From 073b05bb363843e7e624484e42b9a4fe4a8d7619 Mon Sep 17 00:00:00 2001
From: John Tobin <v-jotob@microsoft.com>
Date: Wed, 29 Mar 2017 15:07:24 -0700
Subject: [PATCH 01/16] Added Cred Guard topics

---
 windows/keep-secure/TOC.md                    |   1 +
 .../credential-guard-considerations.md        |  62 ++
 .../credential-guard-how-it-works.md          |  48 +
 .../keep-secure/credential-guard-manage.md    | 197 ++++
 ...redential-guard-not-protected-scenarios.md | 166 ++++
 .../credential-guard-requirements.md          | 128 +++
 .../keep-secure/credential-guard-scripts.md   | 488 +++++++++
 windows/keep-secure/credential-guard.md       | 933 +-----------------
 windows/keep-secure/images/mva_videos.png     | Bin 0 -> 139543 bytes
 ...-logon-dont-display-username-at-sign-in.md |  86 ++
 10 files changed, 1186 insertions(+), 923 deletions(-)
 create mode 100644 windows/keep-secure/credential-guard-considerations.md
 create mode 100644 windows/keep-secure/credential-guard-how-it-works.md
 create mode 100644 windows/keep-secure/credential-guard-manage.md
 create mode 100644 windows/keep-secure/credential-guard-not-protected-scenarios.md
 create mode 100644 windows/keep-secure/credential-guard-requirements.md
 create mode 100644 windows/keep-secure/credential-guard-scripts.md
 create mode 100644 windows/keep-secure/images/mva_videos.png
 create mode 100644 windows/keep-secure/interactive-logon-dont-display-username-at-sign-in.md

diff --git a/windows/keep-secure/TOC.md b/windows/keep-secure/TOC.md
index eeb1d26ced..b427d098bb 100644
--- a/windows/keep-secure/TOC.md
+++ b/windows/keep-secure/TOC.md
@@ -574,6 +574,7 @@
 ###### [Domain member: Require strong (Windows 2000 or later) session key](domain-member-require-strong-windows-2000-or-later-session-key.md)
 ###### [Interactive logon: Display user information when the session is locked](interactive-logon-display-user-information-when-the-session-is-locked.md)
 ###### [Interactive logon: Don't display last signed-in](interactive-logon-do-not-display-last-user-name.md)
+###### [Interactive logon: Don't display username at sign-in](interactive-logon-dont-display-username-at-sign-in.md)
 ###### [Interactive logon: Do not require CTRL+ALT+DEL](interactive-logon-do-not-require-ctrl-alt-del.md)
 ###### [Interactive logon: Machine account lockout threshold](interactive-logon-machine-account-lockout-threshold.md)
 ###### [Interactive logon: Machine inactivity limit](interactive-logon-machine-inactivity-limit.md)
diff --git a/windows/keep-secure/credential-guard-considerations.md b/windows/keep-secure/credential-guard-considerations.md
new file mode 100644
index 0000000000..bf97ca9299
--- /dev/null
+++ b/windows/keep-secure/credential-guard-considerations.md
@@ -0,0 +1,62 @@
+---
+title: Considerations when using Credential Guard (Windows 10)
+description: Considerations and recommendations for certain scenarios when using Credential Guard in Windows 10.
+ms.prod: w10
+ms.mktglfcycl: explore
+ms.sitesec: library
+ms.pagetype: security
+localizationpriority: high
+author: brianlic-msft
+---
+
+# Considerations when using Credential Guard
+
+**Applies to**
+-   Windows 10
+-   Windows Server 2016
+
+Prefer video? See the **Deep Dive into Credential Guard** video series in the **See also** section of this article.
+
+-   If Credential Guard is enabled on a device after it's joined to a domain, the user and device secrets may already be compromised. We recommend that Credential Guard is enabled before the PC is joined to a domain.
+-   You should perform regular reviews of the PCs that have Credential Guard enabled. This can be done with security audit policies or WMI queries. Here's a list of WinInit event IDs to look for:
+    -   **Event ID 13** Credential Guard (LsaIso.exe) was started and will protect LSA credentials.
+    -   **Event ID 14** Credential Guard (LsaIso.exe) configuration: 0x1, 0
+        -   The first variable: 0x1 means Credential Guard is configured to run. 0x0 means it’s not configured to run.
+        -   The second variable: 0 means it’s configured to run in protect mode. 1 means it's configured to run in test mode. This variable should always be 0.
+    -   **Event ID 15** Credential Guard (LsaIso.exe) is configured but the secure kernel is not running; continuing without Credential Guard.
+    -   **Event ID 16** Credential Guard (LsaIso.exe) failed to launch: \[error code\]
+    -   **Event ID 17** Error reading Credential Guard (LsaIso.exe) UEFI configuration: \[error code\]
+    You can also verify that TPM is being used for key protection by checking the following event in the **Microsoft** -&gt; **Windows** -&gt; **Kernel-Boot** event source. If you are running with a TPM, the TPM PCR mask value will be something other than 0.
+    -   **Event ID 51** VSM Master Encryption Key Provisioning. Using cached copy status: 0x0. Unsealing cached copy status: 0x1. New key generation status: 0x1. Sealing status: 0x1. TPM PCR mask: 0x0.
+-   Passwords are still weak so we recommend that your organization deploy Credential Guard and move away from passwords and to other authentication methods, such as physical smart cards, virtual smart cards, or Windows Hello for Business.
+-   Some 3rd party Security Support Providers (SSPs and APs) might not be compatible with Credential Guard. Credential Guard does not allow 3rd party SSPs to ask for password hashes from LSA. However, SSPs and APs still get notified of the password when a user logs on and/or changes their password. Any use of undocumented APIs within custom SSPs and APs are not supported. We recommend that custom implementations of SSPs/APs are tested against Credential Guard to ensure that the SSPs and APs do not depend on any undocumented or unsupported behaviors. For example, using the KerbQuerySupplementalCredentialsMessage API is not supported. You should not replace the NTLM or Kerberos SSPs with custom SSPs and APs. For more info, see [Restrictions around Registering and Installing a Security Package](http://msdn.microsoft.com/library/windows/desktop/dn865014.aspx) on MSDN.
+-   As the depth and breadth of protections provided by Credential Guard are increased, subsequent releases of Windows 10 with Credential Guard running may impact scenarios that were working in the past. For example, Credential Guard may block the use of a particular type of credential or a particular component to prevent malware from taking advantage of vulnerabilities. Therefore, we recommend that scenarios required for operations in an organization are tested before upgrading a device that has Credential Guard running.
+
+-   Starting with Windows 10, version 1511, domain credentials that are stored with Credential Manager are protected with Credential Guard. Credential Manager allows you to store credentials, such as user names and passwords that you use to log on to websites or other computers on a network. The following considerations apply to the Credential Guard protections for Credential Manager:
+    -   Credentials saved by Remote Desktop Services cannot be used to remotely connect to another machine without supplying the password. Attempts to use saved credentials will fail, displaying the error message "Logon attempt failed".
+    -   Applications that extract derived domain credentials from Credential Manager will no longer be able to use those credentials.
+    -   You cannot restore credentials using the Credential Manager control panel if the credentials were backed up from a PC that has Credential Guard turned on. If you need to back up your credentials, you must do this before you enable Credential Guard. Otherwise, you won't be able to restore those credentials.
+    - Credential Guard uses hardware security so some features, such as Windows To Go, are not supported. 
+      
+
+## NTLM and CHAP Considerations
+
+When you enable Credential Guard, you can no longer use NTLM v1 authentication. If you are using WiFi and VPN endpoints that are based on MS-CHAPv2, they are subject to similar attacks as NTLMv1. We recommend that organizations use certificated-based authentication for WiFi and VPN connections.
+
+## Kerberos Considerations
+
+When you enable Credential Guard, you can no longer use Kerberos unconstrained delegation or DES encryption. Unconstrained delegation could allow attackers to extract Kerberos keys from the isolated LSA process. You must use constrained or resource-based Kerberos delegation instead.
+
+## See also
+
+Microsoft has created a new **Deep Dive into Credential Guard** video series that explores the main features of Credential Guard and how it works.  
+
+### Credentials Protected by Credential Guard
+
+[![Credentials Protected by Credential Guard](images/mva_videos.png)](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=mD3geLJyC_8304300474)
+
+
+
+**Related videos in this series**
+
+[Virtualization-based security](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=1CoELLJyC_6704300474)
diff --git a/windows/keep-secure/credential-guard-how-it-works.md b/windows/keep-secure/credential-guard-how-it-works.md
new file mode 100644
index 0000000000..62b860bcb2
--- /dev/null
+++ b/windows/keep-secure/credential-guard-how-it-works.md
@@ -0,0 +1,48 @@
+---
+title: How Credential Guard works
+description: Using virtualization-based security, Credential Guard features a new component called the isolated LSA process, which stores and protects secrets, isolating them from the rest of the operating system, so that only privileged system software can access them. 
+ms.prod: w10
+ms.mktglfcycl: explore
+ms.sitesec: library
+ms.pagetype: security
+localizationpriority: high
+author: brianlic-msft
+---
+
+# How Credential Guard works
+
+**Applies to**  
+- Windows 10  
+- Windows Server 2016  
+
+
+Prefer video? See the **Deep Dive into Credential Guard** video series in the **See also** section of this article.
+
+Kerberos, NTLM, and Credential manager isolate secrets by using virtualization-based security. Previous versions of Windows stored secrets in the Local Security Authority (LSA). Prior to Windows 10, the LSA stored secrets used by the operating system in its process memory. With Credential Guard enabled, the LSA process in the operating system talks to a new component called the isolated LSA process that stores and protects those secrets. Data stored by the isolated LSA process is protected using virtualization-based security and is not accessible to the rest of the operating system. LSA uses remote procedure calls to communicate with the isolated LSA process.
+
+For security reasons, the isolated LSA process doesn't host any device drivers. Instead, it only hosts a small subset of operating system binaries that are needed for security and nothing else. All of these binaries are signed with a certificate that is trusted by virtualization-based security and these signatures are validated before launching the file in the protected environment.
+
+When Credential Guard is enabled, NTLMv1, MS-CHAPv2, Digest, and CredSSP cannot use the signed-in credentials. Thus, single sign-on does not work with these protocols. However, applications can prompt for credentials or use credentials stored in the Windows Vault which are not protected by Credential Guard with any of these protocols. It is strongly recommended that valuable credentials, such as the sign-in credentials, not be used with any of these protocols. If these protocols must be used by domain or Azure AD users, secondary credentials should be provisioned for these use cases.
+
+When Credential Guard is enabled, Kerberos does not allow unconstrained Kerberos delegation or DES encryption, not only for signed-in credentials, but also prompted or saved credentials.
+
+Here's a high-level overview on how the LSA is isolated by using virtualization-based security:
+
+![Credential Guard overview](images/credguard.png)  
+
+<br>
+
+## See also
+
+Microsoft has created a new **Deep Dive into Credential Guard** video series that explores the main features of Credential Guard and how it works.  
+
+### Credential Guard Overview: Credential Theft and Lateral Traversal
+
+[![Credential theft and lateral traversal](images/mva_videos.png)](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=cfGBPlIyC_9404300474)
+
+
+**Related videos in this series:**
+
+[Credentials protected by Credential Guard](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=pdc37LJyC_1204300474)
+
+[Virtualization-based security](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=1CoELLJyC_6704300474)
diff --git a/windows/keep-secure/credential-guard-manage.md b/windows/keep-secure/credential-guard-manage.md
new file mode 100644
index 0000000000..88acb2d41a
--- /dev/null
+++ b/windows/keep-secure/credential-guard-manage.md
@@ -0,0 +1,197 @@
+---
+title: Manage Credential Guard (Windows 10)
+description: Deploying and managing Credential Guard using Group Policy, the registry, or the Device Guard and Credential Guard hardware readiness tool.
+ms.prod: w10
+ms.mktglfcycl: explore
+ms.sitesec: library
+ms.pagetype: security
+localizationpriority: high
+author: brianlic-msft
+---
+
+# Manage Credential Guard
+
+**Applies to**
+-   Windows 10
+-   Windows Server 2016
+
+Prefer video? See the **Deep Dive into Credential Guard** video series in the **See also** section of this article.
+
+## Enable Credential Guard
+Credential Guard can be enabled by using [Group Policy](#turn-on-credential-guard-by-using-group-policy), the [registry](#turn-on-credential-guard-by-using-the-registry), or the Device Guard and Credential Guard [hardware readiness tool](#hardware-readiness-tool).
+
+### Enable Credential Guard by using Group Policy
+
+You can use Group Policy to enable Credential Guard. This will add and enable the virtualization-based security features for you if needed.
+
+1.  From the Group Policy Management Console, go to **Computer Configuration** -&gt; **Administrative Templates** -&gt; **System** -&gt; **Device Guard**.
+2.  Double-click **Turn On Virtualization Based Security**, and then click the **Enabled** option.
+3.  **Select Platform Security Level** box, choose **Secure Boot** or **Secure Boot and DMA Protection**.
+4.  In the **Credential Guard Configuration** box, click **Enabled with UEFI lock**, and then click **OK**. If you want to be able to turn off Credential Guard remotely, choose **Enabled without lock**.
+
+    ![Credential Guard Group Policy setting](images/credguard-gp.png)
+    
+5.  Close the Group Policy Management Console.
+
+To enforce processing of the group policy, you can run ```gpupdate /force```. 
+
+
+### Enable Credential Guard by using the registry
+
+If you don't use Group Policy, you can enable Credential Guard by using the registry. Credential Guard uses virtualization-based security features which have to be enabled first on some operating systems.
+
+### Add the virtualization-based security features
+
+Starting with Windows 10, version 1607 and Windows Server 2016, enabling Windows features to use virtualization-based security is not necessary and this step can be skipped.
+
+If you are using Windows 10, version 1507 (RTM) or Windows 10, version 1511, Windows features have to be enabled to use virtualization-based security. 
+You can do this by using either the Control Panel or the Deployment Image Servicing and Management tool (DISM).
+> [!NOTE]  
+If you enable Credential Guard by using Group Policy, the steps to enable Windows features through Control Panel or DISM are not required. Group Policy will install Windows features for you.
+
+ 
+**Add the virtualization-based security features by using Programs and Features**
+
+1.  Open the Programs and Features control panel.
+2.  Click **Turn Windows feature on or off**.
+3.  Go to **Hyper-V** -&gt; **Hyper-V Platform**, and then select the **Hyper-V Hypervisor** check box.
+4.  Select the **Isolated User Mode** check box at the top level of the feature selection. 
+5.  Click **OK**.
+
+**Add the virtualization-based security features to an offline image by using DISM**
+
+1.  Open an elevated command prompt.
+2.  Add the Hyper-V Hypervisor by running the following command:
+    ```
+    dism /image:<WIM file name> /Enable-Feature /FeatureName:Microsoft-Hyper-V-Hypervisor /all
+    ```
+3. Add the Isolated User Mode feature by running the following command:
+    ```
+    dism /image:<WIM file name> /Enable-Feature /FeatureName:IsolatedUserMode
+    ```
+
+> [!NOTE]  
+> You can also add these features to an online image by using either DISM or Configuration Manager.
+
+### Enable virtualization-based security and Credential Guard
+
+1.  Open Registry Editor.
+2.  Enable virtualization-based security:
+    -   Go to HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Control\\DeviceGuard.
+    -   Add a new DWORD value named **EnableVirtualizationBasedSecurity**. Set the value of this registry setting to 1 to enable virtualization-based security and set it to 0 to disable it.
+    -   Add a new DWORD value named **RequirePlatformSecurityFeatures**. Set the value of this registry setting to 1 to use **Secure Boot** only or set it to 3 to use **Secure Boot and DMA protection**.
+3.  Enable Credential Guard:
+    -   Go to HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Control\\LSA.
+    -   Add a new DWORD value named **LsaCfgFlags**. Set the value of this registry setting to 1 to enable Credential Guard with UEFI lock, set it to 2 to enable Credential Guard without lock, and set it to 0 to disable it.
+4.  Close Registry Editor.
+
+
+> [!NOTE]  
+> You can also enable Credential Guard by setting the registry entries in the [FirstLogonCommands](http://msdn.microsoft.com/library/windows/hardware/dn922797.aspx) unattend setting.
+
+<span id="hardware-readiness-tool" />
+### Enable Credential Guard by using the Device Guard and Credential Guard hardware readiness tool
+
+You can also enable Credential Guard by using the [Device Guard and Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337).
+
+```
+DG_Readiness_Tool_v3.0.ps1 -Enable -AutoReboot
+```
+
+### Credential Guard deployment in virtual machines
+
+Credential Guard can protect secrets in a Hyper-V virtual machine, just as it would on a physical machine. The enablement steps are the same from within the virtual machine.
+
+Credential Guard protects secrets from non-privileged access inside the VM. It does not provide additional protection from the host administrator. From the host, you can disable Credential Guard for a virtual machine:
+
+``` PowerShell
+Set-VMSecurity -VMName <VMName> -VirtualizationBasedSecurityOptOut $true
+```
+
+Requirements for running Credential Guard in Hyper-V virtual machines
+- The Hyper-V host must have an IOMMU, and run at least Windows Server 2016 or Windows 10 version 1607.
+- The Hyper-V virtual machine must be Generation 2, have an enabled virtual TPM, and running at least Windows Server 2016 or Windows 10. 
+
+
+### Check that Credential Guard is running
+
+You can use System Information to ensure that Credential Guard is running on a PC.
+
+1.  Click **Start**, type **msinfo32.exe**, and then click **System Information**.
+2.  Click **System Summary**.
+3.  Confirm that **Credential Guard** is shown next to **Device Guard Security Services Running**.
+
+    Here's an example:
+    
+    ![System Information](images/credguard-msinfo32.png)
+
+You can also check that Credential Guard is running by using the [Device Guard and Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337).
+
+```
+DG_Readiness_Tool_v3.0.ps1 -Ready
+```
+
+
+### Remove Credential Guard
+
+If you have to remove Credential Guard on a PC, you can use the following set of procedures, or you can [use the Device Guard and Credential Guard hardware readiness tool](#turn-off-with-hardware-readiness-tool).
+
+1.  If you used Group Policy, disable the Group Policy setting that you used to enable Credential Guard (**Computer Configuration** -&gt; **Administrative Templates** -&gt; **System** -&gt; **Device Guard** -&gt; **Turn on Virtualization Based Security**).
+2.  Delete the following registry settings:
+    - HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Control\\LSA\LsaCfgFlags
+    - HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DeviceGuard\\EnableVirtualizationBasedSecurity
+    - HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DeviceGuard\\RequirePlatformSecurityFeatures
+
+    > [!IMPORTANT]  
+    > If you manually remove these registry settings, make sure to delete them all. If you don't remove them all, the device might go into BitLocker recovery.
+
+3.  Delete the Credential Guard EFI variables by using bcdedit.
+
+**Delete the Credential Guard EFI variables**
+
+1.  From an elevated command prompt, type the following commands:
+    ``` syntax
+
+    mountvol X: /s
+    
+    copy %WINDIR%\System32\SecConfig.efi X:\EFI\Microsoft\Boot\SecConfig.efi /Y
+    
+    bcdedit /create {0cb3b571-2f2e-4343-a879-d86a476d7215} /d "DebugTool" /application osloader
+    
+    bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} path "\EFI\Microsoft\Boot\SecConfig.efi"
+    
+    bcdedit /set {bootmgr} bootsequence {0cb3b571-2f2e-4343-a879-d86a476d7215}
+    
+    bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} loadoptions DISABLE-LSA-ISO
+    
+    bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} device partition=X:
+    
+    mountvol X: /d
+    
+    ```
+2.  Restart the PC.
+3.  Accept the prompt to disable Credential Guard.
+4.  Alternatively, you can disable the virtualization-based security features to turn off Credential Guard.
+
+> [!NOTE]  
+> The PC must have one-time access to a domain controller to decrypt content, such as files that were encrypted with EFS. If you want to turn off both Credential Guard and virtualization-based security, run the following bcdedit command after turning off all virtualization-based security Group Policy and registry settings: bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} loadoptions DISABLE-LSA-ISO,DISABLE-VBS
+
+For more info on virtualization-based security and Device Guard, see [Device Guard deployment guide](device-guard-deployment-guide.md).
+
+<span id="turn-off-with-hardware-readiness-tool" />
+#### Turn off Credential Guard by using the Device Guard and Credential Guard hardware readiness tool
+
+You can also disable Credential Guard by using the [Device Guard and Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337).
+
+```
+DG_Readiness_Tool_v3.0.ps1 -Disable -AutoReboot
+```
+ 
+## See also
+
+Microsoft has created a new **Deep Dive into Credential Guard** video series that explores the main features of Credential Guard and how it works.  
+<br>
+
+### Deploying Credential Guard
+
+[![Deploying Credential Guard](images/mva_videos.png)](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=sRcyvLJyC_3304300474)
\ No newline at end of file
diff --git a/windows/keep-secure/credential-guard-not-protected-scenarios.md b/windows/keep-secure/credential-guard-not-protected-scenarios.md
new file mode 100644
index 0000000000..f656c9038e
--- /dev/null
+++ b/windows/keep-secure/credential-guard-not-protected-scenarios.md
@@ -0,0 +1,166 @@
+---
+title: Scenarios not protected by Credential Guard (Windows 10)
+description: Scenarios not protected by Credential Guard in Windows 10.
+ms.prod: w10
+ms.mktglfcycl: explore
+ms.sitesec: library
+ms.pagetype: security
+localizationpriority: high
+author: brianlic-msft
+---
+
+# Scenarios not protected by Credential Guard
+
+**Applies to**
+-   Windows 10
+-   Windows Server 2016
+
+Prefer video? See the **Deep Dive into Credential Guard** video series in the **See also** section of this article.
+
+Some ways to store credentials are not protected by Credential Guard, including:
+
+-   Software that manages credentials outside of Windows feature protection
+-   Local accounts and Microsoft Accounts
+-   Credential Guard does not protect the Active Directory database running on Windows Server 2016 domain controllers. It also does not protect credential input pipelines, such as Windows Server 2016 servers running Remote Desktop Gateway. If you're using a Windows Server 2016 server as a client PC, it will get the same protection as it would when running Windows 10 Enterprise.
+-   Key loggers
+-   Physical attacks
+-   Does not prevent an attacker with malware on the PC from using the privileges associated with any credential. We recommend using dedicated PCs for high value accounts, such as IT Pros and users with access to high value assets in your organization.
+-   Third-party security packages
+-   Digest and CredSSP credentials
+    -   When Credential Guard is enabled, neither Digest nor CredSSP have access to users' logon credentials. This implies no Single Sign-On use for these protocols.
+-   Supplied credentials for NTLM authentication are not protected. If a user is prompted for and enters credentials for NTLM authentication, these credentials are vulnerable to be read from LSASS memory. Note that these same credentials are vulnerable to key loggers as well.
+
+For further information, see video: [Credentials Protected by Credential Guard](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=pdc37LJyC_1204300474)
+
+## Additional mitigations
+
+Credential Guard can provide mitigations against attacks on derived credentials and prevent the use of stolen credentials elsewhere. However, PCs can still be vulnerable to certain attacks, even if the derived credentials are protected by Credential Guard. These attacks can include abusing privileges and use of derived credentials directly from a compromised device, reusing previously stolen credentials prior to Device Guard, and abuse of management tools and weak application configurations. Because of this, additional mitigations also must be deployed to make the domain environment more robust.
+
+### Restricting domain users to specific domain-joined devices
+
+Credential theft attacks allow the attacker to steal secrets from one device and use them from another device. If a user can sign on to multiple devices then any device could be used to steal credentials. How do you ensure that users only sign on using devices that have Credential Guard enabled? By deploying authentication policies that restrict them to specific domain-joined devices that have been configured with Credential Guard. For the domain controller to know what device a user is signing on from, Kerberos armoring must be used.
+
+#### Kerberos armoring
+
+Kerberos armoring is part of RFC 6113. When a device supports Kerberos armoring, its TGT is used to protect the user's proof of possession which can mitigate offline dictionary attacks. Kerberos armoring also provides the additional benefit of signed KDC errors this mitigates tampering which can result in things such as downgrade attacks. 
+
+**To enable Kerberos armoring for restricting domain users to specific domain-joined devices**
+
+-   Users need to be in domains that are running Windows Server 2012 R2 or higher
+-   All the domain controllers in these domains must be configured to support Kerberos armoring. Set the **KDC support for claims, compound authentication, and Kerberos armoring** Group Policy setting to either **Supported** or **Always provide claims**.
+-   All the devices with Credential Guard that the users will be restricted to must be configured to support Kerberos armoring. Enable the **Kerberos client support for claims, compound authentication and Kerberos armoring** Group Policy settings under **Computer Configuration** -&gt; **Administrative Templates** -&gt; **System** -&gt; **Kerberos**.
+
+#### Protecting domain-joined device secrets
+
+Since domain-joined devices also use shared secrets for authentication, attackers can steal those secrets as well. By deploying device certificates with Credential Guard, the private key can be protected. Then authentication policies can require that users sign on devices that authenticate using those certificates. This prevents shared secrets stolen from the device to be used with stolen user credentials to sign on as the user.
+
+Domain-joined device certificate authentication has the following requirements:
+-   Devices' accounts are in Windows Server 2012 domain functional level or higher.
+-   All domain controllers in those domains have KDC certificates which satisfy strict KDC validation certificate requirements:
+    -   KDC EKU present
+    -   DNS domain name matches the DNSName field of the SubjectAltName (SAN) extension
+-   Windows 10 devices have the CA issuing the domain controller certificates in the enterprise store.
+-   A process is established to ensure the identity and trustworthiness of the device in a similar manner as you would establish the identity and trustworthiness of a user before issuing them a smartcard.
+
+#### Deploying domain-joined device certificates
+
+To guarantee that certificates with the required issuance policy are only installed on the devices these users must use, they must be deployed manually on each device. The same security procedures used for issuing smart cards to users should be applied to device certificates.
+
+For example, let's say you wanted to use the High Assurance policy only on these devices. Using a Windows Server Enterprise certificate authority, you would create a new template.
+
+**Creating a new certificate template**
+
+1.  From the Certificate Manager console, right-click **Certificate Templates**, and then click **Manage.**
+2.  Right-click **Workstation Authentication**, and then click **Duplicate Template**.
+3.  Right-click the new template, and then click **Properties**.
+4.  On the **Extensions** tab, click **Application Policies**, and then click **Edit**.
+5.  Click **Client Authentication**, and then click **Remove**.
+6.  Add the ID-PKInit-KPClientAuth EKU. Click **Add**, click **New**, and then specify the following values:
+    -   Name: Kerberos Client Auth
+    -   Object Identifier: 1.3.6.1.5.2.3.4
+7.  On the **Extensions** tab, click **Issuance Policies**, and then click **Edit**.
+8.  Under **Issuance Policies**, click**High Assurance**.
+9.  On the **Subject name** tab, clear the **DNS name** check box, and then select the **User Principal Name (UPN)** check box.
+
+Then on the devices that are running Credential Guard, enroll the devices using the certificate you just created.
+
+**Enrolling devices in a certificate**
+
+Run the following command:
+``` syntax
+CertReq -EnrollCredGuardCert MachineAuthentication
+```
+
+> [!NOTE]  
+> You must restart the device after enrolling the machine authentication certificate.
+ 
+#### How a certificate issuance policy can be used for access control
+
+Beginning with the Windows Server 2008 R2 domain functional level, domain controllers support for authentication mechanism assurance provides a way to map certificate issuance policy OIDs to universal security groups. Windows Server 2012 domain controllers with claim support can map them to claims. To learn more about authentication mechanism assurance, see [Authentication Mechanism Assurance for AD DS in Windows Server 2008 R2 Step-by-Step Guide](https://technet.microsoft.com/en-us/library/dd378897(v=ws.10).aspx) on TechNet.
+
+**To see the issuance policies available**
+
+-   The [get-IssuancePolicy.ps1](#bkmk-getscript) shows all of the issuance policies that are available on the certificate authority.
+    From a Windows PowerShell command prompt, run the following command:
+
+    ``` syntax
+    .\get-IssuancePolicy.ps1 –LinkedToGroup:All
+    ```
+
+**To link an issuance policy to a universal security group**
+
+-   The [set-IssuancePolicyToGroupLink.ps1](#bkmk-setscript) creates a Universal security group, creates an organizational unit, and links the issuance policy to that Universal security group.
+    From a Windows PowerShell command prompt, run the following command:
+
+    ``` syntax
+    .\set-IssuancePolicyToGroupLink.ps1 –IssuancePolicyName:"<name of issuance policy>" –groupOU:"<Name of OU to create>" –groupName:”<name of Universal security group to create>"
+    ```
+
+#### Restricting user sign on
+
+So we now have completed the following:
+
+-   Created a special certificate issuance policy to identify devices that meet the deployment criteria required for the user to be able to sign on
+-   Mapped that policy to a universal security group or claim
+-   Provided a way for domain controllers to get the device authorization data during user sign on using Kerberos armoring. Now what is left to do is to configure the access check on the domain controllers. This is done using authentication policies.
+
+Authentication policies have the following requirements:
+-   User accounts are in a Windows Server 2012 domain functional level or higher domain.
+
+**Creating an authentication policy restricting users to the specific universal security group**
+
+1.  Open Active Directory Administrative Center.
+2.  Click **Authentication**, click **New**, and then click **Authentication Policy**.
+3.  In the **Display name** box, enter a name for this authentication policy.
+4.  Under the **Accounts** heading, click **Add**.
+5.  In the **Select Users, Computers, or Service Accounts** dialog box, type the name of the user account you wish to restrict, and then click **OK**.
+6.  Under the **User Sign On** heading, click the **Edit** button.
+7. Click **Add a condition**.
+8. In the **Edit Access Control Conditions** box, ensure that it reads **User** &gt; **Group** &gt; **Member of each** &gt; **Value**, and then click **Add items**.
+9. In the **Select Users, Computers, or Service Accounts** dialog box, type the name of the universal security group that you created with the set-IssuancePolicyToGroupLink script, and then click **OK**.
+10. Click **OK** to close the **Edit Access Control Conditions** box.
+11. Click **OK** to create the authentication policy.
+12. Close Active Directory Administrative Center.
+
+> [!NOTE]  
+> When the authentication policy enforces policy restrictions, users will not be able to sign on using devices that do not have a certificate with the appropriate issuance policy deployed. This applies to both local and remote sign on scenarios. Therefore, it is strongly recommended to first only audit policy restrictions to ensure you don't have unexpected failures.
+
+#### Discovering authentication failures due to authentication policies
+
+To make tracking authentication failures due to authentication policies easier, an operational log exists with just those events. To enable the logs on the domain controllers, in Event Viewer, navigate to **Applications and Services Logs\\Microsoft\\Windows\\Authentication, right-click AuthenticationPolicyFailures-DomainController**, and then click **Enable Log**.
+
+To learn more about authentication policy events, see [Authentication Policies and Authentication Policy Silos](https://technet.microsoft.com/en-us/library/dn486813(v=ws.11).aspx).
+
+## See also
+
+Microsoft has created a new **Deep Dive into Credential Guard** video series that explores the main features of Credential Guard and how it works.  
+
+### Credentials protected by Credential Guard
+
+[![Credentials protected by Credential Guard](images/mva_videos.png)](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=pdc37LJyC_1204300474)
+
+
+
+**Related videos in this series:**
+
+[Protecting privileged users with Credential Guard](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=JNbjYMJyC_8104300474)
diff --git a/windows/keep-secure/credential-guard-requirements.md b/windows/keep-secure/credential-guard-requirements.md
new file mode 100644
index 0000000000..ee45ea20a9
--- /dev/null
+++ b/windows/keep-secure/credential-guard-requirements.md
@@ -0,0 +1,128 @@
+---
+title: Credential Guard Requirements (Windows 10)
+description: Credential Guard baseline hardware, firmware, and software requirements, and additional protections for improved security associated with available hardware and firmware options. 
+ms.prod: w10
+ms.mktglfcycl: explore
+ms.sitesec: library
+ms.pagetype: security
+localizationpriority: high
+author: brianlic-msft
+---
+
+# Requirements
+
+**Applies to**
+-   Windows 10
+-   Windows Server 2016
+
+Prefer video? See the **Deep Dive into Credential Guard** video series in the **See also** section of this article.
+
+For Credential Guard to provide protections, the computers you are protecting must meet certain baseline hardware, firmware, and software requirements which we will refer to as [Hardware and software requirements](#hardware-and-software-requirements). Additionally, Credential Guard blocks specific authentication capabilities, so applications that require such capabilities will break. We will refer to this as [Application requirements](#application-requirements). Beyond that, computers can meet additional hardware and firmware qualifications, and receive additional protections. Those computers will be more hardened against certain threats. For detailed information on baseline protections, plus protections for improved security that are associated with hardware and firmware options available in 2015, 2016, and 2017, refer to the tables in [Security Considerations](#security-considerations).
+
+
+
+## Hardware and software requirements
+
+To provide basic protection against OS level attempts to read Credential Manager domain credentials, NTLM and Kerberos derived credentials, Credential Manager uses:
+- Support for Virtualization-based security (required)
+- Secure boot (required)
+- TPM 2.0 either discrete or firmware (preferred - provides binding to hardware)
+- UEFI lock (preferred - prevents attacker from disabling with a simple registry key change)
+
+The Virtualization-based security requires:
+- 64-bit CPU
+- CPU virtualization extensions plus extended page tables
+- Windows hypervisor
+
+## Application requirements
+
+When Credential Guard is enabled, specific authentication capabilities are blocked, so applications that require such capabilities will break. Applications should be tested prior to deployment to ensure compatiblity with the reduced functionality. 
+
+>[!WARNING] 
+> Enabling Credential Guard on domain controllers is not supported. <br>
+> The domain controller hosts authentication services which integrate with processes isolated when Credential Guard is enabled, causing crashes. 
+
+>[!NOTE]
+> Credential Guard does not provide protections for the Active Directory database or the Security Accounts Manager (SAM). The credentials protected by Kerberos and NTLM when Credential Guard is enabled are also in the Active Directory database (on domain controllers) and the SAM (for local accounts). 
+
+Applications will break if they require:
+- Kerberos DES encryption support
+- Kerberos unconstrained delegation
+- Extracting the Kerberos TGT
+- NTLMv1
+
+Applications will prompt and expose credentials to risk if they require:
+- Digest authentication
+- Credential delegation
+- MS-CHAPv2
+
+Applications may cause performance issues when they attempt to hook the isolated Credential Guard process. 
+
+See this video: [Credentials Protected by Credential Guard](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=pdc37LJyC_1204300474)
+
+
+## Security considerations
+
+All computers that meet baseline protections for hardware, firmware, and software can use Credential Guard. 
+Computers that meet additional qualifications can provide additional protections to further reduce the attack surface.  
+The following tables describe baseline protections, plus protections for improved security that are associated with hardware and firmware options available in 2015, 2016, and 2017.
+
+> [!NOTE]  
+> Beginning with Windows 10, version 1607, Trusted Platform Module (TPM 2.0) must be enabled by default on new shipping computers. <br>
+> If you are an OEM, see [PC OEM requirements for Device Guard and Credential Guard](https://msdn.microsoft.com/library/windows/hardware/mt767514.aspx).<br>
+
+### Baseline protections
+
+|Baseline Protections                   | Description                                        |
+|---------------------------------------------|----------------------------------------------------|
+| Hardware: **64-bit CPU**              | A 64-bit computer is required for the Windows hypervisor to provide VBS. |
+| Hardware: **CPU virtualization extensions**,<br>plus **extended page tables** | **Requirements**: These hardware features are required for VBS:<br>One of the following virtualization extensions:<br>• VT-x (Intel) or<br>• AMD-V<br>And:<br>• Extended page tables, also called Second Level Address Translation (SLAT).<br><br>**Security benefits**: VBS provides isolation of secure kernel from normal operating system. Vulnerabilities and Day 0s in normal operating system cannot be exploited because of this isolation. |
+| Hardware: **Trusted Platform Module (TPM)**  |  **Requirement**: TPM 1.2 or TPM 2.0, either discrete or firmware.<br>[TPM recommendations](https://technet.microsoft.com/itpro/windows/keep-secure/tpm-recommendations)<br><br>**Security benefits**: A TPM provides protection for VBS encryption keys that are stored in the firmware. This helps protect against attacks involving a physically present user with BIOS access. |
+| Firmware: **UEFI firmware version 2.3.1.c or higher with UEFI Secure Boot** | **Requirements**: See the following Windows Hardware Compatibility Program requirement: [System.Fundamentals.Firmware.UEFISecureBoot](http://msdn.microsoft.com/library/windows/hardware/dn932805.aspx#system-fundamentals-firmware-uefisecureboot)<br><br>**Security benefits**: UEFI Secure Boot helps ensure that the device boots only authorized code. This can prevent boot kits and root kits from installing and persisting across reboots.  |
+| Firmware: **Secure firmware update process**      | **Requirements**: UEFI firmware must support secure firmware update found under the following Windows Hardware Compatibility Program requirement: [System.Fundamentals.Firmware.UEFISecureBoot](http://msdn.microsoft.com/library/windows/hardware/dn932805.aspx#system-fundamentals-firmware-uefisecureboot).<br><br>**Security benefits**: UEFI firmware just like software can have security vulnerabilities that, when found, need to be patched through firmware updates. Patching helps prevent root kits from getting installed. |
+| Software: Qualified **Windows operating system**  | **Requirement**: Windows 10 Enterprise, Windows 10 Education, Windows Server 2016, or Windows 10 IoT Enterprise<br><blockquote><p><strong>Important:</strong><br> Windows Server 2016 running as a domain controller does not support Credential Guard. Only Device Guard is supported in this configuration.</p></blockquote><br>**Security benefits**: Support for VBS and for management features that simplify configuration of Credential Guard. |
+
+> [!IMPORTANT]
+> The following tables list additional qualifications for improved security. We strongly recommend meeting the additional qualifications to significantly strengthen the level of security that Credential Guard can provide.
+
+### 2015 Additional security qualifications starting with Windows 10, version 1507, and Windows Server 2016 Technical Preview 4
+
+| Protections for Improved Security          | Description                                        |
+|---------------------------------------------|----------------------------------------------------|
+| Hardware: **IOMMU** (input/output memory management unit)  |  **Requirement**: VT-D or AMD Vi IOMMU<br><br>**Security benefits**: An IOMMU can enhance system resiliency against memory attacks. For more information, see [ACPI description tables](https://msdn.microsoft.com/windows/hardware/drivers/bringup/acpi-system-description-tables). |
+| Firmware: **Securing Boot Configuration and Management** | **Requirements**:<br>• BIOS password or stronger authentication must be supported.<br>• In the BIOS configuration, BIOS authentication must be set.<br>• There must be support for protected BIOS option to configure list of permitted boot devices (for example, “Boot only from internal hard drive”) and boot device order, overriding BOOTORDER modification made by operating system.<br>• In the BIOS configuration, BIOS options related to security and boot options (list of permitted boot devices, boot order) must be secured to prevent other operating systems from starting and to prevent changes to the BIOS settings.<br><br>**Security benefits**:<br>• BIOS password or stronger authentication helps ensure that only authenticated Platform BIOS administrators can change BIOS settings. This helps protect against a physically present user with BIOS access.<br>• Boot order when locked provides protection against the computer being booted into WinRE or another operating system on bootable media. |
+| Firmware: **Secure MOR, revision 2 implementation**  |  **Requirement**: Secure MOR, revision 2 implementation<br><br>**Security benefits**: A secure MOR bit prevents advanced memory attacks. For more information, see [Secure MOR implementation](https://msdn.microsoft.com/windows/hardware/drivers/bringup/device-guard-requirements). |
+
+<br>
+
+### 2016 Additional security qualifications starting with Windows 10, version 1607, and Windows Server 2016
+
+> [!IMPORTANT]
+> The following tables list additional qualifications for improved security. Systems that meet these additional qualifications can provide more protections.
+
+| Protections for Improved Security         | Description                                        |
+|---------------------------------------------|----------------------------------------------------|
+| Firmware: **Hardware Rooted Trust Platform Secure Boot** | **Requirements**:<br>Boot Integrity (Platform Secure Boot) must be supported. See the Windows Hardware Compatibility Program requirements under [System.Fundamentals.Firmware.CS.UEFISecureBoot.ConnectedStandby](https://msdn.microsoft.com/library/windows/hardware/dn932807(v=vs.85).aspx#system_fundamentals_firmware_cs_uefisecureboot_connectedstandby)<br>• The Hardware Security Test Interface (HSTI) must be implemented. See [Hardware Security Testability Specification](https://msdn.microsoft.com/en-us/library/windows/hardware/mt712332(v=vs.85).aspx).<br><br>**Security benefits**:<br>• Boot Integrity (Platform Secure Boot) from Power-On provides protections against physically present attackers, and defense-in-depth against malware.<br>• HSTI provides additional security assurance for correctly secured silicon and platform. |
+| Firmware: **Firmware Update through Windows Update** | **Requirements**: Firmware must support field updates through Windows Update and UEFI encapsulation update.<br><br>**Security benefits**: Helps ensure that firmware updates are fast, secure, and reliable. |
+| Firmware: **Securing Boot Configuration and Management** | **Requirements**:<br>• Required BIOS capabilities: Ability of OEM to add ISV, OEM, or Enterprise Certificate in Secure Boot DB at manufacturing time.<br>• Required configurations: Microsoft UEFI CA must be removed from Secure Boot DB. Support for 3rd-party UEFI modules is permitted but should leverage ISV-provided certificates or OEM certificate for the specific UEFI software.<br><br>**Security benefits**:<br>• Enterprises can choose to allow proprietary EFI drivers/applications to run.<br>• Removing Microsoft UEFI CA from Secure Boot DB provides full control to enterprises over software that runs before the operating system boots. |
+
+<br>
+
+### 2017 Additional security qualifications starting with Windows 10, version 1703 
+
+The following table lists qualifications for Windows 10, version 1703, which are in addition to all preceding qualifications. 
+
+| Protection for Improved Security          | Description                                        |
+|---------------------------------------------|----------------------------------------------------|
+| Firmware: **VBS enablement of NX protection for UEFI runtime services** | **Requirements**:<br>• VBS will enable No-Execute (NX) protection on UEFI runtime service code and data memory regions. UEFI runtime service code must support read-only page protections, and UEFI runtime service data must not be executable.<br>• UEFI runtime service must meet these requirements: <br>&nbsp;&nbsp;&nbsp;&nbsp;- Implement UEFI 2.6 EFI_MEMORY_ATTRIBUTES_TABLE. All UEFI runtime service memory (code and data) must be described by this table. <br>&nbsp;&nbsp;&nbsp;&nbsp;- PE sections need to be page-aligned in memory (not required for in non-volatile storage).<br>&nbsp;&nbsp;&nbsp;&nbsp;- The Memory Attributes Table needs to correctly mark code and data as RO/NX for configuration by the OS:<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;- All entries must include attributes EFI_MEMORY_RO, EFI_MEMORY_XP, or both <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;- No entries may be left with neither of the above attributes, indicating memory that is both executable and writable. Memory must be either readable and executable or writeable and non-executable. <br><blockquote><p><strong>Notes:</strong><br>• This only applies to UEFI runtime service memory, and not UEFI boot service memory. <br>• This protection is applied by VBS on OS page tables.</p></blockquote><br> Please also note the following: <br>• Do not use sections that are both writeable and executable<br>• Do not attempt to directly modify executable system memory<br>• Do not use dynamic code<br><br>**Security benefits**:<br>• Vulnerabilities in UEFI runtime, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.     |
+| Firmware: **Firmware support for SMM protection** | **Requirements**: The [Windows SMM Security Mitigations Table (WSMT) specification](http://download.microsoft.com/download/1/8/A/18A21244-EB67-4538-BAA2-1A54E0E490B6/WSMT.docx) contains details of an Advanced Configuration and Power Interface (ACPI) table that was created for use with Windows operating systems that support Windows virtualization-based security (VBS) features.<br><br>**Security benefits**:<br>• Protects against potential vulnerabilities in UEFI runtime services, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.<br>• Blocks additional security attacks against SMM. |
+
+<br>
+
+## See also
+
+Microsoft has created a new **Deep Dive into Credential Guard** video series that explores the main features of Credential Guard and how it works.  
+
+ ### Credential Guard Deployment Requirements
+
+[![Credential Guard Deployment Requirements](images/mva_videos.png)](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=sRcyvLJyC_3304300474)
\ No newline at end of file
diff --git a/windows/keep-secure/credential-guard-scripts.md b/windows/keep-secure/credential-guard-scripts.md
new file mode 100644
index 0000000000..1eca33e2e6
--- /dev/null
+++ b/windows/keep-secure/credential-guard-scripts.md
@@ -0,0 +1,488 @@
+---
+title: Scripts for Certificate Issuance Policies in Credential Guard (Windows 10)
+description: Scripts listed in this topic for obtaining the available issuance policies on the certificate authority for Credential Guard on Windows 10.
+ms.prod: w10
+ms.mktglfcycl: explore
+ms.sitesec: library
+ms.pagetype: security
+localizationpriority: high
+author: brianlic-msft
+---
+
+# Credential Guard: Scripts for Certificate Authority Issuance Policies
+
+
+Here is a list of scripts mentioned in this topic.
+
+## <a href="" id="bkmk-getscript"></a>Get the available issuance policies on the certificate authority
+
+Save this script file as get-IssuancePolicy.ps1.
+
+``` syntax
+#######################################
+##     Parameters to be defined      ##
+##     by the user                   ##
+#######################################
+Param (
+$Identity,
+$LinkedToGroup
+)
+#######################################
+##     Strings definitions           ##
+#######################################
+Data getIP_strings {
+# culture="en-US"
+ConvertFrom-StringData -stringdata @'
+help1 = This command can be used to retrieve all available Issuance Policies in a forest. The forest of the currently logged on user is targeted.
+help2 = Usage:
+help3 = The following parameter is mandatory:
+help4 = -LinkedToGroup:<yes|no|all>
+help5 = "yes" will return only Issuance Policies that are linked to groups. Checks that the linked Issuance Policies are linked to valid groups.
+help6 = "no" will return only Issuance Policies that are not currently linked to any group.
+help7 = "all" will return all Issuance Policies defined in the forest. Checks that the linked Issuance policies are linked to valid groups.
+help8 = The following parameter is optional:
+help9 = -Identity:<Name, Distinguished Name or Display Name of the Issuance Policy that you want to retrieve>. If you specify an identity, the option specified in the "-LinkedToGroup" parameter is ignored.
+help10 = Output: This script returns the Issuance Policy objects meeting the criteria defined by the above parameters.
+help11 = Examples:
+errorIPNotFound = Error: no Issuance Policy could be found with Identity "{0}"
+ErrorNotSecurity = Error: Issuance Policy "{0}" is linked to group "{1}" which is not of type "Security".
+ErrorNotUniversal = Error: Issuance Policy "{0}" is linked to group "{1}" whose scope is not "Universal".
+ErrorHasMembers = Error: Issuance Policy "{0}" is linked to group "{1}" which has a non-empty membership. The group has the following members:
+LinkedIPs = The following Issuance Policies are linked to groups:
+displayName = displayName : {0}
+Name = Name : {0}
+dn = distinguishedName : {0}
+        InfoName = Linked Group Name: {0}
+        InfoDN = Linked Group DN: {0}   
+NonLinkedIPs = The following Issuance Policies are NOT linked to groups:
+'@
+}
+##Import-LocalizedData getIP_strings
+import-module ActiveDirectory
+#######################################
+##           Help                    ##
+#######################################
+function Display-Help {
+    ""
+    $getIP_strings.help1
+    ""
+$getIP_strings.help2
+""
+$getIP_strings.help3
+"     " + $getIP_strings.help4
+"             " + $getIP_strings.help5
+    "             " + $getIP_strings.help6
+    "             " + $getIP_strings.help7
+""
+$getIP_strings.help8
+    "     " + $getIP_strings.help9
+    ""
+    $getIP_strings.help10
+""
+""    
+$getIP_strings.help11
+    "     " + '$' + "myIPs = .\get-IssuancePolicy.ps1 -LinkedToGroup:All"
+    "     " + '$' + "myLinkedIPs = .\get-IssuancePolicy.ps1 -LinkedToGroup:yes"
+    "     " + '$' + "myIP = .\get-IssuancePolicy.ps1 -Identity:""Medium Assurance"""
+""
+}
+$root = get-adrootdse
+$domain = get-addomain -current loggedonuser
+$configNCDN = [String]$root.configurationNamingContext
+if ( !($Identity) -and !($LinkedToGroup) ) {
+display-Help
+break
+}
+if ($Identity) {
+    $OIDs = get-adobject -Filter {(objectclass -eq "msPKI-Enterprise-Oid") -and ((name -eq $Identity) -or (displayname -eq $Identity) -or (distinguishedName -like $Identity)) } -searchBase $configNCDN -properties *
+    if ($OIDs -eq $null) {
+$errormsg = $getIP_strings.ErrorIPNotFound -f $Identity
+write-host $errormsg -ForegroundColor Red
+    }
+    foreach ($OID in $OIDs) {
+        if ($OID."msDS-OIDToGroupLink") {
+# In case the Issuance Policy is linked to a group, it is good to check whether there is any problem with the mapping.
+            $groupDN = $OID."msDS-OIDToGroupLink"
+            $group = get-adgroup -Identity $groupDN
+    $groupName = $group.Name
+# Analyze the group
+            if ($group.groupCategory -ne "Security") {
+$errormsg = $getIP_strings.ErrorNotSecurity -f $Identity, $groupName
+                write-host $errormsg -ForegroundColor Red
+            }
+            if ($group.groupScope -ne "Universal") {
+                $errormsg = $getIP_strings.ErrorNotUniversal -f $Identity, $groupName
+write-host $errormsg -ForegroundColor Red
+            }
+            $members = Get-ADGroupMember -Identity $group
+            if ($members) {
+                $errormsg = $getIP_strings.ErrorHasMembers -f $Identity, $groupName
+write-host $errormsg -ForegroundColor Red
+                foreach ($member in $members) {
+                    write-host "          "  $member -ForeGroundColor Red
+                }
+            }
+        }
+    }
+    return $OIDs
+    break
+}
+if (($LinkedToGroup -eq "yes") -or ($LinkedToGroup -eq "all")) {
+    $LDAPFilter = "(&(objectClass=msPKI-Enterprise-Oid)(msDS-OIDToGroupLink=*)(flags=2))"
+    $LinkedOIDs = get-adobject -searchBase $configNCDN -LDAPFilter $LDAPFilter -properties *
+    write-host ""    
+    write-host "*****************************************************"
+    write-host $getIP_strings.LinkedIPs
+    write-host "*****************************************************"
+    write-host ""
+    if ($LinkedOIDs -ne $null){
+      foreach ($OID in $LinkedOIDs) {
+# Display basic information about the Issuance Policies
+          ""
+  $getIP_strings.displayName -f $OID.displayName
+  $getIP_strings.Name -f $OID.Name
+  $getIP_strings.dn -f $OID.distinguishedName
+# Get the linked group.
+          $groupDN = $OID."msDS-OIDToGroupLink"
+          $group = get-adgroup -Identity $groupDN
+          $getIP_strings.InfoName -f $group.Name
+          $getIP_strings.InfoDN -f $groupDN
+# Analyze the group
+          $OIDName = $OID.displayName
+    $groupName = $group.Name
+          if ($group.groupCategory -ne "Security") {
+          $errormsg = $getIP_strings.ErrorNotSecurity -f $OIDName, $groupName
+          write-host $errormsg -ForegroundColor Red
+          }
+          if ($group.groupScope -ne "Universal") {
+          $errormsg = $getIP_strings.ErrorNotUniversal -f $OIDName, $groupName
+          write-host $errormsg -ForegroundColor Red
+          }
+          $members = Get-ADGroupMember -Identity $group
+          if ($members) {
+          $errormsg = $getIP_strings.ErrorHasMembers -f $OIDName, $groupName
+          write-host $errormsg -ForegroundColor Red
+              foreach ($member in $members) {
+                  write-host "          "  $member -ForeGroundColor Red
+              }
+          }
+          write-host ""
+      }
+    }else{
+write-host "There are no issuance policies that are mapped to a group"
+    }
+    if ($LinkedToGroup -eq "yes") {
+        return $LinkedOIDs
+        break
+    }
+}    
+if (($LinkedToGroup -eq "no") -or ($LinkedToGroup -eq "all")) {  
+    $LDAPFilter = "(&(objectClass=msPKI-Enterprise-Oid)(!(msDS-OIDToGroupLink=*))(flags=2))"
+    $NonLinkedOIDs = get-adobject -searchBase $configNCDN -LDAPFilter $LDAPFilter -properties *
+    write-host ""    
+    write-host "*********************************************************"
+    write-host $getIP_strings.NonLinkedIPs
+    write-host "*********************************************************"
+    write-host ""
+    if ($NonLinkedOIDs -ne $null) {
+      foreach ($OID in $NonLinkedOIDs) {
+# Display basic information about the Issuance Policies
+write-host ""
+$getIP_strings.displayName -f $OID.displayName
+$getIP_strings.Name -f $OID.Name
+$getIP_strings.dn -f $OID.distinguishedName
+write-host ""
+      }
+    }else{
+write-host "There are no issuance policies which are not mapped to groups"
+    }
+    if ($LinkedToGroup -eq "no") {
+        return $NonLinkedOIDs
+        break
+    }
+}
+```
+> [!NOTE]  
+> If you're having trouble running this script, try replacing the single quote after the ConvertFrom-StringData parameter.
+ 
+### <a href="" id="bkmk-setscript"></a>Link an issuance policy to a group
+
+Save the script file as set-IssuancePolicyToGroupLink.ps1.
+
+``` syntax
+#######################################
+##     Parameters to be defined      ##
+##     by the user                   ##
+#######################################
+Param (
+$IssuancePolicyName,
+$groupOU,
+$groupName
+)
+#######################################
+##     Strings definitions           ##
+#######################################
+Data ErrorMsg {
+# culture="en-US"
+ConvertFrom-StringData -stringdata @'
+help1 = This command can be used to set the link between a certificate issuance policy and a universal security group.
+help2 = Usage:
+help3 = The following parameters are required:
+help4 = -IssuancePolicyName:<name or display name of the issuance policy that you want to link to a group>
+help5 = -groupName:<name of the group you want to link the issuance policy to>. If no name is specified, any existing link to a group is removed from the Issuance Policy.
+help6 = The following parameter is optional:
+help7 = -groupOU:<Name of the Organizational Unit dedicated to the groups which are linked to issuance policies>. If this parameter is not specified, the group is looked for or created in the Users container.
+help8 = Examples:
+help9 = This command will link the issuance policy whose display name is "High Assurance" to the group "HighAssuranceGroup" in the Organizational Unit "OU_FOR_IPol_linked_groups". If the group or the Organizational Unit do not exist, you will be prompted to create them.
+help10 = This command will unlink the issuance policy whose name is "402.164959C40F4A5C12C6302E31D5476062" from any group.
+MultipleIPs = Error: Multiple Issuance Policies with name or display name "{0}" were found in the subtree of "{1}"
+NoIP = Error: no issuance policy with name or display name "{0}" could be found in the subtree of "{1}".
+IPFound = An Issuance Policy with name or display name "{0}" was successfully found: {1}
+MultipleOUs = Error: more than 1 Organizational Unit with name "{0}" could be found in the subtree of "{1}".
+confirmOUcreation = Warning: The Organizational Unit that you specified does not exist. Do you want to create it?
+OUCreationSuccess = Organizational Unit "{0}" successfully created.
+OUcreationError = Error: Organizational Unit "{0}" could not be created.
+OUFoundSuccess = Organizational Unit "{0}" was successfully found.
+multipleGroups = Error: More than one group with name "{0}" was found in Organizational Unit "{1}".  
+confirmGroupCreation = Warning: The group that you specified does not exist. Do you want to create it?
+groupCreationSuccess = Univeral Security group "{0}" successfully created.
+groupCreationError = Error: Univeral Security group "{0}" could not be created.
+GroupFound = Group "{0}" was successfully found.
+confirmLinkDeletion = Warning: The Issuance Policy "{0}" is currently linked to group "{1}". Do you really want to remove the link?
+UnlinkSuccess = Certificate issuance policy successfully unlinked from any group.
+UnlinkError = Removing the link failed.
+UnlinkExit = Exiting without removing the link from the issuance policy to the group.
+IPNotLinked = The Certificate issuance policy is not currently linked to any group. If you want to link it to a group, you should specify the -groupName option when starting this script.
+ErrorNotSecurity = Error: You cannot link issuance Policy "{0}" to group "{1}" because this group is not of type "Security".
+ErrorNotUniversal = Error: You cannot link issuance Policy "{0}" to group "{1}" because the scope of this group is not "Universal".
+ErrorHasMembers = Error: You cannot link issuance Policy "{0}" to group "{1}" because it has a non-empty membership. The group has the following members:
+ConfirmLinkReplacement = Warning: The Issuance Policy "{0}" is currently linked to group "{1}". Do you really want to update the link to point to group "{2}"?
+LinkSuccess = The certificate issuance policy was successfully linked to the specified group.
+LinkError = The certificate issuance policy could not be linked to the specified group.
+ExitNoLinkReplacement = Exiting without setting the new link.
+'@
+}
+# import-localizeddata ErrorMsg
+function Display-Help {
+""
+write-host $ErrorMsg.help1
+""
+write-host $ErrorMsg.help2
+""
+write-host $ErrorMsg.help3
+write-host "`t" $ErrorMsg.help4
+write-host "`t" $ErrorMsg.help5
+""
+write-host $ErrorMsg.help6
+write-host "`t" $ErrorMsg.help7
+""
+""
+write-host $ErrorMsg.help8
+""
+write-host $ErrorMsg.help9
+".\Set-IssuancePolicyToGroupMapping.ps1 -IssuancePolicyName ""High Assurance"" -groupOU ""OU_FOR_IPol_linked_groups"" -groupName ""HighAssuranceGroup"" "
+""
+write-host $ErrorMsg.help10
+'.\Set-IssuancePolicyToGroupMapping.ps1 -IssuancePolicyName "402.164959C40F4A5C12C6302E31D5476062" -groupName $null '
+""
+}
+# Assumption:  The group to which the Issuance Policy is going
+#              to be linked is (or is going to be created) in
+#              the domain the user running this script is a member of.
+import-module ActiveDirectory
+$root = get-adrootdse
+$domain = get-addomain -current loggedonuser
+if ( !($IssuancePolicyName) ) {
+display-Help
+break
+}
+#######################################
+##     Find the OID object           ##
+##     (aka Issuance Policy)         ##
+#######################################
+$searchBase = [String]$root.configurationnamingcontext
+$OID = get-adobject -searchBase $searchBase -Filter { ((displayname -eq $IssuancePolicyName) -or (name -eq $IssuancePolicyName)) -and (objectClass -eq "msPKI-Enterprise-Oid")} -properties *
+if ($OID -eq $null) {
+$tmp = $ErrorMsg.NoIP -f $IssuancePolicyName, $searchBase  
+write-host $tmp -ForeGroundColor Red
+break;
+}
+elseif ($OID.GetType().IsArray) {
+$tmp = $ErrorMsg.MultipleIPs -f $IssuancePolicyName, $searchBase  
+write-host $tmp -ForeGroundColor Red
+break;
+}
+else {
+$tmp = $ErrorMsg.IPFound -f $IssuancePolicyName, $OID.distinguishedName
+write-host $tmp -ForeGroundColor Green
+}
+#######################################
+##  Find the container of the group  ##
+#######################################
+if ($groupOU -eq $null) {
+# default to the Users container
+$groupContainer = $domain.UsersContainer
+}
+else {
+$searchBase = [string]$domain.DistinguishedName
+$groupContainer = get-adobject -searchBase $searchBase -Filter { (Name -eq $groupOU) -and (objectClass -eq "organizationalUnit")}
+if ($groupContainer.count -gt 1) {
+$tmp = $ErrorMsg.MultipleOUs -f $groupOU, $searchBase
+write-host $tmp -ForegroundColor Red
+break;
+}
+elseif ($groupContainer -eq $null) {
+$tmp = $ErrorMsg.confirmOUcreation
+write-host $tmp " ( (y)es / (n)o )" -ForegroundColor Yellow -nonewline
+$userChoice = read-host
+if ( ($userChoice -eq "y") -or ($userChoice -eq "yes") ) {
+new-adobject -Name $groupOU -displayName $groupOU -Type "organizationalUnit" -ProtectedFromAccidentalDeletion $true -path $domain.distinguishedName
+if ($?){
+$tmp = $ErrorMsg.OUCreationSuccess -f $groupOU
+write-host $tmp -ForegroundColor Green
+}
+else{
+$tmp = $ErrorMsg.OUCreationError -f $groupOU
+write-host $tmp -ForeGroundColor Red
+break;
+}
+$groupContainer = get-adobject -searchBase $searchBase -Filter { (Name -eq $groupOU) -and (objectClass -eq "organizationalUnit")}
+}
+else {
+break;
+}
+}
+else {
+$tmp = $ErrorMsg.OUFoundSuccess -f $groupContainer.name
+write-host $tmp -ForegroundColor Green
+}
+}
+#######################################
+##  Find the group               ##
+#######################################
+if (($groupName -ne $null) -and ($groupName -ne "")){
+##$searchBase = [String]$groupContainer.DistinguishedName
+$searchBase = $groupContainer
+$group = get-adgroup -Filter { (Name -eq $groupName) -and (objectClass -eq "group") } -searchBase $searchBase
+if ($group -ne $null -and $group.gettype().isarray) {
+$tmp = $ErrorMsg.multipleGroups -f $groupName, $searchBase
+write-host $tmp -ForeGroundColor Red
+break;
+}
+elseif ($group -eq $null) {
+$tmp = $ErrorMsg.confirmGroupCreation
+write-host $tmp " ( (y)es / (n)o )" -ForegroundColor Yellow -nonewline
+$userChoice = read-host
+if ( ($userChoice -eq "y") -or ($userChoice -eq "yes") ) {
+new-adgroup -samAccountName $groupName -path $groupContainer.distinguishedName -GroupScope "Universal" -GroupCategory "Security"
+if ($?){
+$tmp = $ErrorMsg.GroupCreationSuccess -f $groupName
+write-host $tmp -ForegroundColor Green
+}else{
+$tmp = $ErrorMsg.groupCreationError -f $groupName
+write-host $tmp -ForeGroundColor Red
+break
+}
+$group = get-adgroup -Filter { (Name -eq $groupName) -and (objectClass -eq "group") } -searchBase $searchBase
+}
+else {
+break;
+}
+}
+else {
+$tmp = $ErrorMsg.GroupFound -f $group.Name
+write-host $tmp -ForegroundColor Green
+}
+}
+else {
+#####
+## If the group is not specified, we should remove the link if any exists
+#####
+if ($OID."msDS-OIDToGroupLink" -ne $null) {
+$tmp = $ErrorMsg.confirmLinkDeletion -f $IssuancePolicyName, $OID."msDS-OIDToGroupLink"
+write-host $tmp " ( (y)es / (n)o )" -ForegroundColor Yellow -nonewline
+$userChoice = read-host
+if ( ($userChoice -eq "y") -or ($userChoice -eq "yes") ) {
+set-adobject -Identity $OID -Clear "msDS-OIDToGroupLink"
+if ($?) {
+$tmp = $ErrorMsg.UnlinkSuccess
+write-host $tmp -ForeGroundColor Green
+}else{
+$tmp = $ErrorMsg.UnlinkError
+write-host $tmp -ForeGroundColor Red
+}
+}
+else {
+$tmp = $ErrorMsg.UnlinkExit
+write-host $tmp
+break
+}
+}
+else {
+$tmp = $ErrorMsg.IPNotLinked
+write-host $tmp -ForeGroundColor Yellow
+}
+break;
+}
+#######################################
+##  Verify that the group is         ##
+##  Universal, Security, and         ##
+##  has no members                   ##
+#######################################
+if ($group.GroupScope -ne "Universal") {
+$tmp = $ErrorMsg.ErrorNotUniversal -f $IssuancePolicyName, $groupName
+write-host $tmp -ForeGroundColor Red
+break;
+}
+if ($group.GroupCategory -ne "Security") {
+$tmp = $ErrorMsg.ErrorNotSecurity -f $IssuancePolicyName, $groupName
+write-host $tmp -ForeGroundColor Red
+break;
+}
+$members = Get-ADGroupMember -Identity $group
+if ($members -ne $null) {
+$tmp = $ErrorMsg.ErrorHasMembers -f $IssuancePolicyName, $groupName
+write-host $tmp -ForeGroundColor Red
+foreach ($member in $members) {write-host "   $member.name" -ForeGroundColor Red}
+break;
+}
+#######################################
+##  We have verified everything. We  ##
+##  can create the link from the     ##
+##  Issuance Policy to the group.    ##
+#######################################
+if ($OID."msDS-OIDToGroupLink" -ne $null) {
+$tmp = $ErrorMsg.ConfirmLinkReplacement -f $IssuancePolicyName, $OID."msDS-OIDToGroupLink", $group.distinguishedName
+write-host $tmp  "( (y)es / (n)o )" -ForegroundColor Yellow -nonewline
+$userChoice = read-host
+if ( ($userChoice -eq "y") -or ($userChoice -eq "yes") ) {
+$tmp = @{'msDS-OIDToGroupLink'= $group.DistinguishedName}
+set-adobject -Identity $OID -Replace $tmp
+if ($?) {
+$tmp = $Errormsg.LinkSuccess
+write-host $tmp -Foreground Green
+}else{
+$tmp = $ErrorMsg.LinkError
+write-host $tmp -Foreground Red
+}
+} else {
+$tmp = $Errormsg.ExitNoLinkReplacement
+write-host $tmp
+break
+}
+}
+else {
+$tmp = @{'msDS-OIDToGroupLink'= $group.DistinguishedName}
+set-adobject -Identity $OID -Add $tmp
+if ($?) {
+$tmp = $Errormsg.LinkSuccess
+write-host $tmp -Foreground Green
+}else{
+$tmp = $ErrorMsg.LinkError
+write-host $tmp -Foreground Red
+}
+}
+```
+
+> [!NOTE]  
+> If you're having trouble running this script, try replacing the single quote after the ConvertFrom-StringData parameter.
\ No newline at end of file
diff --git a/windows/keep-secure/credential-guard.md b/windows/keep-secure/credential-guard.md
index f36732aa45..d0fba3ca1d 100644
--- a/windows/keep-secure/credential-guard.md
+++ b/windows/keep-secure/credential-guard.md
@@ -16,6 +16,8 @@ author: brianlic-msft
 -   Windows 10
 -   Windows Server 2016
 
+Prefer video? See the **Deep Dive into Credential Guard** video series in the **See also** section of this article.
+
 Introduced in Windows 10 Enterprise and Windows Server 2016, Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them. Unauthorized access to these secrets can lead to credential theft attacks, such as Pass-the-Hash or Pass-The-Ticket. Credential Guard prevents these attacks by protecting NTLM password hashes, Kerberos Ticket Granting Tickets, and credentials stored by applications as domain credentials.
 
 By enabling Credential Guard, the following features and solutions are provided:
@@ -24,928 +26,6 @@ By enabling Credential Guard, the following features and solutions are provided:
 -   **Virtualization-based security** Windows NTLM and Kerberos derived credentials and other secrets run in a protected environment that is isolated from the running operating system.
 -   **Better protection against advanced persistent threats** When Credential Manager domain credentials, NTLM, and Kerberos derived credentials are protected using virtualization-based security, the credential theft attack techniques and tools used in many targeted attacks are blocked. Malware running in the operating system with administrative privileges cannot extract secrets that are protected by virtualization-based security. While Credential Guard is a powerful mitigation, persistent threat attacks will likely shift to new attack techniques and you should also incorporate Device Guard and other security strategies and architectures.
 
-## How it works
-
-Kerberos, NTLM, and Credential manager isolate secrets that previous versions of Windows stored in the Local Security Authority (LSA) by using virtualization-based security. Prior to Windows 10, the LSA stored secrets used by the operating system in its process memory. With Credential Guard enabled, the LSA process in the operating system talks to a new component called the isolated LSA process that stores and protects those secrets. Data stored by the isolated LSA process is protected using virtualization-based security and is not accessible to the rest of the operating system. LSA uses remote procedure calls to communicate with the isolated LSA process.
-
-For security reasons, the isolated LSA process doesn't host any device drivers. Instead, it only hosts a small subset of operating system binaries that are needed for security and nothing else. All of these binaries are signed with a certificate that is trusted by virtualization-based security and these signatures are validated before launching the file in the protected environment.
-
-When Credential Guard is enabled, NTLMv1, MS-CHAPv2, Digest, and CredSSP cannot use the signed-in credentials. Thus, single sign-on does not work with these protocols. However, applications can prompt for credentials or use credentials stored in the Windows Vault which are not protected by Credential Guard with any of these protocol. It is strongly recommended that valuable credentials, such as the sign-in credentials, not be used with any of these protocols. If these protocols must be used by domain or Azure AD users, secondary credentials should be provisioned for these use cases.
-
-When Credential Guard is enabled, Kerberos does not allow unconstrained Kerberos delegation or DES encryption, not only for signed-in credentials, but also prompted or saved credentials.
-
-Here's a high-level overview on how the LSA is isolated by using virtualization-based security:
-
-![Credential Guard overview](images/credguard.png)
-
-## Requirements
-
-For Credential Guard to provide protections, the computers you are protecting must meet certain baseline hardware, firmware, and software requirements which we will refer to as [Hardware and software requirements](#hardware-and-software-requirements). Additionally Credential Guard blocks specific authentication capabilities, so applications which require blocked capabilities will break. We will refer to this as [Application requirements](#application-requirements). Beyond that, computers can meet additional hardware and firmware qualifications, and receive additional protection—those computers will be more hardened against certain threats. To keep this section brief, those will be in [Security Considerations](#security-considerations).
-
-### Hardware and software requirements
-
-To provide basic protection against OS level attempts to read Credential Manager domain credentials, NTLM and Kerberos derived credentials, Credential Manager uses:
-- Support for Virtualization-based security (required)
-- Secure boot (required)
-- TPM 2.0 either discrete or firmware (preferred - provides binding to hardware)
-- UEFI lock (preferred - prevents attacker from disabling with a simple registry key change)
-
-The Virtualization-based security requires:
-- 64 bit CPU
-- CPU virtualization extensions plus extended page tables
-- Windows hypervisor
-
-### Application requirements
-
-When Credential Guard is enabled, specific authentication capabilities are blocked, so applications which require blocked capabilities will break. Applications should be tested prior to deployment to ensure compatiblity with the reduced functionality. 
-
->[!WARNING] 
-> Enabling Credential Guard on domain controllers is not supported. <br>
-> The domain controller hosts authentication services which integrate with processes isolated when Credential Guard is enabled, causing crashes. 
-
->[!NOTE]
-> Credential Guard does not provide protections for the Active Directory database or the Security Accounts Manager (SAM). The credentials protected by Kerberos and NTLM when Credential Guard is enabled are also in the Active Directory database (on domain controllers) and the SAM (for local accounts). 
-
-Applications will break if they require:
-- Kerberos DES encryption support
-- Kerberos unconstrained delegation
-- Extracting the Kerberos TGT
-- NTLMv1
-
-Applications will prompt & expose credentials to risk if they require:
-- Digest authentication
-- Credential delegation
-- MS-CHAPv2
-
-Applications may cause performance issues when they attempt to hook the isolated Credential Guard process. 
-
-### Security considerations
-
-All computers that meet baseline protections for hardware, firmware, and software can use Credential Guard. 
-Computers that meet additional qualifications can provide additional protections to further reduce the attack surface.  
-The following tables describe baseline protections, plus protections for improved security that are associated with hardware and firmware options available in 2015, 2016, and 2017.
-
-> [!NOTE]  
-> Beginning with Windows 10, version 1607, Trusted Platform Module (TPM 2.0) must be enabled by default on new shipping computers. <br>
-> If you are an OEM, see [PC OEM requirements for Device Guard and Credential Guard](https://msdn.microsoft.com/library/windows/hardware/mt767514.aspx).<br>
-
-#### Baseline protections
-
-|Baseline Protections                   | Description                                        |
-|---------------------------------------------|----------------------------------------------------|
-| Hardware: **64-bit CPU**              | A 64-bit computer is required for the Windows hypervisor to provide VBS. |
-| Hardware: **CPU virtualization extensions**,<br>plus **extended page tables** | **Requirements**: These hardware features are required for VBS:<br>One of the following virtualization extensions:<br>• VT-x (Intel) or<br>• AMD-V<br>And:<br>• Extended page tables, also called Second Level Address Translation (SLAT).<br><br>**Security benefits**: VBS provides isolation of secure kernel from normal operating system. Vulnerabilities and Day 0s in normal operating system cannot be exploited because of this isolation. |
-| Hardware: **Trusted Platform Module (TPM)**  |  **Requirement**: TPM 1.2 or TPM 2.0, either discrete or firmware.<br>[TPM recommendations](https://technet.microsoft.com/itpro/windows/keep-secure/tpm-recommendations)<br><br>**Security benefits**: A TPM provides protection for VBS encryption keys that are stored in the firmware. This helps protect against attacks involving a physically present user with BIOS access. |
-| Firmware: **UEFI firmware version 2.3.1.c or higher with UEFI Secure Boot** | **Requirements**: See the following Windows Hardware Compatibility Program requirement: [System.Fundamentals.Firmware.UEFISecureBoot](http://msdn.microsoft.com/library/windows/hardware/dn932805.aspx#system-fundamentals-firmware-uefisecureboot)<br><br>**Security benefits**: UEFI Secure Boot helps ensure that the device boots only authorized code. This can prevent boot kits and root kits from installing and persisting across reboots.  |
-| Firmware: **Secure firmware update process**      | **Requirements**: UEFI firmware must support secure firmware update found under the following Windows Hardware Compatibility Program requirement: [System.Fundamentals.Firmware.UEFISecureBoot](http://msdn.microsoft.com/library/windows/hardware/dn932805.aspx#system-fundamentals-firmware-uefisecureboot).<br><br>**Security benefits**: UEFI firmware just like software can have security vulnerabilities that, when found, need to be patched through firmware updates. Patching helps prevent root kits from getting installed. |
-| Software: Qualified **Windows operating system**  | **Requirement**: Windows 10 Enterprise, Windows 10 Education, Windows Server 2016, or Windows 10 IoT Enterprise<br><blockquote><p><strong>Important:</strong><br> Windows Server 2016 running as a domain controller does not support Credential Guard. Only Device Guard is supported in this configuration.</p></blockquote><br>**Security benefits**: Support for VBS and for management features that simplify configuration of Credential Guard. |
-
-> [!IMPORTANT]
-> The following tables list additional qualifications for improved security. We strongly recommend meeting the additional qualifications to significantly strengthen the level of security that Credential Guard can provide.
-
-#### 2015 Additional security qualifications starting with Windows 10, version 1507, and Windows Server 2016 Technical Preview 4
-
-| Protections for Improved Security          | Description                                        |
-|---------------------------------------------|----------------------------------------------------|
-| Hardware: **IOMMU** (input/output memory management unit)  |  **Requirement**: VT-D or AMD Vi IOMMU<br><br>**Security benefits**: An IOMMU can enhance system resiliency against memory attacks. For more information, see [ACPI description tables](https://msdn.microsoft.com/windows/hardware/drivers/bringup/acpi-system-description-tables). |
-| Firmware: **Securing Boot Configuration and Management** | **Requirements**:<br>• BIOS password or stronger authentication must be supported.<br>• In the BIOS configuration, BIOS authentication must be set.<br>• There must be support for protected BIOS option to configure list of permitted boot devices (for example, “Boot only from internal hard drive”) and boot device order, overriding BOOTORDER modification made by operating system.<br>• In the BIOS configuration, BIOS options related to security and boot options (list of permitted boot devices, boot order) must be secured to prevent other operating systems from starting and to prevent changes to the BIOS settings.<br><br>**Security benefits**:<br>• BIOS password or stronger authentication helps ensure that only authenticated Platform BIOS administrators can change BIOS settings. This helps protect against a physically present user with BIOS access.<br>• Boot order when locked provides protection against the computer being booted into WinRE or another operating system on bootable media. |
-| Firmware: **Secure MOR, revision 2 implementation**  |  **Requirement**: Secure MOR, revision 2 implementation<br><br>**Security benefits**: A secure MOR bit prevents advanced memory attacks. For more information, see [Secure MOR implementation](https://msdn.microsoft.com/windows/hardware/drivers/bringup/device-guard-requirements). |
-
-<br>
-
-#### 2016 Additional security qualifications starting with Windows 10, version 1607, and Windows Server 2016
-
-> [!IMPORTANT]
-> The following tables list additional qualifications for improved security. Systems that meet these additional qualifications can provide more protections.
-
-| Protections for Improved Security         | Description                                        |
-|---------------------------------------------|----------------------------------------------------|
-| Firmware: **Hardware Rooted Trust Platform Secure Boot** | **Requirements**:<br>Boot Integrity (Platform Secure Boot) must be supported. See the Windows Hardware Compatibility Program requirements under [System.Fundamentals.Firmware.CS.UEFISecureBoot.ConnectedStandby](https://msdn.microsoft.com/library/windows/hardware/dn932807(v=vs.85).aspx#system_fundamentals_firmware_cs_uefisecureboot_connectedstandby)<br>• The Hardware Security Test Interface (HSTI) must be implemented. See [Hardware Security Testability Specification](https://msdn.microsoft.com/en-us/library/windows/hardware/mt712332(v=vs.85).aspx).<br><br>**Security benefits**:<br>• Boot Integrity (Platform Secure Boot) from Power-On provides protections against physically present attackers, and defense-in-depth against malware.<br>• HSTI provides additional security assurance for correctly secured silicon and platform. |
-| Firmware: **Firmware Update through Windows Update** | **Requirements**: Firmware must support field updates through Windows Update and UEFI encapsulation update.<br><br>**Security benefits**: Helps ensure that firmware updates are fast, secure, and reliable. |
-| Firmware: **Securing Boot Configuration and Management** | **Requirements**:<br>• Required BIOS capabilities: Ability of OEM to add ISV, OEM, or Enterprise Certificate in Secure Boot DB at manufacturing time.<br>• Required configurations: Microsoft UEFI CA must be removed from Secure Boot DB. Support for 3rd-party UEFI modules is permitted but should leverage ISV-provided certificates or OEM certificate for the specific UEFI software.<br><br>**Security benefits**:<br>• Enterprises can choose to allow proprietary EFI drivers/applications to run.<br>• Removing Microsoft UEFI CA from Secure Boot DB provides full control to enterprises over software that runs before the operating system boots. |
-
-<br>
-
-#### 2017 Additional security qualifications starting in 2017 
-
-The following table lists qualifications for 2017, which are in addition to all preceding qualifications. 
-
-| Protection for Improved Security          | Description                                        |
-|---------------------------------------------|----------------------------------------------------|
-| Firmware: **VBS enablement of NX protection for UEFI runtime services** | **Requirements**:<br>• VBS will enable No-Execute (NX) protection on UEFI runtime service code and data memory regions. UEFI runtime service code must support read-only page protections, and UEFI runtime service data must not be exceutable.<br>• UEFI runtime service must meet these requirements: <br>&nbsp;&nbsp;&nbsp;&nbsp;- Implement UEFI 2.6 EFI_MEMORY_ATTRIBUTES_TABLE. All UEFI runtime service memory (code and data) must be described by this table. <br>&nbsp;&nbsp;&nbsp;&nbsp;- PE sections need to be page-aligned in memory (not required for in non-volitile storage).<br>&nbsp;&nbsp;&nbsp;&nbsp;- The Memory Attributes Table needs to correctly mark code and data as RO/NX for configuration by the OS:<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;- All entries must include attributes EFI_MEMORY_RO, EFI_MEMORY_XP, or both <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;- No entries may be left with neither of the above attributes, indicating memory that is both exceutable and writable. Memory must be either readable and executable or writeable and non-executable. <br><blockquote><p><strong>Notes:</strong><br>• This only applies to UEFI runtime service memory, and not UEFI boot service memory. <br>• This protection is applied by VBS on OS page tables.</p></blockquote><br> Please also note the following: <br>• Do not use sections that are both writeable and exceutable<br>• Do not attempt to directly modify executable system memory<br>• Do not use dynamic code<br><br>**Security benefits**:<br>• Vulnerabilities in UEFI runtime, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.     |
-| Firmware: **Firmware support for SMM protection** | **Requirements**: The [Windows SMM Security Mitigations Table (WSMT) specification](http://download.microsoft.com/download/1/8/A/18A21244-EB67-4538-BAA2-1A54E0E490B6/WSMT.docx) contains details of an Advanced Configuration and Power Interface (ACPI) table that was created for use with Windows operating systems that support Windows virtualization-based security (VBS) features.<br><br>**Security benefits**:<br>• Protects against potential vulnerabilities in UEFI runtime services, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.<br>• Blocks additional security attacks against SMM. |
-
-## Manage Credential Guard
-
-### Enable Credential Guard
-Credential Guard can be enabled by using [Group Policy](#turn-on-credential-guard-by-using-group-policy), the [registry](#turn-on-credential-guard-by-using-the-registry), or the Device Guard and Credential Guard [hardware readiness tool](#hardware-readiness-tool).
-
-#### Turn on Credential Guard by using Group Policy
-
-You can use Group Policy to enable Credential Guard. This will add and enable the virtualization-based security features for you if needed.
-
-1.  From the Group Policy Management Console, go to **Computer Configuration** -&gt; **Administrative Templates** -&gt; **System** -&gt; **Device Guard**.
-2.  Double-click **Turn On Virtualization Based Security**, and then click the **Enabled** option.
-3.  **Select Platform Security Level** box, choose **Secure Boot** or **Secure Boot and DMA Protection**.
-4.  In the **Credential Guard Configuration** box, click **Enabled with UEFI lock**, and then click **OK**. If you want to be able to turn off Credential Guard remotely, choose **Enabled without lock**.
-
-    ![Credential Guard Group Policy setting](images/credguard-gp.png)
-    
-5.  Close the Group Policy Management Console.
-
-To enforce processing of the group policy, you can run ```gpupdate /force```. 
-
-#### Turn on Credential Guard by using the registry
-
-If you don't use Group Policy, you can enable Credential Guard by using the registry. Credential Guard uses virtualization-based security features which have to be enabled first on some operating systems.
-
-#### Add the virtualization-based security features
-
-Starting with Windows 10, version 1607 and Windows Server 2016, enabling Windows features to use virtualization-based security is not necessary and this step can be skipped.
-
-If you are using Windows 10, version 1507 (RTM) or Windows 10, version 1511, Windows features have to be enabled to use virtualization-based security. 
-You can do this by using either the Control Panel or the Deployment Image Servicing and Management tool (DISM).
-> [!NOTE]  
-> If you enable Credential Guard by using Group Policy, these steps are not required. Group Policy will install the features for you.
-
- 
-**Add the virtualization-based security features by using Programs and Features**
-
-1.  Open the Programs and Features control panel.
-2.  Click **Turn Windows feature on or off**.
-3.  Go to **Hyper-V** -&gt; **Hyper-V Platform**, and then select the **Hyper-V Hypervisor** check box.
-4.  Select the **Isolated User Mode** check box at the top level of the feature selection. 
-5.  Click **OK**.
-
-**Add the virtualization-based security features to an offline image by using DISM**
-
-1.  Open an elevated command prompt.
-2.  Add the Hyper-V Hypervisor by running the following command:
-    ```
-    dism /image:<WIM file name> /Enable-Feature /FeatureName:Microsoft-Hyper-V-Hypervisor /all
-    ```
-3. Add the Isolated User Mode feature by running the following command:
-    ```
-    dism /image:<WIM file name> /Enable-Feature /FeatureName:IsolatedUserMode
-    ```
-
-> [!NOTE]  
-> You can also add these features to an online image by using either DISM or Configuration Manager.
-
-#### Enable virtualization-based security and Credential Guard
-
-1.  Open Registry Editor.
-2.  Enable virtualization-based security:
-    -   Go to HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Control\\DeviceGuard.
-    -   Add a new DWORD value named **EnableVirtualizationBasedSecurity**. Set the value of this registry setting to 1 to enable virtualization-based security and set it to 0 to disable it.
-    -   Add a new DWORD value named **RequirePlatformSecurityFeatures**. Set the value of this registry setting to 1 to use **Secure Boot** only or set it to 3 to use **Secure Boot and DMA protection**.
-3.  Enable Credential Guard:
-    -   Go to HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Control\\LSA.
-    -   Add a new DWORD value named **LsaCfgFlags**. Set the value of this registry setting to 1 to enable Credential Guard with UEFI lock, set it to 2 to enable Credential Guard without lock, and set it to 0 to disable it.
-4.  Close Registry Editor.
-
-
-> [!NOTE]  
-> You can also turn on Credential Guard by setting the registry entries in the [FirstLogonCommands](http://msdn.microsoft.com/library/windows/hardware/dn922797.aspx) unattend setting.
-
-<span id="hardware-readiness-tool" />
-#### Turn on Credential Guard by using the Device Guard and Credential Guard hardware readiness tool
-
-You can also enable Credential Guard by using the [Device Guard and Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337).
-
-```
-DG_Readiness_Tool_v3.0.ps1 -Enable -AutoReboot
-```
-
-#### Credential Guard deployment in virtual machines
-
-Credential Guard can protect secrets in a Hyper-V virtual machine, just as it would on a physical machine. The enablement steps are the same from within the virtual machine.
-
-Credential Guard protects secrets from non-priviledged access inside the VM. It does not provide additional protection from the host administrator. From the host, you can disable Credential Guard for a virtual machine:
-
-``` PowerShell
-Set-VMSecurity -VMName <VMName> -VirtualizationBasedSecurityOptOut $true
-```
-
-Requirements for running Credential Guard in Hyper-V virtual machines
-- The Hyper-V host must have an IOMMU, and run at least Windows Server 2016 or Windows 10 version 1607.
-- The Hyper-V virtual machine must be Generation 2, have an enabled virtual TPM, and running at least Windows Server 2016 or Windows 10. 
-
-### Remove Credential Guard
-
-If you have to remove Credential Guard on a PC, you can use the following set of procedures, or you can [use the Device Guard and Credential Guard hardware readiness tool](#turn-off-with-hardware-readiness-tool).
-
-1.  If you used Group Policy, disable the Group Policy setting that you used to enable Credential Guard (**Computer Configuration** -&gt; **Administrative Templates** -&gt; **System** -&gt; **Device Guard** -&gt; **Turn on Virtualization Based Security**).
-2.  Delete the following registry settings:
-    - HKEY\_LOCAL\_MACHINE\\System\\CurrentControlSet\\Control\\LSA\LsaCfgFlags
-    - HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DeviceGuard\\EnableVirtualizationBasedSecurity
-    - HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\Windows\\DeviceGuard\\RequirePlatformSecurityFeatures
-
-    > [!IMPORTANT]  
-    > If you manually remove these registry settings, make sure to delete them all. If you don't remove them all, the device might go into BitLocker recovery.
-
-3.  Delete the Credential Guard EFI variables by using bcdedit.
-
-**Delete the Credential Guard EFI variables**
-
-1.  From an elevated command prompt, type the following commands:
-    ``` syntax
-
-    mountvol X: /s
-    
-    copy %WINDIR%\System32\SecConfig.efi X:\EFI\Microsoft\Boot\SecConfig.efi /Y
-    
-    bcdedit /create {0cb3b571-2f2e-4343-a879-d86a476d7215} /d "DebugTool" /application osloader
-    
-    bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} path "\EFI\Microsoft\Boot\SecConfig.efi"
-    
-    bcdedit /set {bootmgr} bootsequence {0cb3b571-2f2e-4343-a879-d86a476d7215}
-    
-    bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} loadoptions DISABLE-LSA-ISO
-    
-    bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} device partition=X:
-    
-    mountvol X: /d
-    
-    ```
-2.  Restart the PC.
-3.  Accept the prompt to disable Credential Guard.
-4.  Alternatively, you can disable the virtualization-based security features to turn off Credential Guard.
-
-> [!NOTE]  
-> The PC must have one-time access to a domain controller to decrypt content, such as files that were encrypted with EFS. If you want to turn off both Credential Guard and virtualization-based security, run the following bcdedit command after turning off all virtualization-based security Group Policy and registry settings: bcdedit /set {0cb3b571-2f2e-4343-a879-d86a476d7215} loadoptions DISABLE-LSA-ISO,DISABLE-VBS
-
-For more info on virtualization-based security and Device Guard, see [Device Guard deployment guide](device-guard-deployment-guide.md).
-
-<span id="turn-off-with-hardware-readiness-tool" />
-#### Turn off Credential Guard by using the Device Guard and Credential Guard hardware readiness tool
-
-You can also disable Credential Guard by using the [Device Guard and Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337).
-
-```
-DG_Readiness_Tool_v3.0.ps1 -Disable -AutoReboot
-```
- 
-### Check that Credential Guard is running
-
-You can use System Information to ensure that Credential Guard is running on a PC.
-
-1.  Click **Start**, type **msinfo32.exe**, and then click **System Information**.
-2.  Click **System Summary**.
-3.  Confirm that **Credential Guard** is shown next to **Device Guard Security Services Running**.
-
-    Here's an example:
-    
-    ![System Information](images/credguard-msinfo32.png)
-
-You can also check that Credential Guard is running by using the [Device Guard and Credential Guard hardware readiness tool](https://www.microsoft.com/download/details.aspx?id=53337).
-
-```
-DG_Readiness_Tool_v3.0.ps1 -Ready
-```
-    
-## Considerations when using Credential Guard
-
--   If Credential Guard is enabled on a device after it's joined to a domain, the user and device secrets may already be compromised. We recommend that Credential Guard is enabled before the PC is joined to a domain.
--   You should perform regular reviews of the PCs that have Credential Guard enabled. This can be done with security audit policies or WMI queries. Here's a list of WinInit event IDs to look for:
-    -   **Event ID 13** Credential Guard (LsaIso.exe) was started and will protect LSA credentials.
-    -   **Event ID 14** Credential Guard (LsaIso.exe) configuration: 0x1, 0
-        -   The first variable: 0x1 means Credential Guard is configured to run. 0x0 means it’s not configured to run.
-        -   The second variable: 0 means it’s configured to run in protect mode. 1 means it's configured to run in test mode. This variable should always be 0.
-    -   **Event ID 15** Credential Guard (LsaIso.exe) is configured but the secure kernel is not running; continuing without Credential Guard.
-    -   **Event ID 16** Credential Guard (LsaIso.exe) failed to launch: \[error code\]
-    -   **Event ID 17** Error reading Credential Guard (LsaIso.exe) UEFI configuration: \[error code\]
-    You can also verify that TPM is being used for key protection by checking the following event in the **Microsoft** -&gt; **Windows** -&gt; **Kernel-Boot** event source. If you are running with a TPM, the TPM PCR mask value will be something other than 0.
-        -   **Event ID 51** VSM Master Encryption Key Provisioning. Using cached copy status: 0x0. Unsealing cached copy status: 0x1. New key generation status: 0x1. Sealing status: 0x1. TPM PCR mask: 0x0.
--   Passwords are still weak so we recommend that your organization deploy Credential Guard and move away from passwords and to other authentication methods, such as physical smart cards, virtual smart cards, or Windows Hello for Business.
--   Some 3rd party Security Support Providers (SSPs and APs) might not be compatible with Credential Guard. Credential Guard does not allow 3rd party SSPs to ask for password hashes from LSA. However, SSPs and APs still get notified of the password when a user logs on and/or changes their password. Any use of undocumented APIs within custom SSPs and APs are not supported. We recommend that custom implementations of SSPs/APs are tested against Credential Guard to ensure that the SSPs and APs do not depend on any undocumented or unsupported behaviors. For example, using the KerbQuerySupplementalCredentialsMessage API is not supported. You should not replace the NTLM or Kerberos SSPs with custom SSPs and APs. For more info, see [Restrictions around Registering and Installing a Security Package](http://msdn.microsoft.com/library/windows/desktop/dn865014.aspx) on MSDN.
--   As the depth and breadth of protections provided by Credential Guard are increased, subsequent releases of Windows 10 with Credential Guard running may impact scenarios that were working in the past. For example, Credential Guard may block the use of a particular type of credential or a particular component to prevent malwar efrom taking advantage of vulnerabilities. Therefore, we recommend that scenarios required for operations in an organization are tested before upgrading a device that has Credential Guard running.
-
--   Starting with Windows 10, version 1511, domain credentials that are stored with Credential Manager are protected with Credential Guard. Credential Manager allows you to store credentials, such as user names and passwords that you use to log on to websites or other computers on a network. The following considerations apply to the Credential Guard protections for Credential Manager:
-    -   Credentials saved by Remote Desktop Services cannot be used to remotely connect to another machine without supplying the password. Attempts to use saved credentials will fail, displaying the error message "Logon attempt failed".
-    -   Applications that extract derived domain credentials from Credential Manager will no longer be able to use those credentials.
-    -   You cannot restore credentials using the Credential Manager control panel if the credentials were backed up from a PC that has Credential Guard turned on. If you need to back up your credentials, you must do this before you enable Credential Guard. Otherwise, you won't be able to restore those credentials.
-    - Credential Guard uses hardware security so some features, such as Windows To Go, are not supported.
-
-### NTLM & CHAP Considerations
-
-When you enable Credential Guard, you can no longer use NTLM v1 authentication. If you are using WiFi and VPN endpoints that are based on MS-CHAPv2, they are subject to similar attacks as NTLMv1. We recommend that organizations use certificated-based authentication for WiFi and VPN connections.
-
-### Kerberos Considerations
-
-When you enable Credential Guard, you can no longer use Kerberos unconstrained delegation or DES encryption. Unconstrained delegation could allow attackers to extract Kerberos keys from the isolated LSA process. You must use constrained or resource-based Kerberos delegation instead.
-    
-## Scenarios not protected by Credential Guard
-
-Some ways to store credentials are not protected by Credential Guard, including:
-
--   Software that manages credentials outside of Windows feature protection
--   Local accounts and Microsoft Accounts
--   Credential Guard does not protect the Active Directory database running on Windows Server 2016 domain controllers. It also does not protect credential input pipelines, such as Windows Server 2016 servers running Remote Desktop Gateway. If you're using a Windows Server 2016 server as a client PC, it will get the same protection as it would be running Windows 10 Enterprise.
--   Key loggers
--   Physical attacks
--   Does not prevent an attacker with malware on the PC from using the privileges associated with any credential. We recommend using dedicated PCs for high value accounts, such as IT Pros and users with access high value assets in your organization.
--   Third-party security packages
--   Digest and CredSSP credentials
-    -   When Credential Guard is enabled, neither Digest nor CredSSP have access to users' logon credentials. This implies no Single Sign-On use for these protocols.
--   Supplied credentials for NTLM authentication are not protected. If a user is prompted for and enters credentials for NTLM authentication, these credentials are vulnerable to be read from LSASS memory. Note that these same credentials are vulnerable to key loggers as well.
-
-## Additional mitigations
-
-Credential Guard can provide mitigations against attacks on derived credentials and prevent the use of stolen credentials elsewhere. However, PCs can still be vulnerable to certain attacks, even if the derived credentials are protected by Credential Guard. These attacks can include abusing privileges and use of derived credentials directly from a compromised device, reusing previously stolen credentials prior to Device Guard, and abuse of management tools and weak application configurations. Because of this, additional mitigations also need to be deployed to make the domain environment more robust.
-
-### Restricting domain users to specific domain-joined devices
-
-Credential theft attacks allow the attacker to steal secrets from one device and use them from another device. If a user can sign on multiple devices then any device could be used to steal credentials. How do you ensure that users only sign on with devices with Credential Guard? By deploying authentication policies which restrict them to specific domain-joined device that have been configured with Credential Guard. For the domain controller to know what device a user is signing on from, Kerberos armoring must be used.
-
-#### Kerberos armoring
-
-Kerberos armoring is part of RFC 6113. When a device supports Kerberos armoring, its TGT is used to protect the user's proof of possession which can mitigate offline dictionary attacks. Kerberos armoring also provides the additional benefit of signed KDC errors this mitigates tampering which can result in things such as downgrade attacks. 
-
-**To enable Kerberos armoring for restricting domain users to specific domain-joined devices**
-
--   Users need to be in domains which are running Windows Server 2012 R2 or higher
--   All the domain controllers in these domains must be configured to support Kerberos armoring. Set the **KDC support for claims, compound authentication, and Kerberos armoring** Group Policy setting to either **Supported** or **Always provide claims**.
--   All the devices with Credential Guard which the users will be restricted to must be configured to support Kerberos armoring. Enable the **Kerberos client support for claims, compound authentication and Kerberos armoring** Group Policy settings under **Computer Configuration** -&gt; **Administrative Templates** -&gt; **System** -&gt; **Kerberos**.
-
-#### Protecting domain-joined device secrets
-
-Since domain-joined devices also use shared secrets for authentication, attackers can steal those secrets as well. By deploying device certificates with Credential Guard, the private key can be protected. Then authentication policies can require that users sign on devices which authenticate using those certificates. This prevents shared secrets on stolen from the device to be used with stolen user credentials to sign on as the user.
-
-Domain-joined device certificate authentication has the following requirements:
--   Devices' accounts are in Windows Server 2012 domain funcational level or higher domains.
--   All domain controllers in those domains have KDC certificates which satisfy strict KDC validation certificate requirements:
-    -   KDC EKU present
-    -   DNS domain name matches the DNSName field of the SubjectAltName (SAN) extension
--   Windows 10 devices have the CA issuing the domain controller certificates in the enterprise store.
--   A process is established to ensure the identity and trustworthiness of the device in a similar manner as you would establish the identity and trustworthiness of a user before issuing them a smartcard.
-
-##### Deploying domain-joined device certificates
-
-To guarantee that certificates with the issuance policy required are only on the devices these users must use, they must be deployed manually on each device. The same security procedures used for issuing smart cards to users should be applied to device certificates.
-
-For example, let's say you wanted to use the High Assurance policy only on these devices. Using a Windows Server Enterprise certificate authority, you would create a new template.
-
-**Creating a new certificate template**
-
-1.  From the Certificate Manager console, right-click **Certificate Templates**, and then click **Manage.**
-2.  Right-click **Workstation Authentication**, and then click **Duplicate Template**.
-3.  Right-click the new template, and then click **Properties**.
-4.  On the **Extensions** tab, click **Application Policies**, and then click **Edit**.
-5.  Click **Client Authentication**, and then click **Remove**.
-6.  Add the ID-PKInit-KPClientAuth EKU. Click **Add**, click **New**, and then specify the following values:
-    -   Name: Kerberos Client Auth
-    -   Object Identifier: 1.3.6.1.5.2.3.4
-7.  On the **Extensions** tab, click **Issuance Policies**, and then click **Edit**.
-8.  Under **Issuance Policies**, click**High Assurance**.
-9.  On the **Subject name** tab, clear the **DNS name** check box, and then select the **User Principal Name (UPN)** check box.
-
-Then on the devices that are running Credential Guard, enroll the devices using the certificate you just created.
-
-**Enrolling devices in a certificate**
-
-Run the following command:
-``` syntax
-CertReq -EnrollCredGuardCert MachineAuthentication
-```
-
-> [!NOTE]  
-> You must restart the device after enrolling the machine authentication certificate.
- 
-#### How a certificate issuance policy can be used for access control
-
-Beginning with the Windows Server 2008 R2 domain functional level, domain controllers support for authentication mechanism assurance provides a way to map certificate issuance policy OIDs to universal security groups. Windows Server 2012 domain controllers with claim support can map them to claims. To learn more about authentication mechanism assurance, see [Authentication Mechanism Assurance for AD DS in Windows Server 2008 R2 Step-by-Step Guide](https://technet.microsoft.com/en-us/library/dd378897(v=ws.10).aspx) on TechNet.
-
-**To see the issuance policies available**
-
--   The [get-IssuancePolicy.ps1](#bkmk-getscript) shows all of the issuance policies that are available on the certificate authority.
-    From a Windows PowerShell command prompt, run the following command:
-
-    ``` syntax
-    .\get-IssuancePolicy.ps1 –LinkedToGroup:All
-    ```
-
-**To link a issuance policy to a universal security group**
-
--   The [set-IssuancePolicyToGroupLink.ps1](#bkmk-setscript) creates a Universal security group, creates an organizational unit, and links the issuance policy to that Universal security group.
-    From a Windows PowerShell command prompt, run the following command:
-
-    ``` syntax
-    .\set-IssuancePolicyToGroupLink.ps1 –IssuancePolicyName:"<name of issuance policy>" –groupOU:"<Name of OU to create>" –groupName:”<name of Universal security group to create>"
-    ```
-
-#### Restricting user sign on
-
-So we now have the following:
-
--   Created a special certificate issuance policy to identify devices which meet the deployment criteria required for the user to be able to sign on
--   Mapped that policy to a universal security group or claim
--   Provided a way for domain controllers to get the device authorization data during user sign on using Kerberos armoring-   
-so what is left to do is configuring the access check on the domain controllers. This is done with authentication policies.
-
-Authentication policies have the following requirements:
--   User accounts are in a Windows Server 2012 domain functional level or higher domain.
-
-**Creating an authentication policy restricting to the specific universal security group**
-
-1.  Open Active Directory Administrative Center.
-2.  Click **Authentication**, click **New**, and then click **Authentication Policy**.
-3.  In the **Display name** box, enter a name for this authentication policy.
-4.  Under the **Accounts** heading, click **Add**.
-5.  In the **Select Users, Computers, or Service Accounts** dialog box, type the name of the user account you with to restrict, and then click **OK**.
-6.  Under the **User Sign On** heading, click the **Edit** button.
-7. Click **Add a condition**.
-8. In the **Edit Access Control Conditions** box, ensure that it reads **User** &gt; **Group** &gt; **Member of each** &gt; **Value**, and then click **Add items**.
-9. In the **Select Users, Computers, or Service Accounts** dialog box, type the name of the universal security group that you created with the set-IssuancePolicyToGroupLink script, and then click **OK**.
-10. Click **OK** to close the **Edit Access Control Conditions** box.
-11. Click **OK** to create the authentication policy.
-12. Close Active Directory Administrative Center.
-
-> [!NOTE]  
-> When the authentication policy enforces policy restrictions, users will not be able to sign on using devices that do not have a certificate with the appropriate issuance policy deployed. This applies to both local and remote sign on scenarios. Therefore, it is strongly recommended to first only audit policy restrictions to ensure you don't have unexpected failures.
-
-#### Discovering authentication failures due to authentication policies
-
-To make tracking authentication failures due to authentication policies easier, an operational log exists with just those events. To enable the logs on the domain controllers, in Event Viewer, navigate to **Applications and Services Logs\\Microsoft\\Windows\\Authentication, right-click AuthenticationPolicyFailures-DomainController**, and then click **Enable Log**.
-
-To learn more about authentication policy events, see [Authentication Policies and Authentication Policy Silos](https://technet.microsoft.com/en-us/library/dn486813(v=ws.11).aspx).
-
-## Appendix: Scripts
-
-Here is a list of scripts that are mentioned in this topic.
-
-### <a href="" id="bkmk-getscript"></a>Get the available issuance policies on the certificate authority
-
-Save this script file as get-IssuancePolicy.ps1.
-
-``` syntax
-#######################################
-##     Parameters to be defined      ##
-##     by the user                   ##
-#######################################
-Param (
-$Identity,
-$LinkedToGroup
-)
-#######################################
-##     Strings definitions           ##
-#######################################
-Data getIP_strings {
-# culture="en-US"
-ConvertFrom-StringData -stringdata @'
-help1 = This command can be used to retrieve all available Issuance Policies in a forest. The forest of the currently logged on user is targetted.
-help2 = Usage:
-help3 = The following parameter is mandatory:
-help4 = -LinkedToGroup:<yes|no|all>
-help5 = "yes" will return only Issuance Policies that are linked to groups. Checks that the linked Issuance Policies are linked to valid groups.
-help6 = "no" will return only Issuance Policies that are not currently linked to any group.
-help7 = "all" will return all Issuance Policies defined in the forest. Checks that the linked Issuance policies are linked to valid groups.
-help8 = The following parameter is optional:
-help9 = -Identity:<Name, Distinguished Name or Display Name of the Issuance Policy that you want to retrieve>. If you specify an identity, the option specified in the "-LinkedToGroup" parameter is ignored.
-help10 = Output: This script returns the Issuance Policy objects meeting the criteria defined by the above parameters.
-help11 = Examples:
-errorIPNotFound = Error: no Issuance Policy could be found with Identity "{0}"
-ErrorNotSecurity = Error: Issuance Policy "{0}" is linked to group "{1}" which is not of type "Security".
-ErrorNotUniversal = Error: Issuance Policy "{0}" is linked to group "{1}" whose scope is not "Universal".
-ErrorHasMembers = Error: Issuance Policy "{0}" is linked to group "{1}" which has a non-empty membership. The group has the following members:
-LinkedIPs = The following Issuance Policies are linked to groups:
-displayName = displayName : {0}
-Name = Name : {0}
-dn = distinguishedName : {0}
-        InfoName = Linked Group Name: {0}
-        InfoDN = Linked Group DN: {0}   
-NonLinkedIPs = The following Issuance Policies are NOT linked to groups:
-'@
-}
-##Import-LocalizedData getIP_strings
-import-module ActiveDirectory
-#######################################
-##           Help                    ##
-#######################################
-function Display-Help {
-    ""
-    $getIP_strings.help1
-    ""
-$getIP_strings.help2
-""
-$getIP_strings.help3
-"     " + $getIP_strings.help4
-"             " + $getIP_strings.help5
-    "             " + $getIP_strings.help6
-    "             " + $getIP_strings.help7
-""
-$getIP_strings.help8
-    "     " + $getIP_strings.help9
-    ""
-    $getIP_strings.help10
-""
-""    
-$getIP_strings.help11
-    "     " + '$' + "myIPs = .\get-IssuancePolicy.ps1 -LinkedToGroup:All"
-    "     " + '$' + "myLinkedIPs = .\get-IssuancePolicy.ps1 -LinkedToGroup:yes"
-    "     " + '$' + "myIP = .\get-IssuancePolicy.ps1 -Identity:""Medium Assurance"""
-""
-}
-$root = get-adrootdse
-$domain = get-addomain -current loggedonuser
-$configNCDN = [String]$root.configurationNamingContext
-if ( !($Identity) -and !($LinkedToGroup) ) {
-display-Help
-break
-}
-if ($Identity) {
-    $OIDs = get-adobject -Filter {(objectclass -eq "msPKI-Enterprise-Oid") -and ((name -eq $Identity) -or (displayname -eq $Identity) -or (distinguishedName -like $Identity)) } -searchBase $configNCDN -properties *
-    if ($OIDs -eq $null) {
-$errormsg = $getIP_strings.ErrorIPNotFound -f $Identity
-write-host $errormsg -ForegroundColor Red
-    }
-    foreach ($OID in $OIDs) {
-        if ($OID."msDS-OIDToGroupLink") {
-# In case the Issuance Policy is linked to a group, it is good to check whether there is any problem with the mapping.
-            $groupDN = $OID."msDS-OIDToGroupLink"
-            $group = get-adgroup -Identity $groupDN
-    $groupName = $group.Name
-# Analyze the group
-            if ($group.groupCategory -ne "Security") {
-$errormsg = $getIP_strings.ErrorNotSecurity -f $Identity, $groupName
-                write-host $errormsg -ForegroundColor Red
-            }
-            if ($group.groupScope -ne "Universal") {
-                $errormsg = $getIP_strings.ErrorNotUniversal -f $Identity, $groupName
-write-host $errormsg -ForegroundColor Red
-            }
-            $members = Get-ADGroupMember -Identity $group
-            if ($members) {
-                $errormsg = $getIP_strings.ErrorHasMembers -f $Identity, $groupName
-write-host $errormsg -ForegroundColor Red
-                foreach ($member in $members) {
-                    write-host "          "  $member -ForeGroundColor Red
-                }
-            }
-        }
-    }
-    return $OIDs
-    break
-}
-if (($LinkedToGroup -eq "yes") -or ($LinkedToGroup -eq "all")) {
-    $LDAPFilter = "(&(objectClass=msPKI-Enterprise-Oid)(msDS-OIDToGroupLink=*)(flags=2))"
-    $LinkedOIDs = get-adobject -searchBase $configNCDN -LDAPFilter $LDAPFilter -properties *
-    write-host ""    
-    write-host "*****************************************************"
-    write-host $getIP_strings.LinkedIPs
-    write-host "*****************************************************"
-    write-host ""
-    if ($LinkedOIDs -ne $null){
-      foreach ($OID in $LinkedOIDs) {
-# Display basic information about the Issuance Policies
-          ""
-  $getIP_strings.displayName -f $OID.displayName
-  $getIP_strings.Name -f $OID.Name
-  $getIP_strings.dn -f $OID.distinguishedName
-# Get the linked group.
-          $groupDN = $OID."msDS-OIDToGroupLink"
-          $group = get-adgroup -Identity $groupDN
-          $getIP_strings.InfoName -f $group.Name
-          $getIP_strings.InfoDN -f $groupDN
-# Analyze the group
-          $OIDName = $OID.displayName
-    $groupName = $group.Name
-          if ($group.groupCategory -ne "Security") {
-          $errormsg = $getIP_strings.ErrorNotSecurity -f $OIDName, $groupName
-          write-host $errormsg -ForegroundColor Red
-          }
-          if ($group.groupScope -ne "Universal") {
-          $errormsg = $getIP_strings.ErrorNotUniversal -f $OIDName, $groupName
-          write-host $errormsg -ForegroundColor Red
-          }
-          $members = Get-ADGroupMember -Identity $group
-          if ($members) {
-          $errormsg = $getIP_strings.ErrorHasMembers -f $OIDName, $groupName
-          write-host $errormsg -ForegroundColor Red
-              foreach ($member in $members) {
-                  write-host "          "  $member -ForeGroundColor Red
-              }
-          }
-          write-host ""
-      }
-    }else{
-write-host "There are no issuance policies that are mapped to a group"
-    }
-    if ($LinkedToGroup -eq "yes") {
-        return $LinkedOIDs
-        break
-    }
-}    
-if (($LinkedToGroup -eq "no") -or ($LinkedToGroup -eq "all")) {  
-    $LDAPFilter = "(&(objectClass=msPKI-Enterprise-Oid)(!(msDS-OIDToGroupLink=*))(flags=2))"
-    $NonLinkedOIDs = get-adobject -searchBase $configNCDN -LDAPFilter $LDAPFilter -properties *
-    write-host ""    
-    write-host "*********************************************************"
-    write-host $getIP_strings.NonLinkedIPs
-    write-host "*********************************************************"
-    write-host ""
-    if ($NonLinkedOIDs -ne $null) {
-      foreach ($OID in $NonLinkedOIDs) {
-# Display basic information about the Issuance Policies
-write-host ""
-$getIP_strings.displayName -f $OID.displayName
-$getIP_strings.Name -f $OID.Name
-$getIP_strings.dn -f $OID.distinguishedName
-write-host ""
-      }
-    }else{
-write-host "There are no issuance policies which are not mapped to groups"
-    }
-    if ($LinkedToGroup -eq "no") {
-        return $NonLinkedOIDs
-        break
-    }
-}
-```
-> [!NOTE]  
-> If you're having trouble running this script, try replacing the single quote after the ConvertFrom-StringData parameter.
- 
-### <a href="" id="bkmk-setscript"></a>Link an issuance policy to a group
-
-Save the script file as set-IssuancePolicyToGroupLink.ps1.
-
-``` syntax
-#######################################
-##     Parameters to be defined      ##
-##     by the user                   ##
-#######################################
-Param (
-$IssuancePolicyName,
-$groupOU,
-$groupName
-)
-#######################################
-##     Strings definitions           ##
-#######################################
-Data ErrorMsg {
-# culture="en-US"
-ConvertFrom-StringData -stringdata @'
-help1 = This command can be used to set the link between a certificate issuance policy and a universal security group.
-help2 = Usage:
-help3 = The following parameters are required:
-help4 = -IssuancePolicyName:<name or display name of the issuance policy that you want to link to a group>
-help5 = -groupName:<name of the group you want to link the issuance policy to>. If no name is specified, any existing link to a group is removed from the Issuance Policy.
-help6 = The following parameter is optional:
-help7 = -groupOU:<Name of the Organizational Unit dedicated to the groups which are linked to issuance policies>. If this parameter is not specified, the group is looked for or created in the Users container.
-help8 = Examples:
-help9 = This command will link the issuance policy whose display name is "High Assurance" to the group "HighAssuranceGroup" in the Organizational Unit "OU_FOR_IPol_linked_groups". If the group or the Organizational Unit do not exist, you will be prompted to create them.
-help10 = This command will unlink the issuance policy whose name is "402.164959C40F4A5C12C6302E31D5476062" from any group.
-MultipleIPs = Error: Multiple Issuance Policies with name or display name "{0}" were found in the subtree of "{1}"
-NoIP = Error: no issuance policy with name or display name "{0}" could be found in the subtree of "{1}".
-IPFound = An Issuance Policy with name or display name "{0}" was successfully found: {1}
-MultipleOUs = Error: more than 1 Organizational Unit with name "{0}" could be found in the subtree of "{1}".
-confirmOUcreation = Warning: The Organizational Unit that you specified does not exist. Do you want to create it?
-OUCreationSuccess = Organizational Unit "{0}" successfully created.
-OUcreationError = Error: Organizational Unit "{0}" could not be created.
-OUFoundSuccess = Organizational Unit "{0}" was successfully found.
-multipleGroups = Error: More than one group with name "{0}" was found in Organizational Unit "{1}".  
-confirmGroupCreation = Warning: The group that you specified does not exist. Do you want to create it?
-groupCreationSuccess = Univeral Security group "{0}" successfully created.
-groupCreationError = Error: Univeral Security group "{0}" could not be created.
-GroupFound = Group "{0}" was successfully found.
-confirmLinkDeletion = Warning: The Issuance Policy "{0}" is currently linked to group "{1}". Do you really want to remove the link?
-UnlinkSuccess = Certificate issuance policy successfully unlinked from any group.
-UnlinkError = Removing the link failed.
-UnlinkExit = Exiting without removing the link from the issuance policy to the group.
-IPNotLinked = The Certificate issuance policy is not currently linked to any group. If you want to link it to a group, you should specify the -groupName option when starting this script.
-ErrorNotSecurity = Error: You cannot link issuance Policy "{0}" to group "{1}" because this group is not of type "Security".
-ErrorNotUniversal = Error: You cannot link issuance Policy "{0}" to group "{1}" because the scope of this group is not "Universal".
-ErrorHasMembers = Error: You cannot link issuance Policy "{0}" to group "{1}" because it has a non-empty membership. The group has the following members:
-ConfirmLinkReplacement = Warning: The Issuance Policy "{0}" is currently linked to group "{1}". Do you really want to update the link to point to group "{2}"?
-LinkSuccess = The certificate issuance policy was successfully linked to the specified group.
-LinkError = The certificate issuance policy could not be linked to the specified group.
-ExitNoLinkReplacement = Exiting without setting the new link.
-'@
-}
-# import-localizeddata ErrorMsg
-function Display-Help {
-""
-write-host $ErrorMsg.help1
-""
-write-host $ErrorMsg.help2
-""
-write-host $ErrorMsg.help3
-write-host "`t" $ErrorMsg.help4
-write-host "`t" $ErrorMsg.help5
-""
-write-host $ErrorMsg.help6
-write-host "`t" $ErrorMsg.help7
-""
-""
-write-host $ErrorMsg.help8
-""
-write-host $ErrorMsg.help9
-".\Set-IssuancePolicyToGroupMapping.ps1 -IssuancePolicyName ""High Assurance"" -groupOU ""OU_FOR_IPol_linked_groups"" -groupName ""HighAssuranceGroup"" "
-""
-write-host $ErrorMsg.help10
-'.\Set-IssuancePolicyToGroupMapping.ps1 -IssuancePolicyName "402.164959C40F4A5C12C6302E31D5476062" -groupName $null '
-""
-}
-# Assumption:  The group to which the Issuance Policy is going
-#              to be linked is (or is going to be created) in
-#              the domain the user running this script is a member of.
-import-module ActiveDirectory
-$root = get-adrootdse
-$domain = get-addomain -current loggedonuser
-if ( !($IssuancePolicyName) ) {
-display-Help
-break
-}
-#######################################
-##     Find the OID object           ##
-##     (aka Issuance Policy)         ##
-#######################################
-$searchBase = [String]$root.configurationnamingcontext
-$OID = get-adobject -searchBase $searchBase -Filter { ((displayname -eq $IssuancePolicyName) -or (name -eq $IssuancePolicyName)) -and (objectClass -eq "msPKI-Enterprise-Oid")} -properties *
-if ($OID -eq $null) {
-$tmp = $ErrorMsg.NoIP -f $IssuancePolicyName, $searchBase  
-write-host $tmp -ForeGroundColor Red
-break;
-}
-elseif ($OID.GetType().IsArray) {
-$tmp = $ErrorMsg.MultipleIPs -f $IssuancePolicyName, $searchBase  
-write-host $tmp -ForeGroundColor Red
-break;
-}
-else {
-$tmp = $ErrorMsg.IPFound -f $IssuancePolicyName, $OID.distinguishedName
-write-host $tmp -ForeGroundColor Green
-}
-#######################################
-##  Find the container of the group  ##
-#######################################
-if ($groupOU -eq $null) {
-# default to the Users container
-$groupContainer = $domain.UsersContainer
-}
-else {
-$searchBase = [string]$domain.DistinguishedName
-$groupContainer = get-adobject -searchBase $searchBase -Filter { (Name -eq $groupOU) -and (objectClass -eq "organizationalUnit")}
-if ($groupContainer.count -gt 1) {
-$tmp = $ErrorMsg.MultipleOUs -f $groupOU, $searchBase
-write-host $tmp -ForegroundColor Red
-break;
-}
-elseif ($groupContainer -eq $null) {
-$tmp = $ErrorMsg.confirmOUcreation
-write-host $tmp " ( (y)es / (n)o )" -ForegroundColor Yellow -nonewline
-$userChoice = read-host
-if ( ($userChoice -eq "y") -or ($userChoice -eq "yes") ) {
-new-adobject -Name $groupOU -displayName $groupOU -Type "organizationalUnit" -ProtectedFromAccidentalDeletion $true -path $domain.distinguishedName
-if ($?){
-$tmp = $ErrorMsg.OUCreationSuccess -f $groupOU
-write-host $tmp -ForegroundColor Green
-}
-else{
-$tmp = $ErrorMsg.OUCreationError -f $groupOU
-write-host $tmp -ForeGroundColor Red
-break;
-}
-$groupContainer = get-adobject -searchBase $searchBase -Filter { (Name -eq $groupOU) -and (objectClass -eq "organizationalUnit")}
-}
-else {
-break;
-}
-}
-else {
-$tmp = $ErrorMsg.OUFoundSuccess -f $groupContainer.name
-write-host $tmp -ForegroundColor Green
-}
-}
-#######################################
-##  Find the group               ##
-#######################################
-if (($groupName -ne $null) -and ($groupName -ne "")){
-##$searchBase = [String]$groupContainer.DistinguishedName
-$searchBase = $groupContainer
-$group = get-adgroup -Filter { (Name -eq $groupName) -and (objectClass -eq "group") } -searchBase $searchBase
-if ($group -ne $null -and $group.gettype().isarray) {
-$tmp = $ErrorMsg.multipleGroups -f $groupName, $searchBase
-write-host $tmp -ForeGroundColor Red
-break;
-}
-elseif ($group -eq $null) {
-$tmp = $ErrorMsg.confirmGroupCreation
-write-host $tmp " ( (y)es / (n)o )" -ForegroundColor Yellow -nonewline
-$userChoice = read-host
-if ( ($userChoice -eq "y") -or ($userChoice -eq "yes") ) {
-new-adgroup -samAccountName $groupName -path $groupContainer.distinguishedName -GroupScope "Universal" -GroupCategory "Security"
-if ($?){
-$tmp = $ErrorMsg.GroupCreationSuccess -f $groupName
-write-host $tmp -ForegroundColor Green
-}else{
-$tmp = $ErrorMsg.groupCreationError -f $groupName
-write-host $tmp -ForeGroundColor Red
-break
-}
-$group = get-adgroup -Filter { (Name -eq $groupName) -and (objectClass -eq "group") } -searchBase $searchBase
-}
-else {
-break;
-}
-}
-else {
-$tmp = $ErrorMsg.GroupFound -f $group.Name
-write-host $tmp -ForegroundColor Green
-}
-}
-else {
-#####
-## If the group is not specified, we should remove the link if any exists
-#####
-if ($OID."msDS-OIDToGroupLink" -ne $null) {
-$tmp = $ErrorMsg.confirmLinkDeletion -f $IssuancePolicyName, $OID."msDS-OIDToGroupLink"
-write-host $tmp " ( (y)es / (n)o )" -ForegroundColor Yellow -nonewline
-$userChoice = read-host
-if ( ($userChoice -eq "y") -or ($userChoice -eq "yes") ) {
-set-adobject -Identity $OID -Clear "msDS-OIDToGroupLink"
-if ($?) {
-$tmp = $ErrorMsg.UnlinkSuccess
-write-host $tmp -ForeGroundColor Green
-}else{
-$tmp = $ErrorMsg.UnlinkError
-write-host $tmp -ForeGroundColor Red
-}
-}
-else {
-$tmp = $ErrorMsg.UnlinkExit
-write-host $tmp
-break
-}
-}
-else {
-$tmp = $ErrorMsg.IPNotLinked
-write-host $tmp -ForeGroundColor Yellow
-}
-break;
-}
-#######################################
-##  Verify that the group is         ##
-##  Universal, Security, and         ##
-##  has no members                   ##
-#######################################
-if ($group.GroupScope -ne "Universal") {
-$tmp = $ErrorMsg.ErrorNotUniversal -f $IssuancePolicyName, $groupName
-write-host $tmp -ForeGroundColor Red
-break;
-}
-if ($group.GroupCategory -ne "Security") {
-$tmp = $ErrorMsg.ErrorNotSecurity -f $IssuancePolicyName, $groupName
-write-host $tmp -ForeGroundColor Red
-break;
-}
-$members = Get-ADGroupMember -Identity $group
-if ($members -ne $null) {
-$tmp = $ErrorMsg.ErrorHasMembers -f $IssuancePolicyName, $groupName
-write-host $tmp -ForeGroundColor Red
-foreach ($member in $members) {write-host "   $member.name" -ForeGroundColor Red}
-break;
-}
-#######################################
-##  We have verified everything. We  ##
-##  can create the link from the     ##
-##  Issuance Policy to the group.    ##
-#######################################
-if ($OID."msDS-OIDToGroupLink" -ne $null) {
-$tmp = $ErrorMsg.ConfirmLinkReplacement -f $IssuancePolicyName, $OID."msDS-OIDToGroupLink", $group.distinguishedName
-write-host $tmp  "( (y)es / (n)o )" -ForegroundColor Yellow -nonewline
-$userChoice = read-host
-if ( ($userChoice -eq "y") -or ($userChoice -eq "yes") ) {
-$tmp = @{'msDS-OIDToGroupLink'= $group.DistinguishedName}
-set-adobject -Identity $OID -Replace $tmp
-if ($?) {
-$tmp = $Errormsg.LinkSuccess
-write-host $tmp -Foreground Green
-}else{
-$tmp = $ErrorMsg.LinkError
-write-host $tmp -Foreground Red
-}
-} else {
-$tmp = $Errormsg.ExitNoLinkReplacement
-write-host $tmp
-break
-}
-}
-else {
-$tmp = @{'msDS-OIDToGroupLink'= $group.DistinguishedName}
-set-adobject -Identity $OID -Add $tmp
-if ($?) {
-$tmp = $Errormsg.LinkSuccess
-write-host $tmp -Foreground Green
-}else{
-$tmp = $ErrorMsg.LinkError
-write-host $tmp -Foreground Red
-}
-}
-```
-
-> [!NOTE]  
-> If you're having trouble running this script, try replacing the single quote after the ConvertFrom-StringData parameter.
  
