From 77cf796b8084f146467df02474ed14b4915c0093 Mon Sep 17 00:00:00 2001
From: mikolding <v-mikolding@microsoft.com>
Date: Wed, 12 Jun 2024 17:07:17 -0700
Subject: [PATCH 01/24] Learn Editor: Update
 updatemanagedvsupdateunmanageddevices.md

---
 windows/deployment/TOC.yml                    |   2 +
 .../updatemanagedvsupdateunmanageddevices.md  | 143 ++++++++++++++++++
 2 files changed, 145 insertions(+)
 create mode 100644 windows/deployment/update/updatemanagedvsupdateunmanageddevices.md

diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml
index f9b8d24681..5daf2b7ae1 100644
--- a/windows/deployment/TOC.yml
+++ b/windows/deployment/TOC.yml
@@ -13,6 +13,8 @@
           href: update/release-cycle.md
         - name: Basics of Windows updates, channels, and tools
           href: update/get-started-updates-channels-tools.md
+        - name: Defining Windows Update managed and Windows Update unmanaged devices
+          href: ./update/updatemanagedvsupdateunmanageddevices.md
         - name: Prepare servicing strategy for Windows client updates
           href: update/waas-servicing-strategy-windows-10-updates.md
         - name: Deployment proof of concept
diff --git a/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md b/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md
new file mode 100644
index 0000000000..da212512ce
--- /dev/null
+++ b/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md
@@ -0,0 +1,143 @@
+---
+# Required metadata
+# For more information, see https://review.learn.microsoft.com/en-us/help/platform/learn-editor-add-metadata?branch=main
+# For valid values of ms.service, ms.prod, and ms.topic, see https://review.learn.microsoft.com/en-us/help/platform/metadata-taxonomies?branch=main
+
+title:       # Add a title for the browser tab
+description: # Add a meaningful description for search results
+author:      mikolding # GitHub alias
+ms.author:   v-mikolding # Microsoft alias
+ms.service:  # Add the ms.service or ms.prod value
+# ms.prod:   # To use ms.prod, uncomment it and delete ms.service
+ms.topic:    # Add the ms.topic value
+ms.date:     06/12/2024
+---
+
+# Update-managed vs Update-unmanaged devices
+
+---
+title: "Managing Windows Updates: IT Managed vs. Unmanaged Devices"
+---
+
+**Request title**: Defining Windows Update managed and Windows Update unmanaged devices
+
+**Generated text**:
+
+------------------------------------------------------------------------
+
+---  
+title: "Defining Windows Update managed and Windows Update unmanaged devices"  
+description:  
+author:  
+ms.author: v-mikolding  
+manager:  
+ms.date: 06/05/2024  
+ms.topic:  
+ms.service: windows-client  
+ms.subservice:  
+ms.localizationpriority:  
+ms.collection:  
+ms.custom: QuickDraft  
+ms.reviewer: thtrombl;arcarley;royork;sumitav;kerick;maferr;v-fvalentyna  
+search.appverid: MET150  
+f1.keywords:  
+audience:  
+ai-usage:  
+- ai-assisted  
+---  
+
+\`\`\`html
+
+# Managing Windows Updates: IT Managed vs. Unmanaged Devices
+
+For IT administrators, understanding the differences between managed and unmanaged devices is crucial for effective Windows update management. This article provides clarity on the terminology and practices involved in managing Windows updates for both types of devices.
+
+## What are Update-Managed Windows Devices?
+
+Update-managed devices are those where an IT administrator or organization controls Windows updates through a management tool (such as Microsoft Intune) or by directly setting policies (for example, Group Policy (GPO), Configuration Service Provider (CSP) policy, or Graph).
+
+**Note:** This is true even if you directly set registry keys, although this is not recommended as registry keys can be easily overwritten.
+
+Managed devices can include desktops, laptops, tablets, servers, and manufacturing equipment. These devices are secured and configured according to your organization's standards and policies.
+
+### IT-Managed: Windows Update Offering
+
+Devices are considered Windows update-managed if you manage the update offering in the following ways:
+
+- Configuring policies to manage which updates are offered to the specific device.
+- Setting when your organization should receive feature, quality, and driver updates, among others.
+- Using Group Policy (GP), Cloud Solution Provider (CSP), or Graph to configure these offerings.
+
+### IT-Managed: Windows Update Experience
+
+Devices are considered Windows update-managed if you use policies (GP, CSP, or Graph) to manage device behavior when taking Windows updates.
+
+Examples of controllable device behavior include active hours, update grace periods and deadlines, update notifications, update scheduling, and more. Consult the complete list at [Update Policy CSP - Windows Client Management](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update).
+
+## Examples of Update-Managed Windows Devices
+
+Here are a few examples of update-managed devices:
+
+- **Company-owned devices:** Devices provisioned by your IT department with corporate credentials, configurations, and policies.
+- **Employee-owned devices in BYOD programs:** Personally owned devices enrolled in the company's device management system to securely access corporate resources.
+- **Devices managed through Windows Autopilot:** Devices set up and preconfigured to be business-ready right out of the box.
+- **Mandated security settings:** Devices with health requirements such as device encryption, PIN or strong password, specific inactivity timeout periods, and up-to-date operating systems.
+- **Intune-enrolled devices:** Devices enrolled in Microsoft Intune for network access and enforced security policies.
+- **Third-party managed devices:** Devices enrolled in third-party management tools with configured Windows update policies via GPO, CSP, or registry key.
+
+## What are Update-Unmanaged Windows Devices?
+
+Unlike update-managed devices, unmanaged devices are not controlled through policies, management tools, or software. These devices aren't enrolled in tools like Microsoft Intune or Configuration Manager. If you only configure the Settings page to control overall device behavior when taking updates, it is considered an unmanaged device.
+
+**Note:** The term "Microsoft managed devices" used to refer to what we now call "update unmanaged Windows devices." Based on feedback, we have updated our terminology for clarity.
+
+## Examples of Update-Unmanaged Windows Devices
+
+Examples of update-unmanaged devices include:
+
+- **Personal devices:** Devices owned by individuals at your organization that are not enrolled in any corporate management system.
+- **BYOD devices not enrolled in management programs:** Devices used for work but not part of an organizational BYOD program.
+- **Peripheral devices:** Devices like printers, IP phones, and uninterruptible power supplies (UPS) that cannot accept centrally managed administrative credentials.
+
+For more information on managed and unmanaged devices, check out [Secure managed and unmanaged devices](https://docs.microsoft.com/mem/intune/protect/protect-devices).
+
+## Recommendations
+
+| SEO Keywords                                                                                              | Suggested Additions                                                                  | Links to Update                                                                                                                                                                                                                    | Issues/Concerns                                                    |
+|-----------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------|
+| Windows update management, IT managed devices, unmanaged devices, Windows updates, Intune managed devices | Add detailed steps for configuring GPO, CSP, and Graph policies for managing updates | [Update Policy CSP - Windows Client Management](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update), [Secure managed and unmanaged devices](https://docs.microsoft.com/mem/intune/protect/protect-devices) | Ensure all links are up to date and point to the correct resources |
+
+\`\`\`
+\*\*Customer Intent for this Article:\*\* Understand the differences between IT-managed and unmanaged Windows devices to better manage Windows updates.
+
+------------------------------------------------------------------------
+
+**Acrolinx score**: **82**
+
+**Acrolinx correctness score**: 89
+
+**Acrolinx scorecard** (Acrolinx account required): https://microsoft-ce-csi-qa.acrolinx.cloud/api/v1/checking/scorecards/d9ad0ab8-ffa3-4af1-a7c7-00cbb71a4d52
+
+------------------------------------------------------------------------
+
+**Reviewers**: thtrombl;arcarley;royork;sumitav;kerick;maferr;v-fvalentyna
+
+**Key dates**:
+
+------------------------------------------------------------------------
+
+**Audience**: Admin
+
+**Product**: Windows 10/11
+
+**Article should cover the following**: Windows Update IT Managed = there are policies (GP, CSP, or Graph) configured on the device to manage update offering and/or experience. \nWindows Update Offering IT Managed = there are policies configured (GP, CSP, or Graph) to manage when/which feature, quality, driver, etc. updates are offered to the device. \nWindows Update Experience IT Managed = there are policies configured (GP, CSP, or Graph) to manage device behavior when taking Windows updates. \nWindows Update Non-IT Managed (Unmanaged) = no policies configured to control which updates are offered or the device behavior when taking updates outside of configuring the Settings page.
+
+**How this article will help customers**: It’s all about managing Windows updates. Get clarity on terminology for managed and unmanaged Windows devices.
+
+**Submitted by**: v-mikolding@microsoft.com
+
+**Spec**: Update managed Windows devices \n\n \n\nAll organizational devices fall into two categories: they are either considered managed or unmanaged. The distinction is especially important when it comes to Windows features, updates, and rollouts. \n\n  \n\nFirst, let’s define managed and unmanaged devices in terms of Windows update management. A few examples of these device categories will help you identify your scenarios. These will serve as the basis for future communications as we update existing content in the coming weeks. \n\n \n\nNote: Windows updates are those that affect the Windows operating system and its components: Windows quality updates, Windows feature updates, and .NET updates. See Windows monthly updates explained. Office and other applications have different management mechanisms. \n\n \n\nWhat are update-managed Windows devices? \n\nWe define an update managed device based on Windows Update management. Windows devices are update managed if an IT administrator or an organization controls the updates for Windows via a management tool (such as Microsoft Intune) or by directly setting policies (for example, Group Policy (GPO), Configuration Service Provider (CSP) policy, or Graph). \n\n \n\nNote: This is true even if you directly set registry keys. However, this is not recommended given that registry keys can be easily overwritten. \n\n \n\n \n\nManaged devices can range from desktops, laptops, and tablets, to servers and manufacturing equipment. You secure and configure them according to your organization’s standards and policies. \n\n \n\nFurther, there are two categories of Windows update managed devices, based on whether you manage the offering or the experience of Windows updates. \n\n  \n\nIT-managed: Windows update offering \n\nYour devices are Windows update-managed if you manage update offering in all the following ways: \n\nYou configure policies to manage which updates are offered to the specific device. \n\nYou set when your organization should receive feature, quality, and driver updates, among others. \n\nYou use Group Policy (GP), Cloud Solution Provider (CSP), or Graph to configure these offerings. \n\n \n\nIT-managed: Windows update experience \n\nYour devices are Windows update-managed if you use policies (GP, CSP, or Graph) to manage device behavior when taking Windows updates.  \n\n \n\nExamples of controllable device behavior include active hours, update grace periods and deadlines, update notifications, update scheduling, and more. Consult the complete list at Update Policy CSP - Windows Client Management. \n\n \n\nInserting image... \n\n  \n\nExamples of update managed Windows devices \n\nHere are a few examples of an update managed device: \n\n  \n\nCompany-owned devices: If your IT department provisions devices, they are typically managed devices. You’d often provision these with specific corporate credentials, configurations, and policies for security and manageability. \n\nEmployee-owned devices enrolled in Bring-Your-Own-Device (BYOD) programs: Do you enroll any personally owned devices in the company’s device management system? You’d do this to help these employees access corporate resources securely. The device must adhere to Terms of Use for corporate and personally owned devices connecting to corporate resources. In that scenario, these devices are considered managed. \n\nDevices managed through Windows Autopilot: This tool allows you to set up and preconfigure new devices, making them business-ready right out of the box. If you use Autopilot for any devices, they’re managed. \n\nMandated security settings: Managed devices might include health requirements, such as device encryption, a PIN or strong password, a specific inactivity timeout period, and up-to-date operating systems with enabled auto-updates. \n\nIntune enrolled devices: Devices enrolled in Microsoft Intune are considered managed. Intune allows them to access the company network and enforces device encryption, PIN/password requirements, and specific inactivity timeout periods. \n\nThird-party managed devices: Devices enrolled into third-party management tooling are considered managed if you configure Windows update policies via GPO, CSP, or registry key. Specifically, you configure these devices to point them to a local Windows Server Update Services (WSUS), disable access to Windows Update (WU), or manage which Windows updates are offered. \n\nWhat are update-unmanaged Windows devices? \n\nUnlike update-managed devices, you don’t control unmanaged Windows devices through policies, management tools, or software. \n\nThese devices aren’t enrolled in tools like Microsoft Intune or Configuration Manager. \n\nYou don’t configure policies to control Windows update offerings or experience for these devices. \n\nIf all you do is configure the Settings page to control overall device behavior when taking updates, it’s an unmanaged device. \n\n \n\nNote: If you’ve seen the term “Microsoft managed devices,” it used to refer to what we now call “update unmanaged Windows devices.” Based on your feedback, we’ll update existing content with these more informative definitions to drive clarity. \n\nExamples of Windows update unmanaged devices \n\nExamples of update unmanaged devices include: \n\n  \n\nPersonal devices: If some individuals at your organization own a device that is not enrolled in any corporate management system, it’s an unmanaged device. It wouldn’t have any security configurations and policies that you typically apply for your organization. \n\nBYOD devices not enrolled in management programs: BYOD programs are characterized by management policies. So, if there are devices that aren’t part of an organizational BYOD program, they remain unmanaged even if used for work. \n\nPeripheral devices: Printers, IP phones, and uninterruptible power supplies (UPS) often don’t accept centrally managed administrative credentials. Therefore, they cannot have management agents installed on them, leaving them unmanaged. \n\n \n\nThank you for your feedback in helping us drive clarity into content and definitions. We’ll be updating existing content across Microsoft pages to reflect these definitions. For more information on managed and unmanaged devices, check out Secure managed and unmanaged devices.
+
+**Run ID**: 3557dc16-a3ef-4007-8f20-8d929b2c29f1
+
+**Session ID**: e46f3c4d-8c88-4605-9d63-4f325db41925

From 9a105c29542aab6d9f3ae1a09c68c969af6e2e9a Mon Sep 17 00:00:00 2001
From: mikolding <v-mikolding@microsoft.com>
Date: Thu, 20 Jun 2024 10:37:31 -0700
Subject: [PATCH 03/24] Update updatemanagedvsupdateunmanageddevices.md

---
 .../updatemanagedvsupdateunmanageddevices.md  | 83 -------------------
 1 file changed, 83 deletions(-)

diff --git a/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md b/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md
index da212512ce..9bc4dee63b 100644
--- a/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md
+++ b/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md
@@ -1,52 +1,4 @@
----
-# Required metadata
-# For more information, see https://review.learn.microsoft.com/en-us/help/platform/learn-editor-add-metadata?branch=main
-# For valid values of ms.service, ms.prod, and ms.topic, see https://review.learn.microsoft.com/en-us/help/platform/metadata-taxonomies?branch=main
 
-title:       # Add a title for the browser tab
-description: # Add a meaningful description for search results
-author:      mikolding # GitHub alias
-ms.author:   v-mikolding # Microsoft alias
-ms.service:  # Add the ms.service or ms.prod value
-# ms.prod:   # To use ms.prod, uncomment it and delete ms.service
-ms.topic:    # Add the ms.topic value
-ms.date:     06/12/2024
----
-
-# Update-managed vs Update-unmanaged devices
-
----
-title: "Managing Windows Updates: IT Managed vs. Unmanaged Devices"
----
-
-**Request title**: Defining Windows Update managed and Windows Update unmanaged devices
-
-**Generated text**:
-
-------------------------------------------------------------------------
-
----  
-title: "Defining Windows Update managed and Windows Update unmanaged devices"  
-description:  
-author:  
-ms.author: v-mikolding  
-manager:  
-ms.date: 06/05/2024  
-ms.topic:  
-ms.service: windows-client  
-ms.subservice:  
-ms.localizationpriority:  
-ms.collection:  
-ms.custom: QuickDraft  
-ms.reviewer: thtrombl;arcarley;royork;sumitav;kerick;maferr;v-fvalentyna  
-search.appverid: MET150  
-f1.keywords:  
-audience:  
-ai-usage:  
-- ai-assisted  
----  
-
-\`\`\`html
 
 # Managing Windows Updates: IT Managed vs. Unmanaged Devices
 
@@ -106,38 +58,3 @@ For more information on managed and unmanaged devices, check out [Secure managed
 | SEO Keywords                                                                                              | Suggested Additions                                                                  | Links to Update                                                                                                                                                                                                                    | Issues/Concerns                                                    |
 |-----------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------|
 | Windows update management, IT managed devices, unmanaged devices, Windows updates, Intune managed devices | Add detailed steps for configuring GPO, CSP, and Graph policies for managing updates | [Update Policy CSP - Windows Client Management](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update), [Secure managed and unmanaged devices](https://docs.microsoft.com/mem/intune/protect/protect-devices) | Ensure all links are up to date and point to the correct resources |
-
-\`\`\`
-\*\*Customer Intent for this Article:\*\* Understand the differences between IT-managed and unmanaged Windows devices to better manage Windows updates.
-
-------------------------------------------------------------------------
-
-**Acrolinx score**: **82**
-
-**Acrolinx correctness score**: 89
-
-**Acrolinx scorecard** (Acrolinx account required): https://microsoft-ce-csi-qa.acrolinx.cloud/api/v1/checking/scorecards/d9ad0ab8-ffa3-4af1-a7c7-00cbb71a4d52
-
-------------------------------------------------------------------------
-
-**Reviewers**: thtrombl;arcarley;royork;sumitav;kerick;maferr;v-fvalentyna
-
-**Key dates**:
-
-------------------------------------------------------------------------
-
-**Audience**: Admin
-
-**Product**: Windows 10/11
-
-**Article should cover the following**: Windows Update IT Managed = there are policies (GP, CSP, or Graph) configured on the device to manage update offering and/or experience. \nWindows Update Offering IT Managed = there are policies configured (GP, CSP, or Graph) to manage when/which feature, quality, driver, etc. updates are offered to the device. \nWindows Update Experience IT Managed = there are policies configured (GP, CSP, or Graph) to manage device behavior when taking Windows updates. \nWindows Update Non-IT Managed (Unmanaged) = no policies configured to control which updates are offered or the device behavior when taking updates outside of configuring the Settings page.
-
-**How this article will help customers**: It’s all about managing Windows updates. Get clarity on terminology for managed and unmanaged Windows devices.
-
-**Submitted by**: v-mikolding@microsoft.com
-
-**Spec**: Update managed Windows devices \n\n \n\nAll organizational devices fall into two categories: they are either considered managed or unmanaged. The distinction is especially important when it comes to Windows features, updates, and rollouts. \n\n  \n\nFirst, let’s define managed and unmanaged devices in terms of Windows update management. A few examples of these device categories will help you identify your scenarios. These will serve as the basis for future communications as we update existing content in the coming weeks. \n\n \n\nNote: Windows updates are those that affect the Windows operating system and its components: Windows quality updates, Windows feature updates, and .NET updates. See Windows monthly updates explained. Office and other applications have different management mechanisms. \n\n \n\nWhat are update-managed Windows devices? \n\nWe define an update managed device based on Windows Update management. Windows devices are update managed if an IT administrator or an organization controls the updates for Windows via a management tool (such as Microsoft Intune) or by directly setting policies (for example, Group Policy (GPO), Configuration Service Provider (CSP) policy, or Graph). \n\n \n\nNote: This is true even if you directly set registry keys. However, this is not recommended given that registry keys can be easily overwritten. \n\n \n\n \n\nManaged devices can range from desktops, laptops, and tablets, to servers and manufacturing equipment. You secure and configure them according to your organization’s standards and policies. \n\n \n\nFurther, there are two categories of Windows update managed devices, based on whether you manage the offering or the experience of Windows updates. \n\n  \n\nIT-managed: Windows update offering \n\nYour devices are Windows update-managed if you manage update offering in all the following ways: \n\nYou configure policies to manage which updates are offered to the specific device. \n\nYou set when your organization should receive feature, quality, and driver updates, among others. \n\nYou use Group Policy (GP), Cloud Solution Provider (CSP), or Graph to configure these offerings. \n\n \n\nIT-managed: Windows update experience \n\nYour devices are Windows update-managed if you use policies (GP, CSP, or Graph) to manage device behavior when taking Windows updates.  \n\n \n\nExamples of controllable device behavior include active hours, update grace periods and deadlines, update notifications, update scheduling, and more. Consult the complete list at Update Policy CSP - Windows Client Management. \n\n \n\nInserting image... \n\n  \n\nExamples of update managed Windows devices \n\nHere are a few examples of an update managed device: \n\n  \n\nCompany-owned devices: If your IT department provisions devices, they are typically managed devices. You’d often provision these with specific corporate credentials, configurations, and policies for security and manageability. \n\nEmployee-owned devices enrolled in Bring-Your-Own-Device (BYOD) programs: Do you enroll any personally owned devices in the company’s device management system? You’d do this to help these employees access corporate resources securely. The device must adhere to Terms of Use for corporate and personally owned devices connecting to corporate resources. In that scenario, these devices are considered managed. \n\nDevices managed through Windows Autopilot: This tool allows you to set up and preconfigure new devices, making them business-ready right out of the box. If you use Autopilot for any devices, they’re managed. \n\nMandated security settings: Managed devices might include health requirements, such as device encryption, a PIN or strong password, a specific inactivity timeout period, and up-to-date operating systems with enabled auto-updates. \n\nIntune enrolled devices: Devices enrolled in Microsoft Intune are considered managed. Intune allows them to access the company network and enforces device encryption, PIN/password requirements, and specific inactivity timeout periods. \n\nThird-party managed devices: Devices enrolled into third-party management tooling are considered managed if you configure Windows update policies via GPO, CSP, or registry key. Specifically, you configure these devices to point them to a local Windows Server Update Services (WSUS), disable access to Windows Update (WU), or manage which Windows updates are offered. \n\nWhat are update-unmanaged Windows devices? \n\nUnlike update-managed devices, you don’t control unmanaged Windows devices through policies, management tools, or software. \n\nThese devices aren’t enrolled in tools like Microsoft Intune or Configuration Manager. \n\nYou don’t configure policies to control Windows update offerings or experience for these devices. \n\nIf all you do is configure the Settings page to control overall device behavior when taking updates, it’s an unmanaged device. \n\n \n\nNote: If you’ve seen the term “Microsoft managed devices,” it used to refer to what we now call “update unmanaged Windows devices.” Based on your feedback, we’ll update existing content with these more informative definitions to drive clarity. \n\nExamples of Windows update unmanaged devices \n\nExamples of update unmanaged devices include: \n\n  \n\nPersonal devices: If some individuals at your organization own a device that is not enrolled in any corporate management system, it’s an unmanaged device. It wouldn’t have any security configurations and policies that you typically apply for your organization. \n\nBYOD devices not enrolled in management programs: BYOD programs are characterized by management policies. So, if there are devices that aren’t part of an organizational BYOD program, they remain unmanaged even if used for work. \n\nPeripheral devices: Printers, IP phones, and uninterruptible power supplies (UPS) often don’t accept centrally managed administrative credentials. Therefore, they cannot have management agents installed on them, leaving them unmanaged. \n\n \n\nThank you for your feedback in helping us drive clarity into content and definitions. We’ll be updating existing content across Microsoft pages to reflect these definitions. For more information on managed and unmanaged devices, check out Secure managed and unmanaged devices.
-
-**Run ID**: 3557dc16-a3ef-4007-8f20-8d929b2c29f1
-
-**Session ID**: e46f3c4d-8c88-4605-9d63-4f325db41925

From 2dbf84843f4a450ef63ce58c5d1d384c9b8a90ca Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Sun, 23 Jun 2024 08:50:25 -0400
Subject: [PATCH 04/24] Updates

---
 windows/security/docfx.json                   |  5 +++++
 .../deploy/hybrid-cert-trust-adfs.md          | 16 ++--------------
 .../deploy/hybrid-cert-trust-enroll.md        |  2 +-
 .../deploy/hybrid-cert-trust-pki.md           |  2 +-
 .../deploy/hybrid-cert-trust.md               |  2 +-
 .../includes/certificate-template-auth.md     |  2 +-
 .../certificate-template-enrollment-agent.md  |  2 +-
 .../deploy/on-premises-cert-trust-adfs.md     | 19 ++++---------------
 .../deploy/on-premises-cert-trust-enroll.md   |  2 +-
 .../deploy/on-premises-cert-trust.md          |  4 +---
 .../hello-for-business/deploy/toc.yml         | 10 +++++-----
 11 files changed, 23 insertions(+), 43 deletions(-)

diff --git a/windows/security/docfx.json b/windows/security/docfx.json
index 2e3135282a..af2b39bffc 100644
--- a/windows/security/docfx.json
+++ b/windows/security/docfx.json
@@ -167,6 +167,11 @@
           "✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2019</a>",
           "✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2016</a>"
         ],
+        "identity-protection/hello-for-business/**/*.md": [
+          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 11</a>",
+          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 10</a>",
+          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2025 (preview)</a>"
+        ],
         "identity-protection/smart-cards/**/*.md": [
           "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 11</a>",
           "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 10</a>",
diff --git a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs.md b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs.md
index 94167d36b9..d17d8078a4 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs.md
@@ -1,7 +1,7 @@
 ---
 title: Configure Active Directory Federation Services in a hybrid certificate trust model
 description: Learn how to configure Active Directory Federation Services (AD FS) to support the Windows Hello for Business hybrid certificate trust model.
-ms.date: 03/12/2024
+ms.date: 06/23/2024
 ms.topic: tutorial
 ---
 
@@ -52,19 +52,7 @@ Sign-in a domain controller or management workstation with _Domain Admin_ equiva
 1. Restart the AD FS server
 
 > [!NOTE]
-> For AD FS 2019 in a hybrid certificate trust model, a PRT issue exists. You may encounter this error in the AD FS Admin event logs: *Received invalid Oauth request. The client 'NAME' is forbidden to access the resource with scope 'ugs'*. To remediate this error:
->
-> 1. Launch AD FS management console and browse to **Services > Scope Descriptions**
-> 1. Right click **Scope Descriptions** and select **Add Scope Description**
-> 1. Under name type `ugs` and select **Apply > OK**
-> 1. Launch PowerShell as an administrator
-> 1. Obtain the *ObjectIdentifier* of the application permission with the `ClientRoleIdentifier` parameter equal to `38aa3b87-a06d-4817-b275-7a316988d93b`:
-> ```PowerShell
-> (Get-AdfsApplicationPermission -ServerRoleIdentifiers 'http://schemas.microsoft.com/ws/2009/12/identityserver/selfscope' | ?{ $_.ClientRoleIdentifier -eq '38aa3b87-a06d-4817-b275-7a316988d93b' }).ObjectIdentifier
-> ```
-> 1. Execute the command `Set-AdfsApplicationPermission -TargetIdentifier <ObjectIdentifier from step 5> -AddScope 'ugs'`.
-> 1. Restart the AD FS service
-> 1. On the client: Restart the client. User should be prompted to provision Windows Hello for Business
+> For AD FS 2019 and later in a certificate trust model, a known PRT issue exists. You may encounter this error in AD FS Admin event logs: Received invalid Oauth request. The client 'NAME' is forbidden to access the resource with scope 'ugs'. For more information about the isse and its resolution, see [Certificate trust provisioning with AD FS broken on windows server 2019](../hello-deployment-issues.md#certificate-trust-provisioning-with-ad-fs-broken-on-windows-server-2019).
 
 ## Section review and next steps
 
diff --git a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll.md
index 2891e83911..50ff10820c 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll.md
@@ -1,7 +1,7 @@
 ---
 title: Configure and enroll in Windows Hello for Business in hybrid certificate trust model
 description: Learn how to configure devices and enroll them in Windows Hello for Business in a hybrid certificate trust scenario.
-ms.date: 03/12/2024
+ms.date: 06/23/2024
 ms.topic: tutorial
 ---
 
diff --git a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md
index 35d1ff0083..64fe6ba400 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md
@@ -1,7 +1,7 @@
 ---
 title: Configure and validate the PKI in an hybrid certificate trust model
 description: Configure and validate the Public Key Infrastructure when deploying Windows Hello for Business in a hybrid certificate trust model.
-ms.date: 03/12/2024
+ms.date: 06/23/2024
 ms.topic: tutorial
 ---
 
diff --git a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust.md b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust.md
index 58e8cc3e3d..bbb9a72759 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust.md
@@ -1,7 +1,7 @@
 ---
 title: Windows Hello for Business hybrid certificate trust deployment guide
 description: Learn how to deploy Windows Hello for Business in a hybrid certificate trust scenario.
-ms.date: 03/12/2024
+ms.date: 06/23/2024
 ms.topic: tutorial
 ---
 
