4Zd81Sso%Qq&PaZJ3PwF zAkDKa9ye|0MFhrm=T0a0b1c^-UJbWmMn@3#yS4TQqci56nze@WTxrRYr?T<++zPSp z5uXjGURmPlp1j_?Nh+INpVRIL=GtnTo51r?-%hT( zQ86F-tDPV*!aU{f{VVwe_TN{v3tJ`Dqhja+ z15sTL`lZjpdO}DM*vB`;`%YY-E~JUUp$cC}i&Ce0*h%i*W^H+oZP1jHbklm(*R|UV zMjG3C|I>};*=2!tWpTg<*SB!Wc3*F$rgh8J97z7U1(!=8V>KO0Td#2qKI&@lV5Ewfn^On*GerV_@@`hv#GJ5dV!tUa zwTIgSBXz$2?uEN4C%%Wr;Wpx|MdabAgjJxHOZ`D8vICgLK4&Vk($#&7L7rNYIO()V zSvQJehaM{R6>mwZWjea{;1#y1!y;G}EP3X&(cxskVpS-|MGqWJ+U{qwzqNTuk+O1h z$z6mcFI=Bkfz>GV6Fl9+b!7R2x8Gm!l{ZQAR|b>&z!T|a<4d|{r|I|bFnIcR3`AIx zflX#dv$gRB6f9f$-5L%*ow$jE*po#y>=4=ySdig7VTgZwN@zt68c5X?!J@Ai7?T;Nl%6MNRGS1=yTm9%BW2vR0hw3>7m^w0U2q#d`iNFv_2Z zpkwbh8XEpnp_XCsgj3$p=LLGoVn`ItNFV7#9{mC`QiOQ+SALmSJNqmy?u#4C$cW9n zrM8P|W?Ho2%o~{B{mH5^p3WE5c(?tiBP(5onVWKDBrz5-|B+m#@1CdbTtrcuj5G2bLf#K4uAYZX&3Y3j;u|<(9+dq5s+)vK{lCThs<9vtS--| zCFJmZoN4saB(1n<4cg!bDxwqs{V82b|20;kTS`j+ky-@OG)qmiBzF9Sqz~j0;+hpB zM0x&V$JzT~LeMSIRRfMnWF7-`6Mxxm3ige-zn0^phK7$eemazz!H72zGcuz0TDe(J zncCNWCKshU3wmn^O$;Zk%b*;WTHv5mSnV0XGr~EdNX#TL=_xMS#qxx0L1AhjmU7x) z^CTh8F)ycFPK7k8ZJqugZq_(NtE|f2MdI<9{Aqm$tK19hJa ziji1Gx7jo0GTHR4Ujr;cFjwXpB7U2);S zIX^9+3)?I-@?RI!<^b`IR3g{}%qw#B;}%l|7p z{oh*J|9=-f+Bw0V?C1t_*d7(=G`$q9ot{slY28l^e&RcM z&w0icW4KxF3lhw#sX;02!EHR4_BJ0sqW6D5awwVa`h^ofdd-x2_;;qt7V6XOq;>h3 zTX+ttxa$25iYJHWp#<=ZD)W`u=;pnw$ONt!p!dT6E=gfHt$lAleVG(LvdZd}>-zo; zEIZ2hVgqv;?7n+~DPr2b@`;wsgTbYlWEwIvFEVa?W^z&pC9RJ@-5_y5J_-^K!ccjb~_-z`Uq*wsh4ORiWWMX3U1ULR%5~jWrg?^_s)p z(h->#L|166(!%J;7=g5%vp?N<>L+b+S4rLj1a>FMl=Etr4cu$ieCM^xa8eM?E*6+~ zK9ho1T}L+hmpQ>n{mVhOk~QPcKZLPJ;`*yrFC+P0c;kh-rlDyyQTl2wz!y#;2uTbm z46$2{E<1P3Xx?lJr>C*Y&CZL1L!=>FHm05&r*sx_hn*L@av$lZf8w#kOlguTa467O zsbK9${@I1!KQT0)bWSgWVICp!P{GPGPsaye8ZAwti(r8WUNPI|(voyn@AeUvGNIJJ z^#don3Rv~&1`BN`!Fsb?yXt~=_L1V~{rH&1*z(e_!d0E~*(0hOQY_u%`L~LZRMER8 zo5$kfxZm7l*eq6+rGOUw^oRiwA|Hbe_`R0RBtFZ&SD;i*Xg?;9vXe|QSSP< zoxcZo83sGwFt|6~ZXTK!PFs$Nm^+_bz$CJ&b<9j9WaXUtXx6os-816`nz@7lhwqOB z#WnL%-o9LOJU2QbmUoov9Mq$|2?r$(mX^(5T;_WmKY_ihpXM^ow~t8Q&7WM@?p0jN zYRCKf+SzOH_)jU{RNY7$ZaZsl6(!g^nm+P8Zj3-tEmx-nV|o-NYxm?M5zJ2f(d5zY zZ^iHQH9TICmE4H1b6ziTIKC@6JoRw#OXjiv+vz8f-SF$xgwr(9l9pJ(E{b=MD?Nkm z`1jf>T^D&e@g;`Ogf`ISsKhx2CdqLP#Fl><}dEU&?RNf(B#h|U~O=4 zj{Py{`tO^ZfXhd7FJKnpKg&`+34+@+Z=kcJlH~z;)tC6WbU6GtbBeGDJmsFh=fic^ z>Msoq3%G=8S9rNK!ddcIT84bX{bb1d!rNTob)^0)&@Kb2dGPC5{~yzexei^sQ?Av= z6XE)~2J7N0F1249Z)^mT61})S1cv|M8Ri4e$!~M+5bV$4u*68 zq=vALtSUHfw(Hr#sY|Vc0`)TlGzXoh#O?Q{px|BB?u*MiwbQp2%EK&Hltjdr;le#& zbC1fW7r)qfrV)f^Z57x()i&7B4s5G?m2J-W-8J?E0@HG1_5oOGWX)Xl9NYP_Xkyi(`wE`Xn*+IhA$$x)cv}J6ni!D1;37L z+^1uiSK(Sk%sCHM1gYzNF>RzHQs?hUZ7hFSuqnB0^?Mz&OM+LKxYt1!1 z%IQ1*onw9+0TCYF6=bWeF&~O=+sgO$+R&*86%8M(my-LVok^j7HD)MZgm640OF?^a z-Sr#^p_F!nX~(_Fm)RvUXVYdpJ!!13?XBPPk#wui|9w1cU^~CD zbDvx7N~xIFZJIa-OXPzezwPW)*pxouWZ+il?^r#L{5sh3NwBfR?dhp#AEl&Kd_6~c zU6I);$8pg6@OGjA$)m9|=!v6{VdrA&OsT5A6`BMQ$+nzvGn!#ADr$;hb1&zR#kFypY*Ruj=rcs<^=bLD zw;sPke8cD1pDk?Pu+>Jbo$~xK_Tu5wytCDMIMkGoh}bn}v$;HhXKZG>c5>*RQnu8; z++HqJYfHtl#qc!0%tHYd85-Kx<@G>z2b3`JGQ*-wb!##Hva$GtJ5lSSdSk%gn0mT) zNccIUds8vuyi8Nt_NCFHPs+n5*^BkZIMIZ+w_5HJPjitS$Sa4YO+qLj@>qX(@nbCH<`1S z$hyhww$;;w!L)%Q64BLj$=l2U8A@~?{*scfA z9;jHC6ud5LqT*X{P}wY}3R`lMIINr{xbn*$IWBoJNnaj+Qo4a zKik)K^qbRC?JcCqW01aveSLVX))w57>@M@7M(%xmHyD)Yc!q6d#ow5y{V5dD?xowL z)AAH+M|jQfA^VR6RsWw4{OJELe#!p>K>Gh3ZPCTI#2-yIIqMsoY}CZ1wmh$h>pSe) zYu>%W>PGcO25sFtqow+>Ez%B``M=Az#9o_|+v2%06`S%a%WK=T+N*=NXJFf+xK~v4 z6Bnzn(?bzvu-cNw%>MQ?%#@&zq}4;cT?Xb~%~KM1g=5#ZZT5f(*Zl%}-a71__LLI0 z(JQ7u;?yhso;DWctlahY{~+$IqvCwpEzu+d2tk^J1lJ^3aCb-`!6iU~yA#}erkcK|@qC$%nE@oqc=xZ`$zuRr6Y zO1U|6HDmQBYsVb0+8sr=Iy{~Uk*ulzd1gum^myQ)&0;*8KfWxy?0uGWX-zxId%V9T7p)1Qj1inLI!1=B)uJ-P+jl!Z9I{zvN|M-~yV(eo7G~D*B;YP+o_4isE zpCEc)@TaL-;+-C92P1AwyY0K2VJyLa|?d79zKK1tap;l1EZ03o3y&{bj=14a@WTaPT?X%QK!%%N8km@phJxnE~u$YaxGG~ z`%)Ej_GQ)L<;I5eKuesmw|uM6k17HJetk%fgWslIRpEtXUsS{7JEU&Coo|wF93dCm z9pTHim=0JR-I~f-E26FVp8YRqnGC0R+z;TLe7G_1F!%PXM|;SpD!05^->(+@hyTr_ zEx7DCzgurLsqjvP0UKj1*>I)WztJheBYi$Q*@|v#x=~v~S)MLu_`ZABb;HKmG1Ki~ zJ=lHkz31rbh;+O~+Ov)euSP{denh%uLZy~21aSjYsldyR%aI3?VJ-3jGE0~1ch1MG zOyJ88d1Y`{1=ywjsNj`auO?0GN%3gT+wT3iP5RK@ z)$GYI5SVF-bR)^NMM|cHcv#Y+0f;%?l`dgJZD!MqfjYcbjoE{?dYfdYuoE{E67E>X4j!4Vvp)33R{>l5h zq$2N%2vqjR8x>a?L^L{!OTkeH`5wDOK+iHx80xg2_9E0F>WHaR2#0GU zr?#WlrQ3~xC1rm9dMaFGBo;}mAm%rMTx%TnRoEL6kQZJ0sDqr8_c|&JkHQ?g%r(B^ zx;KG&2yT?GUp7O}u5}U8Ydg#W&GDw=Vttov)a4KZ%2YAZkj-ExV5gKAFem~knh}A3 zZ=D27)|~Z5F%Q`*?AEFSpp!e$(*-v5D*HY;=N?@Nq@mb0$;CeE4z#!jD|IK~8_^&P zrJ_d;4QBCYBVq|(ZkLU%;UT$5z(YbI>Y*f?f>=jzQT5Il3$v8GE_Q(A}K)9 zS)gCH3;x!<9-!AJ%-9SWYiqk>2 zV`Jk1=T>Vv$)z)upvhKy_Nqf_0+)6MywLp+?lNjb!eeVLeo=-rKe=>yq2I_0PrAgi z9MgGsC{5%)TfuwYw~mAge3bK{NOPQWS3^1_FA$H1I8p8h^!2h}Z{C_Js`oC7( zORj&0zclbKhuCar<~6y)A7v=IJl#;7em+ z;qlSO$b|=C&D72~<tizMB6Q<|h6D<=UDe_4o*kgIAZ-3O4@CYsE`8 z?YmI=a2#*(*rlnU4~B~i5Fa@zuL4ZD>{ydkR9Xro>@QQkgiW!aCNcm z4+)dE>2LHlo&=fOG30E=EUe=H~*wA8K&= zL}B%0Q^CCjWwRy$3WnS~(}7w>mK8>;l?FGmtKWujR43_twd4Cralfc@u8K#YI8QPZ z^IEw#$-Rl=T%y=!X|^bAySTvoJJ_)`qcwcjynou1E-d8uFF61udC-w97je$a~k@Dh-SfL><=EMH^S7WHG2 zj#csJx4*HIqPk2>UG&rcf{9)>=g?^lLCvrGA@ui|Uy>Fgz5iHAL4qjyoyVe;C6~rP z#51=xKoVBrC%JD{&0QjuapyF*oYM70-RQn#fqz>|1xJK$-k&zM$86XUx!J?lbDOri z@t)UrKQFU=iR@E2h?JUG?HUXmq9|h@)!Ct2k<-Nq8zAJhPL>&!HVvPzH{egxQ?~oA zz?59c6lb%4eZt9w%jee=%d@ZH6rFU&%gGemiUX@Vq={QU!3#3)tZ4^0tjpD?T_i-WuO#Gx-oxA4| z)7{q4%Sg4U@2T8_7Hec zj}F(@cJ@#(1m_AC%FIz7lt96!MNk~ZdMnM!6`)d0eN||uQ&C0gxP8HKwI@}}%iRRU z@QrW59;bt8W1n1FR~&K)M2~g0R+HLZS^C3c0E}x(^59F)9(sGbdvvYE3R*6n$e_6W zh{o0k79F_)!xbb>8Ys*7(iW)JV(nx4HjWC5`D&TN@wp2N{e2Ryer1Q) zEb6Q5C*#pc2wPw&4!M>d*>~oC4tPC}^;Co@&X|d#4|dr@OJTC@$RuZaVb;_TZ^($S z#f?VF#r)SNN@986e)+F!cF#Bws@!`9fQTL`ka;BD$j?$zZla*vQ771Ts2_g#*nj6K zCGX$AloRm>Ce?|=oREYoR^;X<6k%Dy*>99oGoJJVI7w_p%K_6Vl>Gq$eJ$toF0hzu z@`CM|s+|hGc39@D0F9e4x4vd#c-ugd2uBS)-PWt4H3944_eNcn`9mXenna~yAY?=u z6ft@X-r(Kt8(idF?9&S~?}tc}WPN<{RD^}iGe7b3E!9RvLBxYeK_AD?7Rj0_sfrzR z5boXCy?>I^bKrhzbP*ZfQxP~H;GM2NcK4+asDJ4yX?8y+ZHasZSmQ2?K$0?g8?x+# zq=`1A&|v7BXN*z5jePv#=nrM$RMJq8)5HUy{+(Vw90TdkA~bDWZiYT#L^Ga3EVVGm zWl$5-=-3Y_BKPJZ!r2+GylKpB(#+<6Z_RVi{m4HqmtV&#r!7=}*zc2ta+D*%U68Cb zHG@sp%vSw_KW`ghI{#M+N#?nq0VRXzYg%+74mH)}!JKIGrfCD4892w<(wesOd16_j zk1D=>rpGgI*I1V-T3}C~{I<{VDyzG;h5LId)INA7{5U8j&u#+Ap8gm{=u?0#P5yhX zO)*1xBF62>8)A_%nCVo5Z!ss`LGto*0$?;&`|AC+SR!DH5%^v+<2gbR{-OaGr2s_T5&+%ljZZRE7^skEh#Co=*FQ7(ML( zFMgCAs`I<>O!vhk6dKGrnyw?DNGhPt=5<+*hrb(swV%!`qq99O;E6 zLr;`O1O;8d7Jm#0Tnt?CMT?B8d(jeC!f;lQL4&XK@U(u0J{9sxNgO#m} za;0Y>D~J{#Xpwf}AV<6Kn(!mjip3C?d-=kpSV{QXhvt^JnjX1EG5 zikBwib-Tw^A;|HBwZOK}yTiwRU_?WlA^+9_q~SJU#GAH#Ub;xj)0Ws>NqT%j#IWT1 zF~eqWe7AF`YD44CsUC+dJB!smSwZA2=U!-<%!0$$6>MizudReDdXZ^cCk5SddD;h8 zt&rbDKXD1=SQqjsI%gZrFg#mqS0-6x@N3$dohF?R2K$C{ruhJ5wS1b@lVHdrFF|bF2i{hI+Xqa+Q$7|QnGpwB&H;K0-*F&OzFd*epvF( zvo%v7_GUS}CS#0hV6IRkzVo@PpCwJqeWJRKAQ8EiAdD#zUHPLpZfHu9I~>xUkkeTg zo~kZ))F5=dGXG`!V0cyPRvc|VGZfTdsaF>3Y_GqPNo>j{k){4!^A*xY)N{j1G9~|b z*h6ZsM&jo4;N17zY7s1ByZnvD-1C$xnnz)nQuVKl>OGDc(uzYsUS^ZlzAQ}lckH)c z7M^}SdF(-zU4!PcKsMQ@GFmUS2lnJ5qTG|n+WF4-CMb(DA7GR!bRxoz$=M7yvXv>?P9$=O`1WMFaCN1M+7{-xN(9In3|^ru=o z^pcmKw9%C~iN~pbr4x?v;=BV`g+j6?j&iAnd&Z|j_L~8>c@OcHk~yu3A{VO3geGer zO`tOz2Uk+b*U?8i*W|M5_0i>7byXRiU#=v#!s%Okz7zI#_DB^(KUk2aP3_c_F`xgO zrl-Zs)B-v~slf)zd@saWn+zqkZ$a41&)Y<#`Wf zu#_WC{Fic!m&HR-;>9 ziESY>G=-SndaU~>*nWk{V?4VFlmNZoo}U?`wt>gwU+c-9bxRnTT3a#ZZhml1vl>1t z8nHvp-+vvXAIlO0`sNT&Q1IMccAGq(-22`?%b$4!9)<{2kei8QkvUD!h_ZHdhbNt4 z9u`zTPSt(fy-q{J%11)dr;pK)Jcc4HI>_u=V(c4-ZTSbM?Exz_8817CNqoaD?nc^H zSpq`9aM~hQI5rL4xG6_^d~E5<`qH#RdHL5>5K)z;t8F~(kXPH~=5kYpmNY%RmmH*u zFU6nH^k@v)$KwC}@HCEE@)=D4zNO4hV$?%Cj~2@a^>`MOSm2FMaM~bW=n3%9aZnvr z@@r& z0cS$lF1NOYqC&?n06)$^7M+783ft>jvtVGeC@0l&YOsj@4R$+~(AR8Tx(C)zd*z^m zha9))po2dWFEc2U%$hm&^4Nc*Dz8R}hAkVCF4y&4NfIx&;xsR;ITAcamT1ow9cWQ> z?YY%-Rthgxf1l+mN{YTk&U-3oU=~P-u4mKchbP#qmFSn}rKzk~ob&aW&jf1cHSy({~E;ql#Tyyrq zjV*E^a#D?P`?RL1SbG~+no)xeWma6;JOqm=wKBP95{CjGAb54Ava_?3g)yfO3YBax zDT15oE1;v`S71r`%LraJ)~jSQp0;#zTuZHh3RK#$TiL+=~KivwDU;*#t>QvM zSF5d!No4>}NmpmoOY)~mL8|YKZTLUz*%kiK`p*4W?(&b;?mo>Y`HG?0$Nsf6Ub-b_ zbYSv7b9*2%Ux?<>TVmEc&wer?c${erfmGfIjkoTX28&W9O#Y$;;x_y3HD)QsX06$& zV;R~KKXEU=4_lG4s%#n>Rji&T!+I(OkN`6zV@>Jpt|<5FUD@aA{70gk>p zAp0wL_iE}z+|}!KWD!pK`|K0)2Jwm_)a#eTcO$R*Tpdseo#~rmY33+CvO88 zT#V1mcW)KdUj(S~m&@ZeFHEWhaS?Uhy}R%s&2cgp%C|bV=_4Xn(NC!z{5oYlDSw>$ ztxId=%N+5Pf+aH2M*kf&q#$l>K5SS{4U5MGFZb!F?qPKb6!O!?_5Gbn2x@0^qNKH|HE8jG&Nu!S=1b>$W($?Kt?81D z*rx|jbJ9oF^Dl*4h)x?A%CA1_33a)Bl^ZJh>ZSR{t);5^IYXY_o-+T6V)vm}LURfB zbze752{d3Ak~du_xo7#scGLKrk5Lz4xDCCsYO)EJkaaO`G3?S-q>Y#ue1vDExqKJ2 z_`VWk39&bz2s&i03m&ENX{W1urEr#6s<6i>f=3ZEN9Q(W)}IiHnoez}UT@v*7D~Pw zIsvjbrm3o7MMK~%>`HAc!!T{ui_47;QZTQ%#thj@f1!JhI*D$?fr<5<5srMM2%k_xCm8L7OyC9eCq-w(`lFA{GsjKkUygoP*KiL9J8e2BleZ87?Toiv-bD|w zHJRii6GUK zF0>|D^#eLmZh#-&(dyIB=yXW}`Dv|&SAMoP_U*%azm=TS^Yw^x@;j7Ybu`b&RhEyK zG<+h#_+3H)54E2Yjaj9E*w-#kX8OI_7G$(3k>0b4%8q-i3z$Kf6vPvorCh)z%4#eW z3?4M(sqsyWMGmx){%-t}F-5z$-rQrUK`7v0abPg7Q25aY^*Ot3b**!r=BKX$yaR<7 zj8^~-FF}kMs9u4sIJc`q&N%e;?SB-40PWCm)tw39wX_gYZ@bKaVE%;l`N;R9{>4o+ z71+`X&PciiqD>Jz0&*|ewB>TI0beQYd&lA?22;7c*+(#2q+h@JwN?n?^w zF}*^ClFT)0pR0P)m^cG%>JukcP4rh&iv89wE((G8*^d&T)uR|k`DQrdMxTcE%V{-C zk732ci5r4GB%wZZeOPJTcXS^jmVVDM{W$zqhyUQJ;+|GKjcfW!r2;DFL9OjIm&6@` z0!0=Fzk95N;}gGiB@$}qwdIa~+Wu1J19ZZ-G7)1K-woeE9p|(7)w=Eb{*$jkXU={O zq7~VE?!PI5KdzOxcJ#q&k~bGsmIvw=hOBDrj!0zfeJfw_ZA>PD-VJEwQqER!uCxzc z_PR%PKke7E*5mD7tP&+~njAJuL`FlGTs^){{mB&S2Qoi92|e2x&&t~UBqb$9FE|)g zXvjy#E1@9xkUZDR`@+SkaT>m@5;^>n(_|+-WX*D@F@2cs<>0_T!`71U-%zJr%ZX&y zHfxEw5i6g6GoPU@n4X9ZjX;?%NeU6PyWE2H>$1Q@AOPR!@LfpCuP(?rqumTL^Jj8$ zlg!yI#qyu~WSvhQR$Fdi0r(r6pMv84Vm-s}?*a4*t(abce<7g?H40Lpo>Q?;IZ%%P zX}Om@e-Yvv78(4vsN^BF@BYsvn4+f_LKA=XV%F*S(aI{q`+QO=F5@)~E19~U2W{Y3 z8ly&wNp%h9`n!-9;_@V@6ewXzw~o^&&%aW^+wNG!JWoT1IYVOB-_i8MpG-RF^WG(dJ-GGD-tAjBq@v ztqHGO0#FQKwE#la;X2+!i`6mMiaHVMO``7}b-V8cF_P2Vb}M({B#B?JdN*f_h8HHk zb9F4lCcH8jdxX05P157;g7rxjV$sChL`7OD9N%bP$SvIbKnu&eIAshPtlBgY~O@5ep6dAKxhghOv+qXrsZL>~Q7^Ryv^blutnKg&QP-o8HLDb-D^xP*QM zUqXvw`>Lh(9xoncjQ>2QxEWAhq-;TNZaU-&?iYRZVt1jts-k>jNndL)%MG?(N$N)7 z^Ig=+?XgId;}Y(fCS;bkUbtx6*1IYUUeOkc&bOti1?eqz!mwHrUeTT_qyLbu-3P zfg*3lHm}QPN)Z>#ZJ=fVl8uk^VD6jn{RX2!K#e-fPP34HFYx%YPL_!DW;-H$bB@&< z>;y5Rsoa;Um}&)5oQ+Xzrp%NqaGkx-+l6(X+0|UT%t#!HlC;~%$#7L54ul(QX%$A9 zsshCL-NF$zkJVPsqfA(JWO~m<4w3$j%Bku%?-lgX34PNd5f#;YS?Uo?fM$J>?jfps zjH|?i7UV{E?L}l?Ve53xcx9^X=76J?o@c_*4yEDIx)fs>{EgrTP#PjTLHHymn9A2O zKm_8MNLdqEk?DVbbD6b)l;C12bW!%Y%1zh0RBiIo&)=?B6|RTM;6-%}Fhx~Di&bCo zxbON_{pdBvbL5|FQ+k8Cqwk1#ywodMWKQ@)zg)%f@*LMLGJ`G#=p8bbs%~URSuQ5r zBYajii7bXsA%f=|w%^UO!Cg*v=dw%&Zk`??+Oyl%a72m;Pep2)u&d0Sc$&HRj=MTV z@5RbYW*bX1SC7ddTF<=eQjQQ6rys`9znYQ$wGtfLfe&}Yxy(JTJ{#L=tBvWJ>W|3t zt-Snx@+7<(8KK^6dXu>FT*@o*Wmi`h8%v+7E(VGE0z;Dv2TsOzHxuVTx@ZIr^(HvQ zL~;Df&%!mMA$2x0HAxJ@9mjO??X^jc^FExz{DkLftRsF*(CX`~a#PTq-%AFa1Q{qd zwK3_O;`qBW)y?7VKh@32PP%k8>BA0Bez-l5XSqtsx2+!L@bDAO`42Uv%&|cq?3j(6 z^@)PtDv!KBYII^v+^cEuSQ!1_Czi#*xI=VgwB03d3cNTpq$(+DaAHj%Nf~L(5BUkW zw7+%_$%M4@>}CMgn=A=az~;(d9(V`~^wJzu7I!#I>%7-lk8VyI>icwiYvPe~^K99f zB8PWttU3Tzv)OZbvlVB+HY4Fw%hAKouBO2jGd#*H`eea0UWmoS#5X7$$6&E=Fg;U7 z@+URY@!dGe(G&>FCF1gr6}uU%%b#s?KCoTLBF2`;?;d$lHU^?cSr9T@(QXnKDHi5W1#kYZy&9DWLyXPDSwHFy=&@Gj(bQ4yFo3WJf*J?mv^6#|Z)+}QiVd9tGm`E-?N=bi zXazhiLx3c+eNj@FPdeKw@E7J{y(7|`CH$xaS}zqIS9PC(o7`7`P|AB{-$NqMk(s4G z++Hi(FM_nY9u+&a_ITayzWquLE>CXpZnRrS(kiddC`}Fn6DvI+P>rV z*3Gl$eseP z#f%xEe|);zo(^lYzqSb)%f5Vx;AxA_JyySHf17&5a@K^#u%X@j%O2Nd^7ss*eK-h_v< zpRO`S9(giuSFA;zxAe4?*qWW-q9zsq$zpU;2Ik)v7+^Hef-<`!h!LpNp0-A3_(}D% zM8AqEDRWPx+P_SRctlenw`i>shBe)3bl>{XR)qY_R-;7j(I~d^bqxqTzHD`m#;+N0 zng5Nj%=CEMGa%GIkC=`-4_0rvgjeaJH!oe`yR-G2WPwf(y^3vTytBCYk`mM@jPBI( z@swI`-$k@HRdUiTveiIY`ub|_-S3pe;eq@QXOh0>?YSjm)ht2XV#aQEAu(~7mMd*y zflWfPONsvJw+62YOk+u~(mAi4>5hYaBbB!JE~Wxd*es-$y(EuBX;@;!!;L6vRlnEg zs$yqyC+Iqy1#GZ~11+;M1b2aMPUh^gkD=O{OU}Q-nJf9JI$Xe1mO3s3Oq3!cg+$*e z)dqCBbRo%72E!|_Rxi1wxS;E|GHBRHFD9$Rl~0Bz-${cxV{xVfGB)yen%3mPlF6K; zM6UW0*pHd-Rs#g&s0=Kjlx>ZNbd;+^sT0CI`DHG>IuEAW*ss;^QI`|*DZ5|2P1l+g zAD&a)-IIkjC0H+BJeq4eWvAtXd|F>2+r1sGGkH>fYUb-sFYE21*pmA#CzmvF#>(Bn;A=p;~ZU+|b_n2`RxDJfP z`ZgdNAjO=RqN^EeV)W^^-SH!pwoYEG?`;S>;Zyj7xgJI2ZU8SAZRyMB_>UN!CCWf-IRFLaI$vDN;#2wII1Q7RPuew9BG{dehBkb_#4 zKgxa}BCcE>s|#M-6UaquX+3|=hL}(P=l_|EH}WGhS?v`4;qszxRwSk+wLs8W<4EYL zR*0fH4khl?%4{V3{L>D{`z;5 z0_TSB2ofzqa@#F-0{MdClYqA@kdj+gHb4m#khtS&1g}XcTz;NVEOHD-SgHT$El#g5 zzG}M!8!%}I{*Y*Y%|m)TIR&M??#v%4L$${sCv9-tDst1#JlCH^!=zT2P%_h#pF+n0C(~sLGDwvASWq_Gvr?>LS0$BObCq zzQb$Md6$h%m5C4{y;$bwGy%y^3QUy3X|M2}BYEQvE0(2Z=IVfM(HXMroSp#?F|pv+ zNJlD=xtE7;`$MMhc@)f=LGz~wlJGrnjjo7-LXhv%72tgXk6092V#BVx!cs{NiRYeO zm);ECwFSdq_mLw3scQ|5SQOOPjSnSsddBHv2rSvMs7g!nH9Hl z;F-XXHk)tKP%Q0y_YFH)mr5(-Lig|n0^PoPlizdYFML?nzU{LTtsyU9gkw9}ee`{2 zo0q6}O!!caYQpYLsohkrmu3F!tf6ir*g2DUrgZL8KeXbc*PAG#dvMs^tTJOiUv|aX zLNzEV$FebWIHSN969iRWz_{j9E={DhP5y4;7a5#%_Sxl5NMBV|7?!K)18F;FttXGq zrS!@Uvl`_6_BJ67P!7b3P@by?sfX#fw!*klIzLzO=h=zE~fs3SkFK`?qAimqL0s zSNXSgUo(Wp#(q6dl}bFVy>n|hwWe^=U+UQ(U0g5Q*?SP96@EC=uku)UmQe@0mV7M9 ze^;D8UGIA01!pVDgyl9CWPo1A-|T-@wC$Et;@>3|`HB48kUKv(Ggu-&4maz#Rq%ZX z%Th+%yyZrAD10evhOelOPr#JUhDzEu_i|`R-)C+}^WPp{;Wxo7eIZK&ze-I^-7_h4 zd3hi1-R@60=q0q7+;fC34Bp)7`}QXa{XmD9%(X#Ic5OHy=BfwnPLdSkt)6~FRH-sM zXpoISvB2H?A7P103=#j<0uXT`6LwlKuMyxY&Q0J}KS?0|8w!O%YG@bbA?~`*pxpYO zrIb)d2R3r+9n*__lGA378#cEux-bJM3VgG&<~o0LUwPaj? z&WSmEp7Lt-=;_Y@@kfNVI?#^PgpYlNrTk&!_MQO&NsA*-Y?04f?iU~BcI=XgG>Exi z>g%va+BvZ>Y##M;HKIxe5eckCNu&!D&QiElUots02)>OQe=Xo}-#coxKCpG>R&Dgr z9g~(x0_z)O;>cfF5YxYS=R`Hd+mkdp=7*^#oq9jvS(KjZeUkr_7x~D@K!-|0yg0@& z;2!AB|0F#8_#v3YWTY))N*v5~j*XhLT?JcQ9AHk)!AApMku$Qc;Cp&DTQQtlyUvG| z-6cB;;jz^5(e?Aex0P#Y8gH?b-d4v<;M*b4ZSTFToO>N+zc9F`E8F(mf+nxZ+b*@J zI|lS~;E2)Ji*=Fsu^on|ejD z^FVdve(3OUAe5%jdd|ok2Hza)AG%&Hq;tJP8B*3Zlznd@+NzU~x^5@%_ND7YN0gPj zVuXFa+2+ge*7AWLb}HPT5%Nh5wGWOQKs&8I290%&Fg+3t$B+cGX#4;@a6iR1dk;s9 zU;i?!8lyp@>J;mYK+1W*5nSeeDH^fDb6lRg!QQ3_{BJ^}#i=&y-ATHy=I9}2eNX7! zyoY+N&=ik5D8!nS3CP05`R9oRx=A+Qy-YQ9=?M2Y^fYA2Y8FQ>to^7;TCdpgV|pZc zeJqkZuqS|uRry&8H^CkJgPSs}EnHN57Uj+mkb=_%kNby%Q|t*;;Muld-aa8x;wxJXDbN+Qk5oj0{}6p7J#%noA2RY8j~wW5cE=}~k^<|H6=D$+=$i1NS@moS zE#RBEs7RJjbij~ueZb5B;+#BWd2@?hw0P)=CJf3)9?z!HtVY3TZd>B&kO%yuqin~s z$Isx%L8)OSVA#cK{&Mn`k;qF@qgO6dWml1#Fwt1|z{+qB?<(RZ;3<`}QhU-;&CHd# zhJ$@Tq&_9h`6_-JOlVh;W)V`V)VS+=|8p2T#1q^kj4LYN#Rdo`LOt zarmxgc)ofM?^w7)40uDiSixWj6O#n#H)JR5FG#r?!5rJ}2VM}yrwJ3FvERA=u^sL~ zz_ypQ&a@G|_rC;6Z%)9ah^;f>FOJxtKY$)vL{fU*Tl&PVyCOaBbZE8qwIkw%XzN)Yf}*%@UAbjf4mNY3o1J`+ z{lQ#Y;1wFSq}N*ylB2xieOEQ0hd@adNw$gVTPsn%`a|!d`nv`e@MvGG_WZS@JVQc^ zgv(jG)8-)Zcl8#bEy5993D=Yz4LhYU%c#x?OaFcfBw&P~TRMu-LunYKrLy>e5BE2r ziq6ho+h8b!C$59XN#|H9_W2)#)yO#e5Bz=>L;C+p{{DZ0zyC!|@h&8kAP2miboQ3YpSjW}&tWk4y1Cz|7}xJjzj||rkl*b%h2-OLwy5$^ z(dmNl$brrmsCcno>NkO&RV=IKKN6HlqJJn|Yd+5T92S60U4zTotyb4arhrAwV6{2E zklAjJkON6|xR&z)LE9$4jw?^DzbIU5(Ir;|uwNNaD3esM;QBJ3M31#T&Dp*rwb1^i z&NOVWgf*(EY3fKyLH&=i2-&pE^1~#n>I~k4!Yiwz)N_$HSWUJyvh!0*QWtM>Ye5oW zohv5oNs*2Uei_=5xO(0WOJ9~w`nKGx7Bi{0Z5=+?G@o1;>GW6WPFK0bpmFc;aadFW zR9m@b>RoC!$JlXeY*G%r^6zc)TZ{HcL5NBk1>N5BUnCTAG1a&e>8Jzt#GJndf+HxP zT$Z2$xYgdcuIxgB(9KZ&F|Uxj;*}PQ_OJdx)cq%j(}C*6>R=>QnS_t;MgPKwjqJz; z#pk$-o&z-*2D&Wy4ldR@M5BmFQ^6US6ogB_EoD0Nq{>!re9`k)HA>WhFI+4@PjxEp zK@v&u!@}#}YRVAAx%qRS|5C@yF(OQ){5I|U=EzPZNgLr_t9SD9*eGRu(_GxliB+p(_F_ELDkpE?@HnX$=3p3kq&M2c zW1T~z0uUwrsd(S&W6fBfY)2oo;F!44wA)7PT9aEAZWAM1r|Qu`GTI;dT=!VjBZpTj z(!MqOP^wFWD8|+-&Qq}on8Vx~5wnV?)KHk$9=hSFo%evSrC*`#`%x-j3ei&f{)87y z!-QSGAo{b=cr~(i^PTpuY3vkYu8iKazU=88YTvWtE2or zynGfP3<)$281Gc%$f8rYZ-v>4{Q^s=#i6mbhkIK7a+z0I{9LK6IAzjN!@Qa^52*M+ zX#bKl>);Ve^}~vl6%}$$Uf`Mjc|oJ9PqN$A#-9I!l*lXA>XcHh4^F;;<*cPKhQz4hsgW~2RgI*MT9m6puW{Xxf8Tzz$=Ey=|>^uUrK=Z{OMXf^p~^gce?%|Dw@ z=Nd|%tkg@;cNzllC${pP2S=tCH%u+|(K%vPlj%~sTiFpX?k{o*4z+_O6@LPyCFF9J z51+jJm!>0!o<+`qg2(kjb=+03_5do#c!4QEK~@I1nus8f8sWtN)T%DN6p?1`r8OzR zY?^A$i|31-#bLq&M$cRQ*29}QI6sgS;NGK~k5tUrW-guAkh3pL8(T@MthWHT+kD79 zVV-#^wg6wM&doptN&@P(Idpqva9^BD`AY!psFuu1h{j3O z$ZeKfT4jV5SX8K9}$dymSy=f|MQW5On;MX$eccWnRJ~hMP9EI_0(->6|Ncb85u#3tc8ze%{$Je+QHNz4r z-*A$v_Gw+*m&a@0J^SIQz|a0@qz4rupx@V+iyyAQz>T>qU;fR&he`8Qf1YjN!h7M-_Hf=_!s zZHS1D+ojg`A(|pxmxf^5@5M6wu1C4qt5TM7Stlz_+-Hn44%hFzQ}KVWl8yB}d7=y3 zx2m+|memo#BK3)_EsOd#Qja=BdlKQjZv$x&-rRtEa(JLy(asNDtP!1aZc4N|YND9V zYtrp*B6+h5T5p*Uf-#fLO5;ZC@DFF#;*sJ7YAA;bnlw?eQ(^!zaMmgl^W&?#1yzxK zI3rv$u1f~A3twA_^XKX2KNy-nNy;~N_eYb?I4cRrcQTbYBPXQlttObP`fi1)W@lbd=G{U!9^j-j_SQ^J{UK`gX) z4!QRma1dKXzRXoc*Yp+_&h}xCbq<7{PoKv+s9WuyN=U!*4JFVkc15HAvq_%5{o4I5 zgMDf6IWv2+u17@N6te;I=C)>W?ZpX~P@hro&%W79o(l)ZC!CtA-#J^zAek5aA*a6f z3RDk$#|O9Zd{#PqXx#lUBsNdm=7@?n+w8q7Mny2neQYSjQt40Z(!CGdRv|}|n#Adk%s&4lk7A9@LF~(c zCst{vsX3f3874L-r`+hlaX4Ejn{&|Lj_GFi#6_Od6{p7Oj84T%R1YgrkXvaXSa@mg z8L(-<@;?28iSF(yjF#A=uY(%)9_DXui!s<)>`~ttKR7Y2WP zBh55OUb))R=GVp@P@4b-6^Hxp;S0CdKl$YckbbhY7~3qXFPHL8@1e{ue*Blk==8#^ z>hK?k&V+TT zyT7d6%q=n_og<#dLmbt;ajBN#ljuo@XscA^X*hnD*ORre0ae=WB)&d3ZYWIhV~|7* zV796qPb~w-i42j1^4({HulVvU3c4#eYGRqXBdp(Ti8qFlIG0S$)_ou|?MBA)JB*a$ z?WY?JP0WF{i#zy0P6JzT6)MJI>g!)41%;cl0|;FyKY)1Xm&?bR@rZ~`%B;Ex3lI@= zHc#~4L^4}drWH@dSHW}v+ubqixJT{qNS0d>$`gYh``dzE$dSsv4U3jz=k7&?ja4 zCL8FO`zdF~gE-nVx15W&+@rAeTCi=A$tXd^k1iS(QMVn+l6S;z2t3 zlcYp3XRNxXL9G+`c(oeEN?DQOc)GjN8hbwH2|+5gzj#q7l~wV6$G8lH-x zN3?g-eX!_pbJqn3)1wOD%&e>|thDSznLwyD9a5zW@r!SO@`U_1^{AV^w;m2C$}!(? z13Z1oxZ^HcDiz=+iY8e6nsLL>imsxb{9N(-Uaw);c9Dae5OL9fM$Rlq@Q?HSJN>`6 ziTeKwTM?OAr!BWvc&;@MU_sBESjscEw^~Y^AwaWP>WNYKl+>|?x#8>xgt)@f1Or*0 zN!9)5`dLb3ftPo&9dh$9?{U7Q*`|aEjc@K}ruKdYH_~v+!+b~kqv?G zPRqB0o_c%@lg$IPxNbsuSAPhU?f{8wOJ%8u=4}d1S+ORy^$ouK9BIagtTTDuuLEaq z8mHat&lc+;zCF6yGVyB?_Yw3Xue{0S7Ie>F`WV>kpPDrO1aDW!dRYTj)n9AwT9^CX zY~4Pz5;waWhnX$cL{qu*M_*76`dj~^Hl2LET02rZ<*HYEKzelM{R_-D30Mk%OET|* z$89n_9LP>GjIpL0zYEV!NkMeN}Ig#GNvHj-ugkjJeIAa-;=MZ*4p z?x9jn+mn(07kIOCIU1cx`S!NK448~TC(O16F)u_Upee1rWNb%!A*)h^Kg6Il45Xkk zbXQo6S;*z21Vk_@W+Xq_;bF0*^dTcujk%0`Y`V{xAdvH8YmK0%@f&DWHnkyr2or&J zFNp)z_+NIhy7hNXpC)8YYaw$wA+147$+QorW0l-Ms=e>?!>`AQ@*nCjO4D58W32gzrd-Fx~Wxr+A^X&Z%I z=8}OsV6{)OWRFWi_dpgfzxiJ?7pJt?+m>ri#0K@W2+n6qeNnW;k?z~3cq>#NG87S7 z;D`q?pVvT;xF^>G#AKXRlm5HNlYE_mU?b{Z2OB)(CL(&Sfud6IoC($)gqk$mg2z*K z>ihLSZK9IOfJ7Ovu%nilaRO`q1(npH`PzN>5wb_q*nRzw0UfPau>B@8EZs@h_S{67 zOa@q@FMB|0Wh0!PpPVuTHxQshlQg_s#VNl;TDBFTO$mfe>;-9hY4{U(;I-Wd9pP_M zN9m2IILYr)T~a{JQPSc@^n1_FnA!3op&z>y01{vpXWCE62S|xoFz?@8#|bfX(DZF!bLQ(4m-FKGvSCHxKW{E z@Ak)cUaUf3Fv=Q#bRo=-7>P|*`;;O0>AlzIaW1({TUz``3JSyvIFbv+Dh2`O0`2Nd zm3V&6bn54B*%DFHjjJF0TX^dXi1>^xQc>5=>?rD~7TvTere}y2$>qc}qZNipPp$K^ zn$?_?)IDOW@xYQgI@ys~f=V0}^ISI^?2Dp2HIrhXL*8O3i$Jx2hm5&V83@;%;EZ&E zFrfe;klR1&hkcF(={pg1am`CpC6$Ic)soDf(wfnmQ~Xz4x6WSe8Q1IIi3_#l##ItZ z#x7Y)3lWB;g>(4A3$EJXEz3T?-K8}KSG)+ex*I^A$=Q1vUidLrkq!7*)5ha>y1SIM zqmSLHwC!XIY{Z{UyPSz{Nlw=|QuF9exI6K-pNR}!$_qk1g5dK#vF=o|K+m0?5ToKw z^<<~-CQ%%YRq^*4lS^+l6k9-gxpatJL|iZrU=HFwy7r_Un$HE@pBU4ZX3+@zaH+KV z3CgS_kY2r~$4oXH?aFtYSwGS#bJ=aoci^dfIZ5s(-zYAt5TL}-ud6Jv`Rzrali7F! z$EV?*i$8EHSt9(vYnk1xXEGW9s$?%ssXk+*%krnD`A77-^DwriN5gf-tBQ3+y2F>k z7$*I?bqSvn*oT{ZLa*q8oO2(6*yO_B7JYWOyzs)-K-{Qkd@9rtQI*6~(w#5ZuJ&wA z;A-N_w-))kK=^&uS-GUI{UOc+ak9x*{-<;U$F3<~;VEYe znjcig9Eo)y-b1ICImM)N?~3q>B6->Xb>#GI^TU4sh?*zQ^oxg(iFAX+FNFXV0KDY`@)~m9iJR*PjRX~~y{fmcks4H5zAyf{4EULy1w)(A8WXi@Z zKEG|+;S9LKpNIHI<=86 z>p)~=I?lb`b)MVH-f)S}wH7=0Ivf0mjU+$(o`wz87kWOBM^s@lg7K#1QraC&If} zF~}vk>?n(G3+@~t=#%HIAPI^P<}%%eB6LC0*{ylbhE+S~wI~)zUn0Wmbu#tZa>IxS z;D0|Je^!DbY|Z^%iU?$>Msouy%fi1Hb%HP#iNImK)6P4_aI8q7hF633e!rmu$k8yT z7QoAWFe?a0*FrQ!pY3Z9%fH$O|HQ_Fn)|{i9%#`xP6CpNBzBf)jujp+-U%P4`#tk2 z-j!ZdOSz5?E*;jiAIkq6xNLHPWFp4HUhQ!E=i;56$X;k5yK7@39(6A-;JZW7>*6h6 z&WBknOol+WWzd?q?#DOgMdj><5(jXjI&M@FlMOqi;W_tvghj6#Cxf|Xq%E|%@mu*4 z0;-xxjt<{r+)ikAs_oI8hIk3 z06+~@aI+9X4@UK+lGfv=dP&a5W7k2I#}=zQ7zj-c`sFG)BfrQT9!bq~(U4!bqv+DN zZpzxd&cs(8yHV7-$HBnQ?TIz%x@I#{&iCeU5u^wc83x#%W^Q=}?|9R?gx{vumiKoe zF{k*E-4i0|xijick%*s~^x~Ssf%g{?)W~}u#(B4@+@YUbnzL-YHP&=WjZif8SALDmDuGMV7 z9Qk*ebVldvx~;MJ;d3+}2Ik@0yR4+PNccS-fj^`kNEp4j-Z7AQ{!)xo^@Clvp7q$W zxN%&0cSNa=%KrSbLE%<0$6?MX|Ij9fSNRLIjUSHHKzUG*_<+{jm!(LaIhq=GTO`97 zm%0=vo5g0lQm13+8IRKZIG%g_=M=r|gSXV?@?0!|a(g854KN^T-v{4SR13^;unnX= z)#^h^!?fn~c-eZT2^PK%?64lpg)Flm1vO)CzmZh(3uLAx9j>xKnwU92v{#%^4l^>d z)C#k?%V8>stu0`pm2P6?iw9HF+ja$nt=$W3qIfbv49gRV?IK0zR|D8%ymrl6o{hBb{l%sP*75ERTt95%QAwZd}5GiQ@+ zv`eF9_UuEZMROvXSP4%3pv^?s!pnF#NuTZ;oWaqukbv*P8hx>fhVhTmW= zJlpXRJH+eX4i#YOt+5c0a2r~cLlG7yq&m2OWoBsF{y8|ra9tp~eu~%EN@h(%u8 zi{z;gajcn`=ec9H_pE3%p-*)*9sRRhEd6Cziy_7LZ3m2yoUaN2T4%Ec5s%~60K{iV z%bYH!BIx`1jYEZ81LPkRHds||?7gYf%~-`fP&2vB`1z|hr!~EPQ2Qn->o}b+X#s%r zfG6~ryJNOGBVmCGM8stBECLuBed`^q&Y!AE5)BAp9?Y&Cn%`b9pwRQiu}i1Z7%DdAVMj?QG`&PzgwRMw%Y5|MOg6YT&M$S&)*XMo=_7hw=Jto z6@gk^&DDOddbl-z!*_CZS&@@SwP2T*(r6Bie-;r*O7~yEfclt{v=!Cz2>e+8^!dfc z)JE2qw5XYm&>mok_zzfBH=gUh7ZcSb76Xcah96^lzttNHI?}ZSsg}2kj^B?x$8k*K z65)HZtiEi{$zWx9z#s4maH=>=PKlctjxc5QEJfA{i*1j%$jpfOq6z`xQLDb!=x0g6 zNpoLrp}KIw=IcPFS<|~6q3lJIyT;$;!F~IGLfBJZpKWS{&RCtUPmX$MFA*kD{jKZ^ z=_K3W+*3W=ypot1WXQ-JF_)OQcGL{r&qq>7m|q6LC%bzAe4r|P*>lQe=>u9&*2Z+g zAo88(+jHbfZjh{0pZW~Q>l8&$vpLy;6|p}X-!u`qiX4>}eKd_*v7Tea*_p@pc_;(; zHh7j=8aOR*W@T1fi8X|MI%H`FYyh9xH1@dyv!=$Jp!Ns6-*b^n$lpQ7(MV1*tzagv zz}LtUYVPYO_}uwnZj^$`G&d;*5!EKZT`3%2Y1ajc80e~c&Om~8lnwjxxoe4fzI-=V zTiqY;$U>tc8+rK~IX>!N!G->K@h^?8MP(I+0uGHnjbOS?i)xK{6f3GcfGL!#2uCgE z!1Ov;#!jLTDn19l0evhlZN#^LuTYsDt=-+m9H=z7@Qh$_KweOYHG}Vgbx3$= zu>$4N8tn<$&EGUROeu9W*X%nBr`Hn($j-!VPtSsvLLlZgOVM{GrU6#0*oxu&1j#q# zG@693*vMZ-h1CFBh*7nxsHiWS+Tm6e<)FoQpX0yeKaGUgPq-Qju`}3l1ai0k0tSH! zq~_|(QmkX?