 ## Related topics
 
@@ -959,4 +39,11 @@ write-host $tmp -Foreground Red
 - [Authentication Mechanism Assurance for AD DS in Windows Server 2008 R2 Step-by-Step Guide](http://technet.microsoft.com/library/dd378897.aspx)
 - [Trusted Platform Module](trusted-platform-module-overview.md)
  
- 
+
+## See also
+
+Prefer video? Microsoft has created a new **Deep Dive into Credential Guard** video series that explores the main features of Credential Guard and how it works.  
+
+### Credential Guard: Credential Theft and Lateral Traversal
+
+[![Credential theft and lateral traversal](images/mva_videos.png)](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=cfGBPlIyC_9404300474)
diff --git a/windows/keep-secure/images/mva_videos.png b/windows/keep-secure/images/mva_videos.png
new file mode 100644
index 0000000000000000000000000000000000000000..2a785874bd0fd809b74bd64ee2e125de6e25cafe
GIT binary patch
literal 139543
zcmX_{Wl&qu)`o*iakt{`4sCIl7I$~|Lh<5K+}+(>8=T@++#1|z2_7KG$NlbbGn3hw
z_pIc{b5_n?d&v(KC0TS-5>x;HfG#g5r3L`NzJ7!eM*h!oN$^GTbwP2F)BOqnVEp>e
z8zz+ngY;EIa+m)ijkFC%j6;DacJK%C|B|$hySRtDjk6n|vTjoDRYG%rm82}cn!DM$
zxZ65A0dP^MXkK;H|LBs=F5Ygo);8{d8qCR$uPVm>t8SL2|1qU>w{^4x@If$9Uaz41
z=Zd<smAj{@n<c=|<>f!-@BaVCZNHj3n7*320owao;$LOt|H#^=ZcesN)_^|JgNRoR
z>A&Cia5J|A+`NRGzL`lnJ33lAxdUz|(|TVu#Q&IS*t$Dd0xHht7+ygD<fX(lymJ0_
zLuVXMJ;<+xc5}bhI&V&2G~#}8!WnVJL1OsA<fK;~)}qR60}HFcu2xE5gKbC0Ud5~z
zbXUj*tAP@P+=7GGD*Y4|%v?zQUA$ILBCAARo=QMK>Cd06g*fL%|LKj*_NA<=_n4wF
zTpOO>N3dT2y0@#)_0w$oItceLPoAqULodX)m$3Kw;bytM_xsb$Y5mJfHvwSt;{E1D
z9wgxIzL^k~t}_Q79smzWAfw0-O-|_9g9LW}+ZlPGMNU8zGx`2bd@jb~(Xk?6STI9?
zJBh!ZCxMe><>U(tXUh^Yw`d<x_3Vz872<GuZ~?I`Z*)DSJPm^U-2kB|)VJ)+?~O(I
z%N_-EY4bWeXa?3Z-Pr$1`S}=pZ~QV0@jn!W`1ahi`@QRKK44@@N2A<6OPZ`{MKm)^
zvox&Dq->@ygkX#sCeXe=c-Kigw&=U*2|i=@_DlpAta*Y#kZ#~<+rRY<2#C(hQ~qqt
z7wqdvDCP;S^FPJ;v)}E!-s8FX&2yv&-0f??T*<G90}u~{Z`@FWu%|0x(O#3Sp7j{k
z*Ka^H!FQN1zbK3xwZY{#tC&x@6i|-dLk`31zmJcx^C0^Y`49T(BW9g&YEf!kbXCI%
z#X)guDR6Wcgk;7e(I}<v!$2QkL-5H7aPK0ZZ(rcJtt}z|8vm$he6i0leN-0k<$o-0
zE*pZJAMbnbmcJk4I#=d)=G4|+Ar>UKDMjWK&xs$<B_QcedkSiO3MXDuFDg*s8Ws@a
z@|FLJgR{jqlySZtU=FiCiEWGg(e5`{(Yp*T?Jq>y2?_B1>K5-+DoxQd45reo2vFs4
z8VYS>R9b#3Oi=0k@gL6x!g2D57h<(^h}RS<H2+Q;nw<Qc1nB_-ffMhk-piP?(QJX*
zH+&%-0nG2W)Vf%_$3-KAE@}lf|I~Bz?q~NtY(hO>rmP<RT8l!0F#XQK0e=afcVDi1
zy*f5*-q~14BJ%_KyPepAn0}uHA0+{CDN}*ZIxfA}se=qQW%u-QUC(RD94}3wu$5kK
zES8ssd_03g{hzf(U&fTb59l?QvYoDWe2e(hHId4UpoU6}JN0~Ne3!THvK(lE^W*Ph
zQsHm%LTDcvq8UNp(j+;R;AK-vst!`AVAHDDH}egviYgo4tT4eZkJcmrZdQe0F5Ue4
zYBsP%%U!07eIrH#mcl#lFVR#e!=<eg`=|gLz}noBM{0}n`Wy+H2VteZ)<LY*Un)DU
zlqIvjXD86_cPcf2eyMH^*+wAP&=)MM(&mdwa8#GTqwHRgi9o{KGcS%?9!YmrG@0^l
z0B_)z_sndZqHYJhX&12x9eM|qG&15X$QQDRg;>O<xN7maRw1S-<WDIZawp3peR#2B
z0p}YF5KOt&5_`mve<dPamEC1J-Ym>-kK{S^q!d6YRr&z@egG9V4r-*ExO#^DXLV!L
z<A^A%P*;bu4%DmWUVa>*fpa(+Q6tPO;_-r_>x+w`M-qYhRDXA-k;oBRjAV`O(G+5_
zZWfiGc;`Hl$tK*;@I`sysrax+G#4VYdI!xaj?+9--^rRxU3*jwzGR?heQIjzQnE&f
z6X`K~`n$=_3=^xf4c}!`McVy56wlX}a-Ku`L{r@%kO8!RX7$d-q_{PKE_`oDCgpNc
zdP<j+s{>yV0rRxJailSx4x!bhAAQPZcuCKm;Lgs$^jXYXd)Wzbl(sC1jvJ9#aLVk=
zY&7SM#d6vQ8NJcESv8BepEgKh<d@`Gs=j)E5VTHWP5Td|P04rk)ePBQB!fQ^>-n`%
z$S4*YY4Z?E^x!8^N2XEZs+n000)AOXI|h}sKIZAfH^5u~mugyXhXgij<UQ^GjU|7=
zX<v_(3Gw#CUqRb;nxd2hv&WAiHlq-Mpl5l*O+>lnkz%3!i^4y;fIw)V?SWQb(6uvw
zrW<|@u15$x9JqrhE;;A6P<!B?N?DVV9`s|kspJtsDmhB&1pc<$mr(0h_C!-m7?O_r
zH!uH-cd29B>zU6q`*%1}icv+fy=WOqTI>Yd3||V}E$1i`=)E5^fQfdW*bymNWMIi`
zE_N6lqu*E*%*6MIczgBb)7eMIB7_2#+P{>RTtptX{zAfH!nE??ZWW7<+@t*zPgt!5
zWW_B@tx8M}GR-6s%A!?k%MM0lgeQU7C23AE=v*CIR8YSPvqFz|I0(dKSELm4QG(gw
z(ubR`gI{H7ZF{{pL4WN;_}N9+J$c~dnm4*38{I66N`R~dUrgnqNE|a6@rFEM-`l;j
zv7Sw(!>ju<C*Z&C>Q-roVMLzv8jB1G(5N}bz+@;6KG}g*DAPx`AS$a?SHGASye*SZ
zf;3CpsU(2;YMWt^$+=7EN6NXFSpM5?7vP5XUzpF<X#1ZC;aDDcgu^=K#`oDmG!-&<
z7>6Zn1lsrCSOE4#LqF@BSzMmEtq$M~3E-!ice-Z;YxKC;IX8uJqq?f<C=l$Lppeki
zVNZ~di~Z>fU#13dHbbEijqbIr^R{6vV4yBZZ)gBZ|L3S*OIiIwm1bQ`^h48kF}!We
z%N(%=j}E-{X9q)l=6xXPWRK41tv1j85Hcc!xu0x~u8=KbmGn$X&K+MXf-~j;50~2z
ztcs;PETKs;Wc#crH1zl9qJfNt$pE8H0h+0W2mw`z7i6#TdT%sm=VBR>^xeC8fB~a9
z2UQWhotzDm``BLMIss>z?YlUuz|x|=gpRMgl=qqnvL^+w(%#`2K{V52p^+mwKNq4c
z-}8~xhv3r>zXmJ+jW0;hWtmqK_xi9jU4wm58^!}?ZiKN?&FpP86jBvn6hC2v-*_bx
zWv61@MIMF6=1VFkqMMT~aO36AzgJLIO!@&^0r2@0S_O-~^VK13w#_x@=(<t&;=(Ge
znmVi1e-o0s5<L@Im~L*TCF+yK1+-Sq&z<pvKsc6f7S?_`0y7)=sIZs<DT75j?OZ29
za?*||zVVAKsBA3ki6BkrkL#T0PmmUDIOwjeWvQX2`+NRQQ8dGz;<67F{;52!-!QTb
z6Z!}9J9k%Wr8|>3(rHS<$IwtNs%+<`mQ%nVx)J;s7!~om>n6=mmhiBqkZn>}n<;?0
zZcUc5fzHQV0!p#rNJY>ai_SZVSW4;`f&t=Q^6yfx1++o8my7;ie$W0Ln`f|EX{%LK
zT%qc;x2p!EXJD(@%jNe?+Mr7$|0W<ZID&2%;;|a0UI!Q|rSm2K27TZp0NCK6@LX?5
zj|S#;N0$I^LHhQTv+^HgYv6D!&_TH-ztlXiM%TE*DH3dQ+&L<(e!|pXFTUR~-gW_?
zv&$js*T7VoBQ+3D!lJ}j^1+k@{Z0Y?O2IxSep%>SFDlp{3k@s<y<gMRiJ4qY*}@nW
z-ZPLPn#g2*S={+1{tK2CJw{NvQyc*XRzAwyNG=gT?%J~l!-%HP_qk<0H0IcWbPG+u
zGKqI7)z)+*TrXVj(3gm0MDLA-EkCZyyLEgn+$A*fZbXz+N<sX*1i_KK8nsbXn)-CO
zZFlwlf5=lhZmu6nPdSto6m{u|c5u=*WvLdVOsN1G4)23&GO?Fxh{ao$%rZf<X;%6?
z_MmQG4&t)J?&TfKLU?_9C%@aj$M^2s_T}^5x=W7h`t}pHUtVBh5~#KtmlG+8G2A2D
zC1X{jWIfLRa_+P+);kb&;Wh2--+T)E)wFW#u9seR=0;4=LF$%>&bF)z5L(raN)9H;
z;v*9V94s?lcs6;W%LwoD!lX&-0EEV|@c!lYT$PZC>7IETSFe2UfMeDgDm;_pGKqCs
z!<&Z27LN49Wxh`nl2MzM4fPLUd1I0E>=vlNCBd7uI=HX)X>m3U2n3e0tvjwmdTP>y
zq~dn@39x=CB_rbSGPTU(j3@Dg-k{dkAv}~vhL%&p$9Z|-%B_68U*V$~eV{Qh{T>@r
z)ABq!So=BnfOCiNGjn<aQTmkPyK7<dBUJ0v{bQJ4?eEfl5{6s2jPCu7SPo(-<ox4+
z*2?*uC}g73ChpG`pbHoCS2WBG>trVpCbJ>FNdIbM1(eF=a7E_+w@ppLo@0O)17)7f
zyq1~y15Ap1hE`z#+p{p@;8^aZ6Wmes!Dmvh4B1Q|SEgJm194Pg+I#AWf*$nCh-rHF
z6frS0jm$c+LQ#|u<^=(f_azRrL+4obZ!GR~Bt9)9QTY~b+t3_{vw(AKH9Sn3B*8Ge
zJTheT#lLLWMhIe<gW2f$cxvAHl=B3axWotMLXZjQNKZlXY|+C0KJ9r+OC+`vO&e{w
zTegP2g4lef3?NGvPZEP2mv4jUWXH`5nJch>K*dDSlz0>?8{S%{QsmN@EsmC}pL#qQ
zlILIACqiyXYZKAGU_Wyq=(bqZ^694&jD=X*9?laF0^ngwZ!xN*W#VecIG3!H?d8#e
zlV{UtaxWI15<Hcb-R4|}+h+tOHFomN1;?qaE09^6oXlewPsM|Y*VwazLKgHp7s%rZ
zMhm?Q6y$Ag53)Ie-WLFCYB`L$be2aH_G8~z+_-gbIIWK@5mn3vs}PcOWM*0mM|Zum
zLYW&YhqH**h<Nr)r>1L#2=guS_;C-gG0_LV1Nnn{WXlTTsUywy`SSHTFINoDHU`@k
zP>biZSq&HiQ-4d#gSe6rROG*#d_ovJgVvq3eKRX}uyq*1T{QRPk>WQTHE6>&z!H|7
zF!`p-qblCJz%(|`#d_5rqaDl5o8KghW@cylvnbAzk=D(vB>DYclV#N0?D_?}6L+a9
zna~i}kERyCTuna{(sKP1yO1CzV=h#z^@<tI)Qo$Sp38URrPts*{zx@C5%U4pDo%!O
zpBa8sC90H)kSRdAbwGT!<xA->(gagR>P_TPwZt2Xyd>^+DO(R3ddsvSFPabOT9mM7
zx`&cQ67A~qt7?_0$Z;V-Y=h%1ED0=+{S`_&X)Tq<+Hl-epAxxdtjq-6E#$0mEy4^!
z3>Bg;S_x;;EvZ)1tXd|jBT^?;m4Lnkfr+Yyc*9a+m{T{pxEd$|qn49qReJm@2~idw
zx1*&=24g}?^Z4f`^Mr)EuWpv9Dj^N7hU?n?i@qpzr)v(nX^VRL%a(>q`z@@AoH`D+
zwQS!$<_=Jr_yF!b5b{E_;rChF(+Ps@;@#^XQ@AISn{~7lCf({gY}3#`|3RYBlP&Aj
zF$j3T@P-VO>BO0fGaUY&=pb8t`u&A~oLVyQ*-tfQ^^HY^Tk8OJl&cXrdmMQjtch~I
zh;6N7yZ`z_n+{I(pY`iixJ5GZjYJ}i4ctY}okLx}<B$#6BcvqRmC(w8kj`)-E`{+F
z-2+AuMT23Jel>zj3?C!r_zffhc?kuHw2Ni~t`D>QUphQ)9%%<iKG0f`{GR%>@MGfa
zc5B(O6UeSMkDuK^y69r76G_1QafOD@_Wc}QL1Uk^O|mlWojhIP<W~E5aokOeF$P?|
z3Pf;U*H)44F$?%@Oq|cXjnrKd`28CEayRobx2E@c5dJ>6?6)t_x;RzG8w7HxwrmQ~
z#*u6-TKvpPPurrZV{U3M`x;(zrnDxpQc~iH3(1BfZ``WBvB*O8ju0jE?jIY)s>abd
z6O%4h*TpYPHE_`ujI@oz<|Eq2h|-{0)_D<w@s^q#DF{R5qG3%}X(X1AwV<GsEwE!(
z7(}x9jOAL2M2SE|*8LZC3WZ$L0Q+0|Cra6R1?q^>PVG&8@EK@dZS(8QpY2SZDJCpc
zURU4-yRqNZF|O~$qxUb3^d+>8o|`00f$e^P{c(NCNn(>s@v5z^-h~;gjpL6=Qkp-Y
z$#7NPY>B28x_WroyKL;49HEu0#2)B$OOsyuKB?%nc(qEKG;)oW$d(Afsve~yyX8J$
zZbb#QW&uq_OB@Y_u`lnsyMh>oc4tWjTh-syLTbnq<E}bmWcrPT&^M8icpNr->Z?IG
z8nsbA#ULFn?1`Vz_luvYH2Q+}_{pNK(YQ&>6VE;k(@BX>t^M;^UsOh5JiPMO&4RF-
zg5ALUd_1P@Y-~0vCvpSKF}lt87wHWm(r^hkV`2MP24{w8x5?wkzDYj~Po_6o9lJe|
zegpShDt*EJ@oF@LKPP-$o>j|Pvta7ZXvf3vODM6n>`$TlQ!_6o47WWV>6stK72ofY
z&zJSOy?hP0?KPS{*g*g0-w6YmnJxi$_|3A|rP!pms+ew;#YSt6`J)pSJ8U7Rl<Wcu
zVUIq<lvHOfhro_*C5DP+#d5iqPTN1w{oP^raDVCPy;%0V(R@!?_r`)f;OV_{*X~fd
z|1%FqW50Cs5UyV^-HNJ<L>vvZMt>Tb=3XRmf4`n^XpKpNqd5P~K4l`^qbjc9p3$iL
z5e-aR&7rcjVotOcm1znK!4Fi@$>!E22k(cy)}cI5Z&!GtBs>EU$)|&Gd31en)T)iu
zD)gqOhJ}sPos1mxk+oGiH8d2p-6~QJLrm&@?qsnn684D79b+JnBUaKvug`j-AK1Wa
zKSlj1ts8cJ3u*tioD@79Q?%+Qo2B-D*}b>j97X{TJrI9Quwh>lYdW<3`)NeLZoA)k
zNNoWP7CpZ|SeUhHtF3`}d$f&M{A|5P+T(5mdIsuthHi8NA?uc#O}TF@9D$CcMEyo!
z;Z=Rl89fo{4On42-R}HG=4K2Uf{&y1CRJ$6(w+D-#Z^}18B_&lY&2%6!TT%aSmZSS
z9NF_N=e*}wNU_iME@M<YIun@=i0xU}$<u5NxI^=a!QymtYFuW45e2H3h>Sp3Kxk@M
zPK;jMB~Ea5U_y}vecuL-t4u8yHH8Oo<JMoaR*`ZTbnoZH@>8H7QyNKOO7vz%m}vCe
zpL>nUCs8R@6a!2<RIdRef!9T!Po1a*+g<$$(hYG`j;H>lR{*MIFB>#)YkbH4GrJ+-
zQ&$lTy=U<~Wl<2@hH~^--nsTo14NN0qy|QlcKWj)ZR7xQrwDYSGafeSjYYnjjFbeu
zeM_54Pw`-o6`HICZCZp{oOA;HgLw?Si|UUh^VW$1PShe9zSI6fE0wJNxYK4bb_67y
zkYMZZW$%G|3qWVLH}slN1e<O%sbW-_^JtUP9(gCnv;G3Ff^6?+S5g*21TKmRUc)<c
zi3~{ODn0Qehfj%-rh?If(IzoKk4QDBwQE~PCdgvb*3tIxHtul7SU;bLP0oANsDT-v
z+KC;wF`2bG=U_;))YVeTHi08)7u`4;qu5;9YPCdQ&vtT`O}y+uwOYg1Jj@zt6Fp1x
zgNsLhsjWo|19o>8<#P$2zFq?u*^9K0V93jRzwo96jV&s+>{!!^W1LZ&|9`n(*?|L6
zZ9`{)Ku1T+^(O(pD<mT!-&%<OX8Y;CIe$-ZH}o}U*#`FA^x1qk7|(D3!ybVkUsisd
zfk2%sBH`>FH%fO+8J-@5e~N7vJxAP6)X^rVfL|#UM?X(7GatuV*z2-6Bf7B;6o6d)
zNdg7(K;0KRmGR*;(l!G~`-ofJ6tv9nzmtRU>?g5sxT0#37vFbfe%?VsAmTUGx`C5h
z*K7+4`G7FSHK$ixUY<ZFB{@ywazGh^JT7yOXmUW)gjdFGFD(#Z!FF{mKM!n!PTV|i
zAD@CFy+uC>dyn62?@MF0-?W%Pjwn%7$K9E#+VDbzq!-$ldoXeq=6A}R<FfnS{6Z2B
z!#42h5%Wg~qi2TNCh)_0kNxQeo##Xa%}T4|r_znwx`ViGdr$ZBcfQu?x6?=1E@8%-
zQCQ5$=%imfmDhf*3~KtHo*C^4SC%8%a>QJ+7Q~Q=BLc$>e*lpj3CB<CvvRf(ejyGu
zU7Em3gkR>3WtvM{i*&Hsb#e{)N}eYejubDrC3Q%t<H3KPiN*dbNhcj{%Oo{Zd+U-<
zA#E4V5!;Vlbt_~09KBv72P0!DO`Xi`g_H`(EiCM?{;*}KIxb_Ss;q01x-44Nf~$gh
zuCV;)^Sjnfqi6Nr-TeFT`WKVUCMo)CyP~Q_Iqh&B=5@R9C@hAWxfQ*0s@Aj!v$hX!
zEGWr29hq(!8QWu??Yw4!CTtuHX66E8N|Jf|vZN)+ibr^y)R^GWh!xjT1H5ipCwM+r
zvHGZh$sOSo-CbdQEjqG5(7_E)i2vZhpIp!}DRkpu0~%i2{OQlJlJ@+{bA}l__Ec?W
zWit0wc<zx>B?^t2Wlx9a2VnIen-5=Dk2Om-FgoV^5}769`yIKfQCQSr%)`bNYhaJ_
zy65-x_HvlJbJ2^!dhZt~rvDtzmu+7p>KWZ%n*EwA-`<BYOBPg1@+DK85g#M$i3eHZ
zf3@kO@*>>?t50E==BstMcc}P{G%?mJWNLP6-}OxzFjb8IUbC74(O79c0<>y=m$uba
zgWp)3t=}K-tQ(ySc=p`x2z&=2)fpP!?u|9i8@7k3B584yeB#;h5h=FZ)eJSRiwc&u
z=1z5;tT@gwv@)N(aJxUl$8z%$jH>!Fnqh_SuEqVqVpBMkp?R3Av0)Y0-UQt+o#N$a
zGg%SnDA2MWXW--6Y!!pEn8nAvX4n`8Z^WO>LW1G;l+ET?$OnM7K{ohUDb=ltzB26S
zHM+6$O?=PK&=X9=?mX_+x1Y*lropKQRYP<crI#z9<_y-e5B@o_inz_7UstS1f?mq4
z2obvIHDHYs!TixMx>p`1SB^ouWQnk_PZY~t*x)AZ^8t?6zlKiI5}8K%aKD9pdHu%6
zx-qK%jYW5mf-KFjYBjmQFN+S`eVSE#B2>zSp+!jr|Am~<^za_g*RYmeuaWy>`)@#}
z!Y^j+sM*7)Nq}3G4x(@!Bgfez^G7`!c5~JiSxSK<^crdnnUOwPckzm%%$^v{$nhSq
zTkDX`l8L*V-PC8(@Kj@qLfs)P)a+pHg2e-G8^nQr^_HKVA+Z)Z2KprWyOp{jAJZ56
z)V0CTxU;3wi8co|3vEEcd;YTxerFKGaT7EPIh*TQ@40{7M}ap_^aw8-ua$(Jh;&!r
zKj3DY|2ky7=f;1tt=rlEwOsQZ=m>%?0e^y_8;}j?U#i-k_PUrS9~?5IB7>Xw6eJg)
z#RA*cO4@((TD8Ky%OI6mRAjvgoiBLHRwhq6S@=%|*qOv&%xZh9)hm5$=;RTcRL&01
zH;<KDhi()$^uy_KW3;m0O+tb|54%YRMVi?Y_k6odCJEUg^aFu38cwo`gwSy|^@Xx^
z(0udh4s3(}R<`JQ{)@m1N{wc<N@L1)n0E8Jjdgb1TE{RS3DbP9c_F<^<aa@g#WY6l
zbUeQ-Y#8K$qQBI28#&ukmI&4t(`d{;4QO{L7;h;=+uQuM-x=TC%{+I2opg+R|J}5S
zz%3uSg{=rbtio#;3dv_dxfo%={lQ<v5vSIg+S<lFfR1Oyo+5OG3MQ*!fpx4isPgv5
zUy@pc`i%1`J>FOhEmDsyWdVJb7w!{Uf^8`lWiR{bM<W&J_+YYiuh85h6ZR|l&$=b;
z28ln3u{w58_LHkzQn*qws51_R-mRd;L`o60*#;Jx_DIphd@`{YZB;NS<6q8CI1&$H
z8PcTA?Mo-C`fOb;6dhM&f*AZ@_Q{VXHdd$M_~+N^Ex*;QS+30TC*-5;@QBKDGuz;7
z;;6Vn@law5ZmVFfkAciX8R21zaB1V~B#!VLO~2N^-FAO<q@C6CiqIh#mY3Rx)w9o7
zJ=&(k8B7JZT_`#r{9R`UFKa{AeDRQL%995-{5tOb{k(tmkM{M04d>U*@f*;nKK=Ce
zvKAT<G4b>?-irUf7~J2p7v$6pUhnzmyXgdd4Y1puzJco69l_9V>us<3N`Ii^#pM}v
z$#AV51gypYk25>qVZ_)Jit@LZ)cU~tL~)pLaclkJUdC1;;*t;(_^a)h=x;V6HX1H7
zK<$F_!GC}C1FINE!;A*AxR;)tk5|lCBRc0^rUStT3Z4K1GBWWl_rK;Z`nwXU+_F+l
zXjZeqlJ-jjBE)M+e+sFSrquAL?~=d45_idE*6B4S#8n`$-gCm`2^oN$*OiK(8(Ld+
z;=XnF*iWv%9xir^?+kl3F|c92&|$RBh()`lkcg=3y;Hz4R9i5H&jnw{u@A6y+Lz)Q
zsA2uPL>s^IsBil)j`8LfI>wN{6!FH$fx5ukXd3FEZy!Zh|J;%rI#n`zlnmwA$9)T3
zM#&V{z#H)R$9_xBf<rH&%DIb2Jb<jv+|M%0Xdl&O$Sx<&3FAh%!Zf=p5_fkO6T3IF
zbw|_6Nbvj8sEJ+1ic6|ADkH27-s`XjomB1PsQE`qSYZ#!%sz5fgCrd#Z_NdHi|E|}
zHDn3K3f^0CC##&L7S2o=cdri%a8C%h!s95xwo{X^)Za637_I@X{ZuGUaa;cFj>?&|
zU?U;X-rJ&o`eNfQGE*cOK=KBIXcbv@`q;`3T6R)aoTp4Qa6jkNN|C-&9?SL6#xPf)
zeRP+i*x!J;uGmY2xQLGD{O_EaF-hqKUT>4`3<GvefP|;3-8O+ET>2+x*lO}dXJ<V?
z=k+rGfEnP%1+e!izr`BQ#Buc-v^n66<8hARWtP3y(SP%&&t^OFk+yhSHCPzF6Uago
zTh7N}-AQkp*pBCxP|!lcSct8I=qMCCN`sAo!lK;8F8q7m;Lsu?lv_XA6yWFB(`GBd
zDw+8nrZuL+-wQME_Ls!0UIU<5Q3lg4k8k=f?W#r0OZKef$M^2h&8TyOD(o?6ahz(V
zCE35;o8EP+>#Ssvtjh6tTO*QBebpp!Xe=$34i&AC=DC7nS>`e~Ff@m;A1wyNQ2#pf
z=X!Vlhsv8UWrTj((c1!UAVK~4%`bSxOyw@HPVNQ@zX-|6aQ*Bsx#nFKAuLp`aMw^O
zl<k{sYNb<P0~$!>pzXOMoayJ?l7!{_fYb!aejHC*jEF951hU|cZC7Hc1r7<32b()h
zCOt`zTgelq7hF-LSZHv{pt16lnFd^$dy`A@mj^}W1;_L@5ZS^2Ik$Tnn0i>A0>wix
zQ34ATN3XD>i2^4>%*(@JF_2@e9M1?oxY(U7m|(K%Y1KAnr7^;qZO28xkyxapHbsWH
z$ZHwni_K7TjPCJUatYy@O%#`k1zR2PXlv2p#r`^hAEWpBaK?#Z<)03mR?d4mf4M0R
zfQ)=syHU7I>>5ZErZi&ELK#Q>gQE4uV!#3>;soCt+{oVT31|=-W>!D*j?vA_OWix%
zs$-u19eWap?G{Iio0?ifDIt?UCV0BW5}B1a+<<6HqATJFZxZ5<DxoiO|3mrtaprjv
z{A{>+>)W&YiPFon`S$$e7E|Ol+PV9utk0+D3ky9I)?wUGgvow%{pc7rI{RwRv4*oB
zGW*CQp~U+*KS=0YA_(Ju;%LS(GT+G2P5@jOi4-YAO#vdeJfe_;C;Y9Z77xQBCthZ?
z;%G{ev9-Bij&=f%GM#iwQ+lxevmI4eYKY0}&S5c#@XmHB=DH?`kEk0B6GqS8Va;a~
zB7^Mq;Nux#*(lRIX)_XtF;*gU_{n%@?2W~T$6QMk<3d!FJ{f&1=?3Q31Ip(MjPP*S
z+M2z^wmtu)2A3g2*SipLrNx)IfRmT2DKs?;i;pffUv|o5)9I-Q_9_qoa)$1zW{ic0
znP{^o>%NfiGuPXYSZ10;5NP`>s?96jB(`Xyh4f*6yHFc_z0J`;DIC!}r2Vwk&^e_o
z9C|?bbwwga=~TUliDvh=6tfWOSA==ufzi+c$#vY3es@M2O|CDtBpHFere0UFtL>5o
zUly4iB4)m1$0#6Jw=iqQ;4BCWeu?W|;2WgEAFFIEo#AZf{8#jcrY<AvBQ*vywK&?B
zxZs12w$upy)IM@0<l4>R{3)tUHrO*arBrd6Z!9SChdw9nFO2qkrx?uInAVy>Nt6Si
zFOP{c-?wWmKS=BGJ${!q3f)FsxQM-&K^~^If8cJl-}V)-pPjatLPJ!vCsAeMSyQlb
z80%;m{z$tLGo?pnXd)9Yqi8SFwp8`|dr9P1K`Z=jIJsM1wuF)UF>i%mJ>aOHc+FM>
zPEz_a%F6-gL&{GlS3p8VeTA>y-W@q>_pOHvrEpFts}~=ycT3)pN9&VyUlU2=ewYBM
zxmhG`o5G`Ufwe``6h2F#U}rPj!^7ZG-+C1!P%YyJ_4flFuj8Npa6Dhv(*lSzM=r%y
z6Jqy}`JX=E{`f0EiEC&7Ubi5JpOOV=BbH-UxTd%H#)4$8I&)|Sd*#QIljFr1#bY0m
z$mMo`UyuL~KXjYoe%AP5p<KXQKP_@swosRJ(ZV))B}P$$R>O;dWtf`1g(wpfjkDT4
z7fYz9h+>Ia&oTOEz~FM%ONcS_`E*cNTg1R=6B_XH+q&mYT05f(SqEW;lG|G(1dOfC
zgoqG0+nhaZc1cfb9);7mfm;fM#C$zH()-D*M*}(QIZVXXr%m(m1V>4!ER!oEMmlF^
znn}${=0(gc`p1(*Hej8BoYzTb@_SBO2~T}`9A9%pj;pzd8=yLh^XF~P9vkRWx$%0y
z1?XuCQlsyCd7gPy|2R3+W_<*My5vh`$s-@@x?T>8_{PFTK}Cbwm(uzYId|Pdf2Nug
zaviE8_UV32PKePjQD{67H!2$2&W><Yi>kGSz!VfdCBIDjq2GpAmhV7wAXPPdW`tcp
z!7EOP(pK9`f4>a*Cew_3&@v|3Xo7X2{9OxD_`Bc}o%<6?E3WSIN{yquo!s{1Dk=9o
z>@)!nY?}#cXI`4L<@{bCn{gxiVd6cH)syKzouQMEK4}ep+r^4odYuu-mCn6(<{>ww
zZo$;*e)40(WPFunZ%>v*t{``rHi57~N=;{!V7hMvZtAS&9mff%e?!kc8o^}{dgFt8
zcYQqH#tM2Z>iY(q*0#6(vzq8c(qzV@>6~8i-48Oj19iW#h)gUg(!66mlDNhgMta9I
zcb9IXi1fo+7Z(lI_;bLcE}^>Q?V##mvB~TouzT`6pzHS9@U_T-%(6QYQmepoLVA*;
z#Mr%%;N-S|<P7pH%j71v$5xk+AbjUmPLp!ZNa^~|r+a5S-tVsc?|Rs9GaJQ|FU8X*
z(MxmZ4P)bg-B?RqbxE}kCc~v{T>l!yj=?+}RXpon396Jy!;4!+-%$I*(w5jU(?uV^
zkNTUB9=#Xh^~l%IXYJ=X<EQ6dC}iXA64C|sH^yyaS?Xs60#q~gC1SDHxH($RH$w8{
z`sL@XFdblbu#^^};2CEg>@7ri2!G?GP?`jGLu@EHpH8og-dNar;G=f%yi-@NA((Lq
zne2`-hL`I(HRUTN5lf#w{HncPr)1l0AaecCy!ldCf1{oM&<QaTdCCPp?l^yU)Ze`8
zr095Dd^te^w-LU2>uYSA4uVD#*2Cz`910lsEc(VLqN=2qSh-r@*Rb_?(vYsV`|s(C
zJ~zK?CFet9Kp;z@J1mT0K{h9u;iEx$df77p*BrRY+Dr7n->DX&LD0nfG)<PX$~4{H
z(^5R4j{)~ks;_Y6ABGElprD<{^eoM?BouIg!j3-$N#t;=Y-TfUY>TFp;GJi-ss<UJ
zRBOaUWnnM=N<17I=4PNBn!y;&8vHi<hj)V6PD>XfOP{uOm*b5E38@)g!BO{)VCJk%
zoyi`)M{S1GDvriR5rSpRSL&Qa<l%}6s@)Z`EE>NThdN?j;ABIhiiz74yGyIWfJ`5+
z6!O^-{#W=me_WT3o3nr0K$8x-OB4GiXAy%@Uo+?bHYkB%#HDT3bEbov21ltufZNE8
zlC}NONWYqqBXz|_(y>R_PE{p!CkcrFp==Y{4fA?68@}Q9Bq@kuE##6`np@@xKTMmN
zgGiCeon7LJ?M1yJORN%A8U}BrM$i$_%2$};_KyH<|CpVj<kBrdY=@pbUWcU0o8Cr`
zAn@~eTg@yEmS=MntOC7T1r@1#!vqp9C1F<M177$@6YJ_9g8XjsHx}j^eftyX&OJWf
z=)q?oZT<YU=EeNyaL<5$0{*+s3eQO`bfb*P^UVr7iI~@8Ry{&)T9gA!<SvQdUWhcO
zBBv{s4ioOq1!0H;QRSL6mht(-@%t*dRX7w+Nw{=o)ajbS#Ak#4_O#7|<oBF-JC|<$
zW=jjSeo#77hWLZi5$fGX)|(@Ge0&?b?$5&lo{XWzn>WB7sPZE;;E|>0lI11j<tYB?
z=;f+0;O^badB6k3%OT;6@t?Z(Jy)xVrY;|km%TCEtnSzKA)3(G>ngezym<!~umuT#
zVm|kYJ{mu-z1*4yyqLGKic{kaqp9;=9V+0a<f-hdDuXC9iobYRzp;4gqlpYHx<%qL
z&05&X9aoRLN?L22G(x)#RQ-~WZmZI?^KWR07mH?Ch3=>NooXOa;Wvu#@U4v1E>=9k
z5biWnq2EH9F04Oj`~E`OY=5KDmc)>#p;{YxpOjY~Jt0@_e=hpQa9Dk*oj|Ukq>HzJ
z4?6QU5U11=WbqC}eb3#%!m~<CO$n}x5nrG#KXw`0ap-x(S@`LzOj{>KEbDqtvqWr%
zB6niwd)UPLy92uK_H`Kq!ku$k);}M9?G4)Sr#lr}!egMGrmk`NH}FR;a`8f5KI_y(
zoSgcS#*g^8oi$D9cT#7>{`<Yz3mO1^tJdHW!}PvZ39jJ>Ds<S?ea33`Hx`H{5k4#b
zLXVk9iQN?(vXD|WR)2M|KXZQ$qr~#g{kZMOoI)u{N^ymCG|Hn8EG%SDzy9n#780HR
zM_6|m*J*iUXgI~Y<d8PsZ1i$Ih&5w6)skAYDUCJ+##GjTb8W*EvDm|NZ(I0Vr_<OD
z2qq7lhvm5b^z-$p&T8S#qJXT97ibwy5N8DzR-VupjtoXRBckUy)~->KHm}l%*mysp
zUXB8p)i$^&ueyaGqkBK7bDfT^$&UuA&3xS*u)6lsit*88{K><-GFaYeSnr?=^D%w>
z;W7E&O?(^VRvij2(royU+|JJiDTk)^_}^>y9!gRSJ3s&1d?<9jFRRz`tYv#+@qqRH
zVjlePCp-ToB;XFyf9tgO8MpWGNB#47{o@{k=mkFb3Eky!3-fWSJpkJNvL_pWx+nV`
zDl78*mEwi1cQ^Y?`EEMk!XNB4L-D8{a5Cd}7VW&+L^<%@<H&Cq%dI*DT!CR--{yr@
zgrkNtOjEJm5uC+9$3V(B%dj#qdXTQ^lE2zIB=p_kPuqeRO&RZ(MCO3X{^#MPp<7=F
z-f(|^;yy1Qsq~uGu0^tYe=S;(!lq`=PEaYj579fK<bL?;Ak?$b0mqEF<NQgVHCECj
zom4%lPS<4Y$lo@ibx<)CM6)K^K%x;H!P(1|d_ZW;jn-ese*s6XOR__%xN#hKuZ`&c
z&1<pV(3huBD$spiJP(u4mvlwE$HTHNj<ibh@GQ<%Vo10^%XC~f?(y4?c=B&?x!Q>T
zorFI{tO3$FWV5(q2>Y-+FvuUTUyeZW$79l=D{(crg;EG3K7{61?cBdC8NW<VaS_p)
zI+1br=YNaeG8T~HTOH+c4wNDS1TASd;Y<yAD7Y=~QQ~f0I{(xyTc46F+#b&}9L~#g
z)I&Eq@etq#u0N^%ix`8eCh*a#x%|a5O``7{Vu0eNV-8RVg>(UbrPq^FD=q-r+ct7%
zN?!dI@=+~TRTv?`<Afr_YQECqS~dE(VoYWx-HwHtfY(c5*!q;I>~FX1v_|)Ir~JGE
zWaWQ-eEE`*A9L<n4x7acN0~(}dIT*Ez2OO(`UJtaj+}!<yb&6fS?TMJ!lL5M)f~n`
zy;tQux9$FajqfDa|GhgAeMamBKjq(tUHL33iflrcD865&pM!eA`Nq?yuctMq`g)4{
z@&ITv&vUcrm38ka@MYE0Z);-n{sw%19RJiZ`}~{Yr5mx!VDm*k;8go%=w&<LrTgW?
zlWpdFSM=%_)Bgz=u(K<Ab1<Pj;ieW|lfwM9;JpF~{%?aiDAov#Cw9z%#K#V4gu^gN
z-KM5ntS+K(s(p}xxz)(Xose~%^G9$oKd+$MclO=OFqoyXp9oc@Yse0&HJOVLz{%e^
z-WlB4*BOcb`b97*f9$Acj2OJNO6RYZs4!+h++B3gRn@5TN#xuI<PG7grK%EfE}I$L
zjAj8r_so4P>_8v*!ofHzNr_6aA(-I4MkCwf-AYet!<gM@oUOqWM3bTU1bI1Pj>?$Z
z^M8~b4_IyosLH&|qy?i?KT>XcOnMz@U)wm><_^`;dw&Lu(t1;K2}^&?+t5hk#@=k|
zZG!bQ-wlQUi@>avpOC-yoov^6JC;VjGiGp5f*)TCgw5!0bA-=jEON^$Ws`+F=id`0
zN$Sk0sv#RT)G%V1;H86AvR8BD7t?fEhP>~P%o*1Ww_CrRxT!jfri_^OEUy@d9F-Hs
zqAAGM!q!*3hG}?Xp`*oQG3DM+UsW|h<&CPaP0sm@>Twa&fc5wJdG2czcQf#6wQt>V
zUQj?@B`?0OhRikL2=;fOkXsjQkX%y5Tq*YN*pXgJ+XDDSTl8Wkov%X@Uxf}ZhluyY
zZ)y5JDQ8s!r>-hAnX26QPQokEB6%;{JYiav3{QZ?|F#Z0d+t3pTl^tzoqntK`Os;O
zmp=@>XV>?H)gV#-2l&^Xx3Q6c3qsMmSmUc^(U%_#GkF``w|i}Z7RHc5%${9g@WUO)
zi-c#uE=!MtFq`Q8yL|uWogsmMb?t!dV2J<jvSDD)?v-=5-_<h+{163cy8_)Lt?ubH
ziJ|$nSko=?c!GBR_q;$1MwL6nKxE9sr^X1HvB$C3WFJsHIvzSJP^BkTNNIxt_#}U+
z(P?HSwS|=8qjb>NVbi&7XT!t2=O5Cg<@6;06l)>{hG6h=P7~ICFdr_Zmgcr7E1TLo
z`(UG#{tRH==F`Id<j?Ng$ulWY`XK$0w??P8d3sXhI&NR2j6<_C5f#~&aLOV)=Ioc+
zVP{fH%TS~3g-{(V5S#9>Aajh1I5%D5W8nCsW6LrpsU@gi5P!3My^U`-`KnVl8m*yZ
zVxNS?%8J+?*{@PsJ;@=SNDOsIj6yH%R%<k38zY5L(bXYHHXhUdD~6ly+*H#RiaA-5
z0KZNc$JYSC1=@PxkyP26UyzN6Q-nbZ;N!o??PnwMe}r>ch{leXKVMMfG8kq`NBZQw
z(mF>J+`j&AdmC0Lnf4x(4D=$egpezITH(M#w(mz&jia1cSH_G=aIs)f3oSo*%o(>H
zVz3KtnAmTVMM?p(ee?80-0SuP6Tbrpni)usCFqvHAe+DR9YvwqDk%$D9iJJAv=te4
zDOsyI%H%~?OQc4zlrUE1!PSgQjc`U?(x@R7Q_Ibv5ezjLZU}QD?n?dhFl?VBx{@)R
zz8(5x5V?;5b!*$t<m3G$>U+84{1p4L8x72R9nL8ifo6L4LWO7YMPDB4zdzs46TYk<
ziC+5$K#{)Rr@ze3yf`8?TD`G&<apc&*f;*((e==ne|NEYyDoD1dJs}~d7j?9|Mc=0
z@S<&Vd$Ruo2>{3Y?IQJ5=H}nsY}7D)3%}ojihWH;WUnIY)7gf}Wu%I<+)d~}R)mMs
z<f^K$zCMF{$?Wg!CpryHDlsdCB7Kn;luhfPcO=b1M!%A3<2@QvJS-Lq9x68`5fa2?
zlz&dx<3xy>T^ynfoc10rJt0*M#7fvhxJDR@`q?jJOpj>rZ~I_FzG7Ljg3la6mBAmc
z&1A3WqqU_YUq2k4(w-y5SKXe9c^hR^DCKWK*`0aQ(O5nmrfW*BoO`IDZK*NIY|m>R
z-L-(ah>`gfo@k^F-uncUr9;5<#$xie8`9lw`C&8H7rgG6ya(EaX$<=-Gnacc#!(q&
zLT*!X;WUPDDK;VT^EhT<UR`eQ3YR)OaCS9!uT_P|tjD`a*FZ#ocZv2ft9VSAwuW(Q
z7C;7Q^-@sHEJi0X4y;+IBTm83E8rliG80RzCn~JrmQ?pYsbNOXi#zqeJyL@_`H8S8
z(sY8~j}BrDpOh`iD@V@fl@xuxB*XL4Q4wE^PC59qpVmqv&f(o@P`AuNV**=SKHtRN
z?tcoJx-2MEd%C_!0x(az6=q5^Dcw(tX<_1DE9yRFcCN<kvJ9%&M!S97N5gBSXvfGD
zG4VA@j)fVDJndqcvNF-szc-_5s(oYed$B<lA*W@jg(s&r)v#XVX-Raz14#thd8593
z1p+l&iC$IK?cY#5KU1u(cLL!bTfXa=+1CPJJRaE&bgBRKLi0p9B8MrS`tu``y1*~l
zqI(kd=taN4|3v-l4%>1t42aZwh+Q|dxYNbardZ0oG|z#T!@6J$v|i3`5iHf`)Zl)J
zRq8KkJ*MMbsTsQ$0^DP+BDe4%ex*=Zng0ERNo3PBBFWi0I__QRS*pJl6Gtw(bO1F9
z2ba04-%4`l6|5X3iI*@zTC5gWk|ji6rZa-6d~$A+<ms)-#rz8KA}&WvF82ao#~u=(
zav@dxvxq41e33{!z>(zB$tv;B`0tb7STIi<U3oLtSfY7m!Neg)XK_*1w~l&$j@QD?
zm@_9gwAUb*DQyyj@pK-(0x^;8zYedouPgE6`%VdJh{_m*OD%e<{Mr^@X*?t-7u5`<
zo*kIGnrDnJoCG<dstJmTT%z!eZSBS==t;BCA8N;e8Bq|Jncc1dWu*z>cuVaiE$HKY
zgZt{V@j`@RO&2A?2xI0Z&g$7IWid)Wcb}h`GfK|Bi{vYnm-1D6EgiWNa(mUfJuq*i
zjVLs_)H3?SD#}793VBBm>Fk%zz!XmFJq?3~uT40AT1yR`{!=8=BUrenGxGe!DiBpq
zmN4V~RMN&Px8YCy*(G^{ukS<klX0Bk;~NX#@oc-)1OF=rZj`)Hu~Ht=qwgK8XR21F
z2AXNcSk;8Ab&)6YycW>2DS{4cpJkNZOV8(n04Q#Nb~pnxd#1kk63y6VZr`o_W?6Zn
z88@VDzTfM?%{ph<!PU=M0P}<aDIKu^_&dfXSWKP9G1Drq9~iYjX160z&$e!p?2O4N
zjH;tbtoVf_SnnifDV1^yBr7Upt)NKu(YFFStDZ?^Yym^B@G-zpGH%5}B+t)A4Ox{W
zsG>F^MTR*sztWiTh0>kRjsM<oQf?q}*LSD>W2EF4WM(fX&Uqtu`jU6Mckk*uEib-H
zRghT>iNl)kWYEMStHAIj*ET2QgfquTU$Mcxv4||a@LLgczoJLKarMESZ*(h*z(PJO
ze$hpeG#!j(9vcOPQm+%Vns(dK36UQ;UiN^YK6?4WzNiC+wS0mc>8CEn!7!L=!k+#b
z#G%eANBaDH2d0B6)^P<oM?ouTa^wz8l(9k+XoffuMR(o}mVPHTsB?2O6`I6>B`K|W
z@e9@}4aiz0e~xrSIZL~Df~5O3qczgD6ZhpD6~@L|QAitruQ%N6gMps%>AicCiE@rg
z1<A-~#~Bls6GOcyNdRP&<q9!GFV2zm$}?6LHfIW|)Xd=NS<5Fakd9t%X4da;5yPiK
zZc4+IpAk_rS|erAbAXb|3`~4YQ3cr4tsRpbzp?PW2~R;vRMfVWMq>cn%lcQ!P}(##
zHNhpO3Zc<xd{voWDbRenzxfUnNhpBiDjQ$2rng|(YbnzmWHHQ7`kd|MG&NknmkN$b
zsw^z(8q|fxQbHwz4{%C~Lh=f`gk&0E`<iKe=Td?n+M)PW{uFwvmoeXY)N=>~cx{DR
z+>x(|a<~r*<UMh-z0d2CQbHX{M$4TE#>#$bpNDu!Br_O<mmzx;DX=ITv<iB3IDv?d
zed3R$r_fk2{;&l7up<WNYGzZw$RU>rnw$Q@<-DcFPNn+`LqR5xHk>HeKXd7w=z1Lr
z<Lcxn4k&_MPLbWoPIMixZ8D=fQY5d<>oop-wcq&00{1}dfQI4pf~52ZQk%Bnm2P&r
z3blp{0<>onv<kXs|1P5Y6%qlB(9_cJvfC;g=bvee36DWjL{5dL5X_J^jEQ+ymJ;T(
zc5!Til693i8D(`L)y~1BT&2C5XGTNSLrX4<!yU$_FLiGJhxMI(K?oeDRN+Px7^`cb
z01213v7@K{fW&Su!BU=a-{<~BBplqGKXW*LFXeU$j9)6Fc0{@@yy%lho69$^!Zxci
zC8_#T_?a3HcLLLZJ$(b(lvB4Zvo)3sY~|bZ-}G%3OgrIBm(^FrwnBKZOl560FiWjQ
zkKd?eTyp)vl*_lnN!iJhS8fxIg_Kf`)5sbD)Tb!<pI<<!e&IbT6PuEJ+dW@L{+PD-
zqYGxtrUwk#b;n1hXH}U%r)wBZzgBa1FlAuI>6cR<zLeAaomBdSkX-|}#mq&tmRC_`
z)+=t2)OaE`xbx{lf4kgGKc#t@<4BtH{+S=g#YYI8*J;fhF-1*g(qK_RQFRDn>Mgn4
z+GkW)GE1(n*SnIsdU+GNF}?<1Y+(J`GD_jiG%M=Z>ESQ*9QU4$$+M$0il}EC$yC%;
z3or8llqX3+^X3UugedO?9R@7!X!v4AYQv9Z<Rg&lv;AngLIDzPg){;HGT$hJMG9L{
zVlHu&g2klHd_tny)p>(3Xd4y3DzV!Wd17wb({q-S(d&P?9O`+!tFzbIGQ{lIlYOD!
zQLrl|H!m>or@zRr+<o~pd|~bvY_GA!JkP}r548fc1rsr1yZB)x{0GbhVuA@*G#Jez
zzoYSWBRV>yYtfG|lKfG|7w7#u3S{UkyFbr&qjE~pbJ=H}p1Ofql%|Hu9<Kw>-%^7Y
zktnA-zMvxzO?sn2|FHwfW7`fSEJ;LwK|f!on}7f5hJ63XcKY+~X>g-;X?A40W?0w*
z*<&$V$)b;&wJ2HA5B9v<+IZ<`S?%I=hFpW)<lcVYVb8bmNd!)8M^0+_@TBrWqzg{-
zB`{*{7hB=A9QBVwvc}f&Dsl;eMjw6$G2P-xAWr0NpvHqxiS*ll#KMnOHv>vkfZvPS
zg5DUX_YPl(uJsEtoND>}a_#s^xe>Z*zfQH<a?mvq-7h59FLJFu736_lbvag*V-0Rd
zRjw-@W?6ata<JWVU#L)1!amCK#2D6A4XN+h;P$7I)L)2CrLk+CBUy-ij&d*h(#5`J
z#QHul;62Uj?94F&;!fNmDNL*_U<W`tIRJ5+o#@QNu+ID}k58i1PFa<0KoI7qnu|B;
zKe}P-=HMC2jA4}p+X}xuP+FpiAfAz*aCH`$bYyUswfx#X*TZ^fX;@?vYz2Mod($!-
zrqbrZ_$<nae@%(OG-%~cMNt;}W2&*hsw`&jvT<dhP9u^QG>umnS^CCeJ8Eq^lQWF-
z>&w9~dQ$Kuy)`m2k`;GB%!h~0k}z1Ze3E9RSX7YGthOz|W)Gv}=x{=+EMW{eHn2Bf
z1>%G#Z`D>8O%)%K`(c;Lao4D`vjC5+;|GR1n5(5<;Y;;Q`DfI!>b8GR&)dwx(L9iu
z!>{&B-J4GB9=fpI64t%$ab(-sMfHn}+S%BjrGBiA{d$)pi$*(CqJ$jduWdv&u4**&
z>zeg1laFY)w&>}d?30lgKMQqkWRW#ensBGoFsWD*)ASOi!L)Jv$XLEgcEf`uZ9>Jx
ziVcn`Twb*eQCc8CHknTahAho;t`8s2($8Y+^k0!5<A~XJ=(?aV&9ooc|5&)0?#9_l
zUW{hPX=XD9rgS|lp+YeRs<<5@2bUtE*81+ZdRF7ZS6jK!G#6~*hEys)UiIU7L<#nt
zxH4WSlgK3{N~)3|W_SD_QRmp6SJ!pnD^9~JXl$pkZ8WxR+cq29PLnit8r!yQ+j{eS
z==~o17wq#GYwx+{8gnevhsIw=2oZRZ$bmj81X>Luj-4k|#r{dmb4oRSlzGQj)1;35
zC<me{&(K`6$*oj5gK~e>EE#}AutFAacX`H1P<SV3P$734q<j^p&tB1ntzw>kwdhhL
z)0hgy4O2-^)KUZVEk>QNN~a8B@sixYy~VK0!KC_K?YUnm{@N@@)NUrcg9}TMaqZIw
zzFrGilU-4O7lKMifjRs|#JePbS(mRIVAe1uQS;Q4%DdCgJ>S)LfGO6yIxl<qrwfym
z(euX3(O(<(8Vj>6>6lYV5SQsNycLf_j}qIx1FdOO89-dd#0Gr#i2zLwY0^RP`pef*
z)v6#ilKTzW;@RVR5AJ|L++922sNfJS;vd6OZGIP#gG#*llGDi<%FvuaYmT%~s#|`F
z&Bh(3NS|Gkc`Amo_#&VN)&|c5d`uL~Q37vdVB*MKv&VDmE;&S?gkYLT4frA4f4~@I
zADQR8LW2n6z06gSBMjMx@E$q$+4{*y69{HjV;LLy@$c=!-K828Vk0QALEc!2{Zi%F
z7F|j?Nc(%KL(XDBHKJG{{|p_BC+@ycdE<_rq^Omv%PCd!y66Pj&L5!m2*WF9PN)21
zAv*(Kwp(vH?xv-xGXo7X_%N`IhG{wu!9vV{@C`>_i%V2$pj0Ym7FKG8RW<?>K}I^S
z4?(B@G80;il7$|CAs=bk%i))wSm()lS@&>XZ9-CV5{+Yos7IF5=CCgACFo|*;X@Gw
z&9xm5_v!-X#91Y|+h~2A>i^{&J8vAUiJ!^Tc<zr;C~k1#K#k%_>pV2<9qT<D@W2<o
zvF=PYaBxEpO?B{24=p3YO8XuTz*7d1X2D)Vfl_3UDjR`t<4)U2Lz`6Niu5gY&7XdH
zXtPBMqArhijdW?&dTh7U&L8`9;xx2DBSWO=Na;~m35h|EosZ#;W!ymU0In#AXtRR(
z|6`%beh2rbb#rr5@?^vHl9|;qwsCdA)7He@VoB{$O(?}MJNNq!jlp`0Oe=yvE8a+u
z1n3nuhxbz9=~~M=`~`pO66ruT2bl(U1az<C>Ph3<vMEEHh)o)zLRwWLzzFbYUG>Ho
za*mcwbIrf&l02&774g`8b2jQ>NMM&1^kUVpS0f{FrKoFd{(Wz+qM|osyzbO@I%slB
zAL;+V{h-O?lf)45o0tB3v@%wnR8m%$@b$GOe#PFEiNcEY2B86ZKSoS?7K`t0+>E#n
z&0KXG4gnLF;Yz9@^c23ZUFtwfsg+EHO9(p*Jh+I+XCa1hF|mEjvCg0$OS*9x4_EyP
zbq#;OKNh>qusvd^#fr4i4Y=7!;J+?Fk;ZktQ$a6Mcs3;H{Y)~82TLZWr$|u!bUD&d
z`Gi%*i;^giCt3I2bO9}Pt}(GkE-75SKk%U^Z}9uR?H||v<SAq0hTBD7HAVbwm?cKE
z2~5xY<6;q-Mv90Er?DeQ)&tx-X^L}=u`?GTPzc`LOA4a2Idd!kjp#bMYiQp1)ZKkk
zpHNX8@A|KJos(GhH|QN!v3BsKbB9)~%E=t+>$RoUVpnT(;td9qtauDI7(Pvr;bOhu
zDVb7@-l(`m|NA(o2;v|IlA{fLJlgdJ>(``3V|AI)6}_*P1XZ*vI~rl4J~=oWohh`*
znWqvxQ_6q7->UsFCgoFeK#!uHim$1%pC}J+geyt>Ad=npJ$y~wNvV-RdmzBnOi4ej
zXJL+sCz>H|>2D;VGOo4KN*C9X73FJ29(GrJ9qjjgQ;u02;R*u;y+-?flT|ST2>`aa
z#G*gc#Q+gc=o6VHV{wfuz(}Y=QG#LX55`QKDkTyzghFq@L04ZOFPSkhP4<`f2+0pl
z7^jlE%|e|BKMlBfx&%gYG<h`<t73A*m%@#`CF!grsXqi4CyQv~^LXa0#BZh^{DTT+
zLO$bnbrMJVbR%bd$(@?O%36DLAMOw{Yf*0Om*Yf|d0&O#no9aMk^wT@zt+%zd(oeM
z>NY%kTgQ+p@1HJI3{Y7J(|aO*CAAyF(*#-(x=FY=5B>d~%T-5t=)_w!iWRdQ?AEN+
z<lWSJYo@G`LRf@U#;0dJ;^n5)D}`ptZ=tCkIue$s)OODD=o|tz@}0_2waKUTmi{ae
zMv8M|<6Gq3N1$M0>GxXIK3gyO4>>gV(&I$wqzqqr&CFlD?o`r9U<BHgO<%bnysoM#
zo9kJ<1c&0VGgURYB8C>6H5b#r5DwINI9tTR-Qw&W84!-)WK`-;KelTxr%U!vTgp#~
z9y_do9+xIX3LhnK-SpprKLvmgU0KP+)BTi)AoI-`c}KMLcuuMdK(Rh?rftGju#TVA
zmbptuUt?1FjZ}#G|5%jhG-rf=)Unn}2q8`gmKaNwdb)|iL1&uqqy1@F^S`5`LHe|w
z4m;Z<SVnGkK=1Jot_d}MDj^9a4g=r9_`%JNLby=kHv<lu{66)xcf|r*k>r+mUIqpu
zNqg$!%n*wp4Pkb2{)?3_S`_h)59Zh|+&~86h_?bXLavy<pJEiSC*&`dmhb)`&x#S6
zm~9yQB)7+0nf@%lU;7v84_n=U$H6zkba+1dBiz%Z2s^pW8moJR(4yi!eq*l?a#i(-
zr)tSWb#4P5hThS%u;3qn^53RTzm>0nJ2WAAl><>@U4@UCQc&Uo1O*Ql@fQ<ct83K-
zcGRnRqmc(++U?52RrS9tkdV;BfS+j9F73(XQ%!yMap5ZK<qCPB5IA%yQw}>DPHpsO
zAe#@(KO0*`wfslS0SedZkffWt{=A5c%5YR=J`xxs!0Rrg*aMJIq~f1!sj_<4YVpjz
z%&j_fkBI2${j;oJ<rO!1$>YYtPe~>picrD+X6C9PGHRTnl#Iht?m6iFJ*NDuzKvJ(
zj;n)?R$<qy$-`pVob=_6!McnBZ{e^y2Bk3`ePjwdEK>aG(cH*(k_5hsubM$;lu6qE
zrmcCp_j}G+LZ7e%u^|lDM!1*6W;fnq^VBj^k?>IWsD&ZP9nZvGLy2ma886IT)mme$
zEMR&I?2o_L)-Y*IkF(>b)jwUdnJrWiwNndj6X1~sx+H$z^}E0vCn)}8DD4dJa6{{o
zCIypIYB`cXr47WAW;RNMmh$jv^P!m8;$S#~qws*cqsR#zI+Vl2?xd|Ax(R2O?aV%!
zJ3%D?fui#-|LJs35vqK%F3*V*sV1tJRfS`4iF^xasF|su7B=yxw7--`#rg@4Q0tQ_
zPwn=6uDE>=)f<D8f$c!?m9#^9A6H#ugce-RxK`U?zHl@7k`D?G--ab$u;mB7?VLd*
zYQH33lM`kXi`)LVJ~ZpjQr973ji=k*;;ITvAtVy-Vpk^H8!gK=1zu{@VBpZ#LV`w3
z-y;hrLTE$H;aQG=#m}`}{bBsC_Zzd_$w}+eMrnR0N0JN2>H-I1Z<iT(DJS8Wm;g5v
zt&8i}^(~J$#kyBIqug({Qt#pvU=y&c9C6{(yn)(`_1x0u7_hy*X@iT{D>W}CZmvy$
zugkniyPE8+`+IyAL!^1{y;lemw!!4ooTtK)dm+Mz*C3Hdvrk3g{j|#jt*jg(!h;;5
zA^eA2{8hQ_tXvj`WwfzY4hn{K3+K}FShqMPEN4AM%ueXbQ#S&XB`zA2LLp4-!D*wb
z=I$LiWHJP^Dka?PH;jeMBsFpD*uy(g$vp9I%h^^=D<duL{C4*+Qk277aQu9K15k`+
zr%Z!FXCdbn5Np+iu#hSUIi%n<79IZS0>>i}K8mivN!@H@VoxwoKMk)_V&Z_UXcI{{
z8&@c40v;`6dDrc0Hh6R~W6<42`99yW!aHPBsWZLB<HCvaTN<>YAAgu$05JBMP<}dM
z3rYYYyKDCwciXRDFWD&(vdt$#N+zVxjHJ;1aNtsYQotc@r}*sRlhPOE_YkJD_6vN^
z3h#%igx6nF>&o|Bhi7$<E1UP)yU9KC2PWO)5qquZL;C?7GVL5|<wym1Kdk~dZ{I@z
z%x`GBWJvTY12Vv4LiuMO<=?BaW33`~zolz*S>-Dx9xd*)Ka|1x%a^M%sstX2(}g1w
zGnPfJCNvNj_CzQ1l9`58u0wL??wBIN@BXm>c`7tIEib!&;{~q5U?2@?NP=hEc-RDm
z8LMlKisyGjpfW^E@%&Qe-x|<2G5C&d#O%dHN~QAy_4{sBb$E|4jy7(lGdux*8_9<%
z#kNhV44C!BC<80sc1j!RuhRL+(iM}=nWIcw3~b${CsP0cbBZ2Icc6@r%Y-x;1mJ0Q
z?M5ZL*xW#@1&^;=wf^~g6gR&`<<*^Xv6>|(Vm?LE41pX2Wm{)Q$O?&g_HSspq@-+G
znu)EEc|5U9wmoL=Q52j!H#}1{&f1!vD{>Q6uoN3Vpt_+ArGt~@!;iNjbl5e}+>I-$
zQanW~p~PutU`z<v$61Y@k+<&bKxrLFKI04O|FH-S6+0ju8U*iax8Ya*HuhthP?(xL
zieM-%V4#y3K!NycIrQbGAyk&%w;y)q_jg6AC*-$5W9i^9QB7fK=r9Kq?t{`+$Rra7
z5^iV-Ca11kFd-X8<f0&&$Y%ZFxGhU?MLc|K2h>6#a1}m8qS{-I*kAR9#EG9lj-#W`
zsFVsIB;Jd$)j@F@--+Os<_K#axE6xHjqWBSXn83UD0lD#^1&zW1DuNdKmy8i_?4I1
zmN*E{70`akI}i(Au@Mp#5N~#(q%O18^Cx8#?{)!r59of3f$Ev1l@QPtMH*`^vJf3q
zz=2q4douj^m0xL@A4KS8Za@jKZ4t#K`WdBf2V?nP-8rv3d~{eGL=qHEI)N3T1<W|c
zFXbN0QRLWx-gF8P_?F=FmPnm@WxjvRjVtq^>rDv(u(BhGefyjj!O-S;2ji2niykbf
zS-KxHH$WC5%k0K(XmeY0<2F|E#vm{|u?L*gPs1)T*>8f8DrBmmHq5hfh#S;Wi}bB%
zAa+m1;sW$!6S{Xf=_Oa4ROrIordhxQOg0EZ6;T4P{PYlx1+=e;zI8$+wd6izWGbkq
zY@y2Yf_Hhi`8l8&t2(%X+f6KM+`$fO=YQ@U6k_qKbHmgIW<ua=QHJR!?GGW%9nnJS
zES5(zBg|N~clP6x_fyCleC}+IDK8uP>xb#4gLr3ClKj(!AoR*4zuk{&eu=RQ0bQUW
zb6WD6o+8uB!59+1_)K)FW@NEW*%aN$uy3|t{MR=Eq(>5z{o(xuf-4xqbJR~Dix~}7
zC{Z5dSMfTZ)+QCq(x0gQZ7`oOoi>iCE9fz&LFhLjASLwd)EVPvtw8|=6PiQr=$`+S
zsjC})I0z`XC2lPaEuGX1*YMl18#sLyS#f%NV3;7dr%Ksx{x4fS^D)0-sP{1~k(y;(
zb<*LDt*{Bjhy~0jQbWmxB-o#;(dDvn581Nut1mMs@i&Y8614e<H;LfCN^ecMHjcAh
zFM$iOEK`RfjT&?C%r7Vf!I8p;bGGgloxB&8E1gWFfl#4M|5#wch<#`}Cyg3!Z$gf{
zaU->#vrjtsF16ClLEgWyW?H;R{$Uez(hBU@n9~g0r1L?4eNJExuEG@XeS?*Z;g^_A
zgswn@eOh*ax3o5EdvI|%g7-4H{uC3aTyPc{TxOv|#(&$no%iaQPP9KT?EFCwBLL^$
z?+MITQ}uYc<UitbB+f0@b`<a_i?ihCSW>P=b{1(?SG;Zn0OMP1+7#lzmWsL(#mc~A
zndQ!GOM%2b-znX$4TOyN!Qk+qL6C%)Y}^G&KJa?>JpHBR-a=wg3%sNwHH1yBqKbP4
zSs)`S3DNSi>&4V^kqp1Vepl$3%{aZw@n?kL{E-V*q6}w%miXTcH!%8jb_<EPVE*x{
zX>cn!j*17~JOHu$w~>C#@yRij#~;-G^NKVwS5ih&5DYIf0b;Lii`hD6fc&i&suDf7
zf;>Z|=k(*$nCd=`12+b-gjLV+wA(_hAb~LK4*sqn!N#ERoC&lBxr8rpE-6p#U`2yy
z>}HHpb-n|eIQnP8l}-!X&6-^9@OW6RI_$zYojZ<477;-Z2<sVnj~*i8bZDT1*%VRX
zOz>-IjDi^qLA(=B6s30}<jPg9iPd&f4L$;qy}JPq(%5+_^pP^0Mr9FLT50BV+!L8>
z!E|3iiDPV`cv%vPfw3jrFrHuyOEy}~n3<EJrveXl%_X?svSO{q?LS?Z7l<ujY4{3(
z;~@N8$Qj$mK{8gi7@AAZB`m}%WRz242biJ3GqDBUl#<;ogX@>V0kg_-nR*Z~ygPmH
zQ&jrP?q<p`q4^7rF0t&dN`V0-OeHn>8;(&W!xL6ZLAF_Nd+Q(*40&OvcRh6`sYeKN
zbFwo6BOl4nN;DyU&_+193yv0mF1|JVpIgNXoPsdp4M4D{?{ZFY_#(x!vq^peOy2Tb
zmV{tPW$pPafxL^s$}>VLKtP>x?7igfI5dnfua6yYA{J8u9x2Yg)B(|Esz^qHCE3n7
zyt@{0#xkm!x}pfmy%XGV?sm`;SE(~k6;Y;6kmVXApg^`QA?)bEjWhKh3s~}LSMw}U
zh)Lky5PgopU{o91oJ^sTo`lX69frgO9eB;{2aViik<AYM&sw41$s7b8y{Vv>`aBlY
zu|&4!@#zuy!&x{XFx1YM0eN8^KXH)a1vmyW{4oa#YS>!=0e@jRE&XYk?<iJqb73$O
zvqey|GuFbcj-OtyT#)9`(tlB>qFi^HD5%4U924YQEL9~02(hE;7!WYV_-}=p3oFZp
z`Hw=lppYzJdyI?`dYEwIkLfea!5%DUR<`EQhz3P%PjL}tIS!CisK5?4fx!@z%tGtS
zVVLV7En`%+wS^oGfH~nbV1_3fGGi?!kpfJ$;|tGSR)I+i%PVB!pi5KY|D6?K6(gU;
z9I-+LGF!kwE98?3*@l4}6%&DWk9~OkGy^89*K!vtB@OvECizu6awjM!FGy(!`}4E8
zOo^9AF$3m8D_7MD*_nGF?+&Wr1Rps>IjkujSmGTUDW+60o)8nnXK<uW{HP)7uYiA|
znE0_62*k8gRhy{)hWwhNuK>Jl?GvCYbKC#~$y8en1WSGZ<Kp6(!4l~6W#I_@92oWe
z3g;buO#>o@kq!c7M1+1|mDo}Mkpn==N0EV2$?Dw@?}))W!|y?2NQ~;11-$@*IV2cg
z@ZE0#!u$L?k1$0Tabik2KT3#KnecV9NkIcN@ZhE=e(5B~#^G||<Hh3_`bzyb&ko9@
zNtLJVT;5-t7*?;w!$%Ot4&!f3L?U>YdHZXGf#|7_kZvHiDhhhz{*b&IB0jXlZumsW
zRG!Ko|EUk&WY7b;F@QqS)P_vxTm~E14m-rbMoC7%g$(Kk9jPZ5g+#^oHA78a&P5T{
zUysVd&ER$o%CUPT?Kpef|BY@lw|1vl%rv*83kc=k+iE`2J69bbH5hZt2DWMJU%)Uh
z0#hyUU^b+njbW1Ko{4PcBBq3@th|cq*PRv=Pr@L4R&J|=IY7;&Hhvru3f}Y=TAkaL
z!F)ERwu!uG4gx7j#N09ht3aZTS{yDJa0We%5iqpP+rD;|CURQ}|B+u#PnB0V9s6&M
zJQ)=DzyDNz_Fo7f6o$$2W^=5{6*xz5hvhl4mw3%f?08joQ9Pn+Qfe}B^Nla$my<bw
zIs~D(djE5yEw2b1q5&mBUMbByclAAnSG_ak6pts^vh#M+``m85Xz~5*-sQ(MX;xN^
zm0b(7DKS75_(Aw0G)m<AKG!Hj!*7ln<io+W%)IDxZJgqwfr$m?*BdpxEi`!9`k7Zi
zzCdrCMq=oq%;5DwI{9Pd<$>#xG+|XVWvGqiaW1mp;OETZMkk_QOvutsz^zQv!bYbn
zUph5G@&<JfC`jDWO6`wY>Yt1qonhrQQV4;Wky}o?T;IK>##lvgqR>48&H(*e@u)Jl
z|IMf7(}R<o(_U)R_`gW&!-?7+D#?SHjiX5jFc;AJ27M5jvy<vmtVZL4YoPi8K_^Y8
z&<ajw6sS_031=L_k=F)V$y{&HPo8xxzMn=5+9hXIWH~3wW$&M5I!~xJswhiGJ!W>X
z{S{%cFc$VdksVK!2wmC{h$_1PQU07oKI@E2;SfP_ynCEWDg`5I9NaOwr`B956*8Lu
zM?k?UD>zUeL4f|Q!_a2o=jqNa+umWtM`RYstEa+dSa69&N`MDRBFL16s;pj&Sz{<T
zREO#>@KVS&5Kim62MGdzhJ^70if*S+moc0VL90>h^lUw1>Z>aoE0bZen~Y}u7AGH1
zoN+e$rwg(Ih9nkHeFM(*2_prHP(=z6Jsv&ArB;RODojJ@ZXyd4-BIS$v<xW-j(7=7
zpdVNTh{-iC1k8`dyge*w<AKrW?X6~bLU2q>Xas-5K|TJzdGWgTuHo29ARr*&egTNY
zXYarR(!v@lw#)yGov?ov$8=vO=)sNMZ7FL`gzOyJ{yo?$=5^k`5e-jNQ|D3!<b`rV
z<%i@(y?IGAZ|36&GRpfvK)Cu}5YZv;TGYRuG4Vca)Lrs@vlOC-^uSHc;P9;W8fL5F
z^x03+)y1DjTdv;{`h0f}Md-oau#1_!L$oOrOBVWyvSH(60*fCA;h#7zIT=2adYO)C
z-$Uj3HvNyqki6S0HXko#8MCE0wo06`EjR;FZrKegIvZUUd$S6|iw|T_m({#fSiB1c
z0N2t!NkJR5dfetg3IhZ1hr@kI682>q`_nPJ5<)n*+8$I-cn9kt+Nb<EX@k^E-1jOa
z-BKW<4yL5efxFm;*UEYO`wJNmW-|z00E|3p{D<@tMj-+Lf9z!%9zvhWO^}*ugY9*^
zahfe4vnafwGBpv#T7pG*w`OL7Or7IHVJmdY$x@Aj!hR-}=LpRcR2sR+?F79TrtPGW
z{&PC1CAK`->dU%9L&z|whJ891W30C&*I5!U1Lq7Q!$KbPE+~Q}Nu+v`0r!ifyyek^
zD6O=XeiQz`oJJA#hPtsD2tQ`&w$8;`V(VR6Yvp`4W91+Le&zUG+uy|yaX}M(>f5G+
z92~*nm>^cxqxmO==Gya^E0N}emd4iU5Mxn)mK)1SgK8=;a~q>E<4GEZ#*V~R5-iuI
z9SIhE!5kg)Nq!WAVdg~?q<-Adb#50(E#<Npp$QSB5Dxjn1e)wnI$My4MS<wC9D*tu
zKDaNF>~Cy*mO(}r-39T5b4WB_uk|Y05y|KQuEHn1PBj<TQX4tdxpFejJ9g0Nd{3+R
z%<V^4dEd5UveYti#X*MUc7BX5fZD|uDOjG{CxrpDt(P^V6q!RnFw+1?cibwc<<5R#
z1Asio7Rj*hzH0w;(JRAWy%z%T{giFeaXgoHFPlBtyLDWr(s}*0>2W*rpl$ncrTcL!
zx@}R!_cmp{yWPjhER01WH>>-Vp&$zZ!k_U@6k=HG<cSn7E}Hbd>bt_GhMl<ZTO6Aq
z6CH4dj^7>%18Mow_gq!?ovPE}V|DX-I4MdaiV}^j<(7kQ;BY7G1q!yM^NkFMkpKP+
zlKw<N_>540WUp{Nr>OA&5kZ2*W556c1YNXHE779?^UDSya6u}CE-fiY{?6=r6+Z}V
zboa*ADZZnc<Df1m<l(n$P6o=x2IpDmu60D;1CWV{5_oSzR~Jeo2{&w<DC%l#6p^P0
zy{Yfa>%h@d<D1}T|HtA6Q1pkHIoWLY)J#br@I)i0B!wBJayDpMw*~UYlE1azP_q=S
zc_bV#ciIK02_PDeGw24Q0J<amihq!Oz%#q77&VOqv1te_;$>|9YT3^PruQq9n+T>$
z4eVYUHD<88z|oG*GE4hOn$pBw@4A7qVA=@!KQkZW8{CDT2xz0Kt3~JUeIsNrCfgNP
zE{~C>V*^xhHy<_2wjT8q+v=>OA8>%#Mv78VS&ovcCd-zqL5Zlx3?ww%M<sO+Z10X1
zv_KM&z*%#V3e2&f`PmTUjo)a%d2r)B<>i5LK+TT6`lNcxXpUVAuz(DNi;qnw%l)1@
z>&<1zfK}##H0yyb_<8k@MNx5sl&RkP^du?guYh=f-ySvtGGLzLtDssJKYqy4dN1qz
zI1GL0II8-*5<%p<iTJ#_o-|dDz_hBF9-VoX_6AqeQO{8Vh}(FB*U?TZOWwY_l<_QK
zRKyHqHc}&3OJ}llIV(H0x;M?zL|9lG8gMj_{m~}YL%<008eF*Mw94dP6^9}p35=<D
z-<ybeyUR}b*l*2#KI%|?+a0Vrb26#yJZTM@JAEj#2udU~w*gtQ#nV)FPAgOg{Z?B+
z-m7AxU|5<yibZHWA2yD3=4Yf(`OJj>sVX#lwnheCLf%Wwuz(gWAf%*OtvA!wUr8%U
z#pN<_wgL~1EjO3gSditQ`;SEe38_mX^%B|ukX|X7a-2b&rXUatP-tEv3?^42%Z*6%
z)FO#7g)eq|jw$O#7|u!`^4%(z6I2;`H66_4=xer9>`as<=IC*|#ZEvk5FRD~)Q7ri
zgEz7b=VM|U$gzxiqe#~_*H^?1DkdvDeSq{p4-kqcQBPLqBlJ_&j`5~5>tqrvWe^HH
zF2B?CoozD*YaQq2y?7_?!6V>5^q-&Xf0?UBqlOV>&_79|km00El51*>-(rV7nv<g}
zDJzt>1@bF}LTncU&oJ7HAC*esi}<6a4d)nQwz2L*Usek$tmP9IID5y&%#&LV^c37Z
zqigrMCm&eIrBSG?l8L1>H7ftH7?ZsvE1gR9Zbl)(02lLH5eIcvPD*%Q{^%JStHfQ6
zJ84_ra6U*NXc<S|!n3o{!dY@PGd2eBD=RZiot#`n=d3wi3dK}Jku?~Se}9)C1o%xK
z=X;8i2>O%9Y|Rvc&ewpIQ;RA60JY>a7kW^aZ5D-|+FS~frWRw9Rm2YPFoLT?O_z7v
z$@--cL|oIAPfKTBIFAChsR1dZ%K=HBh#~Q97M1XKTY_t4$IA+p&SU<lPRlE-?$P&P
z>?lZd-M71@j|)k3G=Cso3;M@Hfhw=dmT-Clc|mvb?~RPjmyAhIpH-4-FSw4k{?<;P
z`+F;my1MhG&U@)ao!g3a(}}>pqyJcBKTuWi@r~wT^gdSUe)f@fRO@g`FrpiQ2ma-c
zFH}z_CzF-h$gAwXK<~7>AN9RXqw}6m_I(xfq{nD`j;i8w*&E8@dq1}QILP>X->h0`
z{Y)L!nBa6$Zi2Uciel68T#tI(yydqz`>xt{7EH%kycud3x_$e3v##mukTcu@C|WL^
zAhYtlZ>ZA1hqL|IJ~x-C^4d2><gvT#nOU>c@iZ?6L*!%r7)j}T-s*j2wbpSPwtYW&
zo?KEUY&&qKv%epE>~KBp`1zR9e^t)ZsQVE=Dzn;NP<h7V%JYQ3+2&(RFQGvLu#<zb
zAaI88=Nk3+lcD5-{b!hn&wq$vIEL=OGlA2~pgCYzbwkogNRCJb=h;ySY?dwij&;Cs
z2E=n*)EQ-*E&ZYq0u+ccm%t1FQz>3OmUf7+j(Jf80C`h927MTjn6{Ayg2M%RqunVC
zGPm%UU%jx9bPwNt-vZc2l8?C(`JR1-UFDqUH!|AS2HV?}7*iS#D@XpiVNcwv2#sTb
zCvacnTaI>jYQ!40nhDhvDT7!N=~wgZvs4TqHeiG*1n<?EH(6qfL8Xd`!4@n6?3WD)
z8@WR2=D>@AO^%13xK)WK3ERqKQoJq4DNBowr6%k6eMK8JrT;gO{kL4(d}=`6OmgpZ
zTC1zpizHp^)AOXp8ZVR|pubRqZq#mY{=eD&1Y-uwm_cRjx?SpVg#;qGm0<PR#s;RM
z2IJcW!=Ew;Y>>iEn_nNcXfl)>J3j?v%rOgRhhL|D^4!B8S~_Mh>_+!OaFBCSaO-$j
zJlp#k?|4yekS0NjME&JO;!`v$#aP(2vht-6EMrn+92%hB`N`pNmtS*PBH(eY!-qN!
z8qw?UY#&eWowt$N#n!F&KV5aMU%tWtz|eJ^&-X%n-+ju~U$WTvKIuMBRKH>Zw3=Nn
zyMK?b`#$YyYQgwE{#i{{RiXO~9{spN%syLse^sqYTV;BTSM8n6c~ltL8lgMqvAeob
zq-DRX=&Y%B9<+Tw4*f7Mpr*9^wl5?sOcT~-|8I>5LC#Gc?Dwm)it9uluUKAw%`fWO
ztz@4!ZMqCry`|u~zB>(8xNh80bw;Y6D*Jw*`^v5{LWcIv>wY#Yw!cT6pH}8zFg@QQ
zc0TT)ccoNe@je8;r|^ERb$%@U#(%52-F!NbcDLQA;p+(Zr|R1A^?iKid!_Vxd}SM>
z8S6Y>KP<1zn!V^9Z(8b&!Si{RbnUphS^T>8gjbc_^_ouW?>n4cz+uPL8MnXZMb7K8
ztd0Av?fc8>rt?Mt)Hb;*0_XVx_NL24na}YW-$w!6ml=Xsoa!-D*dg#K=xEM(yLFKP
zbM`JZ;WHwh!1_*5tRq<)^AXj`F1D^Zycn7em}gS_j|G32gMNV|v#{&0BtY?-UsxDi
zVAbj`ub<L0xi1vokmM&Bfqhp_lr2r%v;MN=3ZF4|+Xgm4_`oUu6nC-NJ`CbP2!ITk
zvAS~J*>$4!@0n=DdhZcZB7AeDKW7Ei;p}pIdWR+UGgH(`LGVFVBabwH5=;3&_YL7Q
znF*-C!e;p2p908CRkBD%0Q}sEc>HaRZuxBBnLZr2DqFbz9V5R&NP7pyV&yqU6U0Hn
zc(oGt&C@Za1#k#7i+c(bV#VJfGKmbQ&3F{&fjA%rpg|2~<Oxi!)~#<Me6GuMT5Fmo
zprHILSXJefUr*-R(o(f^1&tktczhoTnK*KS3U>z8>pvFCQT%mvbp-}A!)~)h8`A~H
z595x<Cr3xa4e`y5w3CkfB_k5*u4+9)zhO#t{`6rhR~)A(okS!rF7V=fgDPu+1=I(W
zAi>4auTz}J!V~#X<W3rR5xgwX{rZgg{_d^mwh#Xi9^`;P|FV$%;q}^O`jv!Jgu+xz
z#^<vq3^R4H4=dT;)Op%t>t*_O==*}S<)sjVzy3Oe{&~zs>$&ZC*>-!m@z{+xLEDqD
zdDGnL)5vD+?BjH6t;yE;d2j1B(y+Km{|Abc-xBXDTFrLdX*R3E<ud(pjT__b=5@3F
z^>mZ{vE_1OTH<y{uBX~KiZFZ*iSr=nX7^_bd{<9V#Zwi^KNh@-ET!F;OTJHADV^H7
zZ;rz=Ma#S7<mM9R2<>O{tyS*~Yu5>yK8F>y9cK_%tC!6OKbzL}ao$!tz4uW*pM2jB
zG_zfHA8r3M2t;jWh}o!hR~t#BGU72>Ekj<uCt!Epo@dNZzix~d`<~e9KAuqNTrc|G
zUN^Pxf?a-gt<rUR4SM=~78HO)FG5aweguCWwobe*T87|1mwi^zE_1XxkB*Ul{ar4-
z9#1zu9y-D0$ZN@8YS~E0=(ynOhh#eLR|V6jUpqGN2rC-SFyLVN7v9SsLyyf#iXpUG
zwySISge-iBE#oix3|yE|Baz-gsDEU~td7Ue=7ttP(M}+kQw{!OF*er0CT~Y#wg3wV
z1ZsJI8`M)bRzS#t4BT2`bcn~;^+e=?9LO&pDOJ%kXoz#OFaouXvtEzY?awo**S|DK
zT{a03B(Aw4Rhhh-^xHQ!W)lot824hqe<0d!7x3A#4=w=&<qyokvnx1F$KK82Bn49F
zaDSA!yYo36tI-|SN`o=Od=NwrqToY0Z_SV}guG#<3dFJFgMelKc)jDq!{N4BDsBS+
z2;v0{{g6X#n6oEmbv@=`KktMtJ@!v^=T?J~7YF*o2OoH@y514FZ>~0ap%Bq`#SNq^
z;27(iD=SZHF)FHJeqs**Fc-gem7`83Gg-xSJdg3knZ6&D&5UT#|5)5kZZsI0PuMlo
zv-7Ry2#Df)na~A9ZiW56fXdqCmn@)s$U=JG3(7+M+fnagmMlYt&4W>G#iE2r8DvQO
zKHt5R03<^8x1B49QIzxxw3SZ41`9S)XX)$<<M$J#1~BH50QP&q^}OT&X<G0Ax#i(o
z-KWfE1g}F&RXVaPT&7#kgC-o0qqtDSo@ZGu@4<`ylsAJ*O;udJkE?Db^rp*`@k3JG
z&#cwS6?jco>q_l)h^Gg(MVr^|cE@#G+&cCI+V|I#N<4s;(=d~z=22>#_oy|azV3_a
zW38-MqXX|@2-1)rn4ZknO+{rc)LnIS9=~Wpd!rI2-4+riH@<b`y#JT^@OkrW$+iCA
z>pq*d+0xkZoR0m<ni2SLw6ucG_t}2y+IwtjQ+Dz#Ed;{=G}RC6w5!J72EDR9t?KoG
z=KUdhdEx=;V)=9TbqjMc-Lk1gi;S|dCd5Hli%dQJ?c%cC<&yDj{O89XyaopiD{{%l
z&GyeKK96@&^shJfQP5TmJGm8^Q@k=##`H?_YrNnWB)Vf!2fz_l_{k&APtnBqQ&)>6
z%Ba<wH`FzY6;4*#k4@C@DNl><z;pd(O<x}<-;k%9S>UkDvK85;YnV`XNzQVf`0Bjl
za*b9tE_}*4s0hgP^1Fl(LP&r_IjYScQP&EYxX7eGamIFw9Y=P6Cf~s%{?i4Qu#Cb;
zZC?zSA9;efwq`O4d$(>W|AJmo<01r0bbvJ6$1tP+4lDvqcVSjAxl+vTeZYr)h|)7;
z5e{^_2@(~ostU%s*nGTi-=9N}zOS^tYiPy&+JQ+Fr+BkZ=>CFDI~2ia-$?+!$JN6w
zB%vZB=IaZr-9#EQ0~sNavve0_K~@V7y_wvHeHBFaIK<eVWny{7U@z>%#_a&x+YE#(
z5ApewQSDh5nuxpIXZL-#M>1IktM$o!3!GMR!nK_mnqCD{5MZpKjI3aefGm6$Yf8PO
zODPM}<3@3k-OJ3`uwK5|!cZYwP2JT`JpG2!?VR}J<v^#>ND|CXB`Fvh)~(<li=ZrE
zI_xOpezMYa*kY*j?#W>Ov&{jX*Dq)>SeTsgXd>+$8AYZxbBj-KwB*P(0YW8^I~<v8
zNwZ96N5?t@J!ix7V|1SHfQ_3*D*oCF{hn%XC>&nM3>WJGxNQ6BnV%mI-rxMeC~(GX
zAz))&xVY5~{lH>yWC)1qCpa00-PCZfyJi+x$$aP)Mn<E21Je8pH+hKjD@vDrazGX!
zPsJdCCs;Rau8Z1;yk5xJzRQZ8?-kgPz1xzy53n)tTaBweZSVECOxjD{qA#1gH-thV
zATXLX%W3-nCRoP?o<wje6cAu|*Gr@)5m@zO_d8|-N`k*ofKfH1V=Dk2OGQJ^;vWkM
z<b-*&*r)~<7n_5%+pRKP%`7<WR;J5xLl?()X~d1DrU3M8pMgrQi#9&V834~o!F4u%
zP8m`UXvu{cU>{1_>F4}5N+o3(2e705zGl-|!IR8O@efD3qQd>0IBEnbV5nxsfR`B`
z61VI#Yqm}cOds+Ot%yrsbY^f%?F44e+>->7L0>u&1&g^!0T|O90-E)qr?6+G`eKsr
zY-wp}3sHijUGdOgqVE*0TgSG6k@mg6`I#){m!fs#XRmfn=aVBUqMt4#V0w*);HORl
zatY_$U>C`zX|SNp=ye5<4f*>I^tY1?T;<%9L2d?~Vr_Y<_O|2~2K$H&YmnRuQ*n9!
zv0zSPKZIW5NFn>f0EuLYeS&z8(9#b6%DhGw{j-7&u?cZfkl!vEs8Ff%P%EkXnvQ<C
zR;QF4INwbno{&JU8ja5*pFH35*7I<#S<8)GUR6<r$jZ9F3K=-;2A8ZTXlhBfv2Vo9
z#HX9G-&L7xtURx*KA%vkrFO>s$RT^a{ys$Gx;B6A^lRnCYPx!cGv|!TMCk8^M(77P
zrrC_6z&p3S92JI|0LuUonh{exmDLUUp0MC2CZPh!Dh6<gBqWTvSJsk*gn;InzaJ|z
zAe53asn_$jniBIj<Z6M(wg@`TzX&nsd`l-Tix@V~%fx|EFq9yWQdc4P%C7Hwv@$pZ
z5&zw-;0WoqRdcf)`ao=q0F9!!Zk!@p&Qp7N)gy=vD823j<k`XM@<S<vNJFo<QPe8&
z=Le2K#{!8KC*1}VV*uQZm$BjsjCwRcV@peH-S(3%u8qHrgVDhs^zPI92MIYmf7{v`
z4<py%s#Ut!^@$;68!v-i@i$BGc<h4W=PZJ`M|Zg&!5PCrO32W<t4lP^*Y<em#p9on
z?<bmFT4y2IJ-%L@vaT&O&xnzhy6fz%oV<HO)ac5mIW|DJV?vwN-pw7LO9>*}MKU(G
z8k(-W#(#<00Wlr_*Q9PLf388KER2m}MQ9ht<O<Us{;AZe#2z6`nh{$Vj|90J1cE}4
z?lEEipDqp+f>2LU%Yv657JiSv+j#m^Zl2yx$;l^KViyn(sv_nrso_bLi`eBS_cN^s
zo8bbC)J-C57G7$DYfCE}jhsN)k7zJwP|>6dT%W#Ewf{1arAAls{Hh-g$k%>uAC!v+
z?hrwDVVlenKmUPKzs>|PfXI#birNlr`PS`<ltsoJBk=pk=9kT!U);vXrw(zLj~Ai#
z${!Q~qhJsqxrj2C3{vJkiTDlmZ35|G@JnU_L3%f%xss&b%amAqHAG%5B!P(Mbls%q
zewj}P6IfZ<&mXFV<}P<bHTx*!n0AlHttrW9qYe&dPjM)NG0`EX*nthxFJIRrk)fz2
z|6vFjl<BMe$6}~Z-Li-eJT+1@mLxHidlHFqTuM1H%f?|K+nPLC_0s)GPd%{%7bebr
z0>-0EydMih<;VAx0sjkeE2~_$U`+lW%tC~w#Kt~!EIZp(W}LxN#t}qy5c>vO&<rf%
z`(o%Z#7&F@fOP&JLY+bM^T^AhWT1=yGKTn|VJSdw_b}`P-)VnJ*I|d(&eL`G$q1y{
zQ%sfiW0z29T^ks0Q@4P&s^`R-1c0yoePh!5p^Pl2#zO-@kLjS<H1QkIt}<H91W3kQ
zzHiMMXR;g56R`IF2_IElazETM3x~vrj$LMYw((G#Qna`MJs4djN)D&k#N;_E-PCp)
z#WmTvb%*qW{=YK;>PZE^%k`&T8B-r-O1LiP&5z+?-urzQ+iA)&k=#g5vSAVHz(d`S
zKYBDMX-XR5;+jNyV-C8`Akbn)+!90z)>#lo^()X~kz)uTnH8;BK9JS5jgUqF`AN^>
zSjf3E7;&D|f$!ho^KnSeTb**J!H&fA#kb*uMG2k^xDSrCWfca0?-Y757=-BzVEqld
zCbM7;1oX@*8}l0?g1M0=q1%C)YDwSQ-5MOe)yZ&KPDU^Lkc&$v8<UA!3??;@CsXFx
zQw1iTB%I!l=z%5@Va6XAWk0Ira3&ga<Qst#rVSUCTbe5PN3q{3vVw&q+m)j1GzD}m
z?^J+{X~3;{QSkkLz80%QFdQer8YosdR4mq{ojvqRSbz7p@Stem22AcBuviz&Yd?Yi
z*~jZs6i8SpMntu=;rUsbx{iFWZNVN95}ZeZM02{Q-L&QxNVb+pzma~6BcU4U7VoBw
zr~gAQ`RVluX9X=~nC6zg2d8iIM0uEV9YNPwxELy5!>W!wJ~58R<8XHrhw`45#$$Ss
zmX)QhuFmUlw59j_r1#tx_Y<GX<!Q>!+uL5hBk7P*f8mlVB)`#y*@4MhMsbW$EP+Mu
zlzn{FeS=h{$vWf95~&RpLmM;DU)bnp7IsqV5MM%yKvmY@cEXss14>9xTufmZPvLkZ
zgSDVb0aLf)y!NQK7XELIq{8M~`p?Hc<R9^E;Uwg!=A@NEp^wI~NKeGD9mpj#^&rJy
zfO>YH^9zTW0V3;^(8P!xCLFHsOf&CI@jv!o5xPuyZ<ACkw?p|}hA-QnGtqS&mTxwy
zis!)c^D_(G2XHyPw)%QsxAy7WSELu$8f!I3)fZP_fbne&oI2MtFPRY&?FXlu*fOFO
z^(;$jKJ%73Ghk2Kh?n%@lBZVPuU$M8*p|}DWF}))rxx{&hi|%Gd+@!;AJ@COf@cI#
zz;2GwWKX8s$Bo+|#ESq`?d!J<IIl+&w<mw0^^2ak0&+z7Er?0?mwDBV)G2Pg9W8Ao
zLq^K9a+7tWlPq$ux@h$O`dZG`S%!i_fCk6Ny|*<6qi<@b0%`Fi+gMW$*^RQ5a1VGP
zraX>=NjYSL3jl)a6|=9(>cb1dZjlF(M4Zg?Pq*?r9S~1;#mSH#2(1TjR`_{Az@Swh
zm$ab@#A62pJt_+(91(IcP0dg^qY8|If(ls$e8>44y^x3O(L@2;3V#7H2npyWHB+q4
zK)=a?l|0O>X;>6c#iJV48K*SlDtP!?BAdzW{&W?$zf11f{(So|wn)p>*k*6#zS}qA
zu^%g?0isS<GeP8-Tr`l{Qke!4H?SL?UY%>5>csZKb8=jhe!LwVz$b`K2>E8-1#c6s
z#}lMMFVYZ;v?PTaQJ0Sv-ttcuF%1N&m>p*`lwf`t@~^&`$YA{K+;SM|KjU&fJFCo9
zkVcpTs^|{(XLEwgFK9~&JL!J)a18oI(-0Mz8$jo|+}woy@<ZB;f?}3-?FrliYBsKO
zbM4lTr|9|&?-Xs=)$?K@nwprXsHmjKQcpgZy5#t1#P9fn#Z*>Rmg8|Xx;$+WyRNr8
z997q>Nus#!82P@cI8}1ngJO`2G~1uKSvJ~6iMMFW#P_WH!i=wH<LY!iok*;kb)h-m
zsHv~5)k*vwdwmXRm`w6R0Zdf(iL`x#U$x`8^Xx~rPuNm&=>mZ~j!H=!+jsgZPR!rW
z9XKUt8ID9jyT|iJ*F!sA*FNmkLjPC<^ASlTC#TO6d21>{LbBhMYp3YEoKahj(~M;~
zf27fQsb6-<KXu{1osJCWZ*IQL=J2@nT3-z`Wj1^5xi_slkQaEq%;vnU=yu%Aes#A`
zKW{x%eXbw)d?%SU?-mw)A96bBweW2=8{PU(tJLsNeQzIq2ggnU=-P0$9<!&sugAW0
zBMs<nTgR6khtHdTA$&Xz-_KnT=Q!{l!ok!uPO^O;7Pv3RY|}R#A1)R<d^~4D9@{?$
z-d~efD|FP+6a8+t6<Hf)DqjxHeQ#bT>jC($gBh99NOcVjJ5;({cNc6{zVlSNZs#m)
z%D-9qs(hX!Jl}&Sy|>E}T|kWoiCc&Nu|Nrz&2=enml43aBxVF)3KG}#0gTn}O>135
z3-py29!7jyZ)G>0>s8y{YO8#X`KSYTEhaI)nmf3Y9ovIfQ@yXXg_Au1@NAw<Rpy>Q
z-bH_Gvt8LY(|@VUuFVnu;qfx0cs2(LQ>avLW4nj#q4nZDPUtQ?`8tM+5r%;MXg4(U
z`1~OtusI0dMSudRk*v-hUSH_HSO{LwLf39rNg7`3(P~X75C<$T1ecw!+zij7kZUV1
zCPbaLqNB4}yF~wxjN$gU>Kn;*Iq1`{KYGe_QNt{SMiGK`pa(Fe7=N!`dKFPu{$1K4
zR}eWKi@kJBDvL#J4*W&T>;vj6t>={A9r2IFa@<d946I@=)*}*3Q?=tin?!=()ZL(|
zCI|ZciD{Or1w%`gXN{?&qwt`Oa<K^mYYF>^TFQqc@e1yaB#g%DoQFV^!%P7Q6vmKh
z_vNL#sjs~t8%PN-;wPMUdDge)P0PzQ-p^Y)w}WIFCTAYZs1R|3ky=i>ExoGQ_1Z7D
z9p0Mn*FvILghJf#d7XyBuMWItm9vowNkvMVj)gugC1R{2qp6@#Ri!498Gz_oTIv3~
zR8neX5|XvrcwVn#dTlPt@j5+-kd(Yk@>?n0Er3{?07yzGPz=jlpl4AL$Q|$mhm91~
z5s?fDQeV$L#fwmfc5$?<GDL7y;j&lq+$h@rj|H6EEK#*2bf~9WVk``^e!6@BkVuX(
zeJ-ZFYqH&GF+!(i6gY<<Q{Fwud%dNs+v;NMK4VR{v_dxbTG#nB_;p<n&E?1LVJ7zj
zj-|dn)0ztu4!eVujmzy~hs%1=xTNjV{4A|cx2;Wi_ZcXCx9{tf_W}dqJb>-3#ADhL
zjn?y66B4`H5pnH>>1hk!x4aY%6W@7pBO%gwoY;@8<2;~Gn;%jN(h&A*qnh(^hmPlc
zWY*a_tYL{O{bLDZKC+L0ed5fuvi14vM>4kib30k{Qhc_uVd<3G=Y>gkqvjU(^0iBm
z*7sR4S+=W^$8G@gDqI$x%y@dZr518StG9Q@Lh2t2aJa<i9|T3HAQBM`Ns-G~U4?p>
z7NQ9awoe=5bggeQd~XR&C|!em&smc`7m}tqo(rv;ju*3Z+>alxcxRK7ZFel1F;zXG
zd~e^j5=Cse&;|h~(K%!e`kg@(m_#ErG4jYws40Sq4_L#<1Aa))o`%p|Nf+OG42cDh
zBozm8EqY>7ciJGrZ-@Os#)4>xTj>*M$ESC+;?u;Hm+j;B&(p-!+4T&O0m6(E3N~Zv
z#aY?Em-P$*jTpAnC<0}(%}>joDk^Ljt)Fo|O^eo~uZT1$M+AAyEW&2i=ZLv9zk0~&
zDcAmt2I;qSKxef7{-9Lq`0fRS39+CRUQNg5LSWVUukP#uqdaP_cNeWkegprs>PjqL
z#LgCjjz3b}5S|r@7hsOS$RM|fd?vL`9G%kz4vD=n(U>F;QZll%h|-H_tODm7DoR%x
z;5bt-5)RV{;fe)EC<Qs|O~5w@%(x}Xaj>1GY<zr7X1!i1WqA!p8#|m6q8joV?$_4V
zzHWylWMX53J&VTURf-G^Z$RAeehh3{UogEO7yq?nL%N>k(z;$06c($vTkbd!zYW)g
zOtgqex~Fx%w(>GCV)l0tgD6nbY;>Xjc4Ap^v(whtP(cdje$k$JW2@;~27Q~bo49ty
z)_EKsVV^3vqmzHb8nJ;6^7kvp5P^fe?GtgqSVgEZQbE#xx&X%h9{&3z$L<0`XyKn*
z3T2Ndp*YEHi_cN}GU4hyfI)8rZSL(|-`2*tQF7x{lr^a_3YeQPRZSkme=3OKy*EF!
zUad8v!C&*eyU5`Yo03S7fsL2-xuIh7@jXnK<SI@&42{9-Jgf{=k%^2ihv4`2yY&5B
z==^*QrS-VDouT%1yX?T<^qF)Ea$iUq=)?=b&~(4NXvKfcdR(R^)_tt!#lc<jy<6H&
zid=c$K-L717<%}=3~qAy+!>`$(gO`x@klS-AK`bm-I#-@#VZ^`IGv+>AJ9K{J=u5;
z)zNtyX05e-N3Z$bFPpx?5DLz9I{i7p`wA&e5WSCzp|p9IOaHNWz_)QlkIBLK?AGPE
z+2y*B*2Fcb2AFZ?yo})v4NaYlkG*aEbbVj!JZgJFr^PDoy54U{`)G`L>-_XuJxA|2
zBjtN+OW`(W_n-7N{!Hm~n_syhne?0p;A2&IvC9oH5(HuP90dd>0l|ky5m^eUfpu5K
zVnjqQI{5&_ShP!r>v*ak9La|L1gHVIH_YFZ@_PV)P&K_FhuJ4+0N0^0Oxm~7G#SQO
zmwlrKik8f-zJ-KgBQ4Z*o7P2Z*VQcQ@pzK)x(CeS%ZtZD&#aB^K&X&{`}=J@wMYc~
z4YnrwroVrW$7azVc|G3Ncp_HWCO16>ClT=I>X=2qEolIi4c<xrSg;Qot1}8Ynbn<9
zA*4yw^y7XKw+Yr?2i$A{WA&ry7A)_Dax0^^@IBi+`7iwpRHUNFUJ^?!^uja+#0=f%
z(DY8gt&&ybb!x;>JB*gW-)TT|{qkcAMYE<R6^8=e<YvUuhl%@2%YW{EIp;=yvdmJ?
z_pu_3+vm3ef*jacG=CHGFlQFdPk3fo6-j5LaGGW}&`jFVt6|3sW}u-X8-8_#RH(=U
z8XA(W?Rw|tyF>9>UPJjtMjRR!kLzc2isy53#Oo5n%5Q_)w{SQQR#sLRK)5t94`0O7
z>&=?AcxycvZCw{sQcMp`>dHO46CTgJjXrCphX@uria_Ej;4@W^|MP=eOig;psZfUs
zoMc$2M=3Y}{xm`@SP!4Y+#2|TS{=dTjv}%N=#QuDUpcv0wfnt{Sqm$u+ZHX}GT(g6
zhFqJQtKH=oiZaVh8$RMI(otebM47wZVwyN5lbVm~i)L9Uyk8A?TBw2<8fct9z#+{i
zhu^@>Kwa{F)Nwr!1M-G%Ww>&(<}9~}$0}VfC!;qU|Bt70jIOhbw(yDF*tU(vPTJUZ
zW1iSn<HlBF+qP}nwsCXEz5RY>oPW=lZ}whm&$Z^{cY0Qq2lsd0Q5~`;?<q*F)6sb!
zT^Ghz(sYne>BNH!$Cx3`!$S-NXPeLM_y4tluQL1QC#H11A3%i`tsXyH$qwohRnoo;
zEPC6{FMgoHEDH;3RI-LAKUqPX-x@E~ce>5XXl$G~A5iSR+~$1)xBaJ!tXI{>Rm=L7
z4Hl`mjr+}xb*}F`vy`G>Pm!fx8D8_BFc_xX4(8li7`v4|@4wYP2gfCZopf4f>Thj$
z((LNNoUGYl2N@~Z$#kpH`nwRXa>nN16ri7FULjK}DM<S+wJly~!J$|<&sY417@F?V
zDE)R~Zp%mVfB{V;$ah^zGVlt6SV){ZBy!f7a}5>KbAz&Y-@Agj<YN1>iN_EgG|zQg
z`DRb=U*73?oD23$Ok3M0QeGeU!YT+V5v>den;!q-w~A|V05@uuxNWbhgMzG+bZ_D<
zJ3C`cgX<lNzl`ayB)JEiwqQ#L^$1%90`dvia_Km`zlw#J>UdA>b?EW_n_D)}vh!pW
zU6>^*$iR)MS-2FT+%AT&d{e7|{LoWi%w8gn_`AocjcCxmyQoB{AMr7j%pb`eqU|;X
zZJv!48FeVW#jEEMMY)S2A7vpqgVwbu%gG`aP0jw!2lafd)dSa9e!BhAr@q#3f9K3Y
z9d<o1;GSsQt_$>H!us?3-FtGyoo!99A+CF+*JV>irQY1zxngmpj&t#}ewNp1tIWX&
zpJ}1K9v!TfIkc2M)-D7*IChS#Y3`CxQ<tEkB64A|w1#SQ`>WxaQh4cVwHf2Qam&_L
zHY%P{>_=Yc1{HJd1Lrfvx+w-N9L6U)4Uz)NE}#OoJNE#GO7H<|Unu49vm)%DE@1X7
zjqwFJ?Wn^(f48B4gA<wD4fsI<-ikag$m_M%e=^Hcan5X!g913EnJ!&4Ka!agtUlhP
zAi-zHUo*-W0efAhRYwZy1*@r2tF?-|1NxS~XAh&?)zbc2H6%HRaLGU9i?C0EAbG5F
z9i|8CL?genb7d&18X~|KIJD<eY^QXW@*!NgqJaTsvoruime|A^>6`EXE3a1$XZA<#
z+O6D+GeB(0M9%lJ<Yf(6s;qPC2N5ItcreLD3i!84Q{!9|)~mQnucI8$H$s#F^l;hc
z-<PX-uu5chFUl%rswKncRv&u>#EeDMIkra-;zd@15N^>>*qGi$JCyCRZ_v<yhJP&n
ze(!@kmxg-D=u^SXEg6HC7RRliap;QoO+RnAsaqV5Ei=|ZEZ(=`Q`f01b#LmZYI0j_
zus$c#(9<ZMJyGAjXg};Ose4b^*b%<$`rDr7lJ5PW!E=k|M_)@SxpZyB0wR_dJo0-v
zI^#P+tHFg_ciz@gl4YSXa0&@eK&<`i07vjhCWHzwz&f$w5%bHk04a(R3xULKV?(*~
zX`BA5O@I>$6eqC_j@;!Gbrx0izoo+||BQ6+03c@s4CkTIq7#p^kR*s_zKCq1c2{%o
zhho)JuyY=U4TGaL8m>;vx&Y<i%gV|S26vyIo4tJw`mPP#GATogOZ=mk7c2)E+WBe!
zvG_wM;93=zAD)KM2-Hc>I40p9t!I1%J6)3KE_K2HARq@wMA-SlCzDv~CJW?J5%798
zVSVf7I<yEpkuc44-ux=QF^8aWbE|8^mT&|SWqVz>nPgk%2?R^lg(Nz6n!=Lk+}X6s
zFa>jMh-wgdvwl3wXTKkL0k$Jhfl%O!)q^rZ&i7QZ#V=hjJNby_!WJPzjbkSr00^An
z2a;%eqX={Y3Uk~p14XT*qc;8M2qmhRFtb{xDMEAFD3*1eqjtS%ak#;m0fzc3t%#uo
z>OZ1+;>x*(`uA~#R%&+W`s#|$&0t&~Nz?rj8NxlhqA^cTykQ({N<$g4-2MgdRjh+?
z=Koj#SE)KoLdgQ_l`Iy<FxX=xIQQWUjUKbbr`ble!@E3;hy<a&%`4G@g$aYTq((HH
z?JZgM8rAKTNMy<@C_D2G$8f_;xUAf^UnJ(sIJ{3-buOCM&yfA4lc+(PR^TfBed^}p
zJlpdYRj&1vopwHsx9suO@k+SjwK8E-`JHEx$Mb4BXt}@HdvGDa;hV3eWw^v&Ffho%
z$ZtYyX0`4ubCUk-IR%6vb0Dy^77uh57j)u?aI~vq&TWSVD+7X7$~J)Q<8A}M(oc|V
zxhqTOphgFIzgZxRP8+o#1k#~z&Dp^*PW_dpa8ay@-ElP4g1piQJc#efO5|WrT)}#>
zs4ffKKNg4B*ks^`bV4*)7B3pX$sz!}aW1oDTHL+o<qIVS*O{4_wUd+U9J-}u-9{~R
zF%4<Wat!2^73{q3m93+X_j%W~%@()GX1TBbcc$SIT-bi(6_&zqAsE=GWWrm4*dZ~Y
z(I^zX@X&i$4_2EE4a~e9pYmQ8am{LKHf`2}Ys+#gPKSK2CBu0%u%~$<nG9M>*W)Cw
zEY$@k-K`#d$P0N<A<TuwKUfm*%0yyDm(&q_ihAU&elfz!FV-h3de_3XQbKZ3cfj<E
zqU<>Nf>H-V6`6$tzx~Cgk?fFZQv!t*^mRmLL}LgIk(l9jcHI5^I2*_i@ZcO?B?iWD
z-KGEP1!wukLWQvQBj+y>jd)2)dWnEn8xs};hlwK1QQ+5-3zfMg7*M+ze0=%3n9(W^
zkweLAr>9#lW3G54E@!3fb@7B;91=-VQ1=iPIQJh3xIa>oBX1VS6vdB4hsvnA%91>&
z#m04liz}~eMd6pRvVUMga9|}Wkm}J<UK@}FN<yaYnf%aqF!Z2j)zvf6DhO;yc0|Hh
z$yiqH;GA7<cADMM_Ax0)+YgnH{uLpqE(4&(;aOg)Qt|ONIBc-qcWv|B=__b{{{3(c
zm7PBxo*`S9QJA~EayCX_Nqd;itgL3k%K&=x`#GXfP87niA3`>Pht}j36Be`iAc$Gh
z(ySt&t13MR<v+icd~=k|q<9`5cT=(%yE6=1ouaWuCdveue4$Wu8Bre~GWo@Hq!WTF
z6~6*r5m`$7cqxmaG?OH_$=YR)`{vKhxGcLjU<+#?4u(kGIVwW}9-BEtMUO4N3O0MC
zEi;Ic`r-8_EZE|0?Ro9QiVDVVOUYoa#8*LCUo$_CE-H&+-@p<0zomq_o}R{dt(A?P
zf!%1LO(Xl)3^In97f{_CV+cU}2LZ+pIuax<TOxhGuHl`G&uj1j3Xzb@?#UMDJz>8*
z@+4t;$zRQa9Yq^=&?~{r01Fu*3YlQ=bo@XLq^q3%O1J5iOj1#$9{}?ytg4Dg9a+%s
z`B0}-$;2{goBgj3J|FvhLO{4J2EjhKo$;OyrpXS4^Q?fgN@N&q<{ND_Hi8u0yF>d3
zoi3Okhy6B2`kRG(DAu#d<nx)ZBRZK*Mr(UdYMl@^VFMjv4!-tU_9mVz%=OjhCqPGG
zT`!o3ywW?9O4vmH=hWKc;4=-bOrG3qmi=AhfKU*wVK!9JYr_0@&>Pf!2&{3zEmV-Y
zJ)a0H%?M~v_5$@hJfmDlZ<Ltd;(UU+)&7Qpi#+f=TYt5&XMW-cre%^>a>U@brdFk&
zC&$x3u>)FjP73OlCSEjJ+-yu%4}$uGmf3_vPuq_bu}MAs=|R<@jJafEbqiTHPn}Ut
z_J<SugCZkiBp46Xmi~Psu{CAxtncy9M==3uE>=+bWF_ULG;lp#ZDbrq%W|qmfVmK^
z-`}IhM@qbUS)Mjdg~C|^2pVwUNZ}Sm1OYnconD|yzvR&ty25GRl>iOfpn$?TkdTe2
zCQKRv+oF?DTUB<y4~%|QbSSy#Sn)^c6p9-tD2r@5eaUww5?KmVy>*KWc8OmRFk$|A
z@x#c+Zn^-XLV}?4qeE>Jvgq?OY3FN)%xUXFTFRv5Ya?E+_q+8_W+xpG05S+GX#DQ9
znU_~n$A-l|TpC8L>S!+1Ujvp7osOmgr0C)5d)S%EEC&XOsl0fn)n-<$B>mhH)hK+O
zwGQ_6*gxTsK{Bkjgzmuq?%=nq@7_s2_Fv5CaHTNoG?*&=n2TI4NnjlRDx8s6(+!Q}
zfTcnlR+Sh`gXOXD%o0AH8*RE5-<9`vW$j1hJR$+QzI;ev01Ua-u=)_#V0C|zLMy!Z
zt-L5bYB3@-1U8hufW${|5T1Q9$T-!+8sJ^<(YcGk!1(+xMv$#th2~|D*%9U1EtQ;T
z`B$2w%p}+O-K98w3NpvP0E66mbcU4Wn%kf{1Y<-N_!u|==SY}wgXx|UERryyE9ByX
z;<kjM9kSFSrFerq<W%=gC97}~Z|w9X-C0aXD(FfKKCSCvJv2~6-EHK>_HXwsCT-PU
zxsG8h#@{!y*5`mgz4VH7gX4d?(9%pkue)WFiVKvs2uXcl6V~!&>k`^`H5$!Xlym`Z
z)-dB$pyaQow3I=e;%b!cV|_dGu)1wHFaN;vEj?)|u@oVrehO<Wf=I(_$D-XDv?AHk
zPOft0R=+$+VsJg}5$L&?&+yApy?24nj@(HTgSJFA5rWq+d)igT7YqSXt%)>^qFyCY
zKJ`2iUW0?b_R1wyLVLa4iOQjo1Ox`EOH(YkgLRRc#}=5+mEZyj&}ZiO_{xP$k_yZ-
z^W73x?05ZdAJZKsF6QTV$0{mDcqiT4Z4|zSR}@rK@O}Hp`dyDoTCfl(bGJP^7cU%>
zmsKYg5~Do{U-jXMQF3l^-js?~|FM{g`?i@=1xgeLicQA)bq!9Xqmvs5m{0iV0TqnR
zKW|GYt3;$AUsQpST*AE|n?Z-ag{0YyHlac=AF2g|;13c+>|+_!wF@HWGR9XK0iA`|
z93T`G=F2%nmKw1io+W|W7Se}Cu4WjqXS-&A_;S9OCL8B~{R&&ogOHO-2y-HP77RH$
zGqdKiY@`~^T_;D&bECFu3J=N2s}p{Tm%B7{3V1P!5NCx1zstI3UTDFwDQj%i8DW9T
zbZ~IRMAWyi@vmin739WFl#Zo<(tbt(FrhpHDvtm*XgbN@!3Rt*!#(nxYI1m}TV{r4
zC?hw@_RU18$N-;?bPHpy8NQVn-m!lyIQ59YKYvw2JGjGQ5rI#`qK5r7(;lQ(-KhIz
zX+v;9w^VYS=<6_+vTZY}+%L|BP0=8mk#<?vz%Z8CU~F)D&_AdDi)#3WOvbYjK}2wd
z9ugq)Ylh7-g{+XQxZJ5h*f|aJ5PFi^`)$u%2W)y^plLO2?_9Mofsnt-XE3vD{&+E;
zK3s8M?5HXUAvl@?oBF_aeSFR!SvX>WM75zz+=NJorpg|>mfJrEe{|fs2N{11Cox(u
z@hPeo@|SH*a1J1SB~q!NrBlUrJ$M`3=|NPJ_`~R}`f6M00_nLRm9a1Q1fb7ModKa=
zwLnh6Jb+|iO%L^lGXN+W-eK3xCegiA{Evk<*8$zAi93FSb6fSoL<t-t?_l$`S>1;D
zp^A#tM%&VPefYI2F9FXXN*tN!=`PHYdsBnSsJ*$JQs<^ARDC_*h$mFbWK<vQoYF8v
zKHc3Ly<6k3iNoCAJhqVS`{Jg0#c7VM(|J*eZJpukFAGj$roaX6!K<fXXn6jkPxHJz
zaf2VxJv#*k+x4K*eu~56_q%dKZ>dgffdlf^8n!<W#Kd?)p<jVW<gdS%RCn*cu7KE>
z>8({vQ1Aiwk%QmxxEeT$iDP2e#Y=8fpIv^!Dk`fCg!)dXyxZLPZThT!*@E3~%LV%D
z(7n&k#jnZzTm|O*{3Zfg{c$A|SUnnxC%6CeYn6dG-(z)y<WKC$Hi&F#oVDv(QKlW-
z>V57n>bUG8J`n2sWlJ)T*2f~M0r7PQb)J!=29n3itElA8%ttG(z_uq5OXHeh<k|3u
z9Uj!@m?PyMA<zoBvLnNMB?B}crt_;4;tANHM1)T3T}hzF4AQCQ07&$>fpS!6vzrE2
zyHNXgO>z)_&Wh_g-PnrYh{x)MbCUn6SXemDzg*?fQ^4HrNV_~Xj34rwPgbn+aA!EH
zU>sq2xd!7`i5Ugx-i1;zo15J50w?QM&THtxuZtK4i%Y*stCqdx$*1m&M*<zf$RGWo
z`w7iK%VeXF0rSt1_sue^B`p;eqZ`N66<Yb{rT=tcE#?N>s(9yT)ngtBH>(HFt)+BJ
zb<#on5tf1H3B)V@6vPt3;7fKNxvr1)1qq}G4o$55y80uEV8bgj3)+I;{hA{M^_7ba
z8uY5h&<g(U%G)RKp|(w92M)0d_O)=Ke3^)Aa6mpYzr+f=3prZ^f<QmZ2jz(ffclr&
z#LzIA2zT$xj#4WShtKCegtW+k9ThB<_MN!(zFVISr*V~Dl&GhL=ClS6Xob}Ew$>(O
zKY;>3(m23b0-Zaf15g!;u#nM&3}Fq*t0ovbM`6c=xVIC~XF1kG9Qx|$M47&3r0D9-
z1u=)n))c?<UprJvMnSZaMpni}AisD7@9apZouCE%V__3<awQ=jz>K1hr4YE{Ja=gc
zsVBH~qnc`L&R!$=z~s*Ggl%|F>S5TeBBmmv`w)iN@!ZI$q3&-7(=}z;OZuma(Cdo!
zk*`W%yp^aP!Vd)OD8>|!-JFMYjFVLX2%=wQUH*KKbaniU`h43imspsQ9YncQqyBNF
zL)afAjCRfn;DDYtGCOTq&wyYH=nj?Av)#V@c<3j5{k;l&nO>*34C(KR=pdyfB8i_r
zs$+F-zsyJ@;A(TY?9MH3I~Qr%3LrUS>5Yrre_lQdTWo*Xk!rBf1Qo?9>*jmxQR{Gi
z_d+BD9RZ|0E>s6Um~4#x0KsFn!mPY(?*fsyD2*avr~b!+8`)?SRPFxi^ZBaM>sH|5
zWBiA}LY5x5PfzQ2@HT4kkSHWR2T-q?+uuD*zAD;qWb)t;g0fhcw`#-1o0hX$t0DkP
z4C=w=KlYhPht}EUb}CTM?es)lT^Q9I>XAQsOQ?z(%ITJyt#8c>&zI_q9a=Ykhy+I%
zh?{n6I%D7yEz*f$(fvN-f;*z)i8Bqx$8y{%v9GaSopFn^zn}21(kU<dM&o=g>%l)<
zQX?w535OF2ax<tVm~3s^6<f}Y@Q6?i3*04NDQ&Q=u<qMWuyn;!D}ef|M@q{&^VGJX
zxy#6{<}TvfRq5G<hK#$2%OpJrFv1>MJY(DS`4uA2->uB}-@6$FG$UZ+_lM|%kX5K?
zBW$Jt{MTfW<rW}BS^-T(C(b~S$q2<Tg191?9DoBV?{_jB@4+WTf&A*L?_J@t(QK-&
zMFul5K3-W-fuxX{A9wBQ<<(ws$~OAe6?UD6_op;xsm6G;X9tvIp<e93P9w45VNhHB
zYM3KLQ&3H7^ANjqMdQ#yjnaJKv@wp2oF&u&yser)S$crA9HVyB!C}RGHEHp|L_?KJ
zt2K3*UFvvRub(#cB&1R(yD6I_57j#ihHwEyFk0u3erzqi<eTCU1GBqrKm=Gn{6lt8
zr?7craMwi79@y9G&0>3w%e>4(nvctR2iOnat2&*+jON1waUJ}Bx;Wd;W1|qOq+=U{
z*=T|IhX0$6_UTmF4A-0q{4=idJ7U{e(MjKAaY<|YdFx~2qa*j<xT$4mVn|4)Krira
z_>lttD=?t|IGV8tfuv1esvVZFZ@Eu~XeNCK$nv7#!D0=9>T%yBe$Gf-zOQdOCzWuU
zeiW5>T%NMs&K!SuZ?-n-t}7Mtn+ib8Bmx4(q0x?7%@<I<dCs)Eynq6bh+flKA@$Cb
z(Q_$zKSl~SZ{{A~o}ruv5*pmyHY-Xi{hRmQq|p3`OfV1n#T$)5O~i1za-6!6?)0Fb
zk*MhgPUT)))IM)2H&{9WpAYCyXM>Z>SNlnq9rw>njjs!OZ$Y`ESttKkJOXHmRlr<@
zU~`bRYH_s#IqqoD>9LB{rX_xSd(l<L)>mb|SOHU@fT7}i<z;f?8@^qHA7rXMoumu2
z4I1_fPn9AnQyDkxt{xg6g7+<FE!Wl(vEs#r??S5?^LojiOtxCzi-ZG+SH<|N3#pi~
zsA_WCFXw;XaP{g;6E)`@cgT-N*=A#Fu*wKN&@^Wa5W8}-e>Rc^u!I?tDfCH)GLuW{
zYUpYw6GlX8tZr;<V9VUrP{|a2Z@jcsNld855NtW5sPKvyV)cH;Rw`(}ZQ`(QS{OPl
z?Ii&(;jqNcJS3@@PGS6Yc-SRQ{Wa3!)NgI58=T+D1Pu=W)SL1d4V)ND{$t^x_cVXb
z%-{-z98~njsC7u^-WZb=hG?wx!Ism)AwP0~L!qNg{3me`fWvztlG9>N>uZVZ%oevR
z)AWSv>k;}7H8spIPtq`OR`c@KbsN0?gau7CMM>}~qex~kg=mhks<swd$sO~UuWSnE
zrgojZSx(h=UCL9k5KyDpj{!}dOzGfWyG%?mU3B9F=b5@$1Hl9`NeP#p7h6l(EZIYh
zBzfo>lgW$yR|3v<_BG}OO-tNcWDp!oQIA(a%ecU-qH9D*L*hBPdWPTGnjXg}Mxv3M
z=Lt^LLd4*(1`#Pbs&W?aIZzM)zbhv{woG`vo10bLm$nUH+v~;SNB`!dwv5C-79e@P
z$joalkIQnQJg5o%Gz?+FM3Q|abRbL<Ea*R4N*pyvSObvkNa7*_xF}ObJz>S+{DNVH
zs?%zBv4aE?7Q~{)i1H;B(FYR&zD^o6#ALn<u$J^BC1mIdV^)oglk2u$ky;+eZ~LDt
zhXcLO&HX;_i<6(Lhn?JO3^R4%UC6!+a4hJoFxdSX2TU42yD#X_td7p4k#r&|TI@G3
z-#_RdGXk?bcQ@0yn{`yix@b^ZT`o^tFyzTm@;M-bM5zI5$7UZ9yz$V!72yQxmX7^h
zEMbAMvJ_3^3BHN&8nmK6PbeG2wHg!xg?){wN<oovv{;7xQU{Z%mB*ek_LTk#{`ZYQ
z`~>(V^5p2+0%Kf9i9`$2Wi&2VQ?;7J`^9y(y99JCTJhJ!1s?GYdgzd9l!<LqFbjqb
z4_<!!A!y&55y{=gV3q*rQy8YuY0?jYYM7j|Lz)UDk6_`0<c5_^2hs&PuARy9%@m+0
zI&v>d##$l%7-J%klgs3^+plk4SkOGh3ltjowUpTnx0A0+`xWH(_uP6F1ws20(>aSU
z$Wl(x_XY#rLvvm{#bIFV2=bf{r=X9C)g<Je_eGQ`Ng(vzQ>S|R(SBjE42-@NvByPl
z3Jx?9M+_bLuWa!B1R*S`eA;thwD@UF8Mg)rR$v!rRG?fa84+;yb_{b4&6xwSoeB}`
zpDt?1iPk0h?icZyP2jC|npzv2y?Ha~7#I%3nCY!D4*@@=7jS3;>j%tqu&t4u2Y6O-
zaSvrP7TjQ<?aD@KSWThUy(h(zGZYf#ZjW813nWQn`tb`YB1o`*<c*%+-)86v$jk(J
ze@=K@Xtdu=&7542MGmbr3qd7Q%%+QJU(UM2&C?<qQO?zsOI$iam?T$UyamBev9$39
zFzX-HoNDi|H}{U$rv(OB7IDn234(92K=XyWi=iP`m)&?lCF=RS-ut`{55Im4LjB_U
zLqZHG9)Sc91jG*iA>b;SvH@E2?o-Q&#CX2c>hU@}ti5?27HHXU-z1NgX#1R7x~%Jm
zMgCW_JAA?*F#iRg(Jx%ob-J=!Bs_QKMkMgrntR@j(gDxWw;Z{?`Slolnpp*$JUKX+
zP`h}07^sS7F<^mun5ZqL*xjE0<8zkD*ZTc?L&ryCYvVvJTVy3~jmu(Y6h+fp&A!dT
z@)GsHtX*n}WZy~-k<9#4ET7ctgZ9iY_u(Q3f#(yvK}lY;A}F95A^8N=&9{V&9r#>M
zsEOM<`Em9to0aO=Di!LeJyIyQXGEzHOQO<_g;h*qLL4oK1XB?R=tT(<W#J(F)-v2P
zf(P4N%|1aJPD5f+V@%eiYFr|^CPO(ZoL#3P!JS3usDk$Ahlnt$M3uN<7kr~DdrqrE
zCCtxaoqxLM`K>GVi{zMeJH)qRU1_T(l}l5B&zYaf<sQCnUSO_J3}U}><LMi4<>z5X
z2p<v%04YWg$&7r*h^0Z)F8yq?Q$Th%hekoN`)Hv@GkhVNxeEh~3<V5{n3WhB{jWSx
z9yzGByt<#d`8kR-nlQMpbani??BiLpgH(99SY~C0Uah^LDA5pvX0?jb+*wb9?mCM8
zcwyunJjwF4j6;ZB`?06>QqWgo`I$GWLpHj*{j;rI@;9hokRUq{cBR_c$N+-@kj%70
zGd`oIXaA;)ph}Fp$u>fhg&AAZ%VI*fY*|MLK)F*syWp>7O$uy@!%?dm9?eZO5@x`b
zm+n{unWX1`yT+trd}#^3CQ?Vb;?u^ABKdtj@K`4p$Fyq1n8$CaiArM5oLQ~wX!VjY
z`X_8#7en*1y*yNx)XUkc6YK(^HPsZ*z;cMK>!(#D_Sje?e--bL$+9H$5d}6Vqr0Jq
z!3BUMytHmM`+SloQJ9P8&9a?5wu<qq;G;uNk+_JEE701?GumY!1!A39-C+mSL)(Pv
z+1_t-2cb~~-@|@4z`9D_+KXY%s|ShZcUonRm8*4z`hnzMYg<KC_?_?C+yRvTrrSp`
zSrXgwW@mWVxhD8*kJ9G_suu0V3yV%LrMEH4%YoN#^Rsu6fD?YR8PoaFKdJrKW$T99
zCX~P%HSw&|Ad&DtT}WQOJ<-~Dte<{M=Y`8<ZhP7~(HYD%0*RI&QGTA7&V|}|X*hg5
z(D%ZBINx|33Q&7r0D9kbK*{22z3ni*tMdnu1(a3>WDuWe1oLz_?)p66yF6mHbiRJY
zQFVgDZY6ErIEG#=G<q63?7s1Ae3X6v*eUFETNG)paPKeGvtJE&hbKaEhk1Jx;J@!i
z`~*^vzQw3@<6=N_Wm*Y5FaK%vMtnQtiOLY*xp-79bK3hM7@-^nJCs;W_jMxaKIb!L
zytVo~xvm|P`ZN6a+zy&_JxloQ^N9GNjT_f@w}#1g{ygb(HUmoqfw=ZHXx>W5?PT)R
zia`Z-yaW&G+}}2Aru}1)&-k`ls{8K$4z;!J<G#4r_6cO<Y5UA){G7%GYAV9YW(0PA
zZf%~Td`&<9z`^UzR(`qVr%G05D1nNwxi-~5C#giz-BFDJb~X9}*pr@vmCL6&%`Ayc
zmXDIw$cUH$OvsW<Ekz@|vN_E*D};9iv)8t!v=SsPo{?}A(4xg?EwvlS%k_;S=8-0W
zWZ`k%gv!EWM&<fOL=@rB`qtm0JnXb1C^W^ug`v3!<WyTSwkM*-NJvn6UWvK(R-iVG
z5qjwLE0N2^3jmS`Dqb1%3zu^|4cAc5f2%cM3mSS<)tsOVE;Pz@yB|u4-JYoKKwk(>
z&k$CBxIM3K_%@g}`_*UuV<Dg(WnDbmmhOKfrE;Py)HbB{dpbH9sS8Uhkz6pzPe?Gm
zPZ*YhqDE27y2ISYG)WQ?T5th2aDV?IK@AU_rjB7(-P+1ZIYE`CWF&Su(O5S=NZEoD
zr@Z2VW@IKdau*r^?jNt7h~XP*ZpzCr>S<t3EJ>o1BD)}>&obaPmtw|};wzY7B4&K&
z$RoQG)c-6?Sqm>Ln3yjG2e<k3u&$=-AyX;96pXx^AH+p24=Vv0GDcV2+f&cx3cVBg
zxBUvMsB5hTx~iHsP1<KtZ6X~lhgq!Igs#HL-Gw8QBT)mT7P?=v!##mHZ~p80ODw<b
z^r!XW42^)xTNv6{Bvc*;Rqh`PtM-{bqaX$d-goz>CH$+@tY<KaZk6lL&t=AY%&q&z
z&vUO$ujKBw{l$;n$<F7YufMj!zjD6i+8**dpIX3xK9jwKPg?>>ntJwTkHEJ9#7QtL
z9hK*!nbB_@x19o?8&F%;z?akd`|@><gU$Dfq_>{5kN3&8ZMhN86|G<`#O}fiKedhv
z;6$cg>-F`I&(%+tQA^#=UEpVi%f^Sp<!iNC`_{1>ZreS6*1CFW)cSpfR;K&zw%gHt
zZW|t9$IS@gQ_P0Pr}H~&)`vDf{)a%N=P={PSjP`po##KFHxi<Hz1ZLtxm1>M0{gGP
z4Zzb3=0!v<0Wwh>z^L@J`tN^dDl#C52poL%ILwq6g2Uxu6;T-w0!qW$zFp8O_u+Ci
zA<$i3e{RbE$OU{0qUC?1es6yC;UC@k-gzz2`LTf6c73?f=wNZUg3I93Kbn~NNy^x?
zOM4Y5m(J7ZZU0FQ=kv0$XbbLhul86`St;;!)_cxYt|b}?TJc4(FrzXVSnEM~A*FUU
zBe1T8_3Gf^C9l)pGm8qDmO5>>*w=?bjUAP%lZua;K?CQb{ktS#Nu;EO#n)}rh}3h3
zalU2@i=#*SN2gg(v1^9Nrg+SJi^?Jl7_!%f7AGpKr736CLv1K^G*b1j?#OctRJ)S!
zd2Jux2PZQHO5OR0jdbIC_nb?2|LJ1e)xnVTqFA-tu)LQ;4o4pjz(mDGpXc%#4{f5?
zeR0j>xe#lHG}b<QvA@*!fW^cnDQs0l_%TMcMS$claOBbKyMj`Jo(V_u2~ptda|D^z
zwlnD@<JMI3!0Otc?&pgmm1}I$KuRT>MV>>#XfdowNagCcFlFyJrk)ZLJ0R=c-d&+{
ztCE1}R$*kyodH^lG?SwL6;Xp_UCus$6vq=NXo)W-srE9Kax1DGf3R1~>Q5YQ%S)e#
zfmve%-0TRj%L|SmANdsvw6+5N8F=r{|J~{EcJ~}<)97LLxlvxe-O=89fO$|puaM__
zxuW9zdf{L?LBQ>~gaw&MI|_H~?mF;~#k)--xWc?&WH5W1s+{!SQZcC-4&llT=FGG<
z%XuI%&`Gz+9U%W5);OyRx|>&j5n;Oc?QEXV@!3ed_HU99Kj5eh1m(q{eHy7m7_4t<
z<=}&tTof`I86M>0Y~81^*828%0?zv?aZm@g@+}3?=QP~Ki94KUcbl;DR%i10V{y~*
zwtn#9eW6s(<0)4!`0;IdlkAvfWFkYa{d3*tA^-E?AWdP%sO5eqX@ddTdtb)K{$;Of
zHsy7o*X46@^YcW@=Xij&g4c2I`-KsVB>?EL`su#6Z4i6^vA?VLv}fJ8_7+d}(tB3{
zTyL!BGT>=?T^*dvq8;4zM}`ITl1qOr@c94i>4w?UEUw0PLxC4WOVi0dmXeZf!nZ{M
z?`?+-*Si){!jGdLB0two7c1x)NXV)=9YcBBzvX5Khk&pGj=d>0k6ga^DrhX>9fZV#
z#kU}#bfcruumN)M;LQ{AHu)dAXn_KDi;bQ5Fzh(xFa?|5w{e6HdtD-fojmiq3|#^n
z2A{KO-XhU8^G|;^?>WM@>II%NUppMMC7-)HKMOyfvV2Yo^{P7OS~!lIoEiP0Y-}lr
zC4VV-C=kbQX=kIq%y&*5J+k<p{^A@|xVQN3izF%(jgD8cz%a$HB^!}iIYnNfWf_{k
zFmJ>gwx??up&YAV_3ejdl9e=gS@d#zsJZUif3+D}F$#kiYgQr;&u--Q)7Zhou!Cjq
zG^f<gI;~XrZ9v9-{d#L6<{@M?iqS|j-Fjn-`{Ok#@(8C)p7KEI`1p8{vZCZE<-RjW
zu;T4jZBhM=e)!^~gTj02s=(aOl|*oa91j1y=~6A(S|YQI9!x4d%RmFF;Aj?%8NqCF
zfCXy<{jR_JqOPsgxqEtd&gW?90%sZ!jz-*-MnI~q%5lmoh>BJOd`LPmjw+VFY1f`r
zG!1Xu`WqCvxI%p1a17~h_jXZCQWulrX-&z$@yanXDk_O$3W;4vly)k6v%^Elu#WTN
zHM@g^DG`OYaHFOZWj?1BhH3=OZ^v>S&v)01?zCT>jQ`6df0c`z)V6<`TGOvc%hy(R
zPmOEPo^~`{Ij2Wxq!=XRbX&h)q-Qwe_SzAu2&0RPizh{|WMFivy_*X~ogD@zDq*7^
zbHO}lMa&{VA*xsJxty80q_Fx9+~ItLZ_&~O@6reN{qqe}q{y+PU-Bo2MY(Hv6?5x1
zD0q&(*@%i{=r&*%3~`nUmKFCRY37?}N?@rESY7u4nTd%orl;Xi-qnx<r<*5z<ZJHs
zf{dK!8`9R1${#NKBj{SDGGY!K{mcB)uVdGhJoxK3+C0(}ry)fFotFt6#BbXs#7yTU
zX_@gEuHZIp4`y#q9pqoO`(`0Z(5AaE5xticd^_+#*m~~&&eV&b9|Y=BJRVCdX-|Go
z4K{5ye;2=8h%G40EL76FKP8x*9E?qZ{0rs}23AJ0c?33>U9N8W=f8o#AGixY)u>w(
zJK>q7k!8c__fkP*W63(}KDI1&?Df|q3uE+>BKG3?Y<uMoL-<aTq7spl_{THwVf{+T
z;P<XbKfCiV{~oUP`en)q0jR2CCOZ|*QiE)KcK8U+ie;Bpx}7-y{j)yH8NDAfXK&m2
ztj5_kU%K?X_U0K~+u8dfD*hy*0&EV)OLX?Y>wX+Z?-DpG(J!{U*<K?|f)s1<1B#H_
zCcZmhxHV-<EL#K{*sSQ<>g4atAf<D&5Jb)F2g#z~8kXi%C{6y;h26&#-(!}R*5)#{
ziVAh|0aW|GH_+I-%EjDfN=hfJdtu?~uDO1ETJ$e(-RIWEdMkG|XoLUx!HRf-+~b+9
z7<j{cH(zTp+pGkLFla4)R6QSSCkh-uM0zQ2X3l(BT@K&B8Gp_MF?Nl_^tPyWYl0PB
z?GFYPLdGe**6J1eagmp0TEnJ8TOz;=n-B@_s=isCr}ItH!z25Fi%pgoUg8?06+~E{
zgN*Z48ojIF4BJ9s(l<mD$r0wVy@&>Zfj&d1_$Mq3Akped#7(T(J8@+$B)5p>R`yRK
z24u?^GMCIRLmI=nFp^>>#b3MxD#ly{k+W>$HF<Onmb9f(G&X1jg#TE;RyCw1>VGv-
z=S4ga>F(V<RMif6mh)Ck_hb{zb(Vj^7%8a~lz?{;jjF!1>n!Rx9DlsS(T)aqAI?y&
zw^e&PbEi<42Scyha2z>P=3cw9oje@YFDRhVk2x(ij7S&{X#%1pL9*)?XqVV`K>z^=
z{W*Z2Hl`lUTXl?ODPaMKjL<LwKjoKk25v0CCa+i*#gpsDFj7uN2D2rao>(D3g1V$v
zY|4New)gg(vnkT{qQ@9woQK7ekNPl7E08+aXvnZ*E!ZGyFKeZ~LO=Dv;cPA7qP!me
zcJH)-U|Ii(m#?@J&H;cfu92QoC_uLJzdc!ImXQ#FBMCwyCRA~m+reD?W0B614Jfh~
zM3M#wLlZ|fY}5!72RWLmaPxmlEES_czJtsBj3;y(W`B2!MwX@x0V!ke1K)rUt^f8L
zFs6=^hRM_j9}}CJoE%s7I+^u$r?aV3GE$z@@nrs|6;cp~C>$_gCTQZ!fer_fC<q(h
zK$5y~^S;P`%GIdrPJMSMSfCG}$;ED7J+@&=7idi}UOz8)_|3?Z2XgT_0j4p-JOEf$
zCx7N-1SzZT+au!7ldPiy01=R$;&nmE{6ZKYVEC-Ur+V0237famG;!E|PW2#Jd1=2=
zVf)vIZsj_%dSWFn=QFnWgE0-L>qt<SGsoGl9Ov2LX&B08^4B_Fw6T?!Apc{*o)|ek
zD5jF|?5g=d$(=P|HtX8FI=sUf7N1Ob#}m*zQzOYDY>YK+uaOAnz^6|YMk0Z-;QqA%