diff --git a/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-auth.md b/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-auth.md
index aab8d0e4c9..4adf8b030a 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-auth.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-auth.md
@@ -61,4 +61,4 @@ CertUtil: -dsTemplate command completed successfully."
 ```
 
 >[!NOTE]
->If you gave your Windows Hello for Business Authentication certificate template a different name, then replace `WHFBAuthentication` in the above command with the name of your certificate template. It's important that you use the template name rather than the template display name. You can view the template name on the **General** tab of the certificate template using the Certificate Template management console (certtmpl.msc). Or, you can view the template name using the `Get-CATemplate` ADCS Administration Windows PowerShell cmdlet on your certification authority.
+>If you gave your Windows Hello for Business Authentication certificate template a different name, then replace `WHFBAuthentication` in the above command with the name of your certificate template. It's important that you use the template name rather than the template display name. You can view the template name on the **General** tab of the certificate template using the Certificate Template management console (certtmpl.msc).
diff --git a/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md b/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md
index b43c9f754a..0290c9b645 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md
@@ -3,7 +3,7 @@ ms.date: 01/03/2024
 ms.topic: include
 ---
 
-### Configure an enrollment agent certificate template
+## Configure an enrollment agent certificate template
 
 A certificate registration authority (CRA) is a trusted authority that validates certificate request. Once it validates the request, it presents the request to the certification authority (CA) for issuance. The CA issues the certificate, returns it to the CRA, which returns the certificate to the requesting user. Windows Hello for Business certificate trust deployments use AD FS as the CRA.
 
diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
index dc000be03a..766ebc53d4 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
@@ -1,7 +1,7 @@
 ---
 title: Configure Active Directory Federation Services in an on-premises certificate trust model
 description: Learn how to configure Active Directory Federation Services (AD FS) to support the Windows Hello for Business on-premises certificate trust model.
-ms.date: 03/12/2024
+ms.date: 06/23/2024
 ms.topic: tutorial
 ---
 
@@ -16,20 +16,7 @@ Windows Hello for Business works exclusively with the Active Directory Federatio
 [!INCLUDE [adfs-deploy](includes/adfs-deploy.md)]
 
 > [!NOTE]
-> For AD FS 2019 and later in a certificate trust model, a known PRT issue exists. You may encounter this error in AD FS Admin event logs: Received invalid Oauth request. The client 'NAME' is forbidden to access the resource with scope 'ugs'. To remediate this error:
->
-> 1. Launch AD FS management console. Browse to ***Services > Scope Descriptions**
-> 1. Right-click **Scope Descriptions** and select **Add Scope Description**
-> 1. Under name type *ugs* and select **Apply > OK**
-> 1. Launch PowerShell as an administrator and execute the following commands:
->
->     ```PowerShell
->     $id = (Get-AdfsApplicationPermission -ServerRoleIdentifiers 'http://schemas.microsoft.com/ws/2009/12/identityserver/selfscope' | ?{ $_.ClientRoleIdentifier -eq '38aa3b87-a06d-4817-b275-7a316988d93b' }).ObjectIdentifier
->     Set-AdfsApplicationPermission -TargetIdentifier $id -AddScope 'ugs'
->     ```
->
-> 1. Restart the AD FS service
-> 1. Restart the client. User should be prompted to provision Windows Hello for Business
+> For AD FS 2019 and later in a certificate trust model, a known PRT issue exists. You may encounter this error in AD FS Admin event logs: Received invalid Oauth request. The client 'NAME' is forbidden to access the resource with scope 'ugs'. For more information about the isse and its resolution, see [Certificate trust provisioning with AD FS broken on windows server 2019](../hello-deployment-issues.md#certificate-trust-provisioning-with-ad-fs-broken-on-windows-server-2019).
 
 ## Review to validate the AD FS and Active Directory configuration
 
@@ -40,6 +27,8 @@ Windows Hello for Business works exclusively with the Active Directory Federatio
 > - Confirm you added the AD FS service account to the KeyAdmins group
 > - Confirm you enabled the Device Registration service
 
+[!INCLUDE [enrollment-agent-certificate-template](includes/certificate-template-enrollment-agent.md)]
+
 ## Configure the certificate registration authority
 
 The Windows Hello for Business on-premises certificate-based deployment uses AD FS as the certificate registration authority (CRA). The registration authority is responsible for issuing certificates to users and devices. The registration authority is also responsible for revoking certificates when users or devices are removed from the environment.
diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
index f856919e78..2c9e551150 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
@@ -1,5 +1,5 @@
 ---
-ms.date: 03/12/2024
+ms.date: 06/23/2024
 ms.topic: tutorial
 title: Configure Windows Hello for Business Policy settings in an on-premises certificate trust
 description: Configure Windows Hello for Business Policy settings for Windows Hello for Business in an on-premises certificate trust scenario
diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md
index 92ee0befff..69b6ebb9fd 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md
@@ -1,7 +1,7 @@
 ---
 title: Windows Hello for Business on-premises certificate trust deployment guide
 description: Learn how to deploy Windows Hello for Business in an on-premises, certificate trust scenario.
-ms.date: 03/12/2024
+ms.date: 06/23/2024
 ms.topic: tutorial
 ---
 
@@ -48,8 +48,6 @@ Windows Hello for Business must have a Public Key Infrastructure (PKI) when usin
 
 [!INCLUDE [web-server-certificate-template](includes/certificate-template-web-server.md)]
 
-[!INCLUDE [enrollment-agent-certificate-template](includes/certificate-template-enrollment-agent.md)]
-
 [!INCLUDE [auth-certificate-template](includes/certificate-template-auth.md)]
 
 [!INCLUDE [unpublish-superseded-templates](includes/unpublish-superseded-templates.md)]
diff --git a/windows/security/identity-protection/hello-for-business/deploy/toc.yml b/windows/security/identity-protection/hello-for-business/deploy/toc.yml
index 55964be416..9ae8643cf0 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/toc.yml
+++ b/windows/security/identity-protection/hello-for-business/deploy/toc.yml
@@ -8,7 +8,7 @@ items:
   - name: Cloud Kerberos trust deployment
     href: hybrid-cloud-kerberos-trust.md
   - name: Key trust deployment
-    items: 
+    items:
     - name: Requirements and validation
       href: hybrid-key-trust.md
       displayName: key trust
@@ -19,7 +19,7 @@ items:
       href: ../hello-hybrid-aadj-sso.md
       displayName: key trust
   - name: Certificate trust deployment
-    items: 
+    items:
     - name: Requirements and validation
       href: hybrid-cert-trust.md
       displayName: certificate trust
@@ -41,7 +41,7 @@ items:
 - name: On-premises deployments
   items:
   - name: Key trust deployment
-    items: 
+    items:
     - name: Requirements and validation
       href: on-premises-key-trust.md
     - name: Prepare and deploy Active Directory Federation Services (AD FS)
@@ -49,10 +49,10 @@ items:
     - name: Configure and enroll in Windows Hello for Business
       href: on-premises-key-trust-enroll.md
   - name: Certificate trust deployment
-    items: 
+    items:
     - name: Requirements and validation
       href: on-premises-cert-trust.md
-    - name: Prepare and Deploy Active Directory Federation Services (AD FS)
+    - name: Prepare and deploy Active Directory Federation Services (AD FS)
       href: on-premises-cert-trust-adfs.md
     - name: Configure and enroll in Windows Hello for Business
       href: on-premises-cert-trust-enroll.md

From db7d53094ee86abc9092a0a065dab3ef4ba9f83b Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Sun, 23 Jun 2024 16:23:49 -0400
Subject: [PATCH 05/24] updates

---
 .../hello-for-business/deploy/includes/adfs-mfa.md            | 4 +++-
 .../hello-for-business/deploy/on-premises-cert-trust-adfs.md  | 1 +
 .../hello-for-business/deploy/on-premises-cert-trust.md       | 2 --
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/deploy/includes/adfs-mfa.md b/windows/security/identity-protection/hello-for-business/deploy/includes/adfs-mfa.md
index a684145a1d..6adbe43c94 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/includes/adfs-mfa.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/includes/adfs-mfa.md
@@ -1,5 +1,5 @@
 ---
-ms.date: 01/03/2024
+ms.date: 06/23/2024
 ms.topic: include
 ---
 
@@ -8,6 +8,8 @@ ms.topic: include
 Windows Hello for Business requires users perform multifactor authentication (MFA) prior to enroll in the service. On-premises deployments can use, as MFA option:
 
 - certificates
+    > [!NOTE]
+    > When using this option, the certificates must be deployed to the users. For example, users can use their smart card or virtual smart card as a certificate authentication option.
 - non-Microsoft authentication providers for AD FS
 - custom authentication provider for AD FS
 
diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
index 766ebc53d4..8ae0f88a26 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
@@ -76,6 +76,7 @@ For detailed information about the certificate, use `Certutil -q -v <certificate
 > [!div class="checklist"]
 > Before you continue with the deployment, validate your deployment progress by reviewing the following items:
 >
+> - Configure an enrollment agent certificate template
 > - Confirm only the AD FS service account has the allow enroll permission for the enrollment agent certificate template
 > - Consider using an HSM to protect the enrollment agent certificate; however, understand the frequency and quantity of signature operations the enrollment agent server makes and understand the impact it has on overall performance
 > - Confirm you properly configured the Windows Hello for Business authentication certificate template
diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md
index 69b6ebb9fd..20ea17f9cc 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md
@@ -7,7 +7,6 @@ ms.topic: tutorial
 
 # On-premises certificate trust deployment guide
 
-
 [!INCLUDE [apply-to-on-premises-cert-trust](includes/apply-to-on-premises-cert-trust.md)]
 
 [!INCLUDE [requirements](includes/requirements.md)]
@@ -83,7 +82,6 @@ Sign in to the CA or management workstations with **Enterprise Admin** equivalen
 > - Configure domain controller and web server certificate templates
 > - Supersede existing domain controller certificates
 > - Unpublish superseded certificate templates
-> - Configure an enrollment agent certificate template
 > - Publish the certificate templates to the CA
 > - Deploy certificates to the domain controllers
 > - Validate the domain controllers configuration

From 19459e417da4ca89567d0883c5d318870fbca90b Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 24 Jun 2024 12:28:25 -0400
Subject: [PATCH 06/24] updates

---
 windows/security/docfx.json                                  | 5 -----
 .../deploy/on-premises-cert-trust-enroll.md                  | 2 ++
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/windows/security/docfx.json b/windows/security/docfx.json
index af2b39bffc..2e3135282a 100644
--- a/windows/security/docfx.json
+++ b/windows/security/docfx.json
@@ -167,11 +167,6 @@
           "✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2019</a>",
           "✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2016</a>"
         ],
-        "identity-protection/hello-for-business/**/*.md": [
-          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 11</a>",
-          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 10</a>",
-          "✅ <a href=\"https://learn.microsoft.com/windows/release-health/windows-server-release-info\" target=\"_blank\">Windows Server 2025 (preview)</a>"
-        ],
         "identity-protection/smart-cards/**/*.md": [
           "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 11</a>",
           "✅ <a href=\"https://learn.microsoft.com/windows/release-health/supported-versions-windows-client\" target=\"_blank\">Windows 10</a>",
diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
index 2c9e551150..63391d32fc 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
@@ -75,6 +75,8 @@ The AD FS registration authority verifies the key used in the certificate reques
 
 The CA validates that the certificate is signed by the registration authority. On successful validation, it issues a certificate based on the request and returns the certificate to the AD FS registration authority. The registration authority returns the certificate to Windows where it then installs the certificate in the current user's certificate store. Once this process completes, the Windows Hello for Business provisioning workflow informs the user that they can use their PIN to sign-in through the Action Center.
 
+> [!VIDEO 387edee6-45a2-421d-9ea7-0f5aa0f02289]
+
 ### Sequence diagram
 
 To better understand the provisioning flows, review the following sequence diagram:

From 1e0469f8454923e0f18415a1c8d870c13a103026 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 24 Jun 2024 12:55:20 -0400
Subject: [PATCH 07/24] updates

---
 .../hello-for-business/deploy/on-premises-cert-trust-enroll.md  | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
index 63391d32fc..f6cd340522 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
@@ -77,6 +77,8 @@ The CA validates that the certificate is signed by the registration authority. O
 
 > [!VIDEO 387edee6-45a2-421d-9ea7-0f5aa0f02289]
 
+> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d]
+
 ### Sequence diagram
 
 To better understand the provisioning flows, review the following sequence diagram:

From 5163bf104f3a349bbe3fdc3c2d1156324e6772a7 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 24 Jun 2024 14:34:52 -0400
Subject: [PATCH 08/24] updates

---
 .../hello-for-business/deploy/on-premises-cert-trust-enroll.md  | 2 --
 1 file changed, 2 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
index f6cd340522..4b378b308b 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
@@ -75,8 +75,6 @@ The AD FS registration authority verifies the key used in the certificate reques
 
 The CA validates that the certificate is signed by the registration authority. On successful validation, it issues a certificate based on the request and returns the certificate to the AD FS registration authority. The registration authority returns the certificate to Windows where it then installs the certificate in the current user's certificate store. Once this process completes, the Windows Hello for Business provisioning workflow informs the user that they can use their PIN to sign-in through the Action Center.
 
-> [!VIDEO 387edee6-45a2-421d-9ea7-0f5aa0f02289]
-
 > [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d]
 
 ### Sequence diagram

From f10e79fdb1c007176833c2e98ae56b633cb573ff Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 24 Jun 2024 15:12:49 -0400
Subject: [PATCH 09/24] updates

---
 .../hello-for-business/deploy/on-premises-cert-trust-enroll.md  | 2 +-
 .../hello-for-business/deploy/on-premises-key-trust-enroll.md   | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
index 4b378b308b..d46c68519a 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
@@ -73,7 +73,7 @@ After a successful key registration, Windows creates a certificate request using
 
 The AD FS registration authority verifies the key used in the certificate request matches the key that was previously registered. On a successful match, the AD FS registration authority signs the certificate request using its enrollment agent certificate and sends it to the certificate authority.
 
-The CA validates that the certificate is signed by the registration authority. On successful validation, it issues a certificate based on the request and returns the certificate to the AD FS registration authority. The registration authority returns the certificate to Windows where it then installs the certificate in the current user's certificate store. Once this process completes, the Windows Hello for Business provisioning workflow informs the user that they can use their PIN to sign-in through the Action Center.
+The CA validates that the certificate is signed by the registration authority. On successful validation, it issues a certificate based on the request and returns the certificate to the AD FS registration authority. The registration authority returns the certificate to Windows where it then installs the certificate in the current user's certificate store.
 
 > [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d]
 
diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md
index 34f55f78f3..5a3224a779 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md
@@ -52,6 +52,8 @@ This information is also available using the `dsregcmd.exe /status` command from
 
 [!INCLUDE [user-experience](includes/user-experience.md)]
 
+> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d]
+
 ### Sequence diagram
 
 To better understand the provisioning flows, review the following sequence diagram:

From 934cff5fd58697ee42bf9e7dcbe3588975ead611 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 24 Jun 2024 15:37:47 -0400
Subject: [PATCH 10/24] updates

---
 .../deploy/on-premises-cert-trust-adfs.md           | 13 +++++++++++++
 .../deploy/on-premises-cert-trust.md                |  2 +-
 .../deploy/on-premises-key-trust.md                 |  4 ++--
 3 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
index 8ae0f88a26..1d2b4c388f 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
@@ -29,6 +29,19 @@ Windows Hello for Business works exclusively with the Active Directory Federatio
 
 [!INCLUDE [enrollment-agent-certificate-template](includes/certificate-template-enrollment-agent.md)]
 
+### Publish the certificate template to the CA
+
+Sign in to the CA or management workstations with **Enterprise Admin** equivalent credentials.
+
+1. Open the **Certification Authority** management console
+1. Expand the parent node from the navigation pane
+1. Select **Certificate Templates** in the navigation pane
+1. Right-click the **Certificate Templates** node. Select **New > Certificate Template** to issue
+1. In the **Enable Certificates Templates** window, select the *WHFB Enrollment Agent* template you created in the previous step. Select **OK** to publish the selected certificate templates to the certification authority
+1. If you published the *Domain Controller Authentication (Kerberos)* certificate template, then unpublish the certificate templates you included in the superseded templates list
+   - To unpublish a certificate template, right-click the certificate template you want to unpublish and select **Delete**. Select **Yes** to confirm the operation
+1. Close the console
+
 ## Configure the certificate registration authority
 
 The Windows Hello for Business on-premises certificate-based deployment uses AD FS as the certificate registration authority (CRA). The registration authority is responsible for issuing certificates to users and devices. The registration authority is also responsible for revoking certificates when users or devices are removed from the environment.
diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md
index 20ea17f9cc..0240088385 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md
@@ -61,7 +61,7 @@ Sign in to the CA or management workstations with **Enterprise Admin** equivalen
 1. Expand the parent node from the navigation pane
 1. Select **Certificate Templates** in the navigation pane
 1. Right-click the **Certificate Templates** node. Select **New > Certificate Template** to issue
-1. In the **Enable Certificates Templates** window, select the *Domain Controller Authentication (Kerberos)*, *Internal Web Server*, *WHFB Enrollment Agent* and *WHFB Authentication* templates you created in the previous steps. Select **OK** to publish the selected certificate templates to the certification authority
+1. In the **Enable Certificates Templates** window, select the *Domain Controller Authentication (Kerberos)*, *Internal Web Server*, and *WHFB Authentication* templates you created in the previous steps. Select **OK** to publish the selected certificate templates to the certification authority
 1. If you published the *Domain Controller Authentication (Kerberos)* certificate template, then unpublish the certificate templates you included in the superseded templates list
    - To unpublish a certificate template, right-click the certificate template you want to unpublish and select **Delete**. Select **Yes** to confirm the operation
 1. Close the console
diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust.md
index 0b7ef9d9a3..347471eeef 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust.md
@@ -1,7 +1,7 @@
 ---
 title: Windows Hello for Business on-premises key trust deployment guide
 description: Learn how to deploy Windows Hello for Business in an on-premises, key trust scenario.
-ms.date: 03/12/2024
+ms.date: 06/24/2024
 ms.topic: tutorial
 ---
 
@@ -57,7 +57,7 @@ Sign in to the CA or management workstations with **Enterprise Admin** equivalen
 1. Expand the parent node from the navigation pane
 1. Select **Certificate Templates** in the navigation pane
 1. Right-click the **Certificate Templates** node. Select **New > Certificate Template** to issue
-1. In the **Enable Certificates Templates** window, select the *Domain Controller Authentication (Kerberos)*, and *Internal Web Server* templates you created in the previous steps. Select **OK** to publish the selected certificate templates to the certification authority
+1. In the **Enable Certificates Templates** window, select the *Domain Controller Authentication (Kerberos)* and *Internal Web Server* templates you created in the previous steps. Select **OK** to publish the selected certificate templates to the certification authority
 1. If you published the *Domain Controller Authentication (Kerberos)* certificate template, then unpublish the certificate templates you included in the superseded templates list
    - To unpublish a certificate template, right-click the certificate template you want to unpublish and select **Delete**. Select **Yes** to confirm the operation
 1. Close the console

From 08b4aaf082cde6f9ef50fdd959801110570092d7 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 24 Jun 2024 15:58:09 -0400
Subject: [PATCH 11/24] updates

---
 .../deploy/includes/certificate-template-enrollment-agent.md  | 4 ++--
 .../hello-for-business/deploy/on-premises-cert-trust-adfs.md  | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md b/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md
index 0290c9b645..df1df5291f 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md
@@ -12,7 +12,7 @@ The CRA enrolls for an *enrollment agent certificate*. Once the CRA verifies the
 > [!IMPORTANT]
 > Follow the procedures below based on the AD FS service account used in your environment.
 
-#### Create an enrollment agent certificate for Group Managed Service Accounts (GMSA)
+### Create an enrollment agent certificate for Group Managed Service Accounts (GMSA)
 
 Sign in to a CA or management workstations with *Domain Administrator* equivalent credentials.
 
@@ -32,7 +32,7 @@ Sign in to a CA or management workstations with *Domain Administrator* equivalen
 1. Select **OK** to finalize your changes and create the new template
 1. Close the console
 
-#### Create an enrollment agent certificate for a standard service account
+### Create an enrollment agent certificate for a standard service account
 
 Sign in to a CA or management workstations with *Domain Administrator* equivalent credentials.
 
diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
index 1d2b4c388f..7446d01e92 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md
@@ -57,7 +57,7 @@ Set-AdfsCertificateAuthority -EnrollmentAgent -EnrollmentAgentCertificateTemplat
 >[!NOTE]
 > If you gave your Windows Hello for Business Enrollment Agent and Windows Hello for Business Authentication certificate templates different names, then replace *WHFBEnrollmentAgent* and *WHFBAuthentication* in the above command with the name of your certificate templates. It's important that you use the template name rather than the template display name.  You can view the template name on the **General** tab of the certificate template by using the **Certificate Template** management console (certtmpl.msc). Or, you can view the template name by using the `Get-CATemplate` PowerShell cmdlet on a CA.
 
-### Enrollment agent certificate enrollment
+### Enrollment agent certificate lifecycle management
 
 AD FS performs its own certificate lifecycle management. Once the registration authority is configured with the proper certificate template, the AD FS server attempts to enroll the certificate on the first certificate request or when the service first starts.
 

From 0c85b22c56b11da1f3fb5ae9813804eef97ce0cf Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 24 Jun 2024 16:32:53 -0400
Subject: [PATCH 12/24] video updates

---
 .../deploy/on-premises-cert-trust-enroll.md            | 10 ++++++++--
 .../deploy/on-premises-key-trust-enroll.md             |  6 ++++--
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
index d46c68519a..13e2c77a6e 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
@@ -1,5 +1,9 @@
 ---
-ms.date: 06/23/2024
+
+The following video shows the Windows Hello for Business enrollment steps after signing in with a password, using a custom MFA adapter for AD FS.
+
+> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d alt-text="Video showing the Windows Hello for Business enrollment steps after signing in with a password."]
+
 ms.topic: tutorial
 title: Configure Windows Hello for Business Policy settings in an on-premises certificate trust
 description: Configure Windows Hello for Business Policy settings for Windows Hello for Business in an on-premises certificate trust scenario
@@ -75,7 +79,9 @@ The AD FS registration authority verifies the key used in the certificate reques
 
 The CA validates that the certificate is signed by the registration authority. On successful validation, it issues a certificate based on the request and returns the certificate to the AD FS registration authority. The registration authority returns the certificate to Windows where it then installs the certificate in the current user's certificate store.
 
-> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d]
+The following video shows the Windows Hello for Business enrollment steps after signing in with a password, using a custom MFA adapter for AD FS.
+
+> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d alt-text="Video showing the Windows Hello for Business enrollment steps after signing in with a password."]
 
 ### Sequence diagram
 
diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md
index 5a3224a779..85c263917f 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md
@@ -1,5 +1,5 @@
 ---
-ms.date: 03/12/2024
+ms.date: 06/23/2024
 ms.topic: tutorial
 title: Configure Windows Hello for Business Policy settings in an on-premises key trust
 description: Configure Windows Hello for Business Policy settings for Windows Hello for Business in an on-premises key trust scenario
@@ -52,7 +52,9 @@ This information is also available using the `dsregcmd.exe /status` command from
 
 [!INCLUDE [user-experience](includes/user-experience.md)]
 
-> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d]
+The following video shows the Windows Hello for Business enrollment steps after signing in with a password, using a custom MFA adapter for AD FS.
+
+> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d alt-text="Video showing the Windows Hello for Business enrollment steps after signing in with a password."]
 
 ### Sequence diagram
 

From 6d0cd13b13e26939f67693380ca1ccdb05ba6539 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Mon, 24 Jun 2024 17:25:54 -0400
Subject: [PATCH 13/24] update

---
 .../deploy/on-premises-cert-trust-enroll.md                 | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
index 13e2c77a6e..ce1d4a781d 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md
@@ -1,9 +1,5 @@
 ---
-
-The following video shows the Windows Hello for Business enrollment steps after signing in with a password, using a custom MFA adapter for AD FS.
-
-> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d alt-text="Video showing the Windows Hello for Business enrollment steps after signing in with a password."]
-
+ms.date: 06/23/2024
 ms.topic: tutorial
 title: Configure Windows Hello for Business Policy settings in an on-premises certificate trust
 description: Configure Windows Hello for Business Policy settings for Windows Hello for Business in an on-premises certificate trust scenario

From 01b62375fdfc78b81492ad7208c3bdcef238ee06 Mon Sep 17 00:00:00 2001
From: Valentyna Filimonova <v-fvalentyna@microsoft.com>
Date: Mon, 24 Jun 2024 17:05:00 -0600
Subject: [PATCH 14/24] Update updatemanagedvsupdateunmanageddevices.md

I've incorporated some straight-forward feedback we've received from Richard Lian (CAT), plus MS-Style headers, and some of our best practices for more readable sentences.
---
 .../updatemanagedvsupdateunmanageddevices.md  | 36 ++++++++++---------
 1 file changed, 19 insertions(+), 17 deletions(-)

diff --git a/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md b/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md
index 9bc4dee63b..42bf6847bb 100644
--- a/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md
+++ b/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md
@@ -1,49 +1,51 @@
 
 
-# Managing Windows Updates: IT Managed vs. Unmanaged Devices
+# Managing Windows updates: IT managed vs. unmanaged devices
 
-For IT administrators, understanding the differences between managed and unmanaged devices is crucial for effective Windows update management. This article provides clarity on the terminology and practices involved in managing Windows updates for both types of devices.
+As an IT administrator, understanding the differences between managed and unmanaged devices is crucial for effective Windows update management. This article provides clarity on the terminology and practices involved in managing Windows updates for both types of devices.
 
-## What are Update-Managed Windows Devices?
+## What are update-managed Windows devices?
 
-Update-managed devices are those where an IT administrator or organization controls Windows updates through a management tool (such as Microsoft Intune) or by directly setting policies (for example, Group Policy (GPO), Configuration Service Provider (CSP) policy, or Graph).
+Update-managed devices are those where an IT administrator or organization controls Windows updates through a management tool (such as Microsoft Intune) or by directly setting policies. This includes group policy (GPO), Configuration Service Provider (CSP) policy, or Microsoft Graph.
 
-**Note:** This is true even if you directly set registry keys, although this is not recommended as registry keys can be easily overwritten.
+> [!NOTE]
+> This is true even if you directly set registry keys. However, we don't recommended doing this because registry keys can be easily overwritten.
 
 Managed devices can include desktops, laptops, tablets, servers, and manufacturing equipment. These devices are secured and configured according to your organization's standards and policies.
 
-### IT-Managed: Windows Update Offering
+### IT-managed: Windows update offering
 
 Devices are considered Windows update-managed if you manage the update offering in the following ways:
 
-- Configuring policies to manage which updates are offered to the specific device.
-- Setting when your organization should receive feature, quality, and driver updates, among others.
-- Using Group Policy (GP), Cloud Solution Provider (CSP), or Graph to configure these offerings.
+- You configure policies to manage which updates are offered to the specific device.
+- You set when your organization should receive feature, quality, and driver updates, among others.
+- You use [Group Policy (GPO)](https://learn.microsoft.com/windows/deployment/update/waas-wufb-group-policy), [Cloud Solution Provider (CSP)](https://learn.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowupdateservice), or [Microsoft Graph](https://learn.microsoft.com/windows/deployment/update/deployment-service-overview) to configure these offerings.
 
-### IT-Managed: Windows Update Experience
+### IT-managed: Windows update experience
 
-Devices are considered Windows update-managed if you use policies (GP, CSP, or Graph) to manage device behavior when taking Windows updates.
+Devices are considered Windows update-managed if you use policies (GP, CSP, or Microsoft Graph) to manage device behavior when taking Windows updates.
 
 Examples of controllable device behavior include active hours, update grace periods and deadlines, update notifications, update scheduling, and more. Consult the complete list at [Update Policy CSP - Windows Client Management](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update).
 
-## Examples of Update-Managed Windows Devices
+## Examples of update-managed Windows devices
 
 Here are a few examples of update-managed devices:
 
 - **Company-owned devices:** Devices provisioned by your IT department with corporate credentials, configurations, and policies.
-- **Employee-owned devices in BYOD programs:** Personally owned devices enrolled in the company's device management system to securely access corporate resources.
-- **Devices managed through Windows Autopilot:** Devices set up and preconfigured to be business-ready right out of the box.
+- **Employee-owned devices in BYOD programs:** Personally owned devices that are enrolled in the company's device management system to securely access corporate resources.
+- **Devices provisioned through Windows Autopilot:** Devices that are set up and preconfigured to be business-ready right out of the box.
 - **Mandated security settings:** Devices with health requirements such as device encryption, PIN or strong password, specific inactivity timeout periods, and up-to-date operating systems.
 - **Intune-enrolled devices:** Devices enrolled in Microsoft Intune for network access and enforced security policies.
 - **Third-party managed devices:** Devices enrolled in third-party management tools with configured Windows update policies via GPO, CSP, or registry key.
 
-## What are Update-Unmanaged Windows Devices?
+## What are update-unmanaged Windows devices?
 
 Unlike update-managed devices, unmanaged devices are not controlled through policies, management tools, or software. These devices aren't enrolled in tools like Microsoft Intune or Configuration Manager. If you only configure the Settings page to control overall device behavior when taking updates, it is considered an unmanaged device.
 
-**Note:** The term "Microsoft managed devices" used to refer to what we now call "update unmanaged Windows devices." Based on feedback, we have updated our terminology for clarity.
+> [!Note]
+> The term "Microsoft managed devices" used to refer to what we now call "update unmanaged Windows devices." Based on feedback, we have updated our terminology for clarity.
 
-## Examples of Update-Unmanaged Windows Devices
+## Examples of update-unmanaged Windows devices
 
 Examples of update-unmanaged devices include:
 

From e328c914d7a90c4e734bd7f097b80c0add073075 Mon Sep 17 00:00:00 2001
From: Aditi Srivastava <133841950+aditisrivastava07@users.noreply.github.com>
Date: Tue, 25 Jun 2024 17:15:06 +0530
Subject: [PATCH 15/24] Pencil edit

---
 .../hello-for-business/deploy/hybrid-cert-trust-pki.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md
index 64fe6ba400..ff9434bc73 100644
--- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md
+++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md
@@ -1,5 +1,5 @@
 ---
-title: Configure and validate the PKI in an hybrid certificate trust model
+title: Configure and validate the PKI in a hybrid certificate trust model
 description: Configure and validate the Public Key Infrastructure when deploying Windows Hello for Business in a hybrid certificate trust model.
 ms.date: 06/23/2024
 ms.topic: tutorial

From f28eeac168e39d13a6801e6c2b72704c9d2b59ec Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Tue, 25 Jun 2024 12:23:06 -0400
Subject: [PATCH 16/24] [BitLocker] Recovery screen and MSA hint

---
 ...tlocker-recovery-screen-msa-backup-24h2.png | Bin 0 -> 105432 bytes
 .../bitlocker/preboot-recovery-screen.md       |  10 ++++++++++
 2 files changed, 10 insertions(+)
 create mode 100644 windows/security/operating-system-security/data-protection/bitlocker/images/bitlocker-recovery-screen-msa-backup-24h2.png

diff --git a/windows/security/operating-system-security/data-protection/bitlocker/images/bitlocker-recovery-screen-msa-backup-24h2.png b/windows/security/operating-system-security/data-protection/bitlocker/images/bitlocker-recovery-screen-msa-backup-24h2.png
new file mode 100644
index 0000000000000000000000000000000000000000..415996c485eaff27b708dd28cde5e50c5442755e
GIT binary patch
literal 105432
zcmeFZcT`h(8wQAqA{KB!R760>f}((e5PAg1Mpb$*A|N#ssUZX_GZql(1PG{f2nd88
zf--`X5CuaZfkX@tAcW9DNl3Cc&V1kQ-+T7#IlJe(=Wx8a$-Vbi-ugW6>tDAmZtUN4
zbdQLL$o^Y5|F9Af5lave5v|$13%GLhqWv21k9f#U$8Zsmz0$(JZ6Z0jM}Ujl!mVx?
zi=YOM%>o}peT~eGL_|I$@7?m;DY6X_bn6czo9J!xJoidhLY`Wz#o3#Es-M#?&Yk+C
z`ZQO<Pw(cDS*wv0?RsM~`@I(H=az1yXZ}q1F1Gyj(PN1@vF+pXpQQhMRwAM@@z(9n
zj+qBU@%4t|A!<(#nuQj5xL$l@Wpq&P^o;R?i;aQfkDSNYc>$8pg=V4vy@s8|mrSZd
zS?J;1@Ryh9k<(H9F71k(4iIb05^lw_B;?N}5AYi?YSrcK`V0iYk$|)TCLla6P%;Vd
zS?^lN8lM)zp2BWLVPk%(@v*6G%*s39%Ewe`U+OpLXx?`Be}139UY>%)7B0Hm`wIH3
zu`%;%@f!2CS9kn?@VSBqzP7w?f~$*r|M_jroz+J_;G3BOB7_fyFA*Qd>s}P$PX`IG
zf+$z^zd!2eTA9jB-kSbP&<DQ{hh7ue!jbuFS6J0>`)&U|CWXg_C<wsR!L6=QoEj$`
z`{_S}G5<k@tx$=wtaByG3D`|Ij|?Zicr5v!$ptF7^VI|sAj_@KCpYoBz`L1(Sp*>y
zzDk`2pa19SB3j966#}aup1UdscM`tjo>81&$elLX_|GIZb8UIIB7V;6aRrXvOe&UF
zASJTnpL+u>Ol>=S;VV=@3EWv6{_l9Ts%^FjfHkkHs2kve|2vjo_=7d9LF?h2?oR)i
zSToGgH6oHFV3z$mmXXN;&h#kT<?Fwn1A{U1>+?c61&#!Z1OIvPgC`<FaRiQnlcF8J
zPDDiHPlyQR7dU2iZ@c)<*_9i+6aIahuCd6ze=dIgZM(-mX9-FFd*uJt@_#}EXv6=s
z=l?HegKi^|8^&vw?`w}=KzqsjvUD9jfN{JZJu}^x0aN+cOlnDQyLh3Q&83#3nl`rl
z$;06lkE`Wnw*Ik~HM6@D96?Yuikm_7N`4t7d_Gm0P3^XfbCcJJY|~w(C=nPK@Jh={
z3(F?TB`P!`mZ~}v#F#WTgdR#3%q;t_Ck2(X^LsQPwrUFe((S*7k#I+}qq0Jt+&Hks
z30RAJ$JZ-dOjX0U8$`|AS3AOgn{y31PP}<-F?MGMxgoc8-oZNkUz<(Kb^UlIvtYFy
zp<0%YrI*h=f6-`PH_|Y5{yesku=3kK_B>E^yNB*cqeVQ6;}+4`o=2#cXxrjHXW?3Q
zg*>7G@BP;s)eNU;*A}`w;KCI)SInN~qC=(E+^BnF*Ck3fa4ny1fORerR&mK&KgZ`P
zFh8^c1i|Dmi-;dZlI6e(<!$i9VNp!&Y6)a@^D2Xo;)S#W$8DhhbyLG{M6%4MHvYm_
zT#cyV-je@%W_LUX#i}Z8f|VZL?#}HvZ(SuGC(wY{*OA8e!s`_O8G22=**08pB(Ta6
zU!jvDOWxG#^H0_-z%rNrotn>f4=s$%PU>16$j*lAR!3+2v$Z0*w?sQ07%M+?*WPON
zruNnM|8qmgncqZ)WD_ae=uslMA>Y|@=l*}b@ZGcRV&2k(lG48sfOe|*e|_Z7+&#J%
z0(R7C+q<-3NEk0?G?X4gXi%Yl9|}BtBT2qG2^RPE*XHYC1a9YBW4U#WjqZA?BTh_h
zcwa3{cde&q?#nkz1`LX6bVqz^sG_eXEw#<%7`U_0F~yqHusL5H)G_xY=EzZ-4qx{*
zcMiLV4{p?rUtZB1=WEL%*$yM^XiDSDZbweM140q}joS~-tt>&n=`%~V;OSb$#{<o^
zYA=EX_2V*!k?`_l1WkqfMN^Z$;bVY2^WhE$JKuNRkS?5R!mC>%X1?<a<24Z7um{Tr
z)C;>SBwb*0j3>wJDJz2=#OVmy@F5CxX(vG}nTJTJZk|~axCHGICrCXRtBIo5hM-lt
zUEcHZ<7RntpF6Sc>92n;{Gvh?*hK`e@TIVFCfQMtzBv7q!q?}#h_W}(ZZ2%Zi9slJ
z^HA~M;Twz9bG)p-Pj!z3t_a0ub3`h~5Jp_jfDMmZVsw_;>)o;Uap8Vno3nW>w3ZiQ
z3*^%9W)&l<iak7F-T}XMH(yKfG~J~kC0<sqJ#$i9ahBN^UM*iyY|8=BA_pUee07jv
z7ZMfuE8bLYA4TWGmy69XSUb}f@|~;m7kXa6SZ9_hv~1Q|yIVpBimDZPpP?n~?SRI9
zr(a3oH?N`uaP(O}guUX%$6D4@+w$vQ5*26$D3KRj?R{YE#3D=CCsU5UPKmxH&$kdz
zst7QUtJOGZueFq@V)W)?|2tA)W(T(#CfVXmR+y;3XRiaT9)F^W{vrPM%zpTdojLCs
z5MZXqeK%P#p;3^LbO=1?$B@e~=Enp+(Xw==N9TOxPqN0H#GViB>R8FQ+|=+pkh6rG
zn-C>mqhL!#v<v+;ws3s2qx|6da8=2BW=Feja0+Ba=-SK2KfWccJ-?2;29uZJ3++qC
zv(qBQ(rc>bJksiz^0PSCOa#wzEPnIr#Zw@DGIHyuO+hx%JBQRDC93qbg$s!vhw=^+
zD!X>3Y|eYZwJ${??W`N3Sg)wAYnUgu%eL}PUARS{K88n(e*J2Iykp$p*_~<9QP2Hd
zIjjymwChg5ECtc77qx-#ifaQ6Cq6}$jVXYN4}F`~NqU)ghwh@`krx$b2{pXthFCjV
z&uZqcb#Klb*!U5Eb&afQpB}8XUtc#2&kyLF<!ubfkdON2@RQeA*$$IBAkz&wZ~q1F
zAaZNc1!a+eOIn+}U*<&)0T`ER37nHmre*sUzuZ<yK6>`?Tt(G^Qy>Py$j12ftxt)s
z?%&=SFqtLMwi@qx2UHm(ZRmovks+oXzuUc&>YTGZhEw3{aP|#e_bY>8gMCFV5!J`B
z%?_)0x~zS`>{_}!0ijSOCZ*=|H<!U{k8;74rN;*vqzcCGh}|wpR$(HE6u~^1pl`L!
zjnq~jfnBavT=qr~=Qq3lPRG4S^T(^pK<@3+w@-dtln`gCc6_|KYJux{9UY_WM4oUL
z7`%Y2tgT{jye|=xpF0)z2h!$E4cgZia?7pYW1DG)hL=xi_d{!OYfE(QW`F335P?Ix
zw#+H|k=ib1+rztS-lW8YT1h-LobWu-fx(Bgc%3s#8dOwk+vLVFsb91-iotRr@~{u<
zE#3qICNzbX1#-d1d`DFdZ2n3Q0$l(@iZ+sY-mHW9GOJCNQf-_n<}QnDAnhU)?M#jP
zBR3F>$4`7Jpaq+T3`$y3oO603p|m=D#g5N@6_d}N+KwUveO)#j*3L=Q!x|DyI*qtl
z{=JT!)SHV#62G(H)65iRzL({JR50_vr6GtSCovgX`1J<iLamy&nbPjQgTqX(bGC^A
zDoj^psiA==Fq`p^8#*~sa`JJxjWdWG_vQm7aK+|0=;};;jKb@z;<;KggR#qVStRb8
zkc;rJ_<eg)$kPVMLAsc`-ldTK^aC3tF*n(xy2H$<nZ`bn3N4T#(qwQglyq;bIg<}*
z=)BBB##?-jTxkKD3P4kZ&z56mxnu=rouIAK@P!|R@7NLVWl`=+OlHK4VY2g47=hZD
z{L49bc<Hr1GFJxmSz`$MLQG~F6lDHFxQbswm_RM0_^NQ~UmO^7QDvfwZ{S{0{7s@l
zYH+enI>~~JcdQ5>)HG7kJbN3VwPk)JGT{8ZTN@hYtzh-zO|hkiL-yy?MoBfg!0zzY
z>$__YNv#!O`W&)OKe31&t;|tDYMLW__ce5HT-{MlPb?#jw)<_SO^B0yb&6N<rzGt!
zpErB)GS3lTvZl2%8uQgF&8A$dNEbdF>QtHgc4KCQh#wO8RUG5$^Qd;kHL6}7B>vfn
zSZm|i81(rH5UtZ(=pI6fe-o)IJf(kR&6k)I6fuM7m|X0HQ(C{Zx5b`+cuN_tWpx{!
zy>HJmDdYFg!|cRwl8lC7n2`H}HS~dP+y`VYI9AoR<ne{yw{X5`HRzj1);}SJ#0cU(
zB*x!9u|NDYOD<FYl(b2^&EWe|b7tc#5sekzD~@$9*=C#M%1Cpv>m`r85hL};96P;0
zDs`_ud8kh5?>wcirXr;LHEr?{!Y*9-)>~I^-B(7|2a{vJdc9i}EW_q3tMXu$XkO(Z
zc@#ZrVVPQ|$d&(<tRoUcvi46A#83(xI+nj=3rxwRXWFJ!TuLgZbSuwwdrIWRv;$$k
zfjH9J8+W|9W!z(Q!u(UY>Qn4D35s;7xpS!Ny)EB8<YK?!XDTM2sio+2qA5w)R<Kfe
zHTFh@Q@z=&{)_s}hj#FBosTyCOphv?0@SqTe7jtxy<FxjiO!xhWmRjdb)!G_7KCxW
z*56O;rVYDOck`%`oLnx`g+5jg0?SCe^4u!jrC-k$B;17>EzyoZfANP_DXZR}^+^wJ
zk|Kr=)T(%1*E^nlD(zUkrJVQNH=FO?E%Py*RQ)d@xFV{<8YU+BQhGA31D3z1<CQ)k
zKyN1hdqJZ7w86kyv-&MWW66d1<texep$5hptRFQWLUkLMw1T_PM#B|BSpIX_t3M*6
z^_Aa`o#lc1f8RbF*<{#v^>|8ye*;rr(p5MrkpNSX{^AU|@8VYR@x=8x<q0TcE0||c
zTo?ALd-N09lT`Te)V3af)=*_FwQMU0W#C#4D%rmX#4~7bX3d|ow$>@pGm3`6LB1T3
z`zI~gPSp{*UIz#gvKoXnV^W)KM03R@Lz22oICtV9L4sTjd7A%Xf$DeOQVczM!M0<_
z;!fLd9C+3>+c6~<2v~GbLZI{w#WyGailY&afsHOQ`>Zo#8T_4ohMVHmE!GYKHPva|
z|J2Nbw%c9GHcEf^BHu@+@H!NRyHj`%iqx{28pVLzYF{scP@{EioTxiP6$&~nZB<dM
zT*H^7FV>g=4MTF_@QcI}_kft!Ya0|G`qPY4w0riUA}B|B)DhGE`&W#|B!es&F{az8
z+cA`XRjyEw7y~mRjvGlnJaran$2E|Px&CYUJeo(R&pxqL$ECd&zif3Y^V|c3Emm9t
z*~G(_BlTD8B7RIsDqkm$0|u|E7yl#@7j!!9*rDNhh`D3S9c8>iTMWK-5%mPiT=cbq
zVln#11H>BZ{MV^TD<#!@=kM*6&tkf+>g{&@-YGHkWPus)&P<exWQ{faJdu1@LV$9r
zU+t48eC}(|<FJw6>9@-s;nQZyzUE!tjf)WEbUi+ms(-fj*ZLYphyN&A&qSMlV*70$
zTf3_L-x-{i=?HXcc8nKB>Oi>IHwS33o7R-~Sk%yIjp}nTXPSTN^^xy8JY~0$w)K?W
zu9Y`wB-Xn~X8XsbOh7(;m|n$~k(_PF@R7Zra(uG+5$LXuzxTI5m{-(;+MNoAfuP#1
zbFFZkRjt<avz__LPN1k08~2$V_FK~aBT=;CSfn>>@#k|H&xIMW9a_c$$+{WXxd~1g
z&v6e?iIA@zcM`w**IHM;-=1X=y<D_jag`NsWhofjcTAxr#xjDrqq@>$<eLn$;4WGj
zoQ!m#h`lS{LEg3)YoC953j;))nK0G@c9Y#d0ok|b&;0fPcl2&?Xa?M1yvT6d#Pwl`
zCZ&jpgyV5{f+!NBiRjJe7uQDS?44MF27w=(=+=gfj^E_S4RPL+Y>-SVE}ZcUqsJ&K
zRBHC2w*?-xpJ)*-FyV-pI1v$q2!Xvx+;8PL9yj8B()^>OaNuUwf#`g47bhs02b14^
zxcM9$rgr<H%xVa3wvIOPa)P9-*kD}ZDHA5HMxN-2wR<PA4~~qjb4!g?INU%o=r#z(
zeMg6FO@i&^Mk}}Z0Md}G1*zWOdPuS)4jo}A58jMHI|0^}4(Zw~<@e&Ps+@{_ERgqL
zi=i?lOus6n?6=V;R|QV7wK5`>M^To}j=vJ5K>gx`Vr!{W^~5{5J|=hUEcG7Tw=c`*
z@YAeIPz^wEV4_V3K@8b92Dka<+iAR1ArZ>tf>elW2U(!{Vnv0?3>G|Kl$dG;XfPM+
z@JbA#UiDyQ-4oT^8u`*4u`yhc*~q*cAodGGm3zF$LzfOjga)?ehsqXBuI2a@WM2c4
z8e4>TiTbO#w^x6>#1nEPqDdW)lgRVp=tJv{6~t+|nEg|)rhgQg?cn8Er+22h)FFr)
zjwNRer8(fCD<JaR07DfOzp)r_)g38&BFB2s(&|5x17dqRd!1kN6RI~rb&}UP@!HXn
zSyp^lcCxBi(QvCG)@jLS_tp;_bPju1cDtg^n)~%#8UcPP<yO9$_;%Rvo`WDOM0If_
zVt+-uyIS+1WBRM)x#8=!tkN=WHMP;}^C~`7Tbc`&>A*!~OD`ntA+qjQRp{UH))ek}
z%~IC(oB>&zs`>zW!}E`%iQ9Umt|~)jF)cyzCBf#}=?9uzzhxeXepBY37{AanwapBg
z<93KOG)(FOB(2B^5^!lMhU@u)Fy;e22G^Q+tibduxM4mH$K^vVaAOD0JqO(tR5wVW
z4vPz<QId6k_WBE7>%kLGnAk^@xNCp@&#`eQ=yLS=mpT~m`5jv}A=M>M&NlMqU&#b%
zTJGNRWN3p(q;A($&kDgX?c*b%9o!{ZQaLg$%IFxld)s^Iz4eI_EA%GGYzOSx$(I+F
z6M8i><1tI^Jtb!;yLniJGy93_>+N9E|4evy!fdY5iN7xsihXk;qidtC%+&5?D$k1=
z5}t4$d{$--U9Pn(6LquM9T#}*NCZmxhppC(XChi+8`W>;+kg*}%%C$5++GD~mE1}`
zd7}goiIumJXgP$g-Z><cFb>>c(uv$g$<WLolZYQ~ov#qWHwmw9h?vpqul~6am|6*H
zRUj3bI-U&sM)Dje6=~wt-5L6bD!OxGvHnCv`E&bS<8=GV{Q4*;a|lCiFK{xI)nmd&
z&?Yj?*B*_aN2dA1F|j~&O1PXKx5@K%2N6XL*_aATID`bOwy~f(b1j0OVMiXY{=bNr
z?`NA%OhM3~-%b1<eh8nlZ%n?QZ^w*0C)*s;s&F1ss!raQkZEbq;#9bL;n~v;VV2gB
zD0w|*VsZJlPrl~U?Ebxp@Wy!tFJLRgNDy1Ee?<P^163y|BFZf)6n!5ja*0$()AmD5
zcPg^crAr>yP$zK=?gi_E)ltBJ9w#QLwhlB_Yp&SX{i9~dB3T2?Q*$peVB->_4k!s%
zzGuwq!OB|aCz0sUCc~Je#T)01XPt+SpF-Fe|ELrnqjZ<BI24-`i@oO{YNh9w91QSi
z<?GT;D0b)0$HVtrnepJS<tW!x2h*qUl@rPO$1nAv*T1>9waznq*l_OAi+u+_1MZP{
z6}2KJ$y@tQoUQPgfzl(WI&A8Y-Tyf%iyrg&HQjPX=t(F!quK`1^Dxuy+1184!CU{|
zq}0t@8}8{<{%Lb7_<hJ_ne;Nzd?ir}v=`Kbq<7S4-wRObPhL_0u>nUWWQDR`W!hBu
zeRb&jKJ{XdU-`J2*8sq2V8}@8ip>>r?)CWLf49p>QsEE1He^xlQK4##H~{F;b>l8Q
zr=gtb>uaTD&kj#*^h^cpgES})JW*vvL~%ViTir_=$*S&a5!*L!JwohIgVp?A>Uhrs
za2F3D(0NuS3_=1FH#<AD4UQ+4U%PGIW~HEdzcEIcQsUYflXZ&}_to&!OK04<jyl{8
zq`RAIYpIw4Ns{vZ(S!VRPY^+=E9V$8jaPde!EnGL$M$Hp$1u&C6o{6a2@=9V)+~u9
zjILVAXZ&cCmpG%}#x3h4INh%nLwtSf`d8bxao%^tjtWP*_~k(*oTlE8Me4J?;>x?s
zo%JBQ+h%6nq|4tkGaz2e2R3>rmm0e9SAmrNJ43v2D))<FjTNcQbw5HgmoCeYwO^;K
zj{nt7FNnuO>EaK&Uon;3W8t44E3A({=y5r*SO6IFS1T6?&DUDDYfeOmS5adA(R#O>
zk1>v3F~6k~gv0IV`d!3lsP`2^RI-}CD%Llwc3}a&R;AgRl2=~4)^JGk>9SJ~zwx}N
z^j$C<Z%bfvBW;FmzFuB+<=Q=Q99ru+i8)>-?=Yp|4*M}z)|vA%bAAYQ{W#{V_&eY^
zOm8aU@)i6@Gq=pWI-0ctZuc*~ltwe-j`=Ci7S3r25Zi(bI~|hSlvtRE=Mm*~lFW$r
zC%4_zyDeX$FS@b{KccwNsJQy)la6)D#(3F4ndd{_PlT9~aR~nA>xfu{<ePrIYfIN>
z1nlK|jKUl}D9z`;^Qs-O($2Ep-f|}_HJ+TYL_mw{3<FvBm^Ne=DBJF`^;NLFWlUVl
zpqf#aioJXNTmJ`XqI+LtDQL+g04VVNN&HYdj&>6Pez4*lQIK_IjU9XRTj~xfa`8ic
zZ-ZOo%9uB}59)ru%1Gz0dTYI#<^n9ILvqe=0O>gtr}Ul#_k;V7+eofg4XhS-l2p0*
z=tqfY$5Znr-VgLPOfP1JrZqs97FqV9QJ+!r<he+^wqK*(WA6(M<Tiuh8|av_+}skJ
z#?xqp=l2s!N8`KZn^vmES*iLiDa3pFJ}z44pJ@y%JL(_@wOGgW3>SGi>r&AYx(ghm
zKYb~vLnj!7jNb2obul>izyH<lPb?RR2|2%Ab-?{!>vs%57t*G2GmewHBFpEbDl5@8
zcH>rw+e$1eM8!8#c|EVzeO_NO7ioji@0QysH8&%FoFsYPThp7knMOM|cdi;w)xEg;
zR>GUt0mB}JqIQm^O$I7q#<g2L?e*L?`J+`&je;^^S*JwZ9<&mx!MfUizk}G4wniQV
z<*)oM`CNa)K2xPN^78r#`W1~a`9?|FWEKkcBmJSIU0T3!J>3Qcf3XKn1CoAB{N})O
zzpBGJ|Lpbab1mx<Sqkx#e?2DcfXI-z_^_3qbMQ=cVyp?Vn;-w9rJ~i|lQcm{i!{5a
z8MudbE4idHSr6ioy6(;$vY+$t|GL^F?sX<6`ncz+@2iWxn*DOym7c`Z95%!aE%4A8
zR9hVA;f;*p3iA<d2*OvHb@gibw;Q)K=ThEPf45flZJ{;XQuN6>v#2I%cQ02W$JJvn
zT)8_>Oy8$$LGd(k2#D>2KewyIKL7dZs~|vyn-$=x=i>gyzpnPu?u5~_uuenI?hoMH
z(vm&nXF=n2ibVb@YtEl=hvA31@pQR<uuB-s>n1d}=Nrdx|7I~Q{k9f9af?KU#H&!v
zt8(YJzw`{dAf9AZ6djko<3|=?a1rT|iib@0zqz7B^VcL{80y8n^-T=IwCuZVjE4%o
zF;GMDep=b<5}lITDi^4AS*sJ>Mq$oxS4V~BwNL{ldxA=w;AV#n$j`X$MG#A_{cHXi
ztV#%Ft<l}C<J0Mm9^DjNFD5FsFk<^-+>x(S+CVmASFM**-ZXu%)cZN9QjS!u>dbqs
zX(HFSu0+OnZo82b?}Xt~6tyC1QoQ;?-J(BccoY8A=`xdd>9Q%#cddwIwO~xW{Ouua
zAUqWvxDp8Broiso7ow&&wdP0aFvp;W2g*W$%%ZxXQg3`8apib|>@ROwpeN+iegCx4
z7HXdbEU$O2Usq_?L>_dH0uZt96SMH~v{~e@NF(?+fRxWYL1LKt?!PbmO@Z^TyAuHL
z*`WayS`Ke*%hwQokz4l97tYoE;o52>l<BZjc=<sxz~vXv)Y&Tw^7K3oXGBR!$U{{L
zze`vUKK;QMU?5ew9KgLg|01WxPXQFxOid*ZdiA7;9q$+TF@8pPtyIYIM7gc!c~h<b
zy&h??Q{)QWC3I<R?k}=hbwiNB`uFvuV|pmgVc{!uEr7CsnjZQ14Lo#Wp@h9U@S*WA
ze_^COVl-g6jvT*s{hv`HfKhs+nx?ZTFVv23R%lA?rJYnSWNzuNaRy5Z$2n5CZdkSu
zKW9FnCcK(^LO5ZBi!o(fZ=j+fh$$FSmB9jxOq1^7GMA12b*DzRBejhQ!Bz@C0msPd
z0P3GJkr~ndl`;I^s^1tWOBiU5rzXukgX#T}rF@~V$$fhaVwFV(Qmue^VPX!DvvO4-
z#TCIar!sjkH*^rAnH|bsoFM9kw()2ryKzB38DRIiD^R-9UFU?G@>ONK$FR-z*SyU5
zptnQ?Aj4$;L@3&tLAuwf2!LReN?_J+?UVyf8;M@%3aKO^-!sRcEJ?e6r+Z~4feIrz
zixn6e!uAoN8~z}s8fI7>44r?~lBbn(?d8xh-$#=#p9*D8?WUpQFHx^NwC!SmKRF}3
zA~Co<@GY@;&_rZkpq;pu^oGImi>Qhl@Flm;CPWt5QLN{~I{C1T+A%(iaIG~m-yWPM
zt>Z)c^%MtlVBF@$DR-=XYsf)0MMGUj(WAkCLxy?JG<p{D$aCf2Y+{4E!Xv6s8Zlq!
z&tPyT@Z!*v-+OmBE47Hm9jxCHPQRmETBI&`SnuHGrYp5V>r=d0K-~f;_m-+lj`{|`
z`c>f0e2hS8h<n>}b;E@zL;Ctw?Ocog*9S~X_kU`9hCcxoq~<ocVHH{3>ohHVsz^<S
zP)~jx@}7I{>v{rkEIS90q6w;_{Ph3wz0}?%j$g)%+vxd=!}1Fx$67>8Y&t{XNWCF0
z{SN7z?Oy;beJMf@oh-=nLJlMA?)$xS1vE|o9Wl%x&X2TvPt(r9z8%v`UAq<D@6GKt
zw18HQA1!{N&A*9s8{xims9Nzs7pc_xFac0zIB03$8!aH#O~qtI`)+=CWsF4CaEz{h
ztGA2lT-*Kl;0qjG>=)_@2F#+0z`80Nwg*j0q^`^b3%SAmip#VGV0kBDNE+d={1wQf
z<rd5xTbGsa?Y5YW=^K6Rf>mJg*48LPs~^1tKBGjyA6fDE#p4*cIbrxofvP!tupG?<
zc6OnoqYQ&>j2Ac)<cY2>iP$O3CSSX5A?h0?IE5%=g3C{OZO^G+$-}Hm>hghD6&t&{
z8RZN3@p(3NKR412z6p?!1#?M^c54<Sh1Iy@<uOw?jhSeLS@vguN|bBHJ-OAmN&(Mk
z{CwJpttNZF_9QEyd2MR|67D8gFN)%UyvWKh-UG}oM$bdWyMfrPYQvBS80uc74Iwjv
z4C2<mEL5k&FZVkW9%h0|yMXw`VIa#b?d6MkudN!8gao?Fh_ghIQ!8^PM$TZ889cxI
z%p%u11x7lUKQ$76b7W&~2lxm{GH7ar-2HV7Yee5FU8!jE9nn0auCOql2b$$pj*<<j
z0-7~e0c!CFH|NcVK|bYLqkvw>Qq)ovV_yrGlg*Tk;)OPkHHAkEddc~GM~A)%xFyS-
z;;=WEnUeY?Z)5oBEWpGIY!qn)3>W7WUG<q*Bo!np_BdW~t^0MvFE#mLb^-|7l_zc+
z7Xm5HZCLCwvSI~59a^U5AOui{5WKV-vjK?ck`jKaXgTxtY&0u;S5QgY+Gh~l9de%B
z<Vi&igYmwu0Lg!HN6}cW<)68D?ZLf!tftl{p4dLGn~zGla(r8N0Sr$SzgWxa{8Y5e
zk1ky23o%PRYg`XsAq+tXRhTsjH;=L;SY?&Rq+e7c-;!gxm3v%}O1lSN;nlNK)v)gJ
zvuJY;j5rX)hDtY;1SRgw6kkyke4Ao_0D(`Mv`%UUiSJlxuVsoVmt9t&sh*%{LfhRS
z;Ob_<Xrm<t^w5h0hDGrxd0tlujLhwwK)M(?(d|AN-oU10(r#Y)zOPE%Vog;Z--N%_
zI*FDASIF?s=m#dR2ZFj^8wMmX>p$};@$_h6ErzbPs-*U0#L((hh3hj|7R_I(ELw$|
zU871n%S-#<a<BjL>4g4>!g+U;{SEMD35OAulpbJ~<n7`ez7mIzZ^Reg$qCY**VQnK
zdHpWt)lJ1T@RY6w^YQQAZS<xgcRz$WWu=)}6W)TS*u$^uAWgxUk!tk8%iI>)7T7St
z!hCQ|ES4U^IUfX46`{aqiF4RGBy+KG70S)Yp!I!7^N4;UmLycv1e_%R>!-<$62~^!
z)-n+D=FL3i$|v?^<=lzR>O9V<<<UZyvOv>P^*BA}IggVdf-t?ce{y0pQru9=EvcoM
zQu!4zT+emAhwU{NL~3VVEK)=TRwNgWT3j<`JlP}e&Po4N^0?Bb>vXhQ;e9ud<x@v_
z?X^eGMSF0}%SEs1s*ag%9~Q0XOPVd>Um6FXWWtL?IQI7o=T8KaPSH+r$^4gbYF;H(
z$9zBiU4Kn4p@*J+#h@@cp0e+V^t8p%@?!b7t}t!Z(&1TRxo*I@4VGf}JHl+cUi8d;
z`S>&XCNuiV^$4v~d4ITu!o9!;<u6AfCRjBASH%Awgy4Dy{XQ|J9$Dz3l2<>Chq-0U
z37!;oqV`S|zV__S=3@ofjSS+cvkHgbt|@wq=!Bn+99{RZT{uO|mQroNkI%z(l$N8E
zV@jH@zlWJ@kiiRh`!=6pk*5Bc*Z2i7hEfJI3czI}d=1+1N4YV6>-x99>6e^IiSO0M
z{9?P4b%@I$CZpJ5_2ESMzISA51@|~NYvn=ybH86^G+ev&QN)|)J$K+z`ukHo&J3+e
z?3G^NBS4vMAjne(xGs^4gazC`?E?Oj`&Ln8-za@-49_LT?irAJy?@VRsp2s~zcU-I
zbWgUP6{Y$V%2V!5FAU5!*5z2&5Ae-yQIL@ehxljqnaC+k-t5pkyRR2&edlnQD8w|u
ziF9fkz5xHH&83D$*GHw19fN5sD(`zWLtsJHB+~$*nm{|{6?Xe+Xt;BX`&wah-nC=!
zlm>-}V-cU1!K*vQo!h}%;de=|ALQ1XyXLjA#|n+6<xL;bO8tU{x^?KwEmk_R;*F-@
zmq)A1eqXRZ4A-|U0KE!}_r8#{CvasY?7}<FNlA%)dQ^LB1J{i@LFd<izaM6Dyu!ZP
zjK53k&>)t1(&sL~QpI+MN!&a3Qde>?Bj$(K8-`O-71(_J0XLOc0@0vYryKes#cWA*
zZs#ZJv{r9~AIVU-v?5wc+b%Mu>6q8P-;p-fuhf-8l&u%KfC?IS-0vW=bkqBCh)uzp
zAbI`o$nvO>{aa&W?u^@Kr1re@FR8y{{CXZ>UNXg|#E+SN(Ng|?f7g-L;;i5X=0=a&
z^@ckd`;Jca6p5@pvvW@?$E&B$UpBd&nc(Yiz&6eA*^mOR2Bl-MCRut>)xv&LUVek;
zn2bGVG~QHD{v?u#E<u>wBuP~G+A7x%MRpp0Yb$=@Kr^PRKaKQj&AL3MN_MF7?+J@P
z?V$?OGU;*~)4hw7wn5#9@J%YjPykAIJ&Wy`TOI5=fA4gWzX8o_tVxAwIG}G`fNfgs
z=+Qh0NcY2}$Rb$XcKG)XX#u=8$!ottA|Zzsk&2jl$KU5Xq$Smx)Eep@Z-_gZWZpUK
zDc=U>^)^<@>)bRhAu73;hNmPQ<2~34$S7ZHZ;6P}OaD6m*-mr56n{kKP?CoKo(U^n
zMx@!)`q>zBPP+tJ&gh1?Yh7OGiQpk1xXKvb%a8k+Q1UW65}MX<?9flmimjaP=09nW
zSkFg>LA$Qo@0%qKotWK{1l5;BC>(me;H2AqrmP>v!+^iTOC%9pPsyX1HcYixS6Xqv
z+P?g0Xx8eDS)!-RWQAjues9xK+9k(gt^6}_7l`S1>dyDSHTz)L^Z0lw>Y>Z9LH_4c
zwzIOy-{NNqUrwkOD~)zLDn8%-OC%%%fN1V|Ri@s+sT190BGHV%Z6V^ykuEh6ez@-w
zVYGHZzRC``VW1O@poNc&QnOuIn0x9=Q(iP-FY2dzzxy<|+*~H5Ks<b>yjyLaeM44k
zD!O?8s;UcV?Q)Rgqi$fjb3ZVqL%EHLd(M8e;TApybjG?Eo%cs^DvGGYd`f4+f}Xvn
z8PA6HI*~hvSA&!v+HbE54Z1VHGva;S*GTTR+s?X%3K+999=oM5cy<t?laZVHm=iJ>
z?^-XJSgARlCKg+~KeVnmV&JdUp_O$P+vHa<=W|ysUV*zZ@JbSWD=neK1|l_&w+*ST
zcST{JY`sNT_N%w@iy+12FIgk#aPk*s8gYPg`=D?|YGQ;4LJ~5!?NPYh>3&Q^|IyOa
zvjhm@mUuw#YIjAD4brXY`{CJCAQrF8xi*W(TbO|&BUPW0yU*-ywhIpTzMrQ2LtQ>X
zFS-o?o9D3P6U5(>uzrJD(P8IA1|AG%ziBRe@;=q(OY+JFljny-0+nSShIBI*m6;&_
z-my@VCQQ^7k+|4i7Qwl$Rd&v@+y*7NcQFa+z+?P8jzkTzwLN`@(JJW^vfNoj%%dNJ
zk#)KFcm3pD&8m}8=3TURRY+IxJ>BJL?X2mRi;SyxgwyJnJ|Xh#lGJv2-X!u&EVJf7
zxXN}0;mr@$&~HPbAei=zQuSNMQ<cY*l(Oa?eCL}<H&s0|TaN|OqN=L|e$FQz@0@M?
zyWt_%zn8k-2i+bXRIvHrVmx@QQU|f;r`ZbP3h3kfDX$aE%lP`%(_`&u+fbcK(i?V)
zVbgNH`!MY!<418=>~BVk*Hc$6$c!<|SD&EE9w}(b#|#W1^|{0E5#<yej^lsR>}O{S
zgNpCxMLj3u&VIaCo)A9Ikbjc5=K@wgV4=g8oH45kJ-wChL;7xIU{E@q@wA*ual=G!
zyyI|*$qtrLDc#^I(b`d>XvpcboKuzg*Tp^RUfDp4=T=6(F2>Hb%|D%3ssCIP0(C%7
zy){>_3UQ9%CGJJJjqmFvEzVX$AuW?O2jc8lg5vC9%uA$S@jF%P^6CbgZS<y`x*hY_
z)c{lC#Dt{YsZ$Fk2Y#W`7rI7eE`CjU$75esJ64N=5aqd7v2)Fpwk`P-$GI2s;j7mi
z713s{`b!O&l*Xv%>r5yAI?svw%5d6ng{7rhK3=gQf8qBexScm<ta9DixbBW8yR!C7
z^rN;Xxx905F-1nA;(8~(ws=L~1bn&VjVdoB<YBkgP4On_Mf39do@|%w+@)w?j&;6?
zMv=qn;mDR~XxHee6CtEH68eR&ZPK~A9S1@4+#wFjXeh<^SemTpv?E+zC>=8j+b-_A
zW84@sEIZ!s7FXw<-2&fn3@)x~HLDer;M~R!#=Z?E@%tZ(3<Yy@45+071-o>6V}jXw
zPRJ|=rZ*?zI}+Oh<Wi1BR%<^Bsl#Ln+z-p_O{;%_dTF^kw?S5BduGs?(mYUB-_>n?
zMA2Ye{FhaHg$g16(rokvTcY3k^2N^VO3}BnnL|&IviQ?i)MznjXnm@QZLAJngFnQ2
zS9}t@D#`nh^WhiNb9;A!j@PS-++L@u)9;-bUxU)n<r~UI&c##XyKOtfGRkQSZ3{pB
z58?Q2p45RdigN=G$iupxC9w~pFdk)!uld3AzCgLJqG>v{)X#-(z>i6*QD<fpoC~^m
zp)#Ksl#IC}mfLCkL)7#1sa6_^^^(_ihnL==!gLY~rcw-RNnziL<&&c>u%Ts6ZhME!
zpzXthQ6+rnC(Yg$Vfo(j6L)AQy{aoCFm@(_;efmDx*Vf7+BNlOqK9kq?>$REm;3yx
zL>tZ&$<nYJKJd!Zy5@{W^y(%bx1kh_jk~uy7r{zicdI+p#a#c?5WYHOZT-fO|E@0)
zpfwIkS&T!67W_56-KEOUT!e=FaR9-K<Dg*YITfSGY^_L#&n|{hg8b_JV{1*bf7RjY
zZBKnU=gB+n{e0pWzDXH7ZP*{XwQ}<Z$z5&z(O;kDV%{TbcZFz(1}g@H?_ug)7yaq?
zn9gc0KU!qNrNpwaIi-q+ymOYKh30@9uTor`#IDqam{2A3h+()_tHjckz}M58aRB|a
zPd~GEoZlQboMX{Eo*QORr}mPu5*A!secct&tKBjMRGJF~E@8oX&!?6c_QQ(q_Gu-2
zo2^iJ{WaU%#GJ^CJ=OAu1FLr6g}D$=!1%FDj&Iq%8jr~jDE|;oX>I0zLSPxx0`O?H
zVIPA#)ScgYW~j@eh5F)+$rn+}GJhERq2fz@zSN=W3{f8;t*bkE6aId`RZ%W2+2*{D
z?)W@}+N(UU>g$&2F<XdGs{qrVg5cPn(NeXU=W6;Iq)mLtj!-RliF_@ytr5e#5xZ@w
zsQ_hDn{h6oduKTy<}vU0Xp<`&$y^p;-{+ieC*vRWaB<FHuq<M>J6Fsvxjt&NWYw!H
zkaX8YJ6d;aK`gIACQwp+HoAW^{fd52t(_GnpLdG@UDM#ERRcxB0R*R>wLvV7VL>|2
z%lVMsjuEn3^<8<UMdLux>fPBks(n?FO_8tJJ?t6rEscm+9s97n0cZ}f_?RVpKP$X~
zi;QXg<<VP!?4~9A-X7Xmjhl-2Y<mkkx8=<|K+fAd`d&QdVmT9gL+#HmB$PLd_<P|H