`D-y10h04?Q})uEhdj~C&k|YYX31;l4LRTXbV`0TO6nVQ3fiy9&y-^v zLD%#Hev*x^oZbr_D?IqFnjfovBIp^fSlhY0uK|DAzRIGDe=RqSk=!;Iec758H+ss~ zi-?!x+(0L~<2?Q!RaQNaNykLIK_OdV0yH7;{9z?7O@R9RoprMTw z#;e_geLM9DxWtetQvKc$KaZf~XQ54}zHbHlSq5&AJ-i|mR>9~58ef)8(;@i)iA|vF z8US2Za3nAPGV=rz0i^8$0~jrPZ+b!?9Z*(`AZ7%1^K6blvdRN=vqa}B8ajsh^02Rk z3kq~fO^OR0w!@-*O*|M+#^dNBZMnUM^+AWRty!tXB{>Xn;Q2X>f~ObBMd9ho<6(A` zGW?vR+*~*WUzJIzTFV~*lOmRx%w^Zdy<)esv;0@FrPddy<@HfE?E=taQ43kUbIsRk zz|dQ3GsS3DHnk{Th}XhQ%N1qz(fWE`zhvwOZPE8+KD_Q5_ksOW_H{D`XVHXWS;R^@ue0Q_euFgR=jFfB*JNys$$KX+m|}Tl~IlzZU*_wryY2Banula#!Km>zv4$_3BcvpQp_c z>z!@lsDF1|`6d6T<44Z9n`CRVkGG3e2R;v~Ln7d^#iZfJa;hW}?wx5Q0YOKe`b@y@j@F^ML&d)n?jsn2%z;9ULp$G%n`2@QOo zG|etoR9tz}NM@pc9MdtY8)fE;Tw?8%qbFo>gBpo#!9RGQ-L4ReOs`uJQmAvV(#np? znWo|cqu`+=y^a7toB_~UnYjm@MCAD83e&7z;!kf)uF-txM{-xLceZZPf@K0D^C{a^ z`X^9<%TR~Wz{-PlfeBr412?H&DrjH%Xqb+d?}a>L{VL70E&o8D;`*{l)sh&FC@u7+tTcnv+(&T$_8!&dQh)p_Sm6F{2G%MiRA|mY)WOHoF}7_L+t^H= zzHm4dORY_Nhk7#fAVacvxl%>^1n0Icjk|cqX#cA>e%MUpg7kA^21ib*tFKv&ax3sa zUCu~fu0pcwZ>Oh^=z5*qZxLQpUAiRw19Z}e>|6v8o8Vk|S;RjE6ya7>dNF4mb`rm9 zySnAR^s>hrhAfYrTqsm+YjGV2A*J&7a1^OmnQc)v|6K^$UN$}1FARzug_|9I{3`=- z8|y@CsT}anfS9<3r=;q`RV@s`7WJ!gY-|Q0ui(N|? znyZ>p&AtXW38FV!UN_lZ8L)rCUNXz@^?q2 z*(b*_mW>&wKq zh`C=SUVPiDX{;OfEoTKc6)=5DtQN|#=e;19sCV(8Ng}wN`Yh-q*L-z`t_^_YW`<4XO2Sr$RZ>Gd>8|N?7T||8uh5HH^_5QVA`mrh z+hxHdk%1^hq#nWk`yBnvK5UztVfYU>B9S^#B3pSJe#q>(X3+#G{m=Jer2Aq;XQ%c%sDq*ptsEcamuO@N!t(Etwf6`YP~Sk_7KS z@T(UE*@JPnH8#FxA%n{WPXceqh>c+#W*37H{_X`y{Z&zJiiGnI@3&4#xg5j2ZG?>! z6#O_ud*8qzm=0Q|0tj9Cv8M(XlAdP?O5g}45=M>lyH9>9X8IYI?%A$OTeFDe_O(p6 zx?5)TxNq*oCu(vEV%l!9EiAyXjk>`w51a9smoG*v$v}|>N1e2y#$KD`E|2@K3#~%u z(%62g5fNQam#_(XCh$I6`3y0KlI!q^fL8??ASnzDH`G_gsN#T7mbkXT6#;QK~@-bVdBY|qCR z5Tw+XlVOLvtfaeq-G|Pu6WmuwK9$Z$Rk>tYCxKJ+f_H5DRbd7*Z2noSvOq;B73mKi zZcIOZpl<1%=aw!4qQWcv48p$f`y`G(jIyR+-eH!zbl@>)bMaV=<1T2kf0SCGVyq5~ z`G?MX^7XtT!=6go_PiI|oNb7dBj!>$r$Hd1bTv!iFY3Yu9g6F`h&rd!$6U8F4yLgU z7t6{jijnRLK`l*sZ%b=TFlZV@22ILbi<9!&rGTucFxO zMKj_11@T+uf}lzccm2PQ|wS!CjE1Ra(dBPXw>_5j4!X zYhfPDJ9q9XtXx*_?jv`7Xw$uE&u|`tPi#euZ-0Fd{D)jNu2pGnoqPJH$}{(#8w5h9 z+(p^3(dfk19r@CcYZQL==5OY)ahpGXIJgaS=9cbXgNWb)@0ny>aLd7cKJl7)tj<2% zc*O|V0{o?Shg>WZXsug2$prUTlD-`WJgufmOSer7@8FNqhwBoun0?3LlcWw)y*# zX|AMO?$$hEod(Aog+Y2ON(u^!z--`Ih>0Of+tG#uFZT452y~hS=pgNCUNb)4oENv3 zcI!wd;bTOh6YzoQN=gJEP6?mH(a6m&7-G9EY|Lb4-k2~`J^MP+g&{afz95JUi z;$pe)6kL@X8IY_TF>mrbmp+%2*bQE==smpLhfQgB>}^mL_j6mm04GZC*>l+J zUwJ@JU0R$kYwXmJMjjb~20$hD8NI6uod@f8D>aDp*pr2aPe?w_onc3QI1YPQ`U2i6TrKf^g;eSWo zcS~#7AU3&F+|+I_Ahyq^rhcDtsocJS!BD=~D!^b?SDMP(ZE?ZDeKr(g@Sff}GSsT+ zfsx4VC1C2fDjQMhyS#Cfr3(6C>SA5%Gh_E=;+x$x|J2*e&oV7-{3(0+$DNi5ckKu_Wi&(0NYwHeKTM;|d~g1+!)$#_cI*-ucuWM(&CSdfP^ zYfR-wocyfHd}72g#`Fnqm(H=B!MKkWZg@+V!YC^8YOm-p{;k>-W!91#QvvN z9rB{~hC}b{6#*7a%x9#WNWOAo=L0n1ElI43jhWStmAF>FkYyBL@)paGvPF~Z^Nbdq zsbA^MwG%>rPG?>flma*QH_|T8Wipxkd3gJuHqTdY6sV1Ik3=~Kohs)Onk=v?Z7Die zc4>AS7X5ZP^zLw>bgjj*GpFm#u)}KM`yY9gr7e;Anvcn@sbT6rVJM6|g=jEXm}>1- z&g-%=;OF1pj6?vl0J019A!#eJr2ZB#kcxSgYB!AMZGN6jqasO-EtNTPQ}Zy*eF==5 zQCitgaE`x$b}+d=@O*FNpwhs`QES)AHJbf@Kc@aa9R&}6z0VE2-=O+}$B)=*u1<2v z^)qJr=jP0Oba^R*!Jn@a|BPFw3W({j$I6$U1~?=8-v(1tkL z<_s^*9eNa^kz`l4ro5LtWPlL4Dd(lPzIy+VamIF#=`!;b7kd&}YL00;l-{##E3#oL zWD(R#G+xs5VfM1e__8#;>-ZNgXK-oL>LXoGV2}afLF4znwRTvq*J1zk>j zLh(F()ZbH%w|$;Z<8*0^tB5PBI#WHSJz>^Nn&2+({~)Mvx}@r`1S~zql=h9w{q-pB zzW<`|2!>B@c8cPrUoHO&2=aHvE{-xT5^Uz*YikCZz3EX>73I)h$BhJCZJ zAFVB}Ema7FP7Y`XqD=a>1aQ7EWJ0_P4ZHf^<9~l*3x_3l6{3dX<(BvmVHY{*eQS>4DMm-9;Z%_*FGBkAI`DIO`y^p=;zv6)!TthYv_UrigdWAY8b z(RvELX{h_?rq83LvKae#%Im^AL}mBr=N$59R&MFz@eA4ByAt!HAtOp{Vt%FVw7*gp zy`UkBFN~tLE-bMsFu8U0%Q{WG?Mx4?jBS74mPnn!8D(6ExX5l0HY11AL4uWgTYsG{ zj&mosqP9!wCf09QWyrO&-N_QLxVe!7Riq%xNol8@-ol4q?Yi`UrfJr(hJ=d-9B(w5 z9+vf$+gI;Hkrxn&7w_@ErCCLGP#3dsoO!heVIK{2Xg^{;x#eSQM-g);1f9q|24Rye ziS(dBwOi(Ns9u{G-mfvP75wqZ#z>Z(b$_EgZS0ati-Jh+Bq%<@-_-BT5WZ)_aznDN zyX3U0qfVg}CbXjOgRAt^+p|}KQ|fH%7cCSnEtTPf_azTXq(e? zCbMCSe)_FttD4I=Twp*LC-we|!pzATu09fvku<2wKczy!6q5`?qH9u&X0_)=P4=!b z3o>8`=^i>hHs2bS{a$97Z)KaYcSUR9L375K#TpSz!7D^~m1kz&=DVCOA!A+MTx+J| z>V;dhMoA#l5pJ@|t}Ib)U)+eQqJf_k_=09xCFiMej4Ch5qNp?j>Gv)b4jyF^FZHR` z!4I*m(Xbu?isW74Bb;CuApexoKZ#MQFM49R@Ge0-V$#Hg&Nb8P@u+SD^e_k{Xr; zGlRaC0XfQvRbS$Y>%Ew9rKJJq7KSO~87`&* zcVTMsU>Y9Rj~{G{uaJpwHkuKFDIN>(DLUj5B|sED>?@8AHF-|Ac9?FCpQ$>7lJE%< zKD}IVyuj@Ot4GdwzjJR@Y0}Dfer0OZC|vdxqv7m_iyZQwUs78(ec6U{`?KrIG>0_m zXw84b#NF)dMCEjPeutm8IiM2kJ>*2?I;{xR;qFI)wDzu@#qdRuda4d*O_Y30A}H>C z%$v4Q8w1;dKYrNC%u@Aj@T*smwD9;l(DmlMRD#-Q;Om1RkL0u!>%v|bthN6t#j4@3 zNDJSf^WKy*-B@qcGuC@`V^1A4zf+C(X21IB*8RJJ6Xk`i{YIVS`>T&cpx@rx6`p#F-G5_6UlMM-Tk6LK&K>DBDW{ycF%h&SHMJJ& ztzM-Z{v=rXgk1Sqp|r`IZaJW(Iy6_f&W#kG5uyo&OeE~nFQ`lHhDdzY@HQoN+y}$38MK2-K?D>w zEQ4>W@g&6BxKLoG)pHJ~TI*H3>4HY{84dO=j`ubx}RS@vz6_AY;sKtPNb9iqP=k zLu#`s*7FuzFt$EQIX8<8ekoTxe?{0&$v^6Zi^%9z5^5vMv+8Au$onCawT{H-!cZ$u z{Qhd0rxf?rIor{VO3BY+*ryhB)Oa+szf9v(6Em>5JzJacE3wC&VF(Tmkx^PqM0K38 z(fDQ)b%g{Ai?!xLZ#m1lPt1^s*8R#JgrgeRVVDWpgeE2X_aw3`sB<7j< z9S-P!pMT|4klUB7Q>4Pm6JMjNQQ8Y8cMs(W1M5*K(c~`zOLh-}h&|uZw@jbK`&Y`* zn24dcXdy+K;@Kn+6)^FIQqES|FnxsnVZ~Z*Tk>CDcO-m?Td-J%Ct39_&xmE=ikBcM z-p%P-7b{k0L9fGzv{r(c8m9wCXMW8Bo%2VFri08~FuBS0Zx;pTICW<-Vy> z1Kyye8u!T6+T6EG_fTnxT+I*?2|w134nHR|d+ozyC7YWnta`*4q}B!vkvXKNhV~JQ zBhfxZEK!FERrlCJp@R^};I2`V=f^U!!`JXvCa$6sNp+Uok4W%m=Uj{t&MLKRX$UEn z!8+%&OgIM8k9M5a$%6+uWlrPGekJ=@_(+Lnwg&qu2C6nX9S6KWs}6GBw%!;l+s0F3 z@%(BM2)wO>7+t1Ha|9+sufKK;R^gg+ebvMd-qBIgKFKHhXDGKZvJ z*Rw7SC(CXX3f8Z2|4NzTa+=C&lcuDc7Q3hgo7&MK?Zoh~`P`s>dC;M}blx3;a3tWp zOHK57lhyGUkfzBYC7U$3H4$aJVa)K(skcynA+0a;7Z zz&qN8<@6^IR0{-dDx_$znjyJAEetiMqI4mWZir@THX6O77Y!BM?rT)s|XYSVwZ*;PcZ1= z>0##buo80q1(ZGy?R2Mhw_{^b924d_4TE90)BjTc*;&HB(+b7W_u1z8WK+H3aHoVq2K zUZH0xzAn9;#`7&OvfCiJw|rVWJit-hu%-iiy@O! zQf3WS|1vQgIdn^u1mhu*Zxtm)SAZAb{km}X4ePjz0KO`?U#f{U#aJs z2~Dm_jm+d+xPwwe)jTnF)!7J|hiF1A?{lYS-MI!z;UvUvyKL)RlW;5Fn=TG;c$ubj zi+C}W{PAxMWTfVDgUzZxnU%U7HUU*3{ z-qyT*wh+|t>JK$)n>Qq3+kIrWil1~V3JH>qC&OG*HU$M^H1H$5W``G|**YL|;RsZ4 zH}F3KOt5o@xQ|6a!9`Cz%rDTwlO{?3{?QzO#o(W*!>gEK>>@tSB@*(NNeFfp+uOay z)r-F{!i-cf@|0gW=hzd%#rRG6t6~8LPtv8mw!F8Rwq8EwX>dz-Cy>NH@-oYvt}s;n z%K1B|*_BNP|Es{U0${1|stKa&1LGkjqN)zW+Di(@4_5+O-ead-c#bW1P8AL z<~9)v8=oVx8yTP!-ru}T5^?9Z7>kZ<_s;T-mP&mv8hN??#iOVFdc1ejh#M2pt!GSN zh^Ded!DOynbJql;Go*jT#N`Y%M9$XtO~IO)m1N!6`2j=WsGeWqlvk|k$T Date: Thu, 5 Nov 2020 09:40:01 -0800 Subject: [PATCH 17/26] updated text --- windows/security/threat-protection/TOC.md | 2 +- .../tvm-zero-day-vulnerabilities.md | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 952895dc9c..1d2ce21e5e 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -64,8 +64,8 @@ ##### [Address security recommendations](microsoft-defender-atp/tvm-security-recommendation.md) ##### [Remediate vulnerabilities](microsoft-defender-atp/tvm-remediation.md) ##### [Exceptions for security recommendations](microsoft-defender-atp/tvm-exception.md) -##### [Mitigate zero-day vulnerabilities](microsoft-defender-atp/tvm-zero-day-vulnerabilities.md) ##### [Plan for end-of-support software](microsoft-defender-atp/tvm-end-of-support-software.md) +##### [Mitigate zero-day vulnerabilities](microsoft-defender-atp/tvm-zero-day-vulnerabilities.md) #### [Understand vulnerabilities on your devices]() ##### [Software inventory](microsoft-defender-atp/tvm-software-inventory.md) ##### [Vulnerabilities in my organization](microsoft-defender-atp/tvm-weaknesses.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md index 5d45968b5f..f85a44aca7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md @@ -32,6 +32,8 @@ ms.topic: article A zero-day vulnerability is a publicly disclosed vulnerability for which no official patches or security updates have been released. Zero-day vulnerabilities often have high severity levels and are actively exploited. +Threat and vulnerability management will only display zero-day vulnerabilities it has information about. + ## Find information about zero-day vulnerabilities Once a zero-day vulnerability has been found, information about it will be conveyed through the following experiences in the Microsoft Defender Security Center. @@ -62,7 +64,11 @@ When there is an application with associated zero-day vulnerability and addition ## Addressing the zero-day vulnerability -Go to the security recommendation page +Go to the security recommendation page and select the zero-day vulnerability. A flyout will open with information about the zero-day and other vulnerabilities for that software. + +There will be a link to mitigation options and workarounds if they are available. Workarounds may help reduce the risk posed by this zero-day vulnerability until a patch or security update can be deployed. + +Open remediation options and choose the attention type. ![Zero day example flyout example of Windows Server 2016 in the security recommendations page.](images/tvm-zero-day-software-flyout-400.png) From ceccb12b89648c766df7776cb316b9b520df313f Mon Sep 17 00:00:00 2001 From: Jaime Ondrusek Date: Thu, 5 Nov 2020 11:04:51 -0700 Subject: [PATCH 18/26] Update waas-delivery-optimization-reference.md Tiny tweaks. --- .../deployment/update/waas-delivery-optimization-reference.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/deployment/update/waas-delivery-optimization-reference.md b/windows/deployment/update/waas-delivery-optimization-reference.md index 29f8b473d8..3d5b5c1e2c 100644 --- a/windows/deployment/update/waas-delivery-optimization-reference.md +++ b/windows/deployment/update/waas-delivery-optimization-reference.md @@ -247,9 +247,9 @@ This policy allows you to specify how your client(s) can discover Delivery Optim - 1 = DHCP Option 235. - 2 = DHCP Option 235 Force. -with either option, the client will query DHCP Option ID 235 and use the returned value as the Cache Server Hostname. Option 2 overrides the Cache Server Hostname policy, if set. +With either option, the client will query DHCP Option ID 235 and use the returned value as the Cache Server Hostname. Option 2 overrides the Cache Server Hostname policy, if set. -Set this policy to designate one or more Delivery Optimization in Network Cache servers through a custom DHCP Option. Specify the custom DHCP option on your server as text type. You can add one or more value either fully qualified domain names (FQDN) or IP addresses. To add multiple values, separate each FQDN or IP address by commas. +Set this policy to designate one or more Delivery Optimization in Network Cache servers through a custom DHCP Option. Specify the custom DHCP option on your server as *text* type. You can add one or more values as either fully qualified domain names (FQDN) or IP addresses. To add multiple values, separate each FQDN or IP address with commas. > [!NOTE] > If you format the DHCP Option ID incorrectly, the client will fall back to the Cache Server Hostname policy value if that value has been set. From 533c2a023c9a21a866e49ba792319511d3cf92b7 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Thu, 5 Nov 2020 10:21:03 -0800 Subject: [PATCH 19/26] Update controlled-folders.md --- .../microsoft-defender-atp/controlled-folders.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md index bed8a2a98f..a6b6b5a359 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md +++ b/windows/security/threat-protection/microsoft-defender-atp/controlled-folders.md @@ -11,7 +11,7 @@ ms.localizationpriority: medium author: denisebmsft ms.author: deniseb audience: ITPro -ms.date: 08/25/2020 +ms.date: 11/05/2020 ms.reviewer: v-maave manager: dansimp ms.custom: asr From fabec0fa50a7e2d592975857879a73d32b4afcb0 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Thu, 5 Nov 2020 10:27:11 -0800 Subject: [PATCH 20/26] image updates and text --- .../images/tvm-zero-day-patch.jpg | Bin 0 -> 7672 bytes .../tvm-zero-day-top-vulnerable-software.png | Bin 0 -> 23435 bytes .../tvm-zero-day-vulnerabilities.md | 14 +++++++++++--- 3 files changed, 11 insertions(+), 3 deletions(-) create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-patch.jpg create mode 100644 windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-top-vulnerable-software.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-patch.jpg b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-patch.jpg new file mode 100644 index 0000000000000000000000000000000000000000..e0fa906808ae25466e122dd4f484f15a01338090 GIT binary patch literal 7672 zcmeHqbyQUC+wKfQry$)aE!`~*0+P}p9U~z%2qK_>lz<3Is&ow9Fd$vhFu>45BSWVk z9DHBj-#N$M`Qv=wTHin4InREcwf5R~JlAz!_ugwiH`6yufIAv0>M8&r5D2ioy#P0} z07U=@4ei&w9q6|c0~-Sa9UTJ~3kwq)9~U1V4;K%QfRN-40UFfEXL_5RDQ9WCoxS13|>Vn@#`& z006|eMf(fz?*T-+#fXW8jf0DK>ritCfCdDC(9l7@P~Un7-P!@@#26$@0t%RSb#1Vi zJxK*a57cU^1-|Yesqhl}$V3H{4V%d1!WflyVJvi0DOsB4-8td+ZT(N z)fH`ZOB$qWepEexOW}*iU46=8o@spii7+*419jz`-{YBQ?4m!rl{$HB`NVllyW|4I zLmEd(WO+OMc-esZj5=#I*5mqkSS?4hBR;9}uKO}+d ze04cAfVE!tG-%P!FYh_7wfFI3PQL^Fc5*pe3VOD&Ww8VtRM`Bdqim)~`;B;CIoTpr z)4)YiX*PGlEa4W`F=X_kw?j3Kjq>-jU)XOXv{9WPUrI)Cr@uw=g*&`e_dl7XqA$SUIO>^-f--cy#T?9ESj>NOTvu6Xr}+lHg{x$>i}q}>4oY_)%S73enxUJB zz?Ir3wlg&rmQ>fijDoIz^c$oVloTozXS}eB@y&CVqq^cQc4D`(u>QAN3BmG#lop?0NNGQ*XdKKQN;-PIxb6lYYj50Reqzky)X;v zjIY$_yrjDF82{xfEdojt0R`|{pEoHtOjS!2b4&HQIeY*g-3OCzGv^mIKa{s;k+w71 zUH-00Kk@RQH`viakk0*KiQ6U7Zj7l2>0~W_TzS3dD!gNqQg8{Y3bRPU_sY zV1CB4U@vo}hIy|XhSIrf@%6WO=Q@wVx~Bs2KE z3=sW}%WNR$1h1Q8)p)Z;a&5U~tg2@0@${PLGja!TXZexAo;48Bk9|>JrgafifN1vM zGJxo5=3fyVf(E^B0AaPsygct*h z`URZGV{BDP*5BZ&(C_q<#E#ipIP9*=4_y9F*0y9i3w80$!)z_*c=;CR#oAM*>kAOn zdb0YHmI{-w;yKt?Y`?PPw)EIV{w2DGV!VAj=hGi1V<)whtz#u%H&iKWmAbw+AB($F zA21qHLc|!>D^aF*i?;m-ZV=DcgW}+qXflc&?}m{QPf^DZg7z-9R8AqPwfC8Vl-PA2 zeajJEES4%?mH+ff5XFIz@o*UH04V`Mqim4@o#N|iHFZwjY^%Ob#Lj@AKCw=qH zanZgU<8u0dL)HU=+tMs#>}?AAcn$~h2UuGka5~o1L(Y5TcQ@8HVa4ONmtm~|vgR8x zWBZa%3TwZba*7d|-cEU5(tq0Szt0UR5NjHF1ISdrz?JQxxH{D7HH_jwYyG!pt^#zJ zPG}4jT{i&fcZZ}waeNo6S@DHo4&mVX6=5LJ9{~paodvAcY*tK0)B9MQ zCX%Y#2~F+~TmD7P3a*yax6|RVm&}*6R!4nuOsfB2N|uoR>fgnp9^NhV9d(Q5Z|vDS zp25ScSFeq~yyX7lk;WLH z8d3Sn4+2>0jJ9hcb6bt^6UX0OyB;JAlk^wO%iCjN9YN_h3%FvRmpN`)7wh}bvHo0Z zWWQwnr4iR}o(9qEpfwrilZ1wU??%oLtKUj7{9QG!E*82XZ6WzPznkzMA=Nj$R~Ssa zYS)GYS6OUU<6(6A4Pcn!jNY0WZ|Ne017KDwCC-d?Z-ym{p8hCxgvpzYkvG(cM#WH=|Gcu;BKLjDj*!) zI+RFPJ?4OjBv83wJkYSn$|(T;@sws>@!^=!^+62WuR>lvB7XgKC5k2Q zXJ=i*vL($qtk`V31u(+1huQ^~mF(=?SAzGCDN9X5kcv#{Y8$)h*tPN6=3*eC+uoy+ zcF*ULRbKko71do1m&)re#s7&g|uIUhk=KxBEGs z=)U=n4zrUO?K|on-Yt4~AuHb8ol$l27z5n-%e%CbGk zl*q@O?KmeEgx0C)KcrLH<3}yt^3q1v2J@p-IA}}T(Zr?R(Eb?P3<&hAnlH_8seATb zaE=F;^__G7uAAKoh-xb;_>?!|^xZatP3`6Lo;8uF#1?0r-Q;eyCC_yI86Z;9s+;$@ z{`d}0-c+>(pKb#znI^+@d(d=f-0gwV8(eeJ5B2P>7t!st24Vx|`H{`a$W~Gdmltf& z7S&^=)i(fKw!sf^qw`D&rFl`Bk+VaOjFeyT^W@_`&cu;ZW5C^9oB`(%Fn3%^q(Q1K zxgcy+=}Fx}ndim9Gp9QxQ1D&Mw|&;Olma&ZkApLawDu0}bzxU>E1FOZ ziKUT^sO{_B#ntfVkUL%6DEyA67RFwlae2*)sx5Hvy>}g^uThh0sB}MB{`yP1Z<>lC zO_WRGECQ^D>hufZF^|XOW@@u+E-7Z1E-4i#>kfNTs=Y1hyJZSdj-cK{VdCnzOfw-y zwv@}9Gulj0|VJ@wcKPNq%ldK4p$H>5h|YU4(M zhPWdLjSVYWasCm5A7E`D`hz~r+0#>+I;ccwPDpr66|Go9N3Rn<(L*RpL#-)OhM}9l z^?_Lxq|oV_t-J~rK67HhHJ9T>wfqd<8poXb%_|peByO)bX2IY=T9?F!VJiQ%#aJ<{H-t4+fMa$wzNrH+covBUYaCDwT8-`wVFN=mx~%xFTJ9hbVt>=4v<|BUAoLW z@4&~@(A+@@Fw#{LOqz;a?(l<}RV`$!-mckMbf@o~E!B?lpxpR|go^vUZS>Y&8Z8Q6 zX;+{@ARbO>Fl}Td3%+1EI`J-7Gr}T$%JLhT#3p^A+XrD6ZxYUn;%W9x<2C2;MJg=hBi@G#QqCka! z<&gGt`t94pJXl&P*ZI3|GQuLG(PDLuM|AVclV=&{3}X6I6XO;g&|$H2K1i zv%Rz9{VYM)T6bFDS+XDgXgEpdjwYJCgko<`;Ccfu!%BYSNij;LyZuP3>FECLzj*ng zmK`y=m>3b2thpbd87`3K8#sMe!SW<;i(FEspmux*y2Bg7!&LLeR$fQHMxKlyE5dtF zDtJbCK*~x`N8~EaTWdIdSDZHeC{=Qfz9-6+fvi~xVGmF6D|HHxIVmxXPcy8qwGZE) z?X@ND41Z+ni%)qqq#}-0vvUk#3qFD!fH1e-)Ru~w2 z26|`>6KtPW;*cYl7^T9{sfGm7e*zdZN?ZAkNX|^%4me&gy1;J$AfxqbxXztnhKTHz zcjitjW_WKzIR$F_zNH~cZhOki*Hvm<&3Dv&73;7=QRKMw^`2=@LsjImihG5G1lb!&J zmxprnf!3}28=WX3rSgW*=O$&mZhK(MNk8^X?I{wf_f;`>$k{Ei9rXM+pf4o-6XkG* zi)-_j2er4gs8@6^>C*Lxc4nCELBmpg9JA$Kq@jdjgs$^Xg=HkSf4b+6Lvvb`5h*%o z9}NO9S(qDoWyv>cuinPb0fpYm$|G~#6zMxk!8>5^J8Mlt>C3sQE*1EBcZZ&_Hc2pc>sZ!stfCFuk0nOQyh zd}M8Om?bgSKr0IAUH_<>q<$dP#fwzQFw?9XWu7cKo*G{dxgJsOYE&~GY;{R;+$s+R zZo0B79(3m;WmFYl%@e%&lPI6niewt>_O?^Va(vQb6FZZL-3}}%W3Yts5K*H@I)3K| z7Pb!(Y*;*!Vp9thQ*DjPu#?=b+BAY}Q|ZL^+V5-Ktnq*$U60&I$~gtbyWchVbVZ(R z?45JSgO&^%=z?odH-KXt*TrLHP#XebNpmU7a-qVFhumnVqgc^-t>1yTXnw0>mehbb zWW{^NVJ*RUa752tIqr5>ry_I`cxdzHiPl`=Cu_&UGHw4zO&pCFznGls%ix674m|M{ z7kEksM_16)4M6DY6-$}b`E&Jizg)`&3(MT^T?NMGy{pyz;Q8D--)rU)Kl~H@>p_?E z;1$bO(M*w8Z8)~~d;USM!1^;Y*4IfruQI0NyJQ^#@YFu2 zDMkprP9h0WS&t2oE_-;X(MIdGlfWgE@y$@4$1^5NKg3Y3T)49)b;f&E!BxsV8HnbV zP&FCOuLG|#bS@NK&K7>pRZ3gr8#F97`hv+n%&2)Bwa4cTL$j}ogD^EIC!7!reZS18 zL_K;C))pT+jT)qSA><-Pt<_{aoTph(8(ufwsbGWAS0Bz8M^>4A7JHcKCDU*cydxv` z^Ue*x5pe_foOK*L$G00ix3YG{IqH-e)YLy}Y^F3$GA8)oQv)lB87Na;`iFk3i(ga7 z{a7=Thld23mQ$!JRgCliSVm0pHB((RtWi_1(3^hv+eJtU-VrS@(|>QOY+ol<#ERrQ z$&9%wy4*}fHFZjIel%>A>z)o?x%*xRukYgkFzlOKrD+$3<71|5{bV|tgb8cwOWe=P zt@v%rv#zgV*XuLa9Ws&YYhju~@tEt3z_SMhUjYD2PK|0>Svpe?<-`h z0hXJ&~BgnYGDklfmH`>`COSXs}G);)hjw z2fFaKn92>0Ub>%(2K#wwMbq0xhbBE#6U_dOsg#p!)&tcU(?gyMS@z2?$sSFxq>Sw1 zj$4!6tM(?=uOJ?QaCVTyF;u38-YQIwO}jWT5aHsl8E8Cl#k9`MgGWl@1t~0A875qioYIEq@plT>3}_ab!zxDNem@go?N>P-%6uI&@H`(#EYsS z1p9>&akebG*dvbnvctv3c@{XdH%Fl(uh>HkY{QNVp9-7d<<{Swp8a+otz^NDYr)#8 zk%lE+$}v|gGB=2+_2LJWDuId9wp+@Jh5S_iGDCQ?;(lB|#34d$g3qBQYQqI5Az?$w zT2xKkx+6O?#}THQdwyvUW@_f$JWf#JH}0G@T}({j!Q*tE@u5Ln3IyhUSt|P^;77V- zPz|iacXYNpc{HSwOrF@o|Ldl}LyP;9K3FjFc;4CkRL|`} zSj)MkD|47lRg=79O7t@E(J z^<9QHfLFF^u1?S!Kqb$M;ky)Zd{y^4Z6`uvKzmAD<5~-16MET(U0y>&@b724kmgom zX+;*TmK%WP*rzPh`Y~iyj6qi?i1y?IvvbRsj;B1=b0J5E{kVU zz#Qi5pB6=Ri>~AeAo2{YQBKqK$49PFlNLhS7ka*I|yBRUbn zc{Q5)xh6CQ*57gJw4yr1nLJ;r=xi8313BGYkrE<-gSu6`)!r}<@yQhDd|(v#lNh7IliR(|7ie{|IgP( M`JXP~0Nu>|51_T&9smFU literal 0 HcmV?d00001 diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-top-vulnerable-software.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-top-vulnerable-software.png new file mode 100644 index 0000000000000000000000000000000000000000..0b3b30e812cd71bbf8996c94a810a488d2c288ce GIT binary patch literal 23435 zcmd43byOVTmiCJz5S)bI7J|FGOK{iV?(S|uLy+L^?(Xh{#$6kNd!voR*POHFu9^GI zH#6t1d)K;u^eVbuy812Zt-YVUe^2pKQCB1V(d19wVs!sk0=J7BpChc4=-^ZXps*j!S6^RZ$DD@mZ;e+Fyagc7vGBUkbG4% z6~GwUpKT>29o7i{C9HZ*#(9jr){C+GSG_f6zTF9DHM8{7)^Q0-HUe7L)^keTjxQoz z=oBF9y8?Ku|H(oF)mUL^r1cdSd{1xiw>cgAcZna*3s}_T#j)BRT(ME_C>+;h{KB=} z?LoN{J#;>soV`~iOgI*gZo6ywZC*tx>q0@Tv1w^h`g!$=e|x`sw=~8@r0dL0@DNw< zOiE$Z+B}icUnh>z-<`9lH2)vF?Yj0Ww~zL>?LDy?elL_2$MGQn)vY%#n)#86u{~(C zmwa{~n)!!)c(3?)pHU|>-_v7@nF=2RK1{2bq{xSdJJ-JqYDj9<1utu%nM~PWF}5b= zVJ~i@YWblRTHEh}|5#NY*89J^j`%?iv^A``Rrz%LLuJwKAwT^hsK+OaCyD2x|0!$-Ileen*)L@hCdqjf zkvc7X7fA;y-#&*{Vx~;bJJh$H#neMyhpW;x^GDcWLN02z<fh4K9q(HVz5(SM)wm4@&2zBt@nSc>phpX{gMWMWbtKwYdK$K` zz>m;F5ftqAyW~P6zKvPK56%0JX!{;V{Pz5X6KFiBUC(z-rG)q!90|6eX+?neHd}oy zpJ6TwEyeW@lGPh5U8i?5B?+R6>(j}tNkqDM#~Xe#)g3_#2;8#R9zLte-HmNnc@trk z)ot6K$y%a4`LZ^1dDrV6_z1MKPg|WI2-~`o!cGzlJ9+sg&ulFHnuf8e&Jd?jRtO{e z))_CdiMH|zY$|t|AFu@f|2A@d$e0x+&U^S>VE zGWhgjzvlRc&}=B~Vmcr{pV{KnO<8Vq;^jKlWOTCdQvdJot8~Ry!s~YM1 z5zm%N&YomSZ$v@s6U{Cr%P>5ey{~#b;ljiXaaP(r7clH4ny`q^6iJ%6n zNWB4B-Q89}Y<5kZ&6$y_THbq8{`!@B7XyY?EislPVHfKJ0%9Y+(VeFPTrMqxBws%e zQCOuXjmk)=+{f`gT@`p6$zteexU4wZJco{poD{R4mTpA0Fk5g}3)kOIubuKS*W1QK z;nPi?pM6T$9gZ>XySq(oa%854-fiEnt`3&X*4z4_ad&8eZ@saw@lkrKIDNx-d+&Cs z#S?LtwX1(DdsSqOwQOfx@NBp0bE^g!Lj`(_n?zjT^5lsbhxd2p7gP$m3;&MBK?&U$ z-4@kQqZGcV1aeUQer|0fe{B>!otY#2#C{U-{;3WgDfxEcI^7A_dX-2$GFwJz)CjnK z6X{f2HD=xywBEUKJ|xhPo{2`SpP0f#l+vD*i56m?gF`o2Gn<#Ln5y788b!Atko|o! zdjU8csz=yF5KW$2q7;<`z)28-Pd=1V>zfqu7u#9@{HBx?Cvs)Eol+LG>Pe<^v z_i2|)t7k!t&OupY+8@uT`xWE%F3S^6`D#^f+0wN3J3`ka5!ngANirqdtD{WJr{x>; zR`x`+i;w&_E&GSO9zO=@z~H#s^UF^nM8jp~S-GR2EB^~rEae8^I0C-^HGUoM1TP@l zaO1#I_L>))mU<%qdHQGgK@ZdVcdRolr0snc!%B`*b-zZ(=GXipq0zX;fo`s71g%?A zQ)W=pj1#?=1Hrf8?|xG@h#VqdS<}0T<_&WnYHth9a$Jc$kBx6skd-&;4>xXh5vN?_ z-Rw_X&dE?@W@hYX>_LL=C%V=!@sns;p=awGk6$t@2`S<(48NnRewx!)No&hN!VZKEfbqH8c_>n6PxXh{R&P|6YJTz{(0bU7>*vemEgI7WOqjdK zXmlwkjj{nzQsMAp#%k^bqV;-?#@j%cD0p!G9Wkl?bCp}SNXTUv5?li~MNQq0lw!p< z=N@g_n4dJyLNt6qtgYHVGSclS&s&OKt~X1ihJ1<@>C zinY$sI(oK`WEHh1SPC9qc0Gkx9B4^#pR8dXihY>wB*SrqZnh1)#1M8~th=&ir=t!= z*Ue8q!$p9I6ASg!yADYMeg8IId#3Fm*y=i$FIaXx!3}mp*a-o5kepc3;;Iu@8=p zNUN-)9+sTE?x$w#A$}muRtuCgIbllu3ap8&;`XgApa2|z_4HxTSs!n>u4YgJQ>SZ4 zVD7ow>a=NBA8$VhJvoH~d3Mlw`%6NWgn|8^)u0)MVDIm_4BOW8k42St)+MKpdylr} zyWgB&&O1P+^(n+Ev4=-}CH&+4GOh?Z4ytrUJ`N zH%Bh|zfsoAEZX=4J0+eg0E@HUFiq9GZn<8oz&gd|T>sX*+t9EauU!8&&Dq#U@+o5U452iWMw1O^*hetEjnBH+j!Wn+E`u>!@CK&678H+e zU#RjIJ{@OXf#b89qiJ6k_vX9#H{!ds)01{I&)qs-7hJCR+p|^oH9Rke$*E^!x_331 zUg={twBFA@bOrcipnV6VSEtliH4;sUsvIp|)`sYB63&21`8EPmy)^#&SO?ya}` zuY*O2F=C33s0-w*{4V5>zJo!Yh>6+Yvra5hfgY31`n!RSqF+568Bud%nLmXTJd6)E=LkeS`>lLP3Y+gk;Tli-T?b-5 z&>`V?YxA)W_ZXxi$*el)E9)0o6PrKWIm+S)Cg+KU^#f<6?TMwMA#G2CN-d0SO~OjVW|=d4^tSXT=!ZK|weJS+j@z9gEnq^oyvUuCmspu08FEjZ zthvG$((92~FI@(DQS(8v`x=hVG-7P@)b3Ipze4vU+o|6YBwOjl7Z%(WZf>4cN13ih z+j`+sx6eJYQZ8J1jI(X&U%v-ARSG*A;cGWs-X^_2xwl5S5Eb&wY?;}d4(+sxrZUBA ztIFxH)8W<2Y?b)#heMtSkw+S^H@SeEy-wTYIZ*-;ow7bS(#rRIe+Th3ZJ3$BO&*Pl z+t$<8#wW8I?XlEB1}CDLb0z$wr@-MQV!9&n^@VNFdyx5ws5Oa!ekNQ#Oi3^DG9%xJ~krB55r zUv9eItF$~%t>x&+masLo+Q5eZ&AtSgB3v*YfrMK%yRVr9y(~ED{Xe8yoy&6K?!)-#Wv$IXJyJzuu#KY1(7^Y`14wWRh?U~`>;~y@Q#z{fa#f9tiNnl9{mHwn8lDM3lT&!#| zx=46+Y*7(KT6%h-K|!bI+V+LyTV`?WWn*Xmd*Sf}!u8}MvNwS2B56yW6; zV0mA}Dx?NY5&!c?8Am~V;c0`|dKiciUOQ7u?