From 9bdde471c58a398463a8a0d427b720b93a5264ca Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Tue, 14 Feb 2023 10:18:25 -0500
Subject: [PATCH 1/5] updates

---
 .../hello-for-business/feature-multifactor-unlock.md | 12 +++++++-----
 .../hello-aad-join-cloud-only-deploy.md              |  2 ++
 .../hello-for-business/hello-deployment-rdp-certs.md |  2 ++
 .../hello-for-business/hello-faq.yml                 |  1 +
 .../hello-for-business/hello-feature-pin-reset.md    |  1 +
 .../hello-feature-remote-desktop.md                  |  2 ++
 .../hello-hybrid-cloud-kerberos-trust.md             |  2 ++
 7 files changed, 17 insertions(+), 5 deletions(-)
diff --git a/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md b/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
index 33c5c76b9f..8dea56bdd7 100644
--- a/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
+++ b/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
@@ -5,6 +5,8 @@ ms.date: 03/20/2018
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
 ms.topic: article
+ms.collection:
+  - tier1
 ---
 # Multi-factor Unlock
 
@@ -267,7 +269,7 @@ This example configures an IPConfig signal type using Ipv4Prefix, Ipv4DnsServer,
         <ipv4DnsServer>10.10.0.1</ipv4DnsServer>
         <ipv4DnsServer>10.10.0.2</ipv4DnsServer>
         <dnsSuffix>corp.contoso.com</dnsSuffix> 
-	</signal> 
+    </signal> 
 </rule>
 ```
 
@@ -280,12 +282,12 @@ This example configures an IpConfig signal type using a dnsSuffix element and a
 
 ```xml
 <rule schemaVersion="1.0"> 
-	<signal type="ipConfig"> 
-	    <dnsSuffix>corp.contoso.com</dnsSuffix> 
-	</signal> 
+    <signal type="ipConfig"> 
+        <dnsSuffix>corp.contoso.com</dnsSuffix> 
+    </signal> 
 </rule>,
 <rule schemaVersion="1.0">
-	<signal type="bluetooth" scenario="Authentication" classOfDevice="512" rssiMin="-10" rssiMaxDelta="-10"/>
+    <signal type="bluetooth" scenario="Authentication" classOfDevice="512" rssiMin="-10" rssiMaxDelta="-10"/>
 </rule>
 ```
 
diff --git a/windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md b/windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md
index 25100512b3..e772e421c3 100644
--- a/windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md
+++ b/windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md
@@ -5,6 +5,8 @@ ms.date: 06/23/2021
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
 ms.topic: article
+ms.collection:
+  - tier1
 ---
 # Cloud-only deployment
 
diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md
index 424f82c737..b38b0f4112 100644
--- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md
+++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md
@@ -7,6 +7,8 @@ ms.topic: article
 ms.date: 11/15/2022
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
+ms.collection:
+  - tier1
 ---
 
 # Deploy certificates for remote desktop (RDP) sign-in
diff --git a/windows/security/identity-protection/hello-for-business/hello-faq.yml b/windows/security/identity-protection/hello-for-business/hello-faq.yml
index c853063c26..982ee0f388 100644
--- a/windows/security/identity-protection/hello-for-business/hello-faq.yml
+++ b/windows/security/identity-protection/hello-for-business/hello-faq.yml
@@ -4,6 +4,7 @@ metadata:
   description: Use these frequently asked questions (FAQ) to learn important details about Windows Hello for Business.
   ms.collection:
     - highpri
+    - tier1
   ms.topic: faq
   ms.date: 01/06/2023
   appliesto: 
diff --git a/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md b/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md
index e1aa2e7acb..7eb9352755 100644
--- a/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md
+++ b/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md
@@ -3,6 +3,7 @@ title: Pin Reset
 description: Learn how Microsoft PIN reset services enable you to help users recover who have forgotten their PIN.
 ms.collection: 
   - highpri
+  - tier1
 ms.date: 07/29/2022
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
diff --git a/windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md b/windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md
index 2281821bdc..c7aad5a502 100644
--- a/windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md
+++ b/windows/security/identity-protection/hello-for-business/hello-feature-remote-desktop.md
@@ -5,6 +5,8 @@ ms.date: 02/24/2021
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
 ms.topic: article
+ms.collection:
+  - tier1
 ---
 
 # Remote Desktop
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md
index ce118ce681..16776a1551 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md
@@ -5,6 +5,8 @@ ms.date: 11/1/2022
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10, version 21H2 and later</a>
 ms.topic: article
+ms.collection:
+  - tier1
 ---
 # Cloud Kerberos trust deployment
 

From ca950d9995d903b1c3127bb84dce94efab7124cf Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Thu, 16 Feb 2023 14:04:51 -0500
Subject: [PATCH 2/5] updated tiering info

---
 .../images/suspcs/2023-02-16_13-02-37.png     | Bin 0 -> 226746 bytes
 windows/security/docfx.json                   |  10 +++
 .../security/encryption-data-protection.md    |   4 -
 .../access-control/local-accounts.md          |   1 +
 .../credential-guard-manage.md                |   1 +
 .../credential-guard/credential-guard.md      |   1 +
 .../hello-cert-trust-policy-settings.md       |   1 +
 .../hello-identity-verification.md            |   1 +
 .../hello-manage-in-organization.md           |   1 +
 .../hello-for-business/hello-overview.md      |   1 +
 .../hello-why-pin-is-better-than-password.md  |   1 +
 .../hello-for-business/index.yml              |   1 +
 .../remote-credential-guard.md                |  13 ++--
 .../smart-card-debugging-information.md       |   1 +
 .../how-user-account-control-works.md         |   1 +
 ...-group-policy-and-registry-key-settings.md |   1 +
 .../user-account-control-overview.md          |   1 +
 .../bitlocker/bitlocker-and-adds-faq.yml      |   1 +
 .../bitlocker/bitlocker-countermeasures.md    |   8 +-
 ...r-device-encryption-overview-windows-10.md |   1 +
 .../bitlocker-frequently-asked-questions.yml  |   1 +
 .../bitlocker-group-policy-settings.md        |   1 +
 ...itlocker-overview-and-requirements-faq.yml |   1 +
 .../bitlocker/bitlocker-overview.md           |   1 +
 .../bitlocker-recovery-guide-plan.md          |   1 +
 .../bitlocker-recovery-loop-break.md          |   1 +
 ...ve-encryption-tools-to-manage-bitlocker.md |   1 +
 ...-use-bitlocker-recovery-password-viewer.md |   1 +
 .../kernel-dma-protection-for-thunderbolt.md  |  19 ++---
 .../secure-the-windows-10-boot-process.md     |   9 ++-
 ...ackup-tpm-recovery-information-to-ad-ds.md |   4 +-
 .../tpm/how-windows-uses-the-tpm.md           |  36 ++++-----
 ...lize-and-configure-ownership-of-the-tpm.md |   3 +-
 .../tpm/manage-tpm-commands.md                |   2 +-
 .../tpm/manage-tpm-lockout.md                 |   4 +-
 .../switch-pcr-banks-on-tpm-2-0-devices.md    |   2 +-
 .../tpm/tpm-fundamentals.md                   |   8 +-
 .../tpm/tpm-recommendations.md                |   5 +-
 .../tpm/trusted-platform-module-overview.md   |   3 +-
 .../tpm/trusted-platform-module-top-node.md   |   3 +-
 ...-basic-audit-policy-on-a-file-or-folder.md |   1 +
 .../auditing/basic-audit-logon-events.md      |   1 +
 .../threat-protection/auditing/event-4624.md  |   7 +-
 .../threat-protection/auditing/event-4625.md  |  69 +++++++++---------
 .../threat-protection/auditing/event-4771.md  |  25 ++++---
 .../threat-protection/auditing/event-4776.md  |  25 ++++---
 .../auditing/view-the-security-event-log.md   |   1 +
 ...tion-based-protection-of-code-integrity.md |   3 +-
 .../threat-protection/fips-140-validation.md  |  67 ++++++++---------
 .../install-md-app-guard.md                   |   1 +
 .../md-app-guard-overview.md                  |   1 +
 ...microsoft-defender-smartscreen-overview.md |   1 +
 .../account-lockout-duration.md               |   5 +-
 .../account-lockout-threshold.md              |   3 +-
 ...w-to-configure-security-policy-settings.md |   1 +
 ...eractive-logon-machine-inactivity-limit.md |   9 ++-
 .../log-on-as-a-batch-job.md                  |   1 +
 .../minimum-password-length.md                |   3 +-
 ...lients-allowed-to-make-remote-sam-calls.md |   1 +
 ...e-encryption-types-allowed-for-kerberos.md |   1 +
 ...curity-lan-manager-authentication-level.md |   3 +-
 ...sword-must-meet-complexity-requirements.md |   1 +
 .../password-policy.md                        |   1 +
 .../security-policy-settings.md               |   1 +
 .../user-rights-assignment.md                 |   1 +
 .../applocker/applocker-overview.md           |   1 +
 ...icrosoft-recommended-driver-block-rules.md |   1 +
 .../windows-defender-application-control.md   |   3 +-
 .../windows-defender-security-center.md       |   1 +
 ...ssign-security-group-filters-to-the-gpo.md |   1 +
 .../best-practices-configuring.md             |   1 +
 .../create-a-group-policy-object.md           |   1 +
 .../create-an-inbound-port-rule.md            |   3 +-
 .../create-wmi-filters-for-the-gpo.md         |   1 +
 ...windows-firewall-with-advanced-security.md |   1 +
 ...windows-firewall-with-advanced-security.md |   3 +-
 .../windows-platform-common-criteria.md       |   2 +
 ...indows-sandbox-configure-using-wsb-file.md |   1 +
 .../windows-sandbox-overview.md               |   1 +
 .../security-compliance-toolkit-10.md         |   7 +-
 .../windows-security-baselines.md             |   1 +
 windows/security/trusted-boot.md              |   8 +-
 82 files changed, 250 insertions(+), 176 deletions(-)
 create mode 100644 education/windows/images/suspcs/2023-02-16_13-02-37.png

diff --git a/education/windows/images/suspcs/2023-02-16_13-02-37.png b/education/windows/images/suspcs/2023-02-16_13-02-37.png
new file mode 100644
index 0000000000000000000000000000000000000000..dc396099bfb899eeb40daeb08ab97bdd39c7d701
GIT binary patch
literal 226746
zcmdqIbx>Sg^DYX(gF}K_(BSSCBoI76g1fuB4DJ>rxFmRjyE8!thakaqaQ8uGhC{yk
zz2AAyJyo~v-*;6_?Oii#X1aTIKi%tDy<<MA%45GIdx?O6fUWRBRs#V64S;}vEQF5w
z{LZdcpzZSo!{vjnI|2d`!`~O8f(HHh^P6ZM3M%i>_Fmu-pz~aAFkc}c&>$$tN`3Ol
zJzn(=c;yKPUCbXlH5Ut}OcDBJ6h^-&e1-DrJ-(=y+GK}}c#z+1B(}Kfz?DPr%`5y@
zcqL&ppJT6azL%!tA6q@1C4Er-fG&j}4FO0{`HC&9E@qvLO-$fi<)7`@zasjI9F~br
zhH64nrhe`r_-^7Y)8kP&OiA{6z<*r>b@7wir81agWdZV@C&jJRu(z{KC;IcVO|VTY
zb3Ei1nX2A0f9L-1vE8D6&Px05p#fsPdyW6^@dNw{8XNuZG3%PXr2Oi&Rn_f%D8ZzH
zWBk8AjE>H2)k6V(<lh$8B4PXYPt($tr7McZ{U4KOU0(v;|8IF@Ww(nL+uYF%MVshE
zR<w4`aycloczmZ1oVJ|*RD1F=2Khp7GNC*4BF*-`FZDjDocnuV?9n9^^;Uj`+hsQk
zP;~}bl;Ga?Jj&<0fbDr4_ANUvmNHo;&s0<xL{<jZW@p#=o|sdaKHCLlBs$vPbfcY7
z`%cd{i8yykM4D<Fc^!L+ai#2|>z4q{1Bcr^?DTEh(WviW%bfq##4~l(%KBLUjLUp?
zMKNdwm^VIvgyssWqB{(@dtABV<aOKb;*SKT0(1L^k|CGZ4V<|t0+inI>qVejaneZa
zuK4Y3t8L<r(E`zAuIq&P!CIf+(xu9IuG7m}%R50rrYkj0Pgz@uqGwiP_U4E>bpgys
zoTr$-YAb3GM|w|0oydFca3z?7aLTzq68&qflAlzvva$l;>uPV=JwHGCm8s_WZkA{x
z_}oXRf4wYg-#y&4bfgx(TvJR+5+Zm=q<k!3seu{&#0IDp@14dh<z$aQecg3iT=h%#
zK%Ek|-uk=4x0~UvVi(s9U-K)JPHI$>uKX^K%Zcxgfz-UmhxQ8{f?xlNQz?wO?`kxu
zIHP+1aE*NWZ)3Ubwm*!#Nqa@C36$z%sX+;o8tfFwPLjCKRYJwttrA=p!e$q1OMDH_
zPn;sQ`wfOzD5)wS($LXWLD%Pe&*91O)DWk8FkP2@hlhib-60i1VV|RAmsXI>zF#rq
z99wX8jIt%MyuS00&wed83=L;iX#MqQ29L|T^-GX^OT*T~=N2485m<db!jXUzo$!6e
zNt3rTOP**mb5L%|bbNt;Lsgv$)7H445%}5S)dUYzCp~D154o|4U910xYbM!)BX0t(
zRw?|9r^=S*ql`U;N7LC&H@+#UxsC!P<)eV|@W7uk#^qM=#&22Ap!RUPqeXSjzmnL2
zHX`ajdYr9^KQH?*r`Of94M#y!Fk7%zKIIK9>;absxDcq}w=_{8m|>}up2m6hR~FZ?
zwJ7+-TQ$jhlD<eS<IB4b`=a)zp_je_wo8rBn+x#T4%Db?h|{aV2`n&}<lmw}d9{yD
z-m(T@x_|F<8MhMuv_UB1?a;T@^<(GiY^4snVVCV~L8&tk(c|D#hihb#<x_VcJ(D1k
zNe{FwcfCP7VFq~dkXb)@uqPlUdN{D&81QfZk}TYJS;m0PSw@;tTs7fUye^pZeyQ(n
zXCMwG8%%`Z(#fy+FG(9CXnrwwhOUnW;))HmCoKCs41=O^T0XxNhm@A4qkMloc-D0m
zf~KId+84W{6qIpWT+CPTiYCc7&>>;;$kj;gGH&&Fu`6faMgQwXpfM$kU^3CKPQ!We
zk;<nQy8djew>7%?xhc{>IMRqe-m}0Y4>#1m0wGU4u;&o@Zv2F(ob&K`5o-KH<cYgx
zZe<tz3?c+zP}k`CssA@<TO@XcS6@xJ*+;BTb`Af=qcq`Z_1fkjT3{p!R%j&R>lYjA
z?(yq%DViG3HqL+~8a7*Cm>W?m$;pxZV(!ZMu6wonIbTV^cJRAQlwH8O8u_Rqt9;b5
z4p-2#$KGG<^6WMVCf#?(njR#B9w8@4BfYbj4+fuh#EGxl$^){+JG`%^`jWJ=N}ojr
zIl8}p7E#|kYZp9z<O~six0mQhB6+&XQd0h3h)lFX=vjC5dtQ^|neSVf-5)*2)-?wR
z`rnHBi`-BKh19P#JUe-jJ4j%sOGQ&7`)gD=Fe7`ASYpdZ+$iZ;iJ1~}{Zi%pPiv_y
z9IfDq4$>>Vo09q*e&>mvF#aU-+}vDgKyuDALjG<u&q<Y-sQt%0(2KXwzlkAucU(XB
zlri_!Ynk;}sj~z0AQci+iqH0s5GpXl=C#a1aWQIf>8Yu+-C<2Wb=u7r!%iF1uY2>A
zy6>Nti$%P}8gi<b^y~;J+3iu!bDNBe28{Zcna6b+tmZJ9Ta{BwRVo}ITkkPPK^RVd
zI)z!atIK)DpK-~aQj2;LTX1b`MomIXqS{3z(l8MF+08XHA)i>5+5f>DjXc7WFt_Z7
z%4f-k&WdekEErYc4<3SGK~b%Jeb=$|VdMPv<FQYGjuqy1M<-`HyRY1?>pqTH&oX>a
zRbZyRx*Zus)6Op4@+aeWGGM3_UwSQ5V+QYR`<qG>N4vp)@K;=B#=n-TsH|%KCq0mR
zulPc^{ZVkq{d7w}tm&MV&$B&_yl@cI#9(aRD<Xv&K8CJv{<bqX+UOGOfpbPJODyKu
zKhl%FKR!Fa<#lS(XR=9151QO`%~P-<7!D`utL}~zJ?+eypj`fh5fo+Ut9#Fr<W(PP
z{hxSD&L)wE#YBHtEjrhJPMS#|r<N=5$ZLm{+U}9{?751Cwm{K~iyNDjVhncuW|7r#
zm`dX72P#*QUSlOsHF&-`l(DS%6RG~~{`7=q>4eF`)F?~Bl_<PVZRAP(8P{8%m6VNI
z9vOKJG-@(%byHOI#W*M{2&jbK>$($v!jOM_4mfz=<4DH*v%q$Hy1##$<JBy;R*Aip
z&^T>-_P@F2C!c2kl9gXzY3kUz>kywf8h*|aBtEX|ibq^KN2E<ga*px7j%<B3ZOzku
z2+v5B;Te-y``Hg}fin5eV*b5qw1~luuf!g&3B@2|sdL?Hbu+s0tvk({D?isk4Qi5r
zu_;J2U5)rnKV4bzc0;o9HVzf(TRIl#HgY$x<oN2x?V!E6PN&Tq&C>jpscY@uCJY+C
zhr1I#KW6-OZfHpPd`9#Tb>9VtHbr3P{0=sLGTCfX>UO)=#~S<Pmg*n&k4Sh}sNC_q
z<{&Qg7a@oK&=<&IANMN_gULzl#Qic&{socGfhk$c%Wz#a^ywm`VOAS{wiMYducq%x
z^*<_Ehi<3`JuB6a>e)Ga@w|Al+p|AD9qO*ms`2K*6yLMl{HJJgQ)cpO54b+4g+H=B
zPo@Knulse1tzBrB<iD3yEo}En(VxdT^mKgu!|&-BB-BU2eB&T;n)YwI(bBrfY5rg3
zovx}k(*I<&METEi|8r|sN(KBszw4PBYW!cle#m|$`aAQGYP6kyR6$u;Z1n^WKUt*T
zf(M_BEOxl~G3xKf0M1C$FJHa{n?gtK81_Nni!EH_q!xN*BFr~$h*l{%XfM&eKh-=}
zfKcapdPYVKAOJSAii3~;Lk6plMoi4$Df!j&UkVpx)rv~1dei;=$!GJt`u*DfzmojD
zNfuG<srd(&{&W36S+?=ll>d7aC;s26|9`1${~zV3?4c0K|C?d{e=QDMSqI{?Q!stz
z`ta)vv<D$XM@CNvnwVr_jal(pHISy7<_^l`2b<sl%c7B%wYcmb9JEe`e!Xt|GVO>U
zxEes{SlHDnF2SW=8yRl$ldj@3v9IAh^!$J@pp`KcGitr(2Bx<mw3@&|+<)c@#t0rT
z8!+SkZn)`zz6J5Scz}|;5vY8i_-9SGUupbx<{+#d1S)NA;YGBCIy>QYPW{0Vm5$+I
zcLD_EH~94Y4$>W`UHhvQg5n~Abc6VAgHb#Z)&i_Rzl^=78^jzQLmwF83#kvx&F-61
zM=?t`C`E$-s#+duR6fT5KZdCMQ^qG#6fxD?N@%RY`YhAoF)Jyco&1y3H@-Y!=Y*}Q
zdtHzALjYB0m!Rv<Bez4}%RAd=JU9vy*71Leu!akSm*W57g$vRB6HGx^e?6*r0`qQV
z`*^*-@Sxyw0>r!EK|`H79x`XuXD5J;8ixF$&Ej}@Z2ErvynBa&iu8%a8~5Nt|AAA0
zN+=ai^TbY`_L_yQADcGphFcEnR4yPI&H6_{aWrjnfW+4}cdKNoRE4PTf>W%*_Z}^J
zsz_&>>;YE;2D??NOf!E%DyolF3|0=DJ{#iEZ(My$%TP&Yir+4ND?K*HwA&M$G+iiG
z-ykN-#DtG;R!z1~L}Ag>nH3=JO`7bl@4AW&v!QSrsNDW<c&Q@(jR=i0lmLcfJ&`Oy
zWB<I#-IF(suJ-NNt<hBC6J_olT72<MV2HnK$4jBcKz7y)XOrdpkJ44v00Kf6(ZvQk
zq6TlY1A#3gs#b`cNdGbyDQb@i0+wWTqM<O*8|PmA<RF{CzdeVoEQYxdaWB_fLbUJF
z*4s-vWny2HY=Yj%tr;*G?h4i=;m=K?>dftbtKX#A?%sU46Ye^uLo%>REj|<xqn??R
z|CTSYnR24U*%|Y@b)NhTNyo@v`1#KmVlMiN8Hbf7zlIar&Mu)>HC&br5!D$h!+GAT
zzrGn!DquBeSdy$`a_nX=uWp|z717g19)k0Dqb4;+x~nSQHu8V-jN;%^a7jZ`i8MtW
zYb51M(Vl1znf~&YjOFC9;5ETwBzb;dgoJO2Y`<V}{*6aVd9_PwyBlgMqbgJ2(7>I2
zX1&FkBBN^d(8%?h6~9W1J~FrAlccGg%YZR;1$w!qPrJJR_`fRYf9x)Zg0$@fP0uh2
zjH_wUJqWy#^nr(v@2~Ko+GCsNkXeztj%$=-es&4#L2$Buvv5ebRr~p|$gw^=b(S8Q
z)}k`O6^WtmK`>sZ<}K4tMx|8ba??%xKk%BYSre%Qes*1Jj-U(G(oWuxMOJs)KUX+Z
z{^yMC4D%EZ{~`jQ>OVlvjwoTRaSe+tf=JrGq#gPOXOrT7Y0Mu%eB%~c9uZKSB%9BL
z$oL)KW!}ET7oI^0q=33I8nYY4uvXKxtoRe|3B>jWq$Cda1mkL}Q$^wKef;<-RuJzO
z*O-n>UrbDme1M0L))hB_6)*!@2|HGRq@+!U_h)`o25=7eE?QXaeKa^^z~eJbiY_&h
zrmag(967n|7#<fI>KS{X_>y<QdqL^f5$)bDoIf>9crP=h9r^{Gq>60FTX7mJy~z;W
zDVVDc3B4-4P>@=cE{7(@7;6?H=5ej!zSb_t9y0ag*<pW7OCAhqq+q+rnGxeAP`ckJ
zHgePOcBvJ5ri@;WA4X96FQXv6vOKj?Yc5zQmgB1=HZrC7BssBybxS?gU#{JZrTI(6
zNQ;bg5yj^PYGUhPF<<O}maECE30^@*W}j}>_V#P=EgILDRxfRl!UtuVX;X1#a5*Z>
zC^tg*SwW3YTZ6cnG8Fy&OeuKOp0w`0XP(I!dGEbc5lf6DrTRkY#8Uhe6#B!LSp#<g
z-rS^UkQ7~$k3e5c0y;;KF16rdhgb407D0ZdvZ9#~<F~hgm_LLOdkO8~@#v`Mt+7MG
z0hygpvlR(RDXhv{E?V=gn54K~Q+{pz!i6&qMkdkJzP9&i4=+fpFmG#hQV!?oSY~5?
zC<fjT;?r-iGn~0FE()WxiUC3+WAOY*TwO8x2j$EfNaiwBaUL$xUZrGxRRDa)bVg9N
zV#RmGpl9qSATq1|^dSB*yYDm)jro?S&e54jl^WR%(qIcyvj~4OU=rntX-+6&UI6A?
zn{nPR-)ih%<6~{t`_K3RM$n(`aYjC5H#;iE(;;i}Kem?iM(H-M@Ih}$$V&KVR|xu#
zShiiPh@voKgWyI>G0|$@0Mb}qaR;p>g-8J00pF-$iCm@RQ5hN=6VGr$L(Z7~Oc&{~
zl49pYmF9Jt+aXu*{y6cux?Y;Rm6ia?fD^Q*{)Cu_P)RyKEIIMZ&yuTuwqo1yR~59~
z-+*bkGLH*+e!;oDDfMyoZ@kP1vZsHlU>-*3!hMLNpsKg*uyB94Sb9~-MZC`@Hr&;m
zb8F%nkv6F>uQ~TOL~Jnr<i7DFh^Yu9A-$J5v&w>>oQ<M{TkkPpCUELDy*)_YcD*9E
zFb)bbX5Wo(c^h^!+HJjA7{PW2z&L6tQQyBc)1jc}v!A>t#@^^%3*7haS>#Lf{DhsO
zG@bPb?^_WO$&r`z4FlrX^{z4SW(jzbtxp(^BwoLOmVQjp^9HAk)@){fM-nb`45W~^
z+7|oO$c=k3+u=Th0;OUyGR8?YYES*~#D)p(&2HRV3sTw2k{T8gRNJXuetNHPjU8Wb
z!?h}1fpdE3zEkIZ!b3DxFmSAUrP~FjL8(Ug{`<yu*`7w*m^&OXFemu|t|Z1|#gagE
zAD;B&#eE^Uj<L-uK6Jh3w0XfGfhs1FpX7ArHO9X0y<6|o`@xCSxYtpwYmm3a1Dqi}
ztJ<tg-Ulm^puJQp;M$yUvZ&7MX@xMJk3({XFl481B7X<)?2=_KjHFXy`3x;}MWVRx
zp0CC`>vsB~39C|D$+NMGLQFO+wRvndB63%GFqUgn;9*iL?++Y|n!o6}TXEa>@H7`&
zfiGor0(it9aIA)=D)!geLw>pL?UbEQF?JV7Ch78aTdqxe78AGjkST!w<dJe&kc4q|
zM_)}UGWO~<&-mduTlF^3-9zGOt9`+A`M^?g^=5N#LvQOUt1;u#&6(McPClD5MkH(L
z-$29Dkh87o7>4UW7cuHpb(r<5^H=rGeLUSy0Q`nMc9XfKJd3Zb7}=Hm0ye69R~$RL
zqRyr+HCEwT0J_DFpsmMy_q)^OGo5R&08gBFrc9B7({h|r4aL|1>|wgd(3}Fed(5+6
zvN7eAK2gv&rn}A^G%Rwv*N(1t+%MpyQV@sgcCrfLDmUy>lwv`?@Q+<+Iglp`fKbj@
zO<LWQ!e06PqRRgOS|jGQaS7reb-|}3lgsE5+@SNm@{q&v&t+Idxq}*sQE`SGaPoTG
zW?p`q<KD+Fl~~IeNLn3XRjR+ZgZhY51%w=k@p*XNd#~@3^aFRh2X73?%th^}YwpA!
zEZaCWrcdOI{LfsocdN~Az1PoAW)}m1uG)(bo>FFOL%!&v>h4%6;yjtYp)ckR4K&p&
zU6t@n|K0KX#6`^X20C$SHJb2+!7Aail<x+C115f6E<C5zlH70RC#oc=1zDUVYj~qh
z?1{PeI&=dBAN~KFD1&wcYonN^A3F1~Ixn40NdY)F(lUHTb^nwGq^HQ7<0$9b)F!`M
zjCsxf1f*9l4TV$&tRU73(SC56PkodJ4tN@ZRn^rN5Y|!xaE{j|POlxva`~fg6+o>*
zTJ}-_B@xACPS)TMv%{w2USVcQrteacB^*rE8pKpdNgK}31TRf6$S`(vr?_!8>?x^E
z<9T<qr>tgq^QXyz{HE=8%iZRclQ?roIIp?5apx8FS`Jq-HiLSjWD8S<;d;^(9xtLX
za}>nU;y|ABaxMtCeYp%Dk%aq+=aEHfALNl<x4DWKrV&w^^|Vg<2CWbu#~qK|!)kV+
zcu3woh=17h`bCSh8Z1r#gPl;pheqgq3om`FfH)ct?Nl0VQfif?vc+#IG|Gvi(R)e)
z48%(H7!P}ji>qE}t5Tj&UcQ}-g0ZWJQfUJCtM)oL%1|{se>GLA?~%}y7vF=p)_&DN
z4i<<r`V>IC>YkS-lGiHM&2n|&ujncw-r5ODkifWmzBO#^g0ld>A_9q9Mq@@lkDcxm
z@II8ZERs6(yw_e27vC79wq^zTvXQvdTVGgra^E^i<hNw>--_>xR*EKj@xrGAys8X)
z$Z;plcRTe-`5*8fT7E>`$o8$9;Hkl>tP-jFB-bA}?J>>vryH2&uM_+1P}N+Ca<l^m
zQ{ysfZ#f||v!7?qfEn>O>z4&}=DyA&dX*|2)Ar|{{ZabdP*of!qj76aXr8mRK~HK?
zfz{ppI7SnR5JC3uE_2bsvY?6MGp+M^B~d(EcM9_YoG*1&99LdeW>rD2k^GABUfhKQ
zPbSP9^zYngKdJ^PkYO^aZgja4W;T>WGaCB2_I%#Mvuwe81}pK#R8MznF1j|+E*4Z^
zH-SbFG_mFBo`;%!LBZlE|GINaZcCaSd3B)JNv~gDZG5w0vE>5lj_Y<Wj9r&E1=?T=
zT4#|Ug$bE6R`=P=g<*1ZB_euZN+qSn&)%>Vz$FHC!$_Y2O!}O>|43|XNtpWLFz$@Y
zxg+(@s=w=E0t~$=xJ4)qTQXoA^Q!a`79HiYOYQCIROG^i<#16&8URLLN_&-B=SzB(
z;q<L_F~VTI;x+zl{fxPN2M2vW<8RONgq5{YWbHvKs|jO8KUZFkwr*k-y5r1XJbO{S
zfyl2A2hMd+#XZ&60;Tp?p+*3a<~rp7lcW^r)Ud5x(^(lnj3&rwy_VLZ(_|w2WAZ5#
zxb8vaI+wd9GV_NEa18W03v*tuR@^$yhqVIUVZA9usP2SSW^tz{yA!#c5%vu+yKQ-(
zx;(O+bpfn#Dy%vOz>{4A?YVx}`!i8Tevzg<NxWxxN80S$Fg1OyyXl5#?f-HkZiAvB
z8-mfIf?u5_0SVgc`Gbj-W>`w-Ruz<@mf~*p5NDI1>ZlE7OkAY}p%ZqaM+?SBX!6R%
zW$-!$6cr|M%Lxm%UdtU6u_mB{pA8uQWln^Ve1vn;N4hD|xEZjE^haeKfcH*CG$Bw!
zWj}L1&Q3vcwbX90hvO5h(?Ef7f}&boWn`$)%La|bS_c8}U^i$CV%+1LxHBiuS!V0w
z2^8mO9(xQf@#nD>xmJgtjVSF;vmriChRl|p0k;x@60I&PT{{E4<n^9TUXs1n`9%a0
zmT@Y%+CVrB^^geiKvk+I5O!YZ5_3OVl!WB-b47hRS=6_zTDf<~ePo^#zhSgD94EcF
zTQ%S<#?8y7-$Lg`_lXs5v=?_T1N0E5uJ5iAQ0u<yTW{r0;*93CrsI_`3IQ&Qcls{x
z<j%2$;2C4IMc`4JMVbUx7L@WF-fQ1`b%c$=;XK~hCrTY@vb~jzFV+aATdJ&<!UcW(
zFU!OvMIs`fI>Qn%zUK~cO#;+JuGV}L)y>ONG=aoVK8H01u2R<7408BpI9u+oYrRM9
ztN@op)QLecUs3`(;e&IP8ea-$89MI|<KlBN`W9Ox23O||6d}zCF&;YT4@$$U9a*{s
zN#LprP2c;0K|Ux%#$Z7VRp|qpp+BV9bA%0`!yWhavAW2&5lM-kmEhX4HsChN;<a=R
zdDImD!QCSw@&$2O-NuZd&*ebUg8j)aL$&q6sW|_cQdfh;Tdcdc!wTl0$WPFis<)i4
zD6doMJQ1IKPq`(QY^*oBI9<V?iDydQ2huuNy`W+`=$Pj^0iIplMm<?x>tFEs0qDia
zqUJ^DuZgYe93F&>?$7KFaoaPZ<ktoxD9H(l%xIshYe93|W$)9$`EvX>uTSgIA99c3
zo9_95L(e}bdhUDWlI|x1;x>yyL^&9p)nZ;Xk0HZPz7ej3>stx?jPU>{3)%8`xS&W>
zNB+L_7c;G(bH3$2&TqiEtiI5!qaV~a?!v^WC=~;;mxgLnOz3U)67-(Sez80gn}0wB
zrte_o1${<@MEdAWoFaI|LXLC=T@6`SLE2PQ;-OOF%c&$zedie|P2NZ|jGe#Y2-7b&
z{m-VF-7%f^HEMbRu&WEZ;|i$#idei=#>Mu!Gk7}R(1wCIaR7aTdBW;(X+RmiAyeA<
zfcoB_*A>Jk{*%<G-iys_CGM<tX*JTn0FbsE=~3nyk3@*57>Cnf{V3qIC!g1tWB<>7
zcpLKhXhU#+!n|)~(%1d?Rr5}JjKe~V)ck7y7tEzp5`1Y}BUDkrY8t*lxv8_#Z?#`E
z)DZf}q&zZ18p=t43~A-jAK4hseHEFRIeJd6!b}<aspNbzyP%;)zs~O4ysL<Tk_eF)
zaqMZ)=O3lVP!S7q3JbBkoD4>nZuDK|?9~9OL|IWqF|moioVf9^9)!}8x&G+|xM<By
z6MCkaq?C8@j!iei7n8V&On%AqY&vMP!20X?bA%`y895<bSy{=lvY)FCj@^lq_4j*;
z`Ao5~>1byY+qQ(90JzmDX1OJnU14Kyyrld3YW2tFGJ0`Pnc0VnrVbcv>Iq*{Ms9MH
z4jsG+CiS-=G5szu7KzwH11KQRn0fyLq(p;<oQje|msb1He}^Z!2f?T%E`@-Y3RqB&
znTFHbCsSc7yXf_HY`BaM54quMZ8W-c6>9gihN1ySXE%an9A*zbl~m@q#-`ab!Pk<u
zRcN--O;d`8mYl4$(uUId0?!QhndPd4nl-QM$2PPgXUxmv5x&tv+r&3zS~FLYg-5kA
z52@0**HCLtT4WDK;$Q0Hl7<j8v*ivkrFIv!!cFo4_ZUvC<?QNzVuy3WYR?-!IHXCt
zb$yJb4oJQ?hUdftwqH&SFwcc2`0EI@q>Y~Xhk#DW6i0oQIYA>+7JgV=S?_*Jd96#P
zM>J$Kz}mZKlcIYZGHZ1lbr4cPs?nre%9%0_3zRq%O~%ZZxQ-@=QBS6pQZi2d#|l*K
zMUpCoEXYDQXjSdEB?>cx{n?5>7T3hD)N^PqS}-2EirKRVVz;Hl;2S3fv)4m+WB9V5
z3>7fvQqL?z(h4p@97yF8V*M0AI&OCIdWlMLv;pnB%!gd~k$NM{7o6E{N8^avEEJM5
z38>dn+Z&H@7baOuK+6Xt`=fc%6mH!$Cvu70QYaV6xn@!UlZeai&?B|;G{5mB45Uh!
zj*N*nc3Hlfl<*-mB!B;Dfm0g8emyluPHtmZxF541Xrw<PW4h|MZ~wx0zo%FM;3T`j
zZBQ)$1|zC=Sg+`O<q^RiWq+o(Te<u`rifJ=>sa}d=fU~!vzKZ0-Y3d~PyQ65Y^(P`
zbv1X;>s1A;DzT^9+7E~PcJFCO*qmDgpAaz1;;nmm1d-$<hKnHBWh$NEj4P6;uwBCk
zS8E5M)5_KO2P+m{G(+jf&DH2iOM*j|Av0Kg76sNxulW4>&@ZYg49QDU5sL8lUPbD0
z4d)LDFZXm26?p(#qd~yFpM`QO*W2!50jq7Zn6RDP{!R1}_k!>J@+iWsH)mrx_rmTR
zXX7V(^d^}y&u0M$)B+XHY%>&^ixgFKDO|8<a9h=|EX|dL#Wl8Yj6;C~!U*sB`X@7R
z89=WSM3N+a|F*9~a8MmCEMhbLok<Y7V~XR@{#8)B%5=Dp9qV)@YT@!Tr{!MCaKP;i
zn<6>(W*c$Ac6*#2zWOFAiM$QT9+u5JMX(<-6(HRE&+ES55N<!E;idXC-Q@s}u1yxF
z&UVQvaL~cr5ju96zO?4V<vkbM;mJRpG#bRSJa^a{X-%oVnoRZF^AQZ)l!9=uE}UoE
zfS~9&Qw8t(QMdzya>thJGn3AJI{><Ou;p-Fm2-JA!EBI#=5~!&Z%4?V71?i_YK>)$
zlobF5Vhyv9DP0@I&v>eVn=B7rj#9<rvZsmf1GrrYc!`~N-&sjW*uQ1A#@@&#mvhlA
z_@l$C#d})<y4&bDdDTi&8^mf37yIH(2HCvGpfbN}!*)G2236KDUEXV7Ex0d)bs4$)
zVRfhLS5pn?GP~*|b!+LhCSa&Z^vS!Yr)q9Tq<98g?_-Ze+kpz6?qBSEF3;U}FTLt3
z4&uH@bzVqz{(ckD*9Mss{N3^S#T&*Vht4+axVx>?r2E^bs%>BPS$kIwnQCCnCelQy
zdSjR3-SIP9uw4Yan)0uBn{YCK1Tjo>JmQncZcpih>r8ZS>p1~$SlR_^qUMZy;rtDx
zPZzJWpp9S0q;chJUgUAKrs+F(N9Lc9gKJ5UktAMDd)GTmXe(!l<na5uotu@JLPmWz
zz5}OQ6hra8(RjY$gaz{PdRv*R9E=-N1%}&q{7Q*Q&E#_@BG=@7>p~_gV50yu75q=m
z7U0H8HQitx-UcliUkqCt*9PcQ;a5Gl%oq}Xxte%XUQCv0z;xdIk#SmN&UcrmTd9A?
zPAK^p>U#v)tdpJY)HJT{y7xoPUr%hEGUi8aiiU2Yocnh9tOWN(t~xx7hlHP<b65q6
z#x-SaVg=sgMBX^Lf7*Y<Oyy76B{l#Jkz2bhS4eVuk4Q%vXG%A)`2N6jujnz5yr#_t
zEhgF(g)EY(MO{7oJ~^IT==7o!<$ZaOMG<x{+g|a9X5TaAFS|^%GvznMzQR?Bn?P4_
z&}5xi3u@X<*_^+Gr3@(Fz1iF5`&QbF@?yJmXXdttRj5YYV$L<?BDvX*NHe4Q%@kDb
zw6&Ug`1ydJPML@{)!$|D8%{u*DF^Rf^<F-lnLgY8{&7>qdNX5Y(PK#MQS@|k5O5Mx
zNznWvG9q(uwRQJYKl1{n3UHwomkM54t;mwFXC&o@`CPa6csP)#-&i5^h0}d!hj9oO
zOzu`$tR2r;U>zwou7)r-q7WNS$9NMvS&n*RE(jE&?e$a7r3c65Npe_?uF3R6x(Wb}
zTR#`QKHp#B*5Bn!-diOluom1A3Sx=mgijsPDfL-AFpOdO4KFo>I(O@YyZ+&d#O=sT
z|EtRx_n0idlNu0__-ZFD=mM6Vu;MqYD?2!Q>W+RF*qS$hhp%Mdf!u6&I>D=)uDItY
z1<VnT18&byU)lV&Ms6`!>(bcQhf6f%6>9~yI($$n?F5E>9&K^6Y(X|tn}!_EV{A1E
zeA9liZ@W8={q9WKSBtk?%NvFY*@98;Cb!$OM#Vkgk?Y>JOFH8=SdW=H`U%MxwSQ&x
zYc7BFkUj}=VCZ%<cIxs)aQ|~c+oZ_*;!aWNZLgHFG8_J!gCrJ`(vUNy+&}!Itm@Y#
z!(>dqA*JR1pC!6?!9=hc@DhA)ie@+CVh^hU#b4(Y!T=)Ydtcq+GRqX_{Bg7n?>aku
zi3@yRp(|W2>k*xNI7IoS%+XA@xwgYZSY<vON5A=`bUR|Nt=gX!ZGPNrINjqohB<c*
zU9sM)0k9b*20TGX_l6IDDSn&X?4VXr?D6M>nZYE9rp=K!C8ve<%}VUi28)Ex4#rw$
zvZ6!kACG;C1YSov%_rVi!$&vY&4Z5pbeo#a{9P`xCOfrd%H`peTvgi-^w@e{g_<+X
zvq_Dn%)lxAk!BR?ItK{Ot@ZX6X76`3<FW<yBt~3grG^iZ{@TjB2iC@>fS+G)DVL^)
zcXxkHEOuTlXiY2T@BKcSU|LgeVoGY+<~p!FNF#FG%7F+p_&=&nyRRTGf_l0-gg#kt
z?GESIT63B#FEK#B92QD7;LHl%53RODpcHgYoGLRF$&0_M+2)GHh4n{qN`mx_tLP_B
z28iEQ^yLxNXD6V=?l1pz!-P)AjNKn2SwR~^*vQ-mP@ebKO>YJ_BgS%ovB&Qy*q7$e
z)FhVYt9FXCy<MhAhk<Y}{0k!DoNmfVUQT6`)gA*eIL+YqNfN`>2*wWY2FXd8yUhSG
zM07tlUH<!Zv5T!B1%~uLl%j-`L#E)ZNs=Z<w6@8F-Rcl_p+iCfd_<ZLwE?+v>uZ?f
zYPayJN@ED&^HzbY*xTRiCq)5k!$RS{+iw~TBmKc{$GC<1C&uh1A(8v08F25F?fiz$
zX0FsH0~s<w)xk#EykiPtI705nye%>xLth6yft;@NS57B$NzDn;6*XRnCYjL+PLqo#
zA{RHfm};s>b{2y~%VB^${ywAC!3)a<z%ZFtS^CuJCfq|QR>*5oQS)t;NdEg)M|@vN
z$DJ<_H-ZYHgYxvf4J#stg|N|;l+mbb+8?FliDO!3%ef$ws$;h0fLVJu?X9C;-x4*i
z0@d#v_Y}e;@xdz7B8Ac0*$QIN?ai{##`P4-pOD4c=`E;~hy5M9J7i)nian@w8Aai%
z7g|t{L^_AAlAUUxQ){s(Hf>_}_itoUlJ{An&y)g#T*VuM=@wD!BD;Bi-hEfMjk1Wb
zW&5JXfxX{#?`c7mKb>%jq^`91oDac|d5=TvUdaT6>J>ZT3w_aQih}~yym7=eg~ny5
zd`Web{y`|vZV#=AyZpZN4}RCr``cFY8qH|-P_4WP#=(0O+aEu+JDx+`D?UaoIg^O_
zdVemV-+a}CVC$RI=q)|DajJHvLLFu_GWr*H7tteu>VZX<w;4B1+Te>3u0<Pw6Sc^I
z@|MZ(-<aHlMC-v8@;Lf`*iGklyZQE)&XN7b{(FR(RqEAKvz{a>7=`7%XnC6^haH2B
zTQxT@I32H2%-<Tme5&%M`@ObuN9olmXx;TKUeA~1{M`tDj^6Bh@yWG&gaSvS-ud;)
zt*r*mBEY=;9Z<Edm|l>vciZZ0I>~oGhMP^iHP?0&!gXCuwE_*AOx+mUeOk*>vekIm
zA}*T0+%AHC_fi+W)}fr)j;I7STDiF<aXQF)w{+Rkwl^`a1L?!sttR^rHL9m^u;e1^
zUfunKp~qO<@DO90HrTZJ6YXiZD5E&ICY;heNjVb~NvX=wb*+bbhg;{c%O+q&T<5gI
zc)Me$7`lhoAVChw<zH+hyG5Ur1TYzHy}Ua;0r}kRIA;ksO7uN=(v~XB)^S?wIa>Nl
zIdf30Wn{h+I7%NgA5M1wJUB73R+G!dakzT4o}(I_E`Ld6cFk0DzqcLCfx<Q+i|rP#
z?OUh|?ZZ$Vbnh^zm5t<@LDDlEuzhzY|E)?1o)rOtN_p%-inpedTQylio(!bbcuUx%
z6DNYVC8p)1#-A`F69VGHt(fWGFP>Aa^*^eKk1ZVJ=svBAH7D(>SeQ@}GEJC(yA8&E
zC$yfYgm~DR>`X1)kGT<TRpEh&PT=|8AT=u)1@tbb_5$uCBb88la%V{w(HeH0(fAr-
zuJcf$Mlm^lJN)}~D-t=~8ksWk49Q>4qe@D{D(jOyc^rq>wrZo{L*R@=fh=^#>3nxW
zwg8PUJ!@lPHpxD-vMM%<#rXK3eO(Nb`X~ZwDixh`n)`vZ`VB}i`i3jD$>UEx2L<cj
zg@!NHK^X4w=PqRZ1NedU*&hj0N$sOJ8mqLM9#9Y>+Kxqhg0Z~6>^JfHTooME&V3o^
zz^$e&t9_-kCgp}1_ECj-_i&qHVG!PzMWT=~-R9fx>ZhMmtCMPzW;WQkQ=Xxy^kE$s
zmB&#I1fwx_W~q6ocysJHS*w*20<UNm?<GR95s@krCO1bgvw5ykVNfn-_LgfhWdq-w
z0E)GS<gfOBw$6k?dsb60DpV4#f}@~~j+M)1Q&u|qO9CpDp0*wZpm8{51@raehxN{A
z4CmtcR@=B4!G;QS#cB6p_8Yuly|2>EAim;BOS=8K4V2REN1pA|oyen_LhU_^LdUs+
zpQtY(4W|0sYg@Fp964i>xRX_0A_!0?H?JxXc$@+9A=*zbY#ooloP4TMYNc+nWZdf5
z^@5(n<<~ROdyAm;EiJdPi(*0j!%A>7Uk$P6F&BKOk|4##s>NJb<gQ7`X2Fq$jw8PZ
z(^zG9r%dd)%NAMtMlxeNoQrKPQR$z?5nAhdV`HTjE#fdN>7t39-KhMHQ;Bg545G_E
za^qS~Ch8gxs1$|zYN(VG{SI?6upFTV)6Lt7q05Jh-E525KqyXoZTX#62%$EBOq6H!
zu2T!gN%Ec4H&M_CGOSysGOHm=tc;k>T9B71-fVntgIPpYE;(nq&;aLH>;tzv3Q!)o
z!oR-o<3tzKi^}g#PveDX*2XGmaB`k-r9i5=AyaH#^$*8VL==th@-Fx7VwKRCksIW!
zAG=lX)HFy6!&+13oO~|70)9;c!Iez%sn<CV$&yh6jKB*Mju(uBJCta@ZxZoz!-6@D
z)EH{|71SpHZYvURg+J&$n7+hRanNbZ<f|zdY9@At^r^W97I?|(B5m*NZt=^%`+a-)
zbz&KqAM<25bQl;R+ekfO2w58u#-@CS*N3lCSr=pL9Mqc*i*o%cBHZdoT^)>OzsY!O
zjrL(!AM{7&M{DKx#;$FS{J>ot5qg~=gXP$ijsok6{FKW%(MDJN9Nzj1zsh4H{;%q|
zYzV*{8BsSE|JWfF{mCAR=Vu{4@Jpk|#nXyVh5F+rYZ)jm?(YE83pBJb7$T+$O=&l8
zmuAVhxb*3wtE>y@S5=I@H)Pw=qT_m-{5Z(?W5L+(&?8HQ!ax-Yg28@N(Eyw!bkUId
z1rmyF&AL+OlJB;;NW%r=nf|!N^Q`7;TpBXGy6>zkfZ>x{&s&wg;d{wEa8eDE^B~#-
z-wM@vsFo&+Z?`TFJyRV&bB50PbaT}ZQ70^CeC!9V_1IQrEyUGy{lkJ0t(4ddIlI!d
z3gD@fquu6)dO;8TEJq4d&qp=pt8Q8jFJ0Ec_GVa^+qEq7FZ`JmmO&HW@|@ITWFzOg
z9h_-4ins&`hs>{VQx}>W1uz@U)vh;hACrPaZg}bFa|MW3`x_>OeK)^ijFCuY&na2Y
zH0gVDbejo<O*qR-7k5oRpvJ}x-Q2kl@6?-31Mlm!4CCIAoNruF2TiYQqc?vM>a{1U
zUFPD_m8muRxb3!e*~*Lw2yBgg`Bn&vot&R$T3rR>dWmN&oXK;y6eO>1Mm3JM9yq+u
zUXcZ}6l{l(_Mfvp&QzPS-G1Rc+<)^=5b>8Ap4*dz3rS-<374!in-i0wF!05qSKOPW
znhxf#e7zD8cqZ>mX@fxrJ!jZkkk$pDElSiVC!=t5#U2gM*sqMPtfY0{2;9=AcUHfo
z9Hi+|2r0vb9WrB)kQEg#J~gy%B(v^H5f9u0LVIXVd)WkFt>Kpg{rxHLUU|`da1_;o
z1&B9?qHAOemKYTyMKPs6B#ij^qU1S=0jMPu-%jAZKy<rxw*GvZe+gM8B#8D{c!O7d
zA8G^J&7JE;!TA0rGnAXp_IIe9dTmYrGpQ%zbjTwSw8<=CloiQIAKLGS@mw3d4`1!y
zG!vw1A+Bi&hgNRYFE$<j63$z~2fuwB0v|FUZg8BzHW?o`h}@<P(vZjboad6=vj<EC
zu+W7Tq2u~ukTXu5RJ~9-mPEN>6^uA^y8eL7ceR-sxUGf*cVZ=(Rj$PzC#n^GIAd0X
z7gc&QY_u;hfylt>lowC{r<C)T$~=4B`lk=bP7DGPiRI|LP4HmZ?V$L)g<=b`CiFfa
z09(>=(#j==UUiTwO`zg+Lz_V0s~~(VX_}9#h!vIEmj}mu#8~g52SQi%ED^Q{Ek05E
zz?a%cQ5EX&L92g=?5$4$w)C)NdKV}^mno*ww?GZ{BQcr9sHhNpE0DUT;ijIF=>iPG
z4J}Lubqb#lqrPb-(QAt5IJ0%gWSh00PYN+yHyf+QW;5(aTEo^i;}31UoYCnBKzt;e
z*vY>VO~q3m^@oH?L7kWwGP!cb_|w%SO8dRAI<63%gj=Ml7zLvQcPj^fHyxhn57N*V
zN{C0n6Izyxeia@N-fvuGjXk=FEA6T70rzls^8KC6H-yKd%RiAVDtDENw}B7PggJkB
zJ^Fm=OXrhhSY5I=Ga(tQsn!fCp6%+h8gL5*Rj{ygFPE>wY2^}CODCrmm2=Ozc{3(W
zV6kUe5(jLNYXO2ShBFyfb&19;Xa93Z9X-VSxuYU-7mt>_xmfdv3jk#<7^ChsJ*=$m
z#}!YC<o>RsvH|gXJ2KfzycB%-vNtlsv_bprq)o3GziH+#b<QkP2(aIn!&aqyPI+pt
zw73@8-T^6e`Dyfc;A-(KcH^*YZ8s#OitEgH2&~pQmVX>-m$QF$|CWWLhZ+loP3HtP
z(v<OsBlW5OF$QX50%Je2Q3hcdrdbXj<E_up$;C%KgHS;{vBS^?jG1JfBDqDB<5;Xd
z>F7BGZS=evl3_Y;L#Znta=9saTPX|)eLn0Q`ac2qq7beq9yiyA)LQ@N=0R&}+XxdK
zv*>1D;YKfk0`?U}t*~yft1&u*IsU}PXMzoI!lE&1ZPs&ng))6S#&=6K@=a43sj?J7
zwG0zzS~Ue;R0UfZez4UUONp=_e(qPajpN*&%xGqqZp&HJ1nz;xh3T)mGq^buzkSx>
zb{~`&o5*`Sr(9%V<c%Db<-(&8WX}`JAlA=}fv$Eac#2$T>4+;uWA|}!$@71kq*Oca
zzu6;j#6<*>Te~8L^M7;g0|&mNy#x-^G@B|dH64Wpj_VNx03#)D?BDAsvk!`jqoxkW
z4`b>2`lk6MrhO7m3`X;|#p~b?kFMo)mv!qyXaUL8jiP|!Xps;DBqZlNBl+Ud3lAeq
zcse$PN}9rYX!13zBh)i1vZ(RQxTznnc$71-35ik*inUhT%AJ+$$}<CJ_3eSg&sAa)
z*u)9{J^UTNpx<XAEWZoipZdH=sf(dm2z4sUGZkvoTXtDZ<fSi{d$=~Eo#YBeIkqKn
zIjvUfKNsIPtJe38ZqCjHNcvM(`5P)E;i%LVyu))2*QwhC9eIOsDV*6^dG)1fOqhPy
zGWp@`Ys9@HA8~rcrF#BoV}g-TWVt87XS)~?SMx~7Y8BYSRG?x$&~kQpo|w1YdB@XY
zkQv(N5WE;VfNoY##&@s~h4>62>&sk+0l~H(n;kI~70(|6C?FnddjphWw}R7L%hC2L
z*%AsW2W~yDp|-1L-FMeArR)Yh9g_~$)`PsA0Z*TcWtUZt68`(pp<6)HF^Ackp8zyJ
zV?V@o$H&OVPWAx42WFmIL!|<ogqV7%;Y~g-2ScSWR%272>AGD)sZ@dS=$9?7T%rjK
zGmOa&Cu%bbc#2m%Lt@+CAFEmjzox3FhY%L5Pkg7$(Ru9|4U-HQ7+kfzW5ph^V%*-N
zY2y;iX)}JxK&^H^Sm6#KT1}~~Uhn%(d6dPy!^##YisyKf(jk~fps7^dTJyO{Tpf$1
z-;NX0ofpz@*im!WJ5>DGMrkj6TNrV^FUNO85>ZDVhm8p|_d`P4YgXysVz*e&?&E7S
zLr>7-`<o|r^-9&C(b2u`=&TDpW0PeKAlzHjRh#9vSo2FTid$54B5JGo(k3=`^jgzX
zzCW+1VzjZPD=+wtGL`qY`nIdH`~00jUuGZ<1P)HO7QzY#ei#{__dCJm>&ZvX4&giR
zSQ=WK!9eGvGL;HYD<4k=5=w*+3=r#nTW>n2i1XUfWMnIETj<T<9z_0+y{v-;#qoss
z<LpIe>Ze{^R|!D&1ve|M<z@xfptE#C!-tmz<N325e<mMNY7Tu5zTic+2!&n8^XcLE
z<!S-D@!F!HJz3^CE<L{DHo`C_FJ)M+tu|!$bZva(#dkt0I$FlWJ5<!smNTY`1%)^t
z`*F*l=k~3|9}bJeG~K?m<A)&V2>(5dq|}AhTxEOrbuA}5rZH%nEa)030)=8|m=@PY
z!_o@p*whLONbN0!p_(WjU%jsXPVP`DG{ig~i^5n38M_c1^OD2*XpJHuL@Tq33Ao~5
zBg?0igLF2Lcg%S^#WScbbH9xsF^_nAdahm))-tZDY(RUHz~@Ev0knhI0G_|;=hN-8
z`3*DUD1YKt(&n@rh4=6&;?(-jQKWwr*o{5yvd!{&At<aP9qsT%`sfSoZOIuO>m=;y
zc-1=d^Ue+A;!GlN;(9Ghj&x+oKb7`9iaN6FKy}@q>=k|bf;rpo^1Ab+?DD$zvad?Q
zf?rAbIm?_`zMR>+hINwkzj%v&XaXoW+Cteoc02RB&F?yGaw3y2Fz_{rn^Tq6qe`#O
zqgZK+8u{o?JNeEE2H~j`qBFCdDyBT}W#4ySdnYG(OEVcL5;t#DAYGFPd?PuX$iR|(
zEF_vwIpDBnh;`C!eHU;1nsuU<YeoHIYanh3f7ABhd%)Sn_1Ut__cEfV3p63&-d}dO
zbOH=HUNBzU-)(|Opw3@mL4kRTHNf69xcI$F2H$b)f1fIzwP&K#Yj{sT<GwJy(q0vv
zA!*nPFT{@bzc3vPG$-?Rc-exD9-x+(^c9to)5>KY<v6!BvI-M)In-Mx-`$Y<+XG#t
z#$)QOXhv~3Nhq3P*3BVo%#S_3vlG?FAo=6fcuUnLpG}IAPk8E7NZ44=mFce987P%g
zT<$3@^0%exo0&gn))Sf5S-iUyz6ASzzY9nM3K{j-`ga<?g@6eaM{w&*RvOr{guY6`
z{rO;<^n*`L1j(~$62t|d*_)>lmooyRr)2^o$%jC4_-q>|62OLg(<v4hP=Hp}840Pl
zW|e=r8i`#fQ^fb8WPI3d(qtxNr}JjpZOv6k!8u)xHoXYt>&dB*2u^o?x4RcFU;vOF
zaQ#wA!ms3XG`D&MW+8cJH7D06Wd({O^}Ha^>bhh0*9z(dK54##Q|8%bkxt5vGU8NH
zj3Tup4J4<?n+pm7T~P-Fj+LKOQP>vFg$G3Uu6nz!5W}_wsub$qfAr!LB-zTjG1pl?
zc-75Y0JFC~KVIcc1Y~@f&z6LAL85NIL_;|nWM?ir<Aj2y`HV7~gM*R)Q8>ch(+sSK
z^6{2OG{P0k379;YP5Zo7)s*j#uHVvjTN^0x?wjsqH0U0BrsU0qlxE#HzH`Hzs6~C{
zq1Fe1JN;oZmbnmKEY9WP7XGl9KVG?5n;#1fuqQ!Hu8YyJgJ^VHibe(Cxpu~D@kZ}W
zkrCBYGx&&r%Ojbl`6P2@qbGIv%-{G&wY*u{kpP2Vfdqz_1Ua%w?1^~1$E79|l6w6@
zhiXV)YSf!bxVOww<-9(LrYTaF7*7eP%<Ks7J({EwXTe!cib>X`px<sR^9BwEh*_a1
z&7XWTEY4^n1onTOPtNaJCa{)_K+&h{w`lohNJm^#tur30(y>4F?Lxs4YdM$0P2c0q
zj6rYgoYG=5Q1S=%iX=dJQPa$%sqKT!N=}Y*TRho@Xz)M10E?JZ*7Jv!$8RxHsBJ-H
z>F<|0n33llE$?&RA5&+_%fXa8CHoBM`E6uXuSmKLy1(p*;%I&$i#ZBccg7V>XSZ<I
zB}H5wo@*6g(=y=Bx~B3(%3#+S0;dYrIw)~}SG6tU&20atCWK<CZr&s$EL7sex9>6M
z!;e-C7J-D=DTS_W2CXaV^w#`k^Bd|OP9zcIb_1s#TW;+x!rg`=zq6)ODo*{rNUrjP
zswQYgW4Uj>OnOuFjc^aQBe?VeXDjD+?}5DLyF7qQUHxJk(i+}z+M14&py}F{D|Gy)
z$Z_P@3q{aaJUsoNu9a?!*=9Y~N>`zn7;CpX>J(gR+BK|@IC$c=nW*sHa?+jD!&IL@
zwf1Y|fMNjr9UutIwX`!pNJONdwRif;VqmL&*`?i})j-uj-WZEq=OnQmw$W&gSXnJ3
zV&p>}<a-V=Sm+{+Np><Y-Rv*r|9%!N<>8op+a*klAj@xh&M(MasZY2?NB3dKX`nXe
zbW=_HmX7sJBx+vd<s&&qA&q$UdHJVyBR5R%6@hr7<W2cyYn?oL;@rssD*v<&IqYIx
zKZ?^@F4`>~o8?j@$A&^g*5_g}V>IHqR(D~XIhkf9{mq_4Vvl`PnqavCb!#_rMJhsV
zrehaKxjSw)@H;Y$7ikGD{-C{@nTd**Km6+`Xp-8QO!{cdr<ZQacIik1e!k3VlSL+D
zC^g=G8Qxs(fV%2M4O#W&@5&LR5m|{CeXXF_*PJVALGQ?`>Mf>-f8XR@(zx?;-9RmA
z4BboFH$p!DPSWZ%5g0cx2$ymO3;!AoJzE~cKto$39O!@ZhPO2m*NAfT=jv-@)sH(p
zd|_!s6Weo7fJ8x-tkbZE<j?C{-6TRQ7mebO7um?TT#u<qS#5Tl-QZI)!k_^F(M0~x
z*bZ9aGH|$7$9Ad`b65*kR3KoYo_z<DHSyf{Z@F0ZWVx3A6Pz9|alb1+U8y8^NzUME
zvKe%LMyy|ck!KUb_&qr3@RCLB`xGu@@&VP_juq9*SvjpOLBSc&zeJ0>dqHFpd7kcI
zu@%Hv*Zp&M!IOl8C%dsMuqEK9R^W)}OuD84SW-$~dCVj@JC;SPXTvqJLC~eYc)A*d
z@KV}76X=7IL!@HfD-yP{+jX!)fBVYZS->nM$93WxRsXS3zo<D=gICZFMpBY(c6j13
za^L@A@2wi@3bL)y1b5rG2Mxj9AwX~okl^m_?(XjH65QS0-Q713++`!*?(Wm)bl=}_
z>t#KyTD5A<s+uz9C~PsQ2nXDirP1V8r8G7V=#Wn8Z$A1M2rqxiN_&q`Gj-Dem8?IQ
zaCzRlhDrIzU`jUq%%Eb7H8d<|8_s+_KXag37{?g&&22tKcYo@kIKKa>@jL1$^)fS1
zTztndBh@JB7qq-5O6%rqOQy9<ePmhL4*VKOsU9O^(VyX*7u`!2-KLX0XmW6o@X}<O
zE#TLs_K*+tgn^C1eJ$Wqp6<@^^*aOkglq*bQivWJ5_EU7XZyd`^#W>%vdnS~U_RH^
zF9kSL`}otEN7Ikd)L*an0*RXAOWXhyCx;KM_w9^^roGB155sR!`rT7=%ybNj=~?~v
z-8NHh<fsb22}li9?Zkd0WX4N*20{n0xog@Ja1$}+O#sOFID#fzd9!$(j;hj0r&49+
zq6^b`02wT=#UaO@z4QxEl|Lwp<Ki#^=3ypZA`d<qj|czcv+(($1uqKykb$5X4Wp)0
zfXB|9MLzbq?L5%2Wlz$Ei;yR$rN_1ii0insW9;CPu#A<Bgsh>Q-4BON+jx|tOU7l%
zpx9@szzst_Vck<sf9wdHyTON`QYEt9i&vBgk9ggkB}e95%?h@CKTNR|NrNq?jX!8`
z#K=D#`?&@nU_E#cH}kl*T7WtqC@xIE#LHFD=Dc_j167DoMDe2TJ_Kjsdf)E0;T$Q$
z#$AsVQV;8*I`5z|cK6<IkzV|v!2cnn>S$u^w&w&x@}P^4vNw+(i@zSuOU$UNYKO%|
zE;%VNs6HEKouYzK7ZjI`1M}Upze>|ioVYU>OM$2c4LwKZF7HGJ`T0ttFEmt=nhF6a
zBJ1hwA+m!#L|de)sA5Tcq+!QaJU%v4N`K-*tXB-38#$TD-d%f&|1m}J`HGg#^Ahj9
z#sR>&;YuFR#`fh44^qheDOwsH!p{AIqE=VV@0`lvxi<dI^&@l?+^Qe$nrz{Dx63zU
zXUlHK3e=CAUdTlC`*z%xs`O|GL2$0+G+T|CoH_2%*X6GbxK6ApsHQ)>WZ2j&t?hYH
zcISiuZU_4@&mcs#fsYfOHg?HguR<l|ug3*thKv!^onx#d^yG8}%%d94#O-tuNiD|w
z$J@v3+G@NZ%r>49^Ma9ulKzP0gMZeW*^4UDZV(vdS47PB*_<zVvO0bu&dP#p2Sqnk
zuP0o$+-~gRGap&X#0|h9<q9X*K;0f`StFVZ9NB}nK?O~RVNtdS!Jx=r;$)k_+ER}+
z<<E{Ur+m+km>1or`Zs{STD3}C<5=Hq>BBr>FtFKWOZzNe5<oqULRcSSThhGO2lnG{
zi>6thgQ!O$n;dSR&n3bg_3G7nk<byIN-G%*rq@<GSPT4btBAyoGM@|}T7&81JCwDK
zS6*~HnQT4-Q0Ys)vIM{5+)>e<Ej$*}lSO5VRGU1doIXucPdjw44?#8~7yMS{WAM;w
zrkg+$uwke4KvC3d88OWiP1GZA5+VrJ6!4#ZzarUke>cM*zdWoHfTsAtRjZEFh0wA5
zE3wAtgpI1A(rD+(;v~_jE+$pz8wyt4T|`!)^VxT0VG4$JtbTo6n1Cm9X|;zzP3PYW
z7@MW+$a{aYQNdcYkc?w@Pnl!?*v{(qe9{fDc&3NcFu~YuSd7}Y2!?y&`$f1l9ge4@
z+CdwjfQm$Us&U#3$jFp3{DIrGNUK_3ompW@?d<OgNyQMdf85ekwPMIZM&8q$erWMv
zr>)Gk>kQ`#iOVoNtqik@og~}+CE&?%N)ZgPMa`a&-rKc!nIUC>XrJ_rmF&?G8J+s=
zc{SaAEm@mD=)$($Sr@Qnj({U;VDdwnhfRu{Wg=`*znApK%w>_|tv%3kO}4W9OQl16
zty<#6|AL~n-$E6BAzM~S#N+>ncbp*g73V4#G5>Xyg=4X;>OUCF%Mlb@OO5|A-Gd${
zVLd-!<CVTlaj`;!OuK7$axh#(a+@{ymyCfuqh$eLGYO9$%K9x#Y%-zi&CL;ia=q9K
z#9E%U(jYeAePmFh>oOc0M<6mpQ}up~akg7{03`Mi#8=*^EoBRPdl+Ij_poHBAN)&7
z)%uxvbeLQB0oOjmr}-`?Vj$C)0_X{v51bIAF!bIJ_#-ypWw8(OD<yHSRy<*z4y#>n
zuX1fT^0Bz4=ntHQCjj5sO!RMD{S*^j3mIT^>f^x<8=YH?!v!LXu`8>jU*GkiRVA&{
zln|96Yl`;S>cmb?McrsfpBafs)-%MV-hNddyK+rJ!A<GHvyw(DhGA67aEp7x{_*^*
z(mk4ngnu&1!i3fIN#dnpf=Xac%F2nGH)VRKAC;>1)mJFt)@NMA1*t^gOrHPvB*st`
zUfyQ(>eO2AZK<0@Z|`=a$p|k+TOi&+y%^n?{VO<QvTCqx^x`f^534gqI?eLlYD6v9
zPSk}rz*6ypqFH|>iahmp#wYb=OeB$Lt#1U;BQ^t9=#M4IxFEr}IHL2+Ri8#n$E#q4
z>*dPEn38!HYuJ{`M(_P8%JuYUg4;pUq$jg06wbYwq`EMhvOFcMbEV$Plih@xo$s;3
zdk;JIKIS-@MyQ3eK=VdzIFWqUWTMa3c=G)%p3@0*!<gK_Nx7lTF4<7jTjD)s98${(
zHb!!V-XgP~4%1m&1A!-fw_0PA$#&L|^y9|B9$pHQ{ZE`aC4*WJKcT?Sk<8NlG!75?
zci{5eqq*FSHe&56wBzMWP*?#qt8ogfOTj5uwFb7}U(5Ox$#2KgL@rx$*E%}-YZ^Yg
z!Go-L?$3jcqw@Vme!8;g1Su1GuLG40EjQN0Ewm9|d-kMqZ$+0K`d_j-uHFf=U$ws6
zGPL<ecr=sq(m=586uBND0A*4K4hA(sFFhdNf^($yWju{Ep6}AuQ}Im)q5B#0UB>D3
z$+KKhE=}GtuRHE{={ji6TP}u#4uVL$LVNI1`hz&P28*pwuO2!$TP$u7fG8xRty%;L
zXcrLjH0#UsdSg%5bZZDi3~e#x(Q4g7`f{`g_{Q}+^=2JcmVgO#Er|x@nkv5Z2#_Ng
zdlf^`w!}n{Mnte@-43gO=dK#dBs!aXgJMHfW<>;OhKKzkg!dr}9vfC|lVNvBf%YpN
zfAY2b_GlGlK&$798{1^)z}>HUlYTw{w-11_GUwi3!N|Rx-tPM5xgI@Gn?V-dAEQ&8
z4`37L<6Id?mw~4nQB9JW>n-VQyD9Se!z)HD=<`}kTbNKKM(wx%+XOD(LVK!5!hY49
z^{b?+VTkp25R#pLMybf|_1Fj2R#OE}i7@Qle4hMkWSkkAS&3x18|H{>&pORvH7I`B
zF+DM8v07)qZ6G$iTdA(2C27(hy?#!`!<?3Q2W;SLMzy+$@4_l%rgLWD)gCgKrkFcu
zY));p<j)cC;jC6!LSyNzX$=jNCo2#V=nvMJLN0(&h{Y4}s*=}L?K52geIxc-lU?f`
zX7ZSo()N0Cc;7|zUlen7#8{0=pFb+2ZGC%j#_Vc<Dc6g|$8nKy&Kbm$4w3dAHuwx%
zu$?(jR$6@pLe=SEqvPt|ADOTgPC@rM0P1C}JWsWo<lhIDxa<@UXMZWW7IZVYNueXY
z<)r#(uOb9*L}V;f*@+X5>L@M#dMc<CjB{>d`_t-K%#QdE;_t+1BM~1jiCCx9*C`s?
z!#3%vXL<ughOt@e$ppk5e$s7)tX}6~`8qI7e}*DEj^Otk?A^RJ=$0m4ak@W_-5~PX
zZfVI_q6;J0>e{vXpbLWMc<5gOk76kKf}%Iq<5(|PyXeCAIzB_1p+D~ThhtlC$--<*
z02E3OIt7xsrI&Aq3UY3RD^qgKc5K_jWG6_;n*oyqCD%^+wSK&f^xbYdH1VuD`vH=-
zs>~PM#+?e%Jy89?0U|7McXcZI>CVWAYC@sgM5R(M>zzm$%5JOAI#X)X9`aMWSn{8c
zAj`=!TLv(1)KPbfGpvnPxLX6&x&-=y2Zf}{dpF)>FwLspGOis|nBEUTt{^;;FG!Zo
z)CzVqg(gPxxA6`wuP*|G)r`6P1?0<Gg5h3CHcY4c-FEk>q{=2-+~gM}D$OW5(+2WK
z8>iJrb8ktJ8TZVOn*1>He<^58pyVI_ik&K*n?4obscO>PwI3>MT+_U6r><6L@&yaZ
zdSv~CqeJ1elf*k<2Z#Suwg+Y|w8aE%zD!(@(g07Vyn`3z%=?=#3yBTi8dOqQf!q+q
zVS2RyVj^)VV`33+4=^!Vo9_nh@HAV~|ME;_q8RiCBO9Cloqi~m>JrZ_4#Z>BnrxJ3
z>`7QjDG?JKWbd^1apl`_FNhDS7Mu{7jxjjQw)gx}!(AY0vlgDs56iTdK7O1GP)hNl
zCNp90X97D3J&M~>J}_^DTit1k<H|Mq<JMy+D!ZJrNaYd7D^M&1>;<{Gcy1@xEtb^g
z?UFqzquKZ4stvAK84pQ&$f>GXafS!%1tLds2PQ)RW5M3nE&HX(kHAOc-}4>=L5?;_
z-g_vFTNuexsRJg`E;9%I7Tn!dR8uxTAl@1eE3$dg<vD)L)_$P9G){8?vv)Q-Q#pqw
z3)Ysx<2WC`ytS-j^*Oi-THs6@yq8U4s<<+rG3?D}%+zYQtZ~Q<VXgFoP`3v8KT@SW
zQjV_f{y6_2If5~SF<)sm!@I?%Gq}xG?D!HYGg2(OtnElQLe>Y~di)>V9;F$HKwiz0
z+7EPDy#s0EwvM<{M*KJO9VFe_<U&5kAWr)I2<Y){0pbU^cvgF})mnb&D3&niRXJKF
zqhN?%*j7fP9nW++-5CfvX#H5S&h<-<mveEM2Vbw=udYAAL3bveY4)ewV%NJL37LBe
z(Q$CXOQsz(+la3Nqe4-eKXz0*{X{JAK%>7naMn+__jufaV*1>@V!;sF2!cKVs3|H5
z>lPF#E__WGQk%i)Ph}BbHEUCY#+T}<3o*LQ28jUT#swS=mowpFG|YsTY%GwAXN;PY
z9YH#EPA>3^-T<(()6zh=)^PEC9GEuH=KVvi4zEu`ZD8mSQMJP!(nHDuE)_d-_xga%
zO!BDed{i<VTp9_>rK%*g`<GFz#gV8TC3znek85+b@Q|ZOHpH22QmXHb|44mAXYj%a
zF_qhcn^(%bMwDtMAJm$;UInjEWn(xR{F->KJ$%G!Qg1B|&dX7x(YLYgY&aYKXsz+w
z=C+0@U8~Q0+<rl_an}fr#Qi=5Z*br}_E-%}@bT{R>xf3;?<PS8MDwpt<i^}|W~g%c
z5RW$#7B1lo5EDy-|M%{AHg4kp&OgN1LFI$ssevjQw4K#&!{gbgnDDblWcHzvPPHWz
zc|9UJvs`b$<Y1;w$z_dmlypvQ+WY9==+}cl%%@6m;m@eBh&VTcFBlUwm}`!vvT}+)
zI;W^WO{7Mk<{G<xj)xRw61-)u%mJ8IHnUV&{Xj?&A)Pp#Aa{bNB$7!w?MYUb?V*B8
zq63#p?+N~Z41j`sxoX77Xt~-w35<@rV20JX+eN{Ly`;gS_Wy8XfMYR=rAO`q`VMhx
z6`cL)Z*%m|wG{(}9C;4r2|8_H=z;yW2{cNO^UoF|BEOX_wz0^*yxi)MRmKC8@xMic
zf2ycD>@@5Zr?M{s{|!^H|C?AwNk(=f$Z$-rzqoPYSz8!?mrZ1rjUBPqMP|Ya&>8(k
z6|FOoH^zj2e=2323h}?3MBT;+|A?c%eoK2Yms)LfBPd$*o&d;T-6Yj}Kd5T^xX@|z
z-{3iWquTHH%Ug74qCe9>f90)-AZkb5g%6DOvC0rKmug};pG<M}ndPZK_HY<<s|@4Y
zT><`ka5omYivQr_>Xs4$OL^zKyJMm&vdZydDGmktxlpXVMzu#pX{xL5aN_yZq1fvQ
zMX7o9#QuIV@_0F1HKnhM>|TXlL%=77vjiJsy@Mdj!!h@_9M!BfL8?%h)MKsNV#-9i
zKpLuGdXKR*fpzP?G7NB7cd_W-d~P@8#XVrMr;+M-ze)2V;Ew(K?JnI=%s5rG5RV-?
z3X%-O7QWPjwZUz4Kw$nY?tA<C(|Kdc&)9rRow%3D@byEJdH<Ma``2G{_`uk#Oy70A
z&;AR_gkaS0q~)rLv|{h~i`K(OO&2|le8O+H|IQuWSeRI@)bz^8%Dxq?gJo)h{;zFT
zUtx9TWt`%;+;}^gy+W-vbCuPY$>)&AnYe-i7sA99bF_8xc<I#h<?*jfId+s}m@^Ie
z&%!N41rJw24TR;on+V2KW)F^Wj*G&Uz6iaQPzedLb~W*rd%>8k&Gm$wEaAfOVicl(
z&;17^CYX&iPN}%(a<!jLB=A+Bth~JR-t`(*#7PGi+tL|U?*fi&L#_flDCox&RWaVc
zWoc1a8-6w8ccx#QYt?#<`YtVSs4=7yX5uML{}W6a`9Mi>2h)Z=W3eJ3Du+aT4T<=p
z)5c6@KZF~MC9Vo(r-$C{sPykLyTa_BWy${zL;dqPq9*6}f7D?AWWcJ={6CHS*Vs+C
zp~1XI|JkPO|Ea0}(N*T*KmP7N8}~TP{}$!`s~`JhrT-7J*8yG0KNR9W+W$YG|0QSo
z=Y${7fwv4q_~!u36xdY-yn`B&SKmo}G=T9J>NPR_7U&2&swIkltJuGu+fM3!I;@!a
zg#*KxlZ_K=Cq~zKq`Vfgp1%G1vFHXxN^KDi_-)4thoqxLPzL`gGW0msb8%R2k$1Ep
zjdI-1j^Gmz1R<O!$U|quP{YjkJfu9ec7EJVc0+S}NVc4d_MY{5nF14T2Yf6MHo32f
z{dZpmZ-08K@!)FR3@A~3)Fvz9(Yh`(mIC(>1PxS_?Q^LHa@xh`zAf1!_${Knui=-K
z@k7OU8|yl>*tUZUB<XQYD5NyTfzw-tcaEs!-Y)c6b^6mXM3(>kk(`y7P^<JrqB6a^
zI(&f-zue2&B;1|rkS9+ib{ae9_YHwa!xFpr-feRPlkVPv$FAO~P`FGEM6gZjscbPt
z;D#5_)=0`dX9vULDDsPFtv6Vh1Z!&tRi5F$CRI^B^Ch>v>r?&G5=%Wr=n)0gw2UqD
z*J;UU$X7qK{bl9)+^?a6jyL5<uH{^qkwx>qdYTTCzat6PG8`{?-tPwrUM+^yzj>C_
zF#Y%Vb<&iko+<?n4E|aR!oCXfS;<Lpxjcp)b>O1Pd;J_Z)=x;cC&{tAp5+}4@3%v6
zYYU4yW<OwIuug&s{Daq&IP23DB2P8FpKmQ2CWSKJ((zxzz7agZgzOe_PJCL?#v;3l
zl1J`&1%4op$l2ePY{6?L>al<#z5$gNWzpGWmCqg(F>TTJxmN9`w~czUHe%(@5mK3q
z7-7rJO$iBfr^lXU(l}BkMUw&vXEE;x$3)-M<8Yk~Strr5!viX`nX=3rR1|)l^y97j
zW~XS5y3vz&)uSZn%EFJA_)H97CEekAL-XGNa$iVkfwCq`{)>cv?f}U%vDpD3bIr0a
zRpbH4A)bq8n^%+x)N&?oe)yTAQ74<_h?ZIX#^T~)+8Y5BIH|_5>G4^f+zu@DDVBK~
zCghd5up*3nDMOOG!$j>|n0NKwa}F}A8?o>G_;n^gHel6S*m9C^$t}a~tF>%slg1~2
z&%KcHbk5Wrx5bKzb_6*`h(j>a;l`3$%Q^O+wce+Xj_Im9fjep1quXiY8fTr@%qkqF
zo7btp6dOZeA&qCPH;I@qD@+Wo*fNzQSLIOLCSI=RBfdZeTaswT!!CQi>6!(a$dr}1
z`9Rv&?th<r|B?#zKBhE($coPS(G{mTpLlyETX-FY9mUw=@0rJsd&z@6q=dBFa5qOY
zWQ*?f;lQ#wG?0ib4|KXLs{|=-4>or2JVv48u;-TND?9K4AvSwC*7Xv5i|CD_T4vRE
zxWdBY-VZC%4JbhDsz<27Kg(vh7ON_?>Q)o~^Ee~VA|bXp(y4yvDyF+zB#u03;=q(J
z4}rr|Ao=Ly65t%NH##X@U_ALF8w9$QQS-qCFhMR_W`h_|H{YO0==pybieb-Y(|caU
zl(_Bckg(VcI+sB>o&MqeH4?a-b8va-9mdHM022mNF6fm+o&Anl9`Uw~P)uT__O++0
zu^vzGL21bAl|u>9tI&u-p-T^@;Nt;`gn|D%98-XI)3jT{(K~;3<rXgf5ob@k6E-8?
zE2h$N3L4z!E{vtAoZi4%o9iKs90l_j^0D@;7#-Kx?#_1<n;7q;)pcYRg24Kt2p6}r
zU7z~1?^s^|OaX~DY5fuMeB&U8X7so?@v{2VlWP7xo$buQ_p%;4_5Y#(Cld@(ns{Qr
z4k2}=ATz7i;3^?ahD~2{bJ1qDv3vw1pbZfn4Y1P98xD2ozqjQlBX3>OQJU_t$KWjS
zap(D_#M75QSzc4=-|!~jpAX^56fEES0E4I8213@aG4DxV;&{`zjZoG>I5PukL;1{%
zw?pv=Q|<TYRp+a*a3x8()6z4<e*F(l<g)YQRbaU9exn^OzxZ{A1<Wi{Z_w@|M%H|E
z1~E9lkzly-@CmeLa&zGIp})0(d}qFer7{Xb)yW$iAL-5KI(?5>*v8BkqQ-m6|9*3|
zR=vDiuDfY+$?UC#$tm#qsS|&2m&szKO_xw!fHz5A;8LhS54t5LgF{2wZV($~UCjQ7
zq&@zOjeDV;#^-JGb|Ssazc*`MqKA~OmVSAIH!*qD><1U}SeuFcbk@f~0d!F2G957i
z8baVocX_;m{9AJGIZMrNoOt)koTnp;Y6bVfO+Lr{)<V(LyQvp~kINvM2`wM!b0xBx
zXJ?k(Z5t)r^$5ZDUC;F5L0$O7+Sj+?=hKzP=X@1d25an?^9Av^|D;3*8&8hmemamL
zi+>P-L8NFb+&}Shsi=Yl?>OLNs=ibzu!#`hPGqV~=%_5zj5=f%tsrX-(ImT7tqk9|
z<?OByg_U?R{sY<>ArjScUCdDUBLrY=Cbulm_=}LiczKHqg?L4@2p-GGgQh(A`#Fq2
zMs2|HL$kwSE4_sM`e`x&5cp1S`fn_NK%GCipU(XBdy<kW+d26IC;o&Mr;eDAI+rq}
z?T>`b4oJzx--+1g1~#KY4;S>q^3X<ulnXBqt_V0R4kb|xA2v`~w-~2DL>Hx*Mn?WM
z&ykz9q@B{O{=Kx@uX#9)9xAoEKAT%tiBEPgs5Mso&SMbJo{JMU^>K;m;@y7yBVnk+
zJrwNK{6y(csWlF;McNYftCBYJ8Bc3cV^R+as+v->T^MxUB%p`n9d_BiPZb>cJa_pf
zr<UN*B`*5p$;_9eS_{oP{F#KaLfkW$gXR+n;}uV5BCbd?W5rG<y!z#f!L6y`Y~*no
zhKltn^&CW>dkkeOS`&$RuAjaC;x7K5!z?amg9gUCvQT^_%)u=W1}>d$^;fSKb^tYq
z()RILA@wt3!V%8(aUDL#OLRRPWWGT~p@uv&MT-qGU|V1UXIE~+uGEnIY~ZqrP^vq+
zwIzy_63jtr)Q6dDy&+=NBi$${F&o_Zi<&4mA4YhwedXYOw$SP`{1m{(IoFl@!^@61
zqyTht?6o{6z`AG3e->LEPd{$Ltaro5aam4*SytHAmfi=MWT=v?pkc7L-kpVDK`3iK
zS3|t{9kLzlm=6?^e{f!dP-?tnX+rvvnVrs>Y&gj}k)c=Pa6j*~`04PXh;x{gK9GZE
zdTLtWBChuNe+fGwr$(zk(B<?!okXlOlmz}&XA%~z5Ol>I_Ulhfqhj{eW0shdARDu;
z)JWd#!2|Z3Sbi5v2aLyA)o}IOYE;@5QaGRVYGGoX=h-jP39O+9-xE}hTQ6oWgep~$
z|F``iI0v3zdc(nWGYm65H`&lnx-cSiE2>kQRD5gwlke;yZu%$i{$0L{`gzj92~g`a
z#;?XrM`P{QdGg*6QzNd57=W;7NB!ObmBtV?oA&@_ivnCOeWuB}_%P(=TIY$)j)p30
zdgGpuWwu(}A-mxz{xNLv{baR@Rn0NrJ-E`7NH%iv6Kl_Imb5GAd6_2ivM=@v<cOqf
z&o2MSO38(x#isg|J0EU~t*6O!dU2RrLq{WgvE&SfXn{i&&@ZDM<GnIV51c(kKj%{*
zM@H)RAGF`&KVI$hP0@K0<QRG|8tB<FEGfnS)Mjwnc*PfOt7E9r4a3jkD@Q+G&z{3W
z*Qx`K9S*fLXK5m8Y{a~g5vxMEDz@hZ{>z-=c93JfLevXGnVPm^s$S?v@!2#nCLPF^
zJ=}2q6aJS)(BqXlTaaq2H&>Gvy-5iPA$T|;LFfCavgG!2-+)GE043rB8tW5!6~Sx*
zQ@LNWC8x#PZ(E893(1kfy!o-AMFJWUaOffRyv5H%Lq_C9+nKqtq;n#p`W;f^$xCya
zH-%|_dRNOr)oEs^XT54~?!rtJUhx-KhOX6SN3b4RPJGyI&UmucU?9Hng3&~}P#Mal
z@o=%%3`S3nv3#)*WWppU9B!yM_HWZd<1i9B91J-AT~QLpqS5BWUH;I5>$;zWbQu@j
zudmn%BK00eh3b-5lu@LbRUmdIxxvVa6&7BJ8%h`A>q28VvQtX>FR$%@+V*drXnWMf
zWFKy(CFLGL+`KO7Kym&h>I)B%vKV&Yyuj8=6w64-_y8MnWUi#sthX}`3DEXhduj45
zar8F)3ifYt9VI5yPNvK^VE15Z8ttl6Zs1KgOE~J;u5RnmsikIrPgdge;PTd3Y(rMZ
z?VN*WjV*7Z9~umd-*<Z0$IGIYipV|wAi7L}v{sE6%Z5QI8E=&~QP;G`-C@sGBa)Eu
zajpgfNS%q)vDb5*A|Vaiwt3U_5*pDUCA`~FVP|5xqK=A0{*08{!H%?wb)WQhFwd|U
zWfAC6;g@^rT)=uNuNwv}3eg_a=t>F2w|1;7f};A10@TzdQ+`l5s*<vMtko$Fi}wTm
zH;btO_5XBfe;gQQ+7B_}{upR)?J@}U()q=F{xh~LLE;Oti#nbv+UW17EQ+;hLwH?8
zJ#^#~FFo>P?;A#9o{sPiF2N+x#vg`MdiP6}<9{Oy)<@P?J3!D>omZbCZq#R(CZkF^
z(qSO2cZUSFM<_Tf2Y}A|Yuj6r_X+aXOSB*2EvL@zz@`$PeM!%|YU;1rOOc`9*^`Qd
z=I{x_atM_Bl-8JTfI@r^G1q+V(+KJ~hPv2Eig@AqM(d8@(G`7v!;2@~mhBH;N}hKX
zLufMBgEvyqKutEiYc)8{90acF9+Y{K^6s1(1A#sQV%KBI1JGk%orO9EWlzlLTcat<
zm;<Wug?6PcZ~qoNvX*E$C`PexSkaO-ZObBYH41P2mq%fbU(vkn4eF1Jiz{JE&|?k_
zubmed5}qMA(ES~HvjbnuPRc*kYh*?CWW~!FRX~SZf(u|1(T$NR`F-jcUqHC61*z--
zl{UE+i(}Hif4viKBiy}9emu_?{b#|r!Di9lwHeyP5x=s{DPPYYpi>E}Gb1M~=g{VC
zDeE2yU^T@^jujOWBF7-_3zZnlS8(Q$ljk<}B(6+nFA+V(9$0^K^}@!uZD-jVLo|!S
z6?6BdRtG1wH%>^uwEH?w&ey`4UqfpdHe5^&itzkwbcgZSJU?D8_r(o?R&nHkCgPoA
z>J{xdA~%eps5TG`MkbLGO22(NSt*ue!tKl2$ZR^d4|_2u)M5?9LqN~ijOKuL8yKRP
zZ!jW;pF$(9mXztYj>P5hH69%;WVaCw0h+ZSC4AB|WTVM7k|TQ{H(LR7BfIDm)2|;T
z?EIk(vkLYPw46O?u#~QEkf6h+jVpb2v|LXdV7l^nMa!1Sa9{-2PV&SNp70&+(~+5=
z_A}XX5#qMZ{KvZf3;nMYg!$i?^i`y^Ux^^KruyXRW{<RH#-1j1Kny%exsY;Zls0nT
zarSAULwXkO@Q1lCsf69G<-7Bd!LKaPr<je|lpm*zn^fp=B-2btV1d`D${8@-xc4AI
zUxNZvEuAe*tdacZje{YcUcXqP4C4{v=Xo=Ue13gL!)_<aD9X0Z#3S2z1hDn$HyYHd
zO}P?9w7sDX=(}X*y`lA8-W#l)aaEW+I;r`*vVj)Box%#MT5(j|-{Z$BVIw?U!Ir{y
zuTu$i=lGiSS~n}?$k+a4`c7)9U%y`CDKB34b4H#Nievpz-i0bHuP5$wLE9xO7y?Ym
zRKX#>dFzkYcX<n_TeDk}yMO%hqvwd)^qKi~iNvJ;t>dDtLDyx?djMC(1To<!ldIx#
z`~ocaLouWrXU?aO0y^nJf?c|sHaXcie^c{F{l5Fgn&~#KGEI>B#VTB0y8J`;1)E8d
zu0dGfxernsm9w3pnwQKOvSzTp0M_~2GT59LyE<^bIcTxPG@~1Xwp|feCqFeNVYxz3
z6`Nroxt4z08uXV3r_`dHVKnV1wd%=y27O$^M?U;@1ooFHjvp1ZeoOxTjkUPQzOb;c
zgN(-|_fV9ASD0_h^7wkKhK=WTXO@1~fBP!)jYAGN3#+56;^=V0s$csNZjFzXQF1#_
zAYV5(Q6TC}Hudu0sSCr^VFho~{RAcdvG0|9hE(u-dWg_VkwwJSqWo+1jh@3wj2k-6
z-LIeO%910%zU#{47|9+D5jRo#l{42Sx&2+(Y~!FJbRv6z9H_{xr#+7IvLol?ETX_=
z9O(?<J-eyR>!l}cv!pmj<h11a?v1f-DOr4c2!2K0r&JNu^7T&P!sC@Z@^y+$#`eRX
zF_%{LW(mOevL=P0(M-xe_I%qk$acM~tf;OmBr7|4{qfvmhFWK_>%n)ofD6$|G%9aT
z<YV`4z9bJ4yzsGOY3guhljC}KG;st7e@3BmOA-9IM@FG&%C|Dc+=|M%SqBlDw8qJ&
z1jDbCaa^yFquxx+q48@Rq3!Y|p(j3EpXd++OM?X3vTr)>#XGxmAPEHD5K;LWV_T{!
zM?<-UL@VpHYJ%w<w)f+@J$*}r9Po=p^8|qRDq!e@8sl5sQSs7ThXp|2YFJR+cxHM^
zjnVdKTcBq-7ZSR3SI|NFl!WzX{}k3d?%UnA>vh)X85@QjX7qlk&lGuw9V^S;Mt2)Z
z{Xey63GbP9zD6xHst%37i7MHdgY`Pm#$fI^<*AM;2z-Z$=9Wl>7DtRzh-CwwBO*?N
z<Q$1U_?j)s!0H>)Q=mL>vsOt}p(O)B-uHWtxXdv6>;1ILEc+>ic62J$ds#q*R&Dsf
zMWacL7nQd>w5aG};NTztaPgYG_4=jbcL=vC1}Ou(pRKso^vCzZ&m2|j-(6dAZjqWQ
z1egM}J+(>va@82?75%X?T#syGu6v`w*YFTX%%2_GkOb&LTTn*>w^BGAp7&Ah+?Fl7
z7)&t?*CUUfHW67(?a#;g1oC}rs_R<)iJK<flG?M?<UTxz_rnbZ1-eOc%rfIpF!OY=
z+Lx=0WQ7mS7^VL%oX@kHIOn8)nTREkj|zz$t-g49&q2FUQnL?*e7CJjD2R53`@_=`
z#$Jv(w|FZ}@;kwIIYbcc(|B67@>PIml4a%%Uo#(Tn7Ym<VS#UB<vm!Uzf?DKva5nc
z++J(TLj^lBoGdtJi(jA&VC)QA@VZ0rV=j-{wPgU^)8bCD^g_2IKe>Lxs?{5_FKY2S
z%|m@#ZM8!#kLSVQISh8=Qf={Dyzo~_Uj`EcGV*_Kqzpc2`RaXQxclNQ2>XXebtHY!
z`kVY4DG~WWb<x3$_v`Kng*f*!4M-);*mrC%;Fo*9#7JoW^Wu?^AQolFAC7(riO7Dv
z&rI;oUJLG!P$I<_wD*~KHwqnAMCGXL!;fzOMWv1?BU;Y6Djr*RTIA=_Z}j;q1Y+h=
zY*Y1h4!WUbL=JB6)gQW@<?N84CNj<~p`Gva0^O2d2c~_x0bm=rba-m&V(>n7GwFN(
zQl+Y(2W2^q6;)_JYK8WO^Zv7=&1PsIQ;-+<z7g>ejj3>W#@iW0C0n+0(QduYP&>7&
zUziHODe|>z>F$X?M$<Rfd=GbuQ_uZcnrr+=$B69)ziYh5%K4u2Vz&9b362gZU;o-n
z%*w)Cr{I9})-t)y?=P`r?;o%xHeExVmj!#Q`qwaw_ScD;EUhsV0byKs*byo=CO<>y
zFuKBDVWib~eb5P(G3$JmzJ)Vd%K_s!Z-s2w*ORC9Lj;2(8=&^^QTIkuKn82w8F+Nv
z=GfFU&;f2|+iyL<m+Wnr(q?lPmfgV;H`;|1&JVW0#6MstN5P5bn~teNQW*J}$<zaM
z4UdG?T$DwX^cOTF^sj1z8XxJQMfYx+v;2tdgFV>mffJ@U*$JwdgLtC7JAzl2-k&Y2
zYH~WBKY?KY#>*DCn-BJMQ#mGC)cq>IMnKcs<7*Qct&e4h5+6alTFZ~1=QQQ^TWM|2
z7kFW>kExts%&U2=7pktmS~5={ou~XJMxWQ=ul8N${kvL`KJTBC+h84*FB!?HA!@{C
zo;FV1T0K6M_m_Udu&3J=DDJ+&G#GEc8S&~j#oXsX3@G$|sCxHr4AF1B8`Ws-P=X{3
zhK`sGcg6{-;U-$>&xicShSHs?0|Fi9r1?!^iD%qamrOo)J8FRMZOP&*@<`=$;(6y-
zzMk0Uoa0+knAX;Y`np-4v?$#)I|g|5n?OVbEmfLqx^phR&rC0L=_Kpb?jbpR%uRBA
z>7EV{+@WHi!cXaseoLjMgdJU-G*i~yuWuxvsXP`F_J{PH*`=q`)R2;Kgh(pKuIVy_
zO2gym893$cSsUb)0Q>L7X}h@CwypQL4}zmLd-mmq`)cD#W9dodtLY27;)d?;gh&<6
z)E7G6UJM-KX7U+18;%iuO+Zk|a@r7H!FK!XR(4)V#rS`W_azzTYItlzc)imfvTd`R
zH+Ju71A*lNJ#CG&E4vlI0q!}$9PpYHoaZajP-}IElqB;0d*+bfTas8AkzB*w%DU~z
zgS3!X>vYf8ba?mWDM}0%n^&)UMU?SgJ2z7noW19+;Qm~%z11S;A2zKd-Gd=ysmX;B
z@+LtIORMLe`H$!mcQ7%S*zuqO;|lbLuAG8_J?_{R6c*5B3@88Wo$MnJH=0wuquVH?
zxIcx2$C28!YDeAi8OH1PnJRY(e1dU}w+q(86W<F8(NHVcc(hlIp<9zb^qZW>V2Mkk
zZC2E_Kug+68m~T)UEDCidz-RsB4IduGr2Tc95w@!=EADDj1OK%RUJ1DuBSb0>A1SR
zLOh&1UCq6@uuwLCInwqf=!|YE@<(<UW-=JUv82C=SDXPCe-cS}+dsuISIGEhvvAO7
z4-JeW($G~6X3b^ZhM*i~CgTNqHJ^ISjAtJvJROy2oG`uO!!*nAv20~YPQEurf-Yef
zIKY=}c&THUl^TBpi^^m&C1LSOGxg1%c=p1<xY$T#j!S+0InlAK14Jx9#Bp+9@j2s4
z7Jme0(}EH#>GelV64G9u@xv`d2G~YSMzA<%*g50Zh#Xw+&tpRWI#H)MO;T-GV<5P5
zH@GnasN_tXc7^zY0}_ijaXn|<8b-qhtv@xwrm<dV0X;HUDjW!D1v2_N*gfEXn9P2}
z$041iia)`(zvQ?Q;b=P&SJvy-dW5U7obzY<cp=d?S(-dbKh|3r19)^C`8gk_-j?Px
zN7Wjv*8H#MmuiX%{Wk)kEK?ILwI_?~zPf9#ByzKI*3?}wL9!^GP7S_UsI{$&t{t9_
zqQHJUtn$4NvBi6Ak2vu=*ezHe^)GMfi3fbvOx2h?QYx->l!lLPfMDo4Q*1k;-fzHn
z8s5;EtV&{ivVG-iA}pgKEAVxgw(vdTjr+uknS1knmvc%fRK}{eCjxf9KKHY=2Qopi
zXHPq#Oz;*<rm~rWDs$;(tFOv7aY+4mW#r#D@xcC`ijA=qpH6Yf_n%eAn`mRrOfGX2
z#`LRFMm=KY^(aULZrt=r-GIze?w&Kd%d6{NI&YVAQZPy&TD!iH7kIUo!76d#LZ0F@
zHGo~Ax7^kWmS)I(yEMFN|ESq|24ct^r64y1?N1L|`u(jpIGqS-+@*GI1@SEh6|0PX
zi%U<TsT~Wv6&9@erxC|Vm|13b*nL6O(9Th4O%DggXrf7w$HR%si$QAMC!=;{7N=JV
zFgH}xFosA(7Y?)KcX7pvL%Q@k5`nF(2`824T(dou6WuQ;6;FYjf*Ud+<<%71bz!Jt
z)70;M<G8c5s5rVXUWw=1BblRsw03>!B=3L&v2#54#orCGPP#DsgewiHVDxx>M@?!j
zZxF)~s?iKLeHd!JUg{TfDVOWP#On$520#63A;<n`BqD*tDsJZC&Tqo+=1tX4nUYGz
zwR-Y+LgIALULmZW-!<a<&vAd%-t;fyHnT?P1+c8L84=EpJ3LLYlb@`R`u~k5qDyD?
zE4^J(!l+5mo=HI$nJzL@UkDpsVHI(uMXfR4!YrQ99L>H_&r~?MYyXQ4!`4u1KlEX8
z*}30dRz3W2<aL?V=_1TQi}tW3@)K(CccXf{RpTO$(4fN4UcW&<2$saoemOWj5eW(5
zhit>k=j_KvaaF(E#ike=5a{4p=ceni3&>x+%zxxGwK|fAFPQCaDDdvQd|}3*KfQF1
z$uqe(x=L;v-xy2WouFlg0h}O|u{%?qS}bclQt9sfV#TO|K<K9LOsY2QY}+;(1S0-G
z2D~mhvM1SJToFfSPUaU&`<r~w(1D!?ba3Ag3xyYYo5>Kt0?Y(fv)m{|trDUonYptL
zuC7~9ujfSz#@U9aI63yDMX~CW?%FT6c%EcpS652i?L~1^WmSa6<LUKJ{5O~mVlcT~
zTO>>B7)zD=svbVxZwrQ=$j$CrtEQzAdPhS665?B#1iHmM{MnbzMYBG=`!eB<BF3z9
zs_sE6Z?IfR3PRN85HRwGaUmw?rrV-pO^cS@raOKrBzmz4fqQ{jmONI5Ly+WV-Gt+D
zN-BSvSD1BQAc)hs2{|h(+KKa{riK)!1}%?zf;81diM|w=u#T1or|$ob{5WKdL~Q^)
z0)Jxm&Z+mFWUX^MvLvY|q=Rd5uC6)(R}154bXl0$TN8qE&9;~1-TL~m#2Kv#b9YLF
z8!mygMo}vZ41trLfhNUw;?-?VPR+B*Nuyot8m1^3Jq3^Adeon5>$9cByG*33vULQm
z(I7V#Nu7VXzN2Z#v$5>g!orz{8=O>u7yKguail%yd9ohAbc%PfifCAZ(dq{fw<oYw
z#FTy8*c08VVfg@~+lS<O^tnOx_mjB%kspW}aQ3z6+x^$_<Z3F8#<+(uMz>O~?A+Ls
z*S~|@P~VIk*^_Ork3XYiOBYlrg?k*h0;h8ZzuWK{3d4#Xq1M0uM4ku6<elCKpd8}j
z-OuFUQfK~C+<ZJlZq|Gu(IvCFaE1>eF-%Um<VIm3D_%R8&&V@2cbdd$g6KXTSQu5K
zn^EmEIvUfI$eZ@dxZbGbMCD=pj*+xj=PS?1CcXW)c*F;;{p9j&%?k0}@sJ)d3Cgqn
z3tKVQ^*Brxj&ROWqgh@`Nh52F(WE(7U%RvCP-%2e%=b1PV#2BskK%OrWokbEaG-uJ
zX|ACZ?E{BwJD5><(!;szSo{j8=Szp9g_LZPoOD?^;=Oj^m_ry9f6hagyNFG?`MLpM
zbQ!IvZx4vOo*ap2f}%{9x+im{q0pH31hQW?3wf6?6&mI|*(3Hn9&LF#1C`4mQhJr1
z5B>21Tg=f!X^EUfGr8+x3XU91IcTnk+2Vo_+a6u+&DzzjC$XaqlN5i~#i{r>p%1^;
zKY1kv*>rD<c$yO-4-&ZEuSU3vZT08)@S=P<g(7IeWO-SRVWpW11NO~ZYNmuvSFA!c
zQ`Mf1xP4nMdO}GX>w{*6bG}IC&o?b7FU^b?ey}6mMUchD66!Bz;rMmn>B#{3PLnq8
zAZ}&#&2T%}iDGQ%=B#hjRa@r|da3;8q@c65-f^EG3+o1a?}p6QAo&0xzr3{*fq!4z
z74v*5rv;KXiaC@9j*+DJDu%|;NKg#Rw~;)L4{IyR(-miDV+*yb6-{9+woaf;Q=0l$
zIZ0CB4m?YBldcjEv*{imaV9&GN)%>BY1Tvw^4Zi9tH%<lJ*w5dej`o{KL|0OZxNS3
ziVF+{9iB3oHB8>;w}rUHnV{&CbxAQrAWNR2vS%Es{kWn*uvkZHutv&xV|tX291wDo
zM#7sF9$$2PAddLL&<a&B7nG+2WHuT5$>-<-l0vU_WKVE8;bIPvi`7^RTjP&cL%c9~
z{Y27mv+mI=<#mDA<bBJ`o8Ukb=QRvgz<m+{{~&n*xrPt~X%&E*<TW9eXLv^$_D^m!
z4ri3x;;4aXg?mT^@*fq&&SP`aXaIn?m>NHJ5K$h01Q^Dx(DKJ96e#ztP7dI(!*wEh
zpGt}E2`j&|)v6SF)gVIU+t?Usu-+V78EtG_n29KkYR6ClQ>uhpPog<;AfydfIXGYi
zinr+!l#$C0W88A}3yl3d;kC!?DHVOaNrU+Kw)-W&<199e3^?V^B6ntRRQschr_fa_
zaz8sRI+Nd-cp6Whm2(VI+6ZI4c_5#tHMX_D|5zZxtmw-ru7!&+t81@8B&t)N>a155
zl{<%?Fi-n~PA|jD=WI6${La>_y2yIMP;M!8Nq~QEOqj!k$<QCBvtM%`bpfMZceCOo
zAA-USdbN%vEiG6=v7~WQaZ(hoDaK!(bB5Pezt7ED5z^Ei`H5eUPl#?dZ@uB%e((?*
zll=2duUCo%7;0e{sCau%-gSfcKjzH(o%?rfp|z!n1{ulqPYGVXq&MMj77}nCk!?B~
z{R8)!v^&{<Nb|Z4FJA%Ma~$#|D3~bFBoED$yWYtx_HR!b!b#IhrB<gkeB9z5Il(y9
z`y!tj9O2*4NtId08<6mK*WbzK_ps20di)@-oo6=V5ase0cJ~0nu_*wAApXyJad)VQ
zL$WTDs)nceI};pTPaN6CQ3O@-_$bxd1LHXtC51)2kJXbKGIJM69i960VfXkD{(Q${
zVY{0++j<`Qcth)1p_C9Ttzq#6>)dD_LB*#RWcoN*c+{(1&xB4|5Ey3EMJW&Up0g|u
zMa_G}n7&=ySvJY^`hypkYnHn84e>4yaJ<eW#>44Go-NL>A&kZfzkiSTB~{nBE_(l6
z*n)b&`!gL%UD<(L4mZ@sCr7w7_}t-6$AMO9bwI2$oS&j&;^oP#Uj6;`tWtC99)0@#
zUIfKxK_C6IG_4!X-b%L%uZ6&7&ocsTwl<GBgSFAMG%Z)6LevR^9FpL#A(HBpFJEh1
zuJv?lNSyK6t3K!b2oBjfT9Hnb4?;u_5Vo_D-?R575<}Frpt_XeiF(+L%o0d4{Y`C_
z;$Q}7j|%#IVlpZ|Jfo-g=d*(rLkQ}iZCNgQ##jH^=tMxsO1lXyLHCB3atMkbC%jsS
z%I(;=j_s~FEywqUruaG#xwhxI*F!PK{w|4c+dD>%PhI%FkyEM-M|xXD0iD;bkw6QF
zd_UxQspQ5``!xUXvK_ah>H%C9W#)Q!lmj$!s@0}L-q-7|?VMGIr;sV87k|C=J<Kpb
zD49U>khJK(NF48PqRHMa#1RgkysIE6M{5n29`*u?e}1{7+wB{g%mmX6a*O4Mbttv3
zxKzNgeS=bhlx$bISsTBsp>9Pl=^^DylpUzjn5eh$?0t^Ec+gNUZ$WbjMO;ndN7@97
z10$M{va$lN-1V(3fRMK(>@lTM{~U-br$blVx%_+$>7~9_FP~u_Q@=M^WEnaxdb)`!