zkgq$iMe1|Hu!m0=^`OD9A_-3vKJEREB=E=na7>4%in6qHzZ;OtMrgnJF+FUj>Abx#
zUV9^W-1qT&-k|R+KAz3odEW4yEdNl9<!EHFPgMys$b8(n0e1gO1KFfh*Uy_Sv})P4
z8%agy!jaDJl)p#LQ1(4kEF*8y<|sfZe<x+l1{32t&~t0xg&)^5rB~=UA^YW%#aqKK
z;QW&9$vmLwK=~%Nn%L#-K5S(?nj6rG(rebjbB-J9WLlXc+aXBPm3Y2>*jP!)mV)5;
z4ITU52+!Y$XN02W5w6ETH1e34GPxh6{$No?-DwSA-t^+@(?&+dv(>>mC7k)m!-SM~
z-Ne(!|MXjf-U-_}tZII#<+mj8P+kTvhCbs<0LX-_a(Sr>3r!xT<H#wE-h*UXefK9P
zw$X<_X~<xx^W5C0C+~%<g8#{L^iLOfN3!E}WSYd`(wwSHBbY8OwDMV4(%(+WOLx(D
z^z?>fa(GP2poKUSL7c_K=?ll%5eOh)FVjtWYz`IQjd)Z3H}2HXHzm=w<^0TH=EGmc
zLc}4h?!3qmFN5JPu6xV)<{OCF_fN6Hn?)Wx6giTRVsbO*+?&=zZzwe^O9r;}P~a~t
zKV%x{*1Kpk{2n7L`xcC&%a9Nrzj3a2x-uX)MDEx9EkAPih#W<YuCV7SoCnGpf^-^N
z*Z|}~z&dgp_Y$x|HhONO2hZ?Q{<tQo$hZCFszqFZmJ*L_01Cyl0A|+O9lW{B%`4+$
zSjDCmymbKbv{?spGtmFE1<o7<u<Snl#`<BFFD7C2%LhxKS_x(q@tKEjbA?4Pbl4x{
z^&iw9-VS&B6`o(o%w-E3A^ZOAsz@+r{lDJ_I8f%XUw@sYCdB4PHc;@Noxo@kaHc!|
z*IoGkwYEy2v1Pb}Z5ikAOS(ivD*m^L|Lctf*uVcZ1^++S4gE8jKZ)f`2<o=`gbAZX
z6p4qe;xBv=I9$prVUg?wynzoi!u5K9XCt@^sHoB;<VIVp;2pd?ivl!?*)$3i1yKa)
zMt3(JRdCmy$EIR1I{5T?u3&nsu0pW60x#3bc@?i(mA?8d7U%;YkAHv#*ygdPo*e_r
zjlZY6kv0G?RT0xr_gl5S+$Krr06V%OEOrK*HTwLKm}G~?L<UYWP}IhELXS0<D2cTT
zy4M<&OXLdN?aUyo&xdUQcJ@7~ROkXJ-7oEZ!hx{%JALULHo97u(*wrI3{;i~DduX!
z#mB-vw~7G8jaL76qcZ>;ZIWfsKW-_HN`i&m{k*<%abQ87?8DEy6x_NFUWtsjccmj9
zsQ)SxHd{U<n}<a8tz&J+N!(O1lb=F&*ec-Q9wIgWiW^4dk;?&~vqCri=L`S3rk_8V
zn1+_<8GQ0F1Bza8qkSBhPN9KY+G2s4Uon2`30QtRUgtoJ2OXerkY%tiOw05j#74|5
z9)8uOdX2T|G)|owQD0c$o+S?b?lr&U=E1wkf>uXO{we_LxC=CTTBq)kDVsb8G9Wsy
zc@qb!?bO;g@9Z=?^Uxk><^l;DA^kOO-efzfUGYy0@3xHpw%6Ta;27yrv&;I>fH+x9
zCw>{32^-%hB8gcK)x<{*b*IK(f7Ao?!fAxHT2k2<|L#q=i`erR^MSvfyu=GO%I8SP
zc6D}iuU2>^&;c`Dya#@go8J&Sful<9vlD}<P0-~rUz?uLgJ!w)OF#%#Ddb6Yw=h0<
zP;4Rh8hfoc=E(7CJX@Jq?$goY7B)Z2sJGW?U_iN<ViL<CR^ojc5^nlicU;kNQ_1k=
z*{)wfOT`V5eO{Ai;N@{UJ1#aq(Ma)c!~LXVE}q-=^|?sX;dYl8yxRHUuDuX`aNzFD
z8p9K#LfXV&bgx6jT&2I8xSupCi5&ds6KCStZ)DtsL)j;OCQ1tYN3U9LvV=*K#Cma+
zoyAD@p07Cl^G1*QjAX{l#X}$)lmWM|o9P@jkNWX^k-D~|?<q62!S>B9VOPPp7|llx
zsQhWkq+lr~Uy<>_N!|0#kCuTt2|JjpiVQa9i;tkly;@QA2q<3YzO=)0UAKt@{vL69
zayT6Nam$pw+8@w7{^Y5!)a80GsM<7vC~<J*;>U+>9-00lPkK^Kva*@MPv*W8(!APM
zS_Cj&2LUbFrhfUg3Uf&j$zeZ7o<4xPdQ5y4^v*eU8)V-cBTmh>J!a8!bDdh144Swk
zj1!;i@z5%A)oaMhIkXJ$tP*)^7a26yX#Ow<-MqvfP_~@NVKU2!I~6eQkJnh8mKNWw
zU!$hh=%W^+EF<zco`yLBU(2cs^d(w(&-uT4N;noSuCMCS@)2w)u!!aFBlE921cYTQ
z)t0WwHGqq#UO8I+3q+>|<^?+bR1U1}PX_6DS*5FFYG4#ZZ3Kw?H>Q6iYyg!^CBql;
z>#>lL^%C}j4qCZy$t4`xUxjlyEH0D6rsh%>GCmH0GtadqqTS1zxdCd(y2X{Y`p$YR
zb#NG&w-pyi_TJjZV9?kH*+@I03y1A3dHg%!BZg)c-IgKwhj8vSp+EtmjZl{&sIM|}
zb5I|S)aU;!VDAXOstH<DYL4N}?XXuP4+#56Ijk{<V9W7rM5`p9;C;S4>{*pk7Lhtg
z#`5>i4RJG{f3R6Liw(zMcTKIeSpDK=;glw3=KA}v;Metz<wVsM9vI1SBb{KT_zMY0
zZ^zbR^SW2_&~VrOyDkXHSj+d%D=NcBv??JG?x@`PE~7O)Q1=juos(+{%b_7po86+O
zqYZ`@aQGwj?#+%!o^m&`0T&<@wr}ql6KI-WVj}umJ;T<gm3irKXP0YuoIyNys-!`X
ziQ&h={_v(;1-VDgG0ZAlCSi(e4R^W*Yi1q8QRw8Lj1O*;Eh&*y%)znC)Ku6P{=pbm
zep=)?>++1y@A-ElMw*Ywb|xDN7M{n)w*;rEG4Mwpv~Nw0HXc%+iZj%+eK=|nPWo|c
z06-jOPr+OVit4Y0=N@F11-7DI)_DeOo%!1o%A~|l{y-Al!BNn0aFF+f{RoTL5xkh|
z-dam0b?@wu5#5=y%BN_%R%`l3vBtC><jtG~lfUhCP0l@{FqqWhrU}1snV1vYi|>ng
zU$&{YQb`ebo6Oa-3*g|(Q<}11@q|PLXI7L6&_FUa;53wN==|$H2Dt)Yzn8<TSN|dl
zD&3-%I!qN;AqDI0nQ|Y4PTxEK@tzw(u2^y{cy;<&wDJ2;5X#ge1<`&dxLhLE-B4rV
zcC%+LFLsg2EL%TGg@~O!eWic@YVCD@<=C)yux^}lv720NygTc9lp{o)tY)-Oz{D$i
z4mMP|mkI5fHMuAB%zaMnI(*bEiQdr7=ju*=VbrO5#v9ILh1KZ=rL2zuH7hO5Fj||0
zQbzH|z{HLs2$^=AdxsNwdn6Y*bp|G04xj~e|3l(UgHgQO+y@(o&^ND7d8u+UXo{Do
z!zxDw&KYicUw~ruck3-wm4J7Znob-LwJ+Kay!(=g_znd9kImedNK90aVyxSHNogOT
z{3V6MsJyDv&tUNiDR@`Rin?ULWZNx|-^w!N?7o4@=1mRX>91Z|a5+yalBkU34hCb7
znU>962&gn{JeZLLJ@9Vx;+0RCgQ(3h{e5BGXiOw;U@f-ghY`sO-2EoPT#-}JS00eu
zu5O?1odmtTp|`Mg%lW;lbx~~hpzprc_*L>2&6;imw93%xpCEO_inHgM_NulOxZ@1w
zwxzyoUE3kvIq$URxg@W%oACQ(I9RLNme^QqHn5@ay@Yt73WQ+H)MG0Soel!|V<=YH
z2*%fx-)vjnq3m&sAbJ<zRrCoGes%MmK&`5c*q7!r@<2<o3=$b&RNlw}Xh&$_>e2`6
z%b7@Q_=63@%n-eRQ=n?1&f%fz(dpmMe-_%}k=)8{{l%fY^~moa*YL*;V`KfVNKfQ&
za&65id5D6T@skm@UIKKpV=khx*)P_#BFFD_Tf13B7Bi!|4>vJHZY|))L$S400N5nq
zS@wt7NCph=OSi<DED+grCV(~*-iOtJKuFWG&J9Spfl+=Qrokaio-AlW83zQH9P<r+
zlo|PD>5rsyA03kX)|1kWc>AGI`Fo~K$WyE*cH(EGwu3s~jUBV37Q2g~qW~s4FGyB;
z)IwIW$h{;TPr=YEGmI04Xvb~uiNpJ{&Ub_F_fJj3+K~smU&q-!%9N6D|8O}kP`SsX
zHFN1rkooV(?9dTIrC$1b%eq%a^lRdQrWfCU-+g*I*nYYrnmbbRDtvauU*YuPfP)%6
zE_`1@#li3~@3wnp`~9)g&EsQ&E!o3w$2dH=EwXPkzRq<esvIsP*)0uTe#;1dYp~Y$
z;Z%VtBVpjJXdH7f>di`t{-RamHvm_rU8aRj@z=Y(%i{VUYj1LTGWkn3?sQ9KS$zHT
zzjHNcT^3!8f=KyOL3xWIcL)tSYJ+Ob0NYj*JxP&ClC6TiA0O2_k{>BgyLQgD?;T1h
zwSiE|uuVx+PXb^zN4-CI(8$?ijOtsMT5z~|FSj>sAhApTr7fxvnSTsk)m9^OCNtot
zkTMl+JkV=t?lsu^ajf2A%4PfC4Py!B-rjm?dG^Y)q+TZ&Q@MI9PA&aW(CG&)K*&-)
z+aTa~FzF6TRqBX8>PXeic~Z|L%I~Xe`;OX{PHHYQtlZNOht;WyoFyBv&ONkEYJ{C^
zm$ktue{@g|Cr?1$e>%Sn_ugyav)hr^v+iO~l{PDV^dMw)!5{mJtir$YuO*d8jAah@
z2bzow?)!~Mu4%W7xChlrsGq7?s@*N#&y_6Lm;by$^wwh(Xq3L=YL}^@nhdY*>;%M^
z7>PB9^6%vq3)Us09ZnG5ZdR^o0VJ5(q+0iDzYa3|S7%txpk)Ah+)w#3H+`-S=Wy|+
z@%V@8SvC|U)*QK?>ze)=jhX+boqZ_gww$H(sZ99Ze(sf?Q_I{I{RE9bXm-)t`1@WR
zJ1)}{vi!Jn!=t`8&sx8*)X)$Wde?F9J@>U<5i=j9RTgFbxHqy|T9$G2(1UA&U9$r+
z3_7p~)Ec=q@44CO_NnRl7Z8c+KTT!ulykw))_081t~O$W7;)AMTBrXw){sY2YA`oo
zPL^sOvmEaa7WGW6<Tk0Cm`*6WM9-F587R`cDE1WVM+I<e|1tIH=jxc?PpQ+ZE#6gl
zpVO2ViD0Ml8j8jehrr}9?0wq7%MnG)T~*o5rRV;p+jjkZoc&n(RYBOB`0N{wk5@kb
z77%egK0i^6L`1xN=Sf7aE)|q9yU$HPl48DUhLBcDWIY-c3%)FYs>OJWA3d>(R^~eX
zr14NI702Q$kQ^<Sg~YJK`?nl9MVMrrVPOr<0@LDd&g<Ye&wu)*iCGP5JuX&BQupdC
zO$2i!waq~mD;}Rpc6^$bq-QO}X-*mCxkO!e-C<cZtN+8Z;%Yz~v)@4ms6-VJIRKQQ
zzv7dscx+GU+^Md)ckKF#63DSkIixrvSY87cu6HVza5>$vs71-zBuO2I;}do(`CRIY
z-&c`)VXzVR{Cg~pPC?qdeD$X65+X?366||)F0fALX^3^%b<@RkFu;puWN&ZPF$gZ^
z1=-t9qoV}4YKA5VXju?r<ClF0Z#RfurfttyUdg?R^9Vdyby~;&CAwmzH#FJFG+e=(
zLkMMBe?l33<Xo(?(VEW53e8!Ja`?P*fo|F5h-$`(wAx%V<h+<-V5he|txV@^C0Cbs
zPVi%UhwLfzmWz<j@snfymp?z=rwb43e=!m~x~9#D2u_b6uv%x|a5x#4h71?f+u?52
zV8gMR#7ED1a)>JmQOy!BW1GshC>wzT)FmDFGchwhBUj~y6d1mybbgHVOQaET^_sb~
zkk;#%Rub{SnOo(l&vyj}+bG%GJf5<rcuV$R^y=fpZ$rbVZrr+h9>mcy;s_`-5%C^E
z^|M{WNxvzny>y~O#+0#JGWB_1D51bSCP=~R3q9kavP|XU?ddju_<%VKXLyOiI-BzW
z-|k&mS!d?e{@cB{$-)fLkJ%?YN1DDk00qJ`{)^L_siAocCL6Hl<%fbSt=%RW=UJQH
z28J3Ib*exULsn53?6+Dl5B-X0hXQTNYx!sVWy4i;EJ~E_DpORBnZt2(bNpVIf_d+w
z3}TjW$r%_eYsKW)=z9hz;I2QhM>ZjU`3(=crd_MQreoQzdlxnnHYPVaaZIR{S^zN^
zP!5(^$oNoQQE?zy0y(S=s+Q*X=+5XdB2>8P&ZlSk{tx!vJ&@`Dj~`XSr;GIIj!=C{
zxkauamim-R?)Uqx5i{h@+Ljb0mrAa~NV(74Hg_Y1$R%uJ!$__(bKAydbLR6szw_7m
z@BDlI*&iFbyxy<(>-Bm*Zcj>_W_K;d__Ey(p8q%Q+q)*>dUWjZX3e4(N?N1DYTEIT
z%X!e%IXwokZ!wb!^*wN8c-b~MYT_9zQ@YvN+Wzs+bI)l1O6?T-DtiLvhs0!H;6Gsx
z^8%+cHY%)&!Y^B8Y}R{Q->$NfNcOF<bnla~sdKIo+aq=w_iMqAKf?-^M3pk-(1{Fo
zPYaP1Gb<)+VmWD3I>NDJx?0c&Qd!MbIdVPf<fbSh+90(v#iZ9|BzisVyK8!{##PP-
z{ip@>wX%w5^mInOoS5dHo209jZCZ>Xq;zX5)ZTI{=X%YfgyCEVSO#nqu&dL@ojuuF
zT$C$qlbDMX<*>~A2Ykw^_x6K@!Wsp;I}Kym2rT)YP2J}H*Z^0R_RY4IwwWreCBzqg
zU6II!TrSTDbN-6?fLI)(D730=OW@wx5dJzx5Gn94RVEd~<U!?{9dUPdSJ(d4n&BsM
z*z89iaJc-}H52si4Q@tn)oesiHj$+d8N$S$IQK<0cytqMeA(>&bFGKWe`bPnF^*Tv
zlaw!Xo*yoU>-p=ZoMV*_nQZTHJ@o<5kCk3Z@|T1A9<4U<WpfpRElllPXzuLJ4=WBo
zuVl??7h5DJBa423d0L_6J=FNwzD_qbaduDXJVxy-K`Y-Oyp*n+qh2Cz@a|aSDq<G7
zMl%IY;b%hiuQ@Q4!K%wFJ9y^n<avF%>Z@m@+4#R{@8C6`bIxc$Bl>3)#Z>OMU?b@i
z!)@mq5w6$@QY~w5j_n0D5v&Tce~SLJdL^3j{DM{}c~~d;P$EJV<Nr1OWoXB8Mzy?(
zW!bgcU%y(_&dse<Lc5=uM3vWE9X?5yId))HmgO+HDuXvY=s-3Yj&@niTuYJji5shW
zcnUd|obZFUiS4aJO73c>@qO`{t1TVu%^y+nlQl~|b{h@D2mUJgD?0==Drn@sR*5x1
zFp5%nV9e>Ip7{&=x|BQ#E4iKZ{1^~BbswQ;Bz+`uK>GAiAd0W+oGEm2`TWw*UQH+3
zO7}o6W9I=pwNkfBz4&Y3s76`BFCW4~%5qQ4{mkD`v!=&{_y;n~*H$ORAWyEiyTUY|
z963tnwLx97e&m&Bl5fVk6G!lk1d~rYF7-2{RBDBH!ZrDKdVEQr9+SVCHQgbvCq<q9
zka8H2c~Q*i&&`%u&KcB}{o?SR5%0J6Y<OKs{@xViryhdjweI(h<PA_Z(9|}+Jsq{^
z@(yb_oL1KHrkqM{eUmwOLo2M;cz*mqOZZ~p^4mC5bW4_*QmX&KV;lCfjIn$E#rnH5
zaJ}lRB2=z#&^)%$SAm?xDh$8<?GZXNP`1m`U*3DS8n@?bJA61><bli|F9y_zCeA%H
zB89)xqKWui9bjIK+62`ghxqzhpXBnV<VjZZm3<G{Froz>%)})isaKA0yvzxRekS6A
zgLts%IL}+K%ZVLDeEzWcrJ}fNLkXa~RF(UoYWyal)?8lugvp~uN?clDRX<Mypy0aa
znPc$kWE$<1W)0qT1>kl@S}#@pAim9(j~vJ3CG38(ngsGaTr;JO8{3O@SE4vM10Wa-
zn;xu)w(kv=ukH_!Ckz+vRp&*ml$&spr|<Z7$}wF!)zq>zD0_sw1odjbrag`7#h<}*
zf(udB6Ud94a`w1y@|qKc4qICNh72wJv_)1>;31tH=-c@=Wbd7cAV!^V|L3(mAb>Mr
z$*#~7yrmuMjw=iDqh8+C@4oRfWNUW(ny3H!dFP5>b$U!zsN`$}+Ab^e;yPt<U<V@0
zuT)Mor<F7Wx2A?ELv@xZhCnz8nnCqr>%#YLmK!y8f*Bg=2)<2H&EU@dn!@q!R=#92
zUH+f+UdUd~Q#3k&ve2hq41`YY__XR9bbhuBxF-)*{l0kuutW#R*L9+rbRPPTd+i2w
zKnK@u>in5oxd`MivXWb9>Co=Pneq!d<?*2!AF&ZThUv=GBGpt{UVN!4Ea;yd!ad9r
z5<e`4a?MYo-#utUuZKs7hACe<t2H+%u8Ij_>q6IV&s>Nt958`ZeTv6C^BPNk@OZb{
zl`mg+6&=T2Ayz)rm<JtvpJl1;Efb_qY0Q(K8d4tX&x1Yq;%AA?soHYo!-AF^ZC@05
zZl1!I#xjs|^F;x~YG=gJ+$`{P69ZFt&TwPLC%MFY-ZbeSy0}e47G1OyThXzA6Q7KA
zPG#0JqivUhn-Yq;HIzKPvOv#DI#C^)gwRh3?FnQg3yYsLf%LH1dRK6EYfV?sI1XA&
znT!rP5(BeM6$sPQK!5KGZgMi@7mO(y<z%oEOmjILf3v#zZvTW=Q!<-nK3-XyaLcg*
z12hiVyCVJPyrCOd9Jl&K=#Z1x4XvwP6DLjc%uCmU)I!E}+J{?VA0MGJ2JXN5{n?V9
zH0&x_<EnAv$C|Q(&u%2y>u(cNS8aRUT29z|u4?ie%s5Dq+e7VLdhR{~GU6!ywmY+J
zzwrcX4L6>^laqZagl3(PbJ=!(FkVWJAiO_148C%{Sn!W|YHA;d?aNy9s(MZJvxo2W
zKw#SHKS8;~8LS$Op3C4lYxFp{7!n$#dYGL#1rTbcTC3J7>%RU!md|w0?5!OAiu>K3
zhi-;An=@yftY<4p$Mp-pYVEs3o!ORgwML8FES1kuvn-6LD63EWFC-z&PVlT-&SUVR
zl|PDEi&sguI$yY-!Ot;3*#Y=yx6OpuaJjoFi&69w0GcTJv&Ue&dGftn<uQ*Aa`>8j
z;_&OFEQ>P)GCz{UBH2<*z8q~8u@@`Fh^hl-f&2Y3c{-pwl-*@VNnZ#5y`d%`<?{9s
z%m_Qir(6j_#&`lB!2I2*Cut%-Os`-0{e=M<K<z;(OME%Ue+3%fG%R;vpWPi9SWtCE
z;mx4sh`j*6mpH%s;_1L_eO8%g3l8v~%S>SOoYjAaX8y;7ywv!A!tnk-b3@tf{@c8}
z_&u!NV}^ufWU~iC=-PEre6<dqXT&ET)C-clyO>H0m<->3RwgFR(fZE|oRG#GGEt!M
zgYdElwe%l1a)G)vS+fpilUjYS{>B`9^?N1|gPM(SP?7}ioGin*f}S>S_<IsScy&4=
zR1$Q3&btANd_dgOcQy9zHUf?JG8}dO_~`D%^G$&a%ZL=tXAj!)WTXoQ(uMW?r-@H8
z;B)vMlRazH<PGhoOPqr({-brlQxLvY&P6JUJ`;6Q3b1xpBiRwRi}L0B4)A<sh6c;q
zSixYW4A9cJm*BV5198dPfjai1m@dx@peA7TWD3u_1xj||&UWA&p0)z`cBrV`-SQ>A
zmCyD+e}x!?D0I&VAmcDkotvrKwPom^+l!Ucpiwq3>}SvRQccc?!E1ld&pN!<lnauI
zSf8DwQg)t9dC#%K|8L_KwDoR3f^V1c=R$l&AU$Dww9;<wJjMBG;#JN_8ml>Qi-q3{
z&b#;Euct=z3_c#QyFQ8BtS~I#Ys1JlD{cfW5A)fanHK6ILSZrmJpKz}8VPklV5RGl
zJ6PQDD8C~gm|1^D=`Cv?*o{cg*ZKiJ$Y)lr`)*-3?#?>>J-_b5+I`kty57*j<{JsD
z3z)$1v*$F^gnf2f{d&SyT71G8eBqMof;L%yx0-vdD|&KUYa!fQ`c{+I08s>H)49MO
z&6eMs$SGik0r6EWjh_Kn*62>}f0anRIuGQDT73O}E}$ZY29sn2q+;jJieu>_@X(M?
zFfs*1c7%X$_Gz3SN*<$tu5tM=;_Mb*uUyNIxSPC*N5+uyoyhl`?}#`PgHZkYqEQ2t
zyEHStRG!ShaY$Xi&LyWT^M%>N(jBwxVf7z4gE;P_cu{L-PN+>Nd0=wS;OHj3cTDqt
zAv^UW@%^Wl)(!7JAcA82*-z(sjB#Fh!EBBrl|C;Uwtr}j6)?&vVi-4@Ytd!jBccyR
z9dFePaGUS^?cIWSLz7G@o92tgV<*eUi-Us0;q<w+JjvyT?QF>*TA&s&cGKBkAmH0n
z*7WgvH~E-!=qNU8{u{JKMaA>+;8y*frWSeS`F64?w^7<Pk|srj7DfGL0?PLMM+&!7
zvMFL*JdmM(#SGl)O?M{q*|`XyTOMblsns@s535cV-+8qcJKBgjGqOC{0KVI8TjAPA
zwSvvlCbzFJIO~uAE0v76i&*gXL#a=x6ofXse~C+}WL;8}6BGWEkqlcmWeoK5onOq|
zEF+xxgtL+uJSeAELyg#zU7%f2+rdZ9Z2~}P!PPtd1F(-Osuc3mb^<$?z6|B@g){gz
zsv~nFUuScSbU28gGFbCe?B?d3%$j@pw>}Ig<7{m<rgJw9lY%pDK6<CG&x}hE>~gDt
z>QiYmpS$!GcM`J|w3!J7cZJ%-b;a+{HZFGMzGIP)yoq?$pZRU)_rV2VJ4&huLRiX`
zqqjJ7C5reZn*wy|Vzg-XZ1sBg9p_!Ce8$U#LzkKr=Z%u)*)Dbn3a}4k$OJjzzT{-h
zj}}95eD%&!94nRv;YgTC7sm&QcHi*9;cf=LM*=Bg(rmEQRvK&8p#GUxQqwud&OuQQ
zua?!sTPO+ZW*v8`>k6>!+)3Kl-5Lo+C2a38VlYz<t2=L(rt+|Y*03@k+!OIrGw2zO
z=fgCRCUi$A(jP$5H|n_b?)88{CZ>uTFt|g{^69TR&?|0K(C^Nld>J1FGBm==!_}e&
z6U*4bn|Q9IY?<?ed*OegqYborf>P*{lZiv)%?j<mYmZ;mv#@=e&D(iqvp?_UqcSOh
zdEq~ME<}=Fk1@euU!Z*GdXbV=;tZcEEgN+@sw9MKh!s1mHlMn2qrF4r;ML>j6vZ6$
zO9J|@_;quTx*?k*#=9>sY2#`rk**th+X)B$7Vn}_@7?~f)4ZK~Ja7^+6HZ02VmhIv
z@5uP#%OS=KgGbLC@BA3Q_3~67XfXe8Yt*cs0{QnQthVS*pT0LB$c2BX!47j0=Hbt*
zp-$S$-l7l0TAAci;13kW_V|Ijebn~Fo>@SN0%Pc&af579RNfWvI|1r1LTHoH%mo9}
zuRk2qUeNLHE}tIq?<h<`!C~uf8*xE?(4sE47tKK?_*8_E!PNPN*tvRM&{%{^MXhQ7
z+npR{Zung4flqx?<;Cd3EdtlO-uY4tb}Ni7FMS5PcG5oAeE(yomP<w=xjh|c#W!kx
z-b{%*yDq+6*R`lmg|F}#(F%PLgr_`3=9ECX+zx`HO>G^B5`EpQ>{$$zI(wNoz{HvN
ztnC#KEx&h?5`Otz5fjRm9zc%Z8}^EYJMiR>ho&El+YX!y4Ei3K3cB3{zer2Fo;~Bg
z65vB$4(34y?ZmOB+ggJ${F_LG=|g`Y?XM)3P|on%vyX?QYdjxQ2^zkvrDtI*u+h`k
z2!gX8LhmSRH3kbtNi@hIBwIEfo%r#mwejS;`n3k_S=orv{EA`)%;~c6Y=FwekKHj6
z9k<gCygOJDmJQe0tp8;Gbdmu7Ymxg!&dgLKyg_zEYaJO0`VO&}#qV-8#;nlq1uoL%
z!~p6OdvJ9?nX7@8{pHd6siG%v7udY4qWDSnAG_hOk_Fe#wYFc8AO|F(w1vO3-U;P1
z&e~7^!iN|-qqG`58h&c7K6Zv~{fLL!edN*Kp*OJ`$#>wn-0qHl`_5nQIa{u9?TXV|
z_4cv)TQ%88;IgsKm(8o&KNH>?aIH&2Mf!ffpUEohsjBVpMqwpnhYiFIr}whrj1BZ2
zGPQ|`GlI;5U6r3jp{d-@4;cY9N?sEzd-Oh_#Lj`O;q36PxXrtfcJ6}>sZZg7B_8!$
zd*IK34ag<6>m&0lquqLs-G?_OT1_ZbR<n?)FR5a3KXq)Xb6(D96K<}m@^^z?MsG|Y
z{{kq+@1+Y40-oIr%0Z8h{7B6A@jpr<RnbNu_a^T54P>F6MQfJfkprK#qKUURZfFj{
zL_Z+H4{9wP`YOl7R2<XY;WQLZgRsNJPxX@L>T|p#BPq4e8&s@j6Q*8MJ@si#R?ph9
z!=S_zklSkzZ9xjiUHfq8>-fLOP~TNmjb&R&s=Zfy-%G)ce!3On@(77TJDk>Xh4{fe
zbvIKrG^_0z8Ninzh_tr8yp-Ysf0%KjVjY75@TCGeisF9;hjf-=_BTi3Q>z^N`2nv7
za0fS%P0y}tXq3SXf7Dhib{+V_7d>#IbSCa11HOEq-%?(XZaf_j(4^f@jMJ|ll%c1*
zq%ZDn&eZ#o4w#FR8S8(wtdU%0!dfZQWNZQqPKp}TBtZc%T_cbiGJE+#zPV>{HfMOH
z<5H{?{XBPxQe(48R^;dpXyoysfUG2ljW&+VF_&(Qc-kG-lR;^DPBH5HV$cZ%<UdW~
z!v<ek<|EBMyUOvtcb7~RJnG|i{C#TAhOMGxd8;P>Pb?vi@ij>8>ZwD0h`|{`xRNEv
zpWL`3YhMb^vd#fc)W9&rhJOIK^1su1hTJdQvWK9wl_u3W6!<PPYGQ0Byu_*-RwRGP
z^3N9?w-I*0o}`5>%Pt>w@Is7*L3EnuNI`e~lQfFtA4z)21P4bBTH*SjPH!15)Y1==
z##^<!6_b4{4+<fQr!Mgw&l8=CDX>suSHiKM$R~B71f;_7In7kLBSrSZEPf<qMS%WM
z2Q(cHr1Lybr7K*zsY&g@vs#H;|4M2ZGd{BgxkAs@Yy2LSzd59Rg{1In1mRG>m2bQC
zF6c{y`RpOjKM%p{w`hrpzl{~<v+rN8lHJd^bX)pWLErmtEyfz=>w=c|<KGPIBs8>w
zk~IitHz@2HmP@m%=qaWPsPB5$x!|7-o#C)9Gi-NSCSH$b!>~`26W5JB?g)1j>>(Lq
z?&io$Z=Y;6WT?#uS@bt=)~rwho-HS@;Mhm-iCl8P%rr#(Sm{6lisHLm?+0Ilo~cZ(
zV#sM|_%3a6IKDA$cjp$BFl=F*VhOF-crhXtYWAz5HMnaOpb4Bsc`!;7uEEU!1Z7{i
z6`W9nFHwdhy1Mq%T1%CJ*_q>6JvN+H|9PBN|0*F&U23($*2D{JKSdlkH-eEpb^e&H
zVZiEs;!+pb_~%(pj%uQ*b8)V;3(bge9P4=a!xq={RPS#v2}!c51P+f4<ZvPCMv-Qu
zUAxn6jykr~k?3kQrH+-Us<GeaT;bd{%L{Qpb2n4sJ;ZM<s|n$^8xNy@mu6n|u>X7k
zUzb$iY;^MF@b;HbkcfTQ9dWYiiA<A5&U1r5S)Z}QxqW3DISfA$Yd`oFOXfS&uZ1h0
zMD|Xk8UO+CsyfOOvdHrN@~662r8p{w$Jl@CEsGaK1=d_F_oq;bk1nfu%qOy+;+z^!
zmpX}1jED$!NoIdXkTKdlZLFN?@7oiKPfa@$k?+1L&7bH3&*cw1uX-|i%l$?K5R^6M
zkSJ0AYbyPP<aY=Abhfav(pJ8Kq48qjzEdrRNSxxX>(*FSp}GADkqL?S>EmvLX}Y#7
zluQ#&?RAZujAD{#28T)&wSbui-W7cFUBXKuklo*66KyTT&3$m>Uwc_ga>?6M&9w<l
zDqCf@`p3uKe&I}4UtVw5OMQy${j;Q8V7vkKdo8#EJn1I4f0aSdwIaA?WCFWPyZ)tW
zmMYnuek(JGi92vI#FFbH<1Cv`xCC3!w2fnD8xX~85LvBr@>-R})y2)ESm9t-*mBYW
z<SSzz>WEIPL$aj@b;Jj*o>A)dX|h0P5V9F8q~bSaN4M6@AaD`eYo)o2^OhrClilR3
z>h-V7XAl+U?U`23zgBNsw7XWFPu2&7?!49DwJsgxIXL_5?zFm7TeObWVngD4irLnc
zmgL>$_L%+pm{3|-&zuMx1!i+UF}>-^#3rZ`A*;ns;cB7IUuuP$&*K+%7WJfi<IC%t
zkzmybe@g&hgB>@a-z+M$+VOM3gEDOImDa8Wr5!@wRCpMp5Z1ies58%6>DNh}t}P(M
z$%I3@PF)imVd`Ozeqktsr3<T`KeBfm)<LP=>3@gWFcgzM65|Xh>o?R=3U(=qx_W=f
z37utOW^Le=V+tGzFFk5uaJe@N-D8n6u%qY-C+~-z-oav;df7yskZUETzhJoO7lU^l
ztK+C1;Bi~6VlOez1q?W*tMkQrN2^E`XH<vy3fue0Zj9SH!G5keTu6=9+9hcn!FoZ?
zTD4A-X21Uwx!mO_mVHFk^QGgJox!f}q}fO*ez0A+Q<&6My5L(8>nxX!gnsRCnbZJ<
zFk_6!y?dC`+I!P+YW=Rj*|#r*^Ic&(@P_EGfdb#eawSBq79VU&>I^HkPQOt5o|hop
zrGBh@3IRB4^O(js8aS3`^!HZAZcZ+9mjRj|A5ee&n7TA(6)3TgAUd)|rDBwDPt42&
zyJ4rRs>-E=gggY}{Fi>8pcP&tOpOHN>L+LcH=dVp2S?uCy~VZ|fIZ>b@O3Qp6?sPT
zGuXw=!k8?vCH&#@;Ci67x?10h$xr**J>UCX5nX>J-X4WcdgFo?sN5ftd=st?GHTb#
zQJdC*Uvne<$V#M@VOW9A=D_vRzLMpDddzlIjIG3ZW^xm+3~B{o4G2kIvNp46Pt=K_
zGNpCHzp{#3%33uqRriKe;LNVig77gX($;7)HCE0g&I{v%ZdFTVzI}a-g|^PKYyf28
z6RjbC!>sGl&k9qFF)f*CZqGSHxcY=n0_nTu9E!J(_05<LuuQ4=6_Vv5aD$L+ZEkj-
zW`|VkR@@hrclq?$n>ivHj18-MX{c$Rb}e1x!y+%*<6sx5OrEuY=3(Cj_d|ytDhNnO
zgSajRw!8bjG}N4N@~Q$x$zS#F`o8}xaO{Vi4WX1t(A>Jl^AlvAPa`$ynW-KLt$`~U
z4N)qb(ZYQ%Pf4jUY<09smulq&>sEBCNkuxuXOR1C0Hk$n_0MmOe1+H_WLc(OyxZ@)
zwnbs|6KQ>3=PT{iKQDy0E<AD{mq~EUM2h?#IG)cl%0x`-S&1WZb(t#P^Ax9?=Sf7b
z%!3L|#_s;Yi-Jx}ssOaS=P@yW;e6LV?QSyUeS=f(Y`{L=JNEBUD_Yjrg=NF#+&Na{
z?qZ!`Q(Pi`yWuUqM$F1MJlBJ!&0ih$ZxJu{74Cs`0&SI5!YZ96F~;bX@lkH@LJ6`F
zAaVYnh?gcxSruuqPg<x<{at-0B6nzio^|H2(>J52-zXmh110{IC#+<-5-r5jNnU>E
z9|~5%WbY!@-@?)yx(2Jmc6@>pg}f%8T+i@s7Z$xA+kTwmWb7<?`1vSo)ZrD@|FNIm
z;P#@ip)O<NyoKd^+p%9iUYY<mM?*#qy*^Ss_gVOeQr@`}AYC3iql)Q2Z&dEoGZ`-x
zE+iH*E^_dwwf3m^Xfp7;=8v$t>Q2J&cowlp=4NTBLS+7lvx%5B&06E$hkm`P&pa*5
z9G@#Pr{aaWxjH5cV~ey<6jH1}@5n#@Jfw9<KRHOfLwg9s*CO1pnMvH39G=Dzn~y@u
zJ^RgcyuqXhZcA|iecf#v4@D~#3iINq$)PJgOMXhadAstxlg7Vx-;z0X@G9=+51=sD
zDV4}{23v8FOnNLRwkD}Q3HjoSHE7o%%xg=h$wlry;E8s~&k@4XV-MdZtUfd&u|njG
zddh9<Kr=D)$d8>`$otisl`K(Diq`lu<N0%T1fLE{BQn4t+<8;45jl8ApphPIiJ#}b
zA;n66hzHJ>wQfqcxWJv>am(J04U3&o1C7{++s^(vA}v3o;vH}d(F$Oi89vbmHNkf0
z()FCK5DFUtq9`6v#(A-s1{i@#4oOD0J@YGFF(5eENLt_0+9?pZcAFr5*Z|^0AxooO
z%yEy5U8qKSHy(>6s4)Hu-g2|*7U&%HIaZi)bn~HBOQA5^L%irybYGyniz};y-Cyfl
z^0PK$d&)fWyhUapq9yM=z-~ERL6hM+ydFn3t}4$7T>7RnJl#3k7V3wx9~%)rXF`js
z#>Wq2itUVMd6%dj)!ise07~LTAD;vfp{W{QW}J^K6^X3-=`4*{J-7B4E6pE0Ux{H^
z#l8aubgEie&@=TMmy1-#3^gKrENeTfSL!ApmNdU`go#6Yv5K41xw`EcaAvsmn3X$4
z<@LsU#X?!dt+G~SX5cGkl`of6V&Z1OSOk2V_AaA3S#X!(99#j?@)7=~o!dZl2AA=Q
z{4CZuT&hXBxD}k}0|5QXaV0v<!iq#vvdSMgo_>CaXh~R$s627jda!sm9|3YUJAY((
zG5=Cd0J+&y!`FTAUKgvqTkw9+6wQ>ge|kELc<9(7yQD2A%^|~eE-yzk2cun9eeIN4
z>L_(n;N_CKrc@P7x_3!`a?vuO8gR-l-nani0bU)n3^ydZUEjFZC`#&3uqJ*`dPA+~
z^PBcEj8M|&!V^{u%5l{kkqPnyV+0x1FP;;p)BoFByG#0`g=>W-YQQ4TQmtmI>$bsN
zxYyBC$N4zO`HNz${>DFldc@zFWe+J1j#LrC#E@I6?1s}B7|+xF(#I{eKu!K*N@~_X
z?OY8l%qOUuP1mm^U{&sl6)ZW}F+?{06JPHp<H3zi3SYjEyo%9;yzKwJD)9*-?6~rk
z^pIRWDeJ+?;|c!ri2GmnowKL*x1DWjK<`efje-SLC5{~tG0`w9k3IqK!JU<Ks?zwq
zbfh%2XdU%e<3i0&`*paEJv?e;^yEk5UV1=*->q@N#iK<@R&Mt!V>I*Ip_0uLjHVMm
zi1+a@tJJC$ox~2Wv44YI6E*EDuGEZ?yvX}(bx+rb3IYg|r=DCT%G@_2zuunv`b72U
z9nHIC0OOJumvnGUZWXVs#P|wLB+`TG?I4in!=EQQ1~DgdEH#I3$)7O85s|X<l`kS4
z=?zsytsnb};C0TP&GFSWiti?5>r3?SwdY}mDal^9Ih)&u3a_38WlkSj-wKV0!q$m?
z1XhmGmmW`#2_8K3*HyFQh=(_=yP}?y*a=THdQ31(%-r8CH<pIlaXrn;wW7eAp(4JI
zTOH1u?lX0U2<JrEvyO$Povie!OBJub&?L*wvO8vOwEx=@)=sVVhF98{(*Y$a>#clE
z;eDcZxn?n~Sd_$DsQ+By$W*z9*T8kZYn{Y5pk%0)kzkvYO3}ikn%zbze`mbHM9jtM
zR<gyusxQ|(;(?cWy?STgJKVk)QdtwbgZ&^-xqIuiON!3D5>Kx2r|~7Udhhd!Q!Lz;
zNgrf@O+7$V;w<)KN_}JoTV(9@v#A++W_jX=L;RaUBTRWH$T&4uvTE5KqEgZmlS6f1
z-gglp;SlO8RyIn)DS$@W=asx-|85dtps%F$P5g=eU&p1aivkHk#J(pMnv@^PpTy;}
zq$?lYn94n5C;ApOF)wBoYyWbhx>g>Jm+<+19#LKFH{~SQ6k46f)>ojUAtdNovnvB7
z-vpe8xvx{NWBRGZW9OOEDXv~d6QY7%wy~Cmv2zYb1CuNisgtUdtjA3tlB<xy&U4Ef
zV2;J-BhOGL9J4`4*%-w`ADhiL_6fbw`<Bm^z_TX~-ImMvG*f#1SqAh;dzetma<njD
zYR3CwEVZ#{l(g!eH(J<%9ayON2L_Ic0wJVpf5iNq_1m6!90vwD2D=v3EP*>;$pw&X
zbpctz7W0C)C`MR>%CH?7y=1slx#7SKCJO{kh#2^V9a|&jh<<<ZI%}vd!K>TM5zqU!
zzZ|4HT<i!*0;Y5p$`M;np_2ixJ;Xe%oK2gkHFL99$t)GJ>(V*zoMa%hnEjq|Gt5wP
zV+I6b5W4`{WVryYy=pB~x3fh|!D+hCDBMyFl(l$bmW<XR=pX(WOD(lEmu-Z+tNf&F
zGnQ&y!A8L{zCdNBR)z`ANLo*<k=XrG03k+{sq%J3t1Rs=GhMKn;9GNON%BLCA-(|a
zTm#81Gx7>N8&c|rxZd7x4W<xW2zP8Q^nLqu3&Rkf{-1MHVB~+N-2v>+oyq`#A>#)K
zvHb+8t;#m^q@{+Lr?`~$@DtzjvOgUvmz5OIqBq(0FTp*Om!cK+g#Po<;s{?0c)Z*Z
zh)A}^lOne}!(20!rP*gw#HEOj?FAn_8iy9|8MNxeeEh|7-oo;0M73hdC8M9=Bt)2+
z2Hw+8-T_3HSaynUH|f2HDTm|)izLGc3u^H`X#=4mKP)rtjM=fdand?s{-2YKb2Q}1
zgZd?6jDcyD4DVh4prdhOPwk-Go$XDBveFtXxXG@lDuSN&?PSL%x1=1y(-CV$Rkru6
z$*O1h;S==3D1d1?$a<!v*;9=3%%v(R$glG+%szZ?Eh4FfcjsK%ufp=thJrQh%KlSb
zSvjCkx#56!8@Ib2a9mH>)e=uxp6n8wI6e3l_%+Qwt<MxH4XQg-@s_)SO0ktKI>D54
zbHKj*HpiHazE;2;qHdb~8(%$V-CFu+^(-s*LmXi_`gNIY0#Cs(L)&2-?qto0e%IJT
za72G{1LfSR-%o7p9FgOkhdx(A4%JTBzDaFQyI=;8pkA?N{?3nO?weZ7GP3vyxE0)v
ziNuHc5`^&7lCdx&_0iB_oQO5Hisy3kNo^_4FA|v_RjGf6b?LzW7*6nxrLf|DiDrxE
zhB1n1sEb+G`U+*sJA~2diLR$m3i4G6Qb^%akC@P&{Wg&r_Y2x*?VeZpY$GxTavkte
zZoWFleEjqt2@Rh5_aJe#)}X17;|^3T9Fr<f0L#VPYyaqs&MxOli*91<yR5(uW14{b
z5;bxJEXaO;RvLf3$3%62xBTMWfr(0YdoB()d@hF|unm3c-wvI31QduI|LQ~jzEo;L
znG&;doVuiuGne&YYC6wqj;750E<}xIh;iT)uNIFov|Rdoh|z3RL6kFjvHa~~VDhEi
z(GCL~jJr$a{ag;sOzd^K<uy2k2Ds6O`I*B601Q?JLmVCIDip@h3fYd3WSo+tq-Auo
z?2h7iMrJ>|(K<5)T%7whPLVXAGey8wJPA0RfnO_ga4_hR)_-k2@e$*Qv8{r45lEsX
zXmS)i@k{h=;v~;O`f5$waB1NjHglhP&239-Dr`Wx&zydP>VCjy{roGvgc%uE2E~_H
z!hn&7TGLQ<E-w9Y;Wtb7qvV^Un|&<8sDkmBVk()Esc{>0L~P^2WzY%U=2#e|pnUr*
zbwfB4^&M59*HT^W#0%+Px>H+j^r)(0t*0kgi8rb6iIvCy%>_gHcZR(<#15`TAwguX
zSU4XmpmJJN@@3Rl1arg9yRZJri;`PVUR!~2Sy6O0=2ZJ>p>6dol$?xZOnT4yRaFS5
zh*eYV(`F^uS><Lmysq`dz&X{`@{o;?SLsKgXpOT)+z9rxV+uW)W*FY`rx~_%AUXDd
z;2VA|vLI}(ao00tpPP`Uh2ZNA`&_PgltY<K%q!g$+-0^4{yk~ry!~KWYKf+FSuput
zcQru+ALaWl+%5)p&GXrP(4jCuO$|jS{o{6Fo)JQ4QzpCe=jtekv?-eQpjP{Oy_D{?
zj?bzJ0;O0<;r*x11sZ(m4oQ&>+d;LC43zXMb{~VoubaUdfrVC%rz<Dme{ePKSNC7-
zWwW7rn<+XtTK-E}L56=6Y3D|X>t;*?y9t)o=>J5DTB(eOSh)x_Gc}L=S<w09=24Dv
zl-<0_1|PQ4$kZnmt(Ue~3l%99Tb(MWdNteL{HAvFkc#|a6>BZcyOH?TILm>;Ev|=U
zBkQ2dq*`g$6$vK}qSYk?ZTlF{L(R`O5)wV4;1dB45P8|vjbD}`YVEUbAxl&j*#(&J
z-YuFV&4qfuY&Tv{z^-r^Qw5Y*J~xcf2ul);f?x90S}L*>3mUEMnHE$pVcFShIKxkT
z*IUS0iCAcC{+OP*cZmfQogeK>yxURzT;oQK4>#05{$H*iB|mw>Ev;~Uc*^E_eekQ^
z10!yU!g)JB1sdEU;eYrD#?dody5m3CzoycJ7gPIu$Alz4R{2<V5al`d1OX*e`I6mi
zs%^!QD#hCnWBxSAkJiAazlbK$4SWC{i+OL$vpk-gMZdaZ%2nquKr;AAF-PUdjYfqy
zi_Uk1^co+TQz0V~ITGJ&+-?Dh`s#f>mYT1D{#}I6HeMfkulBNN8#QOD7eO}lNc&@*
zqLcG<BAbv^J+`!{edePhL1)T+#9vG=GTgN36gl?rv4CYUGX>8FU8Z!dHBY=~gKGsL
z!b<zqU&D5D0p2k>lj2j>dJEZ1VvqDoeGpxl(A3D?7683l3RXNTX+riVF-5~#sma&^
z&0;q6Q_a06%k@W67<Wz!U>8vsFos`>w)WwXJb$p|{5w)`)xE&o7)55@1HAfbnzOXm
zN=wtc3(M6QND7G>(^+;ulEVSolaV6PHnd^GZS5%*(6k;Sj-ywXba;aHofb;ld=~?>
zUfR;n5m7_Ilg*E{y|_#;JtgklTkVYF<OMi3xoo##^qjRu`a{agrAh+cqWajkuiQXy
zRQ&ZCzLfL|*od-+VjyTHWTJm}q1ANOCeMs)iF0G*$AyhtTY-o1oryoM*<ii?4s`jo
zHGPhf)vx%Mb>=6s#Le?SBZV!hOR`0&C@Bk5(pcq2U5sCzFJ(kR!*=l@@@^o2!#s<)
z4SgY9F&t{n`4ra~l8sT;2O9#1KwQvg7j#>AIg}cGjbT2mH-R<DyWU)J8uSC^tetXa
zIP=nGL!($Rd%WX)LU5l+0n0{8419-m!ML{q)U4_sUN7>c0zDy8?1INp8-bRKRBvXh
z<aozv%N)14AO71k_E~8|oM_w*C*76Hd<jAJ)N-aV_G8@lQuMR90Ncoq?&YAo9x%%X
z*6<b9CCwh<!P9pKR!Xp8E1o@UIozX;Mv?z~oNji133!^1(FxnlKST@35|I*ZL(emX
z3*a)3zzzq-qtu2JQ><e&2O4|~xD+T=n3*Va(-MtxpcsoICBDi3Z$`T@tNPjC4hgr1
zLeXFu#7dlKxoAy7tBS&yaH=)^?p)BuqMMTB!<d|^=v8kQ&Y-b2C%|-q#-j<}(lz)?
z@@nnWgRO>+?gPI#rydQjt&veZ<uiFAf*zTQ5@t3khGK^QCQs+L?;pM=SRo(tqWtue
z7QT_yD@L9)P#vvyoE5%b3K;z!3ymS=2uCwo!K}%V8e`xwjT{%OXsS`nY}(>u12@r5
z1;_~C+9$4gA<UO#3>o|^uV$1vwx;83Q%=he3A^{V09MYc&iavS**XXM?#1<{7~UP6
zGQl8OgrL~=o0yMx9UEzNAG0#dx^NqO(WXc~PS<4{GsqS<Z|K>7XbB#2WMud1s7!S=
zlecV9H^AZu9d@bB86p?=acC~ULGM!Mqd~?CCP-%s{odmhy4Gm+Q!1zHZ-Hx|7+|O;
z=tEkL>7hq*=WVsxN_48*+*5d%<y-~43$9@cOaXnTaRO$*CZO$3wuex~Tk*$iG(#;X
z4$)I<|L|7(kli*k>b_jLA*M@bJ|)SKTus({{bD_oBk&7jMD%Bwxd-->I96fs9H10>
z<mpJuJwI0(sg!dJ7Z41ce7hJY-Lv!$Uoy6RXs)v&bg9U5jC>ak0a5g<ml(3+@Kjge
zQ?Vqx9reGIljr6R%mNyG>zZKNUyg9|7}a2JWh-G;yxfDg1|Fhb=|aj`%~&PL=2AzV
z&PQkO=<iQ`qRyTEln^tNmtWZ1LM;K@6&XXdjOIOgG#uqyK-1j8JTk;jf+g>o0au~K
zsqH4nO4&0N&r#%XVZbUyt(+@!8s`^E>U-oZ-)ncP<0HQ0#jl<W=SQJ#I~#dFo=VKG
zG0>96FREbTUrfjhPKtpbuGsq=bgjO&W&VTC{CoEC-p?|#p`jMFi-HL<eyAwqE=iV~
zkKvkQIGRL%kZ0|GA>(bA&I=q-bPwIHb{H)8@%lZ%xU9m}sb2%axz*ww`3agp@;Kwq
z`)J{}8XBKf7gnOyO~p(3^wZLRfp`49<8(5-M?leDEQ}!I@-rHb5+%4gJ@T9IG@kGk
zH?*_s>8Z$yt&iu!2e1u_s#OhJ9#QHN9oaJXejfq&zhD{xfg@u3+}z$&YmkKP??jB8
zygAXl!oKU=sp=qRO1<UV;)?im;_#hzSL41LPc*RvE4<*r89PewaXaW2!avr9J86l4
z<qF+{|7~Rg0(KGqsz1LxH`}$+U5IvGA()VNnMH!AS32^0aHl;4yp~o~aVG7_YSi(o
zQ%$U2p%d5<&F*5K?(my|!QL(H3N<w47Sqb=Z-oq^H+iL@$_6TDnfufA|Gd4^Ujl+g
zKlv)#vF*3%)q;loilnxsl7@}3k#z;<ww2X4%4&I{m|!5%Ya7YG>#t_Ma=6=W1Wh8%
zPM>hC<z@GNpLca$CJ-g*eGU5m9kKZDTp6Os`Naf0OaBj`{ohBW-6RP7pAq77SqBaN
zPtW?jmt_y^bNk<)?LB53`@hfR|2^e)``G{gkN^MR{GSo{f0;RoQI-l7f$+5ImgI_o
zF#f!cogU?`qQ+L@{QI7N_x1grI##Bu<%J+Pr@QZ*E*<!S4nTu(`Ypb9v33jD@W7dn
z*fqpU$X)fK4deL<k1kApWmwb~T^CSMQ4~zSf1{3u@p9^VhuupRbIUl(x0Ws%(KbtG
zp#XqJxV~=SpJBfh>RTvIck|E0-hETkl*_gZ<9)5Omy+~%N!5D~kDO%m{Mb=betZ}#
zt2|I;s(R#&@Vn~erXzOcBi?=E&%j};3x2U{j>Y=vt*tGZ+(zLa$cU-5Wn1*KcP&pt
zt~ox@nNNnUhsLfAa{nalYz4T4w?Gy;v$J&5X>8iT@PIelkl%ybhtsR;_<HlJ{W;i8
zf!F;_-;+Rh3=CYP&}A(f*7GY(1CxjxT!dT`^~XPB#Tf3<>lL2&|LY;4^60UEXZhxr
zuqeFswLuWP+Rq+K%SBX&v&PfGWA%-6J&875cokr^%;2Rlb!IG7;-u3d!P^3r??#e8
zRK5PPgxHz9B^C<}uA1y{&p6k(J1qF3k*K@M6lWcK&TC$s>&jeFAeQI$m{meNaumYo
zC>+|E%Uy0T3>Y}7#~AjzZkDI>^T_vE1ImVn*uMX=x`glWX&wI+D$cvfMf=x=nqK?v
zQoruRN2h?C9Y@nbI`a%A8P?yM%)K;xVm!|DS>`^0EHZZxywaZiC3|0NFOl~Tp9!jO
zzM8ikG8x{N(~_aLz5}_Ig0G|ZnMSF;FdyZwq+@I6?>LKZ_IxJF;K{dtv7S@rDS{`z
zT?yu_f7)PGT-p8j-x3y^e8f%hP*$P6<t<Q~e<C7lFL`kR<HdM*MrDV8-e(HIjhE&Z
zzT{Q*3eQdcZ-;%u|Nf^FgU{@~R}uyl7By!6Q#9X?cL=u|E}jhRi(la+iTQ}$!YPIV
zEMq=tl{-w99>MB~X6IJCk9H@2&<UL-4$nsp;`&1ZjC=nC6s$mmzko?Ghi69TvieWH
zF|P9r-RS#n1P!IkjjE5)3&CGXu(L!+ysA=CLcyyixX^^sWKe+*^4M?~{IsRsH^tP}
zV%qguuH;>ri!gvjf+tlbxe+M+C+kW{P;x<l&(MIF1+h$*8|Da3>b+6nUV@#NW80*Y
zzHaaE9LZN_=<pQP+J++Oe}@~_$+vTebq&gBlK*gP{tA}t=a~UU^)btOtnlF&ZT$|?
zd?EOUGToz*vUep_?D?nDUzHjVfLN;v9U9Vt__SGZCAl7s<JS>d$AEl&i5kll_%|7p
zHI&XovBv-GA>^VrBSJJGa}2Qp!81U5)9zTfd{I?R39HsC2f)ZB7(lL30^k4)9M|9b
zw@D<bq(<Wuwh(`9skFEY3D|X+or+sBA?rW;{nn39?6V#}e*(#JxUTs;fAI_#oEZps
zMjEKhwW{N+v%X>TiA#Dss&(PW$EgzVh|ifOnO1yDz(haX^r+bwk3Br{WyyeS<@|DZ
z$rojfsw-Mw(71pJmKs<cE$Nf#-9<GH(NWIhTca{Hs=WD$EE&hL0Z-(!R2g!?1o8Wl
zG1?sA8?@sYiVBs$_jfFRTHV0V!jUZl+-Dr4HP3RIFDkIb6kKGyji1x_{%3J)qr!hv
zTA?l{xn$-a61|UFF|ZQFZ*wcGhWD=bjOeo-<3c7E$4tumkUb*C_&G43Ji(akdmm`V
zQ6VJ9Q!1?Hb=SeZ$c~ND8*r+rxCC?d0xg}14(BL1afsI~rM|JhTLDg`EY)aiEivZ@
zyAs(^Ev95NnHUGw8o??LHD*T9Z?G?>?k4V-rnGi{W{2Y46H+aa0ijpJPzQT`&~i;Y
z0t%-I9<Ob<m*%|T!TF?F5**z7bLl=*nkG%G#{QkFTQZ}MbKRIPpcGngBwI~F;2Zz8
zBHf+4NIvoGy9xm*=baEU9~xt~=~Wz+-NvQ23@A^#m}lK}e`L-t^P?5cGK@a*ap~VK
z1}eq%U$`qvLOR|#-4j@+>1}m|{SUC~vTWE<pZG0rm))yxY3VL9*jFQZ@J6~$R<rBt
zU)S+NhaEL5DlpDI>p8dh9U&^E_+MDHghs77dWDoZG0!$SU@ueD$jZsmOQ!(14fN2e
zRuyZ*!o~2E3@h#4B%fi>g}n`@_J5%7RgKlWl7&)X3%|fN;ojUx)Y*))m&)4qtBS1C
zsE3<+@}krFs2lC?I2+Muyk$=4++5wXNYD<;=iMVT`okffui1UUE2VGwr>hWvC7Rpk
z33zbyr|+!?G2i%0+oG_mK3Y34pZjckO?SMlOt|{wpqcn)BnhWtS1>>r7;xPo;NJ-Q
zZHh-FGat|atIW*uI+)fRXBDcI7qmL+7cMEGV$a#K(zn~4e==d0*G`GW>V-3JQ#O;B
z(s<zYFVmN`D!1HJx=$Af)C+s64@yY-jR+)SX(Ik3Ufd|N2@pcZ#*yCgOSITn30IB2
zCY(=Oyisy)IOkEej?H{%9b*!~uhe@*K)A-yl*NLLC%r$#oF$o5aDWR8Y-;cjHvwvj
z%WZB7z<Gv(yZ)e>VWGK8H%hND95Bkzq+NcqdniG?t?6QvepyTRbu?E?30}nq^T$HU
zH5S10Ws~T2-&^V$3*`d@2#Kks3<!&(s>QeUzRKl}5`5r5PCmFSp#&?BAadJKUtI19
zHd^+g18E*}U1gsP!gYx?ewpO7oF+o2b)4^vu}B<w@H&K@zq=@GsbprpX<66EQ#}>2
zmdY5bKo3wc3)Ey`^0g&*-)+_>dYOgRmIC37UItR6s`U==0pl)KddY+Kwp{uv2+?D=
z`6a!2q_#!piq>o>nCRZ3+1by3IIW(DM@qT2w618N64*DOxulW`emk(j{!FWhg?2^V
zU9Q_piY%8}I$1N@KMAv&ukUxqfr}?rxZi2NK+h~;0Cz@_&Y<2z^$uKLXd*<W0Q5p=
zksDSDEk7}c*W8?x?Yhz&Ud43h-XDAVH2NG}q7b?f^EAecJXyUK2W4e=a8oJtQwEKW
z)r*Gd#3fegf<t+fZPQ_mhFH$Xl`@x!(2k}e0>_G(nN!wCRM(|j?KYmlYv;ktvJTW+
z+vKns)3)a;d(ga#%`U#8J}uV>r$-8Ruz8-JLA5=F18W>&p_8i`nL;ei_AQvcj%T!C
zo#%B8%5%#6Q2-<7nzvL+PcD0y2kzyF)jcxp(;uWGM!d=csyUfDl;i|b#)|ij=V$7K
zFnwBM>?86-RL;ckHg`Ta5)i(-tosZ5ISNm$9e_y=vh-86!gkMAa}Lqat|lxqLl@rY
zbyVZ&rJB8)?>|&yc~3zjZ27O?-%+=n;OdnXZck1f=ACry!BGziW85=EHP3o(zH%}x
zqdo|RUJw(!rmI7@Tpg-5{};~M%^`X5dGhG}qWWWQ1-qFNd1l%lwTET$>g9Er4BH8o
z`j2~qZiZ(w1}UL_>Nlz{bXTs4M1d<OtHUe$MQ+yy1k~?CdJO*C<<O;7ens-6;u5oS
zWy<3H(}-Zx(+N0H(LW_gAECd8*M32EG(XQome09W^PaSMyZ&ME&zkc*s*HlDmG5)Z
z+4EUq_nydD`=@R!#svhA9qs5IsuH<We#AJbisXAX@T8Qa=(X4`itydk_kUv{l6FT}
zx_r_s$z75NQO_tR`mWl6f0BZ&SB<*5NXF##x58xS!Ot7goSUh}bWAk$9k$5em!RR0
z{Q^+^YK6#!c!RIOddM>F;C7kkxs|x3AIv-4_pl1)JNW|POJ&uCo7&&0woO<GUDNpI
zoa$DrCz#)-xqj-_WT&CtscLqrila5RhApQRm?L(`7C3Fg7-JU*wCLUcjWZRjcJB-u
zZf%v{QV5flyLCoa#BWNMaAq4?ood?kAoL`&H)e1<-v9(E3uS+@g1Z50Mb3YPL175M
zG8uPPH?Hoo^t;!1q|A;+Sj(@Eb;eW^v8pX728Yxko-|t<$gFOB${np?HQai!`!1G;
z3RWY?!nqCsh>@y8<P!GOB1k{UWd>2rh~VD(2pr+mA`dmbB8HVA_?@mDA*!67t7;Bi
zCPaI@kGv(xF6We*{5Q_uaN+01IdQi=h?P3?LC%eUcs?&UslLqGfn1qDoYUV1+N85j
zLEP@N>pL5Uz>gE&)HcK#{XOV15w548x};n`HJ@JuBefKcX@mBKHg#%z0cFBnJ?1M(
z;pKo)-fuWF=Zx>+sFo&?RniMmI=gVSbv&Re^d;*lOgnV9JcvDCASKvxg_$$Omp`ze
zS4OGTMG*QghHI17QF6mm)}jH|2jLsz`!-atZDso9j$JIxrppS6*0hY%izo@=&@P0z
z!go??en8glnDRz2iK|;6xV4CTCyMmE2L*|)7NPBMQ97nvPv3S<>HqevBfS7%TZYfA
zj>3rHwjANlwY*VLe~Cu6ePYL__R^Rf#o@D(eyg~5W!Yq%eO;vjx4H|t@y6c^uZ(Ie
zyq5?xd;TcqwENtfp5UqOB6~@Rk$6$Br4r~`(HlGk0~Q+a5L}aZVzbRqZ~fI~UYZ-P
zm>aA&{LMbiyY#5~4YhcUKjr=%Klhuj8ZaKm=pqPb#sCA&On24u?z8BWXeV1l$^E;6
zrB&w>MSVMya4rD`Pd)by(v*2$RFBmZq-3UM4Gjaqvt2{zV8GU?YV3SE#%CK^vhSJR
z>rb@Lq-bGu+5W`q5+jI#$J%GOPVmZciWqQ%J$$zm<-6Ky;t1|lz5Lea*bH)3y1RSe
z`_m&f>}WU=sDm!)mbbuJ;k_NrJZp$>d`aBLkr;hz3vRO=f+h1}kgAUNU&^+c!!hC1
zcS$KPfK^zBd)(;##wAf#_Zuw2xTq8GvgP1}es@|xO6yI=YNl7-pf~DZAx^2l?b#SC
zo}!$JPwY!L<`RcDB!E+XFeiUpmD+4IQad<Ol@HlHhDO8~0)n{?6F*5FOFTfRen95o
zSX$`tA0|B+W@F<`$Yrd)H;0=OyyAfUs8b|Y*(R+-t_k-etTmD=RxMj=8n%nVoeAYS