{q9Vsko_7We$vNtSprme@?T?1$qfDK@MkE1k@6`o zgplu@GWazWir%P@d4G;?tiu9Cd~%9c(!O6N+brmbga0M%z(w%cOz5Ix6KWHv6iUci z8c!!X4i(Y#z;J#Q(b*Xq_swiWTJ3!SeWNkhZdE>O(0{cw#_F&>{x(fT7v9NM%P-;& zBCDzgIQxS9%-W}=)Vmh? zZOE&?U7X^3^|Ye#9qee~Dr5_HeP~SG0=;}h!U5u{$G=>%+%8y=*i|8UmE6Z6JX-NFlQ;>3a#NgY0F^?+hfUv+W#akbXRezBMqSRkHBGdP< zRi|uuQbe#KQZqLhxBqEPsHl1O{#(?ir-ZCUV_qjom7sP*Wg4?fDs5D^u^oAq09qG; zb^OtlY<-eoMOUvB2Ez!<=OE}VL*|V_g?5R*ghx`U+UuC635&T%csCYHiPnuV-fRQ0%!0juiE$)iaJBR`|)tZ6ElS9SKRltgn2MMjP`Mw9-PP zKH@RuoeQkv!EXW!&`m1?G3sGMS=%EX3?!Xss9|##c8~Fyr$o%)mS|6a_XxVN3M9cF zrtY(pj5x@D=@g8!dU`W0sG%0lSLlsVkM^k+i~}g34Hk@dl8WxpZUgX4=7@yqa5pju zV3Xi0cE$mu<2!j%v2soH*vW(bA4a!yfq&WxM->g8gdpvYFC~x_P+h0YH<{dY?#U8w z4LKGkdjN+?61;S^aT2uR;xr1rmWHN9GLz>maZ|lAmmoAu*fNhSezeNybcPK$y&OeJ zi&)WH{b%k~>Wtc-k0L(wH|JCqc6LRzwXs+Gle5hVpsHoBM3#oREyc8!66(My>0D7; zF^JH{ez;uo^twIsH6$`XPyPaeMbWBOgv3IHTkxCo4#%?K&zCvC#)15-Q$>aY5$xey z2;z`v`BnZ$EMz=9-hd3!f86>nhIoi0CkT4LWrUoH+F-uP?(?@7&jjnsFLqV?qC0p0 zO*DHR?jZctzUU5wM*O+u5rnHx9a#JKju&3wD=z#tHd9D!Z=7!3C~{7|cq%7$%<&?l zeuX}Z5u|W?a56&<20pt0=56;D88ay#Ingi{=b$nWng?YPV!8c2(DO($-|`fjD+3O$ z^8Ftl*!M`*0dNyO)7fyhe$j)GraSCigKNB;7~a+t#GMa3wWU~Ni{-3os5KNk8v zA3D(lDHQk!&z%shNF@fmGrfrn1!B{iMt~=s8@ph6M|@v_+}f)aY_rZrfHP@9cZSSS zvgrFgN<$xoOPdO4}k?3Ys-}5nvt@h!bd`oANpBy51{%8%X!MNH$ zi$8zGx{?IdJ}ugd_YJ4FSj8otv~QP0rB4#mtPRX#PQ4D>$MHk!ym||kH;)^X9V3S- zQ5S5)2mI~9L!1DLoHfL@bd4C#PJEA6TOZt>)C%V{Gk(Eulg+5T^4jcx1>IGH{+P=b zqL`~7KhlDBCXnyi(_ZTK7aRc~J+ldvo>UerK}(Y%|FlEh*3d=TXoKnEa#|$)4f`6k7CE*9 z_J6`#tPs4Qd;e5&0L4fte9HTN=M*G29;iL?VvLMnOk})1xqk&;ANYLcLe#yFoSv;M zCpU{bfipf3DZg8*fqnJZ=udejOXtpz7HB$x_Pt|mutcwM%07V+AI|x_V>&6|W}oSD zK^6QR*!$FmIftE1d)S?t{cOct^)5UejFXDtC*JFv?d;6va}@}3d{NVFYpXgBLEnm7 z*afj#-F?b?bTdSRRm1%4%%%$@poIv=Ks)bjrDnLV0eZCqZnpw&5k~Q{NaIaIlG=M= zLPXm1@BedfIiAUejVNI3e)=&~-4)@&!hooxp(DJ}^{k~2iC+w#lI12PVPazvAX89w zUcQC|v#sN@i|gV!0{+3|=TIgJqLba?J8(j}mi|RO+TG)!@O7DBZ({BFJ$wB9o~!MW z;gu$8m-%)OWi%z3@p!d=OH*N)>{;nA|4_BkJtoU^Xpg{jH@1MQyW&1 zYu_Il{J{{$8Y^4wVNnLh2>Ou8y0#}SHdjCY%;uP=bcK*CSET|4$f;Qfj8}2$73~l! zA^(gq-%(t;IMN!uB{qq1CLW#$)xLO_NS^4h{$-*=Pds~|ocq!XWl;w{OoroPQr%6v z{z5J~sy^<*{?-B1sm@aL?V>sA(c(l*ouP**Ggc=ZHmv{Sxwn&@jdjk{-yTDm!V`A$ z^M+lHwOq~>4$9`bDjo#ug_zXj*uG6gz?^?iuc11N3S9kdA@a%OPij9vY1|?}G zGReTVZHvS9j7%p%R=ByE`%2dY;%7?zA*~S{*EB-P?%v-oe-}>Vs-IC&v$)1JiU|qE zbo;yIv-ie+qH%Q*S6Mh#!!H9qckwH7mQGrXJ)_pq+MHYK4u>7$9aDK4lQ0qr5;Ns< zHm9hcAM6B@Xk3*Jvis0r1q4zTC`aSN6jkP9@w@=DUxJuVHbhLHVaWzz*c>c;Nmd`^ zcS0ZN2^2CUX1bifJms}FM1z#XppeGh>z}W|G28x;g&=hz?^9{4SGJ#{uIV^@%%L-+ z8czM@+FYK;q+_^UF>2kwAH699JFC(4Ku7wGE!gOo$zC2U-x#rH3iZ>Bu?}2VuGaha z0x9Rl6d<1@wQLmAOPsp_%P*|fUnO2L6n1k~aUIGsNHqkY2#f$L`Pal?H0fh|)7}G` zCV!njx$bsfSntV>flkh|oB2L78>2r;VR^JfM8ahjguxm35?YhCPpw{Tf-Uw05*yyh z{IwSuZQ%AbUssvrTWiS?4#QV9az_Qem|8&xFo-KDk@@atwu2m!wFs$_5{ciJ26NJV zJf5ud=-bFVxHvbEQ^hlC&FR(Y(FQae1;Z_pSYwsZC7ogDdPLLKyAs;siji-&x+qns zlvKe7)8G9)Ij1ov<6iej@bGA;`8k8eaN}F}*QH-0I+4@U`cgjACe87-Jnk{C@pFdY z5BvYB_f~Lp19^72o;sqkt2sZFk%git81B_rR6UC$!=sgoS~^mXc{+R@2J-fyk2EUg{;b9b-Axoo^UDs;n*|CDTWrCfPBE|{FL(E`ox7I zlOJx8y{_8D{qAqmlH^)m%u5 z*2eSE7DHt6W?~huWhnc3t%d_1#F4Wlz4lH|X;2}F-ttcM z6Hk0o{BDJx8A|zLSI^N=I*$9gSP^@7f7v+iQr#ILp4}~Dhc!HL@pYzXh6z+Wyw3=w z2Ib6#2gdNiE3t7T`g(Jq=!6r;$|&sF`nCB?zx3AJ$iOh@gAusx;# zGAu6e`~ff8*epNL9KYBj#>2^(jCMz8cDm9wMJ0}=o8=qdm9@p4g1X1SUIDbYGYvs< z#6*VYbId+sh~v&7slXS6vot%*?imfc9uSNdF^yD@b9|30x81KOK*=Ud-xw2-c8nsil`C zt%m85t)eFe2vNQ-s+4s#>6gYBl}&5~7v*oe?h1WM*Ud zw1CyR9yC~fF2}ci3UGev+?;&6Iuh`4K11sRmvw+U0oe+uhRBagvmU&-&8{auiaJHM z>O8Zj$uT2ez;NF7UCG+K%v~#Z5Y6u6>(OognLi-+Vv#im#hn!Ob<*o0r7G7e6ZYXc z_mBW*2DC#v%>C(=U#dMG9T@9=KdV2<^5y8W66fUZS#UHz8fEVR3uUk52S@6b6TK>I z*KYuYA^%KCO-R0FPadCyzBye*6XAP+v>Udz-2ahtMReN!i^||X8@htaC*t=KV-*S~WhHOAJD=`DFhrlVyQ@v}FrfWz+%E|7>J8nvIb?97FHW~y9+aU#<` z2U7Du`a*m}XaTp7N)n>~uWO6UC$q%9eRCYd)VTW*`}XeoXdZx{0I^TJBZ2&mt~7qy z@q9TpYyOh{>lB=w8euipi7a51tG48(t_X8R9U zrs~&^So~EH42a^Hl{PLZcXYqs3AvxVmZhY#8X;80 zE#|kqmu+*K(c@W(~{78|6PN7ME;#aXsJ2eRv0WMgVoU&!yE>*dG;2m9z~5HBqn?b<5c3@ zr-o6fKyoy1agykJgaG{2(3KB`gK|-|=wYP7Qpwc6I(9jf)xRG^(;6mUN3QXX))-T` z$6^*L2PNGZ1?17mB4uy8`(-CCP=GT{@)&cZK*?JPW^|aAwqtqPn_&uIy7uhh*H85QtHc>qyr4hC0+S@a^5Q#Kf zG`KqZtfHv7J+Qq?3g5Vxv0r>$%2G~tuSB4`+VsIx{cAf9PcP%ZD080?R9PX!$**&) zo1P^qAFdam&mB?`-}M}PM$-PhlSzjg9=zl`i}rqgx92*n%pCdb$_EacDa6He z#lB6uMhv5f&dgIVS#2jY<@O6gNcX5=?)slil@t?&9=@`wCMfB_tJ)Ug)W}PnuUhr_ znDUc%yIm$7UuqkYsjQlPBRVeAk_^)K{QSFVF4|KG0W~bB51H392_{2$c%?6(#vy9SX|*KV96P5BPhyB#Qd!m-29Z7D@1+{R#;Bt+h z%fL1Z-Q6B$e>X+`E9+b|W+ONqiS;8-LkiclkClNZYwE~2KZ$YLAXgIJ&r)r43Un9D z)x8~QCUlrd{Rj(bD&w0(J_9tH=FTejg*|anM66h(Yi^KGZTam#rKAamAH$vsfSyVg zMXnkW><%%7HQtfBhRaJ8;PKB(ujB0+P}7UXFKm@oT{M+NiJ~-ce=QF=qpuM2HGteZ zrb}ekQl|w5ddvnCw~tx?F~Vq7+K7cZH7z5dx>&AfCtQ_8V1icfN#SnG4Sj6l#HQ&y z#wa5p(3d*lSAAw3p8f?k!CTd>~6RyltAG2v1*tVZki7Jrg-4X1((iNH?Wkwb;L z1`L&H5lXBkqz!HG#WZatpzSLc8eyph$>9X+zEZM2?6T{el$`6G3;beCkIUg`O~@7g z&6*3Lvx-V3c&yCYf!Nt_cyw;gBNDyNyjU?*EHN}9h{jw^fK^v9gws>*QU-}!4rgx~(me3Sa zorPF#P)BK~&6c6@V~S9do4oo?EY@Bw6eMft+siJt*w1=y+lFJ;G=AuYTI;%+aJL@l zC@GNRznC~MVVVh*oy%pe1Vs49kP*=TNIq3ug?Ht!A@qHa=7$0%*{1xZ^*21jEnRnx zbM}zml$N+NblQIoi)Y^}Fp-G{vfZKd0_U^+E^24A6Qh~{g!U^gc()0@+1 zqRsNf2k-i6c*hlz^WGcZaFsqP+f6m;X*2*09AkOJira-+qT6!m@2^>f5F8#tRTAk3 zLWC{p|IA_`o84lztHwG`ok?dLJ2;VtvFz`5JAvL^)mr&c8UNK|j$ZHMntJH~AG@T2WF0p}T={1M-R8!}csuB^7ZyY+jT zTc-LzFrmQlX|d``oUn|R2CNIq>jLD~EJme<1BYw1b1uYEX7Jv!W!`26y=uqYa5Qm_+$XMQ-#KmC({zl!H-Q2sTBO(o0yEim5GB08qljj)sgAkmtI)&U=m z?#Kyv0}0K+CtG+md}%VNgZ}zCS;*f8O;RHg&${%sR4YEKWW?gGIjh77183M|Wo|h0 z`Vq3>UVY1kt+S*EA6Vn9XNgWE&v~1^&Gy-f@ydJpnHuA+NPlYdD(v2*EQ(LpImw=M zd-tX<5Opc)o-Q%&A``uswaW@P54cMD$2@Zu-os8c6=y#kJN;zw$v>O@RF;Kuvpxm? zEXuAcigZ`9i_e4IYstz;^S3sqqtvuK5k(!5aMX7zhmUMVq!Td#-9-+;bz>wNcN?9Z zUNkBo)9u#jQ$6(<)xvztCd&s`KibRbE`q)nZ{gk(KKV)G3dB zgLN2ViTh^9tXJ>1E^C@U(y8uYL`3f)0+fw|!|CP8^8tLgPS1;>E6HE#8`FVEGEle= zaNa*$Z+FM`os`rOTA7vY%F2ca@1p|qx0b(ALssk)$D7dnA25LbpeO$$Ip86T#4F=e zd2)e%kDrlYIa8F?d%t(Z_xj`EwkV!e&Q8FqKHx|3uUdb^QTqzlzmMN}@+ZXQTaptS z*(PItE!JlbFHaRxV?aP}h&)_A>}SCajP02E+6-!gbpcy1~nZ^I)Qf_#!9E(Nm?S)H6E|6YMlZi=>GVwuZhmC0-47$!JWTW8#YM86_`<(zPwqsoNC7|LPa7L8fg&j% zW6-7^8|e_ELGMs$DAJCKGlAm<&aO+))$Bmw6?-9~p%rV?Qwvo>iHDqI( zn^#=rj6Sfg`f4UYZypXiQFqe{bN5XE4f(?Mre_F7Ap1Aq`Y*%8iyg*bh-H{Y64(6@#j-fPL`Xpah($; zA5Y!J>h<@M{x(927r6aY?T&PAZGE&mpq&4U4}UG^0ISswmH2ZhCv(6ri-`;b)|SO; z&aA5&zj&huTuI++Q*l3?u{v4G#IJtvHBXs> zM*XuGor+hdXjA`K+2Hol13=k`-jTrT0uw0c5@2h;e7}I^-&awP+i_D~TvG8I(5z!= zQao(rZ-+@dm(ert{n^sFYdl=;eFd+o!VTDXU?M|$?M#B2%H7!jzf_q{y!rPRq@?D4i|Tq07i?aqjE{g?L2hX zLCovZ9>KYrqnu%$LN+UFz(QUgXVN6-)1WjbX6ld+c>A*FTz5BY&e}=-Hl9c>jRy*_< z+SGISDR|=aVMl#IjnZ)Zf%%F>8Hd0s^#P5GYfRc~)BxOd4dcz*JZ$F@5yfb`WrA&g z(@$-@l)@Am#YmXHc!&t@o*(2z7ja3?F9bQcjXsazDE99)FDUt4XZzqA)dAU5c*z_~q9GKiuUU_`eSSbZI@BCWw20MvN7*+1TLhA(r`OLSxBULrM z)vg~2i&)1-hnZ#WGr2?3ov>Sy(wLz4zL5(=IJ$gXF|^?QIoqcLdm(9-@&!X6`jt7UOWX6Lkyi6*mW*c6*64fyM>-x1gPv1v|d7QqH8Y@6~5N^D{A@EB8h9% zK5t8-b~?kR{-M;oO-fIPBi@aFQOA-cocfs$b&jO$zmn`frZez*fusz6{@ul1e8~Fn z8GgH&sbJ6WA*(X?#oZn~^O5yo;Usi=+u~`PZPc%ts6B*yY?P>{)YoC&q6FT~%M+V( zV4>&0k?pA{4rd-H(p<${)%HD2Fj+g<;}q%Gu*hj%2)d0X0YWu(& zR7c5?rLyRk++J;WcDV15_U#5GYpp)k zIn!g-b=X@x$~EChf#+6$pK_BibC-C|6T93MGv1upkY(4P+}hB4bfzUD(u9YAiy#Ci zx$1b$`cJ-u@$>Gwm=xLC_L&yUVq=A9tX%P38MJwpKJ0M2 z_Suf$m44!ke{i{T|9+uyn0roj{GvP#hl4L9wLh;FjL%HKSAbeLSje>B`;)*M^no*y zsHZXCerpqar2fh6y_6-E9jE3U&^5beTa0`)CCK%N%xpqh*t2o=gI%XH)wBj$(QB?K z+nNt=GcZHsK{ubf)fax+IMngf)j0g+E@&bF9V#FAjH^^#w9WVKX-^N1?QGk|7bQCz zfBbid(6$~bWy<||k$3CS=2zhBS!c)V_WE_>%UF99OuQ!8t}5n;YD?h z0zME4=#LC5Z)*(bHmZ>g7WL=;0QuuQF@~Ik6N%0g{Ph5IXxQfj!ojf`-MxX7UPc!2 z$ENvuPPR<6Scd;OdWja&c+sHdyrD1JTC_qd_9y1D+F$Y}eftxSBn>q)) z_MHzxvyP{)z5%Pul`ro#{O-Ocw#Pu%+!o?J_<&HVUWWv%fXAwJA?US1KkuJDD=pp> zE@)25xeJPmZ)t+(ZcHWTsO4|)$2j{c9u$T*eoAFaO$JP;RF??oWM&QQM`O^Ra79eB zQYbwF!$un;#8JDNgY13GzZy!sU(Iobu)t79`#rcUd_HuXkxmtkbDg7_DZs+~CLYno zC@t|8ld`xcVL*K4y!blpEzhP2cX_sE|4}1jP1^&-kS=GeI$`~!aFQ<^%)7Y z(mPD;yN^zZ+p_~reEDbo=QSsAp!Vi<7>88s)^_uEeMVH%Wq>#5bE*q%$McFC_-v&w z3APO$y-IGY2)5d2we4p!ps`WD?wK85yQyom?KQoxKo}$Svf4=9em%n0xbV`b`v9k_ ztjgr^(Z0TuXj3|r?bKj4Oah0`6*;?NeJt9S*y!%NC z!2-Vq?vtRemk^)rO71;dJFw2tWx%Bf1%#Hdd%ob#?a>+HJ>2NBzyFT7$~Uq4B~jK0 zY*O`Zlfa+xj`g*p4Q(UiF{q}KrrH;DxgRfz(=PyK1IiEC61L}9Zm`BNc8d4>>F(?W zrh|4Dw&ximG=JF+CB#T5LEM_r9f3gI^i#{d1(IY0UH3UR)e(%wdf1r~5Hzag09Yl4G zGJONt>UDZKp83E=MMXg%%l3r_RL3g>-=Gub#;`*e5g83l1Z`DIA9f_$8-&uR)&u73 zTzHUufXwwkd1XqcTCek9xxRRY_wpbw3d`r({|&-u%)-Qhu`#(+UaS9c8tcNZH99dw z{7>F*emV%F$#?#DjOG_2yV5^F*N2r((r$x-SNT|&c74Jx&pGp2<>SIWNloSvs_L{$bi6I1;4Fehd*&WK;H9(L3qCoYAy#7`D z-+w6m|9^y%wBaTa0~a~ipDE(2fI0#qU2YxgN2Ao`im&<&nEOxfK0%cXszDd-7mZ!dvJ@gaKnjFRa+p= z;NZYEK2?aV7g|&og`vlWAj;G)_;OZ!B9WplBEZBp;vbYD9?~z16}j(YyG&Y@)HM9- z)Jo$jH969mkIZZ4gsrJW!%n5d_v_yiq;Sv%l9CqTN<&6Sm*;!6(d&jnw;qT=T1;3? zNJhnW8Xj!YXFIv5jJUYqXsn$TMp#odst#Mx<(hZe@1IuJsW{s=RlJ&a!f4^O>DEbK zH07zNqV{uWhl#I&xn%UjumbkutT0uwCFN~rRmSdIu?g_)GKzx*jJ7)y)5tW>7_ zeM&We_!~l^2K_H(x+k%a-@NA`y7$WyP*C`v-u^GZn-eP^op#XVP@%>$rgS#fBMQZA zSEX(QIpt5IB|UjmJd6wx_@8$D@`|NohFPAlCVusfMO+J)G8vJ6FeJ9@VcOW$$LN4{40% z)gz#f6W(=KQjBRVs9ai8+P5-vV~Vph+N$r=R+WXY-6cvuTgse5x~Y)*i)ySU-kiDz z*QJ6U`GfY}sAFF{3RPAy(if}cqnJuV<+3xQ(sFxPi{v?p#tzJStxhTv%)@A zVaY${0!ec=jdY3E55&%{?GO+D(jV_i+aNAjtqOqQk)|fJ<~I+(2D2c^*n;o>2Sn)@ z6Zu~zN?3DxskQ#xfTWeq8$K$u5>i&$8RjEOB4%iN~se6MR?AmQ6itWm| zN+r~!85TB6`m7^7`*JO657+ccCB{){o`C-hA|d#B7E&R_|Jku!_M#R0zaY|F&p%xJ zTG84Yu-^}n_0;)upJx89CyTUltx~W4RUc*IPIl@3l`3KxSh`zQTr|rxSK=cuuZ1_4 zV52fh>Kf-HLPf7sNlBokm|8ykr;AN)am7U`pU9=2nZbk9>Rw4VXtlblG0f}Z<=$xm zPo#=$QWd9#`#c;3BZ2px{!@&koA}>iqyz0sjd%OGq&GBV>z;djN0-)L+M{_&OHs4W zHXlBwFzDhoIr!ygrB@l-S(VLaX}Y4EL2fn3a}apd?^4nE+pF9ENr>883aI&ix~Y-X zudq6KXd|B5oVy|IOYeTQ)4Rq=>PbpiC{uc^6Mgri=96!wjW0T~>&Jy32<0%|vRb?P zLq~av*k9#g*9^{&;4rK0q@?8;}>f5VP#xir$4 zG)E;HOFRD{k=JAuYK<&5HlMkiMSR+&gj+6i z%ESj;6>3VZQpaOHt=j(UtxSTV`XkDEm1mTu!bBh~qBSqlbydfTlqt~WG^1jKw6YTI z>w&kgo>`>mN^H|F9m=3s4wF38C`(=SCvUR97RDWrhYet=>J5(%W;Kr9RzxUn*CqB| zR_qEtC3o`hH5$D|rM~XuyG{Y>^dSTKD8fpp z&jW7GJ1*b;(ow9fzMKY!Mqip?F$LT>%L|-ljbAsihvV30E^d^84S)4{!2y@H^tQco zLqX~s54rP!y`DHg%o}MyNE^L(h})SpN-ER7bouJ#I_yT-O@uaIH%3Yt^#2V9QK1Dl zlpAilXMUiY1c>fu6g&U7?)>2V_Gbh`XAVLJc;U){M zmMDv1>d9&wI#F$@JoV~p?56?9^FY6zua=_&Oi~gRasgsV`hGCkwaScUGKtr4gz&B@ z+-P%c22fU(NUv==dF>LL<$``UHYK1?fdk^QLp-e>3Hptx)(`UO5MmYcepilOyV9mc z`9Sdu1Adnz7VAhYCpgDiy5v#(f3a;zf$PyGtlmC>998-Jw{pfBL(7@87#KGiS}LH8bm+{n>kew})}H3?R1Y&#{S` zxllM@unkFKgq=6xyw#P!eM6OmUfI0o|4z@$d1Xm-na?D=oJFY57PB zE~7V_|34_;P?8O?jm=BF(NaCBAvHA{HFFi{-nRBZ4ef8;``4-T)L#B(1bdYIV({`8 zP|=Lz>!Dvl4f>R z|FV2pXwC>1BM@I02{Zj_K4!@sva48(GWXxgpgjGZ`QX;quO4gD>kcY6i5zTw@Ok~I zYn;V`1~XI}uI#G*SaD4t`m<1$*a2$UoRz-6Ii{0RzD>Znybhnioh( zwW~CUL6aNHkiC&#gBuq_7syM;zMW8fWkGX1^jO{QbtQb}kfRr5KdrbvRCv*&$mZR> zq!bvMiBUjjy|p~$@aRr>V&sqKI!oVcyw~L?IEy`5&Upb0^nThgfS;OfPDT|S&O>hf z0$x{bDXE{_4=F%lRFK;Yk)lUy?BlJ`g+=a{o|lSrkNx_GQnNn~=DuCyg`;FQZL1Wd z1b%;!)>=E{*neNhsyxjM*;R=9b~b&3xOZ1u^#wlZ63F!c#152V#%|R4J2~f1eFg#N zl=ql-)u5XP!IyME^7sANJQGM<7};t;arbztzvtQb{9)l+1F)4MM)Upg^Nx+NqO0iO zgrq;|7f(y=*DXcW?ZF%Ltzir@EI;Hc(dnd9O9U4|r9l+CFTB9zC6h0zW*zr0#uS7b z+ue=lZH(ON%q1G#!iKJ^`@^V4a-jTavE1T5Ud z^|Z~s_{x2``_22&u-t9U>l$Ht!Qna|u0ph#?l`C6hmQEV7WcXa?NY8f#AFh0QYrG> z`|6;RcWICnCxiiCp0AE}=b=vj*-&?k(vhdjvGnN8C8_iM>*u@y z=dX{c_Xx*>Ds$ce)zQ6}Qx;l~KOgu2e3PQ$w@AyVW~pI|!GoJK9WsPu0H!J-)2{Q| zmR#@3jr7#UmsCg_dP1J^2M9Dc`adAq1q&crigvP{WkZw z@x7*QJ1#PKl)o=gu zwaO~S<+oMrPYI!VnIQ}~p6NwJ)>&Cu#}gx$`-o*}WZ}4Zsy1qS+TqI*tvThwh}ieE zVGKASJo?AKauWVMh@(cBWr#7&^hrh(i7{oUKuiE!)Ku@)SpL@yCFm38fdi_HZWD{_ z=Of-li-jcB^H)_FKLwPYimj}T#WqK<=V!W2PP2w}Jo=W=G0#Aw0$+o6F>5i!1kbezZ=?e z=F%Mhn@2Y)pyW|kL+se4Sy*^D$<@w!=0exgSgv(qLI;7dA>9yNb4`49M@q7|#ewH4 zK`Y-CZOz|~efw|RBE`u!>sPs4){=au7T8ucB;u$2e|r_34Bv3rmKGjz^uPG+koULe zt=4pNQmsN<>yaU>EVhQdWWWy&u^#&~WLB+M4Bg?|#x(h|oxu&+3vraGSby_FGw;+f46`1cL_$(km zB?mKn=?_%QcGb%ju;b&%wlj4y+dtqsbK*z8_m!y3Q($`roZkaCCEhDXb# zO4NM|3zJJ76glhd;>*C+NM8EG-xmMz7xgMN%-waleNwYgJoi4$$>}bDpPsQ(wtq3@ z7s3>(iba(St{}WF6!505FbekxDt_?MU${0z&*R*PCtBBpFfA#yOG0iTlAD`ipyf!+ z1e?@G288=^2k&N`1-f(Tu8Z+gj?cMbnW;3&fSF&^T89J#IXV|&DR{>xti!ugYVgS& zn4^cK(~ZlF|NU|X(FFVCyY%=HO74|CChu$*J4D?he=C(V;z}?yoE+ndv=gxMPJXEu zzeg%J0@hL-eZQ~Qhuf|5#W?O1LhFR8;q&V6-km09dy>vk#3amNj6}+!HW1KOTz_^x zON{)H5V$>>E{i^tPObQ<(cih*R;n%Ty#eh3__jyr#WC>1?l5pFJ6o>gl~Povel6ek zePQ7Oddiq$);PQ7Eoo7htspeHc!cjmjqW8!E8E}XlQXkH4D0EYQf3X!_h7DsM$H_I z4h`z`3k*HAVW|%o)VSPtbX6&o31wVV_jLf%Tg<9CC6(@_@XZmy7TthnWdMOr(*C>d zY6pn{WapUa4)`a&d}$9R=HmmEBqHTUM)1)*Krw(1Bh-$rIM6%!=DCU03S7@wV$=Ro zpWC2UGejky?O;@7u1UR?^AE91+Phh~1Pms2%@QcC>Z) zIoi8+B&1wT-g7R7gAoGev94Lt43#ZnK?su3mg`qSnXMv8a?>Z0$y@6;pKB@-Io#g=T+Kx6KVcU$-sy>zQE=ahrW@nN?#N}uoymQ3bwUFE*>v!{f6v{U+)Lln)q0OUSpdC+g$3a(jmdpxmP zWEsTZvzX-{nhe@QBpUEn&SO7SzCI-q@7pkz>-G<^U>R^1PxA=UG$+A+JOFspJQ6@4 z(qNEhzD+q59X^e7RIdgh{JB1yk;mg7l`h(FNTz{A;l8 zbxw?m+=M6i9ed6Lz5KN|;&oP*QMKveZ#j!NeolB6kiN*itp^dvl5ko)xEzqU@X005 ztzG?3sbN>_=>egJ@+@^%1$2^4N(!*DQrN84Jb!T2ES=AE#)g;R*OD^soMutKH)0oU z^}zvW>LVB`$@Kw15&KS@iOaczK; z6*}Bv!R}10lu10XeuC|GtRX1*Mt!qP8o!l77-tMHF8<$?nPI95SKety4$aFXDhk>A zdzT>$Vre-z3k%%~%dM@2B6%`i!K^~8H)E~giZe=^WV5JK#J}OgqBRQrbHx%h8f?n8 z3i}i>`)OoLo?>GjL-nVhq~psE!MM?U;)83gxHKl0xK&{Lcd@*VrSxgJIUf*kgRD|J zW9x;wlna|zt)MBgW@vGV;O$!dvl&e-E^Yz_67=u(?A7eW9YfLMi)a?`wu;o&cW#Y? zNxO}l>F0xVLfwgxwHvgpiNqgp!_$6uKmaj! z&Dw5bA8Xu7)=SoQtPP&U2i>*BGq^Pw2XcEaV%L?igGc)98>M|D|bwzygO==?KY=sPl>=`=2;9e^`@&80EO+gCO z_**9c>B@l{6TWa#!3^T3i99|9%AN=UEc8co%$wml*L34hPnY2Ba*2UiWZXD5>EU{v zvAsXGRwlSgBgDst9UWop*(j)Vii^Y0BlW$IV(OudX1Vo21R_0;FX`7-8OfX^JFYoF zyEwYHll#Mg=qo;s(bSeQoAJQ;rk{Ntg#-xJ%AhYiV?eMGWrbT z2qc>9S69X+E6){NvcFHuQn(}Ts3c*L5M;gMK1~U)N8Y`uIO!UgC<`W^19neFZ(QsF7C!{DLLJAA3wg3l&$=9Wq9z zgw<_n)#|$`RXy&O=CS6bNfrz#d8zgD>|%ai9-@?>U(oBOEx&rx3I-DhS8-YmOIBL0 zp+3q^3>R_jKHL|}L%`rWD?Bwa`u$=9F`rf$Coa_VjDde2Xv9|=T zn~auiL5E13zv-q~4waoJ6M&KAbUoI{{FwvQR>GI!W`gVyLChQ_);~HQjB@~k{%F=9 zPs{auyB|Lo6Js{+6HFIXekEvhsQjFX(+VBPwx{p`5oL}Da^MWcoQ;Pca%&aDXw`Ec zp^c?lbnt-(N`inL(!}>k1|k_l{Ow*OE+pE9@8%S87VsR3xU}W?fSqrP9?39l4yUNO5!}qPfxCnlah`D^LUayp(CtWP^kQ*Qby0w} z+Tm-~N;Djn$1|7pRHd7XqDn6{5Qa8}2`;Cmmi+b!sDzrW*9VdPz0u>&7n51)45*Lf z>T$oMoT|+W?`y8BRRhWM3Ds<1y@hWao+{Or$@pNZ$Z#KglIQ`IU(oQ5>gpGobsFXM|3oqc(C-@Ag%pqy`Zo;Jy`(b)ckMO6E=Y!Ss7)4a;x~+ zN}R1oZCtS%V z8!<&a>miQj?ZI~s#w3Ep9nlvo`{(U{zahnJG#|E2&FonO5`c1W|P|CP+FR3R3_r_H)gNID39@L+EVR0 zjX#eW?q0U9E_)A?K?uYtr~-yF^9`<6D+LFxoR8?Thp?4J>5o{)$n~+q0 zp%Ljayt`)zum3tiEH^DBF({IC&{$kYuyc+W8E~if`Nx(h=LFn8!g%r@ytep)E&p}k zizY;4qOg~dE%ASlyD7&DaxbJwlALS|3%#@WF*-nbhvob$_&I@Auw-g;AAz?HXZ@&8r@D<|sHxg!-uU`w#%3@GaVM9a1oBi@? zw0Dmb{}ueU Date: Thu, 5 Nov 2020 10:52:12 -0800 Subject: [PATCH 21/26] updated page --- .../tvm-zero-day-vulnerabilities.md | 40 +++++++++---------- 1 file changed, 19 insertions(+), 21 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md index 32fbab4e0d..ebdf91eca7 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md @@ -1,6 +1,6 @@ --- title: Mitigate zero-day vulnerabilities - threat and vulnerability management -description: A report showing vulnerable device trends and current statistics. The goal is for you to understand the breath and scope of your device exposure. +description: Learn how to find and mitigate zero-day vulnerabilities in your environment. keywords: mdatp-tvm vulnerable devices, mdatp, tvm, reduce threat & vulnerability exposure, reduce threat and vulnerability, monitor security configuration search.product: eADQiWindows 10XVcnh search.appverid: met150 @@ -40,7 +40,7 @@ Once a zero-day vulnerability has been found, information about it will be conve ### Threat and vulnerability management dashboard -Find recommendations with a zero-day tag in the “Top security recommendation” card. +Look for recommendations with a zero-day tag in the “Top security recommendation” card. ![Top recommendations with a zero-day tag.](images/tvm-zero-day-dashboard.png) @@ -52,7 +52,7 @@ tvm-zero-day-top-vulnerable-software ### Weaknesses page -Find the named zero-day vulnerability along with a description and details. +Look for the named zero-day vulnerability along with a description and details. - If this vulnerability has a CVE-ID assigned, you’ll see the zero-day label next to the CVE name. @@ -60,9 +60,21 @@ Find the named zero-day vulnerability along with a description and details. ![Zero day example for CVE-2020-17087 in weaknesses page.](images/tvm-zero-day-weakness-name.png) +### Software inventory page + +Look for software with the zero-day tag. Filter by the "zero day" tag to only see software with zero-day vulnerabilities. + +![Zero day example of Windows Server 2016 in the software inventory page.](images/tvm-zero-day-software-inventory.png) + +### Software page + +Look for a zero-day tag for each software that has been affected by the zero–day vulnerability. + +![Zero day example for Windows Server 2016 software page.](images/tvm-zero-day-software-page.png) + ### Security recommendations page -Clear suggestions regarding remediation and mitigation options, including workarounds if exist. +View clear suggestions regarding remediation and mitigation options, including workarounds if exist. Filter by the "zero day" tag to only see security recommendations addressing zero-day vulnerabilities. When there is an application with associated zero-day vulnerability and additional vulnerabilities to address, you will get one recommendation regarding both. @@ -76,27 +88,13 @@ There will be a link to mitigation options and workarounds if they are available Open remediation options and choose the attention type. An "attention required" remediation option is recommended for the zero-day vulnerabilities, since an update hasn't been released yet. If there are older vulnerabilities for this software you wish to remediation, you can override the "attention required" remediation option and choose “update.” -![Zero day example flyout example of Windows Server 2016 in the security recommendations page.](images/tvm-zero-day-software-flyout-400.png) +![Zero day flyout example of Windows Server 2016 in the security recommendations page.](images/tvm-zero-day-software-flyout-400.png) ## Patching the zero-day vulnerability -When a patch is released for the zero-day, the recommendation will be changed to “Update” and a blue label next to it that says “New security update for zero day.” +When a patch is released for the zero-day, the recommendation will be changed to “Update” and a blue label next to it that says “New security update for zero day.” It will no longer consider as a zero-day, the zero-day tag will be removed from all pages. -![Zero day example flyout example of Windows Server 2016 in the security recommendations page.](images/tvm-zero-day-patch.jpg) - -## Other places to find vulnerable software - -### Software inventory page - -Find software with the zero-day tag. - -![Zero day example of Windows Server 2016 in the software inventory page.](images/tvm-zero-day-software-inventory.png) - -### Software page - -Find a zero-day tag for each software that has been affected by the zero–day vulnerability. - -![Zero day example for Windows Server 2016 software page.](images/tvm-zero-day-software-page.png) +![Recommendation for "Update Microsoft Windows 10" with new patch label.](images/tvm-zero-day-patch.jpg) ## Related topics From 9f1dec9e1e599fedd1c7ceba4f925f8b91e9cd89 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Thu, 5 Nov 2020 11:06:11 -0800 Subject: [PATCH 22/26] text and image updates --- .../images/tvm-zero-day-dashboard.png | Bin 16418 -> 24819 bytes .../tvm-zero-day-top-vulnerable-software.png | Bin 23435 -> 21897 bytes .../tvm-zero-day-vulnerabilities.md | 7 ++++--- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-dashboard.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-dashboard.png index fa995418a346e489874d07c2b46173ba906fb110..1957e7f57158cc625f68c2814ee23ddd0b7f40e0 100644 GIT binary patch literal 24819 zcmd42bx<8oyEO_SxCM6$?he5N1b25xaCdhC!6is=cX!vo#@%h>?(Q4;Hov#dy>;HY zb?Th&t6TT}F?(uH&2;y4_pE32T2F^5%1a<4;3GglKp;y=ep7~kfXo9Q^l&iXD^9K_ z!r&9Uy`+{C1Ozta`vEDXOmP9e2TD zuH{Y0NeTiQE6y=2Jd706lGJ~LB^Ey@m&19d`1BB7sh6vuNQ9xJNGPKId!N0$0y2J; zB-Z370b*tr5lAda#FR))QZfWbIfUT~yzCw&$-OI((YZj~y{;oF)PrxPS*G!wNrhWQ z$K6xqy`I$_7xae!h@YfzKR-!~UUGf?^ilZJw@C0$P&2vVECsRpC}DqSky|hD6IuH3 zXK^IvTpJDX$|_P_I8AbH4^37l{+Ofz-d+7fYx?h!655n->)+@ia4-K_byuZa3+6Az zV!kXI(GO<1`)AqGe;;I}hQ1d7FaaP@UY%BDgG<+=E4@Q4CeD#gGjG<*Q&MtFMz5RR zV9&+I%vrkJZ!LT$%l??42koJo|12$H`vAx)wLGe}!*roH`xrdo&aH@JC)#;v?Z?LA zy%-;`*EC-Gb*eh@>(m`eeM!T=E=T@tlbAb~SVtbU?wx-xgI%MP@#0|kZ#jHlz_55+ zm2M52Jw<}nMhpBllp7|uKH8r?ITCWX(_cY{AIZ+#H7~EMjK|XkjK`o3Ia6A$ZF6>Z zvD`mLuXjJ0G}!~kN*8YW)&cFglEG_-*=`p)Fm5k~EGI&PQ<~I-PPNu^-+eFhA~hx8 zMB1jMS(Ud>0HRsH{=|Z=Gl==eQ(CuE(blUN*z&C+chA4)_^yu*63itV9C*h#neMdz zt-;zs%^C_fdTNhY%voY_f+p6}s&|x2Zo(TTG5YB_T3D1f#&a+cp*DWeo~qFw%F9NG z;o8~h4b$d|Tbbkd61k6GS)#7-hkg*XD-*^mS9ja!$*JdC{Du-N;Q_o`_?E)>EY*7#|5^(mn2#fWnV#Ibna&nfHYB{;G zn(E;xHz@Yoobaz|*)+)t#-RmAB}k&p3~VoxkKiHw7EA!R2EH19cXwZ!tvwh)Lo1BH zW(uc~!Bx7pY>fopfeYXXX#Lx!Py!;a6s5^hOkHk(FUZNqvq`IzwOl6C5n1?RsPhd7 zSGQmAnv zD;S*2IMejOi!L8TU19yvem3JiC=Y)eh05R5Q1kK#X;$7y4@dMhqK{_YJIui=L0(F# z;xgHX+zCQ1TnZz@@4AoXX>7e1SL~29cMnHN-AG>!xaj`Um%7ew8#8|?