z?}p5r)7iII9iw0b!BZx&Qj;>zy~ue1kY%S>f*Vu(Hx__sYy4tBsv<Ns<0fp~+jrpA
zeZtq2RWZ9ErfB*j?6JGsceXcX#=B|-|Axj2v)34CKF6@-<pIqLIJHBB>+7Noxxefh
zxj7GG!>`0Wty{UdCQGh}C=lJ3^=(g|tN4L|m~ru-I1^7YJZ6;RKv4pDIb)mIe)Dt@
zkn&7Hl_eK}%%qrY@BaoHjb8sQlI-<N1d=QHxwIl_B0>xj^hq!xkee~bk?;)(yyK@;
zyIWFMG`~n@)haCb7Ibg(7NoMhJ(7e?pZ6AEmmeNKW-Oyclvq4qcO`>=-z<<{@0X|q
z%ayGz+>Te{tdQiD9UzWUcS4d=^Y=7rV1Vl9#)6RB7|jC_&rtMlu=DX3nUKpaJ6?=@
zs94jv(lz0bVDHbeJK!%3H7}4=Tl1BDRAs&9bLAn;z{UFbl<db&2KmWIR_CnCLET|M
zidx$<9dZ`O0S~pOu)kfs5_$bC6@~t%JU{PakK<#bKbSw`J2NJS85Fj?m6+11wDp#^
z-Z0ZB{v0-om)FcLs)J)zA=VR7))fuPMgW(u*=J+Q6{@CR`TEP2--pUXTK{zTU$HpG
zJKWGw(qs2XtR4agH$1YX3ZT&uo!oG^8hjWvmOaOsZn2K}I%5|!4e$3-p7wsiR8pa%
zF)tO~+{df9IUEXvPd+@kn~exQAzv~)huSm`DbAPzx6kQ}Pb+r&vXLzXGW`}7Aw|6~
zbl%>y1l})@?v2qasPJ#6>)v|oZcb%GIarNMmafKVFY5){Auql2a3co^<;MypUE7f`
zViCxa-0aT6c*TEPxE%80k8?MISi4qiV<Uo`R6o@ggiXvd6Ux#K1!g|n{BpjC`qJ95
zuVbnS8&tx1JwzL!n)B0ts-MKf0)E@4)}M$*v^lV?X;v+*Zw)oM&U_e}F53HPEraWE
zv%RBDpLNxV>K6<(#LM%(b!>stJ-KJkcVT}`g>lN%jN8@wRZxYhN1%HYtPnARy}rQy
zpo?;X>QXQ=B61N8_~7ZQY6M%RI2J2z$6RTPL=DL$ww9O9U2o>l8PmV>9F`O_TGEzv
zo?{!gD-QN;^vxFBcBqo;kM_Y*J|slW+I+LD7$<*EzVFbu7^-mrHG8)0;$kVob~uVL
zSZj?*({jWqZ2G~4E;--GTLIsSXt@-1d&zrnL^s_8Jgk_@QH$r7q<NGGl&iA0hkMD*
z7FOFn<`+|k{HB-dypQDKrQ08!lB=i~NH)cU70Kr;{IDvt7Be^BkWcpzn4g}=lr#6s
zn{^HnAeW7Zerc@@!O||<R|)&;n39$aQ7F@^PrL*Q^Hi`n$`J=bf%Hm}^^b^z2Ylfm
z-rRYAe4YF4o-DuZnkBDaMQVr8v%DoGHAZP)w)QD5`md$4S8Jfla#sHMPDD<*#9VYz
z$Me*3;X+!Rxh6b3eD7rL@Xn6p%1$rRjf;ql?U$Kt64U^M$^>dXNLXg35v(l5!dkW<
zNZzV(I9j5p=YjK;DIl`NYMUT>c>=1t1M#}R3op19rf)I&!lkR8BjlV`2l)KRnXp{c
zKfN9upOB$iXUMH{{$gSzCl8f`VUEbv;Z2fK-DJCupuw6Fb9QhwD0ZOEtuGEeyxciG
zUhN~}S&LlV^Zl%H@a*Ln`u$~>ip4xCG(V}h&T%g~D?hhsAGoz?oX@gPH;fTqYTlj!
z+Z2?3mQbN~{iXI<j1L0Rj>)**`&m)>TrzK!%$a0jL`HWyTgy_dJ>AE%D@=r1@sB0z
zoI=86G~@PB0W$S5lk5II6ivJG%}`x+tLEygM;Zs<_ldab^A=}jb^IOyVPMmjutk!N
z$u&Sw^O=%WgR++1W7}^_dFx*O8Pwli2<0gZds)@`r5q1iWErJF4FNgz2LX+m70MV3
z(*#QI=mMTj%<GJa`e&3#K{ETkF1ENA59+_%<^9QD0N4isS;GEBo&HZwHrIU`v|)^F
zy9C(b39W%zIrPAyB8`zU&aEOF(Tc3b%+0#U?yinVuar|e_%MndHDM<;%5!5{4g+#C
z*e=7_a+~^defozkAy@M?uFh-z_YPMqYQ&71a9vjRI6IDHuXfJc`=fP<@|69<vRp1b
z<m&EcZg}XZ6+`??eh@nF(ofka#76>ZH_wl&^v5^WDf_D)HK}wSbadwCWV^f5qK+3J
z4u!Jh)s;gLyO$s>cIRMOW4k1cS>Lzt)buef0++}G|25+MIqkIGYXkU$UyYmgn|dgh
zn?11O-MViN0h#UgNemV^q9&ZT7jsF3V}A!&dq|uNFmyVe@pXvXgv(Dp#3)JxUXBZ5
zK5$agrB-i8tJ7GVcvwxQ^p`5sCbAt!V)$<P#yJVeIvYMG+;6|m-Ux=9vd+&giG|GG
zBy{gvDg(|dtsK*={~rLhKuNzwG8C;wYKl@hpPWT)yX8L|1*eaHl|GN(KKkgRk3RmV
zklT4N?a|+HrF115-})2hPCdYr3uh1=5rm6DjZ^^9(n<d5ZEQMH&w@oOcyO2(8i|?m
zlo*yTTFs6<lNt1<33oiZz4!!Qt~!R@j6bpDf#JC86?8VtVC!2ivSUpQlSciCNNX0~
zef%Zo8zTA3vOh2}+!L)##MEU$q1T}ZTZp;lDzQgIM&9!fPfQ9zBU2*1?Z~`B=gjcg
z4^w?9jZ?*HrakxzW`w$+lq+d%0JFJ_#7u#uOa8{hNOxqW3c}xco)7mQAnoZH_!?w1
zrtaq-Thobr=ye{S8ik8iLTBX#R=o5!>$aa{QpAIJ+bM4v7X&$uK7$!EOviVr7bvb9
zhohSuTSp_=$%!<14`I|GKO}W&Z2M*d^@E>g#qX!%Wl&&lEFtF0S6IDm1CvJ&VuBkW
zc2QTEN?rf?tcm#yKUW7-&1YC0Q-tGvi+JzZNob`OI+|-Ssa?6l5dj;mMTx9iy`ED4
zhgtgjg$(ksM`G=wI&}|=mwd)&-wkHSYxD5Bc1KxK8p7Mlcy8`6Ts0yUqr7--@oHku
zJ;sz!R}`w-3;B^U-nv%CtM?H&d^W$ZRdV`FIfJJ?$Wt>y(W`n3FDl13Vi2A#J2{_T
zOy{Iv)aGigq!r;1HjmJtVKhZb*p!q=ar=0}6>VfErXd)HGA!ioNf~WsGet?+%zJMM
zf1DVGPHJLW_}e_Yd@n~*e!&P&9k$}Ltle;w*2rJ7{7>_Ubk`#q8%Wx@j2A9s-cYdG
zx{BHN<rkc;58}^D|H#A$Pc%|1E%Q^@`1T^UeYSz9L2nS<KMG&x7%pX0@aQmKl+<!1
z=_*>i4;86b$ZwgAyI!C?_X;&KZ|3#0qqRJi11CEf{`{LPx_<ylx@c{xN3c`f*(jME
zkt0UY@4ICjzf{cJ0iGz;5^P<CoQTavKKLQV1?Z{II>_oZ+Y!b*$A?ecL$I3`%&p8%
zSjXaJ8~JK)G@;Lo|A{$qjie-A;ohg8Wykx2ad&XS<&JAax_&~R?*4KOnGRD}^y+=|
z_jW*HX(VyO8!X<uo|99CF>%l+2H2e-DJ742!+da2LRVD*XHyCZ8vh(&?)HeSx0PR)
z#g0|WIb$8h%PaoIgkVRMQW2A}3z<%drT!8d{;`d=$cI?^_*8;iw1}OR9A5DfpRC)?
zv`L|aRHhPtD2pM#TFMKLj>bi1rLnmMiQ1v}t`S9K8doO$dI`@*1>mArVQQR+{qw(L
z-`0~9-P@nYYu+#IwTa}^&g1R%ONjJ!#@S9m+LmQ(xNOJMZ!KYZxH}3uDH*$!SKi#g
zhS*6AdTh|09~qV=&V2VV-=1$^_FtCq)WmS?wK8m`E^G<|dUNGZ8{M2#t^_{AvtRv%
z!M=_-xyd-S4=hEAqy;?0D_^}$e}88j9TlW*{*v!A9r(qfSDD)18;!(5MdAkjws<q&
zpPa(L2L}LPwp<~({9fLB<za^VI3Tvn!1FJEWz&{;^5+jD+N(da7tG`A;nNhkjOVc@
zAHmaJja&isH)<xq&L^BvLxNd$@iN7A)A7{VArVa!CMA&F=)pr{!?3$UR{fKhyQoS(
z#i1f4^A<1Wx8r?~T03cOXhrF)gkFy~fVnJ*Y~gK|JU5pxR}H3$QM~=!V)n+I;}=sx
z(MwHSIr2Sw&($&Og=PF=+5ntX(0(<UFBZK@a=!8B)%QneDk`OP<O96@x5pUZsim`g
zJg)CP&%Tp!ESx(EXXl>R+bnIQ9o<7wOE`-@U(6(T9hR;ZYCEL3>TVBpE1)vC5;-WG
zZLwLDRJRaf(9m3+Ls<cMTieOWE~RytH_Fy}a`US32%d|N^S>ixu8657n_U|=b45La
zx0XD`=zcCpEv@7p|AyC6uTXLQN>dF9o4+Bp&YwTN^CY9g+);>a<R1ErS3layp-JQU
z?ZjyAd$5tD3%gJanZhGaEWpPgML|24_pf1Fx}1kzU&hoZKeQ4Pl@~Vg(%T!^esT&C
z4+eD?RC$Hu%7y&y?X5(Ix#QsCL1R2vY&n!lpJMqR?kB=kLFFhP{`m4rKKgbjFTVQ@
zkBs$4(VmUdU;fIbU8gBtFdRqq-NMyZla$uX+sj^N?l6BeVm+h0mausBA<jK^AEB;3
zn2Ij2W=#z8k$+&>LzD4yP++RhV$;$kY}|2>DI)@j^3>h3cafmd2M|5Xh0~cy6xQ8`
zo3o9koXaG)_+jv@CpDv(`ywN-v=@?|-Gb+YXnd8BftA*d6mpstu;leQggR^JSTKSQ
ze)|$9cb=tmZhyjL5~SK-9(nP7!UF?w(#bGZMDgYy-(+iCG7pXN#k>Cm7R<}z@adDd
zjGxDoj|{<HE#uA|f`ziwIL@4JXZ8ng@$~pmG-4NzH+N#^U_dlAlXiGL+tcj$<Fa>{
z7V3;bY$tET7MA=yhV8MFc<sUA+<U)-!X0}sxsBtYXPzNYkfM;nLamCcr#2x5OyHp>
zeo2sCic;B0d2d5;wTOb|>HOx^=NTF3h^=8d0Uy1}#|d#fuwWvdfpUs2>|xWs8Ycht
z@BC^0U|duJEfuM3`s8)q%e(fRAC);hktp35I%+6h`*w0J<0|8W9MQ`KEHxR#ovXli
z{KE`#ky3JTKdaZr;s5Y!{C?pCeC(B2yBbK{{RwaVV>RCm9?olXgZ}9^t~Vrlf2Ke4
zE>HLGkDEb(v3fiX@4n9A<MGU&I)MKA?lG$_$)kAWcwXLcfB`-(xH^bj-oBN6>1v*Q
z^8=>#_dqRllAo}Nca|UK!0Cwu&yT`z$3iEfcJ=4pzy6&8Lj!TpNNFn@f$F7~iH|wQ
zg7Lw4O8{#-^%d!~dcMPwXGh?smC{vzABWbw#m9%Y5I=Po3nO*6J=;b@)*-%JpG?pL
zFY=q2gK^eMX{$_O?Hh~Py7>fSqaLGQj}Y}z^q%3&xPLw=F{iky8p8umJV~gd7KL0w
zMZ$JgZcW2$!QXi4!I5|vR9HLfnQ?SAZ+*6&bw>vA&ZAK`qgLE#rj^P|+gb6=31s8{
z!1CWrBfv?EU^8K|$}#ArG-jM;&D!mBMm^03Pu)wHyB@*PM(Mfld1L7&zTO>0<R7Nu
z2tXIP$%RaPcL|SA9e|_KMBZR$URZj7xXTYP+J7)ZrY}TNpULUGI;K4E7;_@rQ44LH
z>d{3euBOHD{jO8^J@^uTesl`HjtWfmg~WXRE~%-hKW`%0>bZQmh=tF*#>*c?;Ogj%
zrs4uCzdnq5^wTU`Fdjb#73P*gb}fC4Z@)Xp<Wc>IcGvZJ+Vs&!AAS4>5G_Wk3UjD5
zIx}<35S$bu=8i^+voqPd>I}QKjo?>*d7g(SgkVtqUyi_FqpdcRZJ%$X*8e`9d2Afc
z|7`Xg(L!^{dA|Ab0E$tM^UVGI(E>898&jTshv+T|b`ILUb?(2MzVYd!k3Rb7<9`c5
zj!VQny#C>5yz#5?NOShG<heic#uvM|RM>!71aoHtDe;FXYEvUNWpnn#abl03BBP`Y
ziMoxv+)Qd)Zhx?af^&zsSZ>20uP5!oDPm*eIGtF4QKO=|=p4CME!3u;Bq6tj3BP`v
z=|lSAVy8u;)nV^sk47Owrck3)%8>|C<O&sPwHoD}7Ec60K(17wluHpLG8C%rYZce>
zA4=s~hRmMH_(A?S>a`f0f*CoXKN@*4rPU@xOCxCs31l@1$Xd%uITufCY#e9OYmlqW
z)Lu%bwCi>+2myt`gCQeEU@b@`y{H<qDAHD6O7i6re20!9#7#wG#t9B5SE1He$i8@r
z<FRp^N=&CsVn<tPKAB~8*SgGxUgF4@Cm&@@{~-Ka?NKQ;Xys-aD@rM@ZbeY&aq;Sh
zmxJ`qa67gRO42WIvCx(K=FTQM!~=s?gU;Yc;F$Y(WTY<*38%<u>b#NTPCIA@b0-bO
z&(#jC&Ys{wBM5V~Bd_QxCUY+yr$1K4sB2|3cY#caN~u69mE1CR(mS7tfX25!qx{_{
zPs*aMtBaPZVy={Q5ELGYyR$2iBL>h~nM_7;JJ!}5E~a&0KXeQsc0X|DPAbQF<h|TG
zVE}FpdUOUS`VSwAuNtz7s<GKR$h&Zy^lEn=S~!!a0C)6SEe1z#M&2`z5iYJbl+bN?
z7dV<$#lVLaGIdB0E_Pb9Is@+ghBN=MiI}TSb1I_&jo&~<2RM<Nlul!piLRPbF4ssH
zdjA|kP3fc;w_`Kbl9O79)UQ9GF7~LEN;E<TRVBq-ZR$d%b->*>7&k+2pHu?&VWXKE
z=}G2^^HjBWA!4IB>jI~)icFXqjjN)A+@v#H?i|Ryb7nBW-vymUgU-&4fzu!0o-kL^
z;u5Lqyqo9A-KawhnZZM|rZG4)08cjqcbaoLe_EfWl%i0YDbKvbiMV4NPq;+2S%bMP
zlcf9>?0q7M9^}N8OP8r=>_ikzT+L4<yVAhO=>9nCBt1VoZC09c5{StZ81c~Wm=)!N
zgF%NztH<8a1)ai5<&^}^WHq6dwUVE5j^nYh#Ggs0MXsi;_7a(;MkI0-DvgDzqC&3L
zwIeF^czSx{?r<05j6{acCz=`KL(p29Db7wOHNAuuiJ8{QG8(VPxVDKX+SLsG#p6tk
z4kN(B1(mg!69+C*B{yIxOXF00EOGItNxy2uPOK*XQZ9A96ltwZ=U_rE+6lkriRnY|
za<N0J(W19^!cHUq$>F%_jNZ(cGm~kf1`y!ujp3U8LE7TP_=oRj;)wqEd3m5W7ZP_g
zg=U2kQ+Xz5Ps9;>Jb|=oGg@;SiAnjiUpo;llY28`-V8<rdtuONvGW+nsFCg{>T{`R
zwIE1jD3wZNQVD`gj#{lotx_VpO~eZtFGf!sj%Rfu=ksgnvVyInj0-0-5F^GA9pH-M
zXKNq?6iO9xQ!{17Mbx%gQRtoU^7qH-4(<F+<k~^pJ9iQT{9Ms%bvOkNVr-Zz<P}kE
zGGlEj<>cv0n1<ZTeUpaZ<7_~yGvFFLmbo*-adqfT7XItV+=3Z3c{)-3+%V|$xcNsg
zA}Wfm>Kf`=dNX1Rs116|oi&seR?=#gpm+43pSKIr+e2#rg4&*b1EX+hDki(MhAwj#
zRe3qodQ9j3NovaT@@Z-_(ppzQewBsb!4dRg%la9Zxtg2A`BWn_=FMevq%U^bZn+jU
z^&ZCe3*x$2r}Jtq$Io8IB!k+bG)^5qMqK<kN?Rm|mSU1~DluDSs8mX1QUR$<fl94L
ztyVx|2?+`3X%b|#mgjITK9<<Hlcd*}QJXuslwLrW>6-s|qlRI#<}hW#P=fq?aJ-gh
zUMBNq(&Vv3`nsaOwys8ax?&hSgIOc{;bhQZa38?P5$-6f%BVH}(CL0TgJ#TN($G*`
z?X>9ZeHb)iFs^nL6kTn@Z0=r@&*!xwvo@2Hc#_y-v7AgU!YmW%$jqdmv5njPNaZR6
z5hF(;ug@aAs1d8Rll-(Kgpo6u7wkxBS~hh?8|}quWYyXc9UXGRSf$nbF=fs)2Ku_9
z*XeNf8_BrgTFey%)O2*qI@bZ?nJ^##MQ06pSyxCcsKjbA(^ytZht-B4Q=n8TkV*t(
z^6veCN-6I}nIfQ2Yf;MED9tUTrnw85#sNQXPwcfyy4p%Pd-ynYqK>Ze6i&s*5qIJ|
zxiw}~wn_@p^Jx<0s8mYi5&?<i+E}X;NaYIDY87&+fK)0+rRx5_<Zi-KAH<kRvltQS
zjh#-5gLe?oQG?M|R8!f|N>^tSX(x}+=`)Ij_m9EP*$%DFfJew+rcRnfxayWR{S=ua
z$nY65iQ$1#&Yw=BvD1WznX;7Aq&B-Sc}ygB)+W*~oTAWm40C5sCd9)5tww{v(VH>z
z9%PiSoP<-UG<BNpI@5j}87_X|j2t}(ou!eI+ze7POKCOPXl<yawexyh1uGVNZ$?eK
zk7>ih@%MH{Xssae+*#^H1+C>7oH-FkZ2VdBYE6jdDzfrRXuUlb1b{?^qt8$#jtNB8
zQAc4`8fiHtbYi8crh=C1=Vt^3Zr+2LJ$(#;ZuaPOdYpYinK=7CLOO~`&8Xmx*crAC
za!ws3twDm?Qpx3W3B<-8=WJ>zR*i&;j7yZ%-&rS#M21qOL@t#ekttAKU$<-xTsoRS
zz5O_TF>f4!9!}`ATI`&?iJtNRv-~=^ax#&ty#?{GHjxq=N0oXw&pa`UNFNvUS`9kA
zJ&yKTq?UFHE??kEQy_EZ%w%AoYxnPVu7poq!2N?=C_H(Qk`^P~PRbHIMonkN*g<$Z
z8_?>V2^~6uKqrC1vRcemvHP1zAww#?{>{|=F7)UkV-s1I&Qqir#+*5m3H5SBr_tf)
z9l_L@V+ruR-I)GQVr<3`HIw^iOk!ZLKORmpt|p)0VsSfiOC#BrP7@a!%gKwmbSPys
z7hfj7+K8>s>9>zQ`sm|7h?cMs_wwxDUg!1K7xC76%USdNR=!>F0;9EQe7<58$8+nk
z^b!r@{|?<LJ(7>dkzLsxf$yJ2w9;Bxz}e&HC~EAwx%U?&s144zyE>xoMbFvCe;0io
zzkT%4M<0Fs&mjmB^zLEI`_sEjxHpx9TfbrLt`B*&yp@j^{emEQ9c8&iR9AO$WOH3l
zV~;k7s8CnrcWipvs4OU<uBnI%`?iszlHFpU(J*|NKYEFUn$i+lY(WePb4UI2HTOS?
zL~tj}-xKu>!=r#qCPk!*x)v*9XFKKPwKNu&a$^4uF7?QX=S_5&H%etMih8-8;Gts}
zs7W9(wSapDJJDQpiL@F$6MsJ(SEWcsSuRD5Ep(pPL0w|cX9Nu&jH~jRCPSh^?>3Bx
zARSUc03>K!2JrARQz-g&124aj$mogVm^xz?qr%)#-)<c-cTrziL94wd0bVYsZ}Ey2
zBu)fI`XG-fro6$7crD+jySFP&I`s`@tDsP#lFF#5Z^7D|hQ;z@Wq98#!}~{v<t7?G
zMve|*!&etbt6qq;IGf^Dd*+4uV5d{z-G3y$ts6<rC}vDc63I;x291cs{`Nk&1wkU<
z>F0sH^5)!=C{-vCD6DHi6kDk*s-f8-kWhEKTRf-*r1ti>DCArpt%k}XnwlLL7wX<)
zLoP^VI0i@JYdK0@X*DP#88R|}wHvRH*W7|woJGALXXfPDIAomRa&|fGzBW<|8u1$v
zhKs!c2hBJhe>8!QcYMmrStl7iZamXxOeHG733)FHXhG@C*l9yq|K15s7e7X@oso?5
z7ily^b?2hCwo_YKg3U7&KR0J?P1P)@ya)}mN4~k3t0pr)Wr#pWRCow(_IJz02hjGD
z`n0CHl;)%(Y|dA6>zfe}H3CmP$n1R?H)a@HKf6R~StFr33E3$rG`mL;9qEhawu*>0
zEA^$>G{{_t?jMBmj*50sTUJhOV+oBX_EU37*~4($KROIYr5fj;;mm(xHlMCt#~Z~-
zj2%0HNmC~?JlqpiZ*3QCG?yi^d;1|SWR}p<-hl-xSFcpksjQ^2NdyM~DN5I23=DHb
zaZSN$YpNu-u#Ofku;aU&p3w|EhcnnqPj9-;j+#<RTWky-6o!NPpFL`PcXVO?gamk?
zyG`*c2^~OxKc|~H&KoMps;Q>DIf)&c^HKC1IHEoESgwt`MDWGi%WzYfEGSWFqzF{g
z*kt_);jv_RM~!Ew?_N%v%HXk)J{Ze#xR~Ee)PiAnJ8FLZ$#a<s&mpsUdP*W+Z+M%(
zC5>kE*vZVAK8^@a{av3cxO?N_q`PUP78IydQiPg%TC6s@IvcoJ*NX25e;o9;<Z2RR
zIJkJCP}ct38vh`ACp&z7J$k$wQn`YrmUh}Yj6lzD`x2Rs0ds!Elq;*)@WzW=8a0uz
z6Q?q3QWWkwWiRi#5_kVd`Z;VTC%2r&C?&aBSCEYOC38I!Savj@iiQU4i!vzb@MKzq
z&rggja5s!J)mC!V=E;42Zs=|iY=T~olUjZAP)SoQHCGELt~kw}rt}^k=!Skn335>)
z6MCO~T`l#L*Va%{dWrozO6a*2=ueop;aYxpz%Q7vV6Qv8%_V{_-X1z+*WL|5p+u)p
z;Opms-SzcIP@>YvkO;OPIe_DYx2qdE_4QT=D3ofXvPSA#y096$*W{YgQZB{rrR4mr
ztyR)LJOsn-Ier0TN}NNY36aN<nOQ<xsEniw^$eOlo^fr>WS-67YRwEtJx_(*K!$|a
zUz@{H<nl0rgY-93ZU{0IN*fk)HO(y|IGL%<if8-YSkm$;XflG(RZnhF6|F)84OSce
zKiK9T6~!~^9v)m+z}oLW<h9h(j2k<FDbvO?z}F75v66z+Ix1Bc*taRK=dIpD8603h
zV($IPKN)*HPM&TUu8+S&f?Taa+1N&NTPIy6BNfHX7(65Jc9Hdn4x@K;!qM@1lYUI*
z^s??d1~YYh1pBwelU6+&FIjY&K_>tJAOJ~3K~y`J&!=Dw8p()YHzei?Dl4vH?>Q1L
z7ekNtR^sGMq_;gW#T7J|Ek9dUiZ&DVg_k+9XCJ3BN@%lK>1b`EI=_HQkH}jLzjEB%
zT!;wrKrIyjE5?onDhqNbsWr2ITS3q72#*MYz4S=2al0RdXf;ulbB=v`4st1{k}gvx
z9cCkC8P!-qs%hz>Tck-8sGLLbb-QIvm&njMd*h++q`9GmJEno9mGXiL8mg*E*tM0*
zJ@)v{3?Jx;s+Yqrcg0jsad9)Mz)%9N<?Zf9K%sRbB+P}~DTUOwL6GLQdyRDz6f~m_
z9YmPB_71sgGj~#5brq|V7yj;!C~w&t3Mwc1g}Fmg8PzQoL`MJxo*phZXm6%KkjPai
zWmak%+wREWcsFdu4r;0^QMir4+u3k4AH5*M;NXl_cY8zrNn~ye3<<`?pzc1TX6dB5
z^ePQig(Su9q3EpqmU${=(7-?pil2U<t&cwX=%bIHh9HrmP%2Sg-@GeTgid&rmz7;q
zJpUP+52P?IWD3qoDTp>Y>WfJ_bB45{YC5cP9DE`fH*PpVZhB-l7Bdm6sg=Uivz$%N
zrMB6G!r;lUY10|(A)_ey6zR>*Oq@6zS8exNY-z6|@x)1L?FTYxSO|JaC&j5}I8!WT
zM6^Fumrs*i)QH+6lyQ?M5M<~g_hJHPQ;KMlIubcz0;31|p;Jh1)WOtRMcTR3T*@k?
z-KN4TESm9Sqwvrx5NsCe3KBV<R71$f;V8>5a_VvcZK96AL8BQzJRAoV)TSR`!;S+a
zmt4hkatEs<8Tdub;Qk5W*vrgR=cjP?{AEh&IuO)Ogby3f*r-6X(k_b6>}2!qBjl79
zQ+sFwpEe{AG-f{c^tY!hHJ%IAc1)Qv4qtl(AY$okBtPW>=P&0_*I_|v@5O*&V~CFM
zK_?eLw9;Ij!O63EI7f}Zr8Sc?=QF7{$?*&y#)Pp^xa;KqhrP4^GxQmL`{<*OKKl5d
zMUcpG3>eD8&->!*`aZ9(+)3Q!@puliVYO%p9JG){A3TWXZMz4V+JJ)|dPH1B#AcPC
z(U0IaOI~KQyS|4yN07=fI0)pNHe<1h@Son22oi)J(in&$R+|lJ#5Df;)-y!9_f%#`
zq-yN-s$RTNB-r_cF)Y%BO^GR#PY<O0+$q}JMlyDwD^kqZY*w^R-Yop<2Rs;Yo03E-
z$6)6GRDe{9)YXxj0T~748dpX<{3^@CCUELx0*7K&lMoxr6R*6-Q)2^eZv-}*6|>FO
zo#*zp-#|bj?G8tGLlGqOregd7#2+g|az`2e97+NP55q<BHD@nmBdbZK(WxJyzHTTa
z3hcZh8Q^UsFC&xWx)fTZVT>B!c1OtXTM-bD{$Tq=tQH$qTQ74%wDmBy*=#mMn+c1B
zJG{ODloA1zLf+kuLD9Ib`Hti(rBGUeppGD{-vAt<z1Vl*GFjm|3XK|uMh0Q8mZDVq
zG4nU?;2m{_GYQ9u+4vy|XD{&kmtN!kfiAt&UxxSS=?rr|PF#F8^F8c1mt2L{kjLof
zYCtNsBi?O{L_iRb=v2rhl4}ZP@ead-h}er!&K`qCgZu|~yFc8gxB8IVY&N7aS7to@
zDo>3KK;1(?NKhG^kx3K;4IM?8_5`Oc<ulPBB`LKS-;oax?4|~850@)qHW@*bAd&Q%
zdAz$^X*di2`WAB|-Ft)<6(mwL_IeZ=JElJRSG+<;bLLDuM|XU}!T5{({>2w~WUSvE
zhAeAW3Hv_!kgw7mc;K;n=pX2Xi=%;*uYbwP3%6V-ksxugM}LblS+v=(Dm8dd_zfTY
zZZw)6Cw&FvY6HCmn6{XWSS{8cF&cG`Z_gg+9ebS`O)sI?1$!L^#VwwAHXEW;M&OL6
zdGD#QIQASkWGVwrG6`+h{+39Ee~YqK<}#4!V}m(<AfD`BMq`(mLY38r#|8&uxU1d!
zTKju>4Q|YDL5kKjf(KvvkbdJ&l8_Kb%&NCJdv-Q|dF^kEzg^5;zfJPP?Xp_Tn2a{$
zQW=sS3x|kJ{Li^92?BTbSnTb3i4529>AbqshY1M@Bpf@!>UWP2oAMXld+r_r?38!N
zAg!Ap1Nu3zEj^QpksV~FbTaIPVGPnWp#46U)PhPpGqbP;j-kJw7Wh}Z46h?%vs$rQ
z1-M<Vi((JiB8nn5n~qWQf6reY8i_*>nI)jmIiOWade2cV+OXNIgim{dx1O0v&#i!f
zRBb@7x;B1#4LY^5m&gZq&U*pjr?0mFNPgt~>0XnqKG8h!;_J)|?<p+=L4m=gx7@ih
z430qz2vu@4{R)M_aG^1bM}~#tSCx(I_(`%$GcjE*#VvXPVLd$5B|o_KTI(`c_t|n{
zS_ZIi=KX{P_~GHw!k$-_@ZBBJVSXHia~Kc){xw2|oa1CdEXTfnmwhMiWzlQDCE6fj
z73>L{`WycK+&Fs1WDrnj?Ql?m>0d}Kee-eMW7xYXP{bx0>Ff{?)JmkcZEHnQ{0TCr
zH)EQfh{;n3+wv)~iDirw>$#BCLjS2l@pjTci-^r?!e;B`K#d4U1f<$-uV*U)y<H^U
zDJpyXZfYv!*rrcemn3KUefKgb*cWGwnM*s~XL<6i*Gf<+bm-JK(^ZI~h*dBUHT@|T
z|6wY(M}Jpn?QvA!ez;P^*qFz@&p%>&xi9k`m`}K$JN6nAXI8z)#_C(=pnxEiBfa$z
zqKKudosLccS+53M8#bE+t<MymfA6;paMJV`TZv4G!SN@k_e2{un~2qHLG01L0)ikQ
zk;;+El{XHA^t{)C$z;W51EIGQQKE=wwPLZ^ZhJO2_jL*la@lnmb4}j-i;J&lvtlxK
zA<AU8^`UsJ9=+`z@2vYB|CAfhY1G^d0(5O}<`~TrFTcd(eoj4PmLQR%cl@D4hkf+X
zM<0Fs=aAwYIhol*x3c<D3Ki`WaaM@bX2<gRr|USK*Mv(@Fb=jF4(;B_zWtN<^J~vC
zG1M8E1Wb*E99p-EO~)?Ns`V$-OG{f?CMK^)!tCrwi~WwZg#+jpJ>-Vr*V=ZK<6FPs
zO5oEB9?%cHvV($iyIHxplwm_6QA*7;SLc#)Wj!Y{f5jZnMouP|BS_3#%}r<Ho{RkL
z?N^vT!WX4P#Mn^4fsJ3V{!ktUA8*vA8jkGW&)Ljpc>Y)S5}-3vpL3iqmLH}6%vtD~
zOKF$bs7SxWx~<1~>c!W2W_B2ztu0hlHPB(UVQy=nuC5M4V;eTi)MlUHt7RXP*x`b&
zmmMvoF>H%D&(nW<nMcRE(B9HQRb3-pRx6#&4b;_Xacpi!Gzz4}e#=Lf0`MI?0$+PM
zosEUWe*ZaN>`X!K=7*1yl*;^lY}tN{1;2ilr|*rzUS^@W^b+6wV-1?oGjKCk(Pj~-
zFH9kA{eCk3{2I?aHV$WH-{Sf2q|fl%M<0Fk(Z~N3Hme!4SwyasUsDzf$dpb5h7ZPD
zc81orE=0LAUI8lFOUg0IJ@9h77G_wqVX;~f1Q}AndYj=_k4K<83NeS8PCag(-ZwmF
zM5_t2O@=});_U5(fit9KS1~Kh1H~N*d;zIcid5Q*GT{y+$m9|vck$%;LDYJ@Je^S|
zRMH^T;p**q%^)OVGn+6=l=SBC3n0;YGjhxzwyrwQg$#EJ&({z#cLtGmQUse7XYXKC
z)(py<ZFqQk-B6g?tX8Zx5t&?uwd*eRvWZAkj)aYzP2j-MOq@7`<uAU^j=jm;JJPpj
zK0LV!Cl4?5m8Z!ns$pt`BiGe#Hggr(X=T_PBk*!i{Cq=<T!oW|C;G}Wy_S*nFO;DR
ziei|Hz>y;-kdcFX;B<UkRe*rb&Wiy9J&4aa#Nm`OgwXj6a8)7wm-ew5oV^^;*B6jm
z-Ac5-JxT!(t+eIkkkZl4^<i;v_rt-io|G#kw2$ydea+Y<T8&hvr&6rYFyGhpMmwTi
z*O74iJaYL}RN=GmwAY}E9E>973@0x5ViLTG2=qjGP5-LUdopzLd?JR9W!&f;y!-lk
zb{)-R>c9!~mc>}%FpwFO16XqAIH$sWNo|xd=CQ%J>11Hi;Nsx}2TRDUsAGhW=QVFy
z5lee9>6y()0w&<DkfD$(P$@eot!uz&22_B}Oha`w9c@2DL;oXvntE%Wy7^*n*GXxO
z340e$T+}xN1YJfODpj{;SnWHQ$x+U%JawAO&I)pB?3pofI8MD7`vgIPvv)t_ru|&b
zF6F_nklPFtYMebiF{l!#XprLM>W$sC=ZH2lMzaK!Qi3RgOykUearY29WCY`e59H(b
zKH<=zF-#unhi^}(Ni21FoJlUlbIu=m<`<K&Q%Eqkm6B?b@MAVUiGv5hjtVkLYOp!G
z;ibQ3XcI-O7Biw$(d!3>-q{;>1Ei#7(>yB-{q4e2B1NfG)6v*Ob9+0W1<^)pa|87a
zwQv`M=8xjwMzFmdsiif@?OpJ4x$ey>V(Bu1O7+t|h@?^!f&@YQ5g9MhF>umU0(O7P
z@w4gpUdcihI*q}%DTr?(AeE_5+d62ds;5&F(F+2iwTq^@TIz0zpDl_4YNr6k+~du_
zk&~D(WDTz_J<5)Y4=_H!{in3%25Ox>u8vAB7ZuUiZpK~RJ)cEOBl#HxbhQ3EEK&as
zL_|T3qwhdwKN8C5$x|8f)$6>!Z#&5gCg5vO_J|q)AZXkeG^ih&wx*GEri5g36t9HZ
zp_7KwU$c?4%ZXH{R^mHpDE?}om#hIl9R&s_XPj;E6qVM|G29EC0AQo5w3v*BI$EyT
z%XIcGxVkGzt8GDL=YjWiqoruYXtJSHc8`TbB1I~Z^)OYa^^SNtJCRUXk5uP`x97E&
zU9@2~S&%3dNclOk@jrxIg`>L%PEC2#cS&*b_P*iMZL^rLAiI(B;&v1UXTtl3u<KYd
z@kd)|ix@+ss~$I5Fm7Tj8E50EE>JUc?f~qh|9oijw(=`n%xoq4w~z7ULs1yyU};JQ
zp{IdfDwQEfB#1vKBt>jC0hPTEBW8FpaO7CVMQz~S_jeL|ZW0kQ-0}CfkyBBF)zK3#
z&9y^kq7941+HDM!*f1eSCckEuy2U6f2m(@>>`r6aPewp0bH?36pt&T6%4QpG_T6={
z8C$tpR7g?HEv@=NnG@M-30mJ#%ow(YbtmFEr!Z2~>A}M22pp6Gf=Y{rrw5g1aw)25
zCc@F~M*o?sib*SL#WBJg2c?o0wGyGNiTbAQ5a4n|ti~3qYa3|oaJuU_bTn0vl9Z3<
zn78@mlQVFU3z+NkxPp<pZDFtXjY{i)yN8yf`Z^?fH@vS~enlH5iw&7fdgp-^(MD%|
zHs=zn>Gzw({QA+MC?(KQo6Z?iXHVm`%}hsaF6A|5LVdeELq%&BHN{z!7#)}p;K3c{
zbeRFK0B2-pOZorUyXycs>htmA@0oSG-E+5`<=iD6Vnpy#+@*yUXiK3&Td2^M8imqt
zDL<;TP>K`{2@nz_MiS!0E}opbtncjn{<sTz0Rj{VeO`aw&F*~Wvm?9n%=0|`nw!+L
z<k2c6`slG^!u-yY-x~~=jq2NjwB|T+ay<ApY-V@Qsbs`hM!%y*2@D)!$Bs_iDdR{S
zt7C*Yj+`7f-gmurgle{toSF)4d)axohY7jPH-4jN-Zr+q-iaxtl;oI?@cn)as@YCL
zVgmkM2Wjo~QW_sK@;H^|<M6)S^mg@+E~$*P=23>}>ggvqvSXoZL3%p6@V?*m&R`=k
zBL!z<1zlbXi76R4j3e8pYhi*>BUUMYDTEN88iO^3;<7ZfZTso)Mv16<c=YajdA=o^
zFManrOfS#E79Hl`<`=m8SAXWNd-KWt(K(E>``GZ<-TdFf>nJ+^8{9m<i8Qy7;IJ2B
zl5iTvYG`zHy*m%!pM4gWUND;sa}O{5^G<$o&u#3i{UX<0dkwS866xLi6hHg%|MBFD
zuQ9DWja1Vho1cG#hn5d8_nMoTUzd$d>tpkxzjMd^5Abwp1y{~U2Vm&nezqU-^YyQO
zow}SDhW4%G|NY`;Jic%-GbR>LT75EC8O`*r--dVkIehKf6G?Siaat7G3^A0>{xT;`
zXdo-j!tnl8+<n_GdGe_xOs&3zf@x=Qr9q>4LqAz3UB)*rtif${U=6puZ5yNEVRpRu
zFaGe*RtnC#k*iLwB*~^Q(DFJ@{rwO8^PWGEo&Q5ltr+>P7iizdp5|_5e(h?e7bl~2
zY~i1G+{z<QJ<SQztC>E|C4Ff>MlzQ|2qBIm5&BxU@WfyK&eAp8*n99Wt*xyb+_Qz1
z%hz(qG>)9~1Y&F+DyE)5c>gN?dH*7|w|3D#&`aCiExh#75?*T_7~{Q-<krogAhw@}
z{`3&5b{wF)ub-aQ{cKpZkVUT^A{<f3sF+Gqv5Q52{})TvZlk5UkAePP+77le7>b}{
z#uXb+qGy1%wsv~^y6GJX9_1#To%qyPT*gigwsz6m*UNzS17;c-;wWjVCC|Ese?0gU
z8+II`r>~E$*8RNp?9;4h?!y1hCV5Aw77FSoGv0of=kI@%m4o@rm{f#W8Ob2@jGxE}
zu_0Fd^Uo~Wcz~|netNqOvgOs~EO~JgW6d5glC3b*%J$cHaj>lyUqr<b8&9m$hQX|k
zmV<ulIGp5GPGnM97f(F;5KGtX9$i-pTbDe<zt;CqcJg$JJ+=@3g++CeTRG{!vJQhI
zpQeU*T30^Bvu#ESYRX9(t*fg#J>->^W7_lr&#ga1NkbWlV`L{D8z%+z6DUmF&BKo^
zWaG|5^z`=9esB{{KmH5{+I!vz2e=C-GOsp|Z4dpEr&n&~P-h?geO>I`xQzS%xe8~|
zNz5#d9o>#1CQV6W|0_?hqGgE6x+2_01Mb2~N`tSl_?hjP(kjSKcA!Kx{M`q5ecK*d
zx&{a-CR}lG#M+D)Oa_j2tKDF9QZi*aNnOuz|G!@$98*S3VHzd{FuNJwFpY_>*LnQm
zM_94-5Iz0<^mH8H)h8cd@xCxK=1m~oVa4i6CNCq6-LJmPip|Y*_4U%aYc-1&t!8)2
zhsjEGQc&OY!RB;aEt3i}+4SK3EL^#j!`;2~_q4Nn%W@uGvXP-9$F4brrkNA4?R<qt
zo?1y?`g9tL++*)w1|zYh)0v;9vFg5idHS_IboBHy(BDHx+hO|r3TY)xRODM({Er7&
zx?u<HJ$>|bwX);2XL))>GsFHM-o6%gy}pB%&OQQ~8CP5qaWOUwM)Q~%CpszyqfUQM
zD{Y-U^!Bu~W!V!vxvrhz_c;X_thr1)v4GIdhxqejt2ofsO@Chx2X}5@`JzQ^>KeOF
zsWGF1`Ax+PFZw(GUb2>bE#34F^wZsTkdDC+n#D<4P677j*IBk=J%_sc=x*D^%IBYB
z{l;Vak^MIAaZH_5h;`G0+_!Kgdk=Th*WbgT-CJ1p@Dg4h@*Z29FD91ESO=D_!yM@B
zrmw%3qn);$`Atk8ukzgEkMhdyUdpC5l4d{JnZ|(Kl}1j!fo<zwV9ln(^!4{}VDlQD
zUAm0sBfGbz;ceT)hMoIp?-?d)uo9Et!DBFCI+ik@?_7IAHWTY=h^$!5lS^J@UuQ3U
zJss>?^(;>=-$m!}ktL(}``c;W-c09Eh)=q0macng-MN)rdk@n)6hyUph>wfGX0xLj
zk5aiobx>GSOOmgZho5;4t*Mbxw-LpYLv5Lp%_|>gYqOd9s)8}HVLvPjsrl8^l=^w@
zna6o$!(KXj`{-)f!3$46$(CJ*-sod%PZ~#KRW)skALBpIu3~R{5B<Ge9BN+2qtC6T
zqi1CD?G6v|amfs{x6skuLtl44q1X(XYHP8sd7KBIdXXK6y6Efcp>_XOo_+d7n!Ebn
z)i3u`r8>wguAw&f0FOWVFfXp(OIL3{JspSG`qE-v+_;ziqa06)*-c(qC9$mJvB$Pk
zQC3E>&4ME_i?TG8U5gg6E?7=YNgT&=DCj7d6d%1UhiLEWrMK%KuP%Oqmv=QY{Fdcn
zVv~t=xam54fX?n-`g;e*$PEwE-@cz6J9g92Geih0p7;cub}L4s37a#Wx;bTZY=4S>
zJhGhq?L7?i^>AqCT3&u}F<V+;<e|VgQgY1rylu3$^w7~eNJNWbwmOJUO=Y0BgZ9oI
zy1V)bY9Hp>r(m&psGdF*-+^WP`-v4C=<H>nw}Tz8y~Ls=FY(50y$^ZLF<29+J7EI)
z#wYpLQ=1{Lf%4o041nrPpmNeI%DPtZ=tEDiZg)Gq{rz;c>|)7753s%`mXoJf;j!C^
zP0J$P+0N>hma}bNCw<**Y+JRACF?fQebn=hK9W_chZ*W@rLCiv{;tDpTCtetmTY;S
zV?xE^PNTBEmVvd;@z9em)7;iWe_uC;n_pw`3(MKlIy}bfbaYgRM(FEk<#2Z&Jsk&F
z_xuw)wWf#g+tU04bRJyIf1X;(&eksa`?}e)VHuA;@D$;^My6M!zWZFH+9_z7LZ)Rm
z|M<s~ytaGvd;j6Rtb6$xmTu`7tw=NmlZUi)C+g5)4tMs@*WZsf8b|%S8DxZ3^0$Yc
zW9z<Fdi(q7JhY3Kp8O}zw<R!j{zTHos(o)tq;B>UQUc5Q>%SMXc~1*H{R8xMw{f_=
zpOES#zitxsiF<kCkw;j*dH=|7s*Z!aw)o#Xxg$u^iB06X-d&;LqcGS!6jwKr+OdwO
zo?OD~hq~$O?c%`JRXq93D)w|7`Q%k>v1#O_JK47SCDv@)M|WR02e++a;gWUiJ^GF{
zLa~rl(MWOnAdfxp2(N6}O=oW(JspSHx@s}czqTK5P(uq2(z0(S``Y^n|4;Xr6heqk
zn4)4d8PLN)B2kU5Z7=cM#sQ|EcP^()ts*Nqp2XB_s-~UB`KRR5w)S~8wD^ej?&6t6
z>rfgm;;M7zQZ_D?`1nN9vU5m_J@!^TrnF)v&6-YGUK+`nMKn!oA~(j$_{I~MQC~u8
zVhTmo6KN=nqrIh_;Xnj`-$9nY^a|eiVsaCV40N{9-s8uSnvFZ!#_PKdFcccOrWoRK
zXqbNn(`pMyNlGEFyot&6g$y4)K<7XRqs@ui?Z9F*V6nOIcs#^7tf-2al!7`IoH2)j
z1S=8$FaaFId29@HwKEimVzIk$yBwGdMy!q)Jh2{Jws)3d)(H(AV)deBXnFIw^4yse
zXQh&mm_lCV6wWwvK6!!7tl6}e;n6W;OQU+)Y0PdaB|RyL%%U2mO{m7))k16U@W=D~
zt$2fE{0bq2IF2Y7bU*u7-p9}Gz6W=D8i`I55pN&u!!BlCcoj3s)3BITie_BES2yqB
zo(F!yH`i8CmSv@<xtX4nTCTZ%@|f@LDxAgDmv7+be|eDaT(^pb+Hojtd)PH(=7cYo
zF<((ICf9MvS1+dhjtBVlcdjSDx`JGXMt4^tr+xQQrspM*kX1@esgEcAb_d=q`4rE%
zj4NgpV1CzC*G^`6HDxI;@b};Tf<tvhRL{AT*&irT#YjfOX<T;JUhaPQZf<yeIrSy!
zcw2XHXfT-zZ)$jtr|1>TS(VHzkK>#7EhqiF-_evanscKVaHiC7!PhTf&u<>(C*Rmf
zRc#4Y-(H#z8mT?|>x?~nfUYrkXf6MD<2|$|6;YgRr)T#z4%y53;wkmS8r65?9VxhS
z8@c4NOX&UMgZ$*%o2aWU#OyuHw&oUMn=a$4XEqUUGrY4d_c1tzbsQsu!A{AP>A3H@
zjlR$fDoV1ky-}0eL3%+kneIMT_7qcBmVwRuQJ=R{@RZKx%Ck4{>%aby>$ko_eQ5@v
zu7d<}Qz?y!r}d51=W)`NSF)r39`3#QMxL*#CfnA}uC4otCQRU~H=IwY$2__n77A(`
zvHtoGbY`7Td0srK0@m0fN=u^r`S~_#&nqL@sel%wed}}l{Kt=>7nPF}r_;J~8@)M`
zxng$7yE9adP>sYEPG&~lo&0FUe$Kh!N(xg(Z}=%jl1gWA>7~v5?$7u0gKe);Q<a6*
zwU2H4yC^*M8ZMbrg3GL+m@+uw#JRk(;a+}mQwJ*=bBJ{JVpbf)r@21loX+9Ovp0@8
zrzJ57Z`}M=-Qzjqiu2iV`+fZGyWix6#!AxFUbZ!N5<B-A7R)&E;TuS*oK9oxU%79M
zi!c7@1jgBqb}*_qlB&4yhO24$`Cs_OH@8z%T}G-kNFZus=H)+RK~V!2Uv?H9cR$Rn
zH@r@5eF<)FE87kYQgPu;%u#gucfG{#Zo8MRxJvSp&Ga4I$pLEv7tX6Eag3X`#>8Ug
z&njorV|VhcuGc6|h|t|(#g(99>3Q!NGnib|oO(4EZ2CEm-t`@JzR*BPg2LYBT^LhO
z;OmX^$9|zPnHiUSm7VQ(@Z_(*!z=mKl;%3{b$5|}+IP8ldM^2mGdQV!DG&Vi2OL;k
zLxM6y&>JK+Kl=lGmPeanH}z*+!54Sj&SSs(E?Zw{q$FMC(6(m6v2*#>f*Hs5BVJ9W
zVp;{McRkK+xAo9aUdEg=t{U?_jMgkB&#&XoZ#=^Oiqp8VVI1#Oy~-Aw!Ib%DviQgU
z<R>?^(o~W}uy+7oG?T*k(X(g7%l_35a>F0ikW*GdnkC5YZQHTdoyZwY*?|98w&pE^
zjc39a&gZmUzu}SFzQcxB8X0E`a_F#1W_Av7hmHjFz3g0gCpY~1Rp#IJ|F~*qKK4)W
z7o`>&VC{oH<DLx~MdORGhg#USvy1XmuckizXr(n3TsdV_CH3*gRS_<}wgiV!0X2@|
z+7bf){2RM7E~P4Otkkv-OTm#@&3PA`N6Q`e@q=$}q@kt=^Kd&o2{GiRWYc$KNk=-f
z&b^S$Ex*CW@hkuUAOJ~3K~(48w|$p2FVs-z4zqjPZbEezQr}ohGN8Cqsjq5a;h!Jj
z*FSBcBDapyZakBQ(=OnwJzYF}_bt4>yq=PDBdt5OGnjl5H#IbT#(HI`#N|)qf{QPq
z>z+rr<;G3aR~2F$ILP(`5l*`HCK@V^@>0b_Vs<fkMn6mX3b}lI8dkG{VosvGJca-F
z=rge3Qi|iO$F$Av+<InDDCgb>e#y-TULxD#r%exIGseBG6tkL~&$NmX?t1)gZtK}Z
zdD%qHxN06*Z+o{0t*am8XMb6SDXWr<m<TP+I~XpW&#Z<5JT5o&r+k^qw)}+q@A@`7
zmex}c7v<3Iofryc@s0A60Wexz6i=K$_;-u=^)3BmS4`#lb5A7O6-Q}p1HL<-;f|km
zkzX{0%dVR80V>RlF`X6{#WOGB$_?M=?%&_Uo|kLM^XRk<3}8yAqAYQ=ulM_&bB^-<
z1~aKOb7-{vmA`K`^Q9k5A<I4bJxH;V+jt6>U9yiqKKOrpd(%r)7bf66yo=_R2u+uL
zjWe5au^Ek+a%-7Ar-9q=|2;PySW9K9iQd5gQFji>N4-0!;!GIF#98$$yYF6p*t?PZ
zI2h>fCXkek>wTVvFjy04Sa2@q?fMlD{{CjRzEs8dM3qCkcjGTw!1v1P$J$`*iDjHP
zD~mfG{}tao@Dkb10Dav-;xgjseOpSb4NrV3k?r^M%Wca@v<KL=ek1)cMV#}s3#d-9
zphVyKSb>4WiUnMK?lyk&;Jw`VjTfma%OKR!%)wwBr+&Te=v`<`ag;Pxk+}M4ZvUB&
z36<r{IpaL)8@|BRXYJ$8NAKjuHH)YmpUm)qo$MVnQF->)xoBGM$OC%s+Ex>p6VK(k
zb6U9bk>Byn)eEUC&B5&NLCaadb(hZ~qi`yhTyhR~{^e0_`Sv<$%Ck}W53*x#H(7J8
z;L`b3#8_0cv0~^SmchojrUjgP#&+($|2Dq0{&^}gZ1i?|iFaj?mi6YZ5OZ8Evu4j>
z_3ig_>rDrkP?<`gcMxOLP2$matWhe?aZ|YT!qe&f^OM|i!+L6~3a}0wWLJBXsb9W{
z8A_Cay)X028-GY!!?*a&b*Gc*{`ej(5<&>^9`peHT>~hVZ0x2Go%{CCqoh+-l#b&q
z7dF-8B)6;-=Rcldcgql7Z7;jKbxKdIAT#EpKb+*rNFgIB7PA7NVzD`}CuftDk%nuu
zJfG2Q#c8vnhBb6Oihrns16wz+zO9|xnisuM$w=3uM4~S0tq>i3=+6=7AtyT>=je9~
z)nLNuiXq%LM4vZ+c9gp_dQ`*Pxu3PmUu4yW9kg_H(Aw6+;a!{PA793hZ?qJ~`_Xkm
z1MTeD?<H|g1zE9g2@ES{;xh`#N{n)-r4?^z<O{wfHkOQWnZ%5iS5#C3Hirv+pqYU|
zAOF1uL;sr$*IaYW4_&SgbE8ZMA;kYGMNu%D%^$fJ)3H;rIFc!-C?`8D7N^aD(;Y`v
z*<{YX{7TMU&_J@?fP#YAnM`TJB+4>eXn`PM-9mcB37m7mxlGKD!>H(JnuccZP}a~u
zWu_a|Xd}I}iAfb1m?9DUfe6m@GUlCg31?0&z;04e6cu-RDHH0;Nw!Du5BUih?Bv!o
z(O8*Jyv>X)CYijve4Nn$VWWqV`Uw;z+sEi*sNhV@B`-4#b0|R6nm}b^16eUD*b*qN
zsv<AR`9}G)s20HxlSyU$WC{|^sHPb5YZ|D|PeF+W@P~9f*|nU0(S^*a&Keo-(WX*y
z5}RnpkvfhUC!I=thU<;-DF!Ra`L#@{FTh2RU?_|wzJL=>yMS}&R}p6(DRro620VFH
zG?r&z8@=0ZusVs4F%k$4;|r)H6;I*(%P(VoRT^f4imrvh7Ef{21WME07!76;^Qvg5
zEhfRFF*xKyjmcoj8JBVOc_&hs=ornE)Cp?}3AtrdjnBeqd9xH|1RI&fRZK2TAG1WH
zqI}SGFgm_>&;8hQs9<!&5U02)pFEpcQ>uu2Bgm#;u{trw#FJS&i<72Tkn)zyhNu=n
zvn5hq-9%+Z3@TB=quWuHmxO6_#d=gDVu&HPvYrVAi5LuaGD>Ty7?+G52@t_f{>0O{
z=!_G{j!ht~yoSbtL{vq=mYC0krfRZc3<SJG1e6#`r+tAduR5QJd9fIeL`dG)4i6>M
z7BH<o4J!(&YQ`Ps#*$gi+&R-IinoHIVsXacae&u1Oekt2r+zM%U3oE+^JCwg)%})z
zT}5SJ|8kydi|4{GUq(afoArm4(e0|M9EVd4F)$Rwnoz*p^RMReQ>Tz|q;IEUA|a=k
z;`|Kkh6v%PjlxMMbJi&n$Vg6k<8xDqqA50V%W4^)6@S#S=KzXodyhGde{)V%12O5P
zOl&A4$)*$Z1<>s&)Sh@QSDZSDlo-n!4_l~a4~YpzVsmOadBH3)V~z}9^!B{!p>$$B
z<1^eCRTHt9rA(YuNrFYg=kuW%J!F?pVscF(9-EoO{2H37^KmIr0{#$2Pd3v|zld{Y
zRTFPFV{y8PahM5u{RA~5DaF$`|B6ePU6J-i$@;fa4NkJls>n~U67U94V+&Yt!Q_2q
zQ)JKb<}eH}_~32>H16($ySux)ySp?D?(XjH?(XjH?y%hd#@)TYyB}d+bVS#Q>Jz84
zs`6y!lbH|O7^ye`b9-7)ff%CYFGzom+N75fPCbdB>B&F+CsKt@Cqz&?l0W>tdP-vb
z23$34hLaWYqZ})+mLbM29Lz}O<l`(zw(xrJ=zpcE_r?u~)$E+J?$DD`Q4tKoZU1z!
z!(!X*p^=M55f|cRLfMt8PR7TauO>c_RcFg^8H_H<jYR#f>;~e9vTL&{VO_xjNKXlc
zMFuSYgzyY-;Bc)cvD-!|luJkS=amgHBlsfg962Qyaqd(F`4b*cMT{!9t{^NFVY=rL
zqb?xi2lQd_qo@yQNx5!<xzw<#^R~>3-H)mu@w!mdXvq4uiq3Eg?jN6*hBy)yLuanb
zs84CgFtOJL=19~WOIlh^L@^yWixNKgYvAw}k-mj2-Htuc`x(1L{+u){64f_pOz(sw
zF~)@X7p(abqFr$brgY5hkn2(UC<a}Bp1h(uuTfcam(92N^wBf>$wF=;G;w8kIqw%T
zg}kL{egXw$OhZSeJplX0EoZSX6Qh4>TZ!8U!xxbiOXQt;UA~;6wqVffc-YVBqDUrN
zY)MDMyq1VR$n&wIeJ|wnYffplxDng5y;?ja4E|)s8a;-_62HgUoPs!f^y(4xtN(IZ
zA>N`gMjy~-lS082V#RU=elaPrRg=SpmqbiR283`04g>+95H0mHYBw)e{Ph5Il`$nd
z8Wv_rIw}P94gj<aZ%o5t$UM|IhHOTh+G!suf~cS%%$i*)fi|z-1?XXb%n20Z@od_D
zrW#Elh~wv7kth~K7(rXZ#TkXzz`<BiNqwAWGPoQNJc4y0r*lr~mMi3v+8x?rsFnhK
zJ7XD5WucPS@j~8#wM$3KvD0W&NPThgETf*GkDH0pW?qcfw%3Z&j$t7oQyj<rW>y#k
z58s~+d3*=y?g)hvRKycTtZr{3dc8)rv2skw&GI864oR}e&`yb9>U`v}#^Z%#G}lG?
zUgoNX?ju9Z)WfkNvi&afdXi7=yk({+X|5N`5<}u7xm6JbEz`G|Yzb>Q7Kj$IZ3v*n
zg7<R~(gQCI2qh}()nAO^Z(4W+XM0TPeJF{Uf}T>?0LA{3;XJb)fiT3fAD|$=OTzsM
zT+`e)mK6+DWI^V20Ca_MJ*=P`+rL7=Q07pLckS3kC#dmxHvZrjZ4X!K@u{LR3wEE0
z6}ssWt6n!mpJ16$<^!4bh&x<or57C}tSJxsP9$=g3Vi)s2tl;J5d*@>NHWLA%5=4~
zoI+-h4rLjraTneHW%%i4XX#|=uj*UCDcklZP8LkPAISd>V+;D)N@n2<bf(-v9te8$
z<ZQb&l{Oop^+b^wtBT>NZ87u%`RoMPLbk^CJ*J2Bjm*J$cOE4px1qJ244{JDI!-Z~
z3R1i^$v!+GY}tR=jJ12(QeZfX1sRo4Vs%)2Ds-hNb2{8OtA*iU4fpIztW2`-mm^Vs
z{!;o9)5Kv;t#meLFV}#pbhpkuZADIk1=^DbFShA?n%f6jvJ$$ug%k1p{O)xUW8IO+
zug9I*0^L&%iNh*BrEzTPx0yt?W^U+G_8DdVS;n{|N=(etp$8QiNoqUt6cbV@Uf95&
zKO8yP=F{vx0>>)H2i)pPAi_eM#`x@F(tZT{v&!ET7gGbK&jE!sp+P$eaaEbR)=5ca
zm{OfjV$>Phl5O)YbNaGOtwY5YIbI&*K~;E}Gy%lSsVkvC1p^Wtx@A$al7fnoZ;b?f
zTQ<M!&sdEz?1_~<bTOB!g(q0p5!OY-yfF5kkC!B^8>T~w;OxZBifBXz3}ixueyix!
z78OwwEF1C)3Wp!D%H0$d(|nEkO@R4TB|$kbXlh;3eaO<|Ycw`;`O%6LS|pY`q7u{+
zeHJx;)0BIjY>QQXA}OuKW!hkBr>Tpp$+71v?i=(k%S=rJsc%M0hNT~E3|zv@i1Ujg
zgTk;a+yeg4`VnXQEE{VN9m|VdsQ?KN<<=#PY^hLOi<k1=YJc&0P%>)6pC(cnG-ju{
zGMI<B3+vX)Y&zk-kMh?Ur1uGu00&zQ$tKI->5li<kcm58ql9?}7ps%|!y9AiZeh$M
zIb034-DV2XM&_=ElQwOuqrf4S8ctl9?}!=9Cj{iu2{#oPt+6OFwfT%Km}*JlwwS?}
z8oe-R&gtm&KPU(KlYL1y8qPUCdjLD;#thYrj(g5-MNzQgXtjc)#@&#LDxU7H+o6g?
z6RjDkosM9IG)a?h&$r1u-XJ9DoSCAEf<(<QcbA^=#!7W^Y@du~k#%m<9%t&Gzr$IA
zlWKIBiHn`SbG52IJV6IQ8#5T|fk@>_xoqK2emozpeQcR0F@zOcrHn)rOA?v3F0=pb
zX>(=3Kr`3bx<buxH3F>$-X^Jjl^j|bz-4U5FQ^<$aQQO6f1Bj)fGPI?fyQKTJ!Lpd
zX-rp6>=^rF2U?4HGtJRhW3bFD2gn@D^IM9xm^1m?a9*nVBu0T^e<;gAEmfnyBQ)}G
zzIy*fU?S~~{XbY_Sk9IMyR70f2t~jXzQY@r`jhwO6XqoA<Y822v)|fdgb$?c+id+e
zb=(&??bmhQiOy54iXsj*o{>pvu9d+Z^~${iWBKNLZ5~4>rHDHy#2tGHc&F<fZSOIb
z3%s3I=l2+fk{Iqax=LXT_B+Hzt#_^mMvo{SPj8S6eVU5jeZmFiS`A!ISc~sQ6vm%7
zjT)R}#$&-d0l)aL@%%J7nja4;tCl=)oj>mEZqjl;ryT2K@XYa=fR~%Kfu=0)30P7i
z+55?xSMhi>`U6zXw&$U{!sMUdrb7~8;XQ&Y*Jp<noj;>z&ncb;l)WT2Bh;HtSJ;R+
zHa>Kcnb&%Doj1D9Pivq0&l_pkR^g6dF5Lt1w7tK`<|+>(PbY~+X9l4kH^!*K$KQ@7
zGU*v6Aq9?9K7X=!9nwU!o-tSO)CQpw(zXTjcwd@x{z@6e^YXwb{<wcTSvg%wa;9>A
zJJP$+IKf&)ofp37Cr?RC55L@^Xe{4v<M`;=ceE7-1fgBDCs%&<jy_&|pcpUo&34|h
zSv9}4!i>MNb++ho52FG%xJI9j9a&}>-ch|=*DVmK$hSAv-*yj`Z^F+});tfTlatMN
zrb^*$&Xqp|9+;eOW=BtLzDIZabK1Q!y*X%7JFi_MVd8K!y^m_^Dn8V&y^n?uvB`ax
zj+$zIhU{?fO?R1iA!E^$iE@4i^*DX~EO;AeZPxv0`pWAy_<J9<HZjkmIT+}?HXP4z
zi(Wb!@MN=h8u{yM`vg4EO#cM)`_cB!Sm_dW_)sjtWeT2*c!!dyuSO(6yOsNS<(A>*
zfn+xR-6-PGW2M&(PnPdP7aSt^`q@9gkJqF3{Y?9n5uVB#pnF0jw!_WW=}6FL93e$?
zq;I41Gn41fmu1VdHuy0<s`~UKCO2|IHXO$BpwC@`00Vvv?_6y<oZH5pG_m#!+eCas
z@p0-<_cwF9n>WZ4gfIIS$R_^zc;(H~EDh37X)Y%Tu4o$yU&thAx(Kb$;%Pqz=h)TM
zH%+SXwyQ~w=lx7=qT{|>Hun+MvXa2MuwlkM6H2!$vW3g@KCGXJSMamd<|t8A9yspL
zFemnDOEV+MTIt={f$&u>=eRGy??3!OJbL+`dSn%9fpc{Zzh4`wjc&DG-grGgaV)eO
zV;n1S_B`1|J-(4MOQWLHyPj!wgb0o{&Yr>|!aSiLtqi_Mrn0R$Qd)W<OE9BVLn;M9
zKwQ0mK7r~oQb|l<2|x!y2KN4F_dMHd2}?}0+64+Bg@q9VA_a^?wtYc7xOqCZIMfJ8
zp_H8Akc<*$>pw(swOZ1(w0&e~yZ#(<D^Y9qNZk~bkMtUTSTJQiYZENb{%Zk$?R4fP
z0!OtB?r-AT>fE3YTA*3&?Fu|VP%_QiUmLD=Vm_<v?u8oe_P-+Chq1>`Wx`x<XRg=W
z7wS!5a$!S}4Abq8OiE?TU4LdgIvgh$<*;WmWkM!_B0jyRxQCD4YLUhGQDZJx?XS$$
zM$dqt81v?v8TsKykC4*(O5i*VrG9^jvP!cR{4$BRKbWCyX0_Jr&aG&!{UH6t>uRTI
zEt>q_1He>stYYb+?H`J*80!on(=d5l9mKDt4AgC?{DANLn5Nc~l;!K?I@@&j*{Dh#
zknik9Ih-V!)E5G=IKEGF9wuYld`9PaIzR<TTH*_u>yDSeI;aA!=1ZmY(?$ct!0oA9
z{HR_p_oN#&Cc_4X6%PBSyo+MvFb-`O_H6eSrE<tTA-!Mw$Lp-pMEHv0+h5gb3yj)w
z-v@)Ub?gdgkN0Ym+pibbUU#vU+<F+rc6!g$I)ftXl09BqzSHwuy%wuz79%GBZZgqu
zx2OkoZ^8j~Gkq{-DKpKx*Bs6BoxtyhUrcbFQmITI;}u<DAi^2|;y}R1$6fmxh8OTG
z?AfDw;kw}()6#Y>(}PZX$&KQ(<=)MyoiqN1kr0BVQkTCplr7OCeR+R4DJ}{Z6>U(;
z?SIf1qfD(RZGygQVu{z6{kEqQub8jSI*T24<bu~ROr+eKJ)rKY9S(G_@pcpK2bfaj
zqdi7%W!f}~3W~X<hCJgO4Yl@@yl%bJW(S%*i=B43NKlBvubWT=+<3?^LA3AZ?#msX
z5UnYX(@1slZavK!_UDEY6jI$cTCi<VLbo;U_u*|d^-(*q9es|6llX)Kl)l>6p)!hr
z*%_!#mrE0o>#rtQK50R*Pa}&ReQhlo8V9*|yr_IXZP%s<LEP9MW>=7icCd_GhQvi2
z8N7NtD%u{@CQ?^Ll+ti|kKV-unGiDNdHGcV(-;0{D;@st>zJ<c9Yf0hdQxa4x>6`o
z@`eCxGpv!2@P{h*ML4H(OOl<j?2h7$Hv^W6KFWc^e8gj}zKwTF6Wjc>w|@B{`_jJ1
z(wqt+=wMm>qC$TVeRd!)KCel_N2+g8T3tFRZA9qHa}*+%G2v}d=fH0cC@Aq*WBzi^
zJWkBTZGu{sTT7Guae7_Eq_*DdC$iW{P-Alt(9d!_m!$6VLUXwSK)8Bjq#@dgW*M6k
z%2>Y=+hXhP7$rboO*a;O2`hs_>-XalkP(s0a$Og-z+p@!cy2WShpW@;U=mhkME!;X
z22sR>RG~WN46X3+(P|ri93vsDtvR@bKaT8B%Q9fdPtAs_+?G4_v0CAs^hC-J(r7ft
z*%-t_YcXZ-NC~X*a6Dz9Fafe@Cw<?t%%5IbkFMB?lGjAM!onwCc4r2Wj;|@cv_g{T
z*S7h32meb&{BJ!`D|oR4{qNDgulLzXeeeAD;QvgwO^fZS{Ey%M?+Mt4L|0$8{;%1C
zY>@xjsQ<kD|JQB5{%zDr0AqU5hiIh=3F369fFt*@Vt6Bi*9z!A<?^*K?ME$Atl0f{
zU$cZii+si{x{TyxxF7BXub*=TV9DWX!(Jj$1PEop{bVha2$gyVYlP}-khN7v%KW)8
zd6`la))F2kcjt21$18CUSjKIp*Bk)Eo_x)jEs>3-iJ$HTnHduBo2eMmV@uG8SEeqx
z)*phhT^0(}QFNW(WU0jPv5AYWjcC<DTKj$GpRT<RG9eJ3Q2uLCGgaLf#jFQ^jV|0@
z3E2CzbEoSd{|*}ol^kAUrHcG<3*k{I5|F_Q3|amYGwTvJ)5Pv|`ODii3+RXo&%?$R
zNV&S2h`zSi+lY2AN5_;pI#Ra8Bi1Lmcn$yR>gdS=Z~ahXNjqYL{5wTTN%nhZdgc)8
zqq}gTqo#2aP1g&*joA}n#6Ew>5B@Xmqx{}&e7ics9`1~%NnNjLY;b?S5+7Mb^vv_U
zwgLgbzKSinFn@E4R2P=P;Dr}z1>RQt!%t646ZRu;P!dUrgBH>1KJTu{H}B9NUV;By
zjy~hqirrJ39bZAJw_M45r!;?>7UZ!%mD(ip`h8El@;r{|+YMG1YOH@8JbtrCM)f+)
z3Fg8)1e+)lS{tEv3Nn^WFXQRqqrZpj108>R@rWnZ+q@poh8{Dc?x9ze(w>DQhBD|r
ztI&t>Sh8<y(}Lvs+Ed^Vp=TN6kFC6ezGX3tJxWjNcvXOb{=&YxxeK>ktECGe*bsA!
z1~O6<$sXMai8^D_inLrN{l7<#J2gj^UHw(nPQ>_QOu@<`%$0%RPUV=L*E)$QnBQQ}
zOX+3$1jg}MwP{`2NfnAGCH+qj|GP&5of67U42}jPjlV^#n8FvwuQ}Et&%&U00~|dQ
z2ZHj@B*o}zle>IUO965ReK&u>t4Z?mPC9o+S0$XRCZ1@u*J!39n1UciEp_8Rr5W(+
zQgjjWnGoiP{F<6@;Zfv%jtO|tz?)!!You5yw3H<mf4Vnk$1)sAs;>P-v}X>!%=t_A
z^2Ms+7`vbaKjF4iqfeDbjh2FQ?{Jxk3%iajITqXST#AOmoyj5AS2WP-0F~ofWf1Nt
z=r`sDEm89r>t?QYb;YT`8*hWvsqyp%K7_vxBNl7+T5qW91EKi#>0^z><hMzj$f+nX
z#f<P-iZ!C;IYMgz9oDXb^LNS(v>d7;{RZ?R8XLMs)}SA&(Y7Z6Zv;*kXZpJKe?dWT
z`itbEclY+_Sxl*WgMZ3&K10px;8U>#9bbcTE+XmS|A>Bne{+=gshctA;AV<cc%A0!
zU{@m@yU_HcT*Js(h87AR35a2p!m=K;!YnnliTkJ^NU*}yGb|kV3rBXXBvl%k|9d%t
z05iX^JSun*LWImF1`q1$ZsOak|KF`@+Rhn%&mff8oL#)T>$4MXcKvjTN0YX?_0a)d
zoY?uUIz;$dDD0*I%wF$hVd%G$U(-1-Z~@Cro0GQ?gcgrN*QYwnMSCQeY;=o4o-L43
zit%;k|D~y~yNjVResBbW(?Bme$fKHP(armvr-RIx#7*?JzZuG+jkb|9nF8hrcs{*!
zlPo=DJ9uV+^DwT|f#|V*gE=xgQ^R#v-Qt3s!6x`)1?Qe^*w;0)Fx<If72>*=+XP;%
zo+0O;rW!omz`>h|c(SH6RH$9#kJ^sZ6aystTgxV@lT{=NM;z^_#6fL~-AfL>rk!zx
zL5wSRe(aOF-BAq4x1cuyt&OSSt1O{N;r!hG$;;GWQy{5_dk#cv&h91F4iAlk&1D6?
z=rwAIJ_=l;dvmF4NIech2M=KeQ8?ew>EW}X<y!S{)VO5<!So;P#;8{(*qQ^IkjqK&
z-;3AN0O>`?9G~Gl9XbB9jY~rsK!?&kVA|=9Q(H6q>LrEQN|o-16tv?tIgTc;(pjUe
zUWesam$l2(WKZHsv$c2Jjsi4>Taxl3OijJ|?jQ-VJSOM{2+ioiV{XH9$Sh+SH4<6$
zPxD3iDu>Fb%Z!wPHw)-(og`r8W6jK#VJ-@zzpq5;!~_?JSCeNFsQqkn&Pw1dQbqgQ
zwsN7rHECaIYulTvy-&TrEI2>A?~%wt<@YjEMHeGupA!oTWhD+13Fe(Q<eb(2(%(C*
zd6*(1;rltFAXeIJLyZ@Y_HvS(g$hli5sf-56r@K1ZCV+c8@+(iaCK?Xf}z};SN^uP
z9oo+IwZRz=2xDXtyCBS+V@*s9!D<b5Leya1{<rG>3WtUU!6a@PVC|O@Q&o8L^j~{)
z!1`2M>`g-?K|%sv7R8n7h}+mq?EQeFJl=i~hQG2aPPI4NDH37WZ9tbn2?^q}SX%1l
zO64EpBmhE}rV**5FiHxu6fH^Gpr>1P3PCG**$DmK)qn!ke1E&xv@Ba=9?OPe32gYO
zzTkLWsHtltA$b@^PC^HM<qpdEDM#U4ak+ghftA=lCJX-WTmV${<;ME(R+bkG?Zh4y
zk|t4FvVeC2rApKN1!ebV<pQ8JW1mM;@{HqeUs{ev*efwS<hbRlBLb~6DBszEC!$?<
zK%5ybPh|(UMC$r5j&Z)+0qrlSK#ZToE@S$gGQtEbED4#6{W8C-`;Z~4?G&L|Dsgoz
z6NCNGp}&Dx2l#V?@}y-B>^VTAa`kkiudls0&_r3^%=|ULJch*yt*K@i@r#vv?s0*r
z27Hlz?mbF3-VC*H7aT4Zg}fS!DtI3`KEL>J*4g=3x1AZ<CJG7v8N~CfovVfWLCB8N
zi;%H?us?7J?o!3p_vffqmQK@yS+Jg#s<P5xy};jvXBg#FwoTJrrCE=vm7Qmr>7ORw
z4i~zG5<p7y@PUTN)~=*yw6eke95lGe`yKyW3sy6@yMb402@O0vdVw0R@(kDLdHY+t
z5Xw51fx7h1@ghB@V)SqRvi(L3dQ7Ew=A$!n4kWc=>3e-CwktrQf@Ze-F<*Vwp@WB?
zE9koP{W=C3s`NasdYH=bs%%ZAiCB0`la*S>hR)tUBo`rJf>mlqgSl3F(a80O?vrem
zBKlY*n=FG^{PL^{Lq&;kM`FhNSS9iRt;tDNIyR(yi8Nw;9Al##??uDZ6U9!kC-mEO
zsUi|Kw51c0C<F_*SF@*&wO*}>+==PXCwjw9sWvOXz5(@Q1)NDpYT*6rcZcUlf{Vi5
zDV@Lh>JYAO`ZVyAmfIvWFge77Hb&LZrKtT_-&5y()~~oP^NW_opa{H^__=hyxA+ZO
z5|T_uY?C7B*M4=kG^7-qAmwTYX{d)V4KE7d$86U+2TlsnVVF|dG0+W4we^O~n&#(q
zjgMKxuLrj|JmuzI%LLYxp&Ow#i8!a)EJ@}WbFkI-N!1MwX7E~$O}=&>^BcaIb^MYp
z$Jjbl=W{T*>};zzJv)cFN=0F34iBc;OR4e-`CE&7J?p5$ams9wn{V!uRgg;xo@R?O
z#+o1L5G<I&fp^%mfveSYsLpxNnzs7sK-Qc&7skXxb&9(mgjcz@hxd_iIWbJI)SjNG
zbVi`x6B<X9%2OQue>{Z$(IGoH3bDy)I|f!Gj`jnQAQ$TMz3r2AQ%ItRC+ukco&-)`
zR7a0@H;)UA5FdI-R0e9uk;LGI<ltwhVEajaJy5FEsEAZ2sn_KFK7*D-O7q7UVOgib
zCkGw7@g-t>MwE#K1GJxic;Gu%26?oscCT#W)TJW^apCMte$|vv=JlgT(o=)AE{pKy
z+*9qBqDX*)X^ZI7{vs|3T;j@$O*15%e@U=g4)dEeG)@yYR?Hme`V;d0jyb^!t$NY;
z08px4DT@e~SDnWz;Q7^m%UeiNGP_LQXN`NW$52AlmqbP_zE$?(auN$ms*6&H@x2%G
zBV=NUfvHEQfxehJAu;oEyD<uTFQ1QPcAzy$_K0YLT`AKb{V&T<sk)m=oqiHOD5e^#
zm^8jvI6Qbe`}TBF;j$h+(?rNARdO$QxGzj2LOo5-UuMiFrlP!olrPjHf3dpzPt0mW
zI6f$Mx(TvNC;r3W(GqB<TO7`~*2fxl!7b<yPhbgOglHkpPfIR>i;bgvO1hvM^m~5@
zQ^)kFE|3iGBW_%GFO+c{Sx!;vu`oW9Du~Jrv4=6c8SDi8jkHO)bek+7Q@D0^zt+SX
z8!;=-Il(*4EK?AC<-Tt#-hM!tY8;XG3g}B2<gBv|gLuLPq5Tb`*)0;C=L-K<%E$jT
z39g%s>(t1~X>Z$!kRYWSYHav<7;Y?x1iDS==*!8H&BZLNy`yusBIxve;WaE36cyH(
z18qb|t}0xTf@q2m_`0p+HWKJ8<WT0E1q^$6aVjfvi?F$3*yv>xa--+kTsqPWh}Ty}
zXd3RT8-52tE|3zyB5!b@muKm?R3aN`3eWOJo#_AQK~YfbHj$CR(1aU+Nuq#Cf`tmw
zA0AR5pkfG0m5v}Bx4>U8{mr!Dx1JYi5xXp5m4jhv?Nfe^Af_QSm)q8<M;oJ=HWanS
zthLP4H$&z5<~I0^A|>W&VvaSY{A9I24PJQZ+6|&pi(SG^6uVGCb=a;;=k!}66|ToC
z?R@mp!K#t$>~&yHfU7v0;TL4JbxvIDnEpqF5Zln8^C^I13)g;&h5gsga5`_p^S}zh
z#)KI&ZR1)m8wMtP2W!_ZD0?g1v#U{O`WqrcBz&Dyy3D5+>gW68+xGRkLYf-^PqLbz
zkRK>$R^ZzYJ|}v_v`mApx6VH#v`yj0A6L$B((RF|_F~-UAduI%es%31P@he&Oi~l&
z+3Y;mv$%i%)94PFEEZ8AEGbHgAnaxpRJ841A(Ljf>63!BRv}@T5Qr(6#h9}#Tnfd2
z^*WKop(@G6R8Zi8f=WV}+GH5Y*O8ITbAf@mfUT;f7;;J62Y$0=L^iTc%p~v+O=Crg
zg(9rhO$YVlZSluUu88i+tq5FN#po-=#6Yv|xvD5Ck3^lG{uZmt_$|z@UpJp<-p@TX
zG5c?1zbRn8qPB)g<j^Kg<uSO_x0H2kuN4{9>BSUUz?Mz8R?#ut7X;5e7{9p7XVsEm
zwVZwmXYY@9+*}`_YB{@BW~Qg7Ea$NhC+fYw@GJ^g>a2ufcB;j!$}USZ%Y^815H+sa
zthl8ZeIQ*B3+QP}WWlk3EN$f6DS&Bo98E4wg2MLdD#z)gp*mAD9`{Qdt$weW&Jwx>
z!Fy+hU|}YvrRxvK30$6AlqPz4ko^IQ8T{Jw#8ibYv~Y?QR#mIsdtQxbEhpRSQ!u@N
zmc#Okc$vP2OAUYQA`+iBJai6ypDKAVGeRHc?WE2*KxH*|+cUGMvfn_5R}p(Nb+2cG
zqf0(lcG*TmfB55DA~L2e`lff`93j7j_p|QD!;w{i<~<cPcXMQ1BesS<P!{^-==dbd
zn>D0>BI%5d2mnCTX8_{TA_TQ^m_8;CN!Zb@t%^SS;H~R)$0kYSta9Hl3NQ+ID?@mu
z_}8&AylbZ4!9sMK5OT8xK7CGZcn%&aE_~v7r`un&Uvdnmx2FOuXPDDX#Yxg-gfI+4
zd?*ok1!TQ*Ja`SE!hDJ-RsH_>qLSuLeYebZpIwiua4@*!Xg*}?<eA~}A&2Upl*fa|
z11x$@IHucgjuX0OP9EB=!X*duw$;Y3tgx$b=w+#15rILzXePlWmqmxntjGv^+EYaT
zFhM05?pDCQHe<FfGdRp}OED{5YV+b6?qIZ&e@}vUH+GV%^<*IsM^we&ri9o$7vKk;
z6`KxXNRWI%oOBNCYNy5J<^>Fx5aWIvzleyp23kIowgKF$ioqQ9KFEp3UGl%(iV`gA
z3EoVbf1I88+E(bmO}H>HIa;#%CI9e@%w<_*c3@w{EGjksjVzj#RQ4pt@YAgfBEybu
zC!KL&VP<K8S3;R~nJX_JjBQC~86Vdwzoj7ZAd)n!pI43+=<_<|v;lr?!vX79&)6s|
znx*6TA_586Zb*iA58;anHZ?8E?PyMS`Oa91<Sq8sXZ4{u)gSM9Bg~OeUR_>V-58sZ
z;bKogE~;rTnEj>=kea$zr{EFEf9QP2Zc*{g^q7qG;XOQSki)d1G(X#M^S;JycnEHX
z(VP^WC<jNg(i%4QPq)S6-?*5FMcre!s1rIhtP;}@HBo6;z17d*sNmwtb@5=f&<G-U
z09>T_J%_1vQ9&^mlo7|ro<dBUlY)a<3B_`oA%vsk{n<uGAZ$13uxYcwlZ7zXFwsAv
zb#JA2CTWx0<wjP)Kwd%W7%Hd~y(x{wiJTJF4}&ky7dCOQKSYOtrp$7C9Ghd;j#6d1
zxZ>2nS>F%0J$AT?JW122#zJNlH@|>5Y%*`V+FV$%!VDF-b0Jl;$aFiC1MUalakWAb
zTrA$0AG<B(_<2Aqf5MVY_Uf;_RND%4=62jYJ;&GaUBQv$Y%f5vcJcu^F3{goXLomE
zs?m}68@s@*;le}(`<*St{ZZy$)GL;t+`C&%SJax$lEBE|7!M2=OV3k5*?|P@&2t2+
z()JrZ)-!<TU_foSK8r!EpmvTn2zpqMGNQ87i|wDd50rXyVgPmjDym%^kPkn(hP{rq
zQVa>o8PnbvdaDW~BbJIehl=)o1mI<DP2StPe!_XxXZdcn>tFeIgWPaJ83_`g0&6YZ
zDaKQP@?vLoOn@mIOs~{08fCz8v99@X2_H9ki(E@d9N{#pdrEFylY`nRe_JDYU(3%3
z?z>0<Bue$oo-}NVLIV{ULRr+xGGirRPe3TOTskHrXi)dcIn~(OR-fuwS1w?wAwRkJ
zln@!YP<DqY{SWy4JZtwBOLyb~DO0e*YYCK!LI^;|8{ewYMB)r-Yq58Y^<>pW$BAJ!
zwe^d#vZ|JQBI8G14_ci&a|q+P?sQtz&&QN5Q~lT2i)t?^#X6}xS2XC2%n1r>4*^AS
z7|p2c)mjYp>)+ID&aBNKSSd3@ImQ?J8`APm(*gLW%9Q%Y1vqn!e2>v+x4EYUG6@%a
zr%U6j@S6jt+aDThqhn#j;i|QcEcdz`pc73&Sd}S%IyQsCc<b`Rnyov!#I0%a3%K|=
zbpef=tkkVvG!@};RYkupEsRFPmfLQ6)G15N@O{5$e4l9E0e=zH+O0m^)HU@)*<O~u
zUOi_ZO}X;)@)~xj@r2l&GI@n7`26_1ZlLqs-1LU!YS)By0=ht?8gY%3OJDBnY;N>}
zd8W;ky$7&pWe$w>uZCd#iozngNAGV&)9iZsXl@!KPsiHaL2KlioJ!5uABZ+hV!}tr
zHQKJ#_#Bd>em}3(m>KM_UbDaJI7-Z`bW0&Au-08Ghqt*E<QHYH>uu1Ts<Ee=E$HZR
z&$Iv_&xW32dQyM#Sg{rIXr+qPl?N%_ZtTP-ZW{CJ{{#hNV)Z$-YDqwFh0^(TS!DQJ
z=3S*X@VnuxqJUt>U<ho{W*lsn^iH*<XMf<_<K{s@%l#0kWCcZ}Pj+oNg8TFL1fDk(
z8#e{iSND4%W{(@@$<7D3)6x~+AGZCHlhcRx*U!6Tlh-)!yfT064QGs}zSXp8N>e#3
zSZ$pzehfz}o12_PAcY_AWjf+?cDymxa1NR{U|;5$&AW5H%#D_<E=TGTg_Md$yj;|K
zT#gasu`|N(7v^3ta3?=w&OVm&_X=dKid1y&2g69z|1w`4-%+)u(;uMZE{D$jg3n<0
zf}OPokNk-461d8exPabmY>6d7q(Z;Lwuf}Kj?u2uYlCK~mVGfxwsQ-u_d~fnn;#ch
zWE(pFG}<yuuGvGI-&X8am`~!*9$`K{J$$Fe)DYRPQ7wD6paJ5bx=FT#VNqv_WRwHJ
z<ngwq7Z<8Zi$hs5o1zpi4e54nv~P2(*JY$HX59a;9sBidlXlu9jpguc+ZwOfpjqK8
zjMrWSqSOEK>$G1o=+0`Uv5if(Jf^z1yufjfRsEtxRA9zHzLzLKZYlBPk^(nkyct>n
zzpyaNZBwU5gT0B~;pD8AV+5Y{7*wGD+TGs2e><ubvP&Z`v65NM-W|WQn+^HqdcptT
zESOCzs(;#od9hitt?0OL5jl12XuC@$y2m!JZ=_LDQEMQHgEv-5xSWqb%S&1|Tb9D+
zEkN%HiaN%O&W=B12%K-@G-es)u9rKIKR%ixJBsdc26yS4t5=XTa=Vv4C~3jWNbXF9
zJuSbx>bht_pD#%k?Ty7qH15yi_4;zR%ObC*O4PhM>XYR<#pLDV&SjB$gYs;&s*y^2
zl+oY(jOu0Rh~l*e%v~)M30W*Hh>m8i%zi~4*CkO(U>pmCI?<o{n;9`u#N{Q)u<Kix
z1R=b8I6M{!gPj3VL$w60!kC$Eh9c4_C8k3J9a9L&lNWl$y)5B?3OQ}>-P8wcl6|YW
zWfrtY(;R{JV%RPcP?q0P#G<j3DvJv2(t}n-s@$w$xQ@0DQE=(gKHt0ce)wyrAB0Ge
zF5G`AC}uORc0U;eE@SbRL1L&-V(O26VRJqHwH@)BlU94r?U28N6@CtKIA8+xAAj)N
zc$`aeEY}f8Jk~<Qr0Tt{DJ=;ZbA=av#<vz)6&!}lHrq;ok-1Tg^0@e;Wqcqx1_4*8
zark0z?py*E>hW%ZjDPwIdj_jhS6?j$(_9Tfdmmm3=C9dqe``Z0($jUKc8gLS5RpoD
zfIZ9;P<=SqblvIijF~PCz>+$TB-EOWVaeD_hA%yKJ=xb_APqi>%x}AyGv|ED^XKq#
zrCaB+ZJ_i3Zhm|a-@Qd^IPAicO4d)y$Oluci(0J^YvBEyX@0O~jOy_FeBJ&TvrhIS
z>L}Q<=8)FF1@80hl{3MrJtV^u)Q7jMHnKiEA=fxE+q&^vHV)p+(YrGp%SP%g%{wH&
zd*0OBGQCj;UHt3ERLJv$wvCY};*l*o2VcOh@ER<an7cd2^m|m%kuBf2W0~d^^=c|-
z1p6m8xFfVvd=uVFjSJUp<~vf9x5c5~<!6BGy2qS_s#N`EkSG}8+R#lS-l2086~KMS
zrQ-R+21>)$>D-iL)L4)J%Au;(jt-9+uP<bH(>RQ!kEHTFJu$;0BJNDjinaU~mE0E#
zE8anNaVi<xDWVm3K8&;lOSo~zK!osR4zUv&Pcl7vCgygnAdUSezdU5(SH&PpCSL`~
zKtex*tL;GU+AQMkMy5pekY``2DBU&%=BQ*RmVXZEpAaT%&VgR}N7|d1(xwh?I2;b;
z8o_&g_6?5a+CUtv#o0La2y<#|fdsC;okiT;{6Sp8q(z`Og&ZAU>(kYx_g-`|$C2ZM
zbF-@o#&BJAA#=oL32#|+zdYW4BuQel=ZWdtR>`)5eg9H>J&-aHEVnik<&twkbCUA6
z`x3HMTLTZ78d52D+5}IAx6eva=%yBP%$L%L;!jT}f=jL7rCi}PCUVLu55$G9wOr=p
zu4%#G`VgBComag+VBqAwr;)f+8oDpM&)RuQefE98e&nw66<z#@8%A+`ilvWIf2RDW
zbw;63D`cCga8bAXY#<#`QsrAg3InTxu6mYDIUb}6rho)yXu7uVe6`U6w-Dq2Be{Pk
zhlS+sCRz_dx`Yikft?unVj3dNfzLJ^Ht$i^X-T27<^%wa=eTP@*E$O<FPr)l&@%TA
zEM?$AeNV_$dj_9v(^wttD=GP@-b2eeJK7|Nw|~6A-_nHJz&AtxzGhP(ba{@zT>s^B
zUA0QUP~Fgy4o2E<zG)QWc6cX*a-XUvx3Wly^L3{h<S0kN7OE1kO%4VEhMaK_1<lC=
z`$0NV^?q-b`{iuixi{@uKyxiLTy<xlOWFqZ$RQ~^KGKpdMp|kom&_mQ%=B46-J~Sf
z6N)(^%Yjl)kUKE64290l%`>c?+0i%jWD(DYp0hs6%8tc7NbPv6haK9F>Y$WaK@>)f
z7FgRt<0%EHZdM>MA%Dk3;)h;`8FAEM$%#Nu5-?GZTSowm9qi8cPfJrf`#o$IQ6oPt
zpc{qXIYZgj$|NSqmn~cX+~$pcKIIr5sjB)k3=_@GvG$pUOLuM6V|2IBSlR48&ex*n
z(o9!*qzY^Mj<<-Ss!~HZHt{oJqLDs(j$gIpzH{RM<0FvE3qCcs<SVUduK>YH>VDB~
zbw-LFs%?$EC%m*e-rbnx<_01AavI{96Y_Vu<6K=c*|1did-Hxb`}nHz&B3Yo5RNAj
zPrKD`HY;c-nT66H&U=NNjOSF$X&b@W$*)>72U&Mz;!hVz8LW(f9nD6}RIP!krR0#3
z7rkHZCY9UYZ8WX1IA69T#iMQb+v7s#Dvx!kp5EKg3zhEE%gS7v9qA^wn{RKZC}L1H
zj%Pc{(i6t_7omCmsY$OdrHpwIyASGKLtEI72>a`hb#0VyMp)H**e&sKzgP#z6=UPi
z!XWQFwn0#-R{C7``E9b1zPRL?%~#0YFGOzA$|*fx6uC=|C*~jD{K8)g^yQEvYBKJQ
z4zfQ;qOJxw%+Y1(PyQ~9Xj5X&7oSV)uWV`z5A_g5&U<M}Gs@TJBe<`yeRVpEKuiQ1
z84c}s7&8i7pel8_jbDBW))<xccEjx#Wkv>bi+674o>7Appwoa8l4wbR2G7$Wkn;N0
zP|@N);<##xlNsfD`d!P*oERh4yPt{&T{=b*#BI7%n4sc_#`R@ASps__+$#fT%=4Mb
zi~(RjNyU@JIUMB2d#S}GVlUWye(bDDYs=c~9~0SZwEt&y$LYbURH!kYcDpY6ZuCm$
zWHmKg7AN+YRoY_d?GD44ZJmT9)`Eriw?vK7cuv1`ZLu9qwC`}hLgyrpQF-oD&!+8Y
zeC|W}SG^d|X@a1Hr#@~sB#X_cWGva0V|@rU6@<uCoh3IzAx#h0otc-{tijDXDl*K7
zSnIafTUhXhTc-5jy`jO?4=cv0901+hS#2_X+qYDssqxBM+jSb1R$DAfefO{4&mvw%
z^l-J|ac6uj&R@uSfABw%eyNBY9orSMOXI?}O*EK!Mn5($>hWvui=;eCo<u_&?=ga0
zy5;h_Ba}ShN*XpzMZ$Lc&@gUoCwMKeaWjHW*5tPx8eH>xb_}|{;ShZfmO^7Fo>SMS
zMaFQUC@<4H)-zhoMF*R}^zKY|cCgxUvCA6;w?sVeh~CR>Kgf*9^k$<PIXYHg*d&hQ
zR#uS_QgWcEhMG$oosyUv7};~oBiNsMwMbVQ_q|JZ8X`o9L3Rrm>?7T!uE|W2lH|4>
z19CU-ji%2GBp5HnH|DQ+ZisKjRB~r={GdG5Tb1|UP6NSfK=O3TN|Uz{D2>vo19mR@
z%$b6yTu0G3gO9K7(Gh!Ai8d{_gylSdnT5!9Ad7xRBLVceW;l7ci<hf<Qnjx|Qy1LW
z!Bg{eBe8p(q54u>NAiP+9*25|!^|XtSY$QPAph}1II}GdbUp&k`>#Q8I7;hjNI!>3
z@k-yp{;5e(b7K80d_zto<E5UoBz?Uj6{Gp8Y9pP{a$IzrAs)s{#y7$Kc%_M>4yz1x
z`pijcTnTICfO7G}>fX8F+h7!(^D@2rlJq380@@sP`U21G{G60)LuJ~!)y(7$D=K#m
zp=kH-g-TRT^e^!GHXWZy*)%>m#Iv_?dO4GmThj1sO>b#*ar=e4PD!#q<r_<5#vQ$c
zv^oB+`2h8;Ax;4l?)dK`G1a8s0F)I9GcoF_t1{y5!hSCM^vr>v8tfidzE#KyWgiZ1
zuxH^fS4s`%mRat3G5e`K$QtZvHF@tSyHF+b(v4c6WHNY0qYY;4FE|`eTtnj1UGyH|
zJbTd)u_mc@>?mAz*DaKT>$3|}jAP75_3_ZpPqRRajVfQN%yRwf1tXzFM#LE;g>p@S
z`jzzXL0C=$oY(&1;<q>)$zh2U+P{>Q$5+OHJ9H{{=9-29-hM^UVMleivdO)Xyf$kL
z-(=|Gwb_xWJfznmW0c3dI#T0Jc`hg^=WpIMsrmQ!4nlfcD~$t4>?QvhJpBrMKS{H7
zZz&TlniKaT=z50x>i*%^PYOPq)1Q`WDkuadlo)+nc@a+Hk=!XF2l^p1B&XaELwPe<
zOyHYlD48{07O=^RY&C_N`q>DF{5|MDY_NAx>=45z#))O)GZ%r#rKnd(bHZLBXkS!B
zfyGB8aT3Yfw^5-hJwez-{yohagmB4T$(AS&$Qa!EzNvdEr@*o<7L(<KaZf<PH4|&&
zxg5+HDcWrTKjpmlvw*wFkNC8N?09|1FRF0|=L+=YNBI;&4jXoF`sJYOlGPp*pf+|d
z;@h?4d4N8NlTmHIKx3N)<;XQ!R&pCm(v7^ArB|f4gm<z!k4t<{cHwRMXd!J`Do{q8
zVO)%!Ow=l}bFv9Cyx;%*FTR2-GBPnQCxWmvdVpH$w4|4uhcF|o%y<(hNZY}eJaYv2
z%j=E+E%{HZ9%x!9!5lt=<^{D3d^=YU=Yu-=CTmP@YPPp?w|G~B>P9hg^bydNFVws4
zhg-Bb&FKCz<Lp{*r+BW8w$P%_>!ege`IkB@_oqhDAp@f5?2`3NN#px@5K)TmIN9~t
z$yHSGjGdt8Lq4jDq4kYZrVR*J&8%$~O93QoV5y3QgxG_$QfIjrRbSm!;I!xzWo3~A
zO*kX1MArT*S?yZV-mklo&unUJ3mGU_ZoBfZ&qFn?`*Ed9bq-`MVX3<nlic~&`57*u
zquUHROnRS*%E%ba6c?=yH4R6rK8^rUFyM$<`P&>GwrtjqYL$~sEHL)%)Yq0B=*V;w
zia*TF5LQ#Epe`FJZ|k;Kf)dFibIM+6L|E%UyE}+%Yp`9A11Per(PdyaDYq`*KYX$*
z?Hu!vV4iV<Dd5~ERHD(Ibh6|SKZ(V#cl7o!f*n&zLq(EoJvE8y7v1?1>hEbOeaoMz
z92ikJGE9v4*g!p<vs52m)-_*U?2I6C(xj-xg{LjOY6z$#n`J5miKXtC<gX4W;nKFs
zxq-r$+-R}$VN`1pyRwf*L!((97xh&fX+(Oh#a3rNJ^U#!Bsq0V%+p3ryY?&9OE@Zs
zbeJVrp)xKa96LX7EP-_m$-|G$wBFk!yk7-IxjSQca&9ARWyz1=pDqtz7w_#-S08xt
z(YsunE<ooR_kDK>b#$W{8r-d!?5~0ra9DMt>g~Ygv(6gk!dR2CgrEXemnax-CQ4?C
z0vRetDuf+&>;xJLsFd-@nPpynerP&5ILOA`I_3qWNOzGNwduNw2ShhcDM|$6PhlS1
zD1>la{nh(P_fb4<FoHhs2;Qa-1|_Q!!r~$przF;yf9C?M`%hH5^Zf_L6|yTs1%R?&
zPg+N{AZeQ}c@mQ8x~P-ifQ9lbm^>G-piezYIP6LFva#N>_Cv}D+o`uvg2!sd8PVlc
z7MBlr<uTh{KG_ZK$eJqbnrO0sT}9gqeqHuhj$l2fEL+_;yguA8lD7=$BR~ljq7;}P
zft?Fb^mFY;CSJV0ew#ltjlwNj2G*Z%?M5jhNMG`+7QmiUw1X(g)j$nPZjAO2pB6!%
zngEahv5-tFe;oNkRC*#vihVK!ZI!5!CJR#F?s6-l{YuzuU%NsEMX^s6Ac~sgpfHwr
z61mI|t{(21>ki>`Rp7mqX^%$ov@<Obu?}gC#i^z}Nf;u~f${dw2KIhwH}rm}G9JTu
z7*O%2<fh@y{n4Q|RHLXB1Zx;v+oihbvOU{B!i<Rjs*d$hSnZTt6Zb7z<&c*kjFIKg
z7N@vomKivk$9d<wD9AF&g;5O2o2xQ96ELN}>M8IS*6N~_qL%ZGUPx)R;0cS-f!-)E
zQ>Bcaq)d2TLi!6BgJLOB=>;c9%4(56(0EAqg$U?nC0*z3*^RI%+pqT*?yNQ>pO2pl
zZ&nIKOuT5$t>Ww*7;QVVRV6u`G*s%!Yc857&JU4&QQCMC-X4?{vN;(nR|Cg(<Yu_s
zpG_9X%~o@Q8<iHup6uObMi<9oz`~cN5xJ^5R8E}|s5JzQjo@4ITj*5FT-rqg8ZV8E
zC6OROrwGs1J3>dsTcw_GeS-R}2Cc;ZPC1%BQ+6<4Kd3EGc_gA`yive^97}WF4ehqQ
zO?+=)a=?D5{r-)gWTqie(cbuKY!i388v=LB_v=$_thG1WPV#ZN?wt}HQtP}t`qr6h
zy`3Llul?xopUz!o@0p{`bh7K4M_kkvS}@#Bs>r;^u;liqW>W97U?d^?Fs@klw*B?G
z{Y{f;724-D#K+=0^dxrC9vW+N1^YmSB7)NZ+{Nv)>$)8ZK8eXbM0+|i`#g>OQj2vE
zTnj8mA{O=f#QWqYP}?$1{MpAYY_=VJ8_-~>Ho0)}m5F_62EGr!cV-V^dnq1eFFfcp
zfyok(HPclRWkh=}PgAJr4agsMLgpjsINP1MI(#(jd7{7Y-mP3iSRHN7eccVcFnT7b
zJtqBtQ<lONRkK6bEtJsf&eYz`*krO_IL;-7R5K|u?TVJ4*t(${OJIa*IrX?Yer<ct
zh;56bd`Z~bcEo;<l(htLyTkLbzQ}EBVeEQR2miaj);U-j#ceF9yLQ9ja?s&k%wzez
zFb>?bOk?ErvTgjrs?dHFqumDNT1Q&w{`xxjD@w8bhhx{RsVMCeq_i<0<c4_mng8fo
zv+Z+=;_N5#Osg|oLD2Y^Mm5@IR<*(M`41>?y9YLuHI948i=XFvcXTLwEl6h@NWUw+
z!PY^wcZf=YIJ|!*N}lw-S8@(nbCf1A=D>F>QKNca;o?~{(>)Ii$Nj)ritqqvFoy;{
zcJ^p?p6~gI5*{6dSG!(AwB27Dg^_FyRmI>NMatg0B?+N&vBd8a;I)H045BRerm>l4
zIsA0xUYy1w8jm2!^@(dqOnR6+tcs!lbU1=px7Yr43+F}1DgyZB7usKk<a0jEajmIx
zgjVy5K~9ZqwEQ3@9F$qJB$A&{>sqJb8Cl;hkHF#b@euY)k3UD2LKm}jV>8xb3~0^t
zirL)IoP6Geh|XcIal2S;>yR_Pi;pFhw9i%D*^9r=zsmI9AMWIe^!oVekxfOJ&XlUD
z3(<|#F^lTa4MPvQn#ADFEO?;l65~#r<^F57v(2~umv)A3pXo+N(jnd}2g5-{0UTN}
zH$<onv?Re0DQ=H*MW=5q#GWn-na+{JT-i>hw_8$iI60)b6(@7NN?V}Kn1BAFfm@;X
zdMUeKPK<&ZIM1gcUd@PH$Hnr0BqI=X{CI|b9=;T4N%xw)c<fZLu&PN$U*8=4O5}<%
z|7`(@m8qU>wtx&JSEj);*K4YZ*?{CW_4RU^(CLdyg>-ria4u-?54PqUe3iu+-vcyy
zpciVhN6U30#UAKfv9Z{cUczd5yc6PnH8z3d?~Ywh6!)?tFowGf<(CIR37-W{x;mI^
zwk`&D&dw-8m76SS;;yBC)phho%pUe$9=)^-CwCWbzOyBCg>!x$sB<<Q;Ya`&x?_Aj
z3Z)T1AV^cfW2O`BQ<;Xs<&Cd;dZDMrjLtCHlkFU>6_6z+7=<*SxRgFD$)!KNkPMAA
zg?YVjwFaxH!viCFv>c?JXe)~Yc-!GNjTd4W0!qDYv5G4@M_%Re43&QS>fOt+-?XlI
zU0}eBotR;iEYqVqj|0y_xhB*<UH%GQ5JA00>Fyk(GEXkqRB^5w3|>BZ>gG4-s?eIx
zkGa3|Z+Iy7>ovqOY;k(Mq%)A(s87Wq2W33!Titd}@DzG>?RvZ5#SZ(GuKuhzW%>mM
zmO2`aG>YI(oND9Z!D@L>kuV#n5TxnEAU4BT(Ef@FKb{F56dL#Tp>bE6n#9`lEfKPd
zce`q|Nl<hr-t_WjhyONIUq^h{_(_mww<pwJ)IJ#>x8I<8_nx&nCGwt*Nx#0K=HR?B
znN7aipeAO<lXlVb6LExLP1w7N2`d>CV88o#^89*AW3#CTpWF|M!Kq7sP_QUd29QxG
z>-Y}%d`fJ((b8Yxpt&AY)v0kCy7a_+&PA?*!0_6RYT`P!)Jo=#6-H|ZE}IejWk@g=
zhUKk&KJp&8e_M&~ADunCTJmI=MnQ2_lBRx|hG%tGk#19hl^G__9CBP#ylq4?x=!5m
zmasFTBNUF%ubUZocxO?Qt!CqFI$!8r%uBIpZg+vZ>tl}AU=1LXAGmEiuDmG(@(yS?