zPr_X$SR_qipgFE6SP^entXE1C<utx;RJMkf2H)_rU8J^A#;IJzM~ujho}NeeB1SY1
z<1)sPH&WCkLkW<Y3Le<z43O9;B7P$DZ_xY(zZW2`RO8ckq|z0FKdNseUk7bOj!&If
zfm%Wz`ZAAC96m`g{>@6(@4ICgmdlhGmK13`y;l(5vOMtodYHu7p(q&Bdk>#4pAAPr
zRGl)NW;_hOlrE<S3j7dm$`W>-*bIt1fA!R{LAMb5)lT7Z|G$K9XsrH{y?VK%txn%E
z<`}Q-4K3U^YHTGdrpz{sr#m|tFueW!>gufN!6KZkP^E`pI6HI6cI+GY-16gySAzNy
zHwXhe2D)4_us!<`-S+9Deg+Cbv>6r=eO6VjgYizKp{hMkd~|I;A?k$p0hRtE`Prn3
zy)m#obL|NPOmQpNzsTFn1NQ)M6Pugenr>%=^HEagBAT{iPMd}hV#&NAS9Vf?agn`E
zVW7Y;$+t8il=w@rzzt(p7#QE<?ENmptR%=T3~D{tO|r9hy`*D10=MVXL|xS-diF?f
zmUwg#y?Ru1T73t2Yu5I7;z#F>O$fpx=qzdTuJ1oU@Q>8BWlGJaCe@Wv+COdQnp+A0
zxf-t+S=j$Pu6x=#w1Dz`1yEWTnQY!fn13QaR|&;@Ibwxp1;3dps}gaxAif;V@ob)+
z169k0BrUc}2)X-Z{zXF$^v_gtq{5waSl0;33Rm@f`Tb8;jE(3y>ug^VOWuf#+a>t@
z^_{d-*EAJr7h6aSY?_CZeL`Z+Q&s3J%P!{lclcxL5SQ{Fy`O@=lHyJOFZTXCD#<+l
z|Hd^_o62ma(#l+#nKm`Gaw*MinpXGRS2T0QEe*{DF)f?Y)XB`$5Y0pd6h*-uG*e4+
z7Z6afF;hX@frNnja=zdB-2eQ}`JMASzx%KId;P&V7wfgWc`vWm<N16+(|H3FjYunK
z5X!7taZ@NKYF|ozzzbW8Nwf&~*4y3nvWi%m2!e%6xHy!UwX>r-QnNn?n<%P%@_iDc
zry$g1&u&6BoR`Pbl&>*rS^`<e92iw}kR)cDh^l!!4{mVZ9`7qN&Xm;6gc+ME{N7x(
zFKzMbwMEvU?gQWI54r0bO1<qst7nFsKh2?RCEUmN``XCvM0zW2K3n>1Wsd%inWNoX
zVW#br?|+oGpTInYkWfeYv|J$%WaHq`qyA{b;%3p}Ap_N7IlXY>8w$IPetP7NBojV5
zF^_6+yklYlq80k4hkg)75`qHc3a%Lw)EX4pP{hrOeG2!TWp~=Vu2%8yg@$$~A)i!#
zS+r{pa(^wppAp^{*?0aYz&eKCe#zYCtsLiB39P;(gZ`GD(Wj>3i;wx!@}E=2v=vBS
zWWZ*{<4K^12s9jDjW&@UMw!|64x1;Jy)b670w2?_TyQ>;J7rj)c$7V%RX>q>1u}3S
zx&JJi-QRS^K_YPG5G!q&CDgs(fl)(674o8DAFkNesHvxX@QahEO61}lQ`E4=GNiQb
zYh@t^A<WY^-0!xL`+pfD02PdEJXD4g=Lh#0TBSHZR|He?5zpp;$j&^=752WQrLQ!(
zbvfCvRA8@;-nc3~6BRzLQge0?c6N{bATs1^jc!E{!_<xXq4@?gkdL%khSL`c3fnGR
zdH-XxYXJKt))Wn-9g4rQj{BGtQXVgB-5+o=_nXr-^LJ;0MJH?lSH}9b>tr@J<&pY0
zRtWEyus#e~8F>=UHMlBS-`fAm^k=*cd`QRN)Z7KdABVQvm_}UKeF)rLAyehdxhnE-
zCPnfOk>ado@8St_%VpO$;s0vx?`#JZR%N0Dsh6|P)Us^7E6=DVPE(_YZ>5=c)3XpK
z<x>y-PIs+Sie`i{{f6(YQ-96;iEm?x!bxZQ9Rs`8C^O@@t@sNArE=`#JVgz%H**-!
z5K-BhIA3BP-D9s~GhFK@7p)nOyh9=S!4Jg$1T%`O<rlE`*mggwhTcwgG*}JdShyQd
z_UVTs)NY3)T=q^E-aqFZL-S1l04}^UnWhoWjo#0j<4!y3ehhmij&wga7k0P0+gQK#
zQP#Yk@U35!%6;`^!y>ZZ(lJ{ys0d8gcqS~GHg;mJUK{ZBJg{4%ot1i^->WG42s|ib
z@%AA%)V{wcvq)>sPHgP`)VuTwVEtR0xO87M3{8;?-}<b<2WlXC8ku^jIKStb37O_?
zvtF*+Zoqw;ZHoKF<{W0@DwLu}i2*eyZ7Rwt{2`s}DfHwY5yzKW{1X$QI^|=mwA)M*
zJ+7wjWPw|zH$fKO?9C2=uk5TyiwP{HZ;`dqO)$P=ZD{imZM|3!2vcB6QcU>nsJOUj
z@-FL%`IrU6tmYH{^4U&%rA>mrG3H6__CLGiryU(`PGR=rIPA3nIh*&H^c+)ig!>Hy
z%)p!zJZ0(LZ$DC!D}E$%_^m~n+|6tSKdFd=URy2))0!Yz*|N4TExqFqas$C577gNs
ziGu|ead+cPxfLFBXDPp%F;#csxySkK@eSBa2vSE|PQbRCi{(CBQz-Oc6bV^>aQw?=
z-Q$kZq6Djl`?L0?9Y4A>UROVpkKCs~bptz!Tf)xX*`qOW|BZZB8}pxfVzkhA3@mW}
z{ExhH(bAJV2br>76R>J8J=Bx=K;~7z{N2BwUwqT~)gkZ~&l%VGaGLo3h2KpIt{9sM
z+;gA2z+heX1Ev~C>IK+Qe^rnt+X$E*gOw^Oe;B*6j>dwVD$M_qy~el&@2VmKJl+jw
z6Bl(BHaj%DEY>{f%WckHGg*H;6ELWHH-a}f)S=}m?}UJ@F33_{wJs8brJhsmd9r?x
zaQNU#`86o)fTz*aGL1Fe>V}BzN@4$2gnX#pYJ?Aox_*}E1Kt2Xm`bQ;!s?|Ib3aal
zYT~GmP!=IKE|j<-n{oArcDb~gnZ5IWw=w4gqHM)IUqP@58-7IyOaG>>J%;F%nkR)J
z7F4p3-!{v0;4d0pvCgI0p^yzO=1|lfIjL6cu;@12|6mdK-@MMX=LRWtl@kf+X>!u+
zQQth3yV;nnxiP7<b{Fm6{Ks0@xIl&$&QX80L^?C7{j!3_LXe}D(tQ1qSEWtJ!2Pum
zB7v6_;r9|h_C=RSPs`VelNSBRqtd^WLA8-P+ujyA93fm6StD9Y-yN&t8jCcXK7W&&
zJNDA%_|ckN_nzvfuN1#iLJ)=TT>!5ux&c9l{Yh6y@DHe;Ro%CQKLa}uD&M_X>)Q1B
zfWl6~fVCsd;9`|!UlhE1%fPb8?oe`D?wRlajE70<PwZI~Wm+pWh>N=|@(uk_pI(10
z{PUV^5k1N(o>{v18{V8k^+YsQeQ6GXiZ%^gn~6jlL`}i3Ezl8x`k&cYWMwr&S(QgQ
zM<AX)RCy#8^p2<RSeDuK&OeC#v|=#Zm`in{HHSf>e#~z9K4c+pLaEK-!|=$e<l_WN
zgtJtn%|P<4g1=e(Fk=@7Z)$t;Ud_F=pPBV!^gNQP%x2t1s>r?IOjn^uN0q?&;+NF$
znlBKx4d)MGlYKqypw;sa)Hog^>=}2Zo6S})LnV4PF4t4-z?7d`6|2fj7@gT@zTd&6
z&c`+<dL@=CotenZsChuq?0POddA`$&9qHc*LXW-15kD@Qppl^jflqzQr=x2iYUscD
zJw5Gh8QSTKZ*{xnv&o66t)U&&l%TJj$_hAet){_i6auW#fk+*|WxSjlP4dMW?OIZ_
z2=4HZ$v0WH!^+Z6+Usi{#f;5Nk0~-ejHB*^c|?*UQImpWl6rlca+bx|Qg`qGp+&oO
zy-2QLf8Xa(p897Q-O$`RZjb&%RcAjgp_Y46gppFwex{H`RtQtfr4!{$9K%VHiGz-+
z+d&p*^(oV=Dgs7Cc1k`voFRKk`+ESJ-g7>z@D=IlTXm0b$OBZFz4C3D?JkIXMO#hq
zjqqFGW5V&C2K6FJulnhmoa=vIZNjt?gK`b9&j*b6vv~LT?}SajQ2rP~Z9cmP>0xf7
zNl32eogynQ#%ZR3vLix=+e9ItBEks;HN{_c5{Ngr<zWA%?<lwn_fr6L<kd&tAEyOx
zyWs9eZi@t2g=~<KAH*>>c>-L#Yw#v$44g!3#>iXT*PdQaz1-4xy7k-5A?P2;qAKHW
zCk?<|PC=$)_Rdl(Pt$up4J{C)Y-l2zsTQ3??=?Nkm9#UE!P(XMSSaoGZ@%RnRrI(e
z52wx2fo11v(x`zR9-HRHd_PndyU70;g8lMk>6kMY>F;R$vzlUu?Q=gtFn(<!z7$Ho
zeZhiuvLC;6*)<USU@t4_)GFf%eq+i27^`g*`)JTBVZyE^!bF#qq1EFlW^WDKnVRR+
z9!fb<)zVmZ!m4jM_x+QE>{fZG>+cNO>6*ve9luWG_Tpd+T@&pdz`Nd=;~E!nU&fxG
z=BjEq6PR|U?(;!~H$n!^Ts(u3qv5@64q=9Hx@&^4JR9@I#oi<j#m}it0&8I^HhKXX
zK)a-Lcvo6Sw+9H()PZAl@oti+^Hs%#J1w5rq^Y(h^B<~Q9NR<^vR%v+j1RFD2FJv~
z7PrRcwzzk>!sU8C*Sb6K;VGNy3MON1*f1Q9op1ts%=b%@@_OYAitZLnqzoQ_m)z7w
zcaXcZ+PO24{JFM);Hc|tb%9Kojz%%8SXNrZubl2N<?_XY9^;|2-3RM8!a?(?yn!Je
zg?M>Ga9!tO33M-Ge)>8U0`i=Cl>s@!jX$?LCwQjbZO`}F(wC&4%zZ1*9Om*Z+jCZ)
zu>K71SKKkgw=`c2*>Dz?o=53A9B~ZCKSMU$m-!4||1Nrkdu1?jly^@ve-P4sUFc-Q
zo{+0R49d5ht#A4`I9`~+_RJ&wgf|Fh@=h(W@pi^aewP{uO@h;^PinJA68ln3A_m6V
z)a^kd`n$Xub?Ly8<^}Zcnj=-j8;YPzv@XuDCV7f9=mD#unWwkgxWZtfK90Y;C<GoT
zi*d?YEkqKvKGU&p6QIk=k~n5E%dN6{f&OJInQa<7upzvKH)<b(1^*iR`FS3Ve%C1F
zD_6_8cVfo_(F*M_G`sIGd$vnnFfK+dN3!J1UtX;Q6Il<g1SLeWb*JKAA+SLBo3^1w
zZuL2Uz7VG_kZex3Rz^A&IlKFdq9>kcRaPc{j=Ylae3?dX2q!zEB+sWz$fe-MDS5E^
zIE*&`2>Ry~_`!prVw4eD5ytUGm?qWE4U(ryXq9RY#<^aQQsY{S7LFqZVb54HmuqZV
zH;i9JEeuJnGux{LYK?(OQKn=znb0>_pjSq~!R7f2U4e=XkC;Di&iLnoGkAWH^GWMi
zJ3I6H;GruId3w*0T!Nr3@g?qr_T=Y1Y}l|PHhei8X!@I%Q1X(?+@b7ogI@{WaW&td
z(|?%l+}4ZuhTKu`&4d$|%=p2Pa-|CT?K!(PKLp$VDWiT=AHt5BllH6rY0fd-I+N(7
zZsuU^UeW0U%m94g&{rcfS#nqW=SF895-N1p>O@sX58^sfrdO~BLI7fR%kD3BT!P({
z)K+D1NrKR7r8Vp^Q(opKeT8UXYr;i8%&9HLBzJXY{j(7Xd8lYUdxPNu2iI!9lYTvM
zZ#!;fSgb?^X1w(ce+a^=(Ur5xXn9UdSV{kmVllBwjn`~h8iTL5OD`R)yQI2v$N*n4
zUC}uNOJpq<Gut6=8;N03HdqCIKmAs8l#Zgc8XFT{bW|_QQG9ZGVJF)_<1&W3x%7kJ
zzaqEQZgx5hXx|PM)vp}P%fpmmtwv_N>wHjAwT3gvhB|owTHJ>osvjEntx3gHVLtg)
zh3Y0$2El$GV+ayVKm5Y>4{M(}h%T$eV!N^;Y4{N!JB7UoYGB75Z6ZR#pnqr8vCP^A
zQG?E}+(>4p1I{5+ji)$?P!EilXV9ekGkHoSe#Vh{17^<Y#7@*jQQMx(&XWR1{<6u1
zN$O#?YBAtkdZg^ZJH2kuYfFdG)!tK|_VfDR&c1Wkc+XGD1toT64vn|ximNeq`}_9w
zd-KITHZX*I<PQPYJcz1w{WmM4gY)mFe;msqyD$0u&epxtdzBx#A<+@MT758KC`ti&
zQzSjh=QxKA+Z)fQ1+%8o>6U9HK9V4Odph9jWm01r**cFXqt=U_9x>QVDGfXvA2$S@
z;$+_`3^t)8gTB^;Z1J!@$yb@go@HH5QbhFLFz5sB&E)nbu<x||BffnNW(#uDy{2wu
zXJ51;3EU){mIGSzD>@N=0hMM<RpK6~vtEx<-;5`iN{Yvc=wk`%6>CG(H2p2U47^?}
z>|2(-(>LgtxKO@gV*3eikIl|=SKK|3rnAQYVhpt7l=2W-HbL?QU>4qo9c=^zrU^)u
zuq$@ej4`rORCU?++dg}jLo|Zi*im$+5Y2u)UgX3N{HJG&rTzWXhT<Qy=bjDOojLzY
zWSnK5F=8aJl~>#y9VTk2X;qB<!CtzOOC^jTe>h`QgY^=<WFl;YCCG4t?kqdjWtCWw
zfKwV_ZepELjkPQIK>Vod4^M`^NuRQ#8MH0e?P3JL&yP3nW6T@Uut+Ks$=B*?B851D
zMmML+Z^FK;P-_K*dwi2~;X}`ny|hSl8PV`N6htN{bs5x#cpHY#cNu1~lX9W8f{+$$
z7mHt1Twzo5IH4MO9rTy*#P&F5r2_CtyN)HWD&U#LWk+;C-A->^c>~(DuMdu0O1|z1
zw=Z0GsP{ab`yaN&0{-+;tEbZ}Xi_#5NY_^fmvs93hlOKOI*;(^3a=v}=-d!wJz-Jh
zHy@QF+rI$lSic?zocC1=ci6HYgs=!{JH2&0L*+e`BhEF-xc2la#T^+bW-8;ong6|i
zj{R(}lunFCP)vUh8P0u|f0lIycFwqn0z!nh&i7oM+82z@9WW=(>n0a%qYwZ4b5i<1
zQnMpqWdp0*V%<86cmtumi~)f@Ms02VK)+Q5m=c8Q#ppl>f(#g)(VQ7Pw35LiiK;v^
z{<Xmc4z%z;bnxH9{`WyU9wYs)IPQNvbs$yhf7b-t-nZVhqvL-)zx}9p93amAXSd@K
z!0Y|bp49)h5BfV4`QU#Av&e9jdU+$;Agk{2XIdVdQ?&=f+UI+g=6Y8?)?Qpn{!R(w
zUug`q;Xv<039}E2>K(wI#PS<Zl2|)nHdJ}xI<sYS(Z`vODI<LO<{V*Svtq!32Kflw
zW7oG}1x<<Mdpy!+p2Z~a<=*D?AyW`jbJCk-c>o0gxJmkN*>2JLQs>)4<JbAZ?4&|f
zv#oNWkiM8l1M&ogs=}}6rN8I110ma7kGL3H-))^{3+V37FmU%ELn-u0sxmI^dQd$y
zGWkVm&e3D0+YC`oV}3JMH_)w(QsYyA=yyD#B+o^=^SmkJ)@r*h8m327g>NZ&u;?xn
zJJp2s<*?ALJes$i=!^;M3j?!HHuL_}1h?;IT)SKF|D2!L4mdyN;Cc^ZBr%z^VM~1?
zV&y5~^7={naMJheus2R}-0BwH<k<zUb;xcf^S|X?8%dkVI9>b@ppaIkJ!~BM7ttX0
zFwfE7Vt4*?U;Ul<=6rKx)wJSv;5S3zNXKC<g%oRSOP@k|uQ(~@Uh+)f@{%n7f`Zv&
z!=@qk;<HyZ8|B1}QyW7x&r_r*8L(jEGgv*KB5<hH`2A&t-H*ag_P?6r#yP4TBgQ!F
zP0=bL0l+@(_c1e8n<wi?M#t$7HQ^MyGavV})d%OPCf@V!Q?9zh&ex>;-1CHZC}V_@
z7}+O8TG0R&D6W$#iiCLxE%W>w)SF`k!sXKZ^MZCkw+*|-j(BbUwa-TUyx%dZ<RsC*
zM2)<7Cvn$R(Lz(uLyt`EzYQ>b<Yea5Bo#Ik+aCRP9dh(R3;UBfSL7u#(|5~$_<qgr
zzxmeD*E-Hds4v5KLt7nV&Be@+6dOlB;CJ-j8<w5wIwVCo=r{Xu`t-)Szxk)lmjVEh
z49vYHgB~(XNKCd>J0jH3t33#u5{u347>Xf%9D>^=T!5|s8Ki}IuYIDQzKt~AIX7zh
zYS}?K8YvA`v_ImcB+I)!|3s~0WaZ$DO~7tO+J#=Rz?om~&pc<JE%6RJCp%)$I(lG>
zk1^``F0$vYzAsYW(A$QVQm#JT>+AdZWmU<Uh4(Yqk&=U`D)BxwAtv|u=c9d6O6sz9
z`|hhP6%f;tcS{vse8bd5OT1>0X&l$j#M<{ZcJ0l-%QU@C-O^IS{d;}9Tmaqlhp~=f
z1^D9IY^s}zo4cIh@O@*&^OPgnIKET+G%nGA6Qn{PREXbiiP+epDu-6X*re;7b7Q|f
z_ycMa#HybNV#k%yW8uE>3=y9JEMe3hfd<`7Lg`sRkd7`o&2O|(QR5MH|4a<uXtv=q
z2o8Mi=(h*&%ql{JM*^5L`Tab*!UhB`cJ#v%6&5FHPmm6Z3-(k@8wV8__D)ZaHSFE2
z4(X!DNn%*jM$cLGjL8lBqD&Ft3jt#KF*Y5l-PcFGpXf4(YPt9zj54r^ix+W6s1bdz
znwCpZUo#Wo$XNwYV=VV2V;aE60&NULw!^&Q7$<0W-o1u=ziB%~bX&Mt#d2J`p&W-)
zG!7;we-AgK?Bl$_)(_lE`WMHy&jK_?_zSwC&o*d0z?w}ePXW<Zh6s+d9#^lUes7>G
z1M34mCciRFyE;gz2&u&rj0deem<crMo_L-u8d10y0`DCMLj~(-T}I#S;X;y4a1lMr
z{Az>E^JBst#dLM@LuBE>>f8WFyB_40m1sIE<NO7m<R4iPay6{3U<E6iL{`2lVh!Ea
z)^&8kqctHQsC__;%jb~#iVM|j)1KIUg{Ttkj`X%BC%&!VRGJECy(ncyI{Dr+e2@*I
zQCq?U*hx+mdMj2vvN!v(#AoOp-&_|TDc;hT5Z7ZP!>5=*8yjsv0y_Ysprs-%pqghA
z{Hm*v8(NcmpmVbts<(&pP|;OMeu*|*Wk|W1(dFdiOU#daYy`8s)4(SFFa_-+VYm78
zBY)0P&3+qU9-*I88Nvb53+C5*4Gf#yTuybpKq+%O3q#E*$>W6VIgYy!8;c`ckSb)U
zvvIQzj9+st9Vfu3prZH5IpW_>I4i#O{Ybo`eo8*Yky|nA1hK6g8a_wi-VE<tXj$F7
z(#Ty3LREW+7B2kQC>>m@jk(E&>JW$!2}1%0N$en4Y+w%2AlCMIStOaezW5`CB1bEb
z2)jvlpV%q&j*&pmZcYU))Fb-Yx^KR8Nx}jkD0n52_=yo1hUlx|LxdJ2g@t*)=G)Mg
zcdQo8!v)5!xB2z~)b*1hSCsmw2uYf}h8eiYI(qwMxO1$eI1ZPu-dg54h}*a|K3@s4
zoibuyU>a{-HL|~a;3uh}A59Z3-(%PtqAH;ypO0KJGj}=F5;u-FDaT+TkVWnYW!e#<
z#88g`hO7bhV&oK)e2H`ivlqG4`g)MFEuWy8zl6r!d<wsQ2U5zL!yXFfxcneq@4b%Q
z!*5-TGYubGsplHEy4DDEPA8Kp2&x1XuHsOenxwdrXvshU^|lBNEA&^OK^*Qozt~t#
zY}&A3T+fbE-<-Psj%bCy#Jd*$eSA`K#+z5M^zYn2#}$YS-F-uH+k4sWENK)fP1Ydp
zF#aX^@A3Sxe09lFp@^3+9#eRCI?*@I>^1UXMr$$4JHtUHNU*h)!Hkt}#H&IbDEVO`
zQ{GiCP$75DWo2Z(D$`m2b(wUCLQ1(@(3PVPCeCkMG0Lmtc?!!cU$<{5$L4v;gnkhR
zPu+yUmP{2BWPVQ@y*I4!ms}On#I7_$L5#-q^$km<%4u%aGrtPGPo>yj?Y$;*s7`mQ
zO5}QkFr8SYvS6?BlYH=I!O=f~wHD}_LPBMYqA4V9sG}|1v-f&f6z*nVO4g^(0}|J1
zTV@;spKx21#XMRvHuDXzrfNyp%uZyK<X{hf^!&ziWsH?%v&eD}?kC|%q4S#gatyPT
z2HHux^_AtFKQ$m+u=Ff=uAhnvoIRgVoo5q(iy000(FR5Gc--lBQd>L2C-3LGw>c1i
zT8!(b1lIPMxpJ%-o7o6@&{B-EZMfsyUZD;=($6$RG<;SCwm>M2{U_gB(Rb2ZMK_VQ
zR%<CR=C}pGJ;d$B8{KBt=lw3)=cB;z{Hy9oAu}PX1|>BD=jQPsk14PT$|}!N`1<Id
zPM4hW8K56_jf#aH4QKKGcz1;c7xKKG-~fVUDLfAya5m+Z7$OrU?!kN%8!^%B5o$bw
z3_4`eLk}|lj_!=%c>ZWv&AmJ9IG>Ryb!tVX=vek!()TZKS)Nn(@$jmSY*;i!6fsP6
z7M5v$Y=NSuR`${xSuqW~@~pbSLng&6Pg3(mx7arlnsEBE#}*B}vA*(P^ILIpJwx$Z
zualztR=9)DRP#C50N=azcITD$id|V>ALjK|2nI9WdTFhfEJ^P3BSKBy@)wG2`TP73
zcc^v10;LT4F7?Q{0KPp+xmtahd8K<fKFoxUI0<!wCx1-!OWs<Vwqz91fDy21-RnCc
zk%@V78P$}Slf-nEB<pz!s}mfKXxn3A!a%FZaP^jb#i93x?#%zigjMeKlQMKUCC1xO
z%k14jXrepkR`@hMukUXU_5||%blY-Ym}{-7$d-YNDOuc_t4}UtwZ6vt@%7xM(|-u9
z@X~l{3scs~C%m8D$aSad!WnPPtQ3b9O|k|*O~?c!3=tB=%_|9&{x6Mdei7CLF>lV1
zZM}&jRm_w84AgI?pF>5BQ2zK30D~kxBcl^LPGPCUl`|)}DA90pj$p8*EGCO46oKC+
zBPFO}$mebWaYH$hEz}9@Ty-NUv$fd6_q0;S*0>#bn5N|6Z!1CDL;Sa&|20PW(@w7U
zWkB1+OqMLtcAz*$k~NY)s<&|i^on~#umfH4RB{4_O-z8g&s(jPFZ1+M&g%Si;M2>|
z8Jwipc+;toIHL>_RNSg}{9tN{P}F=Z^tZfa%E2s2!*V)OY28wj<;DDCDz|ynEVnc-
z!~MQ#(MK!mI$<R12q{V2smYl~a(#tKThw!|rhl<)Eq5tQhOYj0Z2XY<>lH;MCCf(#
zB8IzCr6}K=A{6en&8Zz-P`y0NcFGrc$tr~Tj<H7N&N0TT={bn4yIlR44XBP=jb)%Y
z`zqtXmjOw18ojP+Us0{}71Jqml5Tzi>;9n4T5M-g%X-*s*p2Wmx!X`fsfq*zMy;GM
ztYkzt1GuSgXZh(W4Or#isI>QR3k=l7fp9+&GEc4N<BwuSd7I6~v9Vcy;ZH!9f$1o#
zKX^3$5U~QYGP<^FD5n47ZDvX5aFmpTOo5@)isKaE4b^q#%i3Rcdtd6s44Ky?tDNPi
ztZ$6U4d)#{|JM{8b4fPp2cE)>6FJcC1Kh?3xe<}}$CKeufXp`)y=1w=Hr*jO%_k#>
z@A|{lvj-??0qU%yDF3^PXAZl<;w|1juqbVmSXX;T{+Nk;t$?0YG2yWyxlzw?kKb=t
zbAzOJY9)Fb=NIy-Th}$hCL(~+NX{JkiYJq`^Hvy0j^jxl)GxuNlwdKDTx@o-JMcyp
z>4W-r?ASHda1ffvN+t}>Pi#e4?(t@b*oCt9-}5&qjOWmYQDmD5CU<gd&hoJN>Ob<;
zKg{S%+e(&ND2F9ZtQ<E5)TX=&VNDB4aJ==D0v6zVeHo7CzsNm)mVD1yzsbi3iN&eX
z2DZ2>EyezKm?vJ+G>wD&rGI5pi*~KJW3acC-U^f?^uJNLt8^v$NOSrtZ}fdro^T<p
z*Q}rL8MC}+9i?8YJy0tdB|(ywf^3F#LGYD3RfbEAKgan{e(2Q3Pbp6Fe#Bs3*LAd-
z4HUDN(I09MEu^2YU_onEks3}R8x5plHX2KZLShDDMLBVbK}=J;IwO_HU^$0tx5YIi
z_TyIE1k3LdyT&2c0-Cqi2T4fp1Kd+@Os_%_HAh0Thjz|;{rqM*+^)Opy;jS^Z%AsZ
z2rd=H5<B%SjxTLJRM*?im7N^e#<R{WRGk{?GT)6+$RJAf$R)Pe-NO3N9E*RwxOq=M
z2aMR5v4(wH@;oJ`XnNX!mRFc%(zO9PIj%cHk!4u&X2{VW&p6o%7e7Cch9vIrp#7N^
zIGX24xiB0Md;k1jcR+*O7}MieOF4yMvcW78rG+d=6ntSklcE502Y9k2qF?Cad6$o@
zFm<9$I!*c*7Rh~h3C}5vwh4fJ!z)e&VShq;t2|QJ`Ghf=g6xaYIB)ZAhb%5OLDN&y
zDefH4{tt`-L+0>t{Bg2P{cNpv!ah!vySj2N$2qMU?0GB_e+nA0bgXW+^~7k!yXn~=
z@g`CH$L8h6ncEi!N^jz0WGnT9jdCB{=&i79auag<*><1YT&Q>E=QPH38f@~k3|@!J
z414}sf4q{|r}pto8S&#v#W<-FF)9@@VfQ>u72#w$(L7I0>#Kr+3;#i;)mP16wX9CL
zy+$#NrmaBAh1NHh96fc|o>nVA%Po1Ht!K3!r9Dp@PF@ml<VTp@S=iJ+V`2LNd183<
zS*)m_9~-twtBPGlCYi4@BM?9270E7+D-Q5O&>8#)=fmJ0uobwi;KYxXEbd5^{Q8ob
zW^B!e<x<pgyjO`fDNCWB@B&;!G7S(u1}qT$nCeA{p;*(Of;8+quJe0ir)r-(3F`~u
z^9S#lFPSDeTxW@Yi?u6>eo4NGQgj@y!(_XtD;0OqvujN=Se`&1pHVBhomiI%2}wvc
zaE4U7syMhi*C-e)8>C;Iw_~*+*?+K-t2lA(#<!WKoQuK$`p72~xvTM9x5va{!gKEf
zUARZ%;w96%*{Y6Kt$BlXNPg&;IwU#yN=D+ZFyrqz%ii~E)B)7Vm<hDUj(5LFW!BYW
zGFP*a`;WcyhdmF<q2<F=e&pD|bzi))+^@Mqn;AGp<tgsn`{MXJ-GPMBmIpgXyLM_>
zbyw(;j|L~8@6O!fE-GFN_mRjLt)9m~Vsjbr=dfm1i}s~6-)UIMvRGxG(#sL40?G`|
zyzkYp#Ur^(lbi9=7VnYVxn4&vlZ!%rvE?7+QaQzbx$7-sugS0F@HI}RgF)4BJF$*e
zB6f{1H9o;?347=uSLwtIu>1NXjgw%}HRSRWZ8O0pRlh2MlH$OM<C($s+rnIPw0OPh
zm19!Q?kbl}6Q`jr7o|L3i9CXi+T~fYyUrxq)Svy31*T~PJEUXFIu$_|%kNr)m<`MF
z<q!_#hPrP{K%JpO9w#7N2dEu%d0c-r<o?o+<WK-`ixR!0*W;plwmQ;P5vY<U$yh^w
zZf$8m?FS^rx*A%!{*sHW4>CEj^+jV{s`obosc?ic8x*FIJWRy96^Y;O(bu`pWbv&o
zSf2Eiu-Wn*)z6oJq~#Un^*w)5MN2r|Q8PU}#q=WK?WWpI&LHTduXujVFhE*z5^}aq
zJiT0cn=`%RbZpHd_u6v-qKE^rb_uJ&@fI|s@VV)YoECHJThSPy8jCwa776|L9E@xV
zF#8_Be`M2GWE^3P^pn_Qu6QL69Wk49YRq;~SrZ1gMsBE&7RD+bsg4q2qrdYjl@4z-
zj&1%3MX@||m2zsvsBR$f`m6+8Id@iV;SI~|{_EXR+3P|lRPj>bg8VJAk(2DbeimNy
zO1$A(bNA-rS~MLe>zeO%fgD?193;2*yH*D}5ha!fE&;S-TRCN+i%jX6pdDx{o4)4F
zdkh+D$y-b730w|qeHelWC<|Fl@;qhLhuc`%(}w%B&0uAHhNNQ3Uee<lv)sh<0P&>-
zm5^oj)-s$RC?g|Tf>B;gR<10^%G{rq#FQ#bb~(wD>MUVlR7^GL>ZVDhA)3so7=%i&
zHYG-QUImGQ?j54u$>I0)8IJ#cBll<<&XR-*pPCs&@0qHC`iG^E1qW@I%0;}93XN)}
z3u9-iekD@sO&;2faaQ$4b>X)<TS-XT3sSbVA8UhuJuStV5m8Tx#&{uIld=?A_LYep
z!&<BqK8E(KARU>C?^&gxut5m@Y3j`ioi{6kStECMU*(qRfWLpN_>`$@bH>yFdUcll
zzC>}S_CdBMH{}Jly8Gzg99(}cql(r@zhBg~<Ovax*C_27J8Zkh7u6M$_B}y(@1zn>
zi<V+eaQB<(1yCbxRN5Qwek+)0&PA=bA*xy;9F=WWO7DmHOZPauuAyPyEKgc3a(mkm
z)Mg_q2NiqsvJ%{mXeFuLX)!udEz5#s(^Au<^C-bu#UDBccmWXMLWGdxg?{$LY><nA
zU}o}7eajL?5AqEaV&iVz)s>pwZX(loqBt$H+v&q8FFA~0%o6aM>OBzA!poZqR}OH0
zl{BPBWS76O!!-Y}d23fC5Knqf|GqvPO@@xlUojR(2;+s6xC`)%*sKo})rdZXLWemY
zpH)v^yC|>(8j5cf5EH-ui0zktM@FGb@U}{K>FDHe$Gg-HkJ--(FCoO!%9hOuN8AOO
zD2s1;FJ+%T>nzW<V!{%3f%RzzCn7{uRI@%gd`{=Y<F}T^0dJL$BsG4Od18J~=4ohl
z%#~w%LvL}kyfQB7W7ZEnELhKU0AoXAoS|29hg9`vDy7opU<PN)1q$Z=>*QxMOM1Zx
zV>rtz?BC=EDv#wmY)TvEHL1z%q9Tvs$7iB%6+Q8Mwh>jJlH(j}yXjFNZ$3`VoNcLf
zTe!R_bQxGL&78Rdr>ya+m6C1?)dHEQ%t&s`RgFb@Sbs73llCeyolC1Co+4Z;k325(
z6L9C0814P1kxB&LY}w?4Zkp#0BntOVkrv))rP?x^OWd23*6xfpWGg|{hh?tDnmW9y
zN1jnapBjiNOL;vAcautbIlp{*q6;U;dRI{7<ij5xDa{5W&;;v;xL}w_@Whl|!=AUh
zk96Djvs2i$PUb)2n1Z4gbRgqRaI5)K@z~zz$WXqcm~U1jC+YZ`|F3tVXqVJ1&d8j+
z+$<}30b8BGs7%tMHVkN!BU{!_o3T3MgM}0e-y#F6C*73aRUxk$N5le|HbJ9JzH98|
zv%mGhK=6bZnxS%$O?Jy+C)pYOCZze%i&KDVQ>XS~P1w}{Re|)AUme3kwZnsxIUQes
z^-&&u{50P(jcDw1bTZ2(-s_Ew=;6b0{U_IY%g(D1F9eHhd|(h>-ST(~pjToOFkVJZ
zNm&6c`!38jey*e_T5nAjooo+NuRiORK9=O-BC^1ncD%Fn7B$0$OrG+SjR@@bcW}c{
zG(t6$6Ez`%XOZYHcq6H&{WPiux)jAhT3zg?gMy}niS9<+*G}1@o87qEXWdXsd<Vky
zy!OzRF*n%6rW$I{bf|BR*`MB7Gv=)LY+~ifR!JK9>Dej2g7(s`QyE9B4XayqR;a*?
zt&CZP%6*H4>pt;Dvv?!Pa&<(l(^43Vg?o*6yHF814A#vtUuEeT=W_5G<r1kdy8oNg
zbkM>1fLx4Y9-oSZE{NUqTsb7$Vfw2Td(g2&4c{}D-yua<53`D*atZmta`>HR_-FZ$
zW!ZGtN}0UIrUe|=Octwu#+tMQnHpFs=4^+DyFMK4Xj-C;t%H^Hf<wdlu#wuUi~=3(
zr^5O|qN|LS&3V0u8<;9*{J!ANb%Va+r_Wp5(SPtw9<A-zvh;vn7%cXE*yrsWY4}=5
zdD^WkMX(It6ZV)@W6nxF)N7VelTCj`O7@nlylR#9hG|eKy;FKK9)6I8&g=npdLy#_
z9w+1jm`I=RrCfGwN2&!^##}}rBbRtZX!go%oh`-XS+)PgUFKF8Yt09Gn#PEOdyi1B
zTqD?iMfN2$QGn9qI%tx7kV}xwf(KsI&7aaQ-@W4r$LirOm}s#4L+XVpB7V6ro#mN#
zyxLg30bYcQaUZ`vQJ8bSkLb*OxA%{tVv3|$3;b)8!@SuQL}?iI*GjrXfJ?s7DP6~I
z$Hxu4(Yu8Lt0Hi03ygVKf?|N9V*b>|ckn;^-c#Pxut3i9&TRF@QlZIIg?kTZsq@sH
z6jbJ`6PNqsp{&V@Ucq0p@TxFi1Q}IGpC^qqAFIi$Nf;$E5~vWQf{qEP5GO?84BL<~
zJ`D<kXzaZUQsJ1mYTU-E?;V#{1?MIs_W^ESIfX}|ZzlO@TFj@aHTm*{T7N9NK#T@!
z0rxNEBEVEex1>G2a?}Fi=r||y=a6X&QUCP$y@IzMJohga<r69QLOWanc>UpNDv7Xr
zi7wsePuxk%QTjdnmg98GDb5P%#8#mnx#GOkWCLhgSz_E90}iU5lezw_{@Bt=Rl-=%
znHVdC>OM@9_SfS96Afh5P3xT#FSmxj*58f@j$gXX@$2tVZ)xFPxcGAFZRg;rTYZ-?
zhVMcQ&tACunlTz*vJuNRHQL9Gf$~ajXxH8ezg+$aSordg+L`0YkD$47<!7z*JdhtY
zGk}z(Yl};en@)asfxMpML*+d8w45%VY=f%|M^M7*LJ;1^JX8Gc<3ECNGK57h#g{qP
zxJjx)42uYM3IcF~e>Go4?jdBU7vg<b)-zNi5PTQDGLG*RxR@6W4ebp3&ADQVJ^T08
ztVtHpAnBv!80MDtaCtacVWw#)_CoR|H5>@g4&AqLLd?j29RGHx)`}cI5r;2rdF4cM
zdD%=_iAYc^7dGMiQ5&$=ikF<d8B4F}V#Qq3&n4CZoYclWz7*w_vXp8sASdB3_E8id
z6}YL_M3-(su>Y7ZyO4uj(GoP$Uj<yFD5O*jV#mQJUTsabV{bM1;eY1ZeTk<zohyg_
zC`Cn?w<zAc#`54^4)%>ccI1OIG>zxZMH!NYX|;8+PMAGO{)T&bIbCTN#+JRFneN(7
zH<wsQ9ribBXKC^SOn4O$9S)!{gW$KPK5|dQ3|qH)W0Pj&to8xkQA1K$;+l@(TFU6S
z#V5d?C8je|0lrsG<d8B8xQj#y-&N2>(tnHK28Up|5+9ie!_|3Y7@%%GFDy`BzA2`f
zN2e7DtQqR$TrqLmXM`FHl%4h^ne`KEBNs3u<ADM*Xt5k*vw&`w*vBLQV*Te+7IEI)
z7L+8DGg+T{mhVS=IUsuV6xlMu7Kv^b=&y#-_CeSKvij>lApr@>T3tb(PM~C7+_-Qx
z?FvdOk4b+jhu>V8@XhH1hdYFUre-)JwBm;b5<ltwag3?`>&E&40Kpkk+e}t?#yXrH
z?t`VaL>#q$-uQ)!mq~TTw1*B`&#f`ggZ+ja=dkvcZCfi&nW`eRh9w$yG*`X2XGpG#
zFUFC4Ad`*-20A7coohEn^q=kaS)5!Qx&VD;Ha``#!v5(lO4re3JXS=s=Gr&V9w1+w
z=N9fAWL@U<&+!X1^LdT|mmb`2l76;I4-~y5xMCLFBg3z<?ergqpv*_c5q027I_6Ak
zY-O0;yyZ(b)9(dsev&Ha8E|8$Cj%tNF!4#=?<T~CD{Qpr*&43a#Ig_<fFTpX85097
zSRwfd6l}z%S9{Vik&q*ajb5G!IzlLk*@zmHU-aZ|31-!;!d?0I#9fCp%d$uUx7MLm
zEV>Z?JC7Ec_$8=9ZPH#<z#&VLxUyfGgXVksvzZR)mC!CSgy=ox_^9_fWB7`3omu6g
zsndh@O%Rr|;Mb(ANjVVl2fGH9)IxYnwQfD-Tm+OEz=c{xJpGG2XZ7c4DddJTCtyO9
zl*y!~Ly=joYrZxx^HSqc;ccpBwMub|%a-taPhvZ%G1G5~o!;pOtYf>~44dd7-@QNA
z#4Q?nVH7<ZpI5ehnO_KMQCE<GQ4p-oV~k?*Q<jG)r>0swA7=F?148S{?-JO05a753
za&tw(6kwwfcDzcV%KY|Jx@fHy>94D%=l(6LV)=2Gy!7-`3|3fwFi3TKd`o}cdM6Vu
zcTvCc=Q8Q%{sxpD2A6RlVrH3H+`<r<9Qzt}3v>fWcoX|IzeD#gkyq}pui{Hj4I6wc
zNxAl#`}Sds><PZSodBG3)$+QLFG8^is7kp)gcL|uq(P}t@ac-rxlyq9iy0XrB7VM}
z+nkUJ0)NGS+Tj8X@zz!72wOZ-`GcZB(I04YJn|!YA;t+*g}39HRGXGdzo@NVe1J0Z
zPum~B1%MUFKPDrVmsKw)e54cfhu?9s8J)IL6AGE}G#5<-okGxX<ZLb(ZOwd=EPyi-
zpcnOm(rAWmC(Vc0b%Xjbp?r^x+r3?bw0|y;o)h9-)1Ud*MgAp2zpAnE0<BKUaxx28
zXz*4X8a%6DZ~7(RAuS$k$t6rSw8E47v99o0L366~ITRJp-vyP;{!J$imQTbZnTOIC
z?eiI_8Fj?Z_+}>bm$UVQBGGl0-O4<_z^}P*+5f;7d^HMjt4{pYC|mMDWI{n)R{eDP
z0J%|i995%g{NxVTo(vOQIQ3z|z;T6|g6;F=)?gqUhF;B{+3|)*e3erd(HT)De=sST
z8H(_3j64K)+&!Jy8Yw!di1CmpMHq#xgeq$Kv&_0+QJrQckma7ia)}Xh=y^P}myRZ=
z@~${TKS(PNt0d8V_q3&lPcL6N_$VVJL2*vqk)+y`$Y{fY>IJN@*O(+acD1mo#j#a|
z+%mtL7hLqj4w?VYMM{B>dne+a^<yySX87ecxk|I~eRtd^(!9`N>X4ORgyOP9WwPVp
zW3Q0&uFnQR5^<MACs6T4l});+WZ7X{kz(3AP9Xqr19bimO!AW7ZxSNAr&qinMz>H5
zKGjt765zj8#nkP~^MB2}+5eIZMv+vE^43^~TsM!&uvZ|kx`17ZiS86^k@!*qtm*Sq
z?xJP!y|eAxtykNnKe<7q$PDQC#p&{v8CmtNx)Kcj{*G$*$lg0!jH=da1)P{%{zR;k
zU7yn}j@{qS+uGJ4HtsXA69~_IPQJeTo*EmITJ7$~6LtuuE$d}_gv!t8Ap)CaK%;1^
zgmhsW{UWq}O#1O$dj{)~P)aR}uo(Z1M8tgV+q~`4?`@|RLZ0q%;FrAxR2;Dr1T{Jj
z;jAQR8K&G>_GEZ<$(u@w2<Vdmm<`$mIOhDG*G8sh$pv>`vb#NsB3qs#=Wj7M4S1)a
zIfsx$UDIVSxt8EM-#Ssde4((xfDwpMU+uquNl+uljh>%vF^T{?F}0qjE_>`a!Rx3d
zcw7IR9M8YLJ<Ivm`zhna`PVO1zu$OXa9qmE=RE)y`L3U-#hl119IV|&QM|H%0-V4_
zy9G=nNR<_GK#aBHd+_eCf$04;(%WjG5_K>D9i?2o3Fd8I-NH~$uq3qFkHVJ)_E10n
zZ-1$dxApuHE{#rhjNtfJbJ~F1{dwSZDf0g!mfUWCBNAtD9cB^%pniDmRS`7QDj}{-
zdl4iYyMLEQ-2V@@S8afy*#Es9c=-Pi8TJ1&QuTj6_&;~&|Bs;B|GBFFFSx3;9e`vD
zye-PQ(6H?^`>)H`e;DDSI4QLI5bfgSrhD{oNi>05tWuw^PWtVCTE?DiDZQT1l`=M1
z)}+G4YcVx+cg<Ntpa)w?eLjYEx!VPpkOdH8xlZZdoZ?9FOQ*J&uL4L3b7^7BB197c
z4TmR*LG=no*uHBv9N%x>!1et=*A=f)j8ypVH);=Op1Qhk;q@n(Xn^pnOq$v@^|R+p
zoB{=9419x7=jQ|{O0rkPO9;Azy$!3)*3JeQ&G&w}!~3|g!u|1Mb8>6x$K%NQp$+DC
zzxnUxWeaqN3TOTbFF-DEas54_h%mr(+qu8qv3_2VOq6`ASXTV+y&ZGuXG$K*9gG@(
zNy<2PVJrHb_1cEAZoq%9OP$V<&OBi?rofCE*xl%}Iu8OxIZ9KZLq_q#dP(h)_<3Eg
z=&@Z-^xM~}Xd5Go2&%PRGrw=KIVNKFKZZ_O24h+((7{@QsgBqT$x1kenP$DR?3Adu
zoQ;El{z_1rzen)b@8f*u#wYDkbe_1>X3zPL&`s%1k<xqhPE~R84M58xBlN7Njn}U7
zKC{(%J7W*|Cd3W3)382U8lJBtkpN8E!atpoNX@<8f*lK5ydWAH12+&blK6^w;wJ(?
zP1?B|R+Dr9+Zo0rA&GA;w2ehsYTW8Xx09Mo8Es-gF@gk`pnW=1;m_5O&mL@PsqKK1
zyRaak9$=DIKpeWXId12@e-q$Fc_P~t$DR!UEV+9o;W<eHw5I}Lq}xzm$+U1Gp^;c`
zhaF2M0-kW_E;A4z%<FH7JDiq`euK(CrPg$!74TF|U=&C0so2mE12g>*$8QsBhTx43
z_VSZR&Y4CZEQeg~zX_;e0svQ@SEd{E>m$_4WMJluV8~1A{W)X2IFL`IUjaG`Xw561
z^_?4GZR(R3;imir&hmpQGrTF|8m&&ZY-nU{A0rB*>IS8=8?b=hIzLRpKu`d`+pYM@
zaModJxYd6*+4|^qq~hR3dfT#myvBy3^0C`9x7q8<18J_i!=^~{aAM|FS;4`>x1$yT
zv!}aYS33x-!lE?QTi{Kef6N}Jf%_DQzSSX`_yCvOBU`t5L9)S4*s3$}>Tr|3D16gS
z@>=Pu@b!6pysD(yrz~3QdpSSY+&NbEy_1}*zBBJq{&8rhY<`ziZECRK7^g9HIC+Zp
zk_uSHIeEnH*{^v+Q>k{3IeR!aE(k!S*?r|uvLT*R&7WRK%`P0hq*StRQS_EjGE<RS
za{JUCFJYOnbBcYhjUl#mnp|L}yEhd*87dF>r^fb&uh9O64Q^#fKC*_1YC^Uv4JfZy
z(^iM^z=PK+4!goNrIs4c$zBf^UNCXJ%1H9uy)&|p@e~gy05&zzPdY((8FCq+6pG()
z?7hl;XE?*slE7J709Pu`Am;~&lVk4P3+njq->r9RTU_PXPnt*G*10fMpk(-N=H-s7
zN*B*xCCtj}*z<kW^meEHwYx;bic|mk@U!j|DSUSjv^bTtThCo@*vyV$UlIxyPdmvi
zr^VT}TI8vh7#qY5ibDP<$k72CeLt3G>0Sm9K0s`;U`IvYHJ5MoXK<%8e6g(ex~)5y
zyOEDAePmVfXQ9Q&AKXU&-kT5m&&O&%8xrZXT*LL1%|!l;X&bLc?A8FEWdcj@vnFry
z>os%OFd`5CsqizZRfrJ944u0@rM0VyPy*$#JNmqL{;A7tyFT_%Yd?tk5U}s-;H0Z#
z`}iCEM5fmMh|VMjp%X)aQPEdQ4Iz=Q9cqgxDpwi3vV#FiGB+NG_wIY`vT77I_7An9
zZf}&0JSTOdH_+Sjc8M2OG5hIA*S=&ZXNc_z`>$a(y%9OeWfq)w1f(30KJjT4{cD}a
zWiR_nn~SVr@6WuvDt&d2SU?E-Q7VM1dlkWk9$yX?G%jzxKiB7``pPYbhPxJ&n$o-@
z4JB{>on7BzzdC$u5QP5h;F(B0&DfYptk=;vN`bTHfeu&UjW;U%bce@XqR%s84^Pth
zLZBu`cGtFubkxy$5aP5FFh`j`UF(yd^^_G2)Pd)U1_|T~+!%3-lklMOsyVM<kET|w
z`CiT0l1`9pxWD6dPm|$;1Lq>Yt~jW`x7P4exF$hM1&O#+UufO+uR<O;&5k*slk2gS
zzG@TW#p@l~r@#A{)=U|{VnY8Tlwp0hR&xQV5lNmePX+hga_YE6%c{c68HYXl_F8W>
zm>bpf>uRtx2(7pWxn=2-7mv*KUQC^5C&+XNrt~Pc@lvtwwYI{Lf{$e{L(N?zV&m2#
zV~DfMa+JraW?_rh5vE_!?HSKbpZ@#Kmz<P=f)y@;_+I1isDT{TS+2dMYN(xur@Q5v
z+cg~hVb;dlpFIQ{EHo`n=MWc<!V<?_M1t+P{lA+mkS|OP&h-nX5eiSb!3zJ9UDVb?
zExmV3_gf*5lm}9|75iLrZgpM^$e_4qP^j<BFlvEX(-#s6-`i6|cw4(;wW0#Y)<Z+R
z^PC?xR$X4LNT@yY_H1xs*e+>9+4JnBvcAzk(btpu<on*ngtWU|J*SIYIo$}9m$X+v
zq0rJXv7{tah=@zZQq_m#`0-r?@VHLi7CNNPam)d&8Vni&YGkett*5RU_r4d564SZc
z3yXiZ-2fB$H5fI6)1E;d%rWu$o9m|ZXpCO2^lmhvWw-TWP!%Li9>RT=FlGxoP=K4L
zmU)vuw4<nqDk&+F4nOi<DcF&RPL1!{m7-)xW$j(`v#n}(YYu5Qam@3yhyi5Pld$Zw
zYhf<c9JIW=zCuI522U)0!GKkJd-uRn-cug%*x;`H>bCzKkMHPysh$^pmZd;a-t1*Z
zHsUAah50i#%ELZD(PsA^`c^w*5DNZ+ul7@!c15>niaXU;cE%ryN}8Q`(=R7(Hku+J
z`+Qnk9w3U;gddnVKl@><ZImkw2tYKc{y7zGRIYt5px;Bo2Yi-&d<TqK-R>GLNw+;I
z^y>dS<u|hRu8M&N70P+Q6#MUv6&RT^H&c4Hho-;^aQN3+;(teJ@emM`-#tB1Hj{nc
z?MdhPb9vPlwUu_of;lxpOT*oLebtVNDiH;UY1)KwYag;<5g{^g%7%GiWH2+h9Uq^_
zyD3sCGQ(}y;DVxagaL=00}Nw072@2CFOGCHKB>b<n7tpT`Yj6Xr;7g7N+=i|8eQ8>
zB|GaG;$Pu-LCCu>xi7dxkW=gm&Nijhh}~*y^4BGR7$;LHi4oC`kCef`4F&#puqEo!
zzS?Kxr^Vy4leeXR57@=B^WI&!xY3td<+opJa{7--l)Nnd&|xQJ$PG(x+2KuLlxDar
z{a^`DEyD)dIct3I!Fa+aDC07qBWasg^G0CmRdv9Ef8G{Ss5`Rl07KhN{_YvVPe@IB
zlz(MxkPvzq$1GfT>x~EE>(|VCDeuYp-^}>FSJX~F$4{ZSHS*;p+~0K2ZRWc$vGy*A
zU$p93?3ubDFK?|~Z&3gGWN#lj5I45U+~K`j{No!imaYz@J}tcEYKgmIHw~}8dDpBb
zxY|ed693!7n>JHnofXUTfKTgaSof6T6lLI_gL%D3lxb4*MOytilzg6$AD=Ry+ekpe
zv{sROKe@enCmVlADk}i4`JgEv5Q2uh$~%YdC{rymfG>qYmup<jqPQskcgA@C3KHp!
zx}EHKM7*f$s*&s_0C2ZzVETfE{@fp%S0we2lPH!e_wU`~{o8h~Lofhg@@idgjO2K8
zIw(B`@>y^0J#@j#fJrXj<c(_7;&V(7?c}jH0D(|qACknrJdQYQ+El_nvwh+=?aAND
z5zV~+Y^povo&l}w-RYEf9WQpcZ;LcmTO++)<`&c4(SkPML|LiV1qYIgaY~M6aqiWk
zxd-3y+1HG(R)Z9)qDeWsUTisndVvuUv*29ahwW(Ck?C@(utp#@U1=hL|1aL&JRZvS
z{U4UnVo8go64Kowg|Zd~QMoH?_MJ3Y#tdRchA}8qLM4Q3k!>)xu`{G7`#QtelWoQr
z+YDyR_+5SO?$7u8`{#LH&p(fUnDM%d^SX}nIFI9f9LM{e0#G=7<=GOdW-R)X(!afD
zLxi3WsnwIPzb7b{dx|=NNIwymxhY8*gpUM6?)l&pp_4rmxS2vVEn3m~6`0K0Bx*{+
zc!ff0|HxZ*IF2V2hyx^Tk6Y36*JRdj5Dq_R9#^BobuaeTU)h!X*A^2oU@a0SlBVEv
z=z$2PXcE)ZpOKWsnZHz>gL|U4-RNBA{zBA)B^9p+PErrdl)rwdJqTCW>wLP-rxYn+
zkp%QfVEG=)d>?(p0>e{~Jr4_A4Q>}NP1dqZa~n63qNe|y0^@SZ1hAP9o{XkK1s61D
zC$P}f_E`?x;_;3D`abO&0OfZGPYJ*uX=fqV+=&E^QmOy>tpLFC?bKP3Km#(7i^RIy
z@<WLVIr;xJ&jS0md$?ME0#8yMatGT9%%Hjdhb37F-{|oD8Gcao-zEQsXPQ3zo?8Rx
zD-{4bX8z{RQ-zH}JD{MS9seCJGqe3ec>nKZ0ABR})70AD6H$xim&-c(0M6+D<cPn+
z<=?zT9lwjhdn3TWHhwIx6|A>kzcydkvbOQP<{v)#JjCt&SN1@1Eg#oOI@q%4zlBS6
z0|j9pyMf3*wE_M!YN=_|)dO$T-2I#Ty4!I_Wt8)iH4bPlqEU<#psbT##s0im-tpsi
zFu#kot^_cxvfrG<C=UG_|A_<~#&V85V}__9RRBCFqaf9q;8`HyQ`9fcpS66fsOp#^
zuA!FlC-;-q13bo;Z4GY~(S6<TP1JnXWkk(1(5nw3rZ15hHk*?d0I?e+y%CsX+t}Gz
z$I8{tr~*8sh#MxTyu-guWMtK-ahb)AsAmWJPCr0+EC)qQn~qa5pS!%RmCON_{s`br
zO#e-I-SQOlo633X*v_AWG$a5xN6$$=t)|2u2Wgom6mU27)N@Q6n~pwHPd{)$Sljf?
z+S4wsWQEnavnPvl=eoiEpzYkHCoV}zrA*UtPVju{?{qGNYvqMotrgD!J#nsy)B{pO
zqDQ$T<cDgyv!3Z0J^EuBA;0b7%-zs(Afu`wK!o2|UX5_l2=RI9J>#+2^kentfvrDx
z1n5uMdm@pC=Yp3NPD35!4>K_ku6>M@NwM((MgsFX2o;CTidAE}Yn4%yM|-q@>9KL#
zNo6Wb%z*4-aIuczcP`MvbgekaVUbg;KQ|zJvJ%M_AQpO$7OyjXB&rk;`YG>Q&^_}3
zCBemy41U(8(}?M(C0pKiAcFL)cR7dxa>0^f1;RaLlS$WFQiBd49`3kEvOZp5^=9jn
zT`CL%t}EWMs?49Ayw3>CDs<dkH&x`~f3hsMu|1r#gV2nw>+vMv|0EP~K&*J7Kjr`o
z(HvTrrty>e1GCPpcD&^xzH<V_Xk03aL*L&oC}j5(m`onw^9ue*4P1{~fGDvS0OKm8
zpMti9Wu1CGf$TAW)jkr-P(^krV$s8@*MB?Rc-Z_nXtUPS9*s6Tz}r3nkR`Lo8Ovrk
zfXw^sC@`I1-SpeGx79j0An#vnPe8EwwxemKpbVr?ld~Cx_G!Cs7HiE&9o3`85>APT
zyL6~oWY~allPB36VnBn0<|=ry5@!#coUC-fvIWYMfH8^K6vxR*+T7duNy^gwX@F|n
zADz8)A`(0SXjBz<qrkMu3XU34f`H&o2Gd>+y?hSUgIW(r0^I5-M|Qs9mmc$gA&U-@
zQ(>x5Ti`zvJO8Hh{iqd6U`MO)xQowH9QNL5>0Mmb%5}>10=rTwxjqg!La7WE$8|Da
zdC0#2Ee&b8hTQ!f<zU3vJI(63EK>9D(`<1Av(@Hp&A|gl4awASG>vJztARrqvjm?_
zC(GD_1t_ChySi$3n5QY0(YSQ4H5Z|@zYN+R(-Up*wu7|AF`VXiuUvpHS8sEj&5#(a
zbgUdiR1kbp*RK%}LK|ZMzd4GU;jvpNxy~BCFuRGpNlK_(#4~=a?<S`o-_70lI0$Jk
z9;%#F6V1iev=22*dbKeXWbc*${S<X=HsC=Bfx5H#$ce<*eq#48ihck19w&Vz0kz94
z!@aC;P0RkUt2;n!Q6{U1DR*59of!_HMHm|AUNQE7M9FN$OH@0Ki)NRElJ{<h)CU(g
zd+=Nm8YKCkB{FP5v+@4kr^X2LEVywZ`QGf{RP}z2sr74H6;3Y?kyHrAz-@?zXnd}w
z(8mX$Am7!|?-ZI}=pvw`<_A_ouSzb@^LlfB0|N?fj&#R($2})`Zf~e-9g*iP%!{`2
zzJ(=L3SZ|H2d1`{{gJ8YF+kcfjM+v7Jf<C^A_mVb&8#V1%eQab*%F710&u`|u;s=3
zW}{<oB~6Ejw%aVB&fcC1adFDe52=d*u{_u9xYlv8c6H|3x1g&0XGbCC#Q>voHM@c+
zGo|VnGrMdh-J+m@@aP~cw{xo+T*}K)D|0HS#BC;0#w#m~M820XEqd=@Cle2R%wE1h
zx8nfya@=1gY?<MFCQdt_qmJ9*-Ry1YjI{)hIwJA3@>edkSG;oRl?|7$uBk>It{(Fi
zxg;Z;GfzeV>E&g}Ie@wt0U$7=eb<PUUn=8(Sw=y-nu;FgY4$jGFtdu>+ii*}?v85+
zC^3WH*>l^4>bAVJ<AYl#r@T|UT)A$(;eUI#RAG{Fpr``@^m1V?<7Ul5%+hmxuLc?4
zVuzA!hUZC*1+okN!EDRaI)c&Gd@)*6=3qgjKzp|yHJ8VhvXt)Nl|E3p18mgDp*BE4
zWUPluQi!iUj6oA<1ro1J@EH(~qfO~rA|ieSmN^;$Dsd@tDy_s+W<2qv)~h^Tua&IU
zR{F>9mY4yV$=3%V1}D{dWu7a&DGqh!v3+=RVz4QA$ye$7>6EiIC$eecN{j<vVgs;5
z#QRWx55`Ba4{~BJU>?uJHqi2r`+MhY?OPWO<lKb%Luxq{hc<+79um*es?*Ntn`EPV
zyeK5t5!0Qf=L)}sG<ajHc*y2h-l@f>Rwd51jYhm@w^^U55v+%82F=A)YRxvIoaQXi
zF*JK7XGWTFrnxi&YBlv0Dvzd??l-NFd3x+|%_5DL;U37luyykUUvPM{_U4&eZ$SAW
zQ4SbpuaA6SQJ5aDN;tUGCHF}|qd6X~*xixW_~nW};Aw16vUznzZk$N7H6UA7;<wUK
zRHOOa91a1&5N8hKq}024Hy~)2QFr9B`0g*yi&x?KEX58hvpFbPL#aK-d`dkbR2B@?
zo7bgsc~1b$n3>D<+v6{HPB+L4noUlJc?91uSCy~dc9e4=(By~o3b131^F8A|W$QBE
z9-kiGe5~PXHm^NUcFC&Hces5{OFH|&!7p5&nHup@8X~pJ3(iOA?wM!T(bgA_AoJ_6
z1-qDa?ObM(>RMAFw4)o4C@K!?mWjm!9+v5HvYn})8f(sSg$J!Hyd=!37MRjggHsX;
znlK<MGlV!nb8*k7pU%;~pjo1_=2FK}^I@J2Hm7#Uxwtme?VqRbbZtAA|AR5F%<1cE
z?i>E6mds0f({qT!O&qaiuE5UbZYTfi=Zic6E$PXO(*5t0z0-OBwl3+<X+IsI#xiLw
z3lWy?<vf3A-3?#Za^rHKMezihK76(!rq<?3^wN?Jm~4Zk2zGZ$`tm@?y*{Q>L_rSo
zj?dTwKaB@_jt;q8$6+OmrOTW!&qNc<7Z2z^^kkd!448sVn#}M~sV>lOjGOdKHY4|;
zgjoTo05%vQv?U=tWPL)qJiV@P9b$2A5;KJj^Ha-xAo%D#F7>Kd{p<9T9%eAyOEcg%
zmGJ|1<BO(O;_xvAO-@VG;&{)}#&(4UcG=<{$%f#TSk`C)J&^YybAyROFL~u6>@S5C
zvD++17)Y$dJq6zH#2fx}%~aP?mxoKWGwHElRxZC6bd;M8Fi`plylQCU#+Le8qFx6(
zFjihLRY2ND_M>k@e*qIGZjL!>4{Q%obgXB@&VuugzxWSV8z6Kf2B;W|b=-Q*e#s*e
znd#YnM_@}POKA+@;iT2t^NBb7S*uD&aQ#`azWuW)`&`<Ux`JQ#ovG#VM2Q@%xP(aQ
z)vhBq-kq}A%PhV5l+WV5!A(>rm=0)*ZAXXkdF=IgcBy@Cp!B+3pF{*|jNH$7pHy%L
z*L@9Lbf0ZcE$$xtT$v6pgA@J8CFJ47)4Y58q1IeV^g0t0F&xvp<Sy*{D7$*$gBx-k
z(1RG3HQIr9jKBZ+ZLpPIw#r69kRPwGZYZV012wnR@zFNuEnwi@hh_ZP(CMmhQx&z1
z>BMKu1eYHOue?oAwzR$ebff&r+^{1nH>a}cA=$2?%z8JQJ$P;8w<@9xW5j&kWi{jL