=K6}}Ay&3- zev9RbjO;|96ce_lj^sjkyv)UEhFQ~P!D^`wil%b@@yN-E88aSTq;a&X&{T0U>K&up=*;&7%7J+I;REIfQeq%|(oBXXUc%Qq1j>&ER4k1ToS zy5=lIjzO~XQL4jBl;aF8q7oFhpIVQFN-&Eyl1&33Sm>^Aam3+Xcj(YOMquY(Rv!kA z?W`@&riy}Fo_M(kY1y3QpaggzMmZt3%oMflz_}wb=lJ$9_DAmCl%@|Y*PjUjJBE1M zzGQJ@ovEpxR#tFnVnao=+S8qfem=bp!k%(_MJn9a550Sg1PYG)0MNB!G>Kp&8bHW+ zCAGykcB9-5W86-(e)1nd%VV z#Q6?v3Y!K+x=UGsq1u=o ziw-MLiX*`mG8r9<*1*z8MVl=iP1+PQEG%n2Ih-hnqQnWI;?)|TY}lzWtDLejm75^d?Kp=akKtMV$pJ+NeZ?Iob%oT8S9Y3FQZQXu7q;>^L63Q_G-|+bU1^>LiXZb>Zg6D zc?~Wl&($EKUnKm~B%lV1pUaNDMTph)~jKCback6sP9 zkACU|c8iQff7krhl}lT1!1p#Mz1pcBl1fH;8=p&LFPq2MK+YisO9)lI&7broazsBy@Ho=X0 zpWsgHF%t_F;wnJh-+~MAQpm7BZ_!VmxX`EyO-|dCw6*((v4YiN_%ewnwnt5DCuP>U z%dSH`iOMoPg6RPFZyN%H#+GYitke?(BCZl1cHQhJ_#Dx(!Cp0SS89@>@}Y>~Vi7k#li1T;voqY$zWU1|9qQ;^HH29e@Ej)n zz?5*#PBuckJdPgBYU5svG3;Z~cBN1?G@8+r3EzElZZeeGGApaQUb_{z%oD9~H3dv& z&0K*kyn2{5v9=joQDYxY-f<7UPZV0u#^Q?N+N{aLqpAZqB-f*bZC{)-Y?_|tL-N-8`0J2}}ScM=Da7LgS+*7yHg z(V?;L6vplUqAnD0KS_Iu(8z^9frEG`E%uFue)oo9ZjBrMYPwHEl1bT~fss zYwvDYo#tu$`J6&;*o9c!aV4nWp3bggagKtG!fe^?<%BO)RP)phv2=M;om@qV_Hna^ zs?aO}H0;`F3miwsCRnR;?4Gt_>$CB$(PnVvUnS1)8j*D5pUI`p46!EcDHk_Tvp;0p z$%*zWZ5YsUc346EX&*Zk$)bn9a4&Mn-_uc$4O`$6#HU$IjDbHF(#ZHMQ-320LOvYT z?G7)RyUvYv`0kOb%3WIYg(8XlX%`;NJ)N(tzDC!a4=BC=vbmtZ>v8p!Idmq8Y zOVSuH6B%7Os&KB@bv%4~6J34dvcQzuL{yH*iTpBx75Fw#IwQ#kF0I?>DvJqWuE za)i5)*~V*@cXGceClvl#fBQ0QD*#@k4I{Mwjv5LOVnUNuRNCV@551OgX`D^>2~Jg@ z;2HT$>(O{)HE;NBxwG{T`v);#gAHCl3jJ|p$>AMrqfp6N6#^#mh+-p&4>yZbe;Xt~ z3z&t3M1n0Xn<6skx`F^Zf%@PWG04$dc=hyKOkSz}ZbNRQZRfxEbR`{F} zq(iJ&d)!9)$_7Ov#6~?AKO%7j|HS#g8jf3-_}a-<3p&{meV}mg@msYTYPf^e%}B)V zK#3-T;3N|M#G7bZRS3MiF`S;aHal)aeY7cTbb+gDv@v5EnXL}K^4zNcHrBZS*^jJJ z4U9VQr!NT0!{Qvxh5nEz$Iqjj^XuRJVA*l~Zh$c$uUEL-mQjI9yJ`}*jn`;PF!3bL zH-yjSo$vZB1_UP&$V6v#pAz&6Ud z=)R3SgccqT?lM)4?l_8fq)+iF!u5JEmQ-a}uV`EuusjDq$8XFU-6?SY*o zX!^1o1ZjFr9l1q#@^MDQ7R<-{+5F|ne*Rg494SLW0T!k1W@jqL&Rd?gY3wN!!7RsE zvusG)3KrMND>CO{+3xn>37Ez$XsQ!HHu^LKImeDa-#8bW!uc$9tH|wbM;zaUQGntp zXL@!&U-n4rk~WKz!j2waNX0a&cq7Wf2Ds8y9ljBoJkD_*an}tXGfTm-RB>rar)IUO!%dUczxL z?1)i6e)y-<9uL6&H5%NtiSO0mrwS_hnsqY$+^hW682qvPbL>30a!ZiqR}3AlYOWSo0Ve1as=-(d04H zQPcP*4JnneZ!ZM?{%a`A`nPXizsmI+_ZYJo)o500R)Ftez-H`FlnzJs?StuH6y_UE zmMh%26wJcunve)=f~;DISSR^gG#@YoeuxYF&>!!H7;WN;=bS5Zs*fVO2=i&Q3591E z<)|3REI(=nn7Wue*yCc#u`oc6+p$1asSM^nW=>2~^)6c};37E(1p z-GN>{szP4Cen?hDV@Vlnm0yV*vhE3zl3PUmcwr^7qh_s?*_Xd##Z_XV$&lug&ElW4wLb;*w>b9=f*-q`p3HXc*U$Pa4k;^LWW!ZPRIzny z?u(WjW%x1M^K+_(;U~_qyy|2uR%HRY_@&4=9f&Liw9j^;P{_#o`0avoZAyJK2Y6Zu zHw?U}Vhu`mfd*I<&W6Sf+Ag09!(*EQp1wc&Jot2G`=^YiO6>Gm))-#W?pA9ukfFl< zT#J2u{MG%Y)K1*NZ9L!3P&QrP(?Jg=Fy{4Ik)>G;u^MpzLpQ<0VeD`lkAyv@egX21 zloEIQ@!`VXOXd0pq$M@&cig^6{u;M1_(ud^Gz=zMo;=(2Njm+f1GH6R`f0>@CkCz6 z1+e4UiWh>uB3C^^LGF6H>{Nw@Q0`zQyZqpar-}~$G{+s(W9r+5zt)rQE?!!k;*yJw z^Z@t-ya^J0)AIu)5F87&yBGDU`@I3Ah_`ObG5KQ@A0I{DuyxkJ#@SjaRyH` z`bR)(Hm=pQ4T5J}shden-0$E1oDh&!l8aythQIy!Dw2Qp#BMEiE!Y$P=(t2kW1_`r z|KaI`=ZK*F;W>QgBj3u#N{GSXirjY*G_txSbc7k`zvmkKh<^UxLx_=Pp!+1zFw2%{ z>93`zKKORv&dp42sO;B&5N1X2#5NWC&OwHVp3Z)?snJ14$x!T01|JqiL7@reT$-a) z&#AZ>WksE@gvk2L`dQlYa0sDWOIjj^xakUrIOJ+UJ;a4&i>2n+X?b; z5BDV*N<;GD;yAm*=TiOWa^ciSHwMnHx72Vj+&lEWJ0X0t8c9WTApGMhx3clDnIRsa zhSOvBGHBLPK7a5X^QzOX)*cmRz49cO6+=1_L6MV{ZS^3I=h0l#ycSE<$Y&3M_&8$M zK=pg$ntm-)8wa~i0e;~TxcnOoxwAaXnXzT-94m+s7v*%MUauHmB(P#zcHt4|IUtop zy&xzyH4pkBv%}@q>Wmzib&-P=^*Q^ZMUw0A@AD}rgSb1AYtFpm+ARmxCqE%A%`I?m z+=4Ek1rXvZoo>sV#Fy!KIX@Pa+p>%=JVa%*@ZeUebRb6j`e^VO9^UsEUcDSLVr%Zf z=fRnbYkT;MNr1>#z2fY#!H*heB_C&7$ZfjV&W(_RPwMmFlCd^9MxAI)kbF=NbeYF6 zl%Z)vLT8^?lhYb7wDn{<38t)iFERK(DI)${g@@=&)Kgem+;pmtdot5!k4JGnQlZ5smgC7% zG58AkM&LKrKUF`eq0OG4e*DCV{xOGk*&s4{K~YB1AK%284o$)$r)j0HdG&z5@F1wi zmrPJ7?~O64c6xLlmF7b>(*##Jib~`6=crgZ@l>23bQ?DCNBmr>fp&5rI?{(s64A4yVi>koDZt52q^px?$uLiEQXEYR`HTL39$8Wu^p0~M`pyp!mxQdmjYu^%n+pX zl4gPTy)`Z1S4O!KS%Cc&(^Z~glf-bkwgo`Qmg#7g9YdYPIYf{n#9Mmk8bQ-|>=oby(< z><&ce!qe!Q$#c>+S2{{gNkQ>DIr*!h;pechjM*-D3Mx&h>e53Cr!T@WG8kMkESSYh z-y4F5(HUaSaLZb&$yjUH!!mfMTAa*yU5;e;$1@IQOEAL1;JYa|v0q|Lq5O|HEr_GB zQxV6aQbb+8!&gCVm-4@_98+^oGp8oK)h9|Qy;>O$x_1~Hw-4Y6mADgje$Y?dmB{?1 z78pLcUBcwG#>Af{kU=R(kZ)4rU5*xLCWjw*;lY$gW&A$qHeNWdB-tn@N9M+gqR4A_ zdk6ukmdv0|4=+ffzlwn*LdIQDH}!;degXR#U6jVJ#{mmw6H_HBMG=Q?;$sp*T6Q&>ieL_Y`Y~SUQ@RS< zV}r{8q={fJp(ll+xdrD(SzcCzGy^t%1ZoD^g7QX{EYnYLG$gX!bK{Brcpnn86=}Ir zMXtGy?voAk5n(N5MjDD_%s-g3{W?KOp54Xl?n4rfZFm?fHHZEydvPfoY@hQATdN(a za1IZ>A0fhp_>+`Fe8BUay#AboOEshDio*FH>l6Q(z{&&r4sM9ktJ*FgLPqp=`jXy{ zwcMxr%j&0>W11HL$>TQPTzY??lRE315(fVSp_}rBHIfWI&@4N#>B=C#wNsA~159Z9 zCmYRXJcivbZ@X&D-XPfCkomK`MXrLNSJp6i^$PjU9(aB4hk362-dJcmJvW@oF`1Q> zTlQm6zZ$lmzLWPa7HPPYCYRTEQkWB^kViZ(Y8poZZ9LO9a8Q*9M0-oE(K|YYmrV=n zpLs?CUhrK)>`-NjIwWJ>=z69kmQ=fn5+w9_WlI|ppZIX>C-%F3NX0<&r?v;d(w~2K z=+{2;s>@8PEGhCtmi2Jq(lSU=`Z6K4wPAZwDNp|P2s*qmCGHCmXCXC#Qz=Br_w2^7 zZfC%oc!lI|pX@$NBFTTa4#=N7FT6|j*2_66@ul_73SoPBoSC>7>_=;7CC?BT@f}@` z+?UjAO|Sp;m`|cLK;GpYW9)@ayG^`XI4t3QX-^lHwXps00-&gx2Ab?Y3ykQ3mnuC4 zdRfaEPcN{NjkDEvP4|~g>+QnwLMEV1^10{JGACJ(62gcXcKpLK#|9FC0Zp(0mV+M& zG?QbG7_(?bjV5>` zdA5xEfvqCxu9xZ$odV~06R4OD3I*|&2HdV1Yu!XG7b%v0ONb*ahp1JK6E1%b+4cle zhELyYi&S=%*Gj*HirQ&-sdtjX^@z#xg)4ogxBDW(-)szg79Uqz zmF{1(*9>-ZO-DbT)tDQqPP9~2lCml#sT;CcK*3C#{rw=WJ0E3>;q2OxDrzZHrUf1# z^n9YeK|rfnlH&E;58Z+D@8cO^guZ4l5tZJN1GR-yw@EP<19H_~lN^~cKO3A)PP!%v z_ud3V9ImnkNmAh`Snt-*_#b-My*-RRBPI9S_`MM|#J~1BVP4O~3ACp|hOE;U+PhI( z-mQFly)`LKiM_s|aOsD2QzNqzK5~e!puM^UP zGHgRc86jW@ve%F0?mz&8k%Q>k4ITI%U6y~-LjMhG+5}N(GQD4J zHQWjCw`}^M131Y7nDm&ep1y+DEQmoe{p{#u2xKl~VBqbi+{Obhdc9RHGoR8^MX4X3 zY6X$xp)?+)I{Eg33l*NX$OZZ45M@?bnG}MVt6Ed+3|1qNUd$Fj0r4@NN3u9?TAgR< z@^`(?txeq>hxQYLb)^t#W5HvldEfsGG}o1Cu4?#SyORT#|Ax^~7ep8sPSrX_iwkT~ z5MT=p#9ifWSb6!{nBiE>XGC@$|EyL3HxTBHwz1=duI$aWKtUTHs`3|O6?2~Vy}qmJ z`PN{HCN*)MqYI_(YQ&7)pDB-nKZM?8!DW@fP-P2OF;uk`TGuEN!Mndf%x(_%t2{f= zbyo|VZ5NF>H2Y+-NyFAf1WiDqJANM2@q+5b)Be-Z+>^1RK^w$$_gv~_etB!-$5$lB zE8qT`6RYTHUXD3Ueq4nCH=-e%&tNUpX70`^f|kUtv`ADJ+97MR6r45C#Q+x zqF-NRZMtf{KzN$QiSZD_0UOf+;HJDfpUO?2A*;@>Du}av6#%I-n5rbj>S{Cv`b3dS9xmACWxg~LT?ZKCvfGM!34FNh0DQUW2AxRCZyU#) zJMI68ayi$C&9npD0;QFS{bFY;|E5gX3n_`85BQC%MWw^*m(SCn!f|@>=&V0Y*RQeH z-cf+gpm%f|L*xu>)rGtcc$@=-Ls1qIl@CJETJ{F3 zev(J0&&)f>@R?oEsC_*-m2LCEY?2$wvFek5iXJnzH${mqzg+Ry{(hF8I&=%@0;FV6 z^VD4vt{*xi_;kJyc6<)(d|^vj#6?8R!g*E>U04p6EYd8k>+whoGwPQj=b2v>&WP*6acZCNQKYhRf(};BEN1b0Y!7#sfAXgxr{y6zsz@EC z%)c_H)j6A8pb}FQUBk?i*!Yi!$z{#Bu&gTB8UlpcHgVxWukAQ6_qzvKICYc`EO=lk zwcJUDIy=+TbEeC{@9DlR!(bN$p}^$qW2gN&S~ZQ|(J>iXhTbi5I^>rV4JlzvETs6h>7F7LE?*c%Za(A zpk_WEYcfoKLcKS0PGduJO1?I(aoroH#q&NCoR{oZhglU22atG|->A7Sfx59fZ#!ap zBN4a)8z=Bee%{<=#EKYixFa{bOh=M6%(yV=h3Dy&cb9lYithYrZNbHh$vFRT^o&wPvuLB3*Tb-QlV;*mYbDZTm0?6rK zW4cRzFBW9_%J52Aa&(Q*0JY(y??J6!CoKM zx>zsWvW~}~HWvKzskH=W9i!8KyznjpS*tDhGD7hNm~HeqU^)|B?Fv?VqtU{+Upq zjJDCnxSWq96Reeeh|C;2`h_A^TpC^@$2>>0-kvV+_c-BN+p;~i7fnUQ?PG0q=-T&( zD5;qg4hQB{#oB9ODCZReccF^jJ{XE%-Rztb<&1cKadd)JQ2&k>`HgUF@;R-A(7(=G z{Tb%1xt4uB^JzO-U+uTv`E`GoAd)E#Uwc!mm(?*Z$0-(i(kLjBiH`N@7fJyKb{sd;L@(UL!&Y0kPVrm0jkvb{zLjU!ozmSgyNT|PKa7h^C-9luXPF#ynVPf1 z*YG?D`aO-{wdyDsb~wtGKw2r=tD3WFCFO#1&VxAWg3ykev*l?wkmpa0a^jmu9SKSYuHF2tvEbF7AaBCpf> z>;~owJ&)biTt;ju31%}EYrnzTuwjk;ovwg>6;9W>0_i6RxK}K20YUTG3;1JX!L0rF|dDhAdDx@3PN+a>g{1KqXm_gaDZ-b)_!0}vKMo>3Q(-hw2i7|F8V8wV5KW&cSf znp7iq#nL_aNAFH|Z7Ohu-hp7j1iS_oi@doO{ikI;k3IiV{AJp9J>Iqbp2u%9M54*^ z?;W@mP_FpT`F~_T|J#7@g~h_|GZ1j4Ap`5?Vu69cp01{!rH0mxAJPXPOKBUIs>d9+ zEPTSz+|{vYOyEJ7<(3n=hW0B`-H*d%dNwTjIu$4pWxV~prb~wOg~*H*$Q}nklkzus ztC7?1PHGN_z>>30%xxNsLZ1p3u$|h|YY}eW;-XY1B&mt~0ki55FZED>t|r2X9PQO6 z=c`rQE1fJ|)i^4w&CGmXp0oVFN}&;ig>urC`{_)S%f2?uL^r3ky#03NQFfRE4YQko zIXgHt0{pAl+_)V`QxY7@Ezmj6d2<XXT|V(CKR7o*|J~)*QZ3EV!ll zxr1TX3v#^HaP>|z&&|dQ5?ZMpLR3J^CO*eI*K4qWAqA@}6CiLmdFO*>!?W^ge#$Vq zcEMF}A6ftAVk1~Mz_A=nM6;S-==MHBe0NiuF2zfQ_r(d$c@2n01d&SnKQilch|Av5 z5<1(t6+FY}KQE_remgXBgurQ#_)0*yBmvCHO$0zlSUUWmw!&<^;^^|(`SYzM@y9NU zy8?`Y8joOZWe+fvE}1OOURGM;o^!v`BHzz^)5mNu4Xm=xa<2K%}ABU62KKW5Wz*R}!Ttfj?%+`&CS^A2mQrc{o@LzId@v zScqKxZTW<>%U{sWgn)A}tP?xT!8jH!lBmIH7?>j%K9qUhBWT76uBfkt34y3jRYKPa zcGYOU#W4e}5VBy#ZJ9GOn z17h;t1Tl3cX;ml}dmi41@?!l;*!^;A1o~M|r#9MYF{FClkrm~y`e9pBG>=Jf+#_K{ zbkcZ+4P`lx-Hpk0gHc}nJE5+oxH;A4#4S9z%hsBpK!9oWicfN-qTsrER=wO+R?u~KkmigA=Unoi&sj{8n2GixTL zCs=Lobv#9o2&j1!=aBh_KpIBTL-anWx4lPDlcG5QAD{pt* zZ^&cK%E)8X>}Udsy4x`m#+SsFuw#@%^32#NrOB1Wzgu=3DV@r;a;ZJ~*3uHF%5c%% z#&SwqL=Q`qhMeD_hHc@zr5w@GE{8`p*0Fj@p>yMk)^1}Hws-tLm9s42%Fx&X7nISwK+Uq# zxx^*GMh%VV!OCXZp$s84qL6WegheRX=$}U>Q(dvJR(;fcisxCrRtl)fjlC|qN;JmU zw>i5k4!%Tr+RYPRD%Kg?j@~V7@F+(_5cZoE#3CpO@Ig~jlp?8e#8kJ6-AAp7st*4K zXlgsGm%PJ0vE`W|;BQ`sMIA0J8E?h!rEu!0++br30dhC{{K+0jyAZ{f^64<(K7Tm5 zH$_2|<*dT!)HjacVDTkSw8(i}4%Qz^%>((Iuhg2#=oLol(AGZKWys{M{TAiIjojU_ zHNXmYk|_NfMYG1|F*eTGX?<=n^B|HDV6pFf@R*W#BKxdVI!+HzD>3l%7(307)%uXL z%|+u4{4gDU$$BV@GNM#81K_nW-|TA|H=WUtC(exwBFb;Q<0P8EWbCHP#Y|OIPdY=D zHVYmTEFM{q9QIu}TcTa58f?Jfj@7-f7}*jlHZ+AC9fF5ZYqw9`S=z?e_T(r^+>gyB z_j=}*y@F;gb^Mo&lj5w?B2<>)L*qOFaBsv>)n z*_BtF#3%NYUL;8mL_+W-ZcAzM(k_%7jq*G?7QRWYK%y)JizlJQuio!}{YCFNP%bwc zJwhQxFvKN(zsPmK+P~wHSBV`~}CaOB>b5-j`;O4xE?mnd<3c(*1D@Ot6V94uq|+y~&x& zj5Rq}AU>6*|CO3pCen7_5Fi`rRWMX9;+3& z24nI$_Nx@O0r|sceru3foo5dDiI-s6{%o9p5CPD8_acZ$_e$-W{_uaG-Zggv{R9or|l6Z zO?p<8O{ec?UhEnhmc0`FszWZ$8#A*;6`jRc+vY~fZ9~djy&@6O)i0GcJ>M$y4*8yQ zRFVZ+XEn#M;gqNIKVvT}53(mvdq@3QP8riUiE2i%Om6u!+xYtO1B;llX}b?%+&#fni3iG&|CQT1i^)8tPH z=GWp(C;4|uHZ5FO_EUz;X6AwsPBJd1Tm4c)A&7-?Qp?w_Ype zZbP)wWPf6>a%-=nq2H>nxTWIgq93W?Rm^%wd`Fl)FQ)G;_0p~~W|0-r)uAGLIaAOq2)m1Cb^0Kf*a#+= z!sSVSI2$LvGTQBSNxJy7y;J0isO%`i`jF|6rnsj%Z^EJotxg%>T2#P#T2BIr+-CHS zz=@P>K&@f;1kd1`7M+Pgg%t?M!u;hQBjI-@t{va|OA0PO%$})=%Ra|NrRnO{(Es9C z<+Da_b0MG77-_ww-C>Z;1=8}Z`ySdg&yy6|UTC&jz&_noJ1~z9`kxPbV>F=V)PHE(#edP zZAas62ttO_in%WS`gdRgIqj(XbYEf@bMEoP8kyh6+1GO)h9ze{BP)e?4wiUYw}SY3 zGul2gTf@6%$XQ>t!R3k}!jdP*7=eA#-OzYEyW@!6t%?gDuQm2e5}K_{Y3jL7uoKfB z$mh7p-XK4$uQ@K~=l;j55=uUa^?pdz_RWnigD&Yxy-%3Xvu)WG@_m@$m#M@vyJ{*U z0^izqsnFY+9~^dnoOQ9Pt!hm~%eA$<5buI)lMq2W8Z9O3KTx_l6OLxMq2qbL4nxqI zoZp!)(a=HxtNq`vFs~&TtNz;PJU+bQ_UEwCuX$Il@%}LGXgRGevW6ER7rWt5*>?JBz$~SvIP* zoS8ODpqpf2Ve4r!a67N%Z}%2C&q zlNa}01#qldqA32MhrImw&)8T8BgBm~cpZ1+c$c+2v1c?CS<^1j2^`OD0W3Zo-%{`? zFWz5Sc{kgkrmeYLW@J65OW`eCo!MpOUR_AE>!iuOCK&57Gi>Fh8qK=mOWp~r7rZSS zCZ3lWz3q`xC=kjF->oa^p8c2@UnP{m?dgg_P4BNPvReJ=0Lr^?u#gI#c# zDW^s1+_G}5Dk}sL8MTxw2xGtQd(F-#I2`EQv##9}PP{cl8}XG|;HLMVQS!F+-|g3; zG*`dl7?ge$YT2A;O{Z>E>XsI#tk%JAmZWz(X;kdZv12DwqZbIC3LkSankE00`KP>* zd;iY{Ga1# zNTla!gL@hooCsmFvHDEL>s8hz*XGY$AeIJxXV*-LQ#ykMo?8YVfgRZX{1RhccF2S` z0ZswmObfrC-Jd1o9a>1b{b7&aJgjiF%F4~*vxP%)xm2RBc@*v7!RGBTH|7mGGBrLB z0<58?d*7&;wLVN-x$HaFQWws2AY%v-37YL_sriqY0!-_as_BO7cBA=dlXqu3lzRf5 z5*^zsw9e5i(=pWKrE$7?b4_*$qda@1xEOq+DR(8hac=#uN15i!`S5%+U>CU^XXL5W zt+H;B-jW)Ncm5l%b8TN7spi85 zigoqiHSV`=bWEIyJt<+=OE*i)Hvb+qJm-a3Tg|rvVt?@LypHIt__(38Y?nW~j4`#_ z&$s6qw$g#VWuZzcv+J z0t)T$aY{~HO3SEf?;UU4T?|M!9;3J7nHn$gsS7c?yloLp|QaXH=J`k6UD2Ni9#@J=#?P%?H|+0GMd6!aJ>HhP|q7?;X%&xAddE@!!{2zUy_5HDp*!I9DRH1E;#mV}fOBdSTAoezb>DgzC@HNIDw&j@G zxr9e-UzmC+tua856Ln@+7TLwmJ*{^Mb-KWm4+%f`{?Q@frOETuw8B)`*G>NHCq0ZX zkv*Uc*v!-d1B0CRdS5{C>WS+GYjSV_#87m;zm9IjQA6de&&S zeY55A;sFM8>ou*hUlE(#zR7N$6`jL_WPfx^3FW3Z_sSTS*Z#%k{rMgs%ce+XJg}Q%+ApC$sjE)q)rT)@fev^F_A_fHCa!Kv z&U6J$Q9_QVn{Dxth=D2bh+?51bL3`;c5kp&FMTgLX%B}^^d2evq%!{&vrBAPGPlj! z#Sqzo4510mJVWc^&oqMIvX7hacn)di+yr_Wnej&+V4ggiYGk_R2Mq=)nX63PW9D&+ zZVio3rS4V{2V1OB(>hnmeeWin4nBbW!9hQnteoJLm6>9_4eKYD?L3t^Zh``KuBN&9 zU)BHFj~R1kc3*KB@<@xE4CiZq4M;=L3k27ZYdmbIiz4^Wz zuAjU5{^6rZNNmA)7#FLNc~mh#4Ldj~wc9}Y`-3{7k%GieXr_rv?(5}T<`Q^cSDuUI={cv>LG`+BwZ$u{cA z__l%atzYGxQ!xViqBdRiRQivF>3>!yFU&!CuRVzTwa-0j}$< zWdGy3(Nrs=wdO1FZ4(}SmBe{oxt|>g^}+bqs?gpHeaJNDElhOzgAh!Sh+&fFomx^| zzZNl<+sq%OroY47+;vVs7_O5k#;*sl-N;`011%1W^dk**^3{)W)C63e<5zD4fMR`e zyz2?&MC+AMC%J+v!>(Rij*}|m>k#@SU08b_A8#E^(50|v4AE%O$b5~-!oU|H!No*; z!=0*A&A9WewmH5O%~Qjj&E0go8y2XyQ`>0-Uy&@I)Ym=v}okZ}wCC3#I3en9Q*wxCcwt;_|4ah0*>)7 zI1-=p^33{u*nV<>9=HF#4La%Q?_LGqr#;`7hTL;G+S%xZ6uyj0`rhEf%0J)QxURW#H`SAME@R?k;*L?* zJu%IU+dTY7Et9)%_fAEL-eaLC)aY z=0lWHIm_<$Nz8dm%^9QU-P-^?A2ORA*b0Q*_Lr=rthL_Se-=;r0&L$cS!n@TQ(%87kR#J4V-A@*m%$`TM8;ja_%b ztZXT=m-V7x!{hchbzW zNf^v{Z=~SlUNn+n{+nFvbLaam!UMP-oRI+eNDjy=&`UQ-+tbVIwOzscokMv79>Smu zr69AN>qnNfzs4Wx#0nGM7xK{}Q-pxJLk@+({p-FNw)br?1VP{pALsYK%; zIF4Xe%vaLyy333)5brkMICbh7ZqK{*^z##{@vnc*|Gj;V|Ji8zH;-yY-f*XzX9S#X z1Guwx*}2Z+~uxR$or0j`i&q54#_lAf%C zqrl}E-jT&}!Hj(3SFd<8<8CVDpPR^B=PmZ-YPVB4ZCY|Z-J2#mvKr7C1*cNb&A!QS zDGQKiI76VQ=s@1gpdh`iIr4{Cx~xwRxwQ@1`8X;`rK$#b#Xapd$A6F@V{%O9qAkgA zYE3W)HFP*nHjNzN0s%lr^ypuI2=7P3vR_DRWTK~$B4U0sCI!%8l{Ye6+Pu{=l*DQ>01 z|HW)qiPw{>498SikUp&kTAmGuw^`M*!1XecUuW3WpJJ<&+_^hg(RDouj#jiwTgy|Pj+$qRv|$m?2=SN>_AICC z=jy=ppFZTWo~R5pH+w=a04I#=&Jsh~*c+4BgoJCOKoOSoy(f+z49`5@#cH7MY6t%T zYzW}-tL;97wuYn6U4r*2*!iLGASlK1S20K({`7{F->lt-5NjrT9NF3cNF?tCY%X2fru|T5Hh&cZ6vgs5yiG@#P zT*?SLky70Gse+iKMPGIhDXch#a6zZb_C*6z1ePiRGfD{-id5RqV= zLt9uDzE5`fU!9$0P+Z@WhDitnCuDF94&es`cL?t8FnEvwCg=<@NFW54;0_56!QCgg zyK9i3gS)fvudV&CyHzV6Pu)}Z^u1NLPj^54-ct%>^ap+1aZUeH0Qm*4mCvqpP0uZD zf#genx|d-wWLBJ1p)Qkhi+HM?OSnbEITNn-_Uj@vDrVe=rd*$FThBTg+C*_`mBGpTpNF zINyY7=7bU3KoS~qzcjz?%2q#Nr*}vIsA|V?cG~Jno_+;$SVxmxhWFv^53UfL{oj$( z4^PWNqX7@|R+iae+Ws%3$@=`?wC=lUYwEvD+MUbVwZlN8P!3KeC`Ms6`hUhuH5$jZ zDat>g{h<`U{~OGd?JB9y-1n53qsZ2_p>q5OW-78~(9dpr)*vh+yVnYy=$!|0&f*O! zitnTu#et8RApD-Znpo+{{+us05!z9<*5fsW{g<)Ib3Y6!(BJD^wEXv)ra9eGfN5O#YfSS+y3!1)gJR~7;;iT!ZP}|527yYf+l82n7vSZB zaC(H%C_5|vM`(#j7M8ieVz&iMLw%<(Sb0BhBToD8hkZW%S(bji)LTNEm{HT(TtmUAnN|3Zth zP{3!uPM>5n(j-d(Q88p>Lx>gzi8UO@dS33v@T9#~vDfc`V?tKoEa;OTnwP8PXzZyK zkK$k`iy*HVbKn{)jZGnPcPzDSEU{TO1%;4iO+eoCW6y^>lWv!yrTMIAZG?|=Fwp{8 zRX0+$)g?G1jMo#!ZG<$Nue%z+Lv-Y~W## zvc91I&TpNn0qfn@erajt0IE7Gd=efu|D=y(?qrIiCVqyMWQ~R_@G09mVBLIe^}a-^ zC0Qj(f~lPWipVy(bVyzR>#N0QRe@7a5&J}vIdTQ}arr)k&2 zF2k$B3U{}&x%>W1G{&J;E#rwN_3kYKl$|-nxj>Q#2fOTJ!@3}1)q;{e)t|QV^7bv| zkWV6~-ZOP0&lhI-)|oFO80PCB$;ozeRX-5C_Ug54Gp!Gm?v*ev(h6ZC0Hy_>SGP`7sH-%q1cUb#9+CfW#nf=c3ME!iq4z<>|2f`hm2!KpI%8dI zAU0?`-nCFdX~51^7BpRJimBy9D_FN7;(3WCIIo%y<*ir`6x|ln;^LowD_YW1x2544 zHRP~F`7l{xU(!>%Kl?`9tM)+DsgBcqT()VqKYPJiLG?1C^2`&vabQgUtSNDwMDnik zQ_IEJJ@J{V58{9fLPyn;{L#>%>V5}E0f)dEGvOlRVzNK)-7m8F>zd5Oc1Fj?B{Vew zx@E>)?Tdq>PUtfeo*Hh#Cr_>5j#~}m?gU(1RpK{7w5x=+u$02=t*0p8F(2@+I&GWj zyr<0C(!b))wvbQH1d2FK?q9-||JQKw_p-9C$?r&T@?`ac?G`}3K3_X(;(j+qj`_3U z@#i=e`?-q7@ZJS8tV;*J$~?}>iQsrXZdDU+!ZNsyYG)YrVxzj>Q#c$L=trNudJymr z#v^mMJ5z4(#qj^Jw6-3b00PPh@q zQGU%4N_F-9TbJFe%`uUAsqn}^&!Qu__VAd6rheiZKMN<$k-K~R$S3k@WYC*OlrCq~ z5bf;1*F8Y1f1vaGMi-Z+rX+Xvo_SfHj{3ZTXOGeYcU>{6y}dWmnMW6r>9(qtf6gcO zXWe6eqLb~r<95SV!(9_oKi{^er|zX_M@kFyDuPsXC5(FVvwQN_j{O2w$a>*Se$08j zF|Z12nf%@eGRO?UAQ;`kI2leevj2z#Tr+CZ>qEA*!t$C z7CGTO@(Z`3>0Mxvr{SU(4fodHsp#|q_&uI@TEeR;frGP2mNPZ^MI6gHL_B)SFUh(Tq7GZad%9L@gv3XEzs?ho( z?+1%|0&e7aPum(16w{yvsevh~^L+VegAucR+0Xd)uw+>bbN3rtY-ntnqnk_5eWsOO z`t^_dj0Bwp%Z~Z(&!?qOBa@f9hn~rUEjr~)s4OawPBGxPx(t|>hnB+0*`;R*jA^B# zBX_oTrF{DB9ou&oB$`KOD%r;?!7Xn|$GVq+LLVL$8J6#h0#AD|>lxhg z@6O@09%~|$ww~#3zmShWf>MjM7I8%PVHCS)I_&4az3ovPS}Rje4qM+rCIQ9Az19;j zfw)Ze9wpw)M{GyxjS@Nq_5|mvW{MY8X&-KT?C7-PG@#9)^XOIRPGqH+Q&6cokEp?& z%2s=o6O(V3r>F+xvA%J>G z)t)t|s??}UxMYJd?EQio+u^#J;6b4OQ5H{)RTZKHc&(75Q>7#EKvxXkH)a zc4$&5p|`AIZ*6V8YSnZ^9=OcBS-_83=L6Ky$L>-l7SM|L0ML`C8r@b%fOs%XglEP% zSLar|dheotZ6Rk~_d2t{}7`jl$L7yb%j z4arHf!QNHiX=tj8PK)b}{7P?QfLOcPT4N1%dkQOhXN1H)jer2%0s^bNc+PcT>eIN; zbrk6|L``}cqpzx{60zcaq+}8-GRIt&B%9&)CG6t30|GUyz0@354l|wm8itM;W~yI~ zZnDps1wxW;;1S8jWTvx6>G?7oYbWNLe6lh33GQJraG84ZPCgeyM_TCYLEJd@Yd^Jr z{KGVUw?p7ILGSDOg-lrrm{@Ncqac2&_@b@xM>~*ieue2Vo{BebFxlhWq>~1squ)j! zacF=crt;Ty#Wt%OImK&jd5F$A9y@cdmd<$!gYIiwZ?5qGI#rtTxg-T6rda}91ZlpC zQ2=}x1r)4@IqB7t2R)SLh=xGBF?3WwscN#Gi=y_FhAIL01q##`06iDqjq{N%L%hQ` zn#mXRDPLsKK*H@ABavMF4!pC>`n&_>}bJCrPSl(&BU3Rtq#(J)zJ(& zIot&M(DMnHSaDAB_Y;I4>;3O?yk}wh(K=>*IaNCa)*_PiE_hBOxfY0m-&@PJ59#2J zPtFAyt$}Fz2w0Qd1)kerP(1Z?fhJ!pmj#Mw4=&3&FF-0&*;S&bpmyQ`kB+6ELF{ZGG}j2rOQo=`bp36y-SsuXlf((EK#ZpnS$xP zu~0U`3;!;Ty>hcUqg2U)JjY$l&Om$J!L3z!o%Y~D=wjVEvg~pA$E$Z{cMLfGrQ%f~ zU1l|vr2Z6dXQ@`(Vn}MQw(N&O4=PZu^QIsolbRr>Q}-?YepL1QZ}pnuQUW<|^L2fH z5*&A?*L2*5*QRi*^tM))3)INWcv`G?;{GlMIaSX7JJ*1Q zv_Vyj^%G6+dHtSz5ghG_?Q^1*4+YCU*x-C#14IzT${MVSEM(l_#uP$NB%En*cg7jj z{=(bItO;H%;76NmdaTLG<#Ym*S?H#cmn7POv9uY z@J^MwJ|Vtq0{;j-DT$P_w2n=uh+0>aZ(P0bGF*_5A?2bGtWrpXK<0!9cGc0Injsq3W(NJ)P9|j@c zO}XYVwB-@G)yEG3kNsgTw=79?Royb1p}USdke6K2947ML%VOvODlst8Osw`0v@@%N zm%iOER@#e4L*!)UX<3=Yh3JFzHSa=zOp@OGL?MeWQqi617@bkQk{01!FJr;c_;E<= zfo4lu0eN}h0}-6vC8#MF*UKGI!ZROa3Z|V*jfr3Dczu=b1ne&y>FsuIY~A&yZS^EO zFL6(GE2oJ~^u~ux>!B8B7j=iotG~nL&OaD>K}UlGp{LKKkJBm|vn4gHw#=W?z|<_Q z)dN(&Pw5leW4KsSDq4U?3$1{CV-^+FVhX!^OeB2jZk`^=SD>F+gByaK6ajtb-spXM z!Ge?7c^>`2-z)w}a1?EfV;VXr_U7y=`(MX%R*kD_E z)ShI#A4{cCSi$`VUw^!D0ZsxE@1RED+p~{M2{OY>_sIHdhEYYOr%<8zY)<6(t!yT5 zWOQ6@*DwhqZ3%f0IswFBw4hA}&PFGvT(dONb#ZO9+pZ{W&?WVkwj{c#pqB|%iD1xM zD+Fi|)!2pw%YWCr(CYq!UaZBh0gllnbYw=u%GEoCl*eg>;>pDa6qgpKFo3YmM_;(# z;>Jt8n$*%1Yfs6m(j`7L3$mRdyX!gdY3A87l>kVC{+#(V?C-(lP40ZT+4M>krI5y( zjt$h5+t#eFZtP8jpj|(A>_SP;8EPigTs>$eUOUchZpKFU5pM>8-YY7 zyC9F;RG&goi=mlhQfE)&5HSqhc-AnK%R}Qo*#xsLNHm@F&4iu0jf8kbNSmaO&K{! z{=SO8&KEa-MofC_vkm;sKRiL*8D$q_sgf>`g~uVkcV2*uPR>K`6ZlvJQ142dWK$99 zJhM&He}T(nPs}3AVdN)a71b%zoipzBem*uL@Xp+jVc|u$2DulNRm7t_lmJrvS!{s- zV$62kU8N@HSqPsNbk?gR-RPxRTjK&Xy($C0l2=uhe?)23@YNAzkUYIk-D9GXGgGd} zYQ0AWx}X#f3LTcUQ0VWXGeva_BGd(Q&6}G}7)#qBVeR1&d>X3+rHJp*Hs)b?HT)s}D zwk(_W+@wvx1DV4>_QdJMSs-<<%e_n{ieu`*cPyWb_V8x& z1xzN>(G{8oBQX0+v3d3u79OpPjQ(` zWRxXgvOY}EN&-us$A?J0YFzyL;$@lGl^KvLat1rs%Hfwg&p4{cOOwlwtwsH}5~BuS4ZLc)re8yyf01K{L*+ zdyr$dSGmJZcp&&;ct2!oQXaXeIzFbvEzQ|obB{c{(c0J9wJ)`98Cqn@shH&#!^S~K zMfYqka3rnpL3`Rcv|xe}tF9D75b*~ZgWHlm_47j^Z0^ba&FOJ`4EA#P(i zg_GpF6%76apZg`q261r5fpU%wzRiG^T#L{M+Z|1GfW;R@CiMpl8gIbdk&Gw~^es2f z3ZRA@ROh1ZfP4d?hP?YBkdU+Y4p^pT!DV>ZT_KoA0m9}_N;OB&h+oPxbqQ^gIvw90 zITh08(+9_E$RRWWVvs`$a$-$8O_!Z`xOMYV9JYQXo#WZ$#s z0xGkcAAA&v5K5ew;7OxO^=fb%o2A^`=BU_OZi+n3cGyUn*kwrBpjHZ#a}!^6WVh5^$zKc4DVf&Y;|_vC7v*7WU%vCOOM&NmP3 zmFtTKoR%zXm5kT09iXuiUEfsUzc)HyoYlv$xq4VhEI813%Ue<=B(~MJP#IyDXthSN z{`H{Umi7<$E{RGe#pN;^_k8}Bt?n5;)vq4v{NQzE@qd~wH%ZMG44YnWy+8%LewlaC z61?xPXO49Aj-lxsFN#CKyefW1-v_O-yvw%tuHiVs6aCS@OYTB!%8usk%}zp1HpWG3 zx=P13>U%osyMrz7&nDZr+3HHTuzZSwcnxW*6bhS2!+&AF1UK5JV6X!UD>`jI&Hn?F5zQ?k?fH)Z04y z+1+Bl2KVKk-6CQFY9i+;dt!Wx^8}2+e>6r zf6TFbF2f%LZE$GgN^UlU4$vqVaQzzz?HbOYeLlF(JF`Tm8)(2|No zJL=q@d51keo851{qmYpg^Ov)e-MoFNj7E`BjAb!1GUZDlxV9zOJu9I0E}nq8rl2}& z8y4Ou*MqC=c22N6pKhaHPJ+3|#!R_ju)YZN?~(#fcmu4u7zxa-7w5 z(~UzSZh)yYJ1)sDHXk0GJ(%}leKi5ztTmTFY*GQ#DqLA(n}X&$4l=$i4PR4gOZXWH zzS+1MAx|SCkCpmdgSICAKX&t)l5KJaSH#DnHMi!-tWap^`c{Xw7t7h_KhKkgaFtIQ zq;IhEHEF+4-T;rcKi$G#7OVXV&W)KMCN7UW)+}!yK@(`ugpb>2F#W^d@%imENS*T z_v$TT=@fjqg)qxirbG|UOrhS>5CHa;Ty+o1jaQs|hWSmr`vwPe#S9|n*mHGd5%7eE z3~BLj=qP?v{Jm&!F8Ee0@7CKW(=^DawdVBUx&j!V;TU*#)#g^tC{^VlCFJ|Z!a|hEDOZnZq*;_$MzC3kns-o8$+}_%A z=XTV2DQQAJyvBOY_1d3tJJHMEoKa4&=WJL3hVCPAdQ&@SvN%I-;oZE%L@#^m^=->1 zwzs046%Wo#q!tAE)Cv5G%jdn{!AZBvb?OReJxj&OGeL^T=i=m6d(MtA^m~13Axg!w zI$9FXr_(fiTcTT}N*WB~nb{+w92v2)rI@{30OkezowHJ&nrEnUND?3!U5aZmveRWg z?RV+P{mY%q@6jxa%1X__fwr!hn;wK%cOs_h>V z(ljJ1-vA$F4X%|Fg-Fj@w-!i$i)XX8r(MGh$hr0{N>)E(1KD+9&x%y*k>-C`J-#5M zQ^Isp$lV-PI8Ksec@t+|H+BX_WsD}|tUfY65T$Z|ynfTPUf&*w!?vlY*W!=HJQ&d? zuVQX8_P>82v>`qroTYrXgRk}^V>A#!`l?VvW9}X2kAGBDUtjE9soFk|r_CEhd+<37 z=s`#Po-A>_Fizu>7pHn5U3gnPOL54SMCt1tn)bdr+QyA!L0F}DTFoNOUgV(`eK7xO z8|i&3qFa;@@UNpp3R&f@Nf7ycx(SIAqJ zZPTXI<<((&IejlU!lWW&A&a6R7& zU8U8A8SMP&ZPY~sbMd`!^|d*hj>x>o_GU4;;=HAR`{_+Ob8u7cp+Cttl|FmDDB}KM z*24e!B#-|!d5`uTtl$P55Nd^Z=W8_ysTi%x12)KlE{fCRpYmk@{BIS%ca|L21Kvno zM)}HXM;_?c8_ix0Kl|%W6Y=YG3yr#jREDc4Hh34&b#KaH`AX9^h+|z` z6eFnT&Ls%=&YGU=M`l;9YMZJ&*6dO3Ezh>dK2+1joP2(LDVei7j2U7-dNav1rrm?* z*ZK8sy`F(Jbh16__7%w>3Y_Cwb2>oSb99L>a(&k%}fOrxu$c;2Dt_ zTD|gJn-_2;4)q!*>nG5BU1417b7edjr~Ww|TC3AClD!d>Xe)VI&#Q~^Qou}o=?7D)^LrLZmV*{LKJ_e9* zQSDulnJe3EecPBdw3+dE8$kP;Td~$!fLbK1;UQ(4))V=~(kF~)a3tRG2FaMgKJW4S zeAHA_?FK*&29&F<(sVu^8p6AsOfoWwooJjQH#za6cZJmaY?QffX!#J@3-ID>H(HBP zdyu47wgw`CzUVoNRX0>dh5sHR=1W}dKurHSjySs+L9<#P?=tJT zrJC5YxiMCg;$+q|dC=f(1GGP9`JBF^>`FQzqg~Eoks|vd^EJ_#R1s8})zg668Sv{N zoMKT>Z2;&x>#XLh-*_gfkMfsKNrZI?h4>b`*SI>W!k0F@cw&GF6#Mnjwf=nAF}xOH zpV5Ajr|qm+86l^Tq6v|UPskpnO@ltZ262I<$J`3Hcj=0Dc;au-Vao;-PB@PPQRc`3 zNS$Fx!DumE0kYzyiqpBMu)g`5hxGTUQQ4%bPQ=fO5u?+ZLD63A)?$+7>331c?L)4o z4ORz8yO*G9RXF^%Z5!~VgH7Q(`yX801s%{E%*rQaHC%$9NYgUBcT~F-?K$riyb8iU zvLdfl^dy_tSEGoyT~yW3<3Vr{kv&-JxEuG4l{`Y5J{^^1^yY!jhfR5@zSo?7lIXrm&c+Q)5(^>_7)G-Z?$OL7_0vq_AYe8^SE}? zWe?KQ*xf$LLX-_=rix+~0#w5;o2N#ksDKG!|=_^q6;fik!P=T29~>^T%x^~JYUg{zhK zFbO^i_QMMh+)Jh*`!&2P9y1utl`++23RmZtun7vTk_deJ525g`-<6gf;J^AIF?zU7 zf!>hqZ)x~nVdpTf_ixG{?>o&GCN7<}{siFKzC&j4jcUkq?%F5KZhq#)^$5RMDU^tc z6)WEOiNU%+Eswj_GCs0b^}HuG2PWtXu=+Xr{KfoCW~r_mHeEx;{oGVHO3SDvY^{oP z<7br_EZT|A7x$?vx$Y;arT8&oOP_i|-S&>?5C=#Hgh+kKq49S2Ee1w`9{Jz0*8sU9 z9(_BEa!vU2h17HrGXfwCR~(AHTbBnZ2GWd7pF`I=ZpkOlVhMU>g-^g#x;gnj9ylj* zP~UFe6iE`dH&^gC1sSL!MS z=~;t}&9r-&sno$+{s9^5ZGJK3zsgjkacU%aXVcLDZ$($sfm}|L-an`LIn^T01VYP{ zyp$mETQ^s8l)M(1WLnL3mkX(F6Jj;=$?0^oM0*Iji^&&Ozmtzp%@eK+q12%qe!PJR zG2hfa5P|e|C4M>f2N-G5fVm@vU*z9fhUAd{snKx}2mUnaso8raM^SPhUMgnhZC=u@ z_yhG?CRJ$j$ZfgVm6T=#tI#^M&^CPeBSJRn-RY6)9wouV&{_F$aX*Q*w=w0T# zlYQd$ZJ*{Gzs;$}b<(AdE-|TY4ceSTs3@26r(e!Rb|*{UpT7j2$|S?$@b>ovAh=BP zaNQu4lV&T}RfaG#-d<}>d9etyBMs5oGZ<+J-5;~=YVrq77JPIoyYxs-s|C5IqO1|q zhXKbH5)7f)>iK!koWA6{<}6=e=%1uHYfVxAsGssWzlE;}E`6B%p+(vgI6i#J_QY1m z;I^w565MK~>3XX3H`U~A%zKVLnGgZ0VJ~0$z-Tq?x?SsiO}^KW`?ft<-}($U>YUj} zgSozdni50Tn!jP7@W;e&KL^EE<$@c;ti`gUMXEbf_Ms?yw(ITsql2AvaVK1^x% zF>x}aaDAY>8wEXy=ZPsiT{AQAN}J?(b>M|6%&&$M5gCbiivRa&83M&hQ!1@ldzkh& z!|O60(FqfQdvnZUX*2UT`@!J5BDWVQbo^0bZ!_fim_mkSb<;)4ib!fh={2T7o=Z3b z(hyYaL!