z;L>pd(>OI>k;t;7Ac&z92_CrS^;LTZI)=LI)uF$H6ALu@G#^26TEfn$L84cvzVk_F
z;c(Qb^`~~P9ze|D;sZ={1TkCcnm*DjbF&kdWgozklmV!PNF3D~h5AeZrnyW8K82r9
z?JmDK%+_#F0Tgjx8DO>5Uw!C&0Jvd97^8)-d&7w{OD=70;i9&eb!8e7Hc@UoR-|}_
ztVu`&v+#~9Z>nseiV6%dQma@B=5rlg0q3}cTDZgdybkSe#&ts))-1fliXzH?EU0fh
zZ{Jd$pS#y~c1}7}!0Ez!a8Ua#n2ru-g(b|LkfoMdEoJjb6u`4<=`bWEsCA?=*kmL^
zrfrj*-9<TM`Y-1Df6G~0mMWw5OY~3`%of}IfCyd_fV3~>=@!0yan~1paN~+(CkzCZ
zSNSrorc@{5SR-l~vbN4xx+EKN;t)j3Ltm;B2`^sHVc&LFDbc));Jb7@aZPqy51f8n
zlV*t_!=Ql+VQ_6Y{~puQmx?e7ji|O1xxN+noH+k$@E3p#E=f$WJFS%U;tKwAXQ{Xl
z6fi`C#$Z-aZXC$y)Bmx-vyndo0(UG4vlQm3Sj<_vys2>^x@VEG#NLd0FH|+W2KtZ1
zcZU8|W|~W@EVtV<pwIXp`j7tK1uovVOUFu-iwgwapL!p3Bq$0)SR7+k<xV4vFcoZ@
zPF8nbjrWfiy53jY_#rI{bIpgDs4nYXKz=TtTbVzt+beE{^;(#g2yqbGP7Z$h2vzfn
z$yu+>YM)cq>pUG0pRZDsa=i9!-{pZV?<Up}^=QRry#6&)zB8crhc8OL!?yk)k;y~%
z0!%GEkOf#v?jV9=f)!g`E<k%lVz!2wL^_2?^zIwaxp2#)A}0?YYb`cyThnukD}`Wj
z0|%?Ha-R3~3Nrw5J%@6l1WKWX`@!5XN!Ep?CRSvjdHRK>?w9+qH$x^LEvJkI?s5?C
zAB&7U37;wU;tc7Vk(-Hwhq;|+)>BJdT&Ty34faLWTx&l3ullpInqq)VBF8Tp>hY4t
zYx3R78iQN`Es~~u6jqR3lLeA*QECeNxu2gg!1NmL)YOK+dm(Fq$hzs*K`<PD`DRgo
zGeU7tmLS-6y>D_eZgz!*rC_#@gX`Q#5LB7zem12v?a-4geZw%SbecZVd{|&D9nK_2
zaIA_CcXBQKNQpf@aBTxsQIcBW>CnoKGC1B$HrCbK+lF^zrP0N0@<ObjWT;RP*3ePq
z*j(4ldWTckFZVh+L_Q>kDu;?8yrx8QCbeFcj9{s@t%VoBQ}3RaH_XypV`*ULX3iE1
z^55ICxv{x{oy5;!cwga?rdeFNOU-kH7rU|=x(mk~GSG%+$2J5(2^1;xudjoZhuVlg
zL$fsZCsSH?Hkegu3DwOnPP}s~Af}kc<C9-Y<8RW8)2^|liX3YWj5^N3ebe2o6~u!!
zOrra+(19-Fhj$LXxOrlqN9Oq>B+eWY_Ft>#cO5qgm75+Ix;KV$%dMt=v20+qBpUqT
zvC6~K%Rp=)8oZ5ud0st{zCu-5R{f?>JYrDBXI0F-O<+2Hc1T0f|LjoFl0nykQI`49
znuO^NSV$fw)6)tNc{S?DcbQPjb;2p19vFUGBPA^%f$Rpz{K0t4qe|&U!4;WE29SU|
z!<9v@|I>wn2;@`&4xJI>^K?I=7p(WKwa-(EocHZUt6T!ArewEfIDE%>#(iNZ*9wvd
znhXDDP~`(4^ZJf***-AOk65bZwmsqb;unr-UxflHvtSu`jaUO{nf~m#FZs~z_P*Mg
z&%X8g<J*4m>gLtMW82}Sz};h3(`6=<BES-!Ns2tu`GQoiD~E~)pn+G*Jd<F6nr{~m
zP`6CU@DiVB?GqfkIKyi^U6bzF{J5SDu5flmKI`m)3G{1UW5nz$(iEJbn!pPbO^!NL
z`*hfv9mu|-SHwyg(y#_aUV3OrsVFhm)kn)(U-EpKJDxUT!TXj19TJabMX$kk<OH$m
z$;K_Hvf%fRh2xeWN`LQpMhz7?>|(qz3tkPouwZ(TXy|-?kSv~^0!{hhj#>3A#Eq_8
zFw;E-Bxu!WuG54T+74)=Tbhlvo^`w2X(ZR}0X(tEgZXW6nmAU)1Q;++JfId+kN28S
zz<gt1s<nLo!s1g4^Q0>RaQHGWPxpqZjoQUJO#G)oFgb;eSx`fnffo*10gakm!FSa7
zTP75A+eIHNP4Pq~e|_DOfPKGEu@xR|IeRu0Z3dZy$_Zx}CMM?1abRe2w?!{Nakz#`
zT}#VixUG%T=cucrzc~}IdYUIS3fKC0rn%m3X>MHo{k#6-Q-maiufp2#1U)_D<w`<9
z3YswSKvit?e;#N_qw149iNpdsG+N@W3>_OQw0>g+WtCyUf%tYC7A!|3q2i*Fx`hG!
zzM~}?Du@c``R9?7hMM}zeBH|~MFV0`AOzUQv@<o}$)BUEB^Qe+N07LvLK}z?@B8zq
zOtCR0bO=Sm1cPdjXST8J+~<M|9O(8c=e3DiaUzAUVyF>$h|+NoCUxK*%04jek5#s>
z3*62UcsPdXD%E?>X_w+-#=bQ(&Bt7SXfwrMs=d_OY`ZKS-2S2amQ0IyxqS>NvzT-+
zN9(h*jMAmfk??f&yTj|<_^RhnfVN&m8N;5NzlrxTqHu$*3&#+vi$#5r9|;S9J^f;n
zV4s>~4qx0w9=-oh7e=hhLP{`)2*kLic7aSA1cTzvSV0WBFFS;qpiBk!*+7u8dTaCu
z?AP~wM$hYtM;`+3mw8&ox9&pyj*1b5U$81N*{M{RLO+=CWG8^V)3lf#$TT`j#|zsc
ztpqN7Uu$@h;?`f)z`NG<cqmGn7`gF_y|17$(?GGTLw-sc4<#{*DcGMaxqx@c$TfX)
zswj)eEA@OeZ{%l&pel_8n|0NNaZVNZfq<1Vt<$xqrS+Hg=eLpmN9o6hDg_>A+XpW*
z=a(}3C4b0Ak8yo~pwl7PWb@BGRY@^nKVzaqs$^-LAFx+*p>bNPJV6b(tG)M;=WNGD
zcK!=LgRci3%nT<|VE^-9D9IIS(5Yb@JTNkb3|~!oK8C94I=^qf|KV%9g!$8XFcdR-
zfQh+778<V@l7b@DZdJdip}aFx(O;^n_KmKx3gWb62A3uns(5m)!sR%ZL(NsakXHN2
zn@CrG9Q)-dV>Mn;N0b`azKm0DUOxT8az!-NwkZjQkgQF)4c^*3;8@1@yTYWCnL0J`
z*Ec_5(rjl{*$h1GLRvSVXu0`Q67AJZ6dAZlqM}84WW6M84MvayqVFZ{F71d;g)gn4
zLB6s|qGagkH$6}*ZjA`g8oK%cWn*%rgxG*)A++N0a(0r^QVTXb0#4U1Yxsu52%)~_
z=4P8pIHOrAguyvD(e=6&lYhF1jtPsuQk-PL*4l><RcKsQ3MrF`In)n|jYT#p3k)NJ
zC8`+dF~g^(4k9A4Csx%e!Ait9oG6Q=8I_c<_8c1~<q0;1ZI<ge)!D+8Gd2+f-4y7i
zm$nvLwD_$Td)3kDG$0JWdEB7@y{$?6dP!t&ZNX%AwE=^UlTnpVckFq3`q*~-`F=Io
zz76GbsKeO)NuVyECxL#>=c|FZ@s`E!`Zgv~1i)qkAtjS|jQPE|dGo;I{XYKveIZlL
zYhMai0dLdMK|pe=aMN}S=YF;GR<84LRp2Vh<>RSPz<YsZ{cWzj295_na^dJPO89y>
z$#?x)@tpsiu>IsH;c?A@+7nLqAB)QiK99`nv!GqdZ3n#%668GWY;ciuCf3|~y#5SP
ze`Dg^Gu+LV!+U|ZJ<QHGh*jMEPR|{sL?Q@4N;+5PJy0)zu%-NQ%O%U<?JsI0|0%hg
zm#Qh8;6RFjvIGVgljNb%VHG<Tc-V%P_pO}E=eFfnvOs0~#Y?W<M^DD#WTjX&ulu@E
z*7e!h8>AWS4T``=Xyo@cv*U)(t1+L~GyH&{b)f5RI0lF$f<ijK<J%nCmfNJqLFjK;
zta81Znk2s4O~!8^bk*dl)!^WU2r*}lEsyK3Qv%)~x-PE>rn2cDC-{1pLyS%5DU6??
zxWRydd-=O+J+tQ3b;TBb-U-3unEx`pa*P<^!J+*=g0BV*Br}foImw!OaoMkaRdUGB
z=_?c-u}5&B{uM5&jy;_tK|&VJF)AhwCDoVRH5*LLf98@O);Flei#p6Z`ME4(YrupF
z7n&-sRV7U{qfQQbZ^W4;>cOzOi0}Biu3kbmUc)966bo$>CJA#yIW5?;EdrHkd!Hbt
z>n!bj(|zkKyjO1w{|zJA&dH6aoG>SH(HfymC1|$i^hLHr0G67=(@)h$;e0&6<<tYv
zX1V~k2$-D8gB8*Ou<dk%v3;LpB9*A3cBu%jZ?Y3(1MO|RD~19o!}XeXo5fnQ`1U6n
zB2e9d-gj;KY5>cSDKtewk~m*b)WNdz<)1Dr%RWcko3<20^(h>-wg^hY$s}XdHA)j=
zbGN^t;$}BLKlk?sNgh5sT9ntX5N-9mwXut{eAych`fqyP-gXpI$;=SU4eP&Qla$@s
zds#ae7#mMrg4Ir=$JC=^k}y&#f%`=iuu%m{ll)A-4?((No?)XMWeFoOX)wZufc<J!
z))df548)KdgfggumM!{Y(=GaGKVWMyY)>jxHQ=qh^#HbuY^<vND7_t+oB5#oI<zR5
zkrmo)FUW)`yYW$(T5G+$ZaG26axP2-?)QP-w-=`Tr^jkKc1BaDhsO8Ml|Zix2bZ<S
zt$>V;9=*29+5$EVd1xaz4c<pJpZ97rugTGWER;+avOd8k-Nz85G<(0c#=plP`t0-_
z*FQh6yLj(!sI@ykg%N(n<bJ<w0MGhdS%4C_+tvblJ$xA_<<K5S)4iY7K8}_~fgU@k
zkGjt5hJ{K`Q-h8CH!*S=@`_FZSB;j36BTeVoRR}}k5N1qnX(l)a?*{hPbrh0=Pnx_
z{j5Np;;=K+tVsgbr?<~Hwsg*R)WXru2fdHM^Ty9UTJIB_0?Uc?06m{m%FLH{xz^JQ
zDB~F(JBwSr4oKWI!(x(xV8=cpV^eFdcS_)ATvF%Pc6#^ilk&;-VdXA>5<=E9Xxk$r
ze+z4l4e(ya=jB7k!^Y=+Qv1F}O$WX33R%w}>mQ4Ko^4>KnGCUl^JV+xoYuz?Po>v*
z!e!foiegWm?_=BJ#v$)(Sa}BZkdYy)fE&x~3M}L1uHN(f*Y;wUkK4+Rg<FEQPd7Vw
zINGbffB3KNv>0)tDCD6cK~qTuQ31XyXlCZuUk{{eodG~BWKDc1i%QZ4bf3)kPA9|K
zAFFRe^-xS9{)w_@w*uO1VbCE|aW}C6P!m}K>!GM1*?CxZ+;9#_FvSD8ZzW(J!2uga
zyk}$<6`N^NyXw?1{vkhCZ4wDujC?eXsiJ0VD1HSg7Ey)GvdN-=n^^wDnwbml|9HNr
zPr`3=+#ETWP!}KFd4jBlcqrklWz{f&C+&bXCKf~a$AV?CJ2IGny_5~N83RyGmz~&f
z&R~|ZRk3<{mNd_jOMsmQ>`po5JX*W3<bOYw+q5604~NQJJAY`ySyCM^%|!N!GQq#S
zrrqcH8C;r9`Q_oFz&J-vy(2c0gPW$rZ>V>x-1dhkD4}tGKf-R@;1o!bBnA(u^tsP`
zCFEsIU$OB)4zdcTdIW^Vu1lY<x9i^@z1ncMw9GJbt4Z3FWf0!I!l&PJuiJ3rSXWk7
z9!pkctsXr>ef4|TGQLeGXE<0gWe{*R`8XL=$L0Ai?TK+^5aB{nNDW4<Z)WLn+CIt0
z4`i^75AH^eBcMsb)H``wH#N@>vqV#oV4F&$=clga{P(uZqDUi)HO&N+x&I+>8zd>F
zrtL6)bAgUbE}XZ^Ovuyl(O<dooq-N+IAow{Do3u-qS9y-+*nkoyuSqD0*<#4+Ly{A
zuD*D;6m?WHk&u-L$+n}7h?H4JZ?l^BXdGYgh=~eqhMp$?4l#VHRJutL6cQW>+zdpL
zW%k#J){O>5xMaTF9C=?G6@W?V72w~!7^C7Yna87%Q(sOq5vz-5Jl6FyAw^Tmkvo)!
zLbF&@jU#GCJs&Wne`67ELL-q|Gc_A38|R&;NTPI{9vYV?MFuShO?N+cL=)Mn*q`X6
z5&8NqZCT3xle(TmQPeIz-d$R|>_RufxUQpveSDNGM7NpkpDu=@1N%a{eDyg{m?{30
z>W+W`NRX3OA`+9JS`!avIlpFL3@w|QnN4uX?J$w)4~s^m7&LTrbe7lFJ}z7crDv3d
zwPmq_sK#wCKY|8zoq{S#fS$Wrz1xm%=EfdgR`iG%ir_dlvfwl%0say6%J7SP7u7$a
z@G@m@cse`>hvNzvI^S-T5VNKsK&lbJo&pKsj6lldp1==H>jagw(kF7ZwFOYG-xi`n
z4bgsa=q2}NBD_=yxRX?oj%gzx)lG2JuzMe?@|RTpFee3T%|!<H7sfq3&n>;)=$|N7
z8q9J#ReHG8oid(S;0`X8<ip>8W-~4LAD+(ougNxy;$w6Oqf=ocMY=;^jL{)2EyCz-
zq`SM3?(UE-rMpEsq)Spj@Z}fZ{R!XC+5J4vxv%S-%EX)YES$2OawUq4C8_`S1gzBX
z1H+7nr8P7-YvqjaB}<c3>*D0(Hc_C0<0ac(W}agdukI&AQeO$#@9$5aMHRUD?sHSp
z>yRTc!Ta+<S8;kSf`PfL=av##-mpO&6_}{ok!5y~#4-j(Het>7VgMcDX$loWt}|QN
zsnIj`XYcI(XS!`J?|>J3>Uvb2CbG{PEImThjGs7!7AR84i?5bo-h}wSouq5YGs!?j
z)0&i#FfFU11la@(qCWIxGaRClJlFP4adu!WHuhtGu>Z6mgkXs&ra++FIhn4G^9KcO
zFqM)t(>H(Qhe(LDk$y^I)<<;CXhH@ckpl&C9dFURRO<ao>vd?1*q<n~mmI2&Z2xqj
zokqE%p-rwI|B*<c(50!iwzjFRuCA%6rK2>dJW-9jC&2`*YTTXYw30=-&d3mQB*c#8
zuZjidTEHp;Nh(U9`2s1RHtq#(7br(1{ZTHjKSkR0gr8~GO=*sQ_w@O`e7m-|(}|ir
z4CF^AKb;N!4jd_d9wOw%#~5YNa@|J4Z$Wupdo@Lj0@BKGa}6PmCDz=uLt0nLxvaAJ
z`wRr2Xopo(4if!15q%1ju`PdS6akuHJq`x!n|7nQ95)+_QAvhWm`n(gN##8pzHrB%
zj*+}S!h{U9BBzO%|Kl!Qpw1i-CSwQ*;t8R1MlCF%9>%{A7@09QWTpiv%Nf3kG5No*
z=p!p;Qg8Pbys~D=P|9DM#6;Js|Hl%qv`~?H;jSc0I5|0rt2Obe=k37ix)63)mbH(n
zj%kEC4hbF3t51e|PsTa;VHOFpf&!OA95KePe=ht;ic;Dh61*LDq~pqZpYu4k_;hWY
zLkh4+_@?5zxOnz1kxn%s%?|^Gy8#-?OI7KOW~)8%@oe5u<e?3Ng9AC_kAXR<uSW`2
zMu(4B3tgZuZAX}diw3K4X2F*mNNG{<&tP0@EO8B!CVVCpO!^>{pb>kz1RsW^!>cxx
z%Gwd_fUrWq@IVuanOgGk#gK8CI*W$F0#J7kWnn<8c2(SUsY}Ac>gZcwELFz^MKYlz
z`~Tjr%bU^DOiOc~I-R|rkpxH6ySO|?$cF=;Ua+ALpNs6Dj>QN`x0@*YZ}a*0daFN#
zn571M?Wkid?+Z5+RqJ-$X-p+u4%DNgQD3$W%hQ<}6*!~sNq?j3eC3Ijx!9L;Hq<qY
z#SJ02b47lB+hd6jl#f%zKw1kwKtsHHZ5RVdF2;vg+f-Ax{wW3NDO@~{fb)&d<TDpA
zsm70#1oJjCm;W+%+@Au2>zL$v5z!8Ld-Z8QWHe3KhO!>|2GUMWHh+b_)5<?Uc<iNi
z-w%ZozJJw;mBx@*Htl>7Pl$eVra0ql#<Q}tq#Z?KQV9a7Xjw%!F(p?kXlQtYIa-F&
zqLV$q|NbK~xvFxevRo6ao>gVPW-!2H5@Ijk3Ge<G__|R1!UM+CdE<<9Mci>+EAD2l
zLFSiQ62`_iq~NED0sj8G>qN=l$@0Cj+6o*43D!%VFp5O`mpdqsJ1i`#Vu`<<-jvi4
zv91_~4+x5zI3p53pL&Ul&J^r;Cg57s^KoZ+MIMR3GU#$~KH$wc1prIMlL|l+Va)##
z1s>k}w;z!9Exo3rVdouy0S13fgsQE#i~#*<jgkSVB*9Nx$o4d8O`F#=X`t#BKac^2
zqdls>(Z!+ukmz=cq<Q(z-^v~iWu$26>-qr{aJrylxBJe@BO)`yLl=)~#XP6k-1S!m
zzYvSTU0J>VSf~z+ulM`=cjE8i@!Cf&xGuotV=F#PXbT`;e4Gawph|x{N~zWTD(s)3
zlPvy%jT4!o@1Rl0ey29wHhCL=CLsdy8kK7~zwrkRAqT!LIDQC7SfFgt7xqaMZd|mV
zrYc{Af&~W$5io_l(6)+h#{CFT&PR2+iywWLC2-w?Ja};KvLK=PIB3(2Hq*C&S-SvT
z!*NGzcKJhaL*25wyvB^N?1{G7Sxp)iRaIl&%nAr1KQBnxns%~Rv$_SA7j*lGuV5Kq
z+#hQwf4i|nW&MJx{PaXaUE8!mIuw_?*r%Wz?ER|D$$`=;q8>=(2Lu!)$jPCMpQP9W
z6j(qWt71Us|8owMsQM+l2;bDTS%nYN<R>`3O*hrnA-XfPozR*20jjIMI;__Byg6Q5
z(MnbQtjhho4bz^IQaL@KPT}VwDRl&y988Rku4>p@z@zFw_<Ss58K*~QCr0C2;D7FJ
zOL0lvC9P`GW<0rSTNYlnV3d5VB1Zy5A!ta_N^WDm(yMtl0IXA2rGy13rO?zTWxwn}
z*Fj1fPH)S07vDmAJ))#ycNM72KNa@D_Ip)77U>U1gGa}J0sd4c!(O;z2r)7sQLOsw
z&*a>}mq^F0Fp#e6n~}bzXk)`Y78v!uo6!V$B;>ni3@wKY-<hhov!L-B#RkCG=b)8S
zU&N&a6WSyf>KDuMPZxB7R!t_Bw9Vn5-@-&XJjrjGOeuu=9&q@&Sw!(zp_aL&w|9=6
z65k1lfz7R$@ke8NVzKnDcw<Nfc_G?4gR(d%aGa(z=S}kx;=1;MYd5Rt9tD!aG#5n~
zi1UF-mm<r=LbBsV5nrtSH}j3$!XWw1aJ*j6O*V&j@5Fb49&u0JpRAns&}~0=M6|nB
zLF@41%k#t37Z1c?BTO;);y}3U&X0}~IX{9@bri@^Ty;5wJ!;|EwZb5NeGp?{Z*nSm
zpi^gMT$E67KzCX=>gh@ej)YlBtbFH-PF%5TUr5sBuCeIbEa)LrHpAupg8KB?C6lK{
zXYkTW`3(=o+Wl#gPT)TlHPXI3_vn)7fyq<K_mECMnp|J^m7B2d9!5Bc7x|QbAPX5c
zD%*TcC_VS-f95RDd>{KKTIqre0ain#$lS;Qsw0wh6s&k&Z<$9`>3^EPU0c)h?c0uV
z7CtaHt6B~Z6NrJlZwT}=F#v)IF~GMc%W6AnuT^r(i<^fcWnRCxlvyAH068>FMjW}a
zW26Yl`$JzjeRBKwbWtR^U|Qd4GRj3zKYLQNIu<ZK`u3!7SvZbVGKs#AiG<0BzK{T>
z6gdMbW0Ko~x9FfjtQwQd75aOi$CDd2YC*bmE+bIoLpJBz$^EPBfpOO?&R0hcSp<>2
zzcGLzuo1C2pr3w1tK}i*KNgx{5B!$++-+#@j$QQKn*0D!NIiP(7`Ih@{?OW29gMy7
zOb-^pHo?(Um%CSztzQ(Yma0H<wr1m6jG{+fgS@Jqnl=(N4+VB<od=uWQ2DC0Qh$D^
z(I}Wi`}rm;*OdP}>ianm=~1w%CkzgU20i(FxwXpiN!-F@YdoSuS&Y+YmnHWbE)WY<
z1&i5yVFSZ=f=bRcvNp|M{`Eovd>ufyeO2A>^yF)qTkFqmt{=W5S-l;%A&B9O7dhnT
zn3O81-LLBGsjqKQPl8_vC6~-prK*rSI&jX<e@;LUNfFpLo0awX)4RR=T(9}T&8B8K
zT_G}mMukz0k2fD;q^l`LBQ*DqMKN<lK2Hiuz6q?ao_Tg+V_z|rdiZ!*x4FJqYQ*q3
z_|v@3chnA&S2HEU`i9&hI+h#@#S4=79bFA~c?`41*Q82CcS+=*^F<jo%uu0*3byrp
z?Dtw#B^B(Jl$ghV0=m$J9I*?5i^lsvPFl%;{zWaE(<uP}T3(ZD`#c405l(BJLAsL;
z7|29Ftg1~UkL?u7w)EkrBpq=8(<n?1VOpR0E>cF;e}=5Rwj~ZR{NwJ@f{OTVPDd@p
zB*jGPDAOjLL6ZVuXw_7WlZe!IJTiDJ+A_(^v4By?6muVFyCADgBTvLcD??VtPj(y?
zD$5=zAd#wrMPuCB#9ba0-DWcPf3NOr%j^jT5dw3FcnL-%?JDpqWAV-37uvNSzqtO*
zISURnm^QU95%ciyG)A%#sG5IH0-b2uMa`}~#j5`n0AN|<)a|}T1qx^}0{rf2Bti|9
ziYx|QDaOOoA2~m89|!s!znetH4%=sT>-5-M$n-O#)2~Wt48=mtu#p~+914zpXi5*t
z`B1ffKK2uojV`j3$?3Nr^U`(|pMZgUsN(y{nGv=39u3zcGc7RjdQj*2jx^(e8Q81@
zLTcgO`Hqcj2N7_9eGCO57aUE`sfX8pdFkKTA&z#&jHt2Z{Z&|O*r6o%%js9oiR693
zux?`Gzy;0e+cyNCc-K{ylfBTW-=DjG`=<-jDqcg$T3)KyiJa~Z-!K#)zOJEEWRGF=
zbjFd@53;f?W4G1kt)|oRnXJYnu6Z<9soCWDd1oOJr^7}$wHW1r2-dXxdJPk1<8VP$
z80Kb7kg8wSlRNNhISq6$dOregDgqHG;P~?VfRtsVv+5<^UnoU1M7iO=#j}K0fqM$z
z^g;TIJ`Mf%q&O!&IGld>A8T*8$J&C}p4?ZSragl?cDM1ne2#Y=dMeOe3gZRn>>Q&V
z_M`K3Z0IH~6aM7wfFzkCl6n&K_B?7N09gJ^QG9Y6T_SHxI9ah3j7=JmKnp+enHuX5
z=_r8OrjCyK+&9qx4Q((Dd2@=egLQ0XG}1p7(VTv8gbE;$x467~<cEN~+u7>4HL6sU
zvcjb$4_7k7qMAwslYFAO_HOT=+~<7Xl=OKlVq_#4fS&GpWt65$VUiKlstQUUJR=ml
zP39002Gr*@rK|}^iB?MdX^3GTY1<&6IjV-+X5}vI%$b2SErpDWWn8t?Iu+vv`yE+z
zy9})&!D4V^>S?OA&|{nVpp6a&4)_hKm#~J+GN)y=<8@-^z%C?C6rJxiM10O!zAz1p
zbMtv_!9JsD6#VQr7adHu3S^zHFIh4E{bce)f|Iyuij;YYbr{~<3_-h|B$cYqX}8;!
zc*Xsd;BIA{Mi3aVNFjpiUC*jB#Ok|EO>XtS$0t<n|I$*}51gj4kRbfI!RC=ap}F~&
zmAKDGc%x5qbKhB^%wrHQCd?e0;$rd5@vezKzJuzI=q#_Z!?g}3b*l7o0w8m}0wT(3
zDrRqwbXMu_J*6#=rk!22;)T(Ab|*Tn{>+h!Y<RH#n<(W&BcYdX2sx27NGd-tgX735
z!9+%$T&PRr_zI0pI9Pz74ZelYRT$~18lJ~n<5%-;zcmo0gO)7Ie72K9cV?-%+J5(L
zlPKI<`K@m_l$>I_3o(JA+RDFQbP(CTxMG?uTvA-oQ3RN`b<9J9H}EE^6B&NEIIJo8
z`C&ed2FjDsx1kwKNYT?5)u6ed{u0-E{o4QXGDqT{F4Ce7Ov@Ad<C9dGAlbXK2JBf%
zqtoUIrdj3n0CR<<17{@rx7jT;{_`zeUBuwsL`VWlK~Oq~-Vddb1_dl_K_!V5rj#R4
z*HkCCMvi5rsG|M@gn=)e<>On+0a6_iNQj4HDs{q=U@|rqPG-_F>m*^Q5W(j(@IpWU
zU5w&K;Jr~pP*=23!<(LE%_h>yalGr~rhpFxY$!ueH=juA3T^b#)Eo(9IG#c^2l-JG
zJqp4e)xj2}w>P}!355~^31E2TvrADbamH)P0PnTNmsC!Z#K7gmNX4cJz@lzeG8W}~
zdiqS-$sU1}5#aWY-kRV*Cui<&NbHX}97x6RtCEQ7e=M3W<h}?muI+L8txFv<l1_;o
z%cV}LP;z~=d8_3lPw$4yi-FkA<!{%3*}dcVLb4o9*zx+gF>Ak?dgRd$(3`g?gZoA1
z8%A_R8l{CK_a6<yF3HYj5ka*h;_u(FnZypxEZ(>~TO(rt1E<nfF3-~`eKsD-H}9rz
zij#&?s^)*Fn`m3ws1pok;Upo#5oKcg+`2Hxux0`Yotog6Hi4J1QM_#&s&E*_>%#ez
zVaP}a6Se#A&5D}N;v|7-VIh4MR^6?(Q+zMiO!lK|m|+MR4xkI{oH#n!6mv*wv+zb8
zugAdX-1@kQ-WyrPQaD!}bvI55GyCW>!=LXIrFXj=zbm-^u>hgC&M)vr^5VJmj#lZO
z6A4H1(ztDSc9REiV&jZ~|9*>x9KIw^;!C|-x3*%8{FC&yHL`;a!eCS{O9ifnPQmM^
zsmao+IOR5S*XfO;n`INKYO*970geKh02v!7C0`p#Zg7#0208p=V|K=eKc~a!Y0B{F
zf!!tNuA2Psf*konKVQ7A=gHc+ecA5D!*&T-Z)$7&+mmg}NO=}jyltUPo;190GjVWf
zg&p~5%a4XqRv1-y=_EsJ^X}r3QrDv7D~_t%w&QM*D)VdXsy7(}7AilJe`QIs`Q4Zj
za|o!KHnQRFI0a=kvElo*ybu}V6$7G-&kD2F4Nx<>zV<t;()|CuGf`}{Xd)8BYk^66
zML-hR&e<}<>ukaB)L^gW=^gsMUt}gARs!;SK_V!Ry9kQ!p6)eQ*85Ysjs=wn^WD-9
z9&q#$wd+PVQO`p)4AjyZ6DStB+I!*C1L7*8c$bBy=)QR)Ns0!=k^Y2|;n(qgP>cup
zj&}nzWCNYPma6F%>S@A**@M)^;CVL-AMMOP?a(${cW!8s*J)5VBFQ*_a#(>A0YRg?
zRvkpw>(3$L?JyhEbX_|L8ac(B$+yDWarDU*FWbGL?4pw@MXTYsx@MkcU@r?Qr#d2U
z#F!q<qB{`|<cvsGhC~oy(IFC8ROz*H<6un9enHktai;Q==H_4j=|VU00(-sVwz@%B
zy1E;zAA!Ew!o-^ohssB}^axqQzKG|Bf0;Xk8SeEYM>~qi2a#u#?#62NnMEc{@sXO!
zka6LEmp*<QB#}r;M8d;la{3p9T#D*x)v_Sv5V**PIXPA(LTFxjv2kxLl^t(pVCWv$
zGv4s?8atsucDhH7QvNvMZ!nQkFvId^aLXZQ3UFJXJ|&{#bJXRu`OKNw-lQExG)&G^
zdk5|Nji<H-g=uGlNam4SBj;>KSc3c8blceCH=QwYYg3@-k<3Dn5G(C#Y+VtrzY?<@
zEzW0Mj-F$Qj!wo_R>s&W{aH^3gk}@j!rtdo+4CaUa^XCR1p+$LL;q)ikf;K&%JRog
zs$fU+^T{knOvKv8$q|Sob&959Im#lTFw|#HLCB$dN%qC^+(YGNeQw%()HLMF-ViqM
z51AehfTs3fjEDvswI%Q)Qd+pzZ+<!e*xinGaxQ+}sdAdylCU5qzD;ch$vdexQ2FJH
z8=R9+=NRgn({aB!WlGL9i<7x?LtKxoJI>lW5gG!g?P~FA<JRadoRuFDeyoony`SVM
zuoj)^r6sS(Z(|KaZsrWD=j}_bLy6+<J!0qbY|LK7^QNe3nc+RUh?0Dvk5OxXEHOai
z37jhipl|L4oHxO<IVC97dtBvY8V-Hf#jpxG@@H0h#$n>zprHAHjqct5`$s&8Lh(_e
zAQY(=4Q^}gdxHFlVU0~aDfr?M0x^TjUq`f1h)|k&JakeVg2r_FlkoFdVj8{&r0*2m
z6}9%RbVL}{8-5o;e_c=-WkUQ;*0vIlTKEeBjv&9x$Cw4gZi}X!Tp8kQ#P}c7mQ~(N
zM!wp%`g>oH*Kob_;+U7#$PkKGH?9NiR5VQ~@p(g5sTYXMZG3*sTX)j4r+9jYTCRTL
z6I{FH6D`U8J{Gsv<5&1wMdo})h#<GqLZ3x57CM^wC1*qj6DvMevjU9SjV*2T9Xfl?
zRGGR8)dRYTfXn@{`&)%Xgq5dEiulkIlzcoM#mXO}nePj};m416o7;mi2%P`>Q>%W;
z43Af3&3vz#F67dDeni1!ijs)pPt>yv_UgZ;esI_?f9G>dC>)y^NxED7$zgYgTz(}Z
zW3og-B$G;O)#>*}uWTJ{0@DeCD?%9q8m^ip;4LL(`N_nAgWrBr@pTgPASg%mm;Gnt
z0;t8|S3rQRF0ydYDYu^5>EC-J*C#@0l>jul)qo(BG_>QE@j_eTN_wbc6>5u;){VBu
z(AuXt+;E4giFQ;=F6_5{Av$Q5QSSgKxdX#z+~W9Px(!cN0bGJ;veE`MowS`l*T<^n
zD;ZRLbdAU79<dH5HlZPsUs;bGNkruMh%C`LB%Vy1v_U!mgV^gfymmm1ryO%@uEoFe
z!XB48jdvet3S)Ib-bLBCIYnjv(vcPtr?%DX;r#;Q-@qJ4vEs%{jg-GU!Eod1qbO|7
zO&O|zL07{q{R1%9<(Z-)@icpEG9JnPJKbN!e(vGE(@e|vX88S?!KtLRj1*Ul5wxzU
z!RhH3Et!t>dq)Hal@l@;AJG6$oi|@DR~JY4i!*C)$JRA7y^;UpyYF%NVKU)J^f*&Z
z<96-rqS>d@ZL%*N94g_!`8okYFBdPP!a%3RpeP-}x|D|_{oK=okw8=HI|SUp3&Zb`
z^#eSKhn#3R7)s^QTNN46CpD!#&ozGCv=@+nclOwP=J*^(!YHPm)ppA(ZCBjB&enhR
z|7^VHdb?)UrC?6O+-nZ=@_R(5_kHK&q}wf@K3>?@4PzoDPFeik;|#!#o~I8iy{8_S
z&_h=Ia`TjPwlqOK0ItUzDy97L{ZSZ&yjMkq$Wu6MP>=+pfKZeIp!|x<;I;1hK~gMI
z4%eNsf)O8H|D_BdS3D{qNP#QBSjQ?#2;0(T(i}a}NinS%Mb3)6S9_b;is>O-HV))R
zyZl3Af^#rPFvCT6$+Y1Vqr73>vTg+vsj6v!{HVO^gfHXtyw6}Uv|*MPxY~J}dlKRz
zOtn1TM$HD)WbnlgaImdw&pczjb<23?dsFhT&3)nE?bWPylFMnRXnj0xW;^C)YAB%F
zr6BfC7ot={aW2H<5(u(d%0HBLYi-U4eNVjxho&QAh#s;)l;PR^d+{k6FdUUwg^opu
z*wkb;YJ`qNG@)d$ReOYrc1jnXd~qJ@^9pjXzz+N5Z&j}LvC4liX&_XEVMbzS-tTY;
z0<OEy#t6QvlZ%0Pk>KhZ(CF|o>DZ(vya*%2e}~|!;hH^$LvGSOH2W1mWk1jfDlRad
zu*bcP+lotR-(ad;$F?M7B$h(3t24Zr|FlDhKgL;xNjPa*(86fEp+KOOdYz#)^kiPb
z`GK|R`|dG0g4y6Sp+)Sd8XzcFb*N`4AsGDUVmHgAl(8=GqV0fs0V8N6IXnLPZ4O_Z
z6?b8{>^~Mi)1Eh8vqk$eoW8OGRG?FNtB;APw%zAfoAZ&vd6Cd9X2!9SLB<Eq_C-6r
zifCRKNgR|8EnYyEr@9ORSHssv7^3WurE`Xmc^Sqr>9rmnJ2zQ8M80RE#c$yFx*^e=
z$kF%FK~ep)oTlu?iZESE_BU9r%vvkyn5kh~w~%=;ogz1KPvN^|fe4TDR;zr!o2BeE
z^Q7n7dq1vd7&jwcMYH@X`OhLgHZ199kPAV#V7VGD>&$Hn$)~~=F}W!WObmhIT%?em
zHECl%fL{-YLITo-0m9d|3PM8i;_n%=*39rB1C`I$R#ixS1GbRmo^4w%So5t8|C0Df
zh9)>hLBsKng-0VrN9DqD-Yt0Om*uR$WtOg+onGe(nQ<l981!9p-pK8JR5;qL-KzoY
z(edd6!!%O9VttUAtDUb!)eE0A7kLf<Vn~aI&UxMY@y4><d#iQNT5{~UU#38PzQa+`
zq@RKmqPrJD1A)nKnrY8MiK(433$1ls@)?lJ)lx*|sXjRG((|WGX_K2}%-++=8J4E-
z_9xKq{>+nO3jzgmMSja{Cq_U6teeGyP#{R0xiSh!=gv%~nSFDG7}CSNm>(4!HA?B3
zM``*|lj`%$D@BGrkF=R(rZ6!t3!#s0lNBRrZY-!r9Lh}N3|A@uE(U_tWWLT(n>i~?
zdVgHt>&4Ny{>MVos^lzwu<flj>?EyCptK=@Z7jE<^a_&s-bkJk5S+}&`7!$UptZY{
zB~rORC;NM}u?(itPKDV*$09~V9^p^iy*1VNGpch70V9tOF1b<_Y{8x+4nrvv;(mav
z(A}Hq8~sTG;}sg{A*uc2ebeas8nzTC+>iT@ZAVM!fh#-{S`yJ<iG&igSs!>GNH7GH
z;LhK07Z_S2P4j*}UJ^t*%JKV~7FiI(bGsYDJJxB+6?dH>Ak>eEj^Y<vJZE~QGFo{Q
zvBexmq?P6mf?C-r=51EBF!u{TV+<^fmRHLJju(&SqoYw-4X3$JYwp8NAM7j`<cOQw
z<h7jNNvj#pl3;KCW6|rEyF5y=LxD!^7576XgpV$NNB(`aTs1%%7X-?!wldRSd@;6C
zV8<-{n+d1aDa_^vrelNXrT}Qzzh%Ds`c)g7mTqvZ6c=NLt&8IoY1diSgD`esM^SZM
zvm7TV3JHm#(bFZ+$)e0g*QzQ@V~5F+Na8Y!o)(~jA`V6SGa%1?_KNEGm=(20W5V-Y
zv7?5D2C)i&&a`&HMS`*b;K!>8fJMbw8iCv^`-l95Keh{vaZF?t(kls>Xy<d}7_`|v
zZ)vayXrqu_z7De>Oh~en6_s&RQqxiq41-$QB$ZHc<4%#)X%=t?dp##d09oZIx!9p{
zdI54pengAfv%?SG-v3wt!u4bzrdVm=A_u(Kg-pGD$Nc84*a2uGxmp471^d^|dU7lp
zw4d|UZB#F6Fb}twb{Mw;vSsN7#QnpdV{7$@iJ0wMn%63s^_zmwZ+)CEUhaD96Wv})
za2HcS`CiR783zP?iX>x^$e5Z=3Y4-(7NO&AGV02m<1dTr6|_V$zGKU=yDxS`*-pNi
zl^xTT#0F#K+8A_t&s|<(q>(N_^g4Z9nlq6jz=3@Zejtg}mOG<07R&b<hBUz-<1i}0
zfw_&~em{8g!d%1B^udU_3wI7S^oN@(8QS<#>>u7d0tj$(TS^>@P!3ka0_i3v$x6l?
zC1Za`bD~MdCb_0$oJ#%2;-z3CZoC2bu~^TLr?&jLj;Dct)Ls<xt<LWxy9^K;N?ax*
z*&bXiu5_DAGRi5w0Jb&4g*-PqYr~;}rZH5%rkb1kRxRpS0>ELhQTbf^y!V|f@oWq-
z1{;chvzG?0w<j|88)~*WEB`EMd8B7@w(9-e_I<nX<%w%&!|_6fM*GVSQv7wiuf3a_
z!_&Vyb=|rz##7lo{5I6!gw%0RsI|{&q|qXS;bDf;e5R(BXwZOtZz7I~2{%_1RE1N_
z%dE4mPkWmMq-zhN<@%uN!{QHistpEkcwrtjNF^<}$RW9jB-&yb7gSyhgHXe8;^QEL
zaV@O7d2c>TY%9b#r&wM5p9KO}d_wsv6^i5p0TXHyOPbv6C21TKLeYNWq%zSYShlN=
z!Cwlg)rJ7%4`HZZYTt;wlJUd0IOczyloDy#P)Yz{1!mmTKmg2~a>Mzb19q8$Weq<K
z@K|D4RCo>v84Ri5&PlxP78&$U`YJ<S2W$nxJkY5)9WBMA{9a+&-7`pA%=|8N6=C6Y
zJT1)bY>V%chrf;zO;6lHGB+fmBTvu+s@rBAXc+)C|KQ<&B!MULk-nAQQ~p37>T1%s
zY0M$ZpvFrsBqAo>Ll(-$t&v+!6G{}$f};)^R&U@xUG;rjJ6L98M+jhxa@fz$1^A^z
z83wB(iE}rgRg7rs7KQA*FPQ(Q3m^gmX&V&eREQln?5Cy2=IU=h>w5Xq@zzjm00U4a
zuPlcGf$T&Cj?vrCz~5mX@Gb{&Y@*(IUo#GGz44>597zPssGo6s;IG0;+WK=Cs%07k
zpbr+Mb8{rXHy&}0J9OAGP!(_=Mgm3UZT1Zw{7PR;W!`O7SVz28U1P;l#pd=tcBYGc
zOUz@P0U1c+Yxrt0gM^PSDH9aVgm!?=KE=VUReCf+mN3K#uSE>|g^4>3s4svwraU3E
z1d=_WVKM{X%gckeU7NJCDl>`=vYIqB?D)IR5S^#Aw9-<A#p$$F9cjL|KWjQKml$(=
zcTJ<#;y4G2MYDQvI32^{x=~Z={;^mnF48#oF^UG5{$5@W-3W|@*u;t5A1<1;dtPQ`
z*{shiBKv`*jK!f4ZUWmc%U!F$jP#1kim<3y2f>W@F5{5rbcX%TCbj`4Ak!z+qJ4$w
zQcgK_98P9o%{FaQ7aUt!((KFwR{D@{V;BPjsG6t9N%GKoEwddOq10VeI8^B{Iw~QW
zI3NmjRLkS<YsPnHxk;F#^n>q-h8U2f%(Mp}<O-RzwEDww&{hQ%PWQ3I;LKPhyt0il
zGlXjiQ?W!9RgL}p7Yt{TdD#MVf$WN-jz%^$Y%Ua)paPj7y(UZ#G8%vr3VbfCduPZ;
zR3%bd-k#sLKs03^1G#|)t0<rOSJXcijO6&KfVe5<&Sb7MixDi;6nqRUs8~oiu>ak-
z*qawDw8fD3`Qw<%s+Qe=$a*~@e}hAI-|czEny!+15qrC6-i3Hx1O~alz&AW&GNUju
zvM85i3E28Ar{m$nK%d|9-KyoT<rk;gheztCjg0PxhtZ!CZL7feupqKwGA^_pnshyU
zejR0&Esc6-W;R)<!0gKxtBe>ExVF1kdN)r@Z52^W%g8)*tz?zCts};&NT^SLFu9NP
zX}&D0q6Nk6wUGfN;BaGXilJl5Yw|c~>TIFl#G3ehVo1L8uQ>-Kzq#VZw_uayT%GKJ
z2#^!G!UYf{Ka{H4)Xf3rOxq{l*rIXz$098OscFJ545`r&hb-I(K=J;B&FoTpc8*wj
z|2`(2He+bNJjD1%f~&Bz{yy@!X+U!|>2j5w?)oj2F%9gfe4~@o)$Q;3>2$$|$F0;9
z;heWC8Sg`;1t2h<FoxFM5FBs<CyJDAY62&G0Ru_?ie=gV?|#LHR+qC)bg>JtTDz@F
z^V{#lab!juW&N)cIp5dlU1fhZO%3jd)eyPlwB^gV_Gmb`4=MdTE)fRLH&0lUC+bu`
zdF2gr0XJ9`5fo2+-5Jbp#NzQYV(EwR!v_q6Ftt@vphfifpP1A+j;#HqXDaJ+N#2y0
zm}i#p=dy{&M5SEjb0iS~6jgM`CZy$Wx&Qb0HpL`21^SCYrN8;pHL#&<0V99Z0~v*g
z?!pHZjs%zzXG&QfXW1-D-BiHrxBW(R6V%w{97SJL4X{!(uANM!+G1&yG_8xKWsZ8}
zHKFyKgehr1!prN7JB?%h&|m=w%UcyQT1bU->;r=VR4Ny^*hUQ)U`W0aLD?d^Y$We)
z5glJ3iqf}+?}HuLw85Qo0ZHeuwipWcv0v|A>On!e)Lo7bzu$fExGY$A6S1Y{f+83y
zQ4}^dDjQ;CAOgl!RisYhVKm;0Zp*Cb?0q-^C}GyqJTCLn-5s^R?>_u#jdn?M2s6Uy
zsVj@(Olp=!RU9%eWerR(7O#)3m^1)TS%9ZJ|LG#BZB#IC{43{hB&n=_e8*k}ak>Xf
zBVHV-Js?GwK`4s>3h#-+k%2?Gh$qqfXau&>aM%^4DH{4mW}}$9hA*OvUm<}a7y@;e
zrCuN-=R@ZpIRtfbvutUeAO<RONl0fB7_h<Qu<t3!+Z<vVO{+y2MiP!Qeq?IKxvV{w
zDT(izd=#238PZEQeQ2%rzKNduN@DSrQ|gQsa+4Lyi5o~A0y5?a3Aa8M!Dmg8hkM;!
zdv@RS|2<0-yNDkpb!|N}g-+ztb4>sN=-6;`g#=_|8F<;c9O9R_rp=%28lTH`-)qXn
zoDK)~gBi<C%&`R_s9`t@m0&#wp!2-XX=tJS|IEsFBE!!e<hJP4i1w2hB_-o^p(Jc!
zZW<jszL&pIV)_$}haaz00;l4Z3NBtNAq0D)WIk^JofAZ=#-0k{Hz>hXvKW$M$KHTS
zYy?7vfHqE3l3~>_+61wg*#pa-zoMLQEP8`gSh+~72#1!L4ikd}=YVOS5*3Vy<Y4k>
zux+kZ|6q8JMS2B7AMmnl7%LpIue_xi@v#7Zd_h42`i^K`U9$c{R#k@HXf`am4VWmD
z`Ih^2i<k%DU1bNSGgmPHvq)Qb%*>UYTw|s;p(BK+a8KWp$k1@uL<WN<udJ|oRF0c|
zKm2t1y9z-=_ykQ)(UV9+Vw9+WsTqwLQt*QI#>78e_`Nj`#x?rHOyk%1SibM!;75h|
z>}^RnJZECtb#9lfK1ST<y`)P6fx-cAtdIfraOl^SNRA;;NRMa;n3Twg2Lr9Hx=I|y
zXm)C=?2XvdaO`8Z?{615N;^s4O+y21W1B#kvMXq+Y;-}EjB3L2N-qO9^1|l<BO>Wf
z@modF)w)vWvhK&8uPGF|2xc>siH19qONsPj3f^0XNi{?uwK$mU^#y+gshMaEGt=z+
z=+(<EldWsSO-u-tT1pp>Q^f*?#SxZ#4p(}Txgb!cUHp8U&^Ut?*$1Ypj>inD4Rh~q
z_##}xoN;(l{h_<Q+wJ2*hsyk@Ua<sRW`Yc*PKC{}{~wDKP*7MJ{WqF1{pImP)BX03
zWH1cKluIC|z*Vn~nL@ux2w0PNVplOLue<_eJPu=G_t{g7`EdU|blum%*UXHZbo{Li
z*apAH5CxNJc85bXi3tYbKxuohzxMP!XI%gE*z9teZk9v4{p#h*_bxV7m!emX%KW1r
z&k=8>(<Ujc>=$?@#sy}Ee=Q};hb}jp#DgRjzlb`+p=cQNx|x`Q&l#;nJH=#RjlXK9
z?)2A57O;Et$aidg!!dMKv_TEC=<6Q8D#pfOLdl1&a&Q`w1&p%7rY=-;LQ$qyGUcbK
zEU(CWc&BnW;yI9$xv&5-thx015da9F==2T~Z)QNFv-a{I3k1z;wmk9YktKx}gb`R^
zkj!DTSUn#-rNGa#T*1vkjee&|9~Bi*B$;A2k5|wxiyy->x}AH<_H0qZWG^5roRU5>
z>ZN6KoLp%Y9*yP{;Hs95v9h_pqq4!AkE73PTacnBin1Nw%=|xx7?3oA{s6$5o!IX@
zJQ0UW8_^&jf0%g`67Ofi!UYOt{Ww|^BzTH6xQC8zEYp%d3A+SeMVHU?bK=442TTY}
zu@kuFJrSt-1y60OPuT_Im(W@h+`LFm;NTFaP^aRW*>HZYmKjLW2qTaYKe91%l7$?C
z61N&ie}0He?X}s&|2$Nb!Onhrqy6XBcO!U&x2^EqN!)#c!#@_yGFt{^Z*}Tti(k?Z
zw3H;_rcRKin{e()K4m_TV`ED=kU*VzYaBn3d7hWHRkW8O*owG~4zuFEp>zBc<g!vW
z9vfro>Eq!Aq_VSC8+6CHf~n2W>Ptf8R)%&sL;xyl_YSJT0p?+<)O{TV#s=-f6!aru
z+2uIWl9Svyc(MauDH7Fs3s52)(mwy?K!NL>&YgW)Ulv#O8p+-9{``mIciycxwFD7~
z*(%3X&_<}wzGn;-Y)rTjWp`*|*m}Vp{t-tUW(e8ttjYMS9VF=S>8`1L!0Y<)%;!li
zN;F7YLmU1T2u2GRy=4lZdEQ)31078N_<M8q`0L0m7Nx@KQ9MxX9}9jvDua$jgBs(c
z@^buXJa7mGkg6Z=)v(J+vBk~J?ahw`YU&zVPl){jO?*>B`H~y2`U{?D&TsG~k!?i2
zbUh~4uS{vyvMH1cz$HP@v0-c>WZ2$TW+Tdb`*~=+D05ccmC6Z)`(?H#(cU-%Av)Q#
z{S|S-IlVXw=6)f5oP1$@6iDVt-o~F`@S9h%oas4m$RrJA=|G{Ruu38S{$(kgkoQBm
z0BRgx9r?8GaJTufd?&rleNj8(QN|%b)!V*GUK&8aSf)_}O+<2diOCmP4!dNA^o)`U
zXbcXWIY~_aE6WdM2r;q?F1D$wmJsiYS!};T4|nyg53oSmAHetD>Gb}wAe5VX0*(3j
zb_;cAU5ikTtm4T?=F(~8Do<EDGA#k{XAUMCGLfan1SN$$m<#xm21@}Nuk!TJ^4*gD
zkc`oc`FQ@E@mjNQ2d9nmExVov;!(k<?nMWBz+qud3xeC0W-Q{PJqmy(mx-1UEqM}@
zG~*zxN#=b`trMSP+A~pMANRIHFBDy~s;PTaq#iQkF=0eus8Si7LX{;^IdMa>4gHd0
zD)Wcdz8qf7q}cIS8kU{7Kuc|gqQ(UDcXPkCxP)Z`oY^B*`ccKJl50;-;$J|&W#`2X
zf9!>k5Z8}}AR`EDQdf*x0F66_FDU2`@kvgTgr+?Cv1yAKil{R2&%4jk|5yMVUt{jR
z0I240y~Kt9dq4xFzyLpYn1m6IMi3e*J&Y>Er~RZYMFI{*#F0HTH--E-G2KU(7{K%4
z%ZcondLX0q`?yBo7_{)<<LTVi&EK#PG2|sm7;ipx`+MX>TGZ$A<>cE>we14m)6dvb
zhj73Fw!eDD{Efr5$YUqk*8h&k*Q|<!8y@{w^SZ#?E?;&#6@E{fz)`tK34rnRqVIOu
zTH-G?FWVeR07&eUjnC^|EW60V5s2ne>z8}-4O&9^Og%qb#4M;B<rwQu52}L)ETRY-
zWI_j3m_g2G{?-81QTK0#dK<W$y)S6%0ob4&l6j`wjQE`m$!ucvTh73Yv6g=<q*1vQ
zl;f*+EDJ*h!Z31iD-g}-xl8@iq^7~fX<W*vheW$vX~wl^PM?h1h*Fp^Or4U<n>@CH
zFQBa^r>4TK(TBAJ#PlC?N${mjv;1*T<ZK?vkl&TXtQ=&(FTcDsK$%Y*qENO*wqoEQ
zFU0ARJKUag+}U8~0KRc9u@hLPbV0>H<z(Fe5rJWJm~|$voI`uPFqz^wVmdjT(&@?3
zaprVASZXUra~RRL8fWAN1wY8sNEIfDB1pnH(SihW(!Yo}-KA%c{@rl%sle^X9A9$!
z@{;eUDc0fKfNo#|Dd;VM_<U=5IkOezp6l-AfL7S?l==X^%HG3j1*t2pt2IZ3=06q>
zu4)b)UQWMSyYI?`-IRRJ<extlZs}snPJ3v8EL6rUD!F|<Kr1qZIRb<}h}U5WQzoaL
z1H(8$=jWm9K+@j=iU=0P5m^11Us~$&TaqaCP*rang@hrQ(u`4v!h2vz4;2uIBtL;>
z<{GP=qQ+`)N(X)YHP^c?;gBp->Y=_!ZbUTzdnt=aN?(c{Fi$9L1UJTzU$RC^@?yb<
z<a6YL!Yhs|^NX!QZ4+HTU7ZvYo7NX+^Lj51knJhHlmP8wFhRa<q_;aeB)&z^;S=Ot
zw`EOQzUS3%r<Xt|gdvVvW52FSzd1TxYjJdU^bo2jU;RlCEGT7FB~CjA{^lw+VfVk6
zb1wQh^+UVc?UM!fx}c!2$co^1v6fmLJN{)`-)^MbF6!pxstU`Pt*<?O6RaU?U-Y}(
zHfJ__#n*$cJ(lm9FDWMj;ql@NCv6rA>%#F%MuYK^@cB*@d7QQoY{!y!S<x)PmZhqT
zKBiLY9?9A@AV$9E3C)2YL!45RW$6tZ@&E-A!P@{$dbakUSb1{Z(kv8k6NZYOqBAud
z%+M)S=0?(q6U&ta@OrEBG8|$<fFHduFMU!J^;!%G0!X@?ds|&4lJhe-GlU`@XLObZ
zwxkEPGK+DrQb{BtV(|w}?OPm(#oP8D&SI2`4A~Wb3^5{*IbncdUZqNTx48o&U%XUi
z{-+DVxNL)nK-7NXp_&A!SfI_5%y+UVap%LAyI9s><18nOG}+}mFp1$zos4a4eloK&
z!;S3i>}J|v*&KGXl6(XaF+ZSDGXx~?+qNByNy>iOb@|fH^XZO~;7bV}^-8-Z>B86c
z5AMDBOX;iveWv@`xn~jzc;6JvkIJ>jOq-l8%d@rLtWkoo;WFY|vR`~|+kH6#o-=f#
zu2%pxw{E}9o(>tip2nBEAD$~aiX$)kakahzRNyE>1L~jBDPXl6NjM^59Pn4+k`b0n
zCg?G*g}$OG#K0V@A2n#>F})ZFdoaRJi{PzntyA^-DkI4+!>(iw&FPv+1#2cYhhq@F
z*!}-|ze@n?=H-TY?Wkc{m2Z-Cbok)HX+N`fhAgw9cH#r!@3#1j_(?P*hje2}l)y>+
zUW(mdIKkMWf>FE}O;D0d98r8d6Nejvls4XS7dDl^H@_gy2T!m&&)n_ffwoz+WDf{P
zbES_i1OB~}t;+>=w>p`+1;cqvMb}$B&z_1R9}w1yZsw)s85^O^M}C`|zbKGu^hLin
z9`T=vM1biw6_>s7H@v#qPj{AUI>?7VofVuH$)^Iwr++!Dhl28(Y{|S9@t_mvYu0FV
zgAkTqy<ZE^rOgmjK+Zv?_+hn|J#k^6v}PNAyon#xOWn2hFA`+S6PEkF4Q0NaMT8Nj
zatQq?`lpM!-%;9c8&Vv_u})~1D<iceai+f(6bx~S8|=_*kh5SASWL+dn|-DRDDE2d
zTBx)G$QPwJlJt;;SZgxxLtD3l^UdRb2ldH1sghxU{K8a4oHe<p^~^ouhN9s2mB!}X
zZ@raPQ!q4AZhxWl7sGzZ^TrRnsn3;f#-jK#v{Uk}hYOd1k!JA@w5tp#iU~1hH&?%?
zzSEU7h%PkM!K8t2R}f3vT#PJvrjdobl@3bV0OCugMU@><1ci@z%y#{racjiHrAt=l
zAVVe%f4}=49<=3jK$hH_nd_6HIPC3<9jP(<oCx=gAoQg7^!O{a$Kr$7dEe&dL~roY
z((noUIr9DgonF3ocsVUMSB_?TUwrrYYxKLC(|FO$m&S(M%FFp}nhbLKL3C0_#}n4+
znhVM(F-S%{3p)8^Uo&D)eXkgOuKJorGi(D9uq$59V}qn|E4<ULD{tyQLr#;Tcfrqr
z8Q6dCBagsbDu%f6s52Kh{yU!rOY81&y5dp6{9Z3t#bq*@IiJ(psa(t^@-nz;Bi7$W
zD9$WWoypH6^e05pFklz31r`@33Qn2z1R;0-Zk;qiK98>PeMmlAq3Gm;Q~A>pvRqI9
z%w#JsPOVYVZr~|ZMc6@ORc7OmiSND=RrUAHaq;&Ld&4n?bE~X7&3E6ecx{zsyjvIk
zG}rWaI<aP#FNOL~7hZzx&Ohy&OTT1X7of*#R=DtA9fa5{4uVv^p|6kauAv*_I0Xe!
z$-qOjD~n9|+I_p1t$%cOnrO@~pQH?Z!>In;l+jQfE?sie<`_zf+cRp}L>!J{9=7Y!
z+1-xU{ORZQneE%<)|dAS^BVI!@gF-6@@W!?b9)DyDJ!kes3$ckk(}IL*M57rJ-Z6b
zty5G>Eb2klX>2Mhe|}n^IdpX&^FIzx4_noA`#4_gJG&4Bql+;y%l5iS$~+RVc)i$M
z`7AXQrFogC+JRL4l65cID5#c0E=cbT+Yciup`2|VGpI2z01|lU=z2n6ogW23qTouP
zB7E;RB|AxJec;GCrPuV21qVRHTduU>n5Nj(CbuIEAlYCu)Soj1%Dn#u&TGB{%G~qT
zQRdb~r}@TL{E4XEGsLz$4u*f-!Y~{z92u<)0leN+u_lEM3+1Be48UFvZ_^g!s2&%J
z%DDb@`f23DUzl|IGFk~~Q%~;$TTXX;BOwQN!O+w#pa(LcX}9+2@iOP{3z|rTqY-AK
z-Rl@rb!s_e0qrnV#|N*#A^gXNzrjI8*)kV1U^<iyP;*7rfY%>sv8%<Wk#{23&5_cK
zw{5OYf8x6DOMK^UdwEYUqK|H4mHr-EvHR>JKifet*8#MYHcNN5Y0nLT3g$pGa(c%&
zXjs#;S&klFv)X!{z4evk|Fe_&{;6dBdS%Jgq|#|Y%dE%Ko~!$2Y&W^a1@D73Ti0cS
z?`6#~YwF+8zc=hpI~D8o4X9d_+Au?#r!42^^lYiGL<RGVEVimXC*i({&YBkW%n{{3
z;TV@22+pzliqF7)7p6DSV3!Z1NGHcheQ)|lSp@wA@bZuZNM8j+;Y-Rh`Y(D(vv_<M
zBQ+IdVvoh}gWpSNpQp|sQHWENL2{ct-lqqIw?M#JT!`b!wbmB5mTmz75kZUglP1P$
zk-Ou>(N698mg;5E`<oLDPcM&V(-1Obh^vhm=8N>kpi!aFutyFut7!0Um>+yVi%`3~
z&7$4M*LRZq`Motg+5tb8Ht+VIE^4WNZ~nr<bv+dkB8OFGD&l(RYbffo?qTy>%h#;6
zd3s@09|qp`o>3pi^Md7;gPDlZ+Okof4e#`YBin|P2e7D+D6u$?Pp6=^U2}6YRGGcJ
ze{E)oIcSZHQ-j{HJi^tyYpwDjMd{UW@evFsUn`HPh(<I4i?^iQtyRjVehkYoKopaN
z7HiC5n#PZecEWxGsUPr}=>7D81YE+Lqh<+>My`-wxV(&?z9c_~DBcW`5l1Db6w0xf
zRHi`pi~Ds=9DACr41gx7lA<&mi3m9^Vm?eY4<|QFnfV1|n1c>V6FzKY+o!ELY~oX?
z(P$jXehom;dSA}XRA?e8p51%%|6C3{DD6v>G!0CiiJ-wnu1}E+68Y`QIi1<xyp%36
z*O`&3iS6>hdR~=2J4{9$r)caKXN9*Zkj1cm7DsTeC+s<%j#m#wIjzomZw#`9PECuB
zwmYIp8h4nqHkzgpXJPbx;wy4r>1=LzY2{cN_op;X3L47<ZGa@kGy!y<`GWfQe!K7H
znb%F{ndimR<5}0A3+gj!gYT=WclYoA8g>f#+%Mg7q*uIKZE=6Rr+z%(zq!G)HR#;Y
zGlAm}<dv110-WKOZM#e=z>mcq)wUCDH*}Rg&+#x%JMGybr%KVBG73ahya1dj;4zhf
zkk{3IX{$SF?)|UHKmF8y!(;zu&$q|?(?x;r)#P)47<;u)kLB7!4>a5+cIko6FbvWY
z-2aXR>FfS5q;M-d35cKl-Ga9=;u!GUG%Hr%Mf@viI4o8!x~#gz%WsK0yD`AtR(t;P
zSfGM7AW@c>Ni|!WAYLVy<t|i(So{EhFr(ovfvlN4abM*a-<Q4*e0@Vmfx_cQV(2T_
z{%PA$WBYXT&&ahrY0WFPn^c8g&Mp^+M_*#8U)97+@R=RC3S%U4Xc-$vDe^WfeD1{y
z%o(>asA2=bKqR|Vr#P$18j6cm5@8E7j;$-!x{&22g<>ILVXN}C`bHsLVd)7nvnt-=
zdN!_==aPrhKw}ODE;rG*x@+rQ<XhxpivMThCCI#@@M#P1R&GTg_u^jr?V`B;lbXwS
zM$KAdr)%wmEkB{n)nsM2tHmEOCfIKGz$cA3-$Sm~HtX$7&e4<>B`|OjtkV?IjBe1y
zU7EZgKW8r!f|P?4;TUMf1caOAeSz4#DkAP{w#%T_Z@vKhUNW8#1q3D-P*A~)Zy2*Q
zKUJ$Ru-=Fv9Tz3b&vU0#YHh>=IOvTViW_bjDw_Tn(yY*%22gzw5ImP2pjs{=5aVsh
z(dzXH%oIX4+Z4t`-27ZFK&(jCPC<jU(@gkD3qO2HCo%ACzaTmkWIRN{49R&#8h*cK
z%m<L15chLo)ygh(nD+-LM7Tl|zYcF@+EFq6(*@GtR;n3Wti?e|7~O7asD?QGhjjW>
z0x%{L^jq$=pt?1yAp%~GbVMaG)?8isb|;P&ArY=c1^Y}@Y+FWhQr=4pm-XtUknkJg
z#9f`LS$jH8{<|gicLncpqd{7l-S_TI_tNd^X3^24$n9~~a*Z_~WBc>(0X<{k?3jK1
zq4)Oj!{04z-<$C>Ew1OABCdg4cS9w?+%-?aPrH@81KP_iSkN^uci*#t-VgWkIjh}1
zo106tJOcm-mmvy}1BC$TJtEVII0!H_<4t-pvHnow`-Cp~=jrb+-}@rcZqJ;RsHhh}
z2R+XC4{yu@X6s{S#(7_hQ}iI7xFzFvIBfktpZ#M|UQvF-i)5%dcl@RhiG8ykVykwf
zTPbrd-{>grn?6#2$uPcw<2Rf<9NzpBTM40Te3ihi;@5p%@8u=LYex+HBw_ctT74oD
zkJu5h_4spqk%m%jN}d**f(Iaw!~ed9+Q9o_YkB={=lR&b$`g4uZ|u)bSKDu2y>$oB
zw2$gL3jFRm^90G8CtUvm0}VCiE3SXsX$e|I$xf<k5TjjrhpA{8ihgike<50ISr>>M
zIc_Oo9?EvL3`V24*CNzJ8Hfu4#p(3gw731;#|if<x(x)iwi$(hiflqbaI((S>$X@<
z3S%9@j@0quGjFY$W_VDL=x^|q;;QnG)fv1IU;+C-7K0^&q&52GX4NOUFz!Z)rqbPq
z(Y(P2Jf#d%KI>*#py1+Yfw}h5r?NCHznyxefHP(eidHFnLw_cmAeiQlaS3B<MBIKn
zeP9$t^nW~^Wn9y36oyASN=6Svx<zRuq(?|dmw-q}halZ0j82gbQDT%ZLb|)8W2AsI
zqie*wFTNl5ao6uW&;L31iJP(VL!aCFTx^JVk`L$IT@pP2ngW|*yHi%g5@y=%e}z4{
z!2ShZMMnFcQLm9t0tg^=nNqDbFBh^R?0WNq5TvaM(6q}<_8PQt5sbor>l%gKu|c82
zX`k_!1=|7|%Q$$RShA+b^+T(TDY^R(8>e6N&6QRNmUs3eWiEPBD<&2bKIZh)P0xOr
zh%oM9hyu^!pw2`Y^9=@C&hqUZ8{Y3j42+2bU${b+;k;(8n5rI9xU9g#k^g5hi=as=
z#xBO{5n0wh!e|5{r(`Q2w;dn@Y->=u=-KIlag+Cs9Q|!#?p;H!&&gA&)^ql@`vv<I
zw~7p&7q9N>to2Ki3nJ<>dl&5L-Z}psc2LW`9f%J+P&aM%+}i$uY}V6vvbNTwj<RIw
zUXI8=Ko6$sYBvpv?y)Y5H$Dve=At&N1DIy~YQ!)>Yaom=RuZf%v7e-bbO7rST3KvG
zrE1Xtxb3LqRRI#!hrFf_*vY-m3_QPH@o}5UFCm;yfcZ#kKSaLY>5L;i<p4kpW-y8g
z(tfn`8%)R#N87r-c^2(Xs`9}rugSmo!qP<ZiR41$$rsT`8bEoC{PZh{so1ao*Orw+
zdpLT)d50L8PcgGM%;AM@0@q$UO4NZwWH-bXzhC36ih=+^NvV`I5UPtyhtRJ%uMFO$
zFNrsOLf*F|PbSwnqL!biz^@5GAz@QxeE<xazx|z(URHn828)X6{WiHsE|#f?1+Spe
z?n_f6uOK9O$&>JwrMu11!});{foa!PdlFGz-l^WvY<Mpu*aK0n_neekCEq!McPg4S
z2}6)i7IDD<wL!gbqmAqr-9<TC9?8+(eDw4Cn<dcO2n(T%VHE^h01}*<&^k-g{FR7-
z{hqh3J`w-BW{-~#hp(l|iiJAE3A<BvUTd}q5`4qVb7>$n1+pF`CNQedrYL&w|M_=D
zs=dt^r5QuHNzsMNH=LrBe4~qG$|utG&a^W03VdOjq<tITS?E$MS=8$X+ukWn5wa+$
z6N}AP^AV&>0Q)QBFhlqr$xNP~7V&*aj_<kk4zvg^w1qAFm}L~?>pk!g-&J2TS|=4g
zqOs)hf6G6?xG{lnz|k}_Es1YrO*+@@4aQRXA^BnW%UbS}(LYL98xU+J*+KWOWd(n)
zNi=5ZS$2sS8dGU7G(i?`jh{0lrpwE2^aCt09QiJ;t>$aV9nA{Ow(xwjCMLA#a7!l0
z#~BRXAGdro9Xps*H}PFTy}KHxzw1ZccZyR|W!`U0uRLU%zRPZY6E@;-U1yz3%m*Yi
zdjF3_^YP6Pd*7u&c=|jBf61$xr%0b0s{7@!hsuW|div~&cm8)Xlj_FeA|eLDu{hs3
zRAz^FVHGCilJBy!-Am(duZROS)}?+AdbAkI$9WHEy~UyUVK450^06k~6}@`z-yi$M
zPO<;;u=VXzsb5~F2k7hl0xor4LVuIZbB`JeT=O*bUT4($kQJTgLjfPvFFY-|r;oyB
zV@kHtynHuQf;}t<vqA4iCzasADB{-1;A(#zAW5Jo{L~`GpPw1H9snSF9OyL2hLJuz
zbb9+uPdM*8j&FRnm@-H4WInzLom!xnqU;cXbqBkwa`+g-%*;%<6@mT%Xmqm{Rk_me
zX+~$I{~rs)yj^SB6MI>a1OGXXa_AK=v}4)xbdV2iavF@6$XaKjXag7rv(u8v@7~Oa
zQprgxFhs?u!J#fTO&yO!#Uxu??izWoBz0zlzBoE8rVBl4I$iQs!>yNtE@I}(gtjB{
zsUQqSv!|P*0ZYTN<!M!}0-z=nPe3)?$Pp2TBWsC)&Ms<4hpA5I9mda0mIP&`!@~oP
zmc{MsGs|6A!g0F$7zrgb{Lf2<;^Ss#-d=QS%vc0hRLy+%kww1)XR><6&S|vO87YL=
zLSIORCBsKAIo=DPl&Ew_F?}M(srog|vE^ks;|?0Ad8Eu0q#&y9gZyGY@e^5Nm@))>
zRq+`7O#iWXFTdJ+w#P@E>&97>M0RfbB|VQN{*hH}`Cd)TB7@9IMC+2(os4SJGS;q@
z=<C#>1^<D4r61z6DXD$5?C-@M_ZW&7wTOnk<rc6^;n`4G!Enn|<DkaT<-5}+R5^LU
zarzMwRO3R*Nb)x&qKXp30&1%s0oLrsY&f|}ifUv<F(r45@(2l$QddPKFo0#TG)RJ0
zM(qPG4)mptE$FX<iQBfad0rVkHO2-7`S#Vfx$d1im#I55LcY)6e;%?dolGtmxe>Xd
z8xVru!R*4k|E?ZpQ)PNz&bQrbw;f-v1RNdp=NVZ1J*CEfIg0m9#0@2|epIsOj8@-P
z0yaxZPnY5UpAqY&*9d0|Lfb7DxiCxV-;WHrDVY{4MvZ4PYLviO3>Xdb9dD#+9GfH>
zE>G^K4{yYs?ia=HZ>*(I#}6n1(;KOWY3EiKRQ@CO8Ts>$!8#CUMcOL~lV$F=HHigs
zpP9eTYrAVFj;t`p9V7N@Vc@tE=E0F@cHWHmNZz;EaBiandVg8%llt$L*ikW5iPL>W
zpOi3puQ>#A{me|5bCP{;KIY-)#tx>qFc|Vv7={jmUr4zyYZy4sI_ZsM8h$XDt<5~h
zDC?PW8_kQC6R$b7+Cj;b3E;;50Gn?>XL#X!xWVQ}*lfyzy_gzD9R_4L15+^*m%;L2
z^QHqos0m=m^#8f#SzU<L-wE8~R0orWehi2#VXy^2%)ZIvXxiMm&iHVDe{5^0&~U0k
z;gx#@Wp9VdtW&AaxF;QG(urK@=h8*5UJ0bmDPz=gz`g`FC`u&@sP4vG)~_(U+zV)G
z@mMcG25gPM;T@0S7%??qcTeV9^-vt3uXySO_YxIml-XhX)2n9N&j+;>)`GIAMx1h$
zE6sKCr&v?5$pB)3`$~92BPvBzEDU5ttiJ3CJ%#NOU%Ry%Q!(v!^7U*|ww-$yDZd5r
zGTLYgJVL4%VM){6Fm?wimHbG80#X&One93GINY~R$!tUM%jwjJL*+LneG3C9wjwZP
z+AS04bqiMOf{3vGoe@+q^}-u@e4=OJcs1hzorDwwF+0=eG*AwutfVRc#y3VRreWjM
z5o<{vfatrgFXZv1ZYFrE#r-?SFTmKce54<2Fm6#Rr&EC^o`DxAsWaJ6YozVCd5?a<
zO`g(Ac&(4OAam%JFsaS45mP2qGo|i?OTQg490l5bHu-}6r7E|L0&g~@ZYSD^wES<$
z0?(7Bt}W29ZE94m=Xto;>UI1ZT))$l9qo%Y%=#1@VTAVKt%s|q(>a90mpv2ZVr0xA
z<cxAQ;bs6grPRNtYoiCgo`)||qhS@+@WLppDT-e{4}U)2fz(GwN9kG{eCI+DnI_Fg
z0=cMt^}7w?JEI}@l7B4zI^T8hJPesW%slf<$STbYB8wavHQ`#)Vxiw`v>Ehv<Tg|P
zt%Z?&J3xuwlhc3Z#vNFqA#Dgw4HQ2HDD<QSP`rJ)b0vsB*Da($C)CoSOlQNjzW7DP
z@Tuf|lf#HY@E`%3w(Jm?zxosJO3P0JXZ8MxiRaD4{$K}3N0VB|`nJW~F{}86i1;}A
z=~KJO%E)rBiYzQ_`Ve>9<Cjk?FoKzV-$=wu0D95}zwg%}c(K3r54)SV->p7!j)~+W
z?D|>u^k-I11&}$hO!%Pg0Q_<CoH#B{ZIb)a(`pDu6!EBS!9k9Qd(I<3GLtz8orAu^
z)<*p{+aCYz(^6X@D|4BU|BnTOJ-6K3X!d2|I@g)`{7YL#y#?g`Ou3PMg|YarX3w47
zwF4t|2&H?&FV!Ngk!$jwf<9MQZeI<*sM>1g3C}S8Y)rQ;{GnRH)uzg?n?6A`gWt12
zz9=3~1|XZKZa7FQ=yfPP5vmE1Y@vZ?Fb+IxW2v2(8oiQV{2)jys?^Is2LW~%Dz`jt
zCQe$27eFyyf$&?g3?S=R*l(V|r~xKbuka;dEnNcyJ4%}(^9JDrq8?wg&1sH;|NKnJ
zlSzj_hCi%8Sr-!urJrJO^b(&1^A@<hUREt+*koV`IeYht6^oJ6{W0IifJ#^2@5TV)
z;-CC+9o=fuUpPpxRct<UYBwmV{A1zZ{BGHI_7r(FRTOZ=E_se+b&1)|*KPv1IJmgF
zS{pd-@;G1J*go9dkXfle?dgFn*E(4dN;F>PA)8<s^t8qT;f*85^`?HCrw_MZAM@;+
zG#~3A<E3t^h!+FS&%ZwG@0CuAg}tX~@;zU@lR8<plWDv8Y$_`1bF^?Eg=pjVy<b8;
z4Sx~F;5{z>{SYg2#G`eNOy<l5c`|)a7fX^=ZjmxMDPUpS04LDJVbJ}|M2o6r1PB1i
zsJ`;}-8kPy<lYan2i&dPu1TR*0ylfUu1Lem%7JFUU{{smkQh$p1Z9D1m&FL<r<D%U
ziS(zEIbM$)qC*)z$Jy!}ErubZS<e2k$ZC_hFAWRQF-ZA<-l(uq_HFjt%uYF`^d^g{
zYvA(xl%ozC;20i><!%P44S<uQSNDVCdan09o&vpv0k`MEL8_=z<49S$Nt5>-V&%p|
z>g+3zi4WY@qQy|k`))w-GOk_Q!V2(S<guKhP1yJ&=W>GOh=eCjN?<K=I&4Ew`&l-7
zS1$v=hdv?3z2cy$wNHe($sv5TzMP!^;k4~<gE~6$+DxZX`@pqFL&Z!i8AKQWz};_L
zMtk=@QVP;(;8IZdc5d}7F_gdz7?xsZ0pbgv^Dq&}jg$rkGvPe}d3{87c(g40_l?#W
znfz*22{&7vI&<s<(P!RgadB7wxEOzN`;Wz54(VW2<6*i*=?Xwo3Gu0@J(yI{o$SZz
zBnxf<Cml|u@#-T{FU*h?=2IU!nbga~0y|oPz<7oqC|pb2@{;IJ;@kW-5xZyl!gd-y
zGkiZk?0|yHgjm`c^(&Y~tpUK;*RdtprJ!e0K`VrqOiF+TCXbpAw$Xwdn$OB>vO?JZ
zzIc<o+S*a=^EmdT)mS|r+fKDM<+jU)Q={*-wXxb2gfMJUY<a`Lc7fsPGhhtwPpS1^
zGSBju!G`9;*>#iTTN6fkm`|KbZtdv!oq3@kIodaYYtDgxKLzd;5mz3_e!zIs(MBp-
z<A`uyvTAv3#>+9v8yVjbnwGuPwRzHc$WX5O<R6Q}3S@ohG~c&!Ym_gFO21U`?(g=r
zbKt@IaluhgFQbFr(lG(jd+QlbD-c*Z5{2b=CP%;2qP5cIsp9qNeDKixUEBTc(97Ha
zt}upSpfoN~VwJGMG2@K;Q;TkpOI5Si@!<S?NmWJ82*3tW(HzK<MWYP@++ak4p5g9c
z)B%Xi>QGctr;%tIDlF5h*@uhV2l}>)iD#GXI;pAv0Mm@FS>wy)Ym#SEx5g}r);uz=
zcDu>Lg(COfl*=}RPe`#!`&f!Op8?3vtA>}Zf8RDls!_?)$csyTh<qbyl_$MI6b)mu
zfKD=3yL|;h?4*^LhG!<Kom6|q{8zMJE_>L2BryBOV(0Mqxe+yb5o%R@;(8(ComjKm
zX(W0cF(6q~fnGS1h-}Pr%ky2!5Cyjt`3)mBy&Tf`;7((n%RO492idhslmsMRRy6ww
ze1Fry^SAbrkRQxsq#Gg_wp{?ELEh~Y%3&2{Iw2wyixA1@h4YB=t=N+C(*5z4$vFZj
zx}<NJT8E4zWK66IvMk@68?!zg@jzUZLmr2+N1qmwtWANiF)|I;?|xtUo9L5zx%>H`
zX3FncS_U&v#7;aHk1Hfy)?$%a=IDtdzSXTAPMg5YL`m51&1M%5Or_*6h8tP{?Bm<%
z!r{D+?(UMx)hfhO%9gZ5BM?3I$I(dy5Iy}Rq9@D$Sg_5uM_25R$d3F-4@+6G?o2d?
z=xm7ey!~{~ApQ(fHV7LUGH#%6C{2jnN!vo70FALV{u1)nG7I_y*NQI)ARU6+lP6q`
zDU`pp@y;=BA#zGXo3rgb7gbVo4<DlyqVkK&t{=-xE_2f^+F7?i^inE+Z4;50P!#uy
zg`wofr#jX7`6vdKxvCl^1#~L9PSX=%ut-dvF(D`WAt%17KG6w43JMABzZ+k<nODF2
z8u(z{fzhtHSb?Z`(j3oMq4x~wziIqo<oAWYFR5J9JI5FA8q8n|2J3{c8UrgGo96u<
zj!wudm+bs87iWatwRngShQd{QiK|<0yVuN}C9_Ty8`}P{aJ>0#68Lvv^9c&=T<haj
zRC0Xuv7xE{BZb4uXM0vQ+>BsZCiC8NJ2?DPhruJjumfcAKKNk440s;1>q8l`;xHzA
z#63)lH~tne6}{<NWM{=24ZxBn_-KCl0)5T<-S9kY#^0T^-TslfE^2e#x=$~$!VqGJ
zun?4bjr`@St|xkso+x89rGsU&sm^!FJgV{<Pwlx<`eTkq(3=omKEP|Jz^uqtc5V})
zw9^iz{0PH5d%6!R@3C@`0;F1@ed9~7{WISQEN$YOnt^!MP?p5oQ=~WB9{`It927L-
zAvX$E2}Sa}lXPf0u&RCY<QaPKqb1v)B}y_)^m-f5rKDl>**_KtPvEu#g`CpT3uy*d
z?6p-1fj)4%h8-+O$wUe)>rqj%+cWxRwr<gr@h33Bed)LShR3S=-mD{W@37}r_@-YK
zTsp|t6Zw2^X|=(Xh{RjU0VC6g4d6ICIs84yb>V_PjF+%Q&LZ|0gqIiutg_t=*d_@|
zxT%v86O#>#rXsFCn0XX`dUfI1a&UN1>A3KCTs6Xti4mCQb2P;9bPJ0>EcWITUb_u`
zenKpgB5wRBB~SJkU+W7d`Ces^)abp%1RELqSypUE;w8&tDLm5bz%3TPWW{tVc|kyK
zpr8_kCP<o67>cPH4vdvvey>o!Xom5|U6^Y&-ga=^&Fdtc9{Kbii}z^-+#)i6X|chM
zR-L&1is{`^@_o+{B07q%5VZq$gGPVdG6J{~F4hL-`v=H3Fi(?Q82O<oG)AP-z(o0d
z8;z4w$__0_1Fj5yGNn;ke9&e4UfXFy?){^O5gz5{K)*{hB%%>!4QFNY@R!OR3%#Vp
zf>IrV{G{9}V3b22HaJLce@aLM*f`V%t__-7J0qNAX)_v^CFY#f;}R?zvYt~?$mx$|
z&cCS*II}rgI%j{8yjFoAUE3`EdU^TvR9>wDxBqU7D4!9t9ez%2E|fW@tmp>B`ZbTP
zl{nQWcyuzlR#=h5$uNY2<t*biA~dEQ1?;V(aRgNW7{4BUY?QG7zyBgEda3P#-v1&(
z>LS?mhP~~iwCx=Ere1Cn#&`n0Z70pwVdPvJ;BVx;&-|RndqcR}^JREmAWP)W=HT!(
zGx!<^u-Pqz&<!0d4`LQOm$n9aaBB3(DsaBKRFibNz4GlGn?GrXRD&3(tdvv0Aan6D
zCrRJ)6S4^Z?S3%79(GKX3Bu{6(Uvh316Z;0i;EOhCl^$)m-rLLl~_|MTp)cE0AD6F
zp^{UoKV5cyX;1G5l<W?o0kZQm&0Ti=MpYd6L(l!{e1BSV_kauHJ6Exs5o-=h6?G=!
zUa-=h`@@dSX#Gl4aihw(IC`Rd&sqs_ak`tw8g&O&ErxJuga$^_|97VcCYb4o#bn`o
zlUWbP%&a6G^Bz7@P4xD!qg2%<NA)=Mg^DKE^AkVO+!1SWUvWeLe9kr_U3(S;`HTaA
z)Lc63lCbpP_FHu2LX_V_LhBhw<JI=Bse8#+(nsqQM0>?qX;3p%Ig-Oh%Z0zVz3zh|
z`O-Bsy>I32jLq}|Axe&*JnTkzfO%Zi`)g$$p>YPardv@{WpBDqXooa~D4>Lu(D&xQ
z-~E)f^iCe~vbP(;?hVs7zzB5#$$=lGA)KqZ(ZWzk9t^ErP2!N@Z-`pEx)xQ4Y{2=e
z6CB-e00!RE$dy+&J#BY8fk!L%=1l?X9e1-RCktS?0A{nni^ui$Gm`(#$m5I4%ge3P
zbhr&KgO|le@a^bwPC0Fmfl4WS-J_|bw8x?9S*M~RdV#zpEL25*@48cTw$>3G9$;|k
zaz6gBDo0g8=OK5w|7q;i@y5vBtW)#e64D=uehzybYt0h*BTekC-*fzs6W&vsz3@e$
zO6XW|S1ujv#X{#Yd(0(sLxCU~CX2G#nS=p37KWhHo<s9i0`t1PIw{eR3-b4XZ45e$
zW|zD9y}*aIhsyh{z^j!OR6}N}oMTEoEG`zGi7Z$`ecEjy8d%()AO5!QfnIJ6Nz&Jh
z%dVniyRFB9yWv775LE_MdSyE5a(H@LuhlaCEZXL?`aLqs8|#auY|An19}7kj%W&}A
zCCG<b?Be+esLKDsMBT#$(HBfeojF&LCk^)7HF$Z|Y6t6a9VN}K4LIsJEi?R>az5XP
zL^o%Xk<s6Dpcomy*LIWoZ>KXeFr@d>%0U^cp?s8p7GlizT=l*`^~dZ1?-QqpEn9X*
zg%3QAFkI@IK7HKzR=(GCdAQ<pnpz&S70h?mO5`F9u{ykYF~3oFAPZ$wHhIYavapQ1
z`>hyf%R0(?)~lhb3tVlH5|?m99BitfC%VKdTr<ya)<Pe-e<)oD<K=yp-4CrC_U(=h
zqcu>-2B}2jOfSDa`^cY;!@H~n<ImSwkius!`Y2$x_Zvx)T>op~lJr<fN$4Moo8xC+
zeji)J2Pb2ZjJ5nI9=fJfk85m?(Q-E8_Ec}9TRN1w?07IX8OZ%pWBrH4NH6Bwiy9q#
zmiV?-E=%vUGv9PJyrQl=^m2xt2Gow=(1yrn$~Ay{X<M4*Ac}5Ed_aJkS%JJi(Ei<f
zAnIU;J#ZiEVQ1wo{b1nPB{FapjOVf)adCFG-Er4c#IDFNPE(Ugh-X%#kQT}?18)G(
z*q8lCPG)8?5{ka|TXr0~4;)-({hP`vPWCn)+CO}EOTU%ni)<K!8KLKs%<wIrjC<4{
zIB{zb;7uld&Nq@(O_1hQh)L(Q=*+?+HSa8AWqB*BijnX1Q6)CowWZW)>2Pwd=pT#I
zD|%m~pM3XQLMA4G%ZG=ph3^5`aQX%TW@f#z^YY8PgJ)lgZG=(Qh|(>kI%N3zT2Qgv
zEC2PT+=tS@TU0r;dQYrvX}>a8BJlc{edTt>lW6+#WgiR{V+LXQ&LI|OR^R4Up{1)y
z9o~w36VYW782AXf@8F{&D~khBU}D0R*4(}^1Gl)l!<&p9Ul2BduzTrxvDyJ2F|VlG
z$68V1D|gQKdk=qBZVOgE=QFFh^F;O5In0VP9#;<oKL@cdhCyv#N)%sysT8(oQ}oE%
z#2u;8&T6;L*?!cUb$wz8%N0#aHmP<<+|+N(YgN6YW??D}G5D5YRuWPO2@ozO(i{25
zVuRaAWk$;cJ>@c6+E@XzT3V%%yt~D6ZJ)W?PUobEmywpbG6U;pPJ`t>FO)seH&p#B
zC9gl-NMIpFI8w-@Wl@6c<UJd0EPTgGt0y!q@>r&YMG{HNL@e38oj(2+mv!9BLEZhs
zw>6M%Od|MD{lFg)PlB0b*x*xp(_wnw_R_N+6B<?MK~j(aftsuc6Jg?WL_x53QKQvQ
zZ<f(rkvlhxVeNyEUXU+<KGeMqwpb$WQIs5S=2^9}FYGW}s$bbmjBN7@46K^1vYV;x
zmq-l#oC^Gu#7N!*BuD1Hpt_MEJjUdutR<&%6COWwsGbxsH+X0FE$C#@Fw%I!z>f>}
zAB(=TP`vKd0_135y_aY_qls^w-gjxgS5i+`9k$5bleLELnL^AbV)9h&51p#9t&<bH
zcR4`LbW;|Q`PU7(6Va6QhEC<58Qop}rYDxa`YRs)YRIs+_;2SIn6v?TgpRvKYxWDL
zk{@C{*9v0<IoNjF$ak$j9|i(%iwYh-@8(yN%F(ZbLZ{ph`qmCFYCkOs+RG_}6R|aW
z#|56~&vI&DlC;D-=u>?i18p4anVuiq9sa=#8W*PbJ9vqVFA{OXb4{v!8iOJ>bu)e-
zepr{f?tQp(ZG%6|<lYZh!C`ZLM;+`^5AzR&80Jn?9FpB57vG#_m<I6oSQSVjzZI>U
zal~u=W6=Vq)b^gD#$hS!3MXN>0V66(o1D~e6X&Ky;V;6EKW^>P?9;3QjzWisFCR7o
z&vPXMkvDC3$OmhTiKJ|8Y*;F1c4%wro@ucvfwD$WL+o%@?TD|R9z)ef=jq5i3@eNT
z_#e39PK*M(^(0otM9+P$!9z@!mANIyrUpb>+nM<Tw*5S~dUU4NL}=P-$zi5+8ur#X
zqtK<IdWM<}$QK4eBGzwO?(TLj^rh~nH_xY66_F839#|x?e0k`c4Q}`uY!RbcGhdd@
z5o1AnXI0zU<;z-DYDf5#1ao)W7rEC#3<a@9DadOEnbFGY)EGMJjf$=iEfaTv(>Uz7
zKI{MAm$MyS=Sa-8wti_!2&sSR>1i^n7zrUUgRd|iBW7QQG`2OzFj+|9E2k)h-?&IK
z4Lz1_L1vdjG<AB-evXE4G5bg@*u?Nb8JL#i_oi|29!GTjzSJM9sBbzDd5n&Kcat_R
zWRDM=`VN?QL1i?}!+Uu>x~Id7az$_GeqNg5ef;sY(<z%NXu2~S|MSPMDb=fhdEv<K
z^1SVWak8Oe`J<b<Y!kD6Wu)(EcG92QP%3|_2z@0e@J8Q+(Eafkd#B~iSdJ#gk5a8z
z23g2N8v79=`~~+(BqICZLxyL3>c(&uXDa3{6+*jq*h})D<Xkkf>ZI}2I`hh4!!NHZ
zOp+9`mg;|TLCTbw)m1`f1I0Aln>h0}$NMImEFs?a>sbmfh{+Nfv0fT@mU|bG>wkCh
z_X0h#OjH%B1jCS#0|UBI9|JwL#VwRXYss)Frbj%C8o0O|g^lc&?oULk5Kfl|J2R*^
z+6YA)oOh<L9#-Mb#l7n#x)}E5@n-H-{?|LR_kVI9Hi_>~cmk20Z99En?B0AL$=3Um
zk>9Z+6$;(p7QWF28W3wQSkA8V%Z*4JR!&?5tRnq2mBLR|FoY0{Ckr%LX=>z~fpKs`
zAy%%sI2~9y0ALCuU4Fo|b>M~b?Rwxz+rwFOreX)bfH$SERA3SWk)9`FG+f=3QyAZD
zNGWbn-SPkKAgjW`N8W(=?Tro;yD*FN{8~v7vSwPSwlGQ)1f;;TA5vT2T{!T}Jn(S$
zu0rhVjli5}W_7}WvS<D)=l&}m&S?9PLpL#Z|3I<YCEjKCKB+5IpkUg4MBsUsbzj%!
zbO88f#Oi5FJQFmJ342vhig0~UL|>F?io<c%#H7Wbe8zt^wg7nt_+D2{<8rjl8#k(p
zhxr*~&Xw?Owd;3X6fQ|HxD$K}PH%8gi|JIo^jD<N|N2#E{P+N&`OW0zxs|_zk!C}4
zqmyu{6Zjhx+p(|i558gF?<ZYAX$Yea0T9x~D`KyyeSnk1Atx2|Rogd;sW$_>&P#|`
zsxTDVrZ!an7Z;Zia#D}K>g%JT33OZ9+T<+i)cn0`GZ&=Qb*d~?Y%NAuBCLzpz8u@0
zaJHGgpX&VGMrzjiJw{SS$ohT@Ud64Nf3^L1C%btM_F?kXuv1P&_9G!O_i^V0D3>)9
z)5@LQlVh|$GGQ)Qu^T`}6UszEVDyT9)S=dpL%`6FYlG|AYx&=#Ihs=(Y5VeqQXIWO
z-d`onags&xQcKZWgQZm{k4^}lgG`f?$h7x>iD}WBKU|d8*gn%zo;+`W*Lu}=eY`m<
zh;Bo9K73g}9s=KhDHt}szbBc77Q^z9aR(*lpw40r=xUio9n-3D%ly8MS$z{MQz$5;
zS6BPmMXi?tmGS@V9jPIJ5H|hSt_^Wg%7b)5@>J$Va#WEjgdAlfZ~sc&5Z|xaHHp#^
z$Bpd0bdGSL?KQJL5Q$?{(AO=&H%bAq+UWUe)uw?$Dr=a&(f&%c7(Q8G7a!$){Dodf
zQ*&@7b-U|*HV)*eVwt`z3WHYiYNO|}?edA#)%b%}dA*GFdqEfL=fUS>Q#=UA9on}a
zQGb*~LRr#n{*p!Sr@hGNxMu-;JnpI#$?0XBH)2yxf{iN5eh6u-Dz$1^DfdK7_iTDJ
znK;&u*qI2a#R3`Q)<qWSodU0in!461B(e{YNQAaH;kwAps@%>mLP_OMwM_xXv@w1+
z^VWAFS#OF8OWdM7692^os+IVzxTh-?y8fG3HPd8zsumK-S9gGC`nzYk2QkYehD+ak
z)mRZBl5<nwt~Obwp(B)(pHC0y;3X-IFNgv$1IXYI5)y3HwLg{4PRq2;xe`swQcbPP
zf-gN^ejTfb0KK`hg|9gA)CJkFhPNxz_|x95#t4P`({k(1xE?W)nnSc=mdP~imiyXE
zPQ3{efw4kzM>D#;4fW2>3CFuPgVRo6G5Wr9k0vMd$7SrDvEkQGY<UK8V@#*jy~5+T
zIhCufx+}q~Y*vQ*G^c&>=RvN0k;SA~lkz`*TPg<>)1|=MlE|sf+Gx$!%!v<Ps7nle
z4`FEcsr9*VPy=b9R=)n<qZAEnC!AHW=F!OuNYM6G1#7TbER?xOh-qk-*F~BXwQbZs
zQ}D@ZH41aHeuIA+@&*6N5KI1#Fyo39!IwuitS)pHf2=cHx0Bu%PV|Tzr*cF;&YRr+
zsE`!->~G2p)1C%aH!ARQ?EYZS{?jk1U>{^KsF^;!9H1<FL=#GXb72!35);-Asepx>
zVe=tI<aNtKi8BxI0T%mQ)*qV$W^h>bg`k3G>pl;QXs0E052?EW;x`fE_O#tc%L13g
z_oolrmk&pmm@$`q2(aJO_{_9t+rwQZB9mD1+U7{sfkOIIa{J<QMHY8?oJ0;%U5ZHU
z^<LVRXz$ty7NwZ3-@X-dPxk)Bg_MZBj_fQQNeXZw-`(ADS6AdIam4!JpQx0d3lE`E
zce4-24`*#`E^nD6Fh(aUDWP|qpETYLG>^dPeD6)hCD;!iR%r~6g{-BNYffu+2~VZj
z+nfS2gQAM*%RA7Qlk?2iuZSg&^ZohhfVS3Ob9%M0e1z-2a~?Z8FE8J1AAS^BTwKgr
zs6$4q`VS5%ISq$#v*^}AFu!Yi-kjZCUQnS>7kWY!8R+Rbskn|uQa%vn^u6Mspnx;Y
zDFYQq5Xb^-(dOIgi1MJ-HQHXF1OdiTE?_YYX@+U;F^d>Lcv>W1w}T=BlLb*w6m}h(
z9cbDG9B@Bm+8lsttSDX5#q%Tm$6_;}cFE0og~t9x<%?N_`wB5H2g%#LDYF$1NuRB(
zDpf!)C<K?@9GhkGQbGV--UN^{4uX6^wY|J>GmA7+|Le`3&43oe`1N9#yY_4?d=&I4
z<tL(ix7VHh2d!q#S1-L~el3%?c5Z*L1!x09Cg?O|8HYJD9B*(^!8NYIoIgGPD1DMC
z{gGy{=!QG;OT^YEJVqjyQe%gcz}N5PrKvG7iEa>Z7BTIMY-7)lX58Q*5q#M!4<XcC
z4d7jTetfIl|KOMNckVB|?=}7VH!eAIJNq)@uA}Qk+(R$NmS`Q1=PbV#p4dJL;71iw
z$U=ro&`WZn`b$IXfG%r#8C#G1%l_B+8k>8*jarVQO@0<~odWirjNNaj2OzzCusDi&
zA6rcRsyLuoCx6YtyIxG9D+>l<=%xW=SaEe3)-$G4`+p4rf-ZCLid}oZm1hJ%rEyar
ziWXd!RDKV)J*djoTTx~MSnK7|SnGMVy0cRoAq~ct$VTm^rskWoz1+5z2JiD5HQkr}
zSq_HUtQ?x-<V^|7YBR|tpSS=VN)>;zeJGeQp~P~tadLZoslY7v?(js$u-u3JB8M3F
zQPJ9?UDV3Mg0ufAyzMG5AlM<Q@GU7nThWp$HI*|P4VNZh5)mewv)J%yDdh)dV%!g0
zUL&pOccQad$|_A)cbGCTCZNofdFWq-e{pd(NtN5&+!|2V*1Y`A*onx3(2O?1^nO?I
zG6FSQxw5#tTvwEQS#T-y{ryk=9KuH`Tj)Jl;bAhHlVeg?Q{YZ3wEw51`wQ9#60JaG
zSpbyJKzJFoDnV*!T|)mziuMLIGVS3zUvo*?<pFN2a5T}yP)20S0*A9^GN9<S!cZEa
zuwt$0$3P6$Abxn2l}Y*HAfD}P{nFYh>dmWW|5Gt0(COy+=KY@#XbUm6&0Lut5n~^y
zHvke^dJrY_1rOKiTn;#1G!J1@stOJoM}O(YzX>Vmw%(po&CbrM`q?2GZ5;;F`FagP
zivbg5d*_9sOY|hqhiyaC?Q(cGc?#$N$^Tez?9ief)QGXYLW-K@JS?*tej`OA)unv>
zE){#v*(*#TV9CbAYu(&GK|N|Azm^;;D|iYj??l+j^sh45*rejdBbblxuEXwx^nPx<
z&bIrlrnlHB>)xm^|0!CVzUTVYueI+<*~jajJ#bW{h+YKNY;el!Q7%PB!m$9-5D4qb
zjL}m+w%(K5pw91LE-*Gd@?ov*a%*;07qLVJ!whGD>KHz`RdS%<#pd~gr<8091(4jd
zKIuzTvnbWoogO%R!3V&Gu=4lPSdpAd!is4uVr#!eb-TltkvswS$!#!)^QD#hRGT2E
zns(J1hwCq?3Qwy2-LLe4H1e|KkoUq*289m)u^4)uupvWwt5aP_hM{`+u(1zHyJ5~_
zq>MBXhpaGSn?H7eBsLn}olr^X5``bkc{1?ERX6zEvj-xb@8E&=D<qi_{SW9SiI5y?
zeD0J`YCMX$&noV&uNl>~*Z^6!0Ah?uQ99Mq9Q)fbMj#NMCT5&?rOE5M<6{2wrYpV@
z(uHmrUw`Sm-0XdK<Mk>#jveU_bxBN33Jy=D4sV|2obIO_2N%Gig5tS=JW|)c6{URI
zDrQD;BNHPRT5BE3h34c4&A{Ox*+%{8sXAAsBEGnY!+Yh*b}oJ=VFbtVY-ONCTtO8s
z#X`kWMZId-JHGl?U#9kmKneMVmEk#Wgq{b3|FMYZPYupr7Cf&r8}eOhz1Ka%mAu(5
z;8|WIy!&{4oAF%VomG>A^(M-|zTCy(jWY9FCdF_<Tq}jH)rcy3g?BE>^)9_kq?`iO
zL%7ck?a}|Kq*SceOYG@OREvvnt%DG{VWQZj=G{xC%Pi*ZC`b?9AD-HK>ckv@w94-L
zt-i^{ho`HwY;Ibhu`YO2tSc-@+|(_Or=OBeBm1I#-m5UgPW||%NbxgAo{~W&T3&&~
zXDJ7=Ol7$vHvW*>D{=)adP;4t?AHl|^Sm(y=uF8M&QV{Q4hj$djcEQl5tqB`r`pD$
z{XH6WckWR;72<2onPwSO_<H<9P(QXLRXEN|cJKfFM*x;#ytHk1BVPlrB36(nM9F3b
z+EB03&ePL#rA)Oky&C|9L@~VH6r+phlD5gTA_6eR<S~)zV14KV7D^9)ubXv9BA^1H
z%*cO45AEqr3T6s1P1nL_7z(_~GjvTVvD+0jaYz_3|L(l5)|PW+uS~frA~*(qI%0$2
zvlPfHKh}uk!Vvr!48{T&S|bmaFP6p)3TVt}`$*>Bd)}TP+Rk^ZHsA7)37c{U=d=VQ
z_0z2$D>fO7oo_G|=ls&51k4ZQ%fk(fUshIU;eB&8lh^7!b~P0j0C|*7pQ{JlcIDpf
zTbs7}JoQuBg%^Ib*${-LMR{g-fk-0x!a?6@VW#Jn|KdWvzE`r}H#hKP|8C3V6-got
z-JO36wh){-^GDk06Y0tHx*VZXeGyz|uKIc8a&xOpn6|IT<4Y&q^x(KkgnLWt+`C13
zq_nimP5zRzCl@DsmLNU|hRK&6Ra#p<8wWNg?4@~USYPs))T8~Nr{X0GG$ao;Gw)+U
zMgsWB$U>@Ngg*DbZsv%ef;ce1Ou|txK7&3vdVesKC@P83>OvB{S61@Ne9L%qaj*4d
zYUPXE`2`_0?O6&oN5cXbhK9XuU{!c?G@vjF|Mb;fk`*cYh@M*i-1Ac7ErL4=+V!>i
z_&3u7u&UL8#;ePYVB+6gf4*C9zY-aKw-A#Ke-WTG#rTg!`Y<u8R}m!t&OPb<ZrGdd
zUK(;rZ4J#C&Dxsh6kQFQ_I2tX2+z8?ZG&%Wr1#$rUjPy&hyKRUa_1Xd_4}TF)GBf?
zdn^1nK&#D=>sWsD)k&#E`VJvs8mFlSU+SU#kVXY{O}4~a{&voSZm&z^!*#B+r<<?1
z*5C^r-5|bhUF|0-%a^@kD}DLM><^JSWkNB1UHOhiTf#FlrB<w@1qvFPvBRJIoG_yy
z_)0JuRwmh_e2MJdfJIZ|w##KyxIG1kS`MuHkx=91vn-mW@1l>iOnknBA{l$jW}(H!
zEc9M_0JceN^C&v<lG1RX1z5VJpCb{&mXI#tO`q@QAcj-2|LY@4_<UiBbC|owSARE$
zhQ`|NPabZga}(^N%KQzK^SRZRF^SK_MOI|U;Ip0gXro*2FWHhjI^VoMf8hJ&x+{l&
zgRcw$O=vU}S5c5y94SiOkC*b8qOU*}{$94gx2cL8J*Y6eCHA=7v;biKN554Ttymdp
z7D}mr+uHbfzQ<t@%^pxPpR}b8DgfN)Qv0snM4XT=aSn{38*=WHT-GcZBS-5&g_=Cr
z`6yO)aC7sg(e?1+UXOg?LNKo2Ljg%yRsU)zG3kKDv`BsRK8J^l1{0nEi=rf9z;BqV
z$MjsI80}kDSY}lA2Ma)uK_bV2roOJbNyA{GnWd@)b0@e@OoI7eTtK7~eov1+a>kpd
zF@G<|@e12{j>aB({qfaw>Ga_rrg^_02CBwk4UuDBLr0py>|C?8>dc0RuIWr^4%JlZ
zw0Q)C8Y%3`ZD=H%o@>Ndw7U9(;Fwd)_t6)%@R)hG?>${a$yyrRtO6UHY}1{2V;Z{!
znE(bRG78GCY}jPOnQD7nK_#&UBx$doc0_Dm4q|<g)hBqOJDwr)w?QswU`|`(M*j`U
zZ`}JAKwXsir--w)=&3H%NJ;`?qa*|diL7ouA#=wq++zYTx)mXu0}gggQAR5gIZoP6
zI80pm_>l2&l&<#53Oyk_OgfECbb529Ywev*VywFmi9FtG1$H+l^Z)xhxkZ|i3-Nv%
zuV70@<ReiX)rQU<y}!U(ed=x%m{!4gN~ElOjFAnm9}mCq(HJQ|i;_^G5FDJ6eFXoR
zXY9dv%(q1-4T=mK2U8}R9d)CZQn_po@L~pI@*CQtyVpJ4oE`@HkazSCXOH%GBSmsO
z95*YiRhA(bM^gyG&>(!#JE6?WGDcO(Kk7Lq7hQrZ5Qt8Q^sW$>_TBDz>BZEAKQTai
z_9G5UC;4kiSycv!Fp!1EHJksW=vUaM??KIFD@+`u1=rh?#1Xs@3I-q_sHn`pW>l#3
z@8L)}yua568Ov&+O722gkIJr6Kwrtn_g)Vtp~PwyDd%2d?-rt+f<J`*i;JN<9L&WP
z`X;CCg&9ZBVsPl(0zQy~W~i>pk^?rCc{7)Ni13B;>1y`~pZP~abvI`a<?#&ux#oD<
zzs|^2hQnjl?R0f(OYQnfWb$Az@X%^EaX~2&Av($|ttdf8^R0V{&{$1recd|OMrd}o
zju!tHBMcpobi=QOYMBI`OJ=G!&jf=6I!ztsz90Q)k<^?B#TUo_bT6zWjF4dXL7g#B
zP>Da3=5;EHQ|Qthy+P{Ic?QPM<BGN)`HhQDV5Fc<`R$Gi17MxeY5c}rFIG9uz$w58
zH_7VgX{XS<tJ|N_$&|56)xB@jy)V+rEDxBPnB1-%|6qGNBoh#6Yfra7=lsXQ%V5#T
z=kmS$$D0}@>*p_@6NRZ%<q?JysJ`SL%#v)j{QJ8fgj%~;xt?rmTS~8!APxS;z`@A!
zyn()VsS);U?=FuC+8!R62n?l19wLo(;Z-9(PsuRH95^5GF_?2L<;-voeP|~~TF11^
zInVB?)vZB|jUCE9V9@$M`Bd|sw30Q%s@iVk?@k%$yCmX=HM?4d&P4+mHvOE4Ft>}w
z({%FmZ^gvRB;hW=aq+I8Fw3&ige$K=u)^Dhqw$C_87xL1W&IZOcvRRY@oVqbr{6w|
z&`@6aS1oQOm<MRmNhMG2V|fj(ovn(@it1p5X)yRG#EsKGUfT8_#07mxdHz^?<^P@o
zDp>~vI$<^gYkA{91baocq7;N|^OTZ5VQ}^+#PjLx{k^%fUYg?s@<)b&n2SLq#d^B6
z%N5Qm%fcg3&`I*E)t9C2EwD29(m26ji6iQ_X`q)x-Fj(mv!usC+-#}U50Z?x7H1|a
z%t?@^h!@iD`}U#F8L{~Is1b8(UWj-Jej0nZ7_l>5ZM<TaLZ{ty>QW_gw9EjN4jVR}
z*3}iYvSQQK1hKG0_a;IdRVO_|VN7Nz?MnUqGv7y_3^1CV=%LG===mFhar*kEUV{^V
z3}-T~Azz=W1Z$d=t`B2QoW=o3RcjOHf%oUKHO)izzE+pHB%9SgNB`KXI_R{BwkQ3I
z3oBYF|2I*{e(bcvw0VAIe8(_Pv;?L^uh#V^QAdzs<hKqv;py!w4@+)3BKC37=+xI#
zBJ}$cyS2a@Z2%X^*3b@T<z%;7kG5G(-!<-yjR{+?l>K9k7<G-CfnYABVM`rVN1U4$
z-@ka$at{NFD5<MEWZeOgRwof=adNq)jz3UMo4DRHFA=E2%mglM%JfD0>+09R=F`Eh
z5!%w-h7rLf(;qcYb#!}OAm6Q~b#&Lu<NzKH<$U3g9>rKvUAAd1l)NheRJEhgAd1_w
zKsiR{+t1gNM&GhQx-8uqv-a4!L_iWifs)isn6xZ7@;5lTyBjz1CSNK$ZpKksfE)C`
z*IW43*bBnkmv1>=qYTj7SV}F?lV#d@h)y4)pfOR3EDVOMJ4I`=yuee7Kirrga!mNs
zJCVnd^6v_lDCN;f1j0T05`(0?c1FyeOydns?N`e3no4}uzt!#{H%B|{^c6h9*~qjK
zjS2v|ih@ygU^Q85GV8uK;sJg{@>(;~9sOg8&PaFrrs64LDf%F~vQ30;VG=D;PQYwq
zKCn=X*V(6o@LDc0dhJ>~YRwdF`bD~i>pV2OcnSFw^bPGD5!tYO{!tDa6aC&_^=$zK
z3{<mJ0I(dCudz|qieKlYyRL3;TFQ&GZ-wJ|C8{xY1Nhs&y)j5|fO1m|%Hc7@s=%Cp
ze{m5&+Xt)Adi^a1HTWV%6N;lFNBa`t(^BFrrmloZT=m}YS46HvjI4--Vtn9z+GmMZ
zbf$Yxw<LZL3{x3$(2xmsbn<F<BfEk=WDQch$ay++eoXjhIE1WvQ~(}wDnQz;Tr9wj
zF|H$OaiPxBn^V6MTBOw<{?pU;L_N(P|JGknDn3xsaP7TlZjbFXQ0`4I?c{Xy7rAb5
z@&qZx&#QHY^`X9aqZ}d(U^ns0z%$Q)%lX>98{fZNd(ZL!($JC|7_pX6g=?Y2(lZV?
zpDNVH7nM2>nxD2SCxxRhKE0FO@yU7C56}vJlm~!VwKZYJs%by5vPjn^|Ambf82W0A
zQYt0>vFHUy^7B}$My`C$q*xQ~(9lf;vmm%qY$~!+yGAU^xQal6anQurJw^J0`WYo!
zbK3IqSa<vwX)d4Bi{}84ZA=$@&*VVWgNH#CPDoH45J4ak=!qNhxB150KD(QGcrj3>
z=DMjtYr5$$Ic|bv_cp5dn{3MNf=U$Cn^2i=FVPao$_g{OE2wn3vEs=VmxTkDaI|zn
z%)B&IwI3Khz;7rVr~1LcV(D${^~`1KbB2Kxrp7e3f!eT;?xCTf_2aoq3C0rGB}QUa
zX-45|n8jKCUL!*=?JtV>DyfS;KEe=Jk*9I!iuTj+D$h~AC;H;m{gkl+{a{8eyCt38
zxuCkH+<z=w(62p~KUUL9DQ2{?gdxh|cstWnrs%vQF@a_WC$dv@I4o>*zR(ukIkNyO
zi52R{4to!z4jvaF0BEu(Lli8*a?V_Pcg0NML;?bzJmkmsK`LchEIPGIhk9gsZ^EMm
zmif&3KL63JfM4k!??|Pc_kZS1d!Y@v3VTAIj!((+(Hp~r)Rs}4Gfp07YB97v&s$o9
zOK5l!FkwF!_>0h;70|gK*r)0>$;`pTL^j5C#pG9)x7K-GJs$+34yMBL`f1B@`R!Wy
z_4SdWm^VKqnGlMd{sBNYe7H`{bAAXgla1c2c`eJvKVCM?z{E!toQW;%ozOP=<U4=a
zlWRnnVlDh1i?#<I_k-s@=txV-<uiQRLr(iqzus2ru8VlgfMt&?0$<V1fw%1J9SJqz
z*FOkVqm_UCHr0lJn8atN&ZB_kuRZj_reqiq6^xvd11DM86-t}&B<URI^1bjr9cV`%
zNbAqagqb8EGns%bxCxBgMJpd}2Ek-HGE<Fl;ri|)Mi<dqxrZ-fL3=?}dfqsG>$fG_
zXmDLa8^6|Vo-j$-4v&8IxstAuUQOGuSdoA;$9bTdame&uSiwwK*QAGoQGpZUCq~y)
z;hgcsee`XgLjo{LCTxz2KS|!hfy=_)!hVm7KTfr$(A>4#Bj$L$GVtcf%KeDbwuLHQ
zTOLengXftm)jt*u-Nj7HzS7N&jXvjlJjnnhRPM8P&icA0B#c~(OUt<nl<9hVgCaEk
z4?U%(^b1{9Z54KkgiOKEj6%c8mm@wO>?5)`!V*5V7|yCm5O%E{<^j+;8jMB?8yU*Q
z`zhph1Xi&trc4{orz|)_DgXf68y`4qI(*2~oh-|MmCW(+W6Fd<Rl7F|sK{qUe)fN{
z6?WHhBZQmP&45S*<X)@sh;efim+tp$K4u`3V8GOx(HD3o!-4iHlzcs!ac$~%(*J~0
zasK`FP??977ci<=DJsRt^v8%%_b^j0--@{Q)ETA*d#g~#tQ&3~n?i1%93bmfEq%y3
zF#>?C1PD_FyxIT9q8m!6gkO?H@Qf6|S*XXGj#C^G)yr`@$41mdD61j|$nH_M+t7kI
zEprg3ooi8CN4Y-vm6j=JOWZ*{y7z^=gL>{c63g0dSSz)?Oz(NQesbdT`L5)F<iecA
zpJn{Ml4(2mK>V<|+WNLTv<7@VLL47aKM?<QkRbT4(|HO%CKMZxScf<`{+O`+{B*}{
z7uB&~S355)yE1Pn^+;>vqL@%<LJ1f-54L(ML?IB>n`VdeBbtFVE~D#K$08;p^AqO>
zUkL0H0`0zj&P#&XjV`~)Gl2lC*ThU!NW{jyJX&#(`EW)j{ruCQ7Fr72(+X1o-rs-J
zpMBx71MVAw6>us2V=;8_i2fBphdP<4?H@9N0Fj-o=(iVl-AU}GM%Mv#t0S-cFX&j^
ztsA{3LWG``SbtdhswGcispTr<typZUH}jSPPjbg`!9CkOHI~twMT-T8l7Xemn6+@M
zx5~wmwo0xpi0zB<K+ily-*($6Pv9fMD{!*kpzg^h3eDF$m`rE^a=)%=a4z$ub2hp!
z=-_5l&!g6)eCC<#6vx3`mH0W(0R34M$Dr=|wSZPCo2+!5XYB#osAW<8=`ZdxdL@Kq
zh400!-U$(5)H)WydKU_9WubB}yEy<#s-^Cyw=Gm?Z;G>Jte{#-&LY32!TALefhToe
zKGh0+F;l_(!wNC~b@Kfm3p{Bk_IYC*2MM#j<umb{4zLB<+_0C%$Z$i4SlEc%HIPo1
zVczrrN}aT-C97uq3-B&$-rlS>StcmekBlwNILLL`#URZ+3en%(+WaO)Tm{EC2TPjO
zx_Na3$0Fm!Gw2p(kg^BC8yh`F`&ffCFEOIYvrRKH@>b%00B%B%L8RcPz&F2$Beltk
zDT9+ecx*;}((B$Xcz4H4lCPP68!R-;yBd}u8JpkiD&T!<e2-7Xby6c1`6Opg?E3ac
zMxd3{5SE-O&H-g-({NG9?tFQ2ouR8Sy9{8{h4LByr7$xa;rbo@{Q>d`osI;$l&k}I
zoiC|_-O6=VuySzO3m(S|{=Zg)&LsNsi8Wz9jwU8q%daQD;o*PB+=nG7iSboAP-;kH
zTM1_Q9GaQs1B2#+g8Lnk1lZwy6Kobqf>5QD5PvdUDtg&jcg8E~<YFa4K5T0uS!|*a
znBFu<wpyzXgz?)TTB(bdq5atHedkoHv5an)-G}AC2g4KtVb{0f!Rbc!nnR@Z+2kSL
z`Y=>g%EdxYa9;G&z+e2jI)l5t;=(z8fu9|7K56*F?me(WRA2O2QjM@O><QdVI5M-y
z2_HgTz&P=}pOtjt^(zV@Zt2@q_}8}M17})<+~^SH>*y!nx;eZnF@r)Nw*T>TmQhiE
zUl$*c7!YNKE~UG>yE{j^OS-#57+`2nx<MF9Ku{W_q){3qMClm1<C*_@mcMyDul73k
zd+$AG-_Kq~cAM=bZ+|4iHXWy<Nm!lsAWbW-gI|)+|6`>iEp%5=k}I$DTjENvMXo(M
zk$3joIs|l>?1PG`-d<j924Ob3twa7-<gc^SX&ISuVm;>jMLb_aR?^5?di`);aDR5G
z@o?FaLJXkiv$;1SGBhU_XCka8T|#iciN{(4WpeE378P*qG(SZ73}30V4%eC`w{g6C
z`C@jz!btF<jX`!S<HwcWgZebf(Ej#^I^Pv#>{2$J4bvk!0~0DyLI`mN7y2q;ZVx_*
zK>O9XrGSWp5OZv+`V60R!6IX(wYdt9^CR<nkIgSwQL0!&&!m2q$6=pw@#kyBm<z<d
zf0Y@V_!fjE)ijMa(ZPl-jL+7e^##9(hM9_n^>54VGw^@CoXVUc*T9UX6#ZZ;dv!27
z@7AQ4#wahUREuq9)sNHmu>glwwUoH^`-jsh&y{aPUaIp0eO4?R4z=<+Ha50$1V422
zVHNrTYgTZ0auKRWu*c@(1m(T&a;P$zQW+i?5U%qc*F!*AAr2^#6h-Y95FnmJOY`{<
zD?DeGERIhFR+8rRXFB!ZVbq(hzkiVy738I(755hYGfFDm9hnz2s;Nu~t@>S*T%ug9
zVJAhEhwX?Gu0%1!t>XNq*_i*G1(kn2%LI>-(62Sus~{9~Eh~*w-LaVA^9O*`YH}z=
zP6fyJJiP&uhl8dMfG1*rN_-t!R=eW5rzsJufxx#`^9SW`|E&?fRj=v#3F;wIIfKU?
zHXMS9%f~<I(`|hO7^%LqJDpGidujSX3p$6CyjOfmY8X__S^%ZDP7K0qeuXa2lna86
z*X~yZf5_|vFKJfETfccAkSk{+G_p<}Lgr+cn|9xx&UytR4s&y_>I%q_V53!6zdoVQ
zrha~2#>?1|P!-epI!~8*L!LOQ5;Waxl4lk!II>6lTBzBO+zP|mHy@FfpJs?DxjoYV
z^{~>3*4Y^rba%Toa7J7o_AoLF0d~RRfzxHtf1S<f=xp_cTVk?tK5><PQ<;;9r*7*0
zRqY5ZJ=dw-Um4KQQ$YAFA39F!RS(V)1;p5re$jC0(DFSxt!Vi7?QHjfv|cVSsu+EO
z4Sha!kMR1N$ri;%JQJ=uaAt~jdL0yv?#JA5pI7NVXVjF}gLOWpryXvOA<otC-70G`
zYRshbt&oTdI=dhX=oK$3JrDeBH8<-j`qR%#Wi7!Uj#dwWb7QQ(NtnCYOuotm6;z>T
z>sx1sJG@KNqf#SG{KRCr%e^ITI%farGsvcT{e~s4+UQJ1Eg=HHj8T}v)XQ(J2G*#=
z#>0>NE>VDoC*XvR{T4cObl%>5wmU>=et)efsk}JDRh0!~A(N$}QG*b%(e7};#vS=z
zu0QyDdCl|f!yR=fbUY<!wNKl&ZA|hRn5C(rv#J1C(r6?ALM)}vm>&PMu+P!eL#Gk=
zJ}e^re3mi3e<zVUtDI7uL92(Lcmi%o5%cHd>lz}(00NYf&q^Uh8Hn{D!DxYCTNB3t
z-@?G}EO8(!pItuOPO63S$Q@f>{fOmc`(x-w%TA%en<`243>k=x+L$RH;=Y82{r<xg
zX;A)iz!>$Oh-}K{_fs_K2IlgBzaB8t`FWp#F={z5J*qYA%8ZcdqBW*Oiml|U_echc
z6w3#QUO3gs>A>cwrle5w5EGd9rdlqdrj5|tZwzOYY`Vb6-qiM&=F=Wydv%EV#2g`M
z%LJ;-ato3w@#kyR{9QtbuHa!q0<~*PZhZBh-@uwdZXP`A*_m(J+NWdZOaHWxFJ~h+
z*uK15Iq?>IrFoaoS?k}u_Tm9K6+>Xsv~{+U4te<bNXMvezRA7t{W6|Ooy7zKx$|uE
z(xOsF&``0a$~BV@$^B8XbE$@GviRLy3dHz(_%y7#ERgx;X?3eCrHjaKR!1s1&#5=T
zSG$hl6_qG!fB$**+%Uu9MdUZS=ai#qlGXTJZcoaROguZ>$4ocu_BXbgDNZ+^O#*uF
zrmq=L=p16z-V%Yh{9?^d1LX;o)YG1KC>Y4(u~G0V`~b##Jq8f*eB!J5$<_&+vS{Q~
zZ);G~^n0D3dW<~iG=0Z0y-$BWs7@hiF3c%&+1A6O#Ps~(^t-)ao)LiX4YdYm=RYl8
zczMr64KOPbxh*nV!A3W@J`Aee`Lu{ke3=l%N1<_ix_Z1$)_*~Rou2Q4fwe%>zfK=-
zsimi9Rk5R}<umarDYoU%yyI!(aCv!jw7P6sa}bw3SZ!oBi!=kIi?l$G(?C*BxZg(8
zP!WLTsjhqGNGk}I;}bHlv=h1Q?j-5D(RsGp0D~kRmq;_<Vb#9KwzDI$84KBjS{$@j
zRHese;1T27GSEm+80pt5ARzCC>C&<6*q;slJ|7<9ERbx!9;nCtuCU$8u9`+^IywL4
zyQ^trHTq%U(_?QtPApFmicmdzMy+g|jvUH1Tdta6+}VVI8dijS5h8XL4u|v3zK{K<
zg^`Wggq8J}Pz+4xqvDkF@w<*@B3U+*S6G1Igr{4<ZlalVEf{r(X@_(+8<e>UQ00qH
z&FwMon`?KLQ22Q2y~Cnwe&k!{J9O74lr*Lm6ERc!>nPB#Lp(7`(B=X3YeXJqVA<rh
zpfwd9J-9$c9oGRHLlekN<Zlu6Sxxpigl*2+%@(u;HW|6S*`Nh1jU=t&{^@z2tFAjc
zyO7MB@dCU6GG?IBl1jkP(&YgHApK(#5T%}&7uj|DP>-<Y`ZxSssGFW6DR^v*4e>Zi
zsC$l0i?sx<*!k-npK&jPS1<ADZSZ9S1oI^g2^pGiBM62m?OKGb6JVN*HC6WSV<u;j
z(xU*B<)rm0Nh2l5=F;q*|F-?;oJNh-x@4+=F+6>tbeU&sDgITvcQbB0`&R>xA}RZy
z<HpwjI5QCj3W`urRw}>{0zhM)-OvE<KL=)BnsD4pP1mv1dg84zN{wxKOO3<6I(z0d
z*L$vP^a~e$Jo`AA7ie{VHXsF2)hb0!4S*~(DFBo-ZX!NN8(&J=v&K!v0o{nVc|(yv
zzz^Jc;#tJw#Fv=g1*G^>n!z-!!6ablkOu$-6%RZ`@@K)v1+uuDTUt%FpL5r@yRm_t
z=7PzCSEz+S;86;IlUd2-soa$9B3rZo5D!2Os74`s5Nl~`a(a#p#JBH4$?<*>N0Viv
zup#zaH}RhqQ&|V9P>cNHmr+Qcu3oDuoeqe~JM&pamt=rs%@^X~pmJ@{tYMH41;DTb
z*7uhEqtmv$o)$Wyee~gMQu1yGX*{<VuqPdRD&yBr4UlBN8u*D_Hi|o1B~-jidTuKW
zpJq@uuv@iOeo_*%KxG>h-4~8l8&!?;cNV2{e)ED(RvnwZV2ogRQzs+4%m$kA{pY*N
zQ5uZqMZv=0$CL3D^6!*??I--{{A@TB<MdP=Hf7fk^UIuJm!q7aw+TB@wfQt8qwNX#
z4HR@Kf2xU*-^otiOnLi7iuOLxot-(Nz~yjB0Va(K(z08&tyA8Ibeh!<TJ9`s$f4PM
zS*{@)tWMSYr-lA}%VM41B&YfxwM{tk9_>|`T+2>A_t^owNV3mH&cHw?BkP>~s#u;+
zg>W&GKaoFaaq72w_iByc2hlnlQVxv{9!r*@9C?Du%9M8rqc6fMfO*dBIp0=JM|4g<
zY|!8^SZfYYeA1We{oKrBS%$v_8rw~_8#?&gI$JI(*p5BA($E8COy11o4KwFy?>_<`
zzv?bje5dR@F*&+hkM>0Pk)UDcTOB-mKuvH=N^}5~M*XEdM5$MP)3FKbx7wD~YDVBC
z=h&&=Tt0Sp!4I<X+h_D8UY-)xGJQAcRzxUcCsn(oqhFNEvrKomEE}9hIJ;?RIB-y<
z>HN^5aQg5;YM%ei1okE*e1Bw+6wCTO<-3KQ-poq^yZk29sVypVmT`*6`s4^okkJ(&
zSsc?KvLO@{#1ZcD%Dbyl{=EA(3BpY?xS-)XT7aH5;$i3E9G#9^Aw9iA3t-98lm(@4
zrA{zQ`)DL5b4)F#e3Ya|0?&x%k%NM)oR{Co<$1CEFltG%CSkRwgZ-JJjZ^`>7<6B5
zDNU|(Z0p(%m}j_i#5RxPPKxRC>wXZ1YQ86ABb!xoH}_#PXxOvDix=I?FQ=af6~zjV
zJGVnJB;5*xxOU-6;T8LskjiRouoX<(3cE}Nx7|Ojip{6Xf!mrzYL^q6>-yv&d38I!
zy;#%rmZCkEZIkprPNV;-3FAvZW0Z!f*Y6pJQ6v^|Z(H(F`FIu5;>w~w4>4_r<AKqu
z^b;*dE%KVB0uPcawjP=~we*NQ(J~??Gvc#+n;Yz!R^s0V?frboi*`3?ikL%me+|7k
z8BLbBi^k#Kw+jpSy%(RAMT#fFprdEkI7i|Hjl;pmr%Iu2!9la}bXQs7g9nCv?GE-`
zta02hDFXBE;_)(G@!&D_S7A;1eqk8dGcr8;20H69aWB6&DSsz*Qxe^8X|@x0$7$22
z229t>(kwblpI#vjYYJzE;Z)R$a?7yY&}`13SFj28qBaBabnoc^37-ufH-j9cKR^eF
z%i%PwDtTMbCRmX=5+U&a-_Co5k4D7Xk+tqNvuNk><83Cv0?Lv~l}rp3=btyvhVLP7
zfGQS{q#Y&P-taQ{5sk4B5Aw)?ST7txJL4zA10wDCcgQ?7HezfEjWfZ+MXy^FDJmMt
zg08FldbgG&VD(5j+XI$(*?~WL!yH|bSW>YkWVr<oJ;iF~A}}P#>kkXDs)9E5Vsr`W
z-)t6Is5ak32mQc%+g3$p88*(&D~SQvUn1J_<rjdmN&<BC8^PAGbS6|h&w`MNm)|TY
z+UmR}-htBDuzQn3Bwu!3g|uN%`#!jbiPe5t4kh{6fjUO$dg`iHYuDk{eNn3^SdA@@
zo%x5aS-DRpOCq<D%%V4-i+Av!7TG>a&F_keQcOI}9jg4Z-di~+M9b5Vs6>d$zX)~z
z&6v!${R=mgq_g@Jcnij!s%I>@^*I4{!uzE_QMfsOD(;v3#ik<XU9qZswl!?Pxab`b
zf4ohCEA{mGv2#}3kjFxepy_g<My&@juuxwe!VhUO8ej^MJbwT|3c`-9f;v4!{VsYl
zm-U8@rjpo6D(Cr0#~y5fsd3qhS^e+kmlLbumglROGICgxSGl-_rb5pqvM*d+ocwMM
zPB(`*O%DmeU)b9X;y|4fFf2TKxIq<o;C`suoS}7MLj~eCbmvN+7&R@+GHFaTol4}T
z^@!Sg5_~-QpNDmpve-H5rSpKb|LP*!>~)#9dah7ZEP6isSGyY!rR%L<s$we=yu!e6
zyi>1)p0{2i;ZwS+gPS+iwE2wCQ)x`seKVDUMZdttOvJOXQiG$p#8$OVkfCH?BO)d3
zDg~JRoq#?nHO=e#z|2U^Ko_sH;KiE{&k9}hS)iLK#(8w(QLXBMW+QLaMbtHlC!fbg
zr?{vqvyD%8lN8XX6euH;Wak1t*|)vX?*DYJ$n0tdnfB{C<Iju$Iq8FoBSA71y?V=1
z(b+89QpNiiGJQ%&=QyONjgV$#Wo6cf9o|Qhg7fo0RBg18it)wjGbXTA%<EyL4=Tfx
z0oBl~{VRH1<|ghzqfuv_nvt^7S~`w@b%8IJ3X*|IL*lr0S#OBYkRGP{m52ODvc8bD
z7a^E5y~%=tZc_BoU`Pk0n;U|IqfQ1|A`{*JJtpn7RQ8xW9emJIEcl`6s_P=RaDa=T
zY3?W6X_B?V<mfmsyHG<<692kpe~j;AKpRnW_<FB!!sKfl3o9}JF#4?(g(9Wz@*v5n
zgk&tY9Z4V|3J+ZQlFnG`l8>nZLrg}l>Lq13YTDbH+(9x-01a3Q6hLP19xt9IXEal3
z&~doGM~!-LHF>a=N*ipdOV2+C^){Wym0jq6Na#f2g_*L?k_>hsFeF9nk>-PP=GWBp
zU88DHJP0J;YuqujIV_sw+xYVIRC2@IKP`~fVnuA1Ak>zMM(6B&aN@3r-1k9XIJ6?C
z2pUaOlp}j7%Yck^U|_J>=zFjvQ8YFz%MebFT-PIvDVC&20vHH3TSg&c9?=uYTJAEd
zTiy6KyL;G7K3?RPXl?Nq*aBG8Rt2(T>|Rel<6w4fw3lLNc_;du*q-C70D~%YY-^~$
zKA!b=Z)b(JW9uzie!^R15R7rO@rjC9h(%mMk%>iJ*6hSFq@Z8yv&|SpodZ0Qk<Bil
zC&S@QM4ggP{Jgk5i=-d(<&v_A>=L~e(`yDvMI%}^clN61&xyb5xXkaa=`dLtv9ToN
z#u!M@Zz#tnMB;MC(-hV!@f=z(pR<|hKK{2xJUSNUDZ|di6g1@qMfy<mkYEPt8#Qg+
ziXwi6YB*wfx@y^l^Kma037O{YY6}eYyAx30A7r*5P<my}hoY;DCB-Ek35@|^k@6YS
zNuxnN2D=hU)1ap?K}n);sf|?ON;b|M*sn@~tjx4hdb3R2asa>^o)~HsM<RvjxK0>y
z0`p6-+Kyy?sE?fqIfS?{-OrQGw4^{Fl8NULtZBFsaduW{;Y>1>N*GeXFsz?du(|%V
z+b#R2bIwquL5@W)%Yy)y_&rHZW<UYEcea&*t8d;UyZ4E^Bms(6n)7qg@w?CfViS<`
zqOsif5`Qt@55(m9i!Fz`r{vuD(`-JUY5&VsnAr;9`SF+TjOx%-TOI`Rzq`Fe4pRm-
z!)~VQ)L&i4f7Xp~&MhMGA|BSGrs)JyBay>5B;iv-l|Y+B4~7^hEMBC)VF{9ZA#$xP
zqMFKD+wv)q`}&8|o<VpDnkt4t)&{gR{!R0;`N47>zcW-_YC85YVfjw_^Wq^}I&vf(
z8;xe8HsU&JS=73W1$LA}jmwczVp3z=R;7ykhJ3yQ@aS9wrAEfT#h%)|eSCZjm#e-I
z$xX}BgXjg5aMbyIm~833z0s!ETrBIJ{QL=YhCgLob8x?r7f^t2!mU_N&(^`B_<>V1
zyG~N~gUsB?X#J`1ZI&j-%RIjKyHU1(M;#L;|E-b7d+K!=iH<WP13BduDU>pHPA-RW
zK#>Zx@z{u23gzOtDme$GKj~2hz(8hyI^f!!hjQY!EQ?vnQQ}m}UrjSha>_*JGZR2~
z!uy6bzkKjC#sI@a#uWdQ5G)6z-XbMJDY;SRCYG`NMslku5%zc*<rL=!e4E%XC`V{j
z8a{lCIy_oiR5T}?>MoLxoXSJJk)5m6J4EN>sgG{G95<YWx&cLMxcq}ks1gch37Jd{
zd2A70A1F<LD((;JPoY2^`beM^jK9Wo`DBh^-XN#vbFE%BUqcF2iJ8rgsFr&szpXuW
z1mztGd_9&k^kn*KH4L$L8?S78&~?3`|AFf()_*g^c~OSFrOTs7Z;y*_Z^pTz8`S_%
zZCaa56BGy?s@iP%;7TYxcZNkXthlTnU$bW~RpV39HSg`@R&dDq^Sog<36+DhZx78K
zY-5z-bE*t1jD$OP)MyQJ3>B}fVce)pfBS!*nYQ(~8H|9PJY0Bx;yw=G^6kxT&MphO
zL4`al4WKZYHsx~A?2Hye#m{CR2tFR5#U(dTw$ajtXKtoC2L}V_i2h1vz;*LYyHAs8
zt?$0w7f<BooLQ~2h+&`KG-0$2<F6`02P20ne@L)ueQffV51ZloABZmkA+ycU#s+LD
zwf;OVc5)U0^{m%o<LF>+Zd4^$*1et_%~DIDTGD^4v6a9k-%Qm#|D~UOTuFaE8P)sV
znL>n}aKMRwDrusb@ZdT1bzjQwzC|r$G0vYHEc=CAC0Xz8_YWjss`T}{SZ<7LTkX1e
ziivv$TTQ{ABss+8vwLh3*pygwb9W9fh3;&(9*5<0_ssr&Np_7IWoG%Rbf*40c;vlV
zBI8_H5hL3&OKvSTre-ffQ(2NNJ<PW?;}t(U12>_e{z$DfDYIA}3hESBNAQzpb0c%g
zGqA3YVE<x$1brPdx;nk2^xEBp<HKfs*kSCWzYt&bxKNDcd6j}O8GwjThe(O%y0SzL
zrwINN3Aed|^2O}XQfP*f6d`HZ8%XB*+A|rT$Jib|;@=t}i81KEwn<WC68^~*m8KgM
zc(yfu;;(`plC4CCCOMaxxf6CB6@~=ia@JT{tHF>qzk8uBWJfo!bH$kxiP^!SFIM<A
z(*;XMH_+>#<j=*W8sx$epWwEz4fw5W#c6jwCgHKvsLH#dPl;Q(+d=kr&&&vIKv*N(
zD==s9_KEw-PCbooID6rv<CdbFjh!uol6P8MT$~r_f-zugm67sAUr!?_2EM+=Wg>W#
z=<+JOM80HK#U|>Jibj12usSLYs%Wonn;3)jt&FSP6xnTU9i?g;Do*}v6BYf|x56?1
zN0%RoN_7V<Q3ir%eALkpodwLj(d!{plY@ik?|FV|+WnV%$HMNqPrJ#P#OMjNJ=@$)
zenf(gZj+x5%$>s;#GS9UuO^t$yZ^RMD>Kc<(qo{Zi_7Qt3hEmp#HgHK1lTXWfuLuO
z#$Z`FjXJ~OI!3j(U5G&NiG=?)RY_<VWHkq$#=j~TZrWT?w+Gpex?XSH@a=?G$D>ld
zG@ZY&s%*^UR=^8INo&Ekq$#vZgTfkmV=diRZvy3G4lf<sjq1B^@{?uGUAaNHMaZYD
zHU^3!=g+`<ZSk=X@Iv&}TK5y}Z6dMsl8wI{5gl8W`ISd@YcxFJ8~T)94bzYkeKTHV
zN~^s72=2(4AKnI5%P)n8(Gf;@%I9fOKc#5;ajY8$A7I}9>H>DzYtK(C?DFe`N_RM^
z@|o*O7;nSpw3lj0G%SK%iF?f?#-BgfHwn%P2T=A@_Hz;6zO&XC@D$ra=H21xXw!W}
zRV;+^P=o`)vQh+DzlJD7R@}unr0EQtI)z>Um}}_zfqJO;OS2=mD-U;9l6MD!%enh?
z`y5B6FFAm@@W#ERS7&ZX0u^Y|^A|Y{D0nkwt4A%lO>fZd9xU5m%~fA;;kY;<IlPQk
zh?UUptKRyhIg%JD>oBhgUu?P!^j|YR?nirj1LNb(wF_C9cFn>RFRNR+!k#vM5EllY
zWbeKdRJTRGRo$Bmz00nB;|#B(%)^u#tE^$jl3fDYO8s&u1(E;L!jB``0w-wh?X%X_
zF6|wvo9i{SjAX}1o0rgx@Ixm5^nq<AdBu1Y@?NIpJoHTq1)~6Ro6y{NJrd{J-WL<~
z^Q?9w2|a*!Af=A}u?xK!br0t75^#Y-QXKmjWB2vn{Q9-0!TD|vpO9HU({@LEQP@{y
z+b&;m{}YbN+yZr+&xp%>ztuO+Y{qVpxPv4i;aSuXIQYCc3uKWbSvlmu4zJZ+?pGe!
z>XFceVoDic|J!+&6#<(pR^Ic8H+Ictq;^8*A%0Dr0iPUT1y&!2|E5|ffbdrAz>H~&
zS=bYzIA*1sK>x>so50RMMCX;6Shv;a+``BkwVK7UsOPJ#eeY8@wEk)FyJt*&*+4f!
zDH4Rbeq`!eLytfU7%ya~=U4b9@6GUs^Q7fK6e<)2m6zGo)}yB&&Pb2?S*-<a<P0L>
zL075hIlsI1qCO#<*0kBIfqnIpX;E|wZY9z#nQNbIIz2v{ED#Hb-|_9aLv)9EAPTTY
zXh>~;_@N{QQEbVG9*w-G($-gC0s#AstxMde*Nu2+hTAb#M0E}XlXS;DcnB}jMZ(V+
z)FTXiOJ^!}t#*w;mF<$!s`aT>x2Lkl(w)~O<a2zgpOa|9mFV<{%%28DC$3^P%&-KU
zqrfy+8K*v#fu(f4(OEELs*<{{zGh*tq2Rb<(}^C~7$tI^-B^xIhPnEm7SuKa)ei)z
z6BjvmD81w{mLdm!k?T>`B`ucLGAlKS+%%scuTY`PO2-rJmMJ|ki48G-Zv9gHU84aJ