za=f=>x&%=6K{7a~HPY;dzFO}e&kt+Z&0C`@Pp4;%^8LolF&d@U@_e)XcxzQ^x|O0n
zN`wl9Q<8EIIXqyb-#*}AE#!n~RqdV14dB=%I$Z6%P{a|GW#U}+WMycbT;xLe2j)Qn
zV%Qr5E9CalDRW@(r;c#ohKeBLnQ^SA;0I9GAFjRhMp^Nz+CaoM<tWkk@Pr%gCEr9d
zUitGkA#Qeief)w9Np*m4NlI1onhO_o83doSze}Ef!T~DZHYqqJYA{yjByha!9J&_K
zp@DH4c|k<#Mvv`kh4uU%wyv-IhkSby@W=T$unvnk#=~mtl>!3^Aq6YNL^<7ns97ey
z!mLK630P3T%$^G=)5@oxIp{ca4SS~&u#f;);gfavQ_Ft+;?eX4ror5)BpnQZuk^4h
zIr|u7BF)mVFfoT*Xinf+x5v-3Dcej&O%iT8yZo^{vh6viVyq7cA%;P&1#4W4S~TUb
z$TZ-Onx0<!qwkK6gX9#2SIH)3DG$-11F(WdpLR0CRI7TKx%QR{|K2O|%hbG}m`Q-h
zD$C3W8<&Q=ardv|S*P%LKo1>^!k80_S0_X&IF6*d3Gh`!$`Ow=m*tMN{NDYixz~3u
z79$i|n4Rcf<Kt8g0z2qoVe=Q=cvm`HWhZlgqJ&M%tqRHs`Fdog%A7ntzDb?_FUH<7
zs;;Gp7EMBeyE`GcyIXK~ciFga+)0AFySoOL;O_1Y!FA)VZ|BH;=ey(mct04xSZl1V
zuCA`G?w&QP{m$PoI=D_rdE+}@bog5_wN-|Bal&3ASRIeR(=$aZKMgY)1X((fEdv)f
zXg3?D*@d_&DCm0vUADPELDp3<M`gGSCIWPXw4N}5-|JYdXDxcNvi{vbc-21ZD`aT5
zs+8G^W8~xP`lbK{GkAheVQUc+XIwjc9d`ViE~%-hhvA3Crab%|P<*o@8duRf&PGa3
z+}g($k*P2rpEd5FUP7?xWN-Y@DX5+V-~#3H^AZXR)p7$vS*RjNgRFJVJA@R`b?C85
zA2;kYjr@<3uSRvBPh!T>-_m&QUva#l7ZFcQDh9Y0>yPM8TMvCoq1HS7?sUW=o8$KF
z?&+iIGe_d&b>vI-2cdi;opZ5&I<uYFs16Ow_5la?hYqZFYD=}!OFreh(^4LY2+7W>
zEX-hr<fVe{m8T_cmzhdn#dxIvAlv10<m=K|PziDA<IpgY(Oe$uf~xYysvH=~!PEM2
zM(JWn_8<qh;lySDZIs;REgd1l-V?39{-!PnfE@}G#2}#+ij?N=D;^<d*`R{rP!PL0
zT~hh8pnxRO)G;nKCUC+whOha*St487d-_N|cT7%x3Rdx|D?MIy6mlkmpRK=*l`AA0
zo62Nn=#`M`V17D$_cX_J&6qXj9{ASs<Q@2WLSKQu0Z~*JjwSS*<mKH}DQG@n`RXuI
zKkA~_pLKfA&lfi;uDV9SeRO|5MRak6gWKV;0~`m<cVBDM@1NG2Jl}TdGgp(|7>N6A
zhj5&4>f7!&SfKb^?(=Zfs#9Zr`rLJ@>H9mBXP<eKBMP`Z2yf(!=YHHr;lA7EJnJGh
z#fD|lGroUBLq0>XAl_<ABERO&LS(VcnfEJX|LvLi=i$b7Wu=}UV2n1?<H%(G#GDvE
zDq7-fU{0VdU<8V^)@=TaYx}fG=5;P^m7NJGoHIfji^cm$W&PRU6CDf&3E@DZCoGol
zzS1~%ef&3BvgPXZjjSify_+Wgv=-3r+>-Qtxh2O>DNHk6XS4-9&L6D%A&pm9|JjQ{
zUyR+@CGAs{{unVc(P&Cgj+}~6q7H4>3S5^1lRdFETATHk5lt<5lNQDAZ$(e4Lth9G
z3u@1>v)d{i`iT10M4>zisdEH8^Fv(la)b@*I-8T>Tnik_I3)58uQjF=w^=i92i=j3
znC&OaV!V@i@1c54ep4`zTx&@I2ve@oPz~m&GQa(x#rJ}vgx_giw$)}vxL2UcL`~lu
z5@RyNTHzhlA@GWRXJPw#A6F{@xfSEmP?<G!9mskqmM&>)$WZQ?c;35)R7Gy{W#RSF
z>9U-ze6cQU=f(5O0n_sGa&z<hcT>x%&oAv8=g*0s_w~;K{qWSJ?T&0`t*^{T&!_yk
znJrBY8tmC<RyNrVn>=3m*CyR;jj<)RX7jban-AizGNxI~6{ieOkpIPT_cjixFDI!A
zt-rO3v<4(p^7V$%l!ibKHys6D9pE^5ZL>#V3I)G~f1I)>aR$i^&wSvF;*goCx^Hzu
z<*s)7Aj%S_41{rg&5AR7y?~8cXHQxf2?U<*sx!K4AU(UxFuf9}N*r+|cLlr|FQ@O$
zrZ2%o&52o`;qFyf<(r>ShQ3g<(d;uj>#_M&KG1CtZ9oJ`g7HOSB`f`)+WqQHo;;kR
z_vU6+X=!2f&nW7dT9Ffwo{6oUnQIx>{Jy+-Vk*(bf$hSm2i#6J>Gs9g+Wa0N9En;@
zzsFbZ4|`7+RX^pmaugIS`B!$NEa+$USYRZ@!XhsKi!I<=9wEt{uW}B&ha5Q=&xVUM
zs+vP-9*aJ+{ZAI-1&A2WA=8*u8P$*BmH4m-=U&Nia17oc!4jNH`-Uv4sDKJ%R4uZg
zcQ}A=VsOA+Jlq}>i!O6ZDm9=tTqzagFdxg+`urUBeDjuAeb3Wq|CF#jXixA$qUekT
zJSu5Re(mK|JLS*%P&pi_3Re<t>bMzw`b#!LMXdtxQZr|5@q$Cd*Wl}GpK+UNGuwce
z-ApI43V}?~=E)Fvdl)fMkz?>%njyEGx3kWSsJpV>@ih7SPQhc9Hmih4RI)6e6_zb&
zJb!QqL`^k_MpX?RL0*fB1d5!+caFJXPG71NtBUjd4sR$LpM&~a>6XOE7mCzupc#S9
zx3i57g8$Ai;&x)vd%hvc(umpI%L+?+@R4U$o}p_&49L##ED^-oCk>q%Id%0pGuvju
zR!9yiWoR8jUyTh;Qj-i`dMvN*&A^l&NP*OP|5+Z(W&2H*n)@***Qn?|UeU?-)@P4?
ztt)@^-N=5W@K|NGzAdULpGfh~2$8B};J%)Wd*OCfQkhotdXtaL1@dn)8nPtPiPzg%
z*vL^I9q$p)BB5ujYt|zHOO`Y^G*oxIdB_{OBYaSirx-&}yv|3Dr9Cpl7$%R4m<@Nz
zmDWB8J`rg8vFB_g;KY?0ScrEJLm9&0JM~{@EtLL|^iM7$5S3{Y5nVyecDJODsMcrS
zKK4pi95jPxwbE0=B^{ifq@0MyxrGgzx+LcyXE*+9FR1)}2a8r;N%A=VOC&yw!N}o6
zNgFROlPmG@h{HpEO~&Pr-w@)WVmu?bT%PdNwD+X>c*P)?R8@11HP`tab*d#8)CWE?
zsW(O!Xl@bMx7F&!o8TXE^lb^M+S+Uwfg%Kw!pTL!6gV(AZ*p>VzM6B!1S{yz`1hy<
zPB<SZVJyLZ{qNT2Ra_#@036#<V3aY0p%i6=c@6~eK14MxYT$h_#D;1ovRWGodh<$8
z+84p*Kjf8CR&{F2ycwY`u?w-cFaALY%I;BM<N;|!I`WUjj{go3uD11xvN)qNu1u8_
z-T2aq`Ds*+xfw$ld!=)A7tcKOyD76Fv&DhUjS5FV@Zmt1p7YiPWp(oRxy^#?GtP?k
zhkcoGJHT-u9jkaGewNUgvXuSosM+3ShEwky=)Ls;t2*6w4_S*O1CB)I-QWVuf5Xyy
z{m&SGCZ`-dIfW<*!_FR!!1nt7Yp?vmgdw;T1o}taUai|Im%a~}^y|V=VLro1<1_;Z
zy}2!JZ(UFtB@csVszQQ+NNw&=()^h{p&|^n*vg^XoJGniXcpf6jGZ^Mm94YGRWp@^
zv=bd?LsW1$1wF~ErntWDw|YJ^b#b*~*S)KCDekq2zlj__C1ognKTZ~pRBi+!R?0nL
ziyuOJm@Y2XJCKj0d7;Zv_uB<T_VjC0;XA_Yk7*A%-fhVJx|EUoN%^H3fMGY`mO-{`
z?&EVP@xwHDpuPK;?!V_bTlt^6z-iOLap6Du;`&OGo<j{9qmnO<;MaW*nU=Y?i&Oos
z*L!|#jb}0XsC;T#uOM<PrAph}hc{grvAdiX*hh{0zLp}g-dX*;^++XifX3?s2QS)(
zaxh+k26;J6L)?s1`FW&-Fgc8_glB)l3F&l}!u|B6=ocXIQ{0lI?FKOXOf`7nLv!h-
zy(h5LG#=tpC$(u=$n6@9yUCt7b}5XR68Q^5a|+Ek)j*zL(Nf69ewXPfcNX7b*ocn{
z#jE=3kd+;O*J=rj!Wue!TJKMetbydrp{IGnZXD>})dW*+T1?xwPtZ%F(;u|{Yp?Al
z@d$YA*oTLQ`ggowm86THi+1fg<do{~N4|&j;1%+8gd5921Vc1M*#M62=bpNYqsxYX
z?J30NRBiL)VB`e^m9Zad+ho6;4f!47e&@**pxIOcT$S<l9gsVEyn64@{8zNit!>Hh
zXB1h%GYP3<AVgD{@%keuV$R<_4*k4}VL%idcH3BHlc5vm_zf8ipn)aUR$!8FVpmpO
z2;|}NBQ;YGw!!9}QeZ)l{V8&rF|v7scFxHN(hf2dF<;k~Z=w6@(&=;VLB?%STuQPh
zN6t3nKI_x_Kkigc5A`ov2E&c;-|GL>fIsrnkp9X4IHNz0w@4}en8g3SDU`nRmz(<U
zEcs(L=^y`R5&P>gFgEW0Zs^Zka`;P(|NU^Uq}-4H&H4Y+F6WTs|3}t71=q|1-}^rT
zjxfXf-QK#u_uMxZefig#y@-=W0!pPo5r0~E<@wvGPD2Ov&}!8|gBdbYcEpqaX*}4j
z(2Y0J5E~wk9lmAl)mdKrPiNmqb}IM&2ufXA8XFhqw*q?o&*$-#wYBkhTu+~yi~e*n
z_>Jjrt(JgUGkZ2WO>4c^lu`Z&|EG;esu+oEi{%AAgg^g3N5vqJgMX(x8UMco2OGwh
zo@IaDZAVo4i~S&<v_s^-0h2#6lw{xk|8c1E_`_hK6stDzuMmGp(kuAS*Nw3Iec7+s
zoVs(=mU+G$==WK``<aX5+2laO43++416#h`zR#}efAtR#{bvk&8^y}=VluQF6=pE`
zsO#9Sk>|2(@+|G(s!8;cg6ovqu2^o_0}re>Mm&9+QnJ=A@YA&4Ubx7*$7tPN*=--k
zl&zm(BkzbzNDr)+M;eyZwgzO|5Kv>-Z%>PJ*l@*P!~a&;U$TM`knqz-n&4I?4>jcF
z8q2e~>`vWK&mMfYZmC|*wGzBHrYx42!&W-(kbhz%Iqvf%DI4r|-W`D<3K@<3;cr`>
zzh19-c_l6KQ(iPw{e17<+X%}e+m@K#ts8fT_`bQl;XqbLn!2b~?7gUGZR$R0^1Afk
z<a^KtMM;TRRIHC5$?NT>VBvBdXX0_?u|kXhBdPz9>@THmb%_6EtsA(nCq~Tpn0s_O
z!rLhYZsqLgof5qzx{bkP2t3u+dfj`vSV{`!#~zBU8GL{EWBC)#j6YpG%wW6s+2O!s
zdyNmZlR_W{wrzAys>_Qk)$c*9yZaKtVbL4!F6%N{(DvuVvBBrcYTy3`X^v`hW(7#A
zRh8v10Ja}FfRg`=??nP5ykBG_;)x4SX({3DjX7&*pOK(q`wxBmzlO8@%ijiih;LU(
zN;Vlm%%_}k*Tu}vAxFMqBdYuv#m)#6T7O`HvzY2yUFd*Rgt-HNypF_lv0eH~$&uAv
z{@JwWt9<X|)MQ<S{>hC9{MzIs>m(X?v*EYg>{2khCO#9#OBGZ9YvNGgdwit}E9`^7
z$ckfK{S{YURn_K8Q(+21`E2t-;c>(4fo)w!mJ%oj3*o4^NetGwz#rc$T*q>btEfv0
za|!pOP(1Q8Y-mg`4GSWe%re8+E^%oX5j*<De%$g|B|qFUTSLfg>VV^Fy(oNalFff6
z#nuXCj6{_|*9R$SX-QdGQB_qZ-J<I1m<T)$X18+#nL@yuyXx)TAM{A?g5ci+N0=Hl
z{oRDqv}2%VEFygPHroRBVoyq~B1(bx-f4Pa)OaA!rY?MhLX+*lyv%H*KVt_YoPy`z
z^ZHb;xctWONui*Q^Y$(}S8jQ_2aoasI`H<+L+R#J+pEeN4z%}Km_mP86zwU-dhXpM
zfY{}y{wU9kp4n!i7Q8FFpIBrURwzV}+Ut=M>)GCn{JL5HQ&v@84w|)(2Ru&@+yu6u
zU}(gB#lz~|q)K^S<+eDQR8@+~wK*RVzX#FTDgEZKHbdU5O}~W5((}5$n@3Dgn6DQM
zU!9oRn0MHMfX-;-qa3RlF&ceyc&$8Lw{y63p_a~diW`J$1X8rgk{Af;tm^VW@s~po
zum|)4ZQQcN4lcB6&hskFq4<yEYR7TXH9MaF2_|c^AEqjbj*AmkRmFhAq|L6cPY4YS
zt@I52%lv{AJKTc7-V0cxAW3y9okNhwP(~U*`Q9&aShd_n-gGe-<(mGg#_^cjG8Oe}
z`uwugyq&YcWGw}i+$TQ59G4NLdF%2o=ukZplfN7h;P$*auNR80ELhWG0AkUZi`_K7
zFAxl4m0u9E#TV<%sa-cb1kP*&_yH3;v&;->8{U}~SEa#Zh_{}R>^6I213m*bQDgaZ
zB}i!FslA;t2>}cO-5E%&qk;X<zt)mnZA@RgrL@qv-%T~ww_c44@n^mfW}QMqWDgu`
z@|h9hX^pwfLhij>$*(>gK#5F0IWG4qqI03mf^0uKq|+3do3<XV9VFs(77`SRrsNv9
z6iogkP5L%-sp`}TcDjGLOFOX5AFj9YsH&=trmzIbrm<fPQDjv)?#qF-hG_Nn7eewv
z_Mfnld%)@j-T*d{k#b|)kw(3y%@Lj7(SKMq3-$8G*r3vStDf(`?PsiwXBy?jqWNNT
zB(*1Op2yBs@8|is821gI*8X<pHO8?FP;u9B)5Q;;`!PrW6qfx2f@|%$-(0!?b<$3Q
zP3zSbjmoFM^N|%>1A|1kxnL&KLE6)YzKpsvyPNdjD(7|S=j|R$F+E=z0etoFnerU@
z)WPT_Uod)B#%wugch$+1-Vd^n+4B{)p-zsJOf%1L#(|ylYN!TeI@b(JSJ#51%c}Np
zjDL3Yh*@n9!cu1tCU9a~&~vAM@Iecy<vEyC)uEV<b>FCo@{Wk`d#kmB09Y9OSqZ^9
zyJuHYP52H0g&H-W+3LomTqM_LS+At1*p)5lr=WWCt0PUS%<PY9y$E)yS;2p7P?u6k
zJX9H7&(~WoFToJ-Xw(-%>TB9vdim5eCxLft84)X`7RT0r<7GDUA<^qmr0jQ402#oW
zZx>@+tXltK^$Rq2dGeSVuLa-X44>ReCIM?8ah(knkvC?+KF&T1<wDS$QNOiw^m5ye
z>Y{wZX>`WVD3vA;P|_hqh=9uj!uu1oQF1gjbyPkmSpz3I7Cg0z0{WwT^U1I2IrZf)
z<p|em>=mnDwK}HK^)QY1OUGvWa@?<qtV0W@JLC~DgMy4JqY5LWHR}pv`y)SMCgF7~
z1U!uB@NP%D%w}QjpW+#R&H?*297Penf3X06jB9IUY}206=|BMzi7<R%+i)^l5FVEm
z9N1hq%gg@t0_9(x{$5Q{6%A*%C>p2CWNDc?)z#L>CPM5??}78D%a4>bs=)(;wY{IS
zb2fmRVe;5!q|Xzc=@7W@a7`T{-@m<*55R_6_FG4wg*70b`p-Y|)sgX{@8@SzL!}YZ
zl;X4u^t`?fdgR9NsltqY`edwy^uknb;P^N+dNZ@ACF`lt7q=0_tRC!)*MMfb-aU=r
z@_0+1C*R>ft6H|SJ~^Jqb_{KHU8r7&P|J}9gQYX}D}Sx^ywmR2O+$;DWxrCXa0nW_
zIobF>Sij&G@Un)1fsyVw&V~B;hpTA|PgaW$93OEWdg+y!p<`G{$wM0V-5U>m!K7+g
z0vIzh3BZKG7Usiy?3q=W1ISeIT&k+a1U27Kc|(EOZPmc+w2Rj_%5NWryIgd|BW9f8
zN#uBAIG;TO<-R0xa*it~pl67PCkOl7b6<<3Ysi3^bdBcGX-~a|Lo-^Nx0L76Q;MDP
zfr5>re=-&W2NW~Bu{+F6pDOB(+OVW+Xtf(wY3P4_gA2rlCcDOj_9yjM5t29~&hdW-
z)8@(ux$=9xg>FQ&##pm~cIar@@@e!5OqQQS+FHol!Ejsexi`90TT5f{_LMFxRs4<f
z#<@Yox?g2VO3s2vDML*`b^0-4JJ8b+TeUhSfT(p0&i4_a<<=*TrxILM55(GX<@5MW
zj%gr^zo7>txAs?D`Df~Ea^WK~Gc$i<(eBqw{1YG&_cs0Qg4&JI%WvHt;Yahm7rfT9
z^kFR821CL+^WQaahK4#;ovaQ2=#w_DGn?u7{MsvkJaK*I1d$tC6U^+YSPekpBYrt2
zXuq`_<^Yl7Pj|f&ji9LHjO`qcu(ml86j%+C8~DC<QhfB8j4X_@=*JSSq@e|I&Wm(1
zM+d%{5_3xRlt{m69A;51VCq9+eXqhI4_eW~?{%d>BXaV#Z^YYX4l8SS_798^7*=Xk
zElYR$<Nx;PZ)ZDE`vwk;31=-ph}DfN*?i{6A6P$qv7yF^AvYqRKC%c62X{WW7FcR0
zUuMdK(+3gkv!}>k5n{IbbK^68x61)Gp2erO5Vk~SGed~eE-Zy;^Vd3o?ZMUsPVQ&E
z8ra+57I^sb6o_OU?1@^tw$T%Kv>sSgCU;y-mOH*g5Mr(w(W;;ZOP>O_JM+b{{@#+=
zMjyW;B~CTsbHp62#~Z@@VV{mb1yS{$A3&BGSEAuey_G{CE6g@i&e|WtlQOe))|lVx
zN|?8e+`-uc-E{8rr1Q7ZQtH-Q(rF`I|2BT1z)y`VsA-x!es<|ZwH+5j)II_acLpJK
zD*wY<*1O;7i}8%xEU2B9WunT@zYYS30+QGCAUfV-$`X?-_Xe}#0UT_?r5cf4o5{$*
zVPWvwr!gTJIjVpXLH>0@X+v9X6!B;HP#K17`P|_esf_o2QWDJGT4z@HIQzI+v=d%l
zofi0Lv6hjv<m>iqD{q(RQEyuVqg110fsCAv*vzzXCQyh!^UG5us56E$)aS0E7P9t}
z@c2nd`T{C*QsmSjXF7lcXiucs1YVy-dUxaEa?UT`!wqqj{G!cH{xW!)5ZVO9s+hvb
z7jIJdZtuzmr{|u`rAn<?!UTqBEPI8>bZmLm07i?l8UfuW%Iv(SzJD*ce;EQa@i>{u
zN`sA<gTtjJQE`xyi>jxabz9KgUBDs{??q5Y=m%hoX(1L@Q$?2FmU)6B<{K_|PE};C
zrMdnQsxbr~x|q5OE2tyOt_K<o@t86d2Q<QKv)`R#r8LK?B1*3A1*8o9F|sS9`sV8j
zf9}y%uG18Ia$<er@<g=~*h+As^M-P~vW3HL{BG%DoFvilR-w)4llD=|AU=Ca`%ptq
zWmnaP@Yo|#$+anqn}~0&tl&{2t+BE&uQ0_e+3h5Nzd^Trt`i!{ybR2Q(hQr*Yp4TE
zK~K8wb}&HG);2<{hhT(;;yo!_?Jfk>J9+eId_f&LUWr=A0cu3K)v|pcv>Z;VE#>-w
z;wLo}-0+@zO?Iwaw;Gbp>>~s$i+!pfl9O_yBg-z&?c^yOz@<N0cQI<cNs@ES>|Ey|
zb*ajMz|)2+T|d!ptUM!IF?w$pp`7L}n#B^C3rH_FEA@|#+lO2A7}(g@;0d^|>wG)@
zBF=lRd=~GjM42yHp6Y`b;TyG?zsTxhatRxD|3vS@+AS(My9D_O(t|R1VxI&XHjhXu
znXQZ<Y0bm*dkRXS<ARsZ(*hDuzA3<yftGWG$?N+^yyUkDarerm<dxG@F`xLCj^)uN
zt9_l<%SA^KxqBFn@H0{WU0?R;$_C+u9lt0qnY{wni-;VmeGd_#^lC?fXHyfCA)@hr
zjf1}tEOU$NS>oRZ5pR{Reg&Bb+^HV-1F3|2S%wE?RKF1pyz173jp|Z}5bI(L6vwMj
z=RPlbf6K7q->YxjuK^zib9)naZ+?z}Fg=euTkZetw2$KiKt8cFxLQUajdveE7&Ytv
zymMAqKNm(voeJIZu&T;RM5u&aSrkSeg(S>1<Idk?pbmkNwh%j6xo>~)8eoe3k=Lf~
z<|9y)Y>QW2@HWS)#_L5aKIFS2>p#l=J2(PINEasdw_SFOz1<EBj%ht^6WQ)kbqUkv
zewS_UZ$EaoR@bLhr<l@9Fd6dui6|jC)$I0A+~4F8W$(b7EbcI`sv+p_zvs@d_%&{P
zI6M&_<(+1FwI9UJ{CvCe%Uptd-jVmqD3wgpv3fW{$s$3bBaw*j_`!Q5Fw8c2K>fyk
ziJ-$!X0M4b26;=s5L-XcF86=sd&4s$c)n$YOjgD+_C3G0VL`+9va`ll26#Qc&Oz`l
zTmQCzJHM@Xm$%K9OIH*{`eJiKoArkB%CCNz_EeGMT6dHD`ATOXm3aA1wbsOjt*vd-
zkvCBo{Zrgr<Z(L1WR|?gpuF&nCA&&Li?F~#-v2pS`Aa{&Z%BU89RW8);G$Dy{#Rl*
zT{isUBvalenmkGMW0K*#mEj^mF1C;kQjo9X9_+OGvS!x4Vu*uVj$AUpMNP;KLzhO#
z;?rrEjNF6|`9!eZW+qg$nwy3J`vxXzi;NnL6Y`FOVzW53clfZ6hnB}*8W=+kf|XD9
ztq$&6QWtBy2(OZCa+<`+=<Pl$7iP+5v2swfAl?`tIb+Zy^Vp&A+`3nZn6X$MsfZ;Q
z<5!TgUo-NJv6VlY(@QtZPHw6P%MkXCj)-k(UO>P3n84J7=vp75^lM+hg;@$WdJFtm
zs>}z%=O!;2P7V78h-$n57&iO?#iQ-%0wAH`n%t<eZ{RP=;;sKq=|g}|bB7?Q#sBub
z!;0dJ|CZjSZG8Xo@Fn=2P`is-#|!%I5wz*paN$--lEz}nK*B-<8B4dp1UP%SoqTYy
z1mZx4C5UT|d^`<^6X!XAdSX#%)W^F=w>-)pCFgYewNQ>PD>j^R^eAM11^Pyz13>1u
zPiv?xjFrmcmxD$RCQD*R!Nll+o|;kW34OTIsL2UDjSk80e%0Xwkhh`9_`lewR6Hgl
zVcHnTd%m+$!Q3_*H8uvqHf(2>Bmb-~a|i9p=0_6A%Po+v>sCb;5~3Zxh_SqMGZ~Bf
z#ya5nx7wWOv_&IfRe<Z6ehZH056@ys$Z4vcRO^C^;vaara#iT)h@|jw=D5m*O98X$
zA1^E@vR+6PCiFr;c4b0h^1Z?HjP@iu-<YG;`OS6j61DYi_0yW_@n@=(MRt^B-oWiu
z8Q5SzHTQ5D)nc=|!vY>nH*3r(zaG!uxmn(Vi?U`$IWK%LWjHauSH+sSTXaWwT55D>
zXK2?Ky^O}uVXb(#&_r*EwdE*L>iy3t+8-Zue+2CUG8^KF0+R`N<A;Z!%QR44LPeS^
z$4?m#EOFIFO(Q((dM4i;RB9&Q(n$qox}RHNb9*d)onn<k%}B@Kn-%Q~dfSRR9v;M3
zd3-?dS#iDUQufVj-XVOvdD(#MfZA6PU@h8jp1c~_qy?v=zGQy>*)DGvQdQQQmYt(r
zH1JOJdpIYLYg7b4t+0E`WbE1KXAoT$KH#f*kX#!gm;LnDTQqicR;~b?*5-Sgb%NNj
z1u+cNZB`=3_t+n~k2S9!0lb%cE=rzvWHX=wuXQx*^5UIH&r>6j<qNzfTw;c~5xw8?
zQ4@J%G5z13-EbQib~d5Z6z@P!5B<gX;JO(Q7*}owT}7JeL|^iJaXv{x-qhEh*fEgt
zQ-}2aGB4NSsFt)aHY-BguXD8CgZozby`WNHNWk>$b6b9V{DIu?K5tj4uI%&4QzJ9w
z9B|d^xJxau?S($`84f2V!7n$+g5fQB;Ozx|_%j~Kz+J(h#qZ-{gV(a!B^DP(^_jl$
zzAN{}k|4MWd{Icqv4pbZD<7KI$UfRPa~$o652%pxCPFUBCJfIhVDgboiDP-6)+7*I
z*5-Fro`>5PS4L`zqkDI_yDHB)Jl@NlvJ*wmDGG+b$kYN}hc~fX?<Y?kmTKhfPIf)-
zgQV6P&AhvBN=7#x)aqk^l`4zt$YaypE8o4GMs~p1skmWi7+=~#6;q?Y3!EJKbKs#x
z*;d|yUeCOSeC8GjK333t)sG}X9Z{RG@jJT|kyu&c)tS-drHRW)Ww`1aYBGU!k(;B1
zd+$CM+h0$F<V9K`(y}DP!y!LsM1?%)n?f!$%JmxBo)BBUh%;7`5|-s`FSVqqzdoR^
zOlwnS@P_)6LSLVl?4B%W;5xI^jzX?KBJkcUbX;}Kn{I^$PV#6LS@r}y+w_TBH*XfL
za@EH}he@fgiSfI+vi;n{bZNgK$2(H8kK&HXB}qz|_hYqA86)z2`-ri}^n5?<R({D(
z(F=s{>12d=(v`aXcM^E<2lQmcCA<$n-jWu&b5^Rp)?L>&GClaFCt^vQdS`8N_}oOh
zY>y!DvMzfq5A+JO>J2nsWll=kSe3fK;Be5hWhJLteyns>W!Udi$3k&@Wz$hf4Sn$6
zOy$Hg!+FO2*p1AuVs64*7ETqi3C`Bc)Sn)msVB}g0<H3MM^>6q(Q3?(R?gojobnVV
zMSp*TFRLFtH6BlMCeXg+@4xD34q^kCUEZW@Q;toL_M3>Rc0xZDYu;coOxPG->LS?#
zHK`HlI@e{1&L{0Mx5t)9sG2Pnf!=o~y2Hv*6Fux(+&)~6$dV|S9$GG!{bxS?o)cb!
z=QU}R(=_g&7z)j)<Q_VKrkE*FDo$B$A3N-_m4JeU1?YPATBn%qNvhgkmMZKnwFn>)
z{kutw+^~M&UG_2MXvjc?N6Ep>N2F&UF-?P>1km!mxL8MMDN4*-*86IPTE}e{E&4%X
zvAb%kE9zxsfTZP8=PfrwKpXA#tZhNfOyA_|!{Pz|rcPjUW0m3lgU&@91x|F92)Ocv
zXA=MT_SG^Da7{j$i!up1Om1ZS;rZ0;4V(}zuIw@syj}7AwE2ejZS)DdV8MQ)4=@<q
zfNH%oKH~cTQQ5(k6!Q{mzhGl9o=g9@?m%=W!_aSee`swb7}g*-qPFMT8XB2P^RP`Y
zGZf6ed2HTi7D>LPqHZiq*P<m3+-*EFP>`b)JN{Th^!h1^PIIuXq(^eJy1HYFM9%|&
z)>iodvw^MtHGVF;z>-S-`PHuVW&R7~DqjZEj4ARWPnv3u8~IpsCX6Pmp&bE_2VdVw
zg!bY-kw^oT$V>y9iiUDE6<fSI8zU{%dtWOu4Ap2?N4u?XHGZF)tX5@P#;a3(rk}KF
z&@^s{CtH5vXZtBdS^0Jsb}4Ge@4rpVbSHwIQoJTM9!v}&fgy_iWexbL^NhOnWp0;t
z3<@QPd*f$1BUP)(EXz>Z!Ih~Blp^5UAi1I|9VF3z10zo2r~zS0r&2aF@Dxbr!}1o>
z?M3qSB3qL4t7;6mIpZCw%yNrz&l{MrvLw<mYwJ2pfvxfF!PoOGN({DG@K&RE7`E7`
zk51ai97*;`V%pY0+LPX*)&BsCDa&<F2T9P)U3cw2wVm5!R{q^a7s;Y6_ZO|S$yAN0
zPg6w@Y-Lw9N~Mun6;+Y`-h%-E4yKL5@r=Qd%5&FZUE`d*LyJGHCS}2K?z;L~GOGK$
zq1t`O%hKCD91MZGdh|g5Jd4wRbYiH!>!Q^hh~lX-K<rYPIg#21o43YqNzJYVhfPcr
zx+1vUFn414EAc+jgm!(Z|J=?e<7(s*NVJ@^c=(u41m#kOqdHZk0pi3*lxwc9APIRd
z3^>1bnp$5Se2p~4ZT36pQq$6Ifj+Xo*7``@5KIe+C}UvKCuX@)glw`d{ZNQF+^-*A
z?}dWFbNuTwgJ1KdEUV~ko^K}JE@@ZgGHT%gPZFbviomKG23cK{`&Cl4`cNmxD%%Kf
z+?8?>V9(>R*x<o~ut3COCx+y#y-;PTj`Siee6rI19a6N5@!1?PA@gRX#P&|Xk{!?|
zuMHrf%M_|XGm;1i|AcPNV%TVTuXSW$ef))uK4EbdnvwG+aco>BFg$hiH$RSu1uW+k
z<+1t???XM@<z|?N9+jW3!Ll~E`pPRy?Lbf$8Br_Ys9Z*>uC~QVvRKVZ<XmoUDXv-z
zL=c1%-S_sMFt-~Jg32jebjq?|Uq2{6lOrN`PxNH5A#FSdSO;2^sE_S;_MT?KU0`x`
z$4~@xj9hQ_krF(HY&l#TPMcs|jO#K~xor~`qN77_8%lG;ywLAn!uSQ(q$pe?)4dZ5
zu6U$t<piHTIPU|m+BleVNZ*HfX-foegEz4&p#HNvH0Y1xH}?N-F@n*+*QmwCl&qku
zU)Dw7(;~$ZjT3q!qwQeF_q|L;-ELCrnqoFD@4XD|Q#vR8oY>|Ro5~UsPv4Q7(WX3n
zGA0)>;9j!LH53^0EGu4K`<leyZy7~iR26*9iKSJXww!^d(cT`q7pc}zq0_nApu&9R
zsT_?GV0z%Tf>&I!-1pi*2=DmO;vvA8Le!8)2h$q)#5TucU+%WvDKCvgVknplnO`@?
z7`!c|vpx&XcNL_~^qx}z*$@XO{0is2WQnuaM6%^Nw5u>)yG2wAyR52PsHq*7wiL9h
ziTyGej;uTORJ>lF2BGT%KPDyPfcU^g^~)wpBmgpyFt^r%K~<Hl&P_;T4ThAn^*|im
z5!aCDhG%4nNG{)1@iC_$3qhzI(b83I8Z?;CNb$Z578^3>D;7fi-0TV8SNX|KOdN4J
zA4Dx_1Zj2Kg6jH&(i`dIqPe(4WeG!<4|@t&PnIr9ZIu}M8eN2Oa*B$G)rePb#wj3%
z+FE!YHl=j(TpOQ*_ax=D4xUf~^XNW&{E1m|5&rhynrKqp4I+XZ-e8&)J~K;^i1Il1
zyUr4aiis!@v)I0I<<YP9LRIpO!BxHmK;1fDj+~8tQMNL)GhutWbGbZadE&I>a#4mA
z<(e`dXmjCZRatPzt`9Y_YyH}^JE-5y`gkkbFBc5qT<>(G8IMl7Sp~lERbE^eo=+fR
za^1u&y>mr_ZJ3^49X(A{yX4{h=x1+jX<frTL_^nCXH3I$+&su(V+#7N)348zep-Q0
zzNRO8#YwYk<%*)o8`D}G_r_czmM}>n028Fj$9b1&T56SM@zZiM0_!MpJx*h!z|Mhm
zxVkbsJ8C}ABh_W0%3<6}g`WS>t4ULn^CzZ}av-DC-WNjeH<Z&#t)Z&T9&A1jbnodr
zM$uj1=BUNV!$R5fUQ!DVzt_heu}EV#NlcV^<!5Gm3_)uL-k7X#WmP7g6OEOY!|VHV
zNVcOgj%we^l%~qJv;uJgd~w4KR@&i^4vUghQ2s4F$wPwcVnfS!#RlB@_!ex(8R%FJ
z)hoSSL_{ZyDytq$A*$`eIMXiWrlgmQNg4sTq?_QR*wRgziK0%F{Dy}2NPX`X>45P!
zRJ|rl1kRwK=2VU6=N{T?afg?e1*RN*YIe=>ufb?FOV;p&y!Sdt!vANfAPGHDr}Rh8
zB8FI-WI|^o@aSOc_DOA^+kWun9~b9YQBd)#I7L3pqu*`7V*p5~?Oe2B8{%@bb?FoO
zgw%UJFOC{6r?weKw1=Mg?o)?aN0g^LLE14a4!6JXd0k(|oygD_J=QnI#GUqURHZBs
z`o=aU*$tFger)!%#|YnhT(JW<NW!Wic;Jq>Z<qL944<evX|0JY(ux#fpl&RCrJgs2
z%}u=ic$(jHSlJDUXV4osEd=9UQeh}=_G|Du`c%=vLTZXx%Y70(&$K6Yc-s5Fa}e$=
zshXZXKJ~1!<ptmVymCL?V5oMp;w$ZuD{eukYzvmIXiB6hM536=G4%I4p?M1~BJ@ms
zNV_!*a{$ygOAJXB{alLLolJ*nzPsEc5%`_(dzbfeA8!bV-`ZAWK{N5XS9C((6tv;(
z3LAn+V0Ubr*nY)3(Ow__qKA<t+GS79w7thOxOzix*V>WjeFFszehk8M#Njv=n?^;T
zUU!S#U)L0>hpMyZAkf0ucmp9dRoQ)cGf}xKa82y0lrk+3c!p-c^KcUShBB>LSD!(I
zeI6Ercxz{|y+8ry{a#iPC)Sc|-6;^GLp)Qr7CDJ08a(?*X$~iN&+oNq@de^X9*_MY
z5No6vHlYO4<hGawQb4x3B%FnaY83ctKoP{PK%$MIPPYZczJ}5vA>%r!xzf*ux}vJD
zBbU-W1MRX`_fJInUqPOP0D4+-8a6_}8#mz#NdNb*<^y3?8YZrnK{ke5BW*ISeoL*Z
zC&p~Xl>TA##EQl4b%LsralylYJ`pPlq9WAeeiJs|M^5LAs$5jA10x@=ebOymaj`vE
zaODs4TCoYmsGhG#K`=!~zlZI7lYkGWc@sHWz=46^%mXZkflm^LE%Ce3SS)WP0@d~p
zTDHwsD>77}Ip))BUIIVC6@-$i-MYe__uB4K-1m`wxhPSc#@SexQBszA%w9SDDgc^W
z69>$81HF!4)2KL2M~uggzHl$YekY8~O9d98#}M5yCuo-z!`c{ls^}Lc<ZoXWp{(l(
zj-7f@5AzJADTtMd_EZK<MNBGgI6XM&z>=4RnlckC4`_)hZwE(CMz)+{#APJs8;^oy
zRZf?rix{ASMxJp_ML+jqr9Dsmhl{3HJuc_i|Aujs@!*x+#a2r`LLj8Xor+V2JG1|1
z>%(Y=CfZ34f<U?uFgBt8C(+gQ48z6ZRdv3vXFpR}&kq#Dnf6K;@eQ0+&lv-UZ8pn9
z-U&M*uRt>>_|4ZaxD>aW49=H`=ktvl9pIVWgI3nZ+*|;o`;pt-1(ds$*@v04dmLdn
zw2OJ0-(wVndqh#>u`gxXlp!ZZyV6mYgI3Pr&5yS9DGE}?*)can9bEwV*=<=K*||!T
z+%ijgM-H9Q_^|fAu>csiJ6qG+THpPlAVM;}Gxbr*a7g%PzMFF0y5!#6lxHtfyFdg9
zvN}7mx7V2s4Rp%gN6#|@16%wq2%d+78!WdMJEYuSXie@$gi?;5?D(HQpPh~GG!v~4
z1?yE`pRDx%Sx=s&kb3$F2$8WNDORWE7!l3L4Sn&B*B^K~p6<9E3RipODUe9nK5(yS
zRg>;VPra$FCYrju7*geRxD&ZX4iPg`<F@S)ygu}5f9zlFeo2ZX6+AXjSA{C6W-qzr
zgD`7bZX#Ll4oERgY`9-?EOwiQKBQfl9|uL~IyHV;@(!KjAOX<Hj4^F<Yx2D?Iq`{5
z8XGYCDz*PKsOgKDX%RRqWOH(HXBq{PnrIy^El3Qe3Tbuc*pD%SFG8~|&HbZbd~`{T
zdkv?`ED)L{<z%^9>nd`fU=DFj;{=@?nCZRQFjS#9JJi3JUNJ$42+pan-sDe#1iJ{2
z8f*-(4!!P5tx~3WAOqgjkFW#MNl673+r&hy5k;F2G3|6Ze^ijeLhi==4(*Ch3#m5e
zD@$rn1kf290eP2~R6?6`hk~QNR@#0!h@@a6+fpdD%!cwiNc|MoJ=Im&C#GWbVTypw
z37l0`R0QC0N<u+I?e+&F0pTH}jbR}M^o4*+5@LwnVFIs@80(L2%p`C@o2*TPlmsIf
zqJG#smXz{u7xJy#o>XX%Sij{Q@Oh?La#Kc0^9wdhEIZ43V-jrz&@%~}5z#SZRbf7L
z<)<L=>-SR}OP6u3QK4h?R@)93VX}kB8r*O-V-$;1+&Qm*TI;qa&t>4qP>prwQYGib
zN!lOAtE)^o`!MKa>EL@LpRTPeE!mK>u%JNU>r6iwZ@Y*nvR{!0p7|yOWj^t}IdT2+
zUN+dmuR;GGZeM7i0#Xb6__jWhD~cWLWV0E~v8%JP+r>{AqS%PB^J>71(4O5n(`!&I
z_8bLb9Bg$3jLdpNp!h<i@xph>UJ?AYvfPwGeD_bT;m(_^IQ~C~(}l$pVmYHqbrJ4o
z+j|EnVz7_9EuE2*;>E<Y@X6<XcQ$`&Z9jk4$Kf3(DePEn1>5Y&sZ9RU@DL!qq;Ti#
zkjH+0`%Gsn*Aix@$Ky9D!4fTQni|%RK;xEk!-}->E)I1dn@Zhr>0ajq7kdeZR6~2|
zdadZ*O_mM~=~IVbo}a<6#%b#lDy$JfadXhkMBDfPTa3=b6Hk+u8?Grv_$ux6HbLF&
zYjV^+oyk!Z{32%%*RCM>nj?j}>|uniGNVJSgp+f%&6@tiX$iBF2QK^7Iv!0G;w$;x
zI*^MCWdN&{j7-F^emPi9f}D>JBdl<;>Sx6KyB&;ph4d_8?bwNT|6&31$7E~`p>?OC
zXLqj0ebTJLLKOQD=~uC~QXUyIg)PiDi<Q@lvo00NG`FYu<sb(v(>3{V3iEP)kP+FE
zH@qn@qv>j}CRA0XI9st-Ps9%`?r7++b9e_vke(N*wmv?7*rF%=nk(G1q9$*m3lZth
z{J2kuN1i%#B#=sb=dtd#M<8WXq!^9-ee2lxEYsmO;EB=JfZC$32Rm9Is)?a}{F@4%
zNfQhwD}lZ%w5J!VTrG~e3Ov&(eJUdB%sNWM*beEm;pRbZogW&;x$BHuc1k2YT34ba
zruQ||@v-5w<o?$#R2+GrBw<*ld(z#k;OcDzytNt)(Bgr#1TKZcj-~5;qarq7yZk72
zjOv<5*WdF+C)3@Gv3dqF2HCKG!TlTG?h4Eu&Pb=qK2r}cdby0jn?-N4&2>G8beH+D
zphZ!b5VtXD202FDq7wd33ehrrZtmJ5or_T{YOrJSd0DoHR<Z3t=T7LCev2-gq_0AC
zctvj~Wt~y^n)o}nMAF?O3|F@_XEDwo4dyk>A8TXQl}kZX%t^%FN|UT;)fb1@>*V0x
zPM<ayMuv87h8C)Cpq`AZ@3zt5$h;{seEF$HE4gI6#D?j6k1{4Xa}akbqWo2o#_)3T
z!|U~HSgUg4cmRZ>y>?DnN$e6syR>WfS8{|=PQQJTt}Q9R2}a{|)!72?Thzwys^{>u
z!gy4ZxJD*0IO5-HFMs3@A6V5YwtG1445lDH+OwSYp8*HTr}D*;nY?so&vg2RWob$t
zhh$rg_;f%)9W4lU%ix&M>tFz~1N$I{-jbcx<fYJ|0aR{ycA8<ms3C29^u86Gw)Xmg
z6{Itfm?~@ieC(?EnC!xc#f*6Bx{^aaHNBbBR{KNOhF%Pbnt0uU-%Abb)gHKj$=vdB
zUnp@Ku9+b*2$ngp6j)glxx5bv2(ohvQ8sc4F||Jw2t&o;*@!ED#y>JxD75()*Uyyi
z`e9E#Qe8%bbWdrTCnSo7+QQt1M5j6hQ=3>AYR5nTeTym;$5jZE>yX}ZVk?CiK4bh5
zwt-!fvc>(QrdjoH36JCFeT??8H2K%mje7mAx@w5SgcPap5r0}pcMmh7=UikIv;BTS
z!&|yLFspxZ<_w4rVUdm+ElgKO*?{bo7W227(3%RJd*Ft^1%uJFQix*;v`d4+h6SLv
z{1`_$J$x=VR^U;oVne4-nc+3D4ev=g-L$}cUoLe^>es{VcZw69FTS)KI@K`(ZRe<W
zYb}X_FSUxd>eX!of%<6!oSpHU-^y%T<6n?E#`RBEq$*#@jJbMP*~FN3Pib&cFvMjn
z86Izsw*0VOzuS2tK9IDJs{$MtiBfE}zYHF7_~+QY#OxD3)A2l+2#G@xj6sG-7NtOh
zg<b0fnDfccq<a!SP$_Dlf07o06ooNd&sgYwNV@y7?4rYUX`wMl<oQY6+IlA-$!DO=
zYUCgbWa>MowoLVVxpj(yQ;dw<l`=`sg9<9sBTWCbE?uzT!5ma?U3Lq69oxub-H`8@
zcYofDa-4*f9t@u^*=R^8jQ_6VtVbLf3F3WP@U0ocla=)O@ET}2?3$A7@WL3IXG6ic
zpP~pRj2WT-jhB>kb$%Rm9yd&OJrP!DB~O-M47{;%W%{TfqlW5%kel=d)N?;*Jdt8B
zI<ZM&q~%N8Nf$Dj6W1t2{31Ys7zQK5M0Gt@bNTqhBiYvWO{Qq~H(oqdW=zt0=lpVz
z+i~Sxb&cESHlrW2)<3hy;=9W2)&|d6pKuWMx^T4z$y|McGB@4=7YHADrYby>*$O#q
zHLLXg-Ie{BMZM~oX*pOMopwH6T-Bg7caUAj{uqb8iN!|yC~j<^<idr!M=&*Z*Ny9j
zgyi*9fNCj8q@IP`?C+^I$Ys~_Eh3+8<uY&MYwB#*DMm;nhOX7ej|n-GRBE0G+gEPY
zB6p_C9Cl_R9=(d9QKd_AQtfze9!P?7lJUojTYR6!@`1}DD(~kG`%ToNEX%NAVIgxA
z?kBNTM+@DU;{cQVOIM4~TZh+q&AC9$DE=1HhONj@F@%rM{vYmJ+9)HFx8bJIF+k`m
z;hD*ijkOVkeWF6;SMXtiNHt^#zXP9q<VI)YFXy$9E~m;A;oE-WtvY~IV9_QjDl2o}
zKHq;5RUR65y!a+b?Cy<pc7~wj8oQf;@d-7LRt8+K$h*YvL!$?#Y6k9U{Cgeuvk6K4
z=Freo@>XJdOoZ*}O#n96=P1gRE|ZK5NirSx38Fzf#-P4qtBY&Oe8kN0@(?uac!Kv*
z;Ck1@$_y#r%P2Pu&gQWL^?Vq7DJi$x-0_w+<^t&I1(NjHBY}Rkj25s4<bZ>PCV>+0
z+By!nI(5<VJTZ>HAtsp)fcfOQXV4BDhziMUiS3V$xW6AnD`&AKZaOnQZJii@x>8qK
zD2Qgg|4?y?HMaLaWI!d?<ubhx5pe%(IQnZ7GmtcroTuO29#J<0KFf)TLsMLln-Xte
zbGMd+irbeu$<-vrfFsWUS)VaIWv1KsSCkK+x*r|*(1xU-a7%c_ep*;Y^VRYVuE~1U
z4brS>61}P)i_v6njuXzP+A=%Y2;1whQDX40C%w;VX=XkGcOh-0FmvD+ae#;x+h_pE
zulrbfH8u9hDH}4!SrZ)&Lt3(wDa!A9I;=LZr*pfk&Q6BXM-vFO<cy`XNtDMS<br((
z3WNF5<Z+q6o&ICfEe9y(t6|bm<u8hgjN&FN+lg6mn!Hf~G>ub7FsQ1Wkt^eAod@kO
zLG&~<Lj_ouZCTi(dMbjSnQ<G3egyvD`AMWq-{JT1Q869c{rr<rXyKVZl};H&9Crm0
z%DlWDJM4HkvDekB2qb;-K<uT~a*OJvnC|$Z<Tlk<C?Ec73o|6smDM3S*`h!jn8*-3
zpmC-$WL!N6p`kQQMC$7=x^-szQ?-qe6<=fiuk?_Q;QTcyf1beW9TXkMyT+2YR|dD!
z5{|<RXA<u`Rs0y+QEJj#+`(j{y9@VtqsbYsYuTR|SMD~3czLHUJOZg|{xkWg);i;l
zMVWa=gTiwFbvm|9dvQai(%?aAlj}j&(SZPA!y}NKOb$El3ZK8TU(b-qq_DCu*5+gh
z_*U>;URl6t=6O+zIxggEBKHxu$|}&7R(yO41)zWqcZ$vPovxnM>En=NDxxdywae7v
z;tx7*q{g1_6y0LQEg_il@Awa=CSlyTEo?3bxlqhY1t(V`1fC^bAvdG5GEe0#qcE)L
zISLJ+JdamkqMdrNqta)$uaLkcL*sb-k56e##6YH|9ryBt9*^?oB~8!I)9*zx8O2ev
z?xTL_znjaCP1)WGV#4fKd(!x|GEftU%%%sC1qO4Gu`Kr%!{d?E{tTC@MYiF4dMC}a
zBteVaU;e|e2oFWg6*7;ZJzxqe>%b=>IGlLZV<MWwQ@mCrn#Y*j6(Pm_lBpPT%K_5i
z@FzsmwFrU?BJ(i)@7o$UIX;m%zwjEWRW0`2;<PZ&q>M+-&P;_tGLE<BWbKTdsJ3{!
zD82?~THy{K65*&{WPm}@RrZ}lmv6a7ArgjzqiI}A=$tHp_G27T{2EMLLxkK3c8D1s
z-2i-;Pclt~->4{>XE4RzB$K9mr%fpMH-V!f1@L>1XNdd_BuY<mJLB!*5%9G%F@kZG
zMw2^nH$~Y?MhC919N-@&*Cv)<ze~>?u30R|O*&a^@fbn(ndlgvI*0(%weDn13g3^_
zZ4^MOGXN65o2;JiU6Es1G45%3&g$h%&VRi+7(Mz?g+;MRxaqQ4()!_LgqNd;NT9hq
z{5n^Vv{7K}$3q!*23w>^5Tr+RLm@dg1i4ZTD){bwV@W8f0)+_cyQu2dJEaywrsE^+
ziz2V-VIh$^yfKxq1)|U8$L66aJL_O-ztQdOMl9y~iGm$b?as*yXSSN6_smyuA!AfI
zjJFtxUcb_%A<d>~)*~%HT2ShDp3K#|<;vHVSD^GOw*)VZlpS~~>aSuZ*vmtdt$U^s
z<giu{#704wb4{^Y*m^|a23Wm*SkLH4*cyTS&F+VCTWj}ZiD_d^Vs`m;+UU#0ErH1F
zj2(;blv-c`LbuJ2s>%qPGJa!2QK*7_f)nK#onEpQ3!07Yc|MyRtR~_EL)Qn`M7v{B
zGi=JxKpv}ieoC)nHC$&^KsQ{7Sp4E|hS-#)p{0}>UjRTWSRZ|4-GwRDgsKHU{dxly
z?cgDL!2DcNwTmX#O$6P?9<!>C7wW6N_|M&4b{ryo8Y$R@MhcmJWu8vlLfMYzaBwK>
z3Ft{;b+Upn0geA&5dSkky>H(vBeTtC$#fd538MIK(61hM7z^A!uu#zc&Kd9>=X1tO
z;r&A7y<v)3Zj)=iOt<Ru<2MI$Em7YoSL@AhBF2Rbaia;jJqA6oGJ)PA8vL~2@gvz#
z5Mce~ZbsyUj*O@1+jKXI*UJ|3spp>I>EUYEY>1z|t9p&~68V8Igus~O7k2k|we$pI
zf#Pp{cfJaJ*MFX$?&Kw`z%=7)&=#$1W5E}Ntr0yZ=%3+?RsE2#Oq|$!iJ}?Id;pN&
zh3p#hQKm+O6Jt5<`rq(go=0(3*`V$t4N<5xCb~PSPsK8ZWa%)+bGD>>-JsIp_aXN6
z+$nNW(;a+(h_$HD=$am@|D{ZVgd|ogroiZikHf$>>W9SpbtZh16VcjqXc)FTCQ^6|
z9si<lwE5P``l$!*`F90wp$r(l`9sQa=DpDfy`hK22b7^tJEHy?m(R+)XGD^=YJ@|Z
zY`m98kf^XhlMHi0pra-0Bbn{3Eg5_zkf+u%f$J*JS45=u@c$w1Eu-S-*0#YUSn%NP
z?iyTzySqCC_r@VeaBbY(y&<?a?h@SH-F-Ok%sbzC&Yb_VR{!W;tGjxys$F|u_g$Ch
zWCi4va@pX*qEJq+QnIeVyvsRQEsXt(b={jBl}D{fkLls}?-mH&doF%dvl!_g;^vVQ
zqjtyi&*<!4>@<#)09!q|N}3RqK$%0%93smkq=pLJ(P<3pg{hJm>jzbHJ?0?t<gl8?
z#Nj`97vzXWFD1rXCMttcbt<jCG&1ToIgANCL6&Gzh%VpcaR;Hc!$UuGFlUfk47L>p
zEh(<w3CI%>a@hqlPkK7g$q!C6n}f_o)N4F6=vaKHSda5+cLum8+37A9p?3O$7do6^
zWi)IH=Fq??5sc;zx|}eB<|_}Zs3%LXgw4srzt2GxtqD3+xT42L$R5Y9Vydp<%ui+Z
zj?al`gW;gOPph}P71c;n_Al<?TgbM&rPL|-EH|`=GA)&XAHH+7?uSmp_s|F5-{8)g
zZk3;kC5)BTJ~%#35uPX*6(+ZNzblsNBNTf+6^&s_2<O16>?w-hP4rrFpv1)rc}8|u
zxsGUd6lIuyk9Wk1B#TlX)e^y3{CL99C#?%$p?JKk*Qhj`%A=^z)e$NulzGn;8H#Ak
z=gyOI2w7<MWEr8w4I9MyvF-x@-CCo@bc!^oa#56jQP*jv(%V)R<xFI`Gdy0U!FJi4
zoQf*@*zx05d-$S+4)rgA<S=K&zt@Y|?XjJB1`9!}cD!wJjK6Y2E<D<U(COq`p%Me1
z$DX`D3%7g@4_`C}n|~)l5SfB?Z@Dz-+pNj^@W~SL<`?*4M4-lI@<*FFK)|~t^=tC2
zqFALr;myqUEt+_rv9n<vJ_2c!!>8(b32GZdYFf%VjP$WcK$AoN4`irI4<ATZ2r;&g
z=EtOqApd8mkdf%apfGc~^L00V!DaT)fvg8iG5OzyiZE(mn?FW%DM&E6;?%ze@VZVM
zjAx_I>G5y2uVKE1xJGX8?OfQP!aZC(1_U8aj$+zyz_+Z6e4_)T?>cz#qj&9Jqaff>
zr$M!@hNEzGWafr^eeiw|F+va#nw8Z&1<<ECx$C#-6OllSV)AlCNKc-Fi4csiKOA=G
z)#)(f0eKAmeJpR~g<1cxb_G3Dq*gHMQZ?x*$t`3`RN0j0q}p<gHN@W(7(0p^bC)5r
z0g`c^<HklAD<raEXKlc)0Uw!Y0bn!kv%CE0?^+I`_{;r51-C&k89DHX<zSB+?3lJ?
z({5MY_w4BpE6u%`Oxf-a*C`ObGo}~hz+FX}{6&hwq`Z=xCc(h?Zt=c~9A?Hq<g%5U
zG5;b2MlpGz_Wx-G{6Ft5q5g}UH=CE%yg0q&YXqd{R^%Yzzcjq#X(#{Eq5hxWXa8Z&
zN}|+$Q3nF^YX>PCx7hzpzWTpk6L4eCs2$>(xMl9e3Qn;4hl>7x3M#DsrV#$GV-oi6
z{%^8h1Bd^n8~*?Oum%pET(WX%c=mP&IaM-(^I-096u6rFyhKh;x9J_WkLT<i^|IM7
z1I(ttfAK-G@~HPczy9x8`#8;^)zthuCb!}0d-XJtG*M={!MnQ1hbM<Zv>Xi=(sH3d
zfm+##MkDo!D`ySx56(|woADyIhOxGIcpf!#JqpGI1rpwX+w5FMqU*WuY!(J78@bD>
zY9zy@N=av??!J(h@`$IC3q79&%QZMJOp^mE*s)+6CLWy4AzZ*+pX%!}mzkK+eh`1_
z+P)kNdHfid{17t&JtjO-$OrM{|0T72T*6C?zjdAQSV@hbVdOCYoyfF_gKzg%rD5xb
zXXT%o9F|c`@Mwt*9;`*Y0UmTm5@1bt_BYkgn3|cL%`bBfHd9p|Kl}<{dXA4e7>4)+
zzNVus@&2CfCW3SGFEKjn!V=C_;H@orQPaa*lW4!ia?Q^VbLR1fuvGM5RZlVBJ9yNP
zc7ZuNuC4$=UJb-3N`|ev%$Nyyv|m-nL13d%^SYq_F=`n8V4uBS{}KI{DDi(AVq0{=
z$hEEgB7eq)N9(^?m+`AMNK7$l@50C1;TYi_^CiHH=_;1g7F4A(j5$WiOpR}`V7qJc
zw{<kcH|5G#ak-S|S@u%$guU8``+k9=c&vSKF-9nr#{e^5JO-Xr{M_6$BY1feftnvh
z7cWRr`i@3JL#h0hEsl8x3#xC+<PPr{^?z5Odd25z`&(C5rdg@3s@CxOFRu^dTt&%$
z=-zv|bG`WJOK;-hP{0MUf@<)dnp*pXT*F~npAj;vkcgIXg<bHUS&GVHlWnNRFpF9Q
zB&mCZjWVDRk<=&e9!hQCHbWbL1ZL3uqPCeaND<-<Xk~bT?zWgug_@4k&}(*rvoON!
z&<Lt>Bos^1fJmGOz|n*H{iBw~Y!t&%-+}-f%+az|Q+Yayl%0))m<zNgv#d&8cG@^I
z;fF(D;wU6Mqy4Yl?*ag?9{2P%Z`~;=>H4TOM{_;~{*xQp9SZH7nF)Dh^a7sHKQtkM
zyNWR}mCqszd6hc@DN2Y03L)8g3?xYSo_wi}9Mk!-#d-ltRxBuJMkH?+plNmG{7Ui#
z#IvlKp@?+78@b57%HW00`GKq&X`^t0#=e}wsgXOv-#w5~(Mg|Ng%Sfy@xlNY{OEa?
zzp{_y393IchJ*!(;!UY1Dp+YEg1ctUOf+Od_j3Gmse4<-OnDK@toUr~5NB-QYU)Ap
z{n+roEu#ZvWbt@1D+Oqmd+K2j6fw3)$9DR398-|TRTi)e2YdyaD#*)8%5-`lRlgp8
zBe2caIEi!4pIJLFlZX+v17$W%c;XzZFcWwM{*NMu3+EB%e`npl<{uZQi}sP1<`j}i
zuxM=R&-|{nzA`;R^BbpF8<ii(Gfl;b$(Sz6u0OXwBKIur{Xa1<Qu(#;MO|lR^1V30
zcYhvwu{5Sf`lMG}diSZ*qb>p{W$A5^6Bb(>fu+Ab;?x+Aqa;MAy%<O%7_CtyN!qXs
z)`7?Kuy%{hDciU`?j@ISnt2fIH(RR7sPCW7DW4s<@-YI*=$RI#(?r<sKMphA-NfW1
z%kZx-Zd}%Sim**o9U3Mpbms{vPNi^A26wFTx7AL83GGuLmX{wTOt1oF(4>yeO~F0d
zzN*%{jmeZKO10VNRmhI_yNlio^WjoZBFHLrmV)=A*DRJ+(Cg7tKda9-N}=RN*U`ue
zXx#&OXiDwu(qnrk+1ZlnR>(B!QU>WFjh@mN*UAo!s;QuhR|higtsjdAy2112${#H8
zSz!B1h4^OlXY)1P>2B%1@%1Wc3-RDETf8)P8!cWn0jROb%QACHWVxM|ZaW}8?FXr+
z3KWH<QGcPN_jR@`=Kwk^RcS@7>}u_bW3K+-@5~rHytipTZ?mg54{Xu5RzSnm=rkrK
z=ix_au7CkH!*u^&6j<F=CLnfscxP>VXZzBxtivJ&1<n|oo48n;?vwd28tEPTnJq~W
z5nNb1f16-&^gzq$%Win&gvS5Jt)h2dnz(E3$d2a(@I;>G*vc-=CQDy(Ra5yrycZq5
z%!-tsGy1$w90hU`d{Sz&IU$3%HDb)g1P(6zgSPr<mFo@?y2S|J$7><SvpV^9;o<3#
zW~Y$b0p@j7Z>~3k13oz;d$5Zu@eG2WudyOk0xNwmB}?@DApV334^FAEI^rlNY($ws
zly~%Is5Y1W&}dgckQ)jh`-|`^$isvT+54}Uv=aR~onzd2P&6Tdb$z00M8x@`tJV4;
zWixy5bBM$i;DyNRo*-L8>)r3gwZC1$$%1N3KCS+6Eqz*;#w>pj6%tYj{hKHh3=)3m
z6I#cYfIRv|bnV6Z`bjaWkF=n84!N}U^Ofh0iHFxXm*PUPgw5NR;+U)q$IRoEW5>1q
zCtVI;C8ha$b1LX}xH45A9<NpdZ?Be^dK)MRCFV-VH7InVdsLX$(=BvAxuKTQe1Dpa
zEj5;QW)*WI?7pShzWMk2eIWu|CY4Gs?vEaGH)g*1o|jcvZ3v!Sq%QU;Ij+e*%Agm=
z55p*IKH5NM=gdecCCjC$ad7#UCK<K|v)`HMGltu99E4i4;Z%z~oD!{H|CQIxsiQ^3
z-E5~%sluundVC{E+oy%uAs|6<qs|tAfh?GrK5Uo`Wx(ok_7Nc0xU_I8wbfGBE-R__
z^;TR9R2AsgF(V9G9@YrqdeTR35gJ?5?-@es@Rg?}1Cbwb04_9re)0RGv!43o#{`ZE
zt=UfD2rP|k6eze|Bz*OS68Z-D&sWd{bG)KkB*q_>t1D${hw?!{;FU3QhwZA(&rlZb
znQ)c3n&y+8rl-ckgU#C|>Pr`<dHIXD(*#(T%w8izv_)gHy9E4kx;m41MBFlMP1SrB
z8!JlZ5nW9T=6HsTWsHq1WZ{#8Xq7!@gl}D`y*;oTvq2=^!!|8BR56_3+Y$7Zdye>x
z#%Tbt#w@Tfq;1be-`IFl(=9BRdDM1mgc^hW_v$tj$yfC8JOWp^J~IHhOetXRi8<>)
zEgnT2T^$ar;5O8_2I3JNgkie21P?jf#wU-uA;UX-BIn^uO^U&b(u{fRy{fWL-}w)B
zcsIysHHpN4UFPvhF7YJ*)#0^u3QF@8@^ZfTb2%B(SsD}30KV2Ch02jJdrAtGt)y=D
zRCB4lz*XCd1+=Xz6x#I0M=gT-i!mm%>sb<c8;M9zL-DdygEW^aJa;OilMkFZeb4i9
z>m#w<_MX<EuA=b(sgz+0wF}-~f%$&x<u4iE7yR*<nJwdNR#-XH*{)ADDFXR7ncvIc
zYl|5BgV>?yaA#XZ{z|Ib(K>JQ4NXmDv!lGg1rUGzk5{%{u)MQ%Y*Z$5{TFSoyc@}H
z-|5Nec<AT?b=m()#qDnls`BHS+%C!MA1Xdfudw$Q(BRj7xvm{VT`WcF-&w9LM-}fW
zsHEs=Ny08)x7}%<g%RlxmCawR|0a!%&)v@asVJ<Icd!K-Q6g2C7(Ji%i?(R@e$ec9
zp|Szb)Rf$BCsB&Cw#qDHVwS@nNj*}E1dNo(fQywfYCPO+gxiw8v%#f3J)9w)4mh~!
z+N3A8F_#PJi1hCJ8~$5HQ6)CHRK`w`3wKSjXrxLIa_TYs=e6WUZaS&Dd;R;dai1zV
zN1ys3b-Z3z?%WT$zOx}h_;uy5TYWo<uKhz3%?2L1;ahf;wkDE?w?6q9y)A#u!a6pM
z_4GxOHOq!-TiNVw3Nx4AYU|9J@OL1e>}dUMa;y3vqYKLvp5blQr{owHAP#(;r+s83
zAJI0O;M<?4g3t|(|GYOKg&rbVr$}KNPL9l+B?1`iIWLxgfrr}Uc_?Af3v-FWSvuXM
zQyN>%pg=#HFeO%=cz9ZTpYBW#AW9Maro6J0<1NtybC?*S4I$lrq{3c8J()BQ9W4cp
zIyCK#%}<^`-+hxfsSXaUjAmdeVT6xFWs6l1YjeN%m#D&oNe1N5#2+ilbN$7yc?8Mo
zhed22FM0Uc$6jCCRFp;m6AsO6k^*e3f=r+>V-iQGK2%p;?p#$Rv|@+DzxJKIDYfZ^
z<<f)67Uk@wYwvSfRGqw0pV>53*uG+;g2Pw6-3lP~jdE*)2KIX``VYf#xO_0XZiTu3
zmkYpG=F($Uf;dKw&gtlmVRN-fKu1GMgM>q71Dt$L8UhL%fiMP0EUOs$Ml31x+H^2X
zy(DPoegyqlWwxvjVP6hw+!Yjq?EH^e`|+{IBHj}90Jg3}Ki}J(H93jbfdE(qwIssV
zz|srULy;e90NVU^2+1y9yGI+6-Aa%5F3>@OeME;{WDg@pxOolvRNo||Xz}A&M9LJl
zSVTC{)SFx1JkkmATRkHBTWYU}5r^u41BQFEV+Gzi37wdyNn3qx2!@&wBXxsGE!_fQ
z;GKR{DD<64fd^44tjvb=Ei*%Fyu`7vjoiHElo9J|0=bh7D=Mp9NTeyQDMk@<{zCBW
zV809%k$GB+xUCsh#FAkzJC+9{Z1hxPmr=ecMY(X9T;7_w+20fdCtHc{UuhOZKx%o*
zMESf%z}<}!4rzR+)h8NE*lNAJF(Pm^PRbxm16#i19Tb9%d?I-(<lCz)uQwGiPg#90
z&mlcq?K}Tq?KhN|cp4~<6Dl3#XTcx;{X7Co@!0=9FJdcmTLXBKqnwB^<*oGiUFt<O
z6?cmr1Mn>Py0`9mHE|o9z?P*5QozsGU4{m;Mr0#M%W3&1*T)E#gFmORm&?dbB6||H
z>&4W`S)KI~q)sbJ5S#$DfyN5!`1QG2)C5M76HZ$Kq&{qj@m0`*BTI(UH>y<`n_%BT
z?t|`c()OWV_czLm>Ak(CocYtd9(EQ?cyxTDgSCc-L^bqMs6g`E1$5=g*hvKTnO<z>
zti&44%1BzbEj`?=M?@u0d;sN+&a<%ekg!rxybaIeyt&{EXlBs$=2oMCu6Hf;_p}Wj
z$L)fDk!2coQJB$9Vi1QhOM~s<#>6?)S2L;)W)m_aPW?7yXNWSNJf%5JTQk!js9lMX
z(b+KWhr)pidr0VW+fFOK>|o>d%@eV`>hD2<-G1A+t`qo63@zbWY4Syif>5DRW@cHO
zJ~K1#+;}W?XpeFp*-dOt!ic||!rmH8GQ6_la)5X{Zoo6S7Ag1gNaPJ6rp<Al$Taof
zMBc*nVX_DGe_y4gC@+5|MDdaZ>B{$;-~av<q8y(g%LHQclM9`_MXA^1^wS~gPdxX(
zBTTwK$sSP4t(hDlj)@PWP|q@023KR^W@zM0ui=}!<_BxMhO*RyWUbUuu@KI8v*ZX?
z2*VxZYY`>ryTjXAre%~L0Z*U0s|ig;#+kh+=nQBaoOg)T`z%d#Ytwf!ebvvR*c>YY
zJyetzF4VCE{c5AxMlvGhfj^P4AFkq4bT<3bOf5=a^p~c_;v2Xq4hboD7Ne~|1%o>~
zUO0Bw*OOI{23d*HVH&4Ih;;E<JG*%#LT_z_nahDF<Fqx#h*X;TcoY_zn4D%yT%Of1
zvw!a|Vj9T`G|7!&1Nl!`%9g$>U&lAS-XMq<XX>JtYM#mxCigxB%fFo)AgUrdvy4N0
zM?@(LfJ@FiCRw*O>s>%+wEMZ)Cl+<GxNST~Oef7QRDQG(ASD1gp`|$Fh`jxrrA@*{
zHYPkZ$u5p??`UM3ki2GDP&M9Xxk%f6Ms2SV%yJEEwu*#FCPm>kho`7O;@uuO;d}M`
zRVV<{n9OytC<sx?l(XW#9o6Z;g-?zO`_Y^Lz1X9}V|`$xj>!+f8M|DCIvqzk;^Ck+
z&VQ_A+309JdY{*p2*FA_yIXN~x)Mm`31;}_0mDgL1U$XV!fneGC}DUumXRP3<8XKj
zH61P*d2uUtnx%ze3zPwU|I-uou@0J~KJRt#5(^j=ih{7;T$=^W5ilzrR@9QBa@33T
zE6BJuHhVj#H?OviWH{W1r2%kkYUc4U%tiEj2u?!%MGjJ!ei5^XYIZCUt-Sz0RbK{`
zanaD;I#OK9Ogk*1O_nNu+KiL{Mg6as)+%-}3nNR#pqNJ*VtE<Rd}?7He|I$)^3Ieh
zzpfH;DL~aqU7p~mu!}5^+(?OhtDAbc2Xj0f*b_vr<M)d(SCau98Kgo@v7m}&W+oC@
zsmJ31McBbdnaWq~q&j5!i7Y9njAXP35XHZW%e#bja(B$NqTa#B5MeJbV`Lh9`a{tk
z8`kPx{HJPVhW;i6*lzmoH}gh2qdNyC9QEc-zPd=>#qmJ|sCK$xPz$wn+SW~u!%>Q=
zJYB7c26=@%orsfdf%tYsc?76UV0ex(^REk4JUl*E1+67xn7cwk;;rM6G2He@8+ySa
z%|tCQDfC)MFJbqVrQumlT&=)yyR<Y?vW{3L=eLQCUF7D_6*I*|@M&xW?GS2NMXjq&
ztYlG)H6?lcX@cPGqtEApOkTG%f$SIuuE?1~Q6+ibaPtq`yy+KMWO>jMJ+j+#d>bC}
z`=40)VS*KrR4G1)ezRc+V%*vq7doyfj8SHR8P*!2g4|y&@dI-KP4g%aNVV5L+BNi>
zH9zR>NKXx5;@$re(;|B7>am4dQEK~n7)8(<HA+%L%szjYGj<Ftq1mh@+QxsHmm=N-
z4G$_CgdH@Qf1BxM7D{>^?=HI=YyJ4EsV1ovNVPZz%_l2b7<LCuvx<<Q#NZ+{*<Z7y
zCMq!*jq{@OvZP@h*Ky=E)TkU0K~5Fjf<;nooycRadi1xAN^!N+(<uJ6Qlxg@=DN)^
z6e-Z;*us8N$}dkDaTiJP*?s%om19q6m`+Qi1XvP1w+H(J%6(pmZ|^NhjlRu3FCBnr
zN}Sd^zK`)ayx!ScXzW7lrpbZHlbD%JaYA-4-dN=V_xLMU9=)k7Rh%D(ZcN*<<8Vi^
z<IMjP+5QV7ppfH)K;RGPiS=6wKKPa2lDUOjDP7>RBp>HKe}XO7+th4TR>heQE3yFw
zjTPZHnu5rs7Hr`{ID~){HghKSR70#t&nP}7N|LyS(b`&S(P;A0)MYNJVMp6Q@(T4`
z$fu_b7JBvH1tM?NWvE#u1S-IqrRdf7=lfhu^p$~>c#Wm?{?B)n+65+dFg`x^jfi}j
zbD@2Uwe88;<$+8X+%Y~#*#Y@!sG)c-9=1VeDcu>Qbj~u-_pIpuoD=^yq<k=ra0_{;
zA(2&a4#jGqqQ;9G-mw|6$m_lKm4NEZZ5pauHmMIrV9fyiw-W6GhGrLq<hQjq1X3_S
z?}{ilTUxOS99z)bVH9TltD@T!9QX_C_I+lBpl?f>gbf^WS~5i2@m03|=dXr2j)1hp
z`U-k)dAfnLH<5or+|BF$q`1*r11INZB>iIPG8G($jy;9={~1IO6LaQ|YeK+TSw5%Z
zffH<>F*rU=On;4dnh${f7_UHcYskR#a);@Ay#;_CYe`yv+v6zOBedrLPSB7^zn1x3
z1!k{|^cxDyzdTK>0OX+<Z|m;rB>rOn+i?tVsWfn@*#MDfk^g}?Jy@DSWt>Di{Y3m-
z{o^9ZG7J1PJIDkRqceM~=M{CS{JGeTPeZ|-p7kO9Etot!OR;Hq2S~@+2XF5xk?twc
zd+n;HhrQe-8F6MfnxACjMeCE3o^Z>o$k3zkM2ynl`$A`CS7c>W;44uQpXP|OW7shM
zdC4BO9(n@|W+1`r$OhC>gFf&7nxH+!V0IQ40zDWh^#i;GYt%#AkE{sJl9ifBF}lXf
z8H1NlnPRL>MS*6K@(#GFhpFlz{&Fb$Zq1?{Ucu(f_mGre`RC~Qrsp%ii!;LC9_!5!
zSFhdGm^oI9&M$AsF`y}f{?q&Sq!m@H@FSyz6}rbl>#vA$<o#JZ_%Wp7&;L;XzHq*J
zbyvf-7@;Ekv?-6NtyjvY{rQc9!lq1As%+R2ilg7O+`SU@-Jdq?U)z?0u&M=WvF|bG
zil;bE8KLp{ULoK81eQl9==ajS!3LAxL~+{#X3<V_+^3nzP%*OJEgnkZa`g{`EKIe2
z*`PzjzR$1`WBy<}v7|0`*SzjeECi+z1j%4&&qLF3rq3TU!-)Su>?bbIrDlRApTE%;
zVC3vsubmol(9A~>LXIoJ`7CT*zUseP=5$i6g7)E<86_HK4gCq|G6+CTDe}jRKn?3-
zL0YUH%OlN4Lv)!@Y!7owsxS`G>Jjy0;^+58PlkUv{cC41(JC`Pm35k5-kP4ZW(r(o
zRGlEE933|0Gj!#SBaatl7v(B5`l4P8L+403h227ut4Yv=KL_^3!`6<JB$pQEjAH;~
z0DikOi>^S<9(8Tj<VwEIQ=*b29kg-)$@3R7nob6e@&2Ph!qgB$^pf@s*3xE$U^C2?
zW$q69rdN&>+K1D~Uk%Ywe-*<_wj<M8VgV;PcjF~!<mbOGR!>+gJqIXQ&gjlEzjlan
z>QE(>t0lu=<qlrI{KW9ui%zrklrEA`HChjOs>uX{iT{<HiD6AtLX{-n`^&!1EiR*g
z$(Om+>*mutn1xA0)~iT+hk3nu7IG=l={FK&zw_1?6A`S%V*S1eJFZ0J^JkoxN=tH|
zm&cc#MnN<4EC@CfQ-fX4HGQt^<aN!ywW_aWoH01b-pRanDH0uMUl>~5?-MQDuO1s0
z*U)?RM)nh~Kct>A<7PHSaC7-tMIUAF>d9Jtf<=~l@JB-NVYEMgbL?WW{shB(hFq3L
zQKKcyIsL)1y{i|bgg9(*h98uMuLmO;Ye1XR1i{PZVq?h>oRM_mXy-GoIv;R?d%ZoY
zz7Y9p5G1YrsojUd&F}aNAsxZ^tl+a>#@r>J;5#^8_0TfIXTYHOIDphjzcnWNbyKSB
zMs?43pK-j-W-D&MU<0fk55!5nSWT}o68FGW$GLHU!Aqv!2&2j}=^ICC6OrF7qqCUe
zcxP(65Q3p7*6m~R^@9iFf41W67?4pA9HOIho5Y-Ud;(zu=Hy<E=IUs!mc$<D{;>h|
zycfg}yokTTV)}mDc?a~D#)xc%(oRr*lS&aq{RkfhpIFT|8Rf;phts>$XIJZh#Q7w_
zS$gb%UWWoqWnghlwK-8z1#39#N=f!|?kH@_oqFx^d6D-|Lc;Q^uoZgF4_}oJAJKBH
zgd|hHJTnzRThFGbvNFoQ6~@w_c5i=qxo>a9lAr)^x_n=~bMwhdvZiufq@fIh>+@1*
zZ^Xd@D0cnj!Gf=oTiniwBo&A96c6hnoq_k~$s<E!hQ4Uk+E~C*yQqo=DE|<3xQ)@%
zTF~(Fs#3MV6US4DWKjxL2G6Rrs){USQJC7u7#GDVS+Gw}@R=W8z=jk(Dj$!MTJFG-
z$Z2)fB9^dhE49_H>pa^)=C6jVqdHG*G;P-FHi1pq;ntdg!Ndany-~iI9KZBx8rH+5
zZRf^VrV<D`IX?NcH}qz5vMJ^)Mc(Q<gzvJI=(5$K(NO9mS(7*Z=dwBB`zio%cDQr4
zJkftRLQX}NT1F`-G!xFo9k}u$RM3*~Fg+tBV^>hR7(=-zHH6=rQy~k?gk$mJy=^To
zoqJ)wr~DLn@MboJS-~VQ8f+`0x%^i~mviw?W7w~ZAu=}u`BJv=yGEkTXd=PEqclv?
zG=Eh!sn-tVA*<!?aUZ3>TS&$&^2bHVP1miRdr<_HT+YMT8R?K=)UK_#U#<H6Lni*Y
zC476E_paEO5B=HJOfty7yv=S!)ZSs4rrOy5Fk@Atvzn1yZTyU_@}BCMFzz#Jv!*TP
ztnsVK?hBmVx?<57fn4;=)6n|Ktmop>9^1?A;k;#7A&bq`Z(UFMpyzYXgqw)-JqfJn
zev{|6HDjcj%|*eB0RpneS07Gh*4ancn{1&`gRvej-`=Cq@`uxE#{7*4U^Fi7+tGc~
zzQjBEb(z6+`G|PfM*~Y>o?KN2wYiXje2DIAe_rpFBk5|Z$1&0U_2?A`+}>Ij(b=1T
zO5K;X>n;ZG<FmdO>&^1fOaK|1Me^msQ~O7-B*<2S?izYuvC#u#`IRLDDiBA|6<=#S
zD?b|de5Jb%`R#Y|+&RVGpy^J<VI-rx*sRGx6*~Ir#NK@NhW)k1q*dl1^4Xi9oj`tU
zk{jX2?)Lz3Y~T~1(do@dwwGkAg5+z3H)YpQsnb1-tTWZN-F#$$?0DTqa$x)Y<Y-c|
zF6hDGO=RW$uNA7+Ow;ZCz2j=>B757jMOFJ-OocXkcH?;32t(sb5-8V>vE@m@rZ|Ji
z@BOo{>zF$qFw$j{J)Gzf%HaLXz;Ys`=l;z_Fj-+7TqVBHbi2Tx`So|ns{_`Ih5n#f
zSbJNe4Z|&g-roxMkW&T&(uqI6EeO5*Z)e9g2z%>QER^Gna%~5m+m@F^R%-6gX+(Fu
z>}wi4nNTcPu-2|V-RrYK=bJF;l;xXpGmzf=6GCkI%?-hH7Ijyx8WC1XO?rRHttORf
zQj7ob1(#=wuZ==ltSmm4FcodWSFV0dd`<6y9UiMX55yA9JNp|d%snR}lshoeQe?<U
zTkw*YajrhjBHJs~VUgnHB2Q(=arxpY&->OB>kg=Ul3h17BEc#L0cIBT>_el><$+<j
z4#&ejsUY56PZxXYBo-POSF6y)G27{5qmgqWo|$K=<V~tI*9pya-c!yp{w&oW#}-Uy
zSF>F)_{vE&hzYq_*VWt0{3ITB$H4rx(Z*zmS51^X&;cx-_12kv9iEZXS``<BX<;Bo
zaC-_}XEC0?RZXWgH77fEXVp?PV&mb*`<5atH1(A-da#d@;KRb}M7uAqQZA^_R6Gkn
zaR0JLS%fSv7Ir&5y$}Vq*>84DUzkA!OCB3<2f#dBk|v5y5aNE}sg*=aZ{Ylvs^X-1
zK{rGTNGC`~5O4Eu%=Z5D=aqh(&zW+&zla3J?V@MewI0%>q#d!seN*7BjRftutdJL<
z4BgJmO^rWy=K90PXMGY_kV7rK?$%I2JfiH^L`yQ_w7xE|Rj%03jN`F6_HtQ8Hwa(7
z&AHwY_Po9##J42uWgj}e7iCjcNk-0#<2r}9a@~5)OtUP#eKgQ~h$pyTskiyYPs6n$
zkFF(*To3Z?HfZK#N%pW9H{Oawz%Qc@F!(2ic(cfK0hrxbwW((sdM)%mgu2>d{+<b;
zavUNK#7cVhsGKiwGDv8=TcoB>cFa_iwgz6DZ)X-0?d3x8(qwy~2)>O|JF%^l{6dNO
z7R^l~>G~=mZXn*0_Vefuv&$8`I5JcJtf0hYsYTKoO!S=?u~BU?i}Cnl<U@VBlW@<8
z=e}50#`)HsbFngT=Tq0;E!EC@>KG>Zt>q8aSeCHCMY=!=_dfEQOFI469;#l^2p7f1
za@@`;GLLCVIY55z{S*p2%NTW(nzcve9Ynz!yV4cqrZR>Lg!isW3L8h}Y;~ie)+5Px
zUU0?AlKe`N^iYr%!bF46{gg!1)AB+1K<p|GLZ&ZI{4krt;IAXH&QXa9SF-laZ;ms>
z(`sX_)hFAA9pxLBo^hzK?AI3|08<@SGK<WC<cX(W#YyU*x3S{I26GxF0l_%<s+QE_
z{e_F??UW+<oc5%9eM{lR>;+mzAU*(HPegEQ<kdX}I`hCpBz#Q%>|hF=e9>XSnMU^h
zRt~~2!01Rcu)R0W5j`XVNK?#8I}lhlY?>Tp{8JrO#_A5H6ELjM8dTk;F=TRXV>aJ9
z;c#A5NblYdz}Df5x8C}q3eq$FTm8>RG4JW}tPkHUk0on5RHz<M+`MctQ=7?rUR;8c
zP5qe8HJ_5Gws<0rx4r*p_7!^HRBEXpEB|r&95YdEIz8Lybo&@Tc()YI)-os>BXMwe
zME)&0KOMCUEGI1uXP3U@cdbwLcUDN^uP`7j&_Mxf)t|b^rY}8BJbWP9<_OYjX;Ece
zn5ziQW?AA?AI9=9wP1OxzQHx`$w|st=V{3pw-@ZY#OoPq1sy&n7Cs?YQ5@047F9tG
z6OL0{o}XFLCt(hXfPg4NB}voaRRlUc-C0l`oF3)Oy8t)UE*l%s;_wU1O}9Y5;=azz
zPPzF87i?V>0+V*0LYsr-Zrs-a-I8BaYPT+j4j^<TRASIh4)e-6gUls0^`r`lD7O{O
zP;(izTTI-QXQTuQ3X0-FCugVp&m_sl$~WxoNXp3LvJ!*L-hC0HVml)k{bGa6iAy<v
zGj$i-43elR+UR~3RQ$QrJgk7mn0j=kk1ntYIO?qd@GSC^vV?<^=FrmJX80`-71m{H
zk$^afIo6g@d1mHfK~<JPSVMxq>qz?miDIVS4Y}3iuz;dD)TObexFhV&F0iPD|1b7X
zfkn}#5-EG*gA#ChNE!se!gH(>+N3<>fbHVuiV}GgLSW%%7-abk{_*hSgapW}ctSWm
z&DYz?6S}B8c;M&W{dfBY;5tbVnv;r(se_86C2(R)o=)s-EGt5`^r3mS=NnqzvnQ#L
zB2Pv%`Kg5@Z~a{zDmEV5Z!K!Y_gaHm<_~Eq&y)lD7*JM8ic!BbIjoK{7W7l#d!mlk
zlQ;&RcB`XVw8@_3wxk-x&F5$a8cbE#o1Z~<Po7I(SakL2fP_@2(I#oEWqHI>v_pN)
zkBjFW1C}DJH8eQ`;G2F`)+?C{tr+(esRp2yBedX?Gl~VhSLVKfccR&GLyc>na2o0m
z!uUHXkoGgCllbWFvtVc73^Y~#a86&IC>k6NR9}I1j@!GyM<S(UN|0So-1=e|bGIZu
zn9u(~<BQl~wuC<L2N3C*FWwYN>Wc{HMPuV;j8#(x>RXcMQENUqQqUCKP+?uuZOmiF
z(;IKw%a-?=esgN(anj_Rt=U6~k+-WiM^X%K0R2A@c)$ge3-BWuE>lp*dV!C5SR$#5
zRH$d8>#Je9n9;Z-ky{o}R9S)Py|F1hx%Ih$8L`BE-jYL>HC7;RrB14?HTBO(5^7aS
zpO%Fz`G7Sqb^&6&uRR;ynolAYRtGq1oH{s{#3O>+Y>mQuH$!TNVmY>uaZbPy*>5GQ
zJIa}DvDS#8+-+`(K)EEv2WP$G?8~s85J%e`=i9{&sTF`z>3ZRO@k$@3uG15K-qfdS
z!teIeA(r4M!9MbU_3YOM)w-SC0gt^(h8t`SAZtX5KxImM1Qtq)FWtTOE4s39tNT_K
z@1oX)oUh|4pVP|gn4R{>`PmEEnX~W2>BlkBe{Mv<`1a9-N$Dz~m~0AW7clxz3O=5`
zn|Nx&;H_m%T*D_T&)|s9s5<qJ?QM-PnTvZ+-hBqU#EaG>BFY$SWlt~`RY?r&Ntq2M
z(75AyO(C^gR7)&2TEa33wEjwL)tO{>Fh#aF>(jU>EPZsbOPNqO)9FjFe~rZ3OPc0v
zuN6`lV?Ap=Cehu04Lz23y}Cj^H#FIsZ#q^;1|p|u$F?AA)HrMkC;2RdlE{=)A(-pk
zn^Xz@!Hz)5J9?e>xNDwYm|hSOj+bQ29E8%)?N2occhHIUEyNCEzSUXZT(rQv>aLPU
zZShZ29~E1Fg-wnc`-I?mZ@XbIAvl3oZvC~NUDg7rIK!DGIfFB>enVdW<++`&(G>3w
z18U3*==bAqlcuW**c1I*9(#s0IiCRm!pB==E#{x3^M3bM{k7plZwF$mop;V}E{Bq+
zane~2n|c)ljwtJlR%V+(*AqJ%3Y($*6T0gCVP`7fp5mv#AKR2`?vG;np3Y?L3z8q&
zgPQ~=o^_wZwXpT=Gad7|0;m%GH)tkC_ozS5o|9;}WnQ?PtFH{^n8gHNr=Wx$un{un
zGLJp%En#{+7uz@G-X8zb*;E{h-J&z!uhgaLX8kUw$~K}POseMqxvsJ%RZs^jEo%PJ
zFLV2|g~t&=LRL}IlHR>-!Nz!vp<n*^O9Kp><|*eSK4IKngMg0B{NTEeWF{G&OmNFk
z;dg6vHa5p)V#@KL^V7<W`C4Y120uY2+!b+b4A0$pN_u*i#gs?31<y^fFlO_JWLLt+
zFU>P!?M&Wy{EK}14JKu_FXpx1yRDtiPsGeI+nb+u(!r)i2I?Z$XAJbd$NbYcVr6pq
z?HyTm`LWk@;yIFz=(E%J5G0dbNoLiT+8yHyjwUoRpT(4(dyL;X);zA&!V|*~aP;r&
zb+Iw*Juzvd2uITxIXZ9L2pJ|*V{t4_uaWE88h%4Iyt#gVv9;|b2uuNNa;EZmA;q6H
z2lBpO;jR)OvfuW<MFIY~5D<HJWV(FFIdOteect2E!bk$~N97aU?KM&ejL;&)jP7bo
zeSM`-JF-6c>8^~$NAYZm^oTLoOqyj#hDiqgaN}3w?LiQ*`0^X)Zab*MP@H$+;t2e5
z_eg-Qz?X^F!4k)wpNO2)G5pf`9;W^ZIBRnGLIXhKM=7*e_Ierlo>V)-xCLX-pm=@e
z%y%^{=w9Le)h$afvev>oDx2qI<+_U$+Tf9&F;!RCT%E(bU7Q@982`Mruo?<a^QM=d
zubywPfUSD#CX51`f#~Wik5j9${euF1`H^&ph&uJHTQU+{H2d8pZ<E-`+fURmuaDG4
zqk88z4{tQ+a1@s{%|#+~SnPerf8Pzrxv6WHsqa7C5yffXp7u=iD>B<)AQWMLDnIuR
zG4HxZz&d|ZK;)2fv*Q`M_a*e2--kPb{hElvc;qYHwAw47-}`aIO+n1guui8?$Mn$B
zeD-!~$oW9x6`MRA{*c47H%H~V?D8n;6+Y@up(B8uaWaefkF@{g0tg0<$T&Od@P>wX
z!9p4z{IaC{`LZE)_6m;wTQIr-JZ7?R_m5xOque^QL(gNk^^WS~YxpWN#NOf2=MFS+
zZM(lx;d|QuIwaT`m0C!HFOUfmsxiZx5PZN&VoR*{yY~#Y`Al10jug}z7A>v+una+e
zHfS=A(a6eUU^KDBnfl)QDw=__!djhhUEP6G_^iR#!k1cp_J9-*njVw|u$8u@+-Oqx
zt*3z11luw#1A#-McSduRU+<q_dv734L+=5~bpV!gOOe#eS)GS))d{Z&!SQQ9ub>K&
zU0n`VD1OBOYvlJhn7QE$-%Zz190SRMGm$l|7mktgkIXa7fls8*>X#cn$dif=B=c(=
znL_n-uI=wX!W@OZ33Q0&#P|6<ambvXdI_c$g;}O7_&|+zY(aPU%<{p-SES65WVl`)
zwkbW*^I9i6zsG1?8NMgSr1B)CpJk0geF{(fyEP@7nJ|)meGeit{l)*0Y&TKx*X?A0
zz3ul*(-vLbqAF*$p4ZxbE>ZPnH4rj9zMHLcAV_Aye0YT|<?T*de`#TGt8;Y-*m)ln
zo2W{Mp~2r(h@~KC)#=%kISWs;^IHy8WTdWETt~Cfh=~O(@Azma?Ic6pzF|z+t}>KI
z@TcwVLcx98{*}z0;V|QBww3ExI+h$qL7k?MM!f;xTDMmy2)ex8Z{F*+Xx;~+6zn6A
z3aS(~G$+oVzY2_CMQ*er3xGX{o`(m?ljY6NdQmDC8WI`^>@OmY*M)(mti!>;othcK
zrT0P{!|fLsk7jWTMWxS-?SX&r+-Ay$$dL&LCWWL12cC2PiLF170ASkrg-|?>dc@gz
z0D;rl+jgZ{Kv-T1Rgj+|?C;vAPQT)a;`Dm3@cOH~jsA~J&4SFNU+GtE2z&zsgf<)1
z@39(KRTN%NjgM=MdrBLBNI&OGXv9{$$9A^e@TfTlvvC*u#S<oWTj-5r6sv70oAqPy
zF4R31)32(^9b}-GT3{&Yvwn>k5iz%;!4QGoR?RJco80cVEY}{;8PUOcP2_EQoVG0B
zRV8<32eUH#RXru~6yEo&kJck8TJvCA=ksDel!w<o);`m(iLTe0cb?guk#wW(a)3M4
zTk*a(UR(EJ!8nwF>5OZj#cZ!d7&xeQ7?De6WncBDk21NbvDtEMb*FJR6kGGN{ro4(
zam5Kd8#xLfm7x^5wqbwUaHH4L0B1zV;Bc14-p|>ZDvanlMXZp2AvjrSL$qE*5Kk~Q
z{LYKi$vWjj@8Lv}Udi@wNU&}KaCBOi{G;UKH}3_g{kcinBUXGJXs`DpY$BLEs(@ZB
zf3Nu6@G*&!662vp6PceSQ?ewrWtB&SDI0uPN4Xhqbn;j0C+?4cCADjhcAh9YUr)4s
z1UZRB!`=<yNFUDYhvReSAuS998roc9a0EC_TIf-c7S!gGf1}*CW6@Hx45Y!<?XL00
z!^X{o&?^awMkGS3dVsb_A}7N!p_V=}du5manR}5XN6O~<JTJF_`X?gk{Q4@BV<;9$
zjiQPAVui!f&iTSt-h)H`oE7pIGXusSM>Ca!^b&D+X`+kD-uKegzP-6gfg<y0sYBGo
zljz;qu5j3FF^ea%z|B~rg`~@?oEmLpnNkLipF8K2-Cz3VHJd${{F}n~DPmaa<hK*z
zxHUh=IzGW+vzhTcR-Y6Jki;kO|E`nA3Aq0e<_RmMu80mLb_TDdX2HQ$-4WPYp~cs_
z;hJQ>Bw|0>o2fKd5{6O0O@M&w_qp+Pl=wPZ;d&S(cXAv~ti_KW$@d%H9Fc0Qics%K
zPhF}06H&(#!h|3$vC*JAt4xZ|VWRixQZ-8<JA_5I*vnS3qf@qLYGbl(!4Q#%(*re*
z51hp)p;$OZECvv+=qd`2G5@ssTC24+WT$%@M=!yDY_Gs!i?6B~K&BVdF;*oXC`5sV
z6PFzHcY1!Jtn|hYSqkRqZ3FaHbax+CdXreA(bkvY2EIQ4p71prLbbM1g!gB5|Iv^$
zdltE`Z8Ukm4-Xi_-2*r3Z(O!8<^>0QgqAvD`J_iwcSLJZNJ*#_VE%i*wBwWPQxSfA
z!L}^a6So;IWUKH8tCNY22LVnx{&DFm7UA)w^<LJC<LKw&cgR?ZLoNs=#HI9?wkDe4
znpzs!kp>^it8hhUWCdHeO*+}VHWK+0gC?y00cYU6IOQVccKs(<X7)fewRXNFlkFDR
zRK65EvJc%j+eg2?eRfD?j7MnupuL1K6+JbE`WnG7z|s)ghchOo(>Jo=$*OG0XEdEF
zz$WIlOU`jNb0i2BgDa`p!pkHGcF|`fvD+k7J1e5@9lHHUhHQRUyxhK!H#ct4&-%S7
zlKNlq+)?|NQA%b7+)wuXGMKE=!K_?#@kcRhBfskNP%=1tnGd5onq6A08$tPYFj1$-
zSFgJ<gzjiZ-I#Z`(51FV{miUC1nP^~Thak4TGq@*!7LxFYowLfMhkSdHm>+SH6QE#
z*7OB!t-iTop0j2j29DjX&n4xjq73#TDg&%8E9g#`o#S(5;*^+4-)zdwudBX_jAzRV
z0pa*1G9;`qtnVPH`QPa&_q}3TqPrVB0jfS-ds!U59mjG=s;<!hrPY<-xoLS}wvC!c
zdW@BhFSNlr?su~i9`rQ*9&F+))cmlmYS2py%>bC^GF*?nv-7%|cU@VL;$kBrAuoo?
zc4!e@qU$aE;Ui*?9T&=7kEe0DBu8^3QqHQG)k&dPF2v==NlQ%UzENeqSCM3jMPcb~
z>V5=}(yZV3oe(%BWz+bU?fyE&1J**0KpqedU;YB?*9G76jsR2WT(v*ZXMrY(57Jbw
z;chqG+lx<648NXqx&j8!Ie*>v-X4fdbH<S)Xzz7ZJSF^aeNkjSFkEz9%<4&qINvyo
zOGaTetH{z7M^X^{CQ!DfT=j6eo;rmF&dL~zwZW5Q{Sa>Jx`Sg<9QF#?>z~7p4P74x
zX=o|tOLHVGBe}2PuEb^cr+sW8O?ZG-WHkICJw3WWn1`uiF69*W&B_;(QHlpLM+BAr
zBUw`3&e%43gLR7*hQQi=-*|&)?!ao!dbG&n!Lrvb-+0vzl7huIw(9oymBZxe>GZCw
zw24^I7aP!*RPe)eRHw;K+xa8`gn~GW$O!9H{PPocP*fzy$)@b|$2yTNWne;IYU7H?
zqM2{aBQ?PmgcL>H7JJ9-wz7O{Mci6b08{I)zg=D{s8RV^_)XK!k`3HLO&geJM9wsC
zhUkc}<zN|geG(5XnuQoPs<waMQ!gGdko(=8wa}~?q`dbN(4o2Iy>(`o!zd8Q#rn&n
zC6G%VR8vJg$=X^9!eGk3i|=TLJ)osPm|DMANlJtcBsbL5^lj9T=9djqu(3Wm{f19w
zolK%^UnN;v*chO`VSel+cuAv7GyldyuG<i(W%QTGXbefvl7q@3nfE=N;YpVFaD!8D
zNH~dYT)s2RQrJr)!7I5TUm8c3x7WXOXreu$#l206ioGiy0thK)3CBGg*4B(}GtSP+
z|9R;+{qnf)A(}fuf(#e#TSEK=1vj^i12vo_&SJ?N^;-_Cx!=W}<A!Qt;He@xI(aBX
zX!b&^>EsrqS4(%YY}&l5W(iFx<_XB@%jf$pC%8H(XCiug0;IcdF<#jG_DCub%E)v+
z^rak5!4@CNN<SCl%}+){5fl4+H5EUUYc$OY-ps-@gMMg|x%Hxt^O<3<iO?lVv)-+s
zkn?7eCr6uVo_*o4t<1A_;>hHkQ?lN1nr-Ul!U)Bm`T|}Tim+s+Wr8Vpak1~sC+QJN
zy}D#e<<0#%kXuYlQ;?Ln*+A%_&pLhs$JlWQlcFF11`eDX4b^GMb{>@LI*q%81Hlii
zThxpBscdevrHmsa)ts=cydlODRO}{I^!e_3A%Ap~O;y3Yp?y<dXI4>qFAzz<&JWc5
zQnki{JJ*9*{8`qWet2ueS$ls%e20z|upE|>JNhXs6v&rtx$R1wg}y=O#U}73NHvQn
z*s)3VAITS*y3<k&=qXUpSTL(NK_fp{EGCH#HCalWivVl6RH$*2gr`^l3_2O6=<2ab
znvMZ-4Y3(|Jqst>e>8<_xrS(Q#ph~~R@Md5IU~YhweVeCr268uMpH(&z{$vy6A*Xp
zTjXvF?oJ^DEs9iI$iFy~r{ZOlC<5I}QYnxbjJ>R>q@8HY&?Mpy6)&5lvEyA=%1Qsd
zKJ@NRNgMA7Cf3P7%6pQi_8UwJdikuczasA?4yU1T8|V4O<n7HGAutO`P{wL25<9yu
zrkH$F34^ae!S`1n;cUqYUcq9GqjVC~{+kFj>LJIWiG|j?qjmyf`I38!)ZX&`uHxC*
z$SN>m`tkNV4K)Cxm>R;pOA5LZHPsT6vS6^{cosJ87p$J1l5b~0ltW`?QRe3?YeKFY
zC`DU1XSfRT%*l*G+OwT6!!R;!SKT~T<AftkLJ*@y@V_GatiXiVGpERCoZSFJ{=l<w
z00Mv1UvdnorT5YcSiVJ)p$~TiLRge=3T7@YpjL#$R|;c%cV-b_EJdm)slO4vE?aKj
zl<R4Uo{lQiVQj&K@gI{~nu26Gv$YkHrsyV5U<DF$V{T-Hw&E>wt|G$g1vDxG#Z%Jf
zaI0?f@3rPh&PO==z<vHLTgD+xRj6tBR7Iu1@F<-UOKQXOBV<S9cA(>L`2zoNcb!u%
z*@J@<VK(Pl!pqBC%?iyES}CY}F55NwX<G?Gbs@Frx4}45x<fOz$GyyLu0|&a`|)=w
zCjKXw7F4O1tu%amJ9q#^=2Y>7iB0fvs5L`w3G1Xmhv6@*02fx8a+kJwU_f8qj|BxT
zE5kIH7>j<9o8U-@cFIzuEAi}cH|YUq{atNLfoF22bvI<k34ZVWNRlRoEwIeDAf~)e
z$Jt)7yPt{7L}0d6Oiq>`px@nJ7>)u6`?K%Os!}-d?=9};i~q3%E}Ei-iE3$Jkec4+
zWgg^ozGI@HvP8v_u+jI42hWF}<~KfZ4$2b7^_{Y{7n~w@Q7EG0jQq;?5rja6Z8(Rm
z&70}}zSj+3vY-mRC;%^3ET|*jB2hq|=sZ$MZyf~^umK4QpPq#~-2<tEVFw8P8CmGp
z#}Av~?$EqHFZwjgW_xkizg#j9`c$P9l#l0-kNHm%4X0|S><x?42VP6kVarMlm$!AA
z(^*7LkgczB4y(X()EvDs{KUz}<{6Bp50SsCj~Uw{ugeLo-}u6DwlYFvCeVh7bMy62
z`dpo>0ow4xE7dmXSf;3#D}${+bF)4t2*q4s7imem<-)r+cls(MHrcAiv5#`82)T%T
zHk#hQ6lQTApM;m~H<+pxvL+U&^}|j(HVV&e8X%4HTOS^k$A3w#t<#l={}r+R8ALtC
zWO&*CUG-0fcoq|41igP;PF*3|_wP_KWyCtl*xa`ChcfFsulIT<mG#U|4X~!#<j`sD
zT0^+Qz4-9em7d9E+<`cWJ`aOG6|@<}9%<S@XAno@snX^ht<|z+D7m#1l2%q%A5`Wr
zBl1ahjPg~P%@UPIZF!z4eom053ZmY8r0K;0AALC|s0<W^qE*<0jw2iIelEasV*~R3
z1jrzS4+s93AMMza@ri-tS{Wk7L5Lm7CP#+Cpja@_8aZN+i=4oZlu2ZXqDCZY8#!9~
zYWZ4?!axY4)^{XT=<>p6C)+rs=!d1_#)&pR{BYuX^+D-*;WZ_151S`!iK&eGyai3o
zfwd@xk>PjBt?LZ_Bg=5%-9LQs@5|HIY}}cGR)(%&=)f&}x`rQ-e{69{$ggHjWf>iS
zrtt@5_t#r@#5!MiE}w{Fs)JtWd7a@;T{xghBeheMkI2WSl7$Z9xYFHV4r;hl)qf5c
z9i3FcE8_fNW)#Wm;O@E8N26yYyV8ps1`%X%%&>n2NGvpQ_EhDBl}aX<bEm|f<2xuO
zTT+%RO@Z-v$y8z3dw5^@P{Y{FBw5L3(9z}cOKEz8_aG}B73onaaFF`<xt}B;(?x}q
z<}}1&XKc~aaIJCCxTZ5lX#pF2{TYqnq(+UjT+p&9a`it0_-};-e$E_zC+1b7U~rMV
zvPgq$5vf?jqoSA}J3yd=`;|MhhWme!_LgCBJxkl~Kfw|-!Ge?E?iSqLWpIbV-915r
zySu~S?(QC(!FABVT@QOd=XuZG@7MEvUA=l$cUP^huKwL7a`8QXdx*k1EcLPHHW<^7
zNK_GI(IriamQs{YNM@<yKZz|V;Tu{t$#?%#^?prO8O=j4Rl_cjedU?XX8r)VPo|6q
zd{W2K(l7E=X}vUbYt)&QbSjKS#vl!rC&0QSyoS;Q9bqQET$aW$9;)<MTP&K9IWGi~
zMZ#buzda4F&0iF)9gU#AX5#Jhzj5OAzc&`$Vj&-pue6&7H_^+hY#YqoDJe+r7QOo2
zp0ZAcU0QFR`$4W-i)|RI6AI}%zI_!EQ#x6y7DsW7?C44oHD<G{HV6-sjtGPM^XCti
z5Nzp;mu}-?o!MP|s)xXde?sCfqaW*w-+ad>J(kC*S?_r7j7_c8d7wH+zc<?1+sys?