>>C42lh@wlG4*WfXIMe@camxb)gcxLA=$?`HmW%DpYIBXh!N;_GfEMS884 zbLYEqwC}5^0(DI+=BGrorQEt`k>#OcFc967+>$@p}>$@iivH>Zf>gIt_%@r)Qg&X zl7EwTXmoiX$q8o}@8pAzfSn2c70zXZnNqucB5a_kHZcZUYcft-f@FfTahs?4N4iY& zgEo|P!0QYb$!MN<6v6Pur?0|LA9gfK1@;t$sjo-W8Szv=x?@7;;D|XZlSUg|De05e zWJ=40AqhP^M($FMtD}uaa}&LMmKNc-b4E`6!SFb(|FYpW?huzhboB=ALF_C>y2Le$ zIWOFDMzZ}h{p$T{0;IF?clQb=Y@uFY@}6OYw&2<_eaxG)v+`sBxp>l#>1MNlrK<5s z#m7!X7gmSc(;I>UGjV$^XO{h&@olt_c>PCu)03JR0cX2qbzE2BuN*!FInH?77OEBnc|f-ccxiWwtZ!` zuVRyCrBb(`&v!-VnGt4Y0cSOz{0{Ar}~(|q|>cc zhkvVzUo687#XI_5M; zjy+q zKwN@l=5HUFjOc&l8C1_vDC2)!oKUfgtOrbwjZCpwJ$*1+<>XmXW~x6~jt-9Li-Co{ zbtCSqx#OWlYR+6Tvnz(*KEFy(SjY9ACS0f!>e8cE-!}0Vec7fOFfc0kSL;{TQ}r-` zs2bxLsW?w-cqldaW-;hWt-*)4SIxm#1uE(#7oPTLS`q}38k;uie`HMsvh#FK5`g~J zB|kVFB*(b$BM7du{AGp@e@P$}i*eXJWMo@w3l(7xCI3fYv(QH&&$@fS#B1r6zT4Af zYQR@ZwBS(bT6EeX8yyKTKcA=)qnl_$Sny{7E8Q+aMSRi zL(avC)&p$B{gN~J^Q(nbFsmmkk>(z}Engk680TysB}@578;|;ej-H(Z+zRJrDsh$}6PauC3SRQBr5pe}0#DFiO=uIJSs=r(mi66o zme1Kkgvol61zeCNm?d$*{vlmaB43^E`>RF7V9q{j<7dYD@$YR>{U3A)t&3uPuO@PkZpFw< z(;|ggqU|cYQ<|db(5ew-vPR6YQE$;Z?d`Gn>YT|8zLqU(QRGv_vrJf`?U)Otv2ye$ zp=_;(LIu8v8Y6{Hm-Iv%wcA7iXm7qgY}Lc%4USsM`Ewvcg2mmkdT@ge?Q^9pSaagQ zX6QIc4t37_w^;%%d;gzjK<|!caoW8iPp{GV3zd&hD9h_&ejU4)(~P5va!Riu=5@0} zOpdoNG)$t?HJ&+hoOl#dveXMK=HQod@w^}2U{R9I=mB(q9br#GNz^H;`?nq%;Ba&G zwv;$}LUwH(UxXy%nFjC{j+o-1AWCdM)LOv7p~!i&OPZy=BgGA*-vi7qAh<bljuL-sziaetFLu3bY{JJDHW(tcSJR<1iw@ z&0>8p>E8|8J?At(KS)ORwD3`&(Wi%*bf4PW;2O-<@y7rSzHyYH+yJL0Ax|bpm=c}` z=)=DV1aq3mbp>U|m8J04#}EnLzXys=t7%je7FH_40)Deb+%@ZocX zrEas|rT?iMer!Q_Mk!6LM4GtAxm8K_6M1j*Q~0o+MpnRs9#76hX3-$1*?K|RxKCm4 zcqKB*2aog1-M9o8a`y3QO=2XVbt_DBwDL|_!o5o1v=``6dC_~GKXhw?F*tj|EVhy_ zEcG1Mf#_qAD9AkUeU6bVt;z--kQXA)_k=B`3g92&l-FQDU^>f4;z^dhW=9MA9v;}s zCHvy-7PsaZg1tNM`Pf->U7ztvhJA4bK_FbgB^oHO5I7OVDPZo4$BH8Qbh1!=*Nz%E zIQ94t3D5t7wFDvSKvuCz`zxl8Wy=hUKD@*e5;4;cNf)Dyd^uPFN{M}$S*N4##U(0L zC<+C97VgbNoF*j1N#A^csN=yXuBya`jV$*55VUQ4fZrgx?0Ry!j8*lhi(pTJX>gL<84_&re2BLN9EJ7eh>+2z7I^zXkPS}wGA(q7q2HdT7yIz8t;7G^5loDTq%OR>xAs|LaC{ONQ2o@oei2hi7iPz&l+YXI4nmVw)}Tm|FCyw zOB}9Rrq$iwuJZZ!OQYX#rhG~Lx^(Ykv?+yVi>~d=l{v92s9pZy#mz4Csv5A^?uhGt zQ{$Ys$Z{l4RBV%{I%XbM0SozuH=@=jzXgth%HFwh%9DD5WUNN&e_AMX0V0-jzfZ0W zs9<{=q(CSPYvvhJW($`hDNQ7|#Bt@|Tw4Iu04i7ON+BlHwy03A^M?fOKO4)C`H^fn z_hZBT6Q{)@WB-3D+N!pd%pOf0IlsQWT+A&jIL41AVoH6;<;@$9IxtmLRcp?(GR@7+ zTRVnqbZl9%vc=5cmzRsKn~zJ6Q{u}9P&>iQmr+;&kd_&6<(n1E9+gy9b}%VAKVPsw zKoB97jbjH7gnj3+(*Esda2$!OJI3$Fiw zy*b<>w8?+9%;Aq~DR%(>kJs)19w-0XH&z@L93&hWk{@bShC@$$0ZY`hdJ1_0W8H@n)OxlP5bGQCu6W#T>4hy_dHHG)3KEQ|a=%{{B(=sH`!LF8`o~Ir0 zWUCczF{U}*u#Y>chN3osjd4ageoGwXEwTWJgd8smh|FA^%be2QgI@$_G8tBV?Qu{g=Hh8q=Wl}aBcO{E66$2OhJ1I?UrRSUJ-7TZpQ)dQz1Gikcj?L$= zxseX$jK|kY)6z*gUbEP2ekq6CK;d!anO|^LAh@oZk#JIVr{Hj*iKK1l+>NJ$zKU0` zgu1=(2@n}glisG!E`F^CvQPHto6tVX4+50_`1haj%HH#iCOo78aXk?NMldrdL@wFO zkW`YwXr1UC&$B6I)2MAiQp1)=q{-M^KU~W8j_0V_G1~g@c&IdNI!#}@MDvMj{$^BZ zR+ZsaA<}CmK_;Eo%?z-O8fj~2Z4^f*MPhdllQ4y8@FrTQI#TqRz_&0XGGU+8+P~nU zo0ij8Se9eW9?#9Ohrb-dIV}CP*bbxUV|Mv#QYN%H!Hi^Etitb|El^=#0O3x9q^9LZ zecm)(3Fc#tNk{B^EFm?{ch!@I*2KtMz@1RoFe;=+SjJD&13cdk80V-&-gpe9b$Fa0 z1!x2x(OD6cFKA7&31%Af1=|Siu7d`k{s56JQ7*`1d=L?@YKN;=suvt_SB!nFm+xb1 z^)kmX7)3pPK*k1KwlIhKc?<9=ALzSt8%|5h)iozI85fNA@!1WF7Zs)P7kA8dgOMXb zV)HVNsDeLM$=wjbU24P1UR$FLWRgVi`FXtHaC;%1>*Jo}Xu}{| zbio|TN^5?5mSMT>YK1e?Ri-}dWKKy>z2{IcshE8HqWvWXhU|z?J>)*#ieXHYR|ZIe zhax6iFNLF2d3%@T_z5)is##{99S&n*7OA;tm0lcHT1PJ_t~@eJag3ep3h2)f_tpjD zF$Nw!BY!W6hg8v|**eo_Y?KtA`v|P8+@(ZyS)q^Mu}PiqoCSRey9085`#==nvmo|n z)%~4JDSk*v`Kjo`cZCAnVrI_Hq(7?umMZMy!?W#1HKLU+=i|foWJRu?WcHnDm?TpO zBjXeIUYWQpOP=>Z4YQtJ@)aL$pXr#9rP!CfO-LYWR!-OA%xp~_#k4-hGvkHGC`{CH z3hqjLwsBnlQx+(fUH+%jkc4A?f}60WogL_ zjJ>1<{(8(jtDPhv8;@+Wnv5Qn$9LDsv|l6E0roWGxFXYdW~3+0eoaj(s@HWtK4Z?0 zHY>%pAnb#rjsb@>{Hl>7XDF$v*+mV$-@Ra=!OPjH$BcN=+=94siX88jer)EgMt~flHS9s5EYd?h9 z1rXTsA)ohQtL2V-+L<0km|Gxy0G`~e9Yyhp5nyb7ik`dkhOP-tELq`;9kvqB3@1zE zlIJOq&WgD1ng3ed`D?&Zq9*TzJ0=ruTR*Z-44LUJN~W!n_bW9IK}vt%5BGw?^L*oq zWFN#^eDUA--U$^8>cE=g+rASzA*uFT-ZI~%r;__b${2i{xvuCDBNf*U@1m(196m7l zPs_BoZBwtDIj0yS;I=pUFPM!7h>$T9`H+L;fq>bS^r~uI^qX4u(l&Z8;Ax>x0qrp9 zhdr@KF^oeF@yfk`YA2XHkPSaud<=oKuiT&KnX$SF#!JmE0?~Ue#@*-y8!p@-PbGC$ zP4Yc@<}@qTLM2ZUB;=B#eTDmGs{4knl1HfiyNP`fug>lo5<`K8Vv*y_E zEPFSe!8qCszD>p9g-KPt0zfa{eue%aic)JKXT)mkW8r4afY(|Bl34v)b}QX+xMZxj z=$F}f2_)KZT%+u(91oA7RBm#X(9Misl|qb=j325fHVy$_w)w;c6|z6-45%1|Zhe>( zXqTa_I|+pzcTvybSI_5J=)x=FV!f96wj*`I1sGCv;4OhUP6jE`9rlAhUd-~M_pe;z z29oG>E)^HFO|uGvIQ7ECj%owELrGqMYL)lFmAafaLBv$J0js%XQ!YIVj;C&ffzqaI zYYiTFm_MDjn7t&Z|He(;}bOZHA~r~vQ({yKHvp;z`t(^g>-q- zoY}VO!f`+OiXgp15^bN+XbhxoUPf@7GUW0Qw6o=BxaRKCY8{5x%VKL0N-$<{+5Ur6 z<}9_fDOxKs0%stD?HnQP!NFz|q(}fAu4i^CKO|4R2pz!-N$O#jBa2d0+VbH6MS%#Ij4q_H5>z!NiO&mEn(J-^+>4r) zJuE#)CS~^_d2(m?+J7dB7pog4@N*7mqyVSG#wvDTu$2!7d#LDrD$YHjI^US$y_E5{ z8zH)`&cQMIh^GQ3-7#sRVafeR7@YSlHy{Cf4*hdS{msa@U3~1HuI#elA;_zJUUt&K z%FilZDTPafEKCMAZze}wln&EJ&Rlz6GG#+#i}M>BlQw-`qSDfEY;C+F>UPnpOr&2V z!70ha7t(OOQ4^D0ui@$GxU`z}-ShJpSXfxv+S}Oe$~3?-gEr&?sXJp2ug((2X19egcD+UQcU&h_#(R?evDoB+ZspcO{eYvv)2D-f%?`28 ztq_`9LG$y;XeydcJ8Bl~Z}UINZdF=7j`Cf(fwAXC@wIue@4K<@5Ab?=@xYpbJI$Z^ z&pC{oUQ#>k7+9qPOsB*RmAdkRaU@mw$9^qdmwd8B?&|sFaB-hv_JXOY z&xyoyDnbLuLY!&xgY?h8!u9<0s2}yGfr1}^GGHUG|Mx@roVqCTOb%T72(IU3im{iO zBn8em1c6>tO!n#Fk@UV`Ux(B3b0x{t{fSz^IA9neDtL<0?$0}S$wnLMcmYZYgK_E7 zGY4dnuYimKNm>eG{h`Si(56gRREFZht5g?rPX20Ia4^K;<8fRrB)d2leLN**hrRnq zAKLAJdgjQZ+4);e2MNX)@ZHz;x$CAg@gc42CAR_`%krlkc>?A4k|mVVTx0O)?wwv= zEex0D#!EGddUIcd2=~qKJ4=|K*nZr7A}(M20cuu@U!_~ z+3Kfj{*>s|-JLRbLe!o{QSH3gR9sYZv3jsvx@%%^6U+|re1^$A^|99f*surg_JFZAZ^3cpCjdb;URx=TYGtAy|f0_ zCvkNGVU^k6^*`w59i4e+H^An)!-qUVu%8Id-`>PxpFxN9WwC24wdDJ#{7U9_|G`0gcD9_) zo9zBw5S-Obm~VH$aR&liW*q{pypw>G4DF>ifz_f_Dyn04X($_HwxPm1PnO1S0}d0j zK@fr7ipjZQ*Ij7?!i$6#Qr@OUUpLt9_kAK~>29b`c1e*lJ0am!Zgvce?s~{}qZ^@~ za{j~q#ydoHsLvXVeKE?m+@z65jCTSUq5T|JeB)fl%cQ3CAI$pgc8O4CmHYgc?^?Nj z_XDRj^@4Zbr1a#@-{=u3b)AuhjTXLx?mos~`JgI?9{VRta+uUt#U<9WFc>jljO?+9F`e-krvvL0rs%3*P~8zsq{Y_JDy57UP>%McbJj9&)8~{OzbtV=8v+b)RytrNyhzuC+omst9u`-`5 zR%fnBQ!!!*l$8U8$PQ|sBSu6GSzRy(LLZ?R(X3fbWvyl(J=hbtV{G5HO}74YgYHZj zOS#ZH$R$Eb`*T&`ZBa~fMz@bVGs@$#=uLxLxg+!MusicVIjp!n=RZux2g`B2YS*Qp zq|{egIlrU7i0~17iz;3T^VNB9X<`0jG?KG@pD@_j*){9U{mRR!>FDS_C=iHiB*c&H zqF3b?Q1oAlA;9xbnA$EA{Xd~}4o1AJ9$Z9a#(&W1v_l;pk5g+S)74wge`9Y-Dl65a zjVX4%GPLwnd2t!E!dld_&3*Czvc}H6u$=eNqmZtL4b(jUTPSuObr8aN(|S=_ZO7T! zVkR-uj>jl%WUKwgvLUQsJPCaV8>eAt72dszcLxqhbLT1z2@>N>otoQX1|1#K+~yWI<}5nk-07YeFR4_+TplaM74A1QkgB2U8ZhSTLe0sjZx3ppR`PE{Kwu$>f$jgfi6R(qoFxfLa)bpXwiu_hX%@*LN zfL`8~CuBlVIX{^bzFaR;j*aotR_(+rg%1YhAK!Fb`rVSH|NPGlnzu;UKH+s8g^+JH zey8HVB$bfqY*4$Q6~v3ar- znGRMx+(#NKc#VsrBnl5Z@~--^y#CgSx^q-(nmSFhzWlIVUg)#V*x<9hP9m7dvT41y zzt;^;=P5A;za#nfZK_gh#2&mF+bXnGaZh$*3uQ`9jy>1egB@#r2hgk9yJ_O_ozctJ zfN5)sgRX|3nS9#pF&}ac4x3zfj4@^m)rHrCVRK}(EJvvx0p{~%wET8iqg7w!u9o)& zHR~oFr1sH^^S(d0rmQ zTd(nBY5S7!o1??u9q^pZviYR=MM({JOhJKDH~8cUaHBswYOMZFmxS+VXZAo>7JaMxA=bi{v^u7xKUjMLb{GNhxekChta2cY-cPL zIy&of-I4B_c!L1G$^9j3+f-v*e*~J$G1`~?!<$zyw=E;DaMAB0!}bRXH)*M0@ZK`WZp`|`axcQGnF98*oY}O; zyq0-uV_8=>Kd%UVmyPj*`9Rj$`XL*4bWe7>NcJ+l&@C+_`5|VFl2Yae&?p|PE>;S{Q=P4?nZP& zaBr+*{FX0v;di^L6^%*A;}MKzTSoqYt5l@SKMtR+4`h`>SMSAQoTjd1 zf}clys@pC2+FUf*c+w57(r!4?=Vhu$$JlBEAe> zLazI5^z+T>Wcz$i?$bhpUALrjlh*70`hb7P%bm1+HgcPS@JFdVd8bIZ_Jcwt_` zvY{}tk~?|jx85qr*?h-9XpJx0ex<07IJM5`htqEj{dPttyGdZ!I&;?pq3Mh}#<6ZZ z+dzoaRsXiydFOFKX$s}`d;A@Mq%H_sT%38ZfKAi`RAV}8O>}I1aTLmud)&6$XKFLe z9}Lh+66Kd`ZgL9T&)y>WUxjIHR2OVQzlm9hHZdn$#4UJ&Tq5OokbRUD?zH z_IFHWA?+etDG~MO^HGh7N4sY@;#~%JEuxqF>#z0*J|W#MpdXt$kYMRp+(=;2hR zo#*s^kbS`5V>jfFny_eFnw7PqXe!&s9Uobrl^(2UnF=|uZ30ktou&7Q1te?fDkJr= z#x=!&+!jNuT~j}QXMSyGhal(U8_6#E(YFe2-dpmJWid$Xogew(Q*J3$u6nr|RJXP= zilPQTj9ak18Jo>W)gOU|uJW#=IZnBHeW@BXkM0fjjdWA%rXV8rNP5kel;QAH^7ORvhCwU%1q^zH2 zCs6ssmcJM&Gy7)d?;~~np5V3{Mauw3 z({3z;?RHBMpQ7!geofp}>e?RIR?oISyjgfJAZK#k`QRWP_ThJyak`912(Xw9qnDFLPSGlS7s%>LYn zb)DslIVrBDz0@&we5rz=k`jN#I&BR21|>yEvMnQ0T`p%4RH#`T;hryFAW z&x2eLoDMP%QyQb?^%{TFcpVmlZHa@0(MjShkRtej43QN5V>=nl%h=E@R_Ak0d6N&8 zFdc1-bT_Uic5@?0%``13XE!1^vT63=_J+B5StbuK4h@`sr3sNA5?ohJ?1QrLDr{}smUBWf!i}y%a z58;f+12o9l?xzMNKh^ou$5!&Ven*`8Ew4?$JVNcS2)rZx4%#)k@7fd8a{9qHj+K~3 zEO<(wJD}laGZz7i^68euH$}%cG#YbD)2>J>CkUk2c+8hXK2c?&rl3dSc|6|h=E+=w zoH|ir8by@aVyFk>OvRoQg3?VQhB*BI=nqz7p!CJ$Gan8G49^HrJ(0wtXT`jsZ$MXP z_NPZCy={b(TSrB^iqX(B>%}fQl=;5O1zfa{JvrjvP!qNY67#(@Z{G8lE%I9)b(>zO zi0YR{yM}06^RTfJbSh6~mD}6c*Zc;{nNAz5YqvJEbf@YZC3rW7ZSoAxI!HqCo?DC# zOeS9~n;9U!l@s2@919{NPszVLi$LEiNW6Ig2zfW*yC5e4nA*tK-fZO$>l0|C@37ii zH*VLDeUUYfYzD6tRn?HKh8F-AWRIXVU0RFB8=>uK>^}@#l6~{OpWQEZ^SrxJ{a^T! z!6DC#mm(C)u>xWs7fGO<1c9zqwQ-JYbFTXf2Z+oir1s9*wHp;~@oVMl;kzUtTQ(Hb zRKVdC%quWtAeR#N-a#GxiqiJAdE%=O6y9(i*CFT93n$jgZB6R|iHYZ^Jxc4}QqrkH zHOSre(l1_a2|Au5ei5%P#py@DFOyn&J;}PbMxi+3lNzUpVI~EprQ3r1`zHM-D9nHK z9Pr6l#6r(KKyMc9UR`xT&9cDS5bRuB?8UYr=G}Fs=uVuTds2LRloQbi-{h;l*t%vp z-N9~`b$dH;zXyJSWZ#Lsx&)Kk2&N5Bzwm?>ukqQ(wd|iFMo@RBLx&-)kSciUnd>Rv zaH71d+(?@ZdY#qa7L`(}h{aRRJqDiJj&LNuh@p)hvRD!E+v)X$HM~rBLGK2=+#bN< zxp3=|6Xf+(z$VVRx+sX~I>NUMUKHIB^eCaYxQ%H!{ci1bHjKpadkySQ6!sAmM6JTw zCI6n5l2obrnQj6T1l>K5W98CHum0|+04%63Srb@+dxME}_utH?;q)1vf#-G3T(@}vy=y73}+ z8M`$3e?Ch$hmRZ-k4mqkPx1M@pdV`6dPGL2TbBF57O$*m&R*bafDz+9Mn;sv;PLZc z9NOBtb9_89&c12AjZcXbAH`Tp_jg|99pQ|9-5KpeuQv?+;Dez;Rs7_$*-#WVeRjJw#fCO7ycClsA z#n~?TegCiRw4Ld6+J5bwVYr;V%suy>^Sfn9|Dc6xB&NIndGJy7%^|80)A^&~d(2Io$Apjg*lO6x(9m9? zeUyIp**$B2$xA26E=#=<5dxAR{Fb^*5fl zh7G}nbi&ThxFY%FTw(H{W6adk`Q z+rp2q&{2QAE-xVCXZ+how$bWR7ESeHPQl8ajgEL6ey-R1f!A*o&5V|fcf66Axax78 zcv7+k%KRJ(dh#F^j+64dl!M&APpV_B_!NTM?U~MTfW}C7J<)%;hezgpG*^k%@U&yN zGf_sw0oQYBjzmh<5BvzoFV0p~pbvDF|N9QvOg(cJfpEN}VeJj=+m zS$HMQ-b55*MJdcmy_xrJ<*NGfqSZj$TQqsgi(=2TwskDZTg8Nhyi#~B;5ElxA_qwQqi+?pqj8{VqQ0h$HuKFpMW0oIMWLcUm%U9~IRj6%UyT_B$NB;=A#&XHxUa z9S;?5x4Yc@GSp4-VYjYYOXK@UOCI5GG!gDZGO_l^U;(E~8o$Sh*WUfVS4!gH0>L|% zWTKBwy==+!Hzhu9vnd}Bl6OD0-IxH*91a5G?7gfxi!z(Q2Mjm9JRZrFN65v2r~YE# zIeXRs-~2o1;w-D$t3*fs+N07>WsW(}0E?nG9j&1*`gcJs)FqtjV|Kfk+kaoIQ#{Fs!2yKu&8Y`~)xuE_XXrJ9>Pn9Ivu zsr_N`B#7M*ZVi;Yt~oS;$W$~=No?RJ=C#2#se-j6tAW{yudIF{SvrMcO}9j7dzifd zJ+?xuY{{D=@O5BzB`L<6XMceHe%gM~ZUY4GnZn{`ZRvJK7$SBJ!O(bGyF#;~PB=Sj zh?e)LRJ2zOe!yM8A`!Lh?^;&=eS7_?s{zBj$o?-3hjvz|ndv~v8Qi2EJN8QHL(USQ9u}LFAnZs;9FIBoR815N zkhg-zu8r4`GVXurPJ3eDW4oo%(F36@J*@UVP`U{2g1GbBRreZ&Ey30!`C%d!l8?S1w1{wD82Mu()khQb7EX_7EFt(dc6vj0Q&xB_3LF*2nf311 z4--?`p-zcEGInvA6S++pGs*N8-+AO8KG?N_a7kRe8KaZ9dgY9Qxg^PuLou&Hg^Y&_%-< z#RH1KS~gbwgpk&$zF0SC?ayQHtCthQwjLlaTHws=sH#Hxd`>rh)u`kSS5G(JT}k=e zkp~s|E^D24giS7+HgcpwpxKy$P3S1E!H>qD(DD0xv!lyuDt@7s&?Bz{4tFSCnHj{fUtBlb|saKGPACjCpH$( zcWo*Eo!|_x^~X+?SDXk~H&4|c2@lb=rw1={WGwntF0YOA+5aTr6Odm#?T1I14@f*s zJe|cITHb7JU40<+WXY(Hmob)67E$qqalep)4#9ov z+C2g%JXo!|PDnp1?Dj%T^gaVn=SG@c@8>V_oqF&)cT_HK+)=j`qQh@|p9RT|7ws;S zfs_#6OR?pQJR#IOStqO!wQlyahvvf~%js<%d{V1%Ai0Byo(D%a7M<}D$PE?AfXsvy z2vXj5?3iJrmBp1*&6lDNd5)mQvU!zK==M0!h|AOSPNER=t9)iMa&I)5w%BcK9k!}{oQ$A-Z=^z}> zr1d*TQ2`YBZN0TXu#*5v+p4OiUMyHGpC!ShrO8}JDsgS3?~<0bh44t0pSWG%sVfD9 z$^R*F@_jmf($>7prBdbWJJ!lIy>Fsf6A@z=qmwU~c=N8+8pMf4T*qz-MXgzNB-YVG z9pHzC7-$Om?16nMNe?mnBX!dXC7;-iC`D>;y)modBKSFMbkqJC4^EatpsWyGI=nF_YQFR@(Xc#WGlCF{BWW20=vb0_F)_Q5 zv$SA++mEH|B{UIYQJwEhH;;G}zf^0V1 zJ~P?i4_+P*gmw1To+v3%(1Y{nDB4W(3?IbqGqCVZ+J51>);PcFaG5>pmgBf%tiP9F zE>X$sN=k_Z6*v*tU$xL(zG0^Z|5{L+%STvGlc1#|7}6U%kqDRw(s6vD744>Xt~D&@ zP>N=?YPasH>(PX~4y|HCRSxhD_A#40<0?R)0;sBf7f~+QiMW~(_q&n9`E0@koUR?5 zPnDtS9`Mr4RJ+8SNjl`T8X(Wqr9Wu)Jv2$<^GV#}=BdoAR4;d#Rr90svFw*~>*A zcf9*4FjiY3FB0pNSdRzo5Vo10T|%xUvV-ft+CYni!4*z94yTO>Z+f<}1DCg*Rv6bS zrQ@gcJ~I`Wl{?D5221dZ&I5C4_6OH41sj07I}xOLwx0wT=?&vDsOJ;wK)63&yJ?>n z$H_s$$=jMLoGP_TIu~4YV}+__`>En64|1tzt(KfqZyh9>co7$L%RfBe={RymN|W^J z~``McPN23J!m^8`vJ(xPfOFz5^Db_)Yj+AUDDW?dMN@oFu4%@s43<&L@?=lqf1I3uxe+=Ki9I`EyW zqCUIP=G+4J*sm2uj5y>uo{siR=Zp)5@?zRB&{+ubXz&@i>GhwJTG}MptS?yf$8zi8 zSdJD|2mF-NFI{e)+f7xRgM>(*^UTdjL>*1ng{Qmc!~_o-XLS=3wsRtsX+m{oh^y(k z-9$fX4$FCv8zboXG3He_;O^EYL^x5ZSZ9K$MVehU-!0bYG?jiG&DhW1Ai860!HAOq zK!}~@e_zw~!l-OeA>hhY^^MR8ZF--`bskFeP$i_@65c679(TSH%w57bqW)E2$k*1x zl8_uma{6P7n=D)oXsTqi#P*}Ec32NGpuD}D!}38*+^TBVS7z6bf3uD_=`$25P8Bzs zLb7%z9|wr7a!6a@d(g_s-{=5{8KUZDZvjl{e7!5j3N#8g#fA&YpflH{rS1$@Wh-*Z z9H*tCzkX-1jdghfD{M$IVs~yZG_+9)fSwf+b1C!f($Fl^vF60n+3`#WJ-2yf_I*#N z2a%UFc(P|Ax=0mkM8i?AeJN2m(&SRIWyFt6Qe7FpVxlEk@DzWeua{JZEj`{SK!3H zy$qNGQ8?xJvF&@aOor~XxK;kZnUa~kG*x09^nUhSL<=)b2`=&!bq!vqjw#8YHtlO&sIQ)G+0d9?F|rU6S1?$!O~fxJ7mn-Tv(eK|K8-iYuE* zISBp-{_w_(vi_|O|6}ml*YKj2i;meZoD5?HAOHX+`xl8B?5*6nF7Gk_gDK;I6zM$0LF;wcE5wmTHe3m8gWBm-kri?--xU zE8nXiPQ???mYZ2Bt~tK8E7#P;9nD7lnZGVX&egjiHt21pnA3=&ZttB9%P^&IY8m3~ zmT=^ZKoc9mgP)5{F+F;n7xT1noU3QEM`tI-9=YN~#XoA?&URA{mfzR=ZO8~CcAS>? z^k;grEL;WS>lLB3#VC+PRF@%~MZdnjU1#{2wY_foiiSqQ1+zZaG~0vmoHec2Kln*o zSQuf054%Kg=iAv)fy+Lqt0NAxkk5>InNWuBAx|+4bv=H)5L%5ERRDg%>)Br+vll0>^>t?uC8V+vG zvR|_s^Vt`(G)HEjW_4GTJSFnS^X*Kz{mEv&?hf?j(=0nVzlzdb<#fKhm@xM4L!+U^ z;Jny*zb~k69$@_VhOaGPBVvmjB0)LPBfOVkCa~2~oB1LR8S1gprXbvv8K*}HtcH_G zOHOI(0m~)qJIqHkpXca(ycLqYm z_9WEcyWeN{+HZ+4^LJ0$*~35v?}$<6>F2iJs5Qf+@A6`BgvQ`1Qxq<&vo%`R-8r{Go>az*u-V39}Ld zHw~T>{99bTA{?^j`-_`<#G_*L6;rq{pi3dz!lG>RB0~7K+MD#be0#zrk%qWb-w%St zZ;L}ij|H57PEtG9>zRu)%b;bMhCc_X#yiWU(N8DFXkVK$HZO`Li7aQxYOZj5Q&RwA zU>uhR;h2!)w|6bpV&npwoI>B&t9?~>xtlT6%!Gk^8187Fk9Mp!=DlU<_xLwCH=wOI z79)saw^gup$`R-JO`qw)N3B;kDu<;bDAvaQzuv-8P*CI7)Pl(4DpW>CKZdcNe;lYWT4!D%2BP&BHA! z0?e6|2Yfb{p6|pzAZuD6c#VoB)#0z{2Ohyfj1gE7jknmHPDFDncGIa*q(b~yU>)?2 z#RtM41jp;V zQdQS@D1mi`NtYKjc0Nm{K8%@dRcm-KUAYkB*02=EvV4!&CK%XhjF?K7e}5nREFOn2 zWpt4&@cu!U@n!Y4uvt)p;#i`@m)3O0!lhvu$6;=IV4raUk6`uRI z^b!j1*>$$7eSwOU0qOy#Z9D2saJN>ag`=m{2jRvhw<=aWpr$O}0hz~Ae7w|Gn9 ztOj9wG$ryQo}OsCt6#Jv(RNJdGHTC zhP+Od4!z&7AScvgpN8kJ{CWH7;rYrJ1;a^#X46<=Q_l6fl8bFX=t?SZX=m3m_T~^h zpwpADMPXLt;MKk#GL?T;57=C9e)0}^SK)Kx(1lz@M_nX!;(~a%&%s>Kk00LUTjtP~tJn0=GHnbJx(+0b|UaMRDqiqo* z9b>;G0dgn^kib>aYEn{To`)&`($n{FbL7UJ4YJGWUe8jaJ~Vun9j|*XMr-y=LGkc& z>^BE}36WUu*)8r9gLQg-;-cp-iPRXpcD931$b?8H(E={TUMqCOPWRxk0w18h76qA~ zi*-3Qb~@+{XwH3k9#dNm1XaD3ej$wL?j_dDL?2q(!Ar5#`|OqKXd?Z{h5@fZnGtaO z3sy6p(+K8?Ruj`fFN?@BV%M!yuc9>2Mu4Wc%~Pt`ng#5s7ljdLngJ_RUhO-d#MXVF zi-lHWjVCjT8^3#YD0Zo$R)Ppiwcwg%S-bc>ey4BoVNt_$U*ZQZE?+As;kst(Sn3V@ zesmttaRn`S*c>2pxwE~vAsE&jR_=MawMooV;&+LA4)YGkm2;M?&t>tX}S`UjpPWI_xNJ zg~9rMf+22gV*M=-a@1O9oeu($SB=(!k0`D}@!s2ShRbuh{YV3)KbBTbAHQ9Cxwvl% zUv08+eu5&Jy3~GRBZHB<=!B2#*rBf@e6EQsk*M`q7VR1v z&KtFcfFcN?*3GT^*N{w{HvOj=*AEyCkD^%{Fl}F0jWEQfy+VK8i8G8`c!)sjXY1c$ z7Mj)?H{Yf<#}{Qa8FL%s3_#U*A7fQg))k7m(?_c2OIH*_vl=y@3~l4)C~PJV5P-o) zZAA6;epx5db{{|n8xKi!&wYii5!4PzuQBe+yehU{1>fIvg1jx}9NF;r2)8MNDY&E< zhin6|qn=U8+#UsxBQU^sFJ{uIiKcoUjD0~ZRST<=Ds4hr35!muv2-qveZ6!>S!O3n zLg^Y@Om^A;>*odpC0Pu^7LRb@>rK|zYmMhjI%1w!-rwV#&_D;lBSA*CxC$J+F?hOpTOs0xFQ`XB|Xh7v@ zDm>dI5Iwx@zRZnjYz0YDUvdlS!=zlFqSWsRaF(rW6nPIbm7*mA47QA zdHQkVnp^zU)CUv|K=NG!qb90v`G^#)Kf93erjCf&HD3RliH`B;d7va`9q_I|DYUd| z`Sk(A#eJFDnv@_7%KLWgrtPl-3Q9=-ZC^u^ znLJ7rcJBP6^Rdz9zq|mPOd>&V{QFQMY}$I$_Aqz&(XZfqKMDoyC_1i)DYp^>igqk? z`aJ(qtThD}UBSzJAzqE*`85P6hjtrhNVB=3#}|L2wG}fCMH&>?-+ld{VCn4la^u(U zs;nzTvUe^)h38a|nu&f2*YwR)YZgTEgt#_id#sOmb9;pV zo?o6Wh%@#F#L4;MiDvslU!GYXFB-=YE%mN3BWz8I+MljQk62md23^uvPRCUYy72}P z{%l})@jTPMFjz>sO6NiCX_QCG1PNKI`R~j(pEVp?US7S4ezlsEex_Wp-j-@^U-j^( z5_)J2^2|%f!=4p0K&gu7Jk?>UBY4VRxutxg2>imLCvN`6Vw2_Yl$%(X`}|tqd$*ZL zh}Bj7T&<3wAf#>9eQ7P`0k@MS~Sdy zeGaQu2!<>K{?gO+1e&?DMNt%`p&v(afzWlyhF66L^R-&AhXPhfe!NF0Yn96?9Xd%_UYM`W{F}*fK zeq;qsxqbg$CpYcGUM!`MuCC%Lo`C)Fq2WU*$!~w!_%1H&zqGqvTzHP>!Z?`w1f72Z zJYxQUdb40A!dLQy4y;C-*`-YpsI*9t7`3Css1R$el&H;CvjktoeQ2Y_04?$uVP_4V z!Ek=j&IyJCogOI{znkL;e9h^{R{YLPW?3r}OMY}tI^p&mL%nCtMgX;8DT*&J9GxXj z@O(IuPL(@qapY`g^$EB3M{N_$BPR&sdX6KA^b5Ri0J1m%;vIY1oLn-q=ahY3X-yKM z@>)UM%8DwmN8a$(Io3u?GVCK&&fVFRhI962e$u4c{R>Mk>_y9xX8+Fzxu=m$A$V`4_p7wWpW&9fBm)`b^57A+z2vj1?P^s z@5u=tKgcX?6jes{3-bT**;;p&Ngb$dOFwv!0#q&uCc|Y-8!zGg^ic^6xvudXTzWfAV?PYMzNzE*&SL%zJflPLZq z>`ErDD_;|okfydt>ffXbP6sSh!S2=fJ7puyBbkQ*Ux>e1^&sb5Q;-{!1-_~Bc|L4N zaz9{hu2(Wo}k&C=XJrCH>#--kewGyr%oU9mNF8gTqAGat6*Tk zbtd`*p6@t%vYb$*OO823xv$T>d`fj%qQ>AiDuEP9$E1Q(`}Dd>LHHJLFHCNz{Q^FU zK@;z+;I|!=Hwf)2Wd+gmKxqGLs_RnQWRMQ$+NrLEOCdx zAnj&VHLa1OW5?Ko`5=!$Y$ZyezL7F!rP<%B8+-C+0q9vm4uObHPnA}ea+`Wz-;1m3 zX?DT1MA_KYJ$PJP96qc~S5wTo9@EJg?=>?|`ed|GKF=pCI(DJ-Nn?Y}z~A+iuz<=< z``sH>s@l}KIT?%Em>1!cB|UjM+V&(wfwhM=5JM9k8h^I5j8tP2 z9hqC3kkg@*5gezn@$@u4a(Y2@ey|uRZk?T<0(bp^^*$lB&H0L=hX6^!28@Ijac=JF zJ>6ZFFSwKvU*2p3MpvfEhG!P)xFkZaU+kUQ9X7BU>C8mEOaeFfX8#dJ;Ia1kP2il# zCSwe&3mm#4@aoz`pA|hoH#+iyyT-Cc6=iq+KK|7gwkBYDwqQfT6HQBNW@lM z#`K5dp?vLQf9X~D@J(g2DT3lXo(6top3$0j%hvprmNbFIyQU~!fY@&pi&hX8Iyk5> z0Y-aVsHyq6TU5>WEAHfky*@8RCGW|``LE6uTpAgHq7e4e*wPb%7~U(IHHIZvE0@hon9SwYm+q2|N-3Lj z8~R%v8Kd<^@LaZEx{2O-KSA0RTeTL!dKsFR&I7zsW~#ikxiIHPt@<&JGJFP81WV&22DQZ?UN)_!TL{?AdTGgc=PDfp zH9y`$#~(Q#;36D{SLd9>%*w_0(s@wRs*jlBE9-@x%Zrj&YUppSxHwgtuhb~LPS3BO1 z`M%0u7GG=Xa0swM(=4Hu29F8`QRow{UhX8gTyJ&RE}f4_VOiW?j-t(#)DN@v{-{7U zHV|!lTH>x@#aH(G@0Fd3Cugo6YQS~n-p7SGsB=lQ1V07J{<4LuGJB?B)wKDB1bBJ; zfKPD;h6>nA>PlqS1rTQ2G~JG2m!-@9I%KEN<&W-<#VqLH#p@>NU1_BR^J~tAqp6|T zx+-hT`pXr7TVlt)!&S~L4)$PBq1Socu15Fz0SJ_GAXmRjLFS>i*Z7u`LE^n47NjGt za(`;24BmS$7+<;~tZx>YODt#E+oWYT{LcPRtTe}2`5xiiEHw0X8_V7-cy`Qx?-UZc z5uptl9x?Aeg338{_3E6YYDMZ8#<^ZOl_a9*P%@rU-)a6i9sQ_H8+Lv#mmDs8K*=dHJo&yMG;ZfZxI z26nPmOWW@*H_aJblsmT+7A0S1~?$@ zk7Z+%Gs8c!{SS-JW=wyb0RLBQk^k9?dGoam{U0X+S~9rV$r-K}xUr$##sYP&sK8w* zuUbEiApHGVeSKpuYS3hTH}@8|LY=wU4tjrfAGTFh7^|RCwMT#)z{1Gjp?!%l@A}H{exZn|3oU6t6yAP_{ZUQ-Q8(MMv*lbJ${FdDGXjY?87YjjQE-hG!G4$bZU7C`Y96@jHU2O`kD#4lfdQ=nLPnC^c=gEO;xrb=i0qyS3w*X-Nu z_@a8n@V|`*@0ef97Qxz|Ph@Xi8ArX7yvMmQ_69)Wn}wz#CzH+hHqAa0ITY+n4qf7> zOKy+!{BAv(Xa8$D{L8-Zn5257&DU+U%(;ut-<({J9?o4+lC52owpX(Oc)>;bD7%0T z1Z9W#J$~{`5Ij>^&w-Ni<9^yq-@>5%GU%1J-{rICrzS}nzk!&z?HgXLM;EV|3(wh%O#F96Li_RvR4YGrJ);V;M zVscz0u{7)zLSC- zP?RclvjlS5eQfxF6($E!)49aON|doLbRZ`uSp>07;1$86>>Rbdcw(5UzMTVWo#CHl z!l01&@7zh+2UMe!c4M>^c4S@nv0FokRByK*RD@CVT~V#;oL>-3DOu^Dh0k(-v~mPg z>bGpnI^EVqn?3v|B-mf=b_oi%DlFZM6R9U@3VJRg+Pu#cAhzt#;rXf;Eb82QOH0ss zeE8>99}$~&7xdLOu&vdkD)2T_U^-u;T7Js)dav4TnLz{fIV><}qP@}#4`PJz-gsHp ztJU^W7(YRl;7eUOf~E_lAFI56WDLX>3dBL-6dLnPojQes2fm3QoYV_lKBX{Sxb9>$! z`ZqI(zeTrS_dh;`H`Y#gZ(=Cl8;*Yk-(k{mm3$*4yqaB^{#Byt0Fe(e3Xfs#(ShuU zmEJ4bjP+u}c&35!Gk<jW*E>ZF7$czzyTPBtkXJBF!1Zroa6nOZ}DqTG4)PLXTN zsp%)bzlX+QmNeIIZ@~uWy?|We{!{ z?z#t=N>|fZr?xe4%nQ*CF;52GLmv~_NRPcWuaCEfqiyPf4NeR&uT!*F+X(P|Ud|Ho zsC$3q*ke*41rJ3^k`(yFQ8o51#!@!G=TADomj6SNTl#k%DQ?coVFh})k}N%Du~I#z zo-J9iq5{OGm{?f-zJ`q!8lw{l5kr4LJTVN?F+col8OliUAf(gp_B9I~8S$K~Lln18 zATKnBfagguz5C0h#+K?_O4+VG$8--)2SOB)goPJbn%L=l+Ut)((}fNut&S065pGO) z%myg)0V)loC2k*Om&3+v>u+xxYs%leG}cH>*OeNl&9juGZxl={9U$1)sWmWdXY5EK z`Mg)+WDR`2fbW*nnq=&;?W$=$u>d0*Dy2fKVy_Oq_-dhO*sP_iDpC!TClum$p~MXzgm=F9EW$xNqjIv&`!KZp zjqGONixQr>8%Dxiioz^(|7nA|*`yQT;7lvP;i(_K#@RM-gw0F|c}#WyzI-TP3|Z~! za>hmjHf=Zy%0B))xIiNu=a;6gu~thl-F(u&NU9dBb*`)rvE=L&3K^rFzNjqu22YD< z<#_Sz45E{4mp z@?(Gu^q3Uaxf@D_t)`mMNzIp>{26)PO+sXnt%%}nptA%m7&XvB4{HDCs8N&jT2-%2 z@kTj-xSvh6``=Wv8Q^m+a_dwj@MJS=E-1u?R9se((R02j<{D8^R?8asOwTjVCvw(4 z^1YrIr|*YsR#j?a+ePuLRF{47CpM|=Ng7qT%6RhMM0)Pp zyjXqli5*5A3Ve37%rW5qkkBkuF0Aq-xTVvA$@Nv^uA{X-lm|E(T}5D_6NAWisb}!2#Fdo!0*joAlK4PLBbFjMNJ*!Wb( z{{$I*kZ~litW;8;tdbL0ZYv7lo?4gF5brO)2_ZZ8YQw=ODh5a}dgErt?;htcM-j z3t)_fi{e-hfvP{}-uvdqJH%W{rlKg|{kra-iH2q6ZsA^N1Sn>MGgUR=-hzE+i}O9o z;}bWbXRJ}j?b-VBkpdd7^49ar=gKB8rHi)svu?5FO^sE`ZkJ<-=uOSPKl+3+H4>;T z5>skna8YG&p2h`PSk=CvSGhVMiZ&K7?0H1Q$@e;|vn`R;xtVNv3>py7fsbV#! z#3dch&x*LfvurI9h|pnDfGg$KJZs*7uM=s)gntqdNm+lUYG;1cz@$%4uMz66c{L~s zghoX#^6V-;FJlqX!Si`8^UQt}bj6_Vumt3JA}Gs~je%>3+&gzXUe$aW2<}wf=h*n+ zfmQS%*Iol4-^}8e&uTr)WFTw!0G)?&8atdd9kd&Pmd%COew#lpiPuXNRFQE;eLTtG zH|CWs3bGDN=u1xW!zm0i5iE)M%khHvg}oJ<_vUp^(O&@afiHO9+JA#8EqDwE->&bJ zXd(COvr0=}-&{g7i#Ra5Zd0BP6&DF+6x>7Hs{;`fO!IiBTo+7yVHtRDGQ5yag!xvA zzyd-F7mqsRVY|!qUl{f_J(a2E0*SAEJVNgrP!T?Dt1U#UE45!e)_B|hRyDNbcnBl7 zs7@HqtBK$|%zw^rH|0j~@!%X#NpaJ(Erlc2$S|A#<@FC`)W$b$56jN2y$(B6Zf@x2 zFuxZGEjZ_mM=a0-6VkFU)K*-&WgW0Ba_U`3M*hm(#IqF{QK?;JC;mj`&@F!+I+wo1 zPP6evqf<^ANP;1H4~R@Qed}r`sfaw=G(~q-v0T@>NAsq6(`i`GXlLcEg!GRi$y`S< zGc#^(%Q~-Dm`&K>lC-a}H+}1b=|Bc~M?T`@C#-w*QFHC3;gvYKTN{Aol77_a?Rg*Y z=VgrsN$rRovhZ)V_{O}W8+7U_II)r{o%b+Z0y_^1c4l8ng&ohNyuEJB*>KJI20qI? zNhA2MNUcY|3k0|~E!UIvAXXFYTKqmV0N%nEpB`QgpjPCTENwN%;XBaXi5$(TqT!l3 z)1syRaYj3}@s$5Vy{wLe<9a{yPz|B`MO)0|=U2D=58J_5H{X-r&-4VOnT?yQgyN+( zaG+$L9s7Q~)Qa1tr8bpLKM72QVw};@ck9@#6N@o8cL0I9(KsoCsVNJ zz^_&lnzi=RC{cO7k4eG7gEM?*iD|WkgM;yru_4uoV@);)*897IqA={b=OuG1FBcG2 zdq+G2A^L4A!PANr*VVM-mx{DyH#0Y|LJ=cSk#iLMRxA!%oka8`E}U2Tww9R_*A;IO zh}7;pNV^v+=@91yG*L`K4z^p>BumRh6l4VNz#q}~Cdi*ftwc3@b-^oRUAg)XU9@NP zl!SiTw(CB*82hADG%F6;ywBN=H@55#Q_&7TjSmR#5v%a<ebHBl5z#5PI(ra4KNJd$g#Ff1};`{53~<)1q7JCqi;*X)8v#8nZ08rkc4c(*gq37 z8@B*RUmBV7lKzN`o4(dL|LvPbJk!2RBu;e^XL-wz&vK5pI)!_hm+vG6rNu<0GRTa= zkKwFxodvR&qLXW)rBRZL%-Zh0jnNmqeB&j4o5U9*!upzkO4 zVsA#*o^uvtnldNQH!97 z`y<$UR`sLy4)hz9X>27QxL?6hG7VR-%eCk7ZStl9{|wGsNsoavNfT*USeYw12EB>0 znYX0icr`^s+*5%TiQA1=HrPXt8~Ob5mAAN==yHai0Fu6GlR<@K64~0vnyzQKbxRgz z@#IYn?Pkx}QiY)2NO>+2;+ht{5py$I?vN%lZbt>|Au<_k9FjjA61w&&6{d+v#vgss zczU>UBPg7*&sLucvr_jqdZm1t><_CGp5EIL56ly5VcTmScOtG{I((7EeB_W~cg22- zjl?vcgN_wl?wjPO2yvu%`lTZD&nq)iYlet;7c}oqDul3nInrKtRGL?)k46emDUhzZj?>(a9 z0vs*bE}?XdPso?H;4(TL9&2%PpXm3WXm)a2m7Z)wOqhZFxYC8LGEA_9M@#KV zk)OYH>#PLbdp#xCfY+z5cgF-QmP#E2D5>T+V`)3~?0sU*4k0o*xu7_P%BD z^Q*$f{qZG}|H5tiEsC>JqLfg|+^gF7Jz3b$dLWEqHOB(jw713GIVi@h zmV9CO{U{1e&>qdt%U<1S``I0(u>J0Z1L_`l>MVeBI75%YD#}B7Up-6)P|R^_6L7R> z@MukBt)cqeU^!T749GhFkzG{;}gHG4!3*EETdz$#j5iTo@V%uQt zZqRR~umCQbHrFlG9W*O1F0KOO@KJT{hNc!