ziKewnb&>~u$Tz}ME&NS}wSx2d^QMw{weyxccMs#CPE{^*E)Vy+yok+>)tjliwpk05
zAAj+%z*=gwjP6m4R!%N!xHNcZ`tzc35<jq9Y^jr-dEr7t%xj?~2?XcD1+3|{XQ+A^
zY;2J=0EK3)$i!V<=%<f=1;HyHlq(Rp%ejXSLCChJrBG#yMFmv>znoV=piyL*i#VXj
z9^HxOMJkp0>@O2HzlS4Z%CMOWQ@@>@wh{t7q7E-tlV|P|LEHS4AK!k1y8YAQsuyW^
zFcJ^By>}Nn@6!@=v8@$Cpfb5!WArHCrbts6$O6B`D1E2_XR!j>nkZ0DHZVWFaRIqG
zE!P=a!*I>C)BL*pI>DC`Cg$d052d&{Ew<JvA3psIGz~_fX5VEnVWx3)m+LReC7us^
z&<~T%yt!_ttQXw3BoQ*4G3)T+5VB`A7EEkzGgd^4SiI%>)&9$QV##&QmMd!}Tni&V
z!xIcGY5iJH!Yubr3HVxjN_IU{mZlK;e1j^9PU|@Qn#%lc{m*{BvtL1Fd>nBFjRclo
zoQtBh$uo*_gQyZV#;rLSJsjGS{(T}Apae61mGi}bec{8pTc~?TNNEUZ?8hJf%}0J6
z_r_8_`aRv6f292~NSNedP-Q(_PhXWj9M7P3O-O~8c67IPw`JdbgKU+8jZvSIqG1^K
zfSig_wfkY;AKF+Wd4B-N`c##dE8Lk_?uy)KVQx~aFp5|C?0BfuZ_8A~CN=u+xK@Wj
z(O-{bPWaz()fheA3a-BT72z^*%N$r!#%Nip${NXLBQF(!wEcbNPwj3EZCK4)hX1IX
z0|lo5Qj1RB_m{<xriNo|%L1!sjad2ARxFqOL}^mjbK4x2b9$(mKew2ob4m%~NbG>^
zSJpetYv1^o8e13Jr?u}WO996W>fZ#WLDq0xoCI>49*#h$aCjB`_N0%K13~Fu^<N&M
zOEBmBWML3u?P<NVclajoRR`c(OyV%6fNG5LL=dHnDgPol1?u5tet6P4whg`bfFN4g
z3p4tYaZ1iN=vtBKXfMwVMIW_h6bG6cSId2;;92VKB!M4?7FgWhXK`Rt@1#mK9@zb&
zCTb`Dvm!-6RXx7vWd5|YjqLwj)Jp_BJzTLEANt<GdFHYXF5`^Rf`P01@OTyga&C_u
z*|pE#Ku|3?0pyM<TF8rwE|q1-CIIx1DNS;#8T<~DdYK`g0{9JwN8(EOTi0Ga-Xv5%
zPMOwB=2o1fj4uw(%#r-Lry3S?T;L*y{@pP^m1>JML35uV6#%uhF0QtBTpc3p0|lJ_
zt&z~6X2bki!Mhb#KcqDSiA5oG64<uizB&RoO~@_TsZrsCeo8cS**ktaWJ6yD%^*3&
z14e(1ZTVh<)|)j$8lEBqRn-@Zq<!m%gNp{n^q`4~Splz`yd4ugjJm3;FU;mHqo%)C
ziYYznnmNNuonuM2_oA!f1}HdL!i<fR+}sV*wqRD8nOP6u{;}o5mi^lnhYKIxv(Rq8
z3GiYhEd)1_oS5is)q!TbQ+#rQ)n!7{UMJ?^WY~SH?FuKlI)_{@K+Xp0GU73gg-RZ7
zzzZJuLab{CZ;0>kqIqem`I0>&m8xPKy7d;D=N-^CSu(P}Nxb81IO%7PGzRtSc`aqN
z5C62l1j?*Yu6FB-`@8?}F?C6mNwdHSp!9Z&FYsUn`)t+xwm|Loixp2trXJz+<84TK
z)baVRC0Gg2+afw^;qb-{pIS)Ea&_IZs33p>wTAnLtL;lOSk*#Sg{yp^sU7c}_sZjz
zosg(xJ$%rBmS*C`M(JPLqQ(}u^SqC#<cyCsY|&W&2l~A;AwjV)Oopy~Wqfuv0k`|&
zM=|-tB!aXB&l?lPi!V8SST!7a)x|Ssw5fvHd-G|{@5H;N>bts(L1IIsI9?r#L%Y=O
zpH98|ta&#TlK4`_$RBUzsA4cw9zBhz!+qO3*QHGb<&58se9XWXpzO%*6Mzb#3)$+a
z<|WJi)1qcqB02)}ZD6zW4)@5f?{~sv_qF%c?&d?#eiP)lSeGQJBZ=thHLcPy_A5Fn
zP;sLjNgjC&$Ppix;w8kkvoc;lTFi?NtFfC0O?-q~THDU<JsTVfz~<iNkFiXla{k&v
zNb0&5*eT+)<Qvl9FwaWOJt%ZeL(|JjL%p(9SND2lS-xz9lYTVQlEgQ5h4N`sGT?Y!
zdU{6lwZ!f0WZ2EYV$;K;#lE9gs4v1@SuS^ckc>PZKn2Qbl{}v~S*)P<P$T@VSf%W^
zhZax5l>+R4CLM`?LZx|3<FQ+?PA~V0>NrEn+Nw_qC$;Fgpqd`!Yiq!HqFabk+jGZr
zjX`QR`o4c!<Qv@_A9=Ta&z8l9v#P7n`SoQ?F=i<Jsok{p<7`6(>60>VjI$l~E*_OP
zuxpScR7{x#(ODDY?Xb9kfx*UtxROtwYq990@w0oMp`Ckh)2NK^JZMSh2djIeV>*!7
zEal}T)r_}?CC2RU@RZ)tdcAf)S@bu08BVRl$wQ*BJmWGgV*$^h-oWHB^ET#Zl_8eO
z-<fGYIz7EVsCgAL5oFDhnEVorL?KW4%`Z-w#cp&d99{Rmi-hg{3&Z6)D+@blu4vqb
zfJ^E^fcR?$=!_37w{jK0T^14BRmZZjOK61&jJS-AYA$wo)9;*kK|?b!2Wf}5)rnI0
zqBgWxRk3N~|I>oO31{7!0~M8fZ^<{-^oykP8*)@bYwA@|bA2B_A*$=@YT_#nPHEp}
zk?K7N@Eb;sa&Bh)#$ED9R@n{GXB_?r@l^Eh!XI94sG)kO3}R7WmEcRju{r}8MLuAC
zi|4~G@<t(KaN;w43nQL?`Kts)j+@Od1kowE>|7uoa%4h<Eke8+WL1qxp=y=*Rfv=w
zovbz>f@|S;GfK6QO=`K0?(2~|aAO&w3z-w;WRAj&R04@dsHQt%B1qnnIlZ8~%+EoG
zWu><@LLd!03{u=GPQ!olKgu_XmGo14?2`hEKxKZbLAa^w&*Un5|2M%F$emsMklY=7
z^>DQZ|M@AA_rv}_Er?H~WwbCGG1!6%HQExXbx>#&c+&#I7GB@4`?Vh;yP?Yh<8Gl3
zyOIyblrQfd1|CN1!>*-Q1Xf#R=f%TLGh~o(c?TC;7>Wg~xnfB?Xz$8%6@!+u=0Mh+
z%&#}&QwJI}%3u6zJV;KrUCB2FF3WWLyHqm*L~mUp#z6FmyN3IOpY(;7R;JeR4K$)O
zovwSI8C-5`|Ff&C`{qG0gqsNu^ol=en;zp9&Pz8~4UA7>_!u~nFPUTkbD*+0g~CYL
zvwtQ2A_LOBo_ix_y4(_|1(AEF4Wy%DOqK8%R{5Pq5YH!Ki;tpeQcE8W0=8+83)TWR
z|NJaLwb1#9UpMOb-=2z0oy~6$rwu;cH+QWsM3;s%a~6nK1-JoFo)Pw98(e)y<)ZSK
zU%R=!L;UJy{7q`H*Va<uTZh~GTn3b!)neQbL-lG*K`v&%V5w#v8N*mnEGZP5;#t9r
zwbu@$Avn+PSr{REzpg7|aT;|NCCDYiHE0J>w-_g<;$~z@r-ou?F&U_ad-W9<W~rHy
zlfiJKs49t_X7!BIibc;&^&yFMbV1w7{yVpQzC%4xeyjD%XS26FKx1nHLo(|bGSwFT
zDp%casUVPn{zRlE*0#^|4KVq=TrQI#&-;R3m8yP<4k5j6)+uj)qyC&=woq!;q?D*b
zLGzGwpU0Jmu5bZFg~$J^i!4LUdCv(H;EBOku}`p%p5zgYrX>?93hfSlceT%t4pt3y
zk%-#c;$=$T*oRe+v2}Qs^_*yZtGp+Tn;?!Oq&3vN^SQKGoVJ2}-Cl)@G3c4ZP><9M
zmwIRqAN4AxDus-DAC*L1pz2bPvr9Rn%fiSU5_th>f?IySkuLQ#k;DnX1>5!gjfzn!
z#!F3cj?6mv78G5C;p`W(VD4sYEE#rw&iHg~jr#N@?39r*`0N=EGDmLeMIHHNd;app
z<dr6{W_$9$?{3BS?zl;@egAQ9_hp|t)HpBl^{>cE_h-~QyXGgKyQ2@m`NuLj2`Z#q
zg(5_{RXrr7r0Vj-7_~NENB?ONhqi&ah`1|!y4R0v-XQpqAy>Lf`r?@mfv9|c_E*(F
zR)?_DkW&+!Emn3jWhH+(ZN~UY=lN0}8g)2rR6In`Dxb3aSLJV}s*`V%MgoEfe}+e2
zTEPNNHU?hQ$?hal|2T6KuCSVAUo(7OR{n*AE8pEnf!$$G&p1WI8x@Sz0ZYvgW)M<I
z`V0BJ^Ng1IIr!;H@?Mm%cZ>ne6^4E(ZIJSLAWI*+c@bH)58K`M%OfvwIRp`%e)U!C
zyi0?1f-a`HEi};i<~dLvbpGrO6z%wmljCasuKPOS={)vH{T<c&+Ot3LmO#A7gpd4y
zK?C&}=H7$?@Q!$}kn`0lp8w6-KP_%Rk;LJs+|piNs4ejQ3ewJ)AD@Y>0D*7xanYPu
zX{<1ssPP!Iq)eCFT9D2MKV$Qt?G7|X=P2AduldRP7SpFgM3_lEq7`7B&9*$!$ldlg
z*QU}2jU$c5m7jr%J*n(U7~`AGPqn(-vUSx^FicRjS42lF4={8s8;#nKSO%!9Y|vxZ
zjo@r;BDFw)idw<0`h44i+yk^Bv%jbIQ?jr&d`tziIj93)P4}GQa$CSGoTlq?WWSiZ
zEL}LR%w;MqxKttTikGkI^r_&n{_u0}i2#I8#>7ouS2~reyQ@1j8twu->A7;uUW>q-
z5b;%UJhaZX`XT#{PFhTiVj+Po<DV9EO2CqKrL4-jy+cb%nYa5Db*yz?&G?<!fyiTR
z78Hk9#{cqq_Yd-+lj%E#>-BuU=CVJsQlLm&0t@-c_4P~#iH8mS7m%ad<I=)M=coJI
z(&X*|jnLCRO7YNp|1T@AFJpgCwb!j7E@K}ocQ6ETJT7SI2Y)<lYm@C5=6QsqWo53&
zqm6;J8O$j+Gj;|^HvGj3l+jQ0Fm_{$DFYF|)?+M5^1Sd^V!d1gb<O1-NSRp+&~&w^
z!4)DF-lb|BR&+^e*ouv1CE3O!dK4e#r+aAszNvt*B-74Jpvp$`D%wlrx^I>hihQ?b
zQ9Z3&e<;4{dof(_o!0PmPA(PYUEbDzXRYt==!hF%7DRpOACdbWWb5fCWXcxH8R-oq
z@=pA?t_a4WINMFQdKN(?i<QP?hm)*7S9^cB_PCB2b{6&q14;h$Fx7W4cAGm~G;B9(
zu7>F9|7vNeI|!V06*v^dJu)}RtDmoKX|A5T-+2nTJ~KCeS|z?qxZ6)iNaV(#(%8lK
z4lt5iNNIQ<N9T_~ji#gWf7;l)O^8ii4SF&~gaG<5lOBZ;`Q(A-kP>Bjv<To}KY{F6
zjA0D2FR<E5{d}se@f%eSiO6z|s||TD;?=XM@d351t-z;&Qbx+q?QSD;v7J|7<Q)#)
zCNM^oIQ%p5xuqBlO+~iu?CVH7)fcl~3lIP50?(}oXe*PnJ>1qw<!_T5aQ>HQCs+^v
zhernUOL^~;F*1^Q0Fg-=3-gYPqs`Q{^hU*DU$M3IUR#Vazqho$n+y<j$QfTZnMfMm
z3e<|wQy-smm(R89bTn4_+SRs%xRRBWf-c76)**gzk!+0^G5oAui4#>u%fV_vU^2{I
ztBkK$)hI{PD^EE+?t{h!z*ud*uTqb{hN@~%4H^KDtxsM0rWts5W8($f6v>z{{_?*A
z>9FLZe^ArIdMPd^C+BkDfXqSf%Z+v4PVzhi@{IJguDi8smGUyS?kVo(Bd288%wc=j
zmD}UtYyvAV^r5uSDUj_&hE800!)S~Et<&v4EpX&mNUUi0f{Hyx9Z<zfOQq62CA#8D
z*&+c_PQpiq+$S^*O2-m7A!|OEh~Rl7k=u!7Xs0dVThu!i>xl(dfG!AQq`;;zJ0Jqe
zBb4-8O6ik+{Pu2^2-I)YNX651^$k~C*+3N^yZi+f@=NJQ?J*<Mqe)Tg0cRASs1U{K
z(bJzDY?qEQ<vS_5a{b#w$N9Oxa>GG7f`ZZOTeOTz#=C4ezW!FFllQC2CMj$M30p61
z_o(qcD6)owV5aCL)D}B`w?KafR`2$|Rgn}4lV?HuNmdRu=F*yvC&1IVNKRv6e*Rkf
z*Dpr(@TC@)X}(#zCdb^{`;Gh6&a<E^L=n4k!apr)k$-Ts<7RVld7<yqT;X%}IN$Yf
z6ok7_!?s{Bs&KVpZQ+Jf<FX*9OCr6YtsF`9%~{GU*_$wWJs3zWlnA0n#DcyBHuDTR
zI#Mw>)T}rQaGL$9nS3357ZkRxUAsKEFk(cm8>#B;jETkkq$@E`-^C+7n>V;n=sXmG
zw@Bxtt+Q46?c4b1*I^*jF1K-jt`Uqf&5hkms1Zn^pY3qDle+x&0FT!Y;qYajy3CmU
z9KflrxUWlm<{8uW4V3B-=^-a~Ol{&k;R5N6nRO)WK-NUy<=@>YQQK!=6kXf--d1YY
z$jyqXsH+f!cg}#~@~9|g1i1+=9O<^^dj4ibD(RmVT<1|&5)1@05GWO%A2!WL3~QoB
z3oGy>w=^GV-(ULky4rp9<(I22IkS$<a5V_}mb8te*v<Lx<fq?-1tGVUh*(XxTTVF3
zHJ5k((USPVUEkvrrO1hN@aGgOiRWPC&}mJqmFLD^2gGgIf@giqq)DR6x3iHr($m(!
zk>4h}%cp0T4g%FQBb_Vg#}njz((9%>7~8+rF}GuSMYr?LdUx@vSdvrz0`aO))MgsR
zG5H;&tGQT;#j)d1(t`Du%IR_xGYPTiAi650YVWgc>}(8k>Po3g_;sWkZ@nW=(nL%7
zcb;a)!KpGPG#oHOD8|>a$wrcI*KjR&1^`O1D@V&eEwETN2v1PlS!m?7UY|oxrF?sY
z1(#6d98>7cUod)3wV>x@zYS26xotZZpc~}0<6$Lz<u;Zm@iI0|7`&pq1n8k58)M-n
zHo@}>%uC1Ym6c0Tdrl+Pxhwx#_BFl!=Sy`GD_FyO82^}_u{FD(db1&a?)cWdbCctK
z@!FT_+l|#l$Jv5>w>Q<7_xA@IR?~dyz|-~KsFvF55u<4mc$U_D3@r9su79VKasi}-
z+6v?zkf9TrzmllaNwaPlv&jxU{X=QmbvJ={_#w$So#!$kU1KFtP(hsP1&we*Q`ZAU
zY7_<HM@vaS@ez6RHrS=?hU<U6J<C9=%Q!0dfx0e*`QMuf4Wfv$<lUjxdyQ_8Whk9Z
zfFj+)eZ#e72YVAOmIr7LNnzHShrE{S&)vX!ufwy_p(nrl9uE`)f>$)mWewu(4F6%&
z=QNX&S<zEpc{}(TL4o2kT_?zj<{hiyt25949j9--<7&^6+BEdUm4vF7q;5}zifr&t
zM{JBXTvz5SB8soLD5p)W1FoN0i*Xbr{E7A)g@!Nsp=qCW*-SDdG{o!SzKJutRg|L5
z^yzwZC}gcYbjLS#UB<mPA%@Z6(g+XwBXh8yM-3;^_E|bK+~NYT|6PRpG`Hx+x#>40
zv1ZnHgKC^y-Rr&Dk^U2*1MjGc$({T&X$;~H;_U}6m$Qoh{94zm0o$g)2sFaJPg3?g
zyid-#ZU^C5Gk9N+nV5()xvn&6u^-+avXX>T?Ml9+c!ZtLN;Rs;7Q8b_peVmtmQq`t
zmKm0bys~UI5>)S8LtNxsg?5@5J9TRIUZwQIN`khz$^LkJ(K{h6$7Ag^0Ws+HznDrr
zryW|=IZX?{T(~<JjQdK_W}<eIPa?oAQo}{usKD$*o*6;sRr9sL#@{5WT%OZ<TzgAR
zPs6)R8l6%e7~c^IvNr=V*rj4Aqi?+;r0Pi*!ad!21^DiRD-7*`s+s_F-sn0lkkr-i
zzu$+`$e7NnBZ1$uaF>b6H~T)FhV^f%E8sQUdh^KLZqnBF%JknF;Y5P|+a1Xn^agA6
zAuBV~B$2kV5K}>)m6i)T2&Jp*Yst>X!pHkCvqEuDLku|x6pZ~nsf><$M0;hlgq(av
zo;Vc^A1kKUX9c7lEo2>8_P{gp@!q<`1gK&qC6L$TT4cy&cB9gW$3z&eCZ<@GuS?I#
z11O7i!|5c)m~VN}F!)e@Xd%Ic{<dPEB$7@S&EcI2npv4?bME-k@b4eQxb=1Q%Pr!f
z%Os<HT<7_~xLO>rp%aTW)>urZSBNCn4ZKlJ4Gkd<MAl0$Is!N9jM`-GgUia-P^JBh
zZ(vvKjua|?<fjMMbq5J+=bx(-^?oQ`MqI@{g!(n@<C=af=obB_#oCMR>!CuGDHs^I
z>Okg<O6nx79q@LB{uvI@Ry3SvUJK73E&fg}Q@%8op`4<Ku2Y__6^x>ENkDs8OrA)`
zk`JJx##v2(a=hO$r{scq=tVhg<kWCiJ0b}N(|UBvLxpz_2|IK{(d$2}HD!zA{n1^C
zl&J>4<d-<|$W&bav=)0SQ4K^ZEBeq-!B>Lgo;<}^{#S@8bzhA8jRL#11g1JAXAc(+
z?rX8@CP^eh$TydMYhXYg0*TrO^uJ<KE>kqOg3+ti+D8GTmJB{vWhsEz`y)rPASvQp
ze|y;;ghzFL@zxQ3ob!?U`<;5)Q2TT~m=SLkGsRQJrWfpF*0t93-wcrq-`4)E;}9o;
zIp?Fys%<Gtj7Dn3l{At2Nn<EM4<@}>((pxzf;v~MO$wI~MTrYH2qeSFQWT}B*a)@r
zvBco5;rDT=<<GQr`c5`I(^BUG@tD?gS<cHx{%VoW^6XY9eCLtQ8RChKt7OR_UylGp
zzTcXt=$gSOG7zB+`Dy{KW;#E&S8O942~42H?J*b~jP42DX>;YIkwvsD=WECp_$vPr
z&>_&i@f^zLG|!YE@07(-Biyq0l`Xz@*h1CuVoZ;;$<W(L?zi}}um7q?P7KF%?P?!l
zI-hwK)x~eefIz{Gb8_WYc%D(y8T>jkhCXIC(3bUVvvhlT#Z<r}`d?jKo<4St+o|Jh
z$E>3o*SV<6#3)a`I_qrH8sNdS?!T#UMFxobpAK02V|DT>87ou#s#EO5`&#UGci6H_
z+16)Cf+6_Tb^g_5Y+v#I%b<BDRQK&pT#m1n>z_R$xM_%0?A0UoJs`T$q(d34$_cD-
z6@;z*P?h<-4~U<JNM|Z}<VP5^LK-zqW9+;6pDJIdZ*o~iF!NL9mQS1^`vpB(Bc`L|
z<73#vA>u(Av=dC`ljSS;bR4x$+>T5+wZ0sk%*q4Wph9enidAeP_Em3L87sf$q$tv<
z^MABPw{};LW2H@D8N*^zjagIfvbh&ga2pJm^7^RTQa(C*_u<188<X>YZ*`lPGQQrH
z6cYM5aU_yh6<!XqU?z2?pbjR6(x^w!a1S$)S7ni7y;|qaY^txsN>fmwr-@r0@OXsD
zX*A`I*4x%sB$a;f<B=?Q8u>er$|2(rf>mmVN}j1jKrH7_oPiey)Y+Tzf0lAdhAL;F
zO6Po$MYgG#4=-Z#14<EB>c$ZQU;T&xnF_`e()mLfqerry?!%tmE2-J$D(E61sD{Sb
zZB_el5y`c@!ovJQm!%4$`gtGQ{WiyCyV;igS-8U+X`7I)4fs*eJQB8gmulFUO4@9#
z^2?Nf)In5!0>*IhU1wVHr!$e5PeQMm1dqtoDLZ&UlTG|59|QIJ)P+&Vr~mk!+uQp{
zaD4vrNKikSZ<La|T#d9Qbro37fu78PM#hGv#ND^6tE*MQI~FNp?)V7F<!UMveHlr%
zQTP)E``xww<*rsz=se<;KOpAQvN`uojjP+9@74KUQ{m%MkR(nWA_&o`aQ|+7c3k{i
zmd8i<sF7OyC66}aclTP6mmUp9$zkJS>VQGM@8}+koLuy3Mmk{?{bGsQjo{R)0vUjG
zq~gW`+etG9;gOWc+{}=kj2SOYIZuFgdi~#yr#U~#d;PFe&blwLhvVa){G#1E*IpqD
zr?2pFl=7)Z`ktw;g8oIkbn|icF&URU29)jVM_fWvW+q2867Ws5asv2yc2MBIHDaUm
z+d+7#I?gr)Cn-*kJiwZVS-Jxkm3k|Kn8RiuuI9;V^Ja~Y#dI*mV-hE&!<Q+W`}eF2
zr+*cW(bhAYl&=l8(LenN>N(lVXE;*()fUG-e^aA$_q6=mZ7YoWlBnF|C-h3@qH^a^
zX*1162k@PU7aN6cw-w9-jq$D)&=8?Y(6)O|_gN1OJlMDLGwE53l8Kn+5t4LA4X$*a
z>bm%`^_&NIsBA+8tQ<`fj0Vl;4e0W1$v3@0Ui1vC?+cMoy9dsv<)^mgi`YJ@%G80F
zzqPMDV(q1ynub|97~X*(GCE)+D<E1LulX&DJV(*Bq|AvZy}U4ML%MLG+OHwN?SJoz
z$TT>jABwHF;BXLO<GfHmRq6A}PX^Xk!6cFP;XP4`Uxk*hS67UY*Bc>5JY)fE1Qp93
z|8zs{OILR*q5o^n6C-;%ZUv@($Rq*WzV%=0QCD~}$3NYhLwqkbPIybA%SzwI1ES(s
z>Pm{n!l?t9&xp%EK><U`Od#M7KINa@KY6Um9o(<by4d@@fjQ2qDcz_6wFYjZfG`=7
z=^RywWOrPVXJXz+hiNGSnR#+q`?QUCTwOQ%E~q|h<}7i)ei!|FxNprfoBN|PO%+`V
z*cB=$<5Tuz`+5vdS_#cOfYDv1h%^g^r;|1>t{i5w$PPZ$Qr_6DRko5>>+uzGTmM%V
zI%bAh$?}3cp1_Eo2^b2pDuqAjB{VFphVKft_%V(hK9DR176>qxKUYGN0$J6)Xa-WJ
zaPj>Z1;27PBF#vqcyI^^@hzttEp>6ox@fevh47YIVg%ad!(4L*ns_hp%{z{qQ{*~?
zajTV5f?aKemeM!Ed7-Z0?-+wSre$S5CHe*q%r<bfh#5dM`Zt?2R^-;G7Qx+_-9N?(
zm8<10mH<3F4o|OeS$sjX_kPd`IRCxhu<hVBT|!r=vD@}Rs6Z|-j?n%TrIbCFK*~-g
zgzd1Lfbj5-GkZ{KyCMLy*Yyi!hg(igb{@uU_`)$4PAS93GHcy;IsE+5R2yVYlTzgW
z?IW+Bwwj2ODTM{Ei;*on+5hbb#gs9w#}hAB){$K(jS$-m)Ym_sC-P;!%crNs^RlEa
z=Te^miGD82&B$-&tJ#Q6Et<~6qe#5q$hzbcVj<-W%g+oBBidKJEQo`hwrn(~O2LY`
z4hqF@T@piGHm5F-h7ifCqbAL;i($sXYp%bg4UDDXWEE%(Dd_dz>*Sq1jTqh}-<vCS
zfBU8Em9^XMJ@ZjtS#gVNg<)ECG>$OiuE`T;0GPR<rgRVS`LGwLY(#gVJENf`sjT)E
z?e8H@pxN<4^YABnL7$ogE;AN}QJXkfhuaSJ>!+WdxiLaNBGBI#X2^6=HgLt8r|+CD
z&;K_!qYz|;C3Eg)M3;nb$bQBfj8Tc4G~xZTRzluz8?e83OC{Cge5yuJVtd|3Wx2^V
z5T_iTCnJa=hpIh)VIFpTbk+5AH^2N)jLaRg;d7^DO@jF(P2C>6|K%oqDQvNk_?mh;
zHO&w8c^cv^O_ug``rnLu)T{-vy35!u#9h-FuM_2+8Pt%@on_cEGef_ii=+idDST+{
zVHS6TVOGsv`$osNV#cO)n_uMw=MFn3*D{U|xBMztxR#cixiy2=EJe@I_3X>U5nG%m
zLxrqZE8ke%P!eNK*9(qU>|cso|7v5Yn?4Oa9TPvzo8J%FC`Fqr9DD2*=33KO6{}34
zCLUF@YyVp#;m;#jv(N3=w;i!ha_V$nQxRT`u^PfIg=|&P9{%w3_466blx!1cI(+|W
zqHO4(Kst1X$9~1UMONkD5V?chPB_yqZlkmxf}hvG#uyqnt5f1x9$sp(ak0ntj<fug
z%V=?C%R42aopP-taTBr;MM+N4dK!P&7%6Mq(?@ORy%%ZZ>aE6u@XzdauhXxS+ads3
zS{GF1J2M)WruDJuxU&9_8+PuiS}@92mYbeS+xmJFlu?AV@92LBJ%!9*3P`4SPkdbw
zQ)jZ}7$MO};!_Prf%HvbCVxz(^fRSI1=*y$#(S7a_cQ1427uyvNj8|F7{a3qIyveu
z80belG`=s0{dZ3lIb38ikMBQFn8Z(4zbp3;`Hi__9HAs8d!uwX{qa;Bj;As*s2A`H
zL(R@-Z(!{GZLvj~E>X{c2>a&y=(>HX;bK{j{nQ`$!me>gOk?!VjUwixomCD6P}lGj
z{ywKEX*pD*dX3NbMd>o`O&0jtCen*A!~5n3c4<T5dhT33E-^ys3^4GQlx+IL7wm-a
z?2W-*nHCB+*NJ2_gH$6eForn4mZ}2b7wXLRj4$PkW~IMkLS6q9F%NbVE>hI~7AUp!
z{oV4R<Xln&Y{R$Vt@}ZshDJjEv7&w3*U>KBq&4#YcslF1CfqKJ4+IH`jS`S%bcb|~
zQKMVBTR>V$0qJIRcXu};E!{|WcL<Wcyg&H;2X^iH?3`y$ocq2fnf>=IMgR8Q5j|gj
z|4aV$PY*c;mL6sJ2WC2!XP#Dd2Z#T>On--}KeF_FivJ*kZ~YCeZwyfwZCYX@PbPtX
zYMgqstWkQ69C{6~GN>B+^0-g_uo{gbE|0vXIwi@NL|+o;P!_|-c<geQjJ{s=9&d7V
zD?A;`h=Et`;46~IKCh^%8Cf5Wwj5)#Btcf;^Ulb2Y2u^kG)dh!J+%L0we&lUA6Y@n
zvU@BXGgdPLqq!sNuxiBj9zN~mZY0P!8d1M)WU@dd`#c=Np5Yevq+5rO#a7|3E*Gx+
zlvGrH(#-h|&h;N?yqe%4Avx0_!qE`QRge0eN%9CzcOWIwyJik<V9VpFi}vQAJV{!v
z{OWL)ViGQP;`S{8{?EzMA<e{k;Vt~Py+8l;2t&t*%o@*kZ$?-%kKdvlG%6j@gkZmn
z_@n!A$Ac)4@TgoCnygW1x8#H=B)s{q#gE-yMiqD7HtK-VvMEbr)AP^iEL4#=O&G7I
z0~pi=5_fIE^GIW14aO&HoER>fzlLUkl(aXgkTypuBuH<eQ|HpjO+rPReG*0yNRVyT
zi$T69hG3x`CWP-0w|P<UDZL|lA>$&5nVW$9vDj>We1|qQ&yHmn)Zqk=?dQ#~U~o6O
zGh$${7+v8(D;lndY4~)|ZzTTWyfuN^0C82F17+hS$X*yOTzHSC$6Ks*H#<}D(=iZz
zleScq3ZNqV{d43l_oGB|NGLEst+^CWT<?nLKd-SYDk^?)7c*f-M)>8|+Uk*pZkflQ
z1H=t)D3phPAgN=>U7%inXkJ!QZ;x7X={i0lEx74zY$NS#?^B(+vlG}w>Yc2eiK1y+
z>1V4GywdVRqMWur?RaRI-5tU7nI{c81qOZD7dT75eHHB2_v+$l6*NLA3MBsqII0`Y
zdfsfx67{qxts_j1ze%T~^9ILqdVaSuDsSTR*XZ|g?;DmdOTe&~noD6u%%X>LOO*>=
z{gS7^CB^zyaX9>NTV-#bJo=H!Vq2170`i82ZNLeqXvSCj>oC(!m!*uerf5{`AEwEB
zIoB?I8^NJsxy0sh;8)if+$;fO@@;Hcf!^=F%n_uO|LOw7?axDz>6L!OG^p{D7%gA^
zm3j1gULuIWg!BgCs0rU%{&J>-Z`hplC-p|v$E3x`W|1sOc*2}K&6*}WkX_3NS!d+!
z?lH3%5Gh%#^i@B&;bJ>oTf&`Hy5O$j>HAXO60uHdpF6|Ob*Jn5tEob{3&_Z78}{ng
z+m)9gD>qlQG`9wRHGxlKEk9m1j?Z^nJ)>N3Kl_yQHXS4AM=jB(1qV;M{=v^-Ze#l~
z)n17$3w&Miy(;H~@DRl+O21%}IAQj=ZzXT&br?9yM8<$lf1s<Qfitw0Qn*y-Mc?nr
z*BmmO8D#tQD6^D**BwdIT^BcdGgM>&qljSSJ2y*ucfU~nv1q+$l;LUml3QV3WsrBt
z%dAFfgv7G1XGLQ+%{&ObXM5zw?IHNEetBuDDb(Vc|BD-pp(Z3_vq$iey@LB|;$xS~
zC!%)@pJF1?R1tB10`>>%hD-}^Mshw68^lYDWo%GrP5?+J3MkbMcDhc|FEzvPD#zxn
zPV2?epIWywN`5QJC3>HTq&GV|eMQB4bQkeHdv4o%nvHu&13(!i7?BDoYqd*j?QCB*
z6je+8z;o~P)pr#eVLtfB<FOXD_^gaRZg-XokEST>&!$ZYff=_bZW4GskmU8-gfJ12
zLVsY$>*^_!wT1kL*q-nbwOec%-0-E+=Mx7}=O+RjB>VE@S<(O2&cDeMqA+qU)n;?f
zw{h2D?JA3z!^DXr>_=0&W_?qqnUS|qsh9h8!zhM*CK>Kk^e{>i<u}A#itvqSinkMZ
zaBj?)j9cDS?Oga03Tm+ySVc_{Gq&-sd|6cDj|xH)@b~3<BY7<xty~vF1Ns}?5d)Y|
zIgW2oV4)Z~KS%DeL8c%jZa$Sd25l-I?<wjx`*$m~@HXW$-Pm>~=EM>)oGaC^FL-Ac
z6<jNmmBhO%qrdMwpEkU(ZO}#jRGxKUj|nmrm-h3NjXxTV4ptPcb=Pp<h|Teg8<H4&
z6f|XGFhVg~c4t4;j4s|SrlwahTfh_-$+DXI_@%HpCeK%u`d(U&&H7(mL~a)J0rEfe
zr*2WmhIYUIz=a~UhAfg~_?0(tT~3#ug?kOXkabA_wpnHNZBH5|b4g5Gzb$N32mpwQ
zAyQi*9#U}A)FTcK<}Z2#TVmZ&A0gD8A{@$QRpG{$!)54&*<~yF(QkhJc#J>Im&z0f
z^`sHTl^BaPN*oJ^drlTV<0@C`D?}SJphV<%P$2XoqMH!n7bD)Aa*)Mc(!Sn@|AGm4
zv`yVa?f$79**|Yw&9uK~HT`+ZJ}LTme)e_lx!z7!SEI4kZfPz^%XOu`Y}DfF#jX#&
zjv!(pwmfxh!Usf1JKV^l^ZD@YWBi}Rz|EW5*NiCv{Ti!8bQEV}8JBE)|J`c|sV}EW
z7^^*xE>KnHzLobd+XboW^-vE;<z(lm<PQ|%*4cj(5mxwXK5R>fY3Rz^X%kV`{@GLc
zO?6>*1`>WTa%ufZO@5=5YySvysG?M};oN(=3SAE8jlFmrU(}elfki;Am=xni0`4k-
zD3?b?|8zQvOp91L(~pR8Y?LoIIB6Ga7%PQ0vR{+|bNDj;ARAxwb0pEUh^1wQI#t9H
zt=tcuEOgJd@oh$IsrROqQ-4plbXGldY#!E|czIu9HG1<c54K;$9{%5!XvAILPxR(J
zoOtjfwy^v=rMfia%09wzG!yz|kpaBJKl>_aTANCt+?;KTeODLX8O9hrtjDEk|JB6<
z0aWPA_C5@@{q_3!@20sm=&S2x#wjrOwvm>xZeT@x?x55{41)s1RF7j23g-X**=_M2
z)T%L*WlGpRxu|%Zs0y_R-FH<HL)R{jCa>VvI_j7onlgBc6Cvme-kp?NEKp|b6P})w
zuhCJ}CGJn}P#Q$LmKsRKfNnIVBzLT(tS8p9JwaQj?b<07I?;4HW`6vhQaucvZsoe+
zT15k<Y{TA))qO;0ZfThuEgu$06tK2dp`>-910fQH4sgDrSosAFb&-?)+fKPWMn*Th
zjH*Dx2w=5<rMT9>5|45&<(`w7@m?qYvPzU!pdo)%_%>Xq$aVLu*4tHK{E;z-=1%k<
ziz3~xOpk84V|iBlJSZ!dv3LhR{b5%4`BQOc02w#)=<@n<7b*%aZc!5gd6CG@r0Wlj
zjPyg(gv97z7<KNanFk?1_R!?5*T-Ubynpw!r#;OA9v~bf+}ebLPbpX*Pm3Wo{Nr$F
zW$3&=5RD$`Mvtf#DcH=N#5FPVv*Qk?G}=1PhDe#SNAxPYk~imjK}GdHjYD>;TS+|k
zsvp(o1Y!16pqjbWNiiMRUmO|GI}^#DuojR?@%xy9uUNmncl;n(io*;Dxpu}+IiS6k
zVaU$q!{z(YFEe90%5@W;-A=&USAd2L9VejkN8k$ShdTA;KiTI$+J>vk3ih2ouajmm
zFaKkq8q`@@cUeI2RHg}+JqeJk>QPS}TS`dkW&GJAvRG{*R-yc+Qik3Epco+Nhid-U
z9?c=y-?s)1)=Vnd;aq-AgGu!g8xCZxBuwgwBBiNFMb3fJEg&#Xi{Ng0h{Vn*5%v&G
zu|=j_C$L|ghoe%5kWDfrmiS+%Qnc>>x!4BYy;y9`Emj^~A6Mta->H&Tw|mg;AGPxI
z$G6=(lu4`dFD||OL;F3-b#{)fc0`&h{&u?%u{`N4MR5(yg)5JkiI6t*QnS-<h0*&*
z)0)X!%F*$;AbpCM^XTQGK}=)xUET|^!%-9!sP*1mYxe3)4r%5K3aN(sT>aHGoJfo3
z-2DCDY`hkHj7zT?e3bGyyG>M8${D?o*|ch1G0XMJ-YZ}#ZRFt-vS#sY9{Cj@h9EGi
zJ7J&G19{06q4<qZo(tP_fNfmsTe8`Frm*$y183YO*-8(a4O(N`yC1wgoS}5#L-afv
zXf{9mer}js&-atz9C!&S#JOAc<O!9%FA~~rf`z1{{sim0QOqlF#}0G(IKN#v4}yD^
z+v)r+Psnp+Ez@^W-nEUN$eh~!qsmtX60mdN7_L2LMsNBuw4P;Y;s4}X8t2VAB`!x&
z=jML1?6e=}@beoOXL>`m*PiNNKIwyjL(`)@aVlsnwEKX$nq*Et1`9OG+fc?nWc_tD
zKdwmecNERPy2w#pyRA}xYvj-EpO76Ty|vFKV~}i47WC_lHq~Z1dm%~QN;o;)CsBJO
zddW|@a|dBjRzZWg4qQZW0`X8E@VJ?p-03$9KEM5g-K}5XH2Uez@CebBojwKcip2!L
zy9pq1H^nB0VT^7fUsww3z&oz);X#KmLx+XNP`+DwIx|}Sx|>l4YX)7K0!E?PP~Fxi
z&#2%XwWbud9cnot-ZJ*IuYI-nF?f)~H0mx<#P?H}_n&feh|0A^8rli)#pDG@X&Sco
zTlzkk_Pwb{T25$vosF_;(w)d{KDm~naPE2btdRNv2Z<{@LVAQ5CG+ZGZ{W(9txD(A
zDqb1(^m%ER7`N*m3;Hl!=TU&<-{`J=G`@n6{!KOT7RI7ntYTlq8_XDY(lJkQ2E#8-
z_GG4C@<;4a@DZS)S=!%JcVJf}lUgBn)b;)t*${dLo)i@LnAb=U(q`s9_^i;R_)l`m
z_YZP|(J|RLHvY#smSK!`Bl!FIkF4V32Zqs}S-A$C1p$(UeYl;eZ7ye{Enf=#qOj~3
zo-DI0d3?%^g|-kE4sk)OTJDOGK5p$RDyHg=Dl!VpGsdN&OuowZf_b<+$o$b3HXOjG
z#&ZTxETzehKOYi3xh~wh4ZN&9;w;zlNqh!&mO29Ol@?l(O%fwqPU(k|NWCI!^A9`%
z^XUv`&Bj7B5m7KwX8y5=i#b5*&qo<JA{vf%SM5w^%&g}YVV4k%{S+GFACTVdoJ(84
zH)J9LNpT#C;E-8)5D(jaE=7eRp*ow$>2~H44C?qfU6yf^FlNc#DiH9Z+ag2q_xiYI
zf!Kcnh~M*lLX#U%-!?>+9<eci@8Fz$w^2&Wy|MDJ)2<QXJ}97Rg`uCa+9qEN$}gKT
zqKCma??VOWr78LI`Zy9?yd#{*68z^>BWrB)0%K1@nsW#>yK!rNw4<i~wP2lgxFckV
z{}w(cXaDK3cpRi6B&vWS`l?R){ST+avk&%le+*=OR|^u7k)4f)ws#Y&ccA2nw9a#X
ztHi55j2zlUjs=}h)mZy={$uf_P!LcHVakbA#+7=9pWG|h-<fa20qd%#)c?u$?9l#|
z>I9cH71O>o7vEG_n|&e4P`O~WVrhnskuv9cKPeo_rh;ts4Mz%<91;`ber#nI&xwDq
zx*>CSz*o>~oyRy`R3M+ms|Z)j<HWjt>?WS^4{DzN)4;qtmEnZvyxgb3>2*_4J)1^f
z+9sqsl-N{&=aAMj9WAdRQyXMj?kzR#Sv`R>6pf9SL|d5ujE@6@=))0&O_;=Gp9=)-
z<zEk!zb|&>{7DANBFOP}^N6UM^Ld7vdMePe*HKnSsIG@h#&?KunY2E<X^TX^`mIft
zz{{X5&rJDf%__iX6aB?i=nv9A7MUw*yH5k8&8+Tu;AY&D#6^=k{xu0a$s(&iqE!L!
z{A4Xx-W=rOoAJyrU&@WQfK%09CG)q);jLRx#GNvap!oF${^ApQ89gWi_8t*o?FiH>
zAfa*b<U*%_IG;h}2t=^}r7WQqPe&RCuG7B0zJ)uY7hAyTo7a~zv>d206hFlMt?-o2
z{kuGcOMJ_nIj5yu=>bPXrqJ|k%2-q{hhz*;0e39t*7I}$6wF2X>76DYEJp77hQM)F
zOMg`vafJPg_J&>YSGT|QjTp|Thjc~tgb8`foW<Q7&JH{RW?P_1Vgm8kYq8@nY6_89
zS21-!0;O$k9@p;-Br0)i+X%65|IOtv??=^I(etK3U4H<+QBdse@5cA8Ns{OuSn?g>
zw?v9r?mwKEJl5{w&Kts1>Fht307dnC^y^J!vkPcy)Ujz!R_BC$yr3AreET)uuGagW
z8fvv?qf^{{@}n=R)!R)bvOIpZNkAt#DWgY$LvL(N(M<qikF4|x+ohpEB!I|Z#msoC
zlM;JUq@05@cM0iY-ha)R5^OGEq`g?>nzr})Gg~Fn(Xyapitq=>%G$X0bm|W6l23Cz
zK^89uQnP*g%yxJeDv%9d9}X468kM;MN-fb#Pg`f6U>yF+M$36qIek!IP8=Z^PczvW
z^`teCDW4RTNP89<w3@#h`>+Z-7bg4fO@P7fp6J`MxpLDQ?hXeCS0-c&G<}zYl&Ja{
zvT0uIoh6nA>Vr-)0X44yp#!0G(F)9yy~rWRJ1JduEM-#0!h0&{0Lm9r>yX-OrRwh=
z^5r_IYV_JV53uR)i3RogyGCet=~qU!SB^_?kzzfb6X!qK-j(Kz>SOd@k`%WsNz`eE
z40`>YvQ(1$`zQzfQ&_sxF9Cgx^joet9aH6rOB`%(4aqmzG*hK*Q8Y`Y1nT3@e-BMX
z0``22$RuM#A~f~g{z>Hgu&vMDJ^3Y)Fb&gEQ#K>wT~Y{<ERh+mA6k&N`6p*rYE;TW
z_s)l>eB}=-LY@M{cODJ=TMkICI1gCRYvKQT<k$edp7)AARdC^cEQ6kpol}wr1?T&K
z$J{`uF*t<7>G$UFns@7O<L&!-CT*t-0B=z!i>SeCW|9ian?XAb<DqqT<Blq<E0$pv
z;B)2MD_3H>)u~1cp2R^I_}FDAAO}j}Kgp;Z0F?*r%DGk0rjUe=nO*V#Rn{wS>KfCZ
zVJ2DmfYq;-t{xtsKtVcV?BC3NIc7Tpz3a)0OqiU7AY>!7ws)S-e|T$tgr*Yincr>7
zRp_qj!FQ*Cx`|Cupw-q<uhy%Ah36mzLR0kvi$eXyQk|hD<xUC^2u(u+cjKvQ<@?{&
zz$^5hDMTcoPrd8V-rmr;KvYk3?mDvik)XOy|5(t(*S4TR@XGV5=;dItL5v(KsH~of
zfzo^xYTT{wCCXn-Y9XrZ#J1;dQh-&{+cGi=YE*Fi-n_)+sA(kjH-7}y1#}?-wUtrH
zwq4t)&Q~qZtUi)&nbCgx)*yjb5#zXNYMARM7Fr@}mpps;V|KQ0y2#K%#_bkvSkR!E
zP<%7auN6c%!gm^AHlL-4QnXS~N)x$3*g%f#{XGo=^`vNYuG~(Yj*ib_NUKP;07twn
zE|ni#pa6%vyqDugd7D4XK@yBAj=r5W5{$${yGPV#{|W%%=1&lq6=fJi?;<qRLKPP?
zKtG6awq}@BH5&%N!fo=mR8oPc$tAT=48CfjmH)If=@bhov95@9<QY%Xsp}`*0lew}
zIUl$CO!K3r6*qOZL`c!LH$Z<r!`^m*3B)fd`tsl({W5KOxfQ)yrn}WaJ*9sHXb-Vq
zL&MWjFa?UC`Z;0O#f;;Zxy#TSC(nG1;7bj0F;u&d;P<*xk%1_J%;h?hsaf(C$}lu$
zvfEhue_KaV28yZGs{k7$!67l*k#OrvS5_AWKJiDBY}pdDzO9Y``izAfE{Tf@pfc}!
z(C>^Tdv~8TknA+~;Nr$$v!SYmS$2w@#pl0K`wz3kBHBHwPs}al+nZX4hbwXfg2OhJ
zOIu2}8!}Z=gzRsnkvODM(IJ$o(g=-W)*dVx0p`;G>Y^;*=P4e$Kl+~!M3R<etGFi6
zpcvM~0v(K36IZ{1IZ7n}fA`$eVKe96%7H!uvD|@|c$$p}pk({oT49U;K#tYQu#4J~
zN`iq2f@jLwmU}2-{r2ff#-*ZfHqK?c$H1k_XgNLJRSI=dh*gV<mF7nI_(;2fgUIur
ztw!r_gP!`>J$^tSj^?;J<6&tL2G>+S8NCJ^=0Pl2xSH-nMSFzw(-5zZFB0o|pK<8i
zW@CXcG88F_o`o!bppZ>+^lg*}Tga9O4EZk{)~yEp`PL8;H{*v_&d<7|qW+bH_v;X9
zUyQhhNQLSC!_m=Eky4h|+w%8gm_A?G`-9ejXWmsIxc|*-1qK2@9R2jk3ArPd$7L?1
z%q2c8-=FB81u0Q3F&&!XcHWF;{+h-nlMF`pl<K9nZjt?p(R0^&zstLJ;fKT#r9CA|
zbs+;l^hULz3CGh7l!2g52n9l8CTYXH@EJS;!H1N>E+Fc889i1q7J%&n5LqgKE7m7>
zHV2%JD4aYc@H&ADuO&Psf<rFW#pM)M(27*oB&^Z;-kymKf1%3Eh_zs(wneM;%Yf6{
zd)-E=J};?M4yq|U*1I3m7APQXU5=|f>FD&UwTIPPsx?@RvMkA(CteNclbZhzl?){w
zKb1>o@HP&z*`-eqi5O9pB|Qzi*bypfnv~~8&x#zHU|aOxd+NBESSGi!I(-W*DD*o0
zomApX4a4M^A3c}*!3hGA(eARS9sLfb0&}K9tp8#Mk|Oc_urzko_vX?viw2z&H{PX_
z#FWLxl@t3RUW3k^N5<&Ri76yza=pzXEeL;=x`n!Dyp?6*DO_Yt;6~c`>$cml;n|oE
zTT2|R2J(e#<W=N_!OuiV$foap8D-e2w;3b8lt`rtVDueWOsFPGJ(mt&%=9{g0-KWv
z-E>f29k7&^VVoA9xr+N2XRqQmWtti<^^>mN2MVCxS|CM0NZ{!QgVOUWyOBrFHZ#Mv
zcJ&2s*AcbEyvDtVkfdLX{VlKh3HO$d$MXJ226JKbus1_b0{_#}l$F`)YMj^<EKHyh
zqo>;`BZk>gBFc2TPcn{92(RiP{soJNa{wV>R;>3@vKbVDHyTPTzNY+c!k<W!F=Ku4
zx+G$q&1jznp79Nb2Aj%d!WQtDL&ViR#Gu{9_vjB4spsG^?C~sNFUQ}xoU^UgPwPRI
z@9s~32x9vO{9n}C&KOxTH=al}g>{9Cz7_THPw9?JMiu(}kbq(Inc}yWwmRoIjiT7o
zV@eC8d5^b9^hp6os5lfMZT<z-H}u*#p*PC4l$)`i^QP%q9Krm7&@Sspif_%ufG-be
zY~&i_(*gajA+;fN7FWG<QnWkmkARRI<)!qKdzPg3FRt$jcFR-0{#!3rpGH@n8rzm1
zX*2G^hU7Uu*ajP)ud<y~?5H`u!;8h<I9mH7r7^$SBIAPA7%gA~-q^21^AMah(KKtX
zKz$y6if}`Wl*XD&4rh%>nT|6fCl$QH8HI1kS8|>~yhEs7p)e49N3YC_-F}moSeO@e
zuOxAQX)#<&7f+daSfL)BIs*j<kNuV~oFC;~`+NSQ@2RxbWP9yz(O(LxRS#Y5y&%1p
zBQ9Hm-tf-aqx<V7rJ3`f9oA##nZMuWH#4+U(T1fgX(v_MUF$Qo4jDm2JYtELFjJLZ
z&Lgk2J`&0U(PZ4E!0Pt+b9*#s8xiYyL}evp@Fr^#w?))`rcK7G2k}ot|5$Jze8m7T
zJknF&ZATQ8L#;jrK`Ej*#Fm?pcbVv=8FtHTkKCsx<iZ7v4Z`^9m4|NPxa>*<`GSKp
zW1jEZpTAcgIefWR@Yz9Ye>;X!z>f&d#E2mm<#FiKEbNPxos$#EfFLME1x?4pLXVL`
z8oPhWc9HzGyn3(Zz-j6H9sS_*%o=MSAN`G!Q`OMT#kyE-`6T)mSpqLqGO)y2FvXna
z-(&2T(DBZv4kgj2?Z1DT{_bu*wx2x!{f*V^KeoS7d<(*S#q=uNFx6!HMD@XT3Af5v
z^}DKswBSuCZJ*t3R%LLAL`>y7czhDQ0X47j4Szn1ek^|OD2TMW)gwF<nEC3zd#xVA
zwit}_`nXtV*AN>FEu9p~fFEEzIEQ={rLUx}c&B@lHP%1iE0aBe3%H<wyrgCCIU%mM
z&!neEZnE54UY0$rSOqQxeNCFXGT3zbGq>1z_U4Cr_M$rMdp~=#`>N0F<D*bOeF+q-
z)<x*SPZbMk$F<nR1JTg`CgE2%WAxAan9=GT(@Q@(c~`^0F#3%n)<u)5;1%7En?N?J
zXMKeejueNMA>W!)GxTjDDUpx;g4j?;46)ufKPRvo8WK+opJoleT!tGS-?SZ_G*mF1
zb=350HaaC(I3%b?VSMIv8*=Ot5W=((x>yg*T5T=bDYzXuo}agRsz}m`13NoE-2c}j
zi}R3vb!>8xyUXD{4s#aDlK=$Ap-jW`?B`H~Il?2e-Db9+De^E%j8+<ELkXThahZo2
zJc}J_%E+$m(r7Vv*8?>qpSu&~&3s34Y;Byk*r<vK)$Vvn+WTvL?HTT$YAny78ciL2
zNuBF$x@+#`=chELf2S>6J1gBi&ot2Y6G}_V8yHcCQm?+r{l1HI@RsnA&i_QE@<A^k
zw;YQm{86vQ&5SWq66kJW{WgvltfG;4A*;F*+>kK&dhkK7*otNA$_ekMF!_P&vD}4v
z?%u+tL~T1AHPdl^H!JbiIns>Wr6=b(G%*M;!&_gSDn`aC)q?OQ(W+xX$n($n73{^!
z_g{~^_!sxli8`bPMO>`TYS2(6VUr!ZwFP67=XQ~^X}t1WSIP|28f8x&wx!N&LQYUT
zKXZb*6PZdm)seA^eplVusS-!TkAg3|TWsn5B5ws!^g<aJlwYI9R&qT>)9Kn$Q#(+^
zeso!;BQMfHB&x8WrWO&8f6ToTOD^e_{lhBFO2I`b<&xAQ^;coxL<W_aqn5?>DFOLj
zPL82E@!Iivrz4(3X*x1p&x>zmd|s1(xYVFz8~=OxV-iaL>J$o`VsCHntn;eUJrhTA
z=Qu62+Nmlk!lb?Bk3KbnM3^fsfYJ;v167U!)p4Oz8SRcDUpu_%17H$2tb|Q^2^}|}
zMLm-DAB#+~!RWpUUb>GTV1u@Z$pnQGH@9GNyVpvoEFdMauSDI|22H$LT1uHhjjk_e
z2BH^L7?W+^i_N(3Qo69m<@V_YHdU^4O44V^(2e&lU1$BPJ}0%utNQ&iCGko-2g0L`
zRTE|OS<>*|U;gBY-tW2Ab#^YS9N)hP@mh1vQ1-sP(>oVe!$S-KP^m?`X&T1_!1LlY
zY0!M2-7E>(zWr~^kHP*Bgu&y#9IO1|`P<2`PogU{TfrpH^0`d5+0_(jTC+$+XQHDR
zT*euOH#od336FNJon&<F3H2^jDiW`Ks2~U2{)N`*&cksMiMf<Ae_rxd=Z-Yye+L@n
zc?<p>+$Z_RqJVuMAWgil5V##Ws`?%|N_JW2JtTGV4lXi5=o|-B(c_f>Sw&wY#?^86
zFPWkCNc-c}{*Jd5@I?L0-<8L*YfTcY2nP4F8wqo-xSy}SD;$U>7yf!NL%j7ZuU@k%
zc8gfyc1-Y0$oo%V!;2Y>UDJ~80N+Uj<AZ8$hg9N16Y|EIy@&HbgeiJ<eYJ{A1TVvz
zI31bCCXxHazK&suy;g(!)!T1JK^vd;Zy$Qt|MYaeguXv@zVkjG6C?-A4AqbeYUGCk
zaN5Idhm<{pjce+g%<V@Lr6Gy5kef?oYqPxdU%x<T!0pkocqIX{zdk;P9wm)~ZRv@(
z%;ryMUJ;Yk=>J&UmC;_{{{GH_G8yVNTrK+Y7QyN4;l0lBEfjKYX=!QrusEN7wWFK<
z!4=+4A7(KCld45gR%W6q?IPUH76o$QOGgf<ZPU{U5J|Z7<5#v*(NJ$PWjwb)KSH36
zW!t~DW`;jI9`EpB3lvj3C`%0_MPMgjB$^g(k*gXhLVd`+&sW=w&-ZRwZ&q%q*GhEu
z@4vLIAWooZzpro}Bb=_(1h}=4D&jbwrgiS8Ao5)d*0$qsri&l*R-H#l5{PW55|E$B
z{zT^5a86U(fF9KiTq!kj_QzlggJX~aesopY*c{zo<|4=hv?smD2+W%VNw8L4luxbC
zpY~tG15Yu?t^#WRSYU-yMY4t*G}iV;;iXL7zoNiV2r1K-bI(=>I1V^i?0it-Umm1H
zn^E?6i9dFtLXs`1ESM;+l9qL+e9O4G980*>;FDpf;!%Rg=XY>w@YjxaubO-|>5xb{
zt1|*D!7=75);p(j)^qmvnLItqu=$5&ZrGO}IM{g4Zs2)i`8&0US7JFhmoTOSHv$u~
z74Vi}7>ch-<twzc?Xv~9A0axbY(rl-`GosnsW?LYcS^L~9N^d^axeDA%2vO4qTlFT
zl$E>YYg*RaN2kjas6TpIexSHJI;zaN?R)LLK7+6VTNdnJ6y6I9DcA^N`tv?(WeN;e
zm}=UT|BoeOcpYJTGXIYSpQzFWYvUi?q<M$=O!_hb*rW8$+422x(Q=R0iRJDO9LK~8
zOO8Hy4Gkh56YYvFJS<|UH>#glf9fKR*xnI-H5LTn(^&X~@!DCNeUtDp_S43Md(Q;s
z*u&rG4qnWrvSOT|`O?K6{=L<-v<+HtKre<FI}W_-J?9{ps(usTKUF1R%G>_5XmcE_
z^f_}r$L?f66Lc`wsEcf8_ax%SzE8(D;hQ@mff0Zazz~`u0Z&U4On1In)i`=k>8TV>
zcOF;BeY&~QZfUtqUu-DT)Tq!=tI(m5(OJkU0b<^(CrL>t_Tz;KyvzQ?(Ej=t$*OE*
zzT4zcU`d~M*)&rSn~|#BKNh(ZF{-qgC~jP*Atm2Qr+G-))I*0Ae05h@Jdl*1V%366
zzcFQQn@KRri35w9#S#_sCN~N9LXuG@XJ>`2FU=?eVuL4STB8#By}_80{WWydvhRL&
zugBs`PrVH}CUqfjJSj19T76#}*l(VS3gqt4FyjzzvJY(o+2DPrv}U`6AX!K-?<-)v
z+h^p0Yp2UT<kq7!Z5a`y)np)+hI}sWNPX<uOZQ6m61f$Mp!%+Zi5n|JnGbX<-)tyA
zK=WS9;<lceDN&P_lA5bB94FjLj{{pH%Ed*ERal2It_M9awEj(GWok;RK((?aPV)7}
zh#UU7SihPRVV<yMnsA(d+YI}U1(%Eb{TCWkZzwb<-4uuvB>aY<0EkAV)~gPNz(N_b
zsg(CAsb(1Qdx-(K{;7^QG(W96_yrb==ifzo)`={Jn8t!@cxpMvFc9dR4NGF55jfMj
zJllvfB5E)E)wg)l43Q}Chs7z_0BdEw@uN~J=lPBpiKLt^mCEF5iU+`x=j2}t8=m`6
zBwL!5?Vn|J3?^k7Qh=Q|`RHI-oS=>U{o?TbkdZACBGYv0E#E(>{LaGTNf5$Zm>3L_
zxETG*U=mWSm_niEr=Ut~?~4$u`p%AGhbFa-f>_By!Z(4;NJ3rPXqH^oOwx_&ghv4i
z#YsVPFAne#CRPR6?)VdYTmR3S(Db7+!CnL;?`M-;_(wxdy*bKevq~ieON5NovZfKD
zFBVt>9An<Q51nuS2!%>e;s9V!i0X=HA)CuiI*Pb*g{EzT4iM?(4`Q=7^kr8fWi}!q
z1*Sp6yJ3`jPv&=~t0txLt0}w;H?|!g>#e!LKHwy}0%u)wY1g_^(%nqY4Rzr>s}I)S
zmaab)9TGP5|BqDPdU1pWiIa{Z0HC9d;=_{JH|O}A=nTH7u3$bS#Gnsvv@3`e)0H(g
zA@D)^uq}EbGBVN%Ug@JzDK2ZCJifWuuk{MEL@e`f20<6`pNrm@+;D(^F#swGA|!(f
z&4a_zfSh2l7ys<a%50s^Mw$QCi;cEM2d|x-9%+(FKh-$<q6<n`K?2X&b56>SWWogl
zode}vM*S~+CX4{z4v=KUUnpw-=XI0@8x~Z57!3xKF;G)z9GfY@reN`7KiFL0VCYOu
zS6Bx0a%1oMOE1`+D@972o%Wp>^gh201RkN3fKr+4BY6i!JQ_<$;98sR&*K^1s=j^s
zp2pbifI>D)8`sAxGo6N|&q27&{mRq_62wI0nA*Ia!3~iMJ$L>bav`#HG;pY@B$4^Z
zD+==8m`M;T*1!mlPPPIPQc^o^;)oiLtKI0RC`2PTc+>(<(h=UPLh^<(bu<V_6_rPU
zF}Z*=w>&Q{M~%KKt?MW$EA6}WuSaaDd@oQxkQSPbz3P9HgU|FLF^29AW%E>#h}XJl
zLFM5{AfZ!APB9aC*^i#Wu#_Pp2n@PTmIRl9QT@d4;n8VJjI1|SdTSDr0A$Kpo90r1
z0sV1gBc=2lpn1P{2dz3p7Oi-;_z31ydNN<JNAzd2rH)%TD<J|UOhjJijK?5GE2Rl|
z>|RW7(G!yqA0C_vcw4Q{?1b-*Wbm8ntO>iXb$Cp_zHUBLE}Q)MlQvOkL7Rc}UKO5%
z8$7UlcKAsuS}edJFAlzt>U^Y#*-84%GOLj>(RN<rFFr#uyCV+OYw-_du1fnUz&|gp
zyE7WvNTD&*64co|rYeF|d4lUOH}!uks6(&>h>6qbQ;}nE6jd$zL%0R389#RXO~CQ@
z1whumWFDZH*+P-34RT6Ihj84(*@w&$$c}~<^1ARif^{P3=yaU+2`_&9f)A#L&(Ga#
z_U7}j6!F`M$cd%ikAC^4s;8PHk{1GCFRc1OnGKdjVh_4sjz05>qg9X+lTAi7?s<@*
zq6`4a!l9!Ursors^lEvtP-=<(W}tt-CoHK~siP36)%O6WT4ygtJ-ve%w?D<Iu`riz
z47^d-9!*4FVJg#+_bd$K$===i_965IF{(_<#s&U^!2HnJH$1I0DM+cDKufW~e5kCd
zZTH;AvQK)blC3EgE5zC@!JWZk=_PEJ|5*IeuK=hc$HoH(WII5ZnDfEX?`-_qlDgwW
zoIg^<GZJMv_xoT-RB2+`G{7n}@i{|t@7ww7qS6FtuD_iuxn*8223lsi>CjwbV`C#x
zrU{i;u4S$q64zj%X&>aNF5U-EkcU^esFq{)C*>*<2I11mi}lin%@mN73U;2o^3@rH
zfF<V=BnqdbCkO;9@MV7TsSfFAB~h3x<3f0dBQ0Jb$iQ+wDYbMWi35=kZkugSUnjv$
zUJSlwxg#4KP8fFA`3165afl#?zLhfE2evSM4n&07O*bjW(Q8tbI+psXLuCILO&fbv
zWV^S%BN(YzOfq7D8b3JzE1X1M!Gf>b2CDzDU<<Jt6N%&LF0Ba1!($f@P`0Zqc^DcQ
z1jXX1`s3U{A@{4I0EoG_8dl!&md)+zRd;3O;*W1A`B6jC;GdBQbT6X=t*y2ZHGEN9
z;8^%IE0t`{isbbw*}|!H0E#nH+KvY6Z}Qv4$F1^xo{F}Q<)5LusBm)`Z7F|oLRv>e
zvCO@@PI5Yb4hq$ySmwoF{8VsxWUUz06&?f(a0yp{6f>pjSf|+>nU%O?=?Zg$1UM8d
z3q2P`_4G#*#;24mNv0(L%22p|LqSkk&pW%)VL2|<ES=59@ieAcCv)oM3%xxPt^f36
z*~8hw4^QG7^(<`X<m*l2f!c$2*7x&EUTod;e=G_&?$^7z#K&3&gdOovW8?DVWJ_lk
ztE-QrU)SgfECrP|+T?QA6%|?bM-WL!NT6VoMQr^tci_?FdePleM49qhSYk11Wpfou
z794Svb?NYaO~PmqSr3(ggJU7IF<@q!8R@!O4hjlW`H--9s`7x&y*z&RG_q$-Ghfx3
z*$);ZZ^Game)8(%&i;Jw#o{9~N~Hs*#kp}pd6@hTTQg|2j$sM@1YRE)&JY242p=94
z7A1Ow)afQBAlx<V=v_=7CL-s}D9jqgInn(uq5+AT`FxSB%NlC-3^)wp9Dd-?z!2Fm
zzEHd%U=C1K#`qVd+HPR==76jjgt5T(hmNO}%lCgQu)Epy+COtlFAc_nsbt|6c`0B=
zI9N5rf=l&tatIU*`B_9I8xe(^s-xqj#bc76^2Xh5Vv%>^MJPDy!(F2OiJ72ocwn~~
zr6{_bKS?i}!{n7R5Xnca@ObH=6evshA{O?lp`Zk4uxHIk%bkq^WJ6U^-%kuC$G}4f
zV`k?6rhX1TFi}^_#h0Ui<4hpAY<1CqN(8@%p9ll;F?>z>KM*46>(9RY+y|9NetQoi
zrZ%ZylU!(4Y!2nv`k$>r<W63f&-n)AlqruZYd)<Us?l42wx8qJn$Oc?V<~AI;;Vkt
zsDdb+!ZhgKlgRd%v$XPOTmf!bs8ZRDAq_gsRH*;mYprzpc;!vfbJD%P2s87_3=Zjw
zu{&&9d{sVww4Pm6@V>>2CiU2Se^DhkADUgfAdmO3J~AP=LP6b+99-DXGJac8uXq~h
zZ`4ip;VunOKUg)gW=7hNSElTqYJsN>ki$A2^lSB2Im#=&ye`hO5I9)S38yp~1h%-Q
zP)wbY2#^d8?a%#*Os2C5@gzrzFI7;KT=YSk?B#9H^RGV&6b?v1pf=|L+z%nFP!~L*
zBG^dqh2k;<UfRRp&?Q{?&(wB^a6C0|L40nQ{Dmx+W_&9pOcu4?ecYfw<qYLTuk%G2
zt-DfZ^f1JxNJmB-T7&+Ej7~QF<65WB=g-9si^Wv>c>n4`oxz-BK$e7Q1(H+dznr4Z
zUTllcK9grGtsq^2z;p+(w0-<V+cv~(;{KUZK5cOs13*klsxf`&B?9<NM%N2Pg~mwT
zffW`K{!}&aBE~?nI~P+45h-M3Wr+VyF3PD|3<D9wb;Q+T(U37qj*LROIDHSMTZ_h%
z4NCrWj`O21Aj^t#s-9xpe15wp6cyJ@bh6M;#IcAgIocx;Y>xPwuT=V?JMazKufjdU
zWTBF_$&c(ovbG2<_$w~fK6~4p#Rx8!o1fL_geZ!d0b+zfnR}QR7{yyc6`z9`%Q4=E
zVP>Q47NE;8Bn0Hz44#mD2o%%UdFYJ1Hv%mN!a~3pfe`-xGB^A!poi-`vDFz|6Bppn
zP*h?H8f1u57WMwLtdUoatO${=(2H-ZEOj+gw*zkgXfhpdLPfrQ^DyLO_dJ<039kCS
z%Qr+|8?Cu`^AjR&^=PGo+z*ggNxKcNP7ZjQwqj<}?6zA*?Nji_G#iGKq)3Y*0vh7l
zN^FwmOo*9}fh*Axa>1o7EmZ*L(K|nMad7DD&P)h<5TLjbs6jL)E>rS{3sjQ*c4!LK
z!u({RLsw@CK)fI{ekDA9^<>j<c$Zm=aQ|gOqap~GDFK$?+~{%jrp|IaQ`pNbm++fR
z>S*z#Rj<lSL~5iIS5zK-SfI=%SP>3Z0WeLmqRCg`hc?H&`cGp8VJXQLXG{Tynrjuz
zWJ}ZnkOkJm_SQ+LHBt`C%IMo3vp>kze0hK&V9DTc2nm%>^k02We_2vc`_6$el<*dW
z*9fw?P{hp$T%6Qql@jIX!Pvoe|JNU#fWQ$|mZ4N5AQtnhWX=`=M+k+iObVFuM6_`A
zS!arbj5ut|>}bxeqeEDHT~ehtB|4(x_h!?{TGMS;SD7&~Bjwq_Nx_BuEFtxN{xVWF
z?uFh?^ACrCCC_)oPVB!(l1d4dG;TU$V?nOxLzw;W9-%%jeT3dG)zgJ$9Fib)i8(|I
zCYQ-YbF@>O7hiPGOv|4NSYKvYO*ujSxygX$^~^Jl75e<nx#!Y<Jz|m}>>ZwXgW%ta
zDqq9IlIPo#UoMYz(Dbo(JOZ3&2bS`mIqD109#e2XyfS6M4hfq3ma}X`ZRfY4yiY<;
z4JK{E!q};0FZeQ*_|~Q|=RLJ$$Vbe?d)(yD`az3JJmL%XXfigonU`ls05~VdSR2s>
zmWtgwAOd^k5$6pNDblZVb>we*9;t%#?{HN}!iyJX?nw`9Pg52d&6lsd*KUb8*KQl_
z79g^l9$yGwe*wD8+r)X&-FG@XB!fd^sA6T|;7F;Nh+L^Wkfch7fzl>8ERQdA%ObzA
zJW$3Yrzw*r25jVu)3v4N_)&0;r#X<FN0l)gB~CZ3FJ70EaiB*}OY9$u-?76NnPbR9
zmjt2SYuNrqpREG8G)vUQb?+L~ND!$ha<-kg8jO%V<u*eA`EytafCBpx&3Xt6|Afsq
z?!|(ojO)j2$ydmf60&%4;2`?Yk&a>u1Q5cj@ms88(a)c)nsrKMj$He@ZiNAt&DVUk
zJW_^V?soW{El(Ee-li;f`k(+fEci!3n0iMhZrOmYTOWqmSVC(-jDb{?Uv73!1qp4(
z(jcpZg9i~1gJ5)PQ5r`gI23*S#SQj^Cu0Y=K1dzG;c5i+X%HGe{LM=4G^xYoID>+i
zAFugFg)uOUT~DAJp3i+LNiqO`G4IMOS~My~GiVj6fA^h|8xUiN6FqnEj|IP5?}U)M
zN3_lSQ&{#WqHowtn+2YNJ$D6Hcm0>>+Dri{Vi-1OTb`K_#I``p!v44sJ3}$s3no=2
zauemnl2K&*0Yl6}OOtK1d`pDLRsTt=(gz$E4<V)#MvITZ1DjhMEe~CY0pMKrbrGKV
zg~NKQMxF}r2?5U%c?rw<MJXthN){*VUF2&JMeaa{-~ErL2g4nCebp}S@mn8JjBa)e
zri8F(eYCO$n{||xxK`n{+i$)cEC3oRm0y*F5+r@UJ%z*aUdp1+F>mr^R}+@%Nb)8Y
zz{o3I5Ky8kg7$khO$-`9bmM?;sI}>M!hh3*pLvWkj6dw?Ppt@Dhf}Xw{bS)_01ODp
z18k#oVvR_8imr{tU~S|%>JwpBm|*$tbI>+)mhXm^y%U`<iXuaTj<n!6$n;~X52M}(
zw_HYo++>FQ{19A2`hU@j!EAVr(x=D2dMKIJ*La;p$@+AB>9TEL9luIdNw>XARyKPZ
zijR*AK?O$O1&W0Z9Cr^=U5#^4Hu<iEx<>hMK{0w_LN@u_sx0BVrHP&$_8e?<rMiT8
zS4I|U_4}1E)K4kn#gi+pj%seYuKJ&A(g<)EkWI;Q8X>e{s*cglK@rw*?X2Z0gXmau
zjVAlCL)2Q=O-iHHzWA9x%FmfUOWDseb<agG+Pt%oriOwk(d0*5)ze0T*;D_qXsW!B
z;Tn@yms}AzTnJE)=Yd5I&qRa{U@8R90k>R+1gv~%s;u49rNtmJJKU0Rnf!qtVv?iE
z`D>^A`<2a$$a|SZ?%MTLIEWOS5>6z?jIg07h$f><3Fy_S*I){Kjh`bHJSt^M7!=VJ
zR-D01WGaN(-G$u^1HSm|1tqYT&)FCgzHFLxJ{+86cJW*4d70t(FM1O|xVMTIthnF(
zmg<<a;vxR+Sx3as4}72ZvH^z!5#r<-NQ}HK^^v5+nBKNd!A~+sQCwgDBB)09V~XK-
zP9>M%<w^o_gqg^$KOn@wyOL9Jam1wVXnb@?WN|pqdIufh)C{iG1Q0a;<G|T}Eb?az
zT<yrGlkC57Uxlap#mn5^EK>>BWS!hwVx&O*03@XSRzJfw=~SuwolIU%lUdoZQ2BdG
ztY{vT*U}!o!on*kSXjNGpPCl*D8i`Uvnn1DxQ+Ar89zk)YGyoU*OvVOLjf4wj!x`H
z6IdS;rSnB00AfAJ>Uy<iUz#K=$KQ0gZl%VKM%E;J!O@qQXUU*#umZj)T1|oA3xu2~
z5i-X0SgX4z^^K@_sobyQ#DH1(n-X0|Cb1+xB(PV=puM8tzJ)T98S8mY(PXC~OKiPQ
zpmV_xE%_<!z6RP~(U8qY^e6<sLx^#lO7(Z{%MeWFnZ}|fHZZ;6Cy^mFn3L-LPpcbf
z^^5%AA?RmGBI=~xAd08NFSyB6@Rk@k0xhRSay&0PAct{0mdyNcYMay#L4x4tU_`hD
zg8Y^x8muiJID*cIjzrJ~L>OJ6RE71ojPnC>SAMcj6TcCc6<RE2s_2hmvy9+4^~gN)
zGX8LZD2nP|ty-c{W(-s>YoNd=ZLrY-${!z^q(5X@t|S%2JHm_A931h^mYU8=iZa2u
zot-5Er0#lk3lX{Wp<A)BvGig5rVtn?F83+IIs7w*%F_qP-oqC-cy5?g|3w;8ClR0G
ze@u@b7o;bn(X!_O&9>LO=93FxPfg+Mpm0=O#ij_Q<T`yLe-v8cB-_teT2IztbN;U`
zG}omZQ4o!+b|i1vvuV`Od4>V1u-GG67#5&3VQBE&3f>!OF@06)nEq)D80&~{D@PT)
z5gV)D=8g;6((64SF!yr$c#zRom!56s=ZIFoVzgqR7pA=kd+<*3EQK*Ux<4_mD8}+z
z9_@bk<xio!av`LIyob1FV$bdF)`q{!$CGjub{bSIDBXh1KZQM337~3~_K!>;51hc-
zIuw?eE$=DnWPK|Zia-(QD5~6spwsgy>RCra?9F<ri(kQ!HLsZ05<OxWYxVSd3O)lk
z?V*SOd+rwnaoY+}w}9F;bwV;Y`jR$mGxA68q{4NOALXGvQzd$~tp$Ufq^Y}#dDsN%
zKNe4ehX}jbzQmgBZMkMn?;n~VzON->>7Bt##t?KFO!AZsWQD-dPKcBp!)D7<sze&k
z8v+DE&QmVRe004WOY%tSa2^31z*cH=ilkq5BTcI8OhlSQPmfV$Bn0q!jy(0DbML{A
z{Ld_m2DSU;R<Ng9^GLO@(57OMu*AW`Tn?vCzoGIC+vnkk1Fpl!`_&FF_mjm2>**_u
zz7br-UpEhH<7uK*Wo@=*W_)2=7Ih3bAjw!6oPK^&5{~!4K3RD;Zp^L&&%r1hiqa_E
zZ87Q9p~&Q^U_AJ}co(5%ajsCBwwNkHRs(H?i`-1p5FmTckwJD4X>?LAQbtOVQ(z$Z
zqWd3<d`APW_E8)kxxD4O29zHYmw>VXB0VwnLT_2|bre6Xmq>`;ld%103~W#gCop<W
zdJBw@8ymZ^v5~`$k<xiU8!g4(%ebli&fZu_xOtTg5@OS^XvN*dj-901WWy>=uMf%E
z2<*?bi_%Ndonvpa-EJJ@*LoHW1E$$^Ty|HU42smAHG(+8T-Fksz9--hre@Aelyv!>
za^o*iRFeQ?V6K+PYV}fg>{jril33#UYfZH)R;pdvR}nw^GYF85Y#o?8j7qo(r_K;<
ze?=uqh({xUT5v~WMmpntwCYG%;FRVdi83mSEA2>Xb4LMlK?3?A$}geon5l|OPj(GI
zP5B@HvFN^5^gT&Of>hMx&rz|M2x5#_;q<l??TZwus(W&f<H>wwT~pY%s&5(d7g@~q
zD!Eyk(lAvPJSkja;JPW+AXxeO-g_vY0w<Kp9=f}Vst^GH@!#_8!C39NiAOEsUIvUR
zP8T~(2O3Xa1;2JXTNM@%z<GlZ(B^(((0IK)tt6_DQvnX!q>p+@mNN9%Nr-&M>$xo9
zS{*gG)o$61wEG}SB0WlP&kdy_G$pgVF`yR22$Q4EU71(;{xbMR>Y<W#X*_b}O$Cqt
z{DtDT$XCW=N~?n&b|*1tzY6;Ag!~zsTw>+|CL8F0diJNi`LPV`11o+%pL`;K76%93
zZ*HyX+5cwOI6+!;!V^ZXzGY^fTI9W?vFE9*)&4djku+=FK*f3~em<-o;AqN}=1<OI
zO{JA_bgNqfwFDx`*oF#AEeDtxi?QoLo}dJ)R{fVz{%h9_C|yf-tFY>XW|_usaTSAG
zd5cQ-{m-X+ty_wvEN7kj1cMx}(t7yaGsHnEs30VfVOA#z?;onPk{UEJGjqpKEhVIM
z$Iw9{t7w9WJ#~E8J6v?_V0QpCJ`w4N?@34CHFfDCneWq_|E>6t=8SJXVOpL|h}i&*
z?km0s#GjL~_?FX4&c#I0bI22&N{I;8FpDF$9-mQ|j7`cYDxQu@(;M1h#oG6U$24@Z
zM%qBU;phRSe|1rIo`A5G4q`&3X$d^YZI$G4AJ9-qTz;*gsP43+;E}2M?)ot&uLaRR
z%)BZbqK5gcR)iy}>yy#>L|(M$uGbf?FuZ6KF<D5jqqEs{i8Q&I`$4h7VKt88@d@UW
z@62fl5;UHwWY*@Z+p0$m-tWoDp5S0COssyDcJtxH6+yRsqna^{*T(z7o&M0Ht_Y5P
z?^8;NF}^(#BF=ijDT=_4+=mI-bJNomgXPc}I@f|3`?k~6_qdf(GU#@s>iz^&x#;+o
z+=I)>ZC8?GL{lUsvbO*g>)KN5_m;{1XEcZu>zVVj)9?AXf02~FJ5<Wg3kT++$9EHP
zz8rPO;-K59NY<49SO9G?bQ~l*5G}rKm@YH{KwEq@Bcq#%m-RJIBe9YU1s!kaNlHi9
z-|6CDB)+9||5>S{KUZxkt=F(LJ<Y|=zJ7lfkL6FAOZDAR*F`j5z{lc$JY5A))n5~R
zbSa(Er8EfADIL<?C>_!%jg)kEN_TgQ(%lWxjnd6`{bu;TaU2=pJ$~oz-93Bm?p}w^
z`=mK$QK3s@(tsvDDa?028sm)4(WC}aePE&4>OZ3^K_gNKe}WJZz|8s=daOYa3s>YO
zog2hc7zA!=S$gN&gsjEzOXfXkTMI?dMQQD%zh!GIDH)#2U|{Dov_6tCL-{`bfk+j0
zg6AmuW65oy>BKR<&r#gR!Ym`5cj~7Y=(JB{WCOo+6(%KM2S`Q5RPBkJ$D+rU<F{-p
zu%lTUq1;@^O#4`acbI4rZ(ClET>gH>qI*|BH6|AQd!gS>)I948$~0O!T3@BJ3Ut2@
zNveHi(y*IhQ?Corv%Z(vokKH682(Oj%vfzj8pbr~;~R;WQKAr|e$l1C+rte_GS|Xf
z>OakLn8I`6PrwF_k}TfU+bq9IqQtgvUN<@0%#%@T&lU_xU64xjp`sR+CJzAZvm!*j
z!zQ^SDx9f`p0(q_DIci|{c*?~*my;x_9mtu;&}FhjRPQ<1kw<SqT|3FWbg9~A6&9r
zDx+I}bf{ha&y>m0Y|G9ppII8u8<dQrd<C)*0)L^C3*!g2wY3R{h%Rdwa&r`?ibuIG
zT|uv21)&1H{^eVu4ctjbYubw;vkEL;vS%#hsToNMUm~)wdVLv!QoPaBqH^$V$x)Ct
z3gz*A?+Bss{)JQS5Jf8B;d*<%Hx1^Ft})7el`gjkl!G>XsC|kW79AXu&3Dd`(?!8P
zGT5t|%0<J~#4G~pLf|lw6fKl5Mv_^!g}(3G9>nmXXydzG)U-2A&eFo%8?-=LE~7#6
zwmq9S1vFY3DP@bW#wKD{j1Gh^@zcA!-m;-OmkRag82pAAbnml;Ff!0lwmQdCZw!CL
zk2i@f7N!(28%YbfFC^xSM~aAoiX|g5`E=yZgj1hmIh)U;{|QcrmKqm6lxV!A@it`F
zqNJKTtV%i$v)2w=EaV*9m^prFk|pEhfQiTb84I>>+bC;F7>JL8X%=yEkt1W)rDR~A
zsD{)$PL#@P9jRO+2@1$s7+kz`SxLgg`^Z@d@#BYI%zVdiU?{a0I{e4FW|vig(Tyl6
z8mzb3GwhbP?|QyD<Xia*_lXXON|GB<V7^z91{w}H_Y6rHZq&1hhzOf0X76!j!VgQK
z+^{U-Wl*;9{L~lhL&^Fn1s^6WBpy1q!aEw4tki_=@P_;sWm*<w?JzrqACe=2{~HAo
zEkr5+zrhd|oaP=|@Bx+nqo<=vH18JT;SI@I(#c<~x>ss+BpahP9$veDK61V;i&taF
zraD?cnVEtJQ7My_5~a`?O_(a<t2ZaE+vx1pGZ#H$k-CpQ^rP~<Q^*CjR0pF-1VlCW
zf@!-+|LB&yhIM?L?eb`GN6Sg$z#X*@qmHJe6i3@-Rs>b68&Z2+QT0>9*J`pb+>1fo
zw0@yhcmf+eUOS1xF-8iu{Ko$*gWmT*3z2O01*8!x-9h@JcvQVMbbeZVm4k9zaa2?>
zjs;HgUl!IjjGJjwN<0{umeP|PsUrCVx_qq?cbQjnpL61dzLQ@?%m@X)zW&+-mlns{
z@SDLI4Gw=lYT9`;%C`=W4QpPI_YS%KyfBM;#@a13=$O9g##e<ZXWi6Ak@6FMpi&I_
zHw%n(SWW*1ub13??1ixYRB0dX-g}NDOMOEOA4<h>T>ABl#pSOs&W)jDl0RHKBn=Kd
z`1Z%t!c(cT{;$I#$XG{`AxbSSqMH<|_}A{v$FBS15_Hp9N=QIa2r2C1Up<5AY3tnR
z<n|3x-C`PzvNIx)!u)3TE@ec30z!jl5+23F(1_elRVRz{;(O6W(5vil+^|;?QGXrd
z@QX`ykeqgLc>9Kk<ou>!e@5BCL!*=PCzi2<+to_+LC`B_R8uE7#i(vEVMaH?&d3nI
zygpZ<#~G;{FYFyQTTEa?TyuyF!>g9jVX#Msu!@!!HTQCfT<(|L1qKCXM;+3l<ylEf
zL1;uVd#iTb?9wzW0!&DI#K<_C9P8uITiz{*brF%Y^dWK)|5vZ2t3_xy)aaX_;DCqE
zg3Yb|*_wO{R|J(q7cIBmY3!#QFEQ<2cfkB-{)SgaWRkQ|Zafxw_3BX*^U?T{+13}-
zw7ykwD*L*6a4`!!?{*r-L=9}o)rn-@mvV#;XH@P5nBey)7|w(n%Nn#EAB7m3-)(=#
zm)TIDtW!M1XSNj<d3~6hA5u+zp8`iyJQ@|oi($M{8NdG?Zephry(x}|qNrI#g7mTq
zSMe7f`gB`taB$eys^D!FwxIpXl9=xEv=m~Icb7^p3n_66)4scF%Q?R#MTf){*xQ`=
z18$r)>Hqy=;3X6W|7Z;-_WTzH4rwgnL3^%%<Qe1g#!wUWW+^qwvuC>)>@3W}DVi4w
z+~4LEqmja7#imPw7lDWd7K_JCI4r%z&RW_Kp`=XB@FxEg{{}<Zy>+05{m%m#Vk_B;
z?hsNny7=N9w|3Io_W^Ds%BiqvFn&D2i3=A*eR({G`E7n(#o<{-Zg1#Um0{};-ixNm
z#Kicc4sOdO>+W4rv7B)w7F8xv;N(~5T1d6L3wXbKm(k13D%$fydTy5U*M<&q7yhR@
zo{vBLX+omhmNu5o=stp!ro6nI4DkoqA0UT&j&NV`<-;o`?{FbVb=*!@puQxk?u|?9
zk{{->*rT98|7oXF78nkXU;MqUc!D}wB3O6;iI*GJDT+i|aB*vD;K9IJ^%)DNUez?+
zm?-)^CYi<BmQ-2s_6_*d8r>Rh0`H$cyu^Dx#2v^qe}_a<(d=8pDKh$F?rFCm3bB^G
zrCXP!jdwnrwZN`@k#Y3`PF6~>$(Qcr!|cJTbu5|2<0oTh%Bxfz${ku<#0A<6#}`QS
z`Sb+HUH)ga_i&I}lzP><E>;X%!uRij&bm?pu*oF%pl2?=qjF`_e+<rjVFxQ3O!ZAj
z8VlABQL^{IcwvVWaVT676^*QSwOeaWH@O?rbGAMMQ(s6D#?=Ter8R8xQ%VZ_QI2An
zn!CF@8WCSsM3Q9ot#HET?RGtD;@A$ZmK;shYhOoPA}nR3W*%v7BfO%OWUW!%|M-Pd
z5FGUe!#6C-GzdXx8nFhW2~EauWiq0f0vXp116chv(Ktkm*f25H1uF_vwqtS@k?^GE
zdDH#cJ>>$~5|t9r1Kp!!+kz~<s`>#`RX|0H9*Ml*$%y&!Ck_Lm5otljy5j_a;IsB}
zl8ZqSq2_drMDwX$zbnwG-3yv`8+-D^ArjT4^6TU#C3%G_41@vlKlcP|rXy)}4K41%
zb!y58Kfx?YmEwIm6_XDl(y~}epmvEf^@584oLSB4wU~Y0nMekVF8PhW!G0K8ZoslG
z6rQFwxm_wN)Am+-@hI{)U41268ZPWon`G4;q12lA`B?qUIqfncbs}`m`t7pwXS*Q4
zM2cc^BDNY4|Edt^PMeo4iz~nMzMc!(9O^@F2o(klL<$jB8VOQ1uQ_0a10`}gW>J5M
zfzRD{*_TE*Gh2zyZL5`Hvs$Zy`_fcsBYoraYpG)-ss_Pt$<VWzFBPR(ahR8Jv>MyF
z0bJmM;LsV3hBC)bv%p9Bs~H;@qWYrlry_n3{UD5qgy|<aS0jU4G1U;a52Yo6G?c*#
zWjfkPU5#5eHmApsV8Yj{7@fhl<wUL+5EK}=J)9~b6og8A$|s){r*zvsiccr2+iTsw
zPm0S@a$<6q#Pl=)mrDMZQAd4{u9k3Il8V6eg`4yhRC3}m46V`FD>_4H4d`HY_eY#(
zEW)tPs5hWNuY=NSNH8YkEe2g!z5qQ;UqINpN!rhLM7~HE7V`deQWM5+3$Kbe@uruZ
zsq*ZQ;T5_jzU7`y&9a#VBSXc+rS$sDE784>X-3FmXWzDUYO$S;%h^MqfVMAtVChMw
z3fX8JM^}<wz4GgfR2)ijyI;&7HCTE>n>w7&<3|oBMLX@=MiY`lQ#>niaPcKaGxEbv
znv3^v%#J%PaXge15E;xa{L$z#qVllhLv1EIW-&^<qdr(Cvfi^^>qg%VvP~_<&o7;+
zAwJCysz*dLgzET#&TftM?kGuGjOF2d7Ps6AIL$ko@AHOeIq8&NFkm*n^NW+Sfaa_r
zkAiu|qIsjZ9$(2^o06u8*Y*8Ic=>V^U8Raz4ZTZ?P-x*=aJr~7b&=J<<X+l4p_14v
z&))amuu6Dw^KHhpCN#Q)6c83A)Qa8O6I*2CBF;#LgSU>E#&T4#bqM4d-RS$uN?O_q
zY6xs)dy>HVTVW-sgvB)DQD<G)xwlrz3~bvT;zHJx7P09NLUnYU#IRU&L_KLNHg_er
z)S^RkT-VmR#87Yr+DyXzSYC94Oj;xel~(@)&e+)LLRvhn#BtYKC}VMUu>@?AoNt<J
zLTYI&MU_J67}0D_R+Aqry^c~Z@^W+v8DETGa4AbisAVJ>^_{~_k$qkyxe|%wg(Ah6
zE~8ofZx)E|i8#{CL?DU67Lm!8eGr$qKpCe$)!RJk@8QXX0}kSa))##=8uc3~p@N{O
zd?&-*deol;Cyz(BDA{e~>HQl5r^H}vA~WuQ6gBW9G0j(cgSdN0_-rn;9!y(DRN379
z>4Prr83#{QvKtn8vM2VXzh08+8p-@plWtNWbkz}ugUsNH6!oRK@oPttf19aPd{j!=
z()uzWn4;bVRWx;NK!S5;ymco0@ovc;?hQhEVi&EjwY7{wbz~70+CZ^|B5{*9Z65N?
zdfwy$atlwtjcPuYhukWtZ;O`}lP2hWYsi2IT{78HK(_o!Iu+lcE(Q9ywT?L%`tbD#
z0fEaYNqfSxT}WN!ElEg7N}Z*@v98lRln|=bhI2kx#9&QBuI(DbzfG?*m`z>O@T#DV
zT!t&DlWkb_YH^_TXr8D=+=+T1Lg<UArd~5@k3Mb1luDB{hjzkj+9AS8R7l*)W7XC&
zEXPY8$*tDFB^ui2;;5NBGt97;ZO9(~HMAaD-r9{HD_l&&(_|6q=%$lC9Bh+pYrHj<
zpyW-HCDNk8nx}Cem}T>GV&;s<0$ae;P1Mq?@Xxfg`<_GfHQKQsexm3^pt&(h{Ew8t
zR+en?Wr3z@Hxq8`gMNX}Vo;Ixz8beNCCZ8(5X9~=o{g=MzjJzVU&J><wpgw1%E!jP
zhiRkX`zbd%3fezo0UhjIZgKO;ZJ^ypB}pwOQ3DNuMd_W-cVEq>ZfWHZu7&!eb@>)k
zf98PZOERfTxXCtFqLF<^v7#3!o}+SbO$oB82oTu)5B}LVDT13S9FU>EY(culNtuf-
z0~ZdZa*uWs7|gj8f?0?CZHFdPbM~G=!`yhKMm_W8g}9%c7D~T1YeGUu8GosKm#335
zoejKW&6``p?)q`Ae9WA*wLTT=d0f8xc8oUfe9I_D*Fv*K=13L~=c1AjDT%t#sOXz7
z5A{Rd4=36)vT6iK*Ra)WkYCouDGUX2x57SIjG5u*dQAO=+Jj4qH^E6mpNP}tB-P>w
zM&IRANe&B|oSufQ?Y@1+qAV-nR=GGNYC-ygSdVUFX<h63z5tytOcJfWG)ddg-P*k`
z!-c#m<M%`C&4ZzGjXFEs;?9Ln^-eHMDa5-fFIhil*U+(+J>tbYezIVWtCJ@n<gcD7
z^rlky7%F292|M?t9*)y=ICX0HoGe{QFS5%6)nWWqt<>S0hb301YFs!ZUb(0jN;$i0
zh?0R;eaNhcDQ+`gMT9q6i?aB2D>v3B>kw`8sQS$$<nyF_xmo`bIu*sSyp8M%FT7;g
z8yc>J(NfVEF9vU{!OS|cvJLs0#6kvjncbeXjoSp{Vkr?}kpZZ&{?WSm7#X9`ttb>-
zW_XA#JLE$ET@c!LZ7DLvz?)|*+S`7_8P&^AOH?BS_V`VIo)fp`<eQxKs@D6hrAQM^
zJ77ebm{{w#i>Ul&s>v{QyU~)#^Vcgk9p0=K!xsj*=<FGANHi4{@hDmYE|u5LL6!9y
zyu{Qp+q&4lW_A<Y-ri-On-|n^X&zY~w-&uv(4HtW_sh-`Ux7bZw4tZo8Tppx8CdQ9
zgK642b0Leu<jQ0^h)OESPN|RIqFW{{Ui-TyExTms#K^}M%;d(nZwWAha()IM;>3d`
zv*{_#aaC$I!@SahSanel4I;2C{)AY;u=V6uqheD>F0tf|3w_Sp^R}N+S8Nz@PGl9y
zFvQ;|s7oHf&co~*ru;<Wn<jxML4^B^1=Fmk_ElrBMUl}vCKRiZDI`1Q>2(L6CaM+P
z3AhagmLB4-F(V^>ajUS$*w@a#WYp|$u-;tTOKi#HrVC~<X{fP>*Srt#-fL(@9aDNk
z;}({c)2IApu6yp~HyVD<SORuY*+?A*cId9?l4P;<h_dm*shKJ18!-KglClLivD9OU
zf?K;d(2zJA+Nb%|@+UV&wVCQI-QmjN0gf{4tl`eJIP0$*yEBQjM$1Bsq?D9ub14oc
z(CKA=hbuP@)$((oY9Z!faaC`*`BuslQ%A;3>TxnB34R<(jeoMBMBaLrQP1Be$o~pP
zE@EsEEm@IS_0KpFvGnLUP9aBL2XStKm2TiO7S;&fnkT0$4Wd><-gG#m)tPA(dmc*t
zlYa}+ZpSTX8w%TrFPJ-n@<vZ_96^VySdFr{bI40STS{0nvG-5WqGmWjABOXVTl5A9
zL}&#Hz|DAA>uV0yS|M=um5tr0cTtlsPF(^UsuvR5G7x(A%m_O7(2L<TRy3S>6z^0m
z?b=iloCXSbNSi~1kJ(+=hK;H9+G{DoHIf9Dd0pbdlXf|h3zUO>#4t>U{2ANPjl}6K
z$tDX|S0ajd#=g6+MTs=vZR9UYh#WY`?jU;7#*ZdD4$qz&68Lkh_Dsl=*3-BR#ZZ1u
z!lk`yJWp36?HR9hBJ0Z^a$>7rPdlFsWM8E)`mYZ$e0(3jSnB3>Hy0_<eUXSI4t7F_
z6+%E&t<P}72~TxFI+UL>NJ8Wgic5XC^Wp<BVVu?_9bsUFM$;m7%?(t-$g4xTYA9GN
zk5c3GWQ;tI*VqMlMA>QktW+JPI(EO~mx^_HGKwMG3#3Mc{M>muKa#3Le#BQAtB}q9
zx({MKuWQWC|G8q7g1Uzh9f#T9%QS;4@P@n6Dwx#;1*+57$gHZviI{+HNj&<1%1P(|
zs<ygh<Rf|hwKb{c8l%C8Ju`u=%PWUX!^7yqtifMM<3GeKowymDa~TRidAwAE6;3Ld
zaB|907h&pm9BBoK6Jn&ITK-`No3lD2nipy`rF3C||Mluh$&;97NoxA#u;aINDN;@_
z=r&A>-*WE!T;OTq#X80ntDkwXZal5u$GF(K=9dgT|I2u$9mU*Qo9wKQcr`A<s4y03
z-sHuD1p*fv2ZRw%OEKywxJ;|V++kR+<p(5c9#*cuN&Dk5$~NgMXq7p?&g0`_^T~WC
zr)lTor8>)5xi^Saav|6azT?Ktd5Fit*(}vuwz(Ua1&GL+1`eBer@H+#YTTNO!-p)!
ziY#z5^9vJBT9@W2eMyIlNZW|VKb%(vux=+R=HTI~?}7~Tl<b%2YGma~r0sv$w0l**
zL6X*{321nSAoG#Q*W?g6()bljvG4#66XK8UNRH!eY%_r?jORUK>Z2lRhl5zNVeqK<
zYAuizr#Ym^nyw&&E0kWaDCAhV`G7kCF-BcqXMEDui8GL6E5tYiH!6C9V<H3h191Xp
z2|pz9W39sQct8zIh)rkhaI}E>nyV-;4z64A0bJaQ#BWrsK->J6@rW*vN`v2iHKROt
zhc%-aZw<v=TsZdzk#f=P&CGVQgGg?dPiF29O$G5NsuD_uxHHp;4uqAW-kb@`;hLxa
zrlfUrt%&=vv*lwo+&kc5gI;M?;j*P8vXxxYvtQr_|Lr)GBZtuuF5~l4Ldb&V_H6aU
z2z>6Zk&OId##d$%lPF}E*d0bLIXu2KeB6Uss{Bk|^<J*;KCeAM2R&oaAU*eqsPfOp
zA)cy3T9Z=yWK~tNv7+5LMZ!MOFAY5Y^e)P;qA0h}r(V_dHQqLrG_aF=KkN826rLdp
zA#(~Ie(~FKSYOs9z2Zh*jhEA2@Vo8;0YOD+%8SChlqkvqipDpi3PB|5#JfIjg$n3c
zU)*6<nG@02tXlHsnm+vsQ7utp)N7qfvwuzT3iK-eSzD_$pPX8fi9K#T8>#SqI8ek+
zbXwXAyD3B<(gwq%=wR3ULx!sqtXi%@4c#tkrOG%>`m4wqg%!R*3C?ce(sncOf-2Mg
z9-)vIhP0Ny5qk;_<DpAN1<hcVHEJ)>=w0wqtml`ij3D#N;}kH=`l(1tQ_onmFzyqH
z;Fz6x^~1*Pm{`n|{9r)sraCmG6f$LphlKNJB5zIvQDP42TnD3*d!shdcttR4f>NYe
zjM@*dN)a3pvEii&pDQHuS#w+Aa2!4(B_E!8KztUhTZUx@p@cZBZ3AhNtC;Is4Z8f$
zJa<I^i!a}Cqs+-+ZogjdM&qwF8BWn{aYjWYNl-!`2S99(W_EbooQ6IgeqTXqO9a(j
z)QLK$Ur8VTtajWjbIDCuV;F3E&FbJSRvEzxc{0k03)xnQI_1Xkhb4z3P@~j>5sBww
zLRc_U2L7R)WdVPFgfIm^G<_#%WKAP)*ent$dB4Y(N*8I}oui=JZmj3dCisj6owm=>
z;@t-3y?ryvTm+7zjvaw7Bfff#agSB4Miv~0Q<SvOTV)fzA>Fq3gF1-GXW`|-@uvYp
zdS6?pUt%H}X&LL0a$}Y-XolKJVTa&S?#s!`v{4#X!IeO9DUwYzlvNFH?qWC+Ich`2
z>1QV|ha7rUOvBm__`m)t4wJNYC!mng#q*Pn*tOw_Uaj=H*ZaP=KlaV+!A0FD-x>4M
zDKl@qjrx@zGOfxXC)Q_;Um2Ttdal3Y)%DzdAibdyE_M4d%s#6#X~hw$OY9!E{J2Oy
zt~k{XNsG*x$dB<zH`cDs<7EqsBn&+M^u9h1JLpBWz-iswaa)*bA$tjT^}v&$`SCLr
zP-z13$9?e$HZ3yxJ<z;g^Ns9?0+xg9SrtOJ#}Z~N2L&u?U${)Unp=M(Qc2OG{Vee-
zA>`im5WcU~CHKQyX6>eCVG~oWM0LM<ZIK9igBjc0f`O$69$b9uHnDV`tMU30B;Of`
z6^$pB(yWfr9%7gnBu$9-Cdx)kvdCC2`nbe#@pD7oYqHg=i$HiTe|ni)2hX;{<wVf3
z|DdX`zdFd=ai7QR?KYV&t5~xK@4_CvMm5i6D@sRpotLP0J09s3_qN?`Bha#<&H3pO
zW+W`ZP-UDo^T|vPPq?{oF=GZ#%so~_vmF^#Pm?uM$t!5_9z#^gaYo~@U$Jk;+KtZx
z>KO~CvLdJCTJ{8{t>Re7SYS6^{`4>fqka8{4WheCx@hfWf>(5Iwz*{u*26}1MAK?Y
zAK_Ch%AA*K&DkOZy+D&0$<7@bk;c=K1Lz`{Z_r}btsYnBQBz?k<Aclchk}KYOY&FF
z|1>HZmZCzM_uy`B;GLWhD<WRNQ`0YWtLA9xLarT7S<mA|^t!zkjy8$ac;Ig@si5&d
z99INTY%UL%TMT<67~T==O548kjFWzpCR3TpNKQ37kEfq`7d5d|OSgLUMn2=6=WQ5>
zPnhGKot?g45gJ;n^VkU`35Ya&lcY&nGTB~deey<}5|`w@Y5Vgd6#GKI!Fsts@L@0J
z=;pt=-!}IvWSqPO;+I>I{>kpQF;r49Mi)m7HuKe6^!hggG1L_;kGB;bo0Q(l6|<@v
z$7<flSUhbLSZkM~IQdQ=?kVIN<4ROI5xSk?RYt4*SG?e9>~oe_A~?enL%2e#3KNMx
z9&8pWmHq5zRp7ZqtmgO`Q378n@)_x5oL08!-H1gG+{3jc6BUC?qkWK1but7}r&ZVS
zbaCQ!l^2S~oWW)H9eLMg5{0?-`cF67s?%(``{kkeq9b_$+^!foEb^2fqV46k!zs?{
zUvFyqJqtgLF4ns9e*PlPcM)~}Fo?;r<8C<nrTC-fe4J0wOn;LW5mAB=E+Q=17@ih6
zv=IKajIZglT?D>i()g2r!o;-^#ukyuU4t3OB+2W1==!G%;iTo{@g?C*V#v*!j|M)K
z>E}-=K^hFdU!Qt<kEC(ic%7w=3f!e>)|jZ$eO!3awc_dSeYR$E?7jBLE??2#n$U&r
zALgtAT@b1QJOfJ?8Z?cuxEM9$@6VgFj>n4%`E;HOLGT&+?T;6pcb82rHqo(h@CGVA
zFBG@an01@a30JQJNnz2Jyq|UipKio+qJx?XXLBcn5;SncW8*0O<{hEg;Y?!5TS`nM
zUQ?f|N$>{Z+DwN`n%U_uiVB-e7uJ-Oc5H9{wen2w%Ai+$9Wl>Lu+#MSHN#!3c{R;>
z3o|MGa<P&9{eQhQ0kHb{U$)z8NsA-2Mks_z@&}hcYkzN%1#9v+SFB2(P$3y(G&sXJ
zDsVPb|9KIWm<QYcx7}p^a4P51`J_DPl%;?y+4ZJB{Uu#pZF6t%-9(gVxMxQ=HD~*i
z)^PgBd3ub*bTQb0CsBK8=k_H3bL4YEQZ0F%ImT?<@j#c_PY3fvzt5miCsD_~pLgYE
z1c{#?ti0Rr0K9tZ<z~y-a`BwEV8>wLrMd3Y7L25@Te=!uk4um|j7L6ZUL4Hg`Ou1t
zvx@jS$g14(?m+wy*-VBS&nH~;?fY9^%cZ%lb^1CTWVmkuck6kfDw_7rd_7kxR-St+
zuE}9%<{(sP$l=*8F8)pX6TI$1n<>@Yh<Ph}fkKFAJuuI~`kHJD&R@(g@gX93d3l+0
z#dYI!Yw%y?Oytv1@72+;f;S9ubh|M_+pC3Yc<mSmuO0$ZkH4Y%n`z$Q@B5okZ@tzj
z>P25LvK)KN6Gw^0H3T_P<oGSGXS1)N)cyGMCsr8V%W5XIZ4Uv9<i<kLI5Yobyod;>
zB<TfC4yNh+*tdO&w5=lCk^=;tigwv{Qxl&ET3AewRV?e!TAyG*v~|M|6ny-v>$2ho
z>TP&K$giQ+S~=VHMk}t*X4|a$ODc|^CKB7P&nGQosLUe+kBnk)$6!98cOHzc+k8RD
z6qw|9nL&OsZGOf=ZgsgM^0<lGZNGs++rISofURoncIdlV6?E9HdDF}XJas*8o8zT7
znI5MSg16(%P6sK&CU$qG<KM;9b)BZ&cG4ScR@+JM*95KGF6!TYq?z+pV$Onwkwl6n
zy{<Sp>DVtWNnmhWZgv{|cMIjgOxa?MX=Hb=4}>prG}C)MQ{V2_FFbud78YAjz36eU
zxGEig6}F&~VIP<UNJ{uW^jDuAuju2EclanTlzoZljv=;x7n$47Cu9i2drSrIz)VrE
zd7edlr4$UyZ^*%EnzpsToW5bbVbZML%#BR|Q0dwcH4uJu^wxUa`{iqJ-}EutMwo*q
zRNL*ym%^N(XDp_}6Bz1{DVk5Os&F2bX&Z)X&7lXqSk*9Os?I%#aU4f%7G00ce+L-m
zAtYhgXzQj1#Rc$P6&eR<Feq$7dNGlDdU>=A5O80kK(f>hZV#Sr1ex2;mw}l-u4dkE
zjvhDdjAi?(#jMRRY9F`X9d~tg7o^z_z~QyJ&6ex(x*WeN{SG&1gJ9Y-m92n*@f9+{
zwc4_#yHZOqM2j-t<<#;OqH*Bo7TOs6afgG}xWt_Q2R3Zi;>u<H)5YvliB{Q?<D~5B
zbq{B~&1yN1-jY18t-+J$)x%CtIHA0N+q|Y}+uIlPgdC-K6z0r0P3wX_%O_&nF;pTJ
zpbr15!w4Dz{eNdg+@{mTkyjTNWqO{Af)A5|HglC9U0vrc7hXk3PCUXOka%tWHqCG|
z0hiC4w*MV6S1u^iZQ+o@3_9XcO%zJH`Es+Bs12`hF*Tf-(k#3Xe>ib?y#KiQ^k@XQ
z!BL6&s^=)baPZI)4B2~ib#-hpvukx{j4d$;?H*tUN~XQw5grHVE4Xe&kzNjAJvoPw
z8N+{QTBq~YdGJpz-wqtSZ0@wSkILfJGW7Ya@N~{uzh}A!`zpy^|1YAH9ql*fJdfRN
z{67&MEd;u}iATb`Tx>t2G<`j)>Q(cM5S7y;Tm~G%jm5b>8@1j;p+LgMPaNMSsKn2V
zO;2CUdOysTzjD`mwu=+j-o;GU^}oy>zfl0ILC*XBzJzqH)_h}aEju<b!vm~qx%Y9C
z?gB0>T%kRrVL$N()V;m;F>RlBpImHf->|1gU?V-;w?|efcKyM}!3xW(mpv5fEagIl
zU{VAzzz?)(T4Mxz2q7pC)%!quwfUs|Zk=Xe<ULZ+&BIB9;M4tCh1>8UC%_xK_h7cd
zrRVz?ax+<;mtex9ZN600Et21#A-2)h+u{;#Q_fY7vq<lIPyvk5lT-xDP^2XC6W!Mg
zxC=r~>ok7LO9In0#Ug*p46kN0C+VxKNkM}p9QOH^!|K6zFa|FIu%*(dz@Msx0@?L<
zVs=Emc5rhgqR&`h_6{a6c7VO-e6(<Jm3epfP|^NMLXl1BN!3DJacX(_;hVh2x-SBW
znYdyM)i-BkoRNUe5hkdy-9Atf46>&IYMF#3r&--$lQ@B)l+(#{xZd|e&G>aPLS&Pp
zmjNHzlI2a#$O2$k$;<*|)ZxtMt;q49&tQ(_C6Kyw-83pcMt-cMU1(+87@&}n-g+04
zqdlRpuk`1%87X%&dVv3(3ITL=$5H4!KZDERp@Q)5p!1U<4KOXbpqnE$In1&C9LrSC
z7yaB(WWHq{!{!MF_jT+nw9TL?tMa1u>TNxst%snT`tf%5$@r>VSFSE^IFI-L$xz0!
zyPV#a+LEEkXDm+p2j#pzo^7k^d$Mynmi<i*rg0DA^VL+3G5gEPcU5L}i!`I&dy^Vb
z^=Nn!R)+&eel8o-9kf|~^nJQ>bCq@i@lG8R<05n6sr{;h*+P7^eJ_9Yew$M&rV%H@
zVT5~D*JYV^<q?%)q1CNMxnZfr<>c|<4i6-!9`mQ!zq9c;I@W5FGxS)Fl0D^Vr{~qT
z&@0k6VnrXQ?1<j<e-A)e1#hfQ7jNTvx7cz2i}^zFZBHJ0xHu(7aV7dUg%`jDmfe@9
zx71s?89%n(01gnm;kw*xnisVfdC~6Zo%UNj)_r~}(ULifD+DVcm!oq=xIcBpQIF!^
zLYAaQ&=LQ9#)7xjtt$BL8+t*y^TO5BhM>S%@@VUyA1IrL-HWH?586KW(-mG9fc0DL
zgNYjja?{opMTAv%B%6XI>1d7?OfacKhO*L&+MnK@6?~>cRV(jN@@=m1hp1e>%7?mh
z+EU4Fl?yFC(<E4c3tiF~FnAAt>_}3L-BH_1>{LGKAJ9LHTDX|2&5~|H*F_=96=QCf
zVn0qZ$b&*w?@H`&Lcjz&5EDZ{&0t#K>FH_Xd7ur5xlPknLYw=g<iN7jfy#%7^dv|$
z)K~@S{l)#w+3H!wRT@|W_p4)m+do-g-h(=>>yW;(Fnnlpv)$f-T~FzhKAAo$M6!6I
z{9M>MeoOVg8fXol{L!Cq6^6{8<AM-mSbmYb5JEUZd1Ep;wLIy$UsP}@yVr72znJmm
zl(xEcx^)>$L)l?>pqu`OjBMiMZHC8b|F<@*r%Ris%UaH~%f9Z&7pSPO6o&D!?J6Nv
zlk(91<yx~#ZfCFMGdxE5ua+FHmj4Cl;>Zdu&?5|aflAVT7Qy>?l==h@LEOF3^Y(rU
z61@Knb{?d&T(`yRy8G$wa=Ju};@>JU@Vo6Df#WLMwX8|$`O_b9`C7Gxdu;T}nx17@
z#!fCS6*^6r7_;}sE-_R_aiK$qu<u!1j+ZJtk1PR~`*tZT0&yRjRlSBl{aNeseM!iH
zzQ89r@oX34ge!mGA@t_;>fGZ(sJUO|8g%UPdCS*Q-J)*H=dI0ul^HnD@8#AD6VQL%
z_6n{({XQ~f`Ga3H`LXKstwxii3GBaV6eg^B%1X^ATm*1$MYQH6z6nxIqLXn%*P6mk
z{wVWSp-c{`jz`9_lQwd&qN0o6=!=PwM5a%WGRK~>qh2;O_iBKt$}P~+8)`Krq4i}<
z^;gi%w)%YXWrtUv4U7+OSUQ~uWu}%AZh{BhTY(>gg9&_fV~8t(rV*6NY2!7hy<!hC
z_@wOWYNHUGWLT{w=B(GzxwGjZZ`yI2BnGfV6Iv_wOqrO27AtgpLleli6hA!SdqsEe
zdU&QK&%b%bf-c>DfVLpr>ox@t(Akbh)f&)UbYkx#pBS;1QiD$lLTbx#^TDR^;ELnp
zjnS5w%m*6X8ZjA63TPMu#24?A?V}jIjx0w(JiycU+5@+$X;NB1i-?wTzUpYbTCser
zu=Kjgypl_KCl$R#CB<Pi_h;*%<9^u2vt-;19|cRG<K|{jtwOKTpsR(+Epgb<E9vZO
zFoVsI^VhEEmiJbVjjWg$#4byAv9IMx2ngJO8hDOv(XO=a`V&8u$7x?e;4~W8kjI{k
zzVs9>R>EqVxM-xn?QXU4pjxSh-9cG{vk+5PSnb)4<j<y@Xh`JeeH}9E3xWC7Ja!UU
znDSC`UCL)Hba=~obX~{Rr1Y$YikKlrOacrrP-LOy+ZXEslJNYjG+Lz(!On_3@e$5`
zD0N^Y0c_WSdb!8%UwD}w`$fMo>Kx4aqXmd-%*MYTl($_bXxn&#Uw5kLE|j_5_3rX$
z)W%EClelb_)a`uys_n${%}`36^O4r1aItM;Pzg#>)Sj9KTnyKaD2JQH{v{T>`6OHI
z7F=}g*&m2tr(5X!w+iEFribk~b1nzD&_TqP5!m9t;7A}@1qHko;wX3wqCOI&o{l>s
z>D2oPinL0<`(+V@SXlY0KW+q`tvIfLyy3WU1NDJw`j;}>Yl7uDHF<Gu1vgL!o0F4+
zg3FLp51Gh##$saj>P-Ls69}w6G<i!``z06Rh9C<yO?R4+<y_uu{)HA9_930;2*{6%
z&7T*?#-i2-!CV}@yP<`%RgcFIWx1OXmyXnc2Fi);I`1^?GLRY>gdHunH0V_*^E_=~
z<-%7rG+ccTW!gVDxckR$0AtoPk5Ji`1l<Fu6k3%A?-2}0W6!-&_nvH`dc<0_aG0c#
zj8B@?qCDIT<+GM}kBy28xM2@+_nw@Kz`%u-RyW{A(fH4!{t`mj_H<~Kv>oW4e0jQC
z^#)1e@>xx$-N@bTtsmJONEpE6+jed1CS#BTNaOz_OQ<A#jgEU0nUCiM^{?K=b$qy3
z_I<{}tiwD$|ATQ@SKMB5j$Y&v^YPO+E=Su#+Crz_i>o{7o*%#14_`;(D$_3t2@EH*
znVOlojx2E_ApC29U{AQfII8$`34ENM$KO2gzdU)>TJ6Z)`tT{KO$NVzr1QG8n~bEv
zAfQ?;*30sTZn(O-UhfrTu7J=A631k!e$I{?8;B5W`$?wLjOM=#rv_xiKe6QX&Q0-r
z6VeQx9v=uftaeXMTo&!?qA&Z~&<qaAPI^hb`5;6B9*tj9CRK`5R{jKXrn#<v`<G_|
zDrep1V897K)Ok2xBO%RgxBinu6=(HU`4%Sc#QW*)O}b;u?fv5F<7J9vxtnis2mLb^
zw|fOp1`oFvKtQC1@crq80p@dgFrNDsgE{XG7WVw%#G4eN(xR?o_iG@YzM^S6MQ-2f
ztDwuW(<~s-Utl{E^MSgC3u!-%uOKQxmQgNK<K2o={_^F^zr+{b_4=;k=`H{TuXwb^
zWVl$Zq<BL){{x1w$7yWlJy^2_yN#YanZ)Dy8dETN0P<%&l$nIbaTkE$cwj@lSSQsM
zTj|33Avt9`?8W${x}>7_YVRylZ>-!_SXXQZ2D4R^=j6wEX#sbE#rsm7yGDHC>}(Ni
zi8X}V3);yZ6k&nkq_>8ro1j{n8z{#MjN0{$kszY|z&~E?SnZc-;d}MB=0AU7H$k;}
zrtj&LIXvIwFbg($B@m%Ydlsbmt&{c6Qf3PcE46_f28dEhI#3H_Xn~$~4-_V>@jH+{
zis$?V!{tsOe{O->EiNhlvYl*d-F~wT<XisJKa^;K_mwFb58$#s{f@``vr*E~s9f5u
z^7LRyFe?V)1B8k&^$Z{lfl~8-F+ra9s8;8i-!hli<C+D-$;oN!MSykHy0%-6{^eey
z&%Lt!BrvA=)qgJ_Dvs(p0Nq#DCH;0`aS;XbPgZEVS}AES*Qi>b<Ir_vmo}X#ty)=G
zp)YS-4^Fjx`}4u}C(dJHF3Stcx>q|Mz~mIMRVu&y*SB0Wq*cZNLa<mUE~8eh+3z0#
zpa35C@o?4Cxj%+FQt<J5B2Px&^I{rHj_cz@uGGGHo8BrAb;1bPB5-r*;GkT+zJc*u
zu9sqmF=$_63qIwb!rI<jdE8~X7j%4+kd=g0wM2y2!ItM0E;y+yo<qi#m$Cfcqx%DS
z6ug*{_1Zmdo~}tx+>b2v4-(YPkC)s|+Rv8@GQNap>k>(T?`ax)^~+`Oy&YfW6a}=;
z_;@s^R7xJ$a5|Xbzh0||rSbwAoZwBrJmA?KYLQ_2+S8uA_w9D74GBKJ>&=$>zw{V%
z6kpIt#bjq^k7zhqvtbx~z*1nEK5(K?vM>Jdyho60-m~$@%ky7MB`|6mUCvd?#!JIt
zpqZqhN7%|be;?jdDq3EXH~$ragFIc{@%SY^2i^ie0@x55lmYO#csjOS2m*hgAY9-$
z42rBEoa8;-uk9s&ug9~@j^BZVOGhBSv>fxFxS`>DZuJn_r180(mTJ}<gCzv9FwJp7
z3M6ELu7B2mT2fY<Kxosd2-W)KVqfP3tY!$vg|LEMyI*n+0YM9x&rX^HDnth?4Nxc^
z_SHLz+lw<+KsE&CJUoK!><zNte`W!IfcN=VP_@w$F2Rjz_<Hp0_VyMY0U@;aP3ZNi
z6$j~;>uj)d%Qbhj*^i#FsM!u<8*v4uJ;HNPT3*hiouyaNAQ-eNg-ky;{q<ws=J*sr
z<r-D{v6S1Y{Leq=P-Escryiu<w>d`3v0Lw;AQrl18DYt_<hca}Z(hJacx=~%MsCp{
zAkW_hCqHpjzuLJzFVwoUpQZn!`HT(sG|I$XeSKzWKb<Q$)wRWmZ5z_6t*L>V!g?cD
zszL{pk6|IJm2a`GAW(8V{rTPf`H(4GJV$_MVZSI=N0xdAZc0;WVI91Aj|`23gha<#
z`iaK|;i_2<zoU~A`6mvQ-;K)U;O502-n^P89du<{b<!AL;;mc%_5hbl1OdWdp)-oC
z(Ay+7Q#o%{qv`+ZJH4M?axU3!gmX5tr@0?Dai;?X+_)FE9^5d0)qGH1qtD#>M>sEM
zD4lnfj#`@i_~@vvSqAWAu(Xgh;E4BtbalI50){l7>kQMYm$!m1?(XhzzG~K6CDS!o
zOc!qrCW5K3niuCK`VaecvwC;e8<AI6S2oMd7a{bZ(8ppL{00V#w<3`uQVe(XMdN1I
z?I&(}ZF-=!KZGK29h@7HAuhD8NMRmvAwmmbi^Q1S7D1yotP)rg5@fwIrqY1~e>bTi
zfHKH-!515*vCwlI5AZ(YBu(aa$R9`tqYI4_b)Dyp6W{i{3ePW_QcM2%HtB#goeig1
z=Q67a8OWUwD2SBkdzFC6qz$||vv=!Un8GS_#-*59l)fuc>2}BK;*VVHKHzxIcOD5p
zht?GGPj!)hI+y>KRAh?;EhwyTJ8YAEZ%K4A+LQnJfS<pzqIZCM3iy<bfq@Xx;IH?3
zZC}_SRx7PHKTwz*&+r(v96^HfcqaH%vv8*g+{8c8u%x_sfA=FecQ_z*U4x>ws{j@b
zc8ltbcD<Emtr-U7{xq>eg*%e}5+CF)sB|Xz{<PHFFrA>6!+~8NI8QVX{C;-_F}H0h
zK^m`C+`pND{#IaRK)lv#b}U*zbpxydvIg=s#gw3s;(XUYi*Z>LJSIL6?b<Kv7NlMj
zJY!Ko+-+y}?iFBRAMu_0kmP_XmmqO7x;&g0{mD&AMC4e$?gQLr*TWYhS}7U}VOs7l
zPMj}Eve;IBzBymdAU@3tw|^ojPJ=hq|M}+PcSM=}s$6lTaK!bm@x}#a&AWdi@nj*$
zew~ONDbNBpo60q&9VXjDSYYn$l6VclHI$+2-(PrlUQty2l#zV*bB2-0hB(b8t5?&@
zFe<`w+T7gvJI>gY<{X4}X|*3A?I%~~;C8!sU$Y<n8Rg~2%X^APA5Qs32Lsd@VY1)3
zcwqYbWi>Q3R8&-Ss~>kfJ&t-FJIM3>{n;rr*hfXjsM{Rp@Gqi8qU2J_aR&%-6Vk{s
zJ!3Kc_|2_x4;X8u|KWmV#d58A?6M_bX(ci3|3ci|aSIwmty~8Q0-U68om}zxk&SnY
zT8ZcV2I-Zj_s!{6iCWn$SUQhVveujJRGh!SlFD!j!Cr3xGXmePdY-timb?p`DA>vL
zel(2acRq5Oh4$g`JOkvy#nv_|7#y>#o@Xxn3zOMso`{gRzJLFWukgrgXmA1Ve~H7n
z3?xlmU0r7)fy=5$;s-87auCRRxCH^b?!jK^W@+8aPt5>SOIeP43y>ZjaEFD<;oNUI
zwLB#PA|gKNs2Esy)XqMI=7@VpBLW1y_dJw0MuG&LZD;KsAMFjtGZwSe(l0sr>Al-|
ziXuDrcB<yjmd)(UizA7SVu)V70-msQY|K_)U*E+g@(wgffm639caZQ%OYtxBf5Zo4
zdnPBl@xh_eo!5DeHgMFsQGR4ed~VezriEpeFW#E|kbXh6&4&u<T>Jm4vr|Z3K5`4H
z{e)Sg(f~Ya`w2+1PirzCN-w0j_Htv}Z>I_WJu*}$5F=KAD70w7Kbrc^{8O14v5X~6
z#%Bur3V0SSu79U!9e=}Z_)c2SKx(&~p)+%Ep>5N4@dkuf&<Wl<r2rbJK{~>{BR0N=
zmQw1DlqZ23xfdVwls*YqBajWGF5LQK=7(^jpRu5pNn}!;a=zG~mKOIKbzeCH<P^w#
zb)?sw2-`!+XW%>t4HXra81wNr>EmzZ%-gAA)e;bXFPla^nRdR}z1y47wy8tz{l{`(
z&!$V%>7y1p+;_*wRl&F?4Yb0?$43xT%NrWh<5iZ{L0a-<f3E=jZ~daR@<!IXZzUD&
zw`ZA8_aM#?L#{zo)VKPZ6xqGIyL&b&D9Flc4?IjcAZneyFmz|kkL%1TzFK7fD$m1z
z8P49GIY;VZ{pS+35+G{0x9JH2edMHRhvWho@{f~G7Rax*xY!K#@W^~c=sz<z3f4~M
zM67bbRHGX+>&*UoezwSvPWa!Qp)r}fitPF;qRckZWqj?CSg$|T(brXx3cO>2S6E+n
z1E)@)JqHHiaug&R$4gDpHZ|rTrMO(QLGxP!I}4GX99mTI9IWeMeyX(^t_`HpNiLno
z3HTdsj=f^&E$e}RT96|EdISdKm;!VGr}Ma+cY@eXNWE#hTR!o6yxD1KX%W1}BVDR@
zS_G0{-av)!-B3C>0-9D;C;tHsD;I%KRRH9FPcU_d1>_euXFHK$VU8?Z^XVuMd}bJQ
zVc-$4Y(QiM^7Se2abwQAiBf5B6nec4@*PkHM8fA<iB)wAG-N)ou|RcH)5q>WJKxQG
z%9k@#C(m}Va>wZ9?C|J4h_ACMO?}i%E3vB%Ol})?6|enIK*#-H$NhPMU>i8=R?~x|
zznT3z1?~KBF}v8NW9!q9d|4*L)C7ynuax}j7HX}kmt>G%HE18_OPcrN4b!LERhXwA
z;B9~(*aa39$8#}JpJ-SBz?Dtq2#<*P$BKFdAFJ}V|9$0kGpN7PXtyz~u3u)4O2h@W
zr!SfpxDkl&v@c&a^$-(y-lvK-_m>v?3wV%rXs910FAcbnutoLgf-#MMz7ddCve}{e
zRX>waq<Zd%yl%+EHde&uw7nq5yYZD-?c7V@*jI@=eWkEYeUU7L|8o<KXh2-aCwmnB
zXDn!-w=hH{3(3A2%w2Vdq#B*18|^?L9X{FQ6C?5Rrl!};dbiE~sI066?2y+@%G2W0
zQs?A3Mk^c^bNRrzI3mAUeUdJj|4!XsT!z0|tv?nWg~Ux$+g!f!(40L!B$$qhFD~*L
zv1)$!5atG1BNqjoc_AUl;OwO1;izqVyecInr6xWeB;kA+nv;UUG_PO3rl!uTyYS8H
z@ZIX1@9F6Q6F?FY5~$5(wnx%KVSFOd1i83e0SU64F{*8FN#nBfBO=S4++)&h4nqf0
zeh0Hw-0k&WLwnmqNh)a>8N-Fe-XA*fXQ_tz5Fx~e(?RCN2Ajx`5Ur|Da3mGd({UD=
z&sYeW7#OU9z1iV@#WeW(myeIn;h~kUknP#FtaEl)@*tt@Ym;)}$*9Rc!Q08ckGX_{
z$U}ABY<YQk<;^enlxy?zx0hX3(*?cTwaW6Xiu`q3UH^jEPf1C+d8VPJX7WWyLt}1#
zx+Ig&ZDMRp$h$>1V-H<eROakDt*N!6HL06A?bqFbn!w0s{4WyWY!O8jSg@~l2~R9s
zN*h`1c=*b5i;B#_lhe}D*45QTk_zS%m5rOx(Y1>QBch}_Z4d3uAe8l3vT-YdtqWWw
zGz^UFYZ+d|S@MO21<;YGM2#8n9eL;C<HwJ7c6PHC<?-?H$zJh|2ah|MPg`%$Yf9ey
zSFg3XwcU0)Krd|!BP>aSonKH8D*D~~adJiv4tH)A!3SNbWZJ%IX>jl$CsF_z5z&Cp
z#L-bDPpRreL94^-0r+|Z1O#TCMgvblNQ2MPYQCQzv^(yfBsm%!6!CL&WaYi3CI_(U
zK;cT|cdySg<l*H-fQM&Lov*2>iH(f~LFC7r{T4*^;hMDU{Pvv#LJ<yQ@n3`vUR(%`
zUDE8>zgJXrbQRFTdN}#MoP!H!D^Q7VBN3SGz5R5Iql3_erKF?);cfPQ60k;d)H77h
z5mv0zsCJ#q58n(G5D;K3IwXC%u2^nyNgWB1m674~ymjpAz+0;pY>#!=KG=x(Z>H4G
zKBEcH*9U@sB7Y{|U-mg&7#92&_D%O?4J*=;l6|A2f?v*Q48vEX575OtJnlgV@$>T=
z7#Psf)}HUMJJql`@+E-j3@MT)d3bmLmt%JWt2jG7jUeH-XinuO1UZx^@GrnS9_;U@
zoxt{FpklaKhe?Q@QJ4^hCS7|)xdg~k?OK4G>}`2A?#w*f9dck$kfo)ivXT;q&C0(+
z=Zk$+e+4-?IWMpFcx4r}41VWBe6(!;pFcsG-fh65)26jN{yT+*`_wVFs>lv}_rYw3
z^NC)lQV|0UO=t4s+}YbQaW*cqdmgamfbOKG@2$+h5zz@qLkLBA<>B)l2?<$fw2RHm
z%=*5bIy0lzJ5x`71@q@qrjZj*x_FLegSD=sW33RG0$n_6Vl=RP6civbYWz8<=*Zx9
z2xRs73Dc%=j|~l}G~1sPS5{X3^l3c=hrYF~?PRq>@P~yKx-eoH5I_L;63+f}{dWV%
z19t81fm4fOe;yPzt(bi~=9jY=#zj{c2l(AtC8zEq-`}JTmIspsgGABB<^&WyeiQu;
z3S=cBNu;PS`MwNe#!Fu;+SIw)^!*CO^L}~=aM&3o%xEc%0!mR(V1{H~vXoRmD3f4h
zWQ2ivfPsPes#T^}!I@d#Lr6?a%(9P$^s>LdU$eu@6DTCc(}=Rz&sZ4eZ7FiV8cqrV
zDu>X+?|b9Xu3LoLumB!~G_s6|nc0O5{%3FR$wHmwa0)wEdNA45%EIE*e_c=p9pWQv
z)eNgcO-2TMK8)o|skxaM7g#h;GpvVeFyW;A32-nkFCc%YIyu#`E!%{7c(_e)wy`}9
z^U};UUemqDckno9`W5^B`|aIMhu+)Wd3aWF6aMd9Ur*1@21iC#stge_Qoig>P#+Zh
zxwz1+HtLTc=3QT32lW<L7qj{;#WA9%e}8veE?9#6)|2P-d}xmiq=`9u#*=qWHy$Us
zxtr;{4!Dfcsx)3eH5X(|Or`DiDlAZ<!H$@MpbHyzYa=5(V_|3r!0PJi!u&?X!NEaC
zw|~6cayUqgm>m`t2Iw>(@G3duz*&RwPAf3lPh~zF6b1oRDO>?i23A(3_4OQNWMq_-
z8-NY`y}0;nX*s#)cuole4ZXgxado_W2Z#t@0z~{@fRhdUEBPjzaO`2V*GXPcG)_J1
zE&PYLt0H&X)<W3xt8o3t83pan_)Zo|uN?f};=iDamoAwG(ZR7h@a4B}-@r<5hjtO%
z+}?sv0|>%dH=5uJWaQ$)LK?7OZegN`;gOLpj*jQ&=ef+Xqj4s$UsHiZ%igbzRv_~U
zFPes)zND~{hL2B&DG@mGftd-UFnSTf7~T}-XDqyz>OZG`Wrr|OP*AY3Ie^KRJn6@P
z!vaBT<Hlj97m3iRzOk{fw6qj_2%v)_BXVhX;PF0Gw5z2;b>6=9q0AR}DVa9`is07w
zZh;)ARHOnn0>P_Sz||t6p+$y<{!2NHj5fhf1FP-;DNaO0M1Q&48>+LJhxp9KPVF@t
zyK)BM-5dOD3zn&SgIzP~xj1-Q?!cR}d~f(s$3HWEa47#Omh86%0FxgX83Dq~<>h5Y
z21%P9>8n>MQBjpf{V{WM8qCZUfq{V_Xy+;I-M=$G_+)4(cx|9<Vv;XJw!6PyTwZQ%
z{n*jf^`4JUg&{&xUccE2=jDIA)Alz7De2?M@bH$gG1xym#NAoUSpII1tPx!`8f-Z@
z$oZ$HCy)v=v$86csWsHs7ps5;yIAXjnIwP!f{lTJ@%QgvumOQL2SLk2;0cg@^>Uq}
zii*rbUS7DN%e=3UPB$#xg?TpNseoK1b2YV@?_!~SP#d|xXM?~un8^H(DASR)T^s4$
zzB;)HZ4LN1ML7Os)_ODJ+RYpof#4s{oij5ST-*B+ZLQu}3Va$UG0<uE;BG=k2Om^X
z4}PuU{h2cDSlh(iJo}uvIc`l&O;9_V#%7ATr4D2Z@KMdp&E?15pN$_j3;x&Im4-vv
z_3?Wm@9-!~mPu$#6O(8xJw-+{dB<ZLvW(%WQA5RRlAVn0u`eyk(%2^|A|bM`V~fca
zB|;h@OA*<U?L9u|`+HsQ`S73np6kA^>)hx3_uv1VLwiR-`d@tZ>{;5rpB^HayL<t`
zGcz(WnwyC@Ci3J-AP-BctJ`an4}EJdJ?@$EJd<hqv)2f_myb^%9C%zRXCD@l6$@>u
zv&o8m^yMY`S`o)nO^O%ldL#+Qz=DwQ9}f&}s3+*7QLz{ejim0$v4)J<*;((>_f=Hl
zNi1s6NH|D1c<Y_$ze9=t99HeHix<)2f!0n9HF<!v!DMHuq_p%MN%Y+Gv>6Z(m$}o`
z@_8+=!-pS6MMX6?H)muZK@a-q3r96ilU^yU>J<n;N&4s%@X04WDkv!E5sC9YxY|qG
z8*3iH1oq_OvTp#01<iA7fK_jb6soSO8cr2Z;OB+dagO?2-+GbW#qi&2X})TfP+mAb
zSVo-M!$$k3afIYy>^TO+Tmn3}vI2zVG#Y&sr1ybJk&~12vAB|M@)Y#NSrDX4fak-q
z%?h+&CB6%aM5$}jyCz6q2*^Fg^?w>+D)HS;2kg`-5<|9vk7PG+YR@~=m#GqvN<Jm8
zj}A6knHqd+ayfh2Wl)<*qnjpz@_37+&joz%F|)Mn>sU2ur^-__tBARV%6gkmBDF+<
z%W!#sz+k;FDluf9t2OaACRt<c$kjRaQ6F4)2V2IWYy{=CH_KqHBDr|_z`1pN@h_L-
zJ_$G6+xYWO6u>%smSkEHm&@H%!USSome}WK3ATF@dOQa{g!b(6#W{H|cV*pQRkz;a
zLs?FOMi<pH-wQqOFTi}eB)DHA+Fy_h<6^Yxy~p;4vSKf!IR>jL|01YH$;i$gCWkRd
z*OF`R*M~z~J}QQ{lZ)>(h}m~jm6`D|z~Z2~^RMt8p~uoZoF>uinpB1?cJp7=jfz`h
zaLAd@62^`wx;nW6C+KmvMeOl|A4<PASf6UF;GRD+)Y-A<_6nC?sn83v4}heHmtL#)
zIEWIqVeALc`9oIr%;nVlGU!`Vpe&D9&T*9RXj@<uSaXe&(`IBG*jCP{iQ8t5^kxe?
zIy$beepmR%^9!@Aq(o!mlFBu1Zn8m#(S=uZ$>L$J?y{%eI@5<f?~aAx0ChMaX1JhX
zj+mALHUZyhilWiNI$)`|A~4ZPN+-4X4kI5Jis%400sNtS?3k)HRG*iV1K-9-+y-s>
zp(UA&mbg9bz~o$Ib~*VH%*<kewr-#JsrMY{-6v1br%xyPPmFWoS4Mc**DA_Pk~~&*
zVOF-QHYSVM;f1q7JJ>_~`LiGy<Wjfs!zh=01{mnHv^1b=pJwm0Tf|2o)a~o*lhJTR
zVzEMUC16V`@Bq+Qjg2}*)=IJZSJe&%CK6Gx`e=A2ScHI*myg)`TUAw+UYfEIi&O8a
z<ETrDivu5}$eN_NlR5zq{YXu>-($+|STJ7dWFqmt0NVp5F!j`p#>ov3<C>eBOV=HO
zXu>?%TC(>XHl&OPR~%;gXY?WVQ5ihG9sn>v^X!yZg2cz&yLaK4EEWsou?(_$6A}`_
z!on6O!Dc2G<>N=i3sO^4bx~%9hPTLyHl=j&z{CsrEUlZ)pxM~Sr2e6=uV3Lhx@Rnz
zb5CA~E$RPboC6a4w_5BrdIZ8ha~nc+b#;Ae6{3lv2*f~t|0Me(&7+WXJJOV#rb_ag
z#pKmDtZLQ1VVT~%{D!QW%HN?j+B<X`ge40FD+94d^gusd!`Ovk5fL-S@3EE`F@Of|
z7Z5;wTAs-(JV8CF*Z6zQM8!NPDp|VM-r3pW7BW6Lsb@b202SZO=45af-g8q7Nr(Us
zSf4FtFc|%Xm$6Dp&4=$^-X6P$-`Lndi*o7$)?=hK?G}Y@^8ZJT6|0fp&_OIII!$db
z<)I}fEJ%Go#ZG~|1(*Snp`i|ZZGBxxP>{<5%!lh&yiQJWvAML|UvU0#9e1mp@-yyD
ze%=u9{B0ttk}4}JYvRpMTVlT%88IpQVnv~Ro`YqYYT$4rJV8lfEP!d8C#jZ9l8?8f
zP|C{7T?R`GFk(zF7m<+`XGG;gI~Q=KfoUh&*1(~ZWl522p7SjWQk7#y=cpi*0${6e
z?N%ePaqP)1Uxfbw0yhwT3=~}f{AOus86F-Es#k%-3Gf@5w|ALgmJZypbTBS1?*9Gz
zAo9v3gD~57yiKH%dWlN?_Wk?A`1sKC#}nH*qG#+cuv=fZw*$xTEvUGQ5B&1z5o)7n
z97ZoaqpckPFgZCnIWR3ilyY-(CnhGqdF=o=j*5=vba%J*?X9HN`K>xfy1)-59HZT_
z4N5&Ka<9>yD6@%pO`v}nomUwcypj}nZuk!D)g}bo{MwqDsiy9OZZ}9(>P>`$W|Wy1
zo(i^zDN;+iL#uk{yPA;^+YE_S9u?&$)+s(Z{5+-wwnCqdSJ*%r5!bK1;WSZsRFLc-
zyWO$ailK;PW7Qm{#i48j8mD4ooic-OarzFo-^>i@n-BIYa(Nz!7Lbo#%x%AGY`)^P
zXUK9fgf5ljMCnD?7V~L`AlS`CeODkE+dAI*&V;`{$u!uceH7+%XQ;GHePCu0+k6mX
zvBTpl!w!5ezRLP?_m#^)h}NnP{(FNsP1c@S^>(?zeIq}lpgWky`o?<Rq(rHwr4TpH
zNrt7$z3?smXqI@?)^Q_+uyKKbCdWI*DQ+%_*vHY3N^U=|EmRTyfP7=q>OLhn9&sS)
z>2ftYh6a(4R^E#_PsM!Hs;fM-m2EVK_?;w^PC(gv&-)oRh`l8Hl&=*yCgz{p2YI<2
z`z<3u{Nq(LCzki?*Cx=5aZNWn!|M=4lKkeE-zEWdGoA&<J2`h>pAK^D7alKzAR)nd
zf95NZ26GcCEuev~o70>=+9i)H7S&dFKAIGZbaM~u#HP5}mP~iu_!D|N)auT-3gLJK
zuYVD9kL&OFy6kpwAKM(Sg(I^)2=p|DG)wBUYxZ|eZd-afd(OtZ@pYFmGq9y%Q1F@=
zET^>t{r<p{tkMYF0g^LPQ-Vi+Y>es^_$td-3CqwyY#-qXYM>>(Gvb9Ht|LtrfIhBb
z;2Pp$!2YBV+e{eHpvOo+A-!`uG$v$+O7DdMsv)ok&<9dYj^HO|2P^uYU;aP7ut2BN
ghXeM3t_*XxVF4>f7Vuks>EISJ&@~|z=+Hv`3vbS|NB{r;