zEp%#JNTWM$knhS<<<9uuH8anR*Z_47P#O;Gz4yuozZ^SXeeulI0EzV%O22R{hZ*J<
zNp>2|%RPklwxymLV}$~lzrRO+AU_+Cw%LCfy3Lv__#ACmDUfZb>pxeSKD1iZMUGt;
zU+bi<j<?q8HpstEI{3yq>_Lh+9hSu62k{=whrASHz*%eZaXGjXpZeL5_z|m5Ns)TS
z7pm5{uM;FK!#kac^?h#mg5zxV&GDqB!^3=rme&Xbxz6RY4_v$&SgZrD;|!c^fIDU3
ziGA3Jr&7D`C5ZEPuVbA@*p%v@@qtxW_K-xg86M7GVbawqeviQRsa-!gF)O|>+P0#X
zO=fnlWv0uFSnsFBJCEI1D#}PMe|fO{QKQ|DRGyezxC$KC>uK-D`w-q&&P-N$p0L|2
zoMY@MLqIbjr!H4mBd%Amsl0LrRGUAg`HNLmmh-r)V&}a|(t`FdZc;QFekZBC$*{!T
z)nvTi(2@hXgzIFU?UfOPQAZl``OfjR`wM792$;^RI=kr2@<L0%=On2xQ794>60txi
z6}*4`5TPJ-m?{P=Bk(<m>(=a$Hxg}XX@A+q(4bY=8kQFdQ}-Phx8uxnkI)@sQLoDC
z!Pm!(1-IZ6exzt*e2kmeVuNpz8nTTowS8AZR6|8nXpIvvBOY0p(c1Q$O&bM65f2v{
zNWuJGNVxR>9}c7cEU8GTu_c3&KVqgL6UNLqgJ#V@TQkE36j?K5>ZIiMZ7a+ZU~5^x
zVjEL#YcLTE`*}ivZmr+nF5IJVRKzvdM}3o1li2j}8;=IIWU+B@BwZZcb7RWBTMBMm
zk@9Rz0e@vpBVA~0YA;N&2@BgwFm7hr4EOqdL15_$`wTCIQ7qXTpge<_Eda^W^ZXR+
zdA@<nl;=oO6SJ7x(14-R%!Ne$SeBD8Q!0s$!T5QVn+7wHph?<A&flo7w={sIxxf#x
z6gA*+ndvP{Pg*1^Ua&b<>Nwu{Fk9$tA?i%!CoxliJK3PRlZ?BOUP|-4EbX_s0c2TV
zP+tFJ@Ud#L>cvcmVJlIxO!C^tt`!c|%eiC+h6}Jcls%s;-ufMeS*EXgVWAl(TZLPk
zo8PQc@CYqf-uC9RLQr6|5Oqttpv5Z#q3|COY<KR6z~XOPgYgWtGsS%f7AmTKykCZo
z*&<QZ?yDmP#4a-?|NaSh*KUq-QR96PgL4{VWAOowUy$MV{sm=bYfBW&(wm4!N~E$j
zrKtA-CWrmmvG7I$CueG5sWtge1^Cimae=6dOJ~t(FgA_pxC^rr72<)#fB`V(lP|<B
z{3#t%3yxlAdShUi0OK}*8;nV}P7uZY1QfObGW(1=1Ld`b>jQs}oRAb(3y_MV6|00{
z)PYC3XR9EnXC~{9n;2QT=U;I)hv{}B${4nGb2A-M)dUB&owr<031!&~uiVc$yt|0X
zEgQEknwR(>MQJw8eCrU+F~nPg50udza1@>6b4^*>>7{zY9&iM#C+>JMv`aO0Z1ZBp
z##4~X8E(C-SNLf9%dew{;};S{B2ALJPnv(jKBvz{%7Bm0H3F`Q-)l78DXt(qv+lqi
zwsLIN$`hgtdm)7O$s~+f+S~6h3PfWlvbzn`XXp2;hxap=2M*WF1a?s@g(WRrVUeqy
z#g4OU4C@(Op-n@6LtY%L*y<E73eCTCy3#Y{RM%{9c<W;<@PX5>!=&c>YZVn?pW9Xf
zW^IMwRO<p7B{HTan&92-M%na;Ig#S$gLx8${s>%u2v3ia$Q~k0!hC%hbf(~aW#<V0
zT-SvnGDRfTy*QJ%ib#PmXZw!-`N^s{j!nQIkSX6B%v|g;gc38GEo0jn(9L6aIo)q|
zKW_a_4pL&ehn2TH8(3XU9p^80oSa^9cbaiuU_6*?@oP_t^6;JUirj8DO!x4c;R5*a
z#0cnleSR4StP<VX3Ta@VR((r$sruDs)N|-!+{96FXocdkdqQg~`miX<?`=bn&7&eY
zan`$O95tlh8WcHEnkNTjRV(W<fQ+LtrH*T?rXus+Ax;vkVh?RSQj-RLc}om3C_9ZX
zpMP1j{SU+lSH#>rxrW~H?oqDh^#~INL)rerA$faUa}wzlq4QC~U;_ijP2nCJ=6#E)
z`!D2TT*}aZVFt768Zv1iJ(_Q57c<MI)vhk&Xg)f9bBWZ~k`0@oL-)?MKeI!i&km|F
zzK6j2N2*y!!ue?iB4VvIL8kEvDL%-ucG^r3p88dprg(9-)Q@J-`EIizol0B3w@!av
zXyu<f)a%$YRr8X_%Zqkpy*E(8oGR_UOD!i>!kk7c`QRT^-z?r<xiU7M&KJ5Syhw{V
zHgk>oOsJy0wi>2xvAHqa+cQN(vCkiT_`(<~PAdAy^98d)*>FM=GB8s~86xXpJPW_A
zz5U@ZUDRleLErZ{)lZLd2jUrl;L%i4|LgIZEhRSWar&*_<n!LsKZCB8TYegA(9E+B
zBrGm98>v#PwF6ceShtot9@U6|z5Ax)Q9R9;b6)~x=~Lpktrk?z@5^bjo(D%aqR?WO
z=h&pB^U9}C951B!FRkI<6=)pJ%DLCIQiYr9F;_z@WFbT3U4U+Ao&DoKoE5^6?XA3n
z?Rc4K%|fbn(l_N)2As681Qf0N;O6@DO#V`e421f|vvt*zR~=6jfq+}S5GO+)n9mb}
zO7vVE{LlPou1>R`_mLq^{nUO1S25Fboc+w07#vN}2HoLnMwY&$Plr4Z;9$1l4?dT>
zpBbqU?KeN*EnQh)P*uBC><R98IX<Neph#Sqdmu*btPedIT>`gjKE9tL-M(<$4K_xU
zlu}mGF6mI;lZ2<f6$SS}`wKYWG6-`&itBk&`pB1&7U60TQU`i-1fvm$9?9F$OvMd2
zsIN|a?~_XNyECZtXPwL1GSd;d%QgENN-kt`nk`@|pfaVFQ40O}xQc(soEIG290i8-
z5?|+Xpl+t5L|#K)w~=S|{;0IHTz#EekeF7iURt|{`LOCbW=kCC%AM^<I)&0gkS>6K
zSGfZ+QlK^%*B^2MQ44xHwM|s2wnlS>EObQY7V!rIsZyY*&$(>lAjEaLM?x=ts8^<-
zt_ZS-QVmxJ>_>i`#-thi^mE|tRxbk4{_Z1=lx~l;(<V}|qytCO><L-%lRbmQT4uZz
z2^kxcrnURC&_|-<%1*ACR>xZxH0BfkPr(C1OzbF_Sn8gf4DAm;qN+d=b<I*TNZYF7
zmx~uK%y29pm{t(E-t3|sK%{?+7p<+Z+)9WSJI*ns>}d1^m23)Jc;jSj8FmYfKBeUv
zIeFEHeY-lSqv1%#pxrd*OgMh6qIHSI9(+B2j`(j)QD1D(gzQ-*f3VwajFIwRUBo^u
zbtW&Lh&b`c${$D{s&GR-JGTY>nu^+hA35)-xHyn>V9G0w?yMk8!GftuDp>T#10)WF
z_Orz$Hh9-Ch+7&W+I+;ubLloL^r?j55Y^C4G>~jWd9uBGz!DocY}|G$Tara&NKVYz
z2!1~zjN3D8T+Uo|6QzNvr7J=FQqP=57T$DXa2qTxZ#_#ODUau_ycWSv61k2G(UmD|
zl-=oT;n8SpPslXPthZ*oi;yi2;T(ByB`kyCl!rt#8{*08jlG>{$WI$dG?#*#CO=(-
z2TTAFxas_1ZS}bQT!a@KAQZsD^viuF=SS(6%hZb_rAB~N36MuG8m>vK$6EQ~0Se12
zM_th8g_&S-4B-YQ_LP#&a<#<cCx7n#&Q30RxbSIbAy{)oKoC?$9bdC%wcr0L^k}le
zL=E35{H^0#kf#2EWI*f;ThBSu^^Q6pp!<}CwYn_b)`J7vCiLndip+`>Ua7C!7GRNV
zxs?I{v=*gaEGK01(rdA=NJ&kQk-NO1u&(eGn0iP)_4vp(e>|iwfHuU$#oqW>0=rG_
z-f5|8SM&7NDypmue%uUxDkZa$9JRI==p2h&xXTnU+D-;|1A%M!B#ZdVJ2&$CwzSVQ
z*zKj7Cz^eeUDO%`dMu9G&&Oygs@4nwnhbAQE19WJ<@DuRC$KY4p9;>pB+GabdG9(A
zMA*Tfc6TwB>OQ=i=k=Q4nLeq^ptj|cY0IaE>wWB7bvX`ii=X$t_k#H)*gCJsx2LyR
zPbm&?EW>CgZEJ^9IX6UA4KeX&Yc|9@JsCRwPxTX0p6Lrub~3eDYO|0!nj;hYA%cuw
zMlR^%_NQuD|G}_&rwQFcTvIGC>bERV1xqQgqGv_hnWbEGM2yeIs|13Dlcv^ZbT0q5
z7C>AttnjA>$bh4)xdPEN7B<o$Q$vkZMh4v)ExBg9?ea|D5{E5KHYGmiP*CP-_0}Lp
zauBRqxh2)0^2HMM@go%te^=zKZ(^z`bFV`Ob(Sf|G{cb8an9a9+xCbLxUS+2wcEC~
z;bZSGn4)Kcj<5mI@8+Z?e9hfeS##73QC}UF57Kw~=aqNj@Jz{X#&vc3YPWH;k6lKO
z(91uG$aDSfJfqc0lC7?wlkS+8UbG&&!*x}vULtTFt<JNPuWr#Yt}e5<v}7_M-!QX1
zE%qM)k_;3m;>ypM<Jf<3>h+WH_1<hs1<|-a1EQ`qac3qBqD_6V;2I9I-z-8~(UYpQ
zq%yyL=UEHEt1=xM^^o;^QMrD`;HqVUSy3ReaNwFH6&ru^Butx<upEx2)|)6QbV^~l
zARQ-E*uU2Uha5`$M{xfa`|SAr7_km?5-Z$t2z=7J0A&xC*Ymban^%e|937w{nV}*(
z%D-k&XDX=)TX0w-;J`BdwUEUr0S0xbr>e>!GL-p){Pa12a8>Gi2mqM1aOr5&(q{*E
z#8RF+^|avf+|E+HI<=loby*oDRDNVjoG+0_<`fvVWu-xj#|btin^h{b;3LNwp2a?g
z%<+4xUS3|#OP@E?z;!lb9JPVGQ|<V*qD@6XD+bjMvPB(Hr89F1JHPTLy5vIW2ui8s
z?5a0N>9zVstBTIEJ;ZQ;NS3v+ttmm{@}v*5DYFL|r;wb*zu0do^@E52?+1qLN?IXS
zO=k2PQ4)@2G_LTnN$zw8ArBV8|ASQfH{5CtvoPp$7)^@Y-<ZGVvZoPDcw`vdTg^h-
zIW*>@F~{mcPRkY>J<(ofio@p8wBAfxtnrpVb`?v?<P~+Q;vr9+)q|38HtgJ`E!YG}
z#NXmoFcq=jT%x-Ze}hsaYpCZIDN3!`KDDHea-!p@%{xdNZ`>`KC@VS#*y~8FX!--c
zSj?4Jt>=^=>NSOmieyZ%JHQu!@4^zvH98uz#L^O<6ehQt31}(cT<OA$mGC>!R%zKL
zM%VP+CTM({aPxl*-fCr<(4?f%vPQs)VM!TbW2EY_epyiv3K0n9ApE!>XeFNE!k!sj
z{+&S1Ajjw~cz9%tbZx(XwRaY7`)=UGYDy|uS1vk^hNK2I*s}LfinPfE)q)yzZsSk{
z<6jo~KkK)DYQ%^I!=5TZ?53!GoJNBV5%&Yq#U2VBP1Fp#d2gC*wW|z0QW$#%E`ri;
z&^DUK!Csl^;H4I%!G(#dFU%4runZrpR2Cn*Pd@MaJ&0O^4&dop&FTQ)JEJcnEsOq^
z4Tm1-fL&F(welwwV`b@LMGemq&6gKlDswPJe8+Z07Kl|gAfLPd(9^}->SH%#X>D~d
zQd9wVpX_}F47o8_fHu#UM(S1TJXK({dD<+F0VNgIChN=MjplMHp=x!)WsMBnbmd0N
z+jyRE0lQvuR5%C0{sY!u<c<zn{XsbW7~GyBFm;RKOY1rDb#)FLtfjUXNsgJV@R`lJ
zL$!C;R`H3h6|2rVU$&qRYS*8NW+ttKnVo4G=gv<DVN*TyxZzY?#XxToQk!>Q6enDj
zuMj0CXzv@+NqqA$>*DL*xBONwR!yS+Y1F{`4#nyfXuTZg#d@oB)>BDr<BxBYDCg6S
zk;$FmG7tL_E7afvvIN=cBD$zk#h*DiP+ON~7zXj1o9f*<?$<LY7wM%<;58Xi6XmCR
z6bIc&KSoo^_yOU4+tQ2<8w3n~TBECAOZWniYLZy0Zd`$J6PrA}{T7>0pHLM1!MMKO
zC@Gd&v#VT}8Wq(iM^7}gHBWflhQgH3vrTork@3PIlaHgYEBQ2VlbLO0?(Mel4Rx0z
zdD5qmVz}smP%MW9PAU_22_md`X@Fh~(xd3Z)3c*39g>qOExs?Cr89mX0<1;)JDORH
zJ-VwaQmulH4KSdgn<}W}DzjlzJ44YYK03-YCATpNlEvra4m59CWd2kyy|vwm!h0`=
z)ztpg(A^4u(mbO@+ep=YZPnT2mu&i_F+8-|s1=fCb?WrLGzAnXcW4_<Y+%o(4pM*<
z8WnZ(JC<_e!}~o(WSFw~unFMPTG9P~l7F8auM5N-Op*J}fQnWKM0G-B1jaJ?sYKAV
z`YUz`e3#6lG%g-z+5m2Mb11WMO^JyIR{b*BhT5^lM^yL**H}o?bWhorN}1YP@%(9^
znMo6-7Ecd`<22(`l*~MJRoGVtE}W%7slV%(QEcc^jcOF#`zGf2l>Eg(5y+H$0W>b`
zQb_<y>rm=?8|dC@C;#%JY<&j7!uRDE1FH(*wniev0BqSX|9R7VnaWIF@{z|&GMO^A
zUTh@FTZO%uSN_^H3e|z{UuCK*gef}`L-cSt=$>#z=#xxT)FPltLGN1z&AE4sks@AD
zLQcFM*j4xgk1h+{5{Xojnz?m&ne%Z>uSI4CnGs?Tln?WsPNM>NsayeDPi6&T=MYm{
z-uJ?ppA<(&>R9HC>;PNlx<tiS>QPn5*A|eB48lvwxiEd-5YcPQyyeJ@+>-(<9Nx3=
zWz3KK2Bn#=jgIA5(^3osPMHm6&uIc;3$$wf)<veXk&gs3?Lye0W*q4wla4c_a3D}T
z9fM3QGw5$kNA_{Fe7;>PN*&^XR2VHrKObsvy~`FeE!8g~h4*g^$O$k;)M-YYweB1R
zsg)sjZ77I{z{nTJUy5@9jpz%%W@^K8H@n0fFWTn+Yvli!u!I&_H0v<5>oJ08Xj72>
z!;|^?2HWPqfR-^!`k4MArvXDwvGZAxVSLV@6D!VXNnvZ6!G<_E6DzqM^k9gKhuek(
zXWGKRnh#M#CBEDfw9)7667$w)t&`A-CcERY#!KI|(yfd}?q%7BQ<szJT>`P2jIhH4
z`L6LP<z$`HSe>}rJU5ajdgSy8%6dzGZG7hdez9vy{+(y=_?tylOsMeizNvo0j|aXj
zs<ib?<LH+~6*MH?N13m!g2oNm6@4Dr(^Qhe{6D_nUtam*SXmWrmI(hA`QE3iB?vn4
zd$^;xhHBzN4__ng)9I`-pCuBjur}RUm&K3Gr;VdmJLu9zC&El)(o^G^?-KzA*ST?R
zb{C-ru7LOR+Y0m21~cDkF?Yk4do`}A;~rDS|6DEq<FhV~f3CtT{#R7^cTd_Vf9wBW
zy?f_Ij!SK-|Cg`(S13VsLcf2fhW_`{fBG_DegAJB@t19;|NqTCEZY8hf2~8wVe4zW
zUKJH$SRO&%!hgSBpv&iDSFqtT9`s*N;&2gklE#gYsT9fPf<TCBeE0p>t(7}>Pe1n(
zRH`-T1VoVjtEYcN?9?~a7hQ~MQpWAk--ji@S$D{U<z;zdiBWfvnudmihbR5{`8fdb
z6)(7_NG_d<hK8HYfAzm?&@T`CM@@}6Rra8j;oqiwx-ovwSk1gMVF-C#3q(Rt5pFtw
zIPie7#F?3y>>3w=s9bjCc3YGcj1Sx{<AXNL7x`T^kz`vl^yO<r<ZU8eGpm3({rh79
z&8~pNGMV#THxhvZE;3U*Pye*-32Q2u8IX^*u<da)aXt))NlJHwV!@W?2k>UPNJN5#
zuj@r~J2>|%1Gu|24ptM2=$piG97?l5w=77~fReck`v8p|wT<9P)aIzpos>5W;niu}
z80=#R#?CkCla@yJUB;@1FmcV__I)Q}FzZ{cSi0hlOFn{7M%Nm~n3o%kJ))eH*!Iu1
z(ylqar1+kqagx6G0JxB3zUyW!(rx(QA>f9ZCS<&a4X`O8EvtsHV8HKsvAYl%{%cXP
z-t)*#?!HWT-*W5ZE%ARC&0VmpY-`_>os<4G$NINwUn@pTgw^H)5LM4Iro9bbSefD+
zK(6IxU^m(&Rb>$!7_;x`{tSEvGYlBXdw<vTIE_{wHbdLoJ6^f6e2=1?k)8wbr^N&3
ziTV3%Flbs%Lc3U6&9E2rFJq2Ak0vYZo#In4Z~j(qzFKM*QL!yg3p$J3$+F;f<GuZd
z5<A$}lj$%72XFqEe=pT9!ff!8sWb?t`DA%z_$1@fY2JPKpoTk14u7a3zE|gMiEHv`
zTc92b2hU}tYdcnksK9VMfY)uYhF}}dS5FJBPTw;oWWg2kFjSQ<(fG7z`_<q}*~)0W
z11AeLZ`jb_T7NFTbr)Sgm>R3cdGNOb?=ck}H%m_6Wh#6!Qu6WCXM!CHZ?UDl{LKVy
zk8OY7F2POC-Z1L7&D&DoDUKW3P(9jdThe5ewDHPGa`R4ZgU<Q$P6n71f2C@zKwmY&
z=8Do`g*_hk@(zY~(e)_`@4lOM)uE&_|9}4t|LAvDKB0&7$$7so>+Pl<!SID@6Nu>R
z&n*G(wifjCvG6tI*j7B*9{C8a<BtsdJLZ?(2t3ECl<mgk*?zTw-QBU*HW>ZDj{|X|
zIZjn%m{UK7UNDFklnHik1R{^UmALoZncwgPJ|Gj)m*x_WCM;t!5(a0DM0&sn;Z|n5
z0n+sb7VX-5y{tr@FK&6bYJGkQ4!=4rxDUT?acvMHA&-I?S*erR6-4x@WTh_=)Uzm=
z=DJ_61Rm1tt0_gIY3@UN`qsi1rr8KlJ+4sd%?Yg_e!aE!F{B|xVvr9U%hqVj=GSVl
z+crNFLM9{w!R_YQtZoJNm*<@(1<%TcLNK~AL}^q1h~yhV)!T0`WqCyy_KR4bHeCt~
zAA<N-(<Z+`|7J6U{4qSS-l&=trl0P9^k99cqzn2zL@YKrbyqXXvLlgUHL;<TM)&mn
z-)8N9gY9EtiYOZMR#RHSMO|qjEVO7_f6mtDW?kPJWJ;@K!V-I!FzI-tZ#-PQT=D#_
z`|i}ZkPkvVljMCO+J^jOYj31hUx#ZjO$rRuP)M-SQ{JY%o}WseO2a^_7a_*O_C(|D
zDgl>!#LQa{7Rd5v3RTbF{|OtANX{3Z-cxiItcla(3RFQt6Eo~03<JyCHs$WRKEct<
zS}oN!ew0Z!{^?+^aOqoP09GhYAvAF&8r016gC;$za&K+#wclOW^-HYFb&25Izx*Wc
z9T@jLvsjOeE>L-cL3yT0A@t=&<B1pXS&A_KsjuLXc%khz+hrH6&vfoZMP5p~A!L!C
zy%S9!o89ZW<aeg-(S-{?GDrjIxZ<))iq3hd*8lOpl-he@;~a7nBdGw<tGcwXkAQgp
ziM&&cYgV?%8Jqd`D>*`a03Pyja*qdJh6Wy9N?ne>)baK~scq$<o!NxH7JzG2=O>#e
zWa`$t>vs`uKl(<Kz8cmE5U#E?D5uacM)H8ok_~~Q$5yR|L!#J4mlBUv^5ljkTx`Jb
zb?bXc)?A6g$<ufnh>FYl2u&Vyx`8Vkn0zUo7*x|YdysN@%t&R@kKx@^kns5!MV^l)
zlC;)ZKp(ri@7KTM-JbxXFW^fo#tx?VV1Tjv{qOMij6>h*v+)=c_e`lVKJT(mMEX62
zKJwAz;o2-SC4LE2mG}j$6!TDNc?k*nEE8DgUPP!Jl@=76Qwd7B!RJuc(i9t6h_qfZ
zr@)b>T(c{(m7r#C9vQthRAD<RqbZ448AjG9Ei1`sWd1#pDy&8ItFK&1T~l677beZ9
z@0&FFW=%c~V$Q6FijZc5I1?pGaauuRUSL@3y`GO+wdb=*;Kz5yaBxyiXJZ^F&2t-1
zBZIo22;N@nu4}zImoii}Sw(3@P*}aXjqgAU$!QAty-q%96l95K#2q#u^qoEtGX#$G
zYi?fq$G${y%P@@DNyJF98!YmKp$rqC``=!*ghdfc&riwo^<}H>B7})*^P+iDiuBFO
z9|J$?(OJ%J;2+VHmRFLdF)@Kx3yOm5SH@4$zYKgQD$Q*-#~|OLl2RdG;j|T%QlO;g
z`!!*bLzzDZ04S>vlUq=w*f99#ekW=xY~c+szd;SNqJK}u{ZUs}BxJ{sRv0kmY&wV0
zFRrPK3p-+}352J>r!GB&U0Z<cfG<5j<anjjRXL46f-6(1TYU-;eBKkD)2+(Vz3{*1
z*xETTv<fnyi4NYmUo4HW64}3^2Y*gx6dgVrw0!I&5(!t)SCJBv3oOXpJP$r^L$;(L
z<r1;DClt62*!VuJC}C>KelsoVBrx--*(L?Gm6%#lzrQFFAKaObIoep~u*TinDXaBh
zBWgKXI!{m#@_fRL5~l>B84X?WFL-dx5`ov^6*l$2+8V@3v3Bop&`K+@KKP7hSyobl
z8vhrI4i)XULCym&v!v)T6=T^D(I*3$IVC+TiqNpW9ZF2e9w1=axWRg*K6YZoO;HFp
zowK}8bDy+K?MsNoM))k>5hvS`bkkRk_JShzOskqSBkAJ_Sbw6pEgH}f-ZU0#mLQ%`
zHjL9%GoEM0<B>Ft6~5$wfi3?KlufzQ6y~_;B&UcaJQ9C#M=JP}DR8HO8pks(I1Q1;
zilpDUnybAa_#>AM&&CzJR{L+zC{1rH72bP_J6dr#+PEp)=AGbET9F6hmX%enZfWn|
zdGz&c8|ps0d1c=@zyI{8Qmr{xG`CHT57to?_aPBCy#R1nD~^m?25lHF@AFw7NEzKU
zr~(#ea26G1Ie1^c{Klk&yy%o2jfh*)(w0_6=iwp(BoHkuKAaS-jYX-b>xt^>l1hy?
z!<5QptG9I$v*m5k(3JIxV&H{=gE_yDY`U;@AY8+`sO`;Jx+-@7EXT$y`o**WH1ezm
zBUJ2ISaYIA2PyXMFYoi!y66nw*4)98cB~YYGtaPh>jqt*JM}I&7sIZku(mchSYy_#
zaOE4>!JUB;N?gsS`9!rj_Wr+0H7x-JLCV$XSl!>1^o5kf`~^L~kR+-u92MMGB-m;W
z716IySy34u2fH-SdYhQR)ue0l@86hYJTB9Ktd8GtM-*i+RRVuDpgE;wUY#4|HI}1R
z`OV5sk}lfX_p9s0#bi5?a{x7EZDJADC6{&X3a>RhCN{idnv#-o@-((;?he?14?6Td
zfd6;X<m=liFXEFhFjkh*O4r+K8Tn@&^AmJsVXV~W<MnX85Aiu0G6@#D?0t0tE($Pe
zvM$z!{jZTjlCR2mz?HGHH8iITe_SduZJCR_bz$4*w+KaPjgRins>xDgp$Z{U*7N3y
zh$H;%dRwB8jcb*~?3qWGOxeELBfBULVLR~HA&E{=(mSh_L?;KTi2&wPC<}iH%*vz;
zUR`KUhySXV>?b=UIVR^!n+>e1;^^b0w7@m>vN7b==EFIiC`r2q5-^kVs0_*YnxS!o
zD-{By`yfr8D~`;9Wy>io?eq)>etHmgfc=ZqtJXuMFAv$jBMSjCX%EDMRf9m@c)ZZ;
zFYQp5M75xjYDOs`*H$@3>f;T@ct%(34o{F`<K)&BPqrYgBR^kx`hzt@-I}g~++xCH
znEIRJMaqu3Rhh}{O0?5P9jiuDLm+hL6q0_o%xpa#x#}1d-E`U>%4sxoe$ARZ&0d%^
zmEDp)1TbTE)%auTWOi{=E7w2M>a=yU=;S;KzwTqqQkPtrU(h2}g~6~jNUM-9l7<xj
z71Ab!=Ctpmro+GWBWkLAzwaCI=EHl-M-sfsJ&k$do;vQ7eqA>t-0(T>d&Td+C!#=x
zWoh2ew-LhP`tH=l#4GWtW@7@>$Q`j2NWgQ*an(gOTp<nzCz$Y&sYC=OcK5Uk)df#F
znRPF6(PKZ~BSFI1zJS$!4y@yS`q?CSpY`<A3p@jbC+dV?I(Eo)nM9g@J>$QoT#ty@
zoPH8lzCO)geasE*dVSH8r$RP3kg^O1T#oQmu^#ROVM;hFt~&EUylvaJbe3D$EIB6j
zDi-z4E|beXOT?E@KM=S<#B}VJV|O2|z2Lt_;P51Q4+{|C4%I&#FI6Tu%@$1^FuzyP
zweERql@-!GyCd2uq>Vm9U2s~Xwk-#yi!(-2rb*3{kA&6Y=zN}RPkkx7$(vlwUXgY@
z++;rZ`CbZ562^qPOnoh=asOKNb|tp{=Exqa;a_lCv{Hi9ayz4Pm;kZ;@e=cUL1VyQ
zVPmUdvAEV!g3v*C2z;e_+Garq!-|5f&>CGvG1PpuMTxUEGSWDey|rDO<hX3Ao=4{$
zuJEm@uz*C~^KDwkYl0YO;b$N&Q@wa2UB;wURr_fD!+-{#?`7+Cz8gZM0%e6+KTNdK
z%ir;&N!V@n^!w|I#Z;~bna1G!oFYZ{)l?nN9*gVo8z`dkYm;xYXXYs1VrI10h(L?o
zGaL3dn;#Dg`Iz*t-=GSesY8?2eUyyr16GL==XYLJ`PCLPyjl+|SuIbf9Il<QAq)b)
z>5_%oI|B!@Wlf%GiEDCcLf0_z#$r0Tn&x9xcX*?eIwAP$z8)WEldSXjL0gjan@diN
zhT|7LBaX+I^jZBCZnDM41N*UUP^6+s-JYmRrp_qR=EujepN$d}E@i;Wd!L;LZ-=id
z@pcaS(?*xend58kw_Egt7JWZT!PhL?$hMwYQw&Y+Zc*A6)s_7wKU*ErjjzZMaK%{>
z@JRkS)}#n1o;B<z*YTSNUyohn9Yk8E-hFt>x<}2XW269Cr0}k_Jie~roM=u3A`owG
zI02M&x)QrqYhwU}PfWL2AwMf4g~6kY4~w)IDK+N!v4O$t6-fDmI-?$>UU86G!SW<5
z{muc_Dp^xqCBBP-VA?jyeO(`{VwBTgLwN>d#tG#wX`xeH{SrtVvGpyV8xF-byo1s@
zvf06Hi=J_<+w<O+x3KHBzHgRk!qvL^lkErI@&p=xSoOxozn$$8s{m>|b*We0TzNL?
zq1_K|Zvjr8aChFq;J@Zn+I=BayhHf<bon%(e8a+*n5*Wa=={U^(b;W`9?#k&wd{^D
ztGBdX&UBE}5q#yl5aR7QlpwLoshEpgrubr&vo5908AeQv8yb??ceAJ`xdGs(qhU*`
z-0Vos+R9{HRGP+-=o8yIziPgXE}kY|2|#BsT4rs!)Y3#_INCQIMPjU;_MnSyzx*yT
zvt53_?L*Q2$PnJB7XMdurWM(Ayzm=ytr<T<xIa;q+3dE${r<grN?R^s-|3I4u`ixn
zP17;fxyD`*E*VEQv?&j#$L)N^)O#qOG3SM*;)fhxOwIm|Dow<dVz^&SL~CeHf09B`
zf4}MPJ+GF*`yH)V%4}?3!C@j^o9iZRmMZ-bxoW)L@j~rIqv0MuX?(5ccByUEYt4wI
zEfVr}+WM!nh1x5s$uMW2&syu5`pxr&9zw@R68zitR@r^7<$3D_;{eR?M=g}SW8*YK
zC|YJ{GxLsw(OYl4=B{&6q!`O+#V*Vah8{4K2DZCc6`-sur}DQw(3ov?Sl?4;@znUn
z%R`LK9QRKC>)AEqH@!SD#a!etLd9k}dY1Y5bpOG`%XhmL>3@<oe*%mT0%?y@*zyCD
zIVl_vY_4ssNGD)T8$KshmYXaLeo`k+9<U(HY@R?2HdL&kA1_A?GLD+q4qj(?mjuP@
zqtn43NZsFusIU$<(5A>K+Bar9DcZkfj8r2BJf{5SIoRz*1=3xR)hz~kcmSD|;ztYD
z_}&GYdcYv)e8f{uAUF~`ipt)pNWZWi(ARa<D#2-9ZewC2=3j38t&fFHPA0pQrec=v
zc~dR?!^L}WYmmBJX~o5Sd_5Y6HpaiE%jKIY>Z^=dsf?Bke|DHq5>l?nSt`FK%oqxP
z>9$n!TdeaD`uHy?qW+#~TFnLnn30Iz$Oi=d%iDc+G@TqlnDDyZ?Y2lYqIM_2;`P2f
zS4Hg#a#iaD4j0e}xl*$c$}^U&hc0Ccl=HuEJ~;N5SgT;1tsb*|rgKmmE^9S?=^=QD
znsgc`mt#h9miH$N{etA-bM*aR7lJ<d&M;$nttp<VXtQViQxgD?M)M_VXJPtV-No!8
z&fQsY>ff3eFZr{mA!IEQX&)OtX1SrbxH0DaHL0zVBB}`NGNbjj9rssOd`coe<cb%H
zUi_}jz2Yq32cMSvg|QL0h3fNssrHNEd~@pP%b|R&hI8YY9M_j(UWYfB@w)4+46CXf
zecGUg4e#-gx73lS_reSe_mS2KS)bFh_SW%{b0<4P$q-Bq#<WT8H_wP-Ig3>{Lv2q?
zlgo<}I}N`{`*&!tEY6&r-thid*$7WvjCFCMO{n<M(f6b|=J)Y^-yB~oKBYFZ^~9P*
z?p=1;REv+6{wXq0M=>(pxL9r;N>u`fDH)&TsaN(MX`WpT-gkYyDsURJ&^<q4M)@o4
zxoF({==*I!n|NE~jhfdU>aYt0#u}p3-DmDM?}uszMsX#Ty)h+tYm*}hJfNL*oPQ@r
zkw5J?GH1!m8Nx4F>I|5ou*;pBiNz4VE>7H-7Us@_O&l}3QY%f~VQ7hbg(@#`?9&f+
zU6V1Ixa~3;dv4W~cy;}`95}li7O66Prv>0w5&WX8jkOEIw4P|g3x&6|Bo$3}Ld4Y~
z6~hOdUm#>N=iJrk2poCSV9W0ZeP+C>rwoa@%ap0q&3`v^#M4!Fs?E_<5U0M>lx$)H
zk{Q#Uz<V}?C6N@JUf`&7X!QQ5!GV`AU+IU+=Kt0L#C7HmI(k&;SOTVuX7G1B*dSZe
z+Vc5{W>wjRPlq9E*7?vFq!zK8t9$5_F`fs?qCU$XXFqJ}Tc&p`sIE`o?rF3;9(>K9
z=Mlc~0S->6R??JrY8$Z+n%$dI%R}o2SoD>5H2GcXE0hG(io84@)mnk%elv1G7tsj3
zZrGm%e={DDuw%XeODJag?S*}{>6TP%vcP36_U*n9i848X=7&~fj)XJHZV@w@&OoM;
zr#qovD%-^dZtkJuY>~US0=mM*YyvIRw=gMu<}v0a?^C~;7AxW1wT`8s$fj@QDpb|A
z_|%6-)~#;`ab`oniagvp0>~0z5<T|=JMTTNFoAVXb|`N{c}iC*W*M%Z9^>GuJqF5h
zUprtrMB5HuWIyA}Auh02+w5w4XR2mq;rBGBj(BncJhsm@d==jV73l28AgWDBg(a<1
zmu_gw6_qW{3Zb7fM!Y`3RNamqDd!n#Fr=+?rSnfRv1iO(qnXobq8rQijmbtkvx`>*
z;<}RI{v6_yN}+m3!uafG*0&7Zsm;1UmPQ3DD(xPL_}2+mKd|WYx&)V*AhyV48@|(~
z9Fd2^hrX(gAeE>6_|$ZNi)^7tm3Cj;a865PA}1IaME?ZF)ZRLbtepoz3N$?*-a{|_
zReZdLWB#4ekinY5KJcpj8`H;7Xt|D7P@j>og|Fy$z1o=4+1%>8&{bzoniZge(ev2U
zg@)FLohrU0wq)Vy%a(E~PS)#Z`~&sPV)q`CEbl{2z2Wh_*YFVZf9f^(#K!pdp_ja?
zHVDk+K5oi{pBpEALMXGcqbmCBZJWyls8NpZ4<gmwFQ;)jLu}2=@xNh>nOzRAMb|E@
zWHWQ>ODqcdo9g@a&K+*l)>sN4!QtTDtbDs#hH<+%g<wYU9!BeMG7+oDeN`)>vj)i<
zPXIeJJJ9X2SzC^WPr1svjAyQ<m`_VFm$6o5vsE!XNu*s4fe>%5P<tErp^UjmBA8%@
z-s<1&`dwj%7qP3ie#x^xcS#xNTc)^Ag1?###g+0tZ@MpdAvnBdGvqVr8eX+Wr{2F_
zt*WC#s@~j~*Jf3j(C5BY?OctV#hS?({$*Y}$l6~yD~IZu3F+dFb?OEJ>`6Eypi)dV
ziPVgIV@^AIBy~`IF8;2=i*$Dz>MMZ^|Ct)3{Z*zkK_h(q_BY1YmtlR$<w1vuk|-{}
zmk8khM8Riy95TE-?+X{|sj7J#X14g67ax;W)wH-4a&TvEni)UMPHAeP$)h6|_YfjH
znK3-G>dY#32B4vo&KYkT9#9<mYp8!xMkqeBgJ}2-SA)*^H0!;VUCtsMOT<hv#FFTB
z5fxZrvzZV@<d_LR5=^DfKxHOBH`q{Y;^f`gVIh7t$sU>>3@5@`&0Rqtz!X5++S-Zc
zdAe#Qpo2<F`e^2$xs~;;Z`4nr@S2wS&j5P)GB)}4;<Q`aS$>+_iI3Icopi9!zp|z{
zo+-6)R3^Y!+lMX8A<&pyH&7y+d^$2yDb12(U0%m|01MgnxUWEPBa5(RPH%)Y-mLZ_
zLhpLQLZZ0Q!ky5z_KIh=!pbWH_+4qih)<kN@QwMK<9aN#hB`n}!P@u`x>JgCPUlDH
z#a+P%gl}Z8F?yvR*R9P8#%MdaB9(05lAJn|<(8w?4DZYw&f8PFCU&CCM`-9RnrAr+
z`0Nc>3-BWD3he<iV2Tu5waHp8=#NF9y<e-0tr%W?S}Xwc<x!t8QO;zRz4|il-%a-B
zQC%Oe1uPUPS9*G^O%hV;ofFx4=dvD6H8~u1^IC(1&rabAR4aCVTM*Yl%6SfWO3-qn
z&6w=us9!FX?MuIM&}9q(mK{wuTsMkc*QvqXgC1vBkS6vF`;~YdH%ImMg|(=Zuf`7v
ze#|Z^9O}I8Jd|#zh5$@YSKENb8y3CHORW9OrBGBa*+YPX`>cijQt0ZhZ*G=Ex~(qc
zvsUDdFEXz$w?kY}t^QtTydnO-u;32n>%Ms`;J27vib68j{!9~|{F3Kw{cR5E;PrgN
ztw)36!+uc2WbHXEcCf4ZQt@7)nj@jjW7U;1G!AD~%2$k#<)fEc;C<{#bEM35w>!(_
zX+TRb`VTxgIu+=1+!pp!VW82#hQ%lK2tp~4?vM2b`p3ox-d1Z={CDCm5B+$Y1xBjM
zd}7(q+R%d!3zIQZj-7h#4GBZG#=KFBfnwV!D~0TuXf!R+Zc#kX4h!u8A5VO#&EB$l
zarI_9hQ++$S#}})ov{JQ`w2KxI<GT>xg4nPLn`!OCZDJDmmdDZZ`YG`vH-~kc>Z*5
zjE-}X)7Bjp&jKE$=|i=Y@J<&(MtnIN&TV$Or)L3gwXDg#yS34p%;yy5gLQ_)G-wlx
z*TTn1oP<SHYuM+^C`h@?R6)gJ*m^Oc^q#nFdS@U?;f*tcY_ZS&$695==8*!CWFlvj
zmpjO-y+E9K5o}Ax)aEGC(<b}zH8eqL;xasy*YCp$NuRlHOHkq-cg34MyjjFS$e58)
z_a@HgHUIhYnN|@>M`67aPk2JawrTdE$k>wIu~Iu$f%Q;<wOh*I`YU7Q9JAu@iN|(Z
zeN)Mf@^65G!usukaJ#*6K|KES&-KC?TQ}oRPs$5eYOGZ1hJEd&<ExvSc~58iwfR>L
zX@Y07;j0Or3v29WA#FuNOP$UXXX6aOgLwt};{!dpGyQzx4y3F5F_d@5S`S7(^JRFj
zK|Gw}K*}DHaDAF|hNdZup_yq*p7BPMoe>LJwi4InVc6m4xIb{VH#p+%Z6$r|;zlXN
z*U;Ms4u8)7d028=(*3n>hYXn(q>S(jpr){}iPU`IF9d6YsMUlFS}2Dkij`4C6N;sc
ziEAy!H&?Et!Uph<Ba&TamTNObE2vlHQ?R7`!WA?gi{hfxeMP9`ZXwpRMH&HN@jl%;
zqi4!P8U-SYGB<*S?YQCM%e(fl`1Q3!vty#|1ky*{JbyH;x*+6x78tAL+EocZKLQrI
zp8G;8BSZ;lfpVrZj$AjDZ#!W-ZQJ0TQi^~;^6c2fbp^{Z*$j%m=$RJ)?=kf$zlkIC
zNd8heH{!e+Bk9cI^G&|wY1*-HDfT}L)<B`Z!8|k0lWtc{ONeo?%ALM%8|6&!PH+0B
zTL<2Z6ghs`{Ph#wf$2n<<7P-9D)u_ZMa+y<6sM<?#HaT#FUxSZl2Tm)*ml@`gR6so
z>Up0z;P|E!1s!2FR#`(#wLx4A0x(Q}C^6{{J6f(6#;7D~a&YkYcpx$D7eM}}T^V`8
z<=_4Z8%Gmg{^xlAb?5+I&D6!anMK|=nvDVffO4o|<&qf`)P5^e88)DC=SzQ9`H8jr
zZ1c(vl-kbL3$l#lG{dU1?uhi|55O8g@m5MJD98<7*^vF)mKi;ZsEX~QJtkfpU+4Mo
z32g33)zTRoG-mZsKqaMy&TGp`dHrcdU@T0E-Ml>Pd?JjSpH>Q;19KV3jXO^t1kiIr
z(p*lX3cGyi8x8xMJSL?V)(dJD(y=?W^B~l>o;v{3W*SyNxm+hN*UHA-Rr4nm9kgUM
zd`o&?6cdZsgSCxtxLpceyx&ux?KCKBmU(`ignXS(>_C64aL~O%;%G|%%<j*$)8r%1
z2oHUAX8jr`Uq51@x|xJS>R5xmRy<&NbWP24w+ZufaX@xF50^a^Ug64dN)70@sS9@+
zXy)hCfRwKCJF^F~f@Yr>$?6^?PTB%WYs1U0A8~TBK%<=3wsf~+C0N{0n2N!|3NSIw
za5=V0tzjNaGFQ=E({8~5kH`#zufGU37iC#o^`>0vIIHY<*K?01;S?a8L>y%a52+p-
zat3Jp&)!Z*NfDDN?{i#m&DD=KA6)p>p2`No4~j3>cuUc@snl%?Z0uf_2OCwSj1w!v
zkT9H%*%O3$Jc)h1>v4rXpt551*U{1MF$=$mUXY~f(v=je;b%u&yiy56^YEXv)n{{R
zoT=?P&Qa5aDKGb(qR8ee<H|RB{1v*4p+^nR&}FQ)EbqDa$b@pnK8qD$HCPrtucRVQ
zYqPE139eS1@pFGwx(OdZ1$F)LTKKr1jRhW0$L|{?NS*DK+uSSElOK$0&dzoewy0ca
zbyC7M-L(JpdMs^lQNL=l_lHe2WfSY$O2d6yRDqT4mpbJ-iI)+L6qN8T@>sq<#!)Bj
zW`Dm4mTk6y$Cm2b1HYZ(jrC^^Nh>JVc+fU<MkdT1IolHr$1;^@bfvHtx<)m(6Sq(&
z>Fx)C6Q!ebVa_}5PT%U>HZC00%zB6Xn&gS)64{QDR@)+NWSRM{|H-x0_|6BG1Do_c
zo!TamlhxPjN^_Y0z>gC|7ykZ5_;UvsmBYZ={tUpFk89!Cw)Z097)y_jG)!^g)#-gs
zJVU>qq3wL;GwFe9)p+Z4SP%S%AWJ-o?*@5Ucn85p0#8P`3~}>teKNeNec};Cd#S+*
z#!qWe2z)?l3T7jyjT46^c*uf$Qa4r|5TeG_yv;|DEkQaZVG%wl300j2>@rF8<VOV5
zkw@ps8_EigH(Wj<n&X1Rc3lfm#z&Nz9BGfZWUA`F8pVcYZja4SRX)dOHL0K9o}yT{
zJ#llqI@;OLBL;ZkNWz()$vBvc5VsH!T<G{x!XN&ImaiDGyj@YUG<cpd$6U;Du;$w!
z<`R<1034+nZQUa|7bu3`u8QwR)^nkN-={WhBaDRKGa0uK5{|?n^qQh|eq;w#T&t>!
z9GgT-Qr=t=L4UoduDHk&1>LzRvzRctxRre;unG+0!dJE1aAo@vjw}ckkG6U?)<^Ev
zvbVQqzs>4EhkkM^d$-%?WS*KrgXP+9w1Urc+Op2hd|K*}ob3*aO73Fl@I_%5o=;=v
z+M}yBdT-_M!S}b8jrAe8c$3Ohme%@Lc)*vDjOJ$CyMy$&lk-_#8&nme5VU8lJpw{}
z!0cIOPwfusLH!SERrV=^k#?!}`vne9WskJ7s78TC|FNAP*{243JANi(3lr@frubIs
z)|7mVQZ)Mi=pZ!IM6~&$h6~?aZY$XB*dAhJIIYSa39rW{^yU}muGa^uB*_j6;4!K3
z8sha4?M|$bjbhPdxPzWCy<F>_6{715k6jyWmxe)m+Bn>Xf4oas9)T2FR+$sEVs)Vp
z&SZ2m9c@e1hwK2eZJoAPw-W(^0PDk3p|eBEOsZOsHSD}AfvM-x`KMZ?k}NIYq&aEh
zT_FFpxiKVUsq=z<ywNnH)|_HpL|Id^BrQZyE!f8IkrbcfeWF3zz_){A&O>Dfa>y|A
zzak;dOm789Dfn0UvgT~%a?Ew<>{Td=ewW`gS5G$XjOdT~i^era$2a4x*Vm<P6Ov+;
zTdYz#uHAtOs804>*?sYfY=qH^LPN{@_dAdYYhNqcmBw=5)310FUa?p$!QQW*Sg-m`
z>!BUlGKlL(0Bi=^oq>k7(Bd%J3dfGV*Z<`}xeF{6iP@PY*%S?K$lgtFCZRnLy^Hd&
zPpD;}%U@_n{61~Rs4`M63($tkwp6A}b*C=@Shpj(W2UEAf9da~Qq!md#v}{>n9Rce
zo~K>l8QgpqBt&#rqKM(Z)JMrYr()vegB5O!x7UN*<y#rO(S$!I;o_gvqq3sXzMu_x
zuUrLM&Tk<^o>ZkvQK*~bkbSk9DRGQgXrdirP}u=_QifT?vWSa+;!(xb#eLupwJ}zu
zL)ISrP=H8Li!879t{9a+%-~w!ui5WLalbz603f$1n&<hmCrh*(Pm#_Le|7p2Z1K0#
zDP_Z@B*VixMqIozQ41I}ksinUCp$bz^{aSZ+}OqV7|d!1fArRzhDL=EGS<=(bo*q4
zyHGSOTVQQS=4a|pB@}9v?W_svWvBD#A@v_%><=r0^fC#i;aUSZct~rF2d6lY*F|fs
z;-{2v(<LT|yiM)V#O<jPRWm6Vs*=}<_gjycR-QE8H*-vKdQ=dk_UFg%9bUEVkbkt}
zYU)ghbU6Ei14mHyMN?1S41#>c{zv1ILKyY$-|aqM7bLG*(=<@VP60;H=-=;rLFg_u
zUs_u^m$xW)uW}=Cg+Mt!UC2fgXfYV0ww-pA?gT`oYa<FC&szwdW@;sCBS^Zg`m)p_
z>Ykh2u4L5%qxIa#k*p*j1PzhMBL%W1kWd}>EuB?kM+*?_aghq&WWf*DA2K9%Um}7o
z2&$t31Iv%NZj*)?;-n!;BCK4{45!px;`G~vtw^S-<=;dZBh*8jm(NbL;505QQ+HM?
z*Tht(y^ls82oG~^StHQ{I$-WUPKXBV@Ln!?1f!c?4-RDboL-3XApnF2)#hc(?#%b?
z>xYZu5|D}KzfPt6>LR0VE;}x5unC?C@>yA2Rk5&gBqjdAWrT&G`8syy_yl7`-I8D5
zC|BfiN`ju=R9mQMvZ^8;_j!sx`t8Y%<8JlE%GYyN{oVyi!0<S?-@H8s4jknBN~S8-
zcjiENj)5zt#8gg#)z{CVa(%bLr2wJ?5mtYd5_aMG>75LhKCbvt({8uFZpzelj+NqX
zMJp&}{V3C(uNUK()Il+pZgc>%kDPNhUuYEpAOZM`<)Z(0q&z{g*h#dQZu=x$J{OYn
za&%K?ac))cVI+6U@#kGJUox4Am=Fza0*ce>_hYa8oDx0WNf>=WGEA{Srf?hzuHL%)
zrNz#u*A2I;;pnP;v^x&RM{?r*_~cA^8S`iH`cb&J7P=lynV<Ws<bj#Sc%RfK=q%qk
z5m3gfot4h1u@zca?IM=8!cg#)qxIUH`~VZvI7?}d;c6$h|0_&%Yeb%9i9~ZdU7fHe
zRS?92`~)9=DUl70ef|RhFiK~jn}1YP2S`1V-qn@9a^{;Mq#m(ws8VW|9<bJxYDQ~{
z?36JH8yC^_;QqRWzqs{u*s<z$oZKwH9TNU}yQAZ=u52m(^#8E+7C><XUAu4+0t654
z?(S~E-66QUyITkr+*#a%ySv-su(-RsFM4_He)oU>uc~WmYG!Ju=5+7r)8{$;JhW7u
zH0=yYfpvzO!7S+ByIOubxrB}fReBU9P^oOT9P}Xbgrk)anZK~}oiD1ecQsh-Lhqd?
z1v<mAqore7UOWd3mWHQWiY2M+kd(Rwp)y~KB(9?QbCp~n_r6^eCn;x%vdC~P|ClPn
ze`@Mw`BUYev0@KqE(>8d8n<O@k~cnTN1Xo~LY?>^KTns>tCc#Bm0>Uim<IcT$U@ND
zYp6PzPh>n^48IU(-uq;AVDBX<#%ef6hPC^zGzvK#IGuN%ZFu_B3E9l37ILsLAEdyi
zH=P#hR915ub`%~3iL5g-j>Q*jPT^}LjXWMi{D-Z^A0yckB&e9X>BPi-iuIt4Cuz}|
zu>VVz*)l#!7q6)xnF;+T#Yjd?adOP0L!KnZl5BWxG>SED>EoEEQg3ObrgY3wnkL=l
z7_B40;Rj);#rE})d^>C+0`5|7?$7XY5943vC^Up^InfC?cwBUWa@Nl+j^OVK3YB?|
zS>F1ThY(AJ1B!*hwI=Zd!<Qr4)Nak~K2FJi9N3>gGbTMljbxw;dCOfAowW)^NM5ze
z&tD1*2-Dl@aW+)RHX$sKo$teT=Re852t+v_gmSr8W<zCr^}9?Knt}v%%$~c~F%lhG
z(5yOWlm#YP%b+!rrXNp(nI~+f9Tz#g8wXmBu7oIFq)o7GbkjGZIdAGGs`hDR%8H$V
z8iitFN+nK`@IaP`eNpbBIfXj)ym*?+Q9-xssSq~8tRvIu*>CDCWcQ~uarSW6Kvv<|
zR+EfK{5^woingXf@C7?$AzkSfoJ?u4t7M|{2k&!3%*sN)XZ`d*(SBs-EI^I}u}5N}
zY_Hr5(<^s)htc(_gPvMXurS=L>*Vr={2d)7;GYT)Dc{J4Bgt7W`R-5{E6<IlAwfu~
z#&eC~E?o_2O(;C0W(}LONpV9+ZL&2w1h3s)oQIl5)#jf>+;$vCB=g_#T>*TSF5ntL
zzNb4RD(8hVr0X3@H`eEo6Y%i1SB7^PIq&5o8=smA_ulrXr7PjfBT;VTgJ^E)VYsN7
zg$cvfYeOToc_>gjKY&SU;K(g!RBcS~hBRZ&=WsQnHjfDCXU51IcSwp<dwr%m9B6&$
zD7&*AoN!fw0xcm#E+zi4s8M!Q)<pdc&2K3~V^<XoQkrx;&>!o?nG{0mLm8Qt#o}%)
zKX%BCH!)y}v0OeSOg2}NMT}KaEevUYP6n9Z%kf_a(72RuW<CGh<bUuwf9ZD=T}7m_
zJ*Wh{ci*3Gjgs(w8Pjot+{p08Sy}f8(SLp5e>srb5O>}fnHwUon=R>&Q^14Ntz(|i
zye^FLzYSYxv>gG%r}l-gljGSjrhz_4_9qUmgV{sJ`lzG4zu>nJEM&|!cP&C!QIBeb
z1X!kYOTuc6mK&VHDF)D$S^P}Z;ZayJV@okJ#x->s;QI@a?98K@5oea1=}Zl0JsapA
zLZdEuK|iLX>wRJDwdlV1w}7i8)0aoT*_0U5#yd*F&kw1q<@KZh583YN(CEcsm|s+x
zO{W!gjXxDM@%#;x4?QkK2OQqxniRPEu5cRWc-Himgft$xsVZ&by>F-IS?sI7rK($)
zAsxrKxQX8Zu}HCJl=XsK>m(B&2`W(@Ly8|xB(4=~wpNFQCuh~@^eV;M`ARcntZm}O
zalIHAV?^)_dHxuBV|jfPd$t*{8^PChQ%x>3?OUJaK)o=|pW5YlVtW35k?puKzMum8
zl4z}fbfIgL;eFManP98m_uA$8#doP;6?}y>t+*#DZ@*KyR#k2E!9Dn~t3e<~;!hs;
zR3_qT0>EKiLZ1AX@6ZFt0zTJc8_$cCQCapEHeP`m(1~*j>x(x<4>e1W|4@ZN5D$&H
zFiuWrf7(>g$jTg8IDes(x4Fz8q3|ZKKFAX6a8%TExfNkBKPui2jW?l`Z|Lp*@p~+w
z$!4W6RwfQe74#zD;(F`GI7(Ie67BpGf0*I#(qk_KUn}VtW~VdU!Q{8RQ7HT}|A~l)
z3+%dbQ%$sR(typlyv3BgFJYp1eM^6C4nwiw{vl@f(Jl#=I8<pkimyB2f9@nGN*wew
zkYk664EzOB#Rq|Mw_VGAMVV4@nJB7aH%asb%T@BZ$$;14V=hXkSn5J(54=m<A~R7a
z7qqv*^pInvOsaGo_h_Hf<MTGF5$0XdsmGnR35v{Z$deAH&Aprb&4bGgw=TJw9~Wts
zzvNrS+fpUbx!qxc2fVl{#{0~RdXv|<{kp7v5v%OCs)&3j7fovs>htu;O(Apyn*MA&
z058??+sJ?H13ogeLY(;J{wr5Cj_}P835iQQS&1$6?~tnVsHWlWI^LuU)>yjwXp0K}
zGf(hj8tP{69d&C6QrnWFW(yvpEl?T$`SBEnxG)$IK^ofnl@2at_ZkYAIG{M#|C79y
zJ21C4xZK)9hb0ZZlxD}#x*7k6rOoC7Rgz{C^^jtBpCBQsk+dYXRNI*vx3kb6K$BaI
zmwB8_QLFgxg4(e>>d*4lH%dFnvF#`klx-!N*}0s?1{x0ip!2FR=;Gpk8h+u&Uq@hY
z2Di#VP4-3~=!9oj?cU9?t|sbB$BF(XrMn<xg}L+7%ZKj@^fn{3Z|@9QyW%SxA6|{~
zJ@GKylh<L5Hub82)BF;;5>X1o3b`}KBIZI|AzORnd04;0lI=(-o79t>YIqN9%v)eJ
zR|>kFPipVv4KA>>NDC>IOq}s0ySZ+5PNsT;+LuRUZg=Che<*l}vS7XOE%&-dcRPq6
zy-RqN&EiA=)Wq$T@lfUESmLCW8UavlDP<%Vf630>CUAAkZ6|$5#(`H>zK!t&q(%ie
z5?ZK+#!%lJs4RA*CE2?uG9g*XwWJ*lu@OB~80{s0mi4^wLoc`Cyc!eL(l7M7_Mwn~
zEBA3jUn@cJhQ3S<=CaPxmd~z=f=r;~$h9V)9>~h;DM)24hJ(KJ#7lf`s_o>JS>hX$
zZj}0~+#}qBTWZ{c?LVqs^-4EXolwE+1?-B5+xt|jH<STM9Ku;{BBx-+)>jb~ceYc3
zsb`Sjn1VMmJgXoW@@I8uBuQH`^;(kGnkGK!FJl(=d%!LJ332|R9UlQ4i0$6gFPV)p
zp!9poy*$shND9ZISy<MZ_EKks_l58yX@zWwLY?6_4i783jrf;%AU^IRsI@69hVIWf
z!VHfo6qw#xvnwA{=BLDjKf05Mh{?6sDNMg3y4cX!l|dRs^4$R;vxT~JBHdKG;W9?X
zfZ)rDI=6FaAUm$RQYn^XTJ+G7XjO`;IA~#1jeX3{wy^$9ZQVxUysWNp1np_3;A7XH
zvWY_uTv=;Y<Gz=$01}T_>x0c-R`y!^xvjsh^YAlg_O)gpqNF(S!Lhr#tvkUhx96?V
zibFdsGr~Y~2U1#fdm<I=mK>WEvboN%Bzsq7L1P+rfdi$^sgy*gz}tJ7S=lsU5!>%o
zLsH~xL-+KV5;`Cn0F^ciqCP#VLVKit>)S=@3GniGP+s=L;vAKuWtJ$=F`_V;<Jd~r
zV~yvp31{2AOT6HAD~cNXcs<9n#{2O}J>}@|@gctk1Bj5Ymx)g2?OQ_OEU42ELA#A5
z-{06~1c=}MRODJegw*A`hG{l(Yq`r&wS6adhKAItu4NW}evhW?0;QszrwZ=ilBzqZ
zz)uXn@DYh4g9J>5nx=<dATt2DeCX*k4*we8jkZsxV&i*S8~>cK@wR5yRuM9jx9oPV
zPwf~o#36@jTaM#HkWHQaF?G>b^7C+|HcS4dJH1rSk7`1@Y(0mU*U7$)J}_YIMB~jY
zqcIh(7^xFb5AkouNhBLY7N7!P8l?~c_xbvN!c8z55LY9|yQrx$<54Ocjn$mmCHIh=
zoutq&o=RZ$@OF>S7FZjwjd68aG1h%?P=f+hDDUi6JNK39L7NlK+FCLErxrkc+?}y>
zZ=RJjL%ZtoG}{aORwi=0`{3tT(^KNS6~_E_wCcsc(-K{!H`5I$8ZOrp9MisnErz{Q
zDQnrT$1*3t+%Z1jbbL-i@M-=0vqGV!@%_>ka?{m1!(H~z$;2OrHEiTgH>;pgiZ;hl
zj3bv|4>2>XOw`HGsT(G0<l9P!y#7~Psx0V@MRaM_9kNa_ppQ^unBs=-!HRIhvmi5_
z!0sSf@b+>zn&ou>whuj_&li^0LPT|p1z!r)Ub2YW!$6aq&o8qvR#v}Ow2|*Az7#0>
zo96R^1;9>I*qw@tKEh?9@cOgNBboTiKNLRSPf`kj-QAx8ei)1um$(~gV!Xb-rtHTN
zl4h{qv^<Sw=iUsiH1EAP)@{$CYA`hr#28I=IU|hfdqv56^XR_`0$3Rv{j-Ek7zeY|
zAE#q<b#8OXXEi$L{6EwkXOZ_xtFp()s-lBLtL;#T^-}>^J|V_m`b5jDQki$wnug*Q
zITAr@?T?%OSC?+-F&T5=(_QIN`9fdjQ1fy*`hO$ok3=4HjpK8!%RbpNm?+gnR5m5o
zxtYfYt8es6ln#PFRjN9#4iK8nkG$_jYrki%$7GC09+Q0VY5qoEk!e<v7#af3GPcAz
z@3;4N2sUH$`*NGp+YKD+OpcbV_xo;RK8|>@PMJ=vj%T>c+q|8mBVF&#VgdYJnc2^;
zvf0o>0oX-v2!vkO=`Y*!C)n%GFhvvg!oYs1pD$zjjfqD^`eRZtzERo!2WB+*n9d`o
zSR%Z72MT2itVh?{&HK&6N&>^u9}+*;(=zgV*?x~Ib~Df|n`5XJjtF)4;31F08Zt`X
zmxv55AcO=s1vW=aJ7t@$X1gc*#(N>uf{o{+R$yo`QQi=YR2Q#n@DM)aaXl`ig~^aR
zk!ikjLwo4L=IA5CKH(0&EjmQT(074R(QAoXvA<?@S<;lfD$;zuCiJuv3ID?{-)i>B
z<O@jQU?zcJXGQQGkyD+g`7&{-ImE5{MWIYezBMDgk{j`$2jNxzZpy^QpB^EBjKE_D
zQqKb@vZy`;Q&(!4-tnvT`Fwv!@QHc`ee@FE)@*M_VJ2%X^(zteqY*3jO}kk6;}Q}$
znRUq2oUWU@J!y|N%hXzU5EqX+WEY;reQAl#_tDJH>14d1vL$k-@DY2pHT+<M&hd#|
z-Esc+alVZh%=lhWry)uS^!jEnrXC65{j|r6$(S6ihml&c3Pam3&3w!G4Wt47(UzUK
zyZ*v)bGN|s0EEd}!ym@e!BNdF=u#DVB{dk6aHF2v!D1<(*RN?YhQL(wn#-dLr-gCO
z_||KdWZ5g0YB0N=mfr4|KbWj&zO5u|&RF2;%fq`J$6w=Kmo6|1lE6KM=D~2#MtI-Q
zm<og0v@z#RpZ%Kbc_~s|4n||8-b5YanXrJc;5RAf>H5b$olXPDhxIFj$euE8?<=zM
zNAWEGUBh`C5O~#dwD|7m$JQn8vc%v~3`zu=$MqGoNBwk;+}U135rNr2Bi|U$m{l@x
zYH$eLbMrcu!Wu(uxLEtb-5U9gQa&m-I$QsAb9obHUJ;kw^T_>ym0vYa^Vn>F6{*%s
z9m94jZegxZh3lrA)#IrR$@wM<N?p$lN2MK-qwAhzG@=d+P|y?AW*fXR&l>8Z^&51z
zcb#!x!mj5D^>hZq>aC_3Y{2lZ6X1Q`&vs)r=W|8vYQBTo2Ivh+!JR0DcuS73k7aX)
z6#|i=-Y>s)`Q&8P6?rb!Y&&LY%}GuB6mi>;tB#9_XyaZb*<X*TOeR=|GkLD7TD?|6
z2>h1h^0~`+nx^$QK5@UQIFV~*6b#jDfIX|~=(f++k-D6XaU5ipYhD*wFx7PZZfj9+
z*@n*N@J@;)LvmZ`ogA9&k<jkBxxoxG&M?z<tmJo@EjGdD$#L9`L*TthJdbhUa0aG4
zmARq+H)&~ac6PaBzY$MmlT7=Z{_ZRk!cb3@aibhJz}R|*L@^)PH)irQ#89PHNKlr8
zYo(EyKGpPw#K$r>w0qIh$e|hEqv2`;+f<iy9*u~jmRvqV+hh=Q=3~9aWNrS)RVLoE
zmuPuuITp!tRZ6P4oWT%Pa>w(O%(CVQ0Ri1gcJ}T@F6HrR7oB;$yAFW&Vx_<%mZ|~e
zI-Qn(Qy&v}Y|9ETT++ZZD>zY#N~#{BGsET(Lq+p!A2a0;?;N{U_ipj+0OqxPo`^b{
zwZ`D(7-(??O`qD^T*0Fbj*gQ{<p5El1N|sRBQraXd}ZhF1?9f_eMqMVy}O!dn%y1G
z*(_EY_MVv4X|A4=3Svu#%lEazwVW4zQ{aD-An-ruY=4pbJo@wM>q(0Hvf9hqfO(yV
z76gNu(FQ0MZ#P9{(x5Xx^V!}%zB89jRc`0F$}hT1AuU`b?lZ3asH2YSz|pGbMitoY
zKw7^2lvXwqx##F+tLZN80P$lL?tR%ZD9{cpMa`b<Tcl%vm9IkD=&X!JDFsDMUI;fx
z!`t{qg%WB=Df9x3-(TtV7Mp5C&uTEQ{5x+g_a{1HPwcCk9~O|VBi@?>o?Y=n8GG}b
z1x8*9`{29c(X0;qgZy7G6SCKDX#HL)&>wq|3mLe=ZWt;_-6vu3Mh*k5@Aw3+CONmC
z=O#T5J9$09oIHqgA|OZen;LFci~JsRP1mXBUD;^3u3q^IW<0^F^IuE+<Ss?H*+Zhq
zWU*{t=!dSr_IeU`zFqr3eV-U}zmnXx{4v2Z8Z*X(k~9|-{r0zXQ9m#oLE8y0UnTEU
zrhr-IH8O_WJ$`)r<E1TZJjQNHgy3Y<xt8B+dQr3UT)t#uRGSxuxi6T9;rY^0lnt9n
zDMRl?V93zh?|jdOD~r(woUnSOkL0j|Q1!jidS@{~VW+&u?q~Atl?0D8Y^jdHP&UDq
zdkkMt;fV(cea6Fs{#LJXx+Bn2H558~MHt_gHI|)IAp1Es6bu1KK#N-T#Jp<oA8~$|
zB;1b1)z6{9GG2~HeVig!3c2ubeP^vH-@1CPzKuf@)0!h=c-g+wh||B`G<J9F+u><F
zCu2E56KJ)#eq>a-&_IIWo$b|B*BMy8c#mGO*BH8$d5eQ&O|#JS`mF!fCV&1i7r6R#
zpD@cNZ@%PM<lw|C<x?LYPTM;p)7dKsINv_sc#pL2y!<r1h=!5v$%46rf^-+9ryVbU
zSI+u)T;Z^xaK0BuxH?RzgQ%*W!d;|0o*42ChxDLu=tLMdq1TcOvU&1gd0{@Dw!gQo
za<k96YcjBDqnj4QxTRkREmi3eZazO>b34=55ewwv^IJ{sya<+e^tkdw%re&zcJ{n#
z#iwG?sFn2_bvpMvH6)W0nIolZKfUqUZU=j~!d$W*oQ^hIy!u~0`uj#S6*26C-dj`Z
z4l*YjIFDZTv-B^!k?eMfi=s=#G+g%CWnt8FdD$^CAE*UDew1C{J$KKYX)0UiWTzL+
zgM^5#016q&T5*%(BcDBel~vb;s>h`!{ha{CAZllY?Oi1O-x>a2&Z;w=(N?Fib>95#
zyPe;w9$)hX4Zwj!qlm|5bUTEdS4|llRfq=`u#95v+jr;o2Uio6`Zf&eK3jFSua}?w
zTy}83mQvO{1{rf-WWaYto$R<>SJ%|oM4TtZT%YDY<XiB_+d~xjy=hf)m!QirM6N3E
zLwBK$91;+!2|&Z5bPkH?+yqZDz4UEd2I6iIDK8B6qDCK-t2py%u6tJkxpWBl5N*dA
z=q=U8c;8u93m{t#);}hssL7pK^!j1diS`dHkOniJ1XO#A(s@5g?&tGx(Q=c{_&stk
zrRGtVp>??MR&itNf-_#+V}wQEef*^4`L61*uVZ5?=7Dz#Unp7U(sCcKF4nl}1%(jz
z1v%#J5kv1@BBk}wWP;BhJDqSXK)`E)wiUW-W4s6Z)HF0^iLf<3ru_<npk-%6qvp`5
z(%!OgUXa6ru7n{CpwqKZ<?OU!?>9Nw^-R-flHYQo>9Bs#ydPheg6Bk{#5Z=wA@C1d
zdQO>OYd)|(WK3Q!Wo{e<==+CqzI`{FSw-c#e}MzKR0yl@#T7h+2ReXE%={lkW^d^a
zCUDQmQ|Y(u1p=ykc0d`NlurR^8&co@g$xQDlBrS5s}7JTATf4kZkJ<VI+H>d!ZtFG
zm~xa8?(aqRQV)5CS;!V#yb|-N(ahBjgk<r7QxQvdYm|flDx}*Xww{-vYxR#38?83!
z;g<Q)o%(oVwKjBcXks`BY|>Pv!feIcwX)YC!3CxLMu<k*@F6l37^D|r_v^OSEOxFh
zFrgnwDaFQEG?<~b=ub3{t26{aBky)upvyMi>!X25gpCwdqTEntqk|PnqHMe-?h2fw
zfys!=0bS&@y5L&b%wd4})6FfQ>>Jlmqe6|M(OM<S+x|Cye`$6(0&G_G9Di${F~dZ%
zBPM6Q3+*pz^Tju#@Z{1i@aeOn5}gW$D<(7OZU~yQ^+(OFsqT_}cL8L!>+MU?14jNw
zPXCyT35nv#w(h(r+0yR)!);f{5~MzK;xc{B!}Gp}wL44et*}t<g<#|1k*Kp&$0_3L
zeTicds)8`p=VVTwoiBP^7F_@B^cM938elCc2$fI{^@0%1C+0(Reea95RT`l<!j)8J
zGJTo$vVvggTYH6HA;7^AK1?y$eue*uH#-;PP)sUhOe!dA&lkw6EHliCL)Ium=KUm9
zqQ<8F99J`pG=wdg_VpycxdL7n9|8^OsDd*0S-9Vdq?sLNlqwGA)SOAJyZU2(04TCa
z8(jDe+LMntW#tC=p)9dbA--&V6OssiTQ^*-p~xd}tzU);cFE}UNUJp@wU+<58TSkN
z?pI@dB;VD&-L+Rr>l4#+p+=3IlL*AESx#Z2m%ieBBh79IYCo!_bYXA-*JWs)sED2_
zj7^=ao5inyUCAetxh;zCVJP=4h=R)xn;dJ}0xN@5=2EvqQhPEfRL$)|B-7ssLTl}#
zcYJC?-x8(eoY~Jw5vd!QWi+9@o+Z)cREx4D3t*i+er<)vgh(Odg_awsP@78jLrWcu
zXbf}lsfp$pw#%afIj9St4)JP>qvw?NVoOYR>XCNCIO-J}+ykK*IdKf@XdqEueaY&`
z6?Gm1?Y7I#w`DjxCQO^w#xWI&d&*6YR@P$BBb6}kBFAd2(-Uh&Zjs2S6XnR}0yw`D
z<J{-Q;5vGTdPO$ID2*{qEhrRP>_qlkz<Oh+N_hPV@QBy(ELh8nqmeG*LYGKMo03%A
zXsoCi<@O0G6B%wH0|r)pY)56yz#>W=QEL3*?D0)J?`yj}8gP)R@bFB2tFnUhbO{%w
zmZ}i-c2MT45&PFw(wk{5@wnUo0hCmdT2|Rv?1P1OKU!-Nb?1`?b0z+Xh*aC3l6Plj
z!>}l25!<o!;e8!0NWlIyqewmR#bhCdX)%Aj{KiTGOvsRJ$M{sf5c*thz916hFM0=u
zU|ZvK(~up~1&*{(4Pywsae|J0Xe`;Nu1Z^MlhEz{1WTI6-@M<+cUh!v%^enIQLedT
zYiel3LZF}}3*k~~Ll{5q1?+ZzkG@>rLv)7Jpcs&i_b^KFS^BEkM;M6$1D;BHeF%24
z`}5Yrw|@BMM)2T8b07tO%bGz?dPE>Rhx}3Z=mF&Rs^Vqy1!#^iFA7#)q`5V}esrY|
z0|Jl(h%^*tPDavz%;$aJ+kn6V(b4bB(?CDhOwKf_2?f0ke?TMIn(n|Blqkbw(rQ@@
zvlUA}6Q&me&)G1yRbvUX!Odr@^`p`6O-94Z`V=Q=@qWkjQ6Y=>Ct)N>$o2a-^_>J~
zcnVt8xw%cjOZ#!5yL!36)k`7>ARBp~_`LW$lDelNRe~JiRQ9luB+i>dVvbf0YZfV%
zHOa9OmHGB9*+|gw@m0)`uZeN0sWOCbzY3&@Ldpl#c4eOnZW9f8NP^=>33`ZWj2=L#
zboHsz+3n@T_Qfm7S>*QaT#%A{lq@?OB$$$CL+$Y!nM5GnV}WVn7z?=zqKr${{o#A%
zvDU3oe9snLNX7PjXh}5Gy~5UiP{`hQtTLVLhNLy0odG;{kciLmBazA%n$oXH(!p}}
z1K_t~x=Ns-9e-0AN7Zjzty7J;i4A`J?R?Cp%cCXvZVCYQestRhg$wlvKVS}J`MHkJ
z{aTr-UzgA}XI<8D(!Q;kach%sqGGQe1KJLIBqVBE@d^i$z$-7%-u`z?w#p<qC{wj0
zb`;&Ctz&HL==1T*vd~2vMjsHq%9curw<4UPD$;0$49fZCeu*H9*=N;DDsn(6Sasw3
z`_+m->j|mPT>;TJ0T#j7Raud@My{&ks93`o0&tfFiaR~7hca1A-#%Rb&GDCO=ckR9
zf@o~D&`$3&Tfn4%`tI*K+-9$*&-wr|7=TJooRsrQ;Mz;);r0f@A4i*paHCWkt%XVY
zNyM5_{Q=)>D>J2Gvy*Unfg77-RQbw-h#`+lX^iywyQ@3%5bR>4n^1)X5S_Zll@8`Y
zht_Ulg0YWLC!kuSm&N9ztfDS<2fFLnAXu<}{6H*qyYc7<Z(GoRV+ewr^4(Jo70}o+
zJQNC!dFIhn$KP8qm-xd?-d@@>%Gh|5q{gwJ3+f+`!_offel>UCG^VFDiV09v+6hvw
z><^#wT?HriZ0OAntFh{sJVAk<CZDDiiVu=igd=zBSeIIA0F3W6z&vN|$75x|H>4>h
zE#yb^kLjA?w2J%kdEw|+_eH4v7H&3Q>Lu|skI*AgEj7}`w);j~^2&zQ<~-pWv^iTu
zg14|uM1Lb@^G##hA3aa#Y{8Z{e2L%xfozDr^}ff@q~cA|T^vxJIJw}WAoxLc*|4Ut
zW3!<b${}3F6iKAw&MT6wt8BW*kLH=LeA@7(={dnp(K|4x#SOWsHgLoTOgP0aCv18v
zAY88g8XtqARLS7bewM+i`LvL&-8Z(G8?ccZVCZ+7PLM@QO&59OK?{YugRU%3>F@1D
z4^Vj6{7H7|l)CWq?lKcyQ?_cboF;6-BUo<@$ZkICaKwfrUD6FwaJ$+hs)tgI)JbjV
zK;QiZQ1B^EhAV8vVqCdhcLN_@s8AVZ9<9H^aqI99YH1Cbvbwreo*aajquP{F;Vl&J
zFyh*9q6xQ<R7vT*o$QR$!2(UZQC9CI36UO_#_Szu{s0NcBD21<m5RLFC)}}FqXhS$
zJ@C&>GP<jM3wFT}M<4M-RaZ&u(m&j7NYY)cF8v|W5s_+_ZZc88sA8zAcaS{YU6n+A
zIh=5|+CFV!84(C<5U3PbpWIjHeSq|1v~@N_Jn*<oCGe{+5q0hFd5M)JQ8F{u+n*(8
z_t{^hv07zXyy;@REc3aF(0>V;Jb0D?h<rq6kDubmV00Ja$e6eHERs-oJ>HJ?hC%WN
ziIDWof<KVpet-I98+V~KT36N-KekH^m~pY!9aTYk`~6I?G;$iz*)1`d@>^S!o^m)R
zQAT-8OvC5eakg136i4Xaq2E^_teEYo)Ya|1Ag`!uk=*i9NxRHJ9wc=F!aY`*K-udu
zW9854G!$ZL#(rf0iud(X2aMo6(c+1|JRZuY_3R|F-^@rdX*wRNF#1yiGg649=wZ#o
ztU=NRg99)L9sTXF=Q$ArQHWM-VTLLc6~*<9k1hL)Ossv&%^+lMm#F>N@DR~1;)De@
zvwARiRcbC{{<xQ2%R@@3IHE-pO^qs%{K+;cM4T|2pLztl;yiB82Di>;MmsSK7lk}@
zVwL){fV(t1B?tFZbgXHmGP6|v=FPE%yzR!jeD=gH6emc8C!jdNIFE*gB{2Cn>*>CI
za)<`nw8Pg7y3AeT92pA&$~r4{pIXrwWyLRc47w-=LO+U1m&dQ@8Fb=<j-8m=1_t1(
zWS3*HnM_r)6aL!jne}I|4e8Xkm@0>ePVa5@w-7U=oOYi%))b73WJ-vEOpZx;kg=iY
zlO!`k#qJPIK!a}F4~z%1DeI?(c1f~5iDBt1mDTB^F%eD!K7@uvkwN@UtD~^v^m=B&
zcfL0}X(3|3pQ-D|rqYtQ{*^mj%0~TFA8wz?(5U}Hbg7_GV7yDun|1`u>DWiv|3`l-
zaHx@{f5YQfmG6ZR4~U#CRF*m^@6>8PsE%R#xQxNTY!(b)DE!aF@lVX*#b4%Mi53{t
zfQ_))l3l2!Mo&)ZGqmO7--N|_M!!Erj<uxYnoLIPx=?}=X)waiNi<eut!4Oy09b<z
z|ISVQ3%>A|BDtjfxFVbK?VlO=e_j38u~#4PU}+H&WvWVr9+8Luhx;L5JGa$;G^N;&
z7yJJ{_<zs+IWCwlt&J1m3Qz*cP+(Ai#53S)$xZd?E2!Qe5#ruBCgLucufIN$ME|L2
z{GXFI_;ugSg+{8q?bD^s2!7p;f@@Pc?^6<yu+Ob4nU8%9^|E&PEezo@o-yQa`Xh}J
zI0|0bfjj<{Xa7JB{<~c+?C3)I(T{*XH`;4VMo*B5fdpRS#pAXD5IOd4&>}Tu?JEb#
z70A9>8mCeeng*8VQ16UUTBc)#K-T`w8}_*r&VclCv-wMVmScNw(u;WJTN0=VoUU<Y
zb!7c<k_Z%Cz33DF-@fCqj8z`(E;IEnymzCGnS}ZFAE6Cjn+PY0i7a~UBRolGwz5-o
zqhfzj+AQB>^eTJu)G{VF*9fPQga%smS~D4FFwER;Rj?34k_l5>o{2)SV|4dmqufX^
z9#|L#<dx0wkKX$4)~lcC&b+-qwAK-^rVA6kFFIdG{r73Hg;aX+f_V35jFW0vlqK4*
z84DU*+Y$i`v%50d!e>%{+csH-%%1CH<g4)xGS#)AUC1F;Ak-fJ#6I1Bzv1JZz4}#Q
zF^}{J({rGY$hkdYP16Kw`3Q%>K$c0E_Q=ksRmf)n@hLPSbc~WNQbJgX-9=6Wyt&u)
z|Iso1cfW5@$$8*eSaOXk^2A&*KvcPr%j5}0q2K-Txpg$xzMGobHLW)PrOWI6?NJ-X
zB2<5aMF#%PZ5lA9SelY^_(*!kHU~AOhCMt}SC&w)^_Tf8#H$pG80s8uVMz%FATz(I
zE_6!=M#d4P+_HfASY!=XsKJ&7{FQ$V0)8(%r7;pjSeToOku9=w3BuAw3)yjbK#ZkU
z{V{(j=7Tn5skk!CJOvv6!6GqGtK`Di5EUib&hxhi(QQyB$QYr&cilI?Xtc$!m6wOg
zJKdu6KK68Vr1}FWC<*(8+C4~hAa&~k63pmhq9+@dDlSYNv_h&SGu%bFb$N&zORBcP
zUc)V{sln*7HaRzJQ#P>30j&3+k%PpQGryJ@&(1+j$2|S{U&pjxs>3FyHk}fc`uZKB
zEuGVnAzfKW7y?)Fr5Fy3B>MXK@_5$yC+9TMofwk_dK!M-rRIi&yxsnTc`DPVqca)B
zMhvEko){8L$y?WI*1vHV>QquRi7fE053#c5-(>pwSuy1CYx~x2?~7_M7z~sb!|0Z<
zTKpPqSA`!GA=ggCo22`npRi>2QaQ__Xb!ka%54))4LH*|Z4HUcx9-7?u@rHKMasj5
zhgrT6TH+z+_}Yu}asBga&FtwfKL~xp*g*U8q>^y~Yi*LF1Yd+0?Xat9ca_&p7pKJ>
ze!_!Tuuhl70BRCy<zc@-g&Bkf2m5C(h$gXk1nqX{r0IP#q->&VSW8^IjW)TYnxgLB
z)2Ad5z8z#Up8Mlgf2G;6Y&OPLR-mi#?D*tUl?9~M-B6JKRaEvrZswl@@G&CAVRNCD
zj_$c*SF@2>4kG1|gKSRDWyZuR!TNAzO`dGCsM9KgW|2sWCvKj5Rt?&rltsKT(ABze
zdJQCD+<`>+%hnh@Vu~*YJWj02J3et|U(?|Xy(ftZ!jvUHRvdP<Hyhu#^Lh%gfSLQ9
zl<)k2*y_xng*isL?@qh|6~>RdR9%#L@4#P|-cAKQ&`_bA*2&L%ILT|7$(c|XiwT+F
z@=m~Ew<_*v|75*l(%h7QpNTD8;cOWN=`gG)>sIa8=jL`%Lcu~UEH`Jz0~HF~J8|$v
zKa~zU{gDw*Dl69=$`E5~yh1nK=8N0*d@ZVN&f3BKn?hzWIgFk+_KZ(AllO4UqJAP%
zjBZn?P`1_>7q{`k(A_n%L?~kYTtNEVYkwk3xS!N8c~q57>Z|Yn;_9{-O?sVQM&g6$
zIsh=n<Y;2SB13%y1Ena43bFI^P_sIOZ9J{OpM$A%8p+c}2^M8Yc}q|OKGE&O#G{JT
z`_y>V{B!7J^LRZcj$7A1QDIbbOJLtD;F!Ch0i$Bo41W{=RC{%cjZvxcC>ILEyk!n4
zrcSABsWt>3m6l87At4FfJ$to4bJkl#v#YtL87zbyS8m4^K2^?nWmKp9bK7|7G!uVD
z&y_Is2C6-l0#<D4(#T4g-4K+Nv_J>f@2sqnH0gc)g{mW<Y^qH}iA!(1(E4h%(;|1G
zC>$FDCvEubm0-|O|K9zkTdC@d=972)qC8=#Y2+-eif9tMOUbYzNsMU#S%4{4;wV&O
z-p;+6lG>g~`Xll`;{5+^TfR(N$Xx^gR6r%ODqYv8?ubYG=Utew3tl%@e0@1udRG_@
z_wzztv>axSDV9btzvk?$PA}+>2=WurCn-@ORf4A-%W!mvl}0KPnN4~X9)tecQwL<_
zy=kJ7pi(NT+Gx;;_!92syc(KjFM)2A230(5G7!zZj(UZeqTA}kZuNM$agc>todu1C
zCN36LcjMh#YI?dJVjq%0jcN}T?Z(s1Zk&KkzdB^4OnExvv6uNv8|M^fM!vvlUi^`1
zaXE5C&?OI9`HYa5<leBl4c{BiOR1A2D47Pmc7Oyd46R+qZ)}~@a#ae|+9%{|3<0dj
zwDIE|H_(k-wn&uZ3epz+2RQWqvkRk9Z-Bmex5U(i5s}KE2PSql`J7DiV5pM=!7hv<
zp4~BJL!4}-`NBD(Pi4(q^|fQ8{qhg{X)#|F)F=kZw4VjWeHc(kG<9TBp@`neWCel#
zRA)$gT8&ZkQmS*Z=4SaZ%*?7%;&W>|k>QOswy2}Yu?6l}7dC;mOBQcDX0q1(J6t(T
z@j>NWmnAsi3ld~GHAVihJ{2*t_Fq8wWN26UOcN=_px#=c_#wel4vxl(&8qaV`oZtU
z?zFjF?G}ic20Lu~-om#JcT;P1fv&pzvkF-~w~bg??*1AdAH0rPXnB1-%9tSicm0mz
zOTeemWO@-b$`^Cx|F*>&3B{Y(3UWbbWpY*zorsvT(TOz6+p+j@sZQvaKQA+jyg&Uo
zy;Mk(TWuY`>{9K6+MqnSq{+x*8U~B6(^uWk`Kux^bcPDm!#j@Lc+G67E(6_|-?kl3
zqh6L%3WLk3cD}lyvkgQr0Dyl-u^Mt{Nl!FBq6!}vkXsC0Y1yG2zISuv{uMG}^F4H?
z94eYAna0^Ia-^u`267Q)SsZq$qMEkItnZ<P-Y4Krf9~Qg>xa%OQWKvWx2~Gw2}++S
zb_}Cvcf$kGQc7V5qlP^#kJ=o<;}^qHV<|UVpNOnzhSGdyzJQ0R>W^UJ0s_RQ+2zL{
z@Z;Cu;2?}?O0{kJ#DqK#FE9625b9gxU$p-kDM1elZCE1(N@{{($+?EGZO~K%ch&kZ
zYwB_*yI#NT?$*XGdEKnT#S3b}_H(~#x1kzndx-m+$Glnp3{R91vsp5!&W{mo4BGRF
z;f0!|5$ySu?%~hN>n&VA=cQ=MB#r$9UHdf+=iBkJkZa;q^Q)@*(dp57f#7N3{DpAs
z=ts5|3va^sIG?)=-|l7WyO%#<+w!vmZ9}sQ_9z|eEbh>sfnw)2Me-;ID#;&bfBhve
zP5b1u*}~mY29tc|R6|#mFfI(t&40~n5th;!YEw}0w62J8?dEq?W!`tvBx(`1!kcl+
z+4CvTVf5vWnABOK72$rUfOD;>a<h9m-LHpWek>;=K(3kKn*&zc<$4%MKl)J;Jj6Pu
zy%9m<qyMtj*R9uwN+%5(M8R=Tp%Pv4(j2es5q@A7N*d=_0XC~e`F%b?JQR2>RuNA~
zD=i&c(x#xPS@4n;Qh4@j>(W|7)`GKIa{(+EmPiJA9PrFwDTITgExG45)p_L#)mG|I
z2Gt@<09@$KD7<pd^MII@vm$Qsq{N*sIJ|yVDkt&O7I);iCxiz|)fa~Cizf5q<9g6f
z2T$fJPnc0H`z@2OKkt*x3lj@}ru4<9)~Ugs4M7x~t}OSmw6Z2uSri{C<it9>+;OGG
z`U{(tb~KiXmsePlB<e<skGoDZtrjf74)#A?bI(BAd+olO9J}|@t|A;lk9N9UFQ9_e
z5Q1c<N!G~A6N;keV8dx+t`SFtoc%+xXh9<O!way^z4^4hes;EYp9y|-lz<NI$4c0^
z@#}aIam(^N9y=d*&pNRD#*w#NcU2I8XKOH7sHQp~w@6Phs{zpib-7!(RsH_e_9F_v
zM2#hb3GDf$S0%X9U8Pqg@g&t*ls1`avDuw$`_)CW-YPu+2J(H~^|YdHs#Xr!4m8;&
z-kJ7in|2MD<poipy|=@Z<&*TsU*$aL6?(C=4OU%<SyLW0ExWP=a;r;uwF__|^V<Xi
zBf;<)vr2+p7~CkQYE^5gn-X%A__1{!WlQV+Y*kFGBZ#u-*KZxnqBnFfNW~ZdZ?P@H
z%NRp!X?;J*!B1!w>kYztNyWavR*55-m3p%){vLV~_pj5l*+>EbY<O+WQ9l9g|FfjP
zlVNo`UA*E*KZ8$@vT!xaV4!tkkzzw3PL|Aa=`AW?j@=&5$#K<&)h;l4qn!7Ur${J{
z$BtPDUUIl4rG{Cu=qXN`!m(}U(_2NP^{PlkYlDn}r(w~`4=iuT(=j9cplnnqg-a-i
z{Zn#SA+NmV#x@@CnH*VSF3rKKy#ULU3`Q}5Y@3Cm4Yz7EoJ{Jl9B~y9PD>8t*AXus
zGoB=Gr^lcd@kZwT@+CfUI$1b;;E#CxkN9crjNRR)Zew;swv{W7Oe|CEC4-(LCj%=#
zMKURz$e)y&o?sJRn?pqY;e<#FQy5MA!SpzpkUj@8gWOUw6z1EXm;_A_3G%|`^;`E`
zQ`QBA*sbwUf#i@)oCu*}p*``xM-6SC+FSH~n)7&q=^YkjEljWxXr!IZPa-+mmpsw-
zO^xQH->+rugucJ=O2*$NKuh}508QduPv)m<O=VW?9<Y;?)YPo3tQMQ>33Xdtgz~{P
zp?5UW!$VKx&Z%`Hp|rf{=~stp^k_J=3s=h(U0Z>+CGefisPh`XJQ<_5db-YX*QRcU
z6~LYk$Ug(2!P|4*&EChKz3$EwDn;H|_p?kcG5{^l>zse;@r4)oFiGqjQLKJ<_t4Yn
z)j+b7qZff6)kK5d(XChp13Vd>*Nor0K?f{6f8VWh7d$K&318n3^)xTGSBcLgr?XzZ
z$b^h&GHs#1J<jN-);M6oNXRU^kMz7S?)jO;C!KhLYuX;m^B~P#Z3ABq+R-zkO~{?~
z{1QV2$_h3#b)^IozP!;|`u`xQk5M4(ia0nRKk~Ihnvs2<uxJTKL8!LfQ*NC5wQ%->
za(x#0|2nTA{dWI1%esOd1G%DN5!m%e8Y>@x50jO|^ed^wvU|}{f0X26+QmS-hqq8K
zdJeiQ>VjRIGGA0QjfwcX@Q=U}0J*`<;hYB2oy9=VOw1D@t|sJw3BJ34wHCt}D0;F_
zOmD>)j!24y!knTaGu2!fn@lr?l@!Tbe7%OyLm4P=FIjI!Ngtk3{}|_7XtF!aywmT$
zaCp00e=a-0Tr_7;?L}>I!mkFy%*#sUl(if5i3h^c(^hJf7d-UwA9}AUhHYpAT%B9T
zFc}*Y*USn!%DpG!J=5ulNezZkCiO8&mPp5Y@Hsw`r)8&?lKr8Ke~)`nQzK55j8%OH
zj;RGJE>Y~$uSIr%6rnIOx1oFe>60{kso?~`w1gKEJLlU3yL}2ck7@~yR&Eu$D^Y4_
zx7gBv@@&>s%8Vask}oC?5a{HoWO0gq2GEGX%j2w`#xpvnnCs(#m@We+Zg1s68zQqN
z@g~=yBTw0XX{14L#qXk@-;?T#NRC!-+nwl=B^fl6{U6XQVHAtk!1VU?T4M-EtH5sI
ztJ>)QNjtpEyheZ`$?CmW*T-~p*5RFc4fA0B9-(Rmt{e1P%o58OQ51hXec2@;_jRe`
z$XmEj9-bDl+G6QJXO$i<;qE|(>Fym<O=^3CFA%VvG1-E2|C$Z=QYsxe69xC^C52$V
z<|&xTLie)km@JwSpQPfkm2Y)UgGctI>;0nm>xi35iJ3#s6tT<6?j9OyV6Z+`)VkEO
zv-r%L`G^7s*OA+s<Wsp<GEkpB_i^6P<j)1?|3sdTV$WgofW)aocnz13zUR|_th9UI
zIg%vLgyzeaqANYn0A}?2EtWD%K6^j-k`r0i+kUE{1by*)34k(^Lf16z-oM|h#+j1-
zjx?uy1ZOBWPBf4s6#qj`{7PMQI>$Z!tT88!ToIM+k)}k+#>6XT8D~?13WyaIpk;M}
z8%C*Sl8M~b7u9FAo1%-O8mv)F;BWhD(BcajeKH!RT@gZNd0xNpqxH+zK4vr%cnnHC
z1z4|f?DnsP6k#0mDk``{crqlG@QZkMI@CD7O`#V%ih>~28dL#E)!v*11%+F+IC11j
zCUmknjmb}g-=x$&JleJcZw-#C+-Fs_+#Y=)BD>zbDb!oAg{+q3q?=))YF^ammxjBb
z9blpDhpv2v+l^8H^T#iU>PBV%pbDWmscFl=O8S1MgkTqgYJAgE8c(FEAJN4iNmr7`
zzUbhotAVhr(kPZ!6R+lMrhJaw-%Oy1Wull6rJ6KP!mYFT_nUzKFAHHYd-<L-M}v9%
zRB%zLR33udD{3^Q(7aJ2w<EVL78^=2vJbiUVw=0*U$v-2!o^WLZHV*ovA&(-;%Fk|
zlA>0gpy|CIgcbQb-+Q*ldyS_dr1E;Sd>ZaVQE6}jA&W+%#tU|atF5i7wEXFN2B~0C
zykubQno#TH?M6s(@+LO;%v7;6fgvkr-9F8ksyM#SB~eQbEw@20?6aY$!xWU3C5Z6-
zB~^DyxRE)MUU&rdpys5s8F2`7Rdx%9*7E*i>u+rRKkNt6k9*4HX0R@Ikl5lC*)?=a
znpI>iVywQABa>?!6jcg{3MVmZWO}UL@B94><9wtlliHMZCJsKngvOC9#*w8aXqO*l
zUdTy{RJy1tY$O&|o-=CH45K{`W7Sg&wxIg8p)WyINOY3cNL)j>)@Y^j{^;WxWCUZ9
ziCsn={RE*RJ16?pUyj^c+FFVXWi|;=eefegwF)y-6S`EG>#(ShLy|3*2*^W+$XSVY
zv*lHM1w}JrHN~S+gOWF>A2S~p&ACVB?N&xp<M7E}4nJ1|#RT6B08nkaN^wk%{8|G4
zXc<Wshk&t4;0|(ivUrF$i8QFlUN#_w2`;SJcQfWZjwMq>LAEL@lfuzmyi+PIgOJ2v
zJR*S8B0@$`-YK(fHUAi$84NlcDj@!wV#nhL_9ziHuhV-hASkWE`^hr>SV`n8x5lJq
z$BCEuh%6pKV8kkak^hKGR^m-mWgFSbca996flr<v0o`<#)=ileA1e*_u>S&ybfVrx
zITD9VN-RtQW_Dh2;k%GfAaK9?tUiBXM3SvT5!JG|PhVSsESJa<VR21w6$8Rcfp>zp
z37>W2C7%4?&P>#sQR_<lAL;miw-=+=c3ilBd4O+fa+{1x!y$ph;f$y953)(^QdKM;
zu=0mAB6DU>f+PF%aA$*a>OGKhOwaLGb^O;Q>8sedmt%FnbWyk1cv?*J1F-6l<sAK-
zuZkT5pUlVF!*aEc&P8v$;Gl|l!!XDLQlH<SQ>7koITM&~k!tj~^{cEjK9aNAevMDS
z$Dd`xmX18HG{;%d=RRqb$%`u!ZuQU<T}|pc)yiOdNy4Maz10XVdaR8LmJ|EKx-YtC
z;inUU?0((^^O`wz1-`6)EvDF$^X4ezHEjd#s4%0_w1Qk4T4w<tKuo8ujGA#g8H1O;
z6D88B+VF2qeUskX)Wq{j!x6X-nv$R|3~dKOmALcB&h@`tZwjy9c2jNWY=5Y!xkO`R
z`0m|B60B!`X$mtjCU@Rw4eh$1+kZl~l=TI>a!@dAHdsD@l2|&k9x(_R9<$P7f0JNS
z;drn&ZMb0TYAwd9C3zU5pB(t~^P(1A`I@5C(I!Oudd2B=Wd$ce^1aPM+*%q6t8LGo
z>J3o(`vb6P-H{_{4>KX*JMP6Rapu$M(%<_1l+cCe(luKuLpT-?Nj69V)5shQJ}azV
z;*1QZH!EuO3GP?s7UV(Mird@a@g|Q#H4K#6TD2|5v&+6)u&8ut1`Foq<&fq-;#Iah
z!A=}${vmFUiplm30m=ZBU5R?NW7d04BcoRzA4zqVNuhV9%Z5so5G&JrA&@3>Z>s#o
zM#9}ayoI<$2(tS@fO-n8ny^XA&hc5XmCI0Li_;eP)?4wx$WsLw0J4<YAE*%xPJ5aQ
zUzYUDy(qFc$up)P-t&(19xz6p>$3)nFHS<yxS6x-S1C1Sk8o_qyQ*dv3&Pq{ulO1-
zjCMENs>+MO5Ax-@`?{s_C9hu=R{nPQ?z9~?-e8xRP`V|r@BaA#dii#H(YOqS6)Qm~
zNHu;V9t3Z)qs1p)jt*}w$+nA9-LuiwcJK6kTEQuITVMApHsl%vrQW7+vE5hDZ-*P%
zA^YQr?<=0-!%&N=EmY7QrFv5r0JK$IS#Zyoae3<0nwK=j@5;RcP5R<S<M5rDovBX#
zLAO}|r-kNpY@J;pN}1v-uSUkKo={W@7I*jW6+J>iMSiz#NvOOO(#0sH%VU6dk8J8X
zfC{=Si6+aT_jHnu|DHp5JBA5bZ)fIM>b*dM0600k8mg>_oPXj-sF*=~#_jq<=IUa1
zXF<<o#vE?3mU38sXag9z-MPwhE>L-ToaZ#^?!&Q1Dxlw-IjHePjbo;E0aC|x+ybg;
za<Dw<TN0hY%c44SG@i`HF{9_zn*E{2fi|D(r~^y1Cxj~b_R8RGjG)1Yx(t>5pWI>b
z>#9e7|5igH>hU2m5jDE3YxPd;_Fom=rQgzTS}q4SoJNPU3N-5_trAP=BRn4N+%>B^
z5*7IZY{vI9$}Tnwk$r*nmM{c5L)J)qvaSdEAXZaI`>u{pH?c#W4<#~^QEJtPH(|0V
zt$$GbvBZpv`f_BzcPVi$c1OaLCH*)wOH3Ccdf7}7x}985>40bmZzBN>iEWAV>>|L=
z4-EzG<|}QAPW~{ll@XXBw9^*dmfJyG?CG}H*1Zen`&2Rbmo@#zwM(D+@duIj4{E3T
z08FI`!pT7Ozc&MYU0a|hIM1V3UJLt~+`+(8J^q+U!OY$TTBPqn0|p}oyRVauuieQh
ziA22W6T24|a%N|Cf=Xf$O|JTtosRGau8jSqDkZ$t$qJNmyJcY9Z~f@1`3ZWQf<P63
z>tGIhEa=3hwetomV&UA}Lz`2JSxo1D@>za0qW>brc!RNG8?Ky-;EuH!y&E{v7}Mn{
z%S;Y~OIC8TLx#Ku=^(1eDYv}AW%=Kly0ttx0d0*Bv&;=9(^`D)z}kFD$lJj~{vx5t
zwvr$Pqk+MW7cWI(40=^tP2htmd7_>6L}S{hWvbDSj}ofAd!Ctz$pOo$*I_zsbhRjz
z#<vfI?TOt@>)GK>mve?e&TJ#R3Os~q&)ms3%o?Mo5UL818!qQ_dz#SR#W11?*yyL{
zhn?d5sf6!p5KFY)95?`XZ*b%T^MG*rC*Kb)VZ$#|uq$5pMBPtj!KE*T9m=XX?XQad
zUNAK|JowJOrK|&D<Gw;w+ACHC+hYg6zyoLLX+k_?O(0AAX@7HMWT5z~=KI_U-|I4`
z#<Nb3F6TXw+<ndV3ANAFJZd8J(9PkU`OcR_$zSnNGGJAw-2GbvNj>NpSsHX)&T2FB
z3<34%e1*7(Qdj-!`GTeooH4M-jxbyu)o7>*^|7yxkm#=Yw`0>ir5wF6m{Xs{d)?^;
z(y~9ErnD4=?l}u+-`R6|%_hEj#bm4F$T5*VQqP%9p6eUU%Xt3lu9==kja|s$f}(NW
zyQNW=fd@u0eNfW)$d1G36}_aRmF2ing866Fe!e@!)v+~)lXi@`Vq<{Ap4b23>MMid
z*t)et2oQn=cL)xHyK8W_!QI_mL$KiP4DK4-A-KB^?(Xh<ocG-KJLlf2`7vERRo%UM
z&)#dV^~kF41}xt~dY6dmO0POT6YQDhsH#%?c3}U|ueNiJB&VURP5Z6i`A}eH?mp)`
z{=Pu#w!B>r*>=}L916AixQ9$RGBL~iy>%j|0a+rI8c?xq>&OTSHDqN+ln$qc3*E!d
z5L8`agWu<WigeVr&}m-x)iZp2@xi9rW45*jf~oB>mxq*e{=!TegAHeV<AnSRB9nnh
z=j-4ViIC%s7Hr*%!5X>su(m&KsxI9>C7F&*_jaL1boinj=?MEL&M^vFpV%`Vys;s<
zS}tnw2VZivj#IDbY~}8m>z5J331<=UvwD6WueAH8tSxe!9jCdUKSO%GbgsF-RISyR
z2oQ{w)iiG1&2Q>5Cd~7>fjSB>CU?gm7V<tNtoin)RZ3^kcz$i*cfrsxCJf`x>^d56
z4|>hN2tQmG4iP&~uvtGkKwQK`(p%o@$T4|wdVOtxZMCA#TR}~VwT>;)Voxw7@Jy&q
zhj>?q{T!-v2xjob(DkkQDNlN37e{e;cR8y`&$Qu5;$PXA^jfa8&|re0#ODz+Z$!Uk
zdl02rtpDmcez9Gc?}YEe%APq5+vLUT*q+gwZk>?KBsZ1xBR#hN*U=ftaK+_9kH417
z8%erux`<08=#dxhVK^>|nSUx0d46?R{bX6$TBqxpo`2_}&~lQ`k^VazD67Z3tXyy2
zmAM#pZp!A|uDL<7+iuxSWm9lY);(kIRi`g2&DPYaQ2Mz=rKZ=6%c6|xSdAqNO50<~
z^O{#HpWbw?XZ~Sbu5zOKCbKa|69am7yf2@+IC{zMW`$j8``7Qoum<<DQU16LP`5MW
z)rSPL-{BEg{DlB9so@NN^I0NX!`2{lrM30Z6f!h~)(l+For&L$uyGW!+kwCQ3JI}9
z+R3_hn|${+_6qe++@bE4S8-L3KZNc2jvXf)oj06$9zFqEU-Qf{$KKK_qa;g9>`NNx
zw<D6?L__LO=hyCV9cuX!y)KAQbv>}V4dobWfwqgKN^0$Pw6lBLaoI4j`iM3<LyI^t
zsxDT6+K68*%L?n+X3&&X4Dr;sQVIz@{UNbU88_=0uPJNgHLGE)OJE~V^xskso*(K4
z0~}zOZ%b@Aa>zzr?;%&++L7Ohu)D_?jP0Ovc-yf#CXeH@gEgUXzY|=_IxNI-x_Qpf
z{W);g5jDG#w+IEz->{AU$z(g!{^!tCnn<f5%s9+-{q*9i^$Jd{Bwz*RZoLh2ui9xm
zAI*uct<7{+jT4UVF?qHRf`{=HIS9Qenrt83h6{2;2=}(aQA*Sj=nq?*>HsArsd~$~
zyM3@R48T8f*`PZXx_DeETTvX1*248`O9P|cFtmCjioQhgr^~UZ{64Nh0w*8$qss9P
zMSF4MWXX*apqcQEx6ym|wbuEYJG-#8sCtcUqu0TAoS~oMOopJnROuU&WsLuN@`++!
zTB!}MT!d1Z1*o)DWq{f#LB1^KaD(E}kWck-lsE&wr0DWAgD@Tuzah(g8-!+Y7pbKi
z_@lQdV^V6+>@o-iBy!V3&h+L8HtJYApUE{GXt0Dx$l&FQet7n7y$0`<;V*+~Y9LsJ
zjB~r(Ay0QthoNK4r%7VIE!Z#^W@3f1cZVP*sAVS&z5Cd@UEL|ejFX5gjy}toqL_Ii
z&_}(|uC$7hvPz80LdpBUorz?do9L2oC;9ZI<Fna#ohr~-r2T|WI6ZL?S6S&UYYM~W
zY~;1Z>kr&X_|y*hRK#3I&VIFk2{VJ0jBnkzU$41;%9`EB6+0wo<DpM-<nn|SePD9e
zg_Ke+v~x+3vE9%O$2gRAdn!A>iAR8a2cIdUE7akV6st6os6xwwRTfceHSI?S0`V_X
z%=+XcMlPREL|g-$vU6ibnfdg0$wR^jy`mM`943Y*Y7C`f6YiMwI~65^(Y7kIIw|5*
z*Rg#F<yKjLw#Mh0a+c0mKgPmNt4wcRQn+27>Ki2+$$L(<NtvccMHqL*Q>A;#iaj=d
zKrtJ|Xhv)US;CkS^*=?IpXyI~>nd0fj^AsF#aSyJWY`+?S961FotR%0PQ)SQQHwmx
zc-J+2yxke0Sw&-NBFR+ShB7APR~xUmxVVgjdJmM#G)J!!jwlh3vc&03H~9ICtcL<y
zA17pL?GFS`B%XLEV9wlrV#75!`UJ235E6pb8^9e}SV}!aKAZdEe8#1tRu`}BoD`j3
zY|`1ES<}nAzi`xQNx>7tYn6%1KeHHL`S7kCOxkpggyf*Krge>SeLMwix?+=&%olu;
z>p59*s97+wDjO_CxN*TfPBxq)qUbr9zaX+xpnc5Mi_#n0DQP08xrmWxSQj*CIUO?A
zYg21M3-@|U<Om489}U~Wp5}!Ek!IiS3(mX9`f#6G^QEw+x4YhchenB^tV<BB@H|8p
zbsg?1;=ItwCH;Q9){Kwm-*j9ewZFq6kjV!hMlpF*M{0gJ517KXpRUASB|<2V&#Pno
z)3^4LaKr5tejFbnm?rcDS6R5VL$@qT!X$B7j!>rkK&<JSh<un7TwtE1h*M{Gg@9x)
zQ7Kf$b#9x{+0V>AdAkXN&0d08QQ#+OQ60M`qxL6g%JH0IIQedeoiwcf{QS(eKq?g*
zJMa|WQQ`J%yG=<Ot3=Z9rb4Lzh*Stvz$sPd^W;j)tKhj`=kVBJ!Jn_n2Mu{<>UB<)
z!{bZ``t2E2nGG7SCFqKaR`|K)MvV@u5btD4br{g&P}w;_$p7?w*z_N?y3OdHmg5`X
zEKir|T+DcZNGS5fT=QWCmDIvvy{$XfI`7Bq%N()L-mTrSW0bGTU^al-a9uY6jS*7x
zgrYG7Gd}*m`eOG}pMZ0VW?(?lIR%+=5V{7AoEgGD^}Me>ME{d*jzyRB6tA{M_mXKq
z>#m{T92Tp_sa-ZtNnRmb?Rk#}f}l5eB4#t<+O=txR3v2IG!J6p9NdBu%Icz5+`nn#
zXI6QSA|BG=i|(!BPtY$7BwjLzNMaw|^$Z^H#mWZ3(kwLxPkhB}VY4ASrpx14^4k#G
zY6rxu>!?%~5qqwydDL2cdHguwfm_aXTL3a7*L20pstER9u~bDFJ{*qrJCXbR_))wX
zKdCKLyL9)reYZ*d33#v|A#6d{Iwyy%56OzxV;|mZ1o6v~Qy+sXTV+SWC_-+~6cs;y
z+8{Za5z&9K00PsIB^0HivFod>WkpO(cE{k_T1%u%Ioshp!?RTm6FQ@QKZ{3GO$c;V
z6U3J%#BbB9c;U*d$uw+ToscvjzO)nW`iqx2{IVw-3TOP6Pw$Pm4ec^8O7?nRr_(h~
z+LQ#&$QWK|i_@Q`)+RX;L6?fu?o=6s0K(=Fq%^}u3u2+2)i&X!q>aj`AKgw?tjY;?