-NgQ>Fwl%u`_vJ_8U0n@$RX$1jVc+Zh zYQwD}HX=slx~{vC8-V8J^`UrLjusB+`W{r)UMCCI*@DLWk0&=i$_zOa1J&E+{?cTI zH+!}xTh4F8e%a)Gdn=@7?3FftnWFV?wp4;6$uZ=gNB>Zjj=lfBQ|dovr+IgAmHqx) zt^6cD>UE(Gi--RY>~dNi3Y$hld-3f4djbB7y<(S*|JtCxyCCew{)ZUH7q;MV(~T?w zh@C$peJ*KGt;e?12n_wNh-nJc)IRZ>)#;x=9%7<&W~Ym5cx{g8NIvo=%*wVk5Z+TQxgNm>X<;cexYG*nYeQ+|||IJY6XVdvZ57$3i{(~;)ac|n7UCMU?|NAK#k$XK5%gC{t&zrGEi zw1e538z@SDbn-^}F1YUW9o2C!U|?>bWGIxLd5z-CPy%_^g9j*nnfF9bPw?*-7aS+L z+MisrGX11^!y3Jcct9bjGT4Q`vYG3JdFX6y{Pm{^Ko;C`a2L=p&y%|77fk3VLDbz9 zVGCRd9(5tIfy)p0BfC4j;-c!5P6h8?$9KF6{ieg}+)ElxpubCixyt5zE)s~4kVFghsKc^ zybXR!L3Z7x&!NYW3%wkJU*hfZocQ>rLQ|}6)unAo=>V~lgR|$6fTi18EZ?I+&+Bmr zBmudVngrQ2P?Fy$7*r)c{aIG<(!OIf)PwqW5z06iT#o({cebChj_?jT zZB2(;z7_M4ZK8RTieB;}-3lg91SU+=k9XFE!-n&jl{1(qcj}o^c8U1v%wI zGP>XJ1bMJR0@w(=<8%B;WKx0$620BV%!6)zdiy+iSh(}KCZZ8ae+Z)WP0F5oXEa(V zEl%+P|D39Yn1Z(2^4Z;(XnOPB;rwEg@dId%oQa7(c$_Pq$orHc%x9f++qZHhT4#J1 z(}7xTsy$e>9l2tfj99@Wceo+U$xI!*NY>Wm|4Cj{0<8X2gB7NF8U8H=w-M}S$s>Q4 z7UN}VxYQ-b=(kO&Y8=E~-sgGqgnF=Y@b*&q1D+6YMK5=Zy6N#zJLcErH|A=dHy1CU zAYB|PbWBz6?Ptx)E*hD?Q!^9#CjXT0@R(u?oNxDz<>a(@xUaeb+1!^r7$}8Z3if|9 zE#BTb?EK3A1GPxS#}i=3Gt&%*G4Q7sWS~P#aw_Mk>qs|V=+(bD3CkLcDy=t9FdOZ@ z`P6yx`?rR)qjgZ**odh1bSz85SPO5OxmtpjkrxLIjpK_zh!dw+fGi$DBx=qga#aQF z_PTl`j)&I5s&nE=dAjtYcPcp%zpiD$2LqUg-$c`}t2}^3lviC(Zf^1l4p*Fa_wbQ& zYh&l#=Ai0>5^FDJ4@%wE?{5Ca@5er$E_vPwi)GkxNOKj~-AZ-ENvoX6@Mik9E<2o8 z4buD1f3!Q^9?o&S9?eU)He0L-j+y{LB`~$TOxl;$)w|!CijQtdiYFwQ|;U7&lVMvJ27X{n)f}STzg9C?S7d5r0y<$MCh8^oafT`R2pK( z*rCd%RI+~K!A?vvJr8zpn-|5!h>S_~b8MJ7!XqaYG{(3sC^*dJe1MD~JR%dz$OUCZ zXncCsd~;fI5gf910QdWn-$)rML<|0~Zs3W5Io*8BU48Ubj=;cV<#qMD zEzX(5rO1xmX}3D&|M5PO6Sgu)z7a%5Ow|u>=ItoWRUVIzB0U!1Vp;rZHnObRzG1p) zcSGs7+RW-h?~lPXvD+u{5llJsV^S=`MsaOK=VI?9+RvT_A8E#?pKJ5!Kb3Rk?@)MM z+)}2PAw<4*D)Oa4_UzersW4e5F_^KA>`YRY>?He$5y=*VX)GDLLZpm+-(w8f2GOhX z{tfRB?~nK1=bq=>bDw+eIp_JD4*>&Eaj(}ML$UwcSA`<0$OpZwW6!w?-?3Wb#3#xX zj>~HV7$Ciu1IOGLm0@z>Vfm${vc;?U?Jd#Y?go?bMMmG@&*xgL%?xcStaQabrcD&m z+uM>P4B?NfzQ+mpSj_pEI3&9+8Tn7}s5{?hjN8V^oLJw1PhxJed#NYD2yHjC!z=yr zADKgPJioMJ=Q;z`(T9Vh-SN166(b|2R#IEZ7YXRP@d&a#^i7xxC+C61+nG`8xbnjs4{?# zx>8dw$APM?*kb4lwtg>rDaST-n)EdH#{J`kAcv2?Di#p9KG%!TQ6@XdCyrJ(hOzRA z)l25~rPaL3HAj9uN7yh&598N+Y}y?VU-#+UxuOfB_D5G+b z&aY!jMjqFcI&V1yVQ(^MrN8)2*0-S-z6!9Xh3`3Ma=s;ZI@Ik%W(yj;n+atZ9kRRL%VRy)e^U02~?1Zn!)5SF43}W(>%jLb5 zk7r2wxaOIs2^8V0OJSoj?g-_>y>TrZqgub^t-cEWr58JyvtISoI9efZV+}RT>cjcU z5F5#aHjq2SVLX_FRWcK|XRG3gUG0Z7q$x2_bzkbkih8J#nksoiL%Iz5+JmWs-Ct#$ zeXXG2v+IR0!Th#hJa=AQKFy_}k{I1iIm9bJO--(vQWuhYx+4igH?SIEL@dT%YKB;2_qdoFVzr(FIih!Xp|HW9bi6g3kt^1XsO!H ziPtLh62GuGaK%QwV=QVY1%Q!~*s9AMWve?0=D2#8RN0X2akWyk(P2Vz3i3rG%3!u} zZ_j(R4<=Q0$W;6~@#{-ny4ca)@BXecvk!QqDxNUjE?QA&YB{njl0A^IhKK}*(s-tnh)w_)3n&{iC2xyPf(c{P7HATq zU30rTlc<80f(cJm$Czp~xOE@QbRU5X20?i42_i^h$-YHRvlkGwXilW68M)~!7Lls= z^DHfrrPPkTVLkrw=6#Tn=6vA!^sF}7u`bZ6*&MYrw<9xWQ>vr7^ss8m;7Xdf0az7` z4ogyEwN!_!?9FH8O{F`xbl~PilbL9>bA=A${r>s6bIVLP%kxkqTiNZ^R1A5x9>&Z= zZt_}`Qosc#qc+dwW{MA#d7MEWFBxe|r&EZEKaAL&nsm3LhNeHeH2fe+2Zp<48VLuQ z*tQ)O=5Dpc98sFIc3ZEX)Fa1t`e8dkuq;pT(RFlGFJ`Ck8jm&YIcS*pS{~9l=h+Q=PImdIpa3W_J0ipgmF4DFSH6lr8aJrs%c7 zE{)bWvGXJPZH`R*;(`jYytAB4*1LU-#d1ATPC`=2Z!B`XTqLm064uo-Qrn1Dy&Vbf zlR!L)kJ{khrVzn|^aS*DJh4JroKWO9uD)F5I6jWq*LpZ=wjKepuJa5_A~$?RjKpYZ z1=l-)22)eBKlRLS%T0Oay-Ng#h5`e=izr0`UB2LhYHu{$lB6n6Ehz|!XGiEkaciH=&q0fasGpLovL5AAg|iQy$7+k6WMmJ%3W4v7Ws8dySmmnt zGxF%~9Upm-M%nrVG?qQLdM(~Gx|D&CzaMEm%vebB@Sbf>P$So$G~e4nL?(m#*zyUd zOw6lql-+P9%E{(*l|!H(3U#7do{k#T$)~WnJk=DP$*luj2Z#zP_=WkTCe2#xT1` zog|0U@*&&Ta6ry8YI?r1ytH(t_ii^Em6zYOuy9Zae(&oJS=pTP=K!YrkvotZ_H>`K z18hd!Cvgd1?ND)3A$woSJnSNKEL#8e`p(y_&cZ|dm!6TEDvq|aVxECNe7I{<*Ji|{ z_#}p5$pl>*az?!!kM!BxdF}D=ifVLpbIlf$|Mvr#{!!CMjc;J5UCZZd>LVj!{+vp8 z>*6WzOLk(*DZw7A*(oWE*Dd-}B%HA>^uK#WPO16i1)iPq#0VGsmyqx2|C=yVu1LH! zdq?4B9^MVk_UGD@4y>*AZZPnHyROv9RzHII-8zREeS7b3y=kDp{HX#w(MnD!>bn=3 zXamuq^aC*sW3^tV>+j8Xd+^L`YY^N&^64wPkqikJY6v}nR30AmvvhN`mXXlK3l?|4 z@A(E3cBr?Q^UVoAGQA-y@2{8*jisf=cdLuTNABarVviVG+dgZ0DA5w0C^+~>`&hG( zYH8itdwtz#1cm7;KeKD^m5w&ohfY34NVCG=;#preCM<26a{j78(iC0n31Cs-&c9TE zE&4LIpowDaX6-P|=}$Q8BqfR^jAGI>4%+zN{+^SFn3%s%GeR@@K@$qCcN=zsQfmg< z5gv|BA~%2x5i;zBpQ2S(9Lqe6{bpJGEH&&%zD8U~$a{ieSGHs=62Sb3Kjj(Zkxbc? zrM7jkLvVkla+gQENl}NR*t{;U5vigR7v?knC6)yw?-RhOi zk*KcAGfxWT-SMON2>zH?psz4h0eb;0xIbieUm54Grg3fDB(d zW$qB!qg-io_PJLkbJ9UXbak8HE-*Y18s4m!mIz#xZ3XRU*o#^Q5!V*?*XSjX=3S6Sb;Y|2Qym~|=~=LS6t`>|-pzT8fO%_t%*qDdpp5i=iZUoD0; zAJULRL#a>tl_H(*<5sWN4$!MKqcxr8hkKK-pw|c=UbLI>^z+N#qkmU*nUj1=PNasU zlhPs#5XK~QU8+D}!Pf+LB5AG!P}0!Ex^+52b?`$K&?4;g3Ix!r)JQqlFz=`|nVHmFM$;^-u-{- cUXE1T2lDa!DfO8rG^$j3TE?2?x9p$%2dG}(*#H0l literal 23435 zcmd43byOVTmiCJz5S)bI7J|FGOK{iV?(S|uLy+L^?(Xh{#$6kNd!voR*POHFu9^GI zH#6t1d)K;u^eVbuy812Zt-YVUe^2pKQCB1V(d19wVs!sk0=J7BpChc4=-^ZXps*j!S6^RZ$DD@mZ;e+Fyagc7vGBUkbG4% z6~GwUpKT>29o7i{C9HZ*#(9jr){C+GSG_f6zTF9DHM8{7)^Q0-HUe7L)^keTjxQoz z=oBF9y8?Ku|H(oF)mUL^r1cdSd{1xiw>cgAcZna*3s}_T#j)BRT(ME_C>+;h{KB=} z?LoN{J#;>soV`~iOgI*gZo6ywZC*tx>q0@Tv1w^h`g!$=e|x`sw=~8@r0dL0@DNw< zOiE$Z+B}icUnh>z-<`9lH2)vF?Yj0Ww~zL>?LDy?elL_2$MGQn)vY%#n)#86u{~(C zmwa{~n)!!)c(3?)pHU|>-_v7@nF=2RK1{2bq{xSdJJ-JqYDj9<1utu%nM~PWF}5b= zVJ~i@YWblRTHEh}|5#NY*89J^j`%?iv^A``Rrz%LLuJwKAwT^hsK+OaCyD2x|0!$-Ileen*)L@hCdqjf zkvc7X7fA;y-#&*{Vx~;bJJh$H#neMyhpW;x^GDcWLN02z<fh4K9q(HVz5(SM)wm4@&2zBt@nSc>phpX{gMWMWbtKwYdK$K` zz>m;F5ftqAyW~P6zKvPK56%0JX!{;V{Pz5X6KFiBUC(z-rG)q!90|6eX+?neHd}oy zpJ6TwEyeW@lGPh5U8i?5B?+R6>(j}tNkqDM#~Xe#)g3_#2;8#R9zLte-HmNnc@trk z)ot6K$y%a4`LZ^1dDrV6_z1MKPg|WI2-~`o!cGzlJ9+sg&ulFHnuf8e&Jd?jRtO{e z))_CdiMH|zY$|t|AFu@f|2A@d$e0x+&U^S>VE zGWhgjzvlRc&}=B~Vmcr{pV{KnO<8Vq;^jKlWOTCdQvdJot8~Ry!s~YM1 z5zm%N&YomSZ$v@s6U{Cr%P>5ey{~#b;ljiXaaP(r7clH4ny`q^6iJ%6n zNWB4B-Q89}Y<5kZ&6$y_THbq8{`!@B7XyY?EislPVHfKJ0%9Y+(VeFPTrMqxBws%e zQCOuXjmk)=+{f`gT@`p6$zteexU4wZJco{poD{R4mTpA0Fk5g}3)kOIubuKS*W1QK z;nPi?pM6T$9gZ>XySq(oa%854-fiEnt`3&X*4z4_ad&8eZ@saw@lkrKIDNx-d+&Cs z#S?LtwX1(DdsSqOwQOfx@NBp0bE^g!Lj`(_n?zjT^5lsbhxd2p7gP$m3;&MBK?&U$ z-4@kQqZGcV1aeUQer|0fe{B>!otY#2#C{U-{;3WgDfxEcI^7A_dX-2$GFwJz)CjnK z6X{f2HD=xywBEUKJ|xhPo{2`SpP0f#l+vD*i56m?gF`o2Gn<#Ln5y788b!Atko|o! zdjU8csz=yF5KW$2q7;<`z)28-Pd=1V>zfqu7u#9@{HBx?Cvs)Eol+LG>Pe<^v z_i2|)t7k!t&OupY+8@uT`xWE%F3S^6`D#^f+0wN3J3`ka5!ngANirqdtD{WJr{x>; zR`x`+i;w&_E&GSO9zO=@z~H#s^UF^nM8jp~S-GR2EB^~rEae8^I0C-^HGUoM1TP@l zaO1#I_L>))mU<%qdHQGgK@ZdVcdRolr0snc!%B`*b-zZ(=GXipq0zX;fo`s71g%?A zQ)W=pj1#?=1Hrf8?|xG@h#VqdS<}0T<_&WnYHth9a$Jc$kBx6skd-&;4>xXh5vN?_ z-Rw_X&dE?@W@hYX>_LL=C%V=!@sns;p=awGk6$t@2`S<(48NnRewx!)No&hN!VZKEfbqH8c_>n6PxXh{R&P|6YJTz{(0bU7>*vemEgI7WOqjdK zXmlwkjj{nzQsMAp#%k^bqV;-?#@j%cD0p!G9Wkl?bCp}SNXTUv5?li~MNQq0lw!p< z=N@g_n4dJyLNt6qtgYHVGSclS&s&OKt~X1ihJ1<@>C zinY$sI(oK`WEHh1SPC9qc0Gkx9B4^#pR8dXihY>wB*SrqZnh1)#1M8~th=&ir=t!= z*Ue8q!$p9I6ASg!yADYMeg8IId#3Fm*y=i$FIaXx!3}mp*a-o5kepc3;;Iu@8=p zNUN-)9+sTE?x$w#A$}muRtuCgIbllu3ap8&;`XgApa2|z_4HxTSs!n>u4YgJQ>SZ4 zVD7ow>a=NBA8$VhJvoH~d3Mlw`%6NWgn|8^)u0)MVDIm_4BOW8k42St)+MKpdylr} zyWgB&&O1P+^(n+Ev4=-}CH&+4GOh?Z4ytrUJ`N zH%Bh|zfsoAEZX=4J0+eg0E@HUFiq9GZn<8oz&gd|T>sX*+t9EauU!8&&Dq#U@+o5U452iWMw1O^*hetEjnBH+j!Wn+E`u>!@CK&678H+e zU#RjIJ{@OXf#b89qiJ6k_vX9#H{!ds)01{I&)qs-7hJCR+p|^oH9Rke$*E^!x_331 zUg={twBFA@bOrcipnV6VSEtliH4;sUsvIp|)`sYB63&21`8EPmy)^#&SO?ya}` zuY*O2F=C33s0-w*{4V5>zJo!Yh>6+Yvra5hfgY31`n!RSqF+568Bud%nLmXTJd6)E=LkeS`>lLP3Y+gk;Tli-T?b-5 z&>`V?YxA)W_ZXxi$*el)E9)0o6PrKWIm+S)Cg+KU^#f<6?TMwMA#G2CN-d0SO~OjVW|=d4^tSXT=!ZK|weJS+j@z9gEnq^oyvUuCmspu08FEjZ zthvG$((92~FI@(DQS(8v`x=hVG-7P@)b3Ipze4vU+o|6YBwOjl7Z%(WZf>4cN13ih z+j`+sx6eJYQZ8J1jI(X&U%v-ARSG*A;cGWs-X^_2xwl5S5Eb&wY?;}d4(+sxrZUBA ztIFxH)8W<2Y?b)#heMtSkw+S^H@SeEy-wTYIZ*-;ow7bS(#rRIe+Th3ZJ3$BO&*Pl z+t$<8#wW8I?XlEB1}CDLb0z$wr@-MQV!9&n^@VNFdyx5ws5Oa!ekNQ#Oi3^DG9%xJ~krB55r zUv9eItF$~%t>x&+masLo+Q5eZ&AtSgB3v*YfrMK%yRVr9y(~ED{Xe8yoy&6K?!)-#Wv$IXJyJzuu#KY1(7^Y`14wWRh?U~`>;~y@Q#z{fa#f9tiNnl9{mHwn8lDM3lT&!#| zx=46+Y*7(KT6%h-K|!bI+V+LyTV`?WWn*Xmd*Sf}!u8}MvNwS2B56yW6; zV0mA}Dx?NY5&!c?8Am~V;c0`|dKiciUOQ7u?{q9Vsko_7We$vNtSprme@?T?1$qfDK@MkE1k@6`o zgplu@GWazWir%P@d4G;?tiu9Cd~%9c(!O6N+brmbga0M%z(w%cOz5Ix6KWHv6iUci z8c!!X4i(Y#z;J#Q(b*Xq_swiWTJ3!SeWNkhZdE>O(0{cw#_F&>{x(fT7v9NM%P-;& zBCDzgIQxS9%-W}=)Vmh? zZOE&?U7X^3^|Ye#9qee~Dr5_HeP~SG0=;}h!U5u{$G=>%+%8y=*i|8UmE6Z6JX-NFlQ;>3a#NgY0F^?+hfUv+W#akbXRezBMqSRkHBGdP< zRi|uuQbe#KQZqLhxBqEPsHl1O{#(?ir-ZCUV_qjom7sP*Wg4?fDs5D^u^oAq09qG; zb^OtlY<-eoMOUvB2Ez!<=OE}VL*|V_g?5R*ghx`U+UuC635&T%csCYHiPnuV-fRQ0%!0juiE$)iaJBR`|)tZ6ElS9SKRltgn2MMjP`Mw9-PP zKH@RuoeQkv!EXW!&`m1?G3sGMS=%EX3?!Xss9|##c8~Fyr$o%)mS|6a_XxVN3M9cF zrtY(pj5x@D=@g8!dU`W0sG%0lSLlsVkM^k+i~}g34Hk@dl8WxpZUgX4=7@yqa5pju zV3Xi0cE$mu<2!j%v2soH*vW(bA4a!yfq&WxM->g8gdpvYFC~x_P+h0YH<{dY?#U8w z4LKGkdjN+?61;S^aT2uR;xr1rmWHN9GLz>maZ|lAmmoAu*fNhSezeNybcPK$y&OeJ zi&)WH{b%k~>Wtc-k0L(wH|JCqc6LRzwXs+Gle5hVpsHoBM3#oREyc8!66(My>0D7; zF^JH{ez;uo^twIsH6$`XPyPaeMbWBOgv3IHTkxCo4#%?K&zCvC#)15-Q$>aY5$xey z2;z`v`BnZ$EMz=9-hd3!f86>nhIoi0CkT4LWrUoH+F-uP?(?@7&jjnsFLqV?qC0p0 zO*DHR?jZctzUU5wM*O+u5rnHx9a#JKju&3wD=z#tHd9D!Z=7!3C~{7|cq%7$%<&?l zeuX}Z5u|W?a56&<20pt0=56;D88ay#Ingi{=b$nWng?YPV!8c2(DO($-|`fjD+3O$ z^8Ftl*!M`*0dNyO)7fyhe$j)GraSCigKNB;7~a+t#GMa3wWU~Ni{-3os5KNk8v zA3D(lDHQk!&z%shNF@fmGrfrn1!B{iMt~=s8@ph6M|@v_+}f)aY_rZrfHP@9cZSSS zvgrFgN<$xoOPdO4}k?3Ys-}5nvt@h!bd`oANpBy51{%8%X!MNH$ zi$8zGx{?IdJ}ugd_YJ4FSj8otv~QP0rB4#mtPRX#PQ4D>$MHk!ym||kH;)^X9V3S- zQ5S5)2mI~9L!1DLoHfL@bd4C#PJEA6TOZt>)C%V{Gk(Eulg+5T^4jcx1>IGH{+P=b zqL`~7KhlDBCXnyi(_ZTK7aRc~J+ldvo>UerK}(Y%|FlEh*3d=TXoKnEa#|$)4f`6k7CE*9 z_J6`#tPs4Qd;e5&0L4fte9HTN=M*G29;iL?VvLMnOk})1xqk&;ANYLcLe#yFoSv;M zCpU{bfipf3DZg8*fqnJZ=udejOXtpz7HB$x_Pt|mutcwM%07V+AI|x_V>&6|W}oSD zK^6QR*!$FmIftE1d)S?t{cOct^)5UejFXDtC*JFv?d;6va}@}3d{NVFYpXgBLEnm7 z*afj#-F?b?bTdSRRm1%4%%%$@poIv=Ks)bjrDnLV0eZCqZnpw&5k~Q{NaIaIlG=M= zLPXm1@BedfIiAUejVNI3e)=&~-4)@&!hooxp(DJ}^{k~2iC+w#lI12PVPazvAX89w zUcQC|v#sN@i|gV!0{+3|=TIgJqLba?J8(j}mi|RO+TG)!@O7DBZ({BFJ$wB9o~!MW z;gu$8m-%)OWi%z3@p!d=OH*N)>{;nA|4_BkJtoU^Xpg{jH@1MQyW&1 zYu_Il{J{{$8Y^4wVNnLh2>Ou8y0#}SHdjCY%;uP=bcK*CSET|4$f;Qfj8}2$73~l! zA^(gq-%(t;IMN!uB{qq1CLW#$)xLO_NS^4h{$-*=Pds~|ocq!XWl;w{OoroPQr%6v z{z5J~sy^<*{?-B1sm@aL?V>sA(c(l*ouP**Ggc=ZHmv{Sxwn&@jdjk{-yTDm!V`A$ z^M+lHwOq~>4$9`bDjo#ug_zXj*uG6gz?^?iuc11N3S9kdA@a%OPij9vY1|?}G zGReTVZHvS9j7%p%R=ByE`%2dY;%7?zA*~S{*EB-P?%v-oe-}>Vs-IC&v$)1JiU|qE zbo;yIv-ie+qH%Q*S6Mh#!!H9qckwH7mQGrXJ)_pq+MHYK4u>7$9aDK4lQ0qr5;Ns< zHm9hcAM6B@Xk3*Jvis0r1q4zTC`aSN6jkP9@w@=DUxJuVHbhLHVaWzz*c>c;Nmd`^ zcS0ZN2^2CUX1bifJms}FM1z#XppeGh>z}W|G28x;g&=hz?^9{4SGJ#{uIV^@%%L-+ z8czM@+FYK;q+_^UF>2kwAH699JFC(4Ku7wGE!gOo$zC2U-x#rH3iZ>Bu?}2VuGaha z0x9Rl6d<1@wQLmAOPsp_%P*|fUnO2L6n1k~aUIGsNHqkY2#f$L`Pal?H0fh|)7}G` zCV!njx$bsfSntV>flkh|oB2L78>2r;VR^JfM8ahjguxm35?YhCPpw{Tf-Uw05*yyh z{IwSuZQ%AbUssvrTWiS?4#QV9az_Qem|8&xFo-KDk@@atwu2m!wFs$_5{ciJ26NJV zJf5ud=-bFVxHvbEQ^hlC&FR(Y(FQae1;Z_pSYwsZC7ogDdPLLKyAs;siji-&x+qns zlvKe7)8G9)Ij1ov<6iej@bGA;`8k8eaN}F}*QH-0I+4@U`cgjACe87-Jnk{C@pFdY z5BvYB_f~Lp19^72o;sqkt2sZFk%git81B_rR6UC$!=sgoS~^mXc{+R@2J-fyk2EUg{;b9b-Axoo^UDs;n*|CDTWrCfPBE|{FL(E`ox7I zlOJx8y{_8D{qAqmlH^)m%u5 z*2eSE7DHt6W?~huWhnc3t%d_1#F4Wlz4lH|X;2}F-ttcM z6Hk0o{BDJx8A|zLSI^N=I*$9gSP^@7f7v+iQr#ILp4}~Dhc!HL@pYzXh6z+Wyw3=w z2Ib6#2gdNiE3t7T`g(Jq=!6r;$|&sF`nCB?zx3AJ$iOh@gAusx;# zGAu6e`~ff8*epNL9KYBj#>2^(jCMz8cDm9wMJ0}=o8=qdm9@p4g1X1SUIDbYGYvs< z#6*VYbId+sh~v&7slXS6vot%*?imfc9uSNdF^yD@b9|30x81KOK*=Ud-xw2-c8nsil`C zt%m85t)eFe2vNQ-s+4s#>6gYBl}&5~7v*oe?h1WM*Ud zw1CyR9yC~fF2}ci3UGev+?;&6Iuh`4K11sRmvw+U0oe+uhRBagvmU&-&8{auiaJHM z>O8Zj$uT2ez;NF7UCG+K%v~#Z5Y6u6>(OognLi-+Vv#im#hn!Ob<*o0r7G7e6ZYXc z_mBW*2DC#v%>C(=U#dMG9T@9=KdV2<^5y8W66fUZS#UHz8fEVR3uUk52S@6b6TK>I z*KYuYA^%KCO-R0FPadCyzBye*6XAP+v>Udz-2ahtMReN!i^||X8@htaC*t=KV-*S~WhHOAJD=`DFhrlVyQ@v}FrfWz+%E|7>J8nvIb?97FHW~y9+aU#<` z2U7Du`a*m}XaTp7N)n>~uWO6UC$q%9eRCYd)VTW*`}XeoXdZx{0I^TJBZ2&mt~7qy z@q9TpYyOh{>lB=w8euipi7a51tG48(t_X8R9U zrs~&^So~EH42a^Hl{PLZcXYqs3AvxVmZhY#8X;80 zE#|kqmu+*K(c@W(~{78|6PN7ME;#aXsJ2eRv0WMgVoU&!yE>*dG;2m9z~5HBqn?b<5c3@ zr-o6fKyoy1agykJgaG{2(3KB`gK|-|=wYP7Qpwc6I(9jf)xRG^(;6mUN3QXX))-T` z$6^*L2PNGZ1?17mB4uy8`(-CCP=GT{@)&cZK*?JPW^|aAwqtqPn_&uIy7uhh*H85QtHc>qyr4hC0+S@a^5Q#Kf zG`KqZtfHv7J+Qq?3g5Vxv0r>$%2G~tuSB4`+VsIx{cAf9PcP%ZD080?R9PX!$**&) zo1P^qAFdam&mB?`-}M}PM$-PhlSzjg9=zl`i}rqgx92*n%pCdb$_EacDa6He z#lB6uMhv5f&dgIVS#2jY<@O6gNcX5=?)slil@t?&9=@`wCMfB_tJ)Ug)W}PnuUhr_ znDUc%yIm$7UuqkYsjQlPBRVeAk_^)K{QSFVF4|KG0W~bB51H392_{2$c%?6(#vy9SX|*KV96P5BPhyB#Qd!m-29Z7D@1+{R#;Bt+h z%fL1Z-Q6B$e>X+`E9+b|W+ONqiS;8-LkiclkClNZYwE~2KZ$YLAXgIJ&r)r43Un9D z)x8~QCUlrd{Rj(bD&w0(J_9tH=FTejg*|anM66h(Yi^KGZTam#rKAamAH$vsfSyVg zMXnkW><%%7HQtfBhRaJ8;PKB(ujB0+P}7UXFKm@oT{M+NiJ~-ce=QF=qpuM2HGteZ zrb}ekQl|w5ddvnCw~tx?F~Vq7+K7cZH7z5dx>&AfCtQ_8V1icfN#SnG4Sj6l#HQ&y z#wa5p(3d*lSAAw3p8f?k!CTd>~6RyltAG2v1*tVZki7Jrg-4X1((iNH?Wkwb;L z1`L&H5lXBkqz!HG#WZatpzSLc8eyph$>9X+zEZM2?6T{el$`6G3;beCkIUg`O~@7g z&6*3Lvx-V3c&yCYf!Nt_cyw;gBNDyNyjU?*EHN}9h{jw^fK^v9gws>*QU-}!4rgx~(me3Sa zorPF#P)BK~&6c6@V~S9do4oo?EY@Bw6eMft+siJt*w1=y+lFJ;G=AuYTI;%+aJL@l zC@GNRznC~MVVVh*oy%pe1Vs49kP*=TNIq3ug?Ht!A@qHa=7$0%*{1xZ^*21jEnRnx zbM}zml$N+NblQIoi)Y^}Fp-G{vfZKd0_U^+E^24A6Qh~{g!U^gc()0@+1 zqRsNf2k-i6c*hlz^WGcZaFsqP+f6m;X*2*09AkOJira-+qT6!m@2^>f5F8#tRTAk3 zLWC{p|IA_`o84lztHwG`ok?dLJ2;VtvFz`5JAvL^)mr&c8UNK|j$ZHMntJH~AG@T2WF0p}T={1M-R8!}csuB^7ZyY+jT zTc-LzFrmQlX|d``oUn|R2CNIq>jLD~EJme<1BYw1b1uYEX7Jv!W!`26y=uqYa5Qm_+$XMQ-#KmC({zl!H-Q2sTBO(o0yEim5GB08qljj)sgAkmtI)&U=m z?#Kyv0}0K+CtG+md}%VNgZ}zCS;*f8O;RHg&${%sR4YEKWW?gGIjh77183M|Wo|h0 z`Vq3>UVY1kt+S*EA6Vn9XNgWE&v~1^&Gy-f@ydJpnHuA+NPlYdD(v2*EQ(LpImw=M zd-tX<5Opc)o-Q%&A``uswaW@P54cMD$2@Zu-os8c6=y#kJN;zw$v>O@RF;Kuvpxm? zEXuAcigZ`9i_e4IYstz;^S3sqqtvuK5k(!5aMX7zhmUMVq!Td#-9-+;bz>wNcN?9Z zUNkBo)9u#jQ$6(<)xvztCd&s`KibRbE`q)nZ{gk(KKV)G3dB zgLN2ViTh^9tXJ>1E^C@U(y8uYL`3f)0+fw|!|CP8^8tLgPS1;>E6HE#8`FVEGEle= zaNa*$Z+FM`os`rOTA7vY%F2ca@1p|qx0b(ALssk)$D7dnA25LbpeO$$Ip86T#4F=e zd2)e%kDrlYIa8F?d%t(Z_xj`EwkV!e&Q8FqKHx|3uUdb^QTqzlzmMN}@+ZXQTaptS z*(PItE!JlbFHaRxV?aP}h&)_A>}SCajP02E+6-!gbpcy1~nZ^I)Qf_#!9E(Nm?S)H6E|6YMlZi=>GVwuZhmC0-47$!JWTW8#YM86_`<(zPwqsoNC7|LPa7L8fg&j% zW6-7^8|e_ELGMs$DAJCKGlAm<&aO+))$Bmw6?-9~p%rV?Qwvo>iHDqI( zn^#=rj6Sfg`f4UYZypXiQFqe{bN5XE4f(?Mre_F7Ap1Aq`Y*%8iyg*bh-H{Y64(6@#j-fPL`Xpah($; zA5Y!J>h<@M{x(927r6aY?T&PAZGE&mpq&4U4}UG^0ISswmH2ZhCv(6ri-`;b)|SO; z&aA5&zj&huTuI++Q*l3?u{v4G#IJtvHBXs> zM*XuGor+hdXjA`K+2Hol13=k`-jTrT0uw0c5@2h;e7}I^-&awP+i_D~TvG8I(5z!= zQao(rZ-+@dm(ert{n^sFYdl=;eFd+o!VTDXU?M|$?M#B2%H7!jzf_q{y!rPRq@?D4i|Tq07i?aqjE{g?L2hX zLCovZ9>KYrqnu%$LN+UFz(QUgXVN6-)1WjbX6ld+c>A*FTz5BY&e}=-Hl9c>jRy*_< z+SGISDR|=aVMl#IjnZ)Zf%%F>8Hd0s^#P5GYfRc~)BxOd4dcz*JZ$F@5yfb`WrA&g z(@$-@l)@Am#YmXHc!&t@o*(2z7ja3?F9bQcjXsazDE99)FDUt4XZzqA)dAU5c*z_~q9GKiuUU_`eSSbZI@BCWw20MvN7*+1TLhA(r`OLSxBULrM z)vg~2i&)1-hnZ#WGr2?3ov>Sy(wLz4zL5(=IJ$gXF|^?QIoqcLdm(9-@&!X6`jt7UOWX6Lkyi6*mW*c6*64fyM>-x1gPv1v|d7QqH8Y@6~5N^D{A@EB8h9% zK5t8-b~?kR{-M;oO-fIPBi@aFQOA-cocfs$b&jO$zmn`frZez*fusz6{@ul1e8~Fn z8GgH&sbJ6WA*(X?#oZn~^O5yo;Usi=+u~`PZPc%ts6B*yY?P>{)YoC&q6FT~%M+V( zV4>&0k?pA{4rd-H(p<${)%HD2Fj+g<;}q%Gu*hj%2)d0X0YWu(& zR7c5?rLyRk++J;WcDV15_U#5GYpp)k zIn!g-b=X@x$~EChf#+6$pK_BibC-C|6T93MGv1upkY(4P+}hB4bfzUD(u9YAiy#Ci zx$1b$`cJ-u@$>Gwm=xLC_L&yUVq=A9tX%P38MJwpKJ0M2 z_Suf$m44!ke{i{T|9+uyn0roj{GvP#hl4L9wLh;FjL%HKSAbeLSje>B`;)*M^no*y zsHZXCerpqar2fh6y_6-E9jE3U&^5beTa0`)CCK%N%xpqh*t2o=gI%XH)wBj$(QB?K z+nNt=GcZHsK{ubf)fax+IMngf)j0g+E@&bF9V#FAjH^^#w9WVKX-^N1?QGk|7bQCz zfBbid(6$~bWy<||k$3CS=2zhBS!c)V_WE_>%UF99OuQ!8t}5n;YD?h z0zME4=#LC5Z)*(bHmZ>g7WL=;0QuuQF@~Ik6N%0g{Ph5IXxQfj!ojf`-MxX7UPc!2 z$ENvuPPR<6Scd;OdWja&c+sHdyrD1JTC_qd_9y1D+F$Y}eftxSBn>q)) z_MHzxvyP{)z5%Pul`ro#{O-Ocw#Pu%+!o?J_<&HVUWWv%fXAwJA?US1KkuJDD=pp> zE@)25xeJPmZ)t+(ZcHWTsO4|)$2j{c9u$T*eoAFaO$JP;RF??oWM&QQM`O^Ra79eB zQYbwF!$un;#8JDNgY13GzZy!sU(Iobu)t79`#rcUd_HuXkxmtkbDg7_DZs+~CLYno zC@t|8ld`xcVL*K4y!blpEzhP2cX_sE|4}1jP1^&-kS=GeI$`~!aFQ<^%)7Y z(mPD;yN^zZ+p_~reEDbo=QSsAp!Vi<7>88s)^_uEeMVH%Wq>#5bE*q%$McFC_-v&w z3APO$y-IGY2)5d2we4p!ps`WD?wK85yQyom?KQoxKo}$Svf4=9em%n0xbV`b`v9k_ ztjgr^(Z0TuXj3|r?bKj4Oah0`6*;?NeJt9S*y!%NC z!2-Vq?vtRemk^)rO71;dJFw2tWx%Bf1%#Hdd%ob#?a>+HJ>2NBzyFT7$~Uq4B~jK0 zY*O`Zlfa+xj`g*p4Q(UiF{q}KrrH;DxgRfz(=PyK1IiEC61L}9Zm`BNc8d4>>F(?W zrh|4Dw&ximG=JF+CB#T5LEM_r9f3gI^i#{d1(IY0UH3UR)e(%wdf1r~5Hzag09Yl4G zGJONt>UDZKp83E=MMXg%%l3r_RL3g>-=Gub#;`*e5g83l1Z`DIA9f_$8-&uR)&u73 zTzHUufXwwkd1XqcTCek9xxRRY_wpbw3d`r({|&-u%)-Qhu`#(+UaS9c8tcNZH99dw z{7>F*emV%F$#?#DjOG_2yV5^F*N2r((r$x-SNT|&c74Jx&pGp2<>SIWNloSvs_L{$bi6I1;4Fehd*&WK;H9(L3qCoYAy#7`D z-+w6m|9^y%wBaTa0~a~ipDE(2fI0#qU2YxgN2Ao`im&<&nEOxfK0%cXszDd-7mZ!dvJ@gaKnjFRa+p= z;NZYEK2?aV7g|&og`vlWAj;G)_;OZ!B9WplBEZBp;vbYD9?~z16}j(YyG&Y@)HM9- z)Jo$jH969mkIZZ4gsrJW!%n5d_v_yiq;Sv%l9CqTN<&6Sm*;!6(d&jnw;qT=T1;3? zNJhnW8Xj!YXFIv5jJUYqXsn$TMp#odst#Mx<(hZe@1IuJsW{s=RlJ&a!f4^O>DEbK zH07zNqV{uWhl#I&xn%UjumbkutT0uwCFN~rRmSdIu?g_)GKzx*jJ7)y)5tW>7_ zeM&We_!~l^2K_H(x+k%a-@NA`y7$WyP*C`v-u^GZn-eP^op#XVP@%>$rgS#fBMQZA zSEX(QIpt5IB|UjmJd6wx_@8$D@`|NohFPAlCVusfMO+J)G8vJ6FeJ9@VcOW$$LN4{40% z)gz#f6W(=KQjBRVs9ai8+P5-vV~Vph+N$r=R+WXY-6cvuTgse5x~Y)*i)ySU-kiDz z*QJ6U`GfY}sAFF{3RPAy(if}cqnJuV<+3xQ(sFxPi{v?p#tzJStxhTv%)@A zVaY${0!ec=jdY3E55&%{?GO+D(jV_i+aNAjtqOqQk)|fJ<~I+(2D2c^*n;o>2Sn)@ z6Zu~zN?3DxskQ#xfTWeq8$K$u5>i&$8RjEOB4%iN~se6MR?AmQ6itWm| zN+r~!85TB6`m7^7`*JO657+ccCB{){o`C-hA|d#B7E&R_|Jku!_M#R0zaY|F&p%xJ zTG84Yu-^}n_0;)upJx89CyTUltx~W4RUc*IPIl@3l`3KxSh`zQTr|rxSK=cuuZ1_4 zV52fh>Kf-HLPf7sNlBokm|8ykr;AN)am7U`pU9=2nZbk9>Rw4VXtlblG0f}Z<=$xm zPo#=$QWd9#`#c;3BZ2px{!@&koA}>iqyz0sjd%OGq&GBV>z;djN0-)L+M{_&OHs4W zHXlBwFzDhoIr!ygrB@l-S(VLaX}Y4EL2fn3a}apd?^4nE+pF9ENr>883aI&ix~Y-X zudq6KXd|B5oVy|IOYeTQ)4Rq=>PbpiC{uc^6Mgri=96!wjW0T~>&Jy32<0%|vRb?P zLq~av*k9#g*9^{&;4rK0q@?8;}>f5VP#xir$4 zG)E;HOFRD{k=JAuYK<&5HlMkiMSR+&gj+6i z%ESj;6>3VZQpaOHt=j(UtxSTV`XkDEm1mTu!bBh~qBSqlbydfTlqt~WG^1jKw6YTI z>w&kgo>`>mN^H|F9m=3s4wF38C`(=SCvUR97RDWrhYet=>J5(%W;Kr9RzxUn*CqB| zR_qEtC3o`hH5$D|rM~XuyG{Y>^dSTKD8fpp z&jW7GJ1*b;(ow9fzMKY!Mqip?F$LT>%L|-ljbAsihvV30E^d^84S)4{!2y@H^tQco zLqX~s54rP!y`DHg%o}MyNE^L(h})SpN-ER7bouJ#I_yT-O@uaIH%3Yt^#2V9QK1Dl zlpAilXMUiY1c>fu6g&U7?)>2V_Gbh`XAVLJc;U){M zmMDv1>d9&wI#F$@JoV~p?56?9^FY6zua=_&Oi~gRasgsV`hGCkwaScUGKtr4gz&B@ z+-P%c22fU(NUv==dF>LL<$``UHYK1?fdk^QLp-e>3Hptx)(`UO5MmYcepilOyV9mc z`9Sdu1Adnz7VAhYCpgDiy5v#(f3a;zf$PyGtlmC>998-Jw{pfBL(7@87#KGiS}LH8bm+{n>kew})}H3?R1Y&#{S` zxllM@unkFKgq=6xyw#P!eM6OmUfI0o|4z@$d1Xm-na?D=oJFY57PB zE~7V_|34_;P?8O?jm=BF(NaCBAvHA{HFFi{-nRBZ4ef8;``4-T)L#B(1bdYIV({`8 zP|=Lz>!Dvl4f>R z|FV2pXwC>1BM@I02{Zj_K4!@sva48(GWXxgpgjGZ`QX;quO4gD>kcY6i5zTw@Ok~I zYn;V`1~XI}uI#G*SaD4t`m<1$*a2$UoRz-6Ii{0RzD>Znybhnioh( zwW~CUL6aNHkiC&#gBuq_7syM;zMW8fWkGX1^jO{QbtQb}kfRr5KdrbvRCv*&$mZR> zq!bvMiBUjjy|p~$@aRr>V&sqKI!oVcyw~L?IEy`5&Upb0^nThgfS;OfPDT|S&O>hf z0$x{bDXE{_4=F%lRFK;Yk)lUy?BlJ`g+=a{o|lSrkNx_GQnNn~=DuCyg`;FQZL1Wd z1b%;!)>=E{*neNhsyxjM*;R=9b~b&3xOZ1u^#wlZ63F!c#152V#%|R4J2~f1eFg#N zl=ql-)u5XP!IyME^7sANJQGM<7};t;arbztzvtQb{9)l+1F)4MM)Upg^Nx+NqO0iO zgrq;|7f(y=*DXcW?ZF%Ltzir@EI;Hc(dnd9O9U4|r9l+CFTB9zC6h0zW*zr0#uS7b z+ue=lZH(ON%q1G#!iKJ^`@^V4a-jTavE1T5Ud z^|Z~s_{x2``_22&u-t9U>l$Ht!Qna|u0ph#?l`C6hmQEV7WcXa?NY8f#AFh0QYrG> z`|6;RcWICnCxiiCp0AE}=b=vj*-&?k(vhdjvGnN8C8_iM>*u@y z=dX{c_Xx*>Ds$ce)zQ6}Qx;l~KOgu2e3PQ$w@AyVW~pI|!GoJK9WsPu0H!J-)2{Q| zmR#@3jr7#UmsCg_dP1J^2M9Dc`adAq1q&crigvP{WkZw z@x7*QJ1#PKl)o=gu zwaO~S<+oMrPYI!VnIQ}~p6NwJ)>&Cu#}gx$`-o*}WZ}4Zsy1qS+TqI*tvThwh}ieE zVGKASJo?AKauWVMh@(cBWr#7&^hrh(i7{oUKuiE!)Ku@)SpL@yCFm38fdi_HZWD{_ z=Of-li-jcB^H)_FKLwPYimj}T#WqK<=V!W2PP2w}Jo=W=G0#Aw0$+o6F>5i!1kbezZ=?e z=F%Mhn@2Y)pyW|kL+se4Sy*^D$<@w!=0exgSgv(qLI;7dA>9yNb4`49M@q7|#ewH4 zK`Y-CZOz|~efw|RBE`u!>sPs4){=au7T8ucB;u$2e|r_34Bv3rmKGjz^uPG+koULe zt=4pNQmsN<>yaU>EVhQdWWWy&u^#&~WLB+M4Bg?|#x(h|oxu&+3vraGSby_FGw;+f46`1cL_$(km zB?mKn=?_%QcGb%ju;b&%wlj4y+dtqsbK*z8_m!y3Q($`roZkaCCEhDXb# zO4NM|3zJJ76glhd;>*C+NM8EG-xmMz7xgMN%-waleNwYgJoi4$$>}bDpPsQ(wtq3@ z7s3>(iba(St{}WF6!505FbekxDt_?MU${0z&*R*PCtBBpFfA#yOG0iTlAD`ipyf!+ z1e?@G288=^2k&N`1-f(Tu8Z+gj?cMbnW;3&fSF&^T89J#IXV|&DR{>xti!ugYVgS& zn4^cK(~ZlF|NU|X(FFVCyY%=HO74|CChu$*J4D?he=C(V;z}?yoE+ndv=gxMPJXEu zzeg%J0@hL-eZQ~Qhuf|5#W?O1LhFR8;q&V6-km09dy>vk#3amNj6}+!HW1KOTz_^x zON{)H5V$>>E{i^tPObQ<(cih*R;n%Ty#eh3__jyr#WC>1?l5pFJ6o>gl~Povel6ek zePQ7Oddiq$);PQ7Eoo7htspeHc!cjmjqW8!E8E}XlQXkH4D0EYQf3X!_h7DsM$H_I z4h`z`3k*HAVW|%o)VSPtbX6&o31wVV_jLf%Tg<9CC6(@_@XZmy7TthnWdMOr(*C>d zY6pn{WapUa4)`a&d}$9R=HmmEBqHTUM)1)*Krw(1Bh-$rIM6%!=DCU03S7@wV$=Ro zpWC2UGejky?O;@7u1UR?^AE91+Phh~1Pms2%@QcC>Z) zIoi8+B&1wT-g7R7gAoGev94Lt43#ZnK?su3mg`qSnXMv8a?>Z0$y@6;pKB@-Io#g=T+Kx6KVcU$-sy>zQE=ahrW@nN?#N}uoymQ3bwUFE*>v!{f6v{U+)Lln)q0OUSpdC+g$3a(jmdpxmP zWEsTZvzX-{nhe@QBpUEn&SO7SzCI-q@7pkz>-G<^U>R^1PxA=UG$+A+JOFspJQ6@4 z(qNEhzD+q59X^e7RIdgh{JB1yk;mg7l`h(FNTz{A;l8 zbxw?m+=M6i9ed6Lz5KN|;&oP*QMKveZ#j!NeolB6kiN*itp^dvl5ko)xEzqU@X005 ztzG?3sbN>_=>egJ@+@^%1$2^4N(!*DQrN84Jb!T2ES=AE#)g;R*OD^soMutKH)0oU z^}zvW>LVB`$@Kw15&KS@iOaczK; z6*}Bv!R}10lu10XeuC|GtRX1*Mt!qP8o!l77-tMHF8<$?nPI95SKety4$aFXDhk>A zdzT>$Vre-z3k%%~%dM@2B6%`i!K^~8H)E~giZe=^WV5JK#J}OgqBRQrbHx%h8f?n8 z3i}i>`)OoLo?>GjL-nVhq~psE!MM?U;)83gxHKl0xK&{Lcd@*VrSxgJIUf*kgRD|J zW9x;wlna|zt)MBgW@vGV;O$!dvl&e-E^Yz_67=u(?A7eW9YfLMi)a?`wu;o&cW#Y? zNxO}l>F0xVLfwgxwHvgpiNqgp!_$6uKmaj! z&Dw5bA8Xu7)=SoQtPP&U2i>*BGq^Pw2XcEaV%L?igGc)98>M|D|bwzygO==?KY=sPl>=`=2;9e^`@&80EO+gCO z_**9c>B@l{6TWa#!3^T3i99|9%AN=UEc8co%$wml*L34hPnY2Ba*2UiWZXD5>EU{v zvAsXGRwlSgBgDst9UWop*(j)Vii^Y0BlW$IV(OudX1Vo21R_0;FX`7-8OfX^JFYoF zyEwYHll#Mg=qo;s(bSeQoAJQ;rk{Ntg#-xJ%AhYiV?eMGWrbT z2qc>9S69X+E6){NvcFHuQn(}Ts3c*L5M;gMK1~U)N8Y`uIO!UgC<`W^19neFZ(QsF7C!