literal 0
HcmV?d00001

diff --git a/windows/keep-secure/interactive-logon-dont-display-username-at-sign-in.md b/windows/keep-secure/interactive-logon-dont-display-username-at-sign-in.md
new file mode 100644
index 0000000000..db24fb9fca
--- /dev/null
+++ b/windows/keep-secure/interactive-logon-dont-display-username-at-sign-in.md
@@ -0,0 +1,86 @@
+---
+title: Interactive logon Don't display username at sign-in (Windows 10)
+description: Describes the best practices, location, values, and security considerations for the Interactive logon Don't display username at sign-in security policy setting.
+ms.assetid: 98b24b03-95fe-4edc-8e97-cbdaa8e314fd
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+author: brianlic-msft
+---
+
+# Interactive logon: Don't display username at sign-in
+
+**Applies to**
+-   Windows Server 2003, Windows Vista, Windows XP, Windows Server 2008, Windows 7, Windows 8.1, Windows Server 2008 R2, Windows Server 2012 R2, Windows Server 2012, Windows 8, Windows 10
+
+Describes the best practices, location, values, and security considerations for the **Interactive logon: Don't display username at sign-in** security policy setting. 
+
+## Reference
+
+A new policy setting has been introduced in Windows 10 starting with Windows 10 version 1703. This security policy setting determines whether the username is displayed during sign in. This setting only affects the **Other user** tile.
+
+If the policy is enabled and a user signs in as **Other user**, the full name of the user is not displayed during sign-in. In the same context, if users type their email address and password at the sign in screen and press **Enter**, the displayed text “Other user” remains unchanged, and is no longer replaced by the user’s first and last name, as in previous versions of Windows 10. Additionally,if users enter their domain user name and password and click **Submit**, their full name is not shown until the Start screen displays.
+
+If the policy is disabled and a user signs in as **Other user**, the “Other user” text is replaced by the user’s first and last name during sign-in.
+
+### Possible values
+
+-   Enabled
+-   Disabled
+-   Not defined
+
+### Best practices
+
+Your implementation of this policy depends on your security requirements for displayed logon information. If you have devices that store sensitive data, with monitors displayed in unsecured locations, or if you have devices with sensitive data that are remotely accessed, revealing logged on user’s full names or domain account names might contradict your overall security policy.
+
+### Location
+
+Computer Configuration\\Windows Settings\\Security Settings\\Local Policies\\Security Options
+
+### Default values
+
+| Server type or Group Policy object (GPO) | Default value|
+| - | - |
+| Default domain policy| Not defined|
+| Default domain controller policy| Not defined|
+| Stand-alone server default settings | Not defined|
+| Domain controller effective default settings | Not defined|
+| Member server effective default settings | Not defined|
+| Effective GPO default settings on client computers | Not defined|
+ 
+## Policy management
+
+This section describes features and tools that are available to help you manage this policy.
+
+### Restart requirement
+
+None. Changes to this policy become effective without a device restart when they are saved locally or distributed through Group Policy.
+
+### Policy conflict considerations
+
+None.
+
+### Group Policy
+
+This policy setting can be configured by using the Group Policy Management Console (GPMC) to be distributed through Group Policy Objects (GPOs). If this policy is not contained in a distributed GPO, this policy can be configured on the local computer by using the Local Security Policy snap-in.
+
+## Security considerations
+
+This section describes how an attacker might exploit a feature or its configuration, how to implement the countermeasure, and the possible negative consequences of countermeasure implementation.
+
+### Vulnerability
+
+An attacker with access to the console (for example, someone with physical access or someone who can connect to the device through Remote Desktop Session Host) could view the name of the last user who logged on. The attacker could then try to guess the password, use a dictionary, or use a brute-force attack to try to log on.
+
+### Countermeasure
+
+Enable the **Interactive logon: Don't display user name at sign-in** setting.
+
+### Potential impact
+
+Users must always type their usernames and passwords when they log on locally or to the domain. The logon tiles of all logged on users are not displayed.
+
+## Related topics
+
+- [Security Options](security-options.md)

From 45e13d3fee05d5e934031c67d804464ca009d113 Mon Sep 17 00:00:00 2001
From: John Tobin <v-jotob@microsoft.com>
Date: Wed, 29 Mar 2017 18:40:45 -0700
Subject: [PATCH 02/16] Updated TOC Cred Guard topic hierarchy

---
 windows/keep-secure/TOC.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/windows/keep-secure/TOC.md b/windows/keep-secure/TOC.md
index b427d098bb..9283a8c055 100644
--- a/windows/keep-secure/TOC.md
+++ b/windows/keep-secure/TOC.md
@@ -23,6 +23,12 @@
 #### [Deploy catalog files to support code integrity policies](deploy-catalog-files-to-support-code-integrity-policies.md)
 ### [Deploy Device Guard: enable virtualization-based security](deploy-device-guard-enable-virtualization-based-security.md)
 ## [Protect derived domain credentials with Credential Guard](credential-guard.md)
+### [How Credential Guard works](credential-guard-how-it-works.md)
+### [Credential Guard Requirements](credential-guard-requirements.md)
+### [Manage Credential Guard](credential-guard-manage.md)
+### [Scenarios not protected by Credential Guard](credential-guard-not-protected-scenarios.md)
+### [Considerations when using Credential Guard](credential-guard-considerations.md)
+### [Scripts for Certificate Authority Issuance Policies](credential-guard-scripts.md)
 ## [Protect Remote Desktop credentials with Remote Credential Guard](remote-credential-guard.md)
 ## [Protect your enterprise data using Windows Information Protection (WIP)](protect-enterprise-data-using-wip.md)
 ### [Create a Windows Information Protection (WIP) policy](overview-create-wip-policy.md)

From 21cbfd5191839776f310af57363bf602156733dc Mon Sep 17 00:00:00 2001
From: John Tobin <v-jotob@microsoft.com>
Date: Thu, 30 Mar 2017 11:44:24 -0700
Subject: [PATCH 03/16] Fixed white space in cred guard requirements doc

---
 windows/keep-secure/credential-guard-requirements.md | 2 --
 1 file changed, 2 deletions(-)

diff --git a/windows/keep-secure/credential-guard-requirements.md b/windows/keep-secure/credential-guard-requirements.md
index ee45ea20a9..59e3915359 100644
--- a/windows/keep-secure/credential-guard-requirements.md
+++ b/windows/keep-secure/credential-guard-requirements.md
@@ -117,8 +117,6 @@ The following table lists qualifications for Windows 10, version 1703, which are
 | Firmware: **VBS enablement of NX protection for UEFI runtime services** | **Requirements**:<br>• VBS will enable No-Execute (NX) protection on UEFI runtime service code and data memory regions. UEFI runtime service code must support read-only page protections, and UEFI runtime service data must not be executable.<br>• UEFI runtime service must meet these requirements: <br>&nbsp;&nbsp;&nbsp;&nbsp;- Implement UEFI 2.6 EFI_MEMORY_ATTRIBUTES_TABLE. All UEFI runtime service memory (code and data) must be described by this table. <br>&nbsp;&nbsp;&nbsp;&nbsp;- PE sections need to be page-aligned in memory (not required for in non-volatile storage).<br>&nbsp;&nbsp;&nbsp;&nbsp;- The Memory Attributes Table needs to correctly mark code and data as RO/NX for configuration by the OS:<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;- All entries must include attributes EFI_MEMORY_RO, EFI_MEMORY_XP, or both <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;- No entries may be left with neither of the above attributes, indicating memory that is both executable and writable. Memory must be either readable and executable or writeable and non-executable. <br><blockquote><p><strong>Notes:</strong><br>• This only applies to UEFI runtime service memory, and not UEFI boot service memory. <br>• This protection is applied by VBS on OS page tables.</p></blockquote><br> Please also note the following: <br>• Do not use sections that are both writeable and executable<br>• Do not attempt to directly modify executable system memory<br>• Do not use dynamic code<br><br>**Security benefits**:<br>• Vulnerabilities in UEFI runtime, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.     |
 | Firmware: **Firmware support for SMM protection** | **Requirements**: The [Windows SMM Security Mitigations Table (WSMT) specification](http://download.microsoft.com/download/1/8/A/18A21244-EB67-4538-BAA2-1A54E0E490B6/WSMT.docx) contains details of an Advanced Configuration and Power Interface (ACPI) table that was created for use with Windows operating systems that support Windows virtualization-based security (VBS) features.<br><br>**Security benefits**:<br>• Protects against potential vulnerabilities in UEFI runtime services, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.<br>• Blocks additional security attacks against SMM. |
 
-<br>
-
 ## See also
 
 Microsoft has created a new **Deep Dive into Credential Guard** video series that explores the main features of Credential Guard and how it works.  

From 2b0d3f5bbe895c7871ea737d631835d600ccd9eb Mon Sep 17 00:00:00 2001
From: jamiejdt <jamiet@microsoft.com>
Date: Thu, 30 Mar 2017 12:09:17 -0700
Subject: [PATCH 04/16] Add MBAM support for SQL Server 2016

---
 .../mbam-25-supported-configurations.md       | 26 +++++++++++--------
 1 file changed, 15 insertions(+), 11 deletions(-)

diff --git a/mdop/mbam-v25/mbam-25-supported-configurations.md b/mdop/mbam-v25/mbam-25-supported-configurations.md
index 888cd863a1..99a8d735a8 100644
--- a/mdop/mbam-v25/mbam-25-supported-configurations.md
+++ b/mdop/mbam-v25/mbam-25-supported-configurations.md
@@ -283,7 +283,12 @@ MBAM supports the following versions of Configuration Manager.
 </thead>
 <tbody>
 <tr class="odd">
-<td align="left"><p>Microsoft System Center Configuration Manager (Current Branch), version 1606</p></td>
+<td align="left"><p>Microsoft System Center Configuration Manager (Current Branch), version 1610</p></td>
+<td align="left"><p></p></td>
+<td align="left"><p>64-bit</p></td>
+</tr>
+<tr class="even">
+<td align="left"><p>Microsoft System Center Configuration Manager (LTSB - version 1606)</p></td>
 <td align="left"><p></p></td>
 <td align="left"><p>64-bit</p></td>
 </tr>
@@ -294,7 +299,7 @@ MBAM supports the following versions of Configuration Manager.
 </tr>
 <tr class="even">
 <td align="left"><p>Microsoft System Center Configuration Manager 2007 R2 or later</p></td>
-<td align="left"><p>SP1 or later</p></td>
+<td align="left"><p></p></td>
 <td align="left"><p>64-bit</p>
 
 >**Note** Although Configuration Manager 2007 R2 is 32 bit, you must install it and SQL Server on a 64-bit operating system in order to match the 64-bit MBAM software.
@@ -330,22 +335,21 @@ You must install SQL Server with the **SQL\_Latin1\_General\_CP1\_CI\_AS** coll
 </thead>
 <tbody>
 <tr class="even">
-<td align="left"><p>Microsoft SQL Server 2014</p></td>
-<td align="left"><p>Standard, Enterprise, or Datacenter</p></td>
-<td align="left"><p>SP2</p></td>
-<td align="left"><p>64-bit</p></td>
-</tr>
-<tr class="odd">
-<td align="left"><p>Microsoft SQL Server 2014</p></td>
+<td align="left"><p>Microsoft SQL Server 2016</p></td>
 <td align="left"><p>Standard, Enterprise, or Datacenter</p></td>
 <td align="left"><p>SP1</p></td>
 <td align="left"><p>64-bit</p></td>
-<tr class="even">
+<tr class="odd">
+<td align="left"><p>Microsoft SQL Server 2014</p></td>
+<td align="left"><p>Standard, Enterprise, or Datacenter</p></td>
+<td align="left"><p>SP1, SP2</p></td>
+<td align="left"><p>64-bit</p></td>
+<tr class="odd">
 <td align="left"><p>Microsoft SQL Server 2012</p></td>
 <td align="left"><p>Standard, Enterprise, or Datacenter</p></td>
 <td align="left"><p>SP3</p></td>
 <td align="left"><p>64-bit</p></td>
-<tr class="odd">
+<tr class="even">
 <td align="left"><p>Microsoft SQL Server 2008 R2</p></td>
 <td align="left"><p>Standard or Enterprise</p></td>
 <td align="left"><p>SP3</p></td>

From 92a7674f2624eaad793441a62c5c06609a71508d Mon Sep 17 00:00:00 2001
From: jamiejdt <jamiet@microsoft.com>
Date: Thu, 30 Mar 2017 12:19:00 -0700
Subject: [PATCH 05/16] Added a configurable timeout value for UE-V Logoff

---
 ...ence-virtualization--ue-v--21-sp1-release-notes.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-sp1-release-notes.md b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-sp1-release-notes.md
index b4759fe68c..061e95a56a 100644
--- a/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-sp1-release-notes.md
+++ b/mdop/uev-v2/microsoft-user-experience-virtualization--ue-v--21-sp1-release-notes.md
@@ -130,6 +130,17 @@ If a UE-V 2 settings location template is distributed to a computer installed wi
 
 WORKAROUND: When migrating from UE-V 1 to UE-V 2 and it is likely you’ll have computers running the previous version of the agent, create a separate UE-V 2.x catalog to support the UE-V 2.x Agent and templates.
 
+### UE-V logoff delay
+
+Occassionally on logoff, UE-V takes a long time to sync settings. Typically, this is due to a high latency network or incorrect use of Distrubuted File System (DFS).
+For DFS support, see [Microsoft’s Support Statement Around Replicated User Profile Data](https://support.microsoft.com/en-us/kb/2533009) for further details.
+
+WORKAROUND: Starting with HF03, a new registry key has been introduced  
+The following registry key provides a mechanism by which the maximum logoff delay can be specified   
+\\Software\\Microsoft\\UEV\\Agent\\Configuration\\LogOffWaitInterval
+
+See [UE-V registry settings](https://support.microsoft.com/en-us/kb/2770042) for further details
+
 ## Hotfixes and Knowledge Base articles for UE-V 2.1 SP1
 
 

From ffc75cbeaf0e8a84033cb27932f87ae812a8125d Mon Sep 17 00:00:00 2001
From: John Tobin <v-jotob@microsoft.com>
Date: Thu, 30 Mar 2017 14:11:08 -0700
Subject: [PATCH 06/16] Credential Guard text and heading changes

---
 .../credential-guard-considerations.md           | 13 +++----------
 .../keep-secure/credential-guard-how-it-works.md | 16 ++++++----------
 windows/keep-secure/credential-guard-manage.md   |  9 ++-------
 .../credential-guard-not-protected-scenarios.md  | 13 +++----------
 .../keep-secure/credential-guard-requirements.md | 12 +++---------
 windows/keep-secure/credential-guard.md          |  8 +++-----
 6 files changed, 20 insertions(+), 51 deletions(-)

diff --git a/windows/keep-secure/credential-guard-considerations.md b/windows/keep-secure/credential-guard-considerations.md
index bf97ca9299..c2bc39226d 100644
--- a/windows/keep-secure/credential-guard-considerations.md
+++ b/windows/keep-secure/credential-guard-considerations.md
@@ -15,7 +15,8 @@ author: brianlic-msft
 -   Windows 10
 -   Windows Server 2016
 
-Prefer video? See the **Deep Dive into Credential Guard** video series in the **See also** section of this article.
+Prefer video? See [Credentials Protected by Credential Guard](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=mD3geLJyC_8304300474)
+in the Deep Dive into Credential Guard video series.
 
 -   If Credential Guard is enabled on a device after it's joined to a domain, the user and device secrets may already be compromised. We recommend that Credential Guard is enabled before the PC is joined to a domain.
 -   You should perform regular reviews of the PCs that have Credential Guard enabled. This can be done with security audit policies or WMI queries. Here's a list of WinInit event IDs to look for:
@@ -49,14 +50,6 @@ When you enable Credential Guard, you can no longer use Kerberos unconstrained d
 
 ## See also
 
-Microsoft has created a new **Deep Dive into Credential Guard** video series that explores the main features of Credential Guard and how it works.  
-
-### Credentials Protected by Credential Guard
-
-[![Credentials Protected by Credential Guard](images/mva_videos.png)](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=mD3geLJyC_8304300474)
-
-
-
-**Related videos in this series**
+**Deep Dive into Credential Guard: Related videos**
 
 [Virtualization-based security](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=1CoELLJyC_6704300474)
diff --git a/windows/keep-secure/credential-guard-how-it-works.md b/windows/keep-secure/credential-guard-how-it-works.md
index 62b860bcb2..da731369ea 100644
--- a/windows/keep-secure/credential-guard-how-it-works.md
+++ b/windows/keep-secure/credential-guard-how-it-works.md
@@ -16,7 +16,8 @@ author: brianlic-msft
 - Windows Server 2016  
 
 
-Prefer video? See the **Deep Dive into Credential Guard** video series in the **See also** section of this article.
+Prefer video? See [Credential Guard Design](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=mD3geLJyC_8304300474)  in the Deep Dive into Credential Guard video series.
+
 
 Kerberos, NTLM, and Credential manager isolate secrets by using virtualization-based security. Previous versions of Windows stored secrets in the Local Security Authority (LSA). Prior to Windows 10, the LSA stored secrets used by the operating system in its process memory. With Credential Guard enabled, the LSA process in the operating system talks to a new component called the isolated LSA process that stores and protects those secrets. Data stored by the isolated LSA process is protected using virtualization-based security and is not accessible to the rest of the operating system. LSA uses remote procedure calls to communicate with the isolated LSA process.
 
@@ -34,15 +35,10 @@ Here's a high-level overview on how the LSA is isolated by using virtualization-
 
 ## See also
 
-Microsoft has created a new **Deep Dive into Credential Guard** video series that explores the main features of Credential Guard and how it works.  
+**Deep Dive into Credential Guard: Related videos**
 
-### Credential Guard Overview: Credential Theft and Lateral Traversal
-
-[![Credential theft and lateral traversal](images/mva_videos.png)](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=cfGBPlIyC_9404300474)
-
-
-**Related videos in this series:**
-
-[Credentials protected by Credential Guard](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=pdc37LJyC_1204300474)
+[Credential Theft and Lateral Traversal](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=cfGBPlIyC_9404300474)
 
 [Virtualization-based security](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=1CoELLJyC_6704300474)
+
+[Credentials protected by Credential Guard](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=pdc37LJyC_1204300474)
\ No newline at end of file
diff --git a/windows/keep-secure/credential-guard-manage.md b/windows/keep-secure/credential-guard-manage.md
index 88acb2d41a..a70d85eb17 100644
--- a/windows/keep-secure/credential-guard-manage.md
+++ b/windows/keep-secure/credential-guard-manage.md
@@ -15,7 +15,8 @@ author: brianlic-msft
 -   Windows 10
 -   Windows Server 2016
 
-Prefer video? See the **Deep Dive into Credential Guard** video series in the **See also** section of this article.
+Prefer video? See [Protecting privileged users with Credential Guard](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=JNbjYMJyC_8104300474)
+in the Deep Dive into Credential Guard video series.
 
 ## Enable Credential Guard
 Credential Guard can be enabled by using [Group Policy](#turn-on-credential-guard-by-using-group-policy), the [registry](#turn-on-credential-guard-by-using-the-registry), or the Device Guard and Credential Guard [hardware readiness tool](#hardware-readiness-tool).
@@ -186,12 +187,6 @@ You can also disable Credential Guard by using the [Device Guard and Credential
 ```
 DG_Readiness_Tool_v3.0.ps1 -Disable -AutoReboot
 ```
- 
-## See also
 
-Microsoft has created a new **Deep Dive into Credential Guard** video series that explores the main features of Credential Guard and how it works.  
-<br>
 
-### Deploying Credential Guard
 
-[![Deploying Credential Guard](images/mva_videos.png)](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=sRcyvLJyC_3304300474)
\ No newline at end of file
diff --git a/windows/keep-secure/credential-guard-not-protected-scenarios.md b/windows/keep-secure/credential-guard-not-protected-scenarios.md
index f656c9038e..5f7dba289d 100644
--- a/windows/keep-secure/credential-guard-not-protected-scenarios.md
+++ b/windows/keep-secure/credential-guard-not-protected-scenarios.md
@@ -15,7 +15,8 @@ author: brianlic-msft
 -   Windows 10
 -   Windows Server 2016
 
-Prefer video? See the **Deep Dive into Credential Guard** video series in the **See also** section of this article.
+Prefer video? See [Credentials protected by Credential Guard](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=pdc37LJyC_1204300474)
+in the Deep Dive into Credential Guard video series.
 
 Some ways to store credentials are not protected by Credential Guard, including:
 
@@ -153,14 +154,6 @@ To learn more about authentication policy events, see [Authentication Policies a
 
 ## See also
 
-Microsoft has created a new **Deep Dive into Credential Guard** video series that explores the main features of Credential Guard and how it works.  
-
-### Credentials protected by Credential Guard
-
-[![Credentials protected by Credential Guard](images/mva_videos.png)](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=pdc37LJyC_1204300474)
-
-
-
-**Related videos in this series:**
+**Deep Dive into Credential Guard: Related videos**
 
 [Protecting privileged users with Credential Guard](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=JNbjYMJyC_8104300474)
diff --git a/windows/keep-secure/credential-guard-requirements.md b/windows/keep-secure/credential-guard-requirements.md
index 59e3915359..c2f3f0fc73 100644
--- a/windows/keep-secure/credential-guard-requirements.md
+++ b/windows/keep-secure/credential-guard-requirements.md
@@ -15,7 +15,9 @@ author: brianlic-msft
 -   Windows 10
 -   Windows Server 2016
 
-Prefer video? See the **Deep Dive into Credential Guard** video series in the **See also** section of this article.
+Prefer video? See 
+[Credential Guard Deployment](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=sRcyvLJyC_3304300474)
+in the Deep Dive into Credential Guard video series.
 
 For Credential Guard to provide protections, the computers you are protecting must meet certain baseline hardware, firmware, and software requirements which we will refer to as [Hardware and software requirements](#hardware-and-software-requirements). Additionally, Credential Guard blocks specific authentication capabilities, so applications that require such capabilities will break. We will refer to this as [Application requirements](#application-requirements). Beyond that, computers can meet additional hardware and firmware qualifications, and receive additional protections. Those computers will be more hardened against certain threats. For detailed information on baseline protections, plus protections for improved security that are associated with hardware and firmware options available in 2015, 2016, and 2017, refer to the tables in [Security Considerations](#security-considerations).
 
@@ -116,11 +118,3 @@ The following table lists qualifications for Windows 10, version 1703, which are
 |---------------------------------------------|----------------------------------------------------|
 | Firmware: **VBS enablement of NX protection for UEFI runtime services** | **Requirements**:<br>• VBS will enable No-Execute (NX) protection on UEFI runtime service code and data memory regions. UEFI runtime service code must support read-only page protections, and UEFI runtime service data must not be executable.<br>• UEFI runtime service must meet these requirements: <br>&nbsp;&nbsp;&nbsp;&nbsp;- Implement UEFI 2.6 EFI_MEMORY_ATTRIBUTES_TABLE. All UEFI runtime service memory (code and data) must be described by this table. <br>&nbsp;&nbsp;&nbsp;&nbsp;- PE sections need to be page-aligned in memory (not required for in non-volatile storage).<br>&nbsp;&nbsp;&nbsp;&nbsp;- The Memory Attributes Table needs to correctly mark code and data as RO/NX for configuration by the OS:<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;- All entries must include attributes EFI_MEMORY_RO, EFI_MEMORY_XP, or both <br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;- No entries may be left with neither of the above attributes, indicating memory that is both executable and writable. Memory must be either readable and executable or writeable and non-executable. <br><blockquote><p><strong>Notes:</strong><br>• This only applies to UEFI runtime service memory, and not UEFI boot service memory. <br>• This protection is applied by VBS on OS page tables.</p></blockquote><br> Please also note the following: <br>• Do not use sections that are both writeable and executable<br>• Do not attempt to directly modify executable system memory<br>• Do not use dynamic code<br><br>**Security benefits**:<br>• Vulnerabilities in UEFI runtime, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.     |
 | Firmware: **Firmware support for SMM protection** | **Requirements**: The [Windows SMM Security Mitigations Table (WSMT) specification](http://download.microsoft.com/download/1/8/A/18A21244-EB67-4538-BAA2-1A54E0E490B6/WSMT.docx) contains details of an Advanced Configuration and Power Interface (ACPI) table that was created for use with Windows operating systems that support Windows virtualization-based security (VBS) features.<br><br>**Security benefits**:<br>• Protects against potential vulnerabilities in UEFI runtime services, if any, will be blocked from compromising VBS (such as in functions like UpdateCapsule and SetVariable)<br>• Reduces the attack surface to VBS from system firmware.<br>• Blocks additional security attacks against SMM. |
-
-## See also
-
-Microsoft has created a new **Deep Dive into Credential Guard** video series that explores the main features of Credential Guard and how it works.  
-
- ### Credential Guard Deployment Requirements
-
-[![Credential Guard Deployment Requirements](images/mva_videos.png)](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=sRcyvLJyC_3304300474)
\ No newline at end of file
diff --git a/windows/keep-secure/credential-guard.md b/windows/keep-secure/credential-guard.md
index d0fba3ca1d..b36d3a7301 100644
--- a/windows/keep-secure/credential-guard.md
+++ b/windows/keep-secure/credential-guard.md
@@ -16,7 +16,7 @@ author: brianlic-msft
 -   Windows 10
 -   Windows Server 2016
 
-Prefer video? See the **Deep Dive into Credential Guard** video series in the **See also** section of this article.
+Prefer video? See [Credential Theft and Lateral Traversal](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=cfGBPlIyC_9404300474)  in the Deep Dive into Credential Guard video series.
 
 Introduced in Windows 10 Enterprise and Windows Server 2016, Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them. Unauthorized access to these secrets can lead to credential theft attacks, such as Pass-the-Hash or Pass-The-Ticket. Credential Guard prevents these attacks by protecting NTLM password hashes, Kerberos Ticket Granting Tickets, and credentials stored by applications as domain credentials.
 
@@ -42,8 +42,6 @@ By enabling Credential Guard, the following features and solutions are provided:
 
 ## See also
 
-Prefer video? Microsoft has created a new **Deep Dive into Credential Guard** video series that explores the main features of Credential Guard and how it works.  
+**Deep Dive into Credential Guard: Related videos**
 
-### Credential Guard: Credential Theft and Lateral Traversal
-
-[![Credential theft and lateral traversal](images/mva_videos.png)](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=cfGBPlIyC_9404300474)
+[Credentials protected by Credential Guard](https://mva.microsoft.com/en-us/training-courses/deep-dive-into-credential-guard-16651?l=pdc37LJyC_1204300474)
\ No newline at end of file

From 113750b8e36a7ffa1b71474ca8594cebe16bea70 Mon Sep 17 00:00:00 2001
From: Trudy Hakala <Trudy.Hakala@microsoft.com>
Date: Thu, 30 Mar 2017 14:36:10 -0700
Subject: [PATCH 07/16] adding content for auto assign subscriptions

---
 .../windows/images/mcee-auto-assign-bd.png    | Bin 0 -> 62346 bytes
 .../images/mcee-auto-assign-legacy.png        | Bin 0 -> 34151 bytes
 education/windows/school-get-minecraft.md     |  32 ++++++++++++++++--
 3 files changed, 29 insertions(+), 3 deletions(-)
 create mode 100644 education/windows/images/mcee-auto-assign-bd.png
 create mode 100644 education/windows/images/mcee-auto-assign-legacy.png