z906r@22A)%?Xja0K9vwo=c&;jBrN}=Bm_73AS9qW2W;Zh(`bsZcr)x>5BE|M9-=~K
zVBjCj&kkyGvn%Mh5~c9t?eSKrj+i^`uS6jR+Fawv;~s%)oN1}q%X;swZ6B6rcr0cp
zfi3k4sjHDg&0Hug^VPJ8y>;KAW78a-r{*LiJ9LNI%@7;lkNob${TMlG4tN`>&t8nV
z)1(gfx2F7z{%o8|Rz|KC5LV*gj~#nCEWclC+F#mndY?g!d2skA?M*}vqN+exx4Lj8
zox99Qj>T`2deXIxz*BE32bKs-(4d5DdtA@hw-~G*k`}dUBMNR@e;%*lpSzYyWXR=(
zMz*wIZpmUufj%?ZcXeqSw={aLh%s3gDT<4HPs&Q5cu9+zN9>W7rEIQal*>M*t@$Gi
zSx*I!dZFpe^C$gs_s5m&mz=nnB<ozZl)PFl;h|mU_y8s>M;A}U(Zy~<MzRKy6%DQh
z-=L231bM2``FOoUh9F0c!W_$0Zk4J1i+Y?tKc3lBnod0dT`vQlltB=ldl2bsR9AU|
zx*yaHv$MpIwrw#lAH#epym|wj=tjQvdR?ncOl8~hhibZ|-Yw0pOOEy!1jYggFY-Qe
zK}Mo6?~om-vst2YyV&SY@1CjGwgt4;ISX&<K}3&iyY9=}AqFm_LIcn}>#N;&pmDt9
zY91U>N6RIOEHI7p58{E)=VC6^`tLl;4$iPS9mgw1ro?NlMRbgfW#<wVDMejp4|9?m
zpp`avCW57s+hfBKhr{4ZjpY)=)DrM(r*O;bUM%C2RHE&|_zw&y78NVKgJuT&3Vdll
znV^X(vS0DG`n?$*T;a{h1WkyM;3;jOSs8e|4}Gm_On2xz`>5a=Pf#2Y|I+P=m=aJX
zTuZ~%cDN_1;Nmb-snKN{TswGSz<h|5DH+SMaDo`GM%xLEK6Xw({Qv8NpS#Az{sXoB
zv;j|+%cnAuJQk$Qy>K_dDsAn<S3%mPe8&B2`T{|-@>DMKnlRJ8H0a~K0W423!L=BS
zJSi-QEaKQHf%f$SvV@d}z3Z1+DfN!>^!AvOV@b*D!)1TsBS{mlwve`2b*n`U3DHu%
zZH{vO>JjE2l1vy`1+xCE-C-}uo04iLHtBS{WZ7S1#6Rh}v)0FJDQZ(ZJY<m<fqByQ
zGQETAW?^~MAJA&4@}!nf>J!f>@SY}%=s#3<ii{(>p39F6c<M@TX1l+AtDG0NX+How
z*4{c)L)8L-WEe%+vWBGHN1F>4`&BJ%jn@bPLdYm;f=nAO+i@q11U9)wwTaHU?cLP2
zz7qL-pl7!70V{Cg?Yqk=W>n0t{t&2=3u<UCQ_l%PP+*y0B|E`ugAtSHAIv{XITYW;
z5c@o}S~QrJqLUn!n;ZFsrYsm1Xz?<bY5mG3zfr{YY}uo{`xCw>T(8n-^+QD%w?WBS
z;H0(*c2yBBS6%0^&{1GF9V{S0m7*~I?BuGYU1Yj{4jZh)Ps<#e4ONlFhw<KFSyUX5
zbhbCJ2L7yLEvgP?i6S`IS2A;6n69xGZIEBXf^hl~F1q)}OL>J<-Cv=!*M^ngz)@Y)
zvFmjahed;WE|-lV(HKDk1U))w9U36&Xk<l!3wdv-aoLQx`Lo7h(max@(&!s&B`RAM
zax^R3u?el%`~Fy+B$qNmcq@wy`dnlyufUxV&k;1de*>NO9d`CJgzx9_Qd<8peA$YZ
zecom=coig2E6VGl$EFE=2HG@ZC!fSz4*Ni%{RyE|1k1W@_?FpTpT`JOJBo%s=o$~R
zD)z(1u359JEop}{oK>pQ9;qd5ZO1wtL723`CI#W;pH{hnBWI%dH7{2Gr2_Uh<eX0P
znw)tyn97)UOaf_wI89IqK-jA#<#9Lj{(K4FEWN4LB1x*0tvB9gMVN&^jMK?-vT<Nw
zpx4<b3*`&6`AmJ*-ul%+isx}(KMpADwmiKE269Gpq*m5hkFUUzWuJAC@ZOM0g2sW%
z9Eei&xwDy)cJX%SIgH!>n2cn@VivM;HoV|B1+S*h(BsZg5mvg$%AqZorolvOjW`^o
zCu&ePzp6g;u_*8q+vb|$I#7s5L(V%lrK`ff(M*r8zoIFNsKpRwnTh~9{DJpQ>g=7D
z<-1WqPp;r~YG%{^s@S~8H9_D3EAZZD!!x)2_v#<>-_`$@WTO-7mCDSt%K}zV?Ol#_
zWNVQm{8~oBh)z{#ujSpOwcBe{hRhTWgJo7pNst-S;H2*8;4ea7dH>=BRA!WdvRkL&
zz=L7cDk{ZDfaxSTeHh+%v8mO}{zKLWs~dCk*$xD{qXX|=scPh0Hd!DLK@ciE_$OwG
zWFw=%Z$bZIo9~rzlek7*eik1Q#0VFpFKX@yQPs5OgT!?3q%srf;5|aLrzP(#)DO%P
z@{0v<MplJ_)-E~P=$8j`u;13t;>a&+>ARTeS7lT&#l^aef(J$67Tp3$Qn}EM@rp&$
z`viVK%Y1Q3Yie>fHj2pTzF-Fusnv(j^S_3>-7P&_X=BD3&XYhPo!hSn?Vi}srK$wy
zk(!%*j{DIqh)<UC4aMS{sN}SLY<Q<t-|<+^*>CFo4Nkses_e-Op7YXqT!mSzi{vi_
zsQmoK$ud)hOy<9U%8HmO94H$K3Y*A>hadN?tbgO&2*Br|E}h34VMnMqD%;g@PFRoU
z%twb|Yw2;HYN0sf_(`_;8F2{6WI;gfRYACu!jm&w<b28G4^2e~Mv{+ZnR^ULk#;-Y
z&5afBhyI0BH*lc54TH$N({U7$9PR-R)^5BHy|O!uI%CGBl^489e$I9<tHm-ZDn~+5
zMdLvGqKb}l1W6e>m0paIJNQG#Wx{wtd~Dd+&WlGbk)&+WJf@2er)$)2{JZ^@Te5&*
zY~BvckVAE|g>$kK%Ig>YY&VpI?|y0tMmc_5x}S4LBkJ6xC1b+{-$?GTB>J|;Oz#np
zrY!F%6UWm>*48rrkf6i9KJIZJ6cKREBRNIlWE+jnOJ`Ii`MC0T-|W?s_2v;Z8q$$T
z6)1RG4QEZ7#YDj?*Lv_mw}DjJg6s~~KZaA(8vpd)(QuLsmuHZc&VRr{XGJDKLqL7;
z0}Ndr<RwJ2YFvw=-j=b!H{A~vfLr?O5>#>_ROz%^FqrOIfL2S|f5skg?QWXlbZBKA
zm_O8VL2^-v8(T-aDFzzqctl6DLSJi;thQF9^FMk`MIJFp#7>&Ah^K%W4VI_V9UoM7
zWm0+qiYw3EK#}a3&7oeUh{}OMdLN9KgW}3=|LKN(?xOFHk`qDs3y!hznYF7z#Brer
z?Xr~nOn-UBmDy&Qqb~xtf5mmJ`>b!JkCTpY7_%~ur|fzEV0%W$1JjN3_cbnCBD6SL
zWpEk!cRVfTC{}c~MHlNp{0Xd@{mF*tKbH?98oEK`HE^5+%yY-LwJxWoW9(POQ^{sZ
z$$>ky<ncpTR_;y*7RGNwB4uDgt5sJekq{X0#fzlN45ztfa$vVf{%<9UE>G2JD;e00
zZTso=crL`#Qi>QA@s?$lbSf2Ti|7;0yXgfiZi!V2Yb`V~2^s>iskHNLm-S6tpZ=G5
z*Mb5g+7>|f2eT0ut5{*C$(i=pvd+Z$z=}C&6}rdBm(E@F@)AiNwZ1!QRfRp8JceQK
z5$P3@SYcf6c-5i29n2WeMwba=%x9I~mQQ}W1+k3z=#z8E21lU@@hp4UC13oiPiS=O
zaeS}9wI0+DC)^XieR(a}Riopb_no+EH9oUK7nMd4XOc=%4r(l?fcLwfii%`2Oww2<
z_m|%-05Ep`FkzGfNTztMmB~VE-^f+0&SRFEA<bQA#Zf%s5W;d|#b58Sc(c>VxtpNM
z-xtb(!}6z)Y>~q0>}iW%^Ro(=ky-l@c^ED^#%}adi4}dAvIGs%4bm#Xt42pizwKT{
zEr^2;OHoR>2M$Fne;L>2TSvZx58o+GHhtMow9WCjF_=>on|R-LDFprQ2o>18_TR&?
zB>>eN$J0DTdb4Kls>cDU{@Apqw1mnRakf$}QSB=SP*tV$QX`@WPA}JM{F;>q;)=wM
z7&QQT@=teLW<86d*c!@l3LUzIFl_EnIlDtvs(FJ?@oQkMlgBsP_%=tUxqxJmwogLs
zOW70EQl7089Y17cBTysAV`@ctID571ru~=SN>2w`=4zHOc^|4zDAGwp|ENkN#7gSu
z(;e7wW3&ZySkXTre)8ccHzKBO_<?cjPovwGu!v>m%;m&I>(Cl`*vtScA{R;#rII4Z
zR-r!JsfULyKTG<$lBVAL>RBR};)nQTUcd@&L#wqJ?2IS{H+K-!jv7kj%B!l1alC`f
z1emxePr*queJfsfH>M+NTly2x1a7i!2Ok8wGNuzZ;USOqMh#t^yQ^yK$q-aj;X)Vp
z!R<B(Edb(y#ezr6d@N_@x`12@CH`JC77w_ChZSt^d6IDaRFTm~*7zCr6+&e)$%jtG
z@B?=vj-Je@|F)^$ku*}|CVwlWImQl>0)apd&{zT3s89k3EGa1wCzr!_lA1f&O|xZ3
z9c>99aCf=Z7**&bM2H+=yFSbuPA8KBH~V6}DEe^7fzyX4N=2*BU)kMWkvwiAu_WiU
zNS@|Kx2~vki8Gz?Rd2^FH8#}@vy7u^&UxO@uI61$M!b97!ci6+C~a)FPmnODya#5{
zj54guSK^o#n6SNe%uIN1*~WPa<heXJPNt1-%TveunK9y+%;3K_?-($eo3Y<Z290?A
zbbY(W^7Bq&EOMkv)njF~#|1s@#%b=8KHelrKeNO+E@^^0tPpkS7NxYWuOXo>9+@y?
zGrJzmq#j*{zH7FC+^MCi3hxT?=L1Nkl9}KJqUNek(^6=DJNG7}i1}!^R^YAp_piRb
z3s(7vBArPzADhlTkEc{M#tIttP0_MLaU%1n)9cl`OSrN#S@xl|j{qqr;;S6ylrd~=
z12zi`N5<H+7@8@hbbS2_l~A<YbuguGG}X9F>2OOB7MLJNS)i${AEUCy3!^T^rsYs7
zTGJuQK{Hmmz0cOpPS`HIs(0M>k_Duezjy12*)M2u@01+{^~0upzROMFP~q?dU77Iy
z@f;7QP~?jB!>|6FRHlEM#Jo^;(BDS#7-#V@mP@hvi+H6@S8S6bCH&4hU|+b@36~;*
z9zQdwPqH+_)KPX7ub};zG^FH+qfm+~`vq6+d=w(IvMCkWw2r)OMNbqdWw7*&w>$2J
zOpB+8*+wQhG?k+X^fcXkB45GjOSDD7J5HG6*<_}tnqKAYbvL^=qCw|4c~+6vrV3-)
z&UGUvWH@3lv9B-fX@)Y+Yo2vkon7lp0j_r-(nLz;IBVF#O7`|pO|=>|T^Mjoc^P2I
z@Rl7f3VWRHlJ5>xuTfXZCZQtK=+PoC-6Mmye4~xi@%-}r1s(n*M(lE36oXDTtoZCC
zyd?|49DjT#$EW6gxM$Ce%8RVK1^w%4M=bUl9Z5-ueJJb>zq~pUuUN!x8M@s0qSClL
z^X13KdgraB`f&O}S$*FPC?0Qx;BG0+%t)h={@A-U)7*He`A88goV&}LP?YQPvHZZL
zUtU}>x`RKMS@Gq(pr^^@x>3&%Vdfc3hg6R%*r#q_rY+8E4+ke4FWvMHhj~(p46Zq~
ze+S&wICQcHgjH_zA)9WDQtmFpHCMZJS@IZuVYCp(40m2qYrV&<2TG~o7xHzS)J{p7
zl@(v}Jbk>}Z5<qz<NH4Aj5$fBZSodG=H>XOhgDT~Slt@_+krUsp-@9vu@{d%K=O<m
zYho_qHjn)yY(!zQLN2}DEFs^{L1At<7GLshlc>ersVD$P=q!=*nvgBMSWadurO;?d
z6e&A_w(AxhP91e{cd@jxU_qhtSRzw#m!`n71*2zpj=|OtpQ=1;u$mPiPk4)ut*n%&
z#@2F5uBx!+U#olv{NK%j=kXZh6m)8p-{#W=%!toyEG&9#X>#@fLRs6MY^p31?!v0o
zG(o5)&*q~9i+4BztH;=7YpqdZZ7f){DkIR=j$h@3EUWeFu+kFk5}b@&I>Mha8JHgk
z39mXc6B#8wju3c&Tqz92w1v1`9p%NR^ahUwGF?1M#Pg+&Xq?20L~+Zx??@cG=JU{<
zh^D=(L3U{pOdh#Vr3z6r65<-nO>GtHlfekBZ<Cm<cgrZzf|f&BSLd48jt>kPO%dWK
z9G8y{{rABa?QcXitDYI^8obaoNwTK8GWKr-*SL<j?4NXYwp=sxv#Aq)-g;y6lp(<s
z+KSS%&uZtg8`h;vf^syC)W7Fc1T<xO4LM0fjp-4W|0Z-@WeSQUz!wM9AFn<iruwzA
zooM@X=u_pMHAgL9aZenDKDjTP6A^kdChR3j3yOBdPo{1(@b&F<d#tlblH!m$iNcxW
zzKY8Or}T!82hbbVq#tmV+`OM9@rvD@&X(dfz8|G*T3S$-4@$i6b2e7{I+!+wUERDg
z&{aLyRy=M@?!N|7X(9rJf?LcO?sy))qOO5P_Iw{8b+MiIWo$yn2t*21R+X+Jprt%0
zJX{$V&RU$6GeO@|p`+`P%T@BWa`>y~e)L+1Rwl%dBGi}JEZ+{0H1a*ibDp*Rp)rac
z-FD)PdOE}F&6=wyAoQvB3rGCkco_?nPJd*IqCFg|Bpl8Ew&EfbV^j_i)*En|>}}4<
zp>eyrEA}QZ)N;n;*u^{ovJxt-Q=G8=WbMGrK%DKoZQqH%HR-;#x21k|(L+Nk>Yp+q
zYwD<J?^~NFJ@#<((xXIvb#RU3W-&(^{U>2MOaUp}czeP{%~+f`n-yG@dei@@i%iDx
zB}yGmy-%;+AhtF*Y8Hz|ZM4rYNt(|*jewiYC?ez;f}QDAAMQ-<HN1nT?n7MXkJZVa
zHS`4EEgLZ8V{S~W*rs8nm@MHj$`a+3CS=*<8Sc3Vyaf7}&b)`<N=-J;3#QxmIJG=N
zLU^Zd*<kKSrOiQ27k(7Ky%=K5QFTo^#h~Fe;AlNE`;%`|%vhNmB#B6DyrTmytofeT
z(c9B@yFl8)ZyT5~1SOl?HM=mTB<u-bFXa?tt@0qdc@hAj?<K5m>kW;Pv4Cav=nqS`
z&CucfG(+Batgz9b3z*wGD1ih8!~BtyOLQf4e6Dgt+arkOn>6Z!bPJ)9IRhq5hQmlW
zQj2S~ayB&3r&z!AQ%r|`nJ2fCxI65QM@Ocs#p#CmCipKZsFt$SgBsx&aL_B0$hNSc
zTr$knXUgVy*Ax!Nk8&fRaGla#;6wzYwSxrXPtmRH@tv(k{zr^6uUGcI@w&}X%DkuO
zn#Oyrgkto<_Dl=ucfiSe4i0{DAb9albX|LihaE4|tCk3!OO<FqW{*wN=T|f_C3tzN
z*YB&wuRWMgNOaj!@TM~Sy-*d9S_uUfO3P+HFFM}c8k}}}NwH-}hF42>4{t7|Zwp&S
z%k)H*D>Yel_r>tV=Esbi{4ofQ?VQh$t6%zo6a34TM2TE(k0gSiZB^K%fx7W7RcfHd
zLQrONtvVgOt|@(~lyx^wEc;*7vHQU2dYhFJ6C<PN!eOHKTHQ0|yUIf8Y$(m!CBcW%
z5=j{ugpeM7ei`}F+06?#Sr?bh2%jOq3)V7c9yo#mJg-ECQIeZ864e>!H~g^<1`%bd
zFgD>tpp@La2$0>{DWGD5fnlwL^A6}-FYQsqB(C@|XVx2+8rp3jzz0Ag!_KdN=LAcB
zNdaRg*ZnB@iu3^P=s<MTATOr7DmHxvz#e+%D~m)J6?ifp86loPY95t#5pu+LAjoL|
z5NlqOpMhku-^-&8Q$NH6{QQefA=`aaokJ$;U-{F)H=2~|_*7Z3R=?yqVuAVcJee%#
z1{kl(ZXh$<XFZ$wHC-`*bi;!%VYW_q^GmEs)NG7o$&w4lpTd$alUY%hp*UTk5OSjA
zHZ8~qfD7@jx<GV4d3Y!U(X_Z)Wp)#9rEk(e6qb8LMf|Ghl$~C;#%$%-Dp9Y5gc&yB
z7$=owa~-D*KuMGhHIQggO$=zvil6`$F&R3IX1uC-ceRJ#`+N`>d;qexvN@#mO9gn<
zA@rc5M|A$2jtgD#F^E35yX*0{%D4c?$<S;}^}h}5fV95aW_jsC<<);%(&x}x70!#C
ziq!}|NO4mN9~ix{grAW=;hymkJ<ecJ1SJ~QzbPk>MmQ%ZE6>J6m**Lqt}`4(9!2f)
zAVU8(GTNxxk9?4p>4SYNExw&cl_?qEVy272R1JL?XrC_;s?AP3JjB5vhE<mE=j@e9
zoewN-;@#T#07U0IB(Yak4<qaSUNY}j%=ss;L;|PeR%y~KSERkr{K)`FhFr0uXHJ_q
zqSczXi=Pz7csO*2ygqSL@U?<Aw^oImnf>bgCNUheP(VS53m8=U>}w459vd{4eOedA
zHXSQ+S`@(KBS6xdaTyHG+mD*z*3um6Oywx1y|l+l9mYdY1nLNWOBa}8uS?SYQr!V?
z+HTyf4)_RER)+dT4rJj%b!ot?>~@&R*n|~wo{d+XM^++*SD`2-z^zLCa%jZfltNYL
z)_t{Y%s1nMP&cbQ%W_jJYTI`p({0F(-;P8%=`kefJ#cEpq$JyRTT?>*8OEZhtbznj
zj@bNqA)TO=jvKl>JoU2@P(g5cpJ>IHo2L{QG3WTZ6=yb8G;-++We?8td(gjz7Vp!@
zDr%eHSOUZ~rX*a!(Fvd1r~FB2u=Ct$`j_97StVHZ3#%993|T@*kA64vxM@>iAw@Cf
zKP2M_{WVsCC`JPdI^|@R#Z{W&x~V>96oOQM5`EwAOG_{2gT+fwxN6?Lu%w12@6>^0
zin<c+z^{%PaEjJJ-D}JxDEalZ@u`h319cNTqL!tl=d-~I%CPUKZFX7^S`9|A`|?9c
zNwH;kP7#ynUo;}zG(i}P^u9#^!25;*-!deK*Xw#a*NY5k0}1Illz1<Mo(J|{o2X%;
zj~#!Z{js0OV0@r9_TGoVGxzS*v47O>(oyZ!=O^75(<jU>;u6U`4^&hgpOBlxjb+b0
z@h|uk&;#!?&}*CWjPS1$-HyTOGs5j>`#U@HaSW`U`SyRZtLL1M{EWXRD_Q^8Uv_p!
zU+V7>jPl*94z})ZZMM_s`Sb<V2|C(K39;vV8HK4Ouz1Rwwo9lLl7PscMdkl;lL~nI
zz>1NVv)buC55K+~sZPBAFU^NHsGjh@d{Q>TL$Eu#-oys&XiE#)|2PtsljT@UNHYGs
z(PzO1VY@%fYS}B$x02h-{L{_&D-`FM{|y4FpYFyR2~c8UpZm|)%G1Scus9_Om*ba%
zCMYx`_te|6|HEUxM?#k3{abq|9a>_}KxQ;o%3{^Gnev|q|0fO<UzL>pKcna0UtWhp
z{`?Dk{m*@M`EvfPj`ZqU1URI6llppXtN+kYx^TwtepzijoKj;)iynh@c(9F$q|k0m
z1=qe5Ub#_NHV|c25oc#I*614*OS9DX%n1ipL>A;!-_&DG>qr|dR4S}8lER<tkyF^*
z5-D1!3l*VmP$YbBP@Mat<ww#Ex9e{_@{-05MG+9fKC0Ka(UrOYzrL6<TbJp*bXBUq
z+FC08tJ3_=zg#1_{f~;%tLgo%wccPT>pc!IUifDKarUfvj4`&7EUrgGk-;<$e`+GH
z*#;M*w>H>@?Tlq2$5K-<;@gW_kYu>PfeYKIOrgk;0nePTSb1bzxI&F1`ml>&FvR<?
ze}i{_jVc0n1hOuTZl~M45s<0ZWZqcTPm>o?mq*E!1yRzf_YR%CY&#u@!c`)Jb_?lv
z1@PWF%dKcG<QLw3hYt2$unWm?7aELdm#j=4YsX(Ex3*%S-$hU)h*Koex}4zOqzkG(
zz|`C3&`l*GLLtI$CYAm(eBa+mdaRq*?SI&nTC?7F7vt8Bg$<w;FgQosTIo#uN6|+j
zc%Fi#KDPR*tp)o~5D%5?We?TZ6{)=e1zkwXR^!J4oUiZJkKbTPNg)oWEb>phT})jc
zN36#QsY8HJ8y^?;UOWzNrXt6h?v@?TEbds>9zZ1T*M08$tioR70K}W7WNLLq#l4lH
z>2P4B)sJ4G%X2zRe@Ro(8V7|L3HjXNYNB+b8}0V8U-%j0bn2>pI8uuzhdwxsHEX_~
zcaq&$zH}EwL{JbPF@C+|R1RCK@Nxf$pk==lTy@Q$Gq1^u^}k-Kn<uKR%wH6M4o0nv
z4+$9`lA+T1=$oZ-asYxkAG3PQOiHvllX4m?!((AfsKv`FP&#Pzamg-&!hW6nFo=~Q
zlZf15fDpMtiBLs#kP8dI#~o&%N+QF9#p@?e!_y<x?y>*CEAH(K^+>gonKG$EZcR^A
z{Ku~O^AC0nIi9jyJZ>*O)*f*{m^ox<n4Jh&RaUTcbyRx{tb=<>=PBYxmGr~VKN9E#
zJJPY)5@|n{^t`63JWcEViv{?DAF7BBmt!P)fGuOVh?q(t4FtkRvCZ}a_OJ=DO{&cx
zP%8Aon}@zt8^uT<#--EfaelM3A+F*;&I~fd#KI-$R`edohb0fgh@}?iA?OiDU`}NH
z05bDt)z|I@?1~qVpSQ3mrqCFpYPB;YC}75sNK}(u)w;VJ!*}!M8p+_YAYGIIJ`$kU
zq#N_3h&nV;?U7Sq-5%YJqJ_s1CMzap8}20lF*nrk72c}aBS(AekhauOVGvvkemDo2
z+LUM$LXyO7LmFN?I}@qS$|K7&TyBNK%PK-glm4uN2KWPFm5EtdgcJ~n_xcAp7ehFC
zI{|S7ghZU`J-hdghwm!Oy))lHRB*$I6EDam0FwPsfAz6gJUk*x>2k4?FDeR3$O62#
zJf=fjp)o|JKj?7^0eS5%z6y3QIX$I9W=fc1oM}dOq!Ak&>j1svJq^;O<Xc`61-hN8
zLV5|Gp$lc(_|&1VX#LnA2G|~yPrM%xMa_R!O`@#YMLSf5=W;Im_?Y~_(w!^uB?zH9
zlpc=+`Q|%k_qtwet3Hv8r>s4mBx?6{lxbn&fl8b5tTM7)@gDHzzxv>R&z!cd#Q&L9
zd`jc14e{KJ;UFzi4cx;!1?j0z8$+mZ4e(Z)BAvh6^Z5+#6z$ls@z$kmgh%eGP@)^}
z>bi1MTNFZdhz5<7A1&~#{y|{Z5#8y5$XNNE;xj9!HpZ-2vCBKJD<NaNE{r)$Q?u6u
z<7V@1AXbCExVpP%9XWg<VcFp+aK@ds&x0FWZOrWs7mYvFgtxjNRMBRDe2{^N=!C?~
z2@B(D-CwVQf|!B#9C_@S;n@%|p>{y_{l{*gl)@-7SB7r}C=Lg`f>>l)?yB0d(M$)v
zcVw#lg|oiyj_Bc|S-ic_Rg)nQm*nLMTz&GDOiZwgG;I{sqB(#yX+*H01$_U<AKp!)
z_zoAXTB5n1WtT29f^+6OcCgXerwyrjyQNF@?MI}`b3-}gUo7j6-z^LRE`$Oeu1W^T
z`v-9mQ3oYbRaS-$dttAazqaUjXPj_TT&OgPW6D^hCRIJ=faCk`uI_oq6)Vh$cdG`H
zrr?p{Q|fkIROmVDDv=-qF9#Tmg_IiTl5$+1L^F<(g=c|z2GDomz%mWav}As<`3hBc
z`zP5it6y577j}@DcBV5aYLv4&9Qi?mXvHCjx6OEJ7y?o^7gHH+@bCkTFNn8241tGI
z>W;mNCd%+tSA$QSM#`v)#@A};y_muUP#w?*ohv*~Go|4Yd`{?JjOnTQy*NJv8c{6O
zoBUt`hmc}7`B~buCpH0bP_?<$I}RvA=lzwi43{hPZ(1sH%h`rIF$qjG3*j>P1Gv`<
ztV7^9SH^=(b+T!W)DYumzfo5-|7@Do$Ko0Y(`=~r9T4H5QK}Bj6TMQ~VD>UpCsTxc
z5BW14IUF5JrYv73NnF)02oA(PiT+{clsiUWa4$=BRB$G~-o?$?-jq7TZz)nFzW(us
zWUYD=f)hFGo~Ct^3e8l3AqsGdId3KD)jl2mQhmq_{Z>If@OY`pj}~Uw?HMCTom{cz
zCy;t?o&L7k@kP{Sce$q(+R&Vy+E%B#%T4W>_<spaJ&Pirx&D=~bpXEvvSi5rw5(_+
zsGRPGyW{IyO<Gi6_}Xo6MY9CWJpQM>&B?e_-SMh!1YXeMca+0EJU<&g?oxFXZCtLW
z&ie0_0hqOxR0~=$UERdrXV)MZ{2FOKkXZXG^y(UlsnNW~sd`HUZyQ{Q3OV?3hU?LA
z*nOOJxcFL9`u22tGFaDSsZ&FRzA4u77!Qn(Qfkv0(S&Z=DBfR?E}@j+N!Fmv8WtUE
z@bvwz%9>})xk0P{_?O^QVjWN2i^yikFzn5l-WGLRt&TTb(paSsGgEjt8ddmR^+mBv
zyr!z-mNDFCON=d;`tx(<CHG>!zECch8nth^R3n-%HmNhDa?3B?I$)oGFq^g*R$7Qh
zHr^p#?%OGDUvm9F8RCqKZk+QvHE6E4Uy*#@i0bj-?T%>Kr!e9;&adUb&qFpr8mN>{
zy4zsut&xsXjEYoz{Ty#NB;Gm@=;BiiBx1f+ke4+XyH-OifUGwX=G6F#x+QsyZPs<G
z;v=T6C+hGLfGVQlYWpSlVDJMP_Q~qI0qm2x_WPrZmgdadF-4VmMp`H6SCkzaZ}n-r
z(X}Vu(b$rx;h6Tv-8mLfI4&w%+7Mo;YJE577@u1wwz=2E{5p1bwF!yK@ojYP#Z~M3
zvTe-S%J}#^?{L8i`f{seU$t~!4O`N(19cb<kNC8dTo`uq-D&RH%1{KmuAmSt^YVOf
z1pprMVNl|lx?(Gc>;|j*N$qLf@tB`S+|UhLN0$~;rz1Skf`8YD@Q9!>iPqE8tO9Y1
zgKY~{1Vh)G8M7X!R}fYG+Br%Z#cQcgHCkWj+jqNni{d%2C93O{sC|IFY`5ghqDmEx
zr#(I%>7tjOz2A_GZQ7q$p4TeXbkVmXyn>-k&)>JQqJ+7twsq{T52+cKu<UYFUfXl!
z#CL@iW#x{(b|a%)1aokFW^z&X&?p7n7W}Rom83{$&tbO2Q4iS*&&!=*I;{|wz`imR
zi!GQwMOu9E@%xFU`{OL>uu4a8*j~V(v+Y)lSVK)Yo8(mwVtrI_<1QpSGrJYTGJ6n?
zoBwdrKjNS7|C286UvA@4@5Gz?^36-ti3K&e1?nwDYV(rY7@0_>)QmZC75fLCWRexU
z{WH@khtIRDG3S|{`U^kCqZq-xuilVoQUn&3sBYu6jKw*~8H{OgIEEjD(=2`+kcoN*
zVG$l~nn~)v9+MO6U}hmpj^x!5G%vP@??p^UxdLF&IHgy9dOU}IBJsvMl|{9%B0H_4
z0s}%0ahAcz9#d2vE!+$M(<(g`JbIK=jJ*0eIRLm*kFINZPV}b@IvQv{90TVkHrJBa
zAclbbletye_{bObYI@o4)_AUzvX<YW*0TY4g0vVCTx^H}l%3V;GQzC{UZ*&zs6b&0
z%c4-23G~1cHMI9!OBZirf5YZjo}^||XNU|}Hz&1`Tgq0Kp!<{Rx4vWbnh+Q#7TSUE
zpfAZ-#yqTDlij@HF&Miezlfz!GD1^W=K2d0>&N!Q3HT%z`TZXczb;^CWCcNIet#SI
z024)EA{@$KI|lz;{VC&%3F{o{wb@>V>xcdVmgUY)!LS1G@Glq$^-d+;xO`TfM{Y!h
zWN1=sUt?4m`;+Z=>viBHB%OmdzSH$hObyZMjBsyNkc9~Em1&P170#;w)J4|ly?jt?
z@kWXCIyK(*B%yB<;qo1+=TpCgEV+Gw2_Y|+e_taekcydcYBVPAyQLul0k|&~ZS%cI
z(Eo&e#x>A>%90?1IU&yolqD#)H4z1VxT#$uKyUz)INdI>)YhWFHNN{YRHeWbN6E6*
z_qBl6cqOd*P&R%14JJiItUt>6#2XPwJC;WosS*ytra4?tYUkpVJDM_jA00a|O3A%_
z@SA(6oei)j$~{6Z>1G0nMe03h7FS;D;b1iL%O-S;od5Y0IUEck+@0`43?&Oxv!+GY
zLH^%rk{#~Cy?<@}&NX{aZny5_=;P|DWKb<VG5{^bDV{`0k$VgE2gp9xtx@14-Tomk
z>-`OLa7S!TtXga6QH|Wyb<mT$vnDz<eN#G_qow`e<)CNC5K8E{|J(h1b0|OpEu5!7
zUBKb#ms@M)OSH<08zg}^`fr-28+yf9`Jeg#ul}(#`WX7%18_}7OO%CDB{mdO{%3^x
zQ8PNJZy4E!d0Nw5ERJR#P(*U;b<rcGTX59T%)e#uB^2yh+RT2?`W2WD&_&dU=GkEK
z$$*;KB!pC*(PRWwARIlqd3wEK1~Yhh9PSjhiv{Dx<BKd)Qf1Vq&l|NUBFUPRji{rH
zcc~Jje<sXQUS6m>y+Z`5;nmng>BblS5M;PzA!$S7g&8d7RLhcS0*IifB`7aLj^=>q
z>OPPP*^shTza)N$U)Pbflc{$SUT+)%6xjq~jk-1tw$emzrW=n@=u#F2s4dS-8#H>S
z(ke{MBQQVse*3BGEaO=qP1F4@PVVO1-QCKNQ=>O&OjCOM`v{yl$!CpyF8}+Bj5DM$
ze9ey-+>M=^C_A?>XpZC^yr2%KCao;1#}F}Zil64N2te-XD_g@QbGzqHvR<|l;;}Hm
zgaRAOCULs7cU^HVpBZ;6LgQS4jIXJ?xy?-w=HHRJbN%-X@k!g58-Ejhe&|FsrAmV~
z++j+X{7QkomIj^wvr~9{n8#slqgZc|Z7?6<FjY&rR;$PPf%r(*E8X@uoZ)Ws-44SZ
zRZs-O^ZyJa1>yhbl|HM)kYP(G>J%mf6!fb(?a<cJj#s%(zgTI!eXG7yP#M3=tcyY^
zG1;g)%YWz+bg|azXO1clUZABZMa<;=%zJ|s8fl$4kRZ8$r<vLfh#f~0a3L8+vHkWa
zqG%+mm0z)Oqf&i7b<|W+=K$FMB+yqCb}WwuEfdDH&T0P%O8r7lBQ9RjokPbng+4|u
z?W=N(t}Tu)5tmJ6(qdqe!!WS?UI&*Yv_MfD5tLi`vt%e)6t<s}FN{3Ve1qc$aju6D
z3ys>yjit(0etSn!BjDD4qPBQ}AULHYF5yErlYKgKnY~wE_7Uawps|$Q@fdf#3}0Mf
z*@L~gQor(c4KF$qohvV<&J!Po7So@xLPFCc$f(>^7gRw31tVE{)Ot$vB~C9=so|Xl
z`@x(KU(6AQP^N>+2LQ385GW-%sAV?Boxn2#AMbtP0ouVYiWZpM#-<jC7lfHm(%pX3
z1%g7c%A|vR3{m_dh>=QNOi`?J%b$eo0raggrF%f>Qk=wzWrEsk8jY8g+PmZID>FjB
zf}>)W!RU8=(%1kg#ozF#Vdleglz>$3f$%`M#?zq(VIGQ#Pa=*RQ_49>tK!{Ixp)hg
z@Z&s}q_X#jDy+R6!+RY6E*5>-z?Ud<p!lmuR9HQf7xz6p-`dOX>s1m>mLgRQJ=*wc
zzrFbFHN)<Jn;`;CGJD!DlW6wQX~*gs2jpUlEXG5-b8+^A90;sD7|#RzIWr4O;`Qkm
zUO=_6Ub`PK6QZahH($rtNsgj8HmLuodk+l@UoLk5$2tOG+j9}jo80xMv%28+K0>8d
z9$kETa#k+e$`439yEZDoCOUomiEsQU^KrD)#6*fWf07rzK(din$BQpGWYYdJ@rG-|
zHK17-YU^d`fPmJ3J6guYF3&YN2g2<|xt`n(>1K-EEUU@;UW;jGkQCKD%uV~_nj8O8
zi&#|wSIv|7S=G}8ml1YbNlJaA@Y>`{xXFk9Y@Ws5cI3Ebu(dLb&K{Pi-}U*|EhvzH
z8MIUq%NF$>724RW`FlD3n8~;_Tq;50rcK)Ojx@-*;FgXU7}4`WhUko-M@8qw#~xo3
zE@SlD0M;UhoEPSnIkm=*xEmC_k3VXdaVtRW#>*<qgX-jjN38v63BbJY0C*`bjvJoD
z9!be&bgKmoR!5HSbyM$PVM+K~lZccgGfqpH+z~_?0aB(l{K+%Zhdf>&G*B5IBk}SK
ziGu^b7qdt((Z9Ry^h*-txQ=w~+-^7unizx&O@3pa>6Vujx|?G%9n;zrq}-8NHH)PG
zrzZIR-p|l-HdX&hZV<@upBxM3$8YOcZW2;V_0F!WEZBbuYhk76j~t?p*#64cVL_=k
zcDUXt1RLLfmI9>AkY+bInjt)m9|f0lYjlew(QSZDb$6?tkhWZ;;v<+=3#6Ltd=U5=
zeuB(M0p+ICTX%6<UdWhZrQL;@Tt()^iD-tmq0|x;zM*wdh;iqo;we0}wEDmu8UTj&
z$mNC1vHLS$WB@UxEG${|uQYn|^-HPU^W%b1o`o7XZOB|B6m<{mVce35@|lAg8jyZu
z{(&#=ONMx%H|tHI%k39BnF`abMKN=^`<Og<_r*pp;C9byW#Nj9#K&hA+UD@#{`o4K
zlicG<dCD}lhjiyMd6mNI3n2`4{?55Qf-F<j&kct9r9LLQ&a79d81@f4TUKffiNUw3
z-x6ewy%3LT0ZYu<!2!ccqn8PojIW!eJYKp;$Q=<WfInr%TJ5#y9W$Q0Vpoj@i5W>5
zn@tLY_8k$7Y>}R)Uo=nw2ieRcYgL@{S~s<958&&r@5^hbWV-b+%UP7ud%LVk<BND1
zZU)p*;k8>g05pUm8||^)3up{o52!&?wu^QD?jCQlP-rZafkFhqPF#!KOLRE5<NWex
zt6Kl8CGw;U0Yx%WSR=BobmJtZ^ATtQF9s29;jS@LyF>bd`T`V82pkJs_lq4w9+`Qj
z(jo6n9*PVTUV*K^B!<0|J@E5YX4UW><RFovC&c_%+b^l0484~}v3;M}Fbhm7vstZL
zrcX}|zuR@mcY%}<at5rU`nTcVQt$6`|6S%h#}(zWTmKO!PP%$%|JSHH`^zEb?rCiy
zqtF(rKZk{J<WHWkvGvCeXgwu5a_mET<dR~FZ3wG41BV~0t)e+>e!P=X)yD-y1jPJ&
z;%nk2782?rB<W^E$SSg9M^^sQ4!`0za;pK-`rDNLsJ+FKLbFn>6+vG*p7M5B@s`M0
zmt{gf%gpMN!dh{U%HL5Ibfi8eBS`?5`6l|sElQdduL6qr_)Px1V+vrJu?Dg3bC`?D
zzig%^(qSt4!<&$9Is@+`S4jG+1|#2hhN+zyl9Rv2it+&*bxC%d?1KWn^k63O>d=nr
z3~WZi*m%=C(;r67zaj!o!(xl1*5~nPNQUj!7!(^Lg?o6NBey?vLxGwfv1}x|WTU1)
zG^pm{>r^IK(y}P!W#s$Le(EL;Zoec{e;p2etx!5kJJd50J2=J9=V0A8oW~WYCda}_
z?om~jnyJKZ+53JSvD9O62-{>GKJzUYhT=Cq%q%WZQ3BP1P07*Ly-|t-xy0J~=ZDJ~
zhlvb%GS-^}H#>$1w3lF*!3D%39e_U$_@~V8=8WXC_%?mHwn)_RzCTr_;zE-jNi_~X
zQ!_=I*1G<x<`yL0<>VD-9hOGCn@URsTqFSL6W$3tUTom)uUllG!;&vfGSD>w4rV{n
zwIp(;g5&UWO8EmJ%={#OIwZDg2rAVDhinK|yTsp1j1ONw!BwB;aw&+-RBot2qkdnx
zE-V17@Wx19J0!;H2r3bKJz7lf;B`a3&&I>=VWm(G(IE(y|LHapWs!y!_u>?8^dZ^^
zb21frlgQfw@e=hKF=GAGVKFx!{SLf8<d*n`MM-4caA6P@maHO+prW?$7PGkU^1=af
zBqBK#j?&#UZZWw6dY?4trRiPh@gFILfHl&;i-TiJOML&S68`VAOq=+g|N8m=KN;Z4
z@qbeA_c8wd>8Qh7(rfglmgBkk*k*n;?>IJvRmpS1Fy6W-)mc5hI5u>9)wRXH2VU_;
zquHBhs@H|>&ratWVUFS*8|F=E@L=hv`a1*rUsLtZZ>`oTDMV~5cOtLbZ(a$7u1Jbp
znz9y2*o!TGw$CeXySis<BW9-&fsK(dg@#vA5A*adKX?Z(>2235K@k0%oVBb|AfDSB
z`tv%myI5YaEKNM{@QUv1M_pe7e$J<3h>N8R!<f_M9@V#vOgFc)d-}8Ak=+M1u8&@C
z_3~?n5dY_P{yOXetMy8_@ID!~Kd$9oyIUkrJ25-IPLt4)u#e2ut?j&dZx8_Z7JFn=
zX$q(ARK)bjNuDxxI>nF}_Sy(HVpE8e4<hd7wxsU2`F&yxtT2dx53>kYpuQ>zSKF<P
z{)WxAeaPi@7QUNmpo!TUv`>3}TKz2Hddb`$O`Zu|dWDOBwe9|n{(G3(s31xV0Z%$^
ze%ftu$%PnBT;!<Uo(s)8#$|d?kD5#a%#2tIO^KeTy5ljh{><@(8F7cD2CsqCO<7GJ
zPk26VtvN+nGtOP`@V7q^xgeqIdalq+)p+9b`>dNcQ$#e_1=vP3JQ^bY_k#b5i=9n@
z==UYB+ClF!-;J-Bqpi_Jnj3By7P#1p4K~|)*(t+xMZ}!trCVxf(-I!<f~QiL_C}Z+
zZoCmUK({*Pd2z1#PPaAv=02;<h|!q<UU81(Kv-yxW^BB1eF?f8XBif9;znSKlB4>&
ze)>XNCde}~S~|+nXkMySUNYLutU#9Ao>($PfeZQ(OC~9rR{<y0R1w{YL`uN@=WQE)
zJhjP`3Slpq)PiWnWV`I6C^?k|ibqyxip-6$cg1wy2gFG0m`tqfhK5Y#`tb7o9t+c{
z=wF*EWPc2*@4ji9^CKW2e<5kRMwHW&q$9q-9w{pAaka`AifgNN%@1K?S*H!3c$YyP
zi$53H97$FX>nQ~NKepa6I?}jn^X=|*)KSMyI<~D!$F^<TPC9lfwr!go+fD@?+xDqv
z=FGhB%sFe_AL?V>t7`wTuWMgF1Nf4uDhb!dl&NgrIT2j9+W40cPeXyn@CcRRI!cqF
zqw@=*H2UpQf*pj(1vN+qE;3Q>hlcm0z&j-1yq7+726(T-wTue|dAQg?3y~x^pKT5u
z7^1TrOck;32pp_9&1^_9D+xM2hc9y|s$mZliF3N9%~rdHR8b;0U<zerMU5{`WatFy
zDd|48ZzBHx7uKYNuolCfq7Nnz@bDdadE#)V{a5^VPWI=xF5U)Po(mBUMw)w4T)Ddj
zaQDja9O*MMhZiI;8%MRzY|fT))sge;^RXNeGG88uKdf&&UEsYh^*I_jwg0xb^@e<1
zi%YT5AJWk?4kX+f5{Iocgq52gTz?LiySdm$cv?shGNxhqdyDiQn*(Tz%<jemdS7mN
zwAm80c%LD;Z=w8kpd{r{|4g9c{p=%x3iUje3RQPnHha1gTblXlsDS4k$Kd^PiQVx)
z_;g`bLu4s;HMi#VwA}@qXEOMgDpK!n@^(4>j?JMXA9=c9;e^Kw;pOp9>vIr73usu5
zvu}+veRlf1P{QBafuT&4H0*I5>Nn2cz4BMbjkUpV*OVK2SfXgo{GR4{W|)7fs^Z{Z
z%Gh1!lhDT<p`P)+j@!T0p17>6z^D>Mv_{X(`#j)noR*pbA*a}zd5T1{-980~y}?0`
ze;1XCyoxcU>yX~}Fa|dj-6_y04u55OjnFqVhp#1vmw7*5Vt)?zY30&8tRh{;mDd;P
zk+(C=e_J8D=d}lGRepNWO&i#5g^$F4OHI;cLh!ulSIe+D=EeV-vffTB;Gxd}{5ay_
zy%MDG0OcvOhBLIqZM|nbI<00(W=bPj_1u`P^LSui>ck!Rbw4P*q<_Rh`(BCBMtF$)
zkK68lE8_pTilbdvs_Nn%1W)r1w5Ra@ofG~7q~2a3^K7Zv4bJ1_*l7Dxm$M=EEd0$f
z0iTe_LfNr@*v{<v%(Buy<>^ALd(h2Kd3b$Ej`^_AMjxMfgW)RL?^AB61mlXr?-jP%
zy5cvJl6A+YmABmn=eXS~YXyV3|K8W^r(=$%p=Dq3jh+vxl%;1moNAQHLmk2o*6tga
z&qF_`=YM9O!JvcTaOHs+sn^<Q-VL5?1Gjs&^^Y{3QYA6>2MWCd(B~}zP73YzBSQrw
z9_{?!T0A^!X0e=Ip3i%w`ti#>hD|4~rW4XvM7bHP*=am!Zm8#Qfp}Sx%hv>8ZDCn}
z^ss36bJ68Z7hy~7)#YWb>epe~89#TLQ@tN`2OB-ZI#o<J8#VTyNZpgm-8=HDPmkK5
zy&(tbp;x5ax0jSw+sTgSgbvN?y^dA)Po$^g<?euz`nWAWHJa=OYj!OhFfY-JL*DD$
z65w(xm_J1cTKWhg^!enM54`t&cptw`f_A^yv~&Ed__6GJ;-tNRL$chI<<;})^KlCT
zoP1vNS9*UE{)E9idYdy<^*y<LJ1+O^B;ubcf-5bXxNggdzU}4zRNHK64bZPdp_reX
zfAj_BT)H`IP<*7rX%!g9bp8c)f3kEx_z*Vv-4mIXBgP~Zd2K~nFIcwi1^P+vW=fU8
zWtPRioF8K%`r;1{HA_pjNesmsN$-uV!~|Bh!wMTIi+*d>!HIa2O+)$ro(;Co#fX~i
z5jd*d19JGTc{frxSa^2&Qjh)}H-To=z^uCi;kM62z;;Mc=VL<T)l=t4Ot3<k!@bC<
zyT>VV$oxJk7-0-%W;{Av3T+wouXy`@G64Ezq)=N)M-a~T{6pQ4HNc6mpCRZ$+RO{8
z_D<b_n4b>#8Hm1#NiM#{hgtO}<R~>o#mr%#tm5+KxHJSNW$dwnf9fddCE-?EkI2;)
zh{UT<DmP!WbYB=An!t{a%7@0kb(~y+%w}`Ec1%(SQ(%Idd4}D#IP+LqvGiORyUsu;
zzYlC)EMl_+ku$m)gGa0#A>glhZ{89TCkA~=M$xiQEYC7)0S$^QNZQadf+WZ5&tZ$3
z<KP6>pTKiRg|0hpfa4*KVSB({BNIt6i~F8a=hd65ZBKqM)K;34fYc3&MRyd^`aOZ^
ziwfzmsi{oZXg2@u=%m(>&+@k&h>WM_1pJAQmCxNJ8qHY~SPFu@hwY8Gejs~&!=aD2
zy+DAl3#4s|EUSW?k`lz1W<4?mY(Y27vdWC!i6P1rlNVQOlZ{)kw8w3~gJPO=`*CUf
z20#AKn~}(~)1EkNgg<E|zeF@#L1s@!<r?3$$COo`c?KBJ-quvp4yb8t{+AcP+A=Y_
zKnzP<Hl6`HHJR@o7#~&MX8+npYRWpNtQRcjMs)KZ>(Kx8Y){UB?GdgU=)89|ryj0b
z2#vamGFvee?(HmpPmrn$hj@G)p`l4fi8$7KBWuo#FSq;gxb1@;x_FLY_4?I||9DvY
z@6EYGBYEHF9OFmd<n=tEwNzz>tEK&DChyQSv3eyE4f$XYBbb%N+oYCdj(1}5a*k*I
z2LM{dxga$~(i`|z*-<kl8}s&J8Ayx1CZK(t9_52!qutJL1702Zed6j(ZHz`&B+qN=
ziOhI`oi!y(edIiip_9PNoteCMJkB+t*Kx1ZN;^YZo$vg=+F%9`YrO^VU+S!qm9xr=
zAt%DOrsXexaycRX+J+m{==A=I{!-^8N&QhyelQt+J0{Oi)+rEp*(g%-bw-FNT}}IU
zmK@)b+7ND)!Nr>>!TO4nWBniRCo=X+P~=S#|L))=9<Tv_;*C?HC_G#l19b~G+iaMY
zX|5^MhR4+i_`x*ociUu?%xnZt6)912tNtZM*2R#3CV7guG>1vjPs?i_TtS#vr#utg
z?^#i%5$erOnz-|nN)v}8(lIQ6*}lxxN#z%p#1_gomoYB#dNSh;sS!88mS>NqYMVHF
zM!y3j%nR$D+ngBm|NUDE{PdME)}W|6qE;QsG44mza$nBexAt^|+fTMqZ~7HuDud*U
zZ%xwg@3OT+*yG5*>yL3jr~bE|Mk^JY?m94qu5uR=JcW7h!kCS~v^&RRZdKXGSLMAt
zQo^(WtLk_4*lM7P=Av0tP<S$sVL8p?oL~&QaoO)OS3iQniCApl;CTb(X^5TklrfF`
zeBtJCl+950kxfZs_s&V^x3$<f_+DaS@9GhN|M&_0d3S%0)zqL~tB-+Mr8_3=@&`JU
zZesU2yE6BM`1{>)VBGI`1!HJXeVQe8K^dU$YgU4qQ*tai_IR`XR4g_@Nhx)2Ea7>f
zgXBnkl#P~pvkX;+KvjCbOwN-KeFYcU%Tgfg6k<+W`!g-xaB=E*?jrracA#H`)T!Jk
zOcRVvLp~*Z-~pNXqIl6|7UoM|20VB<)%VT~?D9fniD#R7`X^%*tun>3?g9fBK6sl^
zc9nUkxe_A+&Pz&?RHDSqbcfRMEvGJUzvr;Wj*+prg8}IslQ24c#hk9-&q02Z+)wE0
ztgpaty7-nnT`jn*+XMXX9f<$&xz7$?VhGh{_vAGB`b~~-e^xAXb&0<2rhvxc$FX<`
z+8c(Fj<x%Z1+x=iqUUo%EDbzggD&R&0s^(YnmB1nC8a}Fw4QfKtvEcsd%tHe<@>o(
z+@gLphGq5p-gEG;Oyh4-#o-PYn?VxkRDBg)JZ%;mX2MhhmVCT2bvpgd?q_XmMojnE
zT1U?$N6(|ko_<u%$6ra}m&RQ#_Gj>p?|Wp?NCW8i`^eEMyQfxvHXykCfJKV7SJY}?
zl&ChA@tVwM<QkKo8z4l)gDb^{Z}@9m9fUAkz1mAD&CHxAd>`u2F-4HB86v@+HT=iO
zWeL%gY5ZyiCf*Ji&=SIfC7|XRHr4s3f}w`XMwd+D8;J9CJ&PR_A2oa`l!Q*LmF%#%
z&sG9C98ansi$rKu-D#x82mrCT%kD3HIfw4R^4XYi!>JfhmxIR7l86X-e>n#_NjoM$
z;H@+zWYwG*UVcE}aoYcR_j&}!<Wit&?DC3U=!4j&JTgD-HPD#*@wl9W@^(%BnVH05
zU+&s_Q5X#}4~OPK8?jDj3mG*L-e*03{q}#YmtexZ9-PP{i`D);?F0V53_Y+uuQIOQ
zRf%2WX?eD<pUf;x>h!(9f%==Sc7(7&Whfty9+3+;uJ?M*dl29I<<a(6!}hE9^(m60
ze&d(lr3Orq`A|Gdd_u$Suo}s6WUw8X#fSDtZ4Ihz?N_1SM#_a&867s=>s_JP_Z8#n
zE%I8uNlk0^Vt~F;6`Hg!&`_gU$vs@^Z4x2FHg8~G_&awwu>#iSa3si+Y0|=|PKvan
zrQQIfP*1L;G8|0m#m+lL)Dco7r3F)}WHdtB;bG9v4pod}m;u@TV6DGPl))vH5)YHv
zrQg5`7^|4J&GqSwg5XT<{g;>Geo#a@375iBFeg>H|7{J+czizNczSjC07r7w!IKA?
zQW8ZRCHwbxLKM+e&bVob`Y4W{y+%A(AzbLP74$oFk><srlha+l{iX!DT_<)1D1Cf{
z_NMW#x{NaY25S;bYFjeml(TOq<?u;{f4gB`r^B%HWpgNp*d+gecWs<cP_;<!N-eL&
z)rhyZhSPFH{*mnweWgbjxNb~%4n1537gPr0Iqje$qS&v~NZ6FBqaw1x$L5;CFWAL@
zbBa^@|1CeBltPrsw0;xJ>HTc87N`A79ce3<Kl5<E$=3ZjS+op!pZ1WRMc4oJX+{cx
zvUiRj@Yd4CNSYYoYI-91C-<HY?YvX`mIL3;341cy%Y)Z%x+_*+2>Ewv_<2U6IkaV~
zSVyEXbPYMZ5&UkKUA`x>;LDTEafVthixRwEZv=&6&dkj8b*6JTZDSaD5$y6HS@$oy
zBHvnR-(6@AKNv@`IcdV2lq?SA2V13W6kcWJ_$AapCD6jl*4`dRpW#t$D@$iEN(iVJ
zTpH=^>%GwL?x-?|wN&oMnYk&sz3bJR3XoAREo7EcmvsTJ?LOy*i!fWjcCtPaAn&;G
z#{GJ?>DOMTLSVXW0(X0OjUQlgOeOL<>fG>LNX|i6Z^+E9J*ZV|(6%!bWT!dt+4ai*
zbn6VwQLP)nu+f`b1ucKr89M!8fKMPXq_!v+$<yBq?K{$S0J$)&JFt_?iQZJTaIk!{
zFzqX7;)mKK#b98&JGk!LFZgl(!ElpOM$+lENX(lMy4raBYc_IonBr3UrzcCxp3OmL
zpdL?_p|f**{QUtS4%}_T#-W!#ea!9jZ^#Jgb*BcFII^=vHwiB^EUWS~2P@DUsk6uI
z{-UC$pA0S^J5<+P>!nSh${=q(2WS14OAQxMQ@lfOuR!g``&;mEPAyPCY1`s=BvPnR
z%Co~u27ha_Mr;|6zToyi1-sm+l5Y0kM5LASQ>WwRNu5(-$Tbqjph^kW)1&s(6Q#&#
zSA)qlu!_UM)IiH4dW2Ob$|MBZ@vj;JPRHgHIt77XAQS=w$l(jN$h^J9iN*txYi%^j
zV7*J_J8OK@f#ddEG5c!sB=dfK`2GrKOb{uJ(kI|tiB*&dxII!z4_RUjRz(q+%MbeY
z73HW|_#JpbLvf^NF6Gh04_p}Ew=rWSi)zm~dO8Ek%fAQq-s+l){2yn!AU%MD0_<RU
zcty>*L4~^!ZTp)}XGu?bq}mk4PWG4tsR)IlhEOyJNGoNYhuwKvJ<X{2gebT9DB~)O
z(|VM?=zSF<d9nGOAO&9h=mTr<nwdaF@Rp+Wu37GC_!(Z$_Xu!dTegeZLcbpX0`&7g
zpFEB70dIC|y8oOY%JV!*+WI|8?o>B~>c*{FJ?-g)K23WO9)KW1JuXW=g4$fT<AnKC
zh#n<YqYK-^7Z-Md_>?>%cJj)r3Apw|lhN+v(Yj`a+X;Q6o8m=lT`@R5X7z5eD-Qqh
zvk4^_^TuJ=zW4J}+*c9SUi9=#9GqxWwqJ+>So?Q2g_wAUU&V1|L%@#4cRa*OuUH2D
z%mGKWhMlRN?P^d>-crRMKJ+)wd<1Qm@%tde%H2>s-_*waVvE5n?~iJbhVCifYy5J0
zPCJ*By6f$$1;P5?z^x}@BayU$0ITN;U}ug>195455NhS_nw&3U)d|6c@0CS&(<znq
z=8tp+^?vAOT5|WZwYR46=b4htakURKe7(;h<jvb-D2&EMCALRPz|Cxz_i69z)64dt
zccm>=q#3LI`{g^`<_hrX+DPuEN^NNy?Br>F<6hEkiw%Q2i;v(>{-yii6vKIABlEu`
z3;R&%Eh1e{6OMv54vkyd(IDJp$NjmqL+#zyRz>!~&8iHnd$u}r0bGZi)2LHRo@NR5
z)#>eiF|5f%d%Rekua-Dk=H)eg6#@?WNVskfD4A_xNpN7blday!*{yM&jo04*B3`t$
z-M={*Dj$Fu|J{{J%rQ5TL<d3|P3E`YQUEJ$dhkY9#>F;ly$0&yY47fX;$rO|5jv(s
z3kW(>3iGY5=!;p};QYXg$DQl%rFI&>v$)4-yg&+;4BG)326t~TuWnrvxof`#r<u3`
zqRqzn&lPEG9msCgIWZT=bHOOhg-UEr><t-KS60j@h^AcA|Kf!3j&Y0hWvgm0q8I1a
z=7f3A05(Q;w1Li_Uv&YT;@1O;-w{R2!is_|bXrrJ+hH6H;<q;oobRGy+0M#7f3p!T
zvZR}*DMW8o8ETP>>1{}x4G9^V##)>49}8ml$HA&h8&92)Q+Fz5VDX41Z(krHx*;TF
zrF*Y$Tc(3FOT%Bl!x_Xdc3S^KCyLwWXfpa+qui!_z_ay?xN412v+T9`9yv(ds~-#W
zy(?(dw!1G!`9Hg`U$BBDZi+*uFZqzixSA#E<bOLp&omi9I>yM9#TMz8J^2tQYxFr-
z{|EMIh>Z)GvK%VLG`bJ(oI|LS;1I=oTp3P*^_w4~5Zoahl|~kM+`c`bMB!9T^QIRY
zt#u&9R++zk;Wa;8M_cNp#vD0_NR0`)K=?OLCb>#0vMMxk=vmb|%`_@kOjQOD^u=Fg
zA2q2@RADg4fwN9f%=?|ks`5rbgJWBRsiQRA%}`~eFlIKIB8?|8cz&P9<3SGh4-QJc
zid4>L+wJ*n%EbF#%WsU=F3oWDo5tY&^^TL3xU`Pfu#(=tM?g;kPxlKQfOp!<TGm84
z1-j=F9(%#rHSJCqV-$1XJaGhFQk|WWo}-&(BF`jo<nR{jU_sl89!a+*hPx^YY|Jom
zO0>b=*d0909z!lU==gI?>HhA!P7gWiP#mK{+37015xDI1mWn9q8(&$53hzGULuaRS
zsB^8w3J-sZsd2QHr#uGs|8@EgX0xSaoCrttlIY;AAIewO<WXY`@pR=c)ltbH&N^H%
zQUy$y+YXRq6vq49H52}JY_q6<%Lc^HeeVi=aA1W@a+wtN#u=Po?CLr{6EhnP;C@TQ
z;%*1>iN%-BTH>4*JSk@g_VyhvU9(RND715eO&2Oca80vc2>kvvj%iMw7d5xR&T~mV
z!YnkgDjh#=BY7Ik4Y5kD6i;3kZP3mC$~qB^p%7<njvE2afi{M_H>k8DWJNmtaeyNA
zH5nf<LQf<HniX%9rg5_*(3}f7MCuyTQMH&n{IY&}6t9S5N0C}#o(l;yxh9ZuB6K!R
zB+}@PJc$$`oO5hpDB()@2zi<so;(lrJrsd0<snNEKhu@;4V`2CAG#9hf+1~So&T~U
zIF{j&&?ks@#<6b@Wu4`9v;=|~j(;=1rz;sYKK^_K7Tc>W&0<^&F!k%(F+e{Ab{l_n
z=vlc^{~5$F?0~0QsV<<U1@cfi=Z+Eb^5S`Yy!=Fuk^Mh6rQ0G8!4kSbno(*3y?+as
zvt0sr#|#q8?Hqr66|=%bDbGBrq7TTt$Eq{y56DpX+FFGbwVwj$y${(uVF&lg_PC$b
zFMh*3TF9t$Zc|cdj!}2ZKQ-NsQrqf%d3=WdtvKUDbeHh*J)D5&`EErnUZwLZLyelE
z(*c(ceto1q7(fA+bakp7lz;qP@P!LBQZD<;+Y@(ipJ?wU^DUn=uXX*qcFE++HI(@#
z<K^C@#<U+$?;qxx+Y9d~J%@_St@<y*ZE-aUulPV^Qp>WMiUMwoKC(a?Y*H^CY$k|_
zZhfMA0gig3gwi`B8?U6^ZPF%{-uZ41=Ke0{nB?$Dt+9aivKt3br65E1z(*WF^tP#V
z-=N(yG_IgQy|pzh^>L3Z6P7YHm?(yTZU?BMsHEiY8geSHjER2Dc^n6L86p+D{@!Fj
z_#-xr_qIu^Jm(-;^(0@HlqJH@bk&Dc$i7$mpjowmMm}$~&<&rQ%XCKDKnX16E~X5q
zapZW=vAMHhkIMc_qSHM;GAoo98}X40ZznByrY^l!`J#_Ge2g_>*lxty#QyVsEKv;l
z=uB?AJQEy=$^zR~SQgz?VbrR-**p6|Ad0H80Qm(^9_?FFLmEiYKSro+Ov?4mgq&h%
zbOp9=)qtBvOu_J0y)_rH2i%b+SLhmPekXyCJ_vt>FiXb(-<_6=%BjPJ1B8hkbX7*1
zZ4yR}Ih~JYYV4hRXqB{({whPV#{>pChxkZ;PyKQKHMY>n`tu3{<?%9Q%ptSoSn+(g
z8Qw!H=Dg~LJsb7fhw8st<9$369?(7Q#rf1fu1qU@$(&Q5B|Ho42Bgfhf4a~)!K#sC
z9be{kd{TBK7!_)o%`eG^Tkd1wOT~?s<E=IYZtjwOBumii4J?ggk;%gPN=22BkDxnZ
zWxcMf`E(`-QDyYjTK}*}koJg|mMC)c&8$7t_JaJp@d!`};(bxJ=q}Fl+AwbyYGe*`
zq#d~e6F19)3^+MsB)U1Lgvo*PTT@eY)u^YXDYw{TAwuj{2BDl*bxlSoSm&pOUhAYw
zynfWqP~^iDqiOV(mKCt(!^>VN^6LWSy8<zdW+Nu`Kd->fErQ&9@+kVR;^LYxHHfH1
zC`H6*!%EV7KN6#5bvM?0-p<sEXd(Oa<ww5!M>XC)pXzOnIcKobtns0jRGitkP<qh&
z+|Qb)EnMk&X1eJ1!{<9d0X!VG?5w$P02|dD4k<1T6&BL~0e7I$IvHl6R}HtV4c@u}
z=+C5{@vRL9SoH3eSv(CR>#o<=^$n%*5`G7kNv7#jSBDAW)qwC~uNj>&5X*!wevArn
z219{40k7?SiX%dd4Wr{f?2p&ij56QH%c~C>)9jD3RXySg?Ob_gxew_=(t=W)b}1eU
z5YjL^)|v;QUf1QXaljSydN=0>4c;n`*vCK3k8KdHy62&u)9DV@8ps&>D-XwC7B{~f
zmoinrGuZp5z0Gy{A^cxE?$s1U-U+~);QVY{gpj0yyW2?09L|pa5dZDv4G=(pY4qHe
zLH(9Qnx#(~L7TJ1+#PX1uB;HvfJLmzCq3*R=-kqR3e#G4jY)+Kc58hP^iQC+4cvyQ
z{*5+mae0Y@RqRi4`rXIZ`^3s_|9gPIPI_qRbbcm{z9cuG#&PXtvd6N#oJ4B)P$Iot
zQ4vjh%qj`Go>ZnHwzl?@-|G>ZK+J>9`;FhkOXad_E!kSCp4JW5X#GnDP6QQ^2g<Lk
zpu3-f-^%P@B(i^_c$$aE!w+FS>N;FD(}GUAE~;IdOb*_EwQ)!b{^5PRY=0X}cRa|R
zJ+quzKNNm}F&eON+u^>?#YZ$WA+hbaeq$STLGaV!6N_oe9XgPY#fbL!huOk_COG_O
zHP8MeK|>;0UdI%^Jye_%24WD3R6~T%#<VMd^!O+}1jGL~rL=HL9jDETO$qOr3#S7G
zmc59cr=Bdhm_I3XD2{A)N3x@7Ge7Aon(^|xIKqmL^(XdDI(qu~S`xQE+%DPY#O{li
zpC=hU1nhdh5ABf~CVq3*1UeLQ3)&s=t0(U&$x*DROa_$r^&3TcVe|OFQ_-Ui$${Jy
zyMV>-Aays!zdHVrJ?bT5-<0XzS++j5WQ?WXQ25^;Sa$$c8_0JsHlPE?&&va3>5lAB
zKVMX?l=P@&mlw~D>+h^*)#ek_e?&*NL}V5f_ObzuK#~Vk;)QCT2xz}o_}32LV{RN%
zI({KK(DY^EIEoHmS~3b<CH|$y?7q>l@Psn0Ya7T`@5`O{C#AajXEP@U#y<b+x7|?m
zGv2Y6`%{NWc%QkvOj)?uS#=qg(2UKQVK1`(nmO*HkYR7dzJC^Te-ouSRv5aarx=A&
z6!XazBkYMgx|?<s*!$E?$$V1Lwly@;VReRt5vG6NuD1jd5%mV#C`3q0p_I=`DhuMQ
z<^kH9mFG^7ewwK%7{e}}kr(O1IGm(ajE<n(Wj*vT*V7hIissk<7;(Xw_QWC|M^4v5
zC#4h4l@ptPUdH9pn|nD_e+oF25|0m{rQ%GOAC-#%6r42%k&aUyW>)8-B0AfjjUaOu
zVMW|1I;hJc77~w(dxin@3jK&L!eQsQk@bGcC@LV77<(4Mg_e&o*XQd;jv3ll-&S&n
z7fMl1QvYYPxCHeCF!Vb8&fw?i0GZeNEhJecpLh%m`j%M)SQ9F_GNBx8&m0utxg_7r
zJo=41p^-$){>i-d5{3SI@PsyL{9bsB?3s>KXE3P{qI>&utIdp8p*&#lX_cTrJU840
zZnJ>Qc(C08(hG;&L1Qi0E6aQBD9*N-))Uxn4|AGa1P)L}=MqVINEaqOGC1V%`<F(C
zY};{ZFjN#knjuctmA%EsgCOln4{&?Y%bQ=G7j|)poj7K}&fXJTd_5{HGu+B1dox(n
z>U164csn}fP)a@!RFF27d1LmYX@dxSpNJ7A6m$Pt&M~=P$FIh8j=5#HmMc8<X_jG6
zzM4JN^vFMU7aO!_ir(;F!0ez;%lN{bu<1^Bd{v3Qy)X(jH0$?;_Pe_ZV+t<1gyJRJ
z6Yh8Ol-SoKWjKlBG}6_H!wOb!s4V*tF(5_2;`U!&`B$0cqsun3aq!iX7!>ZBYHod5
z+|dAR6~--J(A%t=zN8>dtJ9cTFG!*cg;24}FBlaXK?kbDaq8NxV6y(J&9Gn5R$nAv
zvjiQvXgQ=$(Uwq>NKn_W=U{bT*^i9W2MF&OrTZHWSV!~~FU@W)3F#TaANbz@HD^LO
zat)iZUVCdXE((g8)7KEQ_5|8UIb|8l4#D&;nkr}Z#_dRnL4(Av_;mmBn#!Ozc7{wp
zuNs_f6cDY;V@e9bH)G*inm*sm;{e{>zeGddg>*^4OZ2CQW^EE11Mg4)1AhKqbIwhY
zR!J<f4Zve-!6h~kxDO~kMSjyIEGLUu!Gb>6O`{u>SQyrre_)XigL^$jC~Ms@bXcA6
zemIpla*wgqmoY(Eo@xsSdA6%_JyjSg#6WCRd!n5=w%Qy#!DmJ_-Hhsf^GL2<9Zm`y
z*6#>9OUJlTXt6`ccr<l<FGDRdfpC5FyNFg=)Et=rbx$0I6v30KvVFs6tMq-h<9#{%
zynz;j?|GkcDbz3_T@2uP*_9E?$%VF9Z3(2~(JJL^z-zL1h!2`I9DX9?*7>g;2>hOi
zga(^cK~&snZvuQz&4l>{k3s<P_-Nsxz1R%&(A6h{oD++?`({V`Lj`9qcm-KFC=pS(
z7jrAyU&hfCQ>Md(IAL-!`{q_;Vu)wNXHtDOamS~}`CtaUwI$Ii21rB8jhqx!ZCUz!
zcH@jJ@Oug5i?_3LBXYBel45EYA2>ZPNc4dX&$wkyO0f|xGJp3mw6>_|r<p1fR%YrV
z_ZkjP*|K-)gaYZ%O5Ak0oo%0WeSxB!k_<k14MHT_%N8fD$k0g?5!LLJf4k&^qz~zE
zt9%o{b1nS}y8$~hC+K}bItZh8OI1om1p--$n0-`EZ2a$=xkT@dy&+JBh$Sz$3*mLO
z=q?^__iyg=v87FJH7d#tbGS=cu21V+a6OCvLM!*f0)fe)uDF!FVJ<K`2GO&R{fFca
zruXsr3UH7D01+qa74!PB%}OHu{^!>FjdXk!=9BikOP>!P-ez+I84bGv2>Z7KDWmfn
zd~pnpbd<_h=WjY*X^-pFdvQuwCV;WG$7RP#DUvdKcr{(Nv;cP+e<Q1>`3AdM+iP9K
z7MGhNx%LstoL)Y)q?wOiE7}^M>46J}!cT<u>e*$L@dFb$^@m<$Z%Z_h-4X?i#ewvy
ztf)*MK9YDD=X0GAr;2neo>$i~rB^+~x&E&)w&}w>&}gRGUL=qTIN9k4oevMTbL6sQ
zMJ^<_YJ~Y$=^bh8tjI>KkwO`2S07_^tnPinCW(wLOYo9&8;7#KrxYzIzN^xXUT)VH
z@%IaNzrA&-)TDa?@+|0$oddFQlDi(*Z7fi+bLPgpZq??M+z}pSaU<pnXEi!9OfKn6
zKymD~6bj4^Q1hag|KtPDye{Q<IsEW5sF933_Z56Qc>=>Z{F1Qy=`n7P4~+`F|Fk4q
z4|4e;HvB+iXGjH7IQ<|&!BKy@Fui+ATL)NiDwN9(*V%OT*i&@?UH$pOZ^q4-O^gYq
zcDH=)U^WllX*FuY=%6$H#z{X9D0=o`dU>2Z?Jtk}FVb)(YxeRPjjeWl`e0OR$er);
zI%YvID7dKIe!MMfG<R)RE^e5p-4<aN-CcNH?mb5ntTgsy*^F-)22w=gR(EF#D}B0L
zJ$y~0N{KEsnAEbac3{4R<6z=l4Y{x~1x1L^ZZra`WBm&S3er3lP4)(Lja>_u#3qy3
z&X~+@l92aHKhWQN@0lMq8RO&35^ZKleA5wajc4;+@XU`yIa(>x857C|so}DH{oPXV
z3XAi?d-&e)F(}ZSZq-cVa8{;yoZR9WUDy-mHQn!v$VQ5m9miYoCLpT#hy{?mk|#}M
zoPMZnF(x=?i01BM;bJft?^hQ*ImGgN;;8AUN(OAWZ*Q`L!Sa-p<(@l{O?-e*8rx6u
zyyU<)_t}ifR!8QRq}HR=j@TZCs$%0II&FoYGXGX^J{}IB;nN)<!q0I%?4A{V)V$#-
zi5VL%d6jK6WItk76_rnha<S(~G?+0p|N1)r`#1Ps3Q`>mA-imF^@8Cs{a;=HH-zk1
zN$Vx?>P$dl^CZLV-sx$n&E<a47T>_b8?We8XHv$v((FA<_s~17UTY9t()|-FDy#=d
zD$}kb6d9L1IxH(v2j+x{gcgRHPV(>lddSL05f=4p#mjNyhZNITOqVwif#~0dM4LVa
zO#VA*>+Tx#hn|a!bIZNm=$AK}Lq3g=6NO0l)9#O}=SBc!?>LO5&L?g#*t6BOc4%mD
zd`0(=q|6$JW2*EoezjSDA7tgGMj%GgbfT3h3pqc*{9m@*U|u{>UHoH;&AxgD(qLTQ
z(XpD7hXe+DLDYer!LFBGU0*^!W;MQCeiQKh6r=tvESQEIU9rUhxx#e`xt?4RurFCn
zIo<CtC5gnHmkqT<=N(Ft%uJ3hX|3HDmgPcF86KGGxUZ6UIQWo~yX+FMiQ!tKH+F;2
zVR0>5OMzrKm!!tj{)=F@>~Ub>I!e~s=sI9g`LT2lm@{}b4qecAW-|KrxawMo>$S!R
zu6Qysi)#Pd!h+CObFR+l!N}ygl4{(+w4tNphE{8Ls0TTzK$HKbB?9V!iuTwN>_4*-
zg&ZisUVz0$k5_ueTQxzZRC@{&CUbFmCe?YeM9BoEv~^P9j8e<Wf-Z?uzgF@J_4RQ0
zu~D*F3(>gV<k-O(;_!a4@-o1RL>4g^bC8xQtGw{rQbkc7;Uqk$(hx|}V@??|CV2uR
z$d^%wb!Oz=9hq``c)Vld5}#y%>NkjCQ+3Lf5KJ;QF330w65g30Kbzv5Q!3zGm!IsF
zWvM$JBpq0pcHpJHXeCwL<tZzx+R?AbO2p&A7R6R!`-M-4B_XKrI<A((9aCSKOFeeH
zOEFqnE@}LaA3Y)PuFuf9DgI>0=*;d!PnVr%bfU$8yP~~Fmh`MBuQ=V+4~A<_a<Mli
zp&=a|PU1h=GXn|fdO^0F6Lld4XLgCPGxAZg@joI)B_jKY{h>z6zurdy98q#hp%%nH
zKgT1o65ohfg~-HCfb~5x0?BtD=O$(bs4~5f0#A)|-|#dWG7HvzUUb-^!6w7`lphCm
zHqrVW1K+OiZAKhC(DsFA>)f#Y)Z3F~me<GKdYGfp8f0@DA|7)*;zI)Il*<rUK|8bQ
zEw_DM<Et(U<AMCG;letD`_4veI82%oD;u`!80cNoLW}Kc9v^|$5!J2X0p`)0$vT}k
zATf6bC6bFw#hYDC_3L$#&gEqR6D9bVSv7^^(m9Q$<U_r6f3GvVF(v3eL}>H1d%$#0
z0i*F)G+HZ(JFe@^(Cu{G%38R=Vgqd{yo1v=oAik4O5G6`fsZ4s<bghO0r8ppqg^Ga
z4Op}FiC>J-I{mS}{Mz#P!Xk&N1Clh{B?^$RNPTaj_4H&K=Q!U3ZS~|(wIK#<LM`=N
z^JbuEaha<RM#52tcelmzQ0#BlXb#W&y`Wlwb|^=rifb&%fHi9qy$rq?HQH)H#?A&z
zT1=&)(xyBLv$jzvM<1%}J#PM~xA^aeyQ^jvRTsv?b>NHyCrtDQCT$EmqYbTTg|ziP
zNgI|+2Jl?%nRay+SJ=OgqPOd5xrQpXh`s>#Z=tF;CFrN6FKbB8H<gOoAwTI})ovDy
zdUnqtpdvz$$jEDR+Whn+wDuLeEdm)lpMyaUb;dgQ&%1}Q38@jRm9ZSUn<Ez|tHzka
z@KH?xqsIN`7YtdIR=y_>m1eVJ?8Ro&U-+C~p7F)sQ10yYH?$^faE61ZQovn0J?QDK
zHOcWfeCv<HNIVtlku0_hfn?R>?x*i^(_2!?z4|-*qN?3jT1)3VeMmj`kdg^Dhc?eY
zuNUfkHwd&>)f8is0~EO<j-GEdIy(I4Mvo!%WL=26s;oT@JqY}K0r!>|LXnD0o|c@o
zpTGJWBI??;)!{|KS?Cxg8RjjJX+N`zbvm#2Xy7GqCs*L3i|_5~-GLd`B+R2tk7~5A
z&S$$DCD}$oYkU*!A`~;735R}<SeNIgL=NHv^p^r3&nuQogm2{h9bVkWhvu-31}IQg
zwEZQzG8eB5^^f}a{sykx6-!rl{NVYjE0y=~ts(qQz#}Bot4RPj9=1;irKJdHVC{g%
zhO4*#2<(!LB+2S?=3&GA9Ia`wJ8ZW54AT-T&N~v&bY(cW<_8R}oqQ=18XKvFDqU>|
zJed`;$E{kaG<EJm$`}tGw;ik;$qhAMc_IJ2tixPYV2IOVPfeBQ8`o1GoD0T%IuLqf
zX`&<u+?3j1b947_L)<=5)%Eh=YC2YWwk(_KD}t+ys`};S{G)zd&!oiT)jK<@Bgo;o
zVd}asRCYyavO|t{NXgFbS0-10!7-6*_p4g-lcxC*ZxPWr_Vs=e0{M&fwMEvM`=v|v
zgG~WNzc6r8HrJD8nn7c%I=zOGy)$@G3{A1%b%p)&vU1HnG4$gKf_%SKfi!w((&>5M
zsAj(MfRPj=x*PNSX1UMKP3W7NAzEYv?^<uPipvXP_NOU{BAz`e@dTmhdbVU3b=1RH
zAxA;+CyirXKg@Nx``&-yh@SlG9Ro*pcBv1FS95Ri;^?TiHb=$|?D5}^+%!1egz~-r
zyNs2w9i)%hk^B}Y_EG;`N)}mT7RPJLCw`Hq;%O6N%gnO6>ofc5C4rXd(oC;ec*VTH
zV;Bdca&zpXzd^!w>u)zZ=By;{C4WPhO{kW~m46Krt*ij>PNCzSkKl7-{%mO%I}uat
zF<a!#_f{2g<5j4e+2|+6HTr*Ja{}f8iaVI3#*32PL;BK7Smi+F*_kDwUufixyb!b!
zlo4MOCPfS_$yc!@IID`K&f;kD($@<ylTmW;iSv(-?jFxn5XdLU`@{E2D>cJp#s`s8
zBpE9af^zj4GZ?XzW1XWMxT5e9Vhroy-?Rq_5~TC!A|~{)WR~Oh{B1I1#1;ME$-U69
zgM}nUPDoH@XUSkSnDm<w6DylrNAQ$o4P9XnU>A*fNG!Z=+@&AfZ$i07U_@ugunSg0
z6zb)<$-j>3_m_TKqO6x1il^7A%}%8^Af@jLV+!Xcuh`#%U~@we5*6*eb|Hg|<crDd
zMO1VY6lMiOF*Mk~>9&lS_oT9d>?`8<%Cg!YT=kFfQM1;)za&N;u$bX&NR30n%poM)
z2g61UhdAvG$ux*;W?*(mm@)46rqBw)Gq;Vzhr<Tv{Cu$FtQl7PHpH3hE&m#`8zl}X
zQGjnMMUCv#ZX9_<dIAdZ=K(BV@5Kq(PIV7}40a^@?Uz>@(<(pBl#Z=xO!jg84rV#B
zjcpwOdOgGqe)Cy23#yCpPl1>A%U8z6a&(c|FH}9+_lQ>29RZ*SskY;0&a+9}(lWf!
zOt0?2S}c+w@z>*5gx8gpD~s%{mENbCw|K7-_}=Oe^J?vB7XD8rtvjG96vz7FkiSop
zbk8kPCmV5O;+?W5VrM_U?)#qr5aGYb`H-I`Q8SHhRKU*zhl6h2shLY{nVU9dqNBTJ
z_IcISsmfQsz5#)2ED{3h<*wdK0*|!igJ`1_j+!HeNxX}lBYz+G9AAp*PPTx=M0o99
zO<j*?5!bZht9~)te9BSL)>D{EzIW)4hc#`{823Np<m&@j^gN3oEBnb*aBmR4-$dDB
z^<ya5=;J}U^3Ntnc5#zhROS=bi4aRr(i2K{+BVF&)(b>ny5)g8y{;u{X~;dh5$b-h
zno<VL8UkKs4924IY)?@id_HsVzRvNACLc16ZA`AU=>5Ad7w*0*cx@}@g=jb^vb@cB
z`!EC69vV{oMw)GPgW%ytO=aVStC$oRibYW*K3%EZ|CR7V6xAd#7EdCo<Az;Sc6rtX
z!R{R~yJAE5VnVC!^yG&j9deBKQA72-g3@4iZ$az%Y+K?!X+ky_PjQXg*_oeYvE?16
zfzGvJ!mna=c#|QvWxN?NyXR~Bz1pcsaf!rv>CEUh5Afp<4f(X0*bK3R(}G@0)jHon
z8OK5uw((aJ2=it@??b?TUG3=^zX2=JFjW7~FLG^J8f=a&=|WrNjutb=e$1Z1JyysB
zk^JqI(G6^!HtB5UpcXyN(d3hi5$qkoxxPk1_30sU8lw+0yirA5DLwCiV4Jk{`*|%a
zrPMH@mC5R7;LSh&Y~$Hf#|xaS0W!G|<tR?n+fgSkiyEtfN8ZR_&yJOz+b;<hZ)BIs
zdkM+OLF=tCnAw>?=3`r5uX*(y8|Doc9`|bwr0eNJ40)y}+xmc4kK@^4_08D94W!NC
zM50mkJs4j<EGuc+g8;3g3a-B~U3AhJxBS}ttmqY^(zQ023?KVk%?~P9S$bQ2rEkJf
zak@B<bh}9W?{L7+uCM^TEy3!xPj8P5fWF-M{`%(t2UdKNr1K@YCHrSQy48b|mj|(J
zK>)^?F=#HyeP`Iw!((pMPv2a?lD%{A_Ld{gVfV51u|2$yo2)b1>*>&r&@k!p>FDS?
z$n|zdFWX2;5Asou5<v13cD|$M$8HtUbrqFJDumecAwzfnr`OwZqjXosrO%~l$WR$x
z)f3#7yZhHm>#ih+G+8tiXtrRQOW!}ekdUODDxG4<Hw~|T!{bsdEJo@mb%(rKIME%h
zv+UQ@-AraUt4u#+KnK^iIq%tSYBt+924#iZQ%ZY!r^d_GB+{KH&=YCwiCBaE%^rT+
zW<7p6Dq7Ws>L>DN+$-@=POnHcx!&g7h(fVOr@H%xNZmuPG^R|{EqIVKUOX0$uJO-J
zIgT<Cy#DQFy!Z1pS1tU_Os6q5H}`}xBr@lw{Z>8u!wj@0&)KJx?X*eV$s3)|6a1y)
zZE>NO*|H%Z@!X<#4>{hEQ-<z|)c71GZV6T`<p1p`4w|k9ranQ&#-g)a1UYBch3`E$
z&#ldgmee5O$EvVQrGDQjz)zI{AF<xAI^yJIFwTl2F@=-SAuuwwd5aRri~}J{PVc~M
zt*BYU4*O4f2|>2>I^5}bUWIt3)G921w4I1XuW_Bz%XVrlt}InpNonf&6pPw`e!U@Q
zgKf6uzyV`6{&ZV1ACiP(9j7)X0~ehHr6}A39DFjVL~7+j!`Q1teAJ-t5CAan0RGkh
zm%A@~8$^kz=J^Y7e$65QRo1CJVHc(2PsemA2`T!=dYi|_Cug{;op;dI8Z8M+uxTq_
zXdTd!^(LdP1I1ZKj%-oUcZYv+*ugH|XPJ{Rtyr_ulB0{T88q<Ns}t?<@kPX5QqpX#
z#_&EN0{E@aEFf}F=|RG#Q&^)NHP3)C|6QPZ*ko5!hi#f@xro4ROM~$Sv8zX>Hvk8x
z9C41)AA@n*wSOtF!~7&$qW*bZkAqZ<_j$L*bgk5Tz5IJCRR(85S;gjV@P=0DX=jx8
z??*BF;RDBeofby&CO=iP_hg&Ob#<wQiHaEz&>>gp8($dN800-Pm-5!sz#BXsJDjLU
zuX)|JJtyNsbKPe?lN<@|3<OksykzUc?J_gx*dJPf7R;G0^_#I&zE>#fxpT@O&Sp>4
z3b*EXcAj*3F}BwZ(ixJK-Ky^?XL<E?k=mbMmnwNDW@voJ&Ljp&(@jX%6J;}d_tD{2
zXPvjNmtWFXIt^KRqmUDg2lNxs@>wFV(##GgCqbn><!El1*b=I;-WX!v=&W__*~hKo
z+m8LUu#+vtU|sd*JRWi4DKi}DIHU=qbdq42@D1lr78}ze!`Yw80F8ta0byr-<;@L;
z`sf=UirQu-k}h}lNJ$`eN9C!1C;8H65m9Ifqha;l$u%n@y)PDpdt86FrY`PjR!ne*
zg`8}2^BFNj;=e41S5dL!Vk87qV%4tUapL_U;C#nXvM~m>XIA>XF<5cnn?C$wmfp5~
zsMHWrTNfus1Si^Sj(b%+7!YVj6xC#vzvJhg24zZc@>Q(5=VtSWlIzDZFx^)CM@1pF
zFpnGYkn}hWB86zK9QD3VrV($+__brU>~&dJuW7mjMvqs}Sfu>EghR>tSLl0aTCRD~
zr_z%63=I+Wa-h~`diU!r<m2_v>5~^e6s~H*R}psoy45<Kv(!6AHlCD*7yYnf{?@or
zlV{F_4+j@j?LnJm+J9Phw5Dd~E_(-G(__xq6ak0yrg9?#`I15JMy-z0-+FXf(joNl
zhD$lqe$TUG*xkf=ZS2Eyiw)`Ba?~3fYo^DSIDMXtV`pya!TvqR8E0FLF}a9wgAO4P
zod503LXV+`_^XW5k(}AXk;>xQm2{)`2{zE(QwWocrKXse0=9wJfPf|2AQ@7bzzVli
zu`pJdJs7+9OIJ3*T87r~_36s2d6gBJ{pKyCr7M?`nRFf}#n(X6Z7e{<T<3S)n(AR(
znBHfU9!ldBpwUpG!X9aA94SY?STr%iwomz~7HrU8gP45%0pq!EK2M&W<~FCfJk|q+
z&a<2AqQ3+`&4SO!S<Hx2qUlL{sSDDiu=q`3ra7ddve|?46V=f&;R#ui15&c{yYmA7
zB>x6wqj&an1sb@4bG-Tc{6ju4gU{;1-8n8y{B$S^5~i|lF#h*y_kFuzTTlG$A%PSY
zT=783zZglsL#lHgSV)fx$h`j(=({~H&aB@=W4^)nM6BsY7I8~k4w=E}Jp=R@kayfD
zNsLG`KASz>+h1GVw2z|K`|S5#wIrwJ$!hfvN+TV`I!CPB{GyYk`|@Si<H4m|Tn-{s
zOK?CAPdI&lPpqpjHB3U5M3?(14sm18HC}-^Rk<P}NS1R!sy~kokFWIV1~s~*YrVkA
z)lqaP-<)Xb-9@O+x+Nhk$6qQ*_ASTIAuc&N#<vo}&W<qkYeGg)6iU5P6(v}1`^h&s
z%-L8IvDs}_ssX+jyJW&Xw??C^X}oqOrV2Q=i_;QFnl4-u)Ie-G?7836hsGxBU&@JE
zeqGDJDcf-RQ~pm0Pu-Z;rC`8hU!O$U&J1GFhCSj(LpWQGx5aOEP?$qooi62d#i_d$
zQoSvRzI|er*6UTJIgNDYUAf7{!F`ySov<xrJym&P7zAr2fYUs+JIK)-&wooXK|lSM
zSc<SZ<q8(%dNdrKYGj~#O#JA(XNP&^8u;Lfz`NM>-e{$$lrS3J@aq_vvtgtK(SORb
z*+yGRNbHAJ@>GFE!S^6@?lpnk>a5Bwm&Ay(ywo?og~cV51P=tR(cy&d6xn!mZESRD
zI*<6aQ+E3^Co*G?hdM_k+%%;U1+<EtRfWm811Lnc=_0FTo)YDf+1WWKhm0b)$0xoT
znBGl9?k@65dfdbGF9;~)4bl1ahA34-AK%+C3iBLso7iMJZ_h3@TrAu0bVw-p(E|@k
z>MZ%c(q%-%!_%IG!plF-YwJh>;{^<4X%Cc^5>#k30z>sZEwIJXJ%7m^*N`U2Pt6cH
zq(UXDL@B^`c%#H5NvStfMBj|UF8J0)ygLH)vRJVy99;vnADfjH7o??S5vdd&64XKp
zQP6QiXN|dOx&tByQy@l|lQZGxXhS}>C?tlgo%EYc;u0`|x$QS7F=!A)L?YqW(eHj{
ziLp1>UsJmhaEcnKG5Al3BC0NJH#yHBFNp&V^(2_D!yQNmxtZXt!CA%XljLh!o-lXd
z0n>;2$bnX6!>j{Tm0;xp$c9lNDLEt`1AMxp-Ia?bTFuT7J~6H9d)E0)aH8A^eFQhp
zHS`NV4QV8#nkac4#QQ!tx9Y+k`CL(4BI>*+<o<(N7!eNaD<}@OsMs9$f6-h!_=wvm
zX`-45qrwYNY5)E9-vl&o^0)EuEmSC!&Unh%|BTbWaU>Xx(npE<-9mtgLqs5(?KiFz
z#@<}S2uIZl2nkij^r{hL$YbM8R0)NtSwhs-Am^-u%fXUk&a>o(ggL@zC(S-%#<-t0
z{B<%q%P>%6%%Rf<Vm&X!TxMwY@)NQ<hEsaJVD<$qdA|kIiDpo@{vUt@cbr0sG!!lD
zth(F<79E<f6zyKS-CF?9`0mt7J+hiNE%{%kAvu8cL@!iq6!nri#{)~KbhDvbYh5O#
zK~+Jpkohdx`pY>Xi<f(!#i4wBG^bIf^W_Q2&v+&*1hXuoaJU}I600se(Cya_8lLOc
z=IaL<9=Q+31)<u4<X|f##tKg41{Fx>7o3)>Gd;a+@g-V<E)!nZL)tbUCKS~M^p^L;
z+iHs-K@7>_%|T!fATWq!Q<QP7AiO23V7!7LzseI6mz|)OK}7xK<(9$^>zHh1c_P9^
ztIfrch$@cJfAdTEYS{MNOHd|y&n$-6anKK4Z$k(W;#NeNFE-EH>N<Pg&kpK&0z`jn
zvzv4Ny$ZEG1D<<O9jTGykWV32qxhc?AuUd{@ZA@pv=#p;C)$z`a+Lgyk&-vt5J4O!
zY}BU%k}VVAyJHAiTw3Ab^wrbHykk@8VySQ$3cMc$7R+<ltJV_n^6=!9^+Dd=t_`$C
z;!(XWk}eS7_Bg-skA(Ow!`%qF#%OAj-LWp=lyzZ^_V-K)M?RE120TG_ELq#vy_jk2
zoHv7=gx`uu4G&a#`Pr^hQ!8Sxfb7rR{?5ht!N%(XtfUMf&(0JNq>p%ym*C5$dRh{x
zLvdR@`>GEtV~uUR3PkH)g2S`XZ|`cr`boybG$rzcoU|~y^@(+{ZaETe3PIebN=^@D
zlwbG2IPbNM!@FI?U<Xo+n`gq$?6g(0L~2DD;X&d5q*?#JPoEj6hv9$bKzw43utUkT
zW=?Qq?<J`%D>`mDGvgI2Ibw2aat4r(id*7gYd|Gmg2tJq(OZq62o_GcH>aRt2+qm#
zDDg|sTN6(@F!O{5<E#U+lGvPsLla6L%y1fGfgvQ&7PG_@DQp@FLSHpI+GmdC(8T(>
z8reDWtVS_cB7^eNCB$WlTe_2K$<ivVZ-1u?P@v4l7B(bsP#izK1In$mj_2o@Bv5iu
zk1TeNW;HXf_k}@|Ke>mq(b2uMQLc&j`MQ2wYiO)M%l@ernQ?~Ih>N>pQTvExlEUeY
zM7pKQVB3j^CJ{XzKxK_fO^e<gs01-0>j)$X1>rFbq<fn4u7!z>_t8BPI@LBLkxbq<
zGCg$~p`Y36gN6{kN80X~J#I+&E>Nu&*uzDBJi+N|w?+kWsQt95D|lq9KMOWfUy7a9
z>1j*b2~vvZg|K05+?3_!C2+<QKe~J7Yiw!Ky|a(TfOe3e=kD4_&7T{U#d_i{I}IYi
zi6G9o75QCN6Dow8Vn4y=fBCrw9mU<0Qo1y`^#9QHmQis;+qQ5BK|*kMg1fs1cbDMq
z?oLC1;MzcNclY2B+-ck;XyewnKF&G!-gDmj?l(sLsL?fQbk(jcYtJ>;oZsL2bFgbn
zd?(~p*-j`Z#HVYUfo;gl-b_!+eX;LJJ3WRyDuT*F?6{JpTU{Zo?#PYu&Lz1T3%%d(
z&UQ}y6lkU?WydGvLcCd@o-TK$;lnsFgMCKkZ5y3PPLm0|b_V84e>S9QVaB<{@*aT6
zWavI0E?aF`2&fWjYqL_HF~4&m7b!6%sF^swXz2EBj3QS{yXIxyz($5tj!MszeHLS9
z9r>&UEyt@oKZ)gii95H$dgo&IM%+>SiEW1{@J;|~R7(#py1gS@<GjXXr|pAnc~<m;
zEUk=YAMcRtZysqkUTsZ%v67lN4$HSr$+%CY)dJGFi+5<-Po>-nS=mRYm8<Jx2fp3?
z+zvE7)`3o7O>F#K*A3TKjBDxmg>sZ7Ra>)L$L@hn3{{ngDHkKw(Qae1Y6{x^LNk+a
z^;zQj__SnqGUIAn{B-0iUJKj*5GK7?CVOrBhm6hZ@j;s+4JH{OG6up=q3iCQv16Rf
zOG*s(UD+-tS5}QL#Cza??4j6lADz{e!vm|5qE{N-6h_m-QGGA@i0CdGGT9fh?2P6g
zZMO~`Ld--l8kL58aqjxG(XEw9At=j<FMVu0S9rp-X|XpomuJOvd_Ems?Yg`j?l50A
zR(~+h<pcuF@Z@Bn(zb}X7~U0CZizeA?bYoK2ev80;KP_ROH~y-uEwahD%X1mYM8c_
zU2%kRQYL@dyc^8)FF;S==n1dQk5~VMXf-weAg+naUa%3;diT+>V^`+#AhcEiA12e{
zMJSR;O5}xce%Y`0lR{cIAjv-SD8I8a-+^nlx(pCt&EY4;h-e+a1V3qA+zKq5R2R?g
z^v%voo@UQiu6u_lc1O}Xqwbkgan*PwYVg}0Ts<CG*I0rd%`2B{Gaw;|J|WeQ&~_^`
zvS+D>(G@fn!||llZ%9OA8sFo37V1LH+tcA;eR(@vm_Q7bh0lW^R?0<%sZBXYN9Im{
zQa1@oI>xxv1)YV;by=|#93@NgCt<CD^7(ljel7XxPmyDE7xp@n9Y2rD9L{^dr+HO%
zz<C0pztS(Q=q`LeCg~Px*5Vqh=+vk(oe?F-)3{vOtdEF)0hA^F;3_x|cmc~bA^W;=
zONNU-7Qub1>mrtMDe<uNCKOzx$<lwMY<&p?^@%^G13d7xRKsQQ<RxUtlFx-e75wU>
zk}2^<oYy2uN2pYo#j1DjdjCsa@xR_{0F-cI=AX3c?C6oY{`^!M^C8)&R^;R7JFs#r
zXw3`Nx82y~MtKol@Tzaw32-Q!dfD1+O2Q<!E=n9hSYSPW@IEO${<8y_SvLT6=@V#o
zR>8*0Ftlc}UgDn%KhYhdEKKiR&K#fSb-r_c<3pLW!y}`5Esl#@>oDSmqPRaCQexnx
zF<zcUIo4f%L&_p%-Z(>!J=N)@huBKfbOY--ATXxt@?0*X)bWICBXXc_5jhiLayUv;
zKG3+;NP@iggEE6J_T^b*)m+of-y63XHzy(p&S_y?m7|eJUpHk})N~`fRi_s}|H0Yi
z_Mx2#cvQlU$L+q74(g4yEtD7;BmC3B(NXU)WM<hf1mzdAk;Gm%DTJON9FHRwAu3Gc
z9j#dz#rEkC640MeKU*Gbi+P$%Ir<OPs4aH!@q3{?)RO<^0{p|s<MlYC&-nIaSxiX@
zMA`IpiX-Oe$VN2pi_(K?)o1y1SCY-c2PCDA2ZA%7yYpSMl5Mtw>&Ch1N^_UK&P|I-
z8}jpdUO(?uK(^NrR9BNThdHle`kkHW_YBd83B#Si=`!%)%fmEnF|Oq1y*ZWt1xvuw
zW%ClBGa0Qcv{X4C3mB2o`|VE<Fo?Y=X;}^9VNbVv%a>6X4|`MUW(#>PiDUN+LSYbB
zQ@t{b=Z@s5*N`RLc@4iQRGX>t;IM*xYGO!{$h>g}JqqgP(rkt<nCoBLd;xMkl!YAq
zt_9e#A7VIyZx07}ur9J(HSnZV(Hg*OlV_VkpuWv2i-FXwmKS%s_4RL;CpDMvG<vCV
zF!|0fZqEd_J}6<xaHr&s<ZnGI<&vM&a$9F4kUwDXZ!h6mo%eXlrRMLKZIFOp04Kd9
zO5c`a?#gBqd1rV(#7-aOfv4X6GeHNdU!EQ6w57p2%_ONl0@1a5sGKsRm6Y-qm?R*3
zLU5#TA>a=I=$yB%l-8AkTb@{PJGXAU(krW5@bYVy7={eH+m!Nb3@iW6wv=t8aepI0
zD`1tp<Mtqqx7Hhxa)eIG)4qhxgG~5Ik(Af6y6~sfN^7cwRNl!W8U+EUa-ssA--=@I
zkojV825D{rU$H0TxD^uGC-87pbAP*U9!;kpb!a0FO6||gut+rLPSj!vnya?--a_dv
zWOGGL39yE}w3J}T<J-a0<jMqR`-Y4HpYBI$8!=u?&E>G!&ocY=SGq6nmCj6G?wxme
z+Lk)ag%f(3As49-J$dNfuB?u$r9MAYQ>oZbR#i25Wm43}7v_F1c_4OwaRgYr>tPsf
zS2i7ON{1;dzsuMrf#*2tmKq0g3`w)8@10>pRj^b64<bxry}tw^K>;t4<$yar6hB-3
zy#hHI)|;7`J)=iKPj=c>5z#Ycms#wK6~i~_#cVPJDZP=?L`mnNH$Ay|Q^%{RW=~bt
zt`M34B;DV{6hMKjr?Xa|dPOe`HO-jhcKv86?llLBKyw%Y$@53=%SlL=3SF6^Y<0&^
zdTx@vrcFT3x-GSGQmLz%A<?DE$Wj3`^<*;dp4i}Bf@>c7StZ*bcG1O*TKE1|`emWC
zy}E}xdQZenfy1pKMVSRU!YCfj8<peBrKOt#L1<Y?LfZ<H3HsZOCLgfyuROs>CNpTa
zN4Rq&uB$cYolI|fum+kGGY<7X6OtW#B|sMccd1N>QqomZjsK}7a@bB{tl0a7d&GBl
zvx4dSvXkR#YkWaL!TT4005Qt@3CUy5(2fX@LRD3Dcw$1Z9cS;IgxG^Wlp8rBPd70r
z8Nbo>watXG>VVCm8~jC2kP9V@%(S+jrPNPgfYyQ!|H#VftT#z@6v?nHg})>P)l@Tn
z>hrr=>e-wO32*3(+u~&bDd9=ckfp^`iwdHQE2)&|edjtVd#VaKf)k!dT*!ql|8xNY
zp1z7~hsGd!mg2~;N#+*v(Q!KbGFzI<PF1waVx6573fA|@VxFF86OROaflQ8qoc(?5
zk2Y+H4sFSJVy07scrU9B2O*CgZch`4#Dc$qyv8D&m8<FynFuE0F)_0DCDZx+v}Q+J
z&VKRA(<|`bA%4^E)9sG&Od&4XK09|&P$Yr7BPo_rG#jsMZvjU&(1vr8%kd>BlWaH$
zvj$7C=YP%KSy!YS5Engjq6@VwfL*b+bLgWUVsY75SYxwg7*T{~<I@?A8-hzKdf6!f
zq^9mcvQVaaMLLLuKT8zgrQ?7uM^=D#RC&44SNVvT0n|t_jQ7b}lKQUH+zK@ZaZ;KQ
zvLxa%DqO0L^b=KrxEOLR9+MN%vaUw4pn`l3l;*wbyDKt(q4c=3up~4+PIrNb-wic#
z%e(zQ;^HmHnKX;4CWHAGM1~h-<mAR80t_r+i-KLkqvZ08hK)=P@>-jqNA&+huR55!