zj<OLe7uf!}P|=YR$tpR33BYwgaBCQToxdJN-G?`2Wk;HCG<5+(to{D=l#M`@aQt0R
zr+MywD)xXCM;$fQcJcfz)3hJya@g$A=}Pm;xp_`E^V#%9+^ONoT?9R&u5>Y*?QQ_=
z9Txm*H-6|!r^P-@H(X&F<_%dsEHQkl)phuN7O7`1O!nI+2W0{8lqJVf{kj2xGPJ36
z*f-`^bWcHNDm&2V&5!h2vrtbqtD5gsC$`kX`iprR6rf~fIg3{*ctDJPL5YG}BBOSM
zbv4XP8Q1HY%;Wq?MJ5Q=SkGm`C-b_}jI9UlX{KT(Tm|2eMnqbk^cf7}gv8|8^=iDt
z&>aBVI&iKa3=b=q*Z5$!k9(AsQZ%C`%_9ZCBLpop5CNv<W3;*-P)-Z>&sSt}Kz6x=
zoP9AoJW>4197+t2n33i#*7_vHtJd@@(aO@EVtjvS+l?JUdK+)TI<oBONoMBE(nerE
zG>2`zDmE+d@@nT2o?0~7%tw%rOM5O}e#V5e^IOm#I?@SsGDrU4nO7_T#9IYyx)7sd
z-gI|wqYC?1V|P#ceunAJVm6dZT_hVAf0g;ocOrWyxz&`Fcj-OOFb}-j*n5`cKddw*
znewpWumI!o_pDB@A|nrojg44d3U#|He0ty40_lv*kZ964)^WGj0E2P*$Z*ucime<R
zf~Ggt4lq=bCj2u;l-kvD=}s>?-f7tCcN8{$vN{0wQ!1h+BuUmfz3*1kqBMApl2u<>
z?@ze+EEgG~o36D~sVHqA%CWfEThO$T0K$y-2%R`w!$H1A#ek$AvD4fTk!p~yk!C$M
zd{v!xw~wek26tWh;ew5#rgInOUuulB59X_ftxJ4OPKT*Aww8Av;t3JXljH03m^`dn
zJ^uo*Kav0LX+`d)>cUHJGBREXY*mU66PrqN+)z1jw?FS$^6uU8yU2HMPx8$9bX;wD
zt7}~6uu1V<56@Iv9+a@OvHjiA{A)!qxSYj&z9DNESg3HFxU8SlI9ISVbrBdSAvIp&
z%5?XO()KRpfX8PZn=S-ToDCUxUi6o}YqBF>>!3BIdO27m-Ig|dsl{whTABXN3Y`zS
z*-};GR6r0Gum}BI>#ANFOBpMT=Ba#jrHgYwK<FzFVJ9xeawPb^LK`+)Nl@3Z!JI-n
z#+zr1%XYf<q0P?v5XVH2bas9ywOLd=mnz>lx#TM+GP06fT;09xbdmt?ZmTW7Gv*Cl
zy&AQf?7gcbT+b|X#54M|XT8qy*OQ$;mMQzw)f-?yopl`F!dP<6Rdv72QC@yJKV4Gx
z-^k-b>He#7kV?5iaJMjot(;EoBYZa(8OjMd({MtGlRdA@`@LFuzdGeb&H|f3+TL{d
zyI2<UB-TS<_6_%(&5X%jy2uMpbsV+~XcI1(dnoq1HH3MH_;%w`NhY!%Vp<_DvX!zJ
zlu*{?cST4@x_mmpe7QRMNr8)Pu4?>S5yMj0Kp(8wq>V85V4#9UmZ&=$2-D<p2~8SS
z%UqsU4%^DIs6^y3T;D%5rJb@puJR4+TAT4pL3H0?;(&Rbdp|<tox+Ojk@@@JoS0-L
zXegH4le4e5{7!w3f(dcZ4pIZd&uFrKB`)I?&$H9B%d7(#w6v63K|KEh&V?&0wIlZG
zQAy_uB(9VlIJsfNw@)mU&*LvB^EkDNe3$sD;D7EDFd+;!f{<ibf1fOZ?q_`K`BZk3
zF%0y4COE|Lnvv&AFB!&9dpzsU6nFVpIkcaQULO|kJL7-6KoXTe4z8V3>bS&GryPUW
zkG%(y9vg^k+pyVpH5l)k_u{JJ=@(1~x?Q)5@^;g@b@!BRN}rMB<FX#XaNi|pM&VpL
z_Fja?*ss<JFAr~xmbepLlt8OGrs7791CDq=M3T!p^$JC1(l5r#ljPG;Ew8xCrK@r9
zN@=AFyZhmc);^b{e7;f<3}8*Z`p_vr6Yvx|g6WNF9S9IJ0+k$>z!n6zEz~11ako>{
z{HZ~&c`S-N36Wo!r7E*tI(r@$;p^PT={Vw;EFp^Xm2Ryb*67H}uN?(&lZ8N>U@2Rg
zi2=(Uak%)uot4kXz?rf#f8}uBlu*=6naes?xI&QWv({5~1npYxJW`s#2Z)oy-eG1<
z`|-oUlGh(RI&nF#JV&t!yD9CIvm2wRyBKYV68P)5(Mh{xm?aBLk&hbE8|Rnf(M}6s
z>#9!eE~f?7?KzH`*k1*swC<EQPO3sN!4vp#Tf2-Ftq8<eaC)NYY(d~yLAxhJkMf~_
z-+&t{Q$@{ccN%#s1vd3iZ-2+vQLM6Xz!1<<XdGTWxM_-2HE#oW21b`V&S`9is~b5W
z1dj@(d+kav1{>SdMuOlJ%lB+dq*4V|<Q%Ejnnfi1EpQ1l#yqmR7ZI7p%!kCm%Qgfh
zQmFe!zO37g5a8sC!u#YP>OHg2zX*tmaex`6P=V{lLCEDwyu}5cvw}|r1+x`Q+rCK%
z-QzLAECfx`>jdp=wE#6W6zY9<k9V}Ix}+&FDs6q$|J!!nr6rg7;?&sE8BfYef&4v#
z((#-fgFGsx%Y#X~09p1(7ur|p-qN*$V_fVDHewy=cr3@9^<B0i3f%ewbVMD60Ann!
zp>H2D=NTiK-!irp5=W9wDFLI2VT$c{Pyog}mc9)LrH1j#-zvjyi~vZ}TfVTJQ9!?8
z2M}$d%|9E_>T12s0$M*tBY-)HW*MG~70bm&&sGd#BHOcSEk}YS_nkE}B6a6G*@JoX
zACAfrjH&h)O|?wV+zgGlSYHSbm{`mv5j8vaUaazu&F6u1NUs!VN3}!2L=K?n_Ty2d
zt@ViT^;oK_l{~VDTe~&Jo{R%T6ikd5*b!{x$ppv6iFqS~B0#x{x1K+WTNf$aM79k5
ztd}P5*kd}Mv^Aegts}eY5z@iMQ$x@Ei<cYqu#Q#hljF1s&8n0f(5}}IDPQD~so3Ej
z-yvMsFZgijA>zImoH*M~@Xl9K444nwy&I?@W-w(AdHkE3E-<DJCkYVo*-VAo)mec}
zQlNl)=?ffk%w^^^;yl+G-T<Y^J0jn1P@$T?>3mix{Aq{8lDo}s|6=p#jB1MY7p4Pc
zbR&4zCWTyXbdhNT>ioQ(-Q{`apZLG&Vd;|I=<bUBe!IE%nYqfM%GIES`9bl6maQ4!
za~|4i{DwKhW<^;JUWl<*%J*b#eM(TK3CUnP5z|D6dyNFG!|*Cd8z3c$Aq5Zgl%YJ=
z8ZSU$X4vS4T=EHldu{h;lL5S&fhYv2<U6Wg;BXdvg;roB!&-=OYz8d3Lc9UdtKtxe
zHVkjOd$Pz#V@0d1E^WuO(pZTHS9VAEisT)qlDm@Uvos}BJZv~>ulRq`WF-6D3fv{J
zjGQw}pkdOP{YO>viuJw_pOKVBeVW=rljgHluB$-?5``y)4SWhc*TVUAj1)kgtIKJu
zv1<+s?umNB|DNBiFO`Ao0s)jUQCP{%BC*K+?-fz52;HPAa(ap(pN75)503D#&CQKU
z|5h?rOd8GTxcSe`<BHm|$H|VMl!w(~*%VHaO;;>U8<vr?kM?t&IBd`*S^NV8vsp)+
z5IiJhIG{*T1JX3t5uN_`1RK}DYx_R^gJy=@1Q7Q`DS<UZ$GWj1mujG^(N=&V^B+~w
zR6394WBFe<AC;l^I4zorEC4X!av?nMv#n$r2UWd8DaqM#$h+btJDI^%(f$_PQ3kL^
z$NfP`?~6mYT<)r`k46IRlqFBcw>pTd;2f?xiEK4sG#B&&XDqZtd~jr5-l6^Q=^MHk
ze~KB$L;0P6<-H!#DW)u$GD<mr)*AO*Ipoh@2HyF9kp~4n`R5q$fk1!e)nM0Pmhqqb
z$I1Ea{};wOVCoI`lXo+hN)zpWD3^jYxUs2Ot2w&b)HQP5vpT?>0ZcoLY!nDbPY^fg
zTnUx9fy?%erNFTKAD08jP_F95gdFXiY6y$^4XYoxfL-G30F41)fCDwD3x#TC+u{Q^
zM*_=#_eTM>qjR?UBEBO*(2g5%2f(qYchTQ~>Orxr(&|*};(v4#9iFbw0IgsyGSVWc
zK$5gTdTK8AAKA+>OVP5uUg?)msS-g?DL{=DKya_1Qp4W-_8-4NcNJcw^h1C%a9LwR
z((k&mznr>qpr$$?x2MkeK^&3J=O0~exb(Y@@EJQ$leg|qynOMVBk`BjZ?!Z4oG+&N
zBj4N}ttHjL{ydSUhq_!R62*Cxg&rlbn4kDsJA>K&o4!0ZfP#-RLRW&nf~({seyb>u
z`mo|d$DHX6VI|)DZs8!1%1`Zg(%t~W9=$KaP%M3(9t@~vF5|6E@E!pw1pVK`GT{1-
zb!Ss-9K`v}Y_-x8araiIS}c_vRFltSck9t(A-VW;aSev`@4hW~k3DsM1J^MgkR2&G
zx7KKSlW0P}$x9&osIafu2`nBn|4ptpWU^`X$9kF`0!)aB!aRo%0KY4P@KU~vDo=Nf
zzogjNbI{_*)Nl1i**j4+o{eQsWTH%(Cw=yXR89DrGQRGu;+N$rRKSjI(@u(X)BGnE
z6-wH~xg6pSoHz2XJh`7YcYN<TQFXLqAL_#`?7HJ9t9Bbt!880*RO|&$ZQz%~_<~0%
zLLbGIj$oW9n1Iwq_yhI~`p&bAb}kEGG-TikFS0?wFA~nbgW72w8mStebk}l$`z-&|
zLTa{XX>umbU4wTg=Ki~o2S6=1Q5eiG!&L(8+BmG#I-hpZq(*Qg3(NiaPP1{BT!!{i
zZR)OxKB{rvLG<c4`qu!=BHy735cwSIkqqFt{cbcwEc~dmCt!2T<#J9q#6um>s7j!C
zy9rNOL+=75;#zE+GRE>TpcHp$6p%DtnkuzcJ@04B`$Xmgrm?j9{Ty$C49jxhJpLoG
z?XMoZ>iaW`0Osu*>IQOhPHIc8wWenl&Zp0h_6-h@a>zDVQ){6U49DC^#f@^cwtFmx
z`G1zPvRm%Id(FmfJ9wV2jWPb1&?WE&Ctlm&Vzi&zYR@}LX6Y};q5TR+)3gwKARqsp
z;S;l8(z38h7};qKv1r{n{ujZMQv&M$0?v+>ZE7bwu;%vfzb}F1e~o?gx97pm7?ZIs
zQXJnorE3k>&P^~sA{zzg^EK&|?LMsnfCBHp!hC*#X|CbWx;~2haW7Ys-%YO9C%?^=
zEzOlQ@Op}Lrc$}nJA96qoZr`17IomA^WB~{sb`a;P?`5$GJU1Cy(i{yMBi9MR`<?Y
zWuWJ%wO%}UP`w{{Yp#Ka6-;`;tXlsx4t1Y|y&f+JTG~OGAAG9WTMlQZIo7;+QpD#j
z`3k)bJ=P?#T{w~gTHFr)!c&i2xs_R*&{wj43e|+{l=)S$>Fzdrel>V=b6iaP^|QZs
zQEfdz!bRv=%ViWL0kjZPKG%kt&zfFHy?$i5LbQRtV-Sfa>G5>3QT}yAxQ5Et>HG$x
z%<}d^=d385eg&#Q!^^nZ<m1qwpx&X8cW-aVZ7}9t{inCJA5_^|pnJrt-a=HzS??w~
ze$>JXD>PMeeOgN&h+Xn6M1F4Ho=q3Crk1;jW!6?v?!?3YwCsGSJs5H=YdD%JfZ2bK
z{^U5%U%UeS(-E*dh?O(_$a<vk&`MriY|trG^?W4ksSR44_pXp!;pF<w3Tpmsn6)F5
zeR~jMAQgf9d6I53VB99Cwdo271XMXTmW}o*xNfqg*V)$evo!XSVAk8qE?v%*1GDuT
zt+6Sz@oJAsO7z9M-+gny_9_?ik@S<{+VXAipq)<Ir?WN$Li$9djwHI#_0UjK`)3z&
z<ON>+3P*WyW;WPr(Kz5dyHSIn+b3alH2?^LZQ4K$`fhcZsP|gIY+~PPIUX`1iZd1E
zLek7r^9}pKCZiU0B@W5%*6_#ByVTjPc?mK9LYz2-F2lJts7cW)WLw>+D2(wr$-6U{
zqKq1=i1DLYgg^4=k-KV(=xA{L)o$RwoSQfl`$eCA*1RNe?Pt6X+=XVkl?Qh#Cb_uc
zPm4N0#F-|>AM3IBSrnqXK-9~^Ybv{nB4`h?PL=sJR64Q?qtp~ik)U!;@wD(<4&t<x
zqkn@Z+Xb%$ODyn0zjz!6PkrATaGrqiUr&xq0qa*etM6x;`c_@u8Jg6knc9zw9vBA4
z#uG5igW{MgglB569xIbNy1szd$dB2VB`fyzSQCYzdc^RJVAedTa7)Vob%c5Pdu<~E
zqo?}M5fJj@_cl3yNTk)yDceaKR8Iomj1M;zk&w0;5TI+QtAfZ8lDL$e;sfK7vi`FV
zPS*9cJfJ)%$ujQZ7T}BQSgPZ>!aKmobue|yn7psH(FY-=Kf72)#CqQ}Gg6b_eREFy
zdR|PS>nA#A0O5#2+^*Qnz5I#ZA}JIhL^7hkF~i;tFQ}wG3M`U}ChJY7IJ(;0!B?G8
zhz-}ya;X|ec#6xE>wHkK>**evjOt(ql-qB&8SWZJf|v~smMghwpGd`DBzUS8sWxYp
zt86dNM3;`vFm8t?1k&=Ii5L7lg*)9-)HKO=M`TG3YZ*-=bKBXO!RB+*TayTf;cJ5|
zoFGj}M+d^Emb<Yj)9_IFeOb7_jpiYd1LHNP$m0df5n+4|+tL~iGT!cQxGj8zGHfMi
zDlh|3{`XTYq%x2U4;HDIVL-bdnN{GAGwH$<HId{~Qp-=N+02{eMMBHcP417o1@hiv
zuivCdeArCAV;wh1v16{pOU8&@(8|Y-_C-9cTco^V=(b%OoG_~@I8ODgEkt<YGzH!k
zO{We}2-l2Ry^S8|cbOG!j#^Z!hK(qrPhzWxb_q;FF)ZqtvHjlBLug!Q(-^JdBc<Rn
zRNX$9nqqHRh$7Wgt2RoI?fC5nh_dM3hMr<~#>vl!?5k+vKx}2_wkOdtzG$iC_@7`P
zC#~+R)BZjISY0MoY?3^!(tAR#ikDt#wuNy(kne(3cZSsE7wO633~Rxz1ZSu5({XnX
zzFQU^ljBL_{XpaQP3|1YM|)YD!o+gzxilujg*EAB727u=8@145kawbui^_OA2F=g=
z)73BZV;Vcw>$r1gcE0j_6su2buoil<MX7{_x96g8Q-pSg&0lshzIGKfwZ_riUvUX=
zH_07|!hkz%u$ta3FH6MIpr%R=!y0N58Z&`Ku0@_P^s=N4tt}!T;0?;76pDGuJ{#Ty
z*$q=$b8Df6eDRUh<@e+XdfH|TE>-lCLvBtU`&^6s?h`w&H4UUwb4&vja!fmTxjo0b
zH}{QxbJ9=>_Y=_9X;U$CZFhJPd*B9kN|CK8-olRFY?zaH@j)1Bi_e=y-Hlxe@9WUx
zM6;@5LXitHr<H9Y39c>sa%;B3#GJGGZWPvpv#EIvv`x~B>WPZbv>#0NcN{h=bi1gb
z$KGoEprkGpN)f{w>U0j)d`49q5UhaFj}ho<<8|XYfuoY*mwA@l5rs+*wc}krv-Kr0
z6^JjBk0j%2`xF*?j!<JI4M%m)*UD{C2fA;krr%}1-n}xg%D}qAk{r(wkMXoI8@g}U
z=5kOa*94zbbwmF==;N_mCln18t}MyhS7$iswPY5E+Q*-<YEI-nKK@j&RHDdQ2Xxn-
z)-Y*zlE}i?*9oFe?KE(6jgJ{c)=G)+x_`G$kFXm;3W*fj4W2rd*OruUS?u{QlZB%N
zm-$!;kDl96?;#B)PHhI#3(U3OAI|8X+ZY#vw}-o*gy*iv+V97G%NB*NmQ3*e5|RVs
zY_oi&7S9Jsm0!UsBR?Q0p*)8G%co+BK1(Vss6hYv%DwR|f4yJFI}7iHV$0i3#A$dx
zDVs&v81AuSqLMKLL5eVmipJ7EkgroVRW@o8Oka>Ucl5cxjINeCocJuD4D@1Exe&Rv
zyv<fz1&=&`9fMNj_^+xA@eSo3I4qQ%6KTunIEAd%q0ep(Y7su{ULO~ctx)xd%amHI
z3n=U#>m{xRIG*3Zg@6trvGa|a-790$kT`1WbBPysBiRpcHWs_{1`Y@%+-GL~+o3ja
zV9(XZSHgKt{d}PM9r}F;*FlrFGgR#o)_5F#>K&1#EI(B~ZBlpB`N<39*L&!fCH-L*
z=-|JpczP#j`~-}Un<0mV6`ZJH!n+|ZpLLdG3Ss>b*z;`|ygWKk<YS({vpT3lcThs4
z?dIz*N&;+3dF9iouU>pam+8sXV{LbIkKVUHoe2M1*PeVnPh!@3KHP!ADDBRI<`?^c
zj2j|{KbBsg)B}!m_b^WYcrvlE@_Df``49&2wpfwpxtiCG)Vrco2L_T}kP7CB^YG2g
z{CvBCNGr_Ja`$pwAGIa42rn`Z#$QD7w>M%3T)-Ps#zQNXg|1NPAcOMt%U=8T#P@;D
z9lb7E-tDYzvFKd#jd30%f9=niv-k`!z+{1<lur2d%gk+GE$JotBdnv`2T_G6$#<^<
zWiNW>)u+CGlOq$JOsSV>;+4O0>w%G@R=o*VW^cZj?}?7TQ{ZF8eWl*1<8G%DS-jjw
zaTf*rF~)hRX|s3Wh0{NJmRTnCY07=+yGuXjKGtbMqB4(Mgx<_L4Gt?{ooaUOL*j~I
z;kPm!J|DkJwa^vBGy+!~Sng@iV%HVxvHY?mCSWi8Xw&?7%PM(4(7h_fbb{g&Xpq>0
zsi5F3!$9la>I?j$6{>;N4{s()eE1+;m*zkw`vS5(mJ-ya;zV$_Z9`Qjlm6z`!gOX~
zPYNuU@MrUVKpqSUl|EGFd3YjqH5xVM4B99pCVz1fJ4K2}v9G(bcmq1^o#d2NJjk+!
z-d*=#>b_2-HWy@ULc6w45-A;ensC938ard@HCpTdo6&gTCq0jNl>udxY%!8u3ooR4
z8Z6Jby|XTF-=sQTJ^gFOcOYH$1_TBRH2#WSxt-}Ot#1apv|tb!$(V}7FMpa?8yKIx
z{G;U(_)hePgByfDZCg`+aqT}P#9epeDc@W?PQrY1b{`U6dlGxqQmW5bkt?_aeEosI
zUeB9x+&!@8?*~#z?~u+Uy8-g0YAE~Dm)SwsAfGuMllC?FxGHut9rsP4;kE3RtRi+k
z`i``f(&?HAUPhq1XuRv$NT1?|wpsqTut0HDfn12xyqT=;QGvZh>wWFmnoqjx&7_s@
zoYQT{1>Lq_u*cuisVNe0DKBK6Gid6K!{&CY?wQ+AU+?9mR@Qo?Sh@!%wmKLNql897
zL$?#w--Ga9>1DLb9F4xf+H17matOdz2=WZqewhbTpS1_)?h2Gjl)|Tw$6K4Lb<)pm
zZC8R{xC$IC>a}bB)Ftp*U5Qvh{#(lXD4%ON`Koxm`>-Xj7D}Z{<r9<Dj}0oZ9)z8$
zx0ViCD^(NO)}cc`k4>*XGCq=vI?Ur{itD^x=+BuOid70+evG?}>yce$?SSd!s)rG(
z*x+H@UV*#Cnd!>UE5g9xX^cRDbnMkZSK^OPmH7-eS}M#BR&|_vblZH+S7*LRi(B_a
z47ONcJULMOpH(z%=>3k|u&T**FFEXOIsPA6+8Yb`@^)CFvDZC%wdon-i*4OOi#q87
zJ|E(WCHbUPG&F}lianJnbMTKF$|~;+Y9%~V87!`>KI0V>dy}%5BzmL<-bS_9)7P5W
z{KX+jgbU{WJW|SIMkZEr=aM#DQ17X(U~b~#1t?ZuzWuDVu7uINZ%sg|4I_jy{m~!h
zF$_s<;SG#NX4D-Jl|W0A%H{(5Ru%ESEy)=B;gvZidohami5{qVLNpD+x(zkOTW<HS
zA2Yg0ecpr!K0j}~T9fBerRsVjK-@9azpaNO_wO8m6j$r(Ph9IQAc$RW=E}{?Smf5?
zq*udMb)Zr0McWs^x%D2szTIXge|`J|F_w@|A1o3r<l*Cm#N;BAMuM_<MKFhV3)KeI
z;QVIj`^e$Ze&o2j^xPv`-&%?Nm$~}As|gS@isg#})S&T5IQX;#9R6t<DXTP~Rx#1F
zN;Bl)u7C9Xr-`ap$%Jd@J5r@>Hy<4#x!oziQ>5ZSC7`jBfBCR76_aQ~8Y4*j7p&h(
z)ow#}<U+T>{S@%s?kMx-HUG01wp$&L0Oj?m<35C$V4e{av?k~ZM(0v7r*i6~9}QhI
z8(rCZH<ieXB;waXStja=%({pU0&Qr2zb`k7)&WV;LN8zQFZ#GlygwAmP!{5*sAW}t
z;52m0(?52riBfkg$2}y-oW{U$jiF@U;R(!U{Yhdb(we5Zc1c(J51{3ioE9g>4SmpC
z4%>d#SDY&;zL^}BMvXK~sC`+yDa~avT(vnO+%<_2B?Qa!=kf6cD0k*XJTo-y%_hcJ
zo(?mUdcplhYj-4Wd6GBmol`c;ELdDL9K(Ej5%F<>+*_VFqy1#2Akqd9B_e(O_CQeN
z1u35Vi`u&PkOhK0A=tNExSJ4Y5Q-svoLsJ;Qt?~a+g^|=o7hPhwZV3B3%<BXz8)S{
zxA&r^zpggq2F7)hRlQ7~x|K9t(D6V!Kk{lnRj<LCu6UKE{+ZwcW>9*%XUkgrjcyYL
z22-neZdQ`DZ`P91xDC3r#`A%#B=H4nFf)PI#NCGIKAdMY?PwB3;QWk08gct`+5iwm
z^_8ws90jq%foRT{U~7XVTq9M|?4K>h)r%@`tfL#@qeI-u{pp^kHtQmH7yh1pQY+=v
zz$1Li4c1ZU;CXw{<$mTzyhIV8EbpMX<9_;y-K#f7(=W(9$VJ9Gae2DF=jI2|lOBu-
z2p(!JI4eVc2O|b_Y}3q*Nc9IK3+h!X^yMiwI#j(jYh88Ak>dE80mv7#Pe%pcMcTH5
ztehLHhEg0uYmuMRV`I~OvM%sX%+G0SJw3ZPZF?ua(puFcJzze>J}!G<r(kX3NB{Et
ze}>-yKer6*n+g?kFC{_ch*<WI#@L*tkJVgcD0S_?*wqemtgZ@wX~f#$E)z_z2`DQr
zbLAxBMA5-N7;VUpwj;gTg3=l$v@2g6x#DiG8&&y=KgffCBF2qLzOHo>3pSQR4nu!#
zRme*{F8&JV*)IXbu6D>Y{qS?6X*R!*-E<E*TQ2EOE0%v9^+Sq37!F*X>pWTfucQe%
zgzJP`%g2$;TY>5JN2#QZyp)aypqT`IMqSzy6Q#=})Rv+u`U01Jc9nzO&<8JnL%%6@
zPtD<ffk6ISz=uu`Ct*JU=J$di8+gX%^a1=6^3S1#wfMIS3;E6wfAd_u)E)i$4jZ+3
z3)>JVr4~HrfAr5k?KCIFwV#w7pfJ>Om@9`jTJz8QTpvc3U;X<t@Exc9zr{|JZ~kAe
znol?7rQS!EUHaEsadAC9i{$#V-+-&N4UYUjyt;bex8%x&uTAxh3q!7ndiVFw-C~#1
zUUIhRj(Y#g3HE~aHGQy9!3JNqsoDvh!y7eR?_Xo~#kKUQU(`FR{~Br}``Y2Dhsj2N
zrcvz!nwW*af9|RH)7|xju@$<T#ZG$6qJH+9Uo9Z5*M|1>$3W$@N6(p0Dc{;=cG-wl
z38E}U@}-C%LvK_t^<{4$uWh7AcU0Q2&)H<p+T!z6w8h5STcdFr0D#5(xix;Gd#>ih
zpMU0Shs^{a58lS^=wB~CGbI`V>LBz+aMxdQD`Tjwa<?3-lLr)4VH2-_=TNy5tW-Sk
z7UMD#9BTorGe)G1_`Ji%KH9F~q%(Q69!SkK@TZ*T`sgsHi6u7x#_)#zxs}KlTqg#)
z7lvh#F$PBu7zQl|*WRAyKxhsx9>1${3>u@ZS94uI9G*VB+Hr7u@bO^Q%0-suS+2DG
zgB^~0ra1nKLz>4IrHcES_WnDoP)jL3$i?Nv?P*6h_FL+-d`?$1Lr;R1rR4ssu;I3#
zQ|F1O1I#SW$YwP@U9x65LQYP%VMwHt5@lF*?NL5-{mE&B+x5v_<mb*><w0s#P5C%;
z@EJMihlE+>$L9&93KrI`=H{Eqv5tb~#9UN-A-hxEL1oapEXaqox><7%P;ic`U6{M(
z?r(qGM6a=o$TfrsEASJ`tBoG8mzb-zrO#HS7@x%09WQu)cOCB`M=HXiPYcIW@0>ms
z(S7r>|HA1mTgN2!>gMMqCT1af=Sgr_U>9Qjl*w&%y3)~fmw%Sh<fp^+nl#E7{NmO@
z)=SQOeFORAI%#(~+($K0`J<;0iV~3&Odpx`ak@6icF^q<8Q+HoaJg~s#^lMh`5q9V
z%zz!dTPHf+MOB?4dNzET@aDa()ACS8X|-coJ`3LH`{Z2tX#miiW$4ZJveJirK5a_?
zq(H6mE)F+zgyx1<>Vn6Es$HWodxyMgmlmPYk9t{Md`7ZQw1QJ#lA*RctZ3b5GwmNw
zcSOy!&nN264p!cxXUvwx;N09O<9hFEUifP^3=SpY4WLG&^!(Q;Gn=1BQ*>VLrJ*OT
zxJ+n5QdPdz#A|_m1xz69?CbrV?T#c?VM*zU09sj<IC<OLO|!?|XZ(u$z8Ov};3;}>
zg7~hJ0(%R$)7Z1O*0nG}U~b7G7h3t{<lW#=s^i&l35?y|jWj{WyD?qIwOHW%H|FyT
zb5GGa(DL@}Y?X{MCUv46?=$37&Q9K7m31UmR3#op9qU@GtD3Ffj72TjWD(PSS|C*t
z$HiF<tAPVx<_r-nF0Lg8(^Es^B+!Tb@t);BcM&ifa(hnYN@t^b%dN;_%K++mT5S?6
z4w5)YBRA%OE<k4@S66ppWx@BoHi6CS*Rf5El$q_R3$_*e!P4jt#xxAW<)YfNA-1*R
zvM*cA*qY;qcPNGJeu&A~F}N(G8-bS_bTGSsmV`DSG&a&if1>V7D$-9(a-xjF<{wVX
z4|nHEM*DREt@;1higxNzt}Ma?Yecd(g(*T<Y%SqFz+?Iw3*^}0=bueQgTsY+VU?0<
z6xbt2xe+ma$|QYbZy!Nb6EU62DH0o$uU?tS;cL88{Q5S<al5I=5&Ts7aG75gK;7kD
zch_6BgXbKth0vONx(YU6n8)cyP_pQ=*{Aeai(3aK@xK_TA5Q3XWxk_+>zt{V_lxap
z<}v7sF{lx|-<_rkb)-DdZlFiw{bn7icJ^4(yfk;M$|sah=W$=?W0@2DPc^@cZzgAI
z9mXDR1y{P{D?n07l2CaF%<Xby!a(hvw#L==?bK=wtrrv9Zo~1WSImq@gsw=xF+K^`
zC`uD5<8K46=$>e(1k*Qd+Vh@V8hmgPS3lwSIK5nY2ky)mqwS;U%o0kwc|jG0+}Cjs
zSy!qT&B*c=C9*@(Km0Keq#b~z7s4vAGS7n3g*B{4O>2ZtyWbdEtpy8K`z|+#8zp$4
zbLAa;N9|A3D8<zV?)LL{itC6w5+NcH;l+DM6TMMIL@wMwU#SNOqWYC$IaLJBgHfO6
zrABsB>XCONePkec2HV8<y}D<l3L*i|q=GddB*5!AThWenNV9Ef&=3pWSa6ul$o5^J
z-l-e1Yple3_^Y;-A<ZXe$Zr0pRU+Nel{7XOjvrrk3&hq!PlUe}i<Ec*&wwPf&pE0N
z5WQtFi0qj>l~0sH^f>=eola}Ez<H>iR2~6K-=bVclA~H%_W2)(&1c*+3?POV%vLcE
z+T(FMDx&YYJNQHB$+-9{%ftJ>IMxw7(Cl>^nx%dIl1v<D5Q1Egy392}c)D9!?pRA-
zJe7Okd_<#G5ANpbrmdjRF#T(cZvTF|ag)nTu{#I%YwBgsxPpZRwdFf51;+a0%k;kj
zXRhq{0#N`x{xP_VzIGoLVQZ9A<TI6-@-3wyE%i=jhMRSRqw435ZtMJ%9$UxVj>lXX
zvqJjhNnR_Vhvd1c@hL;()8L=n?{Gc`=gL<sRlf?a4R?9+*xTfO;Tqp(*^{pn&Q*H}
z#wrf^Yox02aqlCRD@9-DhxKwRD)$}L@yTfEle#p!)y9GeRsQo0%~$?jp>%Md;8DWC
zr^4^I+8%%rET3PBmNc?(a*mTp+i1c7a=`iR7e~Iw8(Et&2Tgmkdha#-C=Bu^UwY!4
z+e3dG)zat}XqxvKY9m;!!1@Tb&C31Mex!g8C(A=nYn_SxvGaJvqhp)u^^B-1A4}GU
zjtHWmT7$ke`1_mu!ttY|wAAAkk}`=2rf#`Sr7wm?wx@q-Ft1FYF}e^h55WRJ!b>~I
zPL~*R5wX+HelPyey1|tmjFZ}ZsziZH;~mUfjkhS|$4i82gcnf=ZxEkJvB{H#fJEjn
z#f2QZ5)oP)DH^RI{PS*qAibMIX6GvC{J?cA`)9fnC~8DAkrc_{iFssH8}`z52KGFG
z;RiC1)UsC{iZSyF4lJR}r7{;Fng?AntL^u0_=|S7QcR3JVpNN>tlP|H=`BP=ySz2g
z>+)zqlR|OY4CGymIns~Y@fb|r>ty^Hd;i6Co7rA9dO+5UG#P{idhK^gQN3_8Dg_8`
z)amMod8Vr%^o6D>wbrTaCNXYrw2IrP@b0ktNtOn#Y#B}aSuHXCulWE+p}U@Hm2%Ld
zg|=L=U#A|Ls=m<miyP5tTpeBTRh=BoghuFSj4u$n*2W{X1QKp1@K4k@7p2VKrA_c9
zWoE!8D04`)7y6yN5nL+#kUU}u-P^WmDKyWNbSH0FHbne`R^1>HXc>GmOLsH<JA<g>
z{DG{2jm#G4`G{EROoWZ>y%?+xtFyV&=IaEbXu75Ag1R^A-a;JxPyd~#;ejpS)4J|1
zyJ=Y*quXXYdr;h;FRdfN3!DXwAe9x#3vDcBzAmi1DD$jaJsfm@KQqhld_!?Lc8`dS
zO>8#;EY1g^Z~{_u(gt~F$|8Ib(2H5)7+0{gThFmt6>HmsUItFUy2cx}?w>4a-C>@u
zC>~YsYXv^okaP67*>W#VpGJIw{JTZk+dS3n>+??&>5Pmh3A00YCH8Mu6@zTPyF=Ce
zx^NIgM{kdC2fD4W^N6ba(;;Q!c`FN=Q>vv3S-W<=IJ~W(?g)Kq2mzJzgG^>pii<Gq
z^KOKI>=mmW3be0uz*Pr3FZ2g6%~9ZX(mz3Ai!$?%om<GMhZ#o(Cy$<5@>fkS0xXMf
zyI<<wu~+X?suX1*H650%PaG{zWH^1>3e^=MiY=*HhB>F}L>>tju*TM`2{;N8?wSXT
z_8#fvG|pL%9qd^{R=oVOV;qts{5_?xw>e^`Tg`!2^cAUyY`n*@UopT!Pb$kw8d;xV
z4@nnR%c)AlVL$ced2SPaS535Nrw<L)kkZ0$SbGK!e|wh7(}eWS=v3B*&yrYU-K0QD
zW!y|-0KKJ#Hn2L_I|`m(!@=ca5=~Ru`4V)?y6=i#X5HlrcN5vy$Q%%s)m3&abyAY&
z=eM7)5J(*eXfuYABqt_FkNbkCpJrbb3#z1-?rMj1<NdI1BX4*eM=#-j)CJqDBp=R%
zU)iwE2)X_>!rw3=L{iJHF(yvaw2a&>DKVNCSzVdbh>#W{7*9}xV?0oVZm8iDt3DvO
z<8)m;<qu?J?BBWP^&!Qpcx=F5s?;ggY~UgHt?!?1$jjPYsonOJnhe`&tw#S<6SwVE
zj!d=RoJ*C}oz`)nX`ur%uPQ@sj9U@Awq<nN3@`ABy_$0}M4r3Q46lj-t9uSR^JuZ7
zo6cV9DcqVL%{$I_%GuT=rG%(l?<tRL7N}mIrR2%r8a^4{nfEV??&h|(ZCp~;rg^Cr
z9!p6aD)#xYLzw*ao~GV)wOD#*sO5~j8*E;pA|D|gVwMC=k3&_z2`Gk2AKf28stE6>
zOA8)kzc={|EzlGc3Stb?$0SRqfK-pT*L=QKysr0j8}<F95I~UFIk<N}YrLfY$Bnej
z-Zz?m4Nkn1nr!j?Y|FYAn{y3j?{Ea;f<<I3@-6v}ge??OAN4&s<zUxA+J>xujci9w
zu^D$3|8W^ykGX#vC_PMu9Ia~p+JYaFD@M;j<!0zXM{dOCCjZbtoSL(6{#(JHd|ni3
z4f6Ofnfba#0n>jvHSR|Q*K#-v>u>lYZI0MRnp_UlVzszAE&JO^Cu%NBE?XbBYbCk&
zt5?b^YT#5pL*_ets-H4{;?gSe3p@>n&+SW-gpMhmSo-0qTWu+@7sbnrN!(dl0FNrE
ztc67!u3~qk%v9go?kJmr&u-2u2VN2tC@-SiaR@Z+EkF$feGk|HLt&2ME_@-DD#&A_
zE7RaSeH!(t!l@dSxd=F-rQfk`k&vZux&BXwm9fO0s~(Gn@?RPk{JL45->1Ythxtj<
z5zo_5v3$a7NS_NJhmOrBIC!eewOeE}C+9o0iHKzKJ?G{}U97yy9PK;n9udeKI4R5g
z%9c5Hp}y9Qkw!5&u^bV#T&KDT3YNb)GZ!qEcR=j$=95TJm0tY>JHXRw1cBWHlb+jB
zTZ=<U@<eub6<idpXy7Eu4fppbuC6VvTfyA~h5U|XFkX=|fChkq?NniH54=#ASa>KP
zbS*X3LNOw{{A%y&Ct?(!ifiqTN*h)5pXMinPIcRW%yDR-D9P-tUcsfVC4!qVb0;jg
zf?PS%-s*j>pGZ~?f#p;69@fGzS`gBGz5E_kdk;JwvWn>`_9j-*u|dXUHtZnhouL08
zdr&;;%axTdxYtPaMO4HMhZ;ABX}g@bZ(p(nbVpbj-a6B!@im9(6TKgsP2=gX%jCs8
zRC1^B=$uS<a$R|+UH)xD)j5t?U00Swl8heqi+4(ul2^AAI?Whe(;Jl8_$_)?4V1w9
zQ)fLpCtoAgZm*}rgz*-}C9Mi8lNEMdV7Aa$Zv0N+;qos7KgjHq9Cq(BLAAz3XO8gx
zxh~g~wumNqwFph|$VZ2_ey$rp_2D1<Uwc~3ZmiPhr-v#l(l&fNa(B#!?Y_#Ok(}u_
zzcTmImj$Y-)>r3qB-E^|OYPnN_8j^KK-ce+X*X`AyI4~n=}!69FZg!G{NdrcY6|2C
zl}e{Euo&0zPK)YKV&9W>ePkXqIf3fSzVOr42D)}X-MEE1#k5x4Rz^QcsMmh<sb<>3
zTo6-EkqUq^vbztBOePLm=S5<4O6nb6W=@nzsT3A4RE0{~6Yd-|RWd?c^t?U_rHJx4
z5;+m%oAb$(q2$t!F<yOFE3I{OL8HoNC^wIYrEM+zkpE;D-hHy`xa~RleU)$db=pXz
z9kUtYGo&8owRy3TyGL69(FfWynL~>C@;x=>)%+L^;%pH(h?H$Q3_6p+!1=iKcCk~0
z8!cqf!Xou#DXG+Tux7^^DW%A0-N5yb{WG||8j{Rs8KJNaigc?8>#Z#h8~fCAt?T?B
zo`TLt`+$fvJhb)@8xa&|+mc7>0*`wV@$hxqn-=Q2afU+l0#on2G8z5S4DHNU5o3eF
zZWCQH&Pfc*P%?nR!aHnZJF-PbwCjt^`$(4vx>hZn9#4CXL2i;}q6Luyal?D9K=Jk~
zLW$qLNW`1&T1dZBmdr`fQatSKcY1^K$pHd%<;;D#fZ>A>gYEOEn`QQxPEv$~VXsC7
zA)?UU1FZ{sN>>jLU7W3$yqvNg)LkHS!lpMHS|De(A0p{-9BDs#uL{n#^^GCZHyBD@
z*x>ekz9JF$?J>b*iltYpYI<NNyP>njJ@aEK1)(2T^SsRtwGF)owrmnEaG_$_)94}E
zs%|Wgz+e=)8iHpZ5ZnlPH7B?HNE2Yl7;5gBVVVukSNXGT+q`{Tq|tqq47`6cy>{r@
z3Psl41(QsZ^@z2pBF!*#T@^bXxA?h+W6e7p!+EfbrrX=jWi3)Agxp$Fry}G%Vk-G>
zEh&PSH4*y^s`0|*W(~Pt$EWVXbH-)%jmIpfSu<%Z`<xqpb}BOTMu>@RZBkLnSnZ8^
zAgLQOSX0N2BUJMpQ$97Iqa$j7oOZ9jZXl5Pw>DJLqhsxx9>kMxhengnnaQgxt(iH8
zh6BO`5@vIS0sa@?;i^>A(VZYaCm|iH5nVHc?E1V`U_W~_Ecz2wA7SsNuKJUje>zyu
z77g5T=29pRJ;q?ObExt18_cm2wY@S9cSg%I5$x@!%DH)@rv&9Q_Li^->O0@>ccR(m
z(%5M)>WNnb%#((y8NvHSZKS8j7z>uYMan&5X_z)^aj2J}+6r^61O=`%Az>GE4_Ebg
z(Rf)KGhU``D?uJwf*-fWWOG&Kh$-1UMfHrlP4aYHA;T@}xSLja_XwihF+9wYz8_11
zXkr?KhwLqSi-?00`{x*7&82sG^BrNW2e}YwwJPvmrj`U_`Ct@>I;O<&)d%;@=YXF7
zL0vm<{fmm9Y(iR)bJl>=Z27{b-zTSbBz^G?>S6;~hho-XmURDVnSP{#tu5xs#|r%+
z_Wxn;&EwhJ-u6))?6wr0R7=tB?pA9qtq=`uwNwW~O*MsX)R<_^Vn~OL-2rVCHH4z3
zAgLh<AyU;=&0~ZRikcD;L<EsIkNxg`&-<Rg&iVIuUVrrSNvnCDXRY<D`@XOHx~`Qb
z7W|r`F6|=)aPgkJQ)Qe(XGPO>m6EzDH3%K8&>dCk5@e_Ri_wrXyO}H8uh^2hi8;h2
z9=(@?x9D40?s|?0GAN%&wIoypN|g3|BMvGUAs$M&)NX8})(#+Navah9afmEOuMu_q
z#FArAO9M5ITK*W)9X2@n?~Q9qY||8Z&ph;-_ii_CPh(r&1XiKTD*SH&xa;X*F`wF_
zRRklWCna{(h+!UjI^1UGr~g_*@0#BMHnm+g&BI?R^Cmn?q|6g$%^_u!#$>&_5jP<o
zQ~-AlygT*m!&(;iQ<L=`<bPf7QCfn?5fKaf{$peS%Te4yx5Y(f1$x?p$G*~!j32ot
zn{MCeXCA}36}V4j*-*Ec^YLG#vwC8Fx5%UCeG>pL>~KwuiwWkB%h^+rl*mj}#}2XM
zw*rN5d%;J!6}{*8Yu-my)N#kr-!^IkbEzYwPdol)VShSw1%RoG`~+E2PFQmCqWKoE
z8Jf<qd8}!)xt;WIt>qn)TauF^l~sMdm{e->8;TDwJ#<cWuH`9_|30~7|1U_cd9Zzb
zzTZ%w^MAwJBDW&i{yPc#{{e{qPk8+Q$WMLOH|J{e9*0-vLA^XlHmR0t++L<fflm#(
z-q0U%uso6W&AOET%%_CjXXc!%K=Yosbd<Di(51G6vz`mIGNe&-UfxWPoMA%0dadD=
z0c&uI2gXjDn{LZRjFhoi`q@xf)^OE%W!mBF3tNj&vvOf``?(xwR7g$jSnA}bXPv-8
zM9NT_V{LYHf3ta-Kf-UTPqNfc*}GhuVQ3^iU5iW{sgst6=pADr*;h7rLzcBcd0rfb
zNv_(W`Q}{2Fng;9ARlIEVCMO`$+RhS$m&IIaI1os`b5jpe2mvm#@z>L$>P)3G%n&k
z+6!NofaF@8URD&{8XEWTlLG)N6YSTa?<%RZ(KnCvAZn>CKdE+>HCMSC40F3`-c(ub
zbz+^*uBMLY<l4k7B(udaM9~O#WpYHQ<T-9=^0c+eil<B!f2iN1WvlM2C|Qpz4yx(1
zB`AWEY9v(blGhJVIGx!MstzmTE>}?>eV@WcTiz1~qkdL;oi4{`+;94cN;+wYnn@>x
zx1Us_ns(Pzak=CmR@7<B-A8hLTN+mDI`tI`#iNXw)iQd)i#~RSyRNbrX;F&7%Te!T
zMi7gOt4Pml8j5Ru0)Bu*LZGz20dLpheCPAdwZx}b0%vgWrgCRSr{R>ri%Lv$IJ-M~
zE)ronwGP~&J`5X`!&Y6NPqi^$$K-mTqc^|5@#77(!C+9%18pyLWx1_6dv5@6X>(%7
z<&ublg|4T6ejDf`>J3T|bBg7N;X%FEL0no+2Fbq(WQmI}^N*Z^|6b-ObgeoiDFgJs
z2=dA=;2n}}0<&YpsQH96_$6g`K0uZE8)z}kR%@!ywkHjDQ6&86LH!a+qMwa4Is!rO
zdqMc19k-aAR`LnSuhvQqw%efT@DI$`6#TtOTFtB_A<Hm&f;#cJKR2Lkl+#cxHxWL`
zVAm=g>6$ez+fK5mi9W#Q&tB5+S{!03ynM%Mp{T21w;xo&_7}65b>gf%fLe*8K@p0l
z4qf?+_7{F}q%&*pe4Y!B*o@`m+^DhsO@+FZ%nYemsq5DRMMe*<Hb}QDU>5h<*RA_z
zoWa9M2Q6JC8a~=`qVA|-${F{5Fl7bo0lUV!Ih3jw#WQ{}0V_GC9iI>f|4UJyV{;xH
z(kd{U9(>a<8cNkB9VQ;WbsmKUjjz1pel$7?o(BtwhZ(ZqNUkq00%y-+KB-o}?;uh-
zp+9b*!j1%4M9nx^UB^5sO#-ujLv4bE;ZmHRdZ0+Ub1QI`5=95R$77D>O_g@02DLlM
zQOB(FcDYt{0+6+9Pa?~`OUR7u1XG9B=H`OKLt%)j$;ZiPcDLS#K<6>H?=u6S?x43^
zln0PE44=D+^z7cDar3um!>v4#chq&1I^39~ukfG=@3@WZf}ij-^gWw#Wg>0m<3GL6
zw(~$Y@4?B%_W9xmCy}``#(q$dQn~v*@I=L!I0y1}6=VjnxM=K0l`sT;2B^G`^^`9)
zdW)VXo-NL}!OoP0*KDh47mcfwy^N*z-CEfMs1d_VVL4U8jIP=TmcFz;X}9}B#wHD~
zsEl@67tA+i*JOQ<t~qpNUNHN7=GhCfstqQvF>g@|IdcU@7M3~D@Gc|wYsMcqLoW18
z_O$bZYN}o`ZZ^$6lUGV712Oh-n4v-lXd7k1C?`b88cNr^^`zCYJ*rRW!_SH8yL~y?
z#>0%Amw**!jhNu}z#9E~*K0ppbHO(aAGm@(CS_12Tl3|<2-$)F(m_R;&8Z?T(SEZ9
zTenYu);CtHUox^I<OIYg(BZ`zFryQ<iB8e%KSiZ|WIQ6caYagIMP={m<mQ44GrDIl
zeNkBLDsN_NGuR*W6e=}z=B_X3;~jo~usyYeMb_0;-)EhXQQS0&nB!Yd6Y*y>UC7gR
z-R=lZjp9|tJt|zpX<2Ur%~vJ&tTeh34dO7U+!Y<lUH>m>M}!RUdmwER;Zbzoi%0o4
zug}dTw=eSE1~2lGABT@Vq<Z3dLq<-D%bpaueYHmEhW@BMe0W16{uOnzw3fD^p1;og
zIo4j`As&_b509!(JWymuQX66u-#gKY=$hMlb*bk!vf%1?Ict~`_m%i{BT$~S!`Tl<
z)`h4Or-Sp(&I%CshU=@xA|^cEjG3`7hUSh~V>TWu>^9YSJ~V-FWW***7@-Of7B#lf
zNN91uS=GLFtoy)^#Yr*xhpK>l=7ka`u`p}(GXKfX`jdAoq5vde=2^Btt6IaRs0rPV
z1ZaXyqBmAVt`O^nWJ!@g_&+pk(k<bfjiW5@kf0UBdfRj=AQj`%xnU<Non|L$+v$hM
z(tB@~I>~~mg`7*1H+b(uCJ|&(z#11<bM7i$;f@#S=%_-O<Fsx6!%pTY-GhS<d2v-J
zOrK<Md{22NxZ~KS{_v~i!ukiK@xt{;JgVzLvx1m+s&h8;5QdTrc^fh}m)bz(reSpU
zuaCUp4i1Wgr=ejC|5~=Pn5vPKc1n067EUE-joRycs7G!Qpr4GMT-L|!kuxS*;puf1
z`Q+(;QZ7ae&>@c9PW-w<Ft2oTgn9VWsWIrv#V<Lm(;yaGflvnEq)1O(RHM#Og9oaW
zyW-)QD(6j8NmiikpaoUeR^nRWsLJZyIr_kz@1<SmgHEcZNwHeLeH_~(527DwWwd`l
zSm^3k&6rtK!3Uq#OoBtET3aT;+zb`<HnUWflDJfP#ZBXkC!^Hu+uW5Zrp&F)6NAi8
z(p_yK_vhW5T!aP=-y<*P%_nBvP&l-ZNTq!f-sgJt60LdBAM+;5c176M0OyygwzaF;
zxeW=2Gn7-?aTzx1WxXx=(85`0C#tLK8>$OuGVM6%`^s6LwN4es3-@i(h9u=xaB;cJ
zcVv_@^&%Ngj4HcTsY97}DqIP-&M#&4-=t{8^s`b4Ez=lm+l3zg2^)iqApx`tHY7U+
zt0moI-TMfQBik?r4OdW+E{uKzA_uiXs@T86&%=MPe~>D@Z^+ZLKeI>pknzEpNpxIx
z&Tor&Nh^|Abg{u=-B>-L`ykifZ8|d=9+ErXMD|Z2O^Og@t^dYB;gRjKR<wLj^c-Ay
z_C6H|s{M80!i7NOl(6sPXJSn*^Z;D4>l;(nhYAmyIsGiQ;5JXe%D*8M$VcHb+Vr+=
zVwI$*tE|CoklV)CBLMEl?~%aWz1HJ4{Q@6xNO^Z_y1D&%cl6#ilsu}|p7pJQ;W^Ru
zzP39>QVMp&aPvOyvzNHfl@2K-HbvrQNnlKYSaGG-QTiFmLkdC$G-cdQG@ZvIS<IA2
z4<>WNF$53W8sMlWXLa1;I%rLy#vfxd)d3PNovNuBp<(lLDWkzJ6t;Jr>)9wL?oTU-
z;xxAY{Pxg^r|2Pd0lg%70bWJ4AXygLbG@2I*fqK2X`H#}Y(>D>u-DI@?e~wAjxfU~
zmm&-XSNxp4m6KZ7oh2n6OH+;t^&ypu^}=sUbdn`{B0pHFx(3?1>oLv0R)KC$ZEst%
z6y%ijwt9t`3cRVcrF!V#i$N&L$0p$p$>y$+QKD~dY)KW<w;N}Noh90P+(l55TK4-4
zy}7{tAaOR+rU~5|ME@JZ1#kku(A!@AXgjK!D$yxxBi#EDY@1f1S_ocX4*rC>aGne;
z%-FXMczX3$?G4Ekj9s@0VUZJXm`=3GqTxwc{oGIOpJsvrCVnrf795-7Yi>(AgsUuN
zi#p8bhbe9ZUJm|g_#u~lY6XhCyBSh!K>3z6&@JpcvcA#I&tzIdA%)E2OwxK}pXP|p
zW=%8N-1+2%jfj54>7?6huhbn8w7<`zWYQ(aahE!w+5DHX3hfuo=Qw8BYqP${8Dc>k
zDQE<zjrB|GBr9jXwwYGzAex1)3u@)&^jmAjHrT2}Nq}-;8#NWRYj-*G9dKw-XDFmk
zX@&le1Ez&J5O|k@0w*bk4rB12j47JMdzm!&ogpT1O&7cp&nLmVNQ`zsIn@&6X2~fb
zp$<m=0a{fEXsj>rze_)IQ%Hwvs5_EZ%1~?J@$l1AqV~21p-<6&cK$9QQ3@5;pK$$3
z1~NQTF~=T|CZ*&YR&@m`K5l(F8Ts?Z%Iz*@{6zI9Q4dgFgYhGTfu}yvn?cy0+)6Wo
z*8Dcr2~Sb6@8o_C;POtTS}<d@16cPvLcXPghKaX9;yiNb2_SVEs}7F{-a#U>M^fbS
zZAa=>BGzs!rKi~NT{MxAGlrOBZUl!X2T(7j1K{eka1Y3zWlrHk9|P=HF#+D29Jn$w
zM}#c%mU%6!yYj|d>`WAd;o&Y-I-_*-4sjKnd%SbXufN9o9)GLlUZ#|0zR-cFBCkgU
z%xP3B(9lY1m5Ylj(;8;I!Pe6P0IPAtkceh8>*ya12y^B;Z^c6j=(4wIH*KhYqvF@f
zj2e?2Ni(!fGq<n+`Z05b5&O6HP3e5c;2h59*dKOlL9DKoAk1lw(P#+E5^1MTd3qiE
zTmM9z&-?MIv;->eirYY!R-o)qd6ixXuC67w6I5n`G?&U_Q(weNuQ2l+jm|Q){fzRI
z+}1ZL@r9k8Q@eM^yDd!xCMIW%-r*NbE{7-G=l;q0aQft>KVVKAzY<go;_FnD#=zQg
z9)>Pllq19O=KPJya2o906#BC5ih)7j%K3f9QZoaM)?iPa^G`y{I8}0%IRduwHSV01
zJcD$S`pscP|7X0&dmU_`4Xla1he<6|fOehV6EeTnRAiTT#5xC`?>3d%{#lO_ZmU`B
zdo#__r6oF~pwk2A8|B~Iw@at3&RC&4gcX?U$imB;O8xl8EBw?Llf(137eEMx!eE-h
z=RUIjnk2m#2zo(#RnMpgCNL2)h=FEufp3ch%!=8k_ck*Sq+M7wz??c%&(SMd$!C5P
z(&sZLwn~pjvyVlN95e&PRKkD6JQ;9TsCv<!amd6RKXR$N{Q!NYLe8iCl16<)d0_7y
znM*ULtIR=HvjE<d?#?i+_3+4pR~xDM{#OU%o4X|BxE5{9{JX|Vft$|(1voSOo)HUo
z(ESu?r(pmHK)`Q2F3RAAj%}o@*IQ-Pe~$9r^HR>EMNU#v-hvkWw#IuVmFaX@YFAn3
zmFwbS{y+U1TY_EkWMaABzN^?_<A$sv`V7w0U5~{o1Ww1s80WYJLJH@5PZ0W@BO{v}
zVn4JoacOmi_SuxtsLB^{#`RfZoYuW(izmhjdw4%CKLgHN01(UdyiaD-LMh(H$8M{K
zy4oKsGy393gA$cQv0(gGZW%f;Dn;>2X#V3!{a{5~YaG^u{@(Yo=*w|`6HsO^6-vTr
z-sYkocn+qKj}SU=nD*06ccoqwO}~w~H0xF%q72}Gbp*y5K;1|vkz-1iRID{N*RI{4
z=#&u@GqVupN`b&xSicSA`rcD&d|X0E=_jj5%5nAb0)C1HVTmK(fHa+1Hf7*&1`Y1o
zaXds|shMG?LC>8~1gqPUqx~P0cj~huicHcOptQp$YDUgfJ7_KNF;Owb?h8iEL2`Eb
zy}_3~78ReLU59=YCQA(?C<fWp?;<rmx}o~m1ZO!h=(51r&~PyHgik6adqp!j<|_Q>
zlU15ObpnW?4vc$GU*#fn)U6T1^82ey<dprs$rRs<PRSQwfA#0ZwawM>)|hFxfVziL
zy=x?>-a8wA9wX-ssE2r3q;K@6c5Z8crpX@rGib1{KUg*B7}xbuE$cn7;eOz*AC7V{
zRrqmK@h4icC;Q%tUhaEGzJA)a2Wf0ooB9dn#%%=$@2E@P>UYe5XF3nUPs;xdm5Q&<
zWoAZEyWT1h)n{sRI<R#kjDMCb!d24smM*vS&h=!WrRzQ&6<z@jekKMk0)r;)J(@ay
zbaF_3^bjQi$bBP^qb^8!gMtF<>+3T9LIL>T?cc>kOq{XP_Va9=NSH%1)YxX~GOBm4
z=aBeMu^pc;NsTe3r;1f-HArHIl7e|PId2bE%0jaJYe!2!$^MsP^tQDQ|2UuXs`kbL
z495D_K2MF3CV|;eVsp|v&m2eQbX!qAW2<18!rr?Jh_NdqE0-!slDvysuv;XuK{JoO
zPdUkXv;x=<pP?=wCozSoI&pXFwdbY@(4l&_p+uSc{V%*mDS@{hKSj<LM~Ypmm^wgs
z)vV}Km+>YCj+||Q0G#IeZ*^A~T^DScw8D2QUnCcZ=E>EaFs9_4$3ltM_^+j}dO(KV
zvrB~gJ{j}9o1kOW2^pC77rUB}BLl;u;joK)*#3kz5~izYCgO2_F|U+6b%`y_eL~rB
zqfmeM1(s})ph{s7D2m$pv(bSRPko3d%PD&8JNax~N~zzmgODFx%{$C}$PS&>l7$t<
z`g_`aHH1bNJuuCfP`|G=0bIRYUxy;U=I=YGjvX=0@3TtM%`U;L4aKyBCHnNRue8+s
z9rnkMcek>wJqAKk%#3$vtt=Q9#rsw6KWX+?BmV;-bd@jsG;9z`x&`$Yz^lU+>H!9(
zh=_&%vdFi;dT*cE+!K-%%=z8_4Ac~%pFqCs9#}L<_p8kM!|25nK!?RknjkiAg>-&3
zoBhqxwx+h2{Pct$>%KLSmkh5iPVKxZsT3AfD#&Q|C?d39odJ&Ceu#%U%tAvQ`!Dv?
zmD8A)ijX0^#)03PZ!e8ss=c9)DiVCG;lByDmZ{13(SNc}0}CISa^B_4-q0<rI&oU9
zx<zh^C|7~OUgNx`?HkHjQ|V>d@i7)E=QI7gkIm#Bze7Ej;fZ)Ae(;52eK&XX$~P#A
zK<xIPyg79cC9?~bjo%v&3-tGtzbPjij{Rtk7-$cK7(}QoyQWYEyORdToVD(J%KWju
z(Phr=UhJtkw>(~#a^jX+Tbu8M4v(ndUco-*J0Viq#@n6&s!Jt_OMjZF4po`4cFi(C
z4qrH3pXK#dq&?gzWCn&rp_{ZCam<L@ps5r6J8m9a6cjlwuhqKF`%!I;PSi@|l*L7%
zBY(3CuP$y2R)avkxnJjv^pm-QJB=mG+UE%o>$TP9{4keeL?0v!{Cc*dK(DLutbLxm
z7m}lJ1Ly0UJ_@{MFE(9c85`4`g5!a*|D;rxAp1nzJ`X-f_n2%~Q3-D>I4mK^P(^Bo
z<(1jx<hA5yJfIV2GeVQPpe5kVY_4s$#M*NE8S%37s>@S-7I8a7Avcr85JMUIy?Ey@
zQxLy3=Z1J|<aJkOa9)%iYEc-39ngXVTVtRxlVabk39}iSe;OI7bQuoJocfbwGxfH*
zVUFi_wzTP!W_LIwsHgE=qRv!*2Q&Dhl5~G6%R6O$5+$=VqUV45^rNou0>y}#-ytSw
zhN+?OW7>&!z2XVE3Ha^-1;fnO7YKNUIjHnSiz5)8Zc9!3HjW&QG8op&_5`(_ZWL__
zsXmv@dvd^NDD-ozHYL~^#OMY61nLI~!&<iDPmB^IF$9G8Aiam%N9YzE36c8Xu3}XP
z#;@;@m}D8;6q^#_S*zJMJ;*XeFy5a*+p@Q3!zEkGMzV7dILqyC6u6;wMD?Pq7aisL
zY!<U+p-oI^bYj3dmvbwxt=jU=eSWq~B_L3cYMbSSlRA2zCs?j?T50Hx*LK<_y=lZC
z!I19qtBAjk%ZsR3Qyay7WG0yFLta{gp(%Bpd-xp(*6XbGD^^~&Dajj9tJtheM+ZX7
zk@ZbEu?*aZb4H3WleeM#56Itl5MThns-Es6v}jh@%oN-M!Pj-B!CBezAMIb+2D=;v
zA#B}~Er<Hsi`?H0{vl#(Uf=Z!QxHBee*^5*u1@A2&>yWnd!Ms3#cjD6_ljngzptV^
zzAj_)X`m<JEpsWk{LW;HSQ|Kh;uY1c1#y(Nfjrr+_p;J(J0Pb(&0l_IJd+X}2u_Pz
zGFy1deee|p`=jAyj7=(Ot+w(rPn5%VXt4>3JXI5p$PcJ7K7ITur`V(@;n|aPfQ{x~
zvp=it^*dyH*Kmf_wf^f;W$d$(<1b_Dtx0=DrxMC?=Uz>bh(gbDJ*sq2EW)Q?`ieYx
z<BMX1xZ#zcInI+t<r5zm#>^W$SvZeFnhPLFJ_2FGbwd-DEBug4j3I-(;o*wp?LU^J
zF5T+8E}L{4@|OEPwth!(lW=WJZV|^T;7jJ5sN@m#Y7Y*{HsoVQGwcj6!krO!O<1?s
zNxkj6p!H|DM}rNxnnvB>Ae)+9M##Xg5Z#}Zak<vW_4#q0rd=0g5R%>+?YRe1n#+d4
z4VEskhhL!^(Mr9lZQdRGkLA8r?>ktXdeV7o=M*^&u<(6ug02}g-YQrl-EmB1-)8G^
zkLXeI$NGaBPiq9-o)Qpk&U)<^*X1BypK2JYOR4ySbno-FoaEk?o@2!GN_AFjkf<Eq
zptig?*n?gg0CF^s>fRuTqvL)HB#foDBFv^FG^zu->slsz%4ck_r)AVfRjK0kL37Vz
zbtzrh(dK$X*sl)-vD<ZP2g8>0^iSkRoN?8xjdJjB&=1b8BGd)sH#*75+6OE8OcT$Q
z=m1IBb)m((*<Dhn--x2nJH#KAp^{1PA~kCXYz5*eLHlK70BnXy3s$d=KR}f--F3<X
zKJWtf_}Shk!3o~i-H_2v`s|?ivj>L<^{hj({N+pFzoAxYyruR8`;!O`2ng+|;x&jv
zQr2gJV~Pr&^j>bv@3342Z#8X+bft2j#^OFuu}Gbeh72S_d6$|)Qk%H6Ed83m+NnX@
ztYxS{tU}B6M2mBUi<cah!nK9kCOI{<k0=h}d%H2@ZmRY!?)bNJHJnGb0V6JniI+97
zwWPO^i8X<k^^@JVC~NP5sWXjRLi~Mc8~*d4R^yY@wbGlIm{0@k95IVWUqDPCx|py3