diff --git a/education/windows/images/mcee-auto-assign-bd.png b/education/windows/images/mcee-auto-assign-bd.png
new file mode 100644
index 0000000000000000000000000000000000000000..b14990583f53d67dfcfe6c8da3543330becaa190
GIT binary patch
literal 62346
zcmX`SV|ZlE*Ty^X#1l?zTN8GYiEU?MO~<xv+qR8~ZFX$i_Q~^q&p97@ckiyQeO0e(
z*IK{(uG*pUvSNsEIB?&-eM6KG7gqfC4Xo|!^T&7SucNd?x761gn7yKy;J2ztyyLGE
z$iD(I0^h#XM#I19Lw%jY+K6k|fBS~i``-%;gG$op+qYXn31I<c7oD^BzcFMINd(`$
zCb{4zN#kzEciJ_6rDlOav!*O-kB`GWRjqA|WNuAejEvL{Y``JascW3U$;y5^qc?)-
zo<#5g!(QN><JF#@7ips@r>UoLH8C==IYF7^>Uso?ug#B7@B&Ck>+9Oy?Y&LP<g)ox
zl$7R*r%DP1eiM4$&4>|tzD4wwRlOeNNAtZL?fyme6k7cH@@{5mip`DNahd<$vRHME
zI$g=)slobx4c9F*W9oA=)69RQSpMsV+md~UsQq69XKp0(%8J>!hu<t{`Z^+GSvpWq
z;OAw2bVoOS)GM5Gw^!HkZcWa8xtI5ef6p#F+9Q1QP<}YBzS)skV_HryGGXuOy@8(I
zZyDG2EtW2et%qZ%c{3Hnd!#Hq0Fnoa+r(_!L^lCthU}rzFLgWZ&XOjkUaRKvTt>__
z3OPGM{JkfSI3^yiHLGSEZY@C6^|o!~xz^(2rZ=JP>&l|=X5+HOj=F(AW&Xspt!R~U
zp<>V58-OJCyQr8L;h+46|AO)LzXg6oie69hTyCXrz7^Fd07B;@G9#Ky$yRyUoh*(<
z_v^M2CCO_q{ui(O=wh(5z<NuA^nv81C7s%M6DNw_e~;L}mZxj|zT)}ck6hA-R?7`)
zsSpT*Q?1#YiU{!Io#5*Ki}qJ*mTFCh!BE7x%2ZHPE;e`3|KDfkIH52oDo9r6@&6sx
z99)wMPHGQmn)yYv>i>E(!nZ9~L<L<i$zQIH{$I~dy`!xBU83yMJsx$IRD_GQR{zjY
z*of$8QgpadMK=)DBmW0gAj~z~08Y(xwXC_!>9fL5E30HC>;@9Ya~LW{?;yM9V;3y}
z_qeR)f2$Tg+jgz}5TVZ=UUJKQ0VVl~C*t)%lo}WMq?qCQHa7B+_cLPFoZcS*tBv;3
z!Ivjj@MzDj8`>^Ej!h4x{i7a^91Ba!?IHdT<}A+#jcbE=JtnHGVpcw>$Kjx;Yv<0c
zaF-@O;ap$XE{w%y$rfD0zD2<$RloZ_Z@<w-ezJAbMA|-ZN^CS*YzeQ5T!u1Z6zCvP
zSAF>z`Hdwz_1z9eHXqhvIil={or||P%_6QhuP!EsQsuJzo?6A-8}_AAU)n@eOPFR~
z194=?a16saF`JiuGJ=iP$oWX^Up;th%xhN2ct|{E^I<N71)8TGLMUUa7EYb~Kj&X|
zyZVxNh!;ygwM+;*{9dKGE!lPMuIrJ!G+?`~_nN(5n^mF+<kqI&U!O_xu1T8g9NU@C
z`@22>k>0kX#YIg_cQfA6Z^d1V?Ricu*X3Q$%~vZD93RV{Z=Zb~69`({ux}Gx_ltU~
zEy1+udlLJYwyy`CMqy`Mb)PNX(@P8pg##!3f#Flzv&$&$uiJ;ihd0ABV2O-0$RoHt
zL6h4yM5)qgI1J@|fvi)VAzfFM)g;1oY8$Tv8(nW)iMxU%iK4A}?FK;p`-h;RuhuR&
z=U-v`uBS?S@au>HlvsnGA6-vVHfO^M{Y~swAIP6r*4mxEY0K;N$|%+Rez%lUc}ePh
zf5U0D5k3DmGvXoT`n}H=y%4)z|8<qy-RTK6*Vg)GzwJ@F<FpC2iaxFq4qb0{5e{Wf
z99|)Nr}alCBj3buMYiA5WPP5f*}Sc3EDfh~*&ZOs#xv9WG;evl{`d6uLK60i=gs$9
z?>1Ar4l+18QlQ_}^q^}yUqA@q_Zo$|K8Xz(CSlubH7x4tGy;UDEvKg~#}{8aIRCk!
z>oM=^RZdr<1e_y1nVpAc=HKzYW8OD}SDPP;pK@=(ggT<Y2Y}c8zs=seC8i8nj`M(+
z6egE722L%jCoTen?p@nHu|a0K*^FK+dv}+0eNIa&GBgDc)de!-{J9hSW!&vm(?9Ku
zU>1~fE581&r@x=@ouB@XKML$TL6}yv)a^26q`~X3jPr?Of{i|>%~e|qZs=Cgv+P>@
z$#Y=o>(JRT`8O?{NR-EUH$q?vSwM4|^tu0=`6hQ~Gqr{2{-v-Vd-|{fQizM}v@M)w
zeU~0dgZy2c{LzzU_q&X5g_m2Y)$O7C(Hp%(YSp{L$M#PrjO|g6A7>B=Bmb_+E^-C!
z{!V3xwkr3Yyuj(WzB?+%D`>gbMAp_~w^Wedq?on1pF%@ZL~r+xQxUAaAcX&e((*V!
zU2A~#Vu|4xUd2h{3)&shQkPM;^|1Rv`1$nu^s$;8JKlhM(gEO3?~4p)><m+5BpCRc
z%->r%K;QmSdAXCU!yV|n@s8EhO(lzuEn2H3%F+}Rn1`$Td9pa|;sTXjU0`eEmN9B$
zXnxG_@$_|X%}66sPIZQTKB;v@&Q2b-WMAuBnV~L-A{K%u_}Z?&b-n!b!p@Qe_kIfY
z_K~xquaOGwdRFt!j7U>E8+xYA-d<vzBEj+WdF1a5|Ec4Kk(kLg3GgNW6T@z<@`O&N
zL@;0WN1NjH-<C&N9U;NA_6!?Php=vcLB-ajW%+lip6fw5ndM9VFL3IzV&~|X_4~ik
zr?YtE>%&VOR?GPRWl#SdCSLB<P4W_bFoK#V6&jCB3uk9F7inpa%8K~hSG~dzqt38>
zVW@mBT0Tws9i57I%dL&Z?7TYLKg!b~qJ2TEe`O8+x+emVIG_iMw(dD=)5r5-CUXxS
z4Ex1&aL%5NqdyTgU$<AqV~RQ0(0jArM;^Bc2?V^HA-WzJKRNnYMeukWF{4EBYa^jN
zZkBn4d(o&a*9N<uoxKAJmA|t>Ad=<dE@^c|X6xt*<R|q1&DI&vWGh?{M?N>s1;8>1
z`M1v;9dJ911bu>I=SX<tBPT6R4;R)XFp!>=>~`?Kc(%Vj^FF~8|G>c#pza83{_MN#
z@xH^}Q@z;Ul{;j{y3UszG`D2+mCS5sO8Z?=#h_<l1i8rA70v&)5seZR!0c*)x?zT6
z{rMby6<>Z^vVda~1LOVy!aHx~oFDeBVHDO$fhm>N(%MYV$nY&xCg-BP(C&(OPSg&7
z8D6!BfeA+4@O*u3@i0eWwg1cXiz`gjBo*Nk1}lRXNp3yNj@UQ5^Ha%UKoX1KYWL%O
zbq|FvCp6qO{ePf>hi+j#nZf0+`+2Xc#^rVeFSA7aM@I*963e?x?4M~&WQIjG(mrT^
zq7v2XjwqTIm;CK|9e^1R^SUSE?{#m0*Q|QW$-)Ke?u2%2fPo0F5|6-SoibpS-?K_7
zyX~rl1d?=RLBL1|C$}XP=S20Lx)dSC7;wMz^a1_~(0y;z9lYxg;Y=KPCeaCILcqBH
z2zToch}`{AjBYtgr^mmg<j<Fld|XNXcI>XE?~G^wKo5vSDCjfu9XJSJ9A}OChR42=
zp@}_UfmG-b8WDlPN;$Q?){5Ql>|9fqq}*6$DY&Xr#lA)HzAYXCkYZ^Ggu4kP!6r1F
z{Vl7~s@%Wu!g8^p`#Y$qR+1oR?6}XyC<Y<>Cr`Qa_1swY_7m&oU~|_ExF84<&`O;k
zMWs4cqKLbQqoPdjBt4Ne$a*+M+-XNh==DTUwZ7S3{kGs87Ct0)^?Z2C>3U55w$r?s
zBWuhDcJe=D!LgwtSXXR|TFyaqO2^R6bTs7E=<(39KBHsXa$Dp-JDO2YVFIv(2=e&{
zK9dWR2&}bvL8O*J&0AnP;q2wp-U6p{xLMfYyom&%0}#+>PDXJIQlTk^D2F`}Nq@i*
ziEd!fAuZ9XB!p>LoLTh!#Ll&ZH8dfK7<h(R3N;=P#HeYC9|8^6w3sx?Y{(a`c){%G
z5a8?D^Vq$i%Vq<7mqVHRomFcaP(+MezF(hXSs)=(^dFCWt7ybq*f9l_=%gbP>TyVk
zj_U~05%fL0U^X>1DNyX5<^YJha7UhSP=E1@j+Eo#;pMy;uVw4{3|aNP98lzqM3neP
zM%>@sv9*6NVgEvA;R#RKq|xKV>-m8#UOgA(LI*|JXq>N^yDX28YC*8<;5$mI&(juV
zQHn&^xcqX!aI=py{}&?^vQeTBE_+cV9_c2)aIZ-b-=c{-u9OUupepCHuH`G&>@wM=
z5Ul5F<-g8vE_Y{I-h8J)e9~6!xBEpFb}qCzz5faJEcf9U{EvbDdrY$sDb-DDT!}-e
zx=-J3VB*Pq&9Z(e<_H>uNfaJseu5B9DurCJpB4k-g&BfK5EI)ELE>~_x>#aQ6a*wl
z6jIV;>BB8@QVte$0S4^iJF*I=pLh?@cF%CoK|v!+pnlUXgVuG@^;4Y8K%522J7mT6
zo28WvfzXptx5`FT#Z(gL;NWeN-5RvWJZXaXRecfSOu>mA;efqfBaq^?cG(|EfQ5BE
z*VcWDLjF0!?3$iS0z&&(6y!+3a6G*GIu-iOaB@PZe`5Q3Y%Oy@DgNy;dY(d=P$mU*
zAL*5QW`kTkTPzhR8`JmVM#&&PS=pSxl|@O>S;<#kv5gEBmr++5CSjee-@~*g{jW}X
zHX(o`gdI>*t}pS8H11NN<;aCC2k?J<;??tTP*XL7AC~LBn_aaN-*~ZTx|EOG{)Qa;
z{-o=C7nWsmW_<L2RL%*&E6U|bFn8$i>0l1ha{2E9U;GcS0x*{=IX_KP8B^cwci84$
zj(ia=p{K|5mGC-k_*nD{n#(+B_gl7==j>(c+5d?ERyX|UM>YqK$NelINUv1wp-5Ca
zgJ<8qdPSRg@M@Qg;V{Se8lTTYc8RW1PA)1-S@&2e`{iyR&Z&YB`k@`$7zq4cUth0n
zE&3e!x%-L8amlA_n5jQynVS_3pWm|)yLhUiM6_c8IUtom$Qoh%c)i~ne@5#G;N7wf
zwPrio9Sio4Xtl8Jd_T9|CH&~~F8N}!Awy43{L9YQi~LQ;<?!5BT<=}$t%dVdvkG`O
z2iE`7dr!~MtLfHWx9Lx>-k+D{c)SmWM@W}A__(zlCI6FyDBbbbe7rg@8vWa@4$W4j
zwg0P=L;gTEnoii|p<S@9K^qqrbpY#|NdC`gD@#kn%Z|qlG=SqWhl7j_kCR#Xe>c0{
zmKvIswRL#){NuGtceQ&)Mh1E{;4RNKCFtTxR{Mb%0Z-RqpONHNVEHT5cmyx;Lww`i
z92^&cow+>1Kt}Ayq1_JNr2h#agsj5HFO7C(Z+f(}zdu(WEqT^h3!_Gp=m21MVX4Ng
z)na6g`)`z&^Y^w)0FlL`Ct`tLR03rixjvC_*}GHwb`=@?+fGzl;mv0QwYi3~e5dt4
zpW;#12HzTkbb4L|R)4PXX+DLsq@2I|U2Z7))9k$vKt`u^MQ0;kNqIcq>U#nRJg}>0
zuB9@wy+58A`zEL`UET#EA`toxorqG0d#%b1Jk4Po%aGM##umzGP6YI?R}Wi;R)0zr
zZEuN|sQt+IFOol)TBB-fuxzjqQs_8oEThUM9xZk#gMD|QzefJ<b(G43>5ZSO79dJ_
z{RYpNhoal-pGXyz$rmo@_EU|&i#$TxohLK|6*E0Yng$1vJtAx-;r9GzXRL%YLVyC}
ze#~Tn0?l5G3jg==qlS>FmzGS`Gtp-Ga{Do6Th9cC^W93j^>qDoG=VOddBxmki9B{L
zWB;@_J}>s#*49vAlH9=;PKzr}Hg@&}4hIt#BOx)jp`z$*P$(CAyaL(mTTch<$@IS#
zTSI~#Uwwpt_hIrlASds4$oCTYm75jr*#S=-`1%zTgqC3@qZ(W}lFW%Oy&rbDYFtO|
z;;FMlhsX&Ifd%(e)6^ak)Q4!EALc?s+bM5ViJ?$7dp2|_!X7WE^?r3MVDm$W!}%EF
z?eKHp6G`Zp=cyi<aI1Xt4Vs;BqvsEQhcDVtQB7luPaM5Z=*)MxP)CdYu#^H%bxA8j
zN7}&rVp-y&dVSYpcA6+AlOSlD#|6hV_ZpH;lTO`;3~$&W5-_8@)2$AayH)unX#MJ>
znt%21!9&rcL(zE&>pjJU-U#7+(W%R%KxI4iqBiynFFbxbNS)-&_H*roksnCN$i&&w
zVeRbAKjVc^j11F<=L1~H{9EB^?*n^62ur0^JyiHQ@dr*`iWE!vyeN92F|V-Zza|YX
zr<Z@I1z9K6+Zi@@+RUpUiu9Zw2Tl_ycDbIL8<uK1)UR^*YjyBMK{yB@Qnnwf@{$EV
z5SDGvR}d@C$yD$=dd?jUK?*~W{~l|zstnA`P>G}c5&pzL>y!nDujJ_Xld^?qc7`ak
zh(sy}_aQBnM$HSN>?<eik(MN!lqAEe|Iz+U;#?CQO)x&)5vKbZ?S(NV`&`qWHXz;|
z`Wk-Q(u&uItNTtvmugv1CVP`(@tZktejX8FT9{-98uc17@z{6$REVn{$=wA3r3*Rx
zbC3RQ=J5k><mN-pyDpc9mD^|h0<(;rCu$-xN8T<kWg<?ZtY^6-=i(+mCVaP^HoN<n
zaFBJXBO-=0dW!!87Bz{u{bkKndF+?bt*f#bM#NNRKy!*vt$xpq6M{V{1TbM1xKvqk
zv$*)~UlJp*hy1Q8F=<vAkJ1q~A8FaB`k!r+j2&!x)ag<`LG-FY?q6Hq8Wk4VWrm-7
z&E>1iEeE0b{a%uQi=`bi7?B-kn#IUN@}3)8EW0enS-td{E~)Jb?u>x(jgKF@3TqUT
z!xgAsChnWThYQg888^cA2H{_lBuR#N!$}8>+0M-1@*C0Tcl8(HJeLjdkXx8IY&(qq
zqaK2}9gPrkC^fir-ZMV_y)hOl%jUZ*Oig2BpkQB={Zxh!(T;z3d)9R=*wZi*cjnnL
zG|I!Y)5Ty-A_;`obiEfF%JA&RHe=`F$oFMS)ji<n`Jj@Kh4zm50rpLXe(vO7`)--n
z2349I>GKoYvSQhhmO>V;r3@5dJXIr9*cC|@gGAH?4))rA|NJd{yJ!f7xHI!CVe{iA
zVkq6vaA&Ak*yavz{>%K?gm-p?kbMu%ux9E$9o(I%e%2LR;hkrLb%jRBP4QxnFy2=%
zOUug&hA?2Rifm6ZGBQ0Hw0ic25F^rI2oeOfnN&B0IK8<<H_t35HHK6>Lklm^s*CIj
zRTr0RqJ@G4;m+Us@^{&$-A9O)m;lTWgs!fkMt%rpe(j<wvSz=F2cp~>BbY3^!l5_u
zT-yk4$mr$~Ms4({@I-49h#3vSPi$*&1)faMvjWc!GdOW~+?d0I9}jBV8+=}of7Z0u
z`Kkl_wMe20VUTNT8Uir#@L9lD|Jd4=S>JC%09<M$H`aa>Q3Nr0pDSr~Iw5PMaRNMS
z2><-E(0V|wlFLGn2Vjy~S4d`A#lFa9P|!&1&0;5*8Lh3cm-XT7T$5P<xV}FP?}i(i
z2j47ta5@=bT1i2qo0ktS;;{MF#QyCHw><G@zCk~i<;eE>9oEE{n(HOtII(AUH5WjJ
zK}ujLl!4%N4&O#x{8dCbwQ4%J-0rA4?<=iK@pzv){VdqS2L?o>rKLk~U!D-Kqf5^w
zMjpzFm6FAx@KA~uxUt*%T25z8>cb^x*Rmoi?E1hkN-9cck;>Ww+kKZ)HPClfmxvex
z_8)kd!qXLiH4}&Rqmc}IkxQmqmLO9fiu~o0MZMgc3S~luOx!su%EuA~wBqrWEW{hW
zB_92$KuSmvoTWxpP+GmxAMBphaUN6tVunf(rYs3V_$dvJ?^vUHX%%~|j7Mdqfa9T?
z`co558SM$?cqV5!N7uaydh^9@W_Ek<{CWj&)vh%lZsFoJU{+NtOOf#3It_q_f+2f#
z+^RlDOW{JYQPUJvAd3J8kXzO*5ubrpk7o4Uc^F>0Mlg=jQ1&$#Q7!Uj314=!cnwe3
zOk`7!7ind~tdQhEN##t=QS3h=(>1$Vs$DFV>f|~;Z{Fm~Fn5saoxTTW$flJuJm}=*
zLR_Kq$=2nusIl^@ii#xMELt6V-Ej%Nqj^2539-|%`gvmHAgMf+R)eEUx5T*;@|53h
zf%iZ9@v=f(pF^_ZXLkzwDXt?M{O~{NbCl16G&kKS=m}tP8M1+>Uj%X3{SOW0U>?{U
z&NBZ;iT|Y=4A1EQ&xR#;<F)^)lmADMZ_<WS=?YKao3(~RZ5t6c&7TjOgXgQw^GiQr
z_$Fv{ecnijejWY<uS9Gics~sYhOtt!n(|72xUP>X*2goxs(m;}x8AvY@8~MFyW9G@
zQX!Ug$Nj?pOL6O)@7fAmb3W-D);n*{w`LXi8I!C1Q&qf3Hm`|h#(O8^38%B9KjPj`
z0m?Ljn9HhZ%QCD4LRY4_MU4FF-Dh6{Us#B>x<DB2WIA?}I@dgot8FP#jFsBV>fOxR
zq4aaMmm~_0XXTdtWGunJGI6=wNwQ5=Qh4Py)tsctRq*Fs*{jb{iN&R&3)aq0Vua`j
z8)^MAP7wD)$h*@sCIT07RSBy!Zh<{5Z%SA2E~Q*4Gt^DZrxE21W(L1AX4iA}+mM-7
zG^N$i3(yyrUtwIYK25kyYucH*G@9+%ub5)^Sg~b<!-*wo6o8@zftv1kZQj@4Hlk+S
z(2_JQO^M|QFaJAfMsM&G%H4@tBu7Tt*g+gazRlb{t+fGe-N|8EiXU_Jk3DTw0I0<Q
zua@Cg4!y$|1qdMOnwb#8e1#RXs~U>!0*wuY8toT^chZKRsYK?0aS~HfC!>^Zs*S;q
z$@VYe`soa%^6liMW~Oo-Ya+l2wr8f6$1FC-Vp!iocKCE)@5%>f&X7OoBK%R#J4wJ(
zaAO&eWW!<Vh#{LuR>0S9P0S-NHlra9g(Fr`$O75W5^Jr<Z4X)MIEQk}#!@74oQIeC
z0C~7@`om3m*qAN%MD^)yPH1vYR1=$IBP%)AHr+L?;A&zzA@*eQ2bZ)9w~P#F0hT(s
z%r><xQgcGep)t@7M-I_BF4m8}f!W~)b(%N_i?Nx}Zx|<50Z>=|4}nBibhDGiVaOso
zcQi(*m3XA!G}=(pHcOlm+5VsLgxYO%bBJLT4|9i?iC8NyGcz0x(I_1kEHaZ3kZE9~
zK=JrF?!ZSsim_9Mmj)vNJdT?PQ<hTGSHGkYGJErG>mDGaamvUe^uU_w^W*G{ifCmz
zL*}V8Z9Ty6ZxioYj!cPuZQK){#poBKf~K345LlqS%)56mD*q`cHQ_o6s3}nES35+y
z+?OzwoV8R^RCI)DHWxdcLY+VNccR@VE^z~o;X=z&{Lqx+_GBbz3NXyX4%z4n|5!nt
z^_+jn0(ZD+TRk>|XwS(JKi~{PIS2_ePEkZ1GNC4^C@_-j2HPcAMiUzxPA=W_#3Vy7
zV&_C|o4R1wRKZgdmpY6)VP0}RNydhxx?fIa9-IaipQNN>KE$V2i4+_?za&p}mlidR
zASg+Sv3R&)hrSa$j22s2yiT(wRd<^sc|7^XZdlyCmo7dQQW~|y!gGEvWCh0!Qvr9^
zMgk;Jmdxx)Sa8HlDrt<8G~?CgkczGmh@KT9pT({?7Z`FkH!@5n_UIS03xI1pDW=qH
z7%(Lc@eU3YVs;on^;XGYZHRXLcmsHBtZ3l;l4HCsgN-VGGilRM_fIG)l<GHT+iO(O
zE<dJMRACZUk4!1zMHGhrwRX26JseS;T<o=ka4Dm?fjJ{+MJmuPzktY{wz8jK6TZ1K
zVtNjsuP7`v4~nG>9MB`qx!M=#H&EC(V(_vw6~3va@6hPak5yz%j4&Q97##y8iDgfM
zlW0Gponh9F>&GZmKjioOqZ}WJmm%O!$;`TFk4XQFkDJV<%TLj?&X0htZHOv9I#y4r
z@{|t2EUKfC69)c4hTz5K-iWbkxmo_}(oz?i7HWQ@=LnTOu~{q+#qW7Jq^_-z%LGr;
z>j4oV$|9}o$wmB2+djP^lPZ>F35A)=YjtbfU3%AitEDL^RDaKrG{|?TkS%l<M-G0B
zZ0tf{(9Vqn5j|-v(Rj~o7?@}&9jiA@E)G4gZ)a>aTDGm~3TFx&#hp%2x@GMT5HXx)
z24>V??Yg6tvm7Y7xG9FQ$;F3q?~=x*%BFJfZHGA~#Li{WnfiB*&y^Ve;2yzl&d+qo
zGZ@_DS9tFA5x<{qq>k6%BVqn#T5y17Bu&aP#uzWFO5I$k{opfW<sc~MtWCi0g~yjI
zR~i62TMBtGF=gm-^WB6(RCxZ^+82VXUPI~t?9ur@Zkth%Tx)Avqbztsly>#UtE=@r
z?P0)hncNRh83?j_6UVaiF7SJsJD(jR5Q3Ctbdji>wM_=JlT#%H_E9w}>DokaK@PD+
ztIp`#E#qkViHt%U$9SMT(awzK)Plobh~U+1UTCQK^ygc^rtm7?@z)F#hY%nbe%k?i
zJtvI=b(<yIf$8E*MYs<t=GehC>2+FNgX)K*`k(MF=Bl6pNhy_G$Q~30PnkQ2U=4cM
zb1-s{CR=W_#8HZ#@RVO%iGI2?(X341gTjV@faib(%lrx@jdE-iTJ;d5G2Y^+C%C2E
zH((>Y+j<HfLOC<9OT~UN_vc+P|3It#A<|*hn5<}&?dwO}lf&e}3p@5m-KdH@?SAde
z76ISOl_6b46=|&aR%`XUNCuB5_{b5BZ1%s9ORq!3_NNKm?z=rQucyD>Vf%%y=y23V
zaDj|DxOhk{t=zGun~JXO9W1|y4`+Hsc};95NY5atD>bU<7#+mPh+whi2z}YCi#3o9
z%(mIZpIa0f+eI53Qjbt9^W(tM+KE)0<JEKE8$4LXZ;tn<GIOsXb$4LdcFle}P)O+f
zHiegINmQF4B?^W`$8d%Ghb>Q(X98f&6H#jVc><nUf*0GY;zyR(@aqvjaIZZYKaWbY
zAvSIeatO-wI9jldFBPbtv%ooNPT&5MZP|aiCuh%t4WGr0-C<o`5ZmbwhJPQ#4rvyP
zRwvP<mK(w5^JKHlM?c=1PM6CPYdUTB@m)A_2zMq@OQ!7TY3~sTVdH6%aXY#5Ra-h5
z34hjv&$R(Rf&w@1e2_ga5EFA6{6td<O&DIg9ij`Co`iM2h5=b5%~q#5P^5yE_a(Yv
z+D{_1p#(#DUpbC+qD>NnY9UZFyhIH`Jr-~Ker~EcW()+ynL-(V&m!)SAj!p8Oge~}
z9q(7xhC=|Kpn@r2TNee!xSD_<*gD*22;3Zpl7Ad$1RKjl?sn=|eTD~XF{UE<_08t@
zNb7RMJtU*@qT_|-+A9SvaO{>WNaSwsY_B~*PU7<l5>x89y`Q=~H&z?aYz>AQid{GA
zzDRM}->}IN{PSTQikfjl@;+vKH;zDzCXF|oy86+4C*fD#p*Bz5asDmg)?u`IKmNv<
ztQBFQ_?WE<du7W23;5(FYwt9!PtUNIX5glnTMmy_n2JWv9jnkfx_FWoZyaZoexKwb
z6L&LgXL-NZB6&bW?AMwRHz<FS19Q5VGgiJ^j$%sg*D&2Hql0Ewp`^~BJEgXw06i2M
zaVGm?ht66s7<z$xZbN>hMacUo)F`EpKkTC8NI|ct8qITt3A7(m2D<&l?Zqld=q{v{
zPitJOp;R@~n28Zzoy=TNvQ%t&bCQ+|Uyi~`&^LUEW6cmj3n%WUDF3@Za{N7SKHkx@
ztr)55`!5mqQ6Yo%GP*y6q{4hcso;Zvu;kJl?QC%j3p6ekXi0G?1w$E9fnyS&swk}t
z9eE##6nu$7CMHV4ewrXORRlYGUxI525QE542gU)@MQi?Sp>cfF1C)PA<f66er4DR@
zJ>SY%3>*QwePwGfcldG)85p$NK;EpQKOrt;dB?B%XUbwyEETmz>{GVvKsnG{vfD+E
zc~$Aa1vzaA1#)Tl)Go>yL9t3Ug(lJdIEf^s5KJ@m$vJq3{gUT2SL%(}C!j*<J(aJZ
zsD=_>_Bqik!RwZ#JU~gYXz))j>Rt)D>Ioe)6_s`H8i8F4l%WoFRiNnraUh8BmRmvT
zfob?m%tNyw+4zBVv;oL?M`BH3_+K5s{<KBwi?Ei}_G&<LFnVE~Tjs&Xe5yI$W%ffB
z$A9?uXyjVo-sV7UkR+!~JD9LY1Iqwq#1)BUx0V2$VNKoN^e4;DyZS<hQwhdJ2xd@C
zQgbAg1}Q$3OnEpRZBCJ?2Qg(%rHV%E!f18CpCEY@wTI*)p(-({;5Z5rGXhcvN2QtZ
zY8DJ^l^p6JUy}mZRsxvdqSXkpl$t;LxJJle6@MsL?@020m$sw~OWtvwtkd4zFPs>N
z(zKEN(oeH8dJyao;wE0k_$rWmnae{T)27L=eDn<tN;@KyK+`&DN>^5FO?!Ee01~YP
zeW$3*Uw@Oo4OVb=Q?a|RIYk#8A!C^P_RDb8um^6&vk1W^03=}?vaD(96#Se~Ed8Wl
zjsfMLhl_V?&B@S1CR#}K8Ff~J)Fr`5RdGHzIV$OtLo*cNFvcpyQC&aTwmV87+QJ%9
z(etlch}HIpK!_$c(ULghvnvv-U6$um;rNh2Zxbv=oe7ijCq%4;{bIl6f~um$0`$e4
z&g5D4T#DIPv31P*nMRpLL?sbvi+2*h8YB|PO0bIqi7+%l-4}3iN_VyzK{pY?y)ObS
z93j^_c~x6?6vu(-+?;gcyclx^4dQ{sD*;=jp=mmig_R=ehDX1p@w=#HXzA$&ps49O
zP?T4+WEX=mcA7Y3<^=Sc9%5saQ^@ZHEsxTcPFUSzWM#zi0;9%_vP|*@z)ma884Xfr
z1c;hDN*NlZWkjcm^Q@0LiH7k@VRt9bjsK3Z;4Op@5A8?E{SXaWB%xDpa{!~al3qk2
z%k&vt4NtqlVJoNoqf0_u4Jq=cbX%vSRU4;I9VT*5+V4)F)srp1BDi1v_82jIytol=
zq0~Q#;RNKzRPI+@sd-ES+B2UP#8HcEh6LrLnNZ1Xm-eXs1`|vFO2%5{U9h|?5AqFD
zcAB0-#JmrsXRvwh9fS}KMNGL1*F^Dy9F(zY{+McWX)K~C*GM5>sJoJTZm}zyyo<LW
zF2z&?PbFx;bih=-Uz1j~i|cBa7VAu8pmL*09&abo@hGw4yR>KOhS-)4_*zw&WI92k
zgOx0p(<8f0gYi~!b|;wg*Yy|AZwm<lH%!#jpGQ;at4!=oRKl)|flJIym`_>>SZ3$P
z;ZAl`2hKlVCp*fgG@foZ-{<EAKfHpcw^$z$kh*lShhpCR2JOvgiqdMoN&qw)LS`$3
z+ZRH-S2PjJxe}#mAjN9fxX`i&7sbbl$2NT<>fDFnf%=hHCz>WB(@*p)ADX5z!_r&=
z0j5tet}MdF^Gv=lIJPTM;0DvCRuO`dZD~cu1$RZhO2!eu8xS3ik%pILf)k<+bv7m$
z;~10hT8@~%YNRSl<Ij1yO*1#eSpv!k<A)w5^H8tTGh|Pp$CPQ??igsH`j#s!7y5WC
zB672$89mYEeoZ7P0IE={fk4}LWh!E&IwBS2+gZU_rTfumDARrUfDas%Q4CPo0S6Vv
zDDZeO#Bs!y1hKRoYK$7*4ugDBgscwJ0<};)S#?NxAqeK5Y6Tg638>)(C)9}CY$26R
zc~k^sW=0H-m;mRRFlr3K{e=z(Re)xTegg$6k!MgcvJ7e=!81{uDIrDM95~rQRcs|G
zyKh^{Y?MR^Jx4q{>n}Y&rAicc=9b+FW0=Xx$Sjc^gFY@*rJ>rp87^WiDHCZ7A%CVN
z`bAdSex!;Xs2F&sg0d;2|JVNKvISDB7WA<+=CfjBs#tjwj(IQEqEIQJzYv`1*ag35
z)cbpzK=rfD@t6;#&fg0nmd2i8HVj2Q5b2PyTg1_^?=`7d6cPH1U5D0lxZgwflM{WV
zcd0!ZXl*ca#gVc+w8)jLC}U%#(637fdPir?Z`qeSX-5@whA8cJ+S>wYiAgq+g8+q7
zq6Cm&+cPCft?#}72WP{OjIqT-05R=ASQIcNhvb^r_Z~j>QFOo-%Qjj6G7(BZSP#wR
zcA7QH8Ky#P9U<DQ04|+|w2Uk%Vng_Hi)LW1EjN)QZMXgU0Xwf>u33}T)V*&-bOh8R
zwH)wi_B{_k#C4^~4ogQ^M9Figj*NiQXmCj~u|Vqn3$p{-L(){LO`&LIvV>?Bv*UpK
zw+f@%&1m9`$Rat@2(=gHgb>iNv=P>4=4j{w3bv>c-l&sl_W@wY^<LcfZIr|@)Ag7%
z=UX}E2?W*aROX2fQWK1Ii@1>rL0}Q$idM#mW<|*A+2G6@5X=A*q8eyKhyIor@g(Ys
z@nur@YZtTldela7WB0)|Zcbkjogv{WhN6@7<(DMg49}erv#`Ncj|EMvlX(zuv?Hxp
z^ZZ#Vl<?aW!L_C*QmfLpFbL}k4zy#CvOMyy)Dh&CJLdyLh%brxll_vmPaZi4>_ycL
z>P;qpjPAGr4tjSnDOW~Q26i|f<@=9*m)Fh4`(B3d#og;mOWp2Yt8zvJSk<%W4eEIs
z_A16$G2^p2ag~nmCYdO2$87_dELI}rRQFd7eO5(5um67S@qo7B1&SxTJyKm5v0SBD
zB5c7zsf(LM>3W(Ki*FUD{^ScVOJpeqREShs4cLK12ZseWAm!=Q6^KrMtdsl4)$|_c
zR_wuc{<G*?$G>SaP)%sHlxXfdEgX>#Y{xLLQ82TGiu<emM$=-<qDLLZYNg1f0k>Mt
zUQw|cQ(QAATW18aBd5h?qFpE<(BexzCE9%^lH9<>=0J|zz9zvIVi_dugbvDRU{1K)
zW}i2o3%bXPsZ`{i|MZ#-gR5*-LN9uI1oDiMO-56>co5ud&?xga`peHhfvPLB$gP_L
z3<4>>8R4;%qL1#O%%2*s>8cMsoZuv>HP<$32V^_MSo$T>m==rD@5R}?fMa22_a7ZG
z`Q<WUQ}f7RN-gQ=_UxQ+Hz^v~9O*U2=Z@{OipLHm$)1z^wI%uiI|pVe!h%7H+`!QJ
zBTkMyh9PkqHV9=?HV#It9?ER`?12IM5Jz!_zJi{?fFp^-Un*$zRFp41IPhfeo_j<}
zh8Sn8*Q!20VTH&)U36VltS|-L@sj;x_?8q~)QJN>bGlK>v{g4mtNlnc8e;|Q%3gGE
zj#89m%%123X+-W6?*Dc$O{y2Bnzd>TUR*E$2#|ZXZ5F2zKhv`>c95-1VhR!QV0pH4
zQ=QP1qiNwa-kud<^VvF_6aWf2EI`ths1bl`3|sd#qX_FNT;+NKe^QwqkEU>)x=^0D
zzm^Xjo27H?V5xRm?#+FGU7*Q{k)AnQ{JT-B57qv&L$lzyg}|_>P#}^8UyCa~BYQxP
z1&CgmFPmv+&ZR%UMeLK{L=4<pt4W=fbdE}~HIA4m4yEI2?@8w-u9h}FIFTFzo!ojz
zWH3*114GWq40Hj;g2#pwFP4jiMtd&A)99VF(k^^#ff*I=>}1z~6deyLQ_45vLrm`j
z`!`4Z0QEDA#Q**o6I=eK7q1}reVO~XX2#1TU$xjND(3Krk~Epzt5BLnx!b49x3V2d
zzYN#ADs*#3g)x4+@MVuWyG|R_{1%3??~3dm2h#56R3*i(!WG%he<Qg0Mma15;9BxY
zAKlUI(8qx8*>>vQE(nu9q)oQV>pGl;x)~M(qQl$7)z)xp)o|hGSOv;YN7vR0u%JV&
z$fi|joY#QDhcUto{$*MrPbgW`)G!m1o;bxfi!EgRjXw)ix#3C^Mwc&7&?je9$6}aO
zqFz)OEd*-&Bx?P&n|3L0>5<Q8XE=m6$~gnZ5LB-s{dA49y1}`f$LWpDxq^dFMQ<c*
z#JFDLqe<4XE1wX^qQn=847=jQm;LEl0M-IbUnj_ZS}Iz}SP^UnJ(*QN8Kl@ijkgB-
z4i!JkUnQu?i5`~m$>8>g)q|ttm9+wQu<ou*Q=P8V$CB|>RaJp`Tr?JmV<PXFQ5bw5
z3APdfa>WdX2L}PQr;zNb9wQW6jXeVpi2)96eo#09{5sWJ;~@~PIJV0v^O=}*7D>#Q
zd5E@iL{bn0_zN!2DTJ)VxTqs=ozA?WB$h|8UHC&{T3CcOdS3M*g%0?|K&F3k^{!4h
zS{`LVO}&!&SD2BqeO4@ag>6h$7Ho0||A2br`J$rs<U$ZUjjIjO(6^|FVQe8<X}1O;
zo6?@&r!(6soH!k+`+iu4vuge;fr=zw2y)O)fEHw-X>7BDfS~-f^gT9qo3YD%WcnJ?
z?_BL`e~*|w<XMb!LXjuSU@@9VFeyagXx+ceDU;ap<sYzd&O$n{v{f?&xsu%HpdL7*
zGppiZ`51kBh0Uc2bsLLz*{mNj@<81u;NULBz_DK-v^Bf9MSBS!+s<Dp%rqYxS0f8k
znAKrLw-LST#CjHM_{4oO0y#}dw&m?mM5w^RTLpYtqo<|scG!T>?GK%5mC{LU7G;K~
z4x@|^>Z;{Z%ij8F=zGs=0ZGYv`S2PTl{|<M1LqL-l9`H;3zEx-re@)wkXtV5Nim~J
zP0aJt9Zucbv4dfvc;CE_Kja-qY3S-L*{WtXv9?Br>S($&MTSwMCJ-Zwyyr$GEuDpm
zC`id-Tu?$U17fHpR$Q~?38#XYFPeP@!SSP8$)$@+-Q2((0gUa_5+^vGk}5>_(;QFf
zwg!J)jZ%Hn(n`*01T&%_*(Qj#VghIaZ&*22mrueHD5Tb9P2K==5cawfVoab!#}k2e
zvQqNu>gtYm@=pe>Be#<q`Kp<9t?^K$_<RUiJZ#6goC1m;2aE76?UFBWzsds8P|Dt}
z1t{5%e7fqC`%mWxo=h!VVk!+e{tTo_AnRZ`>XWC5g&|D~)<sNl&^{du5KSU1U&pM)
zMXO3;6=+;f=L93!-K@otD-ZX&WvEt6OLP6spB;1xt?<-Fko`NDsV=D+o3G*NU-AB|
zz@vDbM|FGD0%MIwEF|WCqW>GKt<K=6t}fTSv93*Zru6606Z$btF$Ios+d!l#!pi3w
zZk{Rp1*I=_+Uj^9nLs_@K>CIv!Q9)51%SwsVjLzmY|nF-F9YRnUum^Yz!B&=?+Ek;
zW1H{#!xvj*X=wf@F{b@|g(;Ul(o}OTMi%WGJYhGwW%5@kRXoQL*eTUtk5JR3iRq&W
zF&?k|=@x%ts+N+M{^6AQTImU&dGZ%DSDq2nvG-Vh`4_GsHrV*+0T13ypiPifg&P>;
zhxBgx8^<zZkD%QF;Pct12F)a(GiTKnaXN#Fx95p}{l}JHwb!jmRwo0$o{!eWOFG`k
zWdtMKco;Zc;mq`#^~elg#BNn9f$?{sG(v2$s+nHu8q(i>-<T;1faJ#@I8R%>k@S>o
zD-*|l(9mJG_>%8&3<Me&PcH#3gUml$r~Xh4{(V-L+-RtYtP!wKml_m^DBlPGYbr&y
zb3SHL$gW?ppp*enpE}j}8MFs%@#Q$caU&gyxn&E*r0C}eMu=G)CrFzT5@pC4!MP<w
zf|aY6^4Ki!%b?$8hRcJTA%Vu$7L7B6AQ6AD)s&KiWo6Tm(-U~e;xUo`a^li74`s3U
zI>z+ZH!vB<ssnKX6VNd<qcBbBK^@BWz?;`XD`2wq{8Yuqy7(lm(qAsm<xIVVIdOjt
z9Hl9yF^imok8{C}QAbjRENFU$c<L5yLVUTqsxiAp-$MGE!CnT07y6dYnBdLJ?zNCz
z8@danZyjQ4%B`rv=ILkcvaj`x&JN}5-#ZhQD8vv*t7U@p23h~|fjOML!}v5H@>+BF
zpXf=)??@sVV@J;EJVpUx)y9hH=VP#lg-co&1S@Ua)6~md?^)o|%nAW;R8@v4`xg;9
z`)+;PX0NTn$TCZ)ra#%8-rp}#M1+)(VYsPHX)P|N?f?qWRccq6PD2!HSVW{loIHmE
zXIE2Ev8S+^PB&S+;uuG1x{`Z2vPmQWzY%~;5n8oG18~=om^Ec26_q~CD9P&^Di9jM
z1H%LmssA;;m3E!&#(;<+I`{^cG;pqJ!83tTTkLbXPBT+*R8%*RGHYtmlzx^K<k%gJ
zvkRw|rDuxJYV%rp1V2}z{@&5ZS#bd@8w3TD%xRLox62N@DBrC?F_Z4zr$*mKI!K^5
zVm)**)><4GPZ|`XWFP|sgeJ^6;mqWW3&UoXq$*%hLyR12A2a8aW?|+r(4={wd~Jto
z_)$=k_QO<C{&)P$wPpcUx|KYnqb21IeM9eP4zc}RD<}hfdIvw3;$+Npf5#q>QB*Ld
zIGDoK(9Uun_RxNw!5B8~b<QF>xtp7%pY+@<9A0IVBu0X`K1+b+Rh3an8QKAphJ<Qj
zage%yoReo6b5J9zYCH_l2s^Ut8PApldkmE=IGdxY%4J#{*M>5P<~ms7Gn^;4CGq?3
zGUmCbw0ZAA%&ob;v5TcZl;gsJ4jR6gFdJzF45cZEb`P*Vj9_Ai<LICImLG$?VjPh%
zB=q{6y6<f_oxIv1Tj_8;w-oI2rT!zPp|O?nL~!LuHB*XMqfHsJBu54P6n_7pkARDa
znQM!Mbs%YQ$!idM9#`(Ak6+x8@Sv|6Weau1QPBF`Pn|ugrkGY*SrWT4ExB~7PRYE@
zE9uq%0O$dUgD6aXP~y#o+yu;&F324&VExf0MKm#u4$neQxQY1d8DTr<^_c45K9Y5W
z+s24GD!znWG}6zu9X=P{ZiNb8TOlgh5SbQ}G6B#QPvRIUMtE=|pdTNhdZYq{>u|{o
z-;55&KWS<uR|!Zd`M0t84N@wqRyt6ZVgm<NYTDz(;E$E|=kiDOH@&XRJ^hk3`I!Z&
za})Ch?h6~02!o^hEEbE62~+0{tK0BR)?b4zVic@FkB$EQ-T5d(kw&A3V6xajY^dvk
z96uh#HM4kcadPS+mw(L~|037CV_4%EaZ^#nHOiuxi=^yrI1;vl)=v0|y2oZbgQQVJ
zIwSZa5O$4ne0qnL_(BRtIf|j68!!nBbn`DcK_mK_2A<bsgtaWkbFGE<$1s$})%T(>
zBb0~C`BrsyI6|AM5vnWsUyc$I_M1}@4ld6w(IVK2h4yM=Q4X1_g?ZfIT!=9?9*|TM
zEAUqw@olK4MoAHlL|4&Pr-YxzjerD9;_^z!q)|frZCFi!i83Nq97a&Wf^;(EuTCP(
zqaFIV$aoZJ1%VaCA#`hZeF|jUO5Z-Zg5RO1bH*o#9a4PMXDZ(Go?Q;=oYLB_Ljp~}
zuA7eStHuY!bweK}r-u9p(cHOc-D@(PTjA&Nh*0r4FN)&{!t3XGRX|l}tqet3a#lh%
z)xT6Z@<>LqhU|o7Oc>HxL($-8^EtWwQOD$F{pyy%xn7d0530P~@D{-giQ(a{q#Q{*
zeViG=W{R(Lt&|59%M@b9rx6))o0A&|WxJ`|i<3?GL(QRK2e5<{j7wfsa4#4ZR2;~b
zQpk*tZqkM%h`{<WCl~xL``7TcSYK99ly1zI@2QWL4<&%h=@yhGpqVNt!$GM@^@*8g
zN<xt%l}tSL<usWXF|7F(Z0#0NP?4OJK{}eUOhsUk&@ngWAff6)-rEK)Ernvln!T-f
zQ2-AvGt;1@euo~ZgI5X&ODV}xViO}9z}?k$%xI|2Ii&P6?LHoli3JA>T_1hy$#n*M
zzg~WRe^hIFQt>F-;*fcq!9JfTLgIg!F(uq;XY2k2GhZ}#;6qCi9ac0;a4eBqX+fO_
z6*+yaE=&HaY;4G!&#mE(f{J0x0lXMiasS^)8Pfv_IfMNKGM_y|zP3N=Tva|+c~OCB
z!Fz-UD@!tu7L_BfM@KZqAVuu46u2iL7ZJhj!=uqrziBeV)5&6IkXjZ$<HpA%qe7Cx
zIN9~JoVTC%ZS@C+*V~*NiqzqN^Y~Nb#hc3hc_EDYW>mg>RhU}a6_`S~0yplU8_I3-
z<@QA;hO(qcf0Jr00r|3lgootUPJR)J_@DawQZosGH>y-x?kfo9$rNWzasxK`h%FU{
zj4WS{VBk_Tv_Pt{s2u8qooOv2YU?BP7_7!GqEp~*qdK?2uqzv1yc4~2z%M>}qt2pL
zgfbnGej~qL7Vt`f{D2kr7zM$gRM@%Xywp~wqe65y9HK=-{`*;@$Am)@54`{R$%4E&
zhYv(|B*j@^o9W}z^pQ2$L+}qCi~GaF-%U(R`g!`fefOK3otT-}{aM9|x3|=?zJr*(
z9|?9+S#;b!z^ghwF<IF8>qOv#pfhR?=9aY9yQfFOZ9sKP5_>i`OPo%o=Lk_d;|YYx
zoB#aWAK7h=6Q!^S9*7bd4U=!BBX$P&&A&&=8JdkpSGqtC$!7g_bw&(T$Jq|mhzMw}
z;atbU!5xU_1{)jX)|e#GoJ#3BjmvFvnfe#%7JtM9-f_7`@sM69)0yt4gA__&`$L7-
zGM&tbqKh#rH%_J%Q#U~RX<SKK4Ia}rOToWF2(jF_Nou67ve3^7Y3T0SDaw_BH^LS%
z^GWoM=5ZL<^z~4x31qvDG*YTJNtH5<{@=fcBORx4UC#TqT>X&<+*iRwrG2g$U<yZ9
zz;9pc#!XJM;vyUhbt@wwQAD-%K`_V%u`;5yu9t>@CGnoa`#u?NsX`o+Xc+@fec0wI
zkBBJ(D<W-YA{LfV!+J{Qy(Z$0_<`0`0kY-=+x<~QPHiXUdIb;3jjaW%vrud<M0bL5
zy59w|TaOgfa(@gMj}$6klNM3vx#Lpbz>bNS<_yWWX7?mw;?jTEa`}p{>R^*d?3?%h
zFsIM!rRrlEj9jA4%!xRzjMcs#iXiQ<yOBpe_;HM?oRzg4z}3vU88Vs1^Lwm@k;Ryg
zxBuQf&PX-*tNxxWMhbU|4dr6B*--iTY*Kc<RQS)sCNGA15QhbREmT_WGvP((SpXry
z>e|07(n14mkHTf#?>k2$_Irt$Jy*j_YXr#DHAF0&;#q4{9!?)2h4A%;LchIWnlE{O
zPbi8duH?$r?<iM&$91)a@P|lA!J;HR7OpZ7(Q}Y39YYJk$_DBeP;k->xd$XwN)$BQ
zP9V-k2gr;_AI=FYOW=oQhiY-;iNu$T!Q-d#Q9Kv#nm#wSyv!M;6^xel6IJzcNT5xN
zd=F~*xS}8>FT8x5UK~}8(52;wCiRdYN?n5T#_ynE;2B<-sIJ6z^`ICQZ<roA3YmSn
zft(snG=HRE;f*nwUX|E5U??bKkzt)C^&Oo~6K;s^T|v9oMBJ}?@YNxgV|;#quRrIt
zFq{7%x;x@bP)fG$ddGA^GtB@z(oJTj1PZw+*%zh^?CgNEv!jJX$bD_3EJD&5@~QUS
zFElo~HIA5&&X1D|MXn~mM$R*WHvsB=7jVYMHRq{WIU6oiWCJF|SS`gwp6gkhP~qK^
z*bUHNj{{I!!4D3ia&(4!FCTY4)`N!^@t#i7t9x=6_9cAew2PiV#-yuGCw03FtB0Ky
zjaAsn#&MHI<iT1KE;uSE!1H&^wo~gNzVc0cQDX~gqhXAVzaqSB*Kk}OHGeD)64|eA
zN+Bf^alp3)mKyoilcxOa_`>n-4Xv3VgBydSSrC`B48WHH(xMS_kc@gX@!*c{#_Gzn
zl;q4!Bbbe%#{UAZ4cG(So2^Kb#`W|Zz=z~AQ8wM!{7Z{O@mn3>W{!|(=F{|Q1J;jw
zyQi5*1ian15mtgjGpSS;oNV9jY@a&bphi6XR(hlzr*hhgcWjk$R0Bw37e3DYnzT0|
zT%_q0K9`EvM~&)iI1?BFe@u4>a$&s#Uc}S=b4buOdv8o|^3jw+o-D*E&_I>o-(fs0
zgQ2{&`Gj8cWIX|>a7~5IeWZ<s(MKKU;&s#(0^LK!3^1S;f>$m_SE`_k(L`D{A`r9l
z8RTGapIpIqTdwe+m8&IMR`<7}A!wD0cwdvFCK-hFtfiq?&>vh{xXsY@-paGE?_)ra
ztJAU$l{@tTQz=nx%ceuyY7?xA@uHi#+rw;OZy7J$67+nzd>;bs`$0SD(`dIw0REe+
z4u*+wY5PCIcP!@vj_aLfZ&)S68%OZcaW@QSMsJ^2T2sJhq_tkRM(>0izgQnn*iRik
z#tR|S#N0h|ZENF{tA{o#G5I}XE>G^h{|BW&TE9G}0*)_!{t-UCv4DwVCvjwU0-;b?
zco9Cop9Tv3$sS{VMx$EB-5Xc%(~quVkOpmSSGav4oH%nH$4RGY#(E7)cW>jvPafb~
zfALL>42I12!yZsn_m;6<t00>#!s&9;KuA;HdKp(fco)gC8!x=_GD5!nO^3Bowasg*
zh017<$GWj}3va#mDeQJPJX|)x>Gt91nF}~JGbuh_W`?cB8~EVbCeA<m9434vT)uo6
zfr&GC>6tUAluI;DmuPYopoyCWg=`YnKl>OJ*9cyH;ZjHAX$GBS@7a2T)(*;QpCCiW
z*XV}38@hMic?Xv+U3&b6u8$TT$<Q%+>=FCvkH53=F5XStR%0rJQK|Dv2cdUAhK|4n
zvu;$>0g8SRY=h8414EBZAUd+#nVX=xG<e(8D8p{C;zD2!e`WFwj5<v&ZkrT(`Hy}V
zfAIT%j_>@fzk}D`xCEz|_3JC2kFDeT|NNihUebrZ@}K`T%nUkcU|Xe;EQq<IQ+jFD
zfQh9^c`ai{5>mR}=hJB<$Z6_Q&8wF*=4{~OKmB85?P0v|`l|?g9Y}3F#La~mrjMV-
z?3jGKH#O@}uN3g{hd;sRcUJKie(@KY*XV6_2mIvS2E6X}OblV@?vSCoPloQB7#Z0A
z*kY!(8}i9be12mQ6SK!LJ3~g9CMe4f?;}@r(0)1suZz6=USYEDWXQ>lS`~})SMcYb
zJjC-CFJWv@*;bp)4j;9V-|JB(Y$n)RXc@YhK^qnq7T^w#<H*byHkX%i|G_Gr|LSY-
zJMAbJ^H^J1M9m(+vAOAvIyLOK{SE_rG+R3;gYf8v&7GBUxr}Hu+LNI(872BS3~)y}
z5YeJZX6Y*J8*GSV5<C;WDNiHwG%;5?1XA>LE5A2lJsgyILa(wgZ$uLwpE3`+t5{!J
z!EP)==_H`ZG1V(rnSY3_jVOl3lv$_K>&M)gGdRLVPUzz@l{!?*MdUJR6ia2|sCALR
z*RAro9P;@*YV2*xWf5_nYPE!1HjP}qASMNTO-d_+AFU}D3*t1E%q!$F$mO!AQdr|R
z$k<e>4LBS&G5fDmdBt=Ln;YB6<SJ_Wu}!LzK4n70EFFkxvD)Adg)liag{f(U#>Yo#
zfRc=y&_few+O|w8Ev^TO?PrBrL1qPLJeg0t8hJBWYR6oTwpE-0U_Sk+J@}d<Pt*&A
zqSz*(g4X3+8k_5zNTqWk-mus)bL=$EoH_=tQ$3YU!rU&ULLQkk?I-e>#5F{rL?JGN
zCsFJn=0&^aXrI)S^k!ux;x?c(k1v3+@o}k*#t`(8kyF!!Zf>JIwNW}FuFWw|X+p~H
z5992GXK`eDOiUCq$pluH*JvM7TT-3aQ$2d(434vrlXUX_FXppIr&3D4<MvY1n8bvT
zs7l^>E}KC%$9<0{iIjd=q?ScqRWsZZQC_8gKRWsz-65mfHM#>~kNvETCEf79u}2rb
zrN&wi-cxJ$3y67tSEcP0QU;XXI;2qDLBG($)MMxF<k4|ml=`&v@O8Nh!CCyq<X152
zGI(@m#S!o0@BdrOljl)!%;NkjFXEZ!&cGqflyk97eE8P;SYB8`cxnb0zxFL0p_%vm
zokbL_5j=Zw3elwnJX}e@T1sQ-;UX$EI>s6fTzL64T)21~E{C1!TEo`j1FS7=;QIAj
z@Ogc3heq+r*I&oj2ww^yLqvUP{`0H2cJ&s9$0w*>^EmzN%Xt3fXRtYc71^>Cv5hTk
zZSCOPi?8C$*;9x<yn(A%t|OhV!BQ(DJbnbPeC2g`8X2nh5An{AFQeh`V3Y=3zOJ56
zY-4RFhrzKaoIQ6=T;E>1@hP0cCop^b7>2`c-L9*b^Z4ZB4{(1iiQoE9ew_>^?F(u*
zS%wGE#P&LQem}+1`i?kFXLkoM5E(!`R>Cj-%D3RF$8lqR4dX{nVRm9z&DS80<}OyE
z6`VM80s~=>FmQLTeS$03Zqad8M~RHV^vU!1+Sk4UTPcOBmp{avhs&@#oHUMs+UG?)
zci|*f?_9(8|NS4}?)t8{E_UktdA$DSchQL5L4o$gsS7W`OZ7_A{`~0Ocd$Tm?3LE2
z4zs5&;q_NvK+x+#Ccce(ckiNP@guQz7aKcCswXf!brN6u#_JdidPUvk{?s7PapB$-
zynkm0Z@%$5rbi-biXPd-7PS$z<?@y=2sVcgljDOlmbj?jJ&(CT3vOJy2Y5zcD=*{E
zzW+nqU);jcQ^(1Gp1^CbJP&&{iM)LP7tbD{ebB(})(YwT5Ubk>xa?MxYZe?m^DJI^
z;UXDXH!9g}d~)Ls8Px`|(RJ)3^J0Q9dEy-2_{wV-40uG}dwh@@ssjQ(A0~!})R-Ro
zIdy6Ky96~Xz#XhgvjlbvcXxN;qk_WWFkG$!TrmDQ1RIYM4JtX5QKnA*$l!jaQ3veR
z6|ZNOv0T_uV=b5&r@akbJ51Dcgizf<ztFQEUF0%#zMiNDzkies-1*Qf{C4Gz-X;l8
zO^U0$^#^xQY}jeCH-w#77NZkm@bZlll-y`ku{!?%%d2tn-bQJ1SjF({F$5hI+`T!E
zSk8u%$40Pm{}z7yqsypRT)0Go(eabV;I@>pc>f`S!=rR;@u2w-pI*KWi#v!*FFuRO
z$x&=9K13o@L}X+XE^8TA-}y0a-`~KAXPzhTX#z)&AH~q<Fl^M%?q7W$4;MEPo;-;Q
zm(F2gasswS1v{%72#rqT^!c-xo*GALdj+v<jr31ohz5@ed4=Ogj^iaVerL{{##qFS
znlp?GFTRH7pE-@;;Q>_1LoAR{8J`>@qs(`#w$LE2W@DXnri!?5_KcdQ>_ic!MJ~C6
zk3V=HMT?IH?B{Uu<Ou}a7Tmse9f@2Gm!3NZWH)g2#ytE3V;CD!3;_@Jn-A~c{!$WS
zlj8`u>bUamTe!WjiIe2noI86Ob8~aTGYSX1D5PSDW-8Rar*Z1!ahj0Sv9hoPUt|d5
zV<QOq9jG*%I8Vm!#pf^41Y!`2H{Qo?I*;iir%{Nl;oZ01MxyS=OE14DbWD&@TA9Cr
zhifrR&CH>kiQ=Poet?^cG0Yu5g-aLD(;yti`Z9U-sWMI;oo=>Ivz=%>NbYW6Wj9CO
z*c3wS>8fochy;u29lZDU+t|%n@$3sP;`Avp>_I2yZ(qkovVl{lsm*M8eE!J|<PpO8
zb2HRFH2I<J`T8$@2WMG6;1vBeR<z^D+ypYat9bvt4^X2%|Lk+m;>3v);uP`b;$1}3
z72$PTXiRwf?H}RJLL6t#UBEf&Co^PR7w_FhzG|g@G!FY7r$G0Hw5@H_9bB@@=@7=w
z4D6Kg*^i~AC5(-Y!Q=4=JH@Z9WFse!4gFJ>UncN=lS##%UB<)`nHjmC6*TQuH<+cH
z@T}w=Op|e{CpNLZxhrP*j8Zm*?X`9I$7eAz7!W)~0nMdJL~GqTO&VPu7tX)<40#f#
zafAl?bI)DENYH`ptr(@3aQl-_VRiX%k-WxZG($g5-qhE=@d9?&*Tw0v)q6MbU|}7n
zU;R3sdG<Vxo*)@AOf$2S2m}Hs6f0!zJUD&sG)|m4g~7oH{DBZoKKlYLJ^w6@pE!mS
zXU~cOGqb^WNLn#<<OF7>r!hTugz{a$*^3u&;^a|`Pfe4Ta2iLC%?Z!)==o>x?6Vi(
za~tl)<P9XMlb5w{>l*&u@BJSBtx7+7>m6(-vqEg`{!L`+4qSZxMPZzd9zRaT_*pWH
zN5!K@qMgJU0X{{@5mhk}_fdskr#84ohJF>tpM3+*J#zuajvc4%q4u1a6wmNRMkesm
zi_hc2`7>1aV^rshWVkKZh$Z0-4dMiC`{d*ljvYUV6EsO+gQMstsuu8Y{vI|{4Sef6
z-@<t^+Q+D#=Po^mZ@m5-3ds%Jo?qZSOI{H$I68q>Uw%Ot?Q@r&!O7`y>^_)Bk|qSA
z2dMo>3)gAlyYb)_zW;~+LA)XA-~8);h4261Eo??(+(B^f+GmI+i+K5K-@pahhsVe$
zU3~5(TsSoczvf@4ZNV>o9~>UT-0TrD;FDya&XW<FL%>hlqn=r@poaPDS5PKH_`)l%
z;ViY&QEIRA&peA~E}q5i(mb|f38AxEAg_4tC`~x1pU^g+x%52FpPaz%PLw7v1!Wt)
zAUaI+4c%jd*{<t_G?=9sNE^|OWRT-??$v5VNA-G5+&sXuADOJ`-FD(ygelR%WFQ95
zo{XfRHE=1U$Xcy@YC$3kUn{bT^7*ubOb)7-)8S|%hlA^EYa<)!<9zaV30=fjy1d#p
zTt`t)iF7=M1(DHln$Ztq>D~g0CFS~8G8RWPQKW%;l4hNf5zw+RC~R|iFf@5gJR54~
zQz@j|?e!o$>_@3mL^-vEWzypa50f#mir3ebD;2oIg9tS;*m(E=3u{qW{ew7nViFFq
zf0TA)FO}QU<@I7>b`HS+&wP2HqaSUrQ=G!Fi0eKZE6Z3T4=<ldh?y{raeIPwJDo0?
zB|BlGu)Jv+c;NMi!sHdrVP<X?v+QM!jlwP3q=L1@C4~Gz@`?v(KP&C(^iX}L=MeGx
zX>U+{i7j+n6i-kID{&@1ZF_$uimHda%~R8G(mob>Xrav9t>Sd0$4yp&uU{p0u}ZW2
zXd;Vvwj{3O37rzOIIj!ol-QpmGpEQn`b0g2ZkrvWM^0jd3~6R<6=kxyA@UH9o;VG!
z+bLvhb|+0N+z5KJ$QF28xGZ(e^=HFF_4CrigRf)G&dw0cVq#*H>gz<cMEiIr4o_$p
zGoxYZqe?sT_V6TRWO!I<BT-uh?>J@WDLgH%@Oa%QB(boSgC{ah9&(VjN8#IS4h)Qp
zAriEap-YP#{^3zf&rTuW;q9S5MaRg{;0WwA8LH%p%C<ZbJsnU+wLT6RN@qP7X+N{H
z&ZI*dgF3&M5w=Ji7;SRQYB5RD@DsV(X#X%Rm`L057I-ibN1#YIP$!tBb<5L9UVsK>
zUl0>VXJN^1h`0K%q1ak@0PpZPhDL^(1GuPX6AI5lql}FV1+NtzEy?)U9AtDUT1Y3z
z8@Pdg_dow*{5OB+zrug5(%=8T{ykiOxPcn!tQYGvuny1w-#T0sO-k!KoDKvB0^-IJ
zjbAP0ap&Wo;CKGXKgK`$AN~>Edh1=>y!#LZ^1$?a&q$r2Y>`T|u<)QvlZX-W0$+ON
zCA{?ND|qqMmvQ#oDFl5^pqfJ>K@$wSpNyqupq0Uo?>gi=VL7ZTS1UkUQBtj3M75HK
z-{*zL(bA(4U*k;fuH%n>?|;F6`FH+L_<R4||AY@d`~;gjN%dwGWzf~uT3A5?C2FgD
zrHtV4kh%-C^aiYUFKG8uh128-*J)eq)ZT0qR2j;^lQTO%v7k=+1hiyYvGHJ!ldrYC
z^vWxE>E)Mk>HJyoJY2PyL!|&XT_e;cQbr;+w8~>1EnXXG$8wYS@v0PRwko`&Uo@AN
zMwM~V1TpAzqmao_);iT&nH)B^he%8oY2S1{;`c|b_TGbdTa0u_XdO9ye5t_)l#Xa2
z4q7q8>_bDdeT+m4Baat?Pey8VY68JX7`Lz9MIjZ%@^S*B<fVlI$_*MaG1}r3XqBNE
zbn>WOE{vVIgunh@{h#sw{wM!P(BJ>ZME~Ufga7+K_<!N$7tW9YtD)ZD8=L6B*AzBE
z`<Hm^>4`}Jflr6t|NJ9-c5fT6{Nk_Szx;pvU+~xdv%fBGsu+%hggonMKCUMQISm}%
zo5bKn17)FD6oZI%V~|E-`)F;mk{eW4?hG{Q(0-!cVmxP^5@|+?3@U$7ze?U(bCTAi
zy0{Mb!H<3jYvefon}6^>;vf8X|1Ey;yKmyP7ufS+<Ii$3l=^D}u${eMtDTHanVO=N
zrlePB(m-{uI%x1`akX5nj%u7YLA0yHYmt&hwu9QEMLa*^zGbo0(WsS`?UnShArjl$
zBvxmL^TLpBCodBX+MWuvmq91LbiYIsH3wPdmTjZ@OC-w+QiS$Tk`7saCu-(vqwetg
zrRQQhfV)>8KLhC09V#^2HBIZ#hj`%Ojw#j(qa`PY8D?pFkfPr_jj27|7(W1M;DJaZ
zGjvIF`XiW}7(y|&j30mh9a#NAjLuGpQ%xe1mRHU%hdaO%8HKZEMP?_4lKOTLI_hab
zEkOevzt)alk(W%ykjR&qEA%S+N7=Y44Q8^ZULg-?XJs8zM~-1)VptiVYgM@IHKcNR
z(&r+vhVV{WbyRdI*UKoZ>XP-g6X5l@)w>+|7JD)X8gaVSgTY}7@}(qldF6I_=GUub
z#CJE5%;&|}?jo0|S|>R&n!L?yytux*B$LgiNxvHbrw7?s0y`O&QOXwj=$}o+v6i)C
z?${A=cO<8WLm_OhZlai@34&6rkXN=%jjQnb{O||e*xq=E5<mK&8V6n%;+u%3X&?@a
z!6iM|EgM5N)T~xrv`CI?LDsDi{T(hZoIVRO`3)4QY%W3UewrA>qZ{NA$G9~*fa<7*
z7>Z#gL+1@+m`_>nMv>uD?Zg%}r?$;!lSpJzhzz#BU8N%wwfiSim<cMRYg55HJRFLl
zi^XEt+}y-2b;JtqKncZS0XsX}i0;P4=Xo9tbdb=jt{pV1qXS}lXGh#}tbw10DNy+g
zo>B5MHaR-b6Y&`F^C(d#5Pk7y7*2~Fg*wd^Wt3{L?3UozF2TB8L_MRVH*#gzc9>5y
z+l@Rd>oh1viMLr0VMkQSgE$SiyM<PKEhl80(TX4!<zcdKvW^@aTcsw?MY<hZH2AD#
zVWl)D<(J96Ndp<B*-3`woh0v4(^!{<(l~!J59zjV&^}(xDEhc8;wyQm?p#(@>l4zE
z-R&S3qm7>Ud9j(3N8z`Z@!pT`VsLT>Bg1@7ixX8j4Q*kGp#^CzX8G<gPMsV@a&r+6
z=9j4-=V&m>Vs~p38#GY!ICb*GG@PXbK6vXg9cxJx$UtOLNu)Cw8ZX%+A+LZ>BTB_M
zJuYD!lZh1axhxIhtGIo89)&^{Wilu{I4d{GsJFxuoa9~B@>yhdcf{Rnd@VOg$L{ua
zwE2oJJ?P+}!84mqA{md1XsK92jE?nOHcxRIj-EV&RBV^F?LN}9ZG~(G8!L;re(eSs
zs5I51As(fO&`7kqx`Lf}T5SL3$^+cFzk)=T#tfSiXU-ghyOG2P?|+C`Txo+ew?Ufr
zyVU_V_3=23Lm4WA+h+N}JXUv-;uT*Eeq5khqdaM<TP}yPv^{oD5HnNLKw<?SeSQzg
zG}VFhCu7_A_`{D;wb^mz+;JK#wZXzLXiyt)(;G<x8&`gyo5vl#lU)$iHJ!=AV)x+G
z+!QLQZCtr=4=LK7TrPvHwFTU`Ige;Orw-CenVN2X^bh4cws#Y>e+$BUV~BK{2d6I_
zr*@3u)@|Az>L=V@vF#1qyK@%}|0E`dBhCJztXRKB1Y)-H4}*GvB72wy?@%5u_|cDk
zgexC^g0-z33`|TS#BW4UaqI34{P3+G;`Yr&xcxqI*OgmB`FSFK8FPU;W+J{rJ0p#B
zGL2L!L!Huw0v()5+UYf#{be&r#OR<X(rjdH`5|(ZI?4q)Xvz(7p}awZz=t2agFpPi
z`xuCX;R}SxHMil$mG^P?;XE9k5Ow}I4IFoI|G^qA|Kx4d95w9hW@zSE5eG}D$}`cL
z=!}^>4Ui6(df|V6P#!O+Ab(ho7xW0V&zj<PW);hYsJMB71se|&IDQQ{vFb+kD$Q88
zw_zRf!2Wp*r*6}LzHCS7y=6q^%Q&AIg!Re}9G}N=K0Ankc^b&>t-*aii;K}PhVEBU
z`0+!`ZM$(M9l_MP9n%{QOm8}2{e<#e-4*<!J3dUWEBv7c6;$3|!SF&27ji?ChxkM@
zl;*jfMCsinoQwx?G8PbNtaFCe^^Z2-zLvt-)Buh~y_i~4@<r~KQKUTMOBS5V4w0-=
z=$hGZ!hJV`L_G^k_{8G{=K}nAf!aU0(YjDFx=CZT6O%_zh_|BH$+N1{gvvKKjI*!2
z*nDkNk@{A)*ue1Qw77LXk)S?IgXiq@0P<u6@>M$~r$)sM42(v-LVY@ghBJWi(IE_s
z43nW-#e;hf#o)I~M(Nhot4NXk=0_TaM#m8LT5<pLtJv612oGlYJ`Z3;3=EGTpNPT}
z9>MUS@=i|n)Kak>Y_6?gmkdXSjMaTIH15a<MuvtlJvR*>9ixe86gKiGM#hHW;8Tt?
zc&;uzL^Qfh9vXR@UMD_#=g)EV_6nws9)sVbY;SY$p}wBj*`j*i$JXW+ZeG8Rt5>dI
zeQlFGG%Lo(N5mUa%Gq7qxpSY6?JRb9JMTY$D@5BhIELfLX2>h_!DXxBKJmAsal}dI
zy$8$WX$3GjJ%_33ag2<QVZdj{{ae?uvK1G{^TLCBh-Hfyo1B8Z8pr&DhvWg~u)gvT
z>)R=D{b}a-DNK(>;Bq>#v%ZG)jV*DkySxEZvOBQ4{j_h6Qe6h%Xq55U<&UtNqA@8J
z#hn}1u$8LfrLVq;<C6no%t_KX6dakx#9-@mSw2I?lO_+Nb7v5AapzH>7?K9<uU%^Y
z2Q>byVRd;44<A0n;u1}2$~6oR4Ptm~9Q9%fx31qrJWcz5dz~gF_e32hXOClYVuU=}
z22FCP??r|&L;cETsUjX<!@b2VR7+Jc*=baZ<U~g>Ju!qpcz|>!aqHF{#1cuQcDHfo
z)=li>t$6v>m&L0Z8|56Li8LZZ<07ts-+`JbG%(7KWdu5p`-ct_o5uUiPabzCWNA{g
zv9TeZq3iZ|frSiPQ#}Xe2gdK+yNBW7VR4sGxAUOldvt57sL{-dZ)u($&~CQ|Zp`1o
z(&{=KH0ubD4`F*{g=VQW1gNtNhl0qZb68ovNj^MPtm;6mV8zKx$7x1Oonj}0sSz@c
zbbRqMHv^#%k~Ayvg~HV7@)(+V1}{B(mOPOST&06-ej$mo$Hw5EK8KUjW0?Q=hq$%0
zh|s_+&2T;N*y3nZ!dSd}8z){ki+qy23No6z=@Q(*QG{rp77M$`J3}~r{v|v!ZT=mk
zZcrW=&tdnl9vD9a{L8g>@RK;TF`-ebBX~89UvgZ;+}Jce`Q&4K@8h>%KQV~shEL*+
z6VHp8{^bup5_iy@IeQi#U%o81i!Y?}n>+sWogcvK_2SLfzkyUdflojA1kXMHJf^0m
zu*QQcO_2B$)CwKU{1uAVzw#B)VV9SeX;P6AGwOAcJ9+vvUU}tJ@;Yc%N|T>KI_S5z
zw(;SIKgGpMmk<d@ghyVZ*|*o{#ZGjGI`ukUdg*2O0|6Q|_>CpxeUO)ae}0|@X0LeA
znV+wUP{)sxm+|?{Yq&n1K<>FPE)5^YUzvD=44(YZZs!?ek-QH+Ey!Qi;HyrID!*}`
zvN-5~(hj34&DM)F*tont*sTqkq>-0Qo^-(H65dm(T&KFxL_(c7@!L1V8%$sqr~X(^
zwNylOeM7vN#6pI6VrGWgBSHpN+@T;)Aa7)CX_W@s90CJFWCW(f8%X%g7Z$q<Zmts_
z+`LKZ-G|pc{TzXzQH)GXVK5Rvjq2~_dh%qF1_`!qypOnMT#r0WD(~N&M|flcBcsD8
zlA*5DtYlD!X!59BS!{y#F;7Tiu{ceRd7`MW`7Xl%9isySA#ok5Rw*M!9_k7iz#2^)
zjvP5clLU`=`-ji(71zl4Oihvo<CT?ll*mZV%+4X~r->L%h(+7+jX0z~n@(Vj#*jF*
zL2!VK_Vgrzq@z|TVQYOA>onPR2L~`me115+1{+N<T%sOD@{~5o&{ZuCOiWI~TH}3S
z5eAj-D&;z4l5wn(K}wMU4G)b7{o++-1m2E(z91$CUiF=oj7o|3KeelmCfMRUu>{qd
zi_vjXEVj<9a2t7OOdX_&IqwU8RoHHH3v1K|sumZfY5xxdz0`N8U%B0ISjcmxF_ibS
zpZXQ+&C$MDTibxe=@XL*8*NRU`jn6Q1n((+drLCDi!~a5)7cV+#wY0*9fyy+eXb>6
z7tGN1@Tp;LBMp4&yI87`x9^6NZ<;y`bUw_wB0z04Ix?ol^k9c<YikRie)=hn9XodL
zcU|^s==gnOTPsU^MhsJ@&tg2(lD&TW25#QIO|y(+7ztWwR<ng<o;rBMi{jP_8KpDG
zrJ@)QyWnwnP>fknbmg%W&4^F!_$|8#jGq#>zpf-`F!WexM}=q>9fKz{C1!+Mi+8cG
zv_j_Jg&55U&%XRsGI-Ot{{9b;qTN4BJNL$&B{HPjG%KCP^1Zt__S{Lt*0-r4hcH2n
zv~qhD8xNQ9+Skt_LG^YFox+Q=<}VZNhL)krJyAnvIJ|WD7whlfT{3js`766woL}(a
z>){LJ{YK~@Sj7*2_(KfRjP}hpzbQVS#75)hjq7;j)z=UqnYZ75oBF{JE<N+CFmTte
zT@%~M&oS|rDem6BgI8aBO?dzBzyH3-%jtze0hca4gKvH3JK~i}zxO-8gPS*Rh&m0B
z_wlQL`7h%eROSNBaJR{;JazgMQpptFdh17c{`nWg?Cdl0Yzj1~dG@*Is3Q;J#*G_f
z=w1>X`X}$aLv{IF97C*slR7;Qn*Zrv{i}HGwb!ZN-Ne89^oOYZB6%?9CU7w{hu@gu
zH=~fD+wXyAlz-GXLF_Y`uihQf&R16QKGxkoLNML`B-7-}x+Q3O+W6{PL8~yCZ_Hy_
zPj%f%hY`)RmiWPO7&;yWqWnj!#238{d*bm{(C-f%ilJ+T9sxWMSsX6$l2Wg;HPc}P
zBZIi`+)Mb%YcGhW_iI!nzv=wMk#X_>y$HDcm>C~OI6R0Tx!Yly#SV>3inpoH(yZ?2
z$&2E3K>^Yo2}Nk;MLKAfW3$lgE34e{%MZtTJboHzgYX3gP^Ot`wNgcZ^3_T?Y(-NT
z9vZ^f=!6)!$7nVe4pKS8V;CA5rWv6hk--pVj*Vj{Mn*dtqXVwn;n*Ws#nV6%Y_T$i
z${yPOkeJwTdwk=~H_0%(A>LZg6CL)t*!|~@!!uPrzt0{Ncb=uiMR973y(Tt9C2_q6
zqI0ol@EjSWU;Fj{2!G`_eiP5X@S-rB+~N3IQjI)-2F-YxYK@vOhK$j%F`PVgiuNJR
z%&C0V$)|uvM#;-2FP=LuKN!ur_??Nld`?_XdYL@Tzw(>Eh2QwC-@<pk`-@^9^CXQ=
zW#q}o4pMyj)w6IN8=`j58bV!bZDU4e=)~6`rOT?CM2jY=yq;kutSRZBtc|VS;3AW9
z3bH$&!)C?kbQ6p+a#%w*o>|&~A*$Zmh9^o~u110<L*wm1Z90D5>Cw^k8XezcqFtkN
zI+g1SW?*k`h&(@@^?MA4j!&nAe139)?c$s>KY%(oJU|0c4rN;qCr=#1#OM&h17vVQ
zWRV9Vhzt#i(-sz+L!3Vz85}|=7{(A8t}t16alM4x?a7%V7#s-E02qM7<v`u$$Eg$i
zMh7o>9v<R{;iCcA>mR`M)HKFuW-vH7g0YEl437{Ek5auy#6TK}gy3+LaDQP1R`(Fj
zoH&Z0@of-2pm~kXQhB1+=op;_iffrAagDA)6NJcC0~ak*G-(KnQ;dA`1Mj2gPLzxl
zzZwhTE$RH-tm7w7Vu!r-_4RceJ$g*E>-+D$CuEKtKPC(qzkY{3w^L-OxX<uu?8ODe
zL)+X~r*<6>r$E^_%{QW`JU0mM#R<40KFozCaN_6*<SC8c#K3RjU}L+wx`H4XHqOVd
z_TkewypP!UuB<Fmecc!t8AUde!Th~@SY27g*5(G*$-w1klEdffPn<j<PJQlH(pYn4
zV5k1Xp4|B$U!ya;0_+e;nIQE>;zyRR`6D)`2s8r<3{hQNge68ZNC6HvshOa}1=N5R
zmqgmaGRbJh)kIN_AR469I7ek@BBoHXnULP-wo%7?2cbR6lIbwZZR(=HQ;xQ}cc4cB
z+Y7(1bty~+kF~vCqdOFjjukr`4v3e!8sO%Oi5}$~x83Q%%+aHmoEpc_;5g2oJ&Dob
zknqU7<c+z#et3gKG@!CqcjD*~GIE1r0Q9)MWaNBgoJKH9gX5{Q7colSpV$<u0~1qo
zxN!O?xw#{l93K&HX5e%0({m?rbZ!O%A@&Leg;y{{gJgipi;%a;aThgahz#BM)GS_j
z`3=1G+%p&twQi{SvY^|c!2@YMS;Sz;jR`XHe68&RGFp7|4WFvy8w7Zg!`@pqmlcy6
z?kIeni}x*iY&lBX+S<ftSFZ>|#vP6Cs<o1*#}Co6C&osSPcPoMeqCIL<7;)S$8IAJ
zk@oX=a2TVsAAAmvng&r9zFC4#m-D{o4$Gbydyu^5i}(C?7w%^sGRFKScD|lcDwo7H
z#y|evAK}9XpCRqxyJ#C^G<U=)Q1%c9D<0UQ{E+k^Kt5_YEXN7Ds3EOaXhy+Eazq@z
zg1J9PDs<4|GQV56MSAa#NseoBGW5Lmyk<IEWCk_u(7m4?(NWZ>Z@<)PtG#HyFw=1m
z>J?^ryO9iI{Gd1#L$`m}geNsR_{D#uRfa!2EZ%W9J~kjOUOy_d9rw6MgBec;I&Rn~
zIkOFnRD3i;@{tF(BMjX4{^U<^?eovXb4Tnov3FJ@kDfhrHc;%<^C?NDOeQVji3DF*
zFEu@XzR`q@5Pzxp+rRJ&_-lXtZ{TnKt-p<DpL<@M5nzMG6Odm#{}uek?AP(@6R+cv
zcMgt*avq&eg;x00WVNc$!)FiJ!11X~ejU~_d5t^d@$rO&Poc8G<!7Au)TEE%wIMfL
z-#iNU`7zN5Jj>f850C3NMqb=tm5i!-`?WyFhB^RbT}Hhemq~+}oEap(ra~u5k#2Dj
zRvAscB)~yUrfEFQ!YbMgPzx-k4JKN44NBb1fVE`X<(c%x&zwk(RJHPa$%z&knG3X&
zoTnEu)A2+|2V-Aok-UEu-lOACPF?oVLi5xmDyTf>Q<tXwhamSYrq7cP@i4go>sl7R
z#S$v1g1BMi*3Fy3An-GWg9C%&R3P76!go&c`z7PCxR5L4bHe!XvrxBg^5=e(Pu$1I
zSl+#J2mBo?{+3#FYfJf#7a1b<(iX_OWACe6Dv_>T@h!4KCW}lwg|+2n@+RZpZ*Z+r
z_`&`ABv%yj_wU`q?(U8#b9-|W4<0-~kqmH&yvOCGMRBTv4*<@;Y)_*8%}MxPo<TiT
zME*K$55KC3FGkZ*%^vG|jSTaM9b>^kTnNn}VD~5oz0^jBK@537(fFps3lp@li6LaA
z1TAVtGPHObpBPOep^^+OF7u6HBPj!v7B;4}AoJxkGhR2y^4&<Aup0T@skJS8=BI@j
znF~wQ1I)4+_Zw4BIDow{mUEcYLg$LH9G|-M9m1*0J@2|4qFFQFc+kshR{D_cx<n4S
zFX-_CeMbU*d-+Frd*=ok=`!l?t|IVh5{|l6+$|f8?Z7b?L1=UU16e1$Rwt54G9J{4
zc;6=rWq8iM0pG-&m;iC#;MW#;s6+9ZUqVa)aSc`+;nbVBLvbB=vcx=o`7(Dpo_TW`
zzt4f&iNj8ZQ}nw^r7VmSpW<XMj!$dyi<=pxQkgohjT9EK{qYas%*PNSPcDrT3f~@w
z<E05$Tz2HHtYYV%eh6R2g2~BA@d!Y6!iMTE&cHDf#-+$n{O0u6Fy>YtFW?H8pk6KD
z?)AHfXMxw=xP;j15*8L?7#tf!U~m|t&94=xAU*mvmlRWwZ-`pFa}Tj}4aYB>K``Kj
zrCP$$-MhH{`9sW|JBJy5v98Yr7r!i6&Bw^aqew?Lkhh1(tM+4hLit`Bqgf`kRdi#Q
zy!0$ipP$3>F6|#@LwsW`PG0=vumv7+x5_l{ie(zGyDb=TEBW>HR$%1uUGdA5Z^%nU
zRV^rzH$5G+kOwDirvy1a&2bQ?!yxDZ{QArHO}PfuYd+Qhf6i^(XTe&cfls3Vbq!3o
zfb9$r_5m&`?rt2I90Hylp^TX|?4&Xno;ZPO&5p|}R9D*0i{#iJ51G`BScw9#l>?3p
z0B*yb^VH>$s{s5YgM%vfAO>97B{}Namqvl3A=PVTJ+xi?v`9dm|MT<lQPR6Z+cFd6
z?NIopXbrhdnAG;saOeuV;qev5cU=yTOsX+Gcs$~}E<gI{BXN(wBRyWwH+1{M(_rWr
z@?awj-R=$1AM5!tN<UhF<AZJ3%MGM$WMIBc`}ZqHQTU^Ka9)j}MluB&h@Ex^yyGV@
z`t84pBPY*bHeeH<DdA^@inK2AYnzBMKqH2&QA3V+Zifvn8bEkV%aUhRZCGFft;JJ5
zK$<c-tPKpi`8|j<0Mn?lO`{7x77%e+$P2b$r%;98X@{Nir7Lx~NM|fx!A3NW^&kBn
zDhpRosTELpbqwymZ~|68jW)EwmCX#&|MD|<9^}L`K*dQn?7w^*j^hKufb!!7JsG-k
z7N31|88=qSc=KDYWB1zo*j&ov#7h^+&;^j%Si@Gbh_Jr~H_bL(t{}D^E+a5CjgY&6
z&1f2<GgGL=H?T#cbin7q;;s8glZWr{y71f^U&olQhLwj4l;<?U_7Xn$(WkHk2XONA
zIEJZ=GPPYHnZm<cx53}!8k{*#?P^6a8>7LxMuu^M>al{7YY?YT9VKJDiIvp^UisPu
zn!H$%6OXl#N1G=@M@DHW*+7H_Upw)+SB{YZ;Xyh}1NI^rk`lFrliJWj{0TBP8>t4h
zJ8*V{_6f;c-EH6u8JKc~_jv>S3d<-N4K{xK-UT<U12nF1*hNNkkn}uAkWr#RpP$g;
zQD(D1#**p~A-#)~#*d<%Ae~ekK3OMSB<mv`v>7-~W1E#a%zZL=G}d8`jLg0D21;Z|
z_&NR2Fzxd6J*-A!m^t|(4P*{1^UGPNoKnexfWLtv=?#(W8X2MEw99L>;n&G<aX-9B
zhD&@}kRm(*SWN>3GIBB6rfD{$MBBt;9m8bkHb@80<Kom7eyZdBB-M}h^-0>E0`=Jm
zZv)k`1$Sv;!DW(4Oi{hLT!yZzb?A3{q33J|)W0_#n_^Q?bHjH?hHlSOmwa<T|I}sg
zXq~#O(xA<U6z{GlMH-Yi|9Jg*Y5|LR8Zjtpagx_W13zA%BmK2;xV}CI_nA@H{4O|7
z51~Q)IvEh_5gJ+En1p-mEQW{A<IG49lZ_N6f=<*eHX6WOI585U!PAAHwTk6f1~1JH
zVBAaksee^z!Zhgj;QXi``C<uQJvNM2r-C$)lE*?uaom!_5P23Anj=TNP8=QbBb6<{
zM^@5HBkXI_A!KqnoFDPwo3laT`K^*A&3cO{yg{A#yVG!98iU2#x--^BdR*s6VR>x=
zjjv3=@#+-pV>H^3K@}ffb%({NOXaT1&S+H2WMFCLzgvJOyNZ&H3{QqUO!AWEZ{0zF
z+>_(yjw7?PCcM=&)iXGE8u{fL*jiYGcj_3b@im$(R4{q`C>g#4hDL^Q^xR2|j*Vhu
zath%P>C9#D@mrTswns1!h>&sSQ!!Dv><#Ra5nI@@VsIc#1A7U(yA>>7zmDO#2^z!$
zxbw~@sL+0xJ%0`ZWa!h0G?J+jrsqb*R}LP=EFec%Jmk&m=^?(}3gl^^CNY#~1m`1q
zD@DeMx+!}%JdD}c@NJS2qxBXI`W6xzBKL*|dNz!)oCPanP+Sh0tdNCDq#L+TX)*GC
zm$rcsGI$O$f=kM?=r}?1<M|!M+Zm!=QK0pGBGyHA0v`7CNRACnfEo19l0iC7jw`>2
z#YuhXHg(+u?GJM3g-6#Q12sk6(^A+K@9qo@OrTb`;l>t~LvlXq5@g>&_E;GFY0|T`
zV*%M}43J@JkW7L2WOvES2G+^2o}%(jkWu2d{SVMK3{d^Dd_sci#@oc(@HrV{ep_CJ
zj6J_OZPHJkF}3e)YQqOf3*4l0OKsaoz=9KGjQLev+R@pG7-oEPYCm<UBibfY{!>m2
zGoEtll3%sg4(-$>Uut28?6Kc<*@qs+9rol%`zi5Gu+Tv0Aj9IE48t)RfK_|7lgkdr
z2=ha5y)q4J*aL5PLcDahl+PeZo?eUw)L<ztUSYI){}whM-bHk41802v?Xd^Ac7IWL
zUK^=AR(9fe@ZdhInQgp(?Kb}S!)qd)UptiHcaA1f@R!pl#5QqrVU-5M5;hW9@lnW6
zuHQmEvx|F6tN3>x-oWkq4{2a-z!MsWo!kfepcfY7xhFDcHmb9O>dyvF^Yrv+wU(Ho
z%W;Wsp%HFk#EsPMCUN*0reBCRs#J@LozE7EFAwl*y_|GV@wFUhFoc=2Cs9pCaqGb*
z%_=D;-&x9rmSt$o6G?uiutA>g$m|Jx<IS_MThe4GD&*nvH}f3Gq_g0=S?%Q2@=Z52
z{ty}!ZY8V3_2Mdyo;rrvi7@V7y^i%bSsDragpak-K#E3tK1IocEqgj#f37D_M6Bdh
zXK27@&x1X;0MP&$5OTD|DaL0efL}QYTnJMJwmzhQKY7D-PvkhR=;aq@oF4&x{fq_A
z(%gyjvc3~EmvWKvt7J5}3=bI}_T*?wkR)S4#nXgZQO$3f;ep6S2Gz~aSkeZ@$SW(5
zLGh87{{nfHL29oGRsL0)-2c*1#rSZ|G;lpm3<AG)3V4ydH7bkdT%fs>D3iBcGdiS7
zl*jK8EfVo5OWr=J1`!()CB!^_;ma<c?xno5WC*`?tbt!VUPqV=eWuvJB6-RKRF?KR
z9QIO=4UrCN|I1t2v8d?ONa&WxnBJX~Z7@<3W{F*i>hKg0zw=Z_>h>NM`ll`r8GPz8
zElyqLztB^cGJbpc&y`b`68IHF%B)9aXrSIuBTtlPOXb^1j1}L&K;%3cGzfFoQw~lg
zzjBarzhMq7NSUIJ8FDvO;;M*<YrRgS7%QQQ8^Nr6W)0ibcVM|-MT0M-w7RbV$G9I$
z-CDp#2I7)9b@}zysY?xdQ8H#FMB^zGYBo44{6IVnzDY7BWO&#k-s1N`lFK(YGbkRH
zNpEf8=I3`XG<OWHS`P7S6-Uk<M}my})^-UeE*yuKCKC?wa98gyAUHgR(TE54uYHE)
zjUvuGa{<meO(e)&s20=MBsb&a*;BCQvshhT74N(B_{f^jK8eRSkS4ETW^x$o4<8~p
zc?{>y97S|x3(G4>y!y5C;=PqTILBxZCubO&aq>E14a^OZS4Fm;2k%w#jQCXDEO{Mu
zGD1EY$jQctQ+aFvma_aFS>UB{+K*(AK3s2z({>TE98&=@0POKmlaRwslN$bt0Wi*n
zlJu}KWe;$Tyt-3l@M!E8`)-iDDfW`syIUsjlE2OR8X2u2%JU(4OCzBMj*?;Bp}K##
zVG$l4*)v4T7R*H&7$iA1Xk+BfF?QGQVI>;F^obY9usM+=4|IgQ#yZuXJu5y%zCqg=
zty*w)m|x8X+)G(Nb2|)@*L<72-VoJk%tZz(L-i-Vjru~3y7npRBI`-u6Y?fm{t~ra
zj`Uw6?{AvglvvoLIG^@p?{SE>e~jNpNpbe*sQJWc*`w4}rs%+y(SwMJ-X*^jkT%Eb
z=f}bN*XW))JWYm<2N%ZwN`~&Oo$G2$K}SPJ(7HtN&JG$M6yVASX^;-m08%ERQA9w?
zsCFMo5r;Y*dWKvkAmiB~k!RawO9r(IG@!mb3M+Y_nrW56UKD=>Q#N*XGSqD7eyayV
zr$e_iuB#eq!YD7tO>~)UYg4D1CgQrVAro!y&L+PZKZjH2W@uZL16<Q%UWUSy)3kD$
z<*R7Mr8K=vs~xy%qARdoTI=N0{3~QE7SiPXk%74|Or9L^=gIJin^D+MQJk~0;nko7
z)dUrp*gAH|`yCuVj*!v2H$uv1jy(msL(2Y$nhpp<sb5Sb4g_6Q4fTGi3|%^#7jGi5
z^Hk0NzI%?Z_gSoV<<7hwz}|#hNe!%v@9=9c<>|rGX6V>B@XaV}=;S`c*Q`1jx+ZAq
zpM84;wR;7Ux1$lG={|V`4w}__i&eP9equq^OhYI4pDI&ba2yUUgVR+IlV8%ypA=yO
zWhak}Pw&Yn*=@+V9jH=A)xg`JtsA2jc)mIT8%?3P{>s<A^$@4~sBSt#r+Re1HPgGH
zt5aQh#%`x>EB9^Y^Lt&nJ1eKG6jW*3neXQ9(!@!3nfUxw7_U<{%MGE2i#EP!LAOOD
zU}lsUd&X7LAi|Q2E=}ckEK6N8T4{PiFNbBc_?;&)8rpSm2Ifi`_t4Q12hG<L9#Oe2
zyAnB+>h4R)p_KS&FjT?o4`J|WF?82&+{WnSBt{3+a|#l6cB9zb;%BuS;%)0gk#-p)
z^4SdRE`D=1pY+hsKrx?##o>mlM}zrA;At~-<wh0%YVBS8aQib|AL_}_QCdA;K`mVr
z4_x!@<j!mfm-1zdE+-H!l;I_#=XS9k?mG?SvSlRWCF(;pcsw=)0(Q74U4SZ(&sC5~
zl~JN}=KCq#?d5AzluVUL`doN862TJnleo)?D)E|Kl<H#(xMB5?wI##zxC|Y8gQao<
zyNNnhQlNfq#YD&=uJM$KA5S*0m}+2h(1M9D@u}`b;%~+qSjzy%Ml2W(DEwTZf#sbB
zcBm^{7`GtkVLdz<s8U-MsGj7>1bwhl1Be5Y>QXJ`k;xU2&!pK|Lx>LGI`QJM6#OB6
zRh<(de(fC}2U6YTme9hyZZj?vZ>6^qH94IgU0%ho$>|JZT-L8uuuX;_csl)h$aU+8
z9z^!UzH~f#fh`RNU5BwPI%rcw!lCPaOfb~*sWNoi4{sr74`GT786Vs-Zr-2A=FT=s
z8&M2Rj3F{ONP`q#WT$dUIe2KgoTEXMU&3sq0fs*(Qp#pwqhmNvv*`d0mi&2)Qq=)B
zN`NPTaz2Yfp^C^*1c_7<<w_k98Z7ul&oy{4JvByyuWTfr9G=Egm;c|zKfy<_c_@CC
zf}RYW3chh5LL=@)YTY-=B@At5;4Sg@u=wpIHTZls>R>jSm{`R2CzAy-W)<Wz<i^lG
z4TkKL&aa4rc(F5kGU-GaiQOWF>j)3Hh@5bHs7_QL_Ui7Dp}P_e<F4C>xRoDJXvd)$
zI)-$Bu~)jfUBg><8n_w-F3wo+?Nemz0>IjK9e+;zJ4xV$ISal?{81n9V7-nX5PvZX
zynf7rub;3Y;sS0h6aOw5LFx+MJV|LstO&cwQ%)oh-Hf7Aw_;>+4B>E4d_$2d5?x-x
z#!eDD>ksIF_2Ag4GvX6AOUqG=j11ER!GoixPhc<{Fc^z=533m`8C^?>cx$6&*><l>
z(ktmPu8k0UX&;!$>3D7Bnn4ljRHi^rdOD$V=7XuFTnDYsKJuB1_MqUPb$dc!LpLyN
zZs>Td;a3qJ+T#WM=6KHB2^&;cJY6DLpSTN6#@6;a7WtNIcL0rI6d!;386K|3#W(7*
z**J=cU2Md6sjO`zqA^shPOLm!MIy0*+Y2jXwsUxR_b!&BS=5s2SW6XXMx90_wt}s6
z4%hE*U^lu=1IH%TSC_GwsEKbb$={25lF%M6D2O+sD5vPY=-<usG8XdNY7G^L2e<{P
zj1J(TceYf)*T{JN0(luPI>?hDFD4SOVld={huoY>p++8G9bPhYVZV(g9d?Y3xG_ZO
z{A^Y^TOp5xCo)x<xRAF)hHWt75O>CbCO9>kv{*Pl&5}6pfY*W}^%9Pj3vg3<v|&fa
zWa6T2LmTMem5m&O4f~ioES{wkZ$=?rN1{cE4AVyo4P4#?W`-?zW}50ob*DKXe*6HK
zPf)vzSaE*Rih#>P9+<*kC68`~_?O15;uPi%d4%shY>1mP=Ef|zI6)HvI{u2eEE)P;
z6lpT&4@cnld1<0X1(OH9zOe%f9S0*r{IYVdFx-4l7i-kM<jHx+6Rx`g)Yk6iK4hcC
zb=RPUn`<?o$%#0Tx)Q_?YvwbFV9SdW#C#@+$B^SXJ_)z>6RpKhFVlpS&<YyLSBYW9
z7etHhL^@6R?IbI1OV=k$)S=BZMz7H1W$FMkQLVMR{-{#>Bho9AX}P`8USJuA(+y9T
z#|!w|mc2Y)(37F#Po;D-bPpF7uoX>;Q&&NnnL5SHRKfP{4r0j^E?j&LK3fsdR0)G)
z)8a+IGc%JIqRNFv1~E1|fT8d(oE|@RXf_)T(_ln1d8f@mRyu$}sx0nkD>!`O!;wQ?
zGALFT8m>W1L_Dz8^5iWJp;oS8a(tA$jPB1$JuVmx-4_XMH-9FcqdS<Pb5MVHiAMde
z(Mayi@P{XBD3Rgg+tYnM+BX66#M~B?OEn}DG#FDlf2`5tv6F{p6Q?GfG%zzi5i6lm
zZcyj7!b#*HL*Vn<Nydpvv5q9A=W|u^{P-)`R^%zZyOhV8&4oDMvS)y{4Q((pbky<r
zy_an0OrN8Z)CisALh|)DJ`H)E4AgYQ3J=wnA7XZru|F|t5f4*O@u^EY)tBVm&IV2r
z?-Uuv>4<Wjj^~tq^6X9$@8pmLGo**r^IK&cE;sx%1NHl<PxBj5*p;F_vlSzE(eA|D
z)Fe#?i&$FNBHdQl_|8poi}@?!4Nn+DLAUUL1$eEJXcBF$1PRLE-jvgVw2<XA65upt
zC7^``sexvGi8Nk|r4IZWpQ$Bopx$No4}G8L1!m<oi56{SCZ`fZglVy#d^)1V!SWi6
z?_m)w_9U}>M50ehaU(JKIl5j9-N?v@uu+fn3b5(vX<_U-VRPjHKKbA>ijDwYee>&>
z9%xl8o=&4gv-0u50h+}ou(lb4(;FaTT84+8L89{N+D!{IW35{pNF_3q2IR>L;JSL;
zG^0<HXrLikw+|H>czGlF`*-C!8AD42wPF?yw+jUtP$woP;QfLOop$OnX5mwpC6)Wd
zK-<m#>&jdB@vd^$CGTUU11Q(H+6)DyYj-VjM|9Hq7qVG=E1pJ}CNey9SBed|$W<F4
zuPj6!7%bf3s>qQc+>I8<Se0plWW(?<d3?0yeO1iy*N(|>ZP65fCL<xrJ49Ze%S-#7
z)RxG#$t25&M~g`3>quE0*v!<iUbA88rCDq|XMXy^SbaTOi8k`+E(Q6+t6vocZ!eT9
z4MBV(3cnAUpYh_)L$RSQQ#<gzGJJyxze$8|RN-rPEXVcX>u%(1QR#|2so`d&cHmR-
z%%wJ_h&b|iL3#MiFap%}i+As#SSrI(sw1AtBQz92BcH-fEQj!LggnA3hL4=Y*kFkE
zhO&*uX3*kdEsEg6Bsry6f#zBfY00Q)lM_o-m|>Dngauz2%w#m<k_tnl30+=uk$r#_
zu*OGL)P{~4MZ!MId(`TQj`jF)IHh#c!e4(6QlFnv<9ZlRU9zp>OKkhTM#tY4W1}%X
zKHk;P@n_&;+gm8ZhRE;;8Kjm+X9Vl#4d81lrn7N^G62+3qX55{mtQ)}-ko+mhCjYZ
z92y*28^U*F^7S5B?u)?FXy|@>l?|QYIXbZqsQnE4K<fj_Kum^?!rxA1apB%JGMiZp
zjR!C@;uD@ty+V@>GE{?u4l-<3)M%tHlEI4YlIOmW7di$9o#bgd#T|-#J+D9pk+03g
z$slskL!&MX47-GPS18tSXQ7Cz4@+312}_aW9pts_zIFr~FHF<ERV%4N>ALL)3ZJGF
zeM{OjHgp#QWauW<FN_}$iZN&}vk5gx6m2GE!c(fLB(OosCt}!1X32;-$djYV#6Squ
zLLO-{dN!IA7RaL>86AO-t*pqSpt-qH9khBh(+DlOmJu?OW9ZUJKp&UT%&Toj3nHx6
zsS{`*QbQUzSG$osFgljMN5y)EqQ_L*K8q0IZF%;ogmHi@PY;yJdwiju4IN*jV>`uO
zozc)4hK_^5VzXmtVv3C7cvmCG;0oBtKy@;53^7JgC3%+1mF3U4$i|CLd&)+R!Ow*m
z<-Q2;;LE#6y5H#wf!qpg)Y`#3^R|-fF3zTrSGPrm=Lf3={Qk`y{K<^~(m*Z0HAM3n
zSX~XIvlT2Z=CQIwhK*$Tl;zN{8<W%gT{)XDdYfxGB;rN#`byMS$oP#oF*@N9UJ)C_
zjpZCxHcI$>foQXUn>5k7L7vcZ%_<(o<u<j53DQ2$u^V(uI5ad%Fll1V{>r2s)JoU_
zPauRrnlO$`j1rBA599K6youQf;tvQT=XUY6aNe_ume!AAw2%)kU6{&hlFHYTwS0m&
z-XtxL0&T59(WQ}`Pm(n-<fvd#MjjIci68UZq?$0M>`Be~8OTglqIU4UG9v|MIz*eu
zr1CpKq-(NGYHtlAwZTm2i4(O=FJ#i5oPEDgCco`C6hqfX3tETdQ%bu1{RD}3svOrk
zPOoT9LK<+8mt3XL4tZ7!K@SR^5)#E7{J|#=@Z;O-C|GK+kT(`flyUEF20J??*zFeK
zr45fe5R6!n%T%zkkj3_T0aY?!E|(p{V;;<&2*62tuPvAHy{k$5hnt)DX><c|YZOU$
z73=;0QhYN;l?EiDeQt&Uv`y+}Y3*_lk{0GLOHz5wBo4^bS_xR~4)GZz{&=w9H)Z%s
z5M=bcZZXl*vMa=m(`q2WqXn-S%Al?c>>8Rfs+^q0gHOvKNOGE>78gOKuQNnkVJcxW
zqD3ojix?tI3x%{gYea2B3nsJtdg6NP^O_PZOo`GMyw=nHe{EW{l}7Cn=0w6e65JNr
z<a;Gr>`6jaZqHsx%ex2B!bqH8<J<2KfYunMpl|5<XoqA_%G6<eP6ysRHiut+?kt8z
z{1_g#p@<6p?6Vd8)9>BH{jE4WAv-E{V0kfzb@Kd5#k#mzWpvbs*<%69=S3mcz#4ge
zt0a@kRx!U-#Rp{MK8fb=;l?%|rs61Di}3kt@P|B@3J+n}?H8va_l-8As2+4Q`00-@
z6WSAP%9{|`d(t5lNo_3u1XnxK1!>FHnxTl$c1hdBD|w=$@U(4j@!N<OT3Ar4F7mpS
zu96zy6lHSP`te_o3N6}XQNUOy4NV>`WRhV_YZ12ztz{VwcOX+xLQ9__*DD#JPd6F-
zX<;mDZ}2`>xARenv}x21?(0ffPa0gGdX1;q`-jo9>l?a0_C&5+!M)u$P7My=7mghf
zJ&>=RjukC<eW`-N{0eT@mQfE^;0imi9WCMd)i~ByO0ZgO2!@@QIqJj37X}cDII*~1
z!XLhy!VhmIaXr6<=w=M|Xcg8HpERWblk}hW4q?*iN3mW(jSjM!;SDN#LK9byQzm{P
zai_yshYljlR;W3Yw^1kXfYJ$_l9W8kz{m?(&MXh}jO7TP5>(bIL&sCsV$hRF$Y~^`
zT7!oYSJr}5hUsjc7EOH`PbOL@B<Gd#cc9KNk!}^zWQi~Zn$d1Vi#9ToBWg`FjN7yK
zHVL9diztsN8RfcDJEQ|cqOSE-b#*0K{t)P}u&1FDAJ6RL05IEakDp8rTXA!So|w%q
zZ{{z9%Ty<xc-0zpat1H?+S_s_i~s4$Rs7L|2b9$UPs4&s6+6z?tm0X_6teh$((c{e
zgw1Jz!|%e*P7$|nB(b%gr+!oyZ;D^a+HfuHz_ok@i`HEf>;>_?ve~>HV+9-dL<QIS
zT45I-<)et#D(Zvo?Znq(`5LZ~*j(1CHB^~u3h@m#{5)ExbNFrGN_0YpG-fM%fPQq;
z%RiB-u0)X6YE(ewaa<#@ok~DisR=5JpbSKe7LUTJOp~Y9g*nY%lh=}K$`cf6jYs8Z
zgDb_ffxI=KGZdL7Lt*Nof<+6VM<rz&G?Mr|(4KOwRR?f=4Rzj&WVEGg`job4OYT4|
zP+pZx4b2|Z4O+XlsMQA!^{44o3TY9geUUIVbUhCSeRPGkd!HnkAzv#sJ72RC68LUb
zHULJ__P>xK<4_@^<S11k9@yX{*5Qo6>KsPU;()K=fu-caxou$L?I=>e{}8#g3~D|X
zN@P?YJj~<Wk5c&8Z>RAGR~vYHV-Pn}N06zEi@FS0Y>1HI43MF7l~p55#@1TphsjGQ
z@(U-aPFydU7{={l;_tBV4K(`gQXZL5ww#xbLR!$sXVOETs{K^7iwmA{kdq<eEF(w>
zG}r1+h%ieLRXA!~2QeViN+ls9h}u>R)UA3jgh*3H<0&$-(bK4TEscreDsi|;l&GVw
zKcjJ#^q7$vP{O>et?fB5(V|Js_UWLPWsGE$A=27~PyOyi=0BsJeGp|dQn$LAld&BX
z;wfj7sO@#-P`<rL(|;IXeQn?l$G3*}@#ROUUV+c1+=hM-a9{8`Y<Ssi!LRu&nC1tT
zEiQP%bMOSoP+9FLXJ@ed-~{q9F9ylKvyvzG$wxc*)3q{I-5w;U{ClfqT)UpejrBUx
zRVVCDFKkvn8MH}M8xa~;tz_tcV1W(`@)Co&GUj&U7|i8`mv@*`ufsZcWSHvIj#QZ>
zh^WdlB<W$6PlXm1Yc^2SQq6QVz$-zt&;}t*P8E^D>I9;>&_gFLjEAXM8(2=PO-Kh~
zG>wu<qONLLO1hr(1E^tuW#YU_)}~xDzsf%l(LzU3T1Uu2JrQlcM8>ueWR`88B%{fv
zg+gX!$|U9Km1xmM#5aQZhXGSV#}KE0)LC;MPd~Unn33E1h_6B;CH#gHeq`W{F(<wm
z2x7DmM354+4_Wd7xV7cQ`g#DB3e7tm7Gz#LhI=QDVyWRku?AEUB}^4780Ysf(@0~n
z*kQ9Br#|)qYIV}aU5&iIdc_WF%!ipo6-TT!4EvqptssXDxs5s!E#$Z<IwqJWDT9O|
z%_ykGH8~Nbg*G5)OkOdRwW8MuJ&$BKpF~0ruT`ilL1I=-0mXnQJVtBHA<e63{q){P
zE3aIh7B-R@pN1kMOGi4GGTYf&TrN-4OHMN(Jq)SZh7q-X&C~<X{*1_@KySE=)Lxdf
zsd_S#CF%(zXw-LD=sJS%Y`%}5Vf46rE7dx7V+E8@#Q2yU$Adwf^;Z!Nl~4(i2j@v5
z6p6#*uEIjbuQp}H?2!<@K0b|^NEi->1Hs`TgwCCXWio<>hkG$!+2hxJZBQ_YqT7ms
zpI>Q3Mzj)!%N0V^>Oz?e;9<|Vc(Z%%*^;1^&y0*P<29isn&nr*tszqW$q=cu&~sb7
zCaD5i+z44tN!Q9!s2S$JvT7qaA_a+*L6RZ!HORbHnzFO?JX%wrjhNp?>W>7>h!(Px
z_-RI2@D1`x9#y%z>WOH<lN$5H9;sKT@=BQoY9)6ibM661E4ay1AanLhhk>q!u2*y$
zhw9Z5wl`L>u)2vt>0q~tb^?FuB$LUa%I{oys&H7lXKy@GXXw#@@XaXEat&*h1RBW=
z*y3r7hsqc{Z$t9Z02;#uoH(+M@$n37?gp$!Z1{XQja#KOIcXN<1p!V6tXol7$|+d<
zHZpEC^5oWFuir%3T|jEsi^fC{4l<%?`w;FG2l24zLVlmmiFd>S8mYlQz8*+FeRh4T
zn++<Rp-M=Df%s9Je@a{uQK6(Lkl4C%n_!;G7tv;zmr6PEuPND-(<C)W21^aJ(iCX&
zB3&gZXbL&KMdsI{+NJ16g|!o<GPUJUhzC5~sY?Sj1tm1uwCGAgS`X&+LZ&b)#58vo
zGSi`v1dbgl(Lz_$qtGGXPz>EpGN*=&;8R)~c(}NXd@hfT#XGop?*ZbeG-5m3w9cSh
zE+U;yBSjS7jUtiGQZCL~M<y9ZERiCa5@NeM*p0{VV16F=?#<)MPd~xEJ4;B=pqtI4
zu)VvBBpE%vbCBN(AE$h!Vu8wuBAL!9I)8?+|31JiAdwir8FG&@*IKt*ksJ*mIp#w-
zN^O04718T4WXew9)DVIbV;C;`$fF}K%}IuhdR5t4$Mtd=OO-rLM99<I*Z>w5V4=wg
zpQ5zZ%dqBhaHgGb`h&1W0_5L$u$6XWJ{QJr&4-x7jf~TY2Fpu#RcgeLZ%)yOH-W$J
zro4rxMdFmH$@ZC}fl?-c2RH9xV{KR5xmhaY5vA?eSXo0NktUwff(-tYR5BJrlKM1%
zB8ZDA7jlU2>>{5pQoZyotA%y7F{>K!<bgtjRn#galu9M_v5BULAOT5MOVD)51CY8>
zh~pYbd`5GvGG$r8S5~b&YFa1il)hI!L24Q8r0ikSJWOr!9f%e!QVpn?oJ_RPlbY`!
zWTu~q7Cp=EMYJ#_GuZ=@2D7wYsT;)c-UGURy<nFNMlWA4xPARPR#z5KwR;fo`^1b%
zLv(u`%WGR08=r)w5XHiF8o6wq3>z7~buw(*%UIk>AV~uUzb|unZ3q0ltwuSEg**4q
zu-UP^xPq<iO>Azg(_j)8FV$VUw}NWLid-R!)vZ;mY;Gf)XYX+dNns$9SXx;^F0%`_
ze-K``OAK_68+;Q_xmH2ZQbqMKex}E~OPJH=>BY9M7jXCJrIXmGt!JzJMFJ~a?joi(
z5~$v3V5K;O8x1#dmW22;PuS_F?RFqbM@oLEfjgsNMC&1(Adh}9Q$%qihkCq#wc#+z
zWH^TkaSS(#7<4#cchrz+RI!z(zLToKL3PeJJ*fL?2>2SXjr)<G42f62$+LIf3bSnx
zJ^}4(*(mZ?yvN-UTnNoJzh1x^%+Wx0cMEr~eu7)K)@ky@*C>P7S>MLJTMuF7uNBz&
zt?C}}nz}}%h<n#>i+&oXiB;9&hOLsq-J5r?zP^KaG!9=VNXL+i%2Y}fOIpZv;II}q
z<2QK}u%M3hhY!U>FE}^=yD<EUH^gh>PvI$$*CMPj2pUi3YZ{cWe$C*pS-MuP8EHRb
zT>B|JEw!CYnHseM?U3ap5(7Mwc`_0GM8Bi3L?Tgw#%fXfuO}%{789j1Nz!eQ6J^>H
z9fW1Jk@g8?YueTHM6|Fu-Eew3f4v}^&0=|ZS$w^q+h=-u_UO6|ie;K{XA8jA!&T%9
z@{5cun3$Z!xl^-PxP6BVP#$iYq4Sr*eS^cWB+0m~E+a>VHIay6c{PeM&5UXI5}#=)
z77|!mx{pt8&tqjHN_DWnAB>2Pw?={k@Q_TD4BQUsfjfZBWCEYxxelkZ0S66qJU}I5
zJJ=wZ62G>ik4J#gY50)@-!SdFu}KsIR@{qi<J~*74=r&7kGWvGG>npK03&M+43M|c
z?6mYNIqe7)b2wU#;+Qvwkw^{YKo&dIT~r)NI06ks$P<i^;ZUIEeta<3-k=H77NT3b
z7@wNJ(8wV5DH}4m0;)C_rjN~GkPNni`XA>{ZLZNoEs4RY8F)P|Y>?-A|Mml<k|j*f
zj*D+9u1C|V=S36AQV}`w^7ugI@6zSTv#nCUk8N#YeQg7UVg+@YEb+u|YlHf3xq=E!
z=rV}}c6MSY6pE-8vxvr0h|w`sE|M<NT`3mmz|WvkrMx@a*r07FisxV($fXllCr^~W
z<;c2oG(c=`ZBsmj3ZMF?4bfWLtWD%JEnOF;fJ|m!b|+%A^R$$GqN#)y&9Fq>U?$Jh
zgf5~a)1r;Ev_~e@P)N+4%b`UZN$GmDb4(#CFj7Z!P3(fb^Y!|4z@ePFtY(wsxosj@
z%qypDny4eO8^yyr3)o7PP`0{I$fQunXL0MwhuEP3%{MfFaAW`>zZZpU3}wpibU9F|
zRLLvLiSO41oS=N<Nmw0Z2#eU+O`uSVV>cZGe=5c2^C1+Dz(TX@fX9o4drNrmV1*9u
zEMl8c#A0c2L&cXFa(~({9SSr>G*;Ut2Ql@`2xg{iICBKJc)WySZ3k;RYe*L}7#a-V
z`I-gaSlPz-ZU!}K`-I1iD0yZ>K|5w#4b&~PZ>_sXyVG!t)-f;=z|rwRjD<}eg*dd0
zU{&qPw03Hd6@H(a3`Y^$yIFXHK{9j>nmFaLy}F18cbA1R5)a-J;@dIuc%7I&I){Ow
zVbpU8M3Z$mf)kjYnGm1ZiIYL%FRNR~%TI1CWB%bfa>Xjv?#^TW=1nZzzm0o$9$+UL
zqhlt9+gGmQ7I}#e?%l)ZpWng8z1w)_dq2SZgLUf5HR{*fsFcd^y2*Q{{vJ=~vHaj6
zZeG2G2RE+c_KiE3zkLs%esT?oolV@QavnZh#OEJ<LI!RFAHVlL{`5zmV3+D8z78U`
zMA?3AEr=EhuQ}v4f2u??Ec4`%RSU{VZDJBnPqdKZ2FOX~r2QlwEp+Af0+CT8En^pw
z3(%1XOD0u=9tu}W(-AFt)1g93WI2uW?0r)cW{FLr#ePXZTR$51b?Q=f1!efX9*mBS
zV0LZ};UK@8P)(ppy4)TNjgI5w$)j}8Ph)ao0yERoM3Xpj><G<x=P*GY!uaS2jvqgc
zBXcu|gaRVp=;REJA3KUuCywLPsgszc{1fBj7^AXgNN)D%ERLR>!;#q;Ob!oXc5D<Q
zL7%um1vK!SK7SGCFI>dj>=XhtaCNBup+a}+vQg9Rw?`p;r`aEwow{W7a_Z7rZD2f8
zgtt<I$C<~}MjZ9e3P@C)$cHPK9!p@<TSt7Siq#u=EPk9uayyUV5jSQdG%-n*vA$J6
zzHXrb-wS)8g2FOQRJJnIMr9Pe{9a2h!r}AejYLpdCy%9O#g5w#i>m~$t%L^YDo=-L
zB149Sx2Xy9`imh!Cr8^sjVM068k|+XFy8t#8%iQ~Ab?=dgNN6yV>@2J=+qd7hr+a7
zgQ#V<@o-_23}6I7zZ)A%%P3VEn56z#<m=Cy8^~Kc@P>vkGZ{c4o<yo(q3{6gmIhMM
zb!?{^7#<!#d}#rh0vQ`iMZEuWn)<u9p2n@)50S6h(I}*mO(kG!P`lObIC9|`j09|0
zTOmVPcG9sifrYz^ps67;*&NCZ3%1wR5hq;^GR(<j5}}!sn4rl=jlAjIogKIWeng{j
zxI&|N;lfe49CoFjNi85l?t^lg$`X**E$V#Nr5x5E%jikkOSF)wm7r2bbWUvPqjH*I
ziCD&rXkkibvQ27jiz(DZbDdH<bRYpW(w@Hq(Ly2KeiKrEQVt#M{WHte1JT0naKq8%
z)FppTZewGEj-}zlId$0$L!)Dun>&KxfspvBvJ9uoL$lmL3`T;YBB4-F&=Adh2f`sT
zqyczcPGL|7hK9&c2E_Fgo85u%K!l85kOsjp1_y^|Q1Oco>jnMf!I2jj9ta~62?@TJ
zyugspi^-Yec=?U5;~U@j8jj6QiWzo*yu~MQdG2QteA8o;2Jy&N8YedR>jQSw^F^d~
zONeEuQK@0;G`QYP3}HSth(?0sZzb>tzkdfmy}U;I)q>dxnk@Nj*k0Pk+RZgscJuHR
zY^dePYbx8w;FeIx-9a+7EZ%~`{nOPbV<Z)ao!0rl!5?@(DEI&yo}9#)XD-2>*~M;j
z8*Vaev&WC(#HDA*@KjOEB!#K<xcJ&3O>oH5s?*QnbiqN}RLiHxi=!5-mEj9`sHs##
z%^RprG8%jxm-t7|J%i~1H?ESWb^FdT9CW}AjE-XN<SCqg?m759PK3gI>;#aD$C1zE
zFnQ`YeEtx5!4|BnY#^7;;rMijrmuE{28J<n;sh=||19d!MZEu`cd)b(BfZM!ecYY^
zB6M7N=(y1aGf^+4f)Z)V*4hYjerpmUr*qgSZ^mnfxrCOtNwhE}k>35MK#|muQJF5?
z1bZZF39^_O>CjA|MOz(O)bU4oWa_NL1Zt9&Z9k+_-77r?9EzcPn!pA!5D1c&slO@a
z=Nas|nGttH<$aNSrzGFBp@g*?IQW}@4T|3-Z}{H^gLo?w#=311<;gIr4l-1%o9J%p
zG%gRm2;X;K!sz)UsL{Z`SuW#~JKI=VPm0%h?d&A6v=c+zUP0APxhyvFNM=yNtoVv|
zz0TK}%BWL${`w9k9m}wu^&tM$ITR*>WDu0Ea?8Xp9>Cp6Wa$BQGUQRL++RYL3`)LK
zhn31JWYS2)5?H-;4JG2$YZgSwvkHxkBAv_Q_La}Ey|M`J$P8wOT`0sBaqHFsHdl5r
zF~B#ja2;%9Y`jRUEn)5cUEIEY51Y{f=`JENGKL|VycLTi$FD3al@JJq;Ii{)d6aFi
zl7WpUGsu!hJw4=ugN*9%<T$psc2Km1Fg!K|pPj$DUxk;B11EWFaq{A9ROZy!5K=L|
zi&?!%ira*?R%;d!riI2cdSn7>qG(HLtq=45RpPRoEZd3KMp97J+3?c|>f#2{3X{nI
z=JZ6gXsR&Lql1t!BU-fa^kl+n5iOcT@%_R~$9}07nC07(Xd&0>Fz_>H=$;m6JLzd4
zvT9@)^u#>&Fj_`UGjMzxzCt!8{vH%rqFwR?{)D`Ve=<Id51t!C?IhrHmP7}#I=q0}
zi+r^L-}7g2<h8SSX2^jzUT|S{hHvv%I-1vRMaWA7y_1G0>dE}wHJ8T@hlA2-aI`lH
zNQcYVIvd39x8{&|ehRg)hZDsMsEvk>Hi7i;DGDPg`rAlpjW!tDi)se9%Z|j>I&NIM
zj}tGygt_B$NNud*oj?9lEG6uC@$0W+WY9}qR0f`*DLnuD85H8%)F@-PaPb7rzwtUw
zpPE5*brsX+&SR3=jZdHQqZNY_v$%L>66-5ln7Q;kUV7y$D!Bx%etHvD{~+G@?$_{@
zH(!CXl)z_KZlFpHI52fYoUSJ~64_)N6DN<-ZXr*S_L<ug#`IVOCr(bn?)Kr;ue}17
zC6B9DZlY{);f2><Ap`2g@>&$9pSg&csR<lEF^jp$0oqyxyxn^66h?uT)@mOGM!p86
zr8TZT+)CB+%t-u1o5|D?(I=@IIouNIPMn7VI%=jV>%E}JD)rRqQ`5Rblj=ZCWh&{?
zC8)_wQdm0L6K0wAAYGY8GKe1tkCa&t3(f4CJ(`330^DM;D9(M}xpN0YLqnLEnGx6N
zct`fp9sGIsOgWFFr669W{50U7E&n-wv~yjJDd0WHhONCLNes4!RWd61GHU4}YP4=t
zYH(8@Ih!lt1@d-|2Gdxm%;Ar!qX^!;hSS$p;kMRL@-{H@@*qYhgGle%aQ}7`n>5f?
zY7ImRd`rFy4+iH@KU2bZa0SJv2g!O6u@fW6%|yWO7qgJpX!SZ^@jGF4lQrb?;!^cA
zBW;8j@(kN$BLj0OFo)lq{EE0%*9-XW#6qzQyTb*SQ~3a-cDM+mr2{t>ktkY8W5<Sk
z=Vn}kh_S39P77Wtab_r6#1R5Ju9VI^3qM<$Adhl+L)`ch4En_j88(-fv9OZB#b?i9
zAmmp|Q}rtmKG4;;!r-OgsbLMGY?aRta%zCLM}wS43(Gu)G0rgK$>=SQR1p)HmeC;#
z@1IU!J-XEH#R_!O*9jeS?5Ro;*iW(h(M#Bm>V2b|a@qlWea;h^R2h2kSj*SvE?>Tk
zGiT0VU|@ib34V;ntv)x~8XMY2i9QYye5f2IG0gaT(IbFQnUQy6^SfXRxM1}-P;xo&
zS<s7rI~2hW3L_}&7BE+h!q3;6$`v&7MH*0RsA8CCgsPz2?4Se1Z5EPE*|57gg!R!`
zY`$?ExnqN{keA1XO_WJwrSjRUdz4M#tXv1N?m$LZZ4PlqFB>^ch7DZ1k>fP_u{Wuh
zB=J+$N?aq2uT(~%W{L=NOpVh|lqWb03j&b{&R#kvj2uhutSsX8jl1IXWgtMFbrY0Z
zQ6=P*IBVn(k1omxqlySL!z`zgP$KfR!nA0T;HxniW^p4=hFN;&JW8pZ$P{LRMA~*L
z#Br4<nZau<+>96#wK#!m*6F9u(4vm1Mn)SX=AN<=jIw)>u3b8iF3)~o%&XBMqi^WG
zRCo+Mpc|+-9ssQ5U0Hoj*n)1@!!%nW<708#kszb@?yw&}o^&EoP2r@gj=-Qt7$z&3
zIJfmKT-H@mqrUo0tv;WMEBWnkhI6P5+pzWGQ6w*pp-Q^hz**VAg{Yh$89DOktakO>
z=V8Ejggyc_2gpwQMPhT%D8*{z1Tz^uxFq%TtSUKn^c24HtG|r1C#T`ySFH&yOX>|-
zOLuDu-JaGCV_Lgx=Q}Gkn8l4G!;Hu1B;O7Dk=2!;?qeo-KR177ag``)N+PKv@j{iA
zps@teLPvtnKP@Z~E%b8xA^p!x!brLw6{;t*9C~U4F*~Lm0DVLEa{=mXhM(wty@18Y
zo8r@mHZp9&%OZovWc54IAfvVxaFekM<J##_BwwC^<>WA2e3zj(b-?G|l);r><yCjN
z5t|5Ml?>a)tJ8?SIECU^02VJ9QejM4KYMb@=}L>8bg(z~l)+ddj?2`9LC`4ETuX9d
z|L90twu5CAv!~>eVV+0PsYtihGR*U}^EG4I4efb4gVW@6EpE>5?bo}c{A-oT#1LUx
z$b+^9Ev}K~*E1Q@x{;QLySsJ*qbt!usgM3ANhqWVnx%E57R*xjNA#mWJHJKEZI^hh
zz@vlpc7=9#TOVIiP)Ffe6~FsYN8<XN){|sn&;TZ`=}5#gch2V`W9M_h9`wK-@+xcc
zy2@mf?hSbH!I1&nduAGiQ!^-7!YJl#;-UVE#g0lKg!GYdY&<)S&F3eOoe2Ycnvx8t
z@Z$K?D4(k2>v0aMAN`e*6|cdpre+Y=NtBFD;!WUta2^Y~Rc1dh=+UCe;MI;!#dfO>
zr!~{Hh)P<JA%}HnwxJS`<&7}%O!cV{X}nO$*fqsKsgle;5IrhXJ<a-<LP=0X+sGXH
zRC$~ADF$eXDjA}J1k4ilOOFCGeM|=Ik$fQRY3TYmIE*{&i4!e&kkoG4FcKR;eFla2
zhKqWmt|MVQNS^QV<5P(?GDdbXc(#y7p@0(>GFT}xR5wNg_;79*pSs6!FXh2{x{8f}
z4;$yEuzqPA@#6#HG^Mx}Ckz~Uhn$}bCL6ehjfYXC4h<qPsG8JMNU1V<GO0fiEjUw0
zm=&SXVL;Z?NiXjbGYEM#leX@tgrFElUed3jtUEz|j9@QlMauHM<TaDg>5>GDvc~u$
zLo2is=_7kX7S|Ci1huC%lb8(2?HnRixOqCz<fq80E19HV?<D^uJ}ufvPVYe4(iBEv
zjSdlqV(3=ZHjv8Z)mR^2D0Cg=kb8>;p`Q)_zAMtrH>xPt?*vh}P6ls>jNi4fAbt|@
z<HLv#^Ct(eb$Sqm5w9?4eA-ja!=56arsT&Q9yhe+F;X{llU3q+t}Lrh(V(QX4<&L)
zk9K}5uTe)YP$b)pznO-1p0P|l$!TVCIv$UfYS<`ijPH*Wn5A?jTC|92pwhu1w05Re
zVItoC6H+>AXJ|o_JhXVE>NhoYfR@}vOi9}R@33$vhK@g9vbDM*9%MBlo!r5vm*2xX
zKfQ`r$ItofjdGzN-tpH*7l?kL^|r(7B&JY{;M18FhjRLny*f5rc5xGl6J?@}AupC^
zLr9PL0UsGS;#tXq69!JbixXrpjgJm|>F|W>-l;g5-wbm=eTbV$UFl)s?6%2ucZd&$
zwu-dSC8<YfgXN=ZVrZV!V})sT+nH^gy&1AC-5)h!%529T$vuPg9G0p>F?7XZ3B^JY
z+tDP-71<covAxaTohxEuYy{<G6v;#k$#e?K%j>v)<r7@}>;~4>H*x#cbzJ`VD%Q6W
zNbGFj%4b(GPcrMPOSt;cNBF@X{V{&>(G{e0Uq^VFp>>ESK)N3M1%QhuZ_Mf>gGb&P
zpNbTBO_Jf`yEVbaO&B=7wx=36id*>Ev@fZF(^^|!b(yP>`0)U#?IS@-GOuKaxN1yP
zkv16_B3-p#0#aTX-E@dl_0%T+6lo)=FiVn1-bAx>Q<7ka9vJ58+c^gUsZjPOuiL3v
zOs~`lrZVjrWHFK2Cep^x$!pXVrh+olg!bJy`v+g5(4K4E3q2dUZmzq{>3}~l0Bf$O
zyxXq{D+VGFG%9(lu5Dob;azO5tzctw1D{>Hh0Wb0*}@DyyE~6N50+u6CP?ls-uw7I
zDw!g3yX&}m^A-~690r3S@m@=Qi+mp{4&Fx|5BTm(yG=Y^AWlb;v11ZOkBE&N8$LeW
z+5Up&FAw&rcBgb@cS+a7)PTY#7>`+<;ZmfupMdExzQ=*z+qfWM-x<D8>^Yw52Hi(N
zQ=yKGKQkE}@oFz<;sV_>2vJ%zH&Z}xyOP<@Oitf^O#49BYzNS{4;+d|H#s&4w+E>C
z-86vNRIY;Xz%X8Z^%azNx3IA|k9;AAbUKL)88U~<g8<F$EBtyV$`|B8uu()lUxSy@
z9H^mGZ@?GyV`w0P5UuSzKz<1z@6%q0Va9JGS~STl-Gul?jJkM*mQ2dc8D{ck;Nec(
z*de`wOC#N2$O`x&b8*9p6L!Bxxigc!JP++(hn@U<<qH|rN~J{<=l5Ci9ieucy(iLc
zs4<eL56|=@l4{ryavK<_8-xrMV3h5aPo(K8#Sz0zArujt)267?*8Kn5d#~n5l5EfK
zkJJK4Xjz34C@ovew3_ajxg+)p(r8PrEqO^Ah1sPU`8D`RBVTBI-~*RN<HH(ljeOuP
z?_RNUXXZ{%cUN~;S66pemjF=EI)Ma`5~&kB$3uBUMx+1|RjBItRXH;J_;C>t?ta`u
zd4s*=SsOVmF+EA!C`wrxre}kbcB`qhlbg0DR@X8jLR&G8gj_az$92|DZgv9QW0E#R
zq^&wVnw_(up^7f33uz6<Xh%%12_3N-&t~Saw7!Fpk$wdEev3{GYh>L1_Fw-kO3{8?
z{mIYBzl81G3_^Yno_=>9_aALxFw%{5d=a01zl>1t1-x;k8`I0PNOgsAY4R+F1_#kS
z)QzRZRU}hKzt8ugILfJNc;01q1jJK_7URTgkhKLH3r<IUicxm9mk+3{U1ab){J;u-
zSw!52qv}SpK0O`vyPJw*^G9*`WoR~FCP$rtoomohv1yb4arqgFr5{SGYecJhOfx;(
zFe+Yaanxh2{+LiRR(}jkX_JTJYEDJkBuudlpBzte;?Op6CLJ5<%1k(@Hb%}zc22Zp
z1zK^(f#QpDD4TX@K_Xb!k)_R@R`+eu)EZ!<q&oVe6x+E?HFWgH-cfq&Sc?Ts;6ZXT
znttn&zaMsi*O}|<Q?=^Rl5pyHs#Fl3>G9``#HCI8efsrxDA11FdiyR?J8>*6FXP(H
z+vw}*=0b@t-gkMt`axlM6=l26FP$d%`)gVL)}^O_e3e&se);_G%fG>IcfM173S5bJ
zMx-BH31M`MYGL4T?D?G7oqJBhE*Y+4);u^qf1l3p^V^ikCJ{nOzdp=P?(6d6&E6^e
z7n6U2@t}QOw$DXDE|UFGFwnx~Z$rw67p>{PDILjg$kiFQo{rfs$CtM~lD?L%60QVj
zx?+^8>&kix=6noAO~<5b`IWJgvCt~F)g$bxogs3H)e6$icLYm%$4S10xQ0rL8R=?G
zVz!u^iKE16230^`s0V@G2~}W**G%PaUEaHQ4|nd|Ir(p0Y8KcDFE50rhI`Zk+<xaR
z{P>+W5vEc8*w{GUfA4+tvyo#Z?)3Nz`n<`0mD6tITwGd0zl5l|c6ys;9f}@qRkZlo
z>y(xnW&}Ga8fY5LHC0UMH^ycxBjPIJR#UNZ)Od|J<^7XQ@oY<cl-)RyUGH3?9Wit+
zcAUtWcj*W({@iemnv)SS`Xk10{41oYoHwNYSX|1fb7mBY5{YMIhK8bFpN0hK8%BjU
z6sL<+tbS`s&GdCBfb+96WLAWZjh-UX0^4yXg>-D?6Wg*=kv5%hh}jsSY>p}a)8%cK
zo1Bg4SWcjC91GXboe<V@_A;F<4Fg{kO-uPgkxOHBjj+>g7RM1iqLP}a^Wnc{uNl4n
zRu%M))&l7%QlrBce*Pmi6uC`ILxs>{8>tvrWp+9OH9-z{)KL-PHj2&Sy>#S*))Yxu
z+idFSkMdu*mT*usiM0fe;!YVIxku+>pxvWOd5XxNlJ)5R&DMQ<m3*%H6hs%w4|J%0
z4bhKKJ&^Bl@x8{dH$agLZ8@Gu%cgR35_O#r3AKk$ta!b=NUN99vMW_RqMYisj>uEX
z*a-D>d2uy5jz1sy5e5T2B&mzpGS<@B?7AY8vXFI*dv2OsdfHMAW52AY>BxHWN0sIK
zX_}7mOYx+13_WGTtg9fWrD1GKWhI=pHLNm|-x6qe>+7YAQyPup90yKUI)qIyYu3eW
zJt3kkWd$ip^Vp=(LKf|nqOAfnMY%^euKLXIJ-Y4fZT#_%e{6b>t|dcv@#00X@TyC5
zOopyzc^HL{^hveG2C%^`R+~SW<OJD6kZsa=3A=D?xa;(Jya<uO_S#uxqEWka+-HiU
zgekF2dN#*Q{MO0MhECU&^fVo_o*K`Ro*thAr1a!%M?+`QF)$fb^;g5JS5HHkx?!io
z@Dp{FN>x0>Ccd*um9bV;21z_H;z1L?KBGKXr9AA$_wxBQ71raYctfF}K6rA<r*jy`
z$&nUR6wHc8iPk(0X|$YhtF%=BojO%IS-zla=uRbyq01xXJv}qJPIK~|#mhl!2&n?_
zY^#Q3-k34U`)t~OqxGo23T7h(jC6NlJ4+kX#_Wz?olMem%3IqGd4Wp<z`5QovFL-4
zQ~Xkq1~}yS{X|ndDqDRzMuF?Y_*V^Ae`FoT(37wzS>rHzJlgR2d<ciBlcE6$Q=!4x
zN<4+R-5Sbd+X8+c{G?N)4vzOB7z&8b0`hy9fj~eQvqGsz$G|K6*<21$Zv`J*A46DO
zA)c`-N9Qn(qa!V-G{ZRwHN>LORG)EHIv#DLYf|MpAq?G^Dlp?3x|hi7Zs<<7lX$sk
z4Pj=xhX3W`G9GX6dxA&bXMSyvCm#Xow@b(POl!0Jha$j#{iX;1;Y|;^{mNxOp4lY#
zlh{q{idhlM^mL?sGN-K^0a<3RSMQgxi|>S<J{hU*?kL7bhY<`0g^Z2#7c*OURvgC#
z{wM`608Dz~vNsh~%;>1kVn26koCfz_{L5i0@qO%UuHvsg8bg01Akx%mR<7fr)ua<b
zP2N72hJiL>2gOFT8>LNsU7b$S3o~>hBO{ocoOBIci@eT;&bf0q*>2<HFt<R>_mpOH
z|I=?v_->s#(KZ|D%V0PP{C7Y0;6J%dhAv<jy8XR9>})5*r9bTqQG-{0#b52WekbKK
zYSuNd`t4{n4jZRfcQ+=+M-gH}M~eA;0rzLtQ60FBU)?>2h%qT^iO0(c{N}5t_)p&*
z#z0gto_4gdAMNo1Dvg?jeNGJnZNv_WPPC~mI7$|DVmf8$j4hXr!j0#3bM`ogylOPx
z*VB&r5QpBWIPZ<Q-_i8!^@VLDr~PV<{Z^UPS#|iw2}MOM!(kWA-aH5ff?{@7U#jMK
zeaa<FzE9UI-_D{P$4<D$G}LGwT}95X6V3()@r%MWbSH%JL916EYZW#-rDJ^^+^dha
z7Y+8xrb;%grK*Cachp+V@kCtuBa9z!JD}<EQ^8>xo%451kAjaz_2IDgAd2$nj^@nA
z$ywgMdqGH9)#oagr{2}K+BP{tly+!TH;#&H=uQBBChTZq(9=cZJ$Uu^Po`6Q<E74d
zGUmfnpMBGc2C4H_FE28|kOy~1gZRm02%|lG4@wO<4&q4|qq`7E3a>?`QmdA+v9f|s
zKm8JmYnv!n_(?_zFw}MZbYdHe^9#rnD<~Y~u(q;_%t33H=uNvuY1<n-HDgldE%7Z?
z8?9F0TQPR8u`p^bW;jpPiNc<wYncYht)wI8*^2834hdQFvT>$k-$7b3bjpaxr4_`D
zadq1`W3QfTK397ku-h-$wU1`#?v4cT)<hV;ycot*zaMwTL-^_W2>$ZTKKy5I^x$nW
zY(G06!j<8GV(89>Fw%W|LuYFebfK|t%Irnqu*#3{*U;15jh+1r=9f2-&7{RDBOBZM
zNbYBmN$sOlETE9t#iOsk#q#ntlDi2!Us^#jm&N+>625&rhxl$1%PWgmTV0~x6@2&P
zIg;4}B_GM@kjH9NWt7(kRF6u0a}6JV`UO(i48D2zCBA$77&}|*c<}kBNaqTwmYSEI
zxHe~#odqc$OO`L0V^#_qjGDl%d24Ux>amx$M<>!yaA$NK#`L7mE9`!VSoi&CogKfg
z2Tb$^@$N(rXS#j(52nKS)x{9@auuY?RV=2eNK=1&X)s8}E`o@UW_c9JM+3?ickHEk
z63v=Y$vu4kXd3x+8m0X>cDLi$Aw%|bejQ6ovsl_l(afzvBW@r1A~jSi8EozBAr$mt
zZJF1Y+(lpb5G%`zm|s}L-gW{jv$NQZuVHN?jy%m0Wptl<(8Wwj6$leV9yW5ks53tx
zCo?=cf%o2d8@=5<xP9ks+`N7rLnGt3`}RACMMJ6<&s3`@7E7wJYY|pe9Y+&R1hhhn
znyn`&p&lp)S8uA?MUAIk=56X&uc2c#$#0Es<CLL?>^g^Q=v-VZ6v}*m=XgzxuY#n>
zFzjb5*vgghbia%bE<`XH;`>e>+@1^~<f9&s^XY7xuIotk%Rx3Ms$J;q8^pUm{Q!Mb
zplp0k7?*OXijlzxD#ff=OgGXU7U_&mj3K|D#@Y%QI=`RnWEaH>k>LrW>hbgSSokRA
zfR|>gZ~h3E&YeMsr>fR+X@68X|7aH)#dfVG-kD>ACBuWsP*8bYz)$(}yLJ3Bc|d(F
zL8Dq#<BRm=d0c}7Vh6=ni`WEfx^iBsbG$C9VdrmvrryY%2AY(kwc~qqTtnxgV{IR1
z_d5Sm_E955eRbuC@4fNtVZTtrTB?lATov2-8V<c)TpbP|ONQ@Ryn=3;z4g*8u9s#*
zDVpW2rps7JmXI#i^p5_hDEncYHBHj6BOxPEEM)Nb>u+%o4r1uaB$k&~u}#LTzkd+r
zt_XNt{~$lb7>c61ZwzNfhjHW1B@B&@;rzr9O4WUQKD~w>eiv?N5EJJo;fn@w|GTHy
zO=XSzc|$6U?iCw~Px(j1@_G=BM&To4b`;nEMk7%gNSL3xRB~w(il7#+g#?V_ZlbL?
z4rw^hFzJ`VG0WcJ9ct-4x^w5wiT4v+nxnl(m-ZG>I3?@RwL;@+*?OgYHBp*?))1a-
z)$l)x_vn-t#@j_)t)X8LmH()IM)jJ|ve5P0M0t<SE8e5)@hhqGD)Re#`{F&iYK5k#
zQo3^f%C>qRjQ$v5Bsi>KZGHhe*+WcSxrl!CT{NxB&~&w5mg+J(2)Z6^8|hk516YUe
z5l)PciTCLE7;;;hUQZz#IftKK8$-CwhcBORrSZx43;6eLL=X!r#?r1Fj%91YQRB6b
zavU4cP@{Qt6-lw>I0p7nny1+)D_^J^ftdRqol6IJaSgT!To9{!1>ydk4J7|^Bi8(y
zOxu=a>>9TCmY@S>bKI=Sn*EAT7-u#}vh(<H_VP8n_2zZ-bt^A%i!3}GMjQOAL=;Y2
zfLF*wn#Q)sg*UCP4y8QGF`<DsO|AJ8W=BC8xbp(P>``1xDcP0N#)<ois<R6}veRhh
zS82LWHgTGw<<-m`lji561DO!6q5FZ;yc%_;qB){97^iF+g`E&DIJ=Hw+i^6wNvG?p
z8~meeDsc>B#rL<=Fm=QFJx@K{0mXPJ&Q4JiYmdqB=e;V`s`xz$+7&8OUbHRBpn4hJ
z*4$C)L>fBQ)5XVMJqN<+=fir>QFce+2=SUmk;~Mc<A0sPy>!`Ov`d$nSM1WIJ)Ns)
zj<l0SM|u%E%n8pW4)HJUl`y@nd;+X-5nC)&n`Lk3undHOzr5|mUtH-zMElldt%`Iq
zjlJD{F)Lz}H08^ajOw?PuRecLu+gd4Gh-KCCnEtH(`Y1uk>MfnH4}#Wp$9V?*b7hL
z)`f8dea&(+v$~VS{L(W1qc;ciOP7o(6`LgO%GU|_PNDVaH-gQWtgj3;cmU8wf!eHh
zM?%d*`JumLM?7K_#O0I<AZ@maHxzAp>GHvY2e@?U((%7_=^DD$F$`VlH86B1%uza!
zBQ%zFNf!>qhn<soRX{iwwZ1@gx};*2*{5furO%es=2;hCh?TIQ7nthr!r7RzdVzrA
zl}crl3cPxO@raAoS(?&Q^HOB0htPG5E<#6+Z!MdQU6{Q-m0he}5Tp)DS-qfKF5&s=
zF4n5UI1F@?N~4_WIjoe>?<?TW1a+4Bfl+8LrOv?yKp3z3LuyNxMPK-7yB&jhqFDEX
z3fEODBH&S%PHJ^WHB@yimU547RP~v04c$xRv>Uop(mak=kT%;+t7yscuh^FIu`8}3
zGn7m^4spe{9%kQNi3?Jij{0kthHkVZ9aDOuX&ZScdh|!tXH4lDU4cLkGmA;C2uyiN
zILS4v;ifXk#*E5SD%Vi;M#w@O?K5D_%Hq;t=$v^fIfQ+O;v1!^Q2lL=r3!Y;(3yuh
zE}ey2*(q}JW&XyF{+zV4&$u;bm)?;bH7?c3$%|(#sCCpiEsU%NkFE{Bv(wYFar9p_
zLd8*f!bx&XPyN-x)S@eX-ewP>_Y<@s^wht?2_61boObVxok`E?v<x^7NpyKj&Wyc8
zb)q~5VqZ8<4&u!tIF}cU-AQ2glHqpZ(rHe~$(1=}#W_W^e`K`N+bm|QdK!&%?c_XH
zQ|4=pVoF#ZN|6W8mVvZ@Wrm!#EW_=(IBEn|GaTh7Ira;gRAx1rwBho4A)jw&XRa6Q
zI)`iMPKeH)rsL6GSx!^QUkpdvV~*9Tb4E;JbT!$d3mvfw)nzu(tv19O-^tGKT_P>O
z8g7cC<=KKW#Z%E_!k*eGxV*Ml#!wx{HFPJ4P5XW+u65eeex0x$GplpLR;R^A+brEy
zamvnawkPY>#S_;EX=H85yvrisc-FXfG7UwpX_%cbq7s@<mzslLD2InN6bnTZOJ!B!
z(hAlK+>Op52Z>-!+0JzU*U-I&*wq!+IlES9S>K^ix06@Pw2+`)9Cbs9qDCZ{ZE<bo
z+8!9rF0L^f<3tQ6dzEl<DvGhIciNVfWMUJ)|Lgx7|LR}<OZ?+!_mRq<gdwV7ZE+qS
z|L$Y#rL(H66C7fB<|&pI7E!g^Iigr7AeGv;-FKP8Y6+Q48ks^xm7E^5d%nh_P-dLY
zZ5<7iq~|D`;u^Zw4Et*3;!Nv}r5U1W(;v;LZC!B|6p<3B{W~ghOvk-ZvXW+Ns(_pv
zN0FFI!*Mic1SqliubuJIQnGXUy+tWu`QDu|6Sb#MEa1==#Ls^AKB`?6JYQKysgOrH
zok6Kw5w9g=(<x-gpG}h?$mYaL=haGybV#1dizoI<ys|;9ro4thX|i!S$SceI@T&>i
z+dGJ7st5-H$YrxA7HM{u&tq>ti9F5pcpblkTu$Vhqu*32g(BszP!r`yQ~oJYE`HS`
zkAs5)^p1>UXm}9SYDGNdUZ%3-3kOIgQ<P2~D@${D`0xQz2YD1o&S{j&#>ZF1zEWPv
z#5%tD<|}-^uub75QN|28Uc;|gDvJFs(te30mxNqR-~}PFv&pmdVl=J??a<Qe1(TDL
z=<V%QwOkq@UN0!;k@c2e`0E9osS-adT5WXV*s99PajuVPJ^qHDbR~8D)d3Y<Pi=~F
zI$~SaCmmBh6lU@h`fCLGwgpofq#)^N`lfIh@;c{l(N(dQPeu!~*Ev)cf%WmK3C8OM
zn=5np?DzkGP~RXz1EZK2o50eu8Dz*X^bYl-E4PE?)eTBBgmAPE!NG0}j!(jq+{a!j
zjbPZ1EX{(3y8XCv>js`oFX6D5#Q_<MU^s^BZ@h<#{a)Pr<WoFaOySaK7<metyl@fm
z<pp>`ev}ZvKyL(d3#-WIvJ~#Y<ufA~oS4L$Z@-C9HH}X`yNAWCBF6gYxCFu|XZH~q
zx(Q!)4f%W)ha)#I*?ov?avRa13)ov<CnH=yAXvo?8Qph&{3EO^t|LXpFWNhZU;pAK
z=qhLM#V22(?C~SkAI8GWEFx#`V5qW*WUh!X=|#F@SX)>?5kXu&8^h|xzL?UCoxh3?
z-n!QCd>kKsz2Ly|dVzsnL+q=HjtHiD>KCsUj0l+(9(e5R?6|KNyiB+<y=eE!VYd@j
zcf#0ZY3CZzTt`lcoS5>doAlENyZ*o`Yt(1dhba<6t`>xxJdd+YQx%%RD2kYf*~buY
zh~}(lGE<mZBs+b9$BX`vF${M1qOhAnet#WX$pjLqJ!G?cIE)SA&fPch!TWFE&WG<}
zWNZY9g~#yr_u-8XKf)OrxO;tFsCfPO^xk9m5A)bspGAomkX_wJa(f@XKoGryV;CD7
z!|=cm&Yn4gXio^fiCg&jPk)ZEH;6=h7guh-i8pS&ft%yw`0?E-_yZo~OUmr4cW@MM
zzV$ACeCH-g`9lQB=-z(oDtddOWPoD`WLL1czmKdZhH7R9PoF=-(#9hE;V8z(Mo}y6
z((G{^`!s{h?(d?&Yx>c?chPL~fXX`D--Gj)r_d7#BVFmk)QxvA(j7)({t3ddA&icW
zA(L1lL%E0T%{Up<J;%$XFA8yLsSKjZG@`@hY-;FyzN5XU`9r4ZNjz1ky~?p2V<)#d
zhJNd=?Y#_lRE$=5^i=F(%4O4>ghS)EXc?&b)@U{<8%O~h&ml`mu4p;wS+Ud8WO|sS
zWT($xP6>n}xOV3j&2*yJN@OuXvz1@{lfS^9{_<BCjE2eJ1jz-+`Nf)b(Y_&64+_}b
z+(5aU$HnV!pf}uwgHjs(!xOl6^$y<r;7{<+|M{Qe){S!_AMX2toJKH=aJUDNU=WAd
zZES6A!58#lXmkVtPM=&bNP2!B#i5ymsM|n_W{_*^t4Qqap*t2qthWb2n&ohL`uch?
zG{9v~l2PkNs$9eQn|E=JW`!Y2&r3=8LxVVX{wDtP&;A0x{`Joh3;E#p1##m?Z({7s
z5Ec_TWd>fWAnMQ4!OA0Bsv+DzPKG*)2pP=LGnaAW_B;4z|M5S=Pu_hCZGJ`Vr6A6E
zOV+S;y#GC+ZVUMGWu;OP*RT_b1bTXUgyZR;OLKU!$TC&DlBb5s;Sm=#v%u&3<eV~&
zKfY@<9Z8S=7;=kK>-kB$Rx!she2w;62~&_mWUPJ-U0?3$Ng#h@nVs6FnovZFo}q7G
z7e_+`nZhZ)5LnVse+6<G3A3g>vW`_>_fxv!zEYQ;oOBt=<3S|aO$KTdeUT6b28Yla
z@?d={j;=@_#s>SzkPIN!*H5#sUYhYlF+wxIvqL@D+KIy-8^xW==P}S7#o4nLaPGoI
z^wCUcar!9=@MCm%2tH4jSO>4KFNPsXFV-K!=*SR4o)TsjwsCRlDy~hPMTFAsi}j#?
zfbtv~L^u*dPc#Zot$^hI9^&yNLOp}He(efID4lMa$?-Boy+b1yAOkznJBUk{E+AMf
zAeYWyV)7!cPLZLlR#EASqCX0(t**io9Kc{-H>%|V7Ut&3Km&Jg-k_N!4Kk>&K67po
z8>Ck{^y9tv?jqLHE$#yj#KK5zEn+=!K>jg=$v~epUA40K6rFPEP&&JGE-h8Xgk6}|
zAAmPV2f+ru&BpgUH#RoJWy^3lOaqRf7@%<8a=mYQk8WaO0^>9-ckj`)2H&I09rGTY
zwc(#EFE+Q+gHr7qH9Q%oqhyj(V)l9zU>kO*8!~G;8qGh;rQUBd#ZiBi9|b8LlfET=
z+w|05A+*Y^(dz}~a;R8kb~;=(zDEbXN7v*NV0t&khF#gRMbonye@1*0l;bxV2~d1C
zz8?NeO#>>$3|7|TKwtnD&-6D=Q$;SDvdwYo%WK^S_VcDHw$WA6YNZUvN4`g=e6v*K
zul#q!HjISIJ-T64V8*>icM9MtbyWA_c(J*iHX1d&MmU};611A85?@Y<U2~eHFQ?+9
zYm!UZD?gf`Ih>CApri>+WD}%DQZ{Am%4#Qbf;(~HRKF9No*iA5S%57R-pt4`zF-fg
zrY^N?<QTbZ%C>!Ztukd>k=g6EuwN$%8E&PB^-e|FR8UWTJ9VHDuAw_otY`JKxgRpr
z0krY&SjVk}*6OIj9hBy5^0qCFy{f<*)LJ*vOv?ywAw9JKtl3Q4VHaK@sOG#>1M~8b
z&ut5}qE4rk`q2(889HsM?9wV~Yj*iTpq*{&S$C4R!cpSbVYJ-lDeAg5&0P^`Y1F49
zhw}jfG5yZPPtBR*uye*HTbEZ5_2RcUpT;@0)&p`h&9kc~?U<WZZIe5rb8$Ha+%%g~
zH!IVeg4x#?p=WB_T5Kf+ImnO_s>j?dXd0SR!-bdrC?XxFKBdtEavX)9$yA=pB&Ysp
zNSk$NVU2WLPAg6|LWNGM<9QYJPuc7guAw_2v~%UU)9H>v)3`14$c@v`LS<)zLr{Yl
zCPXnCC>y(>DXEHfahmS4sz5&`L&@7#XM=;-<(0rve;7KUTo0Vit5x2q^Y0qE9~^S!
z`yslMr=6ViNnXon5wv@UDs84?+ksI0){{{+X$O=S#+{%*DYJ$h7X=Dqs5zI{2K}_E
z)y59vlyjZYE@^fK*U-8AAko@eJ5I(<)(pEeWVAHfO}9OaT<UEJ$%W-@A6vVm^=?w0
zcCM2hn#<|Kwr;3sRm7yzD8dnO4c$pn-=<ynQXRD*TX_>#hn<q0Gcfx!9P}HA8lz}w
z|M<Uf5}L>+NKkhl&Z1=32RWss2gpvqsaTx~>F}t(@hs8hRY5wl3hL>$oOK-`KY{b_
z8oCpN&(-O2qWjYwBl}OQW8~kXIlE@n0+wi6dNSsG%-G4=LrU4^0TC&*HB8Da$0AMb
zpYWKlJ~daTV8Kpbm#Mv+bqze1SBrW>rk-2*Tw9zWCyv-$op24^D}bmpG}Pv$M%cAq
z2c!xlVU=*Y{I!8pDvL_BrU*NLD8I64qFl^VUKte1jrT|^XZ;?S$!9ZS`4awctvS!e
z>9<O={Dp$#?5+aJDjHV5j9r*nW~ZUiC`_YXr@kYSkDyss!+eAtj(5AK!8LZTEXt5b
zb$s5{b8lA#q+kU}*G^x<`0`3~Ttj!FNGJOkF15aj&;It`;cxz*zsB$W{tuX$T}Hl8
zrb=M1U+-Gvu!gPWC4BmiUm=~&slwxNSgT@tV-pMWYhcq^t5#91DaJazG>uRG@EMkN
z4}|V<nf>YueDU!g#j++F3v)>9DMru!m>kD7#?Yd_`qL(|bE3I!y+lI^u?yE`VzzPB
z0By3UxyION>7oW*lN3$XlEgZVIyheWyId-YwbpnoIUfAA&0$rn5m#yHbN+`SpK1pO
zf3G|GQ574?^%T1!ZIbCqmf4*H?Y!UJ)X@D<-|Rn4>@3b>H<`ik`Sa+FdU5}^zr)9W
zcz{Bs^9@hT9N7@HUWb}cLn)s}E?W?FI8Fv=YikE(Dmr&qoR_(_9}P~6duy-9Lupo#
z&*hZCfRwh@bdKs|oa9Y8azqU&qFq{c>DtLG=!Z#8Q;Vl=>pBj{RFTUP+1W`Hq~y%V
zN)qY4ZG8UwzsGO?;kWqg%P+99xs7t0Mkv3(gir2$hR3TZRpLx3pTj2~e}!2ZtT~p|
z#UAx!i-DB7&G2!oJC+n?EAIgAjP4bHui*5Lj^gsIoA~iZKgG{KyoIjvK6cV2(ZS~r
za@gJ3!NEZR2l<lt=qy(jUb#5AyNB(qZS2wPrdX;davBNe^9N!@Vvd(c>>*z)*VQmK
zdc3IQ?)DCL6Z>R1C_gof;dxmhPk9~`g`8(=#X?^1bSmW%<yphv_!y?9CQ!^~F#G5c
z=4R%oJZbgvD5Y_5K;=k?JPI^&wxd!hBb}suj_)8zM&EjAmA~i5D@Rl+RRlv3oSC|W
zv7ufvd`h`^#p#{6avXTIX5Kd~-^9)?9XDkkIG<ehKwJVf>5H%u()-HsOsbc6#qp<O
zl%QiIjw2r<%W>3D+qjO@?%PC(=@{28;iegBks2skf|@32fe%YN11KlmJk_x(bzL8R
z^bu}O_G9+>92VBNj_%MPDvrJV6rG<mox>#dcDIqv=8(;%5sz<SYjYhti3AR45XAL`
zSL@!}O(0J3_V?3Ne-E&~yCXgpoTKxa+@rAVgjlWHozWc)ao*Xf8+NBv)2YK&*gg%H
z>Dk-c6HD}TcXzwX^t6b!Oi$TULzQP49bk8L3Aw5Vqm$<l33`y-rAC=8V`$<$Jf#fg
zp3UItx8GrNJ&t6yh;BM(UDX0s=jSjtyMT?=4eU^3Wkbhdsg-F=&&(pRo5tqyD%Mw4
zDP9TDo)}8m6yiG>OkN<vl-b9^^emQ_Rw<25GKN*e`uh;@@wIX4<_@b^oOw>2O9I2=
zqsS$9G5h2RD&7eCVi6=(=Mmq{kP%2=gF2$FY98Nw{v{Hb0s`R(LWcz`QM$Q81)2Cd
zRw<uS^$`6-gJNc8bi9X1Y^-6P_H&iWyGi+V`9kRL>ydQ25T}{%L9v42GiR_dOXcuK
z(Gv+_ZE*q5DemUlCX$qQB-V$+LK2I!&#}0$j7>T|nOvFVF%<T<@bK#=h;LA*xVA2i
z-JvgtXe5Z;^))<uGE1^`noR?-SPu@8dzgDNgSF)qY|!z~=1S=4i-~p0jFKtNib-Zs
z)Hl@)?b4!5y{VHgQW{~(7X76}bPdI;Y^%-=CCvCI2}OJps$5fZ!YNpmYun<oq=$~B
zv`kMXout9ZHqM-zLT`7J>hdafH&+l(Y-4$09_!nCSligd?#2=xJ${O<L>dPvI<F5N
zVtsiI8@v0+Q9UV_D>P_IV{dbj>i9C%`#mydc|82=V|@GcnHY2}KcB_sPLk^QJ|-s5
zV05Iv+3x+|>7xFR2blbkY=JOVeAE<Y)Fq2kA68*B`{wog;dfZ3hx^(r4c0d|H=8cg
zW7Hm(j-s8ijyP)UDH?^Y%+F))=``k+c4^?zjh;Xi%g>(Spya~`zy5Q)``#VwuFPX)
zaS7{7i<q0=z}c&}@X;@ShAS7wutgpI%K9#H`*F-o&!8HJ;mr>|z#F%wu=3<FW@ndB
zqZ~QUYCcP|uP4Y*+Ha7~of{Xhy}E+uOWPExl*`ja6{?iO{!Sce>fp0v=)QmS9P@Kz
z9H<g*EUlqTGslBWhDOLqoSnLYJ8#^^+wc7tx9{FWcQ}YN&4l0$;m*77;o8L!>?|)J
zzE?2zT{vDo3YfTf1@C_JK4Jl2{^_i^|0e5cRB0xe+}@%Q`2jW;X7Tu&r-+W6$J;-7
z4{yAA9X%lr8K-C1%~Wvvop<rpn^&>Bwv5?lG@zhPba8GKzMf&c`?HU5ZX|-m=Swt*
z*u?tkD!O9hbUc5KYgf*LMg>%kXEX>2;YT#nzH{pmlAFs|rDIIH-vGJPva`cRN7`g8
zp#nQuQ`%DI&PdM161grdRY!C_W~X&~?L!@1I!&D#RgP*AW9P5oox7Le_wtOrN&~Y3
z@}3?n&Ca1*sbOM#1h;S9!sOXA*rwSV-;>VKKxLE$jBmejLo8l8x1K_!=7*PN?<?yG
z8nkxfqYvM~S&HjzVbuZ`%}CL);tkDWsc0gT*dma_lsa~NTtjziQ91#o!W<%(N?~nb
z5nCH^g!_kZ`Oa+wyGodS{2cL>B}_khgeQ;Zk=somv%f>LwIq5*&*R+L5riUPj7?5r
zaCiV~G_$HzYv><8kI8eBi1kD<eEu@d^hHog?VzZ3(7D70R#w-rzOjwzZ@$Gm&3txt
zc4_n*R}@r6Cq}4a=%U$D90f9H(e7SUbNk5Wl1LSKCFm&pJ~CBQd%ZN$;?b7R=ZDYl
z6MbIa=viF6bWzOCMkhuQrCHMMepXFg!;9gu5gb+uG<$tcGrtWSkU=UnFeaQ|ty;p;
z{3e2teq6tP5wYGFBGCvu<$bKhQ#3o=z;iloGc!wwZ|xvWGXh@sY;f!hE}Wl0lyuKb
zT_nTlLH?jZBgOz3<_)ZE?!reS$4p|E1{$--WXQlj_!`fr=WvkAVxP*-qfNUeDxKAq
zaY{%2?JSz{u`8)rCU;6N3ct^bYN?2)PoH3ZWfK=Jp2yYeSE%l9VR2&*ef^`jeBm6`
zy<S{DKT7p{5TStys$;!k!B!sm$9i}{=@>@G$7pb~k437#zHmRn-Yx{9F`T8gaqi48
zB7q8?vZ1V1#Vp;W6}0-%LR}$Yy<CacDI>=;HFWMJ%j2M(=%Y9Zj~63n&*3eaS^en4
z5Afsn-oof$j5_lQilr*5m8!TO#*4m=(yVECco<#^3s8gZqERTP=H(^+sS_{di<}@e
z@(7*VfRbC6R~REUJZvDCav@Ix-ZHwV;g>1xO3i~w>O3w@jVlT&(SZ>%9Az;hO6=xv
z@%#{ax;>bEG6R1&gr0!`>)x0Mk)aKeAr@uy`e|4F!Vt?8QVC3d_dQluw^1sV#Jv(x
zO#P4MEbv1qCHnCMmHi_TyIQG0v&=o35q8mRZ61sB%XEAvFm>$$8DTHNbZq>pA?8ab
z{GPc#*p0Inr!dkV!0Pj-c=YXK?Chpc%$Mm{^AmhjE;7i2<L7AfKhTlUzgAwEdYLNW
z!fKmBPMBs-N5m3U%EmTjT~5bL){$L%)W_<H4dCMCt8`BN=pQ?a%a^Z^vAcvbBmL+d
z8poBZS8?IoIo!H+8#k_A#{2JlfT_uIICt?121n0eVr&ApuHC?uOP6u?)(wo045OC@
zj~B1r#yf9Z!IjJBaN){L+_`fL*KS=wFc`u0TURkY+PE&eIAhZ~1=cr6>hzo<wuw8V
zJ25)jBz(aDBHd9MjfUX!dPVA9FU{1>j^g^;Z{hu4{2V|1)t}(QUwnkAOXm<GBbVLX
z(I46<9vqO%qHm~=I;$$pz_!Fg9bAvf2TAPYDme6$(NSMb3HJ@4n>vll*KguOO828*
zQ`$fO0F#qrrakipBA6HqBAZ;tPBns&Gm}&~z4-i(j}Q#_XcQe$HJxaFoOV_gv9`L2
z(aYEI_WM7=<x6MCxTt|5zUDNPZ8n-cp+hp-DdY-Ok}7)sNFRE82dVSAhQIu){}TWC
zfAe4ApZvuyaba?lj;V2NpY_#E@^sO$8>9T+#f@v{5nozHfd&I(+$r9E8$Y9C^iw)U
z?|=9X&7z0Z#W__ctb^)=OvSP(yH25J&D%nt3N1P568d9ETR@8_el!m`En_WE!?EMi
zbQRa=@$z7#8&lWs;O!s%m<Cpp2>QJUhNC!l=_+nrzlwpLFoK~lM#o0TfDK?|d>s8W
zc<CD$LbRtBy)=^>9~r^W;1GuTW0;(xcsFm*Af^X>gJZaU`wbe<O<|y~A7{>8#9Mc7
z<0`eOp6;+(0+(iJr<s54PPtX?q}Pa!zFxq%uNbsPr;nD_<VD9TBnp8*7?bD5u=MmP
zzWDeazWU@d-23AL>}Sdto0!01b{il6!yj<}voCS))31;%c`$W>I&+%Yl`}i|_Wl>R
z_lHkO=M%DQ{kU}X5`1df;l5FvqY?7T_g~|)KitEYAAgF6Uw@CxK}FTj=)&2lN$e(4
z@C5=G7#l~_Lq?U1fWK!1As-nIp{2NJPY5gXbC{tS-$8+<TP+aj=|LrbfSGT;#e;ia
z;ra758VM@t)+0$heq6dqBXZ>M$>0Bmj4vIdFTcT7rVE!Yjv>A<jZgmZGkp2SPx1K|
z-(fplrdh1=j$bgST&AK)p`et@;Q4nC@x^CfVPSrSM;;iNJde@QAw0SFDL(t-=eYmz
zXZY%iZ;;Fw?*+>HZd+bcfUKztEhu5)pGC!5Kb%r9p(NJ?O-WX48p$3xDK!bXyRrm1
z!hMo(s-MwhZDWaNPDjm03U_IMX0gZ_=arA0;&=cf1~EL9Q=KuWQJj`UC+Q-qsHe%B
z)oPVSss&^+8O+Sg;Nr!L=<DMVaIdQ6(g?nMcu+1N@2#L%vwu{+T{4Ls6sle59UMf!
z$CW{WPaMzEcH#*X%N6mYk)Mp;;4td}sl7cUQ#op+G@hY`+TGiSfq@uSAN(Wcc5)cL
zcmuJ3M_jIq4GfB~0zXonE?{W5ABV*}ws#UJR}SH!G=emv92^>=5wv-HRI3!QytIKR
z%>svL#+XfPVP`Lgp^0<iy}$iEel?+r@iQaHr}rq$6#O&-kA*x)=PT$L9HwnAYULvK
zxxB#$jmnKn=G9UG+govD56ZNEeqoG4G_xI^7=zb19N6F9qT^6QFO@O3w}W7;ACYhn
zsU3bLA<a`f_(L?Zr{fsxDq}lN$F)=yml?S{1A_zTs^pQ%mC@JVix3^eDxJ&cvvHi6
z91u^H9u&*e6uS`Wj*)&JYIKYe{9Yg(LoXjAnn@1~(=npBTGKTlTASYFbof%A6%m(C
zjwuaQPnSufTC1MYWvEDc0^O@@D0zuZGb~f(O8Vq+&@<(yVIwk^(@-$U3GR=?t13Re
z1mF5sFkD_Dd_Ji^2vYxJ{c?#o(^7q~sT!(`{_+M@2tV}&(cU2;wZd-(#N%;%{q@(l
zbm@|K@-h~SiQ8?QH}{7cuA%ENhM}u=%+T?95$BypmWoJ+<>JL_afz~v`f};9T8dYr
zFg6Tq?8J$upr!l2!|H(t*WdmC0}<+wNiH786;X`5L=rWQPib@BtYcFKMm&7MVdO*_
z<b*zjX=!>mjQ-Ws$0ZfNNLtZTb=haV#l>>5k7^zqK`Wz%mXB5jQ63?u@@dCG?5h$_
zq$wU6p?@S3=}BpbxT>BSL);_u^L;yUEJQIxy8Nyl3$(|Y6@4Y#1ShEc5$NHD$P$P0
zmclf28SflnmygNtn9?AR>Nmv`GHqW~Oz{Y7ep<M$XNh2qPnhEx3f6t#<L(-|R}8Kn
z!q9bz+W<1!nbyy^aq8tw;SsHnDny_|hR$3Pms1IMoNN@V9Rb5Ko^A0HjpBh5RZlqD
z_EHDIVTu7%<P2+ZMG*10bJpZiUhFg-4_6#jZim*va~0(uHYQ3(tNKMmr4#kiG)#o6
zauG!EFXy4?ni2cL`$zks#I0A7%PyCdRe2vdKF{7*uIcdoPHvEzzMKZ5=_zuWv1yG+
z=qUe`<L@Uq9VgmmS!0@oH^vm3J(`oS=0L?YscL>JcCwbx6Ba%NQ}5-3HIjsb*yXfi
zoH(Tiuv7($z!XM^2UNI%HmVzK;u^Zwgho}u8a90KCazq+j_#mxd94-f^|Tr*yVhtm
zUn^QX{%zNBWw(>J>KOS~+h(jfiV19l7DIM+IP2I+b-xrS{2fC|*cK^VSX0f3Kyxhi
z=#KtaogV1&Dq`0gs22nr5y5I#(nPf_Ttjz4bn+y1n(m=7jE;^WWVzSY9;bN^Pd9d5
zcq5sH$#2>)g-B@TRt?iP)eYUCC@8i?lNoX=&LNGli>Kw(ZkWsIMYU6ANML8=Od{Ke
z&8bwZ56IQy-lOX<`aL>d6{QZ{qx&Ing!+AQ)U`eXr%u;a?$ENWy23A14Skc2Dpq8Q
z$A}|A`L&d`H6Dl6rKSAQ)04y1ZBt%)IBm$f8g??mNW-GQUfLh!9$g6jcYm(PT}~zC
z2cIe%bj}VdMfG76Wgu-jv#Q5h9jr}7cxk}J?=VJt2ZYQDFDbUYy^Sxw{1Vr$U2`8s
zd6B$mL#LfH?lSm+3y;SOpXDZSyNK@#(tqt`^G+hyXYrs5{mK=R{rqqTS8}_1b*;k3
zg`M_5Ov}gx6c~a=>DY#u(qa#3ahVi>j_^yma=5t9X-Y>5=kr9E(j$@KS0hUCl`s-W
zvU)%13BM$i!)e=;C!>cu#F0_u<}}R89LDF5Ki#DnI=wS>IaT<7{E@Ap<NN7W)GBL2
zh$Okb*+D~hydKfz<RN3Zv9gSBzIuqK-#^1%Do2J$4I_%VG?r(cVR>m0PaZ$T>efD0
zltX0GNo;Lwp;W1oA*^6$YYWMA))dzceu8s<X9p|G>!>tSZUV>Vuc{>X_>2E>Y{wJG
ztE&WXjn8FsG@vqn?yE+Fg#Bbnd|jS9I$j+icTf;vydNB=O#9S~3Jo~2G*}ZI<taeF
zh$t=%3W4^cpm}tGgcN29rnKtRHC-8w$4>PMOnRC}5$Ix*T#_1_HZ%-uz)|D5oJN$M
zL#;Q`J9F0aZ0%uWKW|&ZkBV#PP899L9>W#W_}l;MU*UiLAO2VT-M{?}=9f09<IkhY
zMj)3*YA23IUw%PG?h!uu<WoGG-=NxYh_%_L`0Zc+9agr|$nJ0B_y6|qF+H=41B#p4
zPoYpOtHvNJK7L#%mc$2gv#AW$7nbnk`#G`R9WP~*BE!SW&r~ZF5kH&GAe%i<mZ_mq
zI&+9({s3!>^Z1qw^`q}*u}|sqW5HtK%t8U>Vg<Z@T#2@Mamz~KKzvh^-<d<Lg2cuK
zmgiT+2b}ZieJn4mB9}R!ctsQnMe)i(jSQejvs^)ie%UzkC((GDjb)9>UC8H2ry^#N
zJOeIL+#>CBjf}a?QJ0+Y&t9thlfx8uG}?}7iJ*BUdupht8?sz?^v7fjCBJZzU!Vr4
zKSsEaHTtLOlhZI{c3SLQULBMkK{<yib*Iu0=pv%7FX@z(BN{H#v%9;C{{DV36=dhq
z9A%lFDk`4C&MebY&f&oq&(M4JD*oc1{wccsWo)mnBHBNI=bwKq)^OWP?!ps}&`c<U
z{;~78c41t+%fjDqET9|VQXKQEX^e~xiO*@xPS0X@FN;Dpg|F^C!1n$g)|b{WKRrh?
zE-EvPybe8ng#AT4dhiglGxONnO~X?wkWqbr>FIf_udJaf)PufQw|Ly&4z9-jU<iG^
z5%_{(3{PIf=s=jtzpfaiausx#c)0<w=3R<scU?5o%a;+3_8=AwqFOvahK!@PyAOr^
zII7+t0zMD+6A59k`5sR3AdOTyk8(bTG|e8f`4Wxbx`biw0?$ylk=#$?fDAfGvA>(Z
zb|QsbDk=6e7z(z1nY2xHi$448J9Oo*f*~=S*{5LVccM|4jIL*mAo;~+qXaojb25^g
z4Wq4&inxsJ@xl8q{!i5Y+rQ!t3i(_HTbrB8x^gsl@dtwNAMtWM50ZAbH?f;cBY%)Z
zd?$%uBr57yBY1$sg%;&M0@X?x2ictR+KzOItzGyd20T~|P?=k)!<BN829YK4O;@?y
za=*`e!~@eJ4TAjv<vX~o;QinJ59Qo29EtirevQYeU(itOn7xh`#vgzWgzP`P#sk(|
zE{ApMPlkqu++})Rbq>i8BsSNuy10t<<wZPy_6P^XJZ8Uqh?V(uYIH_*(SG}e$Iu^(
zBEC3-N8ikdHPX^MYxvuL{Wo~<`RDlU-~9u=`|4{v{OU2%nH=UGeS=T`@HsX%<5-zn
z#J68R!u`+wh#4|!htwz+9)E|&-+qsW_wHkPbq8w;(|GcH1qCuzjo|X|yJgzDXjR&m
zy##+y891Ps;r`AZ^4Tnsi5;vj@|s|2C8D5<%H1n&YVWMABb6;7<nN+c?1uOZ*T(V^
zR(P$w9c8V(!%`kwROvG`+bmFnP0>ItzE0usU1}^LGKd+(<2z#U)@-4QY9WWj9xtq_
z4oH;N)iHSAH78@0)#=fO9L|`+O=ux@p=P;xOLh``p6uiTB}~&e8b-`!Y1oJJK)g)t
zV2SGWH`wQ^8^^fBUZ6TL_vA4)SC*(w&0%I~t8P(WD|`=Xd3_5TyBSr|KD-Y+fUD4e
z?>OwQFJX<!U2J|epEwj(QqmdaYK%s$Qo{aT92+$FJ)pLj%Vu~yaWp8Nh-w)DuuM+U
zoIKx&W_^p}pAO;9=sJuxqpQ+Xg&z*FoVxa1`GAbkG<wF*<7dBk2eo_(8|$0s9~s5W
z{qNxIiP5N#Mzzt1SoM04^sZePqd~AA<!l1eWWb)T9^meqx6xI}V19WUH{ZOA(a~YV
z!U5zfA$<7DpWy6hKTW1+lu4u7(gBV7cxBP919bO};O^ZU;xlA?yNhRh*WZ2zBmFgG
zJuyt3o1mFr<F8imr@gpwc>+;HLu9C^oc#H$BF(V)@?w=ne%$b@l!3<^fH&Y1GrFFL
zU+hOAox~0`XoLr-K6aB~Od((OVRUQ|-LV*ao*F{2e)RUz?2;N-kvczasC-YaOa_p@
z?KyUKf+mhdv6!aE7eIIaD0(A@$d<k6p#ed#$p~IUJ1?!^q-T{YerwY=u-7+e=4W)7
zU7$pxU~`zgCQB`SoPs1XOl332U#_9!BG2e3ab7{bNF6fIWNyFv7WNjGP%0LYDI8#Z
zD^3HMEzHhuAh)-L1u|euE1NWr_oKfzDn2K-zOsnNPo}X&gRD$u53^66QGKamdutQa
z&~SZfg6d@+OAE7j@@$^kM49SrM%15NHi@TCpX2LqzC%1!MATct-0UnCsZAdGBIxT5
zqfCR)_0<J@|NRVd`4V!O9XwxHq=8xysqJ-4&(5P<Eg`*^5p8a9;kj5PeLbEe-4veB
zEntZTecayoQ*?Z#Vr707({n4d-wCAhWtx2!vA461EX{7$SC_DzKENIgSWEc~roaCl
z$wFD&8kn1TiZ~4{cPM;u=9#$MzneOsS@9m8P&rmtS7_h%F+2S|W;ZkN(Ll6J$FWq*
zV*2SbZ0yh=k!E+xbI<YU$sG3gGw7qiC$H|IVVcnqhhj!Yr%j#F$wt#$%N49fRrk`l
zc4u@y6sVC8j*Q^K)CG)=k6_~LBqIJG9^89~q9=e}G8nxBgNXI^VsL0stf<ZKC%?{J
zzJ$J>5PHWZFnRehE?>KbJ2%c#W6Gd^bONIjXD~c6DBh>zPh0UN3ojXgp1wW|kB;Ka
zx8K5HA%%ON+y|n=n3_6=Au3BO)=l}5Vd;s&Yul@t;m<dT%S&Vsxm^66O8(kPAQ%u|
z8sQFvFJ*>!)o}_7ab;CMV#)eLqk|$oSK?S-KL&=_Nc+e*b|D%i<4Hz7Kn;&S!&RaY
zYngsMUZ41a{m|$LrFDp<xq0ezDj483$s*h!{7RYuGN#<A+O@!!M57~Wol7-8`b~7y
zK>n%MGXm?w>XCJL+sU<#v$kd`sk<X1uz<wo7UDbGm|a}N;>tR<_jAamc9F?fk=fnG
z^89nLeqkz=Cd0RZAYba=TBkwd1~oBWK|U<%Ux4ZachD88M;q&_RQLaguOEIxMrI9(
zodg-tO)PKjQQZyUkY+`jlo!=D6q7rY#|-$J=gPxh8~FOmdwBTWBRrdaf|Zq38la`g
z*i6%GaEAtrd2BB8%I1q$Pvj8nDq?kIjmox;M5csNdKVjHr1NFIRGY;-8Pm-~3We-0
zR;bKd@dQ>EsZLW}_febWj(lTb1~aqMc>Hvl3?Lc(r6nAYp^Zc$*rDUIv9(PzNHX*r
zyr$wNwvt84w}Oq0IP%4sXkWSg1lAYlFgL%2V(AdcL;_E~{u=9>+eqwZvAea3-CSNA
zd3%h8#9K!;a)dSPIJmDDbQtCJ0-8B=>h%IjV{<(LFL&C*ePVXBv$2WPK?&Yk7kc|*
zWDIF0<foZWp@cBa@CIpSBcjsiY-4p5rLGVrCdS}HnJPTr+eo2zcm%!C5OS2xz+epN
zU24RMBpJ>j1bkjH7KdawyJ;r1i8PHwc?Q`R^&^?gA;PoB!vdunpiy!U&8SRYRjlK%
zRv{x=L6?_|3k?Jd`66``e(Frh)LC%7qY)~NG<jJaKN&wBjrqu!2h<nZIewb&)A>V)
z(ukQC-Q)*ixQvmWZpxo3GR5V4eQd;Q9zP;vFuA30dPV9ec%_6uFiag<Ks<@rMV*6}
z@-5LZ43Unpeq7_$rFXp!YEE6Vkc&7*M3XLw&2j7BVXN1-q-A(jT~#2-8M{{&%yI4G
z3DoYwnxDX~XR=L0{Z%pTmjw4m{DkeHmj+3e*9#V&Ji*+;0^a}k{|t|R|2xF``*8p-
zR<?I(R@F=GU<{+)eUzf3DDNzZ``7RN>d%mjujA?LBHsGZn|S`seI&^scq<-UzBGY2
z&3dY_^Z4M#IJP#|Fg?GH)cOLo=NiI;Q@A|QO#{Ld){->9>W)ym3!$gHhq237kz1d`
zCbf-se(|Ts@2uj<qZ#T9l1Nv*IDhRX8Nz)^CxD9+F`7j!(LNm_y}pm=Kn%6+vv}hy
z@cDOZ2zPg*Z}dC{%VdaBS=@N<PY^jQVVlY`x4c4)CxOG*1%#-M=V-rTqr<4>iWt3g
z1Iy38!_fH)lr0&hB9Km&aOdV_>cc1T@SE>ZpmuY0atQYyEg=%6fnsn3?_LPv39kmi
z3(gK-L}Yh?_I(T0=viF3bQanDI93*xFf@4)UA&A}X$!rV-@=t~<B@;!>jgD&DU`2}
zm|icSb6!_n)L(7GE<8m2Ubn;R1$^aklln9FJ-U}b#|<4J&Jgtm+#!gQMFQ=l=_7nC
zP}S4mbIM(&KJilHig;2SlU&0pm-QtqURyX?Lz<+k#n*};u!&<UW1QqFMv$I*V;t0+
zvJi3+M~PUcM`BrK8ak+(=5T_}jfNg((p5cm@kwArH6WQO9%Ip?4ny4{tZB$$8a5(L
zW|YUCMuu*EaRF;Iv$_4@Pq6v;E6niIxCo<fpq~bMy$D2yFn|;)kpWcpX<(Sn;nq9v
zqn1x&`q^WeRV5IP#&G`p1R17Xj86<<FIPY{GLAbJ2N2&_#e)ZrXkfRG;qh_mKzos(
z*-XhB!r;hxL~AMR(2Qt!FpBtg0<|tLF5kF?t7KG?+v|Av#eJmmIrI*V(Euw*Gow9p
z500X{D~ILnB+i@}M;A^1di#P{T3e%jw}ecU%5!!C!((R<D<^1XcYyP^-iD`;!jtd6
zCL^8^3(Dp)NihrS?Tz8Wg$Zm-&mbS@5rfpBSP;*iOrv{z5~DN-=6lr9z9IN&Kp65I
zVsfw>k7w7YpQ7WivV-#@eV9CVLCoyt*HegvXprcyiba!`S2hs{$8dFO0@*y@RtUjI
z<%*uUipe1wV5?Z)qpR_IbTmjcJ!C`Yyso<Fe-z|!ZQC_;rxeZ570J+bV)X)=2q9M{
zV<XpsQv%<biw3$(OXa-!w0NK;HK*OLlZ!abUl?ahvo)I{$#InQRF6rfK|=a(%~#Xa
zHth1zDxMzKq(dIrPuq5R7%Iw^(2?Ug!2MB$3|-AfhVC7+p(~e4WCSY+M<OT}55VtQ
z)($=5N`Y9InD6U>jAWNj%=D|Z8bYMoMKcb*Y{;+Z_yR#O^RJf5;+|85pX#ESQYhdB
zzj~9)W`&_uKIGjcUP(FhcoF2wn|w8(QWNpGzXatIC1VowQLa=j5x1&55z0@CRj6NO
zgLhaiQNI90LW;bQ&thvkj>P&hilIT=zVikKqLd#h6z5RfpE{&;a=DDSXBQ4f#FLZ!
zY7DQU5ex=UIygY(kY;3DPCAKv*-~7FrLrARm~!hNAZ|1GX{N=7a$$8D8#zDTyEaL)
zyC}SLT=?BpHV}N<fNexBmlyZQyQ5(`50p8@?>el~Au>PZYG>&9sa1Z6%&y<kMN*iy
zX;tU@u|2*0s?UsT=w2e7Hgw;tSMdKmrp8gRR)Lobm*)D25C8Ob0KH+;Jn$8!jbkjS
zI_<k%r*E36saQLHBc5s$Em8Dvk)8|*>SPS1V@X4x%9>rOtV>VUQ@anjOm&!Ks>e=G
zg45%q+0fK{fjUF?y1);gtZ(o_!XXTgj-fBs+G_&Gfo}z5aygW0ehl?SRO!)iG<0NW
zY^#GLl*6sMhh$ho!LV!SP9tVRcf3c38GZ`5#LwctaGdkhLU@G83%s6iyF8sphsS>Z
z?G1#Tu8>KsU)E8=#3pS^nG&+`QsR(6*Of8kj2@=Tj6laQ^+zs`f;rrTt;|knAny~a
zzV3#O`&^|9rokdvIP-ZsIc#oJ9GONlI?hHqrS(;!VK_fw+ZjV=Y`L6DxUPi#T`$-*
z&NHGq{+`{7YM7@D-fzvx*vai=8j7s0`L~8$qMFPUMjQNJbvnGQIpfEIqM-c~ev_gq
zBWKZaaE<?&wO@b4I)~ID^OK%0a*ws6eKIKLkB557aL>UVn!~NShX44uhR(&p5j))<
z5S?gx<|eH8w13LB6iyq$Kq-IJe+I_35-v+LEGb&hQgn)|{jtYBmIIoyQv_?cy3a1J
z7IwXeNk$&oZ`HSpe;nLPmmNmFbXn@arOVSsrz_x#<@lx7yId(Lr*61jZbTAc4bqUG
zZj{5!_u7;(uYEd-(C*%xoVJcC;`n@7OHaqDYVj-SOG2x@MnidhpeP54`J?3gx`?|>
z&*?_Hbjcru=PxPoLoeE;OCeW&bWDEoSi>2vh5XcIPj8<pG2`B&dx@~2%d?^Lcjg}5
zX~V8Uo+_Fa@OXP*7!m_J8B=d$6oH))F{eRI+##%yp{q+n`7xo$EJDK0APQR16@Eo1
z=UErCPM~0GcnOyBQ<wZgwq$xu*h^nQ+TM}Q?zzLMX&bg7{FNDg7grb>DPcJe>nXS9
zulQX<cWUXhq2u)Uv1YpthcD~!mqhrJH!lL45}Y0y7Orz8w{|a$x*Iz~XVRx|`}8Ql
zCXBH+fcE;rFZ7j2cIj#1dYGbWAk{moj@d6ow5FlaP;MWnbet6C5Z88}7^l2UIGN8T
z=#g58?WkfC&@4GqxV^I2?PlrN;CQ&y0K0HqCIxDn{C!&)IleWX9L5-a<zbXq6GQjO
zC!gTXojb0fdy#b7(5)@6Aifbt|6u)-N6Eb;CNG}D@aTvt`GI0>DK7x0zJza~>)4db
z6pzA9`h*@X!VGjhi=45`)2u@sx};)4q*ouG5ot(<PDjL%uu)M^1FYeW`eq!<tRcc1
zD_M_~E!HGjiqrs8e22tZ%7c_z(R0vg@h}To)wLdSeN)}Arem!>)^NLc#&+ino!RWV
zbQrFI$8)=hJ*3lV3=9p{xh#KaJd-o@saElev^-ehk4sl8%F5&IxmN&g39>tlSjuHR
zy3PFc0u?8@iZxjAJ4aHaTDYO3Z|M(%7_RR55UXFuR@hK1yVj`JY&#7(f)vRrwsWTw
zyOJK=@w``aR(T_TQ+H@1Gr7*;8oCpsGbf5iCH&#yzW)9?$6qv%zbD75b3f!oSZ5Xy
z-%es>HGZrmOim@Q;O-o&COAb_<&Dy=4>L>b<2t9vAxfyKV^P(@?VKG=b(|t<=;1~x
zicvp4$4aGR1F#kov8c71eIs4FFuU|y%}+nBQUp1!X<Lk_I)iKIP6Xuy@!w83hTpfT
zb6S|{4yz?3l1V&!@(ioX>)4L(VEOrTeEOT;<NI&E!~K8vJN*9t{Tuw|-~1hZ|NBoc
zH$8(#_ddt{FCSuiFQ=ztbuS&R{hE8p*d3E2A1e__IhS%O+7@GMYhiMzh8*UM7E^N?
zCOQ4li=$yDv)~-0M6Ua%Wh6V2*Ev006<JZ`<|Is>He7oc)lrSF<!j2{f)HzA4$hQD
zYaFGCG}E^YBcWZX97}2m(9>i&IWehw0l0?l6-TZoyd4|i1y_SuUD`k<l}3Dh8Q(v=
zkEhS(k=WWpxy;}Hqtjm8!pijLxcB7)JbdsBTboHG5v>NE7H7J=@hYH}l{zVHKq7Zq
zYN(F9-41d()-;*AbTuVW4#O$sqfHaS6siBr!J1#z;C})m&;ki;<rW%-+XuFiY`b(i
zz2l-8B$K1_COhLu*p%KHth#2=Y;n@Fk#jkZL#st<1@~c;6QD-N@vuwz$j)&&$mPTb
zX?uElREYsEJn0Yk5DY47(1~x@<qNzZ7K%k)r^*Yjr-mHq`GR5iJ>(}DJiG#1Nvye*
zD;&bp<wFmh-)J;wTe&*1AD!Xlm!y-8kI~aR=B^#RTx!NP`5$XvE$Q)^gC2iCe4v<@
zV>+E2^(1t<R&<zFizn^=QIA9;+D((!qGaTUN@V!Kzpbq;_o+)47Z(?o*OPV(oxQ1a
zadB~Rad}N}4V{aNi;K%^jce#!TwGjSUTa)K=i=hx;__PK8afvj7Z;b;8r!EXi^ZaN
z>hjsMXPBCr5|6eY92}@xt;1jR=oDO@M)3PU{G?4IoE}rPBHk@(LMv%?@?*=*_WvYk
z^?0>PqvPrnrj>y|Y1T=a?HfONd{mm%LpzRhtgXkcmHMl3)O`7gx6?|e`khwVTr0<~
z6`fA?Ij8x&bec#cf?O^qp1Qny_pbibWiS|Q?ezjSbo?DfHgp_$ZEa1}Fp#3T909J_
z?Q}@ZXtiT*)>vBUq+4lljW|tpr<3PE<0R5-#&HbuQO>7aPuktz<JKSMB<hgUejMl6
z9)(UEpGL^(A15#VsB$aF$JOq<9jDLXxVyW%c<ZgV(BI#W?(Xi^4PB{J5;M4sjSW0`
z@<bRu9w~6xNmQ^G!AV!1lYo!+NzrcS#OM9E9r$TG2glu?PGUD>eOcw>d{4Taw_Bf1
zvMro6CsFTDx^A4*@jhy~t#y+9Y|Qwo85_8pH*bpfz1h$O0s#>w=VdZ<4DTQtwR}D=
zW_3J$=U*Pxum$G^dD4x*<#fX5|3$5R=koevtxxQ?c2F)Z8d`nf`oYfc_lwyZU#jLy
zmVApX91aUP*CUxaL&t`U6V!|y&+OR9@htCEp3%8<4z2@kXXMf;<od*YjJ1<;agkx$
z#IrV@Df2IX355+D-?P(Zb4?8$du3zC29AH(&tVpImmetHF}ZcYrBiTS(u^JVKd<7g
z2A3BH*A=cOY}j}P$G_~f8K1TO)EPR46VM!wu(WNrV{?(=x?xwTTwIQVR-d?^ac6Zd
z&CvQD&2gR4wyoG2I)=qo=i*|82SAKn<#KUp7p*>VC&tdjr4e#H(F~s*j)qP{3w8~i
zixXPia62ZKP9XO+Zk=*zglyy*(bUknxVX5uxV*}^*PC2iTwGjUYg|L;;^N}s@)`sD
Y|B&P=1ZM0Tv;Y7A07*qoM6N<$g1L*ibN~PV