z{laqHMx_hg+hGg&eCx5(T!^Cgow_E#RUO|PYtM{_lP@FP>hLo<zZaY5Wb2Q}H7!KT
zr27Rj|3+f|Z_SKh6_yhePlW77=84c@_<^-QPwKY{`v=*r#9_qP^}SY)t*vaRjiimV
z9;_l8Fluqt2`}-?s7D&-=eIn~)HH>{z0^LP({{7d1)BXisttmA-_AtR%R-#+<L)Ao
z>!`6=e0EVY6C8BX)2;3*c4J#Z-=T0><4mGGfxEWany74L+|Q-~aR$LZL!Mo#+h2&g
z9tV!`5(wh71y$}cj2yX%d^q+BhE#AJNeM5ei0V}Igkqn0X1^Wke;zpa>bqn$dbRdx
z1>f4{P&AVEZzRFlZgB+65+WPW?kkro?vB*1$&r0QSKbegZh4n2>A`4*uY>s}u`<-$
z(-OH=X_L7T9aqzciXIqQtkKg&4_c2aR;Bj2<Ytx!bG&}1X9P3~uG1tgpA4JfC;_Mi
zQoGw6*&Aw_nz>KIObaJX&MzsB=4KApFppVsrN6~PV`->*&~uCGVB&}eN^Kp%kDps{
z8B{Ri2yvmcUz{!vjRlB0mm0#@s(FxR|M0;1uV0s6CPfpAq>qJD{J=(@nk6DFZpmbQ
zxWu*ljEN22{w2V{(TEm-Hy-2akk8Sh;HJsCL+9d5i=XX4vY$j6O+V3R|LgKe;9ydI
zbSxB=e+p4&QM82FlJ{w4p$Sze4#m=f)?92x@j78a6wu~Rsu~(y#37t~u!ISVwP$j{
zH9fW6m&TpV>p4yaLL&uC@r=Tjm@I&tmF6aI+I?<cK)E{7c<PE0&TI*jlIglDpS5Rk
zJ#Ppd(zInOwOe=V_y1>48}!w$P5QmYZ!r-F6gvEeXmbb%RR&nQdJ0yGM#zy(*wFm-
z{9piRV~aI>y@`__VKMM4iVMchcb-jr25}phUXz0$iDfuB=5+AAB@v2-L&gRV6Q15h
z<_z7hH{3K2o{N?Lj%GsQ<cAiww<fZLGOZno_tWb#-|Y94I0cu6en78x_)<tO+3dGP
z;v(pg?9_$y5tg4AIT!R^vvIc~N9?aC?rYd2VYcF>-Je(Md$k#brFgFjmX0_SgVX8&
zlAu*;nIxZoV89`7q6xV<UEv|+bi?T4q5ymk#{DLVCW_dW?B0GQnnQZ{UdvQP3QW=2
zpt;laKUb$hk&f-rnYanp|Mp0GWp9)Ynbc&?xVx=wq>@(nMolKuVvk_jK%}RQE)j(F
zQ6Hdre)1LeONx0$o!`ulfKNU=!$0&HpKY|c1vSb0Ovv3}^S5^7pC!rWh>y+An4p8N
z2zOV^+S1#+?EP^$mtX6s0e!^6W4{|sX?{C-|JF8R75>O-_K)v!VJP|KiMR2jMxd@E
zrt#WN)zm!w*4|<yech|F;Qls~UK-sSUj&s&J7kp8u@3M?%EhcL@qNaui_e?}`4Z>n
zf5R0)7j?4{pTr24W(RY=d)5!ZO)DnLM~SnPI=8f?h&B1QU}TL?sydsCL;eskA!<S+
z_gT6wSoIUUGhd1Ei4*}o8iWH5Fa;XwMwm?U0>%GGCWgGR0V}r^N6BSY`vwPAFJQ@2
z31tx5Uo-TC{mBO2wG(ojq9Zx8d-Eg;CDMeqq(6zYVCGdrSL(N8h;1=+J^j?BRp5y1
zs{Nnt*E^&bCtkX;I7%MH2T##{|8T++N{P!dhTet@RTH=V<d@3G2BgSKMJyZ&=x9(A
zc1VbqEHNZsu_q%R4Ot}xcJ&TK^#9X_?l~pF3_7CE;%c3AcFGM&AMTwcqN$wpIs?j~
zS^oAsb$ow=(GWiey2Wu4x$l-JI!GshELM<xr7bOg9NAQQf4P4hA#Z@T*yg^WRRTWi
zDEG_ZXbRbF#LSh~c?V|}=MHFnpfbh5@m0fqDv4ZWOrAs5sA;F04uiT`Y8{CoD|&I)
z#?Y-p1e&)8x;*;Uw|H`QfQP5}g*7UeOZArp<wkWTWWZ8CZpv%CPqDi<oRHtS__e4}
zI<=gRd5D6%puUnveJV)A=E!Gx8at2wqh_M0_U~ZClpwOK-zse@9Sob(eGAAjk6i|@
ztwmXDX7q`!RXk=fXPUyRM^B|Ffp+n<^1s<AdcqIyL*0-JJp<R9pvpV&+sG2}9E&Li
zf==%dt@KMki$h)M2FTY|;$~@f%^}Q{IZpy1eRD*|7IJc_#7HKYu(C6i6nyHtKTdzb
z4mvtYeX4=wsu-Q(py!>2jV-Bi*YDdTGBVT;l&z6eP6>C%qXqpo6}AoJ^wWppB8Ffz
zrr{-;4_L?d%N^i+MgNCM<9nZ$2AZk&mE1FalNmI^^bdvEYLEnKL`z;$hy1(0<`mfC
zE8OT;I;NztaYk-0%_ereQ0%G^|9rr2dw{G?P$ZQ=AZ$O~ZI8XxJRt{QATDtM85F5f
z;KSIFR|BZ$T$MrG8g0SeYMWWN<3JLop;+ZS1y>Cp)QOQV)132CsSp*i)Y=-6!<~8$
z$@=}HzebS;)o7yJ#~@i>Ai-{+7;dSfE3Mn%aw<qZDSvi~+<CT=;f&Cx$Hm55NP&Fn
z(D=BAxV#hJUWA0?<jeHlB3_1Reob)(^{>X--wNa_WV1U+7|ts#o<3}|4GO7dS=pK>
zHB9!~F-NE>Trl0t@^RDsjETTj?^2{Ngbier^Gdt@!%l!a7j#{uA_+PbZFJ6T&g!8~
z>Wl9x&k|NH=SO14)bzmqa3IfF2BuiGoW${$I(J))Zo^|zD`lrL{COgL?O@Y~jX5t^
zDcXZ{Nmq9`=1Ln&XMNNX{ee(esxQ^J1Vtt1SOMReA;0DzC4KnZ@`@(v3*9c1FPmSp
zSN@G{{?CZak=4;E$XigV=n;3$$D953s`1XHCXLDUaM2DH8T4DZ*8bcu(I4*jrKSc_
zSHUQ)(ijO96MJj$o5L27*)!hcSLxd9sIbS43LjmXEo6L&%-G|^e(zj&_1-c+qUIOh
zeW}9OM@GSpj<T>{Ayxp7v<$OEMOR%^waig%#&GkrrE9G&zWMN11884;6~FT<ni+k%
zVkTkcO1q*_Bk*y<I%1UOMWeU3vBVdpDr<6XrUX6C{wpL#hBG#op>c6ZYFv2Vj~(q@
zX|1-pBQk6(LYgMv-`Lq}IQf3+=$@F%PBv)Bgb!~g>z;m^doOR7i@bN)t>-77Niz`Z
zf3SQ)L&YlpXtQ3hVAB-4u;5tos-wHQvURUn+2lSK;T!ca@}n_@ndmSXLA|HTxho)m
z;;Zzx##`N01JF<~97>{VwW~f@@6Ntuv$a}DIAC=RlzX_u6odFcbE?_m1Hgos+*k=3
z{7$*MaI$8ukxXwT-3(>T75!#%_-wULjq5B8prdPR@m&1iNTDOmP>Y63xIYl1-@%&;
z2JX#jp_lYUkJjS!60*4wcjZTV&WT-CGcBCnHJFKDrhu26tp;p1L1aPyn=Bx`jE0e$
zya=ZiJXb*dUcF;~A3?@SOU*)Dd8wCqnmMH4VOe066)eYx6ftX0ae9znx!gDEh0z1d
z*}qlcqktYOAz*>kJE_Fqik}#DAF&vR{j8BJlj>k9X^xXz<q*ndhl^xrhZt#S%#fSU
zZUgU$A6{z}{+YYrYu>}PsELfI?HtDToawY|Dk7g~mZT^n!cB6ppO-Qzn1g;K&*vjs
zYVSCvBKw8$4KAFdAJ4}=KV>i}L!XF85}FJ&Ur9pdCk#h>VpGGM6vECpl-pL8Avo8U
zAXJM~a|(5`Q?@L|f;qxx^|vN`Ha5b_abz+r>K`^_;uXr%OOt2C&RyBYqzjeQ?O%b2
z6qr~7LTLwD>|5=Rhq$*ppG&XjP_Fhxcuue3nLrK3*?Mh6?A}?IBi+!%B))W^_j0Wn
zLCa`<zSY6-!O;||n;?q+y@BN_65#K#2K^D_HKUT7*e<tVHDMZ~@7le(dc>ZjjUpS&
zMSB^>W2P@uAvAD9_NkO4Sa54g`B}Rmc*=u5%Zpn@c4qPC?lDf+lVb+ln5BQS$`94d
z;G62ntW%$Cd|JoO_nz(Gv{|XP30F+3-Bn*dWOX{&@CmASE%vOE0DwVsP%zz!ah`g{
zPG*@`VnXR~?WHuwLg+~q<)b`oKwa}j$INunh<<r?Rx0l++|QjNa&EQQV<ka`6%ukf
zEeW}OV~LcXZR4{GjnZaFNp^%_G?H=g-0EE4z82XNufRSxwthSzfOi_K?QIzX^(dl1
z!$L#Q8B$|6Ykcc-5T1^GTP)Q{h4?dd!Ti*ZG@_eo|9?GkK{h1pkY&!R?D(dZMKwzE
zW0kfNK!uQ(?)vQ1=)08g(DyBv_$e)<aT%5dz%k8yr$Nvz8r{>^&SCjziC*FSzd$nt
z%avBs-$;-Wom#$$kb@Gt=cI#iY)z)PLA)8z<BRF@{(wmS4&hoYN6=4apX+orX-<uc
z2h2th*lKOU@n@EG)}3Sye3RZLL`1qz@_bA*2wOp3FLgcj6d1(T-!`k*^8dI6@3&MH
zQ>N{l6=?oqwcaybQN>CQ{20lHMtA3lc=g9N%kC17Cey)Ug9C|czRxuyOj!d<LIc;e
zA~zYHEz@hvLPF*6rgTX?;_IyVoA`n6(f_Il?MFF+pSE<!Wnt6q6|f0!ImyDh&Q~X^
z0i<jUl!SdS+sdt^bWZ<iHi5fpJM?)PakiMfj;kj~o1E2R2BR{?YUUtZ3Bh=U76+0%
zHHvyc7yTskP@ew@*Mq(^%yv%}ohmGuU6ETYiF@+wO6ax4JYM*egN2<enr4=Et~#00
z&H@RRGLUyo(xVNguS5yq(?x32r;*$`f)RO7lLxoRit=j|+uAX@b#eneIxUJ1Slvo_
zp2HxPHd96Cr;pd|FZV`Q{B+fIAF9L<CgF)B)pbx1>;097=HEpo{EG3i3a6H523B>y
zK~czv#cL0OuV&c}EDe_CWZERj*_kOrX6KEGH<l+1qw%}gK_cNQh2144M}~lZV<`U)
z%mO&Id-1F-6@Djd90|SNi!e962n}{35a$G~R<P`ATvkxqiuV#)8;@|j*FU}3mEM^|
zu_xjcO8~z)awXza<Tbg6aNA1ZUDDpaAncGk;N!zuo!ls`mlsm5l}X^;DX*~&wixyt
zU(Tuu_YaCe`6c>a#dseOUG7{3_gGjc7RM|bvoWQR)cDNA28dRWQjN++ZVavNiOt<T
zT|8oSbbaU~>QirS!PTH3G}d$p#uTb1F5ZoYi!<y2e_>f-AM6T6^I11?(Mcnqs;dEn
zWDz9}d3|hbMyW5G9J?rCI>o=Nx8H<!_ZRX5z}%&#)W1O65lkt^8}(WzU9@270Yfx@
zDPzGbriPXK7o6a#P@gA<-cztgM5b`dK3U@;{)H&5S;i@mI_+{vAIM8$PsHtBnMHX1
zcDov`CVgBl@ydC(Y{vR$H1<Cc*FR5szbAz(SeXG-Fu7a!y&EetY;7OY@QNu#nYSP`
zb8c<cYMf@;yBO78N!L_Y7~`e$FLrZyEthWmJu4Bn?mmL92w9nc+7#jLWm*5KpW2$G
z=T5Us1g#!FWBO@VlHONzae7y|Hg5-0{ysRyewgPZHy@Q7^z@O*Xkz@`W)j4mro&;B
z>8VxD$zLK!Q5MVa(<3>ZD>&a~P>JoqK__Sc!<C^^v7O3Phi~Us^_>H97RHF1(HvWD
zI@%gW1t-CzfclL-?Fgz~OcKf}gUU<NH9~XpB^!%nJO0&8;_XSWE)V;NwAG)XE=6W&
zSVrTVw#MbJtbR_Za0c#)L{$Up=liFUC}=XImGWGsvvThl?bJHgz@ZJ>lD9x8^QFGY
zV1w(#Co#Et@!>|)>Je90B^l=C>lhcwjvvY&ub<o)Qb{Bp6Y6ABgQ_aE(MM{*s35z;
zUgK#OnO{G@c4|HNvZZG@v>h^KOx)I-h5aKKb`%FvT>A(DX{!I9FCm;kk;i!?qfo2*
zHwiu(rj!7Fil>q#SGsVb)}?P7e!)VkmcY!9oY)5TWB=fCDgpaD(+$XS2#t6HHx;tl
zQaB}YziTi8WH9wiAC6kc!@E>nIV|w`8o1!F`@GzPslaZMT8>;pVO)<d?fgf%I|t}M
z(pmoti&v2i3Dqf8JISmkH0RX-r5(ka_V9MLWZD^^!h>V3>x^H548W?%DRw|vF`{?f
ziP3UL2P(>mW=3!Xi@L_e0f~jH93oECscl_P#C6R%bQo1ss9b__OBSWx!|qVlWNT+G
zCMGu^W~D?$!spMN31@+4#3+=4P(GAIau&R)B($s{KOV}k^C#E}#2k>lt}B^pF^(=T
z01a`Haq`9%EZocpl$=^&lH{h%1Zl>aR;O30GbLa7<@J<}`nG;d@esJ~$ZIL+Y@1G)
zX=AOl`=6X#sqp8UxZ~5xHli2)W1+#owm0>tgwl;qxJE_l^mm|p#8fq%5KlK(f!t9P
zrl;d`($O6muA}^e8@3rvA){5LX{N1?_<zqsTW_)NDt(yB>dAc>Z==8vh94I7Q|DWz
z>Yv@DaNe?>+YDi{B>B3SE_Uyr6Yb^XD_7<-8v`$PZ$8rfD40x8zhHOvkJwpFHlLE7
zkr5mJ_Duq+@v3g9EHctC?S5nHlEiad#h=eFT2jbke2AExSMyIzU}eITG{#*&&IfB3
z`LH1tb6=?&IUv;$2|d)iu*H;(P?_oT;j3KYONz>6z+-C}hT)gYgS5{>sJj2<?*4y;
z_;1)0GNKhwiuEE_)I)@KNF3=APLNO3ihwsrQPlfBdtP?vr^BOC?7irz4aZE9f3n%(
z(zhqq>qGU}>5(DAkh4-~MXu1YM@ri`;n)6`ob6TxAvrXwZ2UU)e;8N(e~zuqO!(n<
zzFo*0PjGNBP2|-wTy~&l#ehXa1peUvY&rgQ(%X&nFO!oul@0@DkN^acoSZy$Vjtw+
zwR%cLLla(6-G<O<@V5L<8?pbqx%Yb@Jm6pd5}B{8r6nyZi%{=(q=AGfkyl+Eo1UH?
zU~>NdKHb(B^*`gdE#X+r3Q9h{^n-%~5YcmNY^>_{?{`WkSr>*<8o1W<Tl3AMPLuir
zX|2--uLJs5F@*W|>o}#V^;(@*9At<>$R~gpZh8R*J$KRv)<Nctmh$bhs;#Q;zjH_4
z@WH!7^1K`03^_r9FU0%aICX5?_*wgJCbl;!<(q!lcaP|;Rucm6jGk9VF1I&Jz3&6u
zGlNn!T@vlCOosgIIN)v{6aVB=s6ik6`-7}zn(AX}=K+n%ti(WxfTK61|7`DjPjaD$
zfBX;v8WA=a!)VqAErJaDR+?<J+dUX@^gRTH1FngV+J@ju-;Rh83@OXYSynX0LQ@R)
zcOC&B4GqR<poEE=;kvILsImh50tE@OchfvQX9bDB-LxN;`eh7d1JeB0vjb`k5ze|`
zxdb2-=il!#ojSUHz;1ZI;%!tM?znoqC6z{!#Et#DOT{US3XL<|N#pjM0bd3@;0Wdg
z^tx+com=7fa&?UBk}R@6?kQBheW0s;ck#U+t7!p8C=e176<1h>{7JdkuPle^aKLeR
z!>J+vPam-h5SivbJp_Bfg<em~&8McadlbKL6s71N-t{3s$0#pJz^mi?J?3hPG3)#9
zo@)1z@f1jThv18Mg;x<0p%~^Gm&Tme;!}Z}C2X=3!|`&M5iJfwot?MaLH<$iBS+@^
z$@U;QoFd~VCEY_>nN-o))+?L<lPaN1X%*lzMr7QNeHSh}2U641tmlhfc?MX1t{vgm
zkC%7c7o!+)swAGI+|}cK*67T9|1lc6`2H*OGYmAVO{l%jSaXM1r@FC0c?!21KEen;
zkNIpc@khM}dT&Qe2!>d|kV*9M=%l~Qt;WL83Rrf2uI!MjNwG>{fra}XHZHq0X}#Wu
z(zk?)3re%BpBH$vZ%46yH>C(&b)=FXB~>vjQStC^i(YzvTIR;aoZIJ~M;E;%B_I9g
zn0bT$*I?_#p*W0wpX}uM@E9arQZi*m+csyX7Et6rb=&+ATl_&cT2AmD1DV37DFTd{
zF7vQC>O<Jp28RaraM8i2CBM~FT62Wr5<*Uvcd4Y%ajo(@8iBtIaP~{pEpR5u_=W@h
zTE3Oy8#R`sjb72|w1-`e_yp}(0CNNroidQ!JHjG?S#G)(^+uW>7y2rQ=RXKG=`O33
zkor24)_Dk)`=;)9?x`;{vmd264;BM6QbZcpoq~J{>B_e)TN)zDM{RU`r9KZ^n5epr
zfHFnmMI<$#uNUo2zei<9cbIilX{ay!W-rE%kRASNsmYdSaVoCA^vd`9+=i5bJdVbZ
zz9_lrI=1YS1SJc-CHAb?gtWX})(M_~xPm!e(<!tUC3GIE_IO%`e65JDo}tD$>dhV{
zM@1bb#j^EkdszAc08<Q=o$YE^F?O&rQRHSu&2aL}BDwO}Yw+k!dAY#cLIh1)Me}2q
z3ZD&q>C$3vAl!)x?Jn37{glOJ=Blwgvbj5(aUf=C#zHL~Ge}@%Z~^5mS1C;_s5)bG
z)SnPvlWK)wn1XMZ=Q3L3=jE$r`6!+B(Q3q{*MD;X2zzT-(UQ~UM07aBZV0?hXPI<-
zkWKFYx@Qw@%8A}uGYp3h=0?w|e3#gJrFtBEIjBS%A0M&Yzc#wQqSZ{%(0JZJ<2x!Z
zEw#27CO3|f&HE}GY!!C+Ub_d)#79uEtTr$G)*`FyhAzVeDho4-%*l&=IjN}3_n(R)
z<%z9avjdU^$FHv^*=<V1F$Vu^ovl0M!~lKQz&oup@%6@;=7kKu^ZKvWUYL*<k|C42
zy4GhW#=ASsUQAP>emcYugdibrDsp}G^O}O<R)TJ!)T9nkwjD868{}?D%(Y;+WnC3T
z|ECXts+jw6Jr`AzI>NJ|Id0@TBYrGOa}Iapg7hGn(e%*OfM+C?wP3<hrh>N1ujE2V
zlPw$wR~G0F(=1D>BeCgF+mJ}<C=R6sOO;Dxl0rXE-X8~g76SxUOFHs3j4`}0GFnYi
zg3XUMbhhbuZZK22Vlp}GIoDPM_@Dg>I_ES_^NP#hxFyNZ*@r>0z19l~yi5c9vXBi`
z{Glwf@!A<ZZAI4{9A9}l7?`vWX|Xwt6AMRI5-2rX>tz_T{s6YcxxkE#1wOipTUV>$
z7&Eu{_-rK)8xD)A5d4c7&CcW(Xi_ta&}r??u(ntzmaqh%{x?ZK8dz=0zo#WW$4s!I
zmaLAN<7TN9+xT_`ev1H(2$<c;soBOoqK(y#tbH*eEAH;z+4T|3?7Hwdc=8>61$7Pe
z*%fZtZ(L}JKq-KxfJkT`y{86dPSj+vzq&g26!(z?7q9dv?N`Mkv!~;XQhO4kj$Qu+
z;n}h45cz#3Y4b`O0^d+_E#)N1TIX$lX${G;%|}v&(6n(-&JT^_qAIud%e`q?c;etL
z7yNb7@ocqknPPF9oZn`<*vgMkSh1&2+5EA8wvL2oUrVD$|4zQz$|hB{uq5+5E9jV3
zI6C1Sk9N&}>890W{C9-X`#tlY3;CxlxqKhNdx|L=YV!2Juzh=_i>I*7T)@(|aD}`E
z)4&UD!<}~FmS4|21fzMX#E+-?rMwj~@YmC;n?0|i_<mbo9wtx0?7#Oke*cc$Ikq)(
zOc_5J1B^0P>xw5y#1;A+GWaIG`R`i)J|`jL;rlq@1g8M)!<M4gcjqXSB5qH@pZ#V?
zd@LB_ezz`a(1?Yn+?mz!2KH_3_U1yFoTSv@?~naXvXfULWHgQ*P0J$vJs|KJ(lz2)
zqbCvM8hP<u1NX4>Z|mmfSk#l`=Lq=0%|+=9;g~Up_F!9(?7&}7wdQw!<mZqu2oqyr
zXCXpdA)DL92O`t0O!vJQy?_C>d?Wzu5!YoqiLl7EcMAHVK`&HXh~>do1tQbJY<J3L
zg8&$B70I>EC$Ft8IPbhdJbf$p^erZzXSw_N#AX)maUZ{n<0G@3oo;Z^CBr15r`qOp
z7y(Mw#6(MwYRkn!j?=_8W~C0!4FL%_h54z~DLHFGNqB5<ngj6o$J8v8_QZcjN#NoH
z8`+2G6W$Py+pySkFMZ3-0%u_;06m0QnDrwfr`>)w$!pBqxuB?`D!kjTtKpinUe`x=
zOz-k#Zl1w!a!8zln!ofR<gehB*$6gUT>JIOwkMLU;7)(7;L}f!D|llqA%^Qd#Ii5M
z9!c+AlIxqR!spc&LBv&d+EJ$&)o1j8jyLNgXb~QHsJ2y<d>Q?TxHquQJ|&-$wGf<N
zpSpur5?uCupus?>KKEdrBFf=d%`QK8B^6_T_z{W4IsbcUB!;8vx-AtGRe0cPFzvYH
zP;J;8$Zz`ou!4DiBocwHO|UfE0GZ<kl^3k%(6R@MErnDM9)P>IT{Kw`bffo9z^3?|
z^ap<4QD7L9gXDB9)-V#zSFSKH_U*~QBV}QBR=D5Go>%u{@O4GP?ykb8ZoqdOegkbO
za}8$V?<kz}6IvG4e`DY7pnnyI<|k9G3C=&ibiM6O2%a7giO`7YBU<G@tSAWY9#L9<
zIxJb)=KkY!?C|;u4)bzwrH@Uev8%^<Yd1bXar=wFSDtZ3{9C9YR=B${#yAl}&M176
zbeQLy%Awm$NOsI)VZAB)J*?Ut!ZA0U|4^PXIePc7{^koz<9<%J7C~U%got?*0^+1x
zfVDOne&qIk7i&4*CpTHwWyoZrh+gXk>Cv=>k}JwXI$n^PW3Qu5I!s+uK2KpmCX6pN
zk4)Uz!f{TJ%WeTQr<=Od0XXl*ad`txhEZj1MkK7cJJ^QX!Q&B^@0S2?jDiCHMvlf@
zP&+W^?SKGt04^`V@A_o3m%Q6Qu&UEXG)Mu_ozRHqo}<fksLGE~7=M|wKRe}oZ&BBj
z$8sK#?~aR=Yi6LUQ(-BJX)DZgt$$mbzB&)q;B`GqeWE>Mjl8EOXDitE{+RhK@MYyG
z4G%}gRsoNH)b<b$UzCpCVs(loufZh(aSn1t0_c<Tm2wW{zr5p|E-rK)uowP&v{#mD
zj@8|s0_4vAn_$U3!)Ec7ZYI=mP3*ZgD=M*lNljHk>KrwDu+y)Qgwno$e4KY$y|O!}
z9c3Ks*nketrTC0N|M%1kLVkCVbn250N{iLt7d?D@dhk}@TVy8MD{}`m2)kh&zb1)>
zs2C4D!fD^ReBKE)8vg-6M#4>Pe_Ztgms9qyxVinR2509iI_=-cmHFBb)tsX2#kvQW
zNJhJw0RBBGzUR)AKK(0+_Op}*z)Tzmr=4&S<E~b3jL{j3`OZy&!jwGP-1!l<(VO88
zC9Kbx<3&wazA~Hxc;YxV$Q<b8W~72wer6i=XktI#r*A1{34PZ<X$4QZuR#hrF*Chs
z7vDf>{qOkWQ$Rp(+l`Wnizbw1$pO6E+19kM;Q0QffW!UP!}wUZ82^IAz%Ov?+qC-{
z3C>te&A7!zkif!bcgD=15F2?VE+^fN{hpr|`)H*`NrKgPp4uJv*IQA%5%7Bd(QE_!
zLbP({q4n$awV^kyP>f^EXeODK@<kcK{$W(>X+F&Rim-iLzFX!SFc}5v>hE0^Hu*)Q
z{BliPZhW^PP<=mmH=KhepW7V~1FG6d7<!X+ljK{R`~s&w=!>G#<jdUp-7omdm8B8#
zwOZXJFR{<A^DA+d$TMdH9)ov8w|%M6ZS(nFn>qVb^v%o$w$bCeh%EFct4AyLm=wdY
zl?<E&VpEe+dlb;ymZ!kWP<LX=tyrW9RqQp&_u9i?`77op%J0S0?DYJpV(p8Nq3#s)
zuImiF?#6id9Ug@NX2>cW33z(k?X2r7T;eTcKK>>quA$qDT4GUe^lrZ-kHFrd&k!(~
zW9S2fvD|eP3C(^X$l2LD-Kl(ijnmfWL6StC;j$rJIQ-N0tmA+*e9h4{c@pKguM0NY
zu3cfZ_KWtC-_3?7FlA@SWs2q7FGj6F!oGVw1TUNQGxa}fH|SnEmtJELzxc9ljdhJw
z$+^HU#LOx`<D&>YQ^ZjhLK>nPF6RRNh@o_UGadJSzQ3(Wz_K;TZHn~Fc_tqyAO;GV
z&eu5lMf;ODlHWzvKst{bJ}<<$=I-jhK8KauuWrstzfJQpXl0JE2dqs_4vwW^8A~$D
z+`|z(Sjj<8E-$iMK9=+XvXTqEZCeHwK|dx%Ocpl&#7&NoFFBA)bHmC8Uam}>jCO`b
zb-Q!oCFrC_<?Mm)I>r;vv-?i^fAT=D+xa{jZwO*e9_dz_8(VN38DS8Rya|F{4_WJh
z0i)X?xjULZ^rl&U&%LGso%4O81c2U$k|N{VTh*phbK<r2iTJ~d7ovi#KJfi&C>7h{
z#`y9VOEd-)m6unHwYz6SFG|iIV>1@)%;tgv?Vhey=CC6kjFG<KZIP;vK{IKIiQx*X
z?`36>IOT`Om*=hXf&S`e<mRe$G5L7x#o@0|QkW}$J`_0$^gIGpunk|Je@(oLKpvWb
z<&N(mrU8_kya`P(thmLQqfGd=ZK>{$bk!YgABMb$m@C`kh5~NLJs7mdI8!!9*YG5d
zxP=CpNxa?xTIR3xzvI8^fAIV!C;zH*mTD+&5)zU3i1M(xS+(=<y`EP3iLY)({E1P)
z*ZP2d`-p&<f^=AFV&C$9C%ES7sQt@ur$Z0zdpYT`Xxh^afpb3(?m<9GhvRdgBV#Nz
z&2VJ%IqI*Lfi=ILk25=&_iYtkM<||<nT8tHnv3>bo)-@PYo0ryX9Szq<TdZZ!*O`_
z9Rj?5^KcVMFQ!HRAq6pAg5ap?UCT`^@zlP^_1)ra%tx+=3q0FZ1!oC-`fgug&vAKb
zZbhY?{ji5)f{F3A1K&*Dq)^T&rM==3@4xSQsicC*8I$2~>H?<rC$!aHz4tsHR*Be0
zCS%?;7B#zc{*7aVFf0DoTnAHXfWw%Pz16&7(g@6mUGYJVN!NDXvCm|m{X9yOOkh}K
z#_@{)8;pigNSXUhT9mlKQfO#Xm@e;S<>x1;VI49{W{aCEUimLG`I6N}4|2?EO^li5
zIN6}gYxu@~=UeSBUiDtk?pef>vM#fYuFxc>?De;k^xB;aNKp(>D&mq_hh;ST%#IHE
z#tKmEUm~TQ0e_?@Zz^fS2aGPJ^nM3pzi}|-WQ9+!PfSh_ShJTvZkE|U&jbf07gjD)
ztOy$^X%LCYvDfMdC%ee#5UObVotATO@O|zc8Ym@?jZShhSoID(LxVZ_fB+j76V$Ni
zbk=KjT_1u^@KgV+#BQjDhPK*xV(lX0$;Js)--!z+vpt@rGrDjP-8#jZX|;!*a-cCQ
zC2X2=kOiL*EkQga)HEW-*rz_IoOk)QJy&wqc_H1Emz*BG>Qmixf}Xbo7RhV(-Lhr?
zbVGsNhfnY7!1sgZdY*@(WK}vBMB96do5ekulLHcIA$S^?^5R9Hys!K2LMy-Hvggyp
z+oTSOaC<ykmZ}%R`|zUIy@Cv^kwVNFx7KPHsd}ozzJ0RHYDfkDwl@k`WswcV0NwLM
zmQypZ0c$VdE1jqN>FI#))mc3ueD=6*K9#Yky}f;P)*sv`u(AfCTQQ)j7mukpn0_82
z{}c;rbACtyAp)=rQQ9{F!F062IhaK|EP;^`sf~Ir`I{!-SXrM*rCk5njHI|?$mwyl
zkv0I6@3Tn(SzS9yt@Yik-vXJq1{Z2leJW%zQ>MHxFhtfYJnKig{j&pDYVJC7VvSdh
z7Jhm3H&K(GI<8o$NWSm+klk@@!{1TAUg0bs8GJ-d>O4{pL_VU0TqCmHzIVvo2=POw
zG3*zRb|2o)x&!lYc)pY(=8g&7CdTM{aDn~$z%dCITBixj1MQYo(uXC};k1mQG2Ld>
zl{rwa7k|1b(C}y8t?b5=5px;61GpZ7gJwBPiYDfk8XAhyJjKP~Y-UuNg|hJwPYNd7
z-!1+-MN6Y4GnplJMX$T8F+E-cv%CvZ1fP1!m024q^vYA8{qUfp!-t>f$V_t<8Ll=B
zJ3CzkWz=BqjC2I8Rtx4_qweh5n&9WMZKw={BJof6R~56^;!}Mzf+y{C;@UbF5F2^*
z(6o>;PGx)0s2xuonZc49RzMQb6xFV?gLCXyRrHy5nWPydoBO&Y;Lqz_<1cP&3s;cs
z7xYeRQ;pJM_vfmw{Cm@)LJpLUZJKeajWPZn*oQGg%pQzY0WufypwW@(X+0tI=xF*e
zGe`y73HkgM{qX6l3?IY$$Ilc=y@s{xF%FRm$(N!;P3Re|P@OvH0Xwtrhf^~00`H<S
z4)89~SUhU?20VFi-Ke@d57GCBmZ`p94G~)lQ}q9ksTnYJMJGm64A+KkQOdInb1VoF
z*d{mMYw|lj(OyEr|Je8B{W2fpCQ-Tl*zu_nABMxj!VH{vHHz(VQVu?v-FeTI3j}eQ
zQ*r~2?TVL?s5h*?{l_fyCi^d+?hxkQbBo-fNPAWONZUXt1q2+wCrKvV1hII7j{(e0
zlnR72)?0DSDUc}@sD#ba9=`Q~`}_U?TMpQnSs*-{4b*2DOUfnd!EB(2O{4o&us@PW
ztWhIAR*fNyd&qt|6)chUE~S(S-_>FFJLIR}F^MQ(uEF76u}h6r%fJs5#y-#A+a@FY
zC3do65KL=I`!Fl^Ia+hN(UHK{Bk3}6|89!pusqUoO>CQxL?{QPSj!RTB6>=vDRFz<
z*UFCXo4qc|deh!D-~JRk$46G3c(<is^fXTPTj>cUnFSLRB?{h+{@ZG%!8N0Ay=Ew6
z?hEpwH&^0Dlp_bHTNIQ-JF6Q5@ncGQgLn)PYl9hgFQ2}T;s2T#F}AP~AjL*{&l{NM
zv(HG!){>O{q#f}gQ=5sH@0QR7e<<fed$wV07-p8I>gTK5t77wsFYm14NIKoKRLGbD
zs2bs&^Mq*YwOmZq-&h0M&m?RfKVodgj&GG`ID*Sz>V|G$zge=dkkcoY_PJ|NA}!>i
zx*4Ekt&4d@P#SNj)^GTRNCkLv>)Un@=JztFqVG7RDx#OsA#^2(oh-Lzt^3~2%uUOx
zxe_2f-J+%Q1g=(O-mmp3M0?cLxREqzJl!uha~JU2DBcgf$bWI)!apu?Fyx<!ZWxhq
zB6c@)=gBX|u$=$uFG*9xjxRkvMz!G5^1Cu*15@0^2O&Mi-3{rUrO2YrOA)b~enWD-
z=nFg&NrBC(;@~z;Jq7*IoGms9l`RX^USh^yaqcunn`mr8A1ozHYB6GFn_~dJ4!t$t
z8s|hiU{2O$AWF*Cd~Giy-<TOXEZrKfkxiKWr!s`vbcUBKmDqTQBY}ShpGRDO%)mo^
z&Z+k5hWzE5#)a2&|5L|3l1L%WB<1bRjrxiG)-}Z!=m`z=rehi{_7s|^=r^^Vnu?O_
zBgN#(d5ARp<2AzlhXTPW4la!=V`u&t65-d8Nb~u))e6*;o4j&ronm`3CZ_Bbr{jKa
ze8yj2`EOGXDJH}DRE6~%8%-MU53k{r=Ob7jB%ewd87+p+Wbs$it?hWlZS8rpPY6SY
zP~f_$dPNhZ(*a&gBUVTrCyL3hJ;Z~0uOOfL9NNG5dG6;-9w#ee`m<2@y6wD6%7Y?L
zgg&8upE#=2iE$}C9zL>>F}`IgYs?r$j}(2S-jbd;`WEn|eGI?s;Elfdd!_JE8v=3j
z55#kx9l(dr!K|UrL4^7CK4^~!|Aw`l2>%<@{+bp%B6zNt-EI!mB~~PGJ7jn{j-kZH
zZVL;xl*m)_Z&^dl^d%L3e3dn^mkKLJ=PO9GMkYdp8pd_wD=aX<m-(n&BStSL)k{us
zm}sPSv*Y{#Zxxg3HdO7FY=)%S4lRS<Px3(qN2KQvMoVa=ry4p1&9=h$`xp;ig=>Tx
zt}+VjMN7=M5Lm~d%Yrp8=kf3lCc0F}-aQE(<~fUb&Dzj9ihnq%DU-K0q}9n8w}Ag`
zye5(obI<7y4Y_Tl7UEE7a%6rk4M1HT*;3)1<Tr2fP3ZO;rbJK8M<A@_j0xbvm%T>l
ziIBjcGsiQ>qyD19_TiS3UK*Y&`zvBXZEExZXS!*Z<exAljnAbyA$cpQ@S>H2<o?S3
z?>>g(jpmCN5PF=y93=kCX4k)*^4+NlgIrs0s>udl5`(AH!=u0KnYGs*A+?!m4#+0T
z9QJq4q9!z?x1S+zJ(L)jjj7#T9nGR;0uDXzZ($%2bqe$OK^49vpqE>mj#`kCs3cd~
z7tmgGkyyvmJxQqwrjY5~UIgotU<)QYt)*Tss9HBr&GVYZEc({Tq|rgofyAc*X13%`
z;McAiLJ@^buL)}&KOL#&kHB)mG@N>&kWBVpsBMStLe*zv+y%jLV_`DF1%aPRE(<F<
zl%#8<YO=QFDFgHA?$;bxD4e%$Hcj^`X|AP^3}>vI2m5pR&w9%5JBbCLh%BO@CZ;!2
zC@5t3&_gPq-Z#@fdO0`$4nn}_l_{~j3z&pb;UghQsbU+~;AIU11+aBOqsB?$DqobN
zg@kF6(Y2c3MKtmb!U4QTYV2w#zWPT1iV$Vc-gm#Su@rN{cK>z?(<tdbKF@!sMy$*j
z@gJ7D@~89XZG^lx!iM;~70xe2xCA{=P&y2h)HR`&TgOtH#fLVU&%s3^FniKd45V^C
zjX6FsvgoCeK`wL{cNCcCU(IU-hiizJgP2+aJ5IbS1qCx-vrr&Y9?F<l^ZcW^x;@y0
zZb7Hj-Jj}1s2C!hGR{gL{`OSWC3yDOuQ?m=?H7QH3wzKBgVmsShOIb_`$Jaag^!!*
z{v#oJU-Ms_w)-H8803PHAod%ME@#Mx)8-dp;(%*+w)2j3x02*3c=8nw64Em5U5V8a
zc$2@wZ9N!%;Q_sIx0D#M%JeIf*g9}SBQXsm+GQ26dW~FMd93o(y=71w;ug%sEGLXY
zk6tJv)8=kt>{@9#LHf*Ftf{qd8O~!q#U=X*#LwCU*B?v0LUooNZ=de3YQV3X1`<Kq
z!P`eWeG4TCJU$xMA8JZ6y3kOJQU&yTIM)VxkeOqzmB)RQKg2DHd2Yf3kl*6-w_TB3
zYYU(|$%!&#!V0G`vfBb}162RC!qItw58>|ncJ9#9GA61@h6-|yBnzfi`TI*jaid$w
z@dz*WNN!It;|QNcg$S>ub3WC604__m%!hl5OX+EHS@-Oh<;Wdyu!)u^I3F^1sj4jC
zMobt?Rvmt6E%kt7e%refs6PW0nin~#0EW#{z1$rA+!oKb*MU%q?Ry3eyxedZii7iQ
zF~Ag#63oYs(p3D$ih_XV(4}aBnP9gel3n{D<5~6vpKy^Bl6i+z_(S#Nx>sc6*oTOx
z=r43oKf5+W){dx^DE|_Gm0j5ZYBa{kg1|yb4)1rywV~P2!g^ABMp+_yi<!sh?(GCM
zet*gNMA?jq$0yT;mWx%Bk<p2sYT;x|<=}Ub#LC$B7mt3o14u=@NUDQc@f~zlQiRDG
z3GFK`(QE>yW{c&k3EyP8C|VjAqn|s_6tr<=u4LWxGjt?YI*~g)kJ={+ergwxG<D@>
zqP$eAfkA?eg07(bQ%aiJsQn<G_O?7=3?1!uZVA~(FwuO8-t@D?+mb};dX)_IJXC=b
zHnas6ij=5a#zb%5ip66qtNWQ2Ahym&WbKs{ZsXaTuC5X|TLvUP0sLVuu^A&PawhDR
zpfFG**?8f(<xcGFOqWuE&CA=?fdT^^z^Ow{7QXQoDG?3ojTwza+?N6<%wuP0-hD<x
zHs0{Y<AW<*>B$lD6}S3;eE(_h|I9Z81P9!f2>xRMxd>3y(7=@7y}B!V<@I|8Q)6Vh
z@qIUJ0@lSXLJp4i5Yglpo*CrHNiNsg_pYN`FQ5Fq^vK=j?Mv$CCH_X~9Su|37fvve
z_0;Ep4PH`zb*Xd!goWawCetT6uAFhEC8A_d(%_wMdf2twc+!gRHvTr9BBcVc<5?Nu
zk<ej%KjAGeU)yc=Kds)e|GnM1dvJ=oRqm__4c6~dTQ~m*h0_NOFpI&9sr(CRJG7-W
zoqf`{e=ks1yqVq9?&CkloMqh}IKN{R@`_(4SZo->kT6!E>S>GM>U_yM@dgu(@=0Di
zym$@4m92IraC`a=Gcb@bX^kxzF$WhgJ(tJE<F#hCnxM@Fb-1ClDWcoaxt*`|Kk?tO
zv+VbPAuK+nz!bxcL92T|Y_kxecHrfKu6=BQ(Ig@VQq4v0f==k5VB(!+{KA#~$+<Jy
zJ=}M4#fdTL0AVq5hmXMQ;iTnCEv_7%b)G(Q2TYAYvnJE#zNOSJIiN5Q$)98AE#e$4
z!K!kEu1mntn1`y)!eE)?R6T9_nm29B(dJ$e${qXe<<{NPdy~xS=t@rHIZuTFwUZ()
zrz|!Ys!gZ%-XD=|BOtKKv8!)mqmDLz#PmVm^u+&8<2U#1_T|H+_aINp9kjvnlBn0M
z$qYH-*Ad*H?NoN*#AzaC$Vmm37CM_u4tCHj1ypJewrIQx=zbWNI0xlzt13)5@z+!c
zA)9HFU&kxbXvUM1um61qv7`@*vZ_ZQX|rQwYcaXkiagskwB2&cPk$mYFF!!XnQ^)t
z7sS|{5qe{!i`R5yOuG23pm|Aa=1=@s)Fya9a6#@S+usdYVS_&_D@_8Dwr}&dbJ4)m
z(wE}@u=gJBY`5?Ka9ellu2!{0?Jks>wKr|8+B0ISS{0kx!reuUP$Sfe+5}0B*rM8s
z8nHudwL*;8Aqk#*p6}<r@9*zVc%I|uaB#encXD0t^SsXUI>+lguXsbfE?S46L6%hP
zg4H$9Tx2>{CbzMbc>ufax5)VH*ZrH_Fb>UwDdHDYGsGmxXCadjWoBZcP5eNS%A3F!
z-rR2C;My(35t2=4C$X&kYR}%hgZq7wQ{^6L_@b0!75>oGhw@0ZJ!vOj-P}7oFJ(3r
z>kWPU_507i=&d}S#>dUAmmou#Y-BAY33<O@c8kwe>W=+h-9q9aGuVW%2wJ^r#BDkI
zvmc<)Lfn%tLkYpJ-uV%Kw3?b<F}ZB=GEDcE)ksI<c+9xex7Wkii0RSqA@fU%!}2!;
zg+6@t!0WXFCS`{Z1HDJa;`Bng3XiBsJ^}xSMABC;0BN4sQ4;f?f0QAS+9qiOC`nxa
zfRl?$V0|J|wWi;2l7lT^r`}7MI-Qr9OY!Je*nEmcH|5Y8{yTYB*!I^@-LH;reXfiA
zFyezw%B(IK0O#`ZF*?>-_#RwrImQM=&4<&+S=Gxk1vv2B@t)Aq{;3=3i+k}6l4V40
zcz(l?>EuoD^hCsZf0Kq0;&9~C(}&7?7t%M6_@hpaNfQpuIZY$`(ivWEF>>#xeA;4H
zKP)Q#HG30VsZiazjd3_yR%z>lTr+lPehcPRG(TQ#^FvuO21QroEhAclKV{$0$8Q<5
z0*5gPwcbtuM;1jEn(rku&xu$`ZrOU^;e9Eqf2NgWe|eU}&2J6<lshFmi|O`)oX@LN
z3(LnfE;++kAE}$l86%PfgSjee_eg(Z0eqtz8GjFb!LJ2Q+obA&LjG#I)7BY-v+h4T
z<=ib4`Kiz9OP2!40c7|d9=3#T!tM;#J6*gooKu(P<3fBQz;-5`Su_|mZv`7<UmiG%
z7SNk1>hBjY9qC0d5*H1udMb~u@7LT4*HDffnf46Xx%^ZmJTqNBrfKM*Gk?O)u6nz`
zpdY8>tgKMbt&!3IUwB&@%0hCWH4SiQraQj<Sk<egzesT6sZFRvAf4gZ?2eSH*2Uzy
z)u&^T#@%M^XXm|IEFP(0b@yOi(u`cO+5RoRo!sl5n<|BnGun&%pWMzzD9WNK5}W?2
z4fbJ|Ofa#Rq{D=D-e1uP*`>5L2Ha|x20TtU`Ga;4Pv&>mM^a)RGRD*}g{EBPBW9o4
zMb^?V$fQ2k&GCVvg;TlXHIj{0eS~VYKU+&Z5tACo8qDAMLN1ala#_#(7QV_(Yx!*y
zKFS-pSjm6<OPlFSZ8cBl!rhm<+!Ng0)PQkG<c8|)lZnj@6_1M-{j9HTOlV~)#oVE;
za=p7~b&fId$Aw#cAvtqx&96U5MfJ35P%d{>p$zbq!tGBca+$VUrhFWy7WkKbWOEQa
zyR3aV*amX@cV+OkZHLHdidutN*ceCOtL6zCszlXq;iKPJHfH7JTMG_pmpp#Hs;Q|`
zrXeb(*Q*33hG|VPlwMx_bq#r@rg>A*j9npq;Hy7gk4oq|Z;=a2ENx1wNx$(_R3Mx2
zW|-3-RsoBlYbfm|%6MBJti-sz;#1E((M#^TZG-HX)+>nRoHo+-c;1ZGvAf=<+*{Et
zr93jfJ;m&jV`pxwyS}(;GaH_w%}v**`$53x*mS{7oR>Ip^E8rVw5H;tFhVuh01+NT
zov-Fq$G*X^8x9eAGutT*%G6Ywi5Aa`3MS_XL7PQ0sXc)t=alDcXP(UeTA;sc-DwEf
zk`~YUsD0+!to-v`i$TBrn|4B!Lt0f?_@uMS>(&2r`)RID$~$}HnJ&7W{=)gJ?CdoH
zp`fiTcWi8I;J_^;<kQEG*CnN-l9$WnFn@+n+{-}fsj7J{wFQGc%m=}!lDqf6W4T2T
z80M^}-cN2HzYqNZ3NI6RSX@*YZU0okYZI5#a5wYr+XTfi9e}!k$wd4^{i~YD^XB5Y
z2b47#{@M`72OXD0Z_aP}l)$l?Wa@HXoMhpU)rVd|K4EL^-dV|@O+m+~n2a=+jDYn9
z@#lsS+sUlSDSU-8pSFVmg+Kc6Z*XpsSlLXiXPhFAG&D(GY-D3Be5TlZ!>5BsIsS?m
z`ooCii$}ENG2m%o!_Dlp1aNEYOs7&gF+DTzP_y!<<j^vc%g}-*pCX^)VJo&|<t3uY
zQKkeV>UrcV$Af-!%g&#<!M6ULyR6DhhC-h3kN`8OT4dAf;}Wgex$S#69@UgvcHcxB
zY_&S1xvX`*5pS2|dkVA!ryE;LB`UZmjL(F~#JfcsHDPNBYlY4um#n{~`_F`y*KJMz
zSjm-1u##%p7@KNzcE4qqdP#?7eVFQ1D5WV}*^On)s@xOSVdwT+V(I@TF{a_}{;(Lz
zm|&A4k5AFFgmJ|zzY8?U{52N#8A6D5bY&6E7gYEour4)=eEZv8x^dcSj-{7!r(aw}
zc2=Be(8lz4G#&U4ww!?mWXp$d9QRgbB*Q!eB|0u$+Y-$$Kxcp6KhBX=is|F%xGJ4q
z+fo^Q&*_3&l~uR&BKzd836XxIjt7vDG0V5Yd>NeqQhtPp{f6;j>4ncPcV47CP56}K
z=Ztr|u>>k{9{27c$^Nbvs9jjk_#!QEE!9HH?Xm#BFeAlMioZp#%$xHreA^ZsX>o1$
z>z_A5OQqx#-j(}{pS=`78K^tc(2KnVlwZ63mx6GIH()Js+1``~dXo1gxFcaH2^PXb
zw$-ow6*4>!@)@JPBRUO;Wc`jGTA4HeLZS27lULPEeb_|j#z-}l66bW0z8?z5lcv<d
zy3Hz=UzwdLowa{Ta9lR(yC>fHB-r3$ak0y2-PIe(?J2!uIZr_ESg|a`C|bR|viq&I
zWNYgRlCiZ_?`N^sfDCXhcP&?gsLMjL7Ek&YzTMrFAx7@cl|}D%Peeo1{hL;YWmt-}
z9J8ifEr+eDeLv8>wO(=Xy{I?xRA4s1c&F*oOSt#rER!Dv1<sz<qK9RC{sE~&hjL$P
zL+D*_kgMG{me^R6Ia%LHiM{<+X=&?4c_{p_xH<od`oev&rkAV=BkHP6cx@xcGx?aT
zbq)yusVMIU9a<d5?3><&Xx_(TZ;p#JCI-))AGiw%#IBa&rR0QfYa0t*j`b_E3!ea(
zc037wbfw=;&r$y`i2%uXJll20{UKak(rqt>_*=`@C9Q7S?IdtZ8L5kCJuTs9#`~H9
zEuMCs2JK7Ts&&P2i|{&Wu!$7hefWpyc?@N$+$T6$+2=;)knAh%Hiu22SxxmM{X;9Z
zFCx9)KC8V8jb}?`0sY{X%-x`hY;0NR25%J9dES|^=aRzr@rE}uSIru}%1Nyr0|i;g
zGXJUTw3Q?M?R!ab)^!adyNlsMhePFt_#Bi2FF;D`u40~xW~`;Os-j0yUQ|j^$F1aN
z_J$0TXzQTONdp%z`m8eB{x<6UTYNDE8T?vG9_2)d<Ob(^v4-Ct;)ecr2h;X=b2GC-
zElo{u#|Yqps@!)v@czNU(D>8<&4z@(sg!vh`0hIAO?}@l%rRK$W%~b=j(<CIBO1O~
z|GBHuerBjo!sLpJ<DcAr2-0<NaRs!6MYp{YPq;MwMQ%Xv`;|gR>D!!N&U0<sNN;Fz
zZDSaJanUhK4{jsmw0v6YUVDGt3X=hXp2gkg@81i-e@bL4x}=+?AyjMspcb76SXqw!
zz${>B+(Vt&QyWi`&?+`vYwK7gi5i$q^x|HD#Rn*Z1fdGPIH)4b--meKU8>VWWIbe8
z1&GOsR1i`SW)|XTf(4U1%W4mGQgZ5pbAkAQ6b&8MCCco2+g&fXpy6`Jsnz!0Zc2Fy
zpGi<qFJ@;cG%+XmbQ-0*_>6Yn#SWzki7J)#^<K_VO!9g&l0t@6KTFN%Vpo6(3>3w^
z5FRHj7xA3z=A8k_U1#v3D6;q&+ew=rP{-A1s=4$;Iwh@hlDe!m9(9~_20cBYy?-DV
z<wM1N;^>0nLy=Ffc}Nxe73^<taCNC{;=@fpZiLvMQKHTq)*V{T9-mFA9g9nw1@>bI
zRc`mXU1Jx1z#>l%kNYtKkscAsq?^Ro2CSN~OXOV@ZH#N&qQ=<4Kn%_YWtI+urhvgn
z*m_Usz@8ie`8B|>OHe1x)gpy=Ah=k>1e6PO%H&T@=}X4vowi_aYWfL{GtGW-@KK$s
z4OivL2C9U3*e0xZ2S92BEe>}h#ko_*o#wO6{c>QcK8rnjGkbgEu8LO2!DP3nJ)`~o
zezoB<>fC8*R_l+`Iy{C(M@ph+mY~jDSc5YZQ+;#&Cu#1J2eH)#p*+wwKcg57m=FmE
z=lCs!A#y~(_}qF~v-Bd}n(@W;Py{!g`e{PMgu7JI{_fdyya!Y(`DPPC{|VxY?p#<#
zo7~F&@v$Gd^ZNMSQtPqpTuO0u%4lnrxcETokJyCu-T()1nY2M#cQU@Y6kKEBezQG{
zWH*=L#LQp5M26WqIgdOud9g%)+VpsDGnBj%(t3I_FBtD+)fIK3)JdbEC5F+Sw7C)N
z5wS%A9L|R3mH3>_MuL;@n1M#*N&>1p<!CuT&fm`HfnJ&=@X377>N4?H1AdNcU=t^A
zw>@2B?w8VY06uMDIQO3)+tm?|=m~ujH;3N%frA$=cG{b#N|dQhqPP2jX4&NYC)X8M
z83oz0?U>9P=gviH*pheyW!h0A^ZVb_G$6cc8A{`0ekUW)R-!xcxI+matnA<uB^1DU
zyEU8vcp5J5d)kV~Yw<lOe#N=k0uv|cMkzI}vTKXS+|?V1+9G#^Bcl+@^q4+&{K?{3
z^{iqdb^hd{D`fFuh}*n_on<0kn54rN#M){_#L4f9HxEv2itTuchn=o?+UG`z;Japb
z-UI~n$;14K)6@JbKf*Dc-Qc2+#3qStmWb!iYwHS&=g!o~2d-9ULu%Cb(c;H!Jy*I`
zzBRds<z#0>HT37Le_Q0n=LS!*Ya@se`?-($DVVOGjA9|BYP(_%@@lFJ1;N9%(n${X
zl+A%zj=4R&l((;=&Qb%u{MAl~yifc1N<r{RK@-6?bhh1xn$R@g)Z#Ns>N-_!4577y
zsSeo5JOBR@`kXlU#dh{X!WQWF(0EvV4bpq}6acWA#&wKcK}~rDrqDMl$rMoq#`$Y|
zhBt8VjPV5S0qBUraL>Y<!?*4;*&L=v=rg}~;k7NFm%opr{h3KJN~WVRaH~`IB7!tf
z<_w!pFsseFU3F>~OdB!cPS_Or;EaSycc5yWjklk+FP~A>#^=r^K1JM8y6``9A|4gZ
z%R#cNVP`9a`9xt^vomL)p3w@R4=*ES8(P}B)Mb=hHm5o~Hkmcnz=VS=0$oV0)XyuY
zy8#9dk`qbwb<Bw`w=g*36*j$QgH11DnQ`_=LuC#*Q6!dy-vUOA`fTo6BCR^sKbF|q
z(M_zUJNK7b(`V(P>SW{NBoXs~H#N~+TIR==-z)qh0GFa=HdrQ@_nN!IXvH9BMkja9
zf}Wt-j|TSVPQIUMjPMibio5=Ynt!P|<XxwhfDmfqd$_jV_h_Uu;f|O4&csIo^v$Jj
z!c?Oc5fe8zE2cb=mq-tmTY5s{J^qliPH?BcOCN>A_npa{vjVki*=|F0CmiClctpW-
zDi_X0baA(TMxGL)M%#}lnLP(gX{Uh^j8O+bvfJ4Lu~&4weMI%saNQ}v=M;F-6<c8%
z>wkA#SH3)IdyZ;EW;!zw5dfMNr?u>6(EmM8HXu`Ep?a0KXZZv~?YDn<VsJVtQaWE3
z5z&;=Aqyad*csgxUmYBkA*Cu9Bv~xCHz|(lVgjAXd4v2BQ8oHH>z4Ea<yy#n{tM^6
z9yl(o^m6t&6clFzHzgU7lXQ!Mz_L|drT&GOpN%~kaGL6S^gpbfFGO%t50eaEy&5*5
z#wz4OvL@$1LR=!c{avYZB3mH0gC^OQ{H@b{w5yhI#-9mQ%`rBUR<mX;c|Aw@oKC5n
zh+9hvrD{o20<`|$!;TfDqq^RRqWo$JMvE){(DFHz!O2}%>+5KS`ofbLrvtO@D;1nv
zcK~f^;izxF9)Nj>UhV-zOB2xYN-sP^FD^S=S2#6`6Cvo!KcTUi3ik5ZDxWao>oO~s
zt*jo3W?-9517t~~P9xO)EJq&eOwLW4Dd{eUgaYVeWF*aj{mC`bLmlLR&CYyIl<{Vp
zs7$J{Q-e?0jgXp?lA!wfx~O536depL*vmfj%h*7HcrctP;_VUTq1U1<+L@W`P*$F%
z8Mfy~vW~HKm`GELR9{35SLlo?{u(B)R14LPa9#^g6dlbhkMjSF-Q<yJDP3-w`GVkD
z%ulqCt3!bc8Z+EaI^_tPZ032b#XDiA8w%k0%WmaaEgsfW?!s#FC9%Jo{SyJhJ|MRM
zJ$fwSrUwfPh?C>a$m0$|NU%EB6d31|dqCW%_X?{-6*C5&G?#c^6>j~}`p5sUi}pA2
z8I5E0Eh>QpMpm2QJwj#`fn_3G>HF1xVTA|{sJ0o?$fNq`OL`gB{5e6gb=%S=OV7}d
zR}rJb1Vb|iD)lv{H&nqy&t@QRwR^I<^-I}Tol#XQ9Oj9Q+DW$^BUFX|gttmeOmJet
zY_+6E(#UFb)Gt6Y9IN3FDO+Lv(s>ban2ta2b+offH7idut8Xve`~e^Ls*pDuS$(eg
zIu#z+SX`O}d)crqD6$0A6s<yft$m?nZVe>DSKDk_9vNg!hM+&IH<Vc4GZEiqk<Xm0
zN>3kekO7}b&A_<RG9D;Sh9KO!VAtTUuQdd*hQI9@NURuD93qTphoNUuy4e7K7TH%6
z<8X{TeP9GdN}WNaurjy+(kT#D(~6W9EK3V!A#Q@CVsVL8ac<x^MT064F(DB~&?;oU
zA-uJMO^=I{him-#r&K4W+>J_5WTZ*>roLl!(N`UuQmi@hnsB1ifuu0+!&u&fFhqeg
z<%q7|G%z@Cedqf{p3La21pE?b1)t(j{Bex+B&fSLV<{W0xXv}H09vo5uVn}m^%7AV
z&z~FoYI~RD*}8ZlDykAL=2igDX1PlLHxs|gyjq@@!%DhLG(7C}fR@A-_2%#bQn=w0
z0p?ZdfIr0=Zq|Y$Dm#?ahEB?xpNfysx^nLOI;wlvG)UY26#glx(A2y|bvA^AnZWLE
zR$<rIySS{CGL4IEm0BVkutD%xdXlt)WjZse?sPvXtgfl#r2HP>TS{1!mx_(GnQe2v
z_}0M7&#OY~s5;cX1{2!|5FFQHP$ep|`t|BsZC*dzWY>ja;H4a1<YO=5USwjDZ_+9s
z)ORy5%#P7u8rRl+Z<(jUJHY4)Q~TKNaC3Bpj7-0flU8p1<olE@>W13jb5z-2@2f_t
z`4w7iz%<3S)`@Z1?%^6YDD<=%Cf-*uE$CjqRT0{Vc+aN9ptZGjI^Ec#P*?;mTRzqf
zn@kXsIYe4@3ebm1s3CJ3ODGOAW4<WC0n6g@v|fs7IpXQ?sC^D7f{a+f==z_`^HzYR
z4zky?@*GB=Sm3JYNr8p-A1f@U2J#4<hVY#hwefvllSG5jN$Wu(9#~gnKMpLU;}ooV
z>EWh#k_q>RiBDLzDA5zj$|lOsA7ASb|C>?g5P8D%?THfp2}8?orsA6r!ge4RS}7FG
zmg@<Jz0rfs2{XBe)#Qiqi}O~*Vm_y5G>m#5I!g&J3vp&&X627fk+(=Is(B!;o!oq)
zfei3+fDT=TBr=vSDM?;5qALtsmJND!Q(HGhqb=8f=SRLPab`56P^9Y_gF2&8o%xKs
zd<#V5WGh{ksaXhOBvkq=_t5<#;Z~gFI%Sf0AYHH!zBOcG$uW8~S_IMrYMFitmX-mG
zA5ziQGxdbyoFe_qjPWCg0#<))SwZV$3@s~1T9$SVbb9d=^@f+Xdqv&A;I;?lxsH;J
z-OSHo#ffRt5wF!!IRR;N(Vy(yD|?(gbK~UGU4HGe<-&NJr?>mMF(<{}Vv(2ey-y5W
z)~sJ9#czqCu)KF?VtmNDa|SG`JTV&7UY1G8^9U;98%VBs>A*Eb(S7>_w`b92Xp@q*
z635WjoS0}h3d<hzEreI$?7V_j%o!pwXVF2|43}`;pw`u>SB#4Pa9~@VCMyk}288#)
zJco$p3;X=Q&KCy##fK)ev6qDaIVHM$#~JcMBC=^r_FEkuONxoMPAuA9R@o2rUeNXz
zP+)*wjJ8Urdl8@EXspw+O?l0d3sB{~qrJjhXrS2QvH!5fiL}{^s!433r?Gjy<<PqA
z$WPK<4+Ta}NwX@(G6yQ!<yMN(s(-NI4ZHpqoBHVsUUdPCMaqnQ9lDkiOKq!*9*d%e
zHOl={68xKL;)+KGfjwzO2B>C>&g6n`gQ0<~5?WAGlg_X336M}?1qju=8^_xdlb;Ye
z(Qnc}Kr4n}k1dHUurLE7%YMIja!h=|?=?9>UMQ%<uC1^I2YOVBoOu@7Pq~-RY?br)
ztpC2l)DN!un$;SIHgUbccumgS)?s*-9P0{47rf==2~4=Ol_W%LnnNf3L&dM8`JN6R
zw1q`g%6O2lDfx1IBm_A6^_k{Y@f!_om<_PQVf443&E`+|tqA4E(wOAXaLwvu!$O>8
z)ms<v2}P41Wdbq0R&o83?o^j`R$dgI-D$R6cEY+MGDSC082{!ZbnfNDY}cOFH<(i5
z%djHq*nr(~PchTGNv%Y`C0L8b0}nG7x9}x22p_s@4@ri4!uxb#63B1Uz$zZzE(Mha
zC?Lg(V=g(s@mYB1{FwEGV6x2Y#NLq@`!TF^)LOF*_9DA`+=?A$ZPg@n&2X)^$)pLt
z)$tSiUPyPB(}`0A`I2_NiMC1E>=62XJEA(w9*C{~uTg#O++TO%XoB1`E+e4|hqTov
zlGnPX@)paKrHgm0L%Kg=O~imhtIwY}_#iz3e2m`@W%c_UctDFYmzpz#N3wr_?rf~e
z3llmvcnp{_mIQIXEwuH3S8E^=Ld#&67`uaJl?l+Ph=bv1QWjy~sVQZNy{Y)kg-zju
z3(!k3EU@L2F>9-E&TnWrZdCb#y~E5e_(oopFU08}$y&G7m|tzM(*wZM<gJsRw|3N6
zXg>h|6cy-*np6qA|Ik6GCs>6w09FvBcOsa=&|y{kEZ1JoBnQ5Y0V^4nltFV4iHCe1
zl(+@NaE95pz-8#urlIOYa;ZzD_|<wya&-oGh&VDiTZ%!6%i1>V{=nYB^DxWT_-CEQ
z$6w2Gt&iy#WvCgvFN}J_^WG1PJ#>#KDnY&H^%A@Da|;Dv&oq^}D!6y`?}hZ2$2xP3
zm;)-7!@x+^kmS}T&D*YAG-1OGkC`n7{-yZj$#=OGX%^{&jUjavn<+r;2mm>5h8zb_
zLV$XE19cNgX?FF(<p7Xbv7dt<clng^@a$xB7O>LZ%T~L1=m~2IvzI4g?eh$f<p8Ik
zFt$aGPNcZKF4<XP(;gKpp0u;U9rh=OnG}`HnR!InRCr8*4%K|`Wy8UBRaFN(C`xic
zq_#FaS6FpWCH3nUq0WWy+eI|y4*z-vXq%C#^4=_)h-cAEZpNxqA(0h}IBCV442P@c
z9Ob<}M39#Uuxq9^T;bQq*h=E$&bqJcog*PU#4xBn(0|xejZhKr1v!JY3v@{D4)PbW
z=rU(&u?|NU%)DJ$Q_%(=kio@P4-~Wv?+MJ6#1+5_A{|U#s5OSyv5iRw5ECC%Sgc=3
z+Q;s~7DjuH7#XjnvE+HKb;k1qlHE>xcsx8pt+KHr6OP=43#%V`B7xZzy_4${PH*$H
zy$|4j7P2qc4%~_4lXJlBx3v%s$zj!j1*h5`s$8L+=MCoCk>$yRiPPE)XKvP*2d_x>
zMtfJp>-J+DKnfW^_K+I)g2<eo;z?_>EuFdID;F8)W6T}E@Y1ByvY7+p`a9)w150+U
zbid^k(BCEvu!h`g-2^!@b|)Qv5$IQn<dYI&v4;%`-mwS_2+|dpt6cl-6IF$>)<kcv
z7fqP?Z6tzt?=&Y0%yrkDEhHz(#rI606O9bhj@~xQN#$FwKHKSx$@=^`pQ}M8l={qr
zDXQWvDy!%9sJkpqC&FO5tzrlC1mR@Pl{JR_U6KwveIlR)0QhUo1c^9ZSoTLc1tKkn
zw|{*Mf{Ct^+P&cRhpd54{ITM5Q3`Ac3<vkH{RV{YZ_SZs6<|OG;G$urAtzyWMv1c=
zzcjuMmshg3izpfkGC^^XWaO+<&Sp1*ApV^<W}4W9Bafa553E41T)-wmWn{r-6oI|T
zPiMJ_4FsW!rY#fZx1?W%&trN!(lWS)e>^s{86W|;n+jk1TivM~W&B$-&QZTMMV*XC
zov5YJ){+86Ld)LRyvjaJhxs5J+^G}xTi0Om5?oqKCY%Uc@lJrR+JW1FPPXr%(OQ=(
z7{EY`-%=y&O~eyA-qfrXsfzqZA5)9tQZyn%jo%)8Ti<>J!Sxn>Q7rrYx+d;@jqdx$
zJ(4bCCYE=GevB5y!AwG*YtTVkZTaJP3r(Gj5Bx(cbSH%LUhtQf61G1Q-nT}G8<$&~
z-TPQ0oeC`-{#vFLvrgFb=^ew!s9IXghYFd~n~URJJWKklIpj(wf4+0|PAKOLBW`pE
z>$ne(uI$$9gP+!p(ACVKZ-xquX-g{w+oXPXX~H~{HM@D>vMa+VOJHz#|4S><a`bUq
zNvnX1JG@V^2YTt%-XRY*fl&~j8@=L<_zXf-<_NoFLUSIYh91tabD8(=0o<>;e`f#b
zM+en)S-zk>X5AeEziI?}QIsEXy-ZcP3^d;>f!4)E!<Sp9Ma;5_YcOWjlY_>EB@y$z
zdwN1k3B%IRR%2BD6Wmi;P)Y7??+eXj<m>z=fVg~WgbqsA&>e~V`G-(OuMo5XBn@Y9
zhPq@*HqjnfMn<J@C(OQo;v5(6L&ZT%P|@p54g-kAGBfo8@I`{j^*<!pP8R+f137mt
z3g4G1V6^e;*DrzF-q3xe$+?N)*;zCVcQm@uS(B2mUSY{$TqyCmBj1q`7higQIq$tj
zj7>ZlJ115~J$4|(uQ|TYGuQbgMDSW|I9nkRu1=4MpDrXKIENPPtcJ%isZphB-XYDT
zTAJ-7cm@u>+!&M~Aq3U+=k6(@`|m2-R^QeshB-*>`fEb;u^``9PiG8)ZSpE7v5P`K
z*#JK&{yBQ-j_Bx0EUldoUqJIN)-^7yYtq^dFok?sZ)==ryF}mNnpue*_3;J;R#bhF
zD9u;Q|6lfQyAKBy?Yu+|g~CIj=xk<t=FG5715xF${CYEEiL1^Fh{PnO!0B#jWvQy)
z)=!quYFD+DxF&zi4)6R%CjxLAqiJz-LtOs|#kq*Q4{c~x-f>3O6=fbC9(SaBU~{Rr
zL4&I|$iFhb;EdMcp4XuhWMIFxtor@P{K0xfpnt&+pVhI=sjS;qFE9V2`L+wUMM+2R
zon53V`X=R6l|(6?=+v9z7FOxqJwN?&?s#=?v|kyU9PuAe1k3j4VPPX*gOgMu|Ni`u
zqhlwrA&B$->6*2w&X>Qj02Yg!3fDZq?N>1D92wRBxY=KmnDkKpKE!+$@6pA7F8}gK
zoM-#z>KsDhjl;iJjVpitGv>K-|M!FcUm^~13ij1nIGdl)VD#!sJ95#ms82UB+pJu*
ztRu`yVGg?fiCED7FRTA*h^Uw!cTKj|rdZoqkCL~N72BTqWzml3q$L;V-WNAxO1wd?
zAj|h(*^d7ev2zg(stQLaD<EY(K8zZoqa<L*Uk<L&ERZKuOnI*ztv;sj3TO@vwovc<
zYn!C*S<*Oep_IbVS#W_!Zvj!#V-2(hxuJDC-$aloTi5@Y&0j_gwB`?ibxlPv4r;hV
zouUTbxdv<D&4#+BeTb=!Lu8O1T|QFSrCru+)PrVa7TdE3E46%HWRw2IZv2UIqc}+i
z*fJ1VI_I^#Uz-<IUj3RH90c;9C{9k8)n>GkGDDByoOCkFCnV|B;JSk&pM$_)+o<Ca
zdQNzR+YIH8O!5pf&jych&+Nz#d7&}Ps9?Bc#P5HmcTUYTkA;fSwh1FIH3g}1lF|1z
z-ASEND#8{A%hP4Mv;1cA+3<jx;!dAib@fxGWWu6G{iBlhBP$(8vDVS@8WG&iVRPbr
z2gr~Fz&~S?n)e296NPH2E^IU&-}bdb-nXYYd{S27YeQ|*thI=Gdu3dFTfM2Ui%yZf
z8kB8?HAnROHG1M|?>G844mz~W(<<oL?MxsQ9$r)RUi*ro4xd#;*&IN~s43#EcFN+i
zOl0sgx?-OjRE!<ZmiOA-hyPJm+`Tz}>yvZabO8tR<MpT}^3y48uQs3L<!~m5&1A^V
zQ(h+-1Aw~S164f=kC$rp_-=k-b})L-SX6wReL@7_dI8tdQH;#vua?bI8`F(?rp9q}
z`gX3Y0a+|CCz#ocoXqYZ=6&#s%W9?+Uve{A+*_>T$BJ*2@5~3xRI)7T_`iA6lhHdA
zbxxVpBb7`Qzm#VE5JCytISN+vjR~aeS>gD)<$GA^GJVV>TE@r5hFjBXF3WHR{x3B}
zowrpu!Wv#fwS*Vh@4Bz66s{m-8(KKU-}{Rv=XLrOynS20t4<3dDV3Ay4_i@IaK1#S
zb7m!!wzNs$CIoM)1|dk1aCo2QSKA{C6Y)YBOiSommQkTK5_EOrs8-K9`(fgJ7mV3_
zxPRYz5X>WuKXzCoRYnW3-b=DmAX>R*Y1sv~@EnknJx75JBgsT^Py5jHq=pHSM9#6l
zI~UNOE2YQW=~pRITZ8%Or*aV{fPVu?gX{p{jAi?~Z^zP=$IUG749-8cI$gUfq(deI
zO1X^b5}UTB7H?}On<_B8d5m!4qea)M7v#Z<%IJsz%J%I6SpZ9CDan)Hi97U(Av%2M
ziB=?{?6s{)3Ja-a@{qgf$rDumJ;pZG@)~Ii76IMbT67~i;tYcRW$w3+nU+Ab-u>wD
zLURTYcJeItK5hQX)2-CIrB_M|uxWhNDN8DgZdJqbra2tP=t60ov=UkeX}|szsMG9f
zz=Ls;%dm!DR*yCBqWmtM18k3O>Wt$b0h!CDIjEZ!HeI==P#^{ETnjV2b`5F(49r{_
zXYXdGC5T6fr9HOzZ}Wq$<&zYyutQH1B>@$ev7cC|v?|!9HuWvTVfuk@q?HoQA+0q~
zIX#F?XL#FuRy!bVf9=5aUAh*yN|joi9u^2bTxR1`($h`tkA<E59-r*Tu2#@DnEM${
zi3aIraaX~cQ1C)S2OU?Iu`X#Pxze52-;~bhV@)^Jq6&~14X;=ZTr%<qaxKC_*RZQ|
zElSiHHjr2Q;0hIe&02-O+{E44nzYsT@(asP3Dfj_RC|5Vd;B^`tGp8GkGp~GpBd9A
zyi0t0dA&1bHaQ&@S%}*#S?KHOF>zll*+RE&DbeM@QSAi+Nw;2YFs|?AP2--)h)=1F
zVfHjd5u4>1Rve*1j0S6mo7tQq_&Jq<weHbLhaoC8V6)-A%UF+MC`5m5Ja^5Jl@1RI
zSI_HSNUR649c&zzDDJGOuwKFhuJ>1J!7qkBun34Uh&ReWjcnv@-P^n+eK3E;U@3V2
zh!j8RbvRmEL7qV#rinATZ|#W(79MU<Pgalkc{Y_PZ_%@d(n=;n-LvV3*(&^*ENL;X
zJiHB4zq5uK78K^Xk-v{maem7E7*JE1ds0%smwLG;t5K$OqT7+R)rgDvAC^-aX+pTE
zS-l{Ad@G}la4=OPn<{3qF~Q`|$>a4hVD0_N9WG6?LQYR}R`S;R*Iw7S#D@Ki?9fdY
z7Xy7Gp;tF~wyHc_POB5npevW6UpZk+#(Y5H6&{4KgiCRuIRDf49afwq+`6{zob|69
zjb!oz1x9-QVn3s*w<Q)eFapX1YxqZ87X75P!`SyOiw+~AM-g{Ud$fcQlM$f=nsNx=
z7<}hi8g2fk@a{l5o7)MmsE-aL{{}X(8MNsQatXBGbF?a+a$?BU=vvncYyI+|RI+l7
z%SB-*Hb_?PV5u5<hI8YrSV3?z+}_#%k@(EKHcCLnk53A{sw%}^sydjj^}l2AsY8vy
zgX@alckNBa>NST)X}yKErUlg<ys+P^5QS=czpPmhcE9Zbb}~t-8Up6cnQXq1oU+Pt
z_wZ8pg373>d@jga^##)!ekZY{>5)C_1OqxDVP3a9e85lUl&7F`p9Vce(>7&LC^Wn)
zsfvo+@)+EDdHS1q^9QTJOpe)*5l+>+JGIc((Nbz8xu)1{Qbs*1mj_sFY>e{tdj-zi
zsnsdk>VBO*j3z+tVH2WtTVf`y=LQRrW})pzPZt5eu?K`;qq^!exT(*}2v_qblen#w
zW|$h;dN(pZd=YS*cYXVB`~BQ}*D@iTs#}w1v3!h`vTZJAUXoF!JkIlYq9;7CPnij1
zgcyN9{!e-7SdSCaimMOD((8CKUXkz)1T7iyE>}WQ+Ci7YsXf<JIOm<rk?og;;RAQp
z1clvwH%cD#&K;^668WnUmoPMZ!N!+eSh9hD%yrHaa(8rnl7NgcNHByqTM9#S8;3u+
zyKk;Vdj>u(l=CUOuj5CH&1z%{F-ws*#y&lr6XdKET&GsalCH5DF?H7pSUXq&tXs;(
zBmMPItpch1oFd0$91&O-C|TU0yEPpsUTAy=cQRQdv^>K4-Myl+F7z|Bjkj}zH!Pss
zdu(=Ocvo(6BRcDtiuS$=Snh>KHRcyXd7%&5hcif8X~9JzYvmht`xKPuCeN&~*ZvF-
z1R}wi(_E4N)Brk|nk=1e6nNC4$+K1OtR2^Eo#F+36;#*S$RE6oK$E)-pb^@#kWoPm
z^75kB=B9!B-Is8j4uCy(xJ^lJNl8l<!r}&t7#RBXvZ(C<ulUFXl4u0C*jEEn`|FDg
z3-qB%Qe;nW+lzC_)ydHeh{zLP1K}1s#*BDzt{(HP)h)LG5K9DylZ>kQATjd9cwM-q
zS;jW~&KLZDlc?v;ea&m3X>WzORAO_=uu*G~$#oXzJ{OWeAT7Pu?1vA)X<<;c^##iZ
z7f&30jO2XgMy5wUPuCUBwDF>BV6>%DCEK4^=U!mZfUKJVPLEU!Znn6vu)sMzrPD};
zW;%<Pgcz?@5PVjT_)H~*E&{pT8;o%;3k!0h6b+xuSFm4-v*B@ZFA`K4+;Y_0q-Nbd
z4LZY3uJIAzT$-SU7yN4gqz7wyoWEgW-Dv~>8w8vQ(xcZ_IrxsK5dpJOCto_~8Ib~~
z17t!;ue~8mg7{~$y`vLTBPK1pK6{yw;dLQFk4uWC%+(l1i4FXA*QttH%ep#MZ$(AL
z?o{A5%Y$o>7HTFEgrBsdzxmt8gjA-7B5Nz8?Z)mzp^gcvsg324Y2`CSLGLtxSmWe$
zD5C3%mf0dN{1)BCQvh(-{spyP-chp<0)Ki|X<mETyn?Ze6S20mtzpH9_AGln6s?<&
z9O>-Wa;z!|lNs&k&Y!e`8;dQ&{xQZ*`|K2sL~mUY!qaUAHv=sjC|MG(g;34hcu)n)
z%w2P^ukEs~!CR*(>j+6?u@4Mx+2c|93n1RVgntVCwmogYN((;p(Dk%OC9gC%FEyi;
z=afj9PPR>nX?%yN7SEKt@6PSaPF#`eHMMf7u>zV9gffK7SkN~LqVs!j_W*>8O+bA*
zuSr~g&l{N7R+$^W8qjz)HDV5mHJy-yg|vgqHq*_yDf(vL1DEFn<)$~gdU75+N|=8N
zFJyjS(8HU5NtbOjG(BzqaDQW`b?i{F22pBzT?ilU&t14-))Q|dJQdH%1$4|WdKBT*
z|NbJ>LxIu!%I>#<t%yhmva1ePJQJ#^rU>(^ZmZ7_Zn`bT1Gjgf+KPW9!lKZL>pue%
zJa4T-qI-^M=V~x6Hzy`wS?s{(|7=CuytFLKc-5G+yyeh}pHW+b+}F0gi}8$*glK=Y
z;-7UAw19(*miJE#nCB$Oq$L+|DIR9K_)~aPCiLue^sGWd@}jQ$EAl|bZ}!|vF%#<p
zm8hPYjof;Ri3xmvh0%hvsamx^xRB(dM>$1*N;(*A^ydb?&-cU5z>JS9oSeArBy50Z
zN0z<u!UUlAdPR#Fd<m@3Mkg9EGi*YMn6h=z;B|z*{q7=Kl?H8>fj{*PJA<wN^aJCx
zw^lnwHHE{)?Ki<S=#ph@38<lc_-%P}L|3wk<>*=XuVDeA(59k4w-FRmbbI=CgupX7
zO!A_<keoLm-r?%{(sMI$Sli&rg8G4%eS4!^WsaDf2SPG(%-ZEpnjtcDOF9mhB-I2v
z3+uP65UCBT$S;T#Sr6N#_2HEGhklVcVm3a<5Z)fnyyo(JUHg83lz`mmD#RVas%|Hi
zTBo~EpLi_^7w<ri7}HHufN0rqG#OeQ_<wE;El4eV=C2Y86Bw7!Erb=wr#kUD8LI0{
zFd@ImU<B_R=~8$Cl~i0(DzPkqiGkCh;SiUSvXRjpKeJN1x}Fq7B9knxMpFh9ddwC*
zt%do+-%glf@s;X_h(IFzRY$si$0}As*K=oTO*Lnpxv$tZQGL>W5MD{KUIGb0<9p~~
zo}A?)ko_Q1g3Z`yRST`H9}0D(u_sI+Xjov_q4Yuwo(=-qEpd`S7`{8ejw8Eld|f!)
zXnSfa2>R<W^mjAEajXAp6XcAE8dlXkuqh$g3<+Q51HriA*`G$xAqZ|40x2xcPWyoY
z%T%p6Yr^a>twIX-a$@z!mnc0LoRF}-x__^&T>!|@UKCz%vRJZED{l0w2sv{?C*x#<
z>d4|A51lZMp>z>2Yim%ig8nV^wd`sJ)Dr-AkMh48E3*YvSL+z_Zfjb_gpzbcaib{X
z$}%m^7|VghUVV5~EL+Zv5FE6Ry_4=Dqz(t}?%HWvjgHNZH7|Vod?{XY+1BAZGjkZa
zrL6cE2@UK5^ePeLl4yvLk*`NQ*mr1dCv(wvaY=@CE!9E+3l+-K#tPeW51VXm!-X4~
zE1`I!rD9%&h4e!?i@=*)xkyeg=f!kcAby$8iBpgr#dKKL+KPOBl&)35Z)fW=nT$^d
z^l?=Yi69S^Qf9f*YO;&$eOZQG8A#H2UG4tUy`)OT!nZw{mYantJX!!+;}rMpxaBJF
zfEoKUdJhllJyX_P*kLdbH4|6-tz~n@*SI#ASTTNPT`?CS+C|X~E+y>JV`NNb1{Wr!
zz?&tUJ}fkdClAl<ay;%8zN6|&SJB7bZtS(Xwz|p%U#qxlb@k{9`<(I+l#K${174(j
zW%q9vmD!N|7}(I#GXO2Xf3*EfG<$qMgT%t^<?h(>u-(}7AzsLvSk9r-8K#-I_)Nj!
z_=Vx5@*o+LuGsn5(aZAS+i_?FbSJ>mC|exXYt#aVMsy0aSVyAo*<_9_84Hq@8-%zk
z`d6-q9+hi>_%n|*)_Vs6orRm#6!_-a$iZ^|NZ0n_-ouL-E;)}Ou?k=qUl<h|cQ`df
zZ!yTJVE>u$D?v5f*XC^}l{KA1iNPPhXrUtNr8<7t3{75=hwb7VXHKZ~7<j%dP$&^g
z5U3uiEoK!}omI1&5C$$MbHPWyjnp>52xfB95p|y-ZVny|(nSM8tkAa&FP?RoIntaG
z{RWx#ni2u+soj&DIOsiyIWLdW3Ivd@)nsabds8}tH>#rnKh4S?$yZTGZsv@0d1&%+
zE5^rgb$+b`rlM?`?`NitlgO-9u^kXymexvKgw13u9fd+>$@)zD`g$J1VXZCq2C8ek
z%c?VVSidJFZP99zfCIe1+k<`631I^ksO=D=$m?ac58WG0hAoy_TkSZ;q3i4%i?nRc
zYQJ0g{%Z9YOw~e+#EiX)lcCH9WOiy+RYnw^1R5nKPe<6vZAtHY@8Hd#I~+5hpt{ED
z&)Q0_Tknn<x551dpiMt^{dv3nW=6goZZMCFuVZotpv?pOFZMETZ-w|LKo>J)B0Y3j
zb;dBD%}P*1DlD-@Mu>(Z2zS*$yYaE&*jw^D-nxZVZ(G_FM|*=MipVyOTg4b+0@s*~
zY0#@L^`BAlfGp=8K<WO(j1A}=IwzyEYQ`9nT(j_2M#U<ghJZ<{ARM{{2NvESsL*2P
ze{+7@4Wk^o`y&wo0e{Q4uo@ouy_KHM#)fK&DzMKH!WuHqkEpn+T%?%}awUNtVYaxZ
z_FI7U;YoeJ_ELK_)0EuJSP=K|6Z_+cyF|$2M|w^NiaZCYBg0=4Y2osi9{N)&E6{)9
zef3HNf${{dGGh_J#+SGvlx_h+aRxoCFNr9<n~@Q#6qnn|;Ar?@ZSC0S46>p`N2d1D
zb8eG$C51V(pQxIDx}s`&ZAu72A-rnVmF(V82QZ*hBDHgWndD#ZA@!5f`3ZrF1Q$e4
zu`wdRI!r#6LI|Sh*653?A4Yrv&VyV3@SP@>P3bLV==QWECREZQ2n|yzqE9?+m;F1|
zU^U`M;fI9!QS1fQE1{tX=URP}hGIi!R+cyhI-^9%&XYvNwxd@`)?LZ#%Pi5M$HeSE
z#$Y_m4^b)WmwM>6Ow=q^mI0zGsv&ALtIjJ=P(p!K_xHMwOip-u=|I;`#Cyjluicze
zpXGW3O;UP#ezKD`j*pQrhxD98y)<XZMC8-*qWRpg<qY=rx(bLu`>>C!KbcSw4rfbP
zSb7yfonFgP$W5$1l!L7T+b0Hp0Ug|%?Tv2<q;NMy8oqx-BIup_O6p)QG%er9u!;W7
z+pnaxR0}Fh(!bT1u22r(mEevD{XCPaLQCTIR4&mleVpHE$xoJ*3&$CM-WNwF@Txg{
z%xnKVwr#^b4$QZ0D-+tOQ02lqdD+X#&|nz=e;-sI@W5Zfi;U^=z7DrV|B#$&ATQD~
z85Q{PuVhCnT!YbaNKb|kp4OU0+x|M7+xDQ@ZM>UxDX-TQVyjk~au)P8OHI!HNp*qT
z6;rM*6NIJ7maU4bb|kupKuIUr|6o5pE`T5Jz0VEEP>%8AX6->;83_Mf8*%I;Zd}bB
z@g=7&AXYYmvt8~1WE~HHM^Gm?Xj3&0HR|^L`>D^(+gxlfP4HW~7z((AF-Ii9=7{6$
z98RjD+y5pQ&e`@fT#IzLxAgBze-S%_*{G)+{>l!84eiGFu;r1^6wJ}y@``!;PG+R)
z2HgId>ZtKDnGt-j=lK4hW_H4m{hvWY=sJiE&$)rcm@?hDU~ONpJnY-#7gcmEvhZ%D
z`~FD1&!xZb{hG&tr)>RwMf*QLb?^V?KK`Z0|6lVv#1;kGj`kpqlDt4m5j!XFivN7L
zZKr^VkjwZ-9iKbbx@dE$-NJnuxVLH?Lmxglr8MX#VCq_BtA;f7GFFE)gATIb#jUm%
zp8rd+qkeGMwuhAF3|*CKR6d*d*sDRpLli!H!`tWOggBLUz}R>YH}K8pb+!A$N_UxW
z-(AfW1e7<2yY}m0)pLN^sQw%&6`3l@l$THFiLW*8do>1}kE40*&ny6X#wT+N3l|%C
zowWJ3BDdPs`osek4-G7CDVk5)TBq>o{P*`1p(;sT`BA72Q=_JoBCl~gICkL9?4-Na
z;NTlM>$W{nI^8CzcU;JJy5ekQ2#Y$4JnzVI^J=qatL<XrD@e<@Yk9irp=$e8E1wvF
zf#5$U$D3*=A26Kx374dr<W;d5DTww3?2#F;dZ$~n1Am=BGCa968iPrkklxcPynoN4
zD9ZW{YvhPd(t$uy=ppkEsY=;tbY}7R`v>de2HQNJ8{m1BJrNhl)tZL3?y=d+-~IG2
zeN@j^?8Tn#{w3V~Y2?H!s3Ksxb@v9-;g!^+aPEzb$6vnY;ttgg?cMc*qhfOXA;J}B
zgEl8``1XxR6SGzRi{sn>=lC}w&BCUTA=Qyz=fMR;8;-&eo-x?Ku=m(Y;FVSq87JZx
z(%A7`d*Ig{=QLqPP?gY)kDbg5=l%>i8%X_!oJ9`FOib;m%(4x^@?4lZkqyelEiL_H
zYYbT3)CEe~q_WGadTb#w&-as&-(rUsLLBu_bFNMP!~HiqF-Ct=gZ6D=Elk(iQ%9r>
zTj&;;tTrf#%3FSo<Gk5b>JrrM9V_J*K8yTQZyACkNe>&+t%-hC{bel!Lt_#re!9kG
z!&a6r>H)>uhm#4v*Y1VKbX~<f<Ty|3!86erI*F1b-Y(6)W;8LSRHVe7>Uy13SRX4U
zIfpPga(ynju;iQfb|hdyTHw!KeXRH+wUMHqofbWK0m=qX5JxG;6LUvU(Chb^m)_3{
zFodKJs?GkMUrjSfVZJ4#KOpvKuAI58NmehKn@IGV=DAM0KVRP?D7Mq^WJ)0=^{Uat
zoD%uaN;hx?Sv7dnA>0?MZ5LF3$o@y5MLOF{^Z1XLoV<<d@Lw(|k1Y`rGPnmSQvzPt
zYU#O>PY<{~(F@9;M>BEqQ!38fvQ|y?&kEU-uZD5o-Uyhyle&DJHUn(Gl-x`a`}wtZ
zwcovh!Y-x*Z@sjLXA6j<=ib`#&5>=am()|xpG&mKDIX@@4w%gQ7;}+xGxU~Q=|eVj
z=wU+l@x$<N`hBhLYzdd>H4;oI*Ecfk=d5FfNy<~pf+3iTW3~EnY2@a=?9S_^kD1&1
z{h`BocSx>pFYWaBp_M8V)w~0nnLybf9+vgZIXc$ws8)S?)%d+uK*C9~KxAd3a$vnp
zto<Z|UPPw%kK=bECxI~4u<oHprPdWUU3mK`%wxg8qa`_#CCDQ7Cr9p9?cx57Y;E-d
z5JWdkLY|mfMf5*Oo%0PZ*GaxdSvLwj@=Vgn*Fdp6B6Q`L7RihheeB#1g6-i(#`lNs
zqx^q_$Ug^%=XIPIHKCLbfU_EyZO<eDCdz)zhZi3Q)rfmx9(hxwJH8&F47&-b5P=9(
z{dc}f9{o<}-&g=sVfw2B{h@7v8q{NAqpaCIKDUs%?h!YSjhuuJ@Id&*Px^+JZ@HF(
z@pAVBVh1dv$gD;U<UaeeG(m=+BbU3@jY1mhyREo~URpe_>9w$buyx0@=~yB6Sl01o
zEoJxelwa!FTH0GI^Dc(fTDX?wl6Gsz?k7m$`S-fH{%Ml(cRnI$kK9o@ZJ$+=)|o?W
zTUZOqbPZpb+RnbJFd2c_+mYN0;OQxj_cM|;OSEB4k-o<y8Qpff&^NE;Y}dwHT;GJx
zX>ewF;=8tIuD;;-I*ZP)2?HGr@9<~x3czS}t9`x#=`hk8KPq%_;rEAC<wD0J=-*r(
z7XL+KvUKmW+9cbpD~}CRetc{na4X{LmT+7AYs~zu^|1<E{Lw0Gu<3-O-OkHQl#jbL
ztPkjs?YTAk9AR-^O>G5NSjsKYRodRt-DeKHtGBw@zOpWW4Bf4Jf^U#3Tf%R&hW%LQ
zZ6vP|EpsyqSe*64D9RM_W$`@a;)!F?_-=)k_3W!caz`_z<DU>0`M%$vu{$%Tu^l^t
z=i;mKpswc%k20L!p`E*?7S-9C!KII~=>tYZ;Cx{GR|mpbyl3!p2z|3ZCAHjal&K?9
z_UPFcVfCH*_XK)-`esgfgr!7vFS6gM-01{zRr>JwqS~I`y0hoMd6`Q<6A?-FvCVcj
zz8WyhS89yB0qLKem5SHiKu7dVS|p7@!>8M8HLBPpx4d>2juqby-^@Gd<yisUn+W;2
z6^}e7zazdMN;5gjF>!*?pB<dfb<GXCUVFCtQ2d%1V(v^7h@WElp5RCNh)=q+yU;B)
zSvB{?I1-6Gu5$Lpd~W;kmI8c<dwMCxCgNmST~_W|ljO`@hG=fI_2R+9>7%6pgqXfr
zpHp)Tmok|kf%j?lm*ohktL}GH#QH?;UA{7MW5W3x-)lmQ!N1CtY;@4^Tkg*{M9;TW
ziGoKLX4n66*o}CaqHTUfQ<q3NhA4Pf_77#kuYatSRO%&@Z=dW*gesN<*MFb2`ngL)
z)HeRg=l<idVO1D(<U4rm8cF^GaP8{AuUVzSda4paRBTwtp|8oh!vAFd<6D&aA=8VM
z(tAu|_q||vjbct5X!E|e8;7=y68ApcEsK)NBbOIheqPZZXYkAmQXum8Mb*L&VvN+A
zWV%pXSL%8$UifU?+yiOyI`#GaHsStlBO<vUHC30ACSvd*HLcRRh<!OB8hq0qqaCwx
z8}bRg!{seLU_zNa-|J)KX(+($qwE;4m^Qh~quSD-OVgNc5AilF+=+UX)6L%r`l*8F
zK&)@pg+09kqqb*EDyt(7Zp)=}YB=`KduC(X#14unl?bsRp=h=NGtq$JsJ`FdRf3wC
zUGW7ZYRR0StW{g{4=U|j{wxbr?33wj{eRl~&ZwrcE>PQuih_<v7f_L|lpq*dM5T%#
zMUWy$OQcAEAf4cdhzdvvEkKCU5s@aH5CH*!gbdvvMFbK<hX5ggBro4Mqu*QW{e0!e
zoBX<2_ug~P-Dmf`&)(lR4F@yKLwiOhh2sBu6&^O_ay1AVTRjLZGT}+Q8=lZ{qz2kz
z@N+vT0*g`YP>e;Pg+iMQi_!{`%eO|KJvs&1^x30(-Ox0<Q1XLQPu|L#5lBf|4|Kr)
z%9*%lj~}tNv$aZor-hmvxdeW5+Zak1J$5LUzf2!>58FiyG0|S?NAqPMODrx%h!{sn
z<W6|r;@J|)MxDHH>CPR;Z}%S{K<tLDfu19=)u#)K>{A|R`;>S2es&F8G81jF$5*HL
zpFfM6!S1>_8`kLPl?q~R&N<(CrF{GR`03xfTtDr9I&m#9sFny?R?e2pr)0F!pSV24
z0hJNcz?rvgZ7%T^Yl?cbxV3Jt98riBY1yB>e93O^tbna(BXe)aYh%~Kz!MRBpFJ~v
z@TTC=bda=Z!(=Ye=Xmtq#N@)FY_r_hVJ!69LdTAR%5A8HtoH!uW;a+zVVA$>(tPUr
z7wXF>nfzNvjh>#XQlR(JE(pku8b5)yLGN4~w6%R5!FbW-6w$i2ex#RLZBkcMf?Z*2
zB>uz9lHmu%Md78EHw&|FZxLJv67C!l;u8+wFFce-JB&ROeLvG~4OoQHi8AW5q7>O2
z;nFo+WuEHTdj-BG-Tg`S_<<?$Q^%vB?~eJeYn>q|S_8SJ*!42uCqesVhBC0M!_jtG
z6R6X*PT?J-QhuA2h|Z-{*#XfbscNOP<?1`!SQ_yBd_1<f&hN^V<EP;DIvV)yM~|{+
zz0<p#;N9>6mk^IX8jMr@OS*bN*nHmEd^Zmh{cW|Etn(qqEe=V1Iyqnjuk7;M6Ox0F
zls)j<5m1KD>N)QEYq=IlE=yUFpU#+ds~n12<$?$cv?a;}W6PQ&gK1x5rqrSQD{$D9
zR(*X}f+HKBa>L}p1c~Z`SVEl+tj$^PU>uCC)0t-B-7`C#exfGxYJ~50!5G**<d3C1
zoe4k29|AF|;PQ%rcejGeI|VG{YVKs0tPl68Y4*Z~NJTPm@>sS)@8PypgMq08nd^MQ
zr*gZ6ie{9#ho;`u;Hf&8){ZwLp%}xGsaJeAzoTA07kIU?bfqtJzkbLc#L&}^Ufpp8
z(+@5Yf8*y3457~|FO)k1K+MDO{zwV*asEQ2Q*jFl!UA(oe=Yy`S&NVnchF=#8~P46
zkTO`km(Me$=QhK@OBB_<$m9wSEWLT=lToN5@!4bbwd(67R(Xlyus~r%?W@(iSkG&6
zOQ(Du`l~s%kfss)rlCFno2F;8!~V~;gp?NxXQ@zY39>9@He*_5=edCR@A}7j%-d`u
zKS)HA)M1}a_C1Yw>hXuEyky+I$5##0Obx4`kzG}i=W`^(KSS?cIc_a`@Gz!7!<lDO
zy<AhoL~v98<4Vp~k+clEdgE$9*TDJ-5wjN3aH#+;Ktq)*4}x?51UUt=b>fD?4HKt^
z*3CJd0^YGC^;e%WraQ|{jSYX>(X*3~8@*E>nniR;uPMj6JXm<f^2NESIBSUk7EiCu
zQ-n2V4uev~6bsD@m1|6jG+d~|Qe8z6Qhp{{LVmSP_&#U!JZ>MX<7|8<Uo1*)0&nAe
z8m*H3@#ET)e&WRi%^0^~A%60U*|jI|l{j-zMD%&P!3W^X^M-(R(L%C@6?Jb|mLd^^
zKHjCg7Hmj!%fc_UV|At!3L@XPFQBSpLtYwe1UjwH-@9H0xYl%60?(n6a|8+GM-!=t
zz*?T~JklI8y&l$ht%!$9(W&B#Hbm?B^O=mb;H$~x=DW?Otuq{3dYKE=COkRR)oE@X
z1KHz$=B(W6?jue(klg~-MB8-}CN^)Hc7bYkHS--ZojnTMD1B0zVO??GVrjt3+Ad*U
z>G>nh?r*NY7Bu%Bku?on6b+)pyL>Z3&mgq7Ou528U!^|t_juY+k~o8Uz{ArLk`VDS
zA&>~viWEt%mIVK)>8g~IXz^+?8yxt?*ie5<x%bQYf3_!|Eh*meO+Y54r~%Ht*uIuw
z6Q(T%66)A@q(*IYIkK&$!{f;G4%kWJSuvr^cZHSMMR26<nz3U?Q{{#&_6|H*lazX+
z=)2OH@L+3a23BH9@S7Pq!aF)b|3>S2UnFw9JJE+GD%`78Uu}ZnJHcOM+X9b87<g&z
ze4{Pa6qV>7CQn>+6?Ta9jiHA=&u{9gF2~NwlqpZhAYKxHn!U(|#w&T|uN|<R@u??s
zyfI&6BSHCq+vmkMDe*AUyNI@Vr>qBu%#T-7XA?xB>azI}jna_()ZdmJoAd#X-w(dF
z{NfH>;%3d{>nWe^H|v_E*Ok8Fwv2Va`t{JOIi&}gvLb_)L%DJNGH$Fobj7;qN8TH^
zNl<tjW?NpY3`906FkI`Ci|>2*P7%HCwxi7M{{m^WzNaFpVtQoA6STRt|46FTjXEE{
z-MN!FObWX~bE44NkP<}rPCoTcyI!xz_ROJI{SM&Qn6A!h5I`gIwXlicON0E59xgUC
z+NFk5fU#6GVl%lMyRB`%#2@YbQQ~>G{6k|XJYtY@R;SBpwbAKbqwP7vr`Zp=h9J;C
zeb{qL^}qHHZND+~pYjvfEIcXZ?x_QOy$=fu7mjzub-E@??)0Z-=-$aEI({W#cE($3
z4Kdp}_9~I&z!SqGM`JlEqPd}|=@mn(w@TXBwlYn1+v3#2)ld4}uD(|8^)519%gR8S
z2z~^nme}%Z9Lv4>ywfVi8gszNL{!?%Ica3~_VN^_+oANT;DO^$Qba5R>>i%|{o7@!
z?yGWTAwHAX-g$>ui(o$%G{^Lrw6b6FaXwGn-G+`buN$hpXPjSOFV((Qebgg4QBqd7
zvIjSC>0Q~yTXgOnM{;+D^Y6--VAL=r5guuH^$&drGK;qCUtoFW$i6mzgf-@Rj>$7b
zT!jjL*#3s<5j{D)8WlE}(*De|^jeYm88gKkVE3!>Y_L!5wF^fw;`I440l0^DR=wwi
z%Vdq|i7chp<KF$=su`YUma$dpD`#KnU_K0_+IGe?xmj{6;Ok^D#GJ-IzbmP0c6@OY
zev;yOL1XY{uGaaN(vm_}cGU64u$WTLe7UjIQ0_Uoc>PqR8%6_huZHgVg+vp<&s}Qp
zyC$&~2iAhGTijPsAAM~Hr$&=yXZ%cVc~mNWdF>!)?qQ;QTRy4auu<}fRC@&{Oxte2
z^NP=I@Y-t)g1Y=C&7?RDIr-C&j`clD_M_jexIvf6whRdWfxVo9D&;=675^b$7WF`a
zn08NkTAI%KdbZmT`Cd>~RQowo)28f%->bBw6;g^X6?p`KGwko&s~nV2Iljx7l_eW^
z?e4Jc^5Ep4-Q~$6IZx!7jNf#x<n>D&1%3Ot=by1Rf@tRU+L7|FZh2G$FnOrGrAHb2
zpRRR0FVVg8%Aw4%Jnc|BZQ`jd)*IT_7$LF>OZH1gZQgw9j2a%{D?mSl|8z+WfQqon
zyYO=oa<@Iw-h_WG>~B={|F))<z^?C>kh3hmeK>jV1mc`2!F9}LxmwGH{goQ@6T>B$
zODxlA8}`x1udX&6kS>zW4odjrQStaU2J`kiM`V$s@7=nes?Y{ZX?I@xH$G#)II9_7
zrXU@;GxJE|(DSQ#<^T1J^6vcp15ccv>;P~4Tq9ONO6#95mo#deJ&OH#D><NB2>xq5
zlw`oJ@z0wB=OMrB%H;eTeXH`nhDpz!w)y#F@<m|#uT@Ci^?&+HFZp-E|Jxvy-z^hQ
zBm+ZoRD`nq`~ysajw9xP&Q^u}InLll-3GxE2V19HTYha`{t7*-4Vu%j(bVPL65cn`
zdN^wOiBaa>;|ESeTOjRRGYd*b8{qCQ?J6HJ|7*`#Ejk*zB;vD~B>}DQ?Z?dJN0RtY
zSio7ZijeYm+V>nWSU_mj4h^bgf8m61<bNUA3TdVdDmFL~)@tLV177jIn#QiF6k03p
z+KTPU*Zn|7kH5MryRN&WPI%T8(bva_o0(l=K6Xhp4a@YDWfXV)G7s{dq7sf^5zAs`
z;+Sp9_nmicpIEUFt@4^}eA#bu(KHimNKZvwSFg0!+ZFT)Y=d*o`PrKDtOYFG^kE@G
zIpNGNe8wIT7lTuEnnV<d+RNC;4JK)zzKhgrgHyZ-E4V!!F+wSvIiu-i7VLMZv`)v}
zr_q@2N{)NJ?(@LBjn)K-{~Ab&W3p6F%I@qG#U=B;ZGm#!Ba4g2?!2*iHkr5E>4)p@
z2hP#M954~_foFD;%z?I|C&_!GuO@xZIuoLw`B9Qj=G588Ur~O}S27DYUhLyfu6LY0
zA!L-C2nHV5>umK(Q11YgUmDW=<Z|>?zGQb<iux%3k?Uvjjjm>bXAe9vzyA982{_Cz
z2f^XNnMrfN=F^tJVI)7{1f#0N;^WChhdua@>j7=~kDrR=n*@pi34mlH6BY*ei|`p_
zYU^~})B;RR6cI6djOuMd+kUb*#<y}CK7F&|W`>E%y3DTgtcg?rn)wI&vV#B0V5I9q
z5}wc%5hw<4omo4J-B}c?9#)^(+Mh;(2%)@v!*wK&i8wSwq?eXuYzmZr*5vqGZ=sud
zFky8W5BLrbW=xW7cDrKta&yD-$zh8@Tpv?xn*+1#sd|Bq7`L78*?!3uId;>_OihKG
zHiz~b&gg_GqAP1dKFQ#_VKR06^&u-4<xz6ZY5uE=30mU>+xn^x_ZNhkFlPZ&-;vmQ
ze;RhR+j9v|`~;k#?r&jzyU_^<qT?~8s<GnqXv3ex(72&<dH1E%Nhzas^>Gzf)p-P2
zsJRPFDDX!{(|I(@9oJ{g4VxQ3nKT&{2(Hz#Nr_$Op0>x$PMk$uQxj4a#Q<Zs@%5A4
zvPL<|pt_I4ThH3@#~gJS=fY}^4BN$~dcjN@o0=y>`|Qe0XO`tI`LDaRy$btODhY9R
zPAj#P?P?P7*4lZIS0<e5iHa^A?e63K{5iN|&=aN4JZM=E*T0&GpRjzfq{nZ6sjB~Q
zR=Ij`qjl~YUHW}2=ltW&gqUV)qSi%~;hbD;@d3@xv#a+L)>1{R_I;v0@e9go*HLhS
zS}=<dnZL-9X%}v#f&=-alY>Ch7=xz;N2qmTtA`1}4Qo$8i_l76_f&cL8@QY5vaHX2
z1kjlRLkL9}J#Jh0`$q+}-&tffyt_h&06}ZrYq346vyzy@j9e7m5`25LEY$Bo+HWQV
zr)ie-s0SaQ4`R%b&AWh!`u2&bh@Mo_Xz$Br&fB1n&|sWzMURziuGItBjBf0RNsRv?
zqMPA^;5PJ2GvI=56Ku^fS@pa^(DtI!vho)N#LY%Gk)~!XAnCqud}^qnSORcT<7}Df
zAQGATRgLg-F9$$1oVY|mTL-c#5k7lizj240?rKYiTE4@I?+gn{QBbIEYUt}+=n`EP
z_hl|e_>|#pu|5d#_1x631X$(85)|KOTJ^f;5_vX5k$YtH-3z_Ws~N}=HA|nhTf`%`
z_-ZWnJh?u{Q)8Uu4Sou)Ha_&k{0}hZ2qr_}=A*OGE>YGPLN|%KkxV{%@EpS+LdqlQ
zve>=?&bVp!2~%$GZlBrn_-cG~s+yuWYCwCr(!nb!j_31or^$srfIa)!`h}lNg<><u
zaXaNX=Gn^nsS3hBG)_Q&(|vB;bW^ZpirzBy%=oqj)#kow4bo}SeQDZqL=5!Wdgp?T
zy?Ee<2ZE=b9VrNkyn6g8-;opjSucf;A7_45az51d?5dSyIN*iE*+W;4%spGp^5Cet
zt#$V1ki+C1#o%o>)S$ERYpcRL7f<M)kfdZ?cG$Ns_iD6V-qzNbgu<;X+X73*IW7YO
z2iv!Z<z-mT?FJ2XGve?sxiSF4aKPWc!3O}`tTl^?t452lqeMnD6cmP@>3|UwiC1?#
zl&XW{wQ_v7I=HvEuJPOJ9oo09B~7qw0cu{BmS!eJltcw_%B{w%4Bm<i$0fkO*&C_c
zV|LtlIjBZsFYS$u->1tDTc4#Zu7tA@S6iwDH4e$z*eN`e3x61JwOq4<GA-onh3r87
z{u3vXH>P(E#9XkpE>|9Xa~%HNbFjFrZFoUpq_lY|bShg?=+C7s!LAi6l9uF=Ylrq<
zl{mDo%{WOyOi3_1iF73gAcls07J+}2WKa56EoM`x87_HxVTHOicCQ6H1Grq*X_u9N
zGU*-{F5Jq@_N`~eF~!~sy!(@pvH#_NQQUm^$Hp&@dKOPDk1q|d*MUXt8_e2po>-F$
zcgb7vA)a%zV`)M&tzsM{Qg<k)XyWayXIIya&{3#k-+GQ#*9b?;<bOuKZrz(DqFBtA
zR>F18l%{rB&`oJ`+Kf))J8(*_Adxw^UrpUE&R7=H{%|BAX0~<b?brniC{D$4;+|Io
z`hDXkRP=mIOwdmhGr}5+S5K?x-f;=s<UvcxCggbgj-z*nw?+7S-t)g(>xKj&A6V(!