{DLLJAA3wg3l&$=9Wq9z zgw<_n)#|$`RXy&O=CS6bNfrz#d8zgD>|%ai9-@?>U(oBOEx&rx3I-DhS8-YmOIBL0 zp+3q^3>R_jKHL|}L%`rWD?Bwa`u$=9F`rf$Coa_VjDde2Xv9|=T zn~auiL5E13zv-q~4waoJ6M&KAbUoI{{FwvQR>GI!W`gVyLChQ_);~HQjB@~k{%F=9 zPs{auyB|Lo6Js{+6HFIXekEvhsQjFX(+VBPwx{p`5oL}Da^MWcoQ;Pca%&aDXw`Ec zp^c?lbnt-(N`inL(!}>k1|k_l{Ow*OE+pE9@8%S87VsR3xU}W?fSqrP9?39l4yUNO5!}qPfxCnlah`D^LUayp(CtWP^kQ*Qby0w} z+Tm-~N;Djn$1|7pRHd7XqDn6{5Qa8}2`;Cmmi+b!sDzrW*9VdPz0u>&7n51)45*Lf z>T$oMoT|+W?`y8BRRhWM3Ds<1y@hWao+{Or$@pNZ$Z#KglIQ`IU(oQ5>gpGobsFXM|3oqc(C-@Ag%pqy`Zo;Jy`(b)ckMO6E=Y!Ss7)4a;x~+ zN}R1oZCtS%V z8!<&a>miQj?ZI~s#w3Ep9nlvo`{(U{zahnJG#|E2&FonO5`c1W|P|CP+FR3R3_r_H)gNID39@L+EVR0 zjX#eW?q0U9E_)A?K?uYtr~-yF^9`<6D+LFxoR8?Thp?4J>5o{)$n~+q0 zp%Ljayt`)zum3tiEH^DBF({IC&{$kYuyc+W8E~if`Nx(h=LFn8!g%r@ytep)E&p}k zizY;4qOg~dE%ASlyD7&DaxbJwlALS|3%#@WF*-nbhvob$_&I@Auw-g;AAz?HXZ@&8r@D<|sHxg!-uU`w#%3@GaVM9a1oBi@? zw0Dmb{}ueU Date: Thu, 5 Nov 2020 11:07:03 -0800 Subject: [PATCH 23/26] updated screenshot --- .../tvm-zero-day-top-vulnerable-software.png | Bin 21897 -> 23299 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-top-vulnerable-software.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-top-vulnerable-software.png index b10b11c8e496536b5dc8a0a6477ae71070365f9e..094e2a7992e6f032719fb47d4ed5bcf94a858ed3 100644 GIT binary patch literal 23299 zcmc$`bx>Q~-z^TsO0fdPtw4d|S|Dg!T-)OA?oKIMDB1!AiU$J4U5f;FcZvsxpuq_c z2~~}I-ROgt){fzPlXbTVNAact(Az? zOB_k~tM3lC*Q7G_5PF+QKd40>+cq-9l!aSlsA22S$eaWf4j;t=c=&Oj(6(2>&rVX@ zU|pWZ@L`t~IHI*2(TXRSJ`xu3_qa+7nkf(ZCoKT#1pbqvQ%fNx{BxX0J#lCFdj!av zs!IPkx(Qf^BmcRVJ{0ixDniLz9+tmXt%pC`{(F`5?f3t{!?=ogtTTxfJnRH#lJrb0 z1&Mz$q#CaK)_Pj9O?;q8(a&Q0rBBLB?}{?sv`dSEM8!WeA}Mo?V`w9#wQqA&LC(Y|x{9H3vK9h?}eRJ=P2{!R3!9^!Cv zuOS>E!PqcrWfy1(_LD~oUT)0<%sYjtTM6n7{A}?%bLhRz!04?)e?jZyuGrbJjllJT z4HgT>oSCNE!!!9PaPqbO9+vJh#hde%vpFLeq-;Xb%kIU5JEfO}2N$;}oTRr~hKNQq z*tXH~f>B8Z|>UGtnt^W)nD77bcMb%>( zB~0vB#GxG3^??`k82V!|GA3$s^oMpomt*CnOYyg#fFj(;=ocb;Ua-Jl-|d3bf2XYY zkG67sKqKdy;SKy#`D!}2&+=I2nmm&%o{D=BzVEN?mj9^^t#Z+Lp@35dAgzwRhRYI( z@7wqBjSR;`Z;r|QimoWhQQ8HOaa0Ee#*8%|nD;@cJe&I9oPWCu+01p56>M5?yC9dR z>C?-=q3htWq`WEbI}KUYvHEaAl%%suGXK=uWwKH~*3Wd?w@LH+&5uU#s&1=&DdH)qP{cOZ1OlA?1bP5+!4!nsNlSomxEyoQ& z6eC1LHMY)fBZ_`7-Dix=_;;*?{op;UrznN%`R~hB@T@^hCX@Vo7CJe4!>J2M=Q0yJ zQvknTw8r&WW3Z=8!tL|#1T%u$vxi^yZ@$S|sTsN|UB&Kn4hSAILcDTe4>Y*M0JWU+ z)c1s{)w!nMed;_Cj5Ge7l=W`J0c)-$@j{MxmyFh<*K+oY zB;Y$K(s?V2Mf?e2BYPn_dRkHELo%J*@WG#zeeMf}34C_b0hp`0M>H7r1dCwf+ zM?<%8d*`zMD7cr8jVWn7>-jftye+QbXK5MrstVh)@G!6Ll6c4YBgF}KF>FG05a^_1{U;x9B6RFp) z!i!^xr z;)ERFxSdh#qdL!<4u1t|YNf-$i;sahf9ucf{uLsvu~&z4u`rJ=Kl7q1xB~V_M|gAQ zqTG=R+P3iK`%$$rT72W$Z-<#cxP9J2lD;W#L~C*W;YGs9ENPy3~H>y(9I(70NgT za(T=t-R7MGjHo?DYoyGs?@D#Q@xd$>KkRsCEUJZ6gc#|wcyiZsAlZpZ2RUqv>xn-Na>^89}d2G4a+jWgGTh-}@v+)W4 z@mA*$%dj-FYy>CAor#!Gtt}7ODEHwM`;@MdHmS2 z)Gv4KChE@$)gS7457u3NHg>hVm~yuuIcKD+ashk0d~1)NFBdjBMlzRFvjcI|DJgXb zWC@wqSN;}@1OK4&k{2GPUTa25_pFEi+$+c5C7DP0(DXXqfkRWPu8ludM$=k-7G2hJ z%zD{={t~Q}XgWH0awpbc$8IV2Ijasmqu2^ja9s*dv$!Tgi0IefhRi!VbO{L39{u9G zjAhvl_h~+bSFn~8=YuCZ`;JHiKQd?fC}7Go*%#%}bYx__;RIe)G1s-lb)0f)6_*UY zyxBL9fQe^z2Sf`v8!bn^pQ-Wxnz*Nj!dTyZZh43GU~+eO_n6?()I0O}CgBjFwy!zH zp!~9uMM_>97Y<8Z?z3$$UvWusRY0=TB^l@C56Qo)72U5hvh9U)%O(9lbHDV!W1aQG zB>+Q4b$8oIy<8XMle&bw!SUj^2BFV!fs)dvAbtw(kfZgtSh!4nH56y7AI*Se){dPN zlI{ZjBkGM0%f@G3@A+coGGz=yI#aJ^lXvR(@dDC6ih3`ncOK9Mi|IcAzn$FP59rj5 zQ1oVWWt#g#^{JL%4;_o5CzsAx{1(#&#Yd?Fz-M%vn)Cz1{Ws!OJ9*?{w(#?;!C@9|TBsqFeJT*0j;njaP&{Vk)ub-?}nVR{XQx0$L?vyLf zUv2blPZ+OOF*i{Zm)A*qG@fR`!t?^K^nvW~Q!sAzJKz&Lh9cJe%eF2RSfs z%KkS*`lTbJ^v?x=!0CU#{|{rM|0vMQbFEgx83^lMGiKCu~9=;J0BdQWKc2fP?|WeoZ{XZ zD>6KMdDSu)3iUalfGiz$g%(dy1Y%kHEG?R(zf1ko@y9(^A#)3GWh zXhDg}K2KKd#=zhDcbohh_dn^E!r{ zfn-Cel!Sx;8uN#b{e~OD`wo`YyEe=P`u*OuGrDbq;T<77>+|dD4kP?y0RN+>2r-Hj z8ta}KL(ANF!(HH@BWOzm4Q3vw7C+&l+ZuMw@s0~$biYj->OHlp^RuY!6@N{RnvQ`$ zBK_z}!q`fPfeW%8U1;FC1FD|;s5AZE>#hbq;5I~W3@3X{>Z%CWh<&aZY%!RF1D4ag zuNnU#&~Kky(ln2RttR!*esR56iMZZ)UDAQGXx(4m&f*K_-Y*p=H2C~-AVX(T)r5bV zZk-A;Y^rlj;=Bm)cbWo(EjrYxQ~;p!7DF!V?o;;f=9Vjt4NC2GdJuKf{WmAHQ(Dc= zN*9I65fKJ{OP3g;*oCt&X+5}M}JG-664u2SOS`LOy39)J8)lIyGFQ5&WyO|(~UVQ zsUyq$PVX|U@wUV^fPMCT`!m{@LXeeTRA@$G0sG_5BXY+hJM~85$(j^{ zv~UV!_fYu~8iYs<=hY3>8KmLQ7kgW6?iZj%KSe}i%|KM3rU6#BmX?v`vXkw+;b3U% zUVdT?W~62yBG&{Hvs<0k93W86pre^Ianf>3JZ1e=#;zGO-c*?1(^b!Jd9*~E=1_Uk zP84EdbP2J)JwiwfO(?w(LB>y2Utd=LnAgXhB3>$o;;=|q5}GgREtDE>ssBh^7ioem z35BlkruCRZ^zS!+u8CMx2EJ~kjW1}(;{=WkUEhS6b9>4CQL>SsXYG_ zK&}o9gnqNiwx@ck>KAqAJbio3ARAqBluvP=&boSb)EZ~5bYyM_z3dK2z2&HPRPBGh zZg%i+-g5XDYN}m<&VQYEg8RgkebhH~)Kq05AX3tH!hRe0O(E4`2Q>0!cOEy*BPmq+ zg-Kc)Cch}}#XGB~KBcU>Qg1-$@m28|H>CN%XotsDLeXu9HQy&VI8+&zpu&HqkUwSN z1*Jz~Dc_;KPtkAn|wdE0s8;SOo+77hP*tc}UEI*85QE{OTn{hV3~aZaa5$=_SRdS$K<|mI{f-{^#&`S0fs88nd`^lx4d6d3MBRz z819)EK7Yt_<{k57Ug*#2fFV#2(Q2e)aJ!S^20&EmZRyPi-jFFDe^hHHCT#33jm^5T zQ=LpcNlDT23Dspnv zA{ezU-q&%7+rQCAob1@FGg6m9omQ%@Gm1=#+eXyxR{R&bVoB;@e^JRVb-LYE67bT6--66rsZm zwJ<}EXHhYIYxZKosf#L;kcZEvGL-&9TnxX-Wd>Y8=}|>UOJ4a7r*Z;Hr;qR*XPC6i zqpEL;kryB67za{yb$${>sMZsl`1fi^OLK8$r@ZXu6NY$t%`dCGT&W_cgrn%%L|VvC zYamei=66o~fnBovY&|7&5dwnWhMtSCB@O^~qd7!@kpLKi!?$F(t4WO_9wzLX65kW{ zv~Pq91rfkW@wQVpBXe&~=<^w_ggXPphVWdh!WiSVfdr+k>j&ndNKcQ6F@r zpR>-=T;F~cU91pPDH}a|_XZq!(j)s#ESQxo4@88V)zW{S(-Fj+nGiPkW3SVCe zk&7Aq&C?_O`OGl9#f3!+gE2>=fhsZqxcEoQBPVwVY@5ZTgZsMyI^N(7 zEc{xpU!zSqBqTuLkH@7@?LQP@9NjDXH4X`C(Z~^yULoLpM|K)pU9%W)RzL|yrF=Q)F7(MOv0tVXlb)zau$cKcevzVK}p0?FZ^w%gF4_SZ@9 zL!}RPY`$6*PKSFLLI^>JEccaGYw-sen(bkChR95FiLU@8;>wSQEKS)mIK^;Kscuy( zHR&2lZ}!1nkMfuP!rg#j@Kbyzmx=9{e_J=Qg@}OeYF%K0D4ZB8Dx=g3IP=1!?CV_~ z^B6&*W8iquh0k5PyjfI-U=&1MrL(un*V5Sjy!G}ZP7i@plpPO<=hE%8dN;RzZ}!7& zxaT`be^nv8#*|xlNkzjtizHzGT3=vTC1S9hKP@$thGf7Y_NY_QtJq)XDuHVL*y5v- z)(Q38J`K&5pHGGTKJS=oiME}fR=w*?V$sEhAG$T7xpk)J9s+=7_)9!w&WzZ&bUj1Z zV_L5~=442Yxw(@@OPr@gP{ukMXxu4Cz}JYi^!%T_kbLqAqtuxHN0V&&92`cxd230s zQUMukP3RN89E+a5J7E51ujQ)kV7&mW%PL>`q0y6MZC!Qah*O}5Ggng;B&A8(8fZ#d z!e6`-H}@-4OL0jvdD#5zI?B%+OrFgm83)O|R~-{?@2MC2FS~DEoq-fhvSypN0VDHH z2WCCyZDz|tP9ZUe>!6Bn8_C`T%)CC-7285$uFbv!!bBiFg)ZLk>oF|uGn?w!=0tXd zCeZ{HmC{7XxrY%U54SIXf-Ls(td&~Za|%HG65^=fbckEO$O}5Q9C$YrsJFdtMjCf? z->23{j8l2#4ljHkmS-byLddCG<8H|$`s#CVhmXU{Wt%|G$L7$UaXy_?mDZwGBOHXX zWdwh1q6NAD)jkpvaPJ-T0&W^b4r#Xp=SunV=;(> zV7)fr4Z-Wx1!&{C7?-T{?Rz9@|FElb(|tqj7{Ed|7M&D1Q0}P7JV5`^5mC*PS5U&z z7du@PNYXwoEb?QtAa~D}h$VLO)0CDVM?+*fh^9B1ySbx`hV#Jotu9S~L=3HV($wy} z&x?HgjqRo|S48?*L_-xY2&>oCzYnKXWIZI0A!UVIzc1{fQ5idRh@CF6F}kb=nAqWV z6omEq6gPC!7XbvAVkFdswOf;((v{X=|zb-q(8P_}>gpirY)+v-Z9i#mR| zJNM=j5)M&PgX*u(WWG@*fAcSm+jPxg9W*pIe)tEycHiU8PJ>T5b-wS`1(40eS+*5i zZgV$&3Ucq)y9Dd)hnaiAEa4n^lRRkq)oVYfa1RWj;$@#tZSARy$20RZL<)ReSXq#9 z565Da7<{IaaVQKFK*8YV#4tJc9yrj|dU?b|G0ZRic8MaY5?1|`|KoS_MY7SZT@zNx z6%vxbN@w_%#~vPwm-AM2x=QW!EQdt%(A&A-IG~O|@ih1yzn+!pDS*~o&pqgtn3C4K zJ(&veTp;fni|T^!CQweuW{y+0IaK#04taYQs((Y4o5@!QBL)#!CKMqBi@7D;g*0q zdeK)Hq#rZpFAVrG@xp8)TfvNa;?S|kf_8s!sb5NM9A1y@mvG!uyB3d`jtHb$WZv&K zO&{B^gkH~u8me6LqB8pvH6Ev=f4)fdf3K(ltKl%xJkp#0M-!@c;4-Ew#qFPi@k zZU!<9DMOg zYt7#o(t%NVXy*JbzH-3^Et9`%BET&dyO`L(!Z#`-J!%A%Bs2Rgh{pt@sr)e?ly* zH9c_21q~1xS&HbQn-g@VU9qrIbF6yreS1YQcxOqbPFJryY3E1b)Ao?loDL+Onpt?!%9QnMVtgtfm zw$w+B_LW3Y10GfUa`R%7YeNkH|OtTY%=*1fos!VYm!jy=p5M z{9A5Egt@|R?Dj418vxFahfWp4b_|%A@sY$C;C&wie07<%9Gl7VOLV5OFo#<4*O5nsZuQHn8xl zh$gJaq0j42XZljy3x72hSQvWw1IswGzMk@Dm88F=@Fg&@0l_WF_jV^w_^o3%1A1lZTmH@& zU*VF%o4CjmmEBe{qOiz}7$GB0<>i|%KCo4(P9Bo253+nAn0;!MLr*qMDS(~bMmedg zAKMz-V}6=}kBq>h>jPwRtFnbhU>TU||K$a6Rgq&$aOYFNe3>@*y|9Qj zA%-pdjYJgBWo-DaeI+xK`sJvG@`j*UH|{e&PTqK17;yox6>lWNM>RLca*X2UEw7I^ zyNf~BN2|;=-rJaoXCuaF3Ii(T@6@S*GtmicY%JZP)Gdgo;kX2@{f_TVC|B8~Ar3!7 z5C~f4N6VbY2XA+ujzc{@cyapT)i;g^WjxR7%37mVWnb-&h^w^1xV0;Xo=R^9*OdEx z?Ri!$Z1>@={iTi$FbrW^ek>{*vcdNZfme6%AULLA3EjP>V2r z(w)YJ|NHeycU-Ngttn)qq+vTR6FU_{det=O&hNC~m4RnQ&DIgyCr^U)eM1uJ>=I+T*n@{{ zs^E&2OW>f*Vk3Y4S{GGJVabNP42E3b)n^FE@9hPA#T-%_nX|R^gG;w_AdNESXl1Nu zqi=Vqp1Y5Yt)bao`w@2=5I;K`SX`7nbumjk*D8*P`r0VS8d;Yi>Ry~5wz^-w(VZ=Y z9v(W8@2Jm1-cTxqg^Sv{ICe=wW=<(M3~k7_TjQ}_NsYN)QWpD4?kSh%Z-Sf}d$&zn z(W2CdKDNx~kuFqtyM(^>ElJoPZ}wo(>fA>&M6$v$`=`LQ0Wos9uO{Tf#vwkHp&z`b z>%TBrJH429%}JPV8FlH3jS$c(DB!zbXCG(@`oRJ6-m1L;*S)fM>Y7`V&xfltW3vwO zh#`lpws*sZ;ll!Bk+t6M9N$}4jFtJZ$ncsf0~~E7-mZpLI$_EQac56i(0M<6I#B|v zTuvlTXu}gnNMm>^148Qh-a^orL6Wy%HJtZt%?Wu&Z$OQ6Axp}SycTz6(E1RM5YpnZ zld$cz>4V4+I6aS)H#@PdZEvo!;0wSClI|U0;F$9DwLR)FrA*!ixGP|qD{kmQ-p-;7 z^*{%^Q*k+fJuK!!ji;^I9(%Yft@=F#_F%%xJ!Pl8$scNLg(5uPB+%L{{GF&zLNdJD zN`G!%aPOY(@!%g620cDx)YE!}5eQP8Z?NR>JPM|XAKvd7B_6*t7abBtR2h20+?U`J z&$XJ9*mrJ>&-$#5*X~*P9_s^Vc*gw`x~fZH(6UT{ z^TVdw>ktXCUkr%>PIxx;x!dsxdmq(-3hRrr)yKbHfHN05o5Ks#5C;sjZFxy(Siuda zgU{I{?x=JTbn9b6!FR#KB@O#ktmxvGVhO$@EE~!92w&0T5g~*0A0FG-W3sPNXu#eD zQgE2T-5ChvrG~`week1#Ub{T26$w=u$pI9z>vhyyZHB=@K({UJ`KrLq zo);bceNCXGXJ718mA7+ookJD3AkX)ptmh(M!ra!6O&;yR7nd*xTPjG%q zDSg(9gBLZEPB#*~)>-p?F z>6xgysY|B#Qs@^`wohMuQpiE*CIsqdZYtl#92!b1CFb-`8J6^+!^4?q#D%L^9uNwwyCsEXU@H)}lH- zXm9}uge0dbNj^yH#oaw0@xk*{{zO|L7j)PAfi;HzG)GrwsnR$9wt?In3E*^u)hyS- zkFw<2Ql+D9Rk00s`3s{asjS_mW+*ma=sw=V2`^FpA}*BRWN+;{Z}K2sd1*{4SSB{= z6-FpN#QW0fNr}J5z-8Vi2uIihZ}{Hmn%I>FDKS=qcYuSO%_PUY)iqwMI9cyQ`qnaJ zGGHS?|Hyx(CUGX)%pMzSuCt^I>#W#(&Yv54`cXrD#+Hno7J{VrO5-Qs|!tc^QJo%azDnJi>9KMW-C=D64<} zcHO&j^%btw!)`d>Q>7K{9mtVz&Rb{}S#S_s1SC&##AMjhjm@zAb!VlE>4A`(PO5da zkdMB0K414~#G)87Jl`TbN?8_TiRab5w~+4yiKL*M`dTdRa%smy*H&TRMrt^ zyr`{5T)T$cV?HgCLUe}mNNMPML&AwsS+F&5OsTPB^`v#tHoyz3fI|2txPo`e*4a0c z{gNZE8Y%%F2@L_&4#MF;A!#31kcKEL^S?dXTRR2B+%t-e*rw0A9+z&Ot~NbQDXmuUhOe7Mazu| z;xW$YkRaq;AN-(B3hrwiiQJu(#-3v``mK{QEah*zJpYU#$Dy9Iq<1gmQYFSfsu8)|ITWb6nhcS0;ovhre;(xIz3kJm|FP)(zd|{{`O)c-@>u#mh@u%Fat4NykN8kwtODydcav}K>_;)pVPcgrIER`-;Ydeb{BP4tA}ld@flfw-;lQ@7gH%M~j{8QvaGx)#<%0|q-HsQX#XAjt zUmjW;O8#R@wG-CRRNeA^Iyoy{;HBxHd&$&GD1~h+%j&CGH(BH?gs=HJd2|c8Ld5O+ z8fUS6H3-H(TIkVSTRRvX$etC4*V-9+Rp|8~*|vhC2G?^+k@Mys^Yj8gip%uH!)TVO zHcE%=?;6;VLufLpG_>Z*<=};2pk4O%Ym9Ka;J}@B(lwaQc8f|2QK)v zPtU;6O5N`h_AAMBsl|jDjVNb_kV2uquF;R~L<~~AyvpC@xJjbrx>uVw?P7CCijUe` z(ll|>x@I8iA}o&Skz+_^vO;=!SZ*74L3m;v?sf3IL7N-A>_ye2T^6j>EYx{Fl8)`L zlF2nO0sXZU)AGr+uy*?5ezksu$nWr%wV~11utw|;6dz^zkwX0+*RI6y{~0N6w6BJo z%L{M##M>l=m?)e;a$UCKN&cu36-ZuA-HAuQPrTs=Bh*KiVKROXPOL%|oVWO$!jKYN%Lm#;7?^k3ET-^yD^T zD&xE&Z)XejqE9AqULwZyUCr>%rO* zhw88b!}Oq;To04IW@Mz}Z$jalhG(Xzb!Q#Vk1?bJ?HwOpOp-I$&??X;-yjhf(+nqM-?6G` zY-xS*-4xyOTW*(+K}ilv0a8C)dTKQ2q(1mqLJp>Rky+Snou( zhXj-6y98mM7qjVg)utUPOScC+PJU~6PKP$xtQqVgw|>;(&RZ%!h}9FU2|Hs`QCCQH-g?t za=h4H{#foo1>QX@Dt-COZ8PQ0zh_T(7^2a!Hbuj(^_M0et){&%vRf2f@IJzCe^tM{ zP;AHvcU+JzSZ?8#pQov4neogp_+97d@fc5hzgkaV7>|CzuFlcb<;oW}jmURT zjurp=-e4sT*SqKoXU2F1FGJo#-vES&rKsLH9}hzKOx+l3j8ss2r}JMz{3D+CV+AWS zHUAc*EdwuRZ1JyML8(__M*g&6;@MVtRYjmYUj@?WVD=DZPkC=aS$;YB{Y`hzGc#8B zMe0Xvq^$j|htRDnb!TSJ?tt!{@`P%0TjSa8YVBg7z6e>){$}4FzWiXX=`F3UAn?>y zsY=2oYl$Z$1jRQ=ZFdH&-B|i_VymJ4u@+a2fXJxkC71$F4~IZi^o~zDp!Q$3Jf9gK ztCW4JYU$*$gzS9Yi&bv_*PFKs^$0hSi!kD*dbjxz=7n2(Qo3bJdWQ~qRgScwz{Ou1 zb2FMhK&&H&KCuLH65TQ8UAwc3?i%%kT}A1aPfKY1W52FZAH^yOZ&Vwtub~4 z_V(Z5JNo&$*in5oT97q}svwqnuOHuWS5;*3Fy4RLgrjo;dI6()y2*Q$)VF=MUU**~ zG<&g3VIh_%50c$)1-;{6$$MwUIL0Vy(3wsEky^k?o~i2Wpb_1ft6@Q*uZQ%O$4dN! zbw_Fy4F%Mss`^ttgpJDdWs2{2EnOaZ9Q@ud9YPLC>jTST0vsLP1RU2k1^O7j8R0q? zq#28l|Kn3xV+@PD?}6bpOj!9U-ss%1r1}3ls#_Q>H0NKcTX=Mx)EXQrFq_6}!=tQp z?&&qV2MAOZ!+=d$Zgu4%2eB%nn8kPP{k$4{S!Bnf2&qYA|4Vn5zxiM2?wX zj_9805l4&q%9_U-BQ^@017?&bxTl`_m8Tic4ExcFJ^6*fKG-yJ!cC1DCjQ5QI{P-i z7R7-H;xubdRzpd?o93h+`jne+`ua*p2f6F%13n*ln;(g+3<1vXT|@wSXrg=x3*N4r zHTksx1_&}1SC0if@~3jEP3(oPG#sUQm!Z40RM}hr252dgKTVQL+4&XimVpAqSHH~{ zZ38+RexltN_jb`8qXJaTcNT#pM_NQPq0AiAbH0q)b!huD<{lza1cigIdOT8(pE`1N zS$hu$aS^!QWtnk+18x|!zg|ZdIZ!5!R`}<&c|gM)yTtOOg1Jh2>{9f(ST1|B(vr_Yf*tRv-#*pAACV@K*kYqKj_ln8~JG-y5Id#QR zX%F{s;MM{>jHyWy^92vp?eYsfRg9T$3h4R2xeK}?8qvj91y?q2T(xmCVOO)S zgN^)RMWEHQBrc~t!sWuy3)1Vjl3}Y(q^}F{*dEE-AO@-wcrF;gy}Ei@>7c%j;zu#( z6mrr~-A!fv!I)P{15~14vua(>g$>$i*M+Av`QPL(Hk^7uUcT$JoCTRu+Im{DgSJWT zyN7-KXu|bU;7i0h0qFzX5zpy1KCA0rZ9+=OGhLieSLI!q18*2Ilj**;&&Dezi;dx| zh)efw5GGGsGRj>ZtX0R*U?041(-M+6eJnRLI49t4^>xPbVSB^_e1C(Z6@VPzfChij zKMI(hQGn{~@ULU{?as(|tS{QAO;}|7iFh9Mipr{=`%q}Wa!mbbV4vYW{cA9K$(Z^k#GG}`663TISJl+4VnW%a*?5WNb7auTfY`bkafE7k%6W6I ze%s&4bGyNd5ozm5eS!8&#S-cKiB*tG?0QZoLyqX{I)9~;5YOss&6e*<#cPK7BsGbA zKmZ=8p0*rjl}Ws7Gw)72{l)CGm3-6{&pZL?_oU|qH2|ZV1Heb@OhW<0>4Of;FIr_T zoyGJ8%aDR>S#fHszWJE0KaN3&%Q;Mnnoq2ozW&W;+g2s)oedIq-;~El#py9xi(qco zV`0e32AJXp0Z`-NzK0vtw~~F#5C;v@jmMklbBO*COobu&36j%cW$QFYGzpVvHGwpq zAXgh@2~l?XW&iB^ zjc)DlFYmT!RjJAQP>&n5qWrgjl^ofn5V@uK>&~($AUpfMJI=h3Mt?g8wDRpwrGm;& zM6bz|#YI0@RH-Qyj(yi`f}!1CpBbOR5+!5>rEDh@*;+sIO7R_^@3r-nHr>a5$s1kgocR)`BdZ{gt3nx+k1?_X!FRzoGf2kz3uD#J{^`wF*9Mga%-SYG|K4AmDN2(VW zb}tg}$mPbjAK{CDbueG45fIvfk69q~sk+~yQr9Uq+n3RP_DiP(FU8IzM)FhGe2RV7 zE71i8nq4|@SPgYrUmZ`tcg`o38Nk3s+`_EAcAgvD+xUw{SS)Yhe{rgI-UfQJf`)vm zj^_83rp=9jIoDEXGmvE_;C6e#3Z3|&DLLZ$_Cuzvi!)~B%GIVljEZufeG*C)2yr8nraneS0KdiE*@P>WZP?2Xz-5TVfwD z!PS-M%()9=xd7>R!HQdT2Qo9?E#+=w@%&jNlxRRQmV)Z;8{*)$OmE*Lw~rRj4p|5s zgq>bff977=Mu3I5X)y6v+RgRkyazj$x4iNo6=AM?Irmn~a!Dhbxo0a$W-d5ESne!7 zBl^mRwU73aV${i$;&2A;s#qhhySH+8F<(l$_0APEdUq%@!1yL$ip2R?R&GbZ1&u`t zZ}79&{V_FNf37Gyi2#y;xhJIoUSdb$B4oXzxr?oA<&FE3;JRJ8B7b4xl`G?quM+2( zer0ZWkyV;KNG;vfBo)fbIr;eEZ(LK^Iwu+M#p=7YCFIq!2i~ZgJ=|yqTy_&5++Ufu zemwuc_5_Dp$MDj5!K1?|V14>z!M@0#=@Qswfa6`$J&}hIb@Q>VJv7Y>)fjbe7-_8K zsFenTC%bd4c>&v;eRD3%q}IHmgUc$D63ZOKnc2B9q z9~^=LkDsrJIVduT6yM8fw&5}oyXW)J^AgQ6V$oQKQyGGg<5YrVD)>esaP8eTFW}YZ zotMz>I=(`q{6LjDSoK_m{*W8pUWyPybg2K5WWAV?Q#2$IPLSC zzI?MZ+nEuVke5@{qV(e&gzqY z>$Sn_xT?2O_K`-mbk(A$bIL{QX6W1#OubidTmm591nP>Qvqib>OkC*Ol zbt``L$A%&SLgWZJ{+jZz$0eq#M}5cjyQo2e zyD3uO4(a=jtT53go=eLm-=mCxOr(9rTVk=y7a24NiiItL?Xb1+Kx4Mf=7jOmy(};^ zhL5)ifS5qz9>Xcgb*>|ypK1fHGzibF)>*gx2l0JIm?-4*cDTd2tw+FN&bHu>#C2!v z6N;pVvP`C5-h87TxX6(s_UIu&ueI&kqK7VztRrQHaQFfJ)g$qw_9F8Nql1;^)a8L_ z>)?EzIft?<8_zf^Hl)XK*}LgSKr1rpNX4W{-Uoa{k}anj)y>YvX3HN#>a+z9e|B{> zd7T{ol%ZzlhIX%YAt|RAB>y!&W0R}${%JA>*3|at5cb}5B+`!JdOF9;)wWHkN(<=R znl+F@5}WgFKK$ZgxY=bB5r@;P$eb!{E&M7CgaI%OR@2LGp>z*f=NaA&j+YKdn_|9_ z$9bytY4(=>wsdzv2o4>?^O5}Le>VRFlwFR~BlW+l`#W?%r|w}#2)gH9_keky%~T!d zoCEb@eXN%(;~(_}8AC8*0V?YqWWIaeY^K5zOgN{BfQG2fykkP67U_uDzis>sUzPfz4kEL7oOW2o-7J-6+3a?F` zXP=y0j;&J{rsw^2$^!p5HHFWl$%_7vf@uMFHtyG3WPZA+Z{AG*UU1HLuY+)q{MXj- z_d}9tum2%ZM^pa;+r>7U%?`b>|g{Z0Pg z*!6xkawU#}LK*eve*ykK+v(q%*lYh&XWffQjqXT_5c^>Kv-!gvxA;+O`f4Q)vV%Gu z78?ru;4w2YCbrzh=^VImJX3L0j}XOxh;hcJ{7^M(qy49f;Q_fcz}RY0;e z%~G;s&Aba&XAAyv#o0hh^O<4YpH}V9YxmlF_Tc?n^Y+}kZ9_u^FT53jzZgkOeLEJ| zu(zGQE96L-fw*)$w5tQ-%<*Z{)g926$AG~idwWZd68Y09aLFsNgws2MI-Uk~ShbrR zKM@n85^N4h%^`C&=xN3@OTO8Fl1n;5sc&tsyYqN388!oGD3Y37?J z0=uX(#>TH+{%N5&x+*DAZ#Nl`#24}7*CDP+@D(V?ds$)b4(@(e_yOI}hY49sB(I&I zRcN~pb}=2bdWap-qT5u>5YeRD*;}GQ$16v%#NjdFnWHuxy>?65wOOl~A1ZVI0`Mio zbSQsrRY>q5hQ~HAZYQsB*y+$ z%E8rq>*l7Uw5w(C&0P1KT;MUIXnH;x)(#N#ZtDKd1NQrCgz3|glAL{}WD~EQpouDT z+0it65D!^#);0ZTHAnnFF4@k~2JBa^X4jJ37x_XyQhfJ1b1e8Tnzq61Frg_P9tN1W za#wq-R*a?TJdB)U@susp$rAsVEoj--*O;+m)};q_Wy3e z+5R;Zt!}(HD|Wf>Y*|~tUYjQFjDbd{0^I(>K)4DtwboqDw}_`V z%0VizPPxZh1#9DaY|CxI)oWyRa5+MNv%taJ8)$GaapsYpM)!9tI%QF>kF#8tt=G)a znwrz)x>D}`{!h=3qX2|m?NyGIjv`R#RHZx1$<3!vD;~tgK%t5ZNzFz3`a$4E!*8KB zh9qTXg%?CG;uRc*%6|BqF{-OGhVYQ#dt{?*g#y|pt*+lZk^GjLlCLn$Q>ikAr;I=6 zMZ})^!j?%vk2J}0!^9VL81HL95I-J2xzvki2WsXXvok(uo!B#|VI}UWm0n{6c`)&j z+Sdgze&mv4t-V19+RE$QZ$K=+{dqzjJu+?!XGk&@j9JrE`gqgv8@FLAU{DF1vB||t zIpdVK@rCdlru%vpJ7Gus5xJ4nrA+%}8TFhxZr9j&I1zxr@3sSr1<$>2>X)}OrgEm= z!qIOXLzS(KSkUGED8^wtOK>qzsAm${yjtao%MY7#IPQu$< zlq}10F&Xg@b;>`IOy^E9n~vko4n(z$JB8Q{ppfc5gQHuwgapnmr3Zr#%#{rew*n!-4cd6$1 zyhX*UCebH=tL?Uv(|c6hBW>vqg49b_5{AA;!&&x2ja#{I@SlS|3sJ8VtoQ;Q!%M2l zbq2y|ve(|flB4|uBp_&Kk{ps`q*Ivefjd~uuQ%QTeSO>)OtNBT+dT0kuR^>#`UAHE zx0j@cBvJR4Q~P3R)B4gDtib;6sLlcAJn10H&gS)ZH_#p@Qpl_5o1(V0QT7%oE#OUt zbCt)vA6vNiAhFQ4)E2eV?XueXG7~YaZil$#uD8f(LEiA)Jh$#IEH0We$ADW%)n@vu z=9{v`dH24mSr9j+*FhHiVipt!-_tS}juZElrxjPMb%zQz9c}l~GA@t5{#g|#ZO-V$ zH?Rh28h|ZlSf~@nI3|dFde&FnU<(0jwa7IIzD9LU%X2i zcO!J(&L!Kt#ZQb`9PX|d)$KT!6|zXpml3dAoBIGP3?W2C!x~bIS7w%HZg~x@fGF)- z?PAGuH_PBM6<-7zlhVeVKxv!fX`!PFh-Z zD4&J=2L9X6@wBkE%Tvkvy|^VK)%M3Xheaa}DS{~-Q-al|lvk!l11eOFAeO7ssFG_? z6kxMDm1W54c+hxcEx)=_Ig~~=>ooZG6_7;ny0pOPh8*0-6I8=+D5DGI^ zfqSFyo!A(9xVH9op+k9=+2$$MSv`5Sfv0=?Kri%DfQ?tm@mh;NjnZI#sD$&iaEUv<>lulS^LF`UM7gpi;EKnfO~Kg$cK zbJkf9@;Y9&3l9Y-amyOm%{XpWPvcm`b55EcN*^%=JnNJTU|sVHp3@FC++*I{d=1mR9Ow0$Xbna18+!oOZ^R+Pf!7eKgeCiygS%=_Y_Rm5%dtZsWEDb}M`=q- z587_XVCBMfi(VG1($SsCp8nOLdI4qb=j-rx2QG6D$4NGOkm(0j*kG6#o1FUH<`>7d zEjw1kDg%qRTK$!{tqUj#ry8;_!G^;2Wf_J2rDFg~pH~3qrtX->42(OZz|P!ycZ)*& z91a>0RYWh=u`|C%M);9Vaf659Z;^lLoG5!AWNybv`t3MeIrgKOHgJEnwB)XI4CBu& zae0E%a&e>Z8N!^=nbP9M7XlfQ7X!(=%9is^v+McERl#9^=(OHP?SU37zWE-tZXBVP znV9|dG{R2-)xjH*mhr*P3*5{5fB(hzP=EbGC&(Qy8V*`LlX>6TP?;p2Z3WU^Yy$X5 z`M-bf397@Khn$K64ZE2;#|3c8xu?{=8n&S8^%G^DoQj`?N7F@ToDvI3x$JW*KG#+3 zhxCJ*^;pENp=;=ZREHS(MY%}UD(OSP8H#S&40zuI*mJ!*n0cwb)$q?L6`e-PKRC|k zI0`5$V@icf98uVJ`f!>LH3xOh{Mj2boouYY?cWPZ1;p!{HHUm{yg`^eU znp{G%U;le!NRef?qJZD?Z%B!1r{U`wr)8LU88XJ_?zbOJi6X3iNsC#H$?8UAkMVa z7edIZvYc7kMa?>fk(4T6N6d8xR$DvZ;fc$k_p79J7@+&mqIex$q<6NQ3_wc!luZid zhGf+=bq@JwmN%4txuySesSw?{Pp;D3R3L~I`ZVl%#XssuJvHSgB&t%jH{0P2+-mi3 z%?#ar(HIjY5l+`+50{554ifvGdhWyC_(Fj)O~iuedbVxUUh-hccY)@l65@CHA zHYmhSwMNAq-(bg+cz!wAsuFCgp12jev#XeTV=i~8;JfFN=1I*;(GO09@ zI#9chI$qla@CP!*PPYmy*=VMWJ}xG-20QojR4?IqH+p zc=C<0kn)rtmI!(81H09>>>%ud&GFC;Fk%&x=sU|X<~YMlc68WdG2^bW+NNN6GW(3` z=qhCZ8$o$}tcuSj6xkk4tj8Ai}B4+yzNj zf;OZiB7&xqfURgV>P_Y32)PbB)J}0JOE0u)_iIYgISUrhu(dkY_Keq|3Om`GoSenR&~KJ8o3?xK9@bt3lXq+~)~Idfi@j|Ww6SAf2L z-S)?5?(fhz{;c*Zao0J^@^wR`9|wmZePyFoRM_6Us1q4VG6t8+M}IrYF(3fU&Q|v9 z!^F#VWA?b@gy#3%NTz*4BM%j6-4x!|R>mmH0Hd^*mo9_04Gqzfo9x(8L<>q33{~>$jU?&F+w{ZDbblS7}Q=i68 zzpHBJA&=1D^*yikb>b=4IzTS)iqK2t-mqUY-4~zRa;Y&Ce|bwSl#*5zMA^{=a7Lxu zD5#7|R9$DabM5p-sB;y0ZOW^i&7Z(-3p-bUKCaMV^V;%*0xZNi&pg9b8g41(1R$_l zCitre&Nxak>E-q`X(6!(0iV{2D!v|tnglH|YpKYbT;zDo*4vY-#?z>-?xBd$hsJC6 zv6rrH)n3Ep*#pl#=O~l&&=s13RZO>^fu62$8ouk({jP-n!nmjLV~ zvqf_!68eV((1(=Id93_Nnu$WXt6qDSD9^-X-@XpF>Us;p-~ZMAysu(b|7(MM#p5f2 z?9}8qr2ef2ZvM$=iAKc(?`~%Xq8!l zVdMqCTz9%97gh}P5p!iwZu(^TswVXHTMCc{7R1q-{K?*4N37a`7>Cz)pD@qenmm>PS0w+_atw7F&7}4)|%$yXkIvxUMIk?Wd@Mg%8pjXz2^NN!vbPGNvv)`C}!BP681tuk-ZH z#6hdbK3F!P?R{_cy^-M6dJ}}<1$B4yo4#JN-f?_X3&_>v5u!wh@;`8;D_d377#>Wb z2D_cK7Y)45Q->YVOu^2mt&@`mSY;EqqRD+H-tzeEp>X_x4}IqZN3?h~A0rv4=gYaV z4W z^Xb~^PJ)-(`6~BjPQKpQ-@W*4;N@1eDTR7sK+VXqqHF2UOJ3InAZ8$(iz_3+_V-*lhKc$BGxPR<(X(JL05TdsHbL|Q1{-y#l=cU|HjVL z=bHEb5?LzIdge&ojC_Iu`z%M^_(RrX(GVAYS)Zw!;&K=6^Em>yVC(sOb+ph=LcIKR zw{?&;C=a0AT&jUvfS2OXWgh2#M30|+&JGuxGIYn>61Gg`{t10-9a4M;r;-}25fsKI zSUnP3%-xhanr|8my%*TipiR{(y-`=;%d5#7@X{Lv3}n6m-LeXDtDr-Fzh_!Vsi2#v z`FMkI?Vs&gQ~3euT7WifmZe4Q>l3^u=Xae@zex?oArLfw_Jg9JNm!2oB!r-YN^A$|EQ(uRKI1w8Lxj=kfnc< zsGgGjMxYKp`i($k{f$8V|Lwgho{MOC>5>*>#x%m%hAEQX2 zsud}8o^rzf7Sffzn8zq742ZQ=-rbnvz!|Tb7uChm1$!zJ!8ZR4rA~8mOk=Jrzu-x; z!@bs6qiGMv?;|gmZmz92M4Uf5yb;Le#E87yjyvu?BcP4j-|LQbSzWgcQScr;H6sX% zBzO$?*HQ1-{g|W`;#y2RoK_>V#T44(Z!l_NVvDkavZv#|k?3;(hj=AYYA>gRxkN_F zc3NJPhpw)l$lZl98F5$q>RSvbePDFQfLKBq-;Gt`TeSb4lp;3oT}E zqxVKBbJV=wv!6$8T(Ja7xjTtD2BsdM+u!MKD@avI`&abW^|L5DQ;i5niOu%RLi>$ zuVM)+W&=GCPibJ33D zSYBQ6bBZQYHklYvw3FPp9SIeGH}&naz}*}-T+?UCY*gG@vZN^xfBq)Ts<25E0nh!M+XIoinl8CjD@4e2S}- zw~o)GtL7u3%6`}Q0sF%{hXK#P6Jeuf{hK`XjPpY;Tnd2(DgCh!(f?JZK_2GEB6UFd zY;FJ9vy$;W#Cqg>s&@P+#Jo1G_}uY6WTd)g9X&qR)KWLqV@7IYylv=X!;sc7r|F~i z)kJn-!xdrvf+ylB4TFMt?2mz96QQ(rnlS(ae#G2t<=^ENOeGCjd6(a<<&ka?R?OI< z3U2gw>^SS@AUXv@`t*xVny5Q1YVi;oEswr&Ls9gt#j|F{M(AtNJeo|WTHY1TKezp6 zA78cb1&1yQQjJw#fCO7ycClsA z#n~?TegCiRw4Ld6+J5bwVYr;V%suy>^Sfn9|Dc6xB&NIndGJy7%^|80)A^&~d(2Io$Apjg*lO6x(9m9? zeUyIp**$B2$xA26E=#=<5dxAR{Fb^*5fl zh7G}nbi&ThxFY%FTw(H{W6adk`Q z+rp2q&{2QAE-xVCXZ+how$bWR7ESeHPQl8ajgEL6ey-R1f!A*o&5V|fcf66Axax78 zcv7+k%KRJ(dh#F^j+64dl!M&APpV_B_!NTM?U~MTfW}C7J<)%;hezgpG*^k%@U&yN zGf_sw0oQYBjzmh<5BvzoFV0p~pbvDF|N9QvOg(cJfpEN}VeJj=+m zS$HMQ-b55*MJdcmy_xrJ<*NGfqSZj$TQqsgi(=2TwskDZTg8Nhyi#~B;5ElxA_qwQqi+?pqj8{VqQ0h$HuKFpMW0oIMWLcUm%U9~IRj6%UyT_B$NB;=A#&XHxUa z9S;?5x4Yc@GSp4-VYjYYOXK@UOCI5GG!gDZGO_l^U;(E~8o$Sh*WUfVS4!gH0>L|% zWTKBwy==+!Hzhu9vnd}Bl6OD0-IxH*91a5G?7gfxi!z(Q2Mjm9JRZrFN65v2r~YE# zIeXRs-~2o1;w-D$t3*fs+N07>WsW(}0E?nG9j&1*`gcJs)FqtjV|Kfk+kaoIQ#{Fs!2yKu&8Y`~)xuE_XXrJ9>Pn9Ivu zsr_N`B#7M*ZVi;Yt~oS;$W$~=No?RJ=C#2#se-j6tAW{yudIF{SvrMcO}9j7dzifd zJ+?xuY{{D=@O5BzB`L<6XMceHe%gM~ZUY4GnZn{`ZRvJK7$SBJ!O(bGyF#;~PB=Sj zh?e)LRJ2zOe!yM8A`!Lh?^;&=eS7_?s{zBj$o?-3hjvz|ndv~v8Qi2EJN8QHL(USQ9u}LFAnZs;9FIBoR815N zkhg-zu8r4`GVXurPJ3eDW4oo%(F36@J*@UVP`U{2g1GbBRreZ&Ey30!`C%d!l8?S1w1{wD82Mu()khQb7EX_7EFt(dc6vj0Q&xB_3LF*2nf311 z4--?`p-zcEGInvA6S++pGs*N8-+AO8KG?N_a7kRe8KaZ9dgY9Qxg^PuLou&Hg^Y&_%-< z#RH1KS~gbwgpk&$zF0SC?ayQHtCthQwjLlaTHws=sH#Hxd`>rh)u`kSS5G(JT}k=e zkp~s|E^D24giS7+HgcpwpxKy$P3S1E!H>qD(DD0xv!lyuDt@7s&?Bz{4tFSCnHj{fUtBlb|saKGPACjCpH$( zcWo*Eo!|_x^~X+?SDXk~H&4|c2@lb=rw1={WGwntF0YOA+5aTr6Odm#?T1I14@f*s zJe|cITHb7JU40<+WXY(Hmob)67E$qqalep)4#9ov z+C2g%JXo!|PDnp1?Dj%T^gaVn=SG@c@8>V_oqF&)cT_HK+)=j`qQh@|p9RT|7ws;S zfs_#6OR?pQJR#IOStqO!wQlyahvvf~%js<%d{V1%Ai0Byo(D%a7M<}D$PE?AfXsvy z2vXj5?3iJrmBp1*&6lDNd5)mQvU!zK==M0!h|AOSPNER=t9)iMa&I)5w%BcK9k!}{oQ$A-Z=^z}> zr1d*TQ2`YBZN0TXu#*5v+p4OiUMyHGpC!ShrO8}JDsgS3?