literal 0
HcmV?d00001

diff --git a/education/windows/images/mcee-auto-assign-legacy.png b/education/windows/images/mcee-auto-assign-legacy.png
new file mode 100644
index 0000000000000000000000000000000000000000..866b37395e4d2fe19bf7cebe919dfffc5b6e3fd1
GIT binary patch
literal 34151
zcmYhi18`(**M=KAnb@{%+nOX3+qP}n#w6+3wr$(CC!Eab_dEZoI$hP(ySw*pJiOPn
z?iHo1D1``z3kL!Mf+!;`t^xuAY6ZNr!GHl@@kKC;1U`Ves7Q%|)Xw5x0G~iuh$x7F
zfHWk)e;GjnpTjyzYq@}cAPxO@2OV=LHw6I+{gM$EQS;Ql>48qwlkwj3c#`|e3+>9~
zjBN;l!0bikVqwuyLTydqOtG<;lyK}~ngy`D(!{L5kl45yav{&A%t$qxk|%XjN0*Q@
z)?}o)y`5IvlmUU_VaKgN;XAt@jQd`xiHV4qwPas({d+beu~S*s`*B(I@!fX$$M5yx
zC%P3J@a6$S_O2l!B66Tu*e)g_Vnm_5T~t_Dk2>wrCwA&sjs6Q2&IZ4;)<x~f$WAm~
zaEzSAgD{jOdgM280=7(0Fc{shA>}4xJJCj{aZ}dAf=d};+|_;0@2_`T&aK78Wb|!0
z2$95+Tb6U}WNjM!F&UMr=q@f>Om)2jQRz|@8S59vgwvtQ&*9b^@|H@^H>!{`FK8tE
zx34py06dR*1V=rr+w!U^oi=+t-aN%gbaeDp{{4vC+uQtn!giBCJt~?+`ay!y8B=Ci
z6@`U`Am--g+#kI^B(_Hhoaad4lj$KLA;Y#nB?5J}L7k-Qp9>4sXel87`{Ta?N&D@#
zNfI6u5<Xp<6o4&|6k-~+@ya(mNG9oA3;ZxgK5~iaQzY0C0^sTJB9B8~|20ivJ-5BU
z9*KiXs%&XRMFpG1tgE|wYg^me%F4u|*SyQ7&p#bU<cY$Dhe7|cIRP}R^Q$YtSI?=0
zVoy`kVfLBua42UBb8|phnM;RmgQl&mEx8b8FZf$;z{zBqD{q`pc#)=($bmn&bG!fF
zkB6f%1D~6gG$})FM*;3Pz`qBNH&3d*J-$b$wSA(I0-@^yez3CCsgt3IA4J@aAgeIJ
z`^OV0ME-9F`}_On=hXBdN*HjE4`umpN`v@GNj%h43^qxUKU_ojB|SVm65`?rcwH@h
zefe8Ofh{nw&se+LSzF4geQwhU&}y~1mw9N2Z8p+O9Rj0AtJUjT-P=<tM|<b8-zI+a
z@$rd>h$u>SIh#%5_W5%ig+|4w*C~#)EZkXFmk>4=29FgU9`5b!Ee$?ATOgFcDVsnj
zF!@s(*oODQ_0G5FGamj9Pk0)wJ+9_gRS~=f)(uyGv=5ucDzBJXVe0XM1+A^E4Uwt)
z8>{6hhw>v!$4;g)ion$|tGV~#El)02s>sKKh^2D{{cz2Lh~o+PphD`^L<qr*DMT?a
z6)!J1Aj6<z(p<*MvKaogpU@d>ya|1akL`U+E>$V$KXeSPoLP9k+0y=?5Y1j)SQzL8
zm(*;tC)gfX4XKYnLKs?awo(-n1LwI~t5YgfNt`;J$w|V&!C7!402uxPTWD@+v0JYn
zc<S~Q+*@C7ce_$YZE0zd0S6A1A7FH6@i;pj#vHmVS6w&iOnEXABh^BAu+dqC`{IOP
z!+myJH#ax)A|1Nn#Q0+@3MulW0p8x(Cr~=r)FCZ0a&qu7Na{o>DJjShgB`l@_?Myr
z(tsr^YbQ7-VRp3)b82d8e&kGp&&@T{Xom1@vvD`jAlhPdxJ0lfM`!-8C4DCYw#8>}
zzAu{&kET+#Y)tFU(vw%K86jJ2bIzPF$n5NFP40T%KqPKXF0Ll`{Ydjw0+7S~RLlt@
z7Ev1OtIJEmfUgI;tyU4P#3^8}CyHdgz=s!A_Vx;LiUWs<AgJ^Hr64o2a4zEmmp0Cv
ziXrBAH`CWynQY_ZZT8^5jb}VJv^~sMh4+9RgEiiN`GBnv<D?fbUvWBmUS%W{2oYgi
zvh{Ff*<yNu@v>C>MPy8?;X=aYqEIqAr1<jW(vp==P;~TLHsT08E_-}F_v@B5eH|VT
zT{>$i$&|Hb_Vw?W3bs~{yp<UBUcib#*-1f$1hC-?aMWDJCht64O`Dl&*-p;hPgC`}
zq-?%|SHC1`j_xcuK2b@4%fTGA`YZtea58<IA{lpUDXF;B^zieB5*=NzDUoSUcOrkp
zP49j9>=3v<J<gb<g%0+NisDVL1b6>T%bkvxbXD=pG}1~Z66)`PS-g1Oz94_4zaN5U
z>UJF44)WE|SX*D$bnXRFrs#84kzwcL{N1fgJ$wRJ_2bJoLBC%I(W{M*r-NV`F*@Bv
z@26)VaM^sk`w?TZ*X#H0E6CFk)pdw8_vC+o<$rL0Ff{Q#7}z#1`MbC{WEeP`VdGg<
zjaCMJ2R_Iu-r{6p#Q2f~+JtoS^H1-iDk4x)#T*v=dkX0FdA&V8ro4^j(`@vAsWSNc
zc9f9vbP{w$GP#0rkssW1V7%v}Pr*z?>tfDGjP$a;D;6WM8td|4)Az^b^Yu<i(f-iB
z<ESj)qfF@Iy!cr6pa^vP!LT611h~z-P49CBJaHBHK289?qq4)~B*5aQva;sX|27Us
z=yF?ebPwPNt%iVij_@Y^Z%;ufcZ&!P9+dsR9Y&MK12}tb)*FTzs{sIjfX^T9cvV%^
zCcn==Wd;7;e?MNL=5IVNN;5cZ*AsK;e}o&^ZnfS3hk(y*$C+~nzCwvgMTsrVd1tTL
zR65aT1JPEy(@}LFyGGzQRlesTyulk->&n{N99{UdNrJ%Y?rwfA9d)%)^<a<6Aa-_n
zP0db^&+8OZpRR@mbdK$2GmSqr4{={nQBg}vnsOP7qK>xqKJGC2j&f?e0p#dUL1e3J
zbHRc+Q`VW88T^x!>kV7?wOYNUr6u4DRr7rq!Qzo9^NmB^R90j_pX_W7Hfr=4Upnk`
zyQ+_n*Dgu74WpDM3pw8H@v*8ZE(ZTCg5bkFLRje%ExIhpVp-eJkko3sB^j<N%R-oU
zT&(IIDxV5Nv;$io8lA}WH(5^(P90nmQo`Nc-I$gihF~wEY^_S<&JjhyBm|!zunXHD
z-ZS%i5~V|`AN)DHYLmbXU$p_TjN%OLm*#zs5d!U+5zf1ca4@&;(+pRgUYDe2_v0j8
zPfw4$>|kSGpMj!+DU6#s>2M~36(#hLBtB}X8hHw_QLQxSvvM9W5dnc&Q2)8JY%v-d
z+Pc_9)0`l@)AP%VSN>}$lOHTNu=^re0JxxYG`54?C9YSiHS6-`EKoOsFUzVBJgr6`
z0?Ac`=FFq92?@Y08YWmmszPn>t)YR160T)@ug!rd1)-`u%-mCill&d5%@A96D3%=B
zuw#0=!-YzUeR_I&7)giGk>I<Chd0KYUyO2yWG`JZTX2ytmFan&%ddzXIFp`lV+_7X
z35ydPx*wn>otO|P>_!ic_w6=~y(Eg?f`SV5pn}Pgxs4ti24v{T!`X0H)mYrmrATgA
zRbpWT$%8<6V&Ti!qlxOHCx-5g@Jc<NenI)lT_NDtq?l7%K{^;hF)ZT8mtuGmgp<H3
zT46<)FuMfG`^E>Ly4ipmd_QJ%+)`3;4eX=tgoK31C#1PRH-&c079JiZC80p&!+L*z
zc?Cy!y<b+<kqYbSCJ>&2vX;P_w1+1Zrh2BMWke?keRCI&;2Q@vWR6QEw=zcwCvPV#
z0H+}lHg@4p?H~nZ>HfmRh0@70p?_Y(hRD}MgoKhLY)}-eDM+e$o%E?N*K!$*6Qr05
zYGq|=10c4e{xFd6B=E;sj_jcn*E#k0fPT?Igp+0C$_4ljQ5S6Ri$XNSsjpRG$YtXd
zNidaS5AL`Lg{!v+oN08b>BIpcm}$I%7)R)3$pmFlrhV1v@S=P0Nvp_sW(-F#DJW4S
ziW$4zZXEDJZG;d+Ct{2P_33`MsLQPe7>|7&-C<(XhV~f61qfjhiRD35ub)Lnsm{Z;
zn}Z12Woy#Lcss*tyvgPIQ01ax%Mww!de4!qnHc9~60%t)i)U}4_`VWXY6rA12drF{
z>_6K$>&ZQ;edmJHm&%mT;zCt5G_aZw8L9G5&RNMJER>WIx+~`iC8jla-XjCbMP?0U
z%?`6H@`DV<%iuOM?V1Mzdp>Wwlu;2`n$L~)JMdBFs7+~^kHz^ge#&W>IT#7E@{o@9
zr%)z4Y`2TJaVJ@gS(!yIK>!Ga{Bt|0MLHk`HAkwAag9jwNDXUsJAxnPDbQkMB(V!4
z@TU!V58<qTiqomQKL+7g%;pv)h%?#A2+iBDqa`L{(SdES+ommRal&ZFj+NH+{K@YA
zgPIFMNWz&3{Y(%~9HIEP|Hl`IaV(ig3`;D$coc&DFvhqc_J#P%qcB$c?*1=th_$J3
zWw0nVcl-r;v^OFdQCuQc{bu+`Q*zK1o)L*Rs)a88@gNiAj!l-9dy)_dmvZCrdxjYn
zC2WrA5J7C!(Yyf)=}Z${*i~F7dT6>cB+~k>F1$OosRI}&Y$i4)94dT;?Z$BkdC2g%
z2CsuKtjt0L@P(07GpfOn<MAXi1PlzNT<##+(H~xvXhYN6r5L0Uc_?c}06wy4a<rI=
za9VWMewgA2(pB70%mtuWbsJ{>QHYo*Q<I_Z9aSzSKdGvH0n-!#i%7?!VR<!zWiX6w
z+wcD|=qnKpQ8`}3XvG`GUsH^%+JOI~uwa)&Qk&L5FcOg`EsAK7+%oKR{1{F~M?6Cp
zX8*WkwlRp-x?x~=YnZ%vD2=E^93JkcqS$(D207C{=@*F3f>uZVZ(hazlw=~hT^&kn
z!E6Ap)uwUaz7011T2VAvAxX3)?vo{o35@e5DVj;SG=sJjEMa^LBUW=f-a@Q)>QM51
zaQFH+#Sbv~pC7Y<htT|D47uSJmMC*3IclZK1HpS?WQLg)E_KY@osW9ll3+O7GazDT
zv4{&(<&KkKVZNTBj-<;S#);<s^?#1W>zyX4NrxcJjx&*^Rq{w7>fvMnFl;%#5ZL^O
zXuu_pIlL&y_Y}=ayTpyr%r!{c)R-#W1gdh}2vY@xV%dz=u>?+!SW5pVC=cuP0)mAR
z-gA(^u?f^ig*0UkfNz>Mete1V5*3@ZGKnh4Uz62+-8qPYx<~>6U~oS6!!_d6lx90(
z>jKh$pW5bENT;~8vol|PuBV}+*`66)rfgD)C@O0NKt>F3&lmsq@7_PZW0d~VMkyF#
znyP8A_hhZ)Ct5=xeu=I(I2Of+vgr~yDIQ+a<o<UAilbRw@6VgIi83Dk1VU{p0f(y?
z5X8l{=6L^3*i6ss&ECH^4k=F`S9LBggAJZyyb+Yg*MlZ7%#9wK=f&}1z3^k+|CTFM
zWBd}_dA3DROad(`fXiDnyGx$xmtr=)BCG@si1RTwYr3;1h(w7QWzl#NJJ0grI8CJ~
zlADzxC2dx+2yG>8GQQPMTIfX(RF!<P$3=2_D$wy`X&R}=pQLdl29+mj02yTh8P?ML
zXj2N%&_y$`N=Rz*nWSc0wRGpCP@PiqN3$Ah`auHf0dSSFWhDT=y4tTc$dy5kT>Wm(
zBu`2-hw*$yFn0Q3f^%`5QVA<4E7aUcUts`!SOy6?|Fk?sfjk0n5c!4XA0%R(3_DQN
zV_~@Vm|wKt#~%ZvFum!eYDxOPrDr3;e7|u<drpv)apY(uwNKR^DQIQQVaL2+X)$Ex
zYIG*Fq!GsDndyksrsNQvTKlWDSISmegiC+Rt7WJ!HdSt;oYv5>fesiP40{1r*KL}8
zRhh1|UlY!OU!vQfm`)myX}b%&B63T~thDcRquZ+oFxmUg5`b=qWRR6))MK@RS`_*T
z0*|hksy8)H0YwcWx=47)N+q*Suq?JVOZ9m9xyjVTEMlHIQMYe;P%Vhle05aRv}XC?
zu(p-#G_SJEw%Tb3=X9!$SL|jAhhX{w?)1>>k?Ll7HDWo?H80C5)H#`3y+Z8-`6cm@
z(qvLIUdHa45v?*f)Jvqq!66u&eqx?JuJ*MLp{@Vp3e>mC%F69*<9+=9JJN*3JVJUO
zqx~;T?@+$}FT6(mzc=g!o>523{W)!cs)B=SFYIT~Rj1Iai;%~Df6(z)Z+{GtB2cJ8
zOFWVk9Dh-cw;hhjr#x|hj5(>_3uJdeJe6%ugozrRA{ht*L-xo?Xy?~`gTGY)Ee?CV
zK;e4aWMnay@AqfJ;x3cVckkcL-nShs)!8dNP#O^s5KK(m6jI~$u>gO5ltiU3C8);f
z?a7tP=}5H&<J1YODmBl~b{qLogB_p_XY#)+^M`|y2CC-Tc5nnlM1jP2lD<sxe}e4r
zF<4F_;kwCBbL_YOcw^kCZxs}c)l{PfcZB`rn0Y$x5)C*M|EIRWao!n1J`?s&GiHF3
zuew_LfHBD7%pM!#mJs3ye4|pWAJ^S}oIZvR7Z0z^VNa0BW1LBrit4|pN22~%E0=G1
zPYXy#)WQBoE9im_k$^3lChYW|@Fpm9j!^sG(f=pG|Not#3HyI~z3NHVisw1laz(!!
zG2PeOx2R5jz4JnfWJMKF!&D<FVuVNnQ+yJzL(Sxm=#YOV3j_dNU0oVCS<fM8SfhV+
z_PQ~7Ews3$CVb1)77&lIYJ<M1hY{O|OB^O0q`4A0Rp*xN<}#c5CW;H|%|*oH71DHT
zAKRp6Mc3<VSx%<EoiCg_Ovd5~p8Sc-89ly=Zyj=J^pzBqDg5bgS`8%FVkvqVF>;bL
zMPmR~JBoxWI~X4<g~mLElMH-rf3vPn1M1(IT1wT=BI1Fe9Jt|v6TrgMw^H5_l~<-4
z*&JSX&0xE&L6FHGtrK@;yMgzW&pdchT)F+_;mo(2hbP9j#Ia>itHAo;T`&U<{9+4>
zz_`L0Z;vwZotVc!U|22pOLxAz(2@klXnrTFx$$z5kh!gMI#s&Sc$!yFu$;3BFs-Gs
zqYLV+85aHGnH=;>CO%YN1LD+LlME(!{^{rk?E8b*+RNEr=6#tK$a)A5`eB(LLU2KE
z7{6doUrXgOK0ZFo6`p}$Yt0QB8XBn8(@kqoH8K6Z9>(@QR@;>GO?TpnVSu3H&n(|v
zH&E9Akx%|hEkiX08;=$WP@XuK2?62|*JA|&!^$*Xbe^gue-QF}0^=z>mgMa>NVH6C
zh7NfIjKP$U-FFnBcCU=sC~q_VbDSrp_>baJ$h$m+)MC1$wmqAtVz!X)SH`rxPBlTc
zbFU!IBT1=`ZZ4*Dp?2+j`iLR6gRYFJy$<EWbv~Tbuk*$7xk-VFzExzYXS<&Sdxnuh
zZ6q{31k+pOEt21}!DNbgyf3Rd4h>tfjqG-YhWlH4-|hhcKnim4eBH947Yss%{(8G3
zmwld`wGya1n=i1ny4nhi24Ak$=Da5+kB>{ffLv|_$ij-GQM2Sv6%DFb1OyNxjDG-$
zjh>sEIl>?Gm=QIEX}*AO{?s6Z+O8#d`GqB<*Ut1>qPy2o*$G|p{e;&p{Dah@toM$P
z3t#K`9NN9?)eyD=q5=j)tf4r!QvffU%@rim$Gx`KBzzltrX9}`>oeYx$Un9Ejse?A
z>^lRuIiyd&rGX$kn^Xa8+EKdjLX-y<SF-QK$QTFz^ubHV2+h-IgLEZ92peO4$Z*W9
zbYDy<+gAqGSfPjE3SaRxR3q3VH#uU;8BKYxpoa%1%R?Z<VvR5)R^W%3Ix^s=%H*NA
z@9ga4mi4F5X4LPNP6YBfr)d4>`VF!0I3g_fbPQ#1Sg^anFnDwl5F2~}@6@HDA`<cr
z<0*D)D>{1vpr!^QtDl?8%jA2WlCvEyXE1W;s9CxzbO^zq&IF);^?H4?+(5S@W`>4_
z*rO3MqgnnVg+*c!)S`VT|E~F3=4rb6X;u~{(lLe->(;?7lT@xj-Q3*N%FusFAJWBE
z=(<=w^ap_-FWFr9MxXCoER|_ZHb|2|56vr$UCdS+wDq!Jq=MV&#ZBnm;L3`&2k;sy
z{48J@mHRnSh1*RVi#60+Q8+3?$sm`;CPwJnP&%t?U{hPimg52-lE@efapNg&T0K6>
z^j?UuEG{11R<>w7>tjD%D?_x+)bw<F%91!-dm}=6R23oTDSp%fs~RFWj0hr0$T5tM
z4(ug^;fPwe7nR3q%QRV)a(#1uMCMe3IPUw^Pi`6sU0daBj#esvo1TstoNh_gA1Owf
z2tySr&3s2eAPjMgTpNiZElz-ooNhc!{va7sTwF{J!+aP$#mdS)X_j?Q78h7edINe)
zEKHdQD!*hYmT8xI45?iLOOtToNTkqjmPvl)3`bU&-g%r-7<ow@LCk$3jfG66pjI3d
zU%>CBvPxQMC4C8vLB=EdR6Yn64Iwb7XL?Az2xC}wjZ1KbE~EA{Lq(?g?O-?xja>oh
zILvf08lZ>&WKGZ`SmSX#17GYv5N8;a@6^X(u?#?9@hLgKLC(pBZP2lrq)b^wEWSb;
z*j4W;UY+LUC098*r%|2b`Dlp>q(I<FCpiT}Be%O4SB@s!d>OKAuRm=U<HmG=2@rpv
zVsBOklnUc(7{52*>uWOHBD39L+Giz$*u2#}qBID?Ckvn^DzeY~SlHU&O(sn=-3H50
z2Dth7@VRK~+ir9=DeQy6mr36ei)!9CE$`JEful%IBmbE858YTs9@6!R0%a$zw_2iP
zjj{+vqv+5@Vri$znL+)h=3r+>5dhrWrQKa!>**@$>KtrsQ`xCR#!(VO@u3nWg-CXA
z!0nzxT92V13_0ycLQa4HCWp%*{mva=L$6PcQtuatXcZHNFgVPR3JsndG9%8!57t#w
z0sxpFjmD{v*iBFd>UM)zgMPsOooFSeIH0cnZNrV0mpVvL4_<SG%*lrxSa*&-dk~4u
zvo0^O5lUnYz9b?@K}cX&%6t@7%{?lIKV%no&0Mm~PyMlw7F9^*AdD;%kChe@`2r6i
zlKy2%@8=OCpawIC<dY#Oz@<-H^zTs9(O+D7F5MeG+*#hPx*e)x2*xeM1m6MWN`(!M
zA+A_5J9CjHT0S0zfgc@KJ%W$WpLr^441$L(X9Ji5!1$eA!zTfe5c^9szC8>q^Okin
z67Dc-iep+d6wN9Wx*>b+jLuhFcL0VNr9t)@^l?ERNexUIZN+evsCz-i*BIeJ9^<#o
z*=*iDJe2K5V;Cd~<u9-th(~%H7@zhKvg`>e<09H}Xo~SAYQ!WO9|(9uX3XDcaEVn2
zov?XH;N`!pzzU&#K>P*>--0hQ5w*s-X2}pN!xRUaxIwE7g|Ellq+45BjIghWz2Q3M
z*=L8fyEE8PB=rj$NQrl{IkKB1=Q8ImL*5*w7~Dh5Eh%%|i}hyQ!wd>ZFi}WJD-CgR
z>5{lwOQd2BF)#LG*U<*lBR;o_{TStPc4{!~%<PJrN9{f5bu^k}vsG8^G(3DC8o={r
zSP8@E--f#f?Xk2MGTdhc_K|SY3M$#3+LPmz97<DuH0_&f!>|?5Nw^4!zHx@N3Brf;
z6QgDh1LJZM)|204G%*9qR0g+CJjPI8kEXFq{tq!gNGbttL}Nn|)lH5>9sXD7VaOTW
zyeL&ZO7r1b6*kxxC`JBbGjbs1ahDh;sH|}~fdHOCOH<>V`O>RvRmB291qQI3x73zO
z5<b!}P^a03)>h0T8RUQXKXasQaBYJHy4-I__sxpaE~AEhg&Cx1XcC&`(2{k}adpMw
z(amFrg-7fF^nMmiBhmZMg?rf?bnwv~!uZh_)hxJ+ZRWOmlY!Ej#={8CHeU>SHWN4o
z+u5`0l56!+CR^FpM1J&7X*(NOT-@~Xq4nr`a)uNvXeFb6uQLtU2#?1GHyg_BNh@<;
zT}r8sE-#1=lT9pxFvBFvXP#2Po9aKdQD)mg*CH!WQ5YA8*uIeqtOP+dKm|?XF@p!J
z0`ARc3lm|(0Yd{g4^by6&D0Xtt28a5t(9V7)HHcf;pV>wf+c5_Md+wrpH3k)L~Em=
ze-Nf-jFG=m(xQl}rATH%@~r7AW_^g`qCnm`Dx9h)m1}&b4^U(i8`%UhUp?tKp@Pc<
zCz6u(@ha01qX{$*0;0k|CO6)cWAHI4o#iMTbgsAB5?a93DD3uwf9M!tbp7Z6^drzt
z8bZ0EIg3zLk+9dxk~S^Q$Qm;;N3~#h7gEt%oQxnb(!}T_?Ia0EFeG0;o>Njbs0`84
z@L=6bjIM4}jxXiS{7Ieig!0);MwCOh)+gp9^ChPVoM0uxx3vk?Nx?VF+5AKKlw$!e
za3uJd5sVjyIT(!fG6zvjvrU}+K-wU?;C4=G5;YP(<eiHGJHkkbl`@ViD(<+9-V+|Y
z$9%&j?;VGxzZAK)e8%<i5%<@BNLg73moq;6Mb%$yzy_}QJwTxb?8(O9Gh3cTFEIC{
zng<qvu~ObZOB<1LvikmwX-F#kOXlIe9P7G0*<Wjq^Udhh)XDqPli_0jy#FcdChKWw
zOAfIsq;)_wqhNvS#$9I#3t-@|(N?3}w&c*zIqH#$XE1%Yu5P)mUd`4;DVVYK9lF~w
z<#2=Tw1{P%KW7)fZ@G2R!fiptsc>pAF7zjJtGj2J`)MMr>_%bEy!B>flPmTFs!VFi
zO|mEL6TU|2tVZ6r0Dz(gfocS0hO7rflVvs#B=DZz3Km*S$cE#{*y4~_F6|-tDoOPR
zw3CWKQ>;eQyM+G|0i;sK2wsON%w!Q&ycj=8Gr$wU_yP_KBsWCn@g>$n$oYuh%L;aP
z^{tI^VjW@N^KA87?Y6?Pts6jXes%$KYG8!m>n=q^cFSQknxIBPGYfo*MLe4n&=mCu
zybVE=n(hlIu8Wx7^*Azzy4l0+OPKh>t%{APD<?EfqJLr}A24bYb$BrOs7)cIXnOcO
zZt=g3hDK!JtcUo8UD(AF?lEeRzf>W-Shg3&H>E<D*S*=zV+9zHwh+e;H%%SgSlc;K
z>XWP{BS&C-eQf(Z{+>s1ey+wt{>oO*VSS`I`Ve<CU+?2RaIunD*)aMi-sj;)s+qy{
zr!`v0U)4&r2jeNc|6YDx;QG$W?XpUprN9fhp{KY)WdpTMYD7ULMI1THY>CFIwW^dq
zPrS3dY=`*dy<&`Woudtm8dNne$xJl5qX))=`8|DtAb|JzqEM&;uaiahL)U94{|k@=
zzoxphX@gf_`@EQ<5%H&XkHx#eLG^Fv4FjI^wf$yr+=u6TMNJozzxU<ng&Y}{1Ani*
zjZNi2ibJ2z!P3(1{_+!F0ecyES^0^t&*S7i;3Gb$DI-rbl@@Q+wcceXeV0wZPcP#=
zR`>j7oWr5g=I-{kQ(Gr8dlB)}Zd)W5Sxp>l$LR00ZUz^9B)++jz)318Y9xs~KXRPu
zA!zNFBXy8C5||3qFZ3iax4|fgW#L@p6l$q_e9<tn%K2E@-!YxX<5dDui|0wgc)%AB
z$`BAX%YzYCCN8e8#d*Au`)#v{Rg?LoWMV86Wyh0h<ZMb~yE#HySfTM8Ar%tSDMh%>
zu~vus$+cuDO-0;T7hp^BnkC}dlkqR)H%HWHgk4O3>tZf6V<R-^&mV+!n;>_x%ip)1
zPHR^qi`1UsJE4UtNco}%n7$02f0)ken><D_^gzlM{b(gAx1PuzFP>oyRb0%uR9L4{
zu#((1N^>i!OaVVUK+2S66kCNOtvSB1lB%1re6LQQvfNNJ)d}sM)t-xVaJ_dZ&j~Vr
z%Wm)q$u~&l!~7J4*WmH0$%JGyQ<ir|J)%<lw;6T#s}|P{Ytn$Fz<zdFufyA{lex#@
zb+;F<N0+?7`?4ZI@Wb-ow;wRrJ@097IjfDqniW%-6ZqHhy65NNY3f;6_YYb>pr^Ot
zz#!mg4SGz9lhfmCr|*4FHf50d<9UCeEZ+-oH;Nd%BEzG>WZ-|1rZMMMaC3EqhmXze
zd_3*~{H%=LuamY;A)eMMOWX1tW3GQwJppY34E6%jh2b4!Wk2+46{UY93IiIc6M4vq
zW#g3tt5NaD)nsI7)F-IW4x&-BgvBJPRp6y(SQWNOiPI9xVdTJR%g9X?Ptd&<R~|7C
z1Ld=Zl2nLYXeH7*AJwd(Oi8DI;>w8rR?%LdQQ}c2HygQ(pSB)HY(4_F7u#GPT@*`=
z{zOlEf%vJnQK>9X(Te?dNknh5Tww>j60GqJgh@FZRZvCj#5LWYX<iY@n@7sxKy^YF
zzMrbc<TTdeLu8owv&i#$WNkVM$HaG$uDu8=yQtkKdJ1Q3-+|wurr;@zS$&>fqD$l9
zlODFaerIZJvm-xWPS?Ylm4g`)h`wUN;0}^zPBk4eq9qt*k6jdwoM+M+Dk^w#rZ!s5
zw9SuB|Frh#<c8C`BxzAYu;P?YwpRa%cMr|U(b1hV;a%loXBC+_&2^AWj#_PV1Ju0t
z@zGH=%g@O=ro!UDuJGU+Au?t@q7#e7BLLGTzVT_lqdA>H%F^&*Su03MUWkP|wKILQ
zz)NDML17ZpB~~6E)!;OoOMEHHlFLg#ttxPoB`_yCG4fE4U1-gYty)Ya3RTeMD6IA~
zH*Yb!D00LZDOOmfRr)!T6RO33lg$PHmMw=nZrl(FKM7wZ<4{wyxZ-NALBuS$oaP9o
zes1pPAYEJBZa!Hl`8w_HZCF{K|J|}2o|~O*F>H&l$9R#yW&Wf$NFAnNA1*LQMHJxt
zc7Fix#NX6S@`rMCEXqByu&nHCc_IZ3?a1WlNLP(=gDA!)=qSv%NY}k6bF5A9&#{S*
z&C+{Cg-kleb$^I3f4v$#CQ7%Hp6^5G2uh3On4}QD%Xy~%P|d>U$LG2Om(9kr+KQRn
zfsw>2rcd0lDNZ1gI^AMXY-cJ`M>UVQc7tYSRu(-bU}^-XPYq7Cv|e{IQ(vm7se^25
z!FI)BDE350+fZDN&vNC~1K|yALAs)7ET^62`5}TRzss?<wPS#@=C+oRQN-`>-=U+F
zBrEs4uJQcIiDSlR-BrY@^Um~?%8DAIA~mjVVpn!PG=L=ZsHSS1(#$jB51US}6UhPq
zo=J-8nh$h4yTNV8aoUu`%vHd2z5b5!Ee_*L?CBGSBBk3<CUu=0$2y0Q?`MxnSOgrh
z$cpH({}CwXUl0_@gSdgDsEZ2civ4t1{RTBgbh)r#%+w|tzLdsC4s}5b@m{J!KGr|3
znXgCwV|#q>bqQFt;{N4Cc(Q#0%Iz$y#%Z|zjvBpP$j=HLrOvIjEU$wG8{MxL;|y8h
zjD)hV{8IEKBlNO3KL-%G;YmaCFk82N_ES<I`&=^H>7Y??+2!b$FI7Y}G~n%h6Lhg_
zdp8RDnuO?Q5dJGpIrXUJXyJgKW0$IPn8#zwsRq>DeegL-8y5r*W<xi)94_vkt7UO>
zh>Crs$?+TE;+prj@@s5qF3k_urb!Ikn|k_<2bi?=)cSKysqfusa@=yOw+GWK#8$n|
ziZAJ>vRudW`Yp!+<czR0$u|D9)_siwx#<37Yg|vdeX4)~7QWG|d@2{$sV%2Tcvizq
z(~*AF&v<#hjK<l7blgQu*A$lEY_({;8NRg`y)ys4ZAXU7Y1|r~^d|p3HCL0-32tv4
zb%$BY^p1({I6me#AY}piZ8$hMfYgJ&`rOLJ<*B=>vO_qt2Gb3g?AH`KU`c)c^T&B}
zb5nccK%-wURsplB36Nvptg7s}zc1_iwm5v=TnE{U5@wE`d3ci>G=Vh2&awJr3vGS%
z==QG671R4ivq_(iN)YIWaQj2Qhs(cwr%;c&Vy8OAXYR6UU&CUpQZhoct<!Yss^>S8
z-~S^5{&rs8t9>7Frd@2Q^dMNtyZu}#ZKtT>a6gud`3OldgDUz2h2%noUF*+i^zOL4
zRr&c3`HV3?yH5Undm0=C8Yi(>0(xIDx*4rM^M~r0wQG1AMArU|r>FU5&d!fO#s-v9
z_am=;|NdTFSba!9pS;o+%B>nEf+>nDI^k#jMi#180NWifAOd=Q&d<x+OBc807l1&g
z2sO3)-}fi|K}kkAox?fEy14UX8l6U>l(0Wtfp$}*q{zWHF~UoJlI8E=Nzz{U8mVl;
z(YB;m=HKj(zI#u4b1pCCxk?vt9GnaM@KZZYz#z0#@OyBDp1%FI9ahys&#6gk`6?-(
zJhf-l9!ir|MyfhvSOfRvxWfxY`9A4Q>Nv8Gdo1$M;Vwq#uS5_dVcQz%Q0~M_SONS?
zwvNCM8brV~Op(oMC%DSnDOcYHkQLgj)sjiYA3wdT(T@BELDg-u-+6yJyP&uFo#)@6
z5=h2rza2?851TSbNu`)896k&*f5all8j@c20=Xnm7K)Qh8bKdVSjdp3Ex~Qhhom@d
z0_|RWe0)|C+NFh#LI+`+T|1lo<SeH;-iGI(PF7Y$48{!T0e`7x5guL}t4q(=F8(HP
ztkHMgwo|p`KoUe!XV4TvBbKsUP1nD<Dx6z<O(@mmzdEn&&KLx=olf$(zvg^g+yNMS
z^RB%3ww?saJ{4}3J!)#X*fM%EdY%C;M|ySl7nutjw)r?LU6L;;C!;KS{4TEWELbD(
zWpJibTq3z>(`AZzq?HdyPP5S<n1-t1Op%Vxg;0Zpg^BX08@8>Q^n)<S(AUHTHNhzB
zmG#+%Zj=R4zZttSfz9<Zi~{PBSt1}n=nB`BGzz3<X!V#1iiUdI<1Oh(GRrtK2NuZK
zc1-8F2gV$7pK~bxj#dOJ4YlVGWy|bf$4|m{OOyux+G;}ZL^GZt7J7IwpiP~(ruXxk
z+|9Jsba1$1b}x(G3YoCmcud#!(8+6?&9-WT&v8D9+c-?mRw+}pWHaZz$%@+;Jk@nF
z(a~%pv$>m;*m4<Yt#073aWjoeHB;-6kVcjo4}iUVp8nCc{lN#1G9?<b0?L<4z~@d(
ztQFE<TT?@Tho{r$FMtmUKktza1%rI%8F;&-dLBLl(}fYwz`$@!EJ?#lLI4xC1Lr&Z
z0cJ-XL@!+!dYOC3Xle;x*O*H}Qlp~WUSOCOV6~o2n?rv`#_+w_V-A&s5ss95_^^P_
z)cpQdbQ8WBuh>P&pz+uyoJnsp=Uf(GA)|OI_JwY&b_HD*kLlmf)E26*{6{i;vi53i
zZ4r?P;djG<v(e_1xhqwTS<~#fp_6lWZe7b&j*8?ce)&Z2+M;`R#R6JDF3LZON|Q>s
z5gi=|K|sZo&h_a(o4WuFui8}QGF1qM0i|iQE!QFdAiM{*VMZl*9dJjFKR$ipOnxqy
z1mrBFZ(#0)k*bUH5MY+;K=zis5RMwX4^J~>9ID++(I)g@vJIqv=cWT-OEOhJPaV~I
zQ};^VWnO*c$QvpXI1yCjzaFm%EJK1in}8df8WY85mm)LSy2m}O^dW*S{=2&bg;Pqu
zF@)6?z#@%{_h!#3TUcxStn1{0IiSZT0|3W%8?LaSwmDzy=vvOdZD4CHhxoCoQ#zfr
z)|zq2YTV;QwGB$Ule&*i@SM@Cj49+2g+tD5Rw^8<I&6r!DD9m3t`bP<bta1GBu?0v
zm_3mcbxBJeXsIu9&<lS1w%Z|pNAB{1sep`8ghI|ws($xdxLVfr#(}@ajd7CT)rQst
zuYj08!2Q_p^}YlT3BmiXpV<~`>rMI1^)%9tRG&I@*hYmMmz>sPs<G}Xtg>z6^~LOX
z>!!Wy$6hyIZ{x+d0-U%{uLxrADw3nDedsh#%15(a`FcgrMm0hdfEr~YO0@mAKp0uo
zk1Qsa%3r@wf8#)gML>08;$&NhAJ(-_E2=Jy7}#*kqz43Pp}$&jj@eS~p1b^P+9k~M
z`rJNwo!iCEq<?woA{#nU+qAZl(^6#TSH8ZZLr$~1$x8ooJ)-}rB$)T+KDR${cpf#M
zz04pGh*vuK32H1TLqqM0NgN!(Loim{enaxzjH)eZ`NSfYJ`;{{p<c3)^v|$e>}w?T
z%6?@G-M|G+<0$(yeD%dn_2-4>-26uInopUer0mH6Nt-5&^`oMn7;Q=m)#%Qy(cQ7|
z`w+YdQ9ceYmmp?Iw{Gu3y~;DD9eaO#Ay@-RFw>DuFGxkHf4Cwr>nGYBoBHDBTb4?8
z1+N$v`B$jm@~XtslT?N=)~D$fc^VVX<!Q({&olhkcM)exF=tn^&@Ca(s+f$7EJV+w
zSnR}D<a&s7OK_>muZ+(7-{x}K0jx<OwpZ`TdA7;>As~vFvN<Jjm_#IpJ&E{zv5fr$
za~Pc2WtHBPzBgV=#ZYGaQgn{CCJR%86jwGG4z5jDnA?2+yr^O<)rpRGWM=4%q;eAa
zqBQG(@J7oVx|TU9K$8p|KshSOzGK~>)0Vmv!Zs`Z>gnivep$c8ah}(w%fBM<bYS+>
z^WAyXYZg8Wuqp=FzKL-2u-$f@WK!H>`<K5cLjGMEc$qM49%rS9VnhYzyu>e76;fr5
zf0OUpVT2xHbU`xFzLVzsi_vGN@mD=aH>F@<+7@P404IZdm>f=~@~&5AqTN_wCCwv;
zlwL||Fs`QhHl(T<XNNK&VTd2A<06+55eWvFE-lWM-(Lrv?uR31Zkb2*3585l%Y}cJ
z3jcKN17}XyXztEj=~Xjfx4692;oLH>JzG3I*JgCFyPPj{AFb?QEh6A!-C3zql5|UI
zAX(hBQ<%fDE3>r2&Z~S85E1o=k8*zdOLv<E^bFSdl+2NZOGO`u^Bj7XuiX$njLIEi
zln>*{i(DI7&$S0M&*3qKLp!vG9>z@=R+E<>KYBWP&*RZWm`FTiJ&;O+{>gGJ#^ItJ
zMOTe`Fn&Au<<W>wNaUFC!;=dDt|_xhKqt{GZ9Ew_*?X@v0KXs!He?yE63Sv#jV${Z
zJi`2vm;WeZOC4Shr9jkqfHVuSOcAkYgEj!Iv7;J7SUNt(DQ#2}JU;=58|CH8Fj^y$
zIJ9v*1h0sc`^=q7)|{~zN=7p}v0X*giBz_6-I?K%bZ57^slc@Xq~;NJEdsb+(jT+3
zDwz0t?DcHeS<Sd_)>KyI6YZvXvM#Pp<vTLxPHMb|q;Xz=0SSZ1Y*te>=r4xJyQb#t
z55cK-l)eB;PZJw!lO7pzF=zpkfqped_jO?MsmYK};5^04F1eg;t@I_mTINHuZ$C9C
zYo4<u1^hb<rNB(?E|nWeK7tDBtJcV&61~T*f}fOhHNua$!mVjHrp(47Lg4Lu)U=(^
z!4>fxODZHK<a>kU?yG!H;BaYDnxtOgp-X)1v*)$0lPv7KCZ^Pii<f0TkLXFL`%ph0
zJpjdFE{90hDdF`qQDbtsODgoQ1|^v5sjWIuQn?O7oze%r7!>?K7RdufV0vx?=ALsg
zGqi4MZG5|`8QZ)(6Y}1d;Yt5=`L%($kw%v~nSaPJXX@cy6T*)l9`5e7vz=t8(bnYe
zsA;O4Dj7M>M<)kaVi~wL;5R4nH+J??HY6*?_)1EIE>xm(97=hsJvhAR=!}r@XLfds
zWjP60T=_4T=JIl^y1x}&`QO#JXjIx}AvBA;4kH*x<d$h<wmwFA>E@dSYW|#h$CR7v
z)pyKV&*JLfRgdA?$#uKQ22@XYJM}DOqwS$rDqP`R)f|uxn>DXS67_Cun7SR$1c}b4
za_H;dIVK6QU9XG?X{p7<me$SXjD75^RwuQ(S{{y;{7|^IcU$k9XXN?2WMr``4zAn(
zkd4gzr)}f8317TRo8C4svzs`0!JSh_2e0PAd0ptH*hM2H4o8`-s%*h{o(m%~Uld2H
zn6p&G<$4Vr9R#gt9}g|e5`Y~RMCmU{GGATUH-aj5c!$g-)D&#Vs2;<2%rJRO_T8%T
zjwaWgBa5)`lGRDyMQ<_8&#d-(ux>iL7^i1PMi6Hvl)XUa1mCPSn{L4=vBuZjXy-!)
zG&)$8!Vfg3G2*4ab!;i~`x0_F!Luioh->GLx>KyHS+t(TDftN09xF9(AP;|Nr#SZT
z-gXtWcCFMZ;gvE^^GW)|d2%rRdZg)5=nmBA4sR2r81%2iH?_;tZl|}gfoLMK<jb*D
z<A~m)W@Sqs_$}6|398oEG4Q**cvW5tDi>1cUBna*m%jhv7Slp3FRLMJp|xmjop)w{
z2AC8E)Hbk2lltitk8GNHR6+91-y(G?TQpF}=xFQ24d_p>Jm)g#qfD38jLO5ZwP@C`
ziyPI1L>X$un{B0+mf<rTS!y}O+UB%}Y7R4~n8QCw-j9MUjaGV>4PRbsecQf`7YgB^
zt$lS-G-|SOc>3oN+GgWSCamsR+R3cw+E1j80{%88)hd)VE#-5nVbejW?>cY83JKtx
z?&$iJ38XMIrp#@<#PxPnD0TzX9T#&cY2$W3ko=9iO`_XL6LA+wz41oiTSnwMU0Qn?
z9qcRGvL(842)r7e%Vl6CLRp@FlG&JrI+~0cuFdDSJ;v{9*)(Ers5t-~xtI>}kUF^X
z&cHCuB;aSx;@X;abAAjOJM>iZu{<V{WgwZgDs!!8*XsxG1N=0besj;lD6@7@YreG-
zNmk>bzUJU*O`Lm9AuL+9u${@MI0=0?sHIH}ix%QfxTO^fM|I<<L2anDlOUWa#17)H
z^oou2Q54#GTfO-RWE2Agv;(=tdH0$ei#gK1U6NP&swer6e~zbI!#;}+VrCX3fdWZH
z?uwXy6cl@S*Y$j;Uk}o2><FNDX#Q?SF$(}1p66Olrj7<ystzq8Te22k{t$QVI!xH-
z@h9Ejz4`#PrQXkjl{msAi>MKW-yi?E_fs~Wr}+N;>0GYCf<X>lBnFEjgx7i~->kux
zoj@zlj6=s%aT-vdic-l+$7y6N^0ym|K;Mt#_TdD3(2SNI4-dpHs_Y9HR~ZKBimgKX
z4u9j?{sfE&z{7xn8p&^?2%o)YB(Mty2UO)`l&LfYiy~V~*>jUY#@Gay0mP??RwwEC
z!G>Ho{;-m!SOIJTtO{1s6T&J%c!2S^yPKQ9zptkzvin_7lQ9mza&&#9$G`bp9KTo@
zK1Jtw%G;Fwc%OBB#2HfNEyk1{s{OOHZr9DXUmk(yfTG$7RzEA-`fY48>SFEymkui`
z{iVehFN_l*?%;+5n^e%wj+q#h1NNvYqp@aI+|ab4AITk<nmX7BB*wD8d})n+RRFCu
z1I8U9f-x{1E=i>LrLom?Pjs@}H6?UqaBvu*MF-HGcX;__T@PbVnz9hS!!8i=R9<Cb
zgc*auq<>}%4z&o)h2)Tx?sSN<c+7MPR#$wRdXM^hTMJutAD!2hbOsgj-0(K7*|Jj}
zi~5|6B;}&Qf{0phy*rPk!Z>T5Lr(%~8{RZsj_Hpu{0C9L`*sR_V7;XaYe{KYl)z5l
z;Htn5Wg)_iA~U{*3#7To;t;t*QHAmuYORbX87vMNLiE!?IR%T}V2dCICB3E|Po?yU
z+*E(qK1p)^y+Le=SmnVQ%W16DXrEU-?^G_Rtgu-(#4+Dx8A<quBkJzVzh~l()Uzr0
z$JJs!71IN0S~JHoDPKLno`Xs8WKthk2Sf=2%Q>R|#iwa2BYrLiK-L}HTtzn0=+I@5
zz&A{57sFP6LAj>fs{6Pvu)CzunOYawysUBB)y?S3&at|7%$?;O%a_N|czKg*7aPL9
znug{Z>Mi4n6WqAvG%GhQv2$vh52iQqYZ8fpwJ!yl+bT))UyH5M-&(7s?@99QLp0;D
zA1q|(DM{IDNR=&c5B&_ZbmrELR%uMHzi~hBTLD7_dx8(^r&+;AAKD$Q{%;cuSi9?-
zopmF2wNZ~&WLNhKZ1F}p4^^>e#sAsmBt({x1%?wxFt?DqYy}^R<tHNKLnI>Kw#Njf
z8Utx;b!>;E;Xn3^&G5OdVmVCf>@B$)YMy#@rxrH1S1dS@?(T9oxA(a$T5=5$A0{*<
zqZM;rm-K-JN7#m;a5j;lUyc&JF9#otn6EJOQJ;7*$%6Dtj@3E{$t`jm6}^D3iI4Ex
z_>ZKUnNqiR>H=0xOPE!|HscG$?nC9_qC!V3<n4hMu2cBp$A)C3Fp=@&H^WteLz?g{
zr!74gTjM9=rqueGY7=u6NAXO~GMnp()9MVD-_2&H_;eYKjWld_@V}#o&dWg%ACfOu
zsTSx-HdVO<(9zAwIx<LT!~hn4_NWn_9_t|oNDOd;g&%Bm=@R|$ABLdDIo0%y?y0Op
zsVIOrY6?Mfb<_wGQslmwGTdZA`%jqB_IEC<g<hcJFl+<)?i5)Hh4oOW*=c{f6Ku~E
zIV%z#YbazFYQER(`~h=xnwws1n3BRQMggviu|?*mvL?eed8FqrMrrb0#Ni(rW40>q
z(u!Iz2QzoY{P+v76IuW$gUAFDdk7}$p8tx7kR@ubKJ<AIdYGSixQ1hdN5F|5q#R|x
zv@i()bX_F^z<%@raep!q^IK!e>+n4|KY^F>u5(k0M}j&@#!PSNUkMhrwH$Vki#8i`
z26Gy?8wA$v*=@H2llSWB>L#}y2marK0sI=*T`Rk}5(&PS<UB=qZF>p(?2!Qv;`yXD
z8?8<`$y+C9Oa1>QqH5c6UW9sX>e%_7u<HuzIS(KY3J5Mc*17N{%}7UEmp0_ZdRt}M
z?7;TsV^fbJ_gGwQ51C?PHCiv@CZ?L~LH{fA^!D(0eVP;M<K1?0{QAliO39su79m*4
z#CVsvrz%T~Z8*moGa1<8*mei3U{{n~wVKJlT*bk`!SV~e6(`K;UlXlz6hK0eq|2JA
zUUZJnqS>b3@|k15k2pK=nwec*Z3et`D7<WJd?uebj{y{N9^ZNP2J;g5f^&p){@wR4
zuf(ZChUo<IeIM^{$o(xYGT@XLPj8`S&dbfyJ6i`3&dSH_oOij~8#fDG9dB-N{ypCN
zcG%R(PM+lYIYUr|X83?*MOdq3oE01_3MOEt4Ww`;nHAKJWs*Kj`R4)wp3jpL4>o1t
z-th&0pYu$J{=J8(66tck-<I9|D|=YzE!hQAW&r>j4_Tt~4p2P)0A8$y-@EB@nerMR
z@Ne#i@9V3e-<1%d*Q*j^9=|dnUZdaIqg+_hw{t_Hnl4B*AFwDGu3M#unPb)CWN<;L
zch93}idHFW<l*uD<f1o!QPV&(leMQGF0MJLWhnJ+>E`!;{?~d+WUB*LCs%;u5MpgQ
z+*$ErT<)p)#sq|sk$ELMhe>EQ%B9Ez{8X(DV<`OgFalAn#Sm~2x@Fl9E-K2$^V1s|
z(ts=d$weJ?7p9q>(lC>Xf-6$~nN8vURDqw)Kcn}E^W#4=t_}E4O=^Vr_-A>A9~nK1
z@*U-6xtpt_AFUtqev(Qy6`N|cBq?^%TV7OKx+V-S{!0J52rLQk4y?6v?K@NW%+^5I
zX*{^#A=^ouWbY?+@7$GH*-+m_P)$lgyL*+lW(4_vFX?PQ`WYSkyB4}4Hl;$&r&VVj
z;JX#V?W~|xHM+c*eJY-R(`EjJ79ArBGy@N2gQzK|%pBV^Zs-Df8*1JB<ivd9vSNtg
z>1;|LD_jL{jtSfuIc7NCS9yn6Q?lXz^AZngix^rb)qI*OFHV*gqM!dPw9>~;_uE7C
z%@9DGO0K^S6TyCK>Sg7`dUA>I>_8IdIHR)zdXy8W4Z*lzM%M29gzo>2uemW{U|u^;
z!dM{GSVBVT`Ifd;Tbb$6jTx}$pj+?!*EJv*=#tSXTmVX+GQcMso8L&3jp|ZQSjE+n
zD*1;wz`G0{yfmwK(DdK3=f6;c-Wxs}mm*;Ox{+O=nYfk`B#oUUJSA8FDGb$+C2cgI
z*pPN#Y>-yRtGIQva-!54L2Ty^XhV-Y;CAQCX<%SGSx<V~xn#Z<kRD-nMGZPjN}4HQ
z%aZ5KVL8IXiuvCk-wdqP!V!~$G>=nX%58n>{8fClF+P29!K*VTF3E{t%T+(stM$iC
zsdvE@v(h2>KM%Vm-h7L)uS~1yaf@q8ip|t=vpFu;@`?7+d#kOUkHXN$hph{*>}S%E
zjeGsE5B+~G>}rhAYCQQJ$Ljv*->Ij(LHSEBt|g_-YH=pKfIMf`tZEaT_?nADjZ&<T
z|CU=0&{pDbd+{RAJg0KV*0)YsP3jq7z7ywI(*GDbh)7(dBq9lOm`mgTJ-a1@8o^hc
zu=h$*WS=|zXdPez5zKd(fYKRs6(&ObUD5?HUFUaW!-_F-@3-6u%#{Eca#7KM)2Wx9
zBQiwV-Mw6{P{8+e78@{`!p6q7_qqG(n#mB&nl;T@z{uzK;i{yh)Sy|?p++k)`~3X;
zdDpkMwx*#94DA(xKJlFF>|-$-mmqS6_}JL_!*0$HV1D}?n3_pFb?y)?nqOIwP`a1`
zCL+$ffW@G$UKm6XUCt+PyufPY<R_lOi-7?VTS6kDy1F{52*z9iAI!ETh3JpZPp1Ee
zvbT(iDs11r>23xX8fNGmLb|&fq+@6SrAz5<h6X{p1ZfdL>FyE{q+5`dl6bfG{rsPI
zJ!?H5-q(+;<(|E-nSI519>3!Nm~$2*8#}QAp^4ik*XU*4@b>^UEGR525Nl8=j{Dh#
zT&<i0np~59fgakE*gHK<w6Hl+s+{r?D3`+F;fVM(AL`9T1#jKy(y?q_0UI3^vLEd2
zryDW!CHWf|i&M2u&d#}?#+-_}G{7%5XqH>k!#Sp_wWS|Gn0kO1kGMinLjDoZDBGK~
zc^C7P<_B{hq#7c#;N#(q2lBxldcPJF6oBLEb8h{l1s=M^-M4=iBP@NHHe*1MN>WN?
zx#6sUhIqy3%LkV;-i@bqPU(fE`F94Lah{(OuXDHo{M>5OrF9Ig`D!agdbP=ZY;kcB
z5bT0;d=3}*QYdYel5cFZQW-c@bmF@j^7Rv~uK+TaRe`s*(QR1>3ri9YR=PSfBO5Ln
z8H^IA;^gLLPf~;<nO}n3Rk{ISmi!JxL|v9!fAg=duF{-bU4M24i5un|dlC>M&A0ph
zUK&iI&ZVDc#$b|1o=;O%uIdQ5Z~&!6V}Z4f7)h0^x%lD)brlp7d;A?l-<8MaDtpaC
zmSz&`tCO>diVU>;)cB&I3v!MiV(v>?r9L?h$lzt>muQLL?)BDIAtqfdxj?#gJ9ACN
zdl?i}Q=8ryp7$`Mr*v)h2}W%%9aikTie`ftdpmiW5rB-W8n`d|>y7z+#^k5x(IQ`B
zf1&$BwSMKh*T<syiKvb7yQdrkb~>p{n(~P#aX>3Ce~`Vi1UoNXK6FX)_0=>DYS>{z
zz+8o<Q)*e9eAPc>AFo?wyIRYlI#=(foV;<Y=X-(aMVU&Sn}58tjC6VuR+*>+l~Ads
zuh+@ySN{mXK-jzJeXLPF0Ben6@BOwteLRxRN~|PM%2El*otMML&hIN5(7KOCDrd7X
zl1auYB8T#s-H{g|_kmfs>~_t+_@6~lSQc%09!<+Dx6y4`@;m39!PSbgu;b_k(fg)-
zhp>`{KYfw8XF>KxUQuQ=BjZlA#vSgn<3~8CLxc0bS#1v3)HENbMkIaT7qSi2K41-&
zJ-YjIn209uR>eBhgZW!7b4$3g7J%)&O|`4wH}Ldy|0tVgv)E{hDQX@chn$bq5W|d7
z8m_feevE)BtDs^;_?JS;hXo3A_VF-+5cBREz36S&592-tHiU-z{G<u&Dnr$5tfbgV
zu|N9SdMVJbzcM^F=Gw5xDh4W;0ismZIYFT!@~EK{de-!ra)7^TC*oX@rQ>@O^<&tY
zx|{kYUWs{cQ-))cKJozliilAJ2W1BY^<Y>ip_FV%1}l~1Tc)Zy>c$rM$3>PIyh$J=
z9wcFMHYMQ0nNd=h;VJjWE7T#TPA#@D9rE$c4d7xGJSV~&A4o;WlU`Es4Wg@q11}kr
zuK98%^&;g;&{3Ie>7?G|Sn5Z9#2TxX>t;~(fm`M!F<<6EmU>?s6f6Fa6)d86IY9S9
zD%`?JZW&`z5a0)1&wbv0*=x!`G^YZre%EbEio8CDqoG^Dn5aZrZqFa3koPb`LnrIW
zhSm~MrfSHJC?wRY%xs;&vkeE%p=r(0j3S<^Xdp{6MM{uA%R8?Z#nS+i6IF|)t)S#z
z48<EP-3GAKV#a)J78XQBS5A^DUM|)b@vyzuC!J3#W0I0PCC}j;pNZ)ag9to>o{NOA
z=UDf8>yv19kNbo{<v|vXdbccgb{m2>E<VS8uob_P)ufYsl4g8}V~LC;QKg;9n;wwk
zz4cjvxF0_wLvRIdnt#?DK*NW3M;lS19#BN*B3m;}%af_@jpKQ`Ll`w#B#Rlpj7Q<>
zAoNPmXM0uzlaR+1m2jiRUkzfbiySX~Okj_ai*(MeK|2Q(r_(rKQ?Mzicp?jg3U(Vr
z(@0)MkztO`bW5bV%}^|53JvFKvd<}2G|HZ1eQV5pGhU%+r!#h6>LQZ*5>EZt?+Plx
zM;^|wUhE3#I+E&B8j8boV8zj8Mvs-jE5dD2B-O$DraBE-=vDSM4@^YE*zz*ip#0(Y
z!zClNPo^lQ4pE_d53Tn}Os264?V~g~+AfJlRF!7}ZUK3^w!x+8M(zv|2}1MmVjA4R
zf_9CZA-dOzw@A|(K3_(Q=481lp>1-3aU3_w$)NJtTs%y#&^kt$jw(4+!*_4aRo~A=
z(s(4wS_YEw9hLDmy#=FI#Xc~>NGMx$i4EHbC~S~u8Dms$K2HS^h&xlUuH$P&O`f7|
z;iArxi_+{A*}^K)232H$)|=Z5(W3%tQko25b8PU8pVo|w*SH4L8QpKS2;w3r)4HY_
zam9WzvGc&l?Dn*`O^cwU9$RAOPt~bHf(X?!o$4tMeymEA4@H#Bb<f-H%a;@z#1086
zu#yK?+=bM@5(k>Q_~~TA#aR#s?4x8e544CFc@N37{7r?C{j`G_Y)SzR1@!cHhDeXS
zbUg6b4HKS6m9)Xni8x-w)Mdz6s3172GR9lzZgDC{i{ibPp)9yBbuTY;0uN8o9CM#a
zR*S+ekx@qKx$b*`Jtk!$=@#`9SZJeNMM*pwd9RBGl~~lyc2SlLBwesMQg9}U(jfa>
zkI}MZOoJZ;k<W+CcrbibA{#v;>#Zf;XJ6@I%2ySHbI|q#^B6hF<ivZMPX^=lskq7z
za-mwKr_z>LfM&_L)4F2}%2MXbeZtZHR%>xq?F7cYj^lZ+A8&J$YTDAvZV8FmZHRB3
z?j~ln7D_I$$de(7O2jSS*2g7Gcj%|o&o`&^IA?TuVT1b3Bv+5NB&-t46-`HR&Z#dc
zC&{o%5xW3#HJ$jQto+CDIw{&IA#Ek27*8&`3o<nM+9`Io>};Mn(OE?+*a2#o!_*SX
zTxPO4Bc88XCL`>>d%IUy>FnC=nW2L~$dO5fZF(%}YfBC+pxWlh?c0bIQ~D}J&-81t
zpz`%1L}k|az)`imP6$Kr2V2qTM!GjUna|yczny?OPl7IY-$rEDQ|}CWKl=(+8t6Xv
z7T>nb>&%*UQ*IW~q)w)M5pp&b^6|r0X!RRXZ<?uLpP~D%-wKfe7!6xrjArTYa`XGU
z(P^r+RNR>+ki3{UI25;aM%l4th}E151eLWAh{{9=wrID1*KAe>6XUm0eHoOArq~ui
znNghrs52Va`MkWW1ye=9E>F*df>NtoP7t<zl$b*fVChuFY?)B@x2YfP$db!AgSHKR
zWy3Yt#S~BMhDH$ZvM>X-i|S$BigG#*{&M4m&dXVK4XN{*u(HcEkWyyt81df`#xRTn
z{8_!OmcoE;Hi52@Vu&(3uX<yaMzwj~5W=Wzj%|~T8iK4zYFdV@xGxJ<t=1u6zQsfH
zhSsEO`^1aD8FND^v2yuQtJy4AxhvTg3KH8~Erh}}23*e(z#me9N1CH4$H;{y*nKZ6
zbFG=Bsob7J<F|uwB@EZwZ8CeR3{R?kL=s}c+=SXOu#*RlBQuR;P}y0~=<zkBAz|4f
zm1Cuk)MZ^B)_3u|ZPN$gMunVBJ<i1SVJhBZbk-eIC|c*7O{Ay@j~k3<M)fBCj(zKA
z_4Mb}QP4T1$tRS3YVv4FEB}osCb`i4L$%La&G=$tQL#`!(a9ai(EVEhBm}Ed&FYoM
zgCsaXdVWO@!;hG3M`y*+myFj_tx<;a#TBcK?{^BHe)JW-S?9|{KQz%D9{8pt%!HdD
zuZpxF?A`e7;akW>hqlBYp#1T#EX$16y3qY6Y=G%)Ev5=hXgTsSjv`G84wm$1ZiuEv
z6U2<q1L;>U6(>tFnD`J<C-d^hpPPE~tg$G6pNeIpCT}=9an~xeY@}@UcM-3u+@sfZ
zsFBICSCGR-yevTMB9$nz7BFhYgpJpSLO$bH1FFjMrnEc?bDT0HpP9Ii`6yi3>OaL%
z$Y%QZL<>>P`NoC~(ddfAFH1I0Z{nM3nHh~fbi)EoSAO!#a^ELbH=8PG+lwG!Cl>B#
zydSQ)rVT4L?{VTmtEEbM3Kkq|?Ld2%G57ZoX^t}iHvm2U#4P%#%7%o`ZLuSgugm`(
z^&Qq&Jg!a8>+<QcFBYuoHL@{|6Yt{U;sB+}NSI>^rue8ycxFEnwiczj+KvQ6uV|*Y
z<ZNuQ4nMl`jrL1u3az+Oc;+hLKsDVrU==Nv8{4SsDAJfdzR0+l96itC$aILl1dkNS
z?9gwu%~9?ewmTRg<`Wxxp|b?Vm&ws5Y2tP*^#d`6GTn_RtONV0VI2!94JjoE*K)b2
z7BQHLs#k?%IF<dw4oKA-F7SbY9lrupLnI@OZ6}hZO^P*591t(z!-p|7CjG#W(r}60
zJIoL&G^-bPL=|n*aGwCi32VWmB%wKg4&hSp6u}C#(&O;5<^*N1gSS9YG{~Y@I#Fnb
zsR-_p^hvcRum1V4Fl4+`T>k@liMi$Fu?Bb|O$T7UbO+#P^W~K)X%P;dDyb2`=ZG4s
z%o#&S^++TWpSgL&8_sH>IX!=|p7Co~1^NB7M{*fLHcjuv$R$9RZo_Qea+O%rDq@p+
z;%sA~I9IyjLPa4Fuq7S2>Ws<*&gXRvS^Xo!KQV7QuOCi=Do+NV8Bs<vcGia5Mh%!M
zxbsIxJExNKk|msK-R#i+Jv>};d`cq!OQ}{d4UE|H81bAJ8be9c!f8)e%db9t`qaz|
zC)wh65U@NvIZ@^&P!!PA!KoT%#|C*SkTBnXtiJb$IQ*THe$bC@ZEd}p5ME;<Rg=>o
zkRbDrOefqKm-g0E8`6;z@yIN4=HOQuCfZIcaoq&i!y~CwQBvvevG{=csn>u@nao3l
z%FS2~#kK+M)0@*COd3Qb<ZHKRi($aA%;a-175VuRoQaVxT!zE~<6dI?^YbV=7U7Rh
zQHUaCJ?`Id#*h2rv<hH`?iPn=MCu#XjyO8IWO`{WZEO;*O2`@Zw6@={EO+lEilm@2
zv1kM9*0+U)=pMFWaxp+1B9;Ut7{YK6x@}32`vIwVC+<hEQ?}t<D~HrPQb{K0uI8h4
zhV-@X_7e9YLl4pFF0vKH#}<j8jQYL&X)C}PtUH=vJFg?x;kl$^;cL_$i<WoL<oa;F
zGd4e<Xg8~=!7R(7X)FESDML#)dlwd=D-#NJexKe=$1&=x?UQR2_d+d&Mzjeyl9~3C
zh@uU{!skmWoho=nRZ)M<vXw7tcU*!#CQ9X<5z->Qc4N%9wzLQe3Qms(g`Nbgy}p>@
zxi-J-3r+E7uEw&>g4h(Hw~wF?Vf|s7m&czJEbY3tefl%{Il?JF8?-a8p#=wy|G{Hf
z+&UNnyZbYx{*lPGrbOyDi1E5Q9`m)ixrh_6Gfli#oEQtHKG77vv(DcU*1~BvFBK_;
z?gqYyMzR_PewIiB2=7fI@)AJ#j&UI;^7IYrMRgZJod)SL7_?c`s?c3v5!F!-c+y$w
zrp3B;Ix0g4{QRL|0C~VN=#DNBF$R_V1;7EGEA2iS9(giKcQ`1$60_qUc6S|)?jNta
z)|QskNXKFMGThq-#AL)!`~ey<Z!Fvc@o1aMHxk(2H;4kmBwJ!R#1bgW5XJh_^u^&j
zk@Q-&S*17=#tA}^y5U-px!L?Z`Ga91`D8Rc2mEO_l<KF_WUA1JYUA)$z=vjw^e$W&
zY|b%CtgLYrYinx@^=Zt#Rq!Kn$Y_k&g(aFq_UspnXUr0<^avSv^cR9Pe3G@LZkaT<
zaPZ{QTJpon_~_P3h;#~g(p5v8Gukx-zNm59sqvSHMrStIHB8G8xOr^9A7r;3g%uZe
z&UFCRegestJ72F?ZNqIONKttaMa@|2nC)><cx$BE5<N07XG(je7!9fcJc&fD3i^l5
z*r+PFk$b$&dHuocZ{sKji4=)u;-O7GG<T5?KQW2aUVXi=y2E&N6S$6H>EzVzwkRqN
zdl+80%;@2Rq4x0|)#lbUhFtPKK6i7wxKC>BrLFPmis<Ri9H&+)h#O<*nLrx>B$Rmi
zFjU{8#U349wWAGliR3XD$`n5;Q<pWqZ5&d80@;h)0zAe}7SCauV4VcYXstox$7k>Q
z6L>ps0DBOD+%mrHQZ&9@{JxP;gu@_%2C)F)g9fhP91jDg4ly#5t_lU%G$U2pbkv=R
z)TJ?3qkWt`NMR4CUk}^tB5r!<?_~pJNvle*YMk;^2ib$y08_7?2+ZnO<W#OO*_5gT
z)7f#)3fh8lZqJ;vs_@Y1Xgp;(lyy!Tw%^$fTM#$~)EQ-0j#Vq`MI$*SSXqiq)*v+n
zc~M(1P3D~-yhZWQY2Dx|8#?HoA*)!r*v)qI^K*J?x<(8vScxppnZQLC<?(3hF)<!|
zJFCvihd+&xS{$q2uEehC)gNpg$-F;=cWH|%Iy@&vz$ANUP@LgA6Kc9tZUydcLN8Pw
zwHBEkjEX_?IlBca2!#Q=lwXjgOGv+OpdBf2m$xbA^?>dW^tZ%yA$X(jBwrgdq!#Hn
zeiPG>rEkO$lX<5!qs=*P%rJC!Hbft?l_b247VUO`z6%s$w06)cBJ|#A1oqRU!mlwk
zvbd<@Fa*A*)md4Yt>x|+&t-i$taV$RpKs_))*h><$l~VKeEasr@<qkhev8|I1zHV#
zC4(#@RNmnl9dtZaLojQ8tTLE7oIGUY+seWRv*Oj{WP&V=HoPZ@D(95cUoNf4;T-{l
z0+l>xOup=n3g>dGTRL4OHkvgv)Ah+3U;-%sc2(P8F;OGXk4I}p9#fshtpGX5SPD+q
zlimW1zXx)U>rpWz9SHy@NyZ6TMggC+19Y42X-~U$SP}yls5jI*=2li-0YqWABo|FN
zn4g|a+b(m+l=Fg#Nn9qwo75JDI*nsd3Xx=H!V1m^Irb_nwW=B*IqETZKZXRI@E&s2
zSo!EeF-QC)akXgcP4tRXUBgdsolOJ&5S6fxl0fk@SrX(iT4arfri=zh#g<6qxa}s<
zEQ)!fD%^&0VQrZ_yCEn`&lka`Naj4h2~mlJzAWPr#VSe~k)PfqSBlXWgS1;%X|o&g
zx#N+q7U|Bm;J%s_r{SbehQy$072$-95>K$nhGO@TQ9GtZI2xy|oBdR&+-Jv@P~vnd
z!o8$&<ToBib{&+?=jZWG{dL+#BOV>WQPnFAj+S#(Qo4(D#=a=QpISF_t!m3aD?g?3
zp|sB%H1Iqn%VS=f(cC3mQ3z0cSFI8*D$^n8O-~fL8kT;NIC)v=LTg0sJE*beChlTl
z(x-B$r1ptFOSRYLPmdbY-E58Y0{>ozy9n|g%-G+vXHWc;wmFQFLA|C2Mg$&F#mj)%
zdk`fnVGF3%u@A>UhZR^+r&I*uGx+2Aheu+hz>G}T7^cb?4<aDG_$oyfO9ur6V<<bs
zI)@EU)R`Y!=!l85hKPmUuuM0K<StGQEw!H`z5!D*XJXNoTb~qvUJlhl2He*sGF)+h
zUZID0!*sw>uA)b~HKKq=$uUb~G!m!PVZNiIPFhBsK3S~nBu^5RuctsoQB1BH`f*Wp
z+!~yg6DBv?5{{YEmN82~RRSH>r(njKCg*1&T8~A55OEy9Q4m;wnHJ!pb*0W?u?1ia
zKcZ5e7YIiEWb`yJgJd*@5>EQGh98rx7fyk$;$SEZyMb;&#Q{rE7L62e_(;MB%R9!&
zJ2TQ1;i$nv1vN{}Im+TSU=`yuzQW%51Gr@Da@b#O6?9^&k?>oh64tTyGiA!fB-7Gk
zD%dw;!Pu^);&`d~<t<|xskTW-xtZ;Y^77s^%;1O#??{b7kc|PNqFvDV4j;E#j#$)l
zl7V4IHx|RRlI;8hRc)u2_hI3AieJ#UE0)RkA>jylmIM}~1y64_NZtd(^s}w(;JdZs
z)iZD4!~mvZd&h}0HgfwJwNgHHY!B!S{6$?%SH!d%x(lx^+@8clp(~M1bk}S;M&swf
z;t05-3|&uNyU*39Ajpdz84ROolQVyza$pJ?q#!)YHm?fB+oA~B^}9OqSDUYuixMY)
zErfTcp$C|o;<xEEm)iAw5%EB(yEsyPu0(^haKl9$6Io21WpjXdnYs-=$a<NZS00m3
z6<C!%jUsstaiesJ$o%=fn#+)bA!Y!}rR%dI$@cT?(PsqeQUPMPphkX$Hi%W&I9jHD
zt})F;t0F;-a;@6rUa0BCuX+RXDqLJcG|&h$weqh?v#%(2PWB$qnlP}TQy}qJ`uusQ
z#CsKkK#olH8asl@%u9a8Bn_=yR56pM(GR2M28o}cIyIYKv#Kxgv>bN~WF9vwq~wZt
z+x<ft+3!H{WJ;jM)#<)a3!DL^ekm6Ik2-`8-H9!U&HWLq7i*mMjYCFB6YqX{P4=3f
zGzZu+kI=|jaz$?PvKJ?zrH4XMYJC^&(%5&Lqej9cxYP7E{Iw8v&T8T9+wM`t2JwwV
zQAUe$&FcMlmkmB3irBX(Mew&8!wc1lW@Y8D+ZKKpER@n%kzh$g?Jc_^^<PI4xHkBE
z+AY)Y$;n9!r|O(NUKOYq4Ie9&oU{7|K{Shm%<vG(d=z#-`ypLPDGS2#fI2No)3t*<
zP5v-I!p{Cptx=6^dq#syi}|9-v$jRc?^NjhVvT+zOqnY~O(ZkTPHm!0wJ0h61~X=h
zvu^ub3TrMx3X;fldoF|=yq;mYtv);#Z)y`$H)r26(=uM~uPQW((Ep+^*My_Y&Q&mu
zsPGUsGRzo*d{Lk;&mPWJ)MHeBZ!P++2T3fdC)2mFkmjc%!N>On5zI|hY1$QN2QO4-
zn=EGaxE1-8fuh}HHf?r`8KsHIS3TW#b>y(q^sSRCe9LEe`mSm)u49zRQnT^rUobo5
zI4i=ckE!eLccP9n`NiM|pE!Pc++7~job^#9(w9Q|P`lRefCf_RU^1O#{1UMH6BHl;
zfc?^pfJE3wr|ihfd4O4wx>=6^`V6%S+#hq8Mf_mF?<y-Rm8I~)-NuW7UDfyb`QZ*t
z4S21bXxe$2;^8(-K<ajzbR2M-E)c|X%Yc)l`G;}fF#%N|4!efPds0>{1|?#AU35vX
z{Ga3Fm*J<I0|}S7gMf!~Bvxu!>?$JQ*F3vMiSxFylF~4+2zCP-66uFa{rktqzkm--
z3X_kouiDrF?eAHa<Thf-7y{aouBzS}pvUv6KjdpKi5g!DN2tDQmf>p9^-B8<nOYkb
z;WX`~dQ<nvWx|56+mZt5rQ)5{U4Cmrdh~Fa%eGE-Yv<pUlQj9vX2+>VU{8cxF>944
z1=!%cln%ZZu_!9JA46Hn0jDMNMaSotplLB;*695G=MftnN>su9C7yB~BFmmD7>~F6
z_2Fu{jg~U62v<WfL&nT_jGdrNJds7&Zl683Z4>a67KzuyuWUn)f}!7nBTQLPR}>go
zir)jqwDHCXUi-9J(_&fEM3N=(Up|g7$wouYbra<H?eo(IpL+(w!D5JhI?yZ{N+b!2
zLH~t+1f*S+eRQOf90P{0BK+*x3`GXauqu{Al)Ae2-~}Vry>@b!B+Q#Od>Y?~Mt59;
zxF?ahZRL--@w6}3x#af;gz)1XtvhD2C8ggm%)0wj$~wPpAO&wWgr-LViWxO73gVCO
zpzn;Jij^@}BH&LHdof~{e7x8g(F0XuXU0_LvFg;&fHO6#Jyxf&zXn<!H?boMC<3Y5
zv1@UV=*V1!Lu0vDGl>Xe74B$KKF}y@!E|V~-R#dWRLs-lS~<?kj5wd;pQ5V9)IzS^
zT52Obx(yg`&%vUw(~7rPMAlfaPb$+8+HBo0q5cN6fS&`~6@EEkcoI>j@8!KjQroLC
zCx@tkCS@6~@fcTGO6ad)TQarnwGSS+iHT;g&|l*iYBOs<Llnj3fPswCL<Yro5cXn2
zkE@a=xU^Yi6O*eFTSA8Zlk1Og)ys?`IdBauVy2keTk7F*t}0Csm_;MI0f(pv&uB8r
z`Lqbi#kg0Lew&fx&f(57*KykK=g3jR98WPmrrP+<^3W<omt3#DCN!LfYar)l@H6Ka
z2#&IA4Ppq|a?p$(0Q^{xR-Cq2)ZU0AmQJjsJLb1WHOpWpV#0N$d@i%fzr(QoX`J7)
z5YYzFRa*!ngO%}6f1iH^PcAqjU|Lc>5mq^Fwlq*El2yv&#KMZtN7$HEY=h-w5RJMz
z=!(}3+xGjtG=OHzjdd(?_m%n~TU8$aCX$=xg2~#(-i&MZ^lN$(_n7w>PsX`?{nN+K
zC!8O4lkL87$U3IYPt-GVks8>kT%D|?kmhRBIEQLP=ZE!t)_C>?t<ArLGNC#O&p9#|
zk%*tKNcPWN5UommJ2je?2qQ;J%9ermZ6dxVk*5J;5{Bp^8lkeNL?Vtr9GZTZI%#P#
zSS_a%m<R0R1+>7xnUVwF)>~AM;-O_&V!6YQx16mQn`5@;_u1=fClnXr3jKLF-Lz(O
zp={6ROZCSeg||$9$3QmZa8X^Rl>{d2rCub1pqq`DMODWG7Q=mUr8IeYk+6WZ)zwa~
zJuN2ZC@57G#Em5>>fer9Gqvw$CV?{9s&x~b`i)wi4_ckI!<@J`By_Gy4y`2eU5QB=
zgP~J_#-$GK^Eu^!_(h;B9rfUiNjY9hj&tzLve)$uq$89L5~CLwc4+5H^hqR3kcCl$
z>~fk7XGVM6{fxn1#Qw&eSP4$|(J6ruT9_=eb4t~xaN?8ziEK<~9Q;<Lm?nsV22&P2
zCh^Yiv?dWspCT%XKM2G3MqVxx-tI5zawj^H=>XYaXbn1e!#U2KY>S)`b$p_fEO!a2
zB4NQJ>@AK{beBbTz;QqWDR0nPa2k!)j&guuR&%?&11y_7yYwx5Q6+)a=u2k8wTWws
zH}w67iSk)r@U0C<!PMGxbEQ17s`ew1!->hZUCGlWPRy(uV3A?x@FzaZj&2=<L3r&E
z&uh0m_BnxW5J^=~U|?n(@e&rdbC={CZ_0nhaBdEGZ1%_yzEezt@@rVJpt+4elQHa2
zL}_!C1Z5TT9Iz;#A0hagT=pv=t$gZWItKwfH9sQxXnhAJlne;AtWJVzsOkG6B6T*n
zZYWc(KXy%(I$2IQcF(0;^dww5oy0b^Y|A@$L~VSFIlip=GW-o-=}hUJPnp<IhA}&?
z8`=wa6_sMTU8-CqLyzHF@^<+pq?I#}E7*sbP&zK<XiB_Ko}+f<xR<d!MTG>L0m<O#
zgnh0-YYdBSp^^Fgw3Lg3qAx}Q5aV#SS(5R-;QLSxj!nv1bTsLYFtFhzuAw*ir)ja?
zS&5&_f0_R#lL9X%8u*3i03BDQa{lbI$VSpJO7=SypUa{o{q_`?kp5@`KY2@((7Yb*
zYp@Yj+N2FzBhGS>kLT$-8V`+Lk`W#ERM!INw-JOo$DN`XP|*@?<3BP1&nnNOjCXUq
z06ZLAv+4##TavR+@d%hORRhCVclgs68gq~J(fjBUtjb~yYfz+5rKHY{){6X9?IkGs
zg*QX(e^uB=>Z<7b_`qL-L(rw~W?iILm%c0t99;Z7vF>ezm0ozieH@;B0lW9O_=M!g
zuYAD$u`0O|4BN%2%n1)l<dLCv+j=(3@0ydnZH?)3Mimk7RX%5rlnQ0V^vUh;4EE|@
zaZ<wAK_f&-#6$_DNyg*mH;($q=Ey(tW<-C#Of*o|T(^KcHxC@`=}aALeQpB|D$Yoi
zC;O;_vJZuii*6G;lo4B#Mf_+BA5l1DtK<=gi)Ru6=FRzDq;{n_&-c0szZRA9>U0aD
zQ;UIj`K!vNHa|ikTL1kV&sG#E1M~|M^8uHGj+(_LGV%hu;KaC+zzSkUo!G&ejG(`9
zUJ<pmIG={91Y07M?!AiDhVXry;qbJ}5B5k8@ed4fbWCxE2C7r(^3^o_@3%;2Z(=6Z
zUNR>IfK&w<3ZXy|rR;z|umL}2-TejelyP{2U?yWto1D<73ec8iI!hFci{Dn^v)fLc
zVM}9ECPT@eg*YpPwWi8O%tt!}YAUv<(!-IiY>{~6r1KgnZ8EF{6!A#Y{E?oQlD_p2
z2`pPil!5qO=%P7g@OatHvt?$DVJ8~apto(6_PzQ;XcfU?{3Zt@0auoO8mnh&Cb4TV
z3VA?I^t6ON@PRYIOWBi`3f7ElPsHdV(H;if@8bG^L5fn(%vys6f(xolo>1mcdd@QK
zUDJ6d?dCv6ZuvtIZSWC}S_-g~!!1s`yrP4U=1=YCY!WgVqfu6mA3_4Z9NH?q3&QE|
zQPRK9m#az;CX5%4W2sS=#;agWct`y>R`|5S>N|NcDVz1l^@6_SI+}RuI!pw~E~KzD
zs&0kY11UgJO^Y0(7P+gwR(!sFist=k5#uYr{*Z8fHvvmeh0QSUKEmD`1oo?V&83zb
zGm?@_!vQ(t0(Y`&i<d&6C-+1^XWEC+I14%<VfyviDfS!2ch-V|m?CTo3O|TkR!Ou!
zW>Z@&mxqN3?QxqJoi~15;aiTorQ*Y5V_jIBUFxq$-~tgSHF)x$M(c$6_-MNZstq{e
zv+>h7DYnjS^mF<zes*7HnIq~5{LJ5-KF#IAPYeLi>hD(bz~jOCcBtQaySQoMdWLP#
zYB}FiM9uNXk)kFEz-7O!FccIWt%Px>ti~+7W7m|M2WTyGwTL2v@58}%i?a>8L~9Jb
z#{R>BxNx5~DBed(UNPa#YpuH-q|VbJ_02u5ls_E}arQ4xhci72ZAYGO7Z;scBeBMI
zsqVbMTOkVJ!bdX!*NO<@kE&GaXW1Wa)~h>ka6d}q8JHm@cnqZpt8;|X`U;v#+ICXB
zaC^3^AR4K552Ip_MwfmunP*$x!1H0x)yGjwb^}@Vd(#hZP0b}$vv$VL)n3-e)lA~G
zErvOwl$%>u0y!a(%~zii;Bh`f{0F7%wi3%5Ep|!xKD(VluV0s<Yc582miH_zS?}oI
z)j7QOD)?j9kxoK5#>vL^^A(YQG^J8rrDEp|HFt5n@@d4&eHK<-@Xb5=ZW<|d5-Ii7
zV)FvYu~rNh?Swz_%X8Wv#p~VFzP2%bto*k6!&UO@WN_<Bn6l;4x}behd&WzSUphMe
zM4>qSRtB5Wqn;cula)*vg3a|ZZaOhtVtF^rYUNWwYcW}56oAPiW(~F!SCp%KjYmHs
zQ^m{Z9$nNnp`1{WHb9`}iVHX(W5HK?S{1$^^d-~>2GM*&=@}6I#f+Bk;c+Ku#>4KD
zkIdC3=yp|{bAWf@zqAnP#drN<No>K<eZKu2&Tdl);i2If_6{Y}=aSHP8VhyC0$}X_
zBXY&^9&5?J(L{f@SR7mU&OTtH!)X1i5m#VlyG>lkl!o@*##V>=n-rseLQN{<!-NKd
z^GZiGQqs9nThh|fHx)ODc-r`cnp%nE6_uj{&RrtE$tu3MZ#XvA-dGs@=M&IMR5-_P
zwzhWSu>D?$<>X%uvHnyYh7WR*-Fx=<;l2|lRj{8p#rptSy~`Ux`Hza$NQWb40KWfO
zY2PgGRgAp=n?fEnWv2sryKD)FYG;}&#<z%4T_@(BT=66F+1?KofaXusU=`HwM4Wk7
z(wMw-$_%<yMMqc=jHhKkbCqA=G}O^a#rg_k3$&RbwPMWm`~Ww0aqw)<BoJK2#s97y
zWt!yty@EgYW@N5x>A&~jpyOUTq9>w@Q)$5}_~J-|qe(B?u&{p2(UW~;(zJTXHHla$
zc!bQV#sc);$GlW&USZp!I_TDjsvveMPcusnDXFFD3J}lq42R*|cdM3r-7ekyrc03h
zkLWe5l-gu&JjaNqVD$U;i>+*AWrV+o#T(Yi7VkOlh@zvvil4r0i+>^CCRk(xm|ZrB
zyJ;Wp><K#oXKoyC$tLc(#(rAe1!yt-o#i^Z&B#TC`as$tMsVBqweoyBpju6m5#}-?
zS0ak5A4QqEHvgVU!`S%)vO31SYRb{IPvXcG{cVH56nkKKl<wZK`jLaJR+oroK=1QW
zAc7}2rS%A%Is0pzzikfb(=K_#fS-B4un{AIdBnD7&Dbe1M5BS{QSlkOPS4LZV{i`k
z7~v3ZkE_1RMDDM*k2pBZI$WT~PldOI$u#%IUw#h}U5nhHbvouL32_FWQwkAv{Q^Y|
zz~hjflGgr~K1@jz0@B3B#>SqW9w3Fuu`tNjr){gUOWY$+=iYS_b!ZpkVy{c*dxq|7
zJ|K7r$?whYnx~5)`Y)K8WpmEtU_{-NhGsx{2_S{9fKT*n_S;WEf@h`gKRlfd;d%@K
z_7nda?aXbZot>6|8XvF$&RnAx^?x7;?z&pF@k@9(>6)E4Dg~sz8$zIjsKTeug^!Qo
zYXaWnRGX~4CIS9+hnYBeH_vR&1cF-K%JrNZIc8ewpYFPruP?n+civX*CVz|L6OL8u
zyn?+M4Kq$)b^yMwpV7ljnk!7!D`{pNSqZ`291#WTOqLQ=Z?g{EIUaX6xq}Edd&~=W
zQmiKxeOR3PBkj_F6e9r0cm)Q%!o`i4=Iq#kvtOc)wfM*rvd=%0#vAK=&XKL&X?Cf$
zdCfvGfVxhgQrtZGVzk!_J8oEEaDiH&!k($}gQ%BF>4R}Xx)10zApXVZFLZ=L`MFk_
zG{%Iuu$Tp*6ALH;=Sf9C0M~A&PnX?|dgsv%vODINhMI2xulCBtvsGBsUBU6g$HrBb
zho5(s?O#3?Pg+{BsuliH33(}B!4u>tz5BkX2*%r=2aOHE;<2xsbM6xy>!i*p&Jrrg
zsBpv+a4``z8>7;loZkKGQvT*Jr9Z;h&&kwc)O8#jveEd{#f*QdZtBYy(F;_wCZeIk
z<)+t5deRNg{tjLp-H9dGtEexu(2sYj$!;`bSY3~qj(i&nJ9r&UZQO}i(DX$ziAc$9
z*7K?MmS?fZR{d6v--?v588*ONLnw^(baQzLu%Y(9WI;ZJ9edGVXXH}70B0g!<=@=V
z`oL;uwr~1=azv<dLQH;2(f4bnv)Ya+e{OWG{$V$RDF=?eu5}cGa=+r{AZy^vx~=a5
z$~&(XY=8rio>fYa)nCw{3=CTG571|^jeAZWAiF(C|K}?edX!;kv5Ba_no+vTxKr-%
zC&}*|n917fKb(iu#I>Re5}|e5<k`L+PlDBLNOVYkXo#zg%uU4V?5C*-(AQJ#jtc2^
zz557#edWJuPiNcP^zYu?X|q-a@6BOnF@*%b%)9S7V5kPd$Qs}ZrbHO;+DzW(CYQer
z><`J>uq*K9ajWF&+s%h-3&_nSX9c<~Myw~Z%|_$)`12hVl60AW7v4z$^&XNw8uNV-
zI<}&{uGhSgv|UY7rAJOC9GN=?wDe;ACyhDL70Ru)V(iPRqMLDg`rj{8p?1h$Q`c=x
zH?z&tUf^2u9UC__0oxELs)Ydl8HrwmPmJ?ot8<)HXhI1r7Qz<sW~E7!^cd!SHnrkD
zbZ%q4(0A5D0>Cq$8Tc6pL}Ya^@Zj<K#`3}t|9+4D3%Y917!j6YGx-hy^wDHwpmVAT
z&>y$Ai<y`veO`0CjgzJoUwzVfL-F!;=^svM^R@gSq<=F&3}w0J#`EAU$CQG{MMA9A
zx8p^J6}Dy-WU;*6w^{Z9b<eLxk6v~@dUbW|H9EqJ%|dAc0bB9*_IDwVx8F9BwO_BC
z&B~u$r&1}0ykAjmL;*HIRVY8t)Vr=yQVMSs<{-<B3`uNwPz%C=R>e1z$w`S@B24Db
z?>D!3pXNe7`Rz3WZ@qEQ@##Q{iX_NSuvq^OS8jN(c{i=q(?tEdBPl1UaHw?*ym%io
z?1m)2t{J?MqZYSZ2|w6q?>e6fes!H(nf@Qp1$QvlZCUjNWdq&>-=CO`(pX^Pwrl`>
z($^AuD?~Gff8Vs1n`~%i_1x?^=PEo;i}bvfNkW@T%s7JS8+kMi5J&b5`3n6^JqQI0
z66|QqW^{12Yw2oQGCYm%OXtdtBDKl+N&SfFKNtWp)_W`ljKa()UP}ol@M)wOPr9Q?
z1@vWJ9^VIryvGKqbReM4y%3o!w(G;M%>%ug2xbg*LSMGJy{3Na^b%?@dTtzidBE_`
zGG5|87sPHrwSl78bQ2-`pM%v29tqd+7*-{XIRfbNOH8r~JoUnz$Oqs9>Le+^Z>AL0
zgMQvmk~{cWwf%DRh!k_?#5Z@l(vl%*f}wb5=4fiVfhidGF{$;#2RFcI7vQIwTBy99
zlxj{XWdgpZtE$;hsuW0OmC+H$?uiFq)C{#tkz5NvCR+P>6o1Mj^{3Nj{oY61n2?L~
zc<Kf3KO}_QP<Qy%?%xs&(7NEe4?!si32{<N>PL4r>mMhlXr=xzqS@p*e7S6h4W1&E
z4zRl2`IWI1*}jW@{B+iJKlx?K&%7)6Ye&cH#ytQA0!f+0_WPX<Ow}_<Q&D0tMRXI6
z){TWDkr0POoJmM}4v6<%cC@Yi%b}wTZwtb<?Vm61p{_f;J^utkLp1mi+tXd@^7Qg;
zVhsNeD75xA_NfBW=}LzV?_qq@t2q=~rs#t)rZQOiWsK6{5@#`cd`0(=ZbL22z8_D>
z!ADQKKxZ(%^c{|;VNNrTA}i)s!VLn^5fg#J>~NGcF|a;YI4^BB!p;J%DFyQ0#rH3B
z(Fp=mjnR3Dvv3|q%tgr0s&%D{N2>n$`T5h+)0>;N!**{~i6Ii!G<ZI7sWF#Pj@&L(
zh>wp?RCI*rrIGUv8!1i#5@tZL(P;_0-(=Owy+()4h~vk%2D<*kjH{2fd7FP|Tvhv_
zHd&-kH(v)rS_{S;Ts(gmv@fWZZ_#I&<6U2!aLHCBW%uFst?GpRHcS)6ZLj-Q@rM?W
zzb|;d?-Wn533=QL3BJEMTUc0_3VFN$z=l&S&2*wQ6g;#DPla<JuS{FwOo1b_1ScOS
z1;BTM?hYye+by67R62UR(y?>>hOO5#xeU2Rc>9|z7fJJ@Z+DA(L{$h!o5(NO2V8C#
zuq~N-`}XknQaL@#-O>8Yy}0_uVb?=*<rF>q^=5oc1FnY*^O4>g=};~20(aOz{a`>A
zd0W?ASBUM@<c}_UiwD1~*Tb|#LnFx7Pq+Tt)0vdKr=0kPef-{L64)-TP8v@Ij?`T(
z(6^0gDoT$ZKCPB;_fppYsgdg_OA|YuDUw%<K+53U!6nc=5EByv+5zd$t%7`<oB%Y!
z_3829@73?agM%=gf5PFrfc@#>e^EDjfu8`FVA$zmcjA&52o%GnkP&Mdc$RE(2GhlP
zYIC`hrlCA6V2isRokY$UJB=f58J}{Se7Y`l`S}h0d=5t77%q4Dtqf%)0soq&GYb{}
z1M40iTF(%uFn^7}0QoakHV!chCNr)DAuP^Tu~;Ir7uPVCB4vNgDP+el_)6iLwISlB
z&g>q8!8~kkAk%P8Z2+R&+rulWyZ&_kJ=o>i_CjLKL;6wawNLL;h%{x;UhnwF>Z*FD
zKiNkng^b_p#`Y{jzTEzp@cBOYuqFZv{Id4J@}U>>yx!8nk2EPM=@ea@Vn39QfPmoY
z&mX?Myti+Ok55j9=sitk-b_hcj1MGG<aPj5kOsSIlxv7eX-xa+46SDN$LN%LvZvpS
ze30*z6P;<2*8-FkzCQC0>&LqbOP8-HDxdlq<7PJ9KoRLr`zeq6OCMblOLJ;ub=W{a
zl4QSqD9vD_Cpugycu#z7BTxpGo>B&~-Wu5nLrZ<mg^?i$geSdU4cIFHV4fz?a-3Xq
z2?9EaVPaM6YMqMe1XUo(Lk}C=76;^T<wk&&*=0y)zf55miv^zP@57r*6g3_*w(R(w
zeYsKtz!=+os~}3Hs`N&K>xutRP*Ihk-h9uUdCmd*`wPqT9T8?$+)xL?HMWPrp2lL5
zB#}I4=fNZG*A{mtUGw)_e}5HP7E*IYpInc-zW00Qs_ns^t_F*!A^%GZW=tPx*j&d!
zRp$TJ>iPpR^tvw^-wyuk@=|c2sRH<E6{$QfN>kI=v1Mw=hD#j-LX+QwV%4~n26b{S
zG(ArbE(_WZks1PTy8K*!E$=ywB0f%^er*$dBD8eAy}w%Go;WBKj?W(YGUYbxJHKiw
z(v2P|Od8h+rlpN)GnoSPBU!|e`=2>r8mCf^(tgMJOau#`0V6bPHX9ma)H+e1TSS_6
z36L~7`39`>x|2G3Q7+a%2<7d*W2~rs2hP?sq{xRyh^-PQJ<J80f|?|sAK3{-V7M4!
zD8ihCh@GK<YcN$59*uDs{QadHM(<xp^RT*aCmkjOiv3u~0~d{#Ge&*iowPk|KQ`Z6
zbstgx;P0aUk7%%VFG&f5HXWNRDo}aDERzN2$n`aa_kw>lUnRVCx%yaHxSYDu)j61w
zIJVX4cd^SOX<L4JIj1cUsi~>?fiKo~5m|`wtL+d0ImLFWwPCN3JrK-S%bt@kZy)X%
z5Bm$cdNw|DcNYjs8$naN0mL$ns{Ag9T819xN<WTMG!NLDW=yT%R-sC(rL^T{o<F}9
z-n^Et2oXD~zhkClfgr{giPI@~%tP5lG7|{EVMU73H2%ms9N6gHSfTyEStZVWGdB}O
zpPWRtljI7I&vx`iFLE4^Kn^=<ja7&$qAK+LqH=3eM9aB$DiZy{R>=g5)5|E0hvFk5
zs)^KoW=;{fH`P%enJiYi7f00|G?_UdqNcXjT;k}U{1Ov(0ZnM4Kl{|{{1MscE?kTK
z-l7r$#!^7!E2SrIa-fEC<95}O(zM|MNC!GY5QJ1h+Y5bUL`l|`{9^#bd`elztaSMG
zVVNhpBR9VQQb2%=)-W{@IZ6;?w*gDxK@-4-dFrTe4y*U$)=$mz|9P2e!#w6`yRmUt
zcs_;KPN8&9`mlq5Z!cEp|KTi3gMxV%f`|kohF_pOk^Zh#FqY#dx_x7*2I)Hw+hDn&
z)ZrJ6H=(H){!G#&QAVDCweU8Pg_M?ZFz+n$HPHeA5i%7JbqSN4?q>fzOWrrZ{+#%T
z(LqPW%Tvtb8$uH{qymk`;L*x2F}mDtMzJtY#^(*DODujyX?_-C42}0bD~lNlUTfjT
zB=C?F?(F&4pZsX~+r-JQ1x)+pI62!SJoekn&#6S}E6u>ZsP#V1fma2&t(w1I9oPI=
z{x$r)z-An1-sNbFgB>uE;CShH%M9uy=H$bBOW}NplA_xJvLhLXhS7!k6)fd#@jGml
zpg)(FKpRisbG5n@*-n4v2Q07ebPgZ-c$5AP-F@}!)|sFaxuwh}P)a~H%Y5}NS8T~F
zuzltBY~^!>Yg4i<sq7n)$Z<$Oc6?aqPVRFU3Q8@lHCi1S9$M+?`4}(hHWxloG#re@
z#BA^WV9nia-S|U+S~QUuk%Ezh%_Ic0dKL3z-a%1E2T;kaX>8b*;C9uqrX2jF9KF*-
z&9S}+R!qJ{G^IYz7YJ3v{y2?9$?Ggaf}p*@ZZZ*+sfGoH{!J@aVtEHMU$IOf4O9p0
zUbfReykD=LFXt`Wui(UjMDoD>jn}6qT#C|n1yF&m#{)r%@`2oFm5H3Clw*yMKi`&o
zo{enxHJk*UycUe)!;@$Y-oUl8?zxQ#xrxz0>6XeG12kQFbq;N)TPAPPtmC_BYq_@H
z-;7y3@_#RpzD<|5nT1g=PILl!lU(+?lP$Ip6J&AKeY1YRB3k%#zqdi`+?Ur|+eK>*
z{?m0e*&p-WT$t#SG&wRw{bc?bq1EKmH%Uqd`?L-<YpRBmQ1RGb4}Y)M9;RXPIY>uQ
zCraN+Z~U_KKA$FZT?r_6NFnCw>-qcXTQ{F02V}87LLpdaPEqGp4{O1%j$d(UXlXUk
zAN~3j2;|%yGx`<zy{8HC|9HQ;<Jn`DD7jcA@qOb>u=)!NONnMkn9ZxM2O<1Mz4elQ
zs%_<vOXbh}Z-5k@aYixsU-Q*K5GlUC4N;wi@xW!c4g;<O1_eD2yZJ*~;Fq&OY8vUA
zb=1~rR~w?2Zf;TVw%&Y+fV6lWLOeNw@+ryd{7r)HSc}5TwRU4Efo%^)HP1cyprxDM
zg-e0ozEVEgt=({*A?=-pV2!3@lyOd!&_hknPKZRw&$B-v7tO34gr1EAD23eZi=;S^
zxWZKe6wXdX9X9fnCiRi7`=zH(*FeRp-%gZ@JKpMp`s5y}w{EsjPWU(Jns6KCWSU||
zBl3R>Hb73{L^QbHEPU!5xXNsF%srjg*Y;3^Gix|nW4?D+EnZH=<s`Ujyi6y<c~E%#
zCp~?IC*H7G;%6R`lROMcP`v$#83!mXr5<m#JaxY=z=Y}UQ<EzFJ-yF5WLm3*?GtO8
zm(-JEz$t8g_p`4a(@9qVuUrx%g?9g@zQ$6OpW&g;iX0%Z?zrJP-^c5p>YswA@=w;+
zo*%bSH@xU(YVEA$GWKXN4iyKMbheXBILDXJk6iR@_5$ICwd~etxl@z5`Vx?nzLDiW
z2L0l$(Pt>u13m03W!&Ukg5KHB%akcn;1UvS{|2t6>%yy&mxjfHCwtVMqAr`4E$UB!
zff~=Jfe8bT6NA5Z(tlSzcl~ZLKVA=%dd09Je4K-ug>fEDj)t&fuO$Kbanb*KiqTh3
zbLo2o&IlGu$^9lb>>uT^m6C#I_5{mKK7H$Y6YWr(k5>1rPrhe=X;T(A^SK8BSv;8s
zP}f1?VjbO#8r;M!54`7+cDeArXMN$ZEFb(=;?cp4!)I9-dw0O}=OPeNtC_ReNT7c|
zV<917FM2k&-#wiKiyu8pzmdIP)?(riPm5|`@atApRRi2tW-#9n^K#vLkB;m#wHE^x
z#AjPv#rN1E77~ZV>X|D|dzq?C&nUXXuf@g0#g~_t>0AHO;#?CPZKP-P@}IJ;p4<$q
z-5fwGr5Jw2c^g9tNX*D@`Y(cpTIX^FU6KzD4j8aB<evr#A66vAjV^^v|9K1)GGiUz
z{0Z^Cyo_<xiwz*BG`f!=>wzNLhI*2f?sF~PL>WmC+~8V03~nvIOY`CMk37lb07d}3
zS@W`DKvrVHMm(D5oeV|2cvdVr<Sc4QrYv0z_dj+7reWNc8i3GZYymj(ROGj~mCtGo
zHtGx6!GC1g<HGp{lIEip<!klf|3T|XVR*I=?Gwwwzkhu8S=(AJT>9+xbfx*)&uzKO
z<?myG+4ad{Q%cDPYTuJZx!rV7dA^387c!S`mn|S1|MTY$aA5rv43x>CF${Q<*ZDMW
z!Hu?&XD1SI^fqyYe~7G7($%r$-*ho!g*#q%>1Dr4tXb{d-roM`^1Z#IBfIVS`+sHw
z6LOvX3_xP@i({SF<Ur|Ur=)5AKb89bBZe*NBMNWug)Mt<gyUy(9uSV7*OuOY{1;?E
zPbCwdI{$pQUJL1}uRod7mJZr0@B_3d`Jgq?{~p`BX#ueIX;8THY~oe$1wcQ%>b%_r
zz+H?@`VJGy|5^s@xATNJp)9!5?6HQNvjPdqS7zwh|Fxb#cOL>s{C|?`QO<h6@2wfn
z<{~X)1$&$K`+tWqR0LqW|9pB}So=3IS_a?l{EJ3;IMWtk9q<E=<A8kyiu+I&w;4cL
z19zW2wP%wG%zqzBOQGzYUjMlUXXvwS>VS2`;NTz-*u{I<=Z7o%rRkLA-^~Fj&=+1q
zOZOhof5Rj1@vkxVKN)n!sp9;(%&SyoK&dRNc;R0!gtG_!vv?}NB{dxQ7is$63;e6t
z{~rVTzjN*W=Su%8&2Idu!yU-<1HNFFprEh!gU4JMV>=xI_OZZ+_N8dB2wY>=13zm3
zbOEO1^M8@z*nT&iDR!Psfiin(Yik3hMV-4fr@2F(y~qqok!uM<BD6!QdWLOg|1t}W
z|J9Ds<39AV12>A}RZRZ$?}q=6oIOw7AWnJUtNnkU@&B5$_y75U{td6r|BmPT|NGzQ
zl#a1ZdQv9CI__!5U)yB@KlXSaTl`ks6Np80aER`I@jzo>WmS0CJ~9#yJK^00902M>
z9uo#OyStIZg4Vj!mw{3WbsOg~z&`;o;3+`zobToSOggJJ0U;qPx?c>?0072wdwUW&
z%A(!d+0HJ~`;Yb>aNbzBkjU-S*U-=ah!MJl{gaa}-`{z6GZInH5=QH{SIPW{;%i0P
zSk#G3Ye)=Q-PU&M4Q;V&Wy3Q8r76vj$(i;eJf)WBJMF(mCco!C<Th&sxRt84CL^Hw
zhxE@g=MD&iqxj41@-H`1@qgut|6d3D;;Ep#rp5(`nfeyun46o6h>L2t?|RR39;1h+
zqL%<aYdt<c>F|s1cs1En%k*d3cElM;V@^X4*V+)nNmPxFaY%{-OizDucqs0%*<VxN
zDfU);bf;-M8Mr548C0-8aKr{)4Am9%Q@u1(u=?Z)GkVsAOuRu;?EAkoa${%Xo((j<
z#x#B>Ar0F^L@cT=Y-(`|>*B}b=~FVQs;f8rcgJ&=+aeT*(EjtT{%Cdtaurp_N(}q^
z`xVkmC2Mcu>i;Ij*U)<|wicAVcjwK2lYL<<^(aiCj`6Di{*5erho}dq;n(-L&*{ix
z%|DLZej;znr$@<!VL1-;5Cb|;o-W0TQ<cy#78N=&h*8^AD4Slj0ZV%IhYuf8JgEJ;
ziOm5EeG+v-qjxkWfw1z_YI6OX+VGh|znS8O!5%V2O9Nmf-ieV~{PJ^<)&?v`&n4Oa
zNk3juC2~ZeVl(*}`k?6tDZrd-4|PnBhr3qFI@Mb&h}thTn%&q*hLYsl8Z%JKHy(rG
kq24ucjd=hL8c!j%|Ie(McSRq66UqPtp00i_>zopr0AL<S0ssI2