zOJa~TjoDpvw%xukqcnV5Y|N!5gzhNT98@)YdsLl%w_k$cez$JH057LAv``ohitaV?
zre!w2(1v4t-~CBf<un?_$RC!Cn_2zvRG+@vN+g3DUDj%trJM?XiEZ1xQ6(r1@USFV
ztED>nC(`WuGt*Dgd;7EHw3!0TJTlNzQSD`$m>I>5g3QjWe?Y<U+KA@u(!Pz2o;ZCK
zyVgaRpLt+J>;T?qvV{ha;KBPjj)gHDF?DXzx%f2dRMfS{W8-he63y@VLIwDf^w_VA
zQ*2qXF89YXc{@XQiSoFMXoHKr#qLF``k*-$(LHdRO!=<6{c0Li=rHc&^oe+_d&QkC
z8Nq6PsS%$}E`(Q}m>$de5nQ@RI<8Sv<(r8)Ncyv>SHn^1xj|)*lv=XQq?7u(!JQO?
z9dnhD=<c;y1<CKLsxFz}RH(sHT1NT_rb*N7=~BUv!T~GNv~wf(Q3^83CyUpr@UoyJ
z$Ujj0Vx@6z+S~~F&WipEMM-8TFh_iw5VM(Fwupmg|L#5Ec{_{co7cPteE$n9kOW?>
zR=6w)VD2?gg99zie-t*7p%oe7bVkm-u_-+F#Wzwx&hFqHfLgi`Ek(c8w=emG0|Blx
zJC)yUP^|9awbx^&GQ-uxJi2=+Lc+Ub$ya^sJokz9nn2E-I9L$wN67;P?QkJo>uKu!
zJXjiVc6W<9wK2anAKGL;*|RT#<maiQ<YQap(Rg#61qbvO!_h@bH`1rZ4swkzgyi*3
zy}osG$`d9ZyABZG?0Ambo9wtB<kELpv8;lzKwc>~s+`(C9arPglJ9%D$VoN<Vy%v&
zJcVRF)zXNpkXxN~OQt9oF|7qfB-ZmGXUo6e$Q<#pr?}XJv=63K`Xy&Q5#qqs8ad2t
z*vX)cV82S*yP5m-v?<}s9BuvCa~Xuu=Gz;>l&C5uqa)KT4eHq~TvPoaP69DATimAI
z`f(Oj9m-5V+jvwE*u(H>O*hdZ93&<bs{y76FL%6C?eFh_JZjwwa!FCp>gHBBN~O&Z
ziz{L<`$NiZBRi5GzCY(*M{{{y$3AH@FzsK+oXxlJ_vIUOOROAC=8;ZCMfI%ZFvDz*
z*mLVLu7@P>rA!<i9i=Jq6?CNEu62yN^l}YCA^Mg=edCePJA0z~4?Dlekoq392;RB1
zb-qIgY3$7g?M>gExAxIXS=muoIb{pdgC4`c`=h;DsrL>jJGbxcs4^fK_T|}v5&`W~
z2;1`RnqA)JAXlMR;^U;$CU+)VFhQ0P#0%?ZkQ;@Yp{<#Zi0AS$eAE3^eKD6r^ESt`
zFOI=KX4Wh#=2bvf7jwfhfM4(3WJdN$oP;CiAM(#2o^SHzYgE=7^N}ZM9I4c6o6~Wd
z>g&_w^-xQj&9#1He0`0;B@ekAHyRB3y9y=u(0L<XxcQA$o6zbKAAJzE`SmCd8n{Ml
zpIIYsM%j&estb03jupW}1RHBj<943$5oEw6W~Aqx%o=A@pkyaRE`JH7OL$5orW)YI
zf`YAXH(f`PhwnDw6*XQ)Z|o8u9!>-I3+uf|%BdrT;HB1lz<gn1;vpB!GuX^y13|oo
zyh+GKE*YvyrZ73!`h@6>fhP|qd!jGaER$dKv)63qhm)?sAc=D70c%ee7uVTzvdxq~
zd{c(n!6Sw*O(m*Su2_=ooHr>mo6`v>z}WHt%_R9Y?Dw?5RiB_!7*Bboop5aQSv~Jl
zRJWp_vR94o#rjSwj2-1Np@IFvx$I453ha+Y?aok8m<@(=GH*Up;4+Rt8mJF3H-SPL
zXkxJeGh?at00Db*l}%*E$0qJgzR46%zUk4G8EGG6R`k*%g8cy{7!_U);2`=5-E6vm
zn!7obMV>+=6lYnVj!_qeGYKZ$ixdMi^i80EUCn%ilV@eqYG`#Gdwdgfqxu$YNDe43
z{$Z!p;2iGh#<0$Z_XfhTpi+|I`MG?&KNXtc*wx|-(>gl7-tn-H>jJyWUnlLVpAeQI
z`t@*t7tT07JaoB|APinMjdWgQdf0A^atzlU8(8PD`o$C2s2;sE1EGT%%Y`rSM6PWn
z=+`?mr2t+yzfJM3k=N%&eJS0%`AvUE4CvZ&*W(qJXbntgvP+Yh6lHGB1lc69r-b?1
z1uB1&;xTiVp*x3Ix8#M}R3XtPVV>8VKr1!*JcjIo`*4CE-Bt=*c%D$4P>9TA-Svnv
zM$6N17FZW}X`|@d#pxzPezq{nF`HaUbJvPoCbYA6fU~6^osyb;$yW2679=Y2Gt`E<
zYc`#RPgiZuGT)7OQvcxlamX?=1AE)}9o1~nCBnFGW{Z0^pWz&x|GAv!tq(2)Bxf$y
z=&!hG9@Cd+0x>VULLUc3*$<roD+a3y;zBDhc{bFf$*u0@!)PT*D^^6DK_W#MBwx<C
zKK*6O-QmvYbd^G~{dBHNr@5eEG$?RW!Run=Yo4IHaOLgA;Rk11(4mkAxvaNqbJjJ>
zkWU7^th&mYXNJ#s?0{XIm?2*K^7Q32-b|Q(;PjdrFY1m*uikRxgp&=Ow1^dEPw|7D
zDWN3k#0~Bb-0bl6o||Cj&=X?%hQl1AP!tF2VGsM+wR!Pp{lweil3cdx=CVs>qJb`t
zox!G_qw*=g8EqPVkG3`e8doqQzM62l3WHj|C}7!bHj}2<E;F*l?8Wu^oRANl8OuDK
ztv%@y2~dQd&V+xNF}D6Y>#Cvjt}uGQk1x~nr%`Y)NiaT940Dd}Ckrn-a-f43{eg|j
z(OVDX7mym~FtnwX_0NQFxA%uY+OZ17h%)DJpl7-$_Pr<Yh4<a7F=`IRprMxxT8!r7
zn(wNamVf6cs*qb07^Ko*uXz$-Tx)Hz=eC=`z?vLgqceZ>m>uR7dh(8bi!ycHE}Ftw
zqg1g_87cUxr@2}x`?|D*Yj>*>nY_p!E0&<P`1ZIXG!xuO`ltSQC$iK0yN%zSc+oYb
zejW^A`)X`~i@N+MAYIIK!~{io3s}F^ddS0;kKEuL?ltfk!iplY93u7t!hhy$#*g{+
z!vuYb=?rbUQxwgjQ)gIA7bD5KO~+8}8Wa>J<ente;n}>FW!4Su`Mz>1e_fJc&@r13
zfk73jl=;@#s88F#I-6n2b1-I)(gDj1$W_*QfsVb$yP4kjxC?XX<2NxTN=>Xn-=_J@
zu=8Q6y;RL1aw)T6#U)Z}o-`Yh%VqGeI-eQJbCG=&vz_Z7;$3ztwEnR#lez?TcC13?
z+;iooV@z^b0~gMorx}m&o<PRfqC_1(ubuPj-LLu({x&*4SH36DN1y)7pz=${(-3J&
zss=l<R7><pe_mAg%yA)Nn2Wh;eqZ#dAZmh~eagrh2sqPguE$ny4zdH$o-uz#Lzscl
z{2cQeoh0XPkBy})DGi7HtDcv3nr#vfgV{mO8AaXjD?t}44R{p>Lq?;;bF>cvRsA<t
zwOm#q^J59NmBZjZ+ftcQuByVz&5QEMC0ONA`%+$5|E83d##fg27x6%t+^jE=_Ov$E
zkT*~rJP?ZSx^RbE&0lcQ;{BtM?Hev-!v($mCtZJAm@c>(D>^^-EVPV0d?+1s6O^11
z#&HfIA`MFP>0NgcKLWlOa%;qM4pYA+!HKiRPRX#<N#zJtfE7jj>c7j%TXD!c8}+ti
zuAaA4cXr$*iFVe15OFqw#k6rA(6gJ=#pj`z*2G8~T7c4YsD6_rIyxbrkYqQ4=32y}
z8t>ra3BWI8RdGn4rf72>j`M%HOq15tE$-9lVD^x6BI9yS-e$DS&TnJ>#3%wMs$(;f
z!JV$7T&8rI%}$0>6G9Al=x9uwJ1%aS?H9p1)*Dh^X-%1*4yvVI-+J>tEgSz&VfVhS
zPls|xcKDO3(F;-GMlzm*b?aj(_jXp+MXvVV;V^Ru=RwX#&F6IY-wQ~F5YB(_Oj{E>
zM|yziaFTsv6Normyk0|V^?e@Or=}e=ugy2>x%si6#i{a5&TuX0l=#*)Mc#!ii~Lrw
z5BWF#B5SYSjMScYp1E-i*WMY*+|RN~(k)ax;L)iT>s+eTK}qv%{*hTk#;)48ptDOz
zbp>5e%L0j8-wqxA=bPTw{*vx*eSClV|Gk3!|4547KV$OGAOHWOC;soVZ;inJ&ik)*
z@V_JRza#Pg>3w(@y7Sh1Kv;g&H<g~fw*H+`KC|(i>$N<^+C5R`EWFe=YByg6iC$4*
z?6>MD=~Pby7^@}#ef%(r7<S=5L~;5xk(YZYqoL+ifTd6jTOVLcdGTI%Ivszh9|Cib
zm1xUwW{`mJ30RPxy#@=NKwswZ+DjAxPnLhD>-{c(LF)~T;9Y4YQ}n}{KV^D(jn#S4
zmv+%R0q#L=o>JV&synEcPNXz`R(H97E_60KDzxgJmnImbC5y^3J~0xc#tSOfG6)S8
z&Leq$E(GHS0mBFd*fGQz#Pp%*f4J3K7b9H~d1;y?eV{n?2VmMXA+oxSH(mU~Ze~wr
zu1J{Hj<zk^F^HZEc-b@voNiFyTT{3LMerxDR*Q#McEGy3I@kZz7yw`O&~E3gb7HUX
z^^4`q{9<TB2KC~B|NN`S8DrpSnW)4!C;r^h4g6=YL@ZvOcz@0VwcakxD~wH1Gh#bx
zVmk#8-!S*~ZM9*pW*Z~*UO{uV=L0-c!G>D0$zvKSvMEHbBU2$MX<ldoz||&_OCqOD
zFeZ5*e-nBEvFlhlV0u$cG&H<O>+c!?Tuhuh7rHYDHxz5lyfbbB(#TQ$vk^zZ3NLoC
zefyIVuBGWrP_aP>RU9UyBMHv@nOWxcOGP7cW=k_YTPCBJ7(4!m0T`<UoB)Viki(l1
z(Ht&dzVpDyR4xVtVBH5`&ya@{)|cy3B~i^1@s%mk?MnQP=GO_SX}eQLR?GREv1wtO
zs6E!8wl0694X|%H0!n1!3lAFuO!K12P{0UiEP5%$%Gqn)nfud>8Z#9-qCkzZeTQCR
ztj>g~KQkHt1URK@mmUe~uPaS<=*KGaA0N#A$0~>Mn<z%(i-&}~6pPsk2)E%X{(9Y!
z-TVnbE849@v1A7e8!ZDi&wAELSVolIJ}RHR%<da`iJUL!tTAi--GPA5nc!^k=(Cnr
zt~|%cJA`O;c>LNrDu6Cm%Tk2al;wc7CQn~|=Fag-cUQAkrWlwWG46VU2}bznf<cjx
z^xjaccqbqpK910jcE0?ff4>8{zt}^n9(h)_ejVo+vgk?{r(c1*9kRdwyFF^T$pgF~
zoNiyYSkuAC2Iag%44~(x0_rphWgnwju)$uN8}9`HjJs>WSdYZ)HD#i~O8ihit$M^p
zW{Y7R6Fwb)u=0V3A<OFC7<AZ!)d+|#2l+v;HJslpE(NGrm+#1E-XLbpz5DBmms*|&
zOivW;<6GhW0AQ9I&ZO9!Ntb@N9yBcdeBGl<2nR^1e5>F$(9W|OUnn6xWM8|qiY<R<
zb3}<;3^_!d&-!Gjj(By6s=Vp+Yf-yu?FWX2wl7X4H!ITKN%L^rIk6`jmpVN!XMN59
z1oXb)x5+~lrzN{})PfBGNx<NNGqAfCy7mSneVpyD<`y;%|FeV-Ci??ksIqnjF**I(
zODJ7c!n%bnd|M4dvSi*Rf;W19C3@MY&*D0oNC5n`;Lvvjwdm2Bv2HKEM#oO3wz<+|
ze*nO4(}8F3^IpIqjKR_<T~Gi-^6U_EPwAxePez!Z;j*dbMH@Pohl64$9jY4=kh=E*
zs|dn_nlqXdp;vZgzejL|o`K5-=lbK1GdL+;srO0;>#t-FrktWl)A$0YQgtypShjw;
z`}=lqY9;OQ6K|ZeeB*>CnKAhB$FG%Qy|n{e78}#i+5V&MkqO&0mLL&F7Hcl$d4o4D
z$bPfimWa3uhcADws}#l!X9N3Y`q7I81bT;-O>t-;Lc>!qkl8qRzvh9OwLuIHtwCvu
z&1ood786su+76DztC2K(9U0EWS@;|gjLadOl8a&r(y{kp+IvI|gOQ{BUTF-$%Z4FZ
zCgRkPbEUU5tI|hfR-s3y6h{j#nkIHLZJTCSSiMYpX3vVWS?f1R+Eshol%UlN_12V3
z!R%X%yicg9rXqY-(|8v(hC>V~oprYV^=w5?M2=WJzj8hXEPMDav~^GDSBcrogVFRo
z%?9yHb-j1vVmiEexc&3E%3Joez<f8_dJ6pRCM))wJ>MyAl?ZwQ5^ZN$9LGPL$@zv~
zitwVn>aY(S@Ns5{j(B@PV^u=)<`3!0SPoTwj9k3LC02+8A}{Nk*K%ANlkW>AyVnJ*
zm>H)Q$J7-oQXCFTnr|?WZmG!MKU3egJEL-d>-qbWhre#M#dWvWEm?^srWMvkg5VQ~
zQWjAble*v@m~!f=pgkPPnM##LCftqb(z%6+U7^$!h>2eK;+wW+JY-*>%zb%GzE$!;
zr_7u`l+?U{`{SkRyy>w5=y#yU-oRQL`%nso+Am!Z!W{-P8}X4p0BvBLY@lg2Mw3^@
z=$~p+11oqlQw(Q>ZL;6Mw^@$-ycLrBd&4k;pAtB@F(yi0Ee)dN@MFqy-ubvofdRt)
zaP8sQ6VGzp&@jg%EEoM>5AjYF;47ZDC&8p`S^j$^oPI9H%<)teu5bSe#5<?N=HE^K
z4kTn)4P425s-%8x%SIkih_<Uh{2>zqXQ^5xe_m9+=jLE}Jvgs1CnfbRy=myI74Ho-
zi4%DYZN5__w0p;n`mquhf~sTxxG~#D6l-JDcwaBBmHJ}EG`KEI^O#8L9!n+VVO8zE
zP>t3<o9+jdM)H#%*Hq>Of?5gx8ViVsAOOBul5t?x`k|SZPPO*lSyZMT$yLq5+Pog{
zo&KAaV{vOT60jPhuU9EZsGwvR_{v-KyYv#f(rEAn%Z9w<+8c6pk-?=NgB8C`pJpq1
ztGZmP%ygS%eqAvQR6gl~bXn>y%KBu3k>|A+z<+H#Nr01a(v<Zs$lVh7G#~@ML3V+}
zMu`Oh7GO82ZsDAC6DM|St_1<*!MJW@V<$hN3;TUa$cjau2-cYX+c?yk6ygLw+4jq|
z_x;fI;}(vGk1;yoJ2B~Twub41;OX8(9V5E^BGNvv54dOf^GqSF-CH_jsIEmIjR<hS
zb}m2Naji6gHv8I_vu1mbt@J_FoK)c1(kT1y6h2z7R@v^;@<crbOaB0Uyk&^g-l(Dv
zQe!o1^`^yS*i3&#`RNqGlLH+2Xf6MbK|Kbrff=BctwDMjt8JEoQh=cK^K0tFN0at1
zXZs&(h5xtJv3pB)EE*u2Vh2&QTRHxHaC80|ukgx;3eq_sx`4q^i|KqTjt0*>FDD@}
zTY%yRdW~(|cXe>5SGXs*NrXDb;LLF`Xci~T&Cz4p&h}ODO2Ln69}5Wm<@srMb%W@T
zxt<OQ0@Ck4>(OuPiV~xUWos?uG~nO$l6afxFC_h3AhT4p<%?5`5fGJ2Lx93(j9+-;
z`W)?+o7cQuwlj292>8o+|5j3{(&1eOllNQRJ<1KjDU6wzOVmEPa~U_4re0CjE##3S
zPB3sGu~qY@aU`uV7NBpdk-9ffKKm8-uQ*cV5%hNv<1+b+4~vh!g|+SpICO{v2p}Im
zewEV9FfCdz2ZU|o_-<fu<0V|`0G@styZqxrp!0O2PcYGa^^D#8i*}v79Af2XZ&57X
zrE`vd#wRXzr(IZSRu7;7yL-RZesHG2_mBb`sZs2bY<chg-!1jplBqZinwiElN?oqb
zY^S(C@7sy!BC`u$c)$?&tQ?l?E-w#x#nXJ$kM-RJiTSlat-dZF&5-tbdZidZA>)lI
zOq_q@b<Gb9V$%ajXhLpmx6SvHv(Op@IR!|LZ&LGugXU5kjRE@=vA+R(t)WFN8^J|M
zaoos7AZi|E8APfxL`4UNa%14gLkY8^VrP<|WvR048d<8qQ~iAv(N1JAQ!(s80>C%c
zI4B*PdX~^qc!}3Otr$3l8!3tEj`-@Y-CTaLccqR<!{GBpoS05p1KBlY*<aWkLf{t2
z930aHBw(+rSlTWZhGH0@0F7SU{lXllpK6$ZxD7L#v{*nd6|1iE05r?^peZmvVYOg9
z+Ho_J0PQvX6w!)n-?uq1Bak)LXVdmylR5co-4p-@8hu$;Ok#Y*HV%#7)o{w&XWo#;
z-B>=mVCml-+?u4A-G5YUlLl<PF^Ki%DDzR0CDzN(+C@xJI$==r3lJpxmkeSaiM53o
z2)rt(`R3fR<7N<?(v`u0Y`L2G&t!de1_WL-375Yqp7{bFtk>np#f55APlB2*<DPui
zzvq61TOz=HtfU@Vb^J(HF_^NAeRhAW3}NV-<pSJ3*pd!YIWl6;as?E#=}o7jSg$_Z
zb}qWOQ}@>+khGY!j+@IvyWgGYJ83~uWixMPMd=zwo|LT#snk4X^`P{VO)LFKEoym=
z)c~x%74v(ePr{=fiiD_v_DWDl+wsj7`NP79{M05bl3GkXgXDPM5$z&j;@4_+U*L0{
z`FPD#?{qDl&%z|R$)HEIsFJ@feOeY!F8}AJ?~C&<2TS1Z-XH#-xZnSIpXL)pT*U^q
ztP6q4FZa}rz+p0w4_>L-q`%nD0CY~_-QtUjhQW)<P5*T5fiZa`31p;KxSjP%4z+W_
zHmV6G;o7gt=!ie;*sB#@vOWyh5PfKU6CH)A#*Vgz<HBgT`+0R<nb(%_Bzowh&v6c}
z0%p$#6sC>cfYGLWOm@FcLGMG*mWVeehU1L-^_oBG0BVCPTps-(3pnCpjGus7)1pQF
z)ZU)+79duoNE!onh<`fld@N=u{e*GXu#%m(+L_TEWLco5)G!~@hA&;PYqAdRG8OTI
zO(;E-&#M1#MYJ|R#yTAzyUHyN{TRC`@1Uyz_<vsJRSLR}%Dm4>W_&nvMqZwOI$bg-
z^VA;GLi1H-t8c5EodnS^=|M!~?hT;y@(MgAQ~-QHe-Qbeqw=sLvO$o%Jt4nt{?dNH
z+9thpB!Tg@8lZ!N6ibB{gBQghkF5@gP*3gcTObF(R}tr(CvlSmXymY<1~}<u{&DR2
zn5J2gK|)|}p8D13*)FB-*?)+fTZ{DgsPlf!uSGI5TaJJb1xiu?5Q%^9ON|vx?Ji$$
z=a=Fm7q0eHhSDo`Ir&4k{>RqO*0%obEw{s@xvNvG<IyYw*d~Xw5$|#UrNe)|`hDt5
zLhM;)pFgJB@IoZ~C}Q-<w+El?8&8((ni_ws2Ok&%&hqL0p1g%ucv;7iOTF$ga__y{
zs<eunRAf2=N&YrcKz*F5Zs(QVk?0i4e0OHc-V?|O=h-%iZeGq}o+kbyJ`wWa*7f?x
zYz2-M)5)Rc0frx;#4W*BxX#Z_m8buWA1B0zbb@>*dg7N-yxnF4mo^r>CUe+=;Om3y
zlJbSEcK&8FU3~fgvYePTv-EG|`eeOTM4NKZl3(vNn6E_r+@1geB+f$K#uO8PLB?W7
zFNnzi4zGXE4s4z|wlEu|ArDTHll4?nNzdQ{a%XuB?fus3?PoLgnp~_`*zy_<+L&WM
zX;of`0-QV5xO2S~fPdnl<Q%RS)NwQ}qQ7cGKWeYXkd?SL)0$0jB8GDjv+;_xhKkYi
zolp3AqoG4@9_!~gocX)gfV9x}yIn}e&9FxFV=q9`>M&A><dZq0qiSf!<U;!T1s~6J
zPS`}3>jP)NdR2jCuw-wY(q9-DZF;OF>v?Cd=QzgzFc#+LIX@gSGt|rt@a>o@C05|Q
zrhfwO7ZIUp(@8<YZm}N*CxaEQa<Y9#0Pd_6?A9a(0rwe_{nL=C>j87&=CNkEo-3%A
z&+nobx*w(+;GvtrnZfN{ixk|I;Dsqp;)O)A0Ll;EvbJQWkXALs8y_T3Z@FS3rJSGs
z*Fq9;1s?}i(j@QC);!mLjFzh3XK-)ILU=FXGqt=g4UhVRm-`+BZLR7;Hk3Nyx3#Sh
zCaA#SeeyY6UzCIGiIxQlmJXZ~#drR3fRQuYp+%aaKD|;k;aUG2lL(yimAd_%#qK{4
zu<3&Q`CzpObxFES+&?At86f3XWd=BHRqwS7(`|rlgRPY51TV#AP<nobB=#UEv(Koj
z#lOjNTk(k1A$135uj^Ag*h9xiQpTi@Is5(OA#2xWJpiT&ygxA^wWS3AGtM%#cA(ah
z>n~+_h=LtSl3a`w8+W1;6|e+nL4v=Ez~e>#0U<ixD|+F)=!_VqcgV_~n@6=t44*tK
zu57~-Q|zU_QSO1=g6Ye5O`($H6cmHlNdKlJ^#y~}?!bZ1cNeK+Y~;*vo4%QH=QkUv
z8V~8%0&F}nR=Eo2Yj1hor*X9qiv<=l5@LD2B-~)A+=}E&N4Q>>nmhzKpM!^coZ9&J
z+yG4=GP$)>{J3@b)?pckZ}%G3A&TxJrG!V98$Qi9mNmSOCT#fv5BGHf_K*1GeOBhT
z!~<{=hVReMY65Bc>CbrM-65)y_E%1%KY1;zUrgP}Ew$D#wiMWZ`m;~}4jFqOrC6!h
zQo|r75-@et<s5NXWp4lUiEn+Hm63o;D1>%0<4cK0;*I*b5z&;32DA9?;`<r{)$!<I
z8w8VaWY(lKj^WD|4rOs=2@8Z<0<<c+(&GEbUdV*Sxjv&oT8qU=cNHT@KWji`_pNO6
z!$L-6FEe@&2O$p=Q`{*zBZZnaOkGOMJ(>~B4;j=wG=f^twzfkD4uNn;uJP?&obebI
zV-MgEV0BkqR6F8~ag*s#H@=sP9v#G4!XD^i?Bq^eW>au?g3($(aWHw`h}Cb39yxM+
ze`{*GuOmz=h(uS!B8$%Xd=Z|>#-GiJd;Du%6M;&i;CRdqoj<&w)$e&TQ_;2$iXMDM
zq<V-($|l%?_|ma{E3whH`!`?l19@ZSPaB?m_%B$&BpZSD5DaY8m9_psQs+gC`4Vr<
zLPNyPT_}YgifMGoMu_sBC>9m&FvyN33%Zo%*<uf^S5z4>==a*pRqOm$EzyU*Z>8BY
zjdsyT0QmGfZnW#wSF0F?-58bu()f$Yh8Z5(8w)sTtuj^QK02(Tq=ly&cWDG6JALG$
zYX{zd$x(>glk>)_Dq?aR+B?Xr*LHTcS?*?2{asFc_&tv^8{GWPcG&zzb(2~iaQOL4
zqK?BL)T^&Dys(^92Tqn~XRgLP^q6tqj5mI6!EYBso;vFM10ONkk{Krz6u&oy^6w~V
z(t%)n!_uqp(&fhJ7GJ$FO!Wy=;FHArmkz|0hpV>jZZ|s1YsZY(*P}dIXgKd;IXsx@
zY2<3?cb&!8iVc^vubq2r{3!YqXoGc1KUVD3^X)_KGb1GpnxlmyFX+ccY&@zIaW0~_
zl^efPuz8{nEo2z>5Sue?$pX>o^qFAaU9&p)khLA{3#D>_2gzMC5Lg3pX273=@SRF_
zhJBWhGSn^9QwmH^umeTh9nvw{*yZ#bA70meFw)I9%6GJ6*;bAJAl?*^L@8$ZY%WJo
z9PjJOk@4kvZyG7CM`?5<Qf`;oh7OPRo+_zBgF)GWwfEg2fBY(sdPR*cx%CWu{A`?a
zNlVf1fCa7VL-?Ve9*YrylkJLUg^?v<Ij|#M+)OLi_X}gIgII^yxQ-qGd-4wZ(Oo|G
zX(G}UX(QD<ob@z6f?)4IwS_ArH6-M0&#X9+Iz_V)OiS>5a_$i7`eyDiD%apPqs{v|
zWQYe|h9sc^--N2K1!2zo?5|(ryK(A5PF}nz#mtnRx5ut%!HgzHfJ5Fg*x(>Ymyskr
z^2~8;yuB-$Q|*-@OS?;I>1~+&HZ|NsiB-neU|RhgH^#E0v-niW7&O={T@f5~8<-j4
z{i6a{u-j&o2gVaP94a>k!@7@(!^c}K3x91v?Z6h)<IbJwY3B(}#r+A1I>Cp$kb?*S
z=ii5o!-q`~m2}qBA$*r@L*e#=+-NJTdra6hNdG^j$AnGX8Hxo~M+W^Q0RXViI+<wi
zTWe4D(o*$mOLp=Io9&gs));c8?9~y+-=n)0acgjxf=x`iSS{j0qQ8D=!l8uZD2p*5
z8*m%!Kk;7eB?L4)Xz?RFaD9FG{ogTE<<?6LdT@R^MV%<WJ}H`k(EW7CIb-he5oUuw
zxiSiikiR>uYZe|@Qdr|wkH!rLyx%Y4e@xbIxyv7Bv?5{({xBc3+1rxYsRRCG;r4DL
zh%^|q?HZ~1-(>Ee$oIjt^96dr^(U?U2B!krIV<XWIq}Jxe_)t<oGfKs3V^|gT8HPr
z^;>W4j44vy5@b)c<mcqt^p^(M3ueQXb7caLJ`GILI<vP_Swkf2`y&%hk#gM~i-M6j
ztFt1|uH6qyj=7Z73i~X^4_{{-gQp_)`;vSD!^f~g^)kEh5z&0&1;wgn@l$1U484+U
zt&Mg30tpo|d=cA(cJd^fw!9L%XXAMot)7s$Ioqe%xgO<ZKsV!!+T~03sSFu=UQa!%
zQu=Qb=+P`-`<`?^H+HZu<h<$w`@Hy%jb~iL{%q24_WB5Tzrc_5{e$qFesaZCC3VW2
zyMwW1kiNGJz4O}c%B(kxwRd}O8sHE|LO4f4mp(qCWdrBT<sjTs<hAtA?+i`hG=iRx
zvtNc_K9=7wcS@ql;ZxUlaMFE`c*USKzOeXdQA!zP!leuT*B3%~Wallof|;doet;#x
z&6ctKmDvSd1>DsuUX?jE&MTL8B|dqAGB>2{4fg!H>A{ut^-O!_I=S@p2QPZXeHpMf
zj2FMOgy>muu<dNTc=*ok{8tpVGa5>;%J<82GZnc{3T<78h$WPkocjx*w2hEbnbX3x
zc;X)ODcV&(8DV4BJ&$Wfd?6g%snm2In(r~aOlJ!BcA_FF@(~i@?9Obsk^VGfM!VZ6
zx3=bsdDIwU92;-sIuw%j@fRjlkW~Bo`vP^)l>-@oLCGPnQsm?gYKhf(vad!;+HSGO
zl#>IWy}0ArVxFpP_JfmPRc7SL2k3yku=(j?aN=})hE<^n&M@1*DAe=s_7fRdso_6q
z)cMX+@$3Gn5;hpTCudvSs!>uXvHe*{;mA-#_2-V;5-*&B<?*cL$og<w^>k`QY3CK2
zLCv>qObq9O|JL-A56b@Lu%S28`qzK9a@0P+WU$Zi_K9a#Vxc?V^=p^k*xlQqb+Dl&
zd43N9u#K4S%rO;v)G3ju^AuCj^kAzqm~B;TS47GFTv1nZPbvMgo}eh2a<bxOa6B)c
z2`B(YYYevp9gMeEew6ud&;$^`GH|5^|MOyn)z|;4y)TW2vhBmxqTI67jgakD-7OR$
z#;y`=qO!}HvZNV_F$`m(sK`<(vM*&BV_(Kj6e3%Ui7|$3W5yVa8O#{-UQ<2K`{Dim
zetNDieq+wxbzavw=kh;~^Y|Y}A@OLt{BeJI3~2u|{^f(tHclnoHK$$s1uvhrs@@C*
zoo&OSZ;I5HbE)4ANwQV)Jtl7dIYBhL#KXl}JjeD)@3@r@AYulZz7IjbnU}rdH@#TC
zOU8MqB+^~&A0*AD_0ic#w^tELkyj5L#<hL=ny21!D9I@<ouh>6j?!Ji?%H*5M#<|m
z%B6Y-Bh8AF*M4pvTO19Y4&PUd1YBl%D<UsUqJZ4t_Ks8Vvh(cxNd%r{5=j$%i;q&~
zMbiz|HJl6X&o>$$504bOm#&xGX1Xqg))Rhk&Fx%^|DT7h1}1pT`TX&BVmp<~;FK@c
z(-*W(CrXr@2zq5HS$g(a4jA_SMS`sgzt(G!6B6IOe%$BROi9x838q}Z?Hg-uJ1Upj
zs7{h<-rRBrqK3|6^<hI+$CZXc^fDfNi_v?hlL^k~v4v~AsS7?`qRe=H3gr?>fjfz0
zY=k;Wk>+RytMA!tp3;-XZkr~wQy9`J>Vl5Z?uo|wYFN2~$HD6UbPLtkB;?T)rIZ~@
zDVGFGuirQJwq_a-0?+nW^u_0ZDe#ZDo+_t()|!n?HTGvSA^B|LUoz1y2Jd3p?*9o2
zlH>ABVJEUKy}m&n(tZ;(%zv5ORFFU)f2b~W9}q@U*?r^Oss9VaN!ApA^4<-ytJ5yL
zp+4&iY&5eL{DJoLI>>lTKx{bDiAsq(<?u-5B)}D;E0^f)<rR5ZVQJH?C+r2j6i|6*
zFz<+5XQYgzl?m2aiEtL8{Dc>uoES(WO@sn^uNq6R?e^UxsnzL<9`PB6;&xS-K)Az+
zcA}z3!&iGJ&*1KjbpUu9L^|4mTf@St*>GmDrTkvrdw;qHotM3cN^hdZ4ZW>x3dNp^
zpGzlbpCv^p)+pxgTQ^dPVcIHA0SZj9y#0etGYWT<FJ10bL(O|3&CvLLhWUckf2H3Z
zQ*F@NY<ge~iCjXhqn}CFG`n>c8^MUs#w~wKMkdV3%849`0T&^}tDSuEwS)o&tFvU-
zL=`7XbZ14u@4OWNb}|=ud^1E)BB0V`>ivb-(}m8D1trCAoqTzDudtxWu(27vdu+Vo
znDQ_%`=P`=7LKnQAl7TPZZonHOpI>2{}@uAt>Cli`FBVE2Ip4Rhl!D<U!qju`(msx
z_UtU@$R>g8n5R*mHn(pz$p&#TAKUx(V_SBjz_AGr+}&F$+rFuTr<;c<C?ZeKoZnC8
z(b(npEbF>HQ2?;_**Cfcwl0px9cnUxZh^JI`@%Uj<-nQKw+f$HQlZwjQs%W;;)s-o
zJ%eT`^BsCp`JpY|j@!LAvh%bRG0-W1aZpvPUWIHh7WSU<cAqtnqQ&2LZ+?gxz}3sH
z(H|xa8cO5-NPqH?KH3urtbC$rt59}=8{l0K;Nr5n*bbzF4FbxDr~T<sC$wz}@@9v3
z4Kf}B$Y4|6YJn{Qz%9zDZ?3UtRZBPZ^@OX6Qlg=FpY3wX2J6~!Wdh2DaY8<sh|?#U
zyEKl_YhFV#hdzQgpdTN_J4zRYzQh{<D*cf?ww;cmD=*L($RbkWkLAmt`nUf;mc#r!
z*f9C#*#`~s0xZA)D48qydqA9{j!OVB!?*q9lj+}b4NNzFvl02S-tpkW)|chkY8I>8
z9pm5sjGr5z-K~IAim6@QL+2_rk;hoJEuH&^yKqj9AP3xQco@Lymn?+YfXL>NB^s~;
zI`k(hIR|VCckw+QgHIKjsBFCjC<wX0sc;N{lKsv%1hAj_!#vVQbu|F#4FZ_yV666*
z0dSly67FmApC|C-JwaAYGUd-Jw3_+b{>tL`U7&z}r|X}hz@LJ@{y%?u(Qt%MV}u7K
z^7Pnwug5bT5_99hDbuJ=L4Z0Vk56;SLgbgfP6FV&W4+YRgF1A}0rBv``dQJ7JYYr6
zh}|HNzA)l<-ZP*#h+b#(956k-#M|rcOz?GecBukFo<YD#;xjT+E*4PuYYHHV8UAUJ
z`+(l0*i{e>2WSe?8Gy&m;N~mJif}jnK=*B#y$HZY`cl#~OAipkTbLDZ6FHqGNsv@X
zda>LFNdE!$K><kHN&Q1y(%ji4DF<yMaund~GhQ!VmJhb)T$UBkUv$QEm%bFp=|TX@
zjpTh|0KvtN+COR@ACsP|2)Om;yi%@b&Kf;+gO;pAxL=Ngadq-6JN+Lnn{YLWwROUD
z+?OtF>VY#(3*mnw6vhA{KsexoTOth@xdk2BXrlJPz!+qNA>A_?u*-}O1j7OKx49x7
zW9aa&ANFw};1<PuzjecgoMi;h+zyg+a=&RgfU#<YFi(Z7sOA)22IWX>laH;9fWinu
z8MOxtR>ZeaO(zn3L3|Sfq%Wt9iJ1y=dTi^b4+IH}G86g86aZusOYal7hmEm-mSpat
z^?wa@IS@Ih%Y^f}*7LWv2INy78{DXvTKPm8pPJy0!vCZ@;^6#=c%)wk;?jOYSc6Xw
znN|m%_}e8HkZ1{iCiSb^x4z*~is)kvk`90+%IlFMP+o8nAGJq>;rdw)rAi1A$4+%`
z5c3<v$zDx|DmEwCnXph}%c-}rdhC1GNOwUW)cgQh#FIR=JlVtBS{rbl=45q`{6hoF
z_{_gV#ZW|Fo`l%x<M%g~b#LtVhs?lxXs;;~p|ECNp1^xt6U^|?3!c>tc60XSGxvaP
z(GJQ~{a<F+>z&D-0Fp@p+*NL>F2EJxS$$metUpHIDM|BDY}B{DL&1~4#&8_E1sDnn
z{FXCqeFM<6t|VgVH$ZrvWzC!_HZxzvIs5oS5yoe6{%a@=PJlAs$eFjg^0YMBg^j#C
z#zBLysEnM%>-3$J<2`_wbgg_2{PGcHKAY#8pW|Fi3rt1NkwULtb6H<&UemF)nukkW
zY;Pi`T;UTkyDsPgxZs^1_NmV!xyeVq6M8?<44fh^l@tq7E6L>~4T)b}!c`rZ#w=e#
z%Dl~Q5*}E_+fa0(SI(kWJGA+1&Xr8b-Q&qXE$CT0Ddf%{NXVl&t6!v0I~*58FaBq$
zr~<r5El2be{x$e9a^UG*htXt9D}(LfqRYn0%KBqx&Pwe_b`B7UcVv%o2vN}go)jxZ
zJ??k|C4+3oGw(gw-{kwL(Qthot(bt-2wZ8E#rfONQ{x<^WBQWPT83S0hAA~(1+#(g
z3h!LYg;fc!qo&>_>by~SNN+TU>E;3Ss~8p=kc4QwKvBA{Kz*~o1CtfIB}LZ&H!vPc
z%UevTr#sR=m7-(x2+`eVRN#MJ^i;vbheXcOjJ|o&$Du$hIB+YkM>d_HU$PyncA)cL
zg2<RoQgs|ZVAQtPSEV64P%pKlb*yFv>kcYWT!6kg-GU^%N7M6xg}u1{>5GKsx#}UC
z9>^u?XemC>$QG3*vt5@A(;uQ0In)F+yhrzcgM?ugI-tK7Jzj=*-oL&6g;{hS6%4dI
z5xP{qL8Paa8kJ99>~RFwpU(@vj`?g<FTF6tcGe9zwjSj^Qn3nnlXdhii~?Z8!m+$L
zEW`Jmyn&`HIOP7TqJ0F{2c8o~y)cZQwU6je9`$AuLvH#eOy^Ba{$E)Waq&)r^;W(B
zeCgFEvp8hv4H;`>Sq4{g@9(|226h)|S!CY)9G6f2ckNunoXZ4aW~eQ-1Qn0gva7N%
zBrGBnos(KDOzHcVc-Xa-Na{3h?&kz>$}`4ZjDEMiV6eS1^kffS^k3uHB6+KRrI1_w
z*d9~@9XN*gsqWZ?*7J!E>?_!|0<w=#l8xQ(U_w>#4z>lSAf!!PV)p#;M1xa*D_ycl
zcY#lLo~8|LZ?-7wno>z?wXBM`!h%I0P3Fc)K$!;EeN#PuQm(NaZRPSy|1t&Z7maVr
z_Vh36Nf!grFV7!6WwwTx^cI2#RA9;Ewx@>2E6Aut%@3r?lfDYkah6_eIBgVR^a!cy
zPr#OMKI|8D;yjyc0HAUp@wjZgiI<!pdUKQwr538wYPiyGOT=2xtOws%<6ZZQ7AWC0
z(_EE+m)5it$dUIK4v(v>mXroUet13|tDaNGKsPhx7Wy*>whPUj<BTl9BJk?l2+T^q
z=rl4e68%75JgM3@d)Aov<U7%6i#}v%#Nh}n%)wFtHi|msB5@a>>h0ETxc~R&{n#F$
zo1AL7WG_z$kWFUG!KSZ+2EKzv0^En1I{9<lRgN0`=F9ogJF*~)_Xw@nii1_;sO8`2
z`!wH3#0cb+C3X%w!d{P=qm7>#XsP=d)jJ~mwJ|lvUZwM%Ay(jSwP^hc>P$E7RZ#9-
z+GiByJ7qgI_;itTFK${U-3D2IvPh<wW$AAsNthfiC&edKGY<$Nq8kBa^KoGan9|D5
zyp&W5xHT+j^Vn}b#)31I5lYmg>c4J38_Oz6`lPe60w16bp*LC%AB04bJ;9D53_)9a
z6qB!BEf8>su5!`!tr9UxyV0McRMD-ZE5f?6b2K<MOQq%8!Gujp1q%@P>$LB5rIVlK
zI$0Qzov-0iBSfi{?`(CBDeoR>9)+T=#$VKf2!eR(y$F5Kqoz%`o@m4j5Ct&$VL)<Q
zLBz3grv41PhHzWAtE^&ylf7)qm@fIt&na^3{3x@aKQ6Nq$6wq|9y6>Qo5Fyx=UM)z
zoNNPyueeBJ!zxPH+n#PL-4Dcj2(8Gt#1eiRU#1R<N-+rI^RN^vFz*RH2KLc^c!!#m
z%JyAt*07Q`F=iC5*V7~<+K5W0o(~(F0{nx8uzcMCO^X&>wKEuNWMmFx)MU?{Jpc<!
zYHr?~zgXZz(lEzcopCuv8hLU+36n0PtEw`uKM81f0B%upD^+yo`6PZObJH6qz^$dE
z+3M|+Q+-Q}xUC!y*wyD(HFlGXw5{hFdS(SP%L&_%A!0sFylA|7(8#&Q;`X6TZwJv|
zb9QnazzMzw_F8McOcY=)m?l9UpIrMYsIwS_fxM;~j*n^FY8i@EXIKr!L&{hnLO}ai
z#Q0IWLkgjJzR8$MGrh$QNIj<OlUQa0pPkzUy&YxnEGdT8VC*%<%Lm6Ve(!Z?uwPt9
zcMD<yA@E^B>o;=U@v;27PV`*BieQ!*h%JBq^9I&eft^c+=D0~zJ5?vGtypnx%iz;)
z&X1}3h%IowuR3&$xyn=H`F*oxR>DF`bf1>(llrMpF7E)Z%}Uog8nz$9h;_m2-k-y<
zNiReT-d=6H?dR6nN^4-zaUU770JUXV>csdB4yihTKmxQRN*|qgUi3Yt@;2Htmp{q+
z2fJ8uqV5&<M<rspr;a0;c^3b2aOH**rIwsLD`&e8Dvo|yqNb~&f`0I{$GZC+mX3=k
zLDM@U?D#E%p|zl}rh<7ldzHH~a4$zZbF@nYRdjUO2izVgLTVh+{f@IU+UnI64FFg5
zOJwrfnsi>F0LhGS4y6KKD5B}Cj8esiu@LD?Ehkxhlkqv(u6nfdLi|au*X2HnjY(pC
zNGTZP#1|4EmsL;qY#(sFw&9K2h5Y;&?GueOf7*QHMO>s)Kh*iegKr_1J#4pvZRf@>
z!+-Q0f}Pr;-<W@IDt5zFLDwiC6cEj$rEmO*EYV<%6T(P|lb!>5E1KunrTy1iI?-H%
zf^V>-!$4Q5q%T~`y+PPyf9S8w(fYkYk*OsD$q@mT-=l~<4KI?%Z!{-Jn=73ex_*PO
zv5)XWT=;GNKj%Q_K>1PME&C-$<%k<Sg2UhO5MZ;qw1|7_NBQ1NK9<Myyf^8wZFR4m
zK1cXRqTzipAa#pxL<|ehG(z8gEV~SPYTRi_u_38sFJEj?9#bv0#h)Mt-)~ndI_=45
zt5D1`Hg+->2LaBw&j>{0sZzgom6lgR4G*Tk2MOXp&S5rmv-2N=2l<1se%RY1I(6Kp
zm|iL=`<e4iuMhv27zyf#J9|BM<Tx<^YEjSKYf&$*#}&ny03_0p3@ExHu4wGhi17hK
zPO}-!1vIlbbS-tNl(-966(6WO`cG^o?#{)e?r^>QJ;v9@whfT!8mUVN&LADiS+@fw
zjxy%@B>St*@`Y)|1H>BB<N{8gp6K^`1JKckqQ<@9TM23lh#$BLbF8;I>>-okU|?jN
z=>r@BTCSy^r`Y&f;UV&RlJ!`T@2|5z8hve^(`4G7cWGEm>k>r98gfO>*5uPq#mF00
z?#+uP*|mhu5O>F$d^b(hN`!?SHHav!M@X^4T(w!Xr|R=O(r;ghXU}NzFEkCr(6nHt
zC#70csPTZBmZ2z@%Un_!si<h&wV|8uC3Wb-j=!%<y}s$5a$aot!g;YFQ(4GmpBD;A
z*!TNBDSKI#2p!$iSRtuldsy<s#M!~utOLI1Qf?&%7F?J8JG|g#{(Cj%P63fuR|IEk
zGpqajJ$h4`aLyr_P5q<nbYgtk8GjEXx^$hOM?)IWcza?;`Q5GPHv-Og%2btZx2<G^
zkDURNzw8Si?ME3}m`R^%fXAI9k^halEUj+gpscdDES|CZe$lb@h0kyN<)cKxE}bZQ
zeg^EI3AQ>B=|^FGsj6`63QPC0mV@3SDd0jyK3n{)xExl(kyP{)>YAV2Iy-8}21s(%
zjDqofelI)tYlq?xR@JlaBF+tLLC%$*@ZRdT@!(Qrf>{%*gEY@IeX@<SDN@?`LWmS)
z7MzNs*M=1o_LUyn1FwYG?p{Dl(XKPr*tqLpqh70uL|@Wn1Q;rhz`q$foSFPk?CQE^
z$LS{tJBHD2v*psP(v9`;C=2M=YQnZ|Tl)aV5l`KAX^b7p_X)et?uc@40)21<tsFy}
zyud9{jQovQOpJxOo0ALO!or1Ci}3&a!QL!KRd3~q8_q5*#&H^!mbMCaNbP0H51oK%
za_%F!ujlpNiP=Tn3&nh0=sCW?Hs@goj)uEi7gMFme7T?D9!6msVo>Onkoplropaje
zLK~j0TE!I=O-ye+{qFED$393OB=ynL>}RsT$!E3GcBL>_?`?~>&1g_Y-x~zE+Z&{D
zR?72M<j<VhbBnbo{CKk>8w*RH8w-y&;1u0|-dt1u;8M-rlFUOvTX>0x#E3|y18(~B
zKis}x?PcbD`MNm@_8K}PE}V@F+RB&Y$P!B+4b$&DPLtr^PKgJYA&CCM{eIH{!_q`0
zgZTrLBtv-rGqRC|Ad<2^4tZug_Jxiw9hA&CRe@kIgsIJbV<8?gUDa8ZAv%%vaj?*l
z88xZ;mO51(gGXb9m(y<C8x<+U@1P!Lwt&0B?pk{hPaO(2dsY(}Y{uTYk6ijT<T9fZ
zUG}gGdY}^&Pkfb1)LHS9HZ<3uI?ia#vT72ym>=_q88GiyqG;NkF!>%9M1y)P$}YDd
z7^%zw8n<=!TNfYO<5snc&}+u^XQRx;{^Le-%S^t9XodG!4@64V&uCr!Zt~ZH=oja|
z3lMXZbRtr`cQw=XJrC;qBln~|aSzy^Pj8QW17%l9jw~AKcGgShY*trUmG1z|VcDpt
z)(}$5M6u=~3J$_M!!eqmLuLh1z2U@cHrBQ<U?>nel(X(F9k{0vsS^tRR$020UB7_x
zA^W(Empj~j>!cw;t=0?o&uDK-*3#Rvew?wlF7E!CT=^0?3~e%gyuH;s+zek!uOCtg
z3_cCRt)+`^Ytcr>&m8~<j?I7iMA@#|=3WQIi5|!`P_1Zd_HC&2ec3$K)jO2WiaqIT
z%sv)1zMk*VsCbM$QtR<-$#;(h^<<WD8hgv^5JqL8SWj{E3!(#P{bHJ)@om|nA0q{A
zix3}2-|058iOhGypS2^PlImuR5R{TRKR+Zy4Q>#&K)pjueOuNts9J3)MLf;k0SOJm
zRZ6{Nv7X@K!%7Tp&^jAGt?UPW3Ob&e`j!{Aumm2Dg6f=Iqd)ajmNps=1!T1t8Euy9
z1RcyavBLHq!QG8XP;^#xKAs1m?t{(;_nms=KzZof@9<38;|m`XwYOEr4hf06n#P2F
zw}QLq*47uC|1PBsh#}>|i)H@yC>sPhP1o^TNy#<V{PocWF^NHhdi-^CwY(=y*I?|L
z8AW$VHUlvm3N0J^fr~C&)ce`-%JB(vG~C)fL@~bi)F<$6g~7d;exIjhy)D9`87iai
z27T^s;4yi=w!2{sPLlNT2<1KOi0nlfccXcZY!7{8Jy@qt7_Yc=idyTd^;F2(J$7QL
zS6DLdYg5ojyvZUGKj6OKvfDG0Xl8(zlDf<A0im5iqavQ0X73N)$+&$-liCO&G|#P?
zK7T{hp?5sJXEy@l`6fJ8<jn?&A>t1{v&~WsYl`)5NIn7Lt?%*VfqzE)W257|vzPSy
zr4QregbrvkBjY49D&gmE;q*k%5ZgD_QN3@fRdJnaO0VlB3|fL`N>zfFgwvI333f?^
zvKm%)|N1Tdlr`Ni{bXCMDfDT)YDO?MC)GTKjGx`T!}yD)1kU!sr8Su%U?|&pSVOBm
zc_n4CNT1*Yy5jkJyI*=bZyRfVu9Mz1bg!#ft>lFrKBOS90E5@6E0|8mzF*bul^ERo
z$o`3+rIqR(?)(A7g_`!;M3@s}*k5u4l`d|hf$!ZJqS)*|8~bQwQx2p!Y&n$KQg-*;
zH-R#A81iikp4VGuHPp|SKYFOT-SWH}UvMTSQ|d(MWTnE7zn~yf?sb%5>bwr(5#dwv
zc5s(NR3`-K%gMkL2l1snVN{xZ`62S|oxLKRp&C{&Q6jM9DYx9uNr7D-tJ!CXC<(+6
z3?-=vo*Q&Ym#NUjX<D&yz87d6Nf|b)6k2>XC*=(COTltp56$%7di!o_8W?z~uIf9}
zw3GIh`bKaBXt{9scg8zKkEbm?ju_~m%9^5YYDj}WvGn~)P^KPHwx_u|p`k)l0oU;p
zc3}9DL|BM-L<q*SS_*@V`N0h~nWceqDdZni+UQ@8*==N~zgzv{ROU&&d05-^9Yqg^
zE=K#mo$_51KE6JsH=u;X@UXOQjQ#oSN0Z>ew{mLFgXY`&hpnGZh4(iiPxdcFpZ{cc
zTl+KRv+G7xrc|ql+GKP0n9qc8aR9iq7;{SP@wioN^PtSOxr6fBV&5dK?CRu|(xI^8
zc7u5D+jI3%Lo->7Dd~vZ2l=WQ=}3pkE020{9!j_j=sVF8)5(+_ttjE`PI$8-eqw*H
z8D8Rjo%teU*OGS9fyIm5SBlFYw%y0ZJ{BplI|R<nr}O{A?#f17x?ei4x7H*|Lt7g*
z%gyV4rj9D-P%RuRU<cSnrS-Sg7$A!M+0`cA>uXq~c6Bxfc`$G}{j_U-PK?Nwo-MQ^
zmd4WpX`MaKXI6e^^7I~G_etu=zh<<gaM!1r#(VeA2b)Jj_qy|`?dg7IL!aXdY$O%~
zKBwSJfk%%XGfAywx<%O*+mC`NXXbR^ZdXqPZ%lsR+hDwp<4$F`p2oO!u|C>=tZ`A7
ztt<76CD#af<)R?cmd~BF;}iD|9|?7N>s_P4XIGstTWEP*VrCFeG$5_`33sSb&66^4
zt8$<gA6%zCE3To1nON_#xGx+Q(V3cWk=k<g4)^B|6NN`XeKO*YipT8PPvPK2>bjx&
za_#I&x_CkcI)A_jBZiu**poOi<OKLZbbxAn$D*TW2PADuQy+-+jxmSuZk)Q+W)C?+
zqR$ykPG7Hp<;WpgiE!iPA{K#%E7a->JU(e-4w8=AbF;E}yDw9ZvPX4Q=Oj)pbaBB&
zIIJ%x?vt~b-qvU4W4M*FMNx7rvj3ko84GTn!@IP;3RQG`IGtTn)YkEp&uwfa9zhOC
zmqo{aB6~|DuQMC_oVy+##bsv9H5;H%6utOMwjZt<#+hh*S=}Umo!^G#&5P7I!;W~!
zcSUz8&NGTK8$NC$Yr@6DFK=BefYH($T5OK|^YZGXP<RXA71KDQMwN+(3k!umZo29N
z@oWfMuB2u9G~8kR)b}-JBE~~Hp*qy2N|!kLfaHD;mxExH_L64lgMkg)hF6t=7r(5&
z8nke+Yl3)ypRLFpjYF={C}%WR%#lHyne8)u3j;DoO5Xc-v#hruJSqY&S`|ONXW-E!
zdm@8RrR^n>#g2FUJMFXoG2tJxRow*Cm*5PI>kT;?xWlq2IoUqlpbUw`OAz}otfTpm
z)RV!RUqA~|9kgkpF}kPWTR2HTopm8sJEQzG!cw!wxKikIy~^TH$7kFN_ry>4D^*rD
zrs=IGj=tD2L$LCiRZGW2YiDo=U>T*{Es}u(stDKlVtSnslA`&}9Wimw8tYWhdPpJ6
zq*h|y)5tiM^yDY2D~y~?+d`*cM@Qg^#`$uYCI%8L(Nyo*=|+#)K-)CjkECO#LV_2A
z5hQ#+j(T{+HhlynIw%r;1Wl=_X4Z6WW>it9x=z#3r9IXM5SR7Fmnbss4Go>>CYop%
zb61n%Ls(Qe$$i@YpT2u8EwZ4GcU!h%^N|GnJ9Vqr?SJzY(rYr7AnQm_MT7?HnFUeH
z09d95McS(ZrNGCw4f@*a7m<B${+<VqYl`8%KFJK`4)=Gb|10c~cEO<d=dTrOa<xqN
zUzM`m*Y`6j$>IH>S@NwfKT!)%Jtud#JAKk43nq97wnD5S`i2?nGlfLWp_7@&+%R+C
zqvVbbPP`F@GH;eBkv_DiyYmJ3`TSYMxe$*-jj_wxd28QLpM$t|yOv*YwTJZ5ml~JC
zW{xxXyq^ALwB3E296qFNOK_LE^EhC1*PwLT=ak+9X`h=t8Ma$Gd*1b@BmDznIqN1q
z4uLMyOP98N#LYr$o3#$FdD-5mb~(Nit$>_mzQBuR-<N%&Eg2m8DC8$>g|))f*6QsQ
zqVp?Kqdy6J|7ox~_dL6EtNf-wK)csDJqSE#Ek>cl<;aBzbayu=?)*xvDUCZ)c;EgG
zm54XRSwEEx-lC_l)-L&?pM0!k#*Iig^f>8lexf!P6x$Q43RPmJ<q;!^`5r~v;EYr^
zEEK92?Z5vHoZ^QtucG4NC79(I{}!3Zi>ixT2F@BaptdaJ*7)93LugxYtl{A}inf|?
zz@n$4%P0tjH(A@|C)~`=P_Qz-D<I3xI6udU&rI>f+j_C6judUCGV8r|=5>b05VIlE
zJszr5LLpW&4OkUk`&Js3nmdUN;Rv&G!degRB{d08lSA~^uG5w*qEK!Qv)sc>Bq%4M
zNu=l!O|9Q^St$nS5FZF4c;c%Zqn8L@NP<p_0f7ZyL{?Ef5X*COPnls~V)yzPPCL9H
zG6;*}5{;WpB^(3NOux&aP~!;{;@4WHBD&KxIteSO)++rZv{Toz$#nAXU6E>&BgNgZ
zJK8<6$~L`=jEe?ay<ukpGJtOJB$00ZN~S+1oEwxbrlGGI=Oh%=;qT6O*7$93TcP5e
zEN<Vk%+Znod{~RQiGysrz#8+uaGQ|%qmVI)N5=i0`b&MK`j)m!9efW#d@rYErywEG
z%YNi(4S2e?f}fnlSVrT-yadgkiwSceY7d6R+dp|*pb`UpKqHitQA?_&sHew(Dpf6I
z<E0+Qb6$kA_xd)@<scjAQ^?XM2~Ej+blbiNg;>fy`w>@Q=cCj?ESQs+Zz)u7K#8#0
zKAiC%uW?*W-sRge1G7&LtP&ZXH!3AG*Wp!Gp&r2cDcZ6o>25qZ&h*C3<QRV@baUzl
zBwe6asv*qS#F6K|nHbWuRo3Nl+H_ue?0o3rH6sVFmNd{kA*bJ~Da*73etKQ`o#Ay(
zSXW?jXW%&OgO_M8?87EIkF!6VQOiO3R!Jiazl1S*_v|-^toIQ5$32mTTe`Qu{90qr
zZEA@SIGkcZ6|n=+7a0Rsyw6y3&|EcnQMuGYZusTH!x688CVb|J<MR8RxBP9a%}=Ic
zQ$ng0Zu$i-vv%oqo{2znP=?Wn_<@-y>VizF(&%WsG5gSXFLaQQ;fY-7Zi~OpHpnTy
zcv-j959|vn1(kXw1%G4u$S^N3jXYg+jSAvZaXEdIMg$##zQt9Kf#5Ue?W)%eT--^)
zcv^pr$s+gE&q`I4))92vKaF=o5D(U`HXt{tBz-NPi2fQ2D(!p&Re7YE#*39kVgS!U
zzK-XDgURapO84;C8Q`CMW!+lJe0-CC>uA<N?RmxQj_-8k<0CyM6O&o%Gpf$&CcpHa
zd`x%>NT<sud~CS#wj3S+(wb72vy<;}&$t|>v8bNaDuLA#X)M+aWQUN+#LjI74qMq0
zRL9%KKZf!S@h2-_GjlNO%<ZmNJtTLYt8ZzrMx6(02Py^eDpd)wc)62kM_I4N5z)@t
zY&Q8rw+rv<k>QT)hL#p<-tz%h8I$+Szpm(ifE)k1PCVtk9`DN9&$}7#dVJx(DNlm`
z)sFaI!T&YSpN{muPVv7n^S_zmR}1`aDE!}{kczco-2am^&<dBi*OH3u7+Dbf(^H`9
zj%GVJX8-*jUl3Ml4{l@-{!@Ta!{8F}=n}NK{oX%Il509R-H=0aA`<iwTP3zdy~Sd`
zX)1ht6z?Lq{x-&*JKK$kE86*IHM6^PJHMzG(=3fd?V79?+^|5Y+WxMe51kZ?X%1z*
zYB29q0MTLjElgbJrLSd$S$`(Ak&clUH#gY5TX@s;Oi{#C2obHNWoY~7+p_wa8hIlQ
z>9`Sb8|$&I*1OAU=O3y%x};c)unc+-7eZPnMXomA&(%GIME|MPPWU#qC^xgENQ0oJ
z#mWdFWgvCVc0V_A0b?yMD4_n7`Vn$q3j#?mC<&!(EKI|ibQj!Yu;-pNFLPQ7wQ9B>
ziSHq*vnai}p4;~SX}_N)lMOdH{UlMY4fsJArhc{867k8Gb;SEB^T<MR-7Vgoub7x$
KEV<ws@qYl95~XYa

literal 0
HcmV?d00001

diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md
index 24437bd519..19322dea8b 100644
--- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md
@@ -94,11 +94,21 @@ There are rules governing which hint is shown during the recovery (in the order
       - not saved to a file
 
     **Result:** the hints for the custom URL and the Microsoft account (**https://aka.ms/myrecoverykey**) are displayed.
+
+    Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen includes the Microsoft account hint if the recovery password is saved to a Microsoft account.
   :::column-end:::
   :::column span="2":::
   :::image type="content" source="images/preboot-recovery-custom-url-single-backup.png" alt-text="Screenshot of the BitLocker recovery screen showing a custom URL and the hint where the BitLocker recovery key was saved." lightbox="images/preboot-recovery-custom-url-single-backup.png" border="false":::
   :::column-end:::
 :::row-end:::
+:::row:::
+  :::column span="2":::
+    Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen includes the Microsoft account hint if the recovery password is saved to a Microsoft account.
+  :::column-end:::
+  :::column span="2":::
+  :::image type="content" source="images/bitlocker-recovery-screen-msa-backup-24h2.png" alt-text="Screenshot of the BitLocker recovery screen showing a Microsoft account hint where the BitLocker recovery key was saved." lightbox="images/bitlocker-recovery-screen-msa-backup-24h2.png" border="false":::
+  :::column-end:::
+:::row-end:::
 :::row:::
   :::column span="4":::