~<0bh44t0pSWG%sVfD9 z$^R*F@_jmf($>7prBdbWJJ!lIy>Fsf6A@z=qmwU~c=N8+8pMf4T*qz-MXgzNB-YVG z9pHzC7-$Om?16nMNe?mnBX!dXC7;-iC`D>;y)modBKSFMbkqJC4^EatpsWyGI=nF_YQFR@(Xc#WGlCF{BWW20=vb0_F)_Q5 zv$SA++mEH|B{UIYQJwEhH;;G}zf^0V1 zJ~P?i4_+P*gmw1To+v3%(1Y{nDB4W(3?IbqGqCVZ+J51>);PcFaG5>pmgBf%tiP9F zE>X$sN=k_Z6*v*tU$xL(zG0^Z|5{L+%STvGlc1#|7}6U%kqDRw(s6vD744>Xt~D&@ zP>N=?YPasH>(PX~4y|HCRSxhD_A#40<0?R)0;sBf7f~+QiMW~(_q&n9`E0@koUR?5 zPnDtS9`Mr4RJ+8SNjl`T8X(Wqr9Wu)Jv2$<^GV#}=BdoAR4;d#Rr90svFw*~>*A zcf9*4FjiY3FB0pNSdRzo5Vo10T|%xUvV-ft+CYni!4*z94yTO>Z+f<}1DCg*Rv6bS zrQ@gcJ~I`Wl{?D5221dZ&I5C4_6OH41sj07I}xOLwx0wT=?&vDsOJ;wK)63&yJ?>n z$H_s$$=jMLoGP_TIu~4YV}+__`>En64|1tzt(KfqZyh9>co7$L%RfBe={RymN|W^J z~``McPN23J!m^8`vJ(xPfOFz5^Db_)Yj+AUDDW?dMN@oFu4%@s43<&L@?=lqf1I3uxe+=Ki9I`EyW zqCUIP=G+4J*sm2uj5y>uo{siR=Zp)5@?zRB&{+ubXz&@i>GhwJTG}MptS?yf$8zi8 zSdJD|2mF-NFI{e)+f7xRgM>(*^UTdjL>*1ng{Qmc!~_o-XLS=3wsRtsX+m{oh^y(k z-9$fX4$FCv8zboXG3He_;O^EYL^x5ZSZ9K$MVehU-!0bYG?jiG&DhW1Ai860!HAOq zK!}~@e_zw~!l-OeA>hhY^^MR8ZF--`bskFeP$i_@65c679(TSH%w57bqW)E2$k*1x zl8_uma{6P7n=D)oXsTqi#P*}Ec32NGpuD}D!}38*+^TBVS7z6bf3uD_=`$25P8Bzs zLb7%z9|wr7a!6a@d(g_s-{=5{8KUZDZvjl{e7!5j3N#8g#fA&YpflH{rS1$@Wh-*Z z9H*tCzkX-1jdghfD{M$IVs~yZG_+9)fSwf+b1C!f($Fl^vF60n+3`#WJ-2yf_I*#N z2a%UFc(P|Ax=0mkM8i?AeJN2m(&SRIWyFt6Qe7FpVxlEk@DzWeua{JZEj`{SK!3H zy$qNGQ8?xJvF&@aOor~XxK;kZnUa~kG*x09^nUhSL<=)b2`=&!bq!vqjw#8YHtlO&sIQ)G+0d9?F|rU6S1?$!O~fxJ7mn-Tv(eK|K8-iYuE* zISBp-{_w_(vi_|O|6}ml*YKj2i;meZoD5?HAOHX+`xl8B?5*6nF7Gk_gDK;I6zM$0LF;wcE5wmTHe3m8gWBm-kri?--xU zE8nXiPQ???mYZ2Bt~tK8E7#P;9nD7lnZGVX&egjiHt21pnA3=&ZttB9%P^&IY8m3~ zmT=^ZKoc9mgP)5{F+F;n7xT1noU3QEM`tI-9=YN~#XoA?&URA{mfzR=ZO8~CcAS>? z^k;grEL;WS>lLB3#VC+PRF@%~MZdnjU1#{2wY_foiiSqQ1+zZaG~0vmoHec2Kln*o zSQuf054%Kg=iAv)fy+Lqt0NAxkk5>InNWuBAx|+4bv=H)5L%5ERRDg%>)Br+vll0>^>t?uC8V+vG zvR|_s^Vt`(G)HEjW_4GTJSFnS^X*Kz{mEv&?hf?j(=0nVzlzdb<#fKhm@xM4L!+U^ z;Jny*zb~k69$@_VhOaGPBVvmjB0)LPBfOVkCa~2~oB1LR8S1gprXbvv8K*}HtcH_G zOHOI(0m~)qJIqHkpXca(ycLqYm z_9WEcyWeN{+HZ+4^LJ0$*~35v?}$<6>F2iJs5Qf+@A6`BgvQ`1Qxq<&vo%`R-8r{Go>az*u-V39}Ld zHw~T>{99bTA{?^j`-_`<#G_*L6;rq{pi3dz!lG>RB0~7K+MD#be0#zrk%qWb-w%St zZ;L}ij|H57PEtG9>zRu)%b;bMhCc_X#yiWU(N8DFXkVK$HZO`Li7aQxYOZj5Q&RwA zU>uhR;h2!)w|6bpV&npwoI>B&t9?~>xtlT6%!Gk^8187Fk9Mp!=DlU<_xLwCH=wOI z79)saw^gup$`R-JO`qw)N3B;kDu<;bDAvaQzuv-8P*CI7)Pl(4DpW>CKZdcNe;lYWT4!D%2BP&BHA! z0?e6|2Yfb{p6|pzAZuD6c#VoB)#0z{2Ohyfj1gE7jknmHPDFDncGIa*q(b~yU>)?2 z#RtM41jp;V zQdQS@D1mi`NtYKjc0Nm{K8%@dRcm-KUAYkB*02=EvV4!&CK%XhjF?K7e}5nREFOn2 zWpt4&@cu!U@n!Y4uvt)p;#i`@m)3O0!lhvu$6;=IV4raUk6`uRI z^b!j1*>$$7eSwOU0qOy#Z9D2saJN>ag`=m{2jRvhw<=aWpr$O}0hz~Ae7w|Gn9 ztOj9wG$ryQo}OsCt6#Jv(RNJdGHTC zhP+Od4!z&7AScvgpN8kJ{CWH7;rYrJ1;a^#X46<=Q_l6fl8bFX=t?SZX=m3m_T~^h zpwpADMPXLt;MKk#GL?T;57=C9e)0}^SK)Kx(1lz@M_nX!;(~a%&%s>Kk00LUTjtP~tJn0=GHnbJx(+0b|UaMRDqiqo* z9b>;G0dgn^kib>aYEn{To`)&`($n{FbL7UJ4YJGWUe8jaJ~Vun9j|*XMr-y=LGkc& z>^BE}36WUu*)8r9gLQg-;-cp-iPRXpcD931$b?8H(E={TUMqCOPWRxk0w18h76qA~ zi*-3Qb~@+{XwH3k9#dNm1XaD3ej$wL?j_dDL?2q(!Ar5#`|OqKXd?Z{h5@fZnGtaO z3sy6p(+K8?Ruj`fFN?@BV%M!yuc9>2Mu4Wc%~Pt`ng#5s7ljdLngJ_RUhO-d#MXVF zi-lHWjVCjT8^3#YD0Zo$R)Ppiwcwg%S-bc>ey4BoVNt_$U*ZQZE?+As;kst(Sn3V@ zesmttaRn`S*c>2pxwE~vAsE&jR_=MawMooV;&+LA4)YGkm2;M?&t>tX}S`UjpPWI_xNJ zg~9rMf+22gV*M=-a@1O9oeu($SB=(!k0`D}@!s2ShRbuh{YV3)KbBTbAHQ9Cxwvl% zUv08+eu5&Jy3~GRBZHB<=!B2#*rBf@e6EQsk*M`q7VR1v z&KtFcfFcN?*3GT^*N{w{HvOj=*AEyCkD^%{Fl}F0jWEQfy+VK8i8G8`c!)sjXY1c$ z7Mj)?H{Yf<#}{Qa8FL%s3_#U*A7fQg))k7m(?_c2OIH*_vl=y@3~l4)C~PJV5P-o) zZAA6;epx5db{{|n8xKi!&wYii5!4PzuQBe+yehU{1>fIvg1jx}9NF;r2)8MNDY&E< zhin6|qn=U8+#UsxBQU^sFJ{uIiKcoUjD0~ZRST<=Ds4hr35!muv2-qveZ6!>S!O3n zLg^Y@Om^A;>*odpC0Pu^7LRb@>rK|zYmMhjI%1w!-rwV#&_D;lBSA*CxC$J+F?hOpTOs0xFQ`XB|Xh7v@ zDm>dI5Iwx@zRZnjYz0YDUvdlS!=zlFqSWsRaF(rW6nPIbm7*mA47QA zdHQkVnp^zU)CUv|K=NG!qb90v`G^#)Kf93erjCf&HD3RliH`B;d7va`9q_I|DYUd| z`Sk(A#eJFDnv@_7%KLWgrtPl-3Q9=-ZC^u^ znLJ7rcJBP6^Rdz9zq|mPOd>&V{QFQMY}$I$_Aqz&(XZfqKMDoyC_1i)DYp^>igqk? z`aJ(qtThD}UBSzJAzqE*`85P6hjtrhNVB=3#}|L2wG}fCMH&>?-+ld{VCn4la^u(U zs;nzTvUe^)h38a|nu&f2*YwR)YZgTEgt#_id#sOmb9;pV zo?o6Wh%@#F#L4;MiDvslU!GYXFB-=YE%mN3BWz8I+MljQk62md23^uvPRCUYy72}P z{%l})@jTPMFjz>sO6NiCX_QCG1PNKI`R~j(pEVp?US7S4ezlsEex_Wp-j-@^U-j^( z5_)J2^2|%f!=4p0K&gu7Jk?>UBY4VRxutxg2>imLCvN`6Vw2_Yl$%(X`}|tqd$*ZL zh}Bj7T&<3wAf#>9eQ7P`0k@MS~Sdy zeGaQu2!<>K{?gO+1e&?DMNt%`p&v(afzWlyhF66L^R-&AhXPhfe!NF0Yn96?9Xd%_UYM`W{F}*fK zeq;qsxqbg$CpYcGUM!`MuCC%Lo`C)Fq2WU*$!~w!_%1H&zqGqvTzHP>!Z?`w1f72Z zJYxQUdb40A!dLQy4y;C-*`-YpsI*9t7`3Css1R$el&H;CvjktoeQ2Y_04?$uVP_4V z!Ek=j&IyJCogOI{znkL;e9h^{R{YLPW?3r}OMY}tI^p&mL%nCtMgX;8DT*&J9GxXj z@O(IuPL(@qapY`g^$EB3M{N_$BPR&sdX6KA^b5Ri0J1m%;vIY1oLn-q=ahY3X-yKM z@>)UM%8DwmN8a$(Io3u?GVCK&&fVFRhI962e$u4c{R>Mk>_y9xX8+Fzxu=m$A$V`4_p7wWpW&9fBm)`b^57A+z2vj1?P^s z@5u=tKgcX?6jes{3-bT**;;p&Ngb$dOFwv!0#q&uCc|Y-8!zGg^ic^6xvudXTzWfAV?PYMzNzE*&SL%zJflPLZq z>`ErDD_;|okfydt>ffXbP6sSh!S2=fJ7puyBbkQ*Ux>e1^&sb5Q;-{!1-_~Bc|L4N zaz9{hu2(Wo}k&C=XJrCH>#--kewGyr%oU9mNF8gTqAGat6*Tk zbtd`*p6@t%vYb$*OO823xv$T>d`fj%qQ>AiDuEP9$E1Q(`}Dd>LHHJLFHCNz{Q^FU zK@;z+;I|!=Hwf)2Wd+gmKxqGLs_RnQWRMQ$+NrLEOCdx zAnj&VHLa1OW5?Ko`5=!$Y$ZyezL7F!rP<%B8+-C+0q9vm4uObHPnA}ea+`Wz-;1m3 zX?DT1MA_KYJ$PJP96qc~S5wTo9@EJg?=>?|`ed|GKF=pCI(DJ-Nn?Y}z~A+iuz<=< z``sH>s@l}KIT?%Em>1!cB|UjM+V&(wfwhM=5JM9k8h^I5j8tP2 z9hqC3kkg@*5gezn@$@u4a(Y2@ey|uRZk?T<0(bp^^*$lB&H0L=hX6^!28@Ijac=JF zJ>6ZFFSwKvU*2p3MpvfEhG!P)xFkZaU+kUQ9X7BU>C8mEOaeFfX8#dJ;Ia1kP2il# zCSwe&3mm#4@aoz`pA|hoH#+iyyT-Cc6=iq+KK|7gwkBYDwqQfT6HQBNW@lM z#`K5dp?vLQf9X~D@J(g2DT3lXo(6top3$0j%hvprmNbFIyQU~!fY@&pi&hX8Iyk5> z0Y-aVsHyq6TU5>WEAHfky*@8RCGW|``LE6uTpAgHq7e4e*wPb%7~U(IHHIZvE0@hon9SwYm+q2|N-3Lj z8~R%v8Kd<^@LaZEx{2O-KSA0RTeTL!dKsFR&I7zsW~#ikxiIHPt@<&JGJFP81WV&22DQZ?UN)_!TL{?AdTGgc=PDfp zH9y`$#~(Q#;36D{SLd9>%*w_0(s@wRs*jlBE9-@x%Zrj&YUppSxHwgtuhb~LPS3BO1 z`M%0u7GG=Xa0swM(=4Hu29F8`QRow{UhX8gTyJ&RE}f4_VOiW?j-t(#)DN@v{-{7U zHV|!lTH>x@#aH(G@0Fd3Cugo6YQS~n-p7SGsB=lQ1V07J{<4LuGJB?B)wKDB1bBJ; zfKPD;h6>nA>PlqS1rTQ2G~JG2m!-@9I%KEN<&W-<#VqLH#p@>NU1_BR^J~tAqp6|T zx+-hT`pXr7TVlt)!&S~L4)$PBq1Socu15Fz0SJ_GAXmRjLFS>i*Z7u`LE^n47NjGt za(`;24BmS$7+<;~tZx>YODt#E+oWYT{LcPRtTe}2`5xiiEHw0X8_V7-cy`Qx?-UZc z5uptl9x?Aeg338{_3E6YYDMZ8#<^ZOl_a9*P%@rU-)a6i9sQ_H8+Lv#mmDs8K*=dHJo&yMG;ZfZxI z26nPmOWW@*H_aJblsmT+7A0S1~?$@ zk7Z+%Gs8c!{SS-JW=wyb0RLBQk^k9?dGoam{U0X+S~9rV$r-K}xUr$##sYP&sK8w* zuUbEiApHGVeSKpuYS3hTH}@8|LY=wU4tjrfAGTFh7^|RCwMT#)z{1Gjp?!%l@A}H{exZn|3oU6t6yAP_{ZUQ-Q8(MMv*lbJ${FdDGXjY?87YjjQE-hG!G4$bZU7C`Y96@jHU2O`kD#4lfdQ=nLPnC^c=gEO;xrb=i0qyS3w*X-Nu z_@a8n@V|`*@0ef97Qxz|Ph@Xi8ArX7yvMmQ_69)Wn}wz#CzH+hHqAa0ITY+n4qf7> zOKy+!{BAv(Xa8$D{L8-Zn5257&DU+U%(;ut-<({J9?o4+lC52owpX(Oc)>;bD7%0T z1Z9W#J$~{`5Ij>^&w-Ni<9^yq-@>5%GU%1J-{rICrzS}nzk!&z?HgXLM;EV|3(wh%O#F96Li_RvR4YGrJ);V;M zVscz0u{7)zLSC- zP?RclvjlS5eQfxF6($E!)49aON|doLbRZ`uSp>07;1$86>>Rbdcw(5UzMTVWo#CHl z!l01&@7zh+2UMe!c4M>^c4S@nv0FokRByK*RD@CVT~V#;oL>-3DOu^Dh0k(-v~mPg z>bGpnI^EVqn?3v|B-mf=b_oi%DlFZM6R9U@3VJRg+Pu#cAhzt#;rXf;Eb82QOH0ss zeE8>99}$~&7xdLOu&vdkD)2T_U^-u;T7Js)dav4TnLz{fIV><}qP@}#4`PJz-gsHp ztJU^W7(YRl;7eUOf~E_lAFI56WDLX>3dBL-6dLnPojQes2fm3QoYV_lKBX{Sxb9>$! z`ZqI(zeTrS_dh;`H`Y#gZ(=Cl8;*Yk-(k{mm3$*4yqaB^{#Byt0Fe(e3Xfs#(ShuU zmEJ4bjP+u}c&35!Gk<jW*E>ZF7$czzyTPBtkXJBF!1Zroa6nOZ}DqTG4)PLXTN zsp%)bzlX+QmNeIIZ@~uWy?|We{!{ z?z#t=N>|fZr?xe4%nQ*CF;52GLmv~_NRPcWuaCEfqiyPf4NeR&uT!*F+X(P|Ud|Ho zsC$3q*ke*41rJ3^k`(yFQ8o51#!@!G=TADomj6SNTl#k%DQ?coVFh})k}N%Du~I#z zo-J9iq5{OGm{?f-zJ`q!8lw{l5kr4LJTVN?F+col8OliUAf(gp_B9I~8S$K~Lln18 zATKnBfagguz5C0h#+K?_O4+VG$8--)2SOB)goPJbn%L=l+Ut)((}fNut&S065pGO) z%myg)0V)loC2k*Om&3+v>u+xxYs%leG}cH>*OeNl&9juGZxl={9U$1)sWmWdXY5EK z`Mg)+WDR`2fbW*nnq=&;?W$=$u>d0*Dy2fKVy_Oq_-dhO*sP_iDpC!TClum$p~MXzgm=F9EW$xNqjIv&`!KZp zjqGONixQr>8%Dxiioz^(|7nA|*`yQT;7lvP;i(_K#@RM-gw0F|c}#WyzI-TP3|Z~! za>hmjHf=Zy%0B))xIiNu=a;6gu~thl-F(u&NU9dBb*`)rvE=L&3K^rFzNjqu22YD< z<#_Sz45E{4mp z@?(Gu^q3Uaxf@D_t)`mMNzIp>{26)PO+sXnt%%}nptA%m7&XvB4{HDCs8N&jT2-%2 z@kTj-xSvh6``=Wv8Q^m+a_dwj@MJS=E-1u?R9se((R02j<{D8^R?8asOwTjVCvw(4 z^1YrIr|*YsR#j?a+ePuLRF{47CpM|=Ng7qT%6RhMM0)Pp zyjXqli5*5A3Ve37%rW5qkkBkuF0Aq-xTVvA$@Nv^uA{X-lm|E(T}5D_6NAWisb}!2#Fdo!0*joAlK4PLBbFjMNJ*!Wb( z{{$I*kZ~litW;8;tdbL0ZYv7lo?4gF5brO)2_ZZ8YQw=ODh5a}dgErt?;htcM-j z3t)_fi{e-hfvP{}-uvdqJH%W{rlKg|{kra-iH2q6ZsA^N1Sn>MGgUR=-hzE+i}O9o z;}bWbXRJ}j?b-VBkpdd7^49ar=gKB8rHi)svu?5FO^sE`ZkJ<-=uOSPKl+3+H4>;T z5>skna8YG&p2h`PSk=CvSGhVMiZ&K7?0H1Q$@e;|vn`R;xtVNv3>py7fsbV#! z#3dch&x*LfvurI9h|pnDfGg$KJZs*7uM=s)gntqdNm+lUYG;1cz@$%4uMz66c{L~s zghoX#^6V-;FJlqX!Si`8^UQt}bj6_Vumt3JA}Gs~je%>3+&gzXUe$aW2<}wf=h*n+ zfmQS%*Iol4-^}8e&uTr)WFTw!0G)?&8atdd9kd&Pmd%COew#lpiPuXNRFQE;eLTtG zH|CWs3bGDN=u1xW!zm0i5iE)M%khHvg}oJ<_vUp^(O&@afiHO9+JA#8EqDwE->&bJ zXd(COvr0=}-&{g7i#Ra5Zd0BP6&DF+6x>7Hs{;`fO!IiBTo+7yVHtRDGQ5yag!xvA zzyd-F7mqsRVY|!qUl{f_J(a2E0*SAEJVNgrP!T?Dt1U#UE45!e)_B|hRyDNbcnBl7 zs7@HqtBK$|%zw^rH|0j~@!%X#NpaJ(Erlc2$S|A#<@FC`)W$b$56jN2y$(B6Zf@x2 zFuxZGEjZ_mM=a0-6VkFU)K*-&WgW0Ba_U`3M*hm(#IqF{QK?;JC;mj`&@F!+I+wo1 zPP6evqf<^ANP;1H4~R@Qed}r`sfaw=G(~q-v0T@>NAsq6(`i`GXlLcEg!GRi$y`S< zGc#^(%Q~-Dm`&K>lC-a}H+}1b=|Bc~M?T`@C#-w*QFHC3;gvYKTN{Aol77_a?Rg*Y z=VgrsN$rRovhZ)V_{O}W8+7U_II)r{o%b+Z0y_^1c4l8ng&ohNyuEJB*>KJI20qI? zNhA2MNUcY|3k0|~E!UIvAXXFYTKqmV0N%nEpB`QgpjPCTENwN%;XBaXi5$(TqT!l3 z)1syRaYj3}@s$5Vy{wLe<9a{yPz|B`MO)0|=U2D=58J_5H{X-r&-4VOnT?yQgyN+( zaG+$L9s7Q~)Qa1tr8bpLKM72QVw};@ck9@#6N@o8cL0I9(KsoCsVNJ zz^_&lnzi=RC{cO7k4eG7gEM?*iD|WkgM;yru_4uoV@);)*897IqA={b=OuG1FBcG2 zdq+G2A^L4A!PANr*VVM-mx{DyH#0Y|LJ=cSk#iLMRxA!%oka8`E}U2Tww9R_*A;IO zh}7;pNV^v+=@91yG*L`K4z^p>BumRh6l4VNz#q}~Cdi*ftwc3@b-^oRUAg)XU9@NP zl!SiTw(CB*82hADG%F6;ywBN=H@55#Q_&7TjSmR#5v%a<ebHBl5z#5PI(ra4KNJd$g#Ff1};`{53~<)1q7JCqi;*X)8v#8nZ08rkc4c(*gq37 z8@B*RUmBV7lKzN`o4(dL|LvPbJk!2RBu;e^XL-wz&vK5pI)!_hm+vG6rNu<0GRTa= zkKwFxodvR&qLXW)rBRZL%-Zh0jnNmqeB&j4o5U9*!upzkO4 zVsA#*o^uvtnldNQH!97 z`y<$UR`sLy4)hz9X>27QxL?6hG7VR-%eCk7ZStl9{|wGsNsoavNfT*USeYw12EB>0 znYX0icr`^s+*5%TiQA1=HrPXt8~Ob5mAAN==yHai0Fu6GlR<@K64~0vnyzQKbxRgz z@#IYn?Pkx}QiY)2NO>+2;+ht{5py$I?vN%lZbt>|Au<_k9FjjA61w&&6{d+v#vgss zczU>UBPg7*&sLucvr_jqdZm1t><_CGp5EIL56ly5VcTmScOtG{I((7EeB_W~cg22- zjl?vcgN_wl?wjPO2yvu%`lTZD&nq)iYlet;7c}oqDul3nInrKtRGL?)k46emDUhzZj?>(a9 z0vs*bE}?XdPso?H;4(TL9&2%PpXm3WXm)a2m7Z)wOqhZFxYC8LGEA_9M@#KV zk)OYH>#PLbdp#xCfY+z5cgF-QmP#E2D5>T+V`)3~?0sU*4k0o*xu7_P%BD z^Q*$f{qZG}|H5tiEsC>JqLfg|+^gF7Jz3b$dLWEqHOB(jw713GIVi@h zmV9CO{U{1e&>qdt%U<1S``I0(u>J0Z1L_`l>MVeBI75%YD#}B7Up-6)P|R^_6L7R> z@MukBt)cqeU^!T749GhFkzG{;}gHG4!3*EETdz$#j5iTo@V%uQt zZqRR~umCQbHrFlG9W*O1F0KOO@KJT{hNc!-NgQ>Fwl%u`_vJ_8U0n@$RX$1jVc+Zh zYQwD}HX=slx~{vC8-V8J^`UrLjusB+`W{r)UMCCI*@DLWk0&=i$_zOa1J&E+{?cTI zH+!}xTh4F8e%a)Gdn=@7?3FftnWFV?wp4;6$uZ=gNB>Zjj=lfBQ|dovr+IgAmHqx) zt^6cD>UE(Gi--RY>~dNi3Y$hld-3f4djbB7y<(S*|JtCxyCCew{)ZUH7q;MV(~T?w zh@C$peJ*KGt;e?12n_wNh-nJc)IRZ>)#;x=9%7<&W~Ym5cx{g8NIvo=%*wVk5Z+TQxgNm>X<;cexYG*nYeQ+|||IJY6XVdvZ57$3i{(~;)ac|n7UCMU?|NAK#k$XK5%gC{t&zrGEi zw1e538z@SDbn-^}F1YUW9o2C!U|?>bWGIxLd5z-CPy%_^g9j*nnfF9bPw?*-7aS+L z+MisrGX11^!y3Jcct9bjGT4Q`vYG3JdFX6y{Pm{^Ko;C`a2L=p&y%|77fk3VLDbz9 zVGCRd9(5tIfy)p0BfC4j;-c!5P6h8?$9KF6{ieg}+)ElxpubCixyt5zE)s~4kVFghsKc^ zybXR!L3Z7x&!NYW3%wkJU*hfZocQ>rLQ|}6)unAo=>V~lgR|$6fTi18EZ?I+&+Bmr zBmudVngrQ2P?Fy$7*r)c{aIG<(!OIf)PwqW5z06iT#o({cebChj_?jT zZB2(;z7_M4ZK8RTieB;}-3lg91SU+=k9XFE!-n&jl{1(qcj}o^c8U1v%wI zGP>XJ1bMJR0@w(=<8%B;WKx0$620BV%!6)zdiy+iSh(}KCZZ8ae+Z)WP0F5oXEa(V zEl%+P|D39Yn1Z(2^4Z;(XnOPB;rwEg@dId%oQa7(c$_Pq$orHc%x9f++qZHhT4#J1 z(}7xTsy$e>9l2tfj99@Wceo+U$xI!*NY>Wm|4Cj{0<8X2gB7NF8U8H=w-M}S$s>Q4 z7UN}VxYQ-b=(kO&Y8=E~-sgGqgnF=Y@b*&q1D+6YMK5=Zy6N#zJLcErH|A=dHy1CU zAYB|PbWBz6?Ptx)E*hD?Q!^9#CjXT0@R(u?oNxDz<>a(@xUaeb+1!^r7$}8Z3if|9 zE#BTb?EK3A1GPxS#}i=3Gt&%*G4Q7sWS~P#aw_Mk>qs|V=+(bD3CkLcDy=t9FdOZ@ z`P6yx`?rR)qjgZ**odh1bSz85SPO5OxmtpjkrxLIjpK_zh!dw+fGi$DBx=qga#aQF z_PTl`j)&I5s&nE=dAjtYcPcp%zpiD$2LqUg-$c`}t2}^3lviC(Zf^1l4p*Fa_wbQ& zYh&l#=Ai0>5^FDJ4@%wE?{5Ca@5er$E_vPwi)GkxNOKj~-AZ-ENvoX6@Mik9E<2o8 z4buD1f3!Q^9?o&S9?eU)He0L-j+y{LB`~$TOxl;$)w|!CijQtdiYFwQ|;U7&lVMvJ27X{n)f}STzg9C?S7d5r0y<$MCh8^oafT`R2pK( z*rCd%RI+~K!A?vvJr8zpn-|5!h>S_~b8MJ7!XqaYG{(3sC^*dJe1MD~JR%dz$OUCZ zXncCsd~;fI5gf910QdWn-$)rML<|0~Zs3W5Io*8BU48Ubj=;cV<#qMD zEzX(5rO1xmX}3D&|M5PO6Sgu)z7a%5Ow|u>=ItoWRUVIzB0U!1Vp;rZHnObRzG1p) zcSGs7+RW-h?~lPXvD+u{5llJsV^S=`MsaOK=VI?9+RvT_A8E#?pKJ5!Kb3Rk?@)MM z+)}2PAw<4*D)Oa4_UzersW4e5F_^KA>`YRY>?He$5y=*VX)GDLLZpm+-(w8f2GOhX z{tfRB?~nK1=bq=>bDw+eIp_JD4*>&Eaj(}ML$UwcSA`<0$OpZwW6!w?-?3Wb#3#xX zj>~HV7$Ciu1IOGLm0@z>Vfm${vc;?U?Jd#Y?go?bMMmG@&*xgL%?xcStaQabrcD&m z+uM>P4B?NfzQ+mpSj_pEI3&9+8Tn7}s5{?hjN8V^oLJw1PhxJed#NYD2yHjC!z=yr zADKgPJioMJ=Q;z`(T9Vh-SN166(b|2R#IEZ7YXRP@d&a#^i7xxC+C61+nG`8xbnjs4{?# zx>8dw$APM?*kb4lwtg>rDaST-n)EdH#{J`kAcv2?Di#p9KG%!TQ6@XdCyrJ(hOzRA z)l25~rPaL3HAj9uN7yh&598N+Y}y?VU-#+UxuOfB_D5G+b z&aY!jMjqFcI&V1yVQ(^MrN8)2*0-S-z6!9Xh3`3Ma=s;ZI@Ik%W(yj;n+atZ9kRRL%VRy)e^U02~?1Zn!)5SF43}W(>%jLb5 zk7r2wxaOIs2^8V0OJSoj?g-_>y>TrZqgub^t-cEWr58JyvtISoI9efZV+}RT>cjcU z5F5#aHjq2SVLX_FRWcK|XRG3gUG0Z7q$x2_bzkbkih8J#nksoiL%Iz5+JmWs-Ct#$ zeXXG2v+IR0!Th#hJa=AQKFy_}k{I1iIm9bJO--(vQWuhYx+4igH?SIEL@dT%YKB;2_qdoFVzr(FIih!Xp|HW9bi6g3kt^1XsO!H ziPtLh62GuGaK%QwV=QVY1%Q!~*s9AMWve?0=D2#8RN0X2akWyk(P2Vz3i3rG%3!u} zZ_j(R4<=Q0$W;6~@#{-ny4ca)@BXecvk!QqDxNUjE?QA&YB{njl0A^IhKK}*(s-tnh)w_)3n&{iC2xyPf(c{P7HATq zU30rTlc<80f(cJm$Czp~xOE@QbRU5X20?i42_i^h$-YHRvlkGwXilW68M)~!7Lls= z^DHfrrPPkTVLkrw=6#Tn=6vA!^sF}7u`bZ6*&MYrw<9xWQ>vr7^ss8m;7Xdf0az7` z4ogyEwN!_!?9FH8O{F`xbl~PilbL9>bA=A${r>s6bIVLP%kxkqTiNZ^R1A5x9>&Z= zZt_}`Qosc#qc+dwW{MA#d7MEWFBxe|r&EZEKaAL&nsm3LhNeHeH2fe+2Zp<48VLuQ z*tQ)O=5Dpc98sFIc3ZEX)Fa1t`e8dkuq;pT(RFlGFJ`Ck8jm&YIcS*pS{~9l=h+Q=PImdIpa3W_J0ipgmF4DFSH6lr8aJrs%c7 zE{)bWvGXJPZH`R*;(`jYytAB4*1LU-#d1ATPC`=2Z!B`XTqLm064uo-Qrn1Dy&Vbf zlR!L)kJ{khrVzn|^aS*DJh4JroKWO9uD)F5I6jWq*LpZ=wjKepuJa5_A~$?RjKpYZ z1=l-)22)eBKlRLS%T0Oay-Ng#h5`e=izr0`UB2LhYHu{$lB6n6Ehz|!XGiEkaciH=&q0fasGpLovL5AAg|iQy$7+k6WMmJ%3W4v7Ws8dySmmnt zGxF%~9Upm-M%nrVG?qQLdM(~Gx|D&CzaMEm%vebB@Sbf>P$So$G~e4nL?(m#*zyUd zOw6lql-+P9%E{(*l|!H(3U#7do{k#T$)~WnJk=DP$*luj2Z#zP_=WkTCe2#xT1` zog|0U@*&&Ta6ry8YI?r1ytH(t_ii^Em6zYOuy9Zae(&oJS=pTP=K!YrkvotZ_H>`K z18hd!Cvgd1?ND)3A$woSJnSNKEL#8e`p(y_&cZ|dm!6TEDvq|aVxECNe7I{<*Ji|{ z_#}p5$pl>*az?!!kM!BxdF}D=ifVLpbIlf$|Mvr#{!!CMjc;J5UCZZd>LVj!{+vp8 z>*6WzOLk(*DZw7A*(oWE*Dd-}B%HA>^uK#WPO16i1)iPq#0VGsmyqx2|C=yVu1LH! zdq?4B9^MVk_UGD@4y>*AZZPnHyROv9RzHII-8zREeS7b3y=kDp{HX#w(MnD!>bn=3 zXamuq^aC*sW3^tV>+j8Xd+^L`YY^N&^64wPkqikJY6v}nR30AmvvhN`mXXlK3l?|4 z@A(E3cBr?Q^UVoAGQA-y@2{8*jisf=cdLuTNABarVviVG+dgZ0DA5w0C^+~>`&hG( zYH8itdwtz#1cm7;KeKD^m5w&ohfY34NVCG=;#preCM<26a{j78(iC0n31Cs-&c9TE zE&4LIpowDaX6-P|=}$Q8BqfR^jAGI>4%+zN{+^SFn3%s%GeR@@K@$qCcN=zsQfmg< z5gv|BA~%2x5i;zBpQ2S(9Lqe6{bpJGEH&&%zD8U~$a{ieSGHs=62Sb3Kjj(Zkxbc? zrM7jkLvVkla+gQENl}NR*t{;U5vigR7v?knC6)yw?-RhOi zk*KcAGfxWT-SMON2>zH?psz4h0eb;0xIbieUm54Grg3fDB(d zW$qB!qg-io_PJLkbJ9UXbak8HE-*Y18s4m!mIz#xZ3XRU*o#^Q5!V*?*XSjX=3S6Sb;Y|2Qym~|=~=LS6t`>|-pzT8fO%_t%*qDdpp5i=iZUoD0; zAJULRL#a>tl_H(*<5sWN4$!MKqcxr8hkKK-pw|c=UbLI>^z+N#qkmU*nUj1=PNasU zlhPs#5XK~QU8+D}!Pf+LB5AG!P}0!Ex^+52b?`$K&?4;g3Ix!r)JQqlFz=`|nVHmFM$;^-u-{- cUXE1T2lDa!DfO8rG^$j3TE?2?x9p$%2dG}(*#H0l From 7ec9a476c251da24fd127c37eb83ac99c716f001 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Thu, 5 Nov 2020 11:12:46 -0800 Subject: [PATCH 24/26] updated text --- .../tvm-zero-day-vulnerabilities.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md index 2b690a0a14..686123f367 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md @@ -72,15 +72,15 @@ Look for a zero-day tag for each software that has been affected by the zero–d ### Security recommendations page -View clear suggestions regarding remediation and mitigation options, including workarounds if exist. Filter by the "zero day" tag to only see security recommendations addressing zero-day vulnerabilities. +View clear suggestions regarding remediation and mitigation options, including workarounds if they exist. Filter by the "zero day" tag to only see security recommendations addressing zero-day vulnerabilities. -When there is an application with associated zero-day vulnerability and additional vulnerabilities to address, you will get one recommendation regarding both. +If there is software with a zero-day vulnerability and additional vulnerabilities to address, you will get one recommendation regarding all vulnerabilities. ![Zero day example of Windows Server 2016 in the security recommendations page.](images/tvm-zero-day-security-recommendation.png) -## Addressing the zero-day vulnerability +## Addressing the zero-day vulnerabilities -Go to the security recommendation page and select the zero-day recommendation. A flyout will open with information about the zero-day and other vulnerabilities for that software. +Go to the security recommendation page and select a recommendation with a zero-day. A flyout will open with information about the zero-day and other vulnerabilities for that software. There will be a link to mitigation options and workarounds if they are available. Workarounds may help reduce the risk posed by this zero-day vulnerability until a patch or security update can be deployed. From da4a82e411825fc8d1547cac6826326b47c6e38b Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Thu, 5 Nov 2020 11:18:54 -0800 Subject: [PATCH 25/26] updated descriptions --- .../microsoft-defender-atp/tvm-zero-day-vulnerabilities.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md index 686123f367..d35a04e615 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md @@ -1,7 +1,7 @@ --- title: Mitigate zero-day vulnerabilities - threat and vulnerability management description: Learn how to find and mitigate zero-day vulnerabilities in your environment. -keywords: mdatp-tvm vulnerable devices, mdatp, tvm, reduce threat & vulnerability exposure, reduce threat and vulnerability, monitor security configuration +keywords: mdatp tvm zero day vulnerabilities, tvm, threat & vulnerability management, zero day, 0-day, mitigate 0 day vulnerabilities, vulnerable CVE search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: w10 @@ -78,7 +78,7 @@ If there is software with a zero-day vulnerability and additional vulnerabilitie ![Zero day example of Windows Server 2016 in the security recommendations page.](images/tvm-zero-day-security-recommendation.png) -## Addressing the zero-day vulnerabilities +## Addressing zero-day vulnerabilities Go to the security recommendation page and select a recommendation with a zero-day. A flyout will open with information about the zero-day and other vulnerabilities for that software. @@ -88,7 +88,7 @@ Open remediation options and choose the attention type. An "attention required" ![Zero day flyout example of Windows Server 2016 in the security recommendations page.](images/tvm-zero-day-software-flyout-400.png) -## Patching the zero-day vulnerability +## Patching zero-day vulnerabilities When a patch is released for the zero-day, the recommendation will be changed to “Update” and a blue label next to it that says “New security update for zero day.” It will no longer consider as a zero-day, the zero-day tag will be removed from all pages. From e3f5edbb9153382716bb69fdcf47a042550a903e Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Thu, 5 Nov 2020 12:13:38 -0800 Subject: [PATCH 26/26] new images --- ...> tvm-zero-day-top-security-recommendations.png} | Bin ...e-software.png => tvm-zero-day-top-software.png} | Bin .../tvm-zero-day-vulnerabilities.md | 4 ++-- 3 files changed, 2 insertions(+), 2 deletions(-) rename windows/security/threat-protection/microsoft-defender-atp/images/{tvm-zero-day-dashboard.png => tvm-zero-day-top-security-recommendations.png} (100%) rename windows/security/threat-protection/microsoft-defender-atp/images/{tvm-zero-day-top-vulnerable-software.png => tvm-zero-day-top-software.png} (100%) diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-dashboard.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-top-security-recommendations.png similarity index 100% rename from windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-dashboard.png rename to windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-top-security-recommendations.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-top-vulnerable-software.png b/windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-top-software.png similarity index 100% rename from windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-top-vulnerable-software.png rename to windows/security/threat-protection/microsoft-defender-atp/images/tvm-zero-day-top-software.png diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md index d35a04e615..e0d5af00f8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md @@ -42,11 +42,11 @@ Once a zero-day vulnerability has been found, information about it will be conve Look for recommendations with a zero-day tag in the “Top security recommendations” card. -![Top recommendations with a zero-day tag.](images/tvm-zero-day-dashboard.png) +![Top recommendations with a zero-day tag.](images/tvm-zero-day-top-security-recommendations.png) Find top software with the zero-day tag in the "Top vulnerable software" card. -![Top vulnerable software with a zero-day tag.](images/tvm-zero-day-top-vulnerable-software.png) +![Top vulnerable software with a zero-day tag.](images/tvm-zero-day-top-software.png) ### Weaknesses page