zL;4w(T-Gb9Y^BCSybF#WJpS~z9=z>xcxX&PiLm*e)RI#^6O{Gf2eAf`V?|a97UgEu
z;~o{MSlRr&2b>KB;n0Jv9fZe0gpCMIwP46+^_j`j{Kub8^PcrS9u9kO<@KN6=9fe^
z#IUn-Hj!@CxAMpCSE~-X{K?#+UVQh5IM6P`0@J<dfGEp5JufehON(8pxm5F0|IK&8
ze(ldQpbrcT7&v4i&R=^;3ktz(WiRCcI*p9CYWHw)#AD@{%UaJvpQ$^}jppYWf7&4-
zAM^G``I#iQ5SM|6WK&D6O5Kk@W4%mOg!)%_jjBW+Kl3jzK66?H*Q+{z`-QW<%6C8h
zm?4pyJ<;lfq?Z)bvFC3ddZrHOW%OBeGR2~T-reM=El-7pL!*o-F4gl2H^0;RKJ`AF
zA71a^9|`Gn`!f%HU3LD_i|9uRHw1IgfESjB&c5K3K<UiB`N|P`>*CXoQDWqi#h2`@
zTF|r96ZU58Pw0`p29^_Bak=l3>>c=drpaT8SN->QS3v{+h^~Be$JBAS;;gN)Xo67o
zX;^*Gr|x?uY1i%)|Cxz|z`-x<3QS4_8?J8V&E=E1v>5FI-Un^Aq3qBE)3R-tnehNf
z`IichRS>TkrZzoR%C&lDo?SMOX?r#jLLf^VI^6c*>yG*-#@$B5lWOM8TEaelF$D`n
zHr^@gzcwKWYp;9s@gs?6EJtzaM+&Z0JC79|Ppb$?tMWr(Fy|NRTr27S#oR`51$kIE
z-7C&MshZI|d_5+0nyM4uY=6@108J1c+5Py@Rj;(tG9o%m>gSzgcxxLvY~Qc{`Ple>
z&60n1;$KVemrDEp+?IW}`dVN%#59Kt+KrKrIQkgdmCf?2N?}dQ=d|d!BuATEnEKXf
zk+sf+jdn^~3{NQX$_nU`og-=4Kpl%L=?#!y@`D2E<&q?1D+u*#kGs0UVi1#$F5@|V
z1FM4S07Td*sU!t16#I;-b?$~`m1u796~TjvMIRwt-p%273HgdUcfk)UZ_>#*i&HY<
z4~bvG@yj7sA6#?`9R4r!o(Tw9S<O0sZObtnpPrz8SwuSDqw~u{tga!Ne>5Ee7n)Wl
za6<hREiE0(wms|dVdD)0|I-?c*vD6d-~fH*HAfvMvfJ@%R)s_lb9n)Y8-l!Cv)D(I
zJMmhC%f#^3nVQr3=CMe53PJnV7aB2QLI|r_obb{{-%0;hpY3MV*$kl@fQOIWaK!Et
zkeT1-t{Uc?j|-I+&Dj!6a2?Q!so+$i00-7yt2qvH3W<O6PcFcFO!pf7iGsplP8P(c
z(KG`R*BIu#ggyb;Thph)88BC?Fev<kIW7A#{&4QuVe700q*`iQLbj|HrLqpwOVUj+
zN=_o5;|UrGQK1ZE+vo2tuYC;BX9uS<CxsAvFKRsa$(mNZzg^S;N(<${0s=k}?_K3^
z-M1>20N09cle>J((p0p@oM-CI(gZT>9ABwW{QU={`z|h5Dowq%zIc3A2w|Qu({9Pg
zQ#MN5f2PATib%B0tT_vXCP^O+EfPKbP{{Om6$!bK?>PJbBgtcy<B7uW51o0UC8w;d
zNmvX(_EQc^Pl)Al%)hxO=1HE_`0;VoIhp2qryON1&2Ovqz4wxT=l2TWe-pQ5MoF;D
z9aH6w<yJKoNYY+L`}+pB(JxC$=ihlZn1d?1tGIpxwDpVgGA;!ZRz)~|0CT=8nTTU%
zL?W@s(aF8h!8w$5WJ&!T!a1P~;<V;VePWcIJSPM^GiR5T`h~YX64UO>zT{N41n8D`
zpf5VzHyti1RF*DBuXc4ceRPhpXKUaWt^SA_O$ga_K_Moe#h#14*0ZT*<1<B`#JdYm
zm6y)|Y8`dvHg#8A!c|<LuJKVz!ZslEH<ISGIwyGl{p*wVnTvk>x89oiZ7!3;1H=CC
zRK7Q^Nt#2Hhg3c^j0``4iK;Mk1tY)k>P#~nV!zRBG>Q(lFI{47xFx8TRt49Z!2>_`
zuK|rXW7OVhh9?kKoC?G`0_t+siej>|&0Gc)qzPx_Ml<Xi@K8{LQIq*uGyQCD?AJBw
zL!Osmao<uz58bdFXDo5-$_*OF3>5WwyEcb*@>O{{hLc0%6_O#+&7s@p6=`Nd(z3QW
zh?C|X?;8SXd(q=}@<m%$?;~P((G`BaZ8Cj_VsDShKX}YM_mWF_xFIX$3%BYEp_#mg
zVjxG?2sS5QX|I4^GskDVLtCyGFS)n#GuI=TRXGXR)lV_z#u1uH!L+!5p}EcK^2@|2
z7qDOIf=xO_)%c0-m7Hs0R(I;@vNvECUQjYnWM11Z+Ahptd46zK06(M{tKp_1HmC`N
zD1DMW^;9%FJ8AZoXW*Ut!x@WOGyMp%=u2+g-G~omsUD0kX2H9RXQN(T?=vs>C|<&f
z@RwGP(|57vkqm>D$;(na3l2@NgfG2-l+xSDDCj{>>7u&BQG42+N!)lIQ{?UKT@mV@
z>5^7O+dY%uw0t~Wb9@_rn*WWmy;nkT4Yse^1w|xjkJWs03W2)5RI5Au_>q#_?{kOO
zDth~R1xzmB{K`)zk@w=Gv&QW*^UO_vUqbrwYVHP(I`!LS<XNMoC_by-7o@!dyN+MK
z-toKh9^1qdMFORf*i?WH(S2u5ZNksEa?E+N^R#u5*Au!dpUB(shMsYgSeLQ6O@#DY
zaj{C)w@WB`h_!rCGn|#OIpNwVbUpg4dE%cFIuZ#dtAZv2HO6O%GhJF!8hL-(&9-8)
zOdtkYA@!a8B<_(n$Ly9wR4@GUt`2~P!pgTVjA)F9uZn#8dcxiS5+`-dlt(`sC0dEC
z>q2qS8k9kLuPq>(ll#HnQY6fTwz{r&>^lKmqYFvTC<B)C!1jtjZBdo)C>7yjhItV$
z2~xAVNnl7?s5W?k!Y>__;eu%&U))y~dflT|?;$nAhaDGHebFW@(+W$y?w&b#I&*kH
zFZbxVdAtW0qM2xVIYLuOx)`_imD=>4>YB4l@v03w++9Ji&AcUYy1Ek6B@;a|v=26T
zA#+Z7$rQEJzLz<3jYnGj{_u<Ik!u)tzQT8_lqk)B7bk0T;2nrf*MV+XuCV>fINX3E
zrYj1Wq43G*X~g4V!!wVybjTZSAKlcZy<v!n$qcP$8IH|;OPcB#rO_KNd4z0w4jgTX
zc(Wac!s{4x?O!kM*{#tWzl&<QgUlxQQQ`4^nFxsN4E)OLJCa8kCQt7+7AaSEoDAe`
zimT3ciAd8#hxgPFpGDaugw)rzOVGC{p-o}lr?;Nv{f<J~@)s^#mwlfpBFf8^efo6&
z(!?veYnb^jpE#q5BVf37j}K&E+Q{sJj<&6X_DwsYr%`{3yaaxU#OE~|R<Fqd`X5b<
zdcDO=PJ5>$p8WkFCF?=DtG<W+E$_-ICHz9(2?R^1D{Ajt>tP5Y?$u{EFgP=mk`0gK
z=-vJ;ggiwSm)S+0SLbh9NH~jjeO#Sb-PxO<!=dC<Vu-M9G<@gO7tBSvTboR*(f0vy
zw<~?bWmkCQ>c+P!t#f-HuVpx=-OaAq5pc4L@32?DW1I0>SZX%Uy*4NT_#DvL4oj}@
zqqDqn$}ptWMHl%6rK5(5j{FF7V^N4`P?#j}K#h>kL{s}_wCoYxE2Woi9-QrxhWcax
zbXKZBhRFO|$h)MGGI!5{SRqq}wwjaH^zeunIgjsg;-eJFD2aHXgq@AS6M2`PRv3Cs
z3kQ|sEiXPDf^L4E&~XXo$3`?y-urOb=!_9Da`O_~l{uYdlafpV8fl#oiyTV-nJOzu
z+20J=#y^wRX0-oaRwDau+_Un1D2fAAt?>7q{YuUO{vTPzW^hKFqBsUDIAZHy$Fa)J
zh%Zs+=k~V8#lrl#e-n=7HYr>3Q<{eb2bhEhhMtfwDnwG=%U0cBk+deSHnfhn{f_Sm
zDw@ppFb_pj$n=f~EVcbn@$nN+_v-Rn9Kve9Rga|7I+*+A%6>}&XYozRHalCn*6xm4
z@9cBFen!s0Tl(e|!BdB(OwJzi*DtcyVyvHNYEPteoaZkTc|w0SVWSA7lic^(Zjlzp
zE3U}O9siA!X7J?9i9|TLWHMwR;HpMn_rmc5*8-iiX4l5}XNp_LQ%iBGZ{iZvZKt%)
zhEQ`PVniSB;Y1l_jvPL8s4Y=qdol+<6|U=?qz`#nU^=78b|^L-WYo+3jDGz9+)bfl
zY9YHtVtDz|w+ej&GB)>XzYO*6HMsVP8k<^g5N2?6FuP*l9)-iu><=&S1{t+Hf5OQ_
zYS19;T17|oKU!vKAav0RG6UWOCBW?`&DTo=f8P^w+#Kcj^*?@wj<{Bea?wm8r9en7
z(zz3Q(p}|sn9eJZQ3-q4cxR%ty~3n&k3g^QjrZw3{tsX4rW^wjL1%L2m2Aq7vuYBI
zxI~v02bWaugCUDP5B${rc(iZWICXaRlyo~^+mWRLk@33^`tL@5vR+?mI`YWB#PGwj
z0N*x7Cx6ZQ?Lv7@vTB>s+kQACpaj@!B0uZv6>A=p&_z%yW-dzsbkk=L7iSI}8RnO-
z13A|O^bI18O)@=mmChd8zpgN|dp~^wA;iA`3@fh%o;D4J$P~CFDIJyQeQtb=|J{^(
z%kA?bw97inzpGgz=|0?P|CmI{8@#KN_S%T^*{8j$9{PV^*deb9CZ0dXzz80aQ5All
z_iQaIwVJY;AsxBx)O^(PDN|>ysUz{x)rK~lOV;}2qi)-D)tiTVE{vgm^E`8as0xEU
za1`eijPLs#%;0*d-g{lwRK-XJ?=Vv*&mHO4m};@+^6-I*%gWs7E_O#mVTzs-y%-^;
zmTQ&mT5CCTkDP5D#PO79&D}0AOgtYKvzMFAPz<m;_9Ai<X3>~sMh8h}@vUdD=pA7)
zLt_d!8`+JEZEBQ6lyu~)9TiEjEee)em3#H$_<&YCN(Zu*IAN1OS;7_y>WXsVCgE2~
zseM@&hVD4t&DYYJ>wu#NQ4lTYsK>ZWvn?hIKoMV^rLlPxp9^gfo&zQiE`qCdo2;h;
zF1rO+b&Io^DLrh$BudLR@cdQ;dqRD-H=U|Ae3b8L=k>>Ku!`aQ>%g|Ox2U$s?Ul72
z?id>$#ii)exoy@@6o_ejR@He;#FNC6A~LVci$id4-(~}*!ZCY<WsXMc@4x@*;wJrV
zB7NC+IYQ`<j=DZzyt#(7G>{UXY+ykf|8|x1r4H6Sif1vs=-t!ScKFa9XT_*E@_1}f
zl?MB{hv<(}3ETU^d*p2Li{stB-{zRFTn^LZt>*MbLSbf(zR>S1;)k(_v9?HLPtUwD
zxGSr>BE20mAsU#BjBa?Z^WMa_|Gv9F{8IHvy`ENys47D*f92i<M9F#C7nKSqO*E{O
z+aqCE<+~`DHXT@7Cr<iWj~)_9xC?HOd13PQBE-XAYctn`JuA@^#zi>>y1jYRBA=Mk
zM~M}vQd3U?EBACyJBo3-6E2}J0SApR);oU=^ov6jP9owr5`w6{G>Hl4f%`WhGi?Ck
zoea~kkW2E_GbNCWzG=rmUd<AMf?MGxD>c>*04o)sE;bCC)MU!;pcYqja9dmLqJfMR
zh1T8aO2S+6Zo?q*!6;x+Y__kav|+OX*)UgNQX|q`%=ucB=+RC9r#n=o!FnXj2Pgtj
zQ_<`<G2eo{$0ATn#Cwu}$`|3C58}AbyCvD6NDXewvY{S04=tz)!<68q@eC?@d8opf
zB7Yap)4`enXX<jcW{FyC3nZm%LNsVcC{^!;o%Rf(+EzP4!;2dr<Ta!MpQkr#d6O8-
ziK8lM4XKv4BA`!SHmw`;tVvy6lgDZ|O>SP8!y&6nR%jMOB1lJ_)YOqCV4aMLPIZm|
zyc|VbQ1@p~JBPNLzpy*EM2UWj)<`9G9jhxYxD<9#5u@6(T~;Q#sV{`S+e@4awBv%=
z+O8C6zJWM5riLcvI}*0XEk;JWEKAKGg|=p8YH9R%2zCB*fX{ey)<pZVW~q+4J<|3L
zp@EKkuhX%Bikx>Lg&Ks^N2F9u_Kc4avo&jyODaQOkV=|Y*Okf^XfRbnDUx+ni&_pB
zbaZg}rHVEvhm#o>;jJU!$iSHNO?@iEqp~-i8kOa&Q9811vwQDEq(rCI@C~-d5&8-z
zyxo>@bghVS!UPHtXVJT61d@lK@!al!I<ZB_9TCE}5^m%ol(dZDqKu9qQKC0IXKXno
zNjzOoHbksAn;z8bgxJ7*-XU)6Xv#LNEM9Q%lGMvXZN`@8YhTI|2@;#F7$g+S3<zf7
z+U7$|FCdq=f6#~1({BR>H|7`&1~kyxwxwy*E9qM$LZdfj?i@PZy{Ajmsimpgdu=;b
z+kaeog1SbI_&Sy#)GO`Cwjnt1p|u9<rts~f*mP_-75+5uc{ZEClEK0P&o5P(&<~U0
zzH#n7>uW1Bek%*-2=vd8P#RsFNmr(Yku%#D9ay$4>>!(}(Q*i-EtcM14oXKRh-I(4
zcK)`@wB*w(EG)DrrE`h>wbE6|?TxTqo%zuYLJ$w*p7-t(n9c*4-M6}H=g8V%1#~de
zY!ipR{LD;?9Ytf!)-&t<;NvSG)@R;?x&EDpRUuT<mnz7D4*GkMyhZ2~PGod>wnE*w
zS{pr=I&1>p-J>)0PZJCs1c4t;5A#lBa;Z~$HDgNDyDSuY0yGVPl%p2n=<ZHS0{I&Q
z=Ss8r`zT#Yc-x9VnGEM14u>;&ninXQx%mSB_;l~axC=Na4EX)%fINcn*(xoazuJ%F
zU|NQAcfk$3`>_M7l63E|-Suw$sEwGF<ud#70>{$Za;&sG^QU?JVPS`*jm(EEN{1~<
zZ&QpOP4S2A{zYjY5FK$-Q%~*A;g8fM=33vlhWl}J>ru}wPV>XResZS&9Of&&JpFeO
z!&l#){9VBC(TkJ+6fgYu!T&qp@d_W_zx_b2*Str?=mlTR*$x}+SBf8Y2q~N@#kt!%
ztAE$%_&{Exv_oydoN&!{>HKzau3?$ASsrWFL_+LXXv0n~dM=%|1$bjNx64f+kFR^r
z-Jp%sj8c0=XoEN9<smuUy=G<b;cI_0<Q5lnOH^Qj|4KZ1R=RFWXL~2t(A8UoyR-;4
zy-QIrt+Uv%fV@r<I>trWWC*={p=!SrcPZIlwWpiKX`>Mc@Z6{#7oT-aemEDvORK`v
zq$1t}T6~vF#d!Wk-virt@NVEsSa9&RvbY#HGDx$DYa*OU%jtD!S}V9v>X0^}RUdNR
z20Dp%24+DVx1+M}GLn6Mz3we9E>MO;+Y;LDXk+qF-Vc`Y0pB@onoO5Pbx_1L{g$^z
z*tzdYLFG>P_%JRH+)Kzd&DrknDvKYWUjflmxoSx@WG5Uq6(OWkpM+*_OE**v-n8Wb
zd_PY)O`2R<XxRLE+2eh6=rl1qQ{+Zj6T-^|I@_uXiZAKNj#zf!XN0Y=-la3PO{_<3
zESD#HNRvkTHI=xs?7oKhXjL!q3*9JGSc5-vX?$YA%}Oe2CZ-{j5<_g!&KeXL0ad(*
z0WbGpO0z;LA~JOQIfkx&pSJ=em)`fV*I99gcV%u1#RZ%{hR99Y!d+Dx83ll}x0C@H
zy+^si8d#)ZZ*iI>RFO13X2l~mPT0~_caPA5$%_CnwTWx`N&T<VF=d(!b(r)SQ^h<L
zSz*`zNT$wC|H8@B20bdwWoNPRCPY~b7lp^bsQ=T)abr`o4zph|Pt<*7a?_z{M`A*E
zAk(gg0wb%WGsh>I(I`w_z)pJ{M;Xb)4RkiVReV1fOpADVP@32hq)DsY8W55!qZDK#
zFT%pSG`phg3e(m6r*}O&Ey1db5GXZp*;@za7nCuSh0L(Ul>ioy4=!Qff9Cyx5aEA9
zvevRx+8q@qOgZ%_!iXzd2)>epn_!nWhWZnW6If*FXb_^ZLDfc)G~|%XG8Y?fNRqdg
z_Q3O2uPzc5nrTflL-vD2P(3<ohXxxGDO8yEfG)e=*<ormDbtg-HNK0ITA5{w9H2=F
zZJDk6E?93Rgd#O-HsISAVu%faz#v*+RnQQppNUE!L{mECl9Oh2V&%FdFBF@K#s*&E
zP1uorVb{~IR8r%=((33KLLt7z#YN6uILc)}Y!10J8WdJSSe(0Gnub9wiEil|nVT&v
zTk~+0&w4@9lKcGLVK?pGJ)o(`_2!GZD=7>LV$mps0Ck|l66qZ`037d`8+9TKH}S#-
zmLOJAMoG^*91BUNMO&{|oPFz&UQi6OZh09zl-+}bSOb);XTNUYo9U$CMR8t>Lfrk!
zJu;i)Em#D?#u49<8u+3Lu`@dP$qVY(+vlv_US$}uXc`E%52>$1FTYBgGvQSK8jj=e
z1@@L#2y-cmlbIx~m*lT%EL>OB5SAg}6s{(J61_$^{9|*r9ds;9<YRUk80{;hz_mV;
z5ub9Cyi2JyFo7!Nev=2Q$ak6W6{Rn{43FB*K{-vzRtymMxetTKXA|oapYx)WE5p^W
zZ0WLQRvvnGENW(`Xk@)6-4Ty0&==mE9VzD#6`gC1f_K`NnZ!wVq2Qqgy#6bFfjM@_
zzOUPX7cp>P)=nM{9ipb_=wP-5CDk}N^lfqIv#L3h(!KV6Awit^)mJ@h!rHE^+hjNl
zNC_C!{@fGqRp$>5kwVmja?~8^B4zU}-mGwOnY1*@zGzby=uaL&W#7HqvppmcG}V|=
z=i^<dX(H@8gS>yqG9`~sPeqRU$ErO~0*p3NHa<4iD}l$Ap?WRN$|23R`Su*;s<T52
z)12K9crJ!kK3AhY)wkS-8E<^34oUAj|0T$OZfSw2^IfV&zf*e51Dt`HU~Vv?^3}GM
zQTo8foxsWZaBbd~hz@|_Y;^2`kPillc4|bH*^m0ed}Lz@Z)Z<Ba$2SR=eKIVE>v{?
z<p4;>ls$p=bR7h4;%<bjQEE(7y}BVsutw(Mg!SmDZg~O@OpZsBil9?w5G7pqn)ypa
z!jmaGSB0hSz)s<n**|lw3ELk73Z)Rv<<w8nUP$1kw`0VzRS%cVdL1ZIJ`7`SYRaRs
z80ha$HeFt!S&m2pv?qG*D;e6F6kf76BLaK+MsyiP>4QF_>zDP)P?iEtJ);*DipHBz
zqwHmYhRQEDAT(#OjW8q%g`;zuxwG@rId%u9A~ZlQmQQw2dyHUCyUb*m`b>poOjelW
zVKS%$Z8W4$p#Z4W6Sb80zAKrA_DsoJDsx!!nX5p*C!5U?$%^2T36mtZK&Ht>lhd>L
zUwT_7b$K)~e6q>@8F@_1VgaIc863!?AsZVCwnpRS6`gP{ObHvOosh};O(hI%`C)cg
z7Og65=q3h;=ziXvKWfx3e52I7ciKprHz>$IF%=h4TmD01+_NpJW50dD4hh0!212Cm
zd3gW|{}H?K3^H-H#<2PlYHrvP`9NKzvLZtrs$~dCOmV0G!3>Rb-RxFCJ9aOQn>?)n
zAhYVTF^($VX)1y|{=Na(&bCrf?GBMk(haQFgFBd+IQ@3X1YWFbbty0?^jx*2tE|WZ
z5EHCj7g%SxwL>||MOhs0=Acy1aM%~%a)L$arGesji!`HyOpf1?A}%&t3@|~03r7ia
zCEP`TFLKH6VS%B_?rWbENY093O<BP2G=!bz4G6lY1i3a8E7^|Fs*gAib!<t)qw+R-
z?K1IpJ*`Ua$hc5UK(FJ|3B(4MQ5mtX2U%3DGir)aOQJ5wH?%ZlO@__UBvGd7?dB@q
zm&uHUshvMHJ>C9Xz|eUAKJ@=cag>9CdJoQe5wMBec@xcRgXp=QEw~S6Q(sCNOx;By
zRYAT1bjSJ&TzN-h^12MhbJNC}*6M@9U6}{md;C)p4vgg*Vq_+fYj#5x;l*ZHnrp;a
z5i?Zp*y3!MjZCkbx4+I(r4!(l%8Is)ZJJO^H4yqDH|^+7Ll8B-Ib=pxr7|0m1I(g7
z57o%BS!Zl6(V{3}qcR*(uvXqi%Ts(;T+lCgBjPjRl_<$KQo5@>I_{D%W#z%#x_vr~
z?5u9tOJ4s*OpOzWX$YYkFE0jw*1zh#piLRsf|Z2fvzm<IuFcBsw>cqFBGeT&CB;2y
zWFx##hkopD5Ma-vWy__EUWAUtE&wCf0>GJi2T>CaP5$TYr8%v;?L6b{UP$ISOE=lm
zsv_T~b5L=8wRndPUV#TltT1h`VHp#cGSP=zXogr#?kBgVRJ#}XqWPnWD#~@qmPMxS
z?zO1=G$f_ueI~j&?7@n!eBJT`@XD&v7aDYyL4xZWd7fM{Axmm%atWoZ;NGE}?79a6
zv{4Ae(H;YRjbYPL^ZZW|J2ao!`P45&ZLPlk$*A%AQ0=U+1fFJObU{tF6VkM7(Vg8l
z=g?A{+FF6@pLX6#(3Fj}6FymO>u7J>q=qx9L-&UX6c;%{^R2_knq!R-7ihGX{`D|*
z8=nb+U(og^yq%EOB}@6_e&0k^1#b46ohgd=X#f}eqAG1`-C+#9j{3V4m(yE9eb-8p
zr>m_4Fbn2o-w@!X-o*<g%?}qSXkin#HmvM6V}Qbe)$}bh>XLoDWcvnahJ{T~&j~C=
z<{Cboz&J2FXfPVX&M|nCXmFN1b80iRaKxtCH$pS33!~Lcw`PH<p~5w1=X?|W{k0=2
zDst#fFjQ4!MizAU!Lrl40?~~D3Quxw5`C@)R|EF{?42*uNLiZdCcrCDp~^kJe}+lk
z8XXXH>Sgq7E{=aTT?y8-QDolqaq`Lkq_nwZ?3kg0rcq%@qzwyGLTz<Jr0kcjn1+bC
zB^<sF+%Rca?PvxRcB73HghLj}@<j_rg-Fa>I!Q$2oQc^uq1zc07Bu;ZSKQG^J1_2F
z)KSoCfTgXYUEdIDLQ88IyhB=`x02>mJ-hE;Hg@&bRs=oVvW&3*Aq+kUtW*=WZzl7V
znBgEZixixhYI3WQ8b{E_Pq+p8o$KWu^cZ>(cMub>qen`&RsmgNg+LjtC-`P;?|%6-
zJ{#;QJGc@!AktE8wO%ylS3km0{fJuBA*6z7jio#nMO1ulbyZ0kV=i1~EsS>pebWz9
z0nFf!YIFgYw-BN7fKu{0ZqN&fybp<pI9I(?$(N_AfifM)#xn-IJv+h{E)*%NA*%_X
zEZ71!^8PSj@u7csKt|q-qkau|Uc7HZPn%n$$RF-1JF}S&^99+IJKltbYb@NLdZ>E}
z9c!cn7$7t4KP}GYt+af?t$X&NY<m}j0eVC;@~kA&#O<N`nX*a)sC6%{lc*KJvLZ=$
zSvJ#Nz8s*Wd&JcZGFBPHzX6p_8YFB#Pz7KDr3k9&7DG~1L!K=sPsHkzYzVUr<mBk6
zWz9dTrf!DKShZ~VU#O<l!c+`93;AK59%s4i2a%eKMg5MS0?N`<i>mw?;hr$&kli5C
z3yYA7<>>#XL@PNaGv6tr>$+B9^Db$j?qjgnguD9n#lwJy3}mx~*WBcmF2h~hlH*!b
zQBKMmu5P$on_Z=r)bV_c&qx@*_7)YQfiF<0c^>^fGk&OZ49FZ`ar1Nr28k~g4T={k
zczV=IRaexe(Mv|kBeXj{hv$TXwc8OGj&4~}2d)bB)V={jc;w^S=mP6a`0nuuU{A45
zPV`)j0#Dswwq1B+xSsY&7-W5Yh2Tct;$YUI+hsXRulFjLip=Pe{JQ#_qKhw!Y}5dC
zmr=PuG{8(d-PudW0ORcGx|y=s;IKW`E0l#v#~^ftmm0hkZj!!FgKNb@XnL+X0y&Yu
zCCZ%lvKZJ(6;Sg&XNxtg^?BU*1xKCJ&or8Mg#p=ZD{kOrpXHUsB2B^bdKX-mN)!~J
zZk19$JP~_7*c8+UP%Ii+T3ELe@*ekWXaud#U>UmaR<;H*G}A$J#tPWA@~Y-U+FaO;
zn*w@C`6k3ELKcW+?ucbcM3GE#;FJXF4nZM2HSa*q6+Lq|Pfxj;F@c7sKiJHwZA6PU
zyrdSf<bZ*L+MgG^Rlw&1HTp=KPNaDhYNJ=bkYrO`t3$n=@cR#h*}n8-ik%W4O8nA{
z6wyql>T`-MiWW>QxM%1WrmL^xMss@S^Fe>>WWfU^q3CPo?^T-WlZV%I=Ph9#m*i__
zJ-p<47epu{L4!hZ91^|Mr2@caT5`OjAYjhZvalZl<Lh%s!W5xIp_djZ^TMhO0l&AK
z5DXzWJxYKi{P42`S7og20B>t2T1V{uSlkttH~fEJbsYYu#lR`)zk#{ODtq;B*W4|?
zw!e+sEB`+DFL-|7%)dzSFU|bz+54AM{L3GIFoiw;ijRMV=KtS1#if?{y?Z`D{Cs^A
zqoSh9Lj|oq4-Hv?!Qhs8=f5BmeufkIlH;@z`4U3Kt7GS#Z#fgRX@4tQyO=Y(`)(Pv
zPb)DwJq5)Mo>CL#!Ooxg@uKtM+W%RNOzRK*C?AappU^1to&<Wc=&^x?O%=h2@uI)x
z-!0PL{_T-;pTsDZt+)<i^0FgX>5)uz;_^|@23=;S4xSlF2eA|Ab)fppyjFoAvcIY!
zc~v3?)!KCs^4AbKCLB(w<<}Fir3RzUr|y1hVqXLW!{nL$TnT~!2~{CvYca7vs-7w1
z^r90%on6k>W`8R$&j*Pz89#cM1fM;G-LraKPDSnEMUlZBI?IXqa1#ERX#xJq^Rjlm
zQzRW0gcY#-5m9`Tw|1Ko4A{P`*D2LEYsLy!j@(&^Oo6h$Q{J*?Y*aL@wOA?sDSfO7
z2L^p=Zb`FANKFbh|E-sfDo5c1034sHT?@0i$u^X=5VF}8J}(RSzBn5%zN^IBNg$2m
z%;7BN%4}!*L_j1%oGM^Y?!NR*o?~UeFI1N)u5|yUns4KgoLw`^KdTp^ATPjHVt*fw
zcVJHjtyg>T0)odC#{E<B%6jP}HdBDEJ_Xn2HESedcl257PE0)(zRt1N2bxkPIL9Jj
zk?d9R$ZR}9Wv&>_h28aGVWBLEAdQ-#Sd~pX3m$`#0z>oWlSu5Rg8UydFDcCk?8&*K
zC%n|rylOD@Da(fK-onIS@${O=3;;l!H5G)M?hbU^Vb!e%g_Y9FSzkbeYA;J8h;(`j
zb!D9$zM=`FZ6L#$xQ_4{k#Z7yJ2Em`yk*UW70ca4?+=0}^+!Wz39PS_xAE~R+JVWV
zPMmOo085g+38LF|c6F+#ZKY~y{k8Sjy#V;$uSV8GDm7~kEo%mf;0=Zoxe0_x%42=M
z#+3>jYe>D3?vr0rpSISotF|)HOX@Sq1Xz}=OyQSynuLa={YeF&K5?zvq<HZN=}4x{
z6wXW9i_R6v*s;yJUpVRQ-aKrKDK5}a%XuECIa3DqL{~Jb{x!GR!T-$t+*-0Gun)s1
zqUZIhucuG3taCy_Wyw7TBTg4%C}I!D%c)HbHOw;6X6-bmnz1ScOWZ|H--Ue9QywPe
zWEyLmcfFTQogz80n^B-$D66SCJXGVM-(LakR|6cPE`G!q(r0}quvJG{qmil5h=rQn
z>U43`rhTF4F%|E!x#7rN0@bOdDx1MYFbxB%m4#a5r&T^LiA(3C`g9IvW*AoA`q6gv
z4JTy&$hg=&bS8DTJ#y8WRmWak3a|6iY0ur7gt#sdaW82DOOgP2FC=}KZ_+=-+%~`X
zl&nQzWPPgBE}oZqZ@yqRZ|Vy^Yl@}&F2}wP)_bz#l##i-g;`R5`1qB-z!JQV$UzXf
z+>wk=L>smOn{GMLycH!*-ZI)j@xBO^BAL#W6m_llq9Z||rf`q}%CQkOvp9*(>9u+1
zPQEM~gBowxXy4uR>IzvFVXLw?(7U$Q35s)5kt-Hkq3x1J5&lxKWuXVTxPaex*-PX2
z*xSE}cCL{{$sOMQ*D*F-$|ZYSr=P0D3#J+$Y8c_PQm#3XAFX)5lwa=oox>MJ6>}wg
zt_!(Zg`f6%#|=|FJ5FyUS8K;ovnT#g+;yCtTQ7Zk|HEHjQkugNySG&zbV}E`vp%rG
zHSY9aI>=CQw++Mv<PPaxAS>uxQ35l0M!JtwXNe_|(J$xPYMN}t-p*2(aMop-&DiOk
z^#@Q5ks|CTR(VlX@SFpynQrEIEIBY71_nz}y{Bo}S}-*-yCsK<@RTw9*R;+1i*okf
z8}_J%e|d+CXt*fSIVtK0FZD2}rcmj-zO&By<vQKCkxd~FMB!<|$Rv&KSC!S9UQXKj
zHZd+@n|?Zs*PT_WO>Exc)X$<SMNuYzs}l~j;qRsJUuVMAB4xN%oO)sl3_=<P@E<>S
zF6xA<nsq9YMh0dSpyK!p>|dptAKfme&~~CqN=lqp_Pk0g^iWY&PO3dUIsGg;I(lP=
z`5J>}fFY2<h0UkhfB7-KM)}VF-2?2^uY8REJy-Qf&b)gb(fXGH2UYPEkXv_(28Fi%
z>Tvmpmm@u1<(n3r8~=+tePCyY{++cV^D{r>->W@){+BRVz63sN9+ma_^k3NuMtY{#
K-(9`;_<sQG3>ilN

literal 0
HcmV?d00001

diff --git a/windows/security/docfx.json b/windows/security/docfx.json
index ceef5206ad..54f2278102 100644
--- a/windows/security/docfx.json
+++ b/windows/security/docfx.json
@@ -77,6 +77,16 @@
         "identity-protection/hello-for-business/*.md": "erikdau",
         "identity-protection/credential-guard/*.md": "zwhittington",
         "identity-protection/access-control/*.md": "sulahiri"
+      },
+      "ms.collection":{
+        "identity-protection/hello-for-business/*.md": "tier1",
+        "information-protection/bitlocker/*.md": "tier1",
+        "information-protection/personal-data-encryption/*.md": "tier1",
+        "information-protection/pluton/*.md": "tier1",
+        "information-protection/tpm/*.md": "tier1",
+        "threat-protection/auditing/*.md": "tier3",
+        "threat-protection/windows-defender-application-control/*.md": "tier3",
+        "threat-protection/windows-firewall/*.md": "tier3"
       }
     },
     "template": [],
diff --git a/windows/security/encryption-data-protection.md b/windows/security/encryption-data-protection.md
index 262ed05694..781c1f164d 100644
--- a/windows/security/encryption-data-protection.md
+++ b/windows/security/encryption-data-protection.md
@@ -1,7 +1,6 @@
 ---
 title: Encryption and data protection in Windows
 description: Get an overview encryption and data protection in Windows 11 and Windows 10
-search.appverid: MET150
 author: frankroj
 ms.author: frankroj
 manager: aaroncz
@@ -9,9 +8,6 @@ ms.topic: overview
 ms.date: 09/22/2022
 ms.prod: windows-client
 ms.technology: itpro-security
-ms.localizationpriority: medium
-ms.collection: 
-ms.custom: 
 ms.reviewer: rafals
 ---
 
diff --git a/windows/security/identity-protection/access-control/local-accounts.md b/windows/security/identity-protection/access-control/local-accounts.md
index 5a35d2853f..f6baab162b 100644
--- a/windows/security/identity-protection/access-control/local-accounts.md
+++ b/windows/security/identity-protection/access-control/local-accounts.md
@@ -4,6 +4,7 @@ description: Learn how to secure and manage access to the resources on a standal
 ms.date: 12/05/2022
 ms.collection: 
   - highpri
+  - tier2
 ms.topic: article
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
diff --git a/windows/security/identity-protection/credential-guard/credential-guard-manage.md b/windows/security/identity-protection/credential-guard/credential-guard-manage.md
index e4eb399ed3..cccf77a45a 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard-manage.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard-manage.md
@@ -4,6 +4,7 @@ description: Learn how to deploy and manage Windows Defender Credential Guard us
 ms.date: 11/23/2022
 ms.collection:
   - highpri
+  - tier2
 ms.topic: article
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
diff --git a/windows/security/identity-protection/credential-guard/credential-guard.md b/windows/security/identity-protection/credential-guard/credential-guard.md
index 6548d02f17..0ab05c22ab 100644
--- a/windows/security/identity-protection/credential-guard/credential-guard.md
+++ b/windows/security/identity-protection/credential-guard/credential-guard.md
@@ -5,6 +5,7 @@ ms.date: 11/22/2022
 ms.topic: article
 ms.collection: 
   - highpri
+  - tier2
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/windows-server-release-info target=_blank>Windows Server 2016 and later</a>
diff --git a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
index a73ef3f3f2..5d92d9dcb7 100644
--- a/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
+++ b/windows/security/identity-protection/hello-for-business/hello-cert-trust-policy-settings.md
@@ -3,6 +3,7 @@ title: Configure Windows Hello for Business Policy settings in an on-premises ce
 description: Configure Windows Hello for Business Policy settings for Windows Hello for Business in an on-premises certificate trust scenario
 ms.collection: 
   - highpri
+  - tier1
 ms.date: 12/12/2022
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
diff --git a/windows/security/identity-protection/hello-for-business/hello-identity-verification.md b/windows/security/identity-protection/hello-for-business/hello-identity-verification.md
index e1ed3396b6..518283865d 100644
--- a/windows/security/identity-protection/hello-for-business/hello-identity-verification.md
+++ b/windows/security/identity-protection/hello-for-business/hello-identity-verification.md
@@ -3,6 +3,7 @@ title: Windows Hello for Business Deployment Prerequisite Overview
 description: Overview of all the different infrastructure requirements for Windows Hello for Business deployment models
 ms.collection: 
 - highpri
+- tier1
 ms.date: 12/13/2022
 appliesto:
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
diff --git a/windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md b/windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md
index 8c3bfe995d..e666aa4beb 100644
--- a/windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md
+++ b/windows/security/identity-protection/hello-for-business/hello-manage-in-organization.md
@@ -3,6 +3,7 @@ title: Manage Windows Hello in your organization (Windows)
 description: You can create a Group Policy or mobile device management (MDM) policy that will implement Windows Hello for Business on devices running Windows 10.
 ms.collection: 
   - highpri
+  - tier1
 ms.date: 2/15/2022
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
diff --git a/windows/security/identity-protection/hello-for-business/hello-overview.md b/windows/security/identity-protection/hello-for-business/hello-overview.md
index 48c16385f3..7d6a702deb 100644
--- a/windows/security/identity-protection/hello-for-business/hello-overview.md
+++ b/windows/security/identity-protection/hello-for-business/hello-overview.md
@@ -3,6 +3,7 @@ title: Windows Hello for Business Overview (Windows)
 description: Learn how Windows Hello for Business replaces passwords with strong two-factor authentication on PCs and mobile devices in Windows 10 and Windows 11.
 ms.collection: 
   - highpri
+  - tier1
 ms.topic: conceptual
 appliesto: 
   - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
diff --git a/windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password.md b/windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password.md
index 89fe8f84ce..d79cb84809 100644
--- a/windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password.md
+++ b/windows/security/identity-protection/hello-for-business/hello-why-pin-is-better-than-password.md
@@ -3,6 +3,7 @@ title: Why a PIN is better than an online password (Windows)
 description: Windows Hello enables users to sign in to their device using a PIN. How is a PIN different from (and better than) an online password.
 ms.collection: 
   - highpri
+  - tier1
 ms.date: 10/23/2017
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
diff --git a/windows/security/identity-protection/hello-for-business/index.yml b/windows/security/identity-protection/hello-for-business/index.yml
index 0c6b760604..75e29c597a 100644
--- a/windows/security/identity-protection/hello-for-business/index.yml
+++ b/windows/security/identity-protection/hello-for-business/index.yml
@@ -16,6 +16,7 @@ metadata:
   ms.date: 01/22/2021
   ms.collection:
     - highpri
+    - tier1
 
 # linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | tutorial | whats-new
 
diff --git a/windows/security/identity-protection/remote-credential-guard.md b/windows/security/identity-protection/remote-credential-guard.md
index eb1922b3a8..31b61af4b9 100644
--- a/windows/security/identity-protection/remote-credential-guard.md
+++ b/windows/security/identity-protection/remote-credential-guard.md
@@ -7,6 +7,7 @@ ms.author: paoloma
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier2
 ms.topic: article
 ms.localizationpriority: medium
 ms.date: 01/12/2018
@@ -51,12 +52,12 @@ Use the following table to compare different Remote Desktop connection security
 
 | Feature | Remote Desktop | Windows Defender Remote Credential Guard | Restricted Admin mode |
 |--------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-|                                                 **Protection benefits**                                                  |                                Credentials on the server are not protected from Pass-the-Hash attacks.                                 |  User credentials remain on the client. An attacker can act on behalf of the user *only* when the session is ongoing   |                                                                                  User logs on to the server as local administrator, so an attacker cannot act on behalf of the “domain user”. Any attack is local to the server                                                                                   |
+|                                                 **Protection benefits**                                                  |                                Credentials on the server are not protected from Pass-the-Hash attacks.                                 |  User credentials remain on the client. An attacker can act on behalf of the user *only* when the session is ongoing   |                                                                                  User logs on to the server as local administrator, so an attacker cannot act on behalf of the "domain user". Any attack is local to the server                                                                                   |
 |                                                   **Version support**                                                    |                                        The remote computer can run any Windows operating system                                        | Both the client and the remote computer must be running **at least Windows 10, version 1607, or Windows Server 2016**. | The remote computer must be running **at least patched Windows 7 or patched Windows Server 2008 R2**. <br /><br />For more information about patches (software updates) related to Restricted Admin mode, see [Microsoft Security Advisory 2871997](/security-updates/SecurityAdvisories/2016/2871997). |
 | **Helps prevent**   &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;   &nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp; |                             &nbsp;&nbsp;&nbsp;&nbsp; N/A &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;                              |                   <ul><li> Pass-the-Hash</li> <li>Use of a credential after disconnection </li></ul>                   |                                                                                                                <ul><li> Pass-the-Hash</li> <li>Use of domain identity during connection </li></ul>                                                                                                                |
 |                             **Credentials supported from the remote desktop client device**                              | <ul><li><b>Signed on</b> credentials <li> <b>Supplied</b> credentials<li> <b>Saved</b> credentials </ul> |                                  <ul><li> <b>Signed on</b> credentials only                                  |                                                                                        <ul><li><b>Signed on</b> credentials<li><b>Supplied</b> credentials<li><b>Saved</b> credentials</ul>                                                                                         |
 |                                                        **Access**                                                        |                           **Users allowed**, that is, members of Remote Desktop Users group of remote host.                            |                      **Users allowed**, that is, members of Remote Desktop Users of remote host.                       |                                                                                                              **Administrators only**, that is, only members of Administrators group of remote host.                                                                                                               |
-|                                                   **Network identity**                                                   |                               Remote Desktop session **connects to other resources as signed-in user**.                                |                       Remote Desktop session **connects to other resources as signed-in user**.                        |                                                                                                                 Remote Desktop session **connects to other resources as remote host’s identity**.                                                                                                                 |
+|                                                   **Network identity**                                                   |                               Remote Desktop session **connects to other resources as signed-in user**.                                |                       Remote Desktop session **connects to other resources as signed-in user**.                        |                                                                                                                 Remote Desktop session **connects to other resources as remote host's identity**.                                                                                                                 |
 |                                                      **Multi-hop**                                                       |                        From the remote desktop, **you can connect through Remote Desktop to another computer**                         |                From the remote desktop, you **can connect through Remote Desktop to another computer**.                |                                                                                                                      Not allowed for user as the session is running as a local host account                                                                                                                       |
 |                                               **Supported authentication**                                               |                                                        Any negotiable protocol.                                                        |                                                     Kerberos only.                                                     |                                                                                                                                              Any negotiable protocol                                                                                                                                              |
 
@@ -71,7 +72,7 @@ and [How Kerberos works](/previous-versions/windows/it-pro/windows-2000-server/c
 
 ## Remote Desktop connections and helpdesk support scenarios
 
-For helpdesk support scenarios in which personnel require administrative access to provide remote assistance to computer users via Remote Desktop sessions, Microsoft recommends that Windows Defender Remote Credential Guard should not be used in that context. This is because if an RDP session is initiated to a compromised client that an attacker already controls, the attacker could use that open channel to create sessions on the user's behalf (without compromising credentials) to access any of the user’s resources for a limited time (a few hours) after the session disconnects.
+For helpdesk support scenarios in which personnel require administrative access to provide remote assistance to computer users via Remote Desktop sessions, Microsoft recommends that Windows Defender Remote Credential Guard should not be used in that context. This is because if an RDP session is initiated to a compromised client that an attacker already controls, the attacker could use that open channel to create sessions on the user's behalf (without compromising credentials) to access any of the user's resources for a limited time (a few hours) after the session disconnects.
 
 Therefore, we recommend instead that you use the Restricted Admin mode option. For helpdesk support scenarios, RDP connections should only be initiated using the /RestrictedAdmin switch. This helps ensure that credentials and other user resources are not exposed to compromised remote hosts. For more information, see [Mitigating Pass-the-Hash and Other Credential Theft v2](https://download.microsoft.com/download/7/7/A/77ABC5BD-8320-41AF-863C-6ECFB10CB4B9/Mitigating-Pass-the-Hash-Attacks-and-Other-Credential-Theft-Version-2.pdf).
 
@@ -90,7 +91,7 @@ The Remote Desktop client device:
 
 -  Must be running at least Windows 10, version 1703 to be able to supply credentials, which is sent to the remote device. This allows users to run as different users without having to send credentials to the remote machine.
 
--  Must be running at least Windows 10, version 1607 or Windows Server 2016 to use the user’s signed-in credentials. This requires the user’s account be able to sign in to both the client device and the remote host.
+-  Must be running at least Windows 10, version 1607 or Windows Server 2016 to use the user's signed-in credentials. This requires the user's account be able to sign in to both the client device and the remote host.
 
 -  Must be running the Remote Desktop Classic Windows application. The Remote Desktop Universal Windows Platform application doesn't support Windows Defender Remote Credential Guard.
 
@@ -100,7 +101,7 @@ The Remote Desktop remote host:
 
 -  Must be running at least Windows 10, version 1607 or Windows Server 2016.
 -  Must allow Restricted Admin connections.
--  Must allow the client’s domain user to access Remote Desktop connections.
+-  Must allow the client's domain user to access Remote Desktop connections.
 -  Must allow delegation of non-exportable credentials.
 
 There are no hardware requirements for Windows Defender Remote Credential Guard.
@@ -181,7 +182,7 @@ mstsc.exe /remoteGuard
 
 ## Considerations when using Windows Defender Remote Credential Guard
 
-- Windows Defender Remote Credential Guard does not support compound authentication. For example, if you’re trying to access a file server from a remote host that requires a device claim, access will be denied.
+- Windows Defender Remote Credential Guard does not support compound authentication. For example, if you're trying to access a file server from a remote host that requires a device claim, access will be denied.
 
 - Windows Defender Remote Credential Guard can be used only when connecting to a device that is joined to a Windows Server Active Directory domain, including AD domain-joined servers that run as Azure virtual machines (VMs). Windows Defender Remote Credential Guard cannot be used when connecting to remote devices joined to Azure Active Directory.
 
diff --git a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md
index 3c1b301625..10b6bda518 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-debugging-information.md
@@ -8,6 +8,7 @@ ms.reviewer: ardenw
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier2
 ms.topic: article
 ms.localizationpriority: medium
 ms.date: 09/24/2021
diff --git a/windows/security/identity-protection/user-account-control/how-user-account-control-works.md b/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
index a968914652..8037f68045 100644
--- a/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
+++ b/windows/security/identity-protection/user-account-control/how-user-account-control-works.md
@@ -3,6 +3,7 @@ title: How User Account Control works (Windows)
 description: User Account Control (UAC) is a fundamental component of Microsoft's overall security vision. UAC helps mitigate the impact of malware.
 ms.collection: 
   - highpri
+  - tier2
 ms.topic: article
 ms.localizationpriority: medium
 ms.date: 09/23/2021
diff --git a/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md b/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md
index f3c8c14d4e..979a7ae1f1 100644
--- a/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md
+++ b/windows/security/identity-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings.md
@@ -3,6 +3,7 @@ title: User Account Control Group Policy and registry key settings (Windows)
 description: Here's a list of UAC  Group Policy and registry key settings that your organization can use to manage UAC.
 ms.collection: 
   - highpri
+  - tier2
 ms.topic: article
 ms.date: 04/19/2017
 appliesto: 
diff --git a/windows/security/identity-protection/user-account-control/user-account-control-overview.md b/windows/security/identity-protection/user-account-control/user-account-control-overview.md
index 35851d61af..93502be3e3 100644
--- a/windows/security/identity-protection/user-account-control/user-account-control-overview.md
+++ b/windows/security/identity-protection/user-account-control/user-account-control-overview.md
@@ -3,6 +3,7 @@ title: User Account Control (Windows)
 description: User Account Control (UAC) helps prevent malware from damaging a PC and helps organizations deploy a better-managed desktop.
 ms.collection: 
   - highpri
+  - tier2
 ms.topic: article
 ms.date: 09/24/2011
 appliesto: 
diff --git a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml
index b917a468f8..daa9cba013 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml
+++ b/windows/security/information-protection/bitlocker/bitlocker-and-adds-faq.yml
@@ -10,6 +10,7 @@ metadata:
   audience: ITPro
   ms.collection:
     - highpri
+    - tier1
   ms.topic: faq
   ms.date: 11/08/2022
   ms.custom: bitlocker
diff --git a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md
index 32a6c0816b..bc4ad1b106 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-countermeasures.md
@@ -90,17 +90,17 @@ To address these issues, [BitLocker Network Unlock](./bitlocker-how-to-enable-ne
 
 ### Protecting Thunderbolt and other DMA ports
 
-There are a few different options to protect DMA ports, such as Thunderbolt™3. Beginning with Windows 10 version 1803, new Intel-based devices have kernel protection against DMA attacks via Thunderbolt™ 3 ports enabled by default. This Kernel DMA Protection is available only for new systems beginning with Windows 10 version 1803, as it requires changes in the system firmware and/or BIOS.  
+There are a few different options to protect DMA ports, such as Thunderbolt&trade;3. Beginning with Windows 10 version 1803, new Intel-based devices have kernel protection against DMA attacks via Thunderbolt&trade; 3 ports enabled by default. This Kernel DMA Protection is available only for new systems beginning with Windows 10 version 1803, as it requires changes in the system firmware and/or BIOS.  
 
 You can use the System Information desktop app `MSINFO32.exe` to check if a device has kernel DMA protection enabled:
 
 ![Kernel DMA protection.](images/kernel-dma-protection.png)
 
-If kernel DMA protection isn't enabled, follow these steps to protect Thunderbolt™ 3 enabled ports:
+If kernel DMA protection isn't enabled, follow these steps to protect Thunderbolt&trade; 3 enabled ports:
 
 1. Require a password for BIOS changes
 
-2. Intel Thunderbolt Security must be set to User Authorization in BIOS settings. Refer to [Intel Thunderbolt™ 3 and Security on Microsoft Windows® 10 Operating System documentation](https://thunderbolttechnology.net/security/Thunderbolt%203%20and%20Security.pdf)
+2. Intel Thunderbolt Security must be set to User Authorization in BIOS settings. Refer to [Intel Thunderbolt&trade; 3 and Security on Microsoft Windows&reg; 10 Operating System documentation](https://thunderbolttechnology.net/security/Thunderbolt%203%20and%20Security.pdf)
 
 3. Additional DMA security may be added by deploying policy (beginning with Windows 10 version 1607 or Windows 11):
 
@@ -141,7 +141,7 @@ Enable secure boot and mandatorily prompt a password to change BIOS settings. Fo
 
 ### Tricking BitLocker to pass the key to a rogue operating system
 
-An attacker might modify the boot manager configuration database (BCD) which is stored on a non-encrypted partition and add an entry point to a rogue operating system on a different partition. During the boot process, BitLocker code will make sure that the operating system that the encryption key obtained from the TPM is given to, is cryptographically verified to be the intended recipient. Because this strong cryptographic verification already exists, we don’t recommend storing a hash of a disk partition table in Platform Configuration Register (PCR) 5.
+An attacker might modify the boot manager configuration database (BCD) which is stored on a non-encrypted partition and add an entry point to a rogue operating system on a different partition. During the boot process, BitLocker code will make sure that the operating system that the encryption key obtained from the TPM is given to, is cryptographically verified to be the intended recipient. Because this strong cryptographic verification already exists, we don't recommend storing a hash of a disk partition table in Platform Configuration Register (PCR) 5.
  
 An attacker might also replace the entire operating system disk while preserving the platform hardware and firmware and could then extract a protected BitLocker key blob from the metadata of the victim OS partition. The attacker could then attempt to unseal that BitLocker key blob by calling the TPM API from an operating system under their control. This will not succeed because when Windows seals the BitLocker key to the TPM, it does it with a PCR 11 value of 0, and to successfully unseal the blob, PCR 11 in the TPM must have a value of 0. However, when the boot manager passes the control to any boot loader (legitimate or rogue) it always changes PCR 11 to a value of 1. Since the PCR 11 value is guaranteed to be different after exiting the boot manager, the attacker can't unlock the BitLocker key.
 
diff --git a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
index 811287a4d3..c0f495b8a6 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-device-encryption-overview-windows-10.md
@@ -8,6 +8,7 @@ ms.author: frankroj
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier1
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
diff --git a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml
index 24016c5ca6..4f7256eadb 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml
+++ b/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions.yml
@@ -10,6 +10,7 @@ metadata:
   audience: ITPro
   ms.collection:
     - highpri
+    - tier1
   ms.topic: faq
   ms.date: 11/08/2022
   ms.custom: bitlocker
diff --git a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md
index 38d6bcb2f9..8b776366c3 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-group-policy-settings.md
@@ -9,6 +9,7 @@ ms.author: frankroj
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier1
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml
index 8398ff5cb5..3243fdb178 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml
+++ b/windows/security/information-protection/bitlocker/bitlocker-overview-and-requirements-faq.yml
@@ -10,6 +10,7 @@ metadata:
   audience: ITPro
   ms.collection:
     - highpri
+    - tier1
   ms.topic: faq
   ms.date: 11/08/2022
   ms.custom: bitlocker
diff --git a/windows/security/information-protection/bitlocker/bitlocker-overview.md b/windows/security/information-protection/bitlocker/bitlocker-overview.md
index 5cc2a4ae6c..a3b7a72ca1 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-overview.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-overview.md
@@ -8,6 +8,7 @@ author: frankroj
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier1
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
diff --git a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md
index 495549c66c..39eb80e0aa 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-recovery-guide-plan.md
@@ -10,6 +10,7 @@ ms.reviewer: rafals
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier1
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
diff --git a/windows/security/information-protection/bitlocker/bitlocker-recovery-loop-break.md b/windows/security/information-protection/bitlocker/bitlocker-recovery-loop-break.md
index 11ce21de12..b332940d0a 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-recovery-loop-break.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-recovery-loop-break.md
@@ -7,6 +7,7 @@ author: frankroj
 ms.author: frankroj
 manager: aaroncz
 ms.collection: 
+  - tier1
   - highpri
 ms.topic: conceptual
 ms.date: 11/08/2022
diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
index ea25cc99da..ba44582914 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-drive-encryption-tools-to-manage-bitlocker.md
@@ -9,6 +9,7 @@ ms.author: frankroj
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier1
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
diff --git a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
index fe24fac2a4..1592e527a6 100644
--- a/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
+++ b/windows/security/information-protection/bitlocker/bitlocker-use-bitlocker-recovery-password-viewer.md
@@ -9,6 +9,7 @@ ms.author: frankroj
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier1
 ms.topic: conceptual
 ms.date: 11/08/2022
 ms.custom: bitlocker
diff --git a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
index 234c8a6eba..49d276838c 100644
--- a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
+++ b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md
@@ -1,12 +1,13 @@
 ---
 title: Kernel DMA Protection (Windows)
-description: Kernel DMA Protection protects PCs against drive-by Direct Memory Access (DMA) attacks using PCI hot plug devices connected to Thunderbolt™ 3 ports.
+description: Kernel DMA Protection protects PCs against drive-by Direct Memory Access (DMA) attacks using PCI hot plug devices connected to Thunderbolt&trade; 3 ports.
 ms.prod: windows-client
 author: vinaypamnani-msft
 ms.author: vinpa
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier1
 ms.topic: conceptual
 ms.date: 01/05/2023
 ms.technology: itpro-security
@@ -18,7 +19,7 @@ ms.technology: itpro-security
 -   Windows 10
 -   Windows 11
 
-In Windows 10 version 1803, Microsoft introduced a new feature called Kernel DMA Protection to protect PCs against drive-by Direct Memory Access (DMA) attacks using PCI hot plug devices connected to externally accessible PCIe ports (for example, Thunderbolt™ 3 ports and CFexpress). In Windows 10 version 1903, Microsoft expanded the Kernel DMA Protection support to cover internal PCIe ports (for example, M.2 slots)
+In Windows 10 version 1803, Microsoft introduced a new feature called Kernel DMA Protection to protect PCs against drive-by Direct Memory Access (DMA) attacks using PCI hot plug devices connected to externally accessible PCIe ports (for example, Thunderbolt&trade; 3 ports and CFexpress). In Windows 10 version 1903, Microsoft expanded the Kernel DMA Protection support to cover internal PCIe ports (for example, M.2 slots)
 
 Drive-by DMA attacks can lead to disclosure of sensitive information residing on a PC, or even injection of malware that allows attackers to bypass the lock screen or control PCs remotely.
 
@@ -32,9 +33,9 @@ The DMA capability is what makes PCI devices the highest performing devices avai
 These devices have historically existed only inside the PC chassis, either connected as a card or soldered on the motherboard. 
 Access to these devices required the user to turn off power to the system and disassemble the chassis. 
 
-Today, this is no longer the case with hot plug PCIe ports (for example, Thunderbolt™ and CFexpress). 
+Today, this is no longer the case with hot plug PCIe ports (for example, Thunderbolt&trade; and CFexpress). 
 
-Hot plug PCIe ports such as Thunderbolt™ technology have provided modern PCs with extensibility that wasn't available before for PCs. 
+Hot plug PCIe ports such as Thunderbolt&trade; technology have provided modern PCs with extensibility that wasn't available before for PCs. 
 It allows users to attach new classes of external peripherals, such as graphics cards or other PCI devices, to their PCs with a hot plug experience identical to USB. 
 Having PCI hot plug ports externally and easily accessible makes PCs susceptible to drive-by DMA attacks.
 
@@ -102,15 +103,15 @@ Beginning with Windows 10 version 1809, you can use the Windows Security app to
 
 4. If the state of **Kernel DMA Protection** remains Off, then the system does not support this feature. 
 
-   For systems that do not support Kernel DMA Protection, please refer to the [BitLocker countermeasures](bitlocker/bitlocker-countermeasures.md) or [Thunderbolt™ 3 and Security on Microsoft Windows® 10 Operating system](https://thunderbolttechnology.net/security/Thunderbolt%203%20and%20Security.pdf) for other means of DMA protection.
+   For systems that do not support Kernel DMA Protection, please refer to the [BitLocker countermeasures](bitlocker/bitlocker-countermeasures.md) or [Thunderbolt&trade; 3 and Security on Microsoft Windows&reg; 10 Operating system](https://thunderbolttechnology.net/security/Thunderbolt%203%20and%20Security.pdf) for other means of DMA protection.
 
 ## Frequently asked questions
 
-### Do in-market systems support Kernel DMA Protection for Thunderbolt™ 3?
-In-market systems, released with Windows 10 version 1709 or earlier, will not support Kernel DMA Protection for Thunderbolt™ 3 after upgrading to Windows 10 version 1803, as this feature requires the BIOS/platform firmware changes and guarantees that cannot be backported to previously released devices. For these systems, please refer to the [BitLocker countermeasures](bitlocker/bitlocker-countermeasures.md) or [Thunderbolt™ 3 and Security on Microsoft Windows® 10 Operating system](https://thunderbolttechnology.net/security/Thunderbolt%203%20and%20Security.pdf) for other means of DMA protection.
+### Do in-market systems support Kernel DMA Protection for Thunderbolt&trade; 3?
+In-market systems, released with Windows 10 version 1709 or earlier, will not support Kernel DMA Protection for Thunderbolt&trade; 3 after upgrading to Windows 10 version 1803, as this feature requires the BIOS/platform firmware changes and guarantees that cannot be backported to previously released devices. For these systems, please refer to the [BitLocker countermeasures](bitlocker/bitlocker-countermeasures.md) or [Thunderbolt&trade; 3 and Security on Microsoft Windows&reg; 10 Operating system](https://thunderbolttechnology.net/security/Thunderbolt%203%20and%20Security.pdf) for other means of DMA protection.
 
 ### Does Kernel DMA Protection prevent drive-by DMA attacks during Boot?
-No, Kernel DMA Protection only protects against drive-by DMA attacks after the OS is loaded. It is the responsibility of the system firmware/BIOS to protect against attacks via the Thunderbolt™ 3 ports during boot. 
+No, Kernel DMA Protection only protects against drive-by DMA attacks after the OS is loaded. It is the responsibility of the system firmware/BIOS to protect against attacks via the Thunderbolt&trade; 3 ports during boot. 
 
 ### How can I check if a certain driver supports DMA-remapping?
 DMA-remapping is supported for specific device drivers, and is not universally supported by all devices and drivers on a platform. To check if a specific driver is opted into DMA-remapping, check the values corresponding to the DMA Remapping Policy property in the Details tab of a device in Device Manager*. A value of 0 or 1 means that the device driver does not support DMA-remapping. A value of two means that the device driver supports DMA-remapping. If the property is not available, then the policy is not set by the device driver (that is, the device driver does not support DMA-remapping).
@@ -122,7 +123,7 @@ Check the driver instance for the device you are testing. Some drivers may have
 
 ![Experience of a user about Kernel DMA protection](images/device-details-tab.png)
 
-### When the drivers for PCI or Thunderbolt™ 3 peripherals do not support DMA-remapping?
+### When the drivers for PCI or Thunderbolt&trade; 3 peripherals do not support DMA-remapping?
 
 If the peripherals do have class drivers provided by Windows, use these drivers on your systems. If there are no class drivers provided by Windows for your peripherals, contact your peripheral vendor/driver vendor to update the driver to support [DMA Remapping](/windows-hardware/drivers/pci/enabling-dma-remapping-for-device-drivers).
 
diff --git a/windows/security/information-protection/secure-the-windows-10-boot-process.md b/windows/security/information-protection/secure-the-windows-10-boot-process.md
index edec923f61..9f1d4ad802 100644
--- a/windows/security/information-protection/secure-the-windows-10-boot-process.md
+++ b/windows/security/information-protection/secure-the-windows-10-boot-process.md
@@ -5,8 +5,9 @@ ms.prod: windows-client
 ms.localizationpriority: medium
 author: dansimp
 manager: aaroncz
-ms.collection: 
+ms.collection:
   - highpri
+  - tier1
 ms.topic: conceptual
 ms.date: 05/12/2022
 ms.author: dansimp
@@ -91,13 +92,13 @@ To trust and boot operating systems, like Linux, and components signed by the UE
 
 1. Open the firmware menu, either: 
   
-  - Boot the PC, and press the manufacturer’s key to open the menus. Common keys used: Esc, Delete, F1, F2, F10, F11, or F12. On tablets, common buttons are Volume up or Volume down. During startup, there’s often a screen that mentions the key. If there’s not one, or if the screen goes by too fast to see it, check your manufacturer’s site.
+  - Boot the PC, and press the manufacturer's key to open the menus. Common keys used: Esc, Delete, F1, F2, F10, F11, or F12. On tablets, common buttons are Volume up or Volume down. During startup, there's often a screen that mentions the key. If there's not one, or if the screen goes by too fast to see it, check your manufacturer's site.
 
   - Or, if Windows is already installed, from either the Sign on screen or the Start menu, select Power ( ) > hold Shift while selecting Restart. Select Troubleshoot > Advanced options > UEFI Firmware settings.
   
-2.	From the firmware menu navigate to Security > Secure Boot and select the option to trust the “3rd Party CA”. 
+2.    From the firmware menu navigate to Security > Secure Boot and select the option to trust the "3rd Party CA". 
 
-3.	Save changes and exit. 
+3.    Save changes and exit. 
  
 Microsoft continues to collaborate with Linux and IHV ecosystem partners to design least privileged features to help you stay secure and opt-in trust for only the publishers and components you trust. 
 
diff --git a/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds.md b/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds.md
index 5545248585..1f711c3493 100644
--- a/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds.md
+++ b/windows/security/information-protection/tpm/backup-tpm-recovery-information-to-ad-ds.md
@@ -14,7 +14,7 @@ ms.technology: itpro-security
 # Back up the TPM recovery information to AD DS
 
 **Applies to**
--   Windows 10
+-   Windows 10
 -   Windows 11
 -   Windows Server 2016 and above
 
@@ -22,7 +22,7 @@ ms.technology: itpro-security
 
 -   Windows 10, version 1607 or later
 
-With Windows 10, versions 1511 and 1507, or Windows 11, you can back up a computer’s Trusted Platform Module (TPM) information to Active Directory Domain Services (AD DS). By doing this, you can use AD DS to administer the TPM from a remote computer. The procedure is the same as it was for Windows 8.1. For more information, see [Backup the TPM Recovery Information to AD DS](/previous-versions/windows/it-pro/windows-8.1-and-8/dn466534(v=ws.11)).
+With Windows 10, versions 1511 and 1507, or Windows 11, you can back up a computer's Trusted Platform Module (TPM) information to Active Directory Domain Services (AD DS). By doing this, you can use AD DS to administer the TPM from a remote computer. The procedure is the same as it was for Windows 8.1. For more information, see [Backup the TPM Recovery Information to AD DS](/previous-versions/windows/it-pro/windows-8.1-and-8/dn466534(v=ws.11)).
 
 ## Related topics
 
diff --git a/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md b/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md
index df275cf0b3..d2c170111c 100644
--- a/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md
+++ b/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md
@@ -30,9 +30,9 @@ The Windows operating system improves most existing security features in the ope
 
 The TPM is a cryptographic module that enhances computer security and privacy. Protecting data through encryption and decryption, protecting authentication credentials, and proving which software is running on a system are basic functionalities associated with computer security. The TPM helps with all these scenarios and more.
 
-Historically, TPMs have been discrete chips soldered to a computer’s motherboard. Such implementations allow the computer’s original equipment manufacturer (OEM) to evaluate and certify the TPM separate from the rest of the system. Although discrete TPM implementations are still common, they can be problematic for integrated devices that are small or have low power consumption. Some newer TPM implementations integrate TPM functionality into the same chipset as other platform components while still providing logical separation similar to discrete TPM chips.
+Historically, TPMs have been discrete chips soldered to a computer's motherboard. Such implementations allow the computer's original equipment manufacturer (OEM) to evaluate and certify the TPM separate from the rest of the system. Although discrete TPM implementations are still common, they can be problematic for integrated devices that are small or have low power consumption. Some newer TPM implementations integrate TPM functionality into the same chipset as other platform components while still providing logical separation similar to discrete TPM chips.
 
-TPMs are passive: they receive commands and return responses. To realize the full benefit of a TPM, the OEM must carefully integrate system hardware and firmware with the TPM to send it commands and react to its responses. TPMs were originally designed to provide security and privacy benefits to a platform’s owner and users, but newer versions can provide security and privacy benefits to the system hardware itself. Before it can be used for advanced scenarios, a TPM must be provisioned. Windows automatically provisions a TPM, but if the user reinstalls the operating system, user may need to tell the operating system to explicitly provision the TPM again before it can use all the TPM’s features.
+TPMs are passive: they receive commands and return responses. To realize the full benefit of a TPM, the OEM must carefully integrate system hardware and firmware with the TPM to send it commands and react to its responses. TPMs were originally designed to provide security and privacy benefits to a platform's owner and users, but newer versions can provide security and privacy benefits to the system hardware itself. Before it can be used for advanced scenarios, a TPM must be provisioned. Windows automatically provisions a TPM, but if the user reinstalls the operating system, user may need to tell the operating system to explicitly provision the TPM again before it can use all the TPM's features.
 
 The Trusted Computing Group (TCG) is the nonprofit organization that publishes and maintains the TPM specification. The TCG exists to develop, define, and promote vendor-neutral, global industry standards that support a hardware-based root of trust for interoperable trusted computing platforms. The TCG also publishes the TPM specification as the international standard ISO/IEC 11889, using the Publicly Available Specification Submission Process that the Joint Technical Committee 1 defines between the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).
 
@@ -40,7 +40,7 @@ OEMs implement the TPM as a component in a trusted computing platform, such as a
 
 The TCG designed the TPM as a low-cost, mass-market security solution that addresses the requirements of different customer segments. There are variations in the security properties of different TPM implementations just as there are variations in customer and regulatory requirements for different sectors. In public-sector procurement, for example, some governments have clearly defined security requirements for TPMs, whereas others do not.
 
-Certification programs for TPMs—and technology in general—continue to evolve as the speed of innovation increases. Although having a TPM is clearly better than not having a TPM, Microsoft’s best advice is to determine your organization’s security needs and research any regulatory requirements associated with procurement for your industry. The result is a balance between scenarios used, assurance level, cost, convenience, and availability.
+Certification programs for TPMs—and technology in general—continue to evolve as the speed of innovation increases. Although having a TPM is clearly better than not having a TPM, Microsoft's best advice is to determine your organization's security needs and research any regulatory requirements associated with procurement for your industry. The result is a balance between scenarios used, assurance level, cost, convenience, and availability.
 
 ## TPM in Windows 
 
@@ -58,15 +58,15 @@ The Platform Crypto Provider, introduced in the Windows 8 operating system, expo
 
 - **Dictionary attack protection**. Keys that a TPM protects can require an authorization value such as a PIN. With dictionary attack protection, the TPM can prevent attacks that attempt a large number of guesses to determine the PIN. After too many guesses, the TPM simply returns an error saying no more guesses are allowed for a period of time. Software solutions might provide similar features, but they cannot provide the same level of protection, especially if the system restarts, the system clock changes, or files on the hard disk that count failed guesses are rolled back. In addition, with dictionary attack protection, authorization values such as PINs can be shorter and easier to remember while still providing the same level of protection as more complex values when using software solutions.
 
-These TPM features give Platform Crypto Provider distinct advantages over software-based solutions. A practical way to see these benefits in action is when using certificates on a Windows device. On platforms that include a TPM, Windows can use the Platform Crypto Provider to provide certificate storage. Certificate templates can specify that a TPM use the Platform Crypto Provider to protect the key associated with a certificate. In mixed environments, where some computers might not have a TPM, the certificate template could prefer the Platform Crypto Provider over the standard Windows software provider. If a certificate is configured as not able to be exported, the private key for the certificate is restricted and cannot be exported from the TPM. If the certificate requires a PIN, the PIN gains the TPM’s dictionary attack protection automatically.
+These TPM features give Platform Crypto Provider distinct advantages over software-based solutions. A practical way to see these benefits in action is when using certificates on a Windows device. On platforms that include a TPM, Windows can use the Platform Crypto Provider to provide certificate storage. Certificate templates can specify that a TPM use the Platform Crypto Provider to protect the key associated with a certificate. In mixed environments, where some computers might not have a TPM, the certificate template could prefer the Platform Crypto Provider over the standard Windows software provider. If a certificate is configured as not able to be exported, the private key for the certificate is restricted and cannot be exported from the TPM. If the certificate requires a PIN, the PIN gains the TPM's dictionary attack protection automatically.
 
 ## Virtual Smart Card
 
-Smart cards are highly secure physical devices that typically store a single certificate and the corresponding private key. Users insert a smart card into a built-in or USB card reader and enter a PIN to unlock it. Windows can then access the card’s certificate and use the private key for authentication or to unlock BitLocker protected data volumes. Smart cards are popular because they provide two-factor authentication that requires both something the user has (that is, the smart card) and something the user knows (such as the smart card PIN). Smart cards are difficult to use, however, because they require purchase and deployment of both smart cards and smart card readers.
+Smart cards are highly secure physical devices that typically store a single certificate and the corresponding private key. Users insert a smart card into a built-in or USB card reader and enter a PIN to unlock it. Windows can then access the card's certificate and use the private key for authentication or to unlock BitLocker protected data volumes. Smart cards are popular because they provide two-factor authentication that requires both something the user has (that is, the smart card) and something the user knows (such as the smart card PIN). Smart cards are difficult to use, however, because they require purchase and deployment of both smart cards and smart card readers.
 
-In Windows, the Virtual Smart Card feature allows the TPM to mimic a permanently inserted smart card. The TPM becomes “something the user has” but still requires a PIN. Although physical smart cards limit the number of PIN attempts before locking the card and requiring a reset, a virtual smart card relies on the TPM’s dictionary attack protection to prevent too many PIN guesses.
+In Windows, the Virtual Smart Card feature allows the TPM to mimic a permanently inserted smart card. The TPM becomes "something the user has" but still requires a PIN. Although physical smart cards limit the number of PIN attempts before locking the card and requiring a reset, a virtual smart card relies on the TPM's dictionary attack protection to prevent too many PIN guesses.
 
-For TPM-based virtual smart cards, the TPM protects the use and storage of the certificate private key so that it cannot be copied when it is in use or stored and used elsewhere. Using a component that is part of the system rather than a separate physical smart card can reduce total cost of ownership because it eliminates “lost card” and “card left at home” scenarios while still delivering the benefits of smart card–based multifactor authentication. For users, virtual smart cards are simple to use, requiring only a PIN to unlock. Virtual smart cards support the same scenarios that physical smart cards support, including signing in to Windows or authenticating for resource access.
+For TPM-based virtual smart cards, the TPM protects the use and storage of the certificate private key so that it cannot be copied when it is in use or stored and used elsewhere. Using a component that is part of the system rather than a separate physical smart card can reduce total cost of ownership because it eliminates "lost card" and "card left at home" scenarios while still delivering the benefits of smart card–based multifactor authentication. For users, virtual smart cards are simple to use, requiring only a PIN to unlock. Virtual smart cards support the same scenarios that physical smart cards support, including signing in to Windows or authenticating for resource access.
 
 ## Windows Hello for Business
 
@@ -87,21 +87,21 @@ For Windows Hello for Business, Microsoft can fill the role of the identity CA.
 
 ## BitLocker Drive Encryption
 
-BitLocker provides full-volume encryption to protect data at rest. The most common device configuration splits the hard drive into several volumes. The operating system and user data reside on one volume that holds confidential information, and other volumes hold public information such as boot components, system information and recovery tools. (These other volumes are used infrequently enough that they do not need to be visible to users.) Without more protections in place, if the volume containing the operating system and user data is not encrypted, someone can boot another operating system and easily bypass the intended operating system’s enforcement of file permissions to read any user data.
+BitLocker provides full-volume encryption to protect data at rest. The most common device configuration splits the hard drive into several volumes. The operating system and user data reside on one volume that holds confidential information, and other volumes hold public information such as boot components, system information and recovery tools. (These other volumes are used infrequently enough that they do not need to be visible to users.) Without more protections in place, if the volume containing the operating system and user data is not encrypted, someone can boot another operating system and easily bypass the intended operating system's enforcement of file permissions to read any user data.
 
 In the most common configuration, BitLocker encrypts the operating system volume so that if the computer or hard disk is lost or stolen when powered off, the data on the volume remains confidential. When the computer is turned on, starts normally, and proceeds to the Windows logon prompt, the only path forward is for the user to log on with his or her credentials, allowing the operating system to enforce its normal file permissions. If something about the boot process changes, however—for example, a different operating system is booted from a USB device—the operating system volume and user data cannot be read and are not accessible. The TPM and system firmware collaborate to record measurements of how the system started, including loaded software and configuration details such as whether boot occurred from the hard drive or a USB device. BitLocker relies on the TPM to allow the use of a key only when startup occurs in an expected way. The system firmware and TPM are carefully designed to work together to provide the following capabilities:
 
-- **Hardware root of trust for measurement**. A TPM allows software to send it commands that record measurements of software or configuration information. This information can be calculated using a hash algorithm that essentially transforms a lot of data into a small, statistically unique hash value. The system firmware has a component called the Core Root of Trust for Measurement (CRTM) that is implicitly trusted. The CRTM unconditionally hashes the next software component and records the measurement value by sending a command to the TPM. Successive components, whether system firmware or operating system loaders, continue the process by measuring any software components they load before running them. Because each component’s measurement is sent to the TPM before it runs, a component cannot erase its measurement from the TPM. (However, measurements are erased when the system is restarted.) The result is that at each step of the system startup process, the TPM holds measurements of boot software and configuration information. Any changes in boot software or configuration yield different TPM measurements at that step and later steps. Because the system firmware unconditionally starts the measurement chain, it provides a hardware-based root of trust for the TPM measurements. At some point in the startup process, the value of recording all loaded software and configuration information diminishes and the chain of measurements stops. The TPM allows for the creation of keys that can be used only when the platform configuration registers that hold the measurements have specific values.
+- **Hardware root of trust for measurement**. A TPM allows software to send it commands that record measurements of software or configuration information. This information can be calculated using a hash algorithm that essentially transforms a lot of data into a small, statistically unique hash value. The system firmware has a component called the Core Root of Trust for Measurement (CRTM) that is implicitly trusted. The CRTM unconditionally hashes the next software component and records the measurement value by sending a command to the TPM. Successive components, whether system firmware or operating system loaders, continue the process by measuring any software components they load before running them. Because each component's measurement is sent to the TPM before it runs, a component cannot erase its measurement from the TPM. (However, measurements are erased when the system is restarted.) The result is that at each step of the system startup process, the TPM holds measurements of boot software and configuration information. Any changes in boot software or configuration yield different TPM measurements at that step and later steps. Because the system firmware unconditionally starts the measurement chain, it provides a hardware-based root of trust for the TPM measurements. At some point in the startup process, the value of recording all loaded software and configuration information diminishes and the chain of measurements stops. The TPM allows for the creation of keys that can be used only when the platform configuration registers that hold the measurements have specific values.
 
 - **Key used only when boot measurements are accurate**. BitLocker creates a key in the TPM that can be used only when the boot measurements match an expected value. The expected value is calculated for the step in the startup process when Windows Boot Manager runs from the operating system volume on the system hard drive. Windows Boot Manager, which is stored unencrypted on the boot volume, needs to use the TPM key so that it can decrypt data read into memory from the operating system volume and startup can proceed using the encrypted operating system volume. If a different operating system is booted or the configuration is changed, the measurement values in the TPM will be different, the TPM will not let Windows Boot Manager use the key, and the startup process cannot proceed normally because the data on the operating system cannot be decrypted. If someone tries to boot the system with a different operating system or a different device, the software or configuration measurements in the TPM will be wrong and the TPM will not allow use of the key needed to decrypt the operating system volume. As a failsafe, if measurement values change unexpectedly, the user can always use the BitLocker recovery key to access volume data. Organizations can configure BitLocker to store the recovery key-in Active Directory Domain Services (AD DS).
 
-Device hardware characteristics are important to BitLocker and its ability to protect data. One consideration is whether the device provides attack vectors when the system is at the logon screen. For example, if the Windows device has a port that allows direct memory access so that someone can plug in hardware and read memory, an attacker can read the operating system volume’s decryption key from memory while at the Windows logon screen. To mitigate this risk, organizations can configure BitLocker so that the TPM key requires both the correct software measurements and an authorization value. The system startup process stops at Windows Boot Manager, and the user is prompted to enter the authorization value for the TPM key or insert a USB device with the value. This process stops BitLocker from automatically loading the key into memory where it might be vulnerable, but has a less desirable user experience.
+Device hardware characteristics are important to BitLocker and its ability to protect data. One consideration is whether the device provides attack vectors when the system is at the logon screen. For example, if the Windows device has a port that allows direct memory access so that someone can plug in hardware and read memory, an attacker can read the operating system volume's decryption key from memory while at the Windows logon screen. To mitigate this risk, organizations can configure BitLocker so that the TPM key requires both the correct software measurements and an authorization value. The system startup process stops at Windows Boot Manager, and the user is prompted to enter the authorization value for the TPM key or insert a USB device with the value. This process stops BitLocker from automatically loading the key into memory where it might be vulnerable, but has a less desirable user experience.
 
-Newer hardware and Windows work better together to disable direct memory access through ports and reduce attack vectors. The result is that organizations can deploy more systems without requiring users to enter additional authorization information during the startup process. The right hardware allows BitLocker to be used with the “TPM-only” configuration giving users a single sign-on experience without having to enter a PIN or USB key during boot.
+Newer hardware and Windows work better together to disable direct memory access through ports and reduce attack vectors. The result is that organizations can deploy more systems without requiring users to enter additional authorization information during the startup process. The right hardware allows BitLocker to be used with the "TPM-only" configuration giving users a single sign-on experience without having to enter a PIN or USB key during boot.
 
 ## Device Encryption
 
-Device Encryption is the consumer version of BitLocker, and it uses the same underlying technology. How it works is if a customer logs on with a Microsoft account and the system meets Modern Standby hardware requirements, BitLocker Drive Encryption is enabled automatically in Windows. The recovery key is backed up in the Microsoft cloud and is accessible to the consumer through his or her Microsoft account. The Modern Standby hardware requirements inform Windows that the hardware is appropriate for deploying Device Encryption and allows use of the “TPM-only” configuration for a simple consumer experience. In addition, Modern Standby hardware is designed to reduce the likelihood that measurement values change and prompt the customer for the recovery key.
+Device Encryption is the consumer version of BitLocker, and it uses the same underlying technology. How it works is if a customer logs on with a Microsoft account and the system meets Modern Standby hardware requirements, BitLocker Drive Encryption is enabled automatically in Windows. The recovery key is backed up in the Microsoft cloud and is accessible to the consumer through his or her Microsoft account. The Modern Standby hardware requirements inform Windows that the hardware is appropriate for deploying Device Encryption and allows use of the "TPM-only" configuration for a simple consumer experience. In addition, Modern Standby hardware is designed to reduce the likelihood that measurement values change and prompt the customer for the recovery key.
 
 For software measurements, Device Encryption relies on measurements of the authority providing software components (based on code signing from manufacturers such as OEMs or Microsoft) instead of the precise hashes of the software components themselves. This permits servicing of components without changing the resulting measurement values. For configuration measurements, the values used are based on the boot security policy instead of the numerous other configuration settings recorded during startup. These values also change less frequently. The result is that Device Encryption is enabled on appropriate hardware in a user-friendly way while also protecting data.
 
@@ -111,7 +111,7 @@ Windows 8 introduced Measured Boot as a way for the operating system to record t
 
 The Windows boot process happens in stages and often involves third-party drivers to communicate with vendor-specific hardware or implement antimalware solutions. For software, Measured Boot records measurements of the Windows kernel, Early-Launch Anti-Malware drivers, and boot drivers in the TPM. For configuration settings, Measured Boot records security-relevant information such as signature data that antimalware drivers use and configuration data about Windows security features (e.g., whether BitLocker is on or off).
 
-Measured Boot ensures that TPM measurements fully reflect the starting state of Windows software and configuration settings. If security settings and other protections are set up correctly, they can be trusted to maintain the security of the running operating system thereafter. Other scenarios can use the operating system’s starting state to determine whether the running operating system should be trusted.
+Measured Boot ensures that TPM measurements fully reflect the starting state of Windows software and configuration settings. If security settings and other protections are set up correctly, they can be trusted to maintain the security of the running operating system thereafter. Other scenarios can use the operating system's starting state to determine whether the running operating system should be trusted.
 
 TPM measurements are designed to avoid recording any privacy-sensitive information as a measurement. As an additional privacy protection, Measured Boot stops the measurement chain at the initial starting state of Windows. Therefore, the set of measurements does not include details about which applications are in use or how Windows is being used. Measurement information can be shared with external entities to show that the device is enforcing adequate security policies and did not start with malware.
 
@@ -133,7 +133,7 @@ Mobile device management (MDM) solutions can receive simple security assertions
 
 ## Credential Guard
 
-Credential Guard is a new feature in Windows that helps protect Windows credentials in organizations that have deployed AD DS. Historically, a user’s credentials (e.g., logon password) were hashed to generate an authorization token. The user employed the token to access resources that he or she was permitted to use. One weakness of the token model is that malware that had access to the operating system kernel could look through the computer’s memory and harvest all the access tokens currently in use. The attacker could then use harvested tokens to log on to other machines and collect more credentials. This kind of attack is called a “pass the hash” attack, a malware technique that infects one machine to infect many machines across an organization.
+Credential Guard is a new feature in Windows that helps protect Windows credentials in organizations that have deployed AD DS. Historically, a user's credentials (e.g., logon password) were hashed to generate an authorization token. The user employed the token to access resources that he or she was permitted to use. One weakness of the token model is that malware that had access to the operating system kernel could look through the computer's memory and harvest all the access tokens currently in use. The attacker could then use harvested tokens to log on to other machines and collect more credentials. This kind of attack is called a "pass the hash" attack, a malware technique that infects one machine to infect many machines across an organization.
 
 Similar to the way Microsoft Hyper-V keeps virtual machines (VMs) separate from one another, Credential Guard uses virtualization to isolate the process that hashes credentials in a memory area that the operating system kernel cannot access. This isolated memory area is initialized and protected during the boot process so that components in the larger operating system environment cannot tamper with it. Credential Guard uses the TPM to protect its keys with TPM measurements, so they are accessible only during the boot process step when the separate region is initialized; they are not available for the normal operating system kernel. The local security authority code in the Windows kernel interacts with the isolated memory area by passing in credentials and receiving single-use authorization tokens in return.
 
@@ -141,17 +141,17 @@ The resulting solution provides defense in depth, because even if malware runs i
 
 ## Conclusion
 
-The TPM adds hardware-based security benefits to Windows. When installed on hardware that includes a TPM, Window delivers remarkably improved security benefits. The following table summarizes the key benefits of the TPM’s major features.
+The TPM adds hardware-based security benefits to Windows. When installed on hardware that includes a TPM, Window delivers remarkably improved security benefits. The following table summarizes the key benefits of the TPM's major features.
 
 <br/>
 
 |Feature | Benefits when used on a system with a TPM|
 |---|---|
-| Platform Crypto Provider | <ul><li>If the machine is compromised, the private key associated with the certificate cannot be copied off the device.</li><li>The TPM’s dictionary attack mechanism protects PIN values to use a certificate.</li></ul> |
+| Platform Crypto Provider | <ul><li>If the machine is compromised, the private key associated with the certificate cannot be copied off the device.</li><li>The TPM's dictionary attack mechanism protects PIN values to use a certificate.</li></ul> |
 | Virtual Smart Card | <ul><li>Achieve security similar to that of physical smart cards without deploying physical smart cards or card readers.</li></ul> |
-| Windows Hello for Business | <ul><li>Credentials provisioned on a device cannot be copied elsewhere.</li><li>Confirm a device’s TPM before credentials are provisioned.</li></ul> |
+| Windows Hello for Business | <ul><li>Credentials provisioned on a device cannot be copied elsewhere.</li><li>Confirm a device's TPM before credentials are provisioned.</li></ul> |
 | BitLocker Drive Encryption | <ul><li>Multiple options are available for enterprises to protect data at rest while balancing security requirements with different device hardware.</li></ul> |
-|Device Encryption | <ul><li>With a Microsoft account and the right hardware, consumers’ devices seamlessly benefit from data-at-rest protection.</li></ul> |
+|Device Encryption | <ul><li>With a Microsoft account and the right hardware, consumers' devices seamlessly benefit from data-at-rest protection.</li></ul> |
 | Measured Boot | <ul><li>A hardware root of trust contains boot measurements that help detect malware during remote attestation.</li></ul> |
 | Health Attestation | <ul><li>MDM solutions can easily perform remote attestation and evaluate client health before granting access to resources or cloud services such as Office 365. </li></ul> |
 | Credential Guard | <ul><li>Defense in depth increases so that even if malware has administrative rights on one machine, it is significantly more difficult to compromise additional machines in an organization.</li></ul> |
diff --git a/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm.md b/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm.md
index dc54432a56..0fa4cfb623 100644
--- a/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm.md
+++ b/windows/security/information-protection/tpm/initialize-and-configure-ownership-of-the-tpm.md
@@ -8,6 +8,7 @@ ms.author: dansimp
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier1
 ms.topic: conceptual
 ms.date: 09/06/2021
 ms.technology: itpro-security
@@ -71,7 +72,7 @@ You can use the Windows Defender Security Center app to clear the TPM as a troub
 Clearing the TPM resets it to an unowned state. After you clear the TPM, the Windows operating system will automatically re-initialize it and take ownership again.
 
 > [!WARNING]
-> Clearing the TPM can result in data loss. For more information, see the next section, “Precautions to take before clearing the TPM.”
+> Clearing the TPM can result in data loss. For more information, see the next section, "Precautions to take before clearing the TPM."
 
 ### Precautions to take before clearing the TPM
 
diff --git a/windows/security/information-protection/tpm/manage-tpm-commands.md b/windows/security/information-protection/tpm/manage-tpm-commands.md
index 1ec4c72de8..251796e480 100644
--- a/windows/security/information-protection/tpm/manage-tpm-commands.md
+++ b/windows/security/information-protection/tpm/manage-tpm-commands.md
@@ -13,7 +13,7 @@ ms.technology: itpro-security
 # Manage TPM commands
 
 **Applies to**
--   Windows 10
+-   Windows 10
 -   Windows 11
 -   Windows Server 2016 and above
 
diff --git a/windows/security/information-protection/tpm/manage-tpm-lockout.md b/windows/security/information-protection/tpm/manage-tpm-lockout.md
index b348034a8d..4e0c9fa6af 100644
--- a/windows/security/information-protection/tpm/manage-tpm-lockout.md
+++ b/windows/security/information-protection/tpm/manage-tpm-lockout.md
@@ -13,7 +13,7 @@ ms.technology: itpro-security
 # Manage TPM lockout
 
 **Applies to**
--   Windows 10
+-   Windows 10
 -   Windows 11
 -   Windows Server 2016 and above
 
@@ -35,7 +35,7 @@ The industry standards from the Trusted Computing Group (TCG) specify that TPM m
 
 TPM 2.0 devices have standardized lockout behavior, which is configured by Windows. TPM 2.0 devices have a maximum count threshold and a healing time. Windows configures the maximum count to be 32 and the healing time to be 10 minutes. This means that every continuous ten minutes of powered on operation without an event, which increases the counter will cause the counter to decrease by 1.
 
-If your TPM has entered lockout mode or is responding slowly to commands, you can reset the lockout value by using the following procedures. Resetting the TPM lockout requires the TPM owner’s authorization. This value is no longer retained by default starting with Windows 10 version 1607 and higher.
+If your TPM has entered lockout mode or is responding slowly to commands, you can reset the lockout value by using the following procedures. Resetting the TPM lockout requires the TPM owner's authorization. This value is no longer retained by default starting with Windows 10 version 1607 and higher.
 
 ## Reset the TPM lockout by using the TPM MMC
 
diff --git a/windows/security/information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md b/windows/security/information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md
index ef5a4ad22d..6e27cc9532 100644
--- a/windows/security/information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md
+++ b/windows/security/information-protection/tpm/switch-pcr-banks-on-tpm-2-0-devices.md
@@ -41,7 +41,7 @@ It is important to note that this binding to PCR values also includes the hashin
 
 When the PCR banks are switched, the algorithm used to compute the hashed values stored in the PCRs during extend operations is changed. Each hash algorithm will return a different cryptographic signature for the same inputs.
 
-As a result, if the currently used PCR bank is switched all keys that have been bound to the previous PCR values will no longer work. For example, if you had a key bound to the SHA-1 value of PCR\[12\] and subsequently changed the PCR bank to SHA-256, the banks wouldn’t match, and you would be unable to use that key. The BitLocker key is secured using the PCR banks and Windows will not be able to unseal it if the PCR banks are switched while BitLocker is enabled.
+As a result, if the currently used PCR bank is switched all keys that have been bound to the previous PCR values will no longer work. For example, if you had a key bound to the SHA-1 value of PCR\[12\] and subsequently changed the PCR bank to SHA-256, the banks wouldn't match, and you would be unable to use that key. The BitLocker key is secured using the PCR banks and Windows will not be able to unseal it if the PCR banks are switched while BitLocker is enabled.
 
 ## What can I do to switch PCRs when BitLocker is already active?
 
diff --git a/windows/security/information-protection/tpm/tpm-fundamentals.md b/windows/security/information-protection/tpm/tpm-fundamentals.md
index 60e31fc6af..e6fafb1224 100644
--- a/windows/security/information-protection/tpm/tpm-fundamentals.md
+++ b/windows/security/information-protection/tpm/tpm-fundamentals.md
@@ -26,7 +26,7 @@ Computers that incorporate a TPM can create cryptographic keys and encrypt them
 
 You can specify whether encryption keys that are created by the TPM can be migrated or not. If you specify that they can be migrated, the public and private portions of the key can be exposed to other components, software, processes, or users. If you specify that encryption keys cannot be migrated, the private portion of the key is never exposed outside the TPM.
 
-Computers that incorporate a TPM can also create a key that is wrapped and tied to certain platform measurements. This type of key can be unwrapped only when those platform measurements have the same values that they had when the key was created. This process is referred to as “sealing the key to the TPM.” Decrypting the key is called unsealing. The TPM can also seal and unseal data that is generated outside the TPM. With this sealed key and software, such as BitLocker Drive Encryption, you can lock data until specific hardware or software conditions are met.
+Computers that incorporate a TPM can also create a key that is wrapped and tied to certain platform measurements. This type of key can be unwrapped only when those platform measurements have the same values that they had when the key was created. This process is referred to as "sealing the key to the TPM." Decrypting the key is called unsealing. The TPM can also seal and unseal data that is generated outside the TPM. With this sealed key and software, such as BitLocker Drive Encryption, you can lock data until specific hardware or software conditions are met.
 
 With a TPM, private portions of key pairs are kept separate from the memory that is controlled by the operating system. Keys can be sealed to the TPM, and certain assurances about the state of a system (assurances that define the trustworthiness of a system) can be made before the keys are unsealed and released for use. The TPM uses its own internal firmware and logic circuits to process instructions. Hence, it doesn't rely on the operating system and it isn't exposed to vulnerabilities that might exist in the operating system or application software.
 
@@ -61,7 +61,7 @@ The Measured Boot feature provides antimalware software with a trusted (resistan
 
 ## TPM-based Virtual Smart Card
 
-The Virtual Smart Card emulates the functionality of traditional smart cards. Virtual Smart Cards use the TPM chip that is available on an organization’s computers, rather than using a separate physical smart card and reader. This greatly reduces the management and deployment cost of smart cards in an enterprise. To the end user, the Virtual Smart Card is always available on the computer. If a user needs to use more than one computer, a Virtual Smart Card must be issued to the user for each computer. A computer that is shared among multiple users can host multiple Virtual Smart Cards, one for each user.
+The Virtual Smart Card emulates the functionality of traditional smart cards. Virtual Smart Cards use the TPM chip that is available on an organization's computers, rather than using a separate physical smart card and reader. This greatly reduces the management and deployment cost of smart cards in an enterprise. To the end user, the Virtual Smart Card is always available on the computer. If a user needs to use more than one computer, a Virtual Smart Card must be issued to the user for each computer. A computer that is shared among multiple users can host multiple Virtual Smart Cards, one for each user.
 
 ## TPM-based certificate storage
 
@@ -93,7 +93,7 @@ When a TPM processes a command, it does so in a protected environment, for examp
 
 TPMs have anti-hammering protection that is designed to prevent brute force attacks, or more complex dictionary attacks, that attempt to determine authorization values for using a key. The basic approach is for the TPM to allow only a limited number of authorization failures before it prevents more attempts to use keys and locks. Providing a failure count for individual keys is not technically practical, so TPMs have a global lockout when too many authorization failures occur.
 
-Because many entities can use the TPM, a single authorization success cannot reset the TPM’s anti-hammering protection. This prevents an attacker from creating a key with a known authorization value and then using it to reset the TPM’s protection. TPMs are designed to forget about authorization failures after a period of time so the TPM does not enter a lockout state unnecessarily. A TPM owner password can be used to reset the TPM’s lockout logic.
+Because many entities can use the TPM, a single authorization success cannot reset the TPM's anti-hammering protection. This prevents an attacker from creating a key with a known authorization value and then using it to reset the TPM's protection. TPMs are designed to forget about authorization failures after a period of time so the TPM does not enter a lockout state unnecessarily. A TPM owner password can be used to reset the TPM's lockout logic.
 
 ### TPM 2.0 anti-hammering
 
@@ -125,7 +125,7 @@ Beginning with Windows 10, version 1703, the minimum length for the BitLocker PI
 
 The Windows TPM-based smart card, which is a virtual smart card, can be configured to allow sign in to the system. In contrast with physical smart cards, the sign-in process uses a TPM-based key with an authorization value. The following list shows the advantages of virtual smart cards:
 
--   Physical smart cards can enforce lockout for only the physical smart card PIN, and they can reset the lockout after the correct PIN is entered. With a virtual smart card, the TPM’s anti-hammering protection is not reset after a successful authentication. The allowed number of authorization failures before the TPM enters lockout includes many factors.
+-   Physical smart cards can enforce lockout for only the physical smart card PIN, and they can reset the lockout after the correct PIN is entered. With a virtual smart card, the TPM's anti-hammering protection is not reset after a successful authentication. The allowed number of authorization failures before the TPM enters lockout includes many factors.
 
 -   Hardware manufacturers and software developers have the option to use the security features of the TPM to meet their requirements.
 
diff --git a/windows/security/information-protection/tpm/tpm-recommendations.md b/windows/security/information-protection/tpm/tpm-recommendations.md
index aab2d0711e..6207a1192c 100644
--- a/windows/security/information-protection/tpm/tpm-recommendations.md
+++ b/windows/security/information-protection/tpm/tpm-recommendations.md
@@ -9,6 +9,7 @@ ms.author: dansimp
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier1
 ms.topic: conceptual
 ms.date: 09/06/2021
 ms.technology: itpro-security
@@ -28,9 +29,9 @@ For a basic feature description of TPM, see the [Trusted Platform Module Technol
 
 ## TPM design and implementation
 
-Traditionally, TPMs are discrete chips soldered to a computer’s motherboard. Such implementations allow the computer’s original equipment manufacturer (OEM) to evaluate and certify the TPM separate from the rest of the system. Discrete TPM implementations are common. However, they can be problematic for integrated devices that are small or have low power consumption. Some newer TPM implementations integrate TPM functionality into the same chipset as other platform components while still providing logical separation similar to discrete TPM chips.
+Traditionally, TPMs are discrete chips soldered to a computer's motherboard. Such implementations allow the computer's original equipment manufacturer (OEM) to evaluate and certify the TPM separate from the rest of the system. Discrete TPM implementations are common. However, they can be problematic for integrated devices that are small or have low power consumption. Some newer TPM implementations integrate TPM functionality into the same chipset as other platform components while still providing logical separation similar to discrete TPM chips.
 
-TPMs are passive: they receive commands and return responses. To realize the full benefit of a TPM, the OEM must carefully integrate system hardware and firmware with the TPM to send it commands and react to its responses. TPMs were originally designed to provide security and privacy benefits to a platform’s owner and users, but newer versions can provide security and privacy benefits to the system hardware itself. Before it can be used for advanced scenarios, however, a TPM must be provisioned. Windows automatically provisions a TPM, but if the user is planning to reinstall the operating system, he or she may need to clear the TPM before reinstalling so that Windows can take full advantage of the TPM.
+TPMs are passive: they receive commands and return responses. To realize the full benefit of a TPM, the OEM must carefully integrate system hardware and firmware with the TPM to send it commands and react to its responses. TPMs were originally designed to provide security and privacy benefits to a platform's owner and users, but newer versions can provide security and privacy benefits to the system hardware itself. Before it can be used for advanced scenarios, however, a TPM must be provisioned. Windows automatically provisions a TPM, but if the user is planning to reinstall the operating system, he or she may need to clear the TPM before reinstalling so that Windows can take full advantage of the TPM.
 
 The Trusted Computing Group (TCG) is the nonprofit organization that publishes and maintains the TPM specification. The TCG exists to develop, define, and promote vendor-neutral, global industry standards. These standards support a hardware-based root of trust for interoperable trusted computing platforms. The TCG also publishes the TPM specification as the international standard ISO/IEC 11889, using the Publicly Available Specification Submission Process that the Joint Technical Committee 1 defines between the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC).
 
diff --git a/windows/security/information-protection/tpm/trusted-platform-module-overview.md b/windows/security/information-protection/tpm/trusted-platform-module-overview.md
index f768669a7c..f484ac475a 100644
--- a/windows/security/information-protection/tpm/trusted-platform-module-overview.md
+++ b/windows/security/information-protection/tpm/trusted-platform-module-overview.md
@@ -9,6 +9,7 @@ ms.author: dansimp
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier1
 ms.topic: conceptual
 adobe-target: true
 ms.technology: itpro-security
@@ -32,7 +33,7 @@ This topic for the IT professional describes the Trusted Platform Module (TPM) a
 
 - Generate, store, and limit the use of cryptographic keys.
 
-- Use TPM technology for platform device authentication by using the TPM’s unique RSA key, which is burned into it.
+- Use TPM technology for platform device authentication by using the TPM's unique RSA key, which is burned into it.
 
 - Help ensure platform integrity by taking and storing security measurements.
 
diff --git a/windows/security/information-protection/tpm/trusted-platform-module-top-node.md b/windows/security/information-protection/tpm/trusted-platform-module-top-node.md
index 300fe10913..ca9f536057 100644
--- a/windows/security/information-protection/tpm/trusted-platform-module-top-node.md
+++ b/windows/security/information-protection/tpm/trusted-platform-module-top-node.md
@@ -8,6 +8,7 @@ ms.author: dansimp
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier1
 ms.topic: conceptual
 ms.date: 09/06/2021
 ms.technology: itpro-security
@@ -29,7 +30,7 @@ Trusted Platform Module (TPM) technology is designed to provide hardware-based,
 | [Trusted Platform Module Overview](trusted-platform-module-overview.md) | Provides an overview of the Trusted Platform Module (TPM) and how Windows uses it for access control and authentication. |
 | [TPM fundamentals](tpm-fundamentals.md) | Provides background about how a TPM can work with cryptographic keys. Also describes technologies that work with the TPM, such as TPM-based virtual smart cards. |
 | [TPM Group Policy settings](trusted-platform-module-services-group-policy-settings.md) | Describes TPM services that can be controlled centrally by using Group Policy settings. |
-| [Back up the TPM recovery information to AD DS](backup-tpm-recovery-information-to-ad-ds.md) | For Windows 10, version 1511 and Windows 10, version 1507 only, describes how to back up a computer’s TPM information to Active Directory Domain Services. |
+| [Back up the TPM recovery information to AD DS](backup-tpm-recovery-information-to-ad-ds.md) | For Windows 10, version 1511 and Windows 10, version 1507 only, describes how to back up a computer's TPM information to Active Directory Domain Services. |
 | [Troubleshoot the TPM](initialize-and-configure-ownership-of-the-tpm.md) | Describes actions you can take through the TPM snap-in, TPM.msc: view TPM status, troubleshoot TPM initialization, and clear keys from the TPM. Also, for TPM 1.2 and Windows 10, version 1507 or 1511, or Windows 11, describes how to turn the TPM on or off. |
 | [Understanding PCR banks on TPM 2.0 devices](switch-pcr-banks-on-tpm-2-0-devices.md) | Provides background about what happens when you switch PCR banks on TPM 2.0 devices. |
 | [TPM recommendations](tpm-recommendations.md) | Discusses aspects of TPMs such as the difference between TPM 1.2 and 2.0, and the Windows features for which a TPM is required or recommended. |
diff --git a/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md b/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md
index af39d39146..d8992b23c1 100644
--- a/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md
+++ b/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 09/06/2021
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/auditing/basic-audit-logon-events.md b/windows/security/threat-protection/auditing/basic-audit-logon-events.md
index 319301f86f..45ec095169 100644
--- a/windows/security/threat-protection/auditing/basic-audit-logon-events.md
+++ b/windows/security/threat-protection/auditing/basic-audit-logon-events.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 09/06/2021
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/auditing/event-4624.md b/windows/security/threat-protection/auditing/event-4624.md
index d505b5d9ef..aab983edfc 100644
--- a/windows/security/threat-protection/auditing/event-4624.md
+++ b/windows/security/threat-protection/auditing/event-4624.md
@@ -14,6 +14,7 @@ ms.author: vinpa
 ms.technology: itpro-security
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: reference
 ---
 
@@ -127,7 +128,7 @@ This event generates when a logon session is created (on destination machine). I
 
 - **Account Name** [Type = UnicodeString]**:** the name of the account that reported information about successful logon.
 
-- **Account Domain** [Type = UnicodeString]**:** subject’s domain or computer name. Formats vary, and include the following:
+- **Account Domain** [Type = UnicodeString]**:** subject's domain or computer name. Formats vary, and include the following:
 
     - Domain NETBIOS name example: CONTOSO
 
@@ -191,7 +192,7 @@ This event generates when a logon session is created (on destination machine). I
 
 - **Account Name** [Type = UnicodeString]**:** the name of the account for which logon was performed.
 
-- **Account Domain** [Type = UnicodeString]**:** subject’s domain or computer name. Formats vary, and include the following:
+- **Account Domain** [Type = UnicodeString]**:** subject's domain or computer name. Formats vary, and include the following:
 
     - Domain NETBIOS name example: CONTOSO
 
@@ -289,7 +290,7 @@ For 4624(S): An account was successfully logged on.
 | **Accounts of different types**: You might want to ensure that certain actions are performed only by certain account types, for example, local or domain account, machine or user account, vendor or employee account, and so on.                                                                                 | If this event corresponds to an action you want to monitor for certain account types, review the **"New Logon\\Security ID"** to see whether the account type is as expected. |
 | **External accounts**: You might be monitoring accounts from another domain, or "external" accounts that are not allowed to perform certain actions (represented by certain specific events).                                                                                                                     | Monitor this event for the **"Subject\\Account Domain"** corresponding to accounts from another domain or "external" accounts.                                                |
 | **Restricted-use computers or devices**: You might have certain computers, machines, or devices on which certain people (accounts) should not typically perform any actions.                                                                                                                                      | Monitor the target **Computer:** (or other target device) for actions performed by the **"New Logon\\Security ID"** that you are concerned about.                             |
-| **Account naming conventions**: Your organization might have specific naming conventions for account names.                                                                                                                                                                                                       | Monitor "**Subject\\Account Name"** for names that don’t comply with naming conventions.                                                                                      |
+| **Account naming conventions**: Your organization might have specific naming conventions for account names.                                                                                                                                                                                                       | Monitor "**Subject\\Account Name"** for names that don't comply with naming conventions.                                                                                      |
 
 - Because this event is typically triggered by the SYSTEM account, we recommend that you report it whenever **"Subject\\Security ID"** is not SYSTEM.
 
diff --git a/windows/security/threat-protection/auditing/event-4625.md b/windows/security/threat-protection/auditing/event-4625.md
index 81657a6361..425447b217 100644
--- a/windows/security/threat-protection/auditing/event-4625.md
+++ b/windows/security/threat-protection/auditing/event-4625.md
@@ -14,6 +14,7 @@ ms.author: vinpa
 ms.technology: itpro-security
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: reference
 ---
 
@@ -28,7 +29,7 @@ ms.topic: reference
 
 This event is logged for any logon failure.
 
-It generates on the computer where logon attempt was made, for example, if logon attempt was made on user’s workstation, then event will be logged on this workstation.
+It generates on the computer where logon attempt was made, for example, if logon attempt was made on user's workstation, then event will be logged on this workstation.
 
 This event generates on domain controllers, member servers, and workstations.
 
@@ -107,11 +108,11 @@ This event generates on domain controllers, member servers, and workstations.
 
     -   Uppercase full domain name: CONTOSO.LOCAL
 
-    -   For some [well-known security principals](/windows/security/identity-protection/access-control/security-identifiers), such as LOCAL SERVICE or ANONYMOUS LOGON, the value of this field is “NT AUTHORITY”.
+    -   For some [well-known security principals](/windows/security/identity-protection/access-control/security-identifiers), such as LOCAL SERVICE or ANONYMOUS LOGON, the value of this field is "NT AUTHORITY".
 
-    -   For local user accounts, this field will contain the name of the computer or device that this account belongs to, for example: “Win81”.
+    -   For local user accounts, this field will contain the name of the computer or device that this account belongs to, for example: "Win81".
 
--   **Logon Type** \[Type = UInt32\]**:** the type of logon that was performed. “Table 11. Windows Logon Types” contains the list of possible values for this field.
+-   **Logon Type** \[Type = UInt32\]**:** the type of logon that was performed. "Table 11. Windows Logon Types" contains the list of possible values for this field.
 
 
     <span id="_Ref433822321" class="anchor"></span>**Table 11: Windows Logon Types**
@@ -146,17 +147,17 @@ This event generates on domain controllers, member servers, and workstations.
 
     -   Uppercase full domain name: CONTOSO.LOCAL
 
-    -   For some [well-known security principals](/windows/security/identity-protection/access-control/security-identifiers), such as LOCAL SERVICE or ANONYMOUS LOGON, the value of this field is “NT AUTHORITY”.
+    -   For some [well-known security principals](/windows/security/identity-protection/access-control/security-identifiers), such as LOCAL SERVICE or ANONYMOUS LOGON, the value of this field is "NT AUTHORITY".
 
-    -   For local user accounts, this field will contain the name of the computer or device that this account belongs to, for example: “Win81”.
+    -   For local user accounts, this field will contain the name of the computer or device that this account belongs to, for example: "Win81".
 
--   **Logon ID** \[Type = HexInt64\]**:** hexadecimal value that can help you correlate this event with recent events that might contain the same Logon ID, for example, “[4624](event-4624.md): An account was successfully logged on.”
+-   **Logon ID** \[Type = HexInt64\]**:** hexadecimal value that can help you correlate this event with recent events that might contain the same Logon ID, for example, "[4624](event-4624.md): An account was successfully logged on."
 
 **Failure Information:**
 
--   **Failure Reason** \[Type = UnicodeString\]**:** textual explanation of **Status** field value. For this event, it typically has “**Account locked out**” value.
+-   **Failure Reason** \[Type = UnicodeString\]**:** textual explanation of **Status** field value. For this event, it typically has "**Account locked out**" value.
 
--   **Status** \[Type = HexInt32\]**:** the reason why logon failed. For this event, it typically has “**0xC0000234**” value. The most common status codes are listed in Table 12. Windows logon status codes.
+-   **Status** \[Type = HexInt32\]**:** the reason why logon failed. For this event, it typically has "**0xC0000234**" value. The most common status codes are listed in Table 12. Windows logon status codes.
 
     <span id="_Ref433822658" class="anchor"></span>**Table 12: Windows logon status codes.**
 
@@ -189,7 +190,7 @@ This event generates on domain controllers, member servers, and workstations.
 
 More information: <https://dev.windows.com/en-us/downloads>
 
--   **Sub Status** \[Type = HexInt32\]**:** additional information about logon failure. The most common substatus codes listed in the “Table 12. Windows logon status codes.”.
+-   **Sub Status** \[Type = HexInt32\]**:** additional information about logon failure. The most common substatus codes listed in the "Table 12. Windows logon status codes.".
 
 **Process Information:**
 
@@ -199,7 +200,7 @@ More information: <https://dev.windows.com/en-us/downloads>
 
     If you convert the hexadecimal value to decimal, you can compare it to the values in Task Manager.
 
-    You can also correlate this process ID with a process ID in other events, for example, “[4688](event-4688.md): A new process has been created” **Process Information\\New Process ID**.
+    You can also correlate this process ID with a process ID in other events, for example, "[4688](event-4688.md): A new process has been created" **Process Information\\New Process ID**.
 
 -   **Caller Process Name** \[Type = UnicodeString\]**:** full path and the name of the executable for the process.
 
@@ -219,9 +220,9 @@ More information: <https://dev.windows.com/en-us/downloads>
 
 **Detailed Authentication Information:**
 
--   **Logon Process** \[Type = UnicodeString\]**:** the name of the trusted logon process that was used for the logon attempt. See event “[4611](event-4611.md): A trusted logon process has been registered with the Local Security Authority” description for more information.
+-   **Logon Process** \[Type = UnicodeString\]**:** the name of the trusted logon process that was used for the logon attempt. See event "[4611](event-4611.md): A trusted logon process has been registered with the Local Security Authority" description for more information.