     #### Example: single recovery password in AD DS and single backup

From 38810544d06deac9d6310f1c9374660072cc7e27 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Tue, 25 Jun 2024 12:57:56 -0400
Subject: [PATCH 17/24] Changes to device encryption

---
 .../data-protection/bitlocker/index.md                       | 5 +++--
 .../data-protection/bitlocker/preboot-recovery-screen.md     | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/windows/security/operating-system-security/data-protection/bitlocker/index.md b/windows/security/operating-system-security/data-protection/bitlocker/index.md
index e9e9e7bdb7..8279aa6322 100644
--- a/windows/security/operating-system-security/data-protection/bitlocker/index.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/index.md
@@ -85,10 +85,11 @@ BitLocker has the following requirements:
 
 ## Device encryption
 
-*Device encryption* is a Windows feature that provides a simple way for some devices to enable BitLocker encryption automatically. Device encryption is available on all Windows versions, and it requires a device to meet either [Modern Standby][WIN-3] or HSTI security requirements. Device encryption can't have externally accessible ports that allow DMA access.
+*Device encryption* is a Windows feature that provides a simple way for some devices to enable BitLocker encryption automatically. Device encryption is available on all Windows versions, and it requires a device to meet either [Modern Standby][WIN-3] or HSTI security requirements. Device encryption can't have externally accessible ports that allow DMA access. Device encryption encrypts only the OS drive and fixed drives, it doesn't encrypt external/USB drives.
 
 > [!IMPORTANT]
-> Device encryption encrypts only the OS drive and fixed drives, it doesn't encrypt external/USB drives.
+> Starting in Windows 11, version 24H2, the prerequisites of DMA and HSTI/Modern Standby are removed. As a result, more devices are eligible for device encryption.
+> For more information, see [BitLocker drive encryption in Windows 11 for OEMs](/windows-hardware/design/device-experiences/oem-bitlocker).
 
 Unlike a standard BitLocker implementation, device encryption is enabled automatically so that the device is always protected. When a clean installation of Windows is completed and the out-of-box experience is finished, the device is prepared for first use. As part of this preparation, device encryption is initialized on the OS drive and fixed data drives on the computer with a clear key that is the equivalent of standard BitLocker suspended state. In this state, the drive is shown with a warning icon in Windows Explorer. The yellow warning icon is removed after the TPM protector is created and the recovery key is backed up.
 
diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md
index 19322dea8b..30c8682448 100644
--- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md
@@ -103,7 +103,7 @@ There are rules governing which hint is shown during the recovery (in the order
 :::row-end:::
 :::row:::
   :::column span="2":::
-    Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen includes the Microsoft account hint if the recovery password is saved to a Microsoft account.
+    Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen includes the Microsoft account (MSA) hint, if the recovery password is saved to a MSA. This hint helps the user to understand which MSA account was used to store recovery key information.
   :::column-end:::
   :::column span="2":::
   :::image type="content" source="images/bitlocker-recovery-screen-msa-backup-24h2.png" alt-text="Screenshot of the BitLocker recovery screen showing a Microsoft account hint where the BitLocker recovery key was saved." lightbox="images/bitlocker-recovery-screen-msa-backup-24h2.png" border="false":::

From 3caf2b137afc8be1615b51296263eb67aa356168 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Tue, 25 Jun 2024 13:01:21 -0400
Subject: [PATCH 18/24] fixed typo

---
 .../data-protection/bitlocker/preboot-recovery-screen.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md
index 30c8682448..d6543ba40d 100644
--- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md
@@ -103,7 +103,7 @@ There are rules governing which hint is shown during the recovery (in the order
 :::row-end:::
 :::row:::
   :::column span="2":::
-    Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen includes the Microsoft account (MSA) hint, if the recovery password is saved to a MSA. This hint helps the user to understand which MSA account was used to store recovery key information.
+    Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen includes the Microsoft account (MSA) hint, if the recovery password is saved to an MSA. This hint helps the user to understand which MSA account was used to store recovery key information.
   :::column-end:::
   :::column span="2":::
   :::image type="content" source="images/bitlocker-recovery-screen-msa-backup-24h2.png" alt-text="Screenshot of the BitLocker recovery screen showing a Microsoft account hint where the BitLocker recovery key was saved." lightbox="images/bitlocker-recovery-screen-msa-backup-24h2.png" border="false":::

From 41a9d197133c240dbb9ed24898ffed1483c7bee1 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Tue, 25 Jun 2024 13:09:40 -0400
Subject: [PATCH 19/24] removed duplicated paragraph

---
 .../data-protection/bitlocker/preboot-recovery-screen.md         | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md
index d6543ba40d..f3bf57adf0 100644
--- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md
@@ -95,7 +95,6 @@ There are rules governing which hint is shown during the recovery (in the order
 
     **Result:** the hints for the custom URL and the Microsoft account (**https://aka.ms/myrecoverykey**) are displayed.
 
-    Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen includes the Microsoft account hint if the recovery password is saved to a Microsoft account.
   :::column-end:::
   :::column span="2":::
   :::image type="content" source="images/preboot-recovery-custom-url-single-backup.png" alt-text="Screenshot of the BitLocker recovery screen showing a custom URL and the hint where the BitLocker recovery key was saved." lightbox="images/preboot-recovery-custom-url-single-backup.png" border="false":::

From 557ca67626f9ad401b22011f4c55bd35c28ffdab Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Tue, 25 Jun 2024 13:18:00 -0400
Subject: [PATCH 20/24] updates

---
 .../data-protection/bitlocker/index.md                          | 2 +-
 .../data-protection/bitlocker/preboot-recovery-screen.md        | 1 -
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/windows/security/operating-system-security/data-protection/bitlocker/index.md b/windows/security/operating-system-security/data-protection/bitlocker/index.md
index 8279aa6322..69d9822b91 100644
--- a/windows/security/operating-system-security/data-protection/bitlocker/index.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/index.md
@@ -88,7 +88,7 @@ BitLocker has the following requirements:
 *Device encryption* is a Windows feature that provides a simple way for some devices to enable BitLocker encryption automatically. Device encryption is available on all Windows versions, and it requires a device to meet either [Modern Standby][WIN-3] or HSTI security requirements. Device encryption can't have externally accessible ports that allow DMA access. Device encryption encrypts only the OS drive and fixed drives, it doesn't encrypt external/USB drives.
 
 > [!IMPORTANT]
-> Starting in Windows 11, version 24H2, the prerequisites of DMA and HSTI/Modern Standby are removed. As a result, more devices are eligible for device encryption.
+> Starting in Windows 11, version 24H2, the prerequisites of DMA and HSTI/Modern Standby are removed. As a result, more devices are eligible for automatic and manual device encryption.
 > For more information, see [BitLocker drive encryption in Windows 11 for OEMs](/windows-hardware/design/device-experiences/oem-bitlocker).
 
 Unlike a standard BitLocker implementation, device encryption is enabled automatically so that the device is always protected. When a clean installation of Windows is completed and the out-of-box experience is finished, the device is prepared for first use. As part of this preparation, device encryption is initialized on the OS drive and fixed data drives on the computer with a clear key that is the equivalent of standard BitLocker suspended state. In this state, the drive is shown with a warning icon in Windows Explorer. The yellow warning icon is removed after the TPM protector is created and the recovery key is backed up.
diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md
index f3bf57adf0..aaadd7678e 100644
--- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md
+++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md
@@ -94,7 +94,6 @@ There are rules governing which hint is shown during the recovery (in the order
       - not saved to a file
 
     **Result:** the hints for the custom URL and the Microsoft account (**https://aka.ms/myrecoverykey**) are displayed.
-
   :::column-end:::
   :::column span="2":::
   :::image type="content" source="images/preboot-recovery-custom-url-single-backup.png" alt-text="Screenshot of the BitLocker recovery screen showing a custom URL and the hint where the BitLocker recovery key was saved." lightbox="images/preboot-recovery-custom-url-single-backup.png" border="false":::

From 3527da742c6430c49c46880a310e33a50947c812 Mon Sep 17 00:00:00 2001
From: Aaron Czechowski <aczechowski@users.noreply.github.com>
Date: Tue, 25 Jun 2024 11:17:18 -0700
Subject: [PATCH 21/24] add metadata block

---
 .../updatemanagedvsupdateunmanageddevices.md    | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md b/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md
index 9bc4dee63b..1602ebfce6 100644
--- a/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md
+++ b/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md
@@ -1,4 +1,19 @@
-
+---
+title: IT managed versus unmanaged devices
+description: This article provides clarity on the terminology and practices involved in managing Windows updates for both managed and unmanaged devices.
+ms.service: windows-client
+ms.subservice: itpro-updates
+ms.topic: overview
+author: mikolding
+ms.author: v-mikolding
+ms.reviewer: mstewart,thtrombl,v-fvalentyna,arcarley
+manager: aaroncz
+ms.localizationpriority: medium
+appliesto:
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
+- ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
+- ms.date: 06/25/2024
+---
 
 # Managing Windows Updates: IT Managed vs. Unmanaged Devices
 

From a56816ad644bfba1b7934af992409da9ff9aee00 Mon Sep 17 00:00:00 2001
From: Aaron Czechowski <aczechowski@users.noreply.github.com>
Date: Tue, 25 Jun 2024 11:28:05 -0700
Subject: [PATCH 22/24] review revisions

---
 windows/deployment/TOC.yml                       |  8 ++++----
 ...es.md => update-managed-unmanaged-devices.md} | 16 +++++-----------
 2 files changed, 9 insertions(+), 15 deletions(-)
 rename windows/deployment/update/{updatemanagedvsupdateunmanageddevices.md => update-managed-unmanaged-devices.md} (66%)

diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml
index 5daf2b7ae1..f4b74cbd1b 100644
--- a/windows/deployment/TOC.yml
+++ b/windows/deployment/TOC.yml
@@ -13,8 +13,8 @@
           href: update/release-cycle.md
         - name: Basics of Windows updates, channels, and tools
           href: update/get-started-updates-channels-tools.md
-        - name: Defining Windows Update managed and Windows Update unmanaged devices
-          href: ./update/updatemanagedvsupdateunmanageddevices.md
+        - name: Defining Windows update managed devices
+          href: update/update-managed-unmanaged-devices.md
         - name: Prepare servicing strategy for Windows client updates
           href: update/waas-servicing-strategy-windows-10-updates.md
         - name: Deployment proof of concept
@@ -115,7 +115,7 @@
             - name: Deploy updates with Group Policy
               href: update/waas-wufb-group-policy.md
             - name: Deploy updates using CSPs and MDM
-              href: update/waas-wufb-csp-mdm.md              
+              href: update/waas-wufb-csp-mdm.md
             - name: Update Windows client media with Dynamic Update
               href: update/media-dynamic-update.md
             - name: Migrating and acquiring optional Windows content
@@ -379,7 +379,7 @@
         - name: Delivery Optimization reference
           href: do/waas-delivery-optimization-reference.md?toc=/windows/deployment/toc.json&bc=/windows/deployment/breadcrumb/toc.json
         - name: FoD and language packs for WSUS and Configuration Manager
-          href: update/fod-and-lang-packs.md         
+          href: update/fod-and-lang-packs.md
         - name: Windows client in S mode
           href: s-mode.md
         - name: Switch to Windows client Pro or Enterprise from S mode
diff --git a/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md b/windows/deployment/update/update-managed-unmanaged-devices.md
similarity index 66%
rename from windows/deployment/update/updatemanagedvsupdateunmanageddevices.md
rename to windows/deployment/update/update-managed-unmanaged-devices.md
index 997d298f9a..56e94bb220 100644
--- a/windows/deployment/update/updatemanagedvsupdateunmanageddevices.md
+++ b/windows/deployment/update/update-managed-unmanaged-devices.md
@@ -1,5 +1,5 @@
 ---
-title: IT managed versus unmanaged devices
+title: Defining Windows update managed devices
 description: This article provides clarity on the terminology and practices involved in managing Windows updates for both managed and unmanaged devices.
 ms.service: windows-client
 ms.subservice: itpro-updates
@@ -15,7 +15,7 @@ appliesto:
 - ms.date: 06/25/2024
 ---
 
-# Managing Windows updates: IT managed vs. unmanaged devices
+# Defining Windows update managed devices
 
 As an IT administrator, understanding the differences between managed and unmanaged devices is crucial for effective Windows update management. This article provides clarity on the terminology and practices involved in managing Windows updates for both types of devices.
 
@@ -34,13 +34,13 @@ Devices are considered Windows update-managed if you manage the update offering
 
 - You configure policies to manage which updates are offered to the specific device.
 - You set when your organization should receive feature, quality, and driver updates, among others.
-- You use [Group Policy (GPO)](https://learn.microsoft.com/windows/deployment/update/waas-wufb-group-policy), [Cloud Solution Provider (CSP)](https://learn.microsoft.com/windows/client-management/mdm/policy-csp-update#update-allowupdateservice), or [Microsoft Graph](https://learn.microsoft.com/windows/deployment/update/deployment-service-overview) to configure these offerings.
+- You use [Group Policy (GPO)](/windows/deployment/update/waas-wufb-group-policy), [Cloud Solution Provider (CSP)](/windows/client-management/mdm/policy-csp-update#update-allowupdateservice), or [Microsoft Graph](/windows/deployment/update/deployment-service-overview) to configure these offerings.
 
 ### IT-managed: Windows update experience
 
 Devices are considered Windows update-managed if you use policies (GP, CSP, or Microsoft Graph) to manage device behavior when taking Windows updates.
 
-Examples of controllable device behavior include active hours, update grace periods and deadlines, update notifications, update scheduling, and more. Consult the complete list at [Update Policy CSP - Windows Client Management](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update).
+Examples of controllable device behavior include active hours, update grace periods and deadlines, update notifications, update scheduling, and more. Consult the complete list at [Update Policy CSP - Windows Client Management](/windows/client-management/mdm/policy-csp-update).
 
 ## Examples of update-managed Windows devices
 
@@ -68,10 +68,4 @@ Examples of update-unmanaged devices include:
 - **BYOD devices not enrolled in management programs:** Devices used for work but not part of an organizational BYOD program.
 - **Peripheral devices:** Devices like printers, IP phones, and uninterruptible power supplies (UPS) that cannot accept centrally managed administrative credentials.
 
-For more information on managed and unmanaged devices, check out [Secure managed and unmanaged devices](https://docs.microsoft.com/mem/intune/protect/protect-devices).
-
-## Recommendations
-
-| SEO Keywords                                                                                              | Suggested Additions                                                                  | Links to Update                                                                                                                                                                                                                    | Issues/Concerns                                                    |
-|-----------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------|
-| Windows update management, IT managed devices, unmanaged devices, Windows updates, Intune managed devices | Add detailed steps for configuring GPO, CSP, and Graph policies for managing updates | [Update Policy CSP - Windows Client Management](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update), [Secure managed and unmanaged devices](https://docs.microsoft.com/mem/intune/protect/protect-devices) | Ensure all links are up to date and point to the correct resources |
+For more information on managed and unmanaged devices, see [Secure managed and unmanaged devices](/microsoft-365/business-premium/m365bp-managed-unmanaged-devices).

From ce147ee70031fdc419cee1dd8ae8d05fa94b64b4 Mon Sep 17 00:00:00 2001
From: Aaron Czechowski <aczechowski@users.noreply.github.com>
Date: Tue, 25 Jun 2024 11:36:31 -0700
Subject: [PATCH 23/24] fix from review

---
 windows/deployment/TOC.yml                                  | 2 +-
 .../deployment/update/update-managed-unmanaged-devices.md   | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/deployment/TOC.yml b/windows/deployment/TOC.yml
index f4b74cbd1b..ce71f48060 100644
--- a/windows/deployment/TOC.yml
+++ b/windows/deployment/TOC.yml
@@ -13,7 +13,7 @@
           href: update/release-cycle.md
         - name: Basics of Windows updates, channels, and tools
           href: update/get-started-updates-channels-tools.md
-        - name: Defining Windows update managed devices
+        - name: Defining Windows update-managed devices
           href: update/update-managed-unmanaged-devices.md
         - name: Prepare servicing strategy for Windows client updates
           href: update/waas-servicing-strategy-windows-10-updates.md
diff --git a/windows/deployment/update/update-managed-unmanaged-devices.md b/windows/deployment/update/update-managed-unmanaged-devices.md
index 56e94bb220..cb25564137 100644
--- a/windows/deployment/update/update-managed-unmanaged-devices.md
+++ b/windows/deployment/update/update-managed-unmanaged-devices.md
@@ -1,9 +1,10 @@
 ---
-title: Defining Windows update managed devices
+title: Defining Windows update-managed devices
 description: This article provides clarity on the terminology and practices involved in managing Windows updates for both managed and unmanaged devices.
 ms.service: windows-client
 ms.subservice: itpro-updates
 ms.topic: overview
+ms.date: 06/25/2024
 author: mikolding
 ms.author: v-mikolding
 ms.reviewer: mstewart,thtrombl,v-fvalentyna,arcarley
@@ -12,10 +13,9 @@ ms.localizationpriority: medium
 appliesto:
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 11</a>
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10</a>
-- ms.date: 06/25/2024
 ---
 
-# Defining Windows update managed devices
+# Defining Windows update-managed devices
 
 As an IT administrator, understanding the differences between managed and unmanaged devices is crucial for effective Windows update management. This article provides clarity on the terminology and practices involved in managing Windows updates for both types of devices.
 

From 73bb50772e7799727094789cd0c031f50062ac22 Mon Sep 17 00:00:00 2001
From: Aaron Czechowski <aczechowski@users.noreply.github.com>
Date: Tue, 25 Jun 2024 12:02:44 -0700
Subject: [PATCH 24/24] Acrolinx

---
 .../update-managed-unmanaged-devices.md       | 22 +++++++++----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/windows/deployment/update/update-managed-unmanaged-devices.md b/windows/deployment/update/update-managed-unmanaged-devices.md
index cb25564137..3f495f601a 100644
--- a/windows/deployment/update/update-managed-unmanaged-devices.md
+++ b/windows/deployment/update/update-managed-unmanaged-devices.md
@@ -21,10 +21,10 @@ As an IT administrator, understanding the differences between managed and unmana
 
 ## What are update-managed Windows devices?
 
-Update-managed devices are those where an IT administrator or organization controls Windows updates through a management tool (such as Microsoft Intune) or by directly setting policies. This includes group policy (GPO), Configuration Service Provider (CSP) policy, or Microsoft Graph.
+Update-managed devices are those where an IT administrator or organization controls Windows updates through a management tool, such as Microsoft Intune, or by directly setting policies. You can directly set policies with group policy objects (GPO), configuration service provider (CSP) policies, or Microsoft Graph.
 
 > [!NOTE]
-> This is true even if you directly set registry keys. However, we don't recommended doing this because registry keys can be easily overwritten.
+> This definition is true even if you directly set registry keys. However, we don't recommended doing this action because registry keys can be easily overwritten.
 
 Managed devices can include desktops, laptops, tablets, servers, and manufacturing equipment. These devices are secured and configured according to your organization's standards and policies.
 
@@ -34,13 +34,13 @@ Devices are considered Windows update-managed if you manage the update offering
 
 - You configure policies to manage which updates are offered to the specific device.
 - You set when your organization should receive feature, quality, and driver updates, among others.
-- You use [Group Policy (GPO)](/windows/deployment/update/waas-wufb-group-policy), [Cloud Solution Provider (CSP)](/windows/client-management/mdm/policy-csp-update#update-allowupdateservice), or [Microsoft Graph](/windows/deployment/update/deployment-service-overview) to configure these offerings.
+- You use [group policy objects (GPO)](/windows/deployment/update/waas-wufb-group-policy), [configuration service provider (CSP)](/windows/client-management/mdm/policy-csp-update#update-allowupdateservice), or [Microsoft Graph](/windows/deployment/update/deployment-service-overview) to configure these offerings.
 
 ### IT-managed: Windows update experience
 
-Devices are considered Windows update-managed if you use policies (GP, CSP, or Microsoft Graph) to manage device behavior when taking Windows updates.
+Devices are considered Windows update-managed if you use policies (GPO, CSP, or Microsoft Graph) to manage device behavior when taking Windows updates.
 
-Examples of controllable device behavior include active hours, update grace periods and deadlines, update notifications, update scheduling, and more. Consult the complete list at [Update Policy CSP - Windows Client Management](/windows/client-management/mdm/policy-csp-update).
+Examples of controllable device behavior include active hours, update grace periods and deadlines, update notifications, update scheduling, and more. Consult the complete list at [Update Policy CSP](/windows/client-management/mdm/policy-csp-update).
 
 ## Examples of update-managed Windows devices
 
@@ -51,21 +51,21 @@ Here are a few examples of update-managed devices:
 - **Devices provisioned through Windows Autopilot:** Devices that are set up and preconfigured to be business-ready right out of the box.
 - **Mandated security settings:** Devices with health requirements such as device encryption, PIN or strong password, specific inactivity timeout periods, and up-to-date operating systems.
 - **Intune-enrolled devices:** Devices enrolled in Microsoft Intune for network access and enforced security policies.
-- **Third-party managed devices:** Devices enrolled in third-party management tools with configured Windows update policies via GPO, CSP, or registry key.
+- **Third-party managed devices:** Devices enrolled in non-Microsoft management tools with configured Windows update policies via GPO, CSP, or registry key.
 
 ## What are update-unmanaged Windows devices?
 
-Unlike update-managed devices, unmanaged devices are not controlled through policies, management tools, or software. These devices aren't enrolled in tools like Microsoft Intune or Configuration Manager. If you only configure the Settings page to control overall device behavior when taking updates, it is considered an unmanaged device.
+Unlike update-managed devices, unmanaged devices aren't controlled through policies, management tools, or software. These devices aren't enrolled in tools like Microsoft Intune or Configuration Manager. If you only configure the Settings page to control overall device behavior when taking updates, it's considered an unmanaged device.
 
-> [!Note]
+> [!NOTE]
 > The term "Microsoft managed devices" used to refer to what we now call "update unmanaged Windows devices." Based on feedback, we have updated our terminology for clarity.
 
 ## Examples of update-unmanaged Windows devices
 
 Examples of update-unmanaged devices include:
 
-- **Personal devices:** Devices owned by individuals at your organization that are not enrolled in any corporate management system.
-- **BYOD devices not enrolled in management programs:** Devices used for work but not part of an organizational BYOD program.
-- **Peripheral devices:** Devices like printers, IP phones, and uninterruptible power supplies (UPS) that cannot accept centrally managed administrative credentials.
+- **Personal devices:** Devices owned by individuals at your organization that aren't enrolled in any corporate management system.
+- **BYOD devices not enrolled in management programs:** Devices used for work but not part of an organizational bring your own device (BYOD) program.
+- **Peripheral devices:** Devices like printers, IP phones, and uninterruptible power supplies (UPS) that can't accept centrally managed administrative credentials.
 
 For more information on managed and unmanaged devices, see [Secure managed and unmanaged devices](/microsoft-365/business-premium/m365bp-managed-unmanaged-devices).