literal 0
HcmV?d00001

diff --git a/education/windows/school-get-minecraft.md b/education/windows/school-get-minecraft.md
index 421bd5533b..d0585b4d00 100644
--- a/education/windows/school-get-minecraft.md
+++ b/education/windows/school-get-minecraft.md
@@ -16,7 +16,8 @@ author: trudyha
 
 When you sign up for a [Minecraft: Education Edition](http://education.minecraft.net) trial, or purchase a [Minecraft: Education Edition](http://education.minecraft.net) subscription. Minecraft will be added to the inventory in your Windows Store for Business, a private version of Windows Store associated with your Azure Active Directory (Azure AD) tenant. Your Store for Business is only displayed to members of your organization.
 
-> **Note**: If you don't have an Azure AD or Office 365 tenant, you can set up a free Office 365 Education subscription when you request Minecraft: Education Edition. For more information see [Office 365 Education plans and pricing](https://products.office.com/academic/compare-office-365-education-plans). 
+>[!Note]
+>If you don't have an Azure AD or Office 365 tenant, you can set up a free Office 365 Education subscription when you request Minecraft: Education Edition. For more information see [Office 365 Education plans and pricing](https://products.office.com/academic/compare-office-365-education-plans).
 
 ## Add Minecraft to your Windows Store for Business 
 
@@ -103,7 +104,7 @@ After you've finished the purchase, you can find your invoice by checking **Mine
 The **Payment Instructions** section on the first page of the invoice has information on invoice amount, due date, and how to pay with electronic funds transfer, or with a check. 
 
 
-## <a href="" id="distribute-minecraft"></a>Distribute Minecraft
+## Distribute Minecraft
 
 After Minecraft: Education Edition is added to your Windows Store for Business inventory, you have three options:
 
@@ -113,6 +114,7 @@ After Minecraft: Education Edition is added to your Windows Store for Business i
 
 Admins can also add Minecraft: Education Edition to the private store. This allows people in your organization to install the app from the private store. For more information, see [Distribute apps using your private store](https://technet.microsoft.com/itpro/windows/manage/distribute-apps-from-your-private-store). 
 
+<!---
 Here's the page you'll see for Minecraft: Education Edition licenses purchased directly through the Windows Store for Business. 
 
 ![App distribution options - individual copies](images/mc-install-for-me-teacher.png)
@@ -120,11 +122,35 @@ Here's the page you'll see for Minecraft: Education Edition licenses purchased d
 Here's the page you'll see for Minecraft: Education Edition licenses purchased through volume licensing.
 
 ![App distribution options - individual copies](images/wsfb-minecraft-vl.png)
+--->
+
+### Configure automatic subscription assignment from private store
+
+When you add an app to your private store, that app is available for anyone in your organization to install. For Minecraft: Education Edition you can decide whether or not you assign a subscription when a person installs the app from the private store, or if they will continue to use the trial version. This allows you to control which people in your organization use the trial version, and which people are assigned a full subscription. You can reassign subscriptions later. Planning how to manage your subscriptions will reduce time spent managing apps and subscriptions. By default, automatic subscription assignment is turned on. 
+
+
+**How to turn off automatic subscription assignment from private store**
+
+>[!Note]
+>The version of the Minecraft: Education Edition page in the Store for Business will be different depending on which Store for Business flight you are using. 
+
+1. Sign in to Microsoft Store for Business
+2. Click Manage.
+    
+    You'll see Minecraft: Education Edition product page.
+     
+    ![Minecraft Education Edition product page with auto assign control highlighted.](images/mcee-auto-assign-legacy.png)
+ 
+ -Or-
+ 
+    ![Minecraft Education Edition product page with auto assign control highlighted.](images/mcee-auto-assign-bd.png)
+    
+3. Slide the **Auto assign subscription** or click **Turn off auto assign subscription**.     
 
 ### Install for me
 You can install the app on your PC. This gives you a chance to test the app and know how you might help others in your organization use the app.   
 
-1. Sign in to Windows Store for Business. 
+1. Sign in to Microsoft Store for Business. 
 2. Click **Manage**, and then click **Install**.
 
     ![Minecraft Education Edition product page](images/mc-install-for-me-teacher.png)

From a050d85e5e89ef1ab250f1fc0d0af26b8ba8a5b5 Mon Sep 17 00:00:00 2001
From: jamiejdt <jamiet@microsoft.com>
Date: Thu, 30 Mar 2017 16:30:55 -0700
Subject: [PATCH 08/16] Update link from MDOP web page to newly released MDOP
 ADMX templates

---
 ...to-download-and-deploy-mdop-group-policy--admx--templates.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mdop/solutions/how-to-download-and-deploy-mdop-group-policy--admx--templates.md b/mdop/solutions/how-to-download-and-deploy-mdop-group-policy--admx--templates.md
index fa6a813093..5c94f5c77b 100644
--- a/mdop/solutions/how-to-download-and-deploy-mdop-group-policy--admx--templates.md
+++ b/mdop/solutions/how-to-download-and-deploy-mdop-group-policy--admx--templates.md
@@ -20,7 +20,7 @@ You can manage the feature settings of certain Microsoft Desktop Optimization Pa
 
 **How to download and deploy the MDOP Group Policy templates**
 
-1.  Download the MDOP Group Policy templates from <https://go.microsoft.com/fwlink/p/?LinkId=393941> .
+1.  Download the latest [MDOP Group Policy templates](https://www.microsoft.com/en-us/download/details.aspx?id=54957) 
 
 2.  Run the downloaded file to extract the template folders.
 

From 2430b71d39b8d972322b447ae180096e6f5e6805 Mon Sep 17 00:00:00 2001
From: John Tobin <v-jotob@microsoft.com>
Date: Thu, 30 Mar 2017 16:52:26 -0700
Subject: [PATCH 09/16] Fix TOC hierarchy in cred guard not-protected topic

---
 .../keep-secure/credential-guard-not-protected-scenarios.md | 6 +++---
 windows/keep-secure/credential-guard-requirements.md        | 2 +-
 windows/keep-secure/credential-guard-scripts.md             | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/windows/keep-secure/credential-guard-not-protected-scenarios.md b/windows/keep-secure/credential-guard-not-protected-scenarios.md
index 5f7dba289d..6206dbe532 100644
--- a/windows/keep-secure/credential-guard-not-protected-scenarios.md
+++ b/windows/keep-secure/credential-guard-not-protected-scenarios.md
@@ -41,7 +41,7 @@ Credential Guard can provide mitigations against attacks on derived credentials
 
 Credential theft attacks allow the attacker to steal secrets from one device and use them from another device. If a user can sign on to multiple devices then any device could be used to steal credentials. How do you ensure that users only sign on using devices that have Credential Guard enabled? By deploying authentication policies that restrict them to specific domain-joined devices that have been configured with Credential Guard. For the domain controller to know what device a user is signing on from, Kerberos armoring must be used.
 
-#### Kerberos armoring
+### Kerberos armoring
 
 Kerberos armoring is part of RFC 6113. When a device supports Kerberos armoring, its TGT is used to protect the user's proof of possession which can mitigate offline dictionary attacks. Kerberos armoring also provides the additional benefit of signed KDC errors this mitigates tampering which can result in things such as downgrade attacks. 
 
@@ -51,7 +51,7 @@ Kerberos armoring is part of RFC 6113. When a device supports Kerberos armoring,
 -   All the domain controllers in these domains must be configured to support Kerberos armoring. Set the **KDC support for claims, compound authentication, and Kerberos armoring** Group Policy setting to either **Supported** or **Always provide claims**.
 -   All the devices with Credential Guard that the users will be restricted to must be configured to support Kerberos armoring. Enable the **Kerberos client support for claims, compound authentication and Kerberos armoring** Group Policy settings under **Computer Configuration** -&gt; **Administrative Templates** -&gt; **System** -&gt; **Kerberos**.
 
-#### Protecting domain-joined device secrets
+### Protecting domain-joined device secrets
 
 Since domain-joined devices also use shared secrets for authentication, attackers can steal those secrets as well. By deploying device certificates with Credential Guard, the private key can be protected. Then authentication policies can require that users sign on devices that authenticate using those certificates. This prevents shared secrets stolen from the device to be used with stolen user credentials to sign on as the user.
 
@@ -117,7 +117,7 @@ Beginning with the Windows Server 2008 R2 domain functional level, domain contro
     .\set-IssuancePolicyToGroupLink.ps1 –IssuancePolicyName:"<name of issuance policy>" –groupOU:"<Name of OU to create>" –groupName:”<name of Universal security group to create>"
     ```
 
-#### Restricting user sign on
+### Restricting user sign on
 
 So we now have completed the following:
 
diff --git a/windows/keep-secure/credential-guard-requirements.md b/windows/keep-secure/credential-guard-requirements.md
index c2f3f0fc73..e87463063e 100644
--- a/windows/keep-secure/credential-guard-requirements.md
+++ b/windows/keep-secure/credential-guard-requirements.md
@@ -9,7 +9,7 @@ localizationpriority: high
 author: brianlic-msft
 ---
 
-# Requirements
+# Credential Guard: Requirements
 
 **Applies to**
 -   Windows 10
diff --git a/windows/keep-secure/credential-guard-scripts.md b/windows/keep-secure/credential-guard-scripts.md
index 1eca33e2e6..991d0010f2 100644
--- a/windows/keep-secure/credential-guard-scripts.md
+++ b/windows/keep-secure/credential-guard-scripts.md
@@ -205,7 +205,7 @@ write-host "There are no issuance policies which are not mapped to groups"
 > [!NOTE]  
 > If you're having trouble running this script, try replacing the single quote after the ConvertFrom-StringData parameter.
  
-### <a href="" id="bkmk-setscript"></a>Link an issuance policy to a group
+## <a href="" id="bkmk-setscript"></a>Link an issuance policy to a group
 
 Save the script file as set-IssuancePolicyToGroupLink.ps1.
 

From a293c29c2751614d3b1ab1d8af58f08bd647d596 Mon Sep 17 00:00:00 2001
From: LizRoss <lizross@microsoft.com>
Date: Fri, 31 Mar 2017 07:56:16 -0700
Subject: [PATCH 10/16] Updated version

---
 windows/keep-secure/limitations-with-wip.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/keep-secure/limitations-with-wip.md b/windows/keep-secure/limitations-with-wip.md
index 39aaeb8dc5..1a0819c919 100644
--- a/windows/keep-secure/limitations-with-wip.md
+++ b/windows/keep-secure/limitations-with-wip.md
@@ -13,7 +13,7 @@ localizationpriority: high
 # Limitations while using Windows Information Protection (WIP)
 **Applies to:**
 
--   Windows 10, version 1607
+-   Windows 10, version 1607 and later
 -   Windows 10 Mobile
 
 This table provides info about the most common problems you might encounter while running WIP in your organization.

From c7e4b0c3bc5e397cbf1fa032a3800bb8d1f9ada1 Mon Sep 17 00:00:00 2001
From: Trudy Hakala <Trudy.Hakala@microsoft.com>
Date: Fri, 31 Mar 2017 08:29:21 -0700
Subject: [PATCH 11/16] updates from review

---
 education/windows/school-get-minecraft.md | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/education/windows/school-get-minecraft.md b/education/windows/school-get-minecraft.md
index d0585b4d00..c3e50700c6 100644
--- a/education/windows/school-get-minecraft.md
+++ b/education/windows/school-get-minecraft.md
@@ -124,12 +124,11 @@ Here's the page you'll see for Minecraft: Education Edition licenses purchased t
 ![App distribution options - individual copies](images/wsfb-minecraft-vl.png)
 --->
 
-### Configure automatic subscription assignment from private store
+### Configure automatic subscription assignment
 
-When you add an app to your private store, that app is available for anyone in your organization to install. For Minecraft: Education Edition you can decide whether or not you assign a subscription when a person installs the app from the private store, or if they will continue to use the trial version. This allows you to control which people in your organization use the trial version, and which people are assigned a full subscription. You can reassign subscriptions later. Planning how to manage your subscriptions will reduce time spent managing apps and subscriptions. By default, automatic subscription assignment is turned on. 
+For Minecraft: Education Edition, you can use auto assign subscription to control whether or not you assign a subscription when a member of your organization signs in to the app. When auto assign subscription is on, people from your organization who doesn’t have a subscription will automatically get one when they sign in to Minecraft: Education Edition. When auto assign subscription is off, people from your organization will get the trial version when they sign in to Minecraft: Education Edition. This allows you to control which people use the trial version, and which people are assigned a full subscription. You can always reassign subscriptions, but planning ahead will reduce time spent managing apps and subscriptions. By default, automatic subscription assignment is turned on.
 
-
-**How to turn off automatic subscription assignment from private store**
+**How to turn off automatic subscription assignment**
 
 >[!Note]
 >The version of the Minecraft: Education Edition page in the Store for Business will be different depending on which Store for Business flight you are using. 

From a83950b53e415606fe6d1488f7d4221cd1b96db1 Mon Sep 17 00:00:00 2001
From: LizRoss <lizross@microsoft.com>
Date: Fri, 31 Mar 2017 08:30:36 -0700
Subject: [PATCH 12/16] Updated applies to

---
 windows/keep-secure/app-behavior-with-wip.md                    | 2 +-
 windows/keep-secure/create-and-verify-an-efs-dra-certificate.md | 2 +-
 windows/keep-secure/enlightened-microsoft-apps-and-wip.md       | 2 +-
 windows/keep-secure/guidance-and-best-practices-wip.md          | 2 +-
 windows/keep-secure/overview-create-wip-policy.md               | 2 +-
 windows/keep-secure/protect-enterprise-data-using-wip.md        | 2 +-
 windows/keep-secure/recommended-network-definitions-for-wip.md  | 2 +-
 windows/keep-secure/testing-scenarios-for-wip.md                | 2 +-
 windows/keep-secure/using-owa-with-wip.md                       | 2 +-
 windows/keep-secure/wip-app-enterprise-context.md               | 2 +-
 10 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/windows/keep-secure/app-behavior-with-wip.md b/windows/keep-secure/app-behavior-with-wip.md
index 1f83aad42f..cedd75618b 100644
--- a/windows/keep-secure/app-behavior-with-wip.md
+++ b/windows/keep-secure/app-behavior-with-wip.md
@@ -12,7 +12,7 @@ localizationpriority: high
 # Unenlightened and enlightened app behavior while using Windows Information Protection (WIP)
 **Applies to:**
 
-- Windows 10, version 1607
+- Windows 10, version 1607 and later
 - Windows 10 Mobile
 
 Windows Information Protection (WIP) classifies apps into two categories: enlightened and unenlightened. Enlighted apps can differentiate between corporate and personal data, correctly determining which to protect based on internal policies. Corporate data is encrypted on the managed device and attempts to copy/paste or share this information with non-corporate apps or people will fail. Unenlightened apps, when marked as corporate-managed, consider all data corporate and encrypt everything by default.
diff --git a/windows/keep-secure/create-and-verify-an-efs-dra-certificate.md b/windows/keep-secure/create-and-verify-an-efs-dra-certificate.md
index 4bd92ff06f..849a9ff772 100644
--- a/windows/keep-secure/create-and-verify-an-efs-dra-certificate.md
+++ b/windows/keep-secure/create-and-verify-an-efs-dra-certificate.md
@@ -12,7 +12,7 @@ localizationpriority: high
 # Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate
 **Applies to:**
 
--   Windows 10, version 1607
+-   Windows 10, version 1607 and later
 -   Windows 10 Mobile
 
 If you don’t already have an EFS DRA certificate, you’ll need to create and extract one from your system before you can use Windows Information Protection (WIP), formerly known as enterprise data protection (EDP), in your organization. For the purposes of this section, we’ll use the file name EFSDRA; however, this name can be replaced with anything that makes sense to you.
diff --git a/windows/keep-secure/enlightened-microsoft-apps-and-wip.md b/windows/keep-secure/enlightened-microsoft-apps-and-wip.md
index f2e1b3c91c..5555cd3892 100644
--- a/windows/keep-secure/enlightened-microsoft-apps-and-wip.md
+++ b/windows/keep-secure/enlightened-microsoft-apps-and-wip.md
@@ -15,7 +15,7 @@ localizationpriority: high
 
 **Applies to:**
 
--   Windows 10, version 1607
+-   Windows 10, version 1607 and later
 -   Windows 10 Mobile
 
 Learn the difference between enlightened and unenlightened apps, and then review the list of enlightened apps provided by Microsoft along with the text you will need to use to add them to your allowed apps list.
diff --git a/windows/keep-secure/guidance-and-best-practices-wip.md b/windows/keep-secure/guidance-and-best-practices-wip.md
index ff64be6d0f..3294599cd2 100644
--- a/windows/keep-secure/guidance-and-best-practices-wip.md
+++ b/windows/keep-secure/guidance-and-best-practices-wip.md
@@ -14,7 +14,7 @@ localizationpriority: high
 # General guidance and best practices for Windows Information Protection (WIP)
 **Applies to:**
 
--   Windows 10, version 1607
+-   Windows 10, version 1607 and later
 -   Windows 10 Mobile
 
 This section includes info about the enlightened Microsoft apps, including how to add them to your allowed apps list in Microsoft Intune. It also includes some testing scenarios that we recommend running through with Windows Information Protection (WIP).
diff --git a/windows/keep-secure/overview-create-wip-policy.md b/windows/keep-secure/overview-create-wip-policy.md
index c3ad6bf5a3..b2b23e5275 100644
--- a/windows/keep-secure/overview-create-wip-policy.md
+++ b/windows/keep-secure/overview-create-wip-policy.md
@@ -13,7 +13,7 @@ localizationpriority: high
 # Create a Windows Information Protection (WIP) policy
 **Applies to:**
 
--   Windows 10, version 1607
+-   Windows 10, version 1607 and later
 -   Windows 10 Mobile
 
 Microsoft Intune and System Center Configuration Manager helps you create and deploy your enterprise data protection (WIP) policy, including letting you choose your protected apps, your WIP-protection level, and how to find enterprise data on the network.
diff --git a/windows/keep-secure/protect-enterprise-data-using-wip.md b/windows/keep-secure/protect-enterprise-data-using-wip.md
index a37553eb2c..f1ea14dd57 100644
--- a/windows/keep-secure/protect-enterprise-data-using-wip.md
+++ b/windows/keep-secure/protect-enterprise-data-using-wip.md
@@ -14,7 +14,7 @@ localizationpriority: high
 # Protect your enterprise data using Windows Information Protection (WIP)
 **Applies to:**
 
--   Windows 10, version 1607
+-   Windows 10, version 1607 and later
 -   Windows 10 Mobile
 
 >Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
diff --git a/windows/keep-secure/recommended-network-definitions-for-wip.md b/windows/keep-secure/recommended-network-definitions-for-wip.md
index bf9a7ac22a..299a85927b 100644
--- a/windows/keep-secure/recommended-network-definitions-for-wip.md
+++ b/windows/keep-secure/recommended-network-definitions-for-wip.md
@@ -13,7 +13,7 @@ localizationpriority: high
 
 **Applies to:**
 
--   Windows 10, version 1607
+-   Windows 10, version 1607 and later
 -   Windows 10 Mobile
 
 >Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
diff --git a/windows/keep-secure/testing-scenarios-for-wip.md b/windows/keep-secure/testing-scenarios-for-wip.md
index cca0a2fa52..81e9282bd3 100644
--- a/windows/keep-secure/testing-scenarios-for-wip.md
+++ b/windows/keep-secure/testing-scenarios-for-wip.md
@@ -14,7 +14,7 @@ localizationpriority: high
 # Testing scenarios for Windows Information Protection (WIP)
 **Applies to:**
 
--   Windows 10, version 1607
+-   Windows 10, version 1607 and later
 -   Windows 10 Mobile
 
 We've come up with a list of suggested testing scenarios that you can use to test Windows Information Protection (WIP) in your company.
diff --git a/windows/keep-secure/using-owa-with-wip.md b/windows/keep-secure/using-owa-with-wip.md
index f99f10fb6f..2f19e746d1 100644
--- a/windows/keep-secure/using-owa-with-wip.md
+++ b/windows/keep-secure/using-owa-with-wip.md
@@ -12,7 +12,7 @@ localizationpriority: high
 # Using Outlook Web Access with Windows Information Protection (WIP)
 **Applies to:**
 
--   Windows 10, version 1607
+-   Windows 10, version 1607 and later
 -   Windows 10 Mobile
 
 >Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
diff --git a/windows/keep-secure/wip-app-enterprise-context.md b/windows/keep-secure/wip-app-enterprise-context.md
index b4ebd4ced4..a4af8fcc31 100644
--- a/windows/keep-secure/wip-app-enterprise-context.md
+++ b/windows/keep-secure/wip-app-enterprise-context.md
@@ -12,7 +12,7 @@ localizationpriority: high
 # Determine the Enterprise Context of an app running in Windows Information Protection (WIP)
 **Applies to:**
 
--   Windows 10, version 1607
+-   Windows 10, version 1607 and later
 -   Windows 10 Mobile
 
 >Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).

From 85937ff2f26a65cba38fbcaf3b5c9d8ef7ecc1ae Mon Sep 17 00:00:00 2001
From: LizRoss <lizross@microsoft.com>
Date: Fri, 31 Mar 2017 08:47:21 -0700
Subject: [PATCH 13/16] Updated applies to and removed pre-release text

---
 browsers/edge/available-policies.md           | 46 +++++++++----------
 .../new-group-policy-settings-for-ie11.md     |  2 +-
 ...p-command-line-options-and-return-codes.md |  2 +-
 windows/manage/cortana-at-work-crm.md         |  7 +--
 windows/manage/cortana-at-work-feedback.md    |  7 +--
 windows/manage/cortana-at-work-o365.md        |  7 +--
 windows/manage/cortana-at-work-overview.md    | 11 ++---
 .../manage/cortana-at-work-policy-settings.md |  7 +--
 windows/manage/cortana-at-work-powerbi.md     |  9 ++--
 windows/manage/cortana-at-work-scenario-1.md  |  7 +--
 windows/manage/cortana-at-work-scenario-2.md  |  7 +--
 windows/manage/cortana-at-work-scenario-3.md  |  7 +--
 windows/manage/cortana-at-work-scenario-4.md  |  7 +--
 windows/manage/cortana-at-work-scenario-5.md  |  7 +--
 windows/manage/cortana-at-work-scenario-6.md  |  7 +--
 windows/manage/cortana-at-work-scenario-7.md  |  7 +--
 .../cortana-at-work-testing-scenarios.md      |  7 +--
 .../manage/cortana-at-work-voice-commands.md  |  7 +--
 18 files changed, 58 insertions(+), 103 deletions(-)

diff --git a/browsers/edge/available-policies.md b/browsers/edge/available-policies.md
index b22ded8a4f..82d03154eb 100644
--- a/browsers/edge/available-policies.md
+++ b/browsers/edge/available-policies.md
@@ -13,8 +13,8 @@ localizationpriority: high
 
 **Applies to:**
 
-- Windows 10, Windows Insider Program 
-- Windows 10 Mobile, Windows Insider Program
+- Windows 10
+- Windows 10 Mobile
 
 > [!IMPORTANT]
 > Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
@@ -30,7 +30,7 @@ By using Group Policy and Intune, you can set up a policy setting once, and then
 Microsoft Edge works with these Group Policy settings (`Computer Configuration\Administrative Templates\Windows Components\Microsoft Edge\`) to help you manage your company's web browser configurations:
 
 ### Allow Address bar drop-down list suggestions
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Description:** This policy setting lets you decide whether the Address bar drop-down functionality is available in Microsoft Edge. We recommend disabling this setting if you want to minimize network connections from Microsoft Edge to Microsoft services.
 
@@ -51,7 +51,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you disable this setting, employees can't use Adobe Flash.
 
 ### Allow clearing browsing data on exit
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Description:** This policy setting allows the automatic clearing of browsing data when Microsoft Edge closes.
 
@@ -95,7 +95,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you disable this setting, the Microsoft Compatibility List isn’t used during browser navigation.
 
 ### Allow search engine customization
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Description:** This policy setting lets you decide whether users can change their search engine.
 
@@ -118,7 +118,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you don’t configure this setting (default), employees can choose how new tabs appears.
 
 ### Configure additional search engines
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Description:** This policy setting lets you add up to 5 additional search engines, which can't be removed by your employees, but can be made a personal default engine. This setting doesn't set the default search engine. For that, you must use the "Set default search engine" setting.
 
@@ -225,7 +225,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you disable or don’t configure this setting (default), your default Start page is the webpage specified in App settings.
 
 ### Configure the Adobe Flash Click-to-Run setting
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Description:** This policy setting lets you decide whether employees must take an action, such as clicking the content or a Click-to-Run button, before seeing content in Adobe Flash.
 
@@ -261,7 +261,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you don’t configure this setting (default), employees can choose whether to use Windows Defender SmartScreen.
 
 ### Disable lockdown of Start pages
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Description:** This policy setting lets you disable the lock down of Start pages, letting employees modify the Start pages when the "Configure Start pages" setting is in effect.
 
@@ -273,7 +273,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you disable or don't configure this setting (default), employees can't change any Start pages configured using the "Configure Start pages" setting, thereby locking down the Start pages.
 
 ### Keep favorites in sync between Internet Explorer and Microsoft Edge
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Description:** This setting lets you decide whether people can sync their favorites between Internet Explorer and Microsoft Edge.
 
@@ -309,7 +309,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you disable or don’t configure this setting (default), employees can ignore Windows Defender SmartScreen warnings and continue to the site.
 
 ### Prevent Microsoft Edge from gathering Live Tile information when pinning a site to Start
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Description:** This policy lets you decide whether Microsoft Edge can gather Live Tile metadata from the ieonline.microsoft.com service to provide a better experience while pinning a Live Tile to the Start menu.
 
@@ -318,7 +318,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you disable or don't configure this setting (default), Microsoft Edge gathers the Live Tile metadata, providing a fuller and more complete experience when a user pins a Live Tile to the Start menu.
 
 ### Prevent the First Run webpage from opening on Microsoft Edge
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Description:** This policy setting lets you decide whether employees see Microsoft's First Run webpage when opening Microsoft Edge for the first time.
 
@@ -345,7 +345,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you disable or don’t configure this setting (default), all websites, including intranet sites, are automatically opened using Microsoft Edge.
 
 ### Set default search engine
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Description:** This policy setting lets you configure the default search engine for your employees. Employees can change the default search engine at any time unless you disable the "Allow search engine customization" setting, which restricts any changes.
 
@@ -382,7 +382,7 @@ If you manage your policies using Intune, you'll want to use these MDM policy se
 All devices must be enrolled with Intune if you want to use the Windows Custom URI Policy.
 
 ### AllowAddressBarDropdown
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Supported devices:** Desktop
 
@@ -520,7 +520,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1 (default).** Allowed. Employees can use Adobe Flash.    
 
 ### AllowFlashClickToRun
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Supported devices:** Desktop|
 
@@ -554,7 +554,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1 (default).** Employees can use InPrivate browsing.
 
 ### AllowMicrosoftCompatibilityList
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Supported devices:** Both
 
@@ -605,7 +605,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.** Turns on Pop-up Blocker, stopping pop-up windows. 
 
 ### AllowSearchEngineCustomization
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Supported devices:** Both
 
@@ -657,7 +657,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.** Turns on Windows Defender SmartScreen, providing warning messages to your employees about potential phishing scams and malicious software.
 
 ### ClearBrowsingDataOnExit
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Supported devices:** Both
 
@@ -674,7 +674,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.** Browsing data is cleared on exit.
 
 ### ConfigureAdditionalSearchEngines
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Supported devices:** Both
 
@@ -691,7 +691,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.**  Additional search engines are allowed.
 
 ### DisableLockdownOfStartPages
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Supported devices:** Desktop
 
@@ -807,7 +807,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.** Employees can't access the about:flags page in Microsoft Edge.
 
 ### PreventFirstRunPage
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Supported devices:** Both
 
@@ -824,7 +824,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.** Employees don't see the First Run webpage.
 
 ### PreventLiveTileDataCollection
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Supported devices:** Both
 
@@ -909,7 +909,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.** Automatically opens all intranet sites using Internet Explorer 11.
 
 ### SetDefaultSearchEngine
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Supported devices:** Both
 
@@ -943,7 +943,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.** Shows an additional page in Microsoft Edge, stating that a site has been opened using Internet Explorer 11.
 
 ### SyncFavoritesBetweenIEAndMicrosoftEdge
-- **Supported versions:** Windows 10, Windows Insider Program
+- **Supported versions:** Windows 10, version 1703
 
 - **Supported devices:** Desktop
 
diff --git a/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md
index 149ef61a09..d672741b14 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md
@@ -25,7 +25,7 @@ Internet Explorer 11 gives you some new Group Policy settings to help you manag
 |Always send Do Not Track header |Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page |At least Internet Explorer 10 |This policy setting allows you to configure how IE sends the Do Not Track (DNT) header.<p>If you enable this policy setting, IE sends a `DNT:1` header with all HTTP and HTTPS requests. The `DNT:1` header signals to the servers not to track the user.<p>**In Internet Explorer 9 and 10:**<br>If you disable this policy setting, IE only sends the Do Not Track header if a Tracking Protection List is enabled or inPrivate Browsing mode is used.<p>**In at least IE11:**<br>If you disable this policy setting, IE only sends the Do Not Track header if inPrivate Browsing mode is used.<p>If you don't configure the policy setting, users can select the **Always send Do Not Track header** option on the **Advanced* tab of the **Internet Options** dialog box. By selecting this option, IE sends a `DNT:1` header with all HTTP and HTTPS requests; unless the user grants a site-specific exception, in which case IE sends a `DNT:0` header. By default, this option is enabled. |
 |Don't run antimalware programs against ActiveX controls<br>(Internet, Restricted Zones) |<ul><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone</li></ul> |IE11 on Windows 10 |This policy setting determines whether IE runs antimalware programs against ActiveX controls, to check if they're safe to load on pages.<p>If you enable this policy setting, IE won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control.<p>If you disable this policy setting, IE always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control.<p>If you don't configure this policy setting, IE always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using the Internet Explorer's **Security** settings. |
 |Don't run antimalware programs against ActiveX controls<br>(Intranet, Trusted, Local Machine Zones) |<ul><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone</li></ul> |IE11 on Windows 10 |This policy setting determines whether IE runs antimalware programs against ActiveX controls, to check if they're safe to load on pages.<p>If you enable this policy setting, IE won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control.<p>If you disable this policy setting, IE always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control.<p>If you don't configure this policy setting, IE won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using Internet Explorer's **Security** settings. |
-|Hide the button (next to the New Tab button) that opens Microsoft Edge |User Configuration\Administrative Templates\Windows Components/Internet Explorer\Internet Settings\Advanced Settings\Browsing\ |IE11 on Windows 10, Windows Insider Program |This policy setting lets you decide whether employees can see the open Microsoft Edge button, which appears next to the New Tab button.<p>If you enable this policy setting, the button to open Microsoft Edge from Internet Explorer will be hidden.<p>If you disable this policy setting, the button to open Microsoft Edge from Internet Explorer appears.<p>If you don't configure this policy setting, the button to open Microsoft Edge from Internet Explorer can be configured by your employees. |
+|Hide the button (next to the New Tab button) that opens Microsoft Edge |User Configuration\Administrative Templates\Windows Components/Internet Explorer\Internet Settings\Advanced Settings\Browsing\ |IE11 on Windows 10, version 1703 |This policy setting lets you decide whether employees can see the open Microsoft Edge button, which appears next to the New Tab button.<p>If you enable this policy setting, the button to open Microsoft Edge from Internet Explorer will be hidden.<p>If you disable this policy setting, the button to open Microsoft Edge from Internet Explorer appears.<p>If you don't configure this policy setting, the button to open Microsoft Edge from Internet Explorer can be configured by your employees. |
 |Let users turn on and use Enterprise Mode from the **Tools** menu |Administrative Templates\Windows Components\Internet Explorer |IE11 on Windows 10 |This policy setting lets you decide whether users can turn on Enterprise Mode for websites with compatibility issues. Optionally, this policy also lets you specify where to get reports (through post messages) about the websites for which users turn on Enterprise Mode using the **Tools** menu.<p>If you enable this policy setting, users can see and use the **Enterprise Mode** option from the **Tools** menu. If you enable this setting, but don’t specify a report location, Enterprise Mode will still be available to your users, but you won’t get any reports.<p>If you disable or don’t configure this policy setting, the menu option won’t appear and users won’t be able to turn on Enterprise Mode locally. |
 |Limit Site Discovery output by Domain |Administrative Templates\Windows Components\Internet Explorer |At least Internet Explorer 8 |This policy setting allows you to control which domains are included in the discovery function of the Internet Explorer Site Discovery Toolkit.<p>If you enable this policy setting, the Internet Explorer Site Discovery Toolkit collects data from all sites in your specified domains, configured by adding one domain per line to the included text box.<p>If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit collects data from all sites in all domains.<p>**Note:**<br>You can use this setting in conjunction with the other settings that control the Internet Explorer Site Discovery Toolkit. |
 |Limit Site Discovery output by Zone |Administrative Templates\Windows Components\Internet Explorer |At least Internet Explorer 8 |This policy setting allows you to control which zones are included in the discovery function of the Internet Explorer Site Discovery Toolkit.<p>If you enable this policy setting, the Internet Explorer Site Discovery Toolkit collects data from all specified security zones.<p>If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit collects data from all sites in all security zones.<p>To specify which zones can collect data, you must include a binary number that represents your selected zones, based on this order:<ul><li>0 – Restricted Sites zone</li><li>0 – Internet zone</li><li>0 – Trusted Sites zone</li><li>0 – Local Intranet zone</li><li>0 – Local Machine zone</li></ul><br>**Example 1:** Include only the Local Intranet zone (binary representation: 00010), based on:<br><ul><li>0 – Restricted Sites zone</li><li>0 – Internet zone</li><li>0 – Trusted Sites zone</li><li>1 – Local Intranet zone</li><li>0 – Local Machine zone</li></ul><br>**Example 2:** Include only the Restricted Sites, Trusted Sites, and Local Intranet zones (binary representation: 10110), based on:<br><ul><li>1 – Restricted Sites zone</li><li>0 – Internet zone</li><li>1 – Trusted Sites zone</li><li>1 – Local Intranet zone</li><li>1 – Local Machine zone</li></ul><p>**Note:**<br>You can use this setting in conjunction with the other settings that control the Internet Explorer Site Discovery Toolkit. |
diff --git a/browsers/internet-explorer/ie11-ieak/ie-setup-command-line-options-and-return-codes.md b/browsers/internet-explorer/ie11-ieak/ie-setup-command-line-options-and-return-codes.md
index 9bb18ee1b1..f1a75a85d0 100644
--- a/browsers/internet-explorer/ie11-ieak/ie-setup-command-line-options-and-return-codes.md
+++ b/browsers/internet-explorer/ie11-ieak/ie-setup-command-line-options-and-return-codes.md
@@ -46,7 +46,7 @@ These command-line options work with IE Setup:
 
 
 ## Windows Setup return and status codes
-Windows Setup needs to tell you whether IE successfully installed. However, because IE11wzd.exe is packaged insider your IE11setup.exe file, the return codes can’t be sent directly back to you. Instead, Setup needs to return the information (both success and failure) to the `HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\InstallInfo` registry branch.
+Windows Setup needs to tell you whether IE successfully installed. However, because IE11wzd.exe is packaged inside your IE11setup.exe file, the return codes can’t be sent directly back to you. Instead, Setup needs to return the information (both success and failure) to the `HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\InstallInfo` registry branch.
 
 |Subkey   |Data type |Value                                  |
 |---------|----------|---------------------------------------|
diff --git a/windows/manage/cortana-at-work-crm.md b/windows/manage/cortana-at-work-crm.md
index 834bde8a92..7d0df172b6 100644
--- a/windows/manage/cortana-at-work-crm.md
+++ b/windows/manage/cortana-at-work-crm.md
@@ -10,11 +10,8 @@ localizationpriority: high
 # Set up and test Cortana with Microsoft Dynamics CRM (Preview feature) in your organization
 **Applies to:**
 
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+-   Windows 10, version 1703
+-   Windows 8.1 Mobile
 
 Cortana integration is a Preview feature that's available for your test or dev environment, starting with the CRM Online 2016 Update. If you decide to use this Preview feature, you'll need to turn in on and accept the license terms. After that, your salespeople will get proactive insights from Cortana on important CRM activities, including sales leads, accounts, and opportunities; presenting the most relevant info at any given time. This can even include getting company-specific news that surfaces when the person is meeting with a representative from another company.
 
diff --git a/windows/manage/cortana-at-work-feedback.md b/windows/manage/cortana-at-work-feedback.md
index ca24c22703..0fc38d06c8 100644
--- a/windows/manage/cortana-at-work-feedback.md
+++ b/windows/manage/cortana-at-work-feedback.md
@@ -10,11 +10,8 @@ localizationpriority: high
 # Send feedback about Cortana at work back to Microsoft
 **Applies to:**
 
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+-   Windows 10, version 1703
+-   Windows 8.1 Mobile
 
 We ask that you report bugs and issues. To provide feedback, you can click the **Feedback** icon in the Cortana window. When you send this form to Microsoft it also includes troubleshooting info, in case you run into problems.
 
diff --git a/windows/manage/cortana-at-work-o365.md b/windows/manage/cortana-at-work-o365.md
index 764b5638e0..d1208f505d 100644
--- a/windows/manage/cortana-at-work-o365.md
+++ b/windows/manage/cortana-at-work-o365.md
@@ -10,11 +10,8 @@ localizationpriority: high
 # Set up and test Cortana with Office 365 in your organization
 **Applies to:**
 
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+-   Windows 10, version 1703
+-   Windows 8.1 Mobile
 
 Cortana in Windows 10 is already great at letting your employees quickly see what the day is going to look like, do meeting prep work like researching people in LinkedIn or getting documents ready, see where and when their meetings are going to be, get a sense of travel times to and from work, and even get updates from a calendar for upcoming trips.
 
diff --git a/windows/manage/cortana-at-work-overview.md b/windows/manage/cortana-at-work-overview.md
index 29a9ab3bba..6413fa1038 100644
--- a/windows/manage/cortana-at-work-overview.md
+++ b/windows/manage/cortana-at-work-overview.md
@@ -10,11 +10,8 @@ localizationpriority: high
 # Cortana integration in your business or enterprise
 **Applies to:**
 
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+-   Windows 10, version 1703 
+-   Windows 8.1 Mobile
 
 ## Who is Cortana?
 Cortana is Microsoft’s personal digital assistant, who helps busy people get things done, even while at work. 
@@ -27,7 +24,7 @@ Using Azure AD also means that you can remove an employee’s profile (for examp
 ## Where is Cortana available for use in my organization?
 You can use Cortana at work in all countries/regions where Cortana is supported for consumers. This includes the United States, United Kingdom, Canada, France, Italy, Germany, Spain, China, Japan, India, and Australia. As Cortana comes to more countries, she will also become available to enterprise customers.
 
-Cortana is available on Windows 10, Windows Insider Program and with limited functionality on Windows Phone 8.1, Windows Insider Program.
+Cortana is available on Windows 10, version 1703 and with limited functionality on Windows Phone 8.1.
 
 ## Required hardware and software
 Cortana requires the following hardware and software to successfully run the included scenario in your organization.
@@ -41,7 +38,7 @@ Cortana requires the following hardware and software to successfully run the inc
 
 |Software |Minimum version |
 |---------|------------|
-|Client operating system |<ul><li>**Desktop:** Windows 10, Windows Insider Program</li><li>**Mobile:** Windows 8.1, Windows Insider Program (with limited functionality)</li> |
+|Client operating system |<ul><li>**Desktop:** Windows 10, version 1703</li><li>**Mobile:** Windows 8.1 (with limited functionality)</li> |
 |Azure Active Directory (Azure AD) |While all employees signing into Cortana need an Azure AD account; an Azure AD premium tenant isn’t required. |
 |Additional policies (Group Policy and Mobile Device Management (MDM)) |There is a rich set of policies that can be used to manage various aspects of Cortana. Most of these policies will limit the abilities of Cortana, but won't turn Cortana off.<p>For example:<p>If you turn **Location** off, Cortana won't be able to provide location-based reminders, such as reminding you to visit the mail room when you get to work.<p>If you turn **Speech** off, your employees won't be able to use “Hello Cortana” for hands free usage or voice commands to easily ask for help. |
 |Windows Information Protection (WIP) (optional) |If you want to secure the calendar, email, and contact info provided to Cortana on a device, you can use WIP. For more info about WIP, see [Protect your enterprise data using Windows Information Protection (WIP)](../keep-secure/protect-enterprise-data-using-wip.md)<p>If you decide to use WIP, you must also have a management solution. This can be Microsoft Intune, Microsoft System Center Configuration Manager (version 1606 or later), or your current company-wide 3rd party mobile device management (MDM) solution.|
diff --git a/windows/manage/cortana-at-work-policy-settings.md b/windows/manage/cortana-at-work-policy-settings.md
index 83f10f7d3e..4534e3b0f3 100644
--- a/windows/manage/cortana-at-work-policy-settings.md
+++ b/windows/manage/cortana-at-work-policy-settings.md
@@ -10,11 +10,8 @@ localizationpriority: high
 # Use Group Policy and mobile device management (MDM) settings to configure Cortana in your organization
 **Applies to:**
 
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+-   Windows 10, version 1703 
+-   Windows 8.1 Mobile
 
 >[!NOTE]
 >For specific info about how to set, manage, and use each of these MDM policies to configure Cortana in your enterprise, see the [Policy CSP](http://go.microsoft.com/fwlink/p/?LinkId=717380) topic, located in the configuration service provider reference topics. For specific info about how to set, manage, and use each of these Group Policies to configure Cortana in your enterprise, see the [Group Policy TechCenter](http://go.microsoft.com/fwlink/p/?LinkId=717381).
diff --git a/windows/manage/cortana-at-work-powerbi.md b/windows/manage/cortana-at-work-powerbi.md
index 979cde3b57..df2e6e3abb 100644
--- a/windows/manage/cortana-at-work-powerbi.md
+++ b/windows/manage/cortana-at-work-powerbi.md
@@ -10,11 +10,8 @@ localizationpriority: high
 # Set up and test Cortana for Power BI in your organization
 **Applies to:**
 
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+-   Windows 10, version 1703 
+-   Windows 8.1 Mobile
 
 Integration between Cortana and Power BI shows how Cortana can work with custom business analytics solutions to enable you to get answers directly from your key business data, including introducing new features that let you create custom Cortana “answers” using the full capabilities of Power BI Desktop.
 
@@ -24,7 +21,7 @@ Integration between Cortana and Power BI shows how Cortana can work with custom
 ## Before you begin
 To use this walkthrough, you’ll need:
 
-- **Windows 10**. You’ll need to be running at least Windows 10 with the latest version from the Windows Insider Program.
+- **Windows 10**. You’ll need to be running at least Windows 10, version 1703.
 
 - **Cortana**. You need to have Cortana turned on and be logged into your account.
 
diff --git a/windows/manage/cortana-at-work-scenario-1.md b/windows/manage/cortana-at-work-scenario-1.md
index 4a9714a455..37a9f30d6b 100644
--- a/windows/manage/cortana-at-work-scenario-1.md
+++ b/windows/manage/cortana-at-work-scenario-1.md
@@ -9,11 +9,8 @@ localizationpriority: high
 
 # Test scenario 1 - Sign-in to Azure AD and use Cortana to manage the notebook
 
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+-   Windows 10, version 1703 
+-   Windows 8.1 Mobile
 
 >[!IMPORTANT]
 >The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering.
diff --git a/windows/manage/cortana-at-work-scenario-2.md b/windows/manage/cortana-at-work-scenario-2.md
index fb7b00d578..edba19cade 100644
--- a/windows/manage/cortana-at-work-scenario-2.md
+++ b/windows/manage/cortana-at-work-scenario-2.md
@@ -9,11 +9,8 @@ localizationpriority: high
 
 # Test scenario 2 - Perform a quick search with Cortana at work
 
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+-   Windows 10, version 1703 
+-   Windows 8.1 Mobile
 
 >[!IMPORTANT]
 >The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering.
diff --git a/windows/manage/cortana-at-work-scenario-3.md b/windows/manage/cortana-at-work-scenario-3.md
index 89610c7093..b05a07e218 100644
--- a/windows/manage/cortana-at-work-scenario-3.md
+++ b/windows/manage/cortana-at-work-scenario-3.md
@@ -9,11 +9,8 @@ localizationpriority: high
 
 # Test scenario 3 - Set a reminder for a specific location using Cortana at work
 
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+-   Windows 10, version 1703 
+-   Windows 8.1 Mobile
 
 >[!IMPORTANT]
 >The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering.
diff --git a/windows/manage/cortana-at-work-scenario-4.md b/windows/manage/cortana-at-work-scenario-4.md
index 56f1f6af66..8c6b8b382c 100644
--- a/windows/manage/cortana-at-work-scenario-4.md
+++ b/windows/manage/cortana-at-work-scenario-4.md
@@ -9,11 +9,8 @@ localizationpriority: high
 
 # Test scenario 4 - Use Cortana at work to find your upcoming meetings
 
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+-   Windows 10, version 1703 
+-   Windows 8.1 Mobile
 
 >[!IMPORTANT]
 >The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering.
diff --git a/windows/manage/cortana-at-work-scenario-5.md b/windows/manage/cortana-at-work-scenario-5.md
index 8373a4f4c2..ca191d7196 100644
--- a/windows/manage/cortana-at-work-scenario-5.md
+++ b/windows/manage/cortana-at-work-scenario-5.md
@@ -9,11 +9,8 @@ localizationpriority: high
 
 # Test scenario 5 - Use Cortana to send email to a co-worker
 
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+-   Windows 10, version 1703 
+-   Windows 8.1 Mobile
 
 >[!IMPORTANT]
 >The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering.
diff --git a/windows/manage/cortana-at-work-scenario-6.md b/windows/manage/cortana-at-work-scenario-6.md
index 2ad1c7cb5c..7e3fe67103 100644
--- a/windows/manage/cortana-at-work-scenario-6.md
+++ b/windows/manage/cortana-at-work-scenario-6.md
@@ -10,11 +10,8 @@ localizationpriority: high
 
 # Test scenario 6 - Review a reminder suggested by Cortana based on what you’ve promised in email
 
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+-   Windows 10, version 1703 
+-   Windows 8.1 Mobile
 
 >[!IMPORTANT]
 >The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering. For more info, see the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement) and the [Microsoft Services Agreement](https://www.microsoft.com/en-us/servicesagreement).
diff --git a/windows/manage/cortana-at-work-scenario-7.md b/windows/manage/cortana-at-work-scenario-7.md
index e8d6cfd3ff..533cf8b286 100644
--- a/windows/manage/cortana-at-work-scenario-7.md
+++ b/windows/manage/cortana-at-work-scenario-7.md
@@ -10,11 +10,8 @@ localizationpriority: high
 
 # Test scenario 7 - Use Cortana and Windows Information Protection (WIP) to help protect your organization’s data on a device
 
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+-   Windows 10, version 1703 
+-   Windows 8.1 Mobile
 
 >[!IMPORTANT]
 >The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering.
diff --git a/windows/manage/cortana-at-work-testing-scenarios.md b/windows/manage/cortana-at-work-testing-scenarios.md
index 9f97783bca..6150e23507 100644
--- a/windows/manage/cortana-at-work-testing-scenarios.md
+++ b/windows/manage/cortana-at-work-testing-scenarios.md
@@ -10,11 +10,8 @@ localizationpriority: high
 # Testing scenarios using Cortana in your business or organization
 **Applies to:**
 
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+-   Windows 10, version 1703 
+-   Windows 8.1 Mobile
 
 We've come up with a list of suggested testing scenarios that you can use to test Cortana in your organization. After you complete all the scenarios, you should be able to:
 
diff --git a/windows/manage/cortana-at-work-voice-commands.md b/windows/manage/cortana-at-work-voice-commands.md
index 2e2743fa61..828d58e38d 100644
--- a/windows/manage/cortana-at-work-voice-commands.md
+++ b/windows/manage/cortana-at-work-voice-commands.md
@@ -10,11 +10,8 @@ localizationpriority: high
 # Set up and test custom voice commands in Cortana for your organization
 **Applies to:**
 
--   Windows 10, Windows Insider Program 
--   Windows 10 Mobile, Windows Insider Program
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+-   Windows 10, version 1703 
+-   Windows 8.1 Mobile
 
 Working with a developer, you can create voice commands that use Cortana to perform voice-enabled actions in your line-of-business (LOB) Universal Windows Platform (UWP) apps. These voice-enabled actions can reduce the time necessary to access your apps and to complete simple actions.
 

From ec34f3739b94799f818c0fee182fdf1c1b26daea Mon Sep 17 00:00:00 2001
From: Trudy Hakala <Trudy.Hakala@microsoft.com>
Date: Fri, 31 Mar 2017 08:49:39 -0700
Subject: [PATCH 14/16] typo

---
 education/windows/school-get-minecraft.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/education/windows/school-get-minecraft.md b/education/windows/school-get-minecraft.md
index c3e50700c6..b065ab2c96 100644
--- a/education/windows/school-get-minecraft.md
+++ b/education/windows/school-get-minecraft.md
@@ -126,7 +126,7 @@ Here's the page you'll see for Minecraft: Education Edition licenses purchased t
 
 ### Configure automatic subscription assignment
 
-For Minecraft: Education Edition, you can use auto assign subscription to control whether or not you assign a subscription when a member of your organization signs in to the app. When auto assign subscription is on, people from your organization who doesn’t have a subscription will automatically get one when they sign in to Minecraft: Education Edition. When auto assign subscription is off, people from your organization will get the trial version when they sign in to Minecraft: Education Edition. This allows you to control which people use the trial version, and which people are assigned a full subscription. You can always reassign subscriptions, but planning ahead will reduce time spent managing apps and subscriptions. By default, automatic subscription assignment is turned on.
+For Minecraft: Education Edition, you can use auto assign subscription to control whether or not you assign a subscription when a member of your organization signs in to the app. When auto assign subscription is on, people from your organization who don’t have a subscription will automatically get one when they sign in to Minecraft: Education Edition. When auto assign subscription is off, people from your organization will get the trial version when they sign in to Minecraft: Education Edition. This allows you to control which people use the trial version, and which people are assigned a full subscription. You can always reassign subscriptions, but planning ahead will reduce time spent managing apps and subscriptions. By default, automatic subscription assignment is turned on.
 
 **How to turn off automatic subscription assignment**
 

From af0ceb24ca5379fa9a6c4ef94b673dd5bd73ed41 Mon Sep 17 00:00:00 2001
From: LizRoss <lizross@microsoft.com>
Date: Fri, 31 Mar 2017 09:07:45 -0700
Subject: [PATCH 15/16] Revert "Updated applies to and removed pre-release
 text"

This reverts commit 85937ff2f26a65cba38fbcaf3b5c9d8ef7ecc1ae.
---
 browsers/edge/available-policies.md           | 46 +++++++++----------
 .../new-group-policy-settings-for-ie11.md     |  2 +-
 ...p-command-line-options-and-return-codes.md |  2 +-
 windows/manage/cortana-at-work-crm.md         |  7 ++-
 windows/manage/cortana-at-work-feedback.md    |  7 ++-
 windows/manage/cortana-at-work-o365.md        |  7 ++-
 windows/manage/cortana-at-work-overview.md    | 11 +++--
 .../manage/cortana-at-work-policy-settings.md |  7 ++-
 windows/manage/cortana-at-work-powerbi.md     |  9 ++--
 windows/manage/cortana-at-work-scenario-1.md  |  7 ++-
 windows/manage/cortana-at-work-scenario-2.md  |  7 ++-
 windows/manage/cortana-at-work-scenario-3.md  |  7 ++-
 windows/manage/cortana-at-work-scenario-4.md  |  7 ++-
 windows/manage/cortana-at-work-scenario-5.md  |  7 ++-
 windows/manage/cortana-at-work-scenario-6.md  |  7 ++-
 windows/manage/cortana-at-work-scenario-7.md  |  7 ++-
 .../cortana-at-work-testing-scenarios.md      |  7 ++-
 .../manage/cortana-at-work-voice-commands.md  |  7 ++-
 18 files changed, 103 insertions(+), 58 deletions(-)

diff --git a/browsers/edge/available-policies.md b/browsers/edge/available-policies.md
index 82d03154eb..b22ded8a4f 100644
--- a/browsers/edge/available-policies.md
+++ b/browsers/edge/available-policies.md
@@ -13,8 +13,8 @@ localizationpriority: high
 
 **Applies to:**
 
-- Windows 10
-- Windows 10 Mobile
+- Windows 10, Windows Insider Program 
+- Windows 10 Mobile, Windows Insider Program
 
 > [!IMPORTANT]
 > Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
@@ -30,7 +30,7 @@ By using Group Policy and Intune, you can set up a policy setting once, and then
 Microsoft Edge works with these Group Policy settings (`Computer Configuration\Administrative Templates\Windows Components\Microsoft Edge\`) to help you manage your company's web browser configurations:
 
 ### Allow Address bar drop-down list suggestions
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Description:** This policy setting lets you decide whether the Address bar drop-down functionality is available in Microsoft Edge. We recommend disabling this setting if you want to minimize network connections from Microsoft Edge to Microsoft services.
 
@@ -51,7 +51,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you disable this setting, employees can't use Adobe Flash.
 
 ### Allow clearing browsing data on exit
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Description:** This policy setting allows the automatic clearing of browsing data when Microsoft Edge closes.
 
@@ -95,7 +95,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you disable this setting, the Microsoft Compatibility List isn’t used during browser navigation.
 
 ### Allow search engine customization
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Description:** This policy setting lets you decide whether users can change their search engine.
 
@@ -118,7 +118,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you don’t configure this setting (default), employees can choose how new tabs appears.
 
 ### Configure additional search engines
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Description:** This policy setting lets you add up to 5 additional search engines, which can't be removed by your employees, but can be made a personal default engine. This setting doesn't set the default search engine. For that, you must use the "Set default search engine" setting.
 
@@ -225,7 +225,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you disable or don’t configure this setting (default), your default Start page is the webpage specified in App settings.
 
 ### Configure the Adobe Flash Click-to-Run setting
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Description:** This policy setting lets you decide whether employees must take an action, such as clicking the content or a Click-to-Run button, before seeing content in Adobe Flash.
 
@@ -261,7 +261,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you don’t configure this setting (default), employees can choose whether to use Windows Defender SmartScreen.
 
 ### Disable lockdown of Start pages
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Description:** This policy setting lets you disable the lock down of Start pages, letting employees modify the Start pages when the "Configure Start pages" setting is in effect.
 
@@ -273,7 +273,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you disable or don't configure this setting (default), employees can't change any Start pages configured using the "Configure Start pages" setting, thereby locking down the Start pages.
 
 ### Keep favorites in sync between Internet Explorer and Microsoft Edge
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Description:** This setting lets you decide whether people can sync their favorites between Internet Explorer and Microsoft Edge.
 
@@ -309,7 +309,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you disable or don’t configure this setting (default), employees can ignore Windows Defender SmartScreen warnings and continue to the site.
 
 ### Prevent Microsoft Edge from gathering Live Tile information when pinning a site to Start
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Description:** This policy lets you decide whether Microsoft Edge can gather Live Tile metadata from the ieonline.microsoft.com service to provide a better experience while pinning a Live Tile to the Start menu.
 
@@ -318,7 +318,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you disable or don't configure this setting (default), Microsoft Edge gathers the Live Tile metadata, providing a fuller and more complete experience when a user pins a Live Tile to the Start menu.
 
 ### Prevent the First Run webpage from opening on Microsoft Edge
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Description:** This policy setting lets you decide whether employees see Microsoft's First Run webpage when opening Microsoft Edge for the first time.
 
@@ -345,7 +345,7 @@ Microsoft Edge works with these Group Policy settings (`Computer Configuration\A
     - If you disable or don’t configure this setting (default), all websites, including intranet sites, are automatically opened using Microsoft Edge.
 
 ### Set default search engine
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Description:** This policy setting lets you configure the default search engine for your employees. Employees can change the default search engine at any time unless you disable the "Allow search engine customization" setting, which restricts any changes.
 
@@ -382,7 +382,7 @@ If you manage your policies using Intune, you'll want to use these MDM policy se
 All devices must be enrolled with Intune if you want to use the Windows Custom URI Policy.
 
 ### AllowAddressBarDropdown
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Supported devices:** Desktop
 
@@ -520,7 +520,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1 (default).** Allowed. Employees can use Adobe Flash.    
 
 ### AllowFlashClickToRun
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Supported devices:** Desktop|
 
@@ -554,7 +554,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1 (default).** Employees can use InPrivate browsing.
 
 ### AllowMicrosoftCompatibilityList
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Supported devices:** Both
 
@@ -605,7 +605,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.** Turns on Pop-up Blocker, stopping pop-up windows. 
 
 ### AllowSearchEngineCustomization
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Supported devices:** Both
 
@@ -657,7 +657,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.** Turns on Windows Defender SmartScreen, providing warning messages to your employees about potential phishing scams and malicious software.
 
 ### ClearBrowsingDataOnExit
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Supported devices:** Both
 
@@ -674,7 +674,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.** Browsing data is cleared on exit.
 
 ### ConfigureAdditionalSearchEngines
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Supported devices:** Both
 
@@ -691,7 +691,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.**  Additional search engines are allowed.
 
 ### DisableLockdownOfStartPages
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Supported devices:** Desktop
 
@@ -807,7 +807,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.** Employees can't access the about:flags page in Microsoft Edge.
 
 ### PreventFirstRunPage
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Supported devices:** Both
 
@@ -824,7 +824,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.** Employees don't see the First Run webpage.
 
 ### PreventLiveTileDataCollection
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Supported devices:** Both
 
@@ -909,7 +909,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.** Automatically opens all intranet sites using Internet Explorer 11.
 
 ### SetDefaultSearchEngine
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Supported devices:** Both
 
@@ -943,7 +943,7 @@ All devices must be enrolled with Intune if you want to use the Windows Custom U
         - **1.** Shows an additional page in Microsoft Edge, stating that a site has been opened using Internet Explorer 11.
 
 ### SyncFavoritesBetweenIEAndMicrosoftEdge
-- **Supported versions:** Windows 10, version 1703
+- **Supported versions:** Windows 10, Windows Insider Program
 
 - **Supported devices:** Desktop
 
diff --git a/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md
index d672741b14..149ef61a09 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/new-group-policy-settings-for-ie11.md
@@ -25,7 +25,7 @@ Internet Explorer 11 gives you some new Group Policy settings to help you manag
 |Always send Do Not Track header |Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page |At least Internet Explorer 10 |This policy setting allows you to configure how IE sends the Do Not Track (DNT) header.<p>If you enable this policy setting, IE sends a `DNT:1` header with all HTTP and HTTPS requests. The `DNT:1` header signals to the servers not to track the user.<p>**In Internet Explorer 9 and 10:**<br>If you disable this policy setting, IE only sends the Do Not Track header if a Tracking Protection List is enabled or inPrivate Browsing mode is used.<p>**In at least IE11:**<br>If you disable this policy setting, IE only sends the Do Not Track header if inPrivate Browsing mode is used.<p>If you don't configure the policy setting, users can select the **Always send Do Not Track header** option on the **Advanced* tab of the **Internet Options** dialog box. By selecting this option, IE sends a `DNT:1` header with all HTTP and HTTPS requests; unless the user grants a site-specific exception, in which case IE sends a `DNT:0` header. By default, this option is enabled. |
 |Don't run antimalware programs against ActiveX controls<br>(Internet, Restricted Zones) |<ul><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Internet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Internet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Restricted Sites Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Restricted Sites Zone</li></ul> |IE11 on Windows 10 |This policy setting determines whether IE runs antimalware programs against ActiveX controls, to check if they're safe to load on pages.<p>If you enable this policy setting, IE won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control.<p>If you disable this policy setting, IE always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control.<p>If you don't configure this policy setting, IE always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using the Internet Explorer's **Security** settings. |
 |Don't run antimalware programs against ActiveX controls<br>(Intranet, Trusted, Local Machine Zones) |<ul><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Intranet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Intranet Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Trusted Sites Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Local Machine Zone</li><li>Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Locked-Down Local Machine Zone</li></ul> |IE11 on Windows 10 |This policy setting determines whether IE runs antimalware programs against ActiveX controls, to check if they're safe to load on pages.<p>If you enable this policy setting, IE won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control.<p>If you disable this policy setting, IE always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control.<p>If you don't configure this policy setting, IE won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using Internet Explorer's **Security** settings. |
-|Hide the button (next to the New Tab button) that opens Microsoft Edge |User Configuration\Administrative Templates\Windows Components/Internet Explorer\Internet Settings\Advanced Settings\Browsing\ |IE11 on Windows 10, version 1703 |This policy setting lets you decide whether employees can see the open Microsoft Edge button, which appears next to the New Tab button.<p>If you enable this policy setting, the button to open Microsoft Edge from Internet Explorer will be hidden.<p>If you disable this policy setting, the button to open Microsoft Edge from Internet Explorer appears.<p>If you don't configure this policy setting, the button to open Microsoft Edge from Internet Explorer can be configured by your employees. |
+|Hide the button (next to the New Tab button) that opens Microsoft Edge |User Configuration\Administrative Templates\Windows Components/Internet Explorer\Internet Settings\Advanced Settings\Browsing\ |IE11 on Windows 10, Windows Insider Program |This policy setting lets you decide whether employees can see the open Microsoft Edge button, which appears next to the New Tab button.<p>If you enable this policy setting, the button to open Microsoft Edge from Internet Explorer will be hidden.<p>If you disable this policy setting, the button to open Microsoft Edge from Internet Explorer appears.<p>If you don't configure this policy setting, the button to open Microsoft Edge from Internet Explorer can be configured by your employees. |
 |Let users turn on and use Enterprise Mode from the **Tools** menu |Administrative Templates\Windows Components\Internet Explorer |IE11 on Windows 10 |This policy setting lets you decide whether users can turn on Enterprise Mode for websites with compatibility issues. Optionally, this policy also lets you specify where to get reports (through post messages) about the websites for which users turn on Enterprise Mode using the **Tools** menu.<p>If you enable this policy setting, users can see and use the **Enterprise Mode** option from the **Tools** menu. If you enable this setting, but don’t specify a report location, Enterprise Mode will still be available to your users, but you won’t get any reports.<p>If you disable or don’t configure this policy setting, the menu option won’t appear and users won’t be able to turn on Enterprise Mode locally. |
 |Limit Site Discovery output by Domain |Administrative Templates\Windows Components\Internet Explorer |At least Internet Explorer 8 |This policy setting allows you to control which domains are included in the discovery function of the Internet Explorer Site Discovery Toolkit.<p>If you enable this policy setting, the Internet Explorer Site Discovery Toolkit collects data from all sites in your specified domains, configured by adding one domain per line to the included text box.<p>If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit collects data from all sites in all domains.<p>**Note:**<br>You can use this setting in conjunction with the other settings that control the Internet Explorer Site Discovery Toolkit. |
 |Limit Site Discovery output by Zone |Administrative Templates\Windows Components\Internet Explorer |At least Internet Explorer 8 |This policy setting allows you to control which zones are included in the discovery function of the Internet Explorer Site Discovery Toolkit.<p>If you enable this policy setting, the Internet Explorer Site Discovery Toolkit collects data from all specified security zones.<p>If you disable or don’t configure this setting, the Internet Explorer Site Discovery Toolkit collects data from all sites in all security zones.<p>To specify which zones can collect data, you must include a binary number that represents your selected zones, based on this order:<ul><li>0 – Restricted Sites zone</li><li>0 – Internet zone</li><li>0 – Trusted Sites zone</li><li>0 – Local Intranet zone</li><li>0 – Local Machine zone</li></ul><br>**Example 1:** Include only the Local Intranet zone (binary representation: 00010), based on:<br><ul><li>0 – Restricted Sites zone</li><li>0 – Internet zone</li><li>0 – Trusted Sites zone</li><li>1 – Local Intranet zone</li><li>0 – Local Machine zone</li></ul><br>**Example 2:** Include only the Restricted Sites, Trusted Sites, and Local Intranet zones (binary representation: 10110), based on:<br><ul><li>1 – Restricted Sites zone</li><li>0 – Internet zone</li><li>1 – Trusted Sites zone</li><li>1 – Local Intranet zone</li><li>1 – Local Machine zone</li></ul><p>**Note:**<br>You can use this setting in conjunction with the other settings that control the Internet Explorer Site Discovery Toolkit. |
diff --git a/browsers/internet-explorer/ie11-ieak/ie-setup-command-line-options-and-return-codes.md b/browsers/internet-explorer/ie11-ieak/ie-setup-command-line-options-and-return-codes.md
index f1a75a85d0..9bb18ee1b1 100644
--- a/browsers/internet-explorer/ie11-ieak/ie-setup-command-line-options-and-return-codes.md
+++ b/browsers/internet-explorer/ie11-ieak/ie-setup-command-line-options-and-return-codes.md
@@ -46,7 +46,7 @@ These command-line options work with IE Setup:
 
 
 ## Windows Setup return and status codes
-Windows Setup needs to tell you whether IE successfully installed. However, because IE11wzd.exe is packaged inside your IE11setup.exe file, the return codes can’t be sent directly back to you. Instead, Setup needs to return the information (both success and failure) to the `HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\InstallInfo` registry branch.
+Windows Setup needs to tell you whether IE successfully installed. However, because IE11wzd.exe is packaged insider your IE11setup.exe file, the return codes can’t be sent directly back to you. Instead, Setup needs to return the information (both success and failure) to the `HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\InstallInfo` registry branch.
 
 |Subkey   |Data type |Value                                  |
 |---------|----------|---------------------------------------|
diff --git a/windows/manage/cortana-at-work-crm.md b/windows/manage/cortana-at-work-crm.md
index 7d0df172b6..834bde8a92 100644
--- a/windows/manage/cortana-at-work-crm.md
+++ b/windows/manage/cortana-at-work-crm.md
@@ -10,8 +10,11 @@ localizationpriority: high
 # Set up and test Cortana with Microsoft Dynamics CRM (Preview feature) in your organization
 **Applies to:**
 
--   Windows 10, version 1703
--   Windows 8.1 Mobile
+-   Windows 10, Windows Insider Program 
+-   Windows 10 Mobile, Windows Insider Program
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 Cortana integration is a Preview feature that's available for your test or dev environment, starting with the CRM Online 2016 Update. If you decide to use this Preview feature, you'll need to turn in on and accept the license terms. After that, your salespeople will get proactive insights from Cortana on important CRM activities, including sales leads, accounts, and opportunities; presenting the most relevant info at any given time. This can even include getting company-specific news that surfaces when the person is meeting with a representative from another company.
 
diff --git a/windows/manage/cortana-at-work-feedback.md b/windows/manage/cortana-at-work-feedback.md
index 0fc38d06c8..ca24c22703 100644
--- a/windows/manage/cortana-at-work-feedback.md
+++ b/windows/manage/cortana-at-work-feedback.md
@@ -10,8 +10,11 @@ localizationpriority: high
 # Send feedback about Cortana at work back to Microsoft
 **Applies to:**
 
--   Windows 10, version 1703
--   Windows 8.1 Mobile
+-   Windows 10, Windows Insider Program 
+-   Windows 10 Mobile, Windows Insider Program
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 We ask that you report bugs and issues. To provide feedback, you can click the **Feedback** icon in the Cortana window. When you send this form to Microsoft it also includes troubleshooting info, in case you run into problems.
 
diff --git a/windows/manage/cortana-at-work-o365.md b/windows/manage/cortana-at-work-o365.md
index d1208f505d..764b5638e0 100644
--- a/windows/manage/cortana-at-work-o365.md
+++ b/windows/manage/cortana-at-work-o365.md
@@ -10,8 +10,11 @@ localizationpriority: high
 # Set up and test Cortana with Office 365 in your organization
 **Applies to:**
 
--   Windows 10, version 1703
--   Windows 8.1 Mobile
+-   Windows 10, Windows Insider Program 
+-   Windows 10 Mobile, Windows Insider Program
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 Cortana in Windows 10 is already great at letting your employees quickly see what the day is going to look like, do meeting prep work like researching people in LinkedIn or getting documents ready, see where and when their meetings are going to be, get a sense of travel times to and from work, and even get updates from a calendar for upcoming trips.
 
diff --git a/windows/manage/cortana-at-work-overview.md b/windows/manage/cortana-at-work-overview.md
index 6413fa1038..29a9ab3bba 100644
--- a/windows/manage/cortana-at-work-overview.md
+++ b/windows/manage/cortana-at-work-overview.md
@@ -10,8 +10,11 @@ localizationpriority: high
 # Cortana integration in your business or enterprise
 **Applies to:**
 
--   Windows 10, version 1703 
--   Windows 8.1 Mobile
+-   Windows 10, Windows Insider Program 
+-   Windows 10 Mobile, Windows Insider Program
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 ## Who is Cortana?
 Cortana is Microsoft’s personal digital assistant, who helps busy people get things done, even while at work. 
@@ -24,7 +27,7 @@ Using Azure AD also means that you can remove an employee’s profile (for examp
 ## Where is Cortana available for use in my organization?
 You can use Cortana at work in all countries/regions where Cortana is supported for consumers. This includes the United States, United Kingdom, Canada, France, Italy, Germany, Spain, China, Japan, India, and Australia. As Cortana comes to more countries, she will also become available to enterprise customers.
 
-Cortana is available on Windows 10, version 1703 and with limited functionality on Windows Phone 8.1.
+Cortana is available on Windows 10, Windows Insider Program and with limited functionality on Windows Phone 8.1, Windows Insider Program.
 
 ## Required hardware and software
 Cortana requires the following hardware and software to successfully run the included scenario in your organization.
@@ -38,7 +41,7 @@ Cortana requires the following hardware and software to successfully run the inc
 
 |Software |Minimum version |
 |---------|------------|
-|Client operating system |<ul><li>**Desktop:** Windows 10, version 1703</li><li>**Mobile:** Windows 8.1 (with limited functionality)</li> |
+|Client operating system |<ul><li>**Desktop:** Windows 10, Windows Insider Program</li><li>**Mobile:** Windows 8.1, Windows Insider Program (with limited functionality)</li> |
 |Azure Active Directory (Azure AD) |While all employees signing into Cortana need an Azure AD account; an Azure AD premium tenant isn’t required. |
 |Additional policies (Group Policy and Mobile Device Management (MDM)) |There is a rich set of policies that can be used to manage various aspects of Cortana. Most of these policies will limit the abilities of Cortana, but won't turn Cortana off.<p>For example:<p>If you turn **Location** off, Cortana won't be able to provide location-based reminders, such as reminding you to visit the mail room when you get to work.<p>If you turn **Speech** off, your employees won't be able to use “Hello Cortana” for hands free usage or voice commands to easily ask for help. |
 |Windows Information Protection (WIP) (optional) |If you want to secure the calendar, email, and contact info provided to Cortana on a device, you can use WIP. For more info about WIP, see [Protect your enterprise data using Windows Information Protection (WIP)](../keep-secure/protect-enterprise-data-using-wip.md)<p>If you decide to use WIP, you must also have a management solution. This can be Microsoft Intune, Microsoft System Center Configuration Manager (version 1606 or later), or your current company-wide 3rd party mobile device management (MDM) solution.|
diff --git a/windows/manage/cortana-at-work-policy-settings.md b/windows/manage/cortana-at-work-policy-settings.md
index 4534e3b0f3..83f10f7d3e 100644
--- a/windows/manage/cortana-at-work-policy-settings.md
+++ b/windows/manage/cortana-at-work-policy-settings.md
@@ -10,8 +10,11 @@ localizationpriority: high
 # Use Group Policy and mobile device management (MDM) settings to configure Cortana in your organization
 **Applies to:**
 
--   Windows 10, version 1703 
--   Windows 8.1 Mobile
+-   Windows 10, Windows Insider Program 
+-   Windows 10 Mobile, Windows Insider Program
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 >[!NOTE]
 >For specific info about how to set, manage, and use each of these MDM policies to configure Cortana in your enterprise, see the [Policy CSP](http://go.microsoft.com/fwlink/p/?LinkId=717380) topic, located in the configuration service provider reference topics. For specific info about how to set, manage, and use each of these Group Policies to configure Cortana in your enterprise, see the [Group Policy TechCenter](http://go.microsoft.com/fwlink/p/?LinkId=717381).
diff --git a/windows/manage/cortana-at-work-powerbi.md b/windows/manage/cortana-at-work-powerbi.md
index df2e6e3abb..979cde3b57 100644
--- a/windows/manage/cortana-at-work-powerbi.md
+++ b/windows/manage/cortana-at-work-powerbi.md
@@ -10,8 +10,11 @@ localizationpriority: high
 # Set up and test Cortana for Power BI in your organization
 **Applies to:**
 
--   Windows 10, version 1703 
--   Windows 8.1 Mobile
+-   Windows 10, Windows Insider Program 
+-   Windows 10 Mobile, Windows Insider Program
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 Integration between Cortana and Power BI shows how Cortana can work with custom business analytics solutions to enable you to get answers directly from your key business data, including introducing new features that let you create custom Cortana “answers” using the full capabilities of Power BI Desktop.
 
@@ -21,7 +24,7 @@ Integration between Cortana and Power BI shows how Cortana can work with custom
 ## Before you begin
 To use this walkthrough, you’ll need:
 
-- **Windows 10**. You’ll need to be running at least Windows 10, version 1703.
+- **Windows 10**. You’ll need to be running at least Windows 10 with the latest version from the Windows Insider Program.
 
 - **Cortana**. You need to have Cortana turned on and be logged into your account.
 
diff --git a/windows/manage/cortana-at-work-scenario-1.md b/windows/manage/cortana-at-work-scenario-1.md
index 37a9f30d6b..4a9714a455 100644
--- a/windows/manage/cortana-at-work-scenario-1.md
+++ b/windows/manage/cortana-at-work-scenario-1.md
@@ -9,8 +9,11 @@ localizationpriority: high
 
 # Test scenario 1 - Sign-in to Azure AD and use Cortana to manage the notebook
 
--   Windows 10, version 1703 
--   Windows 8.1 Mobile
+-   Windows 10, Windows Insider Program 
+-   Windows 10 Mobile, Windows Insider Program
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 >[!IMPORTANT]
 >The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering.
diff --git a/windows/manage/cortana-at-work-scenario-2.md b/windows/manage/cortana-at-work-scenario-2.md
index edba19cade..fb7b00d578 100644
--- a/windows/manage/cortana-at-work-scenario-2.md
+++ b/windows/manage/cortana-at-work-scenario-2.md
@@ -9,8 +9,11 @@ localizationpriority: high
 
 # Test scenario 2 - Perform a quick search with Cortana at work
 
--   Windows 10, version 1703 
--   Windows 8.1 Mobile
+-   Windows 10, Windows Insider Program 
+-   Windows 10 Mobile, Windows Insider Program
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 >[!IMPORTANT]
 >The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering.
diff --git a/windows/manage/cortana-at-work-scenario-3.md b/windows/manage/cortana-at-work-scenario-3.md
index b05a07e218..89610c7093 100644
--- a/windows/manage/cortana-at-work-scenario-3.md
+++ b/windows/manage/cortana-at-work-scenario-3.md
@@ -9,8 +9,11 @@ localizationpriority: high
 
 # Test scenario 3 - Set a reminder for a specific location using Cortana at work
 
--   Windows 10, version 1703 
--   Windows 8.1 Mobile
+-   Windows 10, Windows Insider Program 
+-   Windows 10 Mobile, Windows Insider Program
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 >[!IMPORTANT]
 >The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering.
diff --git a/windows/manage/cortana-at-work-scenario-4.md b/windows/manage/cortana-at-work-scenario-4.md
index 8c6b8b382c..56f1f6af66 100644
--- a/windows/manage/cortana-at-work-scenario-4.md
+++ b/windows/manage/cortana-at-work-scenario-4.md
@@ -9,8 +9,11 @@ localizationpriority: high
 
 # Test scenario 4 - Use Cortana at work to find your upcoming meetings
 
--   Windows 10, version 1703 
--   Windows 8.1 Mobile
+-   Windows 10, Windows Insider Program 
+-   Windows 10 Mobile, Windows Insider Program
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 >[!IMPORTANT]
 >The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering.
diff --git a/windows/manage/cortana-at-work-scenario-5.md b/windows/manage/cortana-at-work-scenario-5.md
index ca191d7196..8373a4f4c2 100644
--- a/windows/manage/cortana-at-work-scenario-5.md
+++ b/windows/manage/cortana-at-work-scenario-5.md
@@ -9,8 +9,11 @@ localizationpriority: high
 
 # Test scenario 5 - Use Cortana to send email to a co-worker
 
--   Windows 10, version 1703 
--   Windows 8.1 Mobile
+-   Windows 10, Windows Insider Program 
+-   Windows 10 Mobile, Windows Insider Program
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 >[!IMPORTANT]
 >The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering.
diff --git a/windows/manage/cortana-at-work-scenario-6.md b/windows/manage/cortana-at-work-scenario-6.md
index 7e3fe67103..2ad1c7cb5c 100644
--- a/windows/manage/cortana-at-work-scenario-6.md
+++ b/windows/manage/cortana-at-work-scenario-6.md
@@ -10,8 +10,11 @@ localizationpriority: high
 
 # Test scenario 6 - Review a reminder suggested by Cortana based on what you’ve promised in email
 
--   Windows 10, version 1703 
--   Windows 8.1 Mobile
+-   Windows 10, Windows Insider Program 
+-   Windows 10 Mobile, Windows Insider Program
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 >[!IMPORTANT]
 >The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering. For more info, see the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement) and the [Microsoft Services Agreement](https://www.microsoft.com/en-us/servicesagreement).
diff --git a/windows/manage/cortana-at-work-scenario-7.md b/windows/manage/cortana-at-work-scenario-7.md
index 533cf8b286..e8d6cfd3ff 100644
--- a/windows/manage/cortana-at-work-scenario-7.md
+++ b/windows/manage/cortana-at-work-scenario-7.md
@@ -10,8 +10,11 @@ localizationpriority: high
 
 # Test scenario 7 - Use Cortana and Windows Information Protection (WIP) to help protect your organization’s data on a device
 
--   Windows 10, version 1703 
--   Windows 8.1 Mobile
+-   Windows 10, Windows Insider Program 
+-   Windows 10 Mobile, Windows Insider Program
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 >[!IMPORTANT]
 >The data created as part of these scenarios will be uploaded to Microsoft’s Cloud to help Cortana learn and help your employees. This is the same info that Cortana uses in the consumer offering.
diff --git a/windows/manage/cortana-at-work-testing-scenarios.md b/windows/manage/cortana-at-work-testing-scenarios.md
index 6150e23507..9f97783bca 100644
--- a/windows/manage/cortana-at-work-testing-scenarios.md
+++ b/windows/manage/cortana-at-work-testing-scenarios.md
@@ -10,8 +10,11 @@ localizationpriority: high
 # Testing scenarios using Cortana in your business or organization
 **Applies to:**
 
--   Windows 10, version 1703 
--   Windows 8.1 Mobile
+-   Windows 10, Windows Insider Program 
+-   Windows 10 Mobile, Windows Insider Program
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 We've come up with a list of suggested testing scenarios that you can use to test Cortana in your organization. After you complete all the scenarios, you should be able to:
 
diff --git a/windows/manage/cortana-at-work-voice-commands.md b/windows/manage/cortana-at-work-voice-commands.md
index 828d58e38d..2e2743fa61 100644
--- a/windows/manage/cortana-at-work-voice-commands.md
+++ b/windows/manage/cortana-at-work-voice-commands.md
@@ -10,8 +10,11 @@ localizationpriority: high
 # Set up and test custom voice commands in Cortana for your organization
 **Applies to:**
 
--   Windows 10, version 1703 
--   Windows 8.1 Mobile
+-   Windows 10, Windows Insider Program 
+-   Windows 10 Mobile, Windows Insider Program
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 Working with a developer, you can create voice commands that use Cortana to perform voice-enabled actions in your line-of-business (LOB) Universal Windows Platform (UWP) apps. These voice-enabled actions can reduce the time necessary to access your apps and to complete simple actions.
 

From 9fa967226496d1db57afa4eeb78ffe4faa7b5755 Mon Sep 17 00:00:00 2001
From: LizRoss <lizross@microsoft.com>
Date: Fri, 31 Mar 2017 09:16:14 -0700
Subject: [PATCH 16/16] Revert "Updated applies to"

This reverts commit a83950b53e415606fe6d1488f7d4221cd1b96db1.
---
 windows/keep-secure/app-behavior-with-wip.md                    | 2 +-
 windows/keep-secure/create-and-verify-an-efs-dra-certificate.md | 2 +-
 windows/keep-secure/enlightened-microsoft-apps-and-wip.md       | 2 +-
 windows/keep-secure/guidance-and-best-practices-wip.md          | 2 +-
 windows/keep-secure/overview-create-wip-policy.md               | 2 +-
 windows/keep-secure/protect-enterprise-data-using-wip.md        | 2 +-
 windows/keep-secure/recommended-network-definitions-for-wip.md  | 2 +-
 windows/keep-secure/testing-scenarios-for-wip.md                | 2 +-
 windows/keep-secure/using-owa-with-wip.md                       | 2 +-
 windows/keep-secure/wip-app-enterprise-context.md               | 2 +-
 10 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/windows/keep-secure/app-behavior-with-wip.md b/windows/keep-secure/app-behavior-with-wip.md
index cedd75618b..1f83aad42f 100644
--- a/windows/keep-secure/app-behavior-with-wip.md
+++ b/windows/keep-secure/app-behavior-with-wip.md
@@ -12,7 +12,7 @@ localizationpriority: high
 # Unenlightened and enlightened app behavior while using Windows Information Protection (WIP)
 **Applies to:**
 
-- Windows 10, version 1607 and later
+- Windows 10, version 1607
 - Windows 10 Mobile
 
 Windows Information Protection (WIP) classifies apps into two categories: enlightened and unenlightened. Enlighted apps can differentiate between corporate and personal data, correctly determining which to protect based on internal policies. Corporate data is encrypted on the managed device and attempts to copy/paste or share this information with non-corporate apps or people will fail. Unenlightened apps, when marked as corporate-managed, consider all data corporate and encrypt everything by default.
diff --git a/windows/keep-secure/create-and-verify-an-efs-dra-certificate.md b/windows/keep-secure/create-and-verify-an-efs-dra-certificate.md
index 849a9ff772..4bd92ff06f 100644
--- a/windows/keep-secure/create-and-verify-an-efs-dra-certificate.md
+++ b/windows/keep-secure/create-and-verify-an-efs-dra-certificate.md
@@ -12,7 +12,7 @@ localizationpriority: high
 # Create and verify an Encrypting File System (EFS) Data Recovery Agent (DRA) certificate
 **Applies to:**
 
--   Windows 10, version 1607 and later
+-   Windows 10, version 1607
 -   Windows 10 Mobile
 
 If you don’t already have an EFS DRA certificate, you’ll need to create and extract one from your system before you can use Windows Information Protection (WIP), formerly known as enterprise data protection (EDP), in your organization. For the purposes of this section, we’ll use the file name EFSDRA; however, this name can be replaced with anything that makes sense to you.
diff --git a/windows/keep-secure/enlightened-microsoft-apps-and-wip.md b/windows/keep-secure/enlightened-microsoft-apps-and-wip.md
index 5555cd3892..f2e1b3c91c 100644
--- a/windows/keep-secure/enlightened-microsoft-apps-and-wip.md
+++ b/windows/keep-secure/enlightened-microsoft-apps-and-wip.md
@@ -15,7 +15,7 @@ localizationpriority: high
 
 **Applies to:**
 
--   Windows 10, version 1607 and later
+-   Windows 10, version 1607
 -   Windows 10 Mobile
 
 Learn the difference between enlightened and unenlightened apps, and then review the list of enlightened apps provided by Microsoft along with the text you will need to use to add them to your allowed apps list.
diff --git a/windows/keep-secure/guidance-and-best-practices-wip.md b/windows/keep-secure/guidance-and-best-practices-wip.md
index 3294599cd2..ff64be6d0f 100644
--- a/windows/keep-secure/guidance-and-best-practices-wip.md
+++ b/windows/keep-secure/guidance-and-best-practices-wip.md
@@ -14,7 +14,7 @@ localizationpriority: high
 # General guidance and best practices for Windows Information Protection (WIP)
 **Applies to:**
 
--   Windows 10, version 1607 and later
+-   Windows 10, version 1607
 -   Windows 10 Mobile
 
 This section includes info about the enlightened Microsoft apps, including how to add them to your allowed apps list in Microsoft Intune. It also includes some testing scenarios that we recommend running through with Windows Information Protection (WIP).
diff --git a/windows/keep-secure/overview-create-wip-policy.md b/windows/keep-secure/overview-create-wip-policy.md
index b2b23e5275..c3ad6bf5a3 100644
--- a/windows/keep-secure/overview-create-wip-policy.md
+++ b/windows/keep-secure/overview-create-wip-policy.md
@@ -13,7 +13,7 @@ localizationpriority: high
 # Create a Windows Information Protection (WIP) policy
 **Applies to:**
 
--   Windows 10, version 1607 and later
+-   Windows 10, version 1607
 -   Windows 10 Mobile
 
 Microsoft Intune and System Center Configuration Manager helps you create and deploy your enterprise data protection (WIP) policy, including letting you choose your protected apps, your WIP-protection level, and how to find enterprise data on the network.
diff --git a/windows/keep-secure/protect-enterprise-data-using-wip.md b/windows/keep-secure/protect-enterprise-data-using-wip.md
index f1ea14dd57..a37553eb2c 100644
--- a/windows/keep-secure/protect-enterprise-data-using-wip.md
+++ b/windows/keep-secure/protect-enterprise-data-using-wip.md
@@ -14,7 +14,7 @@ localizationpriority: high
 # Protect your enterprise data using Windows Information Protection (WIP)
 **Applies to:**
 
--   Windows 10, version 1607 and later
+-   Windows 10, version 1607
 -   Windows 10 Mobile
 
 >Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
diff --git a/windows/keep-secure/recommended-network-definitions-for-wip.md b/windows/keep-secure/recommended-network-definitions-for-wip.md
index 299a85927b..bf9a7ac22a 100644
--- a/windows/keep-secure/recommended-network-definitions-for-wip.md
+++ b/windows/keep-secure/recommended-network-definitions-for-wip.md
@@ -13,7 +13,7 @@ localizationpriority: high
 
 **Applies to:**
 
--   Windows 10, version 1607 and later
+-   Windows 10, version 1607
 -   Windows 10 Mobile
 
 >Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
diff --git a/windows/keep-secure/testing-scenarios-for-wip.md b/windows/keep-secure/testing-scenarios-for-wip.md
index 81e9282bd3..cca0a2fa52 100644
--- a/windows/keep-secure/testing-scenarios-for-wip.md
+++ b/windows/keep-secure/testing-scenarios-for-wip.md
@@ -14,7 +14,7 @@ localizationpriority: high
 # Testing scenarios for Windows Information Protection (WIP)
 **Applies to:**
 
--   Windows 10, version 1607 and later
+-   Windows 10, version 1607
 -   Windows 10 Mobile
 
 We've come up with a list of suggested testing scenarios that you can use to test Windows Information Protection (WIP) in your company.
diff --git a/windows/keep-secure/using-owa-with-wip.md b/windows/keep-secure/using-owa-with-wip.md
index 2f19e746d1..f99f10fb6f 100644
--- a/windows/keep-secure/using-owa-with-wip.md
+++ b/windows/keep-secure/using-owa-with-wip.md
@@ -12,7 +12,7 @@ localizationpriority: high
 # Using Outlook Web Access with Windows Information Protection (WIP)
 **Applies to:**
 
--   Windows 10, version 1607 and later
+-   Windows 10, version 1607
 -   Windows 10 Mobile
 
 >Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).
diff --git a/windows/keep-secure/wip-app-enterprise-context.md b/windows/keep-secure/wip-app-enterprise-context.md
index a4af8fcc31..b4ebd4ced4 100644
--- a/windows/keep-secure/wip-app-enterprise-context.md
+++ b/windows/keep-secure/wip-app-enterprise-context.md
@@ -12,7 +12,7 @@ localizationpriority: high
 # Determine the Enterprise Context of an app running in Windows Information Protection (WIP)
 **Applies to:**
 
--   Windows 10, version 1607 and later
+-   Windows 10, version 1607
 -   Windows 10 Mobile
 
 >Learn more about what features and functionality are supported in each Windows edition at [Compare Windows 10 Editions](https://www.microsoft.com/en-us/WindowsForBusiness/Compare).