 
--   **Authentication Package** \[Type = UnicodeString\]**:** The name of the authentication package that was used for the logon authentication process. Default packages loaded on LSA startup are located in “HKLM\\SYSTEM\\CurrentControlSet\\Control\\Lsa\\OSConfig” registry key. Other packages can be loaded at runtime. When a new package is loaded a “[4610](event-4610.md): An authentication package has been loaded by the Local Security Authority” (typically for NTLM) or “[4622](event-4622.md): A security package has been loaded by the Local Security Authority” (typically for Kerberos) event is logged to indicate that a new package has been loaded along with the package name. The most common authentication packages are:
+-   **Authentication Package** \[Type = UnicodeString\]**:** The name of the authentication package that was used for the logon authentication process. Default packages loaded on LSA startup are located in "HKLM\\SYSTEM\\CurrentControlSet\\Control\\Lsa\\OSConfig" registry key. Other packages can be loaded at runtime. When a new package is loaded a "[4610](event-4610.md): An authentication package has been loaded by the Local Security Authority" (typically for NTLM) or "[4622](event-4622.md): A security package has been loaded by the Local Security Authority" (typically for Kerberos) event is logged to indicate that a new package has been loaded along with the package name. The most common authentication packages are:
 
     -   **NTLM** – NTLM-family Authentication
 
@@ -233,15 +234,15 @@ More information: <https://dev.windows.com/en-us/downloads>
 
 -   **Package Name (NTLM only)** \[Type = UnicodeString\]**:** The name of the LAN Manager subpackage ([NTLM-family](/openspecs/windows_protocols/ms-nlmp/c50a85f0-5940-42d8-9e82-ed206902e919) protocol name) that was used during the logon attempt. Possible values are:
 
-    -   “NTLM V1”
+    -   "NTLM V1"
 
-    -   “NTLM V2”
+    -   "NTLM V2"
 
-    -   “LM”
+    -   "LM"
 
-        Only populated if “**Authentication Package” = “NTLM”**.
+        Only populated if "**Authentication Package" = "NTLM"**.
 
--   **Key Length** \[Type = UInt32\]**:** the length of [NTLM Session Security](/openspecs/windows_protocols/ms-nlmp/99d90ff4-957f-4c8a-80e4-5bfe5a9a9832) key. Typically, it has a length of 128 bits or 56 bits. This parameter is always 0 if **"Authentication Package" = "Kerberos"**, because it is not applicable for Kerberos protocol. This field will also have “0” value if Kerberos was negotiated using **Negotiate** authentication package.
+-   **Key Length** \[Type = UInt32\]**:** the length of [NTLM Session Security](/openspecs/windows_protocols/ms-nlmp/99d90ff4-957f-4c8a-80e4-5bfe5a9a9832) key. Typically, it has a length of 128 bits or 56 bits. This parameter is always 0 if **"Authentication Package" = "Kerberos"**, because it is not applicable for Kerberos protocol. This field will also have "0" value if Kerberos was negotiated using **Negotiate** authentication package.
 
 ## Security Monitoring Recommendations
 
@@ -250,19 +251,19 @@ For 4625(F): An account failed to log on.
 > [!IMPORTANT]
 > For this event, also see [Appendix A: Security monitoring recommendations for many audit events](appendix-a-security-monitoring-recommendations-for-many-audit-events.md).
 
--   If you have a pre-defined “**Process Name**” for the process reported in this event, monitor all events with “**Process Name**” not equal to your defined value.
+-   If you have a pre-defined "**Process Name**" for the process reported in this event, monitor all events with "**Process Name**" not equal to your defined value.
 
--   You can monitor to see if “**Process Name**” is not in a standard folder (for example, not in **System32** or **Program Files**) or is in a restricted folder (for example, **Temporary Internet Files**).
+-   You can monitor to see if "**Process Name**" is not in a standard folder (for example, not in **System32** or **Program Files**) or is in a restricted folder (for example, **Temporary Internet Files**).
 
 <!-- -->
 
--   If you have a pre-defined list of restricted substrings or words in process names (for example, “**mimikatz**” or “**cain.exe**”), check for these substrings in “**Process Name**.”
+-   If you have a pre-defined list of restricted substrings or words in process names (for example, "**mimikatz**" or "**cain.exe**"), check for these substrings in "**Process Name**."
 
 -   If **Subject\\Account Name** is a name of service account or user account, it may be useful to investigate whether that account is allowed (or expected) to request logon for **Account For Which Logon Failed\\Security ID**.
 
 -   To monitor for a mismatch between the logon type and the account that uses it (for example, if **Logon Type** 4-Batch or 5-Service is used by a member of a domain administrative group), monitor **Logon Type** in this event.
 
--   If you have a high-value domain or local account for which you need to monitor every lockout, monitor all [4625](event-4625.md) events with the **“Subject\\Security ID”** that corresponds to the account.
+-   If you have a high-value domain or local account for which you need to monitor every lockout, monitor all [4625](event-4625.md) events with the **"Subject\\Security ID"** that corresponds to the account.
 
 -   We recommend monitoring all [4625](event-4625.md) events for local accounts, because these accounts typically should not be locked out. Monitoring is especially relevant for critical servers, administrative workstations, and other high-value assets.
 
@@ -270,7 +271,7 @@ For 4625(F): An account failed to log on.
 
 -   If your organization restricts logons in the following ways, you can use this event to monitor accordingly:
 
-    -   If the **“Account For Which Logon Failed \\Security ID”** should never be used to log on from the specific **Network Information\\Workstation Name**.
+    -   If the **"Account For Which Logon Failed \\Security ID"** should never be used to log on from the specific **Network Information\\Workstation Name**.
 
     -   If a specific account, such as a service account, should only be used from your internal IP address list (or some other list of IP addresses). In this case, you can monitor for **Network Information\\Source Network Address** and compare the network address with your list of IP addresses.
 
@@ -286,14 +287,14 @@ For 4625(F): An account failed to log on.
 
     |  Field                                                                         | Value to monitor for                                                                                                                                                                                |
     |----------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0XC000005E – “There are currently no logon servers available to service the logon request.” <br>This issue is typically not a security issue, but it can be an infrastructure or availability issue. |
-    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0xC0000064 – “User logon with misspelled or bad user account”. <br>Especially if you get several of these events in a row, it can be a sign of a user enumeration attack.                             |
-    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0xC000006A – “User logon with misspelled or bad password” for critical accounts or service accounts. <br>Especially watch for a number of such events in a row.                               |
-    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0XC000006D – “This is either due to a bad username or authentication information” for critical accounts or service accounts. <br>Especially watch for a number of such events in a row.       |
-    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0xC000006F – “User logon outside authorized hours”.                                                                                                                                                 |
-    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0xC0000070 – “User logon from unauthorized workstation”.                                                                                                                                            |
-    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0xC0000072 – “User logon to account disabled by administrator”.                                                                                                                                     |
-    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0XC000015B – “The user has not been granted the requested logon type (aka logon right) at this machine”.                                                                                            |
-    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0XC0000192 – “An attempt was made to logon, but the Netlogon service was not started”. <br>This issue is typically not a security issue but it can be an infrastructure or availability issue.      |
-    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0xC0000193 – “User logon with expired account”.                                                                                                                                                     |
-    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0XC0000413 – “Logon Failure: The machine you are logging onto is protected by an authentication firewall. The specified account is not allowed to authenticate to the machine”.                     |
+    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0XC000005E – "There are currently no logon servers available to service the logon request." <br>This issue is typically not a security issue, but it can be an infrastructure or availability issue. |
+    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0xC0000064 – "User logon with misspelled or bad user account". <br>Especially if you get several of these events in a row, it can be a sign of a user enumeration attack.                             |
+    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0xC000006A – "User logon with misspelled or bad password" for critical accounts or service accounts. <br>Especially watch for a number of such events in a row.                               |
+    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0XC000006D – "This is either due to a bad username or authentication information" for critical accounts or service accounts. <br>Especially watch for a number of such events in a row.       |
+    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0xC000006F – "User logon outside authorized hours".                                                                                                                                                 |
+    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0xC0000070 – "User logon from unauthorized workstation".                                                                                                                                            |
+    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0xC0000072 – "User logon to account disabled by administrator".                                                                                                                                     |
+    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0XC000015B – "The user has not been granted the requested logon type (aka logon right) at this machine".                                                                                            |
+    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0XC0000192 – "An attempt was made to logon, but the Netlogon service was not started". <br>This issue is typically not a security issue but it can be an infrastructure or availability issue.      |
+    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0xC0000193 – "User logon with expired account".                                                                                                                                                     |
+    | **Failure Information\\Status** or <br>**Failure Information\\Sub Status** | 0XC0000413 – "Logon Failure: The machine you are logging onto is protected by an authentication firewall. The specified account is not allowed to authenticate to the machine".                     |
diff --git a/windows/security/threat-protection/auditing/event-4771.md b/windows/security/threat-protection/auditing/event-4771.md
index 3ca1095e98..2cefaaced0 100644
--- a/windows/security/threat-protection/auditing/event-4771.md
+++ b/windows/security/threat-protection/auditing/event-4771.md
@@ -14,6 +14,7 @@ ms.author: vinpa
 ms.technology: itpro-security
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: reference
 ---
 
@@ -26,11 +27,11 @@ ms.topic: reference
 
 ***Event Description:***
 
-This event generates every time the Key Distribution Center fails to issue a Kerberos Ticket Granting Ticket (TGT). This problem can occur when a domain controller doesn’t have a certificate installed for smart card authentication (for example, with a “Domain Controller” or “Domain Controller Authentication” template), the user’s password has expired, or the wrong password was provided.
+This event generates every time the Key Distribution Center fails to issue a Kerberos Ticket Granting Ticket (TGT). This problem can occur when a domain controller doesn't have a certificate installed for smart card authentication (for example, with a "Domain Controller" or "Domain Controller Authentication" template), the user's password has expired, or the wrong password was provided.
 
 This event generates only on domain controllers.
 
-This event is not generated if “Do not require Kerberos preauthentication” option is set for the account.
+This event is not generated if "Do not require Kerberos preauthentication" option is set for the account.
 
 > **Note**&nbsp;&nbsp;For recommendations, see [Security Monitoring Recommendations](#security-monitoring-recommendations) for this event.
 
@@ -127,7 +128,7 @@ This event is not generated if “Do not require Kerberos preauthentication” o
 
     -   Using **MSB 0**-bit numbering, we have bit 1, 8, 15 and 27 set = Forwardable, Renewable, Canonicalize, Renewable-ok.
 
-> **Note**&nbsp;&nbsp;In the table below **“MSB 0”** bit numbering is used, because RFC documents use this style. In “MSB 0” style bit numbering begins from left.<br><img src="images/msb.png" alt="MSB illustration" width="224" height="57" />
+> **Note**&nbsp;&nbsp;In the table below **"MSB 0"** bit numbering is used, because RFC documents use this style. In "MSB 0" style bit numbering begins from left.<br><img src="images/msb.png" alt="MSB illustration" width="224" height="57" />
 
 The most common values:
 
@@ -185,14 +186,14 @@ The most common values:
 | 0xd         | KDC\_ERR\_BADOPTION                       | KDC cannot accommodate requested option         |
 | 0xe         | KDC\_ERR\_ETYPE\_NOSUPP                   | KDC has no support for encryption type          |
 | 0xf         | KDC\_ERR\_SUMTYPE\_NOSUPP                 | KDC has no support for checksum type            |
-| 0x10         | KDC\_ERR\_PADATA\_TYPE\_NOSUPP            | KDC has no support for PADATA type (pre-authentication data)|Smart card logon is being attempted and the proper certificate cannot be located. This problem can happen because the wrong certification authority (CA) is being queried or the proper CA cannot be contacted in order to get Domain Controller or Domain Controller Authentication certificates for the domain controller.<br>It can also happen when a domain controller doesn’t have a certificate installed for smart cards (Domain Controller or Domain Controller Authentication templates).
+| 0x10         | KDC\_ERR\_PADATA\_TYPE\_NOSUPP            | KDC has no support for PADATA type (pre-authentication data)|Smart card logon is being attempted and the proper certificate cannot be located. This problem can happen because the wrong certification authority (CA) is being queried or the proper CA cannot be contacted in order to get Domain Controller or Domain Controller Authentication certificates for the domain controller.<br>It can also happen when a domain controller doesn't have a certificate installed for smart cards (Domain Controller or Domain Controller Authentication templates).
 | 0x11         | KDC\_ERR\_TRTYPE\_NOSUPP                  | KDC has no support for transited type           |
 | 0x12         | KDC\_ERR\_CLIENT\_REVOKED                 | Clients credentials have been revoked           |
 | 0x13         | KDC\_ERR\_SERVICE\_REVOKED                | Credentials for server have been revoked        |
 | 0x14         | KDC\_ERR\_TGT\_REVOKED                    | TGT has been revoked                            |
 | 0x15         | KDC\_ERR\_CLIENT\_NOTYET                  | Client not yet valid; try again later           |
 | 0x16         | KDC\_ERR\_SERVICE\_NOTYET                 | Server not yet valid; try again later           |
-| 0x17         | KDC\_ERR\_KEY\_EXPIRED                    | Password has expired—change password to reset   |The user’s password has expired.
+| 0x17         | KDC\_ERR\_KEY\_EXPIRED                    | Password has expired—change password to reset   |The user's password has expired.
 | 0x18         | KDC\_ERR\_PREAUTH\_FAILED                 | Pre-authentication information was invalid      |The wrong password was provided.
 | 0x19         | KDC\_ERR\_PREAUTH\_REQUIRED               | Additional pre-authentication required          |
 | 0x1a         | KDC\_ERR\_SERVER\_NOMATCH                 | Requested server and ticket don't match         |
@@ -260,9 +261,9 @@ The most common values:
 
 - **Certificate Issuer Name** \[Type = UnicodeString\]**:** the name of Certification Authority that issued smart card certificate. Populated in **Issued by** field in certificate. Always empty for [4771](event-4771.md) events.
 
-- **Certificate Serial Number** \[Type = UnicodeString\]**:** smart card certificate’s serial number. Can be found in **Serial number** field in the certificate. Always empty for [4771](event-4771.md) events.
+- **Certificate Serial Number** \[Type = UnicodeString\]**:** smart card certificate's serial number. Can be found in **Serial number** field in the certificate. Always empty for [4771](event-4771.md) events.
 
-- **Certificate Thumbprint** \[Type = UnicodeString\]**:** smart card certificate’s thumbprint. Can be found in **Thumbprint** field in the certificate. Always empty for [4771](event-4771.md) events.
+- **Certificate Thumbprint** \[Type = UnicodeString\]**:** smart card certificate's thumbprint. Can be found in **Thumbprint** field in the certificate. Always empty for [4771](event-4771.md) events.
 
 ## Security Monitoring Recommendations
 
@@ -270,11 +271,11 @@ For 4771(F): Kerberos pre-authentication failed.
 
 | **Type of monitoring required**                                                                                                                                                                                                                                                                                   | **Recommendation**                                                                                                                                                 |
 |-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.<br>Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Security ID”** that corresponds to the high-value account or accounts.                                                              |
-| **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours.                                                                                | When you monitor for anomalies or malicious actions, use the **“Security ID”** (with other information) to monitor how or when a particular account is being used. |
-| **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used.                                                                                                                                                                                     | Monitor this event with the **“Security ID”** that corresponds to the accounts that should never be used.                                                          |
-| **Account allow list**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events.                                                                                                                                                      | If this event corresponds to a “allow list-only” action, review the **“Security ID”** for accounts that are outside the allow list.                                  |
-| **Account naming conventions**: Your organization might have specific naming conventions for account names.                                                                                                                                                                                                       | Monitor “**Subject\\Account Name”** for names that don’t comply with naming conventions.                                                                           |
+| **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.<br>Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **"Security ID"** that corresponds to the high-value account or accounts.                                                              |
+| **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours.                                                                                | When you monitor for anomalies or malicious actions, use the **"Security ID"** (with other information) to monitor how or when a particular account is being used. |
+| **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used.                                                                                                                                                                                     | Monitor this event with the **"Security ID"** that corresponds to the accounts that should never be used.                                                          |
+| **Account allow list**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events.                                                                                                                                                      | If this event corresponds to a "allow list-only" action, review the **"Security ID"** for accounts that are outside the allow list.                                  |
+| **Account naming conventions**: Your organization might have specific naming conventions for account names.                                                                                                                                                                                                       | Monitor "**Subject\\Account Name"** for names that don't comply with naming conventions.                                                                           |
 
 -   You can track all [4771](event-4771.md) events where the **Client Address** is not from your internal IP range or not from private IP ranges.
 
diff --git a/windows/security/threat-protection/auditing/event-4776.md b/windows/security/threat-protection/auditing/event-4776.md
index e411b647ce..ad57e347c4 100644
--- a/windows/security/threat-protection/auditing/event-4776.md
+++ b/windows/security/threat-protection/auditing/event-4776.md
@@ -14,6 +14,7 @@ ms.author: vinpa
 ms.technology: itpro-security
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: reference
 ---
 
@@ -34,11 +35,11 @@ It shows successful and unsuccessful credential validation attempts.
 
 It shows only the computer name (**Source Workstation**) from which the authentication attempt was performed (authentication source). For example, if you authenticate from CLIENT-1 to SERVER-1 using a domain account you'll see CLIENT-1 in the **Source Workstation** field. Information about the destination computer (SERVER-1) isn't presented in this event.
 
-If a credential validation attempt fails, you'll see a Failure event with **Error Code** parameter value not equal to “**0x0**”.
+If a credential validation attempt fails, you'll see a Failure event with **Error Code** parameter value not equal to "**0x0**".
 
 The main advantage of this event is that on domain controllers you can see all authentication attempts for domain accounts when NTLM authentication was used.
 
-For monitoring local account logon attempts, it's better to use event “[4624](event-4624.md): An account was successfully logged on” because it contains more details and is more informative.
+For monitoring local account logon attempts, it's better to use event "[4624](event-4624.md): An account was successfully logged on" because it contains more details and is more informative.
 
 This event also generates when a workstation unlock event occurs.
 
@@ -85,7 +86,7 @@ This event does *not* generate when a domain account logs on locally to a domain
 
 ***Field Descriptions:***
 
--   **Authentication Package** \[Type = UnicodeString\]: the name of [Authentication Package](/windows/win32/secauthn/authentication-packages) that was used for credential validation. It's always “**MICROSOFT\_AUTHENTICATION\_PACKAGE\_V1\_0**” for [4776](event-4776.md) event.
+-   **Authentication Package** \[Type = UnicodeString\]: the name of [Authentication Package](/windows/win32/secauthn/authentication-packages) that was used for credential validation. It's always "**MICROSOFT\_AUTHENTICATION\_PACKAGE\_V1\_0**" for [4776](event-4776.md) event.
 
 > **Note**&nbsp;&nbsp;**Authentication package** is a DLL that encapsulates the authentication logic used to determine whether to permit a user to log on. [Local Security Authority](/windows/win32/secgloss/l-gly#_security_local_security_authority_gly) (LSA) authenticates a user logon by sending the request to an authentication package. The authentication package then examines the logon information and either authenticates or rejects the user logon attempt.
 
@@ -101,7 +102,7 @@ This event does *not* generate when a domain account logs on locally to a domain
 
 -   **Source Workstation** \[Type = UnicodeString\]: the name of the computer from which the logon attempt originated.
 
--   **Error Code** \[Type = HexInt32\]: contains error code for Failure events. For Success events this parameter has “**0x0**” value. The table below contains most common error codes for this event:
+-   **Error Code** \[Type = HexInt32\]: contains error code for Failure events. For Success events this parameter has "**0x0**" value. The table below contains most common error codes for this event:
 
 | Error Code | Description                                                                                                                                                                                                                                                                               |
 |------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
@@ -126,16 +127,16 @@ For 4776(S, F): The computer attempted to validate the credentials for an accoun
 
 | **Type of monitoring required**     | **Recommendation**          |
 |-----------------|---------|
-| **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.<br>Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **“Logon Account”** that corresponds to the high-value account or accounts.        |
-| **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours.                                                                                | When you monitor for anomalies or malicious actions, use the **“Logon Account”** value (with other information) to monitor how or when a particular account is being used.<br>To monitor activity of specific user accounts outside of working hours, monitor the appropriate **Logon Account + Source Workstation** pairs. |
-| **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **“Logon Account”** that should never be used.   |
-| **Account allow list**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events.   | If this event corresponds to a “allow list-only” action, review the **“Logon Account”** for accounts that are outside the allow list.     |
-| **Restricted-use computers**: You might have certain computers from which certain people (accounts) shouldn't log on.   | Monitor the target **Source Workstation** for credential validation requests from the **“Logon Account”** that you're concerned about.  |
-| **Account naming conventions**: Your organization might have specific naming conventions for account names.  | Monitor “**Logon Account”** for names that don’t comply with naming conventions. |
+| **High-value accounts**: You might have high-value domain or local accounts for which you need to monitor each action.<br>Examples of high-value accounts are database administrators, built-in local administrator account, domain administrators, service accounts, domain controller accounts and so on. | Monitor this event with the **"Logon Account"** that corresponds to the high-value account or accounts.        |
+| **Anomalies or malicious actions**: You might have specific requirements for detecting anomalies or monitoring potential malicious actions. For example, you might need to monitor for use of an account outside of working hours.                                                                                | When you monitor for anomalies or malicious actions, use the **"Logon Account"** value (with other information) to monitor how or when a particular account is being used.<br>To monitor activity of specific user accounts outside of working hours, monitor the appropriate **Logon Account + Source Workstation** pairs. |
+| **Non-active accounts**: You might have non-active, disabled, or guest accounts, or other accounts that should never be used. | Monitor this event with the **"Logon Account"** that should never be used.   |
+| **Account allow list**: You might have a specific allow list of accounts that are the only ones allowed to perform actions corresponding to particular events.   | If this event corresponds to a "allow list-only" action, review the **"Logon Account"** for accounts that are outside the allow list.     |
+| **Restricted-use computers**: You might have certain computers from which certain people (accounts) shouldn't log on.   | Monitor the target **Source Workstation** for credential validation requests from the **"Logon Account"** that you're concerned about.  |
+| **Account naming conventions**: Your organization might have specific naming conventions for account names.  | Monitor "**Logon Account"** for names that don't comply with naming conventions. |
 
--   If NTLM authentication shouldn't be used for a specific account, monitor for that account. Don’t forget that local logon will always use NTLM authentication if an account logs on to a device where its user account is stored.
+-   If NTLM authentication shouldn't be used for a specific account, monitor for that account. Don't forget that local logon will always use NTLM authentication if an account logs on to a device where its user account is stored.
 
--   You can use this event to collect all NTLM authentication attempts in the domain, if needed. Don’t forget that local logon will always use NTLM authentication if the account logs on to a device where its user account is stored.
+-   You can use this event to collect all NTLM authentication attempts in the domain, if needed. Don't forget that local logon will always use NTLM authentication if the account logs on to a device where its user account is stored.
 
 -   If a local account should be used only locally (for example, network logon or terminal services logon isn't allowed), you need to monitor for all events where **Source Workstation** and **Computer** (where the event was generated and where the credentials are stored) have different values.
 
diff --git a/windows/security/threat-protection/auditing/view-the-security-event-log.md b/windows/security/threat-protection/auditing/view-the-security-event-log.md
index ebf21e1e50..3985c12068 100644
--- a/windows/security/threat-protection/auditing/view-the-security-event-log.md
+++ b/windows/security/threat-protection/auditing/view-the-security-event-log.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 09/09/2021
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md
index 003104ce73..9c1feb7d06 100644
--- a/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md
+++ b/windows/security/threat-protection/device-guard/enable-virtualization-based-protection-of-code-integrity.md
@@ -10,6 +10,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier2
 ms.topic: conceptual
 ms.date: 12/16/2021
 ms.reviewer: 
@@ -77,7 +78,7 @@ Set the following registry keys to enable HVCI. These keys provide exactly the s
 
 > [!IMPORTANT]
 >
-> - Among the commands that follow, you can choose settings for **Secure Boot** and **Secure Boot with DMA**. In most situations, we recommend that you choose **Secure Boot**. This option provides Secure Boot with as much protection as is supported by a given computer’s hardware. A computer with input/output memory management units (IOMMUs) will have Secure Boot with DMA protection. A computer without IOMMUs will simply have Secure Boot enabled.
+> - Among the commands that follow, you can choose settings for **Secure Boot** and **Secure Boot with DMA**. In most situations, we recommend that you choose **Secure Boot**. This option provides Secure Boot with as much protection as is supported by a given computer's hardware. A computer with input/output memory management units (IOMMUs) will have Secure Boot with DMA protection. A computer without IOMMUs will simply have Secure Boot enabled.
 >
 > - In contrast, with **Secure Boot with DMA**, the setting will enable Secure Boot—and VBS itself—only on a computer that supports DMA, that is, a computer with IOMMUs. With this setting, any computer without IOMMUs will not have VBS or HVCI protection, although it can still have Windows Defender Application Control enabled.
 >
diff --git a/windows/security/threat-protection/fips-140-validation.md b/windows/security/threat-protection/fips-140-validation.md
index 7b0d87f42e..4f3fd11f90 100644
--- a/windows/security/threat-protection/fips-140-validation.md
+++ b/windows/security/threat-protection/fips-140-validation.md
@@ -8,6 +8,7 @@ ms.author: paoloma
 author: paolomatarazzo
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: article
 ms.localizationpriority: medium
 ms.reviewer: 
@@ -133,7 +134,7 @@ Validated Editions: Home, Pro, Enterprise, Education, S, Surface Hub, Mobile
 |Boot Manager|[10.0.15063][sp-3089]|[#3089][certificate-3089]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); CKG (vendor affirmed); HMAC (Cert. [#3061][hmac-3061]); PBKDF (vendor affirmed); RSA (Cert. [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>Other algorithms: PBKDF (vendor affirmed); VMK KDF (vendor affirmed)|
 |Windows OS Loader|[10.0.15063][sp-3090]|[#3090][certificate-3090]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); RSA (Cert. [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>[Other algorithms: NDRNG][certificate-3090]|
 |Windows Resume <sup>[1]</sup>|[10.0.15063][sp-3091]|[#3091][certificate-3091]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); RSA (Cert. [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790])|
-|BitLocker® Dump Filter <sup>[2]</sup>|[10.0.15063][sp-3092]|[#3092][certificate-3092]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); RSA (Cert. [#2522][rsa-2522]); SHS (Cert. [#3790][shs-3790])|
+|BitLocker&reg; Dump Filter <sup>[2]</sup>|[10.0.15063][sp-3092]|[#3092][certificate-3092]|FIPS approved algorithms: AES (Certs. [#4624][aes-4624] and [#4625][aes-4625]); RSA (Cert. [#2522][rsa-2522]); SHS (Cert. [#3790][shs-3790])|
 |Code Integrity (ci.dll)|[10.0.15063][sp-3093]|[#3093][certificate-3093]|FIPS approved algorithms: AES (Cert. [#4624][aes-4624]); RSA (Certs. [#2522][rsa-2522] and [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v1.5 - RSASP1 Signature Primitive (Cert. [#1282][component-1282])|
 |Secure Kernel Code Integrity (skci.dll)<sup>[3]</sup>|[10.0.15063][sp-3096]|[#3096][certificate-3096]|FIPS approved algorithms: AES (Cert. [#4624][aes-4624]); RSA (Certs. [#2522][rsa-2522] and [#2523][rsa-2523]); SHS (Cert. [#3790][shs-3790]<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v1.5 - RSASP1 Signature Primitive (Cert. [#1282][component-1282])|
 
@@ -156,9 +157,9 @@ Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile
 |Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.14393][sp-2937]|[#2937][certificate-2937]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#922][component-922]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#887][component-887]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#886][component-886])|
 |Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.14393][sp-2936]|[#2936][certificate-2936]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#922][component-922]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#887][component-887])|
 |Boot Manager|[10.0.14393][sp-2931]|[#2931][certificate-2931]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); HMAC (Cert. [#2651][hmac-2651]); PBKDF (vendor affirmed); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5; PBKDF (non-compliant); VMK KDF|
-|BitLocker® Windows OS Loader (winload)|[10.0.14393][sp-2932]|[#2932][certificate-2932]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: NDRNG; MD5|
-|BitLocker® Windows Resume (winresume)<sup>[1]</sup>|[10.0.14393][sp-2933]|[#2933][certificate-2933]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (dumpfve.sys)<sup>[2]</sup>|[10.0.14393][sp-2934]|[#2934][certificate-2934]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064])|
+|BitLocker&reg; Windows OS Loader (winload)|[10.0.14393][sp-2932]|[#2932][certificate-2932]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: NDRNG; MD5|
+|BitLocker&reg; Windows Resume (winresume)<sup>[1]</sup>|[10.0.14393][sp-2933]|[#2933][certificate-2933]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5|
+|BitLocker&reg; Dump Filter (dumpfve.sys)<sup>[2]</sup>|[10.0.14393][sp-2934]|[#2934][certificate-2934]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064])|
 |Code Integrity (ci.dll)|[10.0.14393][sp-2935]|[#2935][certificate-2935]|FIPS approved algorithms: RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: AES (non-compliant); MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888])|
 |Secure Kernel Code Integrity (skci.dll)<sup>[3]</sup>|[10.0.14393][sp-2938]|[#2938][certificate-2938]|FIPS approved algorithms: RSA (Certs. [#2193][rsa-2193]); SHS (Certs. [#3347][shs-3347])<p>Other algorithms: MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#888][component-888])|
 
@@ -180,9 +181,9 @@ Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, Surface Hub
 |Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.10586][sp-2605]|[#2606][certificate-2606]|FIPS approved algorithms: AES (Certs. [#3629][aes-3629]); DRBG (Certs. [#955][drbg-955]); DSA (Certs. [#1024][dsa-1024]); ECDSA (Certs. [#760][ecdsa-760]); HMAC (Certs. [#2381][hmac-2381]); KAS (Certs. [#72][kas-72]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#72][kdf-72]); KTS (AES Certs. [#3653][aes-3653]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1887][rsa-1887], [#1888, and #1889][rsa-1888]); SHS (Certs. [#3047][shs-3047]); Triple-DES (Certs. [#2024][tdes-2024])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#666][component-666]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#663][component-663]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#664][component-664])|
 |Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.10586][sp-2605]|[#2605][certificate-2605]|FIPS approved algorithms: AES (Certs. [#3629][aes-3629]); DRBG (Certs. [#955][drbg-955]); DSA (Certs.  [#1024][dsa-1024]); ECDSA (Certs. [#760][ecdsa-760]); HMAC (Certs. [#2381][hmac-2381]); KAS (Certs. [#72][kas-72]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#72][kdf-72]); KTS (AES Certs. [#3653][aes-3653]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1887][rsa-1887], [#1888, and #1889][rsa-1888]); SHS (Certs. [#3047][shs-3047]); Triple-DES (Certs. [#2024][tdes-2024])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#666][component-666]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#663][component-663])|
 |Boot Manager <sup>[4]</sup>|[10.0.10586][sp-2700]|[#2700][certificate-2700]|FIPS approved algorithms: AES (Certs. [#3653][aes-3653]); HMAC (Cert. [#2381][hmac-2381]); PBKDF (vendor affirmed); RSA (Cert. [#1871][rsa-1871]); SHS (Certs. [#3047][shs-3047] and [#3048][shs-3048])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
-|BitLocker® Windows OS Loader (winload)<sup>[5]</sup>|[10.0.10586][sp-2701]|[#2701][certificate-2701]|FIPS approved algorithms: AES (Certs. [#3629][aes-3629] and [#3653][aes-3653]); RSA (Cert. [#1871][rsa-1871]); SHS (Cert. [#3048][shs-3048])<p>Other algorithms: MD5; NDRNG|
-|BitLocker® Windows Resume (winresume)<sup>[6]</sup>|[10.0.10586][sp-2702]|[#2702][certificate-2702]|FIPS approved algorithms: AES (Certs. [#3653][aes-3653]); RSA (Cert. [#1871][rsa-1871]); SHS (Cert. [#3048][shs-3048])<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (dumpfve.sys)<sup>[7]</sup>|[10.0.10586][sp-2703]|[#2703][certificate-2703]|FIPS approved algorithms: AES (Certs. [#3653][aes-3653])|
+|BitLocker&reg; Windows OS Loader (winload)<sup>[5]</sup>|[10.0.10586][sp-2701]|[#2701][certificate-2701]|FIPS approved algorithms: AES (Certs. [#3629][aes-3629] and [#3653][aes-3653]); RSA (Cert. [#1871][rsa-1871]); SHS (Cert. [#3048][shs-3048])<p>Other algorithms: MD5; NDRNG|
+|BitLocker&reg; Windows Resume (winresume)<sup>[6]</sup>|[10.0.10586][sp-2702]|[#2702][certificate-2702]|FIPS approved algorithms: AES (Certs. [#3653][aes-3653]); RSA (Cert. [#1871][rsa-1871]); SHS (Cert. [#3048][shs-3048])<p>Other algorithms: MD5|
+|BitLocker&reg; Dump Filter (dumpfve.sys)<sup>[7]</sup>|[10.0.10586][sp-2703]|[#2703][certificate-2703]|FIPS approved algorithms: AES (Certs. [#3653][aes-3653])|
 |Code Integrity (ci.dll)|[10.0.10586][sp-2604]|[#2604][certificate-2604]|FIPS approved algorithms: RSA (Certs. [#1871][rsa-1871]); SHS (Certs. [#3048][shs-3048])<p>Other algorithms: AES (non-compliant); MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665])|
 |Secure Kernel Code Integrity (skci.dll)<sup>[8]</sup>|[10.0.10586][sp-2607]|[#2607][certificate-2607]|FIPS approved algorithms: RSA (Certs. [#1871][rsa-1871]); SHS (Certs. [#3048][shs-3048])<p>Other algorithms: MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#665][component-665])|
 
@@ -208,9 +209,9 @@ Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, and Surface
 |Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.10240][sp-2605]|#[2606][certificate-2606]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497]); DRBG (Certs. [#868][drbg-868]); DSA (Certs. [#983][dsa-983]); ECDSA (Certs. [#706][ecdsa-706]); HMAC (Certs. [#2233][hmac-2233]); KAS (Certs. [#64][kas-64]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#66][kdf-66]); KTS (AES Certs. [#3507][aes-3507]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1783][rsa-1783], [#1798][rsa-1798], and [#1802][rsa-1802]); SHS (Certs. [#2886][shs-2886]); Triple-DES (Certs. [#1969][tdes-1969])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#576][component-576]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#575][component-575])|
 |Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.10240][sp-2605]|[#2605][certificate-2605]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497]); DRBG (Certs. [#868][drbg-868]); DSA (Certs. [#983][dsa-983]); ECDSA (Certs. [#706][ecdsa-706]); HMAC (Certs. [#2233][hmac-2233]); KAS (Certs. [#64][kas-64]; key agreement; key establishment methodology provides between 112 bits and 256 bits of encryption strength); KBKDF (Certs. [#66][kdf-66]); KTS (AES Certs. [#3507][aes-3507]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#1783][rsa-1783], [#1798][rsa-1798], and [#1802][rsa-1802]); SHS (Certs. [#2886][shs-2886]); Triple-DES (Certs. [#1969][tdes-1969])<p>Other algorithms: DES; HMAC-MD5; Legacy CAPI KDF; MD2; MD4; MD5; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572]); FIPS186-4 RSA; RSADP - RSADP Primitive (Cert. [#576][component-576])|
 |Boot Manager<sup>[9]</sup>|[10.0.10240][sp-2600]|[#2600][certificate-2600]|FIPS approved algorithms: AES (Cert. [#3497][aes-3497]); HMAC (Cert. [#2233][hmac-2233]); KTS (AES Cert. [#3498][aes-3498]); PBKDF (vendor affirmed); RSA (Cert. [#1784][rsa-1784]); SHS (Certs. [#2871][shs-2871] and [#2886][shs-2886])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
-|BitLocker® Windows OS Loader (winload)<sup>[10]</sup>|[10.0.10240][sp-2601]|[#2601][certificate-2601]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497] and [#3498][aes-3498]); RSA (Cert. [#1784][rsa-1784]); SHS (Cert. [#2871][shs-2871])<p>Other algorithms: MD5; NDRNG|
-|BitLocker® Windows Resume (winresume)<sup>[11]</sup>|[10.0.10240][sp-2602]|[#2602][certificate-2602]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497] and [#3498][aes-3498]); RSA (Cert. [#1784][rsa-1784]); SHS (Cert. [#2871][shs-2871])<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (dumpfve.sys)<sup>[12]</sup>|[10.0.10240][sp-2603]|[#2603][certificate-2603]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497] and [#3498][aes-3498])|
+|BitLocker&reg; Windows OS Loader (winload)<sup>[10]</sup>|[10.0.10240][sp-2601]|[#2601][certificate-2601]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497] and [#3498][aes-3498]); RSA (Cert. [#1784][rsa-1784]); SHS (Cert. [#2871][shs-2871])<p>Other algorithms: MD5; NDRNG|
+|BitLocker&reg; Windows Resume (winresume)<sup>[11]</sup>|[10.0.10240][sp-2602]|[#2602][certificate-2602]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497] and [#3498][aes-3498]); RSA (Cert. [#1784][rsa-1784]); SHS (Cert. [#2871][shs-2871])<p>Other algorithms: MD5|
+|BitLocker&reg; Dump Filter (dumpfve.sys)<sup>[12]</sup>|[10.0.10240][sp-2603]|[#2603][certificate-2603]|FIPS approved algorithms: AES (Certs. [#3497][aes-3497] and [#3498][aes-3498])|
 |Code Integrity (ci.dll)|[10.0.10240][sp-2604]|[#2604][certificate-2604]|FIPS approved algorithms: RSA (Certs. [#1784][rsa-1784]); SHS (Certs. [#2871][shs-2871])<p>Other algorithms: AES (non-compliant); MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572])|
 |Secure Kernel Code Integrity (skci.dll)<sup>[13]</sup>|[10.0.10240][sp-2607]|[#2607][certificate-2607]|FIPS approved algorithms: RSA (Certs. [#1784][rsa-1784]); SHS (Certs. [#2871][shs-2871])<p>Other algorithms: MD5<p>Validated Component Implementations: FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#572][component-572])|
 
@@ -237,9 +238,9 @@ Validated Editions: RT, Pro, Enterprise, Phone, Embedded
 |Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[6.3.9600 6.3.9600.17031][sp-2357]|[#2357][certificate-2357]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); DSA (Cert. [#855][dsa-855]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [#2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)#2832, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#288][component-288]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#289][component-289]); SP800-135 - Section 4.1.1, IKEv1 Section 4.1.2, IKEv2 Section 4.2, TLS (Cert. [#323][component-323])|
 |Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.3.9600 6.3.9600.17042][sp-2356]|[#2356][certificate-2356]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [# 2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)<p>Validated Component Implementations: FIPS186-4 ECDSA - Signature Generation of hash sized messages (Cert. [#288][component-288]); FIPS186-4 RSA; PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#289][component-289])|
 |Boot Manager|[6.3.9600 6.3.9600.17031][sp-2351]|[#2351][certificate-2351]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); HMAC (Cert. [#1773][hmac-1773]); PBKDF (vendor affirmed); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
-|BitLocker® Windows OS Loader (winload)|[6.3.9600 6.3.9600.17031][sp-2352]|[#2352][certificate-2352]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [#2396][shs-2396])<p>Other algorithms: MD5; NDRNG|
-|BitLocker® Windows Resume (winresume)<sup>[14]</sup>|[6.3.9600 6.3.9600.17031][sp-2353]|[#2353][certificate-2353]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (dumpfve.sys)|[6.3.9600 6.3.9600.17031][sp-2354]|[#2354][certificate-2354]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832])<p>Other algorithms: N/A|
+|BitLocker&reg; Windows OS Loader (winload)|[6.3.9600 6.3.9600.17031][sp-2352]|[#2352][certificate-2352]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [#2396][shs-2396])<p>Other algorithms: MD5; NDRNG|
+|BitLocker&reg; Windows Resume (winresume)<sup>[14]</sup>|[6.3.9600 6.3.9600.17031][sp-2353]|[#2353][certificate-2353]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5|
+|BitLocker&reg; Dump Filter (dumpfve.sys)|[6.3.9600 6.3.9600.17031][sp-2354]|[#2354][certificate-2354]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832])<p>Other algorithms: N/A|
 |Code Integrity (ci.dll)|[6.3.9600 6.3.9600.17031][sp-2355]|[#2355][certificate-2355]|FIPS approved algorithms: RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [# 2373][shs-2373])<p>Other algorithms: MD5<p>Validated Component Implementations: PKCS#1 v2.1 - RSASP1 Signature Primitive (Cert. [#289][component-289])|
 
 <sup>\[14\]</sup> Applies only to Pro, Enterprise, and Embedded 8.
@@ -256,9 +257,9 @@ Validated Editions: RT, Home, Pro, Enterprise, Phone
 |Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.2.9200][sp-1892]|[#1892][sp-1892]|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258]); DSA (Cert. [#687][dsa-687]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. [#1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3][kdf-3]); PBKDF (vendor affirmed); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#258); DSA (Cert.); ECDSA (Cert.); HMAC (Cert.); KAS (Cert); KBKDF (Cert.); PBKDF (vendor affirmed); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)|
 |Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.2.9200][sp-1891]|[#1891][certificate-1891]|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258] and [#259][drbg-259]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. [#1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3][kdf-3]); PBKDF (vendor affirmed); RNG (Cert. [#1110][rng-1110]); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#258 and); ECDSA (Cert.); HMAC (Cert.); KAS (Cert.); KBKDF (Cert.); PBKDF (vendor affirmed); RNG (Cert.); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)|
 |Boot Manager|[6.2.9200][sp-1895]|[#1895][sp-1895]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); HMAC (Cert. #[1347][hmac-1347]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
-|BitLocker® Windows OS Loader (WINLOAD)|[6.2.9200][sp-1896]|[#1896][sp-1896]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: AES (Cert. [#2197][aes-2197]; non-compliant); MD5; Non-Approved RNG|
-|BitLocker® Windows Resume (WINRESUME)<sup>[15]</sup>|[6.2.9200][sp-1898]|[#1898][sp-1898]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (DUMPFVE.SYS)|[6.2.9200][sp-1899]|[#1899][sp-1899]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198])<p>Other algorithms: N/A|
+|BitLocker&reg; Windows OS Loader (WINLOAD)|[6.2.9200][sp-1896]|[#1896][sp-1896]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: AES (Cert. [#2197][aes-2197]; non-compliant); MD5; Non-Approved RNG|
+|BitLocker&reg; Windows Resume (WINRESUME)<sup>[15]</sup>|[6.2.9200][sp-1898]|[#1898][sp-1898]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
+|BitLocker&reg; Dump Filter (DUMPFVE.SYS)|[6.2.9200][sp-1899]|[#1899][sp-1899]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198])<p>Other algorithms: N/A|
 |Code Integrity (CI.DLL)|[6.2.9200][sp-1897]|[#1897][sp-1897]|FIPS approved algorithms: RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
 |Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.2.9200][sp-1893]|[#1893][sp-1893]|FIPS approved algorithms: DSA (Cert. [#686][dsa-686]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386]); Triple-DES MAC (Triple-DES Cert. [#1386][tdes-1386], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)#1902); Triple-DES (Cert.); Triple-DES MAC (Triple-DES Certificate, vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Certificate, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
 |Enhanced Cryptographic Provider (RSAENH.DLL)|[6.2.9200][sp-1894]|[#1894][sp-1894]|FIPS approved algorithms: AES (Cert. [#2196][aes-2196]); HMAC (Cert. #1346); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386])<p>Other algorithms: AES (Cert. [#2196][aes-2196], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
@@ -278,7 +279,7 @@ Validated Editions: Windows 7, Windows 7 SP1
 |Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.1.7600.16385][sp-1328]<p>[6.1.7600.16915][sp-1328]<p>[6.1.7600.21092][sp-1328]<p>[6.1.7601.17514][sp-1328]<p>[6.1.7601.17725][sp-1328]<p>[6.1.7601.17919][sp-1328]<p>[6.1.7601.21861][sp-1328]<p>[6.1.7601.22076][sp-1328]|[1328][certificate-1328]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1178][aes-1178]); AES GCM (Cert. [#1168][aes-1168], vendor-affirmed); AES GMAC (Cert. [#1168][aes-1168], vendor-affirmed); DRBG (Certs. [#23][drbg-23] and [#24][drbg-24]); ECDSA (Cert. [#141][ecdsa-141]); HMAC (Cert. [#677][hmac-677]); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides 80 bits to 256 bits of encryption strength); RNG (Cert. [#649][rng-649]); RSA (Certs. [#559][rsa-559] and [#560][rsa-560]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: AES (Cert. [#1168][aes-1168], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD2; MD4; MD5; HMAC MD5; RC2; RC4|
 |Boot Manager|[6.1.7600.16385][sp-1319]<p>[6.1.7601.17514][sp-1319]|[1319][certificate-1319]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); RSA (Cert. [#557][rsa-557]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5#1168 and); HMAC (Cert.); RSA (Cert.); SHS (Cert.)<p>Other algorithms: MD5|
 |Winload OS Loader (winload.exe)|[6.1.7600.16385][sp-1326]<p>[6.1.7600.16757][sp-1326]<p>[6.1.7600.20897][sp-1326]<p>[6.1.7600.20916][sp-1326]<p>[6.1.7601.17514][sp-1326]<p>[6.1.7601.17556][sp-1326]<p>[6.1.7601.21655][sp-1326]<p>[6.1.7601.21675][sp-1326]|[1326][certificate-1326]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); RSA (Cert. [#557][rsa-557]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
-|BitLocker™ Drive Encryption|[6.1.7600.16385][sp-1332]<p>[6.1.7600.16429][sp-1332]<p>[6.1.7600.16757][sp-1332]<p>[6.1.7600.20536][sp-1332]<p>[6.1.7600.20873][sp-1332]<p>[6.1.7600.20897][sp-1332]<p>[6.1.7600.20916][sp-1332]<p>[6.1.7601.17514][sp-1332]<p>[6.1.7601.17556][sp-1332]<p>[6.1.7601.21634][sp-1332]<p>[6.1.7601.21655][sp-1332]<p>[6.1.7601.21675][sp-1332]|[1332][certificate-1332]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: Elephant Diffuser|
+|BitLocker&trade; Drive Encryption|[6.1.7600.16385][sp-1332]<p>[6.1.7600.16429][sp-1332]<p>[6.1.7600.16757][sp-1332]<p>[6.1.7600.20536][sp-1332]<p>[6.1.7600.20873][sp-1332]<p>[6.1.7600.20897][sp-1332]<p>[6.1.7600.20916][sp-1332]<p>[6.1.7601.17514][sp-1332]<p>[6.1.7601.17556][sp-1332]<p>[6.1.7601.21634][sp-1332]<p>[6.1.7601.21655][sp-1332]<p>[6.1.7601.21675][sp-1332]|[1332][certificate-1332]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: Elephant Diffuser|
 |Code Integrity (CI.DLL)|[6.1.7600.16385][sp-1327]<p>[6.1.7600.17122][sp-1327]v[6.1.7600.21320][sp-1327]<p>[6.1.7601.17514][sp-1327]<p>[6.1.7601.17950][sp-1327]v[6.1.7601.22108][sp-1327]|[1327][certificate-1327]|FIPS approved algorithms: RSA (Cert. [#557][rsa-557]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: MD5|
 |Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.1.7600.16385][sp-1331]<p>(no change in SP1)|[1331][certificate-1331]|FIPS approved algorithms: DSA (Cert. [#385][dsa-385]); RNG (Cert. [#649][rng-649]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846]); Triple-DES MAC (Triple-DES Cert. [#846][tdes-846], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4|
 |Enhanced Cryptographic Provider (RSAENH.DLL)|[6.1.7600.16385][sp-1330]<p>(no change in SP1)|[1330][certificate-1330]|FIPS approved algorithms: AES (Cert. [#1168][aes-1168]); DRBG (Cert. [#23][drbg-23]); HMAC (Cert. [#673][hmac-673]); SHS (Cert. [#1081][shs-1081]); RSA (Certs. [#557][rsa-557] and [#559][rsa-559]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
@@ -312,7 +313,7 @@ Validated Editions: Ultimate Edition
 |--- |--- |--- |--- |
 |Enhanced Cryptographic Provider (RSAENH) | [6.0.6000.16386][sp-893] | [893][certificate-893] | FIPS approved algorithms: AES (Cert. [#553][aes-553]); HMAC (Cert. [#297][hmac-297]); RNG (Cert. [#321][rng-321]); RSA (Certs. [#255][rsa-255] and [#258][rsa-258]); SHS (Cert. [#618][shs-618]); Triple-DES (Cert. [#549][tdes-549])<br/><br/>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
 |Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6000.16386][sp-894]|[894][certificate-894]|FIPS approved algorithms: DSA (Cert. [#226][dsa-226]); RNG (Cert. [#321][rng-321]); SHS (Cert. [#618][shs-618]); Triple-DES (Cert. [#549][tdes-549]); Triple-DES MAC (Triple-DES Cert. [#549][tdes-549], vendor affirmed)<br/><br/>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); MD5; RC2; RC2 MAC; RC4|
-|BitLocker™ Drive Encryption|[6.0.6000.16386][sp-947]|[947][certificate-947]|FIPS approved algorithms: AES (Cert. [#715][aes-715]); HMAC (Cert. [#386][hmac-386]); SHS (Cert. [#737][shs-737])<br/><br/>Other algorithms: Elephant Diffuser|
+|BitLocker&trade; Drive Encryption|[6.0.6000.16386][sp-947]|[947][certificate-947]|FIPS approved algorithms: AES (Cert. [#715][aes-715]); HMAC (Cert. [#386][hmac-386]); SHS (Cert. [#737][shs-737])<br/><br/>Other algorithms: Elephant Diffuser|
 |Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6000.16386, 6.0.6000.16870 and 6.0.6000.21067][sp-891]|[891][certificate-891]|FIPS approved algorithms: AES (Cert. #553); ECDSA (Cert. #60); HMAC (Cert. #298); RNG (Cert. #321); RSA (Certs. #257 and #258); SHS (Cert. #618); Triple-DES (Cert. #549)<br/><br/>Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 bits to 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; HMAC MD5|
 
 </details>
@@ -481,9 +482,9 @@ Validated Editions: Standard, Datacenter, Storage Server
 |Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[10.0.14393][sp-2937]|[2937][certificate-2937]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)|
 |Kernel Mode Cryptographic Primitives Library (cng.sys)|[10.0.14393][sp-2936]|[2936][certificate-2936]|FIPS approved algorithms: AES (Cert. [#4064][aes-4064]); DRBG (Cert. [#1217][drbg-1217]); DSA (Cert. [#1098][dsa-1098]); ECDSA (Cert. [#911][ecdsa-911]); HMAC (Cert. [#2651][hmac-2651]); KAS (Cert. [#92][kas-92]); KBKDF (Cert. [#101][kdf-101]); KTS (AES Cert. [#4062][aes-4062]; key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); PBKDF (vendor affirmed); RSA (Certs. [#2192][rsa-2192], [#2193, and #2195][rsa-2193]); SHS (Cert. [#3347][shs-3347]); Triple-DES (Cert. [#2227][tdes-2227])<p>Other algorithms: HMAC-MD5; MD5; NDRNG; DES; Legacy CAPI KDF; MD2; MD4; RC2; RC4; RSA (encrypt/decrypt)|
 |Boot Manager|[10.0.14393][sp-2931]|[2931][certificate-2931]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); HMAC (Cert. [#2651][hmac-2651]); PBKDF (vendor affirmed); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5; PBKDF (non-compliant); VMK KDF|
-|BitLocker® Windows OS Loader (winload)|[10.0.14393][sp-2932]|[2932][certificate-2932]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: NDRNG; MD5|
-|BitLocker® Windows Resume (winresume)|[10.0.14393][sp-2933]|[2933][certificate-2934]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (dumpfve.sys)|[10.0.14393][sp-2934]|[2934][certificate-2934]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064])|
+|BitLocker&reg; Windows OS Loader (winload)|[10.0.14393][sp-2932]|[2932][certificate-2932]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: NDRNG; MD5|
+|BitLocker&reg; Windows Resume (winresume)|[10.0.14393][sp-2933]|[2933][certificate-2934]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064]); RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: MD5|
+|BitLocker&reg; Dump Filter (dumpfve.sys)|[10.0.14393][sp-2934]|[2934][certificate-2934]|FIPS approved algorithms: AES (Certs. [#4061][aes-4061] and [#4064][aes-4064])|
 |Code Integrity (ci.dll)|[10.0.14393][sp-2935]|[2935][certificate-2935]|FIPS approved algorithms: RSA (Cert. [#2193][rsa-2193]); SHS (Cert. [#3347][shs-3347])<p>Other algorithms: AES (non-compliant); MD5|
 |Secure Kernel Code Integrity (skci.dll)|[10.0.14393][sp-2938]|[2938][certificate-2938]|FIPS approved algorithms: RSA (Certs. [#2193][rsa-2193]); SHS (Certs. [#3347][shs-3347])<p>Other algorithms: MD5|
 
@@ -501,9 +502,9 @@ Validated Editions: Server, Storage Server,
 |Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[6.3.9600 6.3.9600.17031][sp-2357]|[2357][certificate-2357]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); DSA (Cert. [#855][dsa-855]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [#2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)|
 |Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.3.9600 6.3.9600.17042][sp-2356]|[2356][certificate-2356]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); DRBG (Certs. [#489][drbg-489]); ECDSA (Cert. [#505][ecdsa-505]); HMAC (Cert. [#1773][hmac-1773]); KAS (Cert. [#47][kas-47]); KBKDF (Cert. [#30][kdf-30]); PBKDF (vendor affirmed); RSA (Certs. [#1487][rsa-1487], [#1493, and #1519][rsa-1493]); SHS (Cert. [# 2373][shs-2373]); Triple-DES (Cert. [#1692][tdes-1692])<p>Other algorithms: AES (Cert. [#2832][aes-2832], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)|
 |Boot Manager|[6.3.9600 6.3.9600.17031][sp-2351]|[2351][certificate-2351]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); HMAC (Cert. [#1773][hmac-1773]); PBKDF (vendor affirmed); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5; KDF (non-compliant); PBKDF (non-compliant)|
-|BitLocker® Windows OS Loader (winload)|[6.3.9600 6.3.9600.17031][sp-2352]|[2352][certificate-2352]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [#2396][shs-2396])<p>Other algorithms: MD5; NDRNG|
-|BitLocker® Windows Resume (winresume)<sup>[16]</sup>|[6.3.9600 6.3.9600.17031][sp-2353]|[2353][certificate-2353]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (dumpfve.sys)<sup>[17]</sup>|[6.3.9600 6.3.9600.17031][sp-2354]|[2354][certificate-2354]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832])<p>Other algorithms: N/A|
+|BitLocker&reg; Windows OS Loader (winload)|[6.3.9600 6.3.9600.17031][sp-2352]|[2352][certificate-2352]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [#2396][shs-2396])<p>Other algorithms: MD5; NDRNG|
+|BitLocker&reg; Windows Resume (winresume)<sup>[16]</sup>|[6.3.9600 6.3.9600.17031][sp-2353]|[2353][certificate-2353]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832]); RSA (Cert. [#1494][rsa-1494]); SHS (Certs. [# 2373][shs-2373] and [#2396][shs-2396])<p>Other algorithms: MD5|
+|BitLocker&reg; Dump Filter (dumpfve.sys)<sup>[17]</sup>|[6.3.9600 6.3.9600.17031][sp-2354]|[2354][certificate-2354]|FIPS approved algorithms: AES (Cert. [#2832][aes-2832])<p>Other algorithms: N/A|
 |Code Integrity (ci.dll)|[6.3.9600 6.3.9600.17031][sp-2355]|[2355][certificate-2355]|FIPS approved algorithms: RSA (Cert. [#1494][rsa-1494]); SHS (Cert. [# 2373][shs-2373])<p>Other algorithms: MD5|
 
 <sup>\[16\]</sup> Doesn't apply to **Azure StorSimple Virtual Array Windows Server 2012 R2**
@@ -522,9 +523,9 @@ Validated Editions: Server, Storage Server
 |Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.2.9200][sp-1892]|[1892]|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258]); DSA (Cert. [#687][dsa-687]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. #[1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3][kdf-3]); PBKDF (vendor affirmed); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#687); ECDSA (Cert.); HMAC (Cert. #); KAS (Cert.); KBKDF (Cert.); PBKDF (vendor affirmed); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)|
 |Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.2.9200][sp-1891]|[1891][certificate-1891]|FIPS approved algorithms: AES (Certs. [#2197][aes-2197] and [#2216][aes-2216]); DRBG (Certs. [#258][drbg-258] and [#259][drbg-259]); ECDSA (Cert. [#341][ecdsa-341]); HMAC (Cert. [#1345][hmac-1345]); KAS (Cert. [#36][kas-36]); KBKDF (Cert. [#3][kdf-3]); PBKDF (vendor affirmed); RNG (Cert. [#1110][rng-1110]); RSA (Certs. [#1133][rsa-1133] and [#1134][rsa-1134]); SHS (Cert. [#1903][shs-1903]); Triple-DES (Cert. [#1387][tdes-1387])<p>Other algorithms: AES (Cert. [#2197][aes-2197], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)#1110); RSA (Certs.  and); SHS (Cert.); Triple-DES (Cert.)<p>Other algorithms: AES (Certificate, key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)|
 |Boot Manager|[6.2.9200][sp-1895]|[1895][sp-1895]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); HMAC (Cert. #[1347][hmac-1347]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
-|BitLocker® Windows OS Loader (WINLOAD)|[6.2.9200][sp-1896]|[1896][sp-1896]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: AES (Cert. [#2197][aes-2197]; non-compliant); MD5; Non-Approved RNG|
-|BitLocker® Windows Resume (WINRESUME)|[6.2.9200][sp-1898]|[1898][sp-1898]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
-|BitLocker® Dump Filter (DUMPFVE.SYS)|[6.2.9200][sp-1899]|[1899][sp-1899]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198])<p>Other algorithms: N/A|
+|BitLocker&reg; Windows OS Loader (WINLOAD)|[6.2.9200][sp-1896]|[1896][sp-1896]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: AES (Cert. [#2197][aes-2197]; non-compliant); MD5; Non-Approved RNG|
+|BitLocker&reg; Windows Resume (WINRESUME)|[6.2.9200][sp-1898]|[1898][sp-1898]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
+|BitLocker&reg; Dump Filter (DUMPFVE.SYS)|[6.2.9200][sp-1899]|[1899][sp-1899]|FIPS approved algorithms: AES (Certs. [#2196][aes-2196] and [#2198][aes-2198])<p>Other algorithms: N/A|
 |Code Integrity (CI.DLL)|[6.2.9200][sp-1897]|[1897][sp-1897]|FIPS approved algorithms: RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1903][shs-1903])<p>Other algorithms: MD5|
 |Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.2.9200][sp-1893]|[1893][sp-1893]|FIPS approved algorithms: DSA (Cert. [#686][dsa-686]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386]); Triple-DES MAC (Triple-DES Cert. [#1386][tdes-1386], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4; Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
 |Enhanced Cryptographic Provider (RSAENH.DLL)|[6.2.9200][sp-1894]|[1894][sp-1894]|FIPS approved algorithms: AES (Cert. [#2196][aes-2196]); HMAC (Cert. [#1346][hmac-1346]); RSA (Cert. [#1132][rsa-1132]); SHS (Cert. [#1902][shs-1902]); Triple-DES (Cert. [#1386][tdes-1386])<p>Other algorithms: AES (Cert. [#2196][aes-2196], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (Cert. [#1386][tdes-1386], key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
@@ -542,7 +543,7 @@ Validated Editions: Server, Storage Server
 |Cryptographic Primitives Library (bcryptprimitives.dll)|[66.1.7600.16385 or 6.1.7601.17514][sp-1336]|[1336][certificate-1336]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); AES GCM (Cert. [#1168][aes-1168], vendor-affirmed); AES GMAC (Cert. [#1168][aes-1168], vendor-affirmed); DRBG (Certs. [#23][drbg-23] and [#27][drbg-27]); DSA (Cert. [#391][dsa-391]); ECDSA (Cert. [#142][ecdsa-142]); HMAC (Cert. [#686][hmac-686]); KAS (SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides between 80 bits and 256 bits of encryption strength); RNG (Cert. [#649][rng-649]); RSA (Certs. [#559][rsa-559] and [#567][rsa-567]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: AES (Cert. [#1168][aes-1168], key wrapping; key establishment methodology provides between 128 bits and 256 bits of encryption strength); DES; HMAC MD5; MD2; MD4; MD5; RC2; RC4|
 |Enhanced Cryptographic Provider (RSAENH)|[6.1.7600.16385][sp-1337]|[1337][certificate-1337]|FIPS approved algorithms: AES (Cert. [#1168][aes-1168]); DRBG (Cert. [#23][drbg-23]); HMAC (Cert. [#687][hmac-687]); SHS (Cert. [#1081][shs-1081]); RSA (Certs. [#559][rsa-559] and [#568][rsa-568]); Triple-DES (Cert. [#846][tdes-846])<p>Other algorithms: DES; MD2; MD4; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 bits and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)|
 |Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.1.7600.16385][sp-1338]|[1338][certificate-1338]|FIPS approved algorithms: DSA (Cert. [#390][dsa-390]); RNG (Cert. [#649][rng-649]); SHS (Cert. [#1081][shs-1081]); Triple-DES (Cert. [#846][tdes-846]); Triple-DES MAC (Triple-DES Cert. [#846][tdes-846], vendor affirmed)<p>Other algorithms: DES; DES MAC; DES40; DES40 MAC; Diffie-Hellman; MD5; RC2; RC2 MAC; RC4|
-|BitLocker™ Drive Encryption|[6.1.7600.16385, 6.1.7600.16429, 6.1.7600.16757, 6.1.7600.20536, 6.1.7600.20873, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21634, 6.1.7601.21655 or 6.1.7601.21675][sp-1339]|[1339][certificate-1339]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: Elephant Diffuser|
+|BitLocker&trade; Drive Encryption|[6.1.7600.16385, 6.1.7600.16429, 6.1.7600.16757, 6.1.7600.20536, 6.1.7600.20873, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21634, 6.1.7601.21655 or 6.1.7601.21675][sp-1339]|[1339][certificate-1339]|FIPS approved algorithms: AES (Certs. [#1168][aes-1168] and [#1177][aes-1177]); HMAC (Cert. [#675][hmac-675]); SHS (Cert. [#1081][shs-1081])<p>Other algorithms: Elephant Diffuser|
 
 </details>
 
@@ -661,20 +662,20 @@ For more details, expand each algorithm section.
 |**ECB** (e/d; 128, 192, 256); **CBC** (e/d; 128, 192, 256); **CFB8** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256); **CTR** (int only; 128, 192, 256)<p>**CCM** (KS: 128, 192, 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16)<p>**CMAC (Generation/Verification)** (KS: 128; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 192; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 256; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16)<p>**GCM** (KS: AES_128(e/d) Tag Length(s): 128 120 112 104 96) (KS: AES_192(e/d) Tag Length(s): 128 120 112 104 96)<p>(KS: AES_256(e/d) Tag Length(s): 128 120 112 104 96)<p>**IV Generated:**  (Externally); PT Lengths Tested:  (0, 1024, 8, 1016); Additional authenticated data lengths tested:  (0, 1024, 8, 1016); IV Lengths Tested: (0, 0); 96 bit IV supported<p>GMAC supported<p>**XTS((KS: XTS_128**((e/d)(f)) **KS: XTS_256**((e/d)(f))|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update SymCrypt Cryptographic Implementations [#4064][aes-4064]<p>Version 10.0.14393|
 |**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update RSA32 Algorithm Implementations [#4063][aes-4063]<p>Version 10.0.14393|
 |**KW**  (AE, AD, AES-128, AES-192, AES-256, FWD, 128, 192, 256, 320, 2048)<p>AES [validation number 4064][aes-4064]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations [#4062][aes-4062]<p>Version 10.0.14393|
-|**CCM** (KS: 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 4064][aes-4064]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update BitLocker® Cryptographic Implementations [#4061][aes-4061]<p>Version 10.0.14393|
+|**CCM** (KS: 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 4064][aes-4064]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update BitLocker&reg; Cryptographic Implementations [#4061][aes-4061]<p>Version 10.0.14393|
 |**KW**  (AE, AD, AES-128, AES-192, AES-256, FWD, 128, 256, 192, 320, 2048)<p>AES [validation number 3629][aes-3629]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" Cryptography Next Generation (CNG) Implementations [#3652][aes-3652]<p>Version 10.0.10586|
-|**CCM** (KS: 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 3629][aes-3629]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" BitLocker® Cryptographic Implementations [#3653][aes-3653]<p>Version 10.0.10586|
+|**CCM** (KS: 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 3629][aes-3629]|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" BitLocker&reg; Cryptographic Implementations [#3653][aes-3653]<p>Version 10.0.10586|
 |**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" RSA32 Algorithm Implementations [#3630][aes-3630]<p>Version 10.0.10586|
 |**ECB** (e/d; 128, 192, 256); **CBC** (e/d; 128, 192, 256); **CFB8** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256); **CTR** (int only; 128, 192, 256)<p>**CCM** (KS: 128, 192, 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16)<p>**CMAC (Generation/Verification)** (KS: 128; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 192; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 256; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16)<p>**GCM** (KS: AES_128(e/d) Tag Length(s): 128 120 112 104 96) (KS: AES_192(e/d) Tag Length(s): 128 120 112 104 96)<p>(KS: AES_256(e/d) Tag Length(s): 128 120 112 104 96)v**IV Generated:**  (Externally); PT Lengths Tested:  (0, 1024, 8, 1016); Additional authenticated data lengths tested:  (0, 1024, 8, 1016); IV Lengths Tested: (0, 0); 96 bit IV supported<p>GMAC supported<p>**XTS((KS: XTS_128**((e/d) (f)) **KS: XTS_256**((e/d) (f))|Microsoft Windows 10 November 2015 Update; Microsoft Surface Book, Surface Pro 4, Surface Pro 3, Surface 3, Surface Pro 2, and Surface Pro w/ Windows 10 November 2015 Update; Windows 10 Mobile for Microsoft Lumia 950 and Microsoft Lumia 635; Windows 10 for Microsoft Surface Hub 84" and Surface Hub 55" SymCrypt Cryptographic Implementations [#3629][aes-3629]<p>Version 10.0.10586|
 |**KW** (AE, AD, AES-128, AES-192, AES-256, FWD, 128, 256, 192, 320, 2048)<p>AES [validation number 3497][aes-3497]|Microsoft Windows 10 Anniversary Update, Windows Server 2016, Windows Storage Server 2016; Microsoft Surface Book, Surface Pro 4, Surface Pro 3 and Surface 3 w/ Windows 10 Anniversary Update; Microsoft Lumia 950 and Lumia 650 w/ Windows 10 Mobile Anniversary Update Cryptography Next Generation (CNG) Implementations [#3507][aes-3507]<p>Version 10.0.10240|
-|**CCM** (KS: 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 3497][aes-3497]|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 BitLocker® Cryptographic Implementations [#3498][aes-3498]<p>Version 10.0.10240|
+|**CCM** (KS: 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 3497][aes-3497]|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 BitLocker&reg; Cryptographic Implementations [#3498][aes-3498]<p>Version 10.0.10240|
 |**ECB** (e/d; 128, 192, 256); **CBC** (e/d; 128, 192, 256); **CFB8** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256); **CTR** (int only; 128, 192, 256)<p>**CCM** (KS: 128, 192, 256) (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16)<p>**CMAC(Generation/Verification)** (KS: 128; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 192; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 256; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16)<p>**GCM** (KS: AES_128(e/d) Tag Length(s): 128 120 112 104 96) (KS: AES_192(e/d) Tag Length(s): 128 120 112 104 96)<p>(KS: AES_256(e/d) Tag Length(s): 128 120 112 104 96)<p>**IV Generated:**  (Externally); PT Lengths Tested:  (0, 1024, 8, 1016); Additional authenticated data lengths tested:  (0, 1024, 8, 1016); IV Lengths Tested:  (0, 0); 96 bit IV supported<p>GMAC supported<p>**XTS((KS: XTS_128**((e/d)(f)) **KS: XTS_256**((e/d)(f))|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations [#3497][aes-3497]<p>Version 10.0.10240|
 |**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 RSA32 Algorithm Implementations [#3476][aes-3476]<p>Version 10.0.10240|
 |**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry RSA32 Algorithm Implementations [#2853][aes-2853]<p>Version 6.3.9600|
 |**CCM (KS: 256)** (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 32 (Nonce Length(s): 12 (Tag Length(s): 16)<p>AES [validation number 2832][aes-2832]|Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 BitLocker Cryptographic Implementations [#2848][aes-2848]<p>Version 6.3.9600|
 |**CCM (KS: 128, 192, 256)** (Assoc. Data Len Range: 0-0, 2^16) (Payload Length Range: 0 - 0 (Nonce Length(s): 7 8 9 10 11 12 13 (Tag Length(s): 4 6 8 10 12 14 16)<p>**CMAC (Generation/Verification) (KS: 128**; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 192; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16) (KS: 256; Block Size(s): Full/Partial; Msg Len(s) Min: 0 Max: 2^16; Tag Len(s) Min: 0 Max: 16)<p>**GCM (KS: AES_128**(e/d) Tag Length(s): 128 120 112 104 96) (KS: AES_192(e/d) Tag Length(s): 128 120 112 104 96)<p>**(KS: AES_256**(e/d) Tag Length(s): 128 120 112 104 96)<p>**IV Generated:**  (Externally); PT Lengths Tested:  (0, 128, 1024, 8, 1016); Additional authenticated data lengths tested:  (0, 128, 1024, 8, 1016); IV Lengths Tested:  (8, 1024); 96 bit IV supported;<p>**OtherIVLen_Supported<p>GMAC supported**|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations #[2832][aes-2832]<p>Version 6.3.9600|
 |**CCM (KS: 128, 192, 256**) **(Assoc. Data Len Range**: 0-0, 2^16) **(Payload Length Range**: 0 - 32 (**Nonce Length(s)**: 7 8 9 10 11 12 13 **(Tag Length(s)**: 4 6 8 10 12 14 16)<p>AES [validation number 2197][aes-2197]<p>**CMAC** (Generation/Verification) **(KS: 128;** Block Size(s); **Msg Len(s)** Min: 0 Max: 2^16; **Tag Len(s)** Min: 16 Max: 16) **(KS: 192**; Block Size(s); **Msg Len(s)** Min: 0 Max: 2^16; **Tag Len(s)** Min: 16 Max: 16) **(KS: 256**; Block Size(s); **Msg Len(s)** Min: 0 Max: 2^16; **Tag Len(s)** Min: 16 Max: 16)<p>AES [validation number 2197][aes-2197]<p>**GCM(KS: AES_128**(e/d) Tag Length(s): 128 120 112 104 96) **(KS: AES_192**(e/d) Tag Length(s): 128 120 112 104 96)<p>**(KS: AES_256**(e/d) Tag Length(s): 128 120 112 104 96)<p>**IV Generated:** (Externally); **PT Lengths Tested:** (0, 128, 1024, 8, 1016); **Additional authenticated data lengths tested:** (0, 128, 1024, 8, 1016); **IV Lengths Tested:** (8, 1024); **96 bit IV supported<p>GMAC supported**|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations [#2216][aes-2216]|
-|**CCM (KS: 256) (Assoc. Data Len Range: **0 - 0, 2^16**) (Payload Length Range:** 0 - 32 (**Nonce Length(s)**: 12 **(Tag Length(s)**: 16)<p>AES [validation number 2196][aes-2196]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 BitLocker® Cryptographic Implementations [#2198][aes-2198]|
+|**CCM (KS: 256) (Assoc. Data Len Range: **0 - 0, 2^16**) (Payload Length Range:** 0 - 32 (**Nonce Length(s)**: 12 **(Tag Length(s)**: 16)<p>AES [validation number 2196][aes-2196]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 BitLocker&reg; Cryptographic Implementations [#2198][aes-2198]|
 |**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);<p>**CFB128** (e/d; 128, 192, 256);<p>**CTR** (int only; 128, 192, 256)|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) [#2197][aes-2197]|
 |**ECB** (e/d; 128, 192, 256);<p>**CBC** (e/d; 128, 192, 256);<p>**CFB8** (e/d; 128, 192, 256);|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Symmetric Algorithm Implementations (RSA32) [#2196][aes-2196]|
 |**CCM (KS: 128, 192, 256) (Assoc. Data Len Range: **0 - 0, 2^16**) (Payload Length Range:** 0 - 32 **(Nonce Length(s):** 7 8 9 10 11 12 13 **(Tag Length(s): **4 6 8 10 12 14 16**)**<p>AES [validation number 1168][aes-1168]|Windows Server 2008 R2 and SP1 CNG algorithms [#1187][aes-1187]<p>Windows 7 Ultimate and SP1 CNG algorithms [#1178][aes-1178]|
@@ -842,7 +843,7 @@ For more details, expand each algorithm section.
 |<p> **HMAC-SHA1** (Key Sizes Ranges Tested:  KSBS)<br>SHS[validation number  2886][shs-2886]<p> **HMAC-SHA256** (Key Size Ranges Tested:  KSBS)<br>SHS[validation number  2886][shs-2886]<p> **HMAC-SHA384** (Key Size Ranges Tested:  KSBS)<br>[ SHSvalidation number  2886][shs-2886]<p> **HMAC-SHA512** (Key Size Ranges Tested:  KSBS)<br>SHS[validation number  2886][shs-2886]|Microsoft Windows 10, Microsoft Surface Pro 3 with Windows 10, Microsoft Surface 3 with Windows 10, Microsoft Surface Pro 2 with Windows 10, Microsoft Surface Pro with Windows 10 SymCrypt Cryptographic Implementations [#2233][hmac-2233]<p>Version 10.0.10240|
 |<p> **HMAC-SHA1** (Key Sizes Ranges Tested:  KSBS)<br>SHS [validation number 2373][shs-2373]<p> **HMAC-SHA256** (Key Size Ranges Tested:  KSBS)<br>SHS [validation number 2373][shs-2373]<p> **HMAC-SHA384** (Key Size Ranges Tested:  KSBS)<br>SHS [validation number 2373][shs-2373]<p> **HMAC-SHA512** (Key Size Ranges Tested:  KSBS)<br>SHS [validation number 2373][shs-2373]|Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry, and Microsoft StorSimple 8100 SymCrypt Cryptographic Implementations [#1773][hmac-1773]<p>Version 6.3.9600|
 |<p> **HMAC-SHA1** (Key Sizes Ranges Tested: KSBS) SHS [validation number 2764][shs-2764]<p> **HMAC-SHA256** (Key Size Ranges Tested: KSBS) SHS [validation number 2764][shs-2764]<p> **HMAC-SHA384** (Key Size Ranges Tested: KSBS) SHS [validation number 2764][shs-2764]<p> **HMAC-SHA512** (Key Size Ranges Tested: KSBS) SHS [validation number 2764][shs-2764]|Windows CE and Windows Mobile, and Windows Embedded Handheld Enhanced Cryptographic Provider (RSAENH) [#2122][hmac-2122]<p>Version 5.2.29344|
-|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KS**[#1902][shs-1902]<p> **HMAC-SHA256 (Key Size Ranges Tested: KS**[#1902][shs-1902]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 BitLocker® Cryptographic Implementations #[1347][hmac-1347]|
+|<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KS**[#1902][shs-1902]<p> **HMAC-SHA256 (Key Size Ranges Tested: KS**[#1902][shs-1902]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 BitLocker&reg; Cryptographic Implementations #[1347][hmac-1347]|
 |<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS**[#1902][shs-1902]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS**[#1902][shs-1902]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS**[#1902][shs-1902]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS**[#1902][shs-1902]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Enhanced Cryptographic Provider (RSAENH) #[1346][hmac-1346]|
 |<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS)**<br>**SHS**[#1903][shs-1903]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS)**<br>**SHS**[#1903][shs-1903]<p> **HMAC-SHA384 (Key Size Ranges Tested: KSBS)**<br>**SHS**[#1903][shs-1903]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS)**<br>**SHS**[#1903][shs-1903]|Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Next Generation Symmetric Cryptographic Algorithms Implementations (SYMCRYPT) #[1345][hmac-1345]|
 |<p> **HMAC-SHA1 (Key Sizes Ranges Tested: KSBS) SHS** [validation number 1773][shs-1773]<p> **HMAC-SHA256 (Key Size Ranges Tested: KSBS) SHS** [validation number 1773][shs-1773]<br>**Tinker HMAC-SHA384 (Key Size Ranges Tested: KSBS) SHS** [validation number 1773][shs-1773]<p> **HMAC-SHA512 (Key Size Ranges Tested: KSBS) SHS** [validation number 1773][shs-1773]|Windows Embedded Compact 7 Cryptographic Primitives Library (bcrypt.dll), [#1364][hmac-1364]|
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md b/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md
index ad5d373c27..0b7b4ac15b 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/install-md-app-guard.md
@@ -15,6 +15,7 @@ ms.custom: asr
 ms.technology: itpro-security
 ms.collection: 
   - highpri
+  - tier2
 ms.topic: how-to
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md
index 6b284c9344..afc6aaef79 100644
--- a/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-application-guard/md-app-guard-overview.md
@@ -15,6 +15,7 @@ ms.custom: asr
 ms.technology: itpro-security
 ms.collection: 
   - highpri
+  - tier2
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
index 393d33b206..ba53584a0f 100644
--- a/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
+++ b/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview.md
@@ -10,6 +10,7 @@ manager: aaroncz
 ms.technology: itpro-security
 adobe-target: true
 ms.collection: 
+  - tier2
   - highpri
 ms.date: 12/31/2017
 ms.topic: article
diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md
index e6f9bec119..969423ed4a 100644
--- a/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md
+++ b/windows/security/threat-protection/security-policy-settings/account-lockout-duration.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 08/16/2021
 ms.technology: itpro-security
@@ -23,7 +24,7 @@ ms.technology: itpro-security
 
 **Applies to**
 -   Windows 11
--   Windows 10
+-   Windows 10
 
 Describes the best practices, location, values, and security considerations for the **Account lockout duration** security policy setting.
 
@@ -47,7 +48,7 @@ It's advisable to set **Account lockout duration** to approximately 15 minutes.
 
 ### Default values
 
-The following table lists the actual and effective default policy values. Default values are also listed on the policy’s property page.
+The following table lists the actual and effective default policy values. Default values are also listed on the policy's property page.
 
 | Server type or Group Policy Object (GPO) | Default value |
 | - | - |
diff --git a/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md b/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md
index 7436c55ccd..1afd00892e 100644
--- a/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md
+++ b/windows/security/threat-protection/security-policy-settings/account-lockout-threshold.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 11/02/2018
 ms.technology: itpro-security
@@ -34,7 +35,7 @@ The **Account lockout threshold** policy setting determines the number of failed
 Brute force password attacks can be automated to try thousands or even millions of password combinations for any or all user accounts. Limiting the number of failed sign-ins that can be performed nearly eliminates the effectiveness of such attacks.
 However, it's important to note that a denial-of-service (DoS) attack could be performed on a domain that has an account lockout threshold configured. A malicious user could programmatically attempt a series of password attacks against all users in the organization. If the number of attempts is greater than the value of **Account lockout threshold**, the attacker could potentially lock every account.
 
-Failed attempts to unlock a workstation can cause account lockout even if the [Interactive logon: Require Domain Controller authentication to unlock workstation](interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md) security option is disabled. Windows doesn’t need to contact a domain controller for an unlock if you enter the same password that you logged on with, but if you enter a different password, Windows has to contact a domain controller in case you had changed your password from another machine.
+Failed attempts to unlock a workstation can cause account lockout even if the [Interactive logon: Require Domain Controller authentication to unlock workstation](interactive-logon-require-domain-controller-authentication-to-unlock-workstation.md) security option is disabled. Windows doesn't need to contact a domain controller for an unlock if you enter the same password that you logged on with, but if you enter a different password, Windows has to contact a domain controller in case you had changed your password from another machine.
 
 ### Possible values
 
diff --git a/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md
index 8cdc5e7f53..f28c135001 100644
--- a/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md
+++ b/windows/security/threat-protection/security-policy-settings/how-to-configure-security-policy-settings.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 04/19/2017
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md
index b65e3da751..41c09e6eb4 100644
--- a/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md
+++ b/windows/security/threat-protection/security-policy-settings/interactive-logon-machine-inactivity-limit.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 09/18/2018
 ms.technology: itpro-security
@@ -29,7 +30,7 @@ Describes the best practices, location, values, management, and security conside
 
 ## Reference
 
-Beginning with Windows Server 2012 and Windows 8, Windows detects user-input inactivity of a sign-in (logon) session by using the security policy setting **Interactive logon: Machine inactivity limit**. If the amount of inactive time exceeds the inactivity limit set by this policy, then the user’s session locks by invoking the screen saver (screen saver should be active on the destination machine). You can activate the screen saver by enabling the Group Policy **User Configuration\Administrative Templates\Control Panel\Personalization\Enable screen saver**. This policy setting allows you to control the locking time by using Group Policy.
+Beginning with Windows Server 2012 and Windows 8, Windows detects user-input inactivity of a sign-in (logon) session by using the security policy setting **Interactive logon: Machine inactivity limit**. If the amount of inactive time exceeds the inactivity limit set by this policy, then the user's session locks by invoking the screen saver (screen saver should be active on the destination machine). You can activate the screen saver by enabling the Group Policy **User Configuration\Administrative Templates\Control Panel\Personalization\Enable screen saver**. This policy setting allows you to control the locking time by using Group Policy.
 
 > [!NOTE]
 > If the **Interactive logon: Machine inactivity limit** security policy setting is configured, the device locks not only when inactive time exceeds the inactivity limit, but also when the screensaver activates or when the display turns off because of power settings.
@@ -42,7 +43,7 @@ If **Machine will be locked after** is set to zero (0) or has no value (blank),
 
 ### Best practices
 
-Set the time for elapsed user-input inactivity based on the device’s usage and location requirements. For example, if the device or device is in a public area, you might want to have the device automatically lock after a short period of inactivity to prevent unauthorized access. However, if the device is used by an individual or group of trusted individuals, such as in a restricted manufacturing area, automatically locking the device might hinder productivity.
+Set the time for elapsed user-input inactivity based on the device's usage and location requirements. For example, if the device or device is in a public area, you might want to have the device automatically lock after a short period of inactivity to prevent unauthorized access. However, if the device is used by an individual or group of trusted individuals, such as in a restricted manufacturing area, automatically locking the device might hinder productivity.
 
 ### Location
 
@@ -52,7 +53,7 @@ Computer Configuration\\Policies\\Windows Settings\\Security Settings\\Local Pol
 
 ### Default values
 
-The following table lists the actual and effective default values for this policy. Default values are also listed on the policy’s property page.
+The following table lists the actual and effective default values for this policy. Default values are also listed on the policy's property page.
 
 | Server type or GPO | Default value |
 | - | - |
@@ -85,7 +86,7 @@ This policy setting helps you prevent unauthorized access to devices under your
 
 ### Countermeasure
 
-Set the time for elapsed user-input inactivity time by using the security policy setting **Interactive logon: Machine inactivity limit** based on the device’s usage and location requirements.
+Set the time for elapsed user-input inactivity time by using the security policy setting **Interactive logon: Machine inactivity limit** based on the device's usage and location requirements.
 
 ### Potential impact
 
diff --git a/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md b/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md
index bcdeda1852..5eb5a6a0b4 100644
--- a/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md
+++ b/windows/security/threat-protection/security-policy-settings/log-on-as-a-batch-job.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 04/19/2017
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/security-policy-settings/minimum-password-length.md b/windows/security/threat-protection/security-policy-settings/minimum-password-length.md
index cde1a5df8b..b74a12c22c 100644
--- a/windows/security/threat-protection/security-policy-settings/minimum-password-length.md
+++ b/windows/security/threat-protection/security-policy-settings/minimum-password-length.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 03/30/2022
 ms.technology: itpro-security
@@ -50,7 +51,7 @@ In addition, requiring long passwords can actually decrease the security of an o
 
 ### Default values
 
-The following table lists the actual and effective default policy values. Default values are also listed on the policy’s property page.
+The following table lists the actual and effective default policy values. Default values are also listed on the policy's property page.
 
 | Server type or Group Policy Object (GPO) | Default value |
 | - | - |
diff --git a/windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md b/windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md
index 67f28accd4..42cb403da5 100644
--- a/windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md
+++ b/windows/security/threat-protection/security-policy-settings/network-access-restrict-clients-allowed-to-make-remote-sam-calls.md
@@ -11,6 +11,7 @@ ms.reviewer:
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ---
 
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md
index a9b0b1ae89..465adda6a7 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-configure-encryption-types-allowed-for-kerberos.md
@@ -9,6 +9,7 @@ author: vinaypamnani-msft
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 04/19/2017
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md b/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md
index e1585d602e..23edb11516 100644
--- a/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md
+++ b/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 04/19/2017
 ms.technology: itpro-security
@@ -75,7 +76,7 @@ HKLM\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel
 
 ### Default values
 
-The following table lists the actual and effective default values for this policy. Default values are also listed on the policy’s property page.
+The following table lists the actual and effective default values for this policy. Default values are also listed on the policy's property page.
 
 | Server type or GPO | Default value |
 | - | - |
diff --git a/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md b/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md
index c7b9c6ad9d..fa765fce39 100644
--- a/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md
+++ b/windows/security/threat-protection/security-policy-settings/password-must-meet-complexity-requirements.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.technology: itpro-security
 ms.date: 12/31/2017
diff --git a/windows/security/threat-protection/security-policy-settings/password-policy.md b/windows/security/threat-protection/security-policy-settings/password-policy.md
index b4163b8525..e28f4796b7 100644
--- a/windows/security/threat-protection/security-policy-settings/password-policy.md
+++ b/windows/security/threat-protection/security-policy-settings/password-policy.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 04/19/2017
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/security-policy-settings/security-policy-settings.md b/windows/security/threat-protection/security-policy-settings/security-policy-settings.md
index 79136b00da..e5a2bba1d9 100644
--- a/windows/security/threat-protection/security-policy-settings/security-policy-settings.md
+++ b/windows/security/threat-protection/security-policy-settings/security-policy-settings.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 04/19/2017
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md b/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md
index 0439fc8ee1..7e7e14c8c0 100644
--- a/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md
+++ b/windows/security/threat-protection/security-policy-settings/user-rights-assignment.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 12/16/2021
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md
index c2987aea45..bf315dd58b 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-overview.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 10/16/2017
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
index e0b383d280..7acb0c4301 100644
--- a/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/microsoft-recommended-driver-block-rules.md
@@ -11,6 +11,7 @@ ms.localizationpriority: medium
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 author: jgeurten
 ms.reviewer: jsuther
 ms.author: vinpa
diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md
index 6ac671b28d..9f5f66cd38 100644
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control.md
@@ -11,6 +11,7 @@ ms.localizationpriority: medium
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 author: vinaypamnani-msft
 ms.reviewer: isbrahm
 ms.author: vinpa
@@ -38,7 +39,7 @@ In most organizations, information is the most valuable asset, and ensuring that
 
 Application control can help mitigate these types of security threats by restricting the applications that users are allowed to run and the code that runs in the System Core (kernel). Application control policies can also block unsigned scripts and MSIs, and restrict Windows PowerShell to run in [Constrained Language Mode](/powershell/module/microsoft.powershell.core/about/about_language_modes).
 
-Application control is a crucial line of defense for protecting enterprises given today’s threat landscape, and it has an inherent advantage over traditional antivirus solutions. Specifically, application control moves away from an application trust model where all applications are assumed trustworthy to one where applications must earn trust in order to run. Many organizations, like the Australian Signals Directorate, understand the significance of application control and frequently cite application control as one of the most effective means for addressing the threat of executable file-based malware (.exe, .dll, etc.).
+Application control is a crucial line of defense for protecting enterprises given today's threat landscape, and it has an inherent advantage over traditional antivirus solutions. Specifically, application control moves away from an application trust model where all applications are assumed trustworthy to one where applications must earn trust in order to run. Many organizations, like the Australian Signals Directorate, understand the significance of application control and frequently cite application control as one of the most effective means for addressing the threat of executable file-based malware (.exe, .dll, etc.).
 
 > [!NOTE]
 > Although application control can significantly harden your computers against malicious code, we recommend that you continue to maintain an enterprise antivirus solution for a well-rounded enterprise security portfolio.
diff --git a/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md b/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md
index 3f25837b24..41b535c96b 100644
--- a/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md
+++ b/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center.md
@@ -11,6 +11,7 @@ manager: aaroncz
 ms.technology: itpro-security
 ms.collection: 
   - highpri
+  - tier2
 ms.date: 12/31/2017
 ms.topic: article
 ---
diff --git a/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md b/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md
index 4aeb22b1f0..c1666220e4 100644
--- a/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md
+++ b/windows/security/threat-protection/windows-firewall/assign-security-group-filters-to-the-gpo.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 09/07/2021
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/windows-firewall/best-practices-configuring.md b/windows/security/threat-protection/windows-firewall/best-practices-configuring.md
index c3caab02c2..b607d65908 100644
--- a/windows/security/threat-protection/windows-firewall/best-practices-configuring.md
+++ b/windows/security/threat-protection/windows-firewall/best-practices-configuring.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: article
 ms.technology: itpro-security
 appliesto: 
diff --git a/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md b/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md
index f8f7c3977f..8fcc33e6d3 100644
--- a/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md
+++ b/windows/security/threat-protection/windows-firewall/create-a-group-policy-object.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 09/07/2021
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md b/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md
index ea3861bad7..a1ea12a2a2 100644
--- a/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md
+++ b/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md
@@ -14,6 +14,7 @@ manager: aaroncz
 audience: ITPro
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 09/07/2021
 ms.technology: itpro-security
@@ -71,6 +72,6 @@ This topic describes how to create a standard port rule for a specified protocol
 
 9. On the **Profile** page, select the network location types to which this rule applies, and then click **Next**.
 
-   >**Note:**  If this GPO is targeted at server computers running Windows Server 2008 that never move, consider modifying the rules to apply to all network location type profiles. This prevents an unexpected change in the applied rules if the network location type changes due to the installation of a new network card or the disconnection of an existing network card’s cable. A disconnected network card is automatically assigned to the Public network location type.
+   >**Note:**  If this GPO is targeted at server computers running Windows Server 2008 that never move, consider modifying the rules to apply to all network location type profiles. This prevents an unexpected change in the applied rules if the network location type changes due to the installation of a new network card or the disconnection of an existing network card's cable. A disconnected network card is automatically assigned to the Public network location type.
    
 10. On the **Name** page, type a name and description for your rule, and then click **Finish**.
diff --git a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md
index 77ea069a39..cce89be934 100644
--- a/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md
+++ b/windows/security/threat-protection/windows-firewall/create-wmi-filters-for-the-gpo.md
@@ -9,6 +9,7 @@ author: paolomatarazzo
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 09/07/2021
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md
index 0dead272e0..7bd82a831e 100644
--- a/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md
+++ b/windows/security/threat-protection/windows-firewall/open-the-group-policy-management-console-to-windows-firewall-with-advanced-security.md
@@ -9,6 +9,7 @@ author: paolomatarazzo
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 09/08/2021
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md
index 56c5f70707..13cf7bd61a 100644
--- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md
+++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md
@@ -8,6 +8,7 @@ ms.author: paoloma
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 09/08/2021
 ms.reviewer: jekrynit
@@ -36,7 +37,7 @@ The Windows Defender Firewall with Advanced Security MMC snap-in is more flexibl
 
 ## Feature description
 
-Windows Defender Firewall with Advanced Security is an important part of a layered security model. By providing host-based, two-way network traffic filtering for a device, Windows Defender Firewall blocks unauthorized network traffic flowing into or out of the local device. Windows Defender Firewall also works with Network Awareness so that it can apply security settings appropriate to the types of networks to which the device is connected. Windows Defender Firewall and Internet Protocol Security (IPsec) configuration settings are integrated into a single Microsoft Management Console (MMC) named Windows Defender Firewall, so Windows Defender Firewall is also an important part of your network’s isolation strategy.
+Windows Defender Firewall with Advanced Security is an important part of a layered security model. By providing host-based, two-way network traffic filtering for a device, Windows Defender Firewall blocks unauthorized network traffic flowing into or out of the local device. Windows Defender Firewall also works with Network Awareness so that it can apply security settings appropriate to the types of networks to which the device is connected. Windows Defender Firewall and Internet Protocol Security (IPsec) configuration settings are integrated into a single Microsoft Management Console (MMC) named Windows Defender Firewall, so Windows Defender Firewall is also an important part of your network's isolation strategy.
 
 ## Practical applications
 
diff --git a/windows/security/threat-protection/windows-platform-common-criteria.md b/windows/security/threat-protection/windows-platform-common-criteria.md
index ecb03506c1..c79a189b61 100644
--- a/windows/security/threat-protection/windows-platform-common-criteria.md
+++ b/windows/security/threat-protection/windows-platform-common-criteria.md
@@ -10,6 +10,8 @@ ms.localizationpriority: medium
 ms.date: 11/4/2022
 ms.reviewer: paoloma
 ms.technology: itpro-security
+ms.collection:
+    - tier3
 ---
 
 # Common Criteria certifications
diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md b/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
index a6ce54113b..4ff1d859be 100644
--- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
+++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-configure-using-wsb-file.md
@@ -7,6 +7,7 @@ ms.author: vinpa
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier2
 ms.topic: article
 ms.date: 6/30/2022
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
index 3987f694a9..6e2f83d198 100644
--- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
+++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
@@ -7,6 +7,7 @@ ms.author: vinpa
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier2
 ms.topic: article
 ms.date: 6/30/2022
 ms.technology: itpro-security
diff --git a/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md b/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md
index b08b62f673..bac325bbe0 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md
@@ -8,6 +8,7 @@ author: vinaypamnani-msft
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 02/14/2022
 ms.reviewer: rmunck
@@ -20,7 +21,7 @@ ms.technology: itpro-security
 
 The Security Compliance Toolkit (SCT) is a set of tools that allows enterprise security administrators to download, analyze, test, edit, and store Microsoft-recommended security configuration baselines for Windows and other Microsoft products.
 
-The SCT enables administrators to effectively manage their enterprise’s Group Policy Objects (GPOs). Using the toolkit, administrators can compare their current GPOs with Microsoft-recommended GPO baselines or other baselines, edit them, store them in GPO backup file format, and apply them broadly through Active Directory or individually through local policy.
+The SCT enables administrators to effectively manage their enterprise's Group Policy Objects (GPOs). Using the toolkit, administrators can compare their current GPOs with Microsoft-recommended GPO baselines or other baselines, edit them, store them in GPO backup file format, and apply them broadly through Active Directory or individually through local policy.
 <p></p>
 
 The Security Compliance Toolkit consists of:
@@ -74,9 +75,9 @@ More information on the Policy Analyzer tool can be found on the [Microsoft Secu
 
 LGPO.exe is a command-line utility that is designed to help automate management of Local Group Policy. 
 Using local policy gives administrators a simple way to verify the effects of Group Policy settings, and is also useful for managing non-domain-joined systems. 
-LGPO.exe can import and apply settings from Registry Policy (Registry.pol) files, security templates, Advanced Auditing backup files, and from formatted “LGPO text” files. 
+LGPO.exe can import and apply settings from Registry Policy (Registry.pol) files, security templates, Advanced Auditing backup files, and from formatted "LGPO text" files. 
 It can export local policy to a GPO backup. 
-It can export the contents of a Registry Policy file to the “LGPO text” format that can then be edited, and can build a Registry Policy file from an LGPO text file.
+It can export the contents of a Registry Policy file to the "LGPO text" format that can then be edited, and can build a Registry Policy file from an LGPO text file.
 
 Documentation for the LGPO tool can be found on the [Microsoft Security Guidance blog](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/new-amp-updated-security-tools/ba-p/1631613) or by [downloading the tool](https://www.microsoft.com/download/details.aspx?id=55319).
 
diff --git a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
index 0c513379b1..807e2e2800 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/windows-security-baselines.md
@@ -8,6 +8,7 @@ author: vinaypamnani-msft
 manager: aaroncz
 ms.collection: 
   - highpri
+  - tier3
 ms.topic: conceptual
 ms.date: 01/26/2022
 ms.reviewer: jmunck
diff --git a/windows/security/trusted-boot.md b/windows/security/trusted-boot.md
index 64689039a1..ad5c50ecc7 100644
--- a/windows/security/trusted-boot.md
+++ b/windows/security/trusted-boot.md
@@ -1,7 +1,6 @@
 ---
 title: Secure Boot and Trusted Boot
 description: Trusted Boot prevents corrupted components from loading during the boot-up process in Windows 11
-search.appverid: MET150
 author: vinaypamnani-msft
 ms.author: vinpa
 manager: aaroncz
@@ -9,9 +8,6 @@ ms.topic: conceptual
 ms.date: 09/21/2021
 ms.prod: windows-client
 ms.technology: itpro-security
-ms.localizationpriority: medium
-ms.collection: 
-ms.custom: 
 ms.reviewer: jsuther
 ---
 
@@ -25,11 +21,11 @@ Secure Boot and Trusted Boot help prevent malware and corrupted components from
 
 The first step in protecting the operating system is to ensure that it boots securely after the initial hardware and firmware boot sequences have safely finished their early boot sequences. Secure Boot makes a safe and trusted path from the Unified Extensible Firmware Interface (UEFI) through the Windows kernel's Trusted Boot sequence. Malware attacks on the Windows boot sequence are blocked by the signature-enforcement handshakes throughout the boot sequence between the UEFI, bootloader, kernel, and application environments.
 
-As the PC begins the boot process, it will first verify that the firmware is digitally signed, reducing the risk of firmware rootkits. Secure Boot then checks all code that runs before the operating system and checks the OS bootloader’s digital signature to ensure that it's trusted by the Secure Boot policy and hasn’t been tampered with. 
+As the PC begins the boot process, it will first verify that the firmware is digitally signed, reducing the risk of firmware rootkits. Secure Boot then checks all code that runs before the operating system and checks the OS bootloader's digital signature to ensure that it's trusted by the Secure Boot policy and hasn't been tampered with. 
 
 ## Trusted Boot
 
-Trusted Boot picks up the process that started with Secure Boot. The Windows bootloader verifies the digital signature of the Windows kernel before loading it. The Windows kernel, in turn, verifies every other component of the Windows startup process, including boot drivers, startup files, and your antimalware product’s early-launch antimalware (ELAM) driver. If any of these files were tampered, the bootloader detects the problem and refuses to load the corrupted component. Tampering or malware attacks on the Windows boot sequence are blocked by the signature-enforcement handshakes between the UEFI, bootloader, kernel, and application environments.
+Trusted Boot picks up the process that started with Secure Boot. The Windows bootloader verifies the digital signature of the Windows kernel before loading it. The Windows kernel, in turn, verifies every other component of the Windows startup process, including boot drivers, startup files, and your antimalware product's early-launch antimalware (ELAM) driver. If any of these files were tampered, the bootloader detects the problem and refuses to load the corrupted component. Tampering or malware attacks on the Windows boot sequence are blocked by the signature-enforcement handshakes between the UEFI, bootloader, kernel, and application environments.
 
 Often, Windows can automatically repair the corrupted component, restoring the integrity of Windows and allowing the Windows 11 device to start normally.
 

From 4f496abacae2aa782dcc6add7cc6bb34170a399d Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Thu, 16 Feb 2023 14:15:28 -0500
Subject: [PATCH 3/5] updates

---
 .../hello-for-business/feature-multifactor-unlock.md           | 2 --
 .../hello-for-business/hello-aad-join-cloud-only-deploy.md     | 2 --
 .../hello-for-business/hello-deployment-rdp-certs.md           | 3 +--
 .../hello-for-business/hello-hybrid-cloud-kerberos-trust.md    | 2 --
 4 files changed, 1 insertion(+), 8 deletions(-)

diff --git a/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md b/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
index 8dea56bdd7..a82f25aa93 100644
--- a/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
+++ b/windows/security/identity-protection/hello-for-business/feature-multifactor-unlock.md
@@ -5,8 +5,6 @@ ms.date: 03/20/2018
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
 ms.topic: article
-ms.collection:
-  - tier1
 ---
 # Multi-factor Unlock
 
diff --git a/windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md b/windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md
index e772e421c3..25100512b3 100644
--- a/windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md
+++ b/windows/security/identity-protection/hello-for-business/hello-aad-join-cloud-only-deploy.md
@@ -5,8 +5,6 @@ ms.date: 06/23/2021
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
 ms.topic: article
-ms.collection:
-  - tier1
 ---
 # Cloud-only deployment
 
diff --git a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md
index b38b0f4112..26fb7abfb6 100644
--- a/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md
+++ b/windows/security/identity-protection/hello-for-business/hello-deployment-rdp-certs.md
@@ -3,12 +3,11 @@ title: Deploy certificates for remote desktop sign-in
 description: Learn how to deploy certificates to cloud Kerberos trust and key trust users, to enable remote desktop sign-in with supplied credentials.
 ms.collection: 
   - ContentEngagementFY23
+  - tier1
 ms.topic: article
 ms.date: 11/15/2022
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10 and later</a>
-ms.collection:
-  - tier1
 ---
 
 # Deploy certificates for remote desktop (RDP) sign-in
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md
index 16776a1551..ce118ce681 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-cloud-kerberos-trust.md
@@ -5,8 +5,6 @@ ms.date: 11/1/2022
 appliesto: 
 - ✅ <a href=https://learn.microsoft.com/windows/release-health/supported-versions-windows-client target=_blank>Windows 10, version 21H2 and later</a>
 ms.topic: article
-ms.collection:
-  - tier1
 ---
 # Cloud Kerberos trust deployment
 

From e95405210c2c638a8e8e4b9b70358c8e961fb7cc Mon Sep 17 00:00:00 2001
From: Angela Fleischmann <v-angelaf@microsoft.com>
Date: Thu, 16 Feb 2023 15:57:57 -0700
Subject: [PATCH 4/5] Apply suggestions from code review

---
 .../information-protection/tpm/how-windows-uses-the-tpm.md     | 2 +-
 .../windows-firewall/create-an-inbound-port-rule.md            | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md b/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md
index d2c170111c..d1f3ca2437 100644
--- a/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md
+++ b/windows/security/information-protection/tpm/how-windows-uses-the-tpm.md
@@ -133,7 +133,7 @@ Mobile device management (MDM) solutions can receive simple security assertions
 
 ## Credential Guard
 
-Credential Guard is a new feature in Windows that helps protect Windows credentials in organizations that have deployed AD DS. Historically, a user's credentials (e.g., logon password) were hashed to generate an authorization token. The user employed the token to access resources that he or she was permitted to use. One weakness of the token model is that malware that had access to the operating system kernel could look through the computer's memory and harvest all the access tokens currently in use. The attacker could then use harvested tokens to log on to other machines and collect more credentials. This kind of attack is called a "pass the hash" attack, a malware technique that infects one machine to infect many machines across an organization.
+Credential Guard is a new feature in Windows that helps protect Windows credentials in organizations that have deployed AD DS. Historically, a user's credentials (such as a logon password) were hashed to generate an authorization token. The user employed the token to access resources that he or she was permitted to use. One weakness of the token model is that malware that had access to the operating system kernel could look through the computer's memory and harvest all the access tokens currently in use. The attacker could then use harvested tokens to log on to other machines and collect more credentials. This kind of attack is called a "pass the hash" attack, a malware technique that infects one machine to infect many machines across an organization.
 
 Similar to the way Microsoft Hyper-V keeps virtual machines (VMs) separate from one another, Credential Guard uses virtualization to isolate the process that hashes credentials in a memory area that the operating system kernel cannot access. This isolated memory area is initialized and protected during the boot process so that components in the larger operating system environment cannot tamper with it. Credential Guard uses the TPM to protect its keys with TPM measurements, so they are accessible only during the boot process step when the separate region is initialized; they are not available for the normal operating system kernel. The local security authority code in the Windows kernel interacts with the isolated memory area by passing in credentials and receiving single-use authorization tokens in return.
 
diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md b/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md
index a1ea12a2a2..c4fe91cab2 100644
--- a/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md
+++ b/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md
@@ -72,6 +72,7 @@ This topic describes how to create a standard port rule for a specified protocol
 
 9. On the **Profile** page, select the network location types to which this rule applies, and then click **Next**.
 
-   >**Note:**  If this GPO is targeted at server computers running Windows Server 2008 that never move, consider modifying the rules to apply to all network location type profiles. This prevents an unexpected change in the applied rules if the network location type changes due to the installation of a new network card or the disconnection of an existing network card's cable. A disconnected network card is automatically assigned to the Public network location type.
+   > [Note]
+   > If this GPO is targeted at server computers running Windows Server 2008 that never move, consider modifying the rules to apply to all network location type profiles. This prevents an unexpected change in the applied rules if the network location type changes due to the installation of a new network card or the disconnection of an existing network card's cable. A disconnected network card is automatically assigned to the Public network location type.
    
 10. On the **Name** page, type a name and description for your rule, and then click **Finish**.

From 2a32768362aea0e4b3cba27c4e51a7cf888dceba Mon Sep 17 00:00:00 2001
From: Angela Fleischmann <v-angelaf@microsoft.com>
Date: Thu, 16 Feb 2023 16:06:09 -0700
Subject: [PATCH 5/5] Update create-an-inbound-port-rule.md

Lines 55, 60, and 77: Add missing ! to notes.
---
 .../windows-firewall/create-an-inbound-port-rule.md       | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md b/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md
index c4fe91cab2..2f4b0c3d20 100644
--- a/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md
+++ b/windows/security/threat-protection/windows-firewall/create-an-inbound-port-rule.md
@@ -52,11 +52,13 @@ This topic describes how to create a standard port rule for a specified protocol
 
 4. On the **Rule Type** page of the New Inbound Rule Wizard, click **Custom**, and then click **Next**.
 
-   >**Note:**  Although you can create rules by selecting **Program** or **Port**, those choices limit the number of pages presented by the wizard. If you select **Custom**, you see all of the pages, and have the most flexibility in creating your rules.
+   > [!Note]
+   > Although you can create rules by selecting **Program** or **Port**, those choices limit the number of pages presented by the wizard. If you select **Custom**, you see all of the pages, and have the most flexibility in creating your rules.
 
 5. On the **Program** page, click **All programs**, and then click **Next**.
 
-   >**Note:**  This type of rule is often combined with a program or service rule. If you combine the rule types, you get a firewall rule that limits traffic to a specified port and allows the traffic only when the specified program is running. The specified program cannot receive network traffic on other ports, and other programs cannot receive network traffic on the specified port. If you choose to do this, follow the steps in the [Create an Inbound Program or Service Rule](create-an-inbound-program-or-service-rule.md) procedure in addition to the steps in this procedure to create a single rule that filters network traffic using both program and port criteria.
+   > [!Note]
+   > This type of rule is often combined with a program or service rule. If you combine the rule types, you get a firewall rule that limits traffic to a specified port and allows the traffic only when the specified program is running. The specified program cannot receive network traffic on other ports, and other programs cannot receive network traffic on the specified port. If you choose to do this, follow the steps in the [Create an Inbound Program or Service Rule](create-an-inbound-program-or-service-rule.md) procedure in addition to the steps in this procedure to create a single rule that filters network traffic using both program and port criteria.
 
 6. On the **Protocol and Ports** page, select the protocol type that you want to allow. To restrict the rule to a specified port number, you must select either **TCP** or **UDP**. Because this is an incoming rule, you typically configure only the local port number.
 
@@ -72,7 +74,7 @@ This topic describes how to create a standard port rule for a specified protocol
 
 9. On the **Profile** page, select the network location types to which this rule applies, and then click **Next**.
 
-   > [Note]
+   > [!Note]
    > If this GPO is targeted at server computers running Windows Server 2008 that never move, consider modifying the rules to apply to all network location type profiles. This prevents an unexpected change in the applied rules if the network location type changes due to the installation of a new network card or the disconnection of an existing network card's cable. A disconnected network card is automatically assigned to the Public network location type.
    
 10. On the **Name** page, type a name and description for your rule, and then click **Finish**.
